projects
/
fa-stable.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Additional fix.
[fa-stable.git]
/
dimensions
/
includes
/
dimensions_db.inc
diff --git
a/dimensions/includes/dimensions_db.inc
b/dimensions/includes/dimensions_db.inc
index a66ca53873e7f6de20abca06a1a458b1327da1c5..d0299b668b740906efa69d4dd3f3107fab557ba6 100644
(file)
--- a/
dimensions/includes/dimensions_db.inc
+++ b/
dimensions/includes/dimensions_db.inc
@@
-8,15
+8,13
@@
function add_dimension($reference, $name, $type_, $date_, $due_date, $memo_)
$duedate = date2sql($due_date);
$sql = "INSERT INTO ".TB_PREF."dimensions (reference, name, type_, date_, due_date)
$duedate = date2sql($due_date);
$sql = "INSERT INTO ".TB_PREF."dimensions (reference, name, type_, date_, due_date)
- VALUES (
'$reference', '$name'
, $type_, '$date', '$duedate')";
+ VALUES (
".db_escape($reference).", ".db_escape($name)."
, $type_, '$date', '$duedate')";
db_query($sql, "could not add dimension");
$id = db_insert_id();
add_comments(systypes::dimension(), $id, $date_, $memo_);
db_query($sql, "could not add dimension");
$id = db_insert_id();
add_comments(systypes::dimension(), $id, $date_, $memo_);
- add_forms_for_sys_type(systypes::dimension(), $id);
-
references::save_last($reference, systypes::dimension());
commit_transaction();
references::save_last($reference, systypes::dimension());
commit_transaction();
@@
-31,7
+29,7
@@
function update_dimension($id, $name, $type_, $date_, $due_date, $memo_)
$date = date2sql($date_);
$duedate = date2sql($due_date);
$date = date2sql($date_);
$duedate = date2sql($due_date);
- $sql = "UPDATE ".TB_PREF."dimensions SET name=
'$name'
,
+ $sql = "UPDATE ".TB_PREF."dimensions SET name=
".db_escape($name)."
,
type_ = $type_,
date_='$date',
due_date='$duedate'
type_ = $type_,
date_='$date',
due_date='$duedate'
@@
-56,8
+54,6
@@
function delete_dimension($id)
delete_comments(systypes::dimension(), $id);
delete_comments(systypes::dimension(), $id);
- delete_forms_for_systype(systypes::dimension(), $id);
-
commit_transaction();
}
commit_transaction();
}
@@
-83,15
+79,15
@@
function get_dimension_string($id, $html=false, $space=' ')
{
if ($html)
$dim = " ";
{
if ($html)
$dim = " ";
- else
+ else
$dim = "";
$dim = "";
- }
+ }
else
{
$row = get_dimension($id, true);
$dim = $row['reference'] . $space . $row['name'];
}
else
{
$row = get_dimension($id, true);
$dim = $row['reference'] . $space . $row['name'];
}
-
+
return $dim;
}
return $dim;
}