From ee066ad725f1958960aa5db7a0723972c9185f6e Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Fri, 3 Sep 2021 21:25:17 +0200 Subject: [PATCH] Cast sql var --- .../class/accountancycategory.class.php | 2 +- .../class/accountingaccount.class.php | 4 +- .../accountancy/class/bookkeeping.class.php | 10 ++-- htdocs/adherents/class/adherent.class.php | 2 +- htdocs/asset/class/asset_type.class.php | 2 +- htdocs/comm/propal/class/propal.class.php | 40 +++++++------- htdocs/commande/class/commande.class.php | 24 ++++----- htdocs/compta/bank/class/account.class.php | 8 +-- htdocs/compta/bank/class/bankcateg.class.php | 2 +- .../bank/class/paymentvarious.class.php | 6 +-- .../cashcontrol/class/cashcontrol.class.php | 12 ++--- .../deplacement/class/deplacement.class.php | 10 ++-- .../facture/class/facture-rec.class.php | 54 +++++++++---------- .../cheque/class/remisecheque.class.php | 4 +- .../class/bonprelevement.class.php | 4 +- .../class/rejetprelevement.class.php | 8 +-- .../sociales/class/chargesociales.class.php | 14 ++--- htdocs/compta/tva/class/tva.class.php | 2 +- htdocs/core/class/comment.class.php | 2 +- htdocs/core/class/commonobject.class.php | 4 +- htdocs/core/class/fiscalyear.class.php | 4 +- htdocs/core/class/link.class.php | 2 +- htdocs/core/modules/DolibarrModules.class.php | 2 +- htdocs/delivery/class/delivery.class.php | 6 +-- htdocs/don/class/don.class.php | 4 +- htdocs/expedition/class/expedition.class.php | 17 +++--- .../class/expensereport.class.php | 22 ++++---- htdocs/fichinter/class/fichinter.class.php | 12 ++--- htdocs/fichinter/class/fichinterrec.class.php | 16 +++--- .../class/fournisseur.commande.class.php | 10 ++-- htdocs/fourn/commande/list.php | 2 +- htdocs/hrm/class/establishment.class.php | 10 ++-- htdocs/product/class/product.class.php | 20 +++---- htdocs/projet/class/project.class.php | 10 ++-- htdocs/projet/class/task.class.php | 18 +++---- htdocs/reception/class/reception.class.php | 22 ++++---- htdocs/salaries/class/salary.class.php | 12 ++--- .../class/supplier_proposal.class.php | 50 ++++++++--------- htdocs/ticket/class/ticket.class.php | 2 +- 39 files changed, 226 insertions(+), 229 deletions(-) diff --git a/htdocs/accountancy/class/accountancycategory.class.php b/htdocs/accountancy/class/accountancycategory.class.php index bc7226edb22..7657e997ff6 100644 --- a/htdocs/accountancy/class/accountancycategory.class.php +++ b/htdocs/accountancy/class/accountancycategory.class.php @@ -212,7 +212,7 @@ class AccountancyCategory // extends CommonObject $sql .= " ".(!isset($this->position) ? 'NULL' : ((int) $this->position)).","; $sql .= " ".(!isset($this->fk_country) ? 'NULL' : ((int) $this->fk_country)).","; $sql .= " ".(!isset($this->active) ? 'NULL' : ((int) $this->active)); - $sql .= ", ".$conf->entity; + $sql .= ", ".((int) $conf->entity); $sql .= ")"; $this->db->begin(); diff --git a/htdocs/accountancy/class/accountingaccount.class.php b/htdocs/accountancy/class/accountingaccount.class.php index 35178e43947..fc6acffb46f 100644 --- a/htdocs/accountancy/class/accountingaccount.class.php +++ b/htdocs/accountancy/class/accountingaccount.class.php @@ -274,7 +274,7 @@ class AccountingAccount extends CommonObject $sql .= ", reconcilable"; $sql .= ") VALUES ("; $sql .= " '".$this->db->idate($now)."'"; - $sql .= ", ".$conf->entity; + $sql .= ", ".((int) $conf->entity); $sql .= ", ".(empty($this->fk_pcg_version) ? 'NULL' : "'".$this->db->escape($this->fk_pcg_version)."'"); $sql .= ", ".(empty($this->pcg_type) ? 'NULL' : "'".$this->db->escape($this->pcg_type)."'"); $sql .= ", ".(empty($this->account_number) ? 'NULL' : "'".$this->db->escape($this->account_number)."'"); @@ -282,7 +282,7 @@ class AccountingAccount extends CommonObject $sql .= ", ".(empty($this->label) ? "''" : "'".$this->db->escape($this->label)."'"); $sql .= ", ".(empty($this->labelshort) ? "''" : "'".$this->db->escape($this->labelshort)."'"); $sql .= ", ".(empty($this->account_category) ? 0 : (int) $this->account_category); - $sql .= ", ".$user->id; + $sql .= ", ".((int) $user->id); $sql .= ", ".(int) $this->active; $sql .= ", ".(int) $this->reconcilable; $sql .= ")"; diff --git a/htdocs/accountancy/class/bookkeeping.class.php b/htdocs/accountancy/class/bookkeeping.class.php index e1a54edf3cd..d47078af06c 100644 --- a/htdocs/accountancy/class/bookkeeping.class.php +++ b/htdocs/accountancy/class/bookkeeping.class.php @@ -382,9 +382,9 @@ class BookKeeping extends CommonObject $sql .= ", '".$this->db->escape($this->numero_compte)."'"; $sql .= ", ".(!empty($this->label_compte) ? ("'".$this->db->escape($this->label_compte)."'") : "NULL"); $sql .= ", '".$this->db->escape($this->label_operation)."'"; - $sql .= ", ".$this->debit; - $sql .= ", ".$this->credit; - $sql .= ", ".$this->montant; + $sql .= ", ".((float) $this->debit); + $sql .= ", ".((float) $this->credit); + $sql .= ", ".((float) $this->montant); $sql .= ", ".(!empty($this->sens) ? ("'".$this->db->escape($this->sens)."'") : "NULL"); $sql .= ", '".$this->db->escape($this->fk_user_author)."'"; $sql .= ", '".$this->db->idate($now)."'"; @@ -893,9 +893,7 @@ class BookKeeping extends CommonObject $sql .= ' ORDER BY t.numero_compte ASC'; } - if (!empty($sortfield)) { - $sql .= ", ".$sortfield." ".$sortorder; - } + $sql .= $this->db->order($sortfield, $sortorder); if (!empty($limit)) { $sql .= $this->db->plimit($limit + 1, $offset); } diff --git a/htdocs/adherents/class/adherent.class.php b/htdocs/adherents/class/adherent.class.php index bdb77982733..0d1d1bae48b 100644 --- a/htdocs/adherents/class/adherent.class.php +++ b/htdocs/adherents/class/adherent.class.php @@ -574,7 +574,7 @@ class Adherent extends CommonObject $sql .= ", ".($this->login ? "'".$this->db->escape($this->login)."'" : "null"); $sql .= ", ".($user->id > 0 ? $user->id : "null"); // Can be null because member can be created by a guest or a script $sql .= ", null, null, '".$this->db->escape($this->morphy)."'"; - $sql .= ", ".$this->typeid; + $sql .= ", ".((int) $this->typeid); $sql .= ", ".$conf->entity; $sql .= ", ".(!empty($this->import_key) ? "'".$this->db->escape($this->import_key)."'" : "null"); $sql .= ")"; diff --git a/htdocs/asset/class/asset_type.class.php b/htdocs/asset/class/asset_type.class.php index 335cd63115a..75b3030eac9 100644 --- a/htdocs/asset/class/asset_type.class.php +++ b/htdocs/asset/class/asset_type.class.php @@ -126,7 +126,7 @@ class AssetType extends CommonObject $sql .= ", '".$this->db->escape($this->accountancy_code_depreciation_asset)."'"; $sql .= ", '".$this->db->escape($this->accountancy_code_depreciation_expense)."'"; $sql .= ", '".$this->db->escape($this->note)."'"; - $sql .= ", ".$conf->entity; + $sql .= ", ".((int) $conf->entity); $sql .= ")"; dol_syslog("Asset_type::create", LOG_DEBUG); diff --git a/htdocs/comm/propal/class/propal.class.php b/htdocs/comm/propal/class/propal.class.php index d92638d7347..a7b5c465226 100644 --- a/htdocs/comm/propal/class/propal.class.php +++ b/htdocs/comm/propal/class/propal.class.php @@ -1099,22 +1099,22 @@ class Propal extends CommonObject $sql .= " VALUES ("; $sql .= $this->socid; $sql .= ", 0"; - $sql .= ", ".$this->remise; - $sql .= ", ".($this->remise_percent ? $this->db->escape($this->remise_percent) : 'NULL'); - $sql .= ", ".($this->remise_absolue ? $this->db->escape($this->remise_absolue) : 'NULL'); + $sql .= ", ".((float) $this->remise); + $sql .= ", ".($this->remise_percent ? ((float) $this->remise_percent) : 'NULL'); + $sql .= ", ".($this->remise_absolue ? ((float) $this->remise_absolue) : 'NULL'); $sql .= ", 0"; $sql .= ", 0"; $sql .= ", '".$this->db->idate($this->date)."'"; $sql .= ", '".$this->db->idate($now)."'"; $sql .= ", '(PROV)'"; - $sql .= ", ".($user->id > 0 ? "'".$this->db->escape($user->id)."'" : "NULL"); + $sql .= ", ".($user->id > 0 ? ((int) $user->id) : "NULL"); $sql .= ", '".$this->db->escape($this->note_private)."'"; $sql .= ", '".$this->db->escape($this->note_public)."'"; $sql .= ", '".$this->db->escape($this->model_pdf)."'"; $sql .= ", ".($this->fin_validite != '' ? "'".$this->db->idate($this->fin_validite)."'" : "NULL"); - $sql .= ", ".($this->cond_reglement_id > 0 ? $this->cond_reglement_id : 'NULL'); - $sql .= ", ".($this->mode_reglement_id > 0 ? $this->mode_reglement_id : 'NULL'); - $sql .= ", ".($this->fk_account > 0 ? $this->fk_account : 'NULL'); + $sql .= ", ".($this->cond_reglement_id > 0 ? ((int) $this->cond_reglement_id) : 'NULL'); + $sql .= ", ".($this->mode_reglement_id > 0 ? ((int) $this->mode_reglement_id) : 'NULL'); + $sql .= ", ".($this->fk_account > 0 ? ((int) $this->fk_account) : 'NULL'); $sql .= ", '".$this->db->escape($this->ref_client)."'"; $sql .= ", ".(empty($delivery_date) ? "NULL" : "'".$this->db->idate($delivery_date)."'"); $sql .= ", ".($this->shipping_method_id > 0 ? $this->shipping_method_id : 'NULL'); @@ -4080,21 +4080,21 @@ class PropaleLigne extends CommonObjectLine $sql .= " ".($this->fk_product ? "'".$this->db->escape($this->fk_product)."'" : "null").","; $sql .= " '".$this->db->escape($this->product_type)."',"; $sql .= " ".($this->fk_remise_except ? "'".$this->db->escape($this->fk_remise_except)."'" : "null").","; - $sql .= " ".price2num($this->qty).","; + $sql .= " ".price2num($this->qty, 'MS').","; $sql .= " ".(empty($this->vat_src_code) ? "''" : "'".$this->db->escape($this->vat_src_code)."'").","; $sql .= " ".price2num($this->tva_tx).","; $sql .= " ".price2num($this->localtax1_tx).","; $sql .= " ".price2num($this->localtax2_tx).","; $sql .= " '".$this->db->escape($this->localtax1_type)."',"; $sql .= " '".$this->db->escape($this->localtax2_type)."',"; - $sql .= " ".(price2num($this->subprice) !== '' ? price2num($this->subprice) : "null").","; - $sql .= " ".price2num($this->remise_percent).","; - $sql .= " ".(isset($this->info_bits) ? "'".$this->db->escape($this->info_bits)."'" : "null").","; - $sql .= " ".price2num($this->total_ht).","; - $sql .= " ".price2num($this->total_tva).","; - $sql .= " ".price2num($this->total_localtax1).","; - $sql .= " ".price2num($this->total_localtax2).","; - $sql .= " ".price2num($this->total_ttc).","; + $sql .= " ".(price2num($this->subprice) !== '' ? price2num($this->subprice, 'MU') : "null").","; + $sql .= " ".price2num($this->remise_percent, 3).","; + $sql .= " ".(isset($this->info_bits) ? ((int) $this->info_bits) : "null").","; + $sql .= " ".price2num($this->total_ht, 'MT').","; + $sql .= " ".price2num($this->total_tva, 'MT').","; + $sql .= " ".price2num($this->total_localtax1, 'MT').","; + $sql .= " ".price2num($this->total_localtax2, 'MT').","; + $sql .= " ".price2num($this->total_ttc, 'MT').","; $sql .= " ".(!empty($this->fk_fournprice) ? "'".$this->db->escape($this->fk_fournprice)."'" : "null").","; $sql .= " ".(isset($this->pa_ht) ? "'".price2num($this->pa_ht)."'" : "null").","; $sql .= ' '.((int) $this->special_code).','; @@ -4104,10 +4104,10 @@ class PropaleLigne extends CommonObjectLine $sql .= " ".(!empty($this->date_end) ? "'".$this->db->idate($this->date_end)."'" : "null"); $sql .= ", ".($this->fk_multicurrency > 0 ? ((int) $this->fk_multicurrency) : 'null'); $sql .= ", '".$this->db->escape($this->multicurrency_code)."'"; - $sql .= ", ".$this->multicurrency_subprice; - $sql .= ", ".$this->multicurrency_total_ht; - $sql .= ", ".$this->multicurrency_total_tva; - $sql .= ", ".$this->multicurrency_total_ttc; + $sql .= ", ".price2num($this->multicurrency_subprice, 'CU'); + $sql .= ", ".price2num($this->multicurrency_total_ht, 'CT'); + $sql .= ", ".price2num($this->multicurrency_total_tva, 'CT'); + $sql .= ", ".price2num($this->multicurrency_total_ttc, 'CT'); $sql .= ')'; dol_syslog(get_class($this).'::insert', LOG_DEBUG); diff --git a/htdocs/commande/class/commande.class.php b/htdocs/commande/class/commande.class.php index daf55e81605..5fce8a81a30 100644 --- a/htdocs/commande/class/commande.class.php +++ b/htdocs/commande/class/commande.class.php @@ -4400,21 +4400,21 @@ class OrderLine extends CommonOrderLine $sql .= ' '.((int) $this->rang).','; $sql .= ' '.(!empty($this->fk_fournprice) ? $this->fk_fournprice : "null").','; $sql .= ' '.price2num($this->pa_ht).','; - $sql .= " '".$this->db->escape($this->info_bits)."',"; - $sql .= " ".price2num($this->total_ht).","; - $sql .= " ".price2num($this->total_tva).","; - $sql .= " ".price2num($this->total_localtax1).","; - $sql .= " ".price2num($this->total_localtax2).","; - $sql .= " ".price2num($this->total_ttc).","; + $sql .= " ".((int) $this->info_bits).","; + $sql .= " ".price2num($this->total_ht, 'MT').","; + $sql .= " ".price2num($this->total_tva, 'MT').","; + $sql .= " ".price2num($this->total_localtax1, 'MT').","; + $sql .= " ".price2num($this->total_localtax2, 'MT').","; + $sql .= " ".price2num($this->total_ttc, 'MT').","; $sql .= " ".(!empty($this->date_start) ? "'".$this->db->idate($this->date_start)."'" : "null").','; $sql .= " ".(!empty($this->date_end) ? "'".$this->db->idate($this->date_end)."'" : "null").','; - $sql .= ' '.(!$this->fk_unit ? 'NULL' : $this->fk_unit); - $sql .= ", ".(!empty($this->fk_multicurrency) ? $this->fk_multicurrency : 'NULL'); + $sql .= ' '.(!$this->fk_unit ? 'NULL' : ((int) $this->fk_unit)); + $sql .= ", ".(!empty($this->fk_multicurrency) ? ((int) $this->fk_multicurrency) : 'NULL'); $sql .= ", '".$this->db->escape($this->multicurrency_code)."'"; - $sql .= ", ".$this->multicurrency_subprice; - $sql .= ", ".$this->multicurrency_total_ht; - $sql .= ", ".$this->multicurrency_total_tva; - $sql .= ", ".$this->multicurrency_total_ttc; + $sql .= ", ".price2num($this->multicurrency_subprice, 'CU'); + $sql .= ", ".price2num($this->multicurrency_total_ht, 'CT'); + $sql .= ", ".price2num($this->multicurrency_total_tva, 'CT'); + $sql .= ", ".price2num($this->multicurrency_total_ttc, 'CT'); $sql .= ')'; dol_syslog(get_class($this)."::insert", LOG_DEBUG); diff --git a/htdocs/compta/bank/class/account.class.php b/htdocs/compta/bank/class/account.class.php index 804cfa09281..9fd88f44d4f 100644 --- a/htdocs/compta/bank/class/account.class.php +++ b/htdocs/compta/bank/class/account.class.php @@ -687,7 +687,7 @@ class Account extends CommonObject $sql .= "'".$this->db->idate($now)."'"; $sql .= ", '".$this->db->escape($this->ref)."'"; $sql .= ", '".$this->db->escape($this->label)."'"; - $sql .= ", ".$conf->entity; + $sql .= ", ".((int) $conf->entity); $sql .= ", '".$this->db->escape($this->account_number)."'"; $sql .= ", ".($this->fk_accountancy_journal > 0 ? $this->db->escape($this->fk_accountancy_journal) : "null"); $sql .= ", '".$this->db->escape($this->bank)."'"; @@ -702,8 +702,8 @@ class Account extends CommonObject $sql .= ", '".$this->db->escape($this->owner_address)."'"; $sql .= ", '".$this->db->escape($this->currency_code)."'"; $sql .= ", ".((int) $this->rappro); - $sql .= ", ".price2num($this->min_allowed); - $sql .= ", ".price2num($this->min_desired); + $sql .= ", ".price2num($this->min_allowed, 'MT'); + $sql .= ", ".price2num($this->min_desired, 'MT'); $sql .= ", '".$this->db->escape($this->comment)."'"; $sql .= ", ".($this->state_id > 0 ? ((int) $this->state_id) : "null"); $sql .= ", ".($this->country_id > 0 ? ((int) $this->country_id) : "null"); @@ -2152,7 +2152,7 @@ class AccountLine extends CommonObject $sql .= ", fk_categ"; $sql .= ") VALUES ("; $sql .= $this->id; - $sql .= ", ".$cat; + $sql .= ", ".((int) $cat); $sql .= ")"; dol_syslog(get_class($this)."::update_conciliation", LOG_DEBUG); diff --git a/htdocs/compta/bank/class/bankcateg.class.php b/htdocs/compta/bank/class/bankcateg.class.php index ab58cb8287c..1795704d4ff 100644 --- a/htdocs/compta/bank/class/bankcateg.class.php +++ b/htdocs/compta/bank/class/bankcateg.class.php @@ -81,7 +81,7 @@ class BankCateg // extends CommonObject $sql .= ", entity"; $sql .= ") VALUES ("; $sql .= " ".(!isset($this->label) ? 'NULL' : "'".$this->db->escape($this->label)."'").""; - $sql .= ", ".$conf->entity; + $sql .= ", ".((int) $conf->entity); $sql .= ")"; $this->db->begin(); diff --git a/htdocs/compta/bank/class/paymentvarious.class.php b/htdocs/compta/bank/class/paymentvarious.class.php index 5a6aa81d663..d88676563d6 100644 --- a/htdocs/compta/bank/class/paymentvarious.class.php +++ b/htdocs/compta/bank/class/paymentvarious.class.php @@ -467,11 +467,11 @@ class PaymentVarious extends CommonObject $sql .= ", '".$this->db->escape($this->label)."'"; $sql .= ", '".$this->db->escape($this->accountancy_code)."'"; $sql .= ", '".$this->db->escape($this->subledger_account)."'"; - $sql .= ", ".($this->fk_project > 0 ? $this->fk_project : 0); - $sql .= ", ".$user->id; + $sql .= ", ".($this->fk_project > 0 ? ((int) $this->fk_project) : 0); + $sql .= ", ".((int) $user->id); $sql .= ", '".$this->db->idate($now)."'"; $sql .= ", NULL"; // Filled later - $sql .= ", ".$conf->entity; + $sql .= ", ".((int) $conf->entity); $sql .= ")"; dol_syslog(get_class($this)."::create", LOG_DEBUG); diff --git a/htdocs/compta/cashcontrol/class/cashcontrol.class.php b/htdocs/compta/cashcontrol/class/cashcontrol.class.php index 1cf964815d5..27f3b974a79 100644 --- a/htdocs/compta/cashcontrol/class/cashcontrol.class.php +++ b/htdocs/compta/cashcontrol/class/cashcontrol.class.php @@ -192,18 +192,18 @@ class CashControl extends CommonObject $sql .= ", card"; $sql .= ") VALUES ("; //$sql .= "'(PROV)', "; - $sql .= $conf->entity; - $sql .= ", ".(is_numeric($this->opening) ? $this->opening : 0); + $sql .= ((int) $conf->entity); + $sql .= ", ".(is_numeric($this->opening) ? price2num($this->opening, 'MT') : 0); $sql .= ", 0"; // Draft by default $sql .= ", '".$this->db->idate(dol_now())."'"; $sql .= ", '".$this->db->escape($this->posmodule)."'"; $sql .= ", '".$this->db->escape($this->posnumber)."'"; $sql .= ", ".($this->day_close > 0 ? $this->day_close : "null"); $sql .= ", ".($this->month_close > 0 ? $this->month_close : "null"); - $sql .= ", ".$this->year_close; - $sql .= ", ".$this->cash; - $sql .= ", ".$this->cheque; - $sql .= ", ".$this->card; + $sql .= ", ".((int) $this->year_close); + $sql .= ", ".price2num($this->cash, 'MT'); + $sql .= ", ".price2num($this->cheque, 'MT'); + $sql .= ", ".price2num($this->card, 'MT'); $sql .= ")"; $this->db->begin(); diff --git a/htdocs/compta/deplacement/class/deplacement.class.php b/htdocs/compta/deplacement/class/deplacement.class.php index 81022e9bc71..e05750918da 100644 --- a/htdocs/compta/deplacement/class/deplacement.class.php +++ b/htdocs/compta/deplacement/class/deplacement.class.php @@ -167,14 +167,14 @@ class Deplacement extends CommonObject $sql .= ", fk_soc"; $sql .= ") VALUES ("; $sql .= " '".$this->db->idate($now)."'"; - $sql .= ", ".$conf->entity; - $sql .= ", ".$user->id; - $sql .= ", ".$this->fk_user; + $sql .= ", ".((int) $conf->entity); + $sql .= ", ".((int) $user->id); + $sql .= ", ".((int) $this->fk_user); $sql .= ", '".$this->db->escape($this->type)."'"; $sql .= ", ".($this->note_private ? "'".$this->db->escape($this->note_private)."'" : "null"); $sql .= ", ".($this->note_public ? "'".$this->db->escape($this->note_public)."'" : "null"); - $sql .= ", ".($this->fk_project > 0 ? $this->fk_project : 0); - $sql .= ", ".($this->fk_soc > 0 ? $this->fk_soc : "null"); + $sql .= ", ".($this->fk_project > 0 ? ((int) $this->fk_project) : 0); + $sql .= ", ".($this->fk_soc > 0 ? ((int) $this->fk_soc) : "null"); $sql .= ")"; dol_syslog(get_class($this)."::create", LOG_DEBUG); diff --git a/htdocs/compta/facture/class/facture-rec.class.php b/htdocs/compta/facture/class/facture-rec.class.php index a0509774998..92615658a58 100644 --- a/htdocs/compta/facture/class/facture-rec.class.php +++ b/htdocs/compta/facture/class/facture-rec.class.php @@ -300,32 +300,32 @@ class FactureRec extends CommonInvoice $sql .= ", suspended"; $sql .= ") VALUES ("; $sql .= "'".$this->db->escape($this->titre ? $this->titre : $this->title)."'"; - $sql .= ", ".$facsrc->socid; - $sql .= ", ".$conf->entity; + $sql .= ", ".((int) $facsrc->socid); + $sql .= ", ".((int) $conf->entity); $sql .= ", '".$this->db->idate($now)."'"; - $sql .= ", ".(!empty($facsrc->amount) ? $facsrc->amount : '0'); - $sql .= ", ".(!empty($facsrc->remise) ? $this->remise : '0'); + $sql .= ", ".(!empty($facsrc->amount) ? ((float) $facsrc->amount) : '0'); + $sql .= ", ".(!empty($facsrc->remise) ? ((float) $this->remise) : '0'); $sql .= ", ".(!empty($this->note_private) ? ("'".$this->db->escape($this->note_private)."'") : "NULL"); $sql .= ", ".(!empty($this->note_public) ? ("'".$this->db->escape($this->note_public)."'") : "NULL"); $sql .= ", ".(!empty($this->model_pdf) ? ("'".$this->db->escape($this->model_pdf)."'") : "NULL"); - $sql .= ", '".$this->db->escape($user->id)."'"; - $sql .= ", ".(!empty($facsrc->fk_project) ? "'".$this->db->escape($facsrc->fk_project)."'" : "null"); - $sql .= ", ".(!empty($facsrc->fk_account) ? "'".$this->db->escape($facsrc->fk_account)."'" : "null"); - $sql .= ", ".($facsrc->cond_reglement_id > 0 ? $this->db->escape($facsrc->cond_reglement_id) : "null"); - $sql .= ", ".($facsrc->mode_reglement_id > 0 ? $this->db->escape($facsrc->mode_reglement_id) : "null"); - $sql .= ", ".$this->usenewprice; - $sql .= ", ".$this->frequency; + $sql .= ", ".((int) $user->id); + $sql .= ", ".(!empty($facsrc->fk_project) ? ((int) $facsrc->fk_project) : "null"); + $sql .= ", ".(!empty($facsrc->fk_account) ? ((int) $facsrc->fk_account) : "null"); + $sql .= ", ".($facsrc->cond_reglement_id > 0 ? ((int) $facsrc->cond_reglement_id) : "null"); + $sql .= ", ".($facsrc->mode_reglement_id > 0 ? ((int) $facsrc->mode_reglement_id) : "null"); + $sql .= ", ".((int) $this->usenewprice); + $sql .= ", ".((int) $this->frequency); $sql .= ", '".$this->db->escape($this->unit_frequency)."'"; $sql .= ", ".(!empty($this->date_when) ? "'".$this->db->idate($this->date_when)."'" : 'NULL'); $sql .= ", ".(!empty($this->date_last_gen) ? "'".$this->db->idate($this->date_last_gen)."'" : 'NULL'); - $sql .= ", ".$this->db->escape($this->nb_gen_done); - $sql .= ", ".$this->db->escape($this->nb_gen_max); - $sql .= ", ".$this->db->escape($this->auto_validate); - $sql .= ", ".$this->db->escape($this->generate_pdf); - $sql .= ", ".$this->db->escape($facsrc->fk_multicurrency); + $sql .= ", ".((int) $this->nb_gen_done); + $sql .= ", ".((int) $this->nb_gen_max); + $sql .= ", ".((int) $this->auto_validate); + $sql .= ", ".((int) $this->generate_pdf); + $sql .= ", ".((int) $facsrc->fk_multicurrency); $sql .= ", '".$this->db->escape($facsrc->multicurrency_code)."'"; - $sql .= ", ".$this->db->escape($facsrc->multicurrency_tx); - $sql .= ", ".$this->db->escape($this->suspended); + $sql .= ", ".((float) $facsrc->multicurrency_tx); + $sql .= ", ".((int) $this->suspended); $sql .= ")"; if ($this->db->query($sql)) { @@ -963,7 +963,7 @@ class FactureRec extends CommonInvoice $sql .= ", ".price2num($txlocaltax2); $sql .= ", '".$this->db->escape(isset($localtaxes_type[2]) ? $localtaxes_type[2] : '')."'"; $sql .= ", ".(!empty($fk_product) ? "'".$this->db->escape($fk_product)."'" : "null"); - $sql .= ", ".$product_type; + $sql .= ", ".((int) $product_type); $sql .= ", ".price2num($remise_percent); $sql .= ", ".price2num($pu_ht); $sql .= ", null"; @@ -976,16 +976,16 @@ class FactureRec extends CommonInvoice $sql .= ", ".(int) $date_end_fill; $sql .= ", ".($fk_fournprice > 0 ? $fk_fournprice : 'null'); $sql .= ", ".($pa_ht ? price2num($pa_ht) : 0); - $sql .= ", ".$info_bits; - $sql .= ", ".$rang; - $sql .= ", ".$special_code; - $sql .= ", ".($fk_unit ? "'".$this->db->escape($fk_unit)."'" : "null"); + $sql .= ", ".((int) $info_bits); + $sql .= ", ".((int) $rang); + $sql .= ", ".((int) $special_code); + $sql .= ", ".($fk_unit ? ((int) $fk_unit) : "null"); $sql .= ", ".(int) $this->fk_multicurrency; $sql .= ", '".$this->db->escape($this->multicurrency_code)."'"; - $sql .= ", ".price2num($pu_ht_devise); - $sql .= ", ".price2num($multicurrency_total_ht); - $sql .= ", ".price2num($multicurrency_total_tva); - $sql .= ", ".price2num($multicurrency_total_ttc); + $sql .= ", ".price2num($pu_ht_devise, 'CU'); + $sql .= ", ".price2num($multicurrency_total_ht, 'CT'); + $sql .= ", ".price2num($multicurrency_total_tva, 'CT'); + $sql .= ", ".price2num($multicurrency_total_ttc, 'CT'); $sql .= ")"; dol_syslog(get_class($this)."::addline", LOG_DEBUG); diff --git a/htdocs/compta/paiement/cheque/class/remisecheque.class.php b/htdocs/compta/paiement/cheque/class/remisecheque.class.php index fe967543fdc..1d8fd5b3392 100644 --- a/htdocs/compta/paiement/cheque/class/remisecheque.class.php +++ b/htdocs/compta/paiement/cheque/class/remisecheque.class.php @@ -170,12 +170,12 @@ class RemiseCheque extends CommonObject $sql .= ") VALUES ("; $sql .= "'".$this->db->idate($now)."'"; $sql .= ", '".$this->db->idate($now)."'"; - $sql .= ", ".$user->id; + $sql .= ", ".((int) $user->id); $sql .= ", ".((int) $account_id); $sql .= ", 0"; $sql .= ", 0"; $sql .= ", 0"; - $sql .= ", ".$conf->entity; + $sql .= ", ".((int) $conf->entity); $sql .= ", 0"; $sql .= ", ''"; $sql .= ")"; diff --git a/htdocs/compta/prelevement/class/bonprelevement.class.php b/htdocs/compta/prelevement/class/bonprelevement.class.php index ed7ecae5cf9..f4b4b725ed3 100644 --- a/htdocs/compta/prelevement/class/bonprelevement.class.php +++ b/htdocs/compta/prelevement/class/bonprelevement.class.php @@ -155,8 +155,8 @@ class BonPrelevement extends CommonObject } $sql .= ",fk_prelevement_lignes"; $sql .= ") VALUES ("; - $sql .= $invoice_id; - $sql .= ", ".$line_id; + $sql .= ((int) $invoice_id); + $sql .= ", ".((int) $line_id); $sql .= ")"; if ($this->db->query($sql)) { diff --git a/htdocs/compta/prelevement/class/rejetprelevement.class.php b/htdocs/compta/prelevement/class/rejetprelevement.class.php index c10b0de662c..f88ff5201f3 100644 --- a/htdocs/compta/prelevement/class/rejetprelevement.class.php +++ b/htdocs/compta/prelevement/class/rejetprelevement.class.php @@ -114,12 +114,12 @@ class RejetPrelevement $sql .= ", date_creation"; $sql .= ", afacturer"; $sql .= ") VALUES ("; - $sql .= $id; + $sql .= ((int) $id); $sql .= ", '".$this->db->idate($date_rejet)."'"; - $sql .= ", ".$motif; - $sql .= ", ".$user->id; + $sql .= ", ".((int) $motif); + $sql .= ", ".((int) $user->id); $sql .= ", '".$this->db->idate($now)."'"; - $sql .= ", ".$facturation; + $sql .= ", ".((int) $facturation); $sql .= ")"; $result = $this->db->query($sql); diff --git a/htdocs/compta/sociales/class/chargesociales.class.php b/htdocs/compta/sociales/class/chargesociales.class.php index a7c6ab2c593..0cb7220cfd7 100644 --- a/htdocs/compta/sociales/class/chargesociales.class.php +++ b/htdocs/compta/sociales/class/chargesociales.class.php @@ -230,17 +230,17 @@ class ChargeSociales extends CommonObject $this->db->begin(); $sql = "INSERT INTO ".MAIN_DB_PREFIX."chargesociales (fk_type, fk_account, fk_mode_reglement, libelle, date_ech, periode, amount, fk_projet, entity, fk_user_author, fk_user, date_creation)"; - $sql .= " VALUES (".$this->type; - $sql .= ", ".($this->fk_account > 0 ? $this->fk_account : 'NULL'); - $sql .= ", ".($this->mode_reglement_id > 0 ? $this->mode_reglement_id : "NULL"); + $sql .= " VALUES (".((int) $this->type); + $sql .= ", ".($this->fk_account > 0 ? ((int) $this->fk_account) : 'NULL'); + $sql .= ", ".($this->mode_reglement_id > 0 ? ((int) $this->mode_reglement_id) : "NULL"); $sql .= ", '".$this->db->escape($this->label ? $this->label : $this->lib)."'"; $sql .= ", '".$this->db->idate($this->date_ech)."'"; $sql .= ", '".$this->db->idate($this->periode)."'"; $sql .= ", '".price2num($newamount)."'"; - $sql .= ", ".($this->fk_project > 0 ? $this->fk_project : 'NULL'); - $sql .= ", ".$conf->entity; - $sql .= ", ".$user->id; - $sql .= ", ".($this->fk_user > 0 ? $this->db->escape($this->fk_user) : 'NULL'); + $sql .= ", ".($this->fk_project > 0 ? ((int) $this->fk_project) : 'NULL'); + $sql .= ", ".((int) $conf->entity); + $sql .= ", ".((int) $user->id); + $sql .= ", ".($this->fk_user > 0 ? ((int) $this->fk_user) : 'NULL'); $sql .= ", '".$this->db->idate($now)."'"; $sql .= ")"; diff --git a/htdocs/compta/tva/class/tva.class.php b/htdocs/compta/tva/class/tva.class.php index 38da3c21eae..4ca16ceeecf 100644 --- a/htdocs/compta/tva/class/tva.class.php +++ b/htdocs/compta/tva/class/tva.class.php @@ -596,7 +596,7 @@ class Tva extends CommonObject } $sql .= ", '".$this->db->escape($user->id)."'"; $sql .= ", NULL"; - $sql .= ", ".$conf->entity; + $sql .= ", ".((int) $conf->entity); $sql .= ")"; dol_syslog(get_class($this)."::addPayment", LOG_DEBUG); diff --git a/htdocs/core/class/comment.class.php b/htdocs/core/class/comment.class.php index 7184d7846b0..c2dd055522e 100644 --- a/htdocs/core/class/comment.class.php +++ b/htdocs/core/class/comment.class.php @@ -128,7 +128,7 @@ class Comment extends CommonObject $sql .= ", '".(isset($this->fk_element) ? $this->fk_element : "null")."'"; $sql .= ", '".$this->db->escape($this->element_type)."'"; $sql .= ", '".(isset($this->fk_user_author) ? $this->fk_user_author : "null")."'"; - $sql .= ", ".$user->id.""; + $sql .= ", ".((int) $user->id); $sql .= ", ".(!empty($this->entity) ? $this->entity : '1'); $sql .= ", ".(!empty($this->import_key) ? "'".$this->db->escape($this->import_key)."'" : "null"); $sql .= ")"; diff --git a/htdocs/core/class/commonobject.class.php b/htdocs/core/class/commonobject.class.php index 5cdb83194f4..119ea398ead 100644 --- a/htdocs/core/class/commonobject.class.php +++ b/htdocs/core/class/commonobject.class.php @@ -1941,9 +1941,9 @@ abstract class CommonObject if ($fk_user_field) { if (!empty($fuser) && is_object($fuser)) { - $sql .= ", ".$fk_user_field." = ".$fuser->id; + $sql .= ", ".$fk_user_field." = ".((int) $fuser->id); } elseif (empty($fuser) || $fuser != 'none') { - $sql .= ", ".$fk_user_field." = ".$user->id; + $sql .= ", ".$fk_user_field." = ".((int) $user->id); } } diff --git a/htdocs/core/class/fiscalyear.class.php b/htdocs/core/class/fiscalyear.class.php index 7356e53dc0a..2a1f769e15c 100644 --- a/htdocs/core/class/fiscalyear.class.php +++ b/htdocs/core/class/fiscalyear.class.php @@ -147,9 +147,9 @@ class Fiscalyear extends CommonObject $sql .= ", '".$this->db->idate($this->date_start)."'"; $sql .= ", ".($this->date_end ? "'".$this->db->idate($this->date_end)."'" : "null"); $sql .= ", 0"; - $sql .= ", ".$conf->entity; + $sql .= ", ".((int) $conf->entity); $sql .= ", '".$this->db->idate($now)."'"; - $sql .= ", ".$user->id; + $sql .= ", ".((int) $user->id); $sql .= ")"; dol_syslog(get_class($this)."::create", LOG_DEBUG); diff --git a/htdocs/core/class/link.class.php b/htdocs/core/class/link.class.php index 5e008a1e1ac..2a5e0f99c64 100644 --- a/htdocs/core/class/link.class.php +++ b/htdocs/core/class/link.class.php @@ -102,7 +102,7 @@ class Link extends CommonObject $sql .= ", '".$this->db->escape($this->url)."'"; $sql .= ", '".$this->db->escape($this->label)."'"; $sql .= ", '".$this->db->escape($this->objecttype)."'"; - $sql .= ", ".$this->objectid.")"; + $sql .= ", ".((int) $this->objectid).")"; dol_syslog(get_class($this)."::create", LOG_DEBUG); $result = $this->db->query($sql); diff --git a/htdocs/core/modules/DolibarrModules.class.php b/htdocs/core/modules/DolibarrModules.class.php index d1089e5e0e0..50171253938 100644 --- a/htdocs/core/modules/DolibarrModules.class.php +++ b/htdocs/core/modules/DolibarrModules.class.php @@ -1560,7 +1560,7 @@ class DolibarrModules // Can not be abstract, because we need to instantiate it $sql .= ", ".$this->db->encrypt($newvalue); $sql .= ", null"; $sql .= ", '0'"; - $sql .= ", ".$entity; + $sql .= ", ".((int) $entity); $sql .= ")"; $resql = $this->db->query($sql); diff --git a/htdocs/delivery/class/delivery.class.php b/htdocs/delivery/class/delivery.class.php index de991d50f4e..60c134661ce 100644 --- a/htdocs/delivery/class/delivery.class.php +++ b/htdocs/delivery/class/delivery.class.php @@ -166,11 +166,11 @@ class Delivery extends CommonObject $sql .= ", fk_incoterms, location_incoterms"; $sql .= ") VALUES ("; $sql .= "'(PROV)'"; - $sql .= ", ".$conf->entity; - $sql .= ", ".$this->socid; + $sql .= ", ".((int) $conf->entity); + $sql .= ", ".((int) $this->socid); $sql .= ", '".$this->db->escape($this->ref_customer)."'"; $sql .= ", '".$this->db->idate($now)."'"; - $sql .= ", ".$user->id; + $sql .= ", ".((int) $user->id); $sql .= ", ".($this->date_delivery ? "'".$this->db->idate($this->date_delivery)."'" : "null"); $sql .= ", ".($this->fk_delivery_address > 0 ? $this->fk_delivery_address : "null"); $sql .= ", ".(!empty($this->note_private) ? "'".$this->db->escape($this->note_private)."'" : "null"); diff --git a/htdocs/don/class/don.class.php b/htdocs/don/class/don.class.php index 85a95905073..792edbcc928 100644 --- a/htdocs/don/class/don.class.php +++ b/htdocs/don/class/don.class.php @@ -381,7 +381,7 @@ class Don extends CommonObject $sql .= ", phone_mobile"; $sql .= ") VALUES ("; $sql .= "'".$this->db->idate($this->date ? $this->date : $now)."'"; - $sql .= ", ".$conf->entity; + $sql .= ", ".((int) $conf->entity); $sql .= ", ".price2num($this->amount); $sql .= ", ".($this->modepaymentid ? $this->modepaymentid : "null"); $sql .= ", ".($this->socid > 0 ? $this->socid : "null"); @@ -396,7 +396,7 @@ class Don extends CommonObject $sql .= ", ".($this->fk_project > 0 ? (int) $this->fk_project : "null"); $sql .= ", ".(!empty($this->note_private) ? ("'".$this->db->escape($this->note_private)."'") : "NULL"); $sql .= ", ".(!empty($this->note_public) ? ("'".$this->db->escape($this->note_public)."'") : "NULL"); - $sql .= ", ".$user->id; + $sql .= ", ".((int) $user->id); $sql .= ", null"; $sql .= ", '".$this->db->idate($this->date)."'"; $sql .= ", '".$this->db->escape(trim($this->email))."'"; diff --git a/htdocs/expedition/class/expedition.class.php b/htdocs/expedition/class/expedition.class.php index 049ef7832b0..830a582db03 100644 --- a/htdocs/expedition/class/expedition.class.php +++ b/htdocs/expedition/class/expedition.class.php @@ -303,7 +303,6 @@ class Expedition extends CommonObject $this->db->begin(); $sql = "INSERT INTO ".MAIN_DB_PREFIX."expedition ("; - $sql .= "ref"; $sql .= ", entity"; $sql .= ", ref_customer"; @@ -330,18 +329,18 @@ class Expedition extends CommonObject $sql .= ", fk_incoterms, location_incoterms"; $sql .= ") VALUES ("; $sql .= "'(PROV)'"; - $sql .= ", ".$conf->entity; + $sql .= ", ".((int) $conf->entity); $sql .= ", ".($this->ref_customer ? "'".$this->db->escape($this->ref_customer)."'" : "null"); $sql .= ", ".($this->ref_int ? "'".$this->db->escape($this->ref_int)."'" : "null"); $sql .= ", ".($this->ref_ext ? "'".$this->db->escape($this->ref_ext)."'" : "null"); $sql .= ", '".$this->db->idate($now)."'"; - $sql .= ", ".$user->id; + $sql .= ", ".((int) $user->id); $sql .= ", ".($this->date_expedition > 0 ? "'".$this->db->idate($this->date_expedition)."'" : "null"); $sql .= ", ".($this->date_delivery > 0 ? "'".$this->db->idate($this->date_delivery)."'" : "null"); - $sql .= ", ".$this->socid; - $sql .= ", ".$this->fk_project; + $sql .= ", ".($this->socid > 0 ? ((int) $this->socid) : "null"); + $sql .= ", ".($this->fk_project > 0 ? ((int) $this->fk_project) : "null"); $sql .= ", ".($this->fk_delivery_address > 0 ? $this->fk_delivery_address : "null"); - $sql .= ", ".($this->shipping_method_id > 0 ? $this->shipping_method_id : "null"); + $sql .= ", ".($this->shipping_method_id > 0 ? ((int) $this->shipping_method_id) : "null"); $sql .= ", '".$this->db->escape($this->tracking_number)."'"; $sql .= ", ".(is_numeric($this->weight) ? $this->weight : 'NULL'); $sql .= ", ".(is_numeric($this->sizeS) ? $this->sizeS : 'NULL'); // TODO Should use this->trueDepth @@ -2744,9 +2743,9 @@ class ExpeditionLigne extends CommonObjectLine $sql .= ") VALUES ("; $sql .= $this->fk_expedition; $sql .= ", ".(empty($this->entrepot_id) ? 'NULL' : $this->entrepot_id); - $sql .= ", ".$this->fk_origin_line; - $sql .= ", ".$this->qty; - $sql .= ", ".$ranktouse; + $sql .= ", ".((int) $this->fk_origin_line); + $sql .= ", ".price2num($this->qty, 'MS'); + $sql .= ", ".((int) $ranktouse); $sql .= ")"; dol_syslog(get_class($this)."::insert", LOG_DEBUG); diff --git a/htdocs/expensereport/class/expensereport.class.php b/htdocs/expensereport/class/expensereport.class.php index a67b447ca9c..6dfe761195e 100644 --- a/htdocs/expensereport/class/expensereport.class.php +++ b/htdocs/expensereport/class/expensereport.class.php @@ -270,23 +270,23 @@ class ExpenseReport extends CommonObject $sql .= ",entity"; $sql .= ") VALUES("; $sql .= "'(PROV)'"; - $sql .= ", ".$this->total_ht; - $sql .= ", ".$this->total_ttc; - $sql .= ", ".$this->total_tva; + $sql .= ", ".price2num($this->total_ht, 'MT'); + $sql .= ", ".price2num($this->total_ttc, 'MT'); + $sql .= ", ".price2num($this->total_tva, 'MT'); $sql .= ", '".$this->db->idate($this->date_debut)."'"; $sql .= ", '".$this->db->idate($this->date_fin)."'"; $sql .= ", '".$this->db->idate($now)."'"; - $sql .= ", ".$user->id; - $sql .= ", ".$fuserid; - $sql .= ", ".($this->fk_user_validator > 0 ? $this->fk_user_validator : "null"); - $sql .= ", ".($this->fk_user_approve > 0 ? $this->fk_user_approve : "null"); - $sql .= ", ".($this->fk_user_modif > 0 ? $this->fk_user_modif : "null"); - $sql .= ", ".($this->fk_statut > 1 ? $this->fk_statut : 0); - $sql .= ", ".($this->modepaymentid ? $this->modepaymentid : "null"); + $sql .= ", ".((int) $user->id); + $sql .= ", ".((int) $fuserid); + $sql .= ", ".($this->fk_user_validator > 0 ? ((int) $this->fk_user_validator) : "null"); + $sql .= ", ".($this->fk_user_approve > 0 ? ((int) $this->fk_user_approve) : "null"); + $sql .= ", ".($this->fk_user_modif > 0 ? ((int) $this->fk_user_modif) : "null"); + $sql .= ", ".($this->fk_statut > 1 ? ((int) $this->fk_statut) : 0); + $sql .= ", ".($this->modepaymentid ? ((int) $this->modepaymentid) : "null"); $sql .= ", 0"; $sql .= ", ".($this->note_public ? "'".$this->db->escape($this->note_public)."'" : "null"); $sql .= ", ".($this->note_private ? "'".$this->db->escape($this->note_private)."'" : "null"); - $sql .= ", ".$conf->entity; + $sql .= ", ".((int) $conf->entity); $sql .= ")"; $result = $this->db->query($sql); diff --git a/htdocs/fichinter/class/fichinter.class.php b/htdocs/fichinter/class/fichinter.class.php index 23766a91bbe..9bd3f17da25 100644 --- a/htdocs/fichinter/class/fichinter.class.php +++ b/htdocs/fichinter/class/fichinter.class.php @@ -286,14 +286,14 @@ class Fichinter extends CommonObject $sql .= $this->socid; $sql .= ", '".$this->db->idate($now)."'"; $sql .= ", '".$this->db->escape($this->ref)."'"; - $sql .= ", ".$conf->entity; - $sql .= ", ".$user->id; - $sql .= ", ".$user->id; + $sql .= ", ".((int) $conf->entity); + $sql .= ", ".((int) $user->id); + $sql .= ", ".((int) $user->id); $sql .= ", ".($this->description ? "'".$this->db->escape($this->description)."'" : "null"); $sql .= ", '".$this->db->escape($this->model_pdf)."'"; - $sql .= ", ".($this->fk_project ? $this->fk_project : 0); - $sql .= ", ".($this->fk_contrat ? $this->fk_contrat : 0); - $sql .= ", ".$this->statut; + $sql .= ", ".($this->fk_project ? ((int) $this->fk_project) : 0); + $sql .= ", ".($this->fk_contrat ? ((int) $this->fk_contrat) : 0); + $sql .= ", ".((int) $this->statut); $sql .= ", ".($this->note_private ? "'".$this->db->escape($this->note_private)."'" : "null"); $sql .= ", ".($this->note_public ? "'".$this->db->escape($this->note_public)."'" : "null"); $sql .= ")"; diff --git a/htdocs/fichinter/class/fichinterrec.class.php b/htdocs/fichinter/class/fichinterrec.class.php index d23c25253ac..d5690265028 100644 --- a/htdocs/fichinter/class/fichinterrec.class.php +++ b/htdocs/fichinter/class/fichinterrec.class.php @@ -182,18 +182,18 @@ class FichinterRec extends Fichinter $sql .= ") VALUES ("; $sql .= "'".$this->db->escape($this->title)."'"; - $sql .= ", ".($this->socid > 0 ? $this->socid : 'null'); - $sql .= ", ".$conf->entity; + $sql .= ", ".($this->socid > 0 ? ((int) $this->socid) : 'null'); + $sql .= ", ".((int) $conf->entity); $sql .= ", '".$this->db->idate($now)."'"; - $sql .= ", ".(!empty($fichintsrc->duration) ? $fichintsrc->duration : '0'); + $sql .= ", ".(!empty($fichintsrc->duration) ? ((int) $fichintsrc->duration) : '0'); $sql .= ", ".(!empty($this->description) ? ("'".$this->db->escape($this->description)."'") : "null"); $sql .= ", ".(!empty($fichintsrc->note_private) ? ("'".$this->db->escape($fichintsrc->note_private)."'") : "null"); $sql .= ", ".(!empty($fichintsrc->note_public) ? ("'".$this->db->escape($fichintsrc->note_public)."'") : "null"); - $sql .= ", ".$user->id; + $sql .= ", ".((int) $user->id); // si c'est la même société on conserve les liens vers le projet et le contrat if ($this->socid == $fichintsrc->socid) { - $sql .= ", ".(!empty($fichintsrc->fk_project) ? $fichintsrc->fk_project : "null"); - $sql .= ", ".(!empty($fichintsrc->fk_contrat) ? $fichintsrc->fk_contrat : "null"); + $sql .= ", ".(!empty($fichintsrc->fk_project) ? ((int) $fichintsrc->fk_project) : "null"); + $sql .= ", ".(!empty($fichintsrc->fk_contrat) ? ((int) $fichintsrc->fk_contrat) : "null"); } else { $sql .= ", null, null"; } @@ -201,12 +201,12 @@ class FichinterRec extends Fichinter $sql .= ", ".(!empty($fichintsrc->model_pdf) ? "'".$this->db->escape($fichintsrc->model_pdf)."'" : "''"); // récurrence - $sql .= ", ".(!empty($this->frequency) ? $this->frequency : "null"); + $sql .= ", ".(!empty($this->frequency) ? ((int) $this->frequency) : "null"); $sql .= ", '".$this->db->escape($this->unit_frequency)."'"; $sql .= ", ".(!empty($this->date_when) ? "'".$this->db->idate($this->date_when)."'" : 'null'); $sql .= ", ".(!empty($this->date_last_gen) ? "'".$this->db->idate($this->date_last_gen)."'" : 'null'); $sql .= ", 0"; // we start à 0 - $sql .= ", ".$this->nb_gen_max; + $sql .= ", ".((int) $this->nb_gen_max); // $sql.= ", ".$this->auto_validate; $sql .= ")"; diff --git a/htdocs/fourn/class/fournisseur.commande.class.php b/htdocs/fourn/class/fournisseur.commande.class.php index 9d965ee034e..09a43fb95ab 100644 --- a/htdocs/fourn/class/fournisseur.commande.class.php +++ b/htdocs/fourn/class/fournisseur.commande.class.php @@ -1335,14 +1335,14 @@ class CommandeFournisseur extends CommonOrder $sql .= ", '".$this->db->escape($this->ref_supplier)."'"; $sql .= ", '".$this->db->escape($this->note_private)."'"; $sql .= ", '".$this->db->escape($this->note_public)."'"; - $sql .= ", ".$conf->entity; - $sql .= ", ".$this->socid; - $sql .= ", ".($this->fk_project > 0 ? $this->fk_project : "null"); + $sql .= ", ".((int) $conf->entity); + $sql .= ", ".((int) $this->socid); + $sql .= ", ".($this->fk_project > 0 ? ((int) $this->fk_project) : "null"); $sql .= ", '".$this->db->idate($date)."'"; $sql .= ", ".($delivery_date ? "'".$this->db->idate($delivery_date)."'" : "null"); - $sql .= ", ".$user->id; + $sql .= ", ".((int) $user->id); $sql .= ", ".self::STATUS_DRAFT; - $sql .= ", ".$this->db->escape($this->source); + $sql .= ", ".((int) $this->source); $sql .= ", '".$this->db->escape($conf->global->COMMANDE_SUPPLIER_ADDON_PDF)."'"; $sql .= ", ".($this->mode_reglement_id > 0 ? $this->mode_reglement_id : 'null'); $sql .= ", ".($this->cond_reglement_id > 0 ? $this->cond_reglement_id : 'null'); diff --git a/htdocs/fourn/commande/list.php b/htdocs/fourn/commande/list.php index ef39e7502f6..4ceea8fde2c 100644 --- a/htdocs/fourn/commande/list.php +++ b/htdocs/fourn/commande/list.php @@ -342,7 +342,7 @@ if (empty($reshook)) { $sql .= ") VALUES ("; $sql .= $id_order; $sql .= ", '".$db->escape($objecttmp->origin)."'"; - $sql .= ", ".$objecttmp->id; + $sql .= ", ".((int) $objecttmp->id); $sql .= ", '".$db->escape($objecttmp->element)."'"; $sql .= ")"; diff --git a/htdocs/hrm/class/establishment.class.php b/htdocs/hrm/class/establishment.class.php index d26a10a923a..a9082a02b5e 100644 --- a/htdocs/hrm/class/establishment.class.php +++ b/htdocs/hrm/class/establishment.class.php @@ -204,12 +204,12 @@ class Establishment extends CommonObject $sql .= ", '".$this->db->escape($this->address)."'"; $sql .= ", '".$this->db->escape($this->zip)."'"; $sql .= ", '".$this->db->escape($this->town)."'"; - $sql .= ", ".$this->country_id; - $sql .= ", ".$this->status; - $sql .= ", ".$conf->entity; + $sql .= ", ".((int) $this->country_id); + $sql .= ", ".((int) $this->status); + $sql .= ", ".((int) $conf->entity); $sql .= ", '".$this->db->idate($now)."'"; - $sql .= ", ".$user->id; - $sql .= ", ".$user->id; + $sql .= ", ".((int) $user->id); + $sql .= ", ".((int) $user->id); $sql .= ")"; dol_syslog(get_class($this)."::create", LOG_DEBUG); diff --git a/htdocs/product/class/product.class.php b/htdocs/product/class/product.class.php index e51c553809d..818ee620821 100644 --- a/htdocs/product/class/product.class.php +++ b/htdocs/product/class/product.class.php @@ -718,19 +718,19 @@ class Product extends CommonObject $sql .= ", fk_unit"; $sql .= ") VALUES ("; $sql .= "'".$this->db->idate($now)."'"; - $sql .= ", ".$conf->entity; + $sql .= ", ".((int) $conf->entity); $sql .= ", '".$this->db->escape($this->ref)."'"; $sql .= ", ".(!empty($this->ref_ext) ? "'".$this->db->escape($this->ref_ext)."'" : "null"); $sql .= ", ".price2num($price_min_ht); $sql .= ", ".price2num($price_min_ttc); $sql .= ", ".(!empty($this->label) ? "'".$this->db->escape($this->label)."'" : "null"); - $sql .= ", ".$user->id; - $sql .= ", ".$this->type; - $sql .= ", ".price2num($price_ht); - $sql .= ", ".price2num($price_ttc); + $sql .= ", ".((int) $user->id); + $sql .= ", ".((int) $this->type); + $sql .= ", ".price2num($price_ht, 'MT'); + $sql .= ", ".price2num($price_ttc, 'MT'); $sql .= ", '".$this->db->escape($this->price_base_type)."'"; - $sql .= ", ".$this->status; - $sql .= ", ".$this->status_buy; + $sql .= ", ".((int) $this->status); + $sql .= ", ".((int) $this->status_buy); if (empty($conf->global->MAIN_PRODUCT_PERENTITY_SHARED)) { $sql .= ", '".$this->db->escape($this->accountancy_code_buy)."'"; $sql .= ", '".$this->db->escape($this->accountancy_code_buy_intra)."'"; @@ -740,10 +740,10 @@ class Product extends CommonObject $sql .= ", '".$this->db->escape($this->accountancy_code_sell_export)."'"; } $sql .= ", '".$this->db->escape($this->canvas)."'"; - $sql .= ", ".((!isset($this->finished) || $this->finished < 0 || $this->finished == '') ? 'null' : (int) $this->finished); - $sql .= ", ".((empty($this->status_batch) || $this->status_batch < 0) ? '0' : $this->status_batch); + $sql .= ", ".((!isset($this->finished) || $this->finished < 0 || $this->finished == '') ? 'NULL' : (int) $this->finished); + $sql .= ", ".((empty($this->status_batch) || $this->status_batch < 0) ? '0' : ((int) $this->status_batch)); $sql .= ", '".$this->db->escape($this->batch_mask)."'"; - $sql .= ", ".(!$this->fk_unit ? 'NULL' : $this->fk_unit); + $sql .= ", ".($this->fk_unit > 0 ? ((int) $this->fk_unit) : 'NULL'); $sql .= ")"; dol_syslog(get_class($this)."::Create", LOG_DEBUG); diff --git a/htdocs/projet/class/project.class.php b/htdocs/projet/class/project.class.php index 02939ead090..00394dda384 100644 --- a/htdocs/projet/class/project.class.php +++ b/htdocs/projet/class/project.class.php @@ -381,10 +381,10 @@ class Project extends CommonObject $sql .= ", '".$this->db->escape($this->title)."'"; $sql .= ", '".$this->db->escape($this->description)."'"; $sql .= ", ".($this->socid > 0 ? $this->socid : "null"); - $sql .= ", ".$user->id; - $sql .= ", ".(is_numeric($this->statut) ? $this->statut : '0'); - $sql .= ", ".((is_numeric($this->opp_status) && $this->opp_status > 0) ? $this->opp_status : 'NULL'); - $sql .= ", ".(is_numeric($this->opp_percent) ? $this->opp_percent : 'NULL'); + $sql .= ", ".((int) $user->id); + $sql .= ", ".(is_numeric($this->statut) ? ((int) $this->statut) : '0'); + $sql .= ", ".((is_numeric($this->opp_status) && $this->opp_status > 0) ? ((int) $this->opp_status) : 'NULL'); + $sql .= ", ".(is_numeric($this->opp_percent) ? ((int) $this->opp_percent) : 'NULL'); $sql .= ", ".($this->public ? 1 : 0); $sql .= ", '".$this->db->idate($now)."'"; $sql .= ", ".($this->date_start != '' ? "'".$this->db->idate($this->date_start)."'" : 'null'); @@ -402,7 +402,7 @@ class Project extends CommonObject $sql .= ", ".($this->email_msgid ? "'".$this->db->escape($this->email_msgid)."'" : 'null'); $sql .= ", ".($this->note_private ? "'".$this->db->escape($this->note_private)."'" : 'null'); $sql .= ", ".($this->note_public ? "'".$this->db->escape($this->note_public)."'" : 'null'); - $sql .= ", ".$conf->entity; + $sql .= ", ".((int) $conf->entity); $sql .= ")"; dol_syslog(get_class($this)."::create", LOG_DEBUG); diff --git a/htdocs/projet/class/task.class.php b/htdocs/projet/class/task.class.php index c05f726031c..cd18a9b6819 100644 --- a/htdocs/projet/class/task.class.php +++ b/htdocs/projet/class/task.class.php @@ -173,18 +173,18 @@ class Task extends CommonObject $sql .= ", planned_workload"; $sql .= ", progress"; $sql .= ") VALUES ("; - $sql .= $conf->entity; - $sql .= ", ".$this->fk_project; + $sql .= ((int) $conf->entity); + $sql .= ", ".((int) $this->fk_project); $sql .= ", ".(!empty($this->ref) ? "'".$this->db->escape($this->ref)."'" : 'null'); - $sql .= ", ".$this->fk_task_parent; + $sql .= ", ".((int) $this->fk_task_parent); $sql .= ", '".$this->db->escape($this->label)."'"; $sql .= ", '".$this->db->escape($this->description)."'"; $sql .= ", '".$this->db->idate($now)."'"; - $sql .= ", ".$user->id; + $sql .= ", ".((int) $user->id); $sql .= ", ".($this->date_start != '' ? "'".$this->db->idate($this->date_start)."'" : 'null'); $sql .= ", ".($this->date_end != '' ? "'".$this->db->idate($this->date_end)."'" : 'null'); - $sql .= ", ".(($this->planned_workload != '' && $this->planned_workload >= 0) ? $this->planned_workload : 'null'); - $sql .= ", ".(($this->progress != '' && $this->progress >= 0) ? $this->progress : 'null'); + $sql .= ", ".(($this->planned_workload != '' && $this->planned_workload >= 0) ? ((int) $this->planned_workload) : 'null'); + $sql .= ", ".(($this->progress != '' && $this->progress >= 0) ? ((int) $this->progress) : 'null'); $sql .= ")"; $this->db->begin(); @@ -1182,12 +1182,12 @@ class Task extends CommonObject $sql .= ", fk_user"; $sql .= ", note"; $sql .= ") VALUES ("; - $sql .= $this->id; + $sql .= ((int) $this->id); $sql .= ", '".$this->db->idate($this->timespent_date)."'"; $sql .= ", '".$this->db->idate($this->timespent_datehour)."'"; $sql .= ", ".(empty($this->timespent_withhour) ? 0 : 1); - $sql .= ", ".$this->timespent_duration; - $sql .= ", ".$this->timespent_fk_user; + $sql .= ", ".((int) $this->timespent_duration); + $sql .= ", ".((int) $this->timespent_fk_user); $sql .= ", ".(isset($this->timespent_note) ? "'".$this->db->escape($this->timespent_note)."'" : "null"); $sql .= ")"; diff --git a/htdocs/reception/class/reception.class.php b/htdocs/reception/class/reception.class.php index 6a4301d86df..add1be5e831 100644 --- a/htdocs/reception/class/reception.class.php +++ b/htdocs/reception/class/reception.class.php @@ -256,22 +256,22 @@ class Reception extends CommonObject $sql .= ", fk_incoterms, location_incoterms"; $sql .= ") VALUES ("; $sql .= "'(PROV)'"; - $sql .= ", ".$conf->entity; + $sql .= ", ".((int) $conf->entity); $sql .= ", ".($this->ref_supplier ? "'".$this->db->escape($this->ref_supplier)."'" : "null"); $sql .= ", '".$this->db->idate($now)."'"; - $sql .= ", ".$user->id; + $sql .= ", ".((int) $user->id); $sql .= ", ".($this->date_reception > 0 ? "'".$this->db->idate($this->date_reception)."'" : "null"); $sql .= ", ".($this->date_delivery > 0 ? "'".$this->db->idate($this->date_delivery)."'" : "null"); - $sql .= ", ".$this->socid; - $sql .= ", ".$this->fk_project; - $sql .= ", ".($this->shipping_method_id > 0 ? $this->shipping_method_id : "null"); + $sql .= ", ".((int) $this->socid); + $sql .= ", ".((int) $this->fk_project); + $sql .= ", ".($this->shipping_method_id > 0 ? ((int) $this->shipping_method_id) : "null"); $sql .= ", '".$this->db->escape($this->tracking_number)."'"; - $sql .= ", ".$this->weight; - $sql .= ", ".$this->sizeS; // TODO Should use this->trueDepth - $sql .= ", ".$this->sizeW; // TODO Should use this->trueWidth - $sql .= ", ".$this->sizeH; // TODO Should use this->trueHeight - $sql .= ", ".$this->weight_units; - $sql .= ", ".$this->size_units; + $sql .= ", ".((double) $this->weight); + $sql .= ", ".((double) $this->sizeS); // TODO Should use this->trueDepth + $sql .= ", ".((double) $this->sizeW); // TODO Should use this->trueWidth + $sql .= ", ".((double) $this->sizeH); // TODO Should use this->trueHeight + $sql .= ", ".((double) $this->weight_units); + $sql .= ", ".((double) $this->size_units); $sql .= ", ".(!empty($this->note_private) ? "'".$this->db->escape($this->note_private)."'" : "null"); $sql .= ", ".(!empty($this->note_public) ? "'".$this->db->escape($this->note_public)."'" : "null"); $sql .= ", ".(!empty($this->model_pdf) ? "'".$this->db->escape($this->model_pdf)."'" : "null"); diff --git a/htdocs/salaries/class/salary.class.php b/htdocs/salaries/class/salary.class.php index 8fdd741efee..5c87b3c53b9 100644 --- a/htdocs/salaries/class/salary.class.php +++ b/htdocs/salaries/class/salary.class.php @@ -406,11 +406,11 @@ class Salary extends CommonObject $sql .= "'".$this->db->escape($this->fk_user)."'"; //$sql .= ", '".$this->db->idate($this->datep)."'"; //$sql .= ", '".$this->db->idate($this->datev)."'"; - $sql .= ", ".$this->amount; - $sql .= ", ".($this->fk_project > 0 ? $this->fk_project : 0); - $sql .= ", ".($this->salary > 0 ? $this->salary : "null"); - $sql .= ", ".($this->type_payment > 0 ? $this->type_payment : 0); - $sql .= ", ".($this->accountid > 0 ? $this->accountid : "null"); + $sql .= ", ".((double) $this->amount); + $sql .= ", ".($this->fk_project > 0 ? ((int) $this->fk_project) : 0); + $sql .= ", ".($this->salary > 0 ? ((double) $this->salary) : "null"); + $sql .= ", ".($this->type_payment > 0 ? ((int) $this->type_payment) : 0); + $sql .= ", ".($this->accountid > 0 ? ((int) $this->accountid) : "null"); if ($this->note) $sql .= ", '".$this->db->escape($this->note)."'"; $sql .= ", '".$this->db->escape($this->label)."'"; $sql .= ", '".$this->db->idate($this->datesp)."'"; @@ -418,7 +418,7 @@ class Salary extends CommonObject $sql .= ", '".$this->db->escape($user->id)."'"; $sql .= ", '".$this->db->idate($now)."'"; $sql .= ", NULL"; - $sql .= ", ".$conf->entity; + $sql .= ", ".((int) $conf->entity); $sql .= ")"; dol_syslog(get_class($this)."::create", LOG_DEBUG); diff --git a/htdocs/supplier_proposal/class/supplier_proposal.class.php b/htdocs/supplier_proposal/class/supplier_proposal.class.php index e35051829cb..882c4bc5f3a 100644 --- a/htdocs/supplier_proposal/class/supplier_proposal.class.php +++ b/htdocs/supplier_proposal/class/supplier_proposal.class.php @@ -931,9 +931,9 @@ class SupplierProposal extends CommonObject $sql .= " VALUES ("; $sql .= $this->socid; $sql .= ", 0"; - $sql .= ", ".$this->remise; - $sql .= ", ".($this->remise_percent ? $this->db->escape($this->remise_percent) : 'null'); - $sql .= ", ".($this->remise_absolue ? $this->db->escape($this->remise_absolue) : 'null'); + $sql .= ", ".((double) $this->remise); + $sql .= ", ".($this->remise_percent ? ((double) $this->remise_percent) : 'null'); + $sql .= ", ".($this->remise_absolue ? ((double) $this->remise_absolue) : 'null'); $sql .= ", 0"; $sql .= ", 0"; $sql .= ", '".$this->db->idate($now)."'"; @@ -942,13 +942,13 @@ class SupplierProposal extends CommonObject $sql .= ", '".$this->db->escape($this->note_private)."'"; $sql .= ", '".$this->db->escape($this->note_public)."'"; $sql .= ", '".$this->db->escape($this->model_pdf)."'"; - $sql .= ", ".($this->cond_reglement_id > 0 ? $this->cond_reglement_id : 'NULL'); - $sql .= ", ".($this->mode_reglement_id > 0 ? $this->mode_reglement_id : 'NULL'); - $sql .= ", ".($this->fk_account > 0 ? $this->fk_account : 'NULL'); + $sql .= ", ".($this->cond_reglement_id > 0 ? ((int) $this->cond_reglement_id) : 'NULL'); + $sql .= ", ".($this->mode_reglement_id > 0 ? ((int) $this->mode_reglement_id) : 'NULL'); + $sql .= ", ".($this->fk_account > 0 ? ((int) $this->fk_account) : 'NULL'); $sql .= ", ".($delivery_date ? "'".$this->db->idate($delivery_date)."'" : "null"); - $sql .= ", ".($this->shipping_method_id > 0 ? $this->shipping_method_id : 'NULL'); - $sql .= ", ".($this->fk_project ? $this->fk_project : "null"); - $sql .= ", ".$conf->entity; + $sql .= ", ".($this->shipping_method_id > 0 ? ((int) $this->shipping_method_id) : 'NULL'); + $sql .= ", ".($this->fk_project > 0 ? ((int) $this->fk_project) : "null"); + $sql .= ", ".((int) $conf->entity); $sql .= ", ".(int) $this->fk_multicurrency; $sql .= ", '".$this->db->escape($this->multicurrency_code)."'"; $sql .= ", ".(double) $this->multicurrency_tx; @@ -3029,32 +3029,32 @@ class SupplierProposalLine extends CommonObjectLine $sql .= " ".($this->date_start ? "'".$this->db->idate($this->date_start)."'" : "null").","; $sql .= " ".($this->date_end ? "'".$this->db->idate($this->date_end)."'" : "null").","; $sql .= " ".($this->fk_remise_except ? "'".$this->db->escape($this->fk_remise_except)."'" : "null").","; - $sql .= " ".price2num($this->qty).","; + $sql .= " ".price2num($this->qty, 'MS').","; $sql .= " ".price2num($this->tva_tx).","; $sql .= " ".price2num($this->localtax1_tx).","; $sql .= " ".price2num($this->localtax2_tx).","; $sql .= " '".$this->db->escape($this->localtax1_type)."',"; $sql .= " '".$this->db->escape($this->localtax2_type)."',"; - $sql .= " ".(!empty($this->subprice) ?price2num($this->subprice) : "null").","; - $sql .= " ".price2num($this->remise_percent).","; - $sql .= " ".(isset($this->info_bits) ? "'".$this->db->escape($this->info_bits)."'" : "null").","; - $sql .= " ".price2num($this->total_ht).","; - $sql .= " ".price2num($this->total_tva).","; - $sql .= " ".price2num($this->total_localtax1).","; - $sql .= " ".price2num($this->total_localtax2).","; - $sql .= " ".price2num($this->total_ttc).","; + $sql .= " ".(!empty($this->subprice) ?price2num($this->subprice, 'MU') : "null").","; + $sql .= " ".((float) $this->remise_percent).","; + $sql .= " ".(isset($this->info_bits) ? ((int) $this->info_bits)."'" : "null").","; + $sql .= " ".price2num($this->total_ht, 'MT').","; + $sql .= " ".price2num($this->total_tva, 'MT').","; + $sql .= " ".price2num($this->total_localtax1, 'MT').","; + $sql .= " ".price2num($this->total_localtax2, 'MT').","; + $sql .= " ".price2num($this->total_ttc, 'MT').","; $sql .= " ".(!empty($this->fk_fournprice) ? "'".$this->db->escape($this->fk_fournprice)."'" : "null").","; - $sql .= " ".(isset($this->pa_ht) ? "'".price2num($this->pa_ht)."'" : "null").","; + $sql .= " ".(isset($this->pa_ht) ? price2num($this->pa_ht, 'MU') : "null").","; $sql .= ' '.((int) $this->special_code).','; $sql .= ' '.((int) $this->rang).','; $sql .= " '".$this->db->escape($this->ref_fourn)."'"; - $sql .= ", ".($this->fk_multicurrency > 0 ? $this->fk_multicurrency : 'null'); + $sql .= ", ".($this->fk_multicurrency > 0 ? ((int) $this->fk_multicurrency) : 'null'); $sql .= ", '".$this->db->escape($this->multicurrency_code)."'"; - $sql .= ", ".$this->multicurrency_subprice; - $sql .= ", ".$this->multicurrency_total_ht; - $sql .= ", ".$this->multicurrency_total_tva; - $sql .= ", ".$this->multicurrency_total_ttc; - $sql .= ", ".($this->fk_unit ? $this->fk_unit : 'null'); + $sql .= ", ".price2num($this->multicurrency_subprice, 'CU'); + $sql .= ", ".price2num($this->multicurrency_total_ht, 'CT'); + $sql .= ", ".price2num($this->multicurrency_total_tva, 'CT'); + $sql .= ", ".price2num($this->multicurrency_total_ttc, 'CT'); + $sql .= ", ".($this->fk_unit ? ((int) $this->fk_unit) : 'null'); $sql .= ')'; dol_syslog(get_class($this).'::insert', LOG_DEBUG); diff --git a/htdocs/ticket/class/ticket.class.php b/htdocs/ticket/class/ticket.class.php index 9bf53fb5271..8e8f04df04a 100644 --- a/htdocs/ticket/class/ticket.class.php +++ b/htdocs/ticket/class/ticket.class.php @@ -466,7 +466,7 @@ class Ticket extends CommonObject $sql .= " ".(!isset($this->datec) || dol_strlen($this->datec) == 0 ? 'NULL' : "'".$this->db->idate($this->datec)."'").","; $sql .= " ".(!isset($this->date_read) || dol_strlen($this->date_read) == 0 ? 'NULL' : "'".$this->db->idate($this->date_read)."'").","; $sql .= " ".(!isset($this->date_close) || dol_strlen($this->date_close) == 0 ? 'NULL' : "'".$this->db->idate($this->date_close)."'").""; - $sql .= ", ".$conf->entity; + $sql .= ", ".((int) $conf->entity); $sql .= ", ".(!isset($this->notify_tiers_at_create) ? '1' : "'".$this->db->escape($this->notify_tiers_at_create)."'"); $sql .= ")";