diff --git a/htdocs/install/step1.php b/htdocs/install/step1.php index ba26c551739..046e6779c95 100644 --- a/htdocs/install/step1.php +++ b/htdocs/install/step1.php @@ -159,7 +159,7 @@ $error = 0; /* - * View + * View */ dolibarr_install_syslog("--- step1: entering step1.php page"); @@ -372,7 +372,7 @@ if (!$error && $db->connected) { // Create config file -if (!$error && $db->connected && $action == "set") { +if (!$error && $db->connected && $action == "set") { // Test on permission not required here umask(0); if (is_array($_POST)) { foreach ($_POST as $key => $value) { @@ -384,7 +384,7 @@ if (!$error && $db->connected && $action == "set") { // Show title of step print '

Configuration '.$langs->trans("ConfigurationFile").'

'; - print ''; + print '
'; // Check parameter main_dir if (!$error) { diff --git a/htdocs/product/card.php b/htdocs/product/card.php index f98f519e8b1..8bf690d5f62 100644 --- a/htdocs/product/card.php +++ b/htdocs/product/card.php @@ -1056,7 +1056,7 @@ if (empty($reshook)) { // Add product into object (when PRODUCT_ADD_FORM_ADD_TO is set) - if ($object->id > 0 && $action == 'addin') { // Test on permission is done just after + if ($object->id > 0 && $action == 'addin') { // Test on permission not required here. it is done later according to object. $thirpdartyid = 0; $permissiontoaddline = false; diff --git a/htdocs/public/company/new.php b/htdocs/public/company/new.php index 27aab40ff14..dbea6169b6b 100644 --- a/htdocs/public/company/new.php +++ b/htdocs/public/company/new.php @@ -190,7 +190,7 @@ if ($reshook < 0) { } // Action called when page is submitted -if (empty($reshook) && $action == 'add') { +if (empty($reshook) && $action == 'add') { // Test on permission not required here. This is a public page. Security is done on constant and mitigation. $error = 0; $urlback = ''; @@ -236,6 +236,7 @@ if (empty($reshook) && $action == 'add') { $societe->name_alias = GETPOST('name_alias', 'alphanohtml'); $societe->note_private = GETPOST('note_private'); + if (!$error) { $result = $societe->create($user); if ($result > 0) { @@ -272,7 +273,7 @@ if (empty($reshook) && $action == 'add') { // If MEMBER_URL_REDIRECT_SUBSCRIPTION is set to an url, we never go here because a redirect was done to this url. Same if we ask to redirect to the payment page. // backtopage parameter with an url was set on prospect submit page, we never go here because a redirect was done to this url. -if (empty($reshook) && $action == 'added') { +if (empty($reshook) && $action == 'added') { // Test on permission not required here llxHeaderVierge("newSocieteAdded"); // If we have not been redirected diff --git a/htdocs/public/eventorganization/attendee_new.php b/htdocs/public/eventorganization/attendee_new.php index c1b75f58c22..90702047898 100644 --- a/htdocs/public/eventorganization/attendee_new.php +++ b/htdocs/public/eventorganization/attendee_new.php @@ -237,7 +237,7 @@ if ($reshook < 0) { } // Action called when page is submitted -if (empty($reshook) && $action == 'add' && (!empty($conference->id) && $conference->status == 2 || !empty($project->id) && $project->status == Project::STATUS_VALIDATED)) { +if (empty($reshook) && $action == 'add' && (!empty($conference->id) && $conference->status == 2 || !empty($project->id) && $project->status == Project::STATUS_VALIDATED)) { // Test on permission not required. Check are done on securitykey and mitigation $error = 0; $urlback = ''; diff --git a/htdocs/public/members/new.php b/htdocs/public/members/new.php index 02edd0fede4..b77ebc86ce4 100644 --- a/htdocs/public/members/new.php +++ b/htdocs/public/members/new.php @@ -114,7 +114,7 @@ $user->loadDefaultValues(); */ function llxHeaderVierge($title, $head = "", $disablejs = 0, $disablehead = 0, $arrayofjs = [], $arrayofcss = []) { - global $user, $conf, $langs, $mysoc; + global $conf, $langs, $mysoc; top_htmlhead($head, $title, $disablejs, $disablehead, $arrayofjs, $arrayofcss); // Show html headers @@ -192,7 +192,7 @@ if ($reshook < 0) { } // Action called when page is submitted -if (empty($reshook) && $action == 'add') { +if (empty($reshook) && $action == 'add') { // Test on permission not required here. This is an anonymous form. Check is done on constant to enable and mitigation. $error = 0; $urlback = ''; @@ -490,7 +490,7 @@ if (empty($reshook) && $action == 'add') { // If MEMBER_URL_REDIRECT_SUBSCRIPTION is set to an url, we never go here because a redirect was done to this url. Same if we ask to redirect to the payment page. // backtopage parameter with an url was set on member submit page, we never go here because a redirect was done to this url. -if (empty($reshook) && $action == 'added') { +if (empty($reshook) && $action == 'added') { // Test on permission not required here llxHeaderVierge($langs->trans("NewMemberForm")); // If we have not been redirected diff --git a/htdocs/public/partnership/new.php b/htdocs/public/partnership/new.php index 9b31d94cff6..57461142b2d 100644 --- a/htdocs/public/partnership/new.php +++ b/htdocs/public/partnership/new.php @@ -71,7 +71,7 @@ $action = GETPOST('action', 'aZ09'); $langs->loadLangs(array("main", "members", "partnership", "companies", "install", "other")); // Security check -if (empty($conf->partnership->enabled)) { +if (!isModEnabled('partnership')) { httponly_accessforbidden('Module Partnership not enabled'); } @@ -180,7 +180,7 @@ if ($reshook < 0) { } // Action called when page is submitted -if (empty($reshook) && $action == 'add') { +if (empty($reshook) && $action == 'add') { // Test on permission not required here. This is an anonymous form. Check is done on constant to enable and mitigation. $error = 0; $urlback = ''; @@ -526,7 +526,7 @@ if (empty($reshook) && $action == 'add') { // Action called after a submitted was send and member created successfully // If PARTNERSHIP_URL_REDIRECT_SUBSCRIPTION is set to url we never go here because a redirect was done to this url. // backtopage parameter with an url was set on member submit page, we never go here because a redirect was done to this url. -if (empty($reshook) && $action == 'added') { +if (empty($reshook) && $action == 'added') { // Test on permission not required here llxHeaderVierge($langs->trans("NewPartnershipForm")); // Si on a pas ete redirige diff --git a/htdocs/public/project/new.php b/htdocs/public/project/new.php index d8f279cb9db..a3eb7e096cf 100644 --- a/htdocs/public/project/new.php +++ b/htdocs/public/project/new.php @@ -172,7 +172,7 @@ if ($reshook < 0) { } // Action called when page is submitted -if (empty($reshook) && $action == 'add') { // Test on permission not required here. This is an anonymous public ssubmission. Check is done the constant to enable feature + mitigation. +if (empty($reshook) && $action == 'add') { // Test on permission not required here. This is an anonymous public submission form. Check is done on the constant to enable feature + mitigation. $error = 0; $urlback = ''; @@ -430,7 +430,7 @@ if (empty($reshook) && $action == 'add') { // Test on permission not required he // Action called after a submitted was send and member created successfully // backtopage parameter with an url was set on member submit page, we never go here because a redirect was done to this url. -if (empty($reshook) && $action == 'added') { +if (empty($reshook) && $action == 'added') { // Test on permission not required here llxHeaderVierge($langs->trans("NewLeadForm")); // Si on a pas ete redirige diff --git a/test/phpunit/CodingPhpTest.php b/test/phpunit/CodingPhpTest.php index 6d9b61effd8..c9a6f693672 100644 --- a/test/phpunit/CodingPhpTest.php +++ b/test/phpunit/CodingPhpTest.php @@ -662,7 +662,7 @@ class CodingPhpTest extends CommonClassTest $filecontentaction = $filecontent; } - preg_match_all('/if.*\$action\s*==\s*[\'"][a-z\-]+[\'"].*/', $filecontentaction, $matches, PREG_SET_ORDER); + preg_match_all('/if.*\$action\s*==\s*[\'"][a-z\-]+[\'"].*$/', $filecontentaction, $matches, PREG_SET_ORDER); foreach ($matches as $key => $val) { if (!preg_match('/\$user->hasR/', $val[0]) && !preg_match('/\$permission/', $val[0])