Wavyzz/dolibarr-fork
2
0
Fork 0
forked from Wavyzz/dolibarr
Code Pull Requests Activity

Sec: Removed security holes

Browse Source
This commit is contained in:
Laurent Destailleur
2010-11-20 13:08:44 +00:00
parent 1627b204b5
commit adfb9ea341
70 changed files with 492 additions and 460 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
htdocs/commande/document.php
View File

@@ -48,19 +48,18 @@ if ($user->societe_id) $socid=$user->societe_id;
$result=restrictedArea($user,'commande',$comid,'');
// Get parameters
$page=$_GET["page"];
$sortorder=$_GET["sortorder"];
$sortfield=$_GET["sortfield"];
if (! $sortorder) $sortorder="ASC";
if (! $sortfield) $sortfield="name";
if ($page == -1) { $page = 0 ; }
$offset = $conf->liste_limit * $page ;
$sortfield = GETPOST("sortfield",'alpha');
$sortorder = GETPOST("sortorder",'alpha');
$page = GETPOST("page",'int');
if ($page == -1) { $page = 0; }
$offset = $conf->liste_limit * $page;
$pageprev = $page - 1;
$pagenext = $page + 1;
if (! $sortorder) $sortorder="ASC";
if (! $sortfield) $sortfield="name";
$id = $_GET['id'];
$id = GETPOST('id','int');
$ref= $_GET['ref'];
$commande = new Commande($db);
if (! $commande->fetch($_GET['id'],$_GET['ref']) > 0)