[Dolibarr-bugtrack] [bug #18801] trop de stripslashes

dolibarr-bugtrack

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Dolibarr-bugtrack] [bug #18801] trop de stripslashes

From:	Franky Van Liedekerke
Subject:	[Dolibarr-bugtrack] [bug #18801] trop de stripslashes
Date:	Tue, 16 Jan 2007 15:56:58 +0000
User-agent:	Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.0.9) Gecko/20070102 Ubuntu/dapper-security Firefox/1.5.0.9

URL:
  <http://savannah.nongnu.org/bugs/?18801>

                 Summary: trop de stripslashes  
                 Project: Dolibarr
            Submitted by: liedekef
            Submitted on: Tuesday 01/16/2007 at 15:56
                Severity: 3 - Normal
                  Status: None
                 Privacy: Public
             Assigned to: None
             Open/Closed: Open
         Discussion Lock: Any
                 Release: None
        Operating System: None

    _______________________________________________________

Details:

        
Bonjour,

j'ai vu que dolibarr fait le suivant en main.inc.php:

if (get_magic_quotes_gpc())
{
   $_GET     = array_map('stripslashes_deep', $_GET);
   $_POST    = array_map('stripslashes_deep', $_POST);
   $_COOKIE  = array_map('stripslashes_deep', $_COOKIE);
   $_REQUEST = array_map('stripslashes_deep', $_REQUEST);
}

ceci est tres bon (et alors mon besoignes de stripslashes dans le fonction de
Yannick n'est plus valable).
Mais: j'ai trouvé dans le code:

htdocs/telephonie/client/new.php:  $soc->nom                   =
stripslashes($_POST["nom"]);
htdocs/telephonie/client/new.php:  $soc->adresse               =
stripslashes($_POST["adresse"]);
htdocs/telephonie/client/new.php:  $soc->cp                    =
stripslashes($_POST["cp"]);
htdocs/telephonie/client/new.php:  $soc->ville                 =
stripslashes($_POST["ville"]);
htdocs/telephonie/client/new.php:  $soc->pays_id               =
stripslashes($_POST["pays_id"]);
htdocs/telephonie/client/new.php:  $soc->tel                   =
stripslashes($_POST["tel"]);
htdocs/telephonie/client/new.php:  $soc->fax                   =
stripslashes($_POST["fax"]);
htdocs/telephonie/client/new.php:  $soc->code_fournisseur      =
stripslashes($_POST["code_fournisseur"]);
htdocs/telephonie/client/new.php:  $soc->codeclient_modifiable =
stripslashes($_POST["codeclient_modifiable"]);
htdocs/telephonie/client/new.php:  $soc->codefournisseur_modifiable =
stripslashes($_POST["codefournisseur_modifiable"]);

htdocs/compta/prelevement/liste_factures.php:  print '<input size="20"
class="flat" type="text" name="search_nom"
value="'.stripslashes($_GET["search_nom"]).'">';
htdocs/projet/liste.php:  print '<input type="text" class="flat"
name="search_label" value="'.stripslashes($_GET["search_label"]).'">';

Je crois bien qu'il faut enlever le stripslashes ici, non?

Franky






    _______________________________________________________

Reply to this item at:

  <http://savannah.nongnu.org/bugs/?18801>

_______________________________________________
  Message sent via/by Savannah
  http://savannah.nongnu.org/

[Prev in Thread]

Current Thread

[Next in Thread]

[Dolibarr-bugtrack] [bug #18801] trop de stripslashes, Franky Van Liedekerke <=
- [Dolibarr-bugtrack] [bug #18801] trop de stripslashes, Franky Van Liedekerke, 2007/01/16

Prev by Date: [Dolibarr-bugtrack] [bug #18800] petit bug dans adherent.class.php
Next by Date: [Dolibarr-bugtrack] [bug #18805] function escape_string (apres 2.1)
Previous by thread: [Dolibarr-bugtrack] [bug #18800] petit bug dans adherent.class.php
Next by thread: [Dolibarr-bugtrack] [bug #18801] trop de stripslashes
Index(es):
- Date
- Thread