lainwir3d/dolibarr
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix: ajout d'un jeton alatoire dans les requetes POST

Browse Source
This commit is contained in:
Regis Houssin 2009-05-15 14:21:57 +00:00
parent d3621e4593
commit 1bfd3f609c
4 changed files with 9 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
htdocs/admin/tools/dolibarr_export.php
View File

@ -66,7 +66,7 @@ if ($_GET["msg"])
<!-- Dump of a server -->
<form method="post" action="export.php" name="dump">
<input type="hidden" name="token" value="<?php echo $_SESSION['newtoken'] ?>" />
<input type="hidden" name="token" value="<?php echo $_SESSION['newtoken']; ?>" />
<input type="hidden" name="export_type" value="server" />

11
htdocs/cashdesk/index.php
View File

@ -63,25 +63,22 @@ if ( $_SESSION['uid'] > 0 ) {
<div class="principal_login">
<fieldset class="cadre_facturation"><legend class="titre1">Identification</legend>
<form class="formulaire_login" id="frmLogin" method="post" action="index_verif.php">
<input type="hidden" name="token" value="<?php echo $_SESSION['newtoken'] ?>" />
<input type="hidden" name="token" value="<?php echo $_SESSION['newtoken']; ?>" />
<table>
<tr>
<td class="label1">Nom d'utilisateur</td>
<td><input name="txtUsername" class="texte_login" type="text"
value="<?php echo $_GET['user']; ?>" /></td>
<td><input name="txtUsername" class="texte_login" type="text" value="<?php echo $_GET['user']; ?>" /></td>
</tr>
<tr>
<td class="label1">Mot de passe</td>
<td><input name="pwdPassword" class="texte_login" type="password"
value="" /></td>
<td><input name="pwdPassword" class="texte_login" type="password" value="" /></td>
</tr>
</table>
<span class="bouton_login"><input name="sbmtConnexion" type="submit"
value="Connexion" /></span>
<span class="bouton_login"><input name="sbmtConnexion" type="submit" value="Connexion" /></span>
</form>
</fieldset>

3
htdocs/cashdesk/templates/facturation1.tpl.php
View File

@ -20,6 +20,7 @@ Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
<!-- ========================= Cadre "Article" ============================= -->
<fieldset class="cadre_facturation"><legend class="titre1">Article</legend>
<form id="frmFacturation" class="formulaire1" method="post" action="facturation_verif.php">
<input type="hidden" name="token" value="<?php echo $_SESSION['newtoken']; ?>" />
<input type="hidden" name="hdnSource" value="NULL" />
@ -103,6 +104,7 @@ Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
</form>
<form id="frmQte" class="formulaire1" method="post" action="facturation_verif.php?action=ajout_article" onsubmit ="javascript: return verifSaisie();">
<input type="hidden" name="token" value="<?php echo $_SESSION['newtoken']; ?>" />
<table>
<tr><th class="label1">Quantité</th><th class="label1">Stock</th><th class="label1">Prix unitaire</th><th></th><th class="label1">Taux TVA</th><th class="label1">Remise (%)</th><th class="label1">Prix total</th></tr>
<tr>
@ -145,6 +147,7 @@ Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
<!-- ========================= Cadre "Différence" ============================= -->
<form id="frmDifference" class="formulaire1" method="post" onsubmit="javascript: return verifReglement()" action="validation_verif.php?action=valide_achat">
<input type="hidden" name="token" value="<?php echo $_SESSION['newtoken']; ?>" />
<fieldset class="cadre_facturation"><legend class="titre1">Différence</legend>
<table>
<tr><th class="label1">Montant </th><th class="label1">Encaissé</th><th class="label1">Rendu</th></tr>

1
htdocs/cashdesk/templates/validation1.tpl.php
View File

@ -62,6 +62,7 @@ Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
</table>
<form id="frmValidation" class="formulaire2" method="post" action="validation_verif.php?action=valide_facture">
<input type="hidden" name="token" value="<?php echo $_SESSION['newtoken']; ?>" />
<p class="note_label">Notes<br /><textarea class="textarea_note" name="txtaNotes"></textarea></p>