From 8b1b3ef1b3734652d166eb8f698ff5bd40b3f961 Mon Sep 17 00:00:00 2001 From: Regis Houssin Date: Wed, 9 Mar 2011 10:04:17 +0000 Subject: [PATCH] Fix: problem with specific numbering module --- htdocs/lib/functions2.lib.php | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/htdocs/lib/functions2.lib.php b/htdocs/lib/functions2.lib.php index 58f4b2e8f9b..47c2698cb26 100644 --- a/htdocs/lib/functions2.lib.php +++ b/htdocs/lib/functions2.lib.php @@ -423,8 +423,8 @@ function get_next_value($db,$mask,$table,$field,$where='',$objsoc='',$date='',$m if ($maskraz > 12) return 'ErrorBadMaskBadRazMonth'; // Define reg - if ($maskraz > 1 && ! preg_match('/^(.*)\{(y+)\}\{(m+)\}/i',$maskwithonlyymcode,$reg)) return 'ErrorCantUseRazInStartedYearIfNoYearMonthInMask'; - if ($maskraz <= 1 && ! preg_match('/^(.*)\{(y+)\}/i',$maskwithonlyymcode,$reg)) return 'ErrorCantUseRazIfNoYearInMask'; + if ($maskraz > 1 && ! preg_match('/^(.*)\{(y)+\}\{(m)+\}/i',$maskwithonlyymcode,$reg) && ! preg_match('/^(.*)\{(m)+\}\{(y)+\}/i',$maskwithonlyymcode,$reg)) return 'ErrorCantUseRazInStartedYearIfNoYearMonthInMask'; + if ($maskraz <= 1 && ! preg_match('/^(.*)\{(y)+\}/i',$maskwithonlyymcode,$reg)) return 'ErrorCantUseRazIfNoYearInMask'; //print "x".$maskwithonlyymcode." ".$maskraz; // Define $yearcomp and $monthcomp (that will be use in the select where to search max number) @@ -448,7 +448,7 @@ function get_next_value($db,$mask,$table,$field,$where='',$objsoc='',$date='',$m $sqlwhere.=') )'; } } - //print "masktri=".$masktri." maskcounter=".$maskcounter." maskraz=".$maskraz." maskoffset=".$maskoffset."
\n"; + //print "masktri=".$masktri." maskcounter=".$maskcounter." maskraz=".$maskraz." maskoffset=".$maskoffset." yearcomp=".$yearcomp."
\n"; // Define $sqlstring $posnumstart=strpos($maskwithnocode,$maskcounter); // Pos of counter in final string (from 0 to ...) @@ -931,7 +931,7 @@ function dol_set_user_param($db, $conf, &$user, $tab) { $sql = "INSERT INTO ".MAIN_DB_PREFIX."user_param(fk_user,entity,param,value)"; $sql.= " VALUES (".$user->id.",".$conf->entity.","; - $sql.= " '".$key."','".addslashes($value)."');"; + $sql.= " '".$key."','".$db->escape($value)."');"; dol_syslog("functions2.lib::dol_set_user_param sql=".$sql, LOG_DEBUG); $result=$db->query($sql);