lainwir3d/dolibarr
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'Dolibarr/11.0' into 11

Browse Source
This commit is contained in:
Francis Appels 2020-02-26 12:02:06 +01:00
commit 0d4c784a0e
24 changed files with 222 additions and 84 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
doc/user/README-DE.md Normal file
View File

@ -0,0 +1,12 @@
README (german)
LiesMich (deutsch)
--------------------------------
Benutzeranleitung
--------------------------------
Alle Dolibarr-Informationen sind online verfuegbar ueber die Webseiten:
https://www.dolibarr.de
oder
https://www.dolibarr.org
https://wiki.dolibarr.org

3
htdocs/accountancy/admin/account.php
View File

@ -278,6 +278,8 @@ if ($resql)
<script type="text/javascript">
$(document).ready(function () {
$("#searchFormList").on("submit", function (e) {
//event.preventDefault();
//var form = this;
console.log("chartofaccounts focus = "+$("#chartofaccounts").is(":focus"));
console.log("change_chart focus = "+$("#change_chart").is(":focus"));
if ($("#change_chart").is(":focus"))
@ -285,6 +287,7 @@ if ($resql)
console.log("We set valid_change_chart to 1");
$("#valid_change_chart").val(1);
}
//form.submit();
return true;
});
});

10
htdocs/accountancy/admin/defaultaccounts.php
View File

@ -161,6 +161,7 @@ print '<input type="hidden" name="action" value="update">';
// Define main accounts for thirdparty
print '<table class="noborder centpercent">';
print '<tr class="liste_titre"><td>'.$langs->trans("ThirdParties").' | '.$langs->trans("Users").'</td><td></td></tr>';
foreach ($list_account_main as $key) {
print '<tr class="oddeven value">';
@ -180,15 +181,6 @@ foreach ($list_account_main as $key) {
}
print "</table>\n";
print '<br>';
// Define default accounts
print '<table class="noborder centpercent">';
foreach ($list_account as $key) {
$reg=array();
if (preg_match('/---(.*)---/', $key, $reg)) {

4
htdocs/accountancy/admin/export.php
View File

@ -134,13 +134,13 @@ if ($action == 'update') {
$form = new Form($db);
$title = $langs->trans('ConfigAccountingExpert');
$title = $langs->trans('ExportOptions');
llxHeader('', $title);
$linkback = '';
// $linkback = '<a href="' . DOL_URL_ROOT . '/admin/modules.php?restore_lastsearch_values=1">' . $langs->trans("BackToModuleList") . '</a>';
print load_fiche_titre($langs->trans('ConfigAccountingExpert'), $linkback, 'accountancy');
print load_fiche_titre($langs->trans('ExportOptions'), $linkback, 'accountancy');
print "\n".'<script type="text/javascript" language="javascript">'."\n";

2
htdocs/adherents/note.php
View File

@ -75,7 +75,7 @@ if ($id)
$linkback = '<a href="'.DOL_URL_ROOT.'/adherents/list.php?restore_lastsearch_values=1">'.$langs->trans("BackToList").'</a>';
dol_banner_tab($object, 'rowid', $linkback);
dol_banner_tab($object, 'id', $linkback);
print '<div class="fichecenter">';

59
htdocs/api/class/api_documents.class.php
View File

@ -230,7 +230,7 @@ class Documents extends DolibarrApi
/**
* Return the list of documents of a dedicated element (from its ID or Ref)
*
* @param string $modulepart Name of module or area concerned ('thirdparty', 'member', 'proposal', 'order', 'invoice', 'shipment', 'project', ...)
* @param string $modulepart Name of module or area concerned ('thirdparty', 'member', 'proposal', 'order', 'invoice', 'supplier_invoice', 'shipment', 'project', ...)
* @param int $id ID of element
* @param string $ref Ref of element
* @param string $sortfield Sort criteria ('','fullname','relativename','name','date','size')
@ -355,6 +355,24 @@ class Documents extends DolibarrApi
$upload_dir = $conf->facture->dir_output."/".get_exdir(0, 0, 0, 1, $object, 'invoice');
}
elseif ($modulepart == 'facture_fournisseur' || $modulepart == 'supplier_invoice')
{
$modulepart = 'supplier_invoice';
require_once DOL_DOCUMENT_ROOT.'/fourn/class/fournisseur.facture.class.php';
if (!DolibarrApiAccess::$user->rights->fournisseur->facture->lire) {
throw new RestException(401);
}
$object = new FactureFournisseur($this->db);
$result = $object->fetch($id, $ref);
if (!$result) {
throw new RestException(404, 'Invoice not found');
}
$upload_dir = $conf->fournisseur->dir_output."/facture/".get_exdir($object->id, 2, 0, 0, $object, 'invoice_supplier').dol_sanitizeFileName($object->ref);
}
elseif ($modulepart == 'produit' || $modulepart == 'product')
{
require_once DOL_DOCUMENT_ROOT.'/product/class/product.class.php';
@ -387,6 +405,22 @@ class Documents extends DolibarrApi
$upload_dir = $conf->agenda->dir_output.'/'.dol_sanitizeFileName($object->ref);
}
elseif ($modulepart == 'expensereport')
{
require_once DOL_DOCUMENT_ROOT.'/expensereport/class/expensereport.class.php';
if (!DolibarrApiAccess::$user->rights->expensereport->read && !DolibarrApiAccess::$user->rights->expensereport->read) {
throw new RestException(401);
}
$object = new ExpenseReport($this->db);
$result = $object->fetch($id, $ref);
if (!$result) {
throw new RestException(404, 'Expense report not found');
}
$upload_dir = $conf->expensereport->dir_output.'/'.dol_sanitizeFileName($object->ref);
}
else
{
throw new RestException(500, 'Modulepart '.$modulepart.' not implemented yet.');
@ -418,8 +452,9 @@ class Documents extends DolibarrApi
/**
* Upload a file.
*
* Test sample 1: { "filename": "mynewfile.txt", "modulepart": "facture", "ref": "FA1701-001", "subdir": "", "filecontent": "content text", "fileencoding": "", "overwriteifexists": "0" }.
* Test sample 2: { "filename": "mynewfile.txt", "modulepart": "medias", "ref": "", "subdir": "image/mywebsite", "filecontent": "Y29udGVudCB0ZXh0Cg==", "fileencoding": "base64", "overwriteifexists": "0" }.
* Test sample for invoice: { "filename": "mynewfile.txt", "modulepart": "invoice", "ref": "FA1701-001", "subdir": "", "filecontent": "content text", "fileencoding": "", "overwriteifexists": "0" }.
* Test sample for supplier invoice: { "filename": "mynewfile.txt", "modulepart": "supplier_invoice", "ref": "FA1701-001", "subdir": "", "filecontent": "content text", "fileencoding": "", "overwriteifexists": "0" }.
* Test sample for medias file: { "filename": "mynewfile.txt", "modulepart": "medias", "ref": "", "subdir": "image/mywebsite", "filecontent": "Y29udGVudCB0ZXh0Cg==", "fileencoding": "base64", "overwriteifexists": "0" }.
*
* @param string $filename Name of file to create ('FA1705-0123.txt')
* @param string $modulepart Name of module or area concerned by file upload ('facture', 'project', 'project_task', ...)
@ -476,6 +511,13 @@ class Documents extends DolibarrApi
require_once DOL_DOCUMENT_ROOT.'/compta/facture/class/facture.class.php';
$object = new Facture($this->db);
}
elseif ($modulepart == 'facture_fournisseur' || $modulepart == 'supplier_invoice')
{
$modulepart = 'supplier_invoice';
require_once DOL_DOCUMENT_ROOT.'/fourn/class/fournisseur.facture.class.php';
$object = new FactureFournisseur($this->db);
}
elseif ($modulepart == 'project')
{
require_once DOL_DOCUMENT_ROOT.'/projet/class/project.class.php';
@ -510,6 +552,11 @@ class Documents extends DolibarrApi
require_once DOL_DOCUMENT_ROOT.'/product/class/product.class.php';
$object = new Product($this->db);
}
elseif ($modulepart == 'expensereport')
{
require_once DOL_DOCUMENT_ROOT.'/expensereport/class/expensereport.class.php';
$object = new ExpenseReport($this->db);
}
// TODO Implement additional moduleparts
else
{
@ -535,6 +582,12 @@ class Documents extends DolibarrApi
throw new RestException(404, 'The object '.$modulepart." with ref '".$ref."' was not found.");
}
// Special cases that need to use get_exdir to get real dir of object
// If future, all object should use this to define path of documents.
if ($modulepart == 'supplier_invoice') {
$tmpreldir = get_exdir($object->id, 2, 0, 0, $object, 'invoice_supplier');
}
$relativefile = $tmpreldir.dol_sanitizeFileName($object->ref);
$tmp = dol_check_secure_access_document($modulepart, $relativefile, $entity, DolibarrApiAccess::$user, $ref, 'write');

3
htdocs/comm/remx.php
View File

@ -111,6 +111,7 @@ if ($action == 'confirm_split' && GETPOST("confirm") == 'yes')
$newdiscount1->description = $discount->description.' (1)';
$newdiscount2->description = $discount->description.' (2)';
}
$newdiscount1->fk_user = $discount->fk_user;
$newdiscount2->fk_user = $discount->fk_user;
$newdiscount1->fk_soc = $discount->fk_soc;
@ -121,7 +122,7 @@ if ($action == 'confirm_split' && GETPOST("confirm") == 'yes')
$newdiscount2->datec = $discount->datec;
$newdiscount1->tva_tx = $discount->tva_tx;
$newdiscount2->tva_tx = $discount->tva_tx;
$newdiscount1->amount_ttc = $_POST["amount_ttc_1"];
$newdiscount1->amount_ttc = $amount_ttc_1;
$newdiscount2->amount_ttc = price2num($discount->amount_ttc - $newdiscount1->amount_ttc);
$newdiscount1->amount_ht = price2num($newdiscount1->amount_ttc / (1 + $newdiscount1->tva_tx / 100), 'MT');
$newdiscount2->amount_ht = price2num($newdiscount2->amount_ttc / (1 + $newdiscount2->tva_tx / 100), 'MT');

6
htdocs/compta/bank/account_statement_document.php
View File

@ -137,9 +137,9 @@ if ($id > 0 || !empty($ref)) {
$modulepart = 'bank';
$permission = $user->rights->banque->modifier;
$permtoedit = $user->rights->banque->modifier;
$param = '&id='.$object->id.'&num='.$num;
$uri = '&num='.$num;
$relativepathwithnofile = $id."/statement/".$num."/";
$param = '&id='.$object->id.'&num='.urlencode($num);
$moreparam = '&num='.urlencode($num);;
$relativepathwithnofile = $id."/statement/".dol_sanitizeFileName($num)."/";
include_once DOL_DOCUMENT_ROOT.'/core/tpl/document_actions_post_headers.tpl.php';
}
else {

2
htdocs/compta/bank/releve.php
View File

@ -49,7 +49,7 @@ require_once DOL_DOCUMENT_ROOT.'/core/lib/functions.lib.php';
$langs->loadLangs(array("banks", "categories", "companies", "bills", "trips", "donations", "loan"));
$action = GETPOST('action', 'alpha');
$id = GETPOST('account', 'int');
$id = GETPOST('account', 'int') ? GETPOST('account', 'int') : GETPOST('id', 'int');
$ref = GETPOST('ref', 'alpha');
$dvid = GETPOST('dvid', 'alpha');
$numref = GETPOST('num', 'alpha');

15
htdocs/compta/resultat/clientfourn.php
View File

@ -67,8 +67,7 @@ if (!$sortorder) $sortorder = 'ASC';
// Date range
$year = GETPOST('year', 'int');
if (empty($year))
{
if (empty($year)) {
$year_current = strftime("%Y", dol_now());
$month_current = strftime("%m", dol_now());
$year_start = $year_current;
@ -114,7 +113,7 @@ $tmps = dol_getdate($date_start);
$year_start = $tmps['year'];
$tmpe = dol_getdate($date_end);
$year_end = $tmpe['year'];
$nbofyear = ($year_end - $start_year) + 1;
$nbofyear = ($year_end - $year_start) + 1;
//var_dump("year_start=".$year_start." year_end=".$year_end." nbofyear=".$nbofyear." date_start=".dol_print_date($date_start, 'dayhour')." date_end=".dol_print_date($date_end, 'dayhour'));
// Define modecompta ('CREANCES-DETTES' or 'RECETTES-DEPENSES' or 'BOOKKEEPING')
@ -193,17 +192,21 @@ if (!empty($conf->accounting->enabled) && $modecompta != 'BOOKKEEPING')
}
// Show report array
$param = '&modecompta='.$modecompta;
$param = '&modecompta='.urlencode($modecompta).'&showaccountdetail='.urlencode($showaccountdetail);
if ($date_startday) $param .= '&date_startday='.$date_startday;
if ($date_startmonth) $param .= '&date_startmonth='.$date_startmonth;
if ($date_startyear) $param .= '&date_startyear='.$date_startyear;
if ($date_endday) $param .= '&date_endday='.$date_endday;
if ($date_endmonth) $param .= '&date_endmonth='.$date_endmonth;
if ($date_endyear) $param .= '&date_endyear='.$date_startyear;
if ($date_endyear) $param .= '&date_endyear='.$date_endyear;
print '<table class="noborder centpercent">';
print '<tr class="liste_titre">';
print_liste_field_titre("PredefinedGroups", $_SERVER["PHP_SELF"], 'f.thirdparty_code,f.rowid', '', $param, '', $sortfield, $sortorder, 'width200 ');
if ($modecompta == 'BOOKKEEPING') {
print_liste_field_titre("PredefinedGroups", $_SERVER["PHP_SELF"], 'f.thirdparty_code,f.rowid', '', $param, '', $sortfield, $sortorder, 'width200 ');
} else {
print_liste_field_titre("", $_SERVER["PHP_SELF"], '', '', $param, '', $sortfield, $sortorder, 'width200 ');
}
print_liste_field_titre('');
if ($modecompta == 'BOOKKEEPING')
{

2
htdocs/core/boxes/box_contacts.php
View File

@ -4,6 +4,7 @@
* Copyright (C) 2005-2009 Regis Houssin <regis.houssin@inodbox.com>
* Copyright (C) 2015 Frederic France <frederic.france@free.fr>
* Copyright (C) 2018 Josep Lluís Amador <joseplluis@lliuretic.cat>
* Copyright (C) 2020 Ferran Marcet <fmarcet@2byte.es>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -83,6 +84,7 @@ class box_contacts extends ModeleBoxes
if ($user->rights->societe->lire && $user->rights->societe->contact->lire)
{
$sql = "SELECT sp.rowid as id, sp.lastname, sp.firstname, sp.civility as civility_id, sp.datec, sp.tms, sp.fk_soc, sp.statut as status";
$sql .= ", sp.address, sp.zip, sp.town, sp.phone, sp.phone_perso, sp.phone_mobile, sp.email as spemail";
$sql .= ", s.nom as socname, s.name_alias, s.email as semail";
$sql .= ", s.client, s.fournisseur, s.code_client, s.code_fournisseur";

7
htdocs/core/class/extrafields.class.php
View File

@ -389,6 +389,7 @@ class ExtraFields
if (empty($required)) $required = 0;
if (empty($unique)) $unique = 0;
if (empty($alwayseditable)) $alwayseditable = 0;
if (empty($totalizable)) $totalizable = 0;
if (!empty($attrname) && preg_match("/^\w[a-zA-Z0-9-_]*$/", $attrname) && !is_numeric($attrname))
{
@ -450,7 +451,7 @@ class ExtraFields
$sql .= "'" . $this->db->idate(dol_now()) . "',";
$sql.= " ".($enabled?"'".$this->db->escape($enabled)."'":"1").",";
$sql.= " ".($help?"'".$this->db->escape($help)."'":"null").",";
$sql.= " ".($totalizable?'1':'0');
$sql.= " ".($totalizable?'TRUE':'FALSE');
$sql.=')';
dol_syslog(get_class($this)."::create_label", LOG_DEBUG);
@ -793,7 +794,7 @@ class ExtraFields
$sql .= " '".$this->db->escape($alwayseditable)."',";
$sql .= " '".$this->db->escape($params)."',";
$sql .= " '".$this->db->escape($list)."', ";
$sql .= " ".$totalizable.",";
$sql .= " ".($totalizable?'TRUE':'FALSE').",";
$sql .= " ".(($default != '') ? "'".$this->db->escape($default)."'" : "null").",";
$sql .= " ".($computed ? "'".$this->db->escape($computed)."'" : "null").",";
$sql .= " ".$user->id.",";
@ -932,7 +933,7 @@ class ExtraFields
$this->attributes[$tab->elementtype]['perms'][$tab->name]=(strlen($tab->perms) == 0 ? 1 : $tab->perms);
$this->attributes[$tab->elementtype]['langfile'][$tab->name]=$tab->langs;
$this->attributes[$tab->elementtype]['list'][$tab->name]=$tab->list;
$this->attributes[$tab->elementtype]['totalizable'][$tab->name]=$tab->totalizable;
$this->attributes[$tab->elementtype]['totalizable'][$tab->name]=($tab->totalizable ? 1 : 0);
$this->attributes[$tab->elementtype]['entityid'][$tab->name]=$tab->entity;
$this->attributes[$tab->elementtype]['enabled'][$tab->name]=$tab->enabled;
$this->attributes[$tab->elementtype]['help'][$tab->name]=$tab->help;

2
htdocs/core/lib/functions.lib.php
View File

@ -1301,7 +1301,7 @@ function dol_get_fiche_head($links = array(), $active = '', $title = '', $notab
$tabsname = str_replace("@", "", $picto);
$out .= '<div id="moretabs'.$tabsname.'" class="inline-block tabsElem">';
$out .= '<a href="#" class="tab moretab inline-block tabunactive reposition">'.$langs->trans("More").'... ('.$nbintab.')</a>';
$out .= '<div id="moretabsList'.$tabsname.'" style="position: absolute; '.$left.': -999em; text-align: '.$left.'; margin:0px; padding:2px">';
$out .= '<div id="moretabsList'.$tabsname.'" style="position: absolute; '.$left.': -999em; text-align: '.$left.'; margin:0px; padding:2px; z-index:10;">';
$out .= $outmore;
$out .= '</div>';
$out .= '<div></div>';

4
htdocs/core/lib/security.lib.php
View File

@ -107,7 +107,7 @@ function dol_decode($chain, $key = '1')
* If constant MAIN_SECURITY_SALT is defined, we use it as a salt (used only if hashing algorightm is something else than 'password_hash').
*
* @param string $chain String to hash
* @param string $type Type of hash ('0':auto will use MAIN_SECURITY_HASH_ALGO else md5, '1':sha1, '2':sha1+md5, '3':md5, '4':md5 for OpenLdap, '5':sha256). Use '3' here, if hash is not needed for security purpose, for security need, prefer '0'.
* @param string $type Type of hash ('0':auto will use MAIN_SECURITY_HASH_ALGO else md5, '1':sha1, '2':sha1+md5, '3':md5, '4':md5 for OpenLdap with no salt, '5':sha256). Use '3' here, if hash is not needed for security purpose, for security need, prefer '0'.
* @return string Hash of string
* @see getRandomPassword()
*/
@ -122,7 +122,7 @@ function dol_hash($chain, $type = '0')
}
// Salt value
if (!empty($conf->global->MAIN_SECURITY_SALT)) $chain = $conf->global->MAIN_SECURITY_SALT.$chain;
if (! empty($conf->global->MAIN_SECURITY_SALT) && $type != '4' && $type !== 'md5openldap') $chain = $conf->global->MAIN_SECURITY_SALT.$chain;
if ($type == '1' || $type == 'sha1') return sha1($chain);
elseif ($type == '2' || $type == 'sha1md5') return sha1(md5($chain));

7
htdocs/core/modules/facture/doc/pdf_crabe.modules.php
View File

@ -1102,10 +1102,9 @@ class pdf_crabe extends ModelePDFFactures
// If payment mode not forced or forced to VIR, show payment with BAN
if (empty($object->mode_reglement_code) || $object->mode_reglement_code == 'VIR')
{
if (!empty($object->fk_account) || !empty($object->fk_bank) || !empty($conf->global->FACTURE_RIB_NUMBER))
{
$bankid = (empty($object->fk_account) ? $conf->global->FACTURE_RIB_NUMBER : $object->fk_account);
if (!empty($object->fk_bank)) $bankid = $object->fk_bank; // For backward compatibility when object->fk_account is forced with object->fk_bank
if ($object->fk_account > 0 || $object->fk_bank > 0 || !empty($conf->global->FACTURE_RIB_NUMBER)) {
$bankid = ($object->fk_account <= 0 ? $conf->global->FACTURE_RIB_NUMBER : $object->fk_account);
if ($object->fk_bank > 0) $bankid = $object->fk_bank; // For backward compatibility when object->fk_account is forced with object->fk_bank
$account = new Account($this->db);
$account->fetch($bankid);

7
htdocs/core/modules/facture/doc/pdf_sponge.modules.php
View File

@ -1178,10 +1178,9 @@ class pdf_sponge extends ModelePDFFactures
// If payment mode not forced or forced to VIR, show payment with BAN
if (empty($object->mode_reglement_code) || $object->mode_reglement_code == 'VIR')
{
if (!empty($object->fk_account) || !empty($object->fk_bank) || !empty($conf->global->FACTURE_RIB_NUMBER))
{
$bankid = (empty($object->fk_account) ? $conf->global->FACTURE_RIB_NUMBER : $object->fk_account);
if (!empty($object->fk_bank)) $bankid = $object->fk_bank; // For backward compatibility when object->fk_account is forced with object->fk_bank
if ($object->fk_account > 0 || $object->fk_bank > 0 || !empty($conf->global->FACTURE_RIB_NUMBER)) {
$bankid = ($object->fk_account <= 0 ? $conf->global->FACTURE_RIB_NUMBER : $object->fk_account);
if ($object->fk_bank > 0) $bankid = $object->fk_bank; // For backward compatibility when object->fk_account is forced with object->fk_bank
$account = new Account($this->db);
$account->fetch($bankid);

8
htdocs/core/modules/modSociete.class.php
View File

@ -684,7 +684,9 @@ class modSociete extends DolibarrModules
'sr.domiciliation' => "BankAccountDomiciliation",
'sr.proprio' => "BankAccountOwner",
'sr.owner_address' => "BankAccountOwnerAddress",
'sr.default_rib' => 'Default'
'sr.default_rib' => 'Default',
'sr.rum' => 'RUM',
'sr.type' => "Type ban is defaut",
);
$this->import_convertvalue_array[$r] = array(
@ -711,7 +713,9 @@ class modSociete extends DolibarrModules
'sr.domiciliation' => 'bank branch address eg. "PARIS"',
'sr.proprio' => 'name on the bank account',
'sr.owner_address' => 'address of account holder',
'sr.default_rib' => '1 (default account) / 0 (not default)'
'sr.default_rib' => '1 (default account) / 0 (not default)',
'sr.rum' => 'RUM code',
'sr.type' => 'ban',
);
// Import Company Sales representatives

49
htdocs/core/photos_resize.php
View File

@ -38,6 +38,10 @@ $original_file = GETPOST("file");
$backtourl = GETPOST('backtourl');
$cancel = GETPOST('cancel', 'alpha');
$file = GETPOST('file', 'alpha');
$num = GETPOST('num', 'alpha'); // Used for document on bank statement
// Security check
if (empty($modulepart)) accessforbidden('Bad value for modulepart');
$accessallowed = 0;
@ -249,19 +253,25 @@ else {
if (empty($backtourl))
{
if (in_array($modulepart, array('product', 'produit', 'service', 'produit|service'))) $backtourl = DOL_URL_ROOT."/product/document.php?id=".$id.'&file='.urldecode($_POST["file"]);
elseif (in_array($modulepart, array('expensereport'))) $backtourl = DOL_URL_ROOT."/expensereport/document.php?id=".$id.'&file='.urldecode($_POST["file"]);
elseif (in_array($modulepart, array('holiday'))) $backtourl = DOL_URL_ROOT."/holiday/document.php?id=".$id.'&file='.urldecode($_POST["file"]);
elseif (in_array($modulepart, array('member'))) $backtourl = DOL_URL_ROOT."/adherents/document.php?id=".$id.'&file='.urldecode($_POST["file"]);
elseif (in_array($modulepart, array('project'))) $backtourl = DOL_URL_ROOT."/projet/document.php?id=".$id.'&file='.urldecode($_POST["file"]);
elseif (in_array($modulepart, array('propal'))) $backtourl = DOL_URL_ROOT."/comm/propal/document.php?id=".$id.'&file='.urldecode($_POST["file"]);
elseif (in_array($modulepart, array('societe'))) $backtourl = DOL_URL_ROOT."/societe/document.php?id=".$id.'&file='.urldecode($_POST["file"]);
elseif (in_array($modulepart, array('tax'))) $backtourl = DOL_URL_ROOT."/compta/sociales/document.php?id=".$id.'&file='.urldecode($_POST["file"]);
elseif (in_array($modulepart, array('ticket'))) $backtourl = DOL_URL_ROOT."/ticket/document.php?id=".$id.'&file='.urldecode($_POST["file"]);
elseif (in_array($modulepart, array('user'))) $backtourl = DOL_URL_ROOT."/user/document.php?id=".$id.'&file='.urldecode($_POST["file"]);
elseif (in_array($modulepart, array('bank'))) $backtourl = DOL_URL_ROOT."/compta/bank/document.php?id=".$id.'&file='.urldecode($_POST["file"]);
elseif (in_array($modulepart, array('mrp'))) $backtourl = DOL_URL_ROOT."/mrp/mo_document.php?id=".$id.'&file='.urldecode($_POST["file"]);
else $backtourl = DOL_URL_ROOT."/".$modulepart."/".$modulepart."_document.php?id=".$id.'&file='.urldecode($_POST["file"]);
$regs = array();
if (in_array($modulepart, array('product', 'produit', 'service', 'produit|service'))) $backtourl = DOL_URL_ROOT."/product/document.php?id=".$id.'&file='.urldecode($file);
elseif (in_array($modulepart, array('expensereport'))) $backtourl = DOL_URL_ROOT."/expensereport/document.php?id=".$id.'&file='.urldecode($file);
elseif (in_array($modulepart, array('holiday'))) $backtourl = DOL_URL_ROOT."/holiday/document.php?id=".$id.'&file='.urldecode($file);
elseif (in_array($modulepart, array('member'))) $backtourl = DOL_URL_ROOT."/adherents/document.php?id=".$id.'&file='.urldecode($file);
elseif (in_array($modulepart, array('project'))) $backtourl = DOL_URL_ROOT."/projet/document.php?id=".$id.'&file='.urldecode($file);
elseif (in_array($modulepart, array('propal'))) $backtourl = DOL_URL_ROOT."/comm/propal/document.php?id=".$id.'&file='.urldecode($file);
elseif (in_array($modulepart, array('societe'))) $backtourl = DOL_URL_ROOT."/societe/document.php?id=".$id.'&file='.urldecode($file);
elseif (in_array($modulepart, array('tax'))) $backtourl = DOL_URL_ROOT."/compta/sociales/document.php?id=".$id.'&file='.urldecode($file);
elseif (in_array($modulepart, array('ticket'))) $backtourl = DOL_URL_ROOT."/ticket/document.php?id=".$id.'&file='.urldecode($file);
elseif (in_array($modulepart, array('user'))) $backtourl = DOL_URL_ROOT."/user/document.php?id=".$id.'&file='.urldecode($file);
elseif (in_array($modulepart, array('bank')) && preg_match('/\/statement\/([^\/]+)\//', $file, $regs)) {
$num = $regs[1];
$backtourl = DOL_URL_ROOT."/compta/bank/account_statement_document.php?id=".$id.'&num='.urlencode($num).'&file='.urldecode($file);
}
elseif (in_array($modulepart, array('bank'))) $backtourl = DOL_URL_ROOT."/compta/bank/document.php?id=".$id.'&file='.urldecode($file);
elseif (in_array($modulepart, array('mrp'))) $backtourl = DOL_URL_ROOT."/mrp/mo_document.php?id=".$id.'&file='.urldecode($file);
else $backtourl = DOL_URL_ROOT."/".$modulepart."/".$modulepart."_document.php?id=".$id.'&file='.urldecode($file);
}
@ -283,11 +293,11 @@ if ($cancel)
}
}
if ($action == 'confirm_resize' && (isset($_POST["file"]) != "") && (isset($_POST["sizex"]) != "") && (isset($_POST["sizey"]) != ""))
if ($action == 'confirm_resize' && GETPOSTISSET("file") && GETPOSTISSET("sizex") && GETPOSTISSET("sizey"))
{
$fullpath = $dir."/".$original_file;
$result = dol_imageResizeOrCrop($fullpath, 0, $_POST['sizex'], $_POST['sizey']);
$result = dol_imageResizeOrCrop($fullpath, 0, GETPOST('sizex', 'int'), GETPOST('sizey', 'int'));
if ($result == $fullpath)
{
@ -357,7 +367,7 @@ if ($action == 'confirm_crop')
$fullpath = $dir."/".$original_file;
//var_dump($_POST['w'].'x'.$_POST['h'].'-'.$_POST['x'].'x'.$_POST['y']);exit;
$result = dol_imageResizeOrCrop($fullpath, 1, $_POST['w'], $_POST['h'], $_POST['x'], $_POST['y']);
$result = dol_imageResizeOrCrop($fullpath, 1, GETPOST('w', 'int'), GETPOST('h', 'int'), GETPOST('x', 'int'), GETPOST('y', 'int'));
if ($result == $fullpath)
{
@ -445,7 +455,7 @@ print '<br>'."\n";
*/
print '<!-- Form to resize -->'."\n";
print '<form name="redim_file" action="'.$_SERVER["PHP_SELF"].'?id='.$id.'" method="POST">';
print '<form name="redim_file" action="'.$_SERVER["PHP_SELF"].'?id='.$id.($num ? '&num='.$num : '').'" method="POST">';
print '<input type="hidden" name="token" value="'.newToken().'">';
print '<fieldset id="redim_file">';
@ -454,7 +464,7 @@ print $langs->trans("ResizeDesc").'<br>';
print $langs->trans("NewLength").': <input name="sizex" type="number" class="flat maxwidth50"> px &nbsp; '.$langs->trans("or").' &nbsp; ';
print $langs->trans("NewHeight").': <input name="sizey" type="number" class="flat maxwidth50"> px &nbsp; <br>';
print '<input type="hidden" name="file" value="'.dol_escape_htmltag(GETPOST('file')).'" />';
print '<input type="hidden" name="file" value="'.dol_escape_htmltag($file).'" />';
print '<input type="hidden" name="action" value="confirm_resize" />';
print '<input type="hidden" name="product" value="'.$id.'" />';
print '<input type="hidden" name="modulepart" value="'.dol_escape_htmltag($modulepart).'" />';
@ -497,7 +507,8 @@ if (!empty($conf->use_javascript_ajax))
print '<img src="'.DOL_URL_ROOT.'/viewimage.php?modulepart='.$modulepart.'&entity='.$object->entity.'&file='.urlencode($original_file).'" alt="" id="cropbox" width="'.$widthforcrop.'px"/>';
print '</div>';
print '</div><br>';
print '<form action="'.$_SERVER["PHP_SELF"].'?id='.$id.'" method="POST">';
print '<form action="'.$_SERVER["PHP_SELF"].'?id='.$id.($num ? '&num='.$num : '').'" method="POST">';
print '<input type="hidden" name="token" value="'.newToken().'">';
print '
<div class="jc_coords">

3
htdocs/core/tpl/document_actions_post_headers.tpl.php
View File

@ -23,6 +23,7 @@
// $permissiontoadd = permission or not to add a file (can use also $permission) and permission or not to edit file name or crop file (can use also $permtoedit)
// $modulepart = for download
// $param = param to add to download links
// $moreparam = param to add to download link for the form_attach_new_file function
// $upload_dir
// $object
// $filearray
@ -109,7 +110,7 @@ if (!isset($savingdocmask) || !empty($conf->global->MAIN_DISABLE_SUGGEST_REF_AS_
// Show upload form (document and links)
$formfile->form_attach_new_file(
$_SERVER["PHP_SELF"].'?id='.$object->id.(empty($withproject)?'':'&withproject=1'),
$_SERVER["PHP_SELF"].'?id='.$object->id.(empty($withproject)?'':'&withproject=1').(empty($moreparam)?'':$moreparam),
'',
0,
0,

37
htdocs/expensereport/class/api_expensereports.class.php
View File

@ -33,7 +33,7 @@ class ExpenseReports extends DolibarrApi
* @var array $FIELDS Mandatory fields, checked when create and update object
*/
static $FIELDS = array(
'socid'
'fk_user_author'
);
/**
@ -384,6 +384,10 @@ class ExpenseReports extends DolibarrApi
* @param array $request_data Datas
*
* @return int
*
* @throws RestException 401 Not allowed
* @throws RestException 404 Expense report not found
* @throws RestException 500
*/
public function put($id, $request_data = null)
{
@ -501,6 +505,11 @@ class ExpenseReports extends DolibarrApi
// phpcs:enable
$object = parent::_cleanObjectDatas($object);
unset($object->fk_statut);
unset($object->statut);
unset($object->user);
unset($object->thirdparty);
unset($object->cond_reglement);
unset($object->shipping_method_id);
@ -509,6 +518,32 @@ class ExpenseReports extends DolibarrApi
unset($object->barcode_type_label);
unset($object->barcode_type_coder);
unset($object->code_paiement);
unset($object->code_statut);
unset($object->fk_c_paiement);
unset($object->fk_incoterms);
unset($object->label_incoterms);
unset($object->location_incoterms);
unset($object->mode_reglement_id);
unset($object->cond_reglement_id);
unset($object->name);
unset($object->lastname);
unset($object->firstname);
unset($object->civility_id);
unset($object->cond_reglement_id);
unset($object->contact);
unset($object->contact_id);
unset($object->state);
unset($object->state_id);
unset($object->state_code);
unset($object->country);
unset($object->country_id);
unset($object->country_code);
unset($object->note); // We already use note_public and note_pricate
return $object;
}

51
htdocs/expensereport/class/expensereport.class.php
View File

@ -58,19 +58,20 @@ class ExpenseReport extends CommonObject
public $date_fin;
/**
* 0=draft, 2=validated (attente approb), 4=canceled, 5=approved, 6=payed, 99=denied
*
* @var int Status
*/
public $status;
public $fk_statut; // -- 0=draft, 2=validated (attente approb), 4=canceled, 5=approved, 6=payed, 99=denied
public $fk_statut;
public $fk_c_paiement;
public $paid;
public $user_author_infos;
public $user_validator_infos;
public $fk_typepayment;
public $num_payment;
public $code_paiement;
public $code_statut;
// ACTIONS
// Create
@ -285,10 +286,33 @@ class ExpenseReport extends CommonObject
{
if (is_array($this->lines) && count($this->lines) > 0)
{
foreach ($this->lines as $i => $val)
foreach ($this->lines as $line)
{
// Test and convert into object this->lines[$i]. When coming from REST API, we may still have an array
//if (! is_object($line)) $line=json_decode(json_encode($line), false); // convert recursively array into object.
if (!is_object($line)) {
$line = (object) $line;
$newndfline = new ExpenseReportLine($this->db);
$newndfline->fk_expensereport = $line->fk_expensereport;
$newndfline->fk_c_type_fees = $line->fk_c_type_fees;
$newndfline->fk_project = $line->fk_project;
$newndfline->vatrate = $line->vatrate;
$newndfline->vat_src_code = $line->vat_src_code;
$newndfline->comments = $line->comments;
$newndfline->qty = $line->qty;
$newndfline->value_unit = $line->value_unit;
$newndfline->total_ht = $line->total_ht;
$newndfline->total_ttc = $line->total_ttc;
$newndfline->total_tva = $line->total_tva;
$newndfline->date = $line->date;
$newndfline->rule_warning_message = $line->rule_warning_message;
$newndfline->fk_c_exp_tax_cat = $line->fk_c_exp_tax_cat;
$newndfline->fk_ecm_files = $line->fk_ecm_files;
}
else {
$newndfline = $line;
}
//$newndfline=new ExpenseReportLine($this->db);
$newndfline = $this->lines[$i];
$newndfline->fk_expensereport = $this->id;
$result = $newndfline->insert();
if ($result < 0)
@ -514,10 +538,8 @@ class ExpenseReport extends CommonObject
$sql .= " d.date_debut, d.date_fin, d.date_create, d.tms as date_modif, d.date_valid, d.date_approve,"; // DATES (datetime)
$sql .= " d.fk_user_author, d.fk_user_modif, d.fk_user_validator,";
$sql .= " d.fk_user_valid, d.fk_user_approve,";
$sql .= " d.fk_statut as status, d.fk_c_paiement, d.paid,";
$sql .= " dp.libelle as label_payment, dp.code as code_paiement"; // INNER JOIN paiement
$sql .= " d.fk_statut as status, d.fk_c_paiement, d.paid";
$sql .= " FROM ".MAIN_DB_PREFIX.$this->table_element." as d";
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."c_paiement as dp ON d.fk_c_paiement = dp.id";
if ($ref) $sql .= " WHERE d.ref = '".$this->db->escape($ref)."'";
else $sql .= " WHERE d.rowid = ".$id;
//$sql.= $restrict;
@ -566,7 +588,7 @@ class ExpenseReport extends CommonObject
elseif ($this->fk_user_validator > 0) $user_approver->fetch($this->fk_user_validator); // For backward compatibility
$this->user_validator_infos = dolGetFirstLastname($user_approver->firstname, $user_approver->lastname);
$this->fk_statut = $obj->status;
$this->fk_statut = $obj->status; // deprecated
$this->status = $obj->status;
$this->fk_c_paiement = $obj->fk_c_paiement;
$this->paid = $obj->paid;
@ -578,9 +600,6 @@ class ExpenseReport extends CommonObject
$this->user_valid_infos = dolGetFirstLastname($user_valid->firstname, $user_valid->lastname);
}
$this->code_statut = $obj->code_statut;
$this->code_paiement = $obj->code_paiement;
$this->lines = array();
$result = $this->fetch_lines();
@ -2650,7 +2669,7 @@ class ExpenseReportLine
$sql .= " ".$this->db->escape($this->total_ht).",";
$sql .= " ".$this->db->escape($this->total_tva).",";
$sql .= " ".$this->db->escape($this->total_ttc).",";
$sql .= "'".$this->db->idate($this->date)."',";
$sql .= " '".$this->db->idate($this->date)."',";
$sql .= " '".$this->db->escape($this->rule_warning_message)."',";
$sql .= " ".$this->db->escape($this->fk_c_exp_tax_cat).",";
$sql .= " ".($this->fk_ecm_files > 0 ? $this->fk_ecm_files : 'null');

8
htdocs/fourn/facture/card.php
View File

@ -657,7 +657,7 @@ if (empty($reshook))
$_GET['socid'] = $_POST['socid'];
$error++;
}
if (!($_POST['fac_replacement'] > 0)) {
if (! (GETPOST('fac_replacement', 'int') > 0)) {
$error++;
setEventMessages($langs->trans("ErrorFieldRequired", $langs->transnoentitiesnoconv("ReplaceInvoice")), null, 'errors');
}
@ -870,7 +870,7 @@ if (empty($reshook))
if (!$error && $_POST['origin'] && $_POST['originid'])
{
// Parse element/subelement (ex: project_task)
$element = $subelement = GETPOST('origin');
$element = $subelement = GETPOST('origin', 'alpha');
/*if (preg_match('/^([^_]+)_([^_]+)/i',$_POST['origin'],$regs))
{
$element = $regs[1];
@ -894,8 +894,8 @@ if (empty($reshook))
{
$element = 'projet';
}
$object->origin = GETPOST('origin');
$object->origin_id = GETPOST('originid');
$object->origin = GETPOST('origin', 'alpha');
$object->origin_id = GETPOST('originid', 'int');
require_once DOL_DOCUMENT_ROOT.'/'.$element.'/class/'.$subelement.'.class.php';

3
htdocs/install/mysql/migration/10.0.0-11.0.0.sql
View File

@ -59,11 +59,14 @@ ALTER TABLE llx_emailcollector_emailcollectoraction ADD COLUMN position integer
-- For v11
ALTER TABLE llx_product_price MODIFY COLUMN tva_tx double(6,3) DEFAULT 0 NOT NULL;
ALTER TABLE llx_facturedet MODIFY COLUMN situation_percent real DEFAULT 100;
UPDATE llx_facturedet SET situation_percent = 100 WHERE situation_percent IS NULL AND fk_prev_id IS NULL;
-- Set country to null for deprecated accounting system (there is now one per country)
UPDATE llx_accounting_system SET fk_country = NULL, active = 0 WHERE pcg_version = 'SYSCOHADA';
INSERT INTO llx_accounting_system (fk_country, pcg_version, label, active) VALUES ( 20, 'BAS-K1-MINI', 'The Swedish mini chart of accounts', 1);
ALTER TABLE llx_c_action_trigger MODIFY COLUMN elementtype varchar(64) NOT NULL;

2
htdocs/install/upgrade2.php
View File

@ -5024,7 +5024,7 @@ function migrate_users_socialnetworks()
$obj->socialnetworks = '[]';
}
$socialnetworks = array_merge($arraysocialnetworks, json_decode($obj->socialnetworks, true));
$sqlupd = 'UPDATE '.MAIN_DB_PREFIX.'user SET socialnetworks="'.$db->escape(json_encode($socialnetworks, true)).'"';
$sqlupd = 'UPDATE '.MAIN_DB_PREFIX."user SET socialnetworks='".$db->escape(json_encode($socialnetworks, true))."'";
$sqlupd.= ', skype=null';
$sqlupd.= ', twitter=null';
$sqlupd.= ', facebook=null';