diff --git a/htdocs/comm/propal/card.php b/htdocs/comm/propal/card.php
index f2c549f91f7..e14a2c05246 100644
--- a/htdocs/comm/propal/card.php
+++ b/htdocs/comm/propal/card.php
@@ -1363,6 +1363,9 @@ if (empty($reshook)) {
$date_end = dol_mktime(GETPOST('date_endhour'), GETPOST('date_endmin'), GETPOST('date_endsec'), GETPOST('date_endmonth'), GETPOST('date_endday'), GETPOST('date_endyear'));
$remise_percent = price2num(GETPOST('remise_percent'), '', 2);
+ if (empty($remise_percent)) {
+ $remise_percent = 0;
+ }
// Prepare a price equivalent for minimum price check
$pu_equivalent = $pu_ht;
diff --git a/htdocs/core/actions_sendmails.inc.php b/htdocs/core/actions_sendmails.inc.php
index 4f7580bb8ca..5744316eb4a 100644
--- a/htdocs/core/actions_sendmails.inc.php
+++ b/htdocs/core/actions_sendmails.inc.php
@@ -190,7 +190,7 @@ if (($action == 'send' || $action == 'relance') && !GETPOST('addfile') && !GETPO
$tmparray[] = trim(GETPOST('sendto', 'alphawithlgt'));
}
- if (trim($_POST['tomail'])) {
+ if (isset($_POST['tomail']) && trim($_POST['tomail'])) {
// Recipients are provided into free hidden text field
$tmparray[] = trim(GETPOST('tomail', 'alphawithlgt'));
}
@@ -346,7 +346,7 @@ if (($action == 'send' || $action == 'relance') && !GETPOST('addfile') && !GETPO
// Make substitution in email content
$substitutionarray = getCommonSubstitutionArray($langs, 0, null, $object);
$substitutionarray['__EMAIL__'] = $sendto;
- $substitutionarray['__CHECK_READ__'] = (is_object($object) && is_object($object->thirdparty)) ? '.'&securitykey='.urlencode($conf->global->MAILING_EMAIL_UNSUBSCRIBE_KEY).')
' : '';
+ $substitutionarray['__CHECK_READ__'] = (is_object($object) && is_object($object->thirdparty)) ? '.'&securitykey='.urlencode($conf->global->MAILING_EMAIL_UNSUBSCRIBE_KEY).')
' : '';
$parameters = array('mode'=>'formemail');
complete_substitutions_array($substitutionarray, $langs, $object, $parameters);
diff --git a/htdocs/core/lib/files.lib.php b/htdocs/core/lib/files.lib.php
index 23659cd769b..97b803822e9 100644
--- a/htdocs/core/lib/files.lib.php
+++ b/htdocs/core/lib/files.lib.php
@@ -2842,9 +2842,9 @@ function dol_check_secure_access_document($modulepart, $original_file, $entity,
}
$original_file = $conf->deplacement->dir_output.'/'.$original_file;
//$sqlprotectagainstexternals = "SELECT fk_soc as fk_soc FROM ".MAIN_DB_PREFIX."fichinter WHERE ref='".$db->escape($refname)."' AND entity=".$conf->entity;
- } elseif (($modulepart == 'propal' || $modulepart == 'propale') && !empty($conf->propal->multidir_output[$entity])) {
+ } elseif (($modulepart == 'propal' || $modulepart == 'propale') && isset($conf->propal->multidir_output[$entity])) {
// Wrapping pour les propales
- if ($fuser->rights->propal->{$lire} || preg_match('/^specimen/i', $original_file)) {
+ if (property_exists($fuser->rights, 'propal') && ($fuser->rights->propal->{$lire} || preg_match('/^specimen/i', $original_file))) {
$accessallowed = 1;
}
$original_file = $conf->propal->multidir_output[$entity].'/'.$original_file;
@@ -2950,7 +2950,7 @@ function dol_check_secure_access_document($modulepart, $original_file, $entity,
if (empty($entity) || (empty($conf->product->multidir_output[$entity]) && empty($conf->service->multidir_output[$entity]))) {
return array('accessallowed'=>0, 'error'=>'Value entity must be provided');
}
- if (($fuser->rights->produit->{$lire} || $fuser->rights->service->{$lire}) || preg_match('/^specimen/i', $original_file)) {
+ if ((isset($fuser->rights->produit) && $fuser->rights->produit->{$lire}) || (isset($fuser->rights->service) && $fuser->rights->service->{$lire}) || preg_match('/^specimen/i', $original_file)) {
$accessallowed = 1;
}
if (isModEnabled("product")) {