diff --git a/htdocs/accountancy/tpl/export_journal.tpl.php b/htdocs/accountancy/tpl/export_journal.tpl.php index b5b6920e853..d9d158607b6 100644 --- a/htdocs/accountancy/tpl/export_journal.tpl.php +++ b/htdocs/accountancy/tpl/export_journal.tpl.php @@ -15,6 +15,15 @@ * You should have received a copy of the GNU General Public License * along with this program. If not, see . */ + +// Protection to avoid direct call of template +if (empty($conf) || ! is_object($conf)) +{ + print "Error, template page can't be called as URL"; + exit; +} + + $prefix = $conf->global->ACCOUNTING_EXPORT_PREFIX_SPEC; $format = $conf->global->ACCOUNTING_EXPORT_FORMAT; $nodateexport = $conf->global->ACCOUNTING_EXPORT_NO_DATE_IN_FILENAME; diff --git a/htdocs/adherents/canvas/default/tpl/adherentcard_create.tpl.php b/htdocs/adherents/canvas/default/tpl/adherentcard_create.tpl.php index f0a50e2e9ba..81f34706966 100644 --- a/htdocs/adherents/canvas/default/tpl/adherentcard_create.tpl.php +++ b/htdocs/adherents/canvas/default/tpl/adherentcard_create.tpl.php @@ -14,8 +14,15 @@ * * You should have received a copy of the GNU General Public License * along with this program. If not, see . - * */ + +// Protection to avoid direct call of template +if (empty($conf) || ! is_object($conf)) +{ + print "Error, template page can't be called as URL"; + exit; +} + ?> diff --git a/htdocs/adherents/canvas/default/tpl/adherentcard_edit.tpl.php b/htdocs/adherents/canvas/default/tpl/adherentcard_edit.tpl.php index 8f3af3fe8df..4a699b75a22 100644 --- a/htdocs/adherents/canvas/default/tpl/adherentcard_edit.tpl.php +++ b/htdocs/adherents/canvas/default/tpl/adherentcard_edit.tpl.php @@ -14,9 +14,16 @@ * * You should have received a copy of the GNU General Public License * along with this program. If not, see . - * */ +// Protection to avoid direct call of template +if (empty($conf) || ! is_object($conf)) +{ + print "Error, template page can't be called as URL"; + exit; +} + + $contact = $GLOBALS['objcanvas']->control->object; ?> diff --git a/htdocs/adherents/canvas/default/tpl/adherentcard_view.tpl.php b/htdocs/adherents/canvas/default/tpl/adherentcard_view.tpl.php index e426429ae05..f19ba96c167 100644 --- a/htdocs/adherents/canvas/default/tpl/adherentcard_view.tpl.php +++ b/htdocs/adherents/canvas/default/tpl/adherentcard_view.tpl.php @@ -14,10 +14,18 @@ * * You should have received a copy of the GNU General Public License * along with this program. If not, see . - * */ +// Protection to avoid direct call of template +if (empty($conf) || ! is_object($conf)) +{ + print "Error, template page can't be called as URL"; + exit; +} + + $contact = $GLOBALS['objcanvas']->control->object; + ?> diff --git a/htdocs/adherents/tpl/linkedobjectblock.tpl.php b/htdocs/adherents/tpl/linkedobjectblock.tpl.php index 19324812beb..118f51a1a89 100644 --- a/htdocs/adherents/tpl/linkedobjectblock.tpl.php +++ b/htdocs/adherents/tpl/linkedobjectblock.tpl.php @@ -15,8 +15,15 @@ * * You should have received a copy of the GNU General Public License * along with this program. If not, see . - * */ + +// Protection to avoid direct call of template +if (empty($conf) || ! is_object($conf)) +{ + print "Error, template page can't be called as URL"; + exit; +} + ?> @@ -33,7 +40,7 @@ $var=true; $total=0; foreach($linkedObjectBlock as $key => $objectlink) { - + ?> > trans("Subscription"); ?> diff --git a/htdocs/comm/propal/tpl/linkedobjectblock.tpl.php b/htdocs/comm/propal/tpl/linkedobjectblock.tpl.php index f797025a5de..cc8c6fe0547 100644 --- a/htdocs/comm/propal/tpl/linkedobjectblock.tpl.php +++ b/htdocs/comm/propal/tpl/linkedobjectblock.tpl.php @@ -22,6 +22,14 @@ * \ingroup propal * \brief Template to show objects linked to proposals */ + +// Protection to avoid direct call of template +if (empty($conf) || ! is_object($conf)) +{ + print "Error, template page can't be called as URL"; + exit; +} + ?> @@ -40,7 +48,7 @@ $var=true; foreach($linkedObjectBlock as $key => $objectlink) { $ilink++; - + $trclass=($var?'pair':'impair'); if ($ilink == count($linkedObjectBlock) && empty($noMoreLinkedObjectBlockAfter) && count($linkedObjectBlock) <= 1) $trclass.=' liste_sub_total'; ?> @@ -71,7 +79,7 @@ if (count($linkedObjectBlock) > 1) - diff --git a/htdocs/commande/tpl/linkedobjectblock.tpl.php b/htdocs/commande/tpl/linkedobjectblock.tpl.php index 629cd3c0fb0..39479ba220b 100644 --- a/htdocs/commande/tpl/linkedobjectblock.tpl.php +++ b/htdocs/commande/tpl/linkedobjectblock.tpl.php @@ -15,8 +15,15 @@ * * You should have received a copy of the GNU General Public License * along with this program. If not, see . - * */ + +// Protection to avoid direct call of template +if (empty($conf) || ! is_object($conf)) +{ + print "Error, template page can't be called as URL"; + exit; +} + ?> @@ -36,7 +43,7 @@ $var=true; foreach($linkedObjectBlock as $key => $objectlink) { $ilink++; - + $trclass=($var?'pair':'impair'); if ($ilink == count($linkedObjectBlock) && empty($noMoreLinkedObjectBlockAfter) && count($linkedObjectBlock) <= 1) $trclass.=' liste_sub_total'; ?> @@ -76,7 +83,7 @@ if (count($linkedObjectBlock) > 1) - diff --git a/htdocs/compta/facture/card.php b/htdocs/compta/facture/card.php index fd9386672e2..e6c30abda2d 100644 --- a/htdocs/compta/facture/card.php +++ b/htdocs/compta/facture/card.php @@ -2538,7 +2538,7 @@ if ($action == 'create') print '    0 ? 'checked':'').' /> "; print '
    0 ? 'checked':'').' /> "; print ''; - + print ''; } } diff --git a/htdocs/compta/facture/tpl/linkedobjectblock.tpl.php b/htdocs/compta/facture/tpl/linkedobjectblock.tpl.php index 63c16afae15..ca3ec7c89c0 100644 --- a/htdocs/compta/facture/tpl/linkedobjectblock.tpl.php +++ b/htdocs/compta/facture/tpl/linkedobjectblock.tpl.php @@ -15,8 +15,15 @@ * * You should have received a copy of the GNU General Public License * along with this program. If not, see . - * */ + +// Protection to avoid direct call of template +if (empty($conf) || ! is_object($conf)) +{ + print "Error, template page can't be called as URL"; + exit; +} + ?> @@ -36,7 +43,7 @@ $var=true; foreach($linkedObjectBlock as $key => $objectlink) { $ilink++; - + $trclass=($var?'pair':'impair'); if ($ilink == count($linkedObjectBlock) && empty($noMoreLinkedObjectBlockAfter) && count($linkedObjectBlock) <= 1) $trclass.=' liste_sub_total'; ?> @@ -54,7 +61,7 @@ foreach($linkedObjectBlock as $key => $objectlink) $total = $total + $sign * $objectlink->total_ht; echo price($objectlink->total_ht); } - else + else { echo ''.price($objectlink->total_ht).''; } @@ -76,7 +83,7 @@ if (count($linkedObjectBlock) > 1) - diff --git a/htdocs/compta/facture/tpl/linkedobjectblockForRec.tpl.php b/htdocs/compta/facture/tpl/linkedobjectblockForRec.tpl.php index 2e7858fdb08..288e852de71 100644 --- a/htdocs/compta/facture/tpl/linkedobjectblockForRec.tpl.php +++ b/htdocs/compta/facture/tpl/linkedobjectblockForRec.tpl.php @@ -15,8 +15,15 @@ * * You should have received a copy of the GNU General Public License * along with this program. If not, see . - * */ + +// Protection to avoid direct call of template +if (empty($conf) || ! is_object($conf)) +{ + print "Error, template page can't be called as URL"; + exit; +} + ?> @@ -36,7 +43,7 @@ $var=true; foreach($linkedObjectBlock as $key => $objectlink) { $ilink++; - + $trclass=($var?'pair':'impair'); if ($ilink == count($linkedObjectBlock) && empty($noMoreLinkedObjectBlockAfter) && count($linkedObjectBlock) <= 1) $trclass.=' liste_sub_total'; ?> diff --git a/htdocs/contact/canvas/default/tpl/contactcard_create.tpl.php b/htdocs/contact/canvas/default/tpl/contactcard_create.tpl.php index fbd1d1909a8..1561f046845 100644 --- a/htdocs/contact/canvas/default/tpl/contactcard_create.tpl.php +++ b/htdocs/contact/canvas/default/tpl/contactcard_create.tpl.php @@ -13,8 +13,15 @@ * * You should have received a copy of the GNU General Public License * along with this program. If not, see . - * */ + +// Protection to avoid direct call of template +if (empty($conf) || ! is_object($conf)) +{ + print "Error, template page can't be called as URL"; + exit; +} + ?> diff --git a/htdocs/contact/canvas/default/tpl/contactcard_edit.tpl.php b/htdocs/contact/canvas/default/tpl/contactcard_edit.tpl.php index 56e91894cdd..1eaccff5a1f 100644 --- a/htdocs/contact/canvas/default/tpl/contactcard_edit.tpl.php +++ b/htdocs/contact/canvas/default/tpl/contactcard_edit.tpl.php @@ -13,9 +13,16 @@ * * You should have received a copy of the GNU General Public License * along with this program. If not, see . - * */ +// Protection to avoid direct call of template +if (empty($conf) || ! is_object($conf)) +{ + print "Error, template page can't be called as URL"; + exit; +} + + $contact = $GLOBALS['objcanvas']->control->object; ?> diff --git a/htdocs/contact/canvas/default/tpl/contactcard_view.tpl.php b/htdocs/contact/canvas/default/tpl/contactcard_view.tpl.php index 5dc1c12808f..6041e7c3e2c 100644 --- a/htdocs/contact/canvas/default/tpl/contactcard_view.tpl.php +++ b/htdocs/contact/canvas/default/tpl/contactcard_view.tpl.php @@ -13,9 +13,16 @@ * * You should have received a copy of the GNU General Public License * along with this program. If not, see . - * */ +// Protection to avoid direct call of template +if (empty($conf) || ! is_object($conf)) +{ + print "Error, template page can't be called as URL"; + exit; +} + + $contact = $GLOBALS['objcanvas']->control->object; ?> diff --git a/htdocs/contrat/tpl/linkedobjectblock.tpl.php b/htdocs/contrat/tpl/linkedobjectblock.tpl.php index a2da6cef24e..eae46dad772 100644 --- a/htdocs/contrat/tpl/linkedobjectblock.tpl.php +++ b/htdocs/contrat/tpl/linkedobjectblock.tpl.php @@ -14,6 +14,14 @@ * You should have received a copy of the GNU General Public License * along with this program. If not, see . */ + +// Protection to avoid direct call of template +if (empty($conf) || ! is_object($conf)) +{ + print "Error, template page can't be called as URL"; + exit; +} + ?> @@ -33,7 +41,7 @@ $var=true; foreach($linkedObjectBlock as $key => $objectlink) { $ilink++; - + $trclass=($var?'pair':'impair'); if ($ilink == count($linkedObjectBlock) && empty($noMoreLinkedObjectBlockAfter) && count($linkedObjectBlock) <= 1) $trclass.=' liste_sub_total'; ?> diff --git a/htdocs/core/tpl/admin_extrafields_add.tpl.php b/htdocs/core/tpl/admin_extrafields_add.tpl.php index 62821372e56..d9ba847925d 100644 --- a/htdocs/core/tpl/admin_extrafields_add.tpl.php +++ b/htdocs/core/tpl/admin_extrafields_add.tpl.php @@ -26,6 +26,13 @@ * $elementtype */ +// Protection to avoid direct call of template +if (empty($conf) || ! is_object($conf)) +{ + print "Error, template page can't be called as URL"; + exit; +} + ?> @@ -56,11 +63,11 @@ // Case of computed field console.log(type); - if (type == '' || type == 'varchar' || type == 'int' || type == 'double' || type == 'price') { - jQuery("tr.extra_computed_value").show(); + if (type == '' || type == 'varchar' || type == 'int' || type == 'double' || type == 'price') { + jQuery("tr.extra_computed_value").show(); } else { computed_value.val(''); jQuery("tr.extra_computed_value").hide(); - } + } if (computed_value.val()) { console.log("We enter a computed formula"); @@ -75,7 +82,7 @@ jQuery("#default_value, #unique, #required, #alwayseditable, #ishidden, #list").attr('disabled', false); jQuery("tr.extra_default_value, tr.extra_unique, tr.extra_required, tr.extra_alwayseditable, tr.extra_ishidden, tr.extra_list").show(); } - + if (type == 'date') { size.val('').prop('disabled', true); unique.removeAttr('disabled'); jQuery("#value_choice").hide();jQuery("#helpchkbxlst").hide(); } else if (type == 'datetime') { size.val('').prop('disabled', true); unique.removeAttr('disabled'); jQuery("#value_choice").hide(); jQuery("#helpchkbxlst").hide();} else if (type == 'double') { size.val('24,8').removeAttr('disabled'); unique.removeAttr('disabled'); jQuery("#value_choice").hide(); jQuery("#helpchkbxlst").hide();} @@ -90,8 +97,8 @@ else if (type == 'checkbox') { size.val('').prop('disabled', true); unique.removeAttr('checked').prop('disabled', true); jQuery("#value_choice").show();jQuery("#helpselect").show();jQuery("#helpsellist").hide();jQuery("#helpchkbxlst").hide();jQuery("#helplink").hide();} else if (type == 'chkbxlst') { size.val('').prop('disabled', true); unique.removeAttr('checked').prop('disabled', true); jQuery("#value_choice").show();jQuery("#helpselect").hide();jQuery("#helpsellist").hide();jQuery("#helpchkbxlst").show();jQuery("#helplink").hide();} else if (type == 'link') { size.val('').prop('disabled', true); unique.removeAttr('disabled'); jQuery("#value_choice").show();jQuery("#helpselect").hide();jQuery("#helpsellist").hide();jQuery("#helpchkbxlst").hide();jQuery("#helplink").show();} - else if (type == 'separate') { - size.val('').prop('disabled', true); unique.removeAttr('checked').prop('disabled', true); required.val('').prop('disabled', true); + else if (type == 'separate') { + size.val('').prop('disabled', true); unique.removeAttr('checked').prop('disabled', true); required.val('').prop('disabled', true); jQuery("#value_choice").hide();jQuery("#helpselect").hide();jQuery("#helpsellist").hide();jQuery("#helpchkbxlst").hide();jQuery("#helplink").hide(); } else { // type = string @@ -102,12 +109,12 @@ if (type == 'separate') { required.removeAttr('checked').prop('disabled', true); alwayseditable.removeAttr('checked').prop('disabled', true); list.val('').prop('disabled', true); - jQuery('#size, #default_value').val('').prop('disabled', true); + jQuery('#size, #default_value').val('').prop('disabled', true); } else { default_value.removeAttr('disabled'); - required.removeAttr('disabled'); alwayseditable.removeAttr('disabled'); list.val('').removeAttr('disabled'); + required.removeAttr('disabled'); alwayseditable.removeAttr('disabled'); list.val('').removeAttr('disabled'); } } init_typeoffields(''); diff --git a/htdocs/core/tpl/admin_extrafields_edit.tpl.php b/htdocs/core/tpl/admin_extrafields_edit.tpl.php index 6f049c506a3..b8d3cba1d59 100644 --- a/htdocs/core/tpl/admin_extrafields_edit.tpl.php +++ b/htdocs/core/tpl/admin_extrafields_edit.tpl.php @@ -25,6 +25,13 @@ * $elementtype */ +// Protection to avoid direct call of template +if (empty($conf) || ! is_object($conf)) +{ + print "Error, template page can't be called as URL"; + exit; +} + ?> @@ -54,11 +61,11 @@ ?> // Case of computed field - if (type == 'varchar' || type == 'int' || type == 'double' || type == 'price') { - jQuery("tr.extra_computed_value").show(); + if (type == 'varchar' || type == 'int' || type == 'double' || type == 'price') { + jQuery("tr.extra_computed_value").show(); } else { computed_value.val(''); jQuery("tr.extra_computed_value").hide(); - } + } if (computed_value.val()) { console.log("We enter a computed formula"); @@ -73,7 +80,7 @@ jQuery("#default_value, #unique, #required, #alwayseditable, #ishidden, #list").attr('disabled', false); jQuery("tr.extra_default_value, tr.extra_unique, tr.extra_required, tr.extra_alwayseditable, tr.extra_ishidden, tr.extra_list").show(); } - + if (type == 'date') { size.val('').prop('disabled', true); unique.removeAttr('disabled'); jQuery("#value_choice").hide();jQuery("#helpchkbxlst").hide(); } else if (type == 'datetime') { size.val('').prop('disabled', true); unique.removeAttr('disabled'); jQuery("#value_choice").hide(); jQuery("#helpchkbxlst").hide();} else if (type == 'double') { size.removeAttr('disabled'); unique.removeAttr('disabled'); jQuery("#value_choice").hide(); jQuery("#helpchkbxlst").hide();} @@ -91,19 +98,19 @@ else if (type == 'separate') { size.val('').prop('disabled', true); unique.removeAttr('checked').prop('disabled', true); required.val('').prop('disabled', true); default_value.val('').prop('disabled', true); jQuery("#value_choice").hide();jQuery("#helpselect").hide();jQuery("#helpsellist").hide();jQuery("#helpchkbxlst").hide();jQuery("#helplink").hide();} else { // type = string size.val('').prop('disabled', true); - unique.removeAttr('disabled'); + unique.removeAttr('disabled'); } if (type == 'separate') { - required.removeAttr('checked').prop('disabled', true); alwayseditable.removeAttr('checked').prop('disabled', true); list.val('').prop('disabled', true); - jQuery('#size, #default_value').val('').prop('disabled', true); + required.removeAttr('checked').prop('disabled', true); alwayseditable.removeAttr('checked').prop('disabled', true); list.val('').prop('disabled', true); + jQuery('#size, #default_value').val('').prop('disabled', true); } else { default_value.removeAttr('disabled'); - required.removeAttr('disabled'); alwayseditable.removeAttr('disabled'); list.val('').removeAttr('disabled'); - } + required.removeAttr('disabled'); alwayseditable.removeAttr('disabled'); list.val('').removeAttr('disabled'); + } } init_typeoffields(jQuery("#type").val()); jQuery("#type").change(function() { @@ -113,7 +120,7 @@ // If we enter a formula, we disable other fields jQuery("#computed_value").keyup(function() { init_typeoffields(jQuery('#type').val()); - }); + }); }); diff --git a/htdocs/core/tpl/admin_extrafields_view.tpl.php b/htdocs/core/tpl/admin_extrafields_view.tpl.php index a6d7e735735..6d3bb43f3b2 100644 --- a/htdocs/core/tpl/admin_extrafields_view.tpl.php +++ b/htdocs/core/tpl/admin_extrafields_view.tpl.php @@ -22,6 +22,14 @@ * $extrafield * $elementtype */ + +// Protection to avoid direct call of template +if (empty($langs) || ! is_object($langs)) +{ + print "Error, template page can't be called as URL"; + exit; +} + ?> @@ -56,7 +64,7 @@ if (count($extrafields->attribute_type)) { foreach($extrafields->attribute_type as $key => $value) { - + print ''; print "".$extrafields->attribute_pos[$key]."\n"; print "".$extrafields->attribute_label[$key]."\n"; @@ -77,7 +85,7 @@ else { $colspan=9; if (! empty($conf->global->MAIN_CAN_HIDE_EXTRAFIELDS)) $colspan++; - + print ''; print ''; print $langs->trans("None"); diff --git a/htdocs/core/tpl/ajax/fileupload_main.tpl.php b/htdocs/core/tpl/ajax/fileupload_main.tpl.php index 034e9ebc3fc..93f0826e160 100644 --- a/htdocs/core/tpl/ajax/fileupload_main.tpl.php +++ b/htdocs/core/tpl/ajax/fileupload_main.tpl.php @@ -13,8 +13,15 @@ * * You should have received a copy of the GNU General Public License * along with this program. If not, see . - * */ + +// Protection to avoid direct call of template +if (empty($conf) || ! is_object($conf)) +{ + print "Error, template page can't be called as URL"; + exit; +} + ?> diff --git a/htdocs/core/tpl/ajax/fileupload_view.tpl.php b/htdocs/core/tpl/ajax/fileupload_view.tpl.php index 0c048933473..482a3aef8e4 100644 --- a/htdocs/core/tpl/ajax/fileupload_view.tpl.php +++ b/htdocs/core/tpl/ajax/fileupload_view.tpl.php @@ -13,8 +13,15 @@ * * You should have received a copy of the GNU General Public License * along with this program. If not, see . - * */ + +// Protection to avoid direct call of template +if (empty($conf) || ! is_object($conf)) +{ + print "Error, template page can't be called as URL"; + exit; +} + ?> diff --git a/htdocs/core/tpl/ajaxrow.tpl.php b/htdocs/core/tpl/ajaxrow.tpl.php index a5d8ab039b8..af300528111 100644 --- a/htdocs/core/tpl/ajaxrow.tpl.php +++ b/htdocs/core/tpl/ajaxrow.tpl.php @@ -19,6 +19,14 @@ * You can use this if you want to be abale to drag and drop rows of a table. * You must add id="tablelines" on table level tag and have ($nboflines or count($object->lines) or count($taskarray) > 0) */ + +// Protection to avoid direct call of template +if (empty($object) || ! is_object($object)) +{ + print "Error, template page can't be called as URL"; + exit; +} + ?> diff --git a/htdocs/core/tpl/bloc_showhide.tpl.php b/htdocs/core/tpl/bloc_showhide.tpl.php index 2c5d71c79d5..c572012ca60 100644 --- a/htdocs/core/tpl/bloc_showhide.tpl.php +++ b/htdocs/core/tpl/bloc_showhide.tpl.php @@ -16,6 +16,13 @@ * along with this program. If not, see . */ +// Protection to avoid direct call of template +if (empty($blocname)) +{ + print "Error, template page can't be called as URL"; + exit; +} + $hide = true; // Hide by default if (isset($parameters['showblocbydefault'])) $hide=(empty($parameters['showblocbydefault']) ? true : false); if (isset($object->extraparams[$blocname]['showhide'])) $hide = (empty($object->extraparams[$blocname]['showhide']) ? true : false); diff --git a/htdocs/core/tpl/contacts.tpl.php b/htdocs/core/tpl/contacts.tpl.php index c7b3ea7342f..27d57d3e48a 100644 --- a/htdocs/core/tpl/contacts.tpl.php +++ b/htdocs/core/tpl/contacts.tpl.php @@ -21,6 +21,14 @@ * $withproject (if we are on task contact) */ +// Protection to avoid direct call of template +if (empty($object) || ! is_object($object)) +{ + print "Error, template page can't be called as URL"; + exit; +} + + require_once DOL_DOCUMENT_ROOT.'/contact/class/contact.class.php'; require_once DOL_DOCUMENT_ROOT.'/core/class/html.formcompany.class.php'; diff --git a/htdocs/core/tpl/document_actions_post_headers.tpl.php b/htdocs/core/tpl/document_actions_post_headers.tpl.php index e613c479ee0..63046fefa3f 100644 --- a/htdocs/core/tpl/document_actions_post_headers.tpl.php +++ b/htdocs/core/tpl/document_actions_post_headers.tpl.php @@ -24,6 +24,14 @@ // $modulepart = for download // $param = param to add to download links +// Protection to avoid direct call of template +if (empty($langs) || ! is_object($langs)) +{ + print "Error, template page can't be called as URL"; + exit; +} + + $langs->load("link"); if (empty($relativepathwithnofile)) $relativepathwithnofile=''; if (empty($permtoedit)) $permtoedit=-1; diff --git a/htdocs/core/tpl/extrafields_view.tpl.php b/htdocs/core/tpl/extrafields_view.tpl.php index 0f1d581c99f..433e8d07094 100644 --- a/htdocs/core/tpl/extrafields_view.tpl.php +++ b/htdocs/core/tpl/extrafields_view.tpl.php @@ -24,6 +24,14 @@ * $parameters * $cols */ + +// Protection to avoid direct call of template +if (empty($object) || ! is_object($object)) +{ + print "Error, template page can't be called as URL"; + exit; +} + ?> array('js'=>..., 'table'=>...); +// Protection to avoid direct call of template +if (empty($conf) || ! is_object($conf)) +{ + print "Error, template page can't be called as URL"; + exit; +} + + header('Cache-Control: Public, must-revalidate'); header("Content-type: text/html; charset=".$conf->file->character_set_client); diff --git a/htdocs/core/tpl/notes.tpl.php b/htdocs/core/tpl/notes.tpl.php index 2538e052ae4..da3ad8fb234 100644 --- a/htdocs/core/tpl/notes.tpl.php +++ b/htdocs/core/tpl/notes.tpl.php @@ -17,6 +17,14 @@ * along with this program. If not, see . */ +// Protection to avoid direct call of template +if (empty($object) || ! is_object($object)) +{ + print "Error, template page can't be called as URL"; + exit; +} + + // $cssclass must be defined by caller. For example cssclass='fieldtitle" $module = $object->element; $note_public = 'note_public'; diff --git a/htdocs/core/tpl/objectline_create.tpl.php b/htdocs/core/tpl/objectline_create.tpl.php index b123a6e91c2..d44008704be 100644 --- a/htdocs/core/tpl/objectline_create.tpl.php +++ b/htdocs/core/tpl/objectline_create.tpl.php @@ -30,6 +30,13 @@ * $inputalsopricewithtax (0 by default, 1 to also show column with unit price including tax) */ +// Protection to avoid direct call of template +if (empty($object) || ! is_object($object)) +{ + print "Error, template page can't be called as URL"; + exit; +} + $usemargins=0; if (! empty($conf->margin->enabled) && ! empty($object->element) && in_array($object->element,array('facture','propal','commande'))) diff --git a/htdocs/core/tpl/objectline_edit.tpl.php b/htdocs/core/tpl/objectline_edit.tpl.php index 2f839e06281..3b62c0e7814 100644 --- a/htdocs/core/tpl/objectline_edit.tpl.php +++ b/htdocs/core/tpl/objectline_edit.tpl.php @@ -30,6 +30,13 @@ * $inputalsopricewithtax (0 by default, 1 to also show column with unit price including tax) */ +// Protection to avoid direct call of template +if (empty($object) || ! is_object($object)) +{ + print "Error, template page can't be called as URL"; + exit; +} + $usemargins=0; if (! empty($conf->margin->enabled) && ! empty($object->element) && in_array($object->element,array('facture','propal','commande'))) $usemargins=1; @@ -266,21 +273,21 @@ jQuery(document).ready(function() if (event.which != 9 && (event.which < 37 ||event.which > 40) && jQuery("#price_ht").val() != '') { jQuery("#price_ttc").val(''); jQuery("#multicurrency_subprice").val(''); - } + } }); jQuery("#price_ttc").keyup(function(event) { // console.log(event.which); // discard event tag and arrows if (event.which != 9 && (event.which < 37 || event.which > 40) && jQuery("#price_ttc").val() != '') { jQuery("#price_ht").val(''); jQuery("#multicurrency_subprice").val(''); - } + } }); jQuery("#multicurrency_subprice").keyup(function(event) { // console.log(event.which); // discard event tag and arrows if (event.which != 9 && (event.which < 37 || event.which > 40) && jQuery("#price_ttc").val() != '') { jQuery("#price_ht").val(''); jQuery("#price_ttc").val(''); - } + } }); . - * */ + +// Protection to avoid direct call of template +if (empty($conf) || ! is_object($conf)) +{ + print "Error, template page can't be called as URL"; + exit; +} + ?> diff --git a/htdocs/core/tpl/passwordforgotten.tpl.php b/htdocs/core/tpl/passwordforgotten.tpl.php index 9e155be88c9..bdcca51b4e7 100644 --- a/htdocs/core/tpl/passwordforgotten.tpl.php +++ b/htdocs/core/tpl/passwordforgotten.tpl.php @@ -16,6 +16,14 @@ * along with this program. If not, see . */ +// Protection to avoid direct call of template +if (empty($conf) || ! is_object($conf)) +{ + print "Error, template page can't be called as URL"; + exit; +} + + header('Cache-Control: Public, must-revalidate'); header("Content-type: text/html; charset=".$conf->file->character_set_client); diff --git a/htdocs/core/tpl/resource_add.tpl.php b/htdocs/core/tpl/resource_add.tpl.php index 28c42c85b71..af1d25aaee1 100644 --- a/htdocs/core/tpl/resource_add.tpl.php +++ b/htdocs/core/tpl/resource_add.tpl.php @@ -1,6 +1,14 @@ 0) foreach ($linked_resources as $linked_resource) { - + $object_resource = fetchObjectByElement($linked_resource['resource_id'],$linked_resource['resource_type']); - + //$element_id = $linked_resource['rowid']; - + if ($mode == 'edit' && $linked_resource['rowid'] == GETPOST('lineid')) { diff --git a/htdocs/ecm/tpl/enablefiletreeajax.tpl.php b/htdocs/ecm/tpl/enablefiletreeajax.tpl.php index bbcbb7090a4..d002281ae34 100644 --- a/htdocs/ecm/tpl/enablefiletreeajax.tpl.php +++ b/htdocs/ecm/tpl/enablefiletreeajax.tpl.php @@ -16,6 +16,14 @@ * * Output javascript for interactions code of ecm module */ + +// Protection to avoid direct call of template +if (empty($conf) || ! is_object($conf)) +{ + print "Error, template page can't be called as URL"; + exit; +} + ?> diff --git a/htdocs/expedition/tpl/linkedobjectblock.tpl.php b/htdocs/expedition/tpl/linkedobjectblock.tpl.php index b55654f4786..88811da2eab 100644 --- a/htdocs/expedition/tpl/linkedobjectblock.tpl.php +++ b/htdocs/expedition/tpl/linkedobjectblock.tpl.php @@ -14,8 +14,15 @@ * * You should have received a copy of the GNU General Public License * along with this program. If not, see . - * */ + +// Protection to avoid direct call of template +if (empty($conf) || ! is_object($conf)) +{ + print "Error, template page can't be called as URL"; + exit; +} + ?> @@ -34,7 +41,7 @@ $var=true; foreach($linkedObjectBlock as $key => $objectlink) { $ilink++; - + $trclass=($var?'pair':'impair'); if ($ilink == count($linkedObjectBlock) && empty($noMoreLinkedObjectBlockAfter) && count($linkedObjectBlock) <= 1) $trclass.=' liste_sub_total'; ?> @@ -73,7 +80,7 @@ if (count($linkedObjectBlock) > 1) - diff --git a/htdocs/expensereport/tpl/linkedobjectblock.tpl.php b/htdocs/expensereport/tpl/linkedobjectblock.tpl.php index 7fec53bf3d8..95894a8987e 100644 --- a/htdocs/expensereport/tpl/linkedobjectblock.tpl.php +++ b/htdocs/expensereport/tpl/linkedobjectblock.tpl.php @@ -15,8 +15,15 @@ * * You should have received a copy of the GNU General Public License * along with this program. If not, see . - * */ + +// Protection to avoid direct call of template +if (empty($conf) || ! is_object($conf)) +{ + print "Error, template page can't be called as URL"; + exit; +} + ?> @@ -32,7 +39,7 @@ $var=true; $total=0; foreach($linkedObjectBlock as $key => $objectlink) { - + ?> > trans("ExpenseReport"); ?> diff --git a/htdocs/fichinter/tpl/linkedobjectblock.tpl.php b/htdocs/fichinter/tpl/linkedobjectblock.tpl.php index 455f383fd4a..5d180f0aa82 100644 --- a/htdocs/fichinter/tpl/linkedobjectblock.tpl.php +++ b/htdocs/fichinter/tpl/linkedobjectblock.tpl.php @@ -13,8 +13,15 @@ * * You should have received a copy of the GNU General Public License * along with this program. If not, see . - * */ + +// Protection to avoid direct call of template +if (empty($conf) || ! is_object($conf)) +{ + print "Error, template page can't be called as URL"; + exit; +} + ?> @@ -33,7 +40,7 @@ $var=true; foreach($linkedObjectBlock as $key => $objectlink) { $ilink++; - + $trclass=($var?'pair':'impair'); if ($ilink == count($linkedObjectBlock) && empty($noMoreLinkedObjectBlockAfter) && count($linkedObjectBlock) <= 1) $trclass.=' liste_sub_total'; ?> diff --git a/htdocs/fourn/commande/tpl/linkedobjectblock.tpl.php b/htdocs/fourn/commande/tpl/linkedobjectblock.tpl.php index 232d12fad3d..113115f9ff8 100644 --- a/htdocs/fourn/commande/tpl/linkedobjectblock.tpl.php +++ b/htdocs/fourn/commande/tpl/linkedobjectblock.tpl.php @@ -14,8 +14,15 @@ * * You should have received a copy of the GNU General Public License * along with this program. If not, see . - * */ + +// Protection to avoid direct call of template +if (empty($conf) || ! is_object($conf)) +{ + print "Error, template page can't be called as URL"; + exit; +} + ?> @@ -35,7 +42,7 @@ $var=true; foreach($linkedObjectBlock as $key => $objectlink) { $ilink++; - + $trclass=($var?'pair':'impair'); if ($ilink == count($linkedObjectBlock) && empty($noMoreLinkedObjectBlockAfter) && count($linkedObjectBlock) <= 1) $trclass.=' liste_sub_total'; ?> @@ -66,7 +73,7 @@ if (count($linkedObjectBlock) > 1) - diff --git a/htdocs/fourn/facture/tpl/linkedobjectblock.tpl.php b/htdocs/fourn/facture/tpl/linkedobjectblock.tpl.php index e8154cd8259..ce72f5be42e 100644 --- a/htdocs/fourn/facture/tpl/linkedobjectblock.tpl.php +++ b/htdocs/fourn/facture/tpl/linkedobjectblock.tpl.php @@ -17,6 +17,14 @@ * You should have received a copy of the GNU General Public License * along with this program. If not, see . */ + +// Protection to avoid direct call of template +if (empty($conf) || ! is_object($conf)) +{ + print "Error, template page can't be called as URL"; + exit; +} + ?> @@ -36,7 +44,7 @@ $var=true; foreach($linkedObjectBlock as $key => $objectlink) { $ilink++; - + $trclass=($var?'pair':'impair'); if ($ilink == count($linkedObjectBlock) && empty($noMoreLinkedObjectBlockAfter) && count($linkedObjectBlock) <= 1) $trclass.=' liste_sub_total'; ?> @@ -54,7 +62,7 @@ foreach($linkedObjectBlock as $key => $objectlink) $total = $total + $sign * $objectlink->total_ht; echo price($objectlink->total_ht); } - else + else { echo ''.price($objectlink->total_ht).''; } @@ -62,7 +70,7 @@ foreach($linkedObjectBlock as $key => $objectlink) getLibStatut(3); ?> ">transnoentitiesnoconv("RemoveLink")); ?> - 1) { @@ -76,7 +84,7 @@ if (count($linkedObjectBlock) > 1) - diff --git a/htdocs/main.inc.php b/htdocs/main.inc.php index d5a692ca86e..2b4ad4de3c5 100644 --- a/htdocs/main.inc.php +++ b/htdocs/main.inc.php @@ -81,7 +81,7 @@ function test_sql_and_script_inject($val, $type) // For SQL Injection (only GET and POST are used to be included into bad escaped SQL requests) if ($type != 2) { - $inj += preg_match('/updatexml^(/i', $val); + $inj += preg_match('/updatexml\(/i', $val); $inj += preg_match('/delete\s+from/i', $val); $inj += preg_match('/create\s+table/i', $val); $inj += preg_match('/update.+set.+=/i', $val); diff --git a/htdocs/modulebuilder/template/core/tpl/mytemplate.tpl.php b/htdocs/modulebuilder/template/core/tpl/mytemplate.tpl.php index 9d399c44e85..3684ded0092 100644 --- a/htdocs/modulebuilder/template/core/tpl/mytemplate.tpl.php +++ b/htdocs/modulebuilder/template/core/tpl/mytemplate.tpl.php @@ -23,5 +23,13 @@ * Put detailed description here. */ +// Protection to avoid direct call of template +if (empty($conf) || ! is_object($conf)) +{ + print "Error, template page can't be called as URL"; + exit; +} + + /** Your code here. */ echo "Hello world!"; diff --git a/htdocs/product/canvas/product/tpl/card_create.tpl.php b/htdocs/product/canvas/product/tpl/card_create.tpl.php index 514c5d213d5..e763605f701 100644 --- a/htdocs/product/canvas/product/tpl/card_create.tpl.php +++ b/htdocs/product/canvas/product/tpl/card_create.tpl.php @@ -15,6 +15,14 @@ * along with this program. If not, see . */ +// Protection to avoid direct call of template +if (empty($conf) || ! is_object($conf)) +{ + print "Error, template page can't be called as URL"; + exit; +} + + $object=$GLOBALS['object']; $statutarray=array('1' => $langs->trans("OnSell"), '0' => $langs->trans("NotOnSell")); diff --git a/htdocs/product/canvas/product/tpl/card_edit.tpl.php b/htdocs/product/canvas/product/tpl/card_edit.tpl.php index 686ad7217b7..c64c5dbe1e4 100644 --- a/htdocs/product/canvas/product/tpl/card_edit.tpl.php +++ b/htdocs/product/canvas/product/tpl/card_edit.tpl.php @@ -15,6 +15,14 @@ * along with this program. If not, see . */ +// Protection to avoid direct call of template +if (empty($conf) || ! is_object($conf)) +{ + print "Error, template page can't be called as URL"; + exit; +} + + $object=$GLOBALS['object']; $statutarray=array('1' => $langs->trans("OnSell"), '0' => $langs->trans("NotOnSell")); diff --git a/htdocs/product/canvas/product/tpl/card_view.tpl.php b/htdocs/product/canvas/product/tpl/card_view.tpl.php index 771005781cd..44b1f96203b 100644 --- a/htdocs/product/canvas/product/tpl/card_view.tpl.php +++ b/htdocs/product/canvas/product/tpl/card_view.tpl.php @@ -15,6 +15,14 @@ * along with this program. If not, see . */ +// Protection to avoid direct call of template +if (empty($conf) || ! is_object($conf)) +{ + print "Error, template page can't be called as URL"; + exit; +} + + $object=$GLOBALS['object']; ?> diff --git a/htdocs/product/canvas/product/tpl/list.tpl.php b/htdocs/product/canvas/product/tpl/list.tpl.php index db7cac7e51c..e5c315e8148 100644 --- a/htdocs/product/canvas/product/tpl/list.tpl.php +++ b/htdocs/product/canvas/product/tpl/list.tpl.php @@ -13,8 +13,15 @@ * * You should have received a copy of the GNU General Public License * along with this program. If not, see . - * */ + +// Protection to avoid direct call of template +if (empty($conf) || ! is_object($conf)) +{ + print "Error, template page can't be called as URL"; + exit; +} + ?> @@ -69,7 +76,7 @@ if ($searchfield['enabled']) { if ($searchfield['search']) { ?> - '; $searchpicto=$form->showFilterAndCheckAddButtons(0); print $searchpicto; diff --git a/htdocs/product/canvas/service/tpl/card_create.tpl.php b/htdocs/product/canvas/service/tpl/card_create.tpl.php index e25f69d8848..46db54d63b8 100644 --- a/htdocs/product/canvas/service/tpl/card_create.tpl.php +++ b/htdocs/product/canvas/service/tpl/card_create.tpl.php @@ -13,9 +13,16 @@ * * You should have received a copy of the GNU General Public License * along with this program. If not, see . - * */ +// Protection to avoid direct call of template +if (empty($conf) || ! is_object($conf)) +{ + print "Error, template page can't be called as URL"; + exit; +} + + $object=$GLOBALS['object']; $statutarray=array('1' => $langs->trans("OnSell"), '0' => $langs->trans("NotOnSell")); diff --git a/htdocs/product/canvas/service/tpl/card_edit.tpl.php b/htdocs/product/canvas/service/tpl/card_edit.tpl.php index 27348b7820d..06d1b3ff612 100644 --- a/htdocs/product/canvas/service/tpl/card_edit.tpl.php +++ b/htdocs/product/canvas/service/tpl/card_edit.tpl.php @@ -15,6 +15,14 @@ * along with this program. If not, see . */ +// Protection to avoid direct call of template +if (empty($conf) || ! is_object($conf)) +{ + print "Error, template page can't be called as URL"; + exit; +} + + $object=$GLOBALS['object']; $statutarray=array('1' => $langs->trans("OnSell"), '0' => $langs->trans("NotOnSell")); diff --git a/htdocs/product/canvas/service/tpl/card_view.tpl.php b/htdocs/product/canvas/service/tpl/card_view.tpl.php index fd5d9ad73bf..fc129132dee 100644 --- a/htdocs/product/canvas/service/tpl/card_view.tpl.php +++ b/htdocs/product/canvas/service/tpl/card_view.tpl.php @@ -15,6 +15,14 @@ * along with this program. If not, see . */ +// Protection to avoid direct call of template +if (empty($conf) || ! is_object($conf)) +{ + print "Error, template page can't be called as URL"; + exit; +} + + $object=$GLOBALS['object']; ?> diff --git a/htdocs/product/canvas/service/tpl/list.tpl.php b/htdocs/product/canvas/service/tpl/list.tpl.php index ee2a894de98..9951c71fcc3 100644 --- a/htdocs/product/canvas/service/tpl/list.tpl.php +++ b/htdocs/product/canvas/service/tpl/list.tpl.php @@ -13,8 +13,15 @@ * * You should have received a copy of the GNU General Public License * along with this program. If not, see . - * */ + +// Protection to avoid direct call of template +if (empty($conf) || ! is_object($conf)) +{ + print "Error, template page can't be called as URL"; + exit; +} + ?> @@ -69,7 +76,7 @@ if ($searchfield['enabled']) { if ($searchfield['search']) { ?> - '; $searchpicto=$form->showFilterAndCheckAddButtons(0); print $searchpicto; diff --git a/htdocs/product/inventory/tpl/inventory.tpl.php b/htdocs/product/inventory/tpl/inventory.tpl.php index 05de0f4c002..cf74aa21bdc 100644 --- a/htdocs/product/inventory/tpl/inventory.tpl.php +++ b/htdocs/product/inventory/tpl/inventory.tpl.php @@ -1,12 +1,22 @@ + @@ -76,37 +86,37 @@
- + - +

- +
Cet inventaire est validé
- + - + $row) { - + + foreach ($lines as $k=>$row) { + $total_pmp+=$row['pmp_stock']; $total_pa+=$row['pa_stock']; $total_pmp_actual+=$row['pmp_actual']; $total_pa_actual+=$row['pa_actual']; - + if($i%20 === 0) { _headerList($view); @@ -126,18 +136,18 @@ if(!empty($conf->global->INVENTORY_USE_MIN_PA_IF_NO_LAST_PA)){ echo ''; $total_current_pa+=$row['current_pa_stock']; - } - + } + ?> rights->stock->changePMP)) { - echo ''; + echo ''; } ?> @@ -145,8 +155,8 @@ if(!empty($conf->global->INVENTORY_USE_MIN_PA_IF_NO_LAST_PA)){ echo ''; $total_current_pa_actual+=$row['current_pa_actual']; - } - + } + ?> @@ -154,25 +164,25 @@ -
'.price($row['current_pa_stock']).'    - + '.$row['pmp_new'].''.$row['pmp_new'].''.price($row['current_pa_actual']).'
- + status != 1) { ?>
trans('Modify') ?> - rights->stock->changePMP)) { echo ''.$langs->trans('ApplyPMP').''; } - + if ($can_validate == 1) { ?> trans('RegulateStock') ?> @@ -193,13 +203,13 @@ trans('Delete') ?> - +

Date de création : getDate('datec') ?>
Dernière mise à jour : getDate('tms') ?>

- - + + diff --git a/htdocs/product/stock/tpl/stockcorrection.tpl.php b/htdocs/product/stock/tpl/stockcorrection.tpl.php index 4242121177c..732fa8c889d 100644 --- a/htdocs/product/stock/tpl/stockcorrection.tpl.php +++ b/htdocs/product/stock/tpl/stockcorrection.tpl.php @@ -17,6 +17,14 @@ * $object must be defined * $backtopage */ + +// Protection to avoid direct call of template +if (empty($conf) || ! is_object($conf)) +{ + print "Error, template page can't be called as URL"; + exit; +} + ?> diff --git a/htdocs/product/stock/tpl/stocktransfer.tpl.php b/htdocs/product/stock/tpl/stocktransfer.tpl.php index 6d028da5663..18f6b831cf2 100644 --- a/htdocs/product/stock/tpl/stocktransfer.tpl.php +++ b/htdocs/product/stock/tpl/stocktransfer.tpl.php @@ -17,6 +17,14 @@ * $object must be defined * $backtopage */ + +// Protection to avoid direct call of template +if (empty($conf) || ! is_object($conf)) +{ + print "Error, template page can't be called as URL"; + exit; +} + ?> diff --git a/htdocs/societe/canvas/company/tpl/card_create.tpl.php b/htdocs/societe/canvas/company/tpl/card_create.tpl.php index d542f0553ba..80740381e05 100644 --- a/htdocs/societe/canvas/company/tpl/card_create.tpl.php +++ b/htdocs/societe/canvas/company/tpl/card_create.tpl.php @@ -14,8 +14,15 @@ * * You should have received a copy of the GNU General Public License * along with this program. If not, see . - * */ + +// Protection to avoid direct call of template +if (empty($conf) || ! is_object($conf)) +{ + print "Error, template page can't be called as URL"; + exit; +} + ?> diff --git a/htdocs/societe/canvas/company/tpl/card_edit.tpl.php b/htdocs/societe/canvas/company/tpl/card_edit.tpl.php index 1f6201ec829..82474ae405f 100644 --- a/htdocs/societe/canvas/company/tpl/card_edit.tpl.php +++ b/htdocs/societe/canvas/company/tpl/card_edit.tpl.php @@ -14,9 +14,16 @@ * * You should have received a copy of the GNU General Public License * along with this program. If not, see . - * */ +// Protection to avoid direct call of template +if (empty($conf) || ! is_object($conf)) +{ + print "Error, template page can't be called as URL"; + exit; +} + + $contact = $GLOBALS['objcanvas']->control->object; ?> diff --git a/htdocs/societe/canvas/company/tpl/card_view.tpl.php b/htdocs/societe/canvas/company/tpl/card_view.tpl.php index 21645f14d00..3865e9b95a0 100644 --- a/htdocs/societe/canvas/company/tpl/card_view.tpl.php +++ b/htdocs/societe/canvas/company/tpl/card_view.tpl.php @@ -13,9 +13,16 @@ * * You should have received a copy of the GNU General Public License * along with this program. If not, see . - * */ +// Protection to avoid direct call of template +if (empty($conf) || ! is_object($conf)) +{ + print "Error, template page can't be called as URL"; + exit; +} + + $soc = $GLOBALS['objcanvas']->control->object; ?> diff --git a/htdocs/societe/canvas/individual/tpl/card_create.tpl.php b/htdocs/societe/canvas/individual/tpl/card_create.tpl.php index 1be20214c35..ba5aaf68e44 100644 --- a/htdocs/societe/canvas/individual/tpl/card_create.tpl.php +++ b/htdocs/societe/canvas/individual/tpl/card_create.tpl.php @@ -14,8 +14,15 @@ * * You should have received a copy of the GNU General Public License * along with this program. If not, see . - * */ + +// Protection to avoid direct call of template +if (empty($conf) || ! is_object($conf)) +{ + print "Error, template page can't be called as URL"; + exit; +} + ?> diff --git a/htdocs/societe/canvas/individual/tpl/card_edit.tpl.php b/htdocs/societe/canvas/individual/tpl/card_edit.tpl.php index 90543958902..76db85282db 100644 --- a/htdocs/societe/canvas/individual/tpl/card_edit.tpl.php +++ b/htdocs/societe/canvas/individual/tpl/card_edit.tpl.php @@ -14,8 +14,15 @@ * * You should have received a copy of the GNU General Public License * along with this program. If not, see . - * */ + +// Protection to avoid direct call of template +if (empty($conf) || ! is_object($conf)) +{ + print "Error, template page can't be called as URL"; + exit; +} + ?> diff --git a/htdocs/societe/canvas/individual/tpl/card_view.tpl.php b/htdocs/societe/canvas/individual/tpl/card_view.tpl.php index 10136048ae6..359f4ec7b44 100644 --- a/htdocs/societe/canvas/individual/tpl/card_view.tpl.php +++ b/htdocs/societe/canvas/individual/tpl/card_view.tpl.php @@ -13,9 +13,16 @@ * * You should have received a copy of the GNU General Public License * along with this program. If not, see . - * */ +// Protection to avoid direct call of template +if (empty($conf) || ! is_object($conf)) +{ + print "Error, template page can't be called as URL"; + exit; +} + + $object = $GLOBALS['objcanvas']->control->object; ?> diff --git a/htdocs/societe/tpl/linesalesrepresentative.tpl.php b/htdocs/societe/tpl/linesalesrepresentative.tpl.php index 3ec07697ec7..dc6d6ec4d08 100644 --- a/htdocs/societe/tpl/linesalesrepresentative.tpl.php +++ b/htdocs/societe/tpl/linesalesrepresentative.tpl.php @@ -1,5 +1,12 @@ '; print ' -
'; print $langs->trans('SalesRepresentatives'); diff --git a/htdocs/supplier_proposal/tpl/linkedobjectblock.tpl.php b/htdocs/supplier_proposal/tpl/linkedobjectblock.tpl.php index d313eca10bd..8c49e42f557 100644 --- a/htdocs/supplier_proposal/tpl/linkedobjectblock.tpl.php +++ b/htdocs/supplier_proposal/tpl/linkedobjectblock.tpl.php @@ -17,6 +17,13 @@ * along with this program. If not, see . */ +// Protection to avoid direct call of template +if (empty($conf) || ! is_object($conf)) +{ + print "Error, template page can't be called as URL"; + exit; +} + ?> @@ -33,7 +40,7 @@ $var=true; foreach($linkedObjectBlock as $key => $objectlink) { $ilink++; - + $trclass=($var?'pair':'impair'); if ($ilink == count($linkedObjectBlock) && empty($noMoreLinkedObjectBlockAfter) && count($linkedObjectBlock) <= 1) $trclass.=' liste_sub_total'; ?> @@ -64,7 +71,7 @@ if (count($linkedObjectBlock) > 1)