diff --git a/APPL/BEZ/bez_check_in.asp b/APPL/BEZ/bez_check_in.asp index d76e50bb8d..fd85353d16 100644 --- a/APPL/BEZ/bez_check_in.asp +++ b/APPL/BEZ/bez_check_in.asp @@ -38,7 +38,7 @@ for (i = 0 ; i < bez_key_arr.length; i++) sql = "SELECT bez_afspraak_datum, b.bez_afspraak_key, b.bez_afspraak_naam" + " FROM bez_afspraak a, bez_bezoekers b" + " WHERE a.bez_afspraak_key = b.bez_afspraak_key" - + " AND TRUNC(SYSDATE) >= TRUNC(bez_afspraak_datum) - " + vis_future_checkin + + " AND TRUNC(SYSDATE) >= TRUNC(bez_afspraak_datum) - " + S("vis_future_checkin") + (undo_check_in? " AND bez_bezoekers_out IS NULL" : "") + " AND b.bez_bezoekers_key = " + bez_key_arr[i]; diff --git a/APPL/CAD/ins_change.asp b/APPL/CAD/ins_change.asp index d94b7b00af..fb0a04a267 100644 --- a/APPL/CAD/ins_change.asp +++ b/APPL/CAD/ins_change.asp @@ -132,11 +132,11 @@ else if (Request.QueryString("newX").Count > 0) var vKey = getQParamInt("floor"); if (scenario_key == 0) - var sql = "SELECT alg_ruimte_key rkey FROM " + fg_syncruimteview + var sql = "SELECT alg_ruimte_key rkey FROM " + S("fg_syncruimteview") + " WHERE cadlabel = " + safe.quoted_sql(lblContour) + " AND alg_verdieping_key = " + vKey; else - var sql = "SELECT prj_ruimte_key rkey FROM " + fg_prj_syncruimteview + var sql = "SELECT prj_ruimte_key rkey FROM " + S("fg_prj_syncruimteview") + " WHERE cadlabel = " + safe.quoted_sql(lblContour) + " AND alg_verdieping_key = " + vKey + " AND prj_scenario_key = " + scenario_key; diff --git a/APPL/CAD/wp_change.asp b/APPL/CAD/wp_change.asp index 210320f6c0..86bff006f8 100644 --- a/APPL/CAD/wp_change.asp +++ b/APPL/CAD/wp_change.asp @@ -114,7 +114,7 @@ else if (Request.QueryString("newX").Count > 0) { // Ook/alfanumeriek naar nieuwe werkplek if (scenario_key==0) { - sql = "SELECT alg_ruimte_key FROM " + fg_syncruimteview + sql = "SELECT alg_ruimte_key FROM " + S("fg_syncruimteview") + " WHERE cadlabel = " + safe.quoted_sql(lblContour) + " AND alg_verdieping_key = " + vKey; var oRs = Oracle.Execute(sql); @@ -124,7 +124,7 @@ else if (Request.QueryString("newX").Count > 0) } else { - sql = "SELECT prj_ruimte_key FROM " + fg_prj_syncruimteview + sql = "SELECT prj_ruimte_key FROM " + S("fg_prj_syncruimteview") + " WHERE cadlabel = " + safe.quoted_sql(lblContour) + " AND alg_verdieping_key = " + vKey + " AND prj_scenario_key = " + scenario_key; diff --git a/APPL/CNT/cnt_huurmut_edit.asp b/APPL/CNT/cnt_huurmut_edit.asp index 5ff6747300..dbc64aa4c8 100644 --- a/APPL/CNT/cnt_huurmut_edit.asp +++ b/APPL/CNT/cnt_huurmut_edit.asp @@ -135,7 +135,7 @@ var params = { contractnr: (cnt_key > 0? cnt_key : null), + ", COALESCE((SELECT FAC.safe_To_Number(alg_onrgoedkenmerk_waarde)" + " FROM alg_onrgoedkenmerk aok" + " WHERE aok.alg_onrgoed_key = ao.alg_onroerendgoed_keys" - + " AND (aok.alg_kenmerk_key = " + alg_ruimte_comm_opp_key + + " AND (aok.alg_kenmerk_key = " + S("alg_ruimte_comm_opp_key") + " OR aok.alg_kenmerk_key = " + S("alg_terrein_comm_opp_key") + ")), 0) oppervlak" + ", COALESCE(av.alg_srtruimte_key, at.alg_srtterreinsector_key) tarief_key" + ", COALESCE(ao.alg_srtruimte_code, ao.alg_srtterreinsector_code) tariefsoort" @@ -177,7 +177,7 @@ var params = { contractnr: (cnt_key > 0? cnt_key : null), sql_cntafwopp2b = ", COALESCE((SELECT fac.safe_to_number (alg_onrgoedkenmerk_waarde)" + " FROM alg_onrgoedkenmerk aok" + " WHERE aok.alg_onrgoed_key = ao.alg_onroerendgoed_keys" - + " AND (aok.alg_kenmerk_key = " + alg_ruimte_comm_opp_key + + " AND (aok.alg_kenmerk_key = " + S("alg_ruimte_comm_opp_key") + " OR aok.alg_kenmerk_key = " + S("alg_terrein_comm_opp_key") + ")), 0)" + " - SUM (COALESCE (cnt_contract_onrgoed_opp2, 0)) cntafwopp2b"; else if (rtype == "room_with_afw") diff --git a/APPL/CNT/cnt_huurmut_search.asp b/APPL/CNT/cnt_huurmut_search.asp index a9fc025308..4cfd685c83 100644 --- a/APPL/CNT/cnt_huurmut_search.asp +++ b/APPL/CNT/cnt_huurmut_search.asp @@ -145,9 +145,9 @@ if (!oRs.eof) + " AND (m.mld_melding_status = 4 OR m.mld_melding_status = 7)" + " AND m.prs_perslid_key = p.prs_perslid_key " + " AND km.mld_melding_key(+) = m.mld_melding_key" - + " AND km.mld_kenmerk_key(+) = " + mld_contract_startdate_key + + " AND km.mld_kenmerk_key(+) = " + S("mld_contract_startdate_key") + " AND cog.cnt_mld_melding_key(+) = m.mld_melding_key" - + " AND sm.mld_ins_discipline_key = " + mld_huurmut_vakgroep_key + + " AND sm.mld_ins_discipline_key = " + S("mld_huurmut_vakgroep_key") + " ORDER BY 1"; FCLTselector("cntmld_key", diff --git a/APPL/CNT/cnt_huurmutovz_list.asp b/APPL/CNT/cnt_huurmutovz_list.asp index b618bc489a..3541b4b16c 100644 --- a/APPL/CNT/cnt_huurmutovz_list.asp +++ b/APPL/CNT/cnt_huurmutovz_list.asp @@ -55,7 +55,7 @@ var showall = getQParamInt("showall", 0) == 1; + " cnt_contract_onrgoed co" + " WHERE co.cnt_mld_melding_key = m.mld_melding_key" + " AND km.mld_melding_key(+) = m.mld_melding_key" - + " AND km.mld_kenmerk_key(+) = " + mld_contract_startdate_key + + " AND km.mld_kenmerk_key(+) = " + S("mld_contract_startdate_key") + " AND m.prs_perslid_key = p.prs_perslid_key " + " AND l.alg_locatie_key = m.mld_alg_locatie_key " + (loc != -1 ? " AND l.alg_locatie_key = " + loc : "") diff --git a/APPL/FAC/fac_faq_list.asp b/APPL/FAC/fac_faq_list.asp index 7ce3d71d5c..a05ed95f60 100644 --- a/APPL/FAC/fac_faq_list.asp +++ b/APPL/FAC/fac_faq_list.asp @@ -61,7 +61,7 @@ if (searchtext != null) sql += " AND BITAND (fac_faq_level, 2) = 0"; if (!authparamsUSE) sql += " AND BITAND (fac_faq_level, 1) = 0"; - sql += " AND ROWNUM < " + faq_max_results + sql += " AND ROWNUM < " + S("faq_max_results") + " AND (fac_faq_datum < SYSDATE OR prs_perslid_key = " + user_key + ")"; // zelf ingevoerd zie je wel terug } sql += " ORDER BY fac_faq_rank DESC" diff --git a/APPL/FAC/prodsearch.asp b/APPL/FAC/prodsearch.asp index 7426ee5191..20e9632f4d 100644 --- a/APPL/FAC/prodsearch.asp +++ b/APPL/FAC/prodsearch.asp @@ -585,7 +585,7 @@ if (S("faq_enabled") == 1) { + " FROM fac_faq" + " WHERE " + fac.createOrOrClause("UPPER(fac_faq_question)", supper, 3) + " OR " + fac.createOrOrClause("UPPER(fac_faq_answer)", supper, 3) - + " AND ROWNUM < " + faq_max_results + + " AND ROWNUM < " + S("faq_max_results") + " AND fac_faq_datum < SYSDATE" // zelf ingevoerd zie je hier niet per se terug + " ORDER BY fac_faq_rank DESC, fac_faq_datum DESC" // TODO: als ik FAQUSE-read heb dan alleen level 1, als ik faqfof-read heb dan ook 2 diff --git a/APPL/MLD/loadMaterialOptions.asp b/APPL/MLD/loadMaterialOptions.asp index 964c65873d..aa682e709a 100644 --- a/APPL/MLD/loadMaterialOptions.asp +++ b/APPL/MLD/loadMaterialOptions.asp @@ -28,7 +28,7 @@ sql = "SELECT ud.fac_usrdata_key" + " , ud.fac_usrdata_omschr" + " , ud.fac_usrdata_prijs prijs" + " FROM fac_usrdata ud" - + " WHERE ud.fac_usrtab_key = " + mld_ordermaterial_fac_usrtab_key + + " WHERE ud.fac_usrtab_key = " + S("mld_ordermaterial_fac_usrtab_key") + " AND ud.fac_usrdata_key " + (filter == "P"? "NOT" : "") + " IN (" + matkeystr.join(",") + ")" + " AND ud.fac_usrdata_verwijder IS NULL" + " ORDER BY UPPER(ud.fac_usrdata_omschr)"; diff --git a/APPL/PRJ/prj_edit_scenario.asp b/APPL/PRJ/prj_edit_scenario.asp index bd5681922c..226578468e 100644 --- a/APPL/PRJ/prj_edit_scenario.asp +++ b/APPL/PRJ/prj_edit_scenario.asp @@ -133,7 +133,7 @@ else + " WHERE prs_perslid_key = " + user_key + " AND niveau = " + authparams.ALGreadlevel + ")" : "") - + " AND stdm.mld_ins_discipline_key = " + prj_discipline_key + + " AND stdm.mld_ins_discipline_key = " + S("prj_discipline_key") + " AND m.mld_melding_status IN (4,7)" + " ORDER BY 1"; diff --git a/APPL/PRJ/prj_search.asp b/APPL/PRJ/prj_search.asp index ccecb14608..e20742835b 100644 --- a/APPL/PRJ/prj_search.asp +++ b/APPL/PRJ/prj_search.asp @@ -73,7 +73,7 @@ var authparams = user.checkAutorisation(autfunction); + " WHERE prs_perslid_key = " + user_key + " AND niveau = " + authparams.ALGreadlevel + ")" : "") - + " AND stdm.mld_ins_discipline_key = " + prj_discipline_key + + " AND stdm.mld_ins_discipline_key = " + S("prj_discipline_key") + " AND m.mld_melding_status IN (4, 7)" + " ORDER BY 1" FCLTselector("verhuisaanvraag", diff --git a/APPL/PRS/ShowPictures.asp b/APPL/PRS/ShowPictures.asp index 072a759e99..23104a4008 100644 --- a/APPL/PRS/ShowPictures.asp +++ b/APPL/PRS/ShowPictures.asp @@ -21,7 +21,7 @@ var sql = "SELECT prs_kenmerklink_waarde" + " FROM prs_kenmerklink" - + " WHERE prs_kenmerk_key = " + prs_photo_kenmerk_key + + " WHERE prs_kenmerk_key = " + S("prs_photo_kenmerk_key") + " AND prs_link_key = " + prs_key ; var oRs = Oracle.Execute(sql); @@ -36,7 +36,7 @@ // Foto is badgenummer + .jpg sql = "SELECT prs_kenmerklink_waarde" + " FROM prs_kenmerklink" - + " WHERE prs_kenmerk_key = " + badgenum_kenmerk_key + + " WHERE prs_kenmerk_key = " + S("badgenum_kenmerk_key") + " AND prs_link_key = " + prs_key ; oRs = Oracle.Execute(sql); diff --git a/APPL/PRS/prs_phonebook_list.asp b/APPL/PRS/prs_phonebook_list.asp index 7ffb03e44a..bad7e8c3e6 100644 --- a/APPL/PRS/prs_phonebook_list.asp +++ b/APPL/PRS/prs_phonebook_list.asp @@ -112,7 +112,7 @@ var met_foto = getQParam("pb_photo","off")=="on"; { sql += ", (select PRS_KENMERKLINK_WAARDE " + " from PRS_v_aanwezigKENMERKLINK PIC" - + " WHERE PIC.PRS_KENMERK_KEY = " + prs_photo_kenmerk_key + + " WHERE PIC.PRS_KENMERK_KEY = " + S("prs_photo_kenmerk_key") + " AND PIC.PRS_LINK_KEY = P.PRS_PERSLID_KEY) FOTOPUBLIEK"; } sql += ", (SELECT prs_afdeling_omschrijving FROM prs_afdeling" @@ -152,7 +152,7 @@ var met_foto = getQParam("pb_photo","off")=="on"; sql += " AND p.prs_perslid_key IN" + " (SELECT prs_link_key" + " FROM prs_kenmerklink" - + " WHERE prs_kenmerk_key = " + ph_cust_flexsearch_key + + " WHERE prs_kenmerk_key = " + S("ph_cust_flexsearch_key") + " AND prs_kenmerklink_waarde = " + safe.quoted_sql(cust_flex) + " AND prs_kenmerklink_niveau = 'P'" + " AND prs_kenmerklink_verwijder IS NULL)" @@ -262,13 +262,13 @@ var met_foto = getQParam("pb_photo","off")=="on"; if (S("locphone_kenmerk_key") > -1) { sql += ",(select alg_onrgoedkenmerk_waarde" - + " from alg_onrgoedkenmerk where alg_kenmerk_key = " + locphone_kenmerk_key + + " from alg_onrgoedkenmerk where alg_kenmerk_key = " + S("locphone_kenmerk_key") + " AND alg_onrgoedkenmerk_verwijder IS NULL" + " AND alg_onrgoed_key(+) = l.alg_locatie_key) ph"; } if (S("locfax_kenmerk_key") > -1) { sql += ",(select alg_onrgoedkenmerk_waarde" - + " from alg_onrgoedkenmerk where alg_kenmerk_key = " + locfax_kenmerk_key + + " from alg_onrgoedkenmerk where alg_kenmerk_key = " + S("locfax_kenmerk_key") + " AND alg_onrgoedkenmerk_verwijder IS NULL" + " AND alg_onrgoed_key(+) = l.alg_locatie_key) fx"; } diff --git a/APPL/Shared/UploadForm_save.asp b/APPL/Shared/UploadForm_save.asp index ad2dc082be..04916f196c 100644 --- a/APPL/Shared/UploadForm_save.asp +++ b/APPL/Shared/UploadForm_save.asp @@ -189,7 +189,7 @@ Public Function VB_savefile(regFilter, flexAllowedExt, fullpath, doEncrypt) safefilename = safe.filename(Right(filepathname,Len(filepathname)-InstrRev(filepathname,"\"))) Set re = new regexp - re.Pattern = flexAllowedExt + re.Pattern = S("flexAllowedExt") re.IgnoreCase = true If Not re.test(safefilename) Then result.add "message", L("lcl_shared_file_ext_not_allowed") diff --git a/APPL/Shared/sendPasswrd.asp b/APPL/Shared/sendPasswrd.asp index 82bc158250..0648f27604 100644 --- a/APPL/Shared/sendPasswrd.asp +++ b/APPL/Shared/sendPasswrd.asp @@ -15,7 +15,7 @@ sql = "UPDATE prs_perslid " + " SET prs_perslid_authenticatie = dbms_random.string('L',8) " - + " , prs_perslid_authenticatie_exp = sysdate + (1/(24*60))*"+mobile_password_exp + + " , prs_perslid_authenticatie_exp = sysdate + (1/(24*60))*"+S("mobile_password_exp") + " WHERE prs_perslid_oslogin = " + safe.quoted_sql_upper(pLogin); Oracle.Execute(sql);