From b27578922359e42573bf08e00f069bd000cf4d41 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Tue, 23 Mar 2021 12:22:30 +0100 Subject: [PATCH] Fix regression --- htdocs/accountancy/customer/lines.php | 6 +++--- htdocs/accountancy/customer/list.php | 6 +++--- htdocs/accountancy/supplier/lines.php | 6 +++--- htdocs/accountancy/supplier/list.php | 6 +++--- htdocs/core/class/html.form.class.php | 3 ++- 5 files changed, 14 insertions(+), 13 deletions(-) diff --git a/htdocs/accountancy/customer/lines.php b/htdocs/accountancy/customer/lines.php index f52bc45f635..6b025e6f3c1 100644 --- a/htdocs/accountancy/customer/lines.php +++ b/htdocs/accountancy/customer/lines.php @@ -246,11 +246,11 @@ if (strlen(trim($search_country))) { if ($search_country == 'special_allnotme') { $sql .= " AND co.code <> '".$db->escape($mysoc->country_code)."'"; } elseif ($search_country == 'special_eec') { - $sql .= " AND co.code IN (".$db->sanitize($country_code_in_EEC).")"; + $sql .= " AND co.code IN (".$db->sanitize($country_code_in_EEC, 1).")"; } elseif ($search_country == 'special_eecnotme') { - $sql .= " AND co.code IN (".$db->sanitize($country_code_in_EEC_without_me).")"; + $sql .= " AND co.code IN (".$db->sanitize($country_code_in_EEC_without_me, 1).")"; } elseif ($search_country == 'special_noteec') { - $sql .= " AND co.code NOT IN (".$db->sanitize($country_code_in_EEC).")"; + $sql .= " AND co.code NOT IN (".$db->sanitize($country_code_in_EEC, 1).")"; } else { $sql .= natural_search("co.code", $search_country); } diff --git a/htdocs/accountancy/customer/list.php b/htdocs/accountancy/customer/list.php index 177b33f3ded..2e28ae4b566 100644 --- a/htdocs/accountancy/customer/list.php +++ b/htdocs/accountancy/customer/list.php @@ -283,11 +283,11 @@ if (strlen(trim($search_country))) { if ($search_country == 'special_allnotme') { $sql .= " AND co.code <> '".$db->escape($mysoc->country_code)."'"; } elseif ($search_country == 'special_eec') { - $sql .= " AND co.code IN (".$db->sanitize($country_code_in_EEC).")"; + $sql .= " AND co.code IN (".$db->sanitize($country_code_in_EEC, 1).")"; } elseif ($search_country == 'special_eecnotme') { - $sql .= " AND co.code IN (".$db->sanitize($country_code_in_EEC_without_me).")"; + $sql .= " AND co.code IN (".$db->sanitize($country_code_in_EEC_without_me, 1).")"; } elseif ($search_country == 'special_noteec') { - $sql .= " AND co.code NOT IN (".$db->sanitize($country_code_in_EEC).")"; + $sql .= " AND co.code NOT IN (".$db->sanitize($country_code_in_EEC, 1).")"; } else { $sql .= natural_search("co.code", $search_country); } diff --git a/htdocs/accountancy/supplier/lines.php b/htdocs/accountancy/supplier/lines.php index 530ed189e19..a87280744ec 100644 --- a/htdocs/accountancy/supplier/lines.php +++ b/htdocs/accountancy/supplier/lines.php @@ -238,11 +238,11 @@ if (strlen(trim($search_country))) { if ($search_country == 'special_allnotme') { $sql .= " AND co.code <> '".$db->escape($mysoc->country_code)."'"; } elseif ($search_country == 'special_eec') { - $sql .= " AND co.code IN (".$db->sanitize($country_code_in_EEC).")"; + $sql .= " AND co.code IN (".$db->sanitize($country_code_in_EEC, 1).")"; } elseif ($search_country == 'special_eecnotme') { - $sql .= " AND co.code IN (".$db->sanitize($country_code_in_EEC_without_me).")"; + $sql .= " AND co.code IN (".$db->sanitize($country_code_in_EEC_without_me, 1).")"; } elseif ($search_country == 'special_noteec') { - $sql .= " AND co.code NOT IN (".$db->sanitize($country_code_in_EEC).")"; + $sql .= " AND co.code NOT IN (".$db->sanitize($country_code_in_EEC, 1).")"; } else { $sql .= natural_search("co.code", $search_country); } diff --git a/htdocs/accountancy/supplier/list.php b/htdocs/accountancy/supplier/list.php index d74f0facfd7..aa3f8b4a403 100644 --- a/htdocs/accountancy/supplier/list.php +++ b/htdocs/accountancy/supplier/list.php @@ -288,11 +288,11 @@ if (strlen(trim($search_country))) { if ($search_country == 'special_allnotme') { $sql .= " AND co.code <> '".$db->escape($mysoc->country_code)."'"; } elseif ($search_country == 'special_eec') { - $sql .= " AND co.code IN (".$db->sanitize($country_code_in_EEC).")"; + $sql .= " AND co.code IN (".$db->sanitize($country_code_in_EEC, 1).")"; } elseif ($search_country == 'special_eecnotme') { - $sql .= " AND co.code IN (".$db->sanitize($country_code_in_EEC_without_me).")"; + $sql .= " AND co.code IN (".$db->sanitize($country_code_in_EEC_without_me, 1).")"; } elseif ($search_country == 'special_noteec') { - $sql .= " AND co.code NOT IN (".$db->sanitize($country_code_in_EEC).")"; + $sql .= " AND co.code NOT IN (".$db->sanitize($country_code_in_EEC, 1).")"; } else { $sql .= natural_search("co.code", $search_country); } diff --git a/htdocs/core/class/html.form.class.php b/htdocs/core/class/html.form.class.php index 848b07bd450..33f3c15151a 100644 --- a/htdocs/core/class/html.form.class.php +++ b/htdocs/core/class/html.form.class.php @@ -5670,7 +5670,7 @@ class Form $sql .= " FROM ".MAIN_DB_PREFIX."c_tva as t, ".MAIN_DB_PREFIX."c_country as c"; $sql .= " WHERE t.fk_pays = c.rowid"; $sql .= " AND t.active > 0"; - $sql .= " AND c.code IN (".$this->db->sanitize($country_code).")"; + $sql .= " AND c.code IN (".$this->db->sanitize($country_code, 1).")"; $sql .= " ORDER BY t.code ASC, t.taux ASC, t.recuperableonly ASC"; $resql = $this->db->query($sql); @@ -5753,6 +5753,7 @@ class Form $defaultnpr = (preg_match('/\*/', $selectedrate) ? 1 : $defaultnpr); $defaulttx = str_replace('*', '', $selectedrate); $defaultcode = ''; + $reg = array(); if (preg_match('/\((.*)\)/', $defaulttx, $reg)) { $defaultcode = $reg[1]; $defaulttx = preg_replace('/\s*\(.*\)/', '', $defaulttx);