Wavyzz/dolibarr-fork
2
0
Fork 0
forked from Wavyzz/dolibarr
Code Pull Requests Activity

Warning: trim() expects parameter 1 to be string, array given in /httpdocs/core/lib/functions.lib.php on line 520

Browse Source
This commit is contained in:
Philippe GRAND
2017-10-30 14:22:34 +01:00
parent b74399abf6
commit f904c46a10
1 changed files with 2 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
htdocs/core/lib/functions.lib.php
View File

@@ -517,6 +517,8 @@ function GETPOST($paramname, $check='alpha', $method=0, $filter=NULL, $options=N
if (preg_match('/[^0-9,]+/i',$out)) $out=''; if (preg_match('/[^0-9,]+/i',$out)) $out='';
break; break;
case 'alpha': case 'alpha':
if (!is_string($out))
return $out;
$out=trim($out); $out=trim($out);
// '"' is dangerous because param in url can close the href= or src= and add javascript functions. // '"' is dangerous because param in url can close the href= or src= and add javascript functions.
// '../' is dangerous because it allows dir transversals // '../' is dangerous because it allows dir transversals