From 4c3c62515d25624a6f551fcbfed50393c2294e39 Mon Sep 17 00:00:00 2001
From: Laurent Destailleur <eldy@destailleur.fr>
Date: Mon, 9 Jun 2014 15:21:20 +0200
Subject: [PATCH] Fix: Confusion between is_int and is_numeric.
---
htdocs/core/class/commonobject.class.php | 2 +-
htdocs/core/class/fileupload.class.php | 4 ++--
htdocs/core/class/html.form.class.php | 4 ++--
htdocs/master.inc.php | 9 ++++++---
htdocs/public/members/new.php | 4 ++--
htdocs/public/members/public_card.php | 4 ++--
htdocs/public/members/public_list.php | 4 ++--
htdocs/public/paybox/newpayment.php | 4 ++--
htdocs/public/paybox/paymentko.php | 4 ++--
htdocs/public/paybox/paymentok.php | 4 ++--
htdocs/public/paypal/newpayment.php | 4 ++--
htdocs/public/paypal/paymentko.php | 4 ++--
htdocs/public/paypal/paymentok.php | 4 ++--
13 files changed, 29 insertions(+), 26 deletions(-)
diff --git a/htdocs/core/class/commonobject.class.php b/htdocs/core/class/commonobject.class.php
index 49dd62acfd6..bdffb1fc708 100644
--- a/htdocs/core/class/commonobject.class.php
+++ b/htdocs/core/class/commonobject.class.php
@@ -2083,7 +2083,7 @@ abstract class CommonObject
foreach ($tab as $key => $value)
{
- //Test fetch_array ! is_int($key) because fetch_array seult is a mix table with Key as alpha and Key as int (depend db engine)
+ // Test fetch_array ! is_int($key) because fetch_array seult is a mix table with Key as alpha and Key as int (depend db engine)
if ($key != 'rowid' && $key != 'tms' && $key != 'fk_member' && ! is_int($key))
{
// we can add this attribute to adherent object
diff --git a/htdocs/core/class/fileupload.class.php b/htdocs/core/class/fileupload.class.php
index 910ad55e0a0..ed091e74c83 100644
--- a/htdocs/core/class/fileupload.class.php
+++ b/htdocs/core/class/fileupload.class.php
@@ -329,14 +329,14 @@ class FileUpload
$file->error = 'minFileSize';
return false;
}
- if (is_int($this->options['max_number_of_files']) && (
+ if (is_numeric($this->options['max_number_of_files']) && (
count($this->getFileObjects()) >= $this->options['max_number_of_files'])
) {
$file->error = 'maxNumberOfFiles';
return false;
}
list($img_width, $img_height) = @getimagesize($uploaded_file);
- if (is_int($img_width)) {
+ if (is_numeric($img_width)) {
if ($this->options['max_width'] && $img_width > $this->options['max_width'] ||
$this->options['max_height'] && $img_height > $this->options['max_height']) {
$file->error = 'maxResolution';
diff --git a/htdocs/core/class/html.form.class.php b/htdocs/core/class/html.form.class.php
index 3d175f49770..43148045e81 100644
--- a/htdocs/core/class/html.form.class.php
+++ b/htdocs/core/class/html.form.class.php
@@ -2614,7 +2614,7 @@ class Form
$autoOpen=true;
$dialogconfirm='dialog-confirm';
$button='';
- if (! is_int($useajax))
+ if (! is_numeric($useajax))
{
$button=$useajax;
$useajax=1;
@@ -3469,7 +3469,7 @@ class Form
if($m == '') $m=0;
if($empty == '') $empty=0;
- if ($set_time === '' && $empty == 0)
+ if ($set_time === '' && $empty == 0)
{
include_once DOL_DOCUMENT_ROOT.'/core/lib/date.lib.php';
$set_time = dol_now('tzuser')-(getServerTimeZoneInt('now')*3600); // set_time must be relative to PHP server timezone
diff --git a/htdocs/master.inc.php b/htdocs/master.inc.php
index da7642e8df4..d97656a1131 100644
--- a/htdocs/master.inc.php
+++ b/htdocs/master.inc.php
@@ -160,19 +160,22 @@ if (! defined('NOREQUIREDB'))
{
$conf->entity = GETPOST("entity",'int');
}
- else if (defined('DOLENTITY') && is_int(DOLENTITY)) // For public page with MultiCompany module
+ else if (defined('DOLENTITY') && is_numeric(DOLENTITY)) // For public page with MultiCompany module
{
$conf->entity = DOLENTITY;
}
- else if (!empty($_COOKIE['DOLENTITY'])) // For other application with MultiCompany module
+ else if (!empty($_COOKIE['DOLENTITY'])) // For other application with MultiCompany module (TODO: We should remove this. entity to use should never be stored into client side)
{
$conf->entity = $_COOKIE['DOLENTITY'];
}
- else if (! empty($conf->multicompany->force_entity) && is_int($conf->multicompany->force_entity)) // To force entity in login page
+ else if (! empty($conf->multicompany->force_entity) && is_numeric($conf->multicompany->force_entity)) // To force entity in login page
{
$conf->entity = $conf->multicompany->force_entity;
}
+ // Sanitize entity
+ if (! is_numeric($conf->entity)) $conf->entity=1;
+
//print "Will work with data into entity instance number '".$conf->entity."'";
// Here we read database (llx_const table) and define $conf->global->XXX var.
diff --git a/htdocs/public/members/new.php b/htdocs/public/members/new.php
index 34a96f7bcb6..33dee38626e 100644
--- a/htdocs/public/members/new.php
+++ b/htdocs/public/members/new.php
@@ -38,11 +38,11 @@
define("NOLOGIN",1); // This means this output page does not require to be logged.
define("NOCSRFCHECK",1); // We accept to go on this page from external web site.
-// For MultiCompany module.
+// For MultiCompany module.
// Do not use GETPOST here, function is not defined and define must be done before including main.inc.php
// TODO This should be useless. Because entity must be retreive from object ref and not from url.
$entity=(! empty($_GET['entity']) ? (int) $_GET['entity'] : (! empty($_POST['entity']) ? (int) $_POST['entity'] : 1));
-if (is_int($entity)) define("DOLENTITY", $entity);
+if (is_numeric($entity)) define("DOLENTITY", $entity);
require '../../main.inc.php';
require_once DOL_DOCUMENT_ROOT.'/adherents/class/adherent.class.php';
diff --git a/htdocs/public/members/public_card.php b/htdocs/public/members/public_card.php
index 2a9b3465543..aa164508650 100644
--- a/htdocs/public/members/public_card.php
+++ b/htdocs/public/members/public_card.php
@@ -27,11 +27,11 @@
define("NOLOGIN",1); // This means this output page does not require to be logged.
define("NOCSRFCHECK",1); // We accept to go on this page from external web site.
-// For MultiCompany module.
+// For MultiCompany module.
// Do not use GETPOST here, function is not defined and define must be done before including main.inc.php
// TODO This should be useless. Because entity must be retreive from object ref and not from url.
$entity=(! empty($_GET['entity']) ? (int) $_GET['entity'] : (! empty($_POST['entity']) ? (int) $_POST['entity'] : 1));
-if (is_int($entity)) define("DOLENTITY", $entity);
+if (is_numeric($entity)) define("DOLENTITY", $entity);
require '../../main.inc.php';
require_once DOL_DOCUMENT_ROOT.'/adherents/class/adherent.class.php';
diff --git a/htdocs/public/members/public_list.php b/htdocs/public/members/public_list.php
index 1b6d23d946c..be901932e12 100644
--- a/htdocs/public/members/public_list.php
+++ b/htdocs/public/members/public_list.php
@@ -27,11 +27,11 @@
define("NOLOGIN",1); // This means this output page does not require to be logged.
define("NOCSRFCHECK",1); // We accept to go on this page from external web site.
-// For MultiCompany module.
+// For MultiCompany module.
// Do not use GETPOST here, function is not defined and define must be done before including main.inc.php
// TODO This should be useless. Because entity must be retreive from object ref and not from url.
$entity=(! empty($_GET['entity']) ? (int) $_GET['entity'] : (! empty($_POST['entity']) ? (int) $_POST['entity'] : 1));
-if (is_int($entity)) define("DOLENTITY", $entity);
+if (is_numeric($entity)) define("DOLENTITY", $entity);
require '../../main.inc.php';
diff --git a/htdocs/public/paybox/newpayment.php b/htdocs/public/paybox/newpayment.php
index b8bad33c08f..56843afb1b7 100644
--- a/htdocs/public/paybox/newpayment.php
+++ b/htdocs/public/paybox/newpayment.php
@@ -27,11 +27,11 @@
define("NOLOGIN",1); // This means this output page does not require to be logged.
define("NOCSRFCHECK",1); // We accept to go on this page from external web site.
-// For MultiCompany module.
+// For MultiCompany module.
// Do not use GETPOST here, function is not defined and define must be done before including main.inc.php
// TODO This should be useless. Because entity must be retreive from object ref and not from url.
$entity=(! empty($_GET['entity']) ? (int) $_GET['entity'] : (! empty($_POST['entity']) ? (int) $_POST['entity'] : 1));
-if (is_int($entity)) define("DOLENTITY", $entity);
+if (is_numeric($entity)) define("DOLENTITY", $entity);
require '../../main.inc.php';
require_once DOL_DOCUMENT_ROOT.'/paybox/lib/paybox.lib.php';
diff --git a/htdocs/public/paybox/paymentko.php b/htdocs/public/paybox/paymentko.php
index a9da81d0e68..fdf19f9a247 100644
--- a/htdocs/public/paybox/paymentko.php
+++ b/htdocs/public/paybox/paymentko.php
@@ -26,11 +26,11 @@
define("NOLOGIN",1); // This means this output page does not require to be logged.
define("NOCSRFCHECK",1); // We accept to go on this page from external web site.
-// For MultiCompany module.
+// For MultiCompany module.
// Do not use GETPOST here, function is not defined and define must be done before including main.inc.php
// TODO This should be useless. Because entity must be retreive from object ref and not from url.
$entity=(! empty($_GET['entity']) ? (int) $_GET['entity'] : (! empty($_POST['entity']) ? (int) $_POST['entity'] : 1));
-if (is_int($entity)) define("DOLENTITY", $entity);
+if (is_numeric($entity)) define("DOLENTITY", $entity);
require '../../main.inc.php';
require_once DOL_DOCUMENT_ROOT.'/paybox/lib/paybox.lib.php';
diff --git a/htdocs/public/paybox/paymentok.php b/htdocs/public/paybox/paymentok.php
index 350d409735c..46fd05c52fd 100644
--- a/htdocs/public/paybox/paymentok.php
+++ b/htdocs/public/paybox/paymentok.php
@@ -26,11 +26,11 @@
define("NOLOGIN",1); // This means this output page does not require to be logged.
define("NOCSRFCHECK",1); // We accept to go on this page from external web site.
-// For MultiCompany module.
+// For MultiCompany module.
// Do not use GETPOST here, function is not defined and define must be done before including main.inc.php
// TODO This should be useless. Because entity must be retreive from object ref and not from url.
$entity=(! empty($_GET['entity']) ? (int) $_GET['entity'] : (! empty($_POST['entity']) ? (int) $_POST['entity'] : 1));
-if (is_int($entity)) define("DOLENTITY", $entity);
+if (is_numeric($entity)) define("DOLENTITY", $entity);
require '../../main.inc.php';
require_once DOL_DOCUMENT_ROOT.'/paybox/lib/paybox.lib.php';
diff --git a/htdocs/public/paypal/newpayment.php b/htdocs/public/paypal/newpayment.php
index 91d1f67a3b9..51c598f4fab 100644
--- a/htdocs/public/paypal/newpayment.php
+++ b/htdocs/public/paypal/newpayment.php
@@ -29,11 +29,11 @@
define("NOLOGIN",1); // This means this output page does not require to be logged.
define("NOCSRFCHECK",1); // We accept to go on this page from external web site.
-// For MultiCompany module.
+// For MultiCompany module.
// Do not use GETPOST here, function is not defined and define must be done before including main.inc.php
// TODO This should be useless. Because entity must be retreive from object ref and not from url.
$entity=(! empty($_GET['entity']) ? (int) $_GET['entity'] : (! empty($_POST['entity']) ? (int) $_POST['entity'] : 1));
-if (is_int($entity)) define("DOLENTITY", $entity);
+if (is_numeric($entity)) define("DOLENTITY", $entity);
require '../../main.inc.php';
require_once DOL_DOCUMENT_ROOT.'/paypal/lib/paypal.lib.php';
diff --git a/htdocs/public/paypal/paymentko.php b/htdocs/public/paypal/paymentko.php
index 3427f6a9b82..a7b327f96aa 100644
--- a/htdocs/public/paypal/paymentko.php
+++ b/htdocs/public/paypal/paymentko.php
@@ -29,11 +29,11 @@
define("NOLOGIN",1); // This means this output page does not require to be logged.
define("NOCSRFCHECK",1); // We accept to go on this page from external web site.
-// For MultiCompany module.
+// For MultiCompany module.
// Do not use GETPOST here, function is not defined and define must be done before including main.inc.php
// TODO This should be useless. Because entity must be retreive from object ref and not from url.
$entity=(! empty($_GET['entity']) ? (int) $_GET['entity'] : (! empty($_POST['entity']) ? (int) $_POST['entity'] : 1));
-if (is_int($entity)) define("DOLENTITY", $entity);
+if (is_numeric($entity)) define("DOLENTITY", $entity);
require '../../main.inc.php';
require_once DOL_DOCUMENT_ROOT.'/paypal/lib/paypal.lib.php';
diff --git a/htdocs/public/paypal/paymentok.php b/htdocs/public/paypal/paymentok.php
index 68420f3bbd8..4182dffde57 100644
--- a/htdocs/public/paypal/paymentok.php
+++ b/htdocs/public/paypal/paymentok.php
@@ -29,11 +29,11 @@
define("NOLOGIN",1); // This means this output page does not require to be logged.
define("NOCSRFCHECK",1); // We accept to go on this page from external web site.
-// For MultiCompany module.
+// For MultiCompany module.
// Do not use GETPOST here, function is not defined and define must be done before including main.inc.php
// TODO This should be useless. Because entity must be retreive from object ref and not from url.
$entity=(! empty($_GET['entity']) ? (int) $_GET['entity'] : (! empty($_POST['entity']) ? (int) $_POST['entity'] : 1));
-if (is_int($entity)) define("DOLENTITY", $entity);
+if (is_numeric($entity)) define("DOLENTITY", $entity);
require '../../main.inc.php';
require_once DOL_DOCUMENT_ROOT.'/paypal/lib/paypal.lib.php';
--
GitLab