WebSVN – eFlore/Applications.cel – Diff – /trunk/jrest/services/InventoryTransmit.php

 <?php
 // In : utf8
 // out : utf8
-// Transmission observation vers Tela
+// Transmission observation vers Tela
-Class InventoryTransmit extends DBAccessor  {
-	var $config;
-	function InventoryTransmit($config) {
-		$this->config=$config;
-	}
 class InventoryTransmit extends Cel  {
 	function updateElement($uid,$pairs) {
-		 // Controle detournement utilisateur
-		    session_start();
- 	        $this->controleUtilisateur($uid[0]);
+		// Controle detournement utilisateur
+		session_start();
-		$DB=$this->connectDB($this->config,'database_cel');
+ 	    $this->controleUtilisateur($uid[0]);
-		if (isset($uid[1])) {
+		if (isset($uid[1]) && $this->estUneSuiteIdentifiantsObservation($uid[1])) {
-	           	$query="UPDATE cel_inventory " .
+	           	$requete_transmission = 'UPDATE cel_inventory '.
-	           	"SET transmission = '".$DB->escapeSimple($pairs['transmission'])."',".
+	           	'SET transmission = '.$pairs['transmission'].','.
-				"date_modification = now(), date_transmission = now() ".
+				'date_modification = now(), date_transmission = now() '.
-	        	"WHERE identifiant='".$DB->escapeSimple($uid[0])."' AND ordre in (".$DB->escapeSimple($uid[1]) .")";
+	        	'WHERE identifiant='.$this->proteger($uid[0]).' AND ordre in ('.$uid[1].')';
+		}
+    	$resultat_transmission = $this->executerRequeteSimple($requete_transmission);
+        if (!$resultat_transmission) {
+        	return false;
+        }
+        return true;
+	}
-    	$res =& $DB->query($query);
+	private function estUneSuiteIdentifiantsObservation($chaine) {
-        if (PEAR::isError($res)) {
-        	die($res->getMessage());
 		// un ensemble d'identifiants est une suite d'identifiants séparés par des virgules
 		// sans virgule terminale
-        return true;
+		$reg_exp = "/^(([0-9])+,)*([0-9])+$/";

Subversion Repositories eFlore/Applications.cel

(root)/trunk/jrest/services/InventoryTransmit.php – Rev 416 → 762