Wavyzz/dolibarr-fork
2
0
Fork 0
forked from Wavyzz/dolibarr
Code Pull Requests Activity

Fix A file for a hidden feature provides a service without security

Browse Source 
checks.
This commit is contained in:
Laurent Destailleur
2019-08-02 17:12:03 +02:00
parent 76b7aa2e0f
commit c34739ab3f
3 changed files with 28 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
htdocs/core/lib/ajax.lib.php
View File

@@ -538,11 +538,12 @@ function ajax_constantonoff($code, $input = array(), $entity = null, $revertonof
}
/**
* On/off button for object
* On/off button to change status of an object
* This is called when MAIN_DIRECT_STATUS_UPDATE is set and it use tha ajax service objectonoff.php
*
* @param Object $object Object to set
* @param string $code Name of constant : status or status_buy for product by example
* @param string $field Name of database field : tosell or tobuy for product by example
* @param string $field Name of database field : 'tosell' or 'tobuy' for product by example
* @param string $text_on Text if on
* @param string $text_off Text if off
* @param array $input Array of type->list of CSS element to switch. Example: array('disabled'=>array(0=>'cssid'))