Wavyzz/dolibarr-fork
2
0
Fork 0
forked from Wavyzz/dolibarr
Code Pull Requests Activity

Fix: [ bug #1581 ] SQL injection possbile

Browse Source
This commit is contained in:
Laurent Destailleur
2014-10-27 00:58:56 +01:00
parent 7bd27a13fa
commit 9619c0cdea
6 changed files with 14 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
htdocs/compta/prelevement/demandes.php
View File

@@ -112,8 +112,8 @@ if ($resql)
print '</tr>';
print '<form action="'.$_SERVER["PHP_SELF"].'" method="GET">';
print '<td class="liste_titre"><input type="text" class="flat" name="search_facture" size="12" value="'.GETPOST('search_facture','alpha').'"></td>';
print '<td class="liste_titre"><input type="text" class="flat" name="search_societe" size="18" value="'.GETPOST('search_societe','alpha').'"></td>';
print '<td class="liste_titre"><input type="text" class="flat" name="search_facture" size="12" value="'.dol_escape_htmltag(GETPOST('search_facture','alpha')).'"></td>';
print '<td class="liste_titre"><input type="text" class="flat" name="search_societe" size="18" value="'.dol_escape_htmltag(GETPOST('search_societe','alpha')).'"></td>';
print '<td colspan="2" class="liste_titre" align="right"><input type="image" class="liste_titre" src="'.img_picto($langs->trans("Search"),'search.png','','',1).'" name="button_search" value="'.dol_escape_htmltag($langs->trans("Search")).'" title="'.dol_escape_htmltag($langs->trans("Search")).'"></td>';
print '</tr>';
print '</form>';

8
htdocs/compta/prelevement/list.php
View File

@@ -122,11 +122,11 @@ if ($result)
print '<form action="list.php" method="GET">';
print '<tr class="liste_titre">';
print '<td class="liste_titre"><input type="text" class="flat" name="search_ligne" value="'. $search_line.'" size="6"></td>';
print '<td class="liste_titre"><input type="text" class="flat" name="search_bon" value="'. $search_bon.'" size="8"></td>';
print '<td class="liste_titre"><input type="text" class="flat" name="search_ligne" value="'. dol_escape_htmltag($search_line).'" size="6"></td>';
print '<td class="liste_titre"><input type="text" class="flat" name="search_bon" value="'. dol_escape_htmltag($search_bon).'" size="8"></td>';
print '<td>&nbsp;</td>';
print '<td class="liste_titre"><input type="text" class="flat" name="search_societe" value="'. $search_societe.'" size="12"></td>';
print '<td class="liste_titre" align="center"><input type="text" class="flat" name="search_code" value="'. $search_code.'" size="8"></td>';
print '<td class="liste_titre"><input type="text" class="flat" name="search_societe" value="'. dol_escape_htmltag($search_societe).'" size="12"></td>';
print '<td class="liste_titre" align="center"><input type="text" class="flat" name="search_code" value="'. dol_escape_htmltag($search_code).'" size="8"></td>';
print '<td class="liste_titre">&nbsp;</td>';
print '<td class="liste_titre">&nbsp;</td>';
print '<td class="liste_titre" align="right"><input type="image" class="liste_titre" src="'.img_picto($langs->trans("Search"),'search.png','','',1).'" name="button_search" value="'.dol_escape_htmltag($langs->trans("Search")).'" title="'.dol_escape_htmltag($langs->trans("Search")).'"></td>';

2
htdocs/core/lib/functions.lib.php
View File

@@ -175,7 +175,7 @@ function dol_shutdown()
* @param int $method Type of method (0 = get then post, 1 = only get, 2 = only post, 3 = post then get, 4 = post then get then cookie)
* @param int $filter Filter to apply when $check is set to custom. (See http://php.net/manual/en/filter.filters.php for détails)
* @param mixed $options Options to pass to filter_var when $check is set to custom
* @return string||string[] Value found, or '' if check fails
* @return string||string[] Value found (string or array), or '' if check fails
*/
function GETPOST($paramname,$check='',$method=0,$filter=NULL,$options=NULL)
{

4
htdocs/core/lib/invoice.lib.php
View File

@@ -79,7 +79,7 @@ function facture_prepare_head($object)
if(!empty($object->note_public)) $nbNote++;
$head[$h][0] = DOL_URL_ROOT.'/compta/facture/note.php?facid='.$object->id;
$head[$h][1] = $langs->trans('Notes');
if ($nbNote > 0) $head[$h][1].= ' ('.$nbNote.')';
if ($nbNote > 0) $head[$h][1].= ' <span class="badge">'.$nbNote.'</span>';
$head[$h][2] = 'note';
$h++;
}
@@ -89,7 +89,7 @@ function facture_prepare_head($object)
$nbFiles = count(dol_dir_list($upload_dir,'files',0,'','(\.meta|_preview\.png)$'));
$head[$h][0] = DOL_URL_ROOT.'/compta/facture/document.php?facid='.$object->id;
$head[$h][1] = $langs->trans('Documents');
if($nbFiles > 0) $head[$h][1].= ' ('.$nbFiles.')';
if($nbFiles > 0) $head[$h][1].= ' <span class="badge">'.$nbFiles.'</span>';
$head[$h][2] = 'documents';
$h++;

4
htdocs/langs/en_US/withdrawals.lang
View File

@@ -14,8 +14,8 @@ WithdrawalReceiptShort=Receipt
LastWithdrawalReceipts=Last %s withdrawal receipts
WithdrawedBills=Withdrawn invoices
WithdrawalsLines=Withdrawal lines
RequestStandingOrderToTreat=Request for standing orders to treat
RequestStandingOrderTreated=Request for standing orders treated
RequestStandingOrderToTreat=Request for standing orders to process
RequestStandingOrderTreated=Request for standing orders processed
CustomersStandingOrders=Customer standing orders
CustomerStandingOrder=Customer standing order
NbOfInvoiceToWithdraw=Nb. of invoice with withdraw request

6
htdocs/product/stock/list.php
View File

@@ -31,9 +31,9 @@ $langs->load("stocks");
// Security check
$result=restrictedArea($user,'stock');
$sref=GETPOST("sref");;
$snom=GETPOST("snom");
$sall=GETPOST("sall");
$sref=GETPOST("sref","alpha");
$snom=GETPOST("snom","alpha");
$sall=GETPOST("sall","alpha");
$sortfield = GETPOST("sortfield");
$sortorder = GETPOST("sortorder");