From 693d07d9253d9afec4f78a02739c5a04ea43bfc7 Mon Sep 17 00:00:00 2001 From: simnandez Date: Wed, 29 Feb 2012 14:12:49 +0100 Subject: [PATCH 1/6] Trad: Add missing translations --- htdocs/langs/ca_ES/banks.lang | 6 +++++- htdocs/langs/ca_ES/companies.lang | 6 ++++++ htdocs/langs/ca_ES/errors.lang | 1 + htdocs/langs/ca_ES/mails.lang | 1 + htdocs/langs/ca_ES/main.lang | 2 +- htdocs/langs/ca_ES/paypal.lang | 3 ++- htdocs/langs/es_ES/banks.lang | 6 +++++- htdocs/langs/es_ES/companies.lang | 6 ++++++ htdocs/langs/es_ES/errors.lang | 1 + htdocs/langs/es_ES/mails.lang | 1 + htdocs/langs/es_ES/main.lang | 2 +- htdocs/langs/es_ES/paypal.lang | 3 ++- 12 files changed, 32 insertions(+), 6 deletions(-) diff --git a/htdocs/langs/ca_ES/banks.lang b/htdocs/langs/ca_ES/banks.lang index ea189a52be2..c740fa5ef87 100644 --- a/htdocs/langs/ca_ES/banks.lang +++ b/htdocs/langs/ca_ES/banks.lang @@ -142,4 +142,8 @@ AllAccounts=Tots els comptes bancaris/de caixa BackToAccount=Tornar al compte ShowAllAccounts=Mostra per a tots els comptes FutureTransaction=Transacció futura. No és possible conciliar. -SelectChequeTransactionAndGenerate=Seleccioneu/filtreu els xecs a incloure a la remesa i feu clic a "Crear". \ No newline at end of file +SelectChequeTransactionAndGenerate=Seleccioneu/filtreu els xecs a incloure a la remesa i feu clic a "Crear". +InputReceiptNumber=Indiqui l'extracte bancari relacionat amb la conciliació. Utilitzeu un valor numèric ordenable (per exemple, AAAAMM) +EventualyAddCategory=Eventualment, indiqui una categoria en la qual classificar els registres +ToConciliate=A conciliar? +ThenCheckLinesAndConciliate=A continuació, comproveu les línies presents en l'extracte bancari i feu clic \ No newline at end of file diff --git a/htdocs/langs/ca_ES/companies.lang b/htdocs/langs/ca_ES/companies.lang index 3cdf9b80129..2838478d6c1 100644 --- a/htdocs/langs/ca_ES/companies.lang +++ b/htdocs/langs/ca_ES/companies.lang @@ -115,6 +115,12 @@ ProfId2BE=- ProfId3BE=- ProfId4BE=- ProfId5BE=- +#ProfId1BR=CNAE +#ProfId2BR=CNPJ +#ProfId3BR=CPF +#ProfId4BR=INSS +#ProfId5BR=IE +#ProfId6BR=IM ProfId1CH=- ProfId2CH=- ProfId3CH=Número federat diff --git a/htdocs/langs/ca_ES/errors.lang b/htdocs/langs/ca_ES/errors.lang index e086b1ffdd6..a1ff701cdd2 100644 --- a/htdocs/langs/ca_ES/errors.lang +++ b/htdocs/langs/ca_ES/errors.lang @@ -104,6 +104,7 @@ ErrorBadValueForCode=Valor no vàlid per al codi. Torneu a intentar-ho amb un no ErrorBothFieldCantBeNegative=Els camps %s i %s no poden ser negatius ErrorNoActivatedBarcode=Cap tipus de codi de barres activat ErrorWebServerUserHasNotPermission=El compte d'execució del servidor web %s no disposa dels permisos per això +ErrorNoActivatedBarcode=No hi ha activat cap tipus de codi de barres # Warnings WarningSafeModeOnCheckExecDir=Atenció, està activada l'opció PHP safe_mode, la comanda ha d'estar dins d'un directori declarat dins del paràmetre php safe_mode_exec_dir. diff --git a/htdocs/langs/ca_ES/mails.lang b/htdocs/langs/ca_ES/mails.lang index 30605b3e2a4..24a5be04af4 100644 --- a/htdocs/langs/ca_ES/mails.lang +++ b/htdocs/langs/ca_ES/mails.lang @@ -39,6 +39,7 @@ MailingStatusDraft=Esborrany MailingStatusValidated=Validat MailingStatusApproved=Aprovat MailingStatusSent=Enviat +MailingStatusRead=Llegit MailingStatusSentPartialy=Enviat parcialment MailingStatusSentCompletely=Enviat completament MailingStatusError=Error diff --git a/htdocs/langs/ca_ES/main.lang b/htdocs/langs/ca_ES/main.lang index 59f7f3e2bfc..3db44046497 100644 --- a/htdocs/langs/ca_ES/main.lang +++ b/htdocs/langs/ca_ES/main.lang @@ -175,7 +175,7 @@ Info=Log Family=Familia Description=Descripció Designation=Descripción -Action=Esdeveniment +Action=Acció Model=Model DefaultModel=Model per defecte About=Sobre diff --git a/htdocs/langs/ca_ES/paypal.lang b/htdocs/langs/ca_ES/paypal.lang index 4759aa1f822..762d2628b42 100644 --- a/htdocs/langs/ca_ES/paypal.lang +++ b/htdocs/langs/ca_ES/paypal.lang @@ -15,4 +15,5 @@ ThisIsTransactionId=Identificador de la transacció: %s PAYPAL_ADD_PAYMENT_URL=Afegir la url del pagament Paypal en enviar un document per e-mail PAYPAL_IPN_MAIL_ADDRESS=Adreça e-mail per les notificacions instantànies de pagament (IPN) PredefinedMailContentSendOrderWithPaypalLink=Us adjuntem la comanda __ORDERREF__\n\nPodeu fer clic a l'enllaç assegurança de sota per realitzar el seu pagament a través de PayPal\n\n%s\n\nCordialment\n\n -PredefinedMailContentSendInvoiceWithPaypalLink=Us adjuntem la factura __FACREF__\n\nPodeu fer clic a l'enllaç assegurança de sota per realitzar el seu pagament a través de PayPal\n\n%s\n\nCordialment\n\n \ No newline at end of file +PredefinedMailContentSendInvoiceWithPaypalLink=Us adjuntem la factura __FACREF__\n\nPodeu fer clic a l'enllaç assegurança de sota per realitzar el seu pagament a través de PayPal\n\n%s\n\nCordialment\n\n +YouAreCurrentlyInSandboxMode=Actualment es troba en mode "sandbox" \ No newline at end of file diff --git a/htdocs/langs/es_ES/banks.lang b/htdocs/langs/es_ES/banks.lang index 9e87caff24f..8c0ae21ca39 100644 --- a/htdocs/langs/es_ES/banks.lang +++ b/htdocs/langs/es_ES/banks.lang @@ -142,4 +142,8 @@ AllAccounts=Todas las cuentas bancarias/de caja BackToAccount=Volver a la cuenta ShowAllAccounts=Mostrar para todas las cuentas FutureTransaction=Transacción futura. No es posible conciliar. -SelectChequeTransactionAndGenerate=Seleccione/filtre los cheques a incluir en la remesa y haga clic en "Crear". \ No newline at end of file +SelectChequeTransactionAndGenerate=Seleccione/filtre los cheques a incluir en la remesa y haga clic en "Crear". +InputReceiptNumber=Indique el extracto bancario relacionado con la conciliación. Utilice un valor numérico ordenable (por ejemplo, AAAAMM) +EventualyAddCategory=Eventualmente, indique una categoría en la que clasificar los registros +ToConciliate=¿A conciliar? +ThenCheckLinesAndConciliate=A continuación, compruebe las líneas presentes en el extracto bancario y haga clic \ No newline at end of file diff --git a/htdocs/langs/es_ES/companies.lang b/htdocs/langs/es_ES/companies.lang index 199f90333c8..9ca56737e70 100644 --- a/htdocs/langs/es_ES/companies.lang +++ b/htdocs/langs/es_ES/companies.lang @@ -115,6 +115,12 @@ ProfId2BE=- ProfId3BE=- ProfId4BE=- ProfId5BE=- +#ProfId1BR=CNAE +#ProfId2BR=CNPJ +#ProfId3BR=CPF +#ProfId4BR=INSS +#ProfId5BR=IE +#ProfId6BR=IM ProfId1CH=- ProfId2CH=- ProfId3CH=Número federado diff --git a/htdocs/langs/es_ES/errors.lang b/htdocs/langs/es_ES/errors.lang index fd1765a345f..d1a35024ea9 100644 --- a/htdocs/langs/es_ES/errors.lang +++ b/htdocs/langs/es_ES/errors.lang @@ -104,6 +104,7 @@ ErrorBadValueForCode=Valor incorrecto para el código. Vuelva a intentar con un ErrorBothFieldCantBeNegative=Los campos %s y %s no pueden ser negativos ErrorNoActivatedBarcode=Ningún tipo de código de barra activado ErrorWebServerUserHasNotPermission=La cuenta de ejecución del servidor web %s no dispone de los permisos para esto +ErrorNoActivatedBarcode=No hay activado ningún tipo de código de barras # Warnings WarningSafeModeOnCheckExecDir=Atención, está activada la opción PHP safe_mode, el comando deberá estar dentro de un directorio declarado dentro del parámetro php safe_mode_exec_dir. diff --git a/htdocs/langs/es_ES/mails.lang b/htdocs/langs/es_ES/mails.lang index c5c2ed7e51e..3957b886cae 100644 --- a/htdocs/langs/es_ES/mails.lang +++ b/htdocs/langs/es_ES/mails.lang @@ -39,6 +39,7 @@ MailingStatusDraft=Borrador MailingStatusValidated=Validado MailingStatusApproved=Aprovado MailingStatusSent=Enviado +MailingStatusRead=Leido MailingStatusSentPartialy=Enviado parcialmente MailingStatusSentCompletely=Enviado completamente MailingStatusError=Error diff --git a/htdocs/langs/es_ES/main.lang b/htdocs/langs/es_ES/main.lang index 92e37752683..578803f08bd 100644 --- a/htdocs/langs/es_ES/main.lang +++ b/htdocs/langs/es_ES/main.lang @@ -175,7 +175,7 @@ Info=Log Family=Familia Description=Descripción Designation=Descripción -Action=Evento +Action=Acción Model=Modelo DefaultModel=Modelo por defecto About=Acerca de diff --git a/htdocs/langs/es_ES/paypal.lang b/htdocs/langs/es_ES/paypal.lang index 8616d2e5e2b..2320ceebc39 100644 --- a/htdocs/langs/es_ES/paypal.lang +++ b/htdocs/langs/es_ES/paypal.lang @@ -15,4 +15,5 @@ ThisIsTransactionId=Identificador de la transacción: %s PAYPAL_ADD_PAYMENT_URL=Añadir la url del pago Paypal al enviar un documento por e-mail PAYPAL_IPN_MAIL_ADDRESS=Dirección e-mail para las notificaciones instantáneas de pago (IPN) PredefinedMailContentSendOrderWithPaypalLink=Le adjuntamos el pedido __ORDERREF__\n\nPuede hacer clic en el enlace seguro de abajo para realizar su pago a través de PayPal\n\n%s\n\nCordialmente\n\n -PredefinedMailContentSendInvoiceWithPaypalLink=Le adjuntamos la factura __FACREF__\n\nPuede hacer clic en el enlace seguro de abajo para realizar su pago a través de PayPal\n\n%s\n\nCordialmente\n\n \ No newline at end of file +PredefinedMailContentSendInvoiceWithPaypalLink=Le adjuntamos la factura __FACREF__\n\nPuede hacer clic en el enlace seguro de abajo para realizar su pago a través de PayPal\n\n%s\n\nCordialmente\n\n +YouAreCurrentlyInSandboxMode=Actualmente se encuentra en modo "sandbox" \ No newline at end of file From 1aa3b790050a19b171f603ac3213d2e27aed62d8 Mon Sep 17 00:00:00 2001 From: Regis Houssin Date: Wed, 29 Feb 2012 15:13:14 +0100 Subject: [PATCH 2/6] Fix: [bug #325] --- htdocs/fourn/facture/impayees.php | 19 +++++++++---------- 1 file changed, 9 insertions(+), 10 deletions(-) diff --git a/htdocs/fourn/facture/impayees.php b/htdocs/fourn/facture/impayees.php index fabded05370..194bb318da4 100644 --- a/htdocs/fourn/facture/impayees.php +++ b/htdocs/fourn/facture/impayees.php @@ -1,7 +1,8 @@ - * Copyright (C) 2004 Eric Seigne - * Copyright (C) 2004-2009 Laurent Destailleur +/* Copyright (C) 2002-2005 Rodolphe Quiedeville + * Copyright (C) 2004 Eric Seigne + * Copyright (C) 2004-2009 Laurent Destailleur + * Copyright (C) 2005-2012 Regis Houssin * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -28,14 +29,13 @@ require_once(DOL_DOCUMENT_ROOT.'/fourn/class/fournisseur.class.php'); require_once(DOL_DOCUMENT_ROOT.'/fourn/class/fournisseur.facture.class.php'); require_once(DOL_DOCUMENT_ROOT."/compta/paiement/class/paiement.class.php"); -if (!$user->rights->facture->lire) accessforbidden(); +if (! $user->rights->facture->lire) accessforbidden(); $langs->load("companies"); $langs->load("bills"); - -if ($_GET["socid"]) { $socid=$_GET["socid"]; } +$socid=GETPOST('socid','int'); // Security check if ($user->societe_id > 0) @@ -75,7 +75,7 @@ if (! $sortorder) $sortorder="ASC"; if ($user->rights->fournisseur->facture->lire) { - $sql = "SELECT s.rowid as socid, s.nom"; + $sql = "SELECT s.rowid as socid, s.nom,"; $sql.= " f.rowid as ref, f.facnumber, f.total_ht, f.total_ttc,"; $sql.= " f.datef as df, f.date_lim_reglement as datelimite, "; $sql.= " f.paye as paye, f.rowid as facid, f.fk_statut"; @@ -256,8 +256,7 @@ if ($user->rights->fournisseur->facture->lire) } - -llxFooter(); - +// End of page $db->close(); +llxFooter(); ?> From cb39926768b96b857749a2d6587be971d6023d3f Mon Sep 17 00:00:00 2001 From: Regis Houssin Date: Wed, 29 Feb 2012 23:08:29 +0800 Subject: [PATCH 3/6] New: add "amount" for price treatment and add entity possibility for have custom dictionnary by entities --- htdocs/admin/dict.php | 143 +++++++++++++++++++++++------------------- 1 file changed, 78 insertions(+), 65 deletions(-) diff --git a/htdocs/admin/dict.php b/htdocs/admin/dict.php index 3b5baa48d1e..1328c3b712d 100644 --- a/htdocs/admin/dict.php +++ b/htdocs/admin/dict.php @@ -36,7 +36,10 @@ $langs->load("errors"); $langs->load("admin"); $langs->load("companies"); -$action=GETPOST('action')?GETPOST('action'):'view'; +$action=GETPOST('action','alpha')?GETPOST('action','alpha'):'view'; +$confirm=GETPOST('confirm','alpha'); +$id=GETPOST('id','int'); +$rowid=GETPOST('rowid','int'); if (!$user->admin) accessforbidden(); @@ -296,7 +299,7 @@ complete_dictionnary_with_modules($taborder,$tabname,$tablib,$tabsql,$tabsqlsort // Define elementList and sourceList (used for dictionnary "type of contacts") $elementList = array(); $sourceList=array(); -if (GETPOST('id','int') == 11) +if ($id == 11) { $langs->load("orders"); $langs->load("contracts"); @@ -326,10 +329,10 @@ $msg=''; */ if ($_POST["actionadd"] || $_POST["actionmodify"]) { - $listfield=explode(',',$tabfield[$_POST["id"]]); - $listfieldinsert=explode(',',$tabfieldinsert[$_POST["id"]]); - $listfieldmodify=explode(',',$tabfieldinsert[$_POST["id"]]); - $listfieldvalue=explode(',',$tabfieldvalue[$_POST["id"]]); + $listfield=explode(',',$tabfield[$id]); + $listfieldinsert=explode(',',$tabfieldinsert[$id]); + $listfieldmodify=explode(',',$tabfieldinsert[$id]); + $listfieldvalue=explode(',',$tabfieldvalue[$id]); // Check that all fields are filled $ok=1; @@ -355,7 +358,7 @@ if ($_POST["actionadd"] || $_POST["actionmodify"]) } } // Autres verif - if ($tabname[$_POST["id"]] == MAIN_DB_PREFIX."c_actioncomm" && isset($_POST["type"]) && $_POST["type"]=='system') { + if ($tabname[$id] == MAIN_DB_PREFIX."c_actioncomm" && isset($_POST["type"]) && $_POST["type"]=='system') { $ok=0; $msg.="Value 'system' for type is reserved. You can use 'user' as value to add your own record.
"; } @@ -371,11 +374,11 @@ if ($_POST["actionadd"] || $_POST["actionmodify"]) // Si verif ok et action add, on ajoute la ligne if ($ok && $_POST["actionadd"]) { - if ($tabrowid[$_POST["id"]]) + if ($tabrowid[$id]) { // Recupere id libre pour insertion $newid=0; - $sql = "SELECT max(".$tabrowid[$_POST["id"]].") newid from ".$tabname[$_POST["id"]]; + $sql = "SELECT max(".$tabrowid[$id].") newid from ".$tabname[$id]; $result = $db->query($sql); if ($result) { @@ -388,20 +391,25 @@ if ($_POST["actionadd"] || $_POST["actionmodify"]) } // Add new entry - $sql = "INSERT INTO ".$tabname[$_POST["id"]]." ("; + $sql = "INSERT INTO ".$tabname[$id]." ("; // List of fields - if ($tabrowid[$_POST["id"]] && - ! in_array($tabrowid[$_POST["id"]],$listfieldinsert)) $sql.= $tabrowid[$_POST["id"]].","; - $sql.= $tabfieldinsert[$_POST["id"]]; + if ($tabrowid[$id] && + ! in_array($tabrowid[$id],$listfieldinsert)) $sql.= $tabrowid[$id].","; + $sql.= $tabfieldinsert[$id]; $sql.=",active)"; $sql.= " VALUES("; // List of values - if ($tabrowid[$_POST["id"]] && - ! in_array($tabrowid[$_POST["id"]],$listfieldinsert)) $sql.= $newid.","; + if ($tabrowid[$id] && + ! in_array($tabrowid[$id],$listfieldinsert)) $sql.= $newid.","; $i=0; foreach ($listfieldinsert as $f => $value) { - if ($value == 'price') { $_POST[$listfieldvalue[$i]] = price2num($_POST[$listfieldvalue[$i]],'MU'); } + if ($value == 'price' || preg_match('/^amount/i',$value)) { + $_POST[$listfieldvalue[$i]] = price2num($_POST[$listfieldvalue[$i]],'MU'); + } + else if ($value == 'entity') { + $_POST[$listfieldvalue[$i]] = $conf->entity; + } if ($i) $sql.=","; if ($_POST[$listfieldvalue[$i]] == '') $sql.="null"; else $sql.="'".$db->escape($_POST[$listfieldvalue[$i]])."'"; @@ -413,7 +421,7 @@ if ($_POST["actionadd"] || $_POST["actionmodify"]) $result = $db->query($sql); if ($result) // Add is ok { - $oldid=$_POST["id"]; + $oldid=$id; $_POST=array('id'=>$oldid); // Clean $_POST array, we keep only $_GET["id"]=$_POST["id"]; // Force affichage dictionnaire en cours d'edition } @@ -431,28 +439,33 @@ if ($_POST["actionadd"] || $_POST["actionmodify"]) // Si verif ok et action modify, on modifie la ligne if ($ok && $_POST["actionmodify"]) { - if ($tabrowid[$_POST["id"]]) { $rowidcol=$tabrowid[$_POST["id"]]; } + if ($tabrowid[$id]) { $rowidcol=$tabrowid[$id]; } else { $rowidcol="rowid"; } // Modify entry - $sql = "UPDATE ".$tabname[$_POST["id"]]." SET "; + $sql = "UPDATE ".$tabname[$id]." SET "; // Modifie valeur des champs - if ($tabrowid[$_POST["id"]] && !in_array($tabrowid[$_POST["id"]],$listfieldmodify)) + if ($tabrowid[$id] && !in_array($tabrowid[$id],$listfieldmodify)) { - $sql.= $tabrowid[$_POST["id"]]."="; - $sql.= "'".$db->escape($_POST["rowid"])."', "; + $sql.= $tabrowid[$id]."="; + $sql.= "'".$db->escape($rowid)."', "; } $i = 0; foreach ($listfieldmodify as $field) { - if ($field == 'price') { $_POST[$listfieldvalue[$i]] = price2num($_POST[$listfieldvalue[$i]],'MU'); } + if ($field == 'price' || preg_match('/^amount/i',$field)) { + $_POST[$listfieldvalue[$i]] = price2num($_POST[$listfieldvalue[$i]],'MU'); + } + else if ($field == 'entity') { + $_POST[$listfieldvalue[$i]] = $conf->entity; + } if ($i) $sql.=","; $sql.= $field."="; if ($_POST[$listfieldvalue[$i]] == '') $sql.="null"; else $sql.="'".$db->escape($_POST[$listfieldvalue[$i]])."'"; $i++; } - $sql.= " WHERE ".$rowidcol." = '".$_POST["rowid"]."'"; + $sql.= " WHERE ".$rowidcol." = '".$rowid."'"; dol_syslog("actionmodify sql=".$sql); //print $sql; @@ -472,12 +485,12 @@ if ($_POST["actioncancel"]) $_GET["id"]=$_POST["id"]; // Force affichage dictionnaire en cours d'edition } -if ($_REQUEST['action'] == 'confirm_delete' && $_REQUEST['confirm'] == 'yes') // delete +if ($action == 'confirm_delete' && $confirm == 'yes') // delete { - if ($tabrowid[$_GET["id"]]) { $rowidcol=$tabrowid[$_GET["id"]]; } + if ($tabrowid[$id]) { $rowidcol=$tabrowid[$id]; } else { $rowidcol="rowid"; } - $sql = "DELETE from ".$tabname[$_GET["id"]]." WHERE ".$rowidcol."='".$_GET["rowid"]."'"; + $sql = "DELETE from ".$tabname[$id]." WHERE ".$rowidcol."='".$rowid."'"; dol_syslog("delete sql=".$sql); $result = $db->query($sql); @@ -494,16 +507,16 @@ if ($_REQUEST['action'] == 'confirm_delete' && $_REQUEST['confirm'] == 'yes') } } -if ($_GET["action"] == $acts[0]) // activate +if ($action == $acts[0]) // activate { - if ($tabrowid[$_GET["id"]]) { $rowidcol=$tabrowid[$_GET["id"]]; } + if ($tabrowid[$id]) { $rowidcol=$tabrowid[$id]; } else { $rowidcol="rowid"; } - if ($_GET["rowid"]) { - $sql = "UPDATE ".$tabname[$_GET["id"]]." SET active = 1 WHERE ".$rowidcol."='".$_GET["rowid"]."'"; + if ($rowid) { + $sql = "UPDATE ".$tabname[$id]." SET active = 1 WHERE ".$rowidcol."='".$rowid."'"; } elseif ($_GET["code"]) { - $sql = "UPDATE ".$tabname[$_GET["id"]]." SET active = 1 WHERE code='".$_GET["code"]."'"; + $sql = "UPDATE ".$tabname[$id]." SET active = 1 WHERE code='".$_GET["code"]."'"; } $result = $db->query($sql); @@ -513,16 +526,16 @@ if ($_GET["action"] == $acts[0]) // activate } } -if ($_GET["action"] == $acts[1]) // disable +if ($action == $acts[1]) // disable { - if ($tabrowid[$_GET["id"]]) { $rowidcol=$tabrowid[$_GET["id"]]; } + if ($tabrowid[$id]) { $rowidcol=$tabrowid[$id]; } else { $rowidcol="rowid"; } - if ($_GET["rowid"]) { - $sql = "UPDATE ".$tabname[$_GET["id"]]." SET active = 0 WHERE ".$rowidcol."='".$_GET["rowid"]."'"; + if ($rowid) { + $sql = "UPDATE ".$tabname[$id]." SET active = 0 WHERE ".$rowidcol."='".$rowid."'"; } elseif ($_GET["code"]) { - $sql = "UPDATE ".$tabname[$_GET["id"]]." SET active = 0 WHERE code='".$_GET["code"]."'"; + $sql = "UPDATE ".$tabname[$id]." SET active = 0 WHERE code='".$_GET["code"]."'"; } $result = $db->query($sql); @@ -544,14 +557,14 @@ llxHeader(); $titre=$langs->trans("DictionnarySetup"); $linkback=''; -if ($_GET["id"]) +if ($id) { - $titre.=' - '.$langs->trans($tablib[$_GET["id"]]); + $titre.=' - '.$langs->trans($tablib[$id]); $linkback=''.$langs->trans("BackToDictionnaryList").''; } print_fiche_titre($titre,$linkback,'setup'); -if (empty($_GET["id"])) +if (empty($id)) { print $langs->trans("DictionnaryDesc"); print " ".$langs->trans("OnlyActiveElementsAreShown")."
\n"; @@ -562,21 +575,21 @@ print "
\n"; /* * Confirmation de la suppression de la ligne */ -if ($_GET['action'] == 'delete') +if ($action == 'delete') { - $ret=$form->form_confirm($_SERVER["PHP_SELF"].'?'.($page?'page='.$page.'&':'').'sortfield='.$sortfield.'&sortorder='.$sortorder.'&rowid='.$_GET["rowid"].'&code='.$_GET["code"].'&id='.$_GET["id"], $langs->trans('DeleteLine'), $langs->trans('ConfirmDeleteLine'), 'confirm_delete','',0,1); + $ret=$form->form_confirm($_SERVER["PHP_SELF"].'?'.($page?'page='.$page.'&':'').'sortfield='.$sortfield.'&sortorder='.$sortorder.'&rowid='.$rowid.'&code='.$_GET["code"].'&id='.$id, $langs->trans('DeleteLine'), $langs->trans('ConfirmDeleteLine'), 'confirm_delete','',0,1); if ($ret == 'html') print '
'; } /* * Show a dictionnary */ -if ($_GET["id"]) +if ($id) { dol_htmloutput_mesg($msg); // Complete requete recherche valeurs avec critere de tri - $sql=$tabsql[$_GET["id"]]; + $sql=$tabsql[$id]; if ($_GET["sortfield"]) { // If sort order is "pays", we use pays_code instead @@ -588,29 +601,29 @@ if ($_GET["id"]) } $sql.=", "; // Remove from default sort order the choosed order - $tabsqlsort[$_GET["id"]]=preg_replace('/'.$_GET["sortfield"].' '.$_GET["sortorder"].',/i','',$tabsqlsort[$_GET["id"]]); - $tabsqlsort[$_GET["id"]]=preg_replace('/'.$_GET["sortfield"].',/i','',$tabsqlsort[$_GET["id"]]); + $tabsqlsort[$id]=preg_replace('/'.$_GET["sortfield"].' '.$_GET["sortorder"].',/i','',$tabsqlsort[$id]); + $tabsqlsort[$id]=preg_replace('/'.$_GET["sortfield"].',/i','',$tabsqlsort[$id]); } else { $sql.=" ORDER BY "; } - $sql.=$tabsqlsort[$_GET["id"]]; + $sql.=$tabsqlsort[$id]; $sql.=$db->plimit($listlimit+1,$offset); //print $sql; - $fieldlist=explode(',',$tabfield[$_GET["id"]]); + $fieldlist=explode(',',$tabfield[$id]); print '
'; print ''; print ''; // Form to add a new line - if ($tabname[$_GET["id"]]) + if ($tabname[$id]) { $alabelisused=0; $var=false; - $fieldlist=explode(',',$tabfield[$_GET["id"]]); + $fieldlist=explode(',',$tabfield[$id]); // print '
'; // Line for title @@ -652,7 +665,7 @@ if ($_GET["id"]) if ($fieldlist[$field]=='libelle' || $fieldlist[$field]=='label') $alabelisused=1; } print ''; print ''; @@ -702,7 +715,7 @@ if ($_GET["id"]) if ($num > $listlimit) { print ''; } @@ -737,10 +750,10 @@ if ($_GET["id"]) // Affiche nom du champ if ($showfield) { - print_liste_field_titre($valuetoshow,"dict.php",$fieldlist[$field],($page?'page='.$page.'&':'').'&id='.GETPOST('id','int'),"","",$sortfield,$sortorder); + print_liste_field_titre($valuetoshow,"dict.php",$fieldlist[$field],($page?'page='.$page.'&':'').'&id='.$id,"","",$sortfield,$sortorder); } } - print_liste_field_titre($langs->trans("Status"),"dict.php","active",($page?'page='.$page.'&':'').'&id='.GETPOST('id','int'),"",'align="center"',$sortfield,$sortorder); + print_liste_field_titre($langs->trans("Status"),"dict.php","active",($page?'page='.$page.'&':'').'&id='.$id,"",'align="center"',$sortfield,$sortorder); print ''; print ''; @@ -752,20 +765,20 @@ if ($_GET["id"]) //print_r($obj); print ""; - if ($action == 'edit' && ($_GET["rowid"] == ($obj->rowid?$obj->rowid:$obj->code))) + if ($action == 'edit' && ($rowid == ($obj->rowid?$obj->rowid:$obj->code))) { print ''; print ''; - print ''; + print ''; print ''; - print ''; + print ''; $tmpaction='edit'; - $parameters=array('fieldlist'=>$fieldlist, 'tabname'=>$tabname[$_GET["id"]]); + $parameters=array('fieldlist'=>$fieldlist, 'tabname'=>$tabname[$id]); $reshook=$hookmanager->executeHooks('editDictionaryFieldlist',$parameters,$obj, $tmpaction); // Note that $action and $object may have been modified by some hooks $error=$hookmanager->error; $errors=$hookmanager->errors; - if (empty($reshook)) fieldList($fieldlist,$obj,$tabname[$_GET["id"]]); + if (empty($reshook)) fieldList($fieldlist,$obj,$tabname[$id]); print ''; @@ -773,7 +786,7 @@ if ($_GET["id"]) else { $tmpaction = 'view'; - $parameters=array('fieldlist'=>$fieldlist, 'tabname'=>$tabname[$_GET["id"]]); + $parameters=array('fieldlist'=>$fieldlist, 'tabname'=>$tabname[$id]); $reshook=$hookmanager->executeHooks('viewDictionaryFieldlist',$parameters,$obj, $tmpaction); // Note that $action and $object may have been modified by some hooks $error=$hookmanager->error; $errors=$hookmanager->errors; @@ -801,7 +814,7 @@ if ($_GET["id"]) else if ($fieldlist[$field]=='recuperableonly' || $fieldlist[$field]=='fdm') { $valuetoshow=yn($valuetoshow); } - else if ($fieldlist[$field]=='price') { + else if ($fieldlist[$field]=='price' || preg_match('/^amount/i',$fieldlist[$field])) { $valuetoshow=price($valuetoshow); } else if ($fieldlist[$field]=='libelle_facture') { @@ -882,16 +895,16 @@ if ($_GET["id"]) if (isset($obj->code) && $obj->code == 'EF0') $iserasable=0; if ($obj->type && $obj->type == 'system') $iserasable=0; - if ($iserasable) print ''.$actl[$obj->active].''; + if ($iserasable) print ''.$actl[$obj->active].''; else print $langs->trans("AlwaysActive"); print ""; // Modify link - if ($iserasable) print ''; + if ($iserasable) print ''; else print ''; // Delete link - if ($iserasable) print ''; + if ($iserasable) print ''; else print ''; print "\n"; @@ -1045,7 +1058,7 @@ function fieldList($fieldlist,$obj='',$tabname='') elseif ($fieldlist[$field] == 'libelle_facture') { print ''; } - elseif ($fieldlist[$field] == 'price') { + elseif ($fieldlist[$field] == 'price' || preg_match('/^amount/i',$fieldlist[$field])) { print ''; } elseif ($fieldlist[$field] == 'code') { From 3981d08386c0b8e6673cd86d3de9c8ccab9c8ebb Mon Sep 17 00:00:00 2001 From: simnandez Date: Wed, 29 Feb 2012 16:13:52 +0100 Subject: [PATCH 4/6] Fix: Bad coding --- htdocs/expedition/shipment.php | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/htdocs/expedition/shipment.php b/htdocs/expedition/shipment.php index 1e3f61900c1..f1153362262 100644 --- a/htdocs/expedition/shipment.php +++ b/htdocs/expedition/shipment.php @@ -1,7 +1,8 @@ - * Copyright (C) 2005-2010 Laurent Destailleur - * Copyright (C) 2005-2010 Regis Houssin + * Copyright (C) 2005-2012 Laurent Destailleur + * Copyright (C) 2005-2012 Regis Houssin + * Copyright (C) 2012 Juanjo Menent * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -130,7 +131,7 @@ $formproduct = new FormProduct($db); llxHeader('',$langs->trans('OrderCard'),''); -$id = GETPSOT('id'); +$id = GETPOST('id'); $ref= GETPOST('ref'); if ($id > 0 || ! empty($ref)) { From 45ff7bddb30957801ded861feb7d762df7f754df Mon Sep 17 00:00:00 2001 From: Regis Houssin Date: Thu, 1 Mar 2012 00:28:18 +0800 Subject: [PATCH 5/6] New: Check if there is external models to do asked by plugins --- dev/skeletons/modMyModule.class.php | 1 + htdocs/admin/commande.php | 14 ++++++++++++-- htdocs/admin/facture.php | 16 +++++++++++++--- htdocs/admin/propale.php | 26 ++++++++++++++++++-------- htdocs/core/class/conf.class.php | 2 ++ 5 files changed, 46 insertions(+), 13 deletions(-) diff --git a/dev/skeletons/modMyModule.class.php b/dev/skeletons/modMyModule.class.php index e7b3e95e757..60bc466a907 100644 --- a/dev/skeletons/modMyModule.class.php +++ b/dev/skeletons/modMyModule.class.php @@ -78,6 +78,7 @@ class modMyModule extends DolibarrModules // 'substitutions' => 0, // Set this to 1 if module has its own substitution function file // 'menus' => 0, // Set this to 1 if module has its own menus handler directory // 'barcode' => 0, // Set this to 1 if module has its own barcode directory + // 'models' => 0, // Set this to 1 if module has its own models directory // 'css' => '/mymodule/css/mymodule.css.php', // Set this to relative path of css if module has its own css file // 'hooks' => array('hookcontext1','hookcontext2') // Set here all hooks context managed by module // ); diff --git a/htdocs/admin/commande.php b/htdocs/admin/commande.php index 7f41578058c..0836989d66f 100644 --- a/htdocs/admin/commande.php +++ b/htdocs/admin/commande.php @@ -38,8 +38,8 @@ $langs->load("errors"); if (! $user->admin) accessforbidden(); -$action = GETPOST("action"); -$value = GETPOST("value"); +$action = GETPOST('action','alpha'); +$value = GETPOST('value','alpha'); /* * Actions @@ -242,6 +242,11 @@ print "\n"; clearstatcache(); +// Check if there is external models to do asked by plugins +if (is_array($conf->models_modules) && ! empty($conf->models_modules)) { + $conf->file->dol_document_root = array_merge($conf->file->dol_document_root,$conf->models_modules); +} + foreach ($conf->file->dol_document_root as $dirroot) { $dir = $dirroot . "/core/modules/commande/"; @@ -373,6 +378,11 @@ print "\n"; clearstatcache(); +// Check if there is external models to do asked by plugins +if (is_array($conf->models_modules) && ! empty($conf->models_modules)) { + $conf->file->dol_document_root = array_merge($conf->file->dol_document_root,$conf->models_modules); +} + $var=true; foreach ($conf->file->dol_document_root as $dirroot) { diff --git a/htdocs/admin/facture.php b/htdocs/admin/facture.php index bd145f32ae4..fa4e2f6e0d4 100644 --- a/htdocs/admin/facture.php +++ b/htdocs/admin/facture.php @@ -2,7 +2,7 @@ /* Copyright (C) 2003-2004 Rodolphe Quiedeville * Copyright (C) 2004-2011 Laurent Destailleur * Copyright (C) 2005 Eric Seigne - * Copyright (C) 2005-2011 Regis Houssin + * Copyright (C) 2005-2012 Regis Houssin * Copyright (C) 2008 Raphael Bertrand (Resultic) * * This program is free software; you can redistribute it and/or modify @@ -34,8 +34,8 @@ $langs->load("errors"); if (! $user->admin) accessforbidden(); -$action = GETPOST("action"); -$value = GETPOST("value"); +$action = GETPOST('action','alpha'); +$value = GETPOST('value','alpha'); /* @@ -308,6 +308,11 @@ print ''."\n"; clearstatcache(); +// Check if there is external models to do asked by plugins +if (is_array($conf->models_modules) && ! empty($conf->models_modules)) { + $conf->file->dol_document_root = array_merge($conf->file->dol_document_root,$conf->models_modules); +} + $var=true; foreach ($conf->file->dol_document_root as $dirroot) { @@ -473,6 +478,11 @@ print "\n"; clearstatcache(); +// Check if there is external models to do asked by plugins +if (is_array($conf->models_modules) && ! empty($conf->models_modules)) { + $conf->file->dol_document_root = array_merge($conf->file->dol_document_root,$conf->models_modules); +} + $var=true; foreach ($conf->file->dol_document_root as $dirroot) { diff --git a/htdocs/admin/propale.php b/htdocs/admin/propale.php index 1689a406f88..2e2e15d398e 100644 --- a/htdocs/admin/propale.php +++ b/htdocs/admin/propale.php @@ -4,7 +4,7 @@ * Copyright (C) 2004 Sebastien Di Cintio * Copyright (C) 2004 Benoit Mortier * Copyright (C) 2004 Eric Seigne - * Copyright (C) 2005-2011 Regis Houssin + * Copyright (C) 2005-2012 Regis Houssin * Copyright (C) 2008 Raphael Bertrand (Resultic) * Copyright (C) 2011-2012 Juanjo Menent * @@ -35,11 +35,10 @@ require_once(DOL_DOCUMENT_ROOT."/comm/propal/class/propal.class.php"); $langs->load("admin"); $langs->load("errors"); -if (!$user->admin) -accessforbidden(); +if (! $user->admin) accessforbidden(); -$action =GETPOST("action"); -$value = GETPOST("value"); +$action =GETPOST('action','alpha'); +$value = GETPOST('value','alpha'); /* * Actions @@ -186,7 +185,8 @@ if ($action == 'set') $sql.= ")"; $resql=$db->query($sql); } -if ($action == 'del') + +else if ($action == 'del') { $type='propal'; $sql = "DELETE FROM ".MAIN_DB_PREFIX."document_model"; @@ -199,7 +199,7 @@ if ($action == 'del') } } -if ($action == 'setdoc') +else if ($action == 'setdoc') { $label = GETPOST("label"); $scandir = GETPOST("scandir"); @@ -235,7 +235,7 @@ if ($action == 'setdoc') } } -if ($action == 'setmod') +else if ($action == 'setmod') { // TODO Verifier si module numerotation choisi peut etre active // par appel methode canBeActivated @@ -274,6 +274,11 @@ print ''."\n"; clearstatcache(); +// Check if there is external models to do asked by plugins +if (is_array($conf->models_modules) && ! empty($conf->models_modules)) { + $conf->file->dol_document_root = array_merge($conf->file->dol_document_root,$conf->models_modules); +} + foreach ($conf->file->dol_document_root as $dirroot) { $dir = $dirroot . "/core/modules/propale/"; @@ -405,6 +410,11 @@ print "\n"; clearstatcache(); +// Check if there is external models to do asked by plugins +if (is_array($conf->models_modules) && ! empty($conf->models_modules)) { + $conf->file->dol_document_root = array_merge($conf->file->dol_document_root,$conf->models_modules); +} + $var=true; foreach ($conf->file->dol_document_root as $dirroot) { diff --git a/htdocs/core/class/conf.class.php b/htdocs/core/class/conf.class.php index 84b49901ce8..f8e698e09fb 100644 --- a/htdocs/core/class/conf.class.php +++ b/htdocs/core/class/conf.class.php @@ -58,6 +58,7 @@ class Conf public $triggers_modules = array(); public $menus_modules = array(); public $hooks_modules = array(); + public $models_modules = array(); public $login_modules = array(); public $sms_engine_modules = array(); public $barcode_modules = array(); @@ -163,6 +164,7 @@ class Conf if (! is_array($this->$varname)) { $this->$varname = array(); } $arrValue = @unserialize($value); if (is_array($arrValue) && ! empty($arrValue)) $value = $arrValue; + else if ($partname == 'models' && $value == 1) $value = dol_buildpath('/'.$modulename); else $value = ($value == 1 ? '/'.$modulename.'/core/'.$partname.'/' : $value); $this->$varname = array_merge($this->$varname, array($modulename => $value)); } From c74215093a1e1f736e3faa01f37cfed5e9ab9223 Mon Sep 17 00:00:00 2001 From: simnandez Date: Wed, 29 Feb 2012 17:41:00 +0100 Subject: [PATCH 6/6] Fix: Security --- htdocs/expedition/shipment.php | 84 +++++++++++++++++----------------- 1 file changed, 42 insertions(+), 42 deletions(-) diff --git a/htdocs/expedition/shipment.php b/htdocs/expedition/shipment.php index f1153362262..48b876b92b2 100644 --- a/htdocs/expedition/shipment.php +++ b/htdocs/expedition/shipment.php @@ -45,8 +45,9 @@ $langs->load('propal'); $langs->load('deliveries'); $langs->load('stocks'); -$id=empty($_GET['id']) ? 0 : intVal($_GET['id']); -$action=empty($_GET['action']) ? (empty($_POST['action']) ? '' : $_POST['action']) : $_GET['action']; +$id=GETPOST('id','int'); +$ref= GETPOST('ref','alpha'); +$action=GETPOST('action','alpha'); // Security check $socid=0; @@ -59,35 +60,35 @@ $result=restrictedArea($user,'commande',$id); */ // Categorisation dans projet -if ($_POST['action'] == 'classin') +if ($action == 'classin') { $commande = new Commande($db); - $commande->fetch($_GET['id']); - $commande->setProject($_POST['projectid']); + $commande->fetch($id); + $commande->setProject(GETPOST('projectid','int')); } -if ($_POST["action"] == 'confirm_cloture' && $_POST["confirm"] == 'yes') +if ($action == 'confirm_cloture' && GETPOST('confirm','alpha') == 'yes') { $commande = new Commande($db); - $commande->fetch($_GET["id"]); + $commande->fetch($id); $result = $commande->cloture($user); } // Positionne ref commande client -if ($_POST['action'] == 'setrefcustomer' && $user->rights->commande->creer) +if ($action == 'setrefcustomer' && $user->rights->commande->creer) { $commande = new Commande($db); - $commande->fetch($_GET['id']); - $commande->set_ref_client($user, $_POST['ref_customer']); + $commande->fetch($id); + $commande->set_ref_client($user,GETPOST('ref_customer','alpha')); } -if ($_POST['action'] == 'setdatedelivery' && $user->rights->commande->creer) +if ($action == 'setdatedelivery' && $user->rights->commande->creer) { //print "x ".$_POST['liv_month'].", ".$_POST['liv_day'].", ".$_POST['liv_year']; - $datelivraison=dol_mktime(0, 0, 0, $_POST['liv_month'], $_POST['liv_day'], $_POST['liv_year']); + $datelivraison=dol_mktime(0, 0, 0, GETPOST('liv_month','int'), GETPOST('liv_day','int'),GETPOST('liv_year','int')); $commande = new Commande($db); - $commande->fetch($_GET['id']); + $commande->fetch($id); $result=$commande->set_date_livraison($user,$datelivraison); if ($result < 0) { @@ -95,26 +96,26 @@ if ($_POST['action'] == 'setdatedelivery' && $user->rights->commande->creer) } } -if ($_POST['action'] == 'setdeliveryaddress' && $user->rights->commande->creer) +if ($action == 'setdeliveryaddress' && $user->rights->commande->creer) { $commande = new Commande($db); - $commande->fetch($_GET['id']); - $commande->set_adresse_livraison($user,$_POST['delivery_address_id']); + $commande->fetch($id); + $commande->set_adresse_livraison($user,GETPOST('delivery_address_id','int')); } -if ($_POST['action'] == 'setmode' && $user->rights->commande->creer) +if ($action == 'setmode' && $user->rights->commande->creer) { $commande = new Commande($db); - $commande->fetch($_GET['id']); - $result=$commande->mode_reglement($_POST['mode_reglement_id']); + $commande->fetch($id); + $result=$commande->mode_reglement(GETPOST('mode_reglement_id','int')); if ($result < 0) dol_print_error($db,$commande->error); } -if ($_POST['action'] == 'setconditions' && $user->rights->commande->creer) +if ($action == 'setconditions' && $user->rights->commande->creer) { $commande = new Commande($db); - $commande->fetch($_GET['id']); - $result=$commande->cond_reglement($_POST['cond_reglement_id']); + $commande->fetch($id); + $result=$commande->cond_reglement(GETPOST('mode_reglement_id','int')); if ($result < 0) dol_print_error($db,$commande->error); } @@ -131,12 +132,11 @@ $formproduct = new FormProduct($db); llxHeader('',$langs->trans('OrderCard'),''); -$id = GETPOST('id'); -$ref= GETPOST('ref'); + if ($id > 0 || ! empty($ref)) { $commande = new Commande($db); - if ( $commande->fetch($_GET['id'],$_GET['ref']) > 0) + if ( $commande->fetch($id,$ref) > 0) { $commande->loadExpeditions(1); @@ -154,9 +154,9 @@ if ($id > 0 || ! empty($ref)) /* * Confirmation de la validation */ - if ($_GET["action"] == 'cloture') + if ($action == 'cloture') { - $ret=$form->form_confirm($_SERVER['PHP_SELF']."?id=".$_GET["id"],$langs->trans("CloseOrder"),$langs->trans("ConfirmCloseOrder"),"confirm_cloture"); + $ret=$form->form_confirm($_SERVER['PHP_SELF']."?id=".$id,$langs->trans("CloseOrder"),$langs->trans("ConfirmCloseOrder"),"confirm_cloture"); if ($ret == 'html') print '
'; } @@ -178,10 +178,10 @@ if ($id > 0 || ! empty($ref)) print '
'; - print ''; + print ''; print ' 
'; - print_fleche_navigation($page,$_SERVER["PHP_SELF"],'&id='.GETPOST('id','int'),($num > $listlimit),$langs->trans("Page").' '.($page+1)); + print_fleche_navigation($page,$_SERVER["PHP_SELF"],'&id='.$id,($num > $listlimit),$langs->trans("Page").' '.($page+1)); print '
 
 '; print ' rowid?$obj->rowid:$obj->code).'">'.img_edit().'rowid?$obj->rowid:$obj->code).'">'.img_edit().' '.img_delete().''.img_delete().' 
'; - if ($_GET['action'] != 'RefCustomerOrder' && $commande->brouillon) print ''; + if ($action != 'RefCustomerOrder' && $commande->brouillon) print ''; print '
'; print $langs->trans('RefCustomer').''; print ''.img_edit($langs->trans('Modify')).''.img_edit($langs->trans('Modify')).'
'; print ''; - if ($user->rights->commande->creer && $_GET['action'] == 'RefCustomerOrder') + if ($user->rights->commande->creer && $action == 'RefCustomerOrder') { print ''; print ''; @@ -252,10 +252,10 @@ if ($id > 0 || ! empty($ref)) print $langs->trans('DateDeliveryPlanned'); print ''; - if ($_GET['action'] != 'editdate_livraison') print 'id.'">'.img_edit($langs->trans('SetDeliveryDate'),1).''; + if ($action != 'editdate_livraison') print 'id.'">'.img_edit($langs->trans('SetDeliveryDate'),1).''; print ''; print ''; - if ($_GET['action'] == 'editdate_livraison') + if ($action == 'editdate_livraison') { print ''; print ''; @@ -282,17 +282,17 @@ if ($id > 0 || ! empty($ref)) print $langs->trans('DeliveryAddress'); print ''; - if ($_GET['action'] != 'editdelivery_adress' && $commande->brouillon) print 'socid.'&id='.$commande->id.'">'.img_edit($langs->trans('SetDeliveryAddress'),1).''; + if ($action != 'editdelivery_adress' && $commande->brouillon) print 'socid.'&id='.$commande->id.'">'.img_edit($langs->trans('SetDeliveryAddress'),1).''; print ''; print ''; - if ($_GET['action'] == 'editdelivery_adress') + if ($action == 'editdelivery_adress') { - $formother->form_address($_SERVER['PHP_SELF'].'?id='.$commande->id,$commande->fk_delivery_address,$_GET['socid'],'delivery_address_id','commande',$commande->id); + $formother->form_address($_SERVER['PHP_SELF'].'?id='.$commande->id,$commande->fk_delivery_address,GETPOST('socid','int'),'delivery_address_id','commande',$commande->id); } else { - $formother->form_address($_SERVER['PHP_SELF'].'?id='.$commande->id,$commande->fk_delivery_address,$_GET['socid'],'none','commande',$commande->id); + $formother->form_address($_SERVER['PHP_SELF'].'?id='.$commande->id,$commande->fk_delivery_address,GETPOST('socid','int'),'none','commande',$commande->id); } print ''; } @@ -303,10 +303,10 @@ if ($id > 0 || ! empty($ref)) print $langs->trans('PaymentConditionsShort'); print ''; - if ($_GET['action'] != 'editconditions' && $commande->brouillon) print 'id.'">'.img_edit($langs->trans('SetConditions'),1).''; + if ($action != 'editconditions' && $commande->brouillon) print 'id.'">'.img_edit($langs->trans('SetConditions'),1).''; print ''; print ''; - if ($_GET['action'] == 'editconditions') + if ($action == 'editconditions') { $form->form_conditions_reglement($_SERVER['PHP_SELF'].'?id='.$commande->id,$commande->cond_reglement_id,'cond_reglement_id'); } @@ -321,10 +321,10 @@ if ($id > 0 || ! empty($ref)) print ''; - if ($_GET['action'] != 'editmode' && $commande->brouillon) print ''; + if ($actionº != 'editmode' && $commande->brouillon) print ''; print '
'; print $langs->trans('PaymentMode'); print 'id.'">'.img_edit($langs->trans('SetMode'),1).'id.'">'.img_edit($langs->trans('SetMode'),1).'
'; print ''; - if ($_GET['action'] == 'editmode') + if ($action == 'editmode') { $form->form_modes_reglement($_SERVER['PHP_SELF'].'?id='.$commande->id,$commande->mode_reglement_id,'mode_reglement_id'); } @@ -342,10 +342,10 @@ if ($id > 0 || ! empty($ref)) print ''; - if ($_GET['action'] != 'classify') print ''; + if ($action != 'classify') print ''; print '
'; print $langs->trans('Project'); print ''.img_edit($langs->trans('SetProject')).''.img_edit($langs->trans('SetProject')).'
'; print ''; - if ($_GET['action'] == 'classify') + if ($action == 'classify') { $form->form_project($_SERVER['PHP_SELF'].'?id='.$commande->id, $commande->socid, $commande->fk_project, 'projectid'); } @@ -606,7 +606,7 @@ if ($id > 0 || ! empty($ref)) { if ($user->rights->expedition->creer) { - print ''.$langs->trans("NewSending").''; + print ''.$langs->trans("NewSending").''; if ($reste_a_livrer_total <= 0) { print ' '.img_warning($langs->trans("WarningNoQtyLeftToSend"));