diff --git a/htdocs/commande/class/commande.class.php b/htdocs/commande/class/commande.class.php
index 268459a3c12049bfbbd6f40228638d8759c29391..cd97a6295f7fb71732e5643c98bce0ddff9eb488 100644
--- a/htdocs/commande/class/commande.class.php
+++ b/htdocs/commande/class/commande.class.php
@@ -9,7 +9,7 @@
* Copyright (C) 2012 Cedric Salvador <csalvador@gpcsolutions.fr>
* Copyright (C) 2013 Florian Henry <florian.henry@open-concept.pro>
* Copyright (C) 2014-2015 Marcos GarcĂa <marcosgdf@gmail.com>
- * Copyright (C) 2016 Ferran Marcet <fmarcet@2byte.es>
+ * Copyright (C) 2016-2017 Ferran Marcet <fmarcet@2byte.es>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@@ -135,6 +135,7 @@ class Commande extends CommonOrder
var $linked_objects=array();
var $user_author_id;
+ var $user_valid;
/**
* @var OrderLine[]
@@ -1505,7 +1506,7 @@ class Commande extends CommonOrder
// Check parameters
if (empty($id) && empty($ref) && empty($ref_ext) && empty($ref_int)) return -1;
- $sql = 'SELECT c.rowid, c.date_creation, c.ref, c.fk_soc, c.fk_user_author, c.fk_statut';
+ $sql = 'SELECT c.rowid, c.date_creation, c.ref, c.fk_soc, c.fk_user_author, c.fk_user_valid, c.fk_statut';
$sql.= ', c.amount_ht, c.total_ht, c.total_ttc, c.tva as total_tva, c.localtax1 as total_localtax1, c.localtax2 as total_localtax2, c.fk_cond_reglement, c.fk_mode_reglement, c.fk_availability, c.fk_input_reason';
$sql.= ', c.fk_account';
$sql.= ', c.date_commande';
@@ -1549,6 +1550,7 @@ class Commande extends CommonOrder
$this->socid = $obj->fk_soc;
$this->statut = $obj->fk_statut;
$this->user_author_id = $obj->fk_user_author;
+ $this->user_valid = $obj->fk_user_valid;
$this->total_ht = $obj->total_ht;
$this->total_tva = $obj->total_tva;
$this->total_localtax1 = $obj->total_localtax1;
@@ -2766,8 +2768,8 @@ class Commande extends CommonOrder
$sql.= " total_ht=".(isset($this->total_ht)?$this->total_ht:"null").",";
$sql.= " total_ttc=".(isset($this->total_ttc)?$this->total_ttc:"null").",";
$sql.= " fk_statut=".(isset($this->statut)?$this->statut:"null").",";
- $sql.= " fk_user_author=".(isset($this->user_author)?$this->user_author:"null").",";
- $sql.= " fk_user_valid=".(isset($this->fk_user_valid)?$this->fk_user_valid:"null").",";
+ $sql.= " fk_user_author=".(isset($this->user_author_id)?$this->user_author_id:"null").",";
+ $sql.= " fk_user_valid=".(isset($this->user_valid)?$this->user_valid:"null").",";
$sql.= " fk_projet=".(isset($this->fk_project)?$this->fk_project:"null").",";
$sql.= " fk_cond_reglement=".(isset($this->cond_reglement_id)?$this->cond_reglement_id:"null").",";
$sql.= " fk_mode_reglement=".(isset($this->mode_reglement_id)?$this->mode_reglement_id:"null").",";
diff --git a/htdocs/core/class/translate.class.php b/htdocs/core/class/translate.class.php
index 9ca6196b0184e41604fb22574563c471fe45adfa..cc1bea8d4200ca68ce74da564f0ebda654a092e4 100644
--- a/htdocs/core/class/translate.class.php
+++ b/htdocs/core/class/translate.class.php
@@ -442,7 +442,7 @@ class Translate
if (! $found)
{
// Overwrite translation with database read
- $sql="SELECT transkey, transvalue FROM ".MAIN_DB_PREFIX."overwrite_trans where lang='".$this->defaultlang."'";
+ $sql="SELECT transkey, transvalue FROM ".MAIN_DB_PREFIX."overwrite_trans where lang='".$db->escape($this->defaultlang)."'";
$resql=$db->query($sql);
if ($resql)