Merge pull request #14773 from aspangaro/10.0p51

FIX Yogosha report 4448 (backport)
Merge branch '10.5' into 10.0p51
2020-10-17 18:51:49 +02:00 · 2020-10-17 18:51:25 +02:00 · 2020-09-23 19:57:29 +02:00 · 2020-09-23 19:55:31 +02:00 · 2020-09-23 19:54:56 +02:00 · 2020-09-20 17:42:27 +02:00
243 changed files with 432 additions and 399 deletions
--- a/htdocs/accountancy/admin/account.php
+++ b/htdocs/accountancy/admin/account.php
@ -51,7 +51,7 @@ if (! $user->rights->accounting->chartofaccount) accessforbidden();
 // Load variable for pagination
 $limit = GETPOST('limit', 'int')?GETPOST('limit', 'int'):$conf->liste_limit;
 $sortfield = GETPOST('sortfield', 'alpha');
-$sortorder = GETPOST('sortorder', 'alpha');
+$sortorder = GETPOST('sortorder', 'aZ09comma');
 $page = GETPOST('page', 'int');
 if (empty($page) || $page == -1) { $page = 0; }     // If $page is not defined, or '' or -1
 $offset = $limit * $page;
--- a/htdocs/accountancy/admin/fiscalyear.php
+++ b/htdocs/accountancy/admin/fiscalyear.php
@ -30,7 +30,7 @@ $action = GETPOST('action', 'aZ09');
 // Load variable for pagination
 $limit = GETPOST('limit', 'int')?GETPOST('limit', 'int'):$conf->liste_limit;
 $sortfield = GETPOST('sortfield', 'alpha');
-$sortorder = GETPOST('sortorder', 'alpha');
+$sortorder = GETPOST('sortorder', 'aZ09comma');
 $page = GETPOST('page', 'int');
 if (empty($page) || $page == -1) { $page = 0; }     // If $page is not defined, or '' or -1
 $offset = $limit * $page;
--- a/htdocs/accountancy/admin/productaccount.php
+++ b/htdocs/accountancy/admin/productaccount.php
@ -69,7 +69,7 @@ if (empty($accounting_product_mode)) $accounting_product_mode='ACCOUNTANCY_SELL'
 $limit = GETPOST('limit', 'int')?GETPOST('limit', 'int'):(empty($conf->global->ACCOUNTING_LIMIT_LIST_VENTILATION)?$conf->liste_limit:$conf->global->ACCOUNTING_LIMIT_LIST_VENTILATION);
 $sortfield = GETPOST("sortfield", 'alpha');
-$sortorder = GETPOST("sortorder", 'alpha');
+$sortorder = GETPOST('sortorder', 'aZ09comma');
 $page = GETPOST("page", 'int');
 if (empty($page) || $page == -1) { $page = 0; }     // If $page is not defined, or '' or -1
 $offset = $limit * $page;
--- a/htdocs/accountancy/bookkeeping/balance.php
+++ b/htdocs/accountancy/bookkeeping/balance.php
@ -47,7 +47,7 @@ if (GETPOST("exportcsv", 'alpha')) $action = 'export_csv';
 // Load variable for pagination
 $limit = GETPOST('limit', 'int')?GETPOST('limit', 'int'):$conf->liste_limit;
 $sortfield = GETPOST('sortfield', 'alpha');
-$sortorder = GETPOST('sortorder', 'alpha');
+$sortorder = GETPOST('sortorder', 'aZ09comma');
 $page = GETPOST('page', 'int');
 if (empty($page) || $page == -1 || GETPOST('button_search', 'alpha') || GETPOST('button_removefilter', 'alpha') || (empty($toselect) && $massaction === '0')) { $page = 0; }     // If $page is not defined, or '' or -1 or if we click on clear filters or if we select empty mass action
 $offset = $limit * $page;
--- a/htdocs/accountancy/bookkeeping/list.php
+++ b/htdocs/accountancy/bookkeeping/list.php
@ -88,7 +88,7 @@ $search_lettering_code = GETPOST('search_lettering_code', 'alpha');
 // Load variable for pagination
 $limit = GETPOST('limit', 'int')?GETPOST('limit', 'int'):(empty($conf->global->ACCOUNTING_LIMIT_LIST_VENTILATION)?$conf->liste_limit:$conf->global->ACCOUNTING_LIMIT_LIST_VENTILATION);
 $sortfield = GETPOST('sortfield', 'alpha');
-$sortorder = GETPOST('sortorder', 'alpha');
+$sortorder = GETPOST('sortorder', 'aZ09comma');
 $page = GETPOST('page', 'int');
 if (empty($page) || $page < 0) { $page = 0; }
 $offset = $limit * $page;
--- a/htdocs/accountancy/bookkeeping/listbyaccount.php
+++ b/htdocs/accountancy/bookkeeping/listbyaccount.php
@ -40,7 +40,7 @@ $langs->loadLangs(array("accountancy"));
 $page = GETPOST("page");
 $sortorder = GETPOST("sortorder");
 $sortfield = GETPOST("sortfield");
-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $search_date_start = dol_mktime(0, 0, 0, GETPOST('search_date_startmonth', 'int'), GETPOST('search_date_startday', 'int'), GETPOST('search_date_startyear', 'int'));
 $search_date_end = dol_mktime(0, 0, 0, GETPOST('search_date_endmonth', 'int'), GETPOST('search_date_endday', 'int'), GETPOST('search_date_endyear', 'int'));
 $search_doc_date = dol_mktime(0, 0, 0, GETPOST('doc_datemonth', 'int'), GETPOST('doc_dateday', 'int'), GETPOST('doc_dateyear', 'int'));
@ -64,7 +64,7 @@ $search_credit = GETPOST('search_credit', 'alpha');
 // Load variable for pagination
 $limit = GETPOST('limit', 'int')?GETPOST('limit', 'int'):(empty($conf->global->ACCOUNTING_LIMIT_LIST_VENTILATION)?$conf->liste_limit:$conf->global->ACCOUNTING_LIMIT_LIST_VENTILATION);
 $sortfield = GETPOST('sortfield', 'alpha');
-$sortorder = GETPOST('sortorder', 'alpha');
+$sortorder = GETPOST('sortorder', 'aZ09comma');
 $page = GETPOST('page', 'int');
 if (empty($page) || $page < 0) { $page = 0; }
 $offset = $limit * $page;
--- a/htdocs/accountancy/customer/card.php
+++ b/htdocs/accountancy/customer/card.php
@ -30,7 +30,7 @@ require_once DOL_DOCUMENT_ROOT . '/core/class/html.formaccounting.class.php';
 // Load translation files required by the page
 $langs->loadLangs(array("bills","accountancy"));
-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $cancel = GETPOST('cancel', 'alpha');
 $backtopage = GETPOST('backtopage', 'alpha');
--- a/htdocs/accountancy/customer/lines.php
+++ b/htdocs/accountancy/customer/lines.php
@ -57,7 +57,7 @@ $search_tvaintra = GETPOST('search_tvaintra', 'alpha');
 // Load variable for pagination
 $limit = GETPOST('limit', 'int')?GETPOST('limit', 'int'):(empty($conf->global->ACCOUNTING_LIMIT_LIST_VENTILATION)?$conf->liste_limit:$conf->global->ACCOUNTING_LIMIT_LIST_VENTILATION);
 $sortfield = GETPOST('sortfield', 'alpha');
-$sortorder = GETPOST('sortorder', 'alpha');
+$sortorder = GETPOST('sortorder', 'aZ09comma');
 $page = GETPOST('page', 'int');
 if (empty($page) || $page < 0) $page = 0;
 $pageprev = $page - 1;
--- a/htdocs/accountancy/customer/list.php
+++ b/htdocs/accountancy/customer/list.php
@ -68,7 +68,7 @@ $btn_ventil = GETPOST('ventil', 'alpha');
 // Load variable for pagination
 $limit = GETPOST('limit', 'int')?GETPOST('limit', 'int'):(empty($conf->global->ACCOUNTING_LIMIT_LIST_VENTILATION)?$conf->liste_limit:$conf->global->ACCOUNTING_LIMIT_LIST_VENTILATION);
 $sortfield = GETPOST('sortfield', 'alpha');
-$sortorder = GETPOST('sortorder', 'alpha');
+$sortorder = GETPOST('sortorder', 'aZ09comma');
 $page = GETPOST('page', 'int');
 if (empty($page) || $page < 0) { $page = 0; }
 $offset = $limit * $page;
--- a/htdocs/accountancy/expensereport/card.php
+++ b/htdocs/accountancy/expensereport/card.php
@ -34,7 +34,7 @@ require_once DOL_DOCUMENT_ROOT . '/core/class/html.formaccounting.class.php';
 // Load translation files required by the page
 $langs->loadLangs(array("bills","accountancy","trips"));
-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $cancel = GETPOST('cancel', 'alpha');
 $backtopage = GETPOST('backtopage', 'alpha');
--- a/htdocs/accountancy/expensereport/lines.php
+++ b/htdocs/accountancy/expensereport/lines.php
@ -52,7 +52,7 @@ $search_year=GETPOST("search_year", "int");
 // Load variable for pagination
 $limit = GETPOST('limit', 'int')?GETPOST('limit', 'int'):(empty($conf->global->ACCOUNTING_LIMIT_LIST_VENTILATION)?$conf->liste_limit:$conf->global->ACCOUNTING_LIMIT_LIST_VENTILATION);
 $sortfield = GETPOST('sortfield', 'alpha');
-$sortorder = GETPOST('sortorder', 'alpha');
+$sortorder = GETPOST('sortorder', 'aZ09comma');
 $page = GETPOST('page', 'int');
 if (empty($page) || $page < 0) $page = 0;
 $pageprev = $page - 1;
--- a/htdocs/accountancy/expensereport/list.php
+++ b/htdocs/accountancy/expensereport/list.php
@ -62,7 +62,7 @@ $btn_ventil = GETPOST('ventil', 'alpha');
 // Load variable for pagination
 $limit = GETPOST('limit', 'int')?GETPOST('limit', 'int'):(empty($conf->global->ACCOUNTING_LIMIT_LIST_VENTILATION)?$conf->liste_limit:$conf->global->ACCOUNTING_LIMIT_LIST_VENTILATION);
 $sortfield = GETPOST('sortfield', 'alpha');
-$sortorder = GETPOST('sortorder', 'alpha');
+$sortorder = GETPOST('sortorder', 'aZ09comma');
 $page = GETPOST('page', 'int');
 if (empty($page) || $page < 0) { $page = 0; }
 $offset = $limit * $page;
--- a/htdocs/accountancy/supplier/card.php
+++ b/htdocs/accountancy/supplier/card.php
@ -34,7 +34,7 @@ require_once DOL_DOCUMENT_ROOT . '/core/class/html.formaccounting.class.php';
 // Load translation files required by the page
 $langs->loadLangs(array("bills","accountancy"));
-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $cancel = GETPOST('cancel', 'alpha');
 $backtopage = GETPOST('backtopage', 'alpha');
--- a/htdocs/accountancy/supplier/lines.php
+++ b/htdocs/accountancy/supplier/lines.php
@ -59,7 +59,7 @@ $search_tvaintra = GETPOST('search_tvaintra', 'alpha');
 // Load variable for pagination
 $limit = GETPOST('limit', 'int')?GETPOST('limit', 'int'):(empty($conf->global->ACCOUNTING_LIMIT_LIST_VENTILATION)?$conf->liste_limit:$conf->global->ACCOUNTING_LIMIT_LIST_VENTILATION);
 $sortfield = GETPOST('sortfield', 'alpha');
-$sortorder = GETPOST('sortorder', 'alpha');
+$sortorder = GETPOST('sortorder', 'aZ09comma');
 $page = GETPOST('page', 'int');
 if (empty($page) || $page < 0) $page = 0;
 $offset = $limit * $page;
--- a/htdocs/accountancy/supplier/list.php
+++ b/htdocs/accountancy/supplier/list.php
@ -68,7 +68,7 @@ $btn_ventil = GETPOST('ventil', 'alpha');
 // Load variable for pagination
 $limit = GETPOST('limit', 'int')?GETPOST('limit', 'int'):(empty($conf->global->ACCOUNTING_LIMIT_LIST_VENTILATION)?$conf->liste_limit:$conf->global->ACCOUNTING_LIMIT_LIST_VENTILATION);
 $sortfield = GETPOST('sortfield', 'alpha');
-$sortorder = GETPOST('sortorder', 'alpha');
+$sortorder = GETPOST('sortorder', 'aZ09comma');
 $page = GETPOST('page', 'int');
 if (empty($page) || $page < 0) { $page = 0; }
 $offset = $limit * $page;
--- a/htdocs/adherents/admin/adherent.php
+++ b/htdocs/adherents/admin/adherent.php
@ -41,7 +41,7 @@ if (! $user->admin) accessforbidden();
 $type=array('yesno','texte','chaine');
-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 /*
--- a/htdocs/adherents/admin/adherent_emails.php
+++ b/htdocs/adherents/admin/adherent_emails.php
@ -41,7 +41,7 @@ if (! $user->admin) accessforbidden();
 $oldtypetonewone=array('texte'=>'text','chaine'=>'string');	// old type to new ones
-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $error = 0;
--- a/htdocs/adherents/subscription.php
+++ b/htdocs/adherents/subscription.php
@ -48,7 +48,7 @@ $typeid=GETPOST('typeid', 'int');
 // Load variable for pagination
 $limit = GETPOST('limit', 'int')?GETPOST('limit', 'int'):$conf->liste_limit;
 $sortfield = GETPOST('sortfield', 'alpha');
-$sortorder = GETPOST('sortorder', 'alpha');
+$sortorder = GETPOST('sortorder', 'aZ09comma');
 $page = GETPOST('page', 'int');
 if (empty($page) || $page == -1) { $page = 0; }     // If $page is not defined, or '' or -1
 $offset = $limit * $page;
--- a/htdocs/adherents/subscription/list.php
+++ b/htdocs/adherents/subscription/list.php
@ -52,7 +52,7 @@ $date_select=GETPOST("date_select", 'alpha');
 $limit = GETPOST('limit', 'int')?GETPOST('limit', 'int'):$conf->liste_limit;
 $sortfield = GETPOST("sortfield", 'alpha');
-$sortorder = GETPOST("sortorder", 'alpha');
+$sortorder = GETPOST('sortorder', 'aZ09comma');
 $page = GETPOST("page", 'int');
 if (empty($page) || $page == -1) { $page = 0; }     // If $page is not defined, or '' or -1
 $offset = $limit * $page ;
--- a/htdocs/adherents/type.php
+++ b/htdocs/adherents/type.php
@ -36,7 +36,7 @@ require_once DOL_DOCUMENT_ROOT.'/core/class/extrafields.class.php';
 $langs->load("members");
 $rowid  = GETPOST('rowid', 'int');
-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $cancel = GETPOST('cancel', 'alpha');
 $backtopage = GETPOST('backtopage', 'alpha');
--- a/htdocs/adherents/type_ldap.php
+++ b/htdocs/adherents/type_ldap.php
@ -33,7 +33,7 @@ require_once DOL_DOCUMENT_ROOT.'/core/lib/ldap.lib.php';
 $langs->loadLangs(array("admin","members","ldap"));
 $id = GETPOST('rowid', 'int');
-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 // Security check
 $result=restrictedArea($user, 'adherent', $id, 'adherent_type');
--- a/htdocs/admin/agenda.php
+++ b/htdocs/admin/agenda.php
@ -34,7 +34,7 @@ if (!$user->admin)
 // Load translation files required by the page
 $langs->loadLangs(array('admin', 'other', 'agenda'));
-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $cancel = GETPOST('cancel', 'alpha');
 $search_event = GETPOST('search_event', 'alpha');
--- a/htdocs/admin/agenda_other.php
+++ b/htdocs/admin/agenda_other.php
@ -37,7 +37,7 @@ if (!$user->admin)
 // Load translation files required by the page
 $langs->loadLangs(array('admin', 'other', 'agenda', 'users'));
-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $value = GETPOST('value', 'alpha');
 $param = GETPOST('param', 'alpha');
 $cancel = GETPOST('cancel', 'alpha');
--- a/htdocs/admin/agenda_reminder.php
+++ b/htdocs/admin/agenda_reminder.php
@ -32,7 +32,7 @@ if (!$user->admin)
 // Load translation files required by the page
 $langs->loadLangs(array("admin","other","agenda"));
-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $value = GETPOST('value', 'alpha');
 $param = GETPOST('param', 'alpha');
 $cancel = GETPOST('cancel', 'alpha');
--- a/htdocs/admin/bank.php
+++ b/htdocs/admin/bank.php
@ -37,7 +37,7 @@ $langs->loadLangs(array("admin","companies","bills","other","banks"));
 if (!$user->admin)
    accessforbidden();
-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $value = GETPOST('value', 'alpha');
 $label = GETPOST('label', 'alpha');
 $scandir = GETPOST('scan_dir', 'alpha');
--- a/htdocs/admin/barcode.php
+++ b/htdocs/admin/barcode.php
@ -33,7 +33,7 @@ $langs->load("admin");
 if (!$user->admin) accessforbidden();
-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 /*
--- a/htdocs/admin/bom.php
+++ b/htdocs/admin/bom.php
@ -32,7 +32,7 @@ $langs->loadLangs(array('admin', 'errors', 'mrp', 'other'));
 if (! $user->admin) accessforbidden();
-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $value = GETPOST('value', 'alpha');
 $label = GETPOST('label', 'alpha');
 $scandir = GETPOST('scan_dir', 'alpha');
--- a/htdocs/admin/boxes.php
+++ b/htdocs/admin/boxes.php
@ -34,7 +34,7 @@ $langs->loadLangs(array('admin', 'boxes'));
 if (! $user->admin) accessforbidden();
 $rowid = GETPOST('rowid', 'int');
-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 // Define possible position of boxes
--- a/htdocs/admin/chequereceipts.php
+++ b/htdocs/admin/chequereceipts.php
@ -37,7 +37,7 @@ $langs->loadLangs(array("admin","companies","bills","other","banks"));
 if (!$user->admin)
  accessforbidden();
-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $value = GETPOST('value', 'alpha');
--- a/htdocs/admin/commande.php
+++ b/htdocs/admin/commande.php
@ -41,7 +41,7 @@ $langs->loadLangs(array('admin', 'errors', 'orders', 'other'));
 if (! $user->admin) accessforbidden();
-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $value = GETPOST('value', 'alpha');
 $label = GETPOST('label', 'alpha');
 $scandir = GETPOST('scan_dir', 'alpha');
--- a/htdocs/admin/compta.php
+++ b/htdocs/admin/compta.php
@ -35,7 +35,7 @@ $langs->loadLangs(array('admin', 'compta', 'accountancy'));
 if (!$user->admin)
 accessforbidden();
-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 // Other parameters ACCOUNTING_*
 $list = array(
--- a/htdocs/admin/contract.php
+++ b/htdocs/admin/contract.php
@ -33,7 +33,7 @@ $langs->loadLangs(array("admin","errors","contracts"));
 if (!$user->admin) accessforbidden();
-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $value = GETPOST('value', 'alpha');
 $label = GETPOST('label', 'alpha');
 $scandir = GETPOST('scan_dir', 'alpha');
--- a/htdocs/admin/dav.php
+++ b/htdocs/admin/dav.php
@ -32,7 +32,7 @@ if (!$user->admin)
    accessforbidden();
 // Parameters
-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $backtopage = GETPOST('backtopage', 'alpha');
 $arrayofparameters=array(
--- a/htdocs/admin/emailcollector_list.php
+++ b/htdocs/admin/emailcollector_list.php
@ -52,7 +52,7 @@ $id			= GETPOST('id', 'int');
 // Load variable for pagination
 $limit = GETPOST('limit', 'int')?GETPOST('limit', 'int'):$conf->liste_limit;
 $sortfield = GETPOST('sortfield', 'alpha');
-$sortorder = GETPOST('sortorder', 'alpha');
+$sortorder = GETPOST('sortorder', 'aZ09comma');
 $page = GETPOST('page', 'int');
 if (empty($page) || $page == -1 || GETPOST('button_search', 'alpha') || GETPOST('button_removefilter', 'alpha') || (empty($toselect) && $massaction === '0')) { $page = 0; }     // If $page is not defined, or '' or -1 or if we click on clear filters or if we select empty mass action
 $offset = $limit * $page;
--- a/htdocs/admin/expensereport.php
+++ b/htdocs/admin/expensereport.php
@ -39,7 +39,7 @@ $langs->loadLangs(array('admin', 'errors', 'trips', 'other'));
 if (! $user->admin) accessforbidden();
-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $value = GETPOST('value', 'alpha');
 $label = GETPOST('label', 'alpha');
 $scandir = GETPOST('scan_dir', 'alpha');
--- a/htdocs/admin/expensereport_ik.php
+++ b/htdocs/admin/expensereport_ik.php
@ -39,7 +39,7 @@ if (!$user->admin) accessforbidden();
 $error = false;
 $message = false;
-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $id = GETPOST('id', 'int');
 $offset = GETPOST('offset', 'int');
 $coef = GETPOST('coef', 'int');
--- a/htdocs/admin/expensereport_rules.php
+++ b/htdocs/admin/expensereport_rules.php
@ -40,7 +40,7 @@ if (!$user->admin) accessforbidden();
 $error = false;
 $message = false;
-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $id = GETPOST('id', 'int');
 $apply_to = GETPOST('apply_to');
--- a/htdocs/admin/facture.php
+++ b/htdocs/admin/facture.php
@ -38,7 +38,7 @@ $langs->loadLangs(array('admin', 'errors', 'other', 'bills'));
 if (! $user->admin) accessforbidden();
-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $value = GETPOST('value', 'alpha');
 $label = GETPOST('label', 'alpha');
 $scandir = GETPOST('scan_dir', 'alpha');
--- a/htdocs/admin/fckeditor.php
+++ b/htdocs/admin/fckeditor.php
@ -31,7 +31,7 @@ require_once DOL_DOCUMENT_ROOT.'/core/class/doleditor.class.php';
 // Load translation files required by the page
 $langs->loadLangs(array('admin', 'fckeditor'));
-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 // Possible modes are:
 // dolibarr_details
 // dolibarr_notes
--- a/htdocs/admin/fichinter.php
+++ b/htdocs/admin/fichinter.php
@ -39,7 +39,7 @@ $langs->loadLangs(array('admin', 'errors', 'interventions', 'other'));
 if (! $user->admin) accessforbidden();
-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $value = GETPOST('value', 'alpha');
 $label = GETPOST('label', 'alpha');
 $scandir = GETPOST('scan_dir', 'alpha');
--- a/htdocs/admin/holiday.php
+++ b/htdocs/admin/holiday.php
@ -35,7 +35,7 @@ $langs->loadLangs(array("admin", "errors", "holiday"));
 if (!$user->admin) accessforbidden();
-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $value = GETPOST('value', 'alpha');
 $label = GETPOST('label', 'alpha');
 $scandir = GETPOST('scan_dir', 'alpha');
--- a/htdocs/admin/limits.php
+++ b/htdocs/admin/limits.php
@ -31,7 +31,7 @@ $langs->loadLangs(array('companies', 'products', 'admin'));
 if (! $user->admin) accessforbidden();
-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 if ($action == 'update')
 {
--- a/htdocs/admin/loan.php
+++ b/htdocs/admin/loan.php
@ -35,7 +35,7 @@ $langs->loadLangs(array('admin', 'loan'));
 if (!$user->admin)
    accessforbidden();
-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 // Other parameters LOAN_*
 $list = array (
--- a/htdocs/admin/mailing.php
+++ b/htdocs/admin/mailing.php
@ -32,7 +32,7 @@ $langs->loadLangs(array("admin", "mails"));
 if (!$user->admin) accessforbidden();
-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
--- a/htdocs/admin/mails_senderprofile_list.php
+++ b/htdocs/admin/mails_senderprofile_list.php
@ -47,7 +47,7 @@ $id			= GETPOST('id', 'int');
 // Load variable for pagination
 $limit = GETPOST('limit', 'int')?GETPOST('limit', 'int'):$conf->liste_limit;
 $sortfield = GETPOST('sortfield', 'alpha');
-$sortorder = GETPOST('sortorder', 'alpha');
+$sortorder = GETPOST('sortorder', 'aZ09comma');
 $page = GETPOST('page', 'int');
 if (empty($page) || $page == -1) { $page = 0; }     // If $page is not defined, or '' or -1
 $offset = $limit * $page;
--- a/htdocs/admin/menus/edit.php
+++ b/htdocs/admin/menus/edit.php
@ -31,6 +31,8 @@ require_once DOL_DOCUMENT_ROOT.'/core/class/menubase.class.php';
 // Load translation files required by the page
 $langs->loadLangs(array("other","admin"));
 $cancel = GETPOST('cancel', 'alphanohtml'); // We click on a Cancel button
 if (! $user->admin) accessforbidden();
 $dirstandard = array();
@ -64,46 +66,46 @@ if (GETPOST("menu_handler"))    $menu_handler=GETPOST("menu_handler");
 if ($action == 'update')
 {
-    if (! $_POST['cancel'])
+	if (!$cancel)
-    {
+	{
-        $leftmenu=''; $mainmenu='';
+		$leftmenu=''; $mainmenu='';
-        if (! empty($_POST['menuIdParent']) && ! is_numeric($_POST['menuIdParent']))
+		if (GETPOST('menuIdParent', 'alphanohtml') && !is_numeric(GETPOST('menuIdParent', 'alphanohtml')))
-        {
+		{
-            $tmp=explode('&', $_POST['menuIdParent']);
+			$tmp=explode('&', GETPOST('menuIdParent', 'alphanohtml'));
-            foreach($tmp as $s)
+			foreach ($tmp as $s)
-            {
+			{
-                if (preg_match('/fk_mainmenu=/', $s))
+				if (preg_match('/fk_mainmenu=/', $s))
-                {
+				{
-                    $mainmenu=preg_replace('/fk_mainmenu=/', '', $s);
+					$mainmenu=preg_replace('/fk_mainmenu=/', '', $s);
-                }
+				}
-                if (preg_match('/fk_leftmenu=/', $s))
+				if (preg_match('/fk_leftmenu=/', $s))
-                {
+				{
-                    $leftmenu=preg_replace('/fk_leftmenu=/', '', $s);
+					$leftmenu=preg_replace('/fk_leftmenu=/', '', $s);
-                }
+				}
-            }
+			}
-        }
+		}
        $menu = new Menubase($db);
        $result=$menu->fetch(GETPOST('menuId', 'int'));
        if ($result > 0)
        {
-            $menu->titre=GETPOST('titre', 'alpha');
+            $menu->titre=GETPOST('titre', 'alphanohtml');
            $menu->leftmenu=GETPOST('leftmenu', 'aZ09');
-            $menu->url=GETPOST('url', 'alpha');
+            $menu->url=GETPOST('url', 'alphanohtml');
-            $menu->langs=GETPOST('langs', 'alpha');
+            $menu->langs=GETPOST('langs', 'alphanohtml');
            $menu->position=GETPOST('position', 'int');
-            $menu->enabled=GETPOST('enabled', 'alpha');
+            $menu->enabled=GETPOST('enabled', 'alphanohtml');
-            $menu->perms=GETPOST('perms', 'alpha');
+            $menu->perms=GETPOST('perms', 'alphanohtml');
-            $menu->target=GETPOST('target', 'alpha');
+            $menu->target=GETPOST('target', 'alphanohtml');
-            $menu->user=GETPOST('user', 'alpha');
+            $menu->user=GETPOST('user', 'alphanohtml');
-            $menu->mainmenu=GETPOST('propertymainmenu', 'alpha');
+            $menu->mainmenu=GETPOST('propertymainmenu', 'alphanohtml');
-            if (is_numeric(GETPOST('menuIdParent', 'alpha')))
+            if (is_numeric(GETPOST('menuIdParent', 'alphanohtml')))
            {
-            	$menu->fk_menu=GETPOST('menuIdParent', 'alpha');
+            	$menu->fk_menu=GETPOST('menuIdParent', 'alphanohtml');
            }
            else
            {
-    	       	if (GETPOST('type', 'alpha') == 'top') $menu->fk_menu=0;
+    	       	if (GETPOST('type', 'alphanohtml') == 'top') $menu->fk_menu=0;
    	       	else $menu->fk_menu=-1;
            	$menu->fk_mainmenu=$mainmenu;
            	$menu->fk_leftmenu=$leftmenu;
@ -144,9 +146,9 @@ if ($action == 'add')
    }
    $leftmenu=''; $mainmenu='';
-    if (GETPOST('menuId', 'alpha', 3) && ! is_numeric(GETPOST('menuId', 'alpha', 3)))
+    if (GETPOST('menuId', 'alphanohtml', 3) && ! is_numeric(GETPOST('menuId', 'alphanohtml', 3)))
    {
-	    $tmp=explode('&', GETPOST('menuId', 'alpha', 3));
+	    $tmp=explode('&', GETPOST('menuId', 'alphanohtml', 3));
 	    foreach($tmp as $s)
 	    {
 	    	if (preg_match('/fk_mainmenu=/', $s))
@ -204,23 +206,23 @@ if ($action == 'add')
    {
        $menu = new Menubase($db);
        $menu->menu_handler=preg_replace('/_menu$/', '', GETPOST('menu_handler', 'aZ09'));
-        $menu->type=GETPOST('type', 'alpha');
+        $menu->type=GETPOST('type', 'alphanohtml');
-        $menu->titre=GETPOST('titre', 'alpha');
+        $menu->titre=GETPOST('titre', 'alphanohtml');
-        $menu->url=GETPOST('url', 'alpha');
+        $menu->url=GETPOST('url', 'alphanohtml');
-        $menu->langs=GETPOST('langs', 'alpha');
+        $menu->langs=GETPOST('langs', 'alphanohtml');
        $menu->position=GETPOST('position', 'int');
-        $menu->enabled=GETPOST('enabled', 'alpha');
+        $menu->enabled=GETPOST('enabled', 'alphanohtml');
-        $menu->perms=GETPOST('perms', 'alpha');
+        $menu->perms=GETPOST('perms', 'alphanohtml');
-        $menu->target=GETPOST('target', 'alpha');
+        $menu->target=GETPOST('target', 'alphanohtml');
-        $menu->user=GETPOST('user', 'alpha');
+        $menu->user=GETPOST('user', 'alphanohtml');
-        $menu->mainmenu=GETPOST('propertymainmenu', 'alpha');
+        $menu->mainmenu=GETPOST('propertymainmenu', 'alphanohtml');
-        if (is_numeric(GETPOST('menuId', 'alpha', 3)))
+        if (is_numeric(GETPOST('menuId', 'alphanohtml', 3)))
        {
-        	$menu->fk_menu=GETPOST('menuId', 'alpha', 3);
+        	$menu->fk_menu=GETPOST('menuId', 'alphanohtml', 3);
        }
        else
        {
-            if (GETPOST('type', 'alpha') == 'top') $menu->fk_menu=0;
+            if (GETPOST('type', 'alphanohtml') == 'top') $menu->fk_menu=0;
            else $menu->fk_menu=-1;
            $menu->fk_mainmenu=$mainmenu;
            $menu->fk_leftmenu=$leftmenu;
@ -368,7 +370,7 @@ if ($action == 'create')
    // Mainmenu code
    print '<tr><td class="fieldrequired">'.$langs->trans('MainMenuCode').'</td>';
-   	print '<td><input type="text" class="minwidth300" id="propertymainmenu" name="propertymainmenu" value="'.(GETPOST("propertymainmenu", 'alpha')?GETPOST("propertymainmenu", 'alpha'):'').'"></td>';
+	print '<td><input type="text" class="minwidth300" id="propertymainmenu" name="propertymainmenu" value="'.(GETPOSTISSET("propertymainmenu") ? GETPOST("propertymainmenu", 'alphanohtml') : '').'"></td>';
    print '<td>';
    print $langs->trans("Example").': mytopmenukey';
    print '</td></tr>';
@ -381,23 +383,23 @@ if ($action == 'create')
    }
    else
    {
-        print '<td><input type="text" class="minwidth300" id="menuId" name="menuId" value="'.(GETPOST("menuId", 'int')?GETPOST("menuId", 'int'):'').'"></td>';
+		print '<td><input type="text" class="minwidth300" id="menuId" name="menuId" value="'.(GETPOSTISSET("menuId") ? GETPOST("menuId", 'int') : '').'"></td>';
    }
    print '<td>'.$langs->trans('DetailMenuIdParent');
    print ', '.$langs->trans("Example").': fk_mainmenu=abc&fk_leftmenu=def';
    print '</td></tr>';
    // Title
-    print '<tr><td class="fieldrequired">'.$langs->trans('Title').'</td><td><input type="text" class="minwidth300" name="titre" value="'.dol_escape_htmltag(GETPOST("titre", 'alpha')).'"></td><td>'.$langs->trans('DetailTitre').'</td></tr>';
+    print '<tr><td class="fieldrequired">'.$langs->trans('Title').'</td><td><input type="text" class="minwidth300" name="titre" value="'.dol_escape_htmltag(GETPOST("titre", 'alphanohtml')).'"></td><td>'.$langs->trans('DetailTitre').'</td></tr>';
    // URL
-    print '<tr><td class="fieldrequired">'.$langs->trans('URL').'</td><td><input type="text" class="minwidth500" name="url" value="'.GETPOST("url", 'alpha').'"></td><td>'.$langs->trans('DetailUrl').'</td></tr>';
+    print '<tr><td class="fieldrequired">'.$langs->trans('URL').'</td><td><input type="text" class="minwidth500" name="url" value="'.GETPOST("url", 'alphanohtml').'"></td><td>'.$langs->trans('DetailUrl').'</td></tr>';
    // Langs
    print '<tr><td>'.$langs->trans('LangFile').'</td><td><input type="text" class="minwidth300" name="langs" value="'.$parent_langs.'"></td><td>'.$langs->trans('DetailLangs').'</td></tr>';
    // Position
-    print '<tr><td>'.$langs->trans('Position').'</td><td><input type="text" class="width100" name="position" value="'.dol_escape_htmltag(isset($_POST["position"])?$_POST["position"]:100).'"></td><td>'.$langs->trans('DetailPosition').'</td></tr>';
+	print '<tr><td>'.$langs->trans('Position').'</td><td><input type="text" class="width100" name="position" value="'.dol_escape_htmltag(GETPOSTISSET("position") ? GETPOST("position", 'int') : 100).'"></td><td>'.$langs->trans('DetailPosition').'</td></tr>';
    // Target
    print '<tr><td>'.$langs->trans('Target').'</td><td><select class="flat" name="target">';
@ -406,10 +408,10 @@ if ($action == 'create')
    print '</select></td></td><td>'.$langs->trans('DetailTarget').'</td></tr>';
    // Enabled
-    print '<tr><td>'.$langs->trans('Enabled').'</td><td><input type="text" class="minwidth500" name="enabled" value="'.(GETPOSTISSET('enabled')?GETPOST("enabled", 'alpha'):'1').'"></td><td>'.$langs->trans('DetailEnabled').'</td></tr>';
+    print '<tr><td>'.$langs->trans('Enabled').'</td><td><input type="text" class="minwidth500" name="enabled" value="'.(GETPOSTISSET('enabled')?GETPOST("enabled", 'alphanohtml'):'1').'"></td><td>'.$langs->trans('DetailEnabled').'</td></tr>';
    // Perms
-    print '<tr><td>'.$langs->trans('Rights').'</td><td><input type="text" class="minwidth500" name="perms" value="'.(GETPOSTISSET('perms')?GETPOST('perms', 'alpha'):'1').'"></td><td>'.$langs->trans('DetailRight').'</td></tr>';
+    print '<tr><td>'.$langs->trans('Rights').'</td><td><input type="text" class="minwidth500" name="perms" value="'.(GETPOSTISSET('perms')?GETPOST('perms', 'alphanohtml'):'1').'"></td><td>'.$langs->trans('DetailRight').'</td></tr>';
    print '</table>';
@ -472,7 +474,7 @@ elseif ($action == 'edit')
 	     }
 	     else
 	     {*/
-	    print '<td><input type="text" class="minwidth300" id="propertymainmenu" name="propertymainmenu" value="'.(GETPOST("propertymainmenu", 'alpha')?GETPOST("propertymainmenu", 'alpha'):$menu->mainmenu).'"></td>';
+	    print '<td><input type="text" class="minwidth300" id="propertymainmenu" name="propertymainmenu" value="'.(GETPOST("propertymainmenu", 'alphanohtml')?GETPOST("propertymainmenu", 'alphanohtml'):$menu->mainmenu).'"></td>';
 	    //}
 	    print '<td>';
 	    print $langs->trans("Example").': mytopmenukey';
--- a/htdocs/admin/multicurrency.php
+++ b/htdocs/admin/multicurrency.php
@ -38,7 +38,7 @@ if (! $user->admin) {
 }
 // Parameters
-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 /*
--- a/htdocs/admin/oauth.php
+++ b/htdocs/admin/oauth.php
@ -40,7 +40,7 @@ $langs->loadLangs(array('admin', 'oauth'));
 if (!$user->admin)
    accessforbidden();
-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 /*
--- a/htdocs/admin/oauthlogintokens.php
+++ b/htdocs/admin/oauthlogintokens.php
@ -33,7 +33,7 @@ $langs->loadLangs(array('admin', 'printing', 'oauth'));
 if (! $user->admin) accessforbidden();
-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $mode = GETPOST('mode', 'alpha');
 $value = GETPOST('value', 'alpha');
 $varname = GETPOST('varname', 'alpha');
--- a/htdocs/admin/payment.php
+++ b/htdocs/admin/payment.php
@ -31,7 +31,7 @@ $langs->loadLangs(array("admin", "other", "errors", "bills"));
 if (! $user->admin) accessforbidden();
-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $value = GETPOST('value', 'alpha');
 $label = GETPOST('label', 'alpha');
 $scandir = GETPOST('scan_dir', 'alpha');
--- a/htdocs/admin/pdf.php
+++ b/htdocs/admin/pdf.php
@ -37,7 +37,7 @@ $langs->loadLangs(array('admin', 'languages', 'other', 'companies', 'products',
 if (! $user->admin) accessforbidden();
-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $cancel = GETPOST('cancel', 'alpha');
--- a/htdocs/admin/prelevement.php
+++ b/htdocs/admin/prelevement.php
@ -36,7 +36,7 @@ $langs->loadLangs(array("admin","withdrawals"));
 // Security check
 if (!$user->admin) accessforbidden();
-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $type = 'paymentorder';
--- a/htdocs/admin/propal.php
+++ b/htdocs/admin/propal.php
@ -39,7 +39,7 @@ $langs->loadLangs(array("admin", "other", "errors", "propal"));
 if (! $user->admin) accessforbidden();
-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $value = GETPOST('value', 'alpha');
 $label = GETPOST('label', 'alpha');
 $scandir = GETPOST('scan_dir', 'alpha');
--- a/htdocs/admin/receiptprinter.php
+++ b/htdocs/admin/receiptprinter.php
@ -35,7 +35,7 @@ $langs->loadLangs(array("admin","receiptprinter"));
 if (! $user->admin) accessforbidden();
-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $mode = GETPOST('mode', 'alpha');
 $printername = GETPOST('printername', 'alpha');
--- a/htdocs/admin/resource.php
+++ b/htdocs/admin/resource.php
@ -37,7 +37,7 @@ $langs->loadLangs(array("admin","resource"));
 if (!$user->admin)
    accessforbidden();
-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 /*
--- a/htdocs/admin/salaries.php
+++ b/htdocs/admin/salaries.php
@ -35,7 +35,7 @@ $langs->loadLangs(array('admin', 'salaries'));
 if (!$user->admin)
    accessforbidden();
-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 // Other parameters SALARIES_*
 $list = array (
--- a/htdocs/admin/stock.php
+++ b/htdocs/admin/stock.php
@ -34,7 +34,7 @@ $langs->loadLangs(array("admin", "stocks"));
 // Securit check
 if (!$user->admin) accessforbidden();
-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 /*
--- a/htdocs/admin/supplier_payment.php
+++ b/htdocs/admin/supplier_payment.php
@ -32,7 +32,7 @@ $langs->loadLangs(array("admin", "errors", "other", "bills", "orders"));
 if (! $user->admin) accessforbidden();
-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $value = GETPOST('value', 'alpha');
 $label = GETPOST('label', 'alpha');
 $scandir = GETPOST('scan_dir', 'alpha');
--- a/htdocs/admin/supplier_proposal.php
+++ b/htdocs/admin/supplier_proposal.php
@ -34,7 +34,7 @@ $langs->loadLangs(array("admin", "errors", "other", "supplier_proposal"));
 if (! $user->admin) accessforbidden();
-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $value = GETPOST('value', 'alpha');
 $label = GETPOST('label', 'alpha');
 $scandir = GETPOST('scan_dir', 'alpha');
--- a/htdocs/admin/taxes.php
+++ b/htdocs/admin/taxes.php
@ -34,7 +34,7 @@ $langs->loadLangs(array('admin', 'objects', 'companies', 'products'));
 if (!$user->admin) accessforbidden();
-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
--- a/htdocs/admin/ticket.php
+++ b/htdocs/admin/ticket.php
@ -37,7 +37,7 @@ if (!$user->admin) {
 // Parameters
 $value = GETPOST('value', 'alpha');
-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $label = GETPOST('label', 'alpha');
 $scandir = GETPOST('scandir', 'alpha');
 $type = 'ticket';
--- a/htdocs/admin/ticket_extrafields.php
+++ b/htdocs/admin/ticket_extrafields.php
@ -39,7 +39,7 @@ foreach ($tmptype2label as $key => $val) {
    $type2label[$key] = $langs->trans($val);
 }
-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $attrname = GETPOST('attrname', 'alpha');
 $elementtype = 'ticket'; //Must be the $table_element of the class that manage extrafield
--- a/htdocs/admin/ticket_public.php
+++ b/htdocs/admin/ticket_public.php
@ -37,7 +37,7 @@ if (!$user->admin) {
 // Parameters
 $value = GETPOST('value', 'alpha');
-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $label = GETPOST('label', 'alpha');
 $scandir = GETPOST('scandir', 'alpha');
 $type = 'ticket';
--- a/htdocs/admin/tools/dolibarr_export.php
+++ b/htdocs/admin/tools/dolibarr_export.php
@ -32,7 +32,7 @@ $langs->load("admin");
 $action=GETPOST('action', 'alpha');
 $sortfield = GETPOST('sortfield', 'alpha');
-$sortorder = GETPOST('sortorder', 'alpha');
+$sortorder = GETPOST('sortorder', 'aZ09comma');
 $page = GETPOST('page', 'int');
 if (! $sortorder) $sortorder="DESC";
 if (! $sortfield) $sortfield="date";
--- a/htdocs/admin/tools/export.php
+++ b/htdocs/admin/tools/export.php
@ -38,7 +38,7 @@ $file=GETPOST('filename_template', 'alpha');
 // Load variable for pagination
 $limit = GETPOST('limit', 'int')?GETPOST('limit', 'int'):$conf->liste_limit;
 $sortfield = GETPOST('sortfield', 'alpha');
-$sortorder = GETPOST('sortorder', 'alpha');
+$sortorder = GETPOST('sortorder', 'aZ09comma');
 $page = GETPOST("page", 'int');
 if (empty($page) || $page == -1 || GETPOST('button_search', 'alpha') || GETPOST('button_removefilter', 'alpha') || (empty($toselect) && $massaction === '0')) { $page = 0; }     // If $page is not defined, or '' or -1 or if we click on clear filters or if we select empty mass action
 $offset = $limit * $page;
--- a/htdocs/admin/tools/export_files.php
+++ b/htdocs/admin/tools/export_files.php
@ -39,7 +39,7 @@ $compression = GETPOST('compression');
 $file = dol_sanitizeFileName($file);
 $sortfield = GETPOST('sortfield', 'alpha');
-$sortorder = GETPOST('sortorder', 'alpha');
+$sortorder = GETPOST('sortorder', 'aZ09comma');
 $page = GETPOST("page", 'int');
 if (! $sortorder) $sortorder="DESC";
 if (! $sortfield) $sortfield="date";
--- a/htdocs/admin/tools/listevents.php
+++ b/htdocs/admin/tools/listevents.php
@ -47,7 +47,7 @@ $langs->loadLangs(array("companies","admin","users","other"));
 // Load variable for pagination
 $limit = GETPOST('limit', 'int')?GETPOST('limit', 'int'):$conf->liste_limit;
 $sortfield = GETPOST('sortfield', 'alpha');
-$sortorder = GETPOST('sortorder', 'alpha');
+$sortorder = GETPOST('sortorder', 'aZ09comma');
 $page = GETPOST('page', 'int');
 if (empty($page) || $page == -1) { $page = 0; }     // If $page is not defined, or '' or -1
 $offset = $limit * $page;
--- a/htdocs/admin/tools/listsessions.php
+++ b/htdocs/admin/tools/listsessions.php
@ -42,7 +42,7 @@ if ($user->societe_id > 0)
 }
 $sortfield = GETPOST("sortfield", 'alpha');
-$sortorder = GETPOST("sortorder", 'alpha');
+$sortorder = GETPOST('sortorder', 'aZ09comma');
 $page = GETPOST("page", 'int');
 if (empty($page) || $page == -1) { $page = 0; }     // If $page is not defined, or '' or -1
 $offset = $conf->liste_limit * $page ;
--- a/htdocs/admin/user.php
+++ b/htdocs/admin/user.php
@ -38,7 +38,7 @@ if (! $user->admin) accessforbidden();
 $extrafields = new ExtraFields($db);
-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $backtopage = GETPOST('backtopage', 'alpha');
 $value = GETPOST('value', 'alpha');
--- a/htdocs/admin/usergroup.php
+++ b/htdocs/admin/usergroup.php
@ -39,7 +39,7 @@ if (! $user->admin) accessforbidden();
 $extrafields = new ExtraFields($db);
-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $value = GETPOST('value', 'alpha');
 $type='group';
--- a/htdocs/admin/website.php
+++ b/htdocs/admin/website.php
@ -54,7 +54,7 @@ $status = 1;
 // Load variable for pagination
 $limit = GETPOST('limit', 'int')?GETPOST('limit', 'int'):$conf->liste_limit;
 $sortfield = GETPOST('sortfield', 'alpha');
-$sortorder = GETPOST('sortorder', 'alpha');
+$sortorder = GETPOST('sortorder', 'aZ09comma');
 $page = GETPOST('page', 'int');
 if (empty($page) || $page == -1) { $page = 0; }     // If $page is not defined, or '' or -1
 $offset = $limit * $page;
--- a/htdocs/admin/website_options.php
+++ b/htdocs/admin/website_options.php
@ -47,7 +47,7 @@ $status = 1;
 // Load variable for pagination
 $limit = GETPOST('limit', 'int')?GETPOST('limit', 'int'):$conf->liste_limit;
 $sortfield = GETPOST('sortfield', 'alpha');
-$sortorder = GETPOST('sortorder', 'alpha');
+$sortorder = GETPOST('sortorder', 'aZ09comma');
 $page = GETPOST('page', 'int');
 if (empty($page) || $page == -1) { $page = 0; }     // If $page is not defined, or '' or -1
 $offset = $limit * $page;
--- a/htdocs/admin/workflow.php
+++ b/htdocs/admin/workflow.php
@ -32,7 +32,7 @@ $langs->loadLangs(array("admin","workflow","propal","workflow","orders","supplie
 if (! $user->admin) accessforbidden();
-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 /*
--- a/htdocs/asset/admin/setup.php
+++ b/htdocs/asset/admin/setup.php
@ -35,7 +35,7 @@ $langs->loadLangs(array("admin", "assets"));
 if (! $user->admin) accessforbidden();
 // Parameters
-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $backtopage = GETPOST('backtopage', 'alpha');
 $arrayofparameters=array('FIXEDASSETS_MYPARAM1'=>array('css'=>'minwidth200'), 'FIXEDASSETS_MYPARAM2'=>array('css'=>'minwidth500'));
--- a/htdocs/asset/list.php
+++ b/htdocs/asset/list.php
@ -48,7 +48,7 @@ $id			= GETPOST('id', 'int');
 // Load variable for pagination
 $limit = GETPOST('limit', 'int')?GETPOST('limit', 'int'):$conf->liste_limit;
 $sortfield = GETPOST('sortfield', 'alpha');
-$sortorder = GETPOST('sortorder', 'alpha');
+$sortorder = GETPOST('sortorder', 'aZ09comma');
 $page = GETPOST('page', 'int');
 if (empty($page) || $page == -1) { $page = 0; }     // If $page is not defined, or '' or -1
 $offset = $limit * $page;
--- a/htdocs/asset/type.php
+++ b/htdocs/asset/type.php
@ -34,7 +34,7 @@ if (! empty($conf->accounting->enabled)) require_once DOL_DOCUMENT_ROOT.'/accoun
 $langs->load("assets");
 $rowid  = GETPOST('rowid', 'int');
-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $cancel = GETPOST('cancel', 'alpha');
 $backtopage = GETPOST('backtopage', 'alpha');
--- a/htdocs/blockedlog/admin/blockedlog.php
+++ b/htdocs/blockedlog/admin/blockedlog.php
@ -32,7 +32,7 @@ $langs->loadLangs(array("admin","other","blockedlog"));
 if (! $user->admin || empty($conf->blockedlog->enabled)) accessforbidden();
-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $backtopage = GETPOST('backtopage', 'alpha');
--- a/htdocs/blockedlog/admin/blockedlog_list.php
+++ b/htdocs/blockedlog/admin/blockedlog_list.php
@ -35,7 +35,7 @@ $langs->loadLangs(array("admin", "other", "blockedlog", "bills"));
 if ((! $user->admin && ! $user->rights->blockedlog->read) || empty($conf->blockedlog->enabled)) accessforbidden();
-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $contextpage= GETPOST('contextpage', 'aZ')?GETPOST('contextpage', 'aZ'):'blockedloglist';   // To manage different context of search
 $backtopage = GETPOST('backtopage', 'alpha');											// Go back to a dedicated page
 $optioncss  = GETPOST('optioncss', 'aZ');												// Option for the css output (always '' except when 'print')
@ -57,7 +57,7 @@ if (($search_start == -1 || empty($search_start)) && ! GETPOSTISSET('search_star
 // Load variable for pagination
 $limit = GETPOST('limit', 'int')?GETPOST('limit', 'int'):$conf->liste_limit;
 $sortfield = GETPOST('sortfield', 'alpha');
-$sortorder = GETPOST('sortorder', 'alpha');
+$sortorder = GETPOST('sortorder', 'aZ09comma');
 $page = GETPOST('page', 'int');
 if (empty($page) || $page == -1) { $page = 0; }     // If $page is not defined, or '' or -1
 $offset = $limit * $page;
--- a/htdocs/blockedlog/ajax/block-add.php
+++ b/htdocs/blockedlog/ajax/block-add.php
@ -34,7 +34,7 @@ $res=require '../../main.inc.php';
 $id = GETPOST('id', 'int');
 $element = GETPOST('element', 'alpha');
-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 if ($element === 'facture') {
    require_once DOL_DOCUMENT_ROOT.'/blockedlog/class/blockedlog.class.php';
--- a/htdocs/bom/admin/setup.php
+++ b/htdocs/bom/admin/setup.php
@ -37,7 +37,7 @@ $langs->loadLangs(array("admin", "mrp"));
 if (! $user->admin) accessforbidden();
 // Parameters
-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $backtopage = GETPOST('backtopage', 'alpha');
 $arrayofparameters=array(
--- a/htdocs/bom/bom_list.php
+++ b/htdocs/bom/bom_list.php
@ -46,7 +46,7 @@ $id			= GETPOST('id', 'int');
 // Load variable for pagination
 $limit = GETPOST('limit', 'int')?GETPOST('limit', 'int'):$conf->liste_limit;
 $sortfield = GETPOST('sortfield', 'alpha');
-$sortorder = GETPOST('sortorder', 'alpha');
+$sortorder = GETPOST('sortorder', 'aZ09comma');
 $page = GETPOST('page', 'int');
 if (empty($page) || $page == -1 || GETPOST('button_search', 'alpha') || GETPOST('button_removefilter', 'alpha') || (empty($toselect) && $massaction === '0')) { $page = 0; }     // If $page is not defined, or '' or -1 or if we click on clear filters or if we select empty mass action
 $offset = $limit * $page;
--- a/htdocs/bookmarks/list.php
+++ b/htdocs/bookmarks/list.php
@ -41,7 +41,7 @@ $optioncss = GETPOST('optioncss', 'alpha');
 $limit = GETPOST('limit', 'int')?GETPOST('limit', 'int'):$conf->liste_limit;
 $sortfield = GETPOST("sortfield", 'alpha');
-$sortorder = GETPOST("sortorder", 'alpha');
+$sortorder = GETPOST('sortorder', 'aZ09comma');
 $page = GETPOST("page", 'int');
 if (empty($page) || $page == -1) { $page = 0; }     // If $page is not defined, or '' or -1
 $offset = $limit * $page;
--- a/htdocs/cashdesk/facturation_verif.php
+++ b/htdocs/cashdesk/facturation_verif.php
@ -29,7 +29,7 @@ require_once DOL_DOCUMENT_ROOT.'/cashdesk/class/Facturation.class.php';
 require_once DOL_DOCUMENT_ROOT.'/societe/class/societe.class.php';
 require_once DOL_DOCUMENT_ROOT.'/product/class/product.class.php';
-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $obj_facturation = unserialize($_SESSION['serObjFacturation']);
 unset($_SESSION['serObjFacturation']);
--- a/htdocs/categories/traduction.php
+++ b/htdocs/categories/traduction.php
@ -37,7 +37,7 @@ $langs->loadLangs(array('categories', 'languages'));
 $id     = GETPOST('id', 'int');
 $ref    = GETPOST('ref', 'alpha');
-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $cancel = GETPOST('cancel', 'alpha');
 $type   = GETPOST('type', 'aZ09');
--- a/htdocs/comm/action/document.php
+++ b/htdocs/comm/action/document.php
@ -63,7 +63,7 @@ if ($id > 0)
 // Get parameters
 $sortfield = GETPOST("sortfield", 'alpha');
-$sortorder = GETPOST("sortorder", 'alpha');
+$sortorder = GETPOST('sortorder', 'aZ09comma');
 $page = GETPOST("page", 'int');
 if (empty($page) || $page == -1) { $page = 0; }     // If $page is not defined, or '' or -1
 $offset = $conf->liste_limit * $page;
--- a/htdocs/comm/action/index.php
+++ b/htdocs/comm/action/index.php
@ -57,7 +57,7 @@ if (empty($filtert) && empty($conf->global->AGENDA_ALL_CALENDARS))
 }
 $sortfield = GETPOST("sortfield", 'alpha');
-$sortorder = GETPOST("sortorder", 'alpha');
+$sortorder = GETPOST('sortorder', 'aZ09comma');
 $page = GETPOST("page", "int");
 if (empty($page) || $page == -1) { $page = 0; }     // If $page is not defined, or '' or -1
 $limit = GETPOST('limit', 'int')?GETPOST('limit', 'int'):$conf->liste_limit;
--- a/htdocs/comm/action/peruser.php
+++ b/htdocs/comm/action/peruser.php
@ -55,7 +55,7 @@ if (empty($filtert) && empty($conf->global->AGENDA_ALL_CALENDARS))
 }
 $sortfield = GETPOST("sortfield", 'alpha');
-$sortorder = GETPOST("sortorder", 'alpha');
+$sortorder = GETPOST('sortorder', 'aZ09comma');
 $page = GETPOST("page", "int");
 if (empty($page) || $page == -1) { $page = 0; }     // If $page is not defined, or '' or -1
 $limit = GETPOST('limit', 'int')?GETPOST('limit', 'int'):$conf->liste_limit;
--- a/htdocs/comm/action/rapport/index.php
+++ b/htdocs/comm/action/rapport/index.php
@ -40,7 +40,7 @@ $year=GETPOST('year');
 $limit = GETPOST('limit', 'int')?GETPOST('limit', 'int'):$conf->liste_limit;
 $sortfield = GETPOST("sortfield", 'alpha');
-$sortorder = GETPOST("sortorder", 'alpha');
+$sortorder = GETPOST('sortorder', 'aZ09comma');
 $page = GETPOST("page", 'int');
 if ($page == -1 || $page == null) { $page = 0 ; }
 $offset = $limit * $page ;
--- a/htdocs/comm/card.php
+++ b/htdocs/comm/card.php
@ -66,7 +66,7 @@ $action		= GETPOST('action', 'aZ09');
 $mode		= GETPOST("mode");
 $sortfield = GETPOST("sortfield", 'alpha');
-$sortorder = GETPOST("sortorder", 'alpha');
+$sortorder = GETPOST('sortorder', 'aZ09comma');
 $page = GETPOST("page", 'int');
 if (empty($page) || $page == -1) { $page = 0; }     // If $page is not defined, or '' or -1
 $offset = $conf->liste_limit * $page;
--- a/htdocs/comm/contact.php
+++ b/htdocs/comm/contact.php
@ -30,7 +30,7 @@ require '../main.inc.php';
 $langs->load("companies");
 $sortfield=GETPOST('sortfield', 'alpha');
-$sortorder=GETPOST('sortorder', 'alpha');
+$sortorder = GETPOST('sortorder', 'aZ09comma');
 $page=GETPOST('page', 'int');
 if (! $sortorder) $sortorder="ASC";
 if (! $sortfield) $sortfield="p.name";
--- a/htdocs/comm/mailing/advtargetemailing.php
+++ b/htdocs/comm/mailing/advtargetemailing.php
@ -47,7 +47,7 @@ if (! $user->rights->mailing->lire || $user->societe_id > 0)
 // Load variable for pagination
 $limit = GETPOST('limit', 'int')?GETPOST('limit', 'int'):$conf->liste_limit;
 $sortfield = GETPOST('sortfield', 'alpha');
-$sortorder = GETPOST('sortorder', 'alpha');
+$sortorder = GETPOST('sortorder', 'aZ09comma');
 $page = GETPOST('page', 'int');
 if (empty($page) || $page == -1) { $page = 0; }     // If $page is not defined, or '' or -1
 $offset = $limit * $page;
--- a/htdocs/comm/mailing/cibles.php
+++ b/htdocs/comm/mailing/cibles.php
@ -42,7 +42,7 @@ if (! $user->rights->mailing->lire || $user->societe_id > 0) accessforbidden();
 // Load variable for pagination
 $limit = GETPOST('limit', 'int')?GETPOST('limit', 'int'):$conf->liste_limit;
 $sortfield = GETPOST('sortfield', 'alpha');
-$sortorder = GETPOST('sortorder', 'alpha');
+$sortorder = GETPOST('sortorder', 'aZ09comma');
 $page = GETPOST('page', 'int');
 if (empty($page) || $page == -1) { $page = 0; }     // If $page is not defined, or '' or -1
 $offset = $limit * $page;
--- a/htdocs/comm/mailing/list.php
+++ b/htdocs/comm/mailing/list.php
@ -32,7 +32,7 @@ $langs->load("mails");
 $result=restrictedArea($user, 'mailing');
 $sortfield = GETPOST("sortfield", 'alpha');
-$sortorder = GETPOST("sortorder", 'alpha');
+$sortorder = GETPOST('sortorder', 'aZ09comma');
 $limit = GETPOST('limit', 'int')?GETPOST('limit', 'int'):$conf->liste_limit;
 $page = GETPOST("page", 'int');
 if (empty($page) || $page == -1 || GETPOST('button_search', 'alpha') || GETPOST('button_removefilter', 'alpha') || (empty($toselect) && $massaction === '0')) { $page = 0; }     // If $page is not defined, or '' or -1 or if we click on clear filters or if we select empty mass action
--- a/htdocs/comm/propal/card.php
+++ b/htdocs/comm/propal/card.php
@ -68,7 +68,7 @@ $error = 0;
 $id = GETPOST('id', 'int');
 $ref = GETPOST('ref', 'alpha');
 $socid = GETPOST('socid', 'int');
-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $cancel = GETPOST('cancel', 'alpha');
 $origin = GETPOST('origin', 'alpha');
 $originid = GETPOST('originid', 'int');
--- a/htdocs/comm/propal/document.php
+++ b/htdocs/comm/propal/document.php
@ -54,7 +54,7 @@ $result = restrictedArea($user, 'propal', $id);
 // Get parameters
 $sortfield = GETPOST("sortfield", 'alpha');
-$sortorder = GETPOST("sortorder", 'alpha');
+$sortorder = GETPOST('sortorder', 'aZ09comma');
 $page = GETPOST("page", 'int');
 if (empty($page) || $page == -1) { $page = 0; }     // If $page is not defined, or '' or -1
 $offset = $conf->liste_limit * $page;
--- a/htdocs/comm/propal/list.php
+++ b/htdocs/comm/propal/list.php
@ -99,7 +99,7 @@ $mesg=(GETPOST("msg") ? GETPOST("msg") : GETPOST("mesg"));
 $limit = GETPOST('limit', 'int')?GETPOST('limit', 'int'):$conf->liste_limit;
 $sortfield = GETPOST("sortfield", 'alpha');
-$sortorder = GETPOST("sortorder", 'alpha');
+$sortorder = GETPOST('sortorder', 'aZ09comma');
 $page = GETPOST("page", 'int');
 if (empty($page) || $page == -1 || !empty($search_btn) || !empty($search_remove_btn) || (empty($toselect) && $massaction === '0')) { $page = 0; }     // If $page is not defined, or '' or -1
 $offset = $limit * $page;
--- a/htdocs/commande/card.php
+++ b/htdocs/commande/card.php
@ -66,7 +66,7 @@ if (! empty($conf->productbatch->enabled)) $langs->load("productbatch");
 $id = (GETPOST('id', 'int') ? GETPOST('id', 'int') : GETPOST('orderid', 'int'));
 $ref = GETPOST('ref', 'alpha');
 $socid = GETPOST('socid', 'int');
-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $cancel = GETPOST('cancel', 'alpha');
 $confirm = GETPOST('confirm', 'alpha');
 $lineid = GETPOST('lineid', 'int');
--- a/htdocs/compta/accounting-files.php
+++ b/htdocs/compta/accounting-files.php
@ -53,7 +53,7 @@ $hookmanager->initHooks(array('comptafileslist','globallist'));
 // Load variable for pagination
 $limit = GETPOST('limit', 'int')?GETPOST('limit', 'int'):$conf->liste_limit;
 $sortfield = GETPOST('sortfield', 'alpha');
-$sortorder = GETPOST('sortorder', 'alpha');
+$sortorder = GETPOST('sortorder', 'aZ09comma');
 $page = GETPOST('page', 'int');
 if (empty($page) || $page == -1) { $page = 0; }     // If $page is not defined, or '' or -1
 $offset = $limit * $page;
--- a/htdocs/compta/bank/document.php
+++ b/htdocs/compta/bank/document.php
@ -36,7 +36,7 @@ $langs->loadLangs(array('banks', 'companies', 'other'));
 $id = (GETPOST('id', 'int') ? GETPOST('id', 'int') : GETPOST('account', 'int'));
 $ref = GETPOST('ref', 'alpha');
-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $confirm = GETPOST('confirm', 'alpha');
 $mesg = '';
@ -57,7 +57,7 @@ $result = restrictedArea($user, 'banque', $fieldvalue, 'bank_account', '', '',
 // Get parameters
 $sortfield = GETPOST("sortfield", 'alpha');
-$sortorder = GETPOST("sortorder", 'alpha');
+$sortorder = GETPOST('sortorder', 'aZ09comma');
 $page = GETPOST("page", 'int');
 if (empty($page) || $page == -1) { $page = 0; }
 $offset = $conf->liste_limit * $page;
--- a/htdocs/compta/bank/releve.php
+++ b/htdocs/compta/bank/releve.php
@ -78,7 +78,7 @@ if ($user->rights->banque->consolidate && $action == 'dvprev' && ! empty($dvid))
 $limit = GETPOST('limit', 'int')?GETPOST('limit', 'int'):$conf->liste_limit;
 $sortfield = GETPOST("sortfield", 'alpha');
-$sortorder = GETPOST("sortorder", 'alpha');
+$sortorder = GETPOST('sortorder', 'aZ09comma');
 $page = GETPOST("page", 'int');
 $pageplusone = GETPOST("pageplusone", 'int');
 if ($pageplusone) $page = $pageplusone - 1;
--- a/Show More
+++ b/Show More
Author	SHA1	Message	Date
Laurent Destailleur	b05975c6c9	Merge pull request #14773 from aspangaro/10.0p51 FIX Yogosha report 4448 (backport)	2020-10-17 18:51:49 +02:00
Laurent Destailleur	1dc8b44496	Merge branch '10.5' into 10.0p51	2020-10-17 18:51:25 +02:00
Laurent Destailleur	8e69574dee	Merge pull request #14772 from aspangaro/10.0p50 FIX Yogosha report 4465 (backport)	2020-09-23 19:57:29 +02:00
Laurent Destailleur	aa6b3a4a47	Merge pull request #14761 from aspangaro/10.0p47 FIX Yogosha report 4435 (backport)	2020-09-23 19:55:31 +02:00
Laurent Destailleur	f477613326	Merge pull request #14759 from aspangaro/10.0p45 FIX Yogosha report 4433 (backport)	2020-09-23 19:54:56 +02:00
Laurent Destailleur	634f038aa7	Merge pull request #14787 from aspangaro/10.0p55 FIX Yogosha report 4474 (backport)	2020-09-20 17:42:27 +02:00
Laurent Destailleur	a0128786bd	Merge pull request #14786 from aspangaro/10.0p54 FIX Yogosha report 4483 (backport)	2020-09-20 17:42:02 +02:00
Laurent Destailleur	a034ad76f8	Merge pull request #14785 from aspangaro/10.0p53 FIX Yogosha report 4456 (backport)	2020-09-20 17:41:35 +02:00
Laurent Destailleur	f27a39bf81	Merge pull request #14771 from aspangaro/10.0p49 FIX #yogosha transversal path when unzipping file (backport)	2020-09-20 17:32:48 +02:00
Laurent Destailleur	86a4c6e32c	Merge pull request #14784 from aspangaro/10.0p52 Fix alpha into alphanohtml (backport)	2020-09-20 17:31:48 +02:00
Laurent Destailleur	8f712b7245	Merge pull request #14762 from aspangaro/10.0p48 FIX GETPOST on 'action' (backport)	2020-09-20 17:29:45 +02:00
Laurent Destailleur	15820a6b1e	Merge pull request #14758 from aspangaro/10.0p44 FIX Yogosha report 4430 (backport)	2020-09-20 17:27:03 +02:00
Laurent Destailleur	3ea329fb9b	Merge pull request #14757 from aspangaro/10.0p43 FIX Yogosha report 4426 (backport)	2020-09-20 17:26:31 +02:00
Alexandre SPANGARO	03ee1a0880	FIX Yogosha report 4474 (backport)	2020-09-19 04:30:58 +02:00
Alexandre SPANGARO	bacbe0b352	FIX Yogosha report 4483 (backport)	2020-09-19 04:15:33 +02:00
Alexandre SPANGARO	d51d169c8a	FIX Yogosha report 4456 (backport)	2020-09-19 04:03:32 +02:00
Alexandre SPANGARO	322552d06f	Merge branch '10.0' into 10.0p43	2020-09-19 03:45:57 +02:00
Alexandre SPANGARO	1346262836	Merge branch '10.0' into 10.0p44	2020-09-19 03:44:27 +02:00
Alexandre SPANGARO	c2b2a8d580	Merge branch '10.0' into 10.0p45	2020-09-19 03:43:55 +02:00
Alexandre SPANGARO	d843652052	Merge branch '10.0' into 10.0p47	2020-09-19 03:43:05 +02:00
Alexandre SPANGARO	86e5b9f972	Merge branch '10.0' into 10.0p48	2020-09-19 03:42:44 +02:00
Alexandre SPANGARO	9de89ad178	Merge branch '10.0' into 10.0p49	2020-09-19 03:42:22 +02:00
Alexandre SPANGARO	51a112325f	Merge branch '10.0' into 10.0p50	2020-09-19 03:41:54 +02:00
Alexandre SPANGARO	fa01973042	Merge branch '10.0' into 10.0p51	2020-09-19 03:41:28 +02:00
Alexandre SPANGARO	6c96d7f240	Fix install hangs	2020-09-19 03:33:01 +02:00
Alexandre SPANGARO	640dc4a64c	Fix alpha into alphanohtml	2020-09-19 03:32:52 +02:00
Alexandre SPANGARO	0943d3993b	FIX Yogosha report 4448 (backport)	2020-09-18 02:16:17 +02:00
Alexandre SPANGARO	df28a2844f	Fix missing global	2020-09-18 02:07:44 +02:00
Alexandre SPANGARO	8a0702074a	FIX Yogosha report 4465 (backport)	2020-09-18 02:02:45 +02:00
Alexandre SPANGARO	b861f67e5a	FIX #yogosha transversal path when unzipping file (backport)	2020-09-18 01:58:31 +02:00
Alexandre SPANGARO	1661b8ca5d	Merge branch '10.0' into 10.0p48	2020-09-18 01:45:05 +02:00
Alexandre SPANGARO	3913a852f0	Merge branch '10.0' into 10.0p47	2020-09-18 01:42:44 +02:00
Alexandre SPANGARO	f8c5896f72	Merge branch '10.0' into 10.0p45	2020-09-18 01:39:39 +02:00
Alexandre SPANGARO	a11ee268d4	Merge branch '10.0' into 10.0p44	2020-09-18 01:37:34 +02:00
Alexandre SPANGARO	5dfb03369a	Merge branch '10.0' into 10.0p44	2020-09-18 01:31:58 +02:00
Alexandre SPANGARO	949a16b892	Fix error	2020-09-18 01:29:18 +02:00
Alexandre SPANGARO	5a6d2b2755	Merge branch '10.0' into 10.0p43	2020-09-18 01:24:06 +02:00
Alexandre SPANGARO	8a84b245ca	FIX GETPOST on 'action' (backport)	2020-09-16 21:50:30 +02:00
Alexandre SPANGARO	48f2a1d110	FIX Yogosha report 4435 (backport)	2020-09-16 21:41:44 +02:00
Alexandre SPANGARO	254c391ddf	FIX Yogosha report 4433 (backport)	2020-09-16 21:31:46 +02:00
Alexandre SPANGARO	7697a8610d	FIX Yogosha report 4430 (backport)	2020-09-16 21:27:56 +02:00
Alexandre SPANGARO	be318f679b	FIX Yogosha report 4426 (backport)	2020-09-16 21:19:31 +02:00
Alexandre SPANGARO	2ff633a89f	Revert "FIX Yogosha report 4425 (backport)" This reverts commit `23c4cfe913`.	2020-09-16 21:12:35 +02:00
`@ -32,7 +32,7 @@ $langs->loadLangs(array("admin", "mails"));`

	`if (!$user->admin) accessforbidden();`	`if (!$user->admin) accessforbidden();`

	`$action = GETPOST('action', 'alpha');`	`$action = GETPOST('action', 'aZ09');`
`@ -34,7 +34,7 @@ $langs->loadLangs(array('admin', 'objects', 'companies', 'products'));`

	`if (!$user->admin) accessforbidden();`	`if (!$user->admin) accessforbidden();`

	`$action = GETPOST('action', 'alpha');`	`$action = GETPOST('action', 'aZ09');`