mirror of
https://git.code.sf.net/p/seeddms/code
synced 2025-06-01 22:47:19 +00:00
put backticks around identifiers in sql statements
This commit is contained in:
parent
7d82b73208
commit
f6aded2428
|
@ -2003,11 +2003,11 @@ class SeedDMS_Core_DMS {
|
|||
return false;
|
||||
}
|
||||
|
||||
$queryStr = "INSERT INTO tblRoles (name, role) VALUES (".$this->db->qstr($name).", ".$role.")";
|
||||
$queryStr = "INSERT INTO `tblRoles` (`name`, `role`) VALUES (".$this->db->qstr($name).", ".$role.")";
|
||||
if (!$this->db->getResult($queryStr))
|
||||
return false;
|
||||
|
||||
return $this->getRole($this->db->getInsertID());
|
||||
return $this->getRole($this->db->getInsertID('tblRoles'));
|
||||
} /* }}} */
|
||||
|
||||
/**
|
||||
|
@ -2056,11 +2056,11 @@ class SeedDMS_Core_DMS {
|
|||
return false;
|
||||
}
|
||||
|
||||
$queryStr = "INSERT INTO tblTransmittals (name, comment, userID) VALUES (".$this->db->qstr($name).", ".$this->db->qstr($comment).", ".$user->getID().")";
|
||||
$queryStr = "INSERT INTO `tblTransmittals` (`name`, `comment`, `userID`) VALUES (".$this->db->qstr($name).", ".$this->db->qstr($comment).", ".$user->getID().")";
|
||||
if (!$this->db->getResult($queryStr))
|
||||
return false;
|
||||
|
||||
return $this->getTransmittal($this->db->getInsertID());
|
||||
return $this->getTransmittal($this->db->getInsertID('tblTransmittals'));
|
||||
} /* }}} */
|
||||
|
||||
function getKeywordCategory($id) { /* {{{ */
|
||||
|
|
|
@ -758,7 +758,7 @@ class SeedDMS_Core_Document extends SeedDMS_Core_Object { /* {{{ */
|
|||
function isCheckedOut() { /* {{{ */
|
||||
$db = $this->_dms->getDB();
|
||||
|
||||
$queryStr = "SELECT * FROM tblDocumentCheckOuts WHERE document = " . (int) $this->_id;
|
||||
$queryStr = "SELECT * FROM `tblDocumentCheckOuts` WHERE `document` = " . (int) $this->_id;
|
||||
$resArr = $db->getResultArray($queryStr);
|
||||
if ((is_bool($resArr) && $resArr==false) || (count($resArr)==0)) {
|
||||
// Could not find a check out for the selected document.
|
||||
|
@ -778,7 +778,7 @@ class SeedDMS_Core_Document extends SeedDMS_Core_Object { /* {{{ */
|
|||
function getCheckOutInfo() { /* {{{ */
|
||||
$db = $this->_dms->getDB();
|
||||
|
||||
$queryStr = "SELECT * FROM tblDocumentCheckOuts WHERE document = " . (int) $this->_id;
|
||||
$queryStr = "SELECT * FROM `tblDocumentCheckOuts` WHERE `document` = " . (int) $this->_id;
|
||||
$resArr = $db->getResultArray($queryStr);
|
||||
if ((is_bool($resArr) && $resArr==false) || (count($resArr)==0)) {
|
||||
// Could not find a check out for the selected document.
|
||||
|
@ -823,7 +823,7 @@ class SeedDMS_Core_Document extends SeedDMS_Core_Object { /* {{{ */
|
|||
$filename = preg_replace('/[^A-Za-z0-9_-]/', '_', $this->getName()).'.'.$oext;
|
||||
}
|
||||
$filename = $checkoutdir.$this->getID().'-'.$lc->getVersion().'-'.$filename; //$lc->getOriginalFileName();
|
||||
$queryStr = "INSERT INTO tblDocumentCheckOuts (document, version, userID, date, filename) VALUES (".$this->_id.", ".$lc->getVersion().", ".$user->getID().", ".$db->getCurrentDatetime().", ".$db->qstr($filename).")";
|
||||
$queryStr = "INSERT INTO `tblDocumentCheckOuts` (`document`, `version`, `userID`, `date`, `filename`) VALUES (".$this->_id.", ".$lc->getVersion().", ".$user->getID().", ".$db->getCurrentDatetime().", ".$db->qstr($filename).")";
|
||||
if (!$db->getResult($queryStr))
|
||||
return false;
|
||||
|
||||
|
@ -871,7 +871,7 @@ class SeedDMS_Core_Document extends SeedDMS_Core_Object { /* {{{ */
|
|||
|
||||
/* If file doesn't exist anymore, then just remove the record from the db */
|
||||
if(!file_exists($info['filename'])) {
|
||||
$queryStr = "DELETE FROM tblDocumentCheckOuts WHERE document = ".$this->_id;
|
||||
$queryStr = "DELETE FROM `tblDocumentCheckOuts` WHERE `document` = ".$this->_id;
|
||||
$db->getResult($queryStr);
|
||||
return true;
|
||||
}
|
||||
|
@ -894,7 +894,7 @@ class SeedDMS_Core_Document extends SeedDMS_Core_Object { /* {{{ */
|
|||
if(!$this->_dms->forceRename) {
|
||||
SeedDMS_Core_File::removeFile($info['filename']);
|
||||
}
|
||||
$queryStr = "DELETE FROM tblDocumentCheckOuts WHERE document = ".$this->_id;
|
||||
$queryStr = "DELETE FROM `tblDocumentCheckOuts` WHERE `document` = ".$this->_id;
|
||||
$db->getResult($queryStr);
|
||||
return $content;
|
||||
} else {
|
||||
|
@ -902,7 +902,7 @@ class SeedDMS_Core_Document extends SeedDMS_Core_Object { /* {{{ */
|
|||
}
|
||||
} else {
|
||||
SeedDMS_Core_File::removeFile($info['filename']);
|
||||
$queryStr = "DELETE FROM tblDocumentCheckOuts WHERE document = ".$this->_id;
|
||||
$queryStr = "DELETE FROM `tblDocumentCheckOuts` WHERE `document` = ".$this->_id;
|
||||
$db->getResult($queryStr);
|
||||
return true;
|
||||
}
|
||||
|
@ -924,7 +924,7 @@ class SeedDMS_Core_Document extends SeedDMS_Core_Object { /* {{{ */
|
|||
if($info) {
|
||||
SeedDMS_Core_File::removeFile($info['filename']);
|
||||
|
||||
$queryStr = "DELETE FROM tblDocumentCheckOuts WHERE document = ".$this->_id;
|
||||
$queryStr = "DELETE FROM `tblDocumentCheckOuts` WHERE `document` = ".$this->_id;
|
||||
$db->getResult($queryStr);
|
||||
}
|
||||
|
||||
|
@ -1864,7 +1864,7 @@ class SeedDMS_Core_Document extends SeedDMS_Core_Object { /* {{{ */
|
|||
function getLatestContent() { /* {{{ */
|
||||
if (!$this->_latestContent) {
|
||||
$db = $this->_dms->getDB();
|
||||
$queryStr = "SELECT * FROM tblDocumentContent WHERE document = ".$this->_id." ORDER BY version DESC";
|
||||
$queryStr = "SELECT * FROM `tblDocumentContent` WHERE `document` = ".$this->_id." ORDER BY `version` DESC";
|
||||
$resArr = $db->getResultArray($queryStr);
|
||||
if (is_bool($resArr) && !$res)
|
||||
return false;
|
||||
|
@ -2001,7 +2001,7 @@ class SeedDMS_Core_Document extends SeedDMS_Core_Object { /* {{{ */
|
|||
* This implmentation is different from the above for removing approvals
|
||||
* and reviews. It doesn't use getReceiptStatus() but reads the database
|
||||
*/
|
||||
$queryStr = "SELECT * FROM tblDocumentRecipients WHERE documentID = '". $this->getID() ."' AND `version` = '" . $version->_version."'";
|
||||
$queryStr = "SELECT * FROM `tblDocumentRecipients` WHERE `documentID` = '". $this->getID() ."' AND `version` = '" . $version->_version."'";
|
||||
$resArr = $db->getResultArray($queryStr);
|
||||
if ((is_bool($resArr) && !$resArr)) {
|
||||
$db->rollbackTransaction();
|
||||
|
@ -2030,7 +2030,7 @@ class SeedDMS_Core_Document extends SeedDMS_Core_Object { /* {{{ */
|
|||
* This implmentation is different from the above for removing approvals
|
||||
* and reviews. It doesn't use getRevisionStatus() but reads the database
|
||||
*/
|
||||
$queryStr = "SELECT * FROM tblDocumentRevisors WHERE documentID = '". $this->getID() ."' AND `version` = '" . $version->_version."'";
|
||||
$queryStr = "SELECT * FROM `tblDocumentRevisors` WHERE `documentID` = '". $this->getID() ."' AND `version` = '" . $version->_version."'";
|
||||
$resArr = $db->getResultArray($queryStr);
|
||||
if ((is_bool($resArr) && !$resArr)) {
|
||||
$db->rollbackTransaction();
|
||||
|
@ -2810,11 +2810,11 @@ class SeedDMS_Core_DocumentContent extends SeedDMS_Core_Object { /* {{{ */
|
|||
$db = $this->_document->_dms->getDB();
|
||||
|
||||
if(!$date)
|
||||
$queryStr = "UPDATE tblDocumentContent SET revisiondate = null WHERE `document` = " . $this->_document->getID() . " AND `version` = " . $this->_version;
|
||||
$queryStr = "UPDATE `tblDocumentContent` SET `revisiondate` = null WHERE `document` = " . $this->_document->getID() . " AND `version` = " . $this->_version;
|
||||
elseif($date == 'now')
|
||||
$queryStr = "UPDATE tblDocumentContent SET revisiondate = ".$db->getCurrentDatetime()." WHERE `document` = " . $this->_document->getID() . " AND `version` = " . $this->_version;
|
||||
$queryStr = "UPDATE `tblDocumentContent` SET `revisiondate` = ".$db->getCurrentDatetime()." WHERE `document` = " . $this->_document->getID() . " AND `version` = " . $this->_version;
|
||||
else
|
||||
$queryStr = "UPDATE tblDocumentContent SET revisiondate = ".$db->qstr($date)." WHERE `document` = " . $this->_document->getID() . " AND `version` = " . $this->_version;
|
||||
$queryStr = "UPDATE `tblDocumentContent` SET `revisiondate` = ".$db->qstr($date)." WHERE `document` = " . $this->_document->getID() . " AND `version` = " . $this->_version;
|
||||
if (!$db->getResult($queryStr))
|
||||
return false;
|
||||
|
||||
|
@ -3264,7 +3264,7 @@ class SeedDMS_Core_DocumentContent extends SeedDMS_Core_Object { /* {{{ */
|
|||
if (1 || !isset($this->_reviewStatus)) {
|
||||
/* First get a list of all reviews for this document content */
|
||||
$queryStr=
|
||||
"SELECT reviewID FROM tblDocumentReviewers WHERE `version`='".$this->_version
|
||||
"SELECT `reviewID` FROM `tblDocumentReviewers` WHERE `version`='".$this->_version
|
||||
."' AND `documentID` = '". $this->_document->getID() ."' ";
|
||||
$recs = $db->getResultArray($queryStr);
|
||||
if (is_bool($recs) && !$recs)
|
||||
|
@ -3520,7 +3520,7 @@ class SeedDMS_Core_DocumentContent extends SeedDMS_Core_Object { /* {{{ */
|
|||
if (1 || !isset($this->_receiptStatus)) {
|
||||
/* First get a list of all receipts for this document content */
|
||||
$queryStr=
|
||||
"SELECT receiptID FROM tblDocumentRecipients WHERE `version`='".$this->_version
|
||||
"SELECT `receiptID` FROM `tblDocumentRecipients` WHERE `version`='".$this->_version
|
||||
."' AND `documentID` = '". $this->_document->getID() ."' ";
|
||||
$recs = $db->getResultArray($queryStr);
|
||||
if (is_bool($recs) && !$recs)
|
||||
|
@ -3572,7 +3572,7 @@ class SeedDMS_Core_DocumentContent extends SeedDMS_Core_Object { /* {{{ */
|
|||
if (1 || !isset($this->_revisionStatus)) {
|
||||
/* First get a list of all revisions for this document content */
|
||||
$queryStr=
|
||||
"SELECT revisionID FROM tblDocumentRevisors WHERE `version`='".$this->_version
|
||||
"SELECT `revisionID` FROM `tblDocumentRevisors` WHERE `version`='".$this->_version
|
||||
."' AND `documentID` = '". $this->_document->getID() ."' ";
|
||||
$recs = $db->getResultArray($queryStr);
|
||||
if (is_bool($recs) && !$recs)
|
||||
|
@ -4681,7 +4681,7 @@ class SeedDMS_Core_DocumentContent extends SeedDMS_Core_Object { /* {{{ */
|
|||
* user/group from the list of revisors. The first case should not happen.
|
||||
*/
|
||||
if(count($revisionStatus[$field]) == 0) {
|
||||
$queryStr = "DELETE from tblDocumentRevisors WHERE `documentID` = ". $this->_document->getID() ." AND `version` = ".$this->_version." AND `type` = ". $type ." AND `required` = ".$object->getID();
|
||||
$queryStr = "DELETE from `tblDocumentRevisors` WHERE `documentID` = ". $this->_document->getID() ." AND `version` = ".$this->_version." AND `type` = ". $type ." AND `required` = ".$object->getID();
|
||||
echo $queryStr;
|
||||
if (!$db->getResult($queryStr)) {
|
||||
return -1;
|
||||
|
|
|
@ -175,7 +175,7 @@ class SeedDMS_Core_Group { /* {{{ */
|
|||
|
||||
$queryStr = "SELECT `tblUsers`.* FROM `tblUsers` ".
|
||||
"LEFT JOIN `tblGroupMembers` ON `tblGroupMembers`.`userID`=`tblUsers`.`id` ".
|
||||
"WHERE `tblGroupMembers`.`groupID` = '". $this->_id ."' AND tblGroupMembers.manager = 1";
|
||||
"WHERE `tblGroupMembers`.`groupID` = '". $this->_id ."' AND `tblGroupMembers`.`manager` = 1";
|
||||
$resArr = $db->getResultArray($queryStr);
|
||||
if (is_bool($resArr) && $resArr == false)
|
||||
return false;
|
||||
|
|
|
@ -171,7 +171,7 @@ class SeedDMS_Core_Transmittal {
|
|||
function setName($newName) { /* {{{ */
|
||||
$db = $this->_dms->getDB();
|
||||
|
||||
$queryStr = "UPDATE tblTransmittals SET name =".$db->qstr($newName)." WHERE id = " . $this->_id;
|
||||
$queryStr = "UPDATE `tblTransmittals` SET `name` =".$db->qstr($newName)." WHERE `id` = " . $this->_id;
|
||||
$res = $db->getResult($queryStr);
|
||||
if (!$res)
|
||||
return false;
|
||||
|
@ -185,7 +185,7 @@ class SeedDMS_Core_Transmittal {
|
|||
function setComment($newComment) { /* {{{ */
|
||||
$db = $this->_dms->getDB();
|
||||
|
||||
$queryStr = "UPDATE tblTransmittals SET comment =".$db->qstr($newComment)." WHERE id = " . $this->_id;
|
||||
$queryStr = "UPDATE `tblTransmittals` SET `comment` =".$db->qstr($newComment)." WHERE `id` = " . $this->_id;
|
||||
$res = $db->getResult($queryStr);
|
||||
if (!$res)
|
||||
return false;
|
||||
|
@ -263,7 +263,7 @@ class SeedDMS_Core_Transmittal {
|
|||
function remove() { /* {{{ */
|
||||
$db = $this->_dms->getDB();
|
||||
|
||||
$queryStr = "DELETE FROM tblTransmittals WHERE id = " . $this->_id;
|
||||
$queryStr = "DELETE FROM `tblTransmittals` WHERE `id` = " . $this->_id;
|
||||
if (!$db->getResult($queryStr)) {
|
||||
return false;
|
||||
}
|
||||
|
@ -326,7 +326,7 @@ class SeedDMS_Core_TransmittalItem {
|
|||
|
||||
$db = $dms->getDB();
|
||||
|
||||
$queryStr = "SELECT * FROM tblTransmittalItems WHERE id = " . (int) $id;
|
||||
$queryStr = "SELECT * FROM `tblTransmittalItems` WHERE `id` = " . (int) $id;
|
||||
$resArr = $db->getResultArray($queryStr);
|
||||
if (is_bool($resArr) && $resArr == false)
|
||||
return false;
|
||||
|
@ -360,7 +360,7 @@ class SeedDMS_Core_TransmittalItem {
|
|||
$db = $this->_dms->getDB();
|
||||
$transmittal = $this->_transmittal;
|
||||
|
||||
$queryStr = "DELETE FROM tblTransmittalItems WHERE id = " . $this->_id;
|
||||
$queryStr = "DELETE FROM `tblTransmittalItems` WHERE `id` = " . $this->_id;
|
||||
if (!$db->getResult($queryStr)) {
|
||||
return false;
|
||||
}
|
||||
|
@ -386,7 +386,7 @@ class SeedDMS_Core_TransmittalItem {
|
|||
$document = $this->_content->getDocument();
|
||||
$latestcontent = $document->getLatestContent();
|
||||
if($latestcontent->getVersion() != $this->_content->getVersion()) {
|
||||
$queryStr = "UPDATE tblTransmittalItems set version = ".$latestcontent->getVersion()." WHERE id = " . $this->_id;
|
||||
$queryStr = "UPDATE `tblTransmittalItems` set `version` = ".$latestcontent->getVersion()." WHERE `id` = " . $this->_id;
|
||||
if (!$db->getResult($queryStr)) {
|
||||
return false;
|
||||
}
|
||||
|
|
|
@ -108,9 +108,9 @@ class SeedDMS_Core_Role { /* {{{ */
|
|||
$db = $dms->getDB();
|
||||
|
||||
if($orderby == 'ame')
|
||||
$queryStr = "SELECT * FROM tblRoles ORDER BY name";
|
||||
$queryStr = "SELECT * FROM `tblRoles` ORDER BY `name`";
|
||||
else
|
||||
$queryStr = "SELECT * FROM tblRoles ORDER BY id";
|
||||
$queryStr = "SELECT * FROM `tblRoles` ORDER BY `id`";
|
||||
$resArr = $db->getResultArray($queryStr);
|
||||
|
||||
if (is_bool($resArr) && $resArr == false)
|
||||
|
@ -138,7 +138,7 @@ class SeedDMS_Core_Role { /* {{{ */
|
|||
function setName($newName) { /* {{{ */
|
||||
$db = $this->_dms->getDB();
|
||||
|
||||
$queryStr = "UPDATE tblRoles SET name =".$db->qstr($newName)." WHERE id = " . $this->_id;
|
||||
$queryStr = "UPDATE `tblRoles` SET `name` =".$db->qstr($newName)." WHERE `id` = " . $this->_id;
|
||||
$res = $db->getResult($queryStr);
|
||||
if (!$res)
|
||||
return false;
|
||||
|
@ -156,7 +156,7 @@ class SeedDMS_Core_Role { /* {{{ */
|
|||
function setRole($newrole) { /* {{{ */
|
||||
$db = $this->_dms->getDB();
|
||||
|
||||
$queryStr = "UPDATE tblRoles SET role = " . $newrole . " WHERE id = " . $this->_id;
|
||||
$queryStr = "UPDATE `tblRoles` SET `role` = " . $newrole . " WHERE `id` = " . $this->_id;
|
||||
if (!$db->getResult($queryStr))
|
||||
return false;
|
||||
|
||||
|
@ -169,7 +169,7 @@ class SeedDMS_Core_Role { /* {{{ */
|
|||
function setNoAccess($noaccess) { /* {{{ */
|
||||
$db = $this->_dms->getDB();
|
||||
|
||||
$queryStr = "UPDATE tblRoles SET noaccess = " . $db->qstr($noaccess ? implode(',',$noaccess) : '') . " WHERE id = " . $this->_id;
|
||||
$queryStr = "UPDATE `tblRoles` SET `noaccess` = " . $db->qstr($noaccess ? implode(',',$noaccess) : '') . " WHERE `id` = " . $this->_id;
|
||||
if (!$db->getResult($queryStr))
|
||||
return false;
|
||||
|
||||
|
@ -185,7 +185,7 @@ class SeedDMS_Core_Role { /* {{{ */
|
|||
function remove($user) { /* {{{ */
|
||||
$db = $this->_dms->getDB();
|
||||
|
||||
$queryStr = "DELETE FROM tblRoles WHERE id = " . $this->_id;
|
||||
$queryStr = "DELETE FROM `tblRoles` WHERE `id` = " . $this->_id;
|
||||
if (!$db->getResult($queryStr)) {
|
||||
return false;
|
||||
}
|
||||
|
@ -196,7 +196,7 @@ class SeedDMS_Core_Role { /* {{{ */
|
|||
function isUsed() { /* {{{ */
|
||||
$db = $this->_dms->getDB();
|
||||
|
||||
$queryStr = "SELECT * FROM tblUsers WHERE role=".$this->_id;
|
||||
$queryStr = "SELECT * FROM `tblUsers` WHERE `role`=".$this->_id;
|
||||
$resArr = $db->getResultArray($queryStr);
|
||||
if (is_array($resArr) && count($resArr) == 0)
|
||||
return false;
|
||||
|
@ -207,7 +207,7 @@ class SeedDMS_Core_Role { /* {{{ */
|
|||
$db = $this->_dms->getDB();
|
||||
|
||||
if (!isset($this->_users)) {
|
||||
$queryStr = "SELECT * FROM tblUsers WHERE role=".$this->_id;
|
||||
$queryStr = "SELECT * FROM `tblUsers` WHERE `role`=".$this->_id;
|
||||
$resArr = $db->getResultArray($queryStr);
|
||||
if (is_bool($resArr) && $resArr == false)
|
||||
return false;
|
||||
|
@ -514,7 +514,7 @@ class SeedDMS_Core_User { /* {{{ */
|
|||
function setSecret($newSecret) { /* {{{ */
|
||||
$db = $this->_dms->getDB();
|
||||
|
||||
$queryStr = "UPDATE tblUsers SET secret =".$db->qstr($newSecret)." WHERE id = " . $this->_id;
|
||||
$queryStr = "UPDATE `tblUsers` SET `secret` =".$db->qstr($newSecret)." WHERE `id` = " . $this->_id;
|
||||
$res = $db->getResult($queryStr);
|
||||
if (!$res)
|
||||
return false;
|
||||
|
@ -1907,12 +1907,12 @@ class SeedDMS_Core_User { /* {{{ */
|
|||
if(get_class($substitute) != $this->_dms->getClassname('user'))
|
||||
return false;
|
||||
|
||||
$queryStr = "SELECT * FROM tblUserSubstitutes WHERE user=" . $this->_id . " AND substitute=".$substitute->getID();
|
||||
$queryStr = "SELECT * FROM `tblUserSubstitutes` WHERE `user`=" . $this->_id . " AND `substitute`=".$substitute->getID();
|
||||
$resArr = $db->getResultArray($queryStr);
|
||||
if (is_bool($resArr) && $resArr == false) return false;
|
||||
if (count($resArr) == 1) return true;
|
||||
|
||||
$queryStr = "INSERT INTO tblUserSubstitutes (user, substitute) VALUES (" . $this->_id . ", ".$substitute->getID().")";
|
||||
$queryStr = "INSERT INTO `tblUserSubstitutes` (`user`, `substitute`) VALUES (" . $this->_id . ", ".$substitute->getID().")";
|
||||
if (!$db->getResult($queryStr))
|
||||
return false;
|
||||
|
||||
|
@ -1931,12 +1931,12 @@ class SeedDMS_Core_User { /* {{{ */
|
|||
if(get_class($substitute) != $this->_dms->getClassname('user'))
|
||||
return false;
|
||||
|
||||
$queryStr = "SELECT * FROM tblUserSubstitutes WHERE user=" . $this->_id . " AND substitute=".$substitute->getID();
|
||||
$queryStr = "SELECT * FROM `tblUserSubstitutes` WHERE `user`=" . $this->_id . " AND `substitute`=".$substitute->getID();
|
||||
$resArr = $db->getResultArray($queryStr);
|
||||
if (is_bool($resArr) && $resArr == false) return false;
|
||||
if (count($resArr) == 0) return true;
|
||||
|
||||
$queryStr = "DELETE FROM tblUserSubstitutes WHERE user=" . $this->_id . " AND substitute=".$substitute->getID();
|
||||
$queryStr = "DELETE FROM `tblUserSubstitutes` WHERE `user`=" . $this->_id . " AND `substitute`=".$substitute->getID();
|
||||
if (!$db->getResult($queryStr))
|
||||
return false;
|
||||
|
||||
|
@ -1955,7 +1955,7 @@ class SeedDMS_Core_User { /* {{{ */
|
|||
if(get_class($substitute) != $this->_dms->getClassname('user'))
|
||||
return false;
|
||||
|
||||
$queryStr = "SELECT * FROM tblUserSubstitutes WHERE user=" . $this->_id . " AND substitute=".$substitute->getID();
|
||||
$queryStr = "SELECT * FROM `tblUserSubstitutes` WHERE `user`=" . $this->_id . " AND `substitute`=".$substitute->getID();
|
||||
$resArr = $db->getResultArray($queryStr);
|
||||
if (is_bool($resArr) && $resArr == false) return false;
|
||||
if (count($resArr) == 1) return true;
|
||||
|
@ -1983,7 +1983,7 @@ class SeedDMS_Core_User { /* {{{ */
|
|||
if(!$this->isAdmin() && $touser->isAdmin())
|
||||
return false;
|
||||
|
||||
$queryStr = "SELECT * FROM tblUserSubstitutes WHERE substitute=" . $this->_id . " AND user=".$touser->getID();
|
||||
$queryStr = "SELECT * FROM `tblUserSubstitutes` WHERE `substitute`=" . $this->_id . " AND `user`=".$touser->getID();
|
||||
$resArr = $db->getResultArray($queryStr);
|
||||
if (is_bool($resArr) && $resArr == false) return false;
|
||||
if (count($resArr) == 1) return true;
|
||||
|
|
|
@ -111,7 +111,7 @@ class SeedDMS_Core_Workflow { /* {{{ */
|
|||
function setLayoutData($newdata) { /* {{{ */
|
||||
$db = $this->_dms->getDB();
|
||||
|
||||
$queryStr = "UPDATE tblWorkflows SET layoutdata = ".$db->qstr($newdata)." WHERE id = " . $this->_id;
|
||||
$queryStr = "UPDATE `tblWorkflows` SET `layoutdata` = ".$db->qstr($newdata)." WHERE `id` = " . $this->_id;
|
||||
$res = $db->getResult($queryStr);
|
||||
if (!$res)
|
||||
return false;
|
||||
|
|
Loading…
Reference in New Issue
Block a user