From b1197d4f4e089c42dd44979a78ca6f0a7e30b6ef Mon Sep 17 00:00:00 2001
From: ptibogxiv <support@ptibogxiv.net>
Date: Sun, 13 Mar 2022 15:31:37 +0100
Subject: [PATCH 1/2] Fix for multicompany on online sign url

---
 htdocs/core/lib/signature.lib.php | 6 ++----
 1 file changed, 2 insertions(+), 4 deletions(-)

diff --git a/htdocs/core/lib/signature.lib.php b/htdocs/core/lib/signature.lib.php
index 1d529be6327..c57807800d7 100644
--- a/htdocs/core/lib/signature.lib.php
+++ b/htdocs/core/lib/signature.lib.php
@@ -119,11 +119,9 @@ function getOnlineSignatureUrl($mode, $type, $ref = '', $localorexternal = 1)
 	}
 
 	// For multicompany
-	/*
-	if (!empty($out)) {
-		$out .= "&entity=".$conf->entity; // Check the entity because He may be the same reference in several entities
+	if (!empty($out) && !empty($conf->multicompany->enabled)) {
+		$out .= "&entity=".$conf->entity; // Check the entity because we may have the same reference in several entities
 	}
-	*/
 
 	return $out;
 }

From 149f3e65175085a9c1be17a8ac2e48b8ac6471e6 Mon Sep 17 00:00:00 2001
From: Laurent Destailleur <eldy@users.sourceforge.net>
Date: Wed, 16 Mar 2022 16:01:03 +0100
Subject: [PATCH 2/2] Fix for #20372

---
 htdocs/core/lib/functions.lib.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/htdocs/core/lib/functions.lib.php b/htdocs/core/lib/functions.lib.php
index 9f9435fcdc2..addbb0191f1 100644
--- a/htdocs/core/lib/functions.lib.php
+++ b/htdocs/core/lib/functions.lib.php
@@ -8213,7 +8213,7 @@ function dol_eval($s, $returnvalue = 0, $hideerrors = 1, $onlysimplestring = '1'
 	// Test dangerous char (used for RCE), we allow only PHP variable testing.
 	if ($onlysimplestring == '1') {
 		//print preg_quote('$_->&|', '/');
-		if (preg_match('/[^a-z0-9\s'.preg_quote('$_->&|=!?():"', '/').']/i', $s)) {
+		if (preg_match('/[^a-z0-9\s'.preg_quote('$_+->&|=!?():"', '/').']/i', $s)) {
 			if ($returnvalue) {
 				return 'Bad string syntax to evaluate (found chars that are not chars for simplestring): '.$s;
 			} else {
@@ -8223,7 +8223,7 @@ function dol_eval($s, $returnvalue = 0, $hideerrors = 1, $onlysimplestring = '1'
 		}
 	} elseif ($onlysimplestring == '2') {
 		//print preg_quote('$_->&|', '/');
-		if (preg_match('/[^a-z0-9\s'.preg_quote('^$_->&|=!?():"\';,/', '/').']/i', $s)) {
+		if (preg_match('/[^a-z0-9\s'.preg_quote('^$_+->&|=!?():"\';,/', '/').']/i', $s)) {
 			if ($returnvalue) {
 				return 'Bad string syntax to evaluate (found chars that are not chars for simplestring): '.$s;
 			} else {