From 58f564ce6f835cc4fb8b93e6f2e8f893077275c8 Mon Sep 17 00:00:00 2001
From: Regis Houssin <regis@dolibarr.fr>
Date: Mon, 23 Jul 2007 20:24:33 +0000
Subject: [PATCH] =?UTF-8?q?Fix:=20probl=E8me=20avec=20les=20apostrophes?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 htdocs/product/stock/entrepot.class.php | 10 ++++----
 htdocs/product/stock/fiche.php          | 34 ++++++++++++-------------
 2 files changed, 22 insertions(+), 22 deletions(-)

diff --git a/htdocs/product/stock/entrepot.class.php b/htdocs/product/stock/entrepot.class.php
index 7b3870562c0..2adfd9f715e 100644
--- a/htdocs/product/stock/entrepot.class.php
+++ b/htdocs/product/stock/entrepot.class.php
@@ -125,13 +125,13 @@ class Entrepot
    */
   function update($id, $user)
     {
-      $this->libelle=trim($this->libelle);
-      $this->description=trim($this->description);
+      $this->libelle=addslashes(trim($this->libelle));
+      $this->description=addslashes(trim($this->description));
 
-      $this->lieu=trim($this->lieu);
-      $this->address=trim($this->address);
+      $this->lieu=addslashes(trim($this->lieu));
+      $this->address=addslashes(trim($this->address));
       $this->cp=trim($this->cp);
-      $this->ville=trim($this->ville);
+      $this->ville=addslashes(trim($this->ville));
       $this->pays_id=trim($this->pays_id?$this->pays_id:0);
       
       $sql = "UPDATE ".MAIN_DB_PREFIX."entrepot ";
diff --git a/htdocs/product/stock/fiche.php b/htdocs/product/stock/fiche.php
index aa5d89b3b4a..707bc4277d9 100644
--- a/htdocs/product/stock/fiche.php
+++ b/htdocs/product/stock/fiche.php
@@ -53,15 +53,15 @@ if ($_POST["action"] == 'add')
 {
     $entrepot = new Entrepot($db);
 
-    $entrepot->ref         = trim($_POST["ref"]);
-    $entrepot->libelle     = trim($_POST["libelle"]);
-    $entrepot->description = trim($_POST["desc"]);
-    $entrepot->statut      = trim($_POST["statut"]);
-    $entrepot->lieu        = trim($_POST["lieu"]);
-    $entrepot->address     = trim($_POST["address"]);
-    $entrepot->cp          = trim($_POST["cp"]);
-    $entrepot->ville       = trim($_POST["ville"]);
-    $entrepot->pays_id     = trim($_POST["pays_id"]);
+    $entrepot->ref         = $_POST["ref"];
+    $entrepot->libelle     = $_POST["libelle"];
+    $entrepot->description = $_POST["desc"];
+    $entrepot->statut      = $_POST["statut"];
+    $entrepot->lieu        = $_POST["lieu"];
+    $entrepot->address     = $_POST["address"];
+    $entrepot->cp          = $_POST["cp"];
+    $entrepot->ville       = $_POST["ville"];
+    $entrepot->pays_id     = $_POST["pays_id"];
 
     if ($entrepot->libelle) {
         $id = $entrepot->create($user);
@@ -84,14 +84,14 @@ if ($_POST["action"] == 'update' && $_POST["cancel"] <> $langs->trans("Cancel"))
     $entrepot = new Entrepot($db);
     if ($entrepot->fetch($_POST["id"]))
     {
-        $entrepot->libelle     = trim($_POST["libelle"]);
-        $entrepot->description = trim($_POST["desc"]);
-        $entrepot->statut      = trim($_POST["statut"]);
-        $entrepot->lieu        = trim($_POST["lieu"]);
-        $entrepot->address     = trim($_POST["address"]);
-        $entrepot->cp          = trim($_POST["cp"]);
-        $entrepot->ville       = trim($_POST["ville"]);
-        $entrepot->pays_id     = trim($_POST["pays_id"]);
+        $entrepot->libelle     = $_POST["libelle"];
+        $entrepot->description = $_POST["desc"];
+        $entrepot->statut      = $_POST["statut"];
+        $entrepot->lieu        = $_POST["lieu"];
+        $entrepot->address     = $_POST["address"];
+        $entrepot->cp          = $_POST["cp"];
+        $entrepot->ville       = $_POST["ville"];
+        $entrepot->pays_id     = $_POST["pays_id"];
 
         if ( $entrepot->update($_POST["id"], $user) > 0)
         {