Fix /categories/edit.php which used type parameter instead of object's type
Do not read type parameter Security check, display error and exit Get type from category object
This commit is contained in:
StephaneLesage
Stephane Lesage
parent
9d31780155
commit
7749138a81
@ -35,7 +35,6 @@ $langs->load("categories");
|
||||
|
||||
$id = GETPOST('id', 'int');
|
||||
$ref = GETPOST('ref', 'alphanohtml');
|
||||
$type = GETPOST('type', 'aZ09'); // Can be int or string
|
||||
$action = (GETPOST('action', 'aZ09') ?GETPOST('action', 'aZ09') : 'edit');
|
||||
$confirm = GETPOST('confirm');
|
||||
$cancel = GETPOST('cancel', 'alpha');
|
||||
@ -56,10 +55,14 @@ if ($id == "") {
|
||||
$result = restrictedArea($user, 'categorie', $id, '&category');
|
||||
|
||||
$object = new Categorie($db);
|
||||
if ($id > 0) {
|
||||
$result = $object->fetch($id);
|
||||
$result = $object->fetch($id, $label);
|
||||
if ($result <= 0) {
|
||||
dol_print_error($db, $object->error); exit;
|
||||
}
|
||||
|
||||
$type = $object->type;
|
||||
if (is_numeric($type)) $type = Categorie::$MAP_ID_TO_CODE[$type]; // For backward compatibility
|
||||
|
||||
$extrafields = new ExtraFields($db);
|
||||
$extrafields->fetch_name_optionals_label($object->table_element);
|
||||
|
||||
|
||||
@ -43,10 +43,11 @@ if ($user->socid) $socid = $user->socid;
|
||||
$result = restrictedArea($user, 'categorie', $id, '&category');
|
||||
|
||||
$object = new Categorie($db);
|
||||
if (!$object->fetch($id) > 0) {
|
||||
dol_print_error($db);
|
||||
exit;
|
||||
$result = $object->fetch($id);
|
||||
if ($result <= 0) {
|
||||
dol_print_error($db, $object->error); exit;
|
||||
}
|
||||
|
||||
$type = $object->type;
|
||||
if (is_numeric($type)) $type = Categorie::$MAP_ID_TO_CODE[$type]; // For backward compatibility
|
||||
|
||||
|
||||
@ -38,7 +38,6 @@ $langs->loadlangs(array('categories', 'bills'));
|
||||
|
||||
$id = GETPOST('id', 'int');
|
||||
$label = GETPOST('label', 'alpha');
|
||||
$type = GETPOST('type');
|
||||
$action = GETPOST('action', 'aZ09');
|
||||
$confirm = GETPOST('confirm');
|
||||
|
||||
@ -52,7 +51,7 @@ if ($id == '' && $label == '')
|
||||
$result = restrictedArea($user, 'categorie', $id, '&category');
|
||||
|
||||
$object = new Categorie($db);
|
||||
$result = $object->fetch($id, $label, $type);
|
||||
$result = $object->fetch($id, $label);
|
||||
if ($result <= 0) {
|
||||
dol_print_error($db, $object->error); exit;
|
||||
}
|
||||
@ -60,10 +59,12 @@ $object->fetch_optionals();
|
||||
if ($result <= 0) {
|
||||
dol_print_error($db, $object->error); exit;
|
||||
}
|
||||
$upload_dir = $conf->categorie->multidir_output[$object->entity];
|
||||
|
||||
$type = $object->type;
|
||||
if (is_numeric($type)) $type = Categorie::$MAP_ID_TO_CODE[$type]; // For backward compatibility
|
||||
|
||||
$upload_dir = $conf->categorie->multidir_output[$object->entity];
|
||||
|
||||
/*
|
||||
* Actions
|
||||
*/
|
||||
|
||||
@ -39,7 +39,6 @@ $id = GETPOST('id', 'int');
|
||||
$label = GETPOST('label', 'alpha');
|
||||
$action = GETPOST('action', 'aZ09');
|
||||
$cancel = GETPOST('cancel', 'alpha');
|
||||
$type = GETPOST('type', 'aZ09');
|
||||
|
||||
if ($id == '' && $label == '')
|
||||
{
|
||||
@ -51,7 +50,7 @@ if ($id == '' && $label == '')
|
||||
$result = restrictedArea($user, 'categorie', $id, '&category');
|
||||
|
||||
$object = new Categorie($db);
|
||||
$result = $object->fetch($id, $label, $type);
|
||||
$result = $object->fetch($id, $label);
|
||||
if ($result <= 0) {
|
||||
dol_print_error($db, $object->error); exit;
|
||||
}
|
||||
@ -60,6 +59,7 @@ if ($result <= 0) {
|
||||
dol_print_error($db, $object->error); exit;
|
||||
}
|
||||
|
||||
$type = $object->type;
|
||||
if (is_numeric($type)) $type = Categorie::$MAP_ID_TO_CODE[$type]; // For backward compatibility
|
||||
|
||||
/*
|
||||
|
||||
@ -38,7 +38,6 @@ $langs->load("categories");
|
||||
|
||||
$id = GETPOST('id', 'int');
|
||||
$label = GETPOST('label', 'alpha');
|
||||
$type = GETPOST('type', 'aZ09');
|
||||
$removeelem = GETPOST('removeelem', 'int');
|
||||
$elemid = GETPOST('elemid', 'int');
|
||||
|
||||
@ -73,7 +72,7 @@ if ($id == "" && $label == "")
|
||||
$result = restrictedArea($user, 'categorie', $id, '&category');
|
||||
|
||||
$object = new Categorie($db);
|
||||
$result = $object->fetch($id, $label, $type);
|
||||
$result = $object->fetch($id, $label);
|
||||
if ($result <= 0) {
|
||||
dol_print_error($db, $object->error); exit;
|
||||
}
|
||||
@ -82,10 +81,7 @@ if ($result <= 0) {
|
||||
dol_print_error($db, $object->error); exit;
|
||||
}
|
||||
|
||||
$objecttype = $object->type;
|
||||
if (is_numeric($objecttype)) $objecttype = Categorie::$MAP_ID_TO_CODE[$objecttype];
|
||||
if ($type === '') $type = $objecttype;
|
||||
|
||||
$type = $object->type;
|
||||
if (is_numeric($type)) $type = Categorie::$MAP_ID_TO_CODE[$type]; // For backward compatibility
|
||||
|
||||
$extrafields = new ExtraFields($db);
|
||||
@ -94,12 +90,6 @@ $extrafields->fetch_name_optionals_label($object->table_element);
|
||||
// Initialize technical object to manage hooks. Note that conf->hooks_modules contains array array
|
||||
$hookmanager->initHooks(array('categorycard', 'globalcard'));
|
||||
|
||||
// Protection when type provided is not similare to type of category
|
||||
if ($objecttype != $type) {
|
||||
print 'Error: Value for type parameter does not match value of the type of the category with id='.$id;
|
||||
exit;
|
||||
}
|
||||
|
||||
/*
|
||||
* Actions
|
||||
*/
|
||||
|
||||
Loading…
Reference in New Issue
Block a user