From cfa45be7d4496677c49e5518f2b236cf8ef45387 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Sat, 10 Sep 2011 22:38:13 +0000 Subject: [PATCH] Qual: Add more checks --- htdocs/exports/class/export.class.php | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/htdocs/exports/class/export.class.php b/htdocs/exports/class/export.class.php index f91bbca82ef..e062ccb67e3 100644 --- a/htdocs/exports/class/export.class.php +++ b/htdocs/exports/class/export.class.php @@ -217,6 +217,7 @@ class Export // Build the sql request $sql=$this->array_export_sql_start[$indice]; $i=0; + //print_r($array_selected); foreach ($this->array_export_fields[$indice] as $key => $value) { @@ -253,7 +254,14 @@ class Export asort($array_selected); dol_syslog("Export::build_file $model, $datatoexport, $array_selected"); - + + // Check parameters or context properties + if (! is_array($this->array_export_fields[$indice])) + { + $this->error="ErrorBadParameter"; + return -1; + } + // Creation de la classe d'export du model ExportXXX $dir = DOL_DOCUMENT_ROOT . "/includes/modules/export/"; $file = "export_".$model.".modules.php"; @@ -278,7 +286,7 @@ class Export $outputlangs=$langs; // Lang for output // Open file - create_exdir($dirname); + dol_mkdir($dirname); $result=$objmodel->open_file($dirname."/".$filename, $outputlangs); if ($result >= 0)