From 534a825274955e00ad00ea97743d912a04ec1e76 Mon Sep 17 00:00:00 2001
From: ftimme <ft@falkotimme.com>
Date: Fri, 04 May 2012 10:32:10 -0400
Subject: [PATCH] - Fixed FS#2206, FS#2207, FS#2208.
---
interface/lib/classes/db_mysql.inc.php | 83 +++++++++++++++++------------------------
1 files changed, 34 insertions(+), 49 deletions(-)
diff --git a/interface/lib/classes/db_mysql.inc.php b/interface/lib/classes/db_mysql.inc.php
index 6dc14b3..a5881dc 100644
--- a/interface/lib/classes/db_mysql.inc.php
+++ b/interface/lib/classes/db_mysql.inc.php
@@ -1,4 +1,3 @@
-
<?php
/*
Copyright (c) 2005, Till Brehm, projektfarm Gmbh
@@ -151,14 +150,12 @@
}
- // Check der variablen
- // Really.. using quote should be phased out in favor of using bind_param's. Though, for legacy code..
- // here's the equivalent
+ //* Function to quote strings
public function quote($formfield) {
return $this->escape_string($formfield);
}
- // Check der variablen
+ //* Function to unquotae strings
public function unquote($formfield) {
return stripslashes($formfield);
}
@@ -172,44 +169,6 @@
}
return $out;
}
-
- /*
- //* These functions are deprecated and will be removed.
- function insert($tablename,$form,$debug = 0)
- {
- if(is_array($form)){
- foreach($form as $key => $value)
- {
- $sql_key .= "$key, ";
- $sql_value .= "'".$this->check($value)."', ";
- }
- $sql_key = substr($sql_key,0,strlen($sql_key) - 2);
- $sql_value = substr($sql_value,0,strlen($sql_value) - 2);
-
- $sql = "INSERT INTO $tablename (" . $sql_key . ") VALUES (" . $sql_value .")";
-
- if($debug == 1) echo "SQL-Statement: ".$sql."<br><br>";
- $this->query($sql);
- if($debug == 1) echo "mySQL Error Message: ".$this->errorMessage;
- }
- }
-
- function update($tablename,$form,$bedingung,$debug = 0)
- {
-
- if(is_array($form)){
- foreach($form as $key => $value)
- {
- $insql .= "$key = '".$this->check($value)."', ";
- }
- $insql = substr($insql,0,strlen($insql) - 2);
- $sql = "UPDATE $tablename SET " . $insql . " WHERE $bedingung";
- if($debug == 1) echo "SQL-Statement: ".$sql."<br><br>";
- $this->query($sql);
- if($debug == 1) echo "mySQL Error Message: ".$this->errorMessage;
- }
- }
- */
public function diffrec($record_old, $record_new) {
$diffrec_full = array();
@@ -287,9 +246,21 @@
//** Inserts a record and saves the changes into the datalog
public function datalogInsert($tablename, $insert_data, $index_field) {
global $app;
+
+ if(is_array($insert_data)) {
+ $key_str = '';
+ $val_str = '';
+ foreach($insert_data as $key => $val) {
+ $key_str .= "`".$key ."`,";
+ $val_str .= "'".$this->quote($val)."',";
+ }
+ $insert_data_str = '('.$key_str.') VALUES ('.$val_str.')';
+ } else {
+ $insert_data_str = $insert_data;
+ }
$old_rec = array();
- $this->query("INSERT INTO $tablename $insert_data");
+ $this->query("INSERT INTO $tablename $insert_data_str");
$index_value = $this->insertID();
$new_rec = $this->queryOneRecord("SELECT * FROM $tablename WHERE $index_field = '$index_value'");
$this->datalogSave($tablename, 'INSERT', $index_field, $index_value, $old_rec, $new_rec);
@@ -298,10 +269,24 @@
}
//** Updates a record and saves the changes into the datalog
- public function datalogUpdate($tablename, $update_data, $index_field, $index_value) {
- global $app;
-
- $old_rec = $this->queryOneRecord("SELECT * FROM $tablename WHERE $index_field = '$index_value'");
+ public function datalogUpdate($tablename, $update_data, $index_field, $index_value, $force_update = false) {
+ global $app;
+
+ if($force_update == true) {
+ $old_rec = array();
+ } else {
+ $old_rec = $this->queryOneRecord("SELECT * FROM $tablename WHERE $index_field = '$index_value'");
+ }
+
+ if(is_array($update_data)) {
+ $update_data_str = '';
+ foreach($update_data as $key => $val) {
+ $update_data_str .= "`".$key ."` = '".$this->quote($val)."',";
+ }
+ } else {
+ $update_data_str = $update_data;
+ }
+
$this->query("UPDATE $tablename SET $update_data WHERE $index_field = '$index_value'");
$new_rec = $this->queryOneRecord("SELECT * FROM $tablename WHERE $index_field = '$index_value'");
$this->datalogSave($tablename, 'UPDATE', $index_field, $index_value, $old_rec, $new_rec);
@@ -583,4 +568,4 @@
}
- ?>
+ ?>
\ No newline at end of file
--
Gitblit v1.9.1