diff --git a/htdocs/core/lib/ticket.lib.php b/htdocs/core/lib/ticket.lib.php index 66729369af1..826e2d6bc98 100644 --- a/htdocs/core/lib/ticket.lib.php +++ b/htdocs/core/lib/ticket.lib.php @@ -431,6 +431,7 @@ function show_ticket_messaging($conf, $langs, $db, $filterobj, $objcon = '', $no //TODO Add limit in nb of results $sql .= $db->order($sortfield_new, $sortorder); + dol_syslog("company.lib::show_actions_done", LOG_DEBUG); $resql = $db->query($sql); if ($resql) @@ -529,6 +530,8 @@ function show_ticket_messaging($conf, $langs, $db, $filterobj, $objcon = '', $no $out .= '
'; $out .= '
'; + $out .= ''; + if ($objcon && get_class($objcon) == 'Contact' && (is_null($filterobj) || get_class($filterobj) == 'Societe')) { diff --git a/htdocs/main.inc.php b/htdocs/main.inc.php index 28014e8d669..241fe39f1ac 100644 --- a/htdocs/main.inc.php +++ b/htdocs/main.inc.php @@ -370,7 +370,7 @@ if ((!defined('NOCSRFCHECK') && empty($dolibarr_nocsrfcheck) && !empty($conf->gl || defined('CSRFCHECK_WITH_TOKEN')) // Check validity of token, only if option MAIN_SECURITY_CSRF_WITH_TOKEN enabled or if constant CSRFCHECK_WITH_TOKEN is set { // Check all cases that need a token (all POST actions, all actions and mass actions on pages with CSRFCHECK_WITH_TOKEN set, all sensitive GET actions) - if ($_SERVER['REQUEST_METHOD'] == 'POST' || ((GETPOSTISSET('action') || GETPOSTISSET('massaction')) && defined('CSRFCHECK_WITH_TOKEN')) || in_array(GETPOST('action', 'aZ09'), array('add', 'update', 'install', 'delete', 'deleteprof'))) + if ($_SERVER['REQUEST_METHOD'] == 'POST' || ((GETPOSTISSET('action') || GETPOSTISSET('massaction')) && defined('CSRFCHECK_WITH_TOKEN')) || in_array(GETPOST('action', 'aZ09'), array('add', 'addtimespent', 'update', 'install', 'delete', 'deleteprof'))) { if (!GETPOSTISSET('token')) { dol_syslog("--- Access to ".$_SERVER["PHP_SELF"]." refused by CSRFCHECK_WITH_TOKEN protection. Token not provided.");