From d89955047b9e257dcb154fcd7baa376b41e77c2a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Rapha=C3=ABl=20Doursenaud?= Date: Thu, 11 Jun 2015 10:37:30 +0200 Subject: [PATCH 1/3] FIX #3009: Better filtering to prevent SQL injection --- htdocs/product/liste.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/htdocs/product/liste.php b/htdocs/product/liste.php index 69453cb2a5039..99b806443108a 100644 --- a/htdocs/product/liste.php +++ b/htdocs/product/liste.php @@ -49,8 +49,8 @@ $type=GETPOST("type","int"); $search_sale = GETPOST("search_sale"); $search_categ = GETPOST("search_categ",'int'); -$tosell = GETPOST("tosell"); -$tobuy = GETPOST("tobuy"); +$tosell = GETPOST("tosell", 'int'); +$tobuy = GETPOST("tobuy", 'int'); $fourn_id = GETPOST("fourn_id",'int'); $catid = GETPOST('catid','int'); From 300cfd22931b0569668a096a912c9b9839ca1ef0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marcos=20Garci=CC=81a=20de=20La=20Fuente?= Date: Fri, 12 Jun 2015 16:10:23 +0200 Subject: [PATCH 2/3] FIX Close bug #2891 Category hooks do not work --- ChangeLog | 1 + htdocs/categories/edit.php | 3 +++ htdocs/categories/fiche.php | 3 +++ htdocs/categories/viewcat.php | 3 +++ 4 files changed, 10 insertions(+) diff --git a/ChangeLog b/ChangeLog index 3aae68b567ad0..c2dc484202a59 100644 --- a/ChangeLog +++ b/ChangeLog @@ -37,6 +37,7 @@ English Dolibarr ChangeLog - Fix: [ bug #2545 ] Missing object_margin.png in Amarok theme - Fix: [ bug #2542 ] Contracts store localtax preferences - Fix: Bad permission assignments for stock movements actions +- Fix: [ bug #2891 ] Category hooks do not work ***** ChangeLog for 3.6.2 compared to 3.6.1 ***** - Fix: fix ErrorBadValueForParamNotAString error message in price customer multiprice. diff --git a/htdocs/categories/edit.php b/htdocs/categories/edit.php index 0c61ab8cca684..cdca440da137c 100644 --- a/htdocs/categories/edit.php +++ b/htdocs/categories/edit.php @@ -56,6 +56,9 @@ $extrafields = new ExtraFields($db); $extralabels=$extrafields->fetch_name_optionals_label($object->table_element); +// Initialize technical object to manage hooks. Note that conf->hooks_modules contains array array +$hookmanager->initHooks(array('categorycard')); + /* * Actions */ diff --git a/htdocs/categories/fiche.php b/htdocs/categories/fiche.php index 208cbb38331eb..566249748de06 100644 --- a/htdocs/categories/fiche.php +++ b/htdocs/categories/fiche.php @@ -64,6 +64,9 @@ $extrafields = new ExtraFields($db); $extralabels=$extrafields->fetch_name_optionals_label($object->table_element); +// Initialize technical object to manage hooks. Note that conf->hooks_modules contains array array +$hookmanager->initHooks(array('categorycard')); + /* * Actions */ diff --git a/htdocs/categories/viewcat.php b/htdocs/categories/viewcat.php index 010306d1e0028..f9df0aff71e83 100644 --- a/htdocs/categories/viewcat.php +++ b/htdocs/categories/viewcat.php @@ -63,6 +63,9 @@ $extrafields = new ExtraFields($db); $extralabels = $extrafields->fetch_name_optionals_label($object->table_element); +// Initialize technical object to manage hooks. Note that conf->hooks_modules contains array array +$hookmanager->initHooks(array('categorycard')); + /* * Actions */ From ea625628cea6930d785267f34f7424306863ba6c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marcos=20Garci=CC=81a=20de=20La=20Fuente?= Date: Sat, 13 Jun 2015 03:39:06 +0200 Subject: [PATCH 3/3] Fix Close bug #2786 Objectline_add template shows "0" for non-vat suppliers --- htdocs/core/tpl/objectline_create.tpl.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/core/tpl/objectline_create.tpl.php b/htdocs/core/tpl/objectline_create.tpl.php index 7262a3b3bd909..a8c9434acec67 100644 --- a/htdocs/core/tpl/objectline_create.tpl.php +++ b/htdocs/core/tpl/objectline_create.tpl.php @@ -184,7 +184,7 @@ tva_assuj == "0") echo '0'; + if ($seller->tva_assuj == "0") echo ' '.vatrate(0, true); else echo $form->load_tva('tva_tx', (isset($_POST["tva_tx"])?$_POST["tva_tx"]:-1), $seller, $buyer); } ?>