From d65eaaf5960c525976ddcb8af32e3aa347f1a5b0 Mon Sep 17 00:00:00 2001
From: mcramer <m.cramer@pixcept.de>
Date: Sat, 16 Jun 2012 13:44:25 -0400
Subject: [PATCH] Bugfix: remoting lib field validation "ISINT" differed from tform validation and leads to 0 values treated as invalid Bugfix: remoting lib did include_once instead of include at form definition files, that leads to malfunction when using multiple definition files at importing and actions like that

---
 interface/lib/classes/searchform.inc.php |   19 ++++++-------------
 1 files changed, 6 insertions(+), 13 deletions(-)

diff --git a/interface/lib/classes/searchform.inc.php b/interface/lib/classes/searchform.inc.php
index 25a9412..035b744 100644
--- a/interface/lib/classes/searchform.inc.php
+++ b/interface/lib/classes/searchform.inc.php
@@ -1,7 +1,7 @@
 <?php
 
 /*
-Copyright (c) 2005, Till Brehm, projektfarm Gmbh
+Copyright (c) 2007, Till Brehm, projektfarm Gmbh
 All rights reserved.
 
 Redistribution and use in source and binary forms, with or without modification,
@@ -26,14 +26,6 @@
 OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
 NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
 EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-*/
-
-/**
-* Listenbehandlung
-*
-* @package searchform
-* @author Till Brehm
-* @version 1.1
 */
 
 class searchform {
@@ -252,7 +244,7 @@
 		$list_name = $this->listDef['name'];
 		$settings = $_SESSION['search'][$list_name];
 		unset($settings['page']);
-		$data = mysql_real_escape_string(serialize($settings));
+		$data = $app->db->quote(serialize($settings));
 		
 		$userid = $_SESSION['s']['user']['userid'];
 		$groupid = $_SESSION['s']['user']['default_group'];
@@ -309,6 +301,7 @@
 
     public function encode($record)
     {
+	global $app;
         if(is_array($record)) {
             foreach($this->listDef['item'] as $field) {
                 $key = $field['field'];
@@ -317,7 +310,7 @@
                     case 'VARCHAR':
                     case 'TEXT':
                         if(!is_array($record[$key])) {
-                            $record[$key] = mysql_real_escape_string($record[$key]);
+                            $record[$key] = $app->db->quote($record[$key]);
                         } else {
                             $record[$key] = implode($this->tableDef[$key]['separator'],$record[$key]);
                         }
@@ -335,7 +328,7 @@
                         break;
 
                     case 'DOUBLE':
-                        $record[$key] = mysql_real_escape_string($record[$key]);
+                        $record[$key] = $app->db->quote($record[$key]);
                         break;
 
                     case 'CURRENCY':
@@ -348,4 +341,4 @@
     }
 }
 
-?>
\ No newline at end of file
+?>

--
Gitblit v1.9.1