From 52e95d02dfd837951fa11e17c740fed7ca5fe29a Mon Sep 17 00:00:00 2001
From: Cyril Vazquez <cyril.vazquez@maarch.org>
Date: Tue, 30 Jun 2015 08:56:24 +0000
Subject: [PATCH] FEAT #2480 Include class_db_pdo in index.php and use it on
users_list_by_name
---
.../trunk/admin/users/users_list_by_name.php | 17 ++++++++++-------
.../admin/users/users_management_controler.php | 1 +
maarch_entreprise/trunk/index.php | 1 +
maarch_entreprise/trunk/log.php | 9 +++++----
4 files changed, 17 insertions(+), 11 deletions(-)
diff --git a/maarch_entreprise/trunk/admin/users/users_list_by_name.php b/maarch_entreprise/trunk/admin/users/users_list_by_name.php
index 1d766fe512f..6e9b3c64730 100644
--- a/maarch_entreprise/trunk/admin/users/users_list_by_name.php
+++ b/maarch_entreprise/trunk/admin/users/users_list_by_name.php
@@ -44,19 +44,22 @@ if ($whereSecurityOnEntities == '') {
$whereSecurityOnEntities = " and 1=1 ";
}
-$db = new dbquery();
-$db->connect();
-$db->query(
+$db = new Database();
+$stmt = $db->query(
"select distinct(users.user_id), users.lastname as tag from users, users_entities "
. " where ("
- . "lower(users.lastname) like lower('".$db->protect_string_db($_REQUEST['what'])."%') "
- . " or lower(users.user_id) like lower('".$db->protect_string_db($_REQUEST['what'])."%') "
+ . "lower(users.lastname) like lower(?) "
+ . " or lower(users.user_id) like lower(?) "
. ") and users.status <> 'DEL' " . $whereSecurityOnEntities . " and (users.user_id = users_entities.user_id) "
- . " order by users.lastname"
+ . " order by users.lastname",
+ array(
+ $_REQUEST['what'].'%',
+ $_REQUEST['what'].'%'
+ )
);
$listArray = array();
-while ($line = $db->fetch_object()) {
+while ($line = $stmt->fetchObject()) {
array_push($listArray, $line->tag);
}
echo "<ul>\n";
diff --git a/maarch_entreprise/trunk/admin/users/users_management_controler.php b/maarch_entreprise/trunk/admin/users/users_management_controler.php
index 389547d60eb..bff9bd59731 100644
--- a/maarch_entreprise/trunk/admin/users/users_management_controler.php
+++ b/maarch_entreprise/trunk/admin/users/users_management_controler.php
@@ -285,6 +285,7 @@ function display_del($user_id){
$db = new dbquery();
$db->connect();
$db->query("select * from listmodels WHERE item_id='".$user_id."' AND item_mode='dest'" );
+ //$db->query("select * from listmodels WHERE item_id=? AND item_mode='dest'", array($user_id));
while ($res = $db->fetch_object()) {
array_push($listDiffusion, $res->description);
}
diff --git a/maarch_entreprise/trunk/index.php b/maarch_entreprise/trunk/index.php
index 26398412a81..96800232042 100644
--- a/maarch_entreprise/trunk/index.php
+++ b/maarch_entreprise/trunk/index.php
@@ -31,6 +31,7 @@
*/
include_once('../../core/class/class_functions.php');
include_once '../../core/init.php';
+include_once '../../core/class/class_db_pdo.php';
if ($_SESSION['config']['usePHPIDS'] == 'true') {
include 'apps/maarch_entreprise/phpids_control.php';
diff --git a/maarch_entreprise/trunk/log.php b/maarch_entreprise/trunk/log.php
index c5af884c6ba..9e5a0acaf99 100644
--- a/maarch_entreprise/trunk/log.php
+++ b/maarch_entreprise/trunk/log.php
@@ -136,10 +136,11 @@ if (! empty($_SESSION['error'])) {
// Instantiate database.
$database = new Database();
- $database->query("SELECT * FROM users WHERE user_id LIKE :login");
- $database->bind(':login', $login);
- $database->execute();
- $result = $database->single();
+ $stmt = $database->query(
+ "SELECT * FROM users WHERE user_id LIKE :login",
+ array(':login', $login)
+ );
+ $result = $stmt->fetch();
} else {
$db = new dbquery();
$db->connect();
--
GitLab