diff --git a/htdocs/compta/bank/bankentries_list.php b/htdocs/compta/bank/bankentries_list.php index cb6b6095d92..b621ad9752f 100644 --- a/htdocs/compta/bank/bankentries_list.php +++ b/htdocs/compta/bank/bankentries_list.php @@ -10,7 +10,6 @@ * Copyright (C) 2018 Ferran Marcet * Copyright (C) 2018 Frédéric France * Copyright (C) 2021 Gauthier VERDOL - * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -644,11 +643,12 @@ if ($search_description) { } $sql .= natural_search("b.label", $search_description_to_use); // Warning some text are just translation keys, not translated strings } + if ($search_bid > 0) { - $sql .= " AND b.rowid=l.lineid AND l.fk_categ=".$search_bid; + $sql .= " AND b.rowid = l.lineid AND l.fk_categ = ".((int) $search_bid); } if (!empty($search_type)) { - $sql .= " AND b.fk_type = '".$db->escape($search_type)."' "; + $sql .= " AND b.fk_type = '".$db->escape($search_type)."'"; } // Search criteria amount if ($search_debit) { diff --git a/htdocs/opensurvey/card.php b/htdocs/opensurvey/card.php index 5728edb80ff..fd9fa3e0456 100644 --- a/htdocs/opensurvey/card.php +++ b/htdocs/opensurvey/card.php @@ -32,7 +32,7 @@ require_once DOL_DOCUMENT_ROOT."/opensurvey/fonctions.php"; // Security check -if (!$user->rights->opensurvey->read) { +if (empty($user->rights->opensurvey->read)) { accessforbidden(); } diff --git a/htdocs/opensurvey/exportcsv.php b/htdocs/opensurvey/exportcsv.php index 3a4237f83e6..76e4ffd9023 100644 --- a/htdocs/opensurvey/exportcsv.php +++ b/htdocs/opensurvey/exportcsv.php @@ -40,6 +40,11 @@ if ($result <= 0) { dol_print_error('', 'Failed to get survey id '.$numsondage); } +// Security check +if (empty($user->rights->opensurvey->read)) { + accessforbidden(); +} + /* * Actions diff --git a/htdocs/opensurvey/fonctions.php b/htdocs/opensurvey/fonctions.php index 96d9370c10a..7114dd5119f 100644 --- a/htdocs/opensurvey/fonctions.php +++ b/htdocs/opensurvey/fonctions.php @@ -31,7 +31,6 @@ */ function opensurvey_prepare_head(Opensurveysondage $object) { - global $langs, $conf; $h = 0; diff --git a/htdocs/opensurvey/index.php b/htdocs/opensurvey/index.php index 8ff138b6681..ba608723816 100644 --- a/htdocs/opensurvey/index.php +++ b/htdocs/opensurvey/index.php @@ -31,7 +31,7 @@ require_once DOL_DOCUMENT_ROOT."/core/lib/files.lib.php"; $langs->load("opensurvey"); // Security check -if (!$user->rights->opensurvey->read) { +if (empty($user->rights->opensurvey->read)) { accessforbidden(); } diff --git a/htdocs/opensurvey/results.php b/htdocs/opensurvey/results.php index 36228939092..ede66c3e022 100644 --- a/htdocs/opensurvey/results.php +++ b/htdocs/opensurvey/results.php @@ -29,13 +29,11 @@ require_once DOL_DOCUMENT_ROOT."/core/lib/files.lib.php"; require_once DOL_DOCUMENT_ROOT."/opensurvey/class/opensurveysondage.class.php"; require_once DOL_DOCUMENT_ROOT."/opensurvey/fonctions.php"; - // Security check -if (!$user->rights->opensurvey->read) { +if (empty($user->rights->opensurvey->read)) { accessforbidden(); } - // Init vars $action = GETPOST('action', 'aZ09'); $numsondage = GETPOST("id"); @@ -594,7 +592,10 @@ if (GETPOST('ajoutsujet')) { } if ($user->rights->opensurvey->write) { - print ''.$langs->trans("PollAdminDesc", img_picto('', 'delete'), $langs->trans("Add")).'
'; + print ''; + $s = $langs->trans("PollAdminDesc", '{s1}', $langs->trans("Add")); + print str_replace('{s1}', img_picto('', 'delete'), $s); + print '
'; } $nbcolonnes = substr_count($object->sujet, ',') + 1;