Преглед изворни кода

FIX sanitize param $action

Laurent Destailleur пре 6 година
родитељ
комит
c0f4ec5a3e
100 измењених фајлова са 115 додато и 111 уклоњено
  1. 1 1
      htdocs/accountancy/admin/accountmodel.php
  2. 1 1
      htdocs/accountancy/admin/categories_list.php
  3. 1 1
      htdocs/accountancy/admin/defaultaccounts.php
  4. 2 2
      htdocs/accountancy/admin/export.php
  5. 1 1
      htdocs/accountancy/admin/fiscalyear_card.php
  6. 1 1
      htdocs/accountancy/admin/index.php
  7. 1 1
      htdocs/accountancy/admin/journals_list.php
  8. 1 1
      htdocs/accountancy/admin/productaccount.php
  9. 1 1
      htdocs/accountancy/bookkeeping/balance.php
  10. 3 3
      htdocs/accountancy/bookkeeping/list.php
  11. 1 1
      htdocs/accountancy/bookkeeping/listbyaccount.php
  12. 1 1
      htdocs/accountancy/customer/card.php
  13. 1 1
      htdocs/accountancy/expensereport/card.php
  14. 1 1
      htdocs/accountancy/supplier/card.php
  15. 1 1
      htdocs/adherents/admin/adherent_extrafields.php
  16. 1 1
      htdocs/adherents/admin/adherent_type_extrafields.php
  17. 1 1
      htdocs/adherents/admin/website.php
  18. 1 1
      htdocs/admin/agenda_extrafields.php
  19. 1 1
      htdocs/admin/bank.php
  20. 1 1
      htdocs/admin/bank_extrafields.php
  21. 1 1
      htdocs/admin/dav.php
  22. 3 1
      htdocs/admin/emailcollector_card.php
  23. 1 1
      htdocs/admin/expedition_extrafields.php
  24. 1 1
      htdocs/admin/expeditiondet_extrafields.php
  25. 1 1
      htdocs/admin/expensereport_extrafields.php
  26. 1 1
      htdocs/admin/livraison_extrafields.php
  27. 1 1
      htdocs/admin/livraisondet_extrafields.php
  28. 1 1
      htdocs/admin/loan.php
  29. 1 1
      htdocs/admin/multicurrency.php
  30. 1 1
      htdocs/admin/oauth.php
  31. 1 1
      htdocs/admin/order_extrafields.php
  32. 1 1
      htdocs/admin/orderdet_extrafields.php
  33. 1 1
      htdocs/admin/resource.php
  34. 1 1
      htdocs/admin/resource_extrafields.php
  35. 1 1
      htdocs/admin/salaries.php
  36. 1 1
      htdocs/admin/supplier_invoice.php
  37. 1 1
      htdocs/admin/supplier_order.php
  38. 1 1
      htdocs/admin/supplierinvoice_extrafields.php
  39. 1 1
      htdocs/admin/supplierinvoicedet_extrafields.php
  40. 1 1
      htdocs/admin/supplierorder_extrafields.php
  41. 1 1
      htdocs/admin/supplierorderdet_extrafields.php
  42. 1 1
      htdocs/admin/ticket.php
  43. 1 1
      htdocs/admin/ticket_extrafields.php
  44. 1 1
      htdocs/admin/tools/listevents.php
  45. 1 1
      htdocs/admin/tools/listsessions.php
  46. 1 1
      htdocs/admin/workflow.php
  47. 1 1
      htdocs/asset/admin/assets_extrafields.php
  48. 1 1
      htdocs/asset/admin/assets_type_extrafields.php
  49. 1 1
      htdocs/asset/admin/setup.php
  50. 1 1
      htdocs/asset/card.php
  51. 1 1
      htdocs/asset/note.php
  52. 1 1
      htdocs/categories/admin/categorie_extrafields.php
  53. 1 1
      htdocs/comm/action/document.php
  54. 1 1
      htdocs/comm/admin/propal_extrafields.php
  55. 1 1
      htdocs/comm/admin/propaldet_extrafields.php
  56. 1 1
      htdocs/comm/index.php
  57. 1 1
      htdocs/comm/propal/card.php
  58. 1 1
      htdocs/commande/card.php
  59. 1 1
      htdocs/compta/bank/document.php
  60. 1 1
      htdocs/compta/bank/releve.php
  61. 1 1
      htdocs/compta/bank/various_payment/card.php
  62. 1 1
      htdocs/compta/facture/admin/facture_cust_extrafields.php
  63. 1 1
      htdocs/compta/facture/admin/facture_rec_cust_extrafields.php
  64. 1 1
      htdocs/compta/facture/admin/facturedet_cust_extrafields.php
  65. 1 1
      htdocs/compta/facture/admin/facturedet_rec_cust_extrafields.php
  66. 1 1
      htdocs/compta/facture/card.php
  67. 1 1
      htdocs/compta/index.php
  68. 1 1
      htdocs/compta/paiement/cheque/card.php
  69. 1 1
      htdocs/compta/paiement_charge.php
  70. 1 1
      htdocs/contrat/admin/contract_extrafields.php
  71. 1 1
      htdocs/contrat/admin/contractdet_extrafields.php
  72. 1 1
      htdocs/core/ajax/selectobject.php
  73. 3 2
      htdocs/core/lib/functions.lib.php
  74. 1 1
      htdocs/core/modules/oauth/github_oauthcallback.php
  75. 1 1
      htdocs/core/modules/oauth/google_oauthcallback.php
  76. 1 1
      htdocs/core/modules/oauth/stripetest_oauthcallback.php
  77. 2 2
      htdocs/core/tpl/commonfields_add.tpl.php
  78. 1 1
      htdocs/datapolicy/admin/setup.php
  79. 1 1
      htdocs/datapolicy/admin/setupmail.php
  80. 1 1
      htdocs/datapolicy/public/index.php
  81. 1 1
      htdocs/don/admin/donation_extrafields.php
  82. 8 8
      htdocs/emailcollector/class/emailcollector.class.php
  83. 1 1
      htdocs/exports/export.php
  84. 1 1
      htdocs/fichinter/admin/fichinter_extrafields.php
  85. 1 1
      htdocs/fichinter/admin/fichinterdet_extrafields.php
  86. 1 1
      htdocs/fichinter/card-rec.php
  87. 1 1
      htdocs/fourn/commande/contact.php
  88. 1 1
      htdocs/fourn/commande/orderstoinvoice.php
  89. 1 1
      htdocs/holiday/card.php
  90. 1 1
      htdocs/hrm/admin/admin_hrm.php
  91. 1 0
      htdocs/langs/en_US/admin.lang
  92. 1 1
      htdocs/livraison/card.php
  93. 1 1
      htdocs/modulebuilder/admin/setup.php
  94. 1 1
      htdocs/modulebuilder/template/admin/about.php
  95. 1 1
      htdocs/modulebuilder/template/admin/setup.php
  96. 1 1
      htdocs/modulebuilder/template/mymoduleindex.php
  97. 1 1
      htdocs/modulebuilder/template/myobject_agenda.php
  98. 1 1
      htdocs/modulebuilder/template/myobject_card.php
  99. 1 1
      htdocs/modulebuilder/template/myobject_note.php
  100. 1 1
      htdocs/product/admin/dynamic_prices.php

+ 1 - 1
htdocs/accountancy/admin/accountmodel.php

@@ -44,7 +44,7 @@ if (! empty($conf->accounting->enabled)) require_once DOL_DOCUMENT_ROOT . '/core
 // Load translation files required by the page
 $langs->loadLangs(array("errors","admin","companies","resource","holiday","compta","accountancy","hrm"));
 
-$action=GETPOST('action','alpha')?GETPOST('action','alpha'):'view';
+$action=GETPOST('action','aZ09')?GETPOST('action','aZ09'):'view';
 $confirm=GETPOST('confirm','alpha');
 $id=31;
 $rowid=GETPOST('rowid','alpha');

+ 1 - 1
htdocs/accountancy/admin/categories_list.php

@@ -34,7 +34,7 @@ require_once DOL_DOCUMENT_ROOT.'/core/class/html.formaccounting.class.php';
 // Load translation files required by the page
 $langs->loadLangs(array("errors","admin","companies","resource","holiday","accountancy","hrm"));
 
-$action=GETPOST('action','alpha')?GETPOST('action','alpha'):'view';
+$action=GETPOST('action','aZ09')?GETPOST('action','aZ09'):'view';
 $confirm=GETPOST('confirm','alpha');
 $id=32;
 $rowid=GETPOST('rowid','alpha');

+ 1 - 1
htdocs/accountancy/admin/defaultaccounts.php

@@ -43,7 +43,7 @@ if (empty($user->rights->accounting->chartofaccount))
 	accessforbidden();
 }
 
-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 
 
 $list_account_main = array (

+ 2 - 2
htdocs/accountancy/admin/export.php

@@ -41,8 +41,8 @@ if (empty($user->rights->accounting->chartofaccount))
 	accessforbidden();
 }
 
-$action = GETPOST('action', 'alpha');
-
+$action = GETPOST('action', 'aZ09');
+aZ09
 // Parameters ACCOUNTING_EXPORT_*
 $main_option = array (
     'ACCOUNTING_EXPORT_PREFIX_SPEC',

+ 1 - 1
htdocs/accountancy/admin/fiscalyear_card.php

@@ -38,7 +38,7 @@ if (empty($user->rights->accounting->fiscalyear))
 
 $error = 0;
 
-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $confirm = GETPOST('confirm', 'alpha');
 $id = GETPOST('id', 'int');
 

+ 1 - 1
htdocs/accountancy/admin/index.php

@@ -41,7 +41,7 @@ if (empty($user->rights->accounting->chartofaccount))
 	accessforbidden();
 }
 
-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 
 // Parameters ACCOUNTING_* and others
 $list = array (

+ 1 - 1
htdocs/accountancy/admin/journals_list.php

@@ -34,7 +34,7 @@ require_once DOL_DOCUMENT_ROOT.'/accountancy/class/accountingjournal.class.php';
 // Load translation files required by the page
 $langs->loadLangs(array("admin","compta","accountancy"));
 
-$action=GETPOST('action','alpha')?GETPOST('action','alpha'):'view';
+$action=GETPOST('action','aZ09')?GETPOST('action','aZ09'):'view';
 $confirm=GETPOST('confirm','alpha');
 $id=35;
 $rowid=GETPOST('rowid','alpha');

+ 1 - 1
htdocs/accountancy/admin/productaccount.php

@@ -45,7 +45,7 @@ if (! $user->rights->accounting->bind->write)
     accessforbidden();
 
 // search & action GETPOST
-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $codeventil_buy = GETPOST('codeventil_buy', 'array');
 $codeventil_sell = GETPOST('codeventil_sell', 'array');
 $chk_prod = GETPOST('chk_prod', 'array');

+ 1 - 1
htdocs/accountancy/bookkeeping/balance.php

@@ -41,7 +41,7 @@ $langs->loadLangs(array("accountancy"));
 $page = GETPOST("page");
 $sortorder = GETPOST("sortorder", 'alpha');
 $sortfield = GETPOST("sortfield", 'alpha');
-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 if (GETPOST("exportcsv",'alpha')) $action = 'export_csv';
 
 // Load variable for pagination

+ 3 - 3
htdocs/accountancy/bookkeeping/list.php

@@ -36,10 +36,10 @@ require_once DOL_DOCUMENT_ROOT . '/core/lib/date.lib.php';
 // Load translation files required by the page
 $langs->loadLangs(array("accountancy"));
 
-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $search_mvt_num = GETPOST('search_mvt_num', 'int');
-$search_doc_type = GETPOST("search_doc_type");
-$search_doc_ref = GETPOST("search_doc_ref");
+$search_doc_type = GETPOST("search_doc_type", 'alpha');
+$search_doc_ref = GETPOST("search_doc_ref", 'alpha');
 $search_date_start = dol_mktime(0, 0, 0, GETPOST('search_date_startmonth', 'int'), GETPOST('search_date_startday', 'int'), GETPOST('search_date_startyear', 'int'));
 $search_date_end = dol_mktime(0, 0, 0, GETPOST('search_date_endmonth', 'int'), GETPOST('search_date_endday', 'int'), GETPOST('search_date_endyear', 'int'));
 $search_doc_date = dol_mktime(0, 0, 0, GETPOST('doc_datemonth', 'int'), GETPOST('doc_dateday', 'int'), GETPOST('doc_dateyear', 'int'));

+ 1 - 1
htdocs/accountancy/bookkeeping/listbyaccount.php

@@ -40,7 +40,7 @@ $langs->loadLangs(array("accountancy"));
 $page = GETPOST("page");
 $sortorder = GETPOST("sortorder");
 $sortfield = GETPOST("sortfield");
-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $search_date_start = dol_mktime(0, 0, 0, GETPOST('search_date_startmonth', 'int'), GETPOST('search_date_startday', 'int'), GETPOST('search_date_startyear', 'int'));
 $search_date_end = dol_mktime(0, 0, 0, GETPOST('search_date_endmonth', 'int'), GETPOST('search_date_endday', 'int'), GETPOST('search_date_endyear', 'int'));
 $search_doc_date = dol_mktime(0, 0, 0, GETPOST('doc_datemonth', 'int'), GETPOST('doc_dateday', 'int'), GETPOST('doc_dateyear', 'int'));

+ 1 - 1
htdocs/accountancy/customer/card.php

@@ -30,7 +30,7 @@ require_once DOL_DOCUMENT_ROOT . '/core/class/html.formaccounting.class.php';
 // Load translation files required by the page
 $langs->loadLangs(array("bills","accountancy"));
 
-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $cancel = GETPOST('cancel', 'alpha');
 $backtopage = GETPOST('backtopage', 'alpha');
 

+ 1 - 1
htdocs/accountancy/expensereport/card.php

@@ -34,7 +34,7 @@ require_once DOL_DOCUMENT_ROOT . '/core/class/html.formaccounting.class.php';
 // Load translation files required by the page
 $langs->loadLangs(array("bills","accountancy","trips"));
 
-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $cancel = GETPOST('cancel', 'alpha');
 $backtopage = GETPOST('backtopage', 'alpha');
 

+ 1 - 1
htdocs/accountancy/supplier/card.php

@@ -34,7 +34,7 @@ require_once DOL_DOCUMENT_ROOT . '/core/class/html.formaccounting.class.php';
 // Load translation files required by the page
 $langs->loadLangs(array("bills","accountancy"));
 
-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $cancel = GETPOST('cancel', 'alpha');
 $backtopage = GETPOST('backtopage', 'alpha');
 

+ 1 - 1
htdocs/adherents/admin/adherent_extrafields.php

@@ -39,7 +39,7 @@ $tmptype2label=ExtraFields::$type2label;
 $type2label=array('');
 foreach ($tmptype2label as $key => $val) $type2label[$key]=$langs->transnoentitiesnoconv($val);
 
-$action=GETPOST('action', 'alpha');
+$action=GETPOST('action', 'aZ09');
 $attrname=GETPOST('attrname', 'alpha');
 $elementtype='adherent'; //Must be the $table_element of the class that manage extrafield
 

+ 1 - 1
htdocs/adherents/admin/adherent_type_extrafields.php

@@ -42,7 +42,7 @@ $tmptype2label=ExtraFields::$type2label;
 $type2label=array('');
 foreach ($tmptype2label as $key => $val) $type2label[$key]=$langs->transnoentitiesnoconv($val);
 
-$action=GETPOST('action', 'alpha');
+$action=GETPOST('action', 'aZ09');
 $attrname=GETPOST('attrname', 'alpha');
 $elementtype='adherent_type'; //Must be the $table_element of the class that manage extrafield
 

+ 1 - 1
htdocs/adherents/admin/website.php

@@ -34,7 +34,7 @@ require_once DOL_DOCUMENT_ROOT.'/adherents/class/adherent_type.class.php';
 // Load translation files required by the page
 $langs->loadLangs(array("admin","members"));
 
-$action=GETPOST('action', 'alpha');
+$action=GETPOST('action', 'aZ09');
 
 if (! $user->admin) accessforbidden();
 

+ 1 - 1
htdocs/admin/agenda_extrafields.php

@@ -45,7 +45,7 @@ $tmptype2label=ExtraFields::$type2label;
 $type2label=array('');
 foreach ($tmptype2label as $key => $val) $type2label[$key]=$langs->transnoentitiesnoconv($val);
 
-$action=GETPOST('action', 'alpha');
+$action=GETPOST('action', 'aZ09');
 $attrname=GETPOST('attrname', 'alpha');
 $elementtype='actioncomm'; //Must be the $table_element of the class that manage extrafield
 

+ 1 - 1
htdocs/admin/bank.php

@@ -37,7 +37,7 @@ $langs->loadLangs(array("admin","companies","bills","other","banks"));
 if (!$user->admin)
     accessforbidden();
 
-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $value = GETPOST('value', 'alpha');
 $label = GETPOST('label', 'alpha');
 $scandir = GETPOST('scan_dir', 'alpha');

+ 1 - 1
htdocs/admin/bank_extrafields.php

@@ -41,7 +41,7 @@ $tmptype2label=ExtraFields::$type2label;
 $type2label=array('');
 foreach ($tmptype2label as $key => $val) $type2label[$key]=$langs->transnoentitiesnoconv($val);
 
-$action=GETPOST('action', 'alpha');
+$action=GETPOST('action', 'aZ09');
 $attrname=GETPOST('attrname', 'alpha');
 $elementtype='bank_account';  //Must be the $element of the class that manage extrafield
 

+ 1 - 1
htdocs/admin/dav.php

@@ -32,7 +32,7 @@ if (!$user->admin)
     accessforbidden();
 
 // Parameters
-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $backtopage = GETPOST('backtopage', 'alpha');
 
 $arrayofparameters=array(

+ 3 - 1
htdocs/admin/emailcollector_card.php

@@ -41,7 +41,7 @@ $langs->loadLangs(array("admin", "other"));
 // Get parameters
 $id			= GETPOST('id', 'int');
 $ref        = GETPOST('ref', 'alpha');
-$action		= GETPOST('action', 'alpha');
+$action		= GETPOST('action', 'aZ09');
 $confirm    = GETPOST('confirm', 'alpha');
 $cancel     = GETPOST('cancel', 'aZ09');
 $contextpage= GETPOST('contextpage','aZ')?GETPOST('contextpage','aZ'):'myobjectcard';   // To manage different context of search
@@ -145,6 +145,8 @@ if ($action == 'create') {
 
 	print '<table class="border centpercent">'."\n";
 
+	//unset($fields[]);
+
 	// Common attributes
 	include DOL_DOCUMENT_ROOT . '/core/tpl/commonfields_add.tpl.php';
 

+ 1 - 1
htdocs/admin/expedition_extrafields.php

@@ -47,7 +47,7 @@ $tmptype2label=ExtraFields::$type2label;
 $type2label=array('');
 foreach ($tmptype2label as $key => $val) $type2label[$key]=$langs->transnoentitiesnoconv($val);
 
-$action=GETPOST('action', 'alpha');
+$action=GETPOST('action', 'aZ09');
 $attrname=GETPOST('attrname', 'alpha');
 $elementtype='expedition'; //Must be the $table_element of the class that manage extrafield
 

+ 1 - 1
htdocs/admin/expeditiondet_extrafields.php

@@ -48,7 +48,7 @@ $tmptype2label=ExtraFields::$type2label;
 $type2label=array('');
 foreach ($tmptype2label as $key => $val) $type2label[$key]=$langs->transnoentitiesnoconv($val);
 
-$action=GETPOST('action', 'alpha');
+$action=GETPOST('action', 'aZ09');
 $attrname=GETPOST('attrname', 'alpha');
 $elementtype='expeditiondet'; //Must be the $table_element of the class that manage extrafield
 

+ 1 - 1
htdocs/admin/expensereport_extrafields.php

@@ -44,7 +44,7 @@ $tmptype2label=ExtraFields::$type2label;
 $type2label=array('');
 foreach ($tmptype2label as $key => $val) $type2label[$key]=$langs->transnoentitiesnoconv($val);
 
-$action=GETPOST('action', 'alpha');
+$action=GETPOST('action', 'aZ09');
 $attrname=GETPOST('attrname', 'alpha');
 $elementtype='expensereport'; //Must be the $table_element of the class that manage extrafield
 

+ 1 - 1
htdocs/admin/livraison_extrafields.php

@@ -47,7 +47,7 @@ $tmptype2label=ExtraFields::$type2label;
 $type2label=array('');
 foreach ($tmptype2label as $key => $val) $type2label[$key]=$langs->transnoentitiesnoconv($val);
 
-$action=GETPOST('action', 'alpha');
+$action=GETPOST('action', 'aZ09');
 $attrname=GETPOST('attrname', 'alpha');
 $elementtype='livraison'; //Must be the $table_element of the class that manage extrafield
 

+ 1 - 1
htdocs/admin/livraisondet_extrafields.php

@@ -48,7 +48,7 @@ $tmptype2label=ExtraFields::$type2label;
 $type2label=array('');
 foreach ($tmptype2label as $key => $val) $type2label[$key]=$langs->transnoentitiesnoconv($val);
 
-$action=GETPOST('action', 'alpha');
+$action=GETPOST('action', 'aZ09');
 $attrname=GETPOST('attrname', 'alpha');
 $elementtype='livraisondet'; //Must be the $table_element of the class that manage extrafield
 

+ 1 - 1
htdocs/admin/loan.php

@@ -35,7 +35,7 @@ $langs->loadLangs(array('admin', 'loan'));
 if (!$user->admin)
     accessforbidden();
 
-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 
 // Other parameters LOAN_*
 $list = array (

+ 1 - 1
htdocs/admin/multicurrency.php

@@ -38,7 +38,7 @@ if (! $user->admin) {
 }
 
 // Parameters
-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 
 
 /*

+ 1 - 1
htdocs/admin/oauth.php

@@ -40,7 +40,7 @@ $langs->loadLangs(array('admin', 'oauth'));
 if (!$user->admin)
     accessforbidden();
 
-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 
 
 /*

+ 1 - 1
htdocs/admin/order_extrafields.php

@@ -45,7 +45,7 @@ $tmptype2label=ExtraFields::$type2label;
 $type2label=array('');
 foreach ($tmptype2label as $key => $val) $type2label[$key]=$langs->transnoentitiesnoconv($val);
 
-$action=GETPOST('action', 'alpha');
+$action=GETPOST('action', 'aZ09');
 $attrname=GETPOST('attrname', 'alpha');
 $elementtype='commande'; //Must be the $table_element of the class that manage extrafield
 

+ 1 - 1
htdocs/admin/orderdet_extrafields.php

@@ -46,7 +46,7 @@ $tmptype2label=ExtraFields::$type2label;
 $type2label=array('');
 foreach ($tmptype2label as $key => $val) $type2label[$key]=$langs->transnoentitiesnoconv($val);
 
-$action=GETPOST('action', 'alpha');
+$action=GETPOST('action', 'aZ09');
 $attrname=GETPOST('attrname', 'alpha');
 $elementtype='commandedet'; //Must be the $table_element of the class that manage extrafield
 

+ 1 - 1
htdocs/admin/resource.php

@@ -37,7 +37,7 @@ $langs->loadLangs(array("admin","resource"));
 if (!$user->admin)
     accessforbidden();
 
-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 
 
 /*

+ 1 - 1
htdocs/admin/resource_extrafields.php

@@ -44,7 +44,7 @@ $tmptype2label=ExtraFields::$type2label;
 $type2label=array('');
 foreach ($tmptype2label as $key => $val) $type2label[$key]=$langs->transnoentitiesnoconv($val);
 
-$action=GETPOST('action', 'alpha');
+$action=GETPOST('action', 'aZ09');
 $attrname=GETPOST('attrname', 'alpha');
 $elementtype='resource'; //Must be the $table_element of the class that manage extrafield
 

+ 1 - 1
htdocs/admin/salaries.php

@@ -35,7 +35,7 @@ $langs->loadLangs(array('admin', 'salaries'));
 if (!$user->admin)
     accessforbidden();
 
-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 
 // Other parameters SALARIES_*
 $list = array (

+ 1 - 1
htdocs/admin/supplier_invoice.php

@@ -42,7 +42,7 @@ accessforbidden();
 
 $type=GETPOST('type', 'alpha');
 $value=GETPOST('value', 'alpha');
-$action=GETPOST('action', 'alpha');
+$action=GETPOST('action', 'aZ09');
 $scandir = GETPOST('scan_dir','alpha');
 
 $specimenthirdparty=new Societe($db);

+ 1 - 1
htdocs/admin/supplier_order.php

@@ -43,7 +43,7 @@ accessforbidden();
 $type=GETPOST('type', 'alpha');
 $value=GETPOST('value', 'alpha');
 $label = GETPOST('label','alpha');
-$action=GETPOST('action', 'alpha');
+$action=GETPOST('action', 'aZ09');
 $scandir = GETPOST('scan_dir','alpha');
 
 $specimenthirdparty=new Societe($db);

+ 1 - 1
htdocs/admin/supplierinvoice_extrafields.php

@@ -45,7 +45,7 @@ $tmptype2label=ExtraFields::$type2label;
 $type2label=array('');
 foreach ($tmptype2label as $key => $val) $type2label[$key]=$langs->transnoentitiesnoconv($val);
 
-$action=GETPOST('action', 'alpha');
+$action=GETPOST('action', 'aZ09');
 $attrname=GETPOST('attrname', 'alpha');
 $elementtype='facture_fourn'; //Must be the $table_element of the class that manage extrafield
 

+ 1 - 1
htdocs/admin/supplierinvoicedet_extrafields.php

@@ -47,7 +47,7 @@ $tmptype2label=ExtraFields::$type2label;
 $type2label=array('');
 foreach ($tmptype2label as $key => $val) $type2label[$key]=$langs->transnoentitiesnoconv($val);
 
-$action=GETPOST('action', 'alpha');
+$action=GETPOST('action', 'aZ09');
 $attrname=GETPOST('attrname', 'alpha');
 $elementtype='facture_fourn_det'; //Must be the $table_element of the class that manage extrafield
 

+ 1 - 1
htdocs/admin/supplierorder_extrafields.php

@@ -45,7 +45,7 @@ $tmptype2label=ExtraFields::$type2label;
 $type2label=array('');
 foreach ($tmptype2label as $key => $val) $type2label[$key]=$langs->transnoentitiesnoconv($val);
 
-$action=GETPOST('action', 'alpha');
+$action=GETPOST('action', 'aZ09');
 $attrname=GETPOST('attrname', 'alpha');
 $elementtype='commande_fournisseur';  //Must be the $table_element of the class that manage extrafield
 

+ 1 - 1
htdocs/admin/supplierorderdet_extrafields.php

@@ -46,7 +46,7 @@ $tmptype2label=ExtraFields::$type2label;
 $type2label=array('');
 foreach ($tmptype2label as $key => $val) $type2label[$key]=$langs->transnoentitiesnoconv($val);
 
-$action=GETPOST('action', 'alpha');
+$action=GETPOST('action', 'aZ09');
 $attrname=GETPOST('attrname', 'alpha');
 $elementtype='commande_fournisseurdet';  //Must be the $table_element of the class that manage extrafield
 

+ 1 - 1
htdocs/admin/ticket.php

@@ -37,7 +37,7 @@ if (!$user->admin) {
 
 // Parameters
 $value = GETPOST('value', 'alpha');
-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $label = GETPOST('label', 'alpha');
 $scandir = GETPOST('scandir', 'alpha');
 $type = 'ticket';

+ 1 - 1
htdocs/admin/ticket_extrafields.php

@@ -39,7 +39,7 @@ foreach ($tmptype2label as $key => $val) {
     $type2label[$key] = $langs->trans($val);
 }
 
-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $attrname = GETPOST('attrname', 'alpha');
 $elementtype = 'ticket'; //Must be the $table_element of the class that manage extrafield
 

+ 1 - 1
htdocs/admin/tools/listevents.php

@@ -31,7 +31,7 @@ require_once DOL_DOCUMENT_ROOT.'/core/lib/date.lib.php';
 if (! $user->admin)
 	accessforbidden();
 
-$action=GETPOST('action', 'alpha');
+$action=GETPOST('action', 'aZ09');
 $confirm=GETPOST('confirm','alpha');
 
 // Security check

+ 1 - 1
htdocs/admin/tools/listsessions.php

@@ -31,7 +31,7 @@ $langs->loadLangs(array("companies","install","users","other"));
 if (! $user->admin)
 	accessforbidden();
 
-$action=GETPOST('action', 'alpha');
+$action=GETPOST('action', 'aZ09');
 $confirm=GETPOST('confirm', 'alpha');
 
 // Security check

+ 1 - 1
htdocs/admin/workflow.php

@@ -32,7 +32,7 @@ $langs->loadLangs(array("admin","workflow","propal","workflow","orders","supplie
 
 if (! $user->admin) accessforbidden();
 
-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 
 /*
  * Actions

+ 1 - 1
htdocs/asset/admin/assets_extrafields.php

@@ -37,7 +37,7 @@ $tmptype2label=ExtraFields::$type2label;
 $type2label=array('');
 foreach ($tmptype2label as $key => $val) $type2label[$key]=$langs->transnoentitiesnoconv($val);
 
-$action=GETPOST('action', 'alpha');
+$action=GETPOST('action', 'aZ09');
 $attrname=GETPOST('attrname', 'alpha');
 $elementtype='don'; //Must be the $table_element of the class that manage extrafield
 

+ 1 - 1
htdocs/asset/admin/assets_type_extrafields.php

@@ -36,7 +36,7 @@ $tmptype2label=ExtraFields::$type2label;
 $type2label=array('');
 foreach ($tmptype2label as $key => $val) $type2label[$key]=$langs->transnoentitiesnoconv($val);
 
-$action=GETPOST('action', 'alpha');
+$action=GETPOST('action', 'aZ09');
 $attrname=GETPOST('attrname', 'alpha');
 $elementtype='adherent_type'; //Must be the $table_element of the class that manage extrafield
 

+ 1 - 1
htdocs/asset/admin/setup.php

@@ -35,7 +35,7 @@ $langs->loadLangs(array("admin", "assets"));
 if (! $user->admin) accessforbidden();
 
 // Parameters
-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $backtopage = GETPOST('backtopage', 'alpha');
 
 $arrayofparameters=array('FIXEDASSETS_MYPARAM1'=>array('css'=>'minwidth200'), 'FIXEDASSETS_MYPARAM2'=>array('css'=>'minwidth500'));

+ 1 - 1
htdocs/asset/card.php

@@ -34,7 +34,7 @@ $langs->loadLangs(array("asset"));
 // Get parameters
 $id         = GETPOST('id', 'int');
 $ref        = GETPOST('ref', 'alpha');
-$action     = GETPOST('action', 'alpha');
+$action     = GETPOST('action', 'aZ09');
 $cancel     = GETPOST('cancel', 'aZ09');
 $backtopage = GETPOST('backtopage', 'alpha');
 

+ 1 - 1
htdocs/asset/note.php

@@ -32,7 +32,7 @@ $langs->loadLangs(array("asset","companies"));
 // Get parameters
 $id			= GETPOST('id', 'int');
 $ref        = GETPOST('ref', 'alpha');
-$action		= GETPOST('action', 'alpha');
+$action		= GETPOST('action', 'aZ09');
 $cancel     = GETPOST('cancel', 'aZ09');
 $backtopage = GETPOST('backtopage', 'alpha');
 

+ 1 - 1
htdocs/categories/admin/categorie_extrafields.php

@@ -39,7 +39,7 @@ $tmptype2label=ExtraFields::$type2label;
 $type2label=array('');
 foreach ($tmptype2label as $key => $val) $type2label[$key]=$langs->transnoentitiesnoconv($val);
 
-$action=GETPOST('action', 'alpha');
+$action=GETPOST('action', 'aZ09');
 $attrname=GETPOST('attrname', 'alpha');
 $elementtype='categorie'; //Must be the $element of the class that manage extrafield
 

+ 1 - 1
htdocs/comm/action/document.php

@@ -40,7 +40,7 @@ if (! empty($conf->projet->enabled)) require_once DOL_DOCUMENT_ROOT.'/projet/cla
 $langs->loadLangs(array('companies', 'commercial', 'other', 'bills'));
 
 $id = GETPOST('id', 'int');
-$action=GETPOST('action', 'alpha');
+$action=GETPOST('action', 'aZ09');
 $confirm = GETPOST('confirm', 'alpha');
 
 // Security check

+ 1 - 1
htdocs/comm/admin/propal_extrafields.php

@@ -39,7 +39,7 @@ $tmptype2label=ExtraFields::$type2label;
 $type2label=array('');
 foreach ($tmptype2label as $key => $val) $type2label[$key]=$langs->transnoentitiesnoconv($val);
 
-$action=GETPOST('action', 'alpha');
+$action=GETPOST('action', 'aZ09');
 $attrname=GETPOST('attrname', 'alpha');
 $elementtype='propal'; //Must be the $table_element of the class that manage extrafield
 

+ 1 - 1
htdocs/comm/admin/propaldet_extrafields.php

@@ -46,7 +46,7 @@ $tmptype2label=ExtraFields::$type2label;
 $type2label=array('');
 foreach ($tmptype2label as $key => $val) $type2label[$key]=$langs->transnoentitiesnoconv($val);
 
-$action=GETPOST('action', 'alpha');
+$action=GETPOST('action', 'aZ09');
 $attrname=GETPOST('attrname', 'alpha');
 
 $elementtype='propaldet'; //Must be the $table_element of the class that manage extrafield

+ 1 - 1
htdocs/comm/index.php

@@ -40,7 +40,7 @@ if (! $user->rights->societe->lire) accessforbidden();
 // Load translation files required by the page
 $langs->loadLangs(array("commercial", "propal"));
 
-$action=GETPOST('action', 'alpha');
+$action=GETPOST('action', 'aZ09');
 $bid=GETPOST('bid', 'int');
 
 // Securite acces client

+ 1 - 1
htdocs/comm/propal/card.php

@@ -68,7 +68,7 @@ $error = 0;
 $id = GETPOST('id', 'int');
 $ref = GETPOST('ref', 'alpha');
 $socid = GETPOST('socid', 'int');
-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $cancel = GETPOST('cancel', 'alpha');
 $origin = GETPOST('origin', 'alpha');
 $originid = GETPOST('originid', 'int');

+ 1 - 1
htdocs/commande/card.php

@@ -66,7 +66,7 @@ if (! empty($conf->productbatch->enabled)) $langs->load("productbatch");
 $id = (GETPOST('id', 'int') ? GETPOST('id', 'int') : GETPOST('orderid', 'int'));
 $ref = GETPOST('ref', 'alpha');
 $socid = GETPOST('socid', 'int');
-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $cancel = GETPOST('cancel', 'alpha');
 $confirm = GETPOST('confirm', 'alpha');
 $lineid = GETPOST('lineid', 'int');

+ 1 - 1
htdocs/compta/bank/document.php

@@ -36,7 +36,7 @@ $langs->loadLangs(array('banks', 'companies', 'other'));
 
 $id = (GETPOST('id', 'int') ? GETPOST('id', 'int') : GETPOST('account', 'int'));
 $ref = GETPOST('ref', 'alpha');
-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $confirm = GETPOST('confirm', 'alpha');
 
 $mesg = '';

+ 1 - 1
htdocs/compta/bank/releve.php

@@ -44,7 +44,7 @@ require_once DOL_DOCUMENT_ROOT.'/core/lib/functions.lib.php';
 // Load translation files required by the page
 $langs->loadLangs(array("banks","categories","companies","bills","trips"));
 
-$action=GETPOST('action', 'alpha');
+$action=GETPOST('action', 'aZ09');
 $id=GETPOST('account','int');
 $ref=GETPOST('ref','alpha');
 $dvid=GETPOST('dvid','alpha');

+ 1 - 1
htdocs/compta/bank/various_payment/card.php

@@ -41,7 +41,7 @@ $langs->loadLangs(array("compta", "banks", "bills", "users", "accountancy"));
 
 // Get parameters
 $id			= GETPOST('id', 'int');
-$action		= GETPOST('action', 'alpha');
+$action		= GETPOST('action', 'aZ09');
 $cancel		= GETPOST('cancel', 'aZ09');
 $backtopage	= GETPOST('backtopage', 'alpha');
 

+ 1 - 1
htdocs/compta/facture/admin/facture_cust_extrafields.php

@@ -40,7 +40,7 @@ $tmptype2label=ExtraFields::$type2label;
 $type2label=array('');
 foreach ($tmptype2label as $key => $val) $type2label[$key]=$langs->transnoentitiesnoconv($val);
 
-$action=GETPOST('action', 'alpha');
+$action=GETPOST('action', 'aZ09');
 $attrname=GETPOST('attrname', 'alpha');
 $elementtype='facture'; //Must be the $table_element of the class that manage extrafield
 

+ 1 - 1
htdocs/compta/facture/admin/facture_rec_cust_extrafields.php

@@ -41,7 +41,7 @@ $tmptype2label=ExtraFields::$type2label;
 $type2label=array('');
 foreach ($tmptype2label as $key => $val) $type2label[$key]=$langs->transnoentitiesnoconv($val);
 
-$action=GETPOST('action', 'alpha');
+$action=GETPOST('action', 'aZ09');
 $attrname=GETPOST('attrname', 'alpha');
 $elementtype='facture_rec'; //Must be the $table_element of the class that manage extrafield
 

+ 1 - 1
htdocs/compta/facture/admin/facturedet_cust_extrafields.php

@@ -41,7 +41,7 @@ $tmptype2label=ExtraFields::$type2label;
 $type2label=array('');
 foreach ($tmptype2label as $key => $val) $type2label[$key]=$langs->transnoentitiesnoconv($val);
 
-$action=GETPOST('action', 'alpha');
+$action=GETPOST('action', 'aZ09');
 $attrname=GETPOST('attrname', 'alpha');
 $elementtype='facturedet'; //Must be the $table_element of the class that manage extrafield
 

+ 1 - 1
htdocs/compta/facture/admin/facturedet_rec_cust_extrafields.php

@@ -41,7 +41,7 @@ $tmptype2label=ExtraFields::$type2label;
 $type2label=array('');
 foreach ($tmptype2label as $key => $val) $type2label[$key]=$langs->transnoentitiesnoconv($val);
 
-$action=GETPOST('action', 'alpha');
+$action=GETPOST('action', 'aZ09');
 $attrname=GETPOST('attrname', 'alpha');
 $elementtype='facturedet_rec'; //Must be the $table_element of the class that manage extrafield
 

+ 1 - 1
htdocs/compta/facture/card.php

@@ -75,7 +75,7 @@ $projectid = (GETPOST('projectid','int') ? GETPOST('projectid', 'int') : 0);
 $id = (GETPOST('id', 'int') ? GETPOST('id', 'int') : GETPOST('facid', 'int')); // For backward compatibility
 $ref = GETPOST('ref', 'alpha');
 $socid = GETPOST('socid', 'int');
-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $confirm = GETPOST('confirm', 'alpha');
 $cancel = GETPOST('cancel', 'alpha');
 $lineid = GETPOST('lineid', 'int');

+ 1 - 1
htdocs/compta/index.php

@@ -50,7 +50,7 @@ $langs->loadLangs(array('compta', 'bills'));
 if (! empty($conf->commande->enabled))
 	$langs->load("orders");
 
-$action=GETPOST('action', 'alpha');
+$action=GETPOST('action', 'aZ09');
 $bid=GETPOST('bid', 'int');
 
 // Security check

+ 1 - 1
htdocs/compta/paiement/cheque/card.php

@@ -38,7 +38,7 @@ $langs->loadLangs(array('banks', 'categories', 'bills', 'companies', 'compta'));
 
 $id =GETPOST('id','int');
 $ref=GETPOST('ref', 'alpha');
-$action=GETPOST('action', 'alpha');
+$action=GETPOST('action', 'aZ09');
 $confirm=GETPOST('confirm', 'alpha');
 
 // Security check

+ 1 - 1
htdocs/compta/paiement_charge.php

@@ -31,7 +31,7 @@ require_once DOL_DOCUMENT_ROOT.'/compta/bank/class/account.class.php';
 $langs->load("bills");
 
 $chid=GETPOST("id", 'int');
-$action=GETPOST('action', 'alpha');
+$action=GETPOST('action', 'aZ09');
 $amounts = array();
 
 // Security check

+ 1 - 1
htdocs/contrat/admin/contract_extrafields.php

@@ -42,7 +42,7 @@ $tmptype2label=ExtraFields::$type2label;
 $type2label=array('');
 foreach ($tmptype2label as $key => $val) $type2label[$key]=$langs->transnoentitiesnoconv($val);
 
-$action=GETPOST('action', 'alpha');
+$action=GETPOST('action', 'aZ09');
 $attrname=GETPOST('attrname', 'alpha');
 $elementtype='contrat';  //Must be the $element of the class that manage extrafield
 

+ 1 - 1
htdocs/contrat/admin/contractdet_extrafields.php

@@ -42,7 +42,7 @@ $tmptype2label=ExtraFields::$type2label;
 $type2label=array('');
 foreach ($tmptype2label as $key => $val) $type2label[$key]=$langs->transnoentitiesnoconv($val);
 
-$action=GETPOST('action', 'alpha');
+$action=GETPOST('action', 'aZ09');
 $attrname=GETPOST('attrname', 'alpha');
 $elementtype='contratdet';  //Must be the $element of the class that manage extrafield
 

+ 1 - 1
htdocs/core/ajax/selectobject.php

@@ -33,7 +33,7 @@ $objectdesc=GETPOST('objectdesc', 'alpha');
 $htmlname=GETPOST('htmlname', 'aZ09');
 $sqlfilter=GETPOST('sqlfilter', 'alpha');
 $outjson=(GETPOST('outjson', 'int') ? GETPOST('outjson', 'int') : 0);
-$action=GETPOST('action', 'alpha');
+$action=GETPOST('action', 'aZ09');
 $id=GETPOST('id', 'int');
 
 

+ 3 - 2
htdocs/core/lib/functions.lib.php

@@ -6811,18 +6811,19 @@ function dol_getIdFromCode($db, $key, $tablename, $fieldkey='code', $fieldid='id
  * Verify if condition in string is ok or not
  *
  * @param 	string		$strRights		String with condition to check
- * @return 	boolean						True or False. Return true if strRights is ''
+ * @return 	boolean						True or False. Return True if strRights is ''
  */
 function verifCond($strRights)
 {
 	global $user,$conf,$langs;
-	global $leftmenu;
+	global $action,$leftmenu;
 	global $rights;    // To export to dol_eval function
 
 	//print $strRights."<br>\n";
 	$rights = true;
 	if ($strRights != '')
 	{
+		$action = preg_replace('/[a-zA-Z0-9_')
 		//$tab_rights = explode('&&', $strRights);
 		//$i = 0;
 		//while (($i < count($tab_rights)) && ($rights == true)) {

+ 1 - 1
htdocs/core/modules/oauth/github_oauthcallback.php

@@ -35,7 +35,7 @@ $urlwithroot=$urlwithouturlroot.DOL_URL_ROOT;		// This is to use external domain
 
 
 
-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $backtourl = GETPOST('backtourl', 'alpha');
 
 

+ 1 - 1
htdocs/core/modules/oauth/google_oauthcallback.php

@@ -35,7 +35,7 @@ $urlwithroot=$urlwithouturlroot.DOL_URL_ROOT;		// This is to use external domain
 
 
 
-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $backtourl = GETPOST('backtourl', 'alpha');
 
 

+ 1 - 1
htdocs/core/modules/oauth/stripetest_oauthcallback.php

@@ -35,7 +35,7 @@ $urlwithroot=$urlwithouturlroot.DOL_URL_ROOT;		// This is to use external domain
 
 
 
-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $backtourl = GETPOST('backtourl', 'alpha');
 
 

+ 2 - 2
htdocs/core/tpl/commonfields_add.tpl.php

@@ -40,8 +40,8 @@ foreach($object->fields as $key => $val)
 	// Discard if extrafield is a hidden field on form
 	if (abs($val['visible']) != 1) continue;
 
-	if (array_key_exists('enabled', $val) && isset($val['enabled']) && ! $val['enabled']) continue;	// We don't want this field
-
+	if (array_key_exists('enabled', $val) && isset($val['enabled']) && ! verifCond($val['enabled'])) continue;	// We don't want this field
+	var_dump($val['enabled']);
 	print '<tr id="field_'.$key.'">';
 	print '<td';
 	print ' class="titlefieldcreate';

+ 1 - 1
htdocs/datapolicy/admin/setup.php

@@ -37,7 +37,7 @@ $langs->load('datapolicy@datapolicy');
 if (! $user->admin) accessforbidden();
 
 // Parameters
-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $backtopage = GETPOST('backtopage', 'alpha');
 
 $arrayofparameters=array(

+ 1 - 1
htdocs/datapolicy/admin/setupmail.php

@@ -29,7 +29,7 @@ $langs->loadLangs(array('admin', 'companies', 'members', 'datapolicy'));
 
 
 // Parameters
-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $backtopage = GETPOST('backtopage', 'alpha');
 $formadmin = new FormAdmin($db);
 

+ 1 - 1
htdocs/datapolicy/public/index.php

@@ -39,7 +39,7 @@ dol_include_once('/datapolicy/class/datapolicy.class.php');
 $idc = GETPOST('c', 'int');
 $ids = GETPOST('s', 'int');
 $ida = GETPOST('a', 'int');
-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $lang = GETPOST('l', 'alpha');
 $code = GETPOST('key', 'alpha');
 

+ 1 - 1
htdocs/don/admin/donation_extrafields.php

@@ -37,7 +37,7 @@ $tmptype2label=ExtraFields::$type2label;
 $type2label=array('');
 foreach ($tmptype2label as $key => $val) $type2label[$key]=$langs->transnoentitiesnoconv($val);
 
-$action=GETPOST('action', 'alpha');
+$action=GETPOST('action', 'aZ09');
 $attrname=GETPOST('attrname', 'alpha');
 $elementtype='don'; //Must be the $table_element of the class that manage extrafield
 

+ 8 - 8
htdocs/emailcollector/class/emailcollector.class.php

@@ -79,18 +79,18 @@ class EmailCollector extends CommonObject
 	public $fields=array(
 	    'rowid'         => array('type'=>'integer', 'label'=>'TechnicalID','visible'=>2, 'enabled'=>1, 'position'=>1, 'notnull'=>1, 'index'=>1),
 		'entity'        =>array('type'=>'integer',      'label'=>'Entity',           'enabled'=>1, 'visible'=>0,  'default'=>1, 'notnull'=>1,  'index'=>1, 'position'=>20),
-		'ref'           =>array('type'=>'varchar(128)', 'label'=>'Ref',              'enabled'=>1, 'visible'=>1,  'notnull'=>1,  'showoncombobox'=>1, 'index'=>1, 'position'=>10, 'searchall'=>1),
-		'label'         => array('type'=>'varchar(255)', 'label'=>'Label', 'visible'=>1, 'enabled'=>1, 'position'=>30, 'notnull'=>-1, 'searchall'=>1),
-		'description'   => array('type'=>'text', 'label'=>'Description', 'visible'=>-1, 'enabled'=>1, 'position'=>60, 'notnull'=>-1, 'searchall'=>1),
-		'host'          => array('type'=>'varchar(255)', 'label'=>'EMailHost', 'visible'=>1, 'enabled'=>1, 'position'=>100, 'notnull'=>1, 'searchall'=>1, 'comment'=>"IMPA server",),
-		'user'          => array('type'=>'varchar(128)', 'label'=>'User', 'visible'=>1, 'enabled'=>1, 'position'=>101, 'notnull'=>1, 'index'=>1, 'comment'=>"IMAP login",),
-		'password'      => array('type'=>'password', 'label'=>'Password', 'visible'=>-1, 'enabled'=>1, 'position'=>102, 'notnull'=>1, 'comment'=>"IMAP password",),
+		'ref'           =>array('type'=>'varchar(128)', 'label'=>'Ref',              'enabled'=>1, 'visible'=>1,  'notnull'=>1,  'showoncombobox'=>1, 'index'=>1, 'position'=>10, 'searchall'=>1, 'help'=>'Example: MyCollector1'),
+		'label'         => array('type'=>'varchar(255)', 'label'=>'Label', 'visible'=>1, 'enabled'=>1, 'position'=>30, 'notnull'=>-1, 'searchall'=>1, 'help'=>'Example: My Email collector'),
+		'description'   => array('type'=>'text', 'label'=>'Description', 'visible'=>-1, 'enabled'=>1, 'position'=>60, 'notnull'=>-1),
+		'host'          => array('type'=>'varchar(255)', 'label'=>'EMailHost', 'visible'=>1, 'enabled'=>1, 'position'=>100, 'notnull'=>1, 'searchall'=>1, 'comment'=>"IMAP server", 'help'=>'Example: imap.gmail.com'),
+		'user'          => array('type'=>'varchar(128)', 'label'=>'User', 'visible'=>1, 'enabled'=>1, 'position'=>101, 'notnull'=>1, 'index'=>1, 'comment'=>"IMAP login", 'help'=>'Example: myacount@gmail.com'),
+		'password'      => array('type'=>'password', 'label'=>'Password', 'visible'=>-1, 'enabled'=>1, 'position'=>102, 'notnull'=>1, 'comment'=>"IMAP password"),
 		'source_directory' => array('type'=>'varchar(255)', 'label'=>'MailboxSourceDirectory', 'visible'=>-1, 'enabled'=>1, 'position'=>103, 'notnull'=>1, 'default' => 'Inbox'),
 		//'filter'		=> array('type'=>'text', 'label'=>'Filter', 'visible'=>1, 'enabled'=>1, 'position'=>105),
 		//'actiontodo'	=> array('type'=>'varchar(255)', 'label'=>'ActionToDo', 'visible'=>1, 'enabled'=>1, 'position'=>106),
 		'target_directory' => array('type'=>'varchar(255)', 'label'=>'MailboxTargetDirectory', 'visible'=>1, 'enabled'=>1, 'position'=>110, 'notnull'=>0, 'comment'=>"Where to store messages once processed"),
-		'datelastresult' => array('type'=>'datetime', 'label'=>'DateLastResult', 'visible'=>-2, 'enabled'=>1, 'position'=>121, 'notnull'=>-1,),
-		'lastresult'    => array('type'=>'varchar(255)', 'label'=>'LastResult', 'visible'=>1, 'enabled'=>1, 'position'=>122, 'notnull'=>-1,),
+		'datelastresult' => array('type'=>'datetime', 'label'=>'DateLastResult', 'visible'=>1, 'enabled'=>'$action != "create"', 'position'=>121, 'notnull'=>-1,),
+		'lastresult'    => array('type'=>'varchar(255)', 'label'=>'LastResult', 'visible'=>1, 'enabled'=>'$action != "create"', 'position'=>122, 'notnull'=>-1,),
 		'note_public'   => array('type'=>'html', 'label'=>'NotePublic', 'visible'=>0, 'enabled'=>1, 'position'=>61, 'notnull'=>-1,),
 		'note_private'  => array('type'=>'html', 'label'=>'NotePrivate', 'visible'=>0, 'enabled'=>1, 'position'=>62, 'notnull'=>-1,),
 		'date_creation' => array('type'=>'datetime', 'label'=>'DateCreation', 'visible'=>-2, 'enabled'=>1, 'position'=>500, 'notnull'=>1,),

+ 1 - 1
htdocs/exports/export.php

@@ -124,7 +124,7 @@ $entitytolang = array(
 $array_selected=isset($_SESSION["export_selected_fields"])?$_SESSION["export_selected_fields"]:array();
 $array_filtervalue=isset($_SESSION["export_filtered_fields"])?$_SESSION["export_filtered_fields"]:array();
 $datatoexport=GETPOST("datatoexport");
-$action=GETPOST('action', 'alpha');
+$action=GETPOST('action', 'aZ09');
 $confirm=GETPOST('confirm', 'alpha');
 $step=GETPOST("step")?GETPOST("step"):1;
 $export_name=GETPOST("export_name");

+ 1 - 1
htdocs/fichinter/admin/fichinter_extrafields.php

@@ -41,7 +41,7 @@ $tmptype2label=ExtraFields::$type2label;
 $type2label=array('');
 foreach ($tmptype2label as $key => $val) $type2label[$key]=$langs->transnoentitiesnoconv($val);
 
-$action=GETPOST('action', 'alpha');
+$action=GETPOST('action', 'aZ09');
 $attrname=GETPOST('attrname', 'alpha');
 $elementtype='fichinter';  //Must be the $element of the class that manage extrafield
 

+ 1 - 1
htdocs/fichinter/admin/fichinterdet_extrafields.php

@@ -41,7 +41,7 @@ $tmptype2label=ExtraFields::$type2label;
 $type2label=array('');
 foreach ($tmptype2label as $key => $val) $type2label[$key]=$langs->transnoentitiesnoconv($val);
 
-$action=GETPOST('action', 'alpha');
+$action=GETPOST('action', 'aZ09');
 $attrname=GETPOST('attrname', 'alpha');
 $elementtype='fichinterdet';  //Must be the $element of the class that manage extrafield
 

+ 1 - 1
htdocs/fichinter/card-rec.php

@@ -51,7 +51,7 @@ $langs->loadLangs(array("interventions","admin","compta","bills"));
 
 // Security check
 $id=(GETPOST('fichinterid', 'int')?GETPOST('fichinterid', 'int'):GETPOST('id', 'int'));
-$action=GETPOST('action', 'alpha');
+$action=GETPOST('action', 'aZ09');
 if ($user->societe_id) $socid=$user->societe_id;
 $objecttype = 'fichinter_rec';
 if ($action == "create" || $action == "add") $objecttype = '';

+ 1 - 1
htdocs/fourn/commande/contact.php

@@ -38,7 +38,7 @@ $langs->loadLangs(array("facture","orders","sendings","companies"));
 
 $id		= GETPOST('id', 'int');
 $ref	= GETPOST('ref', 'alpha');
-$action	= GETPOST('action', 'alpha');
+$action	= GETPOST('action', 'aZ09');
 
 // Security check
 if ($user->societe_id) $socid=$user->societe_id;

+ 1 - 1
htdocs/fourn/commande/orderstoinvoice.php

@@ -49,7 +49,7 @@ if (! $user->rights->fournisseur->facture->creer)
 
 $id = (GETPOST('id') ? GETPOST('id', 'int') : GETPOST("facid")); // For backward compatibility
 $ref = GETPOST('ref', 'alpha');
-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $confirm = GETPOST('confirm', 'alpha');
 $sref = GETPOST('sref');
 $sref_client = GETPOST('sref_client');

+ 1 - 1
htdocs/holiday/card.php

@@ -39,7 +39,7 @@ require_once DOL_DOCUMENT_ROOT.'/core/lib/holiday.lib.php';
 require_once DOL_DOCUMENT_ROOT.'/holiday/common.inc.php';
 
 // Get parameters
-$action=GETPOST('action', 'alpha');
+$action=GETPOST('action', 'aZ09');
 $id=GETPOST('id', 'int');
 $ref=GETPOST('ref', 'alpha');
 $fuserid = (GETPOST('fuserid','int')?GETPOST('fuserid','int'):$user->id);

+ 1 - 1
htdocs/hrm/admin/admin_hrm.php

@@ -30,7 +30,7 @@ $langs->loadLangs(array('admin', 'hrm'));
 if (! $user->admin)
 	accessforbidden();
 
-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 
 // Other parameters HRM_*
 $list = array (

+ 1 - 0
htdocs/langs/en_US/admin.lang

@@ -1820,6 +1820,7 @@ EMailHost=Host of email IMAP server
 MailboxSourceDirectory=Mailbox source directory
 MailboxTargetDirectory=Mailbox target directory
 CollectNow=Collect now
+DateLastResult=Date last collect
 LastResult=Last result
 ##### Resource ####
 ResourceSetup=Configuration du module Resource

+ 1 - 1
htdocs/livraison/card.php

@@ -50,7 +50,7 @@ $langs->loadLangs(array("sendings","bills",'deliveries','orders'));
 
 if (!empty($conf->incoterm->enabled)) $langs->load('incoterm');
 
-$action=GETPOST('action', 'alpha');
+$action=GETPOST('action', 'aZ09');
 $confirm=GETPOST('confirm', 'alpha');
 $backtopage=GETPOST('backtopage','alpha');
 

+ 1 - 1
htdocs/modulebuilder/admin/setup.php

@@ -29,7 +29,7 @@ $langs->loadLangs(array("admin", "other", "modulebuilder"));
 if (!$user->admin || empty($conf->modulebuilder->enabled))
     accessforbidden();
 
-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $backtopage = GETPOST('backtopage', 'alpha');
 
 /*

+ 1 - 1
htdocs/modulebuilder/template/admin/about.php

@@ -48,7 +48,7 @@ $langs->loadLangs(array("errors","admin","mymodule@mymodule"));
 if (! $user->admin) accessforbidden();
 
 // Parameters
-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $backtopage = GETPOST('backtopage', 'alpha');
 
 

+ 1 - 1
htdocs/modulebuilder/template/admin/setup.php

@@ -50,7 +50,7 @@ $langs->loadLangs(array("admin", "mymodule@mymodule"));
 if (! $user->admin) accessforbidden();
 
 // Parameters
-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $backtopage = GETPOST('backtopage', 'alpha');
 
 $arrayofparameters=array(

+ 1 - 1
htdocs/modulebuilder/template/mymoduleindex.php

@@ -44,7 +44,7 @@ require_once DOL_DOCUMENT_ROOT.'/core/class/html.formfile.class.php';
 // Load translation files required by the page
 $langs->loadLangs(array("mymodule@mymodule"));
 
-$action=GETPOST('action', 'alpha');
+$action=GETPOST('action', 'aZ09');
 
 
 // Securite acces client

+ 1 - 1
htdocs/modulebuilder/template/myobject_agenda.php

@@ -50,7 +50,7 @@ $langs->loadLangs(array("mymodule@mymodule","other"));
 // Get parameters
 $id			= GETPOST('id', 'int');
 $ref        = GETPOST('ref', 'alpha');
-$action		= GETPOST('action', 'alpha');
+$action		= GETPOST('action', 'aZ09');
 $cancel     = GETPOST('cancel', 'aZ09');
 $backtopage = GETPOST('backtopage', 'alpha');
 

+ 1 - 1
htdocs/modulebuilder/template/myobject_card.php

@@ -68,7 +68,7 @@ $langs->loadLangs(array("mymodule@mymodule","other"));
 // Get parameters
 $id			= GETPOST('id', 'int');
 $ref        = GETPOST('ref', 'alpha');
-$action		= GETPOST('action', 'alpha');
+$action		= GETPOST('action', 'aZ09');
 $confirm    = GETPOST('confirm', 'alpha');
 $cancel     = GETPOST('cancel', 'aZ09');
 $contextpage= GETPOST('contextpage','aZ')?GETPOST('contextpage','aZ'):'myobjectcard';   // To manage different context of search

+ 1 - 1
htdocs/modulebuilder/template/myobject_note.php

@@ -46,7 +46,7 @@ $langs->loadLangs(array("mymodule@mymodule","companies"));
 // Get parameters
 $id			= GETPOST('id', 'int');
 $ref        = GETPOST('ref', 'alpha');
-$action		= GETPOST('action', 'alpha');
+$action		= GETPOST('action', 'aZ09');
 $cancel     = GETPOST('cancel', 'aZ09');
 $backtopage = GETPOST('backtopage', 'alpha');
 

+ 1 - 1
htdocs/product/admin/dynamic_prices.php

@@ -31,7 +31,7 @@ require_once DOL_DOCUMENT_ROOT.'/product/dynamic_price/class/price_global_variab
 $langs->load("products");
 
 $id = GETPOST('id', 'int');
-$action = GETPOST('action', 'alpha');
+$action = GETPOST('action', 'aZ09');
 $save = GETPOST('save', 'alpha');
 $cancel = GETPOST('cancel', 'alpha');
 $selection = GETPOST('selection', 'int');

Неке датотеке нису приказане због велике количине промена