lainwir3d/dolibarr
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Fix #yogosha4525

Browse Source
This commit is contained in:
Laurent Destailleur 2020-09-18 16:00:47 +02:00
parent 72d5850a5f
commit d75e1e5771
5 changed files with 7 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
htdocs/core/boxes/box_task.php
View File

@ -94,7 +94,7 @@ class box_task extends ModeleBoxes
if (in_array(GETPOST($cookie_name), array('all', 'im_project_contact', 'im_task_contact'))) {
$filterValue = GETPOST($cookie_name);
} elseif (!empty($_COOKIE[$cookie_name])) {
$filterValue = $_COOKIE[$cookie_name];
$filterValue = preg_replace('/[^a-z_]/', '', $_COOKIE[$cookie_name]); // Clean cookie from evil data
}
if ($filterValue == 'im_task_contact') {

2
htdocs/core/class/html.formmargin.class.php
View File

@ -204,7 +204,7 @@ class FormMargin
if (!empty($conf->global->MARGIN_ADD_SHOWHIDE_BUTTON)) // TODO Warning this feature rely on an external js file that may be removed. Using native js function document.cookie should be better
{
print $langs->trans('ShowMarginInfos').' : ';
$hidemargininfos = $_COOKIE['DOLUSER_MARGININFO_HIDE_SHOW'];
$hidemargininfos = preg_replace('/[^a-zA-Z0-9_\-]/', '', $_COOKIE['DOLUSER_MARGININFO_HIDE_SHOW']); // Clean cookie
print '<span id="showMarginInfos" class="linkobject '.(!empty($hidemargininfos) ? '' : 'hideobject').'">'.img_picto($langs->trans("Disabled"), 'switch_off').'</span>';
print '<span id="hideMarginInfos" class="linkobject '.(!empty($hidemargininfos) ? 'hideobject' : '').'">'.img_picto($langs->trans("Enabled"), 'switch_on').'</span>';

2
htdocs/core/website.inc.php
View File

@ -68,7 +68,7 @@ if ($pageid > 0)
{
$websitepage->fetch($pageid);
$weblangs->setDefaultLang(GETPOSTISSET('lang') ? GETPOST('lang', 'aZ09') : (empty($_COOKIE['weblangs-shortcode']) ? 'auto' : $_COOKIE['weblangs-shortcode']));
$weblangs->setDefaultLang(GETPOSTISSET('lang') ? GETPOST('lang', 'aZ09') : (empty($_COOKIE['weblangs-shortcode']) ? 'auto' : preg_replace('/[^a-zA-Z0-9_\-]/', '', $_COOKIE['weblangs-shortcode'])));
$pagelangs->setDefaultLang($websitepage->lang ? $websitepage->lang : $weblangs->shortlang);
if (!defined('USEDOLIBARREDITOR') && (in_array($websitepage->type_container, array('menu', 'other')) || empty($websitepage->status)))

2
htdocs/main.inc.php
View File

@ -521,7 +521,7 @@ if (!defined('NOLOGIN'))
$allowedmethodtopostusername = 2;
if (defined('MAIN_AUTHENTICATION_POST_METHOD')) $allowedmethodtopostusername = constant('MAIN_AUTHENTICATION_POST_METHOD');
$usertotest = (!empty($_COOKIE['login_dolibarr']) ? $_COOKIE['login_dolibarr'] : GETPOST("username", "alpha", $allowedmethodtopostusername));
$usertotest = (!empty($_COOKIE['login_dolibarr']) ? preg_replace('/[^a-zA-Z0-9_\-]/', '', $_COOKIE['login_dolibarr']) : GETPOST("username", "alpha", $allowedmethodtopostusername));
$passwordtotest = GETPOST('password', 'none', $allowedmethodtopostusername);
$entitytotest = (GETPOST('entity', 'int') ? GETPOST('entity', 'int') : (!empty($conf->entity) ? $conf->entity : 1));

6
htdocs/takepos/index.php
View File

@ -48,7 +48,7 @@ $setterminal = GETPOST('setterminal', 'int');
if ($_SESSION["takeposterminal"] == "")
{
if ($conf->global->TAKEPOS_NUM_TERMINALS == "1") $_SESSION["takeposterminal"] = 1; // Use terminal 1 if there is only 1 terminal
elseif (!empty($_COOKIE["takeposterminal"])) $_SESSION["takeposterminal"] = $_COOKIE["takeposterminal"]; // Restore takeposterminal from previous session
elseif (!empty($_COOKIE["takeposterminal"])) $_SESSION["takeposterminal"] = preg_replace('/[^a-zA-Z0-9_\-]/', '', $_COOKIE["takeposterminal"]); // Restore takeposterminal from previous session
}
if ($setterminal > 0)
@ -544,7 +544,7 @@ function Search2(keyCodeForEnter) {
if ($('#search').val() == data[0]['barcode'] && 'thirdparty' == data[0]['object']) {
console.log("There is only 1 answer with barcode matching the search, so we change the thirdparty "+data[0]['rowid']);
ChangeThirdparty(data[0]['rowid']);
}
}
else if ($('#search').val() == data[0]['barcode'] && 'product' == data[0]['object']) {
console.log("There is only 1 answer with barcode matching the search, so we add the product in basket");
ClickProduct(0);
@ -562,7 +562,7 @@ function Search2(keyCodeForEnter) {
}
});
}
}
function Edit(number) {