From fc401a9c68a36c4e79720e679b44c19dea32a1f6 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Sun, 18 Dec 2016 13:27:14 +0100 Subject: [PATCH] Fix more security fixes --- htdocs/accountancy/expensereport/index.php | 2 +- htdocs/compta/bank/bankentries.php | 2 +- htdocs/compta/bank/card.php | 30 ++++---- htdocs/compta/bank/class/account.class.php | 2 +- htdocs/compta/bank/graph.php | 14 ++-- htdocs/compta/clients.php | 15 ++-- htdocs/compta/localtax/card.php | 12 ++-- htdocs/compta/paiement.php | 14 ++-- htdocs/compta/paiement/rapport.php | 2 +- htdocs/compta/payment_sc/card.php | 6 +- htdocs/compta/salaries/card.php | 4 +- htdocs/compta/stats/index.php | 2 +- htdocs/compta/tva/card.php | 4 +- htdocs/compta/tva/quadri.php | 2 +- htdocs/contact/card.php | 79 +++++++++++----------- htdocs/theme/eldy/style.css.php | 6 +- 16 files changed, 100 insertions(+), 96 deletions(-) diff --git a/htdocs/accountancy/expensereport/index.php b/htdocs/accountancy/expensereport/index.php index 7ead3a9940e..fea9cff6020 100644 --- a/htdocs/accountancy/expensereport/index.php +++ b/htdocs/accountancy/expensereport/index.php @@ -45,7 +45,7 @@ if (! $user->rights->accounting->bind->write) accessforbidden(); // Filter -$year = $_GET["year"]; +$year = GETPOST('year', 'int'); if ($year == 0) { $year_current = strftime("%Y", time()); $year_start = $year_current; diff --git a/htdocs/compta/bank/bankentries.php b/htdocs/compta/bank/bankentries.php index ce70e7ac938..47405d0e748 100644 --- a/htdocs/compta/bank/bankentries.php +++ b/htdocs/compta/bank/bankentries.php @@ -576,7 +576,7 @@ if ($resql) print ''; print ''; print ''; - if (! empty($_REQUEST['bid'])) print ''; + if (GETPOST('bid')) print ''; // Form to reconcile if ($user->rights->banque->consolidate && $action == 'reconcile') diff --git a/htdocs/compta/bank/card.php b/htdocs/compta/bank/card.php index d2b3c167872..baf2f3e26b1 100644 --- a/htdocs/compta/bank/card.php +++ b/htdocs/compta/bank/card.php @@ -50,7 +50,7 @@ $cancel = GETPOST('cancel', 'alpha'); // Security check if (isset($_GET["id"]) || isset($_GET["ref"])) { - $id = isset($_GET["id"])?$_GET["id"]:(isset($_GET["ref"])?$_GET["ref"]:''); + $id = isset($_GET["id"])?GETPOST("id"):(isset($_GET["ref"])?GETPOST("ref"):''); } $fieldid = isset($_GET["ref"])?'ref':'rowid'; if ($user->societe_id) $socid=$user->societe_id; @@ -93,7 +93,7 @@ if ($action == 'add') $object->iban = trim($_POST["iban"]); $object->domiciliation = trim($_POST["domiciliation"]); - $object->proprio = trim($_POST["proprio"]); + $object->proprio = trim($_POST["proprio"]); $object->owner_address = trim($_POST["owner_address"]); $account_number = GETPOST('account_number','alpha'); @@ -105,12 +105,12 @@ if ($action == 'add') $object->currency_code = trim($_POST["account_currency_code"]); - $object->state_id = $_POST["account_state_id"]; + $object->state_id = $_POST["account_state_id"]; $object->country_id = $_POST["account_country_id"]; $object->min_allowed = GETPOST("account_min_allowed",'int'); $object->min_desired = GETPOST("account_min_desired",'int'); - $object->comment = trim($_POST["account_comment"]); + $object->comment = trim(GETPOST("account_comment")); $object->fk_user_author = $user->id; @@ -172,7 +172,7 @@ if ($action == 'update') // Update account $object = new Account($db); - $object->fetch($_POST["id"]); + $object->fetch(GETPOST("id")); $object->ref = dol_string_nospecial(trim($_POST["ref"])); $object->label = trim($_POST["label"]); @@ -190,7 +190,7 @@ if ($action == 'update') $object->iban = trim($_POST["iban"]); $object->domiciliation = trim($_POST["domiciliation"]); - $object->proprio = trim($_POST["proprio"]); + $object->proprio = trim($_POST["proprio"]); $object->owner_address = trim($_POST["owner_address"]); $account_number = GETPOST('account_number', 'int'); @@ -204,7 +204,7 @@ if ($action == 'update') $object->min_allowed = GETPOST("account_min_allowed",'int'); $object->min_desired = GETPOST("account_min_desired",'int'); - $object->comment = trim($_POST["account_comment"]); + $object->comment = trim(GETPOST("account_comment")); if ($conf->global->MAIN_BANK_ACCOUNTANCY_CODE_ALWAYS_REQUIRED && empty($object->account_number)) { @@ -251,7 +251,7 @@ if ($_POST["action"] == 'confirm_delete' && $_POST["confirm"] == "yes" && $user- { // Delete $object = new Account($db); - $object->fetch($_GET["id"]); + $object->fetch(GETPOST("id","int")); $object->delete(); header("Location: ".DOL_URL_ROOT."/compta/bank/index.php"); @@ -367,7 +367,7 @@ if ($action == 'create') // Web print ''.$langs->trans("Web").''; - print ''; + print ''; // Tags-Categories if ($conf->categorie->enabled) @@ -836,11 +836,11 @@ else // Ref print ''.$langs->trans("Ref").''; - print 'ref).'">'; + print 'ref).'">'; // Label print ''.$langs->trans("Label").''; - print 'label).'">'; + print 'label).'">'; // Type print ''.$langs->trans("AccountType").''; @@ -902,14 +902,14 @@ else // Balance print ''.$langs->trans("BalanceMinimalAllowed").''; - print 'min_allowed).'">'; + print 'min_allowed).'">'; print ''.$langs->trans("BalanceMinimalDesired").''; - print 'min_desired).'">'; + print 'min_desired).'">'; // Web print ''.$langs->trans("Web").''; - print 'url).'">'; + print 'url).'">'; print ''; // Tags-Categories @@ -970,7 +970,7 @@ else if (! empty($conf->accounting->enabled)) { print ''.$langs->trans("AccountancyJournal").''; - print 'accountancy_journal).'">'; + print 'accountancy_journal).'">'; } print ''; diff --git a/htdocs/compta/bank/class/account.class.php b/htdocs/compta/bank/class/account.class.php index 139f578c5d6..73dd2d4f199 100644 --- a/htdocs/compta/bank/class/account.class.php +++ b/htdocs/compta/bank/class/account.class.php @@ -833,7 +833,7 @@ class Account extends CommonObject * @param string $ref Ref of bank account to get * @return int <0 if KO, >0 if OK */ - function fetch($id,$ref='') + function fetch($id, $ref='') { global $conf; diff --git a/htdocs/compta/bank/graph.php b/htdocs/compta/bank/graph.php index bf69fe98a3b..31a4087815c 100644 --- a/htdocs/compta/bank/graph.php +++ b/htdocs/compta/bank/graph.php @@ -43,9 +43,9 @@ $fieldid = isset($_GET["ref"])?'ref':'rowid'; if ($user->societe_id) $socid=$user->societe_id; $result=restrictedArea($user,'banque',$id,'bank_account&bank_account','','',$fieldid); -$account=$_GET["account"]; +$account=GETPOST("account"); $mode='standard'; -if (isset($_GET["mode"]) && $_GET["mode"] == 'showalltime') $mode='showalltime'; +if (GETPOST("mode") == 'showalltime') $mode='showalltime'; $error=0; @@ -63,18 +63,18 @@ $datetime = dol_now(); $year = dol_print_date($datetime, "%Y"); $month = dol_print_date($datetime, "%m"); $day = dol_print_date($datetime, "%d"); -if (! empty($_GET["year"])) $year=sprintf("%04d",$_GET["year"]); -if (! empty($_GET["month"])) $month=sprintf("%02d",$_GET["month"]); +if (GETPOST("year")) $year=sprintf("%04d",GETPOST("year")); +if (GETPOST("month")) $month=sprintf("%02d",GETPOST("month")); $object = new Account($db); if ($_GET["account"] && ! preg_match('/,/',$_GET["account"])) // if for a particular account and not a list { - $result=$object->fetch($_GET["account"]); + $result=$object->fetch(GETPOST("account", "int")); } if ($_GET["ref"]) { - $result=$object->fetch(0,$_GET["ref"]); + $result=$object->fetch(0, GETPOST("ref")); $account=$object->id; } @@ -823,7 +823,7 @@ print '

'; // Graphs if ($mode == 'standard') { - $prevyear=$year;$nextyear=$year; + $prevyear=$year; $nextyear=$year; $prevmonth=$month-1;$nextmonth=$month+1; if ($prevmonth < 1) { $prevmonth=12; $prevyear--; } if ($nextmonth > 12) { $nextmonth=1; $nextyear++; } diff --git a/htdocs/compta/clients.php b/htdocs/compta/clients.php index db9d4e623ca..6a3052a938d 100644 --- a/htdocs/compta/clients.php +++ b/htdocs/compta/clients.php @@ -97,35 +97,36 @@ $sql.= " AND s.entity IN (".getEntity('societe', 1).")"; if (!$user->rights->societe->client->voir && !$socid) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; if (dol_strlen($stcomm)) { - $sql.= " AND s.fk_stcomm=$stcomm"; + $sql.= " AND s.fk_stcomm=".$stcomm; } if ($socname) { - $sql.= " AND s.nom LIKE '%".$db->escape($socname)."%'"; + $sql.= natural_search("s.nom", $socname); $sortfield = "s.nom"; $sortorder = "ASC"; } if ($_GET["search_nom"]) { - $sql.= " AND s.nom LIKE '%".$db->escape($_GET["search_nom"])."%'"; + $sql.= natural_search("s.nom", GETPOST("search_nom")); } if ($_GET["search_compta"]) { - $sql.= " AND s.code_compta LIKE '%".$db->escape($_GET["search_compta"])."%'"; + $sql.= natural_search("s.code_compta", GETPOST("search_compta")); } if ($_GET["search_code_client"]) { - $sql.= " AND s.code_client LIKE '%".$db->escape($_GET["search_code_client"])."%'"; + $sql.= natural_search("s.code_client", GETPOST("search_code_client")); } if (dol_strlen($begin)) { - $sql.= " AND s.nom LIKE '".$db->escape($begin)."'"; + $sql.= natural_search("s.nom", $begin); } if ($socid) { $sql.= " AND s.rowid = ".$socid; } -$sql.= " ORDER BY $sortfield $sortorder " . $db->plimit($conf->liste_limit+1, $offset); +$sql.= " ORDER BY $sortfield $sortorder "; +$sql.= $db->plimit($conf->liste_limit+1, $offset); //print $sql; $resql = $db->query($sql); diff --git a/htdocs/compta/localtax/card.php b/htdocs/compta/localtax/card.php index 8fbc028a589..1772b6861dd 100644 --- a/htdocs/compta/localtax/card.php +++ b/htdocs/compta/localtax/card.php @@ -66,12 +66,12 @@ if ($action == 'add' && $_POST["cancel"] <> $langs->trans("Cancel")) $datev=dol_mktime(12,0,0, $_POST["datevmonth"], $_POST["datevday"], $_POST["datevyear"]); $datep=dol_mktime(12,0,0, $_POST["datepmonth"], $_POST["datepday"], $_POST["datepyear"]); - $localtax->accountid=$_POST["accountid"]; - $localtax->paymenttype=$_POST["paiementtype"]; + $localtax->accountid=GETPOST("accountid"); + $localtax->paymenttype=GETPOST("paiementtype"); $localtax->datev=$datev; $localtax->datep=$datep; - $localtax->amount=$_POST["amount"]; - $localtax->label=$_POST["label"]; + $localtax->amount=price2num(GETPOST("amount")); + $localtax->label=GETPOST("label"); $localtax->ltt=$lttype; $ret=$localtax->addPayment($user); @@ -178,10 +178,10 @@ if ($action == 'create') print ''; // Label - print ''.$langs->trans("Label").'transcountry(($lttype==2?"LT2Payment":"LT1Payment"),$mysoc->country_code)).'">'; + print ''.$langs->trans("Label").'transcountry(($lttype==2?"LT2Payment":"LT1Payment"),$mysoc->country_code)).'">'; // Amount - print ''.$langs->trans("Amount").''; + print ''.$langs->trans("Amount").''; if (! empty($conf->banque->enabled)) { diff --git a/htdocs/compta/paiement.php b/htdocs/compta/paiement.php index 82749f4949f..9980ea396de 100644 --- a/htdocs/compta/paiement.php +++ b/htdocs/compta/paiement.php @@ -251,9 +251,9 @@ if (empty($reshook)) $paiement->datepaye = $datepaye; $paiement->amounts = $amounts; // Array with all payments dispatching $paiement->multicurrency_amounts = $multicurrency_amounts; // Array with all payments dispatching - $paiement->paiementid = dol_getIdFromCode($db,$_POST['paiementcode'],'c_paiement'); - $paiement->num_paiement = $_POST['num_paiement']; - $paiement->note = $_POST['comment']; + $paiement->paiementid = dol_getIdFromCode($db,GETPOST('paiementcode'),'c_paiement'); + $paiement->num_paiement = GETPOST('num_paiement'); + $paiement->note = GETPOST('comment'); if (! $error) { @@ -513,7 +513,7 @@ if ($action == 'create' || $action == 'confirm_paiement' || $action == 'add_paie // Comments print ''.$langs->trans('Comments').''; print ''; - print ''; + print ''; print ''; @@ -683,12 +683,12 @@ if ($action == 'create' || $action == 'confirm_paiement' || $action == 'add_paie if (!empty($conf->use_javascript_ajax)) print img_picto("Auto fill",'rightarrow', "class='AutoFillAmout' data-rowname='".$namef."' data-value='".($sign * $remaintopay)."'"); print ''; - print ''; + print ''; } else { - print ''; - print ''; + print ''; + print ''; } print ""; diff --git a/htdocs/compta/paiement/rapport.php b/htdocs/compta/paiement/rapport.php index 8f23036f6af..b8bcf030729 100644 --- a/htdocs/compta/paiement/rapport.php +++ b/htdocs/compta/paiement/rapport.php @@ -43,7 +43,7 @@ if ($user->societe_id > 0) $dir = $conf->facture->dir_output.'/payments'; if (! $user->rights->societe->client->voir || $socid) $dir.='/private/'.$user->id; // If user has no permission to see all, output dir is specific to user -$year = $_GET["year"]; +$year = GETPOST('year', 'int'); if (! $year) { $year=date("Y"); } diff --git a/htdocs/compta/payment_sc/card.php b/htdocs/compta/payment_sc/card.php index 0ea48d9075c..b64d92d873f 100644 --- a/htdocs/compta/payment_sc/card.php +++ b/htdocs/compta/payment_sc/card.php @@ -37,7 +37,7 @@ $langs->load('banks'); $langs->load('companies'); // Security check -$id=GETPOST("id"); +$id=GETPOST("id",'int'); $action=GETPOST("action"); $confirm=GETPOST('confirm'); if ($user->societe_id) $socid=$user->societe_id; @@ -126,12 +126,12 @@ $form = new Form($db); $h=0; -$head[$h][0] = DOL_URL_ROOT.'/compta/payment_sc/card.php?id='.$_GET["id"]; +$head[$h][0] = DOL_URL_ROOT.'/compta/payment_sc/card.php?id='.$id; $head[$h][1] = $langs->trans("Card"); $hselected = $h; $h++; -/*$head[$h][0] = DOL_URL_ROOT.'/compta/payment_sc/info.php?id='.$_GET["id"]; +/*$head[$h][0] = DOL_URL_ROOT.'/compta/payment_sc/info.php?id='.$id; $head[$h][1] = $langs->trans("Info"); $h++; */ diff --git a/htdocs/compta/salaries/card.php b/htdocs/compta/salaries/card.php index a7921e53859..df83f5b9958 100644 --- a/htdocs/compta/salaries/card.php +++ b/htdocs/compta/salaries/card.php @@ -257,7 +257,7 @@ if ($action == 'create') // Label print ''; print fieldLabel('Label','label',1).''; - print 'trans("SalaryPayment")).'">'; + print 'trans("SalaryPayment")).'">'; print ''; // Date start period @@ -275,7 +275,7 @@ if ($action == 'create') // Amount print ''; print fieldLabel('Amount','amount',1).''; - print ''; + print ''; print ''; // Bank diff --git a/htdocs/compta/stats/index.php b/htdocs/compta/stats/index.php index a32a67bb9fe..8d1aceeaa77 100644 --- a/htdocs/compta/stats/index.php +++ b/htdocs/compta/stats/index.php @@ -39,7 +39,7 @@ $userid=GETPOST('userid','int'); $socid = GETPOST('socid','int'); // Define modecompta ('CREANCES-DETTES' or 'RECETTES-DEPENSES') $modecompta = $conf->global->ACCOUNTING_MODE; -if ($_GET["modecompta"]) $modecompta=$_GET["modecompta"]; +if (GETPOST("modecompta")) $modecompta=GETPOST("modecompta",'alpha'); // Security check if ($user->societe_id > 0) $socid = $user->societe_id; diff --git a/htdocs/compta/tva/card.php b/htdocs/compta/tva/card.php index 99bb676a321..cb80f49e790 100644 --- a/htdocs/compta/tva/card.php +++ b/htdocs/compta/tva/card.php @@ -258,10 +258,10 @@ if ($action == 'create') } else { $label = $langs->trans("VATPayment"); } - print ''.$langs->trans("Label").''; + print ''.$langs->trans("Label").''; // Amount - print ''.$langs->trans("Amount").''; + print ''.$langs->trans("Amount").''; if (! empty($conf->banque->enabled)) { diff --git a/htdocs/compta/tva/quadri.php b/htdocs/compta/tva/quadri.php index 0e4a66146aa..73cc0bc96ba 100644 --- a/htdocs/compta/tva/quadri.php +++ b/htdocs/compta/tva/quadri.php @@ -29,7 +29,7 @@ require '../../main.inc.php'; require_once DOL_DOCUMENT_ROOT.'/compta/tva/class/tva.class.php'; -$year=$_GET["year"]; +$year = GETPOST('year', 'int'); if ($year == 0 ) { $year_current = strftime("%Y",time()); diff --git a/htdocs/contact/card.php b/htdocs/contact/card.php index e7896d9b9ac..2cbcb94c5d4 100644 --- a/htdocs/contact/card.php +++ b/htdocs/contact/card.php @@ -477,10 +477,10 @@ else */ $object->canvas=$canvas; - $object->state_id = $_POST["state_id"]; + $object->state_id = GETPOST("state_id"); // We set country_id, country_code and label for the selected country - $object->country_id=$_POST["country_id"]?$_POST["country_id"]:(empty($objsoc->country_id)?$mysoc->country_id:$objsoc->country_id); + $object->country_id=$_POST["country_id"]?GETPOST("country_id"):(empty($objsoc->country_id)?$mysoc->country_id:$objsoc->country_id); if ($object->country_id) { $tmparray=getCountry($object->country_id,'all'); @@ -530,9 +530,9 @@ else // Name print ''; - print 'lastname).'" autofocus="autofocus">'; + print 'lastname).'" autofocus="autofocus">'; print ''; - print 'firstname).'">'; + print 'firstname).'">'; // Company if (empty($conf->global->SOCIETE_DISABLE_CONTACTS)) @@ -559,7 +559,7 @@ else print ''; print ''; - print 'poste).'">'; + print 'poste).'">'; $colspan=3; if ($conf->use_javascript_ajax && $socid > 0) $colspan=2; @@ -612,20 +612,20 @@ else // Phone / Fax if (($objsoc->typent_code == 'TE_PRIVATE' || ! empty($conf->global->CONTACT_USE_COMPANY_ADDRESS)) && dol_strlen(trim($object->phone_pro)) == 0) $object->phone_pro = $objsoc->phone; // Predefined with third party print ''; - print 'phone_pro).'">'; + print 'phone_pro).'">'; print ''; - print 'phone_perso).'">'; + print 'phone_perso).'">'; if (($objsoc->typent_code == 'TE_PRIVATE' || ! empty($conf->global->CONTACT_USE_COMPANY_ADDRESS)) && dol_strlen(trim($object->fax)) == 0) $object->fax = $objsoc->fax; // Predefined with third party print ''; - print 'phone_mobile).'">'; + print 'phone_mobile).'">'; print ''; - print 'fax).'">'; + print 'fax).'">'; // EMail if (($objsoc->typent_code == 'TE_PRIVATE' || ! empty($conf->global->CONTACT_USE_COMPANY_ADDRESS)) && dol_strlen(trim($object->email)) == 0) $object->email = $objsoc->email; // Predefined with third party print ''; - print 'email).'">'; + print 'email).'">'; if (! empty($conf->mailing->enabled)) { print ''; @@ -639,13 +639,13 @@ else // Instant message and no email print ''; - print 'jabberid).'">'; + print 'jabberid).'">'; // Skype if (! empty($conf->skype->enabled)) { print ''; - print 'skype).'">'; + print 'skype).'">'; } // Visibility @@ -784,9 +784,13 @@ else // Lastname print ''; - print 'lastname).'" autofocus="autofocus">'; + print 'lastname).'" autofocus="autofocus">'; + print ''; + print ''; + // Firstname print ''; - print 'firstname).'">'; + print 'firstname).'">'; + print ''; // Company if (empty($conf->global->SOCIETE_DISABLE_CONTACTS)) @@ -800,57 +804,56 @@ else // Civility print ''; - print $formcompany->select_civility(isset($_POST["civility_id"])?$_POST["civility_id"]:$object->civility_id); + print $formcompany->select_civility(isset($_POST["civility_id"])?GETPOST("civility_id"):$object->civility_id); print ''; print ''; - print 'poste).'">'; + print 'poste).'">'; // Address print ''; - print ''; - - $rowspan=3; - if (empty($conf->global->SOCIETE_DISABLE_STATE)) $rowspan++; - - print ''; - if ($conf->use_javascript_ajax) print ''.$langs->trans('CopyAddressFromSoc').''; - print ''; + print ''; + print '
'; + print ''; + print '
'; + if ($conf->use_javascript_ajax) print ''.$langs->trans('CopyAddressFromSoc').'
'; + print '
'; + print ''; // Zip / Town - print ' / '; - print $formcompany->select_ziptown((isset($_POST["zipcode"])?$_POST["zipcode"]:$object->zip),'zipcode',array('town','selectcountry_id','state_id'),6).' '; - print $formcompany->select_ziptown((isset($_POST["town"])?$_POST["town"]:$object->town),'town',array('zipcode','selectcountry_id','state_id')); + print ' / '; + print $formcompany->select_ziptown((isset($_POST["zipcode"])?GETPOST("zipcode"):$object->zip),'zipcode',array('town','selectcountry_id','state_id'),6).' '; + print $formcompany->select_ziptown((isset($_POST["town"])?GETPOST("town"):$object->town),'town',array('zipcode','selectcountry_id','state_id')); print ''; // Country - print ''; - print $form->select_country(isset($_POST["country_id"])?$_POST["country_id"]:$object->country_id,'country_id'); + print ''; + print $form->select_country(isset($_POST["country_id"])?GETPOST("country_id"):$object->country_id,'country_id'); if ($user->admin) print info_admin($langs->trans("YouCanChangeValuesForThisListFromDictionarySetup"),1); print ''; // State if (empty($conf->global->SOCIETE_DISABLE_STATE)) { - print ''; - print $formcompany->select_state($object->state_id,isset($_POST["country_id"])?$_POST["country_id"]:$object->country_id,'state_id'); + print ''; + print $formcompany->select_state($object->state_id,isset($_POST["country_id"])?GETPOST("country_id"):$object->country_id,'state_id'); print ''; } // Phone print ''; - print 'phone_pro).'">'; + print 'phone_pro).'">'; print ''; - print 'phone_perso).'">'; + print 'phone_perso).'">'; print ''; - print 'phone_mobile).'">'; + print 'phone_mobile).'">'; print ''; - print 'fax).'">'; + print 'fax).'">'; // EMail print ''; - print 'email).'">'; + print 'email).'">'; if (! empty($conf->mailing->enabled)) { $langs->load("mails"); @@ -865,7 +868,7 @@ else // Jabberid print ''; - print 'jabberid).'">'; + print 'jabberid).'">'; if (! empty($conf->mailing->enabled)) { print ''; @@ -881,7 +884,7 @@ else if (! empty($conf->skype->enabled)) { print ''; - print 'skype).'">'; + print 'skype).'">'; } // Visibility diff --git a/htdocs/theme/eldy/style.css.php b/htdocs/theme/eldy/style.css.php index 73015308521..c5d9dd13189 100644 --- a/htdocs/theme/eldy/style.css.php +++ b/htdocs/theme/eldy/style.css.php @@ -867,12 +867,12 @@ div.fichecenterbis { div.fichethirdleft { browser->layout != 'phone') { print "float: ".$left.";\n"; } ?> browser->layout != 'phone') { print "width: 50%;\n"; } ?> - browser->layout == 'phone') { print "padding-bottom: 6px;\n"; } ?> + browser->layout == 'phone') { print "padding-bottom: 6px;\n"; } ?> } div.fichetwothirdright { browser->layout != 'phone') { print "float: ".$right.";\n"; } ?> browser->layout != 'phone') { print "width: 50%;\n"; } ?> - browser->layout == 'phone') { print "padding-bottom: 6px\n"; } ?> + browser->layout == 'phone') { print "padding-bottom: 6px\n"; } ?> } div.fichehalfleft { browser->layout != 'phone') { print "float: ".$left.";\n"; } ?> @@ -4451,7 +4451,7 @@ border-top-right-radius: 6px; color: #fff; text-decoration: none; padding-top: 18px; - padding-left: 54px; + : 54px; font-size: 14px; height: 38px; }