Fix: ajout d'un jeton alatoire dans les requetes POST
This commit is contained in:
Regis Houssin
parent
1ea80f4f57
commit
d3621e4593
@ -189,6 +189,7 @@ $head = member_prepare_head($adh);
|
||||
dol_fiche_head($head, 'subscription', $langs->trans("Member"));
|
||||
|
||||
print '<form action="fiche.php" method="post">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
print '<table class="border" width="100%">';
|
||||
|
||||
// Ref
|
||||
@ -377,6 +378,7 @@ if ($action == 'addsubscription' && $user->rights->adherent->cotisation->creer)
|
||||
print "\n\n<!-- Form add subscription -->\n";
|
||||
|
||||
print '<form name="cotisation" method="post" action="'.$_SERVER["PHP_SELF"].'">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
print '<input type="hidden" name="action" value="cotisation">';
|
||||
print '<input type="hidden" name="rowid" value="'.$rowid.'">';
|
||||
print "<table class=\"border\" width=\"100%\">\n";
|
||||
|
||||
@ -596,6 +596,7 @@ if ($action == 'edit')
|
||||
if ($conf->societe->enabled) $rowspan++;
|
||||
|
||||
print '<form name="update" action="'.$_SERVER["PHP_SELF"].'" method="post" enctype="multipart/form-data">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
print "<input type=\"hidden\" name=\"action\" value=\"update\">";
|
||||
print "<input type=\"hidden\" name=\"rowid\" value=\"$rowid\">";
|
||||
print "<input type=\"hidden\" name=\"statut\" value=\"".$adh->statut."\">";
|
||||
@ -740,6 +741,7 @@ if ($action == 'create')
|
||||
print_fiche_titre($langs->trans("NewMember"));
|
||||
|
||||
print '<form name="add" action="'.$_SERVER["PHP_SELF"].'" method="post" enctype="multipart/form-data">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
print '<input type="hidden" name="action" value="add">';
|
||||
|
||||
print '<table class="border" width="100%">';
|
||||
@ -980,6 +982,7 @@ if ($rowid && $action != 'edit')
|
||||
if ($conf->societe->enabled) $rowspan++;
|
||||
|
||||
print '<form action="fiche.php" method="post" enctype="multipart/form-data">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
print '<table class="border" width="100%">';
|
||||
|
||||
// Ref
|
||||
|
||||
@ -191,6 +191,7 @@ if ($user->rights->adherent->cotisation->creer && $action == 'edit')
|
||||
|
||||
print "\n";
|
||||
print '<form name="update" action="'.$_SERVER["PHP_SELF"].'" method="post">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
print "<input type=\"hidden\" name=\"action\" value=\"update\">";
|
||||
print "<input type=\"hidden\" name=\"rowid\" value=\"$rowid\">";
|
||||
print "<input type=\"hidden\" name=\"fk_bank\" value=\"".$subscription->fk_bank."\">";
|
||||
@ -302,6 +303,7 @@ if ($rowid && $action != 'edit')
|
||||
}
|
||||
|
||||
print '<form action="'.$_SERVER["PHP_SELF"].'" method="post">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
print '<table class="border" width="100%">';
|
||||
|
||||
// Ref
|
||||
|
||||
@ -119,6 +119,7 @@ print '<tr><td width="30%" class="notopnoleft" valign="top">';
|
||||
|
||||
// Formulaire recherche adherent
|
||||
print '<form action="liste.php" method="post">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
print '<input type="hidden" name="action" value="search">';
|
||||
print '<table class="noborder" width="100%">';
|
||||
print '<tr class="liste_titre">';
|
||||
|
||||
@ -165,6 +165,7 @@ if ($_GET["action"] == 'create')
|
||||
print_titre($langs->trans('NewAttribute'));
|
||||
|
||||
print '<form action="options.php" method="post">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
print '<table class="border" width="100%">';
|
||||
|
||||
print '<input type="hidden" name="action" value="add">';
|
||||
@ -200,6 +201,7 @@ if ($_GET["attrname"] && $_GET["action"] == 'edit')
|
||||
* formulaire d'edition
|
||||
*/
|
||||
print '<form method="post" action="options.php?attrname='.$_GET["attrname"].'">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
print '<input type="hidden" name="attrname" value="'.$_GET["attrname"].'">';
|
||||
print '<input type="hidden" name="action" value="update">';
|
||||
print '<table class="border" width="100%">';
|
||||
|
||||
@ -332,6 +332,7 @@ if ($rowid > 0)
|
||||
|
||||
|
||||
print '<form method="post" action="'.$_SERVER["PHP_SELF"].'?rowid='.$rowid.'">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
print '<input type="hidden" name="rowid" value="'.$rowid.'">';
|
||||
print '<input type="hidden" name="action" value="update">';
|
||||
print '<table class="border" width="100%">';
|
||||
|
||||
@ -98,6 +98,7 @@ $form = new Form($db);
|
||||
// Mail required for members
|
||||
$var=!$var;
|
||||
print '<form action="adherent.php" method="POST">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
print '<input type="hidden" name="action" value="update">';
|
||||
print '<input type="hidden" name="rowid" value="'.$rowid.'">';
|
||||
print '<input type="hidden" name="constname" value="ADHERENT_MAIL_REQUIRED">';
|
||||
@ -111,6 +112,7 @@ print '</form>';
|
||||
// Send mail information is on by default
|
||||
$var=!$var;
|
||||
print '<form action="adherent.php" method="POST">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
print '<input type="hidden" name="action" value="update">';
|
||||
print '<input type="hidden" name="rowid" value="'.$rowid.'">';
|
||||
print '<input type="hidden" name="constname" value="ADHERENT_DEFAULT_SENDINFOBYMAIL">';
|
||||
@ -127,6 +129,7 @@ print '</form>';
|
||||
// Insertion cotisations dans compte financier
|
||||
$var=!$var;
|
||||
print '<form action="adherent.php" method="POST">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
print '<input type="hidden" name="action" value="update">';
|
||||
print '<input type="hidden" name="rowid" value="'.$rowid.'">';
|
||||
print '<input type="hidden" name="constname" value="ADHERENT_BANK_USE">';
|
||||
@ -269,6 +272,7 @@ $constantes=array(
|
||||
$obj = $db->fetch_object($result);
|
||||
$var=!$var;
|
||||
print '<form action="adherent.php" method="POST">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
print '<input type="hidden" name="action" value="update">';
|
||||
print '<input type="hidden" name="rowid" value="'.$rowid.'">';
|
||||
print '<input type="hidden" name="constname" value="'.$obj->name.'">';
|
||||
|
||||
@ -102,6 +102,7 @@ dol_fiche_head($head, 'autoactions', $langs->trans("Agenda"));
|
||||
|
||||
|
||||
print '<form action="'.$_SERVER["PHP_SELF"].'" method="POST">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
print '<input type="hidden" name="action" value="save">';
|
||||
|
||||
$var=true;
|
||||
|
||||
@ -81,6 +81,7 @@ dol_fiche_head($head, 'xcal', $langs->trans("Agenda"));
|
||||
|
||||
|
||||
print '<form name="agendasetupform" action="'.$_SERVER["PHP_SELF"].'" method="post">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
print "<table class=\"noborder\" width=\"100%\">";
|
||||
|
||||
print "<tr class=\"liste_titre\">";
|
||||
|
||||
@ -230,6 +230,7 @@ if (!isset($_ENV['windir']) && !file_exists($_ENV['windir']))
|
||||
{
|
||||
$var=!$var;
|
||||
print '<form method="post" action="'.$_SERVER["PHP_SELF"].'">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
print '<input type="hidden" name="action" value="setgenbarcodelocation">';
|
||||
print '<tr '.$bc[$var].'>';
|
||||
print '<td>'.$langs->trans("GenbarcodeLocation").'</td>';
|
||||
|
||||
@ -63,6 +63,7 @@ if ($mesg) print '<br>'.$mesg;
|
||||
|
||||
print '<br>';
|
||||
print '<form method="post" action="'.$_SERVER["PHP_SELF"].'">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
print '<input type="hidden" name="action" value="setvalue">';
|
||||
|
||||
$var=true;
|
||||
|
||||
@ -139,6 +139,7 @@ print '<br>';
|
||||
|
||||
$var=true;
|
||||
print '<form name="oscommerceconfig" action="'.$_SERVER["PHP_SELF"].'" method="post">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
print "<table class=\"noborder\" width=\"100%\">";
|
||||
print "<tr class=\"liste_titre\">";
|
||||
print "<td width=\"40%\">".$langs->trans("Parameter")."</td>";
|
||||
|
||||
@ -276,6 +276,7 @@ if ($resql)
|
||||
$var = ! $var;
|
||||
|
||||
print '<form action="'.$_SERVER["PHP_SELF"].'" method="POST">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
$logo=eregi_replace("^object_","",$box->boximg);
|
||||
print '<tr '.$bc[$var].'>';
|
||||
print '<td>'.img_object("",$logo).' '.$box->boxlabel.'</td>';
|
||||
@ -388,6 +389,7 @@ print '<table class="noborder" width="100%">';
|
||||
|
||||
$var=false;
|
||||
print '<form action="'.$_SERVER["PHP_SELF"].'" method="POST">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
print '<input type="hidden" name="action" value="addconst">';
|
||||
print "<tr $bc[$var] class=value><td>";
|
||||
print $langs->trans("MaxNbOfLinesForBoxes")."</td>\n";
|
||||
|
||||
@ -69,6 +69,7 @@ print '<br>';
|
||||
// Mode
|
||||
$var=true;
|
||||
print '<form action="'.$_SERVER["PHP_SELF"].'" method="post">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
print '<input type="hidden" name="action" value="set">';
|
||||
|
||||
print '<table class="noborder" width="100%">';
|
||||
|
||||
@ -63,6 +63,7 @@ if ($mesg) print '<br>'.$mesg;
|
||||
|
||||
print '<br>';
|
||||
print '<form method="post" action="clicktodial.php">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
print '<input type="hidden" name="action" value="setvalue">';
|
||||
|
||||
$var=true;
|
||||
|
||||
@ -422,6 +422,7 @@ $var=true;
|
||||
/*
|
||||
$var=! $var;
|
||||
print '<form action="'.$_SERVER["PHP_SELF"].'" method="post">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
print '<input type="hidden" name="action" value="setvalidorder">';
|
||||
print '<tr '.$bc[$var].'>';
|
||||
print '<td>'.$langs->trans("ValidOrderAfterPropalClosed").'</td>';
|
||||
@ -435,6 +436,7 @@ print '</form>';
|
||||
/*
|
||||
$var=! $var;
|
||||
print '<form action="'.$_SERVER["PHP_SELF"].'" method="post">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
print '<input type="hidden" name="action" value="deliverycostline">';
|
||||
print '<tr '.$bc[$var].'>';
|
||||
print '<td>'.$langs->trans("AddDeliveryCostLine").'</td>';
|
||||
@ -447,6 +449,7 @@ print '</form>';
|
||||
// Utiliser le contact de la commande dans le document
|
||||
$var=! $var;
|
||||
print '<form action="'.$_SERVER["PHP_SELF"].'" method="post">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
print '<input type="hidden" name="action" value="set_use_customer_contact_as_recipient">';
|
||||
print '<tr '.$bc[$var].'>';
|
||||
print '<td>'.$langs->trans("UseCustomerContactAsOrderRecipientIfExist").'</td>';
|
||||
@ -457,6 +460,7 @@ print '</form>';
|
||||
|
||||
$var=! $var;
|
||||
print '<form action="'.$_SERVER["PHP_SELF"].'" method="post">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
print '<input type="hidden" name="action" value="set_COMMANDE_FREE_TEXT">';
|
||||
print '<tr '.$bc[$var].'><td colspan="2">';
|
||||
print $langs->trans("FreeLegalTextOnOrders").'<br>';
|
||||
|
||||
@ -211,6 +211,7 @@ if ((isset($_GET["action"]) && $_GET["action"] == 'edit')
|
||||
*/
|
||||
|
||||
print '<form enctype="multipart/form-data" method="post" action="'.$_SERVER["PHP_SELF"].'" name="form_index">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
print '<input type="hidden" name="action" value="update">';
|
||||
$var=true;
|
||||
|
||||
@ -576,6 +577,7 @@ else
|
||||
|
||||
// Identifiants de la société (propre au pays)
|
||||
print '<form name="formsoc" method="post">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
print '<table class="noborder" width="100%">';
|
||||
print '<tr class="liste_titre"><td>'.$langs->trans("CompanyIds").'</td><td>'.$langs->trans("Value").'</td></tr>';
|
||||
$var=true;
|
||||
|
||||
@ -86,6 +86,7 @@ print '<table class="noborder" width="100%">';
|
||||
|
||||
// Cas du parametre COMPTA_MODE
|
||||
print '<form action="'.$_SERVER["PHP_SELF"].'" method="post">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
print '<input type="hidden" name="action" value="setcomptamode">';
|
||||
print '<tr class="liste_titre">';
|
||||
print '<td>'.$langs->trans('OptionMode').'</td><td>'.$langs->trans('Description').'</td>';
|
||||
@ -141,6 +142,7 @@ if ($result)
|
||||
$var=!$var;
|
||||
|
||||
print '<form action="compta.php" method="POST">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
print '<input type="hidden" name="action" value="update">';
|
||||
print '<input type="hidden" name="rowid" value="'.$rowid.'">';
|
||||
print '<input type="hidden" name="constname" value="'.$obj->name.'">';
|
||||
|
||||
@ -87,6 +87,7 @@ print '<table class="noborder" width="100%">';
|
||||
|
||||
// Cas du param<61>tre COMPTA_MODE
|
||||
print '<form action="compta.php" method="post">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
print '<input type="hidden" name="action" value="setcomptamode">';
|
||||
print '<tr class="liste_titre">';
|
||||
print '<td>'.$langs->trans('OptionMode').'</td><td>'.$langs->trans('Description').'</td>';
|
||||
@ -128,6 +129,7 @@ if ($result)
|
||||
$var=!$var;
|
||||
|
||||
print '<form action="compta.php" method="POST">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
print '<input type="hidden" name="action" value="update">';
|
||||
print '<input type="hidden" name="rowid" value="'.$rowid.'">';
|
||||
print '<input type="hidden" name="constname" value="'.$obj->name.'">';
|
||||
|
||||
@ -77,6 +77,7 @@ $form = new Form($db);
|
||||
# Affiche ligne d'ajout
|
||||
$var=false;
|
||||
print '<form action="const.php" method="POST">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
print '<input type="hidden" name="action" value="add">';
|
||||
|
||||
print "<tr $bc[$var] class=value><td><input type=\"text\" class=\"flat\" size=\"24\" name=\"constname\" value=\"\"></td>\n";
|
||||
@ -134,12 +135,10 @@ if ($result)
|
||||
|
||||
print "\n";
|
||||
print '<form action="'.DOL_URL_ROOT.'/admin/const.php" method="POST">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
print '<input type="hidden" name="action" value="update">';
|
||||
print '<input type="hidden" name="rowid" value="'.$obj->rowid.'">';
|
||||
print '<input type="hidden" name="constname" value="'.$obj->name.'">';
|
||||
|
||||
// Ajout du nouveau jeton dans les requetes POST
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
|
||||
print "<tr $bc[$var] class=value><td>$obj->name</td>\n";
|
||||
|
||||
|
||||
@ -74,6 +74,7 @@ $countrynotdefined='<font class="error">'.$langs->trans("ErrorSetACountryFirst")
|
||||
if ((isset($_GET["action"]) && $_GET["action"] == 'edit'))
|
||||
{
|
||||
print '<form method="post" action="delais.php" name="form_index">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
print '<input type="hidden" name="action" value="update">';
|
||||
$var=true;
|
||||
|
||||
|
||||
@ -485,6 +485,7 @@ if ($_GET["id"])
|
||||
$fieldlist=split(',',$tabfield[$_GET["id"]]);
|
||||
|
||||
print '<form action="dict.php" method="post">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
print '<table class="noborder" width="100%">';
|
||||
|
||||
// Ligne d'ajout
|
||||
@ -606,6 +607,7 @@ if ($_GET["id"])
|
||||
if ($_GET["action"] == 'modify' && ($_GET["rowid"] == ($obj->rowid?$obj->rowid:$obj->code)))
|
||||
{
|
||||
print '<form action="dict.php" method="post">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
print '<input type="hidden" name="id" value="'.$_GET["id"].'">';
|
||||
print '<input type="hidden" name="rowid" value="'.$_GET["rowid"].'">';
|
||||
fieldList($fieldlist,$obj);
|
||||
|
||||
@ -83,6 +83,7 @@ $form = new Form($db);
|
||||
// Categorie
|
||||
$var=!$var;
|
||||
print '<form action="droitpret.php" method="POST">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
print '<input type="hidden" name="action" value="update">';
|
||||
print '<input type="hidden" name="rowid" value="'.$rowid.'">';
|
||||
print '<input type="hidden" name="constname" value="DROITPRET_CAT">';
|
||||
@ -99,6 +100,7 @@ print '</form>';
|
||||
// Adresse destination
|
||||
$var=!$var;
|
||||
print '<form action="droitpret.php" method="POST">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
print '<input type="hidden" name="action" value="update">';
|
||||
print '<input type="hidden" name="rowid" value="'.$rowid.'">';
|
||||
print '<input type="hidden" name="constname" value="DROITPRET_MAIL">';
|
||||
|
||||
@ -68,6 +68,7 @@ print_fiche_titre($langs->trans("Configuration du module Editeur"),$linkback,'se
|
||||
print '<br>';
|
||||
|
||||
print '<form action="editeur.php" method="POST">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
print '<table class="noborder" width="100%">';
|
||||
|
||||
print '<input type="hidden" name="action" value="set">';
|
||||
|
||||
@ -50,6 +50,7 @@ print_fiche_titre($langs->trans("Energy"),$linkback,'setup');
|
||||
|
||||
print '<br>';
|
||||
print '<form method="post" action="energie.php">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
print '<input type="hidden" name="action" value="setvalue">';
|
||||
print '<table class="border">';
|
||||
print '<tr class="liste_titre">';
|
||||
|
||||
@ -116,6 +116,7 @@ dol_fiche_head($head, 'audit', $langs->trans("Security"));
|
||||
|
||||
|
||||
print '<form action="'.$_SERVER["PHP_SELF"].'" method="POST">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
print '<input type="hidden" name="action" value="save">';
|
||||
|
||||
$var=true;
|
||||
|
||||
@ -189,6 +189,7 @@ print '<br>';
|
||||
|
||||
// Formulaire ajout
|
||||
print '<form name="externalrssconfig" action="external_rss.php" method="post">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
|
||||
print '<table class="noborder" width="100%">';
|
||||
print '<tr class="liste_titre">';
|
||||
|
||||
@ -470,6 +470,7 @@ print '<br>';
|
||||
print_titre($langs->trans("SuggestedPaymentModesIfNotDefinedInInvoice"));
|
||||
|
||||
print '<form action="'.$_SERVER["PHP_SELF"].'" method="post">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
|
||||
print '<table class="noborder" width="100%">';
|
||||
$var=True;
|
||||
@ -571,6 +572,7 @@ $var=true;
|
||||
// Force date validation
|
||||
$var=! $var;
|
||||
print '<form action="'.$_SERVER["PHP_SELF"].'" method="post">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
print '<input type="hidden" name="action" value="setforcedate">';
|
||||
print '<tr '.$bc[$var].'><td>';
|
||||
print $langs->trans("ForceInvoiceDate");
|
||||
@ -584,6 +586,7 @@ print '</form>';
|
||||
// Active la possibilite d'editer/supprimer une facture validee sans paiement
|
||||
$var=! $var;
|
||||
print '<form action="'.$_SERVER["PHP_SELF"].'" method="post">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
print '<input type="hidden" name="action" value="set_enable_editdelete">';
|
||||
print '<tr '.$bc[$var].'><td>';
|
||||
print $langs->trans("EnableEditDeleteValidInvoice");
|
||||
@ -596,6 +599,7 @@ print '</form>';
|
||||
|
||||
$var=! $var;
|
||||
print '<form action="'.$_SERVER["PHP_SELF"].'" method="post">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
print '<input type="hidden" name="action" value="set_use_bill_contact_as_recipient">';
|
||||
print '<tr '.$bc[$var].'><td>';
|
||||
print $langs->trans("UsBillingContactAsIncoiveRecipientIfExist");
|
||||
@ -608,6 +612,7 @@ print '</form>';
|
||||
|
||||
$var=! $var;
|
||||
print '<form action="'.$_SERVER["PHP_SELF"].'" method="post">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
print '<input type="hidden" name="action" value="set_FACTURE_FREE_TEXT">';
|
||||
print '<tr '.$bc[$var].'><td colspan="2">';
|
||||
print $langs->trans("FreeLegalTextOnInvoices").'<br>';
|
||||
|
||||
@ -103,6 +103,7 @@ print "<br>\n";
|
||||
if (isset($_GET["action"]) && $_GET["action"] == 'edit')
|
||||
{
|
||||
print '<form method="post" action="'.$_SERVER["PHP_SELF"].'">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
print '<input type="hidden" name="action" value="update">';
|
||||
|
||||
clearstatcache();
|
||||
|
||||
@ -96,6 +96,7 @@ $html=new Form($db);
|
||||
|
||||
|
||||
print '<form method="post" action="'.$_SERVER["PHP_SELF"].'?action=setvalue">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
|
||||
print '<table class="noborder" width="100%">';
|
||||
|
||||
|
||||
@ -97,6 +97,7 @@ print $langs->trans("LDAPDescContact").'<br>';
|
||||
print '<br>';
|
||||
|
||||
print '<form method="post" action="'.$_SERVER["PHP_SELF"].'?action=setvalue">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
|
||||
$html=new Form($db);
|
||||
|
||||
|
||||
@ -89,6 +89,7 @@ print '<br>';
|
||||
|
||||
|
||||
print '<form method="post" action="'.$_SERVER["PHP_SELF"].'?action=setvalue">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
|
||||
$html=new Form($db);
|
||||
|
||||
|
||||
@ -112,6 +112,7 @@ print '<br>';
|
||||
|
||||
|
||||
print '<form method="post" action="'.$_SERVER["PHP_SELF"].'?action=setvalue">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
|
||||
$html=new Form($db);
|
||||
|
||||
|
||||
@ -100,6 +100,7 @@ print '<br>';
|
||||
|
||||
|
||||
print '<form method="post" action="'.$_SERVER["PHP_SELF"].'?action=setvalue">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
|
||||
|
||||
$html=new Form($db);
|
||||
|
||||
@ -71,6 +71,7 @@ if ($mesg) print $mesg.'<br>';
|
||||
if (isset($_GET["action"]) && $_GET["action"] == 'edit')
|
||||
{
|
||||
print '<form method="post" action="'.$_SERVER["PHP_SELF"].'">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
print '<input type="hidden" name="action" value="update">';
|
||||
|
||||
clearstatcache();
|
||||
|
||||
@ -420,6 +420,7 @@ $var=true;
|
||||
|
||||
$var=! $var;
|
||||
print '<form action="'.$_SERVER["PHP_SELF"].'" method="post">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
print '<input type="hidden" name="action" value="set_DELIVERY_FREE_TEXT">';
|
||||
print '<tr '.$bc[$var].'><td colspan="2">';
|
||||
print $langs->trans("FreeLegalTextOnDeliveryReceipts").'<br>';
|
||||
|
||||
@ -63,6 +63,7 @@ if ($mesg) print '<br>'.$mesg;
|
||||
|
||||
print '<br>';
|
||||
print '<form method="post" action="'.$_SERVER["PHP_SELF"].'">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
print '<input type="hidden" name="action" value="setvalue">';
|
||||
|
||||
$var=true;
|
||||
|
||||
@ -205,6 +205,7 @@ if (isset($_GET["action"]) && $_GET["action"] == 'edit')
|
||||
$html=new Form($db);
|
||||
|
||||
print '<form method="post" action="'.$_SERVER["PHP_SELF"].'">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
print '<input type="hidden" name="action" value="update">';
|
||||
|
||||
clearstatcache();
|
||||
|
||||
@ -137,6 +137,7 @@ print '<br>';
|
||||
|
||||
|
||||
print '<form name="phpmantisconfig" action="'.$_SERVER["PHP_SELF"].'" method="post">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
print "<table class=\"noborder\" width=\"100%\">";
|
||||
|
||||
print "<tr class=\"liste_titre\">";
|
||||
|
||||
@ -113,6 +113,7 @@ dol_fiche_head($head, 'handler', $langs->trans("Menus"));
|
||||
if (isset($_GET["action"]) && $_GET["action"] == 'edit')
|
||||
{
|
||||
print '<form method="post" action="'.$_SERVER["PHP_SELF"].'">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
print '<input type="hidden" name="action" value="update">';
|
||||
|
||||
clearstatcache();
|
||||
|
||||
@ -294,6 +294,7 @@ if (isset($_GET["action"]) && $_GET["action"] == 'create')
|
||||
else print '<br>';
|
||||
|
||||
print '<form action="./edit.php?action=add&menuId='.$_GET['menuId'].'" method="post" name="formmenucreate">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
|
||||
print '<table class="border" width="100%">';
|
||||
|
||||
@ -398,6 +399,7 @@ elseif (isset($_GET["action"]) && $_GET["action"] == 'edit')
|
||||
print '<br>';
|
||||
|
||||
print '<form action="./edit.php?action=update" method="POST" name="formmenuedit">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
print '<input type="hidden" name="handler_origine" value="'.$menu_handler.'">';
|
||||
|
||||
print '<table class="border" width="100%">';
|
||||
@ -515,6 +517,7 @@ elseif (isset($_GET["action"]) && $_GET["action"] == 'edit')
|
||||
|
||||
// Ajout de contraintes personalisees
|
||||
print '<form action="edit.php?action=add_const" method="post">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
print '<input type="hidden" name="menuId" value="'.$_GET['menuId'].'">';
|
||||
print '<input type="hidden" name="type" value="perso">';
|
||||
|
||||
@ -528,6 +531,7 @@ elseif (isset($_GET["action"]) && $_GET["action"] == 'edit')
|
||||
|
||||
// Ajout de contraintes predefinis
|
||||
print '<form action="edit.php?action=add_const" method="post">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
print '<input type="hidden" name="menuId" value="'.$_GET['menuId'].'">';
|
||||
print '<input type="hidden" name="type" value="prede">';
|
||||
|
||||
|
||||
@ -65,6 +65,7 @@ if ($mesg) print '<br>'.$mesg;
|
||||
|
||||
print '<br>';
|
||||
print '<form method="post" action="'.$_SERVER["PHP_SELF"].'">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
print '<input type="hidden" name="action" value="setvalue">';
|
||||
|
||||
$var=true;
|
||||
|
||||
@ -80,6 +80,7 @@ if ($mesg) print '<br>'.$mesg;
|
||||
|
||||
print '<br>';
|
||||
print '<form method="post" action="'.$_SERVER["PHP_SELF"].'">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
print '<input type="hidden" name="action" value="setvalue">';
|
||||
|
||||
$var=true;
|
||||
|
||||
@ -159,6 +159,7 @@ print '<br>';
|
||||
|
||||
|
||||
print '<form name="phpphenixconfig" action="'.$_SERVER["PHP_SELF"].'" method="post">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
print "<table class=\"noborder\" width=\"100%\">";
|
||||
|
||||
print "<tr class=\"liste_titre\">";
|
||||
|
||||
@ -436,6 +436,7 @@ print '</form>';
|
||||
|
||||
$var=! $var;
|
||||
print '<form action="'.$_SERVER["PHP_SELF"].'" method="post">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
print '<input type="hidden" name="action" value="setusecustomercontactasrecipient">';
|
||||
print '<tr '.$bc[$var].'><td>';
|
||||
print $langs->trans("UseCustomerContactAsPropalRecipientIfExist");
|
||||
@ -463,6 +464,7 @@ if ($conf->commande->enabled)
|
||||
|
||||
$var=! $var;
|
||||
print '<form action="'.$_SERVER["PHP_SELF"].'" method="post">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
print '<input type="hidden" name="action" value="set_PROPALE_FREE_TEXT">';
|
||||
print '<tr '.$bc[$var].'><td colspan="2">';
|
||||
print $langs->trans("FreeLegalTextOnProposal").'<br>';
|
||||
|
||||
@ -178,6 +178,7 @@ $html = new Form($db);
|
||||
|
||||
// Choix du gestionnaire du générateur de mot de passe
|
||||
print '<form action="'.$_SERVER["PHP_SELF"].'" method="POST">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
print '<input type="hidden" name="action" value="update">';
|
||||
print '<input type="hidden" name="constname" value="USER_PASSWORD_GENERATED">';
|
||||
print '<input type="hidden" name="consttype" value="yesno">';
|
||||
|
||||
@ -120,6 +120,7 @@ print "</tr>\n";
|
||||
|
||||
|
||||
print '<form action="'.$_SERVER["PHP_SELF"].'?action=set_main_upload_doc" method="POST">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
print '<tr '.$bc[$var].'>';
|
||||
print '<td colspan="2">'.$langs->trans("MaxSizeForUploadedFiles").'.';
|
||||
$max=@ini_get('upload_max_filesize');
|
||||
@ -136,6 +137,7 @@ print '</tr></form>';
|
||||
|
||||
$var=!$var;
|
||||
print '<form action="'.$_SERVER["PHP_SELF"].'?action=MAIN_UMASK" method="POST">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
print '<tr '.$bc[$var].'>';
|
||||
print '<td>'.$langs->trans("UMask").'</td><td align="right">';
|
||||
print $form->textwithpicto('',$langs->trans("UMaskExplanation"));
|
||||
@ -151,6 +153,7 @@ print '</tr></form>';
|
||||
$var=!$var;
|
||||
if (empty($conf->global->MAIN_SESSION_TIMEOUT)) $conf->global->MAIN_SESSION_TIMEOUT=ini_get("session.gc_maxlifetime");
|
||||
print '<form action="'.$_SERVER["PHP_SELF"].'?action=MAIN_SESSION_TIMEOUT" method="POST">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
print '<tr '.$bc[$var].'>';
|
||||
print '<td>'.$langs->trans("SessionTimeOut").'</td><td align="right">';
|
||||
print $form->textwithpicto('',$langs->trans("SessionExplanation",ini_get("session.gc_probability"),ini_get("session.gc_divisor")));
|
||||
|
||||
@ -115,6 +115,7 @@ print_titre($langs->trans("SyslogOutput"));
|
||||
|
||||
// Mode
|
||||
print '<form action="'.$_SERVER["PHP_SELF"].'" method="post">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
print '<input type="hidden" name="action" value="set">';
|
||||
print '<table class="noborder" width="100%">';
|
||||
print '<tr class="liste_titre">';
|
||||
@ -140,6 +141,7 @@ print "</form>\n";
|
||||
|
||||
// Level
|
||||
print '<form action="syslog.php" method="post">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
print '<input type="hidden" name="action" value="setlevel">';
|
||||
print '<table class="noborder" width="100%">';
|
||||
print '<tr class="liste_titre">';
|
||||
|
||||
@ -84,6 +84,7 @@ print '<table class="noborder" width="100%">';
|
||||
|
||||
// Cas du parametre TAX_MODE
|
||||
print '<form action="'.$_SERVER["PHP_SELF"].'" method="post">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
print '<input type="hidden" name="action" value="settaxmode">';
|
||||
print '<tr class="liste_titre">';
|
||||
print '<td>'.$langs->trans('OptionVatMode').'</td><td>'.$langs->trans('Description').'</td>';
|
||||
|
||||
@ -66,6 +66,7 @@ if ($_GET["msg"])
|
||||
|
||||
<!-- Dump of a server -->
|
||||
<form method="post" action="export.php" name="dump">
|
||||
<input type="hidden" name="token" value="<?php echo $_SESSION['newtoken'] ?>" />
|
||||
|
||||
<input type="hidden" name="export_type" value="server" />
|
||||
|
||||
|
||||
@ -254,6 +254,7 @@ if (is_array($resCached) || is_array($resRemoved))
|
||||
{
|
||||
print "<br>";
|
||||
print '<form name="ea_control" method="post">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
print '<table class="noborder">';
|
||||
print '<tr class="liste_titre"><td colspan="2">Actions</td></tr>';
|
||||
|
||||
|
||||
@ -105,6 +105,7 @@ if ($message)
|
||||
}
|
||||
|
||||
print '<form action="'.$_SERVER["PHP_SELF"].'" method="POST">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
|
||||
print '<input type="hidden" name="action" value="purge">';
|
||||
|
||||
|
||||
@ -157,6 +157,7 @@ print '<br>';
|
||||
|
||||
|
||||
print '<form name="phpwebcalendarconfig" action="'.$_SERVER["PHP_SELF"].'" method="post">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
print "<table class=\"noborder\" width=\"100%\">";
|
||||
|
||||
print "<tr class=\"liste_titre\">";
|
||||
|
||||
@ -64,6 +64,7 @@ if ($mesg) print '<br>'.$mesg;
|
||||
/*
|
||||
print '<br>';
|
||||
print '<form method="post" action="'.$_SERVER["PHP_SELF"].'">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
print '<input type="hidden" name="action" value="setvalue">';
|
||||
|
||||
$var=true;
|
||||
|
||||
@ -134,6 +134,7 @@ if ($action == 'create')
|
||||
*/
|
||||
|
||||
print '<form action="fiche.php" method="post">'."\n";
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
print '<input type="hidden" name="action" value="add">';
|
||||
|
||||
print_fiche_titre($langs->trans("NewBookmark"));
|
||||
@ -180,6 +181,7 @@ if ($_GET["id"] > 0 && ! eregi('^add',$_GET["action"]))
|
||||
if ($_GET["action"] == 'edit')
|
||||
{
|
||||
print '<form name="edit" method="POST" action="'.$_SERVER["PHP_SELF"].'">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
print '<input type="hidden" name="action" value="update">';
|
||||
print '<input type="hidden" name="id" value="'.$bookmark->id.'">';
|
||||
print '<input type="hidden" name="urlsource" value="'.urlencode(DOL_URL_ROOT.'/bookmarks/fiche.php?id='.$bookmark->id).'">';
|
||||
|
||||
@ -62,8 +62,8 @@ if ( $_SESSION['uid'] > 0 ) {
|
||||
<div class="contenu">
|
||||
<div class="principal_login">
|
||||
<fieldset class="cadre_facturation"><legend class="titre1">Identification</legend>
|
||||
<form class="formulaire_login" id="frmLogin" method="post"
|
||||
action="index_verif.php">
|
||||
<form class="formulaire_login" id="frmLogin" method="post" action="index_verif.php">
|
||||
<input type="hidden" name="token" value="<?php echo $_SESSION['newtoken'] ?>" />
|
||||
|
||||
<table>
|
||||
|
||||
|
||||
@ -1619,6 +1619,7 @@ class Form
|
||||
{
|
||||
print '<form method="post" action="'.$page.'" class="notoptoleftroright">';
|
||||
print '<input type="hidden" name="action" value="'.$action.'">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
|
||||
print '<table width="100%" class="valid">';
|
||||
|
||||
@ -1675,6 +1676,7 @@ class Form
|
||||
{
|
||||
print '<form method="post" action="'.$page.'">';
|
||||
print '<input type="hidden" name="action" value="classin">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
print '<table class="noborder" cellpadding="0" cellspacing="0">';
|
||||
print '<tr><td>';
|
||||
select_projects($socid,$selected,$htmlname);
|
||||
@ -1709,6 +1711,7 @@ class Form
|
||||
{
|
||||
print '<form method="post" action="'.$page.'">';
|
||||
print '<input type="hidden" name="action" value="setconditions">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
print '<table class="noborder" cellpadding="0" cellspacing="0">';
|
||||
print '<tr><td>';
|
||||
$this->select_conditions_paiements($selected,$htmlname,-1,$addempty);
|
||||
@ -1743,6 +1746,7 @@ class Form
|
||||
{
|
||||
print '<form method="post" action="'.$page.'" name="form'.$htmlname.'">';
|
||||
print '<input type="hidden" name="action" value="set'.$htmlname.'">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
print '<table class="noborder" cellpadding="0" cellspacing="0">';
|
||||
print '<tr><td>';
|
||||
print $this->select_date($selected,$htmlname,0,0,1,'form'.$htmlname);
|
||||
@ -1776,6 +1780,7 @@ class Form
|
||||
{
|
||||
print '<form method="post" action="'.$page.'">';
|
||||
print '<input type="hidden" name="action" value="setmode">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
print '<table class="noborder" cellpadding="0" cellspacing="0">';
|
||||
print '<tr><td>';
|
||||
$this->select_types_paiements($selected,$htmlname);
|
||||
@ -1813,6 +1818,7 @@ class Form
|
||||
{
|
||||
print '<form method="post" action="'.$page.'">';
|
||||
print '<input type="hidden" name="action" value="setabsolutediscount">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
print '<table class="nobordernopadding" cellpadding="0" cellspacing="0">';
|
||||
print '<tr><td>';
|
||||
if (! $filter || $filter=='fk_facture_source IS NULL') print $langs->trans("CompanyHasAbsoluteDiscount",price($amount),$langs->transnoentities("Currency".$conf->monnaie)).': ';
|
||||
@ -1860,6 +1866,7 @@ class Form
|
||||
{
|
||||
print '<form method="post" action="'.$page.'">';
|
||||
print '<input type="hidden" name="action" value="set_contact">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
print '<table class="noborder" cellpadding="0" cellspacing="0">';
|
||||
print '<tr><td>';
|
||||
$num=$this->select_contacts($societe->id, $selected, $htmlname);
|
||||
@ -1903,6 +1910,7 @@ class Form
|
||||
{
|
||||
print '<form method="post" action="'.$page.'">';
|
||||
print '<input type="hidden" name="action" value="setdeliveryadress">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
print '<table class="noborder" cellpadding="0" cellspacing="0">';
|
||||
print '<tr><td>';
|
||||
$this->select_adresse_livraison($selected, $socid, $htmlname, 1);
|
||||
|
||||
@ -135,6 +135,7 @@ class FormCompany
|
||||
|
||||
print '<form method="post" action="'.$page.'">';
|
||||
print '<input type="hidden" name="action" value="setprospectlevel">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
print '<table class="noborder" cellpadding="0" cellspacing="0">';
|
||||
print '<tr><td>';
|
||||
|
||||
|
||||
@ -65,6 +65,7 @@ class FormFile
|
||||
|
||||
print '<form name="userfile" action="'.$url.'" enctype="multipart/form-data" method="POST">';
|
||||
print '<input type="hidden" name="section" value="'.$sectionid.'">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
|
||||
print '<table width="100%" class="noborder">';
|
||||
print '<tr><td width="50%" valign="top">';
|
||||
@ -294,6 +295,7 @@ class FormFile
|
||||
|
||||
if (empty($noform)) print '<form action="'.$urlsource.'#builddoc" method="post">';
|
||||
print '<input type="hidden" name="action" value="builddoc">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
|
||||
print_titre($langs->trans("BuildDocuments"));
|
||||
print '<table class="border" width="100%">';
|
||||
|
||||
@ -1097,6 +1097,7 @@ function printSearchForm($urlaction,$urlobject,$title,$htmlmodesearch='search',$
|
||||
$ret.='<a class="vsmenu" href="'.$urlobject.'">';
|
||||
$ret.=$title.'</a><br>';
|
||||
$ret.='</div>';
|
||||
$ret.='<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
$ret.='<input type="hidden" name="mode" value="search">';
|
||||
$ret.='<input type="hidden" name="mode-search" value="'.$htmlmodesearch.'">';
|
||||
$ret.='<input type="text" class="flat" name="'.$htmlinputname.'" size="10"> ';
|
||||
|
||||
@ -379,6 +379,7 @@ $_GET["action"] == 'create' || $_POST["action"] == 'create')
|
||||
print '<form action="soc.php" method="post" name="formsoc">';
|
||||
|
||||
print '<input type="hidden" name="action" value="add">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
print '<input type="hidden" name="cleartype" value="0">';
|
||||
print '<input type="hidden" name="private" value='.$soc->particulier.'>';
|
||||
if ($modCodeClient->code_auto || $modCodeFournisseur->code_auto) print '<input type="hidden" name="code_auto" value="1">';
|
||||
@ -711,6 +712,7 @@ elseif ($_GET["action"] == 'edit' || $_POST["action"] == 'edit')
|
||||
|
||||
print '<form action="soc.php?socid='.$soc->id.'" method="post" name="formsoc">';
|
||||
print '<input type="hidden" name="action" value="update">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
print '<input type="hidden" name="socid" value="'.$soc->id.'">';
|
||||
if ($modCodeClient->code_auto || $modCodeFournisseur->code_auto) print '<input type="hidden" name="code_auto" value="1">';
|
||||
|
||||
@ -974,6 +976,7 @@ else
|
||||
}
|
||||
|
||||
print '<form name="formsoc" method="post">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
print '<table class="border" width="100%">';
|
||||
|
||||
// Name
|
||||
|
||||
@ -238,6 +238,7 @@ if ($resql)
|
||||
}
|
||||
|
||||
print '<form method="post" action="societe.php" name="formfilter">';
|
||||
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
|
||||
|
||||
// Lignes des titres
|
||||
print '<table class="liste" width="100%">';
|
||||
|
||||
Loading…
Reference in New Issue
Block a user