diff --git a/htdocs/comm/mailing/class/advtargetemailing.class.php b/htdocs/comm/mailing/class/advtargetemailing.class.php index b450f5a0872..9d6cccdacf5 100644 --- a/htdocs/comm/mailing/class/advtargetemailing.class.php +++ b/htdocs/comm/mailing/class/advtargetemailing.class.php @@ -114,22 +114,17 @@ class AdvanceTargetingMailing extends CommonObject $error=0; // Clean parameters - if (isset($this->fk_element)) $this->fk_element=trim($this->fk_element); + if (isset($this->fk_element)) $this->fk_element=(int) $this->fk_element; if (isset($this->type_element)) $this->type_element=trim($this->type_element); if (isset($this->name)) $this->name=trim($this->name); if (isset($this->filtervalue)) $this->filtervalue=trim($this->filtervalue); - if (isset($this->fk_user_author)) $this->fk_user_author=trim($this->fk_user_author); - if (isset($this->fk_user_mod)) $this->fk_user_mod=trim($this->fk_user_mod); - - // Check parameters // Put here code to add control on parameters values // Insert request $sql = "INSERT INTO ".MAIN_DB_PREFIX."advtargetemailing("; - $sql.= "name,"; $sql.= "entity,"; $sql.= "fk_element,"; @@ -138,10 +133,7 @@ class AdvanceTargetingMailing extends CommonObject $sql.= "fk_user_author,"; $sql.= "datec,"; $sql.= "fk_user_mod"; - - $sql.= ") VALUES ("; - $sql.= " ".(! isset($this->name)?'NULL':"'".$this->db->escape($this->name)."'").","; $sql.= " ".$conf->entity.","; $sql.= " ".(! isset($this->fk_element)?'NULL':"'".$this->db->escape($this->fk_element)."'").","; @@ -149,9 +141,7 @@ class AdvanceTargetingMailing extends CommonObject $sql.= " ".(! isset($this->filtervalue)?'NULL':"'".$this->db->escape($this->filtervalue)."'").","; $sql.= " ".$user->id.","; $sql.= " '".$this->db->idate(dol_now())."',"; - $sql.= " ".$user->id; - - + $sql.= " null"; $sql.= ")"; $this->db->begin(); @@ -396,14 +386,10 @@ class AdvanceTargetingMailing extends CommonObject $error=0; // Clean parameters - if (isset($this->fk_element)) $this->fk_element=trim($this->fk_element); + if (isset($this->fk_element)) $this->fk_element=(int) $this->fk_element; if (isset($this->type_element)) $this->type_element=trim($this->type_element); if (isset($this->name)) $this->name=trim($this->name); if (isset($this->filtervalue)) $this->filtervalue=trim($this->filtervalue); - if (isset($this->fk_user_author)) $this->fk_user_author=trim($this->fk_user_author); - if (isset($this->fk_user_mod)) $this->fk_user_mod=trim($this->fk_user_mod); - - // Check parameters // Put here code to add a control on parameters values @@ -417,7 +403,6 @@ class AdvanceTargetingMailing extends CommonObject $sql.= " type_element=".(isset($this->type_element)?"'".$this->db->escape($this->type_element)."'":"null").","; $sql.= " filtervalue=".(isset($this->filtervalue)?"'".$this->db->escape($this->filtervalue)."'":"null").","; $sql.= " fk_user_mod=".$user->id; - $sql.= " WHERE rowid=".$this->id; $this->db->begin(); diff --git a/htdocs/compta/localtax/class/localtax.class.php b/htdocs/compta/localtax/class/localtax.class.php index b0178bd09e1..30d2d0de33c 100644 --- a/htdocs/compta/localtax/class/localtax.class.php +++ b/htdocs/compta/localtax/class/localtax.class.php @@ -97,9 +97,6 @@ class Localtax extends CommonObject $this->amount=trim($this->amount); $this->label=trim($this->label); $this->note=trim($this->note); - $this->fk_bank=trim($this->fk_bank); - $this->fk_user_creat=trim($this->fk_user_creat); - $this->fk_user_modif=trim($this->fk_user_modif); // Insert request $sql = "INSERT INTO ".MAIN_DB_PREFIX."localtax("; @@ -121,9 +118,9 @@ class Localtax extends CommonObject $sql.= " '".$this->db->escape($this->amount)."',"; $sql.= " '".$this->db->escape($this->label)."',"; $sql.= " '".$this->db->escape($this->note)."',"; - $sql.= " ".($this->fk_bank <= 0 ? "NULL" : "'".$this->db->escape($this->fk_bank)."'").","; - $sql.= " '".$this->db->escape($this->fk_user_creat)."',"; - $sql.= " '".$this->db->escape($this->fk_user_modif)."'"; + $sql.= " ".($this->fk_bank <= 0 ? "NULL" : (int) $this->fk_bank).","; + $sql.= " ".((int) $this->fk_user_creat).","; + $sql.= " ".((int) $this->fk_user_modif); $sql.= ")"; dol_syslog(get_class($this)."::create", LOG_DEBUG); @@ -173,9 +170,6 @@ class Localtax extends CommonObject $this->amount=trim($this->amount); $this->label=trim($this->label); $this->note=trim($this->note); - $this->fk_bank=trim($this->fk_bank); - $this->fk_user_creat=trim($this->fk_user_creat); - $this->fk_user_modif=trim($this->fk_user_modif); $this->db->begin(); @@ -188,9 +182,9 @@ class Localtax extends CommonObject $sql.= " amount=".price2num($this->amount).","; $sql.= " label='".$this->db->escape($this->label)."',"; $sql.= " note='".$this->db->escape($this->note)."',"; - $sql.= " fk_bank=".$this->fk_bank.","; - $sql.= " fk_user_creat=".$this->fk_user_creat.","; - $sql.= " fk_user_modif=".$this->fk_user_modif; + $sql.= " fk_bank=".((int) $this->fk_bank).","; + $sql.= " fk_user_creat=".((int) $this->fk_user_creat).","; + $sql.= " fk_user_modif=".((int) $this->fk_user_modif); $sql.= " WHERE rowid=".$this->id; dol_syslog(get_class($this)."::update", LOG_DEBUG); @@ -299,7 +293,6 @@ class Localtax extends CommonObject if ($result < 0) return -1; // End call triggers - $sql = "DELETE FROM ".MAIN_DB_PREFIX."localtax"; $sql.= " WHERE rowid=".$this->id; @@ -324,6 +317,8 @@ class Localtax extends CommonObject */ public function initAsSpecimen() { + global $user; + $this->id=0; $this->tms=''; @@ -333,9 +328,9 @@ class Localtax extends CommonObject $this->amount=''; $this->label=''; $this->note=''; - $this->fk_bank=''; - $this->fk_user_creat=''; - $this->fk_user_modif=''; + $this->fk_bank=0; + $this->fk_user_creat=$user->id; + $this->fk_user_modif=$user->id; } @@ -347,7 +342,6 @@ class Localtax extends CommonObject */ public function solde($year = 0) { - $reglee = $this->localtax_sum_reglee($year); $payee = $this->localtax_sum_payee($year); @@ -528,7 +522,7 @@ class Localtax extends CommonObject $sql.= "'".$this->db->idate($this->datev)."'," . $this->amount; if ($this->note) $sql.=", '".$this->db->escape($this->note)."'"; if ($this->label) $sql.=", '".$this->db->escape($this->label)."'"; - $sql.=", '".$user->id."', NULL"; + $sql.=", ".((int) $user->id).", NULL"; $sql.= ")"; dol_syslog(get_class($this)."::addPayment", LOG_DEBUG); diff --git a/htdocs/compta/salaries/class/paymentsalary.class.php b/htdocs/compta/salaries/class/paymentsalary.class.php index 40cec40ecad..6f3a9de4492 100644 --- a/htdocs/compta/salaries/class/paymentsalary.class.php +++ b/htdocs/compta/salaries/class/paymentsalary.class.php @@ -115,13 +115,9 @@ class PaymentSalary extends CommonObject $error=0; // Clean parameters - $this->fk_user=trim($this->fk_user); $this->amount=trim($this->amount); $this->label=trim($this->label); $this->note=trim($this->note); - $this->fk_bank=trim($this->fk_bank); - $this->fk_user_author=trim($this->fk_user_author); - $this->fk_user_modif=trim($this->fk_user_modif); // Check parameters if (empty($this->fk_user) || $this->fk_user < 0) @@ -140,16 +136,16 @@ class PaymentSalary extends CommonObject $sql.= " datep='".$this->db->idate($this->datep)."',"; $sql.= " datev='".$this->db->idate($this->datev)."',"; $sql.= " amount=".price2num($this->amount).","; - $sql.= " fk_projet='".$this->db->escape($this->fk_project)."',"; + $sql.= " fk_projet=".((int) $this->fk_project).","; $sql.= " fk_typepayment=".$this->fk_typepayment."',"; $sql.= " num_payment='".$this->db->escape($this->num_payment)."',"; $sql.= " label='".$this->db->escape($this->label)."',"; $sql.= " datesp='".$this->db->idate($this->datesp)."',"; $sql.= " dateep='".$this->db->idate($this->dateep)."',"; $sql.= " note='".$this->db->escape($this->note)."',"; - $sql.= " fk_bank=".($this->fk_bank > 0 ? "'".$this->db->escape($this->fk_bank)."'":"null").","; - $sql.= " fk_user_author=".$this->fk_user_author.","; - $sql.= " fk_user_modif=".$this->fk_user_modif; + $sql.= " fk_bank=".($this->fk_bank > 0 ? (int) $this->fk_bank : 'null').","; + $sql.= " fk_user_author=".((int) $this->fk_user_author).","; + $sql.= " fk_user_modif=".($this->fk_user_modif > 0 ? (int) $this->fk_user_modif : 'null'); $sql.= " WHERE rowid=".$this->id;