Wavyzz/dolibarr
2
0
Fork 1
mirror of https://github.com/Dolibarr/dolibarr.git synced 2025-12-07 18:18:18 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch '16.0' of git@github.com:Dolibarr/dolibarr.git into develop

Browse Source
This commit is contained in:
Laurent Destailleur
2022-11-23 12:07:42 +01:00
parent 3a59344c2f 9a0b10bf9f
commit 4c02652d87
5 changed files with 11 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
htdocs/compta/prelevement/create.php
View File

@@ -402,6 +402,9 @@ if ($resql) {
if (!empty($limit)) { if (!empty($limit)) {
print '<input type="hidden" name="limit" value="'.$limit.'"/>'; print '<input type="hidden" name="limit" value="'.$limit.'"/>';
} }
if ($type != '') {
print '<input type="hidden" name="type" value="'.$type.'">';
}
$title = $langs->trans("InvoiceWaitingWithdraw"); $title = $langs->trans("InvoiceWaitingWithdraw");
if ($type == 'bank-transfer') { if ($type == 'bank-transfer') {

3
htdocs/compta/prelevement/list.php
View File

@@ -192,6 +192,9 @@ if ($result) {
print '<input type="hidden" name="sortfield" value="'.$sortfield.'">'; print '<input type="hidden" name="sortfield" value="'.$sortfield.'">';
print '<input type="hidden" name="sortorder" value="'.$sortorder.'">'; print '<input type="hidden" name="sortorder" value="'.$sortorder.'">';
print '<input type="hidden" name="contextpage" value="'.$contextpage.'">'; print '<input type="hidden" name="contextpage" value="'.$contextpage.'">';
if ($type != '') {
print '<input type="hidden" name="type" value="'.$type.'">';
}
$title = $langs->trans("WithdrawalsLines"); $title = $langs->trans("WithdrawalsLines");
if ($type == 'bank-transfer') { if ($type == 'bank-transfer') {

4
htdocs/compta/prelevement/orders_list.php
View File

@@ -161,7 +161,9 @@ if ($result) {
print '<input type="hidden" name="sortfield" value="'.$sortfield.'">'; print '<input type="hidden" name="sortfield" value="'.$sortfield.'">';
print '<input type="hidden" name="sortorder" value="'.$sortorder.'">'; print '<input type="hidden" name="sortorder" value="'.$sortorder.'">';
print '<input type="hidden" name="contextpage" value="'.$contextpage.'">'; print '<input type="hidden" name="contextpage" value="'.$contextpage.'">';
if ($type != '') {
print '<input type="hidden" name="type" value="'.$type.'">';
}
$titlekey = "WithdrawalsReceipts"; $titlekey = "WithdrawalsReceipts";
$title = $langs->trans("WithdrawalsReceipts"); $title = $langs->trans("WithdrawalsReceipts");
if ($type == 'bank-transfer') { if ($type == 'bank-transfer') {

2
htdocs/core/lib/functions.lib.php
View File

@@ -8858,7 +8858,7 @@ function dol_eval($s, $returnvalue = 0, $hideerrors = 1, $onlysimplestring = '1'
$forbiddenphpstrings = array('$$'); $forbiddenphpstrings = array('$$');
$forbiddenphpstrings = array_merge($forbiddenphpstrings, array('_ENV', '_SESSION', '_COOKIE', '_GET', '_POST', '_REQUEST')); $forbiddenphpstrings = array_merge($forbiddenphpstrings, array('_ENV', '_SESSION', '_COOKIE', '_GET', '_POST', '_REQUEST'));
$forbiddenphpfunctions = array("exec", "passthru", "shell_exec", "system", "proc_open", "popen", "eval", "dol_eval", "executeCLI", 'verifCond'); $forbiddenphpfunctions = array("exec", "passthru", "shell_exec", "system", "proc_open", "popen", "eval", "dol_eval", "executeCLI", "verifCond", "base64_decode");
$forbiddenphpfunctions = array_merge($forbiddenphpfunctions, array("fopen", "file_put_contents", "fputs", "fputscsv", "fwrite", "fpassthru", "require", "include", "mkdir", "rmdir", "symlink", "touch", "unlink", "umask")); $forbiddenphpfunctions = array_merge($forbiddenphpfunctions, array("fopen", "file_put_contents", "fputs", "fputscsv", "fwrite", "fpassthru", "require", "include", "mkdir", "rmdir", "symlink", "touch", "unlink", "umask"));
$forbiddenphpfunctions = array_merge($forbiddenphpfunctions, array("function", "call_user_func")); $forbiddenphpfunctions = array_merge($forbiddenphpfunctions, array("function", "call_user_func"));

2
htdocs/societe/class/api_thirdparties.class.php
View File

@@ -1154,7 +1154,7 @@ class Thirdparties extends DolibarrApi
*/ */
public function getCompanyBankAccount($id) public function getCompanyBankAccount($id)
{ {
if (!DolibarrApiAccess::$user->rights->facture->lire) { if (!DolibarrApiAccess::$user->rights->societe->lire) {
throw new RestException(401); throw new RestException(401);
} }
if (empty($id)) { if (empty($id)) {