CMXX - Product query updates
This commit is contained in:
“VeLiTi”
@@ -14,8 +14,6 @@ if (empty($partner->soldto) || $partner->soldto == ''){$soldto_search = '%';} el
|
||||
//default whereclause
|
||||
$whereclause = '';
|
||||
|
||||
list($whereclause,$condition) = getWhereclause('',$permission,$partner,'get');
|
||||
|
||||
//NEW ARRAY
|
||||
$criterias = [];
|
||||
$clause = '';
|
||||
@@ -52,7 +50,10 @@ if(isset($get_content) && $get_content!=''){
|
||||
if (isset($criterias['productrowid']) && $criterias['productrowid'] != ''){
|
||||
|
||||
//CHECK IF ALLOWED TO CRUD VERSIONS
|
||||
$sql = "SELECT * FROM products WHERE rowID = ? '.$whereclause.'";
|
||||
|
||||
list($whereclause2,$condition) = getWhereclause('',$permission,$partner,'get');
|
||||
|
||||
$sql = "SELECT * FROM products WHERE rowID = ? '.$whereclause2.'";
|
||||
$stmt = $pdo->prepare($sql);
|
||||
$stmt->execute([$criterias['productrowid']]);
|
||||
$product_data = $stmt->fetch();
|
||||
|
||||
@@ -108,7 +108,7 @@ if (isset($post_content['productrowid']) && $post_content['productrowid'] != '')
|
||||
$stmt->execute([$post_content['productrowid'], $hw_eq_version ]);
|
||||
}
|
||||
|
||||
$sql = 'UPDATE products_software SET '.$clause.' WHERE rowID = ? '.$whereclause.'';
|
||||
$sql = 'UPDATE products_software SET '.$clause.' WHERE rowID = ? ';
|
||||
$execute_input[] = $id;
|
||||
$stmt = $pdo->prepare($sql);
|
||||
$stmt->execute($execute_input);
|
||||
@@ -129,7 +129,7 @@ if (isset($post_content['productrowid']) && $post_content['productrowid'] != '')
|
||||
elseif ($command == 'delete' && isAllowed('products_software',$profile,$permission,'D') === 1){
|
||||
|
||||
//GET FILENAME AND REMOVE FROM SERVER
|
||||
$sql = 'SELECT * FROM products_software WHERE rowID = ? '.$whereclause.'';
|
||||
$sql = 'SELECT * FROM products_software WHERE rowID = ? ';
|
||||
$stmt = $pdo->prepare($sql);
|
||||
$stmt->execute([$id]);
|
||||
//Get results
|
||||
@@ -142,7 +142,7 @@ if (isset($post_content['productrowid']) && $post_content['productrowid'] != '')
|
||||
unlink($software_file);
|
||||
}
|
||||
}
|
||||
$stmt = $pdo->prepare('DELETE FROM products_software WHERE rowID = ? '.$whereclause.'');
|
||||
$stmt = $pdo->prepare('DELETE FROM products_software WHERE rowID = ? ');
|
||||
$stmt->execute([ $id ]);
|
||||
|
||||
//Add deletion to changelog
|
||||
|
||||
@@ -68,7 +68,7 @@ if (isset($post_content['productrowid']) && $post_content['productrowid'] != '')
|
||||
|
||||
//QUERY AND VERIFY ALLOWED
|
||||
if ($command == 'update' && isAllowed('products_versions',$profile,$permission,'U') === 1){
|
||||
$sql = 'UPDATE products_versions SET '.$clause.' WHERE rowID = ? '.$whereclause.'';
|
||||
$sql = 'UPDATE products_versions SET '.$clause.' WHERE rowID = ? ';
|
||||
$execute_input[] = $id;
|
||||
$stmt = $pdo->prepare($sql);
|
||||
$stmt->execute($execute_input);
|
||||
@@ -79,7 +79,7 @@ if (isset($post_content['productrowid']) && $post_content['productrowid'] != '')
|
||||
$stmt->execute($execute_input);
|
||||
}
|
||||
elseif ($command == 'delete' && isAllowed('products_versions',$profile,$permission,'D') === 1){
|
||||
$stmt = $pdo->prepare('DELETE FROM products_versions WHERE rowID = ? '.$whereclause.'');
|
||||
$stmt = $pdo->prepare('DELETE FROM products_versions WHERE rowID = ? ');
|
||||
$stmt->execute([ $id ]);
|
||||
|
||||
//Add deletion to changelog
|
||||
|
||||
Reference in New Issue
Block a user