diff --git a/htdocs/main.inc.php b/htdocs/main.inc.php index 32aa044b4e3..f1623650817 100644 --- a/htdocs/main.inc.php +++ b/htdocs/main.inc.php @@ -124,8 +124,8 @@ function analyse_sql_and_script(&$var, $type) $var[$key] = $value; } else - { - print 'Access refused by SQL/Script injection protection in main.inc.php'; + { + print 'Access refused by SQL/Script injection protection in main.inc.php (type='.htmlentities($type).' key='.htmlentities($key).' value='.htmlentities($value).' page='.htmlentities($_SERVER["REQUEST_URI"]).')'; exit; } } diff --git a/htdocs/societe/class/societe.class.php b/htdocs/societe/class/societe.class.php index c77deb37421..154a7e344f2 100644 --- a/htdocs/societe/class/societe.class.php +++ b/htdocs/societe/class/societe.class.php @@ -65,7 +65,6 @@ class Societe extends CommonObject var $country_code; var $country; - var $tel; // deprecated var $phone; var $fax; var $email; @@ -402,7 +401,7 @@ class Societe extends CommonObject $this->zip = $this->zip?trim($this->zip):trim($this->zip); $this->town = $this->town?trim($this->town):trim($this->town); $this->state_id = trim($this->state_id); - $this->country_id = ($this->country_id > 0)?$this->country_id:$this->country_id; + $this->country_id = ($this->country_id > 0)?$this->country_id:0; $this->phone = trim($this->phone); $this->phone = preg_replace("/\s/","",$this->phone); $this->phone = preg_replace("/\./","",$this->phone); diff --git a/htdocs/societe/soc.php b/htdocs/societe/soc.php index c3bfb832f61..11263a51dd0 100644 --- a/htdocs/societe/soc.php +++ b/htdocs/societe/soc.php @@ -174,6 +174,7 @@ if (empty($reshook)) // Fill array 'array_options' with data from add form $ret = $extrafields->setOptionalsFromPost($extralabels,$object); + if (GETPOST('deletephoto')) $object->logo = ''; else if (! empty($_FILES['photo']['name'])) $object->logo = dol_sanitizeFileName($_FILES['photo']['name']); @@ -200,7 +201,7 @@ if (empty($reshook)) } // We set country_id, country_code and country for the selected country - $object->country_id=GETPOST('country_id')?GETPOST('country_id'):$mysoc->country_id; + $object->country_id=GETPOST('country_id')!=''?GETPOST('country_id'):$mysoc->country_id; if ($object->country_id) { $tmparray=getCountry($object->country_id,'all'); @@ -827,7 +828,7 @@ else // Country print '