mirror of
https://github.com/Dolibarr/dolibarr.git
synced 2025-12-07 01:58:09 +01:00
War against $_POST
This commit is contained in:
Laurent Destailleur
@@ -49,8 +49,8 @@ $boxes = array();
|
||||
*/
|
||||
|
||||
if ($action == 'addconst') {
|
||||
dolibarr_set_const($db, "MAIN_BOXES_MAXLINES", $_POST["MAIN_BOXES_MAXLINES"], '', 0, '', $conf->entity);
|
||||
dolibarr_set_const($db, "MAIN_ACTIVATE_FILECACHE", $_POST["MAIN_ACTIVATE_FILECACHE"], 'chaine', 0, '', $conf->entity);
|
||||
dolibarr_set_const($db, "MAIN_BOXES_MAXLINES", GETPOST("MAIN_BOXES_MAXLINES", 'int'), '', 0, '', $conf->entity);
|
||||
dolibarr_set_const($db, "MAIN_ACTIVATE_FILECACHE", GETPOST("MAIN_ACTIVATE_FILECACHE", 'alpha'), 'chaine', 0, '', $conf->entity);
|
||||
}
|
||||
|
||||
if ($action == 'add') {
|
||||
|
||||
@@ -211,7 +211,7 @@ if (($action == 'update' && !GETPOST("cancel", 'alpha'))
|
||||
dolibarr_set_const($db, "FACTURE_LOCAL_TAX1_OPTION", $uselocaltax1, 'chaine', 0, '', $conf->entity);
|
||||
dolibarr_set_const($db, "FACTURE_LOCAL_TAX2_OPTION", $uselocaltax2, 'chaine', 0, '', $conf->entity);
|
||||
|
||||
if ($_POST["optionlocaltax1"] == "localtax1on") {
|
||||
if (GETPOST("optionlocaltax1") == "localtax1on") {
|
||||
if (!GETPOSTISSET('lt1')) {
|
||||
dolibarr_set_const($db, "MAIN_INFO_VALUE_LOCALTAX1", 0, 'chaine', 0, '', $conf->entity);
|
||||
} else {
|
||||
@@ -219,7 +219,7 @@ if (($action == 'update' && !GETPOST("cancel", 'alpha'))
|
||||
}
|
||||
dolibarr_set_const($db, "MAIN_INFO_LOCALTAX_CALC1", GETPOST("clt1", 'aZ09'), 'chaine', 0, '', $conf->entity);
|
||||
}
|
||||
if ($_POST["optionlocaltax2"] == "localtax2on") {
|
||||
if (GETPOST("optionlocaltax2") == "localtax2on") {
|
||||
if (!GETPOSTISSET('lt2')) {
|
||||
dolibarr_set_const($db, "MAIN_INFO_VALUE_LOCALTAX2", 0, 'chaine', 0, '', $conf->entity);
|
||||
} else {
|
||||
|
||||
@@ -181,7 +181,7 @@ if ($action == 'update') {
|
||||
}
|
||||
}
|
||||
|
||||
dolibarr_set_const($db, "MAIN_DISABLE_METEO", $_POST["MAIN_DISABLE_METEO"], 'chaine', 0, '', $conf->entity);
|
||||
dolibarr_set_const($db, "MAIN_DISABLE_METEO", GETPOST("MAIN_DISABLE_METEO"), 'chaine', 0, '', $conf->entity);
|
||||
dolibarr_set_const($db, "MAIN_USE_METEO_WITH_PERCENTAGE", GETPOST("MAIN_USE_METEO_WITH_PERCENTAGE"), 'chaine', 0, '', $conf->entity);
|
||||
|
||||
// For update value with percentage
|
||||
|
||||
@@ -788,7 +788,7 @@ if (GETPOST('actionadd') || GETPOST('actionmodify')) {
|
||||
$msg .= $langs->transnoentities('ErrorFieldFormat', $langs->transnoentities('Code')).'<br>';
|
||||
}*/
|
||||
}
|
||||
if (GETPOSTISSET("country") && ($_POST["country"] == '0') && ($id != 2)) {
|
||||
if (GETPOSTISSET("country") && (GETPOST("country") == '0') && ($id != 2)) {
|
||||
if (in_array($tablib[$id], array('DictionaryCompanyType', 'DictionaryHolidayTypes'))) { // Field country is no mandatory for such dictionaries
|
||||
$_POST["country"] = '';
|
||||
} else {
|
||||
@@ -796,25 +796,25 @@ if (GETPOST('actionadd') || GETPOST('actionmodify')) {
|
||||
setEventMessages($langs->transnoentities("ErrorFieldRequired", $langs->transnoentities("Country")), null, 'errors');
|
||||
}
|
||||
}
|
||||
if (($id == 3 || $id == 42) && !is_numeric($_POST["code"])) {
|
||||
if (($id == 3 || $id == 42) && !is_numeric(GETPOST("code"))) {
|
||||
$ok = 0;
|
||||
setEventMessages($langs->transnoentities("ErrorFieldMustBeANumeric", $langs->transnoentities("Code")), null, 'errors');
|
||||
}
|
||||
|
||||
// Clean some parameters
|
||||
if ((!empty($_POST["localtax1_type"]) || ($_POST['localtax1_type'] == '0')) && empty($_POST["localtax1"])) {
|
||||
if ((GETPOST("localtax1_type") || (GETPOST('localtax1_type') == '0')) && !GETPOST("localtax1")) {
|
||||
$_POST["localtax1"] = '0'; // If empty, we force to 0
|
||||
}
|
||||
if ((!empty($_POST["localtax2_type"]) || ($_POST['localtax2_type'] == '0')) && empty($_POST["localtax2"])) {
|
||||
if ((GETPOST("localtax2_type") || (GETPOST('localtax2_type') == '0')) && !GETPOST("localtax2")) {
|
||||
$_POST["localtax2"] = '0'; // If empty, we force to 0
|
||||
}
|
||||
if ($_POST["accountancy_code"] <= 0) {
|
||||
if (GETPOST("accountancy_code") <= 0) {
|
||||
$_POST["accountancy_code"] = ''; // If empty, we force to null
|
||||
}
|
||||
if ($_POST["accountancy_code_sell"] <= 0) {
|
||||
if (GETPOST("accountancy_code_sell") <= 0) {
|
||||
$_POST["accountancy_code_sell"] = ''; // If empty, we force to null
|
||||
}
|
||||
if ($_POST["accountancy_code_buy"] <= 0) {
|
||||
if (GETPOST("accountancy_code_buy") <= 0) {
|
||||
$_POST["accountancy_code_buy"] = ''; // If empty, we force to null
|
||||
}
|
||||
if ($id == 10 && GETPOSTISSET("code")) { // Spaces are not allowed into code for tax dictionary
|
||||
|
||||
@@ -72,15 +72,15 @@ if ($action == 'add' || GETPOST("modify")) {
|
||||
|
||||
if (!empty($_POST[$external_rss_urlrss])) {
|
||||
$boxlabel = '(ExternalRSSInformations)';
|
||||
//$external_rss_url = "external_rss_url_" . $_POST["norss"];
|
||||
//$external_rss_url = "external_rss_url_" . GETPOST("norss");
|
||||
|
||||
$db->begin();
|
||||
|
||||
if ($_POST["modify"]) {
|
||||
if (GETPOST("modify")) {
|
||||
// Supprime boite box_external_rss de definition des boites
|
||||
/* $sql = "UPDATE ".MAIN_DB_PREFIX."boxes_def";
|
||||
$sql.= " SET name = '".$db->escape($boxlabel)."'";
|
||||
$sql.= " WHERE file ='box_external_rss.php' AND note like '".$db->escape($_POST["norss"])." %'";
|
||||
$sql.= " WHERE file ='box_external_rss.php' AND note like '".$db->escape(GETPOST("norss"))." %'";
|
||||
|
||||
$resql=$db->query($sql);
|
||||
if (! $resql)
|
||||
@@ -115,7 +115,7 @@ if ($action == 'add' || GETPOST("modify")) {
|
||||
}
|
||||
}
|
||||
|
||||
if ($_POST["delete"]) {
|
||||
if (GETPOST("delete")) {
|
||||
if (GETPOST("norss", 'int')) {
|
||||
$db->begin();
|
||||
|
||||
|
||||
@@ -96,7 +96,7 @@ if ($action == 'removebackgroundlogin' && !empty($conf->global->MAIN_LOGIN_BACKG
|
||||
if ($action == 'update') {
|
||||
dolibarr_set_const($db, "MAIN_LANG_DEFAULT", GETPOST("MAIN_LANG_DEFAULT", 'aZ09'), 'chaine', 0, '', $conf->entity);
|
||||
dolibarr_set_const($db, "MAIN_IHM_PARAMS_REV", (int) $conf->global->MAIN_IHM_PARAMS_REV + 1, 'chaine', 0, '', $conf->entity);
|
||||
//dolibarr_set_const($db, "MAIN_MULTILANGS", $_POST["MAIN_MULTILANGS"], 'chaine', 0, '', $conf->entity);
|
||||
//dolibarr_set_const($db, "MAIN_MULTILANGS", GETPOST("MAIN_MULTILANGS"), 'chaine', 0, '', $conf->entity);
|
||||
|
||||
dolibarr_set_const($db, "MAIN_THEME", GETPOST("main_theme", 'aZ09'), 'chaine', 0, '', $conf->entity);
|
||||
|
||||
|
||||
@@ -46,23 +46,29 @@ $action = GETPOST('action', 'aZ09');
|
||||
$testsubscribeemail = GETPOST("testsubscribeemail");
|
||||
$testunsubscribeemail = GETPOST("testunsubscribeemail");
|
||||
|
||||
$error = 0;
|
||||
|
||||
|
||||
/*
|
||||
* Actions
|
||||
*/
|
||||
|
||||
// Action updated or added a constant
|
||||
if ($action == 'update' || $action == 'add') {
|
||||
foreach ($_POST['constname'] as $key => $val) {
|
||||
$constname = $_POST["constname"][$key];
|
||||
$constvalue = $_POST["constvalue"][$key];
|
||||
$consttype = $_POST["consttype"][$key];
|
||||
$constnote = $_POST["constnote"][$key];
|
||||
$tmparray = GETPOST('constname', 'array');
|
||||
if (is_array($tmparray)) {
|
||||
foreach ($tmparray as $key => $val) {
|
||||
$constname = $tmparray[$key];
|
||||
$constvalue = $tmparray[$key];
|
||||
$consttype = $tmparray[$key];
|
||||
$constnote = $tmparray[$key];
|
||||
$res = dolibarr_set_const($db, $constname, $constvalue, $type[$consttype], 0, $constnote, $conf->entity);
|
||||
|
||||
if (!($res > 0)) {
|
||||
$error++;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
if (!$error) {
|
||||
setEventMessages($langs->trans("SetupSaved"), null, 'mesgs');
|
||||
|
||||
@@ -31,6 +31,7 @@ require_once DOL_DOCUMENT_ROOT.'/core/lib/files.lib.php';
|
||||
$langs->loadLangs(array('companies', 'products', 'admin', 'mails', 'other', 'errors'));
|
||||
|
||||
$action = GETPOST('action', 'aZ09');
|
||||
$cancel = GETPOST('cancel', 'alpha');
|
||||
|
||||
if (!$user->admin) {
|
||||
accessforbidden();
|
||||
@@ -59,7 +60,7 @@ complete_substitutions_array($substitutionarrayfortest, $langs);
|
||||
* Actions
|
||||
*/
|
||||
|
||||
if ($action == 'update' && empty($_POST["cancel"])) {
|
||||
if ($action == 'update' && !$cancel) {
|
||||
// Send mode parameters
|
||||
dolibarr_set_const($db, "MAIN_MAIL_SENDMODE_EMAILING", GETPOST("MAIN_MAIL_SENDMODE_EMAILING"), 'chaine', 0, '', $conf->entity);
|
||||
dolibarr_set_const($db, "MAIN_MAIL_SMTP_PORT_EMAILING", GETPOST("MAIN_MAIL_SMTP_PORT_EMAILING"), 'chaine', 0, '', $conf->entity);
|
||||
|
||||
@@ -31,6 +31,7 @@ require_once DOL_DOCUMENT_ROOT.'/core/lib/files.lib.php';
|
||||
$langs->loadLangs(array('companies', 'products', 'admin', 'mails', 'other', 'errors'));
|
||||
|
||||
$action = GETPOST('action', 'aZ09');
|
||||
$cancel = GETPOST('cancel', 'alpha');
|
||||
|
||||
$usersignature = $user->signature;
|
||||
// For action = test or send, we ensure that content is not html, even for signature, because this we want a test with NO html.
|
||||
@@ -59,7 +60,7 @@ if (!$user->admin) {
|
||||
* Actions
|
||||
*/
|
||||
|
||||
if ($action == 'update' && empty($_POST["cancel"])) {
|
||||
if ($action == 'update' && !$cancel) {
|
||||
// Send mode parameters
|
||||
dolibarr_set_const($db, "MAIN_MAIL_SENDMODE_TICKET", GETPOST("MAIN_MAIL_SENDMODE_TICKET"), 'chaine', 0, '', $conf->entity);
|
||||
dolibarr_set_const($db, "MAIN_MAIL_SMTP_PORT_TICKET", GETPOST("MAIN_MAIL_SMTP_PORT_TICKET"), 'chaine', 0, '', $conf->entity);
|
||||
|
||||
@@ -333,8 +333,8 @@ if ($action == 'create') {
|
||||
} else {
|
||||
print '<select name="type" class="flat" id="topleft">';
|
||||
print '<option value=""> </option>';
|
||||
print '<option value="top"'.(!empty($_POST["type"]) && $_POST["type"] == 'top' ? ' selected' : '').'>'.$langs->trans('Top').'</option>';
|
||||
print '<option value="left"'.(!empty($_POST["type"]) && $_POST["type"] == 'left' ? ' selected' : '').'>'.$langs->trans('Left').'</option>';
|
||||
print '<option value="top"'.(GETPOST("type") == 'top' ? ' selected' : '').'>'.$langs->trans('Top').'</option>';
|
||||
print '<option value="left"'.(GETPOST("type") == 'left' ? ' selected' : '').'>'.$langs->trans('Left').'</option>';
|
||||
print '</select>';
|
||||
}
|
||||
print '</td><td>'.$langs->trans('DetailType').'</td></tr>';
|
||||
|
||||
@@ -66,7 +66,7 @@ if ($action == 'send' && !$_POST['cancel']) {
|
||||
$error = 0;
|
||||
|
||||
$smsfrom = '';
|
||||
if (!empty($_POST["fromsms"])) {
|
||||
if (GETPOST("fromsms", 'alphanohtml')) {
|
||||
$smsfrom = GETPOST("fromsms", 'alphanohtml');
|
||||
}
|
||||
if (empty($smsfrom)) {
|
||||
|
||||
@@ -66,7 +66,7 @@ $upload_dir = $conf->categorie->multidir_output[$object->entity];
|
||||
* Actions
|
||||
*/
|
||||
|
||||
if (isset($_FILES['userfile']) && $_FILES['userfile']['size'] > 0 && $_POST["sendit"] && !empty($conf->global->MAIN_UPLOAD_DOC)) {
|
||||
if (isset($_FILES['userfile']) && $_FILES['userfile']['size'] > 0 && GETPOST("sendit") && !empty($conf->global->MAIN_UPLOAD_DOC)) {
|
||||
if ($object->id) {
|
||||
$file = $_FILES['userfile'];
|
||||
if (is_array($file['name']) && count($file['name']) > 0) {
|
||||
|
||||
@@ -162,7 +162,7 @@ if (empty($reshook)) {
|
||||
// set accountancy code
|
||||
if ($action == 'setcustomeraccountancycode') {
|
||||
$result = $object->fetch($id);
|
||||
$object->code_compta = $_POST["customeraccountancycode"];
|
||||
$object->code_compta = GETPOST("customeraccountancycode");
|
||||
$result = $object->update($object->id, $user, 1, 1, 0);
|
||||
if ($result < 0) {
|
||||
setEventMessages($object->error, $object->errors, 'errors');
|
||||
|
||||
@@ -397,7 +397,7 @@ if ($action == 'delete') {
|
||||
}
|
||||
}
|
||||
|
||||
if ($_POST["button_removefilter"]) {
|
||||
if (GETPOST("button_removefilter")) {
|
||||
$search_nom = '';
|
||||
$search_prenom = '';
|
||||
$search_email = '';
|
||||
|
||||
@@ -46,6 +46,7 @@ if (!$user->rights->mailing->lire || (empty($conf->global->EXTERNAL_USERS_ARE_AU
|
||||
|
||||
$id = (GETPOST('mailid', 'int') ? GETPOST('mailid', 'int') : GETPOST('id', 'int'));
|
||||
$action = GETPOST('action', 'aZ09');
|
||||
$cancel = GETPOST('cancel');
|
||||
$confirm = GETPOST('confirm', 'alpha');
|
||||
$urlfrom = GETPOST('urlfrom');
|
||||
|
||||
@@ -393,12 +394,12 @@ if (empty($reshook)) {
|
||||
}
|
||||
|
||||
// Action send test emailing
|
||||
if ($action == 'send' && empty($_POST["cancel"])) {
|
||||
if ($action == 'send' && ! $cancel) {
|
||||
$error = 0;
|
||||
|
||||
$upload_dir = $conf->mailing->dir_output."/".get_exdir($object->id, 2, 0, 1, $object, 'mailing');
|
||||
|
||||
$object->sendto = $_POST["sendto"];
|
||||
$object->sendto = GETPOST("sendto", 'alphawithlgt');
|
||||
if (!$object->sendto) {
|
||||
setEventMessages($langs->trans("ErrorFieldRequired", $langs->transnoentitiesnoconv("MailTo")), null, 'errors');
|
||||
$error++;
|
||||
@@ -537,7 +538,7 @@ if (empty($reshook)) {
|
||||
}
|
||||
|
||||
// Action of file remove
|
||||
if (!empty($_POST["removedfile"])) {
|
||||
if (GETPOST("removedfile")) {
|
||||
$upload_dir = $conf->mailing->dir_output."/".get_exdir($object->id, 2, 0, 1, $object, 'mailing');
|
||||
|
||||
require_once DOL_DOCUMENT_ROOT.'/core/lib/files.lib.php';
|
||||
@@ -548,7 +549,7 @@ if (empty($reshook)) {
|
||||
}
|
||||
|
||||
// Action of emailing update
|
||||
if ($action == 'update' && empty($_POST["removedfile"]) && empty($_POST["cancel"])) {
|
||||
if ($action == 'update' && !GETPOST("removedfile") && !$cancel) {
|
||||
require_once DOL_DOCUMENT_ROOT.'/core/lib/files.lib.php';
|
||||
|
||||
$isupload = 0;
|
||||
@@ -643,7 +644,7 @@ if (empty($reshook)) {
|
||||
}
|
||||
}
|
||||
|
||||
if (!empty($_POST["cancel"])) {
|
||||
if ($cancel) {
|
||||
$action = '';
|
||||
}
|
||||
}
|
||||
|
||||
@@ -30,6 +30,9 @@ require_once DOL_DOCUMENT_ROOT.'/contact/class/contact.class.php';
|
||||
// Load translation files required by the page
|
||||
$langs->loadLangs(array('orders', 'companies'));
|
||||
|
||||
$action = GETPOST('action', 'alpha');
|
||||
$cancel = GETPOST('cancel', 'alpha');
|
||||
|
||||
$id = GETPOST('id', 'int');
|
||||
$_socid = GETPOST("id", 'int');
|
||||
// Security check
|
||||
@@ -42,10 +45,10 @@ if ($user->socid > 0) {
|
||||
* Actions
|
||||
*/
|
||||
|
||||
if ($_POST["action"] == 'setpricelevel') {
|
||||
if ($action == 'setpricelevel') {
|
||||
$soc = new Societe($db);
|
||||
$soc->fetch($id);
|
||||
$soc->set_price_level($_POST["price_level"], $user);
|
||||
$soc->set_price_level(GETPOST("price_level"), $user);
|
||||
|
||||
header("Location: multiprix.php?id=".$id);
|
||||
exit;
|
||||
|
||||
@@ -775,9 +775,9 @@ if (empty($reshook)) {
|
||||
$object->generateDocument($object->model_pdf, $outputlangs, $hidedetails, $hidedesc, $hideref);
|
||||
}
|
||||
} elseif ($action == "setabsolutediscount" && $usercancreate) {
|
||||
if ($_POST["remise_id"]) {
|
||||
if (GETPOST("remise_id", "int")) {
|
||||
if ($object->id > 0) {
|
||||
$result = $object->insert_discount($_POST["remise_id"]);
|
||||
$result = $object->insert_discount(GETPOST("remise_id", "int"));
|
||||
if ($result < 0) {
|
||||
setEventMessages($object->error, $object->errors, 'errors');
|
||||
}
|
||||
|
||||
@@ -245,7 +245,7 @@ if ((GETPOST('confirm_savestatement', 'alpha') || GETPOST('confirm_reconcile', '
|
||||
foreach ($rowids as $row) {
|
||||
if ($row > 0) {
|
||||
$result = $bankline->fetch($row);
|
||||
$bankline->num_releve = $num_releve; //$_POST["num_releve"];
|
||||
$bankline->num_releve = $num_releve; // GETPOST("num_releve");
|
||||
$result = $bankline->update_conciliation($user, GETPOST("cat"), GETPOST('confirm_reconcile', 'alpha') ? 1 : 0); // If we confirm_reconcile, we set flag 'rappro' to 1.
|
||||
if ($result < 0) {
|
||||
setEventMessages($bankline->error, $bankline->errors, 'errors');
|
||||
|
||||
@@ -87,18 +87,18 @@ if ($action == 'add') {
|
||||
|
||||
$object->ref = dol_string_nospecial(trim(GETPOST('ref', 'alpha')));
|
||||
$object->label = trim(GETPOST("label", 'alphanohtml'));
|
||||
$object->courant = $_POST["type"];
|
||||
$object->clos = $_POST["clos"];
|
||||
$object->courant = GETPOST("type");
|
||||
$object->clos = GETPOST("clos");
|
||||
$object->rappro = (GETPOST("norappro", 'alpha') ? 0 : 1);
|
||||
$object->url = trim(GETPOST("url", 'alpha'));
|
||||
|
||||
$object->bank = trim($_POST["bank"]);
|
||||
$object->code_banque = trim($_POST["code_banque"]);
|
||||
$object->code_guichet = trim($_POST["code_guichet"]);
|
||||
$object->number = trim($_POST["number"]);
|
||||
$object->cle_rib = trim($_POST["cle_rib"]);
|
||||
$object->bic = trim($_POST["bic"]);
|
||||
$object->iban = trim($_POST["iban"]);
|
||||
$object->bank = trim(GETPOST("bank"));
|
||||
$object->code_banque = trim(GETPOST("code_banque"));
|
||||
$object->code_guichet = trim(GETPOST("code_guichet"));
|
||||
$object->number = trim(GETPOST("number"));
|
||||
$object->cle_rib = trim(GETPOST("cle_rib"));
|
||||
$object->bic = trim(GETPOST("bic"));
|
||||
$object->iban = trim(GETPOST("iban"));
|
||||
$object->domiciliation = trim(GETPOST("domiciliation", "nohtml"));
|
||||
|
||||
$object->proprio = trim(GETPOST("proprio", 'alphanohtml'));
|
||||
@@ -120,10 +120,10 @@ if ($action == 'add') {
|
||||
$object->fk_accountancy_journal = $fk_accountancy_journal;
|
||||
}
|
||||
|
||||
$object->solde = $_POST["solde"];
|
||||
$object->solde = price2num(GETPOST("solde"));
|
||||
$object->date_solde = dol_mktime(12, 0, 0, GETPOST("remonth", 'int'), GETPOST('reday', 'int'), GETPOST("reyear", 'int'));
|
||||
|
||||
$object->currency_code = trim($_POST["account_currency_code"]);
|
||||
$object->currency_code = trim(GETPOST("account_currency_code"));
|
||||
|
||||
$object->state_id = GETPOST("account_state_id", 'int');
|
||||
$object->country_id = GETPOST("account_country_id", 'int');
|
||||
@@ -187,18 +187,18 @@ if ($action == 'update') {
|
||||
|
||||
$object->ref = dol_string_nospecial(trim(GETPOST('ref', 'alpha')));
|
||||
$object->label = trim(GETPOST("label", 'alphanohtml'));
|
||||
$object->courant = $_POST["type"];
|
||||
$object->clos = $_POST["clos"];
|
||||
$object->courant = GETPOST("type");
|
||||
$object->clos = GETPOST("clos");
|
||||
$object->rappro = (GETPOST("norappro", 'alpha') ? 0 : 1);
|
||||
$object->url = trim(GETPOST("url", 'alpha'));
|
||||
|
||||
$object->bank = trim($_POST["bank"]);
|
||||
$object->code_banque = trim($_POST["code_banque"]);
|
||||
$object->code_guichet = trim($_POST["code_guichet"]);
|
||||
$object->number = trim($_POST["number"]);
|
||||
$object->cle_rib = trim($_POST["cle_rib"]);
|
||||
$object->bic = trim($_POST["bic"]);
|
||||
$object->iban = trim($_POST["iban"]);
|
||||
$object->bank = trim(GETPOST("bank"));
|
||||
$object->code_banque = trim(GETPOST("code_banque"));
|
||||
$object->code_guichet = trim(GETPOST("code_guichet"));
|
||||
$object->number = trim(GETPOST("number"));
|
||||
$object->cle_rib = trim(GETPOST("cle_rib"));
|
||||
$object->bic = trim(GETPOST("bic"));
|
||||
$object->iban = trim(GETPOST("iban"));
|
||||
$object->domiciliation = trim(GETPOST("domiciliation", "nohtml"));
|
||||
|
||||
$object->proprio = trim(GETPOST("proprio", 'alphanohtml'));
|
||||
@@ -220,7 +220,7 @@ if ($action == 'update') {
|
||||
$object->fk_accountancy_journal = $fk_accountancy_journal;
|
||||
}
|
||||
|
||||
$object->currency_code = trim($_POST["account_currency_code"]);
|
||||
$object->currency_code = trim(GETPOST("account_currency_code"));
|
||||
|
||||
$object->state_id = GETPOST("account_state_id", 'int');
|
||||
$object->country_id = GETPOST("account_country_id", 'int');
|
||||
@@ -274,7 +274,7 @@ if ($action == 'update') {
|
||||
}
|
||||
}
|
||||
|
||||
if ($action == 'confirm_delete' && $_POST["confirm"] == "yes" && $user->rights->banque->configurer) {
|
||||
if ($action == 'confirm_delete' && GETPOST("confirm") == "yes" && $user->rights->banque->configurer) {
|
||||
// Delete
|
||||
$object = new Account($db);
|
||||
$object->fetch(GETPOST("id", "int"));
|
||||
@@ -462,7 +462,8 @@ if ($action == 'create') {
|
||||
print '</table>';
|
||||
print '<br>';
|
||||
|
||||
if ($_POST["type"] == Account::TYPE_SAVINGS || $_POST["type"] == Account::TYPE_CURRENT) {
|
||||
$type = GETPOST('type');
|
||||
if ($type == Account::TYPE_SAVINGS || $type == Account::TYPE_CURRENT) {
|
||||
print '<table class="border centpercent">';
|
||||
|
||||
// If bank account
|
||||
@@ -988,7 +989,7 @@ if ($action == 'create') {
|
||||
|
||||
print '</table>';
|
||||
|
||||
if ($_POST["type"] == Account::TYPE_SAVINGS || $_POST["type"] == Account::TYPE_CURRENT) {
|
||||
if (GETPOST("type") == Account::TYPE_SAVINGS || GETPOST("type") == Account::TYPE_CURRENT) {
|
||||
print '<br>';
|
||||
|
||||
//print '<div class="underbanner clearboth"></div>';
|
||||
|
||||
@@ -140,9 +140,9 @@ if ($user->rights->banque->modifier && $action == "update") {
|
||||
if (!$error) {
|
||||
$db->begin();
|
||||
|
||||
$amount = price2num($_POST['amount']);
|
||||
$dateop = dol_mktime(12, 0, 0, $_POST["dateomonth"], $_POST["dateoday"], $_POST["dateoyear"]);
|
||||
$dateval = dol_mktime(12, 0, 0, $_POST["datevmonth"], $_POST["datevday"], $_POST["datevyear"]);
|
||||
$amount = price2num(GETPOST('amount'));
|
||||
$dateop = dol_mktime(12, 0, 0, GETPOST("dateomonth"), GETPOST("dateoday"), GETPOST("dateoyear"));
|
||||
$dateval = dol_mktime(12, 0, 0, GETPOST("datevmonth"), GETPOST("datevday"), GETPOST("datevyear"));
|
||||
$sql = "UPDATE ".MAIN_DB_PREFIX."bank";
|
||||
$sql .= " SET ";
|
||||
// Always opened
|
||||
@@ -212,8 +212,8 @@ if ($user->rights->banque->modifier && $action == "update") {
|
||||
|
||||
// Reconcile
|
||||
if ($user->rights->banque->consolidate && ($action == 'num_releve' || $action == 'setreconcile')) {
|
||||
$num_rel = trim($_POST["num_rel"]);
|
||||
$rappro = $_POST['reconciled'] ? 1 : 0;
|
||||
$num_rel = trim(GETPOST("num_rel"));
|
||||
$rappro = GETPOST('reconciled') ? 1 : 0;
|
||||
|
||||
// Check parameters
|
||||
if ($rappro && empty($num_rel)) {
|
||||
|
||||
@@ -33,6 +33,8 @@ $langs->loadLangs(array('compta', 'banks', 'bills'));
|
||||
|
||||
$id = GETPOST("id", 'int');
|
||||
$action = GETPOST("action", "alpha");
|
||||
$cancel = GETPOST('cancel');
|
||||
|
||||
$refund = GETPOST("refund", "int");
|
||||
if (empty($refund)) {
|
||||
$refund = 0;
|
||||
@@ -57,18 +59,18 @@ $hookmanager->initHooks(array('localtaxvatcard', 'globalcard'));
|
||||
* Actions
|
||||
*/
|
||||
|
||||
if ($_POST["cancel"] == $langs->trans("Cancel") && !$id) {
|
||||
if ($cancel && !$id) {
|
||||
header("Location: list.php?localTaxType=".$lttype);
|
||||
exit;
|
||||
}
|
||||
|
||||
if ($action == 'add' && $_POST["cancel"] <> $langs->trans("Cancel")) {
|
||||
if ($action == 'add' && $cancel) {
|
||||
$db->begin();
|
||||
|
||||
$datev = dol_mktime(12, 0, 0, $_POST["datevmonth"], $_POST["datevday"], $_POST["datevyear"]);
|
||||
$datep = dol_mktime(12, 0, 0, $_POST["datepmonth"], $_POST["datepday"], $_POST["datepyear"]);
|
||||
$datev = dol_mktime(12, 0, 0, GETPOST("datevmonth"), GETPOST("datevday"), GETPOST("datevyear"));
|
||||
$datep = dol_mktime(12, 0, 0, GETPOST("datepmonth"), GETPOST("datepday"), GETPOST("datepyear"));
|
||||
|
||||
$object->accountid = GETPOST("accountid");
|
||||
$object->accountid = GETPOST("accountid", 'int');
|
||||
$object->paymenttype = GETPOST("paiementtype");
|
||||
$object->datev = $datev;
|
||||
$object->datep = $datep;
|
||||
@@ -165,14 +167,14 @@ if ($action == 'create') {
|
||||
print '</td></tr>';
|
||||
|
||||
// Label
|
||||
print '<tr><td class="fieldrequired">'.$langs->trans("Label").'</td><td><input name="label" class="minwidth200" value="'.($_POST["label"] ?GETPOST("label", '', 2) : $langs->transcountry(($lttype == 2 ? "LT2Payment" : "LT1Payment"), $mysoc->country_code)).'"></td></tr>';
|
||||
print '<tr><td class="fieldrequired">'.$langs->trans("Label").'</td><td><input name="label" class="minwidth200" value="'.(GETPOSTISSET("label") ? GETPOST("label", '', 2) : $langs->transcountry(($lttype == 2 ? "LT2Payment" : "LT1Payment"), $mysoc->country_code)).'"></td></tr>';
|
||||
|
||||
// Amount
|
||||
print '<tr><td class="fieldrequired">'.$langs->trans("Amount").'</td><td><input name="amount" size="10" value="'.GETPOST("amount").'"></td></tr>';
|
||||
|
||||
if (!empty($conf->banque->enabled)) {
|
||||
print '<tr><td class="fieldrequired">'.$langs->trans("Account").'</td><td>';
|
||||
$form->select_comptes($_POST["accountid"], "accountid", 0, "courant=1", 2); // Affiche liste des comptes courant
|
||||
$form->select_comptes(GETPOST("accountid", "int"), "accountid", 0, "courant=1", 2); // Affiche liste des comptes courant
|
||||
print '</td></tr>';
|
||||
|
||||
print '<tr><td class="fieldrequired">'.$langs->trans("PaymentMode").'</td><td>';
|
||||
|
||||
@@ -117,9 +117,9 @@ if ($action == 'setref' && $user->rights->banque->cheque) {
|
||||
}
|
||||
}
|
||||
|
||||
if ($action == 'create' && $_POST["accountid"] > 0 && $user->rights->banque->cheque) {
|
||||
if ($action == 'create' && GETPOST("accountid", "int") > 0 && $user->rights->banque->cheque) {
|
||||
if (is_array($_POST['toRemise'])) {
|
||||
$result = $object->create($user, $_POST["accountid"], 0, $_POST['toRemise']);
|
||||
$result = $object->create($user, GETPOST("accountid", "int"), 0, GETPOST('toRemise'));
|
||||
if ($result > 0) {
|
||||
if ($object->statut == 1) { // If statut is validated, we build doc
|
||||
$object->fetch($object->id); // To force to reload all properties in correct property name
|
||||
@@ -134,7 +134,7 @@ if ($action == 'create' && $_POST["accountid"] > 0 && $user->rights->banque->che
|
||||
$outputlangs = new Translate("", $conf);
|
||||
$outputlangs->setDefaultLang($newlang);
|
||||
}
|
||||
$result = $object->generatePdf($_POST["model"], $outputlangs);
|
||||
$result = $object->generatePdf(GETPOST("model"), $outputlangs);
|
||||
}
|
||||
|
||||
header("Location: ".$_SERVER["PHP_SELF"]."?id=".$object->id);
|
||||
@@ -227,7 +227,7 @@ if ($action == 'builddoc' && $user->rights->banque->cheque) {
|
||||
$outputlangs = new Translate("", $conf);
|
||||
$outputlangs->setDefaultLang($newlang);
|
||||
}
|
||||
$result = $object->generatePdf($_POST["model"], $outputlangs);
|
||||
$result = $object->generatePdf(GETPOST("model"), $outputlangs);
|
||||
if ($result <= 0) {
|
||||
dol_print_error($db, $object->error);
|
||||
exit;
|
||||
|
||||
@@ -70,14 +70,14 @@ if ($action == 'builddoc') {
|
||||
// We save charset_output to restore it because write_file can change it if needed for
|
||||
// output format that does not support UTF8.
|
||||
$sav_charset_output = $outputlangs->charset_output;
|
||||
if ($rap->write_file($dir, $_POST["remonth"], $_POST["reyear"], $outputlangs) > 0) {
|
||||
if ($rap->write_file($dir, GETPOST("remonth", "int"), GETPOST("reyear", "int"), $outputlangs) > 0) {
|
||||
$outputlangs->charset_output = $sav_charset_output;
|
||||
} else {
|
||||
$outputlangs->charset_output = $sav_charset_output;
|
||||
dol_print_error($db, $obj->error);
|
||||
}
|
||||
|
||||
$year = $_POST["reyear"];
|
||||
$year = GETPOST("reyear", "int");
|
||||
}
|
||||
|
||||
|
||||
|
||||
@@ -32,6 +32,8 @@ $langs->load("bills");
|
||||
|
||||
$chid = GETPOST("id", 'int');
|
||||
$action = GETPOST('action', 'aZ09');
|
||||
$cancel = GETPOST('cancel');
|
||||
|
||||
$amounts = array();
|
||||
|
||||
// Security check
|
||||
@@ -50,15 +52,15 @@ $charge = new ChargeSociales($db);
|
||||
if ($action == 'add_payment' || ($action == 'confirm_paiement' && $confirm == 'yes')) {
|
||||
$error = 0;
|
||||
|
||||
if ($_POST["cancel"]) {
|
||||
if ($cancel) {
|
||||
$loc = DOL_URL_ROOT.'/compta/sociales/card.php?id='.$chid;
|
||||
header("Location: ".$loc);
|
||||
exit;
|
||||
}
|
||||
|
||||
$datepaye = dol_mktime(12, 0, 0, $_POST["remonth"], $_POST["reday"], $_POST["reyear"]);
|
||||
$datepaye = dol_mktime(12, 0, 0, GETPOST("remonth", "int"), GETPOST("reday", "int"), GETPOST("reyear", "int"));
|
||||
|
||||
if (!$_POST["paiementtype"] > 0) {
|
||||
if (!(GETPOST("paiementtype") > 0)) {
|
||||
setEventMessages($langs->trans("ErrorFieldRequired", $langs->transnoentities("PaymentMode")), null, 'errors');
|
||||
$error++;
|
||||
$action = 'create';
|
||||
@@ -68,7 +70,7 @@ if ($action == 'add_payment' || ($action == 'confirm_paiement' && $confirm == 'y
|
||||
$error++;
|
||||
$action = 'create';
|
||||
}
|
||||
if (!empty($conf->banque->enabled) && !($_POST["accountid"] > 0)) {
|
||||
if (!empty($conf->banque->enabled) && !(GETPOST("accountid") > 0)) {
|
||||
setEventMessages($langs->trans("ErrorFieldRequired", $langs->transnoentities("AccountToCredit")), null, 'errors');
|
||||
$error++;
|
||||
$action = 'create';
|
||||
|
||||
@@ -33,6 +33,8 @@ $langs->loadLangs(array("banks", "bills"));
|
||||
|
||||
$chid = GETPOST("id", 'int');
|
||||
$action = GETPOST('action', 'alpha');
|
||||
$cancel = GETPOST('cancel');
|
||||
|
||||
$amounts = array();
|
||||
|
||||
// Security check
|
||||
@@ -49,7 +51,7 @@ if ($user->socid > 0) {
|
||||
if ($action == 'add_payment' || ($action == 'confirm_paiement' && $confirm == 'yes')) {
|
||||
$error = 0;
|
||||
|
||||
if ($_POST["cancel"]) {
|
||||
if ($cancel) {
|
||||
$loc = DOL_URL_ROOT.'/compta/tva/card.php?id='.$chid;
|
||||
header("Location: ".$loc);
|
||||
exit;
|
||||
|
||||
@@ -41,6 +41,7 @@ $langs->loadLangs(array('compta', 'banks', 'bills'));
|
||||
|
||||
$id = GETPOST("id", 'int');
|
||||
$action = GETPOST("action", "alpha");
|
||||
$cancel = GETPOST('cancel');
|
||||
$confirm = GETPOST('confirm');
|
||||
$refund = GETPOST("refund", "int");
|
||||
if (GETPOSTISSET('auto_create_paiement') || $action === 'add') {
|
||||
@@ -74,7 +75,7 @@ $hookmanager->initHooks(array('taxvatcard', 'globalcard'));
|
||||
* Actions
|
||||
*/
|
||||
|
||||
if ($_POST["cancel"] == $langs->trans("Cancel") && !$id) {
|
||||
if ($cancel && !$id) {
|
||||
header("Location: list.php");
|
||||
exit;
|
||||
}
|
||||
@@ -135,7 +136,7 @@ if ($action == 'reopen' && $user->rights->tax->charges->creer) {
|
||||
}
|
||||
}
|
||||
|
||||
if ($action == 'add' && $_POST["cancel"] <> $langs->trans("Cancel")) {
|
||||
if ($action == 'add' && $cancel) {
|
||||
$error = 0;
|
||||
|
||||
$object->fk_account = GETPOST("accountid", 'int');
|
||||
|
||||
@@ -283,28 +283,28 @@ abstract class ActionsContactCardCommon
|
||||
// phpcs:enable
|
||||
global $langs, $mysoc;
|
||||
|
||||
$this->object->old_name = $_POST["old_name"];
|
||||
$this->object->old_firstname = $_POST["old_firstname"];
|
||||
$this->object->old_name = GETPOST("old_name");
|
||||
$this->object->old_firstname = GETPOST("old_firstname");
|
||||
|
||||
$this->object->socid = $_POST["socid"];
|
||||
$this->object->lastname = $_POST["name"];
|
||||
$this->object->firstname = $_POST["firstname"];
|
||||
$this->object->civility_id = $_POST["civility_id"];
|
||||
$this->object->poste = $_POST["poste"];
|
||||
$this->object->address = $_POST["address"];
|
||||
$this->object->zip = $_POST["zipcode"];
|
||||
$this->object->town = $_POST["town"];
|
||||
$this->object->country_id = $_POST["country_id"] ? $_POST["country_id"] : $mysoc->country_id;
|
||||
$this->object->state_id = $_POST["state_id"];
|
||||
$this->object->phone_pro = $_POST["phone_pro"];
|
||||
$this->object->phone_perso = $_POST["phone_perso"];
|
||||
$this->object->phone_mobile = $_POST["phone_mobile"];
|
||||
$this->object->fax = $_POST["fax"];
|
||||
$this->object->email = $_POST["email"];
|
||||
$this->object->jabberid = $_POST["jabberid"];
|
||||
$this->object->priv = $_POST["priv"];
|
||||
$this->object->note = $_POST["note"];
|
||||
$this->object->canvas = $_POST["canvas"];
|
||||
$this->object->socid = GETPOST("socid");
|
||||
$this->object->lastname = GETPOST("name");
|
||||
$this->object->firstname = GETPOST("firstname");
|
||||
$this->object->civility_id = GETPOST("civility_id");
|
||||
$this->object->poste = GETPOST("poste");
|
||||
$this->object->address = GETPOST("address");
|
||||
$this->object->zip = GETPOST("zipcode");
|
||||
$this->object->town = GETPOST("town");
|
||||
$this->object->country_id = GETPOST("country_id") ? GETPOST("country_id") : $mysoc->country_id;
|
||||
$this->object->state_id = GETPOST("state_id");
|
||||
$this->object->phone_pro = GETPOST("phone_pro");
|
||||
$this->object->phone_perso = GETPOST("phone_perso");
|
||||
$this->object->phone_mobile = GETPOST("phone_mobile");
|
||||
$this->object->fax = GETPOST("fax");
|
||||
$this->object->email = GETPOST("email");
|
||||
$this->object->jabberid = GETPOST("jabberid");
|
||||
$this->object->priv = GETPOST("priv");
|
||||
$this->object->note = GETPOST("note", "restricthtml");
|
||||
$this->object->canvas = GETPOST("canvas");
|
||||
|
||||
// We set country_id, and country_code label of the chosen country
|
||||
if ($this->object->country_id) {
|
||||
|
||||
@@ -561,7 +561,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) {
|
||||
$object->state_id = GETPOST("state_id");
|
||||
|
||||
// We set country_id, country_code and label for the selected country
|
||||
$object->country_id = $_POST["country_id"] ?GETPOST("country_id") : (empty($objsoc->country_id) ? $mysoc->country_id : $objsoc->country_id);
|
||||
$object->country_id = GETPOST("country_id") ? GETPOST("country_id", "int") : (empty($objsoc->country_id) ? $mysoc->country_id : $objsoc->country_id);
|
||||
if ($object->country_id) {
|
||||
$tmparray = getCountry($object->country_id, 'all');
|
||||
$object->country_code = $tmparray['code'];
|
||||
|
||||
@@ -49,8 +49,8 @@ if ($action == 'update' && !GETPOST("cancel") && $user->rights->societe->contact
|
||||
$ret = $object->fetch($id);
|
||||
|
||||
// Note: Correct date should be completed with location to have exact GM time of birth.
|
||||
$object->birthday = dol_mktime(0, 0, 0, $_POST["birthdaymonth"], $_POST["birthdayday"], $_POST["birthdayyear"]);
|
||||
$object->birthday_alert = $_POST["birthday_alert"];
|
||||
$object->birthday = dol_mktime(0, 0, 0, GETPOST("birthdaymonth"), GETPOST("birthdayday"), GETPOST("birthdayyear"));
|
||||
$object->birthday_alert = GETPOST("birthday_alert");
|
||||
|
||||
if (GETPOST('deletephoto')) {
|
||||
$object->photo = '';
|
||||
|
||||
@@ -912,8 +912,8 @@ class FormMail extends Form
|
||||
}
|
||||
}
|
||||
|
||||
if (GETPOSTISSET("message") && !$_POST['modelselected']) {
|
||||
$defaultmessage = $_POST["message"];
|
||||
if (GETPOSTISSET("message") && !GETPOST('modelselected')) {
|
||||
$defaultmessage = GETPOST("message", "restricthtml");
|
||||
} else {
|
||||
$defaultmessage = make_substitutions($defaultmessage, $this->substit);
|
||||
// Clean first \n and br (to avoid empty line when CONTACTCIVNAME is empty)
|
||||
|
||||
@@ -568,7 +568,7 @@ function dolibarr_get_const($db, $name, $entity = 1)
|
||||
* @param DoliDB $db Database handler
|
||||
* @param string $name Name of constant
|
||||
* @param string $value Value of constant
|
||||
* @param string $type Type of constante (chaine par defaut)
|
||||
* @param string $type Type of constant ('chaine by default)
|
||||
* @param int $visible Is constant visible in Setup->Other page (0 by default)
|
||||
* @param string $note Note on parameter
|
||||
* @param int $entity Multi company id (0 means all entities)
|
||||
|
||||
@@ -417,13 +417,11 @@ if (empty($reshook)) {
|
||||
dol_print_error($db, $object->error);
|
||||
}
|
||||
} elseif ($action == "setabsolutediscount" && $usercancreate) {
|
||||
// POST[remise_id] or POST[remise_id_for_payment]
|
||||
|
||||
// We use the credit to reduce amount of invoice
|
||||
if (!empty($_POST["remise_id"])) {
|
||||
if (GETPOST("remise_id", "int")) {
|
||||
$ret = $object->fetch($id);
|
||||
if ($ret > 0) {
|
||||
$result = $object->insert_discount($_POST["remise_id"]);
|
||||
$result = $object->insert_discount(GETPOST("remise_id", "int"));
|
||||
if ($result < 0) {
|
||||
setEventMessages($object->error, $object->errors, 'errors');
|
||||
}
|
||||
@@ -432,10 +430,10 @@ if (empty($reshook)) {
|
||||
}
|
||||
}
|
||||
// We use the credit to reduce remain to pay
|
||||
if (!empty($_POST["remise_id_for_payment"])) {
|
||||
if (GETPOST("remise_id_for_payment", "int")) {
|
||||
require_once DOL_DOCUMENT_ROOT.'/core/class/discount.class.php';
|
||||
$discount = new DiscountAbsolute($db);
|
||||
$discount->fetch($_POST["remise_id_for_payment"]);
|
||||
$discount->fetch(GETPOST("remise_id_for_payment", "int"));
|
||||
|
||||
//var_dump($object->getRemainToPay(0));
|
||||
//var_dump($discount->amount_ttc);exit;
|
||||
@@ -1082,14 +1080,14 @@ if (empty($reshook)) {
|
||||
$prod = new Product($db);
|
||||
$prod->fetch(GETPOST('productid'));
|
||||
$label = $prod->description;
|
||||
if (trim($_POST['product_desc']) != trim($label)) {
|
||||
$label = $_POST['product_desc'];
|
||||
if (trim(GETPOST('product_desc', 'restricthtml')) != trim($label)) {
|
||||
$label = GETPOST('product_desc', 'restricthtml');
|
||||
}
|
||||
|
||||
$type = $prod->type;
|
||||
} else {
|
||||
$label = $_POST['product_desc'];
|
||||
$type = $_POST["type"] ? $_POST["type"] : 0;
|
||||
$label = GETPOST('product_desc', 'restricthtml');
|
||||
$type = GETPOST("type") ? GETPOST("type") : 0;
|
||||
}
|
||||
|
||||
$date_start = dol_mktime(GETPOST('date_starthour'), GETPOST('date_startmin'), GETPOST('date_startsec'), GETPOST('date_startmonth'), GETPOST('date_startday'), GETPOST('date_startyear'));
|
||||
|
||||
@@ -66,9 +66,9 @@ if (GETPOST("boutonp") || GETPOST("boutonp.x") || GETPOST("boutonp_x")) { // bo
|
||||
|
||||
$nouveauchoix = '';
|
||||
for ($i = 0; $i < $nbcolonnes; $i++) {
|
||||
if (isset($_POST["choix$i"]) && $_POST["choix$i"] == '1') {
|
||||
if (GETPOSTISSET("choix$i") && GETPOST("choix$i") == '1') {
|
||||
$nouveauchoix .= "1";
|
||||
} elseif (isset($_POST["choix$i"]) && $_POST["choix$i"] == '2') {
|
||||
} elseif (GETPOSTISSET("choix$i") && GETPOST("choix$i") == '2') {
|
||||
$nouveauchoix .= "2";
|
||||
} else { // sinon c'est 0
|
||||
$nouveauchoix .= "0";
|
||||
@@ -122,17 +122,16 @@ if ($testmodifier) {
|
||||
|
||||
$nouveauchoix = '';
|
||||
for ($i = 0; $i < $nbcolonnes; $i++) {
|
||||
//var_dump($_POST["choix$i"]);
|
||||
if (isset($_POST["choix$i"]) && $_POST["choix$i"] == '1') {
|
||||
if (GETPOSTISSET("choix$i") && GETPOST("choix$i") == '1') {
|
||||
$nouveauchoix .= "1";
|
||||
} elseif (isset($_POST["choix$i"]) && $_POST["choix$i"] == '2') {
|
||||
} elseif (GETPOSTISSET("choix$i") && GETPOST("choix$i") == '2') {
|
||||
$nouveauchoix .= "2";
|
||||
} else { // sinon c'est 0
|
||||
$nouveauchoix .= "0";
|
||||
}
|
||||
}
|
||||
|
||||
$idtomodify = $_POST["idtomodify".$modifier];
|
||||
$idtomodify = GETPOST("idtomodify".$modifier);
|
||||
$sql = 'UPDATE '.MAIN_DB_PREFIX."opensurvey_user_studs";
|
||||
$sql .= " SET reponses = '".$db->escape($nouveauchoix)."'";
|
||||
$sql .= " WHERE id_users = '".$db->escape($idtomodify)."'";
|
||||
@@ -169,7 +168,7 @@ if (GETPOST("ajoutercolonne") && GETPOST('nouvellecolonne') && $object->format =
|
||||
}
|
||||
|
||||
// Add column (with format date)
|
||||
if (isset($_POST["ajoutercolonne"]) && $object->format == "D") {
|
||||
if (GETPOSTISSET("ajoutercolonne") && $object->format == "D") {
|
||||
// Security check
|
||||
if (!$user->rights->opensurvey->write) {
|
||||
accessforbidden();
|
||||
@@ -177,27 +176,27 @@ if (isset($_POST["ajoutercolonne"]) && $object->format == "D") {
|
||||
|
||||
$nouveauxsujets = $object->sujet;
|
||||
|
||||
if (isset($_POST["nouveaujour"]) && $_POST["nouveaujour"] != "vide" &&
|
||||
isset($_POST["nouveaumois"]) && $_POST["nouveaumois"] != "vide" &&
|
||||
isset($_POST["nouvelleannee"]) && $_POST["nouvelleannee"] != "vide") {
|
||||
$nouvelledate = dol_mktime(0, 0, 0, $_POST["nouveaumois"], $_POST["nouveaujour"], $_POST["nouvelleannee"]);
|
||||
if (GETPOSTISSET("nouveaujour") && GETPOST("nouveaujour") != "vide" &&
|
||||
GETPOSTISSET("nouveaumois") && GETPOST("nouveaumois") != "vide" &&
|
||||
GETPOSTISSET("nouvelleannee") && GETPOST("nouvelleannee") != "vide") {
|
||||
$nouvelledate = dol_mktime(0, 0, 0, GETPOST("nouveaumois"), GETPOST("nouveaujour"), GETPOST("nouvelleannee"));
|
||||
|
||||
if (isset($_POST["nouvelleheuredebut"]) && $_POST["nouvelleheuredebut"] != "vide") {
|
||||
if (GETPOSTISSET("nouvelleheuredebut") && GETPOST("nouvelleheuredebut") != "vide") {
|
||||
$nouvelledate .= "@";
|
||||
$nouvelledate .= GETPOST("nouvelleheuredebut");
|
||||
$nouvelledate .= "h";
|
||||
|
||||
if ($_POST["nouvelleminutedebut"] != "vide") {
|
||||
if (GETPOST("nouvelleminutedebut") != "vide") {
|
||||
$nouvelledate .= GETPOST("nouvelleminutedebut");
|
||||
}
|
||||
}
|
||||
|
||||
if (isset($_POST["nouvelleheurefin"]) && $_POST["nouvelleheurefin"] != "vide") {
|
||||
if (GETPOSTISSET("nouvelleheurefin") && GETPOST("nouvelleheurefin") != "vide") {
|
||||
$nouvelledate .= "-";
|
||||
$nouvelledate .= GETPOST("nouvelleheurefin");
|
||||
$nouvelledate .= "h";
|
||||
|
||||
if ($_POST["nouvelleminutefin"] != "vide") {
|
||||
if (GETPOST("nouvelleminutefin") != "vide") {
|
||||
$nouvelledate .= GETPOST("nouvelleminutefin");
|
||||
}
|
||||
}
|
||||
|
||||
@@ -405,8 +405,8 @@ if (empty($reshook)) {
|
||||
if (!empty($conf->global->PRODUIT_MULTIPRICES)) {
|
||||
for ($i = 2; $i <= $conf->global->PRODUIT_MULTIPRICES_LIMIT; $i++) {
|
||||
if (GETPOSTISSET("price_".$i)) {
|
||||
$object->multiprices["$i"] = price2num($_POST["price_".$i], 'MU');
|
||||
$object->multiprices_base_type["$i"] = $_POST["multiprices_base_type_".$i];
|
||||
$object->multiprices["$i"] = price2num(GETPOST("price_".$i), 'MU');
|
||||
$object->multiprices_base_type["$i"] = GETPOST("multiprices_base_type_".$i);
|
||||
} else {
|
||||
$object->multiprices["$i"] = "";
|
||||
}
|
||||
|
||||
@@ -217,7 +217,7 @@ if (empty($reshook)) {
|
||||
$langs->load("errors");
|
||||
setEventMessages($langs->trans("ErrorFieldRequired", $langs->transnoentities("Supplier")), null, 'errors');
|
||||
}
|
||||
if (price2num($_POST["price"]) < 0 || $_POST["price"] == '') {
|
||||
if (price2num(GETPOST("price")) < 0 || GETPOST("price") == '') {
|
||||
if ($price_expression === '') { // Return error of missing price only if price_expression not set
|
||||
$error++;
|
||||
$langs->load("errors");
|
||||
|
||||
@@ -179,7 +179,7 @@ if ($action == "correct_stock") {
|
||||
setEventMessages($langs->trans("ErrorFieldRequired", $langs->transnoentitiesnoconv("Product")), null, 'errors');
|
||||
$action = 'correction';
|
||||
}
|
||||
if (!is_numeric($_POST["nbpiece"])) {
|
||||
if (!is_numeric(GETPOST("nbpiece"))) {
|
||||
$error++;
|
||||
setEventMessages($langs->trans("ErrorFieldMustBeANumeric", $langs->transnoentitiesnoconv("NumberOfUnit")), null, 'errors');
|
||||
$action = 'correction';
|
||||
|
||||
@@ -247,7 +247,7 @@ if ($action == "correct_stock") {
|
||||
setEventMessages($langs->trans("ErrorFieldRequired", $langs->transnoentitiesnoconv("Product")), null, 'errors');
|
||||
$action = 'correction';
|
||||
}
|
||||
if (!is_numeric($_POST["nbpiece"])) {
|
||||
if (!is_numeric(GETPOST("nbpiece"))) {
|
||||
$error++;
|
||||
setEventMessages($langs->trans("ErrorFieldMustBeANumeric", $langs->transnoentitiesnoconv("NumberOfUnit")), null, 'errors');
|
||||
$action = 'correction';
|
||||
|
||||
Reference in New Issue
Block a user