Fixed setting of demande_pour bug
This commit is contained in:
lars
parent
07a8ac63f8
commit
f4ebd2045b
@ -114,21 +114,13 @@ if($_POST['btnprocess'] && $isAdmin) {
|
|||||||
$status = '3';
|
$status = '3';
|
||||||
$updateStatus = true;
|
$updateStatus = true;
|
||||||
}
|
}
|
||||||
|
$reqName = $mysqli->real_escape_string($_POST['demande_pour']);
|
||||||
|
if( $reqName == '') {
|
||||||
|
$reqName = $username;
|
||||||
|
}
|
||||||
// Escape string, mostly in case of quotes
|
// Escape string, mostly in case of quotes
|
||||||
$d = $mysqli->real_escape_string(serialize($_POST));
|
$d = $mysqli->real_escape_string(serialize($_POST));
|
||||||
if(!$aid) {
|
if(!$aid) {
|
||||||
// Make sure we set the demande_our value to current user if blank
|
|
||||||
// This would happen upon submission of a new record by non-admin person
|
|
||||||
// Save requestor in serialized data but also as mysql column, we will need to do a sort by later
|
|
||||||
if($_POST['demande_pour']=='') {
|
|
||||||
$m = $_POST;
|
|
||||||
$m['demande_pour'] = $username;
|
|
||||||
$d = $mysqli->real_escape_string(serialize($m));
|
|
||||||
$reqName = $username;
|
|
||||||
}
|
|
||||||
else {
|
|
||||||
$reqName = $mysqli->real_escape_string($_POST['demande_pour']);
|
|
||||||
}
|
|
||||||
$query = "INSERT INTO submissions (uid, status, name, reqname, created, formdata,modified) values('$userid',$status,'$username','$reqName',null,'".$d."',NOW())";
|
$query = "INSERT INTO submissions (uid, status, name, reqname, created, formdata,modified) values('$userid',$status,'$username','$reqName',null,'".$d."',NOW())";
|
||||||
syslog(LOG_INFO, "Create entry by uid: $userid / $uname from: {$_SERVER['REMOTE_ADDR']} ({$_SERVER['HTTP_USER_AGENT']})");
|
syslog(LOG_INFO, "Create entry by uid: $userid / $uname from: {$_SERVER['REMOTE_ADDR']} ({$_SERVER['HTTP_USER_AGENT']})");
|
||||||
}
|
}
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user