diff --git a/htdocs/core/class/commonobject.class.php b/htdocs/core/class/commonobject.class.php
index 49dd62acfd6296032d423fd16e9c0d083a723b37..bdffb1fc708f1d491cb6884bdaaefce1de13f697 100644
--- a/htdocs/core/class/commonobject.class.php
+++ b/htdocs/core/class/commonobject.class.php
@@ -2083,7 +2083,7 @@ abstract class CommonObject
foreach ($tab as $key => $value)
{
- //Test fetch_array ! is_int($key) because fetch_array seult is a mix table with Key as alpha and Key as int (depend db engine)
+ // Test fetch_array ! is_int($key) because fetch_array seult is a mix table with Key as alpha and Key as int (depend db engine)
if ($key != 'rowid' && $key != 'tms' && $key != 'fk_member' && ! is_int($key))
{
// we can add this attribute to adherent object
diff --git a/htdocs/core/class/fileupload.class.php b/htdocs/core/class/fileupload.class.php
index 910ad55e0a0eaac8cfe4ef38670e7ba089c4f683..ed091e74c8360beee144e94bc12da43ff91f0f75 100644
--- a/htdocs/core/class/fileupload.class.php
+++ b/htdocs/core/class/fileupload.class.php
@@ -329,14 +329,14 @@ class FileUpload
$file->error = 'minFileSize';
return false;
}
- if (is_int($this->options['max_number_of_files']) && (
+ if (is_numeric($this->options['max_number_of_files']) && (
count($this->getFileObjects()) >= $this->options['max_number_of_files'])
) {
$file->error = 'maxNumberOfFiles';
return false;
}
list($img_width, $img_height) = @getimagesize($uploaded_file);
- if (is_int($img_width)) {
+ if (is_numeric($img_width)) {
if ($this->options['max_width'] && $img_width > $this->options['max_width'] ||
$this->options['max_height'] && $img_height > $this->options['max_height']) {
$file->error = 'maxResolution';
diff --git a/htdocs/core/class/html.form.class.php b/htdocs/core/class/html.form.class.php
index 3d175f49770cc96b0db31fd07b3e952c12b27ef1..43148045e811be3375ce417efd368944d9d55952 100644
--- a/htdocs/core/class/html.form.class.php
+++ b/htdocs/core/class/html.form.class.php
@@ -2614,7 +2614,7 @@ class Form
$autoOpen=true;
$dialogconfirm='dialog-confirm';
$button='';
- if (! is_int($useajax))
+ if (! is_numeric($useajax))
{
$button=$useajax;
$useajax=1;
@@ -3469,7 +3469,7 @@ class Form
if($m == '') $m=0;
if($empty == '') $empty=0;
- if ($set_time === '' && $empty == 0)
+ if ($set_time === '' && $empty == 0)
{
include_once DOL_DOCUMENT_ROOT.'/core/lib/date.lib.php';
$set_time = dol_now('tzuser')-(getServerTimeZoneInt('now')*3600); // set_time must be relative to PHP server timezone
diff --git a/htdocs/master.inc.php b/htdocs/master.inc.php
index da7642e8df4a6cafc9df8b7d47460318b8846834..d97656a1131d9b1d9695f789131088a5bc79045a 100644
--- a/htdocs/master.inc.php
+++ b/htdocs/master.inc.php
@@ -160,19 +160,22 @@ if (! defined('NOREQUIREDB'))
{
$conf->entity = GETPOST("entity",'int');
}
- else if (defined('DOLENTITY') && is_int(DOLENTITY)) // For public page with MultiCompany module
+ else if (defined('DOLENTITY') && is_numeric(DOLENTITY)) // For public page with MultiCompany module
{
$conf->entity = DOLENTITY;
}
- else if (!empty($_COOKIE['DOLENTITY'])) // For other application with MultiCompany module
+ else if (!empty($_COOKIE['DOLENTITY'])) // For other application with MultiCompany module (TODO: We should remove this. entity to use should never be stored into client side)
{
$conf->entity = $_COOKIE['DOLENTITY'];
}
- else if (! empty($conf->multicompany->force_entity) && is_int($conf->multicompany->force_entity)) // To force entity in login page
+ else if (! empty($conf->multicompany->force_entity) && is_numeric($conf->multicompany->force_entity)) // To force entity in login page
{
$conf->entity = $conf->multicompany->force_entity;
}
+ // Sanitize entity
+ if (! is_numeric($conf->entity)) $conf->entity=1;
+
//print "Will work with data into entity instance number '".$conf->entity."'";
// Here we read database (llx_const table) and define $conf->global->XXX var.
diff --git a/htdocs/public/members/new.php b/htdocs/public/members/new.php
index 34a96f7bcb649990ac02d1076848426c9303b688..33dee38626e85071a6304cf260211ec9f36b47f7 100644
--- a/htdocs/public/members/new.php
+++ b/htdocs/public/members/new.php
@@ -38,11 +38,11 @@
define("NOLOGIN",1); // This means this output page does not require to be logged.
define("NOCSRFCHECK",1); // We accept to go on this page from external web site.
-// For MultiCompany module.
+// For MultiCompany module.
// Do not use GETPOST here, function is not defined and define must be done before including main.inc.php
// TODO This should be useless. Because entity must be retreive from object ref and not from url.
$entity=(! empty($_GET['entity']) ? (int) $_GET['entity'] : (! empty($_POST['entity']) ? (int) $_POST['entity'] : 1));
-if (is_int($entity)) define("DOLENTITY", $entity);
+if (is_numeric($entity)) define("DOLENTITY", $entity);
require '../../main.inc.php';
require_once DOL_DOCUMENT_ROOT.'/adherents/class/adherent.class.php';
diff --git a/htdocs/public/members/public_card.php b/htdocs/public/members/public_card.php
index 2a9b346554362a0b62055327a8a990ae42add3bd..aa16450865094fd3a046f0104fac2e09cfa4b256 100644
--- a/htdocs/public/members/public_card.php
+++ b/htdocs/public/members/public_card.php
@@ -27,11 +27,11 @@
define("NOLOGIN",1); // This means this output page does not require to be logged.
define("NOCSRFCHECK",1); // We accept to go on this page from external web site.
-// For MultiCompany module.
+// For MultiCompany module.
// Do not use GETPOST here, function is not defined and define must be done before including main.inc.php
// TODO This should be useless. Because entity must be retreive from object ref and not from url.
$entity=(! empty($_GET['entity']) ? (int) $_GET['entity'] : (! empty($_POST['entity']) ? (int) $_POST['entity'] : 1));
-if (is_int($entity)) define("DOLENTITY", $entity);
+if (is_numeric($entity)) define("DOLENTITY", $entity);
require '../../main.inc.php';
require_once DOL_DOCUMENT_ROOT.'/adherents/class/adherent.class.php';
diff --git a/htdocs/public/members/public_list.php b/htdocs/public/members/public_list.php
index 1b6d23d946cc5fe3422adf68a5ad550b96ee0634..be901932e12e752c11048ded97b524ac7b99f87c 100644
--- a/htdocs/public/members/public_list.php
+++ b/htdocs/public/members/public_list.php
@@ -27,11 +27,11 @@
define("NOLOGIN",1); // This means this output page does not require to be logged.
define("NOCSRFCHECK",1); // We accept to go on this page from external web site.
-// For MultiCompany module.
+// For MultiCompany module.
// Do not use GETPOST here, function is not defined and define must be done before including main.inc.php
// TODO This should be useless. Because entity must be retreive from object ref and not from url.
$entity=(! empty($_GET['entity']) ? (int) $_GET['entity'] : (! empty($_POST['entity']) ? (int) $_POST['entity'] : 1));
-if (is_int($entity)) define("DOLENTITY", $entity);
+if (is_numeric($entity)) define("DOLENTITY", $entity);
require '../../main.inc.php';
diff --git a/htdocs/public/paybox/newpayment.php b/htdocs/public/paybox/newpayment.php
index b8bad33c08fe1d4e419560032f18e42c49b6aeaf..56843afb1b77ff90a75bf4ff42f13d5b34c25aec 100644
--- a/htdocs/public/paybox/newpayment.php
+++ b/htdocs/public/paybox/newpayment.php
@@ -27,11 +27,11 @@
define("NOLOGIN",1); // This means this output page does not require to be logged.
define("NOCSRFCHECK",1); // We accept to go on this page from external web site.
-// For MultiCompany module.
+// For MultiCompany module.
// Do not use GETPOST here, function is not defined and define must be done before including main.inc.php
// TODO This should be useless. Because entity must be retreive from object ref and not from url.
$entity=(! empty($_GET['entity']) ? (int) $_GET['entity'] : (! empty($_POST['entity']) ? (int) $_POST['entity'] : 1));
-if (is_int($entity)) define("DOLENTITY", $entity);
+if (is_numeric($entity)) define("DOLENTITY", $entity);
require '../../main.inc.php';
require_once DOL_DOCUMENT_ROOT.'/paybox/lib/paybox.lib.php';
diff --git a/htdocs/public/paybox/paymentko.php b/htdocs/public/paybox/paymentko.php
index a9da81d0e68e23227b7a0b22245e116add9e61ad..fdf19f9a247468aeee72d2f8ebc790cb7aa3154a 100644
--- a/htdocs/public/paybox/paymentko.php
+++ b/htdocs/public/paybox/paymentko.php
@@ -26,11 +26,11 @@
define("NOLOGIN",1); // This means this output page does not require to be logged.
define("NOCSRFCHECK",1); // We accept to go on this page from external web site.
-// For MultiCompany module.
+// For MultiCompany module.
// Do not use GETPOST here, function is not defined and define must be done before including main.inc.php
// TODO This should be useless. Because entity must be retreive from object ref and not from url.
$entity=(! empty($_GET['entity']) ? (int) $_GET['entity'] : (! empty($_POST['entity']) ? (int) $_POST['entity'] : 1));
-if (is_int($entity)) define("DOLENTITY", $entity);
+if (is_numeric($entity)) define("DOLENTITY", $entity);
require '../../main.inc.php';
require_once DOL_DOCUMENT_ROOT.'/paybox/lib/paybox.lib.php';
diff --git a/htdocs/public/paybox/paymentok.php b/htdocs/public/paybox/paymentok.php
index 350d409735ce533c99e5f03c43a3ebfaa03ff183..46fd05c52fdfad219656d1cee91a23e0ccdb45eb 100644
--- a/htdocs/public/paybox/paymentok.php
+++ b/htdocs/public/paybox/paymentok.php
@@ -26,11 +26,11 @@
define("NOLOGIN",1); // This means this output page does not require to be logged.
define("NOCSRFCHECK",1); // We accept to go on this page from external web site.
-// For MultiCompany module.
+// For MultiCompany module.
// Do not use GETPOST here, function is not defined and define must be done before including main.inc.php
// TODO This should be useless. Because entity must be retreive from object ref and not from url.
$entity=(! empty($_GET['entity']) ? (int) $_GET['entity'] : (! empty($_POST['entity']) ? (int) $_POST['entity'] : 1));
-if (is_int($entity)) define("DOLENTITY", $entity);
+if (is_numeric($entity)) define("DOLENTITY", $entity);
require '../../main.inc.php';
require_once DOL_DOCUMENT_ROOT.'/paybox/lib/paybox.lib.php';
diff --git a/htdocs/public/paypal/newpayment.php b/htdocs/public/paypal/newpayment.php
index 91d1f67a3b943e6d472d833c1b7f22d4dd3ce510..51c598f4fabeda7a211b9a117f91c549dce2d2de 100644
--- a/htdocs/public/paypal/newpayment.php
+++ b/htdocs/public/paypal/newpayment.php
@@ -29,11 +29,11 @@
define("NOLOGIN",1); // This means this output page does not require to be logged.
define("NOCSRFCHECK",1); // We accept to go on this page from external web site.
-// For MultiCompany module.
+// For MultiCompany module.
// Do not use GETPOST here, function is not defined and define must be done before including main.inc.php
// TODO This should be useless. Because entity must be retreive from object ref and not from url.
$entity=(! empty($_GET['entity']) ? (int) $_GET['entity'] : (! empty($_POST['entity']) ? (int) $_POST['entity'] : 1));
-if (is_int($entity)) define("DOLENTITY", $entity);
+if (is_numeric($entity)) define("DOLENTITY", $entity);
require '../../main.inc.php';
require_once DOL_DOCUMENT_ROOT.'/paypal/lib/paypal.lib.php';
diff --git a/htdocs/public/paypal/paymentko.php b/htdocs/public/paypal/paymentko.php
index 3427f6a9b8242e52f1d4e7f5e819d49f5dc78a69..a7b327f96aa6e7ddbf171537dd2b1688638ccfbd 100644
--- a/htdocs/public/paypal/paymentko.php
+++ b/htdocs/public/paypal/paymentko.php
@@ -29,11 +29,11 @@
define("NOLOGIN",1); // This means this output page does not require to be logged.
define("NOCSRFCHECK",1); // We accept to go on this page from external web site.
-// For MultiCompany module.
+// For MultiCompany module.
// Do not use GETPOST here, function is not defined and define must be done before including main.inc.php
// TODO This should be useless. Because entity must be retreive from object ref and not from url.
$entity=(! empty($_GET['entity']) ? (int) $_GET['entity'] : (! empty($_POST['entity']) ? (int) $_POST['entity'] : 1));
-if (is_int($entity)) define("DOLENTITY", $entity);
+if (is_numeric($entity)) define("DOLENTITY", $entity);
require '../../main.inc.php';
require_once DOL_DOCUMENT_ROOT.'/paypal/lib/paypal.lib.php';
diff --git a/htdocs/public/paypal/paymentok.php b/htdocs/public/paypal/paymentok.php
index 68420f3bbd802aa30e7fd6b9fcaa9d414d3a5881..4182dffde570972e86ba4961bbcb4dc7a8e94e18 100644
--- a/htdocs/public/paypal/paymentok.php
+++ b/htdocs/public/paypal/paymentok.php
@@ -29,11 +29,11 @@
define("NOLOGIN",1); // This means this output page does not require to be logged.
define("NOCSRFCHECK",1); // We accept to go on this page from external web site.
-// For MultiCompany module.
+// For MultiCompany module.
// Do not use GETPOST here, function is not defined and define must be done before including main.inc.php
// TODO This should be useless. Because entity must be retreive from object ref and not from url.
$entity=(! empty($_GET['entity']) ? (int) $_GET['entity'] : (! empty($_POST['entity']) ? (int) $_POST['entity'] : 1));
-if (is_int($entity)) define("DOLENTITY", $entity);
+if (is_numeric($entity)) define("DOLENTITY", $entity);
require '../../main.inc.php';
require_once DOL_DOCUMENT_ROOT.'/paypal/lib/paypal.lib.php';