From 85aa9f7481ecba95bbedcf9eb0d66253a4deb7a9 Mon Sep 17 00:00:00 2001 From: Florian HENRY Date: Wed, 16 Nov 2022 09:32:14 +0100 Subject: [PATCH 01/24] FIX: base64_decode shloud be forbiden in dol_eval --- htdocs/core/lib/functions.lib.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/core/lib/functions.lib.php b/htdocs/core/lib/functions.lib.php index 479b8b30977..9f63a420430 100644 --- a/htdocs/core/lib/functions.lib.php +++ b/htdocs/core/lib/functions.lib.php @@ -8133,7 +8133,7 @@ function dol_eval($s, $returnvalue = 0, $hideerrors = 1) } // We block using of php exec or php file functions - $forbiddenphpstrings = array("exec(", "passthru(", "shell_exec(", "system(", "proc_open(", "popen(", "eval(", "dol_eval(", "executeCLI("); + $forbiddenphpstrings = array("exec(", "passthru(", "shell_exec(", "system(", "proc_open(", "popen(", "eval(", "dol_eval(", "executeCLI(", "base64_decode("); $forbiddenphpstrings = array_merge($forbiddenphpstrings, array("fopen(", "file_put_contents(", "fputs(", "fputscsv(", "fwrite(", "fpassthru(", "unlink(", "mkdir(", "rmdir(", "symlink(", "touch(", "umask(")); $forbiddenphpstrings = array_merge($forbiddenphpstrings, array('function(', '$$', 'call_user_func(')); $forbiddenphpstrings = array_merge($forbiddenphpstrings, array('_ENV', '_SESSION', '_COOKIE', '_GET', '_POST', '_REQUEST')); From c034c1bb3359fa3a2ed8032b8046e98503edde8e Mon Sep 17 00:00:00 2001 From: Francis Appels Date: Thu, 17 Nov 2022 10:51:49 +0100 Subject: [PATCH 02/24] Make new method for fast scanlist optional (for the moment). --- htdocs/product/list.php | 28 +++++++++++++++------------- 1 file changed, 15 insertions(+), 13 deletions(-) diff --git a/htdocs/product/list.php b/htdocs/product/list.php index e637e478df4..ae7be5009e1 100644 --- a/htdocs/product/list.php +++ b/htdocs/product/list.php @@ -594,20 +594,22 @@ $sql .= $hookmanager->resPrint; //if (GETPOST("toolowstock")) $sql.= " HAVING SUM(s.reel) < p.seuil_stock_alerte"; // Not used yet $nbtotalofrecords = ''; -if (empty($conf->global->MAIN_DISABLE_FULL_SCANLIST)) { - /* $result = $db->query($sql); - $nbtotalofrecords = $db->num_rows($result); - */ - /* The fast and low memory method to get and count full list converts the sql into a sql count */ - $sqlforcount = preg_replace('/^SELECT[a-zA-Z0-9\._\s\(\),=<>\:\-\']+\sFROM/Ui', 'SELECT COUNT(*) as nbtotalofrecords FROM', $sql); - $sqlforcount = preg_replace('/'.preg_quote($linktopfp, '/').'/', '', $sqlforcount); - $sqlforcount = preg_replace('/GROUP BY .*$/', '', $sqlforcount); - $resql = $db->query($sqlforcount); - if ($resql) { - $objforcount = $db->fetch_object($resql); - $nbtotalofrecords = $objforcount->nbtotalofrecords; +if (!getDolGlobalInt('MAIN_DISABLE_FULL_SCANLIST')) { + if (!getDolGlobalInt('MAIN_ENABLE_FAST_SCANLIST')) { + $result = $db->query($sql); + $nbtotalofrecords = $db->num_rows($result); } else { - dol_print_error($db); + /* Experimental: The fast and low memory method to get and count full list converts the sql into a sql count */ + $sqlforcount = preg_replace('/^SELECT[a-zA-Z0-9\._\s\(\),=<>\:\-\']+\sFROM/Ui', 'SELECT COUNT(*) as nbtotalofrecords FROM', $sql); + $sqlforcount = preg_replace('/'.preg_quote($linktopfp, '/').'/', '', $sqlforcount); + $sqlforcount = preg_replace('/GROUP BY .*$/', '', $sqlforcount); + $resql = $db->query($sqlforcount); + if ($resql) { + $objforcount = $db->fetch_object($resql); + $nbtotalofrecords = $objforcount->nbtotalofrecords; + } else { + dol_print_error($db); + } } if (($page * $limit) > $nbtotalofrecords) { // if total resultset is smaller then paging size (filtering), goto and load page 0 From da1bba6907b3eceb7dd50534c357b7930448fe7c Mon Sep 17 00:00:00 2001 From: Francis Appels Date: Thu, 17 Nov 2022 11:08:46 +0100 Subject: [PATCH 03/24] Use MAIN_FEATURES_LEVEL develop --- htdocs/product/list.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/htdocs/product/list.php b/htdocs/product/list.php index ae7be5009e1..a77de6b5f27 100644 --- a/htdocs/product/list.php +++ b/htdocs/product/list.php @@ -595,11 +595,11 @@ $sql .= $hookmanager->resPrint; $nbtotalofrecords = ''; if (!getDolGlobalInt('MAIN_DISABLE_FULL_SCANLIST')) { - if (!getDolGlobalInt('MAIN_ENABLE_FAST_SCANLIST')) { + if (getDolGlobalInt('MAIN_FEATURES_LEVEL') < 2) { $result = $db->query($sql); $nbtotalofrecords = $db->num_rows($result); } else { - /* Experimental: The fast and low memory method to get and count full list converts the sql into a sql count */ + /* Develop: The fast and low memory method to get and count full list converts the sql into a sql count */ $sqlforcount = preg_replace('/^SELECT[a-zA-Z0-9\._\s\(\),=<>\:\-\']+\sFROM/Ui', 'SELECT COUNT(*) as nbtotalofrecords FROM', $sql); $sqlforcount = preg_replace('/'.preg_quote($linktopfp, '/').'/', '', $sqlforcount); $sqlforcount = preg_replace('/GROUP BY .*$/', '', $sqlforcount); From bcb4919aa8819ba4f9d33ef204e795b8252e0d86 Mon Sep 17 00:00:00 2001 From: root Date: Thu, 17 Nov 2022 17:40:14 +0530 Subject: [PATCH 04/24] BUG FIXED #22883 --- htdocs/compta/resultat/clientfourn.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/compta/resultat/clientfourn.php b/htdocs/compta/resultat/clientfourn.php index f4babff9572..1aefd6cf71a 100644 --- a/htdocs/compta/resultat/clientfourn.php +++ b/htdocs/compta/resultat/clientfourn.php @@ -301,7 +301,7 @@ if ($modecompta == 'BOOKKEEPING') { if (!empty($date_start) && !empty($date_end)) { $sql .= " AND f.doc_date >= '".$db->idate($date_start)."' AND f.doc_date <= '".$db->idate($date_end)."'"; } - $sql .= " GROUP BY pcg_type DESC"; + $sql .= " GROUP BY pcg_type ORDER BY pcg_type DESC"; if ($showaccountdetail == 'no') { $sql .= ", name, socid"; // group by "accounting group" (INCOME/EXPENSE), then "customer". } From 435b82bbc8d8a4700fd662335bbad559a7d964a0 Mon Sep 17 00:00:00 2001 From: root Date: Fri, 18 Nov 2022 19:03:39 +0530 Subject: [PATCH 05/24] #22883 --- htdocs/compta/resultat/clientfourn.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/compta/resultat/clientfourn.php b/htdocs/compta/resultat/clientfourn.php index 1aefd6cf71a..57d3afe5552 100644 --- a/htdocs/compta/resultat/clientfourn.php +++ b/htdocs/compta/resultat/clientfourn.php @@ -301,7 +301,7 @@ if ($modecompta == 'BOOKKEEPING') { if (!empty($date_start) && !empty($date_end)) { $sql .= " AND f.doc_date >= '".$db->idate($date_start)."' AND f.doc_date <= '".$db->idate($date_end)."'"; } - $sql .= " GROUP BY pcg_type ORDER BY pcg_type DESC"; + $sql .= " GROUP BY pcg_type"; if ($showaccountdetail == 'no') { $sql .= ", name, socid"; // group by "accounting group" (INCOME/EXPENSE), then "customer". } From c3b28bec853c9e550b17bfe0678b26ceb12c1b6f Mon Sep 17 00:00:00 2001 From: Francis Appels Date: Fri, 18 Nov 2022 16:01:43 +0100 Subject: [PATCH 06/24] Revert "Use MAIN_FEATURES_LEVEL develop" This reverts commit da1bba6907b3eceb7dd50534c357b7930448fe7c. --- htdocs/product/list.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/htdocs/product/list.php b/htdocs/product/list.php index a77de6b5f27..ae7be5009e1 100644 --- a/htdocs/product/list.php +++ b/htdocs/product/list.php @@ -595,11 +595,11 @@ $sql .= $hookmanager->resPrint; $nbtotalofrecords = ''; if (!getDolGlobalInt('MAIN_DISABLE_FULL_SCANLIST')) { - if (getDolGlobalInt('MAIN_FEATURES_LEVEL') < 2) { + if (!getDolGlobalInt('MAIN_ENABLE_FAST_SCANLIST')) { $result = $db->query($sql); $nbtotalofrecords = $db->num_rows($result); } else { - /* Develop: The fast and low memory method to get and count full list converts the sql into a sql count */ + /* Experimental: The fast and low memory method to get and count full list converts the sql into a sql count */ $sqlforcount = preg_replace('/^SELECT[a-zA-Z0-9\._\s\(\),=<>\:\-\']+\sFROM/Ui', 'SELECT COUNT(*) as nbtotalofrecords FROM', $sql); $sqlforcount = preg_replace('/'.preg_quote($linktopfp, '/').'/', '', $sqlforcount); $sqlforcount = preg_replace('/GROUP BY .*$/', '', $sqlforcount); From d7cd88e9c3ef54a8cce87a70169f029a211fcf9b Mon Sep 17 00:00:00 2001 From: Francis Appels Date: Fri, 18 Nov 2022 16:02:11 +0100 Subject: [PATCH 07/24] Revert "Make new method for fast scanlist optional (for the moment)." This reverts commit c034c1bb3359fa3a2ed8032b8046e98503edde8e. --- htdocs/product/list.php | 28 +++++++++++++--------------- 1 file changed, 13 insertions(+), 15 deletions(-) diff --git a/htdocs/product/list.php b/htdocs/product/list.php index ae7be5009e1..e637e478df4 100644 --- a/htdocs/product/list.php +++ b/htdocs/product/list.php @@ -594,22 +594,20 @@ $sql .= $hookmanager->resPrint; //if (GETPOST("toolowstock")) $sql.= " HAVING SUM(s.reel) < p.seuil_stock_alerte"; // Not used yet $nbtotalofrecords = ''; -if (!getDolGlobalInt('MAIN_DISABLE_FULL_SCANLIST')) { - if (!getDolGlobalInt('MAIN_ENABLE_FAST_SCANLIST')) { - $result = $db->query($sql); - $nbtotalofrecords = $db->num_rows($result); +if (empty($conf->global->MAIN_DISABLE_FULL_SCANLIST)) { + /* $result = $db->query($sql); + $nbtotalofrecords = $db->num_rows($result); + */ + /* The fast and low memory method to get and count full list converts the sql into a sql count */ + $sqlforcount = preg_replace('/^SELECT[a-zA-Z0-9\._\s\(\),=<>\:\-\']+\sFROM/Ui', 'SELECT COUNT(*) as nbtotalofrecords FROM', $sql); + $sqlforcount = preg_replace('/'.preg_quote($linktopfp, '/').'/', '', $sqlforcount); + $sqlforcount = preg_replace('/GROUP BY .*$/', '', $sqlforcount); + $resql = $db->query($sqlforcount); + if ($resql) { + $objforcount = $db->fetch_object($resql); + $nbtotalofrecords = $objforcount->nbtotalofrecords; } else { - /* Experimental: The fast and low memory method to get and count full list converts the sql into a sql count */ - $sqlforcount = preg_replace('/^SELECT[a-zA-Z0-9\._\s\(\),=<>\:\-\']+\sFROM/Ui', 'SELECT COUNT(*) as nbtotalofrecords FROM', $sql); - $sqlforcount = preg_replace('/'.preg_quote($linktopfp, '/').'/', '', $sqlforcount); - $sqlforcount = preg_replace('/GROUP BY .*$/', '', $sqlforcount); - $resql = $db->query($sqlforcount); - if ($resql) { - $objforcount = $db->fetch_object($resql); - $nbtotalofrecords = $objforcount->nbtotalofrecords; - } else { - dol_print_error($db); - } + dol_print_error($db); } if (($page * $limit) > $nbtotalofrecords) { // if total resultset is smaller then paging size (filtering), goto and load page 0 From 43674f385c5f6b1e91a03534f2c55934cae9cdb9 Mon Sep 17 00:00:00 2001 From: Francis Appels Date: Fri, 18 Nov 2022 16:14:14 +0100 Subject: [PATCH 08/24] replace preg_replace by str_replace --- htdocs/product/list.php | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/htdocs/product/list.php b/htdocs/product/list.php index b96a0f6447e..67d7829d32f 100644 --- a/htdocs/product/list.php +++ b/htdocs/product/list.php @@ -434,6 +434,9 @@ if (!empty($extrafields->attributes[$object->table_element]['label'])) { $parameters = array(); $reshook = $hookmanager->executeHooks('printFieldListSelect', $parameters, $object, $action); // Note that $action and $object may have been modified by hook $sql .= $hookmanager->resPrint; + +$sqlfields = $sql; // $sql fields to remove for count total + $sql .= ' FROM '.MAIN_DB_PREFIX.'product as p'; if (!empty($conf->global->MAIN_PRODUCT_PERENTITY_SHARED)) { $sql .= " LEFT JOIN " . MAIN_DB_PREFIX . "product_perentity as ppe ON ppe.fk_product = p.rowid AND ppe.entity = " . ((int) $conf->entity); @@ -606,7 +609,7 @@ if (empty($conf->global->MAIN_DISABLE_FULL_SCANLIST)) { $nbtotalofrecords = $db->num_rows($result); */ /* The fast and low memory method to get and count full list converts the sql into a sql count */ - $sqlforcount = preg_replace('/^SELECT[a-zA-Z0-9\._\s\(\),=<>\:\-\']+\sFROM/Ui', 'SELECT COUNT(*) as nbtotalofrecords FROM', $sql); + $sqlforcount = str_replace($sqlfields, 'SELECT COUNT(*) as nbtotalofrecords', $sql); $sqlforcount = preg_replace('/'.preg_quote($linktopfp, '/').'/', '', $sqlforcount); $sqlforcount = preg_replace('/GROUP BY .*$/', '', $sqlforcount); $resql = $db->query($sqlforcount); From 19273c8da15896418880d4698dd76f58859e9775 Mon Sep 17 00:00:00 2001 From: josett225 <57623859+josett225@users.noreply.github.com> Date: Sun, 20 Nov 2022 05:33:31 +0100 Subject: [PATCH 09/24] Fix PaymentBankTransfer Line page management with Select and Input --- htdocs/compta/prelevement/list.php | 3 +++ htdocs/compta/prelevement/orders_list.php | 4 +++- 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/htdocs/compta/prelevement/list.php b/htdocs/compta/prelevement/list.php index a7bab4281c2..6bf12933eab 100644 --- a/htdocs/compta/prelevement/list.php +++ b/htdocs/compta/prelevement/list.php @@ -191,6 +191,9 @@ if ($result) { print ''; print ''; print ''; + if ($type != '') { + print ''; + } $title = $langs->trans("WithdrawalsLines"); if ($type == 'bank-transfer') { diff --git a/htdocs/compta/prelevement/orders_list.php b/htdocs/compta/prelevement/orders_list.php index 6737ea258ea..6c614cc8a20 100644 --- a/htdocs/compta/prelevement/orders_list.php +++ b/htdocs/compta/prelevement/orders_list.php @@ -158,7 +158,9 @@ if ($result) { print ''; print ''; print ''; - + if ($type != '') { + print ''; + } $titlekey = "WithdrawalsReceipts"; $title = $langs->trans("WithdrawalsReceipts"); if ($type == 'bank-transfer') { From 7be0e0da1c41002dcec509ed0ddf91e5f699caa3 Mon Sep 17 00:00:00 2001 From: Maxime Kohlhaas Date: Tue, 22 Nov 2022 13:46:42 +0100 Subject: [PATCH 10/24] Fix API right check --- htdocs/societe/class/api_thirdparties.class.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/societe/class/api_thirdparties.class.php b/htdocs/societe/class/api_thirdparties.class.php index 07dd2ba6031..1e37cfa1204 100644 --- a/htdocs/societe/class/api_thirdparties.class.php +++ b/htdocs/societe/class/api_thirdparties.class.php @@ -1048,7 +1048,7 @@ class Thirdparties extends DolibarrApi { global $db, $conf; - if (!DolibarrApiAccess::$user->rights->facture->lire) { + if (!DolibarrApiAccess::$user->rights->societe->lire) { throw new RestException(401); } if (empty($id)) { From 3d9b2a16768164860cb66e537e381c2a2729e40e Mon Sep 17 00:00:00 2001 From: ATM-Nicolas Date: Tue, 22 Nov 2022 15:32:37 +0100 Subject: [PATCH 11/24] FIX : SQL request parenthesis --- htdocs/core/class/translate.class.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/core/class/translate.class.php b/htdocs/core/class/translate.class.php index eca41a55301..5b339fe1d81 100644 --- a/htdocs/core/class/translate.class.php +++ b/htdocs/core/class/translate.class.php @@ -468,7 +468,7 @@ class Translate if (! $found && ! empty($conf->global->MAIN_ENABLE_OVERWRITE_TRANSLATION)) { // Overwrite translation with database read - $sql ="SELECT transkey, transvalue FROM ".MAIN_DB_PREFIX."overwrite_trans where lang='".$db->escape($this->defaultlang)."' OR lang IS NULL"; + $sql ="SELECT transkey, transvalue FROM ".MAIN_DB_PREFIX."overwrite_trans where (lang='".$db->escape($this->defaultlang)."' OR lang IS NULL)"; $sql.=" AND entity IN (0, ".getEntity('overwrite_trans').")"; $sql.=$db->order("lang", "DESC"); $resql=$db->query($sql); From e38ef6bc8c598ad0e6b576fbf77e8b4fed8febb6 Mon Sep 17 00:00:00 2001 From: josett225 <57623859+josett225@users.noreply.github.com> Date: Tue, 22 Nov 2022 21:03:28 +0100 Subject: [PATCH 12/24] Update create.php --- htdocs/compta/prelevement/create.php | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/htdocs/compta/prelevement/create.php b/htdocs/compta/prelevement/create.php index 4cf238b65f5..3319f3ac98c 100644 --- a/htdocs/compta/prelevement/create.php +++ b/htdocs/compta/prelevement/create.php @@ -386,7 +386,10 @@ if ($resql) { if (!empty($limit)) { print ''; } - + if ($type != '') { + print ''; + } + $title = $langs->trans("InvoiceWaitingWithdraw"); if ($type == 'bank-transfer') { $title = $langs->trans("InvoiceWaitingPaymentByBankTransfer"); From 76fdf0006d75404bc3e63d5d141e45af5090fe4f Mon Sep 17 00:00:00 2001 From: stickler-ci Date: Tue, 22 Nov 2022 20:17:37 +0000 Subject: [PATCH 13/24] Fixing style errors. --- htdocs/compta/prelevement/create.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/compta/prelevement/create.php b/htdocs/compta/prelevement/create.php index 3319f3ac98c..9bee65b5261 100644 --- a/htdocs/compta/prelevement/create.php +++ b/htdocs/compta/prelevement/create.php @@ -389,7 +389,7 @@ if ($resql) { if ($type != '') { print ''; } - + $title = $langs->trans("InvoiceWaitingWithdraw"); if ($type == 'bank-transfer') { $title = $langs->trans("InvoiceWaitingPaymentByBankTransfer"); From a36ed6a3c4c44f7b913f02fcdc73893dcae64b06 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Wed, 23 Nov 2022 10:43:09 +0100 Subject: [PATCH 14/24] Debug v17 --- htdocs/salaries/card.php | 57 +++++++++++++++--------------------- htdocs/salaries/document.php | 34 ++++++++++----------- htdocs/salaries/info.php | 38 ++++++++++++------------ 3 files changed, 56 insertions(+), 73 deletions(-) diff --git a/htdocs/salaries/card.php b/htdocs/salaries/card.php index 5ba1b818137..1b53388bcaa 100644 --- a/htdocs/salaries/card.php +++ b/htdocs/salaries/card.php @@ -110,12 +110,13 @@ $permissiontoadd = $user->rights->salaries->write; // Used by the include of act $permissiontodelete = $user->rights->salaries->delete || ($permissiontoadd && isset($object->status) && $object->status == $object::STATUS_DRAFT); -/** +/* * Actions */ $parameters = array(); -$reshook = $hookmanager->executeHooks('doActions', $parameters, $object, $action); // Note that $action and $object may have been modified by some hooks +// Note that $action and $object may be modified by some hooks +$reshook = $hookmanager->executeHooks('doActions', $parameters, $object, $action); if ($reshook < 0) { setEventMessages($hookmanager->error, $hookmanager->errors, 'errors'); } @@ -123,14 +124,14 @@ if ($reshook < 0) { if (empty($reshook)) { $error = 0; - $backurlforlist = dol_buildpath('/salaries/list.php', 1); + $backurlforlist = DOL_URL_ROOT.'/salaries/list.php'; if (empty($backtopage) || ($cancel && empty($id))) { if (empty($backtopage) || ($cancel && strpos($backtopage, '__ID__'))) { if (empty($id) && (($action != 'add' && $action != 'create') || $cancel)) { $backtopage = $backurlforlist; } else { - $backtopage = dol_buildpath('/salaries/card.php', 1).'?id='.($id > 0 ? $id : '__ID__'); + $backtopage = DOL_URL_ROOT.'/salaries/card.php?id='.($id > 0 ? $id : '__ID__'); } } } @@ -444,9 +445,10 @@ $form = new Form($db); $formfile = new FormFile($db); if (isModEnabled('project')) $formproject = new FormProjets($db); -$title = $langs->trans('Salary')." - ".$langs->trans('Card'); +$title = $langs->trans('Salary')." - ".$object->ref; $help_url = ""; -llxHeader("", $title, $help_url); + +llxHeader('', $title, $help_url); if ($id > 0) { @@ -458,7 +460,7 @@ if ($id > 0) { } // Create -if ($action == 'create') { +if ($action == 'create' && $permissiontoadd) { $year_current = dol_print_date(dol_now('gmt'), "%Y", 'gmt'); $pastmonth = strftime("%m", dol_now()) - 1; $pastmonthyear = $year_current; @@ -480,7 +482,7 @@ if ($action == 'create') { $datesp = dol_get_first_day($pastmonthyear, $pastmonth, false); $dateep = dol_get_last_day($pastmonthyear, $pastmonth, false); } - print '
'; + print ''; print ''; print ''; if ($backtopage) { @@ -522,7 +524,7 @@ if ($action == 'create') { print ''."\n"; } - print dol_get_fiche_head('', ''); + print dol_get_fiche_head(''); print ''; @@ -692,13 +694,8 @@ if ($action == 'create') { } -/* ************************************************************************** */ -/* */ -/* View mode */ -/* */ -/* ************************************************************************** */ - -if ($id) { +// View mode +if ($id > 0) { $head = salaries_prepare_head($object); $formconfirm = ''; @@ -794,34 +791,26 @@ if ($id) { $morehtmlref .= ''; } + $usercancreate = $permissiontoadd; + // Project if (isModEnabled('project')) { - $morehtmlref .= '
'.$langs->trans('Project').' '; - if ($user->rights->salaries->write) { + $langs->load("projects"); + $morehtmlref .= '
'; + if ($usercancreate) { + $morehtmlref .= img_picto($langs->trans("Project"), 'project', 'class="pictofixedwidth"'); if ($action != 'classify') { - $morehtmlref .= ''.img_edit($langs->transnoentitiesnoconv('SetProject')).' : '; - } - if ($action == 'classify') { - //$morehtmlref.=$form->form_project($_SERVER['PHP_SELF'] . '?id=' . $object->id, $object->socid, $object->fk_project, 'projectid', 0, 0, 1, 1); - $morehtmlref .= ''; - $morehtmlref .= ''; - $morehtmlref .= ''; - $morehtmlref .= $formproject->select_projects(-1, $object->fk_project, 'projectid', 0, 0, 1, 0, 1, 0, 0, '', 1, 0, 'maxwidth500'); - $morehtmlref .= ''; - $morehtmlref .= ''; - } else { - $morehtmlref .= $form->form_project($_SERVER['PHP_SELF'].'?id='.$object->id, $object->socid, $object->fk_project, 'none', 0, 0, 0, 1); + $morehtmlref .= ''.img_edit($langs->transnoentitiesnoconv('SetProject')).' '; } + $morehtmlref .= $form->form_project($_SERVER['PHP_SELF'].'?id='.$object->id, $object->socid, $object->fk_project, ($action == 'classify' ? 'projectid' : 'none'), 0, ($action == 'classify' ? 1 : 0), 0, 1, ''); } else { if (!empty($object->fk_project)) { $proj = new Project($db); $proj->fetch($object->fk_project); - $morehtmlref .= ' : '.$proj->getNomUrl(1); + $morehtmlref .= $proj->getNomUrl(1); if ($proj->title) { - $morehtmlref .= ' - '.$proj->title; + $morehtmlref .= ' - '.dol_escape_htmltag($proj->title).''; } - } else { - $morehtmlref .= ''; } } } diff --git a/htdocs/salaries/document.php b/htdocs/salaries/document.php index 163042dbeb8..2ce7b2e2745 100644 --- a/htdocs/salaries/document.php +++ b/htdocs/salaries/document.php @@ -78,7 +78,9 @@ $childids = $user->getAllChildIds(1); // fetch optionals attributes and labels $extrafields->fetch_name_optionals_label($object->table_element); -$object = new Salary($db); +// Initialize technical object to manage hooks of page. Note that conf->hooks_modules contains array of hook context +$hookmanager->initHooks(array('salarydoc', 'globalcard')); + if ($id > 0 || !empty($ref)) { $object->fetch($id, $ref); @@ -105,7 +107,9 @@ if ($user->socid) { } restrictedArea($user, 'salaries', $object->id, 'salary', ''); +$permissiontoread = $user->rights->salaries->read; $permissiontoadd = $user->rights->salaries->write; // Used by the include of actions_addupdatedelete.inc.php and actions_linkedfiles +$permissiontodelete = $user->rights->salaries->delete || ($permissiontoadd && isset($object->status) && $object->status == $object::STATUS_DRAFT); /* @@ -176,34 +180,26 @@ if ($object->id) { $morehtmlref .= '
'.$langs->trans('Employee').' : '.$userstatic->getNomUrl(-1); + $usercancreate = $permissiontoadd; + // Project if (isModEnabled('project')) { - $morehtmlref .= '
'.$langs->trans('Project').' '; - if ($user->rights->salaries->write) { + $langs->load("projects"); + $morehtmlref .= '
'; + if ($usercancreate) { + $morehtmlref .= img_picto($langs->trans("Project"), 'project', 'class="pictofixedwidth"'); if ($action != 'classify') { - $morehtmlref .= ''.img_edit($langs->transnoentitiesnoconv('SetProject')).' : '; - } - if ($action == 'classify') { - //$morehtmlref.=$form->form_project($_SERVER['PHP_SELF'] . '?id=' . $object->id, $object->socid, $object->fk_project, 'projectid', 0, 0, 1, 1); - $morehtmlref .= ''; - $morehtmlref .= ''; - $morehtmlref .= ''; - $morehtmlref .= $formproject->select_projects(-1, $object->fk_project, 'projectid', 0, 0, 1, 0, 1, 0, 0, '', 1, 0, 'maxwidth500'); - $morehtmlref .= ''; - $morehtmlref .= ''; - } else { - $morehtmlref .= $form->form_project($_SERVER['PHP_SELF'].'?id='.$object->id, -1, $object->fk_project, 'none', 0, 0, 0, 1); + $morehtmlref .= ''.img_edit($langs->transnoentitiesnoconv('SetProject')).' '; } + $morehtmlref .= $form->form_project($_SERVER['PHP_SELF'].'?id='.$object->id, $object->socid, $object->fk_project, ($action == 'classify' ? 'projectid' : 'none'), 0, ($action == 'classify' ? 1 : 0), 0, 1, ''); } else { if (!empty($object->fk_project)) { $proj = new Project($db); $proj->fetch($object->fk_project); - $morehtmlref .= ' : '.$proj->getNomUrl(1); + $morehtmlref .= $proj->getNomUrl(1); if ($proj->title) { - $morehtmlref .= ' - '.$proj->title; + $morehtmlref .= ' - '.dol_escape_htmltag($proj->title).''; } - } else { - $morehtmlref .= ''; } } } diff --git a/htdocs/salaries/info.php b/htdocs/salaries/info.php index e16493ddc91..1085b1175cf 100644 --- a/htdocs/salaries/info.php +++ b/htdocs/salaries/info.php @@ -58,6 +58,9 @@ $childids = $user->getAllChildIds(1); // fetch optionals attributes and labels $extrafields->fetch_name_optionals_label($object->table_element); +// Initialize technical object to manage hooks of page. Note that conf->hooks_modules contains array of hook context +$hookmanager->initHooks(array('salaryinfo', 'globalcard')); + $object = new Salary($db); if ($id > 0 || !empty($ref)) { $object->fetch($id, $ref); @@ -77,6 +80,10 @@ if ($id > 0 || !empty($ref)) { restrictedArea($user, 'salaries', $object->id, 'salary', ''); +$permissiontoread = $user->rights->salaries->read; +$permissiontoadd = $user->rights->salaries->write; // Used by the include of actions_addupdatedelete.inc.php and actions_linkedfiles +$permissiontodelete = $user->rights->salaries->delete || ($permissiontoadd && isset($object->status) && $object->status == $object::STATUS_DRAFT); + /* * Actions @@ -107,7 +114,6 @@ $title = $langs->trans('Salary')." - ".$langs->trans('Info'); $help_url = ""; llxHeader("", $title, $help_url); -$object = new Salary($db); $object->fetch($id); $object->info($id); @@ -139,34 +145,26 @@ if ($action != 'editlabel') { $morehtmlref .= '
'.$langs->trans('Employee').' : '.$userstatic->getNomUrl(-1); +$usercancreate = $permissiontoadd; + // Project if (isModEnabled('project')) { - $morehtmlref .= '
'.$langs->trans('Project').' '; - if ($user->rights->salaries->write) { + $langs->load("projects"); + $morehtmlref .= '
'; + if ($usercancreate) { + $morehtmlref .= img_picto($langs->trans("Project"), 'project', 'class="pictofixedwidth"'); if ($action != 'classify') { - $morehtmlref .= ''.img_edit($langs->transnoentitiesnoconv('SetProject')).' : '; - } - if ($action == 'classify') { - //$morehtmlref.=$form->form_project($_SERVER['PHP_SELF'] . '?id=' . $object->id, $object->socid, $object->fk_project, 'projectid', 0, 0, 1, 1); - $morehtmlref .= ''; - $morehtmlref .= ''; - $morehtmlref .= ''; - $morehtmlref .= $formproject->select_projects(-1, $object->fk_project, 'projectid', 0, 0, 1, 0, 1, 0, 0, '', 1, 0, 'maxwidth500'); - $morehtmlref .= ''; - $morehtmlref .= ''; - } else { - $morehtmlref .= $form->form_project($_SERVER['PHP_SELF'].'?id='.$object->id, $object->socid, $object->fk_project, 'none', 0, 0, 0, 1); + $morehtmlref .= ''.img_edit($langs->transnoentitiesnoconv('SetProject')).' '; } + $morehtmlref .= $form->form_project($_SERVER['PHP_SELF'].'?id='.$object->id, $object->socid, $object->fk_project, ($action == 'classify' ? 'projectid' : 'none'), 0, ($action == 'classify' ? 1 : 0), 0, 1, ''); } else { if (!empty($object->fk_project)) { $proj = new Project($db); $proj->fetch($object->fk_project); - $morehtmlref .= ' : '.$proj->getNomUrl(1); + $morehtmlref .= $proj->getNomUrl(1); if ($proj->title) { - $morehtmlref .= ' - '.$proj->title; + $morehtmlref .= ' - '.dol_escape_htmltag($proj->title).''; } - } else { - $morehtmlref .= ''; } } } @@ -180,7 +178,7 @@ print '
'; print '
'; -print '
'; print ''; // Ref - print ''; + print ''; // Onwer print ''; diff --git a/htdocs/theme/eldy/global.inc.php b/htdocs/theme/eldy/global.inc.php index 6f246a0ce96..ce4c6760aab 100644 --- a/htdocs/theme/eldy/global.inc.php +++ b/htdocs/theme/eldy/global.inc.php @@ -1395,6 +1395,12 @@ select.flat.selectlimit { overflow: hidden; height: auto !important; } +.tenlinesmax { + display: -webkit-box; + -webkit-box-orient: vertical; + -webkit-line-clamp: 10; + overflow: hidden; +} .tablelistofcalendars { margin-top: 25px !important; diff --git a/htdocs/theme/md/style.css.php b/htdocs/theme/md/style.css.php index 2324da32c43..71c45545961 100644 --- a/htdocs/theme/md/style.css.php +++ b/htdocs/theme/md/style.css.php @@ -1514,6 +1514,12 @@ select.flat.selectlimit { overflow: hidden; height: auto !important; } +.tenlinesmax { + display: -webkit-box; + -webkit-box-orient: vertical; + -webkit-line-clamp: 10; + overflow: hidden; +} .tablelistofcalendars { margin-top: 25px !important; From 9bdd17af1ded4a57a9279f058f06771154efc4bf Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Wed, 23 Nov 2022 13:00:50 +0100 Subject: [PATCH 17/24] Update list.php --- htdocs/product/list.php | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/htdocs/product/list.php b/htdocs/product/list.php index 67d7829d32f..613d0a1c5d6 100644 --- a/htdocs/product/list.php +++ b/htdocs/product/list.php @@ -605,11 +605,8 @@ $sql .= $hookmanager->resPrint; $nbtotalofrecords = ''; if (empty($conf->global->MAIN_DISABLE_FULL_SCANLIST)) { - /* $result = $db->query($sql); - $nbtotalofrecords = $db->num_rows($result); - */ /* The fast and low memory method to get and count full list converts the sql into a sql count */ - $sqlforcount = str_replace($sqlfields, 'SELECT COUNT(*) as nbtotalofrecords', $sql); + $sqlforcount = preg_replace('/^'.preg_quote($sqlfields, '/').'/', 'SELECT COUNT(*) as nbtotalofrecords', $sql); $sqlforcount = preg_replace('/'.preg_quote($linktopfp, '/').'/', '', $sqlforcount); $sqlforcount = preg_replace('/GROUP BY .*$/', '', $sqlforcount); $resql = $db->query($sqlforcount); From 1a8dbd75ead26306fb97f87c2be8f55d7986b953 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Wed, 23 Nov 2022 16:59:40 +0100 Subject: [PATCH 18/24] Fix update socialnetworks --- htdocs/adherents/class/adherent.class.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/adherents/class/adherent.class.php b/htdocs/adherents/class/adherent.class.php index 8a313ea4496..ae8b04da46b 100644 --- a/htdocs/adherents/class/adherent.class.php +++ b/htdocs/adherents/class/adherent.class.php @@ -704,7 +704,7 @@ class Adherent extends CommonObject $sql .= ", state_id = ".($this->state_id > 0 ? $this->db->escape($this->state_id) : "null"); $sql .= ", email = '".$this->db->escape($this->email)."'"; $sql .= ", url = ".(!empty($this->url) ? "'".$this->db->escape($this->url)."'" : "null"); - $sql .= ", socialnetworks = '".$this->db->escape(json_encode($this->socialnetworks))."'"; + $sql .= ", socialnetworks = ".($this->socialnetworks ? "'".$this->db->escape(json_encode($this->socialnetworks))."'" : "null"); $sql .= ", phone = ".($this->phone ? "'".$this->db->escape($this->phone)."'" : "null"); $sql .= ", phone_perso = ".($this->phone_perso ? "'".$this->db->escape($this->phone_perso)."'" : "null"); $sql .= ", phone_mobile = ".($this->phone_mobile ? "'".$this->db->escape($this->phone_mobile)."'" : "null"); From d0ac102bd0292e53acea64fe0010d395dd39007b Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Wed, 23 Nov 2022 17:07:11 +0100 Subject: [PATCH 19/24] Debug v17 --- htdocs/adherents/class/adherent.class.php | 9 ++++----- htdocs/compta/facture/class/facture.class.php | 2 +- 2 files changed, 5 insertions(+), 6 deletions(-) diff --git a/htdocs/adherents/class/adherent.class.php b/htdocs/adherents/class/adherent.class.php index 130f5580e3a..397408309aa 100644 --- a/htdocs/adherents/class/adherent.class.php +++ b/htdocs/adherents/class/adherent.class.php @@ -2963,10 +2963,10 @@ class Adherent extends CommonObject } $tmp = dol_getdate($now); - $datetosearchfor = dol_time_plus_duree(dol_mktime(0, 0, 0, $tmp['mon'], $tmp['mday'], $tmp['year']), $daysbeforeend, 'd'); + $datetosearchfor = dol_time_plus_duree(dol_mktime(0, 0, 0, $tmp['mon'], $tmp['mday'], $tmp['year'], 'tzserver'), $daysbeforeend, 'd'); $sql = 'SELECT rowid FROM '.MAIN_DB_PREFIX.'adherent'; - $sql .= " WHERE entity = ".$conf->entity; // Do not use getEntity('adherent').")" here, we want the batch to be on its entity only; + $sql .= " WHERE entity = ".((int) $conf->entity); // Do not use getEntity('adherent').")" here, we want the batch to be on its entity only; $sql .= " AND datefin = '".$this->db->idate($datetosearchfor)."'"; $resql = $this->db->query($sql); @@ -3042,8 +3042,7 @@ class Adherent extends CommonObject $extraparams = ''; $actionmsg = ''; - $actionmsg2 = $langs->transnoentities('MailSentBy').' '.CMailFile::getValidAddress($from, 4, 0, 1).' '.$langs->transnoentities('To').' '. - CMailFile::getValidAddress($sendto, 4, 0, 1); + $actionmsg2 = $langs->transnoentities('MailSentBy').' '.CMailFile::getValidAddress($from, 4, 0, 1).' '.$langs->transnoentities('To').' '.CMailFile::getValidAddress($sendto, 4, 0, 1); if ($message) { $actionmsg = $langs->transnoentities('MailFrom').': '.dol_escape_htmltag($from); $actionmsg = dol_concatdesc($actionmsg, $langs->transnoentities('MailTo').': '.dol_escape_htmltag($sendto)); @@ -3132,7 +3131,7 @@ class Adherent extends CommonObject if ($listofids) { $listofids .= ']'; } - $this->output .= $listofids; + $this->output .= ' ids='.$listofids; } if ($nbko) { $this->output .= ' - Canceled for '.$nbko.' member (no email or email sending error)'; diff --git a/htdocs/compta/facture/class/facture.class.php b/htdocs/compta/facture/class/facture.class.php index 4a4a02e87c4..7cc4be35f70 100644 --- a/htdocs/compta/facture/class/facture.class.php +++ b/htdocs/compta/facture/class/facture.class.php @@ -40,7 +40,7 @@ * \brief File of class to manage invoices */ -include_once DOL_DOCUMENT_ROOT.'/core/class/commoninvoice.class.php'; +require_once DOL_DOCUMENT_ROOT.'/core/class/commoninvoice.class.php'; require_once DOL_DOCUMENT_ROOT.'/core/class/commonobjectline.class.php'; require_once DOL_DOCUMENT_ROOT.'/product/class/product.class.php'; require_once DOL_DOCUMENT_ROOT.'/societe/class/client.class.php'; From b42b0ef841f864d7575482268b010fb47ecacf8b Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Wed, 23 Nov 2022 18:49:59 +0100 Subject: [PATCH 20/24] Fix error management --- htdocs/adherents/class/adherent.class.php | 14 +++++++++----- htdocs/core/class/html.formmail.class.php | 2 +- 2 files changed, 10 insertions(+), 6 deletions(-) diff --git a/htdocs/adherents/class/adherent.class.php b/htdocs/adherents/class/adherent.class.php index ed4ca4ecf51..491899a3370 100644 --- a/htdocs/adherents/class/adherent.class.php +++ b/htdocs/adherents/class/adherent.class.php @@ -2957,7 +2957,7 @@ class Adherent extends CommonObject dol_syslog(__METHOD__.' - Process delta = '.$daysbeforeend, LOG_DEBUG); if (!is_numeric($daysbeforeend)) { - $blockingerrormsg = "Value for delta is not a positive or negative numeric"; + $blockingerrormsg = "Value for delta is not a numeric value"; $nbko++; break; } @@ -2968,6 +2968,7 @@ class Adherent extends CommonObject $sql = 'SELECT rowid FROM '.MAIN_DB_PREFIX.'adherent'; $sql .= " WHERE entity = ".((int) $conf->entity); // Do not use getEntity('adherent').")" here, we want the batch to be on its entity only; $sql .= " AND datefin = '".$this->db->idate($datetosearchfor)."'"; + //$sql .= " LIMIT 10000"; $resql = $this->db->query($sql); if ($resql) { @@ -3000,7 +3001,7 @@ class Adherent extends CommonObject dol_syslog("sendReminderForExpiredSubscription Language for member id ".$adherent->id." set to ".$outputlangs->defaultlang." mysoc->default_lang=".$mysoc->default_lang); $arraydefaultmessage = null; - $labeltouse = $conf->global->ADHERENT_EMAIL_TEMPLATE_REMIND_EXPIRATION; + $labeltouse = getDolGlobalString('ADHERENT_EMAIL_TEMPLATE_REMIND_EXPIRATION'); if (!empty($labeltouse)) { $arraydefaultmessage = $formmail->getEMailTemplate($this->db, 'member', $user, $outputlangs, 0, 1, $labeltouse); @@ -3024,7 +3025,7 @@ class Adherent extends CommonObject $result = $cmail->sendfile(); if (!$result) { $error++; - $this->error = $cmail->error; + $this->error .= $cmail->error.' '; if (!is_null($cmail->errors)) { $this->errors += $cmail->errors; } @@ -3089,7 +3090,10 @@ class Adherent extends CommonObject $actioncomm->create($user); } } else { - $blockingerrormsg = "Can't find email template, defined into member module setup, to use for reminding"; + //$blockingerrormsg = "Can't find email template with label=".$labeltouse.", to use for the reminding email"; + + $error++; + $this->error .= "Can't find email template with label=".$labeltouse.", to use for the reminding email "; $nbko++; $listofmembersko[$adherent->id] = $adherent->id; @@ -3159,6 +3163,6 @@ class Adherent extends CommonObject } } - return 0; + return $nbko; } } diff --git a/htdocs/core/class/html.formmail.class.php b/htdocs/core/class/html.formmail.class.php index aa2ee4b3e6a..c81ccb769ab 100644 --- a/htdocs/core/class/html.formmail.class.php +++ b/htdocs/core/class/html.formmail.class.php @@ -1279,7 +1279,7 @@ class FormMail extends Form * * @param DoliDB $dbs Database handler * @param string $type_template Get message for model/type=$type_template, type='all' also included. - * @param User $user Get template public or limited to this user + * @param User $user Get templates public + limited to this user * @param Translate $outputlangs Output lang object * @param int $id Id of template to get, or -1 for first found with position 0, or 0 for first found whatever is position (priority order depends on lang provided or not) or -2 for exact match with label (no answer if not found) * @param int $active 1=Only active template, 0=Only disabled, -1=All From 03e8e4946538728f208349f7019c29269cb8c6d8 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Wed, 23 Nov 2022 20:31:26 +0100 Subject: [PATCH 21/24] Fix responsive --- htdocs/admin/mailing.php | 25 +++++++++++++++---------- htdocs/comm/mailing/card.php | 6 +++--- htdocs/core/lib/functions.lib.php | 2 +- 3 files changed, 19 insertions(+), 14 deletions(-) diff --git a/htdocs/admin/mailing.php b/htdocs/admin/mailing.php index 6a166078bfc..c88bb1bc4d5 100644 --- a/htdocs/admin/mailing.php +++ b/htdocs/admin/mailing.php @@ -123,32 +123,35 @@ print '
'; +print '
'; dol_print_object_info($object); print '
'; From b77f63bc5c2172d2984c924a663f08d57b925de2 Mon Sep 17 00:00:00 2001 From: Gauthier PC portable 024 Date: Wed, 23 Nov 2022 11:24:29 +0100 Subject: [PATCH 15/24] FIX : $sign is useless --- htdocs/compta/facture/tpl/linkedobjectblock.tpl.php | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/htdocs/compta/facture/tpl/linkedobjectblock.tpl.php b/htdocs/compta/facture/tpl/linkedobjectblock.tpl.php index c70416fec6e..92204520b35 100644 --- a/htdocs/compta/facture/tpl/linkedobjectblock.tpl.php +++ b/htdocs/compta/facture/tpl/linkedobjectblock.tpl.php @@ -72,13 +72,9 @@ foreach ($linkedObjectBlock as $key => $objectlink) { print '		'.dol_print_date($objectlink->date, 'day').''; if (!empty($objectlink) && $objectlink->element == 'facture' && $user->hasRight('facture', 'lire')) { - $sign = 1; - if ($objectlink->type == Facture::TYPE_CREDIT_NOTE) { - $sign = -1; - } if ($objectlink->statut != 3) { // If not abandonned - $total = $total + $sign * $objectlink->total_ht; + $total += $objectlink->total_ht; echo price($objectlink->total_ht); } else { echo ''.price($objectlink->total_ht).''; From 3a59344c2fabc01706b612e672e0d24c49d9cbf0 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Wed, 23 Nov 2022 11:57:53 +0100 Subject: [PATCH 16/24] Fix responsive --- htdocs/comm/action/class/actioncomm.class.php | 4 +++- htdocs/core/class/html.formactions.class.php | 6 ++---- htdocs/theme/eldy/global.inc.php | 6 ++++++ htdocs/theme/md/style.css.php | 6 ++++++ 4 files changed, 17 insertions(+), 5 deletions(-) diff --git a/htdocs/comm/action/class/actioncomm.class.php b/htdocs/comm/action/class/actioncomm.class.php index fb78c8d1af5..3b4af2c3c8e 100644 --- a/htdocs/comm/action/class/actioncomm.class.php +++ b/htdocs/comm/action/class/actioncomm.class.php @@ -1644,8 +1644,10 @@ class ActionComm extends CommonObject } if (!empty($this->note_private)) { $tooltip .= '

'.$langs->trans('Description').':
'; - $texttoshow = dolGetFirstLineOfText($this->note_private, 10); + $texttoshow = dolGetFirstLineOfText($this->note_private, 10); // Try to limit length of content + $tooltip .= '
'; // Restrict height of content into the tooltip $tooltip .= (dol_textishtml($texttoshow) ? str_replace(array("\r", "\n"), "", $texttoshow) : str_replace(array("\r", "\n"), '
', $texttoshow)); + $tooltip .= '
'; } $linkclose = ''; //if (!empty($conf->global->AGENDA_USE_EVENT_TYPE) && $this->type_color) diff --git a/htdocs/core/class/html.formactions.class.php b/htdocs/core/class/html.formactions.class.php index 6342e08a34e..e1731984229 100644 --- a/htdocs/core/class/html.formactions.class.php +++ b/htdocs/core/class/html.formactions.class.php @@ -271,12 +271,10 @@ class FormActions break; } - $ref = $actioncomm->getNomUrl(1, -1); - print '
'.$ref.''.$actioncomm->getNomUrl(1, -1).''; @@ -310,7 +308,7 @@ class FormActions $labeltype .= ' - '.$arraylist[$actionstatic->code]; // Use code in priority on type_code } } - print ''; + print ''; print $actioncomm->getTypePicto(); print $labeltype; print '
'; print ''; print ''; print ''; -print ''; +print ''; print "\n"; print ''; +print ''; +print ''; print ''; print ''; +print ''; +print ''; print ''; print ''; +print ''; +print ''; print ''; @@ -157,11 +160,12 @@ print ''; print ''; +print ''; +print ''; print ''; // default blacklist from mailing @@ -171,7 +175,7 @@ print ''; -print ''; +print ''; print ''; @@ -179,7 +183,8 @@ if (!empty($conf->use_javascript_ajax) && $conf->global->MAIN_FEATURES_LEVEL >= print ''; + print ''; + print ''; print ''; } diff --git a/htdocs/comm/mailing/card.php b/htdocs/comm/mailing/card.php index bd3d54977f1..0afb5cdd230 100644 --- a/htdocs/comm/mailing/card.php +++ b/htdocs/comm/mailing/card.php @@ -730,7 +730,7 @@ if ($action == 'create') { // Print mail form print load_fiche_titre($langs->trans("NewMailing"), $availablelink, 'object_email'); - print dol_get_fiche_head(); + print dol_get_fiche_head(array(), '', '', -3); print '
'.$langs->trans("Parameter").''.$langs->trans("Value").''.$langs->trans("Example").''.$langs->trans("Example").'
'; $help = img_help(1, $langs->trans("EMailHelpMsgSPFDKIM")); print $langs->trans("MailingEMailFrom").' '.$help.''; -print ''; +print ''; if (!empty($conf->global->MAILING_EMAIL_FROM) && !isValidEmail($conf->global->MAILING_EMAIL_FROM)) { print ' '.img_warning($langs->trans("BadEMail")); } -print ''.dol_escape_htmltag(($mysoc->name ? $mysoc->name : 'MyName').' ').''.dol_escape_htmltag(($mysoc->name ? $mysoc->name : 'MyName').' ').'
'; print $langs->trans("MailingEMailError").''; -print ''; +print ''; if (!empty($conf->global->MAILING_EMAIL_ERRORSTO) && !isValidEmail($conf->global->MAILING_EMAIL_ERRORSTO)) { print ' '.img_warning($langs->trans("BadEMail")); } -print 'webmaster@example.com>webmaster@example.com>
'; print $langs->trans("MailingDelay").''; print ''; -print '
'; print $langs->trans("ActivateCheckReadKey").''; -print ''; +print ''; if (!empty($conf->use_javascript_ajax)) { print ' '.img_picto($langs->trans('Generate'), 'refresh', 'id="generate_token" class="linkobject"'); } -print '
'; $blacklist_setting=array(0=>$langs->trans('No'), 1=>$langs->trans('Yes'), 2=>$langs->trans('DefaultStatusEmptyMandatory')); print $form->selectarray("MAILING_CONTACT_DEFAULT_BULK_STATUS", $blacklist_setting, $conf->global->MAILING_CONTACT_DEFAULT_BULK_STATUS); print '
'; print $langs->trans("MailAdvTargetRecipients").''; print ajax_constantonoff('EMAILING_USE_ADVANCED_SELECTOR'); - print '
'; @@ -768,7 +768,7 @@ if ($action == 'create') { print dol_get_fiche_end(); - print $form->buttonsSaveCancel("CreateMailing", ''); + print $form->buttonsSaveCancel("CreateMailing", 'Cancel'); print ''; } else { @@ -1314,7 +1314,7 @@ if ($action == 'create') { print '
'; print ''; - print '     '; + print '     '; print ''; print '
'; diff --git a/htdocs/core/lib/functions.lib.php b/htdocs/core/lib/functions.lib.php index 456d9702238..b5450f7317f 100644 --- a/htdocs/core/lib/functions.lib.php +++ b/htdocs/core/lib/functions.lib.php @@ -1813,7 +1813,7 @@ function dolButtonToOpenUrlInDialogPopup($name, $label, $buttonstring, $url, $di * @param array $links Array of tabs (0=>url, 1=>label, 2=>code, 3=>not used, 4=>text after link, 5=>morecssonlink). Currently initialized by calling a function xxx_admin_prepare_head. Note that label into $links[$i][1] must be already HTML escaped. * @param string $active Active tab name (document', 'info', 'ldap', ....) * @param string $title Title - * @param int $notab -1 or 0=Add tab header, 1=no tab header (if you set this to 1, using print dol_get_fiche_end() to close tab is not required), -2=Add tab header with no seaparation under tab (to start a tab just after) + * @param int $notab -1 or 0=Add tab header, 1=no tab header (if you set this to 1, using print dol_get_fiche_end() to close tab is not required), -2=Add tab header with no sepaaration under tab (to start a tab just after), -3=Add tab header but no footer separation * @param string $picto Add a picto on tab title * @param int $pictoisfullpath If 1, image path is a full path. If you set this to 1, you can use url returned by dol_buildpath('/mymodyle/img/myimg.png',1) for $picto. * @param string $morehtmlright Add more html content on right of tabs title From 6f31727112b939292a07704d31487201d40f3b97 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Wed, 23 Nov 2022 20:36:30 +0100 Subject: [PATCH 22/24] Fix trans --- .../modules/mailings/thirdparties_services_expired.modules.php | 1 + 1 file changed, 1 insertion(+) diff --git a/htdocs/core/modules/mailings/thirdparties_services_expired.modules.php b/htdocs/core/modules/mailings/thirdparties_services_expired.modules.php index 9083b643900..1f8f3f82f7c 100644 --- a/htdocs/core/modules/mailings/thirdparties_services_expired.modules.php +++ b/htdocs/core/modules/mailings/thirdparties_services_expired.modules.php @@ -219,6 +219,7 @@ class mailing_thirdparties_services_expired extends MailingTargets $s = ''; - $out .= ajax_autocompleter($selected, $htmlname, DOL_URL_ROOT.'/projet/ajax/projects.php', $urloption, $conf->global->PROJECT_USE_SEARCH_TO_SELECT, 0, array( - // 'update' => array( - // 'projectid' => 'id' - // ) - )); + $out .= ajax_autocompleter($selected, $htmlname, DOL_URL_ROOT.'/projet/ajax/projects.php', $urloption, $conf->global->PROJECT_USE_SEARCH_TO_SELECT, 0, array()); } else { - $out .= $this->select_projects_list($socid, $selected, $htmlname, $maxlength, $option_only, $show_empty, abs($discard_closed), $forcefocus, $disabled, 0, $filterkey, 1, $forceaddid, $htmlid, $morecss); + $out .= $this->select_projects_list($socid, $selected, $htmlname, $maxlength, $option_only, $show_empty, abs($discard_closed), $forcefocus, $disabled, 0, $filterkey, 1, $forceaddid, $htmlid, $morecss, $morefilter); } if ($discard_closed > 0) { if (!empty($form)) { @@ -135,14 +134,15 @@ class FormProjets * @param int $forcefocus Force focus on field (works with javascript only) * @param int $disabled Disabled * @param int $mode 0 for HTML mode and 1 for array return (to be used by json_encode for example) - * @param string $filterkey Key to filter + * @param string $filterkey Key to filter on title or ref * @param int $nooutput No print output. Return it only. * @param int $forceaddid Force to add project id in list, event if not qualified * @param int $htmlid Html id to use instead of htmlname * @param string $morecss More CSS + * @param string $morefilter More filters (Must be a sql sanitized string) * @return int Nb of project if OK, <0 if KO */ - public function select_projects_list($socid = -1, $selected = '', $htmlname = 'projectid', $maxlength = 24, $option_only = 0, $show_empty = 1, $discard_closed = 0, $forcefocus = 0, $disabled = 0, $mode = 0, $filterkey = '', $nooutput = 0, $forceaddid = 0, $htmlid = '', $morecss = 'maxwidth500') + public function select_projects_list($socid = -1, $selected = '', $htmlname = 'projectid', $maxlength = 24, $option_only = 0, $show_empty = 1, $discard_closed = 0, $forcefocus = 0, $disabled = 0, $mode = 0, $filterkey = '', $nooutput = 0, $forceaddid = 0, $htmlid = '', $morecss = 'maxwidth500', $morefilter = '') { // phpcs:enable global $user, $conf, $langs; @@ -187,6 +187,9 @@ class FormProjets if (!empty($filterkey)) { $sql .= natural_search(array('p.title', 'p.ref'), $filterkey); } + if ($morefilter) { + $sql .= ' AND ('.$morefilter.')'; + } $sql .= " ORDER BY p.ref ASC"; $resql = $this->db->query($sql); diff --git a/htdocs/core/modules/mailings/eventorganization.modules.php b/htdocs/core/modules/mailings/eventorganization.modules.php new file mode 100644 index 00000000000..84c27c5f673 --- /dev/null +++ b/htdocs/core/modules/mailings/eventorganization.modules.php @@ -0,0 +1,212 @@ + + * Copyright (C) 2005-2010 Laurent Destailleur + * Copyright (C) 2005-2009 Regis Houssin + * + * This file is an example to follow to add your own email selector inside + * the Dolibarr email tool. + * Follow instructions given in README file to know what to change to build + * your own emailing list selector. + * Code that need to be changed in this file are marked by "CHANGE THIS" tag. + */ + +/** + * \file htdocs/core/modules/mailings/eventorganization.modules.php + * \ingroup mailing + * \brief Example file to provide a list of recipients for mailing module + */ + + +// Load Dolibarr Environment +include_once DOL_DOCUMENT_ROOT.'/core/modules/mailings/modules_mailings.php'; + + +/** + * Class to manage a list of personalised recipients for mailing feature + */ +class mailing_eventorganization extends MailingTargets +{ + // This label is used if no translation is found for key XXX neither MailingModuleDescXXX where XXX=name is found + public $name = 'AttendeesOfOrganizedEvent'; + public $desc = "Attendees of an organized event"; + + public $require_admin = 0; + + public $require_module = array(); // This module allows to select by categories must be also enabled if category module is not activated + + /** + * @var string String with name of icon for myobject. Must be the part after the 'object_' into object_myobject.png + */ + public $picto = 'conferenceorbooth'; + + /** + * @var DoliDB Database handler. + */ + public $db; + + public $enabled = 'isModEnabled("eventorganization")'; + + + /** + * Constructor + * + * @param DoliDB $db Database handler + */ + public function __construct($db) + { + global $conf, $langs; + $langs->load('companies'); + + $this->db = $db; + } + + + // phpcs:disable PEAR.NamingConventions.ValidFunctionName.ScopeNotCamelCaps + /** + * This is the main function that returns the array of emails + * + * @param int $mailing_id Id of mailing. No need to use it. + * @return int <0 if error, number of emails added if ok + */ + public function add_to_target($mailing_id) + { + // phpcs:enable + global $conf, $langs; + + $cibles = array(); + $addDescription = ''; + + $sql = "SELECT p.ref, p.entity, e.rowid as id, e.fk_project, e.email as email, e.email_company as company_name, e.firstname as firstname, e.lastname as lastname,"; + $sql .= " 'eventorganizationattendee' as source"; + $sql .= " FROM ".MAIN_DB_PREFIX."eventorganization_conferenceorboothattendee as e,"; + $sql .= " ".MAIN_DB_PREFIX."projet as p"; + $sql .= " WHERE e.email <> ''"; + $sql .= " AND e.fk_project = p.rowid"; + $sql .= " AND p.entity IN (".getEntity('project').")"; + $sql .= " AND e.email NOT IN (SELECT email FROM ".MAIN_DB_PREFIX."mailing_cibles WHERE fk_mailing=".((int) $mailing_id).")"; + $sql .= " AND e.fk_project = ".((int) GETPOST('filter_eventorganization', 'int')); + $sql .= " ORDER BY e.email"; + + // Stock recipients emails into targets table + $result = $this->db->query($sql); + if ($result) { + $num = $this->db->num_rows($result); + $i = 0; + $j = 0; + + dol_syslog(get_class($this)."::add_to_target mailing ".$num." targets found"); + + $old = ''; + while ($i < $num) { + $obj = $this->db->fetch_object($result); + if ($old <> $obj->email) { + $otherTxt = ($obj->ref ? $langs->transnoentities("Project").'='.$obj->ref : ''); + if (strlen($addDescription) > 0 && strlen($otherTxt) > 0) { + $otherTxt .= ";"; + } + $otherTxt .= $addDescription; + $cibles[$j] = array( + 'email' => $obj->email, + 'fk_project' => $obj->fk_project, + 'lastname' => $obj->lastname, + 'firstname' => $obj->firstname, + 'other' => $otherTxt, + 'source_url' => $this->url($obj->id, $obj->source), + 'source_id' => $obj->id, + 'source_type' => $obj->source + ); + $old = $obj->email; + $j++; + } + + $i++; + } + } else { + dol_syslog($this->db->error()); + $this->error = $this->db->error(); + return -1; + } + + return parent::addTargetsToDatabase($mailing_id, $cibles); + } + + + /** + * On the main mailing area, there is a box with statistics. + * If you want to add a line in this report you must provide an + * array of SQL request that returns two field: + * One called "label", One called "nb". + * + * @return array Array with SQL requests + */ + public function getSqlArrayForStats() + { + // CHANGE THIS: Optionnal + + //var $statssql=array(); + //$this->statssql[0]="SELECT field1 as label, count(distinct(email)) as nb FROM mytable WHERE email IS NOT NULL"; + return array(); + } + + + /** + * Return here number of distinct emails returned by your selector. + * For example if this selector is used to extract 500 different + * emails from a text file, this function must return 500. + * + * @param string $sql Requete sql de comptage + * @return int|string Nb of recipient, or <0 if error, or '' if NA + */ + public function getNbOfRecipients($sql = '') + { + global $conf; + + $sql = "SELECT COUNT(DISTINCT(e.email)) as nb"; + $sql .= " FROM ".MAIN_DB_PREFIX."eventorganization_conferenceorboothattendee as e, "; + $sql .= " ".MAIN_DB_PREFIX."projet as p"; + $sql .= " WHERE e.email <> ''"; + $sql .= " AND e.fk_project = p.rowid"; + $sql .= " AND p.entity IN (".getEntity('project').")"; + + //print $sql; + + // La requete doit retourner un champ "nb" pour etre comprise par parent::getNbOfRecipients + return parent::getNbOfRecipients($sql); + } + + /** + * This is to add a form filter to provide variant of selector + * If used, the HTML select must be called "filter" + * + * @return string A html select zone + */ + public function formFilter() + { + global $conf, $langs; + + $langs->load("companies"); + + include_once DOL_DOCUMENT_ROOT.'/core/class/html.formprojet.class.php'; + $formproject = new FormProjets($this->db); + $s .= $formproject->select_projects(-1, 0, "filter_eventorganization", 0, 0, 1, 1, 0, 0, 0, '', 1, 0, '', '', 'usage_organize_event=1'); + + return $s; + } + + + /** + * Can include an URL link on each record provided by selector shown on target page. + * + * @param int $id ID + * @param string $sourcetype Source type + * @return string Url link + */ + public function url($id, $sourcetype = 'thirdparty') + { + if ($sourcetype == 'project') { + return ''.img_object('', "eventorganization").''; + } + + return ''; + } +} diff --git a/htdocs/core/modules/modEventOrganization.class.php b/htdocs/core/modules/modEventOrganization.class.php index 437fa691713..f037f26176c 100644 --- a/htdocs/core/modules/modEventOrganization.class.php +++ b/htdocs/core/modules/modEventOrganization.class.php @@ -62,7 +62,7 @@ class modEventOrganization extends DolibarrModules // Key used in llx_const table to save module status enabled/disabled (where EVENTORGANIZATION is value of property name of module in uppercase) $this->const_name = 'MAIN_MODULE_'.strtoupper($this->name); - $this->picto = 'action'; + $this->picto = 'conferenceorbooth'; // Define some features supported by module (triggers, login, substitutions, menus, css, etc...) $this->module_parts = array( diff --git a/htdocs/install/mysql/migration/16.0.0-17.0.0.sql b/htdocs/install/mysql/migration/16.0.0-17.0.0.sql index 0b4b773be40..8432bf252c3 100644 --- a/htdocs/install/mysql/migration/16.0.0-17.0.0.sql +++ b/htdocs/install/mysql/migration/16.0.0-17.0.0.sql @@ -55,6 +55,8 @@ ALTER TABLE llx_user DROP COLUMN idpers3; -- v17 +ALTER TABLE llx_mailing_cibles MODIFY COLUMN source_type varchar(32); + ALTER TABLE llx_actioncomm ADD INDEX idx_actioncomm_percent (percent); UPDATE llx_c_paiement SET code = 'BANCON' WHERE code = 'BAN' AND libelle = 'Bancontact'; diff --git a/htdocs/install/mysql/tables/llx_mailing_cibles-mailing.sql b/htdocs/install/mysql/tables/llx_mailing_cibles-mailing.sql index da0b6c1683a..3c38eedaaaf 100644 --- a/htdocs/install/mysql/tables/llx_mailing_cibles-mailing.sql +++ b/htdocs/install/mysql/tables/llx_mailing_cibles-mailing.sql @@ -32,7 +32,7 @@ create table llx_mailing_cibles statut smallint NOT NULL DEFAULT 0, -- -1 = error, 0 = not sent, ... source_url varchar(255), source_id integer, - source_type varchar(16), + source_type varchar(32), date_envoi datetime, tms timestamp DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP, error_text varchar(255) -- text with error if statut is -1 From 53a1867be8ae6a9bc5634119d4a1e25e46786bc1 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Thu, 24 Nov 2022 16:40:44 +0100 Subject: [PATCH 24/24] Fix phpcs --- htdocs/core/class/html.formprojet.class.php | 2 +- htdocs/core/db/DoliDB.class.php | 9 +++------ 2 files changed, 4 insertions(+), 7 deletions(-) diff --git a/htdocs/core/class/html.formprojet.class.php b/htdocs/core/class/html.formprojet.class.php index aedff703a19..430c3a708d2 100644 --- a/htdocs/core/class/html.formprojet.class.php +++ b/htdocs/core/class/html.formprojet.class.php @@ -188,7 +188,7 @@ class FormProjets $sql .= natural_search(array('p.title', 'p.ref'), $filterkey); } if ($morefilter) { - $sql .= ' AND ('.$morefilter.')'; + $sql .= ' AND ('.$this->db->sanitize($morefilter, 0, 1).')'; } $sql .= " ORDER BY p.ref ASC"; diff --git a/htdocs/core/db/DoliDB.class.php b/htdocs/core/db/DoliDB.class.php index 2d2ea33a6c5..16b2fd956fe 100644 --- a/htdocs/core/db/DoliDB.class.php +++ b/htdocs/core/db/DoliDB.class.php @@ -136,15 +136,12 @@ abstract class DoliDB implements Database * * @param string $stringtosanitize String to escape * @param int $allowsimplequote 1=Allow simple quotes in string. When string is used as a list of SQL string ('aa', 'bb', ...) + * @param string $allowsequals 1=Allow equals sign * @return string String escaped */ - public function sanitize($stringtosanitize, $allowsimplequote = 0) + public function sanitize($stringtosanitize, $allowsimplequote = 0, $allowsequals = 0) { - if ($allowsimplequote) { - return preg_replace('/[^a-z0-9_\-\.,\']/i', '', $stringtosanitize); - } else { - return preg_replace('/[^a-z0-9_\-\.,]/i', '', $stringtosanitize); - } + return preg_replace('/[^a-z0-9_\-\.,'.($allowsequals ? '=' : '').($allowsimplequote ? "\'" : '').']/i', '', $stringtosanitize); } /**