Fix: XSS injection

htdocs/lib/functions.lib.php

@@ -40,11 +40,15 @@ if (! defined('ADODB_DATE_VERSION')) include_once(DOL_DOCUMENT_ROOT."/includes/a
 /**
  *  Return value of a param into get or post variable
  *  @param          paramname   Name of parameter to found
+ *  @param			length		Length of string (security)
  *  @return         string      Value found
  */
-function GETPOST($paramname)
+function GETPOST($paramname,$length=0)
 {
-    return isset($_GET[$paramname])?$_GET[$paramname]:(isset($_POST[$paramname])?$_POST[$paramname]:'');
+    $out = isset($_GET[$paramname])?$_GET[$paramname]:(isset($_POST[$paramname])?$_POST[$paramname]:'');
+    $out = trim($out);
+    if ($length > 0 && strlen($out) > $length) $out='';
+    return $out;
 }
 
 /**

htdocs/product/liste.php

@@ -33,22 +33,15 @@ if ($conf->categorie->enabled) require_once(DOL_DOCUMENT_ROOT."/categories/class
 $langs->load("products");
 $langs->load("stocks");
 
-$type=trim(isset($_GET["type"])?$_GET["type"]:$_POST["type"]);
+$sref=GETPOST("sref");
-$sref=isset($_GET["sref"])?$_GET["sref"]:$_POST["sref"];
+$sbarcode=GETPOST("sbarcode");
-
+$snom=GETPOST("snom");
-$sbarcode=isset($_GET["sbarcode"])?$_GET["sbarcode"]:$_POST["sbarcode"];
+$sall=GETPOST("sall");
-$snom=isset($_GET["snom"])?$_GET["snom"]:$_POST["snom"];
+$type=GETPOST("type",1);
-$sall=isset($_GET["sall"])?$_GET["sall"]:$_POST["sall"];
-$type=isset($_GET["type"])?$_GET["type"]:$_POST["type"];
-$sref=trim($sref);
-$sbarcode=trim($sbarcode);
-$snom=trim($snom);
-$sall=trim($sall);
-$type=trim($type);
 
 
-$sortfield = isset($_GET["sortfield"])?$_GET["sortfield"]:$_POST["sortfield"];
+$sortfield = GETPOST("sortfield");
-$sortorder = isset($_GET["sortorder"])?$_GET["sortorder"]:$_POST["sortorder"];
+$sortorder = GETPOST("sortorder");
 if (! $sortfield) $sortfield="p.ref";
 if (! $sortorder) $sortorder="ASC";
 $page = $_GET["page"];