1 year ago · 0fcbdcb408
--- a/htdocs/admin/dict.php
+++ b/htdocs/admin/dict.php
@@ -1807,7 +1807,7 @@ if ($id > 0) {
 
				 			}
			
 
				 
			
 
				 			if (in_array($value, array('label', 'libelle', 'libelle_facture')) && empty($tabcomplete[$tabname[$id]]['help'][$value])) {
			
 
				-				if (!is_array($tabcomplete[$tabname[$id]]['help'])) {	// protection when $tabcomplete[$tabname[$id]]['help'] is a an empty string, we must force it into an array
			
 
				+				if (!isset($tabcomplete[$tabname[$id]]['help']) || !is_array($tabcomplete[$tabname[$id]]['help'])) {	// protection when $tabcomplete[$tabname[$id]]['help'] is a an empty string, we must force it into an array
			
 
				 					$tabcomplete[$tabname[$id]]['help'] = array();
			
 
				 				}
			
 
				 				$tabcomplete[$tabname[$id]]['help'][$value] = $langs->trans('LabelUsedByDefault');
			
--- a/htdocs/core/class/extrafields.class.php
+++ b/htdocs/core/class/extrafields.class.php
@@ -1589,7 +1589,7 @@ class ExtraFields
 
				 		} elseif ($type == 'link') {
			
 
				 			$param_list = array_keys($param['options']); // $param_list[0] = 'ObjectName:classPath' but can also be 'ObjectName:classPath:1:(status:=:1)'
			
 
				 			/* Removed.
			
 
				-			The selectForForms is called with parameter $objectfield defined, so the app can retreive the filter inside the ajax component instead of being provided as parameters. The
			
 
				+			The selectForForms is called with parameter $objectfield defined, so the app can retrieve the filter inside the ajax component instead of being provided as parameters. The
			
 
				 			filter was used to pass SQL requests leading to serious SQL injection problem. This should not be possible. Also the call of the ajax was broken by some WAF.
			
 
				 			if (strpos($param_list[0], '$ID$') !== false && !empty($objectid)) {
			
 
				 				$param_list[0] = str_replace('$ID$', $objectid, $param_list[0]);