  |
16 | 16 | | function osC_Product($id) { |
| |
17 | 17 | | global $osC_Database, $osC_Services; |
| |
18 | 18 | | |
 |
19 | | - | $Qproduct = $osC_Database->query('select pd.products_name as name, pd.products_description as description, p.products_model as model, p.products_quantity as quantity, p.products_image as image, pd.products_url as url, p.products_price as price, p.products_tax_class_id as tax_class_id, p.products_date_added as date_added, p.products_date_available as date_available, p.manufacturers_id from :table_products p, :table_products_description pd where p.products_id = :products_id and p.products_status = 1 and p.products_id = pd.products_id and pd.language_id = :language_id'); |
| |
| 19 | + | $Qproduct = $osC_Database->query('select p.products_id as id, p.products_model as model, p.products_quantity as quantity, p.products_image as image, pd.products_url as url, p.products_price as price, p.products_tax_class_id as tax_class_id, p.products_date_added as date_added, p.products_date_available as date_available, p.manufacturers_id, pd.products_name as name, pd.products_description as description from :table_products p, :table_products_description pd where'); |
|
20 | 20 | | $Qproduct->bindTable(':table_products', TABLE_PRODUCTS); |
| |
21 | 21 | | $Qproduct->bindTable(':table_products_description', TABLE_PRODUCTS_DESCRIPTION); |
|
22 | | - | $Qproduct->bindInt(':products_id', tep_get_prid($id)); |
| |
| 22 | + | |
| |
| 23 | + | if (is_numeric($id) || ereg('[0-9]+[{[0-9]+}[0-9]+]*$', $id)) { |
| |
| 24 | + | $Qproduct->appendQuery('p.products_id = :products_id'); |
| |
| 25 | + | $Qproduct->bindInt(':products_id', tep_get_prid($id)); |
| |
| 26 | + | } else { |
| |
| 27 | + | $Qproduct->appendQuery('p.products_model = :products_model'); |
| |
| 28 | + | $Qproduct->bindValue(':products_model', $id); |
| |
| 29 | + | } |
| |
| 30 | + | |
| |
| 31 | + | $Qproduct->appendQuery('and p.products_status = 1 and p.products_id = pd.products_id and pd.language_id = :language_id'); |
|
23 | 32 | | $Qproduct->bindInt(':language_id', $_SESSION['languages_id']); |
| |
24 | 33 | | $Qproduct->execute(); |
| |
25 | 34 | | |
| |
26 | 35 | | $this->_data = $Qproduct->toArray(); |
|
27 | | - | $this->_data['id'] = $id; |
|
28 | 36 | | |
| |
29 | 37 | | $Qcheck = $osC_Database->query('select products_attributes_id from :table_products_attributes patrib where products_id = :products_id limit 1'); |
| |
30 | 38 | | $Qcheck->bindTable(':table_products_attributes', TABLE_PRODUCTS_ATTRIBUTES); |
| |
|
|
 |
… |
|
162 | 170 | | function checkEntry($id) { |
| |
163 | 171 | | global $osC_Database; |
| |
164 | 172 | | |
|
165 | | - | $Qcheck = $osC_Database->query('select products_id from :table_products where products_id = :products_id and products_status = 1 limit 1'); |
| |
| 173 | + | $Qcheck = $osC_Database->query('select products_id from :table_products where'); |
|
166 | 174 | | $Qcheck->bindTable(':table_products', TABLE_PRODUCTS); |
|
167 | | - | $Qcheck->bindInt(':products_id', tep_get_prid($id)); |
| |
| 175 | + | |
| |
| 176 | + | if (is_numeric($id) || ereg('[0-9]+[{[0-9]+}[0-9]+]*$', $id)) { |
| |
| 177 | + | $Qcheck->appendQuery('products_id = :products_id'); |
| |
| 178 | + | $Qcheck->bindInt(':products_id', tep_get_prid($id)); |
| |
| 179 | + | } else { |
| |
| 180 | + | $Qcheck->appendQuery('products_model = :products_model'); |
| |
| 181 | + | $Qcheck->bindValue(':products_model', $id); |
| |
| 182 | + | } |
| |
| 183 | + | |
| |
| 184 | + | $Qcheck->appendQuery('and products_status = 1 limit 1'); |
|
168 | 185 | | $Qcheck->execute(); |
| |
169 | 186 | | |
| |
170 | 187 | | if ($Qcheck->numberOfRows() === 1) { |