Don't set boolean SQL values to '1' directly, use abstraction layer

instead. git-svn-id: https://kt-dms.svn.sourceforge.net/svnroot/kt-dms/trunk@3320 c91229c3-7414-0410-bfa2-8a42b809f60b

Don't set boolean SQL values to '1' directly, use abstraction layer
instead. git-svn-id: https://kt-dms.svn.sourceforge.net/svnroot/kt-dms/trunk@3320 c91229c3-7414-0410-bfa2-8a42b809f60b
Neil Blakey-Milner
1 parent 70c8f988
Showing 1 changed file with 12 additions and 5 deletions
lib/documentmanagement/Document.inc
@@ -535,11 +535,18 @@ class Document extends KTEntity {
         $aDocumentFieldArray;
         settype($aDocumentFieldArray,"array");
         $sql = $default->db;
-        $result = $sql->query(array("SELECT DF.id AS id, DF.name AS name, DF.data_type AS data_type " ./*ok*/
-                              "FROM $default->document_fields_table AS DF " .
-                              "INNER JOIN $default->document_type_fields_table AS DTFL ON DF.id = DTFL.field_id " . 
-                              "WHERE DTFL.document_type_id = ? " . ($bMandatoryOnly ? "AND DFTL.is_mandatory = 1 " : " ") . 
-                              "ORDER BY DF.name ASC", $iDocumentTypeID));
+        $sQuery = "SELECT DF.id AS id, DF.name AS name, DF.data_type AS data_type " ./*ok*/
+            "FROM $default->document_fields_table AS DF " .
+            "INNER JOIN $default->document_type_fields_table AS DTFL ON DF.id = DTFL.field_id " .
+             "WHERE DTFL.document_type_id = ? ";
+        $aParams = array($iDocumentTypeID);
+        if ($bMandatoryOnly) {
+            $sQuery .= "AND DFTL.is_mandatory = ? ";
+            $aParams[] = true;
+        }
+        $sQuery .= "ORDER BY DF.name ASC";
+        $result = $sql->query(array($sQuery, $aParams));
+
         if ($result) {
             $iCount = 0;
             while ($sql->next_record()) {