diff --git a/htdocs/public/paybox/newpayment.php b/htdocs/public/paybox/newpayment.php
index 1cba4d909a3..2c0187eef49 100644
--- a/htdocs/public/paybox/newpayment.php
+++ b/htdocs/public/paybox/newpayment.php
@@ -155,7 +155,7 @@ if (! empty($conf->global->PAYMENT_SECURITY_TOKEN))
if (GETPOST('action','aZ09') == 'dopayment')
{
- $PRICE=price2num(GETPOST("newamount"),'MT');
+ $PRICE=price2num(GETPOST("newamount",'alpha'),'MT');
$email=GETPOST("email");
$origfulltag=GETPOST("fulltag",'alpha');
@@ -305,7 +305,7 @@ if (! GETPOST("source") && $valid)
if (empty($amount) || ! is_numeric($amount))
{
print '';
- print '';
+ print '';
}
else {
print ''.price($amount).'';
@@ -392,7 +392,7 @@ if (GETPOST("source") == 'order' && $valid)
if (empty($amount) || ! is_numeric($amount))
{
print '';
- print '';
+ print '';
}
else {
print ''.price($amount).'';
@@ -480,7 +480,7 @@ if (GETPOST("source") == 'invoice' && $valid)
if (empty($amount) || ! is_numeric($amount))
{
print '';
- print '';
+ print '';
}
else {
print ''.price($amount).'';
@@ -656,7 +656,7 @@ if (GETPOST("source") == 'contractline' && $valid)
if (empty($amount) || ! is_numeric($amount))
{
print '';
- print '';
+ print '';
}
else {
print ''.price($amount).'';
@@ -754,7 +754,7 @@ if (GETPOST("source") == 'membersubscription' && $valid)
print '| '.price($member->last_subscription_amount);
print ' | '."\n";
- if (empty($amount) && ! GETPOST('newamount')) $_GET['newamount']=$member->last_subscription_amount;
+ if (empty($amount) && ! GETPOST('newamount','alpha')) $_GET['newamount']=$member->last_subscription_amount;
}
// Amount
@@ -764,7 +764,7 @@ if (GETPOST("source") == 'membersubscription' && $valid)
print '';
if (empty($amount) || ! is_numeric($amount))
{
- $valtoshow=GETPOST("newamount",'int');
+ $valtoshow=price2num(GETPOST("newamount",'alpha'),'MT');
if (! empty($conf->global->MEMBER_MIN_AMOUNT) && $valtoshow) $valtoshow=max($conf->global->MEMBER_MIN_AMOUNT,$valtoshow);
print '';
print '';
diff --git a/htdocs/public/payment/newpayment.php b/htdocs/public/payment/newpayment.php
index 98b06d8c365..1efd4a7c7a0 100644
--- a/htdocs/public/payment/newpayment.php
+++ b/htdocs/public/payment/newpayment.php
@@ -268,7 +268,7 @@ if ($action == 'dopayment')
{
if ($paymentmethod == 'paypal')
{
- $PAYPAL_API_PRICE=price2num(GETPOST("newamount"),'MT');
+ $PAYPAL_API_PRICE=price2num(GETPOST("newamount",'alpha'),'MT');
$PAYPAL_PAYMENT_TYPE='Sale';
$origfulltag=GETPOST("fulltag",'alpha');
@@ -366,7 +366,7 @@ if ($action == 'dopayment')
if ($paymentmethod == 'stripe')
{
- if (GETPOST('newamount')) $amount = GETPOST('newamount');
+ if (GETPOST('newamount','alpha')) $amount = price2num(GETPOST('newamount','alpha'),'MT');
else
{
setEventMessages($langs->trans("ErrorFieldRequired", $langs->transnoentitiesnoconv("Amount")), null, 'errors');
@@ -647,7 +647,7 @@ if (! $source)
if (empty($amount) || ! is_numeric($amount))
{
print '';
- print '';
+ print '';
}
else {
print ''.price($amount).'';
@@ -738,7 +738,7 @@ if ($source == 'order')
if (empty($amount) || ! is_numeric($amount))
{
print '';
- print '';
+ print '';
}
else {
print ''.price($amount).'';
@@ -858,7 +858,7 @@ if ($source == 'invoice')
if (empty($amount) || ! is_numeric($amount))
{
print '';
- print '';
+ print '';
}
else {
print ''.price($amount).'';
@@ -1079,7 +1079,7 @@ if ($source == 'contractline')
if (empty($amount) || ! is_numeric($amount))
{
print '';
- print '';
+ print '';
}
else {
print ''.price($amount).'';
@@ -1202,7 +1202,7 @@ if ($source == 'membersubscription')
print ' | '.price($member->last_subscription_amount);
print ' | '."\n";
- if (empty($amount) && ! GETPOST('newamount')) $_GET['newamount']=$member->last_subscription_amount;
+ if (empty($amount) && ! GETPOST('newamount','alpha')) $_GET['newamount']=$member->last_subscription_amount;
}
// Amount
@@ -1217,7 +1217,7 @@ if ($source == 'membersubscription')
print '';
if (empty($amount) || ! is_numeric($amount))
{
- $valtoshow=GETPOST("newamount",'int');
+ $valtoshow=price2num(GETPOST("newamount",'alpha'),'MT');
// force default subscription amount to value defined into constant...
if (! empty($conf->global->MEMBER_NEWFORM_EDITAMOUNT)) {
if (! empty($conf->global->MEMBER_NEWFORM_AMOUNT)) {
@@ -1232,7 +1232,7 @@ if ($source == 'membersubscription')
}
if (empty($amount) || ! is_numeric($amount))
{
- //$valtoshow=GETPOST("newamount",'int');
+ //$valtoshow=price2num(GETPOST("newamount",'alpha'),'MT');
if (! empty($conf->global->MEMBER_MIN_AMOUNT) && $valtoshow) $valtoshow=max($conf->global->MEMBER_MIN_AMOUNT,$valtoshow);
print '';
print '';
diff --git a/htdocs/public/paypal/newpayment.php b/htdocs/public/paypal/newpayment.php
index 072307c8062..74f864d1e06 100644
--- a/htdocs/public/paypal/newpayment.php
+++ b/htdocs/public/paypal/newpayment.php
@@ -192,7 +192,7 @@ if (! empty($conf->global->PAYPAL_SECURITY_TOKEN))
if (GETPOST('action','aZ09') == 'dopayment')
{
- $PAYPAL_API_PRICE=price2num(GETPOST("newamount"),'MT');
+ $PAYPAL_API_PRICE=price2num(GETPOST("newamount",'alpha'),'MT');
$PAYPAL_PAYMENT_TYPE='Sale';
$origfulltag=GETPOST("fulltag",'alpha');
@@ -375,21 +375,19 @@ if (! GETPOST("source"))
$fulltag=$tag;
// Creditor
-
print ' | | '.$langs->trans("Creditor");
print ' | '.$creditor.'';
print '';
print ' |
'."\n";
// Amount
-
print '| '.$langs->trans("Amount");
if (empty($amount)) print ' ('.$langs->trans("ToComplete").')';
print ' | ';
if (empty($amount) || ! is_numeric($amount))
{
print '';
- print '';
+ print '';
}
else {
print ''.price($amount).'';
@@ -402,7 +400,6 @@ if (! GETPOST("source"))
print ' |
'."\n";
// Tag
-
print '| '.$langs->trans("PaymentCode");
print ' | '.$fulltag.'';
print '';
@@ -475,7 +472,7 @@ if (GETPOST("source") == 'order')
if (empty($amount) || ! is_numeric($amount))
{
print '';
- print '';
+ print '';
}
else {
print ''.price($amount).'';
@@ -585,7 +582,7 @@ if (GETPOST("source") == 'invoice')
if (empty($amount) || ! is_numeric($amount))
{
print '';
- print '';
+ print '';
}
else {
print ''.price($amount).'';
@@ -783,7 +780,7 @@ if (GETPOST("source") == 'contractline')
if (empty($amount) || ! is_numeric($amount))
{
print '';
- print '';
+ print '';
}
else {
print ''.price($amount).'';
@@ -902,7 +899,7 @@ if (GETPOST("source") == 'membersubscription')
print ' | '.price($member->last_subscription_amount);
print ' |
'."\n";
- if (empty($amount) && ! GETPOST('newamount')) $_GET['newamount']=$member->last_subscription_amount;
+ if (empty($amount) && ! GETPOST('newamount','alpha')) $_GET['newamount']=$member->last_subscription_amount;
}
// Amount
@@ -917,7 +914,7 @@ if (GETPOST("source") == 'membersubscription')
print '';
if (empty($amount) || ! is_numeric($amount))
{
- $valtoshow=GETPOST("newamount",'int');
+ $valtoshow=price2num(GETPOST("newamount",'alpha'),'MT');
if (! empty($conf->global->MEMBER_MIN_AMOUNT) && $valtoshow) $valtoshow=max($conf->global->MEMBER_MIN_AMOUNT,$valtoshow);
print '';
print '';
diff --git a/htdocs/public/stripe/newpayment.php b/htdocs/public/stripe/newpayment.php
index f606fe1d794..1b63c103f5f 100644
--- a/htdocs/public/stripe/newpayment.php
+++ b/htdocs/public/stripe/newpayment.php
@@ -202,7 +202,7 @@ else if (! empty($conf->global->ONLINE_PAYMENT_CREDITOR)) $creditor=$conf->globa
if ($action == 'dopayment') // We click on button Create payment
{
- if (GETPOST('newamount')) $amount = GETPOST('newamount');
+ if (GETPOST('newamount','alpha')) $amount = price2num(GETPOST('newamount','alpha'),'MT');
else
{
setEventMessages($langs->trans("ErrorFieldRequired", $langs->transnoentitiesnoconv("Amount")), null, 'errors');
@@ -455,7 +455,7 @@ if (! GETPOST("source"))
if (empty($amount) || ! is_numeric($amount))
{
print '';
- print '';
+ print '';
}
else {
print ''.price($amount).'';
@@ -541,7 +541,7 @@ if (GETPOST("source") == 'order')
if (empty($amount) || ! is_numeric($amount))
{
print '';
- print '';
+ print '';
}
else {
print ''.price($amount).'';
@@ -652,7 +652,7 @@ if (GETPOST("source") == 'invoice')
if (empty($amount) || ! is_numeric($amount))
{
print '';
- print '';
+ print '';
}
else {
print ''.price($amount).'';
@@ -852,7 +852,7 @@ if (GETPOST("source") == 'contractline')
if (empty($amount) || ! is_numeric($amount))
{
print '';
- print '';
+ print '';
}
else {
print ''.price($amount).'';
@@ -971,7 +971,7 @@ if (GETPOST("source") == 'membersubscription')
print ' | '.price($member->last_subscription_amount);
print ' | '."\n";
- if (empty($amount) && ! GETPOST('newamount')) $_GET['newamount']=$member->last_subscription_amount;
+ if (empty($amount) && ! GETPOST('newamount','alpha')) $_GET['newamount']=$member->last_subscription_amount;
}
// Amount
@@ -986,7 +986,7 @@ if (GETPOST("source") == 'membersubscription')
print '';
if (empty($amount) || ! is_numeric($amount))
{
- $valtoshow=GETPOST("newamount",'int');
+ $valtoshow=price2num(GETPOST("newamount",'alpha'),'MT');
if (! empty($conf->global->MEMBER_MIN_AMOUNT) && $valtoshow) $valtoshow=max($conf->global->MEMBER_MIN_AMOUNT,$valtoshow);
print '';
print '';
|