diff --git a/htdocs/adherents/class/adherent.class.php b/htdocs/adherents/class/adherent.class.php
index 46420995312..4918bac8fc8 100644
--- a/htdocs/adherents/class/adherent.class.php
+++ b/htdocs/adherents/class/adherent.class.php
@@ -665,8 +665,6 @@ class Adherent extends CommonObject
require_once DOL_DOCUMENT_ROOT.'/core/lib/functions2.lib.php';
- require_once DOL_DOCUMENT_ROOT.'/core/lib/functions2.lib.php';
-
$nbrowsaffected = 0;
$error = 0;
diff --git a/htdocs/adherents/list.php b/htdocs/adherents/list.php
index 2c2efdd00a6..ec02bff77d3 100644
--- a/htdocs/adherents/list.php
+++ b/htdocs/adherents/list.php
@@ -1130,9 +1130,9 @@ while ($i < min($num, $limit)) {
}
// Country
if (!empty($arrayfields['country.code_iso']['checked'])) {
- print '| ';
$tmparray = getCountry($obj->country, 'all');
- print $tmparray['label'];
+ print ' | ';
+ print dol_escape_htmltag($tmparray['label']);
print ' | ';
if (!$i) {
$totalarray['nbfield']++;
diff --git a/htdocs/bookmarks/bookmarks.lib.php b/htdocs/bookmarks/bookmarks.lib.php
index 448a5f085f1..1db3970f614 100644
--- a/htdocs/bookmarks/bookmarks.lib.php
+++ b/htdocs/bookmarks/bookmarks.lib.php
@@ -36,28 +36,39 @@ function printDropdownBookmarksList()
$langs->load("bookmarks");
+ $authorized_var=array('limit','optioncss','contextpage');
$url = $_SERVER["PHP_SELF"];
-
+ $url_param=array();
if (!empty($_SERVER["QUERY_STRING"])) {
- $url .= (dol_escape_htmltag($_SERVER["QUERY_STRING"]) ? '?'.dol_escape_htmltag($_SERVER["QUERY_STRING"]) : '');
- } else {
- global $sortfield, $sortorder;
- $tmpurl = '';
- // No urlencode, all param $url will be urlencoded later
- if ($sortfield) {
- $tmpurl .= ($tmpurl ? '&' : '').'sortfield='.urlencode($sortfield);
- }
- if ($sortorder) {
- $tmpurl .= ($tmpurl ? '&' : '').'sortorder='.urlencode($sortorder);
- }
- if (is_array($_POST)) {
- foreach ($_POST as $key => $val) {
- if (preg_match('/^search_/', $key) && $val != '') {
- $tmpurl .= ($tmpurl ? '&' : '').http_build_query(array($key => $val));
+ if (is_array($_GET)) {
+ foreach ($_GET as $key => $val) {
+ if ($val != '') {
+ $url_param[$key]=http_build_query(array(dol_escape_htmltag($key) => dol_escape_htmltag($val)));
}
}
}
- $url .= ($tmpurl ? '?'.$tmpurl : '');
+ }
+ global $sortfield, $sortorder;
+ $tmpurl = '';
+ // No urlencode, all param $url will be urlencoded later
+ if ($sortfield) {
+ $tmpurl .= ($tmpurl ? '&' : '').'sortfield='.urlencode($sortfield);
+ }
+ if ($sortorder) {
+ $tmpurl .= ($tmpurl ? '&' : '').'sortorder='.urlencode($sortorder);
+ }
+ if (is_array($_POST)) {
+ foreach ($_POST as $key => $val) {
+ if ((preg_match('/^search_/', $key) || in_array($key, $authorized_var))
+ && $val != ''
+ && !array_key_exists($key, $url_param)) {
+ $url_param[$key]=http_build_query(array(dol_escape_htmltag($key) => dol_escape_htmltag($val)));
+ }
+ }
+ }
+ $url .= ($tmpurl ? '?'.$tmpurl : '');
+ if (!empty($url_param)) {
+ $url .= '&'.implode('&', $url_param);
}
$searchForm = ''."\n";
diff --git a/htdocs/compta/resultat/clientfourn.php b/htdocs/compta/resultat/clientfourn.php
index 240903da4f0..ff834a4d98d 100644
--- a/htdocs/compta/resultat/clientfourn.php
+++ b/htdocs/compta/resultat/clientfourn.php
@@ -39,6 +39,7 @@ require_once DOL_DOCUMENT_ROOT.'/core/lib/report.lib.php';
require_once DOL_DOCUMENT_ROOT.'/core/lib/tax.lib.php';
require_once DOL_DOCUMENT_ROOT.'/core/lib/date.lib.php';
require_once DOL_DOCUMENT_ROOT.'/accountancy/class/accountancycategory.class.php';
+require_once DOL_DOCUMENT_ROOT.'/accountancy/class/accountingaccount.class.php';
// Load translation files required by the page
$langs->loadLangs(array('compta', 'bills', 'donation', 'salaries', 'accountancy', 'loan'));
diff --git a/htdocs/modulebuilder/template/myobject_list.php b/htdocs/modulebuilder/template/myobject_list.php
index d9af4add8ce..ce7aa447c66 100644
--- a/htdocs/modulebuilder/template/myobject_list.php
+++ b/htdocs/modulebuilder/template/myobject_list.php
@@ -451,7 +451,7 @@ if ($limit > 0 && $limit != $conf->liste_limit) {
$param .= '&limit='.urlencode($limit);
}
foreach ($search as $key => $val) {
- if (is_array($search[$key]) && count($search[$key])) {
+ if (is_array($search[$key])) {
foreach ($search[$key] as $skey) {
if ($skey != '') {
$param .= '&search_'.$key.'[]='.urlencode($skey);
diff --git a/htdocs/ticket/list.php b/htdocs/ticket/list.php
index 1a2325e52d9..c73084e34f3 100644
--- a/htdocs/ticket/list.php
+++ b/htdocs/ticket/list.php
@@ -139,7 +139,7 @@ foreach ($object->fields as $key => $val) {
$arrayfields['t.'.$key] = array(
'label'=>$val['label'],
'checked'=>(($visible < 0) ? 0 : 1),
- 'enabled'=>($visible != 3 && dol_eval($val['enabled'], 1, 1, '1')),
+ 'enabled'=>($visible != 3 && dol_eval($val['enabled'], 1)),
'position'=>$val['position'],
'help'=> isset($val['help']) ? $val['help'] : ''
);
@@ -620,8 +620,8 @@ if ($limit > 0 && $limit != $conf->liste_limit) {
$param .= '&limit='.urlencode($limit);
}
foreach ($search as $key => $val) {
- if (is_array($val) && count($val)) {
- foreach ($val as $skey) {
+ if (is_array($search[$key])) {
+ foreach ($search[$key] as $skey) {
if ($skey != '') {
$param .= (!empty($val)) ? '&search_'.$key.'[]='.urlencode($skey) : "";
}
@@ -756,10 +756,13 @@ if ($massaction == 'presendonclose') {
}
if ($search_all) {
+ $setupstring = '';
foreach ($fieldstosearchall as $key => $val) {
$fieldstosearchall[$key] = $langs->trans($val);
+ $setupstring .= $key."=".$val.";";
}
- print ''.$langs->trans("FilterOnInto", $search_all).join(', ', $fieldstosearchall).'
';
+ print ''."\n";
+ print ''.$langs->trans("FilterOnInto", $search_all).join(', ', $fieldstosearchall).'
'."\n";
}
$moreforfilter = '';