diff --git a/htdocs/main.inc.php b/htdocs/main.inc.php
index 32aa044b4e3..f1623650817 100644
--- a/htdocs/main.inc.php
+++ b/htdocs/main.inc.php
@@ -124,8 +124,8 @@ function analyse_sql_and_script(&$var, $type)
$var[$key] = $value;
}
else
- {
- print 'Access refused by SQL/Script injection protection in main.inc.php';
+ {
+ print 'Access refused by SQL/Script injection protection in main.inc.php (type='.htmlentities($type).' key='.htmlentities($key).' value='.htmlentities($value).' page='.htmlentities($_SERVER["REQUEST_URI"]).')';
exit;
}
}
diff --git a/htdocs/societe/class/societe.class.php b/htdocs/societe/class/societe.class.php
index c77deb37421..154a7e344f2 100644
--- a/htdocs/societe/class/societe.class.php
+++ b/htdocs/societe/class/societe.class.php
@@ -65,7 +65,6 @@ class Societe extends CommonObject
var $country_code;
var $country;
- var $tel; // deprecated
var $phone;
var $fax;
var $email;
@@ -402,7 +401,7 @@ class Societe extends CommonObject
$this->zip = $this->zip?trim($this->zip):trim($this->zip);
$this->town = $this->town?trim($this->town):trim($this->town);
$this->state_id = trim($this->state_id);
- $this->country_id = ($this->country_id > 0)?$this->country_id:$this->country_id;
+ $this->country_id = ($this->country_id > 0)?$this->country_id:0;
$this->phone = trim($this->phone);
$this->phone = preg_replace("/\s/","",$this->phone);
$this->phone = preg_replace("/\./","",$this->phone);
diff --git a/htdocs/societe/soc.php b/htdocs/societe/soc.php
index c3bfb832f61..11263a51dd0 100644
--- a/htdocs/societe/soc.php
+++ b/htdocs/societe/soc.php
@@ -174,6 +174,7 @@ if (empty($reshook))
// Fill array 'array_options' with data from add form
$ret = $extrafields->setOptionalsFromPost($extralabels,$object);
+
if (GETPOST('deletephoto')) $object->logo = '';
else if (! empty($_FILES['photo']['name'])) $object->logo = dol_sanitizeFileName($_FILES['photo']['name']);
@@ -200,7 +201,7 @@ if (empty($reshook))
}
// We set country_id, country_code and country for the selected country
- $object->country_id=GETPOST('country_id')?GETPOST('country_id'):$mysoc->country_id;
+ $object->country_id=GETPOST('country_id')!=''?GETPOST('country_id'):$mysoc->country_id;
if ($object->country_id)
{
$tmparray=getCountry($object->country_id,'all');
@@ -827,7 +828,7 @@ else
// Country
print '| '.$langs->trans('Country').' | ';
- print $form->select_country($object->country_id,'country_id');
+ print $form->select_country((GETPOST('country_id')!=''?GETPOST('country_id'):$object->country_id),'country_id');
if ($user->admin) print info_admin($langs->trans("YouCanChangeValuesForThisListFromDictionnarySetup"),1);
print ' |
';
@@ -1207,7 +1208,7 @@ else
print '';
}
else
- {
+ {
print $object->code_fournisseur;
print '';
}
@@ -1245,7 +1246,7 @@ else
// Country
print '| '.$langs->trans('Country').' | ';
- print $form->select_country($object->country_id,'country_id');
+ print $form->select_country((GETPOST('country_id')!=''?GETPOST('country_id'):$object->country_id),'country_id');
if ($user->admin) print info_admin($langs->trans("YouCanChangeValuesForThisListFromDictionnarySetup"),1);
print ' |
';
@@ -1548,9 +1549,12 @@ else
// Country
print '| '.$langs->trans("Country").' | ';
- $img=picto_from_langcode($object->country_code);
- if ($object->isInEEC()) print $form->textwithpicto(($img?$img.' ':'').$object->country,$langs->trans("CountryIsInEEC"),1,0);
- else print ($img?$img.' ':'').$object->country;
+ if ($object->country_code)
+ {
+ $img=picto_from_langcode($object->country_code);
+ if ($object->isInEEC()) print $form->textwithpicto(($img?$img.' ':'').$object->country,$langs->trans("CountryIsInEEC"),1,0);
+ else print ($img?$img.' ':'').$object->country;
+ }
print ' |
';
// State