diff --git a/htdocs/install/lib/repair.lib.php b/htdocs/install/lib/repair.lib.php
index 19b91bb0a26..1a05dad1b77 100644
--- a/htdocs/install/lib/repair.lib.php
+++ b/htdocs/install/lib/repair.lib.php
@@ -130,7 +130,7 @@ function clean_data_ecm_directories()
$newlabel = dol_sanitizeFileName($label);
if ($label != $newlabel)
{
- $sqlupdate = "UPDATE ".MAIN_DB_PREFIX."ecm_directories set label='".$newlabel."' WHERE rowid=".$id;
+ $sqlupdate = "UPDATE ".MAIN_DB_PREFIX."ecm_directories set label='".$db->escape($newlabel)."' WHERE rowid=".$id;
print '| '.$sqlupdate." |
\n";
$resqlupdate = $db->query($sqlupdate);
if (!$resqlupdate) dol_print_error($db, 'Failed to update');
diff --git a/htdocs/install/repair.php b/htdocs/install/repair.php
index b4fe656bbac..e8965adedb3 100644
--- a/htdocs/install/repair.php
+++ b/htdocs/install/repair.php
@@ -30,7 +30,6 @@ include_once $dolibarr_main_document_root.'/core/lib/images.lib.php';
require_once $dolibarr_main_document_root.'/core/class/extrafields.class.php';
require_once 'lib/repair.lib.php';
-$grant_query = '';
$step = 2;
$ok = 0;
@@ -445,8 +444,8 @@ if ($ok && GETPOST('standard', 'alpha'))
if ($obj2 && $obj2->nb == 0)
{
// Module not found, so we canremove entry
- $sqldeletea = "DELETE FROM ".MAIN_DB_PREFIX."boxes WHERE entity = ".$obj->entity." AND box_id IN (SELECT rowid FROM ".MAIN_DB_PREFIX."boxes_def WHERE file = '".$obj->file."' AND entity = ".$obj->entity.")";
- $sqldeleteb = "DELETE FROM ".MAIN_DB_PREFIX."boxes_def WHERE file = '".$obj->file."' AND entity = ".$obj->entity;
+ $sqldeletea = "DELETE FROM ".MAIN_DB_PREFIX."boxes WHERE entity = ".$obj->entity." AND box_id IN (SELECT rowid FROM ".MAIN_DB_PREFIX."boxes_def WHERE file = '".$db->escape($obj->file)."' AND entity = ".$obj->entity.")";
+ $sqldeleteb = "DELETE FROM ".MAIN_DB_PREFIX."boxes_def WHERE file = '".$db->escape($obj->file)."' AND entity = ".$obj->entity;
if (GETPOST('standard', 'alpha') == 'confirmed')
{
@@ -782,7 +781,7 @@ if ($ok && GETPOST('clean_menus', 'alpha'))
print ' - Module condition '.$modulecond.' seems ko, we delete menu entry.';
if (GETPOST('clean_menus') == 'confirmed')
{
- $sql2 = "DELETE FROM ".MAIN_DB_PREFIX."menu WHERE module = '".$modulecond."'";
+ $sql2 = "DELETE FROM ".MAIN_DB_PREFIX."menu WHERE module = '".$db->escape($modulecond)."'";
$resql2 = $db->query($sql2);
if (!$resql2)
{
diff --git a/htdocs/install/upgrade2.php b/htdocs/install/upgrade2.php
index 90ac30058e0..6c154ca062a 100644
--- a/htdocs/install/upgrade2.php
+++ b/htdocs/install/upgrade2.php
@@ -978,11 +978,11 @@ function migrate_contracts_det($db, $langs, $conf)
$sql .= $obj->cref.", ".($obj->fk_product ? $obj->fk_product : 0).", ";
$sql .= "0, ";
$sql .= "'".$db->escape($obj->label)."', null, ";
- $sql .= ($obj->date_contrat ? "'".$obj->date_contrat."'" : "null").", ";
+ $sql .= ($obj->date_contrat ? "'".$db->escape($obj->date_contrat)."'" : "null").", ";
$sql .= "null, ";
$sql .= "null, ";
- $sql .= "'".$obj->tva_tx."' , 1, ";
- $sql .= "'".$obj->price."', '".$obj->price."', ".$obj->fk_user_author.",";
+ $sql .= "'".$db->escape($obj->tva_tx)."' , 1, ";
+ $sql .= "'".$db->escape($obj->price)."', '".$db->escape($obj->price)."', ".$obj->fk_user_author.",";
$sql .= "null";
$sql .= ")";
@@ -1171,9 +1171,11 @@ function migrate_contracts_date2($db, $langs, $conf)
$obj = $db->fetch_object($resql);
if ($obj->date_contrat > $obj->datemin)
{
+ $datemin = $db->jdate($obj->datemin);
+
print $langs->trans('MigrationContractsInvalidDateFix', $obj->cref, $obj->date_contrat, $obj->datemin)."
\n";
$sql = "UPDATE ".MAIN_DB_PREFIX."contrat";
- $sql .= " SET date_contrat='".$obj->datemin."'";
+ $sql .= " SET date_contrat='".$db->idate($datemin)."'";
$sql .= " WHERE rowid=".$obj->cref;
$resql2 = $db->query($sql);
if (!$resql2) dol_print_error($db);
@@ -2088,9 +2090,11 @@ function migrate_commande_livraison($db, $langs, $conf)
if ($resql2)
{
+ $date_livraison = $db->jdate($obj->date_livraison);
+
$sqlu = "UPDATE ".MAIN_DB_PREFIX."livraison SET";
- $sqlu .= " ref_client='".$obj->ref_client."'";
- $sqlu .= ", date_livraison='".$obj->date_livraison."'";
+ $sqlu .= " ref_client='".$db->escape($obj->ref_client)."'";
+ $sqlu .= ", date_livraison='".$db->idate($date_livraison)."'";
$sqlu .= " WHERE rowid = ".$obj->rowid;
$resql3 = $db->query($sqlu);
if (!$resql3)
@@ -2172,8 +2176,8 @@ function migrate_detail_livraison($db, $langs, $conf)
$sql = "UPDATE ".MAIN_DB_PREFIX."livraisondet SET";
$sql .= " fk_product=".$obj->fk_product;
$sql .= ",description='".$db->escape($obj->description)."'";
- $sql .= ",subprice='".$obj->subprice."'";
- $sql .= ",total_ht='".$obj->total_ht."'";
+ $sql .= ",subprice='".$db->escape($obj->subprice)."'";
+ $sql .= ",total_ht='".$db->escape($obj->total_ht)."'";
$sql .= " WHERE fk_commande_ligne = ".$obj->rowid;
$resql2 = $db->query($sql);
@@ -2190,7 +2194,7 @@ function migrate_detail_livraison($db, $langs, $conf)
$total_ht = $obju->total_ht + $obj->total_ht;
$sqlu = "UPDATE ".MAIN_DB_PREFIX."livraison SET";
- $sqlu .= " total_ht='".$total_ht."'";
+ $sqlu .= " total_ht='".$db->escape($total_ht)."'";
$sqlu .= " WHERE rowid=".$obj->fk_livraison;
$resql4 = $db->query($sqlu);
if (!$resql4)
@@ -2274,7 +2278,7 @@ function migrate_stocks($db, $langs, $conf)
$obj = $db->fetch_object($resql);
$sql = "UPDATE ".MAIN_DB_PREFIX."product SET";
- $sql .= " stock = '".$obj->total."'";
+ $sql .= " stock = '".$db->escape($obj->total)."'";
$sql .= " WHERE rowid=".$obj->fk_product;
$resql2 = $db->query($sql);
@@ -2343,7 +2347,7 @@ function migrate_menus($db, $langs, $conf)
$obj = $db->fetch_object($resql);
$sql = "UPDATE ".MAIN_DB_PREFIX."menu SET";
- $sql .= " enabled = '".$obj->action."'";
+ $sql .= " enabled = '".$db->escape($obj->action)."'";
$sql .= " WHERE rowid=".$obj->rowid;
$sql .= " AND enabled = '1'";
@@ -2419,7 +2423,7 @@ function migrate_commande_deliveryaddress($db, $langs, $conf)
$obj = $db->fetch_object($resql);
$sql = "UPDATE ".MAIN_DB_PREFIX."expedition SET";
- $sql .= " fk_adresse_livraison = '".$obj->fk_adresse_livraison."'";
+ $sql .= " fk_adresse_livraison = '".$db->escape($obj->fk_adresse_livraison)."'";
$sql .= " WHERE rowid=".$obj->fk_expedition;
$resql2 = $db->query($sql);
@@ -2508,7 +2512,7 @@ function migrate_restore_missing_links($db, $langs, $conf)
print 'Line '.$obj->rowid.' in '.$table1.' is linked to record '.$obj->field.' in '.$table2.' that has no link to '.$table1.'. We fix this.
';
$sql = "UPDATE ".MAIN_DB_PREFIX.$table2." SET";
- $sql .= " ".$field2." = '".$obj->rowid."'";
+ $sql .= " ".$field2." = '".$db->escape($obj->rowid)."'";
$sql .= " WHERE rowid=".$obj->field;
$resql2 = $db->query($sql);
@@ -2568,7 +2572,7 @@ function migrate_restore_missing_links($db, $langs, $conf)
print 'Line '.$obj->rowid.' in '.$table1.' is linked to record '.$obj->field.' in '.$table2.' that has no link to '.$table1.'. We fix this.
';
$sql = "UPDATE ".MAIN_DB_PREFIX.$table2." SET";
- $sql .= " ".$field2." = '".$obj->rowid."'";
+ $sql .= " ".$field2." = '".$db->escape($obj->rowid)."'";
$sql .= " WHERE rowid=".$obj->field;
$resql2 = $db->query($sql);
@@ -2821,9 +2825,9 @@ function migrate_relationship_tables($db, $langs, $conf, $table, $fk_source, $so
$sqlInsert .= ", targettype";
$sqlInsert .= ") VALUES (";
$sqlInsert .= $obj->$fk_source;
- $sqlInsert .= ", '".$sourcetype."'";
+ $sqlInsert .= ", '".$db->escape($sourcetype)."'";
$sqlInsert .= ", ".$obj->$fk_target;
- $sqlInsert .= ", '".$targettype."'";
+ $sqlInsert .= ", '".$db->escape($targettype)."'";
$sqlInsert .= ")";
$result = $db->query($sqlInsert);
@@ -3023,8 +3027,8 @@ function migrate_customerorder_shipping($db, $langs, $conf)
$obj = $db->fetch_object($resql);
$sqlUpdate = "UPDATE ".MAIN_DB_PREFIX."expedition SET";
- $sqlUpdate .= " ref_customer = '".$obj->ref_client."'";
- $sqlUpdate .= ", date_delivery = '".($obj->date_livraison ? $obj->date_livraison : 'null')."'";
+ $sqlUpdate .= " ref_customer = '".$db->escape($obj->ref_client)."'";
+ $sqlUpdate .= ", date_delivery = '".$db->escape($obj->date_livraison ? $obj->date_livraison : 'null')."'";
$sqlUpdate .= " WHERE rowid = ".$obj->shipping_id;
$result = $db->query($sqlUpdate);
@@ -3210,8 +3214,8 @@ function migrate_shipping_delivery2($db, $langs, $conf)
$obj = $db->fetch_object($resql);
$sqlUpdate = "UPDATE ".MAIN_DB_PREFIX."livraison SET";
- $sqlUpdate .= " ref_customer = '".$obj->ref_customer."',";
- $sqlUpdate .= " date_delivery = ".($obj->date_delivery ? "'".$obj->date_delivery."'" : 'null');
+ $sqlUpdate .= " ref_customer = '".$db->escape($obj->ref_customer)."',";
+ $sqlUpdate .= " date_delivery = ".($obj->date_delivery ? "'".$db->escape($obj->date_delivery)."'" : 'null');
$sqlUpdate .= " WHERE rowid = ".$obj->delivery_id;
$result = $db->query($sqlUpdate);
@@ -3277,7 +3281,7 @@ function migrate_actioncomm_element($db, $langs, $conf)
$db->begin();
$sql = "UPDATE ".MAIN_DB_PREFIX."actioncomm SET ";
- $sql .= "fk_element = ".$field.", elementtype = '".$type."'";
+ $sql .= "fk_element = ".$field.", elementtype = '".$db->escape($type)."'";
$sql .= " WHERE ".$field." IS NOT NULL";
$sql .= " AND fk_element IS NULL";
$sql .= " AND elementtype IS NULL";
@@ -3336,7 +3340,7 @@ function migrate_mode_reglement($db, $langs, $conf)
$sqlSelect = "SELECT id";
$sqlSelect .= " FROM ".MAIN_DB_PREFIX."c_paiement";
$sqlSelect .= " WHERE id = ".$old_id;
- $sqlSelect .= " AND code = '".$elements['code'][$key]."'";
+ $sqlSelect .= " AND code = '".$db->escape($elements['code'][$key])."'";
$resql = $db->query($sqlSelect);
if ($resql)
@@ -3351,13 +3355,13 @@ function migrate_mode_reglement($db, $langs, $conf)
$sqla = "UPDATE ".MAIN_DB_PREFIX."paiement SET ";
$sqla .= "fk_paiement = ".$elements['new_id'][$key];
$sqla .= " WHERE fk_paiement = ".$old_id;
- $sqla .= " AND fk_paiement IN (SELECT id FROM ".MAIN_DB_PREFIX."c_paiement WHERE id = ".$old_id." AND code = '".$elements['code'][$key]."')";
+ $sqla .= " AND fk_paiement IN (SELECT id FROM ".MAIN_DB_PREFIX."c_paiement WHERE id = ".$old_id." AND code = '".$db->escape($elements['code'][$key])."')";
$resqla = $db->query($sqla);
$sql = "UPDATE ".MAIN_DB_PREFIX."c_paiement SET ";
$sql .= "id = ".$elements['new_id'][$key];
$sql .= " WHERE id = ".$old_id;
- $sql .= " AND code = '".$elements['code'][$key]."'";
+ $sql .= " AND code = '".$db->escape($elements['code'][$key])."'";
$resql = $db->query($sql);
if ($resqla && $resql)
diff --git a/htdocs/webservices/server_user.php b/htdocs/webservices/server_user.php
index bc43c4ab6d4..000bad4b563 100644
--- a/htdocs/webservices/server_user.php
+++ b/htdocs/webservices/server_user.php
@@ -540,7 +540,7 @@ function createUserFromThirdparty($authentication, $thirdpartywithuser)
$sql = "SELECT rowid";
$sql .= " FROM ".MAIN_DB_PREFIX."c_country";
$sql .= " WHERE active = 1";
- $sql .= " AND code='".$thirdparty->country_code."'";
+ $sql .= " AND code='".$db->escape($thirdparty->country_code)."'";
$resql = $db->query($sql);
if ($resql)
diff --git a/htdocs/website/class/websitepage.class.php b/htdocs/website/class/websitepage.class.php
index 2ed4b9a75a3..b5e29e04176 100644
--- a/htdocs/website/class/websitepage.class.php
+++ b/htdocs/website/class/websitepage.class.php
@@ -382,9 +382,9 @@ class WebsitePage extends CommonObject
if (count($filter) > 0) {
foreach ($filter as $key => $value) {
if ($key == 't.rowid' || $key == 't.fk_website' || $key == 'status') {
- $sqlwhere[] = $key.'='.$value;
+ $sqlwhere[] = $key.' = '.$value;
} elseif ($key == 'type_container') {
- $sqlwhere[] = $key."='".$value."'";
+ $sqlwhere[] = $key." = '".$this->db->escape($value)."'";
} elseif ($key == 'lang' || $key == 't.lang') {
$listoflang = array();
$foundnull = 0;
diff --git a/test/phpunit/CodingPhpTest.php b/test/phpunit/CodingPhpTest.php
index 60ba1ae4bbe..00af206c552 100644
--- a/test/phpunit/CodingPhpTest.php
+++ b/test/phpunit/CodingPhpTest.php
@@ -152,7 +152,7 @@ class CodingPhpTest extends PHPUnit\Framework\TestCase
$db=$this->savdb;
include_once DOL_DOCUMENT_ROOT.'/core/lib/files.lib.php';
- $filesarray = dol_dir_list(DOL_DOCUMENT_ROOT.'/core', 'files', 1, '\.php', null, 'fullname');
+ $filesarray = dol_dir_list(DOL_DOCUMENT_ROOT.'/bom', 'files', 1, '\.php', null, 'fullname');
//$filesarray = dol_dir_list(DOL_DOCUMENT_ROOT, 'files', 1, '\.php', null, 'fullname');
foreach ($filesarray as $key => $file)