function init($module, $lang, $idURL, $categorie, $sscategorie, $type, $sort, $order, $page, $search) { $entry = Db::fetch_row(Query::selectById($idURL)); $getColumn = Query::selectAll(); $output = Deletes::debut($module, $lang, $categorie, $sscategorie, $sort, $order, $page, $idURL, $search); for ($i = 0; $i < Db::num_fields($getColumn); $i++) { $column = Db::fetch_field($getColumn); $column = $column->name; $details = $entry[$i]; $field = Utils::findField($column); @(!(include_once 'controller/fields/' . $field . '.class.php')); if (class_exists($field)) { if ($field == "date") { $details = Utils::datefr($details); } $getValue = new $field($lang, $details, $column, $type); $details = $getValue->details; if ($this->exclusion($sscategorie, $column)) { $output .= Deletes::delete($details); } } } $output .= Deletes::fin($module, $lang); return $output; }
function insert() { $getColumns = Query::selectAll(); $column = mysql_fetch_field($getColumns); while ($column) { if (isset($_POST[$column->name])) { Utils::manipulateValues($column->name); //Mise en forme des données pour la BD $fields[$column->name] = "'" . Db::escape($_POST[$column->name]) . "'"; } $column = mysql_fetch_field($getColumns); } return Db::executeQuery("INSERT INTO `" . TABLE_PREFIX . CATEGORIE_NOM . "` (`" . implode("`, `", array_keys($fields)) . "`) VALUES (" . implode(", ", $fields) . ")"); }
function init($module, $lang, $categorie, $sscategorie, $type, $sort, $order, $page, $search) { $getColumn = Query::selectAll(); $output = Adds::debut($module, $lang, $categorie, $sscategorie, $sort, $order, $page, $search); for ($i = 0; $i < Db::num_fields($getColumn); $i++) { $column = Db::fetch_field($getColumn); $column = $column->name; $field = Utils::findField($column); @(!(include_once 'controller/fields/' . $field . '.class.php')); if (class_exists($field)) { $getValue = new $field($lang, "", $column, $type); $add = $getValue->add; if ($this->exclusion($sscategorie, $column)) { $output .= Adds::add($add); } } } $output .= Adds::fin($module, $lang); return $output; }
function insert() { $getColumns = Query::selectAll(); $column = mysql_fetch_field($getColumns); while ($column) { if (isset($_POST[$column->name])) { Utils::manipulateValues($column->name); //Mise en forme des données pour la BD $field = Utils::findField($column->name); if ($field != "txtbox" && $field != "photo") { // Exception sur les injections pour les txtbox, car contenu illimité $fields[$column->name] = "'" . Db::escape($_POST[$column->name]) . "'"; } else { $fields[$column->name] = "'" . mysql_real_escape_string($_POST[$column->name]) . "'"; } } $column = mysql_fetch_field($getColumns); } Db::add_transaction(ADD, $_POST['categorie']); return Db::executeQuery("INSERT INTO `" . TABLE_PREFIX . CATEGORIE_NOM . "` (`" . implode("`, `", array_keys($fields)) . "`) VALUES (" . implode(", ", $fields) . ")"); }