| GET and POST support | ';
-if (!isset($_GET["testget"]) && !isset($_POST["testpost"]) && !isset($_GET["mainmenu"])) { // We must keep $_GET and $_POST here
+if (!isset($_GET["testget"]) && !isset($_POST["testpost"]) && !isset($_GET["mainmenu"])) { // We must keep $_GET and $_POST here. This is a specific test.
print ' '.$langs->trans("PHPSupportPOSTGETKo");
print ' ('.$langs->trans("Recheck").')';
} else {
diff --git a/htdocs/admin/tools/dolibarr_import.php b/htdocs/admin/tools/dolibarr_import.php
index 7fd6a95a4c9..8313c5f1c0f 100644
--- a/htdocs/admin/tools/dolibarr_import.php
+++ b/htdocs/admin/tools/dolibarr_import.php
@@ -166,7 +166,7 @@ if (in_array($type, array('mysql', 'mysqli'))) {
print '
';
print ajax_autoselect('restorecommand');
- if (empty($_GET["showpass"]) && $dolibarr_main_db_pass) {
+ if (!GETPOST("showpass") && $dolibarr_main_db_pass) {
print '
'.$langs->trans("UnHidePassword").'';
}
//else print '
'.$langs->trans("HidePassword").'';
@@ -205,8 +205,6 @@ if (in_array($type, array('mysql', 'mysqli'))) {
print '
';
print '
';
print ajax_autoselect('restorecommand');
- //if (empty($_GET["showpass"]) && $dolibarr_main_db_pass) print '
'.$langs->trans("UnHidePassword").'';
- //else print '
'.$langs->trans("HidePassword").'';
print '';
print '
';
diff --git a/htdocs/admin/website.php b/htdocs/admin/website.php
index b517491d14c..82d578686fc 100644
--- a/htdocs/admin/website.php
+++ b/htdocs/admin/website.php
@@ -300,11 +300,6 @@ if (GETPOST('actionadd', 'alpha') || GETPOST('actionmodify', 'alpha')) {
$db->rollback();
}
}
- //$_GET["id"]=GETPOST('id', 'int'); // Force affichage dictionnaire en cours d'edition
-}
-
-if (GETPOST('actioncancel', 'alpha')) {
- //$_GET["id"]=GETPOST('id', 'int'); // Force affichage dictionnaire en cours d'edition
}
if ($action == 'confirm_delete' && $confirm == 'yes') { // delete
diff --git a/htdocs/api/class/api_access.class.php b/htdocs/api/class/api_access.class.php
index 8e4bdb0db9f..61f664d8562 100644
--- a/htdocs/api/class/api_access.class.php
+++ b/htdocs/api/class/api_access.class.php
@@ -106,7 +106,7 @@ class DolibarrApiAccess implements iAuthenticate
// api key can be provided in url with parameter api_key=xxx or ni header with header DOLAPIKEY:xxx
$api_key = '';
- if (isset($_GET['api_key'])) { // For backward compatibility
+ if (isset($_GET['api_key'])) { // For backward compatibility. Keep $_GET here.
// TODO Add option to disable use of api key on url. Return errors if used.
$api_key = $_GET['api_key'];
}
diff --git a/htdocs/bookmarks/bookmarks.lib.php b/htdocs/bookmarks/bookmarks.lib.php
index 711e4fa5a49..edd6988d38b 100644
--- a/htdocs/bookmarks/bookmarks.lib.php
+++ b/htdocs/bookmarks/bookmarks.lib.php
@@ -29,7 +29,7 @@
*/
function printDropdownBookmarksList()
{
- global $conf, $user, $db, $langs, $sortfield, $sortorder;
+ global $user, $db, $langs, $sortfield, $sortorder;
require_once DOL_DOCUMENT_ROOT.'/bookmarks/class/bookmark.class.php';
require_once DOL_DOCUMENT_ROOT.'/core/lib/functions.lib.php';
@@ -40,7 +40,7 @@ function printDropdownBookmarksList()
$url = $_SERVER["PHP_SELF"];
$url_param = array();
if (!empty($_SERVER["QUERY_STRING"])) {
- if (is_array($_GET)) {
+ if (is_array($_GET)) { // Parse the original GET URL. So we must keep $_GET here.
foreach ($_GET as $key => $val) {
if (is_array($val)) {
foreach ($val as $tmpsubval) {
diff --git a/htdocs/categories/photos.php b/htdocs/categories/photos.php
index bd40d078fa1..f44052afbd8 100644
--- a/htdocs/categories/photos.php
+++ b/htdocs/categories/photos.php
@@ -95,12 +95,12 @@ if (empty($reshook)) {
}
}
- if ($action == 'confirm_delete' && $_GET["file"] && $confirm == 'yes' && $user->hasRight('categorie', 'creer')) {
- $object->delete_photo($upload_dir."/".$_GET["file"]);
+ if ($action == 'confirm_delete' && GETPOST("file") && $confirm == 'yes' && $user->hasRight('categorie', 'creer')) {
+ $object->delete_photo($upload_dir."/".GETPOST("file"));
}
- if ($action == 'addthumb' && $_GET["file"]) {
- $object->addThumbs($upload_dir."/".$_GET["file"]);
+ if ($action == 'addthumb' && GETPOST("file")) {
+ $object->addThumbs($upload_dir."/".GETPOST("file"));
}
}
@@ -133,10 +133,10 @@ if ($object->id) {
dol_banner_tab($object, 'label', $linkback, ($user->socid ? 0 : 1), 'label', 'label', $morehtmlref, '&type='.$type, 0, '', '', 1);
/*
- * Confirmation de la suppression de photo
- */
+ * Confirmation deletion of picture
+ */
if ($action == 'delete') {
- print $form->formconfirm($_SERVER["PHP_SELF"].'?id='.$object->id.'&type='.$type.'&file='.$_GET["file"], $langs->trans('DeletePicture'), $langs->trans('ConfirmDeletePicture'), 'confirm_delete', '', 0, 1);
+ print $form->formconfirm($_SERVER["PHP_SELF"].'?id='.$object->id.'&type='.urlencode($type).'&file='.urlencode(GETPOST("file")), $langs->trans('DeletePicture'), $langs->trans('ConfirmDeletePicture'), 'confirm_delete', '', 0, 1);
}
print '
';
diff --git a/htdocs/comm/action/document.php b/htdocs/comm/action/document.php
index ccda6ff5be1..fb8c8dd2417 100644
--- a/htdocs/comm/action/document.php
+++ b/htdocs/comm/action/document.php
@@ -52,7 +52,6 @@ if ($user->socid) {
$socid = $user->socid;
}
if ($user->socid > 0) {
- unset($_GET["action"]);
$action = '';
}
diff --git a/htdocs/comm/mailing/card.php b/htdocs/comm/mailing/card.php
index 8a876bda03c..a3d84f89d64 100644
--- a/htdocs/comm/mailing/card.php
+++ b/htdocs/comm/mailing/card.php
@@ -972,7 +972,7 @@ if ($action == 'create') {
if (getDolGlobalString('MAILING_SMTP_SETUP_EMAILS_FOR_QUESTIONS')) {
setEventMessages($langs->trans("MailSendSetupIs3", getDolGlobalString('MAILING_SMTP_SETUP_EMAILS_FOR_QUESTIONS')), null, 'warnings');
}
- $_GET["action"] = '';
+ $action = '';
} elseif (getDolGlobalInt('MAILING_LIMIT_SENDBYWEB') < 0) {
if (getDolGlobalString('MAILING_LIMIT_WARNING_PHPMAIL') && $sendingmode == 'mail') {
setEventMessages($langs->transnoentitiesnoconv($conf->global->MAILING_LIMIT_WARNING_PHPMAIL), null, 'warnings');
@@ -987,7 +987,7 @@ if ($action == 'create') {
if ($conf->file->mailing_limit_sendbyweb != '-1') { // MAILING_LIMIT_SENDBYWEB was set to -1 in database, but it is allowed to increase it.
setEventMessages($langs->trans("MailingNeedCommand2"), null, 'warnings'); // You can send online with constant...
}
- $_GET["action"] = '';
+ $action = '';
} else {
if (getDolGlobalString('MAILING_LIMIT_WARNING_PHPMAIL') && $sendingmode == 'mail') {
setEventMessages($langs->transnoentitiesnoconv($conf->global->MAILING_LIMIT_WARNING_PHPMAIL), null, 'warnings');
diff --git a/htdocs/commande/list.php b/htdocs/commande/list.php
index ac6213ed0b7..6b32e42a81e 100644
--- a/htdocs/commande/list.php
+++ b/htdocs/commande/list.php
@@ -682,8 +682,8 @@ if (empty($reshook)) {
$db->rollback();
$action = 'create';
- $_GET["origin"] = $_POST["origin"];
- $_GET["originid"] = $_POST["originid"];
+ $_GET["origin"] = $_POST["origin"]; // Keep GET and POST here ?
+ $_GET["originid"] = $_POST["originid"]; // Keep GET and POST here ?
if (!empty($errors)) {
setEventMessages(null, $errors, 'errors');
} else {
diff --git a/htdocs/compta/accounting-files.php b/htdocs/compta/accounting-files.php
index 36b12bf6b36..e20eeed6436 100644
--- a/htdocs/compta/accounting-files.php
+++ b/htdocs/compta/accounting-files.php
@@ -27,7 +27,7 @@
* \brief Page to show portoflio and files of a thirdparty and download it
*/
-if ((array_key_exists('action', $_GET) && $_GET['action'] == 'dl') || (array_key_exists('action', $_POST) && $_POST['action'] == 'dl')) { // To not replace token when downloading file
+if ((array_key_exists('action', $_GET) && $_GET['action'] == 'dl') || (array_key_exists('action', $_POST) && $_POST['action'] == 'dl')) { // To not replace token when downloading file. Keep $_GET and $_POST here
if (!defined('NOTOKENRENEWAL')) {
define('NOTOKENRENEWAL', '1');
}
diff --git a/htdocs/compta/bank/card.php b/htdocs/compta/bank/card.php
index 25b52d8fc1c..60f34320312 100644
--- a/htdocs/compta/bank/card.php
+++ b/htdocs/compta/bank/card.php
@@ -69,7 +69,7 @@ $extrafields->fetch_name_optionals_label($object->table_element);
$hookmanager->initHooks(array('bankcard', 'globalcard'));
// Security check
-$id = GETPOSTINT("id") ? GETPOSTINT("id") : GETPOSTINT('ref');
+$id = GETPOSTINT("id") ? GETPOSTINT("id") : GETPOST('ref');
$fieldid = GETPOSTINT("id") ? 'rowid' : 'ref';
if (GETPOSTINT("id") || GETPOST("ref")) {
@@ -319,11 +319,11 @@ if (empty($reshook)) {
$categories = GETPOST('categories', 'array');
$object->setCategories($categories);
- $_GET["id"] = GETPOSTINT("id"); // Force chargement page en mode visu
+ $id = GETPOSTINT("id"); // Force load of this page
} else {
$error++;
setEventMessages($object->error, $object->errors, 'errors');
- $action = 'edit'; // Force chargement page edition
+ $action = 'edit'; // Force load of page in edit mode
}
}
diff --git a/htdocs/compta/bank/treso.php b/htdocs/compta/bank/treso.php
index ef683b833af..c43d85e1f60 100644
--- a/htdocs/compta/bank/treso.php
+++ b/htdocs/compta/bank/treso.php
@@ -85,7 +85,7 @@ if (GETPOST("account") || GETPOST("ref")) {
}
if (GETPOST("ref")) {
$result = $object->fetch(0, GETPOST("ref"));
- $_GET["account"] = $object->id;
+ $id = $object->id;
}
$title = $object->ref.' - '.$langs->trans("PlannedTransactions");
diff --git a/htdocs/compta/cashcontrol/cashcontrol_card.php b/htdocs/compta/cashcontrol/cashcontrol_card.php
index 74cce92938d..b16ed740d01 100644
--- a/htdocs/compta/cashcontrol/cashcontrol_card.php
+++ b/htdocs/compta/cashcontrol/cashcontrol_card.php
@@ -66,7 +66,7 @@ if (!$sortorder) {
$contextpage = GETPOST('contextpage', 'aZ') ? GETPOST('contextpage', 'aZ') : 'thirdpartylist';
if ($contextpage == 'takepos') {
- $_GET['optioncss'] = 'print';
+ $optioncss = 'print';
}
$arrayofpaymentmode = array('cash' => 'Cash', 'cheque' => 'Cheque', 'card' => 'CreditCard');
diff --git a/htdocs/compta/cashcontrol/report.php b/htdocs/compta/cashcontrol/report.php
index c59c5be8b34..18c41bc47f9 100644
--- a/htdocs/compta/cashcontrol/report.php
+++ b/htdocs/compta/cashcontrol/report.php
@@ -37,7 +37,7 @@ if (!defined('NOBROWSERNOTIF')) {
define('NOBROWSERNOTIF', '1'); // Disable browser notification
}
-$_GET['optioncss'] = "print";
+$optioncss = "print";
// Load Dolibarr environment
require '../../main.inc.php';
diff --git a/htdocs/compta/clients.php b/htdocs/compta/clients.php
index c7963e95090..aa361fa1010 100644
--- a/htdocs/compta/clients.php
+++ b/htdocs/compta/clients.php
@@ -151,16 +151,16 @@ if ($resql) {
print ' |
';
print '| ';
- print ' | ';
+ print '';
print ' | ';
print '';
- print '';
+ print '';
print ' | ';
print '';
- print '';
+ print '';
print ' | ';
print '';
diff --git a/htdocs/compta/facture/card.php b/htdocs/compta/facture/card.php
index a847b7ca292..56fc5218598 100644
--- a/htdocs/compta/facture/card.php
+++ b/htdocs/compta/facture/card.php
@@ -2080,8 +2080,8 @@ if (empty($reshook)) {
} else {
$db->rollback();
$action = 'create';
- $_GET["origin"] = $_POST["origin"];
- $_GET["originid"] = $_POST["originid"];
+ $_GET["origin"] = $_POST["origin"]; // Keep GET and POST here ?
+ $_GET["originid"] = $_POST["originid"]; // Keep GET and POST here ?
setEventMessages($object->error, $object->errors, 'errors');
}
} elseif ($action == 'addline' && GETPOST('submitforalllines', 'alpha') && GETPOST('vatforalllines', 'alpha') !== '') {
diff --git a/htdocs/compta/localtax/card.php b/htdocs/compta/localtax/card.php
index e302bcc2ee1..9b3ec6e2544 100644
--- a/htdocs/compta/localtax/card.php
+++ b/htdocs/compta/localtax/card.php
@@ -87,7 +87,7 @@ if ($action == 'add' && !$cancel) {
} else {
$db->rollback();
setEventMessages($object->error, $object->errors, 'errors');
- $_GET["action"] = "create";
+ $action = "create";
}
}
diff --git a/htdocs/compta/payment_sc/card.php b/htdocs/compta/payment_sc/card.php
index 9288421622e..482c9594d29 100644
--- a/htdocs/compta/payment_sc/card.php
+++ b/htdocs/compta/payment_sc/card.php
@@ -245,7 +245,7 @@ print '';
/*
if (!empty($conf->global->BILL_ADD_PAYMENT_VALIDATION))
{
- if ($user->socid == 0 && $object->statut == 0 && $_GET['action'] == '')
+ if ($user->socid == 0 && $object->statut == 0 && $action == '')
{
if ($user->hasRight('facture', 'paiement')){
print ' '.$langs->trans('Valid').'';
diff --git a/htdocs/compta/payment_vat/card.php b/htdocs/compta/payment_vat/card.php
index 4d9d34abc75..df69e995365 100644
--- a/htdocs/compta/payment_vat/card.php
+++ b/htdocs/compta/payment_vat/card.php
@@ -150,17 +150,6 @@ if ($action == 'delete') {
print $form->formconfirm('card.php?id='.$object->id, $langs->trans("DeletePayment"), $langs->trans("ConfirmDeletePayment"), 'confirm_delete', '', 0, 2);
}
-/*
- * Validation confirmation of payment
- */
-/*
-if ($action == 'valide')
-{
- $facid = $_GET['facid'];
- print $form->formconfirm('card.php?id='.$object->id.'&facid='.$facid, $langs->trans("ValidatePayment"), $langs->trans("ConfirmValidatePayment"), 'confirm_valide','',0,2);
-
-}
-*/
$linkback = ' '.$langs->trans("BackToList").'';
@@ -283,18 +272,6 @@ if ($resql) {
*/
print ' ';
-/*
-if (!empty($conf->global->BILL_ADD_PAYMENT_VALIDATION))
-{
- if ($user->socid == 0 && $object->statut == 0 && $_GET['action'] == '')
- {
- if ($user->hasRight('facture', 'paiement')) {
- print ' '.$langs->trans('Valid').'';
- }
- }
-}
-*/
-
if ($action == '') {
if ($user->hasRight('tax', 'charges', 'supprimer')) {
if (!$disable_delete) {
diff --git a/htdocs/contact/list.php b/htdocs/contact/list.php
index c7058f80d68..43b6294a5b5 100644
--- a/htdocs/contact/list.php
+++ b/htdocs/contact/list.php
@@ -57,7 +57,7 @@ $contextpage = GETPOST('contextpage', 'aZ') ? GETPOST('contextpage', 'aZ') : 'co
$mode = GETPOST('mode', 'alpha');
if ($contextpage == 'poslist') {
- $_GET['optioncss'] = 'print';
+ $optioncss = 'print';
}
// Security check
diff --git a/htdocs/contrat/card.php b/htdocs/contrat/card.php
index 97ce15937e2..47f524aba73 100644
--- a/htdocs/contrat/card.php
+++ b/htdocs/contrat/card.php
@@ -707,7 +707,7 @@ if (empty($reshook)) {
if (!empty($date_start_update) && !empty($date_end_update) && $date_start_update > $date_end_update) {
setEventMessages($langs->trans("Error").': '.$langs->trans("DateStartPlanned").' > '.$langs->trans("DateEndPlanned"), null, 'errors');
$action = 'editline';
- $_GET['rowid'] = GETPOST('elrowid');
+ $_GET['rowid'] = GETPOST('elrowid'); // Keep $_GET here. Used by GETPOST('rowid') later
$error++;
}
diff --git a/htdocs/contrat/document.php b/htdocs/contrat/document.php
index 6f19a21fa69..28a1c9455e2 100644
--- a/htdocs/contrat/document.php
+++ b/htdocs/contrat/document.php
@@ -47,7 +47,6 @@ $ref = GETPOST('ref', 'alpha');
// Security check
if ($user->socid > 0) {
- unset($_GET["action"]);
$action = '';
$socid = $user->socid;
}
diff --git a/htdocs/core/actions_linkedfiles.inc.php b/htdocs/core/actions_linkedfiles.inc.php
index ed0d8b4e8ec..7820754cae3 100644
--- a/htdocs/core/actions_linkedfiles.inc.php
+++ b/htdocs/core/actions_linkedfiles.inc.php
@@ -119,7 +119,7 @@ if (GETPOST('sendit', 'alpha') && getDolGlobalString('MAIN_UPLOAD_DOC') && !empt
// Delete file/link
if ($action == 'confirm_deletefile' && $confirm == 'yes' && !empty($permissiontoadd)) {
- $urlfile = GETPOST('urlfile', 'alpha', 0, null, null, 1); // Do not use urldecode here ($_GET and $_REQUEST are already decoded by PHP).
+ $urlfile = GETPOST('urlfile', 'alpha', 0, null, null, 1);
if (GETPOST('section', 'alpha')) {
// For a delete from the ECM module, upload_dir is ECM root dir and urlfile contains relative path from upload_dir
$file = $upload_dir.(preg_match('/\/$/', $upload_dir) ? '' : '/').$urlfile;
diff --git a/htdocs/core/ajax/fetchKnowledgeRecord.php b/htdocs/core/ajax/fetchKnowledgeRecord.php
index 6e4f1ddd953..9445546b849 100644
--- a/htdocs/core/ajax/fetchKnowledgeRecord.php
+++ b/htdocs/core/ajax/fetchKnowledgeRecord.php
@@ -35,8 +35,8 @@ if (!defined('NOREQUIRESOC')) {
if (!defined('NOREQUIREMENU')) {
define('NOREQUIREMENU', '1');
}
-// If there is no need to load and show top and left menu
-if (!empty($_GET['public'])) { // GETPOST() is not yet defined so we use $_GET
+// If we need access without being logged.
+if (!empty($_GET['public'])) { // Keep $_GET here. GETPOST() is not yet defined so we use $_GET
if (!defined("NOLOGIN")) {
define("NOLOGIN", '1');
}
diff --git a/htdocs/core/ajax/flowjs-server.php b/htdocs/core/ajax/flowjs-server.php
index dfe8b4ad2ce..12fd91e12a0 100644
--- a/htdocs/core/ajax/flowjs-server.php
+++ b/htdocs/core/ajax/flowjs-server.php
@@ -74,8 +74,6 @@ if (!empty($conf->$module->dir_temp)) {
top_httphead();
-dol_syslog(implode(',', $_GET));
-
$result = false;
if (!empty($upload_dir)) {
diff --git a/htdocs/core/ajax/locationincoterms.php b/htdocs/core/ajax/locationincoterms.php
index 5d541238466..6be6645c1b4 100644
--- a/htdocs/core/ajax/locationincoterms.php
+++ b/htdocs/core/ajax/locationincoterms.php
@@ -63,8 +63,7 @@ top_httphead();
//print ''."\n";
-dol_syslog('location_incoterms call with MAIN_USE_LOCATION_INCOTERMS_DICTIONNARY='.(!getDolGlobalString('MAIN_USE_LOCATION_INCOTERMS_DICTIONNARY') ? '' : $conf->global->MAIN_USE_LOCATION_INCOTERMS_DICTIONNARY));
-//var_dump($_GET);
+dol_syslog('location_incoterms call with MAIN_USE_LOCATION_INCOTERMS_DICTIONNARY='.getDolGlobalString('MAIN_USE_LOCATION_INCOTERMS_DICTIONNARY', ''));
// Generation of list of zip-town
if (GETPOST('location_incoterms')) {
diff --git a/htdocs/core/ajax/onlineSign.php b/htdocs/core/ajax/onlineSign.php
index de58f75c303..b861d7c3796 100644
--- a/htdocs/core/ajax/onlineSign.php
+++ b/htdocs/core/ajax/onlineSign.php
@@ -48,7 +48,7 @@ if (!defined('NOIPCHECK')) {
if (!defined('NOBROWSERNOTIF')) {
define('NOBROWSERNOTIF', '1');
}
-$entity = (!empty($_GET['entity']) ? (int) $_GET['entity'] : (!empty($_POST['entity']) ? (int) $_POST['entity'] : 1));
+$entity = (!empty($_GET['entity']) ? (int) $_GET['entity'] : (!empty($_POST['entity']) ? (int) $_POST['entity'] : 1)); // Keep $_GET and $_POST here. GETPOST not yet defined.
if (is_numeric($entity)) {
define("DOLENTITY", $entity);
}
diff --git a/htdocs/core/ajax/selectobject.php b/htdocs/core/ajax/selectobject.php
index aa702375d3e..f7c4726ac80 100644
--- a/htdocs/core/ajax/selectobject.php
+++ b/htdocs/core/ajax/selectobject.php
@@ -149,7 +149,6 @@ $form = new Form($db);
top_httphead($outjson ? 'application/json' : 'text/html');
//print ''."\n";
-//print_r($_GET);
$arrayresult = $form->selectForFormsList($objecttmp, $htmlname, '', 0, $searchkey, '', '', '', 0, 1, 0, '', $filter);
diff --git a/htdocs/core/ajax/ziptown.php b/htdocs/core/ajax/ziptown.php
index 21ccd582933..6ecfbb387f9 100644
--- a/htdocs/core/ajax/ziptown.php
+++ b/htdocs/core/ajax/ziptown.php
@@ -57,7 +57,6 @@ if (!getDolGlobalString('MAIN_USE_ZIPTOWN_DICTIONNARY')) {
//print ''."\n";
dol_syslog('ziptown call with MAIN_USE_ZIPTOWN_DICTIONNARY='.getDolGlobalString('MAIN_USE_ZIPTOWN_DICTIONNARY'));
-//var_dump($_GET);
// Generation of list of zip-town
if (GETPOST('zipcode') || GETPOST('town')) {
diff --git a/htdocs/core/class/openid.class.php b/htdocs/core/class/openid.class.php
index 142fb711ecb..b1b4b3c97a7 100644
--- a/htdocs/core/class/openid.class.php
+++ b/htdocs/core/class/openid.class.php
@@ -432,26 +432,24 @@ class SimpleOpenID
}
}
- // phpcs:disable PEAR.NamingConventions.ValidFunctionName.ScopeNotCamelCaps
/**
- * ValidateWithServer
+ * validateWithServer
*
* @return boolean
*/
- public function ValidateWithServer()
+ public function validateWithServer()
{
- // phpcs:enable
$params = array(
- 'openid.assoc_handle' => urlencode($_GET['openid_assoc_handle']),
- 'openid.signed' => urlencode($_GET['openid_signed']),
- 'openid.sig' => urlencode($_GET['openid_sig'])
+ 'openid.assoc_handle' => urlencode(GETPOST('openid_assoc_handle')),
+ 'openid.signed' => urlencode(GETPOST('openid_signed')),
+ 'openid.sig' => urlencode(GETPOST('openid_sig'))
);
// Send only required parameters to confirm validity
- $arr_signed = explode(",", str_replace('sreg.', 'sreg_', $_GET['openid_signed']));
+ $arr_signed = explode(",", str_replace('sreg.', 'sreg_', GETPOST('openid_signed')));
$num = count($arr_signed);
for ($i = 0; $i < $num; $i++) {
$s = str_replace('sreg_', 'sreg.', $arr_signed[$i]);
- $c = $_GET['openid_'.$arr_signed[$i]];
+ $c = GETPOST('openid_'.$arr_signed[$i]);
// if ($c != ""){
$params['openid.'.$s] = urlencode($c);
// }
diff --git a/htdocs/core/datepicker.php b/htdocs/core/datepicker.php
index 788289de2e3..61352fa2b2c 100644
--- a/htdocs/core/datepicker.php
+++ b/htdocs/core/datepicker.php
@@ -108,10 +108,10 @@ print ''."\n";
$qualified = true;
+// TODO Replace with GETPOST
if (!isset($_GET["sd"])) {
$_GET["sd"] = "00000000";
}
-
if (!isset($_GET["m"]) || !isset($_GET["y"])) {
$qualified = false;
}
@@ -126,7 +126,6 @@ if (isset($_GET["m"]) && isset($_GET["y"])) {
// If parameters provided, we show calendar
if ($qualified) {
- //print $_GET["cm"].",".$_GET["sd"].",".$_GET["m"].",".$_GET["y"];exit;
displayBox(GETPOSTINT("sd"), GETPOSTINT("m"), GETPOSTINT("y"));
} else {
dol_print_error(null, 'ErrorBadParameters');
diff --git a/htdocs/core/filemanagerdol/connectors/php/connector.lib.php b/htdocs/core/filemanagerdol/connectors/php/connector.lib.php
index afdfa2b6ffd..e95af16f784 100644
--- a/htdocs/core/filemanagerdol/connectors/php/connector.lib.php
+++ b/htdocs/core/filemanagerdol/connectors/php/connector.lib.php
@@ -243,14 +243,11 @@ function GetFoldersAndFiles($resourceType, $currentFolder)
*/
function CreateFolder($resourceType, $currentFolder)
{
- if (!isset($_GET)) {
- global $_GET;
- }
$sErrorNumber = '0';
$sErrorMsg = '';
if (isset($_GET['NewFolderName'])) {
- $sNewFolderName = $_GET['NewFolderName'];
+ $sNewFolderName = GETPOST('NewFolderName');
$sNewFolderName = SanitizeFolderName($sNewFolderName);
if (strpos($sNewFolderName, '..') !== false) {
@@ -741,9 +738,6 @@ function IsAllowedCommand($sCommand)
*/
function GetCurrentFolder()
{
- if (!isset($_GET)) {
- global $_GET;
- }
$sCurrentFolder = isset($_GET['CurrentFolder']) ? GETPOST('CurrentFolder', '', 1) : '/';
// Check the current folder syntax (must begin and start with a slash).
diff --git a/htdocs/core/filemanagerdol/connectors/php/connector.php b/htdocs/core/filemanagerdol/connectors/php/connector.php
index 080e331b048..49b55f30b09 100644
--- a/htdocs/core/filemanagerdol/connectors/php/connector.php
+++ b/htdocs/core/filemanagerdol/connectors/php/connector.php
@@ -40,16 +40,13 @@ DoResponse();
*/
function DoResponse()
{
- if (!isset($_GET)) {
- global $_GET;
- }
if (!isset($_GET['Command']) || !isset($_GET['Type']) || !isset($_GET['CurrentFolder'])) {
return;
}
// Get the main request information.
- $sCommand = $_GET['Command'];
- $sResourceType = $_GET['Type'];
+ $sCommand = GETPOST('Command');
+ $sResourceType = GETPOST('Type');
$sCurrentFolder = GetCurrentFolder();
// Check if it is an allowed command
diff --git a/htdocs/core/lib/functions.lib.php b/htdocs/core/lib/functions.lib.php
index d58ee238e15..ff84b50796d 100644
--- a/htdocs/core/lib/functions.lib.php
+++ b/htdocs/core/lib/functions.lib.php
@@ -2036,7 +2036,7 @@ function dol_syslog($message, $level = LOG_INFO, $ident = 0, $suffixinfilename =
//TODO: Remove this. MAIN_ENABLE_LOG_INLINE_HTML should be deprecated and use a log handler dedicated to HTML output
// If html log tag enabled and url parameter log defined, we show output log on HTML comments
- if (getDolGlobalString('MAIN_ENABLE_LOG_INLINE_HTML') && !empty($_GET["log"])) {
+ if (getDolGlobalString('MAIN_ENABLE_LOG_INLINE_HTML') && GETPOSTINT("log")) {
print "\n\n\n";
diff --git a/htdocs/core/login/functions_openid.php b/htdocs/core/login/functions_openid.php
index 7495cb3fe03..e11a1b55b81 100644
--- a/htdocs/core/login/functions_openid.php
+++ b/htdocs/core/login/functions_openid.php
@@ -39,7 +39,7 @@ include_once DOL_DOCUMENT_ROOT.'/core/class/openid.class.php';
*/
function check_user_password_openid($usertotest, $passwordtotest, $entitytotest)
{
- global $db, $conf, $langs;
+ global $db, $conf;
dol_syslog("functions_openid::check_user_password_openid usertotest=".$usertotest);
@@ -62,11 +62,11 @@ function check_user_password_openid($usertotest, $passwordtotest, $entitytotest)
return false;
}
return false;
- } elseif ($_GET['openid_mode'] == 'id_res') {
+ } elseif (GETPOST('openid_mode') == 'id_res') {
// Perform HTTP Request to OpenID server to validate key
$openid = new SimpleOpenID();
$openid->SetIdentity(GETPOST('openid_identity'));
- $openid_validation_result = $openid->ValidateWithServer();
+ $openid_validation_result = $openid->validateWithServer();
if ($openid_validation_result === true) {
// OK HERE KEY IS VALID
@@ -93,7 +93,7 @@ function check_user_password_openid($usertotest, $passwordtotest, $entitytotest)
//echo "INVALID AUTHORIZATION";
return false;
}
- } elseif ($_GET['openid_mode'] == 'cancel') {
+ } elseif (GETPOST('openid_mode') == 'cancel') {
// User Canceled your Request
//echo "USER CANCELED REQUEST";
return false;
diff --git a/htdocs/core/modules/barcode/doc/phpbarcode.modules.php b/htdocs/core/modules/barcode/doc/phpbarcode.modules.php
index 706b6213a7c..231b55f37b7 100644
--- a/htdocs/core/modules/barcode/doc/phpbarcode.modules.php
+++ b/htdocs/core/modules/barcode/doc/phpbarcode.modules.php
@@ -135,7 +135,6 @@ class modPhpbarcode extends ModeleBarCode
*/
public function buildBarCode($code, $encoding, $readable = 'Y', $scale = 1, $nooutputiferror = 0)
{
- global $_GET, $_SERVER;
global $conf;
global $genbarcode_loc, $bar_color, $bg_color, $text_color, $font_loc;
diff --git a/htdocs/core/modules/barcode/doc/tcpdfbarcode.modules.php b/htdocs/core/modules/barcode/doc/tcpdfbarcode.modules.php
index dcb69e6642a..b3d62ca0901 100644
--- a/htdocs/core/modules/barcode/doc/tcpdfbarcode.modules.php
+++ b/htdocs/core/modules/barcode/doc/tcpdfbarcode.modules.php
@@ -106,8 +106,6 @@ class modTcpdfbarcode extends ModeleBarCode
*/
public function buildBarCode($code, $encoding, $readable = 'Y', $scale = 1, $nooutputiferror = 0)
{
- global $_GET;
-
$tcpdfEncoding = $this->getTcpdfEncodingType($encoding);
if (empty($tcpdfEncoding)) {
return -1;
diff --git a/htdocs/core/photos_resize.php b/htdocs/core/photos_resize.php
index 70c8da59d2a..416dd3959e0 100644
--- a/htdocs/core/photos_resize.php
+++ b/htdocs/core/photos_resize.php
@@ -404,7 +404,7 @@ if ($action == 'confirm_resize' && GETPOSTISSET("file") && GETPOSTISSET("sizex")
}
} else {
setEventMessages($result, null, 'errors');
- $_GET['file'] = $_POST["file"];
+ //$_GET['file'] = $_POST["file"];
$action = '';
}
}
@@ -467,7 +467,7 @@ if ($action == 'confirm_crop') {
}
} else {
setEventMessages($result, null, 'errors');
- $_GET['file'] = $_POST["file"];
+ //$_GET['file'] = $_POST["file"];
$action = '';
}
}
diff --git a/htdocs/core/tpl/filemanager.tpl.php b/htdocs/core/tpl/filemanager.tpl.php
index 9c09f821638..7acbddd72fa 100644
--- a/htdocs/core/tpl/filemanager.tpl.php
+++ b/htdocs/core/tpl/filemanager.tpl.php
@@ -62,7 +62,7 @@ if (!isset($section)) {
// Confirm remove file (for non javascript users)
if (($action == 'delete' || $action == 'file_manager_delete') && empty($conf->use_javascript_ajax)) {
// TODO Add website, pageid, filemanager if defined
- print $form->formconfirm($_SERVER["PHP_SELF"].'?section='.$section.'&urlfile='.urlencode($_GET["urlfile"]), $langs->trans('DeleteFile'), $langs->trans('ConfirmDeleteFile'), 'confirm_deletefile', '', '', 1);
+ print $form->formconfirm($_SERVER["PHP_SELF"].'?section='.$section.'&urlfile='.urlencode(GETPOST("urlfile")), $langs->trans('DeleteFile'), $langs->trans('ConfirmDeleteFile'), 'confirm_deletefile', '', '', 1);
}
// Start container of all panels
diff --git a/htdocs/ecm/dir_card.php b/htdocs/ecm/dir_card.php
index 7444815a11e..46fe08c71fb 100644
--- a/htdocs/ecm/dir_card.php
+++ b/htdocs/ecm/dir_card.php
@@ -139,7 +139,7 @@ if (GETPOST("sendit") && getDolGlobalString('MAIN_UPLOAD_DOC') && $permissiontou
// Remove file
if ($action == 'confirm_deletefile' && $confirm == 'yes' && $permissiontoupload) {
$langs->load("other");
- $file = $upload_dir."/".GETPOST('urlfile'); // Do not use urldecode here ($_GET and $_REQUEST are already decoded by PHP).
+ $file = $upload_dir."/".GETPOST('urlfile'); // Do not use urldecode here
$ret = dol_delete_file($file);
if ($ret) {
setEventMessages($langs->trans("FileWasRemoved", GETPOST('urlfile')), null, 'mesgs');
diff --git a/htdocs/ecm/index_auto.php b/htdocs/ecm/index_auto.php
index 7a0338a0126..a46470e9d7a 100644
--- a/htdocs/ecm/index_auto.php
+++ b/htdocs/ecm/index_auto.php
@@ -137,7 +137,7 @@ if ($action == 'confirm_deletefile') {
$relativepath = '';
}
$upload_dir = $conf->ecm->dir_output.($relativepath ? '/'.$relativepath : '');
- $file = $upload_dir."/".GETPOST('urlfile'); // Do not use urldecode here ($_GET and $_POST are already decoded by PHP).
+ $file = $upload_dir."/".GETPOST('urlfile');
$ret = dol_delete_file($file);
if ($ret) {
@@ -417,7 +417,7 @@ print dol_get_fiche_head($head, 'index_auto', '', -1, '');
// Confirm remove file (for non javascript users)
if ($action == 'deletefile' && empty($conf->use_javascript_ajax)) {
- print $form->formconfirm($_SERVER["PHP_SELF"].'?section='.$section.'&urlfile='.urlencode($_GET["urlfile"]), $langs->trans('DeleteFile'), $langs->trans('ConfirmDeleteFile'), 'confirm_deletefile', '', '', 1);
+ print $form->formconfirm($_SERVER["PHP_SELF"].'?section='.$section.'&urlfile='.urlencode(GETPOST("urlfile")), $langs->trans('DeleteFile'), $langs->trans('ConfirmDeleteFile'), 'confirm_deletefile', '', '', 1);
}
// Start container of all panels
diff --git a/htdocs/expedition/card.php b/htdocs/expedition/card.php
index 61b6fb26300..16a71da87da 100644
--- a/htdocs/expedition/card.php
+++ b/htdocs/expedition/card.php
@@ -444,7 +444,7 @@ if (empty($reshook)) {
exit;
} else {
$db->rollback();
- $_GET["commande_id"] = GETPOSTINT('commande_id');
+ //$_GET["commande_id"] = GETPOSTINT('commande_id');
$action = 'create';
}
} elseif ($action == 'create_delivery' && getDolGlobalInt('MAIN_SUBMODULE_DELIVERY') && $user->hasRight('expedition', 'delivery', 'creer')) {
|