Merge branch '22.0' of git@github.com:Dolibarr/dolibarr.git into 22.0

htdocs/core/lib/functions.lib.php

@@ -829,6 +829,7 @@ function GETPOSTISARRAY($paramname, $method = 0)
  *                               '' or 'none'=no check (deprecated)
  *                               'password'=allow characters for a password
  *                               'email'=allow characters for an email "email@domain.com"
+ *                               'url'=allow characters for an url
  *                               'array', 'array:restricthtml' or 'array:aZ09' to check it's an array
  *                               'int'=check it's numeric (integer or float)
  *                               'intcomma'=check it's integer+comma ('1,2,3,4...')
@@ -1317,6 +1318,11 @@ function sanitizeVal($out = '', $check = 'alphanohtml', $filter = null, $options
 		case 'email':
 			$out = filter_var($out, FILTER_SANITIZE_EMAIL);
 			break;
+		case 'url':
+			//$out = filter_var($out, FILTER_SANITIZE_URL);	// Not reliable, replaced with FILTER_VALIDATE_URL
+			$out = preg_replace('/[^:\/\[\]a-z0-9@\$\'\*\~\.\-_,;\?\!=%&+#]+/i', '', $out);
+			// TODO Allow ( ) but only into password of https://login:password@domain...
+			break;
 		case 'aZ':
 			if (!is_array($out)) {
 				$out = trim($out);