Skip to content

Commit

Permalink
Fix issue #41
Browse files Browse the repository at this point in the history
  • Loading branch information
@MaherSakka
MaherSakka committed Sep 29, 2016
1 parent 66def90 commit 7db6885
Showing 1 changed file with 10 additions and 6 deletions.
16 changes: 10 additions & 6 deletions plugins/restapi/includes/campaigns.php
View file
Expand Up @@ -45,11 +45,17 @@ public static function campaignsCount()
public static function campaignsGet($order_by = 'modified', $order = 'desc', $limit = 10, $offset = 0)
{
if (isset($_REQUEST['order_by']) && !empty($_REQUEST['order_by'])) {

$order_by = $_REQUEST['order_by'];
$order_by = preg_replace('/[^a-zA-Z0-9_$]/', '', $order_by);

if (isset($_REQUEST['order']) && !empty($_REQUEST['order']) &&
(strtolower($_REQUEST['order'] == 'asc') || strtolower($_REQUEST['order'] == 'desc'))) {
$order = $_REQUEST['order'];
}

}
if (isset($_REQUEST['order']) && !empty($_REQUEST['order'])) {
$order = $_REQUEST['order'];
}

if (isset($_REQUEST['limit']) && !empty($_REQUEST['limit'])) {
$limit = intval($_REQUEST['limit']);
}
Expand All @@ -61,12 +67,10 @@ public static function campaignsGet($order_by = 'modified', $order = 'desc', $li
}

$params = array (
'order_by' => array($order_by,PDO::PARAM_STR),
'order' => array($order,PDO::PARAM_STR),
'limit' => array($limit,PDO::PARAM_INT),
'offset' => array($offset,PDO::PARAM_INT),
);
Common::select('Campaigns', 'SELECT * FROM '.$GLOBALS['tables']['message'].' ORDER BY :order_by :order LIMIT :limit OFFSET :offset;',$params);
Common::select('Campaigns', 'SELECT * FROM '.$GLOBALS['tables']['message']." ORDER BY $order_by $order LIMIT :limit OFFSET :offset;",$params);
}

/**
Expand Down

0 comments on commit 7db6885

Please sign in to comment.