From ad9efb3961a04216f7c47b0d2709ff257af42f23 Mon Sep 17 00:00:00 2001 From: BENKE Charles Date: Mon, 21 Apr 2014 15:40:08 +0200 Subject: [PATCH 1/8] Update propal.class.php it's this->lines who used on create propal function not this->products --- htdocs/comm/propal/class/propal.class.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/comm/propal/class/propal.class.php b/htdocs/comm/propal/class/propal.class.php index fb35d337bac..62b496201cd 100644 --- a/htdocs/comm/propal/class/propal.class.php +++ b/htdocs/comm/propal/class/propal.class.php @@ -200,7 +200,7 @@ class Propal extends CommonObject $line->remise_percent=$remise_percent; $line->tva_tx=$tva_tx; - $this->products[]=$line; + $this->lines[]=$line; } } From ff597a899fd6d6470cfe4ea41110e8135dca36c9 Mon Sep 17 00:00:00 2001 From: Florian HENRY Date: Tue, 22 Apr 2014 11:20:19 +0200 Subject: [PATCH 2/8] add filter to effectif select --- htdocs/core/class/html.formcompany.class.php | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/htdocs/core/class/html.formcompany.class.php b/htdocs/core/class/html.formcompany.class.php index 5420357a5a9..3f7dd507afc 100644 --- a/htdocs/core/class/html.formcompany.class.php +++ b/htdocs/core/class/html.formcompany.class.php @@ -92,15 +92,17 @@ class FormCompany * Renvoie la liste des types d'effectifs possibles (pas de traduction car nombre) * * @param int $mode 0=renvoi id+libelle, 1=renvoi code+libelle + * @param string $filter Add a SQL filter to select * @return array Array of types d'effectifs */ - function effectif_array($mode=0) + function effectif_array($mode=0, $filter='') { $effs = array(); $sql = "SELECT id, code, libelle"; $sql .= " FROM ".MAIN_DB_PREFIX."c_effectif"; $sql.= " WHERE active = 1"; + if ($filter) $sql.=" ".$filter; $sql .= " ORDER BY id ASC"; dol_syslog(get_class($this).'::effectif_array sql='.$sql,LOG_DEBUG); $resql=$this->db->query($sql); From 5cbb1dd96d153b2ac94bb592f3815e916d6c8331 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Rapha=C3=ABl=20Doursenaud?= Date: Wed, 23 Apr 2014 11:07:00 +0200 Subject: [PATCH 3/8] Qual: Removed useless method The method is already in the DoliDB base class --- htdocs/core/db/pgsql.class.php | 26 -------------------------- 1 file changed, 26 deletions(-) diff --git a/htdocs/core/db/pgsql.class.php b/htdocs/core/db/pgsql.class.php index f8cb36e4044..224e5ffa71d 100644 --- a/htdocs/core/db/pgsql.class.php +++ b/htdocs/core/db/pgsql.class.php @@ -448,32 +448,6 @@ class DoliDBPgsql extends DoliDB return false; } - /** - * Start transaction - * - * @return int 1 if transaction successfuly opened or already opened, 0 if error - */ - function begin() - { - if (! $this->transaction_opened) - { - $ret=$this->query("BEGIN;"); - if ($ret) - { - $this->transaction_opened++; - dol_syslog("BEGIN Transaction",LOG_DEBUG); - dol_syslog('',0,1); - } - return $ret; - } - else - { - $this->transaction_opened++; - dol_syslog('',0,1); - return 1; - } - } - /** * Validate a database transaction * From 16ede7c52c37891d36a59dd3dec56b924394c1cd Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Rapha=C3=ABl=20Doursenaud?= Date: Wed, 23 Apr 2014 11:12:06 +0200 Subject: [PATCH 4/8] Qual: Moved duplicate methods to base method --- htdocs/core/db/DoliDB.class.php | 49 ++++++++++++++++++++++++++++++++ htdocs/core/db/mysql.class.php | 49 -------------------------------- htdocs/core/db/mysqli.class.php | 49 -------------------------------- htdocs/core/db/pgsql.class.php | 50 --------------------------------- htdocs/core/db/sqlite.class.php | 49 -------------------------------- 5 files changed, 49 insertions(+), 197 deletions(-) diff --git a/htdocs/core/db/DoliDB.class.php b/htdocs/core/db/DoliDB.class.php index f85aa4ca78a..e95d31acf6e 100644 --- a/htdocs/core/db/DoliDB.class.php +++ b/htdocs/core/db/DoliDB.class.php @@ -125,6 +125,55 @@ abstract class DoliDB implements Database } } + /** + * Validate a database transaction + * + * @param string $log Add more log to default log line + * @return int 1 if validation is OK or transaction level no started, 0 if ERROR + */ + function commit($log='') + { + dol_syslog('',0,-1); + if ($this->transaction_opened<=1) + { + $ret=$this->query("COMMIT"); + if ($ret) + { + $this->transaction_opened=0; + dol_syslog("COMMIT Transaction".($log?' '.$log:''),LOG_DEBUG); + } + return $ret; + } + else + { + $this->transaction_opened--; + return 1; + } + } + + /** + * Annulation d'une transaction et retour aux anciennes valeurs + * + * @param string $log Add more log to default log line + * @return int 1 si annulation ok ou transaction non ouverte, 0 en cas d'erreur + */ + function rollback($log='') + { + dol_syslog('',0,-1); + if ($this->transaction_opened<=1) + { + $ret=$this->query("ROLLBACK"); + $this->transaction_opened=0; + dol_syslog("ROLLBACK Transaction".($log?' '.$log:''),LOG_DEBUG); + return $ret; + } + else + { + $this->transaction_opened--; + return 1; + } + } + /** * Return version of database server into an array * diff --git a/htdocs/core/db/mysql.class.php b/htdocs/core/db/mysql.class.php index 582adbb343a..a0228a1b00c 100644 --- a/htdocs/core/db/mysql.class.php +++ b/htdocs/core/db/mysql.class.php @@ -239,55 +239,6 @@ class DoliDBMysql extends DoliDB return false; } - /** - * Validate a database transaction - * - * @param string $log Add more log to default log line - * @return int 1 if validation is OK or transaction level no started, 0 if ERROR - */ - function commit($log='') - { - dol_syslog('',0,-1); - if ($this->transaction_opened<=1) - { - $ret=$this->query("COMMIT"); - if ($ret) - { - $this->transaction_opened=0; - dol_syslog("COMMIT Transaction".($log?' '.$log:''),LOG_DEBUG); - } - return $ret; - } - else - { - $this->transaction_opened--; - return 1; - } - } - - /** - * Annulation d'une transaction et retour aux anciennes valeurs - * - * @param string $log Add more log to default log line - * @return int 1 si annulation ok ou transaction non ouverte, 0 en cas d'erreur - */ - function rollback($log='') - { - dol_syslog('',0,-1); - if ($this->transaction_opened<=1) - { - $ret=$this->query("ROLLBACK"); - $this->transaction_opened=0; - dol_syslog("ROLLBACK Transaction".($log?' '.$log:''),LOG_DEBUG); - return $ret; - } - else - { - $this->transaction_opened--; - return 1; - } - } - /** * Execute a SQL request and return the resultset * diff --git a/htdocs/core/db/mysqli.class.php b/htdocs/core/db/mysqli.class.php index 66fa531bf09..3c23a85e027 100644 --- a/htdocs/core/db/mysqli.class.php +++ b/htdocs/core/db/mysqli.class.php @@ -243,55 +243,6 @@ class DoliDBMysqli extends DoliDB return false; } - /** - * Validate a database transaction - * - * @param string $log Add more log to default log line - * @return int 1 if validation is OK or transaction level no started, 0 if ERROR - */ - function commit($log='') - { - dol_syslog('',0,-1); - if ($this->transaction_opened<=1) - { - $ret=$this->query("COMMIT"); - if ($ret) - { - $this->transaction_opened=0; - dol_syslog("COMMIT Transaction".($log?' '.$log:''),LOG_DEBUG); - } - return $ret; - } - else - { - $this->transaction_opened--; - return 1; - } - } - - /** - * Annulation d'une transaction et retour aux anciennes valeurs - * - * @param string $log Add more log to default log line - * @return int 1 si annulation ok ou transaction non ouverte, 0 en cas d'erreur - */ - function rollback($log='') - { - dol_syslog('',0,-1); - if ($this->transaction_opened<=1) - { - $ret=$this->query("ROLLBACK"); - $this->transaction_opened=0; - dol_syslog("ROLLBACK Transaction".($log?' '.$log:''),LOG_DEBUG); - return $ret; - } - else - { - $this->transaction_opened--; - return 1; - } - } - /** * Execute a SQL request and return the resultset * diff --git a/htdocs/core/db/pgsql.class.php b/htdocs/core/db/pgsql.class.php index 224e5ffa71d..9ed44faf548 100644 --- a/htdocs/core/db/pgsql.class.php +++ b/htdocs/core/db/pgsql.class.php @@ -448,56 +448,6 @@ class DoliDBPgsql extends DoliDB return false; } - /** - * Validate a database transaction - * - * @param string $log Add more log to default log line - * @return int 1 if validation is OK or transaction level no started, 0 if ERROR - */ - function commit($log='') - { - dol_syslog('',0,-1); - if ($this->transaction_opened<=1) - { - $ret=$this->query("COMMIT;"); - if ($ret) - { - $this->transaction_opened=0; - dol_syslog("COMMIT Transaction",LOG_DEBUG); - } - return $ret; - } - else - { - $this->transaction_opened--; - return 1; - } - } - - /** - * Annulation d'une transaction et retour aux anciennes valeurs - * - * @param string $log Add more log to default log line - * @return int 1 si annulation ok ou transaction non ouverte, 0 en cas d'erreur - */ - function rollback($log='') - { - dol_syslog('',0,-1); - if ($this->transaction_opened<=1) - { - $ret=$this->query("ROLLBACK;"); - $this->transaction_opened=0; - dol_syslog("ROLLBACK Transaction".($log?' '.$log:''),LOG_DEBUG); - return $ret; - } - else - { - $this->transaction_opened--; - return 1; - } - } - - /** * Convert request to PostgreSQL syntax, execute it and return the resultset * diff --git a/htdocs/core/db/sqlite.class.php b/htdocs/core/db/sqlite.class.php index fe3ac4718a9..d0285e57457 100644 --- a/htdocs/core/db/sqlite.class.php +++ b/htdocs/core/db/sqlite.class.php @@ -368,55 +368,6 @@ class DoliDBSqlite extends DoliDB return false; } - /** - * Validate a database transaction - * - * @param string $log Add more log to default log line - * @return int 1 if validation is OK or transaction level no started, 0 if ERROR - */ - function commit($log='') - { - dol_syslog('',0,-1); - if ($this->transaction_opened<=1) - { - $ret=$this->query("COMMIT"); - if ($ret) - { - $this->transaction_opened=0; - dol_syslog("COMMIT Transaction".($log?' '.$log:''),LOG_DEBUG); - } - return $ret; - } - else - { - $this->transaction_opened--; - return 1; - } - } - - /** - * Annulation d'une transaction et retour aux anciennes valeurs - * - * @param string $log Add more log to default log line - * @return int 1 si annulation ok ou transaction non ouverte, 0 en cas d'erreur - */ - function rollback($log='') - { - dol_syslog('',0,-1); - if ($this->transaction_opened<=1) - { - $ret=$this->query("ROLLBACK"); - $this->transaction_opened=0; - dol_syslog("ROLLBACK Transaction".($log?' '.$log:''),LOG_DEBUG); - return $ret; - } - else - { - $this->transaction_opened--; - return 1; - } - } - /** * Execute a SQL request and return the resultset * From e62edc0a729fb168e793189ba872b51ec2dee325 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Rapha=C3=ABl=20Doursenaud?= Date: Wed, 23 Apr 2014 11:18:15 +0200 Subject: [PATCH 5/8] Fix undeclared variable --- htdocs/core/class/link.class.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/core/class/link.class.php b/htdocs/core/class/link.class.php index 8100d526718..08d520d519e 100644 --- a/htdocs/core/class/link.class.php +++ b/htdocs/core/class/link.class.php @@ -266,7 +266,7 @@ class Link extends CommonObject { while ($obj = $this->db->fetch_object($resql)) { - $link = new Link($db); + $link = new Link($this->db); $link->id = $obj->rowid; $link->entity = $obj->entity; $link->datea = $this->db->jdate($obj->datea); From 98120862f790037faa3bcba0630d9578ad0321c1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Rapha=C3=ABl=20Doursenaud?= Date: Wed, 23 Apr 2014 12:15:13 +0200 Subject: [PATCH 6/8] Qual: Moved duplicate method to base method --- htdocs/core/db/DoliDB.class.php | 16 ++++++++++++++++ htdocs/core/db/mssql.class.php | 18 ------------------ htdocs/core/db/mysql.class.php | 18 ------------------ htdocs/core/db/mysqli.class.php | 18 ------------------ htdocs/core/db/sqlite.class.php | 18 ------------------ 5 files changed, 16 insertions(+), 72 deletions(-) diff --git a/htdocs/core/db/DoliDB.class.php b/htdocs/core/db/DoliDB.class.php index e95d31acf6e..aa0792c5970 100644 --- a/htdocs/core/db/DoliDB.class.php +++ b/htdocs/core/db/DoliDB.class.php @@ -174,6 +174,22 @@ abstract class DoliDB implements Database } } + /** + * Define limits and offset of request + * + * @param int $limit Maximum number of lines returned (-1=conf->liste_limit, 0=no limit) + * @param int $offset Numero of line from where starting fetch + * @return string String with SQL syntax to add a limit and offset + */ + function plimit($limit=0,$offset=0) + { + global $conf; + if (empty($limit)) return ""; + if ($limit < 0) $limit=$conf->liste_limit; + if ($offset > 0) return " LIMIT $offset,$limit "; + else return " LIMIT $limit "; + } + /** * Return version of database server into an array * diff --git a/htdocs/core/db/mssql.class.php b/htdocs/core/db/mssql.class.php index 239582a6595..855b7a71026 100644 --- a/htdocs/core/db/mssql.class.php +++ b/htdocs/core/db/mssql.class.php @@ -466,24 +466,6 @@ class DoliDBMssql extends DoliDB if (is_resource($resultset)) mssql_free_result($resultset); } - - /** - * Define limits and offset of request - * - * @param int $limit Maximum number of lines returned (-1=conf->liste_limit, 0=no limit) - * @param int $offset Numero of line from where starting fetch - * @return string String with SQL syntax to add a limit and offset - */ - function plimit($limit=0,$offset=0) - { - global $conf; - if (empty($limit)) return ""; - if ($limit < 0) $limit=$conf->liste_limit; - if ($offset > 0) return " LIMIT $offset,$limit "; - else return " LIMIT $limit "; - } - - /** * Escape a string to insert data * diff --git a/htdocs/core/db/mysql.class.php b/htdocs/core/db/mysql.class.php index a0228a1b00c..efe942caed5 100644 --- a/htdocs/core/db/mysql.class.php +++ b/htdocs/core/db/mysql.class.php @@ -365,24 +365,6 @@ class DoliDBMysql extends DoliDB if (is_resource($resultset)) mysql_free_result($resultset); } - - /** - * Define limits and offset of request - * - * @param int $limit Maximum number of lines returned (-1=conf->liste_limit, 0=no limit) - * @param int $offset Numero of line from where starting fetch - * @return string String with SQL syntax to add a limit and offset - */ - function plimit($limit=0,$offset=0) - { - global $conf; - if (empty($limit)) return ""; - if ($limit < 0) $limit=$conf->liste_limit; - if ($offset > 0) return " LIMIT $offset,$limit "; - else return " LIMIT $limit "; - } - - /** * Escape a string to insert data * diff --git a/htdocs/core/db/mysqli.class.php b/htdocs/core/db/mysqli.class.php index 3c23a85e027..f2dd2e80359 100644 --- a/htdocs/core/db/mysqli.class.php +++ b/htdocs/core/db/mysqli.class.php @@ -376,24 +376,6 @@ class DoliDBMysqli extends DoliDB if (is_object($resultset)) mysqli_free_result($resultset); } - - /** - * Define limits and offset of request - * - * @param int $limit Maximum number of lines returned (-1=conf->liste_limit, 0=no limit) - * @param int $offset Numero of line from where starting fetch - * @return string String with SQL syntax to add a limit and offset - */ - function plimit($limit=0,$offset=0) - { - global $conf; - if (empty($limit)) return ""; - if ($limit < 0) $limit=$conf->liste_limit; - if ($offset > 0) return " LIMIT $offset,$limit "; - else return " LIMIT $limit "; - } - - /** * Escape a string to insert data * diff --git a/htdocs/core/db/sqlite.class.php b/htdocs/core/db/sqlite.class.php index d0285e57457..8c3e9fa9df3 100644 --- a/htdocs/core/db/sqlite.class.php +++ b/htdocs/core/db/sqlite.class.php @@ -510,24 +510,6 @@ class DoliDBSqlite extends DoliDB if (is_object($resultset)) $resultset->closeCursor(); } - - /** - * Define limits and offset of request - * - * @param int $limit Maximum number of lines returned (-1=conf->liste_limit, 0=no limit) - * @param int $offset Numero of line from where starting fetch - * @return string String with SQL syntax to add a limit and offset - */ - function plimit($limit=0,$offset=0) - { - global $conf; - if (empty($limit)) return ""; - if ($limit < 0) $limit=$conf->liste_limit; - if ($offset > 0) return " LIMIT $offset,$limit "; - else return " LIMIT $limit "; - } - - /** * Escape a string to insert data * From 79fe0a16588b4b4c2bf75f73fd73d7ea3bde10fd Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Rapha=C3=ABl=20Doursenaud?= Date: Wed, 23 Apr 2014 14:21:58 +0200 Subject: [PATCH 7/8] Qual: Prevent potential JS injection --- htdocs/core/js/lib_head.js | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/htdocs/core/js/lib_head.js b/htdocs/core/js/lib_head.js index a9b7f9e4c18..b6b5993b9d4 100644 --- a/htdocs/core/js/lib_head.js +++ b/htdocs/core/js/lib_head.js @@ -554,7 +554,9 @@ function newpopup(url,title) { tmp=url; var l = (argc > 2) ? argv[2] : 600; var h = (argc > 3) ? argv[3] : 400; - var wfeatures="directories=0,menubar=0,status=0,resizable=0,scrollbars=1,toolbar=0,width="+l+",height="+h+",left=" + eval("(screen.width - l)/2") + ",top=" + eval("(screen.height - h)/2"); + var left = (screen.width - l)/2; + var top = (screen.height - h)/2; + var wfeatures = "directories=0,menubar=0,status=0,resizable=0,scrollbars=1,toolbar=0,width=" + l +",height=" + h + ",left=" + left + ",top=" + top; fen=window.open(tmp,title,wfeatures); return false; } From b9865b9cccae49f8c35f13c0227d1dc689c2a9be Mon Sep 17 00:00:00 2001 From: Maxime Kohlhaas Date: Wed, 23 Apr 2014 17:50:47 +0200 Subject: [PATCH 8/8] Fix : proposal validation was converting third as customer --- htdocs/comm/propal/class/propal.class.php | 3 --- 1 file changed, 3 deletions(-) diff --git a/htdocs/comm/propal/class/propal.class.php b/htdocs/comm/propal/class/propal.class.php index 25f4d458df3..88701c97e19 100644 --- a/htdocs/comm/propal/class/propal.class.php +++ b/htdocs/comm/propal/class/propal.class.php @@ -1302,9 +1302,6 @@ class Propal extends CommonObject $soc = new Societe($this->db); $soc->fetch($this->socid); - // Class of company linked to propal - $result=$soc->set_as_client(); - // Define new ref if (! $error && (preg_match('/^[\(]?PROV/i', $this->ref))) {