[FEAT] [PARA V2] Fix where clause @

core/class/SecurityControler.php

@@ -335,11 +335,15 @@ class SecurityControler
     * @param  $userId string User identifier
     * @return string Proper where clause
     */
-    public function process_security_where_clause($whereClause, $userId)
+    public function process_security_where_clause($whereClause, $userId, $addWhere = true)
     {
         if (!empty($whereClause)) {
             $whereClause = str_replace("'", "'", $whereClause);
-            $where = ' where ' . $whereClause;
+            if ($addWhere) {
+                $where = ' where ' . $whereClause;
+            } else {
+                $where = $whereClause;
+            }
             // Process with the core vars
             $where = $this->process_where_clause($where, $userId);
             // Process with the modules vars

modules/basket/Models/BasketsModelAbstract.php

@@ -14,6 +14,7 @@
 */
 
 require_once 'apps/maarch_entreprise/services/Table.php';
+require_once 'core/class/SecurityControler.php';
 
 class BasketsModelAbstract extends Apps_Table_Service {
 
@@ -35,7 +36,8 @@ class BasketsModelAbstract extends Apps_Table_Service {
             return [];
         }
 
-        $where = str_replace('@user', "'" .$_SESSION['user']['UserId']. "'", $aBasket[0]['basket_clause']);
+        $sec = new SecurityControler();
+        $where = $sec->process_security_where_clause($aBasket[0]['basket_clause'], $_SESSION['user']['UserId'], false);
 
         $aResList = static::select(
             [