lainwir3d/dolibarr
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix conflits

Browse Source
This commit is contained in:
Lamrani Abdel 2023-02-07 15:14:26 +01:00
commit 00affd520a
103 changed files with 72965 additions and 793 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
ChangeLog
View File

@ -15,7 +15,7 @@ Following changes may create regressions for some external modules, but were nec
* The method "nb_expedition()" has been renamed into "countNbOfShipments()"
* Revert default type of hooks. Default is now 'addreplace' hooks (and exception become 'output' hooks, that become deprecated).
* Deprecated property libelle removed from entrepot class.
* The type 'text' in ->fields property dos not accept html content anymore. Use the type 'html' for that.
***** ChangeLog for 17.0.0 compared to 16.0.0 *****
@ -238,25 +238,38 @@ Following changes may create regressions for some external modules, but were nec
* Rename the substitution for project label instead of project title in substitution variables
***** ChangeLog for 16.0.4 compared to 16.0.2 *****
***** ChangeLog for 16.0.4 compared to 16.0.3 *****
FIX: Amount of localtax1 and 2 not correctly save on purchase order (the rate was saved instead)
FIX: #20415
FIX: #21280
FIX: #23008
FIX: #22271
FIX: #22524
FIX: #22837
FIX: #22964
FIX: #23012
FIX: #23019 Impossible to add task times to an existing draft invoice
FIX: #23072
FIX: #23087
FIX: #23115
FIX: #23116
FIX: #23281
FIX: #23420 : wrong check on $search_categ value causing FATAL ERROR
FIX: Accountancy - Quadra export
FIX: add border left on image product when conf activated
FIX: Add missing token when deleting template inn order_supplier admin menu
FIX: Amount of localtax1 and 2 not correctly save on purchase order (the
FIX: API access for deactivated users
FIX: bad selection of barcode numbering module
FIX: Can't see all time spent by all user
FIX: CI
FIX: CommonObject - showOptionals - Display blank td when MAIN_VIEW_LINE_NUMBER is enabled and action is confirm_valid
FIX: Documents API inconsistency
FIX: Empty FormSetup emailTemplate type IF empty fieldvalue
FIX: Errors Handling for CreateFrom Hooks
FIX: error with dol_banner_tab, ref is needed
FIX: ExpenseReport card was not reloaded after addline
FIX: #23075
FIX: #23117
FIX: get multicurrency infos of propal when create order from propal with "WORKFLOW_PROPAL_AUTOCREATE_ORDER" conf
@ -264,12 +277,16 @@ FIX: Give predictable order to inventory lines
FIX: include class multicurrency
FIX: methods declaration (backport fix 67b9a7dc07d708231d12b5e58800334d4a01ef98)
FIX: multicurrency_tx and not currency_tx
FIX: PGSQL Integer type does not have a free length
FIX: on public ticket list, only the page 1 was accessible. Other pages were 404 error.
FIX: PGSQL Integer type does not have a free lenght
FIX: PGSQL Int type does not have a free lenght
FIX: Product list in setup.php in new Module
FIX: propal and order stats broken on Tag+User(retricted customer list)
FIX: saving of numbering module for jobs
FIX: Stickler
FIX: travis
FIX: wrong check on $search_categ value causing fatal error
FIX: wrong stock list with multicompany and without stock sharing
***** ChangeLog for 16.0.3 compared to 16.0.2 *****

44
build/exe/doliwamp/Languages/MyEnglish.isl
View File

@ -11,38 +11,38 @@ LaunchProgram=Launch %1
AssocFileExtension=&Associate %1 with the %2 file extension
AssocingFileExtension=Associating %1 with the %2 file extension...
YouWillInstallDoliWamp=You will install DoliWamp (so Dolibarr + all required third party software like Apache, Mysql and PHP) on your computer.
ThisAssistantInstallOrUpgrade=WARNING: Using an ERP CRM installed on a local computer can be dangerous: if your computer break down, you can lose all your data. Do this if you are ready to manage backup yourself seriously. If not, use an installation in Saas instead (see https://saas.dolibarr.org).
IfYouHaveTechnicalKnowledge=Moreover, if you have technical knowledges and want to manage your Apache, Mysql and PHP yourself, you should not use this assistant and make a manual installation of Dolibarr on your existing server with Apache, Mysql and PHP.
ButIfYouLook=But if you look for an automatic setup on your local computer, you''re on the good way...
DoYouWantToStart=Do you want to start installation process ?
YouWillInstallDoliWamp=You will install DoliWamp (so Dolibarr plus all required third-party software like Apache, MySQL and PHP) on your computer.
ThisAssistantInstallOrUpgrade=WARNING: Using an ERP CRM installed on a local computer can be dangerous: if your computer breaks down, you can lose all your data. Do this if you are ready to manage backups yourself seriously. If not, use an installation in SaaS instead (see https://saas.dolibarr.org).
IfYouHaveTechnicalKnowledge=Moreover, if you have technical knowledge and want to manage Apache, MySQL and PHP yourself, you should not use this assistant and instead make a manual installation of Dolibarr on your existing server with Apache, MySQL and PHP.
ButIfYouLook=But if you are looking for an automatic setup on your local computer, you're on the right path...
DoYouWantToStart=Do you want to start the installation process?
TechnicalParameters=Technical parameters
IfFirstInstall=If first install, please specify some technical parameters. If you don't understand, are not sure, or are doing an upgrade, just leave the default values.
IfFirstInstall=If this is the first install, please specify some technical parameters. If you don't understand, are not sure, or are doing an upgrade, just keep the default values.
; WARNING !!! STRINGS HERE MUST BE LOWER THAN 60 CHARACTERS
SMTPServer=SMTP server (your own or ISP SMTP server, first install only) :
ApachePort=Apache port (first install only, common choice is 80) :
MySqlPort=MySql port (first install only, common choice is 3306) :
MySqlPassword=MySql server and database password you want for root (first install only):
SMTPServer=SMTP server (your own or ISP SMTP server, first install only):
ApachePort=Apache port (first install only, common choice is 80):
MySqlPort=MySQL port (first install only, common choice is 3306):
MySqlPassword=MySQL server and database password you want for root (first install only):
FailedToDeleteLock=Failed to delete the file %1/www/dolibarr/install.lock. You can ignore warning but you may have to remove it manually later when asked. Click OK to continue...
FailedToDeleteLock=Failed to delete the file %1/www/dolibarr/install.lock. You can ignore this warning but you may have to remove the file manually later when asked. Click OK to continue...
PortAlreadyInUse=Port %1 seems to be already in use. You should cancel to go back and choose another value for %2 port. Cancel choice and choose another value ?
PortAlreadyInUse=Port %1 seems to already be in use. You should cancel to go back and choose another value for %2 port. Cancel choice and choose another value?
FirefoxDetected=Firefox has been detected on your computer. Would you like to use it as the default browser for Dolibarr ?
ChromeDetected=Chrome has been detected on your computer. Would you like to use it as the default browser for Dolibarr ?
MicrosoftEdgeDetected=Microsoft Edge has been detected on your computer. Would you like to use it as the default browser for Dolibarr ?
ChooseDefaultBrowser=Please choose your default browser (iexplore.exe, firefox.exe, chrome.exe, MicrosoftEdge.exe...). If you are not sure, just click Open :
FirefoxDetected=Firefox has been detected on your computer. Would you like to use it as the default browser for Dolibarr?
ChromeDetected=Chrome has been detected on your computer. Would you like to use it as the default browser for Dolibarr?
MicrosoftEdgeDetected=Microsoft Edge has been detected on your computer. Would you like to use it as the default browser for Dolibarr?
ChooseDefaultBrowser=Please choose your default browser (iexplore.exe, firefox.exe, chrome.exe, MicrosoftEdge.exe...). If you are not sure, just click Open:
LaunchNow=Launch Dolibarr now
ProgramHasBeenRemoved=Dolibarr program files have been removed. However, all your data files are still in directory %1. You must remove this directory manually for a complete uninstall.
ProgramHasBeenRemoved=Dolibarr's program files have been removed. However, all your data files are still in directory %1. You must remove this directory manually for a complete uninstall.
DoliWampWillStartApacheMysql=DoliWamp installer will now start or restart Apache and Mysql, this may last from several seconds to one minute after this confirmation. Start to install or upgrade the web and database server required by Dolibarr ?
DoliWampWillStartApacheMysql=DoliWamp installer will now start or restart Apache and MySQL. This may take from several seconds to one minute. Start to install or upgrade the web and database server required by Dolibarr?
OldVersionFoundAndMoveInNew=An old database version has been found and moved to be used by new Dolibarr version
OldVersionFoundButFailedToMoveInNew=An old database version has been found but could not be moved to be used with new Dolibarr version
OldVersionFoundAndMoveInNew=An old database version has been found and moved to be used by the new Dolibarr version
OldVersionFoundButFailedToMoveInNew=An old database version has been found but could not be moved to be used with the new Dolibarr version
DLLMissing=Your Windows installation is missing The "Micrsoft Visual C++ Redistributable for Visual Studio 2012" component. Please install the 32-bit version (vcredist_x86.exe) first (you can find it at https://www.microsoft.com/en-us/download/) and restart DoliWamp installation/upgrade after.
ContinueAnyway=Continue anyway (install process may fails without this prerequisite)
DLLMissing=Your Windows installation is missing the "Microsoft Visual C++ Redistributable for Visual Studio 2012" component. Please install the 32-bit version (vcredist_x86.exe) first (you can find it at https://www.microsoft.com/en-us/download/) and restart DoliWamp installation/upgrade after.
ContinueAnyway=Continue anyway (install process may fail without this prerequisite)

2
dev/dolibarr_changes.txt
View File

@ -212,7 +212,7 @@ with
* Fix by replacing
if ($res[0] == PDF_TYPE_OBJECT)
with
if ($res && $res[0] == PDF_TYPE_OBJECT)
if (isset($res[0]) && $res[0] == PDF_TYPE_OBJECT)

3
dev/resources/iso-normes/qr-bar-codes/QR code for invoices.txt
View File

@ -23,7 +23,6 @@ Method to encode/decode ZATCA string is available in test/phpunit/BarcodeTest.ph
* FOR QR-Bill in switzerland - Facture-QR
-----------------------------------------
Syntax of QR Code https://www.swiss-qr-invoice.org/fr/
Syntax of QR Code - See file ig-qr-bill-v2.2-fr.pdf (more doc on https://www.swiss-qr-invoice.org/downloads/)
Syntax of complentary field named "structured information of invoice S1": https://www.swiss-qr-invoice.org/downloads/qr-bill-s1-syntax-fr.pdf
To test/validate: https://www.swiss-qr-invoice.org/validator/

71291
dev/resources/iso-normes/qr-bar-codes/ig-qr-bill-v2.2-fr.pdf Normal file
View File

File diff suppressed because one or more lines are too long

2
htdocs/adherents/class/subscription.class.php
View File

@ -109,7 +109,7 @@ class Subscription extends CommonObject
'datef' =>array('type'=>'datetime', 'label'=>'DateEndSubscription', 'enabled'=>1, 'visible'=>-1, 'position'=>35),
'subscription' =>array('type'=>'double(24,8)', 'label'=>'Amount', 'enabled'=>1, 'visible'=>-1, 'position'=>40, 'isameasure'=>1),
'fk_bank' =>array('type'=>'integer', 'label'=>'BankId', 'enabled'=>1, 'visible'=>-1, 'position'=>45),
'note' =>array('type'=>'text', 'label'=>'Note', 'enabled'=>1, 'visible'=>-1, 'position'=>50),
'note' =>array('type'=>'html', 'label'=>'Note', 'enabled'=>1, 'visible'=>-1, 'position'=>50),
'fk_type' =>array('type'=>'integer', 'label'=>'MemberType', 'enabled'=>1, 'visible'=>-1, 'position'=>55),
'fk_user_creat' =>array('type'=>'integer:User:user/class/user.class.php', 'label'=>'UserAuthor', 'enabled'=>1, 'visible'=>-2, 'position'=>60),
'fk_user_valid' =>array('type'=>'integer:User:user/class/user.class.php', 'label'=>'UserValidation', 'enabled'=>1, 'visible'=>-1, 'position'=>65),

67
htdocs/adherents/subscription/list.php
View File

@ -342,7 +342,7 @@ if ($sall) {
$moreforfilter = '';
$varpage = empty($contextpage) ? $_SERVER["PHP_SELF"] : $contextpage;
$selectedfields = $form->multiSelectArrayWithCheckbox('selectedfields', $arrayfields, $varpage); // This also change content of $arrayfields
$selectedfields = $form->multiSelectArrayWithCheckbox('selectedfields', $arrayfields, $varpage, getDolGlobalString('MAIN_CHECKBOX_LEFT_COLUMN')); // This also change content of $arrayfields
if ($massactionbutton) {
$selectedfields .= $form->showCheckAddButtons('checkforselect', 1);
}
@ -353,7 +353,13 @@ print '<table class="tagtable nobottomiftotal liste'.($moreforfilter ? " listwit
// Line for filters fields
print '<tr class="liste_titre_filter">';
// Action column
if (getDolGlobalString('MAIN_CHECKBOX_LEFT_COLUMN')) {
print '<td class="liste_titre right">';
$searchpicto = $form->showFilterButtons('left');
print $searchpicto;
print '</td>';
}
// Line numbering
if (!empty($conf->global->MAIN_SHOW_TECHNICAL_ID)) {
print '<td class="liste_titre">&nbsp;</td>';
@ -431,15 +437,19 @@ if (!empty($arrayfields['c.tms']['checked'])) {
}
// Action column
print '<td class="liste_titre right">';
$searchpicto = $form->showFilterButtons();
print $searchpicto;
print '</td>';
if (!getDolGlobalString('MAIN_CHECKBOX_LEFT_COLUMN')) {
print '<td class="liste_titre right">';
$searchpicto = $form->showFilterButtons();
print $searchpicto;
print '</td>';
}
print "</tr>\n";
print '<tr class="liste_titre">';
if (getDolGlobalString('MAIN_CHECKBOX_LEFT_COLUMN')) {
print_liste_field_titre($selectedfields, $_SERVER["PHP_SELF"], '', '', '', 'align="center"', $sortfield, $sortorder, 'maxwidthsearch ');
}
if (!empty($arrayfields['d.ref']['checked'])) {
print_liste_field_titre($arrayfields['d.ref']['label'], $_SERVER["PHP_SELF"], "c.rowid", $param, "", "", $sortfield, $sortorder);
}
@ -484,7 +494,9 @@ if (!empty($arrayfields['c.datec']['checked'])) {
if (!empty($arrayfields['c.tms']['checked'])) {
print_liste_field_titre($arrayfields['c.tms']['label'], $_SERVER["PHP_SELF"], "c.tms", "", $param, 'align="center" class="nowrap"', $sortfield, $sortorder);
}
print_liste_field_titre($selectedfields, $_SERVER["PHP_SELF"], '', '', '', 'align="center"', $sortfield, $sortorder, 'maxwidthsearch ');
if (!getDolGlobalString('MAIN_CHECKBOX_LEFT_COLUMN')) {
print_liste_field_titre($selectedfields, $_SERVER["PHP_SELF"], '', '', '', 'align="center"', $sortfield, $sortorder, 'maxwidthsearch ');
}
print "</tr>\n";
@ -540,7 +552,21 @@ while ($i < min($num, $limit)) {
}
} else {
print '<tr class="oddeven">';
// Action column
if (getDolGlobalString('MAIN_CHECKBOX_LEFT_COLUMN')) {
print '<td class="center">';
if ($massactionbutton || $massaction) { // If we are in select mode (massactionbutton defined) or if we have already selected and sent an action ($massaction) defined
$selected = 0;
if (in_array($obj->crowid, $arrayofselected)) {
$selected = 1;
}
print '<input id="cb'.$obj->crowid.'" class="flat checkforselect" type="checkbox" name="toselect[]" value="'.$obj->crowid.'"'.($selected ? ' checked="checked"' : '').'>';
}
print '</td>';
if (!$i) {
$totalarray['nbfield']++;
}
}
// Ref
if (!empty($arrayfields['d.ref']['checked'])) {
print '<td>'.$subscription->getNomUrl(1).'</td>';
@ -662,19 +688,20 @@ while ($i < min($num, $limit)) {
}
}
// Action column
print '<td class="center">';
if ($massactionbutton || $massaction) { // If we are in select mode (massactionbutton defined) or if we have already selected and sent an action ($massaction) defined
$selected = 0;
if (in_array($obj->crowid, $arrayofselected)) {
$selected = 1;
if (!getDolGlobalString('MAIN_CHECKBOX_LEFT_COLUMN')) {
print '<td class="center">';
if ($massactionbutton || $massaction) { // If we are in select mode (massactionbutton defined) or if we have already selected and sent an action ($massaction) defined
$selected = 0;
if (in_array($obj->crowid, $arrayofselected)) {
$selected = 1;
}
print '<input id="cb'.$obj->crowid.'" class="flat checkforselect" type="checkbox" name="toselect[]" value="'.$obj->crowid.'"'.($selected ? ' checked="checked"' : '').'>';
}
print '</td>';
if (!$i) {
$totalarray['nbfield']++;
}
print '<input id="cb'.$obj->crowid.'" class="flat checkforselect" type="checkbox" name="toselect[]" value="'.$obj->crowid.'"'.($selected ? ' checked="checked"' : '').'>';
}
print '</td>';
if (!$i) {
$totalarray['nbfield']++;
}
print "</tr>\n";
}
$i++;

60
htdocs/adherents/type.php
View File

@ -289,6 +289,9 @@ if (!$rowid && $action != 'create' && $action != 'edit') {
print '<table class="tagtable liste'.($moreforfilter ? " listwithfilterbefore" : "").'">'."\n";
print '<tr class="liste_titre">';
if (getDolGlobalString('MAIN_CHECKBOX_LEFT_COLUMN')) {
print '<th>&nbsp;</th>';
}
print '<th>'.$langs->trans("Ref").'</th>';
print '<th>'.$langs->trans("Label").'</th>';
print '<th class="center">'.$langs->trans("MembersNature").'</th>';
@ -297,7 +300,9 @@ if (!$rowid && $action != 'create' && $action != 'edit') {
print '<th class="center">'.$langs->trans("CanEditAmountShort").'</th>';
print '<th class="center">'.$langs->trans("VoteAllowed").'</th>';
print '<th class="center">'.$langs->trans("Status").'</th>';
print '<th>&nbsp;</th>';
if (!getDolGlobalString('MAIN_CHECKBOX_LEFT_COLUMN')) {
print '<th>&nbsp;</th>';
}
print "</tr>\n";
$membertype = new AdherentType($db);
@ -333,6 +338,13 @@ if (!$rowid && $action != 'create' && $action != 'edit') {
}
} else {
print '<tr class="oddeven">';
if (getDolGlobalString('MAIN_CHECKBOX_LEFT_COLUMN')) {
if ($user->rights->adherent->configurer) {
print '<td class="right"><a class="editfielda" href="'.$_SERVER["PHP_SELF"].'?action=edit&rowid='.$objp->rowid.'">'.img_edit().'</a></td>';
} else {
print '<td class="right">&nbsp;</td>';
}
}
print '<td class="nowraponall">';
print $membertype->getNomUrl(1);
//<a href="'.$_SERVER["PHP_SELF"].'?rowid='.$objp->rowid.'">'.img_object($langs->trans("ShowType"),'group').' '.$objp->rowid.'</a>
@ -352,10 +364,12 @@ if (!$rowid && $action != 'create' && $action != 'edit') {
print '<td class="center">'.yn($objp->caneditamount).'</td>';
print '<td class="center">'.yn($objp->vote).'</td>';
print '<td class="center">'.$membertype->getLibStatut(5).'</td>';
if ($user->rights->adherent->configurer) {
print '<td class="right"><a class="editfielda" href="'.$_SERVER["PHP_SELF"].'?action=edit&rowid='.$objp->rowid.'">'.img_edit().'</a></td>';
} else {
print '<td class="right">&nbsp;</td>';
if (!getDolGlobalString('MAIN_CHECKBOX_LEFT_COLUMN')) {
if ($user->rights->adherent->configurer) {
print '<td class="right"><a class="editfielda" href="'.$_SERVER["PHP_SELF"].'?action=edit&rowid='.$objp->rowid.'">'.img_edit().'</a></td>';
} else {
print '<td class="right">&nbsp;</td>';
}
}
print "</tr>";
}
@ -708,13 +722,18 @@ if ($rowid > 0) {
print "</tr>\n";
print '<tr class="liste_titre">';
if (getDolGlobalString('MAIN_CHECKBOX_LEFT_COLUMN')) {
print_liste_field_titre("Action", $_SERVER["PHP_SELF"], "", $param, "", 'width="60" align="center"', $sortfield, $sortorder);
}
print_liste_field_titre("NameSlashCompany", $_SERVER["PHP_SELF"], "d.lastname", $param, "", "", $sortfield, $sortorder);
print_liste_field_titre("Login", $_SERVER["PHP_SELF"], "d.login", $param, "", "", $sortfield, $sortorder);
print_liste_field_titre("MemberNature", $_SERVER["PHP_SELF"], "d.morphy", $param, "", "", $sortfield, $sortorder);
print_liste_field_titre("EMail", $_SERVER["PHP_SELF"], "d.email", $param, "", "", $sortfield, $sortorder);
print_liste_field_titre("Status", $_SERVER["PHP_SELF"], "d.statut,d.datefin", $param, "", "", $sortfield, $sortorder);
print_liste_field_titre("EndSubscription", $_SERVER["PHP_SELF"], "d.datefin", $param, "", 'align="center"', $sortfield, $sortorder);
print_liste_field_titre("Action", $_SERVER["PHP_SELF"], "", $param, "", 'width="60" align="center"', $sortfield, $sortorder);
if (!getDolGlobalString('MAIN_CHECKBOX_LEFT_COLUMN')) {
print_liste_field_titre("Action", $_SERVER["PHP_SELF"], "", $param, "", 'width="60" align="center"', $sortfield, $sortorder);
}
print "</tr>\n";
$adh = new Adherent($db);
@ -732,7 +751,17 @@ if ($rowid > 0) {
$adh->statut = $objp->status;
print '<tr class="oddeven">';
// Actions
if (getDolGlobalString('MAIN_CHECKBOX_LEFT_COLUMN')) {
print '<td class="center">';
if ($user->hasRight('adherent', 'creer')) {
print '<a class="editfielda marginleftonly" href="card.php?rowid='.$objp->rowid.'&action=edit&token='.newToken().'&backtopage='.urlencode($_SERVER["PHP_SELF"].'?rowid='.$object->id).'">'.img_edit().'</a>';
}
if ($user->hasRight('adherent', 'supprimer')) {
print '<a class="marginleftonly" href="card.php?rowid='.$objp->rowid.'&action=resiliate&token='.newToken().'">'.img_picto($langs->trans("Resiliate"), 'disable.png').'</a>';
}
print "</td>";
}
// Lastname
if ($objp->company != '') {
print '<td><a href="card.php?rowid='.$objp->rowid.'">'.img_object($langs->trans("ShowMember"), "user", 'class="paddingright"').$adh->getFullName($langs, 0, -1, 20).' / '.dol_trunc($objp->company, 12).'</a></td>'."\n";
@ -785,15 +814,16 @@ if ($rowid > 0) {
}
// Actions
print '<td class="center">';
if ($user->hasRight('adherent', 'creer')) {
print '<a class="editfielda marginleftonly" href="card.php?rowid='.$objp->rowid.'&action=edit&token='.newToken().'&backtopage='.urlencode($_SERVER["PHP_SELF"].'?rowid='.$object->id).'">'.img_edit().'</a>';
if (!getDolGlobalString('MAIN_CHECKBOX_LEFT_COLUMN')) {
print '<td class="center">';
if ($user->hasRight('adherent', 'creer')) {
print '<a class="editfielda marginleftonly" href="card.php?rowid='.$objp->rowid.'&action=edit&token='.newToken().'&backtopage='.urlencode($_SERVER["PHP_SELF"].'?rowid='.$object->id).'">'.img_edit().'</a>';
}
if ($user->hasRight('adherent', 'supprimer')) {
print '<a class="marginleftonly" href="card.php?rowid='.$objp->rowid.'&action=resiliate&token='.newToken().'">'.img_picto($langs->trans("Resiliate"), 'disable.png').'</a>';
}
print "</td>";
}
if ($user->hasRight('adherent', 'supprimer')) {
print '<a class="marginleftonly" href="card.php?rowid='.$objp->rowid.'&action=resiliate&token='.newToken().'">'.img_picto($langs->trans("Resiliate"), 'disable.png').'</a>';
}
print "</td>";
print "</tr>\n";
$i++;
}

16
htdocs/admin/modules.php
View File

@ -8,7 +8,7 @@
* Copyright (C) 2015 Jean-François Ferry <jfefe@aternatik.fr>
* Copyright (C) 2015 Raphaël Doursenaud <rdoursenaud@gpcsolutions.fr>
* Copyright (C) 2018 Nicolas ZABOURI <info@inovea-conseil.com>
* Copyright (C) 2021 Frédéric France <frederic.france@netlogic.fr>
* Copyright (C) 2021-2023 Frédéric France <frederic.france@netlogic.fr>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -251,7 +251,15 @@ if ($action == 'install') {
}
if ($action == 'set' && $user->admin) {
$checkOldValue = getDolGlobalInt('CHECKLASTVERSION_EXTERNALMODULE');
$csrfCheckOldValue = getDolGlobalInt('MAIN_SECURITY_CSRF_WITH_TOKEN');
$resarray = activateModule($value);
if ($checkOldValue != getDolGlobalInt('CHECKLASTVERSION_EXTERNALMODULE')) {
setEventMessage($langs->trans('WarningModuleHasChangedLastVersionCheckParameter', $value), 'warnings');
}
if ($csrfCheckOldValue != getDolGlobalInt('MAIN_SECURITY_CSRF_WITH_TOKEN')) {
setEventMessage($langs->trans('WarningModuleHasChangedSecurityCsrfParameter', $value), 'warnings');
}
dolibarr_set_const($db, "MAIN_IHM_PARAMS_REV", (int) $conf->global->MAIN_IHM_PARAMS_REV + 1, 'chaine', 0, '', $conf->entity);
if (!empty($resarray['errors'])) {
setEventMessages('', $resarray['errors'], 'errors');
@ -796,9 +804,9 @@ if ($mode == 'common' || $mode == 'commonkanban') {
if ($objMod->isCoreOrExternalModule() == 'external'
&& (
$action == 'checklastversion'
// This is a bad practice to activate a synch external access during building of a page. 1 external module can hang the application.
// Adding a cron job could be a good idea see DolibarrModules::checkForUpdate()
|| !empty($conf->global->CHECKLASTVERSION_EXTERNALMODULE)
// This is a bad practice to activate a check on an external access during the building of the admin page. 1 external module can hang the application.
// Adding a cron job could be a good idea: see DolibarrModules::checkForUpdate()
|| !empty($conf->global->CHECKLASTVERSION_EXTERNALMODULE)
)
) {
$checkRes = $objMod->checkForUpdate();

3
htdocs/admin/system/security.php
View File

@ -565,6 +565,9 @@ if ($execmethod == 2) {
print '<br>';
print '<br>';
print '<strong>MAIN_SECURITY_MAXFILESIZE_DOWNLOADED</strong> = '.getDolGlobalString('MAIN_SECURITY_MAXFILESIZE_DOWNLOADED', '<span class="opacitymedium">'.$langs->trans("Undefined").' &nbsp; ('.$langs->trans("Recommended").': 100000000)</span>')."<br>";
print '<br>';
print '<strong>MAIN_RESTRICTHTML_ONLY_VALID_HTML</strong> = '.getDolGlobalString('MAIN_RESTRICTHTML_ONLY_VALID_HTML', '<span class="opacitymedium">'.$langs->trans("Undefined").' &nbsp; ('.$langs->trans("Recommended").': 1)</span>')."<br>";
print '<br>';

12
htdocs/admin/website.php
View File

@ -43,10 +43,6 @@ $rowid = GETPOST('rowid', 'alpha');
$id = 1;
if (!$user->admin) {
accessforbidden();
}
$acts[0] = "activate";
$acts[1] = "disable";
$actl[0] = img_picto($langs->trans("Disabled"), 'switch_off', 'class="size15x"');
@ -125,6 +121,10 @@ $tabfieldcheck[1] = array();
$elementList = array();
$sourceList = array();
if (!$user->admin) {
accessforbidden();
}
/*
* Actions
@ -596,7 +596,9 @@ if ($id) {
print '<td colspan="7" class="right"><a name="'.(!empty($obj->rowid) ? $obj->rowid : $obj->code).'">&nbsp;</a>';
print '<input type="submit" class="button button-edit small" name="actionmodify" value="'.$langs->trans("Modify").'">';
print '&nbsp;<input type="submit" class="button button-cancel small" name="actioncancel" value="'.$langs->trans("Cancel").'"></td>';
print '&nbsp;';
print '<input type="submit" class="button button-cancel small" name="actioncancel" value="'.$langs->trans("Cancel").'">';
print '</td>';
} else {
$tmpaction = 'view';
$parameters = array('fieldlist'=>$fieldlist, 'tabname'=>$tabname[$id]);

12
htdocs/bookmarks/card.php
View File

@ -51,12 +51,12 @@ if ($id > 0) {
$object->fetch($id);
}
// Security check
if (empty($user->rights->bookmark->lire)) {
restrictedArea($user, 'bookmarks');
}
restrictedArea($user, 'bookmark', $object);
$permissiontoread = $user->hasRight('bookmark', 'lire');
$permissiontoadd = $user->hasRight('bookmark', 'creer');
$permissiontodelete = $user->hasRight('bookmark', 'supprimer');
@ -326,12 +326,12 @@ if ($id > 0 && !preg_match('/^add/i', $action)) {
print "<div class=\"tabsAction\">\n";
// Edit
if ($user->rights->bookmark->creer && $action != 'edit') {
if ($permissiontoadd && $action != 'edit') {
print '<a class="butAction" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&action=edit&token='.newToken().'">'.$langs->trans("Edit").'</a>'."\n";
}
// Remove
if ($user->rights->bookmark->supprimer && $action != 'edit') {
if ($permissiontodelete && $action != 'edit') {
print '<a class="butActionDelete" href="list.php?bid='.$object->id.'&action=delete&token='.newToken().'">'.$langs->trans("Delete").'</a>'."\n";
}

11
htdocs/bookmarks/class/bookmark.class.php
View File

@ -60,7 +60,7 @@ class Bookmark extends CommonObject
public $id;
/**
* @var int User ID
* @var int User ID. If > 0, bookmark of one user. If == 0, bookmark public (for everybody)
*/
public $fk_user;
@ -233,15 +233,14 @@ class Bookmark extends CommonObject
/**
* Removes the bookmark
*
* @param int $id Id removed bookmark
* @return int <0 si ko, >0 si ok
* @param User $user User deleting
* @return int <0 if KO, >0 if OK
*/
public function remove($id)
public function delete($user)
{
$sql = "DELETE FROM ".MAIN_DB_PREFIX."bookmark";
$sql .= " WHERE rowid = ".((int) $id);
$sql .= " WHERE rowid = ".((int) $this->id);
dol_syslog("Bookmark::remove", LOG_DEBUG);
$resql = $this->db->query($sql);
if ($resql) {
return 1;

29
htdocs/bookmarks/list.php
View File

@ -63,14 +63,17 @@ if (!$sortorder) {
// Initialize Objects
$object = new Bookmark($db);
if ($id > 0) {
$object->fetch($id);
}
// Security check
restrictedArea($user, 'bookmark');
restrictedArea($user, 'bookmark', $object);
// Permissions
$permissiontoread = !empty($user->rights->bookmark->lire);
$permissiontoadd = !empty($user->rights->bookmark->creer);
$permissiontodelete = !empty($user->rights->bookmark->supprimer);
$permissiontoread = $user->hasRight('bookmark', 'lire');
$permissiontoadd = $user->hasRight('bookmark', 'creer');
$permissiontodelete = ($user->hasRight('bookmark', 'supprimer') || ($permissiontoadd && $object->fk_user == $user->id));
/*
@ -85,13 +88,15 @@ if (!GETPOST('confirmmassaction', 'alpha') && $massaction != 'presend' && $massa
$massaction = '';
}
if ($action == 'delete') {
$res = $object->remove($id);
if ($action == 'delete' && $permissiontodelete) {
$object->fetch($id);
$res = $object->delete($user);
if ($res > 0) {
header("Location: ".$_SERVER["PHP_SELF"]);
exit;
} else {
setEventMessages($object->error, $object->errors, 'errors');
$action = '';
}
}
@ -196,7 +201,7 @@ print '<input type="hidden" name="contextpage" value="'.$contextpage.'">';
print '<input type="hidden" name="mode" value="'.$mode.'">';
$newcardbutton = '';
$newcardbutton .= dolGetButtonTitle($langs->trans('New'), '', 'fa fa-plus-circle', DOL_URL_ROOT.'/bookmarks/card.php?action=create&backtopage='.urlencode(DOL_URL_ROOT.'/bookmarks/list.php'), '', !empty($user->rights->bookmark->creer));
$newcardbutton .= dolGetButtonTitle($langs->trans('New'), '', 'fa fa-plus-circle', DOL_URL_ROOT.'/bookmarks/card.php?action=create&backtopage='.urlencode(DOL_URL_ROOT.'/bookmarks/list.php'), '', $permissiontoadd);
print_barre_liste($title, $page, $_SERVER["PHP_SELF"], $param, $sortfield, $sortorder, $massactionbutton, $num, $nbtotalofrecords, 'bookmark', 0, $newcardbutton, '', $limit, 0, 0, 1);
@ -235,8 +240,8 @@ while ($i < min($num, $limit)) {
}
$title = $obj->title;
$link = $obj->url;
$canedit = $user->rights->bookmark->supprimer;
$candelete = $user->rights->bookmark->creer;
$canedit = $permissiontoadd;
$candelete = $permissiontodelete;
// Title
print '<td class="tdoverflowmax200" alt="'.dol_escape_htmltag($title).'">';
@ -268,7 +273,7 @@ while ($i < min($num, $limit)) {
// Author
print '<td class="center">';
if ($obj->fk_user) {
if ($obj->fk_user > 0) {
if (empty($conf->cache['users'][$obj->fk_user])) {
$tmpuser = new User($db);
$tmpuser->fetch($obj->fk_user);
@ -294,10 +299,10 @@ while ($i < min($num, $limit)) {
// Actions
print '<td class="nowraponall right">';
if ($canedit) {
print '<a class="editfielda marginleftonly" href="'.DOL_URL_ROOT.'/bookmarks/card.php?action=edit&token='.newToken().'&id='.$obj->rowid.'&backtopage='.urlencode($_SERVER["PHP_SELF"]).'">'.img_edit()."</a>";
print '<a class="editfielda marginleftonly marginrightonly" href="'.DOL_URL_ROOT.'/bookmarks/card.php?action=edit&token='.newToken().'&id='.$obj->rowid.'&backtopage='.urlencode($_SERVER["PHP_SELF"]).'">'.img_edit()."</a>";
}
if ($candelete) {
print '<a class="marginleftonly" href="'.$_SERVER["PHP_SELF"].'?action=delete&token='.newToken().'&id='.$obj->rowid.'">'.img_delete().'</a>';
print '<a class="marginleftonly marginrightonly" href="'.$_SERVER["PHP_SELF"].'?action=delete&token='.newToken().'&id='.$obj->rowid.'">'.img_delete().'</a>';
}
print "</td>";
print "</tr>\n";

4
htdocs/comm/action/peruser.php
View File

@ -924,6 +924,10 @@ while ($currentdaytoshow < $lastdaytoshow) {
if ($usergroup > 0) {
$sql .= " AND ug.fk_usergroup = ".((int) $usergroup);
}
if ($user->socid > 0) {
// External users should see only contacts of their company
$sql .= " AND u.fk_soc = ".((int) $user->socid);
}
//print $sql;
$resql = $db->query($sql);

14
htdocs/comm/index.php
View File

@ -61,25 +61,17 @@ if (isset($user->socid) && $user->socid > 0) {
$socid = $user->socid;
}
$max = $conf->global->MAIN_SIZE_SHORTLIST_LIMIT;
$maxofloop = (empty($conf->global->MAIN_MAXLIST_OVERLOAD) ? 500 : $conf->global->MAIN_MAXLIST_OVERLOAD);
$now = dol_now();
// Security check
//$socid = GETPOST("socid", 'int');
if ($user->socid > 0) {
$action = '';
$id = $user->socid;
} else {
$id = 0;
}
//restrictedArea($user, 'societe', $id, '&societe', '', 'fk_soc', 'rowid', 0);
//restrictedArea($user, 'societe', $socid, '&societe', '', 'fk_soc', 'rowid', 0);
if (!$user->hasRight('propal', 'read') && !$user->hasRight('supplier_proposal', 'read') && !$user->hasRight('commande', 'read') && !$user->hasRight('fournisseur', 'commande', 'read')
&& !$user->hasRight('supplier_order', 'read') && !$user->hasRight('fichinter', 'read')) {
accessforbidden();
}
$maxofloop = (empty($conf->global->MAIN_MAXLIST_OVERLOAD) ? 500 : $conf->global->MAIN_MAXLIST_OVERLOAD);
/*

4
htdocs/comm/propal/class/propal.class.php
View File

@ -327,8 +327,8 @@ class Propal extends CommonObject
'fk_cond_reglement' =>array('type'=>'integer', 'label'=>'PaymentTerm', 'enabled'=>1, 'visible'=>-1, 'position'=>160),
'deposit_percent' =>array('type'=>'varchar(63)', 'label'=>'DepositPercent', 'enabled'=>1, 'visible'=>-1, 'position'=>161),
'fk_mode_reglement' =>array('type'=>'integer', 'label'=>'PaymentMode', 'enabled'=>1, 'visible'=>-1, 'position'=>165),
'note_private' =>array('type'=>'text', 'label'=>'NotePrivate', 'enabled'=>1, 'visible'=>0, 'position'=>170),
'note_public' =>array('type'=>'text', 'label'=>'NotePublic', 'enabled'=>1, 'visible'=>0, 'position'=>175),
'note_private' =>array('type'=>'html', 'label'=>'NotePrivate', 'enabled'=>1, 'visible'=>0, 'position'=>170),
'note_public' =>array('type'=>'html', 'label'=>'NotePublic', 'enabled'=>1, 'visible'=>0, 'position'=>175),
'model_pdf' =>array('type'=>'varchar(255)', 'label'=>'PDFTemplate', 'enabled'=>1, 'visible'=>0, 'position'=>180),
'date_livraison' =>array('type'=>'date', 'label'=>'DateDeliveryPlanned', 'enabled'=>1, 'visible'=>-1, 'position'=>185),
'fk_shipping_method' =>array('type'=>'integer', 'label'=>'ShippingMethod', 'enabled'=>1, 'visible'=>-1, 'position'=>190),

25
htdocs/commande/card.php
View File

@ -5,7 +5,7 @@
* Copyright (C) 2005-2015 Regis Houssin <regis.houssin@inodbox.com>
* Copyright (C) 2006 Andre Cianfarani <acianfa@free.fr>
* Copyright (C) 2010-2013 Juanjo Menent <jmenent@2byte.es>
* Copyright (C) 2011-2022 Philippe Grand <philippe.grand@atoo-net.com>
* Copyright (C) 2011-2023 Philippe Grand <philippe.grand@atoo-net.com>
* Copyright (C) 2012-2013 Christophe Battarel <christophe.battarel@altairis.fr>
* Copyright (C) 2012-2016 Marcos García <marcosgdf@gmail.com>
* Copyright (C) 2012 Cedric Salvador <csalvador@gpcsolutions.fr>
@ -14,6 +14,7 @@
* Copyright (C) 2015 Jean-François Ferry <jfefe@aternatik.fr>
* Copyright (C) 2018-2021 Frédéric France <frederic.france@netlogic.fr>
* Copyright (C) 2022 Gauthier VERDOL <gauthier.verdol@atm-consulting.fr>
* Copyright (C) 2023 Benjamin Falière <benjamin.faliere@altairis.fr>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -660,6 +661,10 @@ if (empty($reshook)) {
$price_ht_devise = '';
$price_ttc = '';
$price_ttc_devise = '';
$pu_ht = '';
$pu_ttc = '';
$pu_ht_devise = '';
$pu_ttc_devise = '';
if (GETPOST('price_ht') !== '') {
$price_ht = price2num(GETPOST('price_ht'), 'MU', 2);
@ -1837,25 +1842,25 @@ if ($action == 'create' && $usercancreate) {
// Delivery delay
print '<tr class="fielddeliverydelay"><td>'.$langs->trans('AvailabilityPeriod').'</td><td>';
print img_picto('', 'clock', 'class="pictofixedwidth"');
$form->selectAvailabilityDelay($availability_id, 'availability_id', '', 1, 'maxwidth200 widthcentpercentminusx');
$form->selectAvailabilityDelay((GETPOSTISSET('availability_id')?GETPOST('availability_id'):$availability_id), 'availability_id', '', 1, 'maxwidth200 widthcentpercentminusx');
print '</td></tr>';
// Terms of payment
print '<tr><td class="nowrap">'.$langs->trans('PaymentConditionsShort').'</td><td>';
print img_picto('', 'payment', 'class="pictofixedwidth"');
print $form->getSelectConditionsPaiements($cond_reglement_id, 'cond_reglement_id', 1, 1, 0, 'maxwidth200 widthcentpercentminusx', $deposit_percent);
print $form->getSelectConditionsPaiements((GETPOSTISSET('cond_reglement_id')?GETPOST('cond_reglement_id'):$cond_reglement_id), 'cond_reglement_id', 1, 1, 0, 'maxwidth200 widthcentpercentminusx', $deposit_percent);
print '</td></tr>';
// Payment mode
print '<tr><td>'.$langs->trans('PaymentMode').'</td><td>';
print img_picto('', 'bank', 'class="pictofixedwidth"');
print $form->select_types_paiements($mode_reglement_id, 'mode_reglement_id', 'CRDT', 0, 1, 0, 0, 1, 'maxwidth200 widthcentpercentminusx', 1);
print $form->select_types_paiements((GETPOSTISSET('mode_reglement_id')?GETPOST('mode_reglement_id'):$mode_reglement_id), 'mode_reglement_id', 'CRDT', 0, 1, 0, 0, 1, 'maxwidth200 widthcentpercentminusx', 1);
print '</td></tr>';
// Bank Account
if (!empty($conf->global->BANK_ASK_PAYMENT_BANK_DURING_ORDER) && isModEnabled("banque")) {
print '<tr><td>'.$langs->trans('BankAccount').'</td><td>';
print img_picto('', 'bank_account', 'class="pictofixedwidth"').$form->select_comptes($fk_account, 'fk_account', 0, '', 1, '', 0, 'maxwidth200 widthcentpercentminusx', 1);
print img_picto('', 'bank_account', 'class="pictofixedwidth"').$form->select_comptes((GETPOSTISSET('fk_account')?GETPOST('fk_account'):$fk_account), 'fk_account', 0, '', 1, '', 0, 'maxwidth200 widthcentpercentminusx', 1);
print '</td></tr>';
}
@ -1863,7 +1868,7 @@ if ($action == 'create' && $usercancreate) {
if (isModEnabled('expedition')) {
print '<tr><td>'.$langs->trans('SendingMethod').'</td><td>';
print img_picto('', 'object_dolly', 'class="pictofixedwidth"');
$form->selectShippingMethod($shipping_method_id, 'shipping_method_id', '', 1, '', 0, 'maxwidth200 widthcentpercentminusx');
$form->selectShippingMethod((GETPOSTISSET('shipping_method_id')?GETPOST('shipping_method_id'):$shipping_method_id), 'shipping_method_id', '', 1, '', 0, 'maxwidth200 widthcentpercentminusx');
print '</td></tr>';
}
@ -1872,14 +1877,14 @@ if ($action == 'create' && $usercancreate) {
require_once DOL_DOCUMENT_ROOT.'/product/class/html.formproduct.class.php';
$formproduct = new FormProduct($db);
print '<tr><td>'.$langs->trans('Warehouse').'</td><td>';
print img_picto('', 'stock', 'class="pictofixedwidth"').$formproduct->selectWarehouses($warehouse_id, 'warehouse_id', '', 1, 0, 0, '', 0, 0, array(), 'maxwidth500 widthcentpercentminusxx');
print img_picto('', 'stock', 'class="pictofixedwidth"').$formproduct->selectWarehouses((GETPOSTISSET('warehouse_id')?GETPOST('warehouse_id'):$warehouse_id), 'warehouse_id', '', 1, 0, 0, '', 0, 0, array(), 'maxwidth500 widthcentpercentminusxx');
print '</td></tr>';
}
// Source / Channel - What trigger creation
print '<tr><td>'.$langs->trans('Channel').'</td><td>';
print img_picto('', 'question', 'class="pictofixedwidth"');
$form->selectInputReason($demand_reason_id, 'demand_reason_id', '', 1, 'maxwidth200 widthcentpercentminusx');
$form->selectInputReason((GETPOSTISSET('demand_reason_id')?GETPOST('demand_reason_id'):$demand_reason_id), 'demand_reason_id', '', 1, 'maxwidth200 widthcentpercentminusx');
print '</td></tr>';
// TODO How record was recorded OrderMode (llx_c_input_method)
@ -1889,7 +1894,7 @@ if ($action == 'create' && $usercancreate) {
$langs->load("projects");
print '<tr>';
print '<td>'.$langs->trans("Project").'</td><td>';
print img_picto('', 'project', 'class="pictofixedwidth"').$formproject->select_projects(($soc->id > 0 ? $soc->id : -1), $projectid, 'projectid', 0, 0, 1, 0, 0, 0, 0, '', 1, 0, 'maxwidth500 widthcentpercentminusxx');
print img_picto('', 'project', 'class="pictofixedwidth"').$formproject->select_projects(($soc->id > 0 ? $soc->id : -1), (GETPOSTISSET('projectid')?GETPOST('projectid'):$projectid), 'projectid', 0, 0, 1, 0, 0, 0, 0, '', 1, 0, 'maxwidth500 widthcentpercentminusxx');
print ' <a href="'.DOL_URL_ROOT.'/projet/card.php?socid='.$soc->id.'&action=create&status=1&backtopage='.urlencode($_SERVER["PHP_SELF"].'?action=create&socid='.$soc->id).'"><span class="fa fa-plus-circle valignmiddle" title="'.$langs->trans("AddProject").'"></span></a>';
print '</td>';
print '</tr>';
@ -1948,7 +1953,7 @@ if ($action == 'create' && $usercancreate) {
print '<tr>';
print '<td>'.$form->editfieldkey("Currency", 'multicurrency_code', '', $object, 0).'</td>';
print '<td class="maxwidthonsmartphone">';
print img_picto('', 'currency', 'class="pictofixedwidth"').$form->selectMultiCurrency($currency_code, 'multicurrency_code', 0, '', false, 'maxwidth200 widthcentpercentminusx');
print img_picto('', 'currency', 'class="pictofixedwidth"').$form->selectMultiCurrency((GETPOSTISSET('multicurrency_code')?GETPOST('multicurrency_code'):$currency_code), 'multicurrency_code', 0, '', false, 'maxwidth200 widthcentpercentminusx');
print '</td></tr>';
}

4
htdocs/commande/class/commande.class.php
View File

@ -328,8 +328,8 @@ class Commande extends CommonOrder
'localtax2' =>array('type'=>'double(24,8)', 'label'=>'LocalTax2', 'enabled'=>1, 'visible'=>-1, 'position'=>135, 'isameasure'=>1),
'total_ht' =>array('type'=>'double(24,8)', 'label'=>'TotalHT', 'enabled'=>1, 'visible'=>-1, 'position'=>140, 'isameasure'=>1),
'total_ttc' =>array('type'=>'double(24,8)', 'label'=>'TotalTTC', 'enabled'=>1, 'visible'=>-1, 'position'=>145, 'isameasure'=>1),
'note_private' =>array('type'=>'text', 'label'=>'NotePrivate', 'enabled'=>1, 'visible'=>0, 'position'=>150),
'note_public' =>array('type'=>'text', 'label'=>'NotePublic', 'enabled'=>1, 'visible'=>0, 'position'=>155),
'note_private' =>array('type'=>'html', 'label'=>'NotePrivate', 'enabled'=>1, 'visible'=>0, 'position'=>150),
'note_public' =>array('type'=>'html', 'label'=>'NotePublic', 'enabled'=>1, 'visible'=>0, 'position'=>155),
'model_pdf' =>array('type'=>'varchar(255)', 'label'=>'PDFTemplate', 'enabled'=>1, 'visible'=>0, 'position'=>160),
//'facture' =>array('type'=>'tinyint(4)', 'label'=>'ParentInvoice', 'enabled'=>1, 'visible'=>-1, 'position'=>165),
'fk_account' =>array('type'=>'integer', 'label'=>'BankAccount', 'enabled'=>'$conf->banque->enabled', 'visible'=>-1, 'position'=>170),

2
htdocs/compta/bank/class/account.class.php
View File

@ -323,7 +323,7 @@ class Account extends CommonObject
'tms' =>array('type'=>'timestamp', 'label'=>'DateModification', 'enabled'=>1, 'visible'=>-1, 'notnull'=>1, 'position'=>157),
'fk_user_author' =>array('type'=>'integer:User:user/class/user.class.php', 'label'=>'Fk user author', 'enabled'=>1, 'visible'=>-1, 'position'=>160),
'fk_user_modif' =>array('type'=>'integer:User:user/class/user.class.php', 'label'=>'UserModif', 'enabled'=>1, 'visible'=>-2, 'notnull'=>-1, 'position'=>165),
'note_public' =>array('type'=>'text', 'label'=>'NotePublic', 'enabled'=>1, 'visible'=>0, 'position'=>170),
'note_public' =>array('type'=>'html', 'label'=>'NotePublic', 'enabled'=>1, 'visible'=>0, 'position'=>170),
'model_pdf' =>array('type'=>'varchar(255)', 'label'=>'Model pdf', 'enabled'=>1, 'visible'=>0, 'position'=>175),
'import_key' =>array('type'=>'varchar(14)', 'label'=>'ImportId', 'enabled'=>1, 'visible'=>-2, 'position'=>180),
'extraparams' =>array('type'=>'varchar(255)', 'label'=>'Extraparams', 'enabled'=>1, 'visible'=>-1, 'position'=>185),

22
htdocs/compta/bank/class/bankcateg.class.php
View File

@ -45,6 +45,26 @@ class BankCateg // extends CommonObject
*/
public $label;
/**
* @var DoliDB
*/
protected $db;
/**
* @var string error
*/
public $error;
/**
* @var array errors
*/
public $errors;
/**
* @var array context
*/
public $context;
/**
* Constructor
@ -278,7 +298,7 @@ class BankCateg // extends CommonObject
// Load source object
$object->fetch($fromid);
$object->id = 0;
$object->statut = 0;
// $object->statut = 0;
// Create clone
$object->context['createfromclone'] = 'createfromclone';

36
htdocs/compta/bank/various_payment/list.php
View File

@ -396,7 +396,7 @@ if ($resql) {
}
$varpage = empty($contextpage) ? $_SERVER["PHP_SELF"] : $contextpage;
$selectedfields = $form->multiSelectArrayWithCheckbox('selectedfields', $arrayfields, $varpage); // This also change content of $arrayfields
$selectedfields = $form->multiSelectArrayWithCheckbox('selectedfields', $arrayfields, $varpage, getDolGlobalString('MAIN_CHECKBOX_LEFT_COLUMN')); // This also change content of $arrayfields
$moreforfilter= '';
print '<div class="div-table-responsive">';
@ -404,6 +404,13 @@ if ($resql) {
print '<tr class="liste_titre">';
if (getDolGlobalString('MAIN_CHECKBOX_LEFT_COLUMN')) {
print '<td class="liste_titre maxwidthsearch">';
$searchpicto = $form->showFilterAndCheckAddButtons(0);
print $searchpicto;
print '</td>';
}
if (!empty($conf->global->MAIN_VIEW_LINE_NUMBER_IN_LIST)) {
print '<td class="liste_titre">';
print '</td>';
@ -507,16 +514,22 @@ if ($resql) {
print '</td>';
}
print '<td class="liste_titre maxwidthsearch">';
$searchpicto = $form->showFilterAndCheckAddButtons(0);
print $searchpicto;
print '</td>';
if (!getDolGlobalString('MAIN_CHECKBOX_LEFT_COLUMN')) {
print '<td class="liste_titre maxwidthsearch">';
$searchpicto = $form->showFilterAndCheckAddButtons(0);
print $searchpicto;
print '</td>';
}
print '</tr>';
print '<tr class="liste_titre">';
if (getDolGlobalString('MAIN_CHECKBOX_LEFT_COLUMN')) {
print_liste_field_titre($selectedfields, $_SERVER["PHP_SELF"], '', '', '', '', $sortfield, $sortorder, 'maxwidthsearch center ');
}
if (!empty($conf->global->MAIN_VIEW_LINE_NUMBER_IN_LIST)) {
print_liste_field_titre('#', $_SERVER['PHP_SELF'], '', '', $param, '', $sortfield, $sortorder);
}
@ -563,7 +576,9 @@ if ($resql) {
$reshook = $hookmanager->executeHooks('printFieldListOption', $parameters); // Note that $action and $object may have been modified by hook
print $hookmanager->resPrint;
print_liste_field_titre($selectedfields, $_SERVER["PHP_SELF"], '', '', '', '', $sortfield, $sortorder, 'maxwidthsearch center ');
if (!getDolGlobalString('MAIN_CHECKBOX_LEFT_COLUMN')) {
print_liste_field_titre($selectedfields, $_SERVER["PHP_SELF"], '', '', '', '', $sortfield, $sortorder, 'maxwidthsearch center ');
}
print '</tr>';
@ -602,6 +617,10 @@ if ($resql) {
} else {
print '<tr class="oddeven">';
if (getDolGlobalString('MAIN_CHECKBOX_LEFT_COLUMN')) {
print '<td></td>';
}
// No
if (!empty($conf->global->MAIN_VIEW_LINE_NUMBER_IN_LIST)) {
print '<td>'.(($offset * $limit) + $i).'</td>';
@ -751,8 +770,9 @@ if ($resql) {
print '</td>';
}
print '<td></td>';
if (!getDolGlobalString('MAIN_CHECKBOX_LEFT_COLUMN')) {
print '<td></td>';
}
if (!$i) {
$totalarray['nbfield']++;
}

57
htdocs/compta/cashcontrol/cashcontrol_list.php
View File

@ -447,7 +447,7 @@ if (!empty($moreforfilter)) {
}
$varpage = empty($contextpage) ? $_SERVER["PHP_SELF"] : $contextpage;
$selectedfields = $form->multiSelectArrayWithCheckbox('selectedfields', $arrayfields, $varpage); // This also change content of $arrayfields
$selectedfields = $form->multiSelectArrayWithCheckbox('selectedfields', $arrayfields, $varpage, getDolGlobalString('MAIN_CHECKBOX_LEFT_COLUMN')); // This also change content of $arrayfields
$selectedfields .= (count($arrayofmassactions) ? $form->showCheckAddButtons('checkforselect', 1) : '');
print '<div class="div-table-responsive">'; // You can use div-table-responsive-no-min if you dont need reserved height for your table
@ -457,6 +457,13 @@ print '<table class="tagtable nobottomiftotal liste'.($moreforfilter ? " listwit
// Fields title search
// --------------------------------------------------------------------
print '<tr class="liste_titre">';
// Action column
if (getDolGlobalString('MAIN_CHECKBOX_LEFT_COLUMN')) {
print '<td class="liste_titre maxwidthsearch">';
$searchpicto = $form->showFilterButtons('left');
print $searchpicto;
print '</td>';
}
foreach ($object->fields as $key => $val) {
$cssforfield = (empty($val['csslist']) ? (empty($val['css']) ? '' : $val['css']) : $val['csslist']);
if ($key == 'status') {
@ -495,16 +502,22 @@ $parameters = array('arrayfields'=>$arrayfields);
$reshook = $hookmanager->executeHooks('printFieldListOption', $parameters, $object); // Note that $action and $object may have been modified by hook
print $hookmanager->resPrint;
// Action column
print '<td class="liste_titre maxwidthsearch">';
$searchpicto = $form->showFilterButtons();
print $searchpicto;
print '</td>';
if (!getDolGlobalString('MAIN_CHECKBOX_LEFT_COLUMN')) {
print '<td class="liste_titre maxwidthsearch">';
$searchpicto = $form->showFilterButtons();
print $searchpicto;
print '</td>';
}
print '</tr>'."\n";
// Fields title label
// --------------------------------------------------------------------
print '<tr class="liste_titre">';
// Action column
if (getDolGlobalString('MAIN_CHECKBOX_LEFT_COLUMN')) {
print getTitleFieldOfList($selectedfields, 0, $_SERVER["PHP_SELF"], '', '', '', '', $sortfield, $sortorder, 'center maxwidthsearch ')."\n";
}
foreach ($object->fields as $key => $val) {
$cssforfield = (empty($val['csslist']) ? (empty($val['css']) ? '' : $val['css']) : $val['csslist']);
if ($key == 'status') {
@ -527,7 +540,9 @@ $parameters = array('arrayfields'=>$arrayfields, 'param'=>$param, 'sortfield'=>$
$reshook = $hookmanager->executeHooks('printFieldListTitle', $parameters, $object); // Note that $action and $object may have been modified by hook
print $hookmanager->resPrint;
// Action column
print getTitleFieldOfList($selectedfields, 0, $_SERVER["PHP_SELF"], '', '', '', '', $sortfield, $sortorder, 'center maxwidthsearch ')."\n";
if (!getDolGlobalString('MAIN_CHECKBOX_LEFT_COLUMN')) {
print getTitleFieldOfList($selectedfields, 0, $_SERVER["PHP_SELF"], '', '', '', '', $sortfield, $sortorder, 'center maxwidthsearch ')."\n";
}
print '</tr>'."\n";
@ -579,6 +594,20 @@ while ($i < ($limit ? min($num, $limit) : $num)) {
// Show here line of result
$j = 0;
print '<tr data-rowid="'.$object->id.'" class="oddeven">';
// Action column
if (getDolGlobalString('MAIN_CHECKBOX_LEFT_COLUMN')) {
print '<td class="nowrap center">';
if ($massactionbutton || $massaction) { // If we are in select mode (massactionbutton defined) or if we have already selected and sent an action ($massaction) defined
$selected = 0;
if (in_array($object->id, $arrayofselected)) {
$selected = 1;
}
print '<input id="cb'.$object->id.'" class="flat checkforselect" type="checkbox" name="toselect[]" value="'.$object->id.'"'.($selected ? ' checked="checked"' : '').'>';
}
print '</td>';
}
foreach ($object->fields as $key => $val) {
$cssforfield = (empty($val['csslist']) ? (empty($val['css']) ? '' : $val['css']) : $val['csslist']);
if (in_array($val['type'], array('date', 'datetime', 'timestamp'))) {
@ -636,15 +665,17 @@ while ($i < ($limit ? min($num, $limit) : $num)) {
$reshook = $hookmanager->executeHooks('printFieldListValue', $parameters, $object); // Note that $action and $object may have been modified by hook
print $hookmanager->resPrint;
// Action column
print '<td class="nowrap center">';
if ($massactionbutton || $massaction) { // If we are in select mode (massactionbutton defined) or if we have already selected and sent an action ($massaction) defined
$selected = 0;
if (in_array($object->id, $arrayofselected)) {
$selected = 1;
if (!getDolGlobalString('MAIN_CHECKBOX_LEFT_COLUMN')) {
print '<td class="nowrap center">';
if ($massactionbutton || $massaction) { // If we are in select mode (massactionbutton defined) or if we have already selected and sent an action ($massaction) defined
$selected = 0;
if (in_array($object->id, $arrayofselected)) {
$selected = 1;
}
print '<input id="cb'.$object->id.'" class="flat checkforselect" type="checkbox" name="toselect[]" value="'.$object->id.'"'.($selected ? ' checked="checked"' : '').'>';
}
print '<input id="cb'.$object->id.'" class="flat checkforselect" type="checkbox" name="toselect[]" value="'.$object->id.'"'.($selected ? ' checked="checked"' : '').'>';
print '</td>';
}
print '</td>';
if (!$i) {
$totalarray['nbfield']++;
}

4
htdocs/compta/facture/class/facture-rec.class.php
View File

@ -185,8 +185,8 @@ class FactureRec extends CommonInvoice
'fk_cond_reglement' =>array('type'=>'integer', 'label'=>'Fk cond reglement', 'enabled'=>1, 'visible'=>-1, 'position'=>90),
'fk_mode_reglement' =>array('type'=>'integer', 'label'=>'Fk mode reglement', 'enabled'=>1, 'visible'=>-1, 'position'=>95),
'date_lim_reglement' =>array('type'=>'date', 'label'=>'Date lim reglement', 'enabled'=>1, 'visible'=>-1, 'position'=>100),
'note_private' =>array('type'=>'text', 'label'=>'NotePrivate', 'enabled'=>1, 'visible'=>0, 'position'=>105),
'note_public' =>array('type'=>'text', 'label'=>'NotePublic', 'enabled'=>1, 'visible'=>0, 'position'=>110),
'note_private' =>array('type'=>'html', 'label'=>'NotePrivate', 'enabled'=>1, 'visible'=>0, 'position'=>105),
'note_public' =>array('type'=>'html', 'label'=>'NotePublic', 'enabled'=>1, 'visible'=>0, 'position'=>110),
'modelpdf' =>array('type'=>'varchar(255)', 'label'=>'Modelpdf', 'enabled'=>1, 'visible'=>-1, 'position'=>115),
'date_when' =>array('type'=>'datetime', 'label'=>'Date when', 'enabled'=>1, 'visible'=>-1, 'position'=>130),
'date_last_gen' =>array('type'=>'datetime', 'label'=>'Date last gen', 'enabled'=>1, 'visible'=>-1, 'position'=>135),

4
htdocs/compta/facture/class/facture.class.php
View File

@ -341,8 +341,8 @@ class Facture extends CommonInvoice
'fk_currency' =>array('type'=>'varchar(3)', 'label'=>'CurrencyCode', 'enabled'=>1, 'visible'=>-1, 'position'=>185),
'fk_cond_reglement' =>array('type'=>'integer', 'label'=>'PaymentTerm', 'enabled'=>1, 'visible'=>-1, 'notnull'=>1, 'position'=>190),
'fk_mode_reglement' =>array('type'=>'integer', 'label'=>'PaymentMode', 'enabled'=>1, 'visible'=>-1, 'position'=>195),
'note_private' =>array('type'=>'text', 'label'=>'NotePrivate', 'enabled'=>1, 'visible'=>0, 'position'=>205),
'note_public' =>array('type'=>'text', 'label'=>'NotePublic', 'enabled'=>1, 'visible'=>0, 'position'=>210),
'note_private' =>array('type'=>'html', 'label'=>'NotePrivate', 'enabled'=>1, 'visible'=>0, 'position'=>205),
'note_public' =>array('type'=>'html', 'label'=>'NotePublic', 'enabled'=>1, 'visible'=>0, 'position'=>210),
'model_pdf' =>array('type'=>'varchar(255)', 'label'=>'Model pdf', 'enabled'=>1, 'visible'=>0, 'position'=>215),
'extraparams' =>array('type'=>'varchar(255)', 'label'=>'Extraparams', 'enabled'=>1, 'visible'=>-1, 'position'=>225),
'situation_cycle_ref' =>array('type'=>'smallint(6)', 'label'=>'Situation cycle ref', 'enabled'=>'$conf->global->INVOICE_USE_SITUATION', 'visible'=>-1, 'position'=>230),

6
htdocs/compta/index.php
View File

@ -9,7 +9,7 @@
* Copyright (C) 2019 Nicolas ZABOURI <info@inovea-conseil.com>
* Copyright (C) 2020 Tobias Sekan <tobias.sekan@startmail.com>
* Copyright (C) 2020 Josep Lluís Amador <joseplluis@lliuretic.cat>
* Copyright (C) 2021 Frédéric France <frederic.france@netlogic.fr>
* Copyright (C) 2021-2023 Frédéric France <frederic.france@netlogic.fr>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -111,7 +111,7 @@ if (isModEnabled('facture')) {
}
if (isModEnabled('fournisseur') || isModEnabled('supplier_invoice')) {
print getNumberInvoicesPieChart('fourn');
print getNumberInvoicesPieChart('suppliers');
print '<br>';
}
@ -487,7 +487,7 @@ if (isModEnabled('don') && !empty($user->rights->don->lire)) {
print "</tr>\n";
}
} else {
print '<tr class="oddeven"><td colspan="4" class="opacitymedium">'.$langs->trans("None").'</td></tr>';
print '<tr class="oddeven"><td colspan="5" class="opacitymedium">'.$langs->trans("None").'</td></tr>';
}
print '</table></div><br>';
} else {

2
htdocs/compta/paiement/card.php
View File

@ -58,7 +58,7 @@ $hookmanager->initHooks(array('paymentcard', 'globalcard'));
// Load object
include DOL_DOCUMENT_ROOT.'/core/actions_fetchobject.inc.php'; // Must be include, not include_once.
$result = restrictedArea($user, $object->element, $object->id, 'paiement');
$result = restrictedArea($user, $object->element, $object->id, 'paiement'); // This also test permission on read invoice
// Security check
if ($user->socid) {

38
htdocs/compta/sociales/list.php
View File

@ -412,7 +412,7 @@ $moreforfilter = '';
$massactionbutton = '';
$varpage = empty($contextpage) ? $_SERVER["PHP_SELF"] : $contextpage;
$selectedfields = $form->multiSelectArrayWithCheckbox('selectedfields', $arrayfields, $varpage); // This also change content of $arrayfields
$selectedfields = $form->multiSelectArrayWithCheckbox('selectedfields', $arrayfields, $varpage, getDolGlobalString('MAIN_CHECKBOX_LEFT_COLUMN')); // This also change content of $arrayfields
if ($massactionbutton) {
$selectedfields .= $form->showCheckAddButtons('checkforselect', 1);
}
@ -422,6 +422,13 @@ print '<table class="tagtable liste'.($moreforfilter ? " listwithfilterbefore" :
print '<tr class="liste_titre_filter">';
// Filter: Buttons
if (getDolGlobalString('MAIN_CHECKBOX_LEFT_COLUMN')) {
print '<td class="liste_titre maxwidthsearch">';
print $form->showFilterAndCheckAddButtons(0);
print '</td>';
}
// Filters: Line number (placeholder)
if (!empty($conf->global->MAIN_VIEW_LINE_NUMBER_IN_LIST)) {
print '<td class="liste_titre">';
@ -522,13 +529,20 @@ $reshook = $hookmanager->executeHooks('printFieldListOption', $parameters); // N
print $hookmanager->resPrint;
// Filter: Buttons
print '<td class="liste_titre maxwidthsearch">';
print $form->showFilterAndCheckAddButtons(0);
print '</td>';
if (!getDolGlobalString('MAIN_CHECKBOX_LEFT_COLUMN')) {
print '<td class="liste_titre maxwidthsearch">';
print $form->showFilterAndCheckAddButtons(0);
print '</td>';
}
print '</tr>';
print '<tr class="liste_titre">';
if (getDolGlobalString('MAIN_CHECKBOX_LEFT_COLUMN')) {
print_liste_field_titre($selectedfields, $_SERVER["PHP_SELF"], '', '', '', '', $sortfield, $sortorder, 'maxwidthsearch ');
}
if (!empty($conf->global->MAIN_VIEW_LINE_NUMBER_IN_LIST)) {
print_liste_field_titre('#', $_SERVER['PHP_SELF'], '', '', $param, '', $sortfield, $sortorder);
}
@ -571,7 +585,9 @@ $parameters = array('arrayfields'=>$arrayfields, 'param'=>$param, 'sortfield'=>$
$reshook = $hookmanager->executeHooks('printFieldListTitle', $parameters); // Note that $action and $object may have been modified by hook
print $hookmanager->resPrint;
print_liste_field_titre($selectedfields, $_SERVER["PHP_SELF"], '', '', '', '', $sortfield, $sortorder, 'maxwidthsearch ');
if (!getDolGlobalString('MAIN_CHECKBOX_LEFT_COLUMN')) {
print_liste_field_titre($selectedfields, $_SERVER["PHP_SELF"], '', '', '', '', $sortfield, $sortorder, 'maxwidthsearch ');
}
print '</tr>';
$i = 0;
@ -611,6 +627,12 @@ while ($i < min($num, $limit)) {
} else {
print '<tr class="oddeven">';
// Action column
if (getDolGlobalString('MAIN_CHECKBOX_LEFT_COLUMN')) {
print '<td></td>';
}
// Line number
if (!empty($conf->global->MAIN_VIEW_LINE_NUMBER_IN_LIST)) {
print '<td>'.(($offset * $limit) + $i).'</td>';
@ -750,8 +772,10 @@ while ($i < min($num, $limit)) {
}
}
// Buttons
print '<td></td>';
// Action column
if (!getDolGlobalString('MAIN_CHECKBOX_LEFT_COLUMN')) {
print '<td></td>';
}
if (!$i) {
$totalarray['nbfield']++;
}

8
htdocs/compta/stats/supplier_turnover_by_thirdparty.php
View File

@ -249,9 +249,9 @@ if ($modecompta == 'CREANCES-DETTES') {
$sql .= " sum(f.total_ht) as amount, sum(f.total_ttc) as amount_ttc";
$sql .= " FROM ".MAIN_DB_PREFIX."facture_fourn as f, ".MAIN_DB_PREFIX."societe as s";
if ($selected_cat === -2) { // Without any category
$sql .= " LEFT OUTER JOIN ".MAIN_DB_PREFIX."categorie_societe as cs ON s.rowid = cs.fk_soc";
$sql .= " LEFT OUTER JOIN ".MAIN_DB_PREFIX."categorie_fournisseur as cs ON s.rowid = cs.fk_soc";
} elseif ($selected_cat) { // Into a specific category
$sql .= ", ".MAIN_DB_PREFIX."categorie as c, ".MAIN_DB_PREFIX."categorie_societe as cs";
$sql .= ", ".MAIN_DB_PREFIX."categorie as c, ".MAIN_DB_PREFIX."categorie_fournisseur as cs";
}
$sql .= " WHERE f.fk_statut in (1,2)";
$sql .= " AND f.type IN (0,2)";
@ -276,9 +276,9 @@ if ($modecompta == 'CREANCES-DETTES') {
$sql .= ", ".MAIN_DB_PREFIX."paiementfourn as p";
$sql .= ", ".MAIN_DB_PREFIX."societe as s";
if ($selected_cat === -2) { // Without any category
$sql .= " LEFT OUTER JOIN ".MAIN_DB_PREFIX."categorie_societe as cs ON s.rowid = cs.fk_soc";
$sql .= " LEFT OUTER JOIN ".MAIN_DB_PREFIX."categorie_fournisseur as cs ON s.rowid = cs.fk_soc";
} elseif ($selected_cat) { // Into a specific category
$sql .= ", ".MAIN_DB_PREFIX."categorie as c, ".MAIN_DB_PREFIX."categorie_societe as cs";
$sql .= ", ".MAIN_DB_PREFIX."categorie as c, ".MAIN_DB_PREFIX."categorie_fournisseur as cs";
}
$sql .= " WHERE p.rowid = pf.fk_paiementfourn";
$sql .= " AND pf.fk_facturefourn = f.rowid";

40
htdocs/compta/tva/list.php
View File

@ -328,7 +328,7 @@ $newcardbutton .= dolGetButtonTitle($langs->trans('NewVATPayment'), '', 'fa fa-p
print_barre_liste($langs->trans("VATDeclarations"), $page, $_SERVER['PHP_SELF'], $param, $sortfield, $sortorder, '', $num, $nbtotalofrecords, 'title_accountancy', 0, $newcardbutton, '', $limit, 0, 0, 1);
$varpage = empty($contextpage) ? $_SERVER['PHP_SELF'] : $contextpage;
$selectedfields = $form->multiSelectArrayWithCheckbox('selectedfields', $arrayfields, $varpage); // This also change content of $arrayfields
$selectedfields = $form->multiSelectArrayWithCheckbox('selectedfields', $arrayfields, $varpage, getDolGlobalString('MAIN_CHECKBOX_LEFT_COLUMN')); // This also change content of $arrayfields
if ($massactionbutton) {
$selectedfields .= $form->showCheckAddButtons('checkforselect', 1);
}
@ -338,6 +338,13 @@ print '<table class="tagtable liste'.($moreforfilter ? " listwithfilterbefore" :
print '<tr class="liste_titre_filter">';
// Filter: Buttons
if (getDolGlobalString('MAIN_CHECKBOX_LEFT_COLUMN')) {
print '<td class="liste_titre maxwidthsearch">';
print $form->showFilterAndCheckAddButtons(0);
print '</td>';
}
// Filters: Lines (placeholder)
if (!empty($conf->global->MAIN_VIEW_LINE_NUMBER_IN_LIST)) {
print '<td class="liste_titre">';
@ -417,13 +424,17 @@ $reshook = $hookmanager->executeHooks('printFieldListOption', $parameters); // N
print $hookmanager->resPrint;
// Filter: Buttons
print '<td class="liste_titre maxwidthsearch">';
print $form->showFilterAndCheckAddButtons(0);
print '</td>';
if (!getDolGlobalString('MAIN_CHECKBOX_LEFT_COLUMN')) {
print '<td class="liste_titre maxwidthsearch">';
print $form->showFilterAndCheckAddButtons(0);
print '</td>';
}
print '</tr>';
print '<tr class="liste_titre">';
if (getDolGlobalString('MAIN_CHECKBOX_LEFT_COLUMN')) {
print_liste_field_titre($selectedfields, $_SERVER['PHP_SELF'], '', '', '', 'align="center"', $sortfield, $sortorder, 'maxwidthsearch ');
}
if (!empty($conf->global->MAIN_VIEW_LINE_NUMBER_IN_LIST)) {
print_liste_field_titre('#', $_SERVER['PHP_SELF'], '', '', $param, '', $sortfield, $sortorder);
}
@ -454,7 +465,9 @@ $parameters = array('arrayfields'=>$arrayfields, 'param'=>$param, 'sortfield'=>$
$reshook = $hookmanager->executeHooks('printFieldListTitle', $parameters); // Note that $action and $object may have been modified by hook
print $hookmanager->resPrint;
print_liste_field_titre($selectedfields, $_SERVER['PHP_SELF'], '', '', '', 'align="center"', $sortfield, $sortorder, 'maxwidthsearch ');
if (!getDolGlobalString('MAIN_CHECKBOX_LEFT_COLUMN')) {
print_liste_field_titre($selectedfields, $_SERVER['PHP_SELF'], '', '', '', 'align="center"', $sortfield, $sortorder, 'maxwidthsearch ');
}
print '</tr>';
$i = 0;
@ -488,6 +501,11 @@ while ($i < min($num, $limit)) {
} else {
print '<tr class="oddeven">';
// Buttons
if (getDolGlobalString('MAIN_CHECKBOX_LEFT_COLUMN')) {
print '<td></td>';
}
// No
if (!empty($conf->global->MAIN_VIEW_LINE_NUMBER_IN_LIST)) {
print '<td>'.(($offset * $limit) + $i).'</td>';
@ -527,7 +545,10 @@ while ($i < min($num, $limit)) {
}
// Date payment
/*if (!empty($arrayfields['t.datep']['checked'])) {
/*if // Buttons
if (getDolGlobalString('MAIN_CHECKBOX_LEFT_COLUMN')) {
print '<td></td>';
}(!empty($arrayfields['t.datep']['checked'])) {
print '<td class="center">'.dol_print_date($db->jdate($obj->datep), 'day').'</td>';
if (!$i) $totalarray['nbfield']++;
}*/
@ -591,8 +612,9 @@ while ($i < min($num, $limit)) {
}
// Buttons
print '<td></td>';
if (!getDolGlobalString('MAIN_CHECKBOX_LEFT_COLUMN')) {
print '<td></td>';
}
print '</tr>';
}

2
htdocs/conf/conf.php.example
View File

@ -302,7 +302,7 @@ $dolibarr_main_restrict_ip='';
// This might be required if you access Dolibarr behind a proxy that make bad URL rewriting, to avoid false alarms.
// In most cases, you should always keep this to 0.
// Default value: 0
// Possible values: 0 or 1
// Possible values: 0 or 1 (no strict CSRF test, only test on referer) or 2 (no CSRF test at all)
// Examples:
// $dolibarr_nocsrfcheck='0';
//

6
htdocs/contact/class/contact.class.php
View File

@ -101,7 +101,7 @@ class Contact extends CommonObject
'poste' =>array('type'=>'varchar(80)', 'label'=>'PostOrFunction', 'enabled'=>1, 'visible'=>-1, 'position'=>52),
'address' =>array('type'=>'varchar(255)', 'label'=>'Address', 'enabled'=>1, 'visible'=>-1, 'position'=>55),
'zip' =>array('type'=>'varchar(25)', 'label'=>'Zip', 'enabled'=>1, 'visible'=>1, 'position'=>60),
'town' =>array('type'=>'text', 'label'=>'Town', 'enabled'=>1, 'visible'=>-1, 'position'=>65),
'town' =>array('type'=>'varchar(50)', 'label'=>'Town', 'enabled'=>1, 'visible'=>-1, 'position'=>65),
'fk_departement' =>array('type'=>'integer', 'label'=>'Fk departement', 'enabled'=>1, 'visible'=>3, 'position'=>70),
'fk_pays' =>array('type'=>'integer', 'label'=>'Fk pays', 'enabled'=>1, 'visible'=>3, 'position'=>75),
'fk_soc' =>array('type'=>'integer', 'label'=>'ThirdParty', 'enabled'=>1, 'visible'=>1, 'position'=>77, 'searchall'=>1),
@ -117,8 +117,8 @@ class Contact extends CommonObject
'fk_stcommcontact' =>array('type'=>'integer', 'label'=>'ProspectStatus', 'enabled'=>1, 'visible'=>-1, 'notnull'=>1, 'position'=>220),
'fk_prospectlevel' =>array('type'=>'varchar(12)', 'label'=>'ProspectLevel', 'enabled'=>1, 'visible'=>-1, 'position'=>255),
'no_email' =>array('type'=>'smallint(6)', 'label'=>'No_Email', 'enabled'=>1, 'visible'=>-1, 'notnull'=>1, 'position'=>180),
'note_private' =>array('type'=>'text', 'label'=>'NotePrivate', 'enabled'=>1, 'visible'=>3, 'position'=>195, 'searchall'=>1),
'note_public' =>array('type'=>'text', 'label'=>'NotePublic', 'enabled'=>1, 'visible'=>3, 'position'=>200, 'searchall'=>1),
'note_private' =>array('type'=>'html', 'label'=>'NotePrivate', 'enabled'=>1, 'visible'=>3, 'position'=>195, 'searchall'=>1),
'note_public' =>array('type'=>'html', 'label'=>'NotePublic', 'enabled'=>1, 'visible'=>3, 'position'=>200, 'searchall'=>1),
'default_lang' =>array('type'=>'varchar(6)', 'label'=>'Default lang', 'enabled'=>1, 'visible'=>3, 'position'=>205),
'canvas' =>array('type'=>'varchar(32)', 'label'=>'Canvas', 'enabled'=>1, 'visible'=>3, 'position'=>210),
'datec' =>array('type'=>'datetime', 'label'=>'DateCreation', 'enabled'=>1, 'visible'=>-1, 'position'=>300),

12
htdocs/contact/list.php
View File

@ -453,28 +453,26 @@ if ($search_priv != '0' && $search_priv != '1') {
}
// Search Categories
// Search Contact Categories
// Search Contact Categories
$searchCategoryContactList = $search_categ ? array($search_categ) : array();
$searchCategoryContactOperator = 0;
// Search for tag/category ($searchCategoryContactList is an array of ID)
// Search for tag/category ($searchCategoryContactList is an array of ID)
if (!empty($searchCategoryContactList)) {
$searchCategoryContactSqlList = array();
$listofcategoryid = '';
foreach ($searchCategoryContactList as $searchCategoryContact) {
if (intval($searchCategoryContact) == -2) {
$searchCategoryContactSqlList[] = "NOT EXISTS (SELECT ck.fk_socpeople FROM ".MAIN_DB_PREFIX."categorie_contact as ck WHERE s.rowid = ck.fk_socpeople)";
$searchCategoryContactSqlList[] = "NOT EXISTS (SELECT ck.fk_socpeople FROM ".MAIN_DB_PREFIX."categorie_contact as ck WHERE p.rowid = ck.fk_socpeople)";
} elseif (intval($searchCategoryContact) > 0) {
if ($searchCategoryContactOperator == 0) {
$searchCategoryContactSqlList[] = " EXISTS (SELECT ck.fk_socpeople FROM ".MAIN_DB_PREFIX."categorie_contact as ck WHERE s.rowid = ck.fk_socpeople AND ck.fk_categorie = ".((int) $searchCategoryContact).")";
$searchCategoryContactSqlList[] = " EXISTS (SELECT ck.fk_socpeople FROM ".MAIN_DB_PREFIX."categorie_contact as ck WHERE p.rowid = ck.fk_socpeople AND ck.fk_categorie = ".((int) $searchCategoryContact).")";
} else {
$listofcategoryid .= ($listofcategoryid ? ', ' : '') .((int) $searchCategoryContact);
}
}
}
if ($listofcategoryid) {
$searchCategoryContactSqlList[] = " EXISTS (SELECT ck.fk_socpeople FROM ".MAIN_DB_PREFIX."categorie_contact as ck WHERE s.rowid = ck.fk_socpeople AND ck.fk_categorie IN (".$db->sanitize($listofcategoryid)."))";
$searchCategoryContactSqlList[] = " EXISTS (SELECT ck.fk_socpeople FROM ".MAIN_DB_PREFIX."categorie_contact as ck WHERE p.rowid = ck.fk_socpeople AND ck.fk_categorie IN (".$db->sanitize($listofcategoryid)."))";
}
if ($searchCategoryContactOperator == 1) {
if (!empty($searchCategoryContactSqlList)) {

8
htdocs/contrat/class/contrat.class.php
View File

@ -238,8 +238,8 @@ class Contrat extends CommonObject
'fk_commercial_signature' =>array('type'=>'integer:User:user/class/user.class.php', 'label'=>'SaleRepresentative Signature', 'enabled'=>1, 'visible'=>-1, 'position'=>80),
'fk_commercial_suivi' =>array('type'=>'integer:User:user/class/user.class.php', 'label'=>'SaleRepresentative follower', 'enabled'=>1, 'visible'=>-1, 'position'=>85),
'fk_user_author' =>array('type'=>'integer:User:user/class/user.class.php', 'label'=>'UserAuthor', 'enabled'=>1, 'visible'=>-1, 'notnull'=>1, 'position'=>90),
'note_public' =>array('type'=>'text', 'label'=>'NotePublic', 'enabled'=>1, 'visible'=>0, 'position'=>105, 'searchall'=>1),
'note_private' =>array('type'=>'text', 'label'=>'NotePrivate', 'enabled'=>1, 'visible'=>0, 'position'=>110, 'searchall'=>1),
'note_public' =>array('type'=>'html', 'label'=>'NotePublic', 'enabled'=>1, 'visible'=>0, 'position'=>105, 'searchall'=>1),
'note_private' =>array('type'=>'html', 'label'=>'NotePrivate', 'enabled'=>1, 'visible'=>0, 'position'=>110, 'searchall'=>1),
'model_pdf' =>array('type'=>'varchar(255)', 'label'=>'Model pdf', 'enabled'=>1, 'visible'=>0, 'position'=>115),
'import_key' =>array('type'=>'varchar(14)', 'label'=>'ImportId', 'enabled'=>1, 'visible'=>-2, 'position'=>120),
'extraparams' =>array('type'=>'varchar(255)', 'label'=>'Extraparams', 'enabled'=>1, 'visible'=>-1, 'position'=>125),
@ -2988,8 +2988,8 @@ class ContratLigne extends CommonObjectLine
'fk_contrat' =>array('type'=>'integer:Contrat:contrat/class/contrat.class.php', 'label'=>'Contract', 'enabled'=>1, 'visible'=>-1, 'notnull'=>1, 'position'=>70),
'fk_product' =>array('type'=>'integer:Product:product/class/product.class.php:1', 'label'=>'Product', 'enabled'=>1, 'visible'=>-1, 'position'=>75),
//'fk_user_author' =>array('type'=>'integer:User:user/class/user.class.php', 'label'=>'Fk user author', 'enabled'=>1, 'visible'=>-1, 'notnull'=>1, 'position'=>90),
'note_private' =>array('type'=>'text', 'label'=>'NotePublic', 'enabled'=>1, 'visible'=>0, 'position'=>105),
'note_public' =>array('type'=>'text', 'label'=>'NotePrivate', 'enabled'=>1, 'visible'=>0, 'position'=>110),
'note_private' =>array('type'=>'html', 'label'=>'NotePublic', 'enabled'=>1, 'visible'=>0, 'position'=>105),
'note_public' =>array('type'=>'html', 'label'=>'NotePrivate', 'enabled'=>1, 'visible'=>0, 'position'=>110),
//'model_pdf' =>array('type'=>'varchar(255)', 'label'=>'Model pdf', 'enabled'=>1, 'visible'=>0, 'position'=>115),
//'import_key' =>array('type'=>'varchar(14)', 'label'=>'ImportId', 'enabled'=>1, 'visible'=>-2, 'position'=>120),
//'extraparams' =>array('type'=>'varchar(255)', 'label'=>'Extraparams', 'enabled'=>1, 'visible'=>-1, 'position'=>125),

25
htdocs/core/actions_addupdatedelete.inc.php
View File

@ -76,8 +76,20 @@ if ($action == 'add' && !empty($permissiontoadd)) {
}
// Set value to insert
if (in_array($object->fields[$key]['type'], array('text', 'html'))) {
$value = GETPOST($key, 'restricthtml');
if (preg_match('/^text/', $object->fields[$key]['type'])) {
$tmparray = explode(':', $object->fields[$key]['type']);
if (!empty($tmparray[1])) {
$value = GETPOST($key, $tmparray[1]);
} else {
$value = GETPOST($key, 'nohtml');
}
} elseif (preg_match('/^html/', $object->fields[$key]['type'])) {
$tmparray = explode(':', $object->fields[$key]['type']);
if (!empty($tmparray[1])) {
$value = GETPOST($key, $tmparray[1]);
} else {
$value = GETPOST($key, 'restricthtml');
}
} elseif ($object->fields[$key]['type'] == 'date') {
$value = dol_mktime(12, 0, 0, GETPOST($key.'month', 'int'), GETPOST($key.'day', 'int'), GETPOST($key.'year', 'int')); // for date without hour, we use gmt
} elseif ($object->fields[$key]['type'] == 'datetime') {
@ -205,7 +217,14 @@ if ($action == 'update' && !empty($permissiontoadd)) {
}
// Set value to update
if (preg_match('/^(text|html)/', $object->fields[$key]['type'])) {
if (preg_match('/^text/', $object->fields[$key]['type'])) {
$tmparray = explode(':', $object->fields[$key]['type']);
if (!empty($tmparray[1])) {
$value = GETPOST($key, $tmparray[1]);
} else {
$value = GETPOST($key, 'nohtml');
}
} elseif (preg_match('/^html/', $object->fields[$key]['type'])) {
$tmparray = explode(':', $object->fields[$key]['type']);
if (!empty($tmparray[1])) {
$value = GETPOST($key, $tmparray[1]);

7
htdocs/core/actions_setnotes.inc.php
View File

@ -60,7 +60,12 @@ if ($action == 'setnote_public' && !empty($permissionnote) && !GETPOST('cancel',
$hidedesc = (GETPOST('hidedesc', 'int') ? GETPOST('hidedesc', 'int') : (!empty($conf->global->MAIN_GENERATE_DOCUMENTS_HIDE_DESC) ? 1 : 0));
$hideref = (GETPOST('hideref', 'int') ? GETPOST('hideref', 'int') : (!empty($conf->global->MAIN_GENERATE_DOCUMENTS_HIDE_REF) ? 1 : 0));
$result = $object->generateDocument($model, $outputlangs, $hidedetails, $hidedesc, $hideref);
//see #21072: Update a public note with a "document model not found" is not really a problem : the PDF is not created/updated
//but the note is saved, so just add a notification will be enought
$resultGenDoc = $object->generateDocument($model, $outputlangs, $hidedetails, $hidedesc, $hideref);
if ($resultGenDoc < 0) {
setEventMessages($object->error, $object->errors, 'warnings');
}
if ($result < 0) {
dol_print_error($db, $result);

8
htdocs/core/class/cgenericdic.class.php
View File

@ -82,6 +82,8 @@ class CGenericDic
$fieldlabel = 'label';
if ($this->table_element == 'c_stcomm') {
$fieldlabel = 'libelle';
} elseif ($this->table_element == 'c_type_fees') {
$fieldrowid = 'id';
}
$error = 0;
@ -162,6 +164,8 @@ class CGenericDic
if ($this->table_element == 'c_stcomm') {
$fieldrowid = 'id';
$fieldlabel = 'libelle';
} elseif ($this->table_element == 'c_type_fees') {
$fieldrowid = 'id';
}
$sql = "SELECT";
@ -233,6 +237,8 @@ class CGenericDic
if ($this->table_element == 'c_stcomm') {
$fieldrowid = 'id';
$fieldlabel = 'libelle';
} elseif ($this->table_element == 'c_type_fees') {
$fieldrowid = 'id';
}
$sql = "SELECT";
@ -303,6 +309,8 @@ class CGenericDic
if ($this->table_element == 'c_stcomm') {
$fieldrowid = 'id';
$fieldlabel = 'libelle';
} elseif ($this->table_element == 'c_type_fees') {
$fieldrowid = 'id';
}
// Clean parameters

19
htdocs/core/class/commondocgenerator.class.php
View File

@ -5,7 +5,7 @@
* Copyright (C) 2005-2012 Regis Houssin <regis.houssin@inodbox.com>
* Copyright (C) 2015 Marcos García <marcosgdf@gmail.com>
* Copyright (C) 2016 Charlie Benke <charlie@patas-monkey.com>
* Copyright (C) 2018-2020 Frédéric France <frederic.france@netlogic.fr>
* Copyright (C) 2018-2023 Frédéric France <frederic.france@netlogic.fr>
* Copyright (C) 2020 Josep Lluís Amador <joseplluis@lliuretic.cat>
*
* This program is free software; you can redistribute it and/or modify
@ -65,6 +65,21 @@ abstract class CommonDocGenerator
*/
public $scandir;
/**
* @var string model name
*/
public $name;
/**
* @var string model description (short text)
*/
public $description;
/**
* @var array
*/
public $format;
public $page_hauteur;
public $page_largeur;
public $marge_gauche;
@ -1104,7 +1119,7 @@ abstract class CommonDocGenerator
public function getColumnContentXStart($colKey)
{
$colDef = $this->cols[$colKey];
return (isset($colDef['xStartPos']) ? $colDef['xStartPos'] : 0) + $colDef['content']['padding'][3];
return (isset($colDef['xStartPos']) ? $colDef['xStartPos'] : 0) + $colDef['content']['padding'][3];
}
/**

45
htdocs/core/class/commoninvoice.class.php
View File

@ -1735,6 +1735,7 @@ abstract class CommonInvoice extends CommonObject
$complementaryinfo .= '/30/'.$this->thirdparty->tva_intra;
}
include_once DOL_DOCUMENT_ROOT.'/compta/bank/class/account.class.php';
$bankaccount = new Account($this->db);
// Header
@ -1742,25 +1743,36 @@ abstract class CommonInvoice extends CommonObject
$s .= "SPC\n";
$s .= "0200\n";
$s .= "1\n";
// Info seller
// Info Seller ("Compte / Payable à")
if ($this->fk_account > 0) {
// Bank BAN if country is LI or CH
// TODO Add test on bank iban
// Bank BAN if country is LI or CH. TODO Add a test to check than IBAN start with CH or LI
$bankaccount->fetch($this->fk_account);
$s .= $bankaccount->iban."\n";
} else {
$s .= "\n";
}
// Seller
$s .= "S\n";
$s .= dol_trunc($mysoc->name, 70, 'right', 'UTF-8', 1)."\n";
$addresslinearray = explode("\n", $mysoc->address);
$s .= dol_trunc(empty($addresslinearray[1]) ? '' : $addresslinearray[1], 70, 'right', 'UTF-8', 1)."\n"; // address line 1
$s .= dol_trunc(empty($addresslinearray[2]) ? '' : $addresslinearray[2], 70, 'right', 'UTF-8', 1)."\n"; // address line 2
$s .= dol_trunc($mysoc->zip, 16, 'right', 'UTF-8', 1)."\n";
$s .= dol_trunc($mysoc->town, 35, 'right', 'UTF-8', 1)."\n";
$s .= dol_trunc($mysoc->country_code, 2, 'right', 'UTF-8', 1)."\n";
// Final seller
if ($bankaccount->id > 0 && getDolGlobalString('PDF_SWISS_QRCODE_USE_OWNER_OF_ACCOUNT_AS_CREDITOR')) {
// If a bank account is prodived and we ask to use it as creditor, we use the bank address
// TODO In a future, we may always use this address, and if name/address/zip/town/country differs from $mysoc, we can use the address of $mysoc into the final seller field ?
$s .= "S\n";
$s .= dol_trunc($bankaccount->proprio, 70, 'right', 'UTF-8', 1)."\n";
$addresslinearray = explode("\n", $bankaccount->owner_address);
$s .= dol_trunc(empty($addresslinearray[1]) ? '' : $addresslinearray[1], 70, 'right', 'UTF-8', 1)."\n"; // address line 1
$s .= dol_trunc(empty($addresslinearray[2]) ? '' : $addresslinearray[2], 70, 'right', 'UTF-8', 1)."\n"; // address line 2
/*$s .= dol_trunc($mysoc->zip, 16, 'right', 'UTF-8', 1)."\n";
$s .= dol_trunc($mysoc->town, 35, 'right', 'UTF-8', 1)."\n";
$s .= dol_trunc($mysoc->country_code, 2, 'right', 'UTF-8', 1)."\n";*/
} else {
$s .= "S\n";
$s .= dol_trunc($mysoc->name, 70, 'right', 'UTF-8', 1)."\n";
$addresslinearray = explode("\n", $mysoc->address);
$s .= dol_trunc(empty($addresslinearray[1]) ? '' : $addresslinearray[1], 70, 'right', 'UTF-8', 1)."\n"; // address line 1
$s .= dol_trunc(empty($addresslinearray[2]) ? '' : $addresslinearray[2], 70, 'right', 'UTF-8', 1)."\n"; // address line 2
$s .= dol_trunc($mysoc->zip, 16, 'right', 'UTF-8', 1)."\n";
$s .= dol_trunc($mysoc->town, 35, 'right', 'UTF-8', 1)."\n";
$s .= dol_trunc($mysoc->country_code, 2, 'right', 'UTF-8', 1)."\n";
}
// Final seller (Ultimate seller) ("Créancier final" = "En faveur de")
$s .= "\n";
$s .= "\n";
$s .= "\n";
@ -1782,13 +1794,18 @@ abstract class CommonInvoice extends CommonObject
$s .= dol_trunc($this->thirdparty->country_code, 2, 'right', 'UTF-8', 1)."\n";
// ID of payment
$s .= "NON\n"; // NON or QRR
$s .= "\n"; // QR Code if previous field is QRR
$s .= "\n"; // QR Code reference if previous field is QRR
// Free text
if ($complementaryinfo) {
$s .= $complementaryinfo."\n";
} else {
$s .= "\n";
}
$s .= "EPD\n";
// More text, complementary info
if ($complementaryinfo) {
$s .= $complementaryinfo."\n";
}
$s .= "\n";
//var_dump($s);exit;
return $s;

29
htdocs/core/class/commonobject.class.php
View File

@ -831,7 +831,7 @@ abstract class CommonObject
}
if ($this->element == 'contact') {
$contactid = $this->id;
$thirdpartyid = empty($object->fk_soc) ? 0 : $object->fk_soc;
$thirdpartyid = empty($this->fk_soc) ? 0 : $this->fk_soc;
}
if ($this->element == 'user') {
$contactid = $this->contact_id;
@ -6058,6 +6058,8 @@ abstract class CommonObject
if (!empty($extrafields->attributes[$this->table_element]) && !empty($extrafields->attributes[$this->table_element]['computed'][$key])) {
//var_dump($conf->disable_compute);
if (empty($conf->disable_compute)) {
global $objectoffield; // We set a global variable to $objectoffield so
$objectoffield = $this; // we can use it inside computed formula
$this->array_options["options_".$key] = dol_eval($extrafields->attributes[$this->table_element]['computed'][$key], 1, 0, '');
}
}
@ -6288,7 +6290,6 @@ abstract class CommonObject
$new_array_options[$key] = $object->id;
} else {
$this->error = "Id/Ref '".$value."' for object '".$object->element."' not found";
$this->db->rollback();
return -1;
}
}
@ -8066,10 +8067,16 @@ abstract class CommonObject
$out .= "\n";
$nbofextrafieldsshown = 0;
$extrafields_collapse_num = '';
$e = 0; // var to manage the modulo (odd/even)
$lastseparatorkeyfound = '';
$extrafields_collapse_num = '';
$extrafields_collapse_num_old = '';
$i = 0;
foreach ($extrafields->attributes[$this->table_element]['label'] as $key => $label) {
$i++;
// Show only the key field in params
if (is_array($params) && array_key_exists('onlykey', $params) && $key != $params['onlykey']) {
continue;
@ -8104,6 +8111,7 @@ abstract class CommonObject
if (empty($perms)) {
continue;
}
// Load language if required
if (!empty($extrafields->attributes[$this->table_element]['langfile'][$key])) {
$langs->load($extrafields->attributes[$this->table_element]['langfile'][$key]);
@ -8156,7 +8164,8 @@ abstract class CommonObject
// Output value of the current field
if ($extrafields->attributes[$this->table_element]['type'][$key] == 'separate') {
$extrafields_collapse_num = '';
$extrafields_collapse_num = $key;
/*
$extrafield_param = $extrafields->attributes[$this->table_element]['param'][$key];
if (!empty($extrafield_param) && is_array($extrafield_param)) {
$extrafield_param_list = array_keys($extrafield_param['options']);
@ -8165,14 +8174,20 @@ abstract class CommonObject
$extrafield_collapse_display_value = intval($extrafield_param_list[0]);
if ($extrafield_collapse_display_value == 1 || $extrafield_collapse_display_value == 2) {
$extrafields_collapse_num = $extrafields->attributes[$this->table_element]['pos'][$key];
//$extrafields_collapse_num = $extrafields->attributes[$this->table_element]['pos'][$key];
$extrafields_collapse_num = $key;
}
}
}
*/
// if colspan=0 or 1, the second column is not extended, so the separator must be on 2 columns
$out .= $extrafields->showSeparator($key, $this, ($colspan ? $colspan + 1 : 2), $display_type, $mode);
$lastseparatorkeyfound = $key;
} else {
$collapse_group = $extrafields_collapse_num.(!empty($this->id) ? '_'.$this->id : '');
$class = (!empty($extrafields->attributes[$this->table_element]['hidden'][$key]) ? 'hideobject ' : '');
$csstyle = '';
if (is_array($params) && count($params) > 0) {
@ -8243,13 +8258,13 @@ abstract class CommonObject
$helptoshow = $langs->trans($extrafields->attributes[$this->table_element]['help'][$key]);
if ($display_type == 'card') {
$out .= '<tr '.($html_id ? 'id="'.$html_id.'" ' : '').$csstyle.' class="field_options_'.$key.' '.$class.$this->element.'_extras_'.$key.' trextrafields_collapse'.$extrafields_collapse_num.(!empty($this->id)?'_'.$this->id:'').'" '.$domData.' >';
$out .= '<tr '.($html_id ? 'id="'.$html_id.'" ' : '').$csstyle.' class="field_options_'.$key.' '.$class.$this->element.'_extras_'.$key.' trextrafields_collapse'.$collapse_group.'" '.$domData.' >';
if (!empty($conf->global->MAIN_VIEW_LINE_NUMBER) && ($action == 'view' || $action == 'valid' || $action == 'editline' || $action == 'confirm_valid' || $action == 'confirm_cancel')) {
$out .= '<td></td>';
}
$out .= '<td class="titlefieldcreate wordbreak';
} elseif ($display_type == 'line') {
$out .= '<div '.($html_id ? 'id="'.$html_id.'" ' : '').$csstyle.' class="fieldline_options_'.$key.' '.$class.$this->element.'_extras_'.$key.' trextrafields_collapse'.$extrafields_collapse_num.(!empty($this->id)?'_'.$this->id:'').'" '.$domData.' >';
$out .= '<div '.($html_id ? 'id="'.$html_id.'" ' : '').$csstyle.' class="fieldline_options_'.$key.' '.$class.$this->element.'_extras_'.$key.' trextrafields_collapse'.$collapse_group.'" '.$domData.' >';
$out .= '<div style="display: inline-block; padding-right:4px" class="wordbreak';
}
//$out .= "titlefield";

11
htdocs/core/class/commonsocialnetworks.class.php
View File

@ -53,9 +53,11 @@ trait CommonSocialNetworks
}
if ($nbofnetworks > 1) {
print '<tr><td><br><a class="paddingtop paddingbottom socialnetworklnk" id="socialnetworklnk" href="javascript:toogleSocialNetwork(true)"></a></td>';
print '<td'.($colspan ? ' colspan="'.($colspan-1).'"' : '').'>';
print '<br><a class="paddingtop paddingbottom socialnetworklnk" href="javascript:toogleSocialNetwork(true)"><span class="badge badge-secondary socialnetworklnk">'.$nbactive.'</span></a>';
print '<tr><td><br><a class="paddingtop paddingbottom socialnetworklnk onreposition" colspan="'.$colspan.'" id="socialnetworklnk" href="#"></a>';
//print '</td>';
//print '<td'.($colspan ? ' colspan="'.($colspan-1).'"' : '').'>';
//print '<br>';
print ' <a class="paddingtop paddingbottom socialnetworklnk onreposition" href="#"><span class="badge badge-secondary socialnetworklnk">'.$nbactive.'</span></a>';
print '</td>';
print '</tr>';
}
@ -80,9 +82,10 @@ trait CommonSocialNetworks
print '<script type="text/javascript">
$("document").ready(function() { toogleSocialNetwork(false); });
jQuery(".socialnetworklnk").onClick(function() {
jQuery(".socialnetworklnk").click(function() {
console.log("Click on link");
toogleSocialNetwork(true);
return false;
});
function toogleSocialNetwork(chgCookieState) {

2
htdocs/core/class/emailsenderprofile.class.php
View File

@ -98,7 +98,7 @@ class EmailSenderProfile extends CommonObject
'label' => array('type'=>'varchar(255)', 'label'=>'Label', 'visible'=>1, 'enabled'=>1, 'position'=>30, 'notnull'=>1),
'email' => array('type'=>'varchar(255)', 'label'=>'Email', 'visible'=>1, 'enabled'=>1, 'position'=>40, 'notnull'=>-1),
'private' => array('type'=>'integer:User:user/class/user.class.php', 'label'=>'User', 'visible'=>-1, 'enabled'=>1, 'position'=>50, 'default'=>'0', 'notnull'=>1),
'signature' => array('type'=>'text', 'label'=>'Signature', 'visible'=>3, 'enabled'=>1, 'position'=>400, 'notnull'=>-1, 'index'=>1,),
'signature' => array('type'=>'html', 'label'=>'Signature', 'visible'=>3, 'enabled'=>1, 'position'=>400, 'notnull'=>-1, 'index'=>1,),
'position' => array('type'=>'integer', 'label'=>'Position', 'visible'=>1, 'enabled'=>1, 'position'=>405, 'notnull'=>-1, 'index'=>1,),
'date_creation' => array('type'=>'datetime', 'label'=>'DateCreation', 'visible'=>-1, 'enabled'=>1, 'position'=>500, 'notnull'=>1,),
'tms' => array('type'=>'timestamp', 'label'=>'DateModification', 'visible'=>-1, 'enabled'=>1, 'position'=>500, 'notnull'=>1,),

34
htdocs/core/class/extrafields.class.php
View File

@ -1233,7 +1233,7 @@ class ExtraFields
$InfoFieldList[4] = str_replace('$ID$', '0', $InfoFieldList[4]);
}
//We have to join on extrafield table
if (strpos($InfoFieldList[4], 'extra') !== false) {
if (strpos($InfoFieldList[4], 'extra.') !== false) {
$sql .= ' as main, '.$this->db->prefix().$InfoFieldList[0].'_extrafields as extra';
$sqlwhere .= " WHERE extra.fk_object=main.".$InfoFieldList[2]." AND ".$InfoFieldList[4];
} else {
@ -1690,7 +1690,7 @@ class ExtraFields
$sql = "SELECT ".$keyList;
$sql .= ' FROM '.$this->db->prefix().$InfoFieldList[0];
if (!empty($InfoFieldList[4]) && strpos($InfoFieldList[4], 'extra') !== false) {
if (!empty($InfoFieldList[4]) && strpos($InfoFieldList[4], 'extra.') !== false) {
$sql .= ' as main';
}
if ($selectkey == 'rowid' && empty($value)) {
@ -1806,7 +1806,7 @@ class ExtraFields
$sql = "SELECT ".$keyList;
$sql .= " FROM ".$this->db->prefix().$InfoFieldList[0];
if (strpos($InfoFieldList[4], 'extra') !== false) {
if (strpos($InfoFieldList[4], 'extra.') !== false) {
$sql .= ' as main';
}
// $sql.= " WHERE ".$selectkey."='".$this->db->escape($value)."'";
@ -1975,21 +1975,27 @@ class ExtraFields
if (!empty($extrafield_param) && is_array($extrafield_param)) {
$extrafield_param_list = array_keys($extrafield_param['options']);
}
// Set $extrafield_collapse_display_value (do we have to collapse/expand the group after the separator)
$extrafield_collapse_display_value = -1;
$expand_display = false;
if (is_array($extrafield_param_list) && count($extrafield_param_list) > 0) {
$extrafield_collapse_display_value = intval($extrafield_param_list[0]);
$expand_display = ((isset($_COOKIE['DOLCOLLAPSE_'.$object->table_element.'_extrafields_'.$key]) || GETPOST('ignorecollapsesetup', 'int')) ? (empty($_COOKIE['DOLCOLLAPSE_'.$object->table_element.'_extrafields_'.$key]) ? false : true) : ($extrafield_collapse_display_value == 2 ? false : true));
}
$disabledcookiewrite = 0;
if ($mode == 'create') {
$extrafield_collapse_display_value = 0;
// On create mode, force separator group to not be collapsable
$extrafield_collapse_display_value = 1;
$expand_display = true; // We force group to be shown expanded
$disabledcookiewrite = 1; // We keep status of group unchanged into the cookie
}
$out = '<'.$tagtype.' id="trextrafieldseparator'.$key.(!empty($object->id)?'_'.$object->id:'').'" class="trextrafieldseparator trextrafieldseparator'.$key.(!empty($object->id)?'_'.$object->id:'').'">';
$out .= '<'.$tagtype_dyn.' '.(!empty($colspan)?'colspan="' . $colspan . '"':'').'>';
// Some js code will be injected here to manage the collapsing of extrafields
// Output the picto
$out .= '<span class="cursorpointer '.($extrafield_collapse_display_value == 0 ? 'fas fa-square opacitymedium' : 'far fa-'.(($expand_display ? 'minus' : 'plus').'-square')).'"></span>';
$out .= '<span class="'.($extrafield_collapse_display_value ? 'cursorpointer ' : '').($extrafield_collapse_display_value == 0 ? 'fas fa-square opacitymedium' : 'far fa-'.(($expand_display ? 'minus' : 'plus').'-square')).'"></span>';
$out .= '&nbsp;';
$out .= '<strong>';
$out .= $langs->trans($this->attributes[$object->table_element]['label'][$key]);
@ -2004,19 +2010,21 @@ class ExtraFields
// Set the collapse_display status to cookie in priority or if ignorecollapsesetup is 1, if cookie and ignorecollapsesetup not defined, use the setup.
$this->expand_display[$collapse_group] = $expand_display;
if (!empty($conf->use_javascript_ajax) && $mode != 'create') {
if (!empty($conf->use_javascript_ajax)) {
$out .= '<!-- Add js script to manage the collapse/uncollapse of extrafields separators '.$key.' -->'."\n";
$out .= '<script type="text/javascript">'."\n";
$out .= 'jQuery(document).ready(function(){'."\n";
if ($expand_display === false) {
$out .= ' console.log("Inject js for the collapsing of extrafield '.$key.' - hide");'."\n";
$out .= ' jQuery(".trextrafields_collapse'.$collapse_group.'").hide();'."\n";
} else {
$out .= ' console.log("Inject js for collapsing of extrafield '.$key.' - keep visible and set cookie");'."\n";
$out .= ' document.cookie = "DOLCOLLAPSE_'.$object->table_element.'_extrafields_'.$key.'=1; path='.$_SERVER["PHP_SELF"].'"'."\n";
if (empty($disabledcookiewrite)) {
if ($expand_display === false) {
$out .= ' console.log("Inject js for the collapsing of extrafield '.$key.' - hide");'."\n";
$out .= ' jQuery(".trextrafields_collapse'.$collapse_group.'").hide();'."\n";
} else {
$out .= ' console.log("Inject js for collapsing of extrafield '.$key.' - keep visible and set cookie");'."\n";
$out .= ' document.cookie = "DOLCOLLAPSE_'.$object->table_element.'_extrafields_'.$key.'=1; path='.$_SERVER["PHP_SELF"].'"'."\n";
}
}
$out .= ' jQuery("#trextrafieldseparator'.$key.(!empty($object->id)?'_'.$object->id:'').'").click(function(){'."\n";
$out .= ' console.log("We click on collapse/uncollapse .trextrafields_collapse'.$collapse_group.'");'."\n";
$out .= ' console.log("We click on collapse/uncollapse to hide/show .trextrafields_collapse'.$collapse_group.'");'."\n";
$out .= ' jQuery(".trextrafields_collapse'.$collapse_group.'").toggle(100, function(){'."\n";
$out .= ' if (jQuery(".trextrafields_collapse'.$collapse_group.'").is(":hidden")) {'."\n";
$out .= ' jQuery("#trextrafieldseparator'.$key.(!empty($object->id)?'_'.$object->id:'').' '.$tagtype_dyn.' span").addClass("fa-plus-square").removeClass("fa-minus-square");'."\n";

9
htdocs/core/class/utils.class.php
View File

@ -417,13 +417,16 @@ class Utils
}
// TODO Replace with Utils->executeCLI() function but
// we must first introduce the variant with $lowmemorydump into this method.
if ($execmethod == 1) {
$output_arr = array();
$retval = null;
exec($fullcommandclear, $output_arr, $retval);
// TODO Replace this exec with Utils->executeCLI() function.
// We must check that the case for $lowmemorydump works too...
//$utils = new Utils($db);
//$outputfile = $conf->admin->dir_temp.'/dump.tmp';
//$utils->executeCLI($fullcommandclear, $outputfile, 0);
if ($retval != 0) {
$langs->load("errors");
@ -438,6 +441,8 @@ class Utils
if ($i == 1 && preg_match('/Warning.*Using a password/i', $read)) {
continue;
}
// Now check into the result file, that the file end with "-- Dump completed"
// This is possible only if $output_arr is the clear dump file, so not possible with $lowmemorydump set because file is already compressed.
if (!$lowmemorydump) {
fwrite($handle, $read.($execmethod == 2 ? '' : "\n"));
if (preg_match('/'.preg_quote('-- Dump completed', '/').'/i', $read)) {

12
htdocs/core/js/lib_notification.js.php
View File

@ -99,12 +99,12 @@ function first_execution() {
function check_events() {
if (Notification.permission === "granted")
{
var newToken = 'notrequired';
var currentToken = 'notrequired';
const allMeta = document.getElementsByTagName("meta");
for (let i = 0; i < allMeta.length; i++) {
if (allMeta[i].getAttribute("name") == 'anti-csrf-token') {
newToken = allMeta[i].getAttribute('content');
console.log("newToken in page = "+newToken);
if (allMeta[i].getAttribute("name") == 'anti-csrf-currenttoken') {
currentToken = allMeta[i].getAttribute('content');
console.log("currentToken in page = "+currentToken);
}
}
time_js_next_test += time_auto_update;
@ -113,7 +113,7 @@ function check_events() {
$.ajax("<?php print DOL_URL_ROOT.'/core/ajax/check_notifications.php'; ?>", {
type: "post", // Usually post or get
async: true,
data: { time_js_next_test: time_js_next_test, forcechecknow: 1, token: newToken },
data: { time_js_next_test: time_js_next_test, forcechecknow: 1, token: currentToken },
dataType: "json",
success: function (result) {
//console.log(result);
@ -181,7 +181,7 @@ function check_events() {
$.ajax("<?php print DOL_URL_ROOT.'/core/ajax/check_notifications.php?action=stopreminder&listofreminderids='; ?>"+listofreminderids, {
type: "POST", // Usually post or get
async: true,
data: { time_js_next_test: time_js_next_test, token: newToken }
data: { time_js_next_test: time_js_next_test, token: currentToken }
});
} else {
console.log("No reminder to do found, next search at "+time_js_next_test);

10
htdocs/core/lib/company.lib.php
View File

@ -1011,7 +1011,7 @@ function show_contacts($conf, $langs, $db, $object, $backtopage = '', $showuserl
'name' =>array('type'=>'varchar(128)', 'label'=>'Name', 'enabled'=>1, 'visible'=>1, 'notnull'=>1, 'showoncombobox'=>1, 'index'=>1, 'position'=>10, 'searchall'=>1),
'poste' =>array('type'=>'varchar(128)', 'label'=>'PostOrFunction', 'enabled'=>1, 'visible'=>1, 'notnull'=>1, 'showoncombobox'=>2, 'index'=>1, 'position'=>20),
'address' =>array('type'=>'varchar(128)', 'label'=>'Address', 'enabled'=>1, 'visible'=>1, 'notnull'=>1, 'showoncombobox'=>3, 'index'=>1, 'position'=>30),
'note_private' =>array('type'=>'text', 'label'=>'NotePrivate', 'enabled'=>(!getDolGlobalInt('MAIN_LIST_HIDE_PRIVATE_NOTES')), 'visible'=>3, 'position'=>35),
'note_private' =>array('type'=>'html', 'label'=>'NotePrivate', 'enabled'=>(!getDolGlobalInt('MAIN_LIST_HIDE_PRIVATE_NOTES')), 'visible'=>3, 'position'=>35),
'role' =>array('type'=>'checkbox', 'label'=>'Role', 'enabled'=>1, 'visible'=>1, 'notnull'=>1, 'showoncombobox'=>4, 'index'=>1, 'position'=>40),
'birthday' =>array('type'=>'date', 'label'=>'Birthday', 'enabled'=>1, 'visible'=>-1, 'notnull'=> 0, 'position'=>45),
'statut' =>array('type'=>'integer', 'label'=>'Status', 'enabled'=>1, 'visible'=>1, 'notnull'=>1, 'default'=>0, 'index'=>1, 'position'=>50, 'arrayofkeyval'=>array(0=>$contactstatic->LibStatut(0, 1), 1=>$contactstatic->LibStatut(1, 1))),
@ -1132,9 +1132,10 @@ function show_contacts($conf, $langs, $db, $object, $backtopage = '', $showuserl
$extrafieldsobjectkey = $contactstatic->table_element;
include DOL_DOCUMENT_ROOT.'/core/tpl/extrafields_list_search_param.tpl.php';
$sql = "SELECT t.rowid, t.entity, t.lastname, t.firstname, t.fk_pays as country_id, t.civility, t.poste, t.phone as phone_pro, t.phone_mobile, t.phone_perso, t.fax, t.email, t.socialnetworks, t.statut, t.photo,";
$sql .= " t.civility as civility_id, t.address, t.zip, t.town, t.birthday";
$sql .= ", t.note_private";
$sql = "SELECT t.rowid, t.entity, t.lastname, t.firstname, t.fk_pays as country_id, t.civility, t.poste,";
$sql .= " t.phone as phone_pro, t.phone_mobile, t.phone_perso, t.fax, t.email, t.socialnetworks, t.statut, t.photo, t.fk_soc,";
$sql .= " t.civility as civility_id, t.address, t.zip, t.town, t.birthday,";
$sql .= " t.note_private";
$sql .= " FROM ".MAIN_DB_PREFIX."socpeople as t";
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."socpeople_extrafields as ef on (t.rowid = ef.fk_object)";
$sql .= " WHERE t.fk_soc = ".((int) $object->id);
@ -1300,6 +1301,7 @@ function show_contacts($conf, $langs, $db, $object, $backtopage = '', $showuserl
$contactstatic->email = $obj->email;
$contactstatic->socialnetworks = $obj->socialnetworks;
$contactstatic->photo = $obj->photo;
$contactstatic->fk_soc = $obj->fk_soc;
$contactstatic->entity = $obj->entity;
$country_code = getCountry($obj->country_id, 2);

200
htdocs/core/lib/functions.lib.php
View File

@ -515,7 +515,7 @@ function GETPOSTISARRAY($paramname, $method = 0)
* 'aZ09'=check it's simple alpha string (recommended for keys)
* 'aZ09comma'=check it's a string for a sortfield or sortorder
* 'san_alpha'=Use filter_var with FILTER_SANITIZE_STRING (do not use this for free text string)
* 'nohtml'=check there is no html content and no " and no ../
* 'nohtml'=check there is no html content
* 'restricthtml'=check html content is restricted to some tags only
* 'custom'= custom filter specify $filter and $options)
* @param int $method Type of method (0 = get then post, 1 = only get, 2 = only post, 3 = post then get)
@ -1328,6 +1328,10 @@ function dol_string_unaccent($str)
{
global $conf;
if (is_null($str)) {
return '';
}
if (utf8_check($str)) {
if (extension_loaded('intl') && !empty($conf->global->MAIN_UNACCENT_USE_TRANSLITERATOR)) {
$transliterator = \Transliterator::createFromRules(':: Any-Latin; :: Latin-ASCII; :: NFD; :: [:Nonspacing Mark:] Remove; :: NFC;', \Transliterator::FORWARD);
@ -5022,8 +5026,7 @@ function dol_print_error($db = '', $error = '', $errors = null)
$out .= "<br>\n";
$syslog .= "url=".dol_escape_htmltag($_SERVER["REQUEST_URI"]);
$syslog .= ", query_string=".dol_escape_htmltag($_SERVER["QUERY_STRING"]);
} else // Mode CLI
{
} else { // Mode CLI
$out .= '> '.$langs->transnoentities("ErrorInternalErrorDetected").":\n".$argv[0]."\n";
$syslog .= "pid=".dol_getmypid();
}
@ -5035,12 +5038,15 @@ function dol_print_error($db = '', $error = '', $errors = null)
if (is_object($db)) {
if ($_SERVER['DOCUMENT_ROOT']) { // Mode web
$out .= "<b>".$langs->trans("DatabaseTypeManager").":</b> ".$db->type."<br>\n";
$out .= "<b>".$langs->trans("RequestLastAccessInError").":</b> ".($db->lastqueryerror() ? dol_escape_htmltag($db->lastqueryerror()) : $langs->trans("ErrorNoRequestInError"))."<br>\n";
$lastqueryerror = $db->lastqueryerror();
if (!utf8_check($lastqueryerror)) {
$lastqueryerror = "SQL error string is not a valid UTF8 string. We can't show it.";
}
$out .= "<b>".$langs->trans("RequestLastAccessInError").":</b> ".($lastqueryerror ? dol_escape_htmltag($lastqueryerror) : $langs->trans("ErrorNoRequestInError"))."<br>\n";
$out .= "<b>".$langs->trans("ReturnCodeLastAccessInError").":</b> ".($db->lasterrno() ? dol_escape_htmltag($db->lasterrno()) : $langs->trans("ErrorNoRequestInError"))."<br>\n";
$out .= "<b>".$langs->trans("InformationLastAccessInError").":</b> ".($db->lasterror() ? dol_escape_htmltag($db->lasterror()) : $langs->trans("ErrorNoRequestInError"))."<br>\n";
$out .= "<br>\n";
} else // Mode CLI
{
} else { // Mode CLI
// No dol_escape_htmltag for output, we are in CLI mode
$out .= '> '.$langs->transnoentities("DatabaseTypeManager").":\n".$db->type."\n";
$out .= '> '.$langs->transnoentities("RequestLastAccessInError").":\n".($db->lastqueryerror() ? $db->lastqueryerror() : $langs->transnoentities("ErrorNoRequestInError"))."\n";
@ -7173,6 +7179,10 @@ function dolGetFirstLineOfText($text, $nboflines = 1, $charset = 'UTF-8')
*/
function dol_nl2br($stringtoencode, $nl2brmode = 0, $forxml = false)
{
if (is_null($stringtoencode)) {
return '';
}
if (!$nl2brmode) {
return nl2br($stringtoencode, $forxml);
} else {
@ -8949,105 +8959,115 @@ function dol_eval($s, $returnvalue = 0, $hideerrors = 1, $onlysimplestring = '1'
// Only global variables can be changed by eval function and returned to caller
global $db, $langs, $user, $conf, $website, $websitepage;
global $action, $mainmenu, $leftmenu;
global $mysoc;
global $objectoffield;
// Old variables used
global $rights;
global $object;
global $mysoc;
global $obj; // To get $obj used into list when dol_eval is used for computed fields and $obj is not yet $object
global $soc; // For backward compatibility
// Test on dangerous char (used for RCE), we allow only characters to make PHP variable testing
if ($onlysimplestring == '1') {
// We must accept: '1 && getDolGlobalInt("doesnotexist1") && $conf->global->MAIN_FEATURES_LEVEL'
// We must accept: '$conf->barcode->enabled || preg_match(\'/^AAA/\',$leftmenu)'
// We must accept: '$user->rights->cabinetmed->read && !$object->canvas=="patient@cabinetmed"'
if (preg_match('/[^a-z0-9\s'.preg_quote('^$_+-.*>&|=!?():"\',/@', '/').']/i', $s)) {
if ($returnvalue) {
return 'Bad string syntax to evaluate (found chars that are not chars for simplestring): '.$s;
} else {
dol_syslog('Bad string syntax to evaluate (found chars that are not chars for simplestring): '.$s);
return '';
try {
// Test on dangerous char (used for RCE), we allow only characters to make PHP variable testing
if ($onlysimplestring == '1') {
// We must accept: '1 && getDolGlobalInt("doesnotexist1") && $conf->global->MAIN_FEATURES_LEVEL'
// We must accept: '$conf->barcode->enabled || preg_match(\'/^AAA/\',$leftmenu)'
// We must accept: '$user->rights->cabinetmed->read && !$object->canvas=="patient@cabinetmed"'
if (preg_match('/[^a-z0-9\s'.preg_quote('^$_+-.*>&|=!?():"\',/@', '/').']/i', $s)) {
if ($returnvalue) {
return 'Bad string syntax to evaluate (found chars that are not chars for simplestring): '.$s;
} else {
dol_syslog('Bad string syntax to evaluate (found chars that are not chars for simplestring): '.$s);
return '';
}
// TODO
// We can exclude all parenthesis ( that are not '($db' and 'getDolGlobalInt(' and 'getDolGlobalString(' and 'preg_match(' and 'isModEnabled('
// ...
}
} elseif ($onlysimplestring == '2') {
// We must accept: (($reloadedobj = new Task($db)) && ($reloadedobj->fetchNoCompute($object->id) > 0) && ($secondloadedobj = new Project($db)) && ($secondloadedobj->fetchNoCompute($reloadedobj->fk_project) > 0)) ? $secondloadedobj->ref : "Parent project not found"
if (preg_match('/[^a-z0-9\s'.preg_quote('^$_+-.*>&|=!?():"\',/@;[]', '/').']/i', $s)) {
if ($returnvalue) {
return 'Bad string syntax to evaluate (found chars that are not chars for simplestring): '.$s;
} else {
dol_syslog('Bad string syntax to evaluate (found chars that are not chars for simplestring): '.$s);
return '';
}
}
// TODO
// We can exclude all parenthesis ( that are not '($db' and 'getDolGlobalInt(' and 'getDolGlobalString(' and 'preg_match(' and 'isModEnabled('
// ...
}
} elseif ($onlysimplestring == '2') {
// We must accept: (($reloadedobj = new Task($db)) && ($reloadedobj->fetchNoCompute($object->id) > 0) && ($secondloadedobj = new Project($db)) && ($secondloadedobj->fetchNoCompute($reloadedobj->fk_project) > 0)) ? $secondloadedobj->ref : "Parent project not found"
if (preg_match('/[^a-z0-9\s'.preg_quote('^$_+-.*>&|=!?():"\',/@;[]', '/').']/i', $s)) {
if (strpos($s, '::') !== false) {
if ($returnvalue) {
return 'Bad string syntax to evaluate (found chars that are not chars for simplestring): '.$s;
return 'Bad string syntax to evaluate (double : char is forbidden): '.$s;
} else {
dol_syslog('Bad string syntax to evaluate (found chars that are not chars for simplestring): '.$s);
dol_syslog('Bad string syntax to evaluate (double : char is forbidden): '.$s);
return '';
}
}
}
if (strpos($s, '::') !== false) {
if (strpos($s, '`') !== false) {
if ($returnvalue) {
return 'Bad string syntax to evaluate (backtick char is forbidden): '.$s;
} else {
dol_syslog('Bad string syntax to evaluate (backtick char is forbidden): '.$s);
return '';
}
}
if (preg_match('/[^0-9]+\.[^0-9]+/', $s)) { // We refuse . if not between 2 numbers
if ($returnvalue) {
return 'Bad string syntax to evaluate (dot char is forbidden): '.$s;
} else {
dol_syslog('Bad string syntax to evaluate (dot char is forbidden): '.$s);
return '';
}
}
// We block use of php exec or php file functions
$forbiddenphpstrings = array('$$');
$forbiddenphpstrings = array_merge($forbiddenphpstrings, array('_ENV', '_SESSION', '_COOKIE', '_GET', '_POST', '_REQUEST'));
$forbiddenphpfunctions = array("exec", "passthru", "shell_exec", "system", "proc_open", "popen", "eval", "dol_eval", "executeCLI", "verifCond", "base64_decode");
$forbiddenphpfunctions = array_merge($forbiddenphpfunctions, array("fopen", "file_put_contents", "fputs", "fputscsv", "fwrite", "fpassthru", "require", "include", "mkdir", "rmdir", "symlink", "touch", "unlink", "umask"));
$forbiddenphpfunctions = array_merge($forbiddenphpfunctions, array("function", "call_user_func"));
$forbiddenphpregex = 'global\s+\$|\b('.implode('|', $forbiddenphpfunctions).')\b';
do {
$oldstringtoclean = $s;
$s = str_ireplace($forbiddenphpstrings, '__forbiddenstring__', $s);
$s = preg_replace('/'.$forbiddenphpregex.'/i', '__forbiddenstring__', $s);
//$s = preg_replace('/\$[a-zA-Z0-9_\->\$]+\(/i', '', $s); // Remove $function( call and $mycall->mymethod(
} while ($oldstringtoclean != $s);
if (strpos($s, '__forbiddenstring__') !== false) {
dol_syslog('Bad string syntax to evaluate: '.$s, LOG_WARNING);
if ($returnvalue) {
return 'Bad string syntax to evaluate: '.$s;
} else {
dol_syslog('Bad string syntax to evaluate: '.$s);
return '';
}
}
//print $s."<br>\n";
if ($returnvalue) {
return 'Bad string syntax to evaluate (double : char is forbidden): '.$s;
if ($hideerrors) {
return @eval('return '.$s.';');
} else {
return eval('return '.$s.';');
}
} else {
dol_syslog('Bad string syntax to evaluate (double : char is forbidden): '.$s);
return '';
}
}
if (strpos($s, '`') !== false) {
if ($returnvalue) {
return 'Bad string syntax to evaluate (backtick char is forbidden): '.$s;
} else {
dol_syslog('Bad string syntax to evaluate (backtick char is forbidden): '.$s);
return '';
}
}
if (preg_match('/[^0-9]+\.[^0-9]+/', $s)) { // We refuse . if not between 2 numbers
if ($returnvalue) {
return 'Bad string syntax to evaluate (dot char is forbidden): '.$s;
} else {
dol_syslog('Bad string syntax to evaluate (dot char is forbidden): '.$s);
return '';
}
}
// We block use of php exec or php file functions
$forbiddenphpstrings = array('$$');
$forbiddenphpstrings = array_merge($forbiddenphpstrings, array('_ENV', '_SESSION', '_COOKIE', '_GET', '_POST', '_REQUEST'));
$forbiddenphpfunctions = array("exec", "passthru", "shell_exec", "system", "proc_open", "popen", "eval", "dol_eval", "executeCLI", "verifCond", "base64_decode");
$forbiddenphpfunctions = array_merge($forbiddenphpfunctions, array("fopen", "file_put_contents", "fputs", "fputscsv", "fwrite", "fpassthru", "require", "include", "mkdir", "rmdir", "symlink", "touch", "unlink", "umask"));
$forbiddenphpfunctions = array_merge($forbiddenphpfunctions, array("function", "call_user_func"));
$forbiddenphpregex = 'global\s+\$|\b('.implode('|', $forbiddenphpfunctions).')\b';
do {
$oldstringtoclean = $s;
$s = str_ireplace($forbiddenphpstrings, '__forbiddenstring__', $s);
$s = preg_replace('/'.$forbiddenphpregex.'/i', '__forbiddenstring__', $s);
//$s = preg_replace('/\$[a-zA-Z0-9_\->\$]+\(/i', '', $s); // Remove $function( call and $mycall->mymethod(
} while ($oldstringtoclean != $s);
if (strpos($s, '__forbiddenstring__') !== false) {
dol_syslog('Bad string syntax to evaluate: '.$s, LOG_WARNING);
if ($returnvalue) {
return 'Bad string syntax to evaluate: '.$s;
} else {
dol_syslog('Bad string syntax to evaluate: '.$s);
return '';
}
}
//print $s."<br>\n";
if ($returnvalue) {
if ($hideerrors) {
return @eval('return '.$s.';');
} else {
return eval('return '.$s.';');
}
} else {
if ($hideerrors) {
@eval($s);
} else {
eval($s);
if ($hideerrors) {
@eval($s);
} else {
eval($s);
}
}
} catch (Error $e) {
$error = 'Caught error : ';
$error .= $e->getMessage() . ', ';
$error .= 'Trace : ';
$error .= json_encode($e->getTrace());
error_log($error, 1);
}
}

10
htdocs/core/lib/geturl.lib.php
View File

@ -107,10 +107,14 @@ function getURLContent($url, $postorget = 'GET', $param = '', $followlocation =
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, empty($conf->global->MAIN_USE_CONNECT_TIMEOUT) ? 5 : $conf->global->MAIN_USE_CONNECT_TIMEOUT);
curl_setopt($ch, CURLOPT_TIMEOUT, empty($conf->global->MAIN_USE_RESPONSE_TIMEOUT) ? 30 : $conf->global->MAIN_USE_RESPONSE_TIMEOUT);
/*
if ($maxsize) {
// limit size of downloaded files. TODO Add MAIN_SECURITY_MAXFILESIZE_DOWNLOADED
$maxsize = getDolGlobalInt('MAIN_SECURITY_MAXFILESIZE_DOWNLOADED');
if ($maxsize && defined('CURLOPT_MAXFILESIZE_LARGE')) {
curl_setopt($ch, CURLOPT_MAXFILESIZE_LARGE, $maxsize);
} */
}
if ($maxsize && defined('CURLOPT_MAXFILESIZE')) {
curl_setopt($ch, CURLOPT_MAXFILESIZE, $maxsize);
}
//curl_setopt($ch, CURLOPT_SAFE_UPLOAD, true); // PHP 5.5
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); // We want response

427
htdocs/core/lib/invoice.lib.php
View File

@ -280,8 +280,9 @@ function supplier_invoice_rec_prepare_head($object)
function getNumberInvoicesPieChart($mode)
{
global $conf, $db, $langs, $user;
if (($mode == 'customers' && isModEnabled('facture') && !empty($user->rights->facture->lire))
|| ($mode = 'suppliers') && (isModEnabled('fournisseur') || isModEnabled('supplier_invoice')) && !empty($user->rights->facture->lire)
|| ($mode == 'suppliers' && (isModEnabled('fournisseur') || isModEnabled('supplier_invoice')) && !empty($user->rights->facture->lire))
) {
include DOL_DOCUMENT_ROOT.'/theme/'.$conf->theme.'/theme_vars.inc.php';
@ -406,7 +407,9 @@ function getNumberInvoicesPieChart($mode)
dol_print_error($db);
}
}
return '';
}
/**
* Return a HTML table that contains a list with customer invoice drafts
*
@ -418,137 +421,140 @@ function getCustomerInvoiceDraftTable($maxCount = 500, $socid = 0)
{
global $conf, $db, $langs, $user, $hookmanager;
$maxofloop = (empty($conf->global->MAIN_MAXLIST_OVERLOAD) ? 500 : $conf->global->MAIN_MAXLIST_OVERLOAD);
$result = '';
$tmpinvoice = new Facture($db);
$sql = "SELECT f.rowid, f.ref, f.datef as date, f.total_ht, f.total_tva, f.total_ttc, f.ref_client";
$sql .= ", f.type, f.fk_statut as status, f.paye";
$sql .= ", s.nom as name";
$sql .= ", s.rowid as socid, s.email";
$sql .= ", s.code_client, s.code_compta, s.code_fournisseur, s.code_compta_fournisseur";
$sql .= ", cc.rowid as country_id, cc.code as country_code";
if (empty($user->rights->societe->client->voir) && !$socid) {
$sql .= ", sc.fk_soc, sc.fk_user ";
}
$sql .= " FROM ".MAIN_DB_PREFIX."facture as f, ".MAIN_DB_PREFIX."societe as s LEFT JOIN ".MAIN_DB_PREFIX."c_country as cc ON cc.rowid = s.fk_pays";
if (empty($user->rights->societe->client->voir) && !$socid) {
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
}
$sql .= " WHERE s.rowid = f.fk_soc AND f.fk_statut = ".Facture::STATUS_DRAFT;
$sql .= " AND f.entity IN (".getEntity('invoice').")";
if (empty($user->rights->societe->client->voir) && !$socid) {
$sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id);
}
if (isModEnabled('facture') && !empty($user->rights->facture->lire)) {
$maxofloop = (empty($conf->global->MAIN_MAXLIST_OVERLOAD) ? 500 : $conf->global->MAIN_MAXLIST_OVERLOAD);
if ($socid) {
$sql .= " AND f.fk_soc = ".((int) $socid);
}
// Add where from hooks
$parameters = array();
$reshook = $hookmanager->executeHooks('printFieldListWhereCustomerDraft', $parameters);
$sql .= $hookmanager->resPrint;
$tmpinvoice = new Facture($db);
$sql .= " GROUP BY f.rowid, f.ref, f.datef, f.total_ht, f.total_tva, f.total_ttc, f.ref_client, f.type, f.fk_statut, f.paye,";
$sql .= " s.nom, s.rowid, s.email, s.code_client, s.code_compta, s.code_fournisseur, s.code_compta_fournisseur,";
$sql .= " cc.rowid, cc.code";
if (empty($user->rights->societe->client->voir) && !$socid) {
$sql .= ", sc.fk_soc, sc.fk_user";
}
$sql = "SELECT f.rowid, f.ref, f.datef as date, f.total_ht, f.total_tva, f.total_ttc, f.ref_client";
$sql .= ", f.type, f.fk_statut as status, f.paye";
$sql .= ", s.nom as name";
$sql .= ", s.rowid as socid, s.email";
$sql .= ", s.code_client, s.code_compta, s.code_fournisseur, s.code_compta_fournisseur";
$sql .= ", cc.rowid as country_id, cc.code as country_code";
if (empty($user->rights->societe->client->voir) && !$socid) {
$sql .= ", sc.fk_soc, sc.fk_user ";
}
$sql .= " FROM ".MAIN_DB_PREFIX."facture as f, ".MAIN_DB_PREFIX."societe as s LEFT JOIN ".MAIN_DB_PREFIX."c_country as cc ON cc.rowid = s.fk_pays";
if (empty($user->rights->societe->client->voir) && !$socid) {
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
}
$sql .= " WHERE s.rowid = f.fk_soc AND f.fk_statut = ".Facture::STATUS_DRAFT;
$sql .= " AND f.entity IN (".getEntity('invoice').")";
if (empty($user->rights->societe->client->voir) && !$socid) {
$sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id);
}
// Add Group from hooks
$parameters = array();
$reshook = $hookmanager->executeHooks('printFieldListGroupByCustomerDraft', $parameters);
$sql .= $hookmanager->resPrint;
if ($socid) {
$sql .= " AND f.fk_soc = ".((int) $socid);
}
// Add where from hooks
$parameters = array();
$reshook = $hookmanager->executeHooks('printFieldListWhereCustomerDraft', $parameters);
$sql .= $hookmanager->resPrint;
$resql = $db->query($sql);
$sql .= " GROUP BY f.rowid, f.ref, f.datef, f.total_ht, f.total_tva, f.total_ttc, f.ref_client, f.type, f.fk_statut, f.paye,";
$sql .= " s.nom, s.rowid, s.email, s.code_client, s.code_compta, s.code_fournisseur, s.code_compta_fournisseur,";
$sql .= " cc.rowid, cc.code";
if (empty($user->rights->societe->client->voir) && !$socid) {
$sql .= ", sc.fk_soc, sc.fk_user";
}
if ($resql) {
$num = $db->num_rows($resql);
$nbofloop = min($num, $maxofloop);
// Add Group from hooks
$parameters = array();
$reshook = $hookmanager->executeHooks('printFieldListGroupByCustomerDraft', $parameters);
$sql .= $hookmanager->resPrint;
$result .= '<div class="div-table-responsive-no-min">';
$result .= '<table class="noborder centpercent">';
$resql = $db->query($sql);
$result .= '<tr class="liste_titre">';
$result .= '<th colspan="3">';
$result .= $langs->trans("CustomersDraftInvoices").' ';
$result .= '<a href="'.DOL_URL_ROOT.'/compta/facture/list.php?search_status='.Facture::STATUS_DRAFT.'">';
$result .= '<span class="badge marginleftonlyshort">'.$num.'</span>';
$result .= '</a>';
$result .= '</th>';
$result .= '</tr>';
if ($resql) {
$num = $db->num_rows($resql);
$nbofloop = min($num, $maxofloop);
if ($num) {
$companystatic = new Societe($db);
$result .= '<div class="div-table-responsive-no-min">';
$result .= '<table class="noborder centpercent">';
$i = 0;
$othernb = 0;
$tot_ttc = 0;
while ($i < $nbofloop) {
$obj = $db->fetch_object($resql);
$result .= '<tr class="liste_titre">';
$result .= '<th colspan="3">';
$result .= $langs->trans("CustomersDraftInvoices").' ';
$result .= '<a href="'.DOL_URL_ROOT.'/compta/facture/list.php?search_status='.Facture::STATUS_DRAFT.'">';
$result .= '<span class="badge marginleftonlyshort">'.$num.'</span>';
$result .= '</a>';
$result .= '</th>';
$result .= '</tr>';
if ($i >= $maxCount) {
$othernb += 1;
$i++;
if ($num) {
$companystatic = new Societe($db);
$i = 0;
$othernb = 0;
$tot_ttc = 0;
while ($i < $nbofloop) {
$obj = $db->fetch_object($resql);
if ($i >= $maxCount) {
$othernb += 1;
$i++;
$tot_ttc += $obj->total_ttc;
continue;
}
$tmpinvoice->id = $obj->rowid;
$tmpinvoice->ref = $obj->ref;
$tmpinvoice->date = $db->jdate($obj->date);
$tmpinvoice->type = $obj->type;
$tmpinvoice->total_ht = $obj->total_ht;
$tmpinvoice->total_tva = $obj->total_tva;
$tmpinvoice->total_ttc = $obj->total_ttc;
$tmpinvoice->ref_client = $obj->ref_client;
$tmpinvoice->statut = $obj->status;
$tmpinvoice->paye = $obj->paye;
$companystatic->id = $obj->socid;
$companystatic->name = $obj->name;
$companystatic->email = $obj->email;
$companystatic->country_id = $obj->country_id;
$companystatic->country_code = $obj->country_code;
$companystatic->client = 1;
$companystatic->code_client = $obj->code_client;
$companystatic->code_fournisseur = $obj->code_fournisseur;
$companystatic->code_compta = $obj->code_compta;
$companystatic->code_compta_fournisseur = $obj->code_compta_fournisseur;
$result .= '<tr class="oddeven">';
$result .= '<td class="nowrap tdoverflowmax100">';
$result .= $tmpinvoice->getNomUrl(1, '');
$result .= '</td>';
$result .= '<td class="nowrap tdoverflowmax100">';
$result .= $companystatic->getNomUrl(1, 'customer');
$result .= '</td>';
$result .= '<td class="nowrap right"><span class="amount">'.price($obj->total_ttc).'</span></td>';
$result .= '</tr>';
$tot_ttc += $obj->total_ttc;
continue;
$i++;
}
$tmpinvoice->id = $obj->rowid;
$tmpinvoice->ref = $obj->ref;
$tmpinvoice->date = $db->jdate($obj->date);
$tmpinvoice->type = $obj->type;
$tmpinvoice->total_ht = $obj->total_ht;
$tmpinvoice->total_tva = $obj->total_tva;
$tmpinvoice->total_ttc = $obj->total_ttc;
$tmpinvoice->ref_client = $obj->ref_client;
$tmpinvoice->statut = $obj->status;
$tmpinvoice->paye = $obj->paye;
if ($othernb) {
$result .= '<tr class="oddeven">';
$result .= '<td class="nowrap" colspan="3">';
$result .= '<span class="opacitymedium">'.$langs->trans("More").'...'.($othernb < $maxofloop ? ' ('.$othernb.')' : '').'</span>';
$result .= '</td>';
$result .= "</tr>\n";
}
$companystatic->id = $obj->socid;
$companystatic->name = $obj->name;
$companystatic->email = $obj->email;
$companystatic->country_id = $obj->country_id;
$companystatic->country_code = $obj->country_code;
$companystatic->client = 1;
$companystatic->code_client = $obj->code_client;
$companystatic->code_fournisseur = $obj->code_fournisseur;
$companystatic->code_compta = $obj->code_compta;
$companystatic->code_compta_fournisseur = $obj->code_compta_fournisseur;
$result .= '<tr class="oddeven">';
$result .= '<td class="nowrap tdoverflowmax100">';
$result .= $tmpinvoice->getNomUrl(1, '');
$result .= '</td>';
$result .= '<td class="nowrap tdoverflowmax100">';
$result .= $companystatic->getNomUrl(1, 'customer');
$result .= '</td>';
$result .= '<td class="nowrap right"><span class="amount">'.price($obj->total_ttc).'</span></td>';
$result .= '<tr class="liste_total"><td class="left">'.$langs->trans("Total").'</td>';
$result .= '<td colspan="2" class="right">'.price($tot_ttc).'</td>';
$result .= '</tr>';
$tot_ttc += $obj->total_ttc;
$i++;
} else {
$result .= '<tr class="oddeven"><td colspan="3" class="opacitymedium">'.$langs->trans("NoInvoice").'</td></tr>';
}
if ($othernb) {
$result .= '<tr class="oddeven">';
$result .= '<td class="nowrap" colspan="3">';
$result .= '<span class="opacitymedium">'.$langs->trans("More").'...'.($othernb < $maxofloop ? ' ('.$othernb.')' : '').'</span>';
$result .= '</td>';
$result .= "</tr>\n";
}
$result .= '<tr class="liste_total"><td class="left">'.$langs->trans("Total").'</td>';
$result .= '<td colspan="2" class="right">'.price($tot_ttc).'</td>';
$result .= '</tr>';
$result .= "</table></div>";
$db->free($resql);
} else {
$result .= '<tr class="oddeven"><td colspan="3" class="opacitymedium">'.$langs->trans("NoInvoice").'</td></tr>';
dol_print_error($db);
}
$result .= "</table></div>";
$db->free($resql);
} else {
dol_print_error($db);
}
return $result;
@ -565,119 +571,122 @@ function getDraftSupplierTable($maxCount = 500, $socid = 0)
{
global $conf, $db, $langs, $user, $hookmanager;
$maxofloop = (empty($conf->global->MAIN_MAXLIST_OVERLOAD) ? 500 : $conf->global->MAIN_MAXLIST_OVERLOAD);
$result = '';
$facturesupplierstatic = new FactureFournisseur($db);
$sql = "SELECT f.ref, f.rowid, f.total_ht, f.total_tva, f.total_ttc, f.type, f.ref_supplier, f.fk_statut as status, f.paye";
$sql .= ", s.nom as name";
$sql .= ", s.rowid as socid, s.email";
$sql .= ", s.code_client, s.code_compta";
$sql .= ", s.code_fournisseur, s.code_compta_fournisseur";
$sql .= ", cc.rowid as country_id, cc.code as country_code";
$sql .= " FROM ".MAIN_DB_PREFIX."facture_fourn as f, ".MAIN_DB_PREFIX."societe as s LEFT JOIN ".MAIN_DB_PREFIX."c_country as cc ON cc.rowid = s.fk_pays";
if (empty($user->rights->societe->client->voir) && !$socid) {
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
}
$sql .= " WHERE s.rowid = f.fk_soc AND f.fk_statut = ".FactureFournisseur::STATUS_DRAFT;
$sql .= " AND f.entity IN (".getEntity('invoice').')';
if (empty($user->rights->societe->client->voir) && !$socid) {
$sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id);
}
if ($socid) {
$sql .= " AND f.fk_soc = ".((int) $socid);
}
// Add where from hooks
$parameters = array();
$reshook = $hookmanager->executeHooks('printFieldListWhereSupplierDraft', $parameters);
$sql .= $hookmanager->resPrint;
$resql = $db->query($sql);
if ((isModEnabled('fournisseur') || isModEnabled('supplier_invoice')) && !empty($user->rights->facture->lire)) {
$maxofloop = (empty($conf->global->MAIN_MAXLIST_OVERLOAD) ? 500 : $conf->global->MAIN_MAXLIST_OVERLOAD);
if ($resql) {
$num = $db->num_rows($resql);
$nbofloop = min($num, $maxofloop);
$facturesupplierstatic = new FactureFournisseur($db);
$result .= '<div class="div-table-responsive-no-min">';
$result .= '<table class="noborder centpercent">';
$sql = "SELECT f.ref, f.rowid, f.total_ht, f.total_tva, f.total_ttc, f.type, f.ref_supplier, f.fk_statut as status, f.paye";
$sql .= ", s.nom as name";
$sql .= ", s.rowid as socid, s.email";
$sql .= ", s.code_client, s.code_compta";
$sql .= ", s.code_fournisseur, s.code_compta_fournisseur";
$sql .= ", cc.rowid as country_id, cc.code as country_code";
$sql .= " FROM ".MAIN_DB_PREFIX."facture_fourn as f, ".MAIN_DB_PREFIX."societe as s LEFT JOIN ".MAIN_DB_PREFIX."c_country as cc ON cc.rowid = s.fk_pays";
if (empty($user->rights->societe->client->voir) && !$socid) {
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
}
$sql .= " WHERE s.rowid = f.fk_soc AND f.fk_statut = ".FactureFournisseur::STATUS_DRAFT;
$sql .= " AND f.entity IN (".getEntity('invoice').')';
if (empty($user->rights->societe->client->voir) && !$socid) {
$sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id);
}
if ($socid) {
$sql .= " AND f.fk_soc = ".((int) $socid);
}
// Add where from hooks
$parameters = array();
$reshook = $hookmanager->executeHooks('printFieldListWhereSupplierDraft', $parameters);
$sql .= $hookmanager->resPrint;
$resql = $db->query($sql);
$result .= '<tr class="liste_titre">';
$result .= '<th colspan="3">';
$result .= $langs->trans("SuppliersDraftInvoices").' ';
$result .= '<a href="'.DOL_URL_ROOT.'/fourn/facture/list.php?search_status='.FactureFournisseur::STATUS_DRAFT.'">';
$result .= '<span class="badge marginleftonlyshort">'.$num.'</span>';
$result .= '</a>';
$result .= '</th>';
$result .= '</tr>';
if ($resql) {
$num = $db->num_rows($resql);
$nbofloop = min($num, $maxofloop);
if ($num) {
$companystatic = new Societe($db);
$result .= '<div class="div-table-responsive-no-min">';
$result .= '<table class="noborder centpercent">';
$i = 0;
$othernb = 0;
$tot_ttc = 0;
while ($i < $nbofloop) {
$obj = $db->fetch_object($resql);
$result .= '<tr class="liste_titre">';
$result .= '<th colspan="3">';
$result .= $langs->trans("SuppliersDraftInvoices").' ';
$result .= '<a href="'.DOL_URL_ROOT.'/fourn/facture/list.php?search_status='.FactureFournisseur::STATUS_DRAFT.'">';
$result .= '<span class="badge marginleftonlyshort">'.$num.'</span>';
$result .= '</a>';
$result .= '</th>';
$result .= '</tr>';
if ($i >= $maxCount) {
$othernb += 1;
$i++;
if ($num) {
$companystatic = new Societe($db);
$i = 0;
$othernb = 0;
$tot_ttc = 0;
while ($i < $nbofloop) {
$obj = $db->fetch_object($resql);
if ($i >= $maxCount) {
$othernb += 1;
$i++;
$tot_ttc += $obj->total_ttc;
continue;
}
$facturesupplierstatic->ref = $obj->ref;
$facturesupplierstatic->id = $obj->rowid;
$facturesupplierstatic->total_ht = $obj->total_ht;
$facturesupplierstatic->total_tva = $obj->total_tva;
$facturesupplierstatic->total_ttc = $obj->total_ttc;
$facturesupplierstatic->ref_supplier = $obj->ref_supplier;
$facturesupplierstatic->type = $obj->type;
$facturesupplierstatic->statut = $obj->status;
$facturesupplierstatic->paye = $obj->paye;
$companystatic->id = $obj->socid;
$companystatic->name = $obj->name;
$companystatic->email = $obj->email;
$companystatic->country_id = $obj->country_id;
$companystatic->country_code = $obj->country_code;
$companystatic->fournisseur = 1;
$companystatic->code_client = $obj->code_client;
$companystatic->code_fournisseur = $obj->code_fournisseur;
$companystatic->code_compta = $obj->code_compta;
$companystatic->code_compta_fournisseur = $obj->code_compta_fournisseur;
$result .= '<tr class="oddeven">';
$result .= '<td class="nowrap tdoverflowmax100">';
$result .= $facturesupplierstatic->getNomUrl(1, '');
$result .= '</td>';
$result .= '<td class="nowrap tdoverflowmax100">';
$result .= $companystatic->getNomUrl(1, 'supplier');
$result .= '</td>';
$result .= '<td class="right"><span class="amount">'.price($obj->total_ttc).'</span></td>';
$result .= '</tr>';
$tot_ttc += $obj->total_ttc;
continue;
$i++;
}
$facturesupplierstatic->ref = $obj->ref;
$facturesupplierstatic->id = $obj->rowid;
$facturesupplierstatic->total_ht = $obj->total_ht;
$facturesupplierstatic->total_tva = $obj->total_tva;
$facturesupplierstatic->total_ttc = $obj->total_ttc;
$facturesupplierstatic->ref_supplier = $obj->ref_supplier;
$facturesupplierstatic->type = $obj->type;
$facturesupplierstatic->statut = $obj->status;
$facturesupplierstatic->paye = $obj->paye;
if ($othernb) {
$result .= '<tr class="oddeven">';
$result .= '<td class="nowrap" colspan="3">';
$result .= '<span class="opacitymedium">'.$langs->trans("More").'...'.($othernb < $maxofloop ? ' ('.$othernb.')' : '').'</span>';
$result .= '</td>';
$result .= "</tr>\n";
}
$companystatic->id = $obj->socid;
$companystatic->name = $obj->name;
$companystatic->email = $obj->email;
$companystatic->country_id = $obj->country_id;
$companystatic->country_code = $obj->country_code;
$companystatic->fournisseur = 1;
$companystatic->code_client = $obj->code_client;
$companystatic->code_fournisseur = $obj->code_fournisseur;
$companystatic->code_compta = $obj->code_compta;
$companystatic->code_compta_fournisseur = $obj->code_compta_fournisseur;
$result .= '<tr class="oddeven">';
$result .= '<td class="nowrap tdoverflowmax100">';
$result .= $facturesupplierstatic->getNomUrl(1, '');
$result .= '</td>';
$result .= '<td class="nowrap tdoverflowmax100">';
$result .= $companystatic->getNomUrl(1, 'supplier');
$result .= '</td>';
$result .= '<td class="right"><span class="amount">'.price($obj->total_ttc).'</span></td>';
$result .= '<tr class="liste_total"><td class="left">'.$langs->trans("Total").'</td>';
$result .= '<td colspan="2" class="right">'.price($tot_ttc).'</td>';
$result .= '</tr>';
$tot_ttc += $obj->total_ttc;
$i++;
} else {
$result .= '<tr class="oddeven"><td colspan="3" class="opacitymedium">'.$langs->trans("NoInvoice").'</td></tr>';
}
if ($othernb) {
$result .= '<tr class="oddeven">';
$result .= '<td class="nowrap" colspan="3">';
$result .= '<span class="opacitymedium">'.$langs->trans("More").'...'.($othernb < $maxofloop ? ' ('.$othernb.')' : '').'</span>';
$result .= '</td>';
$result .= "</tr>\n";
}
$result .= '<tr class="liste_total"><td class="left">'.$langs->trans("Total").'</td>';
$result .= '<td colspan="2" class="right">'.price($tot_ttc).'</td>';
$result .= '</tr>';
$result .= "</table></div>";
$db->free($resql);
} else {
$result .= '<tr class="oddeven"><td colspan="3" class="opacitymedium">'.$langs->trans("NoInvoice").'</td></tr>';
dol_print_error($db);
}
$result .= "</table></div>";
$db->free($resql);
} else {
dol_print_error($db);
}
return $result;

4
htdocs/core/lib/project.lib.php
View File

@ -2867,13 +2867,13 @@ function getTaskProgressView($task, $label = true, $progressNumber = true, $hide
// good
$out .= ' <div class="progress-bar '.$progressBarClass.'" style="width: '.floatval($task->progress).'%" title="'.floatval($task->progress).'%">';
if (!empty($task->progress)) {
$out .= ' <div class="progress-bar progress-bar-consumed" style="width: '.floatval($progressCalculated / $task->progress * 100).'%" title="'.floatval($progressCalculated).'%"></div>';
$out .= ' <div class="progress-bar progress-bar-consumed" style="width: '.floatval($progressCalculated / (floatval($task->progress) === 0 ? 1 : $task->progress) * 100).'%" title="'.floatval($progressCalculated).'%"></div>';
}
$out .= ' </div>';
} else {
// bad
$out .= ' <div class="progress-bar progress-bar-consumed-late" style="width: '.floatval($progressCalculated).'%" title="'.floatval($progressCalculated).'%">';
$out .= ' <div class="progress-bar '.$progressBarClass.'" style="width: '.($task->progress ? floatval($task->progress / $progressCalculated * 100).'%' : '1px').'" title="'.floatval($task->progress).'%"></div>';
$out .= ' <div class="progress-bar '.$progressBarClass.'" style="width: '.($task->progress ? floatval($task->progress / (floatval($progressCalculated) === 0 ? 1 : $progressCalculated) * 100).'%' : '1px').'" title="'.floatval($task->progress).'%"></div>';
$out .= ' </div>';
}
$out .= ' </div>';

10
htdocs/core/lib/salaries.lib.php
View File

@ -3,6 +3,7 @@
* Copyright (C) 2015 Charlie BENKE <charlie@patas-monkey.com>
* Copyright (C) 2019 Alexandre Spangaro <aspangaro@open-dsi.fr>
* Copyright (C) 2021 Gauthier VERDOL <gauthier.verdol@atm-consulting.fr>
* Copyright (C) 2023 Frédéric France <frederic.france@netlogic.fr>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -76,7 +77,10 @@ function salaries_prepare_head($object)
*/
function salaries_admin_prepare_head()
{
global $langs, $conf, $user;
global $conf, $db, $langs, $user;
$extrafields = new ExtraFields($db);
$extrafields->fetch_name_optionals_label('salary');
$h = 0;
$head = array();
@ -94,6 +98,10 @@ function salaries_admin_prepare_head()
$head[$h][0] = DOL_URL_ROOT.'/salaries/admin/salaries_extrafields.php';
$head[$h][1] = $langs->trans("ExtraFieldsSalaries");
$nbExtrafields = $extrafields->attributes['salary']['count'];
if ($nbExtrafields > 0) {
$head[$h][1] .= '<span class="badge marginleftonlyshort">'.$nbExtrafields.'</span>';
}
$head[$h][2] = 'attributes';
$h++;

18
htdocs/core/lib/security.lib.php
View File

@ -635,7 +635,13 @@ function restrictedArea(User $user, $features, $object = 0, $tableandshare = '',
$nbko = 0;
if ((GETPOST("action", "aZ09") == 'confirm_delete' && GETPOST("confirm", "aZ09") == 'yes') || GETPOST("action", "aZ09") == 'delete') {
foreach ($featuresarray as $feature) {
if ($feature == 'contact') {
if ($feature == 'bookmark') {
if (!$user->rights->bookmark->supprimer) {
if ($user->id != $object->fk_user || empty($user->rights->bookmark->creer)) {
$deleteok = 0;
}
}
} elseif ($feature == 'contact') {
if (!$user->rights->societe->contact->supprimer) {
$deleteok = 0;
}
@ -805,6 +811,7 @@ function checkUserAccessToObject($user, array $featuresarray, $object = 0, $tabl
$checkproject = array('projet', 'project'); // Test for project object
$checktask = array('projet_task'); // Test for task object
$checkhierarchy = array('expensereport', 'holiday'); // check permission among the hierarchy of user
$checkuser = array('bookmark'); // check permission among the fk_user (must be myself or null)
$nocheck = array('barcode', 'stock'); // No test
//$checkdefault = 'all other not already defined'; // Test on entity + link to third party on field $dbt_keyfield. Not allowed if link is empty (Ex: invoice, orders...).
@ -1027,6 +1034,15 @@ function checkUserAccessToObject($user, array $featuresarray, $object = 0, $tabl
}
}
// For some object, we also have to check it is public or owned by user
// Param $object must be the full object and not a simple id to have this test possible.
if (in_array($feature, $checkuser) && is_object($object) && $objectid > 0) {
$useridtocheck = $object->fk_user;
if (!empty($useridtocheck) && $useridtocheck > 0 && $useridtocheck != $user->id && empty($user->admin)) {
return false;
}
}
if ($sql) {
$resql = $db->query($sql);
if ($resql) {

2
htdocs/core/lib/sendings.lib.php
View File

@ -50,7 +50,7 @@ function shipping_prepare_head($object)
if ($conf->delivery_note->enabled && $user->rights->expedition->delivery->lire) {
// delivery link
$object->fetchObjectLinked($object->id, $object->element);
if (is_array($object->linkedObjectsIds['delivery']) && count($object->linkedObjectsIds['delivery']) > 0) { // If there is a delivery
if (isset($object->linkedObjectsIds['delivery']) && is_array($object->linkedObjectsIds['delivery']) && count($object->linkedObjectsIds['delivery']) > 0) { // If there is a delivery
// Take first one element of array
$tmp = reset($object->linkedObjectsIds['delivery']);

20
htdocs/core/modules/facture/doc/doc_generic_invoice_odt.modules.php
View File

@ -336,15 +336,19 @@ class doc_generic_invoice_odt extends ModelePDFFactures
$object->fetchObjectLinked('', '', '', '');
//print_r($object->linkedObjects['propal']); exit;
$propal_object = $object->linkedObjects['propal'][0];
if (isset($object->linkedObjects['propal'][0])) {
$propal_object = $object->linkedObjects['propal'][0];
} else {
$propal_object = null;
}
// Make substitution
$substitutionarray = array(
'__FROM_NAME__' => $this->emetteur->name,
'__FROM_EMAIL__' => $this->emetteur->email,
'__TOTAL_TTC__' => $object->total_ttc,
'__TOTAL_HT__' => $object->total_ht,
'__TOTAL_VAT__' => $object->total_tva
'__FROM_NAME__' => $this->emetteur->name,
'__FROM_EMAIL__' => $this->emetteur->email,
'__TOTAL_TTC__' => $object->total_ttc,
'__TOTAL_HT__' => $object->total_ht,
'__TOTAL_VAT__' => $object->total_tva
);
complete_substitutions_array($substitutionarray, $langs, $object);
// Call the ODTSubstitution hook
@ -435,8 +439,8 @@ class doc_generic_invoice_odt extends ModelePDFFactures
} else {
$odfHandler->setVars($key, 'ErrorFileNotFound', true, 'UTF-8');
}
} else // Text
{
} else {
// Text
$odfHandler->setVars($key, $value, true, 'UTF-8');
}
} catch (OdfException $e) {

7
htdocs/core/modules/modCommande.class.php
View File

@ -204,7 +204,7 @@ class modCommande extends DolibarrModules
'co.code'=>"CountryCode", 's.phone'=>'Phone', 's.siren'=>'ProfId1', 's.siret'=>'ProfId2', 's.ape'=>'ProfId3', 's.idprof4'=>'ProfId4', 'c.rowid'=>"Id",
'c.ref'=>"Ref", 'c.ref_client'=>"RefCustomer", 'c.fk_soc'=>"IdCompany", 'c.date_creation'=>"DateCreation", 'c.date_commande'=>"OrderDate",
'c.date_livraison'=>"DateDeliveryPlanned", 'c.amount_ht'=>"Amount", 'c.total_ht'=>"TotalHT",
'c.total_ttc'=>"TotalTTC", 'c.facture'=>"Billed", 'c.fk_statut'=>'Status', 'c.note_public'=>"Note",
'c.total_ttc'=>"TotalTTC", 'c.facture'=>"Billed", 'c.fk_statut'=>'Status', 'c.note_public'=>"Note", 'sm.code'=>'SendingMethod',
'c.fk_user_author'=>'CreatedById', 'uc.login'=>'CreatedByLogin', 'c.fk_user_valid'=>'ValidatedById', 'uv.login'=>'ValidatedByLogin',
'pj.ref'=>'ProjectRef', 'cd.rowid'=>'LineId', 'cd.description'=>"LineDescription", 'cd.product_type'=>'TypeOfLineServiceOrProduct',
'cd.tva_tx'=>"LineVATRate", 'cd.qty'=>"LineQty", 'cd.total_ht'=>"LineTotalHT", 'cd.total_tva'=>"LineTotalVAT", 'cd.total_ttc'=>"LineTotalTTC",
@ -235,7 +235,7 @@ class modCommande extends DolibarrModules
$this->export_TypeFields_array[$r] = array(
's.nom'=>'Text', 'ps.nom'=>'Text', 's.address'=>'Text', 's.zip'=>'Text', 's.town'=>'Text', 'co.label'=>'List:c_country:label:label', 'co.code'=>'Text', 's.phone'=>'Text',
's.siren'=>'Text', 's.siret'=>'Text', 's.ape'=>'Text', 's.idprof4'=>'Text', 'c.ref'=>"Text", 'c.ref_client'=>"Text", 'c.date_creation'=>"Date",
'c.date_commande'=>"Date", 'c.date_livraison'=>"Date", 'c.amount_ht'=>"Numeric", 'c.total_ht'=>"Numeric",
'c.date_commande'=>"Date", 'c.date_livraison'=>"Date", 'sm.code'=>"Text", 'c.amount_ht'=>"Numeric", 'c.total_ht'=>"Numeric",
'c.total_ttc'=>"Numeric", 'c.facture'=>"Boolean", 'c.fk_statut'=>'Status', 'c.note_public'=>"Text", 'pj.ref'=>'Text',
'cd.description'=>"Text", 'cd.product_type'=>'Boolean', 'cd.tva_tx'=>"Numeric", 'cd.qty'=>"Numeric", 'cd.total_ht'=>"Numeric", 'cd.total_tva'=>"Numeric",
'cd.total_ttc'=>"Numeric", 'p.rowid'=>'List:product:ref::product', 'p.ref'=>'Text', 'p.label'=>'Text', 'd.nom'=>'Text',
@ -246,7 +246,7 @@ class modCommande extends DolibarrModules
'co.code'=>'company', 's.phone'=>'company', 's.siren'=>'company', 's.ape'=>'company', 's.idprof4'=>'company', 's.siret'=>'company', 'c.rowid'=>"order",
'c.ref'=>"order", 'c.ref_client'=>"order", 'c.fk_soc'=>"order", 'c.date_creation'=>"order", 'c.date_commande'=>"order", 'c.amount_ht'=>"order",
'c.total_ht'=>"order", 'c.total_ttc'=>"order", 'c.facture'=>"order", 'c.fk_statut'=>"order", 'c.note'=>"order",
'c.date_livraison'=>"order", 'pj.ref'=>'project', 'cd.rowid'=>'order_line', 'cd.description'=>"order_line",
'c.date_livraison'=>"order", 'sm.code'=>"order", 'pj.ref'=>'project', 'cd.rowid'=>'order_line', 'cd.description'=>"order_line",
'cd.product_type'=>'order_line', 'cd.tva_tx'=>"order_line", 'cd.qty'=>"order_line", 'cd.total_ht'=>"order_line", 'cd.total_tva'=>"order_line",
'cd.total_ttc'=>"order_line", 'p.rowid'=>'product', 'p.ref'=>'product', 'p.label'=>'product'
);
@ -277,6 +277,7 @@ class modCommande extends DolibarrModules
$this->export_sql_end[$r] .= ' LEFT JOIN '.MAIN_DB_PREFIX.'c_departements as d ON s.fk_departement = d.rowid';
$this->export_sql_end[$r] .= ' LEFT JOIN '.MAIN_DB_PREFIX.'c_country as co ON s.fk_pays = co.rowid,';
$this->export_sql_end[$r] .= ' '.MAIN_DB_PREFIX.'commande as c';
$this->export_sql_end[$r] .= ' LEFT JOIN '.MAIN_DB_PREFIX.'c_shipment_mode as sm ON c.fk_shipping_method = sm.rowid';
$this->export_sql_end[$r] .= ' LEFT JOIN '.MAIN_DB_PREFIX.'projet as pj ON c.fk_projet = pj.rowid';
$this->export_sql_end[$r] .= ' LEFT JOIN '.MAIN_DB_PREFIX.'user as uc ON c.fk_user_author = uc.rowid';
$this->export_sql_end[$r] .= ' LEFT JOIN '.MAIN_DB_PREFIX.'user as uv ON c.fk_user_valid = uv.rowid';

18
htdocs/core/tpl/commonfields_add.tpl.php
View File

@ -69,8 +69,22 @@ foreach ($object->fields as $key => $val) {
$value = GETPOST($key, 'int');
} elseif ($val['type'] == 'double') {
$value = price2num(GETPOST($key, 'alphanohtml'));
} elseif ($val['type'] == 'text' || $val['type'] == 'html') {
$value = GETPOST($key, 'restricthtml');
} elseif (preg_match('/^text/', $val['type'])) {
$tmparray = explode(':', $val['type']);
if (!empty($tmparray[1])) {
$check = $tmparray[1];
} else {
$check = 'nohtml';
}
$value = GETPOST($key, $check);
} elseif (preg_match('/^html/', $val['type'])) {
$tmparray = explode(':', $val['type']);
if (!empty($tmparray[1])) {
$check = $tmparray[1];
} else {
$check = 'restricthtml';
}
$value = GETPOST($key, $check);
} elseif ($val['type'] == 'date') {
$value = dol_mktime(12, 0, 0, GETPOST($key.'month', 'int'), GETPOST($key.'day', 'int'), GETPOST($key.'year', 'int'));
} elseif ($val['type'] == 'datetime') {

10
htdocs/core/tpl/commonfields_edit.tpl.php
View File

@ -72,7 +72,15 @@ foreach ($object->fields as $key => $val) {
$value = GETPOSTISSET($key) ?GETPOST($key, 'int') : $object->$key;
} elseif ($val['type'] == 'double') {
$value = GETPOSTISSET($key) ? price2num(GETPOST($key, 'alphanohtml')) : $object->$key;
} elseif (preg_match('/^(text|html)/', $val['type'])) {
} elseif (preg_match('/^text/', $val['type'])) {
$tmparray = explode(':', $val['type']);
if (!empty($tmparray[1])) {
$check = $tmparray[1];
} else {
$check = 'nohtml';
}
$value = GETPOSTISSET($key) ? GETPOST($key, $check) : $object->$key;
} elseif (preg_match('/^html/', $val['type'])) {
$tmparray = explode(':', $val['type']);
if (!empty($tmparray[1])) {
$check = $tmparray[1];

6
htdocs/core/tpl/extrafields_edit.tpl.php
View File

@ -43,7 +43,11 @@ $reshook = $hookmanager->executeHooks('formObjectOptions', $parameters, $object,
print $hookmanager->resPrint;
if (empty($reshook)) {
$params = array();
$params['cols'] = isset($parameters['colspanvalue']) ? $parameters['colspanvalue'] : null;
if (isset($tpl_context)) {
$params['tpl_context'] = $tpl_context;
}
$params['cols'] = key_exists('colspanvalue', $parameters) ? $parameters['colspanvalue'] : null;
print $object->showOptionals($extrafields, 'edit', $params);
}

3
htdocs/core/tpl/extrafields_view.tpl.php
View File

@ -65,6 +65,8 @@ if (empty($reshook) && isset($extrafields->attributes[$object->table_element]['l
$extrafields_collapse_num = '';
$extrafields_collapse_num_old = '';
$i = 0;
// Loop on each extrafield
foreach ($extrafields->attributes[$object->table_element]['label'] as $tmpkeyextra => $tmplabelextra) {
$i++;
@ -114,6 +116,7 @@ if (empty($reshook) && isset($extrafields->attributes[$object->table_element]['l
$lastseparatorkeyfound = $tmpkeyextra;
} else {
$collapse_group = $extrafields_collapse_num.(!empty($object->id) ? '_'.$object->id : '');
print '<tr class="trextrafields_collapse'.$collapse_group;
/*if ($extrafields_collapse_num && $extrafields_collapse_num_old && $extrafields_collapse_num != $extrafields_collapse_num_old) {
print ' trextrafields_collapse_new';

8
htdocs/core/tpl/objectline_edit.tpl.php
View File

@ -70,7 +70,7 @@ if (!empty($inputalsopricewithtax)) {
if (in_array($object->element, array('propal', 'supplier_proposal', 'facture', 'facturerec', 'invoice', 'commande', 'order', 'order_supplier', 'invoice_supplier', 'invoice_supplier_rec'))) {
$colspan++; // With this, there is a column move button
}
if (isModEnabled("multicurrency") && $this->multicurrency_code != $conf->currency) {
if (isModEnabled("multicurrency") && $object->multicurrency_code != $conf->currency) {
$colspan += 2;
}
if (isModEnabled('asset') && $object->element == 'invoice_supplier') {
@ -218,7 +218,7 @@ $coldisplay++;
}
print '></td>';
if (isModEnabled("multicurrency") && $this->multicurrency_code != $conf->currency) {
if (isModEnabled("multicurrency") && $object->multicurrency_code != $conf->currency) {
$coldisplay++;
print '<td class="right"><input rel="'.$object->multicurrency_tx.'" type="text" class="flat right" size="5" id="multicurrency_subprice" name="multicurrency_subprice" value="'.(GETPOSTISSET('multicurrency_subprice') ? GETPOST('multicurrency_subprice', 'alpha') : price($line->multicurrency_subprice)).'" /></td>';
}
@ -286,7 +286,7 @@ $coldisplay++;
<?php
// Progession for situation invoices
if ($this->situation_cycle_ref) {
if ($object->situation_cycle_ref) {
$coldisplay++;
print '<td class="nowrap right linecolcycleref"><input class="right" type="text" size="1" value="'.(GETPOSTISSET('progress') ? GETPOST('progress') : $line->situation_percent).'" name="progress">%</td>';
$coldisplay++;
@ -490,7 +490,7 @@ jQuery(document).ready(function()
}
});
<?php if (in_array($this->table_element_line, array('propaldet', 'commandedet', 'facturedet'))) { ?>
<?php if (in_array($object->table_element_line, array('propaldet', 'commandedet', 'facturedet'))) { ?>
$("#date_start, #date_end").focusout(function() {
if ( $(this).val() == '' && !$(this).hasClass('inputmandatory') ) {
$(this).addClass('inputmandatory');

26
htdocs/cron/card.php
View File

@ -2,7 +2,7 @@
/* Copyright (C) 2012 Nicolas Villa aka Boyquotes http://informetic.fr
* Copyright (C) 2013 Florian Henry <florian.henry@open-concpt.pro>
* Copyright (C) 2013-2016 Laurent Destailleur <eldy@users.sourceforge.net>
* Copyright (C) 2018-2021 Frédéric France <frederic.france@netlogic.fr>
* Copyright (C) 2018-2023 Frédéric France <frederic.france@netlogic.fr>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -46,12 +46,14 @@ $backtopageforcancel = GETPOST('backtopageforcancel', 'alpha');
$securitykey = GETPOST('securitykey', 'alpha');
$permissiontoadd = $user->rights->cron->create;
if (!$user->rights->cron->create) {
if (!$user->hasRight('cron', 'create')) {
accessforbidden();
}
$permissiontoadd = $user->hasRight('cron', 'create');
$permissiontoexecute = $user->hasRight('cron', 'execute');
$permissiontodelete = $user->hasRight('cron', 'delete');
/*
* Actions
@ -80,7 +82,7 @@ if (!empty($cancel)) {
}
// Delete jobs
if ($action == 'confirm_delete' && $confirm == "yes" && $user->rights->cron->delete) {
if ($action == 'confirm_delete' && $confirm == "yes" && $permissiontodelete) {
$result = $object->delete($user);
if ($result < 0) {
@ -93,7 +95,7 @@ if ($action == 'confirm_delete' && $confirm == "yes" && $user->rights->cron->del
}
// Execute jobs
if ($action == 'confirm_execute' && $confirm == "yes" && $user->rights->cron->execute) {
if ($action == 'confirm_execute' && $confirm == "yes" && $permissiontoexecute) {
if (!empty($conf->global->CRON_KEY) && $conf->global->CRON_KEY != $securitykey) {
setEventMessages('Security key '.$securitykey.' is wrong', null, 'errors');
$action = '';
@ -123,7 +125,7 @@ if ($action == 'confirm_execute' && $confirm == "yes" && $user->rights->cron->ex
}
if ($action == 'add') {
if ($action == 'add' && $permissiontoadd) {
$object->jobtype = GETPOST('jobtype');
$object->label = GETPOST('label');
$object->command = GETPOST('command');
@ -157,7 +159,7 @@ if ($action == 'add') {
}
// Save parameters
if ($action == 'update') {
if ($action == 'update' && $permissiontoadd) {
$object->id = $id;
$object->jobtype = GETPOST('jobtype');
$object->label = GETPOST('label');
@ -191,7 +193,7 @@ if ($action == 'update') {
}
}
if ($action == 'activate') {
if ($action == 'activate' && $permissiontoadd) {
$object->status = 1;
// Add cron task
@ -207,7 +209,7 @@ if ($action == 'activate') {
}
}
if ($action == 'inactive') {
if ($action == 'inactive' && $permissiontoadd) {
$object->status = 0;
$object->processing = 0;
@ -225,7 +227,7 @@ if ($action == 'inactive') {
}
// Action clone object
if ($action == 'confirm_clone' && $confirm == 'yes' && !empty($permissiontoadd)) {
if ($action == 'confirm_clone' && $confirm == 'yes' && $permissiontoadd) {
if (1 == 0 && !GETPOST('clone_content') && !GETPOST('clone_receivers')) {
setEventMessages($langs->trans("NoCloneOptionsSpecified"), null, 'errors');
} else {
@ -799,7 +801,7 @@ if (($action == "create") || ($action == "edit")) {
} elseif (empty($object->status)) {
print '<a class="butActionRefused classfortooltip" href="#" title="'.dol_escape_htmltag($langs->transnoentitiesnoconv("JobDisabled")).'">'.$langs->trans("CronExecute").'</a>';
} else {
print '<a class="butAction" href="'.$_SERVER['PHP_SELF'].'?action=execute&token='.newToken().'&id='.$object->id.(empty($conf->global->CRON_KEY) ? '' : '&securitykey='.$conf->global->CRON_KEY).'">'.$langs->trans("CronExecute").'</a>';
print '<a class="butAction" href="'.$_SERVER['PHP_SELF'].'?action=execute&token='.newToken().'&id='.$object->id.(empty($conf->global->CRON_KEY) ? '' : '&securitykey='.urlencode($conf->global->CRON_KEY)).'">'.$langs->trans("CronExecute").'</a>';
}
if (!$user->rights->cron->create) {

6
htdocs/delivery/card.php
View File

@ -283,7 +283,7 @@ if ($action == 'create') {
print '<form action="'.$_SERVER["PHP_SELF"].'" method="post">';
print '<input type="hidden" name="token" value="'.newToken().'">';
print '<input type="hidden" name="action" value="update_extras_line">';
print '<input type="hidden" name="origin" value="'.$origin.'">';
print '<input type="hidden" name="origin" value="'.$object->origin.'">';
print '<input type="hidden" name="id" value="'.$object->id.'">';
print '<input type="hidden" name="ref" value="'.$object->ref.'">';
@ -568,7 +568,7 @@ if ($action == 'create') {
$description = (getDolGlobalInt('PRODUIT_DESC_IN_FORM_ACCORDING_TO_DEVICE') ? '' : dol_htmlentitiesbr($object->lines[$i]->description));
//print $description;
print $form->textwithtooltip($text, $description, 3, '', '', $i);
print_date_range($object->lines[$i]->date_start, $object->lines[$i]->date_end);
//print_date_range($object->lines[$i]->date_start, $object->lines[$i]->date_end);
if (getDolGlobalInt('PRODUIT_DESC_IN_FORM_ACCORDING_TO_DEVICE')) {
print (!empty($object->lines[$i]->description) && $object->lines[$i]->description != $object->lines[$i]->product_label) ? '<br>'.dol_htmlentitiesbr($object->lines[$i]->description) : '';
}
@ -587,7 +587,7 @@ if ($action == 'create') {
print $text.' '.nl2br($object->lines[$i]->description);
}
print_date_range($objp->date_start, $objp->date_end);
//print_date_range($objp->date_start, $objp->date_end);
print "</td>\n";
}

4
htdocs/delivery/class/delivery.class.php
View File

@ -3,7 +3,7 @@
* Copyright (C) 2005-2014 Regis Houssin <regis.houssin@inodbox.com>
* Copyright (C) 2006-2007 Laurent Destailleur <eldy@users.sourceforge.net>
* Copyright (C) 2007 Franky Van Liedekerke <franky.van.liedekerke@telenet.be>
* Copyright (C) 2011-2018 Philippe Grand <philippe.grand@atoo-net.com>
* Copyright (C) 2011-2023 Philippe Grand <philippe.grand@atoo-net.com>
* Copyright (C) 2013 Florian Henry <florian.henry@open-concept.pro>
* Copyright (C) 2014-2015 Marcos García <marcosgdf@gmail.com>
*
@ -819,7 +819,7 @@ class Delivery extends CommonObject
$line->product_type = $obj->fk_product_type;
$line->fk_origin_line = $obj->fk_origin_line;
$line->price = $obj->price;
$line->price = $obj->subprice;
$line->total_ht = $obj->total_ht;
// units

30
htdocs/don/list.php
View File

@ -219,6 +219,12 @@ if ($resql) {
// Filters lines
print '<tr class="liste_titre_filter">';
if (getDolGlobalString('MAIN_CHECKBOX_LEFT_COLUMN')) {
print '<td class="liste_titre maxwidthsearch">';
$searchpicto = $form->showFilterAndCheckAddButtons(0);
print $searchpicto;
print '</td>';
}
print '<td class="liste_titre">';
print '<input class="flat" size="10" type="text" name="search_ref" value="'.$search_ref.'">';
print '</td>';
@ -252,13 +258,18 @@ if ($resql) {
);
print $form->selectarray('search_status', $liststatus, $search_status, -4, 0, 0, '', 0, 0, 0, '', 'search_status maxwidth100 onrightofpage');
print '</td>';
print '<td class="liste_titre maxwidthsearch">';
$searchpicto = $form->showFilterAndCheckAddButtons(0);
print $searchpicto;
print '</td>';
if (!getDolGlobalString('MAIN_CHECKBOX_LEFT_COLUMN')) {
print '<td class="liste_titre maxwidthsearch">';
$searchpicto = $form->showFilterAndCheckAddButtons(0);
print $searchpicto;
print '</td>';
}
print "</tr>\n";
print '<tr class="liste_titre">';
if (getDolGlobalString('MAIN_CHECKBOX_LEFT_COLUMN')) {
print_liste_field_titre('');
}
print_liste_field_titre("Ref", $_SERVER["PHP_SELF"], "d.rowid", "", $param, "", $sortfield, $sortorder);
if (!empty($conf->global->DONATION_USE_THIRDPARTIES)) {
print_liste_field_titre("ThirdParty", $_SERVER["PHP_SELF"], "d.fk_soc", "", $param, "", $sortfield, $sortorder);
@ -273,7 +284,9 @@ if ($resql) {
}
print_liste_field_titre("Amount", $_SERVER["PHP_SELF"], "d.amount", "", $param, '', $sortfield, $sortorder, 'right ');
print_liste_field_titre("Status", $_SERVER["PHP_SELF"], "d.fk_statut", "", $param, '', $sortfield, $sortorder, 'right ');
print_liste_field_titre('');
if (!getDolGlobalString('MAIN_CHECKBOX_LEFT_COLUMN')) {
print_liste_field_titre('');
}
print "</tr>\n";
while ($i < min($num, $limit)) {
@ -307,6 +320,9 @@ if ($resql) {
}
} else {
print '<tr class="oddeven">';
if (getDolGlobalString('MAIN_CHECKBOX_LEFT_COLUMN')) {
print '<td></td>';
}
$donationstatic->id = $objp->rowid;
$donationstatic->ref = $objp->rowid;
$donationstatic->lastname = $objp->lastname;
@ -339,7 +355,9 @@ if ($resql) {
}
print '<td class="right"><span class="amount">'.price($objp->amount).'</span></td>';
print '<td class="right">'.$donationstatic->LibStatut($objp->status, 5).'</td>';
print '<td></td>';
if (!getDolGlobalString('MAIN_CHECKBOX_LEFT_COLUMN')) {
print '<td></td>';
}
print "</tr>";
}
$i++;

2
htdocs/emailcollector/class/emailcollector.class.php
View File

@ -139,8 +139,6 @@ class EmailCollector extends CommonObject
'password' => array('type'=>'password', 'label'=>'Password', 'visible'=>-1, 'enabled'=>"1", 'position'=>103, 'notnull'=>-1, 'comment'=>"IMAP password", 'help'=>'WithGMailYouCanCreateADedicatedPassword'),
'oauth_service' => array('type'=>'varchar(128)', 'label'=>'oauthService', 'visible'=>-1, 'enabled'=>"getDolGlobalInt('MAIN_IMAP_USE_PHPIMAP')", 'position'=>104, 'notnull'=>0, 'index'=>1, 'comment'=>"IMAP login oauthService", 'arrayofkeyval'=>array(), 'help'=>'TokenMustHaveBeenCreated'),
'source_directory' => array('type'=>'varchar(255)', 'label'=>'MailboxSourceDirectory', 'visible'=>-1, 'enabled'=>1, 'position'=>104, 'notnull'=>1, 'default' => 'Inbox', 'help'=>'Example: INBOX'),
//'filter' => array('type'=>'text', 'label'=>'Filter', 'visible'=>1, 'enabled'=>1, 'position'=>105),
//'actiontodo' => array('type'=>'varchar(255)', 'label'=>'ActionToDo', 'visible'=>1, 'enabled'=>1, 'position'=>106),
'target_directory' => array('type'=>'varchar(255)', 'label'=>'MailboxTargetDirectory', 'visible'=>1, 'enabled'=>1, 'position'=>110, 'notnull'=>0, 'help'=>"EmailCollectorTargetDir"),
'maxemailpercollect' => array('type'=>'integer', 'label'=>'MaxEmailCollectPerCollect', 'visible'=>-1, 'enabled'=>1, 'position'=>111, 'default'=>100),
'datelastresult' => array('type'=>'datetime', 'label'=>'DateLastCollectResult', 'visible'=>1, 'enabled'=>'$action != "create" && $action != "edit"', 'position'=>121, 'notnull'=>-1, 'csslist'=>'nowraponall'),

2
htdocs/eventorganization/class/conferenceorbooth.class.php
View File

@ -108,7 +108,7 @@ class ConferenceOrBooth extends ActionComm
'label' => array('type'=>'varchar(255)', 'label'=>'Label', 'enabled'=>'1', 'position'=>30, 'notnull'=>1, 'visible'=>1, 'searchall'=>1, 'css'=>'minwidth300', 'csslist'=>'tdoverflowmax125', 'help'=>"OrganizationEvenLabelName", 'showoncombobox'=>'1', 'autofocusoncreate'=>1),
'fk_project' => array('type'=>'integer:Project:projet/class/project.class.php:1:t.usage_organize_event=1', 'label'=>'Project', 'enabled'=>"isModEnabled('project')", 'position'=>52, 'notnull'=>-1, 'visible'=>1, 'index'=>1, 'picto'=>'project', 'css'=>'tdoverflowmax150 maxwidth500', 'csslist'=>'width100'),
'fk_soc' => array('type'=>'integer:Societe:societe/class/societe.class.php:1:status=1 AND entity IN (__SHARED_ENTITIES__)', 'label'=>'ThirdParty', 'enabled'=>'$conf->societe->enabled', 'position'=>50, 'notnull'=>-1, 'visible'=>1, 'index'=>1, 'help'=>"OrganizationEventLinkToThirdParty", 'picto'=>'company', 'csslist'=>'tdoverflowmax125', 'css'=>'maxwidth500'),
'note' => array('type'=>'text', 'label'=>'Description', 'enabled'=>'1', 'position'=>60, 'notnull'=>0, 'visible'=>3),
'note' => array('type'=>'html', 'label'=>'Description', 'enabled'=>'1', 'position'=>60, 'notnull'=>0, 'visible'=>3),
'fk_action' => array('type'=>'sellist:c_actioncomm:libelle:id::module LIKE (\'%@eventorganization\')', 'label'=>'Format', 'enabled'=>'1', 'position'=>60, 'notnull'=>1, 'visible'=>1, 'css'=>'width100', 'csslist'=>'tdoverflowmax100'),
'datep' => array('type'=>'datetime', 'label'=>'DateStart', 'enabled'=>'1', 'position'=>70, 'notnull'=>0, 'visible'=>1, 'showoncombobox'=>'2',),
'datep2' => array('type'=>'datetime', 'label'=>'DateEnd', 'enabled'=>'1', 'position'=>71, 'notnull'=>0, 'visible'=>1, 'showoncombobox'=>'3',),

2
htdocs/expedition/card.php
View File

@ -337,7 +337,7 @@ if (empty($reshook)) {
// Extrafields
$array_options[$i] = $extrafields->getOptionalsFromPost($object->table_element_line, $i);
// Unset extrafield
if (is_array($extrafields->attributes[$object->table_element_line]['label'])) {
if (isset($extrafields->attributes[$object->table_element_line]['label']) && is_array($extrafields->attributes[$object->table_element_line]['label'])) {
// Get extra fields
foreach ($extrafields->attributes[$object->table_element_line]['label'] as $key => $value) {
unset($_POST["options_".$key]);

4
htdocs/expensereport/class/expensereport.class.php
View File

@ -191,8 +191,8 @@ class ExpenseReport extends CommonObject
'fk_user_cancel' =>array('type'=>'integer', 'label'=>'Fk user cancel', 'enabled'=>1, 'visible'=>-1, 'position'=>130),
'fk_c_paiement' =>array('type'=>'integer', 'label'=>'Fk c paiement', 'enabled'=>1, 'visible'=>-1, 'position'=>140),
'paid' =>array('type'=>'integer', 'label'=>'Paid', 'enabled'=>1, 'visible'=>-1, 'notnull'=>1, 'position'=>145),
'note_public' =>array('type'=>'text', 'label'=>'Note public', 'enabled'=>1, 'visible'=>0, 'position'=>150),
'note_private' =>array('type'=>'text', 'label'=>'Note private', 'enabled'=>1, 'visible'=>0, 'position'=>155),
'note_public' =>array('type'=>'html', 'label'=>'Note public', 'enabled'=>1, 'visible'=>0, 'position'=>150),
'note_private' =>array('type'=>'html', 'label'=>'Note private', 'enabled'=>1, 'visible'=>0, 'position'=>155),
'detail_refuse' =>array('type'=>'varchar(255)', 'label'=>'Detail refuse', 'enabled'=>1, 'visible'=>-1, 'position'=>160),
'detail_cancel' =>array('type'=>'varchar(255)', 'label'=>'Detail cancel', 'enabled'=>1, 'visible'=>-1, 'position'=>165),
'integration_compta' =>array('type'=>'integer', 'label'=>'Integration compta', 'enabled'=>1, 'visible'=>-1, 'position'=>170),

6
htdocs/fichinter/class/fichinter.class.php
View File

@ -57,9 +57,9 @@ class Fichinter extends CommonObject
'datee' =>array('type'=>'date', 'label'=>'Datee', 'enabled'=>1, 'visible'=>-1, 'position'=>90),
'datet' =>array('type'=>'date', 'label'=>'Datet', 'enabled'=>1, 'visible'=>-1, 'position'=>95),
'duree' =>array('type'=>'double', 'label'=>'Duree', 'enabled'=>1, 'visible'=>-1, 'position'=>100),
'description' =>array('type'=>'text', 'label'=>'Description', 'enabled'=>1, 'visible'=>-1, 'position'=>105, 'showoncombobox'=>2),
'note_private' =>array('type'=>'text', 'label'=>'NotePrivate', 'enabled'=>1, 'visible'=>0, 'position'=>110),
'note_public' =>array('type'=>'text', 'label'=>'NotePublic', 'enabled'=>1, 'visible'=>0, 'position'=>115),
'description' =>array('type'=>'html', 'label'=>'Description', 'enabled'=>1, 'visible'=>-1, 'position'=>105, 'showoncombobox'=>2),
'note_private' =>array('type'=>'html', 'label'=>'NotePrivate', 'enabled'=>1, 'visible'=>0, 'position'=>110),
'note_public' =>array('type'=>'html', 'label'=>'NotePublic', 'enabled'=>1, 'visible'=>0, 'position'=>115),
'model_pdf' =>array('type'=>'varchar(255)', 'label'=>'Model pdf', 'enabled'=>1, 'visible'=>0, 'position'=>120),
'last_main_doc' =>array('type'=>'varchar(255)', 'label'=>'Last main doc', 'enabled'=>1, 'visible'=>-1, 'position'=>125),
'import_key' =>array('type'=>'varchar(14)', 'label'=>'ImportId', 'enabled'=>1, 'visible'=>-2, 'position'=>130),

2
htdocs/filefunc.inc.php
View File

@ -206,7 +206,7 @@ include_once DOL_DOCUMENT_ROOT.'/core/lib/security.lib.php';
// when we post forms (we allow GET and HEAD to accept direct link from a particular page).
// Note about $_SERVER[HTTP_HOST/SERVER_NAME]: http://shiflett.org/blog/2006/mar/server-name-versus-http-host
// See also CSRF protections done into main.inc.php
if (!defined('NOCSRFCHECK') && empty($dolibarr_nocsrfcheck)) {
if (!defined('NOCSRFCHECK') && isset($dolibarr_nocsrfcheck) && $dolibarr_nocsrfcheck == 1) { // If $dolibarr_nocsrfcheck is 0, there is a strict CSRF test with token in main
if (!empty($_SERVER['REQUEST_METHOD']) && !in_array($_SERVER['REQUEST_METHOD'], array('GET', 'HEAD')) && !empty($_SERVER['HTTP_HOST'])) {
$csrfattack = false;
if (empty($_SERVER['HTTP_REFERER'])) {

4
htdocs/fourn/class/fournisseur.commande.class.php
View File

@ -237,8 +237,8 @@ class CommandeFournisseur extends CommonOrder
'localtax2' =>array('type'=>'double(24,8)', 'label'=>'Localtax2', 'enabled'=>1, 'visible'=>3, 'position'=>140, 'isameasure'=>1),
'total_ht' =>array('type'=>'double(24,8)', 'label'=>'TotalHT', 'enabled'=>1, 'visible'=>1, 'position'=>145, 'isameasure'=>1),
'total_ttc' =>array('type'=>'double(24,8)', 'label'=>'TotalTTC', 'enabled'=>1, 'visible'=>-1, 'position'=>150, 'isameasure'=>1),
'note_public' =>array('type'=>'text', 'label'=>'NotePublic', 'enabled'=>1, 'visible'=>0, 'position'=>155, 'searchall'=>1),
'note_private' =>array('type'=>'text', 'label'=>'NotePrivate', 'enabled'=>1, 'visible'=>0, 'position'=>160, 'searchall'=>1),
'note_public' =>array('type'=>'html', 'label'=>'NotePublic', 'enabled'=>1, 'visible'=>0, 'position'=>155, 'searchall'=>1),
'note_private' =>array('type'=>'html', 'label'=>'NotePrivate', 'enabled'=>1, 'visible'=>0, 'position'=>160, 'searchall'=>1),
'model_pdf' =>array('type'=>'varchar(255)', 'label'=>'ModelPDF', 'enabled'=>1, 'visible'=>0, 'position'=>165),
'fk_input_method' =>array('type'=>'integer', 'label'=>'OrderMode', 'enabled'=>1, 'visible'=>3, 'position'=>170),
'fk_cond_reglement' =>array('type'=>'integer', 'label'=>'PaymentTerm', 'enabled'=>1, 'visible'=>3, 'position'=>175),

4
htdocs/fourn/class/fournisseur.facture-rec.class.php
View File

@ -201,8 +201,8 @@ class FactureFournisseurRec extends CommonInvoice
'fk_mode_reglement' =>array('type'=>'integer', 'label'=>'Fk mode reglement', 'enabled'=>1, 'visible'=>-1, 'position'=>95),
'date_lim_reglement' =>array('type'=>'date', 'label'=>'Date lim reglement', 'enabled'=>1, 'visible'=>-1, 'position'=>100),
'note_private' =>array('type'=>'text', 'label'=>'NotePublic', 'enabled'=>1, 'visible'=>0, 'position'=>105),
'note_public' =>array('type'=>'text', 'label'=>'NotePrivate', 'enabled'=>1, 'visible'=>0, 'position'=>110),
'note_private' =>array('type'=>'html', 'label'=>'NotePublic', 'enabled'=>1, 'visible'=>0, 'position'=>105),
'note_public' =>array('type'=>'html', 'label'=>'NotePrivate', 'enabled'=>1, 'visible'=>0, 'position'=>110),
'modelpdf' =>array('type'=>'varchar(255)', 'label'=>'Modelpdf', 'enabled'=>1, 'visible'=>-1, 'position'=>115),
'fk_multicurrency' =>array('type'=>'integer', 'label'=>'Fk multicurrency', 'enabled'=>1, 'visible'=>-1, 'position'=>180),

4
htdocs/fourn/class/fournisseur.facture.class.php
View File

@ -300,8 +300,8 @@ class FactureFournisseur extends CommonInvoice
'fk_cond_reglement' =>array('type'=>'integer', 'label'=>'PaymentTerm', 'enabled'=>1, 'visible'=>-1, 'position'=>155),
'fk_mode_reglement' =>array('type'=>'integer', 'label'=>'PaymentMode', 'enabled'=>1, 'visible'=>-1, 'position'=>160),
'date_lim_reglement' =>array('type'=>'date', 'label'=>'DateLimReglement', 'enabled'=>1, 'visible'=>-1, 'position'=>165),
'note_private' =>array('type'=>'text', 'label'=>'NotePrivate', 'enabled'=>1, 'visible'=>0, 'position'=>170),
'note_public' =>array('type'=>'text', 'label'=>'NotePublic', 'enabled'=>1, 'visible'=>0, 'position'=>175),
'note_private' =>array('type'=>'html', 'label'=>'NotePrivate', 'enabled'=>1, 'visible'=>0, 'position'=>170),
'note_public' =>array('type'=>'html', 'label'=>'NotePublic', 'enabled'=>1, 'visible'=>0, 'position'=>175),
'model_pdf' =>array('type'=>'varchar(255)', 'label'=>'ModelPdf', 'enabled'=>1, 'visible'=>0, 'position'=>180),
'extraparams' =>array('type'=>'varchar(255)', 'label'=>'Extraparams', 'enabled'=>1, 'visible'=>-1, 'position'=>190),
'fk_incoterms' =>array('type'=>'integer', 'label'=>'IncotermCode', 'enabled'=>1, 'visible'=>-1, 'position'=>195),

2
htdocs/fourn/paiement/card.php
View File

@ -53,7 +53,7 @@ $hookmanager->initHooks(array('supplierpaymentcard', 'globalcard'));
// Load object
include DOL_DOCUMENT_ROOT.'/core/actions_fetchobject.inc.php'; // Must be include, not include_once.
$result = restrictedArea($user, $object->element, $object->id, 'paiementfourn', '');
$result = restrictedArea($user, $object->element, $object->id, 'paiementfourn', ''); // This also test permission on read invoice
// Security check
if ($user->socid) {

4
htdocs/includes/tcpdi/tcpdi_parser.php
View File

@ -1365,7 +1365,7 @@ class tcpdi_parser {
$obj = $this->getObjectVal($obj);
if (isset ($obj[1][1]['/Rotate'])) {
$res = $this->getObjectVal($obj[1][1]['/Rotate']);
if ($res[0] == PDF_TYPE_OBJECT)
if (isset($res[0]) && $res[0] == PDF_TYPE_OBJECT)
return $res[1];
return $res;
} else {
@ -1373,7 +1373,7 @@ class tcpdi_parser {
return false;
} else {
$res = $this->_getPageRotation($obj[1][1]['/Parent']);
if ($res && $res[0] == PDF_TYPE_OBJECT)
if (isset($res[0]) && $res[0] == PDF_TYPE_OBJECT)
return $res[1];
return $res;
}

2
htdocs/install/mysql/data/llx_20_c_departements.sql
View File

@ -1228,7 +1228,7 @@ INSERT INTO llx_c_departements (fk_region, code_departement, ncc, nom) VALUES (6
INSERT INTO llx_c_departements (fk_region, code_departement, ncc, nom) VALUES (601, 'ZH','ZURICH','Zürich');
-- Taiwan Divisions / Provinces / Counties (rowid country=886)
-- Taiwan Divisions / Provinces / Counties (id country=213)
INSERT INTO llx_c_departements (fk_region, code_departement, cheflieu, tncc, nom) VALUES (21301, 'TW-KLU', 'KLU', NULL, '基隆市');
INSERT INTO llx_c_departements (fk_region, code_departement, cheflieu, tncc, nom) VALUES (21301, 'TW-TPE', 'TPE', NULL, '臺北市');
INSERT INTO llx_c_departements (fk_region, code_departement, cheflieu, tncc, nom) VALUES (21301, 'TW-TPH', 'TPH', NULL, '新北市');

3
htdocs/install/mysql/migration/16.0.0-17.0.0.sql
View File

@ -141,6 +141,9 @@ ALTER TABLE llx_societe_rib ADD COLUMN state_id integer AFTER default_rib;
ALTER TABLE llx_societe_rib ADD COLUMN fk_country integer AFTER state_id;
ALTER TABLE llx_societe_rib ADD COLUMN currency_code varchar(3) AFTER fk_country;
DELETE FROM llx_societe_rib WHERE fk_soc = 0;
ALTER TABLE llx_societe_rib ADD CONSTRAINT llx_societe_rib_fk_societe FOREIGN KEY (fk_soc) REFERENCES llx_societe(rowid);
ALTER TABLE llx_user_rib ADD COLUMN state_id integer AFTER owner_address;
ALTER TABLE llx_user_rib ADD COLUMN fk_country integer AFTER state_id;
ALTER TABLE llx_user_rib ADD COLUMN currency_code varchar(3) AFTER fk_country;

2
htdocs/install/mysql/tables/llx_product_attribute_combination_price_level.key.sql
View File

@ -17,5 +17,5 @@
-- ============================================================================
ALTER TABLE llx_product_attribute_combination_price_level ADD UNIQUE( fk_product_attribute_combination, fk_price_level);
ALTER TABLE llx_product_attribute_combination_price_level ADD UNIQUE INDEX uk_prod_att_comb_price_level(fk_product_attribute_combination, fk_price_level);

7
htdocs/langs/en_US/admin.lang
View File

@ -705,7 +705,7 @@ Module62000Desc=Add features to manage Incoterms
Module63000Name=Resources
Module63000Desc=Manage resources (printers, cars, rooms, ...) for allocating to events
Module94160Name=Receptions
Permission11=Read customer invoices
Permission11=Read customer invoices (and payments)
Permission12=Create/modify customer invoices
Permission13=Invalidate customer invoices
Permission14=Validate customer invoices
@ -947,7 +947,7 @@ Permission1190=Approve (second approval) purchase orders
Permission1191=Export supplier orders and their attributes
Permission1201=Get result of an export
Permission1202=Create/Modify an export
Permission1231=Read vendor invoices
Permission1231=Read vendor invoices (and payments)
Permission1232=Create/modify vendor invoices
Permission1233=Validate vendor invoices
Permission1234=Delete vendor invoices
@ -2366,3 +2366,6 @@ MaxNumberOfAttachementOnForms=Max number of joinded files in a form
IfDefinedUseAValueBeetween=If defined, use a value between %s and %s
Reload=Reload
ConfirmReload=Confirm module reload
WarningModuleHasChangedLastVersionCheckParameter=Warning: the module %s has set a parameter to check its version at each page access. This is a bad and not allowed practice that may make the page to administer modules instable. Please contact author of module to fix this.
WarningModuleHasChangedSecurityCsrfParameter=Warning: the module %s has disabled the CSRF security of your instance. This action is suspect and your installation may no more be secured. Please contact the author of the module for explanation.

2
htdocs/langs/en_US/main.lang
View File

@ -1223,5 +1223,5 @@ AddToContacts=Add address to my contacts
LastAccess=Last access
UploadAnImageToSeeAPhotoHere=Upload an image from the tab %s to see a photo here
LastPasswordChangeDate=Last password change date
PublicVirtualCardUrl=Public virtual user card
PublicVirtualCardUrl=Virtual business card page
TreeView=Tree view

34
htdocs/loan/list.php
View File

@ -227,27 +227,41 @@ if ($resql) {
// Filters lines
print '<tr class="liste_titre_filter">';
if (getDolGlobalString('MAIN_CHECKBOX_LEFT_COLUMN')) {
print '<td class="liste_titre maxwidthsearch">';
$searchpicto = $form->showFilterAndCheckAddButtons();
print $searchpicto;
print '</td>';
}
print '<td class="liste_titre"><input class="flat" size="4" type="text" name="search_ref" value="'.$search_ref.'"></td>';
print '<td class="liste_titre"><input class="flat" size="12" type="text" name="search_label" value="'.$search_label.'"></td>';
print '<td class="liste_titre right" ><input class="flat" size="8" type="text" name="search_amount" value="'.$search_amount.'"></td>';
print '<td class="liste_titre">&nbsp;</td>';
print '<td class="liste_titre">&nbsp;</td>';
print '<td class="liste_titre"></td>';
print '<td class="liste_titre maxwidthsearch">';
$searchpicto = $form->showFilterAndCheckAddButtons(0);
print $searchpicto;
print '</td>';
if (!getDolGlobalString('MAIN_CHECKBOX_LEFT_COLUMN')) {
print '<td class="liste_titre maxwidthsearch">';
$searchpicto = $form->showFilterAndCheckAddButtons();
print $searchpicto;
print '</td>';
}
print '</tr>';
// Fields title label
// --------------------------------------------------------------------
print '<tr class="liste_titre">';
if (getDolGlobalString('MAIN_CHECKBOX_LEFT_COLUMN')) {
print_liste_field_titre('', $_SERVER["PHP_SELF"], "", '', '', '', $sortfield, $sortorder, 'maxwidthsearch ');
}
print_liste_field_titre("Ref", $_SERVER["PHP_SELF"], "l.rowid", "", $param, "", $sortfield, $sortorder);
print_liste_field_titre("Label", $_SERVER["PHP_SELF"], "l.label", "", $param, '', $sortfield, $sortorder, 'left ');
print_liste_field_titre("LoanCapital", $_SERVER["PHP_SELF"], "l.capital", "", $param, '', $sortfield, $sortorder, 'right ');
print_liste_field_titre("DateStart", $_SERVER["PHP_SELF"], "l.datestart", "", $param, '', $sortfield, $sortorder, 'center ');
print_liste_field_titre("DateEnd", $_SERVER["PHP_SELF"], "l.dateend", "", $param, '', $sortfield, $sortorder, 'center ');
print_liste_field_titre("Status", $_SERVER["PHP_SELF"], "l.paid", "", $param, '', $sortfield, $sortorder, 'right ');
print_liste_field_titre('', $_SERVER["PHP_SELF"], "", '', '', '', $sortfield, $sortorder, 'maxwidthsearch ');
if (!getDolGlobalString('MAIN_CHECKBOX_LEFT_COLUMN')) {
print_liste_field_titre('', $_SERVER["PHP_SELF"], "", '', '', '', $sortfield, $sortorder, 'maxwidthsearch ');
}
print "</tr>\n";
print "</tr>\n";
@ -287,6 +301,11 @@ if ($resql) {
} else {
print '<tr class="oddeven">';
// Action column
if (getDolGlobalString('MAIN_CHECKBOX_LEFT_COLUMN')) {
print '<td></td>';
}
// Ref
print '<td>'.$loan_static->getNomUrl(1).'</td>';
@ -306,7 +325,10 @@ if ($resql) {
print $loan_static->LibStatut($obj->paid, 5, $obj->alreadypaid);
print '</td>';
print '<td></td>';
// Action column
if (!getDolGlobalString('MAIN_CHECKBOX_LEFT_COLUMN')) {
print '<td></td>';
}
print "</tr>\n";
}

5
htdocs/main.inc.php
View File

@ -501,7 +501,7 @@ if ((!empty($conf->global->MAIN_VERSION_LAST_UPGRADE) && ($conf->global->MAIN_VE
// Creation of a token against CSRF vulnerabilities
if (!defined('NOTOKENRENEWAL') && !defined('NOSESSION')) {
// No token renewal on .css.php, .js.php and .json.php
// No token renewal on .css.php, .js.php and .json.php (even if the NOTOKENRENEWAL was not provided)
if (!preg_match('/\.(css|js|json)\.php$/', $_SERVER["PHP_SELF"])) {
// Rolling token at each call ($_SESSION['token'] contains token of previous page)
if (isset($_SESSION['newtoken'])) {
@ -1589,7 +1589,8 @@ function top_htmlhead($head, $title = '', $disablejs = 0, $disablehead = 0, $arr
print '<meta name="robots" content="'.($disablenoindex ? 'index' : 'noindex').($disablenofollow ? ',follow' : ',nofollow').'">'."\n"; // Do not index
print '<meta name="viewport" content="width=device-width, initial-scale=1.0">'."\n"; // Scale for mobile device
print '<meta name="author" content="Dolibarr Development Team">'."\n";
print '<meta name="anti-csrf-token" content="'.newToken().'">'."\n";
print '<meta name="anti-csrf-newtoken" content="'.newToken().'">'."\n";
print '<meta name="anti-csrf-currenttoken" content="'.currentToken().'">'."\n";
if (getDolGlobalInt('MAIN_FEATURES_LEVEL')) {
print '<meta name="MAIN_FEATURES_LEVEL" content="'.getDolGlobalInt('MAIN_FEATURES_LEVEL').'">'."\n";
}

228
htdocs/modulebuilder/index.php
View File

@ -1941,7 +1941,223 @@ if ($dirins && $action == 'generatepackage') {
}
}
// Add permission
if ($dirins && $action == 'addright' && !empty($module) && empty($cancel)) {
$error = 0;
// load class and check if right exist
$pathtofile = $listofmodules[strtolower($module)]['moduledescriptorrelpath'];
dol_include_once($pathtofile);
$class = 'mod'.$module;
if (class_exists($class)) {
try {
$moduleobj = new $class($db);
} catch (Exception $e) {
$error++;
dol_print_error($db, $e->getMessage());
}
}
// verify informations entred
if (!GETPOST('label', 'alpha')) {
$error++;
setEventMessages($langs->trans("ErrorFieldRequired", $langs->transnoentities("Label")), null, 'errors');
}
if (!GETPOST('permissionObj', 'alpha')) {
$error++;
setEventMessages($langs->trans("ErrorFieldRequired", $langs->transnoentities("Rights")), null, 'errors');
}
$label = GETPOST('label', 'alpha');
$objectForPerms = strtolower(GETPOST('permissionObj', 'alpha'));
$crud = GETPOST('crud', 'alpha');
// check coherence between crud and label
if ($label == "Read objects of $module" && $crud != "read") {
$crud = "read";
$label == "Read objects of $module";
}
if ($label == "Create/Update objects of $module" && $crud != "write") {
$crud = "write";
$label == "Create/Update objects of $module";
}
if ($label == "Delete objects of $module" && $crud != "delete") {
$crud = "delete";
$label == "Delete objects of $module";
}
//check existing object permission
$counter = 0;
$permsForObject =array();
$permissions = $moduleobj->rights;
$firstRight = 0;
$existRight = 0;
$allObject = array();
$nbOfPermissions = count($permissions);
for ($i =0; $i<$nbOfPermissions; $i++) {
if ($permissions[$i][4] == $objectForPerms) {
$counter++;
if (count($permsForObject) < 3) {
$permsForObject[] = $permissions[$i];
}
}
$allObject[] = $permissions[$i][4];
}
$nbOfpermsInObj = count($permsForObject);
// check if label of object already exists
for ($j = 0; $j<$nbOfpermsInObj; $j++) {
if (in_array($label, $permsForObject[$j])) {
$existRight++;
setEventMessages($langs->trans("ErrorExistingPermission", $langs->transnoentities($label), $langs->transnoentities($objectForPerms)), null, 'errors');
}
}
// if not found permission for the object
if (!in_array($objectForPerms, array_unique($allObject))) {
$firstRight++;
$existRight = 0;
}
if (!$error) {
if (isModEnabled(strtolower($module))) {
$result = unActivateModule(strtolower($module));
dolibarr_set_const($db, "MAIN_IHM_PARAMS_REV", (int) $conf->global->MAIN_IHM_PARAMS_REV + 1, 'chaine', 0, '', $conf->entity);
if ($result) {
setEventMessages($result, null, 'errors');
}
header("Location: ".DOL_URL_ROOT.'/modulebuilder/index.php?tab=permissions&module='.$module);
setEventMessages($langs->trans('WarningModuleNeedRefrech', $langs->transnoentities($module)), null, 'warnings');
}
//prepare stirng to add
$rightToAdd = "
\$this->rights[\$r][0] = \$this->numero . sprintf('%02d', \$r + 1);
\$this->rights[\$r][1] = '$label';
\$this->rights[\$r][4] = '$objectForPerms';
\$this->rights[\$r][5] = '$crud';
\$r++;
";
$moduledescriptorfile = $dirins.'/'.strtolower($module).'/core/modules/mod'.$module.'.class.php';
if (!$existRight) {
dolReplaceInFile($moduledescriptorfile, array('/*END '.strtoupper($objectForPerms).'*/' => $rightToAdd.'/*END '.strtoupper($objectForPerms).'*/'));
setEventMessages($langs->trans('PermissionAddedSuccesfuly'), null);
}
if ($firstRight) {
dolReplaceInFile($moduledescriptorfile, array('/* END MODULEBUILDER PERMISSIONS */' => '/*'.strtoupper($objectForPerms).'*/'.$rightToAdd."/*END ".strtoupper($objectForPerms).'*/'."\n\t\t".'/* END MODULEBUILDER PERMISSIONS */'));
setEventMessages($langs->trans('PermissionAddedSuccesfuly'), null);
}
}
header("Location: ".DOL_URL_ROOT.'/modulebuilder/index.php?tab=permissions&module='.$module);
exit;
}
// Update permission
if ($dirins && GETPOST('action') == 'update_right' && GETPOST('modifyright')&& empty($cancel)) {
$error = 0;
// load class and check if right exist
$pathtofile = $listofmodules[strtolower($module)]['moduledescriptorrelpath'];
dol_include_once($pathtofile);
$class = 'mod'.$module;
if (class_exists($class)) {
try {
$moduleobj = new $class($db);
} catch (Exception $e) {
$error++;
dol_print_error($db, $e->getMessage());
}
}
// verify informations entred
if (!GETPOST('label', 'alpha')) {
$error++;
setEventMessages($langs->trans("ErrorFieldRequired", $langs->transnoentities("Label")), null, 'errors');
}
if (!GETPOST('permissionObj', 'alpha')) {
$error++;
setEventMessages($langs->trans("ErrorFieldRequired", $langs->transnoentities("Rights")), null, 'errors');
}
$label = GETPOST('label', 'alpha');
$objectForPerms = strtolower(GETPOST('permissionObj', 'alpha'));
$crud = GETPOST('crud', 'alpha');
if ($label == "Read objects of $module" && $crud != "read") {
$crud = "read";
$label == "Read objects of $module";
}
if ($label == "Create/Update objects of $module" && $crud != "write") {
$crud = "write";
$label == "Create/Update objects of $module";
}
if ($label == "Delete objects of $module" && $crud != "delete") {
$crud = "delete";
$label == "Delete objects of $module";
}
$permissions = $moduleobj->rights;
$r =(int) GETPOST('counter');
//get permission want to delete from permissions array
$x1 = $permissions[$r-1][1];
$x2 = $permissions[$r-1][4];
$x3 = $permissions[$r-1][5];
//check existing object permission
$permsForObject =array();
$allObject = array();
$nbOfPermissions = count($permissions);
for ($i =0; $i<$nbOfPermissions; $i++) {
if ($permissions[$i][4] == $objectForPerms) {
if (count($permsForObject) < 3) {
$permsForObject[] = $permissions[$i];
}
}
$allObject[] = $permissions[$i][4];
}
if ($label != $x1 && $crud != $x3) {
$x = count($permsForObject);
for ($j = 0; $j<$x; $j++) {
if (in_array($label, $permsForObject[$j])) {
$error++;
setEventMessages($langs->trans("ErrorExistingPermission", $langs->transnoentities($label), $langs->transnoentities($objectForPerms)), null, 'errors');
}
}
}
//prepare right want to delete
$right = "
\$this->rights[\$r][0] = \$this->numero . sprintf('%02d', \$r + 1);
\$this->rights[\$r][1] = '$x1';
\$this->rights[\$r][4] = '$x2';
\$this->rights[\$r][5] = '$x3';
\$r++;
";
// right after editing
$rightUpdated = "
\$this->rights[\$r][0] = \$this->numero . sprintf('%02d', \$r + 1);
\$this->rights[\$r][1] = '$label';
\$this->rights[\$r][4] = '$objectForPerms';
\$this->rights[\$r][5] = '$crud';
\$r++;
";
if (!$error) {
if (isModEnabled(strtolower($module))) {
$result = unActivateModule(strtolower($module));
dolibarr_set_const($db, "MAIN_IHM_PARAMS_REV", (int) $conf->global->MAIN_IHM_PARAMS_REV + 1, 'chaine', 0, '', $conf->entity);
if ($result) {
setEventMessages($result, null, 'errors');
}
header("Location: ".DOL_URL_ROOT.'/modulebuilder/index.php?tab=permissions&module='.$module);
setEventMessages($langs->trans('WarningModuleNeedRefrech', $langs->transnoentities($module)), null, 'warnings');
}
$moduledescriptorfile = $dirins.'/'.strtolower($module).'/core/modules/mod'.$module.'.class.php';
$check = dolReplaceInFile($moduledescriptorfile, array($right => $rightUpdated));
header("Location: ".DOL_URL_ROOT.'/modulebuilder/index.php?tab=permissions&module='.$module);
setEventMessages($langs->trans('PermissionUpdatedSuccesfuly'), null);
exit;
}
}
// Delete permission
if ($dirins && $action == 'confirm_deleteright' && !empty($module) && GETPOST('permskey', 'int')) {
$error = 0;
@ -1983,7 +2199,6 @@ if ($dirins && $action == 'confirm_deleteright' && !empty($module) && GETPOST('p
$permsForObj[] = $perms[4];
}
$permsForObj = array_count_values($permsForObj);
//var_dump($permsForObj[$permissions[$key][4]]);exit;
if ($permsForObj[$permissions[$key][4]] == 1) {
$delObjStart = dolReplaceInFile($moduledescriptorfile, array('/*'.strtoupper($permissions[$key][4].'*/') => '','/*END '.strtoupper($permissions[$key][4].'*/') => ''));
}
@ -1999,6 +2214,7 @@ if ($dirins && $action == 'confirm_deleteright' && !empty($module) && GETPOST('p
header("Location: ".DOL_URL_ROOT.'/modulebuilder/index.php?tab=permissions&module='.$module);
setEventMessages($langs->trans('PermissionDeletedSuccesfuly'), null);
setEventMessages($langs->trans('WarningModuleNeedRefrech', $langs->transnoentities($module)), null, 'warnings');
exit;
} else {
header("Location: ".DOL_URL_ROOT.'/modulebuilder/index.php?tab=permissions&module='.$module);
setEventMessages($langs->trans('PermissionDeletedSuccesfuly'), null);
@ -4069,8 +4285,14 @@ if ($module == 'initmodule') {
print '</td>';
print '<td>';
print '<input type="text" name="label" value="'.dol_escape_htmltag(!empty($perm[1]) ? $perm[1] : dol_escape_htmltag(GETPOST('label'))).'"/>';
print '</td>';
print '<select name="label" >';
print '<option value="'.dol_escape_htmltag($perm[1]).'">'.dol_escape_htmltag($perm[1]).'</option>';
for ($i = 0; $i<3; $i++) {
if ($perm[1] != $labels[$i]) {
print '<option value="'.GETPOST('label').'">'.$labels[$i].'</option>';
}
}
print '</select></td>';
print '<td ><select name="permissionObj">';
print '<option value="'.dol_escape_htmltag($perm[4]).'">'.$perm[4].'</option>';

5
htdocs/product/admin/dynamic_prices.php
View File

@ -1,5 +1,6 @@
<?php
/* Copyright (C) 2015 Ion Agorria <ion@agorria.com>
/* Copyright (C) 2015 Ion Agorria <ion@agorria.com>
* Copyright (C) 2023 Frédéric France <frederic.france@netlogic.fr>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -183,7 +184,7 @@ if ($action != 'create_updater' && $action != 'edit_updater') {
print '</tr>';
}
} else {
print '<tr colspan="7"><td><span class="opacitymedium">';
print '<tr><td colspan="4"><span class="opacitymedium">';
print $langs->trans("None");
print '</span></td></tr>';
}

50
htdocs/product/card.php
View File

@ -1854,7 +1854,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) {
if ($object->isService()) {
$type = $langs->trans('Service');
}
//print load_fiche_titre($langs->trans('Modify').' '.$type.' : '.(is_object($object->oldcopy)?$object->oldcopy->ref:$object->ref), "");
// print load_fiche_titre($langs->trans('Modify').' '.$type.' : '.(is_object($object->oldcopy)?$object->oldcopy->ref:$object->ref), "");
// Main official, simple, and not duplicated code
print '<form action="'.$_SERVER['PHP_SELF'].'?id='.$object->id.'" method="POST" name="formprod">'."\n";
@ -1873,19 +1873,18 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) {
// Ref
if (empty($conf->global->MAIN_PRODUCT_REF_NOT_EDITABLE)) {
print '<tr><td class="titlefieldcreate fieldrequired">'.$langs->trans("Ref").'</td><td colspan="3"><input name="ref" class="maxwidth200" maxlength="128" value="'.dol_escape_htmltag($object->ref).'"></td></tr>';
print '<tr><td class="titlefieldcreate fieldrequired">'.$langs->trans("Ref").'</td><td colspan="3"><input name="ref" class="maxwidth200" maxlength="128" value="'.dol_escape_htmltag(GETPOSTISSET('ref') ? GETPOST('ref') : $object->ref).'"></td></tr>';
} else {
print '<tr><td class="titlefieldcreate fieldrequired">'.$langs->trans("Ref").'</td><td colspan="3"><input name="ref" class="maxwidth200" maxlength="128" value="'.dol_escape_htmltag($object->ref).'" readonly="true"></td></tr>';
}
// Label
print '<tr><td class="fieldrequired">'.$langs->trans("Label").'</td><td colspan="3"><input name="label" class="minwidth300 maxwidth400onsmartphone" maxlength="255" value="'.dol_escape_htmltag($object->label).'"></td></tr>';
print '<tr><td class="fieldrequired">'.$langs->trans("Label").'</td><td colspan="3"><input name="label" class="minwidth300 maxwidth400onsmartphone" maxlength="255" value="'.dol_escape_htmltag(GETPOSTISSET('label') ? GETPOST('label') : $object->label).'"></td></tr>';
// Status To sell
print '<tr><td class="fieldrequired">'.$langs->trans("Status").' ('.$langs->trans("Sell").')</td><td colspan="3">';
print '<select class="flat" name="statut">';
if ($object->status) {
if ((GETPOSTISSET('statut') && GETPOST('statut')) || (!GETPOSTISSET('statut') && $object->status)) {
print '<option value="1" selected>'.$langs->trans("OnSell").'</option>';
print '<option value="0">'.$langs->trans("NotOnSell").'</option>';
} else {
@ -1898,7 +1897,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) {
// Status To Buy
print '<tr><td class="fieldrequired">'.$langs->trans("Status").' ('.$langs->trans("Buy").')</td><td colspan="3">';
print '<select class="flat" name="statut_buy">';
if ($object->status_buy) {
if ((GETPOSTISSET('statut_buy') && GETPOST('statut_buy')) || (!GETPOSTISSET('statut_buy') && $object->status_buy)) {
print '<option value="1" selected>'.$langs->trans("ProductStatusOnBuy").'</option>';
print '<option value="0">'.$langs->trans("ProductStatusNotOnBuy").'</option>';
} else {
@ -1913,7 +1912,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) {
if ($object->isProduct() || !empty($conf->global->STOCK_SUPPORTS_SERVICES)) {
print '<tr><td>'.$langs->trans("ManageLotSerial").'</td><td>';
$statutarray = array('0' => $langs->trans("ProductStatusNotOnBatch"), '1' => $langs->trans("ProductStatusOnBatch"), '2' => $langs->trans("ProductStatusOnSerial"));
print $form->selectarray('status_batch', $statutarray, $object->status_batch);
print $form->selectarray('status_batch', $statutarray, (GETPOSTISSET('status_batch') ? GETPOST('status_batch') : $object->status_batch));
print '</td></tr>';
if (!empty($object->status_batch) || !empty($conf->use_javascript_ajax)) {
$langs->load("admin");
@ -2032,7 +2031,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) {
// Default warehouse
print '<tr><td>'.$langs->trans("DefaultWarehouse").'</td><td>';
print img_picto($langs->trans("DefaultWarehouse"), 'stock', 'class="pictofixedwidth"');
print $formproduct->selectWarehouses($object->fk_default_warehouse, 'fk_default_warehouse', 'warehouseopen', 1);
print $formproduct->selectWarehouses((GETPOSTISSET('fk_default_warehouse') ? GETPOST('fk_default_warehouse') : $object->fk_default_warehouse), 'fk_default_warehouse', 'warehouseopen', 1);
print ' <a href="'.DOL_URL_ROOT.'/product/stock/card.php?action=create&amp;backtopage='.urlencode($_SERVER['PHP_SELF'].'?action=create&type='.GETPOST('type', 'int')).'"><span class="fa fa-plus-circle valignmiddle paddingleft" title="'.$langs->trans("AddWarehouse").'"></span></a>';
print '</td></tr>';
/*
@ -2080,7 +2079,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) {
if (empty($conf->global->PRODUCT_DISABLE_NATURE)) {
// Nature
print '<tr><td>'.$form->textwithpicto($langs->trans("NatureOfProductShort"), $langs->trans("NatureOfProductDesc")).'</td><td>';
print $formproduct->selectProductNature('finished', $object->finished);
print $formproduct->selectProductNature('finished', (GETPOSTISSET('finished') ? GETPOST('finished') : $object->finished));
print '</td></tr>';
}
}
@ -2088,7 +2087,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) {
if (!$object->isService() && isModEnabled('bom')) {
print '<tr><td>'.$form->textwithpicto($langs->trans("DefaultBOM"), $langs->trans("DefaultBOMDesc", $langs->transnoentitiesnoconv("Finished"))).'</td><td>';
$bomkey = "Bom:bom/class/bom.class.php:0:t.status=1 AND t.fk_product=".((int) $object->id);
print $form->selectForForms($bomkey, 'fk_default_bom', $object->fk_default_bom, 1);
print $form->selectForForms($bomkey, 'fk_default_bom', (GETPOSTISSET('fk_default_bom') ? GETPOST('fk_default_bom') : $object->fk_default_bom), 1);
print '</td></tr>';
}
@ -2143,7 +2142,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) {
// Custom code
if (!$object->isService() && empty($conf->global->PRODUCT_DISABLE_CUSTOM_INFO)) {
print '<tr><td class="wordbreak">'.$langs->trans("CustomCode").'</td><td><input name="customcode" class="maxwidth100onsmartphone" value="'.$object->customcode.'"></td></tr>';
print '<tr><td class="wordbreak">'.$langs->trans("CustomCode").'</td><td><input name="customcode" class="maxwidth100onsmartphone" value="'.(GETPOSTISSET('customcode') ? GETPOST('customcode') : $object->customcode).'"></td></tr>';
// Origin country
print '<tr><td>'.$langs->trans("CountryOrigin").'</td>';
print '<td>';
@ -2196,6 +2195,11 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) {
$arrayselected[] = $cat->id;
}
}
if (GETPOSTISSET('categories', 'array')) {
foreach (GETPOST('categories', 'array') as $cat) {
$arrayselected[] = $cat;
}
}
print img_picto('', 'category').$form->multiselectarray('categories', $cate_arbo, $arrayselected, '', 0, 'quatrevingtpercent widthcentpercentminusx', 0, 0);
print "</td></tr>";
}
@ -2221,76 +2225,76 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) {
// Accountancy_code_sell
print '<tr><td class="titlefieldcreate">'.$langs->trans("ProductAccountancySellCode").'</td>';
print '<td>';
print $formaccounting->select_account($object->accountancy_code_sell, 'accountancy_code_sell', 1, '', 1, 1, 'minwidth150 maxwidth300');
print $formaccounting->select_account((GETPOSTISSET('accountancy_code_sell') ? GETPOST('accountancy_code_sell') : $object->accountancy_code_sell), 'accountancy_code_sell', 1, '', 1, 1, 'minwidth150 maxwidth300');
print '</td></tr>';
// Accountancy_code_sell_intra
if ($mysoc->isInEEC()) {
print '<tr><td class="titlefieldcreate">'.$langs->trans("ProductAccountancySellIntraCode").'</td>';
print '<td>';
print $formaccounting->select_account($object->accountancy_code_sell_intra, 'accountancy_code_sell_intra', 1, '', 1, 1, 'minwidth150 maxwidth300');
print $formaccounting->select_account((GETPOSTISSET('accountancy_code_sell_intra') ? GETPOST('accountancy_code_sell_intra') : $object->accountancy_code_sell_intra), 'accountancy_code_sell_intra', 1, '', 1, 1, 'minwidth150 maxwidth300');
print '</td></tr>';
}
// Accountancy_code_sell_export
print '<tr><td class="titlefieldcreate">'.$langs->trans("ProductAccountancySellExportCode").'</td>';
print '<td>';
print $formaccounting->select_account($object->accountancy_code_sell_export, 'accountancy_code_sell_export', 1, '', 1, 1, 'minwidth150 maxwidth300');
print $formaccounting->select_account((GETPOSTISSET('accountancy_code_sell_export') ? GETPOST('accountancy_code_sell_export') : $object->accountancy_code_sell_export), 'accountancy_code_sell_export', 1, '', 1, 1, 'minwidth150 maxwidth300');
print '</td></tr>';
// Accountancy_code_buy
print '<tr><td>'.$langs->trans("ProductAccountancyBuyCode").'</td>';
print '<td>';
print $formaccounting->select_account($object->accountancy_code_buy, 'accountancy_code_buy', 1, '', 1, 1, 'minwidth150 maxwidth300');
print $formaccounting->select_account((GETPOSTISSET('accountancy_code_buy') ? GETPOST('accountancy_code_buy') : $object->accountancy_code_buy), 'accountancy_code_buy', 1, '', 1, 1, 'minwidth150 maxwidth300');
print '</td></tr>';
// Accountancy_code_buy_intra
if ($mysoc->isInEEC()) {
print '<tr><td class="titlefieldcreate">'.$langs->trans("ProductAccountancyBuyIntraCode").'</td>';
print '<td>';
print $formaccounting->select_account($object->accountancy_code_buy_intra, 'accountancy_code_buy_intra', 1, '', 1, 1, 'minwidth150 maxwidth300');
print $formaccounting->select_account((GETPOSTISSET('accountancy_code_buy_intra') ? GETPOST('accountancy_code_buy_intra') : $object->accountancy_code_buy_intra), 'accountancy_code_buy_intra', 1, '', 1, 1, 'minwidth150 maxwidth300');
print '</td></tr>';
}
// Accountancy_code_buy_export
print '<tr><td class="titlefieldcreate">'.$langs->trans("ProductAccountancyBuyExportCode").'</td>';
print '<td>';
print $formaccounting->select_account($object->accountancy_code_buy_export, 'accountancy_code_buy_export', 1, '', 1, 1, 'minwidth150 maxwidth300');
print $formaccounting->select_account((GETPOSTISSET('accountancy_code_buy_export') ? GETPOST('accountancy_code_buy_export') : $object->accountancy_code_buy_export), 'accountancy_code_buy_export', 1, '', 1, 1, 'minwidth150 maxwidth300');
print '</td></tr>';
} else {
// For external software
// Accountancy_code_sell
print '<tr><td class="titlefieldcreate">'.$langs->trans("ProductAccountancySellCode").'</td>';
print '<td><input name="accountancy_code_sell" class="maxwidth200" value="'.$object->accountancy_code_sell.'">';
print '<td><input name="accountancy_code_sell" class="maxwidth200" value="'.(GETPOSTISSET('accountancy_code_sell') ? GETPOST('accountancy_code_sell') : $object->accountancy_code_sell).'">';
print '</td></tr>';
// Accountancy_code_sell_intra
if ($mysoc->isInEEC()) {
print '<tr><td class="titlefieldcreate">'.$langs->trans("ProductAccountancySellIntraCode").'</td>';
print '<td><input name="accountancy_code_sell_intra" class="maxwidth200" value="'.$object->accountancy_code_sell_intra.'">';
print '<td><input name="accountancy_code_sell_intra" class="maxwidth200" value="'.(GETPOSTISSET('accountancy_code_sell_intra') ? GETPOST('accountancy_code_sell_intra') : $object->accountancy_code_sell_intra).'">';
print '</td></tr>';
}
// Accountancy_code_sell_export
print '<tr><td class="titlefieldcreate">'.$langs->trans("ProductAccountancySellExportCode").'</td>';
print '<td><input name="accountancy_code_sell_export" class="maxwidth200" value="'.$object->accountancy_code_sell_export.'">';
print '<td><input name="accountancy_code_sell_export" class="maxwidth200" value="'.(GETPOSTISSET('accountancy_code_sell_export') ? GETPOST('accountancy_code_sell_export') : $object->accountancy_code_sell_export).'">';
print '</td></tr>';
// Accountancy_code_buy
print '<tr><td>'.$langs->trans("ProductAccountancyBuyCode").'</td>';
print '<td><input name="accountancy_code_buy" class="maxwidth200" value="'.$object->accountancy_code_buy.'">';
print '<td><input name="accountancy_code_buy" class="maxwidth200" value="'.(GETPOSTISSET('accountancy_code_buy') ? GETPOST('accountancy_code_buy') : $object->accountancy_code_buy).'">';
print '</td></tr>';
// Accountancy_code_buy_intra
if ($mysoc->isInEEC()) {
print '<tr><td class="titlefieldcreate">'.$langs->trans("ProductAccountancyBuyIntraCode").'</td>';
print '<td><input name="accountancy_code_buy_intra" class="maxwidth200" value="'.$object->accountancy_code_buy_intra.'">';
print '<td><input name="accountancy_code_buy_intra" class="maxwidth200" value="'.(GETPOSTISSET('accountancy_code_buy_intra') ? GETPOST('accountancy_code_buy_intra') : $object->accountancy_code_buy_intra).'">';
print '</td></tr>';
}
// Accountancy_code_buy_export
print '<tr><td class="titlefieldcreate">'.$langs->trans("ProductAccountancyBuyExportCode").'</td>';
print '<td><input name="accountancy_code_buy_export" class="maxwidth200" value="'.$object->accountancy_code_buy_export.'">';
print '<td><input name="accountancy_code_buy_export" class="maxwidth200" value="'.(GETPOSTISSET('accountancy_code_buy_export') ? GETPOST('accountancy_code_buy_export') : $object->accountancy_code_buy_export).'">';
print '</td></tr>';
}
}

2
htdocs/product/dynamic_price/editor.php
View File

@ -173,7 +173,7 @@ $help_text .= '<br><br>'.$langs->trans("PriceExpressionEditorHelp3");
$help_text .= '<br><br>'.$langs->trans("PriceExpressionEditorHelp4");
$help_text .= '<br><br>'.$langs->trans("PriceExpressionEditorHelp5");
foreach ($price_globals->listGlobalVariables() as $entry) {
$help_text .= '<br><b>#globals_'.$entry->code.'#</b> '.$entry->description.' = '.$entry->value;
$help_text .= '<br><b>#global_'.$entry->code.'#</b> '.$entry->description.' = '.$entry->value;
}
//Price expression editor

4
htdocs/projet/class/project.class.php
View File

@ -281,8 +281,8 @@ class Project extends CommonObject
'public' =>array('type'=>'integer', 'label'=>'Visibility', 'enabled'=>1, 'visible'=>1, 'position'=>65),
'fk_opp_status' =>array('type'=>'integer', 'label'=>'OpportunityStatusShort', 'enabled'=>'getDolGlobalString("PROJECT_USE_OPPORTUNITIES")', 'visible'=>1, 'position'=>75),
'opp_percent' =>array('type'=>'double(5,2)', 'label'=>'OpportunityProbabilityShort', 'enabled'=>'getDolGlobalString("PROJECT_USE_OPPORTUNITIES")', 'visible'=>1, 'position'=>80),
'note_private' =>array('type'=>'text', 'label'=>'NotePrivate', 'enabled'=>1, 'visible'=>0, 'position'=>85, 'searchall'=>1),
'note_public' =>array('type'=>'text', 'label'=>'NotePublic', 'enabled'=>1, 'visible'=>0, 'position'=>90, 'searchall'=>1),
'note_private' =>array('type'=>'html', 'label'=>'NotePrivate', 'enabled'=>1, 'visible'=>0, 'position'=>85, 'searchall'=>1),
'note_public' =>array('type'=>'html', 'label'=>'NotePublic', 'enabled'=>1, 'visible'=>0, 'position'=>90, 'searchall'=>1),
'model_pdf' =>array('type'=>'varchar(255)', 'label'=>'ModelPdf', 'enabled'=>1, 'visible'=>0, 'position'=>95),
'date_close' =>array('type'=>'datetime', 'label'=>'DateClosing', 'enabled'=>1, 'visible'=>0, 'position'=>105),
'fk_user_close' =>array('type'=>'integer', 'label'=>'UserClosing', 'enabled'=>1, 'visible'=>0, 'position'=>110),

122
htdocs/projet/tasks/time.php
View File

@ -1855,7 +1855,7 @@ if (($id > 0 || !empty($ref)) || $projectidforalltimes > 0 || $allprojectforuser
}
$varpage = empty($contextpage) ? $_SERVER["PHP_SELF"] : $contextpage;
$selectedfields = $form->multiSelectArrayWithCheckbox('selectedfields', $arrayfields, $varpage); // This also change content of $arrayfields
$selectedfields = $form->multiSelectArrayWithCheckbox('selectedfields', $arrayfields, $varpage, getDolGlobalString('MAIN_CHECKBOX_LEFT_COLUMN')); // This also change content of $arrayfields
$selectedfields .= (is_array($arrayofmassactions) && count($arrayofmassactions) ? $form->showCheckAddButtons('checkforselect', 1) : '');
print '<div class="div-table-responsive">';
@ -1863,6 +1863,13 @@ if (($id > 0 || !empty($ref)) || $projectidforalltimes > 0 || $allprojectforuser
// Fields title search
print '<tr class="liste_titre_filter">';
// Action column
if (getDolGlobalString('MAIN_CHECKBOX_LEFT_COLUMN')) {
print '<td class="liste_titre center">';
$searchpicto = $form->showFilterButtons('left');
print $searchpicto;
print '</td>';
}
// Date
if (!empty($arrayfields['t.task_date']['checked'])) {
print '<td class="liste_titre left">';
@ -1954,13 +1961,18 @@ if (($id > 0 || !empty($ref)) || $projectidforalltimes > 0 || $allprojectforuser
$reshook = $hookmanager->executeHooks('printFieldListOption', $parameters); // Note that $action and $object may have been modified by hook
print $hookmanager->resPrint;
// Action column
print '<td class="liste_titre center">';
$searchpicto = $form->showFilterButtons();
print $searchpicto;
print '</td>';
if (!getDolGlobalString('MAIN_CHECKBOX_LEFT_COLUMN')) {
print '<td class="liste_titre center">';
$searchpicto = $form->showFilterButtons();
print $searchpicto;
print '</td>';
}
print '</tr>'."\n";
print '<tr class="liste_titre">';
if (getDolGlobalString('MAIN_CHECKBOX_LEFT_COLUMN')) {
print_liste_field_titre($selectedfields, $_SERVER["PHP_SELF"], "", '', '', 'width="80"', $sortfield, $sortorder, 'center maxwidthsearch ');
}
if (!empty($arrayfields['t.task_date']['checked'])) {
print_liste_field_titre($arrayfields['t.task_date']['label'], $_SERVER['PHP_SELF'], 't.task_date,t.task_datehour,t.rowid', '', $param, '', $sortfield, $sortorder);
}
@ -2014,7 +2026,9 @@ if (($id > 0 || !empty($ref)) || $projectidforalltimes > 0 || $allprojectforuser
$parameters = array('arrayfields'=>$arrayfields, 'param'=>$param, 'sortfield'=>$sortfield, 'sortorder'=>$sortorder);
$reshook = $hookmanager->executeHooks('printFieldListTitle', $parameters); // Note that $action and $object may have been modified by hook
print $hookmanager->resPrint;
print_liste_field_titre($selectedfields, $_SERVER["PHP_SELF"], "", '', '', 'width="80"', $sortfield, $sortorder, 'center maxwidthsearch ');
if (!getDolGlobalString('MAIN_CHECKBOX_LEFT_COLUMN')) {
print_liste_field_titre($selectedfields, $_SERVER["PHP_SELF"], "", '', '', 'width="80"', $sortfield, $sortorder, 'center maxwidthsearch ');
}
print "</tr>\n";
$tasktmp = new Task($db);
@ -2035,6 +2049,42 @@ if (($id > 0 || !empty($ref)) || $projectidforalltimes > 0 || $allprojectforuser
print '<tr class="oddeven">';
// Action column
if (getDolGlobalString('MAIN_CHECKBOX_LEFT_COLUMN')) {
print '<td class="center nowraponall">';
if (($action == 'editline' || $action == 'splitline') && GETPOST('lineid', 'int') == $task_time->rowid) {
print '<input type="hidden" name="lineid" value="'.GETPOST('lineid', 'int').'">';
print '<input type="submit" class="button buttongen margintoponlyshort marginbottomonlyshort button-save" name="save" value="'.$langs->trans("Save").'">';
print ' ';
print '<input type="submit" class="button buttongen margintoponlyshort marginbottomonlyshort button-cancel" name="cancel" value="'.$langs->trans("Cancel").'">';
} elseif ($user->hasRight('projet', 'time') || $user->hasRight('projet', 'all', 'creer')) { // Read project and enter time consumed on assigned tasks
if (in_array($task_time->fk_user, $childids) || $user->hasRight('projet', 'all', 'creer')) {
if (getDolGlobalString('MAIN_FEATURES_LEVEL') >= 2) {
print '&nbsp;';
print '<a class="reposition" href="'.$_SERVER["PHP_SELF"].'?action=splitline&token='.newToken().'&lineid='.$task_time->rowid.$param.((empty($id) || $tab == 'timespent') ? '&tab=timespent' : '').'">';
print img_split('', 'class="pictofixedwidth"');
print '</a>';
}
print '<a class="reposition editfielda" href="'.$_SERVER["PHP_SELF"].'?id='.$task_time->fk_task.'&action=editline&token='.newToken().'&lineid='.$task_time->rowid.$param.((empty($id) || $tab == 'timespent') ? '&tab=timespent' : '').'">';
print img_edit('default', 0, 'class="pictofixedwidth paddingleft"');
print '</a>';
print '<a class="reposition paddingleft" href="'.$_SERVER["PHP_SELF"].'?id='.$task_time->fk_task.'&action=deleteline&token='.newToken().'&lineid='.$task_time->rowid.$param.((empty($id) || $tab == 'timespent') ? '&tab=timespent' : '').'">';
print img_delete('default', 'class="pictodelete paddingleft"');
print '</a>';
if ($massactionbutton || $massaction) { // If we are in select mode (massactionbutton defined) or if we have already selected and sent an action ($massaction) defined
$selected = 0;
if (in_array($task_time->rowid, $arrayofselected)) {
$selected = 1;
}
print '&nbsp;';
print '<input id="cb'.$task_time->rowid.'" class="flat checkforselect marginleftonly" type="checkbox" name="toselect[]" value="'.$task_time->rowid.'"'.($selected ? ' checked="checked"' : '').'>';
}
}
}
}
// Date
if (!empty($arrayfields['t.task_date']['checked'])) {
print '<td class="nowrap">';
@ -2318,36 +2368,38 @@ if (($id > 0 || !empty($ref)) || $projectidforalltimes > 0 || $allprojectforuser
print $hookmanager->resPrint;
// Action column
print '<td class="center nowraponall">';
if (($action == 'editline' || $action == 'splitline') && GETPOST('lineid', 'int') == $task_time->rowid) {
print '<input type="hidden" name="lineid" value="'.GETPOST('lineid', 'int').'">';
print '<input type="submit" class="button buttongen margintoponlyshort marginbottomonlyshort button-save" name="save" value="'.$langs->trans("Save").'">';
print ' ';
print '<input type="submit" class="button buttongen margintoponlyshort marginbottomonlyshort button-cancel" name="cancel" value="'.$langs->trans("Cancel").'">';
} elseif ($user->hasRight('projet', 'time') || $user->hasRight('projet', 'all', 'creer')) { // Read project and enter time consumed on assigned tasks
if (in_array($task_time->fk_user, $childids) || $user->hasRight('projet', 'all', 'creer')) {
if (getDolGlobalString('MAIN_FEATURES_LEVEL') >= 2) {
print '&nbsp;';
print '<a class="reposition" href="'.$_SERVER["PHP_SELF"].'?action=splitline&token='.newToken().'&lineid='.$task_time->rowid.$param.((empty($id) || $tab == 'timespent') ? '&tab=timespent' : '').'">';
print img_split('', 'class="pictofixedwidth"');
print '</a>';
}
print '<a class="reposition editfielda" href="'.$_SERVER["PHP_SELF"].'?id='.$task_time->fk_task.'&action=editline&token='.newToken().'&lineid='.$task_time->rowid.$param.((empty($id) || $tab == 'timespent') ? '&tab=timespent' : '').'">';
print img_edit('default', 0, 'class="pictofixedwidth paddingleft"');
print '</a>';
print '<a class="reposition paddingleft" href="'.$_SERVER["PHP_SELF"].'?id='.$task_time->fk_task.'&action=deleteline&token='.newToken().'&lineid='.$task_time->rowid.$param.((empty($id) || $tab == 'timespent') ? '&tab=timespent' : '').'">';
print img_delete('default', 'class="pictodelete paddingleft"');
print '</a>';
if ($massactionbutton || $massaction) { // If we are in select mode (massactionbutton defined) or if we have already selected and sent an action ($massaction) defined
$selected = 0;
if (in_array($task_time->rowid, $arrayofselected)) {
$selected = 1;
if (!getDolGlobalString('MAIN_CHECKBOX_LEFT_COLUMN')) {
print '<td class="center nowraponall">';
if (($action == 'editline' || $action == 'splitline') && GETPOST('lineid', 'int') == $task_time->rowid) {
print '<input type="hidden" name="lineid" value="'.GETPOST('lineid', 'int').'">';
print '<input type="submit" class="button buttongen margintoponlyshort marginbottomonlyshort button-save" name="save" value="'.$langs->trans("Save").'">';
print ' ';
print '<input type="submit" class="button buttongen margintoponlyshort marginbottomonlyshort button-cancel" name="cancel" value="'.$langs->trans("Cancel").'">';
} elseif ($user->hasRight('projet', 'time') || $user->hasRight('projet', 'all', 'creer')) { // Read project and enter time consumed on assigned tasks
if (in_array($task_time->fk_user, $childids) || $user->hasRight('projet', 'all', 'creer')) {
if (getDolGlobalString('MAIN_FEATURES_LEVEL') >= 2) {
print '&nbsp;';
print '<a class="reposition" href="'.$_SERVER["PHP_SELF"].'?action=splitline&token='.newToken().'&lineid='.$task_time->rowid.$param.((empty($id) || $tab == 'timespent') ? '&tab=timespent' : '').'">';
print img_split('', 'class="pictofixedwidth"');
print '</a>';
}
print '<a class="reposition editfielda" href="'.$_SERVER["PHP_SELF"].'?id='.$task_time->fk_task.'&action=editline&token='.newToken().'&lineid='.$task_time->rowid.$param.((empty($id) || $tab == 'timespent') ? '&tab=timespent' : '').'">';
print img_edit('default', 0, 'class="pictofixedwidth paddingleft"');
print '</a>';
print '<a class="reposition paddingleft" href="'.$_SERVER["PHP_SELF"].'?id='.$task_time->fk_task.'&action=deleteline&token='.newToken().'&lineid='.$task_time->rowid.$param.((empty($id) || $tab == 'timespent') ? '&tab=timespent' : '').'">';
print img_delete('default', 'class="pictodelete paddingleft"');
print '</a>';
if ($massactionbutton || $massaction) { // If we are in select mode (massactionbutton defined) or if we have already selected and sent an action ($massaction) defined
$selected = 0;
if (in_array($task_time->rowid, $arrayofselected)) {
$selected = 1;
}
print '&nbsp;';
print '<input id="cb'.$task_time->rowid.'" class="flat checkforselect marginleftonly" type="checkbox" name="toselect[]" value="'.$task_time->rowid.'"'.($selected ? ' checked="checked"' : '').'>';
}
print '&nbsp;';
print '<input id="cb'.$task_time->rowid.'" class="flat checkforselect marginleftonly" type="checkbox" name="toselect[]" value="'.$task_time->rowid.'"'.($selected ? ' checked="checked"' : '').'>';
}
}
}

2
htdocs/public/payment/newpayment.php
View File

@ -2241,7 +2241,7 @@ if (preg_match('/^dopayment/', $action)) { // If we choosed/click on the payme
if (!empty($conf->global->STRIPE_USE_INTENT_WITH_AUTOMATIC_CONFIRMATION)) {
$noidempotency_key = (GETPOSTISSET('noidempotency') ? GETPOST('noidempotency', 'int') : 0); // By default noidempotency is unset, so we must use a different tag/ref for each payment. If set, we can pay several times the same tag/ref.
$paymentintent = $stripe->getPaymentIntent($amount, $currency, $tag, 'Stripe payment: '.$fulltag.(is_object($object) ? ' ref='.$object->ref : ''), $object, $stripecu, $stripeacc, $servicestatus, 0, 'automatic', false, null, 0, $noidempotency_key);
$paymentintent = $stripe->getPaymentIntent($amount, $currency, ($tag ? $tag : $fulltag), 'Stripe payment: '.$fulltag.(is_object($object) ? ' ref='.$object->ref : ''), $object, $stripecu, $stripeacc, $servicestatus, 0, 'automatic', false, null, 0, $noidempotency_key);
// The paymentintnent has status 'requires_payment_method' (even if paymentintent was already paid)
//var_dump($paymentintent);
if ($stripe->error) {

62
htdocs/resource/list.php
View File

@ -186,7 +186,7 @@ if ($action == 'delete_resource') {
}
$varpage = empty($contextpage) ? $_SERVER["PHP_SELF"] : $contextpage;
$selectedfields = $form->multiSelectArrayWithCheckbox('selectedfields', $arrayfields, $varpage);
$selectedfields = $form->multiSelectArrayWithCheckbox('selectedfields', $arrayfields, $varpage, getDolGlobalString('MAIN_CHECKBOX_LEFT_COLUMN'));
print '<form method="POST" id="searchFormList" action="'.$_SERVER["PHP_SELF"].'">';
@ -230,6 +230,13 @@ print '<div class="div-table-responsive">';
print '<table class="tagtable liste'.($moreforfilter ? " listwithfilterbefore" : "").'">'."\n";
print '<tr class="liste_titre_filter">';
// Action column
if (getDolGlobalString('MAIN_CHECKBOX_LEFT_COLUMN')) {
print '<td class="liste_titre maxwidthsearch">';
$searchpicto = $form->showFilterAndCheckAddButtons(0);
print $searchpicto;
print '</td>';
}
if (!empty($arrayfields['t.ref']['checked'])) {
print '<td class="liste_titre">';
print '<input type="text" class="flat" name="search_ref" value="'.$search_ref.'" size="6">';
@ -243,13 +250,19 @@ if (!empty($arrayfields['ty.label']['checked'])) {
// Extra fields
include DOL_DOCUMENT_ROOT.'/core/tpl/extrafields_list_search_input.tpl.php';
// Action column
print '<td class="liste_titre maxwidthsearch">';
$searchpicto = $form->showFilterAndCheckAddButtons(0);
print $searchpicto;
print '</td>';
if (!getDolGlobalString('MAIN_CHECKBOX_LEFT_COLUMN')) {
print '<td class="liste_titre maxwidthsearch">';
$searchpicto = $form->showFilterAndCheckAddButtons(0);
print $searchpicto;
print '</td>';
}
print "</tr>\n";
print '<tr class="liste_titre">';
// Action column
if (getDolGlobalString('MAIN_CHECKBOX_LEFT_COLUMN')) {
print_liste_field_titre($selectedfields, $_SERVER["PHP_SELF"], "", '', '', '', $sortfield, $sortorder, 'center maxwidthsearch ');
}
if (!empty($arrayfields['t.ref']['checked'])) {
print_liste_field_titre($arrayfields['t.ref']['label'], $_SERVER["PHP_SELF"], "t.ref", "", $param, "", $sortfield, $sortorder);
}
@ -258,7 +271,10 @@ if (!empty($arrayfields['ty.label']['checked'])) {
}
// Extra fields
include DOL_DOCUMENT_ROOT.'/core/tpl/extrafields_list_search_title.tpl.php';
print_liste_field_titre($selectedfields, $_SERVER["PHP_SELF"], "", '', '', '', $sortfield, $sortorder, 'center maxwidthsearch ');
// Action column
if (!getDolGlobalString('MAIN_CHECKBOX_LEFT_COLUMN')) {
print_liste_field_titre($selectedfields, $_SERVER["PHP_SELF"], "", '', '', '', $sortfield, $sortorder, 'center maxwidthsearch ');
}
print "</tr>\n";
@ -266,6 +282,19 @@ if ($ret) {
foreach ($object->lines as $resource) {
print '<tr class="oddeven">';
// Action column
if (getDolGlobalString('MAIN_CHECKBOX_LEFT_COLUMN')) {
print '<td class="center">';
print '<a class="editfielda" href="./card.php?action=edit&token='.newToken().'&id='.$resource->id.'">';
print img_edit();
print '</a>';
print '&nbsp;';
print '<a href="./card.php?action=delete&token='.newToken().'&id='.$resource->id.'">';
print img_delete('', 'class="marginleftonly"');
print '</a>';
print '</td>';
}
if (!empty($arrayfields['t.ref']['checked'])) {
print '<td>';
print $resource->getNomUrl(5);
@ -287,15 +316,18 @@ if ($ret) {
$obj = (Object) $resource->array_options;
include DOL_DOCUMENT_ROOT.'/core/tpl/extrafields_list_print_fields.tpl.php';
print '<td class="center">';
print '<a class="editfielda" href="./card.php?action=edit&token='.newToken().'&id='.$resource->id.'">';
print img_edit();
print '</a>';
print '&nbsp;';
print '<a href="./card.php?action=delete&token='.newToken().'&id='.$resource->id.'">';
print img_delete('', 'class="marginleftonly"');
print '</a>';
print '</td>';
// Action column
if (!getDolGlobalString('MAIN_CHECKBOX_LEFT_COLUMN')) {
print '<td class="center">';
print '<a class="editfielda" href="./card.php?action=edit&token='.newToken().'&id='.$resource->id.'">';
print img_edit();
print '</a>';
print '&nbsp;';
print '<a href="./card.php?action=delete&token='.newToken().'&id='.$resource->id.'">';
print img_delete('', 'class="marginleftonly"');
print '</a>';
print '</td>';
}
if (!$i) {
$totalarray['nbfield']++;
}

66
htdocs/salaries/list.php
View File

@ -399,7 +399,7 @@ $newcardbutton = dolGetButtonTitle($langs->trans('NewSalaryPayment'), '', 'fa fa
print_barre_liste($title, $page, $_SERVER["PHP_SELF"], $param, $sortfield, $sortorder, $massactionbutton, $num, $nbtotalofrecords, 'salary', 0, $newcardbutton, '', $limit, 0, 0, 1);
$varpage = empty($contextpage) ? $_SERVER["PHP_SELF"] : $contextpage;
//$selectedfields = $form->multiSelectArrayWithCheckbox('selectedfields', $arrayfields, $varpage); // This also change content of $arrayfields
//$selectedfields = $form->multiSelectArrayWithCheckbox('selectedfields', $arrayfields, $varpage, getDolGlobalString('MAIN_CHECKBOX_LEFT_COLUMN')); // This also change content of $arrayfields
$selectedfields = '';
$selectedfields .= (count($arrayofmassactions) ? $form->showCheckAddButtons('checkforselect', 1) : '');
@ -411,6 +411,13 @@ print '<table class="tagtable nobottomiftotal liste'.($moreforfilter ? " listwit
// Fields title search
// --------------------------------------------------------------------
print '<tr class="liste_titre_filter">';
// Action column
if (getDolGlobalString('MAIN_CHECKBOX_LEFT_COLUMN')) {
print '<td class="liste_titre maxwidthsearch">';
$searchpicto = $form->showFilterButtons('left');
print $searchpicto;
print '</td>';
}
// Ref
print '<td class="liste_titre left">';
print '<input class="flat width50" type="text" name="search_ref" value="'.$db->escape($search_ref).'">';
@ -472,16 +479,22 @@ $parameters = array('arrayfields'=>$arrayfields);
$reshook = $hookmanager->executeHooks('printFieldListOption', $parameters, $object); // Note that $action and $object may have been modified by hook
print $hookmanager->resPrint;
// Action column
print '<td class="liste_titre maxwidthsearch">';
$searchpicto = $form->showFilterButtons();
print $searchpicto;
print '</td>';
if (!getDolGlobalString('MAIN_CHECKBOX_LEFT_COLUMN')) {
print '<td class="liste_titre maxwidthsearch">';
$searchpicto = $form->showFilterButtons();
print $searchpicto;
print '</td>';
}
print '</tr>'."\n";
// Fields title label
// --------------------------------------------------------------------
print '<tr class="liste_titre">';
// Action column
if (getDolGlobalString('MAIN_CHECKBOX_LEFT_COLUMN')) {
print getTitleFieldOfList($selectedfields, 0, $_SERVER["PHP_SELF"], '', '', '', '', $sortfield, $sortorder, 'center maxwidthsearch ')."\n";
}
print_liste_field_titre("Ref", $_SERVER["PHP_SELF"], "s.rowid", "", $param, "", $sortfield, $sortorder);
print_liste_field_titre("Label", $_SERVER["PHP_SELF"], "s.label", "", $param, 'class="left"', $sortfield, $sortorder);
print_liste_field_titre("DateStart", $_SERVER["PHP_SELF"], "s.datesp,s.rowid", "", $param, 'align="center"', $sortfield, $sortorder);
@ -500,7 +513,9 @@ $parameters = array('arrayfields'=>$arrayfields, 'param'=>$param, 'sortfield'=>$
$reshook = $hookmanager->executeHooks('printFieldListTitle', $parameters, $object); // Note that $action and $object may have been modified by hook
print $hookmanager->resPrint;
// Action column
print getTitleFieldOfList($selectedfields, 0, $_SERVER["PHP_SELF"], '', '', '', '', $sortfield, $sortorder, 'center maxwidthsearch ')."\n";
if (!getDolGlobalString('MAIN_CHECKBOX_LEFT_COLUMN')) {
print getTitleFieldOfList($selectedfields, 0, $_SERVER["PHP_SELF"], '', '', '', '', $sortfield, $sortorder, 'center maxwidthsearch ')."\n";
}
print '</tr>'."\n";
@ -567,6 +582,22 @@ while ($i < ($limit ? min($num, $limit) : $num)) {
// Show here line of result
print '<tr class="oddeven">';
// Action column
if (getDolGlobalString('MAIN_CHECKBOX_LEFT_COLUMN')) {
print '<td class="nowrap center">';
if ($massactionbutton || $massaction) { // If we are in select mode (massactionbutton defined) or if we have already selected and sent an action ($massaction) defined
$selected = 0;
if (in_array($object->id, $arrayofselected)) {
$selected = 1;
}
print '<input id="cb'.$object->id.'" class="flat checkforselect" type="checkbox" name="toselect[]" value="'.$object->id.'"'.($selected ? ' checked="checked"' : '').'>';
}
print '</td>';
if (!$i) {
$totalarray['nbfield']++;
}
}
// Ref
print "<td>".$salstatic->getNomUrl(1)."</td>\n";
if (!$i) {
@ -661,19 +692,20 @@ while ($i < ($limit ? min($num, $limit) : $num)) {
$reshook = $hookmanager->executeHooks('printFieldListValue', $parameters, $object); // Note that $action and $object may have been modified by hook
print $hookmanager->resPrint;
// Action column
print '<td class="nowrap center">';
if ($massactionbutton || $massaction) { // If we are in select mode (massactionbutton defined) or if we have already selected and sent an action ($massaction) defined
$selected = 0;
if (in_array($object->id, $arrayofselected)) {
$selected = 1;
if (!getDolGlobalString('MAIN_CHECKBOX_LEFT_COLUMN')) {
print '<td class="nowrap center">';
if ($massactionbutton || $massaction) { // If we are in select mode (massactionbutton defined) or if we have already selected and sent an action ($massaction) defined
$selected = 0;
if (in_array($object->id, $arrayofselected)) {
$selected = 1;
}
print '<input id="cb'.$object->id.'" class="flat checkforselect" type="checkbox" name="toselect[]" value="'.$object->id.'"'.($selected ? ' checked="checked"' : '').'>';
}
print '</td>';
if (!$i) {
$totalarray['nbfield']++;
}
print '<input id="cb'.$object->id.'" class="flat checkforselect" type="checkbox" name="toselect[]" value="'.$object->id.'"'.($selected ? ' checked="checked"' : '').'>';
}
print '</td>';
if (!$i) {
$totalarray['nbfield']++;
}
print '</tr>'."\n";
}
$i++;

4
htdocs/societe/class/societe.class.php
View File

@ -212,8 +212,8 @@ class Societe extends CommonObject
'tva_intra' =>array('type'=>'varchar(20)', 'label'=>'Tva intra', 'enabled'=>1, 'visible'=>-1, 'position'=>210),
'capital' =>array('type'=>'double(24,8)', 'label'=>'Capital', 'enabled'=>1, 'visible'=>-1, 'position'=>215),
'fk_stcomm' =>array('type'=>'integer', 'label'=>'CommercialStatus', 'enabled'=>1, 'visible'=>-1, 'notnull'=>1, 'position'=>220),
'note_public' =>array('type'=>'text', 'label'=>'NotePublic', 'enabled'=>1, 'visible'=>0, 'position'=>225),
'note_private' =>array('type'=>'text', 'label'=>'NotePrivate', 'enabled'=>1, 'visible'=>0, 'position'=>230),
'note_public' =>array('type'=>'html', 'label'=>'NotePublic', 'enabled'=>1, 'visible'=>0, 'position'=>225),
'note_private' =>array('type'=>'html', 'label'=>'NotePrivate', 'enabled'=>1, 'visible'=>0, 'position'=>230),
'prefix_comm' =>array('type'=>'varchar(5)', 'label'=>'Prefix comm', 'enabled'=>"getDolGlobalInt('SOCIETE_USEPREFIX')", 'visible'=>-1, 'position'=>235),
'client' =>array('type'=>'tinyint(4)', 'label'=>'Client', 'enabled'=>1, 'visible'=>-1, 'position'=>240),
'fournisseur' =>array('type'=>'tinyint(4)', 'label'=>'Fournisseur', 'enabled'=>1, 'visible'=>-1, 'position'=>245),

4
htdocs/societe/class/societeaccount.class.php
View File

@ -90,8 +90,8 @@ class SocieteAccount extends CommonObject
'key_account' => array('type'=>'varchar(128)', 'label'=>'KeyAccount', 'visible'=>0, 'enabled'=>1, 'position'=>48, 'notnull'=>0, 'index'=>1, 'searchall'=>1, 'comment'=>'The id of third party in the external web site (for site_account if site_account defined)',),
'date_last_login' => array('type'=>'datetime', 'label'=>'LastConnexion', 'visible'=>2, 'enabled'=>1, 'position'=>50, 'notnull'=>0,),
'date_previous_login' => array('type'=>'datetime', 'label'=>'PreviousConnexion', 'visible'=>2, 'enabled'=>1, 'position'=>51, 'notnull'=>0,),
//'note_public' => array('type'=>'text', 'label'=>'NotePublic', 'visible'=>-1, 'enabled'=>1, 'position'=>45, 'notnull'=>-1,),
'note_private' => array('type'=>'text', 'label'=>'NotePrivate', 'visible'=>-1, 'enabled'=>1, 'position'=>46, 'notnull'=>-1,),
//'note_public' => array('type'=>'html', 'label'=>'NotePublic', 'visible'=>-1, 'enabled'=>1, 'position'=>45, 'notnull'=>-1,),
'note_private' => array('type'=>'html', 'label'=>'NotePrivate', 'visible'=>-1, 'enabled'=>1, 'position'=>46, 'notnull'=>-1,),
'date_creation' => array('type'=>'datetime', 'label'=>'DateCreation', 'visible'=>-2, 'enabled'=>1, 'position'=>500, 'notnull'=>1,),
'tms' => array('type'=>'timestamp', 'label'=>'DateModification', 'visible'=>-2, 'enabled'=>1, 'position'=>500, 'notnull'=>1,),
'fk_user_creat' => array('type'=>'integer', 'label'=>'UserAuthor', 'visible'=>-2, 'enabled'=>1, 'position'=>500, 'notnull'=>1,),

35
htdocs/societe/paymentmodes.php
View File

@ -101,6 +101,7 @@ if (isModEnabled('stripe')) {
$stripecu = $stripe->getStripeCustomerAccount($object->id, $servicestatus, $site_account); // Get remote Stripe customer 'cus_...' (no remote access to Stripe here)
}
$error = 0;
/*
@ -128,7 +129,7 @@ if (empty($reshook)) {
}
if ($action == 'update') {
// Modification
// Update the bank account
if (!GETPOST('label', 'alpha') || !GETPOST('bank', 'alpha')) {
if (!GETPOST('label', 'alpha')) {
setEventMessages($langs->trans("ErrorFieldRequired", $langs->transnoentitiesnoconv("Label")), null, 'errors');
@ -154,6 +155,8 @@ if (empty($reshook)) {
}
if (!$error) {
$companybankaccount->old = dol_clone($companybankaccount);
$companybankaccount->socid = $object->id;
$companybankaccount->bank = GETPOST('bank', 'alpha');
@ -193,6 +196,12 @@ if (empty($reshook)) {
$companybankaccount->setAsDefault($id); // This will make sure there is only one default rib
}
if ($companypaymentmode->old->stripe_card_ref != $companypaymentmode->stripe_card_ref) {
if ($companybankaccount->old->iban != $companybankaccount->iban) {
// TODO If we modified the iban, we must also update the pm_ on Stripe side, or break the link completely ?
}
}
$url = $_SERVER["PHP_SELF"].'?socid='.$object->id;
header('Location: '.$url);
exit;
@ -201,7 +210,7 @@ if (empty($reshook)) {
}
if ($action == 'updatecard') {
// Modification
// Update credit card
if (!GETPOST('label', 'alpha') || !GETPOST('proprio', 'alpha') || !GETPOST('exp_date_month', 'alpha') || !GETPOST('exp_date_year', 'alpha')) {
if (!GETPOST('label', 'alpha')) {
setEventMessages($langs->trans("ErrorFieldRequired", $langs->transnoentitiesnoconv("Label")), null, 'errors');
@ -220,6 +229,8 @@ if (empty($reshook)) {
$companypaymentmode->fetch($id);
if (!$error) {
$companybankaccount->old = dol_clone($companybankaccount);
$companypaymentmode->fk_soc = $object->id;
$companypaymentmode->bank = GETPOST('bank', 'alpha');
@ -247,6 +258,12 @@ if (empty($reshook)) {
$companypaymentmode->setAsDefault($id); // This will make sure there is only one default rib
}
if ($companypaymentmode->old->stripe_card_ref != $companypaymentmode->stripe_card_ref) {
if ($companybankaccount->old->number != $companybankaccount->number) {
// TODO If we modified the card, we must also update the pm_ on Stripe side, or break the link completely ?
}
}
$url = $_SERVER["PHP_SELF"].'?socid='.$object->id;
header('Location: '.$url);
exit;
@ -254,6 +271,7 @@ if (empty($reshook)) {
}
}
// Add bank account
if ($action == 'add') {
$error = 0;
@ -346,6 +364,7 @@ if (empty($reshook)) {
}
}
// Add credit card
if ($action == 'addcard') {
$error = 0;
@ -426,6 +445,7 @@ if (empty($reshook)) {
}
if ($action == 'confirm_deletecard' && GETPOST('confirm', 'alpha') == 'yes') {
// Delete the credi card
$companypaymentmode = new CompanyPaymentMode($db);
if ($companypaymentmode->fetch($ribid ? $ribid : $id)) {
// TODO This is currently done at bottom of page instead of asking confirm
@ -452,6 +472,7 @@ if (empty($reshook)) {
}
}
if ($action == 'confirm_delete' && GETPOST('confirm', 'alpha') == 'yes') {
// Delete the bank account
$companybankaccount = new CompanyBankAccount($db);
if ($companybankaccount->fetch($ribid ? $ribid : $id)) {
// TODO This is currently done at bottom of page instead of asking confirm
@ -516,6 +537,7 @@ if (empty($reshook)) {
}
}
if ($action == 'synccardtostripe') {
// Create the credit card on Stripe
$companypaymentmode = new CompanyPaymentMode($db);
$companypaymentmode->fetch($id);
@ -543,6 +565,7 @@ if (empty($reshook)) {
}
}
if ($action == 'syncsepatostripe') {
// Create the bank account on Stripe side
$companypaymentmode = new CompanyPaymentMode($db); // Get record in llx_societe_rib
$companypaymentmode->fetch($id);
@ -702,6 +725,7 @@ if (empty($reshook)) {
setEventMessages($e->getMessage(), null, 'errors');
}
} elseif ($action == 'deletecard' && $source) {
// Delete the credit card on Stripe side
try {
if (preg_match('/pm_/', $source)) {
$payment_method = \Stripe\PaymentMethod::retrieve($source, array("stripe_account" => $stripeacc));
@ -733,6 +757,7 @@ if (empty($reshook)) {
setEventMessages($e->getMessage(), null, 'errors');
}
} elseif ($action == 'delete' && $source) {
// Delete the bank account on Stripe side
try {
if (preg_match('/pm_/', $source)) {
$payment_method = \Stripe\PaymentMethod::retrieve($source, array("stripe_account" => $stripeacc));
@ -1434,7 +1459,7 @@ if ($socid && $action != 'edit' && $action != 'create' && $action != 'editcard'
print '<tr class="oddeven">';
// Label
print '<td>'.dol_escape_htmltag($rib->label).'</td>';
print '<td class="tdoverflowmax150" title="'.dol_escape_htmltag($rib->label).'">'.dol_escape_htmltag($rib->label).'</td>';
// Stripe ID
print '<td class="tdoverflowmax150">';
if ($rib->stripe_card_ref) {
@ -1905,7 +1930,7 @@ if ($socid && $action == 'edit' && $permissiontoaddupdatepaymentinformation) {
print $form->selectarray("frstrecur", $tblArraychoice, dol_escape_htmltag(GETPOST('frstrecur', 'alpha') ?GETPOST('frstrecur', 'alpha') : $companybankaccount->frstrecur), 0);
print '</td></tr>';
print '<tr><td>'.$langs->trans("StripeID")." ('src_....')</td>";
print '<tr><td>'.$langs->trans("StripeID")." ('pm_...' or 'src_...')</td>";
print '<td><input class="minwidth300" type="text" name="stripe_card_ref" value="'.$companypaymentmode->stripe_card_ref.'"></td></tr>';
print '</table>';
@ -1952,7 +1977,7 @@ if ($socid && $action == 'editcard' && $permissiontoaddupdatepaymentinformation)
print '<tr><td>'.$langs->trans("CVN").'</td>';
print '<td><input size="8" type="text" name="cvn" value="'.$companypaymentmode->cvn.'"></td></tr>';
print '<tr><td>'.$langs->trans("StripeID")." ('card_....')</td>";
print '<tr><td>'.$langs->trans("StripeID")." ('pm_... ir card_....')</td>";
print '<td><input class="minwidth300" type="text" name="stripe_card_ref" value="'.$companypaymentmode->stripe_card_ref.'"></td></tr>';
print '</table>';

56
htdocs/stripe/class/stripe.class.php
View File

@ -465,12 +465,14 @@ class Stripe extends CommonObject
"currency" => $currency_code,
"payment_method_types" => $paymentmethodtypes,
"description" => $description,
"statement_descriptor_suffix" => $descriptor, // For card payment, 22 chars that appears on bank receipt (prefix into stripe setup + this suffix)
"statement_descriptor" => $descriptor, // For SEPA, it will take only statement_descriptor, not statement_descriptor_suffix
//"save_payment_method" => true,
"setup_future_usage" => "on_session",
"metadata" => $metadata
);
if ($descriptor) {
$dataforintent["statement_descriptor_suffix"] = $descriptor; // For card payment, 22 chars that appears on bank receipt (prefix into stripe setup + this suffix)
$dataforintent["statement_descriptor"] = $descriptor; // For SEPA, it will take only statement_descriptor, not statement_descriptor_suffix
}
if (!is_null($customer)) {
$dataforintent["customer"] = $customer;
}
@ -920,7 +922,7 @@ class Stripe extends CommonObject
global $conf, $user, $langs;
$sepa = null;
$sql = "SELECT sa.stripe_card_ref, sa.proprio, sa.iban_prefix, sa.rum"; // stripe_card_ref is 'src_...' for Stripe SEPA
$sql = "SELECT sa.stripe_card_ref, sa.proprio, sa.iban_prefix as iban, sa.rum"; // stripe_card_ref is 'src_...' for Stripe SEPA
$sql .= " FROM ".MAIN_DB_PREFIX."societe_rib as sa";
$sql .= " WHERE sa.rowid = ".((int) $object->id); // We get record from ID, no need for filter on entity
$sql .= " AND sa.type = 'ban'"; //type ban to get normal bank account of customer (prelevement)
@ -958,40 +960,41 @@ class Stripe extends CommonObject
dol_syslog($this->error, LOG_WARNING);
}
} elseif ($createifnotlinkedtostripe) {
$iban = $obj->iban_prefix; //prefix ?
$iban = $obj->iban;
$ipaddress = getUserRemoteIP();
$metadata = array('dol_version'=>DOL_VERSION, 'dol_entity'=>$conf->entity, 'ipaddress'=>$ipaddress);
if (is_object($object)) {
$metadata['dol_type'] = $object->element;
$metadata['dol_id'] = $object->id;
$metadata['dol_thirdparty_id'] = $soc->id;
}
$description = 'SEPA for IBAN '.$iban;
$dataforcard = array(
'type'=>'sepa_debit',
"sepa_debit" => array('iban' => $iban),
'currency' => strtolower($conf->currency),
'usage' => 'reusable',
'owner' => array(
'billing_details' => array(
'name' => $soc->name,
'email' => !empty($soc->email) ? $soc->email : "",
),
"metadata" => array(
'dol_type'=>$object->element,
'dol_id'=>$object->id,
'dol_version'=>DOL_VERSION,
'dol_entity'=>$conf->entity,
'ipaddress'=>$ipaddress
)
"metadata" => $metadata
);
// Complete owner name
if (!empty($soc->town)) {
$dataforcard['owner']['address']['city']=$soc->town;
$dataforcard['billing_details']['address']['city']=$soc->town;
}
if (!empty($soc->country_code)) {
$dataforcard['owner']['address']['country']=$soc->country_code;
$dataforcard['billing_details']['address']['country']=$soc->country_code;
}
if (!empty($soc->address)) {
$dataforcard['owner']['address']['line1']=$soc->address;
$dataforcard['billing_details']['address']['line1']=$soc->address;
}
if (!empty($soc->zip)) {
$dataforcard['owner']['address']['postal_code']=$soc->zip;
$dataforcard['billing_details']['address']['postal_code']=$soc->zip;
}
if (!empty($soc->state)) {
$dataforcard['owner']['address']['state']=$soc->state;
$dataforcard['billing_details']['address']['state']=$soc->state;
}
//$a = \Stripe\Stripe::getApiKey();
@ -1012,15 +1015,17 @@ class Stripe extends CommonObject
dol_syslog("Try to create sepa_debit with data = ".json_encode($dataforcard));
$s = new \Stripe\StripeClient($stripeacc);
// TODO LMR Deprecated with the new Stripe API and SCA.
// TODO LMR Replace ->create() and ->createSource() and replace with ->getSetupIntent() to then, get the Payment mode with $payment_method = \Stripe\PaymentMethod::retrieve($setupintent->payment_method); ?
$sepa = $s->sources->create($dataforcard);
//var_dump($dataforcard);exit;
$sepa = $s->paymentMethods->create($dataforcard);
if (!$sepa) {
$this->error = 'Creation of sepa_debit on Stripe has failed';
$this->error = 'Creation of payment method sepa_debit on Stripe has failed';
} else {
// link customer and src
$cs = $cu->createSource($cu->id, array('source' => $sepa->id));
//$cs = $this->getSetupIntent($description, $soc, $cu, '', $status);
$dataforintent = array(['description'=> $description, 'payment_method_types' => ['sepa_debit'], 'customer' => $cu->id, 'payment_method' => $sepa->id], 'metadata'=>$metadata);
$cs = $s->setupIntents->create($dataforintent);
//$cs = $s->setupIntents->update($cs->id, ['payment_method' => $sepa->id]);
$cs = $s->setupIntents->confirm($cs->id, ['mandate_data' => ['customer_acceptance' => ['type' => 'offline']]]);
if (!$cs) {
$this->error = 'Link SEPA <-> Customer failed';
} else {
@ -1040,6 +1045,7 @@ class Stripe extends CommonObject
}
}
} catch (Exception $e) {
$sepa = null;
$this->error = $e->getMessage();
dol_syslog($this->error, LOG_WARNING);
}

BIN
htdocs/theme/common/flags/xk.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 371 B

3
htdocs/theme/eldy/global.inc.php
View File

@ -304,9 +304,8 @@ section.setupsection {
div.tabBar textarea:focus {
border: 1px solid #aaa !important;
}
input:focus:not(.button):not(.buttonwebsite):not(.select2-search__field):not(#top-bookmark-search-input):not(.search_component_input):not(.input-search-takepos),
input:focus:not(.button):not(.buttonwebsite):not(.buttonreset):not(.select2-search__field):not(#top-bookmark-search-input):not(.search_component_input):not(.input-search-takepos),
select:focus, .select2-container--open [aria-expanded="false"].select2-selection--single {
/* div.tabBar input:focus, div.tabBar select:focus { */
border-bottom: 1px solid #666 !important;
border-bottom-left-radius: 0 !important;
border-bottom-right-radius: 0 !important;

2
htdocs/ticket/class/ticket.class.php
View File

@ -290,7 +290,7 @@ class Ticket extends CommonObject
'fk_user_assign' => array('type'=>'integer:User:user/class/user.class.php', 'label'=>'AssignedTo', 'visible'=>1, 'enabled'=>1, 'position'=>505, 'notnull'=>1, 'csslist'=>'tdoverflowmax100 maxwidth150onsmartphone'),
'date_close' => array('type'=>'datetime', 'label'=>'TicketCloseOn', 'visible'=>-1, 'enabled'=>1, 'position'=>510, 'notnull'=>1),
'tms' => array('type'=>'timestamp', 'label'=>'DateModification', 'visible'=>-1, 'enabled'=>1, 'position'=>520, 'notnull'=>1),
'message' => array('type'=>'text', 'label'=>'Message', 'visible'=>-2, 'enabled'=>1, 'position'=>540, 'notnull'=>-1,),
'message' => array('type'=>'html', 'label'=>'Message', 'visible'=>-2, 'enabled'=>1, 'position'=>540, 'notnull'=>-1,),
'email_msgid' => array('type'=>'varchar(255)', 'label'=>'EmailMsgID', 'visible'=>-2, 'enabled'=>1, 'position'=>540, 'notnull'=>-1, 'help'=>'EmailMsgIDDesc', 'csslist'=>'tdoverflowmax100'),
'email_date' => array('type'=>'datetime', 'label'=>'EmailDate', 'visible'=>-2, 'enabled'=>1, 'position'=>541),
'progress' => array('type'=>'integer', 'label'=>'Progression', 'visible'=>-1, 'enabled'=>1, 'position'=>540, 'notnull'=>-1, 'css'=>'right', 'help'=>"", 'isameasure'=>2, 'csslist'=>'width50'),

4
htdocs/user/class/user.class.php
View File

@ -1190,6 +1190,7 @@ class User extends CommonObject
$sql .= " ".$this->db->prefix()."usergroup_user as gu,";
$sql .= " ".$this->db->prefix()."rights_def as r";
$sql .= " WHERE r.id = gr.fk_id";
// A very strange business rules. Must be same than into user->getrights() user/perms.php and user/group/perms.php
if (!empty($conf->global->MULTICOMPANY_BACKWARD_COMPATIBILITY)) {
if (isModEnabled('multicompany') && !empty($conf->global->MULTICOMPANY_TRANSVERSE_MODE)) {
$sql .= " AND gu.entity IN (0,".$conf->entity.")";
@ -1198,12 +1199,13 @@ class User extends CommonObject
}
} else {
$sql .= " AND gr.entity = ".((int) $conf->entity); // Only groups created in current entity
// The entity on the table usergroup_user should be useless and shoumd never be used because it is alreay into gr and r.
// The entity on the table usergroup_user should be useless and should never be used because it is alreay into gr and r.
// but when using MULTICOMPANY_TRANSVERSE_MODE, we may insert record that make rubbish result due to duplicate record of
// other entities, so we are forced to add a filter here
$sql .= " AND gu.entity IN (0,".$conf->entity.")";
$sql .= " AND r.entity = ".((int) $conf->entity); // Only permission of modules enabled in current entity
}
// End of strange business rule
$sql .= " AND gr.fk_usergroup = gu.fk_usergroup";
$sql .= " AND gu.fk_user = ".((int) $this->id);
$sql .= " AND r.perms IS NOT NULL";

38
htdocs/user/perms.php
View File

@ -216,13 +216,29 @@ if ($result) {
dol_print_error($db);
}
// Lecture des droits groupes
// Read the permissions of a user inherited by its groups
$permsgroupbyentity = array();
$sql = "SELECT DISTINCT gr.fk_id, gu.entity";
$sql = "SELECT DISTINCT gr.fk_id, gu.entity"; // fk_id are permission id and entity is entity of the group
$sql .= " FROM ".MAIN_DB_PREFIX."usergroup_rights as gr,";
$sql .= " ".MAIN_DB_PREFIX."usergroup_user as gu";
$sql .= " WHERE gr.entity = ".((int) $entity);
$sql .= " ".MAIN_DB_PREFIX."usergroup_user as gu"; // all groups of a user
$sql .= " WHERE 1 = 1";
// A very strange business rules. Must be same than into user->getrights() user/perms.php and user/group/perms.php
if (!empty($conf->global->MULTICOMPANY_BACKWARD_COMPATIBILITY)) {
if (isModEnabled('multicompany') && !empty($conf->global->MULTICOMPANY_TRANSVERSE_MODE)) {
$sql .= " AND gu.entity IN (0,".$conf->entity.")";
} else {
//$sql .= " AND r.entity = ".((int) $conf->entity);
}
} else {
$sql .= " AND gr.entity = ".((int) $conf->entity); // Only groups created in current entity
// The entity on the table usergroup_user should be useless and should never be used because it is alreay into gr and r.
// but when using MULTICOMPANY_TRANSVERSE_MODE, we may insert record that make rubbish result due to duplicate record of
// other entities, so we are forced to add a filter here
$sql .= " AND gu.entity IN (0,".$conf->entity.")";
//$sql .= " AND r.entity = ".((int) $conf->entity); // Only permission of modules enabled in current entity
}
// End of strange business rule
$sql .= " AND gr.fk_usergroup = gu.fk_usergroup";
$sql .= " AND gu.fk_user = ".((int) $object->id);
@ -245,6 +261,7 @@ if ($result) {
}
/*
* Part to add/remove permissions
*/
@ -499,6 +516,15 @@ if ($result) {
$isexpanded = ! $ishidden;
//var_dump("isexpanded=".$isexpanded);
$permsgroupbyentitypluszero = array();
if (!empty($permsgroupbyentity[0])) {
$permsgroupbyentitypluszero = array_merge($permsgroupbyentitypluszero, $permsgroupbyentity[0]);
}
if (!empty($permsgroupbyentity[$entity])) {
$permsgroupbyentitypluszero = array_merge($permsgroupbyentitypluszero, $permsgroupbyentity[$entity]);
}
//var_dump($permsgroupbyentitypluszero);
// Break found, it's a new module to catch
if (isset($obj->module) && ($oldmod <> $obj->module)) {
$oldmod = $obj->module;
@ -606,8 +632,8 @@ if ($result) {
//print img_picto($langs->trans("Active"), 'tick');
}
print '</td>';
} elseif (isset($permsgroupbyentity[$entity]) && is_array($permsgroupbyentity[$entity])) {
if (in_array($obj->id, $permsgroupbyentity[$entity])) { // Permission granted by group
} elseif (isset($permsgroupbyentitypluszero) && is_array($permsgroupbyentitypluszero)) {
if (in_array($obj->id, $permsgroupbyentitypluszero)) { // Permission granted by group
if ($caneditperms) {
print '<td class="center">';
print $form->textwithtooltip($langs->trans("Inherited"), $langs->trans("PermissionInheritedFromAGroup"));

Some files were not shown because too many files have changed in this diff Show More