From 904e399293d52010b316fcce1db5e2be1e939827 Mon Sep 17 00:00:00 2001
From: Laurent Destailleur <eldy@destailleur.fr>
Date: Sat, 20 Jul 2019 16:25:57 +0200
Subject: [PATCH 1/3] Fix wrong nb of parmaeters

---
 htdocs/societe/card.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/htdocs/societe/card.php b/htdocs/societe/card.php
index d3cd26f8115..34784beefcb 100644
--- a/htdocs/societe/card.php
+++ b/htdocs/societe/card.php
@@ -741,7 +741,7 @@ if (empty($reshook))
                                 {
                                 	require_once DOL_DOCUMENT_ROOT .'/core/lib/files.lib.php';
                                 	// the dir dirname($newfile) is directory of logo, so we should have only one file at once into index, so we delete indexes for the dir
-                                	deleteFilesIntoDatabaseIndex(dirname($newfile), '', '', 'uploaded', 1);
+                                	deleteFilesIntoDatabaseIndex(dirname($newfile), '', '');
                                 	// now we index the uploaded logo file
                                 	addFileIntoDatabaseIndex(dirname($newfile), basename($newfile), '', 'uploaded', 1);
                                 }

From 932530bd37b1d210f70e8d86a4a5be1179245907 Mon Sep 17 00:00:00 2001
From: Laurent Destailleur <eldy@destailleur.fr>
Date: Sun, 21 Jul 2019 16:00:32 +0200
Subject: [PATCH 2/3] FIX ajax call for line positioning when
 CSRFCHECK_WITH_TOKEN is on

---
 htdocs/core/tpl/ajaxrow.tpl.php | 4 +++-
 htdocs/main.inc.php             | 6 ++++--
 2 files changed, 7 insertions(+), 3 deletions(-)

diff --git a/htdocs/core/tpl/ajaxrow.tpl.php b/htdocs/core/tpl/ajaxrow.tpl.php
index 8971dc2a919..071db6a82ee 100644
--- a/htdocs/core/tpl/ajaxrow.tpl.php
+++ b/htdocs/core/tpl/ajaxrow.tpl.php
@@ -66,13 +66,15 @@ $(document).ready(function(){
 			var fk_element = "<?php echo $fk_element; ?>";
 			var element_id = "<?php echo $id; ?>";
 			var filepath = "<?php echo urlencode($filepath); ?>";
+			var token = "<?php echo $_SESSION["token"]; ?>";	// We use old 'token' and not 'newtoken' for such ajax call because the ajax page has the NOTOKENRENEWAL constant set.
 			$.post("<?php echo DOL_URL_ROOT; ?>/core/ajax/row.php",
 					{
 						roworder: roworder,
 						table_element_line: table_element_line,
 						fk_element: fk_element,
 						element_id: element_id,
-						filepath: filepath
+						filepath: filepath,
+						token: token
 					},
 					function() {
 						console.log("tableDND end of ajax call");
diff --git a/htdocs/main.inc.php b/htdocs/main.inc.php
index 7b695dd8a12..1906f49a89a 100644
--- a/htdocs/main.inc.php
+++ b/htdocs/main.inc.php
@@ -273,6 +273,7 @@ if (isset($_SERVER["HTTP_USER_AGENT"]))
 	if ($conf->browser->layout == 'phone') $conf->dol_no_mouse_hover=1;
 }
 
+
 // Force HTTPS if required ($conf->file->main_force_https is 0/1 or https dolibarr root url)
 // $_SERVER["HTTPS"] is 'on' when link is https, otherwise $_SERVER["HTTPS"] is empty or 'off'
 if (! empty($conf->file->main_force_https) && (empty($_SERVER["HTTPS"]) || $_SERVER["HTTPS"] != 'on'))
@@ -380,6 +381,7 @@ if ((! defined('NOCSRFCHECK') && empty($dolibarr_nocsrfcheck) && ! empty($conf->
 {
 	if ($_SERVER['REQUEST_METHOD'] == 'POST' && ! GETPOSTISSET('token')) // Note, offender can still send request by GET
 	{
+		dol_syslog("--- Access to ".$_SERVER["PHP_SELF"]." refused by CSRFCHECK_WITH_TOKEN protection. Token not provided.");
 		print "Access by POST method refused by CSRF protection in main.inc.php. Token not provided.\n";
 		print "If you access your server behind a proxy using url rewriting, you might check that all HTTP header is propagated (or add the line \$dolibarr_nocsrfcheck=1 into your conf.php file or MAIN_SECURITY_CSRF_WITH_TOKEN to 0 into setup).\n";
 		die;
@@ -389,9 +391,9 @@ if ((! defined('NOCSRFCHECK') && empty($dolibarr_nocsrfcheck) && ! empty($conf->
 	//{
 	if (GETPOSTISSET('token') && GETPOST('token', 'alpha') != $_SESSION['token'])
 	{
-		dol_syslog("Invalid token, so we disable POST and some GET parameters - referer=".$_SERVER['HTTP_REFERER'].", action=".GETPOST('action', 'aZ09').", _GET|POST['token']=".GETPOST('token', 'alpha').", _SESSION['token']=".$_SESSION['token'], LOG_WARNING);
+		dol_syslog("--- Access to ".$_SERVER["PHP_SELF"]." refused due to invalid token, so we disable POST and some GET parameters - referer=".$_SERVER['HTTP_REFERER'].", action=".GETPOST('action', 'aZ09').", _GET|POST['token']=".GETPOST('token', 'alpha').", _SESSION['token']=".$_SESSION['token'], LOG_WARNING);
 		//print 'Unset POST by CSRF protection in main.inc.php.';	// Do not output anything because this create problems when using the BACK button on browsers.
-        if ($conf->global->MAIN_FEATURES_LEVEL>1) setEventMessages('Unset POST by CSRF protection in main.inc.php.', null, 'warnings');
+		if ($conf->global->MAIN_FEATURES_LEVEL>1) setEventMessages('Unset POST by CSRF protection in main.inc.php.'."<br>\n".'$_SERVER[REQUEST_URI] = '.$_SERVER['REQUEST_URI'].' $_SERVER[REQUEST_METHOD] = '.$_SERVER['REQUEST_METHOD'].' GETPOST(token) = '.GETPOST('token', 'alpha').' $_SESSION[token] = '.$_SESSION['token'], null, 'warnings');
 		unset($_POST);
 		unset($_GET['confirm']);
 	}

From 4f34a8b6e84aaf8ede4e4b4ceee96769b01a7964 Mon Sep 17 00:00:00 2001
From: Laurent Destailleur <eldy@destailleur.fr>
Date: Sun, 21 Jul 2019 16:15:13 +0200
Subject: [PATCH 3/3] FIX Position was lost when we edit the line of template
 invoice

---
 htdocs/compta/facture/fiche-rec.php | 14 ++++++++------
 htdocs/core/tpl/ajaxrow.tpl.php     |  2 +-
 2 files changed, 9 insertions(+), 7 deletions(-)

diff --git a/htdocs/compta/facture/fiche-rec.php b/htdocs/compta/facture/fiche-rec.php
index dd4a2af11ee..9b50e782454 100644
--- a/htdocs/compta/facture/fiche-rec.php
+++ b/htdocs/compta/facture/fiche-rec.php
@@ -774,7 +774,7 @@ if (empty($reshook))
 		$array_options = $extrafieldsline->getOptionalsFromPost($object->table_element_line);
 
 		$objectline = new FactureLigneRec($db);
-		if ($objectline->fetch(GETPOST('lineid')))
+		if ($objectline->fetch(GETPOST('lineid', 'int')))
 		{
 			$objectline->array_options=$array_options;
 			$result=$objectline->insertExtraFields();
@@ -784,6 +784,8 @@ if (empty($reshook))
 			}
 		}
 
+		$position = ($objectline->rang >= 0 ? $objectline->rang : 0);
+
 		// Unset extrafield
 		if (is_array($extralabelsline))
 		{
@@ -795,8 +797,8 @@ if (empty($reshook))
 		}
 
 		// Define special_code for special lines
-		$special_code=GETPOST('special_code');
-		if (! GETPOST('qty')) $special_code=3;
+		$special_code=GETPOST('special_code', 'int');
+		if (! GETPOST('qty', 'alpha')) $special_code=3;
 
 		/*$line = new FactureLigne($db);
         $line->fetch(GETPOST('lineid'));
@@ -832,11 +834,11 @@ if (empty($reshook))
 				$error ++;
 			}
 		} else {
-			$type = GETPOST('type');
+			$type = GETPOST('type', 'int');
 			$label = (GETPOST('product_label') ? GETPOST('product_label') : '');
 
 			// Check parameters
-			if (GETPOST('type') < 0) {
+			if (GETPOST('type', 'int') < 0) {
 				setEventMessages($langs->trans("ErrorFieldRequired", $langs->transnoentitiesnoconv("Type")), null, 'errors');
 				$error ++;
 			}
@@ -868,7 +870,7 @@ if (empty($reshook))
 				0,
 				0,
 				$type,
-				0,
+				$position,
 				$special_code,
 				$label,
 				GETPOST('units'),
diff --git a/htdocs/core/tpl/ajaxrow.tpl.php b/htdocs/core/tpl/ajaxrow.tpl.php
index 071db6a82ee..0b92df1e519 100644
--- a/htdocs/core/tpl/ajaxrow.tpl.php
+++ b/htdocs/core/tpl/ajaxrow.tpl.php
@@ -66,7 +66,7 @@ $(document).ready(function(){
 			var fk_element = "<?php echo $fk_element; ?>";
 			var element_id = "<?php echo $id; ?>";
 			var filepath = "<?php echo urlencode($filepath); ?>";
-			var token = "<?php echo $_SESSION["token"]; ?>";	// We use old 'token' and not 'newtoken' for such ajax call because the ajax page has the NOTOKENRENEWAL constant set.
+			var token = "<?php echo $_SESSION["token"]; ?>";	// We use old 'token' and not 'newtoken' for Ajax call because the ajax page has the NOTOKENRENEWAL constant set.
 			$.post("<?php echo DOL_URL_ROOT; ?>/core/ajax/row.php",
 					{
 						roworder: roworder,