From 4cb6ec76ee0887c5c6c788f09dac1581acdc14a8 Mon Sep 17 00:00:00 2001
From: Laurent Destailleur <eldy@destailleur.fr>
Date: Tue, 10 Apr 2012 01:03:54 +0200
Subject: [PATCH] Revert "Fix: sql injection"

This reverts commit 8c3158cf28a6711d61fd8b3dacccc6ad746be8d0.
---
 htdocs/admin/tools/export.php     | 2 +-
 htdocs/core/lib/functions.lib.php | 6 ------
 2 files changed, 1 insertion(+), 7 deletions(-)

diff --git a/htdocs/admin/tools/export.php b/htdocs/admin/tools/export.php
index c471e60423e..1b65caf280f 100644
--- a/htdocs/admin/tools/export.php
+++ b/htdocs/admin/tools/export.php
@@ -127,7 +127,7 @@ if ($what == 'mysql')
     if (! empty($dolibarr_main_db_port)) $param.=" -P ".$dolibarr_main_db_port;
     if (! GETPOST("use_transaction"))    $param.=" -l --single-transaction";
     if (GETPOST("disable_fk"))           $param.=" -K";
-    if (GETPOST("sql_compat") && GETPOST("sql_compat") != 'NONE') $param.=" --compatible=".GETPOST("sql_compat","special");
+    if (GETPOST("sql_compat") && GETPOST("sql_compat") != 'NONE') $param.=" --compatible=".GETPOST("sql_compat","alpha");
     if (GETPOST("drop_database"))        $param.=" --add-drop-database";
     if (GETPOST("sql_structure"))
     {
diff --git a/htdocs/core/lib/functions.lib.php b/htdocs/core/lib/functions.lib.php
index b5832858353..93710e6602d 100644
--- a/htdocs/core/lib/functions.lib.php
+++ b/htdocs/core/lib/functions.lib.php
@@ -194,12 +194,6 @@ function GETPOST($paramname,$check='',$method=0)
     		// '../' is dangerous because it allows dir transversals
 		    if (preg_match('/"/',$out)) $out='';
 			else if (preg_match('/\.\.\//',$out)) $out='';
-			else if (preg_match('/(\s)*|(%20)*/',$out)) $out='';
-		}
-		elseif ($check == 'special')
-		{
-			$out=trim($out);
-			if (preg_match('/(\s)*|(%20)*/',$out)) $out='';
 		}
 		elseif ($check == 'array')
 		{
-- 
GitLab