From 1479a40e6d6df8953f44953a4b1a7fcd994f2357 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Sun, 29 Aug 2010 18:23:56 +0000 Subject: [PATCH] Fix: Bad parameter position --- htdocs/comm/action/fiche.php | 77 +++++++++++++++++++++--------------- 1 file changed, 45 insertions(+), 32 deletions(-) diff --git a/htdocs/comm/action/fiche.php b/htdocs/comm/action/fiche.php index 27f464cc0a3..58bd6018f5f 100644 --- a/htdocs/comm/action/fiche.php +++ b/htdocs/comm/action/fiche.php @@ -44,16 +44,15 @@ $langs->load("orders"); $langs->load("agenda"); // If socid provided by ajax company selector -if (! empty($_REQUEST['socid_id'])) +if (GETPOST('socid_id')) { - $_GET['socid'] = $_GET['socid_id']; - $_POST['socid'] = $_POST['socid_id']; - $_REQUEST['socid'] = $_REQUEST['socid_id']; + $_GET['socid'] = GETPOST('socid_id'); + $_POST['socid'] = GETPOST('socid_id'); } // Security check -$socid=isset($_GET['socid'])?$_GET['socid']:$_POST['socid']; -$id = isset($_GET["id"])?$_GET["id"]:''; +$socid = GETPOST('socid'); +$id = GETPOST('id'); if ($user->societe_id) $socid=$user->societe_id; // TODO: revoir les droits car pas clair //$result = restrictedArea($user, 'agenda', $id, 'actioncomm', 'actions', '', 'id'); @@ -423,17 +422,31 @@ $htmlactions = new FormActions($db); * Affichage fiche en mode creation */ -if ($_GET["action"] == 'create') +if (GETPOST('action') == 'create') { $contact = new Contact($db); if ($_REQUEST["contactid"]) { - $result=$contact->fetch($_REQUEST["contactid"]); + $result=$contact->fetch(GETPOST("contactid")); if ($result < 0) dol_print_error($db,$contact->error); } - print '
'; + if ($conf->use_javascript_ajax) + { + /* + print "\n".''."\n"; + */ + } + + print ''; print ''; print ''; if (! empty($_REQUEST["backtopage"])) print ''; @@ -448,10 +461,10 @@ if ($_GET["action"] == 'create') // Type d'action actifs print ''.$langs->trans("Type").''; - if ($_GET["actioncode"]) + if (GETPOST("actioncode")) { print ''."\n"; - $cactioncomm->fetch($_GET["actioncode"]); + $cactioncomm->fetch(GETPOST("actioncode")); print $cactioncomm->getNomUrl(); } else @@ -468,12 +481,12 @@ if ($_GET["action"] == 'create') // Societe, contact print ''.$langs->trans("ActionOnCompany").''; - if ($_REQUEST["socid"] > 0) + if (GETPOST("socid") > 0) { $societe = new Societe($db); - $societe->fetch($_REQUEST["socid"]); + $societe->fetch(GETPOST("socid")); print $societe->getNomUrl(1); - print ''; + print ''; } else { @@ -482,10 +495,10 @@ if ($_GET["action"] == 'create') print ''; // If company is forced, we propose contacts (may be contact is also forced) - if ($_REQUEST["socid"] > 0) + if (GETPOST("socid") > 0) { print ''.$langs->trans("ActionOnContact").''; - $html->select_contacts($_REQUEST["socid"],$_REQUEST['contactid'],'contactid',1,1); + $html->select_contacts(GETPOST("socid"),GETPOST('contactid'),'contactid',1,1); print ''; } @@ -496,7 +509,7 @@ if ($_GET["action"] == 'create') $langs->load("project"); print ''.$langs->trans("Project").''; - $numproject=select_projects($societe->id,$_REQUEST["projectid"]?$_REQUEST["projectid"]:$projectid,'projectid'); + $numproject=select_projects($societe->id,GETPOST("projectid")?GETPOST("projectid"):$projectid,'projectid'); if ($numproject==0) { print '   '.$langs->trans("AddProject").''; @@ -511,33 +524,33 @@ if ($_GET["action"] == 'create') // Affected by print ''.$langs->trans("ActionAffectedTo").''; // $html->select_users($_REQUEST["affectedto"]?$_REQUEST["affectedto"]:$actioncomm->usertodo,'affectedto',1); - $html->select_users($_REQUEST["affectedto"]?$_REQUEST["affectedto"]:($actioncomm->usertodo->id > 0 ? $actioncomm->usertodo : $user),'affectedto',1); + $html->select_users(GETPOST("affectedto")?GETPOST("affectedto"):($actioncomm->usertodo->id > 0 ? $actioncomm->usertodo : $user),'affectedto',1); print ''; // Realised by print ''.$langs->trans("ActionDoneBy").''; - $html->select_users($_REQUEST["doneby"]?$_REQUEST["doneby"]:$actioncomm->userdone,'doneby',1); + $html->select_users(GETPOST("doneby")?GETPOST("doneby"):$actioncomm->userdone,'doneby',1); print ''; print ''; print '
'; print ''; - if (! empty($_GET["datep"]) && preg_match('/^([0-9][0-9][0-9][0-9])([0-9][0-9])([0-9][0-9])$/',$_GET["datep"],$reg)) + if (GETPOST("datep") && preg_match('/^([0-9][0-9][0-9][0-9])([0-9][0-9])([0-9][0-9])$/',GETPOST("datep"),$reg)) { $actioncomm->datep=dol_mktime(0,0,0,$reg[2],$reg[3],$reg[1]); } // Date start print ''; // Date end print ''; @@ -545,14 +558,14 @@ if ($_GET["action"] == 'create') print ''; print ''; @@ -642,19 +655,19 @@ if ($_GET["id"]) $delay_warning=$conf->global->MAIN_DELAY_ACTIONS_TODO*24*60*60; // Confirmation suppression action - if ($_GET["action"] == 'delete') + if (GETPOST("action") == 'delete') { $ret=$html->form_confirm("fiche.php?id=".$_GET["id"],$langs->trans("DeleteAction"),$langs->trans("ConfirmDeleteAction"),"confirm_delete",'','',1); if ($ret == 'html') print '
'; } - if ($_REQUEST["action"] == 'edit') + if (GETPOST("action") == 'edit') { // Fiche action en mode edition print ''; print ''; print ''; - print ''; + print ''; if (! empty($_REQUEST["backtopage"])) print ''; print '
'.$langs->trans("DateActionStart").''; - if ($_REQUEST["afaire"] == 1) $html->select_date($actioncomm->datep,'ap',1,1,0,"action",1,1); - else if ($_REQUEST["afaire"] == 2) $html->select_date($actioncomm->datep,'ap',1,1,1,"action",1,1); + if (GETPOST("afaire") == 1) $html->select_date($actioncomm->datep,'ap',1,1,0,"action",1,1); + else if (GETPOST("afaire") == 2) $html->select_date($actioncomm->datep,'ap',1,1,1,"action",1,1); else $html->select_date($actioncomm->datep,'ap',1,1,1,"action",1,1); print '
'.$langs->trans("DateActionEnd").''; - if ($_REQUEST["afaire"] == 1) $html->select_date($actioncomm->datef,'p2',1,1,1,"action",1,1); - else if ($_REQUEST["afaire"] == 2) $html->select_date($actioncomm->datef,'p2',1,1,1,"action",1,1); + if (GETPOST("afaire") == 1) $html->select_date($actioncomm->datef,'p2',1,1,1,"action",1,1); + else if (GETPOST("afaire") == 2) $html->select_date($actioncomm->datef,'p2',1,1,1,"action",1,1); else $html->select_date($actioncomm->datef,'p2',1,1,1,"action",1,1); print '
'.$langs->trans("Status").' / '.$langs->trans("Percentage").''; $percent=0; - if (isset($_POST['percentage'])) + if (GETPOST('percentage')) { - $percent=$_POST['percentage']; + $percent=GETPOST('percentage'); } else { - if ($_REQUEST["afaire"] == 1) $percent=0; - if ($_REQUEST["afaire"] == 2) $percent=100; + if (GETPOST("afaire") == 1) $percent=0; + if (GETPOST("afaire") == 2) $percent=100; } print $htmlactions->form_select_status_action('formaction',$percent,1); print '
'; @@ -674,7 +687,7 @@ if ($_GET["id"]) // Company print ''; print ''; // Contact
'.$langs->trans("Company").''; - print $html->select_societes($act->societe->id,'socid',1,1); + print $html->select_societes($act->societe->id,'socid','',1,1); print '