AS1024/itflow
1
0
Fork 0
mirror of https://github.com/itflow-org/itflow synced 2026-04-18 02:25:40 +00:00
Code Issues Packages Projects Releases Wiki Activity

- Prevent error 500s when existing data can't be cleanly re-inserted to database

Browse Source
This commit is contained in:
wrongecho
2026-04-04 11:01:34 +01:00
parent 0ae4c2fac9
commit 4617f44cda
6 changed files with 39 additions and 39 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
api/v1/clients/client_model.php
View File

@@ -5,7 +5,7 @@
if (isset($_POST['client_name'])) {
$name = sanitizeInput($_POST['client_name']);
} elseif ($client_row) {
$name = $client_row['client_name'];
$name = mysqli_real_escape_string($mysqli, $client_row['client_name']);
} else {
$name = '';
}
@@ -13,7 +13,7 @@ if (isset($_POST['client_name'])) {
if (isset($_POST['client_type'])) {
$type = sanitizeInput($_POST['client_type']);
} elseif ($client_row) {
$type = $client_row['client_type'];
$type = mysqli_real_escape_string($mysqli, $client_row['client_type']);
} else {
$type = '';
}
@@ -21,7 +21,7 @@ if (isset($_POST['client_type'])) {
if (isset($_POST['client_website'])) {
$website = preg_replace("(^https?://)", "", sanitizeInput($_POST['client_website']));
} elseif ($client_row) {
$website = $client_row['client_website'];
$website = mysqli_real_escape_string($mysqli, $client_row['client_website']);
} else {
$website = '';
}
@@ -29,7 +29,7 @@ if (isset($_POST['client_website'])) {
if (isset($_POST['client_referral'])) {
$referral = sanitizeInput($_POST['client_referral']);
} elseif ($client_row) {
$referral = $client_row['client_referral'];
$referral = mysqli_real_escape_string($mysqli, $client_row['client_referral']);
} else {
$referral = '';
}
@@ -45,7 +45,7 @@ if (isset($_POST['client_rate'])) {
if (isset($_POST['client_currency_code'])) {
$currency_code = sanitizeInput($_POST['client_currency_code']);
} elseif ($client_row) {
$currency_code = $client_row['client_currency_code'];
$currency_code = mysqli_real_escape_string($mysqli, $client_row['client_currency_code']);
} else {
$currency_code = '';
}
@@ -61,7 +61,7 @@ if (isset($_POST['client_net_terms'])) {
if (isset($_POST['client_tax_id_number'])) {
$tax_id_number = sanitizeInput($_POST['client_tax_id_number']);
} elseif ($client_row) {
$tax_id_number = $client_row['client_tax_id_number'];
$tax_id_number = mysqli_real_escape_string($mysqli, $client_row['client_tax_id_number']);
} else {
$tax_id_number = '';
}
@@ -69,7 +69,7 @@ if (isset($_POST['client_tax_id_number'])) {
if (isset($_POST['client_abbreviation'])) {
$abbreviation = sanitizeInput(substr($_POST['client_abbreviation'], 0, 6));
} elseif ($client_row) {
$abbreviation = $client_row['client_abbreviation'];
$abbreviation = mysqli_real_escape_string($mysqli, $client_row['client_abbreviation']);
} else {
$abbreviation = '';
}
@@ -85,7 +85,7 @@ if (isset($_POST['client_is_lead'])) {
if (isset($_POST['client_notes'])) {
$notes = sanitizeInput($_POST['client_notes']);
} elseif ($client_row) {
$notes = $client_row['client_notes'];
$notes = mysqli_real_escape_string($mysqli, $client_row['client_notes']);
} else {
$notes = '';
}

16
api/v1/contacts/contact_model.php
View File

@@ -5,7 +5,7 @@ define('number_regex', '/[^0-9]/');
if (isset($_POST['contact_name'])) {
$name = sanitizeInput($_POST['contact_name']);
} elseif ($contact_row) {
$name = $contact_row['contact_name'];
$name = mysqli_real_escape_string($mysqli, $contact_row['contact_name']);
} else {
$name = '';
}
@@ -13,7 +13,7 @@ if (isset($_POST['contact_name'])) {
if (isset($_POST['contact_title'])) {
$title = sanitizeInput($_POST['contact_title']);
} elseif ($contact_row) {
$title = $contact_row['contact_title'];
$title = mysqli_real_escape_string($mysqli, $contact_row['contact_title']);
} else {
$title = '';
}
@@ -21,7 +21,7 @@ if (isset($_POST['contact_title'])) {
if (isset($_POST['contact_department'])) {
$department = sanitizeInput($_POST['contact_department']);
} elseif ($contact_row) {
$department = $contact_row['contact_department'];
$department = mysqli_real_escape_string($mysqli, $contact_row['contact_department']);
} else {
$department = '';
}
@@ -29,7 +29,7 @@ if (isset($_POST['contact_department'])) {
if (isset($_POST['contact_email'])) {
$email = sanitizeInput($_POST['contact_email']);
} elseif ($contact_row) {
$email = $contact_row['contact_email'];
$email = mysqli_real_escape_string($mysqli, $contact_row['contact_email']);
} else {
$email = '';
}
@@ -37,7 +37,7 @@ if (isset($_POST['contact_email'])) {
if (isset($_POST['contact_phone'])) {
$phone = preg_replace(number_regex, '', $_POST['contact_phone']);
} elseif ($contact_row) {
$phone = $contact_row['contact_phone'];
$phone = mysqli_real_escape_string($mysqli, $contact_row['contact_phone']);
} else {
$phone = '';
}
@@ -45,7 +45,7 @@ if (isset($_POST['contact_phone'])) {
if (isset($_POST['contact_extension'])) {
$extension = preg_replace(number_regex, '', $_POST['contact_extension']);
} elseif ($contact_row) {
$extension = $contact_row['contact_extension'];
$extension = mysqli_real_escape_string($mysqli, $contact_row['contact_extension']);
} else {
$extension = '';
}
@@ -53,7 +53,7 @@ if (isset($_POST['contact_extension'])) {
if (isset($_POST['contact_mobile'])) {
$mobile = preg_replace(number_regex, '', $_POST['contact_mobile']);
} elseif ($contact_row) {
$mobile = $contact_row['contact_mobile'];
$mobile = mysqli_real_escape_string($mysqli, $contact_row['contact_mobile']);
} else {
$mobile = '';
}
@@ -61,7 +61,7 @@ if (isset($_POST['contact_mobile'])) {
if (isset($_POST['contact_notes'])) {
$notes = sanitizeInput($_POST['contact_notes']);
} elseif ($contact_row) {
$notes = $contact_row['contact_notes'];
$notes = mysqli_real_escape_string($mysqli, $contact_row['contact_notes']);
} else {
$notes = '';
}

12
api/v1/credentials/credential_model.php
View File

@@ -11,7 +11,7 @@ if (isset($_POST['api_key_decrypt_password'])) {
if (isset($_POST['credential_name'])) {
$name = sanitizeInput($_POST['credential_name']);
} elseif (isset($credential_row) && isset($credential_row['credential_name'])) {
$name = $credential_row['credential_name'];
$name = mysqli_real_escape_string($mysqli, $credential_row['credential_name']);
} else {
$name = '';
}
@@ -19,7 +19,7 @@ if (isset($_POST['credential_name'])) {
if (isset($_POST['credential_description'])) {
$description = sanitizeInput($_POST['credential_description']);
} elseif (isset($credential_row) && isset($credential_row['credential_description'])) {
$description = $credential_row['credential_description'];
$description = mysqli_real_escape_string($mysqli, $credential_row['credential_description']);
} else {
$description = '';
}
@@ -27,7 +27,7 @@ if (isset($_POST['credential_description'])) {
if (isset($_POST['credential_uri'])) {
$uri = sanitizeInput($_POST['credential_uri']);
} elseif (isset($credential_row) && isset($credential_row['credential_uri'])) {
$uri = $credential_row['credential_uri'];
$uri = mysqli_real_escape_string($mysqli, $credential_row['credential_uri']);
} else {
$uri = '';
}
@@ -35,7 +35,7 @@ if (isset($_POST['credential_uri'])) {
if (isset($_POST['credential_uri_2'])) {
$uri_2 = sanitizeInput($_POST['credential_uri_2']);
} elseif (isset($credential_row) && isset($credential_row['credential_uri_2'])) {
$uri_2 = $credential_row['credential_uri_2'];
$uri_2 = mysqli_real_escape_string($mysqli, $credential_row['credential_uri_2']);
} else {
$uri_2 = '';
}
@@ -66,7 +66,7 @@ if (isset($_POST['credential_password'])) {
if (isset($_POST['credential_otp_secret'])) {
$otp_secret = sanitizeInput($_POST['credential_otp_secret']);
} elseif (isset($credential_row) && isset($credential_row['credential_otp_secret'])) {
$otp_secret = $credential_row['credential_otp_secret'];
$otp_secret = mysqli_real_escape_string($mysqli, $credential_row['credential_otp_secret']);
} else {
$otp_secret = '';
}
@@ -74,7 +74,7 @@ if (isset($_POST['credential_otp_secret'])) {
if (isset($_POST['credential_note'])) {
$note = sanitizeInput($_POST['credential_note']);
} elseif (isset($credential_row) && isset($credential_row['credential_note'])) {
$note = $credential_row['credential_note'];
$note = mysqli_real_escape_string($mysqli, $credential_row['credential_note']);
} else {
$note = '';
}

8
api/v1/documents/document_model.php
View File

@@ -4,7 +4,7 @@
if (isset($_POST['document_name'])) {
$name = sanitizeInput($_POST['document_name']);
} elseif (isset($document_row) && isset($document_row['document_name'])) {
$name = $document_row['document_name'];
$name = mysqli_real_escape_string($mysqli, $document_row['document_name']);
} else {
$name = '';
}
@@ -12,7 +12,7 @@ if (isset($_POST['document_name'])) {
if (isset($_POST['document_description'])) {
$description = sanitizeInput($_POST['document_description']);
} elseif (isset($document_row) && isset($document_row['document_description'])) {
$description = $document_row['document_description'];
$description = mysqli_real_escape_string($mysqli, $document_row['document_description']);
} else {
$description = '';
}
@@ -20,7 +20,7 @@ if (isset($_POST['document_description'])) {
if (isset($_POST['document_content'])) {
$content = mysqli_real_escape_string($mysqli, $_POST['document_content']);
} elseif (isset($document_row) && isset($document_row['document_content'])) {
$content = $document_row['document_content'];
$content = mysqli_real_escape_string($mysqli, $document_row['document_content']);
} else {
$content = '';
}
@@ -29,7 +29,7 @@ if (isset($_POST['document_content'])) {
if (isset($_POST['document_content'])) {
$content_raw = sanitizeInput($_POST['document_name'] . $_POST['document_description'] . " " . str_replace("<", " <", $_POST['document_content']));
} elseif (isset($document_row) && isset($document_row['document_content_raw'])) {
$content_raw = $document_row['document_content_raw'];
$content_raw = mysqli_real_escape_string($mysqli, $document_row['document_content_raw']);
} else {
$content_raw = '';
}

18
api/v1/locations/location_model.php
View File

@@ -5,7 +5,7 @@
if (isset($_POST['location_name'])) {
$name = sanitizeInput($_POST['location_name']);
} elseif ($location_row) {
$name = $location_row['location_name'];
$name = mysqli_real_escape_string($mysqli, $location_row['location_name']);
} else {
$name = '';
}
@@ -13,7 +13,7 @@ if (isset($_POST['location_name'])) {
if (isset($_POST['location_description'])) {
$description = sanitizeInput($_POST['location_description']);
} elseif ($location_row) {
$description = $location_row['location_description'];
$description = mysqli_real_escape_string($mysqli, $location_row['location_description']);
} else {
$description = '';
}
@@ -21,7 +21,7 @@ if (isset($_POST['location_description'])) {
if (isset($_POST['location_country'])) {
$country = sanitizeInput($_POST['location_country']);
} elseif ($location_row) {
$country = $location_row['location_country'];
$country = mysqli_real_escape_string($mysqli, $location_row['location_country']);
} else {
$country = '';
}
@@ -29,7 +29,7 @@ if (isset($_POST['location_country'])) {
if (isset($_POST['location_address'])) {
$address = sanitizeInput($_POST['location_address']);
} elseif ($location_row) {
$address = $location_row['location_address'];
$address = mysqli_real_escape_string($mysqli, $location_row['location_address']);
} else {
$address = '';
}
@@ -37,7 +37,7 @@ if (isset($_POST['location_address'])) {
if (isset($_POST['location_city'])) {
$city = sanitizeInput($_POST['location_city']);
} elseif ($location_row) {
$city = $location_row['location_city'];
$city = mysqli_real_escape_string($mysqli, $location_row['location_city']);
} else {
$city = '';
}
@@ -45,7 +45,7 @@ if (isset($_POST['location_city'])) {
if (isset($_POST['location_state'])) {
$state = sanitizeInput($_POST['location_state']);
} elseif ($location_row) {
$state = $location_row['location_state'];
$state = mysqli_real_escape_string($mysqli, $location_row['location_state']);
} else {
$state = '';
}
@@ -53,7 +53,7 @@ if (isset($_POST['location_state'])) {
if (isset($_POST['location_zip'])) {
$zip = sanitizeInput($_POST['location_zip']);
} elseif ($location_row) {
$zip = $location_row['location_zip'];
$zip = mysqli_real_escape_string($mysqli, $location_row['location_zip']);
} else {
$zip = '';
}
@@ -61,7 +61,7 @@ if (isset($_POST['location_zip'])) {
if (isset($_POST['location_hours'])) {
$hours = sanitizeInput($_POST['location_hours']);
} elseif ($location_row) {
$hours = $location_row['location_hours'];
$hours = mysqli_real_escape_string($mysqli, $location_row['location_hours']);
} else {
$hours = '';
}
@@ -69,7 +69,7 @@ if (isset($_POST['location_hours'])) {
if (isset($_POST['location_notes'])) {
$notes = sanitizeInput($_POST['location_notes']);
} elseif ($location_row) {
$notes = $location_row['location_notes'];
$notes = mysqli_real_escape_string($mysqli, $location_row['location_notes']);
} else {
$notes = '';
}

8
api/v1/tickets/ticket_model.php
View File

@@ -21,7 +21,7 @@ if (isset($_POST['ticket_asset_id'])) {
if (isset($_POST['ticket_subject'])) {
$subject = sanitizeInput($_POST['ticket_subject']);
} elseif ($ticket_row) {
$subject = $ticket_row['ticket_subject'];
$subject = mysqli_real_escape_string($mysqli, $ticket_row['ticket_subject']);
} else {
$subject = '';
}
@@ -30,16 +30,16 @@ if (isset($_POST['ticket_subject'])) {
if (isset($_POST['ticket_priority'])) {
$priority = sanitizeInput($_POST['ticket_priority']);
} elseif ($ticket_row) {
$priority = $ticket_row['ticket_priority'];
$priority = mysqli_real_escape_string($mysqli, $ticket_row['ticket_priority']);
} else {
$priority = 'Low';
}
if (isset($_POST['ticket_details'])) {
$details = mysqli_escape_string($mysqli, $_POST['ticket_details'] . "<br>");
$details = mysqli_real_escape_string($mysqli, $_POST['ticket_details'] . "<br>");
} elseif ($ticket_row) {
$details = $ticket_row['ticket_details'];
$details = mysqli_real_escape_string($mysqli, $ticket_row['ticket_details']);
} else {
$details = '< blank ><br>';
}