* SQLi (some fixed, some not)
* XSS (none fixed)
* Code refactoring
+ * Use something more elegant than get_user_id() (something more universal) and map_unique() (load whole array at once)
* Optimize magic quotes usage
* Move classes to separate files
* Make sure that every method is in the class that it belongs to
$item_id = $this->db->map_unique('item_serial', $item_serial, 'item_id', 'item');
$current = $this->db->get_listing('item', $item_id, 1);
+ $current[$item_id]['item_author'] = $this->db->auth->get_user_id();
$forked_item = $current;
$model_id = $this->db->map_unique('item_serial', $item_serial, 'model_id', 'item');
$current = array(array(
'model_id' => $model_id,
'item_quantity' => 1,
- 'status_id' => 1
+ 'status_id' => 1,
+ 'item_author' => $this->db->auth->get_user_id()
));
$action = $_SERVER['SCRIPT_NAME'].'/item/new';
'item_quantity' => $item_quantity,
'status_id' => 1,
'item_price_in' => $this->db->map_unique('model_barcode', $_GET['barcode'], 'model_price_in', 'model'),
- 'item_price_out' => $this->db->map_unique('model_barcode', $_GET['barcode'], 'model_price_out', 'model')
+ 'item_price_out' => $this->db->map_unique('model_barcode', $_GET['barcode'], 'model_price_out', 'model'),
+ 'item_author' => $this->db->auth->get_user_id()
));
echo $this->html->render_insert_form('item', $columns, $selectbox, $current, $disable_cols, $action);
GIT.Harvie.CZ / mirrors / SokoMan.git / commitdiff
