fernando/tomolino-processmaker
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Added $DB->escape to the followup content

Browse Source 
Fixes #74
This commit is contained in:
tomolimo
2018-07-26 11:18:47 +02:00
parent 361e8f6264
commit 02be646379
1 changed files with 6 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
inc/processmaker.class.php
View File

@@ -109,11 +109,12 @@ class PluginProcessmakerProcessmaker extends CommonDBTM {
* @param integer $users_id optional, if null will uses logged-in user
*/
public function addTicketFollowup( $itemId, $txtForFollowup, $users_id=null ) {
global $DB;
$fu = new TicketFollowup();
$fu->getEmpty(); // to get default values
$input = $fu->fields;
if (isset( $txtForFollowup['GLPI_TICKET_FOLLOWUP_CONTENT'] )) {
$input['content']=$txtForFollowup['GLPI_TICKET_FOLLOWUP_CONTENT'];
$input['content'] = $DB->escape($txtForFollowup['GLPI_TICKET_FOLLOWUP_CONTENT']);
}
if (isset( $txtForFollowup['GLPI_TICKET_FOLLOWUP_IS_PRIVATE'] )) {
$input['is_private'] = $txtForFollowup['GLPI_TICKET_FOLLOWUP_IS_PRIVATE'];