-
+
@@ -214,7 +229,7 @@ EOF;
);
foreach($table as $id => $row) {
foreach($collapse as $link => $title)
- if(isset($table[$id][$link])) {
+ if(isset($table[$id][$link]) && isset($row[$title])) {
$type = @array_shift(preg_split('/_/', $link));
if($link != $title) unset($table[$id][$link]);
$table[$id][$title]=$this->link($row[$title], $type.'/'.$row[$link].'/');
@@ -328,7 +343,7 @@ class Sklad_DB extends PDO {
'model' => array('category', 'producer')
); //TODO Autodetect using foreign keys?
$search_fields = array(
- 'item' => array('item_id','model_name','model_barcode','model_descript','producer_name','vendor_name')
+ 'item' => array('item_id','item_serial','model_name','model_barcode','model_descript','producer_name','vendor_name')
); //TODO Autodetect
//Escaping
@@ -611,10 +626,15 @@ class Sklad_UI {
}
function post_redirect_get($location, $message='', $error=false) {
- $location = $this->html->internal_url($location).'?message='.urlencode($message);
+ $url_args = $message != '' ? '?message='.urlencode($message) : '';
+ $location = $this->html->internal_url($location).$url_args;
header('Location: '.$location);
if($error) trigger_error($message);
- die("Location:
$location");
+ $location=htmlspecialchars($location);
+ die(
+ "
".
+ "Location:
$location"
+ );
}
function safe_include($dir,$name,$vars=array(),$ext='.inc.php') {