From ac80d4057d955b49984d8d70aa36f13fa85919c2 Mon Sep 17 00:00:00 2001
From: Laurent Destailleur <eldy@destailleur.fr>
Date: Mon, 16 Jan 2017 09:30:28 +0100
Subject: [PATCH] Fix several running time errors

---
 htdocs/core/lib/date.lib.php           |  4 ++--
 htdocs/core/lib/price.lib.php          |  1 +
 htdocs/holiday/class/holiday.class.php | 14 ++++++++------
 test/phpunit/MarginsLibTest.php        |  1 -
 4 files changed, 11 insertions(+), 9 deletions(-)

diff --git a/htdocs/core/lib/date.lib.php b/htdocs/core/lib/date.lib.php
index a0d61144582..cd897071551 100644
--- a/htdocs/core/lib/date.lib.php
+++ b/htdocs/core/lib/date.lib.php
@@ -175,7 +175,7 @@ function convertSecondToTime($iSecond, $format='all', $lengthOfDay=86400, $lengt
 
         $sTime='';
         $sDay=0;
-        $sWeek='';
+        $sWeek=0;
 
 		if ($iSecond >= $lengthOfDay)
 		{
@@ -218,7 +218,7 @@ function convertSecondToTime($iSecond, $format='all', $lengthOfDay=86400, $lengt
 		}
 		if ($format == 'allhourmin')
 		{
-			return sprintf("%02d",($sWeek*$lengthOfWeek*24 + $sDay*24 + (int) floor($iSecond/3600))).':'.sprintf("%02d",((int) floor(($iSecond % 3600)/60)));
+		    return sprintf("%02d",($sWeek*$lengthOfWeek*24 + $sDay*24 + (int) floor($iSecond/3600))).':'.sprintf("%02d",((int) floor(($iSecond % 3600)/60)));
 		}
 		if ($format == 'allhour')
 		{
diff --git a/htdocs/core/lib/price.lib.php b/htdocs/core/lib/price.lib.php
index e94c0c7dcfe..2fe652f6ac9 100644
--- a/htdocs/core/lib/price.lib.php
+++ b/htdocs/core/lib/price.lib.php
@@ -80,6 +80,7 @@ function calcul_price_total($qty, $pu, $remise_percent_ligne, $txtva, $uselocalt
 	$result=array();
 
 	// Clean parameters
+	if (empty($info_bits)) $info_bits=0;
 	if (empty($txtva)) $txtva=0;
 	if (empty($seller) || ! is_object($seller))
 	{
diff --git a/htdocs/holiday/class/holiday.class.php b/htdocs/holiday/class/holiday.class.php
index 78bc1582a65..10534082b9e 100644
--- a/htdocs/holiday/class/holiday.class.php
+++ b/htdocs/holiday/class/holiday.class.php
@@ -127,7 +127,8 @@ class Holiday extends CommonObject
         // Check parameters
         if (empty($this->fk_user) || ! is_numeric($this->fk_user) || $this->fk_user < 0) { $this->error="ErrorBadParameter"; return -1; }
         if (empty($this->fk_validator) || ! is_numeric($this->fk_validator) || $this->fk_validator < 0)  { $this->error="ErrorBadParameter"; return -1; }
-
+        if (empty($this->fk_type) || ! is_numeric($this->fk_type) || $this->fk_type < 0)  { $this->error="ErrorBadParameter"; return -1; }
+        
         // Insert request
         $sql = "INSERT INTO ".MAIN_DB_PREFIX."holiday(";
         $sql.= "fk_user,";
@@ -150,7 +151,7 @@ class Holiday extends CommonObject
         $sql.= " ".$this->halfday.",";
         $sql.= " '1',";
         $sql.= " '".$this->fk_validator."',";
-        $sql.= " '".$this->fk_type."',";
+        $sql.= " ".$this->fk_type.",";
         $sql.= " ".$user->id.",";
         $sql.= " ".$conf->entity;
         $sql.= ")";
@@ -281,7 +282,7 @@ class Holiday extends CommonObject
 
         $sql = "SELECT";
         $sql.= " cp.rowid,";
-
+        
         $sql.= " cp.fk_user,";
         $sql.= " cp.date_create,";
         $sql.= " cp.description,";
@@ -868,7 +869,7 @@ class Holiday extends CommonObject
     {
         $sql = "SELECT value";
         $sql.= " FROM ".MAIN_DB_PREFIX."holiday_config";
-        $sql.= " WHERE name = '".$name."'";
+        $sql.= " WHERE name = '".$this->db->escape($name)."'";
 
         dol_syslog(get_class($this).'::getConfCP name='.$name.' createifnotfound='.$createifnotfound, LOG_DEBUG);
         $result = $this->db->query($sql);
@@ -882,7 +883,7 @@ class Holiday extends CommonObject
                 if ($createifnotfound)
                 {
                     $sql = "INSERT INTO ".MAIN_DB_PREFIX."holiday_config(name, value)";
-                    $sql.= " VALUES('".$name."', '".$createifnotfound."')";
+                    $sql.= " VALUES('".$this->db->escape($name)."', '".$this->db->escape($createifnotfound)."')";
                     $result = $this->db->query($sql);
                     if ($result) 
                     {
@@ -947,7 +948,7 @@ class Holiday extends CommonObject
 	            $nbUser = count($users);
 
                 $sql = "UPDATE ".MAIN_DB_PREFIX."holiday_config SET";
-                $sql.= " value = '".$newdateforlastupdate."'";
+                $sql.= " value = '".$this->db->escape($newdateforlastupdate)."'";
                 $sql.= " WHERE name = 'lastUpdate'";
                 $result = $this->db->query($sql);
 
@@ -1634,6 +1635,7 @@ class Holiday extends CommonObject
     	$this->date_fin=dol_now()+(24*3600);
     	$this->fk_validator=1;
     	$this->halfday=0;
+    	$this->fk_type=1;
     }
 
 }
diff --git a/test/phpunit/MarginsLibTest.php b/test/phpunit/MarginsLibTest.php
index 7c2e8f68ef6..e6f130d2e3b 100644
--- a/test/phpunit/MarginsLibTest.php
+++ b/test/phpunit/MarginsLibTest.php
@@ -138,7 +138,6 @@ class MarginsLibTest extends PHPUnit_Framework_TestCase
 		$this->assertEquals(20,$result[2]);
 		
 		$result=getMarginInfos(10, 10, 19.6, 0, 0, 0, 8);
-		var_dump($result);
 		print __METHOD__." result[0]=".$result[0]."\n";
 		$this->assertEquals(8,$result[0]);
 		print __METHOD__." result[1]=".$result[1]."\n";
-- 
GitLab