diff --git a/ajax/ajax_asset_copy.php b/ajax/ajax_asset_copy.php index 2b795a8c..dd648ce8 100644 --- a/ajax/ajax_asset_copy.php +++ b/ajax/ajax_asset_copy.php @@ -6,7 +6,7 @@ $asset_id = intval($_GET['id']); $sql = mysqli_query($mysqli, "SELECT * FROM assets LEFT JOIN asset_interfaces ON interface_asset_id = asset_id AND interface_primary = 1 - WHERE asset_id = $asset_id" + WHERE asset_id = $asset_id LIMIT 1" ); $row = mysqli_fetch_array($sql); diff --git a/ajax/ajax_asset_edit.php b/ajax/ajax_asset_edit.php index 2942c459..1b9d4e4e 100644 --- a/ajax/ajax_asset_edit.php +++ b/ajax/ajax_asset_edit.php @@ -6,7 +6,7 @@ $asset_id = intval($_GET['id']); $sql = mysqli_query($mysqli, "SELECT * FROM assets LEFT JOIN asset_interfaces ON interface_asset_id = asset_id AND interface_primary = 1 - WHERE asset_id = $asset_id" + WHERE asset_id = $asset_id LIMIT 1" ); $row = mysqli_fetch_array($sql); diff --git a/ajax/ajax_custom_link_edit.php b/ajax/ajax_custom_link_edit.php index 6e43bb13..872d0b6b 100644 --- a/ajax/ajax_custom_link_edit.php +++ b/ajax/ajax_custom_link_edit.php @@ -4,7 +4,7 @@ require_once '../includes/ajax_header.php'; $custom_link_id = intval($_GET['id']); -$sql = mysqli_query($mysqli, "SELECT * FROM custom_links WHERE custom_link_id = $custom_link_id"); +$sql = mysqli_query($mysqli, "SELECT * FROM custom_links WHERE custom_link_id = $custom_link_id LIMIT 1"); $row = mysqli_fetch_array($sql); $custom_link_name = nullable_htmlentities($row['custom_link_name']); $custom_link_uri = nullable_htmlentities($row['custom_link_uri']); diff --git a/ajax/ajax_custom_ticket_status_edit.php b/ajax/ajax_custom_ticket_status_edit.php index 4b0d69ce..121b115a 100644 --- a/ajax/ajax_custom_ticket_status_edit.php +++ b/ajax/ajax_custom_ticket_status_edit.php @@ -4,7 +4,7 @@ require_once '../includes/ajax_header.php'; $ticket_status_id = intval($_GET['id']); -$sql = mysqli_query($mysqli, "SELECT * FROM ticket_statuses WHERE ticket_status_id = $ticket_status_id"); +$sql = mysqli_query($mysqli, "SELECT * FROM ticket_statuses WHERE ticket_status_id = $ticket_status_id LIMIT 1"); $row = mysqli_fetch_array($sql); $ticket_status_name = nullable_htmlentities($row['ticket_status_name']); $ticket_status_color = nullable_htmlentities($row['ticket_status_color']); diff --git a/ajax/ajax_document_edit.php b/ajax/ajax_document_edit.php index 53469776..4aed1720 100644 --- a/ajax/ajax_document_edit.php +++ b/ajax/ajax_document_edit.php @@ -4,7 +4,7 @@ require_once '../includes/ajax_header.php'; $document_id = intval($_GET['id']); -$sql = mysqli_query($mysqli, "SELECT * FROM documents WHERE document_id = $document_id"); +$sql = mysqli_query($mysqli, "SELECT * FROM documents WHERE document_id = $document_id LIMIT 1"); $row = mysqli_fetch_array($sql); $document_name = nullable_htmlentities($row['document_name']); diff --git a/ajax/ajax_document_move.php b/ajax/ajax_document_move.php index fac45cac..2f4368c4 100644 --- a/ajax/ajax_document_move.php +++ b/ajax/ajax_document_move.php @@ -4,7 +4,7 @@ require_once '../includes/ajax_header.php'; $document_id = intval($_GET['id']); -$sql = mysqli_query($mysqli, "SELECT * FROM documents WHERE document_id = $document_id"); +$sql = mysqli_query($mysqli, "SELECT * FROM documents WHERE document_id = $document_id LIMIT 1"); $row = mysqli_fetch_array($sql); $client_id = intval($row['document_client_id']); diff --git a/ajax/ajax_document_rename.php b/ajax/ajax_document_rename.php index 86320674..019ab486 100644 --- a/ajax/ajax_document_rename.php +++ b/ajax/ajax_document_rename.php @@ -4,7 +4,7 @@ require_once '../includes/ajax_header.php'; $document_id = intval($_GET['id']); -$sql = mysqli_query($mysqli, "SELECT * FROM documents WHERE document_id = $document_id"); +$sql = mysqli_query($mysqli, "SELECT * FROM documents WHERE document_id = $document_id LIMIT 1"); $row = mysqli_fetch_array($sql); $client_id = intval($row['document_client_id']); diff --git a/ajax/ajax_document_template_edit.php b/ajax/ajax_document_template_edit.php index 91c623ad..2c3fe1bc 100644 --- a/ajax/ajax_document_template_edit.php +++ b/ajax/ajax_document_template_edit.php @@ -4,7 +4,7 @@ require_once '../includes/ajax_header.php'; $document_id = intval($_GET['id']); -$sql = mysqli_query($mysqli, "SELECT * FROM documents WHERE document_id = $document_id"); +$sql = mysqli_query($mysqli, "SELECT * FROM documents WHERE document_id = $document_id LIMIT 1"); $row = mysqli_fetch_array($sql); $document_name = nullable_htmlentities($row['document_name']); $document_description = nullable_htmlentities($row['document_description']); diff --git a/ajax/ajax_document_view.php b/ajax/ajax_document_view.php index 02e3f11d..0286cffd 100644 --- a/ajax/ajax_document_view.php +++ b/ajax/ajax_document_view.php @@ -12,7 +12,7 @@ $purifier = new HTMLPurifier($purifier_config); $document_id = intval($_GET['id']); -$sql = mysqli_query($mysqli, "SELECT * FROM documents WHERE document_id = $document_id"); +$sql = mysqli_query($mysqli, "SELECT * FROM documents WHERE document_id = $document_id LIMIT 1"); $row = mysqli_fetch_array($sql); $document_name = nullable_htmlentities($row['document_name']); diff --git a/ajax/ajax_file_move.php b/ajax/ajax_file_move.php index 87d4e3ae..fb242065 100644 --- a/ajax/ajax_file_move.php +++ b/ajax/ajax_file_move.php @@ -4,7 +4,7 @@ require_once '../includes/ajax_header.php'; $file_id = intval($_GET['id']); -$sql = mysqli_query($mysqli, "SELECT * FROM files WHERE file_id = $file_id"); +$sql = mysqli_query($mysqli, "SELECT * FROM files WHERE file_id = $file_id LIMIT 1"); $row = mysqli_fetch_array($sql); $client_id = intval($row['file_client_id']); diff --git a/ajax/ajax_file_rename.php b/ajax/ajax_file_rename.php index 7d3ee3cb..f49dc26c 100644 --- a/ajax/ajax_file_rename.php +++ b/ajax/ajax_file_rename.php @@ -4,7 +4,7 @@ require_once '../includes/ajax_header.php'; $file_id = intval($_GET['id']); -$sql = mysqli_query($mysqli, "SELECT * FROM files WHERE file_id = $file_id"); +$sql = mysqli_query($mysqli, "SELECT * FROM files WHERE file_id = $file_id LIMIT 1"); $row = mysqli_fetch_array($sql); $client_id = intval($row['file_client_id']); diff --git a/ajax/ajax_folder_rename.php b/ajax/ajax_folder_rename.php index 72657ebe..40929a13 100644 --- a/ajax/ajax_folder_rename.php +++ b/ajax/ajax_folder_rename.php @@ -4,7 +4,7 @@ require_once '../includes/ajax_header.php'; $folder_id = intval($_GET['id']); -$sql = mysqli_query($mysqli, "SELECT * FROM folders WHERE folder_id = $folder_id"); +$sql = mysqli_query($mysqli, "SELECT * FROM folders WHERE folder_id = $folder_id LIMIT 1"); $row = mysqli_fetch_array($sql); $folder_name = nullable_htmlentities($row['folder_name']); diff --git a/ajax/ajax_item_edit.php b/ajax/ajax_item_edit.php index a3c567ed..7ace177e 100644 --- a/ajax/ajax_item_edit.php +++ b/ajax/ajax_item_edit.php @@ -4,7 +4,7 @@ require_once '../includes/ajax_header.php'; $item_id = intval($_GET['id']); -$sql = mysqli_query($mysqli, "SELECT * FROM invoice_items WHERE item_id = $item_id"); +$sql = mysqli_query($mysqli, "SELECT * FROM invoice_items WHERE item_id = $item_id LIMIT 1"); $row = mysqli_fetch_array($sql); $item_name = nullable_htmlentities($row['item_name']); $item_description = nullable_htmlentities($row['item_description']); diff --git a/ajax/ajax_software_template_edit.php b/ajax/ajax_software_template_edit.php index 4031e971..ee1b5d98 100644 --- a/ajax/ajax_software_template_edit.php +++ b/ajax/ajax_software_template_edit.php @@ -4,7 +4,7 @@ require_once '../includes/ajax_header.php'; $software_id = intval($_GET['id']); -$sql = mysqli_query($mysqli, "SELECT * FROM software WHERE software_id = $software_id"); +$sql = mysqli_query($mysqli, "SELECT * FROM software WHERE software_id = $software_id LIMIT 1"); $row = mysqli_fetch_array($sql); $software_name = nullable_htmlentities($row['software_name']); $software_version = nullable_htmlentities($row['software_version']); diff --git a/ajax/ajax_tax_edit.php b/ajax/ajax_tax_edit.php index 9bc05290..a2c2c47c 100644 --- a/ajax/ajax_tax_edit.php +++ b/ajax/ajax_tax_edit.php @@ -4,7 +4,7 @@ require_once '../includes/ajax_header.php'; $tax_id = intval($_GET['id']); -$sql = mysqli_query($mysqli, "SELECT * FROM taxes WHERE tax_id = $tax_id"); +$sql = mysqli_query($mysqli, "SELECT * FROM taxes WHERE tax_id = $tax_id LIMIT 1"); $row = mysqli_fetch_array($sql); $tax_name = nullable_htmlentities($row['tax_name']); $tax_percent = floatval($row['tax_percent']);