Bonjour,
Dolibarr 18.0.4.
Un client souhaite rajouter un message à un ticket en cours, via l’interface publique.
Tout va bien jusqu’à ce qu’il clique sur le bouton AJOUTER après avoir saisi son message.
Le navigateur Web affiche :
Access refused to IP publique du client by SQL or Script injection protection in main.inc.php - GETPOST type=0 paramkey=message paramvalue=Le messages page=/public/ticket/view.php
Le log de Dolibarr enregistre :
2023-12-22 12:16:54 DEBUG A.B.C.D DefaultValues::fetchAll
2023-12-22 12:16:54 DEBUG A.B.C.D sql=SELECT rowid,type,user_id,page,param,value FROM llx_default_values as t WHERE 1 = 1 AND (t.user_id IN (0,0) AND entity IN (1,1))
2023-12-22 12:16:54 NOTICE A.B.C.D --- Access to GET /public/ticket/view.php - action=presend, massaction=
2023-12-22 12:16:54 DEBUG A.B.C.D sql=SELECT transkey, transvalue FROM llx_overwrite_trans where (lang='fr_FR' OR lang IS NULL) AND entity IN (0, 0,1) ORDER BY lang DESC
2023-12-22 12:16:54 DEBUG A.B.C.D Company.lib::getFormeJuridiqueLabel
2023-12-22 12:16:54 DEBUG A.B.C.D sql=SELECT libelle FROM llx_c_forme_juridique WHERE code = '35'
2023-12-22 12:16:54 INFO A.B.C.D --- End access to /public/ticket/view.php
2023-12-22 12:16:55 DEBUG A.B.C.D DefaultValues::fetchAll
2023-12-22 12:16:55 DEBUG A.B.C.D sql=SELECT rowid,type,user_id,page,param,value FROM llx_default_values as t WHERE 1 = 1 AND (t.user_id IN (0,0) AND entity IN (1,1))
2023-12-22 12:16:55 NOTICE A.B.C.D --- Access to GET /ticket/css/styles.css.php - action=, massaction= NOTOKENRENEWAL=1
2023-12-22 12:16:55 DEBUG A.B.C.D sql=SELECT transkey, transvalue FROM llx_overwrite_trans where (lang='fr_FR' OR lang IS NULL) AND entity IN (0, 0,1) ORDER BY lang DESC
2023-12-22 12:16:55 DEBUG A.B.C.D sql=SELECT m.rowid, m.type, m.module, m.fk_menu, m.fk_mainmenu, m.fk_leftmenu, m.url, m.titre, m.prefix, m.langs, m.perms, m.enabled, m.target, m.mainmenu, m.leftmenu, m.position FROM llx_menu as m WHERE m.entity IN (0,1) AND m.menu_handler IN ('eldy','all') AND m.usertype IN (0,2) ORDER BY m.position, m.rowid
2023-12-22 12:16:55 INFO A.B.C.D --- End access to /ticket/css/styles.css.php
2023-12-22 12:16:55 DEBUG A.B.C.D DefaultValues::fetchAll
2023-12-22 12:16:55 DEBUG A.B.C.D sql=SELECT rowid,type,user_id,page,param,value FROM llx_default_values as t WHERE 1 = 1 AND (t.user_id IN (0,0) AND entity IN (1,1))
2023-12-22 12:16:55 NOTICE A.B.C.D --- Access to GET /theme/eldy/style.css.php - action=, massaction= NOTOKENRENEWAL=1
2023-12-22 12:16:55 DEBUG A.B.C.D sql=SELECT transkey, transvalue FROM llx_overwrite_trans where (lang='fr_FR' OR lang IS NULL) AND entity IN (0, 0,1) ORDER BY lang DESC
2023-12-22 12:16:55 DEBUG A.B.C.D sql=SELECT m.rowid, m.type, m.module, m.fk_menu, m.fk_mainmenu, m.fk_leftmenu, m.url, m.titre, m.prefix, m.langs, m.perms, m.enabled, m.target, m.mainmenu, m.leftmenu, m.position FROM llx_menu as m WHERE m.entity IN (0,1) AND m.menu_handler IN ('eldy','all') AND m.usertype IN (0,2) ORDER BY m.position, m.rowid
2023-12-22 12:16:55 DEBUG A.B.C.D sql=SELECT u.rowid, u.lastname, u.firstname, u.employee, u.gender, u.civility as civility_code, u.birth, u.email, u.personal_email, u.job, u.socialnetworks, u.signature, u.office_phone, u.office_fax, u.user_mobile, u.personal_mobile, u.address, u.zip, u.town, u.fk_state as state_id, u.fk_country as country_id, u.admin, u.login, u.note_private, u.note_public, u.pass, u.pass_crypted, u.pass_temp, u.api_key, u.fk_soc, u.fk_socpeople, u.fk_member, u.fk_user, u.ldap_sid, u.fk_user_expense_validator, u.fk_user_holiday_validator, u.statut as status, u.lang, u.entity, u.datec as datec, u.tms as datem, u.datelastlogin as datel, u.datepreviouslogin as datep, u.flagdelsessionsbefore, u.iplastlogin, u.ippreviouslogin, u.datelastpassvalidation, u.datestartvalidity, u.dateendvalidity, u.photo as photo, u.openid as openid, u.accountancy_code, u.thm, u.tjm, u.salary, u.salaryextra, u.weeklyhours, u.color, u.dateemployment, u.dateemploymentend, u.fk_warehouse, u.ref_ext, u.default_range, u.default_c_exp_tax_cat, u.national_registration_number, u.ref_employee, c.code as country_code, c.label as country, d.code_departement as state_code, d.nom as state FROM llx_user as u LEFT JOIN llx_c_country as c ON u.fk_country = c.rowid LEFT JOIN llx_c_departements as d ON u.fk_state = d.rowid WHERE u.entity IS NOT NULL AND u.login = 'bigboss' ORDER BY u.entity ASC
2023-12-22 12:16:55 DEBUG A.B.C.D sql=SELECT rowid, name, label, type, size, elementtype, fieldunique, fieldrequired, param, pos, alwayseditable, perms, langs, list, printable, totalizable, fielddefault, fieldcomputed, entity, enabled, help, css, cssview, csslist FROM llx_extrafields WHERE elementtype = 'user' ORDER BY pos
2023-12-22 12:16:55 DEBUG A.B.C.D sql=SELECT param, value FROM llx_user_param WHERE fk_user = 1 AND entity = 1
2023-12-22 12:16:55 DEBUG A.B.C.D DefaultValues::fetchAll
2023-12-22 12:16:55 DEBUG A.B.C.D sql=SELECT rowid,type,user_id,page,param,value FROM llx_default_values as t WHERE 1 = 1 AND (t.user_id IN (0,1) AND entity IN (0,1))
2023-12-22 12:16:55 DEBUG A.B.C.D sql=SELECT DISTINCT r.module, r.perms, r.subperms FROM llx_user_rights as ur, llx_rights_def as r WHERE r.id = ur.fk_id AND r.entity = 1 AND ur.entity = 1 AND ur.fk_user= 1 AND r.perms IS NOT NULL AND r.perms NOT LIKE '%_advance'
2023-12-22 12:16:55 DEBUG A.B.C.D sql=SELECT DISTINCT r.module, r.perms, r.subperms FROM llx_usergroup_rights as gr, llx_usergroup_user as gu, llx_rights_def as r WHERE r.id = gr.fk_id AND gr.entity = 1 AND gu.entity IN (0,1) AND r.entity = 1 AND gr.fk_usergroup = gu.fk_usergroup AND gu.fk_user = 1 AND r.perms IS NOT NULL
2023-12-22 12:16:55 DEBUG A.B.C.D sql=SELECT m.rowid, m.type, m.module, m.fk_menu, m.fk_mainmenu, m.fk_leftmenu, m.url, m.titre, m.prefix, m.langs, m.perms, m.enabled, m.target, m.mainmenu, m.leftmenu, m.position FROM llx_menu as m WHERE m.entity IN (0,1) AND m.menu_handler IN ('eldy','all') AND m.usertype IN (0,2) ORDER BY m.position, m.rowid
2023-12-22 12:16:55 INFO A.B.C.D --- End access to /theme/eldy/style.css.php
2023-12-22 12:17:01 DEBUG A.B.C.D DefaultValues::fetchAll
2023-12-22 12:17:01 DEBUG A.B.C.D sql=SELECT rowid,type,user_id,page,param,value FROM llx_default_values as t WHERE 1 = 1 AND (t.user_id IN (0,0) AND entity IN (1,1))
2023-12-22 12:17:01 NOTICE A.B.C.D --- Access to POST /public/ticket/view.php - action=view_ticket, massaction=
2023-12-22 12:17:01 DEBUG A.B.C.D sql=SELECT transkey, transvalue FROM llx_overwrite_trans where (lang='fr_FR' OR lang IS NULL) AND entity IN (0, 0,1) ORDER BY lang DESC
2023-12-22 12:17:01 DEBUG A.B.C.D Ticket::fetch
2023-12-22 12:17:01 DEBUG A.B.C.D sql=SELECT t.rowid, t.entity, t.ref, t.track_id, t.fk_soc, t.fk_project, t.origin_email, t.fk_user_create, t.fk_user_assign, t.email_msgid, t.email_date, t.subject, t.message, t.fk_statut as status, t.resolution, t.progress, t.timing, t.type_code, t.category_code, t.severity_code, t.datec, t.date_read, t.date_last_msg_sent, t.date_close, t.tms, t.ip, type.label as type_label, category.label as category_label, severity.label as severity_label FROM llx_ticket as t LEFT JOIN llx_c_ticket_type as type ON type.code=t.type_code LEFT JOIN llx_c_ticket_category as category ON category.code=t.category_code LEFT JOIN llx_c_ticket_severity as severity ON severity.code=t.severity_code WHERE t.entity IN (1) AND t.track_id = 'sx8gea239hqtrfap'
2023-12-22 12:17:01 DEBUG A.B.C.D sql=SELECT rowid, name, label, type, size, elementtype, fieldunique, fieldrequired, param, pos, alwayseditable, perms, langs, list, printable, totalizable, fielddefault, fieldcomputed, entity, enabled, help, css, cssview, csslist FROM llx_extrafields WHERE elementtype = 'ticket' ORDER BY pos
2023-12-22 12:17:01 DEBUG A.B.C.D sql=SELECT u.rowid, u.lastname, u.firstname, u.employee, u.gender, u.civility as civility_code, u.birth, u.email, u.personal_email, u.job, u.socialnetworks, u.signature, u.office_phone, u.office_fax, u.user_mobile, u.personal_mobile, u.address, u.zip, u.town, u.fk_state as state_id, u.fk_country as country_id, u.admin, u.login, u.note_private, u.note_public, u.pass, u.pass_crypted, u.pass_temp, u.api_key, u.fk_soc, u.fk_socpeople, u.fk_member, u.fk_user, u.ldap_sid, u.fk_user_expense_validator, u.fk_user_holiday_validator, u.statut as status, u.lang, u.entity, u.datec as datec, u.tms as datem, u.datelastlogin as datel, u.datepreviouslogin as datep, u.flagdelsessionsbefore, u.iplastlogin, u.ippreviouslogin, u.datelastpassvalidation, u.datestartvalidity, u.dateendvalidity, u.photo as photo, u.openid as openid, u.accountancy_code, u.thm, u.tjm, u.salary, u.salaryextra, u.weeklyhours, u.color, u.dateemployment, u.dateemploymentend, u.fk_warehouse, u.ref_ext, u.default_range, u.default_c_exp_tax_cat, u.national_registration_number, u.ref_employee, c.code as country_code, c.label as country, d.code_departement as state_code, d.nom as state FROM llx_user as u LEFT JOIN llx_c_country as c ON u.fk_country = c.rowid LEFT JOIN llx_c_departements as d ON u.fk_state = d.rowid WHERE u.entity IS NOT NULL AND u.rowid = 2 ORDER BY u.entity ASC
2023-12-22 12:17:01 DEBUG A.B.C.D sql=SELECT rowid, name, label, type, size, elementtype, fieldunique, fieldrequired, param, pos, alwayseditable, perms, langs, list, printable, totalizable, fielddefault, fieldcomputed, entity, enabled, help, css, cssview, csslist FROM llx_extrafields WHERE elementtype = 'user' ORDER BY pos
2023-12-22 12:17:01 DEBUG A.B.C.D sql=SELECT u.rowid, u.lastname, u.firstname, u.employee, u.gender, u.civility as civility_code, u.birth, u.email, u.personal_email, u.job, u.socialnetworks, u.signature, u.office_phone, u.office_fax, u.user_mobile, u.personal_mobile, u.address, u.zip, u.town, u.fk_state as state_id, u.fk_country as country_id, u.admin, u.login, u.note_private, u.note_public, u.pass, u.pass_crypted, u.pass_temp, u.api_key, u.fk_soc, u.fk_socpeople, u.fk_member, u.fk_user, u.ldap_sid, u.fk_user_expense_validator, u.fk_user_holiday_validator, u.statut as status, u.lang, u.entity, u.datec as datec, u.tms as datem, u.datelastlogin as datel, u.datepreviouslogin as datep, u.flagdelsessionsbefore, u.iplastlogin, u.ippreviouslogin, u.datelastpassvalidation, u.datestartvalidity, u.dateendvalidity, u.photo as photo, u.openid as openid, u.accountancy_code, u.thm, u.tjm, u.salary, u.salaryextra, u.weeklyhours, u.color, u.dateemployment, u.dateemploymentend, u.fk_warehouse, u.ref_ext, u.default_range, u.default_c_exp_tax_cat, u.national_registration_number, u.ref_employee, c.code as country_code, c.label as country, d.code_departement as state_code, d.nom as state FROM llx_user as u LEFT JOIN llx_c_country as c ON u.fk_country = c.rowid LEFT JOIN llx_c_departements as d ON u.fk_state = d.rowid WHERE u.entity IS NOT NULL AND u.rowid = 2 ORDER BY u.entity ASC
2023-12-22 12:17:01 DEBUG A.B.C.D Ticket::load_cache_actions_ticket
2023-12-22 12:17:01 DEBUG A.B.C.D sql=SELECT id as rowid, fk_user_author, email_from, datec, datep, label, note as message, code FROM llx_actioncomm WHERE fk_element = 7 AND elementtype = 'ticket' ORDER BY datep DESC
2023-12-22 12:17:01 DEBUG A.B.C.D sql=SELECT u.rowid, u.lastname, u.firstname, u.employee, u.gender, u.civility as civility_code, u.birth, u.email, u.personal_email, u.job, u.socialnetworks, u.signature, u.office_phone, u.office_fax, u.user_mobile, u.personal_mobile, u.address, u.zip, u.town, u.fk_state as state_id, u.fk_country as country_id, u.admin, u.login, u.note_private, u.note_public, u.pass, u.pass_crypted, u.pass_temp, u.api_key, u.fk_soc, u.fk_socpeople, u.fk_member, u.fk_user, u.ldap_sid, u.fk_user_expense_validator, u.fk_user_holiday_validator, u.statut as status, u.lang, u.entity, u.datec as datec, u.tms as datem, u.datelastlogin as datel, u.datepreviouslogin as datep, u.flagdelsessionsbefore, u.iplastlogin, u.ippreviouslogin, u.datelastpassvalidation, u.datestartvalidity, u.dateendvalidity, u.photo as photo, u.openid as openid, u.accountancy_code, u.thm, u.tjm, u.salary, u.salaryextra, u.weeklyhours, u.color, u.dateemployment, u.dateemploymentend, u.fk_warehouse, u.ref_ext, u.default_range, u.default_c_exp_tax_cat, u.national_registration_number, u.ref_employee, c.code as country_code, c.label as country, d.code_departement as state_code, d.nom as state FROM llx_user as u LEFT JOIN llx_c_country as c ON u.fk_country = c.rowid LEFT JOIN llx_c_departements as d ON u.fk_state = d.rowid WHERE u.entity IS NOT NULL AND u.rowid = 2 ORDER BY u.entity ASC
2023-12-22 12:17:01 DEBUG A.B.C.D Company.lib::getFormeJuridiqueLabel
2023-12-22 12:17:01 DEBUG A.B.C.D sql=SELECT libelle FROM llx_c_forme_juridique WHERE code = '35'
2023-12-22 12:17:01 INFO A.B.C.D --- End access to /public/ticket/view.php
2023-12-22 12:17:03 DEBUG A.B.C.D DefaultValues::fetchAll
2023-12-22 12:17:03 DEBUG A.B.C.D sql=SELECT rowid,type,user_id,page,param,value FROM llx_default_values as t WHERE 1 = 1 AND (t.user_id IN (0,0) AND entity IN (1,1))
2023-12-22 12:17:03 NOTICE A.B.C.D --- Access to GET /public/ticket/view.php - action=presend, massaction=
2023-12-22 12:17:03 DEBUG A.B.C.D sql=SELECT transkey, transvalue FROM llx_overwrite_trans where (lang='fr_FR' OR lang IS NULL) AND entity IN (0, 0,1) ORDER BY lang DESC
2023-12-22 12:17:03 DEBUG A.B.C.D Ticket::fetch
2023-12-22 12:17:03 DEBUG A.B.C.D sql=SELECT t.rowid, t.entity, t.ref, t.track_id, t.fk_soc, t.fk_project, t.origin_email, t.fk_user_create, t.fk_user_assign, t.email_msgid, t.email_date, t.subject, t.message, t.fk_statut as status, t.resolution, t.progress, t.timing, t.type_code, t.category_code, t.severity_code, t.datec, t.date_read, t.date_last_msg_sent, t.date_close, t.tms, t.ip, type.label as type_label, category.label as category_label, severity.label as severity_label FROM llx_ticket as t LEFT JOIN llx_c_ticket_type as type ON type.code=t.type_code LEFT JOIN llx_c_ticket_category as category ON category.code=t.category_code LEFT JOIN llx_c_ticket_severity as severity ON severity.code=t.severity_code WHERE t.entity IN (1) AND t.track_id = 'sx8gea239hqtrfap'
2023-12-22 12:17:03 DEBUG A.B.C.D sql=SELECT rowid, name, label, type, size, elementtype, fieldunique, fieldrequired, param, pos, alwayseditable, perms, langs, list, printable, totalizable, fielddefault, fieldcomputed, entity, enabled, help, css, cssview, csslist FROM llx_extrafields WHERE elementtype = 'ticket' ORDER BY pos
2023-12-22 12:17:03 DEBUG A.B.C.D sql=SELECT u.rowid, u.lastname, u.firstname, u.employee, u.gender, u.civility as civility_code, u.birth, u.email, u.personal_email, u.job, u.socialnetworks, u.signature, u.office_phone, u.office_fax, u.user_mobile, u.personal_mobile, u.address, u.zip, u.town, u.fk_state as state_id, u.fk_country as country_id, u.admin, u.login, u.note_private, u.note_public, u.pass, u.pass_crypted, u.pass_temp, u.api_key, u.fk_soc, u.fk_socpeople, u.fk_member, u.fk_user, u.ldap_sid, u.fk_user_expense_validator, u.fk_user_holiday_validator, u.statut as status, u.lang, u.entity, u.datec as datec, u.tms as datem, u.datelastlogin as datel, u.datepreviouslogin as datep, u.flagdelsessionsbefore, u.iplastlogin, u.ippreviouslogin, u.datelastpassvalidation, u.datestartvalidity, u.dateendvalidity, u.photo as photo, u.openid as openid, u.accountancy_code, u.thm, u.tjm, u.salary, u.salaryextra, u.weeklyhours, u.color, u.dateemployment, u.dateemploymentend, u.fk_warehouse, u.ref_ext, u.default_range, u.default_c_exp_tax_cat, u.national_registration_number, u.ref_employee, c.code as country_code, c.label as country, d.code_departement as state_code, d.nom as state FROM llx_user as u LEFT JOIN llx_c_country as c ON u.fk_country = c.rowid LEFT JOIN llx_c_departements as d ON u.fk_state = d.rowid WHERE u.entity IS NOT NULL AND u.rowid = 2 ORDER BY u.entity ASC
2023-12-22 12:17:03 DEBUG A.B.C.D sql=SELECT rowid, name, label, type, size, elementtype, fieldunique, fieldrequired, param, pos, alwayseditable, perms, langs, list, printable, totalizable, fielddefault, fieldcomputed, entity, enabled, help, css, cssview, csslist FROM llx_extrafields WHERE elementtype = 'user' ORDER BY pos
2023-12-22 12:17:03 DEBUG A.B.C.D sql=SELECT u.rowid, u.lastname, u.firstname, u.employee, u.gender, u.civility as civility_code, u.birth, u.email, u.personal_email, u.job, u.socialnetworks, u.signature, u.office_phone, u.office_fax, u.user_mobile, u.personal_mobile, u.address, u.zip, u.town, u.fk_state as state_id, u.fk_country as country_id, u.admin, u.login, u.note_private, u.note_public, u.pass, u.pass_crypted, u.pass_temp, u.api_key, u.fk_soc, u.fk_socpeople, u.fk_member, u.fk_user, u.ldap_sid, u.fk_user_expense_validator, u.fk_user_holiday_validator, u.statut as status, u.lang, u.entity, u.datec as datec, u.tms as datem, u.datelastlogin as datel, u.datepreviouslogin as datep, u.flagdelsessionsbefore, u.iplastlogin, u.ippreviouslogin, u.datelastpassvalidation, u.datestartvalidity, u.dateendvalidity, u.photo as photo, u.openid as openid, u.accountancy_code, u.thm, u.tjm, u.salary, u.salaryextra, u.weeklyhours, u.color, u.dateemployment, u.dateemploymentend, u.fk_warehouse, u.ref_ext, u.default_range, u.default_c_exp_tax_cat, u.national_registration_number, u.ref_employee, c.code as country_code, c.label as country, d.code_departement as state_code, d.nom as state FROM llx_user as u LEFT JOIN llx_c_country as c ON u.fk_country = c.rowid LEFT JOIN llx_c_departements as d ON u.fk_state = d.rowid WHERE u.entity IS NOT NULL AND u.rowid = 2 ORDER BY u.entity ASC
2023-12-22 12:17:03 DEBUG A.B.C.D sql=SELECT rowid, module, label, topic, content, content_lines, lang, fk_user, private, position FROM llx_c_email_templates WHERE type_template IN ('', 'all') AND entity IN (0,1) AND (private = 0 OR fk_user = 0) AND active = 1 ORDER BY position ASC, lang ASC, label ASC
2023-12-22 12:17:03 INFO A.B.C.D DolEditor::DolEditor htmlname=message width=100% height=200 toolbarname=dolibarr_notes
2023-12-22 12:17:03 DEBUG A.B.C.D Ticket::load_cache_actions_ticket
2023-12-22 12:17:03 DEBUG A.B.C.D sql=SELECT id as rowid, fk_user_author, email_from, datec, datep, label, note as message, code FROM llx_actioncomm WHERE fk_element = 7 AND elementtype = 'ticket' ORDER BY datep DESC
2023-12-22 12:17:03 DEBUG A.B.C.D sql=SELECT u.rowid, u.lastname, u.firstname, u.employee, u.gender, u.civility as civility_code, u.birth, u.email, u.personal_email, u.job, u.socialnetworks, u.signature, u.office_phone, u.office_fax, u.user_mobile, u.personal_mobile, u.address, u.zip, u.town, u.fk_state as state_id, u.fk_country as country_id, u.admin, u.login, u.note_private, u.note_public, u.pass, u.pass_crypted, u.pass_temp, u.api_key, u.fk_soc, u.fk_socpeople, u.fk_member, u.fk_user, u.ldap_sid, u.fk_user_expense_validator, u.fk_user_holiday_validator, u.statut as status, u.lang, u.entity, u.datec as datec, u.tms as datem, u.datelastlogin as datel, u.datepreviouslogin as datep, u.flagdelsessionsbefore, u.iplastlogin, u.ippreviouslogin, u.datelastpassvalidation, u.datestartvalidity, u.dateendvalidity, u.photo as photo, u.openid as openid, u.accountancy_code, u.thm, u.tjm, u.salary, u.salaryextra, u.weeklyhours, u.color, u.dateemployment, u.dateemploymentend, u.fk_warehouse, u.ref_ext, u.default_range, u.default_c_exp_tax_cat, u.national_registration_number, u.ref_employee, c.code as country_code, c.label as country, d.code_departement as state_code, d.nom as state FROM llx_user as u LEFT JOIN llx_c_country as c ON u.fk_country = c.rowid LEFT JOIN llx_c_departements as d ON u.fk_state = d.rowid WHERE u.entity IS NOT NULL AND u.rowid = 2 ORDER BY u.entity ASC
2023-12-22 12:17:03 DEBUG A.B.C.D Company.lib::getFormeJuridiqueLabel
2023-12-22 12:17:03 DEBUG A.B.C.D sql=SELECT libelle FROM llx_c_forme_juridique WHERE code = '35'
2023-12-22 12:17:03 INFO A.B.C.D --- End access to /public/ticket/view.php
Vue la correction proposée ici, mais non applicable à cette dernière version de dolibarr.
