pcwvanbeers/assetmgt
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

CMXX - Update contract security

Browse Source
This commit is contained in:
“VeLiTi”
2024-11-28 13:47:12 +01:00
parent 553c0aef82
commit 868d73c6b5
4 changed files with 7 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
api/v1/get/contracts.php
View File

@@ -76,11 +76,11 @@ if(isset($criterias['totals']) && $criterias['totals'] ==''){
} }
elseif (isset($criterias['list']) && $criterias['list'] =='') { elseif (isset($criterias['list']) && $criterias['list'] =='') {
//SQL for Paging //SQL for Paging
$sql = 'SELECT * FROM contracts c JOIN users u ON c.createdby = u.username '.$whereclause.''; $sql = 'SELECT c.* FROM contracts c JOIN users u ON c.createdby = u.username '.$whereclause.'';
} }
else { else {
//SQL for Paging //SQL for Paging
$sql = 'SELECT * FROM contracts c JOIN users u ON c.createdby = u.username '.$whereclause.' LIMIT :page,:num_products'; $sql = 'SELECT c.* FROM contracts c JOIN users u ON c.createdby = u.username '.$whereclause.' LIMIT :page,:num_products';
} }
$stmt = $pdo->prepare($sql); $stmt = $pdo->prepare($sql);

1
api/v1/post/users.php
View File

@@ -155,6 +155,7 @@ elseif ($command == 'insert'){
$post_content['password'] = generate_jwt($headers, $payload); $post_content['password'] = generate_jwt($headers, $payload);
$post_content['partnerhierarchy'] = $accounthierarchy; $post_content['partnerhierarchy'] = $accounthierarchy;
$post_content['salesID'] = $partner->salesid; $post_content['salesID'] = $partner->salesid;
$post_content['language'] = isset($post_content['language']) ? $post_content['language'] : 'US';
} }
else { else {
//do nothing //do nothing

6
api/v2/get/contracts.php
View File

@@ -76,15 +76,15 @@ if(isset($criterias['totals']) && $criterias['totals'] ==''){
} }
elseif (isset($criterias['list']) && $criterias['list'] =='') { elseif (isset($criterias['list']) && $criterias['list'] =='') {
//SQL for Paging //SQL for Paging
$sql = 'SELECT * FROM contracts c JOIN users u ON c.createdby = u.username '.$whereclause.''; $sql = 'SELECT c.* FROM contracts c JOIN users u ON c.createdby = u.username '.$whereclause.'';
} }
elseif (isset($criterias['p']) && $criterias['p'] =='all') { elseif (isset($criterias['p']) && $criterias['p'] =='all') {
//SQL for Paging //SQL for Paging
$sql = 'SELECT * FROM contracts c JOIN users u ON c.createdby = u.username '.$whereclause.''; $sql = 'SELECT c.* FROM contracts c JOIN users u ON c.createdby = u.username '.$whereclause.'';
} }
else { else {
//SQL for Paging //SQL for Paging
$sql = 'SELECT * FROM contracts c JOIN users u ON c.createdby = u.username '.$whereclause.' LIMIT :page,:num_products'; $sql = 'SELECT c.* FROM contracts c JOIN users u ON c.createdby = u.username '.$whereclause.' LIMIT :page,:num_products';
} }
$stmt = $pdo->prepare($sql); $stmt = $pdo->prepare($sql);

1
api/v2/post/users.php
View File

@@ -155,6 +155,7 @@ elseif ($command == 'insert'){
$post_content['password'] = generate_jwt($headers, $payload); $post_content['password'] = generate_jwt($headers, $payload);
$post_content['partnerhierarchy'] = $accounthierarchy; $post_content['partnerhierarchy'] = $accounthierarchy;
$post_content['salesID'] = $partner->salesid; $post_content['salesID'] = $partner->salesid;
$post_content['language'] = isset($post_content['language']) ? $post_content['language'] : 'US';
} }
else { else {
//do nothing //do nothing