mirror of
https://github.com/Dolibarr/dolibarr.git
synced 2025-12-21 17:01:19 +01:00
Fix: functions "ereg", "ereg_replace", "eregi", "eregi_replace" is deprecated since php 5.3.0
This commit is contained in:
Regis Houssin
@@ -240,7 +240,7 @@ class Commande extends CommonObject
|
||||
$result=$soc->set_as_client();
|
||||
|
||||
// Define new ref
|
||||
if (! $error && (preg_match('/^\(PROV/i', $this->ref) || preg_match('/^PROV/i', $this->ref)))
|
||||
if (! $error && (preg_match('/^[\(]?PROV/i', $this->ref)))
|
||||
{
|
||||
$num = $this->getNextNumRef($soc);
|
||||
}
|
||||
@@ -291,7 +291,7 @@ class Commande extends CommonObject
|
||||
if (! $error)
|
||||
{
|
||||
// Rename directory if dir was a temporary ref
|
||||
if (preg_match('/^\(PROV/i', $this->ref) || preg_match('/^PROV/i', $this->ref))
|
||||
if (preg_match('/^[\(]?PROV/i', $this->ref))
|
||||
{
|
||||
// On renomme repertoire ($this->ref = ancienne ref, $numfa = nouvelle ref)
|
||||
// afin de ne pas perdre les fichiers attaches
|
||||
|
||||
@@ -75,33 +75,33 @@ else $type=dol_mimetype($original_file);
|
||||
// Define attachment (attachment=true to force choice popup 'open'/'save as')
|
||||
$attachment = true;
|
||||
// Text files
|
||||
if (eregi('\.txt$',$original_file)) { $attachment = false; }
|
||||
if (eregi('\.csv$',$original_file)) { $attachment = true; }
|
||||
if (eregi('\.tsv$',$original_file)) { $attachment = true; }
|
||||
if (preg_match('/\.txt$/i',$original_file)) { $attachment = false; }
|
||||
if (preg_match('/\.csv$/i',$original_file)) { $attachment = true; }
|
||||
if (preg_match('/\.tsv$/i',$original_file)) { $attachment = true; }
|
||||
// Documents MS office
|
||||
if (eregi('\.doc$',$original_file)) { $attachment = true; }
|
||||
if (eregi('\.dot$',$original_file)) { $attachment = true; }
|
||||
if (eregi('\.mdb$',$original_file)) { $attachment = true; }
|
||||
if (eregi('\.ppt$',$original_file)) { $attachment = true; }
|
||||
if (eregi('\.xls$',$original_file)) { $attachment = true; }
|
||||
if (preg_match('/\.doc(x)?$/i',$original_file)) { $attachment = true; }
|
||||
if (preg_match('/\.dot(x)?$/i',$original_file)) { $attachment = true; }
|
||||
if (preg_match('/\.mdb$/i',$original_file)) { $attachment = true; }
|
||||
if (preg_match('/\.ppt(x)?$/i',$original_file)) { $attachment = true; }
|
||||
if (preg_match('/\.xls(x)?$/i',$original_file)) { $attachment = true; }
|
||||
// Documents Open office
|
||||
if (eregi('\.odp$',$original_file)) { $attachment = true; }
|
||||
if (eregi('\.ods$',$original_file)) { $attachment = true; }
|
||||
if (eregi('\.odt$',$original_file)) { $attachment = true; }
|
||||
if (preg_match('/\.odp$/i',$original_file)) { $attachment = true; }
|
||||
if (preg_match('/\.ods$/i',$original_file)) { $attachment = true; }
|
||||
if (preg_match('/\.odt$/i',$original_file)) { $attachment = true; }
|
||||
// Misc
|
||||
if (eregi('\.(html|htm)$',$original_file)) { $attachment = false; }
|
||||
if (eregi('\.pdf$',$original_file)) { $attachment = true; }
|
||||
if (eregi('\.sql$',$original_file)) { $attachment = true; }
|
||||
if (preg_match('/\.(html|htm)$/i',$original_file)) { $attachment = false; }
|
||||
if (preg_match('/\.pdf$/i',$original_file)) { $attachment = true; }
|
||||
if (preg_match('/\.sql$/i',$original_file)) { $attachment = true; }
|
||||
// Images
|
||||
if (eregi('\.jpg$',$original_file)) { $attachment = true; }
|
||||
if (eregi('\.jpeg$',$original_file)) { $attachment = true; }
|
||||
if (eregi('\.png$',$original_file)) { $attachment = true; }
|
||||
if (eregi('\.gif$',$original_file)) { $attachment = true; }
|
||||
if (eregi('\.bmp$',$original_file)) { $attachment = true; }
|
||||
if (eregi('\.tiff$',$original_file)) { $attachment = true; }
|
||||
if (preg_match('/\.jpg$/i',$original_file)) { $attachment = true; }
|
||||
if (preg_match('/\.jpeg$/i',$original_file)) { $attachment = true; }
|
||||
if (preg_match('/\.png$/i',$original_file)) { $attachment = true; }
|
||||
if (preg_match('/\.gif$/i',$original_file)) { $attachment = true; }
|
||||
if (preg_match('/\.bmp$/i',$original_file)) { $attachment = true; }
|
||||
if (preg_match('/\.tiff$/i',$original_file)) { $attachment = true; }
|
||||
// Calendar
|
||||
if (eregi('\.vcs$',$original_file)) { $attachment = true; }
|
||||
if (eregi('\.ics$',$original_file)) { $attachment = true; }
|
||||
if (preg_match('/\.vcs$/i',$original_file)) { $attachment = true; }
|
||||
if (preg_match('/\.ics$/i',$original_file)) { $attachment = true; }
|
||||
if ($_REQUEST["attachment"]) { $attachment = true; }
|
||||
if (! empty($conf->global->MAIN_DISABLE_FORCE_SAVEAS)) $attachment=false;
|
||||
//print "XX".$attachment;exit;
|
||||
@@ -122,7 +122,7 @@ if ($modulepart)
|
||||
if ($modulepart == 'facture')
|
||||
{
|
||||
$user->getrights('facture');
|
||||
if ($user->rights->facture->lire || eregi('^specimen',$original_file))
|
||||
if ($user->rights->facture->lire || preg_match('/^specimen/i',$original_file))
|
||||
{
|
||||
$accessallowed=1;
|
||||
}
|
||||
@@ -133,7 +133,7 @@ if ($modulepart)
|
||||
if ($modulepart == 'unpaid')
|
||||
{
|
||||
$user->getrights('facture');
|
||||
if ($user->rights->facture->lire || eregi('^specimen',$original_file))
|
||||
if ($user->rights->facture->lire || preg_match('/^specimen/i',$original_file))
|
||||
{
|
||||
$accessallowed=1;
|
||||
}
|
||||
@@ -144,7 +144,7 @@ if ($modulepart)
|
||||
if ($modulepart == 'ficheinter')
|
||||
{
|
||||
$user->getrights('ficheinter');
|
||||
if ($user->rights->ficheinter->lire || eregi('^specimen',$original_file))
|
||||
if ($user->rights->ficheinter->lire || preg_match('/^specimen/i',$original_file))
|
||||
{
|
||||
$accessallowed=1;
|
||||
}
|
||||
@@ -156,7 +156,7 @@ if ($modulepart)
|
||||
if ($modulepart == 'prelevement')
|
||||
{
|
||||
$user->getrights('prelevement');
|
||||
if ($user->rights->prelevement->bons->lire || eregi('^specimen',$original_file))
|
||||
if ($user->rights->prelevement->bons->lire || preg_match('/^specimen/i',$original_file))
|
||||
{
|
||||
$accessallowed=1;
|
||||
}
|
||||
@@ -168,7 +168,7 @@ if ($modulepart)
|
||||
if ($modulepart == 'propal')
|
||||
{
|
||||
$user->getrights('propale');
|
||||
if ($user->rights->propale->lire || eregi('^specimen',$original_file))
|
||||
if ($user->rights->propale->lire || preg_match('/^specimen/i',$original_file))
|
||||
{
|
||||
$accessallowed=1;
|
||||
}
|
||||
@@ -180,7 +180,7 @@ if ($modulepart)
|
||||
if ($modulepart == 'commande')
|
||||
{
|
||||
$user->getrights('commande');
|
||||
if ($user->rights->commande->lire || eregi('^specimen',$original_file))
|
||||
if ($user->rights->commande->lire || preg_match('/^specimen/i',$original_file))
|
||||
{
|
||||
$accessallowed=1;
|
||||
}
|
||||
@@ -192,7 +192,7 @@ if ($modulepart)
|
||||
if ($modulepart == 'commande_fournisseur')
|
||||
{
|
||||
$user->getrights('fournisseur');
|
||||
if ($user->rights->fournisseur->commande->lire || eregi('^specimen',$original_file))
|
||||
if ($user->rights->fournisseur->commande->lire || preg_match('/^specimen/i',$original_file))
|
||||
{
|
||||
$accessallowed=1;
|
||||
}
|
||||
@@ -204,7 +204,7 @@ if ($modulepart)
|
||||
if ($modulepart == 'facture_fournisseur')
|
||||
{
|
||||
$user->getrights('fournisseur');
|
||||
if ($user->rights->fournisseur->facture->lire || eregi('^specimen',$original_file))
|
||||
if ($user->rights->fournisseur->facture->lire || preg_match('/^specimen/i',$original_file))
|
||||
{
|
||||
$accessallowed=1;
|
||||
}
|
||||
@@ -216,7 +216,7 @@ if ($modulepart)
|
||||
if ($modulepart == 'facture_paiement')
|
||||
{
|
||||
$user->getrights('facture');
|
||||
if ($user->rights->facture->lire || eregi('^specimen',$original_file))
|
||||
if ($user->rights->facture->lire || preg_match('/^specimen/i',$original_file))
|
||||
{
|
||||
$accessallowed=1;
|
||||
}
|
||||
@@ -229,7 +229,7 @@ if ($modulepart)
|
||||
if ($modulepart == 'export_compta')
|
||||
{
|
||||
$user->getrights('compta');
|
||||
if ($user->rights->compta->ventilation->creer || eregi('^specimen',$original_file))
|
||||
if ($user->rights->compta->ventilation->creer || preg_match('/^specimen/i',$original_file))
|
||||
{
|
||||
$accessallowed=1;
|
||||
}
|
||||
@@ -240,7 +240,7 @@ if ($modulepart)
|
||||
if ($modulepart == 'societe')
|
||||
{
|
||||
$user->getrights('societe');
|
||||
if ($user->rights->societe->lire || eregi('^specimen',$original_file))
|
||||
if ($user->rights->societe->lire || preg_match('/^specimen/i',$original_file))
|
||||
{
|
||||
$accessallowed=1;
|
||||
}
|
||||
@@ -252,7 +252,7 @@ if ($modulepart)
|
||||
if ($modulepart == 'expedition')
|
||||
{
|
||||
$user->getrights('expedition');
|
||||
if ($user->rights->expedition->lire || eregi('^specimen',$original_file))
|
||||
if ($user->rights->expedition->lire || preg_match('/^specimen/i',$original_file))
|
||||
{
|
||||
$accessallowed=1;
|
||||
}
|
||||
@@ -264,7 +264,7 @@ if ($modulepart)
|
||||
if ($modulepart == 'livraison')
|
||||
{
|
||||
$user->getrights('expedition');
|
||||
if ($user->rights->expedition->livraison->lire || eregi('^specimen',$original_file))
|
||||
if ($user->rights->expedition->livraison->lire || preg_match('/^specimen/i',$original_file))
|
||||
{
|
||||
$accessallowed=1;
|
||||
}
|
||||
@@ -276,7 +276,7 @@ if ($modulepart)
|
||||
if ($modulepart == 'telephonie')
|
||||
{
|
||||
$user->getrights('telephonie');
|
||||
if ($user->rights->telephonie->lire || eregi('^specimen',$original_file))
|
||||
if ($user->rights->telephonie->lire || preg_match('/^specimen/i',$original_file))
|
||||
{
|
||||
$accessallowed=1;
|
||||
}
|
||||
@@ -288,7 +288,7 @@ if ($modulepart)
|
||||
if ($modulepart == 'actions')
|
||||
{
|
||||
$user->getrights('agenda');
|
||||
if ($user->rights->agenda->myactions->read || eregi('^specimen',$original_file))
|
||||
if ($user->rights->agenda->myactions->read || preg_match('/^specimen/i',$original_file))
|
||||
{
|
||||
$accessallowed=1;
|
||||
}
|
||||
@@ -300,7 +300,7 @@ if ($modulepart)
|
||||
if ($modulepart == 'actionsreport')
|
||||
{
|
||||
$user->getrights('agenda');
|
||||
if ($user->rights->agenda->allactions->read || eregi('^specimen',$original_file))
|
||||
if ($user->rights->agenda->allactions->read || preg_match('/^specimen/i',$original_file))
|
||||
{
|
||||
$accessallowed=1;
|
||||
}
|
||||
@@ -313,7 +313,7 @@ if ($modulepart)
|
||||
{
|
||||
$user->getrights('produit');
|
||||
$user->getrights('service');
|
||||
if (($user->rights->produit->lire || $user->rights->service->lire) || eregi('^specimen',$original_file))
|
||||
if (($user->rights->produit->lire || $user->rights->service->lire) || preg_match('/^specimen/i',$original_file))
|
||||
{
|
||||
$accessallowed=1;
|
||||
}
|
||||
@@ -325,7 +325,7 @@ if ($modulepart)
|
||||
if ($modulepart == 'contract')
|
||||
{
|
||||
$user->getrights('contrat');
|
||||
if ($user->rights->contrat->lire || eregi('^specimen',$original_file))
|
||||
if ($user->rights->contrat->lire || preg_match('/^specimen/i',$original_file))
|
||||
{
|
||||
$accessallowed=1;
|
||||
}
|
||||
@@ -359,7 +359,7 @@ if ($modulepart)
|
||||
if ($modulepart == 'donation')
|
||||
{
|
||||
$user->getrights('don');
|
||||
if ($user->rights->don->lire || eregi('^specimen',$original_file))
|
||||
if ($user->rights->don->lire || preg_match('/^specimen/i',$original_file))
|
||||
{
|
||||
$accessallowed=1;
|
||||
}
|
||||
@@ -371,7 +371,7 @@ if ($modulepart)
|
||||
if ($modulepart == 'remisecheque')
|
||||
{
|
||||
$user->getrights('banque');
|
||||
if ($user->rights->banque->lire || eregi('^specimen',$original_file))
|
||||
if ($user->rights->banque->lire || preg_match('/^specimen/i',$original_file))
|
||||
{
|
||||
$accessallowed=1;
|
||||
}
|
||||
@@ -458,7 +458,7 @@ if (! $accessallowed)
|
||||
// Security:
|
||||
// On interdit les remontees de repertoire ainsi que les pipe dans
|
||||
// les noms de fichiers.
|
||||
if (eregi('\.\.',$original_file) || eregi('[<>|]',$original_file))
|
||||
if (preg_match('/\.\./',$original_file) || preg_match('/[<>|]/',$original_file))
|
||||
{
|
||||
dol_syslog("Refused to deliver file ".$original_file);
|
||||
// Do no show plain path in shown error message
|
||||
|
||||
@@ -1323,7 +1323,7 @@ class Facture extends CommonObject
|
||||
{
|
||||
$num = $force_number;
|
||||
}
|
||||
else if (eregi('^\(PROV', $this->ref) || eregi('^PROV', $this->ref))
|
||||
else if (preg_match('/^[\(]?PROV/i', $this->ref))
|
||||
{
|
||||
if ($conf->global->FAC_FORCE_DATE_VALIDATION) // If option enabled, we force invoice date
|
||||
{
|
||||
@@ -1358,10 +1358,10 @@ class Facture extends CommonObject
|
||||
$error++;
|
||||
}
|
||||
|
||||
// On v<EFBFBD>rifie si la facture <EFBFBD>tait une provisoire
|
||||
if (! $error && (eregi('^\(PROV', $this->ref) || eregi('^PROV', $this->ref)))
|
||||
// On verifie si la facture etait une provisoire
|
||||
if (! $error && (preg_match('/^[\(]?PROV/i', $this->ref)))
|
||||
{
|
||||
// La v<EFBFBD>rif qu'une remise n'est pas utilis<EFBFBD>e 2 fois est faite au moment de l'insertion de ligne
|
||||
// La verif qu'une remise n'est pas utilisee 2 fois est faite au moment de l'insertion de ligne
|
||||
}
|
||||
|
||||
if (! $error)
|
||||
@@ -1369,7 +1369,7 @@ class Facture extends CommonObject
|
||||
// Define third party as a customer
|
||||
$result=$this->client->set_as_client();
|
||||
|
||||
// Si activ<EFBFBD> on d<EFBFBD>cr<EFBFBD>mente le produit principal et ses composants <EFBFBD> la validation de facture
|
||||
// Si active on decremente le produit principal et ses composants a la validation de facture
|
||||
if ($result >= 0 && $conf->stock->enabled && $conf->global->STOCK_CALCULATE_ON_BILL)
|
||||
{
|
||||
require_once(DOL_DOCUMENT_ROOT."/product/stock/mouvementstock.class.php");
|
||||
@@ -1381,7 +1381,7 @@ class Facture extends CommonObject
|
||||
{
|
||||
$mouvP = new MouvementStock($this->db);
|
||||
// We decrease stock for product
|
||||
$entrepot_id = "1"; // TODO ajouter possibilit<EFBFBD> de choisir l'entrepot
|
||||
$entrepot_id = "1"; // TODO ajouter possibilite de choisir l'entrepot
|
||||
$result=$mouvP->livraison($user, $this->lignes[$i]->fk_product, $entrepot_id, $this->lignes[$i]->qty, $this->lignes[$i]->subprice);
|
||||
if ($result < 0) { $error++; }
|
||||
}
|
||||
@@ -1392,10 +1392,10 @@ class Facture extends CommonObject
|
||||
if (! $error)
|
||||
{
|
||||
// Rename directory if dir was a temporary ref
|
||||
if (eregi('^\(PROV', $this->ref) || eregi('^PROV', $this->ref))
|
||||
if (preg_match('/^[\(]?PROV/i', $this->ref))
|
||||
{
|
||||
// On renomme repertoire facture ($this->ref = ancienne ref, $num = nouvelle ref)
|
||||
// afin de ne pas perdre les fichiers attach<EFBFBD>s
|
||||
// afin de ne pas perdre les fichiers attaches
|
||||
$facref = dol_sanitizeFileName($this->ref);
|
||||
$snumfa = dol_sanitizeFileName($num);
|
||||
$dirsource = $conf->facture->dir_output.'/'.$facref;
|
||||
|
||||
@@ -532,7 +532,7 @@ if ($id > 0 || ! empty($ref))
|
||||
$commande->date_commande=gmmktime();
|
||||
|
||||
// We check if number is temporary number
|
||||
if (preg_match('/^\(PROV/i',$commande->ref)) $newref = $commande->getNextNumRef($soc);
|
||||
if (preg_match('/^[\(]?PROV/i',$commande->ref)) $newref = $commande->getNextNumRef($soc);
|
||||
else $newref = $commande->ref;
|
||||
|
||||
$text=$langs->trans('ConfirmValidateOrder',$newref);
|
||||
|
||||
@@ -246,7 +246,7 @@ class CommandeFournisseur extends Commande
|
||||
$soc->fetch($this->fourn_id);
|
||||
|
||||
// Check if object has a temporary ref
|
||||
if (preg_match('/^\(PROV/i', $this->ref))
|
||||
if (preg_match('/^[\(]?PROV/i', $this->ref))
|
||||
{
|
||||
$num = $this->getNextNumRef($soc);
|
||||
}
|
||||
|
||||
@@ -1412,7 +1412,7 @@ class Form
|
||||
if ($format == 1) print '<option value="'.$arraytypes['code'].'"';
|
||||
if ($format == 2) print '<option value="'.$arraytypes['code'].'"';
|
||||
// Si selected est text, on compare avec code, sinon avec id
|
||||
if (eregi('[a-z]', $selected) && $selected == $arraytypes['code']) print ' selected="true"';
|
||||
if (preg_match('/[a-z]/i', $selected) && $selected == $arraytypes['code']) print ' selected="true"';
|
||||
elseif ($selected == $id) print ' selected="true"';
|
||||
print '>';
|
||||
if ($format == 0) $value=$arraytypes['label'];
|
||||
@@ -2256,8 +2256,8 @@ class Form
|
||||
|
||||
if (! $set_time && $empty == 0) $set_time = time();
|
||||
|
||||
// Analyse de la date de pr<EFBFBD>-selection
|
||||
if (eregi('^([0-9]+)\-([0-9]+)\-([0-9]+)\s?([0-9]+)?:?([0-9]+)?',$set_time,$reg))
|
||||
// Analyse de la date de pre-selection
|
||||
if (preg_match('/^([0-9]+)\-([0-9]+)\-([0-9]+)\s?([0-9]+)?:?([0-9]+)?/',$set_time,$reg))
|
||||
{
|
||||
// Date au format 'YYYY-MM-DD' ou 'YYYY-MM-DD HH:MM:SS'
|
||||
$syear = $reg[1];
|
||||
|
||||
@@ -72,8 +72,8 @@ class FormFile
|
||||
|
||||
$max=$conf->global->MAIN_UPLOAD_DOC; // En Kb
|
||||
$maxphp=@ini_get('upload_max_filesize'); // En inconnu
|
||||
if (eregi('m$',$maxphp)) $maxphp=$maxphp*1024;
|
||||
if (eregi('k$',$maxphp)) $maxphp=$maxphp;
|
||||
if (preg_match('/m$/i',$maxphp)) $maxphp=$maxphp*1024;
|
||||
if (preg_match('/k$/i',$maxphp)) $maxphp=$maxphp;
|
||||
// Now $max and $maxphp are in Kb
|
||||
if ($maxphp > 0) $max=min($max,$maxphp);
|
||||
|
||||
@@ -446,7 +446,7 @@ class FormFile
|
||||
&& $file['name'] != '.'
|
||||
&& $file['name'] != '..'
|
||||
&& $file['name'] != 'CVS'
|
||||
&& ! eregi('\.meta$',$file['name']))
|
||||
&& ! preg_math('/\.meta$/i',$file['name']))
|
||||
{
|
||||
// Define relative path used to store the file
|
||||
if (! $relativepath)
|
||||
|
||||
@@ -585,7 +585,7 @@ if (sizeof($boxarray))
|
||||
$ii=0;
|
||||
foreach ($boxarray as $key => $box)
|
||||
{
|
||||
if (eregi('^A',$box->box_order)) // colonne A
|
||||
if (preg_match('/^A/i',$box->box_order)) // colonne A
|
||||
{
|
||||
$ii++;
|
||||
//print 'box_id '.$boxarray[$ii]->box_id.' ';
|
||||
@@ -620,7 +620,7 @@ if (sizeof($boxarray))
|
||||
$ii=0;
|
||||
foreach ($boxarray as $key => $box)
|
||||
{
|
||||
if (eregi('^B',$box->box_order)) // colonne B
|
||||
if (preg_match('/^B/i',$box->box_order)) // colonne B
|
||||
{
|
||||
$ii++;
|
||||
//print 'box_id '.$boxarray[$ii]->box_id.' ';
|
||||
|
||||
@@ -69,7 +69,7 @@ class Interfaces
|
||||
|
||||
while (($file = readdir($handle))!==false)
|
||||
{
|
||||
if (is_readable($this->dir."/".$file) && eregi('^interface_([^_]+)_(.+)\.class\.php$',$file,$reg))
|
||||
if (is_readable($this->dir."/".$file) && preg_match('/^interface_([^_]+)_(.+)\.class\.php$/i',$file,$reg))
|
||||
{
|
||||
$nbfile++;
|
||||
|
||||
|
||||
@@ -927,7 +927,7 @@ function version_os()
|
||||
phpinfo();
|
||||
$chaine = ob_get_contents();
|
||||
ob_end_clean();
|
||||
preg_match('/System </td><td class="v">([^<]*)</td>/i',$chaine,$reg);
|
||||
preg_match('/System <\/td><td class="v">([^<]*)<\/td>/i',$chaine,$reg);
|
||||
$osversion=$reg[1];
|
||||
return $osversion;
|
||||
}
|
||||
|
||||
@@ -67,12 +67,12 @@ if (function_exists('get_magic_quotes_gpc')) // magic_quotes_* removed in PHP6
|
||||
function test_sql_and_script_inject($val)
|
||||
{
|
||||
$sql_inj = 0;
|
||||
$sql_inj += eregi('delete[[:space:]]+from', $val);
|
||||
$sql_inj += eregi('create[[:space:]]+table', $val);
|
||||
$sql_inj += eregi('update.+set.+=', $val);
|
||||
$sql_inj += eregi('insert[[:space:]]+into', $val);
|
||||
$sql_inj += eregi('select.+from', $val);
|
||||
$sql_inj += eregi('<script', $val);
|
||||
$sql_inj += preg_match('/delete[\s]+from/i', $val);
|
||||
$sql_inj += preg_match('/create[\s]+table/i', $val);
|
||||
$sql_inj += preg_match('/update(.)+set(.)+=/i', $val);
|
||||
$sql_inj += preg_match('/insert[\s]+into/i', $val);
|
||||
$sql_inj += preg_match('/select(.)+from/i', $val);
|
||||
$sql_inj += preg_match('/<script/i', $val);
|
||||
return $sql_inj;
|
||||
}
|
||||
function analyse_sql_and_script(&$var)
|
||||
@@ -112,7 +112,7 @@ analyse_sql_and_script($_POST);
|
||||
|
||||
// Security: CSRF protection
|
||||
// The test to do is to check if referrer ($_SERVER['HTTP_REFERER']) is same web site than Dolibarr ($_SERVER['HTTP_HOST']).
|
||||
if (! defined('NOCSRFCHECK') && ! empty($_SERVER['HTTP_HOST']) && ! empty($_SERVER['HTTP_REFERER']) && ! eregi($_SERVER['HTTP_HOST'], $_SERVER['HTTP_REFERER']))
|
||||
if (! defined('NOCSRFCHECK') && ! empty($_SERVER['HTTP_HOST']) && ! empty($_SERVER['HTTP_REFERER']) && ! preg_match('/'.preg_quote($_SERVER['HTTP_HOST'],'/').'/i', $_SERVER['HTTP_REFERER']))
|
||||
{
|
||||
//print 'HTTP_POST='.$_SERVER['HTTP_HOST'].' HTTP_REFERER='.$_SERVER['HTTP_REFERER'];
|
||||
print 'Access refused by CSRF protection in main.inc.php.';
|
||||
@@ -1091,7 +1091,7 @@ function left_menu($menu_array, $helppagename='', $moresearchform='')
|
||||
*/
|
||||
function getHelpParamFor($helppagename,$langs)
|
||||
{
|
||||
if (eregi('^http',$helppagename))
|
||||
if (preg_match('/^http/i',$helppagename))
|
||||
{
|
||||
// If complete URL
|
||||
$helpbaseurl='%s';
|
||||
@@ -1101,20 +1101,20 @@ function getHelpParamFor($helppagename,$langs)
|
||||
else
|
||||
{
|
||||
// If WIKI URL
|
||||
if (eregi('^es',$langs->defaultlang))
|
||||
if (preg_match('/^es/i',$langs->defaultlang))
|
||||
{
|
||||
$helpbaseurl='http://wiki.dolibarr.org/index.php/%s';
|
||||
if (eregi('ES:([^|]+)',$helppagename,$reg)) $helppage=$reg[1];
|
||||
if (preg_match('/ES:([^|]+)/i',$helppagename,$reg)) $helppage=$reg[1];
|
||||
}
|
||||
if (eregi('^fr',$langs->defaultlang))
|
||||
if (preg_match('/^fr/i',$langs->defaultlang))
|
||||
{
|
||||
$helpbaseurl='http://wiki.dolibarr.org/index.php/%s';
|
||||
if (eregi('FR:([^|]+)',$helppagename,$reg)) $helppage=$reg[1];
|
||||
if (preg_match('/FR:([^|]+)/i',$helppagename,$reg)) $helppage=$reg[1];
|
||||
}
|
||||
if (empty($helppage)) // If help page not already found
|
||||
{
|
||||
$helpbaseurl='http://wiki.dolibarr.org/index.php/%s';
|
||||
if (eregi('EN:([^|]+)',$helppagename,$reg)) $helppage=$reg[1];
|
||||
if (preg_match('/EN:([^|]+)/i',$helppagename,$reg)) $helppage=$reg[1];
|
||||
}
|
||||
$mode='wiki';
|
||||
}
|
||||
|
||||
@@ -191,22 +191,22 @@ define('MAIN_DB_PREFIX',$dolibarr_main_db_prefix);
|
||||
if (isset($_SERVER["HTTP_USER_AGENT"]))
|
||||
{
|
||||
// Name
|
||||
if (eregi('firefox',$_SERVER["HTTP_USER_AGENT"])) $conf->browser->name='firefox';
|
||||
elseif (eregi('iceweasel',$_SERVER["HTTP_USER_AGENT"])) $conf->browser->name='iceweasel';
|
||||
elseif (eregi('safari',$_SERVER["HTTP_USER_AGENT"])) $conf->browser->name='safari';
|
||||
elseif (eregi('chrome',$_SERVER["HTTP_USER_AGENT"])) $conf->browser->name='chrome';
|
||||
elseif (eregi('opera',$_SERVER["HTTP_USER_AGENT"])) $conf->browser->name='opera';
|
||||
elseif (eregi('msie',$_SERVER["HTTP_USER_AGENT"])) $conf->browser->name='ie';
|
||||
if (preg_match('/firefox/i',$_SERVER["HTTP_USER_AGENT"])) $conf->browser->name='firefox';
|
||||
elseif (preg_match('/iceweasel/i',$_SERVER["HTTP_USER_AGENT"])) $conf->browser->name='iceweasel';
|
||||
elseif (preg_match('/safari/i',$_SERVER["HTTP_USER_AGENT"])) $conf->browser->name='safari';
|
||||
elseif (preg_match('/chrome/i',$_SERVER["HTTP_USER_AGENT"])) $conf->browser->name='chrome';
|
||||
elseif (preg_match('/opera/i',$_SERVER["HTTP_USER_AGENT"])) $conf->browser->name='opera';
|
||||
elseif (preg_match('/msie/i',$_SERVER["HTTP_USER_AGENT"])) $conf->browser->name='ie';
|
||||
else $conf->browser->name='unknown';
|
||||
// If phone/smartphone, we set osname.
|
||||
if (eregi('android',$_SERVER["HTTP_USER_AGENT"])) $conf->browser->phone='android';
|
||||
elseif (eregi('blackberry',$_SERVER["HTTP_USER_AGENT"])) $conf->browser->phone='blackberry';
|
||||
elseif (eregi('iphone',$_SERVER["HTTP_USER_AGENT"])) $conf->browser->phone='iphone';
|
||||
elseif (eregi('palm',$_SERVER["HTTP_USER_AGENT"])) $conf->browser->phone='palm';
|
||||
elseif (eregi('symbian',$_SERVER["HTTP_USER_AGENT"])) $conf->browser->phone='symbian';
|
||||
elseif (eregi('webos',$_SERVER["HTTP_USER_AGENT"])) $conf->browser->phone='webos';
|
||||
elseif (eregi('iemobile',$_SERVER["HTTP_USER_AGENT"])) $conf->browser->phone='windowsmobile';
|
||||
elseif (eregi('windows ce',$_SERVER["HTTP_USER_AGENT"])) $conf->browser->phone='windowsmobile';
|
||||
if (preg_match('/android/i',$_SERVER["HTTP_USER_AGENT"])) $conf->browser->phone='android';
|
||||
elseif (preg_match('/blackberry/i',$_SERVER["HTTP_USER_AGENT"])) $conf->browser->phone='blackberry';
|
||||
elseif (preg_match('/iphone/i',$_SERVER["HTTP_USER_AGENT"])) $conf->browser->phone='iphone';
|
||||
elseif (preg_match('/palm/i',$_SERVER["HTTP_USER_AGENT"])) $conf->browser->phone='palm';
|
||||
elseif (preg_match('/symbian/i',$_SERVER["HTTP_USER_AGENT"])) $conf->browser->phone='symbian';
|
||||
elseif (preg_match('/webos/i',$_SERVER["HTTP_USER_AGENT"])) $conf->browser->phone='webos';
|
||||
elseif (preg_match('/iemobile/i',$_SERVER["HTTP_USER_AGENT"])) $conf->browser->phone='windowsmobile';
|
||||
elseif (preg_match('/windows ce/i',$_SERVER["HTTP_USER_AGENT"])) $conf->browser->phone='windowsmobile';
|
||||
// Other
|
||||
if (in_array($conf->browser->name,array('firefox','iceweasel'))) $conf->browser->firefox=1;
|
||||
}
|
||||
|
||||
@@ -209,7 +209,7 @@ class Translate {
|
||||
{
|
||||
// If $domain is @xxx instead of xxx then we look for module lang file htdocs/xxx/langs/code_CODE/xxx.lang
|
||||
// instead of global lang file htdocs/langs/code_CODE/xxx.lang
|
||||
if (eregi('@',$domain)) $searchdir=$searchdir ."/".$newdomain."/langs";
|
||||
if (preg_match('/@/',$domain)) $searchdir=$searchdir ."/".$newdomain."/langs";
|
||||
else $searchdir=$searchdir."/langs";
|
||||
|
||||
// Directory of translation files
|
||||
@@ -303,8 +303,8 @@ class Translate {
|
||||
// This function MUST NOT contains call to syslog
|
||||
//dol_syslog("Translate::Load loading alternate translation file (to complete ".$this->defaultlang."/".$newdomain.".lang file)", LOG_DEBUG);
|
||||
$langofdir='en_US';
|
||||
if (eregi('^fr',$langarray[0])) $langofdir='fr_FR';
|
||||
if (eregi('^es',$langarray[0])) $langofdir='es_ES';
|
||||
if (preg_match('/^fr/i',$langarray[0])) $langofdir='fr_FR';
|
||||
if (preg_match('/^es/i',$langarray[0])) $langofdir='es_ES';
|
||||
$this->load($domain,$alt+1,$stopafterdirection,$langofdir);
|
||||
}
|
||||
|
||||
@@ -368,18 +368,18 @@ class Translate {
|
||||
{
|
||||
global $db;
|
||||
$newstr=$key;
|
||||
if (eregi('CurrencyShort([A-Z]+)$',$key,$reg))
|
||||
if (preg_match('/CurrencyShort([A-Z]+)$/i',$key,$reg))
|
||||
{
|
||||
global $db;
|
||||
//$newstr=$this->getLabelFromKey($db,$reg[1],'c_currencies','code_iso','labelshort');
|
||||
$newstr=$this->getLabelFromKey($db,$reg[1],'c_currencies','code_iso','code');
|
||||
}
|
||||
else if (eregi('Currency([A-Z]+)$',$key,$reg))
|
||||
else if (preg_match('/Currency([A-Z]+)$/i',$key,$reg))
|
||||
{
|
||||
global $db;
|
||||
$newstr=$this->getLabelFromKey($db,$reg[1],'c_currencies','code_iso','label');
|
||||
}
|
||||
else if (eregi('SendingMethod([0-9A-Z]+)$',$key,$reg))
|
||||
else if (preg_match('/SendingMethod([0-9A-Z]+)$/i',$key,$reg))
|
||||
{
|
||||
global $db;
|
||||
$newstr=$this->getLabelFromKey($db,$reg[1],'expedition_methode','code','libelle');
|
||||
@@ -539,7 +539,7 @@ class Translate {
|
||||
$langs_available=array();
|
||||
while ($file = trim(readdir($handle)))
|
||||
{
|
||||
if (eregi('^[a-z]+_[A-Z]+',$file))
|
||||
if (preg_match('/^[a-z]+_[A-Z]+/i',$file))
|
||||
{
|
||||
array_push($langs_available,$file);
|
||||
}
|
||||
|
||||
@@ -205,7 +205,7 @@ if ($modulepart)
|
||||
}
|
||||
|
||||
// Wrapping pour les images des stats produits
|
||||
elseif (eregi('^productstats_',$modulepart))
|
||||
elseif (preg_match('/^productstats_/i',$modulepart))
|
||||
{
|
||||
$user->getrights('produit');
|
||||
if ($user->rights->produit->lire || $user->rights->service->lire)
|
||||
@@ -342,7 +342,7 @@ if (! $accessallowed)
|
||||
// Security:
|
||||
// On interdit les remontees de repertoire ainsi que les pipe dans
|
||||
// les noms de fichiers.
|
||||
if (eregi('\.\.',$original_file) || eregi('[<>|]',$original_file))
|
||||
if (preg_match('/\.\./',$original_file) || preg_match('/[<>|]/',$original_file))
|
||||
{
|
||||
$langs->load("main");
|
||||
dol_syslog("Refused to deliver file ".$original_file);
|
||||
|
||||
Reference in New Issue
Block a user