本文整理汇总了PHP中DoliDB::escape方法的典型用法代码示例。如果您正苦于以下问题:PHP DoliDB::escape方法的具体用法?PHP DoliDB::escape怎么用?PHP DoliDB::escape使用的例子?那么恭喜您, 这里精选的方法代码示例或许可以为您提供帮助。您也可以进一步了解该方法所在类DoliDB的用法示例。
在下文中一共展示了DoliDB::escape方法的6个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的PHP代码示例。
示例1: getIdAndTxFromCode
/**
* Get id and rate of currency from code
*
* @param DoliDB $db object db
* @param string $code code value search
*
* @return array [0] => id currency
* [1] => rate
*/
public static function getIdAndTxFromCode(&$db, $code)
{
$sql = 'SELECT m.rowid, mc.rate FROM '.MAIN_DB_PREFIX.'multicurrency m';
$sql.= ' LEFT JOIN '.MAIN_DB_PREFIX.'multicurrency_rate mc ON (m.rowid = mc.fk_multicurrency)';
$sql.= ' WHERE m.code = "'.$db->escape($code).'" AND mc.date_sync >= ALL (SELECT date_sync FROM '.MAIN_DB_PREFIX.'multicurrency_rate)';
$resql = $db->query($sql);
if ($resql && $obj = $db->fetch_object($resql)) return array($obj->rowid, $obj->rate);
else return array(0, 1);
}示例2: dolibarr_del_const
/**
* Effacement d'une constante dans la base de donnees
*
* @param DoliDB $db Database handler
* @param string $name Name of constant or rowid of line
* @param int $entity Multi company id, -1 for all entities
* @return int <0 if KO, >0 if OK
*
* @see dolibarr_get_const, dolibarr_set_const, dol_set_user_param
*/
function dolibarr_del_const($db, $name, $entity = 1)
{
global $conf;
if (empty($name)) {
dol_print_error('', 'Error call dolibar_del_const with parameter name empty');
return -1;
}
$sql = "DELETE FROM " . MAIN_DB_PREFIX . "const";
$sql .= " WHERE (" . $db->decrypt('name') . " = '" . $db->escape($name) . "'";
if (is_numeric($name)) {
$sql .= " OR rowid = '" . $db->escape($name) . "'";
}
$sql .= ")";
if ($entity >= 0) {
$sql .= " AND entity = " . $entity;
}
dol_syslog("admin.lib::dolibarr_del_const", LOG_DEBUG);
$resql = $db->query($sql);
if ($resql) {
$conf->global->{$name} = '';
return 1;
} else {
dol_print_error($db);
return -1;
}
}示例3: show_contacts
//.........这里部分代码省略.........
if (!empty($conf->agenda->enabled) && !empty($user->rights->agenda->myactions->create)) {
$colspan++;
print '<td> </td>';
}
// Edit
print '<td> </td>';
print "</tr>";
print '<tr class="liste_titre">';
print '<td class="liste_titre">';
print '<input type="text" class="flat" name="search_name" size="20" value="' . $search_name . '">';
print '</td>';
print '<td> </td>';
print '<td> </td>';
print '<td> </td>';
print '<td> </td>';
print '<td> </td>';
if (!empty($conf->skype->enabled)) {
$colspan++;
print '<td> </td>';
}
// Status
print '<td class="liste_titre maxwidthonsmartphone">';
print $form->selectarray('search_status', array('0' => $langs->trans('ActivityCeased'), '1' => $langs->trans('InActivity')), $search_status);
print '</td>';
// Copy to clipboard
print "<td> </td>";
// Add to agenda
if (!empty($conf->agenda->enabled) && $user->rights->agenda->myactions->create) {
$colspan++;
print '<td> </td>';
}
// Edit
print '<td class="liste_titre" align="right">';
print '<input type="image" class="liste_titre" name="button_search" src="' . img_picto($langs->trans("Search"), 'search.png', '', '', 1) . '" value="' . dol_escape_htmltag($langs->trans("Search")) . '" title="' . dol_escape_htmltag($langs->trans("Search")) . '">';
print '</td>';
print "</tr>";
$sql = "SELECT p.rowid, p.lastname, p.firstname, p.fk_pays as country_id, p.poste, p.phone, p.phone_mobile, p.fax, p.email, p.skype, p.statut ";
$sql .= ", p.civilite as civility_id, p.address, p.zip, p.town";
$sql .= " FROM " . MAIN_DB_PREFIX . "socpeople as p";
$sql .= " WHERE p.fk_soc = " . $object->id;
if ($search_status != '') {
$sql .= " AND p.statut = " . $db->escape($search_status);
}
if ($search_name) {
$sql .= " AND (p.lastname LIKE '%" . $db->escape($search_name) . "%' OR p.firstname LIKE '%" . $db->escape($search_name) . "%')";
}
$sql .= " ORDER BY {$sortfield} {$sortorder}";
dol_syslog('core/lib/company.lib.php :: show_contacts sql=' . $sql, LOG_DEBUG);
$result = $db->query($sql);
$num = $db->num_rows($result);
$var = true;
if ($num) {
$i = 0;
while ($i < $num) {
$obj = $db->fetch_object($result);
$var = !$var;
print "<tr " . $bc[$var] . ">";
print '<td>';
$contactstatic->id = $obj->rowid;
$contactstatic->statut = $obj->statut;
$contactstatic->lastname = $obj->lastname;
$contactstatic->firstname = $obj->firstname;
$contactstatic->civility_id = $obj->civility_id;
print $contactstatic->getNomUrl(1);
print '</td>';
print '<td>' . $obj->poste . '</td>';示例4: getEMailTemplate
/**
* Return template of email
* Search into table c_email_templates
*
* @param DoliDB $db Database handler
* @param string $type_template Get message for key module
* @param string $user Use template public or limited to this user
* @param Translate $outputlangs Output lang object
* @param int $id Id template to find
* @return array array('topic'=>,'content'=>,..)
*/
private function getEMailTemplate($db, $type_template, $user, $outputlangs, $id = 0)
{
$ret = array();
$sql = "SELECT label, topic, content, lang";
$sql .= " FROM " . MAIN_DB_PREFIX . 'c_email_templates';
$sql .= " WHERE type_template='" . $db->escape($type_template) . "'";
$sql .= " AND entity IN (" . getEntity("c_email_templates") . ")";
$sql .= " AND (fk_user is NULL or fk_user = 0 or fk_user = " . $user->id . ")";
if (is_object($outputlangs)) {
$sql .= " AND (lang = '" . $outputlangs->defaultlang . "' OR lang IS NULL OR lang = '')";
}
if (!empty($id)) {
$sql .= " AND rowid=" . $id;
}
$sql .= $db->order("lang,label", "ASC");
//print $sql;
$resql = $db->query($sql);
if ($resql) {
$obj = $db->fetch_object($resql);
// Get first found
if ($obj) {
$ret['label'] = $obj->label;
$ret['topic'] = $obj->topic;
$ret['content'] = $obj->content;
$ret['lang'] = $obj->lang;
} else {
$defaultmessage = '';
if ($type_template == 'facture_send') {
$defaultmessage = $outputlangs->transnoentities("PredefinedMailContentSendInvoice");
} elseif ($type_template == 'facture_relance') {
$defaultmessage = $outputlangs->transnoentities("PredefinedMailContentSendInvoiceReminder");
} elseif ($type_template == 'propal_send') {
$defaultmessage = $outputlangs->transnoentities("PredefinedMailContentSendProposal");
} elseif ($type_template == 'askpricesupplier_send') {
$defaultmessage = $outputlangs->transnoentities("PredefinedMailContentSendAskPriceSupplier");
} elseif ($type_template == 'order_send') {
$defaultmessage = $outputlangs->transnoentities("PredefinedMailContentSendOrder");
} elseif ($type_template == 'order_supplier_send') {
$defaultmessage = $outputlangs->transnoentities("PredefinedMailContentSendSupplierOrder");
} elseif ($type_template == 'invoice_supplier_send') {
$defaultmessage = $outputlangs->transnoentities("PredefinedMailContentSendSupplierInvoice");
} elseif ($type_template == 'shipping_send') {
$defaultmessage = $outputlangs->transnoentities("PredefinedMailContentSendShipping");
} elseif ($type_template == 'fichinter_send') {
$defaultmessage = $outputlangs->transnoentities("PredefinedMailContentSendFichInter");
} elseif ($type_template == 'thirdparty') {
$defaultmessage = $outputlangs->transnoentities("PredefinedMailContentThirdparty");
}
$ret['label'] = 'default';
$ret['topic'] = '';
$ret['content'] = $defaultmessage;
$ret['lang'] = $outputlangs->defaultlang;
}
$db->free($resql);
return $ret;
} else {
dol_print_error($db);
return -1;
}
}示例5: show_contacts
/**
* Show html area for list of contacts
*
* @param Conf $conf Object conf
* @param Translate $langs Object langs
* @param DoliDB $db Database handler
* @param Societe $object Third party object
* @param string $backtopage Url to go once contact is created
* @return void
*/
function show_contacts($conf, $langs, $db, $object, $backtopage = '')
{
global $user, $conf;
global $bc;
$form = new Form($db);
$sortfield = GETPOST("sortfield", 'alpha');
$sortorder = GETPOST("sortorder", 'alpha');
$search_status = GETPOST("search_status", 'int');
if ($search_status == '') {
$search_status = 1;
}
// always display activ customer first
$search_name = GETPOST("search_name", 'alpha');
$search_addressphone = GETPOST("search_addressphone", 'alpha');
if (!$sortorder) {
$sortorder = "ASC";
}
if (!$sortfield) {
$sortfield = "p.lastname";
}
$i = -1;
$contactstatic = new Contact($db);
if (!empty($conf->clicktodial->enabled)) {
$user->fetch_clicktodial();
// lecture des infos de clicktodial
}
$buttoncreate = '';
if ($user->rights->societe->contact->creer) {
$addcontact = !empty($conf->global->SOCIETE_ADDRESSES_MANAGEMENT) ? $langs->trans("AddContact") : $langs->trans("AddContactAddress");
$buttoncreate = '<a class="addnewrecord" href="' . DOL_URL_ROOT . '/contact/card.php?socid=' . $object->id . '&action=create&backtopage=' . urlencode($backtopage) . '">' . $addcontact;
if (empty($conf->dol_optimize_smallscreen)) {
$buttoncreate .= ' ' . img_picto($addcontact, 'filenew');
}
$buttoncreate .= '</a>' . "\n";
}
print "\n";
$title = !empty($conf->global->SOCIETE_ADDRESSES_MANAGEMENT) ? $langs->trans("ContactsForCompany") : $langs->trans("ContactsAddressesForCompany");
print load_fiche_titre($title, $buttoncreate, '');
print '<form method="GET" action="' . $_SERVER["PHP_SELF"] . '" name="formfilter">';
print '<input type="hidden" name="socid" value="' . $object->id . '">';
print '<input type="hidden" name="sortorder" value="' . $sortorder . '">';
print '<input type="hidden" name="sortfield" value="' . $sortfield . '">';
print "\n" . '<table class="noborder" width="100%">' . "\n";
$param = "socid=" . $object->id;
if ($search_status != '') {
$param .= '&search_status=' . $search_status;
}
if ($search_name != '') {
$param .= '&search_name=' . urlencode($search_name);
}
$colspan = 9;
print '<tr class="liste_titre">';
print_liste_field_titre($langs->trans("Name"), $_SERVER["PHP_SELF"], "p.lastname", "", $param, '', $sortfield, $sortorder);
print_liste_field_titre($langs->trans("Poste"), $_SERVER["PHP_SELF"], "p.poste", "", $param, '', $sortfield, $sortorder);
print_liste_field_titre($langs->trans("Address") . ' / ' . $langs->trans("Phone") . ' / ' . $langs->trans("Email"), $_SERVER["PHP_SELF"], "", "", $param, '', $sortfield, $sortorder);
print_liste_field_titre($langs->trans("Status"), $_SERVER["PHP_SELF"], "p.statut", "", $param, '', $sortfield, $sortorder);
// Add to agenda
if (!empty($conf->agenda->enabled) && !empty($user->rights->agenda->myactions->create)) {
$colspan++;
print_liste_field_titre('');
}
// Edit
print_liste_field_titre('');
print "</tr>\n";
$sql = "SELECT p.rowid, p.lastname, p.firstname, p.fk_pays as country_id, p.civility, p.poste, p.phone as phone_pro, p.phone_mobile, p.phone_perso, p.fax, p.email, p.skype, p.statut ";
$sql .= ", p.civility as civility_id, p.address, p.zip, p.town";
$sql .= " FROM " . MAIN_DB_PREFIX . "socpeople as p";
$sql .= " WHERE p.fk_soc = " . $object->id;
if ($search_status != '' && $search_status != '-1') {
$sql .= " AND p.statut = " . $db->escape($search_status);
}
if ($search_name) {
$sql .= " AND (p.lastname LIKE '%" . $db->escape($search_name) . "%' OR p.firstname LIKE '%" . $db->escape($search_name) . "%')";
}
$sql .= " ORDER BY {$sortfield} {$sortorder}";
dol_syslog('core/lib/company.lib.php :: show_contacts', LOG_DEBUG);
$result = $db->query($sql);
if (!$result) {
dol_print_error($db);
}
$num = $db->num_rows($result);
$var = true;
if ($num || (GETPOST('button_search') || GETPOST('button_search.x') || GETPOST('button_search_x'))) {
print '<tr class="liste_titre">';
// Name - Position
print '<td class="liste_titre">';
print '<input type="text" class="flat" name="search_name" size="20" value="' . $search_name . '">';
print '</td>';
// Address / Phone
print '<td>';
//.........这里部分代码省略.........
示例6: migrate_detail_livraison
/**
* Migration des details commandes dans les details livraisons
*
* @param DoliDB $db Database handler
* @param Translate $langs Object langs
* @param Conf $conf Object conf
* @return void
*/
function migrate_detail_livraison($db, $langs, $conf)
{
dolibarr_install_syslog("upgrade2::migrate_detail_livraison");
print '<tr><td colspan="4">';
print '<br>';
print '<b>' . $langs->trans('MigrationDeliveryDetail') . "</b><br>\n";
// This is done if field fk_commande_ligne exists.
// If not this means migration was already done.
$result = $db->DDLDescTable(MAIN_DB_PREFIX . "livraisondet", "fk_commande_ligne");
$obj = $db->fetch_object($result);
if ($obj) {
$error = 0;
$db->begin();
$sql = "SELECT cd.rowid, cd.fk_product, cd.description, cd.subprice, cd.total_ht";
$sql .= ", ld.fk_livraison";
$sql .= " FROM " . MAIN_DB_PREFIX . "commandedet as cd, " . MAIN_DB_PREFIX . "livraisondet as ld";
$sql .= " WHERE ld.fk_commande_ligne = cd.rowid";
$resql = $db->query($sql);
if ($resql) {
$i = 0;
$num = $db->num_rows($resql);
if ($num) {
while ($i < $num) {
$obj = $db->fetch_object($resql);
$sql = "UPDATE " . MAIN_DB_PREFIX . "livraisondet SET";
$sql .= " fk_product=" . $obj->fk_product;
$sql .= ",description='" . $db->escape($obj->description) . "'";
$sql .= ",subprice='" . $obj->subprice . "'";
$sql .= ",total_ht='" . $obj->total_ht . "'";
$sql .= " WHERE fk_commande_ligne = " . $obj->rowid;
$resql2 = $db->query($sql);
if ($resql2) {
$sql = "SELECT total_ht";
$sql .= " FROM " . MAIN_DB_PREFIX . "livraison";
$sql .= " WHERE rowid = " . $obj->fk_livraison;
$resql3 = $db->query($sql);
if ($resql3) {
$obju = $db->fetch_object($resql3);
$total_ht = $obju->total_ht + $obj->total_ht;
$sqlu = "UPDATE " . MAIN_DB_PREFIX . "livraison SET";
$sqlu .= " total_ht='" . $total_ht . "'";
$sqlu .= " WHERE rowid=" . $obj->fk_livraison;
$resql4 = $db->query($sqlu);
if (!$resql4) {
$error++;
dol_print_error($db);
}
} else {
$error++;
dol_print_error($db);
}
} else {
$error++;
dol_print_error($db);
}
print ". ";
$i++;
}
}
if ($error == 0) {
$db->commit();
$sql = "ALTER TABLE " . MAIN_DB_PREFIX . "livraisondet CHANGE fk_commande_ligne fk_origin_line integer";
print $langs->trans('FieldRenamed') . "<br>\n";
$db->query($sql);
} else {
$db->rollback();
}
} else {
dol_print_error($db);
$db->rollback();
}
} else {
$result = $db->DDLDescTable(MAIN_DB_PREFIX . "livraisondet", "fk_origin_line");
$obj = $db->fetch_object($result);
if (!$obj) {
$sql = "ALTER TABLE " . MAIN_DB_PREFIX . "livraisondet ADD COLUMN fk_origin_line integer after fk_livraison";
$db->query($sql);
}
print $langs->trans('AlreadyDone') . "<br>\n";
}
print '</td></tr>';
}