From 90881f2fa9a7ee022a4d1416e45aaa140bc1ab3c Mon Sep 17 00:00:00 2001
From: Laurent Destailleur <eldy@destailleur.fr>
Date: Mon, 7 Nov 2016 00:09:53 +0100
Subject: [PATCH] FIX Sanitize title of ajax_dialog

---
 htdocs/core/lib/ajax.lib.php | 3 ++-
 htdocs/main.inc.php          | 2 +-
 2 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/htdocs/core/lib/ajax.lib.php b/htdocs/core/lib/ajax.lib.php
index 4b0ae91ee3f..3914b59b9f6 100644
--- a/htdocs/core/lib/ajax.lib.php
+++ b/htdocs/core/lib/ajax.lib.php
@@ -322,7 +322,8 @@ function ajax_dialog($title,$message,$w=350,$h=150)
 {
 	global $langs;
 
-	$msg= '<div id="dialog-info" title="'.dol_escape_htmltag($title).'">';
+	$newtitle=dol_textishtml($title)?dol_string_nohtmltag($title,1):$title;
+	$msg= '<div id="dialog-info" title="'.dol_escape_htmltag($newtitle).'">';
 	$msg.= $message;
 	$msg.= '</div>'."\n";
     $msg.= '<script type="text/javascript">
diff --git a/htdocs/main.inc.php b/htdocs/main.inc.php
index 09b327967b6..5e83b1e6cf8 100644
--- a/htdocs/main.inc.php
+++ b/htdocs/main.inc.php
@@ -1902,7 +1902,7 @@ if (! function_exists("llxFooter"))
                 print '<div class="error">'.$msg.'</div>';
             }
 
-            define("MAIN_CORE_ERROR",0);
+            //define("MAIN_CORE_ERROR",0);      // Constant was defined and we can't change value of a constant
         }
 
         print "\n\n";