diff --git a/htdocs/core/lib/functions.lib.php b/htdocs/core/lib/functions.lib.php
index b4b2adcde8b..126b69c233e 100644
--- a/htdocs/core/lib/functions.lib.php
+++ b/htdocs/core/lib/functions.lib.php
@@ -828,7 +828,10 @@ function checkVal($out = '', $check = 'alphanohtml', $filter = null, $options =
// We replace chars from a/A to z/Z encoded with numeric HTML entities with the real char so we won't loose the chars at the next step (preg_replace).
// No need to use a loop here, this step is not to sanitize (this is done at next step, this is to try to save chars, even if they are
// using a non coventionnel way to be encoded, to not have them sanitized just after)
- $out = preg_replace_callback('/&#(x?[0-9][0-9a-f]+;?)/i', 'realCharForNumericEntities', $out);
+ //$out = preg_replace_callback('/&#(x?[0-9][0-9a-f]+;?)/i', 'realCharForNumericEntities', $out);
+ $out = preg_replace_callback('/&#(x?[0-9][0-9a-f]+;?)/i', function ($m) {
+ return realCharForNumericEntities($m); }, $out);
+
// Now we remove all remaining HTML entities starting with a number. We don't want such entities.
$out = preg_replace('/&#x?[0-9]+/i', '', $out); // For example if we have javascript with an entities without the ; to hide the 'a' of 'javascript'.
diff --git a/htdocs/langs/ta_IN/main.lang b/htdocs/langs/ta_IN/main.lang
index f95493447e9..b61756b95b0 100644
--- a/htdocs/langs/ta_IN/main.lang
+++ b/htdocs/langs/ta_IN/main.lang
@@ -4,7 +4,7 @@ DIRECTION=ltr
# msungstdlight or cid0ct are for traditional Chinese (traditional does not render with Ubuntu pdf reader)
# stsongstdlight or cid0cs are for simplified Chinese
# To read Chinese pdf with Linux: sudo apt-get install poppler-data
-FONTFORPDF=freeserif
+FONTFORPDF=freemono
FONTSIZEFORPDF=10
SeparatorDecimal=.
SeparatorThousand=,
diff --git a/htdocs/main.inc.php b/htdocs/main.inc.php
index 028ed31a618..f54d4e0dbaa 100644
--- a/htdocs/main.inc.php
+++ b/htdocs/main.inc.php
@@ -94,7 +94,9 @@ function testSqlAndScriptInject($val, $type)
do {
$oldval = $val;
$val = html_entity_decode($val, ENT_QUOTES | ENT_HTML5);
- $val = preg_replace_callback('/&#(x?[0-9][0-9a-f]+)/i', 'realCharForNumericEntities', $val); // Sometimes we have entities without the ; at end so html_entity_decode does not work but entities is still interpreted by browser.
+ //$val = preg_replace_callback('/&#(x?[0-9][0-9a-f]+;?)/i', 'realCharForNumericEntities', $val); // Sometimes we have entities without the ; at end so html_entity_decode does not work but entities is still interpreted by browser.
+ $val = preg_replace_callback('/&#(x?[0-9][0-9a-f]+;?)/i', function ($m) {
+ return realCharForNumericEntities($m); }, $val);
} while ($oldval != $val);
//print "after decoding $val\n";
@@ -1599,12 +1601,17 @@ function top_htmlhead($head, $title = '', $disablejs = 0, $disablehead = 0, $arr
dol_syslog("Warning: module ".$modcss." declared a css path file into its descriptor that is empty.", LOG_WARNING);
}
// cssfile is a relative path
- print ''."\n".''."\n";
+ } else {
+ dol_syslog("Warning: module ".$modcss." declared a css path file for a file we can't find.", LOG_WARNING);
}
- print '">'."\n";
}
}
}
@@ -1738,7 +1745,12 @@ function top_htmlhead($head, $title = '', $disablejs = 0, $disablehead = 0, $arr
$filesjs = (array) $filesjs; // To be sure filejs is an array
foreach ($filesjs as $jsfile) {
// jsfile is a relative path
- print ''."\n".''."\n";
+ $urlforjs = dol_buildpath($jsfile, 1);
+ if ($urlforjs) {
+ print ''."\n".''."\n";
+ } else {
+ dol_syslog("Warning: module ".$modjs." declared a js path file for a file we can't find.", LOG_WARNING);
+ }
}
}
}