diff --git a/htdocs/fichinter/document.php b/htdocs/fichinter/document.php index b4a4b8052c2..5057a85acd0 100644 --- a/htdocs/fichinter/document.php +++ b/htdocs/fichinter/document.php @@ -4,6 +4,7 @@ * Copyright (C) 2005 Marc Barilley / Ocebo * Copyright (C) 2005-2009 Regis Houssin * Copyright (C) 2005 Simon TOSSER + * Copyright (C) 2011 Juanjo Menent * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -37,7 +38,8 @@ $langs->load("other"); $langs->load("fichinter"); $langs->load("companies"); -$fichinterid = isset($_GET["id"])?$_GET["id"]:''; +$fichinterid = GETPOST("id"); +$action = GETPOST("action"); // Security check if ($user->societe_id) $socid=$user->societe_id; @@ -57,7 +59,7 @@ if (! $sortfield) $sortfield="name"; $object = new Fichinter($db); -$object->fetch($_GET["id"]); +$object->fetch($fichinterid); $upload_dir = $conf->ficheinter->dir_output.'/'.dol_sanitizeFileName($object->ref); $modulepart='fichinter'; @@ -66,7 +68,7 @@ $modulepart='fichinter'; /* * Action envoie fichier */ -if ($_POST["sendit"] && ! empty($conf->global->MAIN_UPLOAD_DOC)) +if (GETPOST("sendit") && ! empty($conf->global->MAIN_UPLOAD_DOC)) { require_once(DOL_DOCUMENT_ROOT."/lib/files.lib.php"); @@ -118,9 +120,9 @@ if ($object->id) echo '
'.$error_msg.'

'; } - if ($_GET["action"] == 'delete') + if ($action == 'delete') { - $file = $upload_dir . '/' . $_GET['urlfile']; // Do not use urldecode here ($_GET and $_REQUEST are already decoded by PHP). + $file = $upload_dir . '/' . GETPOST("urlfile"); // Do not use urldecode here ($_GET and $_REQUEST are already decoded by PHP). $result=dol_delete_file($file); //if ($result >= 0) $mesg=$langs->trans("FileWasRemoced"); } diff --git a/htdocs/fichinter/index.php b/htdocs/fichinter/index.php index a9909524dc3..3c5d0df9c63 100644 --- a/htdocs/fichinter/index.php +++ b/htdocs/fichinter/index.php @@ -2,6 +2,7 @@ /* Copyright (C) 2002-2003 Rodolphe Quiedeville * Copyright (C) 2004-2010 Laurent Destailleur * Copyright (C) 2005-2009 Regis Houssin + * Copyright (C) 2011 Juanjo Menent * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -41,11 +42,11 @@ $offset = $conf->liste_limit * $page; $pageprev = $page - 1; $pagenext = $page + 1; -$socid=$_GET["socid"]?$_GET["socid"]:$_POST["socid"]; -$page=$_GET["page"]?$_GET["page"]:$_POST["page"]; +$socid=GETPOST("socid"); +$page=GETPOST("page"); // Security check -$fichinterid = isset($_GET["id"])?$_GET["id"]:''; +$fichinterid = GETPOST("id"); if ($user->societe_id) $socid=$user->societe_id; $result = restrictedArea($user, 'ficheinter', $fichinterid,'fichinter'); @@ -58,9 +59,9 @@ $offset = $limit * $page ; $pageprev = $page - 1; $pagenext = $page + 1; -$search_ref=isset($_GET["search_ref"])?$_GET["search_ref"]:$_POST["search_ref"]; -$search_company=isset($_GET["search_company"])?$_GET["search_company"]:$_POST["search_company"]; -$search_desc=isset($_GET["search_desc"])?$_GET["search_desc"]:$_POST["search_desc"]; +$search_ref=GETPOST("search_ref"); +$search_company=GETPOST("search_company"); +$search_desc=getpost("search_desc"); /* diff --git a/htdocs/fichinter/info.php b/htdocs/fichinter/info.php index 03ab01b609d..22f934f35f6 100644 --- a/htdocs/fichinter/info.php +++ b/htdocs/fichinter/info.php @@ -1,6 +1,7 @@ * Copyright (C) 2009-2010 Laurent Destailleur + * Copyright (C) 2011 Juanjo Menent * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -31,7 +32,7 @@ require_once(DOL_DOCUMENT_ROOT."/lib/fichinter.lib.php"); $langs->load('companies'); -$fichinterid = isset($_GET["id"])?$_GET["id"]:''; +$fichinterid = GETPOST("id"); // Security check if ($user->societe_id) $socid=$user->societe_id; @@ -45,7 +46,7 @@ $result = restrictedArea($user, 'ficheinter', $fichinterid, 'fichinter'); llxHeader(); $fichinter = new Fichinter($db); -$fichinter->fetch($_GET['id']); +$fichinter->fetch($fichinterid); $societe = new Societe($db); $societe->fetch($fichinter->socid); diff --git a/htdocs/fichinter/note.php b/htdocs/fichinter/note.php index f3ed1e26005..7b3a9cdea82 100644 --- a/htdocs/fichinter/note.php +++ b/htdocs/fichinter/note.php @@ -1,5 +1,6 @@ + * Copyright (C) 2011 Juanjo Menent * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -29,7 +30,8 @@ require_once(DOL_DOCUMENT_ROOT."/lib/fichinter.lib.php"); $langs->load('companies'); -$fichinterid = isset($_GET["id"])?$_GET["id"]:''; +$fichinterid = GETPOST("id"); +$action=GETPOST("action"); // Security check if ($user->societe_id) $socid=$user->societe_id; @@ -40,14 +42,14 @@ $result = restrictedArea($user, 'ficheinter', $fichinterid, 'fichinter'); /* Actions */ /******************************************************************************/ -if ($_POST["action"] == 'update_public' && $user->rights->ficheinter->creer) +if ($action == 'update_public' && $user->rights->ficheinter->creer) { $fichinter = new Fichinter($db); - $fichinter->fetch($_GET['id']); + $fichinter->fetch($fichinterid); $db->begin(); - $res=$fichinter->update_note_public($_POST["note_public"],$user); + $res=$fichinter->update_note_public(GETPOST("note_public"),$user); if ($res < 0) { $mesg='
'.$fichinter->error.'
'; @@ -59,14 +61,14 @@ if ($_POST["action"] == 'update_public' && $user->rights->ficheinter->creer) } } -if ($_POST['action'] == 'update' && $user->rights->ficheinter->creer) +if ($action == 'update' && $user->rights->ficheinter->creer) { $fichinter = new Fichinter($db); - $fichinter->fetch($_GET['id']); + $fichinter->fetch($fichinterid); $db->begin(); - $res=$fichinter->update_note($_POST["note_private"],$user); + $res=$fichinter->update_note(GETPOST("note_private"),$user); if ($res < 0) { $mesg='
'.$fichinter->error.'
'; @@ -88,12 +90,12 @@ llxHeader(); $html = new Form($db); -if ($_GET['id']) +if ($fichinterid) { if ($mesg) print $mesg; $fichinter = new Fichinter($db); - if ( $fichinter->fetch($_GET['id']) ) + if ( $fichinter->fetch($fichinterid) ) { $societe = new Societe($db); if ( $societe->fetch($fichinter->socid) ) @@ -111,7 +113,7 @@ if ($_GET['id']) // Note publique print ''.$langs->trans("NotePublic").' :'; print ''; - if ($_GET["action"] == 'edit') + if ($action == 'edit') { print '
'; print ''; @@ -131,7 +133,7 @@ if ($_GET['id']) { print ''.$langs->trans("NotePrivate").' :'; print ''; - if ($_GET["action"] == 'edit') + if ($action == 'edit') { print ''; print ''; @@ -156,7 +158,7 @@ if ($_GET['id']) */ print '
'; - if ($user->rights->ficheinter->creer && $_GET['action'] <> 'edit') + if ($user->rights->ficheinter->creer && GETPOST("action") <> 'edit') { print ''.$langs->trans('Modify').''; }