Fix backtourl

htdocs/website/index.php

@@ -394,12 +394,12 @@ if ($cancel) {
 }
 
 $savbacktopage = $backtopage;
-$backtopage = $_SERVER["PHP_SELF"].'?file_manager=1&website='.$websitekey.'&pageid='.$pageid.(GETPOST('section_dir', 'alpha') ? '&section_dir='.urlencode(GETPOST('section_dir', 'alpha')) : ''); // used after a confirm_deletefile into actions_linkedfiles.inc.php
+$backtopage = $_SERVER["PHP_SELF"].'?file_manager=1&website='.urlencode($websitekey).'&pageid='.urlencode($pageid).(GETPOST('section_dir', 'alpha') ? '&section_dir='.urlencode(GETPOST('section_dir', 'alpha')) : ''); // used after a confirm_deletefile into actions_linkedfiles.inc.php
 if ($sortfield) {
-	$backtopage .= '&sortfield='.$sortfield;
+	$backtopage .= '&sortfield='.urlencode($sortfield);
 }
 if ($sortorder) {
-	$backtopage .= '&sortorder='.$sortorder;
+	$backtopage .= '&sortorder='.urlencode($sortorder);
 }
 include DOL_DOCUMENT_ROOT.'/core/actions_linkedfiles.inc.php';
 $backtopage = $savbacktopage;
@@ -1511,6 +1511,7 @@ if ($action == 'updatecss') {
 			if (!GETPOSTISSET('updateandstay')) {	// If we click on "Save And Stay", we don not make the redirect
 				$action = 'preview';
 				if ($backtopage) {
+					$backtopage = preg_replace('/searchstring=[^&]*/', '', $backtopage);	// Clean backtopage url
 					header("Location: ".$backtopage);
 					exit;
 				}

test/phpunit/SecurityTest.php

@@ -184,6 +184,12 @@ class SecurityTest extends PHPUnit\Framework\TestCase
 		// Should be OK
 		$expectedresult=0;
 
+		/*
+		$test = '';
+		$result=testSqlAndScriptInject($test, 0);
+		$this->assertGreaterThanOrEqual(0, $result, 'Error on testSqlAndScriptInject kkk');
+		*/
+
 		$_SERVER["PHP_SELF"]='/DIR WITH SPACE/htdocs/admin/index.php?mainmenu=home&leftmenu=setup&username=weservices';
 		$result=testSqlAndScriptInject($_SERVER["PHP_SELF"], 2);
 		$this->assertEquals($expectedresult, $result, 'Error on testSqlAndScriptInject expected 0a');