diff --git a/htdocs/comm/list.php b/htdocs/comm/list.php
index 18c95d655f5..3f507b3a452 100755
--- a/htdocs/comm/list.php
+++ b/htdocs/comm/list.php
@@ -36,9 +36,9 @@ $socid = GETPOST('socid','int');
if ($user->societe_id) $socid=$user->societe_id;
$result = restrictedArea($user,'societe',$socid,'');
-$sortfield = isset($_GET["sortfield"])?$_GET["sortfield"]:$_POST["sortfield"];
-$sortorder = isset($_GET["sortorder"])?$_GET["sortorder"]:$_POST["sortorder"];
-$page=isset($_GET["page"])?$_GET["page"]:$_POST["page"];
+$sortfield = GETPOST('sortfield','alpha');
+$sortorder = GETPOST('sortorder','alpha');
+$page=GETPOST('page','int');
if ($page == -1) { $page = 0 ; }
$offset = $conf->liste_limit * $page;
$pageprev = $page - 1;
@@ -115,12 +115,6 @@ if ($search_sale)
{
$sql .= " AND sc.fk_user = ".$search_sale;
}
-if ($socname)
-{
- $sql.= " AND s.nom LIKE '%".$db->escape(strtolower($socname))."%'";
- $sortfield = "s.nom";
- $sortorder = "ASC";
-}
// Count total nb of records
$nbtotalofrecords = 0;
@@ -177,7 +171,7 @@ if ($result)
print_liste_field_titre($langs->trans("CustomerCode"),$_SERVER["PHP_SELF"],"s.code_client","",$param,"",$sortfield,$sortorder);
print_liste_field_titre($langs->trans("AccountancyCode"),$_SERVER["PHP_SELF"],"s.code_compta","",$param,'align="left"',$sortfield,$sortorder);
print_liste_field_titre($langs->trans("DateCreation"),$_SERVER["PHP_SELF"],"datec","",$param,'align="right"',$sortfield,$sortorder);
- print_liste_field_titre($langs->trans("Status"),$_SERVER["PHP_SELF"],"s.status","",$params,'align="right"',$sortfield,$sortorder);
+ print_liste_field_titre($langs->trans("Status"),$_SERVER["PHP_SELF"],"s.status","",$param,'align="right"',$sortfield,$sortorder);
print "\n";
print '';
diff --git a/htdocs/comm/prospect/list.php b/htdocs/comm/prospect/list.php
index ca9ee950b13..a2f7e57a05a 100755
--- a/htdocs/comm/prospect/list.php
+++ b/htdocs/comm/prospect/list.php
@@ -36,6 +36,7 @@ $socid = GETPOST("socid",'int');
if ($user->societe_id) $socid=$user->societe_id;
$result = restrictedArea($user, 'societe',$socid,'');
+$action = GETPOST('action','alpha');
$socname = GETPOST("socname",'alpha');
$stcomm = GETPOST("stcomm",'int');
$search_nom = GETPOST("search_nom");
@@ -127,8 +128,6 @@ if ($resql)
{
$search_levels[] = '"'.preg_replace('[^A-Za-z0-9_-]', '', $obj->code).'"';
}
-
- $i++;
}
// Implode the $search_levels array so that it can be use in a "IN (...)" where clause.
@@ -138,8 +137,8 @@ if ($resql)
else dol_print_error($db);
// Load sale and categ filters
-$search_sale = isset($_GET["search_sale"])?$_GET["search_sale"]:$_POST["search_sale"];
-$search_categ = isset($_GET["search_categ"])?$_GET["search_categ"]:$_POST["search_categ"];
+$search_sale = GETPOST('search_sale');
+$search_categ = GETPOST('search_categ');
// If the user must only see his prospect, force searching by him
if (!$user->rights->societe->client->voir && !$socid) $search_sale = $user->id;
@@ -149,7 +148,7 @@ $sts = array(-1,0,1,2,3);
/*
* Actions
*/
-if ($_GET["action"] == 'cstc')
+if ($action == 'cstc')
{
$sql = "UPDATE ".MAIN_DB_PREFIX."societe SET fk_stcomm = ".$_GET["pstcomm"];
$sql .= " WHERE rowid = ".$_GET["socid"];
@@ -290,7 +289,7 @@ if ($resql)
print_liste_field_titre($langs->trans("ProspectLevelShort"),$_SERVER["PHP_SELF"],"s.fk_prospectlevel","",$param,'align="center"',$sortfield,$sortorder);
print_liste_field_titre($langs->trans("StatusProsp"),$_SERVER["PHP_SELF"],"s.fk_stcomm","",$param,'align="center"',$sortfield,$sortorder);
print '| | ';
- print_liste_field_titre($langs->trans("Status"),$_SERVER["PHP_SELF"],"s.status","",$params,'align="right"',$sortfield,$sortorder);
+ print_liste_field_titre($langs->trans("Status"),$_SERVER["PHP_SELF"],"s.status","",$param,'align="right"',$sortfield,$sortorder);
print "
\n";
print '';
@@ -417,7 +416,7 @@ else
dol_print_error($db);
}
-$db->close();
llxFooter();
+$db->close();
?>
\ No newline at end of file
diff --git a/htdocs/core/class/html.formcompany.class.php b/htdocs/core/class/html.formcompany.class.php
index 35c86f236b3..a7af53ca09c 100644
--- a/htdocs/core/class/html.formcompany.class.php
+++ b/htdocs/core/class/html.formcompany.class.php
@@ -1,5 +1,6 @@
+/* Copyright (C) 2008-2012 Laurent Destailleur
+ * Copyright (C) 2008-2012 Regis Houssin
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@@ -673,26 +674,32 @@ class FormCompany
global $conf,$langs;
$formlength=0;
- if ($country_code == 'FR' && empty($conf->global->MAIN_DISABLEPROFIDRULES))
- {
- if ($idprof==1) $formlength=9;
- if ($idprof==2) $formlength=14;
- if ($idprof==3) $formlength=5; // 4 chiffres et 1 lettre depuis janvier
- if ($idprof==4) $formlength=32; // No maximum as we need to include a town name in this id
- }
- if ($country_code == 'ES' && empty($conf->global->MAIN_DISABLEPROFIDRULES))
- {
- if ($idprof==1) $formlength=9; //CIF/NIF/NIE 9 digits
- if ($idprof==2) $formlength=12; //NASS 12 digits without /
- if ($idprof==3) $formlength=5; //CNAE 5 digits
- if ($idprof==4) $formlength=32; //depend of college
+ if (empty($conf->global->MAIN_DISABLEPROFIDRULES)) {
+ if ($country_code == 'FR')
+ {
+ if (isset($idprof)) {
+ if ($idprof==1) $formlength=9;
+ else if ($idprof==2) $formlength=14;
+ else if ($idprof==3) $formlength=5; // 4 chiffres et 1 lettre depuis janvier
+ else if ($idprof==4) $formlength=32; // No maximum as we need to include a town name in this id
+ }
+ }
+ else if ($country_code == 'ES')
+ {
+ if ($idprof==1) $formlength=9; //CIF/NIF/NIE 9 digits
+ if ($idprof==2) $formlength=12; //NASS 12 digits without /
+ if ($idprof==3) $formlength=5; //CNAE 5 digits
+ if ($idprof==4) $formlength=32; //depend of college
+ }
}
$selected=$preselected;
- if (! $selected && $idprof==1) $selected=$this->idprof1;
- if (! $selected && $idprof==2) $selected=$this->idprof2;
- if (! $selected && $idprof==3) $selected=$this->idprof3;
- if (! $selected && $idprof==4) $selected=$this->idprof4;
+ if (! $selected && isset($idprof)) {
+ if ($idprof==1 && ! empty($this->idprof1)) $selected=$this->idprof1;
+ else if ($idprof==2 && ! empty($this->idprof2)) $selected=$this->idprof2;
+ else if ($idprof==3 && ! empty($this->idprof3)) $selected=$this->idprof3;
+ else if ($idprof==4 && ! empty($this->idprof4)) $selected=$this->idprof4;
+ }
$maxlength=$formlength;
if (empty($formlength)) { $formlength=24; $maxlength=128; }
diff --git a/htdocs/core/lib/functions2.lib.php b/htdocs/core/lib/functions2.lib.php
index 58092b58df9..8190444ccab 100644
--- a/htdocs/core/lib/functions2.lib.php
+++ b/htdocs/core/lib/functions2.lib.php
@@ -583,6 +583,7 @@ function get_next_value($db,$mask,$table,$field,$where='',$objsoc='',$date='',$m
if (! empty($reg[3]) && preg_match('/^\+/',$reg[3])) $maskoffset=preg_replace('/^\+/','',$reg[3]);
// Define $sqlwhere
+ $sqlwhere='';
// If a restore to zero after a month is asked we check if there is already a value for this year.
if (! empty($reg[2]) && preg_match('/^@/',$reg[2])) $maskraz=preg_replace('/^@/','',$reg[2]);
@@ -617,7 +618,6 @@ function get_next_value($db,$mask,$table,$field,$where='',$objsoc='',$date='',$m
if (dol_strlen($reg[$posy]) == 4) $yearcomp=sprintf("%04d",date("Y",$date)+$yearoffset);
if (dol_strlen($reg[$posy]) == 2) $yearcomp=sprintf("%02d",date("y",$date)+$yearoffset);
if (dol_strlen($reg[$posy]) == 1) $yearcomp=substr(date("y",$date),2,1)+$yearoffset;
- $sqlwhere='';
if ($monthcomp > 1) // Test with month is useless if monthcomp = 0 or 1 (0 is same as 1)
{
if (dol_strlen($reg[$posy]) == 4) $yearcomp1=sprintf("%04d",date("Y",$date)+$yearoffset+1);
@@ -720,7 +720,7 @@ function get_next_value($db,$mask,$table,$field,$where='',$objsoc='',$date='',$m
{
$counter++;
- if ($maskrefclient_maskcounter)
+ if (! empty($maskrefclient_maskcounter))
{
//print "maskrefclient_maskcounter=".$maskrefclient_maskcounter." maskwithnocode=".$maskwithnocode." maskrefclient=".$maskrefclient."\n
";
diff --git a/htdocs/core/modules/societe/modules_societe.class.php b/htdocs/core/modules/societe/modules_societe.class.php
index 491b511d6fd..dab868bcbf1 100644
--- a/htdocs/core/modules/societe/modules_societe.class.php
+++ b/htdocs/core/modules/societe/modules_societe.class.php
@@ -2,7 +2,7 @@
/* Copyright (C) 2003-2005 Rodolphe Quiedeville
* Copyright (C) 2004-2010 Laurent Destailleur
* Copyright (C) 2004 Eric Seigne
- * Copyright (C) 2005-2007 Regis Houssin
+ * Copyright (C) 2005-2012 Regis Houssin
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@@ -193,25 +193,25 @@ abstract class ModeleThirdPartyCode
if ($type == 0)
{
$s.=$langs->trans("RequiredIfCustomer").': ';
- if ($conf->global->MAIN_COMPANY_CODE_ALWAYS_REQUIRED && !empty($this->code_null)) $s.='';
+ if (! empty($conf->global->MAIN_COMPANY_CODE_ALWAYS_REQUIRED) && ! empty($this->code_null)) $s.='';
$s.=yn(!$this->code_null,1,2);
- if ($conf->global->MAIN_COMPANY_CODE_ALWAYS_REQUIRED && !empty($this->code_null)) $s.=' '.yn(1,1,2).' ('.$langs->trans("ForcedToByAModule",$langs->transnoentities("yes")).')';
+ if (! empty($conf->global->MAIN_COMPANY_CODE_ALWAYS_REQUIRED) && ! empty($this->code_null)) $s.=' '.yn(1,1,2).' ('.$langs->trans("ForcedToByAModule",$langs->transnoentities("yes")).')';
$s.='
';
}
if ($type == 1)
{
$s.=$langs->trans("RequiredIfSupplier").': ';
- if ($conf->global->MAIN_COMPANY_CODE_ALWAYS_REQUIRED && !empty($this->code_null)) $s.='';
+ if (! empty($conf->global->MAIN_COMPANY_CODE_ALWAYS_REQUIRED) && ! empty($this->code_null)) $s.='';
$s.=yn(!$this->code_null,1,2);
- if ($conf->global->MAIN_COMPANY_CODE_ALWAYS_REQUIRED && !empty($this->code_null)) $s.=' '.yn(1,1,2).' ('.$langs->trans("ForcedToByAModule",$langs->transnoentities("yes")).')';
+ if (! empty($conf->global->MAIN_COMPANY_CODE_ALWAYS_REQUIRED) && ! empty($this->code_null)) $s.=' '.yn(1,1,2).' ('.$langs->trans("ForcedToByAModule",$langs->transnoentities("yes")).')';
$s.='
';
}
if ($type == -1)
{
$s.=$langs->trans("Required").': ';
- if ($conf->global->MAIN_COMPANY_CODE_ALWAYS_REQUIRED && !empty($this->code_null)) $s.='';
+ if (! empty($conf->global->MAIN_COMPANY_CODE_ALWAYS_REQUIRED) && ! empty($this->code_null)) $s.='';
$s.=yn(!$this->code_null,1,2);
- if ($conf->global->MAIN_COMPANY_CODE_ALWAYS_REQUIRED && !empty($this->code_null)) $s.=' '.yn(1,1,2).' ('.$langs->trans("ForcedToByAModule",$langs->transnoentities("yes")).')';
+ if (! empty($conf->global->MAIN_COMPANY_CODE_ALWAYS_REQUIRED) && ! empty($this->code_null)) $s.=' '.yn(1,1,2).' ('.$langs->trans("ForcedToByAModule",$langs->transnoentities("yes")).')';
$s.='
';
}
$s.=$langs->trans("CanBeModifiedIfOk").': ';
diff --git a/htdocs/fourn/liste.php b/htdocs/fourn/liste.php
index 765683d3b64..e7216a01146 100644
--- a/htdocs/fourn/liste.php
+++ b/htdocs/fourn/liste.php
@@ -1,7 +1,7 @@
* Copyright (C) 2004-2012 Laurent Destailleur
- * Copyright (C) 2005-2011 Regis Houssin
+ * Copyright (C) 2005-2012 Regis Houssin
* Copyright (C) 2011 Philippe Grand
*
* This program is free software; you can redistribute it and/or modify
@@ -109,7 +109,7 @@ if ($resql)
$num = $db->num_rows($resql);
$i = 0;
- $param = "&search_nom=".$search_nom."&search_code=".$search_code."&search_ville=".$search_ville;
+ $param = "&search_nom=".$search_nom."&search_code_fournisseur=".$search_code_fournisseur."&search_ville=".$search_ville;
if ($search_categ != '') $param.='&search_categ='.$search_categ;
print_barre_liste($langs->trans("ListOfSuppliers"), $page, $_SERVER["PHP_SELF"], $param, $sortfield, $sortorder, '', $num, $nbtotalofrecords);
@@ -139,7 +139,7 @@ if ($resql)
print_liste_field_titre($langs->trans("SupplierCode"),$_SERVER["PHP_SELF"],"s.code_fournisseur","",$param,'align="left"',$sortfield,$sortorder);
print_liste_field_titre($langs->trans("AccountancyCode"),$_SERVER["PHP_SELF"],"s.code_compta_fournisseur","",$param,'align="left"',$sortfield,$sortorder);
print_liste_field_titre($langs->trans("DateCreation"),$_SERVER["PHP_SELF"],"s.datec","",$param,'align="right"',$sortfield,$sortorder);
- print_liste_field_titre($langs->trans("Status"),$_SERVER["PHP_SELF"],"s.status","",$params,'align="right"',$sortfield,$sortorder);
+ print_liste_field_titre($langs->trans("Status"),$_SERVER["PHP_SELF"],"s.status","",$param,'align="right"',$sortfield,$sortorder);
print "
\n";
print '';
diff --git a/htdocs/societe/soc.php b/htdocs/societe/soc.php
index 06a10088449..4125279fd9f 100644
--- a/htdocs/societe/soc.php
+++ b/htdocs/societe/soc.php
@@ -58,6 +58,7 @@ $extrafields = new ExtraFields($db);
// Get object canvas (By default, this is not defined, so standard usage of dolibarr)
$object->getCanvas($socid);
$canvas = $object->canvas?$object->canvas:GETPOST("canvas");
+$objcanvas='';
if (! empty($canvas))
{
require_once(DOL_DOCUMENT_ROOT."/core/class/canvas.class.php");
@@ -113,67 +114,67 @@ if (empty($reshook))
{
$object->particulier = GETPOST("private");
- $object->name = empty($conf->global->MAIN_FIRSTNAME_NAME_POSITION)?trim($_POST["prenom"].' '.$_POST["nom"]):trim($_POST["nom"].' '.$_POST["prenom"]);
- $object->civilite_id = $_POST["civilite_id"];
+ $object->name = empty($conf->global->MAIN_FIRSTNAME_NAME_POSITION)?GETPOST('prenom').' '.GETPOST('nom'):GETPOST('nom').' '.GETPOST('prenom');
+ $object->civilite_id = GETPOST('civilite_id');
// Add non official properties
- $object->name_bis = $_POST["nom"];
- $object->firstname = $_POST["prenom"];
+ $object->name_bis = GETPOST('nom');
+ $object->firstname = GETPOST('prenom');
}
else
{
- $object->name = $_POST["nom"];
+ $object->name = GETPOST('nom');
}
- $object->address = $_POST["adresse"];
- $object->zip = $_POST["zipcode"];
- $object->town = $_POST["town"];
- $object->country_id = $_POST["country_id"];
- $object->state_id = $_POST["departement_id"];
- $object->tel = $_POST["tel"];
- $object->fax = $_POST["fax"];
- $object->email = trim($_POST["email"]);
- $object->url = trim($_POST["url"]);
- $object->idprof1 = $_POST["idprof1"];
- $object->idprof2 = $_POST["idprof2"];
- $object->idprof3 = $_POST["idprof3"];
- $object->idprof4 = $_POST["idprof4"];
- $object->prefix_comm = $_POST["prefix_comm"];
- $object->code_client = $_POST["code_client"];
- $object->code_fournisseur = $_POST["code_fournisseur"];
- $object->capital = $_POST["capital"];
- $object->barcode = $_POST["barcode"];
+ $object->address = GETPOST('adresse');
+ $object->zip = GETPOST('zipcode');
+ $object->town = GETPOST('town');
+ $object->country_id = GETPOST('country_id');
+ $object->state_id = GETPOST('departement_id');
+ $object->tel = GETPOST('tel');
+ $object->fax = GETPOST('fax');
+ $object->email = GETPOST('email');
+ $object->url = GETPOST('url');
+ $object->idprof1 = GETPOST('idprof1');
+ $object->idprof2 = GETPOST('idprof2');
+ $object->idprof3 = GETPOST('idprof3');
+ $object->idprof4 = GETPOST('idprof4');
+ $object->prefix_comm = GETPOST('prefix_comm');
+ $object->code_client = GETPOST('code_client');
+ $object->code_fournisseur = GETPOST('code_fournisseur');
+ $object->capital = GETPOST('capital');
+ $object->barcode = GETPOST('barcode');
- $object->tva_intra = $_POST["tva_intra"];
- $object->tva_assuj = $_POST["assujtva_value"];
- $object->status = $_POST["status"];
+ $object->tva_intra = GETPOST('tva_intra');
+ $object->tva_assuj = GETPOST('assujtva_value');
+ $object->status = GETPOST('status');
// Local Taxes
- $object->localtax1_assuj = $_POST["localtax1assuj_value"];
- $object->localtax2_assuj = $_POST["localtax2assuj_value"];
+ $object->localtax1_assuj = GETPOST('localtax1assuj_value');
+ $object->localtax2_assuj = GETPOST('localtax2assuj_value');
- $object->forme_juridique_code = $_POST["forme_juridique_code"];
- $object->effectif_id = $_POST["effectif_id"];
+ $object->forme_juridique_code = GETPOST('forme_juridique_code');
+ $object->effectif_id = GETPOST('effectif_id');
if (GETPOST("private") == 1)
{
$object->typent_id = 8; // TODO predict another method if the field "special" change of rowid
}
else
{
- $object->typent_id = $_POST["typent_id"];
+ $object->typent_id = GETPOST('typent_id');
}
- $object->client = $_POST["client"];
- $object->fournisseur = $_POST["fournisseur"];
- $object->fournisseur_categorie = $_POST["fournisseur_categorie"];
+ $object->client = GETPOST('client');
+ $object->fournisseur = GETPOST('fournisseur');
+ $object->fournisseur_categorie = GETPOST('fournisseur_categorie');
- $object->commercial_id = $_POST["commercial_id"];
- $object->default_lang = $_POST["default_lang"];
+ $object->commercial_id = GETPOST('commercial_id');
+ $object->default_lang = GETPOST('default_lang');
// Get extra fields
foreach($_POST as $key => $value)
{
if (preg_match("/^options_/",$key))
{
- $object->array_options[$key]=$_POST[$key];
+ $object->array_options[$key]=GETPOST($key);
}
}
@@ -546,49 +547,49 @@ else
if ($conf->fournisseur->enabled && (GETPOST("type")=='f' || GETPOST("type")=='')) { $object->fournisseur=1; }
if (GETPOST("private")==1) { $object->particulier=1; }
- $object->name = $_POST["nom"];
- $object->firstname = $_POST["prenom"];
+ $object->name = GETPOST('nom');
+ $object->firstname = GETPOST('prenom');
$object->particulier = GETPOST('private', 'int');
- $object->prefix_comm = $_POST["prefix_comm"];
- $object->client = $_POST["client"]?$_POST["client"]:$object->client;
- $object->code_client = $_POST["code_client"];
- $object->fournisseur = $_POST["fournisseur"]?$_POST["fournisseur"]:$object->fournisseur;
- $object->code_fournisseur = $_POST["code_fournisseur"];
- $object->address = $_POST["adresse"];
- $object->zip = $_POST["zipcode"];
- $object->town = $_POST["town"];
- $object->state_id = $_POST["departement_id"];
- $object->tel = $_POST["tel"];
- $object->fax = $_POST["fax"];
- $object->email = $_POST["email"];
- $object->url = $_POST["url"];
- $object->capital = $_POST["capital"];
- $object->barcode = $_POST["barcode"];
- $object->idprof1 = $_POST["idprof1"];
- $object->idprof2 = $_POST["idprof2"];
- $object->idprof3 = $_POST["idprof3"];
- $object->idprof4 = $_POST["idprof4"];
- $object->typent_id = $_POST["typent_id"];
- $object->effectif_id = $_POST["effectif_id"];
- $object->civility_id = $_POST["civilite_id"];
+ $object->prefix_comm = GETPOST('prefix_comm');
+ $object->client = GETPOST('client')?GETPOST('client'):$object->client;
+ $object->code_client = GETPOST('code_client');
+ $object->fournisseur = GETPOST('fournisseur')?GETPOST('fournisseur'):$object->fournisseur;
+ $object->code_fournisseur = GETPOST('code_fournisseur');
+ $object->address = GETPOST('adresse');
+ $object->zip = GETPOST('zipcode');
+ $object->town = GETPOST('town');
+ $object->state_id = GETPOST('departement_id');
+ $object->tel = GETPOST('tel');
+ $object->fax = GETPOST('fax');
+ $object->email = GETPOST('email');
+ $object->url = GETPOST('url');
+ $object->capital = GETPOST('capital');
+ $object->barcode = GETPOST('barcode');
+ $object->idprof1 = GETPOST('idprof1');
+ $object->idprof2 = GETPOST('idprof2');
+ $object->idprof3 = GETPOST('idprof3');
+ $object->idprof4 = GETPOST('idprof4');
+ $object->typent_id = GETPOST('typent_id');
+ $object->effectif_id = GETPOST('effectif_id');
+ $object->civility_id = GETPOST('civilite_id');
- $object->tva_assuj = $_POST["assujtva_value"];
- $object->status = $_POST["status"];
+ $object->tva_assuj = GETPOST('assujtva_value');
+ $object->status = GETPOST('status');
//Local Taxes
- $object->localtax1_assuj = $_POST["localtax1assuj_value"];
- $object->localtax2_assuj = $_POST["localtax2assuj_value"];
+ $object->localtax1_assuj = GETPOST('localtax1assuj_value');
+ $object->localtax2_assuj = GETPOST('localtax2assuj_value');
- $object->tva_intra = $_POST["tva_intra"];
+ $object->tva_intra = GETPOST('tva_intra');
- $object->commercial_id = $_POST["commercial_id"];
- $object->default_lang = $_POST["default_lang"];
+ $object->commercial_id = GETPOST('commercial_id');
+ $object->default_lang = GETPOST('default_lang');
- $object->logo = dol_sanitizeFileName($_FILES['photo']['name']);
+ $object->logo = (isset($_FILES['photo'])?dol_sanitizeFileName($_FILES['photo']['name']):'');
// Gestion du logo de la société
- $dir = $conf->societe->multidir_output[$object->entity]."/".$object->id."/logos";
- $file_OK = is_uploaded_file($_FILES['photo']['tmp_name']);
+ $dir = $conf->societe->multidir_output[$conf->entity]."/".$object->id."/logos";
+ $file_OK = (isset($_FILES['photo'])?is_uploaded_file($_FILES['photo']['tmp_name']):false);
if ($file_OK)
{
if (image_format_supported($_FILES['photo']['name']))
@@ -619,19 +620,19 @@ else
}
// We set country_id, country_code and country for the selected country
- $object->country_id=$_POST["country_id"]?$_POST["country_id"]:$mysoc->country_id;
+ $object->country_id=GETPOST('country_id')?GETPOST('country_id'):$mysoc->country_id;
if ($object->country_id)
{
$tmparray=getCountry($object->country_id,'all');
$object->country_code=$tmparray['code'];
$object->country=$tmparray['label'];
}
- $object->forme_juridique_code=$_POST['forme_juridique_code'];
+ $object->forme_juridique_code=GETPOST('forme_juridique_code');
/* Show create form */
print_fiche_titre($langs->trans("NewThirdParty"));
- if ($conf->use_javascript_ajax)
+ if (! empty($conf->use_javascript_ajax))
{
print "\n".'