From cd14a1d379e76aa957ebe1220de8eae7bb090749 Mon Sep 17 00:00:00 2001
From: Martin <martin@enavn.com>
Date: Fri, 24 Jun 2016 05:47:18 -0400
Subject: [PATCH] Added missing quotation mark in search value.

---
 interface/lib/classes/tform_base.inc.php |   10 +++++-----
 1 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/interface/lib/classes/tform_base.inc.php b/interface/lib/classes/tform_base.inc.php
index edab62f..5adbdf7 100644
--- a/interface/lib/classes/tform_base.inc.php
+++ b/interface/lib/classes/tform_base.inc.php
@@ -831,7 +831,7 @@
 				}
 
 				//* Add slashes to all records, when we encode data which shall be inserted into mysql.
-				if($dbencode == true) $new_record[$key] = $app->db->quote($new_record[$key]);
+				if($dbencode == true && !is_null($new_record[$key])) $new_record[$key] = $app->db->quote($new_record[$key]);
 			}
 		}
 		return $new_record;
@@ -1002,7 +1002,7 @@
 				unset($error);
 				break;
 			case 'ISINT':
-				if(function_exists('filter_var') && $field_value < 2147483647) {
+				if(function_exists('filter_var') && $field_value < PHP_INT_MAX) {
 					//if($field_value != '' && filter_var($field_value, FILTER_VALIDATE_INT, array("options" => array('min_range'=>0))) === false) {
 					if($field_value != '' && filter_var($field_value, FILTER_VALIDATE_INT) === false) {
 						$errmsg = $validator['errmsg'];
@@ -1039,7 +1039,7 @@
 				break;
 			case 'V6PREFIXLENGTH':
 				// find shortes ipv6 subnet can`t be longer
-				$sql_v6 = $app->db->queryOneRecord("SELECT ip_address FROM server_ip WHERE ip_type = 'IPv6' AND virtualhost = 'y' ORDER BY CHAR_LENGTH(ip_address) ASC LIMIT 0,1;");
+				$sql_v6 = $app->db->queryOneRecord("SELECT ip_address FROM server_ip WHERE ip_type = 'IPv6' AND virtualhost = 'y' ORDER BY CHAR_LENGTH(ip_address) ASC LIMIT 0,1");
 				$sql_v6_explode=explode(':',$sql_v6['ip_address']);
 				$explode_field_value = explode(':',$field_value);
 				if (count($sql_v6_explode) < count($explode_field_value) && isset($sql_v6['ip_address'])) {
@@ -1244,7 +1244,7 @@
 							}
 						} else {
 							$sql_insert_key .= "`$key`, ";
-							$sql_insert_val .= "'".$record[$key]."', ";
+							$sql_insert_val .= (is_null($record[$key]) ? 'NULL' : "'".$record[$key]."'") . ", ";
 						}
 					} else {
 						if($field['formtype'] == 'PASSWORD') {
@@ -1271,7 +1271,7 @@
 								$sql_update .= "`$key` = '".$record[$key]."', ";
 							}
 						} else {
-							$sql_update .= "`$key` = '".$record[$key]."', ";
+							$sql_update .= "`$key` = " . (is_null($record[$key]) ? 'NULL' : "'".$record[$key]."'") . ", ";
 						}
 					}
 				} else {

--
Gitblit v1.9.1