[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Noalyss-commit] [noalyss] 05/06: CFGLED : security fix : remove $_REQUE
From: |
Dany De Bontridder |
Subject: |
[Noalyss-commit] [noalyss] 05/06: CFGLED : security fix : remove $_REQUEST |
Date: |
Sun, 3 Jun 2018 07:02:29 -0400 (EDT) |
sparkyx pushed a commit to annotated tag rel7006
in repository noalyss.
commit e6eef51df6cb632c0955a9ae617ea64b4714de1f
Author: Dany De Bontridder <address@hidden>
Date: Sun Jun 3 12:44:11 2018 +0200
CFGLED : security fix : remove $_REQUEST
---
include/cfgledger.inc.php | 16 ++++++++++------
1 file changed, 10 insertions(+), 6 deletions(-)
diff --git a/include/cfgledger.inc.php b/include/cfgledger.inc.php
index 2a1c28f..48fc3b6 100644
--- a/include/cfgledger.inc.php
+++ b/include/cfgledger.inc.php
@@ -61,8 +61,9 @@ if ( $action_frm == 'update')
$show_menu=1;
} catch (Exception $e)
{
+ record_log($e->getMessage());
record_log($e->getTraceAsString());
- alert($e->getMessage());
+ alert($e->getMessage());
}
}
@@ -71,7 +72,7 @@ if ( $action_frm == 'update')
//////////////////////////////////////////////////////////////////////////
if ($action_frm == 'delete' )
{
- $ledger->id=$http->post('p_jrn',"number");;
+ $ledger->id=$http->post('p_jrn',"number");
$ledger->load();
$name=$ledger->get_name();
try {
@@ -86,8 +87,9 @@ if ($action_frm == 'delete' )
}
catch (Exception $e)
{
+ record_log($e->getMessage());
record_log($e->getTraceAsString());
- alert ($e->getMessage());
+ alert ($e->getMessage());
}
}
@@ -108,8 +110,9 @@ if (isset($_POST['add']))
}
catch (Exception $e)
{
+ record_log($e->getMessage());
record_log($e->getTraceAsString());
- alert($e->getMessage());
+ alert($e->getMessage());
}
}
@@ -134,7 +137,7 @@ switch ($sa)
echo '<INPUT TYPE="SUBMIT" class="smallbutton"
VALUE="'._("Sauve").'" name="update"
onClick="$(\'action_frm\').value=\'update\';return
confirm_box(\'cfg_ledger_frm\',\'Valider ?\')">
<INPUT TYPE="RESET" class="smallbutton" VALUE="Reset">
<INPUT TYPE="submit" class="smallbutton" name="efface"
value="'._("Efface").'" onClick="$(\'action_frm\').value=\'delete\';return
confirm_box(\'cfg_ledger_frm\',\'Vous effacez ce journal ?\')">';
-
$href=http_build_query(array('ac'=>$_REQUEST['ac'],'gDossier'=>$_REQUEST['gDossier']));
+
$href=http_build_query(array('ac'=>$http->request('ac'),'gDossier'=>$http->request('gDossier',"number")));
echo '<a style="display:inline" class="smallbutton"
href="do.php?'.$href.'">'._('Retour').'</a>';
echo '</FORM>';
echo "</div>";
@@ -142,8 +145,9 @@ switch ($sa)
}
catch (Exception $e)
{
+ record_log($e->getMessage());
record_log($e->getTraceAsString());
- alert($e->getMessage());
+ alert($e->getMessage());
}
break;
case 'add': /* Add a new ledger */
- [Noalyss-commit] [noalyss] annotated tag rel7006 created (now 6f66015), Dany De Bontridder, 2018/06/03
- [Noalyss-commit] [noalyss] 02/06: Security fix : f_id is a number, Dany De Bontridder, 2018/06/03
- [Noalyss-commit] [noalyss] 04/06: translation, Dany De Bontridder, 2018/06/03
- [Noalyss-commit] [noalyss] 01/06: Security fix : f_id is a number, Dany De Bontridder, 2018/06/03
- [Noalyss-commit] [noalyss] 05/06: CFGLED : security fix : remove $_REQUEST,
Dany De Bontridder <=
- [Noalyss-commit] [noalyss] 03/06: Task #1619 : CFGLED change label for "Donner ici la fiche du compte en banque", Dany De Bontridder, 2018/06/03
- [Noalyss-commit] [noalyss] 06/06: CFGLED : cosmetic, Dany De Bontridder, 2018/06/03