Merge pull request #5478 from simnandez/4.0

Merge #5464 Fix: Prevent SQLiFix into 4.0

Merge pull request #5478 from simnandez/4.0
015b9419 · Juanjo Menent · GitHub · c787e7f2 · fc5b3086 · 015b9419
Commit 015b9419 authored 8 years ago by Juanjo Menent Committed by GitHub 8 years ago
--- a/htdocs/admin/menus/edit.php
+++ b/htdocs/admin/menus/edit.php
@@ -243,7 +243,7 @@ if ($action == 'confirm_delete' && $_POST["confirm"] == 'yes')
 {
    $this->db->begin();

-    $sql = "DELETE FROM ".MAIN_DB_PREFIX."menu WHERE rowid = ".$_GET['menuId'];
+    $sql = "DELETE FROM ".MAIN_DB_PREFIX."menu WHERE rowid = ".GETPOST('menuId', 'int');
    $db->query($sql);

    if ($result == 0)
@@ -312,7 +312,7 @@ if ($action == 'create')
    $parent_rowid = $_GET['menuId'];
    if ($_GET['menuId'])
    {
-        $sql = "SELECT m.rowid, m.mainmenu, m.leftmenu, m.level, m.langs FROM ".MAIN_DB_PREFIX."menu as m WHERE m.rowid = ".$_GET['menuId'];
+        $sql = "SELECT m.rowid, m.mainmenu, m.leftmenu, m.level, m.langs FROM ".MAIN_DB_PREFIX."menu as m WHERE m.rowid = ".GETPOST('menuId', 'int');
        $res  = $db->query($sql);
        if ($res)
        {

--- a/htdocs/compta/bank/ligne.php
+++ b/htdocs/compta/bank/ligne.php
@@ -83,13 +83,13 @@ if ($action == 'confirm_delete_categ' && $confirm == "yes" && $user->rights->ban

 if ($user->rights->banque->modifier && $action == 'class')
 {
-    $sql = "DELETE FROM ".MAIN_DB_PREFIX."bank_class WHERE lineid = ".$rowid." AND fk_categ = ".$_POST["cat1"];
+    $sql = "DELETE FROM ".MAIN_DB_PREFIX."bank_class WHERE lineid = ".$rowid." AND fk_categ = ".GETPOST('cat1', 'int');
    if (! $db->query($sql))
    {
        dol_print_error($db);
    }

-    $sql = "INSERT INTO ".MAIN_DB_PREFIX."bank_class (lineid, fk_categ) VALUES (".$rowid.", ".$_POST["cat1"].")";
+    $sql = "INSERT INTO ".MAIN_DB_PREFIX."bank_class (lineid, fk_categ) VALUES (".$rowid.", ".GETPOST('cat1', 'int').")";
    if (! $db->query($sql))
    {
        dol_print_error($db);

--- a/htdocs/societe/notify/card.php
+++ b/htdocs/societe/notify/card.php
@@ -125,7 +125,7 @@ if (empty($reshook))
    // Remove a notification
    if ($action == 'delete')
    {
-        $sql = "DELETE FROM ".MAIN_DB_PREFIX."notify_def where rowid=".$_GET["actid"];
+        $sql = "DELETE FROM ".MAIN_DB_PREFIX."notify_def where rowid=".GETPOST('actid', 'int');
        $db->query($sql);
    }
 }