From 3f72f9b544106dbe9fb89fb7ba28a06f0c8944e0 Mon Sep 17 00:00:00 2001 From: Marc de Lima Lucio <68746600+marc-dll@users.noreply.github.com> Date: Thu, 10 Jun 2021 23:29:37 +0200 Subject: [PATCH 1/2] FIX: project time spent by month: quote mismatch in SQL query to assign to check task assigment --- htdocs/projet/activity/permonth.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/projet/activity/permonth.php b/htdocs/projet/activity/permonth.php index ae4eed48515..83680885fe5 100644 --- a/htdocs/projet/activity/permonth.php +++ b/htdocs/projet/activity/permonth.php @@ -170,7 +170,7 @@ if ($action == 'addtime' && $user->rights->projet->lire && GETPOST('assigntask') { // Test if we are already contact of the project (should be rare but sometimes we can add as task contact without being contact of project, like when admin user has been removed from contact of project) $sql = 'SELECT ec.rowid FROM '.MAIN_DB_PREFIX.'element_contact as ec, '.MAIN_DB_PREFIX.'c_type_contact as tc WHERE tc.rowid = ec.fk_c_type_contact'; - $sql .= ' AND ec.fk_socpeople = '.$idfortaskuser." AND ec.element_id = '.$object->fk_project.' AND tc.element = 'project' AND source = 'internal'"; + $sql .= ' AND ec.fk_socpeople = '.$idfortaskuser." AND ec.element_id = ".$object->fk_project." AND tc.element = 'project' AND source = 'internal'"; $resql = $db->query($sql); if ($resql) { From 0315f4519878b570e79b69570b88e5ff8f71f773 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Fri, 11 Jun 2021 18:10:57 +0200 Subject: [PATCH 2/2] Update permonth.php --- htdocs/projet/activity/permonth.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/projet/activity/permonth.php b/htdocs/projet/activity/permonth.php index 83680885fe5..854c9194315 100644 --- a/htdocs/projet/activity/permonth.php +++ b/htdocs/projet/activity/permonth.php @@ -170,7 +170,7 @@ if ($action == 'addtime' && $user->rights->projet->lire && GETPOST('assigntask') { // Test if we are already contact of the project (should be rare but sometimes we can add as task contact without being contact of project, like when admin user has been removed from contact of project) $sql = 'SELECT ec.rowid FROM '.MAIN_DB_PREFIX.'element_contact as ec, '.MAIN_DB_PREFIX.'c_type_contact as tc WHERE tc.rowid = ec.fk_c_type_contact'; - $sql .= ' AND ec.fk_socpeople = '.$idfortaskuser." AND ec.element_id = ".$object->fk_project." AND tc.element = 'project' AND source = 'internal'"; + $sql .= ' AND ec.fk_socpeople = '.((int) $idfortaskuser)." AND ec.element_id = ".((int) $object->fk_project)." AND tc.element = 'project' AND source = 'internal'"; $resql = $db->query($sql); if ($resql) {