From 1e282aaded86daa2f706712557e4e34ab0824bdd Mon Sep 17 00:00:00 2001
From: lmarcouiller <lucas.marcouiller@gmail.com>
Date: Mon, 25 Jul 2022 10:49:19 +0200
Subject: [PATCH 1/3] FIX : js injection in stockmovement.php

---
 htdocs/product/stock/massstockmove.php | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/htdocs/product/stock/massstockmove.php b/htdocs/product/stock/massstockmove.php
index 85848942fbe..b2276befd63 100644
--- a/htdocs/product/stock/massstockmove.php
+++ b/htdocs/product/stock/massstockmove.php
@@ -336,11 +336,11 @@ if ($action == 'importCSV' && !empty($user->rights->stock->mouvement->creer)) {
 					continue;
 				}
 				//var_dump($data);
-				$tmp_id_sw = $data[$i][0]['val'];
-				$tmp_id_tw = $data[$i][1]['val'];
-				$tmp_id_product = $data[$i][2]['val'];
-				$tmp_qty = $data[$i][3]['val'];
-				$tmp_batch = $data[$i][4]['val'];
+				$tmp_id_sw = dol_escape_htmltag($data[$i][0]['val']);
+				$tmp_id_tw = dol_escape_htmltag($data[$i][1]['val']);
+				$tmp_id_product = dol_escape_htmltag($data[$i][2]['val']);
+				$tmp_qty = dol_escape_htmltag($data[$i][3]['val']);
+				$tmp_batch = dol_escape_htmltag($data[$i][4]['val']);
 
 				if (!is_numeric($tmp_id_product)) {
 					$result = fetchref($productstatic, $tmp_id_product);

From d964aabcea3894db14904e5dc40d6ce5400679c7 Mon Sep 17 00:00:00 2001
From: lmarcouiller <lucas.marcouiller@gmail.com>
Date: Tue, 26 Jul 2022 11:01:53 +0200
Subject: [PATCH 2/3] fix with advices

---
 htdocs/product/stock/massstockmove.php | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/htdocs/product/stock/massstockmove.php b/htdocs/product/stock/massstockmove.php
index b2276befd63..09bc19b9beb 100644
--- a/htdocs/product/stock/massstockmove.php
+++ b/htdocs/product/stock/massstockmove.php
@@ -336,10 +336,10 @@ if ($action == 'importCSV' && !empty($user->rights->stock->mouvement->creer)) {
 					continue;
 				}
 				//var_dump($data);
-				$tmp_id_sw = dol_escape_htmltag($data[$i][0]['val']);
-				$tmp_id_tw = dol_escape_htmltag($data[$i][1]['val']);
-				$tmp_id_product = dol_escape_htmltag($data[$i][2]['val']);
-				$tmp_qty = dol_escape_htmltag($data[$i][3]['val']);
+				$tmp_id_sw = (int) $data[$i][0]['val'];
+				$tmp_id_tw = (int) dol_escape_htmltag($data[$i][1]['val']);
+				$tmp_id_product = (int) dol_escape_htmltag($data[$i][2]['val']);
+				$tmp_qty = price2num((float) $data[$i][3]['val'], 'MS');
 				$tmp_batch = dol_escape_htmltag($data[$i][4]['val']);
 
 				if (!is_numeric($tmp_id_product)) {

From e4d2e538c4dedc045951d0f863757f61e40f4945 Mon Sep 17 00:00:00 2001
From: lmarcouiller <lucas.marcouiller@gmail.com>
Date: Tue, 26 Jul 2022 11:03:27 +0200
Subject: [PATCH 3/3] remove escape

---
 htdocs/product/stock/massstockmove.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/htdocs/product/stock/massstockmove.php b/htdocs/product/stock/massstockmove.php
index 09bc19b9beb..31b2aa8e187 100644
--- a/htdocs/product/stock/massstockmove.php
+++ b/htdocs/product/stock/massstockmove.php
@@ -337,8 +337,8 @@ if ($action == 'importCSV' && !empty($user->rights->stock->mouvement->creer)) {
 				}
 				//var_dump($data);
 				$tmp_id_sw = (int) $data[$i][0]['val'];
-				$tmp_id_tw = (int) dol_escape_htmltag($data[$i][1]['val']);
-				$tmp_id_product = (int) dol_escape_htmltag($data[$i][2]['val']);
+				$tmp_id_tw = (int) $data[$i][1]['val'];
+				$tmp_id_product = (int) $data[$i][2]['val'];
 				$tmp_qty = price2num((float) $data[$i][3]['val'], 'MS');
 				$tmp_batch = dol_escape_htmltag($data[$i][4]['val']);