lainwir3d/dolibarr
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

GETPOST must not clean data for text input.

Browse Source
This commit is contained in:
Laurent Destailleur 2017-09-25 00:16:52 +02:00
parent 3f9cae745c
commit e3da4188e2
23 changed files with 62 additions and 62 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
htdocs/comm/action/card.php
View File

@ -824,7 +824,7 @@ if ($action == 'create')
// Description
print '<tr><td class="tdtop">'.$langs->trans("Description").'</td><td>';
require_once DOL_DOCUMENT_ROOT.'/core/class/doleditor.class.php';
$doleditor=new DolEditor('note',(GETPOST('note')?GETPOST('note'):$object->note),'',180,'dolibarr_notes','In',true,true,$conf->fckeditor->enabled,ROWS_5,'90%');
$doleditor=new DolEditor('note',(GETPOST('note','none')?GETPOST('note','none'):$object->note),'',180,'dolibarr_notes','In',true,true,$conf->fckeditor->enabled,ROWS_5,'90%');
$doleditor->Create();
print '</td></tr>';

10
htdocs/comm/propal/card.php
View File

@ -358,8 +358,8 @@ if (empty($reshook))
$object->fk_project = GETPOST('projectid');
$object->modelpdf = GETPOST('model');
$object->author = $user->id; // deprecated
$object->note_private = GETPOST('note_private');
$object->note_public = GETPOST('note_public');
$object->note_private = GETPOST('note_private','none');
$object->note_public = GETPOST('note_public','none');
$object->statut = Propal::STATUS_DRAFT;
$object->fk_incoterms = GETPOST('incoterm_id', 'int');
$object->location_incoterms = GETPOST('location_incoterms', 'alpha');
@ -386,8 +386,8 @@ if (empty($reshook))
$object->fk_project = GETPOST('projectid');
$object->modelpdf = GETPOST('model');
$object->author = $user->id; // deprecated
$object->note_private = GETPOST('note_private');
$object->note_public = GETPOST('note_public');
$object->note_private = GETPOST('note_private','none');
$object->note_public = GETPOST('note_public','none');
$object->fk_incoterms = GETPOST('incoterm_id', 'int');
$object->location_incoterms = GETPOST('location_incoterms', 'alpha');
@ -979,7 +979,7 @@ if (empty($reshook))
$info_bits |= 0x01;
// Clean parameters
$description = dol_htmlcleanlastbr(GETPOST('product_desc'));
$description = dol_htmlcleanlastbr(GETPOST('product_desc','none'));
// Define vat_rate
$vat_rate = (GETPOST('tva_tx') ? GETPOST('tva_tx') : 0);

2
htdocs/comm/remx.php
View File

@ -292,7 +292,7 @@ if ($socid > 0)
print $form->load_tva('tva_tx',GETPOST('tva_tx'),$mysoc,$object);
print '</td></tr>';
print '<tr><td class="fieldrequired" >'.$langs->trans("NoteReason").'</td>';
print '<td><input type="text" class="quatrevingtpercent" name="desc" value="'.GETPOST('desc').'"></td></tr>';
print '<td><input type="text" class="quatrevingtpercent" name="desc" value="'.GETPOST('desc','none').'"></td></tr>';
print "</table>";
}

6
htdocs/commande/card.php
View File

@ -256,8 +256,8 @@ if (empty($reshook))
$db->begin();
$object->date_commande = $datecommande;
$object->note_private = GETPOST('note_private');
$object->note_public = GETPOST('note_public');
$object->note_private = GETPOST('note_private','none');
$object->note_public = GETPOST('note_public','none');
$object->source = GETPOST('source_id');
$object->fk_project = GETPOST('projectid');
$object->ref_client = GETPOST('ref_client');
@ -927,7 +927,7 @@ if (empty($reshook))
$date_end='';
$date_start=dol_mktime(GETPOST('date_starthour'), GETPOST('date_startmin'), GETPOST('date_startsec'), GETPOST('date_startmonth'), GETPOST('date_startday'), GETPOST('date_startyear'));
$date_end=dol_mktime(GETPOST('date_endhour'), GETPOST('date_endmin'), GETPOST('date_endsec'), GETPOST('date_endmonth'), GETPOST('date_endday'), GETPOST('date_endyear'));
$description=dol_htmlcleanlastbr(GETPOST('product_desc'));
$description=dol_htmlcleanlastbr(GETPOST('product_desc','none'));
$pu_ht=GETPOST('price_ht');
$vat_rate=(GETPOST('tva_tx')?GETPOST('tva_tx'):0);
$pu_ht_devise = GETPOST('multicurrency_subprice');

2
htdocs/compta/facture/card.php
View File

@ -1816,7 +1816,7 @@ if (empty($reshook))
$date_end = '';
$date_start = dol_mktime(GETPOST('date_starthour'), GETPOST('date_startmin'), GETPOST('date_startsec'), GETPOST('date_startmonth'), GETPOST('date_startday'), GETPOST('date_startyear'));
$date_end = dol_mktime(GETPOST('date_endhour'), GETPOST('date_endmin'), GETPOST('date_endsec'), GETPOST('date_endmonth'), GETPOST('date_endday'), GETPOST('date_endyear'));
$description = dol_htmlcleanlastbr(GETPOST('product_desc') ? GETPOST('product_desc') : GETPOST('desc'));
$description = dol_htmlcleanlastbr(GETPOST('product_desc','none') ? GETPOST('product_desc','none') : GETPOST('desc','none'));
$pu_ht = GETPOST('price_ht');
$vat_rate = (GETPOST('tva_tx') ? GETPOST('tva_tx') : 0);
$qty = GETPOST('qty');

4
htdocs/compta/facture/class/facture.class.php
View File

@ -293,8 +293,8 @@ class Facture extends CommonInvoice
// Fields coming from GUI (priority on template). TODO Value of template should be used as default value on GUI so we can use here always value from GUI
$this->fk_project = GETPOST('projectid','int') > 0 ? GETPOST('projectid','int') : $_facrec->fk_project;
$this->note_public = GETPOST('note_public') ? GETPOST('note_public') : $_facrec->note_public;
$this->note_private = GETPOST('note_private') ? GETPOST('note_private') : $_facrec->note_private;
$this->note_public = GETPOST('note_public','none') ? GETPOST('note_public','none') : $_facrec->note_public;
$this->note_private = GETPOST('note_private','none') ? GETPOST('note_private','none') : $_facrec->note_private;
$this->modelpdf = GETPOST('model') ? GETPOST('model') : $_facrec->modelpdf;
$this->cond_reglement_id = GETPOST('cond_reglement_id') > 0 ? GETPOST('cond_reglement_id') : $_facrec->cond_reglement_id;
$this->mode_reglement_id = GETPOST('mode_reglement_id') > 0 ? GETPOST('mode_reglement_id') : $_facrec->mode_reglement_id;

10
htdocs/compta/facture/fiche-rec.php
View File

@ -209,8 +209,8 @@ if (empty($reshook))
if (! $error)
{
$object->titre = GETPOST('titre', 'alpha');
$object->note_private = GETPOST('note_private');
$object->note_public = GETPOST('note_public');
$object->note_private = GETPOST('note_private','none');
$object->note_public = GETPOST('note_public','none');
$object->usenewprice = GETPOST('usenewprice');
$object->frequency = $frequency;
@ -723,7 +723,7 @@ if (empty($reshook))
$date_end = '';
//$date_start = dol_mktime(GETPOST('date_starthour'), GETPOST('date_startmin'), GETPOST('date_startsec'), GETPOST('date_startmonth'), GETPOST('date_startday'), GETPOST('date_startyear'));
//$date_end = dol_mktime(GETPOST('date_endhour'), GETPOST('date_endmin'), GETPOST('date_endsec'), GETPOST('date_endmonth'), GETPOST('date_endday'), GETPOST('date_endyear'));
$description = dol_htmlcleanlastbr(GETPOST('product_desc') ? GETPOST('product_desc') : GETPOST('desc'));
$description = dol_htmlcleanlastbr(GETPOST('product_desc','none') ? GETPOST('product_desc','none') : GETPOST('desc','none'));
$pu_ht = GETPOST('price_ht');
$vat_rate = (GETPOST('tva_tx') ? GETPOST('tva_tx') : 0);
$qty = GETPOST('qty');
@ -965,8 +965,8 @@ if ($action == 'create')
print '<tr><td class="titlefieldcreate">'.$langs->trans("Customer").'</td><td>'.$object->thirdparty->getNomUrl(1,'customer').'</td>';
print '</tr>';
$note_public=GETPOST('note_public')?GETPOST('note_public'):$object->note_public;
$note_private=GETPOST('note_private')?GETPOST('note_private'):$object->note_private;
$note_public=GETPOST('note_public','none')?GETPOST('note_public','none'):$object->note_public;
$note_private=GETPOST('note_private','none')?GETPOST('note_private','none'):$object->note_private;
// Help of substitution key
$substitutionarray=array(

2
htdocs/compta/paiement/card.php
View File

@ -60,7 +60,7 @@ if ($action == 'setnote' && $user->rights->facture->paiement)
$db->begin();
$object->fetch($id);
$result = $object->update_note(GETPOST('note'));
$result = $object->update_note(GETPOST('note','none'));
if ($result > 0)
{
$db->commit();

2
htdocs/contrat/card.php
View File

@ -676,7 +676,7 @@ if (empty($reshook))
$fk_unit = GETPOST('unit', 'alpha');
$objectline->description=GETPOST('product_desc');
$objectline->description=GETPOST('product_desc','none');
$objectline->price_ht=GETPOST('elprice');
$objectline->subprice=GETPOST('elprice');
$objectline->qty=GETPOST('elqty');

4
htdocs/cron/card.php
View File

@ -148,7 +148,7 @@ if ($action=='add')
$object->params=GETPOST('params');
$object->md5params=GETPOST('md5params');
$object->module_name=GETPOST('module_name','alpha');
$object->note=GETPOST('note');
$object->note=GETPOST('note','none');
$object->datestart=dol_mktime(GETPOST('datestarthour','int'), GETPOST('datestartmin','int'), 0, GETPOST('datestartmonth','int'), GETPOST('datestartday','int'), GETPOST('datestartyear','int'));
$object->dateend=dol_mktime(GETPOST('dateendhour','int'), GETPOST('dateendmin','int'), 0, GETPOST('dateendmonth','int'), GETPOST('dateendday','int'), GETPOST('dateendyear','int'));
$object->datenextrun=dol_mktime(GETPOST('datenextrunhour','int'), GETPOST('datenextrunmin','int'), 0, GETPOST('datenextrunmonth','int'), GETPOST('datenextrunday','int'), GETPOST('datenextrunyear','int'));
@ -184,7 +184,7 @@ if ($action=='update')
$object->params=GETPOST('params');
$object->md5params=GETPOST('md5params');
$object->module_name=GETPOST('module_name','alpha');
$object->note=GETPOST('note');
$object->note=GETPOST('note','none');
$object->datestart=dol_mktime(GETPOST('datestarthour','int'), GETPOST('datestartmin','int'), 0, GETPOST('datestartmonth','int'), GETPOST('datestartday','int'), GETPOST('datestartyear','int'));
$object->dateend=dol_mktime(GETPOST('dateendhour','int'), GETPOST('dateendmin','int'), 0, GETPOST('dateendmonth','int'), GETPOST('dateendday','int'), GETPOST('dateendyear','int'));
$object->datenextrun=dol_mktime(GETPOST('datenextrunhour','int'), GETPOST('datenextrunmin','int'), 0, GETPOST('datenextrunmonth','int'), GETPOST('datenextrunday','int'), GETPOST('datenextrunyear','int'));

4
htdocs/expedition/card.php
View File

@ -219,8 +219,8 @@ if (empty($reshook))
$object->shipping_method_id = GETPOST('shipping_method_id','int');
$object->tracking_number = GETPOST('tracking_number','alpha');
$object->ref_int = GETPOST('ref_int','alpha');
$object->note_private = GETPOST('note_private');
$object->note_public = GETPOST('note_public');
$object->note_private = GETPOST('note_private','none');
$object->note_public = GETPOST('note_public','none');
$object->fk_incoterms = GETPOST('incoterm_id', 'int');
$object->location_incoterms = GETPOST('location_incoterms', 'alpha');

8
htdocs/expensereport/card.php
View File

@ -213,8 +213,8 @@ if (empty($reshook))
$object->fk_statut = 1;
$object->fk_c_paiement = GETPOST('fk_c_paiement','int');
$object->fk_user_validator = GETPOST('fk_user_validator','int');
$object->note_public = GETPOST('note_public');
$object->note_private = GETPOST('note_private');
$object->note_public = GETPOST('note_public','none');
$object->note_private = GETPOST('note_private','none');
// Fill array 'array_options' with data from add form
if (! $error)
{
@ -264,8 +264,8 @@ if (empty($reshook))
}
$object->fk_c_paiement = GETPOST('fk_c_paiement','int');
$object->note_public = GETPOST('note_public');
$object->note_private = GETPOST('note_private');
$object->note_public = GETPOST('note_public','none');
$object->note_private = GETPOST('note_private','none');
$object->fk_user_modif = $user->id;
$result = $object->update($user);

10
htdocs/fichinter/card.php
View File

@ -64,7 +64,7 @@ $confirm = GETPOST('confirm','alpha');
$mesg = GETPOST('msg','alpha');
$origin=GETPOST('origin','alpha');
$originid=(GETPOST('originid','int')?GETPOST('originid','int'):GETPOST('origin_id','int')); // For backward compatibility
$note_public = GETPOST('note_public');
$note_public = GETPOST('note_public','none');
$lineid = GETPOST('line_id','int');
//PDF
@ -208,8 +208,8 @@ if (empty($reshook))
$object->description = GETPOST('description');
$object->ref = $ref;
$object->modelpdf = GETPOST('model','alpha');
$object->note_private = GETPOST('note_private');
$object->note_public = GETPOST('note_public');
$object->note_private = GETPOST('note_private','none');
$object->note_public = GETPOST('note_public','none');
if ($object->socid > 0)
{
@ -877,8 +877,8 @@ if ($action == 'create')
$soc = $objectsrc->client;
$note_private = (! empty($objectsrc->note) ? $objectsrc->note : (! empty($objectsrc->note_private) ? $objectsrc->note_private : GETPOST('note_private')));
$note_public = (! empty($objectsrc->note_public) ? $objectsrc->note_public : GETPOST('note_public'));
$note_private = (! empty($objectsrc->note) ? $objectsrc->note : (! empty($objectsrc->note_private) ? $objectsrc->note_private : GETPOST('note_private','none')));
$note_public = (! empty($objectsrc->note_public) ? $objectsrc->note_public : GETPOST('note_public','none'));
// Object source contacts list
$srccontactslist = $objectsrc->liste_contact(-1,'external',1);

8
htdocs/fourn/commande/card.php
View File

@ -988,8 +988,8 @@ if (empty($reshook))
$object->cond_reglement_id = GETPOST('cond_reglement_id');
$object->mode_reglement_id = GETPOST('mode_reglement_id');
$object->fk_account = GETPOST('fk_account', 'int');
$object->note_private = GETPOST('note_private');
$object->note_public = GETPOST('note_public');
$object->note_private = GETPOST('note_private','none');
$object->note_public = GETPOST('note_public','none');
$object->date_livraison = $datelivraison;
$object->fk_incoterms = GETPOST('incoterm_id', 'int');
$object->location_incoterms = GETPOST('location_incoterms', 'alpha');
@ -1534,7 +1534,7 @@ if ($action=='create')
print '<tr><td>'.$langs->trans('NotePublic').'</td>';
print '<td>';
$doleditor = new DolEditor('note_public', isset($note_public) ? $note_public : GETPOST('note_public'), '', 80, 'dolibarr_notes', 'In', 0, false, true, ROWS_3, '90%');
$doleditor = new DolEditor('note_public', isset($note_public) ? $note_public : GETPOST('note_public','none'), '', 80, 'dolibarr_notes', 'In', 0, false, true, ROWS_3, '90%');
print $doleditor->Create(1);
print '</td>';
//print '<textarea name="note_public" wrap="soft" cols="60" rows="'.ROWS_5.'"></textarea>';
@ -1542,7 +1542,7 @@ if ($action=='create')
print '<tr><td>'.$langs->trans('NotePrivate').'</td>';
print '<td>';
$doleditor = new DolEditor('note_private', isset($note_private) ? $note_private : GETPOST('note_private'), '', 80, 'dolibarr_notes', 'In', 0, false, true, ROWS_3, '90%');
$doleditor = new DolEditor('note_private', isset($note_private) ? $note_private : GETPOST('note_private','none'), '', 80, 'dolibarr_notes', 'In', 0, false, true, ROWS_3, '90%');
print $doleditor->Create(1);
print '</td>';
//print '<td><textarea name="note_private" wrap="soft" cols="60" rows="'.ROWS_5.'"></textarea></td>';

4
htdocs/fourn/commande/orderstoinvoice.php
View File

@ -155,8 +155,8 @@ if (($action == 'create' || $action == 'add') && ! $error) {
$object->libelle = GETPOST('libelle');
$object->date = $datefacture;
$object->date_echeance = $datedue;
$object->note_public = GETPOST('note_public');
$object->note_private = GETPOST('note_private');
$object->note_public = GETPOST('note_public','none');
$object->note_private = GETPOST('note_private','none');
$object->cond_reglement_id = GETPOST('cond_reglement_id');
$object->mode_reglement_id = GETPOST('mode_reglement_id');
$projectid = GETPOST('projectid');

12
htdocs/fourn/facture/card.php
View File

@ -443,8 +443,8 @@ if (empty($reshook))
$object->libelle = GETPOST('label');
$object->date = $datefacture;
$object->date_echeance = $datedue;
$object->note_public = GETPOST('note_public');
$object->note_private = GETPOST('note_private');
$object->note_public = GETPOST('note_public','none');
$object->note_private = GETPOST('note_private','none');
$object->cond_reglement_id = GETPOST('cond_reglement_id');
$object->mode_reglement_id = GETPOST('mode_reglement_id');
$object->fk_account = GETPOST('fk_account', 'int');
@ -507,8 +507,8 @@ if (empty($reshook))
$object->libelle = $_POST['label'];
$object->date = $datefacture;
$object->date_echeance = $datedue;
$object->note_public = GETPOST('note_public');
$object->note_private = GETPOST('note_private');
$object->note_public = GETPOST('note_public','none');
$object->note_private = GETPOST('note_private','none');
$object->cond_reglement_id = GETPOST('cond_reglement_id');
$object->mode_reglement_id = GETPOST('mode_reglement_id');
$object->fk_account = GETPOST('fk_account', 'int');
@ -616,8 +616,8 @@ if (empty($reshook))
$object->libelle = $_POST['label'];
$object->date = $datefacture;
$object->date_echeance = $datedue;
$object->note_public = GETPOST('note_public');
$object->note_private = GETPOST('note_private');
$object->note_public = GETPOST('note_public','none');
$object->note_private = GETPOST('note_private','none');
$object->cond_reglement_id = GETPOST('cond_reglement_id');
$object->mode_reglement_id = GETPOST('mode_reglement_id');
$object->fk_account = GETPOST('fk_account', 'int');

2
htdocs/fourn/paiement/card.php
View File

@ -57,7 +57,7 @@ if ($action == 'setnote' && $user->rights->fournisseur->facture->creer)
$db->begin();
$object->fetch($id);
$result = $object->update_note(GETPOST('note'));
$result = $object->update_note(GETPOST('note','none'));
if ($result > 0)
{
$db->commit();

4
htdocs/loan/card.php
View File

@ -133,8 +133,8 @@ if (empty($reshook))
$object->dateend = $dateend;
$object->nbterm = GETPOST('nbterm');
$object->rate = $rate;
$object->note_private = GETPOST('note_private');
$object->note_public = GETPOST('note_public');
$object->note_private = GETPOST('note_private','none');
$object->note_public = GETPOST('note_public','none');
$object->fk_project = GETPOST('projectid','int');
$accountancy_account_capital = GETPOST('accountancy_account_capital');

4
htdocs/loan/payment/payment.php
View File

@ -101,8 +101,8 @@ if ($action == 'add_payment')
$payment->amount_interest = GETPOST('amount_interest');
$payment->paymenttype = GETPOST('paymenttype');
$payment->num_payment = GETPOST('num_payment');
$payment->note_private = GETPOST('note_private');
$payment->note_public = GETPOST('note_public');
$payment->note_private = GETPOST('note_private','none');
$payment->note_public = GETPOST('note_public','none');
if (! $error)
{

12
htdocs/product/card.php
View File

@ -281,9 +281,9 @@ if (empty($reshook))
$object->barcode_type_coder = $stdobject->barcode_type_coder;
$object->barcode_type_label = $stdobject->barcode_type_label;
$object->description = dol_htmlcleanlastbr(GETPOST('desc'));
$object->description = dol_htmlcleanlastbr(GETPOST('desc','none'));
$object->url = GETPOST('url');
$object->note_private = dol_htmlcleanlastbr(GETPOST('note_private'));
$object->note_private = dol_htmlcleanlastbr(GETPOST('note_private','none'));
$object->note = $object->note_private; // deprecated
$object->customcode = GETPOST('customcode');
$object->country_id = GETPOST('country_id');
@ -370,11 +370,11 @@ if (empty($reshook))
$object->ref = $ref;
$object->label = GETPOST('label');
$object->description = dol_htmlcleanlastbr(GETPOST('desc'));
$object->description = dol_htmlcleanlastbr(GETPOST('desc','none'));
$object->url = GETPOST('url');
if (! empty($conf->global->MAIN_DISABLE_NOTES_TAB))
{
$object->note_private = dol_htmlcleanlastbr(GETPOST('note_private'));
$object->note_private = dol_htmlcleanlastbr(GETPOST('note_private','none'));
$object->note = $object->note_private;
}
$object->customcode = GETPOST('customcode');
@ -977,7 +977,7 @@ else
// Description (used in invoice, propal...)
print '<tr><td class="tdtop">'.$langs->trans("Description").'</td><td colspan="3">';
$doleditor = new DolEditor('desc', GETPOST('desc'), '', 160, 'dolibarr_details', '', false, true, $conf->global->FCKEDITOR_ENABLE_PRODUCTDESC, ROWS_4, '90%');
$doleditor = new DolEditor('desc', GETPOST('desc','none'), '', 160, 'dolibarr_details', '', false, true, $conf->global->FCKEDITOR_ENABLE_PRODUCTDESC, ROWS_4, '90%');
$doleditor->Create();
print "</td></tr>";
@ -1092,7 +1092,7 @@ else
print '<tr><td class="tdtop">'.$langs->trans("NoteNotVisibleOnBill").'</td><td colspan="3">';
// We use dolibarr_details as type of DolEditor here, because we must not accept images as description is included into PDF and not accepted by TCPDF.
$doleditor = new DolEditor('note_private', GETPOST('note_private'), '', 140, 'dolibarr_details', '', false, true, $conf->global->FCKEDITOR_ENABLE_PRODUCTDESC, ROWS_8, '90%');
$doleditor = new DolEditor('note_private', GETPOST('note_private','none'), '', 140, 'dolibarr_details', '', false, true, $conf->global->FCKEDITOR_ENABLE_PRODUCTDESC, ROWS_8, '90%');
$doleditor->Create();
print "</td></tr>";

2
htdocs/public/members/new.php
View File

@ -572,7 +572,7 @@ foreach($extrafields->attribute_label as $key=>$value)
// Comments
print '<tr>';
print '<td class="tdtop">'.$langs->trans("Comments").'</td>';
print '<td class="tdtop"><textarea name="note_private" id="note_private" wrap="soft" class="quatrevingtpercent" rows="'.ROWS_3.'">'.dol_escape_htmltag(GETPOST('note_private')).'</textarea></td>';
print '<td class="tdtop"><textarea name="note_private" id="note_private" wrap="soft" class="quatrevingtpercent" rows="'.ROWS_3.'">'.dol_escape_htmltag(GETPOST('note_private','none')).'</textarea></td>';
print '</tr>'."\n";
// Add specific fields used by Dolibarr foundation for example

8
htdocs/supplier_proposal/card.php
View File

@ -268,7 +268,7 @@ if (empty($reshook))
$object->fk_project = GETPOST('projectid');
$object->modelpdf = GETPOST('model');
$object->author = $user->id; // deprecated
$object->note = GETPOST('note');
$object->note = GETPOST('note','none');
$object->statut = SupplierProposal::STATUS_DRAFT;
$id = $object->create_from($user);
@ -286,7 +286,7 @@ if (empty($reshook))
$object->fk_project = GETPOST('projectid');
$object->modelpdf = GETPOST('model');
$object->author = $user->id; // deprecated
$object->note = GETPOST('note');
$object->note = GETPOST('note','none');
$object->origin = GETPOST('origin');
$object->origin_id = GETPOST('originid');
@ -465,7 +465,7 @@ if (empty($reshook))
} else {
// prevent browser refresh from closing proposal several times
if ($object->statut == SupplierProposal::STATUS_VALIDATED) {
$object->cloture($user, GETPOST('statut'), GETPOST('note'));
$object->cloture($user, GETPOST('statut'), GETPOST('note','none'));
}
}
}
@ -774,7 +774,7 @@ if (empty($reshook))
$info_bits |= 0x01;
// Clean parameters
$description = dol_htmlcleanlastbr(GETPOST('product_desc'));
$description = dol_htmlcleanlastbr(GETPOST('product_desc','none'));
// Define vat_rate
$vat_rate = (GETPOST('tva_tx') ? GETPOST('tva_tx') : 0);

2
htdocs/user/note.php
View File

@ -65,7 +65,7 @@ if (empty($reshook)) {
if ($action == 'update' && $user->rights->user->user->creer && !$_POST["cancel"]) {
$db->begin();
$res = $object->update_note(dol_html_entity_decode(GETPOST('note_private'), ENT_QUOTES));
$res = $object->update_note(dol_html_entity_decode(GETPOST('note_private','none'), ENT_QUOTES));
if ($res < 0) {
$mesg = '<div class="error">'.$adh->error.'</div>';
$db->rollback();