From ac68599fab8c79acbdaac5c3cb255ec904c8c2c7 Mon Sep 17 00:00:00 2001
From: Laurent Destailleur <eldy@destailleur.fr>
Date: Sat, 24 Apr 2021 21:02:48 +0200
Subject: [PATCH] Fix #yogosha5877

---
 .../modulebuilder/template/class/api_mymodule.class.php   | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/htdocs/modulebuilder/template/class/api_mymodule.class.php b/htdocs/modulebuilder/template/class/api_mymodule.class.php
index da616de0d82..47a3ac984f9 100644
--- a/htdocs/modulebuilder/template/class/api_mymodule.class.php
+++ b/htdocs/modulebuilder/template/class/api_mymodule.class.php
@@ -208,12 +208,17 @@ class MyModuleApi extends DolibarrApi
 		if (!DolibarrApiAccess::$user->rights->mymodule->write) {
 			throw new RestException(401);
 		}
+
 		// Check mandatory fields
 		$result = $this->_validate($request_data);
 
 		foreach ($request_data as $field => $value) {
 			$this->myobject->$field = $value;
 		}
+
+		// Clean data
+		// $this->myobject->abc = checkVal($this->myobject->abc, 'alphanohtml');
+
 		if ($this->myobject->create(DolibarrApiAccess::$user)<0) {
 			throw new RestException(500, "Error creating MyObject", array_merge(array($this->myobject->error), $this->myobject->errors));
 		}
@@ -253,6 +258,9 @@ class MyModuleApi extends DolibarrApi
 			$this->myobject->$field = $value;
 		}
 
+		// Clean data
+		// $this->myobject->abc = checkVal($this->myobject->abc, 'alphanohtml');
+
 		if ($this->myobject->update(DolibarrApiAccess::$user, false) > 0) {
 			return $this->get($id);
 		} else {