4 years ago · f6f4968af6
--- a/build/exe/doliwamp/config.inc.php.install
+++ b/build/exe/doliwamp/config.inc.php.install
@@ -542,7 +542,7 @@ $cfg['ThemePerServer']      = FALSE;         // allow diferent theme for each co
 
				  * %f will be replaced by a list of field names.
			
 
				  * (%t and %f only applies to DefaultQueryTable)
			
 
				  */
			
 
				-$cfg['DefaultQueryTable']    = 'SELECT * FROM %t WHERE 1';
			
 
				+$cfg['DefaultQueryTable']    = 'SELECT * FROM %t WHERE 1 = 1';
			
 
				 $cfg['DefaultQueryDatabase'] = '';
			
 
				 
			
 
				 /**
			
--- a/htdocs/admin/mails_templates.php
+++ b/htdocs/admin/mails_templates.php
@@ -257,7 +257,7 @@ if (empty($reshook))
 
				             $sql = "INSERT INTO ".$tabname[$id]." (";
			
 
				             // List of fields
			
 
				             $sql .= $tabfieldinsert[$id];
			
 
				-            $sql .= ",active)";
			
 
				+            $sql .= ",active,enabled)";
			
 
				             $sql .= " VALUES(";
			
 
				 
			
 
				             // List of values
			
@@ -289,7 +289,7 @@ if (empty($reshook))
 
				 
			
 
				                 $i++;
			
 
				             }
			
 
				-            $sql .= ", 1)";
			
 
				+            $sql .= ", 1, 1)";
			
 
				 
			
 
				             dol_syslog("actionadd", LOG_DEBUG);
			
 
				             $result = $db->query($sql);
			
--- a/htdocs/core/lib/functions.lib.php
+++ b/htdocs/core/lib/functions.lib.php
@@ -8306,7 +8306,7 @@ function getDictvalue($tablename, $field, $id, $checkentity = false, $rowidfield
 
				 	if (!isset($dictvalues[$tablename]))
			
 
				 	{
			
 
				 		$dictvalues[$tablename] = array();
			
 
				-		$sql = 'SELECT * FROM '.$tablename.' WHERE 1'; // Here select * is allowed as it is generic code and we don't have list of fields
			
 
				+		$sql = 'SELECT * FROM '.$tablename.' WHERE 1 = 1'; // Here select * is allowed as it is generic code and we don't have list of fields
			
 
				 		if ($checkentity) $sql .= ' AND entity IN (0,'.getEntity($tablename).')';
			
 
				 
			
 
				 		$resql = $db->query($sql);
			
--- a/htdocs/societe/consumption.php
+++ b/htdocs/societe/consumption.php
@@ -318,7 +318,7 @@ if (!empty($sql_select))
 
				 	if ($sref) $sql .= " AND ".$doc_number." LIKE '%".$db->escape($sref)."%'";
			
 
				 	if ($sprod_fulldescr)
			
 
				 	{
			
 
				-	    $sql .= " AND (d.description LIKE '%".$db->escape($sprod_fulldescr)."%'";
			
 
				+	    $sql .= " AND (d.description LIKE '%".$db->escape($sprod_fulldescr)."%' OR d.description LIKE '%".$db->escape(dol_htmlentities($sprod_fulldescr))."%'";
			
 
				 	    if (GETPOST('type_element') != 'fichinter') $sql .= " OR p.ref LIKE '%".$db->escape($sprod_fulldescr)."%'";
			
 
				 	    if (GETPOST('type_element') != 'fichinter') $sql .= " OR p.label LIKE '%".$db->escape($sprod_fulldescr)."%'";
			
 
				 	    $sql .= ")";
			
--- a/htdocs/user/class/user.class.php
+++ b/htdocs/user/class/user.class.php
@@ -3317,7 +3317,7 @@ class User extends CommonObject
 
				 		}
			
 
				 		else
			
 
				 		{
			
 
				-			$sql .= " WHERE 1";
			
 
				+			$sql .= " WHERE 1 = 1";
			
 
				 		}
			
 
				 
			
 
				 		// Manage filter