| interface/lib/classes/form.inc.php | ●●●●● patch | view | raw | blame | history | |
| interface/lib/classes/listform.inc.php | ●●●●● patch | view | raw | blame | history | |
| interface/lib/classes/remoting_lib.inc.php | ●●●●● patch | view | raw | blame | history | |
| interface/lib/classes/searchform.inc.php | ●●●●● patch | view | raw | blame | history |
interface/lib/classes/form.inc.php
@@ -286,7 +286,7 @@ * @return record */ function encode($record) { global $app; $this->errorMessage = ''; if(is_array($record)) { @@ -294,7 +294,7 @@ switch ($this->tableDef[$key]['datatype']) { case 'VARCHAR': if(!is_array($val)) { $new_record[$key] = mysql_real_escape_string($val); $new_record[$key] = $app->db->quote($val); } else { $new_record[$key] = implode($this->tableDef[$key]['separator'],$val); } @@ -309,7 +309,7 @@ $new_record[$key] = intval($val); break; case 'DOUBLE': $new_record[$key] = mysql_real_escape_string($val); $new_record[$key] = $app->db->quote($val); break; case 'CURRENCY': $new_record[$key] = str_replace(",",".",$val); @@ -472,4 +472,4 @@ } ?> ?> interface/lib/classes/listform.inc.php
@@ -347,6 +347,7 @@ public function encode($record) { global $app; if(is_array($record)) { foreach($this->listDef['item'] as $field){ $key = $field['field']; @@ -355,7 +356,7 @@ case 'VARCHAR': case 'TEXT': if(!is_array($record[$key])) { $record[$key] = mysql_real_escape_string($record[$key]); $record[$key] = $app->db->quote($record[$key]); } else { $record[$key] = implode($this->tableDef[$key]['separator'],$record[$key]); } @@ -384,7 +385,7 @@ break; case 'DOUBLE': $record[$key] = mysql_real_escape_string($record[$key]); $record[$key] = $app->db->quote($record[$key]); break; case 'CURRENCY': @@ -422,4 +423,4 @@ } ?> ?> interface/lib/classes/remoting_lib.inc.php
@@ -294,7 +294,7 @@ * @return record */ function encode($record) { global $app; if(is_array($record)) { foreach($this->formDef['fields'] as $key => $field) { @@ -303,14 +303,14 @@ switch ($field['datatype']) { case 'VARCHAR': if(!@is_array($record[$key])) { $new_record[$key] = (isset($record[$key]))?mysql_real_escape_string($record[$key]):''; $new_record[$key] = (isset($record[$key]))?$app->db->quote($record[$key]):''; } else { $new_record[$key] = implode($field['separator'],$record[$key]); } break; case 'TEXT': if(!is_array($record[$key])) { $new_record[$key] = mysql_real_escape_string($record[$key]); $new_record[$key] = $app->db->quote($record[$key]); } else { $new_record[$key] = implode($field['separator'],$record[$key]); } @@ -347,7 +347,7 @@ //if($key == 'refresh') die($record[$key]); break; case 'DOUBLE': $new_record[$key] = mysql_real_escape_string($record[$key]); $new_record[$key] = $app->db->quote($record[$key]); break; case 'CURRENCY': $new_record[$key] = str_replace(",",".",$record[$key]); interface/lib/classes/searchform.inc.php
@@ -244,7 +244,7 @@ $list_name = $this->listDef['name']; $settings = $_SESSION['search'][$list_name]; unset($settings['page']); $data = mysql_real_escape_string(serialize($settings)); $data = $app->db->quote(serialize($settings)); $userid = $_SESSION['s']['user']['userid']; $groupid = $_SESSION['s']['user']['default_group']; @@ -301,6 +301,7 @@ public function encode($record) { global $app; if(is_array($record)) { foreach($this->listDef['item'] as $field) { $key = $field['field']; @@ -309,7 +310,7 @@ case 'VARCHAR': case 'TEXT': if(!is_array($record[$key])) { $record[$key] = mysql_real_escape_string($record[$key]); $record[$key] = $app->db->quote($record[$key]); } else { $record[$key] = implode($this->tableDef[$key]['separator'],$record[$key]); } @@ -327,7 +328,7 @@ break; case 'DOUBLE': $record[$key] = mysql_real_escape_string($record[$key]); $record[$key] = $app->db->quote($record[$key]); break; case 'CURRENCY': @@ -340,4 +341,4 @@ } } ?> ?>
