lainwir3d/dolibarr
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix phpcs

Browse Source
This commit is contained in:
Laurent Destailleur 2021-06-13 18:10:04 +02:00
parent a72f66b456
commit 95ee0f630d
1 changed files with 7 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
htdocs/user/class/user.class.php
View File

@ -442,7 +442,7 @@ class User extends CommonObject
if ($entity < 0) {
if ((empty($conf->multicompany->enabled) || empty($conf->global->MULTICOMPANY_TRANSVERSE_MODE)) && (!empty($user->entity))) {
$sql .= " WHERE u.entity IN (0,".$conf->entity.")";
$sql .= " WHERE u.entity IN (0, ".$this->db->sanitize($conf->entity).")";
} else {
$sql .= " WHERE u.entity IS NOT NULL"; // multicompany is on in transverse mode or user making fetch is on entity 0, so user is allowed to fetch anywhere into database
}
@ -451,7 +451,7 @@ class User extends CommonObject
if (!empty($conf->multicompany->enabled) && !empty($conf->global->MULTICOMPANY_TRANSVERSE_MODE)) {
$sql .= " WHERE u.entity IS NOT NULL"; // multicompany is on in transverse mode or user making fetch is on entity 0, so user is allowed to fetch anywhere into database
} else {
$sql .= " WHERE u.entity IN (0, ".(($entity != '' && $entity >= 0) ? $entity : $conf->entity).")"; // search in entity provided in parameter
$sql .= " WHERE u.entity IN (0, ".$this->db->sanitize(($entity != '' && $entity >= 0) ? $entity : $conf->entity).")"; // search in entity provided in parameter
}
}
@ -961,9 +961,9 @@ class User extends CommonObject
if (!empty($conf->global->MULTICOMPANY_BACKWARD_COMPATIBILITY)) {
$sql .= " AND r.entity IN (0,".(!empty($conf->multicompany->enabled) && !empty($conf->global->MULTICOMPANY_TRANSVERSE_MODE) ? "1," : "").$conf->entity.")";
} else {
$sql .= " AND ur.entity = ".$conf->entity;
$sql .= " AND ur.entity = ".((int) $conf->entity);
}
$sql .= " AND ur.fk_user= ".$this->id;
$sql .= " AND ur.fk_user= ".((int) $this->id);
$sql .= " AND r.perms IS NOT NULL";
if ($moduletag) {
$sql .= " AND r.module = '".$this->db->escape($moduletag)."'";
@ -1289,7 +1289,7 @@ class User extends CommonObject
$sql = "SELECT login FROM ".MAIN_DB_PREFIX."user";
$sql .= " WHERE login ='".$this->db->escape($this->login)."'";
$sql .= " AND entity IN (0,".$this->db->escape($conf->entity).")";
$sql .= " AND entity IN (0, ".$this->db->escape($conf->entity).")";
dol_syslog(get_class($this)."::create", LOG_DEBUG);
$resql = $this->db->query($sql);
@ -1664,7 +1664,7 @@ class User extends CommonObject
// Check if login already exists in same entity or into entity 0.
if ($this->oldcopy->login != $this->login) {
$sqltochecklogin = "SELECT COUNT(*) as nb FROM ".MAIN_DB_PREFIX."user WHERE entity IN (".((int) $this->entity).", 0) AND login = '".$this->db->escape($this->login)."'";
$sqltochecklogin = "SELECT COUNT(*) as nb FROM ".MAIN_DB_PREFIX."user WHERE entity IN (".$this->db->sanitize((int) $this->entity).", 0) AND login = '".$this->db->escape($this->login)."'";
$resqltochecklogin = $this->db->query($sqltochecklogin);
if ($resqltochecklogin) {
$objtochecklogin = $this->db->fetch_object($resqltochecklogin);
@ -1676,7 +1676,7 @@ class User extends CommonObject
}
}
if ($this->email !== '' && $this->oldcopy->email != $this->email) {
$sqltochecklogin = "SELECT COUNT(*) as nb FROM ".MAIN_DB_PREFIX."user WHERE entity IN (".((int) $this->entity).", 0) AND email = '".$this->db->escape($this->email)."'";
$sqltochecklogin = "SELECT COUNT(*) as nb FROM ".MAIN_DB_PREFIX."user WHERE entity IN (".$this->db->sanitize((int) $this->entity).", 0) AND email = '".$this->db->escape($this->email)."'";
$resqltochecklogin = $this->db->query($sqltochecklogin);
if ($resqltochecklogin) {
$objtochecklogin = $this->db->fetch_object($resqltochecklogin);