lainwir3d/dolibarr
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Update product.class.php

Browse Source
This commit is contained in:
Frédéric FRANCE 2019-12-02 20:45:28 +01:00 committed by GitHub
parent b317530b39
commit ac674aae6a
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 8 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
htdocs/product/class/product.class.php
View File

@ -1308,7 +1308,7 @@ class Product extends CommonObject
$sql = "SELECT rowid";
$sql .= " FROM ".MAIN_DB_PREFIX."product_lang";
$sql .= " WHERE fk_product=".$this->id;
$sql .= " AND lang='".$key."'";
$sql .= " AND lang='".$this->db->escape($key)."'";
$result = $this->db->query($sql);
@ -1330,7 +1330,8 @@ class Product extends CommonObject
$sql2 .= ")";
$sql2 .= " VALUES(".$this->id.",'".$this->db->escape($key)."','".$this->db->escape($this->label)."',";
$sql2 .= " '".$this->db->escape($this->description)."'";
if (!empty($conf->global->PRODUCT_USE_OTHER_FIELD_IN_TRANSLATION)) { $sql2 .= ", '".$this->db->escape($this->other)."'";
if (!empty($conf->global->PRODUCT_USE_OTHER_FIELD_IN_TRANSLATION)) {
$sql2 .= ", '".$this->db->escape($this->other)."'";
}
$sql2 .= ")";
}
@ -1344,7 +1345,7 @@ class Product extends CommonObject
$sql = "SELECT rowid";
$sql .= " FROM ".MAIN_DB_PREFIX."product_lang";
$sql .= " WHERE fk_product=".$this->id;
$sql .= " AND lang='".$key."'";
$sql .= " AND lang='".$this->db->escape($key)."'";
$result = $this->db->query($sql);
@ -1354,7 +1355,8 @@ class Product extends CommonObject
$sql2 .= " SET ";
$sql2 .= " label='".$this->db->escape($this->multilangs["$key"]["label"])."',";
$sql2 .= " description='".$this->db->escape($this->multilangs["$key"]["description"])."'";
if (!empty($conf->global->PRODUCT_USE_OTHER_FIELD_IN_TRANSLATION)) { $sql2 .= ", note='".$this->db->escape($this->multilangs["$key"]["other"])."'";
if (!empty($conf->global->PRODUCT_USE_OTHER_FIELD_IN_TRANSLATION)) {
$sql2 .= ", note='".$this->db->escape($this->multilangs["$key"]["other"])."'";
}
$sql2 .= " WHERE fk_product=".$this->id." AND lang='".$this->db->escape($key)."'";
}
@ -1366,7 +1368,8 @@ class Product extends CommonObject
$sql2 .= ")";
$sql2 .= " VALUES(".$this->id.",'".$this->db->escape($key)."','".$this->db->escape($this->multilangs["$key"]["label"])."',";
$sql2 .= " '".$this->db->escape($this->multilangs["$key"]["description"])."'";
if (!empty($conf->global->PRODUCT_USE_OTHER_FIELD_IN_TRANSLATION)) { $sql2 .= ", '".$this->db->escape($this->multilangs["$key"]["other"])."'";
if (!empty($conf->global->PRODUCT_USE_OTHER_FIELD_IN_TRANSLATION)) {
$sql2 .= ", '".$this->db->escape($this->multilangs["$key"]["other"])."'";
}
$sql2 .= ")";
}