From 4e37714bcfead270be98ffde3fc9c47a7a54d0b1 Mon Sep 17 00:00:00 2001
From: Karl Burkhart <burkhart@technikum-wien.at>
Date: Fri, 20 Jul 2012 07:50:51 +0000
Subject: [PATCH] auf neue datenbankklasse umgeschrieben

---
 include/benutzer.class.php | 2 +-
 include/firma.class.php    | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/include/benutzer.class.php b/include/benutzer.class.php
index 87afb5f96..54101ff24 100644
--- a/include/benutzer.class.php
+++ b/include/benutzer.class.php
@@ -288,7 +288,7 @@ class benutzer extends person
 		
 		foreach($searchItems as $value)
 		{
-			$qry.=" OR lower(uid) = lower('".addslashes($value)."')"; 
+			$qry.=" OR lower(uid) = lower(".$this->db_add_param($value).")"; 
 		}
 		$qry.=")) a ORDER BY nachname, vorname";
 		
diff --git a/include/firma.class.php b/include/firma.class.php
index e0ce59d40..7e7c41825 100644
--- a/include/firma.class.php
+++ b/include/firma.class.php
@@ -796,7 +796,7 @@ class firma extends basis_db
 				'updateamum= now(), '.
 		     	'updatevon='.$this->db_add_param($this->updatevon).', '.
 		     	'ext_id='.$this->db_add_param($this->ext_id).' '.
-				'WHERE firma_organisationseinheit_id='.$this->db_add_param($this->firma_organisationseinheit_id).';';
+				'WHERE firma_organisationseinheit_id='.$this->db_add_param($this->firma_organisationseinheit_id, FHC_INTEGER).';';
 		}
 		if($this->db_query($qry))
 		{