rmontanana/inventario2
1
0
Fork 0
mirror of https://github.com/rmontanana/inventario2.git synced 2025-08-15 15:35:56 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fix escape string deprectaed method

Browse Source
This commit is contained in:
Ricardo Montañana Gómez
2024-04-24 12:44:52 +02:00
parent e1151343bd
commit 67a7080e59
1 changed files with 14 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
Ajax.php
View File

@@ -1,4 +1,5 @@
<?php
/**
* @package Inventario
* @copyright Copyright (c) 2008, Ricardo Montañana Gómez
@@ -25,7 +26,8 @@ require_once 'Sql.php';
$ajax = new Ajax();
echo $ajax->procesa();
class Ajax {
class Ajax
{
private $sql;
private $tabla;
@@ -46,8 +48,10 @@ class Ajax {
{
$opc = $_GET['opc'];
switch ($opc) {
case "get": return $this->obtiene();
case "put": return $this->actualiza();
case "get":
return $this->obtiene();
case "put":
return $this->actualiza();
}
}
private function mensaje($exito, $texto)
@@ -57,7 +61,7 @@ class Ajax {
private function actualiza()
{
if (!empty($_SERVER['HTTP_X_REQUESTED_WITH']) && strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) == 'xmlhttprequest') {
$comando = "update " . mysql_escape_string($this->tabla) . " set " . mysql_escape_string($_POST['name']) . " = '" . mysql_escape_string($_POST['value']) . "' where id = '" . mysql_escape_string($_POST['pk']). "';";
$comando = "update " . $this->sql->filtra($this->tabla) . " set " . $this->sql->filtra($_POST['name']) . " = '" . $this->sql->filtra($_POST['value']) . "' where id = '" . $this->sql->filtra($_POST['pk']) . "';";
$this->sql->ejecuta($comando);
$exito = !$this->sql->error();
$mensaje = $this->sql->mensajeError();
@@ -84,5 +88,3 @@ class Ajax {
}
}
}
?>