Browse code

Funktion maybe_null() umdefiniert

Bernd Wurst authored on13/01/2018 13:25:14
Showing2 changed files
... ...
@@ -119,21 +119,15 @@ function server_names()
119 119
 }
120 120
 
121 121
 
122
-// FIXME
123
-// Diese Funktion funktioniert nicht für preprared statements
124 122
 function maybe_null($value)
125 123
 {
126
-  if (config("enable_debug")) {
127
-    $backtrace = debug_backtrace();
128
-    warning("call to maybe_null() in {$backtrace[1]['file']} line {$backtrace[1]['line']}");
129
-  }
130
-  if ($value == NULL)
131
-    return 'NULL';
124
+  if (! $value)
125
+    return NULL;
132 126
 
133 127
   if (strlen( (string) $value ) > 0)
134
-    return "'".db_escape_string($value)."'";
128
+    return (string) $value;
135 129
   else
136
-    return 'NULL';
130
+    return NULL;
137 131
 }
138 132
 
139 133
 
... ...
@@ -37,23 +37,10 @@ function create_customer($data)
37 37
     return NULL;
38 38
   }
39 39
 
40
-  $anrede = db_escape_string($data['anrede']);
41
-  $firma = db_escape_string($data['firma']);
42
-  $vorname = db_escape_string($data['vorname']);
43
-  $nachname = db_escape_string($data['nachname']);
44
-  $email = db_escape_string($data['email']);
45
-
46
-  logger(LOG_INFO, 'modules/register/include/register', 'register', "Creating new account: {$anrede} / {$firma} / {$vorname} / {$nachname} / {$email}");
40
+  logger(LOG_INFO, 'modules/register/include/register', 'register', "Creating new account: ".print_r($data, true));
47 41
   
48
-  $anrede = maybe_null($anrede);
49
-  $firma = maybe_null($firma);
50
-  $vorname = maybe_null($vorname);
51
-  $nachname = maybe_null($nachname);
52
-
53
-  db_query("BEGIN");
54
-  db_query("INSERT INTO kundendaten.kunden (firma, nachname, vorname, anrede, email, erstellungsdatum,status) VALUES ({$firma}, {$nachname}, {$vorname}, {$anrede}, {$email}, CURDATE(), 3)");
42
+  db_query("INSERT INTO kundendaten.kunden (firma, nachname, vorname, anrede, email, erstellungsdatum,status) VALUES (:firma, :nachname, :vorname, :anrede, :email, CURDATE(), 3)", $data);
55 43
   $customerno = db_insert_id();
56
-  db_query("COMMIT");
57 44
   return $customerno;
58 45
 
59 46
 }