From 7e52c70321fdd5270f7ae94419e8858b6ea50a30 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Thu, 14 Nov 2019 21:16:18 +0100 Subject: [PATCH] FIX Advisory ID: usd20190067 --- htdocs/core/lib/functions.lib.php | 6 ++++-- htdocs/fourn/class/fournisseur.product.class.php | 2 +- htdocs/product/fournisseurs.php | 4 ++-- 3 files changed, 7 insertions(+), 5 deletions(-) diff --git a/htdocs/core/lib/functions.lib.php b/htdocs/core/lib/functions.lib.php index 9d926b3bc98..071b7a3b794 100644 --- a/htdocs/core/lib/functions.lib.php +++ b/htdocs/core/lib/functions.lib.php @@ -5134,16 +5134,18 @@ function get_default_npr(Societe $thirdparty_seller, Societe $thirdparty_buyer, if ($idprodfournprice > 0) { - if (! class_exists('ProductFournisseur')) + if (! class_exists('ProductFournisseur')) { require_once DOL_DOCUMENT_ROOT . '/fourn/class/fournisseur.product.class.php'; + } $prodprice = new ProductFournisseur($db); $prodprice->fetch_product_fournisseur_price($idprodfournprice); return $prodprice->fourn_tva_npr; } elseif ($idprod > 0) { - if (! class_exists('Product')) + if (! class_exists('Product')) { require_once DOL_DOCUMENT_ROOT . '/product/class/product.class.php'; + } $prod = new Product($db); $prod->fetch($idprod); return $prod->tva_npr; diff --git a/htdocs/fourn/class/fournisseur.product.class.php b/htdocs/fourn/class/fournisseur.product.class.php index faa681b0e88..786a650efb3 100644 --- a/htdocs/fourn/class/fournisseur.product.class.php +++ b/htdocs/fourn/class/fournisseur.product.class.php @@ -499,7 +499,7 @@ class ProductFournisseur extends Product $sql.= " pfp.multicurrency_price, pfp.multicurrency_unitprice, pfp.multicurrency_tx, pfp.fk_multicurrency, pfp.multicurrency_code,"; $sql.=" pfp.barcode, pfp.fk_barcode_type"; $sql.= " FROM ".MAIN_DB_PREFIX."product_fournisseur_price as pfp"; - $sql.= " WHERE pfp.rowid = ".$rowid; + $sql.= " WHERE pfp.rowid = ".(int) $rowid; dol_syslog(get_class($this)."::fetch_product_fournisseur_price", LOG_DEBUG); $resql = $this->db->query($sql); diff --git a/htdocs/product/fournisseurs.php b/htdocs/product/fournisseurs.php index 560f5b1b574..0bda7d44564 100644 --- a/htdocs/product/fournisseurs.php +++ b/htdocs/product/fournisseurs.php @@ -254,8 +254,8 @@ if (empty($reshook)) { $supplier=new Fournisseur($db); $result=$supplier->fetch($id_fourn); - if (isset($_POST['ref_fourn_price_id'])) - $object->fetch_product_fournisseur_price($_POST['ref_fourn_price_id']); + if (GETPOSTISSET('ref_fourn_price_id')) + $object->fetch_product_fournisseur_price(GETPOST('ref_fourn_price_id', 'int')); $newprice = price2num(GETPOST("price", "alpha"));