2 年之前 · 35eeb4a3c0
--- a/htdocs/hrm/skill_tab.php
+++ b/htdocs/hrm/skill_tab.php
@@ -226,7 +226,7 @@ if ($object->id > 0 && (empty($action) || ($action != 'edit' && $action != 'crea
 
				 	} else {
			
 
				 		$linkback = '<a href="' . $listLink . '?restore_lastsearch_values=1' . (!empty($socid) ? '&socid=' . $socid : '') . '">' . $langs->trans("BackToList") . '</a>';
			
 
				 
			
 
				-		$morehtmlref = '<a href="'.DOL_URL_ROOT.'/user/vcard.php?id='.$object->id.'&output=file" class="refid">';
			
 
				+		$morehtmlref = '<a href="'.DOL_URL_ROOT.'/user/vcard.php?id='.$object->id.'&output=file&file='.urlencode(dol_sanitizeFileName($object->getFullName($langs).'.vcf')).'" class="refid" rel="noopener">';
			
 
				 		$morehtmlref .= img_picto($langs->trans("Download").' '.$langs->trans("VCard"), 'vcard.png', 'class="valignmiddle marginleftonly paddingrightonly"');
			
 
				 		$morehtmlref .= '</a>';
			
 
				 
			
--- a/htdocs/user/agenda_extsites.php
+++ b/htdocs/user/agenda_extsites.php
@@ -170,7 +170,7 @@ if ($user->rights->user->user->lire || $user->admin) {
 
				 	$linkback = '<a href="'.DOL_URL_ROOT.'/user/list.php?restore_lastsearch_values=1">'.$langs->trans("BackToList").'</a>';
			
 
				 }
			
 
				 
			
 
				-$morehtmlref = '<a href="'.DOL_URL_ROOT.'/user/vcard.php?id='.$object->id.'&output=file" class="refid">';
			
 
				+$morehtmlref = '<a href="'.DOL_URL_ROOT.'/user/vcard.php?id='.$object->id.'&output=file&file='.urlencode(dol_sanitizeFileName($object->getFullName($langs).'.vcf')).'" class="refid" rel="noopener">';
			
 
				 $morehtmlref .= img_picto($langs->trans("Download").' '.$langs->trans("VCard"), 'vcard.png', 'class="valignmiddle marginleftonly paddingrightonly"');
			
 
				 $morehtmlref .= '</a>';
			
 
				 
			
--- a/htdocs/user/bank.php
+++ b/htdocs/user/bank.php
@@ -350,7 +350,7 @@ if ($action != 'edit' && $action != 'create') {		// If not bank account yet, $ac
 
				 		$linkback = '<a href="'.DOL_URL_ROOT.'/user/list.php?restore_lastsearch_values=1">'.$langs->trans("BackToList").'</a>';
			
 
				 	}
			
 
				 
			
 
				-	$morehtmlref = '<a href="'.DOL_URL_ROOT.'/user/vcard.php?id='.$object->id.'&output=file" class="refid">';
			
 
				+	$morehtmlref = '<a href="'.DOL_URL_ROOT.'/user/vcard.php?id='.$object->id.'&output=file&file='.urlencode(dol_sanitizeFileName($object->getFullName($langs).'.vcf')).'" class="refid" rel="noopener">';
			
 
				 	$morehtmlref .= img_picto($langs->trans("Download").' '.$langs->trans("VCard"), 'vcard.png', 'class="valignmiddle marginleftonly paddingrightonly"');
			
 
				 	$morehtmlref .= '</a>';
			
 
				 
			
--- a/htdocs/user/card.php
+++ b/htdocs/user/card.php
@@ -1433,7 +1433,7 @@ if ($action == 'create' || $action == 'adduserldap') {
 
				 		if ($action != 'edit') {
			
 
				 			print dol_get_fiche_head($head, 'user', $title, -1, 'user');
			
 
				 
			
 
				-			$morehtmlref = '<a href="'.DOL_URL_ROOT.'/user/vcard.php?id='.$object->id.'&output=file&file='.urlencode($object->getFullName($langs).'.vcf').'" class="refid" rel="noopener">';
			
 
				+			$morehtmlref = '<a href="'.DOL_URL_ROOT.'/user/vcard.php?id='.$object->id.'&output=file&file='.urlencode(dol_sanitizeFileName($object->getFullName($langs).'.vcf')).'" class="refid" rel="noopener" rel="noopener">';
			
 
				 			$morehtmlref .= img_picto($langs->trans("Download").' '.$langs->trans("VCard").' ('.$langs->trans("AddToContacts").')', 'vcard.png', 'class="valignmiddle marginleftonly paddingrightonly"');
			
 
				 			$morehtmlref .= '</a>';
			
 
				 
			
--- a/htdocs/user/clicktodial.php
+++ b/htdocs/user/clicktodial.php
@@ -106,7 +106,7 @@ if ($id > 0) {
 
				 		$linkback = '<a href="'.DOL_URL_ROOT.'/user/list.php?restore_lastsearch_values=1">'.$langs->trans("BackToList").'</a>';
			
 
				 	}
			
 
				 
			
 
				-	$morehtmlref = '<a href="'.DOL_URL_ROOT.'/user/vcard.php?id='.$object->id.'&output=file" class="refid">';
			
 
				+	$morehtmlref = '<a href="'.DOL_URL_ROOT.'/user/vcard.php?id='.$object->id.'&output=file&file='.urlencode(dol_sanitizeFileName($object->getFullName($langs).'.vcf')).'" class="refid" rel="noopener">';
			
 
				 	$morehtmlref .= img_picto($langs->trans("Download").' '.$langs->trans("VCard"), 'vcard.png', 'class="valignmiddle marginleftonly paddingrightonly"');
			
 
				 	$morehtmlref .= '</a>';
			
 
				 
			
--- a/htdocs/user/document.php
+++ b/htdocs/user/document.php
@@ -152,7 +152,7 @@ if ($object->id) {
 
				 		$linkback = '<a href="'.DOL_URL_ROOT.'/user/list.php?restore_lastsearch_values=1">'.$langs->trans("BackToList").'</a>';
			
 
				 	}
			
 
				 
			
 
				-	$morehtmlref = '<a href="'.DOL_URL_ROOT.'/user/vcard.php?id='.$object->id.'&output=file" class="refid">';
			
 
				+	$morehtmlref = '<a href="'.DOL_URL_ROOT.'/user/vcard.php?id='.$object->id.'&output=file&file='.urlencode(dol_sanitizeFileName($object->getFullName($langs).'.vcf')).'" class="refid" rel="noopener">';
			
 
				 	$morehtmlref .= img_picto($langs->trans("Download").' '.$langs->trans("VCard"), 'vcard.png', 'class="valignmiddle marginleftonly paddingrightonly"');
			
 
				 	$morehtmlref .= '</a>';
			
 
				 
			
--- a/htdocs/user/info.php
+++ b/htdocs/user/info.php
@@ -80,7 +80,7 @@ if ($user->rights->user->user->lire || $user->admin) {
 
				 	$linkback = '<a href="'.DOL_URL_ROOT.'/user/list.php?restore_lastsearch_values=1">'.$langs->trans("BackToList").'</a>';
			
 
				 }
			
 
				 
			
 
				-$morehtmlref = '<a href="'.DOL_URL_ROOT.'/user/vcard.php?id='.$object->id.'&output=file" class="refid">';
			
 
				+$morehtmlref = '<a href="'.DOL_URL_ROOT.'/user/vcard.php?id='.$object->id.'&output=file&file='.urlencode(dol_sanitizeFileName($object->getFullName($langs).'.vcf')).'" class="refid" rel="noopener">';
			
 
				 $morehtmlref .= img_picto($langs->trans("Download").' '.$langs->trans("VCard"), 'vcard.png', 'class="valignmiddle marginleftonly paddingrightonly"');
			
 
				 $morehtmlref .= '</a>';
			
 
				 
			
--- a/htdocs/user/note.php
+++ b/htdocs/user/note.php
@@ -94,7 +94,7 @@ if ($id) {
 
				 		$linkback = '<a href="'.DOL_URL_ROOT.'/user/list.php?restore_lastsearch_values=1">'.$langs->trans("BackToList").'</a>';
			
 
				 	}
			
 
				 
			
 
				-	$morehtmlref = '<a href="'.DOL_URL_ROOT.'/user/vcard.php?id='.$object->id.'&output=file" class="refid">';
			
 
				+	$morehtmlref = '<a href="'.DOL_URL_ROOT.'/user/vcard.php?id='.$object->id.'&output=file&file='.urlencode(dol_sanitizeFileName($object->getFullName($langs).'.vcf')).'" class="refid" rel="noopener">';
			
 
				 	$morehtmlref .= img_picto($langs->trans("Download").' '.$langs->trans("VCard"), 'vcard.png', 'class="valignmiddle marginleftonly paddingrightonly"');
			
 
				 	$morehtmlref .= '</a>';
			
 
				 
			
--- a/htdocs/user/notify/card.php
+++ b/htdocs/user/notify/card.php
@@ -155,7 +155,7 @@ if ($result > 0) {
 
				 
			
 
				 	$linkback = '<a href="'.DOL_URL_ROOT.'/user/list.php?restore_lastsearch_values=1">'.$langs->trans("BackToList").'</a>';
			
 
				 
			
 
				-	$morehtmlref = '<a href="'.DOL_URL_ROOT.'/user/vcard.php?id='.$object->id.'&output=file" class="refid">';
			
 
				+	$morehtmlref = '<a href="'.DOL_URL_ROOT.'/user/vcard.php?id='.$object->id.'&output=file&file='.urlencode(dol_sanitizeFileName($object->getFullName($langs).'.vcf')).'" class="refid" rel="noopener">';
			
 
				 	$morehtmlref .= img_picto($langs->trans("Download").' '.$langs->trans("VCard"), 'vcard.png', 'class="valignmiddle marginleftonly paddingrightonly"');
			
 
				 	$morehtmlref .= '</a>';
			
 
				 
			
--- a/htdocs/user/param_ihm.php
+++ b/htdocs/user/param_ihm.php
@@ -343,7 +343,7 @@ if ($action == 'edit') {
 
				 
			
 
				 	$linkback = '<a href="'.DOL_URL_ROOT.'/user/list.php?restore_lastsearch_values=1">'.$langs->trans("BackToList").'</a>';
			
 
				 
			
 
				-	$morehtmlref = '<a href="'.DOL_URL_ROOT.'/user/vcard.php?id='.$object->id.'&output=file" class="refid">';
			
 
				+	$morehtmlref = '<a href="'.DOL_URL_ROOT.'/user/vcard.php?id='.$object->id.'&output=file&file='.urlencode(dol_sanitizeFileName($object->getFullName($langs).'.vcf')).'" class="refid" rel="noopener">';
			
 
				 	$morehtmlref .= img_picto($langs->trans("Download").' '.$langs->trans("VCard"), 'vcard.png', 'class="valignmiddle marginleftonly paddingrightonly"');
			
 
				 	$morehtmlref .= '</a>';
			
 
				 
			
--- a/htdocs/user/perms.php
+++ b/htdocs/user/perms.php
@@ -255,7 +255,7 @@ if ($user->hasRight("user", "user", "read") || $user->admin) {
 
				 	$linkback = '<a href="'.DOL_URL_ROOT.'/user/list.php?restore_lastsearch_values=1">'.$langs->trans("BackToList").'</a>';
			
 
				 }
			
 
				 
			
 
				-$morehtmlref = '<a href="'.DOL_URL_ROOT.'/user/vcard.php?id='.$object->id.'&output=file" class="refid">';
			
 
				+$morehtmlref = '<a href="'.DOL_URL_ROOT.'/user/vcard.php?id='.$object->id.'&output=file&file='.urlencode(dol_sanitizeFileName($object->getFullName($langs).'.vcf')).'" class="refid" rel="noopener">';
			
 
				 $morehtmlref .= img_picto($langs->trans("Download").' '.$langs->trans("VCard"), 'vcard.png', 'class="valignmiddle marginleftonly paddingrightonly"');
			
 
				 $morehtmlref .= '</a>';
			
 
				 
			
--- a/htdocs/user/virtualcard.php
+++ b/htdocs/user/virtualcard.php
@@ -114,7 +114,7 @@ if ($user->rights->user->user->lire || $user->admin) {
 
				 	$linkback = '<a href="'.DOL_URL_ROOT.'/user/list.php?restore_lastsearch_values=1">'.$langs->trans("BackToList").'</a>';
			
 
				 }
			
 
				 
			
 
				-$morehtmlref = '<a href="'.DOL_URL_ROOT.'/user/vcard.php?id='.$object->id.'&output=file" class="refid">';
			
 
				+$morehtmlref = '<a href="'.DOL_URL_ROOT.'/user/vcard.php?id='.$object->id.'&output=file&file='.urlencode(dol_sanitizeFileName($object->getFullName($langs).'.vcf')).'" class="refid" rel="noopener">';
			
 
				 $morehtmlref .= img_picto($langs->trans("Download").' '.$langs->trans("VCard"), 'vcard.png', 'class="valignmiddle marginleftonly paddingrightonly"');
			
 
				 $morehtmlref .= '</a>';