diff --git a/htdocs/accountancy/admin/journals_list.php b/htdocs/accountancy/admin/journals_list.php index 20d0a5200a5..ae254788b08 100644 --- a/htdocs/accountancy/admin/journals_list.php +++ b/htdocs/accountancy/admin/journals_list.php @@ -51,8 +51,8 @@ $acts[1] = "disable"; $actl[0] = img_picto($langs->trans("Disabled"),'switch_off'); $actl[1] = img_picto($langs->trans("Activated"),'switch_on'); -$listoffset=GETPOST('listoffset'); -$listlimit=GETPOST('listlimit')>0?GETPOST('listlimit'):1000; +$listoffset=GETPOST('listoffset', 'alpha'); +$listlimit=GETPOST('listlimit', 'int')>0?GETPOST('listlimit', 'int'):1000; $active = 1; $sortfield = GETPOST("sortfield",'alpha'); @@ -143,13 +143,13 @@ $sourceList = array( * Actions */ -if (GETPOST('button_removefilter') || GETPOST('button_removefilter.x') || GETPOST('button_removefilter_x')) +if (GETPOST('button_removefilter', 'alpha') || GETPOST('button_removefilter.x', 'alpha') || GETPOST('button_removefilter_x', 'alpha')) { $search_country_id = ''; } // Actions add or modify an entry into a dictionary -if (GETPOST('actionadd') || GETPOST('actionmodify')) +if (GETPOST('actionadd', 'alpha') || GETPOST('actionmodify', 'alpha')) { $listfield=explode(',', str_replace(' ', '',$tabfield[$id])); $listfieldinsert=explode(',',$tabfieldinsert[$id]); @@ -190,7 +190,7 @@ if (GETPOST('actionadd') || GETPOST('actionmodify')) if ($_POST["accountancy_code_buy"] <= 0) $_POST["accountancy_code_buy"]=''; // If empty, we force to null // Si verif ok et action add, on ajoute la ligne - if ($ok && GETPOST('actionadd')) + if ($ok && GETPOST('actionadd', 'alpha')) { if ($tabrowid[$id]) { @@ -252,7 +252,7 @@ if (GETPOST('actionadd') || GETPOST('actionmodify')) } // Si verif ok et action modify, on modifie la ligne - if ($ok && GETPOST('actionmodify')) + if ($ok && GETPOST('actionmodify', 'alpha')) { if ($tabrowid[$id]) { $rowidcol=$tabrowid[$id]; } else { $rowidcol="rowid"; } @@ -294,7 +294,7 @@ if (GETPOST('actionadd') || GETPOST('actionmodify')) //$_GET["id"]=GETPOST('id', 'int'); // Force affichage dictionnaire en cours d'edition } -//if (GETPOST('actioncancel')) +//if (GETPOST('actioncancel', 'alpha')) //{ // $_GET["id"]=GETPOST('id', 'int'); // Force affichage dictionnaire en cours d'edition //} @@ -462,7 +462,7 @@ if ($id) $obj = new stdClass(); // If data was already input, we define them in obj to populate input fields. - if (GETPOST('actionadd')) + if (GETPOST('actionadd', 'alpha')) { foreach ($fieldlist as $key=>$val) { @@ -504,7 +504,7 @@ if ($id) $paramwithsearch = $param; if ($sortorder) $paramwithsearch.= '&sortorder='.$sortorder; if ($sortfield) $paramwithsearch.= '&sortfield='.$sortfield; - if (GETPOST('from')) $paramwithsearch.= '&from='.GETPOST('from','alpha'); + if (GETPOST('from', 'alpha')) $paramwithsearch.= '&from='.GETPOST('from','alpha'); // There is several pages if ($num > $listlimit) diff --git a/htdocs/accountancy/admin/productaccount.php b/htdocs/accountancy/admin/productaccount.php index 2467b89b108..0babd9aab5f 100644 --- a/htdocs/accountancy/admin/productaccount.php +++ b/htdocs/accountancy/admin/productaccount.php @@ -62,8 +62,8 @@ $search_current_account_valid = GETPOST('search_current_account_valid', 'alpha') if ($search_current_account_valid == '') $search_current_account_valid='withoutvalidaccount'; $accounting_product_mode = GETPOST('accounting_product_mode', 'alpha'); -$btn_changeaccount = GETPOST('changeaccount'); -$btn_changetype = GETPOST('changetype'); +$btn_changeaccount = GETPOST('changeaccount', 'alpha'); +$btn_changetype = GETPOST('changetype', 'alpha'); $limit = GETPOST('limit','int')?GETPOST('limit','int'):(empty($conf->global->ACCOUNTING_LIMIT_LIST_VENTILATION)?$conf->liste_limit:$conf->global->ACCOUNTING_LIMIT_LIST_VENTILATION); $sortfield = GETPOST("sortfield",'alpha');