From 67968de9b638688e96d54991abca9422149d08bb Mon Sep 17 00:00:00 2001
From: mdtrooper <tres.14159@gmail.com>
Date: Thu, 17 Feb 2011 15:47:51 +0000
Subject: [PATCH] 2011-02-17 Miguel de Dios  <miguel.dedios@artica.es>

	* operation/agentes/estado_agente.php: fixed the re-apply the safe_input in
	the search.

	Fixes: #3184647

	* include/functions_db.php: cleaned source code style.



git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@3899 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
---
 pandora_console/ChangeLog                      |  9 +++++++++
 pandora_console/include/functions_db.php       | 18 ++++++++++--------
 .../operation/agentes/estado_agente.php        | 16 +++++++++-------
 3 files changed, 28 insertions(+), 15 deletions(-)

diff --git a/pandora_console/ChangeLog b/pandora_console/ChangeLog
index d10afeb40b..2b763907a7 100644
--- a/pandora_console/ChangeLog
+++ b/pandora_console/ChangeLog
@@ -1,3 +1,12 @@
+2011-02-17 Miguel de Dios  <miguel.dedios@artica.es>
+
+	* operation/agentes/estado_agente.php: fixed the re-apply the safe_input in
+	the search.
+	
+	Fixes: #3184647
+	
+	* include/functions_db.php: cleaned source code style.
+
 2011-02-17  Ramon Novoa  <rnovoa@artica.es>
 
 	* include/functions.php: Hide custom SQL reports from non PM users
diff --git a/pandora_console/include/functions_db.php b/pandora_console/include/functions_db.php
index 8a3c96159d..cc877d67ae 100644
--- a/pandora_console/include/functions_db.php
+++ b/pandora_console/include/functions_db.php
@@ -605,6 +605,7 @@ function get_group_agents ($id_group = 0, $search = false, $case = "lower", $noA
 	}
 	
 	$sql = sprintf ("SELECT id_agente, nombre FROM tagente %s ORDER BY nombre", $search_sql);
+	
 	$result = get_db_all_rows_sql ($sql);
 	
 	if ($result === false)
@@ -613,14 +614,15 @@ function get_group_agents ($id_group = 0, $search = false, $case = "lower", $noA
 	$agents = array ();
 	foreach ($result as $row) {
 		switch ($case) {
-		case "lower":
-			$agents[$row["id_agente"]] = mb_strtolower ($row["nombre"], "UTF-8");
-		break;	
-		case "upper":
-			$agents[$row["id_agente"]] = mb_strtoupper ($row["nombre"], "UTF-8");
-		break;
-		default:
-			$agents[$row["id_agente"]] = $row["nombre"];
+			case "lower":
+				$agents[$row["id_agente"]] = mb_strtolower ($row["nombre"], "UTF-8");
+				break;
+			case "upper":
+				$agents[$row["id_agente"]] = mb_strtoupper ($row["nombre"], "UTF-8");
+				break;
+			default:
+				$agents[$row["id_agente"]] = $row["nombre"];
+				break;
 		}
 	}
 	return ($agents);
diff --git a/pandora_console/operation/agentes/estado_agente.php b/pandora_console/operation/agentes/estado_agente.php
index eab6d2e103..2acbbdf267 100644
--- a/pandora_console/operation/agentes/estado_agente.php
+++ b/pandora_console/operation/agentes/estado_agente.php
@@ -82,7 +82,7 @@ if (is_ajax ()) {
 
 // Take some parameters (GET)
 $group_id = (int) get_parameter ("group_id", 0);
-$search = get_parameter ("search", "");
+$search = safe_output(get_parameter ("search", ""));
 $offset = get_parameter('offset', 0);
 $refr = get_parameter('refr', 0);
 
@@ -113,7 +113,7 @@ print_submit_button (__('Search'), "srcbutton", '', array ("class" => "sub searc
 echo '</td><td style="width:40%;">&nbsp;</td></tr></table></form>';
 
 if ($search != ""){
-	$filter = array ("string" => '%'.$search.'%');
+	$filter = array ("string" => '%' . $search . '%');
 }
 else {
 	$filter = array ();
@@ -215,11 +215,13 @@ switch ($sortField) {
 if ($group_id > 0) {
 	$groups = $group_id;
 	$agent_names = get_group_agents ($group_id, $filter, "upper");
-// Not selected any specific group
-} else {
-	$user_group = get_user_groups ($config["id_user"], "AR");
-	$groups = array_keys ($user_group);
-	$agent_names = get_group_agents (array_keys ($user_group), $filter, "upper");
+}
+else {
+	// Not selected any specific group
+	
+	$user_group = get_user_groups($config["id_user"], "AR");
+	$groups = array_keys($user_group);
+	$agent_names = get_group_agents(array_keys ($user_group), $filter, "upper");
 }
 
 $total_agents = 0;