Skip to content
Snippets Groups Projects
Commit fc5b3086 authored by Juanjo Menent's avatar Juanjo Menent
Browse files

Merge remote-tracking branch 'upstream/develop' into 4.0

parents 490336b2 df74fa37
No related branches found
No related tags found
No related merge requests found
Show whitespace changes
Inline Side-by-side
htdocs/admin/menus/edit.php
+ 2
2
View file @ fc5b3086
...@@ -243,7 +243,7 @@ if ($action == 'confirm_delete' && $_POST["confirm"] == 'yes') ...@@ -243,7 +243,7 @@ if ($action == 'confirm_delete' && $_POST["confirm"] == 'yes')
{ {
$this->db->begin(); $this->db->begin();
$sql = "DELETE FROM ".MAIN_DB_PREFIX."menu WHERE rowid = ".$_GET['menuId']; $sql = "DELETE FROM ".MAIN_DB_PREFIX."menu WHERE rowid = ".GETPOST('menuId', 'int');
$db->query($sql); $db->query($sql);
if ($result == 0) if ($result == 0)
...@@ -312,7 +312,7 @@ if ($action == 'create') ...@@ -312,7 +312,7 @@ if ($action == 'create')
$parent_rowid = $_GET['menuId']; $parent_rowid = $_GET['menuId'];
if ($_GET['menuId']) if ($_GET['menuId'])
{ {
$sql = "SELECT m.rowid, m.mainmenu, m.leftmenu, m.level, m.langs FROM ".MAIN_DB_PREFIX."menu as m WHERE m.rowid = ".$_GET['menuId']; $sql = "SELECT m.rowid, m.mainmenu, m.leftmenu, m.level, m.langs FROM ".MAIN_DB_PREFIX."menu as m WHERE m.rowid = ".GETPOST('menuId', 'int');
$res = $db->query($sql); $res = $db->query($sql);
if ($res) if ($res)
{ {
......
htdocs/compta/bank/ligne.php
+ 2
2
View file @ fc5b3086
...@@ -83,13 +83,13 @@ if ($action == 'confirm_delete_categ' && $confirm == "yes" && $user->rights->ban ...@@ -83,13 +83,13 @@ if ($action == 'confirm_delete_categ' && $confirm == "yes" && $user->rights->ban
if ($user->rights->banque->modifier && $action == 'class') if ($user->rights->banque->modifier && $action == 'class')
{ {
$sql = "DELETE FROM ".MAIN_DB_PREFIX."bank_class WHERE lineid = ".$rowid." AND fk_categ = ".$_POST["cat1"]; $sql = "DELETE FROM ".MAIN_DB_PREFIX."bank_class WHERE lineid = ".$rowid." AND fk_categ = ".GETPOST('cat1', 'int');
if (! $db->query($sql)) if (! $db->query($sql))
{ {
dol_print_error($db); dol_print_error($db);
} }
$sql = "INSERT INTO ".MAIN_DB_PREFIX."bank_class (lineid, fk_categ) VALUES (".$rowid.", ".$_POST["cat1"].")"; $sql = "INSERT INTO ".MAIN_DB_PREFIX."bank_class (lineid, fk_categ) VALUES (".$rowid.", ".GETPOST('cat1', 'int').")";
if (! $db->query($sql)) if (! $db->query($sql))
{ {
dol_print_error($db); dol_print_error($db);
......
htdocs/societe/notify/card.php
+ 1
1
View file @ fc5b3086
...@@ -125,7 +125,7 @@ if (empty($reshook)) ...@@ -125,7 +125,7 @@ if (empty($reshook))
// Remove a notification // Remove a notification
if ($action == 'delete') if ($action == 'delete')
{ {
$sql = "DELETE FROM ".MAIN_DB_PREFIX."notify_def where rowid=".$_GET["actid"]; $sql = "DELETE FROM ".MAIN_DB_PREFIX."notify_def where rowid=".GETPOST('actid', 'int');
$db->query($sql); $db->query($sql);
} }
} }
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment