From 91885c9d6fee6c785f3de70a059d07b185669043 Mon Sep 17 00:00:00 2001 From: Alexis Algoud Date: Fri, 22 May 2015 17:22:57 +0200 Subject: [PATCH 01/48] FIX when multicompany was enabled, this function didn't check just on the good entity (problem when both company use same mask) --- htdocs/core/class/commonobject.class.php | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) diff --git a/htdocs/core/class/commonobject.class.php b/htdocs/core/class/commonobject.class.php index e0bab998982..10e83d80595 100644 --- a/htdocs/core/class/commonobject.class.php +++ b/htdocs/core/class/commonobject.class.php @@ -65,13 +65,17 @@ abstract class CommonObject */ static function isExistingObject($element, $id, $ref='', $ref_ext='') { - global $db; + global $db,$conf; $sql = "SELECT rowid, ref, ref_ext"; $sql.= " FROM ".MAIN_DB_PREFIX.$element; - if ($id > 0) $sql.= " WHERE rowid = ".$db->escape($id); - else if ($ref) $sql.= " WHERE ref = '".$db->escape($ref)."'"; - else if ($ref_ext) $sql.= " WHERE ref_ext = '".$db->escape($ref_ext)."'"; + + if($conf->multicompany->enabled)$sql.= " WHERE entity=".$conf->entity; + else $sql.=" WHERE 1 "; + + if ($id > 0) $sql.= " AND rowid = ".$db->escape($id); + else if ($ref) $sql.= " AND ref = '".$db->escape($ref)."'"; + else if ($ref_ext) $sql.= " AND ref_ext = '".$db->escape($ref_ext)."'"; else { $error='ErrorWrongParameters'; dol_print_error(get_class()."::isExistingObject ".$error, LOG_ERR); From 44c46d68ed4a443962dbdbb8d8ad130f9ee31f82 Mon Sep 17 00:00:00 2001 From: Alexis ALGOUD Date: Sat, 23 May 2015 23:51:49 +0200 Subject: [PATCH 02/48] Remove the useless if --- htdocs/core/class/commonobject.class.php | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/htdocs/core/class/commonobject.class.php b/htdocs/core/class/commonobject.class.php index 10e83d80595..73019b52eef 100644 --- a/htdocs/core/class/commonobject.class.php +++ b/htdocs/core/class/commonobject.class.php @@ -70,8 +70,7 @@ abstract class CommonObject $sql = "SELECT rowid, ref, ref_ext"; $sql.= " FROM ".MAIN_DB_PREFIX.$element; - if($conf->multicompany->enabled)$sql.= " WHERE entity=".$conf->entity; - else $sql.=" WHERE 1 "; + $sql.= " WHERE entity=".$conf->entity; if ($id > 0) $sql.= " AND rowid = ".$db->escape($id); else if ($ref) $sql.= " AND ref = '".$db->escape($ref)."'"; From dd7febe2b984f0ab2c60d435279e3a0a6374a5c0 Mon Sep 17 00:00:00 2001 From: Alexis Algoud Date: Fri, 29 May 2015 15:10:59 +0200 Subject: [PATCH 03/48] replace test by getEntity() --- htdocs/core/class/commonobject.class.php | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/htdocs/core/class/commonobject.class.php b/htdocs/core/class/commonobject.class.php index 10e83d80595..03d044a2ee6 100644 --- a/htdocs/core/class/commonobject.class.php +++ b/htdocs/core/class/commonobject.class.php @@ -69,9 +69,7 @@ abstract class CommonObject $sql = "SELECT rowid, ref, ref_ext"; $sql.= " FROM ".MAIN_DB_PREFIX.$element; - - if($conf->multicompany->enabled)$sql.= " WHERE entity=".$conf->entity; - else $sql.=" WHERE 1 "; + $sql.= " WHERE entity IN (".getEntity($element).")" ; if ($id > 0) $sql.= " AND rowid = ".$db->escape($id); else if ($ref) $sql.= " AND ref = '".$db->escape($ref)."'"; From 3f1613197e006e29163b4cdaa1e4c2519827e217 Mon Sep 17 00:00:00 2001 From: Florian HENRY Date: Tue, 2 Jun 2015 08:41:42 +0200 Subject: [PATCH 04/48] FIX : If supplier invoice block linked element is display after other block total HT amount is not reset to 0 and sum other block (like customer orders values) --- htdocs/fourn/facture/tpl/linkedobjectblock.tpl.php | 1 + 1 file changed, 1 insertion(+) diff --git a/htdocs/fourn/facture/tpl/linkedobjectblock.tpl.php b/htdocs/fourn/facture/tpl/linkedobjectblock.tpl.php index c10fea8bb8a..2f66049143e 100644 --- a/htdocs/fourn/facture/tpl/linkedobjectblock.tpl.php +++ b/htdocs/fourn/facture/tpl/linkedobjectblock.tpl.php @@ -40,6 +40,7 @@ else print_titre($langs->trans("RelatedBill")); trans("Status"); ?> Date: Tue, 2 Jun 2015 11:20:08 +0200 Subject: [PATCH 05/48] FIX : total amount in tpl linked object are not reset --- htdocs/expedition/tpl/linkedobjectblock.tpl.php | 1 + htdocs/fourn/commande/tpl/linkedobjectblock.tpl.php | 1 + 2 files changed, 2 insertions(+) diff --git a/htdocs/expedition/tpl/linkedobjectblock.tpl.php b/htdocs/expedition/tpl/linkedobjectblock.tpl.php index 364afb92177..a235944bff8 100644 --- a/htdocs/expedition/tpl/linkedobjectblock.tpl.php +++ b/htdocs/expedition/tpl/linkedobjectblock.tpl.php @@ -41,6 +41,7 @@ print_titre($langs->trans('RelatedShippings')); trans("Status"); ?> trans('RelatedOrders')); trans("Status"); ?> Date: Tue, 2 Jun 2015 16:06:03 +0200 Subject: [PATCH 06/48] FIX : When we clone a propal, if it has a project which is not assigned to a third, it was not on new propal because fk_project was always set to empty string if new propal is for another third. --- htdocs/comm/propal/class/propal.class.php | 17 ++++++++++++++--- 1 file changed, 14 insertions(+), 3 deletions(-) diff --git a/htdocs/comm/propal/class/propal.class.php b/htdocs/comm/propal/class/propal.class.php index 3a8c9c6c0ae..775e1ad2782 100644 --- a/htdocs/comm/propal/class/propal.class.php +++ b/htdocs/comm/propal/class/propal.class.php @@ -959,8 +959,10 @@ class Propal extends CommonObject */ function createFromClone($socid=0) { - global $user,$langs,$conf,$hookmanager; - + global $db, $user,$langs,$conf,$hookmanager; + + dol_include_once('/projet/class.project.class.php'); + $this->context['createfromclone']='createfromclone'; $error=0; @@ -985,7 +987,16 @@ class Propal extends CommonObject $this->socid = $objsoc->id; $this->cond_reglement_id = (! empty($objsoc->cond_reglement_id) ? $objsoc->cond_reglement_id : 0); $this->mode_reglement_id = (! empty($objsoc->mode_reglement_id) ? $objsoc->mode_reglement_id : 0); - $this->fk_project = ''; + + $project = new Project($db); + + if($objFrom->fk_project > 0 && $project->fetch($objFrom->fk_project)) { + if($project->socid <= 0) $this->fk_project = $objFrom->fk_project; + else $this->fk_project = ''; + } else { + $this->fk_project = ''; + } + $this->fk_delivery_address = ''; } From 6a3310daf7aecda23535f21d8848bf2185e6d030 Mon Sep 17 00:00:00 2001 From: Regis Houssin Date: Thu, 4 Jun 2015 15:42:51 +0200 Subject: [PATCH 07/48] Fix: PRODUCT_USE_OLD_PATH_FOR_PHOTO use entity 0 for multicompany Fix: use encrypt/decrypt with llx_const for experimental encryption of sensitive data --- .../install/mysql/migration/3.6.0-3.7.0.sql | 64 +++++++++---------- 1 file changed, 32 insertions(+), 32 deletions(-) diff --git a/htdocs/install/mysql/migration/3.6.0-3.7.0.sql b/htdocs/install/mysql/migration/3.6.0-3.7.0.sql index 080fbdc699d..b74c8ddba17 100755 --- a/htdocs/install/mysql/migration/3.6.0-3.7.0.sql +++ b/htdocs/install/mysql/migration/3.6.0-3.7.0.sql @@ -98,36 +98,36 @@ ALTER TABLE llx_accountingaccount add column fk_user_author integer DEFAULT NULL ALTER TABLE llx_accountingaccount add column fk_user_modif integer DEFAULT NULL AFTER fk_user_author; -- Qual -UPDATE llx_const SET name = 'ACCOUNTING_MODE' WHERE name = 'COMPTA_MODE'; -UPDATE llx_const SET name = 'ACCOUNTING_ACCOUNT_CUSTOMER' WHERE name = 'COMPTA_ACCOUNT_CUSTOMER'; -UPDATE llx_const SET name = 'ACCOUNTING_ACCOUNT_SUPPLIER' WHERE name = 'COMPTA_ACCOUNT_SUPPLIER'; -UPDATE llx_const SET name = 'ACCOUNTING_PRODUCT_BUY_ACCOUNT' WHERE name = 'COMPTA_PRODUCT_BUY_ACCOUNT'; -UPDATE llx_const SET name = 'ACCOUNTING_PRODUCT_SOLD_ACCOUNT' WHERE name = 'COMPTA_PRODUCT_SOLD_ACCOUNT'; -UPDATE llx_const SET name = 'ACCOUNTING_SERVICE_BUY_ACCOUNT' WHERE name = 'COMPTA_SERVICE_BUY_ACCOUNT'; -UPDATE llx_const SET name = 'ACCOUNTING_SERVICE_SOLD_ACCOUNT' WHERE name = 'COMPTA_SERVICE_SOLD_ACCOUNT'; -UPDATE llx_const SET name = 'ACCOUNTING_VAT_ACCOUNT' WHERE name = 'COMPTA_VAT_ACCOUNT'; -UPDATE llx_const SET name = 'ACCOUNTING_VAT_BUY_ACCOUNT' WHERE name = 'COMPTA_VAT_BUY_ACCOUNT'; +UPDATE llx_const SET name = __ENCRYPT('ACCOUNTING_MODE')__ WHERE __DECRYPT('name')__ = 'COMPTA_MODE'; +UPDATE llx_const SET name = __ENCRYPT('ACCOUNTING_ACCOUNT_CUSTOMER')__ WHERE __DECRYPT('name')__ = 'COMPTA_ACCOUNT_CUSTOMER'; +UPDATE llx_const SET name = __ENCRYPT('ACCOUNTING_ACCOUNT_SUPPLIER')__ WHERE __DECRYPT('name')__ = 'COMPTA_ACCOUNT_SUPPLIER'; +UPDATE llx_const SET name = __ENCRYPT('ACCOUNTING_PRODUCT_BUY_ACCOUNT')__ WHERE __DECRYPT('name')__ = 'COMPTA_PRODUCT_BUY_ACCOUNT'; +UPDATE llx_const SET name = __ENCRYPT('ACCOUNTING_PRODUCT_SOLD_ACCOUNT')__ WHERE __DECRYPT('name')__ = 'COMPTA_PRODUCT_SOLD_ACCOUNT'; +UPDATE llx_const SET name = __ENCRYPT('ACCOUNTING_SERVICE_BUY_ACCOUNT')__ WHERE __DECRYPT('name')__ = 'COMPTA_SERVICE_BUY_ACCOUNT'; +UPDATE llx_const SET name = __ENCRYPT('ACCOUNTING_SERVICE_SOLD_ACCOUNT')__ WHERE __DECRYPT('name')__ = 'COMPTA_SERVICE_SOLD_ACCOUNT'; +UPDATE llx_const SET name = __ENCRYPT('ACCOUNTING_VAT_ACCOUNT')__ WHERE __DECRYPT('name')__ = 'COMPTA_VAT_ACCOUNT'; +UPDATE llx_const SET name = __ENCRYPT('ACCOUNTING_VAT_BUY_ACCOUNT')__ WHERE __DECRYPT('name')__ = 'COMPTA_VAT_BUY_ACCOUNT'; -- Compatibility with module Accounting Expert -UPDATE llx_const SET name = 'ACCOUNTING_EXPORT_MODELCSV' WHERE name = 'ACCOUNTINGEX_MODELCSV'; -UPDATE llx_const SET name = 'ACCOUNTING_EXPORT_SEPARATORCSV' WHERE name = 'ACCOUNTINGEX_SEPARATORCSV'; -UPDATE llx_const SET name = 'ACCOUNTING_EXPORT_DATE' WHERE name = 'ACCOUNTINGEX_EXP_DATE'; -UPDATE llx_const SET name = 'ACCOUNTING_EXPORT_PIECE' WHERE name = 'ACCOUNTINGEX_EXP_PIECE'; -UPDATE llx_const SET name = 'ACCOUNTING_EXPORT_GLOBAL_ACCOUNT' WHERE name = 'ACCOUNTINGEX_EXP_GLOBAL_ACCOUNT'; -UPDATE llx_const SET name = 'ACCOUNTING_EXPORT_LABEL' WHERE name = 'ACCOUNTINGEX_EXP_LABEL'; -UPDATE llx_const SET name = 'ACCOUNTING_EXPORT_AMOUNT' WHERE name = 'ACCOUNTINGEX_EXP_AMOUNT'; -UPDATE llx_const SET name = 'ACCOUNTING_EXPORT_DEVISE' WHERE name = 'ACCOUNTINGEX_EXP_DEVISE'; -UPDATE llx_const SET name = 'ACCOUNTING_ACCOUNT_SUSPENSE' WHERE name = 'ACCOUNTINGEX_ACCOUNT_SUSPENSE'; -UPDATE llx_const SET name = 'ACCOUNTING_SELL_JOURNAL' WHERE name = 'ACCOUNTINGEX_SELL_JOURNAL'; -UPDATE llx_const SET name = 'ACCOUNTING_PURCHASE_JOURNAL' WHERE name = 'ACCOUNTINGEX_PURCHASE_JOURNAL'; -UPDATE llx_const SET name = 'ACCOUNTING_SOCIAL_JOURNAL' WHERE name = 'ACCOUNTINGEX_SOCIAL_JOURNAL'; -UPDATE llx_const SET name = 'ACCOUNTING_MISCELLANEOUS_JOURNAL' WHERE name = 'ACCOUNTINGEX_MISCELLANEOUS_JOURNAL'; -UPDATE llx_const SET name = 'ACCOUNTING_ACCOUNT_TRANSFER_CASH' WHERE name = 'ACCOUNTINGEX_ACCOUNT_TRANSFER_CASH'; -UPDATE llx_const SET name = 'ACCOUNTING_LENGTH_GACCOUNT' WHERE name = 'ACCOUNTINGEX_LENGTH_GACCOUNT'; -UPDATE llx_const SET name = 'ACCOUNTING_LENGTH_AACCOUNT' WHERE name = 'ACCOUNTINGEX_LENGTH_AACCOUNT'; -UPDATE llx_const SET name = 'ACCOUNTING_LIMIT_LIST_VENTILATION' WHERE name = 'ACCOUNTINGEX_LIMIT_LIST_VENTILATION'; -UPDATE llx_const SET name = 'ACCOUNTING_LIST_SORT_VENTILATION_TODO' WHERE name = 'ACCOUNTINGEX_LIST_SORT_VENTILATION_TODO'; -UPDATE llx_const SET name = 'ACCOUNTING_LIST_SORT_VENTILATION_DONE' WHERE name = 'ACCOUNTINGEX_LIST_SORT_VENTILATION_DONE'; +UPDATE llx_const SET name = __ENCRYPT('ACCOUNTING_EXPORT_MODELCSV')__ WHERE __DECRYPT('name')__ = 'ACCOUNTINGEX_MODELCSV'; +UPDATE llx_const SET name = __ENCRYPT('ACCOUNTING_EXPORT_SEPARATORCSV')__ WHERE __DECRYPT('name')__ = 'ACCOUNTINGEX_SEPARATORCSV'; +UPDATE llx_const SET name = __ENCRYPT('ACCOUNTING_EXPORT_DATE')__ WHERE __DECRYPT('name')__ = 'ACCOUNTINGEX_EXP_DATE'; +UPDATE llx_const SET name = __ENCRYPT('ACCOUNTING_EXPORT_PIECE')__ WHERE __DECRYPT('name')__ = 'ACCOUNTINGEX_EXP_PIECE'; +UPDATE llx_const SET name = __ENCRYPT('ACCOUNTING_EXPORT_GLOBAL_ACCOUNT')__ WHERE __DECRYPT('name')__ = 'ACCOUNTINGEX_EXP_GLOBAL_ACCOUNT'; +UPDATE llx_const SET name = __ENCRYPT('ACCOUNTING_EXPORT_LABEL')__ WHERE __DECRYPT('name')__ = 'ACCOUNTINGEX_EXP_LABEL'; +UPDATE llx_const SET name = __ENCRYPT('ACCOUNTING_EXPORT_AMOUNT')__ WHERE __DECRYPT('name')__ = 'ACCOUNTINGEX_EXP_AMOUNT'; +UPDATE llx_const SET name = __ENCRYPT('ACCOUNTING_EXPORT_DEVISE')__ WHERE __DECRYPT('name')__ = 'ACCOUNTINGEX_EXP_DEVISE'; +UPDATE llx_const SET name = __ENCRYPT('ACCOUNTING_ACCOUNT_SUSPENSE')__ WHERE __DECRYPT('name')__ = 'ACCOUNTINGEX_ACCOUNT_SUSPENSE'; +UPDATE llx_const SET name = __ENCRYPT('ACCOUNTING_SELL_JOURNAL')__ WHERE __DECRYPT('name')__ = 'ACCOUNTINGEX_SELL_JOURNAL'; +UPDATE llx_const SET name = __ENCRYPT('ACCOUNTING_PURCHASE_JOURNAL')__ WHERE __DECRYPT('name')__ = 'ACCOUNTINGEX_PURCHASE_JOURNAL'; +UPDATE llx_const SET name = __ENCRYPT('ACCOUNTING_SOCIAL_JOURNAL')__ WHERE __DECRYPT('name')__ = 'ACCOUNTINGEX_SOCIAL_JOURNAL'; +UPDATE llx_const SET name = __ENCRYPT('ACCOUNTING_MISCELLANEOUS_JOURNAL')__ WHERE __DECRYPT('name')__ = 'ACCOUNTINGEX_MISCELLANEOUS_JOURNAL'; +UPDATE llx_const SET name = __ENCRYPT('ACCOUNTING_ACCOUNT_TRANSFER_CASH')__ WHERE __DECRYPT('name')__ = 'ACCOUNTINGEX_ACCOUNT_TRANSFER_CASH'; +UPDATE llx_const SET name = __ENCRYPT('ACCOUNTING_LENGTH_GACCOUNT')__ WHERE __DECRYPT('name')__ = 'ACCOUNTINGEX_LENGTH_GACCOUNT'; +UPDATE llx_const SET name = __ENCRYPT('ACCOUNTING_LENGTH_AACCOUNT')__ WHERE __DECRYPT('name')__ = 'ACCOUNTINGEX_LENGTH_AACCOUNT'; +UPDATE llx_const SET name = __ENCRYPT('ACCOUNTING_LIMIT_LIST_VENTILATION')__ WHERE __DECRYPT('name')__ = 'ACCOUNTINGEX_LIMIT_LIST_VENTILATION'; +UPDATE llx_const SET name = __ENCRYPT('ACCOUNTING_LIST_SORT_VENTILATION_TODO')__ WHERE __DECRYPT('name')__ = 'ACCOUNTINGEX_LIST_SORT_VENTILATION_TODO'; +UPDATE llx_const SET name = __ENCRYPT('ACCOUNTING_LIST_SORT_VENTILATION_DONE')__ WHERE __DECRYPT('name')__ = 'ACCOUNTINGEX_LIST_SORT_VENTILATION_DONE'; -- Drop old table DROP TABLE llx_compta; @@ -1133,9 +1133,9 @@ ALTER TABLE llx_c_email_templates ADD UNIQUE INDEX uk_c_email_templates(entity, ALTER TABLE llx_c_email_templates ADD INDEX idx_type(type_template); -- Remove OSC module -DELETE FROM llx_const WHERE name = 'MAIN_MODULE_BOUTIQUE'; -DELETE FROM llx_const WHERE name = 'OSC_DB_HOST'; -DELETE FROM llx_menu WHERE module = 'boutique'; +DELETE FROM llx_const WHERE __DECRYPT('name')__ = 'MAIN_MODULE_BOUTIQUE'; +DELETE FROM llx_const WHERE __DECRYPT('name')__ = 'OSC_DB_HOST'; +DELETE FROM llx_menu WHERE __DECRYPT('module')__ = 'boutique'; -- Add option always editable on extrafield ALTER TABLE llx_extrafields ADD alwayseditable INTEGER DEFAULT 0 AFTER pos; @@ -1177,4 +1177,4 @@ insert into llx_c_tva(rowid,fk_pays,taux,recuperableonly,localtax1,localtax1_typ ALTER TABLE llx_livraison MODIFY COLUMN date_delivery DATETIME NULL DEFAULT NULL; -INSERT INTO llx_const (name, value, type, note, visible, entity) SELECT 'PRODUCT_USE_OLD_PATH_FOR_PHOTO','1','chaine','Use old path for products images',1,1 FROM llx_const WHERE name='MAIN_VERSION_LAST_INSTALL' AND value < '3.7.0'; +INSERT INTO llx_const (name, value, type, note, visible, entity) SELECT __ENCRYPT('PRODUCT_USE_OLD_PATH_FOR_PHOTO')__,__ENCRYPT('1')__,'chaine','Use old path for products images',1,0 FROM llx_const WHERE __DECRYPT('name')__ = 'MAIN_VERSION_LAST_INSTALL' AND __DECRYPT('value')__ <= '3.7.2'; From 5139954365489c3d7e65a7525a27d094944b8ab3 Mon Sep 17 00:00:00 2001 From: Regis Houssin Date: Thu, 4 Jun 2015 16:39:39 +0200 Subject: [PATCH 08/48] Fix: add filter in "dol_most_recent_files" for avoid conflict with option "Save file on server with name "FA0700034_Original filename"" --- htdocs/comm/propal.php | 4 ++-- htdocs/commande/card.php | 4 ++-- htdocs/compta/facture.php | 4 ++-- htdocs/expedition/card.php | 4 ++-- htdocs/fichinter/card.php | 4 ++-- htdocs/fourn/commande/card.php | 4 ++-- htdocs/fourn/facture/card.php | 4 ++-- 7 files changed, 14 insertions(+), 14 deletions(-) diff --git a/htdocs/comm/propal.php b/htdocs/comm/propal.php index a0ef8878d1f..38e485ae563 100644 --- a/htdocs/comm/propal.php +++ b/htdocs/comm/propal.php @@ -2194,7 +2194,7 @@ if ($action == 'create') $ref = dol_sanitizeFileName($object->ref); include_once DOL_DOCUMENT_ROOT . '/core/lib/files.lib.php'; - $fileparams = dol_most_recent_file($conf->propal->dir_output . '/' . $ref, preg_quote($ref, '/')); + $fileparams = dol_most_recent_file($conf->propal->dir_output . '/' . $ref, preg_quote($ref, '/').'\.([a-z0-9])+$'); $file = $fileparams ['fullname']; // Define output language @@ -2219,7 +2219,7 @@ if ($action == 'create') dol_print_error($db, $result); exit(); } - $fileparams = dol_most_recent_file($conf->propal->dir_output . '/' . $ref, preg_quote($ref, '/')); + $fileparams = dol_most_recent_file($conf->propal->dir_output . '/' . $ref, preg_quote($ref, '/').'\.([a-z0-9])+$'); $file = $fileparams ['fullname']; } diff --git a/htdocs/commande/card.php b/htdocs/commande/card.php index e6be7a8d74b..e932a9eb499 100644 --- a/htdocs/commande/card.php +++ b/htdocs/commande/card.php @@ -2285,7 +2285,7 @@ if ($action == 'create' && $user->rights->commande->creer) { $ref = dol_sanitizeFileName($object->ref); include_once DOL_DOCUMENT_ROOT . '/core/lib/files.lib.php'; - $fileparams = dol_most_recent_file($conf->commande->dir_output . '/' . $ref, preg_quote($ref, '/')); + $fileparams = dol_most_recent_file($conf->commande->dir_output . '/' . $ref, preg_quote($ref, '/').'\.([a-z0-9])+$'); $file = $fileparams ['fullname']; // Define output language @@ -2310,7 +2310,7 @@ if ($action == 'create' && $user->rights->commande->creer) { dol_print_error($db, $result); exit(); } - $fileparams = dol_most_recent_file($conf->commande->dir_output . '/' . $ref, preg_quote($ref, '/')); + $fileparams = dol_most_recent_file($conf->commande->dir_output . '/' . $ref, preg_quote($ref, '/').'\.([a-z0-9])+$'); $file = $fileparams ['fullname']; } diff --git a/htdocs/compta/facture.php b/htdocs/compta/facture.php index e247863a015..86e027034b0 100644 --- a/htdocs/compta/facture.php +++ b/htdocs/compta/facture.php @@ -3561,7 +3561,7 @@ if ($action == 'create') $ref = dol_sanitizeFileName($object->ref); include_once DOL_DOCUMENT_ROOT . '/core/lib/files.lib.php'; - $fileparams = dol_most_recent_file($conf->facture->dir_output . '/' . $ref, preg_quote($ref, '/')); + $fileparams = dol_most_recent_file($conf->facture->dir_output . '/' . $ref, preg_quote($ref, '/').'\.([a-z0-9])+$'); $file = $fileparams ['fullname']; // Define output language @@ -3586,7 +3586,7 @@ if ($action == 'create') dol_print_error($db, $result); exit(); } - $fileparams = dol_most_recent_file($conf->facture->dir_output . '/' . $ref, preg_quote($ref, '/')); + $fileparams = dol_most_recent_file($conf->facture->dir_output . '/' . $ref, preg_quote($ref, '/').'\.([a-z0-9])+$'); $file = $fileparams ['fullname']; } diff --git a/htdocs/expedition/card.php b/htdocs/expedition/card.php index 7187506db14..d072e9978a3 100644 --- a/htdocs/expedition/card.php +++ b/htdocs/expedition/card.php @@ -1621,7 +1621,7 @@ else if ($id || $ref) { $ref = dol_sanitizeFileName($object->ref); include_once DOL_DOCUMENT_ROOT.'/core/lib/files.lib.php'; - $fileparams = dol_most_recent_file($conf->expedition->dir_output . '/sending/' . $ref, preg_quote($ref,'/')); + $fileparams = dol_most_recent_file($conf->expedition->dir_output . '/sending/' . $ref, preg_quote($ref, '/').'\.([a-z0-9])+$'); $file=$fileparams['fullname']; // Define output language @@ -1648,7 +1648,7 @@ else if ($id || $ref) dol_print_error($db,$result); exit; } - $fileparams = dol_most_recent_file($conf->expedition->dir_output . '/sending/' . $ref, preg_quote($ref,'/')); + $fileparams = dol_most_recent_file($conf->expedition->dir_output . '/sending/' . $ref, preg_quote($ref, '/').'\.([a-z0-9])+$'); $file=$fileparams['fullname']; } diff --git a/htdocs/fichinter/card.php b/htdocs/fichinter/card.php index f5fcd076709..19616ba8fa0 100644 --- a/htdocs/fichinter/card.php +++ b/htdocs/fichinter/card.php @@ -1732,7 +1732,7 @@ else if ($id > 0 || ! empty($ref)) { $ref = dol_sanitizeFileName($object->ref); include_once DOL_DOCUMENT_ROOT.'/core/lib/files.lib.php'; - $fileparams = dol_most_recent_file($conf->ficheinter->dir_output . '/' . $ref, preg_quote($ref,'/')); + $fileparams = dol_most_recent_file($conf->ficheinter->dir_output . '/' . $ref, preg_quote($ref, '/').'\.([a-z0-9])+$'); $file=$fileparams['fullname']; // Define output language @@ -1759,7 +1759,7 @@ else if ($id > 0 || ! empty($ref)) dol_print_error($db,$result); exit; } - $fileparams = dol_most_recent_file($conf->ficheinter->dir_output . '/' . $ref, preg_quote($ref,'/')); + $fileparams = dol_most_recent_file($conf->ficheinter->dir_output . '/' . $ref, preg_quote($ref, '/').'\.([a-z0-9])+$'); $file=$fileparams['fullname']; } diff --git a/htdocs/fourn/commande/card.php b/htdocs/fourn/commande/card.php index a6ac9c42b56..b886ed55d88 100644 --- a/htdocs/fourn/commande/card.php +++ b/htdocs/fourn/commande/card.php @@ -1920,7 +1920,7 @@ elseif (! empty($object->id)) { $ref = dol_sanitizeFileName($object->ref); include_once DOL_DOCUMENT_ROOT.'/core/lib/files.lib.php'; - $fileparams = dol_most_recent_file($conf->fournisseur->commande->dir_output . '/' . $ref, preg_quote($ref,'/')); + $fileparams = dol_most_recent_file($conf->fournisseur->commande->dir_output . '/' . $ref, preg_quote($ref, '/').'\.([a-z0-9])+$'); $file=$fileparams['fullname']; // Define output language @@ -1947,7 +1947,7 @@ elseif (! empty($object->id)) dol_print_error($db,$result); exit; } - $fileparams = dol_most_recent_file($conf->fournisseur->commande->dir_output . '/' . $ref, preg_quote($ref,'/')); + $fileparams = dol_most_recent_file($conf->fournisseur->commande->dir_output . '/' . $ref, preg_quote($ref, '/').'\.([a-z0-9])+$'); $file=$fileparams['fullname']; } diff --git a/htdocs/fourn/facture/card.php b/htdocs/fourn/facture/card.php index 54ef660f6aa..947db69fda5 100644 --- a/htdocs/fourn/facture/card.php +++ b/htdocs/fourn/facture/card.php @@ -2396,7 +2396,7 @@ else { $ref = dol_sanitizeFileName($object->ref); include_once DOL_DOCUMENT_ROOT.'/core/lib/files.lib.php'; - $fileparams = dol_most_recent_file($conf->fournisseur->facture->dir_output.'/'.get_exdir($object->id,2).$ref, preg_quote($ref,'/')); + $fileparams = dol_most_recent_file($conf->fournisseur->facture->dir_output.'/'.get_exdir($object->id,2).$ref, preg_quote($ref, '/').'\.([a-z0-9])+$'); $file=$fileparams['fullname']; // Define output language @@ -2423,7 +2423,7 @@ else dol_print_error($db,$result); exit; } - $fileparams = dol_most_recent_file($conf->fournisseur->facture->dir_output.'/'.get_exdir($object->id,2).$ref, preg_quote($ref,'/')); + $fileparams = dol_most_recent_file($conf->fournisseur->facture->dir_output.'/'.get_exdir($object->id,2).$ref, preg_quote($ref, '/').'\.([a-z0-9])+$'); $file=$fileparams['fullname']; } From 195a1b2708655a2d62d00879c574e93d22d7bcdc Mon Sep 17 00:00:00 2001 From: jfefe Date: Thu, 4 Jun 2015 18:10:29 +0200 Subject: [PATCH 09/48] FIX #2957 : missing $langs object for trigger --- htdocs/fourn/class/fournisseur.product.class.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/fourn/class/fournisseur.product.class.php b/htdocs/fourn/class/fournisseur.product.class.php index b642926f802..140bc3d4230 100644 --- a/htdocs/fourn/class/fournisseur.product.class.php +++ b/htdocs/fourn/class/fournisseur.product.class.php @@ -156,7 +156,7 @@ class ProductFournisseur extends Product */ function update_buyprice($qty, $buyprice, $user, $price_base_type, $fourn, $availability, $ref_fourn, $tva_tx, $charges=0, $remise_percent=0, $remise=0, $newnpr=0) { - global $conf,$mysoc; + global $conf,$mysoc, $langs; // Clean parameter if (empty($qty)) $qty=0; From e78dba809be12d616226a3faa9195c799e7ecbc7 Mon Sep 17 00:00:00 2001 From: Regis Houssin Date: Thu, 4 Jun 2015 15:42:51 +0200 Subject: [PATCH 10/48] Fix: PRODUCT_USE_OLD_PATH_FOR_PHOTO use entity 0 for multicompany Fix: use encrypt/decrypt with llx_const for experimental encryption of sensitive data --- .../install/mysql/migration/3.6.0-3.7.0.sql | 64 +++++++++---------- 1 file changed, 32 insertions(+), 32 deletions(-) diff --git a/htdocs/install/mysql/migration/3.6.0-3.7.0.sql b/htdocs/install/mysql/migration/3.6.0-3.7.0.sql index 080fbdc699d..b74c8ddba17 100755 --- a/htdocs/install/mysql/migration/3.6.0-3.7.0.sql +++ b/htdocs/install/mysql/migration/3.6.0-3.7.0.sql @@ -98,36 +98,36 @@ ALTER TABLE llx_accountingaccount add column fk_user_author integer DEFAULT NULL ALTER TABLE llx_accountingaccount add column fk_user_modif integer DEFAULT NULL AFTER fk_user_author; -- Qual -UPDATE llx_const SET name = 'ACCOUNTING_MODE' WHERE name = 'COMPTA_MODE'; -UPDATE llx_const SET name = 'ACCOUNTING_ACCOUNT_CUSTOMER' WHERE name = 'COMPTA_ACCOUNT_CUSTOMER'; -UPDATE llx_const SET name = 'ACCOUNTING_ACCOUNT_SUPPLIER' WHERE name = 'COMPTA_ACCOUNT_SUPPLIER'; -UPDATE llx_const SET name = 'ACCOUNTING_PRODUCT_BUY_ACCOUNT' WHERE name = 'COMPTA_PRODUCT_BUY_ACCOUNT'; -UPDATE llx_const SET name = 'ACCOUNTING_PRODUCT_SOLD_ACCOUNT' WHERE name = 'COMPTA_PRODUCT_SOLD_ACCOUNT'; -UPDATE llx_const SET name = 'ACCOUNTING_SERVICE_BUY_ACCOUNT' WHERE name = 'COMPTA_SERVICE_BUY_ACCOUNT'; -UPDATE llx_const SET name = 'ACCOUNTING_SERVICE_SOLD_ACCOUNT' WHERE name = 'COMPTA_SERVICE_SOLD_ACCOUNT'; -UPDATE llx_const SET name = 'ACCOUNTING_VAT_ACCOUNT' WHERE name = 'COMPTA_VAT_ACCOUNT'; -UPDATE llx_const SET name = 'ACCOUNTING_VAT_BUY_ACCOUNT' WHERE name = 'COMPTA_VAT_BUY_ACCOUNT'; +UPDATE llx_const SET name = __ENCRYPT('ACCOUNTING_MODE')__ WHERE __DECRYPT('name')__ = 'COMPTA_MODE'; +UPDATE llx_const SET name = __ENCRYPT('ACCOUNTING_ACCOUNT_CUSTOMER')__ WHERE __DECRYPT('name')__ = 'COMPTA_ACCOUNT_CUSTOMER'; +UPDATE llx_const SET name = __ENCRYPT('ACCOUNTING_ACCOUNT_SUPPLIER')__ WHERE __DECRYPT('name')__ = 'COMPTA_ACCOUNT_SUPPLIER'; +UPDATE llx_const SET name = __ENCRYPT('ACCOUNTING_PRODUCT_BUY_ACCOUNT')__ WHERE __DECRYPT('name')__ = 'COMPTA_PRODUCT_BUY_ACCOUNT'; +UPDATE llx_const SET name = __ENCRYPT('ACCOUNTING_PRODUCT_SOLD_ACCOUNT')__ WHERE __DECRYPT('name')__ = 'COMPTA_PRODUCT_SOLD_ACCOUNT'; +UPDATE llx_const SET name = __ENCRYPT('ACCOUNTING_SERVICE_BUY_ACCOUNT')__ WHERE __DECRYPT('name')__ = 'COMPTA_SERVICE_BUY_ACCOUNT'; +UPDATE llx_const SET name = __ENCRYPT('ACCOUNTING_SERVICE_SOLD_ACCOUNT')__ WHERE __DECRYPT('name')__ = 'COMPTA_SERVICE_SOLD_ACCOUNT'; +UPDATE llx_const SET name = __ENCRYPT('ACCOUNTING_VAT_ACCOUNT')__ WHERE __DECRYPT('name')__ = 'COMPTA_VAT_ACCOUNT'; +UPDATE llx_const SET name = __ENCRYPT('ACCOUNTING_VAT_BUY_ACCOUNT')__ WHERE __DECRYPT('name')__ = 'COMPTA_VAT_BUY_ACCOUNT'; -- Compatibility with module Accounting Expert -UPDATE llx_const SET name = 'ACCOUNTING_EXPORT_MODELCSV' WHERE name = 'ACCOUNTINGEX_MODELCSV'; -UPDATE llx_const SET name = 'ACCOUNTING_EXPORT_SEPARATORCSV' WHERE name = 'ACCOUNTINGEX_SEPARATORCSV'; -UPDATE llx_const SET name = 'ACCOUNTING_EXPORT_DATE' WHERE name = 'ACCOUNTINGEX_EXP_DATE'; -UPDATE llx_const SET name = 'ACCOUNTING_EXPORT_PIECE' WHERE name = 'ACCOUNTINGEX_EXP_PIECE'; -UPDATE llx_const SET name = 'ACCOUNTING_EXPORT_GLOBAL_ACCOUNT' WHERE name = 'ACCOUNTINGEX_EXP_GLOBAL_ACCOUNT'; -UPDATE llx_const SET name = 'ACCOUNTING_EXPORT_LABEL' WHERE name = 'ACCOUNTINGEX_EXP_LABEL'; -UPDATE llx_const SET name = 'ACCOUNTING_EXPORT_AMOUNT' WHERE name = 'ACCOUNTINGEX_EXP_AMOUNT'; -UPDATE llx_const SET name = 'ACCOUNTING_EXPORT_DEVISE' WHERE name = 'ACCOUNTINGEX_EXP_DEVISE'; -UPDATE llx_const SET name = 'ACCOUNTING_ACCOUNT_SUSPENSE' WHERE name = 'ACCOUNTINGEX_ACCOUNT_SUSPENSE'; -UPDATE llx_const SET name = 'ACCOUNTING_SELL_JOURNAL' WHERE name = 'ACCOUNTINGEX_SELL_JOURNAL'; -UPDATE llx_const SET name = 'ACCOUNTING_PURCHASE_JOURNAL' WHERE name = 'ACCOUNTINGEX_PURCHASE_JOURNAL'; -UPDATE llx_const SET name = 'ACCOUNTING_SOCIAL_JOURNAL' WHERE name = 'ACCOUNTINGEX_SOCIAL_JOURNAL'; -UPDATE llx_const SET name = 'ACCOUNTING_MISCELLANEOUS_JOURNAL' WHERE name = 'ACCOUNTINGEX_MISCELLANEOUS_JOURNAL'; -UPDATE llx_const SET name = 'ACCOUNTING_ACCOUNT_TRANSFER_CASH' WHERE name = 'ACCOUNTINGEX_ACCOUNT_TRANSFER_CASH'; -UPDATE llx_const SET name = 'ACCOUNTING_LENGTH_GACCOUNT' WHERE name = 'ACCOUNTINGEX_LENGTH_GACCOUNT'; -UPDATE llx_const SET name = 'ACCOUNTING_LENGTH_AACCOUNT' WHERE name = 'ACCOUNTINGEX_LENGTH_AACCOUNT'; -UPDATE llx_const SET name = 'ACCOUNTING_LIMIT_LIST_VENTILATION' WHERE name = 'ACCOUNTINGEX_LIMIT_LIST_VENTILATION'; -UPDATE llx_const SET name = 'ACCOUNTING_LIST_SORT_VENTILATION_TODO' WHERE name = 'ACCOUNTINGEX_LIST_SORT_VENTILATION_TODO'; -UPDATE llx_const SET name = 'ACCOUNTING_LIST_SORT_VENTILATION_DONE' WHERE name = 'ACCOUNTINGEX_LIST_SORT_VENTILATION_DONE'; +UPDATE llx_const SET name = __ENCRYPT('ACCOUNTING_EXPORT_MODELCSV')__ WHERE __DECRYPT('name')__ = 'ACCOUNTINGEX_MODELCSV'; +UPDATE llx_const SET name = __ENCRYPT('ACCOUNTING_EXPORT_SEPARATORCSV')__ WHERE __DECRYPT('name')__ = 'ACCOUNTINGEX_SEPARATORCSV'; +UPDATE llx_const SET name = __ENCRYPT('ACCOUNTING_EXPORT_DATE')__ WHERE __DECRYPT('name')__ = 'ACCOUNTINGEX_EXP_DATE'; +UPDATE llx_const SET name = __ENCRYPT('ACCOUNTING_EXPORT_PIECE')__ WHERE __DECRYPT('name')__ = 'ACCOUNTINGEX_EXP_PIECE'; +UPDATE llx_const SET name = __ENCRYPT('ACCOUNTING_EXPORT_GLOBAL_ACCOUNT')__ WHERE __DECRYPT('name')__ = 'ACCOUNTINGEX_EXP_GLOBAL_ACCOUNT'; +UPDATE llx_const SET name = __ENCRYPT('ACCOUNTING_EXPORT_LABEL')__ WHERE __DECRYPT('name')__ = 'ACCOUNTINGEX_EXP_LABEL'; +UPDATE llx_const SET name = __ENCRYPT('ACCOUNTING_EXPORT_AMOUNT')__ WHERE __DECRYPT('name')__ = 'ACCOUNTINGEX_EXP_AMOUNT'; +UPDATE llx_const SET name = __ENCRYPT('ACCOUNTING_EXPORT_DEVISE')__ WHERE __DECRYPT('name')__ = 'ACCOUNTINGEX_EXP_DEVISE'; +UPDATE llx_const SET name = __ENCRYPT('ACCOUNTING_ACCOUNT_SUSPENSE')__ WHERE __DECRYPT('name')__ = 'ACCOUNTINGEX_ACCOUNT_SUSPENSE'; +UPDATE llx_const SET name = __ENCRYPT('ACCOUNTING_SELL_JOURNAL')__ WHERE __DECRYPT('name')__ = 'ACCOUNTINGEX_SELL_JOURNAL'; +UPDATE llx_const SET name = __ENCRYPT('ACCOUNTING_PURCHASE_JOURNAL')__ WHERE __DECRYPT('name')__ = 'ACCOUNTINGEX_PURCHASE_JOURNAL'; +UPDATE llx_const SET name = __ENCRYPT('ACCOUNTING_SOCIAL_JOURNAL')__ WHERE __DECRYPT('name')__ = 'ACCOUNTINGEX_SOCIAL_JOURNAL'; +UPDATE llx_const SET name = __ENCRYPT('ACCOUNTING_MISCELLANEOUS_JOURNAL')__ WHERE __DECRYPT('name')__ = 'ACCOUNTINGEX_MISCELLANEOUS_JOURNAL'; +UPDATE llx_const SET name = __ENCRYPT('ACCOUNTING_ACCOUNT_TRANSFER_CASH')__ WHERE __DECRYPT('name')__ = 'ACCOUNTINGEX_ACCOUNT_TRANSFER_CASH'; +UPDATE llx_const SET name = __ENCRYPT('ACCOUNTING_LENGTH_GACCOUNT')__ WHERE __DECRYPT('name')__ = 'ACCOUNTINGEX_LENGTH_GACCOUNT'; +UPDATE llx_const SET name = __ENCRYPT('ACCOUNTING_LENGTH_AACCOUNT')__ WHERE __DECRYPT('name')__ = 'ACCOUNTINGEX_LENGTH_AACCOUNT'; +UPDATE llx_const SET name = __ENCRYPT('ACCOUNTING_LIMIT_LIST_VENTILATION')__ WHERE __DECRYPT('name')__ = 'ACCOUNTINGEX_LIMIT_LIST_VENTILATION'; +UPDATE llx_const SET name = __ENCRYPT('ACCOUNTING_LIST_SORT_VENTILATION_TODO')__ WHERE __DECRYPT('name')__ = 'ACCOUNTINGEX_LIST_SORT_VENTILATION_TODO'; +UPDATE llx_const SET name = __ENCRYPT('ACCOUNTING_LIST_SORT_VENTILATION_DONE')__ WHERE __DECRYPT('name')__ = 'ACCOUNTINGEX_LIST_SORT_VENTILATION_DONE'; -- Drop old table DROP TABLE llx_compta; @@ -1133,9 +1133,9 @@ ALTER TABLE llx_c_email_templates ADD UNIQUE INDEX uk_c_email_templates(entity, ALTER TABLE llx_c_email_templates ADD INDEX idx_type(type_template); -- Remove OSC module -DELETE FROM llx_const WHERE name = 'MAIN_MODULE_BOUTIQUE'; -DELETE FROM llx_const WHERE name = 'OSC_DB_HOST'; -DELETE FROM llx_menu WHERE module = 'boutique'; +DELETE FROM llx_const WHERE __DECRYPT('name')__ = 'MAIN_MODULE_BOUTIQUE'; +DELETE FROM llx_const WHERE __DECRYPT('name')__ = 'OSC_DB_HOST'; +DELETE FROM llx_menu WHERE __DECRYPT('module')__ = 'boutique'; -- Add option always editable on extrafield ALTER TABLE llx_extrafields ADD alwayseditable INTEGER DEFAULT 0 AFTER pos; @@ -1177,4 +1177,4 @@ insert into llx_c_tva(rowid,fk_pays,taux,recuperableonly,localtax1,localtax1_typ ALTER TABLE llx_livraison MODIFY COLUMN date_delivery DATETIME NULL DEFAULT NULL; -INSERT INTO llx_const (name, value, type, note, visible, entity) SELECT 'PRODUCT_USE_OLD_PATH_FOR_PHOTO','1','chaine','Use old path for products images',1,1 FROM llx_const WHERE name='MAIN_VERSION_LAST_INSTALL' AND value < '3.7.0'; +INSERT INTO llx_const (name, value, type, note, visible, entity) SELECT __ENCRYPT('PRODUCT_USE_OLD_PATH_FOR_PHOTO')__,__ENCRYPT('1')__,'chaine','Use old path for products images',1,0 FROM llx_const WHERE __DECRYPT('name')__ = 'MAIN_VERSION_LAST_INSTALL' AND __DECRYPT('value')__ <= '3.7.2'; From f7493de50c4c16bf698f04b4d887a9f67442a1d7 Mon Sep 17 00:00:00 2001 From: Maxime Kohlhaas Date: Fri, 5 Jun 2015 13:42:29 +0200 Subject: [PATCH 11/48] Fix : supplier order clone was buggy if notes contains apostrophe --- htdocs/fourn/class/fournisseur.commande.class.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/htdocs/fourn/class/fournisseur.commande.class.php b/htdocs/fourn/class/fournisseur.commande.class.php index 8e618ba0eee..b69818bbdb1 100644 --- a/htdocs/fourn/class/fournisseur.commande.class.php +++ b/htdocs/fourn/class/fournisseur.commande.class.php @@ -911,8 +911,8 @@ class CommandeFournisseur extends CommonOrder $sql.= " VALUES ("; $sql.= "''"; $sql.= ", '".$this->ref_supplier."'"; - $sql.= ", '".$this->note_private."'"; - $sql.= ", '".$this->note_public."'"; + $sql.= ", '".$this->db->escape($this->note_private)."'"; + $sql.= ", '".$this->db->escape($this->note_public)."'"; $sql.= ", ".$conf->entity; $sql.= ", ".$this->socid; $sql.= ", '".$this->db->idate($now)."'"; From b57f0a0e5fb4ab17565551bcc1f70fdd31054abf Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Fri, 5 Jun 2015 18:32:49 +0200 Subject: [PATCH 12/48] Fix option to use old path for product is for compatibility if user come from 3.6 or lower. Must not be enabled on 3.7.0 or +. --- htdocs/install/mysql/migration/3.6.0-3.7.0.sql | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/htdocs/install/mysql/migration/3.6.0-3.7.0.sql b/htdocs/install/mysql/migration/3.6.0-3.7.0.sql index b74c8ddba17..f6282edf369 100755 --- a/htdocs/install/mysql/migration/3.6.0-3.7.0.sql +++ b/htdocs/install/mysql/migration/3.6.0-3.7.0.sql @@ -1177,4 +1177,5 @@ insert into llx_c_tva(rowid,fk_pays,taux,recuperableonly,localtax1,localtax1_typ ALTER TABLE llx_livraison MODIFY COLUMN date_delivery DATETIME NULL DEFAULT NULL; -INSERT INTO llx_const (name, value, type, note, visible, entity) SELECT __ENCRYPT('PRODUCT_USE_OLD_PATH_FOR_PHOTO')__,__ENCRYPT('1')__,'chaine','Use old path for products images',1,0 FROM llx_const WHERE __DECRYPT('name')__ = 'MAIN_VERSION_LAST_INSTALL' AND __DECRYPT('value')__ <= '3.7.2'; +-- This constant is for compatibility if user come from 3.6 or lower. Must not be enabled on 3.7.0 or + +INSERT INTO llx_const (name, value, type, note, visible, entity) SELECT __ENCRYPT('PRODUCT_USE_OLD_PATH_FOR_PHOTO')__,__ENCRYPT('1')__,'chaine','Use old path for products images',1,0 FROM llx_const WHERE __DECRYPT('name')__ = 'MAIN_VERSION_LAST_INSTALL' AND __DECRYPT('value')__ < '3.7.0'; From 9a812a6c287913437e0262b4aea5e5acb37318bb Mon Sep 17 00:00:00 2001 From: Regis Houssin Date: Sat, 6 Jun 2015 13:03:02 +0200 Subject: [PATCH 13/48] Fix: add filter for "dol_most_recent_files" for avoid conflict with option "Save file on server with name "FA0700034-Original filename"" --- htdocs/comm/propal.php | 4 ++-- htdocs/commande/card.php | 6 +++--- htdocs/compta/facture.php | 6 +++--- htdocs/core/tpl/document_actions_post_headers.tpl.php | 2 +- htdocs/expedition/card.php | 4 ++-- htdocs/fichinter/card.php | 4 ++-- htdocs/fourn/commande/card.php | 4 ++-- htdocs/fourn/facture/card.php | 4 ++-- 8 files changed, 17 insertions(+), 17 deletions(-) diff --git a/htdocs/comm/propal.php b/htdocs/comm/propal.php index a0ef8878d1f..b5302063a65 100644 --- a/htdocs/comm/propal.php +++ b/htdocs/comm/propal.php @@ -2194,7 +2194,7 @@ if ($action == 'create') $ref = dol_sanitizeFileName($object->ref); include_once DOL_DOCUMENT_ROOT . '/core/lib/files.lib.php'; - $fileparams = dol_most_recent_file($conf->propal->dir_output . '/' . $ref, preg_quote($ref, '/')); + $fileparams = dol_most_recent_file($conf->propal->dir_output . '/' . $ref, preg_quote($ref, '/').'([^\-])+'); $file = $fileparams ['fullname']; // Define output language @@ -2219,7 +2219,7 @@ if ($action == 'create') dol_print_error($db, $result); exit(); } - $fileparams = dol_most_recent_file($conf->propal->dir_output . '/' . $ref, preg_quote($ref, '/')); + $fileparams = dol_most_recent_file($conf->propal->dir_output . '/' . $ref, preg_quote($ref, '/').'([^\-])+'); $file = $fileparams ['fullname']; } diff --git a/htdocs/commande/card.php b/htdocs/commande/card.php index e6be7a8d74b..c326959619a 100644 --- a/htdocs/commande/card.php +++ b/htdocs/commande/card.php @@ -2,7 +2,7 @@ /* Copyright (C) 2003-2006 Rodolphe Quiedeville * Copyright (C) 2004-2014 Laurent Destailleur * Copyright (C) 2005 Marc Barilley / Ocebo - * Copyright (C) 2005-2013 Regis Houssin + * Copyright (C) 2005-2015 Regis Houssin * Copyright (C) 2006 Andre Cianfarani * Copyright (C) 2010-2013 Juanjo Menent * Copyright (C) 2011 Philippe Grand @@ -2285,7 +2285,7 @@ if ($action == 'create' && $user->rights->commande->creer) { $ref = dol_sanitizeFileName($object->ref); include_once DOL_DOCUMENT_ROOT . '/core/lib/files.lib.php'; - $fileparams = dol_most_recent_file($conf->commande->dir_output . '/' . $ref, preg_quote($ref, '/')); + $fileparams = dol_most_recent_file($conf->commande->dir_output . '/' . $ref, preg_quote($ref, '/').'([^\-])+'); $file = $fileparams ['fullname']; // Define output language @@ -2310,7 +2310,7 @@ if ($action == 'create' && $user->rights->commande->creer) { dol_print_error($db, $result); exit(); } - $fileparams = dol_most_recent_file($conf->commande->dir_output . '/' . $ref, preg_quote($ref, '/')); + $fileparams = dol_most_recent_file($conf->commande->dir_output . '/' . $ref, preg_quote($ref, '/').'([^\-])+'); $file = $fileparams ['fullname']; } diff --git a/htdocs/compta/facture.php b/htdocs/compta/facture.php index e247863a015..b360f6b6315 100644 --- a/htdocs/compta/facture.php +++ b/htdocs/compta/facture.php @@ -3,7 +3,7 @@ * Copyright (C) 2004 Eric Seigne * Copyright (C) 2004-2014 Laurent Destailleur * Copyright (C) 2005 Marc Barilley / Ocebo - * Copyright (C) 2005-2012 Regis Houssin + * Copyright (C) 2005-2015 Regis Houssin * Copyright (C) 2006 Andre Cianfarani * Copyright (C) 2010-2015 Juanjo Menent * Copyright (C) 2012-2013 Christophe Battarel @@ -3561,7 +3561,7 @@ if ($action == 'create') $ref = dol_sanitizeFileName($object->ref); include_once DOL_DOCUMENT_ROOT . '/core/lib/files.lib.php'; - $fileparams = dol_most_recent_file($conf->facture->dir_output . '/' . $ref, preg_quote($ref, '/')); + $fileparams = dol_most_recent_file($conf->facture->dir_output . '/' . $ref, preg_quote($ref, '/').'([^\-])+'); $file = $fileparams ['fullname']; // Define output language @@ -3586,7 +3586,7 @@ if ($action == 'create') dol_print_error($db, $result); exit(); } - $fileparams = dol_most_recent_file($conf->facture->dir_output . '/' . $ref, preg_quote($ref, '/')); + $fileparams = dol_most_recent_file($conf->facture->dir_output . '/' . $ref, preg_quote($ref, '/').'([^\-])+'); $file = $fileparams ['fullname']; } diff --git a/htdocs/core/tpl/document_actions_post_headers.tpl.php b/htdocs/core/tpl/document_actions_post_headers.tpl.php index d1a1cedca61..75d18c2b1a5 100644 --- a/htdocs/core/tpl/document_actions_post_headers.tpl.php +++ b/htdocs/core/tpl/document_actions_post_headers.tpl.php @@ -48,7 +48,7 @@ if (empty($conf->global->MAIN_DISABLE_SUGGEST_REF_AS_PREFIX)) //var_dump($modulepart); if (in_array($modulepart,array('facture_fournisseur','commande_fournisseur','facture','commande','propal','ficheinter','contract','project','project_task'))) { - $savingdocmask=$object->ref.'___file__'; + $savingdocmask=$object->ref.'-__file__'; } /*if (in_array($modulepart,array('member'))) { diff --git a/htdocs/expedition/card.php b/htdocs/expedition/card.php index 7187506db14..7dd0d680bee 100644 --- a/htdocs/expedition/card.php +++ b/htdocs/expedition/card.php @@ -1621,7 +1621,7 @@ else if ($id || $ref) { $ref = dol_sanitizeFileName($object->ref); include_once DOL_DOCUMENT_ROOT.'/core/lib/files.lib.php'; - $fileparams = dol_most_recent_file($conf->expedition->dir_output . '/sending/' . $ref, preg_quote($ref,'/')); + $fileparams = dol_most_recent_file($conf->expedition->dir_output . '/sending/' . $ref, preg_quote($ref, '/').'([^\-])+'); $file=$fileparams['fullname']; // Define output language @@ -1648,7 +1648,7 @@ else if ($id || $ref) dol_print_error($db,$result); exit; } - $fileparams = dol_most_recent_file($conf->expedition->dir_output . '/sending/' . $ref, preg_quote($ref,'/')); + $fileparams = dol_most_recent_file($conf->expedition->dir_output . '/sending/' . $ref, preg_quote($ref, '/').'([^\-])+'); $file=$fileparams['fullname']; } diff --git a/htdocs/fichinter/card.php b/htdocs/fichinter/card.php index f5fcd076709..6fb4d374a7a 100644 --- a/htdocs/fichinter/card.php +++ b/htdocs/fichinter/card.php @@ -1732,7 +1732,7 @@ else if ($id > 0 || ! empty($ref)) { $ref = dol_sanitizeFileName($object->ref); include_once DOL_DOCUMENT_ROOT.'/core/lib/files.lib.php'; - $fileparams = dol_most_recent_file($conf->ficheinter->dir_output . '/' . $ref, preg_quote($ref,'/')); + $fileparams = dol_most_recent_file($conf->ficheinter->dir_output . '/' . $ref, preg_quote($ref, '/').'([^\-])+'); $file=$fileparams['fullname']; // Define output language @@ -1759,7 +1759,7 @@ else if ($id > 0 || ! empty($ref)) dol_print_error($db,$result); exit; } - $fileparams = dol_most_recent_file($conf->ficheinter->dir_output . '/' . $ref, preg_quote($ref,'/')); + $fileparams = dol_most_recent_file($conf->ficheinter->dir_output . '/' . $ref, preg_quote($ref, '/').'([^\-])+'); $file=$fileparams['fullname']; } diff --git a/htdocs/fourn/commande/card.php b/htdocs/fourn/commande/card.php index a6ac9c42b56..584b5e337e0 100644 --- a/htdocs/fourn/commande/card.php +++ b/htdocs/fourn/commande/card.php @@ -1920,7 +1920,7 @@ elseif (! empty($object->id)) { $ref = dol_sanitizeFileName($object->ref); include_once DOL_DOCUMENT_ROOT.'/core/lib/files.lib.php'; - $fileparams = dol_most_recent_file($conf->fournisseur->commande->dir_output . '/' . $ref, preg_quote($ref,'/')); + $fileparams = dol_most_recent_file($conf->fournisseur->commande->dir_output . '/' . $ref, preg_quote($ref, '/').'([^\-])+'); $file=$fileparams['fullname']; // Define output language @@ -1947,7 +1947,7 @@ elseif (! empty($object->id)) dol_print_error($db,$result); exit; } - $fileparams = dol_most_recent_file($conf->fournisseur->commande->dir_output . '/' . $ref, preg_quote($ref,'/')); + $fileparams = dol_most_recent_file($conf->fournisseur->commande->dir_output . '/' . $ref, preg_quote($ref, '/').'([^\-])+'); $file=$fileparams['fullname']; } diff --git a/htdocs/fourn/facture/card.php b/htdocs/fourn/facture/card.php index 54ef660f6aa..08bffd09a67 100644 --- a/htdocs/fourn/facture/card.php +++ b/htdocs/fourn/facture/card.php @@ -2396,7 +2396,7 @@ else { $ref = dol_sanitizeFileName($object->ref); include_once DOL_DOCUMENT_ROOT.'/core/lib/files.lib.php'; - $fileparams = dol_most_recent_file($conf->fournisseur->facture->dir_output.'/'.get_exdir($object->id,2).$ref, preg_quote($ref,'/')); + $fileparams = dol_most_recent_file($conf->fournisseur->facture->dir_output.'/'.get_exdir($object->id,2).$ref, preg_quote($ref, '/').'([^\-])+'); $file=$fileparams['fullname']; // Define output language @@ -2423,7 +2423,7 @@ else dol_print_error($db,$result); exit; } - $fileparams = dol_most_recent_file($conf->fournisseur->facture->dir_output.'/'.get_exdir($object->id,2).$ref, preg_quote($ref,'/')); + $fileparams = dol_most_recent_file($conf->fournisseur->facture->dir_output.'/'.get_exdir($object->id,2).$ref, preg_quote($ref, '/').'([^\-])+'); $file=$fileparams['fullname']; } From 536f565d4e4105844e536a3e573da54ab6e50aff Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Sun, 7 Jun 2015 02:43:51 +0200 Subject: [PATCH 14/48] Fix Return value is always utf8 encoded and without entities. --- htdocs/core/lib/company.lib.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/core/lib/company.lib.php b/htdocs/core/lib/company.lib.php index a9663d447bc..e124c312a77 100644 --- a/htdocs/core/lib/company.lib.php +++ b/htdocs/core/lib/company.lib.php @@ -352,7 +352,7 @@ function getState($id,$withcode='',$dbtouse=0) } else { - return $langs->trans("NotDefined"); + return $langs->transnoentitiesnoconv("NotDefined"); } } else dol_print_error($dbtouse,''); From 65b049fdf559aee19a45a6d4bca664c9767114c9 Mon Sep 17 00:00:00 2001 From: Regis Houssin Date: Mon, 8 Jun 2015 09:13:21 +0200 Subject: [PATCH 15/48] Fix: Drop foreign key for avoid Mysql crash --- htdocs/install/mysql/migration/3.6.0-3.7.0.sql | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/htdocs/install/mysql/migration/3.6.0-3.7.0.sql b/htdocs/install/mysql/migration/3.6.0-3.7.0.sql index b74c8ddba17..59c448526ce 100755 --- a/htdocs/install/mysql/migration/3.6.0-3.7.0.sql +++ b/htdocs/install/mysql/migration/3.6.0-3.7.0.sql @@ -208,10 +208,14 @@ UPDATE llx_product SET fk_barcode_type = NULL WHERE fk_barcode_type NOT IN (SELE ALTER TABLE llx_product_price ADD INDEX idx_product_price_fk_user_author (fk_user_author); UPDATE llx_product_price set fk_user_author = null where fk_user_author = 0; UPDATE llx_product_price set fk_user_author = null where fk_user_author not in (select rowid from llx_user); +-- drop foreign key for avoid a mysql crash +ALTER TABLE llx_product_price DROP FOREIGN KEY fk_product_price_user_author; ALTER TABLE llx_product_price ADD CONSTRAINT fk_product_price_user_author FOREIGN KEY (fk_user_author) REFERENCES llx_user (rowid); -- fk_product ALTER TABLE llx_product_price ADD INDEX idx_product_price_fk_product (fk_product); DELETE from llx_product_price where fk_product NOT IN (SELECT rowid from llx_product); +-- drop foreign key for avoid a mysql crash +ALTER TABLE llx_product_price DROP FOREIGN KEY fk_product_price_product; ALTER TABLE llx_product_price ADD CONSTRAINT fk_product_price_product FOREIGN KEY (fk_product) REFERENCES llx_product (rowid); ALTER TABLE llx_commande_fournisseur MODIFY COLUMN date_livraison datetime; From de0dd5da603e93998e9e38d745788ff0fd1dad64 Mon Sep 17 00:00:00 2001 From: Regis Houssin Date: Mon, 8 Jun 2015 09:13:21 +0200 Subject: [PATCH 16/48] Fix: Drop foreign key for avoid Mysql crash --- htdocs/install/mysql/migration/3.6.0-3.7.0.sql | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/htdocs/install/mysql/migration/3.6.0-3.7.0.sql b/htdocs/install/mysql/migration/3.6.0-3.7.0.sql index f6282edf369..57f29ef9a90 100755 --- a/htdocs/install/mysql/migration/3.6.0-3.7.0.sql +++ b/htdocs/install/mysql/migration/3.6.0-3.7.0.sql @@ -208,10 +208,14 @@ UPDATE llx_product SET fk_barcode_type = NULL WHERE fk_barcode_type NOT IN (SELE ALTER TABLE llx_product_price ADD INDEX idx_product_price_fk_user_author (fk_user_author); UPDATE llx_product_price set fk_user_author = null where fk_user_author = 0; UPDATE llx_product_price set fk_user_author = null where fk_user_author not in (select rowid from llx_user); +-- drop foreign key for avoid a mysql crash +ALTER TABLE llx_product_price DROP FOREIGN KEY fk_product_price_user_author; ALTER TABLE llx_product_price ADD CONSTRAINT fk_product_price_user_author FOREIGN KEY (fk_user_author) REFERENCES llx_user (rowid); -- fk_product ALTER TABLE llx_product_price ADD INDEX idx_product_price_fk_product (fk_product); DELETE from llx_product_price where fk_product NOT IN (SELECT rowid from llx_product); +-- drop foreign key for avoid a mysql crash +ALTER TABLE llx_product_price DROP FOREIGN KEY fk_product_price_product; ALTER TABLE llx_product_price ADD CONSTRAINT fk_product_price_product FOREIGN KEY (fk_product) REFERENCES llx_product (rowid); ALTER TABLE llx_commande_fournisseur MODIFY COLUMN date_livraison datetime; From 792911b14f02b7c2226b626a2761bc949c624ac5 Mon Sep 17 00:00:00 2001 From: Regis Houssin Date: Mon, 8 Jun 2015 09:28:53 +0200 Subject: [PATCH 17/48] Revert "Fix: Drop foreign key for avoid Mysql crash" This reverts commit 65b049fdf559aee19a45a6d4bca664c9767114c9. --- htdocs/install/mysql/migration/3.6.0-3.7.0.sql | 4 ---- 1 file changed, 4 deletions(-) diff --git a/htdocs/install/mysql/migration/3.6.0-3.7.0.sql b/htdocs/install/mysql/migration/3.6.0-3.7.0.sql index 59c448526ce..b74c8ddba17 100755 --- a/htdocs/install/mysql/migration/3.6.0-3.7.0.sql +++ b/htdocs/install/mysql/migration/3.6.0-3.7.0.sql @@ -208,14 +208,10 @@ UPDATE llx_product SET fk_barcode_type = NULL WHERE fk_barcode_type NOT IN (SELE ALTER TABLE llx_product_price ADD INDEX idx_product_price_fk_user_author (fk_user_author); UPDATE llx_product_price set fk_user_author = null where fk_user_author = 0; UPDATE llx_product_price set fk_user_author = null where fk_user_author not in (select rowid from llx_user); --- drop foreign key for avoid a mysql crash -ALTER TABLE llx_product_price DROP FOREIGN KEY fk_product_price_user_author; ALTER TABLE llx_product_price ADD CONSTRAINT fk_product_price_user_author FOREIGN KEY (fk_user_author) REFERENCES llx_user (rowid); -- fk_product ALTER TABLE llx_product_price ADD INDEX idx_product_price_fk_product (fk_product); DELETE from llx_product_price where fk_product NOT IN (SELECT rowid from llx_product); --- drop foreign key for avoid a mysql crash -ALTER TABLE llx_product_price DROP FOREIGN KEY fk_product_price_product; ALTER TABLE llx_product_price ADD CONSTRAINT fk_product_price_product FOREIGN KEY (fk_product) REFERENCES llx_product (rowid); ALTER TABLE llx_commande_fournisseur MODIFY COLUMN date_livraison datetime; From 08c9dd358d12581c8774d6ae10f707ec745625e8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Rapha=C3=ABl=20Doursenaud?= Date: Mon, 8 Jun 2015 15:51:41 +0200 Subject: [PATCH 18/48] FIX #2983 Load gravatar avatar images securely over HTTPS --- htdocs/core/class/html.form.class.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/core/class/html.form.class.php b/htdocs/core/class/html.form.class.php index f55eb81cdcc..ce0d8babbc6 100644 --- a/htdocs/core/class/html.form.class.php +++ b/htdocs/core/class/html.form.class.php @@ -4110,7 +4110,7 @@ class Form { global $dolibarr_main_url_root; $ret.=''; - $ret.='Photo found on Gravatar'; + $ret.='Photo found on Gravatar'; } else { From 9e1dd42b56d37f1666bef1db15d348a44eadef51 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 8 Jun 2015 17:38:33 +0200 Subject: [PATCH 19/48] Fix #2986 --- htdocs/public/demo/index.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/public/demo/index.php b/htdocs/public/demo/index.php index 8ee00d83515..a8f216af310 100644 --- a/htdocs/public/demo/index.php +++ b/htdocs/public/demo/index.php @@ -41,7 +41,7 @@ $conf->dol_use_jmobile=GETPOST('dol_use_jmobile','int'); // Security check global $dolibarr_main_demo; -if (empty($dolibarr_main_demo)) accessforbidden('Parameter dolibarr_main_demo must be defined in conf file with value "default login,default pass" to enable the demo entry page',1,1,1); +if (empty($dolibarr_main_demo)) accessforbidden('Parameter dolibarr_main_demo must be defined in conf file with value "default login,default pass" to enable the demo entry page',0,0,1); // Initialize technical object to manage hooks of thirdparties. Note that conf->hooks_modules contains array array $res=$hookmanager->initHooks(array('demo')); From 35dd069ec974fe1619aac532858ce5fbf83b5b9a Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 8 Jun 2015 18:17:13 +0200 Subject: [PATCH 20/48] Fix #2994 --- htdocs/core/lib/functions.lib.php | 10 +++++--- htdocs/public/members/public_card.php | 12 ++++++--- htdocs/public/members/public_list.php | 35 +++++++++++++++------------ htdocs/theme/eldy/style.css.php | 12 +++++++++ 4 files changed, 46 insertions(+), 23 deletions(-) diff --git a/htdocs/core/lib/functions.lib.php b/htdocs/core/lib/functions.lib.php index 7b75ebe0106..ae4a65ada7e 100644 --- a/htdocs/core/lib/functions.lib.php +++ b/htdocs/core/lib/functions.lib.php @@ -2527,11 +2527,12 @@ function dol_print_error_email($prefixcode) * @param string $td Options of attribute td ("" by defaut, example: 'align="center"') * @param string $sortfield Current field used to sort * @param string $sortorder Current sort order + * @param string $prefix Prefix for css * @return void */ -function print_liste_field_titre($name, $file="", $field="", $begin="", $moreparam="", $td="", $sortfield="", $sortorder="") +function print_liste_field_titre($name, $file="", $field="", $begin="", $moreparam="", $td="", $sortfield="", $sortorder="", $prefix="") { - print getTitleFieldOfList($name, 0, $file, $field, $begin, $moreparam, $td, $sortfield, $sortorder); + print getTitleFieldOfList($name, 0, $file, $field, $begin, $moreparam, $td, $sortfield, $sortorder, $prefix); } /** @@ -2546,9 +2547,10 @@ function print_liste_field_titre($name, $file="", $field="", $begin="", $morepar * @param string $moreattrib Add more attributes on th ("" by defaut) * @param string $sortfield Current field used to sort * @param string $sortorder Current sort order + * @param string $prefix Prefix for css * @return string */ -function getTitleFieldOfList($name, $thead=0, $file="", $field="", $begin="", $moreparam="", $moreattrib="", $sortfield="", $sortorder="") +function getTitleFieldOfList($name, $thead=0, $file="", $field="", $begin="", $moreparam="", $moreattrib="", $sortfield="", $sortorder="", $prefix="") { global $conf; //print "$name, $file, $field, $begin, $options, $moreattrib, $sortfield, $sortorder
\n"; @@ -2562,7 +2564,7 @@ function getTitleFieldOfList($name, $thead=0, $file="", $field="", $begin="", $m // If field is used as sort criteria we use a specific class // Example if (sortfield,field)=("nom","xxx.nom") or (sortfield,field)=("nom","nom") if ($field && ($sortfield == $field || $sortfield == preg_replace("/^[^\.]+\./","",$field))) $out.= '<'.$tag.' class="liste_titre_sel" '. $moreattrib.'>'; - else $out.= '<'.$tag.' class="liste_titre" '. $moreattrib.'>'; + else $out.= '<'.$tag.' class="'.$prefix.'liste_titre" '. $moreattrib.'>'; if (! empty($conf->dol_optimize_smallscreen) && empty($thead) && $field) // If this is a sort field { diff --git a/htdocs/public/members/public_card.php b/htdocs/public/members/public_card.php index fd745e523c9..fc96ffed01c 100644 --- a/htdocs/public/members/public_card.php +++ b/htdocs/public/members/public_card.php @@ -65,7 +65,11 @@ $extrafields = new ExtraFields($db); * View */ -llxHeaderVierge($langs->trans("MemberCard")); +$morehead=''; +if (! empty($conf->global->MEMBER_PUBLIC_CSS)) $morehead=''; +else $morehead=''; + +llxHeaderVierge($langs->trans("MemberCard"), $morehead); // fetch optionals attributes and labels $extralabels=$extrafields->fetch_name_optionals_label('adherent'); @@ -75,7 +79,7 @@ if ($id > 0) if ($res < 0) { dol_print_error($db,$object->error); exit; } $res=$object->fetch_optionals($object->id,$extralabels); - print_titre($langs->trans("MemberCard")); + print_fiche_titre($langs->trans("MemberCard"), '', ''); if (empty($object->public)) { @@ -83,7 +87,7 @@ if ($id > 0) } else { - print ''; + print '
'; print '\n"; print ''; @@ -138,7 +142,7 @@ function llxHeaderVierge($title, $head = "") print "".$title."\n"; if ($head) print $head."\n"; print "\n"; - print "\n"; + print ''."\n"; } /** diff --git a/htdocs/public/members/public_list.php b/htdocs/public/members/public_list.php index e672a6d59d3..9064dd52879 100644 --- a/htdocs/public/members/public_list.php +++ b/htdocs/public/members/public_list.php @@ -62,7 +62,7 @@ function llxHeaderVierge($title, $head = "") print "".$title."\n"; if ($head) print $head."\n"; print "\n"; - print "\n"; + print ''."\n"; } /** @@ -98,7 +98,13 @@ if (! $sortfield) { $sortfield="lastname"; } * View */ -llxHeaderVierge($langs->trans("ListOfValidatedPublicMembers")); +$form = new Form($db); + +$morehead=''; +if (! empty($conf->global->MEMBER_PUBLIC_CSS)) $morehead=''; +else $morehead=''; + +llxHeaderVierge($langs->trans("ListOfValidatedPublicMembers"), $morehead); $sql = "SELECT rowid, firstname, lastname, societe, zip, town, email, birth, photo"; $sql.= " FROM ".MAIN_DB_PREFIX."adherent"; @@ -120,17 +126,16 @@ if ($result) $param="&statut=$statut&sortorder=$sortorder&sortfield=$sortfield"; print_barre_liste($langs->trans("ListOfValidatedPublicMembers"), $page, $_SERVER["PHP_SELF"], $param, $sortfield, $sortorder, '', $num, 0, ''); - print '
'.$langs->trans("Type").''.$object->type."
'.$langs->trans("Person").''.$object->morphy.'
'; + print '
'; - print ''; - print ''."\n"; + print ''; + print ''; + print ''."\n"; //print_liste_field_titre($langs->trans("DateToBirth"), $_SERVER["PHP_SELF"],"birth",'',$param,$sortfield,$sortorder); // est-ce nécessaire ?? - print_liste_field_titre($langs->trans("EMail"), $_SERVER["PHP_SELF"],"email",'',$param,$sortfield,$sortorder); - print_liste_field_titre($langs->trans("Zip"), $_SERVER["PHP_SELF"],"zip","",$param,$sortfield,$sortorder); - print_liste_field_titre($langs->trans("Town"), $_SERVER["PHP_SELF"],"town","",$param,$sortfield,$sortorder); - print "\n"; + print_liste_field_titre($langs->trans("EMail"), $_SERVER["PHP_SELF"],"email",'',$param,'',$sortfield,$sortorder,'public_'); + print_liste_field_titre($langs->trans("Zip"), $_SERVER["PHP_SELF"],"zip","",$param,'',$sortfield,$sortorder,'public_'); + print_liste_field_titre($langs->trans("Town"), $_SERVER["PHP_SELF"],"town","",$param,'',$sortfield,$sortorder,'public_'); + print_liste_field_titre($langs->trans("Photo"), $_SERVER["PHP_SELF"],"","",$param,'',$sortfield,$sortorder,'public_'); print "\n"; $var=True; @@ -139,13 +144,13 @@ if ($result) $objp = $db->fetch_object($result); $var=!$var; print ""; - print ''."\n"; + print ''."\n"; + print ''."\n"; print ''."\n"; print ''."\n"; print ''."\n"; if (isset($objp->photo) && $objp->photo != '') { - $form = new Form($db); print ''."\n"; @@ -165,6 +170,6 @@ else } -$db->close(); - llxFooterVierge(); + +$db->close(); diff --git a/htdocs/theme/eldy/style.css.php b/htdocs/theme/eldy/style.css.php index 62532b004bb..dec488eb4bf 100644 --- a/htdocs/theme/eldy/style.css.php +++ b/htdocs/theme/eldy/style.css.php @@ -3079,5 +3079,17 @@ border-top-right-radius: 6px; padding-left: 54px; } + +/* The theme for public pages */ +.public_body { + margin: 20px; +} +.public_border { + border: 1px solid #888; +} +.public_liste_titre { + +} + close(); From d89955047b9e257dcb154fcd7baa376b41e77c2a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Rapha=C3=ABl=20Doursenaud?= Date: Thu, 11 Jun 2015 10:37:30 +0200 Subject: [PATCH 21/48] FIX #3009: Better filtering to prevent SQL injection --- htdocs/product/liste.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/htdocs/product/liste.php b/htdocs/product/liste.php index 69453cb2a50..99b80644310 100644 --- a/htdocs/product/liste.php +++ b/htdocs/product/liste.php @@ -49,8 +49,8 @@ $sall=GETPOST("sall"); $type=GETPOST("type","int"); $search_sale = GETPOST("search_sale"); $search_categ = GETPOST("search_categ",'int'); -$tosell = GETPOST("tosell"); -$tobuy = GETPOST("tobuy"); +$tosell = GETPOST("tosell", 'int'); +$tobuy = GETPOST("tobuy", 'int'); $fourn_id = GETPOST("fourn_id",'int'); $catid = GETPOST('catid','int'); From 4ee6c1810ef54af0613053cf252fa30fd9e84f9f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Rapha=C3=ABl=20Doursenaud?= Date: Thu, 11 Jun 2015 10:38:29 +0200 Subject: [PATCH 22/48] FIX #3009: Better filtering to prevent SQL injection --- htdocs/product/list.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/htdocs/product/list.php b/htdocs/product/list.php index 8212722bf57..b5caf210904 100644 --- a/htdocs/product/list.php +++ b/htdocs/product/list.php @@ -49,8 +49,8 @@ $sall=GETPOST("sall"); $type=GETPOST("type","int"); $search_sale = GETPOST("search_sale"); $search_categ = GETPOST("search_categ",'int'); -$tosell = GETPOST("tosell"); -$tobuy = GETPOST("tobuy"); +$tosell = GETPOST("tosell", 'int'); +$tobuy = GETPOST("tobuy", 'int'); $fourn_id = GETPOST("fourn_id",'int'); $catid = GETPOST('catid','int'); From 5783c185bddfe5bc0d8c89b97319d4de2d55bd89 Mon Sep 17 00:00:00 2001 From: fmarcet Date: Thu, 11 Jun 2015 10:43:12 +0200 Subject: [PATCH 23/48] Fix: Not reading external barcode numeration module --- htdocs/product/card.php | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/htdocs/product/card.php b/htdocs/product/card.php index 2525e5c3d7b..d28846c059e 100644 --- a/htdocs/product/card.php +++ b/htdocs/product/card.php @@ -10,7 +10,7 @@ * Copyright (C) 2013 Cédric Salvador * Copyright (C) 2011-2014 Alexandre Spangaro * Copyright (C) 2014 Cédric Gross - * Copyright (C) 2014 Ferran Marcet + * Copyright (C) 2014-2015 Ferran Marcet * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -820,8 +820,13 @@ else if (! empty($conf->barcode->enabled) && ! empty($conf->global->BARCODE_PRODUCT_ADDON_NUM)) { $module=strtolower($conf->global->BARCODE_PRODUCT_ADDON_NUM); - $result=dol_include_once('/core/modules/barcode/'.$module.'.php'); - if ($result > 0) + $dirbarcode=array_merge(array('/core/modules/barcode/'),$conf->modules_parts['barcode']); + foreach ($dirbarcode as $dirroot) + { + $res=dol_include_once($dirroot.$module.'.php'); + if ($res) break; + } + if ($res > 0) { $modBarCodeProduct =new $module(); } From 4a726f6315bcd3419fe857c9e16662021b27e62a Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Fri, 12 Jun 2015 13:44:03 +0200 Subject: [PATCH 24/48] Fix css --- htdocs/theme/eldy/style.css.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/htdocs/theme/eldy/style.css.php b/htdocs/theme/eldy/style.css.php index dec488eb4bf..6f0dc7f447c 100644 --- a/htdocs/theme/eldy/style.css.php +++ b/htdocs/theme/eldy/style.css.php @@ -1820,7 +1820,7 @@ table.liste td { } */ -.impair:hover, td.nohover { +.impair:hover { background: rgb(); @@ -1829,7 +1829,7 @@ table.liste td { border: 0px; } -.impair, .nohover .impair:hover, tr.impair td.nohover { +.impair, .nohover .impair:hover, tr.impair td.nohover, td.nohover { background: linear-gradient(bottom, rgb() 85%, rgb() 100%); background: -o-linear-gradient(bottom, rgb() 85%, rgb() 100%); From 1a2bde14fb2fad0fab128f25a172579c8667cb15 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Fri, 12 Jun 2015 14:37:27 +0200 Subject: [PATCH 25/48] FIX Better management error into the color conversion functions --- htdocs/core/class/html.formother.class.php | 2 +- htdocs/core/lib/functions2.lib.php | 8 +++++--- htdocs/theme/eldy/style.css.php | 18 ++++++++++++------ 3 files changed, 18 insertions(+), 10 deletions(-) diff --git a/htdocs/core/class/html.formother.class.php b/htdocs/core/class/html.formother.class.php index 9de656fc44e..d68f0f7a560 100644 --- a/htdocs/core/class/html.formother.class.php +++ b/htdocs/core/class/html.formother.class.php @@ -586,7 +586,7 @@ class FormOther } /** - * Output a HTML code to select a color + * Output a HTML code to select a color. Field will return an hexa color like '334455'. * * @param string $set_color Pre-selected color * @param string $prefix Name of HTML field diff --git a/htdocs/core/lib/functions2.lib.php b/htdocs/core/lib/functions2.lib.php index 378ef395b36..3084a786628 100644 --- a/htdocs/core/lib/functions2.lib.php +++ b/htdocs/core/lib/functions2.lib.php @@ -1844,22 +1844,24 @@ function fetchObjectByElement($element_id,$element_type) { * Convert an array with RGB value into hex RGB value * * @param array $arraycolor Array - * @param string $colorifnotfound Color code to return if entry not defined + * @param string $colorifnotfound Color code to return if entry not defined or not a RGB format * @return string RGB hex value (without # before). For example: FF00FF * @see Make the opposite of colorStringToArray */ function colorArrayToHex($arraycolor,$colorifnotfound='888888') { if (! is_array($arraycolor)) return $colorifnotfound; + if (empty($arraycolor)) return $colorifnotfound; return dechex($arraycolor[0]).dechex($arraycolor[1]).dechex($arraycolor[2]); } /** - * Convert a string RGB value ('FFFFFF', '255,255,255') into an array RGB array(255,255,255) + * Convert a string RGB value ('FFFFFF', '255,255,255') into an array RGB array(255,255,255). + * If entry is already an array, return it. * * @param string $stringcolor String with hex (FFFFFF) or comma RGB ('255,255,255') - * @param string $colorifnotfound Color code to return if entry not defined + * @param array $colorifnotfound Color code array to return if entry not defined * @return string RGB hex value (without # before). For example: FF00FF * @see Make the opposite of colorArrayToHex */ diff --git a/htdocs/theme/eldy/style.css.php b/htdocs/theme/eldy/style.css.php index 6f0dc7f447c..dacb1a58e53 100644 --- a/htdocs/theme/eldy/style.css.php +++ b/htdocs/theme/eldy/style.css.php @@ -93,7 +93,6 @@ $isblue=max(0,(2*$colblue-$colred-$colgreen)/2); // 0 - 255 $colorbackhmenu1=($colred-3).','.($colgreen-3).','.($colblue-3); // topmenu $colorbackhmenu2=($colred+5).','.($colgreen+5).','.($colblue+5); $colorbackvmenu1=($colred+15).','.($colgreen+16).','.($colblue+17); // vmenu -$colorbackvmenu1b=($colred+5).','.($colgreen+6).','.($colblue+7); // vmenu (not menu) $colorbackvmenu2=($colred-15).','.($colgreen-15).','.($colblue-15); $colorbacktitle1=($colred-5).','.($colgreen-5).','.($colblue-5); // title of array $colorbacktitle2=($colred-15).','.($colgreen-15).','.($colblue-15); @@ -106,7 +105,7 @@ $colorbacklineimpairhover=(230+round(($isred+$isgreen+$isblue)/9)).','.(230+roun $colorbacklinepair1=(244+round($isred/3)).','.(244+round($isgreen/3)).','.(244+round($isblue/3)); // line pair $colorbacklinepair2=(250+round($isred/3)).','.(250+round($isgreen/3)).','.(250+round($isblue/3)); // line pair $colorbacklinepairhover=(230+round(($isred+$isgreen+$isblue)/9)).','.(230+round(($isred+$isgreen+$isblue)/9)).','.(230+round(($isred+$isgreen+$isblue)/9)); // line pair -$colorbackbody='#f9f9f9'; +$colorbackbody='249,249,249'; $colortext='40,40,40'; $fontsize='12'; $fontsizesmaller='11'; @@ -124,7 +123,7 @@ if (empty($conf->global->THEME_ELDY_ENABLE_PERSONALIZED)) $conf->global->THEME_ELDY_BACKTABCARD2='210,210,210'; // card $conf->global->THEME_ELDY_BACKTABCARD1='234,234,234'; $conf->global->THEME_ELDY_BACKTABACTIVE='234,234,234'; - $conf->global->THEME_ELDY_BACKBODY='#f9f9f9;'; + $conf->global->THEME_ELDY_BACKBODY='249,249,249;'; $conf->global->THEME_ELDY_LINEIMPAIR1='255,255,255'; $conf->global->THEME_ELDY_LINEIMPAIR2='255,255,255'; $conf->global->THEME_ELDY_LINEIMPAIRHOVER='238,246,252'; @@ -139,7 +138,6 @@ if (empty($conf->global->THEME_ELDY_ENABLE_PERSONALIZED)) $colorbackhmenu1 =empty($user->conf->THEME_ELDY_ENABLE_PERSONALIZED)?(empty($conf->global->THEME_ELDY_TOPMENU_BACK1)?$colorbackhmenu1:$conf->global->THEME_ELDY_TOPMENU_BACK1) :(empty($user->conf->THEME_ELDY_TOPMENU_BACK1)?$colorbackhmenu1:$user->conf->THEME_ELDY_TOPMENU_BACK1); $colorbackhmenu2 =empty($user->conf->THEME_ELDY_ENABLE_PERSONALIZED)?(empty($conf->global->THEME_ELDY_TOPMENU_BACK2)?$colorbackhmenu2:$conf->global->THEME_ELDY_TOPMENU_BACK2) :(empty($user->conf->THEME_ELDY_TOPMENU_BACK2)?$colorbackhmenu2:$user->conf->THEME_ELDY_TOPMENU_BACK2); $colorbackvmenu1 =empty($user->conf->THEME_ELDY_ENABLE_PERSONALIZED)?(empty($conf->global->THEME_ELDY_VERMENU_BACK1)?$colorbackvmenu1:$conf->global->THEME_ELDY_VERMENU_BACK1) :(empty($user->conf->THEME_ELDY_VERMENU_BACK1)?$colorbackvmenu1:$user->conf->THEME_ELDY_VERMENU_BACK1); -$colorbackvmenu1b =empty($user->conf->THEME_ELDY_ENABLE_PERSONALIZED)?(empty($conf->global->THEME_ELDY_VERMENU_BACK1b)?$colorbackvmenu1:$conf->global->THEME_ELDY_VERMENU_BACK1b) :(empty($user->conf->THEME_ELDY_VERMENU_BACK1b)?$colorbackvmenu1b:$user->conf->THEME_ELDY_VERMENU_BACK1b); $colorbackvmenu2 =empty($user->conf->THEME_ELDY_ENABLE_PERSONALIZED)?(empty($conf->global->THEME_ELDY_VERMENU_BACK2)?$colorbackvmenu2:$conf->global->THEME_ELDY_VERMENU_BACK2) :(empty($user->conf->THEME_ELDY_VERMENU_BACK2)?$colorbackvmenu2:$user->conf->THEME_ELDY_VERMENU_BACK2); $colorbacktitle1 =empty($user->conf->THEME_ELDY_ENABLE_PERSONALIZED)?(empty($conf->global->THEME_ELDY_BACKTITLE1) ?$colorbacktitle1:$conf->global->THEME_ELDY_BACKTITLE1) :(empty($user->conf->THEME_ELDY_BACKTITLE1)?$colorbacktitle1:$user->conf->THEME_ELDY_BACKTITLE1); $colorbacktitle2 =empty($user->conf->THEME_ELDY_ENABLE_PERSONALIZED)?(empty($conf->global->THEME_ELDY_BACKTITLE2) ?$colorbacktitle2:$conf->global->THEME_ELDY_BACKTITLE2) :(empty($user->conf->THEME_ELDY_BACKTITLE2)?$colorbacktitle2:$user->conf->THEME_ELDY_BACKTITLE2); @@ -165,6 +163,11 @@ if ((! empty($user->conf->THEME_ELDY_ENABLE_PERSONALIZED) && empty($user->conf-> } // Format color value to match expected format (may be 'FFFFFF' or '255,255,255') +$colorbackbody=join(',',colorStringToArray($colorbackbody)); +/*$colorbackhmenu1=join(',',colorStringToArray($colorbackhmenu1)); +$colorbackhmenu2=join(',',colorStringToArray($colorbackhmenu2)); +$colorbackvmenu1=join(',',colorStringToArray($colorbackvmenu1)); +$colorbackvmenu2=join(',',colorStringToArray($colorbackvmenu2));*/ $colorbacktabcard1=join(',',colorStringToArray($colorbacktabcard1)); $colorbacktabcard2=join(',',colorStringToArray($colorbacktabcard2)); @@ -186,7 +189,6 @@ $tmpval=(! empty($tmppart[1]) ? $tmppart[1] : '')+(! empty($tmppart[2]) ? $tmppa if ($tmpval <= 340) { $colortextbacktab='FFF'; } else { $colortextbacktab='444'; } - $usecss3=true; if ($conf->browser->name == 'ie' && round($conf->browser->version,2) < 10) $usecss3=false; elseif ($conf->browser->name == 'iceweasel') $usecss3=false; @@ -195,6 +197,10 @@ elseif ($conf->browser->name == 'epiphany') $usecss3=false; print '/*'."\n"; print 'colred='.$colred.' colgreen='.$colgreen.' colblue='.$colblue."\n"; print 'isred='.$isred.' isgreen='.$isgreen.' isblue='.$isblue."\n"; +print 'colorbackbody='.$colorbackbody."\n"; +print 'colorbackvmenu1='.$colorbackvmenu1."\n"; +print 'colorbackhmenu1='.$colorbackhmenu1."\n"; +print 'colorbacktitle1='.$colorbacktitle1."\n"; print 'colorbacklineimpair1='.$colorbacklineimpair1."\n"; print 'colorbacklineimpair2='.$colorbacklineimpair2."\n"; print 'colorbacklineimpairhover='.$colorbacklineimpairhover."\n"; @@ -223,7 +229,7 @@ body { background-color: #FFFFFF; - background: ; + background: rgb(); color: #101010; font-size: px; From 87a00d6924ff34014eb74acf6373410f6d1db6af Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marcos=20Garci=CC=81a=20de=20La=20Fuente?= Date: Fri, 12 Jun 2015 15:02:05 +0200 Subject: [PATCH 26/48] FIX Close bug #2976: "Report" tab is the current tab but it is not marked as selected by the UI --- ChangeLog | 1 + htdocs/core/lib/report.lib.php | 4 ++-- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/ChangeLog b/ChangeLog index 06e76dbfacc..0ab6cf0563d 100644 --- a/ChangeLog +++ b/ChangeLog @@ -17,6 +17,7 @@ Fix: [ bug #2577 ] Incorrect invoice status in "Linked objects" page of a projec Fix: [ bug #2576 ] Unable to edit a dictionary entry that has # in its ref Fix: [ bug #2758 ] Product::update sets product note to "null" when $prod->note is null Fix: [ bug #2757 ] Deleting product category photo gives "Forbidden access" error +Fix: [ bug #2976 ] "Report" tab is the current tab but it is not marked as selected by the UI ***** ChangeLog for 3.5.6 compared to 3.5.5 ***** Fix: Avoid missing class error for fetch_thirdparty method #1973 diff --git a/htdocs/core/lib/report.lib.php b/htdocs/core/lib/report.lib.php index 13c30976a98..5cc810cc83f 100644 --- a/htdocs/core/lib/report.lib.php +++ b/htdocs/core/lib/report.lib.php @@ -39,7 +39,7 @@ */ function report_header($nom,$variante,$period,$periodlink,$description,$builddate,$exportlink='',$moreparam=array(),$calcmode='') { - global $langs, $hselected; + global $langs; print "\n\n\n"; @@ -48,7 +48,7 @@ function report_header($nom,$variante,$period,$periodlink,$description,$builddat $head[$h][1] = $langs->trans("Report"); $head[$h][2] = 'report'; - dol_fiche_head($head, $hselected); + dol_fiche_head($head, 'report'); print '
'; foreach($moreparam as $key => $value) From 60711d35b8d4cf0190a3cdcb9897c5275b432434 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marcos=20Garci=CC=81a=20de=20La=20Fuente?= Date: Fri, 12 Jun 2015 15:53:58 +0200 Subject: [PATCH 27/48] FIX Close bug #2900 Courtesy title is not stored in create thirdparty form --- ChangeLog | 2 ++ htdocs/societe/soc.php | 2 +- 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/ChangeLog b/ChangeLog index 31a6c7266a1..9e17106bfca 100644 --- a/ChangeLog +++ b/ChangeLog @@ -8,6 +8,8 @@ You may also experience troubles with Mysql 5.5.41 with error "Lost connection" Upgrading to any other version or database system is abolutely required BEFORE trying to make a Dolibarr upgrade. +***** ChangeLog for 3.7.2 compared to 3.7.* ***** +Fix [ bug #2900 ] Courtesy title is not stored in create thirdparty form ***** ChangeLog for 3.7.1 compared to 3.7.* ***** FIX Bug in the new photo system diff --git a/htdocs/societe/soc.php b/htdocs/societe/soc.php index 2a9e159558c..bddbd174f6e 100644 --- a/htdocs/societe/soc.php +++ b/htdocs/societe/soc.php @@ -137,7 +137,7 @@ if (empty($reshook)) $object->particulier = GETPOST("private"); $object->name = dolGetFirstLastname(GETPOST('firstname','alpha'),GETPOST('nom','alpha')?GETPOST('nom','alpha'):GETPOST('name','alpha')); - $object->civility_id = GETPOST('civility_id', 'int'); + $object->civility_id = GETPOST('civility_id'); // Add non official properties $object->name_bis = GETPOST('name','alpha')?GETPOST('name','alpha'):GETPOST('nom','alpha'); $object->firstname = GETPOST('firstname','alpha'); From 300cfd22931b0569668a096a912c9b9839ca1ef0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marcos=20Garci=CC=81a=20de=20La=20Fuente?= Date: Fri, 12 Jun 2015 16:10:23 +0200 Subject: [PATCH 28/48] FIX Close bug #2891 Category hooks do not work --- ChangeLog | 1 + htdocs/categories/edit.php | 3 +++ htdocs/categories/fiche.php | 3 +++ htdocs/categories/viewcat.php | 3 +++ 4 files changed, 10 insertions(+) diff --git a/ChangeLog b/ChangeLog index 3aae68b567a..c2dc484202a 100644 --- a/ChangeLog +++ b/ChangeLog @@ -37,6 +37,7 @@ English Dolibarr ChangeLog - Fix: [ bug #2545 ] Missing object_margin.png in Amarok theme - Fix: [ bug #2542 ] Contracts store localtax preferences - Fix: Bad permission assignments for stock movements actions +- Fix: [ bug #2891 ] Category hooks do not work ***** ChangeLog for 3.6.2 compared to 3.6.1 ***** - Fix: fix ErrorBadValueForParamNotAString error message in price customer multiprice. diff --git a/htdocs/categories/edit.php b/htdocs/categories/edit.php index 0c61ab8cca6..cdca440da13 100644 --- a/htdocs/categories/edit.php +++ b/htdocs/categories/edit.php @@ -56,6 +56,9 @@ $object = new Categorie($db); $extrafields = new ExtraFields($db); $extralabels=$extrafields->fetch_name_optionals_label($object->table_element); +// Initialize technical object to manage hooks. Note that conf->hooks_modules contains array array +$hookmanager->initHooks(array('categorycard')); + /* * Actions */ diff --git a/htdocs/categories/fiche.php b/htdocs/categories/fiche.php index 208cbb38331..566249748de 100644 --- a/htdocs/categories/fiche.php +++ b/htdocs/categories/fiche.php @@ -64,6 +64,9 @@ $object = new Categorie($db); $extrafields = new ExtraFields($db); $extralabels=$extrafields->fetch_name_optionals_label($object->table_element); +// Initialize technical object to manage hooks. Note that conf->hooks_modules contains array array +$hookmanager->initHooks(array('categorycard')); + /* * Actions */ diff --git a/htdocs/categories/viewcat.php b/htdocs/categories/viewcat.php index 010306d1e00..f9df0aff71e 100644 --- a/htdocs/categories/viewcat.php +++ b/htdocs/categories/viewcat.php @@ -63,6 +63,9 @@ $type=$object->type; $extrafields = new ExtraFields($db); $extralabels = $extrafields->fetch_name_optionals_label($object->table_element); +// Initialize technical object to manage hooks. Note that conf->hooks_modules contains array array +$hookmanager->initHooks(array('categorycard')); + /* * Actions */ From 200eb7b1bbf1d2b0b3b63ac18de7913a674a5aa3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marcos=20Garci=CC=81a=20de=20La=20Fuente?= Date: Fri, 12 Jun 2015 16:27:17 +0200 Subject: [PATCH 29/48] FIX Close bug #2855 Wrong translation key in localtax report page --- ChangeLog | 2 ++ htdocs/compta/localtax/clients.php | 2 +- htdocs/compta/localtax/quadri_detail.php | 4 ++-- 3 files changed, 5 insertions(+), 3 deletions(-) diff --git a/ChangeLog b/ChangeLog index 31a6c7266a1..ad676e01966 100644 --- a/ChangeLog +++ b/ChangeLog @@ -8,6 +8,8 @@ You may also experience troubles with Mysql 5.5.41 with error "Lost connection" Upgrading to any other version or database system is abolutely required BEFORE trying to make a Dolibarr upgrade. +***** ChangeLog for 3.7.2 compared to 3.7.* ***** +FIX [ bug #2855 ] Wrong translation key in localtax report page ***** ChangeLog for 3.7.1 compared to 3.7.* ***** FIX Bug in the new photo system diff --git a/htdocs/compta/localtax/clients.php b/htdocs/compta/localtax/clients.php index 90d6cbe8599..31eaf4375c3 100644 --- a/htdocs/compta/localtax/clients.php +++ b/htdocs/compta/localtax/clients.php @@ -109,7 +109,7 @@ $calc=$conf->global->MAIN_INFO_LOCALTAX_CALC.$local; if ($conf->global->$calc==0 || $conf->global->$calc==1) // Calculate on invoice for goods and services { $nom=$langs->transcountry($local==1?"LT1ReportByCustomersInInputOutputMode":"LT2ReportByCustomersInInputOutputMode",$mysoc->country_code); - $calcmode=$calc==0?$langs->trans("CalcModeLT".$local):$langs->trans("CalcModeLT'.$local.'Rec"); + $calcmode=$calc==0?$langs->trans("CalcModeLT".$local):$langs->trans("CalcModeLT".$local."Rec"); $calcmode.='
('.$langs->trans("TaxModuleSetupToModifyRulesLT",DOL_URL_ROOT.'/admin/company.php').')'; $period=$form->select_date($date_start,'date_start',0,0,0,'',1,0,1).' - '.$form->select_date($date_end,'date_end',0,0,0,'',1,0,1); if (! empty($conf->global->MAIN_MODULE_COMPTABILITE)) $description.='
'.$langs->trans("WarningDepositsNotIncluded"); diff --git a/htdocs/compta/localtax/quadri_detail.php b/htdocs/compta/localtax/quadri_detail.php index 612014ac741..7396c625165 100644 --- a/htdocs/compta/localtax/quadri_detail.php +++ b/htdocs/compta/localtax/quadri_detail.php @@ -129,7 +129,7 @@ $calc=$conf->global->MAIN_INFO_LOCALTAX_CALC.$local; if ($conf->global->$calc==0 || $conf->global->$calc==1) // Calculate on invoice for goods and services { $nom=$langs->trans($local==1?"LT1ReportByQuartersInDueDebtMode":"LT2ReportByQuartersInDueDebtMode"); - $calcmode=$calc==0?$langs->trans("CalcModeLT".$local):$langs->trans("CalcModeLT'.$local.'Rec"); + $calcmode=$calc==0?$langs->trans("CalcModeLT".$local):$langs->trans("CalcModeLT".$local."Rec"); $calcmode.='
('.$langs->trans("TaxModuleSetupToModifyRulesLT",DOL_URL_ROOT.'/admin/company.php').')'; $period=$form->select_date($date_start,'date_start',0,0,0,'',1,0,1).' - '.$form->select_date($date_end,'date_end',0,0,0,'',1,0,1); $prevyear=$year_start; $prevquarter=$q; @@ -161,7 +161,7 @@ if ($conf->global->$calc==0 || $conf->global->$calc==1) // Calculate on invoice if ($conf->global->$calc==2) // Invoice for goods, payment for services { $nom=$langs->trans($local==1?"LT1ReportByQuartersInInputOutputMode":"LT2ReportByQuartersInInputOutputMode"); - $calcmode=$calc==0?$langs->trans("CalcModeLT".$local):$langs->trans("CalcModeLT'.$local.'Rec"); + $calcmode=$calc==0?$langs->trans("CalcModeLT".$local):$langs->trans("CalcModeLT".$local."Rec"); $calcmode.='
('.$langs->trans("TaxModuleSetupToModifyRulesLT",DOL_URL_ROOT.'/admin/company.php').')'; $period=$form->select_date($date_start,'date_start',0,0,0,'',1,0,1).' - '.$form->select_date($date_end,'date_end',0,0,0,'',1,0,1); $prevyear=$year_start; $prevquarter=$q; From 03358925215f3b512fcee4d18e4e1402b1188482 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marcos=20Garci=CC=81a=20de=20La=20Fuente?= Date: Fri, 12 Jun 2015 18:31:49 +0200 Subject: [PATCH 30/48] FIX Close bug #2861 Undefined variable $res when migrating from 3.6.2 to 3.7.0 --- htdocs/install/upgrade2.php | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/htdocs/install/upgrade2.php b/htdocs/install/upgrade2.php index 2bcb244690e..59f1864837c 100644 --- a/htdocs/install/upgrade2.php +++ b/htdocs/install/upgrade2.php @@ -3661,8 +3661,8 @@ function migrate_reload_modules($db,$langs,$conf) if (! empty($conf->global->MAIN_MODULE_SERVICE)) // Permission has changed into 2.7 { dolibarr_install_syslog("upgrade2::migrate_reload_modules Reactivate module Service"); - if ($res) { - $res=@include_once DOL_DOCUMENT_ROOT.'/core/modules/modService.class.php'; + $res=@include_once DOL_DOCUMENT_ROOT.'/core/modules/modService.class.php'; + if ($res) { $mod=new modService($db); //$mod->remove('noboxes'); $mod->init('newboxdefonly'); @@ -3671,8 +3671,8 @@ function migrate_reload_modules($db,$langs,$conf) if (! empty($conf->global->MAIN_MODULE_COMMANDE)) // Permission has changed into 2.9 { dolibarr_install_syslog("upgrade2::migrate_reload_modules Reactivate module Commande"); - if ($res) { - $res=@include_once DOL_DOCUMENT_ROOT.'/core/modules/modCommande.class.php'; + $res=@include_once DOL_DOCUMENT_ROOT.'/core/modules/modCommande.class.php'; + if ($res) { $mod=new modCommande($db); //$mod->remove('noboxes'); $mod->init('newboxdefonly'); @@ -3681,8 +3681,8 @@ function migrate_reload_modules($db,$langs,$conf) if (! empty($conf->global->MAIN_MODULE_FACTURE)) // Permission has changed into 2.9 { dolibarr_install_syslog("upgrade2::migrate_reload_modules Reactivate module Facture"); - if ($res) { - $res=@include_once DOL_DOCUMENT_ROOT.'/core/modules/modFacture.class.php'; + $res=@include_once DOL_DOCUMENT_ROOT.'/core/modules/modFacture.class.php'; + if ($res) { $mod=new modFacture($db); //$mod->remove('noboxes'); $mod->init('newboxdefonly'); @@ -3732,8 +3732,8 @@ function migrate_reload_modules($db,$langs,$conf) if (! empty($conf->global->MAIN_MODULE_ECM)) // Permission has changed into 3.0 and 3.1 { dolibarr_install_syslog("upgrade2::migrate_reload_modules Reactivate module ECM"); - if ($res) { - $res=@include_once DOL_DOCUMENT_ROOT.'/core/modules/modECM.class.php'; + $res=@include_once DOL_DOCUMENT_ROOT.'/core/modules/modECM.class.php'; + if ($res) { $mod=new modECM($db); $mod->remove('noboxes'); // We need to remove because a permission id has been removed $mod->init('newboxdefonly'); From e3aa63f3c3bc319672008e430ddb72398d9ce79a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marcos=20Garci=CC=81a=20de=20La=20Fuente?= Date: Fri, 12 Jun 2015 18:33:37 +0200 Subject: [PATCH 31/48] Added log --- ChangeLog | 1 + 1 file changed, 1 insertion(+) diff --git a/ChangeLog b/ChangeLog index 06e76dbfacc..cf279e5160c 100644 --- a/ChangeLog +++ b/ChangeLog @@ -17,6 +17,7 @@ Fix: [ bug #2577 ] Incorrect invoice status in "Linked objects" page of a projec Fix: [ bug #2576 ] Unable to edit a dictionary entry that has # in its ref Fix: [ bug #2758 ] Product::update sets product note to "null" when $prod->note is null Fix: [ bug #2757 ] Deleting product category photo gives "Forbidden access" error +Fix: [ bug #2861 ] Undefined variable $res when migrating ***** ChangeLog for 3.5.6 compared to 3.5.5 ***** Fix: Avoid missing class error for fetch_thirdparty method #1973 From 2051a66cd736ddf8cb671a5084d8b9e29bc037b2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marcos=20Garci=CC=81a=20de=20La=20Fuente?= Date: Fri, 12 Jun 2015 18:46:05 +0200 Subject: [PATCH 32/48] FIX Close #2837 Product list table column header does not match column body --- ChangeLog | 1 + htdocs/product/liste.php | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/ChangeLog b/ChangeLog index 06e76dbfacc..4a3a3ced9fd 100644 --- a/ChangeLog +++ b/ChangeLog @@ -17,6 +17,7 @@ Fix: [ bug #2577 ] Incorrect invoice status in "Linked objects" page of a projec Fix: [ bug #2576 ] Unable to edit a dictionary entry that has # in its ref Fix: [ bug #2758 ] Product::update sets product note to "null" when $prod->note is null Fix: [ bug #2757 ] Deleting product category photo gives "Forbidden access" error +Fix: [ bug #2837 ] Product list table column header does not match column body ***** ChangeLog for 3.5.6 compared to 3.5.5 ***** Fix: Avoid missing class error for fetch_thirdparty method #1973 diff --git a/htdocs/product/liste.php b/htdocs/product/liste.php index 28563edc5eb..c25ff6bbf7f 100644 --- a/htdocs/product/liste.php +++ b/htdocs/product/liste.php @@ -459,7 +459,7 @@ else } // Better buy price - if ($user->rights->produit->creer) { + if ($user->rights->fournisseur->lire) { print '\n"; print "\n"; print ''; print ''; From b42f9a670601710ae35f9b623fc493bad22b74ab Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Sun, 14 Jun 2015 15:16:29 +0200 Subject: [PATCH 40/48] Fix phpcs --- htdocs/cashdesk/tpl/facturation1.tpl.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/htdocs/cashdesk/tpl/facturation1.tpl.php b/htdocs/cashdesk/tpl/facturation1.tpl.php index 2d7d170f22e..76055fb635e 100644 --- a/htdocs/cashdesk/tpl/facturation1.tpl.php +++ b/htdocs/cashdesk/tpl/facturation1.tpl.php @@ -44,8 +44,8 @@ $langs->load("cashdesk"); ";
'.$langs->trans("Firstname").''; - print ' '.$langs->trans("Lastname").''; - print ' / '.$langs->trans("Company").'
'.dolGetFirstLastname($langs->trans("Firstname"),$langs->trans("Lastname")).''.$langs->trans("Company").'".$langs->trans("Photo")."
'.dolGetFirstLastname($obj->firstname, $obj->lastname).($objp->societe?' / '.$objp->societe:'').''.dolGetFirstLastname($objp->firstname, $objp->lastname).''.$objp->societe.''.$objp->email.''.$objp->zip.''.$objp->town.''; print $form->showphoto('memberphoto', $objp, 64); print ''; if ($objp->minsellprice != '') { From f9574fa4588fb94491ec2b8c65dc2450000c3747 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marcos=20Garci=CC=81a=20de=20La=20Fuente?= Date: Fri, 12 Jun 2015 19:03:34 +0200 Subject: [PATCH 33/48] FIX Close #2835 Customer prices of a product shows incorrect history order --- ChangeLog | 1 + htdocs/product/price.php | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/ChangeLog b/ChangeLog index 06e76dbfacc..690d4a1abdd 100644 --- a/ChangeLog +++ b/ChangeLog @@ -17,6 +17,7 @@ Fix: [ bug #2577 ] Incorrect invoice status in "Linked objects" page of a projec Fix: [ bug #2576 ] Unable to edit a dictionary entry that has # in its ref Fix: [ bug #2758 ] Product::update sets product note to "null" when $prod->note is null Fix: [ bug #2757 ] Deleting product category photo gives "Forbidden access" error +Fix: [ bug #2835 ] Customer prices of a product shows incorrect history order ***** ChangeLog for 3.5.6 compared to 3.5.5 ***** Fix: Avoid missing class error for fetch_thirdparty method #1973 diff --git a/htdocs/product/price.php b/htdocs/product/price.php index 0a245093057..f53833b45d7 100644 --- a/htdocs/product/price.php +++ b/htdocs/product/price.php @@ -670,7 +670,7 @@ $sql.= " WHERE fk_product = ".$object->id; $sql.= " AND p.entity IN (".getEntity('productprice', 1).")"; $sql.= " AND p.fk_user_author = u.rowid"; if (! empty($socid) && ! empty($conf->global->PRODUIT_MULTIPRICES)) $sql.= " AND p.price_level = ".$soc->price_level; -$sql.= " ORDER BY p.date_price DESC, p.price_level ASC"; +$sql.= " ORDER BY p.date_price DESC, p.price_level ASC, p.rowid DESC"; dol_syslog("sql=".$sql); $result = $db->query($sql); From f068203a794b37fd41f51b725f9372372fbdc6d7 Mon Sep 17 00:00:00 2001 From: Juanjo Menent Date: Fri, 12 Jun 2015 21:31:14 +0200 Subject: [PATCH 34/48] Update changelog --- ChangeLog | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ChangeLog b/ChangeLog index ad676e01966..092c4d9a207 100644 --- a/ChangeLog +++ b/ChangeLog @@ -8,7 +8,7 @@ You may also experience troubles with Mysql 5.5.41 with error "Lost connection" Upgrading to any other version or database system is abolutely required BEFORE trying to make a Dolibarr upgrade. -***** ChangeLog for 3.7.2 compared to 3.7.* ***** +***** ChangeLog for 3.7.2 compared to 3.7.1 ***** FIX [ bug #2855 ] Wrong translation key in localtax report page ***** ChangeLog for 3.7.1 compared to 3.7.* ***** From 12155029279fe748da1ce78275739f38230f1639 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marcos=20Garci=CC=81a=20de=20La=20Fuente?= Date: Sat, 13 Jun 2015 03:09:54 +0200 Subject: [PATCH 35/48] Fix Close bug #2814 JPEG photos are not displayed in Product photos page --- ChangeLog | 1 + htdocs/product/class/product.class.php | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/ChangeLog b/ChangeLog index 06e76dbfacc..727b8952d9c 100644 --- a/ChangeLog +++ b/ChangeLog @@ -17,6 +17,7 @@ Fix: [ bug #2577 ] Incorrect invoice status in "Linked objects" page of a projec Fix: [ bug #2576 ] Unable to edit a dictionary entry that has # in its ref Fix: [ bug #2758 ] Product::update sets product note to "null" when $prod->note is null Fix: [ bug #2757 ] Deleting product category photo gives "Forbidden access" error +Fix: [ bug #2814 ] JPEG photos are not displayed in Product photos page ***** ChangeLog for 3.5.6 compared to 3.5.5 ***** Fix: Avoid missing class error for fetch_thirdparty method #1973 diff --git a/htdocs/product/class/product.class.php b/htdocs/product/class/product.class.php index 10762d4e271..8fa11d15059 100644 --- a/htdocs/product/class/product.class.php +++ b/htdocs/product/class/product.class.php @@ -2856,7 +2856,7 @@ class Product extends CommonObject if (! utf8_check($file)) $file=utf8_encode($file); // To be sure file is stored in UTF8 in memory - if (dol_is_file($dir.$file) && preg_match('/(\.jpg|\.bmp|\.gif|\.png|\.tiff)$/i', $dir.$file)) + if (dol_is_file($dir.$file) && preg_match('/(\.jp(e?)g|\.bmp|\.gif|\.png|\.tiff)$/i', $dir.$file)) { $nbphoto++; $photo = $file; From ea625628cea6930d785267f34f7424306863ba6c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marcos=20Garci=CC=81a=20de=20La=20Fuente?= Date: Sat, 13 Jun 2015 03:39:06 +0200 Subject: [PATCH 36/48] Fix Close bug #2786 Objectline_add template shows "0" for non-vat suppliers --- htdocs/core/tpl/objectline_create.tpl.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/core/tpl/objectline_create.tpl.php b/htdocs/core/tpl/objectline_create.tpl.php index 7262a3b3bd9..a8c9434acec 100644 --- a/htdocs/core/tpl/objectline_create.tpl.php +++ b/htdocs/core/tpl/objectline_create.tpl.php @@ -184,7 +184,7 @@ else { tva_assuj == "0") echo '0'; + if ($seller->tva_assuj == "0") echo ' '.vatrate(0, true); else echo $form->load_tva('tva_tx', (isset($_POST["tva_tx"])?$_POST["tva_tx"]:-1), $seller, $buyer); } ?> From f5168625d810fb14d4c8b976979eae05eabc2ded Mon Sep 17 00:00:00 2001 From: Regis Houssin Date: Sat, 13 Jun 2015 10:43:55 +0200 Subject: [PATCH 37/48] Fix: broken feature: barcode search #3019 --- htdocs/cashdesk/facturation_dhtml.php | 17 ++++++++++++----- htdocs/cashdesk/javascript/dhtml.js | 7 ++++--- htdocs/cashdesk/tpl/facturation1.tpl.php | 5 +++-- 3 files changed, 19 insertions(+), 10 deletions(-) diff --git a/htdocs/cashdesk/facturation_dhtml.php b/htdocs/cashdesk/facturation_dhtml.php index e481fcbecf6..8d4ebf8af31 100644 --- a/htdocs/cashdesk/facturation_dhtml.php +++ b/htdocs/cashdesk/facturation_dhtml.php @@ -1,6 +1,7 @@ - * Copyright (C) 2008-2009 Laurent Destailleur +/* Copyright (C) 2007-2008 Jeremie Ollivier + * Copyright (C) 2008-2009 Laurent Destailleur + * Copyright (C) 2015 Regis Houssin * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -41,8 +42,10 @@ require_once DOL_DOCUMENT_ROOT.'/cashdesk/include/environnement.php'; //header("Content-type: text/html; charset=UTF-8"); header("Content-type: text/html; charset=".$conf->file->character_set_client); +$search = GETPOST("code", "alpha"); + // Search from criteria -if (dol_strlen($_GET["code"]) >= 0) // If search criteria is on char length at least +if (dol_strlen($search) >= 0) // If search criteria is on char length at least { $sql = "SELECT p.rowid, p.ref, p.label, p.tva_tx"; if (! empty($conf->stock->enabled) && !empty($conf_fkentrepot)) $sql.= ", ps.reel"; @@ -54,11 +57,15 @@ if (dol_strlen($_GET["code"]) >= 0) // If search criteria is on char length at l // Add criteria on ref/label if (! empty($conf->global->PRODUCT_DONOTSEARCH_ANYWHERE)) { - $sql.= " AND (p.ref LIKE '".$_GET['code']."%' OR p.label LIKE '".$_GET['code']."%')"; + $sql.= " AND (p.ref LIKE '".$db->escape($search)."%' OR p.label LIKE '".$db->escape($search)."%'"; + if (! empty($conf->barcode->enabled)) $sql.= " OR p.barcode LIKE '".$db->escape($search)."%'"; + $sql.= ")"; } else { - $sql.= " AND (p.ref LIKE '%".$_GET['code']."%' OR p.label LIKE '%".$_GET['code']."%')"; + $sql.= " AND (p.ref LIKE '%".$db->escape($search)."%' OR p.label LIKE '%".$db->escape($search)."%'"; + if (! empty($conf->barcode->enabled)) $sql.= " OR p.barcode LIKE '%".$db->escape($search)."%'"; + $sql.= ")"; } $sql.= " ORDER BY label"; diff --git a/htdocs/cashdesk/javascript/dhtml.js b/htdocs/cashdesk/javascript/dhtml.js index caf0cd94abd..a2af98d65a8 100644 --- a/htdocs/cashdesk/javascript/dhtml.js +++ b/htdocs/cashdesk/javascript/dhtml.js @@ -1,5 +1,6 @@ -/* Copyright (C) 2007-2008 Jeremie Ollivier +/* Copyright (C) 2007-2008 Jeremie Ollivier + * Copyright (C) 2015 Regis Houssin * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -59,8 +60,8 @@ function afficheDonnees(aId, aTexte) { // aCible : id du bloc de destination; aCode : argument a passer a la page php chargee du traitement et de l'affichage -function verifResultat(aCible, aCode) { - if (aCode != '') { +function verifResultat(aCible, aCode, iLimit = 1) { + if (aCode != '' && aCode.length >= iLimit) { if (texte = file ('facturation_dhtml.php?code='+escape(aCode))) { diff --git a/htdocs/cashdesk/tpl/facturation1.tpl.php b/htdocs/cashdesk/tpl/facturation1.tpl.php index 338c0f23b16..2d7d170f22e 100644 --- a/htdocs/cashdesk/tpl/facturation1.tpl.php +++ b/htdocs/cashdesk/tpl/facturation1.tpl.php @@ -2,6 +2,7 @@ /* Copyright (C) 2007-2008 Jeremie Ollivier * Copyright (C) 2011 Laurent Destailleur * Copyright (C) 2011 Juanjo Menent + * Copyright (C) 2015 Regis Houssin * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -43,8 +44,8 @@ $langs->load("cashdesk"); From 6514f418e5d4b946717c9fe1b43199c45ed779bf Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marcos=20Garci=CC=81a=20de=20La=20Fuente?= Date: Sat, 13 Jun 2015 11:46:35 +0200 Subject: [PATCH 38/48] Fix [ bug 1852 ] JS error when editing a customer order line --- ChangeLog | 1 + htdocs/core/tpl/objectline_edit.tpl.php | 8 ++++---- 2 files changed, 5 insertions(+), 4 deletions(-) diff --git a/ChangeLog b/ChangeLog index 092c4d9a207..0bb51e86c75 100644 --- a/ChangeLog +++ b/ChangeLog @@ -10,6 +10,7 @@ make a Dolibarr upgrade. ***** ChangeLog for 3.7.2 compared to 3.7.1 ***** FIX [ bug #2855 ] Wrong translation key in localtax report page +FIX [ bug #1852 ] JS error when editing a customer order line ***** ChangeLog for 3.7.1 compared to 3.7.* ***** FIX Bug in the new photo system diff --git a/htdocs/core/tpl/objectline_edit.tpl.php b/htdocs/core/tpl/objectline_edit.tpl.php index c43b8be9e20..f7bcf4ed091 100644 --- a/htdocs/core/tpl/objectline_edit.tpl.php +++ b/htdocs/core/tpl/objectline_edit.tpl.php @@ -248,10 +248,10 @@ if (! empty($conf->margin->enabled)) { ?> $('#savelinebutton').click(function (e) { - return checkEditLine(e, "marginRate"); + return checkEditLine(e, "np_marginRate"); }); $("input[name='np_marginRate']:first").blur(function(e) { - return checkEditLine(e, "marginRate"); + return checkEditLine(e, "np_marginRate"); }); margin->enabled)) { ?> $('#savelinebutton').click(function (e) { - return checkEditLine(e, "markRate"); + return checkEditLine(e, "np_markRate"); }); $("input[name='np_markRate']:first").blur(function(e) { - return checkEditLine(e, "markRate"); + return checkEditLine(e, "np_markRate"); }); Date: Sun, 14 Jun 2015 12:29:47 +0200 Subject: [PATCH 39/48] Fix: select date problem with mobile device (#3039) --- htdocs/compta/bank/virement.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/htdocs/compta/bank/virement.php b/htdocs/compta/bank/virement.php index 07541732bb0..a38e5a3e8a7 100644 --- a/htdocs/compta/bank/virement.php +++ b/htdocs/compta/bank/virement.php @@ -1,7 +1,7 @@ * Copyright (C) 2004-2008 Laurent Destailleur - * Copytight (C) 2005-2009 Regis Houssin + * Copytight (C) 2005-2015 Regis Houssin * Copytight (C) 2012 Juanjo Menent * Copyright (C) 2015 Marcos García * @@ -180,7 +180,7 @@ print $form->select_comptes($account_to,'account_to',0,'',1); print ""; -$form->select_date($dateo,'','','','','add'); +$form->select_date((! empty($dateo)?$dateo:''),'','','','','add'); print " From 14a8a2269ba4e8ac452c9b50bc46676de646b173 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Sun, 14 Jun 2015 16:59:35 +0200 Subject: [PATCH 41/48] FIX End log must use same level then start log. --- htdocs/core/lib/functions.lib.php | 2 +- htdocs/main.inc.php | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/htdocs/core/lib/functions.lib.php b/htdocs/core/lib/functions.lib.php index 7a07125f811..c530f612d29 100644 --- a/htdocs/core/lib/functions.lib.php +++ b/htdocs/core/lib/functions.lib.php @@ -165,7 +165,7 @@ function dol_shutdown() global $conf,$user,$langs,$db; $disconnectdone=false; $depth=0; if (is_object($db) && ! empty($db->connected)) { $depth=$db->transaction_opened; $disconnectdone=$db->close(); } - dol_syslog("--- End access to ".$_SERVER["PHP_SELF"].(($disconnectdone && $depth)?' (Warn: db disconnection forced, transaction depth was '.$depth.')':''), (($disconnectdone && $depth)?LOG_WARNING:LOG_DEBUG)); + dol_syslog("--- End access to ".$_SERVER["PHP_SELF"].(($disconnectdone && $depth)?' (Warn: db disconnection forced, transaction depth was '.$depth.')':''), (($disconnectdone && $depth)?LOG_WARNING:LOG_INFO)); } diff --git a/htdocs/main.inc.php b/htdocs/main.inc.php index da407b29ccc..b45d672b385 100644 --- a/htdocs/main.inc.php +++ b/htdocs/main.inc.php @@ -531,7 +531,7 @@ if (! defined('NOLOGIN')) { // We are already into an authenticated session $login=$_SESSION["dol_login"]; - dol_syslog("This is an already logged session. _SESSION['dol_login']=".$login); + dol_syslog("This is an already logged session. _SESSION['dol_login']=".$login, LOG_DEBUG); $resultFetchUser=$user->fetch('',$login); if ($resultFetchUser <= 0) From adc1998b7306ecdedce37b3e5735b5ae78e3cb21 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Marcos=20Garc=C3=ADa?= Date: Mon, 15 Jun 2015 09:18:58 +0200 Subject: [PATCH 42/48] Fixed undefined variable typo --- htdocs/core/class/html.formprojet.class.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/core/class/html.formprojet.class.php b/htdocs/core/class/html.formprojet.class.php index 4cdd31d3b4c..bc5cfa2872c 100644 --- a/htdocs/core/class/html.formprojet.class.php +++ b/htdocs/core/class/html.formprojet.class.php @@ -124,7 +124,7 @@ class FormProjets } else if ($obj->fk_statut == 2) { - if ($discard_close == 2) $disabled=1; + if ($discard_closed == 2) $disabled=1; $labeltoshow.=' - '.$langs->trans("Closed"); } else if ($socid > 0 && (! empty($obj->fk_soc) && $obj->fk_soc != $socid)) From 5e25c698913fba31e3ce572a6dcf6d08c75cfb9a Mon Sep 17 00:00:00 2001 From: Regis Houssin Date: Tue, 16 Jun 2015 09:28:31 +0200 Subject: [PATCH 43/48] Fix: thumb "mini" not deleted --- htdocs/product/class/product.class.php | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/htdocs/product/class/product.class.php b/htdocs/product/class/product.class.php index a0ade451c53..99b52dc84df 100644 --- a/htdocs/product/class/product.class.php +++ b/htdocs/product/class/product.class.php @@ -3447,6 +3447,12 @@ class Product extends CommonObject { dol_delete_file($dirthumb.$photo_vignette); } + + $photo_vignette=preg_replace('/'.$regs[0].'/i','',$filename).'_mini'.$regs[0]; + if (file_exists(dol_osencode($dirthumb.$photo_vignette))) + { + dol_delete_file($dirthumb.$photo_vignette); + } } } From 3807fafc1aa68eadc9d4f5cd36f9c8372cf0d414 Mon Sep 17 00:00:00 2001 From: Regis Houssin Date: Tue, 16 Jun 2015 16:42:33 +0200 Subject: [PATCH 44/48] Fix: no error message if extrafield is require --- htdocs/fichinter/card.php | 44 ++++++++++++++++++++++++--------------- 1 file changed, 27 insertions(+), 17 deletions(-) diff --git a/htdocs/fichinter/card.php b/htdocs/fichinter/card.php index 6fb4d374a7a..69ec8984cf6 100644 --- a/htdocs/fichinter/card.php +++ b/htdocs/fichinter/card.php @@ -1,7 +1,7 @@ * Copyright (C) 2004-2014 Laurent Destailleur - * Copyright (C) 2005-2012 Regis Houssin + * Copyright (C) 2005-2015 Regis Houssin * Copyright (C) 2011-2013 Juanjo Menent * Copyright (C) 2013 Florian Henry * Copyright (C) 2014 Ferran Marcet @@ -324,24 +324,34 @@ else if ($action == 'add' && $user->rights->ficheinter->creer) } else { - // Extrafields - $extrafields = new ExtraFields($db); - $extralabels = $extrafields->fetch_name_optionals_label($object->table_element); - $array_option = $extrafields->getOptionalsFromPost($extralabels); + // Fill array 'array_options' with data from add form + $ret = $extrafields->setOptionalsFromPost($extralabels, $object); + if ($ret < 0) { + $error ++; + $action = 'create'; + } - $object->array_options = $array_option; + if (! $error) + { + // Extrafields + $extrafields = new ExtraFields($db); + $extralabels = $extrafields->fetch_name_optionals_label($object->table_element); + $array_option = $extrafields->getOptionalsFromPost($extralabels); - $result = $object->create($user); - if ($result > 0) - { - $id=$result; // Force raffraichissement sur fiche venant d'etre cree - } - else - { - $langs->load("errors"); - setEventMessages($object->error, $object->errors, 'errors'); - $action = 'create'; - } + $object->array_options = $array_option; + + $result = $object->create($user); + if ($result > 0) + { + $id=$result; // Force raffraichissement sur fiche venant d'etre cree + } + else + { + $langs->load("errors"); + setEventMessages($object->error, $object->errors, 'errors'); + $action = 'create'; + } + } } } else From 844ca580962e57bde951bb71e031330a44c0411c Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Wed, 17 Jun 2015 00:05:41 +0200 Subject: [PATCH 45/48] Fix: custom dir is missing --- build/makepack-dolibarr.pl | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/build/makepack-dolibarr.pl b/build/makepack-dolibarr.pl index f5d556eb2c5..f76d0b63880 100755 --- a/build/makepack-dolibarr.pl +++ b/build/makepack-dolibarr.pl @@ -456,10 +456,10 @@ if ($nboftargetok) { $ret=`rm -fr $BUILDROOT/$PROJECT/htdocs/document`; $ret=`rm -fr $BUILDROOT/$PROJECT/htdocs/documents`; # Removed known external modules to avoir any error when packaging on test env + $ret=`rm -fr $BUILDROOT/$PROJECT/htdocs/custom/*`; # For custome we want to keep dir $ret=`rm -fr $BUILDROOT/$PROJECT/htdocs/ancotec*`; $ret=`rm -fr $BUILDROOT/$PROJECT/htdocs/calling*`; $ret=`rm -fr $BUILDROOT/$PROJECT/htdocs/bootstrap*`; - $ret=`rm -fr $BUILDROOT/$PROJECT/htdocs/custom*`; $ret=`rm -fr $BUILDROOT/$PROJECT/htdocs/factory*`; $ret=`rm -fr $BUILDROOT/$PROJECT/htdocs/management*`; $ret=`rm -fr $BUILDROOT/$PROJECT/htdocs/multicompany*`; From 9c6c3ad65d224e6ac44b8ac176ec7db83f7914c6 Mon Sep 17 00:00:00 2001 From: Regis Houssin Date: Wed, 17 Jun 2015 16:33:18 +0200 Subject: [PATCH 46/48] Fix: wrong user right --- htdocs/product/class/product.class.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/product/class/product.class.php b/htdocs/product/class/product.class.php index 99b52dc84df..f30874690fa 100644 --- a/htdocs/product/class/product.class.php +++ b/htdocs/product/class/product.class.php @@ -2169,7 +2169,7 @@ class Product extends CommonObject $sql = "SELECT sum(d.qty), date_format(c.date_commande, '%Y%m')"; if ($mode == 'bynumber') $sql.= ", count(DISTINCT c.rowid)"; $sql.= " FROM ".MAIN_DB_PREFIX."commande_fournisseurdet as d, ".MAIN_DB_PREFIX."commande_fournisseur as c, ".MAIN_DB_PREFIX."societe as s"; - if (!$user->rights->fournisseur->lire && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; + if (!$user->rights->societe->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql.= " WHERE c.rowid = d.fk_commande"; $sql.= " AND d.fk_product =".$this->id; $sql.= " AND c.fk_soc = s.rowid"; From 63df278ecaf724199e087311d7566c7368d47925 Mon Sep 17 00:00:00 2001 From: Francis Appels Date: Tue, 23 Jun 2015 19:28:18 +0200 Subject: [PATCH 47/48] Fix: issue #3085 --- htdocs/core/js/lib_batch.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/core/js/lib_batch.js b/htdocs/core/js/lib_batch.js index 65c138b73aa..b434083edd0 100644 --- a/htdocs/core/js/lib_batch.js +++ b/htdocs/core/js/lib_batch.js @@ -19,7 +19,7 @@ // \brief File that include javascript functions used when dispatching batch-enabled product // -function AddLineBatch(index) { +function addLineBatch(index) { var nme = 'dluo_0_'+index; $row=$("tr[name='"+nme+"']").clone(true); $row.find("input[name^='qty']").val(''); From c9c1247a2843a5dfbc2b7240810b45490e7b557d Mon Sep 17 00:00:00 2001 From: fmarcet Date: Wed, 24 Jun 2015 09:01:39 +0200 Subject: [PATCH 48/48] FIX: Payed invoices are showed as canceled FIX: Bad date filter on customer order --- htdocs/societe/consumption.php | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/htdocs/societe/consumption.php b/htdocs/societe/consumption.php index f8b5829b03e..53d5daedb6e 100644 --- a/htdocs/societe/consumption.php +++ b/htdocs/societe/consumption.php @@ -2,6 +2,7 @@ /* Copyright (C) 2012-2013 Philippe Berthet * Copyright (C) 2004-2014 Laurent Destailleur * Copyright (C) 2013 Juanjo Menent + * Copyright (C) 2015 Ferran Marcet * * Version V1.1 Initial version of Philippe Berthet * Version V2 Change to be compatible with 3.4 and enhanced to be more generic @@ -197,7 +198,7 @@ if ($type_element == 'invoice') { // Customer : show products from invoices require_once DOL_DOCUMENT_ROOT.'/compta/facture/class/facture.class.php'; $documentstatic=new Facture($db); - $sql_select = 'SELECT f.rowid as doc_id, f.facnumber as doc_number, f.type as doc_type, f.datef as dateprint, f.fk_statut as status, '; + $sql_select = 'SELECT f.rowid as doc_id, f.facnumber as doc_number, f.type as doc_type, f.datef as dateprint, f.fk_statut as status, f.paye as paid, '; $tables_from = MAIN_DB_PREFIX."facture as f,".MAIN_DB_PREFIX."facturedet as d"; $where = " WHERE f.fk_soc = s.rowid AND s.rowid = ".$socid; $where.= " AND d.fk_facture = f.rowid"; @@ -228,7 +229,7 @@ if ($type_element == 'order') $where = " WHERE c.fk_soc = s.rowid AND s.rowid = ".$socid; $where.= " AND d.fk_commande = c.rowid"; $where.= " AND c.entity = ".$conf->entity; - $dateprint = 'c.datef'; + $dateprint = 'c.date_commande'; $doc_number='c.ref'; $thirdTypeSelect='customer'; } @@ -335,11 +336,12 @@ if ($sql_select) { $documentstatic->id=$objp->doc_id; $documentstatic->ref=$objp->doc_number; - $documentstatic->type=$objp->type; + $documentstatic->type=$objp->doc_type; $documentstatic->fk_statut=$objp->status; $documentstatic->fk_status=$objp->status; $documentstatic->statut=$objp->status; $documentstatic->status=$objp->status; + $documentstatic->paye=$objp->paid; $var=!$var; print "