diff --git a/htdocs/compta/prelevement/bon.php b/htdocs/compta/prelevement/bon.php index 4a42b1fb08e..1934434a7e2 100644 --- a/htdocs/compta/prelevement/bon.php +++ b/htdocs/compta/prelevement/bon.php @@ -1,7 +1,7 @@ * Copyright (C) 2005 Laurent Destailleur - * Copyright (C) 2010-2011 Juanjo Menent + * Copyright (C) 2010-2012 Juanjo Menent * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -34,7 +34,7 @@ $langs->load("categories"); // Security check $socid=0; $id = GETPOST('id','int'); -$ref = GETPOST("ref"); +$ref = GETPOST('ref','alpha'); if ($user->societe_id) $socid=$user->societe_id; $result = restrictedArea($user, 'prelevement', $id); diff --git a/htdocs/compta/prelevement/bons.php b/htdocs/compta/prelevement/bons.php index 4cfbbf0a481..764993d2471 100644 --- a/htdocs/compta/prelevement/bons.php +++ b/htdocs/compta/prelevement/bons.php @@ -2,7 +2,7 @@ /* Copyright (C) 2005 Rodolphe Quiedeville * Copyright (C) 2005-2008 Laurent Destailleur * Copyright (C) 2005-2009 Regis Houssin - * Copyright (C) 2010-2011 Juanjo Menent + * Copyright (C) 2010-2012 Juanjo Menent * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -36,11 +36,11 @@ if ($user->societe_id) $socid=$user->societe_id; $result = restrictedArea($user, 'prelevement','','','bons'); // Get supervariables -$page = GETPOST("page"); -$sortorder = ((GETPOST("sortorder")=="")) ? "DESC" : GETPOST("sortorder"); -$sortfield = ((GETPOST("sortfield")=="")) ? "p.datec" : GETPOST("sortfield"); -$statut = GETPOST("statut"); -$search_line = GETPOST("search_ligne"); +$page = GETPOST('page','int'); +$sortorder = ((GETPOST('sortorder','alpha')=="")) ? "DESC" : GETPOST('sortorder','alpha'); +$sortfield = ((GETPOST('sortfield','alpha')=="")) ? "p.datec" : GETPOST('sortfield','alpha'); +$statut = GETPOST('statut','int'); +$search_line = GETPOST('search_ligne','int'); llxHeader('',$langs->trans("WithdrawalsReceipts")); diff --git a/htdocs/compta/prelevement/create.php b/htdocs/compta/prelevement/create.php index 9e9c71b390d..74311782b3e 100644 --- a/htdocs/compta/prelevement/create.php +++ b/htdocs/compta/prelevement/create.php @@ -2,7 +2,7 @@ /* Copyright (C) 2005 Rodolphe Quiedeville * Copyright (C) 2010 Laurent Destailleur * Copyright (C) 2005-2009 Regis Houssin - * Copyright (C) 2010-2011 Juanjo Menent + * Copyright (C) 2010-2012 Juanjo Menent * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -39,7 +39,7 @@ if ($user->societe_id) $socid=$user->societe_id; $result = restrictedArea($user, 'prelevement', '', '', 'bons'); // Get supervariables -$action = GETPOST("action"); +$action = GETPOST('action','alpha'); /* diff --git a/htdocs/compta/prelevement/demandes.php b/htdocs/compta/prelevement/demandes.php index 4038446afb1..ef2914f696f 100644 --- a/htdocs/compta/prelevement/demandes.php +++ b/htdocs/compta/prelevement/demandes.php @@ -2,7 +2,7 @@ /* Copyright (C) 2004-2005 Rodolphe Quiedeville * Copyright (C) 2005-2010 Laurent Destailleur * Copyright (C) 2005-2009 Regis Houssin - * Copyright (C) 2011 Juanjo Menent + * Copyright (C) 2011-2012 Juanjo Menent * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -37,9 +37,9 @@ if ($user->societe_id) $socid=$user->societe_id; $result = restrictedArea($user, 'prelevement','','','bons'); // Get supervariables -$page = GETPOST("page"); -$sortorder = GETPOST("sortorder"); -$sortfield = GETPOST("sortfield"); +$page = GETPOST('page','int'); +$sortorder = GETPOST('sortorder','alpha'); +$sortfield = GETPOST('sortfield','alpha'); /* * View @@ -77,9 +77,9 @@ if ($socid) $sql.= " AND f.fk_soc = ".$socid; if (!$statut) $sql.= " AND pfd.traite = 0"; if ($statut) $sql.= " AND pfd.traite = ".$statut; $sql.= " AND pfd.fk_facture = f.rowid"; -if (dol_strlen(trim(GETPOST("search_societe")))) +if (dol_strlen(trim(GETPOST('search_societe','alpha')))) { - $sql.= " AND s.nom LIKE '%".GETPOST("search_societe")."%'"; + $sql.= " AND s.nom LIKE '%".GETPOST('search_societe','alpha')."%'"; } $sql.= " ORDER BY $sortfield $sortorder "; $sql.= $db->plimit($conf->liste_limit+1, $offset); @@ -108,8 +108,8 @@ if ($resql) print ''; print '
'; - print ''; - print ''; + print ''; + print ''; print ''; print ''; print '
'; diff --git a/htdocs/compta/prelevement/factures.php b/htdocs/compta/prelevement/factures.php index 67e47420061..6fb8239e5e6 100644 --- a/htdocs/compta/prelevement/factures.php +++ b/htdocs/compta/prelevement/factures.php @@ -2,7 +2,7 @@ /* Copyright (C) 2005 Rodolphe Quiedeville * Copyright (C) 2005 Laurent Destailleur * Copyright (C) 2005-2009 Regis Houssin - * Copyright (C) 2010-2011 Juanjo Menent + * Copyright (C) 2010-2012 Juanjo Menent * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -39,9 +39,9 @@ if ($user->societe_id > 0) accessforbidden(); // Get supervariables $prev_id = GETPOST('id','int'); $socid = GETPOST('socid','int'); -$page = GETPOST("page"); -$sortorder = ((GETPOST("sortorder")=="")) ? "DESC" : GETPOST("sortorder"); -$sortfield = ((GETPOST("sortfield")=="")) ? "p.ref" : GETPOST("sortfield"); +$page = GETPOST('page','int'); +$sortorder = ((GETPOST('sortorder','alpha')=="")) ? "DESC" : GETPOST('sortorder','alpha'); +$sortfield = ((GETPOST('sortfield','alpha')=="")) ? "p.ref" : GETPOST('sortfield','alpha'); llxHeader('',$langs->trans("WithdrawalReceipt")); diff --git a/htdocs/compta/prelevement/fiche-rejet.php b/htdocs/compta/prelevement/fiche-rejet.php index f3ad78b9b64..1e4b95364bd 100644 --- a/htdocs/compta/prelevement/fiche-rejet.php +++ b/htdocs/compta/prelevement/fiche-rejet.php @@ -2,7 +2,7 @@ /* Copyright (C) 2005 Rodolphe Quiedeville * Copyright (C) 2005 Laurent Destailleur * Copyright (C) 2005-2010 Regis Houssin - * Copyright (C) 2010-2011 Juanjo Menent + * Copyright (C) 2010-2012 Juanjo Menent * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -36,7 +36,7 @@ if ($user->societe_id > 0) accessforbidden(); // Get supervariables $prev_id = GETPOST('id','int'); -$page = GETPOST("page"); +$page = GETPOST('page','int'); /* * View diff --git a/htdocs/compta/prelevement/fiche-stat.php b/htdocs/compta/prelevement/fiche-stat.php index 63b269c6286..8611eaa63b0 100644 --- a/htdocs/compta/prelevement/fiche-stat.php +++ b/htdocs/compta/prelevement/fiche-stat.php @@ -1,7 +1,7 @@ * Copyright (C) 2005 Laurent Destailleur - * Copyright (C) 2010-2011 Juanjo Menent + * Copyright (C) 2010-2012 Juanjo Menent * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -35,7 +35,7 @@ $langs->load("categories"); // Get supervariables $prev_id = GETPOST('id','int'); -$page = GETPOST("page"); +$page = GETPOST('page','int'); /* * View diff --git a/htdocs/compta/prelevement/fiche.php b/htdocs/compta/prelevement/fiche.php index e2d5a32fafe..8441800d18f 100644 --- a/htdocs/compta/prelevement/fiche.php +++ b/htdocs/compta/prelevement/fiche.php @@ -1,7 +1,7 @@ * Copyright (C) 2005-2010 Laurent Destailleur - * Copyright (C) 2010-2011 Juanjo Menent + * Copyright (C) 2010-2012 Juanjo Menent * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -39,14 +39,14 @@ $langs->load("categories"); if ($user->societe_id > 0) accessforbidden(); // Get supervariables -$action = GETPOST("action"); +$action = GETPOST('action','alpha'); $id = GETPOST('id','int'); /* * Actions */ -if ( $action == 'confirm_credite' && GETPOST("confirm") == 'yes') +if ( $action == 'confirm_credite' && GETPOST('confirm','alpha') == 'yes') { $bon = new BonPrelevement($db,""); $bon->id = $id; @@ -69,9 +69,9 @@ if ($action == 'infotrans' && $user->rights->prelevement->bons->send) if (dol_move_uploaded_file($_FILES['userfile']['tmp_name'], $dir . "/" . $_FILES['userfile']['name'],1) > 0) { - $dt = dol_mktime(12,0,0,GETPOST("remonth"),GETPOST("reday"),GETPOST("reyear")); + $dt = dol_mktime(12,0,0,GETPOST('remonth','int'),GETPOST('reday','int'),GETPOST('reyear','int')); - $bon->set_infotrans($user, $dt, GETPOST("methode")); + $bon->set_infotrans($user, $dt, GETPOST('methode','alpha')); } Header("Location: fiche.php?id=".$id); @@ -88,7 +88,7 @@ if ($action == 'infocredit' && $user->rights->prelevement->bons->credit) { $bon = new BonPrelevement($db,""); $bon->fetch($id); - $dt = dol_mktime(12,0,0,GETPOST("remonth"),GETPOST("reday"),GETPOST("reyear")); + $dt = dol_mktime(12,0,0,GETPOST('remonth','int'),GETPOST('reday','int'),GETPOST('reyear','int')); $error = $bon->set_infocredit($user, $dt); @@ -121,9 +121,9 @@ if ($id) $head = prelevement_prepare_head($bon); dol_fiche_head($head, 'prelevement', $langs->trans("WithdrawalReceipt"), '', 'payment'); - if (GETPOST("error")!='') + if (GETPOST('error','alpha')!='') { - print '
'.$bon->ReadError(GETPOST("error")).'
'; + print '
'.$bon->ReadError(GETPOST('error','alpha')).'
'; } if ($action == 'credite') diff --git a/htdocs/compta/prelevement/ligne.php b/htdocs/compta/prelevement/ligne.php index 9af1d17b642..2db6f0f85d5 100644 --- a/htdocs/compta/prelevement/ligne.php +++ b/htdocs/compta/prelevement/ligne.php @@ -2,7 +2,7 @@ /* Copyright (C) 2005 Rodolphe Quiedeville * Copyright (C) 2005-2008 Laurent Destailleur * Copyright (C) 2005-2009 Regis Houssin - * Copyright (C) 2010-2011 Juanjo Menent + * Copyright (C) 2010-2012 Juanjo Menent * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -38,37 +38,37 @@ $langs->load("withdrawals"); $langs->load("categories"); // Get supervariables -$action = GETPOST("action"); +$action = GETPOST('action','alpha'); $id = GETPOST('id','int'); $socid = GETPOST('socid','int'); -$page = GETPOST("page"); -$sortorder = GETPOST("sortorder"); -$sortfield = GETPOST("sortfield"); +$page = GETPOST('page','int'); +$sortorder = GETPOST('sortorder','alpha'); +$sortfield = GETPOST('sortfield','alpha'); if ($action == 'confirm_rejet') { if ( GETPOST("confirm") == 'yes') { - $daterej = mktime(2, 0, 0, GETPOST("remonth"), GETPOST("reday"), GETPOST("reyear")); + $daterej = mktime(2, 0, 0, GETPOST('remonth','int'), GETPOST('reday','int'), GETPOST('reyear','int')); $lipre = new LignePrelevement($db, $user); if ($lipre->fetch($id) == 0) { - if (GETPOST("motif") > 0 && $daterej < time()) + if (GETPOST('motif','alpha') > 0 && $daterej < time()) { $rej = new RejetPrelevement($db, $user); - $rej->create($user, $id, GETPOST("motif"), $daterej, $lipre->bon_rowid, GETPOST("facturer")); + $rej->create($user, $id, GETPOST('motif','alpha'), $daterej, $lipre->bon_rowid, GETPOST('facturer','int')); Header("Location: ligne.php?id=".$id); exit; } else { - dol_syslog("Motif : ".GETPOST("motif")); + dol_syslog("Motif : ".GETPOST('motif','alpha')); dol_syslog("$daterej $time "); Header("Location: ligne.php?id=".$id."&action=rejet"); exit; diff --git a/htdocs/compta/prelevement/lignes.php b/htdocs/compta/prelevement/lignes.php index 4d0db99de3c..a3a1086ff32 100644 --- a/htdocs/compta/prelevement/lignes.php +++ b/htdocs/compta/prelevement/lignes.php @@ -2,7 +2,7 @@ /* Copyright (C) 2005 Rodolphe Quiedeville * Copyright (C) 2005 Laurent Destailleur * Copyright (C) 2005-2009 Regis Houssin - * Copyright (C) 2010-2011 Juanjo Menent + * Copyright (C) 2010-2012 Juanjo Menent * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -38,9 +38,9 @@ $langs->load("categories"); // Get supervariables $prev_id = GETPOST('id','int'); $socid = GETPOST('socid','int'); -$page = GETPOST("page"); -$sortorder = ((GETPOST("sortorder")=="")) ? "DESC" : GETPOST("sortorder"); -$sortfield = ((GETPOST("sortfield")=="")) ? "pl.fk_soc" : GETPOST("sortfield"); +$page = GETPOST('page','int'); +$sortorder = ((GETPOST('sortorder','alpha')=="")) ? "DESC" : GETPOST('sortorder','alpha'); +$sortfield = ((GETPOST('sortfield','alpha')=="")) ? "pl.fk_soc" : GETPOST('sortfield','alpha'); diff --git a/htdocs/compta/prelevement/liste.php b/htdocs/compta/prelevement/liste.php index c27e09502d6..b091cfba4b9 100644 --- a/htdocs/compta/prelevement/liste.php +++ b/htdocs/compta/prelevement/liste.php @@ -2,7 +2,7 @@ /* Copyright (C) 2005 Rodolphe Quiedeville * Copyright (C) 2005-2010 Laurent Destailleur * Copyright (C) 2005-2009 Regis Houssin - * Copyright (C) 2010-2011 Juanjo Menent + * Copyright (C) 2010-2012 Juanjo Menent * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -37,14 +37,14 @@ if ($user->societe_id) $socid=$user->societe_id; $result = restrictedArea($user, 'prelevement','','','bons'); // Get supervariables -$page = GETPOST("page"); -$sortorder = ((GETPOST("sortorder")=="")) ? "DESC" : GETPOST("sortorder"); -$sortfield = ((GETPOST("sortfield")=="")) ? "p.datec" : GETPOST("sortfield"); -$search_line = GETPOST("search_ligne"); -$search_bon = GETPOST("search_bon"); -$search_code = GETPOST("search_code"); -$search_societe = GETPOST("search_societe"); -$statut = GETPOST("statut"); +$page = GETPOST('page','int'); +$sortorder = ((GETPOST('sortorder','alpha')=="")) ? "DESC" : GETPOST('sortorder','alpha'); +$sortfield = ((GETPOST('sortfield','alpha')=="")) ? "p.datec" : GETPOST('sortfield','alpha'); +$search_line = GETPOST('search_ligne','alpha'); +$search_bon = GETPOST('search_bon','alpha'); +$search_code = GETPOST('search_code','alpha'); +$search_societe = GETPOST('search_societe','alpha'); +$statut = GETPOST('statut','int'); $bon=new BonPrelevement($db,""); $ligne=new LignePrelevement($db,$user); diff --git a/htdocs/compta/prelevement/rejets.php b/htdocs/compta/prelevement/rejets.php index 2428cd8c016..354f3f57c86 100644 --- a/htdocs/compta/prelevement/rejets.php +++ b/htdocs/compta/prelevement/rejets.php @@ -1,7 +1,7 @@ * Copyright (C) 2005-2009 Regis Houssin - * Copyright (C) 2010-2011 Juanjo Menent + * Copyright (C) 2010-2012 Juanjo Menent * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -35,9 +35,9 @@ if ($user->societe_id) $socid=$user->societe_id; $result = restrictedArea($user, 'prelevement','','','bons'); // Get supervariables -$page = GETPOST("page"); -$sortorder = GETPOST("sortorder"); -$sortfield = GETPOST("sortfield"); +$page = GETPOST('page','int'); +$sortorder = GETPOST('sortorder','alpha'); +$sortfield = GETPOST('sortfield','alpha'); /* * View