function mysql2_query_secure($sql, $link, $arg = '', $log = false)
{
global $l, $lbl_log;
$query = generate_secure_sql($sql, $arg);
if ($log) {
addLog($log, $query, $lbl_log);
}
if ($_SESSION['OCS']['DEBUG'] == 'ON') {
$_SESSION['OCS']['SQL_DEBUG'][] = html_entity_decode($query, ENT_QUOTES);
}
if (DEMO) {
$rest = mb_strtoupper(substr($query, 0, 6));
if ($rest == 'UPDATE' or $rest == 'INSERT' or $rest == 'DELETE') {
if (DEMO_MSG != 'show') {
msg_info($l->g(2103));
define('DEMO_MSG', 'show');
}
return false;
}
}
$result = mysqli_query($link, $query);
if ($_SESSION['OCS']['DEBUG'] == 'ON' and !$result) {
msg_error(mysqli_error($link));
}
return $result;
}
$result_temp = mysql2_query_secure($sql_temp, $_SESSION['OCS']["readServer"], $arg_temp);
while ($val_temp = mysqli_fetch_array($result_temp)) {
$list[] = $val_temp['id'];
if ($limit_result_cache < count($list)) {
$ERROR = $l->g(959);
break;
}
}
if (!isset($list)) {
$ERROR = $l->g(960);
} else {
$field[$i] = $field[$i] . "_ID";
$field_compar[$i] = " IN ";
$field_value[$i] = " (" . implode(",", $list) . ")";
$field_modif = "field_value";
$sql_temp = generate_secure_sql($sql_temp, $arg_temp);
unset($list);
}
} elseif (isset($table_cache)) {
//si on est sur une table de cache
if ($table_cache[$table[$i]]) {
//on remet à zero le tableau de logiciels
unset($list);
//champ sur lequel s'effectue la recherche
$field_temp = $field_cache[$table_cache[$table[$i]]];
if ($field_temp == $field[$i]) {
$sql_temp = "select " . $field_temp . " as name ";
if (isset($_SESSION['OCS']['USE_NEW_SOFT_TABLES']) and $_SESSION['OCS']['USE_NEW_SOFT_TABLES'] == 1) {
$sql_temp .= ",id ";
}
$sql_temp .= " from " . strtolower($table_cache[$table[$i]]) . " where " . $field_temp . $field_compar[$i] . $field_value[$i];
