fix function name

2022-03-30 12:16:17 +02:00 · 2022-03-30 12:16:17 +02:00 · c1d9ea95dc
commit c1d9ea95dc
parent 16968b08f9
18 changed files with 77 additions and 61 deletions
--- a/htdocs/api/class/api.class.php
+++ b/htdocs/api/class/api.class.php
@ -88,9 +88,9 @@ class DolibarrApi
 		// phpcs:enable
 		// TODO Use type detected in $object->fields
 		if (in_array($field, array('note', 'note_private', 'note_public', 'desc', 'description'))) {
-			return checkVal($value, 'restricthtml');
+			return sanitizeVal($value, 'restricthtml');
 		} else {
-			return checkVal($value, 'alphanohtml');
+			return sanitizeVal($value, 'alphanohtml');
 		}
 	}

--- a/htdocs/categories/class/categorie.class.php
+++ b/htdocs/categories/class/categorie.class.php
@ -913,7 +913,7 @@ class Categorie extends CommonObject

 		$categories = array();

-		$type = checkVal($type, 'aZ09');
+		$type = sanitizeVal($type, 'aZ09');

 		$sub_type = $type;
 		$subcol_name = "fk_".$type;
--- a/htdocs/comm/propal/class/api_proposals.class.php
+++ b/htdocs/comm/propal/class/api_proposals.class.php
@ -343,8 +343,8 @@ class Proposals extends DolibarrApi

 		$request_data = (object) $request_data;

-		$request_data->desc = checkVal($request_data->desc, 'restricthtml');
-		$request_data->label = checkVal($request_data->label);
+		$request_data->desc = sanitizeVal($request_data->desc, 'restricthtml');
+		$request_data->label = sanitizeVal($request_data->label);

 		$updateRes = $this->propal->addline(
 			$request_data->desc,
@ -488,8 +488,8 @@ class Proposals extends DolibarrApi

 		$request_data = (object) $request_data;

-		$request_data->desc = checkVal($request_data->desc, 'restricthtml');
-		$request_data->label = checkVal($request_data->label);
+		$request_data->desc = sanitizeVal($request_data->desc, 'restricthtml');
+		$request_data->label = sanitizeVal($request_data->label);

 		$propalline = new PropaleLigne($this->db);
 		$result = $propalline->fetch($lineid);
--- a/htdocs/commande/class/api_orders.class.php
+++ b/htdocs/commande/class/api_orders.class.php
@ -335,8 +335,8 @@ class Orders extends DolibarrApi

 		$request_data = (object) $request_data;

-		$request_data->desc = checkVal($request_data->desc, 'restricthtml');
-		$request_data->label = checkVal($request_data->label);
+		$request_data->desc = sanitizeVal($request_data->desc, 'restricthtml');
+		$request_data->label = sanitizeVal($request_data->label);

 		$updateRes = $this->commande->addline(
 			$request_data->desc,
@ -403,8 +403,8 @@ class Orders extends DolibarrApi

 		$request_data = (object) $request_data;

-		$request_data->desc = checkVal($request_data->desc, 'restricthtml');
-		$request_data->label = checkVal($request_data->label);
+		$request_data->desc = sanitizeVal($request_data->desc, 'restricthtml');
+		$request_data->label = sanitizeVal($request_data->label);

 		$updateRes = $this->commande->updateline(
 			$lineid,
--- a/htdocs/compta/bank/class/api_bankaccounts.class.php
+++ b/htdocs/compta/bank/class/api_bankaccounts.class.php
@ -250,7 +250,7 @@ class BankAccounts extends DolibarrApi
 		}

 		// Clean data
-		$description = checkVal($description, 'alphanohtml');
+		$description = sanitizeVal($description, 'alphanohtml');


 		/**
@ -498,13 +498,13 @@ class BankAccounts extends DolibarrApi
 			throw new RestException(404, 'account not found');
 		}

-		$type = checkVal($type);
-		$label = checkVal($label);
-		$cheque_number = checkVal($cheque_number);
-		$cheque_writer = checkVal($cheque_writer);
-		$cheque_bank = checkVal($cheque_bank);
-		$accountancycode = checkVal($accountancycode);
-		$num_releve = checkVal($num_releve);
+		$type = sanitizeVal($type);
+		$label = sanitizeVal($label);
+		$cheque_number = sanitizeVal($cheque_number);
+		$cheque_writer = sanitizeVal($cheque_writer);
+		$cheque_bank = sanitizeVal($cheque_bank);
+		$accountancycode = sanitizeVal($accountancycode);
+		$num_releve = sanitizeVal($num_releve);

 		$result = $account->addline(
 			$date,
@ -557,9 +557,9 @@ class BankAccounts extends DolibarrApi
 			throw new RestException(404, 'account line not found');
 		}

-		$url = checkVal($url);
-		$label = checkVal($label);
-		$type = checkVal($type);
+		$url = sanitizeVal($url);
+		$label = sanitizeVal($label);
+		$type = sanitizeVal($type);

 		$result = $account->add_url_line($line_id, $url_id, $url, $label, $type);
 		if ($result < 0) {
--- a/htdocs/compta/facture/class/api_invoices.class.php
+++ b/htdocs/compta/facture/class/api_invoices.class.php
@ -423,8 +423,8 @@ class Invoices extends DolibarrApi

 		$request_data = (object) $request_data;

-		$request_data->desc = checkVal($request_data->desc, 'restricthtml');
-		$request_data->label = checkVal($request_data->label);
+		$request_data->desc = sanitizeVal($request_data->desc, 'restricthtml');
+		$request_data->label = sanitizeVal($request_data->label);

 		$updateRes = $this->invoice->updateline(
 			$lineid,
@ -712,8 +712,8 @@ class Invoices extends DolibarrApi

 		$request_data = (object) $request_data;

-		$request_data->desc = checkVal($request_data->desc, 'restricthtml');
-		$request_data->label = checkVal($request_data->label);
+		$request_data->desc = sanitizeVal($request_data->desc, 'restricthtml');
+		$request_data->label = sanitizeVal($request_data->label);

 		// Reset fk_parent_line for no child products and special product
 		if (($request_data->product_type != 9 && empty($request_data->fk_parent_line)) || $request_data->product_type == 9) {
--- a/htdocs/contrat/class/api_contracts.class.php
+++ b/htdocs/contrat/class/api_contracts.class.php
@ -278,8 +278,8 @@ class Contracts extends DolibarrApi

 		$request_data = (object) $request_data;

-		$request_data->desc = checkVal($request_data->desc, 'restricthtml');
-		$request_data->price_base_type = checkVal($request_data->price_base_type);
+		$request_data->desc = sanitizeVal($request_data->desc, 'restricthtml');
+		$request_data->price_base_type = sanitizeVal($request_data->price_base_type);

 		$updateRes = $this->contract->addline(
 			$request_data->desc,
@ -336,8 +336,8 @@ class Contracts extends DolibarrApi

 		$request_data = (object) $request_data;

-		$request_data->desc = checkVal($request_data->desc, 'restricthtml');
-		$request_data->price_base_type = checkVal($request_data->price_base_type);
+		$request_data->desc = sanitizeVal($request_data->desc, 'restricthtml');
+		$request_data->price_base_type = sanitizeVal($request_data->price_base_type);

 		$updateRes = $this->contract->updateline(
 			$lineid,
--- a/htdocs/core/lib/functions.lib.php
+++ b/htdocs/core/lib/functions.lib.php
@ -683,11 +683,11 @@ function GETPOST($paramname, $check = 'alphanohtml', $method = 0, $filter = null
 				$tmpcheck = 'alphanohtml';
 			}
 			foreach ($out as $outkey => $outval) {
-				$out[$outkey] = checkVal($outval, $tmpcheck, $filter, $options);
+				$out[$outkey] = sanitizeVal($outval, $tmpcheck, $filter, $options);
 			}
 		}
 	} else {
-		$out = checkVal($out, $check, $filter, $options);
+		$out = sanitizeVal($out, $check, $filter, $options);
 	}

 	// Sanitizing for special parameters.
@ -736,9 +736,11 @@ function GETPOSTINT($paramname, $method = 0)
 	return (int) GETPOST($paramname, 'int', $method, null, null, 0);
 }

+
 /**
- *  Return a value after checking on a rule. A sanitization may also have been done.
+ *  Return a sanitized or empty value after checking value against a rule.
 *
+ *  @deprecated
 *  @param  string|array  	$out	     Value to check/clear.
 *  @param  string  		$check	     Type of check/sanitizing
 *  @param  int     		$filter      Filter to apply when $check is set to 'custom'. (See http://php.net/manual/en/filter.filters.php for détails)
@ -746,6 +748,20 @@ function GETPOSTINT($paramname, $method = 0)
 *  @return string|array    		     Value sanitized (string or array). It may be '' if format check fails.
 */
 function checkVal($out = '', $check = 'alphanohtml', $filter = null, $options = null)
+{
+	return sanitizeVal($out, $check, $filter, $options);
+}
+
+/**
+ *  Return a sanitized or empty value after checking value against a rule.
+ *
+ *  @param  string|array  	$out	     Value to check/clear.
+ *  @param  string  		$check	     Type of check/sanitizing
+ *  @param  int     		$filter      Filter to apply when $check is set to 'custom'. (See http://php.net/manual/en/filter.filters.php for détails)
+ *  @param  mixed   		$options     Options to pass to filter_var when $check is set to 'custom'
+ *  @return string|array    		     Value sanitized (string or array). It may be '' if format check fails.
+ */
+function sanitizeVal($out = '', $check = 'alphanohtml', $filter = null, $options = null)
 {
 	global $conf;

--- a/htdocs/expedition/class/api_shipments.class.php
+++ b/htdocs/expedition/class/api_shipments.class.php
@ -279,8 +279,8 @@ class Shipments extends DolibarrApi

 		$request_data = (object) $request_data;

-		$request_data->desc = checkVal($request_data->desc, 'restricthtml');
-		$request_data->label = checkVal($request_data->label);
+		$request_data->desc = sanitizeVal($request_data->desc, 'restricthtml');
+		$request_data->label = sanitizeVal($request_data->label);

 		$updateRes = $this->shipment->addline(
 						$request_data->desc,
@ -347,8 +347,8 @@ class Shipments extends DolibarrApi

 		$request_data = (object) $request_data;

-		$request_data->desc = checkVal($request_data->desc, 'restricthtml');
-		$request_data->label = checkVal($request_data->label);
+		$request_data->desc = sanitizeVal($request_data->desc, 'restricthtml');
+		$request_data->label = sanitizeVal($request_data->label);

 		$updateRes = $this->shipment->updateline(
 						$lineid,
--- a/htdocs/expensereport/class/api_expensereports.class.php
+++ b/htdocs/expensereport/class/api_expensereports.class.php
@ -251,8 +251,8 @@ class ExpenseReports extends DolibarrApi

 	  $request_data = (object) $request_data;

-	  $request_data->desc = checkVal($request_data->desc, 'restricthtml');
-	  $request_data->label = checkVal($request_data->label);
+	  $request_data->desc = sanitizeVal($request_data->desc, 'restricthtml');
+	  $request_data->label = sanitizeVal($request_data->label);

 	  $updateRes = $this->expensereport->addline(
 						$request_data->desc,
@ -319,8 +319,8 @@ class ExpenseReports extends DolibarrApi

 		$request_data = (object) $request_data;

-		$request_data->desc = checkVal($request_data->desc, 'restricthtml');
-		$request_data->label = checkVal($request_data->label);
+		$request_data->desc = sanitizeVal($request_data->desc, 'restricthtml');
+		$request_data->label = sanitizeVal($request_data->label);

 		$updateRes = $this->expensereport->updateline(
 						$lineid,
--- a/htdocs/exports/class/export.class.php
+++ b/htdocs/exports/class/export.class.php
@ -302,7 +302,7 @@ class Export
 	public function build_filterQuery($TypeField, $NameField, $ValueField)
 	{
 		// phpcs:enable
-		$NameField = checkVal($NameField, 'aZ09');
+		$NameField = sanitizeVal($NameField, 'aZ09');
 		$szFilterQuery = '';

 		//print $TypeField." ".$NameField." ".$ValueField;
--- a/htdocs/fourn/class/api_supplier_invoices.class.php
+++ b/htdocs/fourn/class/api_supplier_invoices.class.php
@ -558,8 +558,8 @@ class SupplierInvoices extends DolibarrApi

 		$request_data = (object) $request_data;

-		$request_data->description = checkVal($request_data->description, 'restricthtml');
-		$request_data->ref_supplier = checkVal($request_data->ref_supplier);
+		$request_data->description = sanitizeVal($request_data->description, 'restricthtml');
+		$request_data->ref_supplier = sanitizeVal($request_data->ref_supplier);

 		$updateRes = $this->invoice->addline(
 			$request_data->description,
@ -625,8 +625,8 @@ class SupplierInvoices extends DolibarrApi

 		$request_data = (object) $request_data;

-		$request_data->description = checkVal($request_data->description, 'restricthtml');
-		$request_data->ref_supplier = checkVal($request_data->ref_supplier);
+		$request_data->description = sanitizeVal($request_data->description, 'restricthtml');
+		$request_data->ref_supplier = sanitizeVal($request_data->ref_supplier);

 		$updateRes = $this->invoice->updateline(
 			$lineid,
--- a/htdocs/knowledgemanagement/class/api_knowledgemanagement.class.php
+++ b/htdocs/knowledgemanagement/class/api_knowledgemanagement.class.php
@ -218,7 +218,7 @@ class KnowledgeManagement extends DolibarrApi
 		}

 		// Clean data
-		// $this->knowledgerecord->abc = checkVal($this->knowledgerecord->abc, 'alphanohtml');
+		// $this->knowledgerecord->abc = sanitizeVal($this->knowledgerecord->abc, 'alphanohtml');

 		if ($this->knowledgerecord->create(DolibarrApiAccess::$user)<0) {
 			throw new RestException(500, "Error creating KnowledgeRecord", array_merge(array($this->knowledgerecord->error), $this->knowledgerecord->errors));
@ -260,7 +260,7 @@ class KnowledgeManagement extends DolibarrApi
 		}

 		// Clean data
-		// $this->knowledgerecord->abc = checkVal($this->knowledgerecord->abc, 'alphanohtml');
+		// $this->knowledgerecord->abc = sanitizeVal($this->knowledgerecord->abc, 'alphanohtml');

 		if ($this->knowledgerecord->update(DolibarrApiAccess::$user, false) > 0) {
 			return $this->get($id);
--- a/htdocs/modulebuilder/template/class/api_mymodule.class.php
+++ b/htdocs/modulebuilder/template/class/api_mymodule.class.php
@ -218,7 +218,7 @@ class MyModuleApi extends DolibarrApi
 		}

 		// Clean data
-		// $this->myobject->abc = checkVal($this->myobject->abc, 'alphanohtml');
+		// $this->myobject->abc = sanitizeVal($this->myobject->abc, 'alphanohtml');

 		if ($this->myobject->create(DolibarrApiAccess::$user)<0) {
 			throw new RestException(500, "Error creating MyObject", array_merge(array($this->myobject->error), $this->myobject->errors));
@ -260,7 +260,7 @@ class MyModuleApi extends DolibarrApi
 		}

 		// Clean data
-		// $this->myobject->abc = checkVal($this->myobject->abc, 'alphanohtml');
+		// $this->myobject->abc = sanitizeVal($this->myobject->abc, 'alphanohtml');

 		if ($this->myobject->update(DolibarrApiAccess::$user, false) > 0) {
 			return $this->get($id);
--- a/htdocs/product/class/api_products.class.php
+++ b/htdocs/product/class/api_products.class.php
@ -779,9 +779,9 @@ class Products extends DolibarrApi
 		}

 		// Clean data
-		$ref_fourn = checkVal($ref_fourn, 'alphanohtml');
-		$desc_fourn = checkVal($desc_fourn, 'restricthtml');
-		$barcode = checkVal($barcode, 'alphanohtml');
+		$ref_fourn = sanitizeVal($ref_fourn, 'alphanohtml');
+		$desc_fourn = sanitizeVal($desc_fourn, 'restricthtml');
+		$barcode = sanitizeVal($barcode, 'alphanohtml');

 		$result = $this->productsupplier->update_buyprice($qty, $buyprice, DolibarrApiAccess::$user, $price_base_type, $fourn, $availability, $ref_fourn, $tva_tx, $charges, $remise_percent, $remise, $newnpr, $delivery_time_days, $supplier_reputation, $localtaxes_array, $newdefaultvatcode, $multicurrency_buyprice, $multicurrency_price_base_type, $multicurrency_tx, $multicurrency_code, $desc_fourn, $barcode, $fk_barcode_type);

--- a/htdocs/projet/class/api_projects.class.php
+++ b/htdocs/projet/class/api_projects.class.php
@ -333,7 +333,7 @@ class Projects extends DolibarrApi

 		$request_data = (object) $request_data;

-		$request_data->desc = checkVal($request_data->desc, 'restricthtml');
+		$request_data->desc = sanitizeVal($request_data->desc, 'restricthtml');

 		$updateRes = $this->project->addline(
 						$request_data->desc,
@ -400,7 +400,7 @@ class Projects extends DolibarrApi

 		$request_data = (object) $request_data;

-		$request_data->desc = checkVal($request_data->desc, 'restricthtml');
+		$request_data->desc = sanitizeVal($request_data->desc, 'restricthtml');

 		$updateRes = $this->project->updateline(
 						$lineid,
--- a/htdocs/projet/class/api_tasks.class.php
+++ b/htdocs/projet/class/api_tasks.class.php
@ -333,7 +333,7 @@ class Tasks extends DolibarrApi

 		$request_data = (object) $request_data;

-		$request_data->desc = checkVal($request_data->desc, 'restricthtml');
+		$request_data->desc = sanitizeVal($request_data->desc, 'restricthtml');

 		$updateRes = $this->project->addline(
 						$request_data->desc,
@ -400,7 +400,7 @@ class Tasks extends DolibarrApi

 		$request_data = (object) $request_data;

-		$request_data->desc = checkVal($request_data->desc, 'restricthtml');
+		$request_data->desc = sanitizeVal($request_data->desc, 'restricthtml');

 		$updateRes = $this->project->updateline(
 						$lineid,
--- a/htdocs/recruitment/class/api_recruitment.class.php
+++ b/htdocs/recruitment/class/api_recruitment.class.php
@ -359,7 +359,7 @@ class Recruitment extends DolibarrApi
 		}

 		// Clean data
-		// $this->jobposition->abc = checkVal($this->jobposition->abc, 'alphanohtml');
+		// $this->jobposition->abc = sanitizeVal($this->jobposition->abc, 'alphanohtml');

 		if ($this->jobposition->create(DolibarrApiAccess::$user)<0) {
 			throw new RestException(500, "Error creating jobposition", array_merge(array($this->jobposition->error), $this->jobposition->errors));
@ -391,7 +391,7 @@ class Recruitment extends DolibarrApi
 		}

 		// Clean data
-		// $this->jobposition->abc = checkVal($this->jobposition->abc, 'alphanohtml');
+		// $this->jobposition->abc = sanitizeVal($this->jobposition->abc, 'alphanohtml');

 		if ($this->candidature->create(DolibarrApiAccess::$user)<0) {
 			throw new RestException(500, "Error creating candidature", array_merge(array($this->candidature->error), $this->candidature->errors));
@ -433,7 +433,7 @@ class Recruitment extends DolibarrApi
 		}

 		// Clean data
-		// $this->jobposition->abc = checkVal($this->jobposition->abc, 'alphanohtml');
+		// $this->jobposition->abc = sanitizeVal($this->jobposition->abc, 'alphanohtml');

 		if ($this->jobposition->update(DolibarrApiAccess::$user, false) > 0) {
 			return $this->get($id);
@ -476,7 +476,7 @@ class Recruitment extends DolibarrApi
 		}

 		// Clean data
-		// $this->jobposition->abc = checkVal($this->jobposition->abc, 'alphanohtml');
+		// $this->jobposition->abc = sanitizeVal($this->jobposition->abc, 'alphanohtml');

 		if ($this->candidature->update(DolibarrApiAccess::$user, false) > 0) {
 			return $this->get($id);