gnh1201/seeddms-code
1
0
Fork 0
mirror of https://git.code.sf.net/p/seeddms/code synced 2024-10-16 21:12:29 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

check if attribute is a string before using it in an sql statement

Browse Source
This commit is contained in:
Uwe Steinmann 2022-03-03 12:45:49 +01:00
parent 5b5ac45e21
commit 10876c6495
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
SeedDMS_Core/Core/inc.ClassDMS.php
View File

@ -1542,7 +1542,7 @@ class SeedDMS_Core_DMS {
if(is_string($attribute))
$attribute = array($attribute);
$searchAttributes[] = "EXISTS (SELECT NULL FROM `tblFolderAttributes` WHERE `tblFolderAttributes`.`attrdef`=".$attrdefid." AND (`tblFolderAttributes`.`value` like '%".$valueset[0].implode("%' OR `tblFolderAttributes`.`value` like '%".$valueset[0], $attribute)."%') AND `tblFolderAttributes`.`folder`=`tblFolders`.`id`)";
} else {
} elseif(is_string($attribute)) {
$searchAttributes[] = "EXISTS (SELECT NULL FROM `tblFolderAttributes` WHERE `tblFolderAttributes`.`attrdef`=".$attrdefid." AND `tblFolderAttributes`.`value`='".$attribute."' AND `tblFolderAttributes`.`folder`=`tblFolders`.`id`)";
}
} else {
@ -1554,7 +1554,7 @@ class SeedDMS_Core_DMS {
$kkll[] = "`tblFolderAttributes`.`value`<='".$attribute['to']."'";
if($kkll)
$searchAttributes[] = "EXISTS (SELECT NULL FROM `tblFolderAttributes` WHERE `tblFolderAttributes`.`attrdef`=".$attrdefid." AND ".implode(' AND ', $kkll)." AND `tblFolderAttributes`.`folder`=`tblFolders`.`id`)";
} else {
} elseif(is_string($attribute)) {
$searchAttributes[] = "EXISTS (SELECT NULL FROM `tblFolderAttributes` WHERE `tblFolderAttributes`.`attrdef`=".$attrdefid." AND `tblFolderAttributes`.`value` like '%".$attribute."%' AND `tblFolderAttributes`.`folder`=`tblFolders`.`id`)";
}
}