lainwir3d/dolibarr
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix against SQL injection. Add phpunit to detect missing escapement.

Browse Source
This commit is contained in:
Laurent Destailleur 2017-05-12 16:55:11 +02:00
parent 0d11fce834
commit fa290c34fa
57 changed files with 202 additions and 198 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
htdocs/accountancy/class/accountingaccount.class.php
View File

@ -251,12 +251,12 @@ class AccountingAccount extends CommonObject
$sql .= " SET fk_pcg_version = " . ($this->fk_pcg_version ? "'" . $this->db->escape($this->fk_pcg_version) . "'" : "null");
$sql .= " , pcg_type = " . ($this->pcg_type ? "'" . $this->db->escape($this->pcg_type) . "'" : "null");
$sql .= " , pcg_subtype = " . ($this->pcg_subtype ? "'" . $this->db->escape($this->pcg_subtype) . "'" : "null");
$sql .= " , account_number = '" . $this->account_number . "'";
$sql .= " , account_parent = '" . $this->account_parent . "'";
$sql .= " , account_number = '" . $this->db->escape($this->account_number) . "'";
$sql .= " , account_parent = '" . $this->db->escape($this->account_parent) . "'";
$sql .= " , label = " . ($this->label ? "'" . $this->db->escape($this->label) . "'" : "null");
$sql .= " , fk_accounting_category = '" . $this->account_category . "'";
$sql .= " , fk_accounting_category = '" . $this->db->escape($this->account_category) . "'";
$sql .= " , fk_user_modif = " . $user->id;
$sql .= " , active = '" . $this->active . "'";
$sql .= " , active = " . $this->active;
$sql .= " WHERE rowid = " . $this->id;
dol_syslog(get_class($this) . "::update sql=" . $sql, LOG_DEBUG);

10
htdocs/accountancy/class/bookkeeping.class.php
View File

@ -189,10 +189,10 @@ class BookKeeping extends CommonObject
// First check if line not yet already in bookkeeping
$sql = "SELECT count(*) as nb";
$sql .= " FROM " . MAIN_DB_PREFIX . $this->table_element;
$sql .= " WHERE doc_type = '" . $this->doc_type . "'";
$sql .= " WHERE doc_type = '" . $this->db->escape($this->doc_type) . "'";
$sql .= " AND fk_doc = " . $this->fk_doc;
$sql .= " AND fk_docdet = " . $this->fk_docdet; // This field can be 0 is record is for several lines
$sql .= " AND numero_compte = '" . $this->numero_compte . "'";
$sql .= " AND numero_compte = '" . $this->db->escape($this->numero_compte) . "'";
$sql .= " AND entity IN (" . getEntity("accountancy", 1) . ")";
$resql = $this->db->query($sql);
@ -204,9 +204,9 @@ class BookKeeping extends CommonObject
// Determine piece_num
$sqlnum = "SELECT piece_num";
$sqlnum .= " FROM " . MAIN_DB_PREFIX . $this->table_element;
$sqlnum .= " WHERE doc_type = '" . $this->doc_type . "'"; // For example doc_type = 'bank'
$sqlnum .= " AND fk_docdet = '" . $this->fk_docdet . "'"; // fk_docdet is rowid into llx_bank or llx_facturedet or llx_facturefourndet, or ...
$sqlnum .= " AND doc_ref = '" . $this->doc_ref . "'"; // ref of source object
$sqlnum .= " WHERE doc_type = '" . $this->db->escape($this->doc_type) . "'"; // For example doc_type = 'bank'
$sqlnum .= " AND fk_docdet = " . $this->db->escape($this->fk_docdet); // fk_docdet is rowid into llx_bank or llx_facturedet or llx_facturefourndet, or ...
$sqlnum .= " AND doc_ref = '" . $this->db->escape($this->doc_ref) . "'"; // ref of source object
$sqlnum .= " AND entity IN (" . getEntity("accountancy", 1) . ")";
dol_syslog(get_class($this) . ":: create sqlnum=" . $sqlnum, LOG_DEBUG);

4
htdocs/adherents/class/adherent.class.php
View File

@ -345,7 +345,7 @@ class Adherent extends CommonObject
{
// Add link to user
$sql = "UPDATE ".MAIN_DB_PREFIX."user SET";
$sql.= " fk_member = '".$this->id."'";
$sql.= " fk_member = ".$this->id;
$sql.= " WHERE rowid = ".$this->user_id;
dol_syslog(get_class($this)."::create", LOG_DEBUG);
$resql = $this->db->query($sql);
@ -1099,7 +1099,7 @@ class Adherent extends CommonObject
elseif ($ref || $fk_soc) {
$sql.= " AND d.entity IN (".getEntity().")";
if ($ref) $sql.= " AND d.rowid='".$this->db->escape($ref)."'";
elseif ($fk_soc) $sql.= " AND d.fk_soc='".$fk_soc."'";
elseif ($fk_soc > 0) $sql.= " AND d.fk_soc=".$fk_soc;
}
elseif ($ref_ext)
{

4
htdocs/adherents/class/adherent_type.class.php
View File

@ -123,9 +123,9 @@ class AdherentType extends CommonObject
$sql.= "SET ";
$sql.= "statut = ".$this->statut.",";
$sql.= "libelle = '".$this->db->escape($this->libelle) ."',";
$sql.= "subscription = '".$this->subscription."',";
$sql.= "subscription = '".$this->db->escape($this->subscription)."',";
$sql.= "note = '".$this->db->escape($this->note)."',";
$sql.= "vote = '".$this->vote."',";
$sql.= "vote = '".$this->db->escape($this->vote)."',";
$sql.= "mail_valid = '".$this->db->escape($this->mail_valid)."'";
$sql .= " WHERE rowid =".$this->id;

6
htdocs/bookmarks/class/bookmark.class.php
View File

@ -173,10 +173,10 @@ class Bookmark extends CommonObject
$sql.= " SET fk_user = ".($this->fk_user > 0?"'".$this->fk_user."'":"0");
$sql.= " ,dateb = '".$this->db->idate($this->datec)."'";
$sql.= " ,url = '".$this->db->escape($this->url)."'";
$sql.= " ,target = '".$this->target."'";
$sql.= " ,target = '".$this->db->escape($this->target)."'";
$sql.= " ,title = '".$this->db->escape($this->title)."'";
$sql.= " ,favicon = '".$this->favicon."'";
$sql.= " ,position = '".$this->position."'";
$sql.= " ,favicon = '".$this->db->escape($this->favicon)."'";
$sql.= " ,position = '".$this->db->escape($this->position)."'";
$sql.= " WHERE rowid = ".$this->id;
dol_syslog("Bookmark::update", LOG_DEBUG);

10
htdocs/categories/class/categorie.class.php
View File

@ -189,9 +189,9 @@ class Categorie extends CommonObject
$sql = "SELECT rowid, fk_parent, entity, label, description, color, fk_soc, visible, type";
$sql.= " FROM ".MAIN_DB_PREFIX."categorie";
if ($id)
if ($id > 0)
{
$sql.= " WHERE rowid = '".$id."'";
$sql.= " WHERE rowid = ".$id;
}
else
{
@ -399,7 +399,7 @@ class Categorie extends CommonObject
{
$sql .= ", fk_soc = ".($this->socid != -1 ? $this->socid : 'null');
}
$sql .= ", visible = '".$this->visible."'";
$sql .= ", visible = '".$this->db->escape($this->visible)."'";
$sql .= ", fk_parent = ".$this->fk_parent;
$sql .= " WHERE rowid = ".$this->id;
@ -1670,7 +1670,7 @@ class Categorie extends CommonObject
$sql2 = "UPDATE ".MAIN_DB_PREFIX."categorie_lang";
$sql2.= " SET label='".$this->db->escape($this->label)."',";
$sql2.= " description='".$this->db->escape($this->description)."'";
$sql2.= " WHERE fk_category=".$this->id." AND lang='".$key."'";
$sql2.= " WHERE fk_category=".$this->id." AND lang='".$this->db->escape($key)."'";
}
else
{
@ -1692,7 +1692,7 @@ class Categorie extends CommonObject
$sql2 = "UPDATE ".MAIN_DB_PREFIX."categorie_lang";
$sql2.= " SET label='".$this->db->escape($this->multilangs["$key"]["label"])."',";
$sql2.= " description='".$this->db->escape($this->multilangs["$key"]["description"])."'";
$sql2.= " WHERE fk_category=".$this->id." AND lang='".$key."'";
$sql2.= " WHERE fk_category=".$this->id." AND lang='".$this->db->escape($key)."'";
}
else
{

12
htdocs/comm/action/class/actioncomm.class.php
View File

@ -753,8 +753,8 @@ class ActionComm extends CommonObject
$this->db->begin();
$sql = "UPDATE ".MAIN_DB_PREFIX."actioncomm ";
$sql.= " SET percent = '".$this->percentage."'";
if ($this->fk_action > 0) $sql.= ", fk_action = '".$this->fk_action."'";
$sql.= " SET percent = '".$this->db->escape($this->percentage)."'";
if ($this->fk_action > 0) $sql.= ", fk_action = '".$this->db->escape($this->fk_action)."'";
$sql.= ", label = ".($this->label ? "'".$this->db->escape($this->label)."'":"null");
$sql.= ", datep = ".(strval($this->datep)!='' ? "'".$this->db->idate($this->datep)."'" : 'null');
$sql.= ", datep2 = ".(strval($this->datef)!='' ? "'".$this->db->idate($this->datef)."'" : 'null');
@ -763,11 +763,11 @@ class ActionComm extends CommonObject
$sql.= ", fk_project =". ($this->fk_project > 0 ? "'".$this->fk_project."'":"null");
$sql.= ", fk_soc =". ($socid > 0 ? "'".$socid."'":"null");
$sql.= ", fk_contact =". ($contactid > 0 ? "'".$contactid."'":"null");
$sql.= ", priority = '".$this->priority."'";
$sql.= ", fulldayevent = '".$this->fulldayevent."'";
$sql.= ", priority = '".$this->db->escape($this->priority)."'";
$sql.= ", fulldayevent = '".$this->db->escape($this->fulldayevent)."'";
$sql.= ", location = ".($this->location ? "'".$this->db->escape($this->location)."'":"null");
$sql.= ", transparency = '".$this->transparency."'";
$sql.= ", fk_user_mod = '".$user->id."'";
$sql.= ", transparency = '".$this->db->escape($this->transparency)."'";
$sql.= ", fk_user_mod = ".$user->id;
$sql.= ", fk_user_action=".($userownerid > 0 ? "'".$userownerid."'":"null");
$sql.= ", fk_user_done=".($userdoneid > 0 ? "'".$userdoneid."'":"null");
if (! empty($this->fk_element)) $sql.= ", fk_element=".($this->fk_element?$this->fk_element:"null");

10
htdocs/comm/mailing/class/mailing.class.php
View File

@ -159,11 +159,11 @@ class Mailing extends CommonObject
$sql .= " SET titre = '".$this->db->escape($this->titre)."'";
$sql .= ", sujet = '".$this->db->escape($this->sujet)."'";
$sql .= ", body = '".$this->db->escape($this->body)."'";
$sql .= ", email_from = '".$this->email_from."'";
$sql .= ", email_replyto = '".$this->email_replyto."'";
$sql .= ", email_errorsto = '".$this->email_errorsto."'";
$sql .= ", bgcolor = '".($this->bgcolor?$this->bgcolor:null)."'";
$sql .= ", bgimage = '".($this->bgimage?$this->bgimage:null)."'";
$sql .= ", email_from = '".$this->db->escape($this->email_from)."'";
$sql .= ", email_replyto = '".$this->db->escape($this->email_replyto)."'";
$sql .= ", email_errorsto = '".$this->db->escape($this->email_errorsto)."'";
$sql .= ", bgcolor = '".($this->bgcolor?$this->db->escape($this->bgcolor):null)."'";
$sql .= ", bgimage = '".($this->bgimage?$this->db->escape($this->bgimage):null)."'";
$sql .= " WHERE rowid = ".$this->id;
dol_syslog("Mailing::Update", LOG_DEBUG);

2
htdocs/comm/propal/class/propal.class.php
View File

@ -1021,7 +1021,7 @@ class Propal extends CommonObject
{
$sql = "UPDATE ".MAIN_DB_PREFIX."propal";
$sql.= " SET fk_delivery_address = ".$this->fk_delivery_address;
$sql.= " WHERE ref = '".$this->ref."'";
$sql.= " WHERE ref = '".$this->db->escape($this->ref)."'";
$sql.= " AND entity = ".$conf->entity;
$result=$this->db->query($sql);

6
htdocs/compta/bank/class/account.class.php
View File

@ -701,8 +701,8 @@ class Account extends CommonObject
$sql.= ",clos = ".$this->clos;
$sql.= ",rappro = ".$this->rappro;
$sql.= ",url = ".($this->url?"'".$this->url."'":"null");
$sql.= ",account_number = '".$this->account_number."'";
$sql.= ",fk_accountancy_journal = '".$this->fk_accountancy_journal."'";
$sql.= ",account_number = '".$this->db->escape($this->account_number)."'";
$sql.= ",fk_accountancy_journal = '".$this->db->escape($this->fk_accountancy_journal)."'";
$sql.= ",bank = '".$this->db->escape($this->bank)."'";
$sql.= ",code_banque='".$this->db->escape($this->code_banque)."'";
@ -1858,7 +1858,7 @@ class AccountLine extends CommonObject
$sql = "UPDATE ".MAIN_DB_PREFIX."bank SET";
$sql.= " rappro = 1";
$sql.= ", num_releve = '".$this->num_releve."'";
$sql.= ", num_releve = '".$this->db->escape($this->num_releve)."'";
$sql.= ", fk_user_rappro = ".$user->id;
$sql.= " WHERE rowid = ".$this->id;

12
htdocs/compta/bank/class/paymentvarious.class.php
View File

@ -88,19 +88,19 @@ class PaymentVarious extends CommonObject
$sql = "UPDATE ".MAIN_DB_PREFIX."payment_salary SET";
$sql.= " tms=".$this->db->idate($this->tms).",";
$sql.= " fk_user='".$this->fk_user."',";
$sql.= " fk_user=".$this->fk_user.",";
$sql.= " datep=".$this->db->idate($this->datep).",";
$sql.= " datev=".$this->db->idate($this->datev).",";
$sql.= " sens=".$this->sens.",";
$sql.= " amount='".$this->amount."',";
$sql.= " amount=".price2num($this->amount).",";
$sql.= " fk_typepayment=".$this->fk_typepayment."',";
$sql.= " num_payment='".$this->num_payment."',";
$sql.= " num_payment='".$this->db->escape($this->num_payment)."',";
$sql.= " label='".$this->db->escape($this->label)."',";
$sql.= " note='".$this->db->escape($this->note)."',";
$sql.= " accountancy_code='".$this->db->escape($this->accountancy_code)."',";
$sql.= " fk_bank=".($this->fk_bank > 0 ? "'".$this->fk_bank."'":"null").",";
$sql.= " fk_user_author='".$this->fk_user_author."',";
$sql.= " fk_user_modif='".$this->fk_user_modif."'";
$sql.= " fk_bank=".($this->fk_bank > 0 ? $this->fk_bank:"null").",";
$sql.= " fk_user_author=".$this->fk_user_author.",";
$sql.= " fk_user_modif=".$this->fk_user_modif;
$sql.= " WHERE rowid=".$this->id;

4
htdocs/compta/deplacement/class/deplacement.class.php
View File

@ -187,8 +187,8 @@ class Deplacement extends CommonObject
$sql = "UPDATE ".MAIN_DB_PREFIX."deplacement ";
$sql .= " SET km = ".$this->km; // This is a distance or amount
$sql .= " , dated = '".$this->db->idate($this->date)."'";
$sql .= " , type = '".$this->type."'";
$sql .= " , fk_statut = '".$this->statut."'";
$sql .= " , type = '".$this->db->escape($this->type)."'";
$sql .= " , fk_statut = '".$this->db->escape($this->statut)."'";
$sql .= " , fk_user = ".$this->fk_user;
$sql .= " , fk_user_modif = ".$user->id;
$sql .= " , fk_soc = ".($this->socid > 0?$this->socid:'null');

2
htdocs/compta/paiement/cheque/class/remisecheque.class.php
View File

@ -308,7 +308,7 @@ class RemiseCheque extends CommonObject
if ( $this->errno === 0) {
$sql = "UPDATE ".MAIN_DB_PREFIX."bank";
$sql.= " SET fk_bordereau = 0";
$sql.= " WHERE fk_bordereau = '".$this->id."'";
$sql.= " WHERE fk_bordereau = ".$this->id;
$resql = $this->db->query($sql);
if (!$resql)

8
htdocs/compta/prelevement/class/bonprelevement.class.php
View File

@ -1082,19 +1082,19 @@ class BonPrelevement extends CommonObject
{
$this->db->begin();
$sql = "DELETE FROM ".MAIN_DB_PREFIX."prelevement_facture WHERE fk_prelevement_lignes IN (SELECT rowid FROM ".MAIN_DB_PREFIX."prelevement_lignes WHERE fk_prelevement_bons = '".$this->id."')";
$sql = "DELETE FROM ".MAIN_DB_PREFIX."prelevement_facture WHERE fk_prelevement_lignes IN (SELECT rowid FROM ".MAIN_DB_PREFIX."prelevement_lignes WHERE fk_prelevement_bons = ".$this->id.")";
$resql1=$this->db->query($sql);
if (! $resql1) dol_print_error($this->db);
$sql = "DELETE FROM ".MAIN_DB_PREFIX."prelevement_lignes WHERE fk_prelevement_bons = '".$this->id."'";
$sql = "DELETE FROM ".MAIN_DB_PREFIX."prelevement_lignes WHERE fk_prelevement_bons = ".$this->id;
$resql2=$this->db->query($sql);
if (! $resql2) dol_print_error($this->db);
$sql = "DELETE FROM ".MAIN_DB_PREFIX."prelevement_bons WHERE rowid = '".$this->id."'";
$sql = "DELETE FROM ".MAIN_DB_PREFIX."prelevement_bons WHERE rowid = ".$this->id;
$resql3=$this->db->query($sql);
if (! $resql3) dol_print_error($this->db);
$sql = "UPDATE ".MAIN_DB_PREFIX."prelevement_facture_demande SET fk_prelevement_bons = NULL, traite = 0 WHERE fk_prelevement_bons = '".$this->id."'";
$sql = "UPDATE ".MAIN_DB_PREFIX."prelevement_facture_demande SET fk_prelevement_bons = NULL, traite = 0 WHERE fk_prelevement_bons = ".$this->id;
$resql4=$this->db->query($sql);
if (! $resql4) dol_print_error($this->db);

2
htdocs/contact/class/contact.class.php
View File

@ -317,7 +317,7 @@ class Contact extends CommonObject
$sql .= ", phone_perso = ".(isset($this->phone_perso)?"'".$this->db->escape($this->phone_perso)."'":"null");
$sql .= ", phone_mobile = ".(isset($this->phone_mobile)?"'".$this->db->escape($this->phone_mobile)."'":"null");
$sql .= ", jabberid = ".(isset($this->jabberid)?"'".$this->db->escape($this->jabberid)."'":"null");
$sql .= ", priv = '".$this->priv."'";
$sql .= ", priv = '".$this->db->escape($this->priv)."'";
$sql .= ", statut = ".$this->statut;
$sql .= ", fk_user_modif=".($user->id > 0 ? "'".$user->id."'":"NULL");
$sql .= ", default_lang=".($this->default_lang?"'".$this->default_lang."'":"NULL");

10
htdocs/contrat/class/contrat.class.php
View File

@ -2801,10 +2801,10 @@ class ContratLigne extends CommonObjectLine
$sql.= " tva_tx=".price2num($this->tva_tx).",";
$sql.= " localtax1_tx=".price2num($this->localtax1_tx).",";
$sql.= " localtax2_tx=".price2num($this->localtax2_tx).",";
$sql.= " qty='".$this->qty."',";
$sql.= " qty=".price2num($this->qty).",";
$sql.= " remise_percent=".price2num($this->remise_percent).",";
$sql.= " remise=".($this->remise?"'".$this->remise."'":"null").",";
$sql.= " fk_remise_except=".($this->fk_remise_except?"'".$this->fk_remise_except."'":"null").",";
$sql.= " remise=".($this->remise?price2num($this->remise):"null").",";
$sql.= " fk_remise_except=".($this->fk_remise_except > 0?$this->fk_remise_except:"null").",";
$sql.= " subprice=".($this->subprice != '' ? $this->subprice : "null").",";
$sql.= " price_ht=".($this->price_ht != '' ? $this->price_ht : "null").",";
$sql.= " total_ht=".$this->total_ht.",";
@ -2818,8 +2818,8 @@ class ContratLigne extends CommonObjectLine
$sql.= " fk_user_author=".($this->fk_user_author >= 0?$this->fk_user_author:"NULL").",";
$sql.= " fk_user_ouverture=".($this->fk_user_ouverture > 0?$this->fk_user_ouverture:"NULL").",";
$sql.= " fk_user_cloture=".($this->fk_user_cloture > 0?$this->fk_user_cloture:"NULL").",";
$sql.= " commentaire='".$this->db->escape($this->commentaire)."'";
$sql.= ", fk_unit=".(!$this->fk_unit ? 'NULL' : $this->fk_unit);
$sql.= " commentaire='".$this->db->escape($this->commentaire)."',";
$sql.= " fk_unit=".(!$this->fk_unit ? 'NULL' : $this->fk_unit);
$sql.= " WHERE rowid=".$this->id;
dol_syslog(get_class($this)."::update", LOG_DEBUG);

32
htdocs/core/class/commonobject.class.php
View File

@ -579,7 +579,7 @@ abstract class CommonObject
// On recherche id type_contact
$sql = "SELECT tc.rowid";
$sql.= " FROM ".MAIN_DB_PREFIX."c_type_contact as tc";
$sql.= " WHERE tc.element='".$this->element."'";
$sql.= " WHERE tc.element='".$this->db->escape($this->element)."'";
$sql.= " AND tc.source='".$source."'";
$sql.= " AND tc.code='".$type_contact."' AND tc.active=1";
//print $sql;
@ -791,7 +791,7 @@ abstract class CommonObject
if ($source == 'external'|| $source == 'thirdparty') $sql.=" LEFT JOIN ".MAIN_DB_PREFIX."socpeople t on ec.fk_socpeople = t.rowid";
$sql.= " WHERE ec.element_id =".$this->id;
$sql.= " AND ec.fk_c_type_contact=tc.rowid";
$sql.= " AND tc.element='".$this->element."'";
$sql.= " AND tc.element='".$this->db->escape($this->element)."'";
if ($code) $sql.= " AND tc.code = '".$this->db->escape($code)."'";
if ($source == 'internal') $sql.= " AND tc.source = 'internal'";
if ($source == 'external' || $source == 'thirdparty') $sql.= " AND tc.source = 'external'";
@ -852,7 +852,7 @@ abstract class CommonObject
//$sql.= " LEFT JOIN ".MAIN_DB_PREFIX."socpeople as s ON ec.fk_socpeople=s.rowid"; // Si contact de type external, alors il est lie a une societe
$sql.= " WHERE ec.rowid =".$rowid;
$sql.= " AND ec.fk_c_type_contact=tc.rowid";
$sql.= " AND tc.element = '".$this->element."'";
$sql.= " AND tc.element = '".$this->db->escape($this->element)."'";
dol_syslog(get_class($this)."::swapContactStatus", LOG_DEBUG);
$resql=$this->db->query($sql);
@ -893,10 +893,10 @@ abstract class CommonObject
$tab = array();
$sql = "SELECT DISTINCT tc.rowid, tc.code, tc.libelle, tc.position";
$sql.= " FROM ".MAIN_DB_PREFIX."c_type_contact as tc";
$sql.= " WHERE tc.element='".$this->element."'";
$sql.= " WHERE tc.element='".$this->db->escape($this->element)."'";
if ($activeonly == 1) $sql.= " AND tc.active=1"; // only the active types
if (! empty($source) && $source != 'all') $sql.= " AND tc.source='".$source."'";
if (! empty($code)) $sql.= " AND tc.code='".$code."'";
if (! empty($source) && $source != 'all') $sql.= " AND tc.source='".$this->db->escape($source)."'";
if (! empty($code)) $sql.= " AND tc.code='".$this->db->escape($code)."'";
$sql.= $this->db->order($order,'ASC');
//print "sql=".$sql;
@ -2691,16 +2691,16 @@ abstract class CommonObject
if ($updatesource)
{
$sql.= "fk_source = ".$sourceid;
$sql.= ", sourcetype = '".$sourcetype."'";
$sql.= ", sourcetype = '".$this->db->escape($sourcetype)."'";
$sql.= " WHERE fk_target = ".$this->id;
$sql.= " AND targettype = '".$this->element."'";
$sql.= " AND targettype = '".$this->db->escape($this->element)."'";
}
else if ($updatetarget)
{
$sql.= "fk_target = ".$targetid;
$sql.= ", targettype = '".$targettype."'";
$sql.= ", targettype = '".$this->db->escape($targettype)."'";
$sql.= " WHERE fk_source = ".$this->id;
$sql.= " AND sourcetype = '".$this->element."'";
$sql.= " AND sourcetype = '".$this->db->escape($this->element)."'";
}
dol_syslog(get_class($this)."::updateObjectLinked", LOG_DEBUG);
@ -2749,19 +2749,19 @@ abstract class CommonObject
{
if ($deletesource)
{
$sql.= " fk_source = ".$sourceid." AND sourcetype = '".$sourcetype."'";
$sql.= " AND fk_target = ".$this->id." AND targettype = '".$this->element."'";
$sql.= " fk_source = ".$sourceid." AND sourcetype = '".$this->db->escape($sourcetype)."'";
$sql.= " AND fk_target = ".$this->id." AND targettype = '".$this->db->escape($this->element)."'";
}
else if ($deletetarget)
{
$sql.= " fk_target = ".$targetid." AND targettype = '".$targettype."'";
$sql.= " AND fk_source = ".$this->id." AND sourcetype = '".$this->element."'";
$sql.= " fk_target = ".$targetid." AND targettype = '".$this->db->escape($targettype)."'";
$sql.= " AND fk_source = ".$this->id." AND sourcetype = '".$this->db->escape($this->element)."'";
}
else
{
$sql.= " (fk_source = ".$this->id." AND sourcetype = '".$this->element."')";
$sql.= " (fk_source = ".$this->id." AND sourcetype = '".$this->db->escape($this->element)."')";
$sql.= " OR";
$sql.= " (fk_target = ".$this->id." AND targettype = '".$this->element."')";
$sql.= " (fk_target = ".$this->id." AND targettype = '".$this->db->escape($this->element)."')";
}
}

2
htdocs/core/class/events.class.php
View File

@ -171,7 +171,7 @@ class Events // extends CommonObject
// Update request
$sql = "UPDATE ".MAIN_DB_PREFIX."events SET";
$sql.= " type='".$this->type."',";
$sql.= " type='".$this->db->escape($this->type)."',";
$sql.= " dateevent=".$this->db->idate($this->dateevent).",";
$sql.= " description='".$this->db->escape($this->description)."'";
$sql.= " WHERE rowid=".$this->id;

4
htdocs/core/class/fiscalyear.class.php
View File

@ -142,10 +142,10 @@ class Fiscalyear extends CommonObject
$this->db->begin();
$sql = "UPDATE ".MAIN_DB_PREFIX."accounting_fiscalyear";
$sql .= " SET label = '".$this->label."'";
$sql .= " SET label = '".$this->db->escape($this->label)."'";
$sql .= ", date_start = '".$this->db->idate($this->date_start)."'";
$sql .= ", date_end = ".($this->date_end ? "'".$this->db->idate($this->date_end)."'" : "null");
$sql .= ", statut = '".$this->statut."'";
$sql .= ", statut = '".$this->db->escape($this->statut)."'";
$sql .= ", datec = " . ($this->datec != '' ? "'".$this->db->idate($this->datec)."'" : 'null');
$sql .= ", fk_user_modif = " . $user->id;
$sql .= " WHERE rowid = ".$this->id;

4
htdocs/core/class/link.class.php
View File

@ -174,9 +174,9 @@ class Link extends CommonObject
$sql .= ", datea = '" . $this->db->idate(dol_now()) . "'";
$sql .= ", url = '" . $this->db->escape($this->url) . "'";
$sql .= ", label = '" . $this->db->escape($this->label) . "'";
$sql .= ", objecttype = '" . $this->objecttype . "'";
$sql .= ", objecttype = '" . $this->db->escape($this->objecttype) . "'";
$sql .= ", objectid = " . $this->objectid;
$sql .= " WHERE rowid = '" . $this->id ."'";
$sql .= " WHERE rowid = " . $this->id;
dol_syslog(get_class($this)."::update sql = " .$sql);
$resql = $this->db->query($sql);

8
htdocs/core/class/menubase.class.php
View File

@ -216,20 +216,20 @@ class Menubase
$sql = "UPDATE ".MAIN_DB_PREFIX."menu SET";
$sql.= " menu_handler='".$this->db->escape($this->menu_handler)."',";
$sql.= " module='".$this->db->escape($this->module)."',";
$sql.= " type='".$this->type."',";
$sql.= " type='".$this->db->escape($this->type)."',";
$sql.= " mainmenu='".$this->db->escape($this->mainmenu)."',";
$sql.= " leftmenu='".$this->db->escape($this->leftmenu)."',";
$sql.= " fk_menu='".$this->fk_menu."',";
$sql.= " fk_menu='".$this->db->escape($this->fk_menu)."',";
$sql.= " fk_mainmenu=".($this->fk_mainmenu?"'".$this->fk_mainmenu."'":"null").",";
$sql.= " fk_leftmenu=".($this->fk_leftmenu?"'".$this->fk_leftmenu."'":"null").",";
$sql.= " position='".$this->position."',";
$sql.= " position=".($this->position > 0 ? $this->position : 0).",";
$sql.= " url='".$this->db->escape($this->url)."',";
$sql.= " target='".$this->db->escape($this->target)."',";
$sql.= " titre='".$this->db->escape($this->titre)."',";
$sql.= " langs='".$this->db->escape($this->langs)."',";
$sql.= " perms='".$this->db->escape($this->perms)."',";
$sql.= " enabled='".$this->db->escape($this->enabled)."',";
$sql.= " usertype='".$this->user."'";
$sql.= " usertype='".$this->db->escape($this->user)."'";
$sql.= " WHERE rowid=".$this->id;
dol_syslog(get_class($this)."::update", LOG_DEBUG);

12
htdocs/core/modules/DolibarrModules.class.php
View File

@ -779,7 +779,7 @@ class DolibarrModules // Can not be abstract, because we need to insta
global $conf;
$sql = "SELECT tms FROM ".MAIN_DB_PREFIX."const";
$sql.= " WHERE ".$this->db->decrypt('name')." = '".$this->const_name."'";
$sql.= " WHERE ".$this->db->decrypt('name')." = '".$this->db->escape($this->const_name)."'";
$sql.= " AND entity IN (0, ".$conf->entity.")";
dol_syslog(get_class($this)."::getLastActiveDate", LOG_DEBUG);
@ -805,7 +805,7 @@ class DolibarrModules // Can not be abstract, because we need to insta
global $conf;
$sql = "SELECT tms, note FROM ".MAIN_DB_PREFIX."const";
$sql.= " WHERE ".$this->db->decrypt('name')." = '".$this->const_name."'";
$sql.= " WHERE ".$this->db->decrypt('name')." = '".$this->db->escape($this->const_name)."'";
$sql.= " AND entity IN (0, ".$conf->entity.")";
dol_syslog(get_class($this)."::getLastActiveDate", LOG_DEBUG);
@ -841,7 +841,7 @@ class DolibarrModules // Can not be abstract, because we need to insta
$entity = ((! empty($this->always_enabled) || ! empty($this->core_enabled)) ? 0 : $conf->entity);
$sql = "DELETE FROM ".MAIN_DB_PREFIX."const";
$sql.= " WHERE ".$this->db->decrypt('name')." = '".$this->const_name."'";
$sql.= " WHERE ".$this->db->decrypt('name')." = '".$this->db->escape($this->const_name)."'";
$sql.= " AND entity IN (0, ".$entity.")";
dol_syslog(get_class($this)."::_active", LOG_DEBUG);
@ -879,7 +879,7 @@ class DolibarrModules // Can not be abstract, because we need to insta
$entity = ((! empty($this->always_enabled) || ! empty($this->core_enabled)) ? 0 : $conf->entity);
$sql = "DELETE FROM ".MAIN_DB_PREFIX."const";
$sql.= " WHERE ".$this->db->decrypt('name')." = '".$this->const_name."'";
$sql.= " WHERE ".$this->db->decrypt('name')." = '".$this->db->escape($this->const_name)."'";
$sql.= " AND entity IN (0, ".$entity.")";
dol_syslog(get_class($this)."::_unactive", LOG_DEBUG);
@ -1520,7 +1520,7 @@ class DolibarrModules // Can not be abstract, because we need to insta
// Test if module is activated
$sql_del = "SELECT ".$this->db->decrypt('value')." as value";
$sql_del.= " FROM ".MAIN_DB_PREFIX."const";
$sql_del.= " WHERE ".$this->db->decrypt('name')." = '".$this->const_name."'";
$sql_del.= " WHERE ".$this->db->decrypt('name')." = '".$this->db->escape($this->const_name)."'";
$sql_del.= " AND entity IN (0,".$entity.")";
dol_syslog(get_class($this)."::insert_permissions", LOG_DEBUG);
@ -1655,7 +1655,7 @@ class DolibarrModules // Can not be abstract, because we need to insta
$err=0;
$sql = "DELETE FROM ".MAIN_DB_PREFIX."rights_def";
$sql.= " WHERE module = '".$this->rights_class."'";
$sql.= " WHERE module = '".$this->db->escape($this->rights_class)."'";
$sql.= " AND entity = ".$conf->entity;
dol_syslog(get_class($this)."::delete_permissions", LOG_DEBUG);
if (! $this->db->query($sql))

4
htdocs/core/modules/modAdherent.class.php
View File

@ -369,8 +369,8 @@ class modAdherent extends DolibarrModules
}*/
$sql = array(
"DELETE FROM ".MAIN_DB_PREFIX."document_model WHERE nom = '".$this->const[0][2]."' AND type='member' AND entity = ".$conf->entity,
"INSERT INTO ".MAIN_DB_PREFIX."document_model (nom, type, entity) VALUES('".$this->const[0][2]."','member',".$conf->entity.")"
"DELETE FROM ".MAIN_DB_PREFIX."document_model WHERE nom = '".$this->db->escape($this->const[0][2])."' AND type='member' AND entity = ".$conf->entity,
"INSERT INTO ".MAIN_DB_PREFIX."document_model (nom, type, entity) VALUES('".$this->db->escape($this->const[0][2])."','member',".$conf->entity.")"
);
return $this->_init($sql,$options);

4
htdocs/core/modules/modCommande.class.php
View File

@ -256,8 +256,8 @@ class modCommande extends DolibarrModules
}
$sql = array(
"DELETE FROM ".MAIN_DB_PREFIX."document_model WHERE nom = '".$this->const[0][2]."' AND type = 'order' AND entity = ".$conf->entity,
"INSERT INTO ".MAIN_DB_PREFIX."document_model (nom, type, entity) VALUES('".$this->const[0][2]."','order',".$conf->entity.")"
"DELETE FROM ".MAIN_DB_PREFIX."document_model WHERE nom = '".$this->db->escape($this->const[0][2])."' AND type = 'order' AND entity = ".$conf->entity,
"INSERT INTO ".MAIN_DB_PREFIX."document_model (nom, type, entity) VALUES('".$this->db->escape($this->const[0][2])."','order',".$conf->entity.")"
);
return $this->_init($sql,$options);

4
htdocs/core/modules/modDon.class.php
View File

@ -157,8 +157,8 @@ class modDon extends DolibarrModules
global $conf;
$sql = array(
"DELETE FROM ".MAIN_DB_PREFIX."document_model WHERE nom = '".$this->const[0][2]."' AND type = 'donation' AND entity = ".$conf->entity,
"INSERT INTO ".MAIN_DB_PREFIX."document_model (nom, type, entity) VALUES('".$this->const[0][2]."','donation',".$conf->entity.")",
"DELETE FROM ".MAIN_DB_PREFIX."document_model WHERE nom = '".$this->db->escape($this->const[0][2])."' AND type = 'donation' AND entity = ".$conf->entity,
"INSERT INTO ".MAIN_DB_PREFIX."document_model (nom, type, entity) VALUES('".$this->db->escape($this->const[0][2])."','donation',".$conf->entity.")",
);
return $this->_init($sql,$options);

8
htdocs/core/modules/modExpedition.class.php
View File

@ -318,10 +318,10 @@ class modExpedition extends DolibarrModules
$sql = array();
$sql = array(
"DELETE FROM ".MAIN_DB_PREFIX."document_model WHERE nom = '".$this->const[0][2]."' AND type = 'shipping' AND entity = ".$conf->entity,
"INSERT INTO ".MAIN_DB_PREFIX."document_model (nom, type, entity) VALUES('".$this->const[0][2]."','shipping',".$conf->entity.")",
"DELETE FROM ".MAIN_DB_PREFIX."document_model WHERE nom = '".$this->const[3][2]."' AND type = 'delivery' AND entity = ".$conf->entity,
"INSERT INTO ".MAIN_DB_PREFIX."document_model (nom, type, entity) VALUES('".$this->const[3][2]."','delivery',".$conf->entity.")",
"DELETE FROM ".MAIN_DB_PREFIX."document_model WHERE nom = '".$this->db->escape($this->const[0][2])."' AND type = 'shipping' AND entity = ".$conf->entity,
"INSERT INTO ".MAIN_DB_PREFIX."document_model (nom, type, entity) VALUES('".$this->db->escape($this->const[0][2])."','shipping',".$conf->entity.")",
"DELETE FROM ".MAIN_DB_PREFIX."document_model WHERE nom = '".$this->db->escape($this->const[3][2])."' AND type = 'delivery' AND entity = ".$conf->entity,
"INSERT INTO ".MAIN_DB_PREFIX."document_model (nom, type, entity) VALUES('".$this->db->escape($this->const[3][2])."','delivery',".$conf->entity.")",
);
return $this->_init($sql,$options);

4
htdocs/core/modules/modFacture.class.php
View File

@ -311,8 +311,8 @@ class modFacture extends DolibarrModules
}
$sql = array(
"DELETE FROM ".MAIN_DB_PREFIX."document_model WHERE nom = '".$this->const[0][2]."' AND type = 'invoice' AND entity = ".$conf->entity,
"INSERT INTO ".MAIN_DB_PREFIX."document_model (nom, type, entity) VALUES('".$this->const[0][2]."','invoice',".$conf->entity.")"
"DELETE FROM ".MAIN_DB_PREFIX."document_model WHERE nom = '".$this->db->escape($this->const[0][2])."' AND type = 'invoice' AND entity = ".$conf->entity,
"INSERT INTO ".MAIN_DB_PREFIX."document_model (nom, type, entity) VALUES('".$this->db->escape($this->const[0][2])."','invoice',".$conf->entity.")"
);
return $this->_init($sql,$options);

4
htdocs/core/modules/modFicheinter.class.php
View File

@ -194,8 +194,8 @@ class modFicheinter extends DolibarrModules
$this->remove($options);
$sql = array(
"DELETE FROM ".MAIN_DB_PREFIX."document_model WHERE nom = '".$this->const[0][2]."' AND type = 'ficheinter' AND entity = ".$conf->entity,
"INSERT INTO ".MAIN_DB_PREFIX."document_model (nom, type, entity) VALUES('".$this->const[0][2]."','ficheinter',".$conf->entity.")",
"DELETE FROM ".MAIN_DB_PREFIX."document_model WHERE nom = '".$this->db->escape($this->const[0][2])."' AND type = 'ficheinter' AND entity = ".$conf->entity,
"INSERT INTO ".MAIN_DB_PREFIX."document_model (nom, type, entity) VALUES('".$this->db->escape($this->const[0][2])."','ficheinter',".$conf->entity.")",
);
return $this->_init($sql,$options);

4
htdocs/core/modules/modFournisseur.class.php
View File

@ -572,8 +572,8 @@ class modFournisseur extends DolibarrModules
$this->remove($options);
$sql = array(
"DELETE FROM ".MAIN_DB_PREFIX."document_model WHERE nom = '".$this->const[0][2]."' AND type = 'order_supplier' AND entity = ".$conf->entity,
"INSERT INTO ".MAIN_DB_PREFIX."document_model (nom, type, entity) VALUES('".$this->const[0][2]."','order_supplier',".$conf->entity.")",
"DELETE FROM ".MAIN_DB_PREFIX."document_model WHERE nom = '".$this->db->escape($this->const[0][2])."' AND type = 'order_supplier' AND entity = ".$conf->entity,
"INSERT INTO ".MAIN_DB_PREFIX."document_model (nom, type, entity) VALUES('".$this->db->escape($this->const[0][2])."','order_supplier',".$conf->entity.")",
);
return $this->_init($sql,$options);

4
htdocs/core/modules/modPrelevement.class.php
View File

@ -153,8 +153,8 @@ class modPrelevement extends DolibarrModules
$this->remove($options);
$sql = array(
"DELETE FROM ".MAIN_DB_PREFIX."document_model WHERE nom = '".$this->const[0][2]."' AND type = 'bankaccount' AND entity = ".$conf->entity,
"INSERT INTO ".MAIN_DB_PREFIX."document_model (nom, type, entity) VALUES('".$this->const[0][2]."','bankaccount',".$conf->entity.")",
"DELETE FROM ".MAIN_DB_PREFIX."document_model WHERE nom = '".$this->db->escape($this->const[0][2])."' AND type = 'bankaccount' AND entity = ".$conf->entity,
"INSERT INTO ".MAIN_DB_PREFIX."document_model (nom, type, entity) VALUES('".$this->db->escape($this->const[0][2])."','bankaccount',".$conf->entity.")",
);
return $this->_init($sql,$options);

8
htdocs/core/modules/modProjet.class.php
View File

@ -353,13 +353,13 @@ class modProjet extends DolibarrModules
}
$sql = array(
"DELETE FROM ".MAIN_DB_PREFIX."document_model WHERE nom = '".$this->const[0][2]."' AND type = 'project' AND entity = ".$conf->entity,
"INSERT INTO ".MAIN_DB_PREFIX."document_model (nom, type, entity) VALUES('".$this->const[0][2]."','project',".$conf->entity.")",
"DELETE FROM ".MAIN_DB_PREFIX."document_model WHERE nom = '".$this->db->escape($this->const[0][2])."' AND type = 'project' AND entity = ".$conf->entity,
"INSERT INTO ".MAIN_DB_PREFIX."document_model (nom, type, entity) VALUES('".$this->db->escape($this->const[0][2])."','project',".$conf->entity.")",
);
$sql = array(
"DELETE FROM ".MAIN_DB_PREFIX."document_model WHERE nom = '".$this->const[3][2]."' AND type = 'task' AND entity = ".$conf->entity,
"INSERT INTO ".MAIN_DB_PREFIX."document_model (nom, type, entity) VALUES('".$this->const[3][2]."','task',".$conf->entity.")"
"DELETE FROM ".MAIN_DB_PREFIX."document_model WHERE nom = '".$this->db->escape($this->const[3][2])."' AND type = 'task' AND entity = ".$conf->entity,
"INSERT INTO ".MAIN_DB_PREFIX."document_model (nom, type, entity) VALUES('".$this->db->escape($this->const[3][2])."','task',".$conf->entity.")"
);
return $this->_init($sql,$options);

4
htdocs/core/modules/modPropale.class.php
View File

@ -248,8 +248,8 @@ class modPropale extends DolibarrModules
}
$sql = array(
"DELETE FROM ".MAIN_DB_PREFIX."document_model WHERE nom = '".$this->const[0][2]."' AND type = 'propal' AND entity = ".$conf->entity,
"INSERT INTO ".MAIN_DB_PREFIX."document_model (nom, type, entity) VALUES('".$this->const[0][2]."','propal',".$conf->entity.")",
"DELETE FROM ".MAIN_DB_PREFIX."document_model WHERE nom = '".$this->db->escape($this->const[0][2])."' AND type = 'propal' AND entity = ".$conf->entity,
"INSERT INTO ".MAIN_DB_PREFIX."document_model (nom, type, entity) VALUES('".$this->db->escape($this->const[0][2])."','propal',".$conf->entity.")",
);
return $this->_init($sql,$options);

4
htdocs/core/modules/modSupplierProposal.class.php
View File

@ -227,8 +227,8 @@ class modSupplierProposal extends DolibarrModules
}
$sql = array(
"DELETE FROM ".MAIN_DB_PREFIX."document_model WHERE nom = '".$this->const[0][2]."' AND type = 'supplier_proposal' AND entity = ".$conf->entity,
"INSERT INTO ".MAIN_DB_PREFIX."document_model (nom, type, entity) VALUES('".$this->const[0][2]."','supplier_proposal',".$conf->entity.")",
"DELETE FROM ".MAIN_DB_PREFIX."document_model WHERE nom = '".$this->db->escape($this->const[0][2])."' AND type = 'supplier_proposal' AND entity = ".$conf->entity,
"INSERT INTO ".MAIN_DB_PREFIX."document_model (nom, type, entity) VALUES('".$this->db->escape($this->const[0][2])."','supplier_proposal',".$conf->entity.")",
);
return $this->_init($sql, $options);

8
htdocs/don/class/don.class.php
View File

@ -464,11 +464,11 @@ class Don extends CommonObject
$sql .= ",note_public=".(!empty($this->note_public)?("'".$this->db->escape($this->note_public)."'"):"NULL");
$sql .= ",datedon='".$this->db->idate($this->date)."'";
$sql .= ",date_valid=".($this->date_valid?"'".$this->db->idate($this->date)."'":"null");
$sql .= ",email='".$this->email."'";
$sql .= ",phone='".$this->phone."'";
$sql .= ",phone_mobile='".$this->phone_mobile."'";
$sql .= ",email='".$this->db->escape($this->email)."'";
$sql .= ",phone='".$this->db->escape($this->phone)."'";
$sql .= ",phone_mobile='".$this->db->escape($this->phone_mobile)."'";
$sql .= ",fk_statut=".$this->statut;
$sql .= " WHERE rowid = '".$this->id."'";
$sql .= " WHERE rowid = ".$this->id;
dol_syslog(get_class($this)."::Update", LOG_DEBUG);
$resql=$this->db->query($sql);

2
htdocs/ecm/class/ecmdirectory.class.php
View File

@ -202,7 +202,7 @@ class EcmDirectory // extends CommonObject
// Update request
$sql = "UPDATE ".MAIN_DB_PREFIX."ecm_directories SET";
$sql.= " label='".$this->db->escape($this->label)."',";
$sql.= " fk_parent='".$this->fk_parent."',";
$sql.= " fk_parent='".$this->db->escape($this->fk_parent)."',";
$sql.= " description='".$this->db->escape($this->description)."'";
$sql.= " WHERE rowid=".$this->id;

2
htdocs/ecm/class/ecmfiles.class.php
View File

@ -140,7 +140,7 @@ class EcmFiles //extends CommonObject
if (empty($this->position)) // Get max used
{
$sql = "SELECT MAX(position) as maxposition FROM " . MAIN_DB_PREFIX . $this->table_element;
$sql.= " WHERE filepath ='".$this->filepath."'";
$sql.= " WHERE filepath ='".$this->db->escape($this->filepath)."'";
$resql = $this->db->query($sql);
if ($resql)

10
htdocs/expedition/class/expedition.class.php
View File

@ -487,7 +487,7 @@ class Expedition extends CommonObject
$sql.= ', e.fk_incoterms, e.location_incoterms';
$sql.= ', i.libelle as libelle_incoterms';
$sql.= " FROM ".MAIN_DB_PREFIX."expedition as e";
$sql.= " LEFT JOIN ".MAIN_DB_PREFIX."element_element as el ON el.fk_target = e.rowid AND el.targettype = '".$this->element."'";
$sql.= " LEFT JOIN ".MAIN_DB_PREFIX."element_element as el ON el.fk_target = e.rowid AND el.targettype = '".$this->db->escape($this->element)."'";
$sql.= ' LEFT JOIN '.MAIN_DB_PREFIX.'c_incoterms as i ON e.fk_incoterms = i.rowid';
$sql.= " WHERE e.entity IN (".getEntity('expedition', 1).")";
if ($id) $sql.= " AND e.rowid=".$id;
@ -1753,10 +1753,10 @@ class Expedition extends CommonObject
else
{
$sql = "UPDATE ".MAIN_DB_PREFIX."c_shipment_mode SET";
$sql.= " code='".$this->update['code']."'";
$sql.= ",libelle='".$this->update['libelle']."'";
$sql.= ",description='".$this->update['description']."'";
$sql.= ",tracking='".$this->update['tracking']."'";
$sql.= " code='".$this->db->escape($this->update['code'])."'";
$sql.= ",libelle='".$this->db->escape($this->update['libelle'])."'";
$sql.= ",description='".$this->db->escape($this->update['description'])."'";
$sql.= ",tracking='".$this->db->escape($this->update['tracking'])."'";
$sql.= " WHERE rowid=".$id;
$resql = $this->db->query($sql);
}

16
htdocs/expensereport/class/expensereport.class.php
View File

@ -183,7 +183,7 @@ class ExpenseReport extends CommonObject
$this->id = $this->db->last_insert_id(MAIN_DB_PREFIX.$this->table_element);
$this->ref='(PROV'.$this->id.')';
$sql = 'UPDATE '.MAIN_DB_PREFIX.$this->table_element." SET ref='".$this->ref."' WHERE rowid=".$this->id;
$sql = 'UPDATE '.MAIN_DB_PREFIX.$this->table_element." SET ref='".$this->db->escape($this->ref)."' WHERE rowid=".$this->id;
$resql=$this->db->query($sql);
if (!$resql) $error++;
@ -1078,7 +1078,7 @@ class ExpenseReport extends CommonObject
$this->db->begin();
$sql = 'UPDATE '.MAIN_DB_PREFIX.$this->table_element;
$sql.= " SET ref = '".$this->ref."', fk_statut = 2, fk_user_valid = ".$fuser->id.", date_valid='".$this->db->idate($now)."'";
$sql.= " SET ref = '".$this->db->escape($this->ref)."', fk_statut = 2, fk_user_valid = ".$fuser->id.", date_valid='".$this->db->idate($now)."'";
if ($update_number_int) {
$sql.= ", ref_number_int = ".$ref_number_int;
}
@ -1189,8 +1189,8 @@ class ExpenseReport extends CommonObject
$this->db->begin();
$sql = 'UPDATE '.MAIN_DB_PREFIX.$this->table_element;
$sql.= " SET ref = '".$this->ref."', fk_statut = 5, fk_user_approve = ".$fuser->id.",";
$sql.= " date_approve='".$this->date_approve."'";
$sql.= " SET ref = '".$this->db->escape($this->ref)."', fk_statut = 5, fk_user_approve = ".$fuser->id.",";
$sql.= " date_approve='".$this->db->idate($this->date_approve)."'";
$sql.= ' WHERE rowid = '.$this->id;
if ($this->db->query($sql))
{
@ -1248,7 +1248,7 @@ class ExpenseReport extends CommonObject
if ($this->fk_statut != 99)
{
$sql = 'UPDATE '.MAIN_DB_PREFIX.$this->table_element;
$sql.= " SET ref = '".$this->ref."', fk_statut = 99, fk_user_refuse = ".$fuser->id.",";
$sql.= " SET ref = '".$this->db->escape($this->ref)."', fk_statut = 99, fk_user_refuse = ".$fuser->id.",";
$sql.= " date_refuse='".$this->db->idate($now)."',";
$sql.= " detail_refuse='".$this->db->escape($details)."',";
$sql.= " fk_user_approve = NULL";
@ -1373,7 +1373,7 @@ class ExpenseReport extends CommonObject
$sql = 'UPDATE '.MAIN_DB_PREFIX.$this->table_element;
$sql.= " SET fk_statut = 4, fk_user_cancel = ".$fuser->id;
$sql.= ", date_cancel='".$this->date_cancel."'";
$sql.= ", date_cancel='".$this->db->idate($this->date_cancel)."'";
$sql.= " ,detail_cancel='".$this->db->escape($detail)."'";
$sql.= ' WHERE rowid = '.$this->id;
@ -2154,8 +2154,8 @@ class ExpenseReportLine
// Mise a jour ligne en base
$sql = "UPDATE ".MAIN_DB_PREFIX."expensereport_det SET";
$sql.= " comments='".$this->db->escape($this->comments)."'";
$sql.= ",value_unit=".$this->value_unit."";
$sql.= ",qty=".$this->qty."";
$sql.= ",value_unit=".$this->value_unit;
$sql.= ",qty=".$this->qty;
$sql.= ",date='".$this->db->idate($this->date)."'";
$sql.= ",total_ht=".$this->total_ht."";
$sql.= ",total_tva=".$this->total_tva."";

4
htdocs/fichinter/class/fichinter.class.php
View File

@ -212,7 +212,7 @@ class Fichinter extends CommonObject
if ($this->id)
{
$this->ref='(PROV'.$this->id.')';
$sql = 'UPDATE '.MAIN_DB_PREFIX."fichinter SET ref='".$this->ref."' WHERE rowid=".$this->id;
$sql = 'UPDATE '.MAIN_DB_PREFIX."fichinter SET ref='".$this->db->escape($this->ref)."' WHERE rowid=".$this->id;
dol_syslog(get_class($this)."::create", LOG_DEBUG);
$resql=$this->db->query($sql);
@ -1375,7 +1375,7 @@ class FichinterLigne extends CommonObjectLine
$sql.= " description='".$this->db->escape($this->desc)."'";
$sql.= ",date='".$this->db->idate($this->datei)."'";
$sql.= ",duree=".$this->duration;
$sql.= ",rang='".$this->rang."'";
$sql.= ",rang='".$this->db->escape($this->rang)."'";
$sql.= " WHERE rowid = ".$this->rowid;
dol_syslog("FichinterLigne::update", LOG_DEBUG);

8
htdocs/fourn/class/fournisseur.commande.class.php
View File

@ -3213,12 +3213,12 @@ class CommandeFournisseurLigne extends CommonOrderLine
$sql.= ", tva_tx='".price2num($this->tva_tx)."'";
$sql.= ", localtax1_tx='".price2num($this->total_localtax1)."'";
$sql.= ", localtax2_tx='".price2num($this->total_localtax2)."'";
$sql.= ", localtax1_type='".$this->localtax1_type."'";
$sql.= ", localtax2_type='".$this->localtax2_type."'";
$sql.= ", localtax1_type='".$this->db->escape($this->localtax1_type)."'";
$sql.= ", localtax2_type='".$this->db->escape($this->localtax2_type)."'";
$sql.= ", qty='".price2num($this->qty)."'";
$sql.= ", date_start=".(! empty($this->date_start)?"'".$this->db->idate($this->date_start)."'":"null");
$sql.= ", date_end=".(! empty($this->date_end)?"'".$this->db->idate($this->date_end)."'":"null");
$sql.= ", info_bits='".$this->info_bits."'";
$sql.= ", info_bits='".$this->db->escape($this->info_bits)."'";
$sql.= ", total_ht='".price2num($this->total_ht)."'";
$sql.= ", total_tva='".price2num($this->total_tva)."'";
$sql.= ", total_localtax1='".price2num($this->total_localtax1)."'";
@ -3295,7 +3295,7 @@ class CommandeFournisseurLigne extends CommonOrderLine
$this->db->begin();
$sql = 'DELETE FROM '.MAIN_DB_PREFIX."commande_fournisseurdet WHERE rowid='".$this->rowid."';";
$sql = 'DELETE FROM '.MAIN_DB_PREFIX."commande_fournisseurdet WHERE rowid=".$this->rowid;
dol_syslog(__METHOD__, LOG_DEBUG);
$resql=$this->db->query($sql);

6
htdocs/fourn/class/fournisseur.facture.class.php
View File

@ -300,7 +300,7 @@ class FactureFournisseur extends CommonInvoice
// Update ref with new one
$this->ref='(PROV'.$this->id.')';
$sql = 'UPDATE '.MAIN_DB_PREFIX."facture_fourn SET ref='".$this->ref."' WHERE rowid=".$this->id;
$sql = 'UPDATE '.MAIN_DB_PREFIX."facture_fourn SET ref='".$this->db->escape($this->ref)."' WHERE rowid=".$this->id;
dol_syslog(get_class($this)."::create", LOG_DEBUG);
$resql=$this->db->query($sql);
@ -2559,8 +2559,8 @@ class SupplierInvoiceLine extends CommonObjectLine
$sql.= ", tva_tx = ".price2num($this->tva_tx);
$sql.= ", localtax1_tx = ".price2num($this->localtax1_tx);
$sql.= ", localtax2_tx = ".price2num($this->localtax2_tx);
$sql.= ", localtax1_type = '".$this->localtax1_type."'";
$sql.= ", localtax2_type = '".$this->localtax2_type."'";
$sql.= ", localtax1_type = '".$this->db->escape($this->localtax1_type)."'";
$sql.= ", localtax2_type = '".$this->db->escape($this->localtax2_type)."'";
$sql.= ", total_ht = ".price2num($this->total_ht);
$sql.= ", tva= ".price2num($this->total_tva);
$sql.= ", total_localtax1= ".price2num($this->total_localtax1);

12
htdocs/holiday/class/holiday.class.php
View File

@ -546,12 +546,12 @@ class Holiday extends CommonObject
}
$sql.= " halfday = ".$this->halfday.",";
if(!empty($this->statut) && is_numeric($this->statut)) {
$sql.= " statut = '".$this->statut."',";
$sql.= " statut = ".$this->statut.",";
} else {
$error++;
}
if(!empty($this->fk_validator)) {
$sql.= " fk_validator = '".$this->fk_validator."',";
$sql.= " fk_validator = '".$this->db->escape($this->fk_validator)."',";
} else {
$error++;
}
@ -561,7 +561,7 @@ class Holiday extends CommonObject
$sql.= " date_valid = NULL,";
}
if(!empty($this->fk_user_valid)) {
$sql.= " fk_user_valid = '".$this->fk_user_valid."',";
$sql.= " fk_user_valid = '".$this->db->escape($this->fk_user_valid)."',";
} else {
$sql.= " fk_user_valid = NULL,";
}
@ -571,7 +571,7 @@ class Holiday extends CommonObject
$sql.= " date_refuse = NULL,";
}
if(!empty($this->fk_user_refuse)) {
$sql.= " fk_user_refuse = '".$this->fk_user_refuse."',";
$sql.= " fk_user_refuse = '".$this->db->escape($this->fk_user_refuse)."',";
} else {
$sql.= " fk_user_refuse = NULL,";
}
@ -581,7 +581,7 @@ class Holiday extends CommonObject
$sql.= " date_cancel = NULL,";
}
if(!empty($this->fk_user_cancel)) {
$sql.= " fk_user_cancel = '".$this->fk_user_cancel."',";
$sql.= " fk_user_cancel = '".$this->db->escape($this->fk_user_cancel)."',";
} else {
$sql.= " fk_user_cancel = NULL,";
}
@ -591,7 +591,7 @@ class Holiday extends CommonObject
$sql.= " detail_refuse = NULL";
}
$sql.= " WHERE rowid= '".$this->id."'";
$sql.= " WHERE rowid= ".$this->id;
$this->db->begin();

10
htdocs/hrm/class/establishment.class.php
View File

@ -153,12 +153,12 @@ class Establishment extends CommonObject
$this->db->begin();
$sql = "UPDATE ".MAIN_DB_PREFIX."establishment";
$sql .= " SET name = '".$this->name."'";
$sql .= ", address = '".$this->address."'";
$sql .= ", zip = '".$this->zip."'";
$sql .= ", town = '".$this->town."'";
$sql .= " SET name = '".$this->db->escape($this->name)."'";
$sql .= ", address = '".$this->db->escape($this->address)."'";
$sql .= ", zip = '".$this->db->escape($this->zip)."'";
$sql .= ", town = '".$this->db->escape($this->town)."'";
$sql .= ", fk_country = ".($this->country_id > 0 ? $this->country_id : 'null');
$sql .= ", status = '".$this->status."'";
$sql .= ", status = '".$this->db->escape($this->status)."'";
$sql .= ", fk_user_mod = " . $user->id;
$sql .= " WHERE rowid = ".$this->id;

2
htdocs/livraison/class/livraison.class.php
View File

@ -263,7 +263,7 @@ class Livraison extends CommonObject
$sql.= ', l.fk_incoterms, l.location_incoterms';
$sql.= ", i.libelle as libelle_incoterms";
$sql.= " FROM ".MAIN_DB_PREFIX."livraison as l";
$sql.= " LEFT JOIN ".MAIN_DB_PREFIX."element_element as el ON el.fk_target = l.rowid AND el.targettype = '".$this->element."'";
$sql.= " LEFT JOIN ".MAIN_DB_PREFIX."element_element as el ON el.fk_target = l.rowid AND el.targettype = '".$this->db->escape($this->element)."'";
$sql.= ' LEFT JOIN '.MAIN_DB_PREFIX.'c_incoterms as i ON l.fk_incoterms = i.rowid';
$sql.= " WHERE l.rowid = ".$id;

4
htdocs/loan/class/loan.class.php
View File

@ -236,7 +236,7 @@ class Loan extends CommonObject
// Delete payments
if (! $error)
{
$sql = "DELETE FROM ".MAIN_DB_PREFIX."payment_loan where fk_loan='".$this->id."'";
$sql = "DELETE FROM ".MAIN_DB_PREFIX."payment_loan where fk_loan=".$this->id;
dol_syslog(get_class($this)."::delete", LOG_DEBUG);
$resql=$this->db->query($sql);
if (! $resql)
@ -248,7 +248,7 @@ class Loan extends CommonObject
if (! $error)
{
$sql = "DELETE FROM ".MAIN_DB_PREFIX."loan where rowid='".$this->id."'";
$sql = "DELETE FROM ".MAIN_DB_PREFIX."loan where rowid=".$this->id;
dol_syslog(get_class($this)."::delete", LOG_DEBUG);
$resql=$this->db->query($sql);
if (! $resql)

2
htdocs/product/canvas/product/actions_card_product.class.php
View File

@ -269,7 +269,7 @@ class ActionsCardProduct
$sql = "SELECT rowid, name, alias, title, align, sort, search, enabled, rang";
$sql.= " FROM ".MAIN_DB_PREFIX."c_field_list";
$sql.= " WHERE element = '".$this->fieldListName."'";
$sql.= " WHERE element = '".$this->db->escape($this->fieldListName)."'";
$sql.= " AND entity = ".$conf->entity;
$sql.= " ORDER BY rang ASC";

2
htdocs/product/canvas/service/actions_card_service.class.php
View File

@ -248,7 +248,7 @@ class ActionsCardService
$sql = "SELECT rowid, name, alias, title, align, sort, search, enabled, rang";
$sql.= " FROM ".MAIN_DB_PREFIX."c_field_list";
$sql.= " WHERE element = '".$this->fieldListName."'";
$sql.= " WHERE element = '".$this->db->escape($this->fieldListName)."'";
$sql.= " AND entity = ".$conf->entity;
$sql.= " ORDER BY rang ASC";

18
htdocs/product/class/product.class.php
View File

@ -494,7 +494,7 @@ class Product extends CommonObject
$sql = "SELECT count(*) as nb";
$sql.= " FROM ".MAIN_DB_PREFIX."product";
$sql.= " WHERE entity IN (".getEntity('product', 1).")";
$sql.= " AND ref = '" .$this->ref."'";
$sql.= " AND ref = '" .$this->db->escape($this->ref)."'";
$result = $this->db->query($sql);
if ($result)
@ -1212,14 +1212,14 @@ class Product extends CommonObject
$sql2.= " label='".$this->db->escape($this->label)."',";
$sql2.= " description='".$this->db->escape($this->description)."'";
if (! empty($conf->global->PRODUCT_USE_OTHER_FIELD_IN_TRANSLATION)) $sql2.= ", note='".$this->db->escape($this->note)."'";
$sql2.= " WHERE fk_product=".$this->id." AND lang='".$key."'";
$sql2.= " WHERE fk_product=".$this->id." AND lang='".$this->db->escape($key)."'";
}
else
{
$sql2 = "INSERT INTO ".MAIN_DB_PREFIX."product_lang (fk_product, lang, label, description";
if (! empty($conf->global->PRODUCT_USE_OTHER_FIELD_IN_TRANSLATION)) $sql2.=", note";
$sql2.= ")";
$sql2.= " VALUES(".$this->id.",'".$key."','". $this->db->escape($this->label)."',";
$sql2.= " VALUES(".$this->id.",'".$this->db->escape($key)."','". $this->db->escape($this->label)."',";
$sql2.= " '".$this->db->escape($this->description)."'";
if (! empty($conf->global->PRODUCT_USE_OTHER_FIELD_IN_TRANSLATION)) $sql2.= ", '".$this->db->escape($this->note)."'";
$sql2.= ")";
@ -1247,14 +1247,14 @@ class Product extends CommonObject
$sql2.= " label='".$this->db->escape($this->multilangs["$key"]["label"])."',";
$sql2.= " description='".$this->db->escape($this->multilangs["$key"]["description"])."'";
if (! empty($conf->global->PRODUCT_USE_OTHER_FIELD_IN_TRANSLATION)) $sql2.= ", note='".$this->db->escape($this->multilangs["$key"]["note"])."'";
$sql2.= " WHERE fk_product=".$this->id." AND lang='".$key."'";
$sql2.= " WHERE fk_product=".$this->id." AND lang='".$this->db->escape($key)."'";
}
else
{
$sql2 = "INSERT INTO ".MAIN_DB_PREFIX."product_lang (fk_product, lang, label, description";
if (! empty($conf->global->PRODUCT_USE_OTHER_FIELD_IN_TRANSLATION)) $sql2.=", note";
$sql2.= ")";
$sql2.= " VALUES(".$this->id.",'".$key."','". $this->db->escape($this->multilangs["$key"]["label"])."',";
$sql2.= " VALUES(".$this->id.",'".$this->db->escape($key)."','". $this->db->escape($this->multilangs["$key"]["label"])."',";
$sql2.= " '".$this->db->escape($this->multilangs["$key"]["description"])."'";
if (! empty($conf->global->PRODUCT_USE_OTHER_FIELD_IN_TRANSLATION)) $sql2.= ", '".$this->db->escape($this->note)."'";
$sql2.= ")";
@ -1944,7 +1944,7 @@ class Product extends CommonObject
$sql.= " FROM ".MAIN_DB_PREFIX."product_price";
$sql.= " WHERE entity IN (".getEntity('productprice', 1).")";
$sql.= " AND price_level=".$i;
$sql.= " AND fk_product = '".$this->id."'";
$sql.= " AND fk_product = ".$this->id;
$sql.= " ORDER BY date_price DESC, rowid DESC";
$sql.= " LIMIT 1";
$resql = $this->db->query($sql);
@ -1969,7 +1969,7 @@ class Product extends CommonObject
{
$sql = "SELECT rowid, price, unitprice, quantity, remise_percent, remise";
$sql.= " FROM ".MAIN_DB_PREFIX."product_price_by_qty";
$sql.= " WHERE fk_product_price = '".$this->prices_by_qty_id[$i]."'";
$sql.= " WHERE fk_product_price = ".$this->prices_by_qty_id[$i];
$sql.= " ORDER BY quantity ASC";
$resultat=array();
$resql = $this->db->query($sql);
@ -2006,7 +2006,7 @@ class Product extends CommonObject
$sql = "SELECT price, price_ttc, price_min, price_min_ttc,";
$sql.= " price_base_type, tva_tx, default_vat_code, tosell, price_by_qty, rowid";
$sql.= " FROM ".MAIN_DB_PREFIX."product_price";
$sql.= " WHERE fk_product = '".$this->id."'";
$sql.= " WHERE fk_product = ".$this->id;
$sql.= " ORDER BY date_price DESC, rowid DESC";
$sql.= " LIMIT 1";
$resql = $this->db->query($sql);
@ -2022,7 +2022,7 @@ class Product extends CommonObject
{
$sql = "SELECT rowid,price, unitprice, quantity, remise_percent, remise";
$sql.= " FROM ".MAIN_DB_PREFIX."product_price_by_qty";
$sql.= " WHERE fk_product_price = '".$this->prices_by_qty_id[0]."'";
$sql.= " WHERE fk_product_price = ".$this->prices_by_qty_id[0];
$sql.= " ORDER BY quantity ASC";
$resultat=array();
$resql = $this->db->query($sql);

2
htdocs/projet/class/project.class.php
View File

@ -1113,7 +1113,7 @@ class Project extends CommonObject
// Get id of types of contacts for projects (This list never contains a lot of elements)
$listofprojectcontacttype=array();
$sql2 = "SELECT ctc.rowid, ctc.code FROM ".MAIN_DB_PREFIX."c_type_contact as ctc";
$sql2.= " WHERE ctc.element = '" . $this->element . "'";
$sql2.= " WHERE ctc.element = '" . $this->db->escape($this->element) . "'";
$sql2.= " AND ctc.source = 'internal'";
$resql = $this->db->query($sql2);
if ($resql)

2
htdocs/projet/class/projectstats.class.php
View File

@ -143,7 +143,7 @@ class ProjectStats extends Stats
if (! empty($this->socid))
$sqlwhere[] = ' t.fk_soc=' . $this->socid;
if (! empty($this->year) && empty($this->yearmonth))
$sqlwhere[] = " date_format(t.datec,'%Y')='" . $this->year . "'";
$sqlwhere[] = " date_format(t.datec,'%Y')='" . $this->db->escape($this->year) . "'";
if (! empty($this->yearmonth))
$sqlwhere[] = " t.datec BETWEEN '" . $this->db->idate(dol_get_first_day($this->yearmonth)) . "' AND '" . $this->db->idate(dol_get_last_day($this->yearmonth)) . "'";

12
htdocs/societe/class/companybankaccount.class.php
View File

@ -144,12 +144,12 @@ class CompanyBankAccount extends Account
$sql = "UPDATE ".MAIN_DB_PREFIX."societe_rib SET";
$sql.= " bank = '" .$this->db->escape($this->bank)."'";
$sql.= ",code_banque='".$this->code_banque."'";
$sql.= ",code_guichet='".$this->code_guichet."'";
$sql.= ",number='".$this->number."'";
$sql.= ",cle_rib='".$this->cle_rib."'";
$sql.= ",bic='".$this->bic."'";
$sql.= ",iban_prefix = '".$this->iban."'";
$sql.= ",code_banque='".$this->db->escape($this->code_banque)."'";
$sql.= ",code_guichet='".$this->db->escape($this->code_guichet)."'";
$sql.= ",number='".$this->db->escape($this->number)."'";
$sql.= ",cle_rib='".$this->db->escape($this->cle_rib)."'";
$sql.= ",bic='".$this->db->escape($this->bic)."'";
$sql.= ",iban_prefix = '".$this->db->escape($this->iban)."'";
$sql.= ",domiciliation='".$this->db->escape($this->domiciliation)."'";
$sql.= ",proprio = '".$this->db->escape($this->proprio)."'";
$sql.= ",owner_address = '".$this->db->escape($this->owner_address)."'";

16
htdocs/societe/class/societe.class.php
View File

@ -841,7 +841,7 @@ class Societe extends CommonObject
$sql .= ",fk_effectif = ".(! empty($this->effectif_id)?"'".$this->db->escape($this->effectif_id)."'":"null");
if (isset($this->stcomm_id))
{
$sql .= ",fk_stcomm='".$this->stcomm_id."'";
$sql .= ",fk_stcomm=".($this->stcomm_id > 0 ? $this->stcomm_id : "null");
}
$sql .= ",fk_typent = ".(! empty($this->typent_id)?"'".$this->db->escape($this->typent_id)."'":"0");
@ -859,7 +859,7 @@ class Societe extends CommonObject
$sql .= ",default_lang = ".(! empty($this->default_lang)?"'".$this->db->escape($this->default_lang)."'":"null");
$sql .= ",logo = ".(! empty($this->logo)?"'".$this->db->escape($this->logo)."'":"null");
$sql .= ",outstanding_limit= ".($this->outstanding_limit!=''?$this->outstanding_limit:'null');
$sql .= ",fk_prospectlevel='".$this->fk_prospectlevel."'";
$sql .= ",fk_prospectlevel='".$this->db->escape($this->fk_prospectlevel)."'";
$sql .= ",webservices_url = ".(! empty($this->webservices_url)?"'".$this->db->escape($this->webservices_url)."'":"null");
$sql .= ",webservices_key = ".(! empty($this->webservices_key)?"'".$this->db->escape($this->webservices_key)."'":"null");
@ -2080,7 +2080,7 @@ class Societe extends CommonObject
$sql = "SELECT rowid, email, statut, phone_mobile, lastname, poste, firstname";
$sql.= " FROM ".MAIN_DB_PREFIX."socpeople";
$sql.= " WHERE fk_soc = '".$this->id."'";
$sql.= " WHERE fk_soc = ".$this->id;
$resql=$this->db->query($sql);
if ($resql)
@ -2140,7 +2140,7 @@ class Societe extends CommonObject
{
$contacts = array();
$sql = "SELECT rowid, lastname, firstname FROM ".MAIN_DB_PREFIX."socpeople WHERE fk_soc = '".$this->id."'";
$sql = "SELECT rowid, lastname, firstname FROM ".MAIN_DB_PREFIX."socpeople WHERE fk_soc = ".$this->id;
$resql=$this->db->query($sql);
if ($resql)
{
@ -2173,7 +2173,7 @@ class Societe extends CommonObject
require_once DOL_DOCUMENT_ROOT . '/contact/class/contact.class.php';
$contacts = array();
$sql = "SELECT rowid FROM ".MAIN_DB_PREFIX."socpeople WHERE fk_soc = '".$this->id."'";
$sql = "SELECT rowid FROM ".MAIN_DB_PREFIX."socpeople WHERE fk_soc = ".$this->id;
$resql=$this->db->query($sql);
if ($resql)
{
@ -3157,7 +3157,7 @@ class Societe extends CommonObject
{
$sql = "SELECT t.localtax1, t.localtax2";
$sql .= " FROM ".MAIN_DB_PREFIX."c_tva as t, ".MAIN_DB_PREFIX."c_country as c";
$sql .= " WHERE t.fk_pays = c.rowid AND c.code = '".$this->country_code."'";
$sql .= " WHERE t.fk_pays = c.rowid AND c.code = '".$this->db->escape($this->country_code)."'";
$sql .= " AND t.active = 1";
if (empty($localTaxNum)) $sql .= " AND (t.localtax1_type <> '0' OR t.localtax2_type <> '0')";
elseif ($localTaxNum == 1) $sql .= " AND t.localtax1_type <> '0'";
@ -3181,7 +3181,7 @@ class Societe extends CommonObject
{
$sql = "SELECT t.rowid";
$sql .= " FROM ".MAIN_DB_PREFIX."c_tva as t, ".MAIN_DB_PREFIX."c_country as c";
$sql .= " WHERE t.fk_pays = c.rowid AND c.code = '".$this->country_code."'";
$sql .= " WHERE t.fk_pays = c.rowid AND c.code = '".$this->db->escape($this->country_code)."'";
$sql .= " AND t.active = 1 AND t.recuperableonly = 1";
dol_syslog("useNPR", LOG_DEBUG);
@ -3202,7 +3202,7 @@ class Societe extends CommonObject
{
$sql = "SELECT COUNT(*) as nb";
$sql .= " FROM ".MAIN_DB_PREFIX."c_revenuestamp as r, ".MAIN_DB_PREFIX."c_country as c";
$sql .= " WHERE r.fk_pays = c.rowid AND c.code = '".$this->country_code."'";
$sql .= " WHERE r.fk_pays = c.rowid AND c.code = '".$this->db->escape($this->country_code)."'";
$sql .= " AND r.active = 1";
dol_syslog("useRevenueStamp", LOG_DEBUG);

8
htdocs/supplier_proposal/class/supplier_proposal.class.php
View File

@ -839,7 +839,7 @@ class SupplierProposal extends CommonObject
if ($this->id)
{
$this->ref='(PROV'.$this->id.')';
$sql = 'UPDATE '.MAIN_DB_PREFIX."supplier_proposal SET ref='".$this->ref."' WHERE rowid=".$this->id;
$sql = 'UPDATE '.MAIN_DB_PREFIX."supplier_proposal SET ref='".$this->db->escape($this->ref)."' WHERE rowid=".$this->id;
dol_syslog(get_class($this)."::create", LOG_DEBUG);
$resql=$this->db->query($sql);
@ -3002,14 +3002,14 @@ class SupplierProposalLine extends CommonObjectLine
$sql.= " , tva_tx='".price2num($this->tva_tx)."'";
$sql.= " , localtax1_tx=".price2num($this->localtax1_tx);
$sql.= " , localtax2_tx=".price2num($this->localtax2_tx);
$sql.= " , localtax1_type='".$this->localtax1_type."'";
$sql.= " , localtax2_type='".$this->localtax2_type."'";
$sql.= " , localtax1_type='".$this->db->escape($this->localtax1_type)."'";
$sql.= " , localtax2_type='".$this->db->escape($this->localtax2_type)."'";
$sql.= " , qty='".price2num($this->qty)."'";
$sql.= " , subprice=".price2num($this->subprice)."";
$sql.= " , remise_percent=".price2num($this->remise_percent)."";
$sql.= " , price=".price2num($this->price).""; // TODO A virer
$sql.= " , remise=".price2num($this->remise).""; // TODO A virer
$sql.= " , info_bits='".$this->info_bits."'";
$sql.= " , info_bits='".$this->db->escape($this->info_bits)."'";
if (empty($this->skip_update_total))
{
$sql.= " , total_ht=".price2num($this->total_ht)."";

12
htdocs/user/class/userbankaccount.class.php
View File

@ -100,12 +100,12 @@ class UserBankAccount extends Account
$sql = "UPDATE ".MAIN_DB_PREFIX."user_rib SET";
$sql.= " bank = '" .$this->db->escape($this->bank)."'";
$sql.= ",code_banque='".$this->code_banque."'";
$sql.= ",code_guichet='".$this->code_guichet."'";
$sql.= ",number='".$this->number."'";
$sql.= ",cle_rib='".$this->cle_rib."'";
$sql.= ",bic='".$this->bic."'";
$sql.= ",iban_prefix = '".$this->iban."'";
$sql.= ",code_banque='".$this->db->escape($this->code_banque)."'";
$sql.= ",code_guichet='".$this->db->escape($this->code_guichet)."'";
$sql.= ",number='".$this->db->escape($this->number)."'";
$sql.= ",cle_rib='".$this->db->escape($this->cle_rib)."'";
$sql.= ",bic='".$this->db->escape($this->bic)."'";
$sql.= ",iban_prefix = '".$this->db->escape($this->iban)."'";
$sql.= ",domiciliation='".$this->db->escape($this->domiciliation)."'";
$sql.= ",proprio = '".$this->db->escape($this->proprio)."'";
$sql.= ",owner_address = '".$this->db->escape($this->owner_address)."'";

9
test/phpunit/AllTests.php
View File

@ -100,11 +100,14 @@ class AllTests
require_once dirname(__FILE__).'/XCalLibTest.php';
$suite->addTestSuite('XCalLibTest');
// Rules into source files content
require_once dirname(__FILE__).'/LangTest.php';
$suite->addTestSuite('LangTest');
require_once dirname(__FILE__).'/SqlTest.php';
$suite->addTestSuite('SqlTest');
require_once dirname(__FILE__).'/CodingSqlTest.php';
$suite->addTestSuite('CodingSqlTest');
require_once dirname(__FILE__).'/CodingPhpTest.php';
$suite->addTestSuite('PhpTest');
require_once dirname(__FILE__).'/SecurityTest.php';
$suite->addTestSuite('SecurityTest');

9
test/phpunit/CodingPHPTest.php → test/phpunit/CodingPhpTest.php
View File

@ -148,18 +148,19 @@ class CodingPhpTest extends PHPUnit_Framework_TestCase
{
if (preg_match('/\/htdocs\/includes\//', $file['fullname'])) continue;
if (preg_match('/\/htdocs\/custom\//', $file['fullname'])) continue;
if (preg_match('/\/htdocs\/nltechno/', $file['fullname'])) continue;
if (preg_match('/\/htdocs\/dolimed/', $file['fullname'])) continue;
if (preg_match('/\/htdocs\/nltechno/', $file['fullname'])) continue;
if (preg_match('/\/htdocs\/teclib/', $file['fullname'])) continue;
print 'Check php file '.$file['fullname']."\n";
$filecontent=file_get_contents($file['fullname']);
$ok=true;
$matches=array();
preg_match_all('/=\'".\$this->(..)/', $filecontent, $matches, PREG_SET_ORDER);
preg_match_all('/=\s*\'"\s*\.\s*\$this->(....)/', $filecontent, $matches, PREG_SET_ORDER);
foreach($matches as $key => $val)
{
if ($val[1] != 'db')
if ($val[1] != 'db->' && $val[1] != 'esca')
{
$ok=false;
break;
@ -167,7 +168,7 @@ class CodingPhpTest extends PHPUnit_Framework_TestCase
//if ($reg[0] != 'db') $ok=false;
}
//print __METHOD__." Result for checking we don't have non escaped string in sql requests for file ".$file."\n";
$this->assertTrue($ok, 'Found non escaped string in building of a sql request '.$file['fullname'].'. Bad.');
$this->assertTrue($ok, 'Found non escaped string in building of a sql request '.$file['fullname'].' ('.$val[0].'). Bad.');
//exit;
}

0
test/phpunit/SqlTest.php → test/phpunit/CodingSqlTest.php
View File