Fix: ajout d'un jeton alatoire dans les requetes POST
This commit is contained in:
Regis Houssin
parent
8efffebe2e
commit
b1e630a3fa
@ -921,6 +921,7 @@ if ($_GET['action'] == 'create' && $user->rights->commande->creer)
|
||||
$nbrow=10;
|
||||
|
||||
print '<form name="crea_commande" action="fiche.php" method="post">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
print '<input type="hidden" name="action" value="add">';
|
||||
print '<input type="hidden" name="socid" value="'.$soc->id.'">' ."\n";
|
||||
print '<input type="hidden" name="remise_percent" value="'.$soc->remise_client.'">';
|
||||
@ -1293,6 +1294,7 @@ else
|
||||
if ($user->rights->commande->creer && $_GET['action'] == 'RefCustomerOrder')
|
||||
{
|
||||
print '<form action="fiche.php?id='.$id.'" method="post">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
print '<input type="hidden" name="action" value="set_ref_client">';
|
||||
print '<input type="text" class="flat" size="20" name="ref_client" value="'.$commande->ref_client.'">';
|
||||
print ' <input type="submit" class="button" value="'.$langs->trans('Modify').'">';
|
||||
@ -1367,6 +1369,7 @@ else
|
||||
if ($_GET['action'] == 'editdate_livraison')
|
||||
{
|
||||
print '<form name="setdate_livraison" action="'.$_SERVER["PHP_SELF"].'?id='.$commande->id.'" method="post">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
print '<input type="hidden" name="action" value="setdate_livraison">';
|
||||
$html->select_date($commande->date_livraison,'liv_','','','',"setdate_livraison");
|
||||
print '<input type="submit" class="button" value="'.$langs->trans('Modify').'">';
|
||||
@ -1669,6 +1672,7 @@ else
|
||||
if ($_GET['action'] == 'editline' && $user->rights->commande->creer && $_GET['rowid'] == $objp->rowid)
|
||||
{
|
||||
print '<form action="'.$_SERVER["PHP_SELF"].'#'.$objp->rowid.'" method="post">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
print '<input type="hidden" name="action" value="updateligne">';
|
||||
print '<input type="hidden" name="id" value="'.$id.'">';
|
||||
print '<input type="hidden" name="elrowid" value="'.$_GET['rowid'].'">';
|
||||
@ -1779,6 +1783,7 @@ else
|
||||
|
||||
// Add free products/services form
|
||||
print '<form action="fiche.php?id='.$id.'#add" method="post">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
print '<input type="hidden" name="id" value="'.$id.'">';
|
||||
print '<input type="hidden" name="action" value="addligne">';
|
||||
|
||||
@ -1848,6 +1853,7 @@ else
|
||||
print '</tr>';
|
||||
|
||||
print '<form id="addpredefinedproduct" action="'.$_SERVER["PHP_SELF"].'?id='.$id.'#add" method="post">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
print '<input type="hidden" name="id" value="'.$id.'">';
|
||||
print '<input type="hidden" name="action" value="addligne">';
|
||||
|
||||
|
||||
@ -66,6 +66,7 @@ print '<tr><td valign="top" width="30%" class="notopnoleft">';
|
||||
$var=false;
|
||||
print '<table class="noborder" width="100%">';
|
||||
print '<form method="post" action="liste.php">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
print '<tr class="liste_titre"><td colspan="3">'.$langs->trans("SearchOrder").'</td></tr>';
|
||||
print '<tr '.$bc[$var].'><td>';
|
||||
print $langs->trans("Ref").':</td><td><input type="text" class="flat" name="sf_ref" size=18></td><td rowspan="2"><input type="submit" value="'.$langs->trans("Search").'" class="button"></td></tr>';
|
||||
|
||||
@ -121,6 +121,7 @@ if ($id > 0 || ! empty($ref))
|
||||
if ($_GET["action"] == 'edit')
|
||||
{
|
||||
print '<form method="post" action="'.$_SERVER["PHP_SELF"].'?id='.$commande->id.'">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
print '<input type="hidden" name="action" value="update">';
|
||||
print '<textarea name="note_public" cols="80" rows="8">'.$commande->note_public."</textarea><br>";
|
||||
}
|
||||
|
||||
@ -331,6 +331,7 @@ if ($account || $_GET["ref"])
|
||||
if ($user->rights->banque->modifier && $_GET["action"]=='addline')
|
||||
{
|
||||
print '<form method="post" action="'.$_SERVER["PHP_SELF"].'">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
print '<input type="hidden" name="action" value="add">';
|
||||
print '<input type="hidden" name="vline" value="' . $vline . '">';
|
||||
print '<input type="hidden" name="account" value="' . $acct->id . '">';
|
||||
@ -395,6 +396,7 @@ if ($account || $_GET["ref"])
|
||||
print '</td></tr>';
|
||||
|
||||
print '<form action="'.$_SERVER["PHP_SELF"].'" name="search" method="POST">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
print '<input type="hidden" name="action" value="search">';
|
||||
print '<input type="hidden" name="account" value="' . $acct->id . '">';
|
||||
|
||||
|
||||
@ -238,6 +238,7 @@ if ($_GET["id"] && $_GET["action"] == 'edit' && $user->rights->banque->configure
|
||||
if ($message) { print "$message<br>\n"; }
|
||||
|
||||
print '<form action="'.$_SERVER["PHP_SELF"].'?id='.$account->id.'" method="post">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
print '<input type="hidden" name="action" value="update">';
|
||||
print '<input type="hidden" name="id" value="'.$_GET["id"].'">'."\n\n";
|
||||
|
||||
|
||||
@ -89,6 +89,7 @@ print_fiche_titre($langs->trans("Rubriques"));
|
||||
|
||||
|
||||
print '<form method="post" action="categ.php">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
print "<input type=\"hidden\" name=\"action\" value=\"add\">";
|
||||
print '<table class="noborder" width="100%">';
|
||||
print '<tr class="liste_titre">';
|
||||
|
||||
@ -166,6 +166,7 @@ if ($_GET["action"] == 'create')
|
||||
if ($message) { print "$message<br>\n"; }
|
||||
|
||||
print '<form action="'.$_SERVER["PHP_SELF"].'" name="createbankaccount" method="post">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
print '<input type="hidden" name="action" value="add">';
|
||||
print '<input type="hidden" name="clos" value="0">';
|
||||
|
||||
@ -393,6 +394,7 @@ else
|
||||
if ($message) { print "$message<br>\n"; }
|
||||
|
||||
print '<form action="'.$_SERVER["PHP_SELF"].'?id='.$account->id.'" method="post">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
print '<input type="hidden" name="action" value="update">';
|
||||
print '<input type="hidden" name="id" value="'.$_GET["id"].'">'."\n\n";
|
||||
|
||||
|
||||
@ -197,6 +197,7 @@ if ($resql)
|
||||
$var=!$var;
|
||||
print "<tr $bc[$var]>";
|
||||
print '<form method="post" action="rappro.php?account='.$_GET["account"].'">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
print "<input type=\"hidden\" name=\"action\" value=\"rappro\">";
|
||||
print "<input type=\"hidden\" name=\"account\" value=\"".$_GET["account"]."\">";
|
||||
print "<input type=\"hidden\" name=\"rowid\" value=\"".$objp->rowid."\">";
|
||||
|
||||
@ -146,6 +146,7 @@ if ($resql)
|
||||
print "</tr>\n";
|
||||
|
||||
print '<form method="post" action="search.php">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
print '<tr class="liste_titre">';
|
||||
print '<td class="liste_titre"> </td>';
|
||||
print '<td class="liste_titre"> </td>';
|
||||
|
||||
@ -161,6 +161,7 @@ if ($id > 0 || ! empty($ref))
|
||||
if ($user->rights->commande->creer && $_GET['action'] == 'RefCustomerOrder')
|
||||
{
|
||||
print '<form action="fiche.php?id='.$id.'" method="post">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
print '<input type="hidden" name="action" value="set_ref_client">';
|
||||
print '<input type="text" class="flat" size="20" name="ref_client" value="'.$commande->ref_client.'">';
|
||||
print ' <input type="submit" class="button" value="'.$langs->trans('Modify').'">';
|
||||
@ -235,6 +236,7 @@ if ($id > 0 || ! empty($ref))
|
||||
if ($_GET['action'] == 'editdate_livraison')
|
||||
{
|
||||
print '<form name="setdate_livraison" action="'.$_SERVER["PHP_SELF"].'?id='.$commande->id.'" method="post">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
print '<input type="hidden" name="action" value="setdate_livraison">';
|
||||
$html->select_date($commande->date_livraison,'liv_','','','',"setdate_livraison");
|
||||
print '<input type="submit" class="button" value="'.$langs->trans('Modify').'">';
|
||||
|
||||
@ -212,6 +212,7 @@ if ($_GET["action"] == 'create')
|
||||
if ($mesg) print '<div class="error">'.$mesg.'</div>';
|
||||
|
||||
print '<form name="add" action="fiche.php" method="post">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
print '<table class="border" width="100%">';
|
||||
|
||||
print '<input type="hidden" name="action" value="add">';
|
||||
@ -278,6 +279,7 @@ if ($_GET["rowid"] && $_GET["action"] == 'edit')
|
||||
dol_fiche_head($head, $hselected, $langs->trans("Ref"));
|
||||
|
||||
print '<form name="update" action="fiche.php" method="post">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
print '<table class="border" width="100%">';
|
||||
|
||||
print '<input type="hidden" name="action" value="update">';
|
||||
|
||||
@ -1424,6 +1424,7 @@ if ($_GET['action'] == 'create')
|
||||
if (empty($cond_reglement_id)) $cond_reglement_id=1;
|
||||
|
||||
print '<form name="add" action="'.$_SERVER["PHP_SELF"].'" method="post">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
print '<input type="hidden" name="action" value="add">';
|
||||
print '<input type="hidden" name="socid" value="'.$soc->id.'">' ."\n";
|
||||
print '<input name="facnumber" type="hidden" value="provisoire">';
|
||||
@ -2193,6 +2194,7 @@ else
|
||||
if ($user->rights->facture->creer && $_GET['action'] == 'RefCustomerOrder')
|
||||
{
|
||||
print '<form action="facture.php?facid='.$id.'" method="post">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
print '<input type="hidden" name="action" value="set_ref_client">';
|
||||
print '<input type="text" class="flat" size="20" name="ref_client" value="'.$fac->ref_client.'">';
|
||||
print ' <input type="submit" class="button" value="'.$langs->trans('Modify').'">';
|
||||
@ -2890,6 +2892,7 @@ else
|
||||
if ($_GET['action'] == 'editline' && $user->rights->facture->creer && $_GET['rowid'] == $objp->rowid)
|
||||
{
|
||||
print '<form name="updateligne" action="'.$_SERVER["PHP_SELF"].'#'.$objp->rowid.'" method="post">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
print '<input type="hidden" name="action" value="updateligne">';
|
||||
print '<input type="hidden" name="facid" value="'.$fac->id.'">';
|
||||
print '<input type="hidden" name="rowid" value="'.$_GET['rowid'].'">';
|
||||
@ -3003,6 +3006,7 @@ else
|
||||
|
||||
// Add free products/services form
|
||||
print '<form name="addligne" action="'.$_SERVER['PHP_SELF'].'#add" method="post">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
print '<input type="hidden" name="facid" value="'.$fac->id.'">';
|
||||
print '<input type="hidden" name="action" value="addligne">';
|
||||
|
||||
@ -3071,6 +3075,7 @@ else
|
||||
print '</tr>';
|
||||
|
||||
print '<form id="addpredefinedproduct" action="'.$_SERVER['PHP_SELF'].'#add" method="post">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
print '<input type="hidden" name="facid" value="'.$fac->id.'">';
|
||||
print '<input type="hidden" name="action" value="addligne_predef">';
|
||||
|
||||
|
||||
@ -117,6 +117,7 @@ if ($_GET["facid"] > 0)
|
||||
if ($fac->brouillon == 1 && $user->rights->facture->creer)
|
||||
{
|
||||
print '<form action="facture.php?facid='.$fac->id.'" method="post">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
print '<input type="hidden" name="action" value="setremise">';
|
||||
print '<td colspan="3"><input type="text" name="remise" size="1" value="'.$fac->remise_percent.'">% ';
|
||||
print '<input type="submit" class="button" value="'.$langs->trans('Modify').'"></td>';
|
||||
|
||||
@ -207,6 +207,7 @@ if ($id > 0)
|
||||
$var = false;
|
||||
|
||||
print '<form action="contact.php?facid='.$id.'" method="post">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
print '<input type="hidden" name="action" value="addcontact">';
|
||||
print '<input type="hidden" name="source" value="internal">';
|
||||
print '<input type="hidden" name="id" value="'.$id.'">';
|
||||
@ -236,6 +237,7 @@ if ($id > 0)
|
||||
print '</form>';
|
||||
|
||||
print '<form action="contact.php?facid='.$id.'" method="post">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
print '<input type="hidden" name="action" value="addcontact">';
|
||||
print '<input type="hidden" name="source" value="external">';
|
||||
print '<input type="hidden" name="id" value="'.$id.'">';
|
||||
|
||||
@ -110,6 +110,7 @@ if ($_GET["action"] == 'create')
|
||||
if ($facture->fetch($_GET["facid"]) > 0)
|
||||
{
|
||||
print '<form action="fiche-rec.php" method="post">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
print '<input type="hidden" name="action" value="add">';
|
||||
print '<input type="hidden" name="facid" value="'.$facture->id.'">';
|
||||
|
||||
|
||||
@ -308,6 +308,7 @@ if ($result)
|
||||
$total_payed=0;
|
||||
|
||||
print '<form id="form_generate_pdf" method="post" action="'.$_SERVER["PHP_SELF"].'?sortfield='. $_GET['sortfield'] .'&sortorder='. $_GET['sortorder'] .'">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
|
||||
while ($i < $num)
|
||||
{
|
||||
|
||||
@ -117,6 +117,7 @@ if ($_GET["facid"])
|
||||
if ($_GET["action"] == 'edit')
|
||||
{
|
||||
print '<form method="post" action="note.php?facid='.$fac->id.'">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
print '<input type="hidden" name="action" value="update_public">';
|
||||
print '<textarea name="note_public" cols="80" rows="8">'.$fac->note_public."</textarea><br>";
|
||||
print '<input type="submit" class="button" value="'.$langs->trans("Save").'">';
|
||||
@ -136,6 +137,7 @@ if ($_GET["facid"])
|
||||
if ($_GET["action"] == 'edit')
|
||||
{
|
||||
print '<form method="post" action="note.php?facid='.$fac->id.'">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
print '<input type="hidden" name="action" value="update">';
|
||||
print '<textarea name="note" cols="80" rows="8">'.$fac->note."</textarea><br>";
|
||||
print '<input type="submit" class="button" value="'.$langs->trans("Save").'">';
|
||||
|
||||
@ -115,6 +115,7 @@ $max=3;
|
||||
if ($conf->facture->enabled && $user->rights->facture->lire)
|
||||
{
|
||||
print '<form method="post" action="'.DOL_URL_ROOT.'/compta/facture.php">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
print '<table class="noborder" width="100%">';
|
||||
print "<tr class=\"liste_titre\">";
|
||||
print '<td colspan="3">'.$langs->trans("SearchACustomerInvoice").'</td></tr>';
|
||||
@ -128,6 +129,7 @@ if ($conf->facture->enabled && $user->rights->facture->lire)
|
||||
if ($conf->fournisseur->enabled && $user->rights->fournisseur->lire)
|
||||
{
|
||||
print '<form method="post" action="'.DOL_URL_ROOT.'/fourn/facture/index.php">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
print '<table class="noborder" width="100%">';
|
||||
print '<tr class="liste_titre"><td colspan="3">'.$langs->trans("SearchASupplierInvoice").'</td></tr>';
|
||||
print "<tr ".$bc[0].">";
|
||||
|
||||
@ -266,6 +266,7 @@ if ($_GET['action'] == 'create' || $_POST['action'] == 'confirm_paiement' || $_P
|
||||
}
|
||||
|
||||
print '<form name="add_paiement" action="paiement.php" method="post">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
print '<input type="hidden" name="action" value="add_paiement">';
|
||||
print '<input type="hidden" name="facid" value="'.$facture->id.'">';
|
||||
print '<input type="hidden" name="socid" value="'.$facture->socid.'">';
|
||||
|
||||
@ -89,6 +89,7 @@ print_fiche_titre($titre);
|
||||
|
||||
// Formulaire de génération
|
||||
print '<form method="post" action="rapport.php?year='.$year.'">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
print '<input type="hidden" name="action" value="gen">';
|
||||
$cmonth = date("n", time());
|
||||
$syear = date("Y", time());
|
||||
|
||||
@ -172,6 +172,7 @@ if ($_GET["action"] == 'create')
|
||||
}
|
||||
|
||||
print '<form name="add_paiement" action="paiement_charge.php" method="post">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
print "<input type=\"hidden\" name=\"id\" value=\"$charge->id\">";
|
||||
print '<input type="hidden" name="action" value="add_paiement">';
|
||||
|
||||
|
||||
@ -78,6 +78,7 @@ if ($_GET["action"] == 'create' && $user->rights->compta->ventilation->parametre
|
||||
print_fiche_titre($langs->trans("NewAccount"));
|
||||
|
||||
print '<form action="fiche.php" method="post">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
print '<input type="hidden" name="action" value="add">';
|
||||
print '<input type="hidden" name="type" value="'.$_GET["type"].'">'."\n";
|
||||
|
||||
|
||||
@ -57,6 +57,7 @@ print '<tr><td valign="top" width="30%" class="notopnoleft">';
|
||||
* Zone recherche facture
|
||||
*/
|
||||
print '<form method="post" action="facture.php">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
|
||||
print '<table class="noborder" width="100%">';
|
||||
print "<tr class=\"liste_titre\">";
|
||||
|
||||
@ -74,6 +74,7 @@ print "<br>";
|
||||
|
||||
if ($user->rights->prelevement->bons->configurer)
|
||||
print '<form method="post" action="config.php?action=set">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
|
||||
print '<table class="noborder" width="100%">';
|
||||
print '<tr class="liste_titre">';
|
||||
@ -193,6 +194,7 @@ if ($conf->global->MAIN_MODULE_NOTIFICATION)
|
||||
|
||||
if ($user->rights->prelevement->bons->configurer)
|
||||
print '<form method="post" action="'.$_SERVER["PHP_SELF"].'?action=addnotif">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
|
||||
print '<table class="noborder" width="100%">';
|
||||
print '<tr class="liste_titre">';
|
||||
|
||||
@ -195,6 +195,7 @@ if ($_GET["id"])
|
||||
if($bon->date_trans == 0)
|
||||
{
|
||||
print '<form method="post" name="userfile" action="fiche.php?id='.$bon->id.'" enctype="multipart/form-data">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
print '<input type="hidden" name="action" value="infotrans">';
|
||||
print '<table class="border" width="100%">';
|
||||
print '<tr><td width="20%">Date Transmission</td><td>';
|
||||
@ -216,6 +217,7 @@ if ($_GET["id"])
|
||||
if($bon->date_trans <> 0 && $bon->date_credit == 0)
|
||||
{
|
||||
print '<form name="infocredit" method="post" action="fiche.php?id='.$bon->id.'">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
print '<input type="hidden" name="action" value="infocredit">';
|
||||
print '<table class="border" width="100%">';
|
||||
print '<tr><td width="20%">Crédité le</td><td>';
|
||||
|
||||
@ -148,6 +148,7 @@ if ($_GET["id"])
|
||||
$rej = new RejetPrelevement($db, $user);
|
||||
|
||||
print '<form name="confirm_rejet" method="post" action="ligne.php?id='.$_GET["id"].'">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
print '<input type="hidden" name="action" value="confirm_rejet">';
|
||||
print '<table class="border" width="100%">';
|
||||
print '<tr><td colspan="3">Rejet de prélèvement</td></tr>';
|
||||
|
||||
@ -181,6 +181,7 @@ if ($_GET["action"] == 'create')
|
||||
$var=false;
|
||||
|
||||
print '<form name="charge" method="post" action="'.$_SERVER["PHP_SELF"].'">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
print '<input type="hidden" name="action" value="add">';
|
||||
|
||||
print "<table class=\"noborder\" width=\"100%\">";
|
||||
|
||||
@ -112,6 +112,7 @@ if($_GET["id"])
|
||||
if($objp->fk_code_ventilation == 0)
|
||||
{
|
||||
print '<form action="fiche.php?id='.$_GET["id"].'" method="post">'."\n";
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
print '<input type="hidden" name="action" value="ventil">';
|
||||
}
|
||||
|
||||
|
||||
@ -101,6 +101,7 @@ if($_GET["id"])
|
||||
if($objp->fk_code_ventilation == 0)
|
||||
{
|
||||
print '<form action="fiche.php?id='.$_GET["id"].'" method="post">'."\n";
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
print '<input type="hidden" name="action" value="ventil">';
|
||||
}
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user