From c0af8e8eabd5a69d9e2618b8f2f601a19e35ae16 Mon Sep 17 00:00:00 2001 From: johnnyq Date: Sat, 4 Mar 2023 16:13:38 -0500 Subject: [PATCH] Add '' to the date vars under API assets if not empty so they dont error out when inserted into the DB --- api/v1/assets/asset_model.php | 16 ++++++++-------- api/v1/assets/update.php | 2 +- 2 files changed, 9 insertions(+), 9 deletions(-) diff --git a/api/v1/assets/asset_model.php b/api/v1/assets/asset_model.php index ba96fe49..d0793d4d 100644 --- a/api/v1/assets/asset_model.php +++ b/api/v1/assets/asset_model.php @@ -73,27 +73,27 @@ if (isset($_POST['asset_status'])) { } if (isset($_POST['asset_purchase_date']) && !empty($_POST['asset_purchase_date'])) { - $purchase_date = sanitizeInput($_POST['asset_purchase_date']); + $purchase_date = "'" . sanitizeInput($_POST['asset_purchase_date']) . "'"; } elseif (isset($asset_row) && isset($asset_row['asset_purchase_date'])) { - $purchase_date = $asset_row['asset_purchase_date']; + $purchase_date = "'" . $asset_row['asset_purchase_date'] . "'"; } else { $purchase_date = "NULL"; } if (isset($_POST['asset_warranty_expire']) && !empty($_POST['asset_warranty_expire'])) { - $warranty_expire = sanitizeInput($_POST['asset_warranty_expire']); + $warranty_expire = "'" . sanitizeInput($_POST['asset_warranty_expire']) . "'"; } elseif (isset($asset_row) && isset($asset_row['asset_warranty_expire'])) { - $warranty_expire = $asset_row['asset_warranty_expire']; + $warranty_expire = "'" . $asset_row['asset_warranty_expire'] . "'"; } else { - $warranty_expire = "0000-00-00"; + $warranty_expire = "NULL"; } if (isset($_POST['asset_install_date']) && !empty($_POST['asset_install_date'])) { - $install_date = sanitizeInput($_POST['asset_install_date']); + $install_date = "'" . sanitizeInput($_POST['asset_install_date']) . "'"; } elseif (isset($asset_row) && isset($asset_row['asset_install_date'])) { - $install_date = $asset_row['asset_install_date']; + $install_date = "'" . $asset_row['asset_install_date'] . "'"; } else { - $install_date = "0000-00-00"; + $install_date = "NULL"; } if (isset($_POST['asset_notes'])) { diff --git a/api/v1/assets/update.php b/api/v1/assets/update.php index 5cbc47d8..91fb3390 100644 --- a/api/v1/assets/update.php +++ b/api/v1/assets/update.php @@ -16,7 +16,7 @@ if (!empty($asset_id)) { // Variable assignment from POST - assigning the current database value if a value is not provided require_once('asset_model.php'); - $update_sql = mysqli_query($mysqli, "UPDATE assets SET asset_name = '$name', asset_type = '$type', asset_make = '$make', asset_model = '$model', asset_serial = '$serial', asset_os = '$os', asset_ip = '$aip', asset_mac = '$mac', asset_status = '$status', asset_location_id = $location, asset_vendor_id = $vendor, asset_contact_id = $contact, asset_purchase_date = '$purchase_date', asset_warranty_expire = '$warranty_expire', asset_install_date = '$install_date', asset_notes = '$notes', asset_network_id = $network WHERE asset_id = $asset_id AND asset_client_id = $client_id AND company_id = '$company_id' LIMIT 1"); + $update_sql = mysqli_query($mysqli, "UPDATE assets SET asset_name = '$name', asset_type = '$type', asset_make = '$make', asset_model = '$model', asset_serial = '$serial', asset_os = '$os', asset_ip = '$aip', asset_mac = '$mac', asset_status = '$status', asset_location_id = $location, asset_vendor_id = $vendor, asset_contact_id = $contact, asset_purchase_date = $purchase_date, asset_warranty_expire = $warranty_expire, asset_install_date = $install_date, asset_notes = '$notes', asset_network_id = $network WHERE asset_id = $asset_id AND asset_client_id = $client_id AND company_id = '$company_id' LIMIT 1"); // Check insert & get insert ID if ($update_sql) {