From 1a860c42eed3f8bb4fe7849ec3dd3cbbb79276e6 Mon Sep 17 00:00:00 2001
From: Laurent Destailleur <eldy@destailleur.fr>
Date: Tue, 27 Jun 2017 16:42:11 +0200
Subject: [PATCH] Look and feel v6

---
 htdocs/core/actions_dellink.inc.php   | 6 +++---
 htdocs/core/actions_sendmails.inc.php | 4 ++--
 htdocs/core/lib/functions.lib.php     | 2 +-
 3 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/htdocs/core/actions_dellink.inc.php b/htdocs/core/actions_dellink.inc.php
index 63218dde739..7d20f124277 100644
--- a/htdocs/core/actions_dellink.inc.php
+++ b/htdocs/core/actions_dellink.inc.php
@@ -30,15 +30,15 @@ $dellinkid = GETPOST('dellinkid','int');
 $addlinkid = GETPOST('idtolinkto','int');
 
 // Link invoice to order
-if ($action == 'addlink' && ! empty($permissiondellink) && ! GETPOST('cancel') && $id > 0 && $addlinkid > 0)
+if ($action == 'addlink' && ! empty($permissiondellink) && ! GETPOST('cancel','alpha') && $id > 0 && $addlinkid > 0)
 {
     $object->fetch($id);
     $object->fetch_thirdparty();
-    $result = $object->add_object_linked(GETPOST('addlink'), $addlinkid);
+    $result = $object->add_object_linked(GETPOST('addlink','alpha'), $addlinkid);
 }
 
 // Delete link
-if ($action == 'dellink' && ! empty($permissiondellink) && ! GETPOST('cancel') && $dellinkid > 0)
+if ($action == 'dellink' && ! empty($permissiondellink) && ! GETPOST('cancel','alpha') && $dellinkid > 0)
 {
 	$result=$object->deleteObjectLinked(0, '', 0, '', $dellinkid);
 	if ($result < 0) setEventMessages($object->error,$object->errors,'errors');
diff --git a/htdocs/core/actions_sendmails.inc.php b/htdocs/core/actions_sendmails.inc.php
index 786c1c0db9d..a796a94c68c 100644
--- a/htdocs/core/actions_sendmails.inc.php
+++ b/htdocs/core/actions_sendmails.inc.php
@@ -32,7 +32,7 @@
 /*
  * Add file in email form
  */
-if (GETPOST('addfile'))
+if (GETPOST('addfile','alpha'))
 {
 	$trackid = GETPOST('trackid','aZ09');
 
@@ -68,7 +68,7 @@ if (! empty($_POST['removedfile']) && empty($_POST['removAll']))
 /*
  * Remove all files in email form
  */
-if (GETPOST('removAll'))
+if (GETPOST('removAll','alpha'))
 {
 	$trackid = GETPOST('trackid','aZ09');
 
diff --git a/htdocs/core/lib/functions.lib.php b/htdocs/core/lib/functions.lib.php
index 4629324dc84..c598e6be4dd 100644
--- a/htdocs/core/lib/functions.lib.php
+++ b/htdocs/core/lib/functions.lib.php
@@ -245,7 +245,7 @@ function dol_shutdown()
  *  @param	string	$check	     Type of check
  *                                  ''=no check (deprecated)
  *                                  'none'=no check (only for param that should have very rich content)
- *                                  'int'=check it's numeric
+ *                                  'int'=check it's numeric (integer or float)
  *                                  'alpha'=check it's text and sign
  *                                  'aZ'=check it's a-z only
  *                                  'aZ09'=check it's simple alpha string (recommended for keys)
-- 
GitLab