chamilo
/
chamilo-lms
mirror of https://github.com/chamilo/chamilo-lms/tree/1.11.x
2
0
Fork 0
Code Issues Projects Releases Wiki Activity

Partially fixes security issues - refs #7440

Browse Source
1.9.x
Yannick Warnier 10 years ago
parent 347ffa1312
commit 01d984ee77
1 changed files with 65 additions and 65 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 130
      main/reservation/rsys.php

130
main/reservation/rsys.php
Unescape View File

@ -33,7 +33,7 @@ class Rsys {
*/
function get_num_subscriptions_reservationperiods($res_id) {
$sql = "SELECT COUNT(*) FROM ".Rsys :: getTable("subscription")." s
WHERE s.reservation_id = '".Database::escape_string($res_id)."'";
WHERE s.reservation_id = '".intval($res_id)."'";
return @ Database::result(Database::query($sql), 0, 0);
}
@ -134,9 +134,9 @@ class Rsys {
* @param - String $name The name
* @return - int The id
*/
function add_category($naam) {
if (Rsys :: check_category($naam)) {
$sql = "INSERT INTO ".Rsys :: getTable("category")." (name) VALUES ('".Database::escape_string($naam)."')";
function add_category($name) {
if (Rsys :: check_category($name)) {
$sql = "INSERT INTO ".Rsys :: getTable("category")." (name) VALUES ('".Database::escape_string($name)."')";
Database::query($sql);
return Database::insert_id();
}
@ -150,7 +150,7 @@ class Rsys {
* @return - boolean True or False
*/
function check_category($name, $id=0) {
$sql = "SELECT name FROM ".Rsys :: getTable("category")." WHERE LCASE(name)='".strtolower(Database::escape_string($name))."' AND id<>".Database::escape_string($id)."";
$sql = "SELECT name FROM ".Rsys :: getTable("category")." WHERE LCASE(name)='".strtolower(Database::escape_string($name))."' AND id<>".intval($id)."";
$Result = Database::query($sql);
return (Database::num_rows($Result) == 0);
}
@ -163,7 +163,7 @@ class Rsys {
*/
function edit_category($id, $name) {
if (Rsys :: check_category($name, $id)) {
$sql = "UPDATE ".Rsys :: getTable("category")." SET name = '".Database::escape_string($name)."' WHERE id =".Database::escape_string($id)."";
$sql = "UPDATE ".Rsys :: getTable("category")." SET name = '".Database::escape_string($name)."' WHERE id =".intval($id)."";
Database::query($sql);
return $id;
}
@ -177,10 +177,10 @@ class Rsys {
*/
function delete_category($id) {
$id = intval($id);
$sql = "SELECT id FROM ".Rsys :: getTable("item")." WHERE category_id=".Database::escape_string($id)."";
$sql = "SELECT id FROM ".Rsys :: getTable("item")." WHERE category_id=".inval($id)."";
$result = Database::query($sql);
if (Database::num_rows($result) == 0) {
$sql2 = "DELETE FROM ".Rsys :: getTable("category")." WHERE id =".Database::escape_string($id)."";
$sql2 = "DELETE FROM ".Rsys :: getTable("category")." WHERE id =".intval($id)."";
Database::query($sql2);
return 0;
} else {
@ -200,7 +200,7 @@ class Rsys {
$id = intval($id);
$sql = "SELECT * FROM ".Rsys :: getTable("category");
if (!empty ($id))
$sql .= " WHERE id = ".Database::escape_string($id)."";
$sql .= " WHERE id = ".intval($id)."";
else
$sql .= " ORDER BY ".$orderby;
$arr = Database::store_result(Database::query($sql));
@ -308,8 +308,8 @@ class Rsys {
function check_item($item, $category, $id=0) {
$sql = "SELECT name FROM ".Rsys :: getTable("item")."
WHERE LCASE(name)='".strtolower(Database::escape_string($item))."'
AND category_id=".Database::escape_string($category)."
AND id<>".Database::escape_string($id)."";
AND category_id=".intval($category)."
AND id<>".intval($id)."";
$Result = Database::query($sql);
return (Database::num_rows($Result) == 0);
}
@ -325,7 +325,7 @@ class Rsys {
*/
function add_item($name, $description, $category, $course = "") {
if (Rsys :: check_item($name, $category)) {
$sql = "INSERT INTO ".Rsys :: getTable("item")." (category_id,course_code,name,description,creator) VALUES ('".Database::escape_string($category)."','".Database::escape_string($course)."','".Database::escape_string($name)."','".Database::escape_string($description)."','".api_get_user_id()."')";
$sql = "INSERT INTO ".Rsys :: getTable("item")." (category_id,course_code,name,description,creator) VALUES ('".intval($category)."','".Database::escape_string($course)."','".Database::escape_string($name)."','".Database::escape_string($description)."','".api_get_user_id()."')";
Database::query($sql);
return Database::insert_id();
}
@ -346,8 +346,8 @@ class Rsys {
return false;
if (!Rsys :: check_item($name, $category, $id))
return false;
$sql = "UPDATE ".Rsys :: getTable("item")." SET category_id='".Database::escape_string($category)."',course_code='".Database::escape_string($course)."',name='".Database::escape_string($name)."',description='".Database::escape_string($description)."' " .
"WHERE id =".Database::escape_string($id)."";
$sql = "UPDATE ".Rsys :: getTable("item")." SET category_id='".intval($category)."',course_code='".Database::escape_string($course)."',name='".Database::escape_string($name)."',description='".Database::escape_string($description)."' " .
"WHERE id =".intval($id)."";
Database::query($sql);
return $id;
}
@ -360,18 +360,18 @@ class Rsys {
function delete_item($id) {
if (!Rsys :: item_allow($id, 'delete'))
return false;
$sql = "SELECT id,end_at FROM".Rsys :: getTable('reservation')." WHERE item_id=".Database::escape_string($id)."";
$sql = "SELECT id,end_at FROM".Rsys :: getTable('reservation')." WHERE item_id=".intval($id)."";
$result = Database::query($sql);
while ($array = Database::fetch_array($result)) {
if (Rsys :: mysql_datetime_to_timestamp(date('Y-m-d H:i:s')) <= Rsys :: mysql_datetime_to_timestamp($array[1]))
$checked = true;
}
if (!$checked) {
$sql = "DELETE FROM ".Rsys :: getTable("item")." WHERE id =".Database::escape_string($id)."";
$sql = "DELETE FROM ".Rsys :: getTable("item")." WHERE id =".intval($id)."";
Database::query($sql);
$sql = "DELETE FROM ".Rsys :: getTable("item_rights")." WHERE item_id =".Database::escape_string($id)."";
$sql = "DELETE FROM ".Rsys :: getTable("item_rights")." WHERE item_id =".intval($id)."";
Database::query($sql);
$sql = "DELETE FROM ".Rsys :: getTable("reservation")." WHERE item_id =".Database::escape_string($id)."";
$sql = "DELETE FROM ".Rsys :: getTable("reservation")." WHERE item_id =".intval($id)."";
Database::query($sql);
return '0';
} else {
@ -403,7 +403,7 @@ class Rsys {
LEFT JOIN ".Rsys :: getTable("item_rights")." ir ON ir.item_id=i.id
LEFT JOIN ".Database :: get_main_table(TABLE_MAIN_CLASS)." c ON ir.class_id=c.id AND ir.item_id = i.id
LEFT JOIN ".Database :: get_main_table(TABLE_MAIN_CLASS_USER)." cu ON cu.class_id = c.id
WHERE i.id='".Database::escape_string($item_id)."' AND (". (!empty ($x) ? "(cu.user_id='".api_get_user_id()."' AND ".$x.") OR " : '')." i.creator='".api_get_user_id()."' OR 1=". (api_is_platform_admin() ? 1 : 0).")";
WHERE i.id='".intval($item_id)."' AND (". (!empty ($x) ? "(cu.user_id='".api_get_user_id()."' AND ".$x.") OR " : '')." i.creator='".api_get_user_id()."' OR 1=". (api_is_platform_admin() ? 1 : 0).")";
return Database::num_rows(Database::query($sql)) > 0;
}
@ -415,7 +415,7 @@ class Rsys {
* @return - Array The returned rows
*/
function get_item($id = null, $orderby = "name ASC") {
$id = Database::escape_string($id);
$id = intval($id);
$sql = "SELECT i.* FROM ".Rsys :: getTable("item")." i";
if (!empty ($id)) {
if (!Rsys :: item_allow($id, 'view'))
@ -438,7 +438,7 @@ class Rsys {
*/
function is_blackout($itemid) {
$sql = "SELECT id FROM ".Rsys :: getTable("item");
$sql .= " WHERE id = ".Database::escape_string($itemid)." AND blackout=1";
$sql .= " WHERE id = ".intval($itemid)." AND blackout=1";
return Database::num_rows(Database::query($sql)) == 1;
}
@ -450,7 +450,7 @@ class Rsys {
* @return - Array The returned rows
*/
function get_category_items($id, $orderby = "name ASC") {
$sql = "SELECT * FROM ".Rsys :: getTable("item")." WHERE category_id = ".Database::escape_string($id)." ORDER BY ".$orderby;
$sql = "SELECT * FROM ".Rsys :: getTable("item")." WHERE category_id = ".intval($id)." ORDER BY ".$orderby;
$arr = Database::store_result(Database::query($sql));
return $arr;
}
@ -463,7 +463,7 @@ class Rsys {
* @return - Array The returned rows
*/
function get_course_items($id, $orderby = "name ASC") {
$sql = "SELECT * FROM ".Rsys :: getTable("item")." WHERE course_id = ".Database::escape_string($id)." ORDER BY ".$orderby;
$sql = "SELECT * FROM ".Rsys :: getTable("item")." WHERE course_code = ".Database::escape_string($id)." ORDER BY ".$orderby;
$arr = Database::store_result(Database::query($sql));
return $arr;
}
@ -486,7 +486,7 @@ class Rsys {
WHERE ((cu.user_id='".api_get_user_id()."' AND (ir.edit_right=1 OR ir.delete_right=1)) OR i.creator='".api_get_user_id()."' OR 1=". (api_is_platform_admin() ? 1 : 0).")";
if (!empty ($_GET['cat']) && $_GET['cat'] <> 0) {
$sql .= " AND ca.id = '".Database::escape_string($_GET['cat'])."' ";
$sql .= " AND ca.id = '".intval($_GET['cat'])."' ";
}
$from = intval($from);
@ -533,7 +533,7 @@ class Rsys {
* @return - Array The returned rows
*/
function get_table_itemrights($from, $per_page, $column, $direction) {
$itemid = Database::escape_string($_GET['item_id']);
$itemid = intval($_GET['item_id']);
$sql = "SELECT id, name FROM ".Database :: get_main_table(TABLE_MAIN_CLASS);
$result = Database::query($sql);
while ($array = Database::fetch_array($result, 'NUM')) {
@ -591,8 +591,8 @@ class Rsys {
}
function set_new_right($item_id, $class_id, $column, $value) {
$item_id = Database::escape_string($item_id);
$class_id = Database::escape_string($class_id);
$item_id = intval($item_id);
$class_id = intval($class_id);
$value = Database::escape_string($value);
$column = Database::escape_string($column);
@ -625,7 +625,7 @@ class Rsys {
* @return - Array The returned rows
*/
function get_itemfiltered_class($item_id) {
$item_id = Database::escape_string($item_id);
$item_id = intval($item_id);
$sql = "SELECT * FROM ".Database :: get_main_table(TABLE_MAIN_CLASS)."
WHERE id NOT IN (SELECT class_id FROM ".Rsys :: getTable("item_rights")." WHERE item_id='".$item_id."') ORDER BY name ASC, code ASC";
$arr = Database::store_result(Database::query($sql));
@ -639,7 +639,7 @@ class Rsys {
* @return - int The amount
*/
function get_num_itemfiltered_class($item_id) {
$item_id = Database::escape_string($item_id);
$item_id = intval($item_id);
$sql = "SELECT COUNT(id) FROM ".Database :: get_main_table(TABLE_MAIN_CLASS)." WHERE id NOT IN (SELECT class_id FROM ".Rsys :: getTable("item_rights")." WHERE item_id='".$item_id."') ORDER BY name ASC, code ASC";
return Database::result(Database::query($sql), 0, 0);
}
@ -656,7 +656,7 @@ class Rsys {
function add_item_right($item_id, $class_id, $edit, $delete, $m_reservation) {
if (!Rsys :: item_allow($item_id, 'm_rights'))
return false;
$sql = "INSERT INTO ".Rsys :: getTable("item_rights")." (item_id,class_id,edit_right,delete_right,m_reservation) VALUES ('".Database::escape_string($item_id)."','".Database::escape_string($class_id)."','".Database::escape_string($edit)."','".Database::escape_string($delete)."','".Database::escape_string($m_reservation)."')";
$sql = "INSERT INTO ".Rsys :: getTable("item_rights")." (item_id,class_id,edit_right,delete_right,m_reservation) VALUES ('".intval($item_id)."','".intval($class_id)."','".Database::escape_string($edit)."','".Database::escape_string($delete)."','".Database::escape_string($m_reservation)."')";
Database::query($sql);
}
@ -671,8 +671,8 @@ class Rsys {
* @return - int The id
*/
function edit_item_right($item_id, $class_id, $edit, $delete, $m_reservation) {
$item_id = Database::escape_string($item_id);
$class_id = Database::escape_string($class_id);
$item_id = intval($item_id);
$class_id = intval($class_id);
if (!Rsys :: item_allow($item_id, 'm_rights'))
return false;
@ -686,8 +686,8 @@ class Rsys {
* @param - int $id The id
*/
function delete_item_right($item_id, $class_id) {
$item_id = Database::escape_string($item_id);
$class_id = Database::escape_string($class_id);
$item_id = intval($item_id);
$class_id = intval($class_id);
if (!Rsys :: item_allow($item_id, 'm_rights'))
return false;
@ -696,15 +696,15 @@ class Rsys {
}
function get_class_group($class_id) {
$class_id = Database::escape_string($class_id);
$class_id = intval($class_id);
$sql = "SELECT * FROM ".Database :: get_main_table(TABLE_MAIN_CLASS)." WHERE id='".$class_id."'";
$arr = Database::store_result(Database::query($sql));
return $arr;
}
function get_item_rights($item_id, $class_id) {
$item_id = Database::escape_string($item_id);
$class_id = Database::escape_string($class_id);
$item_id = intval($item_id);
$class_id = intval($class_id);
$sql = "SELECT * FROM ".Rsys :: getTable('item_rights')." WHERE item_id='".$item_id."' AND class_id='".$class_id."'";
$arr = Database::store_result(Database::query($sql));
@ -712,7 +712,7 @@ class Rsys {
}
function black_out_changer($item_id) {
$item_id = Database::escape_string($item_id);
$item_id = intval($item_id);
$sql = "SELECT blackout FROM ".Rsys :: getTable("item")." WHERE id='".$item_id."'";
$Value = Database::store_result(Database::query($sql));
($Value[0][0] == 0 ? $changedValue = 1 : $changedValue = 0);
@ -723,7 +723,7 @@ class Rsys {
}
function black_out_notifier($item_id, $value) {
$item_id = Database::escape_string($item_id);
$item_id = intval($item_id);
$value = Database::escape_string($value);
$sql = "SELECT id, timepicker FROM ".Rsys :: getTable('reservation')."
@ -791,7 +791,7 @@ class Rsys {
}
function check_date($item_id, $start_date, $end_date, $start_at, $end_at) {
$item_id = Database::escape_string($item_id);
$item_id = intval($item_id);
$start_date = Database::escape_string($start_date);
$end_date = Database::escape_string($end_date);
$start_at = Database::escape_string($start_at);
@ -826,8 +826,8 @@ class Rsys {
}
function check_date_edit($item_id, $start_date, $end_date, $start_at, $end_at, $reservation_id) {
$item_id = Database::escape_string($item_id);
$reservation_id = Database::escape_string($reservation_id);
$item_id = intval($item_id);
$reservation_id = intval($reservation_id);
$start_date = Database::escape_string($start_date);
$end_date = Database::escape_string($end_date);
$start_at = Database::escape_string($start_at);
@ -882,7 +882,7 @@ class Rsys {
* Returns an array with items from a category linked to rights(used by m_reservations.php)
*/
function get_cat_r_items($category) {
$category = Database::escape_string($category);
$category = intval($category);
$sql = "SELECT i.id,i.name as catitem
FROM ".Rsys :: getTable('item')." i
INNER JOIN ".Rsys :: getTable('category')." cat ON cat.id=i.category_id
@ -901,7 +901,7 @@ class Rsys {
* Returns an array with [ itemID => "category/item" ] with view_rights (used by reservation.php)
*/
function get_cat_items($category) {
$category = Database::escape_string($category);
$category = intval($category);
$sql = "SELECT i.id,i.name as catitem
FROM ".Rsys :: getTable('item')." i
INNER JOIN ".Rsys :: getTable('category')." cat ON cat.id=i.category_id
@ -955,7 +955,7 @@ class Rsys {
}
function check_edit_right($id) {
$id = Database::escape_string($id);
$id = intval($id);
$sql = "SELECT r.id
FROM ".Rsys :: getTable('reservation')." r
INNER JOIN ".Rsys :: getTable('item')." i ON r.item_id=i.id
@ -971,7 +971,7 @@ class Rsys {
}
function check_delete_right($id) {
$id = Database::escape_string($id);
$id = intval($id);
$sql = "SELECT r.id
FROM ".Rsys :: getTable('reservation')." r
INNER JOIN ".Rsys :: getTable('item')." i ON r.item_id=i.id
@ -987,7 +987,7 @@ class Rsys {
}
function check_auto_accept($id) {
$id = Database::escape_string($id);
$id = intval($id);
$sql = "SELECT auto_accept FROM ".Rsys :: getTable('reservation')." WHERE id='".$id."'";
return Database::result(Database::query($sql), 0, 0);
}
@ -1068,7 +1068,7 @@ class Rsys {
}
}
$sql = "INSERT INTO ".Rsys :: getTable("reservation")." (item_id,auto_accept,max_users,start_at,end_at,subscribe_from,subscribe_until,notes,timepicker,timepicker_min,timepicker_max,subid) VALUES ('".Database::escape_string($item_id)."','".Database::escape_string($auto_accept)."','". (intval($max_users) > 1 ? $max_users : 1)."','".Database::escape_string($start_at)."','".Database::escape_string($end_at)."','".Database::escape_string($subscribe_from)."','".Database::escape_string($subscribe_until)."','".Database::escape_string($notes)."','".$timepicker."','".$min."','".$max."','". ($subid == 0 ? 0 : $subid)."')";
$sql = "INSERT INTO ".Rsys :: getTable("reservation")." (item_id,auto_accept,max_users,start_at,end_at,subscribe_from,subscribe_until,notes,timepicker,timepicker_min,timepicker_max,subid) VALUES ('".intval($item_id)."','".Database::escape_string($auto_accept)."','". (intval($max_users) > 1 ? $max_users : 1)."','".Database::escape_string($start_at)."','".Database::escape_string($end_at)."','".Database::escape_string($subscribe_from)."','".Database::escape_string($subscribe_until)."','".Database::escape_string($notes)."','".$timepicker."','".$min."','".$max."','". ($subid == 0 ? 0 : $subid)."')";
Database::query($sql);
return 0;
}
@ -1082,7 +1082,7 @@ class Rsys {
*
*/
function edit_reservation($id, $item_id, $auto_accept, $max_users, $start_at, $end_at, $subscribe_from, $subscribe_until, $notes, $timepicker) {
$id = Database::escape_string($id);
$id = intval($id);
if (!Rsys :: item_allow($item_id, 'm_reservation'))
return false;
@ -1116,7 +1116,7 @@ class Rsys {
} else {
$auto_accept = 0;
}
$sql = "UPDATE ".Rsys :: getTable("reservation")." SET item_id='".Database::escape_string($item_id)."',auto_accept='".Database::escape_string($auto_accept)."',max_users='". ($max_users > 1 ? $max_users : 1)."',start_at='".Database::escape_string($start_at)."',end_at='".Database::escape_string($end_at)."',subscribe_from='".Database::escape_string($subscribe_from)."',subscribe_until='".Database::escape_string($subscribe_until)."',notes='".Database::escape_string($notes)."' WHERE id='".$id."'";
$sql = "UPDATE ".Rsys :: getTable("reservation")." SET item_id='".intval($item_id)."',auto_accept='".Database::escape_string($auto_accept)."',max_users='". ($max_users > 1 ? $max_users : 1)."',start_at='".Database::escape_string($start_at)."',end_at='".Database::escape_string($end_at)."',subscribe_from='".Database::escape_string($subscribe_from)."',subscribe_until='".Database::escape_string($subscribe_until)."',notes='".Database::escape_string($notes)."' WHERE id='".$id."'";
Database::query($sql);
return 0;
}
@ -1125,7 +1125,7 @@ class Rsys {
* Deletes a reservation
*/
function delete_reservation($id) {
$id = Database::escape_string($id);
$id = intval($id);
$sql = "SELECT id FROM ".Rsys :: getTable("reservation")."WHERE id='".$id."' OR subid='".$id."'";
$result2 = Database::query($sql);
@ -1148,7 +1148,7 @@ class Rsys {
}
function is_owner_item($id) {
$id = Database::escape_string($id);
$id = intval($id);
$sql = "SELECT creator FROM ".Rsys :: getTable('item')." i ,".Rsys :: getTable('reservation')." r
where i.id = r.item_id
and r.id = '".$id."'
@ -1160,7 +1160,7 @@ class Rsys {
}
function get_reservation($id) {
$id = Database::escape_string($id);
$id = intval($id);
$sql = "SELECT *
FROM ".Rsys :: getTable('reservation')." r
@ -1301,7 +1301,7 @@ class Rsys {
and s.reservation_id = r.id";
if (!empty ($_GET['rid'])) {
$sql .= " and r.id = '".Database::escape_string($_GET['rid'])."'";
$sql .= " and r.id = '".intval($_GET['rid'])."'";
}
$sql .= " ORDER BY col".$column." ".$direction." LIMIT ".$from.",".$per_page;
$result = Database::query($sql);
@ -1354,7 +1354,7 @@ class Rsys {
function set_accepted($id, $value) {
global $subscription;
$id = Database::escape_string($id);
$id = intval($id);
$value = Database::escape_string($value);
$sql = "UPDATE ".Rsys :: getTable('subscription')." SET ACCEPTED='".$value."' WHERE dummy='".$id."'";
Database::query($sql);
@ -1407,7 +1407,7 @@ class Rsys {
*/
function check_date_subscription($reservation_id, $start_at, $end_at) {
$reservation_id = Database::escape_string($reservation_id);
$reservation_id = intval($reservation_id);
$start_at = Database::escape_string($start_at);
$end_at = Database::escape_string($end_at);
@ -1461,7 +1461,7 @@ class Rsys {
}
function check_date_month_calendar($date, $itemid) {
$itemid = Database::escape_string($itemid);
$itemid = intval($itemid);
$date = Database::escape_string($date);
$sql = "SELECT id FROM ".Rsys :: getTable('reservation')."
@ -1485,13 +1485,13 @@ class Rsys {
* @param - int $reservation_id The id off the reservation
*/
function add_subscription($reservation_id, $user_id, $accepted) {
$reservation_id = Database::escape_string($reservation_id);
$user_id = Database::escape_string($user_id);
$accepted = Database::escape_string($accepted);
$reservation_id = intval($reservation_id);
$user_id = intval($user_id);
$accepted = intval($accepted);
$sql = "SELECT user_id FROM ".Rsys :: getTable("subscription")." WHERE user_id='".$user_id."' AND reservation_id='".$reservation_id."'";
if (Database::num_rows(Database::query($sql)) == 0) {
$sql = "INSERT INTO ".Rsys :: getTable("subscription")." (user_id,reservation_id,accepted) VALUES ('".Database::escape_string($user_id)."','".Database::escape_string($reservation_id)."','". ($accepted ? '1' : '0')."')";
$sql = "INSERT INTO ".Rsys :: getTable("subscription")." (user_id,reservation_id,accepted) VALUES ('".intval($user_id)."','".intval($reservation_id)."','". ($accepted ? '1' : '0')."')";
Database::query($sql);
$sql = "UPDATE ".Rsys :: getTable("reservation")." SET subscribers=subscribers+1 WHERE id='".$reservation_id."'";
Database::query($sql);
@ -1528,7 +1528,7 @@ class Rsys {
if ((Rsys :: mysql_datetime_to_timestamp($end_date)-Rsys :: mysql_datetime_to_timestamp($start_date)) > ($max*60))
return 3;
}
$sql = "INSERT INTO ".Rsys :: getTable("subscription")." (user_id,reservation_id,accepted,start_at,end_at) VALUES ('".Database::escape_string($user_id)."','".Database::escape_string($reservation_id)."','". ($accepted ? '1' : '0')."','".$start_date."','".$end_date."')";
$sql = "INSERT INTO ".Rsys :: getTable("subscription")." (user_id,reservation_id,accepted,start_at,end_at) VALUES ('".intval($user_id)."','".intval($reservation_id)."','". ($accepted ? '1' : '0')."','".$start_date."','".$end_date."')";
Database::query($sql);
return 0;
}
@ -1539,7 +1539,7 @@ class Rsys {
function delete_subscription($reservation_id, $dummy) {
$sql = "DELETE FROM ".Rsys :: getTable("subscription")." WHERE dummy='".Database::escape_string($dummy)."'";
Database::query($sql);
$sql = "UPDATE ".Rsys :: getTable("reservation")." SET subscribers=subscribers-1 WHERE id='".Database::escape_string($reservation_id)."'";
$sql = "UPDATE ".Rsys :: getTable("reservation")." SET subscribers=subscribers-1 WHERE id='".intval($reservation_id)."'";
Database::query($sql);
}
@ -1642,7 +1642,7 @@ class Rsys {
* ['max_end_at'] = the maximal end_at in all reservations (usefull to build table)
*/
function get_item_reservations($from, $till, $itemid) {
$itemid = Database::escape_string($itemid);
$itemid = intval($itemid);
$till = Database::escape_string($till);
$from = Database::escape_string($from);
@ -1698,7 +1698,7 @@ class Rsys {
* Returns $reservation_id=>"START_AT - END_AT"
*/
function get_item_subfiltered_reservations($item_id) {
$itemid = Database::escape_string($itemid);
$itemid = intval($itemid);
$sql = "SELECT r.id AS reservation_id, r.start_at, r.end_at
FROM ".Rsys :: getTable('reservation')." r
INNER JOIN ".Rsys :: getTable('item')." i ON r.item_id=i.id

Write Preview
Loading…
Cancel
Save