mirror of
https://github.com/Dolibarr/dolibarr.git
synced 2025-02-20 13:46:52 +01:00
Merge branch 'develop' into PreselectThirpartyOnNewFromList
This commit is contained in:
Tobias Sekan
GitHub
commit
b2a953ed5b
|
|
@ -20,6 +20,7 @@ Following changes may create regressions for some external modules, but were nec
|
|||
* Property num_paiement has been renamed num_payment everywhere for better code consistency.
|
||||
* If you build a class that implement CommonObject to use the incoterm properties or method (->fk_incoterm, ->label_incoterm, ->location_incoterm),
|
||||
you must now also include declaration of the Trait CommonIncoterm in your class. All incoterm functions were moved into this Trait.
|
||||
* The GETPOST(..., 'alpha') has now the same behaviour than GETPOST(..., 'alpahnohtml');
|
||||
|
||||
***** ChangeLog for 12.0.2 compared to 12.0.1 *****
|
||||
FIX: computation of the bottom margin of <body> returns NaN because body is not loaded yet
|
||||
|
|
|
|||
14
SECURITY.md
14
SECURITY.md
|
|
@ -62,13 +62,19 @@ No vulnerability disclosure, including partial is allowed for the moment.
|
|||
|
||||
## Scope for qualified vulnerabilities
|
||||
|
||||
ONLY vulnerabilities discovered, when the following setup on tested platform is used, are accepted:
|
||||
ONLY vulnerabilities discovered, when the following setup on test platform is used, are accepted:
|
||||
|
||||
* $dolibarr_main_prod must be set to 1 into conf.php
|
||||
* $dolibarr_nocsrfcheck must be kept to the value 1 into conf.php (this is the default value)
|
||||
* The module DebugBar must NOT be enabled (by default, this module is not enabled)
|
||||
* $dolibarr_nocsrfcheck must be kept to the value 0 into conf.php (this is the default value)
|
||||
* $dolibarr_main_force_https must be set to something else than 0.
|
||||
* The constant MAIN_SECURITY_CSRF_WITH_TOKEN must be set to 1 into backoffice menu Home - Setup - Other (this protection should be enabled soon by default)
|
||||
* ONLY security reports on "stable" modules are allowed (troubles into "experimental" and "developement" modules are not accepted).
|
||||
* The module DebugBar must NOT be enabled (by default, this module is not enabled. This is a developer tool)
|
||||
* The module ModuleBuilder must NOT be enabled (by default, this module is not enabled. This is a developer tool)
|
||||
* ONLY security reports on modules provided by default and with the "stable" status are allowed (troubles into "experimental", "developement" or external modules are not accepted).
|
||||
* The root of web server must link to htdocs and the documents directory must be outside of the web server root (this is the default when using the default installer but may differs with external installer).
|
||||
* The web server setup must be done so only the documents directory is in write mode. The root directory called htdocs must be readonly.
|
||||
* CSRF attacks are accepted for all when using a POST URL, but are accepted only for creating or updating data resctricted to the admin user when using GET URL.
|
||||
* Ability for a high level user to edit web site pages in the CMS by including javascript is an expected feature.
|
||||
|
||||
Scope is the web application (back office) and the APIs.
|
||||
|
||||
|
|
|
|||
|
|
@ -69,6 +69,7 @@ then
|
|||
255)
|
||||
exit;;
|
||||
esac
|
||||
rm $fichtemp
|
||||
|
||||
# ----------------------------- database name
|
||||
DIALOG=${DIALOG=dialog}
|
||||
|
|
@ -86,6 +87,7 @@ then
|
|||
255)
|
||||
exit;;
|
||||
esac
|
||||
rm $fichtemp
|
||||
|
||||
# ---------------------------- database port
|
||||
DIALOG=${DIALOG=dialog}
|
||||
|
|
@ -104,6 +106,7 @@ then
|
|||
255)
|
||||
exit;;
|
||||
esac
|
||||
rm $fichtemp
|
||||
|
||||
# ---------------------------- compte admin mysql
|
||||
DIALOG=${DIALOG=dialog}
|
||||
|
|
@ -122,6 +125,7 @@ then
|
|||
255)
|
||||
exit;;
|
||||
esac
|
||||
rm $fichtemp
|
||||
|
||||
# ---------------------------- mot de passe admin mysql
|
||||
DIALOG=${DIALOG=dialog}
|
||||
|
|
@ -140,6 +144,7 @@ then
|
|||
255)
|
||||
exit;;
|
||||
esac
|
||||
rm $fichtemp
|
||||
|
||||
|
||||
export documentdir=`cat $mydir/../../htdocs/conf/conf.php | grep '^\$dolibarr_main_data_root' | sed -e 's/$dolibarr_main_data_root=//' | sed -e 's/;//' | sed -e "s/'//g" | sed -e 's/"//g' `
|
||||
|
|
|
|||
166
dev/initdemo/initdemopassword.sh
Executable file
166
dev/initdemo/initdemopassword.sh
Executable file
|
|
@ -0,0 +1,166 @@
|
|||
#!/bin/sh
|
||||
#------------------------------------------------------
|
||||
# Script to reinit admin password.
|
||||
# Note: "dialog" tool need to be available if no parameter provided.
|
||||
#
|
||||
# Laurent Destailleur - eldy@users.sourceforge.net
|
||||
#------------------------------------------------------
|
||||
# Usage: initdemopassword.sh confirm
|
||||
# usage: initdemopassword.sh confirm base port login pass
|
||||
#------------------------------------------------------
|
||||
|
||||
|
||||
export mydir=`echo "$0" | sed -e 's/initdemopassword.sh//'`;
|
||||
if [ "x$mydir" = 'x' -o "x$mydir" = 'x./' ]
|
||||
then
|
||||
export mydir="."
|
||||
fi
|
||||
export id=`id -u`;
|
||||
|
||||
|
||||
# ----------------------------- check if root
|
||||
if [ "x$id" != "x0" -a "x$id" != "x1001" ]
|
||||
then
|
||||
echo "Script must be ran as root"
|
||||
exit
|
||||
fi
|
||||
|
||||
|
||||
# ----------------------------- command line params
|
||||
confirm=$1;
|
||||
base=$2;
|
||||
port=$3;
|
||||
demologin=$4;
|
||||
demopass=$5;
|
||||
|
||||
# ----------------------------- check params
|
||||
if [ "x$confirm" != "xconfirm" ]
|
||||
then
|
||||
echo "----- $0 -----"
|
||||
echo "Usage: initdemopassword.sh confirm [base port login pass]"
|
||||
exit
|
||||
fi
|
||||
|
||||
|
||||
# ----------------------------- if no params on command line
|
||||
if [ "x$demopass" = "x" ]
|
||||
then
|
||||
export dumpfile=`ls -v $mydir/mysqldump_dolibarr_*.sql | tail -n 1`
|
||||
export dumpfile=`basename $dumpfile`
|
||||
|
||||
# ----------------------------- database name
|
||||
DIALOG=${DIALOG=dialog}
|
||||
DIALOG="$DIALOG --ascii-lines"
|
||||
fichtemp=`tempfile 2>/dev/null` || fichtemp=/tmp/test$$
|
||||
trap "rm -f $fichtemp" 0 1 2 5 15
|
||||
$DIALOG --title "Init Dolibarr with demo values" --clear \
|
||||
--inputbox "Mysql database name :" 16 55 dolibarrdemo 2> $fichtemp
|
||||
valret=$?
|
||||
case $valret in
|
||||
0)
|
||||
base=`cat $fichtemp`;;
|
||||
1)
|
||||
exit;;
|
||||
255)
|
||||
exit;;
|
||||
esac
|
||||
rm $fichtemp
|
||||
|
||||
# ---------------------------- database port
|
||||
DIALOG=${DIALOG=dialog}
|
||||
fichtemp=`tempfile 2>/dev/null` || fichtemp=/tmp/test$$
|
||||
trap "rm -f $fichtemp" 0 1 2 5 15
|
||||
$DIALOG --title "Init Dolibarr with demo values" --clear \
|
||||
--inputbox "Mysql port (ex: 3306):" 16 55 3306 2> $fichtemp
|
||||
|
||||
valret=$?
|
||||
|
||||
case $valret in
|
||||
0)
|
||||
port=`cat $fichtemp`;;
|
||||
1)
|
||||
exit;;
|
||||
255)
|
||||
exit;;
|
||||
esac
|
||||
rm $fichtemp
|
||||
|
||||
|
||||
# ----------------------------- demo login
|
||||
DIALOG=${DIALOG=dialog}
|
||||
DIALOG="$DIALOG --ascii-lines"
|
||||
fichtemp=`tempfile 2>/dev/null` || fichtemp=/tmp/test$$
|
||||
trap "rm -f $fichtemp" 0 1 2 5 15
|
||||
$DIALOG --title "Reset login password" --clear \
|
||||
--inputbox "Login to reset :" 16 55 dolibarrdemologin 2> $fichtemp
|
||||
valret=$?
|
||||
case $valret in
|
||||
0)
|
||||
demologin=`cat $fichtemp`;;
|
||||
1)
|
||||
exit;;
|
||||
255)
|
||||
exit;;
|
||||
esac
|
||||
rm fichtemp
|
||||
|
||||
# ----------------------------- demo pass
|
||||
DIALOG=${DIALOG=dialog}
|
||||
DIALOG="$DIALOG --ascii-lines"
|
||||
fichtemp=`tempfile 2>/dev/null` || fichtemp=/tmp/test$$
|
||||
trap "rm -f $fichtemp" 0 1 2 5 15
|
||||
$DIALOG --title "Reset login password" --clear \
|
||||
--inputbox "Pass to set :" 16 55 dolibarrdemopass 2> $fichtemp
|
||||
valret=$?
|
||||
case $valret in
|
||||
0)
|
||||
demopass=`cat $fichtemp`;;
|
||||
1)
|
||||
exit;;
|
||||
255)
|
||||
exit;;
|
||||
esac
|
||||
rm fichtemp
|
||||
|
||||
|
||||
export documentdir=`cat $mydir/../../htdocs/conf/conf.php | grep '^\$dolibarr_main_data_root' | sed -e 's/$dolibarr_main_data_root=//' | sed -e 's/;//' | sed -e "s/'//g" | sed -e 's/"//g' `
|
||||
|
||||
|
||||
# ---------------------------- confirmation
|
||||
DIALOG=${DIALOG=dialog}
|
||||
$DIALOG --title "Init demo login with demo values" --clear \
|
||||
--yesno "Do you confirm ? \n Mysql database : '$base' \n Mysql port : '$port' \n Demo login: '$demologin' \n Demo password : '$demopass'" 15 55
|
||||
|
||||
case $? in
|
||||
0) echo "Ok, start process...";;
|
||||
1) exit;;
|
||||
255) exit;;
|
||||
esac
|
||||
|
||||
fi
|
||||
|
||||
|
||||
# ---------------------------- run sql file
|
||||
if [ "x$passwd" != "x" ]
|
||||
then
|
||||
export passwd="-p$passwd"
|
||||
fi
|
||||
#echo "mysql -P$port -u$admin $passwd $base < $mydir/$dumpfile"
|
||||
#mysql -P$port -u$admin $passwd $base < $mydir/$dumpfile
|
||||
echo "echo \"UPDATE llx_user SET pass_crypted = MD5('$demopass') WHERE login = '$demologin';\" | mysql -P$port $base"
|
||||
echo "UPDATE llx_user SET pass_crypted = MD5('$demopass') WHERE login = '$demologin';" | mysql -P$port $base
|
||||
export res=$?
|
||||
|
||||
if [ $res -ne 0 ]; then
|
||||
echo "Error to execute sql with mysql -P$port -u$admin -p***** $base"
|
||||
exit
|
||||
fi
|
||||
|
||||
|
||||
if [ "x$res" = "x0" ]
|
||||
then
|
||||
echo "Success, file successfully loaded."
|
||||
else
|
||||
echo "Error, load failed."
|
||||
fi
|
||||
echo
|
||||
|
|
@ -55,7 +55,7 @@ if (!$user->rights->accounting->chartofaccount) accessforbidden();
|
|||
// Load variable for pagination
|
||||
$limit = GETPOST('limit', 'int') ?GETPOST('limit', 'int') : $conf->liste_limit;
|
||||
$sortfield = GETPOST('sortfield', 'alpha');
|
||||
$sortorder = GETPOST('sortorder', 'alpha');
|
||||
$sortorder = GETPOST('sortorder', 'aZ09comma');
|
||||
$page = GETPOSTISSET('pageplusone') ? (GETPOST('pageplusone') - 1) : GETPOST("page", 'int');
|
||||
if (empty($page) || $page == -1) { $page = 0; } // If $page is not defined, or '' or -1
|
||||
$offset = $limit * $page;
|
||||
|
|
|
|||
|
|
@ -30,7 +30,7 @@ $action = GETPOST('action', 'aZ09');
|
|||
// Load variable for pagination
|
||||
$limit = GETPOST('limit', 'int') ?GETPOST('limit', 'int') : $conf->liste_limit;
|
||||
$sortfield = GETPOST('sortfield', 'alpha');
|
||||
$sortorder = GETPOST('sortorder', 'alpha');
|
||||
$sortorder = GETPOST('sortorder', 'aZ09comma');
|
||||
$page = GETPOSTISSET('pageplusone') ? (GETPOST('pageplusone') - 1) : GETPOST("page", 'int');
|
||||
if (empty($page) || $page == -1) { $page = 0; } // If $page is not defined, or '' or -1
|
||||
$offset = $limit * $page;
|
||||
|
|
|
|||
|
|
@ -47,7 +47,7 @@ $action = GETPOST('action', 'aZ09');
|
|||
// Load variable for pagination
|
||||
$limit = GETPOST('limit', 'int') ?GETPOST('limit', 'int') : $conf->liste_limit;
|
||||
$sortfield = GETPOST('sortfield', 'alpha');
|
||||
$sortorder = GETPOST('sortorder', 'alpha');
|
||||
$sortorder = GETPOST('sortorder', 'aZ09comma');
|
||||
$page = GETPOSTISSET('pageplusone') ? (GETPOST('pageplusone') - 1) : GETPOST("page", 'int');
|
||||
if (empty($page) || $page == -1 || GETPOST('button_search', 'alpha') || GETPOST('button_removefilter', 'alpha') || (empty($toselect) && $massaction === '0')) { $page = 0; } // If $page is not defined, or '' or -1 or if we click on clear filters or if we select empty mass action
|
||||
$offset = $limit * $page;
|
||||
|
|
|
|||
|
|
@ -92,7 +92,7 @@ $search_not_reconciled = GETPOST('search_reconciled_option', 'alpha');
|
|||
// Load variable for pagination
|
||||
$limit = GETPOST('limit', 'int') ?GETPOST('limit', 'int') : (empty($conf->global->ACCOUNTING_LIMIT_LIST_VENTILATION) ? $conf->liste_limit : $conf->global->ACCOUNTING_LIMIT_LIST_VENTILATION);
|
||||
$sortfield = GETPOST('sortfield', 'alpha');
|
||||
$sortorder = GETPOST('sortorder', 'alpha');
|
||||
$sortorder = GETPOST('sortorder', 'aZ09comma');
|
||||
$page = GETPOSTISSET('pageplusone') ? (GETPOST('pageplusone') - 1) : GETPOST("page", 'int');
|
||||
if (empty($page) || $page < 0) { $page = 0; }
|
||||
$offset = $limit * $page;
|
||||
|
|
|
|||
|
|
@ -39,7 +39,7 @@ require_once DOL_DOCUMENT_ROOT.'/core/lib/date.lib.php';
|
|||
// Load translation files required by the page
|
||||
$langs->loadLangs(array("accountancy"));
|
||||
|
||||
$action = GETPOST('action', 'alpha');
|
||||
$action = GETPOST('action', 'aZ09');
|
||||
$search_date_start = dol_mktime(0, 0, 0, GETPOST('search_date_startmonth', 'int'), GETPOST('search_date_startday', 'int'), GETPOST('search_date_startyear', 'int'));
|
||||
$search_date_end = dol_mktime(0, 0, 0, GETPOST('search_date_endmonth', 'int'), GETPOST('search_date_endday', 'int'), GETPOST('search_date_endyear', 'int'));
|
||||
$search_doc_date = dol_mktime(0, 0, 0, GETPOST('doc_datemonth', 'int'), GETPOST('doc_dateday', 'int'), GETPOST('doc_dateyear', 'int'));
|
||||
|
|
@ -69,7 +69,7 @@ if (GETPOST("button_delmvt_x") || GETPOST("button_delmvt.x") || GETPOST("button_
|
|||
// Load variable for pagination
|
||||
$limit = GETPOST('limit', 'int') ?GETPOST('limit', 'int') : (empty($conf->global->ACCOUNTING_LIMIT_LIST_VENTILATION) ? $conf->liste_limit : $conf->global->ACCOUNTING_LIMIT_LIST_VENTILATION);
|
||||
$sortfield = GETPOST('sortfield', 'alpha');
|
||||
$sortorder = GETPOST('sortorder', 'alpha');
|
||||
$sortorder = GETPOST('sortorder', 'aZ09comma');
|
||||
$page = GETPOSTISSET('pageplusone') ? (GETPOST('pageplusone') - 1) : GETPOST("page", 'int');
|
||||
if (empty($page) || $page < 0) { $page = 0; }
|
||||
$offset = $limit * $page;
|
||||
|
|
|
|||
|
|
@ -30,7 +30,7 @@ require_once DOL_DOCUMENT_ROOT.'/core/class/html.formaccounting.class.php';
|
|||
// Load translation files required by the page
|
||||
$langs->loadLangs(array("bills", "accountancy"));
|
||||
|
||||
$action = GETPOST('action', 'alpha');
|
||||
$action = GETPOST('action', 'aZ09');
|
||||
$cancel = GETPOST('cancel', 'alpha');
|
||||
$backtopage = GETPOST('backtopage', 'alpha');
|
||||
|
||||
|
|
|
|||
|
|
@ -62,7 +62,7 @@ $search_tvaintra = GETPOST('search_tvaintra', 'alpha');
|
|||
// Load variable for pagination
|
||||
$limit = GETPOST('limit', 'int') ?GETPOST('limit', 'int') : (empty($conf->global->ACCOUNTING_LIMIT_LIST_VENTILATION) ? $conf->liste_limit : $conf->global->ACCOUNTING_LIMIT_LIST_VENTILATION);
|
||||
$sortfield = GETPOST('sortfield', 'alpha');
|
||||
$sortorder = GETPOST('sortorder', 'alpha');
|
||||
$sortorder = GETPOST('sortorder', 'aZ09comma');
|
||||
$page = GETPOSTISSET('pageplusone') ? (GETPOST('pageplusone') - 1) : GETPOST("page", 'int');
|
||||
if (empty($page) || $page < 0) $page = 0;
|
||||
$offset = $limit * $page;
|
||||
|
|
|
|||
|
|
@ -40,7 +40,7 @@ require_once DOL_DOCUMENT_ROOT.'/core/lib/company.lib.php';
|
|||
// Load translation files required by the page
|
||||
$langs->loadLangs(array("bills", "companies", "compta", "accountancy", "other", "productbatch"));
|
||||
|
||||
$action = GETPOST('action', 'alpha');
|
||||
$action = GETPOST('action', 'aZ09');
|
||||
$massaction = GETPOST('massaction', 'alpha');
|
||||
$show_files = GETPOST('show_files', 'int');
|
||||
$confirm = GETPOST('confirm', 'alpha');
|
||||
|
|
@ -70,7 +70,7 @@ $btn_ventil = GETPOST('ventil', 'alpha');
|
|||
// Load variable for pagination
|
||||
$limit = GETPOST('limit', 'int') ?GETPOST('limit', 'int') : (empty($conf->global->ACCOUNTING_LIMIT_LIST_VENTILATION) ? $conf->liste_limit : $conf->global->ACCOUNTING_LIMIT_LIST_VENTILATION);
|
||||
$sortfield = GETPOST('sortfield', 'alpha');
|
||||
$sortorder = GETPOST('sortorder', 'alpha');
|
||||
$sortorder = GETPOST('sortorder', 'aZ09comma');
|
||||
$page = GETPOSTISSET('pageplusone') ? (GETPOST('pageplusone') - 1) : GETPOST("page", 'int');
|
||||
if (empty($page) || $page < 0) { $page = 0; }
|
||||
$offset = $limit * $page;
|
||||
|
|
|
|||
|
|
@ -34,7 +34,7 @@ require_once DOL_DOCUMENT_ROOT.'/core/class/html.formaccounting.class.php';
|
|||
// Load translation files required by the page
|
||||
$langs->loadLangs(array("bills", "accountancy", "trips"));
|
||||
|
||||
$action = GETPOST('action', 'alpha');
|
||||
$action = GETPOST('action', 'aZ09');
|
||||
$cancel = GETPOST('cancel', 'alpha');
|
||||
$backtopage = GETPOST('backtopage', 'alpha');
|
||||
|
||||
|
|
|
|||
|
|
@ -56,7 +56,7 @@ $search_year = GETPOST("search_year", "int");
|
|||
// Load variable for pagination
|
||||
$limit = GETPOST('limit', 'int') ?GETPOST('limit', 'int') : (empty($conf->global->ACCOUNTING_LIMIT_LIST_VENTILATION) ? $conf->liste_limit : $conf->global->ACCOUNTING_LIMIT_LIST_VENTILATION);
|
||||
$sortfield = GETPOST('sortfield', 'alpha');
|
||||
$sortorder = GETPOST('sortorder', 'alpha');
|
||||
$sortorder = GETPOST('sortorder', 'aZ09comma');
|
||||
$page = GETPOSTISSET('pageplusone') ? (GETPOST('pageplusone') - 1) : GETPOST("page", 'int');
|
||||
if (empty($page) || $page < 0) $page = 0;
|
||||
$pageprev = $page - 1;
|
||||
|
|
|
|||
|
|
@ -38,7 +38,7 @@ require_once DOL_DOCUMENT_ROOT.'/core/lib/date.lib.php';
|
|||
// Load translation files required by the page
|
||||
$langs->loadLangs(array("bills", "companies", "compta", "accountancy", "other", "trips", "productbatch", "hrm"));
|
||||
|
||||
$action = GETPOST('action', 'alpha');
|
||||
$action = GETPOST('action', 'aZ09');
|
||||
$massaction = GETPOST('massaction', 'alpha');
|
||||
$show_files = GETPOST('show_files', 'int');
|
||||
$confirm = GETPOST('confirm', 'alpha');
|
||||
|
|
@ -66,7 +66,7 @@ $search_year = GETPOST("search_year", "int");
|
|||
// Load variable for pagination
|
||||
$limit = GETPOST('limit', 'int') ?GETPOST('limit', 'int') : (empty($conf->global->ACCOUNTING_LIMIT_LIST_VENTILATION) ? $conf->liste_limit : $conf->global->ACCOUNTING_LIMIT_LIST_VENTILATION);
|
||||
$sortfield = GETPOST('sortfield', 'alpha');
|
||||
$sortorder = GETPOST('sortorder', 'alpha');
|
||||
$sortorder = GETPOST('sortorder', 'aZ09comma');
|
||||
$page = GETPOSTISSET('pageplusone') ? (GETPOST('pageplusone') - 1) : GETPOST("page", 'int');
|
||||
if (empty($page) || $page < 0) { $page = 0; }
|
||||
$offset = $limit * $page;
|
||||
|
|
|
|||
|
|
@ -34,7 +34,7 @@ require_once DOL_DOCUMENT_ROOT.'/core/class/html.formaccounting.class.php';
|
|||
// Load translation files required by the page
|
||||
$langs->loadLangs(array("bills", "accountancy"));
|
||||
|
||||
$action = GETPOST('action', 'alpha');
|
||||
$action = GETPOST('action', 'aZ09');
|
||||
$cancel = GETPOST('cancel', 'alpha');
|
||||
$backtopage = GETPOST('backtopage', 'alpha');
|
||||
|
||||
|
|
|
|||
|
|
@ -63,7 +63,7 @@ $search_tvaintra = GETPOST('search_tvaintra', 'alpha');
|
|||
// Load variable for pagination
|
||||
$limit = GETPOST('limit', 'int') ?GETPOST('limit', 'int') : (empty($conf->global->ACCOUNTING_LIMIT_LIST_VENTILATION) ? $conf->liste_limit : $conf->global->ACCOUNTING_LIMIT_LIST_VENTILATION);
|
||||
$sortfield = GETPOST('sortfield', 'alpha');
|
||||
$sortorder = GETPOST('sortorder', 'alpha');
|
||||
$sortorder = GETPOST('sortorder', 'aZ09comma');
|
||||
$page = GETPOSTISSET('pageplusone') ? (GETPOST('pageplusone') - 1) : GETPOST("page", 'int');
|
||||
if (empty($page) || $page < 0) $page = 0;
|
||||
$offset = $limit * $page;
|
||||
|
|
|
|||
|
|
@ -40,7 +40,7 @@ require_once DOL_DOCUMENT_ROOT.'/core/lib/company.lib.php';
|
|||
// Load translation files required by the page
|
||||
$langs->loadLangs(array("bills", "companies", "compta", "accountancy", "other", "productbatch"));
|
||||
|
||||
$action = GETPOST('action', 'alpha');
|
||||
$action = GETPOST('action', 'aZ09');
|
||||
$massaction = GETPOST('massaction', 'alpha');
|
||||
$show_files = GETPOST('show_files', 'int');
|
||||
$confirm = GETPOST('confirm', 'alpha');
|
||||
|
|
@ -70,7 +70,7 @@ $btn_ventil = GETPOST('ventil', 'alpha');
|
|||
// Load variable for pagination
|
||||
$limit = GETPOST('limit', 'int') ?GETPOST('limit', 'int') : (empty($conf->global->ACCOUNTING_LIMIT_LIST_VENTILATION) ? $conf->liste_limit : $conf->global->ACCOUNTING_LIMIT_LIST_VENTILATION);
|
||||
$sortfield = GETPOST('sortfield', 'alpha');
|
||||
$sortorder = GETPOST('sortorder', 'alpha');
|
||||
$sortorder = GETPOST('sortorder', 'aZ09comma');
|
||||
$page = GETPOSTISSET('pageplusone') ? (GETPOST('pageplusone') - 1) : GETPOST("page", 'int');
|
||||
if (empty($page) || $page < 0) { $page = 0; }
|
||||
$offset = $limit * $page;
|
||||
|
|
|
|||
|
|
@ -41,7 +41,7 @@ if (!$user->admin) accessforbidden();
|
|||
|
||||
$type = array('yesno', 'texte', 'chaine');
|
||||
|
||||
$action = GETPOST('action', 'alpha');
|
||||
$action = GETPOST('action', 'aZ09');
|
||||
|
||||
|
||||
/*
|
||||
|
|
|
|||
|
|
@ -41,7 +41,7 @@ if (!$user->admin) accessforbidden();
|
|||
|
||||
$oldtypetonewone = array('texte'=>'text', 'chaine'=>'string'); // old type to new ones
|
||||
|
||||
$action = GETPOST('action', 'alpha');
|
||||
$action = GETPOST('action', 'aZ09');
|
||||
|
||||
$error = 0;
|
||||
|
||||
|
|
@ -83,9 +83,9 @@ if ($action == 'update' || $action == 'add') {
|
|||
$constlineid = GETPOST('rowid', 'int');
|
||||
$constname = GETPOST('constname', 'alpha');
|
||||
|
||||
$constvalue = (GETPOSTISSET('constvalue_'.$constname) ? GETPOST('constvalue_'.$constname, 'alpha') : GETPOST('constvalue'));
|
||||
$constvalue = (GETPOSTISSET('constvalue_'.$constname) ? GETPOST('constvalue_'.$constname, 'alphanohtml') : GETPOST('constvalue'));
|
||||
$consttype = (GETPOSTISSET('consttype_'.$constname) ? GETPOST('consttype_'.$constname, 'alphanohtml') : GETPOST('consttype'));
|
||||
$constnote = (GETPOSTISSET('constnote_'.$constname) ? GETPOST('constnote_'.$constname, 'none') : GETPOST('constnote'));
|
||||
$constnote = (GETPOSTISSET('constnote_'.$constname) ? GETPOST('constnote_'.$constname, 'restricthtml') : GETPOST('constnote'));
|
||||
|
||||
$typetouse = empty($oldtypetonewone[$consttype]) ? $consttype : $oldtypetonewone[$consttype];
|
||||
$constvalue = preg_replace('/:member$/', '', $constvalue);
|
||||
|
|
|
|||
|
|
@ -39,7 +39,7 @@ $tmptype2label = ExtraFields::$type2label;
|
|||
$type2label = array('');
|
||||
foreach ($tmptype2label as $key => $val) $type2label[$key] = $langs->transnoentitiesnoconv($val);
|
||||
|
||||
$action = GETPOST('action', 'alpha');
|
||||
$action = GETPOST('action', 'aZ09');
|
||||
$attrname = GETPOST('attrname', 'alpha');
|
||||
$elementtype = 'adherent'; //Must be the $table_element of the class that manage extrafield
|
||||
|
||||
|
|
|
|||
|
|
@ -42,7 +42,7 @@ $tmptype2label = ExtraFields::$type2label;
|
|||
$type2label = array('');
|
||||
foreach ($tmptype2label as $key => $val) $type2label[$key] = $langs->transnoentitiesnoconv($val);
|
||||
|
||||
$action = GETPOST('action', 'alpha');
|
||||
$action = GETPOST('action', 'aZ09');
|
||||
$attrname = GETPOST('attrname', 'alpha');
|
||||
$elementtype = 'adherent_type'; //Must be the $table_element of the class that manage extrafield
|
||||
|
||||
|
|
|
|||
|
|
@ -33,7 +33,7 @@ require_once DOL_DOCUMENT_ROOT.'/adherents/class/adherent_type.class.php';
|
|||
// Load translation files required by the page
|
||||
$langs->loadLangs(array("admin", "members"));
|
||||
|
||||
$action = GETPOST('action', 'alpha');
|
||||
$action = GETPOST('action', 'aZ09');
|
||||
|
||||
if (!$user->admin) accessforbidden();
|
||||
|
||||
|
|
|
|||
|
|
@ -45,7 +45,7 @@ require_once DOL_DOCUMENT_ROOT.'/core/class/html.formfile.class.php';
|
|||
// Load translation files required by the page
|
||||
$langs->loadLangs(array("companies", "bills", "members", "users", "other", "paypal"));
|
||||
|
||||
$action = GETPOST('action', 'alpha');
|
||||
$action = GETPOST('action', 'aZ09');
|
||||
$cancel = GETPOST('cancel', 'alpha');
|
||||
$backtopage = GETPOST('backtopage', 'alpha');
|
||||
$confirm = GETPOST('confirm', 'alpha');
|
||||
|
|
@ -82,7 +82,7 @@ if (!empty($canvas)) {
|
|||
}
|
||||
|
||||
// Security check
|
||||
$result = restrictedArea($user, 'adherent', $id, '', '', 'socid', 'rowid', $objcanvas);
|
||||
$result = restrictedArea($user, 'adherent', $id, '', '', 'socid', 'rowid', 0);
|
||||
|
||||
if ($id > 0) {
|
||||
// Load member
|
||||
|
|
@ -254,7 +254,7 @@ if (empty($reshook)) {
|
|||
$object->firstname = trim(GETPOST("firstname", 'alphanohtml'));
|
||||
$object->lastname = trim(GETPOST("lastname", 'alphanohtml'));
|
||||
$object->gender = trim(GETPOST("gender", 'alphanohtml'));
|
||||
$object->login = trim(GETPOST("login", 'alpha'));
|
||||
$object->login = trim(GETPOST("login", 'alphanohtml'));
|
||||
$object->pass = trim(GETPOST("pass", 'alpha'));
|
||||
|
||||
$object->societe = trim(GETPOST("societe", 'alphanohtml')); // deprecated
|
||||
|
|
@ -404,10 +404,9 @@ if (empty($reshook)) {
|
|||
// $facebook=GETPOST("member_facebook", 'alpha');
|
||||
// $linkedin=GETPOST("member_linkedin", 'alpha');
|
||||
$email = preg_replace('/\s+/', '', GETPOST("member_email", 'alpha'));
|
||||
$login = GETPOST("member_login", 'alpha');
|
||||
$login = GETPOST("member_login", 'alphanohtml');
|
||||
$pass = GETPOST("password", 'alpha');
|
||||
$photo = GETPOST("photo", 'alpha');
|
||||
//$comment=GETPOST("comment",'none');
|
||||
$morphy = GETPOST("morphy", 'alphanohtml');
|
||||
$public = GETPOST("public", 'alphanohtml');
|
||||
|
||||
|
|
@ -836,7 +835,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) {
|
|||
|
||||
// Login
|
||||
if (empty($conf->global->ADHERENT_LOGIN_NOT_REQUIRED)) {
|
||||
print '<tr><td><span class="fieldrequired">'.$langs->trans("Login").' / '.$langs->trans("Id").'</span></td><td><input type="text" name="member_login" class="minwidth300" maxlength="50" value="'.(isset($_POST["member_login"]) ?GETPOST("member_login", 'alpha', 2) : $object->login).'" autofocus="autofocus"></td></tr>';
|
||||
print '<tr><td><span class="fieldrequired">'.$langs->trans("Login").' / '.$langs->trans("Id").'</span></td><td><input type="text" name="member_login" class="minwidth300" maxlength="50" value="'.(GETPOSTISSET("member_login") ? GETPOST("member_login", 'alphanohtml', 2) : $object->login).'" autofocus="autofocus"></td></tr>';
|
||||
}
|
||||
|
||||
// Password
|
||||
|
|
@ -1063,7 +1062,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) {
|
|||
|
||||
// Login
|
||||
if (empty($conf->global->ADHERENT_LOGIN_NOT_REQUIRED)) {
|
||||
print '<tr><td><span class="fieldrequired">'.$langs->trans("Login").' / '.$langs->trans("Id").'</span></td><td><input type="text" name="login" class="minwidth300" maxlength="50" value="'.(isset($_POST["login"]) ?GETPOST("login", 'alpha', 2) : $object->login).'"></td></tr>';
|
||||
print '<tr><td><span class="fieldrequired">'.$langs->trans("Login").' / '.$langs->trans("Id").'</span></td><td><input type="text" name="login" class="minwidth300" maxlength="50" value="'.(GETPOSTISSET("login") ? GETPOST("login", 'alphanohtml', 2) : $object->login).'"></td></tr>';
|
||||
}
|
||||
|
||||
// Password
|
||||
|
|
|
|||
|
|
@ -38,7 +38,7 @@ $langs->loadLangs(array("companies", "members", "other"));
|
|||
|
||||
|
||||
$id = GETPOST('id', 'int');
|
||||
$action = GETPOST('action', 'alpha');
|
||||
$action = GETPOST('action', 'aZ09');
|
||||
$confirm = GETPOST('confirm', 'alpha');
|
||||
|
||||
// Security check
|
||||
|
|
|
|||
|
|
@ -31,7 +31,7 @@ require_once DOL_DOCUMENT_ROOT.'/adherents/class/adherent_type.class.php';
|
|||
// Load translation files required by the page
|
||||
$langs->loadLangs(array("companies", "members", "bills"));
|
||||
|
||||
$action = GETPOST('action', 'alpha');
|
||||
$action = GETPOST('action', 'aZ09');
|
||||
$id = GETPOST('id', 'int');
|
||||
|
||||
// Security check
|
||||
|
|
|
|||
|
|
@ -40,7 +40,7 @@ require_once DOL_DOCUMENT_ROOT.'/accountancy/class/accountingjournal.class.php';
|
|||
|
||||
$langs->loadLangs(array("companies", "bills", "members", "users", "mails", 'other'));
|
||||
|
||||
$action = GETPOST('action', 'alpha');
|
||||
$action = GETPOST('action', 'aZ09');
|
||||
$confirm = GETPOST('confirm', 'alpha');
|
||||
$rowid = GETPOST('rowid', 'int') ?GETPOST('rowid', 'int') : GETPOST('id', 'int');
|
||||
$typeid = GETPOST('typeid', 'int');
|
||||
|
|
@ -48,7 +48,7 @@ $typeid = GETPOST('typeid', 'int');
|
|||
// Load variable for pagination
|
||||
$limit = GETPOST('limit', 'int') ?GETPOST('limit', 'int') : $conf->liste_limit;
|
||||
$sortfield = GETPOST('sortfield', 'alpha');
|
||||
$sortorder = GETPOST('sortorder', 'alpha');
|
||||
$sortorder = GETPOST('sortorder', 'aZ09comma');
|
||||
$page = GETPOSTISSET('pageplusone') ? (GETPOST('pageplusone') - 1) : GETPOST("page", 'int');
|
||||
if (empty($page) || $page == -1) { $page = 0; } // If $page is not defined, or '' or -1
|
||||
$offset = $limit * $page;
|
||||
|
|
|
|||
|
|
@ -38,7 +38,7 @@ require_once DOL_DOCUMENT_ROOT.'/product/class/html.formproduct.class.php';
|
|||
$langs->load("members");
|
||||
|
||||
$rowid = GETPOST('rowid', 'int');
|
||||
$action = GETPOST('action', 'alpha');
|
||||
$action = GETPOST('action', 'aZ09');
|
||||
$cancel = GETPOST('cancel', 'alpha');
|
||||
$backtopage = GETPOST('backtopage', 'alpha');
|
||||
|
||||
|
|
@ -66,8 +66,8 @@ $subscription = GETPOST("subscription", "int");
|
|||
$duration_value = GETPOST('duration_value', 'int');
|
||||
$duration_unit = GETPOST('duration_unit', 'alpha');
|
||||
$vote = GETPOST("vote", "int");
|
||||
$comment = GETPOST("comment", 'none');
|
||||
$mail_valid = GETPOST("mail_valid", 'none');
|
||||
$comment = GETPOST("comment", 'restricthtml');
|
||||
$mail_valid = GETPOST("mail_valid", 'restricthtml');
|
||||
|
||||
// Security check
|
||||
$result = restrictedArea($user, 'adherent', $rowid, 'adherent_type');
|
||||
|
|
|
|||
|
|
@ -33,7 +33,7 @@ require_once DOL_DOCUMENT_ROOT.'/core/lib/ldap.lib.php';
|
|||
$langs->loadLangs(array("admin", "members", "ldap"));
|
||||
|
||||
$id = GETPOST('rowid', 'int');
|
||||
$action = GETPOST('action', 'alpha');
|
||||
$action = GETPOST('action', 'aZ09');
|
||||
|
||||
// Security check
|
||||
$result = restrictedArea($user, 'adherent', $id, 'adherent_type');
|
||||
|
|
|
|||
|
|
@ -35,7 +35,7 @@ require_once DOL_DOCUMENT_ROOT.'/core/class/html.formadmin.class.php';
|
|||
$langs->loadLangs(array('members', 'languages'));
|
||||
|
||||
$id = GETPOST('rowid', 'int');
|
||||
$action = GETPOST('action', 'alpha');
|
||||
$action = GETPOST('action', 'aZ09');
|
||||
$cancel = GETPOST('cancel', 'alpha');
|
||||
|
||||
// Security check
|
||||
|
|
|
|||
|
|
@ -62,7 +62,7 @@ if (($action == 'update' && !GETPOST("cancel", 'alpha'))
|
|||
dolibarr_set_const($db, "MAIN_INFO_ACCOUNTANT_MAIL", GETPOST("mail", 'alpha'), 'chaine', 0, '', $conf->entity);
|
||||
dolibarr_set_const($db, "MAIN_INFO_ACCOUNTANT_WEB", GETPOST("web", 'alpha'), 'chaine', 0, '', $conf->entity);
|
||||
dolibarr_set_const($db, "MAIN_INFO_ACCOUNTANT_CODE", GETPOST("code", 'nohtml'), 'chaine', 0, '', $conf->entity);
|
||||
dolibarr_set_const($db, "MAIN_INFO_ACCOUNTANT_NOTE", GETPOST("note", 'none'), 'chaine', 0, '', $conf->entity);
|
||||
dolibarr_set_const($db, "MAIN_INFO_ACCOUNTANT_NOTE", GETPOST("note", 'restricthtml'), 'chaine', 0, '', $conf->entity);
|
||||
|
||||
if ($action != 'updateedit' && !$error)
|
||||
{
|
||||
|
|
@ -164,7 +164,7 @@ print '<input name="code" id="code" class="minwidth100" value="'.($conf->global-
|
|||
|
||||
// Note
|
||||
print '<tr class="oddeven"><td class="tdtop"><label for="note">'.$langs->trans("Note").'</label></td><td>';
|
||||
print '<textarea class="flat quatrevingtpercent" name="note" id="note" rows="'.ROWS_5.'">'.(GETPOST('note', 'none') ? GETPOST('note', 'none') : $conf->global->MAIN_INFO_ACCOUNTANT_NOTE).'</textarea></td></tr>';
|
||||
print '<textarea class="flat quatrevingtpercent" name="note" id="note" rows="'.ROWS_5.'">'.(GETPOSTISSET('note') ? GETPOST('note', 'restricthtml') : $conf->global->MAIN_INFO_ACCOUNTANT_NOTE).'</textarea></td></tr>';
|
||||
print '</td></tr>';
|
||||
|
||||
print '</table>';
|
||||
|
|
|
|||
|
|
@ -34,7 +34,7 @@ if (!$user->admin)
|
|||
// Load translation files required by the page
|
||||
$langs->loadLangs(array('admin', 'other', 'agenda'));
|
||||
|
||||
$action = GETPOST('action', 'alpha');
|
||||
$action = GETPOST('action', 'aZ09');
|
||||
$cancel = GETPOST('cancel', 'alpha');
|
||||
|
||||
$search_event = GETPOST('search_event', 'alpha');
|
||||
|
|
|
|||
|
|
@ -45,7 +45,7 @@ $tmptype2label = ExtraFields::$type2label;
|
|||
$type2label = array('');
|
||||
foreach ($tmptype2label as $key => $val) $type2label[$key] = $langs->transnoentitiesnoconv($val);
|
||||
|
||||
$action = GETPOST('action', 'alpha');
|
||||
$action = GETPOST('action', 'aZ09');
|
||||
$attrname = GETPOST('attrname', 'alpha');
|
||||
$elementtype = 'actioncomm'; //Must be the $table_element of the class that manage extrafield
|
||||
|
||||
|
|
|
|||
|
|
@ -37,7 +37,7 @@ if (!$user->admin)
|
|||
// Load translation files required by the page
|
||||
$langs->loadLangs(array('admin', 'other', 'agenda', 'users'));
|
||||
|
||||
$action = GETPOST('action', 'alpha');
|
||||
$action = GETPOST('action', 'aZ09');
|
||||
$value = GETPOST('value', 'alpha');
|
||||
$param = GETPOST('param', 'alpha');
|
||||
$cancel = GETPOST('cancel', 'alpha');
|
||||
|
|
|
|||
|
|
@ -32,7 +32,7 @@ if (!$user->admin)
|
|||
// Load translation files required by the page
|
||||
$langs->loadLangs(array("admin", "other", "agenda"));
|
||||
|
||||
$action = GETPOST('action', 'alpha');
|
||||
$action = GETPOST('action', 'aZ09');
|
||||
$value = GETPOST('value', 'alpha');
|
||||
$param = GETPOST('param', 'alpha');
|
||||
$cancel = GETPOST('cancel', 'alpha');
|
||||
|
|
|
|||
|
|
@ -37,7 +37,7 @@ $langs->loadLangs(array("admin", "companies", "bills", "other", "banks"));
|
|||
if (!$user->admin)
|
||||
accessforbidden();
|
||||
|
||||
$action = GETPOST('action', 'alpha');
|
||||
$action = GETPOST('action', 'aZ09');
|
||||
$actionsave = GETPOST('save', 'alpha');
|
||||
$value = GETPOST('value', 'alpha');
|
||||
$label = GETPOST('label', 'alpha');
|
||||
|
|
|
|||
|
|
@ -41,7 +41,7 @@ $tmptype2label = ExtraFields::$type2label;
|
|||
$type2label = array('');
|
||||
foreach ($tmptype2label as $key => $val) $type2label[$key] = $langs->transnoentitiesnoconv($val);
|
||||
|
||||
$action = GETPOST('action', 'alpha');
|
||||
$action = GETPOST('action', 'aZ09');
|
||||
$attrname = GETPOST('attrname', 'alpha');
|
||||
$elementtype = 'bank_account'; //Must be the $element of the class that manage extrafield
|
||||
|
||||
|
|
|
|||
|
|
@ -33,7 +33,7 @@ $langs->load("admin");
|
|||
|
||||
if (!$user->admin) accessforbidden();
|
||||
|
||||
$action = GETPOST('action', 'alpha');
|
||||
$action = GETPOST('action', 'aZ09');
|
||||
|
||||
|
||||
/*
|
||||
|
|
|
|||
|
|
@ -32,7 +32,7 @@ $langs->loadLangs(array('admin', 'errors', 'mrp', 'other'));
|
|||
|
||||
if (!$user->admin) accessforbidden();
|
||||
|
||||
$action = GETPOST('action', 'alpha');
|
||||
$action = GETPOST('action', 'aZ09');
|
||||
$value = GETPOST('value', 'alpha');
|
||||
$label = GETPOST('label', 'alpha');
|
||||
$scandir = GETPOST('scan_dir', 'alpha');
|
||||
|
|
@ -151,7 +151,7 @@ elseif ($action == 'setdoc')
|
|||
}
|
||||
} elseif ($action == 'set_BOM_FREE_TEXT')
|
||||
{
|
||||
$freetext = GETPOST("BOM_FREE_TEXT", 'none'); // No alpha here, we want exact string
|
||||
$freetext = GETPOST("BOM_FREE_TEXT", 'restricthtml'); // No alpha here, we want exact string
|
||||
|
||||
$res = dolibarr_set_const($db, "BOM_FREE_TEXT", $freetext, 'chaine', 0, '', $conf->entity);
|
||||
|
||||
|
|
|
|||
|
|
@ -41,7 +41,7 @@ $tmptype2label = ExtraFields::$type2label;
|
|||
$type2label = array('');
|
||||
foreach ($tmptype2label as $key => $val) $type2label[$key] = $langs->transnoentitiesnoconv($val);
|
||||
|
||||
$action = GETPOST('action', 'alpha');
|
||||
$action = GETPOST('action', 'aZ09');
|
||||
$attrname = GETPOST('attrname', 'alpha');
|
||||
$elementtype = 'bom_bom';
|
||||
|
||||
|
|
|
|||
|
|
@ -34,7 +34,7 @@ $langs->loadLangs(array('admin', 'boxes', 'accountancy'));
|
|||
if (!$user->admin) accessforbidden();
|
||||
|
||||
$rowid = GETPOST('rowid', 'int');
|
||||
$action = GETPOST('action', 'alpha');
|
||||
$action = GETPOST('action', 'aZ09');
|
||||
|
||||
|
||||
// Define possible position of boxes
|
||||
|
|
|
|||
|
|
@ -37,7 +37,7 @@ $langs->loadLangs(array("admin", "companies", "bills", "other", "banks"));
|
|||
if (!$user->admin)
|
||||
accessforbidden();
|
||||
|
||||
$action = GETPOST('action', 'alpha');
|
||||
$action = GETPOST('action', 'aZ09');
|
||||
$value = GETPOST('value', 'alpha');
|
||||
|
||||
|
||||
|
|
@ -72,7 +72,7 @@ if ($action == 'setmod')
|
|||
|
||||
if ($action == 'set_BANK_CHEQUERECEIPT_FREE_TEXT')
|
||||
{
|
||||
$freetext = GETPOST('BANK_CHEQUERECEIPT_FREE_TEXT', 'none'); // No alpha here, we want exact string
|
||||
$freetext = GETPOST('BANK_CHEQUERECEIPT_FREE_TEXT', 'restricthtml'); // No alpha here, we want exact string
|
||||
|
||||
$res = dolibarr_set_const($db, "BANK_CHEQUERECEIPT_FREE_TEXT", $freetext, 'chaine', 0, '', $conf->entity);
|
||||
|
||||
|
|
|
|||
|
|
@ -41,7 +41,7 @@ $langs->loadLangs(array('admin', 'errors', 'orders', 'other'));
|
|||
|
||||
if (!$user->admin) accessforbidden();
|
||||
|
||||
$action = GETPOST('action', 'alpha');
|
||||
$action = GETPOST('action', 'aZ09');
|
||||
$value = GETPOST('value', 'alpha');
|
||||
$label = GETPOST('label', 'alpha');
|
||||
$scandir = GETPOST('scan_dir', 'alpha');
|
||||
|
|
@ -160,7 +160,7 @@ elseif ($action == 'setdoc')
|
|||
}
|
||||
} elseif ($action == 'set_ORDER_FREE_TEXT')
|
||||
{
|
||||
$freetext = GETPOST("ORDER_FREE_TEXT", 'none'); // No alpha here, we want exact string
|
||||
$freetext = GETPOST("ORDER_FREE_TEXT", 'restricthtml'); // No alpha here, we want exact string
|
||||
|
||||
$res = dolibarr_set_const($db, "ORDER_FREE_TEXT", $freetext, 'chaine', 0, '', $conf->entity);
|
||||
|
||||
|
|
|
|||
|
|
@ -50,7 +50,7 @@ $tmptype2label = ExtraFields::$type2label;
|
|||
$type2label = array('');
|
||||
foreach ($tmptype2label as $key => $val) $type2label[$key] = $langs->trans($val);
|
||||
|
||||
$action = GETPOST('action', 'alpha');
|
||||
$action = GETPOST('action', 'aZ09');
|
||||
$attrname = GETPOST('attrname', 'alpha');
|
||||
$elementtype = 'commande_fournisseur_dispatch'; //Must be the $table_element of the class that manage extrafield
|
||||
|
||||
|
|
|
|||
|
|
@ -100,7 +100,7 @@ if (($action == 'update' && !GETPOST("cancel", 'alpha'))
|
|||
dolibarr_set_const($db, "MAIN_INFO_SOCIETE_FAX", GETPOST("fax", 'alphanohtml'), 'chaine', 0, '', $conf->entity);
|
||||
dolibarr_set_const($db, "MAIN_INFO_SOCIETE_MAIL", GETPOST("mail", 'alphanohtml'), 'chaine', 0, '', $conf->entity);
|
||||
dolibarr_set_const($db, "MAIN_INFO_SOCIETE_WEB", GETPOST("web", 'alphanohtml'), 'chaine', 0, '', $conf->entity);
|
||||
dolibarr_set_const($db, "MAIN_INFO_SOCIETE_NOTE", GETPOST("note", 'none'), 'chaine', 0, '', $conf->entity);
|
||||
dolibarr_set_const($db, "MAIN_INFO_SOCIETE_NOTE", GETPOST("note", 'restricthtml'), 'chaine', 0, '', $conf->entity);
|
||||
dolibarr_set_const($db, "MAIN_INFO_SOCIETE_GENCOD", GETPOST("barcode", 'alphanohtml'), 'chaine', 0, '', $conf->entity);
|
||||
|
||||
$dirforimage = $conf->mycompany->dir_output.'/logos/';
|
||||
|
|
@ -524,7 +524,7 @@ print '</td></tr>';
|
|||
|
||||
// Note
|
||||
print '<tr class="oddeven"><td class="tdtop"><label for="note">'.$langs->trans("Note").'</label></td><td>';
|
||||
print '<textarea class="flat quatrevingtpercent" name="note" id="note" rows="'.ROWS_5.'">'.(GETPOST('note', 'none') ? GETPOST('note', 'none') : $conf->global->MAIN_INFO_SOCIETE_NOTE).'</textarea></td></tr>';
|
||||
print '<textarea class="flat quatrevingtpercent" name="note" id="note" rows="'.ROWS_5.'">'.(GETPOSTISSET('note') ? GETPOST('note', 'restricthtml') : $conf->global->MAIN_INFO_SOCIETE_NOTE).'</textarea></td></tr>';
|
||||
print '</td></tr>';
|
||||
|
||||
print '</table>';
|
||||
|
|
|
|||
|
|
@ -36,7 +36,7 @@ $langs->loadLangs(array('admin', 'compta', 'accountancy'));
|
|||
if (!$user->admin)
|
||||
accessforbidden();
|
||||
|
||||
$action = GETPOST('action', 'alpha');
|
||||
$action = GETPOST('action', 'aZ09');
|
||||
|
||||
// Other parameters ACCOUNTING_*
|
||||
$list = array(
|
||||
|
|
|
|||
|
|
@ -35,7 +35,7 @@ $langs->loadLangs(array('admin', 'sendings', 'deliveries'));
|
|||
if (!$user->admin)
|
||||
accessforbidden();
|
||||
|
||||
$action = GETPOST('action', 'alpha');
|
||||
$action = GETPOST('action', 'aZ09');
|
||||
|
||||
|
||||
/*
|
||||
|
|
|
|||
|
|
@ -35,19 +35,19 @@ if (!$user->admin)
|
|||
|
||||
$rowid = GETPOST('rowid', 'int');
|
||||
$entity = GETPOST('entity', 'int');
|
||||
$action = GETPOST('action', 'alpha');
|
||||
$action = GETPOST('action', 'aZ09');
|
||||
$update = GETPOST('update', 'alpha');
|
||||
$delete = GETPOST('delete', 'none'); // Do not use alpha here
|
||||
$debug = GETPOST('debug', 'int');
|
||||
$consts = GETPOST('const', 'array');
|
||||
$constname = GETPOST('constname', 'alphanohtml');
|
||||
$constvalue = GETPOST('constvalue', 'none'); // We shoul dbe able to send everything here
|
||||
$constvalue = GETPOST('constvalue', 'restricthtml'); // We should be able to send everything here
|
||||
$constnote = GETPOST('constnote', 'alpha');
|
||||
|
||||
// Load variable for pagination
|
||||
$limit = GETPOST('limit', 'int') ?GETPOST('limit', 'int') : $conf->liste_limit;
|
||||
$sortfield = GETPOST('sortfield', 'alpha');
|
||||
$sortorder = GETPOST('sortorder', 'alpha');
|
||||
$sortorder = GETPOST('sortorder', 'aZ09comma');
|
||||
$page = GETPOSTISSET('pageplusone') ? (GETPOST('pageplusone') - 1) : GETPOST("page", 'int');
|
||||
if (empty($page) || $page == -1 || GETPOST('button_search', 'alpha') || GETPOST('button_removefilter', 'alpha') || (empty($toselect) && $massaction === '0')) { $page = 0; } // If $page is not defined, or '' or -1 or if we click on clear filters or if we select empty mass action
|
||||
$offset = $limit * $page;
|
||||
|
|
|
|||
|
|
@ -33,7 +33,7 @@ $langs->loadLangs(array("admin", "errors", "contracts"));
|
|||
|
||||
if (!$user->admin) accessforbidden();
|
||||
|
||||
$action = GETPOST('action', 'alpha');
|
||||
$action = GETPOST('action', 'aZ09');
|
||||
$value = GETPOST('value', 'alpha');
|
||||
$label = GETPOST('label', 'alpha');
|
||||
$scandir = GETPOST('scan_dir', 'alpha');
|
||||
|
|
@ -143,7 +143,7 @@ elseif ($action == 'setdoc')
|
|||
dolibarr_set_const($db, "CONTRACT_ADDON", $value, 'chaine', 0, '', $conf->entity);
|
||||
} elseif ($action == 'set_other')
|
||||
{
|
||||
$freetext = GETPOST('CONTRACT_FREE_TEXT', 'none'); // No alpha here, we want exact string
|
||||
$freetext = GETPOST('CONTRACT_FREE_TEXT', 'restricthtml'); // No alpha here, we want exact string
|
||||
$res1 = dolibarr_set_const($db, "CONTRACT_FREE_TEXT", $freetext, 'chaine', 0, '', $conf->entity);
|
||||
|
||||
$draft = GETPOST('CONTRACT_DRAFT_WATERMARK', 'alpha');
|
||||
|
|
|
|||
|
|
@ -32,7 +32,7 @@ if (!$user->admin)
|
|||
accessforbidden();
|
||||
|
||||
// Parameters
|
||||
$action = GETPOST('action', 'alpha');
|
||||
$action = GETPOST('action', 'aZ09');
|
||||
$backtopage = GETPOST('backtopage', 'alpha');
|
||||
|
||||
|
||||
|
|
|
|||
|
|
@ -37,7 +37,7 @@ $langs->loadLangs(array('companies', 'products', 'admin', 'sms', 'other', 'error
|
|||
if (!$user->admin) accessforbidden();
|
||||
|
||||
$id = GETPOST('rowid', 'int');
|
||||
$action = GETPOST('action', 'alpha');
|
||||
$action = GETPOST('action', 'aZ09');
|
||||
$optioncss = GETPOST('optionscss', 'alphanohtml');
|
||||
|
||||
$mode = GETPOST('mode', 'aZ09') ?GETPOST('mode', 'aZ09') : 'createform'; // 'createform', 'filters', 'sortorder', 'focus'
|
||||
|
|
@ -61,7 +61,7 @@ $defaulturl = preg_replace('/^\//', '', $defaulturl);
|
|||
|
||||
$urlpage = GETPOST('urlpage', 'alphanohtml');
|
||||
$key = GETPOST('key', 'alphanohtml');
|
||||
$value = GETPOST('value', 'none');
|
||||
$value = GETPOST('value', 'restricthtml');
|
||||
|
||||
// Initialize technical object to manage hooks of page. Note that conf->hooks_modules contains array of hook context
|
||||
$hookmanager->initHooks(array('admindefaultvalues', 'globaladmin'));
|
||||
|
|
|
|||
|
|
@ -32,7 +32,7 @@ $langs->load("admin");
|
|||
|
||||
if (!$user->admin) accessforbidden();
|
||||
|
||||
$action = GETPOST('action', 'alpha');
|
||||
$action = GETPOST('action', 'aZ09');
|
||||
|
||||
$modules = array(
|
||||
'agenda' => array(
|
||||
|
|
|
|||
|
|
@ -148,7 +148,7 @@ if (GETPOST('addoperation', 'alpha'))
|
|||
{
|
||||
$emailcollectoroperation = new EmailCollectorAction($db);
|
||||
$emailcollectoroperation->type = GETPOST('operationtype', 'aZ09');
|
||||
$emailcollectoroperation->actionparam = GETPOST('operationparam', 'none');
|
||||
$emailcollectoroperation->actionparam = GETPOST('operationparam', 'restricthtml');
|
||||
$emailcollectoroperation->fk_emailcollector = $object->id;
|
||||
$emailcollectoroperation->status = 1;
|
||||
$emailcollectoroperation->position = 50;
|
||||
|
|
@ -168,7 +168,7 @@ if ($action == 'updateoperation')
|
|||
$emailcollectoroperation = new EmailCollectorAction($db);
|
||||
$emailcollectoroperation->fetch(GETPOST('rowidoperation2', 'int'));
|
||||
|
||||
$emailcollectoroperation->actionparam = GETPOST('operationparam2', 'none');
|
||||
$emailcollectoroperation->actionparam = GETPOST('operationparam2', 'restricthtml');
|
||||
|
||||
$result = $emailcollectoroperation->update($user);
|
||||
|
||||
|
|
|
|||
|
|
@ -52,7 +52,7 @@ $id = GETPOST('id', 'int');
|
|||
// Load variable for pagination
|
||||
$limit = GETPOST('limit', 'int') ?GETPOST('limit', 'int') : $conf->liste_limit;
|
||||
$sortfield = GETPOST('sortfield', 'alpha');
|
||||
$sortorder = GETPOST('sortorder', 'alpha');
|
||||
$sortorder = GETPOST('sortorder', 'aZ09comma');
|
||||
$page = GETPOSTISSET('pageplusone') ? (GETPOST('pageplusone') - 1) : GETPOST("page", 'int');
|
||||
if (empty($page) || $page == -1 || GETPOST('button_search', 'alpha') || GETPOST('button_removefilter', 'alpha') || (empty($toselect) && $massaction === '0')) { $page = 0; } // If $page is not defined, or '' or -1 or if we click on clear filters or if we select empty mass action
|
||||
$offset = $limit * $page;
|
||||
|
|
|
|||
|
|
@ -42,7 +42,7 @@ $optioncss = GETPOST('optioncss', 'aZ'); // Option for the css output (always ''
|
|||
// Load variable for pagination
|
||||
$limit = GETPOST('limit', 'int') ? GETPOST('limit', 'int') : $conf->liste_limit;
|
||||
$sortfield = GETPOST('sortfield', 'alpha');
|
||||
$sortorder = GETPOST('sortorder', 'alpha');
|
||||
$sortorder = GETPOST('sortorder', 'aZ09comma');
|
||||
$page = GETPOSTISSET('pageplusone') ? (GETPOST('pageplusone') - 1) : GETPOST("page", 'int');
|
||||
if (empty($page) || $page < 0 || GETPOST('button_search', 'alpha') || GETPOST('button_removefilter', 'alpha')) { $page = 0; } // If $page is not defined, or '' or -1 or if we click on clear filters
|
||||
$offset = $limit * $page;
|
||||
|
|
|
|||
|
|
@ -40,7 +40,7 @@ $langs->loadLangs(array("admin", "sendings", "deliveries", "other"));
|
|||
if (!$user->admin)
|
||||
accessforbidden();
|
||||
|
||||
$action = GETPOST('action', 'alpha');
|
||||
$action = GETPOST('action', 'aZ09');
|
||||
$value = GETPOST('value', 'alpha');
|
||||
$label = GETPOST('label', 'alpha');
|
||||
$scandir = GETPOST('scan_dir', 'alpha');
|
||||
|
|
@ -73,7 +73,7 @@ if ($action == 'updateMask')
|
|||
}
|
||||
} elseif ($action == 'set_param')
|
||||
{
|
||||
$freetext = GETPOST('SHIPPING_FREE_TEXT', 'none'); // No alpha here, we want exact string
|
||||
$freetext = GETPOST('SHIPPING_FREE_TEXT', 'restricthtml'); // No alpha here, we want exact string
|
||||
$res = dolibarr_set_const($db, "SHIPPING_FREE_TEXT", $freetext, 'chaine', 0, '', $conf->entity);
|
||||
if ($res <= 0)
|
||||
{
|
||||
|
|
|
|||
|
|
@ -47,7 +47,7 @@ $tmptype2label = ExtraFields::$type2label;
|
|||
$type2label = array('');
|
||||
foreach ($tmptype2label as $key => $val) $type2label[$key] = $langs->transnoentitiesnoconv($val);
|
||||
|
||||
$action = GETPOST('action', 'alpha');
|
||||
$action = GETPOST('action', 'aZ09');
|
||||
$attrname = GETPOST('attrname', 'alpha');
|
||||
$elementtype = 'expedition'; //Must be the $table_element of the class that manage extrafield
|
||||
|
||||
|
|
|
|||
|
|
@ -48,7 +48,7 @@ $tmptype2label = ExtraFields::$type2label;
|
|||
$type2label = array('');
|
||||
foreach ($tmptype2label as $key => $val) $type2label[$key] = $langs->transnoentitiesnoconv($val);
|
||||
|
||||
$action = GETPOST('action', 'alpha');
|
||||
$action = GETPOST('action', 'aZ09');
|
||||
$attrname = GETPOST('attrname', 'alpha');
|
||||
$elementtype = 'expeditiondet'; //Must be the $table_element of the class that manage extrafield
|
||||
|
||||
|
|
|
|||
|
|
@ -39,7 +39,7 @@ $langs->loadLangs(array('admin', 'errors', 'trips', 'other'));
|
|||
|
||||
if (!$user->admin) accessforbidden();
|
||||
|
||||
$action = GETPOST('action', 'alpha');
|
||||
$action = GETPOST('action', 'aZ09');
|
||||
$value = GETPOST('value', 'alpha');
|
||||
$label = GETPOST('label', 'alpha');
|
||||
$scandir = GETPOST('scan_dir', 'alpha');
|
||||
|
|
@ -152,7 +152,7 @@ elseif ($action == 'setdoc')
|
|||
{
|
||||
$db->begin();
|
||||
|
||||
$freetext = GETPOST('EXPENSEREPORT_FREE_TEXT', 'none'); // No alpha here, we want exact string
|
||||
$freetext = GETPOST('EXPENSEREPORT_FREE_TEXT', 'restricthtml'); // No alpha here, we want exact string
|
||||
$res1 = dolibarr_set_const($db, "EXPENSEREPORT_FREE_TEXT", $freetext, 'chaine', 0, '', $conf->entity);
|
||||
|
||||
$draft = GETPOST('EXPENSEREPORT_DRAFT_WATERMARK', 'alpha');
|
||||
|
|
|
|||
|
|
@ -44,7 +44,7 @@ $tmptype2label = ExtraFields::$type2label;
|
|||
$type2label = array('');
|
||||
foreach ($tmptype2label as $key => $val) $type2label[$key] = $langs->transnoentitiesnoconv($val);
|
||||
|
||||
$action = GETPOST('action', 'alpha');
|
||||
$action = GETPOST('action', 'aZ09');
|
||||
$attrname = GETPOST('attrname', 'alpha');
|
||||
$elementtype = 'expensereport'; //Must be the $table_element of the class that manage extrafield
|
||||
|
||||
|
|
|
|||
|
|
@ -37,7 +37,7 @@ if (!$user->admin) accessforbidden();
|
|||
|
||||
$error = 0;
|
||||
|
||||
$action = GETPOST('action', 'alpha');
|
||||
$action = GETPOST('action', 'aZ09');
|
||||
$id = GETPOST('id', 'int');
|
||||
$ikoffset = GETPOST('ikoffset', 'int');
|
||||
$coef = GETPOST('coef', 'int');
|
||||
|
|
|
|||
|
|
@ -40,7 +40,7 @@ if (!$user->admin) accessforbidden();
|
|||
$error = false;
|
||||
$message = false;
|
||||
|
||||
$action = GETPOST('action', 'alpha');
|
||||
$action = GETPOST('action', 'aZ09');
|
||||
$id = GETPOST('id', 'int');
|
||||
|
||||
$apply_to = GETPOST('apply_to');
|
||||
|
|
|
|||
|
|
@ -37,7 +37,7 @@ $langs->loadLangs(array('admin', 'exports', 'other'));
|
|||
if (!$user->admin)
|
||||
accessforbidden();
|
||||
|
||||
$action = GETPOST('action', 'alpha');
|
||||
$action = GETPOST('action', 'aZ09');
|
||||
|
||||
|
||||
/*
|
||||
|
|
|
|||
|
|
@ -38,7 +38,7 @@ $langs->loadLangs(array('admin', 'errors', 'other', 'bills'));
|
|||
|
||||
if (!$user->admin) accessforbidden();
|
||||
|
||||
$action = GETPOST('action', 'alpha');
|
||||
$action = GETPOST('action', 'aZ09');
|
||||
$value = GETPOST('value', 'alpha');
|
||||
$label = GETPOST('label', 'alpha');
|
||||
$scandir = GETPOST('scan_dir', 'alpha');
|
||||
|
|
@ -180,7 +180,7 @@ elseif ($action == 'setdoc')
|
|||
}
|
||||
} elseif ($action == 'set_INVOICE_FREE_TEXT')
|
||||
{
|
||||
$freetext = GETPOST('INVOICE_FREE_TEXT', 'none'); // No alpha here, we want exact string
|
||||
$freetext = GETPOST('INVOICE_FREE_TEXT', 'restricthtml'); // No alpha here, we want exact string
|
||||
|
||||
$res = dolibarr_set_const($db, "INVOICE_FREE_TEXT", $freetext, 'chaine', 0, '', $conf->entity);
|
||||
|
||||
|
|
|
|||
|
|
@ -38,7 +38,7 @@ $langs->loadLangs(array('admin', 'errors', 'other', 'bills'));
|
|||
|
||||
if (!$user->admin) accessforbidden();
|
||||
|
||||
$action = GETPOST('action', 'alpha');
|
||||
$action = GETPOST('action', 'aZ09');
|
||||
$value = GETPOST('value', 'alpha');
|
||||
$label = GETPOST('label', 'alpha');
|
||||
$scandir = GETPOST('scan_dir', 'alpha');
|
||||
|
|
|
|||
|
|
@ -32,7 +32,7 @@ require_once DOL_DOCUMENT_ROOT.'/core/class/doleditor.class.php';
|
|||
// Load translation files required by the page
|
||||
$langs->loadLangs(array('admin', 'fckeditor'));
|
||||
|
||||
$action = GETPOST('action', 'alpha');
|
||||
$action = GETPOST('action', 'aZ09');
|
||||
// Possible modes are:
|
||||
// dolibarr_details
|
||||
// dolibarr_notes
|
||||
|
|
|
|||
|
|
@ -39,7 +39,7 @@ $langs->loadLangs(array('admin', 'errors', 'interventions', 'other'));
|
|||
|
||||
if (!$user->admin) accessforbidden();
|
||||
|
||||
$action = GETPOST('action', 'alpha');
|
||||
$action = GETPOST('action', 'aZ09');
|
||||
$value = GETPOST('value', 'alpha');
|
||||
$label = GETPOST('label', 'alpha');
|
||||
$scandir = GETPOST('scan_dir', 'alpha');
|
||||
|
|
@ -144,7 +144,7 @@ elseif ($action == 'setdoc')
|
|||
dolibarr_set_const($db, "FICHEINTER_ADDON", $value, 'chaine', 0, '', $conf->entity);
|
||||
} elseif ($action == 'set_FICHINTER_FREE_TEXT')
|
||||
{
|
||||
$freetext = GETPOST('FICHINTER_FREE_TEXT', 'none'); // No alpha here, we want exact string
|
||||
$freetext = GETPOST('FICHINTER_FREE_TEXT', 'restricthtml'); // No alpha here, we want exact string
|
||||
$res = dolibarr_set_const($db, "FICHINTER_FREE_TEXT", $freetext, 'chaine', 0, '', $conf->entity);
|
||||
|
||||
if (!$res > 0) $error++;
|
||||
|
|
|
|||
|
|
@ -35,7 +35,7 @@ $langs->loadLangs(array("admin", "errors", "holiday"));
|
|||
|
||||
if (!$user->admin) accessforbidden();
|
||||
|
||||
$action = GETPOST('action', 'alpha');
|
||||
$action = GETPOST('action', 'aZ09');
|
||||
$value = GETPOST('value', 'alpha');
|
||||
$label = GETPOST('label', 'alpha');
|
||||
$scandir = GETPOST('scan_dir', 'alpha');
|
||||
|
|
@ -145,7 +145,7 @@ elseif ($action == 'setdoc')
|
|||
dolibarr_set_const($db, "HOLIDAY_ADDON", $value, 'chaine', 0, '', $conf->entity);
|
||||
} elseif ($action == 'set_other')
|
||||
{
|
||||
$freetext = GETPOST('HOLIDAY_FREE_TEXT', 'none'); // No alpha here, we want exact string
|
||||
$freetext = GETPOST('HOLIDAY_FREE_TEXT', 'restricthtml'); // No alpha here, we want exact string
|
||||
$res1 = dolibarr_set_const($db, "HOLIDAY_FREE_TEXT", $freetext, 'chaine', 0, '', $conf->entity);
|
||||
|
||||
$draft = GETPOST('HOLIDAY_DRAFT_WATERMARK', 'alpha');
|
||||
|
|
|
|||
|
|
@ -44,7 +44,7 @@ $tmptype2label = ExtraFields::$type2label;
|
|||
$type2label = array('');
|
||||
foreach ($tmptype2label as $key => $val) $type2label[$key] = $langs->transnoentitiesnoconv($val);
|
||||
|
||||
$action = GETPOST('action', 'alpha');
|
||||
$action = GETPOST('action', 'aZ09');
|
||||
$attrname = GETPOST('attrname', 'alpha');
|
||||
$elementtype = 'holiday'; //Must be the $table_element of the class that manage extrafield
|
||||
|
||||
|
|
|
|||
|
|
@ -164,8 +164,8 @@ if ($action == 'update')
|
|||
|
||||
dolibarr_set_const($db, "MAIN_FIRSTNAME_NAME_POSITION", GETPOST("MAIN_FIRSTNAME_NAME_POSITION", 'aZ09'), 'chaine', 0, '', $conf->entity);
|
||||
|
||||
dolibarr_set_const($db, "MAIN_MOTD", dol_htmlcleanlastbr(GETPOST("main_motd", 'none')), 'chaine', 0, '', $conf->entity);
|
||||
dolibarr_set_const($db, "MAIN_HOME", dol_htmlcleanlastbr(GETPOST("main_home", 'none')), 'chaine', 0, '', $conf->entity);
|
||||
dolibarr_set_const($db, "MAIN_MOTD", dol_htmlcleanlastbr(GETPOST("main_motd", 'restricthtml')), 'chaine', 0, '', $conf->entity);
|
||||
dolibarr_set_const($db, "MAIN_HOME", dol_htmlcleanlastbr(GETPOST("main_home", 'restricthtml')), 'chaine', 0, '', $conf->entity);
|
||||
//dolibarr_set_const($db, "MAIN_BUGTRACK_ENABLELINK", GETPOST('MAIN_BUGTRACK_ENABLELINK', 'aZ09'), 'chaine', 0, '', $conf->entity);
|
||||
//dolibarr_set_const($db, "MAIN_HELP_DISABLELINK", GETPOST("MAIN_HELP_DISABLELINK", 'aZ09'), 'chaine', 0, '', 0); // Param for all entities
|
||||
|
||||
|
|
|
|||
|
|
@ -38,7 +38,7 @@ $langs->loadLangs(array('admin', 'exports', 'other'));
|
|||
if (!$user->admin)
|
||||
accessforbidden();
|
||||
|
||||
$action = GETPOST('action', 'alpha');
|
||||
$action = GETPOST('action', 'aZ09');
|
||||
$value = GETPOST('value', 'alpha');
|
||||
|
||||
/*
|
||||
|
|
|
|||
|
|
@ -31,7 +31,7 @@ $langs->loadLangs(array('companies', 'products', 'admin'));
|
|||
|
||||
if (!$user->admin) accessforbidden();
|
||||
|
||||
$action = GETPOST('action', 'alpha');
|
||||
$action = GETPOST('action', 'aZ09');
|
||||
$currencycode = GETPOST('currencycode', 'alpha');
|
||||
|
||||
if (!empty($conf->multicurrency->enabled) && !empty($conf->global->MULTICURRENCY_USE_LIMIT_BY_CURRENCY)) {
|
||||
|
|
|
|||
|
|
@ -70,7 +70,7 @@ if ($action == 'updateMask')
|
|||
|
||||
if ($action == 'set_DELIVERY_FREE_TEXT')
|
||||
{
|
||||
$free = GETPOST('DELIVERY_FREE_TEXT', 'none'); // No alpha here, we want exact string
|
||||
$free = GETPOST('DELIVERY_FREE_TEXT', 'restricthtml'); // No alpha here, we want exact string
|
||||
$res = dolibarr_set_const($db, "DELIVERY_FREE_TEXT", $free, 'chaine', 0, '', $conf->entity);
|
||||
|
||||
if (!$res > 0) $error++;
|
||||
|
|
|
|||
|
|
@ -47,7 +47,7 @@ $tmptype2label = ExtraFields::$type2label;
|
|||
$type2label = array('');
|
||||
foreach ($tmptype2label as $key => $val) $type2label[$key] = $langs->transnoentitiesnoconv($val);
|
||||
|
||||
$action = GETPOST('action', 'alpha');
|
||||
$action = GETPOST('action', 'aZ09');
|
||||
$attrname = GETPOST('attrname', 'alpha');
|
||||
$elementtype = 'livraison'; //Must be the $table_element of the class that manage extrafield
|
||||
|
||||
|
|
|
|||
|
|
@ -48,7 +48,7 @@ $tmptype2label = ExtraFields::$type2label;
|
|||
$type2label = array('');
|
||||
foreach ($tmptype2label as $key => $val) $type2label[$key] = $langs->transnoentitiesnoconv($val);
|
||||
|
||||
$action = GETPOST('action', 'alpha');
|
||||
$action = GETPOST('action', 'aZ09');
|
||||
$attrname = GETPOST('attrname', 'alpha');
|
||||
$elementtype = 'livraisondet'; //Must be the $table_element of the class that manage extrafield
|
||||
|
||||
|
|
|
|||
|
|
@ -35,7 +35,7 @@ $langs->loadLangs(array('admin', 'loan'));
|
|||
if (!$user->admin)
|
||||
accessforbidden();
|
||||
|
||||
$action = GETPOST('action', 'alpha');
|
||||
$action = GETPOST('action', 'aZ09');
|
||||
|
||||
// Other parameters LOAN_*
|
||||
$list = array(
|
||||
|
|
|
|||
|
|
@ -32,7 +32,7 @@ $langs->loadLangs(array("admin", "mails"));
|
|||
|
||||
if (!$user->admin) accessforbidden();
|
||||
|
||||
$action = GETPOST('action', 'alpha');
|
||||
$action = GETPOST('action', 'aZ09');
|
||||
|
||||
|
||||
|
||||
|
|
|
|||
|
|
@ -30,7 +30,7 @@ require_once DOL_DOCUMENT_ROOT.'/core/lib/files.lib.php';
|
|||
// Load translation files required by the page
|
||||
$langs->loadLangs(array("companies", "products", "admin", "mails", "other", "errors"));
|
||||
|
||||
$action = GETPOST('action', 'alpha');
|
||||
$action = GETPOST('action', 'aZ09');
|
||||
|
||||
if (!$user->admin) accessforbidden();
|
||||
|
||||
|
|
|
|||
|
|
@ -30,7 +30,7 @@ require_once DOL_DOCUMENT_ROOT.'/core/lib/files.lib.php';
|
|||
// Load translation files required by the page
|
||||
$langs->loadLangs(array('companies', 'products', 'admin', 'mails', 'other', 'errors'));
|
||||
|
||||
$action = GETPOST('action', 'alpha');
|
||||
$action = GETPOST('action', 'aZ09');
|
||||
|
||||
if (!$user->admin) accessforbidden();
|
||||
|
||||
|
|
|
|||
|
|
@ -48,7 +48,7 @@ $rowid = GETPOST('rowid', 'alpha');
|
|||
// Load variable for pagination
|
||||
$limit = GETPOST('limit', 'int') ? GETPOST('limit', 'int') : $conf->liste_limit;
|
||||
$sortfield = GETPOST('sortfield', 'alpha');
|
||||
$sortorder = GETPOST('sortorder', 'alpha');
|
||||
$sortorder = GETPOST('sortorder', 'aZ09comma');
|
||||
$page = GETPOSTISSET('pageplusone') ? (GETPOST('pageplusone') - 1) : GETPOST("page", 'int');
|
||||
if (empty($page) || $page == -1 || GETPOST('button_search', 'alpha') || GETPOST('button_removefilter', 'alpha') || (empty($toselect) && $massaction === '0')) { $page = 0; } // If $page is not defined, or '' or -1 or if we click on clear filters or if we select empty mass action
|
||||
$offset = $limit * $page;
|
||||
|
|
|
|||
|
|
@ -284,7 +284,6 @@ if (empty($reshook))
|
|||
} else {
|
||||
$sql .= "'".$db->escape(GETPOST($keycode, 'nohtml'))."'";
|
||||
}
|
||||
|
||||
$i++;
|
||||
}
|
||||
$sql .= ", 1)";
|
||||
|
|
@ -341,6 +340,7 @@ if (empty($reshook))
|
|||
|
||||
$i++;
|
||||
}
|
||||
|
||||
$sql .= " WHERE ".$rowidcol." = '".$rowid."'";
|
||||
//print $sql;exit;
|
||||
dol_syslog("actionmodify", LOG_DEBUG);
|
||||
|
|
|
|||
|
|
@ -30,7 +30,7 @@ require_once DOL_DOCUMENT_ROOT.'/core/lib/files.lib.php';
|
|||
// Load translation files required by the page
|
||||
$langs->loadLangs(array('companies', 'products', 'admin', 'mails', 'other', 'errors'));
|
||||
|
||||
$action = GETPOST('action', 'alpha');
|
||||
$action = GETPOST('action', 'aZ09');
|
||||
|
||||
if (!$user->admin) accessforbidden();
|
||||
|
||||
|
|
|
|||
|
|
@ -31,7 +31,7 @@ require_once DOL_DOCUMENT_ROOT.'/core/class/menubase.class.php';
|
|||
// Load translation files required by the page
|
||||
$langs->loadLangs(array("other", "admin"));
|
||||
|
||||
$cancel = GETPOST('cancel', 'alpha'); // We click on a Cancel button
|
||||
$cancel = GETPOST('cancel', 'alphanohtml'); // We click on a Cancel button
|
||||
|
||||
if (!$user->admin) accessforbidden();
|
||||
|
||||
|
|
@ -69,9 +69,9 @@ if ($action == 'update')
|
|||
if (!$cancel)
|
||||
{
|
||||
$leftmenu = ''; $mainmenu = '';
|
||||
if (GETPOST('menuIdParent', 'alpha') && !is_numeric(GETPOST('menuIdParent', 'alpha')))
|
||||
if (GETPOST('menuIdParent', 'alphanohtml') && !is_numeric(GETPOST('menuIdParent', 'alphanohtml')))
|
||||
{
|
||||
$tmp = explode('&', GETPOST('menuIdParent', 'alpha'));
|
||||
$tmp = explode('&', GETPOST('menuIdParent', 'alphanohtml'));
|
||||
foreach ($tmp as $s)
|
||||
{
|
||||
if (preg_match('/fk_mainmenu=/', $s))
|
||||
|
|
@ -89,21 +89,21 @@ if ($action == 'update')
|
|||
$result = $menu->fetch(GETPOST('menuId', 'int'));
|
||||
if ($result > 0)
|
||||
{
|
||||
$menu->title = GETPOST('titre', 'alpha');
|
||||
$menu->title = GETPOST('titre', 'alphanohtml');
|
||||
$menu->leftmenu = GETPOST('leftmenu', 'aZ09');
|
||||
$menu->url = GETPOST('url', 'alpha');
|
||||
$menu->langs = GETPOST('langs', 'alpha');
|
||||
$menu->url = GETPOST('url', 'alphanohtml');
|
||||
$menu->langs = GETPOST('langs', 'alphanohtml');
|
||||
$menu->position = GETPOST('position', 'int');
|
||||
$menu->enabled = GETPOST('enabled', 'alpha');
|
||||
$menu->perms = GETPOST('perms', 'alpha');
|
||||
$menu->target = GETPOST('target', 'alpha');
|
||||
$menu->user = GETPOST('user', 'alpha');
|
||||
$menu->mainmenu = GETPOST('propertymainmenu', 'alpha');
|
||||
if (is_numeric(GETPOST('menuIdParent', 'alpha')))
|
||||
$menu->enabled = GETPOST('enabled', 'alphanohtml');
|
||||
$menu->perms = GETPOST('perms', 'alphanohtml');
|
||||
$menu->target = GETPOST('target', 'alphanohtml');
|
||||
$menu->user = GETPOST('user', 'alphanohtml');
|
||||
$menu->mainmenu = GETPOST('propertymainmenu', 'alphanohtml');
|
||||
if (is_numeric(GETPOST('menuIdParent', 'alphanohtml')))
|
||||
{
|
||||
$menu->fk_menu = GETPOST('menuIdParent', 'alpha');
|
||||
$menu->fk_menu = GETPOST('menuIdParent', 'alphanohtml');
|
||||
} else {
|
||||
if (GETPOST('type', 'alpha') == 'top') $menu->fk_menu = 0;
|
||||
if (GETPOST('type', 'alphanohtml') == 'top') $menu->fk_menu = 0;
|
||||
else $menu->fk_menu = -1;
|
||||
$menu->fk_mainmenu = $mainmenu;
|
||||
$menu->fk_leftmenu = $leftmenu;
|
||||
|
|
@ -138,9 +138,9 @@ if ($action == 'add')
|
|||
}
|
||||
|
||||
$leftmenu = ''; $mainmenu = '';
|
||||
if (GETPOST('menuId', 'alpha', 3) && !is_numeric(GETPOST('menuId', 'alpha', 3)))
|
||||
if (GETPOST('menuId', 'alphanohtml', 3) && !is_numeric(GETPOST('menuId', 'alphanohtml', 3)))
|
||||
{
|
||||
$tmp = explode('&', GETPOST('menuId', 'alpha', 3));
|
||||
$tmp = explode('&', GETPOST('menuId', 'alphanohtml', 3));
|
||||
foreach ($tmp as $s)
|
||||
{
|
||||
if (preg_match('/fk_mainmenu=/', $s))
|
||||
|
|
@ -198,21 +198,21 @@ if ($action == 'add')
|
|||
{
|
||||
$menu = new Menubase($db);
|
||||
$menu->menu_handler = preg_replace('/_menu$/', '', GETPOST('menu_handler', 'aZ09'));
|
||||
$menu->type = GETPOST('type', 'alpha');
|
||||
$menu->title = GETPOST('titre', 'alpha');
|
||||
$menu->url = GETPOST('url', 'alpha');
|
||||
$menu->langs = GETPOST('langs', 'alpha');
|
||||
$menu->type = GETPOST('type', 'alphanohtml');
|
||||
$menu->title = GETPOST('titre', 'alphanohtml');
|
||||
$menu->url = GETPOST('url', 'alphanohtml');
|
||||
$menu->langs = GETPOST('langs', 'alphanohtml');
|
||||
$menu->position = GETPOST('position', 'int');
|
||||
$menu->enabled = GETPOST('enabled', 'alpha');
|
||||
$menu->perms = GETPOST('perms', 'alpha');
|
||||
$menu->target = GETPOST('target', 'alpha');
|
||||
$menu->user = GETPOST('user', 'alpha');
|
||||
$menu->mainmenu = GETPOST('propertymainmenu', 'alpha');
|
||||
if (is_numeric(GETPOST('menuId', 'alpha', 3)))
|
||||
$menu->enabled = GETPOST('enabled', 'alphanohtml');
|
||||
$menu->perms = GETPOST('perms', 'alphanohtml');
|
||||
$menu->target = GETPOST('target', 'alphanohtml');
|
||||
$menu->user = GETPOST('user', 'alphanohtml');
|
||||
$menu->mainmenu = GETPOST('propertymainmenu', 'alphanohtml');
|
||||
if (is_numeric(GETPOST('menuId', 'alphanohtml', 3)))
|
||||
{
|
||||
$menu->fk_menu = GETPOST('menuId', 'alpha', 3);
|
||||
$menu->fk_menu = GETPOST('menuId', 'alphanohtml', 3);
|
||||
} else {
|
||||
if (GETPOST('type', 'alpha') == 'top') $menu->fk_menu = 0;
|
||||
if (GETPOST('type', 'alphanohtml') == 'top') $menu->fk_menu = 0;
|
||||
else $menu->fk_menu = -1;
|
||||
$menu->fk_mainmenu = $mainmenu;
|
||||
$menu->fk_leftmenu = $leftmenu;
|
||||
|
|
@ -353,7 +353,7 @@ if ($action == 'create')
|
|||
|
||||
// Mainmenu code
|
||||
print '<tr><td class="fieldrequired">'.$langs->trans('MainMenuCode').'</td>';
|
||||
print '<td><input type="text" class="minwidth300" id="propertymainmenu" name="propertymainmenu" value="'.(GETPOST("propertymainmenu", 'alpha') ?GETPOST("propertymainmenu", 'alpha') : '').'"></td>';
|
||||
print '<td><input type="text" class="minwidth300" id="propertymainmenu" name="propertymainmenu" value="'.(GETPOSTISSET("propertymainmenu") ? GETPOST("propertymainmenu", 'alphanohtml') : '').'"></td>';
|
||||
print '<td>';
|
||||
print $langs->trans("Example").': mytopmenukey';
|
||||
print '</td></tr>';
|
||||
|
|
@ -364,23 +364,23 @@ if ($action == 'create')
|
|||
{
|
||||
print '<td>'.$parent_rowid.'<input type="hidden" name="menuId" value="'.$parent_rowid.'"></td>';
|
||||
} else {
|
||||
print '<td><input type="text" class="minwidth300" id="menuId" name="menuId" value="'.(GETPOST("menuId", 'int') ?GETPOST("menuId", 'int') : '').'"></td>';
|
||||
print '<td><input type="text" class="minwidth300" id="menuId" name="menuId" value="'.(GETPOSTISSET("menuId") ? GETPOST("menuId", 'int') : '').'"></td>';
|
||||
}
|
||||
print '<td>'.$langs->trans('DetailMenuIdParent');
|
||||
print ', '.$langs->trans("Example").': fk_mainmenu=abc&fk_leftmenu=def';
|
||||
print '</td></tr>';
|
||||
|
||||
// Title
|
||||
print '<tr><td class="fieldrequired">'.$langs->trans('Title').'</td><td><input type="text" class="minwidth300" name="titre" value="'.dol_escape_htmltag(GETPOST("titre", 'alpha')).'"></td><td>'.$langs->trans('DetailTitre').'</td></tr>';
|
||||
print '<tr><td class="fieldrequired">'.$langs->trans('Title').'</td><td><input type="text" class="minwidth300" name="titre" value="'.dol_escape_htmltag(GETPOST("titre", 'alphanohtml')).'"></td><td>'.$langs->trans('DetailTitre').'</td></tr>';
|
||||
|
||||
// URL
|
||||
print '<tr><td class="fieldrequired">'.$langs->trans('URL').'</td><td><input type="text" class="minwidth500" name="url" value="'.GETPOST("url", 'alpha').'"></td><td>'.$langs->trans('DetailUrl').'</td></tr>';
|
||||
print '<tr><td class="fieldrequired">'.$langs->trans('URL').'</td><td><input type="text" class="minwidth500" name="url" value="'.GETPOST("url", 'alphanohtml').'"></td><td>'.$langs->trans('DetailUrl').'</td></tr>';
|
||||
|
||||
// Langs
|
||||
print '<tr><td>'.$langs->trans('LangFile').'</td><td><input type="text" class="minwidth300" name="langs" value="'.$parent_langs.'"></td><td>'.$langs->trans('DetailLangs').'</td></tr>';
|
||||
|
||||
// Position
|
||||
print '<tr><td>'.$langs->trans('Position').'</td><td><input type="text" class="width100" name="position" value="'.dol_escape_htmltag(isset($_POST["position"]) ? $_POST["position"] : 100).'"></td><td>'.$langs->trans('DetailPosition').'</td></tr>';
|
||||
print '<tr><td>'.$langs->trans('Position').'</td><td><input type="text" class="width100" name="position" value="'.dol_escape_htmltag(GETPOSTISSET("position") ? GETPOST("position", 'int') : 100).'"></td><td>'.$langs->trans('DetailPosition').'</td></tr>';
|
||||
|
||||
// Target
|
||||
print '<tr><td>'.$langs->trans('Target').'</td><td><select class="flat" name="target">';
|
||||
|
|
@ -389,10 +389,10 @@ if ($action == 'create')
|
|||
print '</select></td></td><td>'.$langs->trans('DetailTarget').'</td></tr>';
|
||||
|
||||
// Enabled
|
||||
print '<tr><td>'.$langs->trans('Enabled').'</td><td><input type="text" class="minwidth500" name="enabled" value="'.(GETPOSTISSET('enabled') ?GETPOST("enabled", 'alpha') : '1').'"></td><td>'.$langs->trans('DetailEnabled').'</td></tr>';
|
||||
print '<tr><td>'.$langs->trans('Enabled').'</td><td><input type="text" class="minwidth500" name="enabled" value="'.(GETPOSTISSET('enabled') ? GETPOST("enabled", 'alphanohtml') : '1').'"></td><td>'.$langs->trans('DetailEnabled').'</td></tr>';
|
||||
|
||||
// Perms
|
||||
print '<tr><td>'.$langs->trans('Rights').'</td><td><input type="text" class="minwidth500" name="perms" value="'.(GETPOSTISSET('perms') ?GETPOST('perms', 'alpha') : '1').'"></td><td>'.$langs->trans('DetailRight').'</td></tr>';
|
||||
print '<tr><td>'.$langs->trans('Rights').'</td><td><input type="text" class="minwidth500" name="perms" value="'.(GETPOSTISSET('perms') ? GETPOST('perms', 'alphanohtml') : '1').'"></td><td>'.$langs->trans('DetailRight').'</td></tr>';
|
||||
|
||||
print '</table>';
|
||||
|
||||
|
|
@ -454,7 +454,7 @@ if ($action == 'create')
|
|||
}
|
||||
else
|
||||
{*/
|
||||
print '<td><input type="text" class="minwidth300" id="propertymainmenu" name="propertymainmenu" value="'.(GETPOST("propertymainmenu", 'alpha') ?GETPOST("propertymainmenu", 'alpha') : $menu->mainmenu).'"></td>';
|
||||
print '<td><input type="text" class="minwidth300" id="propertymainmenu" name="propertymainmenu" value="'.(GETPOST("propertymainmenu", 'alphanohtml') ?GETPOST("propertymainmenu", 'alphanohtml') : $menu->mainmenu).'"></td>';
|
||||
//}
|
||||
print '<td>';
|
||||
print $langs->trans("Example").': mytopmenukey';
|
||||
|
|
|
|||
|
|
@ -42,7 +42,7 @@ foreach ($dirmenus as $dirmenu)
|
|||
$dirsmartphone[] = $dirmenu.'smartphone';
|
||||
}
|
||||
|
||||
$action = GETPOST('action', 'alpha');
|
||||
$action = GETPOST('action', 'aZ09');
|
||||
$confirm = GETPOST('confirm', 'alpha');
|
||||
|
||||
$menu_handler_top = $conf->global->MAIN_MENU_STANDARD;
|
||||
|
|
|
|||
|
|
@ -29,7 +29,7 @@ $langs->loadLangs(array("user", "other", "admin"));
|
|||
|
||||
if (!$user->admin) accessforbidden();
|
||||
|
||||
$action = GETPOST('action', 'alpha');
|
||||
$action = GETPOST('action', 'aZ09');
|
||||
|
||||
|
||||
/*
|
||||
|
|
|
|||
|
|
@ -34,7 +34,7 @@ require_once DOL_DOCUMENT_ROOT.'/core/lib/functions2.lib.php';
|
|||
$langs->loadLangs(array('errors', 'admin', 'modulebuilder'));
|
||||
|
||||
$mode = GETPOST('mode', 'alpha');
|
||||
$action = GETPOST('action', 'alpha');
|
||||
$action = GETPOST('action', 'aZ09');
|
||||
$id = GETPOST('id', 'int');
|
||||
if (empty($mode)) $mode = 'desc';
|
||||
|
||||
|
|
|
|||
|
|
@ -40,7 +40,7 @@ $langs->loadLangs(array("errors", "admin", "modulebuilder"));
|
|||
|
||||
$mode = GETPOSTISSET('mode') ? GETPOST('mode', 'alpha') : (empty($conf->global->MAIN_MODULE_SETUP_ON_LIST_BY_DEFAULT) ? 'commonkanban' : 'common');
|
||||
if (empty($mode)) $mode = 'common';
|
||||
$action = GETPOST('action', 'alpha');
|
||||
$action = GETPOST('action', 'aZ09');
|
||||
//var_dump($_POST);exit;
|
||||
$value = GETPOST('value', 'alpha');
|
||||
$page_y = GETPOST('page_y', 'int');
|
||||
|
|
|
|||
|
|
@ -33,7 +33,7 @@ $langs->loadLangs(array('admin', 'errors', 'mrp', 'other'));
|
|||
|
||||
if (!$user->admin) accessforbidden();
|
||||
|
||||
$action = GETPOST('action', 'alpha');
|
||||
$action = GETPOST('action', 'aZ09');
|
||||
$value = GETPOST('value', 'alpha');
|
||||
$label = GETPOST('label', 'alpha');
|
||||
$scandir = GETPOST('scan_dir', 'alpha');
|
||||
|
|
@ -152,7 +152,7 @@ elseif ($action == 'setdoc')
|
|||
}
|
||||
} elseif ($action == 'set_MRP_MO_FREE_TEXT')
|
||||
{
|
||||
$freetext = GETPOST("MRP_MO_FREE_TEXT", 'none'); // No alpha here, we want exact string
|
||||
$freetext = GETPOST("MRP_MO_FREE_TEXT", 'restricthtml'); // No alpha here, we want exact string
|
||||
|
||||
$res = dolibarr_set_const($db, "MRP_MO_FREE_TEXT", $freetext, 'chaine', 0, '', $conf->entity);
|
||||
|
||||
|
|
|
|||
|
|
@ -41,7 +41,7 @@ $tmptype2label = ExtraFields::$type2label;
|
|||
$type2label = array('');
|
||||
foreach ($tmptype2label as $key => $val) $type2label[$key] = $langs->transnoentitiesnoconv($val);
|
||||
|
||||
$action = GETPOST('action', 'alpha');
|
||||
$action = GETPOST('action', 'aZ09');
|
||||
$attrname = GETPOST('attrname', 'alpha');
|
||||
$elementtype = 'mrp_mo';
|
||||
|
||||
|
|
|
|||
|
|
@ -38,7 +38,7 @@ if (!$user->admin) {
|
|||
}
|
||||
|
||||
// Parameters
|
||||
$action = GETPOST('action', 'alpha');
|
||||
$action = GETPOST('action', 'aZ09');
|
||||
|
||||
|
||||
/*
|
||||
|
|
|
|||
|
|
@ -95,7 +95,7 @@ if ($action == 'setvalue' && $user->admin)
|
|||
{
|
||||
$db->begin();
|
||||
|
||||
$result = dolibarr_set_const($db, "NOTIFICATION_EMAIL_FROM", GETPOST("email_from", "none"), 'chaine', 0, '', $conf->entity);
|
||||
$result = dolibarr_set_const($db, "NOTIFICATION_EMAIL_FROM", GETPOST("email_from", "restricthtml"), 'chaine', 0, '', $conf->entity);
|
||||
if ($result < 0) $error++;
|
||||
|
||||
|
||||
|
|
|
|||
|
|
@ -40,7 +40,7 @@ $langs->loadLangs(array('admin', 'oauth'));
|
|||
if (!$user->admin)
|
||||
accessforbidden();
|
||||
|
||||
$action = GETPOST('action', 'alpha');
|
||||
$action = GETPOST('action', 'aZ09');
|
||||
|
||||
|
||||
/*
|
||||
|
|
|
|||
|
|
@ -34,7 +34,7 @@ $langs->loadLangs(array('admin', 'printing', 'oauth'));
|
|||
|
||||
if (!$user->admin) accessforbidden();
|
||||
|
||||
$action = GETPOST('action', 'alpha');
|
||||
$action = GETPOST('action', 'aZ09');
|
||||
$mode = GETPOST('mode', 'alpha');
|
||||
$value = GETPOST('value', 'alpha');
|
||||
$varname = GETPOST('varname', 'alpha');
|
||||
|
|
|
|||
|
|
@ -45,7 +45,7 @@ $tmptype2label = ExtraFields::$type2label;
|
|||
$type2label = array('');
|
||||
foreach ($tmptype2label as $key => $val) $type2label[$key] = $langs->transnoentitiesnoconv($val);
|
||||
|
||||
$action = GETPOST('action', 'alpha');
|
||||
$action = GETPOST('action', 'aZ09');
|
||||
$attrname = GETPOST('attrname', 'alpha');
|
||||
$elementtype = 'commande'; //Must be the $table_element of the class that manage extrafield
|
||||
|
||||
|
|
|
|||
|
|
@ -46,7 +46,7 @@ $tmptype2label = ExtraFields::$type2label;
|
|||
$type2label = array('');
|
||||
foreach ($tmptype2label as $key => $val) $type2label[$key] = $langs->transnoentitiesnoconv($val);
|
||||
|
||||
$action = GETPOST('action', 'alpha');
|
||||
$action = GETPOST('action', 'aZ09');
|
||||
$attrname = GETPOST('attrname', 'alpha');
|
||||
$elementtype = 'commandedet'; //Must be the $table_element of the class that manage extrafield
|
||||
|
||||
|
|
|
|||
|
|
@ -32,7 +32,7 @@ $langs->loadLangs(array("admin", "other", "errors", "bills"));
|
|||
|
||||
if (!$user->admin) accessforbidden();
|
||||
|
||||
$action = GETPOST('action', 'alpha');
|
||||
$action = GETPOST('action', 'aZ09');
|
||||
$value = GETPOST('value', 'alpha');
|
||||
$label = GETPOST('label', 'alpha');
|
||||
$scandir = GETPOST('scan_dir', 'alpha');
|
||||
|
|
@ -68,7 +68,7 @@ if ($action == 'setmod')
|
|||
|
||||
if ($action == 'setparams')
|
||||
{
|
||||
$freetext = GETPOST('FACTURE_PAYMENTS_ON_DIFFERENT_THIRDPARTIES_BILLS', 'none'); // No alpha here, we want exact string
|
||||
$freetext = GETPOST('FACTURE_PAYMENTS_ON_DIFFERENT_THIRDPARTIES_BILLS', 'restricthtml'); // No alpha here, we want exact string
|
||||
$res = dolibarr_set_const($db, "FACTURE_PAYMENTS_ON_DIFFERENT_THIRDPARTIES_BILLS", $freetext, 'chaine', 0, '', $conf->entity);
|
||||
if (!$res > 0) $error++;
|
||||
|
||||
|
|
|
|||
|
|
@ -36,7 +36,7 @@ $langs->loadLangs(array("admin", "withdrawals"));
|
|||
// Security check
|
||||
if (!$user->admin) accessforbidden();
|
||||
|
||||
$action = GETPOST('action', 'alpha');
|
||||
$action = GETPOST('action', 'aZ09');
|
||||
$type = 'paymentorder';
|
||||
|
||||
|
||||
|
|
|
|||
|
|
@ -37,7 +37,7 @@ $langs->loadLangs(array('admin', 'languages', 'other', 'companies', 'products',
|
|||
|
||||
if (!$user->admin) accessforbidden();
|
||||
|
||||
$action = GETPOST('action', 'alpha');
|
||||
$action = GETPOST('action', 'aZ09');
|
||||
$cancel = GETPOST('cancel', 'alpha');
|
||||
|
||||
|
||||
|
|
|
|||
|
|
@ -36,7 +36,7 @@ $langs->loadLangs(array("admin", "withdrawals"));
|
|||
// Security check
|
||||
if (!$user->admin) accessforbidden();
|
||||
|
||||
$action = GETPOST('action', 'alpha');
|
||||
$action = GETPOST('action', 'aZ09');
|
||||
$type = 'paymentorder';
|
||||
|
||||
|
||||
|
|
|
|||
|
|
@ -39,7 +39,7 @@ $langs->loadLangs(array("admin", "other", "errors", "propal"));
|
|||
|
||||
if (!$user->admin) accessforbidden();
|
||||
|
||||
$action = GETPOST('action', 'alpha');
|
||||
$action = GETPOST('action', 'aZ09');
|
||||
$value = GETPOST('value', 'alpha');
|
||||
$label = GETPOST('label', 'alpha');
|
||||
$scandir = GETPOST('scan_dir', 'alpha');
|
||||
|
|
@ -130,7 +130,7 @@ if ($action == 'updateMask') {
|
|||
setEventMessages($langs->trans("Error"), null, 'errors');
|
||||
}
|
||||
} elseif ($action == 'set_PROPOSAL_FREE_TEXT') {
|
||||
$freetext = GETPOST('PROPOSAL_FREE_TEXT', 'none'); // No alpha here, we want exact string
|
||||
$freetext = GETPOST('PROPOSAL_FREE_TEXT', 'restricthtml'); // No alpha here, we want exact string
|
||||
|
||||
$res = dolibarr_set_const($db, "PROPOSAL_FREE_TEXT", $freetext, 'chaine', 0, '', $conf->entity);
|
||||
|
||||
|
|
|
|||
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue
Block a user