From 8662c5bdf4ab42b5db5af61ba1719c3eb4c03dee Mon Sep 17 00:00:00 2001
From: mcramer <m.cramer@pixcept.de>
Date: Wed, 30 Jan 2013 11:34:49 -0500
Subject: [PATCH] - Fixed: FS#2621 - OS update
---
interface/lib/classes/searchform.inc.php | 26 ++++++++++----------------
1 files changed, 10 insertions(+), 16 deletions(-)
diff --git a/interface/lib/classes/searchform.inc.php b/interface/lib/classes/searchform.inc.php
index 25a9412..ef18baf 100644
--- a/interface/lib/classes/searchform.inc.php
+++ b/interface/lib/classes/searchform.inc.php
@@ -1,7 +1,7 @@
<?php
/*
-Copyright (c) 2005, Till Brehm, projektfarm Gmbh
+Copyright (c) 2007, Till Brehm, projektfarm Gmbh
All rights reserved.
Redistribution and use in source and binary forms, with or without modification,
@@ -26,14 +26,6 @@
OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE,
EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-*/
-
-/**
-* Listenbehandlung
-*
-* @package searchform
-* @author Till Brehm
-* @version 1.1
*/
class searchform {
@@ -185,7 +177,7 @@
$sql_von = $_SESSION['search'][$list_name]['page'] * $records_per_page;
$record_count = $app->db->queryOneRecord("SELECT count(*) AS anzahl FROM $table WHERE $sql_where");
- $pages = intval(($record_count['anzahl'] - 1) / $records_per_page);
+ $pages = $app->functions->intval(($record_count['anzahl'] - 1) / $records_per_page);
$vars['list_file'] = $this->listDef['file'];
$vars['page'] = $_SESSION['search'][$list_name]['page'];
@@ -252,7 +244,7 @@
$list_name = $this->listDef['name'];
$settings = $_SESSION['search'][$list_name];
unset($settings['page']);
- $data = mysql_real_escape_string(serialize($settings));
+ $data = $app->db->quote(serialize($settings));
$userid = $_SESSION['s']['user']['userid'];
$groupid = $_SESSION['s']['user']['default_group'];
@@ -272,6 +264,7 @@
public function decode($record)
{
+ global $app;
if(is_array($record)) {
foreach($this->listDef['item'] as $field) {
$key = $field['field'];
@@ -284,7 +277,7 @@
break;
case 'INTEGER':
- $record[$key] = intval($record[$key]);
+ $record[$key] = $app->functions->intval($record[$key]);
break;
case 'DOUBLE':
@@ -309,6 +302,7 @@
public function encode($record)
{
+ global $app;
if(is_array($record)) {
foreach($this->listDef['item'] as $field) {
$key = $field['field'];
@@ -317,7 +311,7 @@
case 'VARCHAR':
case 'TEXT':
if(!is_array($record[$key])) {
- $record[$key] = mysql_real_escape_string($record[$key]);
+ $record[$key] = $app->db->quote($record[$key]);
} else {
$record[$key] = implode($this->tableDef[$key]['separator'],$record[$key]);
}
@@ -331,11 +325,11 @@
break;
case 'INTEGER':
- $record[$key] = intval($record[$key]);
+ $record[$key] = $app->functions->intval($record[$key]);
break;
case 'DOUBLE':
- $record[$key] = mysql_real_escape_string($record[$key]);
+ $record[$key] = $app->db->quote($record[$key]);
break;
case 'CURRENCY':
@@ -348,4 +342,4 @@
}
}
-?>
\ No newline at end of file
+?>
--
Gitblit v1.9.1