summaryrefslogtreecommitdiffstats
path: root/admin/WebConsole/includes/HTMLSELECT.php
diff options
context:
space:
mode:
Diffstat (limited to 'admin/WebConsole/includes/HTMLSELECT.php')
-rw-r--r--admin/WebConsole/includes/HTMLSELECT.php7
1 files changed, 5 insertions, 2 deletions
diff --git a/admin/WebConsole/includes/HTMLSELECT.php b/admin/WebConsole/includes/HTMLSELECT.php
index 077e7680..5db2e45b 100644
--- a/admin/WebConsole/includes/HTMLSELECT.php
+++ b/admin/WebConsole/includes/HTMLSELECT.php
@@ -20,6 +20,9 @@
// - clausulawhere: Clausula Where adicional
// *************************************************************************************************************************************************
function HTMLSELECT($cmd,$idcentro,$nombretabla,$identificador,$nombreid,$nombreliteral,$ancho,$eventochg = "",$clase="",$clausulawhere=""){
+ $nombretabla=htmlentities($nombretabla);
+ $nombreid=htmlentities($nombreid);
+ $nombreliteral=htmlentities($nombreliteral);
if (!empty($eventochg)) $eventochg='onchange="'.$eventochg.'(this);"';
if (empty($clase)) $clase='formulariodatos';
$SelectHtml="";
@@ -30,7 +33,7 @@ function HTMLSELECT($cmd,$idcentro,$nombretabla,$identificador,$nombreid,$nombre
$cmd->texto.=" AND (".$clausulawhere.")";
}
else{
- $cmd->texto='SELECT * FROM '.$nombretabla;
+ $cmd->texto='SELECT DISTINCT '.$nombreid.', '.$nombreliteral.' FROM '.$nombretabla;
if(!empty($clausulawhere))
$cmd->texto.=" WHERE (".$clausulawhere.")";
}
@@ -49,4 +52,4 @@ function HTMLSELECT($cmd,$idcentro,$nombretabla,$identificador,$nombreid,$nombre
}$SelectHtml.= '</SELECT>';
$rs->Cerrar();
return($SelectHtml);
-} \ No newline at end of file
+}