Fix: bug #15799

htdocs/commande/liste.php

@@ -1,6 +1,6 @@
 <?php
 /* Copyright (C) 2001-2005 Rodolphe Quiedeville  <rodolphe@quiedeville.org>
- * Copyright (C) 2004-2005 Laurent Destailleur   <eldy@users.sourceforge.net>
+ * Copyright (C) 2004-2006 Laurent Destailleur   <eldy@users.sourceforge.net>
  * Copyright (C)      2005 Marc Barilley / Ocebo <marc@ocebo.com>
  *
  * This program is free software; you can redistribute it and/or modify
@@ -67,11 +67,11 @@ $sql.= ' FROM '.MAIN_DB_PREFIX.'societe as s, '.MAIN_DB_PREFIX.'commande as c';
 $sql.= ' WHERE c.fk_soc = s.idp';
 if ($sref)
 {
-	$sql .= " AND c.ref like '%".$sref."%'";
+	$sql .= " AND c.ref like '%".addslashes($sref)."%'";
 }
 if ($sall)
 {
-	$sql .= " AND (c.ref like '%".$sall."%' OR c.note like '%".$sall."%')";
+	$sql .= " AND (c.ref like '%".addslashes($sall)."%' OR c.note like '%".addslashes($sall)."%')";
 }
 if ($socidp)
 {
@@ -95,15 +95,15 @@ if (isset($_GET['afacturer']))
 }
 if (strlen($_POST['sf_ref']) > 0)
 {
-	$sql .= " AND c.ref like '%".$_POST['sf_ref'] . "%'";
+	$sql .= " AND c.ref like '%".addslashes($_POST['sf_ref']) . "%'";
 }
 if (!empty($snom))
 {
-	$sql .= ' AND s.nom like \'%'.$snom.'%\'';
+	$sql .= ' AND s.nom like \'%'.addslashes($snom).'%\'';
 }
 if (!empty($sref_client))
 {
-	$sql .= ' AND c.ref_client like \'%'.$sref_client.'%\'';
+	$sql .= ' AND c.ref_client like \'%'.addslashes($sref_client).'%\'';
 }
 
 $sql .= ' ORDER BY '.$sortfield.' '.$sortorder;

htdocs/compta/clients.php

@@ -118,7 +118,7 @@ if ($action == 'stcomm')
 if ($mode == 'search') {
   if ($mode-search == 'soc') {
     $sql = "SELECT s.idp FROM ".MAIN_DB_PREFIX."societe as s ";
-    $sql .= " WHERE lower(s.nom) like '%".strtolower($socname)."%'";
+    $sql .= " WHERE lower(s.nom) like '%".addslashes(strtolower($socname))."%'";
   }
       
   if ( $db->query($sql) ) {
@@ -147,29 +147,29 @@ if (strlen($stcomm))
 
 if ($socname)
 {
-  $sql .= " AND lower(s.nom) like '%".strtolower($socname)."%'";
-  $sortfield = "lower(s.nom)";
+  $sql .= " AND s.nom like '%".addslashes(strtolower($socname))."%'";
+  $sortfield = "s.nom";
   $sortorder = "ASC";
 }
 
 if ($_GET["search_nom"])
 {
-  $sql .= " AND lower(s.nom) like '%".strtolower($_GET["search_nom"])."%'";
+  $sql .= " AND s.nom like '%".addslashes(strtolower($_GET["search_nom"]))."%'";
 }
 
 if ($_GET["search_compta"])
 {
-  $sql .= " AND s.code_compta like '%".$_GET["search_compta"]."%'";
+  $sql .= " AND s.code_compta like '%".addslashes($_GET["search_compta"])."%'";
 }
 
 if ($_GET["search_code_client"])
 {
-  $sql .= " AND s.code_client like '%".$_GET["search_code_client"]."%'";
+  $sql .= " AND s.code_client like '%".addslashes($_GET["search_code_client"])."%'";
 }
 
 if (strlen($begin))
 {
-  $sql .= " AND upper(s.nom) like '$begin%'";
+  $sql .= " AND s.nom like '".addslashes($begin)."'";
 }
 
 if ($user->societe_id)

htdocs/contrat/services.php

@@ -1,6 +1,6 @@
 <?php
 /* Copyright (C) 2001-2004 Rodolphe Quiedeville <rodolphe@quiedeville.org>
- * Copyright (C) 2004-2005 Laurent Destailleur  <eldy@users.sourceforge.net>
+ * Copyright (C) 2004-2006 Laurent Destailleur  <eldy@users.sourceforge.net>
  *
  * This program is free software; you can redistribute it and/or modify
  * it under the terms of the GNU General Public License as published by
@@ -77,10 +77,10 @@ if ($mode == "0") $sql.= " AND cd.statut = 0";
 if ($mode == "4") $sql.= " AND cd.statut = 4";
 if ($mode == "5") $sql.= " AND cd.statut = 5";
 if ($filter == "expired") $sql.= " AND date_fin_validite < sysdate()";
-if ($search_nom)      $sql.= " AND s.nom like '%".$search_nom."%'";
-if ($search_contract) $sql.= " AND c.rowid = '".$search_contract."'";
-if ($search_service)  $sql.= " AND (p.ref like '%".$search_service."%' OR p.label like '%".$search_service."%')";
-if ($socid > 0)       $sql.= " AND s.idp = $socid";
+if ($search_nom)      $sql.= " AND s.nom like '%".addslashes($search_nom)."%'";
+if ($search_contract) $sql.= " AND c.rowid = '".addslashes($search_contract)."'";
+if ($search_service)  $sql.= " AND (p.ref like '%".addslashes($search_service)."%' OR p.label like '%".addslashes($search_service)."%')";
+if ($socid > 0)       $sql.= " AND s.idp = ".$socid;
 $sql .= " ORDER BY $sortfield $sortorder";
 $sql .= $db->plimit($limit + 1 ,$offset);
 

htdocs/expedition/liste.php

@@ -1,6 +1,6 @@
 <?php
 /* Copyright (C) 2001-2005 Rodolphe Quiedeville <rodolphe@quiedeville.org>
- * Copyright (C) 2004-2005 Laurent Destailleur  <eldy@users.sourceforge.net>
+ * Copyright (C) 2004-2006 Laurent Destailleur  <eldy@users.sourceforge.net>
  *
  * This program is free software; you can redistribute it and/or modify
  * it under the terms of the GNU General Public License as published by
@@ -65,9 +65,9 @@ if ($socidp)
   $sql.= $sql_add . " e.fk_commande = c.rowid AND c.fk_soc = ".$socidp; 
   $sql_add = " AND ";
 }
-if (strlen($_POST["sf_ref"]) > 0)
+if ($_POST["sf_ref"])
 {
-  $sql.= $sql_add . " e.ref like '%".$_POST["sf_ref"] . "%'";
+  $sql.= $sql_add . " e.ref like '%".addslashes($_POST["sf_ref"])."%'";
 }
 
 $expedition = new Expedition($db);

htdocs/fourn/facture/index.php

@@ -1,6 +1,6 @@
 <?php
 /* Copyright (C) 2002-2005 Rodolphe Quiedeville <rodolphe@quiedeville.org>
- * Copyright (C) 2004-2005 Laurent Destailleur  <eldy@users.sourceforge.net>
+ * Copyright (C) 2004-2006 Laurent Destailleur  <eldy@users.sourceforge.net>
  *
  * This program is free software; you can redistribute it and/or modify
  * it under the terms of the GNU General Public License as published by
@@ -18,7 +18,6 @@
  *
  * $Id$
  * $Source$
- *
  */
 
 /**
@@ -73,7 +72,7 @@ if ($_POST["mode"] == 'search')
   if ($_POST["mode-search"] == 'soc')
     {
       $sql = "SELECT s.idp FROM ".MAIN_DB_PREFIX."societe as s ";
-      $sql .= " WHERE lower(s.nom) like '%".strtolower($socname)."%'";
+      $sql.= " WHERE s.nom like '%".addslashes(strtolower($socname))."%'";
     }
       
   if ( $db->query($sql) )
@@ -88,7 +87,6 @@ if ($_POST["mode"] == 'search')
 }
   
 
-llxHeader();
 
 
 /*
@@ -96,6 +94,8 @@ llxHeader();
  *
  */
  
+llxHeader();
+
 $sql = "SELECT s.idp as socid, s.nom, ".$db->pdate("fac.date_lim_reglement")." as date_echeance, fac.total_ht, fac.total_ttc, fac.paye as paye, fac.fk_statut as fk_statut, fac.libelle, fac.rowid as facid, fac.facnumber";
 $sql .= " FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."facture_fourn as fac ";
 $sql .= " WHERE fac.fk_soc = s.idp";
@@ -115,27 +115,27 @@ if ($_GET["filtre"])
 
 if ($_GET["search_ref"])
   {
-    $sql .= " AND fac.facnumber like '%".$_GET["search_ref"]."%'";
+    $sql .= " AND fac.facnumber like '%".addslashes($_GET["search_ref"])."%'";
   }
 
 if ($_GET["search_libelle"])
   {
-    $sql .= " AND fac.libelle like '%".$_GET["search_libelle"]."%'";
+    $sql .= " AND fac.libelle like '%".addslashes($_GET["search_libelle"])."%'";
   }
 
 if ($_GET["search_societe"])
   {
-    $sql .= " AND s.nom like '%".$_GET["search_societe"]."%'";
+    $sql .= " AND s.nom like '%".addslashes($_GET["search_societe"])."%'";
   }
 
 if ($_GET["search_montant_ht"])
   {
-    $sql .= " AND fac.total_ht = '".$_GET["search_montant_ht"]."'";
+    $sql .= " AND fac.total_ht = '".addslashes($_GET["search_montant_ht"])."'";
   }
 
 if ($_GET["search_montant_ttc"])
   {
-    $sql .= " AND fac.total_ttc = '".$_GET["search_montant_ttc"]."'";
+    $sql .= " AND fac.total_ttc = '".addslashes($_GET["search_montant_ttc"])."'";
   }
 
 $sql .= " ORDER BY $sortfield $sortorder " . $db->plimit( $limit+1, $offset);

htdocs/projet/liste.php

@@ -1,6 +1,6 @@
 <?php
 /* Copyright (C) 2001-2005 Rodolphe Quiedeville <rodolphe@quiedeville.org>
- * Copyright (C) 2004-2005 Laurent Destailleur  <eldy@users.sourceforge.net>
+ * Copyright (C) 2004-2006 Laurent Destailleur  <eldy@users.sourceforge.net>
  * Copyright (C) 2005      Marc Bariley / Ocebo      <marc@ocebo.com>
  *
  * This program is free software; you can redistribute it and/or modify
@@ -53,46 +53,40 @@ $page = isset($_GET["page"])? $_GET["page"]:$_POST["page"];
 $page = is_numeric($page) ? $page : 0;
 $page = $page == -1 ? 0 : $page;
 
-if ($sortfield == "")
-{
-	$sortfield="p.ref";
-}
-if ($sortorder == "")
-{
-	$sortorder="ASC";
-}
-
+if (! $sortfield) $sortfield="p.ref";
+if (! $sortorder) $sortorder="ASC";
 $offset = $conf->liste_limit * $page ;
 $pageprev = $page - 1;
 $pagenext = $page + 1;
 
 
-llxHeader();
 
-/*
- *
+/**
  * Affichage de la liste des projets
  * 
  */
+
+llxHeader();
+
 $sql = "SELECT p.rowid as projectid, p.ref, p.title, ".$db->pdate("p.dateo")." as do";
 $sql .= " , s.nom, s.idp, s.client";
 $sql .= " FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."projet as p";
 $sql .= " WHERE p.fk_soc = s.idp";
 if ($socid)
 { 
-  $sql .= " AND s.idp = $socid"; 
+  $sql .= " AND s.idp = ".$socid; 
 }
 if ($_GET["search_ref"])
 {
-  $sql .= " AND p.ref LIKE '%".$_GET["search_ref"]."%'";
+  $sql .= " AND p.ref LIKE '%".addslashes($_GET["search_ref"])."%'";
 }
 if ($_GET["search_label"])
 {
-  $sql .= " AND p.title LIKE '%".$_GET["search_label"]."%'";
+  $sql .= " AND p.title LIKE '%".addslashes($_GET["search_label"])."%'";
 }
 if ($_GET["search_societe"])
 {
-  $sql .= " AND s.nom LIKE '%".$_GET["search_societe"]."%'";
+  $sql .= " AND s.nom LIKE '%".addslashes($_GET["search_societe"])."%'";
 }
 $sql .= " ORDER BY $sortfield $sortorder " . $db->plimit($conf->liste_limit+1, $offset);