diff --git a/htdocs/accountancy/admin/categories_list.php b/htdocs/accountancy/admin/categories_list.php
index 4be890de7d51c..8cadfb5f4d50b 100644
--- a/htdocs/accountancy/admin/categories_list.php
+++ b/htdocs/accountancy/admin/categories_list.php
@@ -820,7 +820,7 @@
if ($iserasable) {
print '
';
if ($user->admin) {
- print ''.img_delete().'';
+ print ''.img_delete().'';
}
//else print ''.img_delete().''; // Some dictionary can be edited by other profile than admin
print ' | ';
diff --git a/htdocs/adherents/canvas/default/tpl/adherentcard_view.tpl.php b/htdocs/adherents/canvas/default/tpl/adherentcard_view.tpl.php
index 16e9dc1886a77..d685e828b9ca2 100644
--- a/htdocs/adherents/canvas/default/tpl/adherentcard_view.tpl.php
+++ b/htdocs/adherents/canvas/default/tpl/adherentcard_view.tpl.php
@@ -125,15 +125,15 @@
echo '
';
diff --git a/htdocs/admin/receiptprinter.php b/htdocs/admin/receiptprinter.php
index 988023175dbda..0daaa162a69a6 100644
--- a/htdocs/admin/receiptprinter.php
+++ b/htdocs/admin/receiptprinter.php
@@ -350,15 +350,15 @@ function gzdecode($data)
print ''.$langs->trans($printer->listprinters[$line]['fk_profile_name']).' | ';
print ''.$printer->listprinters[$line]['parameter'].' | ';
// edit icon
- print '';
+ print ' | ';
print img_picto($langs->trans("Edit"), 'edit');
print '';
// delete icon
- print '';
+ print '';
print img_picto($langs->trans("Delete"), 'delete');
print '';
// test icon
- print '';
+ print '';
print img_picto($langs->trans("TestPrinter"), 'printer');
print ' | ';
print '';
@@ -438,15 +438,15 @@ function gzdecode($data)
print ''.$printer->listprinterstemplates[$line]['name'].' | ';
print ''.dol_htmlentitiesbr($printer->listprinterstemplates[$line]['template']).' | ';
// edit icon
- print '';
+ print ' | ';
print img_picto($langs->trans("Edit"), 'edit');
print '';
// delete icon
- print '';
+ print '';
print img_picto($langs->trans("Delete"), 'delete');
print '';
// test icon
- print '';
+ print '';
print img_picto($langs->trans("TestPrinterTemplate"), 'printer');
print ' | ';
}
diff --git a/htdocs/asset/card.php b/htdocs/asset/card.php
index efa1703bca5be..dc00b24481371 100644
--- a/htdocs/asset/card.php
+++ b/htdocs/asset/card.php
@@ -294,13 +294,13 @@
if (empty($reshook)) {
if ($user->rights->asset->write) {
- print 'id.'&action=edit">'.$langs->trans("Modify").''."\n";
+ print 'id.'&action=edit&token='.newtoken().'">'.$langs->trans("Modify").''."\n";
} else {
print ''.$langs->trans('Modify').''."\n";
}
if ($user->rights->asset->delete) {
- print 'id.'&action=delete&token='.newToken().'">'.$langs->trans('Delete').''."\n";
+ print 'id.'&action=delete&token='.newToken().'">'.$langs->trans('Delete').''."\n";
} else {
print ''.$langs->trans('Delete').''."\n";
}
diff --git a/htdocs/bom/bom_card.php b/htdocs/bom/bom_card.php
index a8077d1f9730f..e3d3343bbee9a 100644
--- a/htdocs/bom/bom_card.php
+++ b/htdocs/bom/bom_card.php
@@ -651,7 +651,7 @@
*/
if ($permissiontodelete) {
- print 'id.'&action=delete&token='.newToken().'">'.$langs->trans('Delete').''."\n";
+ print 'id.'&action=delete&token='.newToken().'">'.$langs->trans('Delete').''."\n";
} else {
print ''.$langs->trans('Delete').''."\n";
}
diff --git a/htdocs/bom/tpl/objectline_view.tpl.php b/htdocs/bom/tpl/objectline_view.tpl.php
index fff9d077a0850..2c3896a628257 100644
--- a/htdocs/bom/tpl/objectline_view.tpl.php
+++ b/htdocs/bom/tpl/objectline_view.tpl.php
@@ -129,7 +129,7 @@
$coldisplay++;
if (($line->fk_prev_id == null) && empty($disableremove)) {
//La suppression n'est autorisée que si il n'y a pas de ligne dans une précédente situation
- print 'id.'&action=deleteline&token='.newToken().'&lineid='.$line->id.'">';
+ print 'id.'&action=deleteline&token='.newToken().'&lineid='.$line->id.'">';
print img_delete();
print '';
}
diff --git a/htdocs/bookmarks/card.php b/htdocs/bookmarks/card.php
index 045e656de50a7..839ce4c3f8631 100644
--- a/htdocs/bookmarks/card.php
+++ b/htdocs/bookmarks/card.php
@@ -313,12 +313,12 @@
// Edit
if ($user->rights->bookmark->creer && $action != 'edit') {
- print 'id.'&action=edit&token='.newToken().'">'.$langs->trans("Edit").''."\n";
+ print 'id.'&action=edit&token='.newToken().'">'.$langs->trans("Edit").''."\n";
}
// Remove
if ($user->rights->bookmark->supprimer && $action != 'edit') {
- print ''.$langs->trans("Delete").''."\n";
+ print ''.$langs->trans("Delete").''."\n";
}
print '';
diff --git a/htdocs/categories/photos.php b/htdocs/categories/photos.php
index 5fb1c85dd408b..06c3caae43c39 100644
--- a/htdocs/categories/photos.php
+++ b/htdocs/categories/photos.php
@@ -234,7 +234,7 @@
print 'id.'&action=addthumb&type='.$type.'&file='.urlencode($pdir.$viewfilename).'">'.img_picto($langs->trans('GenerateThumb'), 'refresh').' ';
}
if ($user->rights->categorie->creer) {
- print 'id.'&action=delete&token='.newToken().'&type='.$type.'&file='.urlencode($pdir.$viewfilename).'">';
+ print 'id.'&action=delete&token='.newToken().'&type='.$type.'&file='.urlencode($pdir.$viewfilename).'">';
print img_delete().'';
}
if ($nbbyrow) {
diff --git a/htdocs/comm/mailing/card.php b/htdocs/comm/mailing/card.php
index 8b97f23737e75..0a28346a130fb 100644
--- a/htdocs/comm/mailing/card.php
+++ b/htdocs/comm/mailing/card.php
@@ -1011,7 +1011,7 @@
if ($object->statut > 0 && (!empty($conf->global->MAIN_USE_ADVANCED_PERMS) && !$user->rights->mailing->mailing_advance->delete)) {
print ''.$langs->trans("DeleteMailing").'';
} else {
- print ''.$langs->trans("DeleteMailing").'';
+ print ''.$langs->trans("DeleteMailing").'';
}
}
diff --git a/htdocs/commande/card.php b/htdocs/commande/card.php
index d598c8b403f5f..625ca98d1ea33 100644
--- a/htdocs/commande/card.php
+++ b/htdocs/commande/card.php
@@ -2592,13 +2592,13 @@
// Cancel order
if ($object->statut == Commande::STATUS_VALIDATED && (!empty($usercanclose) || !empty($usercancancel))) {
- print 'id.'&action=cancel">'.$langs->trans("Cancel").'';
+ print 'id.'&action=cancel&token='.newtoken().'">'.$langs->trans("Cancel").'';
}
// Delete order
if ($usercandelete) {
if ($numshipping == 0) {
- print 'id.'&action=delete&token='.newToken().'">'.$langs->trans('Delete').'';
+ print 'id.'&action=delete&token='.newToken().'">'.$langs->trans('Delete').'';
} else {
print ''.$langs->trans("Delete").'';
}
diff --git a/htdocs/compta/bank/bankentries_list.php b/htdocs/compta/bank/bankentries_list.php
index dda6eec132c22..f6a03c1d11dc0 100644
--- a/htdocs/compta/bank/bankentries_list.php
+++ b/htdocs/compta/bank/bankentries_list.php
@@ -1683,7 +1683,7 @@
}
}
if ($user->rights->banque->modifier) {
- print 'rowid.'&id='.$objp->bankid.'&page='.$page.'">';
+ print 'rowid.'&id='.$objp->bankid.'&page='.$page.'">';
print img_delete('', 'class="marginleftonly"');
print '';
}
diff --git a/htdocs/compta/bank/categ.php b/htdocs/compta/bank/categ.php
index 403caa6cdfd6e..2605bc39d30ba 100644
--- a/htdocs/compta/bank/categ.php
+++ b/htdocs/compta/bank/categ.php
@@ -146,8 +146,8 @@
//print ''.$langs->trans("List").'';
print '';
print '';
- print 'rowid.'&action=edit&token='.newToken().'">'.img_edit().'';
- print 'rowid.'&action=delete&token='.newToken().'">'.img_delete().'';
+ print 'rowid.'&action=edit&token='.newToken().'">'.img_edit().'';
+ print 'rowid.'&action=delete&token='.newToken().'">'.img_delete().'';
print ' | ';
}
print "";
diff --git a/htdocs/compta/facture/card.php b/htdocs/compta/facture/card.php
index c7032002c4322..0384080069b0d 100644
--- a/htdocs/compta/facture/card.php
+++ b/htdocs/compta/facture/card.php
@@ -5513,7 +5513,7 @@ function js_recalculate_revenuestamp(){
} elseif ($objectidnext) {
print ''.$langs->trans('Delete').'';
} else {
- print 'id.'&action=delete&token='.newToken().'">'.$langs->trans('Delete').'';
+ print 'id.'&action=delete&token='.newToken().'">'.$langs->trans('Delete').'';
}
} else {
print ''.$langs->trans('Delete').'';
diff --git a/htdocs/compta/paiement/card.php b/htdocs/compta/paiement/card.php
index ed8ec522aea14..b69a2a9195859 100644
--- a/htdocs/compta/paiement/card.php
+++ b/htdocs/compta/paiement/card.php
@@ -445,7 +445,7 @@
if (!empty($conf->global->BILL_ADD_PAYMENT_VALIDATION)) {
if ($user->socid == 0 && $object->statut == 0 && $_GET['action'] == '') {
if ($user->rights->facture->paiement) {
- print ''.$langs->trans('Valid').'';
+ print ''.$langs->trans('Valid').'';
}
}
}
@@ -453,7 +453,7 @@
if ($user->socid == 0 && $action == '') {
if ($user->rights->facture->paiement) {
if (!$disable_delete) {
- print ''.$langs->trans('Delete').'';
+ print ''.$langs->trans('Delete').'';
} else {
print ''.$langs->trans('Delete').'';
}
diff --git a/htdocs/compta/paiement/cheque/card.php b/htdocs/compta/paiement/cheque/card.php
index 0092e7310460e..61d295a29b035 100644
--- a/htdocs/compta/paiement/cheque/card.php
+++ b/htdocs/compta/paiement/cheque/card.php
@@ -710,11 +710,11 @@
print '';
diff --git a/htdocs/compta/payment_sc/card.php b/htdocs/compta/payment_sc/card.php
index 27a35e8335253..8b33b9b8730a3 100644
--- a/htdocs/compta/payment_sc/card.php
+++ b/htdocs/compta/payment_sc/card.php
@@ -251,7 +251,7 @@
if ($action == '') {
if ($user->rights->tax->charges->supprimer) {
if (!$disable_delete) {
- print ''.$langs->trans('Delete').'';
+ print ''.$langs->trans('Delete').'';
} else {
print ''.$langs->trans('Delete').'';
}
diff --git a/htdocs/compta/payment_vat/card.php b/htdocs/compta/payment_vat/card.php
index bfa1400938036..94dd817900ed9 100644
--- a/htdocs/compta/payment_vat/card.php
+++ b/htdocs/compta/payment_vat/card.php
@@ -307,7 +307,7 @@
if ($action == '') {
if ($user->rights->tax->charges->supprimer) {
if (!$disable_delete) {
- print ''.$langs->trans('Delete').'';
+ print ''.$langs->trans('Delete').'';
} else {
print ''.$langs->trans('Delete').'';
}
diff --git a/htdocs/compta/sociales/card.php b/htdocs/compta/sociales/card.php
index 3f1948f1e919e..dba86742e5b15 100644
--- a/htdocs/compta/sociales/card.php
+++ b/htdocs/compta/sociales/card.php
@@ -777,7 +777,7 @@
// Delete
if ($user->rights->tax->charges->supprimer && empty($totalpaye)) {
- print '';
+ print '';
} else {
print '';
}
diff --git a/htdocs/contact/canvas/default/tpl/contactcard_view.tpl.php b/htdocs/contact/canvas/default/tpl/contactcard_view.tpl.php
index c624eca4026f3..e458cdf3016fe 100644
--- a/htdocs/contact/canvas/default/tpl/contactcard_view.tpl.php
+++ b/htdocs/contact/canvas/default/tpl/contactcard_view.tpl.php
@@ -139,15 +139,15 @@
if (empty($user->socid)) {
print '
';
diff --git a/htdocs/contrat/card.php b/htdocs/contrat/card.php
index 7c6ffe695e6e8..f29c00b0f99d0 100644
--- a/htdocs/contrat/card.php
+++ b/htdocs/contrat/card.php
@@ -1546,12 +1546,12 @@
print '';
}
if ($user->rights->contrat->creer && ($object->statut >= 0)) {
- print '';
+ print '';
print img_edit();
print '';
}
if ($user->rights->contrat->creer && ($object->statut >= 0)) {
- print '';
+ print '';
print img_delete();
print '';
}
@@ -2103,7 +2103,7 @@
// - Droit de creer + mode brouillon (erreur creation)
// - Droit de supprimer
if (($user->rights->contrat->creer && $object->statut == $object::STATUS_DRAFT) || $user->rights->contrat->supprimer) {
- print '';
+ print '';
} else {
print '';
}
diff --git a/htdocs/core/class/commonobject.class.php b/htdocs/core/class/commonobject.class.php
index 45076e522a33c..230bdb73a5086 100644
--- a/htdocs/core/class/commonobject.class.php
+++ b/htdocs/core/class/commonobject.class.php
@@ -8205,10 +8205,10 @@ public function show_photos($modulepart, $sdir, $size = 0, $nbmax = 0, $nbbyrow
// Special cas for product
if ($modulepart == 'product' && ($user->rights->produit->creer || $user->rights->service->creer)) {
// Link to resize
- $return .= ''.img_picto($langs->trans("Resize"), 'resize', '').' ';
+ $return .= ''.img_picto($langs->trans("Resize"), 'resize', '').' ';
// Link to delete
- $return .= 'id.'&action=delete&token='.newToken().'&file='.urlencode($pdir.$viewfilename).'">';
+ $return .= 'id.'&action=delete&token='.newToken().'&file='.urlencode($pdir.$viewfilename).'">';
$return .= img_delete().'';
}
}
@@ -8234,10 +8234,10 @@ public function show_photos($modulepart, $sdir, $size = 0, $nbmax = 0, $nbbyrow
// Special case for product
if ($modulepart == 'product' && ($user->rights->produit->creer || $user->rights->service->creer)) {
// Link to resize
- $return .= ''.img_picto($langs->trans("Resize"), 'resize', '').' ';
+ $return .= ''.img_picto($langs->trans("Resize"), 'resize', '').' ';
// Link to delete
- $return .= 'id.'&action=delete&token='.newToken().'&file='.urlencode($pdir.$viewfilename).'">';
+ $return .= 'id.'&action=delete&token='.newToken().'&file='.urlencode($pdir.$viewfilename).'">';
$return .= img_delete().'';
}
}
diff --git a/htdocs/delivery/card.php b/htdocs/delivery/card.php
index 41b066ae5a669..c501d41320f12 100644
--- a/htdocs/delivery/card.php
+++ b/htdocs/delivery/card.php
@@ -651,9 +651,9 @@
if ($user->rights->expedition->delivery->supprimer) {
if ($conf->expedition_bon->enabled) {
- print ''.$langs->trans("Delete").'';
+ print ''.$langs->trans("Delete").'';
} else {
- print ''.$langs->trans("Delete").'';
+ print ''.$langs->trans("Delete").'';
}
}
diff --git a/htdocs/don/payment/card.php b/htdocs/don/payment/card.php
index 40cf029889512..363ef6d34effa 100644
--- a/htdocs/don/payment/card.php
+++ b/htdocs/don/payment/card.php
@@ -213,7 +213,7 @@
if (empty($action)) {
if ($user->rights->don->supprimer) {
if (!$disable_delete) {
- print ''.$langs->trans('Delete').'';
+ print ''.$langs->trans('Delete').'';
} else {
print ''.$langs->trans('Delete').'';
}
diff --git a/htdocs/eventorganization/conferenceorbooth_card.php b/htdocs/eventorganization/conferenceorbooth_card.php
index ec3e00c0ddeb2..afcb4f9a6f0d2 100644
--- a/htdocs/eventorganization/conferenceorbooth_card.php
+++ b/htdocs/eventorganization/conferenceorbooth_card.php
@@ -558,16 +558,16 @@
if (empty($reshook)) {
// Send
if (empty($user->socid)) {
- print dolGetButtonAction($langs->trans('SendMail'), '', 'default', $_SERVER["PHP_SELF"].'?id='.$object->id.$withProjectUrl.'&action=presend&mode=init#formmailbeforetitle');
+ print dolGetButtonAction($langs->trans('SendMail'), '', 'default', $_SERVER["PHP_SELF"].'?id='.$object->id.$withProjectUrl.'&action=presend&token='.newtoken().'&mode=init#formmailbeforetitle');
}
- print dolGetButtonAction($langs->trans('Modify'), '', 'default', $_SERVER["PHP_SELF"].'?id='.$object->id.$withProjectUrl.'&action=edit', '', $permissiontoadd);
+ print dolGetButtonAction($langs->trans('Modify'), '', 'default', $_SERVER["PHP_SELF"].'?id='.$object->id.$withProjectUrl.'&action=edit&token='.newtoken().'', '', $permissiontoadd);
// Clone
- print dolGetButtonAction($langs->trans('ToClone'), '', 'default', $_SERVER['PHP_SELF'].'?id='.$object->id.$withProjectUrl.'&socid='.$object->socid.'&action=clone&object=scrumsprint', '', $permissiontoadd);
+ print dolGetButtonAction($langs->trans('ToClone'), '', 'default', $_SERVER['PHP_SELF'].'?id='.$object->id.$withProjectUrl.'&socid='.$object->socid.'&action=clone&token='.newtoken().'&object=scrumsprint', '', $permissiontoadd);
// Delete (need delete permission, or if draft, just need create/modify permission)
- print dolGetButtonAction($langs->trans('Delete'), '', 'delete', $_SERVER['PHP_SELF'].'?id='.$object->id.$withProjectUrl.'&action=delete', '', $permissiontodelete || ($object->status == $object::STATUS_DRAFT && $permissiontoadd));
+ print dolGetButtonAction($langs->trans('Delete'), '', 'delete', $_SERVER['PHP_SELF'].'?id='.$object->id.$withProjectUrl.'&action=delete&token='.newtoken().'', '', $permissiontodelete || ($object->status == $object::STATUS_DRAFT && $permissiontoadd));
}
print ''."\n";
}
diff --git a/htdocs/eventorganization/conferenceorboothattendee_card.php b/htdocs/eventorganization/conferenceorboothattendee_card.php
index f10c0b694cb2d..3d97d42aa4676 100644
--- a/htdocs/eventorganization/conferenceorboothattendee_card.php
+++ b/htdocs/eventorganization/conferenceorboothattendee_card.php
@@ -643,11 +643,11 @@
print dolGetButtonAction($langs->trans('Modify'), '', 'default', $_SERVER["PHP_SELF"].'?id='.$object->id.(!empty($confOrBooth->id)?'&conforboothid='.$confOrBooth->id:'').(!empty($projectstatic->id)?'&fk_project='.$projectstatic->id:'').'&action=edit', '', $permissiontoadd);
// Clone
- print dolGetButtonAction($langs->trans('ToClone'), '', 'default', $_SERVER['PHP_SELF'].'?id='.$object->id.'&socid='.$object->socid.'&action=clone&object=scrumsprint', '', $permissiontoadd);
+ print dolGetButtonAction($langs->trans('ToClone'), '', 'default', $_SERVER['PHP_SELF'].'?id='.$object->id.'&socid='.$object->socid.'&action=clone&token='.newtoken().'&object=scrumsprint', '', $permissiontoadd);
// Delete (need delete permission, or if draft, just need create/modify permission)
- print dolGetButtonAction($langs->trans('Delete'), '', 'delete', $_SERVER['PHP_SELF'].'?id='.$object->id.'&action=delete', '', $permissiontodelete || ($object->status == $object::STATUS_DRAFT && $permissiontoadd));
+ print dolGetButtonAction($langs->trans('Delete'), '', 'delete', $_SERVER['PHP_SELF'].'?id='.$object->id.'&action=delete&token='.newtoken().'', '', $permissiontodelete || ($object->status == $object::STATUS_DRAFT && $permissiontoadd));
}
print ''."\n";
}
diff --git a/htdocs/expedition/card.php b/htdocs/expedition/card.php
index c9bd077f51173..0e7c7e07c29a8 100644
--- a/htdocs/expedition/card.php
+++ b/htdocs/expedition/card.php
@@ -2363,10 +2363,10 @@
} elseif ($object->statut == Expedition::STATUS_DRAFT) {
// edit-delete buttons
print '';
- print 'id.'&action=editline&lineid='.$lines[$i]->id.'">'.img_edit().'';
+ print 'id.'&action=editline&token='.newtoken().'&lineid='.$lines[$i]->id.'">'.img_edit().'';
print ' | ';
print '';
- print 'id.'&action=deleteline&token='.newToken().'&lineid='.$lines[$i]->id.'">'.img_delete().'';
+ print 'id.'&action=deleteline&token='.newToken().'&lineid='.$lines[$i]->id.'">'.img_delete().'';
print ' | ';
// Display lines extrafields
@@ -2489,13 +2489,13 @@
// Cancel
if ($object->statut == Expedition::STATUS_VALIDATED) {
if ($user->rights->expedition->supprimer) {
- print 'id.'&action=cancel">'.$langs->trans("Cancel").'';
+ print 'id.'&action=cancel&token='.newtoken().'">'.$langs->trans("Cancel").'';
}
}
// Delete
if ($user->rights->expedition->supprimer) {
- print 'id.'&action=delete&token='.newToken().'">'.$langs->trans("Delete").'';
+ print 'id.'&action=delete&token='.newToken().'">'.$langs->trans("Delete").'';
}
}
diff --git a/htdocs/expensereport/card.php b/htdocs/expensereport/card.php
index 5951c99d44051..b0206dd641757 100644
--- a/htdocs/expensereport/card.php
+++ b/htdocs/expensereport/card.php
@@ -2155,10 +2155,10 @@
if (($object->status < ExpenseReport::STATUS_VALIDATED || $object->status == ExpenseReport::STATUS_REFUSED) && $user->rights->expensereport->creer) {
print '';
- print 'id.'&action=editline&token='.newToken().'&rowid='.$line->rowid.'">';
+ print 'id.'&action=editline&token='.newToken().'&rowid='.$line->rowid.'">';
print img_edit();
print ' ';
- print 'id.'&action=delete_line&token='.newToken().'&rowid='.$line->rowid.'">';
+ print 'id.'&action=delete_line&token='.newToken().'&rowid='.$line->rowid.'">';
print img_delete();
print '';
diff --git a/htdocs/expensereport/payment/card.php b/htdocs/expensereport/payment/card.php
index 7b86f295b5b46..847c059a9c6e4 100644
--- a/htdocs/expensereport/payment/card.php
+++ b/htdocs/expensereport/payment/card.php
@@ -240,7 +240,7 @@
if ($action == '') {
if ($user->rights->expensereport->supprimer) {
if (!$disable_delete) {
- print ''.$langs->trans('Delete').'';
+ print ''.$langs->trans('Delete').'';
} else {
print ''.$langs->trans('Delete').'';
}
diff --git a/htdocs/fourn/commande/card.php b/htdocs/fourn/commande/card.php
index 7668dd4dc171b..575b50a03941c 100644
--- a/htdocs/fourn/commande/card.php
+++ b/htdocs/fourn/commande/card.php
@@ -2570,7 +2570,7 @@
if ($hasreception) {
print ''.$langs->trans("Delete").'';
} else {
- print 'id.'&action=delete&token='.newToken().'">'.$langs->trans("Delete").'';
+ print 'id.'&action=delete&token='.newToken().'">'.$langs->trans("Delete").'';
}
}
}
diff --git a/htdocs/fourn/facture/card.php b/htdocs/fourn/facture/card.php
index 00ebda21fd1bf..9c77f1f3566cb 100644
--- a/htdocs/fourn/facture/card.php
+++ b/htdocs/fourn/facture/card.php
@@ -3531,7 +3531,7 @@ function setRadioForTypeOfInvoice() {
} elseif ($isErasable <= 0) { // Any other cases
print ''.$langs->trans('Delete').'';
} else {
- print 'id.'&action=delete&token='.newToken().'">'.$langs->trans('Delete').'';
+ print 'id.'&action=delete&token='.newToken().'">'.$langs->trans('Delete').'';
}
}
print '';
diff --git a/htdocs/fourn/paiement/card.php b/htdocs/fourn/paiement/card.php
index 708fa266f0a17..05ad6ac71c427 100644
--- a/htdocs/fourn/paiement/card.php
+++ b/htdocs/fourn/paiement/card.php
@@ -345,7 +345,7 @@
if ($user->socid == 0 && $action == '') {
if ($user->rights->fournisseur->facture->supprimer) {
if ($allow_delete) {
- print ''.$langs->trans('Delete').'';
+ print ''.$langs->trans('Delete').'';
} else {
print ''.$langs->trans('Delete').'';
}
diff --git a/htdocs/knowledgemanagement/knowledgerecord_card.php b/htdocs/knowledgemanagement/knowledgerecord_card.php
index df28de78e4ea6..2fdb574395fde 100644
--- a/htdocs/knowledgemanagement/knowledgerecord_card.php
+++ b/htdocs/knowledgemanagement/knowledgerecord_card.php
@@ -438,7 +438,7 @@
*/
// Delete (need delete permission, or if draft, just need create/modify permission)
- print dolGetButtonAction($langs->trans('Delete'), '', 'delete', $_SERVER['PHP_SELF'].'?id='.$object->id.'&action=delete', '', $permissiontodelete || ($object->status == $object::STATUS_DRAFT && $permissiontoadd));
+ print dolGetButtonAction($langs->trans('Delete'), '', 'delete', $_SERVER['PHP_SELF'].'?id='.$object->id.'&action=delete&token='.newtoken(), '', $permissiontodelete || ($object->status == $object::STATUS_DRAFT && $permissiontoadd));
}
print ''."\n";
}
diff --git a/htdocs/loan/card.php b/htdocs/loan/card.php
index 4d68da16ad893..9a3af206800c8 100644
--- a/htdocs/loan/card.php
+++ b/htdocs/loan/card.php
@@ -727,12 +727,12 @@
// Classify 'paid'
if (($object->paid == 0 || $object->paid == 2) && round($staytopay) <= 0 && $user->rights->loan->write) {
- print '';
+ print '';
}
// Delete
if (($object->paid == 0 || $object->paid == 2) && $user->rights->loan->delete) {
- print '';
+ print '';
}
print "";
diff --git a/htdocs/loan/payment/card.php b/htdocs/loan/payment/card.php
index 0292fbf5b2c68..198025215b7b8 100644
--- a/htdocs/loan/payment/card.php
+++ b/htdocs/loan/payment/card.php
@@ -222,7 +222,7 @@
if (empty($action) && !empty($user->rights->loan->delete)) {
if (!$disable_delete) {
- print ''.$langs->trans('Delete').'';
+ print ''.$langs->trans('Delete').'';
} else {
print ''.$langs->trans('Delete').'';
}
diff --git a/htdocs/main.inc.php b/htdocs/main.inc.php
index b26dabbc98702..ad7ac652a4d6c 100644
--- a/htdocs/main.inc.php
+++ b/htdocs/main.inc.php
@@ -464,10 +464,7 @@ function analyseVarsForSqlAndScriptsInjection(&$var, $type)
// Array of action code where CSRFCHECK with token will be forced (so token must be provided on url request)
$arrayofactiontoforcetokencheck = array(
'activate', 'add', 'addrights', 'addtimespent',
- 'delete', 'deletecontact', 'deletefilter', 'deleteoperation', 'deleteprof', 'deletepayment', 'delrights',
- 'disable',
'doprev', 'donext', 'dvprev', 'dvnext',
- 'enable',
'install',
'setpricelevel',
'update'
@@ -476,7 +473,7 @@ function analyseVarsForSqlAndScriptsInjection(&$var, $type)
if (in_array(GETPOST('action', 'aZ09'), $arrayofactiontoforcetokencheck)) {
$sensitiveget = true;
}
- if (preg_match('/^(classify|confirm_|disable_|enable_|setremise)/', GETPOST('action', 'aZ09'))) {
+ if (preg_match('/^(classify|confirm_|delete|disable|enable|setremise)/', GETPOST('action', 'aZ09'))) {
$sensitiveget = true;
}
diff --git a/htdocs/product/card.php b/htdocs/product/card.php
index 23fc0077c9770..0aa2fb54abaf4 100644
--- a/htdocs/product/card.php
+++ b/htdocs/product/card.php
@@ -2525,7 +2525,7 @@
if (!empty($conf->use_javascript_ajax) && empty($conf->dol_use_jmobile)) {
print ''.$langs->trans('Delete').''."\n";
} else {
- print 'id.'">'.$langs->trans("Delete").'';
+ print 'id.'">'.$langs->trans("Delete").'';
}
} else {
print ''.$langs->trans("Delete").'';
diff --git a/htdocs/product/dynamic_price/editor.php b/htdocs/product/dynamic_price/editor.php
index 418a71166a886..784be41dfe94b 100644
--- a/htdocs/product/dynamic_price/editor.php
+++ b/htdocs/product/dynamic_price/editor.php
@@ -190,7 +190,7 @@
if ($eid == 0) {
print ' '.$langs->trans('Delete').' '."\n";
} else {
- print '';
+ print '';
}
print '';
diff --git a/htdocs/product/price.php b/htdocs/product/price.php
index e21d17d823fb6..ecdddba712c91 100644
--- a/htdocs/product/price.php
+++ b/htdocs/product/price.php
@@ -953,9 +953,9 @@
print ' | '.price($prices['remise_percent']).' % | ';
print '';
if (($user->rights->produit->creer || $user->rights->service->creer)) {
- print 'id.'&action=edit_price_by_qty&rowid='.$prices["rowid"].'">';
+ print 'id.'&action=edit_price_by_qty&rowid='.$prices["rowid"].'">';
print img_edit().'';
- print 'id.'&action=delete_price_by_qty&token='.newToken().'&rowid='.$prices["rowid"].'">';
+ print 'id.'&action=delete_price_by_qty&token='.newToken().'&rowid='.$prices["rowid"].'">';
print img_delete().'';
} else {
print ' ';
@@ -1106,9 +1106,9 @@
print ' | '.price($prices['remise_percent']).' % | ';
print '';
if (($user->rights->produit->creer || $user->rights->service->creer)) {
- print 'id.'&action=edit_price_by_qty&rowid='.$prices["rowid"].'">';
+ print 'id.'&action=edit_price_by_qty&rowid='.$prices["rowid"].'">';
print img_edit().'';
- print 'id.'&action=delete_price_by_qty&token='.newToken().'&rowid='.$prices["rowid"].'">';
+ print 'id.'&action=delete_price_by_qty&token='.newToken().'&rowid='.$prices["rowid"].'">';
print img_delete().'';
} else {
print ' ';
@@ -1638,7 +1638,7 @@ function on_change() {
print ' | ';
if ($candelete || ($db->jdate($objp->dp) >= dol_now())) { // Test on date is to be able to delete a corrupted record with a date in future
- print 'id.'&lineid='.$objp->rowid.'">';
+ print 'id.'&lineid='.$objp->rowid.'">';
print img_delete();
print '';
} else {
@@ -2193,11 +2193,11 @@ function on_change() {
print img_info($langs->trans('PriceByCustomerLog'));
print '';
print ' ';
- print 'id.'&lineid='.$line->id.'">';
+ print 'id.'&lineid='.$line->id.'">';
print img_edit('default', 0, 'style="vertical-align: middle;"');
print '';
print ' ';
- print 'id.'&lineid='.$line->id.'">';
+ print 'id.'&lineid='.$line->id.'">';
print img_delete('default', 'style="vertical-align: middle;"');
print '';
print ' | ';
diff --git a/htdocs/product/stock/productlot_card.php b/htdocs/product/stock/productlot_card.php
index 7a75019c8d1b0..31279ae32eedf 100644
--- a/htdocs/product/stock/productlot_card.php
+++ b/htdocs/product/stock/productlot_card.php
@@ -532,12 +532,12 @@
if (empty($reshook)) {
/*TODO if ($user->rights->stock->lire)
{
- print ''."\n";
+ print ''."\n";
}
if ($user->rights->stock->supprimer)
{
- print ''."\n";
+ print ''."\n";
}
*/
}
diff --git a/htdocs/projet/card.php b/htdocs/projet/card.php
index 05419cdb4eff8..21b49b9447e76 100644
--- a/htdocs/projet/card.php
+++ b/htdocs/projet/card.php
@@ -1343,7 +1343,7 @@ function change_percent()
// Delete
if ($user->rights->projet->supprimer || ($object->statut == Project::STATUS_DRAFT && $user->rights->projet->creer)) {
if ($userDelete > 0 || ($object->statut == Project::STATUS_DRAFT && $user->rights->projet->creer)) {
- print ''.$langs->trans("Delete").'';
+ print ''.$langs->trans("Delete").'';
} else {
print ''.$langs->trans('Delete').'';
}
diff --git a/htdocs/projet/tasks/task.php b/htdocs/projet/tasks/task.php
index 99b390870a80e..c35b46ef778dd 100644
--- a/htdocs/projet/tasks/task.php
+++ b/htdocs/projet/tasks/task.php
@@ -606,7 +606,7 @@
// Delete
if ($user->rights->projet->supprimer) {
if (!$object->hasChildren() && !$object->hasTimeSpent()) {
- print ''.$langs->trans('Delete').'';
+ print ''.$langs->trans('Delete').'';
} else {
print ''.$langs->trans('Delete').'';
}
diff --git a/htdocs/projet/tasks/time.php b/htdocs/projet/tasks/time.php
index fa6884ee92070..200fab4579fa7 100644
--- a/htdocs/projet/tasks/time.php
+++ b/htdocs/projet/tasks/time.php
@@ -1729,12 +1729,12 @@ function setDetailVisibility() {
}
print ' ';
- print 'fk_task.'&action=editline&lineid='.$task_time->rowid.$param.((empty($id) || $tab == 'timespent') ? '&tab=timespent' : '').'">';
+ print 'fk_task.'&action=editline&lineid='.$task_time->rowid.$param.((empty($id) || $tab == 'timespent') ? '&tab=timespent' : '').'">';
print img_edit();
print '';
print ' ';
- print 'fk_task.'&action=deleteline&token='.newToken().'&lineid='.$task_time->rowid.$param.((empty($id) || $tab == 'timespent') ? '&tab=timespent' : '').'">';
+ print 'fk_task.'&action=deleteline&token='.newToken().'&lineid='.$task_time->rowid.$param.((empty($id) || $tab == 'timespent') ? '&tab=timespent' : '').'">';
print img_delete('default', 'class="pictodelete paddingleft"');
print '';
diff --git a/htdocs/reception/card.php b/htdocs/reception/card.php
index f6424d6dc9116..b74adaae6b0c4 100644
--- a/htdocs/reception/card.php
+++ b/htdocs/reception/card.php
@@ -1920,10 +1920,10 @@
} elseif ($object->statut == Reception::STATUS_DRAFT) {
// edit-delete buttons
print '';
- print 'id.'&action=editline&token='.newToken().'&lineid='.$lines[$i]->id.'">'.img_edit().'';
+ print 'id.'&action=editline&token='.newToken().'&lineid='.$lines[$i]->id.'">'.img_edit().'';
print ' | ';
print '';
- print 'id.'&action=deleteline&token='.newToken().'&lineid='.$lines[$i]->id.'">'.img_delete().'';
+ print 'id.'&action=deleteline&token='.newToken().'&lineid='.$lines[$i]->id.'">'.img_delete().'';
print ' | ';
// Display lines extrafields
@@ -2026,12 +2026,12 @@
$label = "ClassifyBilled";
$paramaction = 'classifybilled';
}
- print 'id.'&action='.$paramaction.'">'.$langs->trans($label).'';
+ print 'id.'&action='.$paramaction.'">'.$langs->trans($label).'';
}
}
if ($user->rights->reception->supprimer) {
- print 'id.'&action=delete&token='.newToken().'">'.$langs->trans("Delete").'';
+ print 'id.'&action=delete&token='.newToken().'">'.$langs->trans("Delete").'';
}
}
diff --git a/htdocs/recruitment/recruitmentcandidature_card.php b/htdocs/recruitment/recruitmentcandidature_card.php
index 586cc2256397b..8eb2c8a1f10e0 100644
--- a/htdocs/recruitment/recruitmentcandidature_card.php
+++ b/htdocs/recruitment/recruitmentcandidature_card.php
@@ -620,7 +620,7 @@
// Delete (need delete permission, or if draft, just need create/modify permission)
if ($permissiontodelete || ($object->status == $object::STATUS_DRAFT && $permissiontoadd)) {
- print 'id.'&action=delete&token='.newToken().'">'.$langs->trans('Delete').''."\n";
+ print 'id.'&action=delete&token='.newToken().'">'.$langs->trans('Delete').''."\n";
} else {
print ''.$langs->trans('Delete').''."\n";
}
diff --git a/htdocs/recruitment/recruitmentjobposition_card.php b/htdocs/recruitment/recruitmentjobposition_card.php
index a3e9b697ae1a5..9564e95938129 100644
--- a/htdocs/recruitment/recruitmentjobposition_card.php
+++ b/htdocs/recruitment/recruitmentjobposition_card.php
@@ -505,7 +505,7 @@
// Delete (need delete permission, or if draft, just need create/modify permission)
if ($permissiontodelete || ($object->status == $object::STATUS_DRAFT && $permissiontoadd)) {
- print 'id.'&action=delete&token='.newToken().'">'.$langs->trans('Delete').''."\n";
+ print 'id.'&action=delete&token='.newToken().'">'.$langs->trans('Delete').''."\n";
} else {
print ''.$langs->trans('Delete').''."\n";
}
diff --git a/htdocs/resource/card.php b/htdocs/resource/card.php
index 88b3d0fdb03c3..649d69d7fb5f8 100644
--- a/htdocs/resource/card.php
+++ b/htdocs/resource/card.php
@@ -347,7 +347,7 @@
// Delete resource
if ($user->rights->resource->delete) {
print '';
}
}
diff --git a/htdocs/salaries/payment_salary/card.php b/htdocs/salaries/payment_salary/card.php
index e4364f6727f09..d33d04c49ff34 100644
--- a/htdocs/salaries/payment_salary/card.php
+++ b/htdocs/salaries/payment_salary/card.php
@@ -248,7 +248,7 @@
if ($action == '') {
if ($user->rights->salaries->delete) {
if (!$disable_delete) {
- print ''.$langs->trans('Delete').'';
+ print ''.$langs->trans('Delete').'';
} else {
print ''.$langs->trans('Delete').'';
}
diff --git a/htdocs/societe/canvas/company/tpl/card_view.tpl.php b/htdocs/societe/canvas/company/tpl/card_view.tpl.php
index 8169a6ca22f1a..7dfe7c212f27a 100644
--- a/htdocs/societe/canvas/company/tpl/card_view.tpl.php
+++ b/htdocs/societe/canvas/company/tpl/card_view.tpl.php
@@ -267,7 +267,7 @@
use_javascript_ajax) { ?>
trans('Delete'); ?>
- control->tpl['id'].'&action=delete&token='.newToken().'&canvas='.$canvas; ?>">trans('Delete'); ?>
+ control->tpl['id'].'&action=delete&token='.newToken().'&canvas='.$canvas; ?>">trans('Delete'); ?>
diff --git a/htdocs/societe/canvas/individual/tpl/card_view.tpl.php b/htdocs/societe/canvas/individual/tpl/card_view.tpl.php
index f058d38cd7c50..86c7d9c9f6585 100644
--- a/htdocs/societe/canvas/individual/tpl/card_view.tpl.php
+++ b/htdocs/societe/canvas/individual/tpl/card_view.tpl.php
@@ -194,7 +194,7 @@
use_javascript_ajax) { ?>
trans('Delete'); ?>
- control->tpl['id'].'&action=delete&token='.newToken().'&canvas='.$canvas; ?>">trans('Delete'); ?>
+ control->tpl['id'].'&action=delete&token='.newToken().'&canvas='.$canvas; ?>">trans('Delete'); ?>
diff --git a/htdocs/societe/card.php b/htdocs/societe/card.php
index 96142f65cd6fc..a155f08e529b0 100644
--- a/htdocs/societe/card.php
+++ b/htdocs/societe/card.php
@@ -2942,7 +2942,7 @@ function init_supplier_categ() {
if ($conf->use_javascript_ajax && empty($conf->dol_use_jmobile)) { // We can't use preloaded confirm form with jmobile
print ''.$langs->trans('Delete').''."\n";
} else {
- print 'id.'&action=delete&token='.newToken().'">'.$langs->trans('Delete').''."\n";
+ print 'id.'&action=delete&token='.newToken().'">'.$langs->trans('Delete').''."\n";
}
}
}
diff --git a/htdocs/societe/price.php b/htdocs/societe/price.php
index da4ca1c0cd7af..dbb0e8f055324 100644
--- a/htdocs/societe/price.php
+++ b/htdocs/societe/price.php
@@ -620,11 +620,11 @@
print img_info();
print '';
print ' ';
- print 'id.'&lineid='.$line->id.'">';
+ print 'id.'&lineid='.$line->id.'">';
print img_edit('default', 0, 'style="vertical-align: middle;"');
print '';
print ' ';
- print 'id.'&lineid='.$line->id.'">';
+ print 'id.'&lineid='.$line->id.'">';
print img_delete('default', 'style="vertical-align: middle;"');
print '';
print '';
diff --git a/htdocs/supplier_proposal/card.php b/htdocs/supplier_proposal/card.php
index a8c1c3a747d0d..c116dceb9934c 100644
--- a/htdocs/supplier_proposal/card.php
+++ b/htdocs/supplier_proposal/card.php
@@ -1889,12 +1889,12 @@
// Clone
if ($usercancreate) {
- print '';
+ print '';
}
// Delete
if (($object->statut == SupplierProposal::STATUS_DRAFT && $usercancreate) || $usercandelete) {
- print '\n";
diff --git a/htdocs/user/notify/card.php b/htdocs/user/notify/card.php
index 5ff285972df38..48cbad46799f9 100644
--- a/htdocs/user/notify/card.php
+++ b/htdocs/user/notify/card.php
@@ -337,7 +337,7 @@
print $langs->trans("SMS");
}
print '';
- print ''.img_delete().' | ';
+ print ''.img_delete().' | ';
print '';
$i++;
}