Fix: ajout d'un jeton aléatoire dans les requetes POST

htdocs/admin/tools/dolibarr_export.php

@@ -66,7 +66,7 @@ if ($_GET["msg"])
 
 <!-- Dump of a server -->
 <form method="post" action="export.php" name="dump">
-<input type="hidden" name="token" value="<?php echo $_SESSION['newtoken'] ?>" />
+<input type="hidden" name="token" value="<?php echo $_SESSION['newtoken']; ?>" />
 
 <input type="hidden" name="export_type" value="server" />
 

htdocs/cashdesk/index.php

@@ -63,25 +63,22 @@ if ( $_SESSION['uid'] > 0 ) {
 <div class="principal_login">
 <fieldset class="cadre_facturation"><legend class="titre1">Identification</legend>
 <form class="formulaire_login" id="frmLogin" method="post" action="index_verif.php">
-	<input type="hidden" name="token" value="<?php echo $_SESSION['newtoken'] ?>" />
+	<input type="hidden" name="token" value="<?php echo $_SESSION['newtoken']; ?>" />
 
 <table>
 
 	<tr>
 		<td class="label1">Nom d'utilisateur</td>
-		<td><input name="txtUsername" class="texte_login" type="text"
-			value="<?php echo $_GET['user']; ?>" /></td>
+		<td><input name="txtUsername" class="texte_login" type="text"	value="<?php echo $_GET['user']; ?>" /></td>
 	</tr>
 	<tr>
 		<td class="label1">Mot de passe</td>
-		<td><input name="pwdPassword" class="texte_login" type="password"
-			value="" /></td>
+		<td><input name="pwdPassword" class="texte_login" type="password"	value="" /></td>
 	</tr>
 
 </table>
 
-<span class="bouton_login"><input name="sbmtConnexion" type="submit"
-	value="Connexion" /></span>
+<span class="bouton_login"><input name="sbmtConnexion" type="submit" value="Connexion" /></span>
 
 </form>
 </fieldset>

htdocs/cashdesk/templates/facturation1.tpl.php

@@ -20,6 +20,7 @@ Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
 <!-- ========================= Cadre "Article" ============================= -->
 <fieldset class="cadre_facturation"><legend class="titre1">Article</legend>
 	<form id="frmFacturation" class="formulaire1" method="post" action="facturation_verif.php">
+		<input type="hidden" name="token" value="<?php echo $_SESSION['newtoken']; ?>" />
 
 		<input type="hidden" name="hdnSource" value="NULL" />
 
@@ -103,6 +104,7 @@ Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
 	</form>
 
 	<form id="frmQte" class="formulaire1" method="post" action="facturation_verif.php?action=ajout_article" onsubmit ="javascript: return verifSaisie();">
+		<input type="hidden" name="token" value="<?php echo $_SESSION['newtoken']; ?>" />
 		<table>
 			<tr><th class="label1">Quantit</th><th class="label1">Stock</th><th class="label1">Prix unitaire</th><th></th><th class="label1">Taux TVA</th><th class="label1">Remise (%)</th><th class="label1">Prix total</th></tr>
 			<tr>
@@ -145,6 +147,7 @@ Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
 
 <!-- ========================= Cadre "Diffrence" ============================= -->
 <form id="frmDifference"  class="formulaire1" method="post" onsubmit="javascript: return verifReglement()" action="validation_verif.php?action=valide_achat">
+	<input type="hidden" name="token" value="<?php echo $_SESSION['newtoken']; ?>" />
 <fieldset class="cadre_facturation"><legend class="titre1">Diffrence</legend>
 		<table>
 			<tr><th class="label1">Montant d</th><th class="label1">Encaiss</th><th class="label1">Rendu</th></tr>

htdocs/cashdesk/templates/validation1.tpl.php

@@ -62,6 +62,7 @@ Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
 	</table>
 
 	<form id="frmValidation" class="formulaire2" method="post" action="validation_verif.php?action=valide_facture">
+		<input type="hidden" name="token" value="<?php echo $_SESSION['newtoken']; ?>" />
 
 		<p class="note_label">Notes<br /><textarea class="textarea_note" name="txtaNotes"></textarea></p>