mirror of
https://github.com/Dolibarr/dolibarr.git
synced 2025-02-20 13:46:52 +01:00
Clean code from _GET
This commit is contained in:
Laurent Destailleur
parent
39d2f3376f
commit
3e8c3edd6d
|
|
@ -281,8 +281,8 @@ if (($action == 'update' && !GETPOST("cancel", 'alpha'))
|
|||
}
|
||||
|
||||
if ($action == 'addthumb' || $action == 'addthumbsquarred') { // Regenerate thumbs
|
||||
if (file_exists($conf->mycompany->dir_output.'/logos/'.$_GET["file"])) {
|
||||
$isimage = image_format_supported($_GET["file"]);
|
||||
if (file_exists($conf->mycompany->dir_output.'/logos/'.GETPOST("file"))) {
|
||||
$isimage = image_format_supported(GETPOST("file"));
|
||||
|
||||
// Create thumbs of logo
|
||||
if ($isimage > 0) {
|
||||
|
|
@ -297,7 +297,7 @@ if ($action == 'addthumb' || $action == 'addthumbsquarred') { // Regenerate thu
|
|||
//$object->addThumbs($newfile); // We can't use addThumbs here yet because we need name of generated thumbs to add them into constants. TODO Check if need such constants. We should be able to retrieve value with get...
|
||||
|
||||
// Create small thumb. Used on logon for example
|
||||
$imgThumbSmall = vignette($conf->mycompany->dir_output.'/logos/'.$_GET["file"], $maxwidthsmall, $maxheightsmall, '_small', $quality);
|
||||
$imgThumbSmall = vignette($conf->mycompany->dir_output.'/logos/'.GETPOST("file"), $maxwidthsmall, $maxheightsmall, '_small', $quality);
|
||||
if (image_format_supported($imgThumbSmall) >= 0 && preg_match('/([^\\/:]+)$/i', $imgThumbSmall, $reg)) {
|
||||
$imgThumbSmall = $reg[1]; // Save only basename
|
||||
dolibarr_set_const($db, $constant."_SMALL", $imgThumbSmall, 'chaine', 0, '', $conf->entity);
|
||||
|
|
@ -306,7 +306,7 @@ if ($action == 'addthumb' || $action == 'addthumbsquarred') { // Regenerate thu
|
|||
}
|
||||
|
||||
// Create mini thumbs. Used on menu or for setup page for example
|
||||
$imgThumbMini = vignette($conf->mycompany->dir_output.'/logos/'.$_GET["file"], $maxwidthmini, $maxheightmini, '_mini', $quality);
|
||||
$imgThumbMini = vignette($conf->mycompany->dir_output.'/logos/'.GETPOST("file"), $maxwidthmini, $maxheightmini, '_mini', $quality);
|
||||
if (image_format_supported($imgThumbSmall) >= 0 && preg_match('/([^\\/:]+)$/i', $imgThumbMini, $reg)) {
|
||||
$imgThumbMini = $reg[1]; // Save only basename
|
||||
dolibarr_set_const($db, $constant."_MINI", $imgThumbMini, 'chaine', 0, '', $conf->entity);
|
||||
|
|
|
|||
|
|
@ -293,7 +293,7 @@ show_ldap_test_button($butlabel, $testlabel, $key, $dn, $objectclass);
|
|||
|
||||
|
||||
if (function_exists("ldap_connect")) {
|
||||
if ($_GET["action"] == 'test') {
|
||||
if ($action == 'test') {
|
||||
// Create object
|
||||
$object = new Contact($db);
|
||||
$object->initAsSpecimen();
|
||||
|
|
|
|||
|
|
@ -444,7 +444,7 @@ if (getDolGlobalString('LDAP_MEMBER_ACTIVE')) {
|
|||
}
|
||||
|
||||
if (function_exists("ldap_connect")) {
|
||||
if ($_GET["action"] == 'testmember') {
|
||||
if ($action == 'testmember') {
|
||||
// Create object
|
||||
$object = new Adherent($db);
|
||||
$object->initAsSpecimen();
|
||||
|
|
|
|||
|
|
@ -200,7 +200,7 @@ if (getDolGlobalInt('LDAP_MEMBER_TYPE_ACTIVE') === Ldap::SYNCHRO_DOLIBARR_TO_LDA
|
|||
}
|
||||
|
||||
if (function_exists("ldap_connect")) {
|
||||
if ($_GET["action"] == 'testmembertype') {
|
||||
if ($action == 'testmembertype') {
|
||||
// Create object
|
||||
$object = new AdherentType($db);
|
||||
$object->initAsSpecimen();
|
||||
|
|
|
|||
|
|
@ -80,7 +80,7 @@ if ($action == 'update' || $action == 'add') {
|
|||
|
||||
// Action to activate a submodule of the 'adherent' module
|
||||
if ($action == 'set') {
|
||||
$result = dolibarr_set_const($db, $_GET["name"], $_GET["value"], '', 0, '', $conf->entity);
|
||||
$result = dolibarr_set_const($db, GETPOST("name", 'aZ09'), GETPOST("value"), '', 0, '', $conf->entity);
|
||||
if ($result < 0) {
|
||||
dol_print_error($db);
|
||||
}
|
||||
|
|
@ -88,7 +88,7 @@ if ($action == 'set') {
|
|||
|
||||
// Action to deactivate a submodule of the 'adherent' module
|
||||
if ($action == 'unset') {
|
||||
$result = dolibarr_del_const($db, $_GET["name"], $conf->entity);
|
||||
$result = dolibarr_del_const($db, GETPOST("name", 'aZ09'), $conf->entity);
|
||||
if ($result < 0) {
|
||||
dol_print_error($db);
|
||||
}
|
||||
|
|
|
|||
|
|
@ -30,7 +30,7 @@
|
|||
* \brief Page to activate/disable all modules
|
||||
*/
|
||||
|
||||
if (!defined('CSRFCHECK_WITH_TOKEN') && (empty($_GET['action']) || $_GET['action'] != 'reset')) { // We force security except to disable modules so we can do it if problem of a module
|
||||
if (!defined('CSRFCHECK_WITH_TOKEN') && (empty($_GET['action']) || $_GET['action'] != 'reset')) { // We force security except to disable modules so we can do it if a problem occurs on a module
|
||||
define('CSRFCHECK_WITH_TOKEN', '1'); // Force use of CSRF protection with tokens even for GET
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -82,7 +82,7 @@ if ($action == 'update' || $action == 'add') {
|
|||
|
||||
// Action activation d'un sous module du module adherent
|
||||
if ($action == 'set') {
|
||||
$result = dolibarr_set_const($db, $_GET["name"], $_GET["value"], '', 0, '', $conf->entity);
|
||||
$result = dolibarr_set_const($db, GETPOST("name", 'aZ09'), GETPOST("value"), '', 0, '', $conf->entity);
|
||||
if ($result < 0) {
|
||||
dol_print_error($db);
|
||||
}
|
||||
|
|
@ -90,7 +90,7 @@ if ($action == 'set') {
|
|||
|
||||
// Action deactivation d'un sous module du module adherent
|
||||
if ($action == 'unset') {
|
||||
$result = dolibarr_del_const($db, $_GET["name"], $conf->entity);
|
||||
$result = dolibarr_del_const($db, GETPOST("name", 'aZ09'), $conf->entity);
|
||||
if ($result < 0) {
|
||||
dol_print_error($db);
|
||||
}
|
||||
|
|
|
|||
|
|
@ -115,7 +115,7 @@ if (versioncompare(versionphparray(), $arrayphpminversionerror) < 0) {
|
|||
print '</td></tr>';
|
||||
print '<tr><td>GET and POST support</td><td>';
|
||||
|
||||
if (!isset($_GET["testget"]) && !isset($_POST["testpost"]) && !isset($_GET["mainmenu"])) { // We must keep $_GET and $_POST here
|
||||
if (!isset($_GET["testget"]) && !isset($_POST["testpost"]) && !isset($_GET["mainmenu"])) { // We must keep $_GET and $_POST here. This is a specific test.
|
||||
print '<img src="'.$WarningPicturePath.'" alt="Warning"> '.$langs->trans("PHPSupportPOSTGETKo");
|
||||
print ' (<a href="'.$_SERVER["PHP_SELF"].'?testget=ok">'.$langs->trans("Recheck").'</a>)';
|
||||
} else {
|
||||
|
|
|
|||
|
|
@ -166,7 +166,7 @@ if (in_array($type, array('mysql', 'mysqli'))) {
|
|||
print '<textarea rows="1" id="restorecommand" class="centpercent">'.$langs->trans("ImportMySqlCommand", $command, ($showpass ? $paramclear : $paramcrypted)).'</textarea><br>';
|
||||
print ajax_autoselect('restorecommand');
|
||||
|
||||
if (empty($_GET["showpass"]) && $dolibarr_main_db_pass) {
|
||||
if (!GETPOST("showpass") && $dolibarr_main_db_pass) {
|
||||
print '<br><a href="'.$_SERVER["PHP_SELF"].'?showpass=1&radio_dump=mysql_options">'.$langs->trans("UnHidePassword").'</a>';
|
||||
}
|
||||
//else print '<br><a href="'.$_SERVER["PHP_SELF"].'?showpass=0&radio_dump=mysql_options">'.$langs->trans("HidePassword").'</a>';
|
||||
|
|
@ -205,8 +205,6 @@ if (in_array($type, array('mysql', 'mysqli'))) {
|
|||
print '<br>';
|
||||
print '<textarea rows="1" id="restorecommand" class="centpercent">'.$langs->trans("ImportPostgreSqlCommand", $command, ($showpass ? $paramclear : $paramcrypted)).'</textarea><br>';
|
||||
print ajax_autoselect('restorecommand');
|
||||
//if (empty($_GET["showpass"]) && $dolibarr_main_db_pass) print '<br><a href="'.$_SERVER["PHP_SELF"].'?showpass=1&radio_dump=postgresql_options">'.$langs->trans("UnHidePassword").'</a>';
|
||||
//else print '<br><a href="'.$_SERVER["PHP_SELF"].'?showpass=0&radio_dump=mysql_options">'.$langs->trans("HidePassword").'</a>';
|
||||
print '</div>';
|
||||
|
||||
print '<br>';
|
||||
|
|
|
|||
|
|
@ -300,11 +300,6 @@ if (GETPOST('actionadd', 'alpha') || GETPOST('actionmodify', 'alpha')) {
|
|||
$db->rollback();
|
||||
}
|
||||
}
|
||||
//$_GET["id"]=GETPOST('id', 'int'); // Force affichage dictionnaire en cours d'edition
|
||||
}
|
||||
|
||||
if (GETPOST('actioncancel', 'alpha')) {
|
||||
//$_GET["id"]=GETPOST('id', 'int'); // Force affichage dictionnaire en cours d'edition
|
||||
}
|
||||
|
||||
if ($action == 'confirm_delete' && $confirm == 'yes') { // delete
|
||||
|
|
|
|||
|
|
@ -106,7 +106,7 @@ class DolibarrApiAccess implements iAuthenticate
|
|||
|
||||
// api key can be provided in url with parameter api_key=xxx or ni header with header DOLAPIKEY:xxx
|
||||
$api_key = '';
|
||||
if (isset($_GET['api_key'])) { // For backward compatibility
|
||||
if (isset($_GET['api_key'])) { // For backward compatibility. Keep $_GET here.
|
||||
// TODO Add option to disable use of api key on url. Return errors if used.
|
||||
$api_key = $_GET['api_key'];
|
||||
}
|
||||
|
|
|
|||
|
|
@ -29,7 +29,7 @@
|
|||
*/
|
||||
function printDropdownBookmarksList()
|
||||
{
|
||||
global $conf, $user, $db, $langs, $sortfield, $sortorder;
|
||||
global $user, $db, $langs, $sortfield, $sortorder;
|
||||
|
||||
require_once DOL_DOCUMENT_ROOT.'/bookmarks/class/bookmark.class.php';
|
||||
require_once DOL_DOCUMENT_ROOT.'/core/lib/functions.lib.php';
|
||||
|
|
@ -40,7 +40,7 @@ function printDropdownBookmarksList()
|
|||
$url = $_SERVER["PHP_SELF"];
|
||||
$url_param = array();
|
||||
if (!empty($_SERVER["QUERY_STRING"])) {
|
||||
if (is_array($_GET)) {
|
||||
if (is_array($_GET)) { // Parse the original GET URL. So we must keep $_GET here.
|
||||
foreach ($_GET as $key => $val) {
|
||||
if (is_array($val)) {
|
||||
foreach ($val as $tmpsubval) {
|
||||
|
|
|
|||
|
|
@ -95,12 +95,12 @@ if (empty($reshook)) {
|
|||
}
|
||||
}
|
||||
|
||||
if ($action == 'confirm_delete' && $_GET["file"] && $confirm == 'yes' && $user->hasRight('categorie', 'creer')) {
|
||||
$object->delete_photo($upload_dir."/".$_GET["file"]);
|
||||
if ($action == 'confirm_delete' && GETPOST("file") && $confirm == 'yes' && $user->hasRight('categorie', 'creer')) {
|
||||
$object->delete_photo($upload_dir."/".GETPOST("file"));
|
||||
}
|
||||
|
||||
if ($action == 'addthumb' && $_GET["file"]) {
|
||||
$object->addThumbs($upload_dir."/".$_GET["file"]);
|
||||
if ($action == 'addthumb' && GETPOST("file")) {
|
||||
$object->addThumbs($upload_dir."/".GETPOST("file"));
|
||||
}
|
||||
}
|
||||
|
||||
|
|
@ -133,10 +133,10 @@ if ($object->id) {
|
|||
dol_banner_tab($object, 'label', $linkback, ($user->socid ? 0 : 1), 'label', 'label', $morehtmlref, '&type='.$type, 0, '', '', 1);
|
||||
|
||||
/*
|
||||
* Confirmation de la suppression de photo
|
||||
*/
|
||||
* Confirmation deletion of picture
|
||||
*/
|
||||
if ($action == 'delete') {
|
||||
print $form->formconfirm($_SERVER["PHP_SELF"].'?id='.$object->id.'&type='.$type.'&file='.$_GET["file"], $langs->trans('DeletePicture'), $langs->trans('ConfirmDeletePicture'), 'confirm_delete', '', 0, 1);
|
||||
print $form->formconfirm($_SERVER["PHP_SELF"].'?id='.$object->id.'&type='.urlencode($type).'&file='.urlencode(GETPOST("file")), $langs->trans('DeletePicture'), $langs->trans('ConfirmDeletePicture'), 'confirm_delete', '', 0, 1);
|
||||
}
|
||||
|
||||
print '<br>';
|
||||
|
|
|
|||
|
|
@ -52,7 +52,6 @@ if ($user->socid) {
|
|||
$socid = $user->socid;
|
||||
}
|
||||
if ($user->socid > 0) {
|
||||
unset($_GET["action"]);
|
||||
$action = '';
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -972,7 +972,7 @@ if ($action == 'create') {
|
|||
if (getDolGlobalString('MAILING_SMTP_SETUP_EMAILS_FOR_QUESTIONS')) {
|
||||
setEventMessages($langs->trans("MailSendSetupIs3", getDolGlobalString('MAILING_SMTP_SETUP_EMAILS_FOR_QUESTIONS')), null, 'warnings');
|
||||
}
|
||||
$_GET["action"] = '';
|
||||
$action = '';
|
||||
} elseif (getDolGlobalInt('MAILING_LIMIT_SENDBYWEB') < 0) {
|
||||
if (getDolGlobalString('MAILING_LIMIT_WARNING_PHPMAIL') && $sendingmode == 'mail') {
|
||||
setEventMessages($langs->transnoentitiesnoconv($conf->global->MAILING_LIMIT_WARNING_PHPMAIL), null, 'warnings');
|
||||
|
|
@ -987,7 +987,7 @@ if ($action == 'create') {
|
|||
if ($conf->file->mailing_limit_sendbyweb != '-1') { // MAILING_LIMIT_SENDBYWEB was set to -1 in database, but it is allowed to increase it.
|
||||
setEventMessages($langs->trans("MailingNeedCommand2"), null, 'warnings'); // You can send online with constant...
|
||||
}
|
||||
$_GET["action"] = '';
|
||||
$action = '';
|
||||
} else {
|
||||
if (getDolGlobalString('MAILING_LIMIT_WARNING_PHPMAIL') && $sendingmode == 'mail') {
|
||||
setEventMessages($langs->transnoentitiesnoconv($conf->global->MAILING_LIMIT_WARNING_PHPMAIL), null, 'warnings');
|
||||
|
|
|
|||
|
|
@ -682,8 +682,8 @@ if (empty($reshook)) {
|
|||
$db->rollback();
|
||||
|
||||
$action = 'create';
|
||||
$_GET["origin"] = $_POST["origin"];
|
||||
$_GET["originid"] = $_POST["originid"];
|
||||
$_GET["origin"] = $_POST["origin"]; // Keep GET and POST here ?
|
||||
$_GET["originid"] = $_POST["originid"]; // Keep GET and POST here ?
|
||||
if (!empty($errors)) {
|
||||
setEventMessages(null, $errors, 'errors');
|
||||
} else {
|
||||
|
|
|
|||
|
|
@ -27,7 +27,7 @@
|
|||
* \brief Page to show portoflio and files of a thirdparty and download it
|
||||
*/
|
||||
|
||||
if ((array_key_exists('action', $_GET) && $_GET['action'] == 'dl') || (array_key_exists('action', $_POST) && $_POST['action'] == 'dl')) { // To not replace token when downloading file
|
||||
if ((array_key_exists('action', $_GET) && $_GET['action'] == 'dl') || (array_key_exists('action', $_POST) && $_POST['action'] == 'dl')) { // To not replace token when downloading file. Keep $_GET and $_POST here
|
||||
if (!defined('NOTOKENRENEWAL')) {
|
||||
define('NOTOKENRENEWAL', '1');
|
||||
}
|
||||
|
|
|
|||
|
|
@ -69,7 +69,7 @@ $extrafields->fetch_name_optionals_label($object->table_element);
|
|||
$hookmanager->initHooks(array('bankcard', 'globalcard'));
|
||||
|
||||
// Security check
|
||||
$id = GETPOSTINT("id") ? GETPOSTINT("id") : GETPOSTINT('ref');
|
||||
$id = GETPOSTINT("id") ? GETPOSTINT("id") : GETPOST('ref');
|
||||
$fieldid = GETPOSTINT("id") ? 'rowid' : 'ref';
|
||||
|
||||
if (GETPOSTINT("id") || GETPOST("ref")) {
|
||||
|
|
@ -319,11 +319,11 @@ if (empty($reshook)) {
|
|||
$categories = GETPOST('categories', 'array');
|
||||
$object->setCategories($categories);
|
||||
|
||||
$_GET["id"] = GETPOSTINT("id"); // Force chargement page en mode visu
|
||||
$id = GETPOSTINT("id"); // Force load of this page
|
||||
} else {
|
||||
$error++;
|
||||
setEventMessages($object->error, $object->errors, 'errors');
|
||||
$action = 'edit'; // Force chargement page edition
|
||||
$action = 'edit'; // Force load of page in edit mode
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -85,7 +85,7 @@ if (GETPOST("account") || GETPOST("ref")) {
|
|||
}
|
||||
if (GETPOST("ref")) {
|
||||
$result = $object->fetch(0, GETPOST("ref"));
|
||||
$_GET["account"] = $object->id;
|
||||
$id = $object->id;
|
||||
}
|
||||
|
||||
$title = $object->ref.' - '.$langs->trans("PlannedTransactions");
|
||||
|
|
|
|||
|
|
@ -66,7 +66,7 @@ if (!$sortorder) {
|
|||
$contextpage = GETPOST('contextpage', 'aZ') ? GETPOST('contextpage', 'aZ') : 'thirdpartylist';
|
||||
|
||||
if ($contextpage == 'takepos') {
|
||||
$_GET['optioncss'] = 'print';
|
||||
$optioncss = 'print';
|
||||
}
|
||||
|
||||
$arrayofpaymentmode = array('cash' => 'Cash', 'cheque' => 'Cheque', 'card' => 'CreditCard');
|
||||
|
|
|
|||
|
|
@ -37,7 +37,7 @@ if (!defined('NOBROWSERNOTIF')) {
|
|||
define('NOBROWSERNOTIF', '1'); // Disable browser notification
|
||||
}
|
||||
|
||||
$_GET['optioncss'] = "print";
|
||||
$optioncss = "print";
|
||||
|
||||
// Load Dolibarr environment
|
||||
require '../../main.inc.php';
|
||||
|
|
|
|||
|
|
@ -151,16 +151,16 @@ if ($resql) {
|
|||
print '<tr class="liste_titre">';
|
||||
|
||||
print '<td class="liste_titre left">';
|
||||
print '<input class="flat" type="text" name="search_nom" value="'.$_GET["search_nom"].'"></td>';
|
||||
print '<input class="flat" type="text" name="search_nom" value="'.GETPOST("search_nom").'"></td>';
|
||||
|
||||
print '<td class="liste_titre"> </td>';
|
||||
|
||||
print '<td class="liste_titre left">';
|
||||
print '<input class="flat" type="text" size="10" name="search_code_client" value="'.$_GET["search_code_client"].'">';
|
||||
print '<input class="flat" type="text" size="10" name="search_code_client" value="'.GETPOST("search_code_client").'">';
|
||||
print '</td>';
|
||||
|
||||
print '<td class="liste_titre left">';
|
||||
print '<input class="flat" type="text" size="10" name="search_compta" value="'.$_GET["search_compta"].'">';
|
||||
print '<input class="flat" type="text" size="10" name="search_compta" value="'.GETPOST("search_compta").'">';
|
||||
print '</td>';
|
||||
|
||||
print '<td colspan="2" class="liste_titre right">';
|
||||
|
|
|
|||
|
|
@ -2080,8 +2080,8 @@ if (empty($reshook)) {
|
|||
} else {
|
||||
$db->rollback();
|
||||
$action = 'create';
|
||||
$_GET["origin"] = $_POST["origin"];
|
||||
$_GET["originid"] = $_POST["originid"];
|
||||
$_GET["origin"] = $_POST["origin"]; // Keep GET and POST here ?
|
||||
$_GET["originid"] = $_POST["originid"]; // Keep GET and POST here ?
|
||||
setEventMessages($object->error, $object->errors, 'errors');
|
||||
}
|
||||
} elseif ($action == 'addline' && GETPOST('submitforalllines', 'alpha') && GETPOST('vatforalllines', 'alpha') !== '') {
|
||||
|
|
|
|||
|
|
@ -87,7 +87,7 @@ if ($action == 'add' && !$cancel) {
|
|||
} else {
|
||||
$db->rollback();
|
||||
setEventMessages($object->error, $object->errors, 'errors');
|
||||
$_GET["action"] = "create";
|
||||
$action = "create";
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -245,7 +245,7 @@ print '<div class="tabsAction">';
|
|||
/*
|
||||
if (!empty($conf->global->BILL_ADD_PAYMENT_VALIDATION))
|
||||
{
|
||||
if ($user->socid == 0 && $object->statut == 0 && $_GET['action'] == '')
|
||||
if ($user->socid == 0 && $object->statut == 0 && $action == '')
|
||||
{
|
||||
if ($user->hasRight('facture', 'paiement')){
|
||||
print '<a class="butAction" href="card.php?id='.GETPOST('id', 'int').'&facid='.$objp->facid.'&action=valide">'.$langs->trans('Valid').'</a>';
|
||||
|
|
|
|||
|
|
@ -150,17 +150,6 @@ if ($action == 'delete') {
|
|||
print $form->formconfirm('card.php?id='.$object->id, $langs->trans("DeletePayment"), $langs->trans("ConfirmDeletePayment"), 'confirm_delete', '', 0, 2);
|
||||
}
|
||||
|
||||
/*
|
||||
* Validation confirmation of payment
|
||||
*/
|
||||
/*
|
||||
if ($action == 'valide')
|
||||
{
|
||||
$facid = $_GET['facid'];
|
||||
print $form->formconfirm('card.php?id='.$object->id.'&facid='.$facid, $langs->trans("ValidatePayment"), $langs->trans("ConfirmValidatePayment"), 'confirm_valide','',0,2);
|
||||
|
||||
}
|
||||
*/
|
||||
|
||||
|
||||
$linkback = '<a href="'.DOL_URL_ROOT.'/compta/tva/payments.php">'.$langs->trans("BackToList").'</a>';
|
||||
|
|
@ -283,18 +272,6 @@ if ($resql) {
|
|||
*/
|
||||
print '<div class="tabsAction">';
|
||||
|
||||
/*
|
||||
if (!empty($conf->global->BILL_ADD_PAYMENT_VALIDATION))
|
||||
{
|
||||
if ($user->socid == 0 && $object->statut == 0 && $_GET['action'] == '')
|
||||
{
|
||||
if ($user->hasRight('facture', 'paiement')) {
|
||||
print '<a class="butAction" href="card.php?id='.GETPOST('id', 'int').'&facid='.$objp->facid.'&action=valide">'.$langs->trans('Valid').'</a>';
|
||||
}
|
||||
}
|
||||
}
|
||||
*/
|
||||
|
||||
if ($action == '') {
|
||||
if ($user->hasRight('tax', 'charges', 'supprimer')) {
|
||||
if (!$disable_delete) {
|
||||
|
|
|
|||
|
|
@ -57,7 +57,7 @@ $contextpage = GETPOST('contextpage', 'aZ') ? GETPOST('contextpage', 'aZ') : 'co
|
|||
$mode = GETPOST('mode', 'alpha');
|
||||
|
||||
if ($contextpage == 'poslist') {
|
||||
$_GET['optioncss'] = 'print';
|
||||
$optioncss = 'print';
|
||||
}
|
||||
|
||||
// Security check
|
||||
|
|
|
|||
|
|
@ -707,7 +707,7 @@ if (empty($reshook)) {
|
|||
if (!empty($date_start_update) && !empty($date_end_update) && $date_start_update > $date_end_update) {
|
||||
setEventMessages($langs->trans("Error").': '.$langs->trans("DateStartPlanned").' > '.$langs->trans("DateEndPlanned"), null, 'errors');
|
||||
$action = 'editline';
|
||||
$_GET['rowid'] = GETPOST('elrowid');
|
||||
$_GET['rowid'] = GETPOST('elrowid'); // Keep $_GET here. Used by GETPOST('rowid') later
|
||||
$error++;
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -47,7 +47,6 @@ $ref = GETPOST('ref', 'alpha');
|
|||
|
||||
// Security check
|
||||
if ($user->socid > 0) {
|
||||
unset($_GET["action"]);
|
||||
$action = '';
|
||||
$socid = $user->socid;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -119,7 +119,7 @@ if (GETPOST('sendit', 'alpha') && getDolGlobalString('MAIN_UPLOAD_DOC') && !empt
|
|||
|
||||
// Delete file/link
|
||||
if ($action == 'confirm_deletefile' && $confirm == 'yes' && !empty($permissiontoadd)) {
|
||||
$urlfile = GETPOST('urlfile', 'alpha', 0, null, null, 1); // Do not use urldecode here ($_GET and $_REQUEST are already decoded by PHP).
|
||||
$urlfile = GETPOST('urlfile', 'alpha', 0, null, null, 1);
|
||||
if (GETPOST('section', 'alpha')) {
|
||||
// For a delete from the ECM module, upload_dir is ECM root dir and urlfile contains relative path from upload_dir
|
||||
$file = $upload_dir.(preg_match('/\/$/', $upload_dir) ? '' : '/').$urlfile;
|
||||
|
|
|
|||
|
|
@ -35,8 +35,8 @@ if (!defined('NOREQUIRESOC')) {
|
|||
if (!defined('NOREQUIREMENU')) {
|
||||
define('NOREQUIREMENU', '1');
|
||||
}
|
||||
// If there is no need to load and show top and left menu
|
||||
if (!empty($_GET['public'])) { // GETPOST() is not yet defined so we use $_GET
|
||||
// If we need access without being logged.
|
||||
if (!empty($_GET['public'])) { // Keep $_GET here. GETPOST() is not yet defined so we use $_GET
|
||||
if (!defined("NOLOGIN")) {
|
||||
define("NOLOGIN", '1');
|
||||
}
|
||||
|
|
|
|||
|
|
@ -74,8 +74,6 @@ if (!empty($conf->$module->dir_temp)) {
|
|||
|
||||
top_httphead();
|
||||
|
||||
dol_syslog(implode(',', $_GET));
|
||||
|
||||
$result = false;
|
||||
|
||||
if (!empty($upload_dir)) {
|
||||
|
|
|
|||
|
|
@ -63,8 +63,7 @@ top_httphead();
|
|||
|
||||
//print '<!-- Ajax page called with url '.dol_escape_htmltag($_SERVER["PHP_SELF"]).'?'.dol_escape_htmltag($_SERVER["QUERY_STRING"]).' -->'."\n";
|
||||
|
||||
dol_syslog('location_incoterms call with MAIN_USE_LOCATION_INCOTERMS_DICTIONNARY='.(!getDolGlobalString('MAIN_USE_LOCATION_INCOTERMS_DICTIONNARY') ? '' : $conf->global->MAIN_USE_LOCATION_INCOTERMS_DICTIONNARY));
|
||||
//var_dump($_GET);
|
||||
dol_syslog('location_incoterms call with MAIN_USE_LOCATION_INCOTERMS_DICTIONNARY='.getDolGlobalString('MAIN_USE_LOCATION_INCOTERMS_DICTIONNARY', ''));
|
||||
|
||||
// Generation of list of zip-town
|
||||
if (GETPOST('location_incoterms')) {
|
||||
|
|
|
|||
|
|
@ -48,7 +48,7 @@ if (!defined('NOIPCHECK')) {
|
|||
if (!defined('NOBROWSERNOTIF')) {
|
||||
define('NOBROWSERNOTIF', '1');
|
||||
}
|
||||
$entity = (!empty($_GET['entity']) ? (int) $_GET['entity'] : (!empty($_POST['entity']) ? (int) $_POST['entity'] : 1));
|
||||
$entity = (!empty($_GET['entity']) ? (int) $_GET['entity'] : (!empty($_POST['entity']) ? (int) $_POST['entity'] : 1)); // Keep $_GET and $_POST here. GETPOST not yet defined.
|
||||
if (is_numeric($entity)) {
|
||||
define("DOLENTITY", $entity);
|
||||
}
|
||||
|
|
|
|||
|
|
@ -149,7 +149,6 @@ $form = new Form($db);
|
|||
top_httphead($outjson ? 'application/json' : 'text/html');
|
||||
|
||||
//print '<!-- Ajax page called with url '.dol_escape_htmltag($_SERVER["PHP_SELF"]).'?'.dol_escape_htmltag($_SERVER["QUERY_STRING"]).' -->'."\n";
|
||||
//print_r($_GET);
|
||||
|
||||
$arrayresult = $form->selectForFormsList($objecttmp, $htmlname, '', 0, $searchkey, '', '', '', 0, 1, 0, '', $filter);
|
||||
|
||||
|
|
|
|||
|
|
@ -57,7 +57,6 @@ if (!getDolGlobalString('MAIN_USE_ZIPTOWN_DICTIONNARY')) {
|
|||
//print '<!-- Ajax page called with url '.dol_escape_htmltag($_SERVER["PHP_SELF"]).'?'.dol_escape_htmltag($_SERVER["QUERY_STRING"]).' -->'."\n";
|
||||
|
||||
dol_syslog('ziptown call with MAIN_USE_ZIPTOWN_DICTIONNARY='.getDolGlobalString('MAIN_USE_ZIPTOWN_DICTIONNARY'));
|
||||
//var_dump($_GET);
|
||||
|
||||
// Generation of list of zip-town
|
||||
if (GETPOST('zipcode') || GETPOST('town')) {
|
||||
|
|
|
|||
|
|
@ -432,26 +432,24 @@ class SimpleOpenID
|
|||
}
|
||||
}
|
||||
|
||||
// phpcs:disable PEAR.NamingConventions.ValidFunctionName.ScopeNotCamelCaps
|
||||
/**
|
||||
* ValidateWithServer
|
||||
* validateWithServer
|
||||
*
|
||||
* @return boolean
|
||||
*/
|
||||
public function ValidateWithServer()
|
||||
public function validateWithServer()
|
||||
{
|
||||
// phpcs:enable
|
||||
$params = array(
|
||||
'openid.assoc_handle' => urlencode($_GET['openid_assoc_handle']),
|
||||
'openid.signed' => urlencode($_GET['openid_signed']),
|
||||
'openid.sig' => urlencode($_GET['openid_sig'])
|
||||
'openid.assoc_handle' => urlencode(GETPOST('openid_assoc_handle')),
|
||||
'openid.signed' => urlencode(GETPOST('openid_signed')),
|
||||
'openid.sig' => urlencode(GETPOST('openid_sig'))
|
||||
);
|
||||
// Send only required parameters to confirm validity
|
||||
$arr_signed = explode(",", str_replace('sreg.', 'sreg_', $_GET['openid_signed']));
|
||||
$arr_signed = explode(",", str_replace('sreg.', 'sreg_', GETPOST('openid_signed')));
|
||||
$num = count($arr_signed);
|
||||
for ($i = 0; $i < $num; $i++) {
|
||||
$s = str_replace('sreg_', 'sreg.', $arr_signed[$i]);
|
||||
$c = $_GET['openid_'.$arr_signed[$i]];
|
||||
$c = GETPOST('openid_'.$arr_signed[$i]);
|
||||
// if ($c != ""){
|
||||
$params['openid.'.$s] = urlencode($c);
|
||||
// }
|
||||
|
|
|
|||
|
|
@ -108,10 +108,10 @@ print '<body>'."\n";
|
|||
|
||||
$qualified = true;
|
||||
|
||||
// TODO Replace with GETPOST
|
||||
if (!isset($_GET["sd"])) {
|
||||
$_GET["sd"] = "00000000";
|
||||
}
|
||||
|
||||
if (!isset($_GET["m"]) || !isset($_GET["y"])) {
|
||||
$qualified = false;
|
||||
}
|
||||
|
|
@ -126,7 +126,6 @@ if (isset($_GET["m"]) && isset($_GET["y"])) {
|
|||
|
||||
// If parameters provided, we show calendar
|
||||
if ($qualified) {
|
||||
//print $_GET["cm"].",".$_GET["sd"].",".$_GET["m"].",".$_GET["y"];exit;
|
||||
displayBox(GETPOSTINT("sd"), GETPOSTINT("m"), GETPOSTINT("y"));
|
||||
} else {
|
||||
dol_print_error(null, 'ErrorBadParameters');
|
||||
|
|
|
|||
|
|
@ -243,14 +243,11 @@ function GetFoldersAndFiles($resourceType, $currentFolder)
|
|||
*/
|
||||
function CreateFolder($resourceType, $currentFolder)
|
||||
{
|
||||
if (!isset($_GET)) {
|
||||
global $_GET;
|
||||
}
|
||||
$sErrorNumber = '0';
|
||||
$sErrorMsg = '';
|
||||
|
||||
if (isset($_GET['NewFolderName'])) {
|
||||
$sNewFolderName = $_GET['NewFolderName'];
|
||||
$sNewFolderName = GETPOST('NewFolderName');
|
||||
$sNewFolderName = SanitizeFolderName($sNewFolderName);
|
||||
|
||||
if (strpos($sNewFolderName, '..') !== false) {
|
||||
|
|
@ -741,9 +738,6 @@ function IsAllowedCommand($sCommand)
|
|||
*/
|
||||
function GetCurrentFolder()
|
||||
{
|
||||
if (!isset($_GET)) {
|
||||
global $_GET;
|
||||
}
|
||||
$sCurrentFolder = isset($_GET['CurrentFolder']) ? GETPOST('CurrentFolder', '', 1) : '/';
|
||||
|
||||
// Check the current folder syntax (must begin and start with a slash).
|
||||
|
|
|
|||
|
|
@ -40,16 +40,13 @@ DoResponse();
|
|||
*/
|
||||
function DoResponse()
|
||||
{
|
||||
if (!isset($_GET)) {
|
||||
global $_GET;
|
||||
}
|
||||
if (!isset($_GET['Command']) || !isset($_GET['Type']) || !isset($_GET['CurrentFolder'])) {
|
||||
return;
|
||||
}
|
||||
|
||||
// Get the main request information.
|
||||
$sCommand = $_GET['Command'];
|
||||
$sResourceType = $_GET['Type'];
|
||||
$sCommand = GETPOST('Command');
|
||||
$sResourceType = GETPOST('Type');
|
||||
$sCurrentFolder = GetCurrentFolder();
|
||||
|
||||
// Check if it is an allowed command
|
||||
|
|
|
|||
|
|
@ -2036,7 +2036,7 @@ function dol_syslog($message, $level = LOG_INFO, $ident = 0, $suffixinfilename =
|
|||
|
||||
//TODO: Remove this. MAIN_ENABLE_LOG_INLINE_HTML should be deprecated and use a log handler dedicated to HTML output
|
||||
// If html log tag enabled and url parameter log defined, we show output log on HTML comments
|
||||
if (getDolGlobalString('MAIN_ENABLE_LOG_INLINE_HTML') && !empty($_GET["log"])) {
|
||||
if (getDolGlobalString('MAIN_ENABLE_LOG_INLINE_HTML') && GETPOSTINT("log")) {
|
||||
print "\n\n<!-- Log start\n";
|
||||
print dol_escape_htmltag($message)."\n";
|
||||
print "Log end -->\n";
|
||||
|
|
|
|||
|
|
@ -39,7 +39,7 @@ include_once DOL_DOCUMENT_ROOT.'/core/class/openid.class.php';
|
|||
*/
|
||||
function check_user_password_openid($usertotest, $passwordtotest, $entitytotest)
|
||||
{
|
||||
global $db, $conf, $langs;
|
||||
global $db, $conf;
|
||||
|
||||
dol_syslog("functions_openid::check_user_password_openid usertotest=".$usertotest);
|
||||
|
||||
|
|
@ -62,11 +62,11 @@ function check_user_password_openid($usertotest, $passwordtotest, $entitytotest)
|
|||
return false;
|
||||
}
|
||||
return false;
|
||||
} elseif ($_GET['openid_mode'] == 'id_res') {
|
||||
} elseif (GETPOST('openid_mode') == 'id_res') {
|
||||
// Perform HTTP Request to OpenID server to validate key
|
||||
$openid = new SimpleOpenID();
|
||||
$openid->SetIdentity(GETPOST('openid_identity'));
|
||||
$openid_validation_result = $openid->ValidateWithServer();
|
||||
$openid_validation_result = $openid->validateWithServer();
|
||||
if ($openid_validation_result === true) {
|
||||
// OK HERE KEY IS VALID
|
||||
|
||||
|
|
@ -93,7 +93,7 @@ function check_user_password_openid($usertotest, $passwordtotest, $entitytotest)
|
|||
//echo "INVALID AUTHORIZATION";
|
||||
return false;
|
||||
}
|
||||
} elseif ($_GET['openid_mode'] == 'cancel') {
|
||||
} elseif (GETPOST('openid_mode') == 'cancel') {
|
||||
// User Canceled your Request
|
||||
//echo "USER CANCELED REQUEST";
|
||||
return false;
|
||||
|
|
|
|||
|
|
@ -135,7 +135,6 @@ class modPhpbarcode extends ModeleBarCode
|
|||
*/
|
||||
public function buildBarCode($code, $encoding, $readable = 'Y', $scale = 1, $nooutputiferror = 0)
|
||||
{
|
||||
global $_GET, $_SERVER;
|
||||
global $conf;
|
||||
global $genbarcode_loc, $bar_color, $bg_color, $text_color, $font_loc;
|
||||
|
||||
|
|
|
|||
|
|
@ -106,8 +106,6 @@ class modTcpdfbarcode extends ModeleBarCode
|
|||
*/
|
||||
public function buildBarCode($code, $encoding, $readable = 'Y', $scale = 1, $nooutputiferror = 0)
|
||||
{
|
||||
global $_GET;
|
||||
|
||||
$tcpdfEncoding = $this->getTcpdfEncodingType($encoding);
|
||||
if (empty($tcpdfEncoding)) {
|
||||
return -1;
|
||||
|
|
|
|||
|
|
@ -404,7 +404,7 @@ if ($action == 'confirm_resize' && GETPOSTISSET("file") && GETPOSTISSET("sizex")
|
|||
}
|
||||
} else {
|
||||
setEventMessages($result, null, 'errors');
|
||||
$_GET['file'] = $_POST["file"];
|
||||
//$_GET['file'] = $_POST["file"];
|
||||
$action = '';
|
||||
}
|
||||
}
|
||||
|
|
@ -467,7 +467,7 @@ if ($action == 'confirm_crop') {
|
|||
}
|
||||
} else {
|
||||
setEventMessages($result, null, 'errors');
|
||||
$_GET['file'] = $_POST["file"];
|
||||
//$_GET['file'] = $_POST["file"];
|
||||
$action = '';
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -62,7 +62,7 @@ if (!isset($section)) {
|
|||
// Confirm remove file (for non javascript users)
|
||||
if (($action == 'delete' || $action == 'file_manager_delete') && empty($conf->use_javascript_ajax)) {
|
||||
// TODO Add website, pageid, filemanager if defined
|
||||
print $form->formconfirm($_SERVER["PHP_SELF"].'?section='.$section.'&urlfile='.urlencode($_GET["urlfile"]), $langs->trans('DeleteFile'), $langs->trans('ConfirmDeleteFile'), 'confirm_deletefile', '', '', 1);
|
||||
print $form->formconfirm($_SERVER["PHP_SELF"].'?section='.$section.'&urlfile='.urlencode(GETPOST("urlfile")), $langs->trans('DeleteFile'), $langs->trans('ConfirmDeleteFile'), 'confirm_deletefile', '', '', 1);
|
||||
}
|
||||
|
||||
// Start container of all panels
|
||||
|
|
|
|||
|
|
@ -139,7 +139,7 @@ if (GETPOST("sendit") && getDolGlobalString('MAIN_UPLOAD_DOC') && $permissiontou
|
|||
// Remove file
|
||||
if ($action == 'confirm_deletefile' && $confirm == 'yes' && $permissiontoupload) {
|
||||
$langs->load("other");
|
||||
$file = $upload_dir."/".GETPOST('urlfile'); // Do not use urldecode here ($_GET and $_REQUEST are already decoded by PHP).
|
||||
$file = $upload_dir."/".GETPOST('urlfile'); // Do not use urldecode here
|
||||
$ret = dol_delete_file($file);
|
||||
if ($ret) {
|
||||
setEventMessages($langs->trans("FileWasRemoved", GETPOST('urlfile')), null, 'mesgs');
|
||||
|
|
|
|||
|
|
@ -137,7 +137,7 @@ if ($action == 'confirm_deletefile') {
|
|||
$relativepath = '';
|
||||
}
|
||||
$upload_dir = $conf->ecm->dir_output.($relativepath ? '/'.$relativepath : '');
|
||||
$file = $upload_dir."/".GETPOST('urlfile'); // Do not use urldecode here ($_GET and $_POST are already decoded by PHP).
|
||||
$file = $upload_dir."/".GETPOST('urlfile');
|
||||
|
||||
$ret = dol_delete_file($file);
|
||||
if ($ret) {
|
||||
|
|
@ -417,7 +417,7 @@ print dol_get_fiche_head($head, 'index_auto', '', -1, '');
|
|||
|
||||
// Confirm remove file (for non javascript users)
|
||||
if ($action == 'deletefile' && empty($conf->use_javascript_ajax)) {
|
||||
print $form->formconfirm($_SERVER["PHP_SELF"].'?section='.$section.'&urlfile='.urlencode($_GET["urlfile"]), $langs->trans('DeleteFile'), $langs->trans('ConfirmDeleteFile'), 'confirm_deletefile', '', '', 1);
|
||||
print $form->formconfirm($_SERVER["PHP_SELF"].'?section='.$section.'&urlfile='.urlencode(GETPOST("urlfile")), $langs->trans('DeleteFile'), $langs->trans('ConfirmDeleteFile'), 'confirm_deletefile', '', '', 1);
|
||||
}
|
||||
|
||||
// Start container of all panels
|
||||
|
|
|
|||
|
|
@ -444,7 +444,7 @@ if (empty($reshook)) {
|
|||
exit;
|
||||
} else {
|
||||
$db->rollback();
|
||||
$_GET["commande_id"] = GETPOSTINT('commande_id');
|
||||
//$_GET["commande_id"] = GETPOSTINT('commande_id');
|
||||
$action = 'create';
|
||||
}
|
||||
} elseif ($action == 'create_delivery' && getDolGlobalInt('MAIN_SUBMODULE_DELIVERY') && $user->hasRight('expedition', 'delivery', 'creer')) {
|
||||
|
|
|
|||
Loading…
Reference in New Issue
Block a user