Fix GETPOST on 'action'

2025-02-20 13:46:52 +01:00 · 2020-09-16 19:39:50 +02:00 · 2020-09-16 19:39:50 +02:00 · bfbb217607
commit bfbb217607
parent 47031cb656
358 changed files with 359 additions and 359 deletions
--- a/htdocs/accountancy/bookkeeping/listbyaccount.php
+++ b/htdocs/accountancy/bookkeeping/listbyaccount.php
@ -39,7 +39,7 @@ require_once DOL_DOCUMENT_ROOT.'/core/lib/date.lib.php';
 // Load translation files required by the page
 $langs->loadLangs(array("accountancy"));

-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $search_date_start = dol_mktime(0, 0, 0, GETPOST('search_date_startmonth', 'int'), GETPOST('search_date_startday', 'int'), GETPOST('search_date_startyear', 'int'));
 $search_date_end = dol_mktime(0, 0, 0, GETPOST('search_date_endmonth', 'int'), GETPOST('search_date_endday', 'int'), GETPOST('search_date_endyear', 'int'));
 $search_doc_date = dol_mktime(0, 0, 0, GETPOST('doc_datemonth', 'int'), GETPOST('doc_dateday', 'int'), GETPOST('doc_dateyear', 'int'));
--- a/htdocs/accountancy/customer/card.php
+++ b/htdocs/accountancy/customer/card.php
@ -30,7 +30,7 @@ require_once DOL_DOCUMENT_ROOT.'/core/class/html.formaccounting.class.php';
 // Load translation files required by the page
 $langs->loadLangs(array("bills", "accountancy"));

-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $cancel = GETPOST('cancel', 'alpha');
 $backtopage = GETPOST('backtopage', 'alpha');

--- a/htdocs/accountancy/customer/list.php
+++ b/htdocs/accountancy/customer/list.php
@ -40,7 +40,7 @@ require_once DOL_DOCUMENT_ROOT.'/core/lib/company.lib.php';
 // Load translation files required by the page
 $langs->loadLangs(array("bills", "companies", "compta", "accountancy", "other", "productbatch"));

-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $massaction = GETPOST('massaction', 'alpha');
 $show_files = GETPOST('show_files', 'int');
 $confirm = GETPOST('confirm', 'alpha');
--- a/htdocs/accountancy/expensereport/card.php
+++ b/htdocs/accountancy/expensereport/card.php
@ -34,7 +34,7 @@ require_once DOL_DOCUMENT_ROOT.'/core/class/html.formaccounting.class.php';
 // Load translation files required by the page
 $langs->loadLangs(array("bills", "accountancy", "trips"));

-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $cancel = GETPOST('cancel', 'alpha');
 $backtopage = GETPOST('backtopage', 'alpha');

--- a/htdocs/accountancy/expensereport/list.php
+++ b/htdocs/accountancy/expensereport/list.php
@ -38,7 +38,7 @@ require_once DOL_DOCUMENT_ROOT.'/core/lib/date.lib.php';
 // Load translation files required by the page
 $langs->loadLangs(array("bills", "companies", "compta", "accountancy", "other", "trips", "productbatch", "hrm"));

-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $massaction = GETPOST('massaction', 'alpha');
 $show_files = GETPOST('show_files', 'int');
 $confirm = GETPOST('confirm', 'alpha');
--- a/htdocs/accountancy/supplier/card.php
+++ b/htdocs/accountancy/supplier/card.php
@ -34,7 +34,7 @@ require_once DOL_DOCUMENT_ROOT.'/core/class/html.formaccounting.class.php';
 // Load translation files required by the page
 $langs->loadLangs(array("bills", "accountancy"));

-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $cancel = GETPOST('cancel', 'alpha');
 $backtopage = GETPOST('backtopage', 'alpha');

--- a/htdocs/accountancy/supplier/list.php
+++ b/htdocs/accountancy/supplier/list.php
@ -40,7 +40,7 @@ require_once DOL_DOCUMENT_ROOT.'/core/lib/company.lib.php';
 // Load translation files required by the page
 $langs->loadLangs(array("bills", "companies", "compta", "accountancy", "other", "productbatch"));

-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $massaction = GETPOST('massaction', 'alpha');
 $show_files = GETPOST('show_files', 'int');
 $confirm = GETPOST('confirm', 'alpha');
--- a/htdocs/adherents/admin/adherent.php
+++ b/htdocs/adherents/admin/adherent.php
@ -41,7 +41,7 @@ if (!$user->admin) accessforbidden();

 $type = array('yesno', 'texte', 'chaine');

-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');


 /*
--- a/htdocs/adherents/admin/adherent_emails.php
+++ b/htdocs/adherents/admin/adherent_emails.php
@ -41,7 +41,7 @@ if (!$user->admin) accessforbidden();

 $oldtypetonewone = array('texte'=>'text', 'chaine'=>'string'); // old type to new ones

-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');

 $error = 0;

--- a/htdocs/adherents/admin/adherent_extrafields.php
+++ b/htdocs/adherents/admin/adherent_extrafields.php
@ -39,7 +39,7 @@ $tmptype2label = ExtraFields::$type2label;
 $type2label = array('');
 foreach ($tmptype2label as $key => $val) $type2label[$key] = $langs->transnoentitiesnoconv($val);

-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $attrname = GETPOST('attrname', 'alpha');
 $elementtype = 'adherent'; //Must be the $table_element of the class that manage extrafield

--- a/htdocs/adherents/admin/adherent_type_extrafields.php
+++ b/htdocs/adherents/admin/adherent_type_extrafields.php
@ -42,7 +42,7 @@ $tmptype2label = ExtraFields::$type2label;
 $type2label = array('');
 foreach ($tmptype2label as $key => $val) $type2label[$key] = $langs->transnoentitiesnoconv($val);

-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $attrname = GETPOST('attrname', 'alpha');
 $elementtype = 'adherent_type'; //Must be the $table_element of the class that manage extrafield

--- a/htdocs/adherents/admin/website.php
+++ b/htdocs/adherents/admin/website.php
@ -33,7 +33,7 @@ require_once DOL_DOCUMENT_ROOT.'/adherents/class/adherent_type.class.php';
 // Load translation files required by the page
 $langs->loadLangs(array("admin", "members"));

-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');

 if (!$user->admin) accessforbidden();

--- a/htdocs/adherents/card.php
+++ b/htdocs/adherents/card.php
@ -45,7 +45,7 @@ require_once DOL_DOCUMENT_ROOT.'/core/class/html.formfile.class.php';
 // Load translation files required by the page
 $langs->loadLangs(array("companies", "bills", "members", "users", "other", "paypal"));

-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $cancel = GETPOST('cancel', 'alpha');
 $backtopage = GETPOST('backtopage', 'alpha');
 $confirm = GETPOST('confirm', 'alpha');
--- a/htdocs/adherents/document.php
+++ b/htdocs/adherents/document.php
@ -38,7 +38,7 @@ $langs->loadLangs(array("companies", "members", "other"));


 $id = GETPOST('id', 'int');
-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $confirm = GETPOST('confirm', 'alpha');

 // Security check
--- a/htdocs/adherents/note.php
+++ b/htdocs/adherents/note.php
@ -31,7 +31,7 @@ require_once DOL_DOCUMENT_ROOT.'/adherents/class/adherent_type.class.php';
 // Load translation files required by the page
 $langs->loadLangs(array("companies", "members", "bills"));

-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $id = GETPOST('id', 'int');

 // Security check
--- a/htdocs/adherents/subscription.php
+++ b/htdocs/adherents/subscription.php
@ -40,7 +40,7 @@ require_once DOL_DOCUMENT_ROOT.'/accountancy/class/accountingjournal.class.php';

 $langs->loadLangs(array("companies", "bills", "members", "users", "mails", 'other'));

-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $confirm = GETPOST('confirm', 'alpha');
 $rowid = GETPOST('rowid', 'int') ?GETPOST('rowid', 'int') : GETPOST('id', 'int');
 $typeid = GETPOST('typeid', 'int');
--- a/htdocs/adherents/type.php
+++ b/htdocs/adherents/type.php
@ -38,7 +38,7 @@ require_once DOL_DOCUMENT_ROOT.'/product/class/html.formproduct.class.php';
 $langs->load("members");

 $rowid  = GETPOST('rowid', 'int');
-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $cancel = GETPOST('cancel', 'alpha');
 $backtopage = GETPOST('backtopage', 'alpha');

--- a/htdocs/adherents/type_ldap.php
+++ b/htdocs/adherents/type_ldap.php
@ -33,7 +33,7 @@ require_once DOL_DOCUMENT_ROOT.'/core/lib/ldap.lib.php';
 $langs->loadLangs(array("admin", "members", "ldap"));

 $id = GETPOST('rowid', 'int');
-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');

 // Security check
 $result = restrictedArea($user, 'adherent', $id, 'adherent_type');
--- a/htdocs/adherents/type_translation.php
+++ b/htdocs/adherents/type_translation.php
@ -35,7 +35,7 @@ require_once DOL_DOCUMENT_ROOT.'/core/class/html.formadmin.class.php';
 $langs->loadLangs(array('members', 'languages'));

 $id = GETPOST('rowid', 'int');
-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $cancel = GETPOST('cancel', 'alpha');

 // Security check
--- a/htdocs/admin/agenda.php
+++ b/htdocs/admin/agenda.php
@ -34,7 +34,7 @@ if (!$user->admin)
 // Load translation files required by the page
 $langs->loadLangs(array('admin', 'other', 'agenda'));

-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $cancel = GETPOST('cancel', 'alpha');

 $search_event = GETPOST('search_event', 'alpha');
--- a/htdocs/admin/agenda_extrafields.php
+++ b/htdocs/admin/agenda_extrafields.php
@ -45,7 +45,7 @@ $tmptype2label = ExtraFields::$type2label;
 $type2label = array('');
 foreach ($tmptype2label as $key => $val) $type2label[$key] = $langs->transnoentitiesnoconv($val);

-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $attrname = GETPOST('attrname', 'alpha');
 $elementtype = 'actioncomm'; //Must be the $table_element of the class that manage extrafield

--- a/htdocs/admin/agenda_other.php
+++ b/htdocs/admin/agenda_other.php
@ -37,7 +37,7 @@ if (!$user->admin)
 // Load translation files required by the page
 $langs->loadLangs(array('admin', 'other', 'agenda', 'users'));

-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $value = GETPOST('value', 'alpha');
 $param = GETPOST('param', 'alpha');
 $cancel = GETPOST('cancel', 'alpha');
--- a/htdocs/admin/agenda_reminder.php
+++ b/htdocs/admin/agenda_reminder.php
@ -32,7 +32,7 @@ if (!$user->admin)
 // Load translation files required by the page
 $langs->loadLangs(array("admin", "other", "agenda"));

-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $value = GETPOST('value', 'alpha');
 $param = GETPOST('param', 'alpha');
 $cancel = GETPOST('cancel', 'alpha');
--- a/htdocs/admin/bank.php
+++ b/htdocs/admin/bank.php
@ -37,7 +37,7 @@ $langs->loadLangs(array("admin", "companies", "bills", "other", "banks"));
 if (!$user->admin)
 	accessforbidden();

-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $actionsave = GETPOST('save', 'alpha');
 $value = GETPOST('value', 'alpha');
 $label = GETPOST('label', 'alpha');
--- a/htdocs/admin/bank_extrafields.php
+++ b/htdocs/admin/bank_extrafields.php
@ -41,7 +41,7 @@ $tmptype2label = ExtraFields::$type2label;
 $type2label = array('');
 foreach ($tmptype2label as $key => $val) $type2label[$key] = $langs->transnoentitiesnoconv($val);

-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $attrname = GETPOST('attrname', 'alpha');
 $elementtype = 'bank_account'; //Must be the $element of the class that manage extrafield

--- a/htdocs/admin/barcode.php
+++ b/htdocs/admin/barcode.php
@ -33,7 +33,7 @@ $langs->load("admin");

 if (!$user->admin) accessforbidden();

-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');


 /*
--- a/htdocs/admin/bom.php
+++ b/htdocs/admin/bom.php
@ -32,7 +32,7 @@ $langs->loadLangs(array('admin', 'errors', 'mrp', 'other'));

 if (!$user->admin) accessforbidden();

-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $value = GETPOST('value', 'alpha');
 $label = GETPOST('label', 'alpha');
 $scandir = GETPOST('scan_dir', 'alpha');
--- a/htdocs/admin/bom_extrafields.php
+++ b/htdocs/admin/bom_extrafields.php
@ -41,7 +41,7 @@ $tmptype2label = ExtraFields::$type2label;
 $type2label = array('');
 foreach ($tmptype2label as $key => $val) $type2label[$key] = $langs->transnoentitiesnoconv($val);

-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $attrname = GETPOST('attrname', 'alpha');
 $elementtype = 'bom_bom';

--- a/htdocs/admin/boxes.php
+++ b/htdocs/admin/boxes.php
@ -34,7 +34,7 @@ $langs->loadLangs(array('admin', 'boxes', 'accountancy'));
 if (!$user->admin) accessforbidden();

 $rowid = GETPOST('rowid', 'int');
-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');


 // Define possible position of boxes
--- a/htdocs/admin/chequereceipts.php
+++ b/htdocs/admin/chequereceipts.php
@ -37,7 +37,7 @@ $langs->loadLangs(array("admin", "companies", "bills", "other", "banks"));
 if (!$user->admin)
  accessforbidden();

-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $value = GETPOST('value', 'alpha');


--- a/htdocs/admin/commande.php
+++ b/htdocs/admin/commande.php
@ -41,7 +41,7 @@ $langs->loadLangs(array('admin', 'errors', 'orders', 'other'));

 if (!$user->admin) accessforbidden();

-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $value = GETPOST('value', 'alpha');
 $label = GETPOST('label', 'alpha');
 $scandir = GETPOST('scan_dir', 'alpha');
--- a/htdocs/admin/commande_fournisseur_dispatch_extrafields.php
+++ b/htdocs/admin/commande_fournisseur_dispatch_extrafields.php
@ -50,7 +50,7 @@ $tmptype2label = ExtraFields::$type2label;
 $type2label = array('');
 foreach ($tmptype2label as $key => $val) $type2label[$key] = $langs->trans($val);

-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $attrname = GETPOST('attrname', 'alpha');
 $elementtype = 'commande_fournisseur_dispatch'; //Must be the $table_element of the class that manage extrafield

--- a/htdocs/admin/compta.php
+++ b/htdocs/admin/compta.php
@ -36,7 +36,7 @@ $langs->loadLangs(array('admin', 'compta', 'accountancy'));
 if (!$user->admin)
 accessforbidden();

-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');

 // Other parameters ACCOUNTING_*
 $list = array(
--- a/htdocs/admin/confexped.php
+++ b/htdocs/admin/confexped.php
@ -35,7 +35,7 @@ $langs->loadLangs(array('admin', 'sendings', 'deliveries'));
 if (!$user->admin)
  accessforbidden();

-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');


 /*
--- a/htdocs/admin/const.php
+++ b/htdocs/admin/const.php
@ -35,7 +35,7 @@ if (!$user->admin)

 $rowid = GETPOST('rowid', 'int');
 $entity = GETPOST('entity', 'int');
-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $update = GETPOST('update', 'alpha');
 $delete = GETPOST('delete', 'none'); // Do not use alpha here
 $debug = GETPOST('debug', 'int');
--- a/htdocs/admin/contract.php
+++ b/htdocs/admin/contract.php
@ -33,7 +33,7 @@ $langs->loadLangs(array("admin", "errors", "contracts"));

 if (!$user->admin) accessforbidden();

-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $value = GETPOST('value', 'alpha');
 $label = GETPOST('label', 'alpha');
 $scandir = GETPOST('scan_dir', 'alpha');
--- a/htdocs/admin/dav.php
+++ b/htdocs/admin/dav.php
@ -32,7 +32,7 @@ if (!$user->admin)
    accessforbidden();

 // Parameters
-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $backtopage = GETPOST('backtopage', 'alpha');


--- a/htdocs/admin/defaultvalues.php
+++ b/htdocs/admin/defaultvalues.php
@ -37,7 +37,7 @@ $langs->loadLangs(array('companies', 'products', 'admin', 'sms', 'other', 'error
 if (!$user->admin) accessforbidden();

 $id = GETPOST('rowid', 'int');
-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $optioncss = GETPOST('optionscss', 'alphanohtml');

 $mode = GETPOST('mode', 'aZ09') ?GETPOST('mode', 'aZ09') : 'createform'; // 'createform', 'filters', 'sortorder', 'focus'
--- a/htdocs/admin/delais.php
+++ b/htdocs/admin/delais.php
@ -32,7 +32,7 @@ $langs->load("admin");

 if (!$user->admin) accessforbidden();

-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');

 $modules = array(
 		'agenda' => array(
--- a/htdocs/admin/expedition.php
+++ b/htdocs/admin/expedition.php
@ -40,7 +40,7 @@ $langs->loadLangs(array("admin", "sendings", "deliveries", "other"));
 if (!$user->admin)
 	accessforbidden();

-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $value = GETPOST('value', 'alpha');
 $label = GETPOST('label', 'alpha');
 $scandir = GETPOST('scan_dir', 'alpha');
--- a/htdocs/admin/expedition_extrafields.php
+++ b/htdocs/admin/expedition_extrafields.php
@ -47,7 +47,7 @@ $tmptype2label = ExtraFields::$type2label;
 $type2label = array('');
 foreach ($tmptype2label as $key => $val) $type2label[$key] = $langs->transnoentitiesnoconv($val);

-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $attrname = GETPOST('attrname', 'alpha');
 $elementtype = 'expedition'; //Must be the $table_element of the class that manage extrafield

--- a/htdocs/admin/expeditiondet_extrafields.php
+++ b/htdocs/admin/expeditiondet_extrafields.php
@ -48,7 +48,7 @@ $tmptype2label = ExtraFields::$type2label;
 $type2label = array('');
 foreach ($tmptype2label as $key => $val) $type2label[$key] = $langs->transnoentitiesnoconv($val);

-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $attrname = GETPOST('attrname', 'alpha');
 $elementtype = 'expeditiondet'; //Must be the $table_element of the class that manage extrafield

--- a/htdocs/admin/expensereport.php
+++ b/htdocs/admin/expensereport.php
@ -39,7 +39,7 @@ $langs->loadLangs(array('admin', 'errors', 'trips', 'other'));

 if (!$user->admin) accessforbidden();

-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $value = GETPOST('value', 'alpha');
 $label = GETPOST('label', 'alpha');
 $scandir = GETPOST('scan_dir', 'alpha');
--- a/htdocs/admin/expensereport_extrafields.php
+++ b/htdocs/admin/expensereport_extrafields.php
@ -44,7 +44,7 @@ $tmptype2label = ExtraFields::$type2label;
 $type2label = array('');
 foreach ($tmptype2label as $key => $val) $type2label[$key] = $langs->transnoentitiesnoconv($val);

-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $attrname = GETPOST('attrname', 'alpha');
 $elementtype = 'expensereport'; //Must be the $table_element of the class that manage extrafield

--- a/htdocs/admin/expensereport_ik.php
+++ b/htdocs/admin/expensereport_ik.php
@ -37,7 +37,7 @@ if (!$user->admin) accessforbidden();

 $error = 0;

-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $id = GETPOST('id', 'int');
 $ikoffset = GETPOST('ikoffset', 'int');
 $coef = GETPOST('coef', 'int');
--- a/htdocs/admin/expensereport_rules.php
+++ b/htdocs/admin/expensereport_rules.php
@ -40,7 +40,7 @@ if (!$user->admin) accessforbidden();
 $error = false;
 $message = false;

-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $id = GETPOST('id', 'int');

 $apply_to = GETPOST('apply_to');
--- a/htdocs/admin/export.php
+++ b/htdocs/admin/export.php
@ -37,7 +37,7 @@ $langs->loadLangs(array('admin', 'exports', 'other'));
 if (!$user->admin)
 	accessforbidden();

-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');


 /*
--- a/htdocs/admin/facture.php
+++ b/htdocs/admin/facture.php
@ -38,7 +38,7 @@ $langs->loadLangs(array('admin', 'errors', 'other', 'bills'));

 if (!$user->admin) accessforbidden();

-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $value = GETPOST('value', 'alpha');
 $label = GETPOST('label', 'alpha');
 $scandir = GETPOST('scan_dir', 'alpha');
--- a/htdocs/admin/facture_situation.php
+++ b/htdocs/admin/facture_situation.php
@ -38,7 +38,7 @@ $langs->loadLangs(array('admin', 'errors', 'other', 'bills'));

 if (!$user->admin) accessforbidden();

-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $value = GETPOST('value', 'alpha');
 $label = GETPOST('label', 'alpha');
 $scandir = GETPOST('scan_dir', 'alpha');
--- a/htdocs/admin/fckeditor.php
+++ b/htdocs/admin/fckeditor.php
@ -32,7 +32,7 @@ require_once DOL_DOCUMENT_ROOT.'/core/class/doleditor.class.php';
 // Load translation files required by the page
 $langs->loadLangs(array('admin', 'fckeditor'));

-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 // Possible modes are:
 // dolibarr_details
 // dolibarr_notes
--- a/htdocs/admin/fichinter.php
+++ b/htdocs/admin/fichinter.php
@ -39,7 +39,7 @@ $langs->loadLangs(array('admin', 'errors', 'interventions', 'other'));

 if (!$user->admin) accessforbidden();

-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $value = GETPOST('value', 'alpha');
 $label = GETPOST('label', 'alpha');
 $scandir = GETPOST('scan_dir', 'alpha');
--- a/htdocs/admin/holiday.php
+++ b/htdocs/admin/holiday.php
@ -35,7 +35,7 @@ $langs->loadLangs(array("admin", "errors", "holiday"));

 if (!$user->admin) accessforbidden();

-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $value = GETPOST('value', 'alpha');
 $label = GETPOST('label', 'alpha');
 $scandir = GETPOST('scan_dir', 'alpha');
--- a/htdocs/admin/holiday_extrafields.php
+++ b/htdocs/admin/holiday_extrafields.php
@ -44,7 +44,7 @@ $tmptype2label = ExtraFields::$type2label;
 $type2label = array('');
 foreach ($tmptype2label as $key => $val) $type2label[$key] = $langs->transnoentitiesnoconv($val);

-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $attrname = GETPOST('attrname', 'alpha');
 $elementtype = 'holiday'; //Must be the $table_element of the class that manage extrafield

--- a/htdocs/admin/import.php
+++ b/htdocs/admin/import.php
@ -38,7 +38,7 @@ $langs->loadLangs(array('admin', 'exports', 'other'));
 if (!$user->admin)
 	accessforbidden();

-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $value = GETPOST('value', 'alpha');

 /*
--- a/htdocs/admin/limits.php
+++ b/htdocs/admin/limits.php
@ -31,7 +31,7 @@ $langs->loadLangs(array('companies', 'products', 'admin'));

 if (!$user->admin) accessforbidden();

-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $currencycode = GETPOST('currencycode', 'alpha');

 if (!empty($conf->multicurrency->enabled) && !empty($conf->global->MULTICURRENCY_USE_LIMIT_BY_CURRENCY)) {
--- a/htdocs/admin/livraison_extrafields.php
+++ b/htdocs/admin/livraison_extrafields.php
@ -47,7 +47,7 @@ $tmptype2label = ExtraFields::$type2label;
 $type2label = array('');
 foreach ($tmptype2label as $key => $val) $type2label[$key] = $langs->transnoentitiesnoconv($val);

-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $attrname = GETPOST('attrname', 'alpha');
 $elementtype = 'livraison'; //Must be the $table_element of the class that manage extrafield

--- a/htdocs/admin/livraisondet_extrafields.php
+++ b/htdocs/admin/livraisondet_extrafields.php
@ -48,7 +48,7 @@ $tmptype2label = ExtraFields::$type2label;
 $type2label = array('');
 foreach ($tmptype2label as $key => $val) $type2label[$key] = $langs->transnoentitiesnoconv($val);

-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $attrname = GETPOST('attrname', 'alpha');
 $elementtype = 'livraisondet'; //Must be the $table_element of the class that manage extrafield

--- a/htdocs/admin/loan.php
+++ b/htdocs/admin/loan.php
@ -35,7 +35,7 @@ $langs->loadLangs(array('admin', 'loan'));
 if (!$user->admin)
    accessforbidden();

-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');

 // Other parameters LOAN_*
 $list = array(
--- a/htdocs/admin/mailing.php
+++ b/htdocs/admin/mailing.php
@ -32,7 +32,7 @@ $langs->loadLangs(array("admin", "mails"));

 if (!$user->admin) accessforbidden();

-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');



--- a/htdocs/admin/mails.php
+++ b/htdocs/admin/mails.php
@ -30,7 +30,7 @@ require_once DOL_DOCUMENT_ROOT.'/core/lib/files.lib.php';
 // Load translation files required by the page
 $langs->loadLangs(array("companies", "products", "admin", "mails", "other", "errors"));

-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');

 if (!$user->admin) accessforbidden();

--- a/htdocs/admin/mails_emailing.php
+++ b/htdocs/admin/mails_emailing.php
@ -30,7 +30,7 @@ require_once DOL_DOCUMENT_ROOT.'/core/lib/files.lib.php';
 // Load translation files required by the page
 $langs->loadLangs(array('companies', 'products', 'admin', 'mails', 'other', 'errors'));

-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');

 if (!$user->admin) accessforbidden();

--- a/htdocs/admin/mails_ticket.php
+++ b/htdocs/admin/mails_ticket.php
@ -30,7 +30,7 @@ require_once DOL_DOCUMENT_ROOT.'/core/lib/files.lib.php';
 // Load translation files required by the page
 $langs->loadLangs(array('companies', 'products', 'admin', 'mails', 'other', 'errors'));

-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');

 if (!$user->admin) accessforbidden();

--- a/htdocs/admin/menus/index.php
+++ b/htdocs/admin/menus/index.php
@ -42,7 +42,7 @@ foreach ($dirmenus as $dirmenu)
    $dirsmartphone[] = $dirmenu.'smartphone';
 }

-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $confirm = GETPOST('confirm', 'alpha');

 $menu_handler_top = $conf->global->MAIN_MENU_STANDARD;
--- a/htdocs/admin/menus/other.php
+++ b/htdocs/admin/menus/other.php
@ -29,7 +29,7 @@ $langs->loadLangs(array("user", "other", "admin"));

 if (!$user->admin) accessforbidden();

-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');


 /*
--- a/htdocs/admin/modulehelp.php
+++ b/htdocs/admin/modulehelp.php
@ -34,7 +34,7 @@ require_once DOL_DOCUMENT_ROOT.'/core/lib/functions2.lib.php';
 $langs->loadLangs(array('errors', 'admin', 'modulebuilder'));

 $mode = GETPOST('mode', 'alpha');
-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $id = GETPOST('id', 'int');
 if (empty($mode)) $mode = 'desc';

--- a/htdocs/admin/modules.php
+++ b/htdocs/admin/modules.php
@ -40,7 +40,7 @@ $langs->loadLangs(array("errors", "admin", "modulebuilder"));

 $mode = GETPOSTISSET('mode') ? GETPOST('mode', 'alpha') : (empty($conf->global->MAIN_MODULE_SETUP_ON_LIST_BY_DEFAULT) ? 'commonkanban' : 'common');
 if (empty($mode)) $mode = 'common';
-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 //var_dump($_POST);exit;
 $value = GETPOST('value', 'alpha');
 $page_y = GETPOST('page_y', 'int');
--- a/htdocs/admin/mrp.php
+++ b/htdocs/admin/mrp.php
@ -33,7 +33,7 @@ $langs->loadLangs(array('admin', 'errors', 'mrp', 'other'));

 if (!$user->admin) accessforbidden();

-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $value = GETPOST('value', 'alpha');
 $label = GETPOST('label', 'alpha');
 $scandir = GETPOST('scan_dir', 'alpha');
--- a/htdocs/admin/mrp_extrafields.php
+++ b/htdocs/admin/mrp_extrafields.php
@ -41,7 +41,7 @@ $tmptype2label = ExtraFields::$type2label;
 $type2label = array('');
 foreach ($tmptype2label as $key => $val) $type2label[$key] = $langs->transnoentitiesnoconv($val);

-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $attrname = GETPOST('attrname', 'alpha');
 $elementtype = 'mrp_mo';

--- a/htdocs/admin/multicurrency.php
+++ b/htdocs/admin/multicurrency.php
@ -38,7 +38,7 @@ if (!$user->admin) {
 }

 // Parameters
-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');


 /*
--- a/htdocs/admin/oauth.php
+++ b/htdocs/admin/oauth.php
@ -40,7 +40,7 @@ $langs->loadLangs(array('admin', 'oauth'));
 if (!$user->admin)
    accessforbidden();

-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');


 /*
--- a/htdocs/admin/oauthlogintokens.php
+++ b/htdocs/admin/oauthlogintokens.php
@ -34,7 +34,7 @@ $langs->loadLangs(array('admin', 'printing', 'oauth'));

 if (!$user->admin) accessforbidden();

-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $mode = GETPOST('mode', 'alpha');
 $value = GETPOST('value', 'alpha');
 $varname = GETPOST('varname', 'alpha');
--- a/htdocs/admin/order_extrafields.php
+++ b/htdocs/admin/order_extrafields.php
@ -45,7 +45,7 @@ $tmptype2label = ExtraFields::$type2label;
 $type2label = array('');
 foreach ($tmptype2label as $key => $val) $type2label[$key] = $langs->transnoentitiesnoconv($val);

-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $attrname = GETPOST('attrname', 'alpha');
 $elementtype = 'commande'; //Must be the $table_element of the class that manage extrafield

--- a/htdocs/admin/orderdet_extrafields.php
+++ b/htdocs/admin/orderdet_extrafields.php
@ -46,7 +46,7 @@ $tmptype2label = ExtraFields::$type2label;
 $type2label = array('');
 foreach ($tmptype2label as $key => $val) $type2label[$key] = $langs->transnoentitiesnoconv($val);

-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $attrname = GETPOST('attrname', 'alpha');
 $elementtype = 'commandedet'; //Must be the $table_element of the class that manage extrafield

--- a/htdocs/admin/payment.php
+++ b/htdocs/admin/payment.php
@ -32,7 +32,7 @@ $langs->loadLangs(array("admin", "other", "errors", "bills"));

 if (!$user->admin) accessforbidden();

-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $value = GETPOST('value', 'alpha');
 $label = GETPOST('label', 'alpha');
 $scandir = GETPOST('scan_dir', 'alpha');
--- a/htdocs/admin/paymentbybanktransfer.php
+++ b/htdocs/admin/paymentbybanktransfer.php
@ -36,7 +36,7 @@ $langs->loadLangs(array("admin", "withdrawals"));
 // Security check
 if (!$user->admin) accessforbidden();

-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $type = 'paymentorder';


--- a/htdocs/admin/pdf.php
+++ b/htdocs/admin/pdf.php
@ -37,7 +37,7 @@ $langs->loadLangs(array('admin', 'languages', 'other', 'companies', 'products',

 if (!$user->admin) accessforbidden();

-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $cancel = GETPOST('cancel', 'alpha');


--- a/htdocs/admin/prelevement.php
+++ b/htdocs/admin/prelevement.php
@ -36,7 +36,7 @@ $langs->loadLangs(array("admin", "withdrawals"));
 // Security check
 if (!$user->admin) accessforbidden();

-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $type = 'paymentorder';


--- a/htdocs/admin/propal.php
+++ b/htdocs/admin/propal.php
@ -39,7 +39,7 @@ $langs->loadLangs(array("admin", "other", "errors", "propal"));

 if (!$user->admin) accessforbidden();

-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $value = GETPOST('value', 'alpha');
 $label = GETPOST('label', 'alpha');
 $scandir = GETPOST('scan_dir', 'alpha');
--- a/htdocs/admin/receiptprinter.php
+++ b/htdocs/admin/receiptprinter.php
@ -36,7 +36,7 @@ $langs->loadLangs(array("admin", "receiptprinter"));

 if (!$user->admin) accessforbidden();

-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $mode = GETPOST('mode', 'alpha');

 $printername = GETPOST('printername', 'alpha');
--- a/htdocs/admin/reception_extrafields.php
+++ b/htdocs/admin/reception_extrafields.php
@ -50,7 +50,7 @@ $tmptype2label = ExtraFields::$type2label;
 $type2label = array('');
 foreach ($tmptype2label as $key => $val) $type2label[$key] = $langs->trans($val);

-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $attrname = GETPOST('attrname', 'alpha');
 $elementtype = 'reception'; //Must be the $table_element of the class that manage extrafield

--- a/htdocs/admin/reception_setup.php
+++ b/htdocs/admin/reception_setup.php
@ -32,7 +32,7 @@ $langs->loadLangs(array("admin", "receptions", 'other'));

 if (!$user->admin) accessforbidden();

-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $value = GETPOST('value', 'alpha');
 $label = GETPOST('label', 'alpha');
 $scandir = GETPOST('scan_dir', 'alpha');
--- a/htdocs/admin/resource.php
+++ b/htdocs/admin/resource.php
@ -37,7 +37,7 @@ $langs->loadLangs(array("admin", "resource"));
 if (!$user->admin)
 	accessforbidden();

-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');


 /*
--- a/htdocs/admin/resource_extrafields.php
+++ b/htdocs/admin/resource_extrafields.php
@ -44,7 +44,7 @@ $tmptype2label = ExtraFields::$type2label;
 $type2label = array('');
 foreach ($tmptype2label as $key => $val) $type2label[$key] = $langs->transnoentitiesnoconv($val);

-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $attrname = GETPOST('attrname', 'alpha');
 $elementtype = 'resource'; //Must be the $table_element of the class that manage extrafield

--- a/htdocs/admin/security_file.php
+++ b/htdocs/admin/security_file.php
@ -34,7 +34,7 @@ $langs->loadLangs(array('users', 'admin', 'other'));
 if (!$user->admin)
 	accessforbidden();

-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');

 $upload_dir = $conf->admin->dir_temp;

--- a/htdocs/admin/security_other.php
+++ b/htdocs/admin/security_other.php
@ -34,7 +34,7 @@ $langs->loadLangs(array("users", "admin", "other"));
 if (!$user->admin)
 	accessforbidden();

-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');



--- a/htdocs/admin/stock.php
+++ b/htdocs/admin/stock.php
@ -36,7 +36,7 @@ $langs->loadLangs(array("admin", "stocks"));
 // Securit check
 if (!$user->admin) accessforbidden();

-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $value = GETPOST('value', 'alpha');
 $label = GETPOST('label', 'alpha');
 $scandir = GETPOST('scan_dir', 'alpha');
--- a/htdocs/admin/supplier_invoice.php
+++ b/htdocs/admin/supplier_invoice.php
@ -42,7 +42,7 @@ accessforbidden();

 $type = GETPOST('type', 'alpha');
 $value = GETPOST('value', 'alpha');
-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');

 $label = GETPOST('label', 'alpha');
 $scandir = GETPOST('scan_dir', 'alpha');
--- a/htdocs/admin/supplier_order.php
+++ b/htdocs/admin/supplier_order.php
@ -43,7 +43,7 @@ accessforbidden();
 $type = GETPOST('type', 'alpha');
 $value = GETPOST('value', 'alpha');
 $label = GETPOST('label', 'alpha');
-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $scandir = GETPOST('scan_dir', 'alpha');

 $specimenthirdparty = new Societe($db);
--- a/htdocs/admin/supplier_payment.php
+++ b/htdocs/admin/supplier_payment.php
@ -33,7 +33,7 @@ $langs->loadLangs(array("admin", "errors", "other", "bills", "orders"));

 if (!$user->admin) accessforbidden();

-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $value = GETPOST('value', 'alpha');
 $label = GETPOST('label', 'alpha');
 $scandir = GETPOST('scandir', 'alpha');
--- a/htdocs/admin/supplier_proposal.php
+++ b/htdocs/admin/supplier_proposal.php
@ -34,7 +34,7 @@ $langs->loadLangs(array("admin", "errors", "other", "supplier_proposal"));

 if (!$user->admin) accessforbidden();

-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $value = GETPOST('value', 'alpha');
 $label = GETPOST('label', 'alpha');
 $scandir = GETPOST('scan_dir', 'alpha');
--- a/htdocs/admin/supplierinvoice_extrafields.php
+++ b/htdocs/admin/supplierinvoice_extrafields.php
@ -45,7 +45,7 @@ $tmptype2label = ExtraFields::$type2label;
 $type2label = array('');
 foreach ($tmptype2label as $key => $val) $type2label[$key] = $langs->transnoentitiesnoconv($val);

-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $attrname = GETPOST('attrname', 'alpha');
 $elementtype = 'facture_fourn'; //Must be the $table_element of the class that manage extrafield

--- a/htdocs/admin/supplierinvoicedet_extrafields.php
+++ b/htdocs/admin/supplierinvoicedet_extrafields.php
@ -47,7 +47,7 @@ $tmptype2label = ExtraFields::$type2label;
 $type2label = array('');
 foreach ($tmptype2label as $key => $val) $type2label[$key] = $langs->transnoentitiesnoconv($val);

-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $attrname = GETPOST('attrname', 'alpha');
 $elementtype = 'facture_fourn_det'; //Must be the $table_element of the class that manage extrafield

--- a/htdocs/admin/supplierorder_extrafields.php
+++ b/htdocs/admin/supplierorder_extrafields.php
@ -45,7 +45,7 @@ $tmptype2label = ExtraFields::$type2label;
 $type2label = array('');
 foreach ($tmptype2label as $key => $val) $type2label[$key] = $langs->transnoentitiesnoconv($val);

-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $attrname = GETPOST('attrname', 'alpha');
 $elementtype = 'commande_fournisseur'; //Must be the $table_element of the class that manage extrafield

--- a/htdocs/admin/supplierorderdet_extrafields.php
+++ b/htdocs/admin/supplierorderdet_extrafields.php
@ -46,7 +46,7 @@ $tmptype2label = ExtraFields::$type2label;
 $type2label = array('');
 foreach ($tmptype2label as $key => $val) $type2label[$key] = $langs->transnoentitiesnoconv($val);

-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $attrname = GETPOST('attrname', 'alpha');
 $elementtype = 'commande_fournisseurdet'; //Must be the $table_element of the class that manage extrafield

--- a/htdocs/admin/system/about.php
+++ b/htdocs/admin/system/about.php
@ -31,7 +31,7 @@ require_once DOL_DOCUMENT_ROOT.'/core/lib/files.lib.php';
 // Load translation files required by the page
 $langs->loadLangs(array("help", "members", "other", "admin"));

-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');

 if (!$user->admin) accessforbidden();

--- a/htdocs/admin/system/database-tables.php
+++ b/htdocs/admin/system/database-tables.php
@ -32,7 +32,7 @@ if (!$user->admin) {
 	accessforbidden();
 }

-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');


 if ($action == 'convert')
--- a/htdocs/admin/system/dolibarr.php
+++ b/htdocs/admin/system/dolibarr.php
@ -32,7 +32,7 @@ require_once DOL_DOCUMENT_ROOT.'/core/lib/files.lib.php';
 // Load translation files required by the page
 $langs->loadLangs(array("install", "other", "admin"));

-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');

 if (!$user->admin)
 	accessforbidden();
--- a/htdocs/admin/taxes.php
+++ b/htdocs/admin/taxes.php
@ -34,7 +34,7 @@ $langs->loadLangs(array('admin', 'objects', 'companies', 'products'));

 if (!$user->admin) accessforbidden();

-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');



--- a/htdocs/admin/ticket.php
+++ b/htdocs/admin/ticket.php
@ -37,7 +37,7 @@ if (!$user->admin) {

 // Parameters
 $value = GETPOST('value', 'alpha');
-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $label = GETPOST('label', 'alpha');
 $scandir = GETPOST('scandir', 'alpha');
 $type = 'ticket';
--- a/htdocs/admin/ticket_extrafields.php
+++ b/htdocs/admin/ticket_extrafields.php
@ -39,7 +39,7 @@ foreach ($tmptype2label as $key => $val) {
 	$type2label[$key] = $langs->trans($val);
 }

-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $attrname = GETPOST('attrname', 'alpha');
 $elementtype = 'ticket'; //Must be the $table_element of the class that manage extrafield

--- a/Show More
+++ b/Show More