From f6b3e9bca0b1e14f8a5a8c0cb18b1e5e6d909ef3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?St=C3=A9phane=20Duret?= Date: Wed, 7 Sep 2022 16:54:05 +0200 Subject: [PATCH] fix(web): enable the deletion of text parameters on contacts (#11330) * fix(web): enable the deletion of text parameters on contacts * Do not exceed 120 characters by line * Update www/include/configuration/configObject/contact/DB-Func.php Co-authored-by: TamazC <103252125+TamazC@users.noreply.github.com> Co-authored-by: TamazC <103252125+TamazC@users.noreply.github.com> --- .../configObject/contact/DB-Func.php | 18 ++++++++++++------ 1 file changed, 12 insertions(+), 6 deletions(-) diff --git a/www/include/configuration/configObject/contact/DB-Func.php b/www/include/configuration/configObject/contact/DB-Func.php index b00845707ca..1327f511e6d 100644 --- a/www/include/configuration/configObject/contact/DB-Func.php +++ b/www/include/configuration/configObject/contact/DB-Func.php @@ -694,8 +694,16 @@ function updateContact_MC($contact_id = null) return; } - $ret = array(); $ret = $form->getSubmitValues(); + + // Remove all parameters that have an empty value in order to keep + // the contact properties that have not been modified + foreach ($ret as $name => $value) { + if (is_string($value) && empty($value)) { + unset($ret[$name]); + } + } + $bindParams = sanitizeFormContactParameters($ret); $rq = "UPDATE contact SET "; foreach (array_keys($bindParams) as $token) { @@ -1280,15 +1288,13 @@ function sanitizeFormContactParameters(array $ret): array case 'contact_address5': case 'contact_address6': if ( - $inputValue = filter_var( + ($inputValue = filter_var( $inputValue ?? "", FILTER_SANITIZE_STRING, FILTER_FLAG_NO_ENCODE_QUOTES - ) + )) !== false ) { - if (!empty($inputValue)) { - $bindParams[':' . $inputName] = [\PDO::PARAM_STR => $inputValue]; - } + $bindParams[':' . $inputName] = [\PDO::PARAM_STR => $inputValue]; } break; }