From: vincent@cubedesigners.com <vincent@cubedesigners.com@f5622870-0f3c-0410-866d-9cb505b7a8ef>
Date: Mon, 22 Feb 2021 17:51:03 +0000 (+0000)
Subject: wip #4286 @1
X-Git-Url: http://git.cubedesigners.com/?a=commitdiff_plain;h=042eee00fafa3b9d06175ee428d00758e8cc14a2;p=cubeextranet.git

wip #4286 @1
---

diff --git a/inc/ws/Controlleur/class.ws.ajax.php b/inc/ws/Controlleur/class.ws.ajax.php
index bb9c1477d..78a3edb4a 100644
--- a/inc/ws/Controlleur/class.ws.ajax.php
+++ b/inc/ws/Controlleur/class.ws.ajax.php
@@ -512,6 +512,12 @@ class wsAjax extends cubeAjax
 
         $_POST = array_merge($defaults, $_POST);
 
+        foreach ($_POST as $k => $v) {
+            if (!is_array($v)) {
+                $_POST[$k] = htmlspecialchars($v);
+            }
+        }
+
 
         if (!self::valideDemandeDevis($x)) {
             $x->addAlert(sprintf(__("Une erreur s'est produite. Nous avons été averti de l'erreur que vous rencontrez. Vous pouvez nous contacter par e-mail à l'adresse suivante : %s"), '<a href="mailto:info@fluidbook.com">info@fluidbook.com</a>'));
diff --git a/inc/ws/Util/html5/master/class.ws.html5.compiler.php b/inc/ws/Util/html5/master/class.ws.html5.compiler.php
index c81cc4f1a..5d9689808 100644
--- a/inc/ws/Util/html5/master/class.ws.html5.compiler.php
+++ b/inc/ws/Util/html5/master/class.ws.html5.compiler.php
@@ -136,6 +136,7 @@ class wsHTML5Compiler
         'js/widget.js'
     );
 
+
     public $jsFiles = [];
 
     // Collection of LESS files to be compiled
@@ -323,6 +324,9 @@ class wsHTML5Compiler
             $this->initMobileFirst();
         }
 
+        $this->svgfiles = array($this->assets . '/images/symbols/interface.svg',
+            WS_ICONS . '/' . $this->theme->parametres->iconSet . '/interface.svg');
+
         if ($this->book->parametres->zoomMode == 1 || $this->isMobileFirst()) {
             $this->multiply = $this->pdf2htmlRatio * $this->scale * $this->cssOneScale;
         } else {
@@ -429,6 +433,7 @@ class wsHTML5Compiler
         $this->addJsLib('grandvision', 'js/libs/fluidbook/cart/fluidbook.cart.grandvision.js');
         $this->addJsLib('html2pdf', 'js/libs/html2pdf/html2pdf.min.js');
         $this->addJsLib('multiselect', 'js/libs/jquery/jquery.multi-select.js');
+        $this->svgfiles[] = $this->assets . '/images/symbols/grandvision.svg';
 
         $cdir = $this->wdir . '/commerce/';
         $file = $cdir . $this->book->parametres->basketReferences;
@@ -439,7 +444,7 @@ class wsHTML5Compiler
             mkdir($odir, 0777, true);
         }
 
-        $it = CubeIT_Files::getDirectoryIterator($cdir );
+        $it = CubeIT_Files::getDirectoryIterator($cdir);
         $exts = ['png', 'jpg', 'tif', 'mp4'];
         foreach ($it as $file) {
 
@@ -1257,9 +1262,9 @@ class wsHTML5Compiler
                 $this->theme->parametres->iconSet = 15;
             }
 
-            $svgfiles = array($this->assets . '/images/interface.svg', WS_ICONS . '/' . $this->theme->parametres->iconSet . '/interface.svg');
+
             $svg = '';
-            foreach ($svgfiles as $svgfile) {
+            foreach ($this->svgfiles as $svgfile) {
                 if (file_exists($svgfile)) {
                     $svg .= str_replace('$bookmark-color', wsHTML5::colorToCSS($this->theme->parametres->bookmarkBackgroundColor), file_get_contents($svgfile));
                 } else {