From d21e5571007d2052a6b5f80a67b6f4cac693584a Mon Sep 17 00:00:00 2001
From: Laurent Destailleur <eldy@destailleur.fr>
Date: Fri, 16 Aug 2019 16:41:53 +0200
Subject: [PATCH 1/5] FIX #11671 CVE-2019-15062

---
 htdocs/core/actions_linkedfiles.inc.php   | 8 +++-----
 htdocs/core/class/html.formfile.class.php | 4 ++--
 htdocs/user/card.php                      | 4 ++--
 3 files changed, 7 insertions(+), 9 deletions(-)

diff --git a/htdocs/core/actions_linkedfiles.inc.php b/htdocs/core/actions_linkedfiles.inc.php
index 25ef74127bf..463795b66e9 100644
--- a/htdocs/core/actions_linkedfiles.inc.php
+++ b/htdocs/core/actions_linkedfiles.inc.php
@@ -125,8 +125,7 @@ if ($action == 'confirm_deletefile' && $confirm == 'yes')
         {
             require_once DOL_DOCUMENT_ROOT . '/core/class/link.class.php';
             $link = new Link($db);
-            $link->id = $linkid;
-            $link->fetch();
+            $link->fetch($linkid);
             $res = $link->delete($user);
 
             $langs->load('link');
@@ -160,8 +159,7 @@ elseif ($action == 'confirm_updateline' && GETPOST('save','alpha') && GETPOST('l
     require_once DOL_DOCUMENT_ROOT . '/core/class/link.class.php';
     $langs->load('link');
     $link = new Link($db);
-    $link->id = GETPOST('linkid', 'int');
-    $f = $link->fetch();
+    $f = $link->fetch(GETPOST('linkid', 'int'));
     if ($f)
     {
         $link->url = GETPOST('link', 'alpha');
@@ -169,7 +167,7 @@ elseif ($action == 'confirm_updateline' && GETPOST('save','alpha') && GETPOST('l
         {
             $link->url = 'http://' . $link->url;
         }
-        $link->label = GETPOST('label', 'alpha');
+        $link->label = GETPOST('label', 'alphanohtml');
         $res = $link->update($user);
         if (!$res)
         {
diff --git a/htdocs/core/class/html.formfile.class.php b/htdocs/core/class/html.formfile.class.php
index 679989a75a0..05708691fab 100644
--- a/htdocs/core/class/html.formfile.class.php
+++ b/htdocs/core/class/html.formfile.class.php
@@ -1758,7 +1758,7 @@ class FormFile
 				print $langs->trans('Link') . ': <input type="text" name="link" value="' . $link->url . '">';
 				print '</td>';
 				print '<td>';
-				print $langs->trans('Label') . ': <input type="text" name="label" value="' . $link->label . '">';
+				print $langs->trans('Label') . ': <input type="text" name="label" value="' . dol_escape_htmltag($link->label) . '">';
 				print '</td>';
 				print '<td align="center">' . dol_print_date(dol_now(), "dayhour", "tzuser") . '</td>';
 				print '<td align="right"></td>';
@@ -1772,7 +1772,7 @@ class FormFile
 				print '<td>';
 				print img_picto('', 'object_globe').' ';
 				print '<a data-ajax="false" href="' . $link->url . '" target="_blank">';
-				print $link->label;
+				print dol_escape_htmltag($link->label);
 				print '</a>';
 				print '</td>'."\n";
 				print '<td align="right"></td>';
diff --git a/htdocs/user/card.php b/htdocs/user/card.php
index 9a39518dfb4..072d7f287a3 100644
--- a/htdocs/user/card.php
+++ b/htdocs/user/card.php
@@ -318,12 +318,12 @@ if (empty($reshook)) {
 		{
 			$error = 0;
 
-			if (!$_POST["lastname"]) {
+			if (! GETPOST("lastname", 'alpha')) {
 				setEventMessages($langs->trans("NameNotDefined"), null, 'errors');
 				$action = "edit";       // Go back to create page
 				$error ++;
 			}
-			if (!$_POST["login"]) {
+			if (! GETPOST("login", 'alpha')) {
 				setEventMessages($langs->trans("LoginNotDefined"), null, 'errors');
 				$action = "edit";       // Go back to create page
 				$error ++;

From b1be6bf4f237089f34264568782a7406670cfae4 Mon Sep 17 00:00:00 2001
From: Laurent Destailleur <eldy@destailleur.fr>
Date: Sun, 18 Aug 2019 01:24:54 +0200
Subject: [PATCH 2/5] FIX #11422 Can't edit his own events with standard rights

---
 htdocs/comm/action/class/actioncomm.class.php | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/htdocs/comm/action/class/actioncomm.class.php b/htdocs/comm/action/class/actioncomm.class.php
index fd91864af04..392cd9255d9 100644
--- a/htdocs/comm/action/class/actioncomm.class.php
+++ b/htdocs/comm/action/class/actioncomm.class.php
@@ -1262,10 +1262,12 @@ class ActionComm extends CommonObject
 
 		if (! empty($conf->dol_no_mouse_hover)) $notooltip=1;   // Force disable tooltips
 
-                if ((!$user->rights->agenda->allactions->read && $this->author->id != $user->id) || (!$user->rights->agenda->myactions->read && $this->author->id == $user->id))
-                    $option = 'nolink';
+		if ((!$user->rights->agenda->allactions->read && $this->authorid != $user->id) || (!$user->rights->agenda->myactions->read && $this->authorid == $user->id))
+		{
+            $option = 'nolink';
+		}
 
-                $label = $this->label;
+        $label = $this->label;
 		if (empty($label)) $label=$this->libelle;   // For backward compatibility
 
 		$result='';

From 71be9f5b3f81c6c1de439ae6144095d3bd1a2532 Mon Sep 17 00:00:00 2001
From: Laurent Destailleur <eldy@destailleur.fr>
Date: Sun, 18 Aug 2019 21:01:17 +0200
Subject: [PATCH 3/5] Fix test on terminal for 'cashdesk' module

---
 htdocs/compta/cashcontrol/cashcontrol_card.php | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/htdocs/compta/cashcontrol/cashcontrol_card.php b/htdocs/compta/cashcontrol/cashcontrol_card.php
index 4f67f02d7f5..fed2182e236 100644
--- a/htdocs/compta/cashcontrol/cashcontrol_card.php
+++ b/htdocs/compta/cashcontrol/cashcontrol_card.php
@@ -235,8 +235,15 @@ if ($action=="create" || $action=="start")
 		$posmodule = GETPOST('posmodule', 'alpha');
 		$terminalid = GETPOST('posnumber', 'alpha');
 		$terminaltouse = $terminalid;
+
 		if ($terminaltouse == '1' && $posmodule=='cashdesk') $terminaltouse = '';
 
+		if ($posmodule=='cashdesk' && $terminaltouse != '' && $terminaltouse != '1') {
+			$terminaltouse = '';
+			setEventMessages($langs->trans("OnlyTerminal1IsAvailableForCashDeskModule"), null, 'errors');
+			$error++;
+		}
+
 		// Calculate $initialbalanceforterminal for terminal 0
 		foreach($arrayofpaymentmode as $key => $val)
 		{
@@ -271,7 +278,7 @@ if ($action=="create" || $action=="start")
 			}
 			else
 			{
-			    setEventMessages($langs->trans("SetupOfTerminalNotComplete", $terminalid), null, 'errors');
+				setEventMessages($langs->trans("SetupOfTerminalNotComplete", $terminaltouse), null, 'errors');
 			    $error++;
 			}
 		}

From 3a0057f6a30b9e0c62dfaf75e94f30ad91e8edf5 Mon Sep 17 00:00:00 2001
From: Laurent Destailleur <eldy@destailleur.fr>
Date: Sun, 18 Aug 2019 23:59:24 +0200
Subject: [PATCH 4/5] FIX too many record in sql request. Whena criteria is a
 filter, we must use an inner join.

---
 htdocs/core/lib/company.lib.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/htdocs/core/lib/company.lib.php b/htdocs/core/lib/company.lib.php
index 3f1efad3bce..6230f2a545f 100644
--- a/htdocs/core/lib/company.lib.php
+++ b/htdocs/core/lib/company.lib.php
@@ -1317,7 +1317,7 @@ function show_actions_done($conf, $langs, $db, $filterobj, $objcon='', $noprint=
     if (! empty($conf->agenda->enabled))
     {
         // Recherche histo sur actioncomm
- 	if (is_object($objcon) && $objcon->id) {
+ 	if (is_object($objcon) && $objcon->id > 0) {
 		$sql = "SELECT DISTINCT a.id, a.label,";
 	}
 	else
@@ -1340,7 +1340,7 @@ function show_actions_done($conf, $langs, $db, $filterobj, $objcon='', $noprint=
         $sql.= " LEFT JOIN ".MAIN_DB_PREFIX."c_actioncomm as c ON a.fk_action = c.id";
 
         if (is_object($objcon) && $objcon->id) {
-		    $sql.= " LEFT JOIN ".MAIN_DB_PREFIX."actioncomm_resources as r ON a.id = r.fk_actioncomm";
+		    $sql.= " INNER JOIN ".MAIN_DB_PREFIX."actioncomm_resources as r ON a.id = r.fk_actioncomm";
 		    $sql.= " AND r.element_type = '" . $db->escape($objcon->table_element) . "' AND r.fk_element = " . $objcon->id;
 	    }
 

From 21fc089f585c9ce48e70fcdf08db8c62e2d63e88 Mon Sep 17 00:00:00 2001
From: Laurent Destailleur <eldy@destailleur.fr>
Date: Mon, 19 Aug 2019 10:18:38 +0200
Subject: [PATCH 5/5] FIX Translation of month

---
 .../bookkeeping/balancebymonth.php            | 18 ++++----------
 htdocs/compta/resultat/clientfourn.php        | 15 ------------
 htdocs/compta/resultat/result.php             | 24 +++++++++----------
 htdocs/projet/jsgantt_language.js.php         |  4 ++--
 4 files changed, 19 insertions(+), 42 deletions(-)

diff --git a/htdocs/accountancy/bookkeeping/balancebymonth.php b/htdocs/accountancy/bookkeeping/balancebymonth.php
index b9568228a36..1141accd476 100644
--- a/htdocs/accountancy/bookkeeping/balancebymonth.php
+++ b/htdocs/accountancy/bookkeeping/balancebymonth.php
@@ -73,19 +73,11 @@ $y = $year_current;
 print '<table class="noborder" width="100%">';
 print '<tr class="liste_titre">';
 print '<td width=150>' . $langs->trans("Label") . '</td>';
-print '<td class="center">' . $langs->trans("JanuaryMin") . '</td>';
-print '<td class="center">' . $langs->trans("FebruaryMin") . '</td>';
-print '<td class="center">' . $langs->trans("MarchMin") . '</td>';
-print '<td class="center">' . $langs->trans("AprilMin") . '</td>';
-print '<td class="center">' . $langs->trans("MayMin") . '</td>';
-print '<td class="center">' . $langs->trans("JuneMin") . '</td>';
-print '<td class="center">' . $langs->trans("JulyMin") . '</td>';
-print '<td class="center">' . $langs->trans("AugustMin") . '</td>';
-print '<td class="center">' . $langs->trans("SeptemberMin") . '</td>';
-print '<td class="center">' . $langs->trans("OctoberMin") . '</td>';
-print '<td class="center">' . $langs->trans("NovemberMin") . '</td>';
-print '<td class="center">' . $langs->trans("DecemberMin") . '</td>';
-print '<td class="center"><strong>Total</strong></td>';
+for($i = 1; $i <= 12; $i++)
+{
+	print '<td class="right">' . $langs->trans("MonthShort".sprintf("%02s", $i)) . '</td>';
+}
+print '<td class="center"><strong>'.$langs->trans("Total").'</strong></td>';
 print '</tr>';
 
 $sql = "SELECT bk.numero_compte AS 'compte',";
diff --git a/htdocs/compta/resultat/clientfourn.php b/htdocs/compta/resultat/clientfourn.php
index f0a01d1ae04..efeffeb9b8c 100644
--- a/htdocs/compta/resultat/clientfourn.php
+++ b/htdocs/compta/resultat/clientfourn.php
@@ -130,21 +130,6 @@ $AccCat = new AccountancyCategory($db);
  * View
  */
 
-$months = array(
-	$langs->trans("JanuaryMin"),
-	$langs->trans("FebruaryMin"),
-	$langs->trans("MarchMin"),
-	$langs->trans("AprilMin"),
-	$langs->trans("MayMin"),
-	$langs->trans("JuneMin"),
-	$langs->trans("JulyMin"),
-	$langs->trans("AugustMin"),
-	$langs->trans("SeptemberMin"),
-	$langs->trans("OctoberMin"),
-	$langs->trans("NovemberMin"),
-	$langs->trans("DecemberMin"),
-);
-
 llxHeader();
 
 $form=new Form($db);
diff --git a/htdocs/compta/resultat/result.php b/htdocs/compta/resultat/result.php
index 317531884c0..9bbf0501dbd 100644
--- a/htdocs/compta/resultat/result.php
+++ b/htdocs/compta/resultat/result.php
@@ -143,18 +143,18 @@ $AccCat = new AccountancyCategory($db);
  */
 
 $months = array(
-	$langs->trans("JanuaryMin"),
-	$langs->trans("FebruaryMin"),
-	$langs->trans("MarchMin"),
-	$langs->trans("AprilMin"),
-	$langs->trans("MayMin"),
-	$langs->trans("JuneMin"),
-	$langs->trans("JulyMin"),
-	$langs->trans("AugustMin"),
-	$langs->trans("SeptemberMin"),
-	$langs->trans("OctoberMin"),
-	$langs->trans("NovemberMin"),
-	$langs->trans("DecemberMin"),
+	$langs->trans("MonthShort01"),
+	$langs->trans("MonthShort02"),
+	$langs->trans("MonthShort03"),
+	$langs->trans("MonthShort04"),
+	$langs->trans("MonthShort05"),
+	$langs->trans("MonthShort06"),
+	$langs->trans("MonthShort07"),
+	$langs->trans("MonthShort08"),
+	$langs->trans("MonthShort09"),
+	$langs->trans("MonthShort10"),
+	$langs->trans("MonthShort11"),
+	$langs->trans("MonthShort12"),
 );
 
 llxheader('', $langs->trans('ReportInOut'));
diff --git a/htdocs/projet/jsgantt_language.js.php b/htdocs/projet/jsgantt_language.js.php
index 99123cc45ef..322b1c03c28 100644
--- a/htdocs/projet/jsgantt_language.js.php
+++ b/htdocs/projet/jsgantt_language.js.php
@@ -48,8 +48,8 @@ var vLangs={'<?php print $langs->getDefaultLang(1);?>':
     'notes':'<?php print $langs->transnoentities('NotePublic'); ?>',
     'january':'<?php print $langs->transnoentities('January'); ?>','february':'<?php print $langs->transnoentities('February'); ?>','march':'<?php print $langs->transnoentities('March'); ?>','april':'<?php print $langs->transnoentities('April'); ?>','maylong':'<?php print $langs->transnoentities('May'); ?>','june':'<?php print $langs->transnoentities('June'); ?>','july':'<?php print $langs->transnoentities('July'); ?>',
     'august':'<?php print $langs->transnoentities('August'); ?>','september':'<?php print $langs->transnoentities('September'); ?>','october':'<?php print $langs->transnoentities('October'); ?>','november':'<?php print $langs->transnoentities('November'); ?>','december':'<?php print $langs->transnoentities('December'); ?>',
-    'jan':'<?php print $langs->transnoentities('JanuaryMin'); ?>','feb':'<?php print $langs->transnoentities('FebruaryMin'); ?>','mar':'<?php print $langs->transnoentities('MarchMin'); ?>','apr':'<?php print $langs->transnoentities('AprilMin'); ?>','may':'<?php print $langs->transnoentities('MayMin'); ?>','jun':'<?php print $langs->transnoentities('JuneMin'); ?>','jul':'<?php print $langs->transnoentities('JulyMin'); ?>',
-    'aug':'<?php print $langs->transnoentities('AugustMin'); ?>','sep':'<?php print $langs->transnoentities('SeptemberMin'); ?>','oct':'<?php print $langs->transnoentities('OctoberMin'); ?>','nov':'<?php print $langs->transnoentities('NovemberMin'); ?>','dec':'<?php print $langs->transnoentities('DecemberMin'); ?>',
+    'jan':'<?php print $langs->transnoentities('MonthShort01'); ?>','feb':'<?php print $langs->transnoentities('MonthShort02'); ?>','mar':'<?php print $langs->transnoentities('MonthShort03'); ?>','apr':'<?php print $langs->transnoentities('MonthShort04'); ?>','may':'<?php print $langs->transnoentities('MonthShort05'); ?>','jun':'<?php print $langs->transnoentities('MonthShort06'); ?>','jul':'<?php print $langs->transnoentities('MonthShort07'); ?>',
+    'aug':'<?php print $langs->transnoentities('MonthShort08'); ?>','sep':'<?php print $langs->transnoentities('MonthShort09'); ?>','oct':'<?php print $langs->transnoentities('MonthShort10'); ?>','nov':'<?php print $langs->transnoentities('MonthShort11'); ?>','dec':'<?php print $langs->transnoentities('MonthShort12'); ?>',
     'sunday':'<?php print $langs->transnoentities('Sunday'); ?>','monday':'<?php print $langs->transnoentities('Monday'); ?>','tuesday':'<?php print $langs->transnoentities('Tuesday'); ?>','wednesday':'<?php print $langs->transnoentities('Wednesday'); ?>','thursday':'<?php print $langs->transnoentities('Thursday'); ?>','friday':'<?php print $langs->transnoentities('Friday'); ?>','saturday':'<?php print $langs->transnoentities('Saturday'); ?>',
     'sun':'<?php print $langs->transnoentities('SundayMin'); ?>','mon':'<?php print $langs->transnoentities('MondayMin'); ?>','tue':'<?php print $langs->transnoentities('TuesdayMin'); ?>','wed':'<?php print $langs->transnoentities('WednesdayMin'); ?>','thu':'<?php print $langs->transnoentities('ThursdayMin'); ?>','fri':'<?php print $langs->transnoentities('FridayMin'); ?>','sat':'<?php print $langs->transnoentities('SaturdayMin'); ?>'
     }