Permalink
Browse files

Fix against SQL injection. Add phpunit to detect missing escapement.

  • Loading branch information...
eldy committed May 12, 2017
1 parent 0d11fce commit fa290c34fad108ec7c0751c0372ae9c4b4f63b06
Showing with 202 additions and 198 deletions.
  1. +4 −4 htdocs/accountancy/class/accountingaccount.class.php
  2. +5 −5 htdocs/accountancy/class/bookkeeping.class.php
  3. +2 −2 htdocs/adherents/class/adherent.class.php
  4. +2 −2 htdocs/adherents/class/adherent_type.class.php
  5. +3 −3 htdocs/bookmarks/class/bookmark.class.php
  6. +5 −5 htdocs/categories/class/categorie.class.php
  7. +6 −6 htdocs/comm/action/class/actioncomm.class.php
  8. +5 −5 htdocs/comm/mailing/class/mailing.class.php
  9. +1 −1 htdocs/comm/propal/class/propal.class.php
  10. +3 −3 htdocs/compta/bank/class/account.class.php
  11. +6 −6 htdocs/compta/bank/class/paymentvarious.class.php
  12. +2 −2 htdocs/compta/deplacement/class/deplacement.class.php
  13. +1 −1 htdocs/compta/paiement/cheque/class/remisecheque.class.php
  14. +4 −4 htdocs/compta/prelevement/class/bonprelevement.class.php
  15. +1 −1 htdocs/contact/class/contact.class.php
  16. +5 −5 htdocs/contrat/class/contrat.class.php
  17. +16 −16 htdocs/core/class/commonobject.class.php
  18. +1 −1 htdocs/core/class/events.class.php
  19. +2 −2 htdocs/core/class/fiscalyear.class.php
  20. +2 −2 htdocs/core/class/link.class.php
  21. +4 −4 htdocs/core/class/menubase.class.php
  22. +6 −6 htdocs/core/modules/DolibarrModules.class.php
  23. +2 −2 htdocs/core/modules/modAdherent.class.php
  24. +2 −2 htdocs/core/modules/modCommande.class.php
  25. +2 −2 htdocs/core/modules/modDon.class.php
  26. +4 −4 htdocs/core/modules/modExpedition.class.php
  27. +2 −2 htdocs/core/modules/modFacture.class.php
  28. +2 −2 htdocs/core/modules/modFicheinter.class.php
  29. +2 −2 htdocs/core/modules/modFournisseur.class.php
  30. +2 −2 htdocs/core/modules/modPrelevement.class.php
  31. +4 −4 htdocs/core/modules/modProjet.class.php
  32. +2 −2 htdocs/core/modules/modPropale.class.php
  33. +2 −2 htdocs/core/modules/modSupplierProposal.class.php
  34. +4 −4 htdocs/don/class/don.class.php
  35. +1 −1 htdocs/ecm/class/ecmdirectory.class.php
  36. +1 −1 htdocs/ecm/class/ecmfiles.class.php
  37. +5 −5 htdocs/expedition/class/expedition.class.php
  38. +8 −8 htdocs/expensereport/class/expensereport.class.php
  39. +2 −2 htdocs/fichinter/class/fichinter.class.php
  40. +4 −4 htdocs/fourn/class/fournisseur.commande.class.php
  41. +3 −3 htdocs/fourn/class/fournisseur.facture.class.php
  42. +6 −6 htdocs/holiday/class/holiday.class.php
  43. +5 −5 htdocs/hrm/class/establishment.class.php
  44. +1 −1 htdocs/livraison/class/livraison.class.php
  45. +2 −2 htdocs/loan/class/loan.class.php
  46. +1 −1 htdocs/product/canvas/product/actions_card_product.class.php
  47. +1 −1 htdocs/product/canvas/service/actions_card_service.class.php
  48. +9 −9 htdocs/product/class/product.class.php
  49. +1 −1 htdocs/projet/class/project.class.php
  50. +1 −1 htdocs/projet/class/projectstats.class.php
  51. +6 −6 htdocs/societe/class/companybankaccount.class.php
  52. +8 −8 htdocs/societe/class/societe.class.php
  53. +4 −4 htdocs/supplier_proposal/class/supplier_proposal.class.php
  54. +6 −6 htdocs/user/class/userbankaccount.class.php
  55. +6 −3 test/phpunit/AllTests.php
  56. +5 −4 test/phpunit/{CodingPHPTest.php → CodingPhpTest.php}
  57. 0 test/phpunit/{SqlTest.php → CodingSqlTest.php}
@@ -251,12 +251,12 @@ function update($user)
$sql .= " SET fk_pcg_version = " . ($this->fk_pcg_version ? "'" . $this->db->escape($this->fk_pcg_version) . "'" : "null");
$sql .= " , pcg_type = " . ($this->pcg_type ? "'" . $this->db->escape($this->pcg_type) . "'" : "null");
$sql .= " , pcg_subtype = " . ($this->pcg_subtype ? "'" . $this->db->escape($this->pcg_subtype) . "'" : "null");
- $sql .= " , account_number = '" . $this->account_number . "'";
- $sql .= " , account_parent = '" . $this->account_parent . "'";
+ $sql .= " , account_number = '" . $this->db->escape($this->account_number) . "'";
+ $sql .= " , account_parent = '" . $this->db->escape($this->account_parent) . "'";
$sql .= " , label = " . ($this->label ? "'" . $this->db->escape($this->label) . "'" : "null");
- $sql .= " , fk_accounting_category = '" . $this->account_category . "'";
+ $sql .= " , fk_accounting_category = '" . $this->db->escape($this->account_category) . "'";
$sql .= " , fk_user_modif = " . $user->id;
- $sql .= " , active = '" . $this->active . "'";
+ $sql .= " , active = " . $this->active;
$sql .= " WHERE rowid = " . $this->id;
dol_syslog(get_class($this) . "::update sql=" . $sql, LOG_DEBUG);
@@ -189,10 +189,10 @@ public function create(User $user, $notrigger = false) {
// First check if line not yet already in bookkeeping
$sql = "SELECT count(*) as nb";
$sql .= " FROM " . MAIN_DB_PREFIX . $this->table_element;
- $sql .= " WHERE doc_type = '" . $this->doc_type . "'";
+ $sql .= " WHERE doc_type = '" . $this->db->escape($this->doc_type) . "'";
$sql .= " AND fk_doc = " . $this->fk_doc;
$sql .= " AND fk_docdet = " . $this->fk_docdet; // This field can be 0 is record is for several lines
- $sql .= " AND numero_compte = '" . $this->numero_compte . "'";
+ $sql .= " AND numero_compte = '" . $this->db->escape($this->numero_compte) . "'";
$sql .= " AND entity IN (" . getEntity("accountancy", 1) . ")";
$resql = $this->db->query($sql);
@@ -204,9 +204,9 @@ public function create(User $user, $notrigger = false) {
// Determine piece_num
$sqlnum = "SELECT piece_num";
$sqlnum .= " FROM " . MAIN_DB_PREFIX . $this->table_element;
- $sqlnum .= " WHERE doc_type = '" . $this->doc_type . "'"; // For example doc_type = 'bank'
- $sqlnum .= " AND fk_docdet = '" . $this->fk_docdet . "'"; // fk_docdet is rowid into llx_bank or llx_facturedet or llx_facturefourndet, or ...
- $sqlnum .= " AND doc_ref = '" . $this->doc_ref . "'"; // ref of source object
+ $sqlnum .= " WHERE doc_type = '" . $this->db->escape($this->doc_type) . "'"; // For example doc_type = 'bank'
+ $sqlnum .= " AND fk_docdet = " . $this->db->escape($this->fk_docdet); // fk_docdet is rowid into llx_bank or llx_facturedet or llx_facturefourndet, or ...
+ $sqlnum .= " AND doc_ref = '" . $this->db->escape($this->doc_ref) . "'"; // ref of source object
$sqlnum .= " AND entity IN (" . getEntity("accountancy", 1) . ")";
dol_syslog(get_class($this) . ":: create sqlnum=" . $sqlnum, LOG_DEBUG);
@@ -345,7 +345,7 @@ function create($user,$notrigger=0)
{
// Add link to user
$sql = "UPDATE ".MAIN_DB_PREFIX."user SET";
- $sql.= " fk_member = '".$this->id."'";
+ $sql.= " fk_member = ".$this->id;
$sql.= " WHERE rowid = ".$this->user_id;
dol_syslog(get_class($this)."::create", LOG_DEBUG);
$resql = $this->db->query($sql);
@@ -1099,7 +1099,7 @@ function fetch($rowid,$ref='',$fk_soc='',$ref_ext='')
elseif ($ref || $fk_soc) {
$sql.= " AND d.entity IN (".getEntity().")";
if ($ref) $sql.= " AND d.rowid='".$this->db->escape($ref)."'";
- elseif ($fk_soc) $sql.= " AND d.fk_soc='".$fk_soc."'";
+ elseif ($fk_soc > 0) $sql.= " AND d.fk_soc=".$fk_soc;
}
elseif ($ref_ext)
{
@@ -123,9 +123,9 @@ function update($user)
$sql.= "SET ";
$sql.= "statut = ".$this->statut.",";
$sql.= "libelle = '".$this->db->escape($this->libelle) ."',";
- $sql.= "subscription = '".$this->subscription."',";
+ $sql.= "subscription = '".$this->db->escape($this->subscription)."',";
$sql.= "note = '".$this->db->escape($this->note)."',";
- $sql.= "vote = '".$this->vote."',";
+ $sql.= "vote = '".$this->db->escape($this->vote)."',";
$sql.= "mail_valid = '".$this->db->escape($this->mail_valid)."'";
$sql .= " WHERE rowid =".$this->id;
@@ -173,10 +173,10 @@ function update()
$sql.= " SET fk_user = ".($this->fk_user > 0?"'".$this->fk_user."'":"0");
$sql.= " ,dateb = '".$this->db->idate($this->datec)."'";
$sql.= " ,url = '".$this->db->escape($this->url)."'";
- $sql.= " ,target = '".$this->target."'";
+ $sql.= " ,target = '".$this->db->escape($this->target)."'";
$sql.= " ,title = '".$this->db->escape($this->title)."'";
- $sql.= " ,favicon = '".$this->favicon."'";
- $sql.= " ,position = '".$this->position."'";
+ $sql.= " ,favicon = '".$this->db->escape($this->favicon)."'";
+ $sql.= " ,position = '".$this->db->escape($this->position)."'";
$sql.= " WHERE rowid = ".$this->id;
dol_syslog("Bookmark::update", LOG_DEBUG);
@@ -189,9 +189,9 @@ function fetch($id,$label='',$type='')
$sql = "SELECT rowid, fk_parent, entity, label, description, color, fk_soc, visible, type";
$sql.= " FROM ".MAIN_DB_PREFIX."categorie";
- if ($id)
+ if ($id > 0)
{
- $sql.= " WHERE rowid = '".$id."'";
+ $sql.= " WHERE rowid = ".$id;
}
else
{
@@ -399,7 +399,7 @@ function update($user='')
{
$sql .= ", fk_soc = ".($this->socid != -1 ? $this->socid : 'null');
}
- $sql .= ", visible = '".$this->visible."'";
+ $sql .= ", visible = '".$this->db->escape($this->visible)."'";
$sql .= ", fk_parent = ".$this->fk_parent;
$sql .= " WHERE rowid = ".$this->id;
@@ -1670,7 +1670,7 @@ function setMultiLangs($user)
$sql2 = "UPDATE ".MAIN_DB_PREFIX."categorie_lang";
$sql2.= " SET label='".$this->db->escape($this->label)."',";
$sql2.= " description='".$this->db->escape($this->description)."'";
- $sql2.= " WHERE fk_category=".$this->id." AND lang='".$key."'";
+ $sql2.= " WHERE fk_category=".$this->id." AND lang='".$this->db->escape($key)."'";
}
else
{
@@ -1692,7 +1692,7 @@ function setMultiLangs($user)
$sql2 = "UPDATE ".MAIN_DB_PREFIX."categorie_lang";
$sql2.= " SET label='".$this->db->escape($this->multilangs["$key"]["label"])."',";
$sql2.= " description='".$this->db->escape($this->multilangs["$key"]["description"])."'";
- $sql2.= " WHERE fk_category=".$this->id." AND lang='".$key."'";
+ $sql2.= " WHERE fk_category=".$this->id." AND lang='".$this->db->escape($key)."'";
}
else
{
@@ -753,8 +753,8 @@ function update($user,$notrigger=0)
$this->db->begin();
$sql = "UPDATE ".MAIN_DB_PREFIX."actioncomm ";
- $sql.= " SET percent = '".$this->percentage."'";
- if ($this->fk_action > 0) $sql.= ", fk_action = '".$this->fk_action."'";
+ $sql.= " SET percent = '".$this->db->escape($this->percentage)."'";
+ if ($this->fk_action > 0) $sql.= ", fk_action = '".$this->db->escape($this->fk_action)."'";
$sql.= ", label = ".($this->label ? "'".$this->db->escape($this->label)."'":"null");
$sql.= ", datep = ".(strval($this->datep)!='' ? "'".$this->db->idate($this->datep)."'" : 'null');
$sql.= ", datep2 = ".(strval($this->datef)!='' ? "'".$this->db->idate($this->datef)."'" : 'null');
@@ -763,11 +763,11 @@ function update($user,$notrigger=0)
$sql.= ", fk_project =". ($this->fk_project > 0 ? "'".$this->fk_project."'":"null");
$sql.= ", fk_soc =". ($socid > 0 ? "'".$socid."'":"null");
$sql.= ", fk_contact =". ($contactid > 0 ? "'".$contactid."'":"null");
- $sql.= ", priority = '".$this->priority."'";
- $sql.= ", fulldayevent = '".$this->fulldayevent."'";
+ $sql.= ", priority = '".$this->db->escape($this->priority)."'";
+ $sql.= ", fulldayevent = '".$this->db->escape($this->fulldayevent)."'";
$sql.= ", location = ".($this->location ? "'".$this->db->escape($this->location)."'":"null");
- $sql.= ", transparency = '".$this->transparency."'";
- $sql.= ", fk_user_mod = '".$user->id."'";
+ $sql.= ", transparency = '".$this->db->escape($this->transparency)."'";
+ $sql.= ", fk_user_mod = ".$user->id;
$sql.= ", fk_user_action=".($userownerid > 0 ? "'".$userownerid."'":"null");
$sql.= ", fk_user_done=".($userdoneid > 0 ? "'".$userdoneid."'":"null");
if (! empty($this->fk_element)) $sql.= ", fk_element=".($this->fk_element?$this->fk_element:"null");
@@ -159,11 +159,11 @@ function update($user)
$sql .= " SET titre = '".$this->db->escape($this->titre)."'";
$sql .= ", sujet = '".$this->db->escape($this->sujet)."'";
$sql .= ", body = '".$this->db->escape($this->body)."'";
- $sql .= ", email_from = '".$this->email_from."'";
- $sql .= ", email_replyto = '".$this->email_replyto."'";
- $sql .= ", email_errorsto = '".$this->email_errorsto."'";
- $sql .= ", bgcolor = '".($this->bgcolor?$this->bgcolor:null)."'";
- $sql .= ", bgimage = '".($this->bgimage?$this->bgimage:null)."'";
+ $sql .= ", email_from = '".$this->db->escape($this->email_from)."'";
+ $sql .= ", email_replyto = '".$this->db->escape($this->email_replyto)."'";
+ $sql .= ", email_errorsto = '".$this->db->escape($this->email_errorsto)."'";
+ $sql .= ", bgcolor = '".($this->bgcolor?$this->db->escape($this->bgcolor):null)."'";
+ $sql .= ", bgimage = '".($this->bgimage?$this->db->escape($this->bgimage):null)."'";
$sql .= " WHERE rowid = ".$this->id;
dol_syslog("Mailing::Update", LOG_DEBUG);
@@ -1021,7 +1021,7 @@ function create($user, $notrigger=0)
{
$sql = "UPDATE ".MAIN_DB_PREFIX."propal";
$sql.= " SET fk_delivery_address = ".$this->fk_delivery_address;
- $sql.= " WHERE ref = '".$this->ref."'";
+ $sql.= " WHERE ref = '".$this->db->escape($this->ref)."'";
$sql.= " AND entity = ".$conf->entity;
$result=$this->db->query($sql);
@@ -701,8 +701,8 @@ function update(User $user = null, $notrigger = 0)
$sql.= ",clos = ".$this->clos;
$sql.= ",rappro = ".$this->rappro;
$sql.= ",url = ".($this->url?"'".$this->url."'":"null");
- $sql.= ",account_number = '".$this->account_number."'";
- $sql.= ",fk_accountancy_journal = '".$this->fk_accountancy_journal."'";
+ $sql.= ",account_number = '".$this->db->escape($this->account_number)."'";
+ $sql.= ",fk_accountancy_journal = '".$this->db->escape($this->fk_accountancy_journal)."'";
$sql.= ",bank = '".$this->db->escape($this->bank)."'";
$sql.= ",code_banque='".$this->db->escape($this->code_banque)."'";
@@ -1858,7 +1858,7 @@ function update_conciliation(User $user, $cat)
$sql = "UPDATE ".MAIN_DB_PREFIX."bank SET";
$sql.= " rappro = 1";
- $sql.= ", num_releve = '".$this->num_releve."'";
+ $sql.= ", num_releve = '".$this->db->escape($this->num_releve)."'";
$sql.= ", fk_user_rappro = ".$user->id;
$sql.= " WHERE rowid = ".$this->id;
@@ -88,19 +88,19 @@ function update($user=null, $notrigger=0)
$sql = "UPDATE ".MAIN_DB_PREFIX."payment_salary SET";
$sql.= " tms=".$this->db->idate($this->tms).",";
- $sql.= " fk_user='".$this->fk_user."',";
+ $sql.= " fk_user=".$this->fk_user.",";
$sql.= " datep=".$this->db->idate($this->datep).",";
$sql.= " datev=".$this->db->idate($this->datev).",";
$sql.= " sens=".$this->sens.",";
- $sql.= " amount='".$this->amount."',";
+ $sql.= " amount=".price2num($this->amount).",";
$sql.= " fk_typepayment=".$this->fk_typepayment."',";
- $sql.= " num_payment='".$this->num_payment."',";
+ $sql.= " num_payment='".$this->db->escape($this->num_payment)."',";
$sql.= " label='".$this->db->escape($this->label)."',";
$sql.= " note='".$this->db->escape($this->note)."',";
$sql.= " accountancy_code='".$this->db->escape($this->accountancy_code)."',";
- $sql.= " fk_bank=".($this->fk_bank > 0 ? "'".$this->fk_bank."'":"null").",";
- $sql.= " fk_user_author='".$this->fk_user_author."',";
- $sql.= " fk_user_modif='".$this->fk_user_modif."'";
+ $sql.= " fk_bank=".($this->fk_bank > 0 ? $this->fk_bank:"null").",";
+ $sql.= " fk_user_author=".$this->fk_user_author.",";
+ $sql.= " fk_user_modif=".$this->fk_user_modif;
$sql.= " WHERE rowid=".$this->id;
@@ -187,8 +187,8 @@ function update($user)
$sql = "UPDATE ".MAIN_DB_PREFIX."deplacement ";
$sql .= " SET km = ".$this->km; // This is a distance or amount
$sql .= " , dated = '".$this->db->idate($this->date)."'";
- $sql .= " , type = '".$this->type."'";
- $sql .= " , fk_statut = '".$this->statut."'";
+ $sql .= " , type = '".$this->db->escape($this->type)."'";
+ $sql .= " , fk_statut = '".$this->db->escape($this->statut)."'";
$sql .= " , fk_user = ".$this->fk_user;
$sql .= " , fk_user_modif = ".$user->id;
$sql .= " , fk_soc = ".($this->socid > 0?$this->socid:'null');
@@ -308,7 +308,7 @@ function delete($user='')
if ( $this->errno === 0) {
$sql = "UPDATE ".MAIN_DB_PREFIX."bank";
$sql.= " SET fk_bordereau = 0";
- $sql.= " WHERE fk_bordereau = '".$this->id."'";
+ $sql.= " WHERE fk_bordereau = ".$this->id;
$resql = $this->db->query($sql);
if (!$resql)
@@ -1082,19 +1082,19 @@ function delete()
{
$this->db->begin();
- $sql = "DELETE FROM ".MAIN_DB_PREFIX."prelevement_facture WHERE fk_prelevement_lignes IN (SELECT rowid FROM ".MAIN_DB_PREFIX."prelevement_lignes WHERE fk_prelevement_bons = '".$this->id."')";
+ $sql = "DELETE FROM ".MAIN_DB_PREFIX."prelevement_facture WHERE fk_prelevement_lignes IN (SELECT rowid FROM ".MAIN_DB_PREFIX."prelevement_lignes WHERE fk_prelevement_bons = ".$this->id.")";
$resql1=$this->db->query($sql);
if (! $resql1) dol_print_error($this->db);
- $sql = "DELETE FROM ".MAIN_DB_PREFIX."prelevement_lignes WHERE fk_prelevement_bons = '".$this->id."'";
+ $sql = "DELETE FROM ".MAIN_DB_PREFIX."prelevement_lignes WHERE fk_prelevement_bons = ".$this->id;
$resql2=$this->db->query($sql);
if (! $resql2) dol_print_error($this->db);
- $sql = "DELETE FROM ".MAIN_DB_PREFIX."prelevement_bons WHERE rowid = '".$this->id."'";
+ $sql = "DELETE FROM ".MAIN_DB_PREFIX."prelevement_bons WHERE rowid = ".$this->id;
$resql3=$this->db->query($sql);
if (! $resql3) dol_print_error($this->db);
- $sql = "UPDATE ".MAIN_DB_PREFIX."prelevement_facture_demande SET fk_prelevement_bons = NULL, traite = 0 WHERE fk_prelevement_bons = '".$this->id."'";
+ $sql = "UPDATE ".MAIN_DB_PREFIX."prelevement_facture_demande SET fk_prelevement_bons = NULL, traite = 0 WHERE fk_prelevement_bons = ".$this->id;
$resql4=$this->db->query($sql);
if (! $resql4) dol_print_error($this->db);
@@ -317,7 +317,7 @@ function update($id, $user=null, $notrigger=0, $action='update')
$sql .= ", phone_perso = ".(isset($this->phone_perso)?"'".$this->db->escape($this->phone_perso)."'":"null");
$sql .= ", phone_mobile = ".(isset($this->phone_mobile)?"'".$this->db->escape($this->phone_mobile)."'":"null");
$sql .= ", jabberid = ".(isset($this->jabberid)?"'".$this->db->escape($this->jabberid)."'":"null");
- $sql .= ", priv = '".$this->priv."'";
+ $sql .= ", priv = '".$this->db->escape($this->priv)."'";
$sql .= ", statut = ".$this->statut;
$sql .= ", fk_user_modif=".($user->id > 0 ? "'".$user->id."'":"NULL");
$sql .= ", default_lang=".($this->default_lang?"'".$this->default_lang."'":"NULL");
@@ -2801,10 +2801,10 @@ function update($user, $notrigger=0)
$sql.= " tva_tx=".price2num($this->tva_tx).",";
$sql.= " localtax1_tx=".price2num($this->localtax1_tx).",";
$sql.= " localtax2_tx=".price2num($this->localtax2_tx).",";
- $sql.= " qty='".$this->qty."',";
+ $sql.= " qty=".price2num($this->qty).",";
$sql.= " remise_percent=".price2num($this->remise_percent).",";
- $sql.= " remise=".($this->remise?"'".$this->remise."'":"null").",";
- $sql.= " fk_remise_except=".($this->fk_remise_except?"'".$this->fk_remise_except."'":"null").",";
+ $sql.= " remise=".($this->remise?price2num($this->remise):"null").",";
+ $sql.= " fk_remise_except=".($this->fk_remise_except > 0?$this->fk_remise_except:"null").",";
$sql.= " subprice=".($this->subprice != '' ? $this->subprice : "null").",";
$sql.= " price_ht=".($this->price_ht != '' ? $this->price_ht : "null").",";
$sql.= " total_ht=".$this->total_ht.",";
@@ -2818,8 +2818,8 @@ function update($user, $notrigger=0)
$sql.= " fk_user_author=".($this->fk_user_author >= 0?$this->fk_user_author:"NULL").",";
$sql.= " fk_user_ouverture=".($this->fk_user_ouverture > 0?$this->fk_user_ouverture:"NULL").",";
$sql.= " fk_user_cloture=".($this->fk_user_cloture > 0?$this->fk_user_cloture:"NULL").",";
- $sql.= " commentaire='".$this->db->escape($this->commentaire)."'";
- $sql.= ", fk_unit=".(!$this->fk_unit ? 'NULL' : $this->fk_unit);
+ $sql.= " commentaire='".$this->db->escape($this->commentaire)."',";
+ $sql.= " fk_unit=".(!$this->fk_unit ? 'NULL' : $this->fk_unit);
$sql.= " WHERE rowid=".$this->id;
dol_syslog(get_class($this)."::update", LOG_DEBUG);
Oops, something went wrong.

0 comments on commit fa290c3

Please sign in to comment.