Mirrors/dolibarr
1
0
Fork 0
mirror of https://github.com/Dolibarr/dolibarr.git synced 2025-02-20 13:46:52 +01:00
Code Issues Packages Projects Releases Wiki Activity

FIX #yogosha5749

Browse Source
This commit is contained in:
Laurent Destailleur 2021-03-29 15:32:09 +02:00
parent 78d7cfffa8
commit 3a4bb69c05
13 changed files with 19 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
htdocs/comm/propal/class/propal.class.php
View File

@ -3843,7 +3843,7 @@ class PropaleLigne extends CommonObjectLine
$sql .= ' pd.date_start, pd.date_end, pd.product_type';
$sql .= ' FROM '.MAIN_DB_PREFIX.'propaldet as pd';
$sql .= ' LEFT JOIN '.MAIN_DB_PREFIX.'product as p ON pd.fk_product = p.rowid';
$sql .= ' WHERE pd.rowid = '.$rowid;
$sql .= ' WHERE pd.rowid = '.((int) $rowid);
$result = $this->db->query($sql);
if ($result) {

2
htdocs/comm/prospect/recap-prospect.php
View File

@ -33,7 +33,7 @@ if (!empty($conf->facture->enabled)) {
}
// Security check
$socid = $_GET["socid"];
$socid = GETPOST("socid", 'int');
if ($user->socid > 0) {
$action = '';
$socid = $user->socid;

2
htdocs/commande/class/commande.class.php
View File

@ -4126,7 +4126,7 @@ class OrderLine extends CommonOrderLine
$sql .= ' cd.date_start, cd.date_end';
$sql .= ' FROM '.MAIN_DB_PREFIX.'commandedet as cd';
$sql .= ' LEFT JOIN '.MAIN_DB_PREFIX.'product as p ON cd.fk_product = p.rowid';
$sql .= ' WHERE cd.rowid = '.$rowid;
$sql .= ' WHERE cd.rowid = '.((int) $rowid);
$result = $this->db->query($sql);
if ($result) {
$objp = $this->db->fetch_object($result);

2
htdocs/compta/facture/class/facture-rec.class.php
View File

@ -2007,7 +2007,7 @@ class FactureLigneRec extends CommonInvoiceLine
$sql .= ' p.ref as product_ref, p.fk_product_type as fk_product_type, p.label as product_label, p.description as product_desc';
$sql .= ' FROM '.MAIN_DB_PREFIX.'facturedet_rec as l';
$sql .= ' LEFT JOIN '.MAIN_DB_PREFIX.'product as p ON l.fk_product = p.rowid';
$sql .= ' WHERE l.rowid = '.$rowid;
$sql .= ' WHERE l.rowid = '.((int) $rowid);
$sql .= ' ORDER BY l.rang';
dol_syslog('FactureRec::fetch', LOG_DEBUG);

4
htdocs/compta/facture/class/facture.class.php
View File

@ -2289,7 +2289,7 @@ class Facture extends CommonInvoice
dol_syslog(get_class($this)."::delete", LOG_DEBUG);
if ($this->db->query($sqlef) && $this->db->query($sql) && $this->delete_linked_contact()) {
$sql = 'DELETE FROM '.MAIN_DB_PREFIX.'facture WHERE rowid = '.$rowid;
$sql = 'DELETE FROM '.MAIN_DB_PREFIX.'facture WHERE rowid = '.((int) $rowid);
dol_syslog(get_class($this)."::delete", LOG_DEBUG);
@ -4982,7 +4982,7 @@ class FactureLigne extends CommonInvoiceLine
$sql .= ' p.ref as product_ref, p.label as product_label, p.description as product_desc';
$sql .= ' FROM '.MAIN_DB_PREFIX.'facturedet as fd';
$sql .= ' LEFT JOIN '.MAIN_DB_PREFIX.'product as p ON fd.fk_product = p.rowid';
$sql .= ' WHERE fd.rowid = '.$rowid;
$sql .= ' WHERE fd.rowid = '.((int) $rowid);
$result = $this->db->query($sql);
if ($result) {

4
htdocs/core/class/commonobject.class.php
View File

@ -3067,7 +3067,7 @@ abstract class CommonObject
$sql .= ' AND rang = '.($rang - 1);
if ($this->db->query($sql)) {
$sql = 'UPDATE '.MAIN_DB_PREFIX.$this->table_element_line.' SET '.$fieldposition.' = '.($rang - 1);
$sql .= ' WHERE rowid = '.$rowid;
$sql .= ' WHERE rowid = '.((int) $rowid);
if (!$this->db->query($sql)) {
dol_print_error($this->db);
}
@ -3098,7 +3098,7 @@ abstract class CommonObject
$sql .= ' AND rang = '.($rang + 1);
if ($this->db->query($sql)) {
$sql = 'UPDATE '.MAIN_DB_PREFIX.$this->table_element_line.' SET '.$fieldposition.' = '.($rang + 1);
$sql .= ' WHERE rowid = '.$rowid;
$sql .= ' WHERE rowid = '.((int) $rowid);
if (!$this->db->query($sql)) {
dol_print_error($this->db);
}

2
htdocs/expedition/class/expedition.class.php
View File

@ -2682,7 +2682,7 @@ class ExpeditionLigne extends CommonObjectLine
{
$sql = 'SELECT ed.rowid, ed.fk_expedition, ed.fk_entrepot, ed.fk_origin_line, ed.qty, ed.rang';
$sql .= ' FROM '.MAIN_DB_PREFIX.$this->table_element.' as ed';
$sql .= ' WHERE ed.rowid = '.$rowid;
$sql .= ' WHERE ed.rowid = '.((int) $rowid);
$result = $this->db->query($sql);
if ($result) {
$objp = $this->db->fetch_object($result);

4
htdocs/expensereport/class/expensereport.class.php
View File

@ -2173,7 +2173,7 @@ class ExpenseReport extends CommonObject
$this->db->begin();
$sql = 'DELETE FROM '.MAIN_DB_PREFIX.$this->table_element_line;
$sql .= ' WHERE rowid = '.$rowid;
$sql .= ' WHERE rowid = '.((int) $rowid);
dol_syslog(get_class($this)."::deleteline sql=".$sql);
$result = $this->db->query($sql);
@ -2628,7 +2628,7 @@ class ExpenseReportLine
$sql .= ' FROM '.MAIN_DB_PREFIX.'expensereport_det as fde';
$sql .= ' LEFT JOIN '.MAIN_DB_PREFIX.'c_type_fees as ctf ON fde.fk_c_type_fees=ctf.id'; // Sometimes type of expense report has been removed, so we use a left join here.
$sql .= ' LEFT JOIN '.MAIN_DB_PREFIX.'projet as pjt ON fde.fk_projet=pjt.rowid';
$sql .= ' WHERE fde.rowid = '.$rowid;
$sql .= ' WHERE fde.rowid = '.((int) $rowid);
$result = $this->db->query($sql);

2
htdocs/fichinter/class/fichinter.class.php
View File

@ -1438,7 +1438,7 @@ class FichinterLigne extends CommonObjectLine
$sql = 'SELECT ft.rowid, ft.fk_fichinter, ft.description, ft.duree, ft.rang,';
$sql .= ' ft.date as datei';
$sql .= ' FROM '.MAIN_DB_PREFIX.'fichinterdet as ft';
$sql .= ' WHERE ft.rowid = '.$rowid;
$sql .= ' WHERE ft.rowid = '.((int) $rowid);
dol_syslog("FichinterLigne::fetch", LOG_DEBUG);
$result = $this->db->query($sql);

2
htdocs/fourn/class/fournisseur.commande.class.php
View File

@ -3495,7 +3495,7 @@ class CommandeFournisseurLigne extends CommonOrderLine
if (!empty($conf->global->PRODUCT_USE_SUPPLIER_PACKAGING)) {
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."product_fournisseur_price as pfp ON cd.fk_product = pfp.fk_product and cd.ref = pfp.ref_fourn";
}
$sql .= ' WHERE cd.rowid = '.$rowid;
$sql .= ' WHERE cd.rowid = '.((int) $rowid);
$result = $this->db->query($sql);
if ($result) {
$objp = $this->db->fetch_object($result);

8
htdocs/fourn/class/fournisseur.facture.class.php
View File

@ -1208,13 +1208,13 @@ class FactureFournisseur extends CommonInvoice
if (!$error) {
$main = MAIN_DB_PREFIX.'facture_fourn_det';
$ef = $main."_extrafields";
$sqlef = "DELETE FROM $ef WHERE fk_object IN (SELECT rowid FROM $main WHERE fk_facture_fourn = $rowid)";
$sqlef = "DELETE FROM $ef WHERE fk_object IN (SELECT rowid FROM ".$main." WHERE fk_facture_fourn = ".((int) $rowid).")";
$resqlef = $this->db->query($sqlef);
$sql = 'DELETE FROM '.MAIN_DB_PREFIX.'facture_fourn_det WHERE fk_facture_fourn = '.$rowid.';';
$sql = 'DELETE FROM '.MAIN_DB_PREFIX.'facture_fourn_det WHERE fk_facture_fourn = '.((int) $rowid);
dol_syslog(get_class($this)."::delete", LOG_DEBUG);
$resql = $this->db->query($sql);
if ($resqlef && $resql) {
$sql = 'DELETE FROM '.MAIN_DB_PREFIX.'facture_fourn WHERE rowid = '.$rowid;
$sql = 'DELETE FROM '.MAIN_DB_PREFIX.'facture_fourn WHERE rowid = '.((int) $rowid);
dol_syslog(get_class($this)."::delete", LOG_DEBUG);
$resql2 = $this->db->query($sql);
if (!$resql2) {
@ -3093,7 +3093,7 @@ class SupplierInvoiceLine extends CommonObjectLine
$sql .= ', f.multicurrency_subprice, f.multicurrency_total_ht, f.multicurrency_total_tva, multicurrency_total_ttc';
$sql .= ' FROM '.MAIN_DB_PREFIX.'facture_fourn_det as f';
$sql .= ' LEFT JOIN '.MAIN_DB_PREFIX.'product as p ON f.fk_product = p.rowid';
$sql .= ' WHERE f.rowid = '.$rowid;
$sql .= ' WHERE f.rowid = '.((int) $rowid);
$sql .= ' ORDER BY f.rang, f.rowid';
$query = $this->db->query($sql);

2
htdocs/societe/class/societe.class.php
View File

@ -1619,7 +1619,7 @@ class Societe extends CommonObject
$sql .= ' WHERE s.entity IN ('.getEntity($this->element).')';
if ($rowid) {
$sql .= ' AND s.rowid = '.$rowid;
$sql .= ' AND s.rowid = '.((int) $rowid);
}
if ($ref) {
$sql .= " AND s.nom = '".$this->db->escape($ref)."'";

2
htdocs/supplier_proposal/class/supplier_proposal.class.php
View File

@ -2852,7 +2852,7 @@ class SupplierProposalLine extends CommonObjectLine
$sql .= ' pd.fk_multicurrency, pd.multicurrency_code, pd.multicurrency_subprice, pd.multicurrency_total_ht, pd.multicurrency_total_tva, pd.multicurrency_total_ttc, pd.fk_unit';
$sql .= ' FROM '.MAIN_DB_PREFIX.'supplier_proposaldet as pd';
$sql .= ' LEFT JOIN '.MAIN_DB_PREFIX.'product as p ON pd.fk_product = p.rowid';
$sql .= ' WHERE pd.rowid = '.$rowid;
$sql .= ' WHERE pd.rowid = '.((int) $rowid);
$result = $this->db->query($sql);
if ($result) {