diff --git a/htdocs/contact/list.php b/htdocs/contact/list.php index 48d54d40f5fcc..9661927d24018 100644 --- a/htdocs/contact/list.php +++ b/htdocs/contact/list.php @@ -12,7 +12,7 @@ * Copyright (C) 2019-2024 Frédéric France * Copyright (C) 2019 Josep Lluís Amador * Copyright (C) 2020 Open-Dsi - * Copyright (C) 2024 MDW + * Copyright (C) 2024-2025 MDW * Copyright (C) 2024 Benjamin Falière * * This program is free software; you can redistribute it and/or modify @@ -368,7 +368,7 @@ if (GETPOST('button_removefilter_x', 'alpha') || GETPOST('button_removefilter.x', 'alpha') || GETPOST('button_removefilter', 'alpha')) { // All tests are required to be compatible with all browsers $search_all = ""; $search_id = ''; - $search_ref = ''; + $search_ref_ext = ''; $search_firstlast_only = ""; $search_lastname = ""; $search_firstname = ""; @@ -866,8 +866,8 @@ if ($search_id > 0) { $param .= "&search_id=".((int) $search_id); } -if ($search_ref) { - $param .= "&search_ref=".urlencode($search_ref); +if ($search_ref_ext) { + $param .= "&search_ref_ext=".urlencode($search_ref_ext); } if ($search_lastname != '') { $param .= '&search_lastname='.urlencode($search_lastname); diff --git a/htdocs/core/actions_setmoduleoptions.inc.php b/htdocs/core/actions_setmoduleoptions.inc.php index 8439660f6c86d..26e15b7692e25 100644 --- a/htdocs/core/actions_setmoduleoptions.inc.php +++ b/htdocs/core/actions_setmoduleoptions.inc.php @@ -58,13 +58,13 @@ foreach ($arrayofparameters as $key => $val) { // Modify constant only if key was posted (avoid resetting key to the null value) if (GETPOSTISSET($key)) { - if (!empty($val['type']) && preg_match('/category:/', $val['type'])) { + if (isset($val['type']) && preg_match('/category:/', $val['type'])) { if (GETPOSTINT($key) == '-1') { $val_const = ''; } else { $val_const = GETPOSTINT($key); } - } elseif ($val['type'] == 'html') { + } elseif (isset($val['type']) && $val['type'] == 'html') { $val_const = GETPOST($key, 'restricthtml'); } else { $val_const = GETPOST($key, 'alpha'); diff --git a/htdocs/core/lib/security.lib.php b/htdocs/core/lib/security.lib.php index b5ed55427490e..92afd4da700e8 100644 --- a/htdocs/core/lib/security.lib.php +++ b/htdocs/core/lib/security.lib.php @@ -1,8 +1,9 @@ * Copyright (C) 2008-2021 Regis Houssin * Copyright (C) 2020 Ferran Marcet - * Copyright (C) 2024 MDW + * Copyright (C) 2024-2025 MDW * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -234,15 +235,15 @@ function dolDecrypt($chain, $key = '') * If constant MAIN_SECURITY_SALT is defined, we use it as a salt (used only if hashing algorithm is something else than 'password_hash'). * * @param string $chain String to hash - * @param string $type Type of hash: - * 'auto' or '0': will use MAIN_SECURITY_HASH_ALGO else md5 - * 'sha1' or '1': sha1 - * 'sha1md5' or '2': sha1md5 - * 'md5' or '3': md5 - * 'openldapxxx' or '4': for OpenLdap - * 'sha256' or '5': sha256 - * 'password_hash' or '6': password_hash - * Use 'md5' if hash is not needed for security purpose. For security need, prefer 'auto'. + * @param 'auto'|'0'|'sha1'|'1'|'sha1md5'|'2'|'md5'|'3'|'openldap'|'4'|'sha256'|'5'|'password_hash'|'6' $type Type of hash: + * 'auto' or '0': will use MAIN_SECURITY_HASH_ALGO else md5 + * 'sha1' or '1': sha1 + * 'sha1md5' or '2': sha1md5 + * 'md5' or '3': md5 + * 'openldapxxx' or '4': for OpenLdap + * 'sha256' or '5': sha256 + * 'password_hash' or '6': password_hash + * Use 'md5' if hash is not needed for security purpose. For security need, prefer 'auto'. * @param int $nosalt Do not include any salt * @param int $mode 0=Return encoded password, 1=Return array with encoding password + encoding algorithm * @return string|array{pass_encrypted:string,pass_encoding:string} Hash of string or array with pass_encrypted and pass_encoding diff --git a/htdocs/core/modules/DolibarrModules.class.php b/htdocs/core/modules/DolibarrModules.class.php index b440a0bd1bc59..0f401ef70a8cf 100644 --- a/htdocs/core/modules/DolibarrModules.class.php +++ b/htdocs/core/modules/DolibarrModules.class.php @@ -2753,8 +2753,8 @@ public function checkForCompliance($nametocheck = '') $tmpfieldsofline = explode(';', $line); $modulekey = strtolower($tmpfieldsofline[0]); $conf->cache['noncompliantmodules'][$modulekey]['name'] = $tmpfieldsofline[0]; - $conf->cache['noncompliantmodules'][$modulekey]['id'] = $tmpfieldsofline[1]; - $conf->cache['noncompliantmodules'][$modulekey]['signature'] = $tmpfieldsofline[2]; + $conf->cache['noncompliantmodules'][$modulekey]['id'] = (isset($tmpfieldsofline[1]) ? $tmpfieldsofline[1] : ''); + $conf->cache['noncompliantmodules'][$modulekey]['signature'] = (isset($tmpfieldsofline[2]) ? $tmpfieldsofline[2] : ''); $conf->cache['noncompliantmodules'][$modulekey]['message'] = $langs->trans(empty($tmpfieldsofline[3]) ? 'WarningModuleAffiliatedToAReportedCompany' : $tmpfieldsofline[3]); if (!empty($tmpfieldsofline[4])) { $message2 = $langs->trans("WarningModuleAffiliatedToAPiratPlatform", '{s}'); diff --git a/htdocs/public/eventorganization/attendee_new.php b/htdocs/public/eventorganization/attendee_new.php index d3099bbc36bee..fa7613e14dbc1 100644 --- a/htdocs/public/eventorganization/attendee_new.php +++ b/htdocs/public/eventorganization/attendee_new.php @@ -1,7 +1,7 @@ * Copyright (C) 2023 Laurent Destailleur - * Copyright (C) 2024 MDW + * Copyright (C) 2024-2025 MDW * Copyright (C) 2024 Frédéric France * * This program is free software; you can redistribute it and/or modify @@ -362,7 +362,7 @@ function llxFooterVierge() // If the registration has already been paid for this attendee if (!empty($confattendee->date_subscription) && !empty($confattendee->amount)) { - $securekeyurl = dol_hash(getDolGlobalString('EVENTORGANIZATION_SECUREKEY') . 'conferenceorbooth'.$id, 'master'); + $securekeyurl = dol_hash(getDolGlobalString('EVENTORGANIZATION_SECUREKEY') . 'conferenceorbooth'.$id, 'md5'); $redirection = $dolibarr_main_url_root.'/public/eventorganization/subscriptionok.php?id='.((int) $id).'&securekey='.urlencode($securekeyurl); $mesg = $langs->trans("RegistrationAndPaymentWereAlreadyRecorded", $email);