diff --git a/htdocs/adherents/agenda.php b/htdocs/adherents/agenda.php
index 973762b780c5d1de1827ed03fc23914ab1f2cfe0..bd5f0f66894a55acff0a026b5ef10efebe9322be 100644
--- a/htdocs/adherents/agenda.php
+++ b/htdocs/adherents/agenda.php
@@ -37,7 +37,7 @@ $langs->load("members");
$mesg=isset($_GET["mesg"])?'<div class="ok">'.$_GET["mesg"].'</div>':'';
-$id = GETPOST("id");
+$id = GETPOST('id','int');
// Security check
if (! $user->rights->adherent->lire) accessforbidden();
diff --git a/htdocs/adherents/card_subscriptions.php b/htdocs/adherents/card_subscriptions.php
index 4291d9985598eeee8cd7546e89cc7c871b71fdc9..a831ec46a2e2b105d83aa6378cfe6c47e88c95fe 100644
--- a/htdocs/adherents/card_subscriptions.php
+++ b/htdocs/adherents/card_subscriptions.php
@@ -141,10 +141,10 @@ if ($action == 'setsocid')
$error=0;
if (! $error)
{
- if (GETPOST("socid") != $adh->fk_soc) // If link differs from currently in database
+ if (GETPOST('socid','int') != $adh->fk_soc) // If link differs from currently in database
{
$sql ="SELECT rowid FROM ".MAIN_DB_PREFIX."adherent";
- $sql.=" WHERE fk_soc = '".GETPOST("socid")."'";
+ $sql.=" WHERE fk_soc = '".GETPOST('socid','int')."'";
$resql = $db->query($sql);
if ($resql)
{
@@ -154,7 +154,7 @@ if ($action == 'setsocid')
$othermember=new Adherent($db);
$othermember->fetch($obj->rowid);
$thirdparty=new Societe($db);
- $thirdparty->fetch(GETPOST("socid"));
+ $thirdparty->fetch(GETPOST('socid','int'));
$error++;
$mesg='<div class="error">'.$langs->trans("ErrorMemberIsAlreadyLinkedToThisThirdParty",$othermember->getFullName($langs),$othermember->login,$thirdparty->name).'</div>';
}
@@ -162,7 +162,7 @@ if ($action == 'setsocid')
if (! $error)
{
- $result=$adh->setThirdPartyId(GETPOST("socid"));
+ $result=$adh->setThirdPartyId(GETPOST('socid','int'));
if ($result < 0) dol_print_error($adh->db,$adh->error);
$_POST['action']='';
$action='';
diff --git a/htdocs/adherents/document.php b/htdocs/adherents/document.php
index c7e596fe1a1c4eed7a1142fd721ad430153599cb..f62b7781be82f11f7d1407f7cd25c87755c9d8d2 100644
--- a/htdocs/adherents/document.php
+++ b/htdocs/adherents/document.php
@@ -37,7 +37,7 @@ $langs->load('other');
$mesg = "";
// Security check
-$id = GETPOST('id');
+$id = GETPOST('id','int');
if ($user->societe_id > 0)
{
$id = $user->societe_id;
diff --git a/htdocs/adherents/ldap.php b/htdocs/adherents/ldap.php
index 5e3456c2cfdb7cac2f5feedd511796016b33b6a0..304e06642250667197a00942364ec5ad292edd4b 100644
--- a/htdocs/adherents/ldap.php
+++ b/htdocs/adherents/ldap.php
@@ -34,7 +34,7 @@ $langs->load("members");
$langs->load("ldap");
$langs->load("admin");
-$rowid = GETPOST("id");
+$rowid = GETPOST('id','int');
$action = GETPOST('action');
// Protection
diff --git a/htdocs/adherents/note.php b/htdocs/adherents/note.php
index 7a2b9c3aca35069f8e373d825e0a9cf998e15eeb..0cae04902227d7a1b45799f5ff71cdc2f891f920 100644
--- a/htdocs/adherents/note.php
+++ b/htdocs/adherents/note.php
@@ -28,7 +28,7 @@ require_once(DOL_DOCUMENT_ROOT.'/adherents/class/adherent.class.php');
require_once(DOL_DOCUMENT_ROOT."/adherents/class/adherent_type.class.php");
$action=GETPOST('action');
-$id=GETPOST("id");
+$id=GETPOST('id','int');
$langs->load("companies");
$langs->load("members");
diff --git a/htdocs/adherents/stats/index.php b/htdocs/adherents/stats/index.php
index c3486f5aeb121beb6b296d73857666670df51dd8..8c5484d3e92ef5cda8867fd87a1f0089363918c2 100644
--- a/htdocs/adherents/stats/index.php
+++ b/htdocs/adherents/stats/index.php
@@ -31,8 +31,8 @@ require_once(DOL_DOCUMENT_ROOT."/core/lib/member.lib.php");
$WIDTH=500;
$HEIGHT=200;
-$userid=GETPOST('userid'); if ($userid < 0) $userid=0;
-$socid=GETPOST('socid'); if ($socid < 0) $socid=0;
+$userid=GETPOST('userid','int'); if ($userid < 0) $userid=0;
+$socid=GETPOST('socid','int'); if ($socid < 0) $socid=0;
// Security check
if ($user->societe_id > 0)
{
diff --git a/htdocs/admin/dict.php b/htdocs/admin/dict.php
index 65f1fc4f64a663e816c571055cf99b154084c212..3b5baa48d1ee1fc0e6e99f8cf25d746171a0f164 100644
--- a/htdocs/admin/dict.php
+++ b/htdocs/admin/dict.php
@@ -296,7 +296,7 @@ complete_dictionnary_with_modules($taborder,$tabname,$tablib,$tabsql,$tabsqlsort
// Define elementList and sourceList (used for dictionnary "type of contacts")
$elementList = array();
$sourceList=array();
-if (GETPOST("id") == 11)
+if (GETPOST('id','int') == 11)
{
$langs->load("orders");
$langs->load("contracts");
@@ -702,7 +702,7 @@ if ($_GET["id"])
if ($num > $listlimit)
{
print '<tr class="none"><td align="right" colspan="'.(3+count($fieldlist)).'">';
- print_fleche_navigation($page,$_SERVER["PHP_SELF"],'&id='.GETPOST('id'),($num > $listlimit),$langs->trans("Page").' '.($page+1));
+ print_fleche_navigation($page,$_SERVER["PHP_SELF"],'&id='.GETPOST('id','int'),($num > $listlimit),$langs->trans("Page").' '.($page+1));
print '</td></tr>';
}
@@ -737,10 +737,10 @@ if ($_GET["id"])
// Affiche nom du champ
if ($showfield)
{
- print_liste_field_titre($valuetoshow,"dict.php",$fieldlist[$field],($page?'page='.$page.'&':'').'&id='.GETPOST("id"),"","",$sortfield,$sortorder);
+ print_liste_field_titre($valuetoshow,"dict.php",$fieldlist[$field],($page?'page='.$page.'&':'').'&id='.GETPOST('id','int'),"","",$sortfield,$sortorder);
}
}
- print_liste_field_titre($langs->trans("Status"),"dict.php","active",($page?'page='.$page.'&':'').'&id='.GETPOST("id"),"",'align="center"',$sortfield,$sortorder);
+ print_liste_field_titre($langs->trans("Status"),"dict.php","active",($page?'page='.$page.'&':'').'&id='.GETPOST('id','int'),"",'align="center"',$sortfield,$sortorder);
print '<td colspan="2" class="liste_titre"> </td>';
print '</tr>';
@@ -756,7 +756,7 @@ if ($_GET["id"])
{
print '<form action="dict.php" method="post">';
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
- print '<input type="hidden" name="id" value="'.GETPOST("id").'">';
+ print '<input type="hidden" name="id" value="'.GETPOST('id','int').'">';
print '<input type="hidden" name="page" value="'.$page.'">';
print '<input type="hidden" name="rowid" value="'.$_GET["rowid"].'">';
diff --git a/htdocs/cashdesk/admin/cashdesk.php b/htdocs/cashdesk/admin/cashdesk.php
index 254ea1c62635e29ce9d32ffd08f0512f1fb6d64d..8b3bb8a9fcf1e072ccba259368a2d3b389484587 100644
--- a/htdocs/cashdesk/admin/cashdesk.php
+++ b/htdocs/cashdesk/admin/cashdesk.php
@@ -49,11 +49,11 @@ if (GETPOST("action") == 'set')
{
$db->begin();
- if (GETPOST("socid") < 0) $_POST["socid"]='';
+ if (GETPOST('socid','int') < 0) $_POST["socid"]='';
/*if (GETPOST("CASHDESK_ID_BANKACCOUNT") < 0) $_POST["CASHDESK_ID_BANKACCOUNT"]='';
if (GETPOST("CASHDESK_ID_WAREHOUSE") < 0) $_POST["CASHDESK_ID_WAREHOUSE"]='';*/
- $res = dolibarr_set_const($db,"CASHDESK_ID_THIRDPARTY",GETPOST("socid"),'chaine',0,'',$conf->entity);
+ $res = dolibarr_set_const($db,"CASHDESK_ID_THIRDPARTY",GETPOST('socid','int'),'chaine',0,'',$conf->entity);
$res = dolibarr_set_const($db,"CASHDESK_ID_BANKACCOUNT_CASH",GETPOST("CASHDESK_ID_BANKACCOUNT_CASH"),'chaine',0,'',$conf->entity);
$res = dolibarr_set_const($db,"CASHDESK_ID_BANKACCOUNT_CHEQUE",GETPOST("CASHDESK_ID_BANKACCOUNT_CHEQUE"),'chaine',0,'',$conf->entity);
$res = dolibarr_set_const($db,"CASHDESK_ID_BANKACCOUNT_CB",GETPOST("CASHDESK_ID_BANKACCOUNT_CB"),'chaine',0,'',$conf->entity);
diff --git a/htdocs/cashdesk/index.php b/htdocs/cashdesk/index.php
index 104532b469d669c251fa2405c9d2bd0f92efd9cd..3f5edb9e290a225c901bbf4fc7ced78406b1e955 100644
--- a/htdocs/cashdesk/index.php
+++ b/htdocs/cashdesk/index.php
@@ -93,7 +93,7 @@ print '<td>';
$disabled=0;
$langs->load("companies");
if (! empty($conf->global->CASHDESK_ID_THIRDPARTY)) $disabled=1; // If a particular third party is defined, we disable choice
-print $form->select_company(GETPOST('socid')?GETPOST('socid'):$conf->global->CASHDESK_ID_THIRDPARTY,'socid','s.client in (1,3)',!$disabled,$disabled,1);
+print $form->select_company(GETPOST('socid','int')?GETPOST('socid','int'):$conf->global->CASHDESK_ID_THIRDPARTY,'socid','s.client in (1,3)',!$disabled,$disabled,1);
//print '<input name="warehouse_id" class="texte_login" type="warehouse_id" value="" />';
print '</td>';
print "</tr>\n";
diff --git a/htdocs/cashdesk/index_verif.php b/htdocs/cashdesk/index_verif.php
index 104035ce6e37e60ec432c10e01b480e96ff041dd..50b18218902540580be05ffea797c4cd0f51c731 100644
--- a/htdocs/cashdesk/index_verif.php
+++ b/htdocs/cashdesk/index_verif.php
@@ -30,7 +30,7 @@ $langs->load("cashdesk");
$username = GETPOST("txtUsername");
$password = GETPOST("pwdPassword");
-$thirdpartyid = (GETPOST("socid")!='')?GETPOST("socid"):$conf->global->CASHDESK_ID_THIRDPARTY;
+$thirdpartyid = (GETPOST('socid','int')!='')?GETPOST('socid','int'):$conf->global->CASHDESK_ID_THIRDPARTY;
$warehouseid = (GETPOST("warehouseid")!='')?GETPOST("warehouseid"):$conf->global->CASHDESK_ID_WAREHOUSE;
// Check username
diff --git a/htdocs/cashdesk/tpl/ticket.tpl.php b/htdocs/cashdesk/tpl/ticket.tpl.php
index af52f517f8d066c226a52dbcffaf75f11c4632da..a3a055ac0827ade8111aef613130ab360e84b964 100644
--- a/htdocs/cashdesk/tpl/ticket.tpl.php
+++ b/htdocs/cashdesk/tpl/ticket.tpl.php
@@ -20,7 +20,7 @@ include_once(DOL_DOCUMENT_ROOT.'/compta/facture/class/facture.class.php');
$langs->load("main");
header("Content-type: text/html; charset=".$conf->file->character_set_client);
-$facid=GETPOST('facid');
+$facid=GETPOST('facid','int');
$object=new Facture($db);
$object->fetch($facid);
diff --git a/htdocs/categories/categorie.php b/htdocs/categories/categorie.php
index 5ca949410b6d1dd837923cf569275143fd7650c4..1a159d0325755eb17768c5f18a2c13dc41bcf192 100644
--- a/htdocs/categories/categorie.php
+++ b/htdocs/categories/categorie.php
@@ -32,8 +32,8 @@ require_once(DOL_DOCUMENT_ROOT."/categories/class/categorie.class.php");
$langs->load("categories");
$langs->load("products");
-$socid = GETPOST('socid');
-$id = GETPOST('id');
+$socid = GETPOST('socid','int');
+$id = GETPOST('id','int');
$ref = GETPOST('ref');
$type = GETPOST('type');
$mesg = GETPOST('mesg');
diff --git a/htdocs/categories/edit.php b/htdocs/categories/edit.php
index efc432e7f94d7097aff4dc72cbd5670643b37262..ca82944a32aa6d3a0e4d57b09828dbd0ad1a4275 100644
--- a/htdocs/categories/edit.php
+++ b/htdocs/categories/edit.php
@@ -28,7 +28,7 @@ require("../main.inc.php");
require_once(DOL_DOCUMENT_ROOT."/categories/class/categorie.class.php");
-$id=GETPOST('id');
+$id=GETPOST('id','int');
$ref=GETPOST('ref');
$type=GETPOST('type');
$action=GETPOST('action');
diff --git a/htdocs/categories/fiche.php b/htdocs/categories/fiche.php
index 893afea90e313280039098a932ad3bec4921b752..727524f75213a5b1870fed62e373278476ab8bd2 100644
--- a/htdocs/categories/fiche.php
+++ b/htdocs/categories/fiche.php
@@ -31,7 +31,7 @@ $langs->load("categories");
// Security check
-$socid=GETPOST('socid');
+$socid=GETPOST('socid','int');
if (!$user->rights->categorie->lire) accessforbidden();
$action = GETPOST('action');
diff --git a/htdocs/categories/photos.php b/htdocs/categories/photos.php
index 76f65ac07a0f74b5da08115c9e41961810c84e81..747d2c92a5bbd2fc56e4616eb40eb29caef6e545 100644
--- a/htdocs/categories/photos.php
+++ b/htdocs/categories/photos.php
@@ -35,7 +35,7 @@ $langs->load("bills");
$mesg = '';
-$id=GETPOST('id');
+$id=GETPOST('id','int');
$ref=GETPOST('ref');
$type=GETPOST('type');
$action=GETPOST('action');
diff --git a/htdocs/categories/viewcat.php b/htdocs/categories/viewcat.php
index 88f5dcec26953eb540100287a34eba849fbfe50a..5efa8c9ececa735be1f3fc5525ab2ccd5b610e89 100644
--- a/htdocs/categories/viewcat.php
+++ b/htdocs/categories/viewcat.php
@@ -31,7 +31,7 @@ require_once(DOL_DOCUMENT_ROOT."/core/lib/categories.lib.php");
$langs->load("categories");
$mesg = '';
-$id=GETPOST('id');
+$id=GETPOST('id','int');
$ref=GETPOST('ref');
$type=GETPOST('type');
$action=GETPOST('action');
diff --git a/htdocs/comm/action/document.php b/htdocs/comm/action/document.php
index 88fa0f440eac72553946020f194aebdcf35be9e8..9993faac02b2b7562ec44095b11d638b69a8b541 100755
--- a/htdocs/comm/action/document.php
+++ b/htdocs/comm/action/document.php
@@ -40,7 +40,7 @@ $langs->load("other");
$langs->load("bills");
if (isset($_GET["error"])) $error=$_GET["error"];
-$objectid = GETPOST("id");
+$objectid = GETPOST('id','int');
// Security check
if ($user->societe_id > 0)
diff --git a/htdocs/comm/action/fiche.php b/htdocs/comm/action/fiche.php
index 2951f701c77748fba4c1a4452782e5bd1c810cfa..023a12b1fee62911f0bc10553d7b7a7906cc712a 100644
--- a/htdocs/comm/action/fiche.php
+++ b/htdocs/comm/action/fiche.php
@@ -153,10 +153,10 @@ if ($action == 'add_action')
$actioncomm->note = trim($_POST["note"]);
if (isset($_POST["contactid"])) $actioncomm->contact = $contact;
- if (GETPOST("socid") > 0)
+ if (GETPOST('socid','int') > 0)
{
$societe = new Societe($db);
- $societe->fetch(GETPOST("socid"));
+ $societe->fetch(GETPOST('socid','int'));
$actioncomm->societe = $societe;
}
@@ -508,12 +508,12 @@ if ($action == 'create')
// Societe, contact
print '<tr><td width="30%" nowrap="nowrap">'.$langs->trans("ActionOnCompany").'</td><td>';
- if (GETPOST("socid") > 0)
+ if (GETPOST('socid','int') > 0)
{
$societe = new Societe($db);
- $societe->fetch(GETPOST("socid"));
+ $societe->fetch(GETPOST('socid','int'));
print $societe->getNomUrl(1);
- print '<input type="hidden" name="socid" value="'.GETPOST("socid").'">';
+ print '<input type="hidden" name="socid" value="'.GETPOST('socid','int').'">';
}
else
{
@@ -522,10 +522,10 @@ if ($action == 'create')
print '</td></tr>';
// If company is forced, we propose contacts (may be contact is also forced)
- if (GETPOST("contactid") > 0 || GETPOST("socid") > 0)
+ if (GETPOST("contactid") > 0 || GETPOST('socid','int') > 0)
{
print '<tr><td nowrap>'.$langs->trans("ActionOnContact").'</td><td>';
- $form->select_contacts(GETPOST("socid"),GETPOST('contactid'),'contactid',1);
+ $form->select_contacts(GETPOST('socid','int'),GETPOST('contactid'),'contactid',1);
print '</td></tr>';
}
diff --git a/htdocs/comm/action/rapport/index.php b/htdocs/comm/action/rapport/index.php
index 25d0403f3c43b0a91ca735fc4353ad85aaf1fa23..57c23879b4583c4958175527f21869190d967e92 100644
--- a/htdocs/comm/action/rapport/index.php
+++ b/htdocs/comm/action/rapport/index.php
@@ -40,7 +40,7 @@ if (! $sortorder) $sortorder="DESC";
if (! $sortfield) $sortfield="a.datep";
// Security check
-$socid = GETPOST("socid");
+$socid = GETPOST('socid','int');
if ($user->societe_id) $socid=$user->societe_id;
$result = restrictedArea($user, 'agenda', $socid, '', 'myactions');
@@ -53,7 +53,7 @@ $langs->load("commercial");
if ($_GET["action"] == 'builddoc')
{
$cat = new CommActionRapport($db, $_GET["month"], $_GET["year"]);
- $result=$cat->write_file(GETPOST("id"));
+ $result=$cat->write_file(GETPOST('id','int'));
if ($result < 0)
{
$mesg=$cat->error;
diff --git a/htdocs/comm/contact.php b/htdocs/comm/contact.php
index 38c9c4bed4cb02a6255f109da80fa686d8746485..38c20e438a65d3624225f1aeb562c8069a5792b0 100644
--- a/htdocs/comm/contact.php
+++ b/htdocs/comm/contact.php
@@ -40,7 +40,7 @@ $offset = $limit * $page ;
$type=$_GET["type"];
// Security check
-$socid = GETPOST('socid');
+$socid = GETPOST('socid','int');
if ($user->societe_id) $socid=$user->societe_id;
$result = restrictedArea($user, 'societe',$socid,'');
diff --git a/htdocs/comm/fiche.php b/htdocs/comm/fiche.php
index 56e78a0f523c131d909bbf6e9b7c78ff33eb1481..cc83e426ca01688a735a1957277ff1b3ae70d4e3 100644
--- a/htdocs/comm/fiche.php
+++ b/htdocs/comm/fiche.php
@@ -49,7 +49,7 @@ if ($conf->notification->enabled) $langs->load("mails");
if (!empty($conf->global->MAIN_MODULE_CHRONODOCS)) $langs->load("chronodocs");
// Security check
-$id = (GETPOST('socid','int') ? GETPOST('socid','int') : GETPOST('id'));
+$id = (GETPOST('socid','int') ? GETPOST('socid','int') : GETPOST('id','int'));
if ($user->societe_id > 0) $id=$user->societe_id;
$result = restrictedArea($user,'societe',$id,'&societe');
diff --git a/htdocs/comm/list.php b/htdocs/comm/list.php
index 0c47814e6f1ebad73ce06f1d9041fac8b5030657..b636c8bd3b76261125a32ffc734a6c8abf50a734 100755
--- a/htdocs/comm/list.php
+++ b/htdocs/comm/list.php
@@ -32,7 +32,7 @@ $langs->load("suppliers");
$langs->load("commercial");
// Security check
-$socid = GETPOST("socid");
+$socid = GETPOST('socid','int');
if ($user->societe_id) $socid=$user->societe_id;
$result = restrictedArea($user,'societe',$socid,'');
diff --git a/htdocs/comm/mailing/cibles.php b/htdocs/comm/mailing/cibles.php
index 45092f15267d4b23c59276da653695a81b34c407..01cd0bd43474dc940f61f34ae0b87513a0381b17 100644
--- a/htdocs/comm/mailing/cibles.php
+++ b/htdocs/comm/mailing/cibles.php
@@ -47,7 +47,7 @@ $pagenext = $page + 1;
if (! $sortorder) $sortorder="ASC";
if (! $sortfield) $sortfield="email";
-$id=GETPOST('rowid')?GETPOST('rowid'):GETPOST('id');
+$id=GETPOST('rowid')?GETPOST('rowid'):GETPOST('id','int');
$action=GETPOST("action");
$search_nom=GETPOST("search_nom");
$search_prenom=GETPOST("search_prenom");
diff --git a/htdocs/comm/propal.php b/htdocs/comm/propal.php
index cab31680ba3e0b0f91fb5f1dae6a630fbc61c7d0..4310a9de86036b3c84c17df015e60c4b221a1d98 100644
--- a/htdocs/comm/propal.php
+++ b/htdocs/comm/propal.php
@@ -1080,7 +1080,7 @@ if ($id > 0 || ! empty($ref))
//'text' => $langs->trans("ConfirmClone"),
//array('type' => 'checkbox', 'name' => 'clone_content', 'label' => $langs->trans("CloneMainAttributes"), 'value' => 1),
//array('type' => 'checkbox', 'name' => 'update_prices', 'label' => $langs->trans("PuttingPricesUpToDate"), 'value' => 1),
- array('type' => 'other', 'name' => 'socid', 'label' => $langs->trans("SelectThirdParty"), 'value' => $form->select_company(GETPOST('socid'),'socid','(s.client=1 OR s.client=3)'))
+ array('type' => 'other', 'name' => 'socid', 'label' => $langs->trans("SelectThirdParty"), 'value' => $form->select_company(GETPOST('socid','int'),'socid','(s.client=1 OR s.client=3)'))
);
// Paiement incomplet. On demande si motif = escompte ou autre
$formconfirm=$form->formconfirm($_SERVER["PHP_SELF"].'?id='.$object->id,$langs->trans('ClonePropal'),$langs->trans('ConfirmClonePropal',$object->ref),'confirm_clone',$formquestion,'yes',1);
@@ -1352,11 +1352,11 @@ if ($id > 0 || ! empty($ref))
if ($action == 'editdelivery_address')
{
- $formother->form_address($_SERVER['PHP_SELF'].'?id='.$object->id,$object->fk_delivery_address,GETPOST('socid'),'fk_address','propal',$object->id);
+ $formother->form_address($_SERVER['PHP_SELF'].'?id='.$object->id,$object->fk_delivery_address,GETPOST('socid','int'),'fk_address','propal',$object->id);
}
else
{
- $formother->form_address($_SERVER['PHP_SELF'].'?id='.$object->id,$object->fk_delivery_address,GETPOST('socid'),'none','propal',$object->id);
+ $formother->form_address($_SERVER['PHP_SELF'].'?id='.$object->id,$object->fk_delivery_address,GETPOST('socid','int'),'none','propal',$object->id);
}
print '</td></tr>';
}
diff --git a/htdocs/comm/propal/apercu.php b/htdocs/comm/propal/apercu.php
index 56a0c9c06dec64f99c269866e9e1f5965e9f6c06..ea03bf2875a4bead9d2f36f580b99ebd004fa2bb 100644
--- a/htdocs/comm/propal/apercu.php
+++ b/htdocs/comm/propal/apercu.php
@@ -37,7 +37,7 @@ $langs->load('compta');
// Security check
$socid=0;
-$id = GETPOST("id");
+$id = GETPOST('id','int');
$ref = GETPOST("ref");
if ($user->societe_id) $socid=$user->societe_id;
$result = restrictedArea($user, 'propale', $id, 'propal');
diff --git a/htdocs/comm/propal/document.php b/htdocs/comm/propal/document.php
index 56f8fd581fa2c4116168340f1f60a7a24938bed7..30592f90426fc3f449c74ecb7d9345ca1aed7cd1 100644
--- a/htdocs/comm/propal/document.php
+++ b/htdocs/comm/propal/document.php
@@ -35,7 +35,7 @@ $langs->load('other');
$action = GETPOST('action');
$confirm = GETPOST('confirm');
-$id = GETPOST('id');
+$id = GETPOST('id','int');
$ref = GETPOST('ref');
// Security check
diff --git a/htdocs/comm/propal/stats/index.php b/htdocs/comm/propal/stats/index.php
index 7dcff4a5b54cb4cfd4d2908c876b2df1255e2cab..408abed65cf9776b5cf0ff6f31ad3a8aaea63ba3 100644
--- a/htdocs/comm/propal/stats/index.php
+++ b/htdocs/comm/propal/stats/index.php
@@ -30,8 +30,8 @@ require_once(DOL_DOCUMENT_ROOT."/core/class/dolgraph.class.php");
$WIDTH=500;
$HEIGHT=200;
-$userid=GETPOST('userid'); if ($userid < 0) $userid=0;
-$socid=GETPOST('socid'); if ($socid < 0) $socid=0;
+$userid=GETPOST('userid','int'); if ($userid < 0) $userid=0;
+$socid=GETPOST('socid','int'); if ($socid < 0) $socid=0;
// Security check
if ($user->societe_id > 0)
{
diff --git a/htdocs/comm/prospect/fiche.php b/htdocs/comm/prospect/fiche.php
index db6a493c54ee10b8a53b3ff16f2a39c58c951b64..020cc203f10de1f1b9e19c0388ec203d0fb26597 100644
--- a/htdocs/comm/prospect/fiche.php
+++ b/htdocs/comm/prospect/fiche.php
@@ -37,7 +37,7 @@ $langs->load('projects');
$langs->load('propal');
// Security check
-$socid = GETPOST("socid");
+$socid = GETPOST('socid','int');
if ($user->societe_id) $socid=$user->societe_id;
$result = restrictedArea($user, 'societe', $socid, '&societe');
diff --git a/htdocs/comm/remx.php b/htdocs/comm/remx.php
index 42bac50817f69c8c0416adf6390d28eccdcc8501..828d231d3b8d9c5a6d1744a45d06d83ff4434318 100644
--- a/htdocs/comm/remx.php
+++ b/htdocs/comm/remx.php
@@ -36,7 +36,7 @@ $action=GETPOST('action','alpha');
$backtopage=GETPOST('backtopage','alpha');
// Security check
-$socid = GETPOST("id");
+$socid = GETPOST('id','int');
if ($user->societe_id > 0)
{
$socid = $user->societe_id;
@@ -189,7 +189,7 @@ if (GETPOST("action") == 'confirm_remove' && GETPOST("confirm")=='yes')
if ($result > 0)
{
$db->commit();
- header("Location: ".$_SERVER["PHP_SELF"].'?id='.GETPOST('id')); // To avoid pb whith back
+ header("Location: ".$_SERVER["PHP_SELF"].'?id='.GETPOST('id','int')); // To avoid pb whith back
exit;
}
else
diff --git a/htdocs/commande/apercu.php b/htdocs/commande/apercu.php
index 70561e6b8d4ca582aeb217ab318dacc537b74294..0407eced627c9da272560cd67d01869b4c06b0f2 100644
--- a/htdocs/commande/apercu.php
+++ b/htdocs/commande/apercu.php
@@ -40,7 +40,7 @@ $langs->load('sendings');
// Security check
$socid=0;
-$id = GETPOST("id");
+$id = GETPOST('id','int');
$ref = GETPOST("ref");
if ($user->societe_id) $socid=$user->societe_id;
$result=restrictedArea($user,'commande',$id,'');
diff --git a/htdocs/commande/contact.php b/htdocs/commande/contact.php
index 966e2c660fc26fc84363ce9b801eee60dcdd7486..828dc7c0a26d2d60266bd427688c9f590decfe00 100644
--- a/htdocs/commande/contact.php
+++ b/htdocs/commande/contact.php
@@ -79,7 +79,7 @@ if ($_POST["action"] == 'addcontact' && $user->rights->commande->creer)
if ($_GET["action"] == 'swapstatut' && $user->rights->commande->creer)
{
$commande = new Commande($db);
- if ($commande->fetch(GETPOST("id")))
+ if ($commande->fetch(GETPOST('id','int')))
{
$result=$commande->swapContactStatus(GETPOST('ligne'));
}
diff --git a/htdocs/commande/document.php b/htdocs/commande/document.php
index e2b9f431043c44272de54b53bbe9b3f4d8fb70e0..f4838e1663ef14b2ae33e19d776ab0246d7f20e0 100644
--- a/htdocs/commande/document.php
+++ b/htdocs/commande/document.php
@@ -36,7 +36,7 @@ $langs->load('other');
$action = GETPOST('action');
$confirm = GETPOST('confirm');
-$id = GETPOST('id');
+$id = GETPOST('id','int');
$ref = GETPOST('ref');
// Security check
diff --git a/htdocs/commande/fiche.php b/htdocs/commande/fiche.php
index f8b2a4049cfd03f2379b8121b1d1513f0f72bbca..a8383c52d555a2d30739b36d563b7f6950aa2a7a 100644
--- a/htdocs/commande/fiche.php
+++ b/htdocs/commande/fiche.php
@@ -51,9 +51,9 @@ $langs->load('propal');
$langs->load('deliveries');
$langs->load('products');
-$id = (GETPOST("id")?GETPOST("id"):GETPOST("orderid"));
+$id = (GETPOST('id','int')?GETPOST('id','int'):GETPOST("orderid"));
$ref = GETPOST('ref');
-$socid = GETPOST('socid');
+$socid = GETPOST('socid','int');
$action = GETPOST('action');
$confirm = GETPOST('confirm');
$lineid = GETPOST('lineid');
@@ -191,7 +191,7 @@ if ($action == 'add' && $user->rights->commande->creer)
$datecommande = dol_mktime(12, 0, 0, $_POST['remonth'], $_POST['reday'], $_POST['reyear']);
$datelivraison = dol_mktime(12, 0, 0, $_POST['liv_month'],$_POST['liv_day'],$_POST['liv_year']);
- $object->socid=GETPOST('socid');
+ $object->socid=GETPOST('socid','int');
$object->fetch_thirdparty();
$db->begin();
@@ -1652,7 +1652,7 @@ else
//'text' => $langs->trans("ConfirmClone"),
//array('type' => 'checkbox', 'name' => 'clone_content', 'label' => $langs->trans("CloneMainAttributes"), 'value' => 1),
//array('type' => 'checkbox', 'name' => 'update_prices', 'label' => $langs->trans("PuttingPricesUpToDate"), 'value' => 1),
- array('type' => 'other', 'name' => 'socid', 'label' => $langs->trans("SelectThirdParty"), 'value' => $form->select_company(GETPOST('socid'),'socid','(s.client=1 OR s.client=3)'))
+ array('type' => 'other', 'name' => 'socid', 'label' => $langs->trans("SelectThirdParty"), 'value' => $form->select_company(GETPOST('socid','int'),'socid','(s.client=1 OR s.client=3)'))
);
// Paiement incomplet. On demande si motif = escompte ou autre
$formconfirm=$form->formconfirm($_SERVER["PHP_SELF"].'?id='.$object->id,$langs->trans('CloneOrder'),$langs->trans('ConfirmCloneOrder',$object->ref),'confirm_clone',$formquestion,'yes',1);
diff --git a/htdocs/commande/index.php b/htdocs/commande/index.php
index 94946d75c651fe26ebfc02fec1d44e2d779032d1..d70aaf52af1aa605e7b38a5a3017a29cede1436a 100644
--- a/htdocs/commande/index.php
+++ b/htdocs/commande/index.php
@@ -33,7 +33,7 @@ if (!$user->rights->commande->lire) accessforbidden();
$langs->load("orders");
// Security check
-$socid=GETPOST('socid');
+$socid=GETPOST('socid','int');
if ($user->societe_id > 0)
{
$action = '';
diff --git a/htdocs/commande/liste.php b/htdocs/commande/liste.php
index 6ffe19b3df91c260b01937973c63189eb9e1df45..d628610b94c360bf30bf597eaceecc48324972f2 100644
--- a/htdocs/commande/liste.php
+++ b/htdocs/commande/liste.php
@@ -44,7 +44,7 @@ $sall=GETPOST('sall');
$socid=GETPOST('socid','int');
// Security check
-$id = (GETPOST('orderid')?GETPOST('orderid'):GETPOST('id'));
+$id = (GETPOST('orderid')?GETPOST('orderid'):GETPOST('id','int'));
if ($user->societe_id) $socid=$user->societe_id;
$result = restrictedArea($user, 'commande', $id,'');
diff --git a/htdocs/commande/stats/index.php b/htdocs/commande/stats/index.php
index 57ce188be2593acf43351d8bfb8e5c6f1c0164fe..6ef7e808126b231de4743da6165ace3b358ce825 100644
--- a/htdocs/commande/stats/index.php
+++ b/htdocs/commande/stats/index.php
@@ -34,8 +34,8 @@ $mode=GETPOST("mode")?GETPOST("mode"):'customer';
if ($mode == 'customer' && ! $user->rights->commande->lire) accessforbidden();
if ($mode == 'supplier' && ! $user->rights->fournisseur->commande->lire) accessforbidden();
-$userid=GETPOST('userid'); if ($userid < 0) $userid=0;
-$socid=GETPOST('socid'); if ($socid < 0) $socid=0;
+$userid=GETPOST('userid','int'); if ($userid < 0) $userid=0;
+$socid=GETPOST('socid','int'); if ($socid < 0) $socid=0;
// Security check
if ($user->societe_id > 0)
{
diff --git a/htdocs/compta/bank/fiche.php b/htdocs/compta/bank/fiche.php
index 5a57bef27b73d77022cb8748353d6e22327ca5b4..f61d78641bb58892e9254b5014bc3a6d3d4adc44 100644
--- a/htdocs/compta/bank/fiche.php
+++ b/htdocs/compta/bank/fiche.php
@@ -468,10 +468,10 @@ else
/* */
/* ************************************************************************** */
- if (GETPOST("id") && $action == 'edit' && $user->rights->banque->configurer)
+ if (GETPOST('id','int') && $action == 'edit' && $user->rights->banque->configurer)
{
$account = new Account($db);
- $account->fetch(GETPOST("id"));
+ $account->fetch(GETPOST('id','int'));
print_fiche_titre($langs->trans("EditFinancialAccount"));
print "<br>";
diff --git a/htdocs/compta/deplacement/fiche.php b/htdocs/compta/deplacement/fiche.php
index fce385ea57e1f32a577b51759ee7dbec8dc7bf53..66680ef089d83d65fc774378d4bb78467c86129e 100644
--- a/htdocs/compta/deplacement/fiche.php
+++ b/htdocs/compta/deplacement/fiche.php
@@ -36,7 +36,7 @@ $langs->load("trips");
// Security check
-$id = GETPOST('id');
+$id = GETPOST('id','int');
if ($user->societe_id) $socid=$user->societe_id;
$result = restrictedArea($user, 'deplacement', $id,'');
@@ -287,7 +287,7 @@ if ($action == 'create')
// Company
print "<tr>";
print '<td>'.$langs->trans("CompanyVisited").'</td><td>';
- print $form->select_company(GETPOST("socid"),'socid','',1);
+ print $form->select_company(GETPOST('socid','int'),'socid','',1);
print '</td></tr>';
// Public note
diff --git a/htdocs/compta/deplacement/index.php b/htdocs/compta/deplacement/index.php
index 273e27bec66f0e412b53b0c0f56e11e426b33293..1fe0e9549ac2ff77bd8971e3b7a6a9f394d73da8 100644
--- a/htdocs/compta/deplacement/index.php
+++ b/htdocs/compta/deplacement/index.php
@@ -32,7 +32,7 @@ $langs->load("users");
$langs->load("trips");
// Security check
-$socid = GETPOST('socid');
+$socid = GETPOST('socid','int');
if ($user->societe_id) $socid=$user->societe_id;
$result = restrictedArea($user, 'deplacement','','');
diff --git a/htdocs/compta/deplacement/info.php b/htdocs/compta/deplacement/info.php
index 7dee9417339d0783675930e25bed0fb0d7e1ff2e..1d0874af388d91558e006392308014e3a25b6d46 100644
--- a/htdocs/compta/deplacement/info.php
+++ b/htdocs/compta/deplacement/info.php
@@ -30,7 +30,7 @@ require_once(DOL_DOCUMENT_ROOT."/compta/deplacement/class/deplacement.class.php"
$langs->load("trips");
// Security check
-$id = GETPOST('id');
+$id = GETPOST('id','int');
if ($user->societe_id) $socid=$user->societe_id;
$result = restrictedArea($user, 'deplacement', $id, '');
diff --git a/htdocs/compta/deplacement/list.php b/htdocs/compta/deplacement/list.php
index bd3ffc66e3625eba2a0233d7337ca263d05a48b5..cc3d454231691af58267e0f2460aa00481e6b35f 100755
--- a/htdocs/compta/deplacement/list.php
+++ b/htdocs/compta/deplacement/list.php
@@ -32,7 +32,7 @@ $langs->load("users");
$langs->load("trips");
// Security check
-$socid = GETPOST('socid');
+$socid = GETPOST('socid','int');
if ($user->societe_id) $socid=$user->societe_id;
$result = restrictedArea($user, 'deplacement','','');
diff --git a/htdocs/compta/deplacement/stats/index.php b/htdocs/compta/deplacement/stats/index.php
index d9847f8cb524afa3f9cc54a72d8c5ac43017d303..d07f816f1bc7b7cf08f4b8e0ef06c48fd45f3eb5 100755
--- a/htdocs/compta/deplacement/stats/index.php
+++ b/htdocs/compta/deplacement/stats/index.php
@@ -31,8 +31,8 @@ $langs->load("trips");
$WIDTH=500;
$HEIGHT=200;
-$userid=GETPOST('userid'); if ($userid < 0) $userid=0;
-$socid=GETPOST('socid'); if ($socid < 0) $socid=0;
+$userid=GETPOST('userid','int'); if ($userid < 0) $userid=0;
+$socid=GETPOST('socid','int'); if ($socid < 0) $socid=0;
// Securite acces client
if ($user->societe_id > 0)
{
diff --git a/htdocs/compta/dons/fiche.php b/htdocs/compta/dons/fiche.php
index 5ee0351d5590b0423609322810dfa7321f83faf4..5ee0ae1c95b79db71c573c92c70dceb4948d9cef 100644
--- a/htdocs/compta/dons/fiche.php
+++ b/htdocs/compta/dons/fiche.php
@@ -34,7 +34,7 @@ $langs->load("companies");
$langs->load("donations");
$langs->load("bills");
-$id=GETPOST('rowid')?GETPOST('rowid'):GETPOST('id');
+$id=GETPOST('rowid')?GETPOST('rowid'):GETPOST('id','int');
$action=GETPOST('action');
$mesg="";
diff --git a/htdocs/compta/facture.php b/htdocs/compta/facture.php
index 33ef351b0f8de5cab8b8e726f08e3ea2025ee914..e608d07d1a90251b42bcab842367f2bf9024d15c 100644
--- a/htdocs/compta/facture.php
+++ b/htdocs/compta/facture.php
@@ -53,7 +53,7 @@ if (GETPOST('mesg','int',1) && isset($_SESSION['message'])) $mesg=$_SESSION['mes
$sall=trim(GETPOST('sall'));
$projectid=(GETPOST('projectid')?GETPOST('projectid','int'):0);
-$id=(GETPOST('id')?GETPOST('id','int'):GETPOST('facid','int')); // For backward compatibility
+$id=(GETPOST('id','int')?GETPOST('id','int'):GETPOST('facid','int')); // For backward compatibility
$ref=GETPOST('ref','alpha');
$socid=GETPOST('socid','int');
$action=GETPOST('action','alpha');
@@ -558,7 +558,7 @@ if ($action == 'confirm_converttoreduc' && $confirm == 'yes' && $user->rights->f
*/
if ($action == 'add' && $user->rights->facture->creer)
{
- $object->socid=GETPOST('socid');
+ $object->socid=GETPOST('socid','int');
$db->begin();
diff --git a/htdocs/compta/facture/apercu.php b/htdocs/compta/facture/apercu.php
index 6c07791e2721bea161ed6197184471318e83dbdb..f29038bf0d3d7fe149e160460dfc6883a20de991 100644
--- a/htdocs/compta/facture/apercu.php
+++ b/htdocs/compta/facture/apercu.php
@@ -36,7 +36,7 @@ $langs->load("bills");
// Security check
$socid=0;
-$id = GETPOST("facid");
+$id = GETPOST('facid','int');
$ref = GETPOST("ref");
if ($user->societe_id) $socid=$user->societe_id;
$result = restrictedArea($user, 'facture', $id);
diff --git a/htdocs/compta/facture/contact.php b/htdocs/compta/facture/contact.php
index 410cfcff75ebe0a82da2d055af5e06da14e8c92b..8e34d0aa48f16a5d227f2e09033f5ba982053802 100644
--- a/htdocs/compta/facture/contact.php
+++ b/htdocs/compta/facture/contact.php
@@ -32,7 +32,9 @@ require_once(DOL_DOCUMENT_ROOT.'/core/class/html.formcompany.class.php');
$langs->load("bills");
$langs->load("companies");
-$facid = isset($_GET["facid"])?$_GET["facid"]:'';
+$facid = GETPOST('facid');
+$id = GETPOST('facid');
+$ref= GETPOST('ref');
// Security check
if ($user->societe_id) $socid=$user->societe_id;
@@ -45,12 +47,11 @@ $result = restrictedArea($user, 'facture', $facid);
if ($_POST["action"] == 'addcontact' && $user->rights->facture->creer)
{
-
$result = 0;
$facture = new Facture($db);
- $result = $facture->fetch($_GET["facid"]);
+ $result = $facture->fetch($facid);
- if ($result > 0 && $_GET["facid"] > 0)
+ if ($result > 0 && $facid > 0)
{
$result = $facture->add_contact($_POST["contactid"], $_POST["type"], $_POST["source"]);
}
@@ -78,7 +79,7 @@ if ($_POST["action"] == 'addcontact' && $user->rights->facture->creer)
if ($_GET["action"] == 'swapstatut' && $user->rights->facture->creer)
{
$facture = new Facture($db);
- if ($facture->fetch(GETPOST("facid")))
+ if ($facture->fetch($facid))
{
$result=$facture->swapContactStatus(GETPOST('ligne'));
}
@@ -92,7 +93,7 @@ if ($_GET["action"] == 'swapstatut' && $user->rights->facture->creer)
if ($_GET["action"] == 'deleteline' && $user->rights->facture->creer)
{
$facture = new Facture($db);
- $facture->fetch($_GET["facid"]);
+ $facture->fetch($facid);
$result = $facture->delete_contact($_GET["lineid"]);
if ($result >= 0)
@@ -125,8 +126,6 @@ $userstatic=new User($db);
/* *************************************************************************** */
dol_htmloutput_mesg($mesg);
-$id = $_GET['facid'];
-$ref= $_GET['ref'];
if ($id > 0 || ! empty($ref))
{
$facture = new Facture($db);
diff --git a/htdocs/compta/facture/document.php b/htdocs/compta/facture/document.php
index 720d37f777201ccfaf8d39c34b567bcd3cccbf68..d76b6fc4b2dd4736f80bab5ccb5d1cf8d414dbd2 100644
--- a/htdocs/compta/facture/document.php
+++ b/htdocs/compta/facture/document.php
@@ -39,7 +39,7 @@ $langs->load("bills");
$action = GETPOST('action');
$confirm = GETPOST('confirm');
-$id = GETPOST('facid');
+$id = GETPOST('facid','int');
$ref = GETPOST('ref');
// Security check
diff --git a/htdocs/compta/facture/fiche-rec.php b/htdocs/compta/facture/fiche-rec.php
index 36f8777f2348e8aef396f87f8af692db2b105d34..2960624597a581ec80bc5808146a17913c00dcf3 100644
--- a/htdocs/compta/facture/fiche-rec.php
+++ b/htdocs/compta/facture/fiche-rec.php
@@ -31,7 +31,7 @@ require_once(DOL_DOCUMENT_ROOT."/product/class/product.class.php");
$langs->load('bills');
// Security check
-$facid=GETPOST("facid");
+$facid=GETPOST('facid','int');
$action=GETPOST("action");
if ($user->societe_id) $socid=$user->societe_id;
$objecttype = 'facture_rec';
@@ -81,7 +81,7 @@ if ($_POST["action"] == 'add')
if ($_REQUEST["action"] == 'delete' && $user->rights->facture->supprimer)
{
$facrec = new FactureRec($db);
- $facrec->fetch(GETPOST("facid"));
+ $facrec->fetch(GETPOST('facid','int'));
$facrec->delete();
$facid = 0 ;
}
diff --git a/htdocs/compta/facture/stats/index.php b/htdocs/compta/facture/stats/index.php
index 54dc1244aebc69687adb8b2c52926bc946b3896f..3b579f6e56f1f63e8824b08790e0689e66c6fc7c 100644
--- a/htdocs/compta/facture/stats/index.php
+++ b/htdocs/compta/facture/stats/index.php
@@ -33,8 +33,8 @@ $mode=GETPOST("mode")?GETPOST("mode"):'customer';
if ($mode == 'customer' && ! $user->rights->facture->lire) accessforbidden();
if ($mode == 'supplier' && ! $user->rights->fournisseur->facture->lire) accessforbidden();
-$userid=GETPOST('userid'); if ($userid < 0) $userid=0;
-$socid=GETPOST('socid'); if ($socid < 0) $socid=0;
+$userid=GETPOST('userid','int'); if ($userid < 0) $userid=0;
+$socid=GETPOST('socid','int'); if ($socid < 0) $socid=0;
// Security check
if ($user->societe_id > 0)
{
diff --git a/htdocs/compta/localtax/clients.php b/htdocs/compta/localtax/clients.php
index ce0dbf389d805505710dfe9f47d0f2a27aa05258..bea4c61aec45841c5754d9d0b9af66ac8c715fc9 100644
--- a/htdocs/compta/localtax/clients.php
+++ b/htdocs/compta/localtax/clients.php
@@ -75,7 +75,7 @@ $modetax = $conf->global->TAX_MODE;
if (isset($_REQUEST["modetax"])) $modetax=$_REQUEST["modetax"];
// Security check
-$socid = GETPOST("socid");
+$socid = GETPOST('socid','int');
if ($user->societe_id) $socid=$user->societe_id;
$result = restrictedArea($user, 'tax', '', '', 'charges');
diff --git a/htdocs/compta/paiement.php b/htdocs/compta/paiement.php
index 95658793d12c236b98ba736e522b11580bb5798f..7d8caf6e69cbaefc27af2940d80662608240ee79 100644
--- a/htdocs/compta/paiement.php
+++ b/htdocs/compta/paiement.php
@@ -37,7 +37,7 @@ $langs->load('banks');
$action = GETPOST('action');
$confirm = GETPOST('confirm');
-$facid = GETPOST('facid');
+$facid = GETPOST('facid','int');
$socname = GETPOST('socname');
$accountid = GETPOST('accountid');
$paymentnum = GETPOST('num_paiement');
diff --git a/htdocs/compta/paiement/cheque/fiche.php b/htdocs/compta/paiement/cheque/fiche.php
index a67c000f748a31ea96d1bff2c3afbe3b9246cfc2..6c49ce2a58200d799d95bfe45479b00f93ad2e3e 100644
--- a/htdocs/compta/paiement/cheque/fiche.php
+++ b/htdocs/compta/paiement/cheque/fiche.php
@@ -35,7 +35,7 @@ $langs->load('banks');
$langs->load('companies');
$langs->load('compta');
-$id =GETPOST("id");
+$id =GETPOST('id','int');
$ref=GETPOST("ref");
$action=GETPOST('action');
@@ -67,7 +67,7 @@ $filteraccountid=GETPOST('accountid');
if ($action == 'setdate' && $user->rights->banque->cheque)
{
$remisecheque = new RemiseCheque($db);
- $result = $remisecheque->fetch(GETPOST('id'));
+ $result = $remisecheque->fetch(GETPOST('id','int'));
if ($result > 0)
{
//print "x ".$_POST['liv_month'].", ".$_POST['liv_day'].", ".$_POST['liv_year'];
diff --git a/htdocs/compta/paiement/liste.php b/htdocs/compta/paiement/liste.php
index ddc95aa56421215dd794494c56b3e0061801e3a1..b7c53db2c67e6ba93508195b83327603eedb9caa 100644
--- a/htdocs/compta/paiement/liste.php
+++ b/htdocs/compta/paiement/liste.php
@@ -30,9 +30,9 @@ require_once(DOL_DOCUMENT_ROOT.'/compta/bank/class/account.class.php');
$langs->load("bills");
// Security check
-$facid =GETPOST("facid");
-$socid =GETPOST("socid");
-$userid=GETPOST('userid');
+$facid =GETPOST('facid','int');
+$socid =GETPOST('socid','int');
+$userid=GETPOST('userid','int');
if ($user->societe_id) $socid=$user->societe_id;
$result = restrictedArea($user, 'facture',$facid,'');
diff --git a/htdocs/compta/prelevement/bon.php b/htdocs/compta/prelevement/bon.php
index 67d7baee6efeca736b623ad019c603ad68fdd648..4a42b1fb08e1f1a00da259c6643d7ec858798c85 100644
--- a/htdocs/compta/prelevement/bon.php
+++ b/htdocs/compta/prelevement/bon.php
@@ -33,7 +33,7 @@ $langs->load("categories");
// Security check
$socid=0;
-$id = GETPOST("id");
+$id = GETPOST('id','int');
$ref = GETPOST("ref");
if ($user->societe_id) $socid=$user->societe_id;
$result = restrictedArea($user, 'prelevement', $id);
diff --git a/htdocs/compta/prelevement/bons.php b/htdocs/compta/prelevement/bons.php
index ff656c9857e7d8eae7ace6ad9dc37f481b0b233f..4cfbbf0a481c7cf7d6ffea09cbd67155ea20c83c 100644
--- a/htdocs/compta/prelevement/bons.php
+++ b/htdocs/compta/prelevement/bons.php
@@ -31,7 +31,7 @@ $langs->load("widthdrawals");
$langs->load("categories");
// Security check
-$socid = GETPOST("socid");
+$socid = GETPOST('socid','int');
if ($user->societe_id) $socid=$user->societe_id;
$result = restrictedArea($user, 'prelevement','','','bons');
diff --git a/htdocs/compta/prelevement/demandes.php b/htdocs/compta/prelevement/demandes.php
index 82ab1bb4402681b3ee8f5fadc6be210b11d39354..4038446afb180b6e8895c3f52b1dd15a6be75ee4 100644
--- a/htdocs/compta/prelevement/demandes.php
+++ b/htdocs/compta/prelevement/demandes.php
@@ -32,7 +32,7 @@ $langs->load("companies");
$langs->load("categories");
// Security check
-$socid = GETPOST("socid");
+$socid = GETPOST('socid','int');
if ($user->societe_id) $socid=$user->societe_id;
$result = restrictedArea($user, 'prelevement','','','bons');
diff --git a/htdocs/compta/prelevement/factures.php b/htdocs/compta/prelevement/factures.php
index 58fe3761db98ea65672d59b79a5ebc0fdf45b9e9..67e474200611559ae54cd3cb0e7fc21b9280b81c 100644
--- a/htdocs/compta/prelevement/factures.php
+++ b/htdocs/compta/prelevement/factures.php
@@ -37,8 +37,8 @@ $langs->load("categories");
if ($user->societe_id > 0) accessforbidden();
// Get supervariables
-$prev_id = GETPOST("id");
-$socid = GETPOST("socid");
+$prev_id = GETPOST('id','int');
+$socid = GETPOST('socid','int');
$page = GETPOST("page");
$sortorder = ((GETPOST("sortorder")=="")) ? "DESC" : GETPOST("sortorder");
$sortfield = ((GETPOST("sortfield")=="")) ? "p.ref" : GETPOST("sortfield");
diff --git a/htdocs/compta/prelevement/fiche-rejet.php b/htdocs/compta/prelevement/fiche-rejet.php
index 0fb5e55cf77cb64f65ed3e493b52dabd9361271f..f3ad78b9b643bff32726016c9831f949a077c577 100644
--- a/htdocs/compta/prelevement/fiche-rejet.php
+++ b/htdocs/compta/prelevement/fiche-rejet.php
@@ -35,7 +35,7 @@ $langs->load("categories");
if ($user->societe_id > 0) accessforbidden();
// Get supervariables
-$prev_id = GETPOST("id");
+$prev_id = GETPOST('id','int');
$page = GETPOST("page");
/*
diff --git a/htdocs/compta/prelevement/fiche-stat.php b/htdocs/compta/prelevement/fiche-stat.php
index 9d8261cf20971be31462d7327b267f1091176fd3..63b269c62867a12bd82dff1363847c3506f7f3a4 100644
--- a/htdocs/compta/prelevement/fiche-stat.php
+++ b/htdocs/compta/prelevement/fiche-stat.php
@@ -34,7 +34,7 @@ $langs->load("withdrawals");
$langs->load("categories");
// Get supervariables
-$prev_id = GETPOST("id");
+$prev_id = GETPOST('id','int');
$page = GETPOST("page");
/*
diff --git a/htdocs/compta/prelevement/fiche.php b/htdocs/compta/prelevement/fiche.php
index 4b76e9c3a02d88354efece46031c47fcb6dea0ea..e2d5a32fafed14e22cc06a70db182c7dca66795b 100644
--- a/htdocs/compta/prelevement/fiche.php
+++ b/htdocs/compta/prelevement/fiche.php
@@ -40,7 +40,7 @@ if ($user->societe_id > 0) accessforbidden();
// Get supervariables
$action = GETPOST("action");
-$id = GETPOST("id");
+$id = GETPOST('id','int');
/*
* Actions
diff --git a/htdocs/compta/prelevement/index.php b/htdocs/compta/prelevement/index.php
index 7c9a1347d9b933da3bf2c194b8682614343af9c9..a208b9d6b4745a43b6bded46a33cb104b012ecee 100644
--- a/htdocs/compta/prelevement/index.php
+++ b/htdocs/compta/prelevement/index.php
@@ -32,7 +32,7 @@ $langs->load("withdrawals");
$langs->load("categories");
// Security check
-$socid = GETPOST("socid");
+$socid = GETPOST('socid','int');
if ($user->societe_id) $socid=$user->societe_id;
$result = restrictedArea($user, 'prelevement','','');
diff --git a/htdocs/compta/prelevement/ligne.php b/htdocs/compta/prelevement/ligne.php
index 0914abbdc65e846bf0d1d99f1e262b5c505fe9f8..9af1d17b642f4f2bb57fe9372cdfefc791e207e2 100644
--- a/htdocs/compta/prelevement/ligne.php
+++ b/htdocs/compta/prelevement/ligne.php
@@ -39,8 +39,8 @@ $langs->load("categories");
// Get supervariables
$action = GETPOST("action");
-$id = GETPOST("id");
-$socid = GETPOST("socid");
+$id = GETPOST('id','int');
+$socid = GETPOST('socid','int');
$page = GETPOST("page");
$sortorder = GETPOST("sortorder");
diff --git a/htdocs/compta/prelevement/lignes.php b/htdocs/compta/prelevement/lignes.php
index 6df698b529a4eec8ba0535f5a4d4c082c2b35816..4d0db99de3c5b744b5a50547cb049f8e2a4538b4 100644
--- a/htdocs/compta/prelevement/lignes.php
+++ b/htdocs/compta/prelevement/lignes.php
@@ -36,8 +36,8 @@ if ($user->societe_id > 0) accessforbidden();
$langs->load("categories");
// Get supervariables
-$prev_id = GETPOST("id");
-$socid = GETPOST("socid");
+$prev_id = GETPOST('id','int');
+$socid = GETPOST('socid','int');
$page = GETPOST("page");
$sortorder = ((GETPOST("sortorder")=="")) ? "DESC" : GETPOST("sortorder");
$sortfield = ((GETPOST("sortfield")=="")) ? "pl.fk_soc" : GETPOST("sortfield");
diff --git a/htdocs/compta/prelevement/liste.php b/htdocs/compta/prelevement/liste.php
index ba827ad3675f8c06582a9d4e1a8916d6c78dfd62..c27e09502d6bfd6fce8fa8038ee7eaa37874b73c 100644
--- a/htdocs/compta/prelevement/liste.php
+++ b/htdocs/compta/prelevement/liste.php
@@ -32,7 +32,7 @@ $langs->load("companies");
$langs->load("categories");
// Security check
-$socid = GETPOST("socid");
+$socid = GETPOST('socid','int');
if ($user->societe_id) $socid=$user->societe_id;
$result = restrictedArea($user, 'prelevement','','','bons');
diff --git a/htdocs/compta/prelevement/rejets.php b/htdocs/compta/prelevement/rejets.php
index 7a2faf26d59651af5dddb10669d7c4f3d2eafab5..2428cd8c016bc8dc5bf83addc1c1a3bdcacf0803 100644
--- a/htdocs/compta/prelevement/rejets.php
+++ b/htdocs/compta/prelevement/rejets.php
@@ -30,7 +30,7 @@ $langs->load("companies");
$langs->load("categories");
// Security check
-$socid = GETPOST("socid");
+$socid = GETPOST('socid','int');
if ($user->societe_id) $socid=$user->societe_id;
$result = restrictedArea($user, 'prelevement','','','bons');
diff --git a/htdocs/compta/prelevement/stats.php b/htdocs/compta/prelevement/stats.php
index 85b525d2917f83cc84e8534d59bba2a58c93f042..62ec73caa6429aff9e647bb02adbede6e5811f2a 100644
--- a/htdocs/compta/prelevement/stats.php
+++ b/htdocs/compta/prelevement/stats.php
@@ -31,7 +31,7 @@ $langs->load("companies");
$langs->load("categories");
// Security check
-$socid = GETPOST("socid");
+$socid = GETPOST('socid','int');
if ($user->societe_id) $socid=$user->societe_id;
$result = restrictedArea($user, 'prelevement','','','bons');
diff --git a/htdocs/compta/resultat/clientfourn.php b/htdocs/compta/resultat/clientfourn.php
index e023149849acfeed96d1813895c08ad747f5541f..4160071c1e4f0853242a9199b2d28654ac292480 100644
--- a/htdocs/compta/resultat/clientfourn.php
+++ b/htdocs/compta/resultat/clientfourn.php
@@ -33,7 +33,7 @@ require_once(DOL_DOCUMENT_ROOT."/core/lib/date.lib.php");
$langs->load("bills");
// Security check
-$socid = GETPOST("socid");
+$socid = GETPOST('socid','int');
if ($user->societe_id > 0) $socid = $user->societe_id;
if (!$user->rights->compta->resultat->lire && !$user->rights->accounting->comptarapport->lire) accessforbidden();
diff --git a/htdocs/compta/resultat/index.php b/htdocs/compta/resultat/index.php
index 5237142309c1f9e69b55c74cffea514c4d38d57b..928c74e24ce182ac2b5960bb775b66dbb2c5d836 100644
--- a/htdocs/compta/resultat/index.php
+++ b/htdocs/compta/resultat/index.php
@@ -38,7 +38,7 @@ else {
}
// Security check
-$socid = GETPOST('socid');
+$socid = GETPOST('socid','int');
if ($user->societe_id > 0) $socid = $user->societe_id;
if (!$user->rights->compta->resultat->lire && !$user->rights->accounting->comptarapport->lire)
accessforbidden();
diff --git a/htdocs/compta/sociales/charges.php b/htdocs/compta/sociales/charges.php
index 097571677f7eb18702f2180951073d1aed21293d..f9124c2edfd1b7e9163f23757aa153a7abe90a0e 100644
--- a/htdocs/compta/sociales/charges.php
+++ b/htdocs/compta/sociales/charges.php
@@ -30,11 +30,11 @@ require_once(DOL_DOCUMENT_ROOT."/core/lib/tax.lib.php");
$langs->load("compta");
$langs->load("bills");
-$id=GETPOST("id");
+$id=GETPOST('id','int');
$action=GETPOST("action");
// Security check
-$socid = GETPOST("socid");
+$socid = GETPOST('socid','int');
if ($user->societe_id) $socid=$user->societe_id;
$result = restrictedArea($user, 'tax', $langs->trans("SocialContribution"), '', 'charges');
diff --git a/htdocs/compta/sociales/document.php b/htdocs/compta/sociales/document.php
index 953d394896cc12d26404fbd76d15576b88e270d7..3261fab405a43e4353d47f3c6798cd51c87ab8ff 100644
--- a/htdocs/compta/sociales/document.php
+++ b/htdocs/compta/sociales/document.php
@@ -38,7 +38,7 @@ $langs->load("companies");
$langs->load("compta");
$langs->load("bills");
-$id = GETPOST("id");
+$id = GETPOST('id','int');
$action = GETPOST("action");
// Security check
diff --git a/htdocs/compta/sociales/info.php b/htdocs/compta/sociales/info.php
index fc1a30fc15eacad437556f9fa0e9f43e18d96d89..d48386bb623103fb304d63626e700e4ea38ea442 100644
--- a/htdocs/compta/sociales/info.php
+++ b/htdocs/compta/sociales/info.php
@@ -29,11 +29,11 @@ require_once(DOL_DOCUMENT_ROOT."/core/lib/functions2.lib.php");
$langs->load("compta");
$langs->load("bills");
-$id=GETPOST("id");
+$id=GETPOST('id','int');
$action=GETPOST("action");
// Security check
-$socid = GETPOST("socid");
+$socid = GETPOST('socid','int');
if ($user->societe_id) $socid=$user->societe_id;
$result = restrictedArea($user, 'tax', $langs->trans("SocialContribution"), '', 'charges');
diff --git a/htdocs/compta/stats/index.php b/htdocs/compta/stats/index.php
index 8d2ed89267ded50021697998da1ad4228b782d28..8fef71e5ff8e7664a813677372fcdc5bd31a5c49 100644
--- a/htdocs/compta/stats/index.php
+++ b/htdocs/compta/stats/index.php
@@ -37,8 +37,8 @@ else {
$year_end=$year_start + ($nbofyear-1);
}
-$userid=GETPOST('userid');
-$socid=GETPOST('socid');
+$userid=GETPOST('userid','int');
+$socid=GETPOST('socid','int');
// Security check
if ($user->societe_id > 0) $socid = $user->societe_id;
if (!$user->rights->compta->resultat->lire && !$user->rights->accounting->comptarapport->lire) accessforbidden();
diff --git a/htdocs/compta/tva/clients.php b/htdocs/compta/tva/clients.php
index be5ab8163ab672da90d7db891155dcc1d9b876ee..9aeb55fa505a116320c80661ae0bb3260536b25d 100644
--- a/htdocs/compta/tva/clients.php
+++ b/htdocs/compta/tva/clients.php
@@ -78,7 +78,7 @@ $modetax = $conf->global->TAX_MODE;
if (isset($_REQUEST["modetax"])) $modetax=$_REQUEST["modetax"];
// Security check
-$socid = GETPOST("socid");
+$socid = GETPOST('socid','int');
if ($user->societe_id) $socid=$user->societe_id;
$result = restrictedArea($user, 'tax', '', '', 'charges');
diff --git a/htdocs/compta/tva/quadri_detail.php b/htdocs/compta/tva/quadri_detail.php
index 62c3a1f052e77b3986bcc9de3c3c2afddbf0695b..7123e828c1de03579d823da11eff5e81cf0a315f 100644
--- a/htdocs/compta/tva/quadri_detail.php
+++ b/htdocs/compta/tva/quadri_detail.php
@@ -85,7 +85,7 @@ if (isset($_REQUEST["modetax"])) $modetax=$_REQUEST["modetax"];
if (empty($modetax)) $modetax=0;
// Security check
-$socid = GETPOST("socid");
+$socid = GETPOST('socid','int');
if ($user->societe_id) $socid=$user->societe_id;
$result = restrictedArea($user, 'tax', '', '', 'charges');
diff --git a/htdocs/contact/canvas/default/tpl/contactcard_edit.tpl.php b/htdocs/contact/canvas/default/tpl/contactcard_edit.tpl.php
index 43278ab3794d1a344293cd485010cbf417c86fe5..2ba3716dc6d8fd15875c6a93f36124d0dce4d1af 100644
--- a/htdocs/contact/canvas/default/tpl/contactcard_edit.tpl.php
+++ b/htdocs/contact/canvas/default/tpl/contactcard_edit.tpl.php
@@ -32,10 +32,10 @@ echo $this->control->tpl['ajax_selectcountry'];
<br>
-<form method="post" name="formsoc" action="<?php echo $_SERVER["PHP_SELF"].'?id='.GETPOST("id"); ?>">
+<form method="post" name="formsoc" action="<?php echo $_SERVER["PHP_SELF"].'?id='.GETPOST('id','int'); ?>">
<input type="hidden" name="token" value="<?php echo $_SESSION['newtoken']; ?>">
<input type="hidden" name="canvas" value="<?php echo $canvas ?>">
-<input type="hidden" name="id" value="<?php echo GETPOST("id"); ?>">
+<input type="hidden" name="id" value="<?php echo GETPOST('id','int'); ?>">
<input type="hidden" name="action" value="update">
<input type="hidden" name="contactid" value="<?php echo $this->control->tpl['id']; ?>">
<input type="hidden" name="old_name" value="<?php echo $this->control->tpl['name']; ?>">
diff --git a/htdocs/contact/fiche.php b/htdocs/contact/fiche.php
index bb6ff79a06df4e0442a73dfd42458e7e968cb078..6021767dbae74a12c2bb080d1e630d8c83ac06ac 100644
--- a/htdocs/contact/fiche.php
+++ b/htdocs/contact/fiche.php
@@ -390,7 +390,7 @@ else
}
else {
print '<tr><td>'.$langs->trans("Company").'</td><td colspan="3">';
- print $form->select_company(GETPOST("socid"),'socid','',1);
+ print $form->select_company(GETPOST('socid','int'),'socid','',1);
print '</td></tr>';
}
}
@@ -562,7 +562,7 @@ else
{
print '<tr><td>'.$langs->trans("Company").'</td>';
print '<td colspan="3">';
- print $form->select_company(GETPOST("socid")?GETPOST("socid"):($object->socid?$object->socid:-1),'socid','',1);
+ print $form->select_company(GETPOST('socid','int')?GETPOST('socid','int'):($object->socid?$object->socid:-1),'socid','',1);
print '</td>';
print '</tr>';
}
diff --git a/htdocs/contrat/contact.php b/htdocs/contrat/contact.php
index df9f6cc612617fac464f1dbcc689e799288d665f..158fe53da6c90bd4e2369268e52e3ca566cb6ae0 100644
--- a/htdocs/contrat/contact.php
+++ b/htdocs/contrat/contact.php
@@ -77,7 +77,7 @@ if ($_POST["action"] == 'addcontact' && $user->rights->contrat->creer)
if ($_GET["action"] == 'swapstatut' && $user->rights->contrat->creer)
{
$contrat = new Contrat($db);
- if ($contrat->fetch(GETPOST("id")))
+ if ($contrat->fetch(GETPOST('id','int')))
{
$result=$contrat->swapContactStatus(GETPOST('ligne'));
}
diff --git a/htdocs/contrat/fiche.php b/htdocs/contrat/fiche.php
index 769190bbae4d7aa799a225ffb20e8a65d2b96bba..0714edb72c2375735d858490f4e1a8f629d65604 100644
--- a/htdocs/contrat/fiche.php
+++ b/htdocs/contrat/fiche.php
@@ -41,8 +41,8 @@ $langs->load("bills");
$langs->load("products");
$action=GETPOST('action');
-$socid = GETPOST("socid");
-$contratid = GETPOST("id");
+$socid = GETPOST('socid','int');
+$contratid = GETPOST('id','int');
// Security check
if ($user->societe_id) $socid=$user->societe_id;
diff --git a/htdocs/contrat/services.php b/htdocs/contrat/services.php
index fdcf83dba1f39968ab3a9a8fd9e79d254e3d10b5..30e0e81a72c7eb92aa95f9e39fa948e6c6d2c576 100644
--- a/htdocs/contrat/services.php
+++ b/htdocs/contrat/services.php
@@ -48,10 +48,10 @@ $search_nom=GETPOST("search_nom");
$search_contract=GETPOST("search_contract");
$search_service=GETPOST("search_service");
$statut=isset($_GET["statut"])?$_GET["statut"]:1;
-$socid=GETPOST("socid");
+$socid=GETPOST('socid','int');
// Security check
-$contratid = GETPOST("id");
+$contratid = GETPOST('id','int');
if ($user->societe_id) $socid=$user->societe_id;
$result = restrictedArea($user, 'contrat',$contratid,'');
diff --git a/htdocs/ecm/index.php b/htdocs/ecm/index.php
index 712f51e2cda5ed86c86bb5b7211a843aa5640057..4258632f8c23e180d794d81b429573796a363e33 100644
--- a/htdocs/ecm/index.php
+++ b/htdocs/ecm/index.php
@@ -50,7 +50,7 @@ $result = restrictedArea($user, 'ecm', 0);
$user->getrights('ecm');
// Get parameters
-$socid=GETPOST('socid');
+$socid=GETPOST('socid','int');
$action=GETPOST("action");
$section=GETPOST("section");
$module=GETPOST("module");
diff --git a/htdocs/expedition/fiche.php b/htdocs/expedition/fiche.php
index ac06265df3fb01a13f3d29caa5b6881518d4f43a..40fb5917e890c763784d6345de163af4020c9ed9 100644
--- a/htdocs/expedition/fiche.php
+++ b/htdocs/expedition/fiche.php
@@ -50,7 +50,7 @@ $langs->load('other');
$langs->load('propal');
$origin = GETPOST("origin")?GETPOST("origin"):'expedition'; // Example: commande, propal
-$origin_id = GETPOST("id")?GETPOST("id"):'';
+$origin_id = GETPOST('id','int')?GETPOST('id','int'):'';
if (empty($origin_id)) $origin_id = GETPOST("origin_id"); // Id of order or propal
if (empty($origin_id)) $origin_id = GETPOST("object_id"); // Id of order or propal
$id = $origin_id;
diff --git a/htdocs/fichinter/apercu.php b/htdocs/fichinter/apercu.php
index 5d713eda2ca6a5254fa958d45c6b3a3d911ffce3..f338c0b5b0d89eeafd00e78b87965303d2d0c509 100644
--- a/htdocs/fichinter/apercu.php
+++ b/htdocs/fichinter/apercu.php
@@ -35,7 +35,7 @@ $langs->load('interventions');
// Security check
$socid=0;
-$id = GETPOST("id");
+$id = GETPOST('id','int');
$ref = GETPOST("ref");
if ($user->societe_id) $socid=$user->societe_id;
$result = restrictedArea($user, 'ficheinter', $id, 'fichinter');
diff --git a/htdocs/fichinter/contact.php b/htdocs/fichinter/contact.php
index 467e8683527ba0a3252afbf7687e1f6ccb8ca03c..74fa3b5b9a3a263fb426bbc685439a42a1e3251c 100644
--- a/htdocs/fichinter/contact.php
+++ b/htdocs/fichinter/contact.php
@@ -78,7 +78,7 @@ if ($_POST["action"] == 'addcontact' && $user->rights->ficheinter->creer)
if ($_GET["action"] == 'swapstatut' && $user->rights->ficheinter->creer)
{
$fichinter = new Fichinter($db);
- if ($fichinter->fetch(GETPOST("id")))
+ if ($fichinter->fetch(GETPOST('id','int')))
{
$result=$fichinter->swapContactStatus(GETPOST('ligne'));
}
diff --git a/htdocs/fichinter/document.php b/htdocs/fichinter/document.php
index be142263326ef2a966b36c556eea5261ce973593..23c1196a0887b28258f15e20769f1ac4307b7092 100644
--- a/htdocs/fichinter/document.php
+++ b/htdocs/fichinter/document.php
@@ -38,7 +38,7 @@ $langs->load("fichinter");
$langs->load("companies");
$langs->load("interventions");
-$id = GETPOST("id");
+$id = GETPOST('id','int');
$action = GETPOST("action");
// Security check
diff --git a/htdocs/fichinter/fiche.php b/htdocs/fichinter/fiche.php
index 40c42a2e81c86e9cf31914a71d2837920a3263ed..9f753db30600fe998f0c08b08e94a3e4097e0da1 100644
--- a/htdocs/fichinter/fiche.php
+++ b/htdocs/fichinter/fiche.php
@@ -43,9 +43,9 @@ if (! empty($conf->global->FICHEINTER_ADDON) && is_readable(DOL_DOCUMENT_ROOT ."
$langs->load("companies");
$langs->load("interventions");
-$id = GETPOST('id');
+$id = GETPOST('id','int');
$ref = GETPOST('ref');
-$socid = GETPOST('socid');
+$socid = GETPOST('socid','int');
$action = GETPOST("action");
$confirm = GETPOST("confirm");
$mesg = GETPOST("msg");
diff --git a/htdocs/fichinter/info.php b/htdocs/fichinter/info.php
index 05c74544d24ef7e01a130cec340dcd6da05e47df..1029880d487b0d0b8339b41915656d9bcc480ab7 100644
--- a/htdocs/fichinter/info.php
+++ b/htdocs/fichinter/info.php
@@ -31,7 +31,7 @@ require_once(DOL_DOCUMENT_ROOT."/core/lib/fichinter.lib.php");
$langs->load('companies');
$langs->load("interventions");
-$fichinterid = GETPOST("id");
+$fichinterid = GETPOST('id','int');
// Security check
if ($user->societe_id) $socid=$user->societe_id;
diff --git a/htdocs/fichinter/list.php b/htdocs/fichinter/list.php
index dfd0b4d39e55d474be347d70b87f8ba771922679..a693e261e6c556609a0fa68aec993efdab9fdb43 100755
--- a/htdocs/fichinter/list.php
+++ b/htdocs/fichinter/list.php
@@ -40,11 +40,11 @@ $offset = $conf->liste_limit * $page;
$pageprev = $page - 1;
$pagenext = $page + 1;
-$socid=GETPOST("socid");
+$socid=GETPOST('socid','int');
$page=GETPOST("page");
// Security check
-$fichinterid = GETPOST("id");
+$fichinterid = GETPOST('id','int');
if ($user->societe_id) $socid=$user->societe_id;
$result = restrictedArea($user, 'ficheinter', $fichinterid,'fichinter');
diff --git a/htdocs/fichinter/note.php b/htdocs/fichinter/note.php
index 2622e58c6f26374514a7d63a5baee6786379ce6d..891ffca903638c739c2b6b4bea65a3e3c02bf6f2 100644
--- a/htdocs/fichinter/note.php
+++ b/htdocs/fichinter/note.php
@@ -29,7 +29,7 @@ require_once(DOL_DOCUMENT_ROOT."/core/lib/fichinter.lib.php");
$langs->load('companies');
$langs->load("interventions");
-$fichinterid = GETPOST("id");
+$fichinterid = GETPOST('id','int');
$action=GETPOST("action");
// Security check
diff --git a/htdocs/fourn/commande/fiche.php b/htdocs/fourn/commande/fiche.php
index 5d18b8bbed24a2f5c92cce4845d475d60a9a0b4c..9a8d2d9f63758d843499b1fa4eccb51e892fe276 100644
--- a/htdocs/fourn/commande/fiche.php
+++ b/htdocs/fourn/commande/fiche.php
@@ -47,12 +47,12 @@ $langs->load('deliveries');
$langs->load('products');
$langs->load('stocks');
-$id = GETPOST("id");
+$id = GETPOST('id','int');
$ref = GETPOST("ref");
$action = GETPOST("action");
$confirm = GETPOST("confirm");
$comclientid = GETPOST("comid");
-$socid = GETPOST("socid");
+$socid = GETPOST('socid','int');
$projectid = GETPOST("projectid");
// Security check
diff --git a/htdocs/fourn/facture/contact.php b/htdocs/fourn/facture/contact.php
index c10bf7bca87a8ed80cd94c52116903a835e7833c..42993e32703d97dba87d221ac6626ce5247703db 100644
--- a/htdocs/fourn/facture/contact.php
+++ b/htdocs/fourn/facture/contact.php
@@ -80,7 +80,7 @@ if ($_POST["action"] == 'addcontact' && $user->rights->fournisseur->facture->cre
if ($_GET["action"] == 'swapstatut' && $user->rights->fournisseur->facture->creer)
{
$facture = new FactureFournisseur($db);
- if ($facture->fetch(GETPOST("facid")))
+ if ($facture->fetch(GETPOST('facid','int')))
{
$result=$facture->swapContactStatus(GETPOST('ligne'));
}
diff --git a/htdocs/fourn/facture/document.php b/htdocs/fourn/facture/document.php
index 5a934218c9f01fcae59e9e130a0b0d0c1438e1c7..f007070618c1727652e4dc7bf95e4ffb9b48230e 100644
--- a/htdocs/fourn/facture/document.php
+++ b/htdocs/fourn/facture/document.php
@@ -35,7 +35,7 @@ $langs->load('bills');
$langs->load('other');
$langs->load("companies");
-$facid = GETPOST("facid")?GETPOST("facid"):GETPOST("id");
+$facid = GETPOST('facid','int')?GETPOST('facid','int'):GETPOST('id','int');
$action=empty($_GET['action']) ? (empty($_POST['action']) ? '' : $_POST['action']) : $_GET['action'];
// Security check
diff --git a/htdocs/fourn/facture/fiche.php b/htdocs/fourn/facture/fiche.php
index afae39f9309ad626519cf3e200b7b0c05ee46f87..ec0ca5d6ec40f130bb869ee8f27d8ff1230f1355 100644
--- a/htdocs/fourn/facture/fiche.php
+++ b/htdocs/fourn/facture/fiche.php
@@ -42,7 +42,7 @@ $langs->load('suppliers');
$langs->load('companies');
$mesg='';
-$id = (GETPOST("facid") ? GETPOST("facid") : GETPOST("id"));
+$id = (GETPOST('facid','int') ? GETPOST('facid','int') : GETPOST('id','int'));
$action = GETPOST("action");
$confirm = GETPOST("confirm");
diff --git a/htdocs/fourn/facture/index.php b/htdocs/fourn/facture/index.php
index 372534d9bc050191d0330affab2178b1da3906c0..eabafefda14408ff9c558f6ae7967b8a2c454c88 100644
--- a/htdocs/fourn/facture/index.php
+++ b/htdocs/fourn/facture/index.php
@@ -34,7 +34,7 @@ if (!$user->rights->fournisseur->facture->lire) accessforbidden();
$langs->load("companies");
$langs->load("bills");
-$socid = GETPOST("socid");
+$socid = GETPOST('socid','int');
// Security check
if ($user->societe_id > 0)
diff --git a/htdocs/fourn/facture/note.php b/htdocs/fourn/facture/note.php
index 98b73a767f604f37da4b23e3a8f8074867c9da08..7522b527fdb73675e226211b024a00bf85a45c30 100644
--- a/htdocs/fourn/facture/note.php
+++ b/htdocs/fourn/facture/note.php
@@ -31,7 +31,7 @@ require_once(DOL_DOCUMENT_ROOT.'/fourn/class/fournisseur.facture.class.php');
$langs->load('bills');
$langs->load("companies");
-$facid = GETPOST("facid")?GETPOST("facid"):GETPOST('id');
+$facid = GETPOST('facid','int')?GETPOST('facid','int'):GETPOST('id','int');
$action = GETPOST('action');
// Security check
diff --git a/htdocs/fourn/facture/paiement.php b/htdocs/fourn/facture/paiement.php
index e36158bfa00d476b8608f5665115b21426fab41e..1024a16c8f9b6468ea8792e9d26acd09ce7e5669 100644
--- a/htdocs/fourn/facture/paiement.php
+++ b/htdocs/fourn/facture/paiement.php
@@ -34,7 +34,7 @@ $langs->load('companies');
$langs->load('bills');
$langs->load('banks');
-$facid=GETPOST('facid');
+$facid=GETPOST('facid','int');
$action=GETPOST('action');
$socid=GETPOST('socid','int');
diff --git a/htdocs/fourn/fiche.php b/htdocs/fourn/fiche.php
index 7741ddfc42f4e7fb0d67238426f95e3dbd93456b..abf566aab2234bf147e58cc2ffaa8dfb7204cefc 100644
--- a/htdocs/fourn/fiche.php
+++ b/htdocs/fourn/fiche.php
@@ -42,7 +42,7 @@ $langs->load('commercial');
$action = GETPOST('action');
// Security check
-$id = (GETPOST("socid") ? GETPOST("socid") : GETPOST("id"));
+$id = (GETPOST('socid','int') ? GETPOST('socid','int') : GETPOST('id','int'));
if ($user->societe_id) $id=$user->societe_id;
$result = restrictedArea($user, 'societe&fournisseur', $id, '');
diff --git a/htdocs/fourn/liste.php b/htdocs/fourn/liste.php
index 71da3a75c5be4cd2c8703a560c1f9d56e2d6ecf3..c8fdfb40d834ca127b7219ecb43bd9b9b5657d43 100644
--- a/htdocs/fourn/liste.php
+++ b/htdocs/fourn/liste.php
@@ -39,7 +39,7 @@ $search_compta_fournisseur = GETPOST("search_compta_fournisseur");
$search_datec = GETPOST("search_datec");
// Security check
-$socid = GETPOST('socid');
+$socid = GETPOST('socid','int');
if ($user->societe_id) $socid=$user->societe_id;
$result = restrictedArea($user,'societe',$socid,'');
diff --git a/htdocs/product/fiche.php b/htdocs/product/fiche.php
index a81069d21ddf6034f57b199a5f6c153c9e7c69a9..5f5e5074e7faad5246f49fa1e85597f9fa5c2d50 100644
--- a/htdocs/product/fiche.php
+++ b/htdocs/product/fiche.php
@@ -49,7 +49,7 @@ $id = GETPOST('id', 'int');
$ref = GETPOST('ref', 'alpha');
$action=(GETPOST('action') ? GETPOST('action') : 'view');
$confirm=GETPOST('confirm');
-$socid=GETPOST("socid");
+$socid=GETPOST('socid','int');
if ($user->societe_id) $socid=$user->societe_id;
$object = new Product($db);
diff --git a/htdocs/product/stats/fiche.php b/htdocs/product/stats/fiche.php
index c567b87656199cf3f6b9e00a902c5700639452d1..8c0752d0c7c22e55fd0109f966fcd33117082809 100644
--- a/htdocs/product/stats/fiche.php
+++ b/htdocs/product/stats/fiche.php
@@ -34,7 +34,7 @@ $langs->load("products");
$langs->load("bills");
$langs->load("other");
-$id = GETPOST('id');
+$id = GETPOST('id','int');
$ref = GETPOST('ref');
$mode = (GETPOST('mode') ? GETPOST('mode') : 'byunit');
$error = 0;
diff --git a/htdocs/projet/activity/list.php b/htdocs/projet/activity/list.php
index 254beb16949f1f9c61f8929527dccaa80c3c229c..fc876fcc7a50587a6fc9fbe62ed12b058775825e 100644
--- a/htdocs/projet/activity/list.php
+++ b/htdocs/projet/activity/list.php
@@ -34,7 +34,7 @@ $langs->load('projects');
$action=GETPOST('action');
$mode=GETPOST("mode");
-$id=GETPOST('id');
+$id=GETPOST('id','int');
$mine=0;
if ($mode == 'mine') $mine=1;
diff --git a/htdocs/projet/contact.php b/htdocs/projet/contact.php
index 2a218703394642144ad1f58ce93a983eeca839d2..d7f501e0a0f24aca1e8bfe2be8000afd1ea30c4b 100644
--- a/htdocs/projet/contact.php
+++ b/htdocs/projet/contact.php
@@ -30,7 +30,7 @@ require_once(DOL_DOCUMENT_ROOT.'/core/class/html.formcompany.class.php');
$langs->load("projects");
$langs->load("companies");
-$id = GETPOST('id');
+$id = GETPOST('id','int');
$ref= GETPOST('ref');
$mine = $_REQUEST['mode']=='mine' ? 1 : 0;
diff --git a/htdocs/projet/document.php b/htdocs/projet/document.php
index 9d2fc5cbaff5650438b2c15e0af6c9cdbf8476a6..5bf9971b9d703a832e49f4b3b080f02df1777f13 100644
--- a/htdocs/projet/document.php
+++ b/htdocs/projet/document.php
@@ -33,7 +33,7 @@ $langs->load('other');
$action=GETPOST('action');
$mine = $_REQUEST['mode']=='mine' ? 1 : 0;
//if (! $user->rights->projet->all->lire) $mine=1; // Special for projects
-$id = GETPOST('id');
+$id = GETPOST('id','int');
$ref= GETPOST('ref');
// Security check
diff --git a/htdocs/projet/fiche.php b/htdocs/projet/fiche.php
index 371028f02fd45e6a1e64390cd7a87052c55b6277..d93a6462db694540e41d59e947285b56da9bce18 100644
--- a/htdocs/projet/fiche.php
+++ b/htdocs/projet/fiche.php
@@ -302,7 +302,7 @@ if ($action == 'create' && $user->rights->projet->creer)
// Customer
print '<tr><td>'.$langs->trans("ThirdParty").'</td><td>';
- $text=$form->select_company(GETPOST("socid"),'socid','',1,1);
+ $text=$form->select_company(GETPOST('socid','int'),'socid','',1,1);
$texthelp=$langs->trans("IfNeedToUseOhterObjectKeepEmpty");
print $form->textwithtooltip($text.' '.img_help(),$texthelp,1);
print '</td></tr>';
diff --git a/htdocs/projet/ganttview.php b/htdocs/projet/ganttview.php
index b22deee7ff74de7fa1f41dda72c9dc29004b455d..bd759d27bbeb2e9d736bfba662d892a44da13057 100644
--- a/htdocs/projet/ganttview.php
+++ b/htdocs/projet/ganttview.php
@@ -30,7 +30,7 @@ require_once(DOL_DOCUMENT_ROOT."/core/lib/project.lib.php");
require_once(DOL_DOCUMENT_ROOT."/core/lib/date.lib.php");
require_once(DOL_DOCUMENT_ROOT."/core/class/html.formother.class.php");
-$id=GETPOST('id');
+$id=GETPOST('id','int');
$ref=GETPOST('ref');
$mine = $_REQUEST['mode']=='mine' ? 1 : 0;
//if (! $user->rights->projet->all->lire) $mine=1; // Special for projects
diff --git a/htdocs/projet/note.php b/htdocs/projet/note.php
index dc7a81e7774fe144fffeca32080ccee545c5a031..51493df8346519311a4989bd2283dd50c5fe4be2 100644
--- a/htdocs/projet/note.php
+++ b/htdocs/projet/note.php
@@ -28,7 +28,7 @@ require_once(DOL_DOCUMENT_ROOT."/core/lib/project.lib.php");
$langs->load('projects');
$action=GETPOST('action');
-$id = GETPOST('id');
+$id = GETPOST('id','int');
$ref= GETPOST('ref');
$mine = $_REQUEST['mode']=='mine' ? 1 : 0;
diff --git a/htdocs/projet/tasks/contact.php b/htdocs/projet/tasks/contact.php
index bf1cd5ae804bacd74b9297ac11ce5f2a28bd7636..0e745f928caf24295a8bcce4c9fd3fbd8d150488 100644
--- a/htdocs/projet/tasks/contact.php
+++ b/htdocs/projet/tasks/contact.php
@@ -34,7 +34,7 @@ $langs->load("projects");
$langs->load("companies");
$taskid = isset($_GET["id"])?$_GET["id"]:'';
-$id = GETPOST('id');
+$id = GETPOST('id','int');
$ref= GETPOST('ref');
$action=GETPOST('action');
$withproject=GETPOST('withproject');
diff --git a/htdocs/projet/tasks/document.php b/htdocs/projet/tasks/document.php
index 3b8b260d9ee5961ed4e0377bb022b6566613bb4b..bb5fd6366652d27550477e1600b5c41c8726e88d 100644
--- a/htdocs/projet/tasks/document.php
+++ b/htdocs/projet/tasks/document.php
@@ -35,7 +35,7 @@ $langs->load('other');
$action=GETPOST('action');
$mine = $_REQUEST['mode']=='mine' ? 1 : 0;
//if (! $user->rights->projet->all->lire) $mine=1; // Special for projects
-$id = GETPOST('id');
+$id = GETPOST('id','int');
$ref= GETPOST('ref');
$withproject=GETPOST('withproject');
diff --git a/htdocs/projet/tasks/index.php b/htdocs/projet/tasks/index.php
index 406eae738a5b69baced44a96712c6eb041cd38c0..94bb854e933835faecfd193c326f4795b9bc69ab 100644
--- a/htdocs/projet/tasks/index.php
+++ b/htdocs/projet/tasks/index.php
@@ -32,7 +32,7 @@ require_once(DOL_DOCUMENT_ROOT."/core/lib/date.lib.php");
$langs->load('projects');
$langs->load('users');
-$id=GETPOST('id');
+$id=GETPOST('id','int');
// Security check
$socid=0;
diff --git a/htdocs/projet/tasks/note.php b/htdocs/projet/tasks/note.php
index 2fb8e0c9bdfcaee0dbc6209d5e11ce952f7db62e..b22351ac2bd72662db20d96c7a773e06c5a0796b 100644
--- a/htdocs/projet/tasks/note.php
+++ b/htdocs/projet/tasks/note.php
@@ -31,7 +31,7 @@ $langs->load('projects');
$action=GETPOST('action');
$mine = $_REQUEST['mode']=='mine' ? 1 : 0;
//if (! $user->rights->projet->all->lire) $mine=1; // Special for projects
-$id = GETPOST('id');
+$id = GETPOST('id','int');
$ref= GETPOST('ref');
$withproject=GETPOST('withproject');
diff --git a/htdocs/projet/tasks/task.php b/htdocs/projet/tasks/task.php
index 821ff229059c66ab68d08a86c70690a8467a37b8..5903649c5e559c4f127ffeb0225b5f107fb04c29 100644
--- a/htdocs/projet/tasks/task.php
+++ b/htdocs/projet/tasks/task.php
@@ -29,9 +29,9 @@ require_once(DOL_DOCUMENT_ROOT."/projet/class/task.class.php");
require_once(DOL_DOCUMENT_ROOT."/core/lib/project.lib.php");
require_once(DOL_DOCUMENT_ROOT."/core/class/html.formother.class.php");
-$taskid = GETPOST("id");
+$taskid = GETPOST('id','int');
$taskref = GETPOST("ref");
-$id = GETPOST('id');
+$id = GETPOST('id','int');
$ref= GETPOST('ref');
$action=GETPOST('action');
$withproject=GETPOST('withproject');
diff --git a/htdocs/projet/tasks/time.php b/htdocs/projet/tasks/time.php
index bed27babac478a654808c008b8cc9164ed5a2ba9..ac6bda48e223c2f52025ed3dc4c7004165763b1e 100644
--- a/htdocs/projet/tasks/time.php
+++ b/htdocs/projet/tasks/time.php
@@ -33,7 +33,7 @@ require_once(DOL_DOCUMENT_ROOT."/core/lib/date.lib.php");
$langs->load('projects');
$taskid = isset($_GET["id"])?$_GET["id"]:'';
-$id = GETPOST('id');
+$id = GETPOST('id','int');
$ref= GETPOST('ref');
$action=GETPOST('action');
$withproject=GETPOST('withproject');
diff --git a/htdocs/societe/agenda.php b/htdocs/societe/agenda.php
index 330cff56858a28cbf8a9bb0196bbce4e276b9a28..3c033a9f80ea373feabfb29a2cb69db19fdc23cc 100644
--- a/htdocs/societe/agenda.php
+++ b/htdocs/societe/agenda.php
@@ -35,7 +35,7 @@ $langs->load("companies");
$mesg=isset($_GET["mesg"])?'<div class="ok">'.$_GET["mesg"].'</div>':'';
// Security check
-$socid = GETPOST("socid");
+$socid = GETPOST('socid','int');
if ($user->societe_id) $socid=$user->societe_id;
$result = restrictedArea($user, 'societe', $socid);
diff --git a/htdocs/societe/ajaxcompanies.php b/htdocs/societe/ajaxcompanies.php
index 1127542dc7880a78a744f530ccd25c35802b90f3..49b49988eafaed4aed9c0300f9a77a2f5c9ac4cd 100644
--- a/htdocs/societe/ajaxcompanies.php
+++ b/htdocs/societe/ajaxcompanies.php
@@ -50,7 +50,7 @@ dol_syslog(join(',',$_GET));
// Generation liste des societes
-if (GETPOST('newcompany') || GETPOST('socid') || GETPOST('id_fourn'))
+if (GETPOST('newcompany') || GETPOST('socid','int') || GETPOST('id_fourn'))
{
$return_arr = array();
diff --git a/htdocs/societe/document.php b/htdocs/societe/document.php
index fe2ec2a24f72a3d8bf52d7ae19592463f70bd519..792ef0e99cc56005387adfba0c8a8f4d51f98996 100644
--- a/htdocs/societe/document.php
+++ b/htdocs/societe/document.php
@@ -37,7 +37,7 @@ $mesg='';
$action = GETPOST('action');
$confirm = GETPOST('confirm');
-$socid = (GETPOST('socid') ? GETPOST('socid') : GETPOST('id'));
+$socid = (GETPOST('socid','int') ? GETPOST('socid','int') : GETPOST('id','int'));
// Security check
if ($user->societe_id > 0)
diff --git a/htdocs/societe/lien.php b/htdocs/societe/lien.php
index 6ae5d7fb4dca40d1b5a0b135fae67f0b399ef10f..a8d80f2f84a601bc7911d08f0af95b122d61308b 100644
--- a/htdocs/societe/lien.php
+++ b/htdocs/societe/lien.php
@@ -33,7 +33,7 @@ $langs->load("suppliers");
$langs->load("banks");
// Security check
-$socid = GETPOST("socid");
+$socid = GETPOST('socid','int');
if ($user->societe_id) $socid=$user->societe_id;
$result = restrictedArea($user, 'societe','','');
diff --git a/htdocs/societe/soc.php b/htdocs/societe/soc.php
index 4ebe1a4aeb3a5e5d0f85271ca0e6a0077a8cc434..6145155fafa1ef26e67e7a257fdfab40df6b5ab3 100644
--- a/htdocs/societe/soc.php
+++ b/htdocs/societe/soc.php
@@ -49,7 +49,7 @@ $mesg=''; $error=0; $errors=array();
$action = (GETPOST('action') ? GETPOST('action') : 'view');
$confirm = GETPOST('confirm');
-$socid = GETPOST("socid");
+$socid = GETPOST('socid','int');
if ($user->societe_id) $socid=$user->societe_id;
$object = new Societe($db);
diff --git a/htdocs/societe/societe.php b/htdocs/societe/societe.php
index 99f456cdd73b7617c5cb97ac9f41c7973988283e..2403a204c02fff6852527ab8d3c6490b7ecbfff8 100644
--- a/htdocs/societe/societe.php
+++ b/htdocs/societe/societe.php
@@ -32,7 +32,7 @@ $langs->load("customers");
$langs->load("suppliers");
// Security check
-$socid = GETPOST("socid");
+$socid = GETPOST('socid','int');
if ($user->societe_id) $socid=$user->societe_id;
$result = restrictedArea($user,'societe',$socid,'');
diff --git a/htdocs/user/group/perms.php b/htdocs/user/group/perms.php
index 9b367e7aeb40565f3dd007bf694898ed92d26bff..175f005646a139e9ef775ec66890a9cb9a3f58b9 100644
--- a/htdocs/user/group/perms.php
+++ b/htdocs/user/group/perms.php
@@ -30,7 +30,7 @@ require_once(DOL_DOCUMENT_ROOT."/core/lib/usergroups.lib.php");
$langs->load("users");
-$id=GETPOST("id");
+$id=GETPOST('id','int');
$action=GETPOST("action");
$confirm=GETPOST("confirm");
$module=GETPOST("module");
diff --git a/test/phpunit/SecurityTest.php b/test/phpunit/SecurityTest.php
index f4deb98b7a3024b782c6ab7aefdea72b61485bc0..ef231baa4649617aa34f6a888d4f47a5a49cfb31 100755
--- a/test/phpunit/SecurityTest.php
+++ b/test/phpunit/SecurityTest.php
@@ -145,7 +145,7 @@ class SecurityTest extends PHPUnit_Framework_TestCase
$_GET["param2"]='a/b#e(pr)qq-rr\cc';
$_GET["param3"]='"a/b#e(pr)qq-rr\cc'; // Same than param2 + "
- $result=GETPOST("id"); // Must return nothing
+ $result=GETPOST('id','int'); // Must return nothing
print __METHOD__." result=".$result."\n";
$this->assertEquals($result,'');