Merge pull request #12759 from OPEN-DSI/fix-product-supplier-price-extrafields
FIX sql bad request in product buying price extrafields
This commit is contained in:
Laurent Destailleur
GitHub
commit
cbb47e20cb
@ -265,32 +265,31 @@ if (empty($reshook))
|
||||
|
||||
$extralabels = $extrafields->fetch_name_optionals_label("product_fournisseur_price");
|
||||
$extrafield_values = $extrafields->getOptionalsFromPost("product_fournisseur_price");
|
||||
if (!empty($extrafield_values)) {
|
||||
$resql = $db->query("SELECT fk_object FROM " . MAIN_DB_PREFIX . "product_fournisseur_price_extrafields WHERE fk_object = " . $object->product_fourn_price_id);
|
||||
// Insert a new extrafields row, if none exists
|
||||
if ($db->num_rows($resql) != 1) {
|
||||
$sql = "INSERT INTO " . MAIN_DB_PREFIX . "product_fournisseur_price_extrafields (fk_object, ";
|
||||
foreach ($extrafield_values as $key => $value) {
|
||||
$sql .= str_replace('options_', '', $key) . ', ';
|
||||
}
|
||||
$sql = substr($sql, 0, strlen($sql) - 2) . ") VALUES (" . $object->product_fourn_price_id . ", ";
|
||||
foreach ($extrafield_values as $key => $value) {
|
||||
$sql .= '"' . $value . '", ';
|
||||
}
|
||||
$sql = substr($sql, 0, strlen($sql) - 2) . ')';
|
||||
} // else update the existing one
|
||||
else {
|
||||
$sql = "UPDATE " . MAIN_DB_PREFIX . "product_fournisseur_price_extrafields SET ";
|
||||
foreach ($extrafield_values as $key => $value) {
|
||||
$sql .= str_replace('options_', '', $key) . ' = "' . $value . '", ';
|
||||
}
|
||||
$sql = substr($sql, 0, strlen($sql) - 2) . ' WHERE fk_object = ' . $object->product_fourn_price_id;
|
||||
}
|
||||
|
||||
$sql = "";
|
||||
$resql = $db->query("SELECT * FROM ".MAIN_DB_PREFIX."product_fournisseur_price_extrafields WHERE fk_object = ".$object->product_fourn_price_id);
|
||||
// Insert a new extrafields row, if none exists
|
||||
if ($db->num_rows($resql) != 1) {
|
||||
$sql = "INSERT INTO ".MAIN_DB_PREFIX."product_fournisseur_price_extrafields (fk_object, ";
|
||||
foreach ($extrafield_values as $key => $value) {
|
||||
$sql .= str_replace('options_', '', $key).', ';
|
||||
}
|
||||
$sql = substr($sql, 0, strlen($sql) - 2).") VALUES (".$object->product_fourn_price_id.", ";
|
||||
foreach ($extrafield_values as $key => $value) {
|
||||
$sql .= '"'.$value.'", ';
|
||||
}
|
||||
$sql = substr($sql, 0, strlen($sql) - 2).')';
|
||||
}
|
||||
// else update the existing one
|
||||
else {
|
||||
$sql = "UPDATE ".MAIN_DB_PREFIX."product_fournisseur_price_extrafields SET ";
|
||||
foreach ($extrafield_values as $key => $value) {
|
||||
$sql .= str_replace('options_', '', $key).' = "'.$value.'", ';
|
||||
}
|
||||
$sql = substr($sql, 0, strlen($sql) - 2).' WHERE fk_object = '.$object->product_fourn_price_id;
|
||||
}
|
||||
|
||||
// Execute the sql command from above
|
||||
$db->query($sql);
|
||||
// Execute the sql command from above
|
||||
$db->query($sql);
|
||||
}
|
||||
|
||||
$newprice = price2num(GETPOST("price", "alpha"));
|
||||
|
||||
@ -765,25 +764,36 @@ SCRIPT;
|
||||
print '</tr>';
|
||||
}
|
||||
|
||||
// Extrafields
|
||||
$extrafields->fetch_name_optionals_label("product_fournisseur_price");
|
||||
$extralabels = $extrafields->attributes["product_fournisseur_price"]['label'];
|
||||
// Extrafields
|
||||
$resql = $db->query("SELECT * FROM ".MAIN_DB_PREFIX."product_fournisseur_price_extrafields WHERE fk_object = ".$rowid);
|
||||
$extrafield_values = $extrafields->getOptionalsFromPost("product_fournisseur_price");
|
||||
if (!empty($extralabels)) {
|
||||
if ($db->num_rows($resql) != 1) {
|
||||
foreach ($extralabels as $key => $value) {
|
||||
if (!empty($extrafields->attributes["product_fournisseur_price"]['list'][$key]) && ($extrafields->attributes["product_fournisseur_price"]['list'][$key] == 1 || $extrafields->attributes["product_fournisseur_price"]['list'][$key] == 3 || ($action == "update_price" && $extrafields->attributes["product_fournisseur_price"]['list'][$key] == 4))) {
|
||||
print '<tr><td'.($extrafields->attributes["product_fournisseur_price"]['required'][$key] ? ' class="fieldrequired"' : '').'>'.$langs->trans($value).'</td><td>'.$extrafields->showInputField($key, '', '', '', '', '', 0, 'product_fournisseur_price').'</td></tr>';
|
||||
}
|
||||
}
|
||||
} else {
|
||||
$resql = $db->fetch_object($resql);
|
||||
foreach ($extralabels as $key => $value) {
|
||||
if (!empty($extrafields->attributes["product_fournisseur_price"]['list'][$key]) && ($extrafields->attributes["product_fournisseur_price"]['list'][$key] == 1 || $extrafields->attributes["product_fournisseur_price"]['list'][$key] == 3 || ($action == "update_price" && $extrafields->attributes["product_fournisseur_price"]['list'][$key] == 4))) {
|
||||
print '<tr><td'.($extrafields->attributes["product_fournisseur_price"]['required'][$key] ? ' class="fieldrequired"' : '').'>'.$langs->trans($value).'</td><td>'.$extrafields->showInputField($key, $resql->{$key}, '', '', '', '', 0, 'product_fournisseur_price').'</td></tr>';
|
||||
}
|
||||
}
|
||||
}
|
||||
if (empty($rowid)) {
|
||||
foreach ($extralabels as $key => $value) {
|
||||
if (!empty($extrafields->attributes["product_fournisseur_price"]['list'][$key]) && ($extrafields->attributes["product_fournisseur_price"]['list'][$key] == 1 || $extrafields->attributes["product_fournisseur_price"]['list'][$key] == 3 || ($action == "update_price" && $extrafields->attributes["product_fournisseur_price"]['list'][$key] == 4))) {
|
||||
print '<tr><td'.($extrafields->attributes["product_fournisseur_price"]['required'][$key] ? ' class="fieldrequired"' : '').'>'.$langs->trans($value).'</td><td>'.$extrafields->showInputField($key, GETPOSTISSET('options_' . $key) ? $extrafield_values['options_' . $key] : '', '', '', '', '', 0, 'product_fournisseur_price').'</td></tr>';
|
||||
}
|
||||
}
|
||||
} else {
|
||||
$sql = "SELECT";
|
||||
$sql .= " fk_object";
|
||||
foreach ($extralabels as $key => $value) {
|
||||
$sql .= ", " . $key;
|
||||
}
|
||||
$sql .= " FROM " . MAIN_DB_PREFIX . "product_fournisseur_price_extrafields";
|
||||
$sql .= " WHERE fk_object = " . $rowid;
|
||||
$resql = $db->query($sql);
|
||||
if ($resql) {
|
||||
$obj = $db->fetch_object($resql);
|
||||
foreach ($extralabels as $key => $value) {
|
||||
if (!empty($extrafields->attributes["product_fournisseur_price"]['list'][$key]) && ($extrafields->attributes["product_fournisseur_price"]['list'][$key] == 1 || $extrafields->attributes["product_fournisseur_price"]['list'][$key] == 3 || ($action == "update_price" && $extrafields->attributes["product_fournisseur_price"]['list'][$key] == 4))) {
|
||||
print '<tr><td'.($extrafields->attributes["product_fournisseur_price"]['required'][$key] ? ' class="fieldrequired"' : '').'>'.$langs->trans($value).'</td><td>'.$extrafields->showInputField($key, GETPOSTISSET('options_' . $key) ? $extrafield_values['options_' . $key] : $obj->{$key}, '', '', '', '', 0, 'product_fournisseur_price').'</td></tr>';
|
||||
}
|
||||
}
|
||||
$db->free($resql);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
if (is_object($hookmanager))
|
||||
@ -1008,22 +1018,32 @@ SCRIPT;
|
||||
print '</td>';
|
||||
|
||||
// Extrafields
|
||||
$resql = $db->query("SELECT * FROM ".MAIN_DB_PREFIX."product_fournisseur_price_extrafields WHERE fk_object = ".$productfourn->product_fourn_price_id);
|
||||
if (!empty($extralabels)) {
|
||||
if ($db->num_rows($resql) != 1) {
|
||||
foreach ($extralabels as $key => $value) {
|
||||
if (!empty($extrafields->attributes["product_fournisseur_price"]['list'][$key]) && $extrafields->attributes["product_fournisseur_price"]['list'][$key] != 3) {
|
||||
print "<td></td>";
|
||||
}
|
||||
}
|
||||
} else {
|
||||
$resql = $db->fetch_object($resql);
|
||||
foreach ($extralabels as $key => $value) {
|
||||
if (!empty($extrafields->attributes["product_fournisseur_price"]['list'][$key]) && $extrafields->attributes["product_fournisseur_price"]['list'][$key] != 3) {
|
||||
print '<td align="right">'.$extrafields->showOutputField($key, $resql->{$key})."</td>";
|
||||
}
|
||||
}
|
||||
}
|
||||
$sql = "SELECT";
|
||||
$sql .= " fk_object";
|
||||
foreach ($extralabels as $key => $value) {
|
||||
$sql .= ", " . $key;
|
||||
}
|
||||
$sql .= " FROM " . MAIN_DB_PREFIX . "product_fournisseur_price_extrafields";
|
||||
$sql .= " WHERE fk_object = " . $productfourn->product_fourn_price_id;
|
||||
$resql = $db->query($sql);
|
||||
if ($resql) {
|
||||
if ($db->num_rows($resql) != 1) {
|
||||
foreach ($extralabels as $key => $value) {
|
||||
if (!empty($extrafields->attributes["product_fournisseur_price"]['list'][$key]) && $extrafields->attributes["product_fournisseur_price"]['list'][$key] != 3) {
|
||||
print "<td></td>";
|
||||
}
|
||||
}
|
||||
} else {
|
||||
$obj = $db->fetch_object($resql);
|
||||
foreach ($extralabels as $key => $value) {
|
||||
if (!empty($extrafields->attributes["product_fournisseur_price"]['list'][$key]) && $extrafields->attributes["product_fournisseur_price"]['list'][$key] != 3) {
|
||||
print '<td align="right">'.$extrafields->showOutputField($key, $obj->{$key})."</td>";
|
||||
}
|
||||
}
|
||||
}
|
||||
$db->free($resql);
|
||||
}
|
||||
}
|
||||
|
||||
if (is_object($hookmanager))
|
||||
|
||||
Loading…
Reference in New Issue
Block a user