From 3616d2ba4479c67b36a6680dfff02761a0a36f4e Mon Sep 17 00:00:00 2001
From: Laurent Destailleur <eldy@destailleur.fr>
Date: Mon, 29 Mar 2021 23:24:52 +0200
Subject: [PATCH] FIX #yogosha5770

---
 htdocs/core/class/commonobject.class.php | 14 +++++++-------
 htdocs/ticket/card.php                   | 14 +++++++-------
 htdocs/ticket/class/ticket.class.php     | 11 +++++------
 3 files changed, 19 insertions(+), 20 deletions(-)

diff --git a/htdocs/core/class/commonobject.class.php b/htdocs/core/class/commonobject.class.php
index f4ad69cfc59..622682060cb 100644
--- a/htdocs/core/class/commonobject.class.php
+++ b/htdocs/core/class/commonobject.class.php
@@ -358,7 +358,7 @@ abstract class CommonObject
 	/**
 	 * @var string
 	 * @deprecated
-	 * @see model_pdf
+	 * @see $model_pdf
 	 */
 	public $modelpdf;
 
@@ -2201,22 +2201,22 @@ abstract class CommonObject
 		$sql = 'UPDATE '.MAIN_DB_PREFIX.$this->table_element;
 		if (!empty($this->fields['fk_project'])) {		// Common case
 			if ($projectid) {
-				$sql .= ' SET fk_project = '.$projectid;
+				$sql .= ' SET fk_project = '.((int) $projectid);
 			} else {
 				$sql .= ' SET fk_project = NULL';
 			}
-			$sql .= ' WHERE rowid = '.$this->id;
+			$sql .= ' WHERE rowid = '.((int) $this->id);
 		} elseif ($this->table_element == 'actioncomm') {	// Special case for actioncomm
 			if ($projectid) {
-				$sql .= ' SET fk_project = '.$projectid;
+				$sql .= ' SET fk_project = '.((int) $projectid);
 			} else {
 				$sql .= ' SET fk_project = NULL';
 			}
-			$sql .= ' WHERE id = '.$this->id;
+			$sql .= ' WHERE id = '.((int) $this->id);
 		} else // Special case for old architecture objects
 		{
 			if ($projectid) {
-				$sql .= ' SET fk_projet = '.$projectid;
+				$sql .= ' SET fk_projet = '.((int) $projectid);
 			} else {
 				$sql .= ' SET fk_projet = NULL';
 			}
@@ -2225,7 +2225,7 @@ abstract class CommonObject
 
 		dol_syslog(get_class($this)."::setProject", LOG_DEBUG);
 		if ($this->db->query($sql)) {
-			$this->fk_project = $projectid;
+			$this->fk_project = ((int) $projectid);
 			return 1;
 		} else {
 			dol_print_error($this->db);
diff --git a/htdocs/ticket/card.php b/htdocs/ticket/card.php
index 98bcccd4ca1..e6f3f21050c 100644
--- a/htdocs/ticket/card.php
+++ b/htdocs/ticket/card.php
@@ -186,7 +186,7 @@ if (empty($reshook)) {
 			$notifyTiers = GETPOST("notify_tiers_at_create", 'alpha');
 			$object->notify_tiers_at_create = empty($notifyTiers) ? 0 : 1;
 
-			$object->fk_project = GETPOST('projectid', 'int');
+			$object->fk_project = $projectid;
 
 			$id = $object->create($user);
 			if ($id <= 0) {
@@ -205,9 +205,9 @@ if (empty($reshook)) {
 					$result = $object->add_contact($contactid, $typeid, 'external');
 				}
 
-				// altairis: link ticket to project
-				if (GETPOST('projectid') > 0) {
-					$object->setProject(GETPOST('projectid'));
+				// Link ticket to project
+				if ($projectid > 0) {
+					$object->setProject($projectid);
 				}
 
 				// Auto assign user
@@ -236,7 +236,7 @@ if (empty($reshook)) {
 				if ($conf->global->TICKET_AUTO_CREATE_FICHINTER_CREATE) {
 					$fichinter = new Fichinter($db);
 					$fichinter->socid = $object->fk_soc;
-					$fichinter->fk_project = GETPOST('projectid', 'int');
+					$fichinter->fk_project = $projectid;
 					$fichinter->fk_contrat = $contractid;
 					$fichinter->author = $user->id;
 					$fichinter->model_pdf = 'soleil';
@@ -534,7 +534,7 @@ if (empty($reshook)) {
 	} elseif ($action == 'classin' && $user->rights->ticket->write) {
 		// Categorisation dans projet
 		if ($object->fetch(GETPOST('id', 'int'), '', GETPOST('track_id', 'alpha')) >= 0) {
-			$object->setProject(GETPOST('projectid', 'int'));
+			$object->setProject($projectid);
 			$url = 'card.php?action=view&track_id='.$object->track_id;
 			header("Location: ".$url);
 			exit();
@@ -778,7 +778,7 @@ if ($action == 'create' || $action == 'presend') {
 		}
 
 		// project info
-		if ($projectid) {
+		if ($projectid > 0) {
 			$projectstat = new Project($db);
 			if ($projectstat->fetch($projectid) > 0) {
 				$projectstat->fetch_thirdparty();
diff --git a/htdocs/ticket/class/ticket.class.php b/htdocs/ticket/class/ticket.class.php
index 93806bb86aa..57d0066323d 100644
--- a/htdocs/ticket/class/ticket.class.php
+++ b/htdocs/ticket/class/ticket.class.php
@@ -1982,8 +1982,8 @@ class Ticket extends CommonObject
 	 *     Link element with a project
 	 * 	   Override core function because of key name 'fk_project' used for this module
 	 *
-	 *     @param  int $projectid Project id to link element to
-	 *     @return int                        <0 if KO, >0 if OK
+	 *     @param  int 		$projectid 			Project id to link element to
+	 *     @return int                   	   <0 if KO, >0 if OK
 	 */
 	public function setProject($projectid)
 	{
@@ -1994,16 +1994,15 @@ class Ticket extends CommonObject
 
 		$sql = 'UPDATE '.MAIN_DB_PREFIX.$this->table_element;
 		if ($projectid) {
-			$sql .= ' SET fk_project = '.$projectid;
+			$sql .= ' SET fk_project = '.((int) $projectid);
 		} else {
 			$sql .= ' SET fk_project = NULL';
 		}
-
-		$sql .= ' WHERE rowid = '.$this->id;
+		$sql .= ' WHERE rowid = '.((int) $this->id);
 
 		dol_syslog(get_class($this)."::setProject sql=".$sql);
 		if ($this->db->query($sql)) {
-			$this->fk_project = $projectid;
+			$this->fk_project = ((int) $projectid);
 			return 1;
 		} else {
 			dol_print_error($this->db);