Merge pull request #20495 from atm-john/new_fix_regression_select_extrafield_search
FIX : regression select extrafield search + fix function name
This commit is contained in:
Laurent Destailleur
GitHub
commit
4c10c04f9f
@ -88,9 +88,9 @@ class DolibarrApi
|
||||
// phpcs:enable
|
||||
// TODO Use type detected in $object->fields
|
||||
if (in_array($field, array('note', 'note_private', 'note_public', 'desc', 'description'))) {
|
||||
return checkVal($value, 'restricthtml');
|
||||
return sanitizeVal($value, 'restricthtml');
|
||||
} else {
|
||||
return checkVal($value, 'alphanohtml');
|
||||
return sanitizeVal($value, 'alphanohtml');
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@ -919,7 +919,7 @@ class Categorie extends CommonObject
|
||||
|
||||
$categories = array();
|
||||
|
||||
$type = checkVal($type, 'aZ09');
|
||||
$type = sanitizeVal($type, 'aZ09');
|
||||
|
||||
$sub_type = $type;
|
||||
$subcol_name = "fk_".$type;
|
||||
|
||||
@ -351,8 +351,8 @@ class Proposals extends DolibarrApi
|
||||
|
||||
$request_data = (object) $request_data;
|
||||
|
||||
$request_data->desc = checkVal($request_data->desc, 'restricthtml');
|
||||
$request_data->label = checkVal($request_data->label);
|
||||
$request_data->desc = sanitizeVal($request_data->desc, 'restricthtml');
|
||||
$request_data->label = sanitizeVal($request_data->label);
|
||||
|
||||
$updateRes = $this->propal->addline(
|
||||
$request_data->desc,
|
||||
@ -496,8 +496,8 @@ class Proposals extends DolibarrApi
|
||||
|
||||
$request_data = (object) $request_data;
|
||||
|
||||
$request_data->desc = checkVal($request_data->desc, 'restricthtml');
|
||||
$request_data->label = checkVal($request_data->label);
|
||||
$request_data->desc = sanitizeVal($request_data->desc, 'restricthtml');
|
||||
$request_data->label = sanitizeVal($request_data->label);
|
||||
|
||||
$propalline = new PropaleLigne($this->db);
|
||||
$result = $propalline->fetch($lineid);
|
||||
|
||||
@ -350,8 +350,8 @@ class Orders extends DolibarrApi
|
||||
|
||||
$request_data = (object) $request_data;
|
||||
|
||||
$request_data->desc = checkVal($request_data->desc, 'restricthtml');
|
||||
$request_data->label = checkVal($request_data->label);
|
||||
$request_data->desc = sanitizeVal($request_data->desc, 'restricthtml');
|
||||
$request_data->label = sanitizeVal($request_data->label);
|
||||
|
||||
$updateRes = $this->commande->addline(
|
||||
$request_data->desc,
|
||||
@ -418,8 +418,8 @@ class Orders extends DolibarrApi
|
||||
|
||||
$request_data = (object) $request_data;
|
||||
|
||||
$request_data->desc = checkVal($request_data->desc, 'restricthtml');
|
||||
$request_data->label = checkVal($request_data->label);
|
||||
$request_data->desc = sanitizeVal($request_data->desc, 'restricthtml');
|
||||
$request_data->label = sanitizeVal($request_data->label);
|
||||
|
||||
$updateRes = $this->commande->updateline(
|
||||
$lineid,
|
||||
|
||||
@ -250,7 +250,7 @@ class BankAccounts extends DolibarrApi
|
||||
}
|
||||
|
||||
// Clean data
|
||||
$description = checkVal($description, 'alphanohtml');
|
||||
$description = sanitizeVal($description, 'alphanohtml');
|
||||
|
||||
|
||||
/**
|
||||
@ -498,13 +498,13 @@ class BankAccounts extends DolibarrApi
|
||||
throw new RestException(404, 'account not found');
|
||||
}
|
||||
|
||||
$type = checkVal($type);
|
||||
$label = checkVal($label);
|
||||
$cheque_number = checkVal($cheque_number);
|
||||
$cheque_writer = checkVal($cheque_writer);
|
||||
$cheque_bank = checkVal($cheque_bank);
|
||||
$accountancycode = checkVal($accountancycode);
|
||||
$num_releve = checkVal($num_releve);
|
||||
$type = sanitizeVal($type);
|
||||
$label = sanitizeVal($label);
|
||||
$cheque_number = sanitizeVal($cheque_number);
|
||||
$cheque_writer = sanitizeVal($cheque_writer);
|
||||
$cheque_bank = sanitizeVal($cheque_bank);
|
||||
$accountancycode = sanitizeVal($accountancycode);
|
||||
$num_releve = sanitizeVal($num_releve);
|
||||
|
||||
$result = $account->addline(
|
||||
$date,
|
||||
@ -557,9 +557,9 @@ class BankAccounts extends DolibarrApi
|
||||
throw new RestException(404, 'account line not found');
|
||||
}
|
||||
|
||||
$url = checkVal($url);
|
||||
$label = checkVal($label);
|
||||
$type = checkVal($type);
|
||||
$url = sanitizeVal($url);
|
||||
$label = sanitizeVal($label);
|
||||
$type = sanitizeVal($type);
|
||||
|
||||
$result = $account->add_url_line($line_id, $url_id, $url, $label, $type);
|
||||
if ($result < 0) {
|
||||
|
||||
@ -428,8 +428,8 @@ class Invoices extends DolibarrApi
|
||||
|
||||
$request_data = (object) $request_data;
|
||||
|
||||
$request_data->desc = checkVal($request_data->desc, 'restricthtml');
|
||||
$request_data->label = checkVal($request_data->label);
|
||||
$request_data->desc = sanitizeVal($request_data->desc, 'restricthtml');
|
||||
$request_data->label = sanitizeVal($request_data->label);
|
||||
|
||||
$updateRes = $this->invoice->updateline(
|
||||
$lineid,
|
||||
@ -718,8 +718,8 @@ class Invoices extends DolibarrApi
|
||||
|
||||
$request_data = (object) $request_data;
|
||||
|
||||
$request_data->desc = checkVal($request_data->desc, 'restricthtml');
|
||||
$request_data->label = checkVal($request_data->label);
|
||||
$request_data->desc = sanitizeVal($request_data->desc, 'restricthtml');
|
||||
$request_data->label = sanitizeVal($request_data->label);
|
||||
|
||||
// Reset fk_parent_line for no child products and special product
|
||||
if (($request_data->product_type != 9 && empty($request_data->fk_parent_line)) || $request_data->product_type == 9) {
|
||||
|
||||
@ -141,7 +141,6 @@ $search_btn = GETPOST('button_search', 'alpha');
|
||||
$search_remove_btn = GETPOST('button_removefilter', 'alpha');
|
||||
$optioncss = GETPOST('optioncss', 'alpha');
|
||||
|
||||
|
||||
$option = GETPOST('search_option');
|
||||
if ($option == 'late') {
|
||||
$search_status = '1';
|
||||
|
||||
@ -278,8 +278,8 @@ class Contracts extends DolibarrApi
|
||||
|
||||
$request_data = (object) $request_data;
|
||||
|
||||
$request_data->desc = checkVal($request_data->desc, 'restricthtml');
|
||||
$request_data->price_base_type = checkVal($request_data->price_base_type);
|
||||
$request_data->desc = sanitizeVal($request_data->desc, 'restricthtml');
|
||||
$request_data->price_base_type = sanitizeVal($request_data->price_base_type);
|
||||
|
||||
$updateRes = $this->contract->addline(
|
||||
$request_data->desc,
|
||||
@ -336,8 +336,8 @@ class Contracts extends DolibarrApi
|
||||
|
||||
$request_data = (object) $request_data;
|
||||
|
||||
$request_data->desc = checkVal($request_data->desc, 'restricthtml');
|
||||
$request_data->price_base_type = checkVal($request_data->price_base_type);
|
||||
$request_data->desc = sanitizeVal($request_data->desc, 'restricthtml');
|
||||
$request_data->price_base_type = sanitizeVal($request_data->price_base_type);
|
||||
|
||||
$updateRes = $this->contract->updateline(
|
||||
$lineid,
|
||||
|
||||
@ -1067,35 +1067,56 @@ class ExtraFields
|
||||
$out = '<input type="text" class="flat '.$morecss.' maxwidthonsmartphone" name="'.$keyprefix.$key.$keysuffix.'" id="'.$keyprefix.$key.$keysuffix.'" value="'.$value.'" '.($moreparam ? $moreparam : '').'> ';
|
||||
} elseif ($type == 'select') {
|
||||
$out = '';
|
||||
if (!empty($conf->use_javascript_ajax) && empty($conf->global->MAIN_EXTRAFIELDS_DISABLE_SELECT2)) {
|
||||
include_once DOL_DOCUMENT_ROOT.'/core/lib/ajax.lib.php';
|
||||
$out .= ajax_combobox($keyprefix.$key.$keysuffix, array(), 0);
|
||||
}
|
||||
if ($mode) {
|
||||
$options = array();
|
||||
foreach ($param['options'] as $okey => $val) {
|
||||
if ((string) $okey == '') {
|
||||
continue;
|
||||
}
|
||||
|
||||
$out .= '<select class="flat '.$morecss.' maxwidthonsmartphone" name="'.$keyprefix.$key.$keysuffix.'" id="'.$keyprefix.$key.$keysuffix.'" '.($moreparam ? $moreparam : '').'>';
|
||||
$out .= '<option value="0"> </option>';
|
||||
foreach ($param['options'] as $key => $val) {
|
||||
if ((string) $key == '') {
|
||||
continue;
|
||||
if ($langfile && $val) {
|
||||
$options[$okey] = $langs->trans($val);
|
||||
} else {
|
||||
$options[$okey] = $val;
|
||||
}
|
||||
}
|
||||
$valarray = explode('|', $val);
|
||||
$val = $valarray[0];
|
||||
$parent = '';
|
||||
if (!empty($valarray[1])) {
|
||||
$parent = $valarray[1];
|
||||
$selected = array();
|
||||
if (!is_array($value)) {
|
||||
$selected = explode(',', $value);
|
||||
}
|
||||
$out .= '<option value="'.$key.'"';
|
||||
$out .= (((string) $value == (string) $key) ? ' selected' : '');
|
||||
$out .= (!empty($parent) ? ' parent="'.$parent.'"' : '');
|
||||
$out .= '>';
|
||||
if ($langfile && $val) {
|
||||
$out .= $langs->trans($val);
|
||||
} else {
|
||||
$out .= $val;
|
||||
|
||||
$out .= $form->multiselectarray($keyprefix.$key.$keysuffix, $options, $selected, 0, 0, $morecss, 0, 0, '', '', '', !empty($conf->use_javascript_ajax) && empty($conf->global->MAIN_EXTRAFIELDS_DISABLE_SELECT2));
|
||||
} else {
|
||||
if (!empty($conf->use_javascript_ajax) && empty($conf->global->MAIN_EXTRAFIELDS_DISABLE_SELECT2)) {
|
||||
include_once DOL_DOCUMENT_ROOT.'/core/lib/ajax.lib.php';
|
||||
$out .= ajax_combobox($keyprefix.$key.$keysuffix, array(), 0);
|
||||
}
|
||||
$out .= '</option>';
|
||||
|
||||
$out .= '<select class="flat '.$morecss.' maxwidthonsmartphone" name="'.$keyprefix.$key.$keysuffix.'" id="'.$keyprefix.$key.$keysuffix.'" '.($moreparam ? $moreparam : '').'>';
|
||||
$out .= '<option value="0"> </option>';
|
||||
foreach ($param['options'] as $key => $val) {
|
||||
if ((string) $key == '') {
|
||||
continue;
|
||||
}
|
||||
$valarray = explode('|', $val);
|
||||
$val = $valarray[0];
|
||||
$parent = '';
|
||||
if (!empty($valarray[1])) {
|
||||
$parent = $valarray[1];
|
||||
}
|
||||
$out .= '<option value="'.$key.'"';
|
||||
$out .= (((string) $value == (string) $key) ? ' selected' : '');
|
||||
$out .= (!empty($parent) ? ' parent="'.$parent.'"' : '');
|
||||
$out .= '>';
|
||||
if ($langfile && $val) {
|
||||
$out .= $langs->trans($val);
|
||||
} else {
|
||||
$out .= $val;
|
||||
}
|
||||
$out .= '</option>';
|
||||
}
|
||||
$out .= '</select>';
|
||||
}
|
||||
$out .= '</select>';
|
||||
} elseif ($type == 'sellist') {
|
||||
$out = '';
|
||||
if (!empty($conf->use_javascript_ajax) && empty($conf->global->MAIN_EXTRAFIELDS_DISABLE_SELECT2)) {
|
||||
@ -2133,6 +2154,16 @@ class ExtraFields
|
||||
} else {
|
||||
continue; // Value was not provided, we should not set it.
|
||||
}
|
||||
} elseif ($key_type == 'select') {
|
||||
// to detect if we are in search context
|
||||
if (GETPOSTISARRAY($keysuffix."options_".$key.$keyprefix)) {
|
||||
$value_arr = GETPOST($keysuffix."options_".$key.$keyprefix, 'array:aZ09');
|
||||
// Make sure we get an array even if there's only one selected
|
||||
$value_arr = (array) $value_arr;
|
||||
$value_key = implode(',', $value_arr);
|
||||
} else {
|
||||
$value_key = GETPOST($keysuffix."options_".$key.$keyprefix);
|
||||
}
|
||||
} elseif (in_array($key_type, array('checkbox', 'chkbxlst'))) {
|
||||
if (!GETPOSTISSET($keysuffix."options_".$key.$keyprefix)) {
|
||||
continue; // Value was not provided, we should not set it.
|
||||
|
||||
@ -370,6 +370,32 @@ function GETPOSTISSET($paramname)
|
||||
return $isset;
|
||||
}
|
||||
|
||||
/**
|
||||
* Return true if the parameter $paramname is submit from a POST OR GET as an array.
|
||||
* Can be used before GETPOST to know if the $check param of GETPOST need to check an array or a string
|
||||
*
|
||||
* @param string $paramname Name or parameter to test
|
||||
* @param int $method Type of method (0 = get then post, 1 = only get, 2 = only post, 3 = post then get)
|
||||
* @return bool True if we have just submit a POST or GET request with the parameter provided (even if param is empty)
|
||||
*/
|
||||
function GETPOSTISARRAY($paramname, $method = 0)
|
||||
{
|
||||
// for $method test need return the same $val as GETPOST
|
||||
if (empty($method)) {
|
||||
$val = isset($_GET[$paramname]) ? $_GET[$paramname] : (isset($_POST[$paramname]) ? $_POST[$paramname] : '');
|
||||
} elseif ($method == 1) {
|
||||
$val = isset($_GET[$paramname]) ? $_GET[$paramname] : '';
|
||||
} elseif ($method == 2) {
|
||||
$val = isset($_POST[$paramname]) ? $_POST[$paramname] : '';
|
||||
} elseif ($method == 3) {
|
||||
$val = isset($_POST[$paramname]) ? $_POST[$paramname] : (isset($_GET[$paramname]) ? $_GET[$paramname] : '');
|
||||
} else {
|
||||
$val = 'BadFirstParameterForGETPOST';
|
||||
}
|
||||
|
||||
return is_array($val);
|
||||
}
|
||||
|
||||
/**
|
||||
* Return value of a param into GET or POST supervariable.
|
||||
* Use the property $user->default_values[path]['createform'] and/or $user->default_values[path]['filters'] and/or $user->default_values[path]['sortorder']
|
||||
@ -660,11 +686,11 @@ function GETPOST($paramname, $check = 'alphanohtml', $method = 0, $filter = null
|
||||
$tmpcheck = 'alphanohtml';
|
||||
}
|
||||
foreach ($out as $outkey => $outval) {
|
||||
$out[$outkey] = checkVal($outval, $tmpcheck, $filter, $options);
|
||||
$out[$outkey] = sanitizeVal($outval, $tmpcheck, $filter, $options);
|
||||
}
|
||||
}
|
||||
} else {
|
||||
$out = checkVal($out, $check, $filter, $options);
|
||||
$out = sanitizeVal($out, $check, $filter, $options);
|
||||
}
|
||||
|
||||
// Sanitizing for special parameters.
|
||||
@ -713,9 +739,11 @@ function GETPOSTINT($paramname, $method = 0)
|
||||
return (int) GETPOST($paramname, 'int', $method, null, null, 0);
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* Return a value after checking on a rule. A sanitization may also have been done.
|
||||
* Return a sanitized or empty value after checking value against a rule.
|
||||
*
|
||||
* @deprecated
|
||||
* @param string|array $out Value to check/clear.
|
||||
* @param string $check Type of check/sanitizing
|
||||
* @param int $filter Filter to apply when $check is set to 'custom'. (See http://php.net/manual/en/filter.filters.php for détails)
|
||||
@ -723,9 +751,24 @@ function GETPOSTINT($paramname, $method = 0)
|
||||
* @return string|array Value sanitized (string or array). It may be '' if format check fails.
|
||||
*/
|
||||
function checkVal($out = '', $check = 'alphanohtml', $filter = null, $options = null)
|
||||
{
|
||||
return sanitizeVal($out, $check, $filter, $options);
|
||||
}
|
||||
|
||||
/**
|
||||
* Return a sanitized or empty value after checking value against a rule.
|
||||
*
|
||||
* @param string|array $out Value to check/clear.
|
||||
* @param string $check Type of check/sanitizing
|
||||
* @param int $filter Filter to apply when $check is set to 'custom'. (See http://php.net/manual/en/filter.filters.php for détails)
|
||||
* @param mixed $options Options to pass to filter_var when $check is set to 'custom'
|
||||
* @return string|array Value sanitized (string or array). It may be '' if format check fails.
|
||||
*/
|
||||
function sanitizeVal($out = '', $check = 'alphanohtml', $filter = null, $options = null)
|
||||
{
|
||||
global $conf;
|
||||
|
||||
// TODO : use class "Validate" to perform tests (and add missing tests) if needed for factorize
|
||||
// Check is done after replacement
|
||||
switch ($check) {
|
||||
case 'none':
|
||||
|
||||
@ -48,7 +48,7 @@ if (!empty($extrafieldsobjectkey) && !empty($search_array_options) && is_array($
|
||||
}
|
||||
$sql .= ")";
|
||||
}
|
||||
} elseif ($crit != '' && (!in_array($typ, array('select', 'sellist')) || $crit != '0') && (!in_array($typ, array('link')) || $crit != '-1')) {
|
||||
} elseif ($crit != '' && (!in_array($typ, array('select', 'sellist', 'select')) || $crit != '0') && (!in_array($typ, array('link')) || $crit != '-1')) {
|
||||
$mode_search = 0;
|
||||
if (in_array($typ, array('int', 'double', 'real', 'price'))) {
|
||||
$mode_search = 1; // Search on a numeric
|
||||
@ -59,13 +59,14 @@ if (!empty($extrafieldsobjectkey) && !empty($search_array_options) && is_array($
|
||||
if (in_array($typ, array('sellist')) && !is_numeric($crit)) {
|
||||
$mode_search = 0;// Search on a foreign key string
|
||||
}
|
||||
if (in_array($typ, array('chkbxlst', 'checkbox'))) {
|
||||
if (in_array($typ, array('chkbxlst', 'checkbox', 'select'))) {
|
||||
$mode_search = 4; // Search on a multiselect field with sql type = text
|
||||
}
|
||||
if (is_array($crit)) {
|
||||
$crit = implode(' ', $crit); // natural_search() expects a string
|
||||
} elseif ($typ === 'select' and is_string($crit) and strpos($crit, ' ') === false) {
|
||||
$sql .= " AND (".$extrafieldsobjectprefix.$tmpkey." = '".$db->escape($crit)."')";
|
||||
} elseif ($typ === 'select' and is_string($crit) and strpos($crit, ',') === false) {
|
||||
$critSelect = "'".implode("','", array_map(array($db, 'escape'), explode(',', $crit)))."'";
|
||||
$sql .= " AND (".$extrafieldsobjectprefix.$tmpkey." IN (".$db->sanitize($critSelect, 1).") )";
|
||||
continue;
|
||||
}
|
||||
$sql .= natural_search($extrafieldsobjectprefix.$tmpkey, $crit, $mode_search);
|
||||
|
||||
@ -279,8 +279,8 @@ class Shipments extends DolibarrApi
|
||||
|
||||
$request_data = (object) $request_data;
|
||||
|
||||
$request_data->desc = checkVal($request_data->desc, 'restricthtml');
|
||||
$request_data->label = checkVal($request_data->label);
|
||||
$request_data->desc = sanitizeVal($request_data->desc, 'restricthtml');
|
||||
$request_data->label = sanitizeVal($request_data->label);
|
||||
|
||||
$updateRes = $this->shipment->addline(
|
||||
$request_data->desc,
|
||||
@ -347,8 +347,8 @@ class Shipments extends DolibarrApi
|
||||
|
||||
$request_data = (object) $request_data;
|
||||
|
||||
$request_data->desc = checkVal($request_data->desc, 'restricthtml');
|
||||
$request_data->label = checkVal($request_data->label);
|
||||
$request_data->desc = sanitizeVal($request_data->desc, 'restricthtml');
|
||||
$request_data->label = sanitizeVal($request_data->label);
|
||||
|
||||
$updateRes = $this->shipment->updateline(
|
||||
$lineid,
|
||||
|
||||
@ -251,8 +251,8 @@ class ExpenseReports extends DolibarrApi
|
||||
|
||||
$request_data = (object) $request_data;
|
||||
|
||||
$request_data->desc = checkVal($request_data->desc, 'restricthtml');
|
||||
$request_data->label = checkVal($request_data->label);
|
||||
$request_data->desc = sanitizeVal($request_data->desc, 'restricthtml');
|
||||
$request_data->label = sanitizeVal($request_data->label);
|
||||
|
||||
$updateRes = $this->expensereport->addline(
|
||||
$request_data->desc,
|
||||
@ -319,8 +319,8 @@ class ExpenseReports extends DolibarrApi
|
||||
|
||||
$request_data = (object) $request_data;
|
||||
|
||||
$request_data->desc = checkVal($request_data->desc, 'restricthtml');
|
||||
$request_data->label = checkVal($request_data->label);
|
||||
$request_data->desc = sanitizeVal($request_data->desc, 'restricthtml');
|
||||
$request_data->label = sanitizeVal($request_data->label);
|
||||
|
||||
$updateRes = $this->expensereport->updateline(
|
||||
$lineid,
|
||||
|
||||
@ -302,7 +302,7 @@ class Export
|
||||
public function build_filterQuery($TypeField, $NameField, $ValueField)
|
||||
{
|
||||
// phpcs:enable
|
||||
$NameField = checkVal($NameField, 'aZ09');
|
||||
$NameField = sanitizeVal($NameField, 'aZ09');
|
||||
$szFilterQuery = '';
|
||||
|
||||
//print $TypeField." ".$NameField." ".$ValueField;
|
||||
|
||||
@ -558,8 +558,8 @@ class SupplierInvoices extends DolibarrApi
|
||||
|
||||
$request_data = (object) $request_data;
|
||||
|
||||
$request_data->description = checkVal($request_data->description, 'restricthtml');
|
||||
$request_data->ref_supplier = checkVal($request_data->ref_supplier);
|
||||
$request_data->description = sanitizeVal($request_data->description, 'restricthtml');
|
||||
$request_data->ref_supplier = sanitizeVal($request_data->ref_supplier);
|
||||
|
||||
$updateRes = $this->invoice->addline(
|
||||
$request_data->description,
|
||||
@ -625,8 +625,8 @@ class SupplierInvoices extends DolibarrApi
|
||||
|
||||
$request_data = (object) $request_data;
|
||||
|
||||
$request_data->description = checkVal($request_data->description, 'restricthtml');
|
||||
$request_data->ref_supplier = checkVal($request_data->ref_supplier);
|
||||
$request_data->description = sanitizeVal($request_data->description, 'restricthtml');
|
||||
$request_data->ref_supplier = sanitizeVal($request_data->ref_supplier);
|
||||
|
||||
$updateRes = $this->invoice->updateline(
|
||||
$lineid,
|
||||
|
||||
@ -252,7 +252,7 @@ class KnowledgeManagement extends DolibarrApi
|
||||
}
|
||||
|
||||
// Clean data
|
||||
// $this->knowledgerecord->abc = checkVal($this->knowledgerecord->abc, 'alphanohtml');
|
||||
// $this->knowledgerecord->abc = sanitizeVal($this->knowledgerecord->abc, 'alphanohtml');
|
||||
|
||||
if ($this->knowledgerecord->create(DolibarrApiAccess::$user)<0) {
|
||||
throw new RestException(500, "Error creating KnowledgeRecord", array_merge(array($this->knowledgerecord->error), $this->knowledgerecord->errors));
|
||||
@ -294,7 +294,7 @@ class KnowledgeManagement extends DolibarrApi
|
||||
}
|
||||
|
||||
// Clean data
|
||||
// $this->knowledgerecord->abc = checkVal($this->knowledgerecord->abc, 'alphanohtml');
|
||||
// $this->knowledgerecord->abc = sanitizeVal($this->knowledgerecord->abc, 'alphanohtml');
|
||||
|
||||
if ($this->knowledgerecord->update(DolibarrApiAccess::$user, false) > 0) {
|
||||
return $this->get($id);
|
||||
|
||||
@ -218,7 +218,7 @@ class MyModuleApi extends DolibarrApi
|
||||
}
|
||||
|
||||
// Clean data
|
||||
// $this->myobject->abc = checkVal($this->myobject->abc, 'alphanohtml');
|
||||
// $this->myobject->abc = sanitizeVal($this->myobject->abc, 'alphanohtml');
|
||||
|
||||
if ($this->myobject->create(DolibarrApiAccess::$user)<0) {
|
||||
throw new RestException(500, "Error creating MyObject", array_merge(array($this->myobject->error), $this->myobject->errors));
|
||||
@ -260,7 +260,7 @@ class MyModuleApi extends DolibarrApi
|
||||
}
|
||||
|
||||
// Clean data
|
||||
// $this->myobject->abc = checkVal($this->myobject->abc, 'alphanohtml');
|
||||
// $this->myobject->abc = sanitizeVal($this->myobject->abc, 'alphanohtml');
|
||||
|
||||
if ($this->myobject->update(DolibarrApiAccess::$user, false) > 0) {
|
||||
return $this->get($id);
|
||||
|
||||
@ -781,9 +781,9 @@ class Products extends DolibarrApi
|
||||
}
|
||||
|
||||
// Clean data
|
||||
$ref_fourn = checkVal($ref_fourn, 'alphanohtml');
|
||||
$desc_fourn = checkVal($desc_fourn, 'restricthtml');
|
||||
$barcode = checkVal($barcode, 'alphanohtml');
|
||||
$ref_fourn = sanitizeVal($ref_fourn, 'alphanohtml');
|
||||
$desc_fourn = sanitizeVal($desc_fourn, 'restricthtml');
|
||||
$barcode = sanitizeVal($barcode, 'alphanohtml');
|
||||
|
||||
$result = $this->productsupplier->update_buyprice($qty, $buyprice, DolibarrApiAccess::$user, $price_base_type, $fourn, $availability, $ref_fourn, $tva_tx, $charges, $remise_percent, $remise, $newnpr, $delivery_time_days, $supplier_reputation, $localtaxes_array, $newdefaultvatcode, $multicurrency_buyprice, $multicurrency_price_base_type, $multicurrency_tx, $multicurrency_code, $desc_fourn, $barcode, $fk_barcode_type);
|
||||
|
||||
|
||||
@ -333,7 +333,7 @@ class Projects extends DolibarrApi
|
||||
|
||||
$request_data = (object) $request_data;
|
||||
|
||||
$request_data->desc = checkVal($request_data->desc, 'restricthtml');
|
||||
$request_data->desc = sanitizeVal($request_data->desc, 'restricthtml');
|
||||
|
||||
$updateRes = $this->project->addline(
|
||||
$request_data->desc,
|
||||
@ -400,7 +400,7 @@ class Projects extends DolibarrApi
|
||||
|
||||
$request_data = (object) $request_data;
|
||||
|
||||
$request_data->desc = checkVal($request_data->desc, 'restricthtml');
|
||||
$request_data->desc = sanitizeVal($request_data->desc, 'restricthtml');
|
||||
|
||||
$updateRes = $this->project->updateline(
|
||||
$lineid,
|
||||
|
||||
@ -333,7 +333,7 @@ class Tasks extends DolibarrApi
|
||||
|
||||
$request_data = (object) $request_data;
|
||||
|
||||
$request_data->desc = checkVal($request_data->desc, 'restricthtml');
|
||||
$request_data->desc = sanitizeVal($request_data->desc, 'restricthtml');
|
||||
|
||||
$updateRes = $this->project->addline(
|
||||
$request_data->desc,
|
||||
@ -400,7 +400,7 @@ class Tasks extends DolibarrApi
|
||||
|
||||
$request_data = (object) $request_data;
|
||||
|
||||
$request_data->desc = checkVal($request_data->desc, 'restricthtml');
|
||||
$request_data->desc = sanitizeVal($request_data->desc, 'restricthtml');
|
||||
|
||||
$updateRes = $this->project->updateline(
|
||||
$lineid,
|
||||
|
||||
@ -364,7 +364,7 @@ class Recruitment extends DolibarrApi
|
||||
}
|
||||
|
||||
// Clean data
|
||||
// $this->jobposition->abc = checkVal($this->jobposition->abc, 'alphanohtml');
|
||||
// $this->jobposition->abc = sanitizeVal($this->jobposition->abc, 'alphanohtml');
|
||||
|
||||
if ($this->jobposition->create(DolibarrApiAccess::$user)<0) {
|
||||
throw new RestException(500, "Error creating jobposition", array_merge(array($this->jobposition->error), $this->jobposition->errors));
|
||||
@ -396,7 +396,7 @@ class Recruitment extends DolibarrApi
|
||||
}
|
||||
|
||||
// Clean data
|
||||
// $this->jobposition->abc = checkVal($this->jobposition->abc, 'alphanohtml');
|
||||
// $this->jobposition->abc = sanitizeVal($this->jobposition->abc, 'alphanohtml');
|
||||
|
||||
if ($this->candidature->create(DolibarrApiAccess::$user)<0) {
|
||||
throw new RestException(500, "Error creating candidature", array_merge(array($this->candidature->error), $this->candidature->errors));
|
||||
@ -438,7 +438,7 @@ class Recruitment extends DolibarrApi
|
||||
}
|
||||
|
||||
// Clean data
|
||||
// $this->jobposition->abc = checkVal($this->jobposition->abc, 'alphanohtml');
|
||||
// $this->jobposition->abc = sanitizeVal($this->jobposition->abc, 'alphanohtml');
|
||||
|
||||
if ($this->jobposition->update(DolibarrApiAccess::$user, false) > 0) {
|
||||
return $this->get($id);
|
||||
@ -481,7 +481,7 @@ class Recruitment extends DolibarrApi
|
||||
}
|
||||
|
||||
// Clean data
|
||||
// $this->jobposition->abc = checkVal($this->jobposition->abc, 'alphanohtml');
|
||||
// $this->jobposition->abc = sanitizeVal($this->jobposition->abc, 'alphanohtml');
|
||||
|
||||
if ($this->candidature->update(DolibarrApiAccess::$user, false) > 0) {
|
||||
return $this->get($id);
|
||||
|
||||
Loading…
Reference in New Issue
Block a user