From 9a8c5d5c2932a9f4c0c254ee18c6a08905ba68c7 Mon Sep 17 00:00:00 2001
From: Laurent Destailleur <eldy@destailleur.fr>
Date: Thu, 21 Nov 2019 15:36:30 +0100
Subject: [PATCH] Sanitize param

---
 htdocs/projet/info.php      | 2 +-
 htdocs/projet/list.php      | 2 +-
 htdocs/resource/list.php    | 2 +-
 htdocs/ticket/agenda.php    | 2 +-
 htdocs/ticket/messaging.php | 2 +-
 5 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/htdocs/projet/info.php b/htdocs/projet/info.php
index e6d35f5ee9e..7a9521c7518 100644
--- a/htdocs/projet/info.php
+++ b/htdocs/projet/info.php
@@ -39,7 +39,7 @@ $action = GETPOST('action', 'aZ09');
 $limit = GETPOST('limit', 'int')?GETPOST('limit', 'int'):$conf->liste_limit;
 $sortfield = GETPOST("sortfield", "alpha");
 $sortorder = GETPOST("sortorder");
-$page = GETPOST("page");
+$page = GETPOST("page", 'int');
 $page = is_numeric($page) ? $page : 0;
 $page = $page == -1 ? 0 : $page;
 if (! $sortfield) $sortfield="a.datep,a.id";
diff --git a/htdocs/projet/list.php b/htdocs/projet/list.php
index d5c37b81fa6..1eed25433db 100644
--- a/htdocs/projet/list.php
+++ b/htdocs/projet/list.php
@@ -62,7 +62,7 @@ $diroutputmassaction = $conf->projet->dir_output.'/temp/massgeneration/'.$user->
 $limit = GETPOST('limit', 'int') ?GETPOST('limit', 'int') : $conf->liste_limit;
 $sortfield = GETPOST("sortfield", "alpha");
 $sortorder = GETPOST("sortorder");
-$page = GETPOST("page");
+$page = GETPOST("page", 'int');
 $page = is_numeric($page) ? $page : 0;
 $page = $page == -1 ? 0 : $page;
 if (!$sortfield) $sortfield = "p.ref";
diff --git a/htdocs/resource/list.php b/htdocs/resource/list.php
index 98f30ac22db..e1bf458b6e4 100644
--- a/htdocs/resource/list.php
+++ b/htdocs/resource/list.php
@@ -93,7 +93,7 @@ if (empty($sortfield)) $sortfield="t.ref";
 if (empty($arch)) $arch = 0;
 
 $limit = GETPOST('limit', 'int')?GETPOST('limit', 'int'):$conf->liste_limit;
-$page = GETPOST("page");
+$page = GETPOST("page", 'int');
 if (empty($page) || $page == -1) { $page = 0; }     // If $page is not defined, or '' or -1
 $offset = $limit * $page ;
 $pageprev = $page - 1;
diff --git a/htdocs/ticket/agenda.php b/htdocs/ticket/agenda.php
index 49b901c6d12..68cef779261 100644
--- a/htdocs/ticket/agenda.php
+++ b/htdocs/ticket/agenda.php
@@ -43,7 +43,7 @@ $action   = GETPOST('action', 'aZ09');
 $limit = GETPOST('limit', 'int') ?GETPOST('limit', 'int') : $conf->liste_limit;
 $sortfield = GETPOST("sortfield", "alpha");
 $sortorder = GETPOST("sortorder");
-$page = GETPOST("page");
+$page = GETPOST("page", 'int');
 $page = is_numeric($page) ? $page : 0;
 $page = $page == -1 ? 0 : $page;
 if (!$sortfield) $sortfield = "a.datep,a.id";
diff --git a/htdocs/ticket/messaging.php b/htdocs/ticket/messaging.php
index da7bf1aaadc..ee90a166b68 100644
--- a/htdocs/ticket/messaging.php
+++ b/htdocs/ticket/messaging.php
@@ -43,7 +43,7 @@ $action   = GETPOST('action', 'aZ09');
 $limit = GETPOST('limit', 'int') ?GETPOST('limit', 'int') : $conf->liste_limit;
 $sortfield = GETPOST("sortfield", "alpha");
 $sortorder = GETPOST("sortorder");
-$page = GETPOST("page");
+$page = GETPOST("page", 'int');
 $page = is_numeric($page) ? $page : 0;
 $page = $page == -1 ? 0 : $page;
 if (!$sortfield) $sortfield = "a.datep,a.id";