FEAT #2480 Include class_db_pdo in index.php and use it on users_list_by_name

52e95d02 · Cyril Vazquez · 00d90d50 · 52e95d02 · 52e95d02 · 52e95d02
Commit 52e95d02 authored 9 years ago by Cyril Vazquez
--- a/maarch_entreprise/trunk/admin/users/users_list_by_name.php
+++ b/maarch_entreprise/trunk/admin/users/users_list_by_name.php
@@ -44,19 +44,22 @@ if ($whereSecurityOnEntities == '') {
    $whereSecurityOnEntities = " and 1=1 ";
 }

-$db = new dbquery();
-$db->connect();
-$db->query(
+$db = new Database();
+$stmt = $db->query(
    "select distinct(users.user_id), users.lastname as tag from users, users_entities "
    . " where ("
-        . "lower(users.lastname) like lower('".$db->protect_string_db($_REQUEST['what'])."%') "
-        . " or lower(users.user_id) like lower('".$db->protect_string_db($_REQUEST['what'])."%') "
+        . "lower(users.lastname) like lower(?) "
+        . " or lower(users.user_id) like lower(?) "
    . ") and users.status <> 'DEL' " . $whereSecurityOnEntities . " and (users.user_id = users_entities.user_id) "
-    . " order by users.lastname"
+    . " order by users.lastname",
+    array(
+        $_REQUEST['what'].'%',
+        $_REQUEST['what'].'%'
+    )
 );

 $listArray = array();
-while ($line = $db->fetch_object()) {
+while ($line = $stmt->fetchObject()) {
    array_push($listArray, $line->tag);
 }
 echo "<ul>\n";

--- a/maarch_entreprise/trunk/admin/users/users_management_controler.php
+++ b/maarch_entreprise/trunk/admin/users/users_management_controler.php
@@ -285,6 +285,7 @@ function display_del($user_id){
    $db = new dbquery();
    $db->connect();
    $db->query("select * from listmodels WHERE item_id='".$user_id."' AND item_mode='dest'" );
+    //$db->query("select * from listmodels WHERE item_id=? AND item_mode='dest'", array($user_id));
    while ($res = $db->fetch_object()) {
            array_push($listDiffusion, $res->description);
        }

--- a/maarch_entreprise/trunk/index.php
+++ b/maarch_entreprise/trunk/index.php
@@ -31,6 +31,7 @@
 */
 include_once('../../core/class/class_functions.php');
 include_once '../../core/init.php';
+include_once '../../core/class/class_db_pdo.php';

 if ($_SESSION['config']['usePHPIDS'] == 'true') {
    include 'apps/maarch_entreprise/phpids_control.php';

--- a/maarch_entreprise/trunk/log.php
+++ b/maarch_entreprise/trunk/log.php
@@ -136,10 +136,11 @@ if (! empty($_SESSION['error'])) {

                // Instantiate database.
                $database = new Database();
-                $database->query("SELECT * FROM users WHERE user_id LIKE :login");
-                $database->bind(':login', $login);
-                $database->execute();
-                $result = $database->single();
+                $stmt = $database->query(
+                    "SELECT * FROM users WHERE user_id LIKE :login", 
+                    array(':login', $login)
+                );
+                $result = $stmt->fetch();
            } else {
                $db = new dbquery();
                $db->connect();