From 52e2e71b00c8d630c9bbb7bd45823e7c7679e567 Mon Sep 17 00:00:00 2001 From: FLIO Date: Wed, 21 Dec 2022 11:57:07 +0100 Subject: [PATCH 001/227] Fix(scrutinizer) --- htdocs/public/project/new.php | 68 +++++++++++++++++------------------ 1 file changed, 34 insertions(+), 34 deletions(-) diff --git a/htdocs/public/project/new.php b/htdocs/public/project/new.php index 7603c046006..62951407fd1 100644 --- a/htdocs/public/project/new.php +++ b/htdocs/public/project/new.php @@ -338,50 +338,50 @@ if (empty($reshook) && $action == 'add') { require_once DOL_DOCUMENT_ROOT.'/core/class/CMailFile.class.php'; $object = $proj; - if ($object->email) { - $subject = ''; - $msg = ''; + // if ($object->email) { + // $subject = ''; + // $msg = ''; - // Send subscription email - include_once DOL_DOCUMENT_ROOT.'/core/class/html.formmail.class.php'; - $formmail = new FormMail($db); - // Set output language - $outputlangs = new Translate('', $conf); - $outputlangs->setDefaultLang(empty($object->thirdparty->default_lang) ? $mysoc->default_lang : $object->thirdparty->default_lang); - // Load traductions files required by page - $outputlangs->loadLangs(array("main", "members", "projects")); - // Get email content from template - $arraydefaultmessage = null; - $labeltouse = $conf->global->PROJECT_EMAIL_TEMPLATE_AUTOLEAD; + // // Send subscription email + // include_once DOL_DOCUMENT_ROOT.'/core/class/html.formmail.class.php'; + // $formmail = new FormMail($db); + // // Set output language + // $outputlangs = new Translate('', $conf); + // $outputlangs->setDefaultLang(empty($object->thirdparty->default_lang) ? $mysoc->default_lang : $object->thirdparty->default_lang); + // // Load traductions files required by page + // $outputlangs->loadLangs(array("main", "members", "projects")); + // // Get email content from template + // $arraydefaultmessage = null; + // $labeltouse = $conf->global->PROJECT_EMAIL_TEMPLATE_AUTOLEAD; - if (!empty($labeltouse)) { - $arraydefaultmessage = $formmail->getEMailTemplate($db, 'project', $user, $outputlangs, 0, 1, $labeltouse); - } + // if (!empty($labeltouse)) { + // $arraydefaultmessage = $formmail->getEMailTemplate($db, 'project', $user, $outputlangs, 0, 1, $labeltouse); + // } - if (!empty($labeltouse) && is_object($arraydefaultmessage) && $arraydefaultmessage->id > 0) { - $subject = $arraydefaultmessage->topic; - $msg = $arraydefaultmessage->content; - } - if (empty($labeltosue)) { - $labeltouse = '['.$mysoc->name.'] '.$langs->trans("YourMessage"); - $msg = $langs->trans("YourMessageHasBeenReceived"); - } + // if (!empty($labeltouse) && is_object($arraydefaultmessage) && $arraydefaultmessage->id > 0) { + // $subject = $arraydefaultmessage->topic; + // $msg = $arraydefaultmessage->content; + // } + // if (empty($labeltosue)) { + // $labeltouse = '['.$mysoc->name.'] '.$langs->trans("YourMessage"); + // $msg = $langs->trans("YourMessageHasBeenReceived"); + // } - $substitutionarray = getCommonSubstitutionArray($outputlangs, 0, null, $object); - complete_substitutions_array($substitutionarray, $outputlangs, $object); - $subjecttosend = make_substitutions($subject, $substitutionarray, $outputlangs); - $texttosend = make_substitutions($msg, $substitutionarray, $outputlangs); + // $substitutionarray = getCommonSubstitutionArray($outputlangs, 0, null, $object); + // complete_substitutions_array($substitutionarray, $outputlangs, $object); + // $subjecttosend = make_substitutions($subject, $substitutionarray, $outputlangs); + // $texttosend = make_substitutions($msg, $substitutionarray, $outputlangs); - if ($subjecttosend && $texttosend) { - $moreinheader = 'X-Dolibarr-Info: send_an_email by public/lead/new.php'."\r\n"; + // if ($subjecttosend && $texttosend) { + // $moreinheader = 'X-Dolibarr-Info: send_an_email by public/lead/new.php'."\r\n"; - $result = $object->send_an_email($texttosend, $subjecttosend, array(), array(), array(), "", "", 0, -1, '', $moreinheader); - } + // $result = $object->send_an_email($texttosend, $subjecttosend, array(), array(), array(), "", "", 0, -1, '', $moreinheader); + // } /*if ($result < 0) { $error++; setEventMessages($object->error, $object->errors, 'errors'); }*/ - } + // } if (!empty($backtopage)) { $urlback = $backtopage; From 9e353c328432eaa5b340605f7a5011e90db73cd4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20FRANCE?= Date: Thu, 19 Jan 2023 11:55:41 +0100 Subject: [PATCH 002/227] fix undeclared properties --- .../class/companypaymentmode.class.php | 17 +++- htdocs/societe/class/societe.class.php | 95 ++++++++++++------- htdocs/societe/class/societeaccount.class.php | 3 +- 3 files changed, 77 insertions(+), 38 deletions(-) diff --git a/htdocs/societe/class/companypaymentmode.class.php b/htdocs/societe/class/companypaymentmode.class.php index eb77a928f14..1e221695a11 100644 --- a/htdocs/societe/class/companypaymentmode.class.php +++ b/htdocs/societe/class/companypaymentmode.class.php @@ -122,7 +122,7 @@ class CompanyPaymentMode extends CommonObject 'datec' =>array('type'=>'datetime', 'label'=>'DateCreation', 'enabled'=>1, 'visible'=>-2, 'position'=>20), 'tms' =>array('type'=>'timestamp', 'label'=>'Tms', 'enabled'=>1, 'visible'=>-2, 'notnull'=>1, 'position'=>25), 'import_key' =>array('type'=>'varchar(14)', 'label'=>'Import key', 'enabled'=>1, 'visible'=>-2, 'position'=>105), - //'aaa' =>array('type'=>'date', 'label'=>'Ending date', 'enabled'=>0, 'visible'=>-2, 'position'=>185), + //'aaa' =>array('type'=>'date', 'label'=>'Ending date', 'enabled'=>0, 'visible'=>-2, 'position'=>185), ); /** @@ -146,6 +146,18 @@ class CompanyPaymentMode extends CommonObject public $number; public $cle_rib; public $bic; + + /** + * @var string iban + * @deprecated + * @see iban_prefix + */ + public $iban; + + /** + * iban_prefix + * @var string + */ public $iban_prefix; public $domiciliation; public $proprio; @@ -255,8 +267,7 @@ class CompanyPaymentMode extends CommonObject // Clear fields $object->ref = "copy_of_".$object->ref; - $object->title = $langs->trans("CopyOf")." ".$object->title; - // ... + // $object->title = $langs->trans("CopyOf")." ".$object->title; // Create clone $object->context['createfromclone'] = 'createfromclone'; diff --git a/htdocs/societe/class/societe.class.php b/htdocs/societe/class/societe.class.php index 29f400fc778..c5b8df20d0e 100644 --- a/htdocs/societe/class/societe.class.php +++ b/htdocs/societe/class/societe.class.php @@ -15,7 +15,7 @@ * Copyright (C) 2017 Rui Strecht * Copyright (C) 2018 Philippe Grand * Copyright (C) 2019-2020 Josep Lluís Amador - * Copyright (C) 2019-2022 Frédéric France + * Copyright (C) 2019-2023 Frédéric France * Copyright (C) 2020 Open-Dsi * Copyright (C) 2022 ButterflyOfFire * @@ -128,6 +128,22 @@ class Societe extends CommonObject */ public $restrictiononfksoc = 1; + /** + * @var Societe To store a cloned copy of object before to edit it and keep track of old properties + */ + public $oldcopy; + + /** + * array of supplier categories + * @var array + */ + public $SupplierCategories = array(); + + /** + * prefixCustomerIsRequired + * @var int + */ + public $prefixCustomerIsRequired; /** * 'type' field format ('integer', 'integer:ObjectClass:PathToClass[:AddCreateButtonOrNot[:Filter]]', 'sellist:TableName:LabelFieldName[:KeyFieldName[:KeyFieldParent[:Filter]]]', 'varchar(x)', 'double(24,8)', 'real', 'price', 'text', 'text:none', 'html', 'date', 'datetime', 'timestamp', 'duration', 'mail', 'phone', 'url', 'password') @@ -351,12 +367,19 @@ class Societe extends CommonObject * @var string */ public $fax; + /** * Email * @var string */ public $email; + /** + * No Email + * @var int + */ + public $no_email; + /** * @var array array of socialnetworks */ @@ -462,6 +485,12 @@ class Societe extends CommonObject */ public $idprof6; + /** + * Object of company + * @var string + */ + public $object; + /** * @var string Prefix comm */ @@ -4257,14 +4286,14 @@ class Societe extends CommonObject global $langs; $this->id = 0; - $this->name = empty($conf->global->MAIN_INFO_SOCIETE_NOM) ? '' : $conf->global->MAIN_INFO_SOCIETE_NOM; - $this->address = empty($conf->global->MAIN_INFO_SOCIETE_ADDRESS) ? '' : $conf->global->MAIN_INFO_SOCIETE_ADDRESS; - $this->zip = empty($conf->global->MAIN_INFO_SOCIETE_ZIP) ? '' : $conf->global->MAIN_INFO_SOCIETE_ZIP; - $this->town = empty($conf->global->MAIN_INFO_SOCIETE_TOWN) ? '' : $conf->global->MAIN_INFO_SOCIETE_TOWN; - $this->region_code = empty($conf->global->MAIN_INFO_SOCIETE_REGION) ? '' : $conf->global->MAIN_INFO_SOCIETE_REGION; - $this->object = empty($conf->global->MAIN_INFO_SOCIETE_OBJECT) ? '' : $conf->global->MAIN_INFO_SOCIETE_OBJECT; + $this->name = getDolGlobalString('MAIN_INFO_SOCIETE_NOM'); + $this->address = getDolGlobalString('MAIN_INFO_SOCIETE_ADDRESS'); + $this->zip = getDolGlobalString('MAIN_INFO_SOCIETE_ZIP'); + $this->town = getDolGlobalString('MAIN_INFO_SOCIETE_TOWN'); + $this->region_code = getDolGlobalString('MAIN_INFO_SOCIETE_REGION'); + $this->object = getDolGlobalString('MAIN_INFO_SOCIETE_OBJECT'); - $this->note_private = empty($conf->global->MAIN_INFO_SOCIETE_NOTE) ? '' : $conf->global->MAIN_INFO_SOCIETE_NOTE; + $this->note_private = getDolGlobalString('MAIN_INFO_SOCIETE_NOTE'); $this->nom = $this->name; // deprecated @@ -4276,8 +4305,8 @@ class Societe extends CommonObject if (!empty($tmp[1])) { // If $conf->global->MAIN_INFO_SOCIETE_COUNTRY is "id:code:label" $country_code = $tmp[1]; $country_label = $tmp[2]; - } else // For backward compatibility - { + } else { + // For backward compatibility dol_syslog("Your country setup use an old syntax. Reedit it using setup area.", LOG_WARNING); include_once DOL_DOCUMENT_ROOT.'/core/lib/company.lib.php'; $country_code = getCountry($country_id, 2, $this->db); // This need a SQL request, but it's the old feature that should not be used anymore @@ -4314,40 +4343,40 @@ class Societe extends CommonObject $this->state = ($langs->trans('State'.$state_code) != 'State'.$state_code) ? $langs->trans('State'.$state_code) : $state_label; } - $this->phone = empty($conf->global->MAIN_INFO_SOCIETE_TEL) ? '' : $conf->global->MAIN_INFO_SOCIETE_TEL; - $this->fax = empty($conf->global->MAIN_INFO_SOCIETE_FAX) ? '' : $conf->global->MAIN_INFO_SOCIETE_FAX; - $this->url = empty($conf->global->MAIN_INFO_SOCIETE_WEB) ? '' : $conf->global->MAIN_INFO_SOCIETE_WEB; + $this->phone = getDolGlobalString('MAIN_INFO_SOCIETE_TEL'); + $this->fax = getDolGlobalString('MAIN_INFO_SOCIETE_FAX'); + $this->url = getDolGlobalString('MAIN_INFO_SOCIETE_WEB'); // Social networks - $this->facebook_url = empty($conf->global->MAIN_INFO_SOCIETE_FACEBOOK_URL) ? '' : $conf->global->MAIN_INFO_SOCIETE_FACEBOOK_URL; - $this->twitter_url = empty($conf->global->MAIN_INFO_SOCIETE_TWITTER_URL) ? '' : $conf->global->MAIN_INFO_SOCIETE_TWITTER_URL; - $this->linkedin_url = empty($conf->global->MAIN_INFO_SOCIETE_LINKEDIN_URL) ? '' : $conf->global->MAIN_INFO_SOCIETE_LINKEDIN_URL; - $this->instagram_url = empty($conf->global->MAIN_INFO_SOCIETE_INSTAGRAM_URL) ? '' : $conf->global->MAIN_INFO_SOCIETE_INSTAGRAM_URL; - $this->youtube_url = empty($conf->global->MAIN_INFO_SOCIETE_YOUTUBE_URL) ? '' : $conf->global->MAIN_INFO_SOCIETE_YOUTUBE_URL; - $this->github_url = empty($conf->global->MAIN_INFO_SOCIETE_GITHUB_URL) ? '' : $conf->global->MAIN_INFO_SOCIETE_GITHUB_URL; + $facebook_url = getDolGlobalString('MAIN_INFO_SOCIETE_FACEBOOK_URL'); + $twitter_url = getDolGlobalString('MAIN_INFO_SOCIETE_TWITTER_URL'); + $linkedin_url = getDolGlobalString('MAIN_INFO_SOCIETE_LINKEDIN_URL'); + $instagram_url = getDolGlobalString('MAIN_INFO_SOCIETE_INSTAGRAM_URL'); + $youtube_url = getDolGlobalString('MAIN_INFO_SOCIETE_YOUTUBE_URL'); + $github_url = getDolGlobalString('MAIN_INFO_SOCIETE_GITHUB_URL'); $this->socialnetworks = array(); - if (!empty($this->facebook_url)) { - $this->socialnetworks['facebook'] = $this->facebook_url; + if (!empty($facebook_url)) { + $this->socialnetworks['facebook'] = $facebook_url; } - if (!empty($this->twitter_url)) { - $this->socialnetworks['twitter'] = $this->twitter_url; + if (!empty($twitter_url)) { + $this->socialnetworks['twitter'] = $twitter_url; } - if (!empty($this->linkedin_url)) { - $this->socialnetworks['linkedin'] = $this->linkedin_url; + if (!empty($linkedin_url)) { + $this->socialnetworks['linkedin'] = $linkedin_url; } - if (!empty($this->instagram_url)) { - $this->socialnetworks['instagram'] = $this->instagram_url; + if (!empty($instagram_url)) { + $this->socialnetworks['instagram'] = $instagram_url; } - if (!empty($this->youtube_url)) { - $this->socialnetworks['youtube'] = $this->youtube_url; + if (!empty($youtube_url)) { + $this->socialnetworks['youtube'] = $youtube_url; } - if (!empty($this->github_url)) { - $this->socialnetworks['github'] = $this->github_url; + if (!empty($github_url)) { + $this->socialnetworks['github'] = $github_url; } // Id prof generiques - $this->idprof1 = empty($conf->global->MAIN_INFO_SIREN) ? '' : $conf->global->MAIN_INFO_SIREN; - $this->idprof2 = empty($conf->global->MAIN_INFO_SIRET) ? '' : $conf->global->MAIN_INFO_SIRET; + $this->idprof1 = getDolGlobalString('MAIN_INFO_SIREN'); + $this->idprof2 = getDolGlobalString('MAIN_INFO_SIRET'); $this->idprof3 = empty($conf->global->MAIN_INFO_APE) ? '' : $conf->global->MAIN_INFO_APE; $this->idprof4 = empty($conf->global->MAIN_INFO_RCS) ? '' : $conf->global->MAIN_INFO_RCS; $this->idprof5 = empty($conf->global->MAIN_INFO_PROFID5) ? '' : $conf->global->MAIN_INFO_PROFID5; diff --git a/htdocs/societe/class/societeaccount.class.php b/htdocs/societe/class/societeaccount.class.php index 79f5aedbe68..411b11a4cd9 100644 --- a/htdocs/societe/class/societeaccount.class.php +++ b/htdocs/societe/class/societeaccount.class.php @@ -216,8 +216,7 @@ class SocieteAccount extends CommonObject // Clear fields $object->ref = "copy_of_".$object->ref; - $object->title = $langs->trans("CopyOf")." ".$object->title; - // ... + // $object->title = $langs->trans("CopyOf")." ".$object->title; // Create clone $object->context['createfromclone'] = 'createfromclone'; From 9bd3cb927dd3b3984c44c124baff58d7fb90da80 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20FRANCE?= Date: Thu, 19 Jan 2023 18:41:49 +0100 Subject: [PATCH 003/227] fix undeclared properties --- htdocs/societe/class/societe.class.php | 32 +++++++++++++------------- 1 file changed, 16 insertions(+), 16 deletions(-) diff --git a/htdocs/societe/class/societe.class.php b/htdocs/societe/class/societe.class.php index c5b8df20d0e..a6027eccd02 100644 --- a/htdocs/societe/class/societe.class.php +++ b/htdocs/societe/class/societe.class.php @@ -4377,22 +4377,22 @@ class Societe extends CommonObject // Id prof generiques $this->idprof1 = getDolGlobalString('MAIN_INFO_SIREN'); $this->idprof2 = getDolGlobalString('MAIN_INFO_SIRET'); - $this->idprof3 = empty($conf->global->MAIN_INFO_APE) ? '' : $conf->global->MAIN_INFO_APE; - $this->idprof4 = empty($conf->global->MAIN_INFO_RCS) ? '' : $conf->global->MAIN_INFO_RCS; - $this->idprof5 = empty($conf->global->MAIN_INFO_PROFID5) ? '' : $conf->global->MAIN_INFO_PROFID5; - $this->idprof6 = empty($conf->global->MAIN_INFO_PROFID6) ? '' : $conf->global->MAIN_INFO_PROFID6; - $this->tva_intra = empty($conf->global->MAIN_INFO_TVAINTRA) ? '' : $conf->global->MAIN_INFO_TVAINTRA; // VAT number, not necessarly INTRA. - $this->managers = empty($conf->global->MAIN_INFO_SOCIETE_MANAGERS) ? '' : $conf->global->MAIN_INFO_SOCIETE_MANAGERS; - $this->capital = empty($conf->global->MAIN_INFO_CAPITAL) ? '' : $conf->global->MAIN_INFO_CAPITAL; - $this->forme_juridique_code = empty($conf->global->MAIN_INFO_SOCIETE_FORME_JURIDIQUE) ? '' : $conf->global->MAIN_INFO_SOCIETE_FORME_JURIDIQUE; - $this->email = empty($conf->global->MAIN_INFO_SOCIETE_MAIL) ? '' : $conf->global->MAIN_INFO_SOCIETE_MAIL; - $this->default_lang = (empty($conf->global->MAIN_LANG_DEFAULT) ? 'auto' : $conf->global->MAIN_LANG_DEFAULT); - $this->logo = empty($conf->global->MAIN_INFO_SOCIETE_LOGO) ? '' : $conf->global->MAIN_INFO_SOCIETE_LOGO; - $this->logo_small = empty($conf->global->MAIN_INFO_SOCIETE_LOGO_SMALL) ? '' : $conf->global->MAIN_INFO_SOCIETE_LOGO_SMALL; - $this->logo_mini = empty($conf->global->MAIN_INFO_SOCIETE_LOGO_MINI) ? '' : $conf->global->MAIN_INFO_SOCIETE_LOGO_MINI; - $this->logo_squarred = empty($conf->global->MAIN_INFO_SOCIETE_LOGO_SQUARRED) ? '' : $conf->global->MAIN_INFO_SOCIETE_LOGO_SQUARRED; - $this->logo_squarred_small = empty($conf->global->MAIN_INFO_SOCIETE_LOGO_SQUARRED_SMALL) ? '' : $conf->global->MAIN_INFO_SOCIETE_LOGO_SQUARRED_SMALL; - $this->logo_squarred_mini = empty($conf->global->MAIN_INFO_SOCIETE_LOGO_SQUARRED_MINI) ? '' : $conf->global->MAIN_INFO_SOCIETE_LOGO_SQUARRED_MINI; + $this->idprof3 = getDolGlobalString('MAIN_INFO_APE'); + $this->idprof4 = getDolGlobalString('MAIN_INFO_RCS'); + $this->idprof5 = getDolGlobalString('MAIN_INFO_PROFID5'); + $this->idprof6 = getDolGlobalString('MAIN_INFO_PROFID6'); + $this->tva_intra = getDolGlobalString('MAIN_INFO_TVAINTRA'); // VAT number, not necessarly INTRA. + $this->managers = getDolGlobalString('MAIN_INFO_SOCIETE_MANAGERS'); + $this->capital = getDolGlobalString('MAIN_INFO_CAPITAL'); + $this->forme_juridique_code = getDolGlobalString('MAIN_INFO_SOCIETE_FORME_JURIDIQUE'); + $this->email = getDolGlobalString('MAIN_INFO_SOCIETE_MAIL'); + $this->default_lang = getDolGlobalString('MAIN_LANG_DEFAULT', 'auto'); + $this->logo =getDolGlobalString('MAIN_INFO_SOCIETE_LOGO'); + $this->logo_small = getDolGlobalString('MAIN_INFO_SOCIETE_LOGO_SMALL'); + $this->logo_mini = getDolGlobalString('MAIN_INFO_SOCIETE_LOGO_MINI'); + $this->logo_squarred = getDolGlobalString('MAIN_INFO_SOCIETE_LOGO_SQUARRED'); + $this->logo_squarred_small = getDolGlobalString('MAIN_INFO_SOCIETE_LOGO_SQUARRED_SMALL'); + $this->logo_squarred_mini = getDolGlobalString('MAIN_INFO_SOCIETE_LOGO_SQUARRED_MINI'); // Define if company use vat or not $this->tva_assuj = $conf->global->FACTURE_TVAOPTION; From db2d40c93df6173f32578fb2ff98044a43e7ef3b Mon Sep 17 00:00:00 2001 From: marc Date: Fri, 20 Jan 2023 12:17:45 +0100 Subject: [PATCH 004/227] Add translation for hidind social network see #23583 --- htdocs/langs/en_US/companies.lang | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/htdocs/langs/en_US/companies.lang b/htdocs/langs/en_US/companies.lang index 38b6892dbae..51a909125aa 100644 --- a/htdocs/langs/en_US/companies.lang +++ b/htdocs/langs/en_US/companies.lang @@ -500,4 +500,6 @@ CurrentOutstandingBillLate=Current outstanding bill late BecarefullChangeThirdpartyBeforeAddProductToInvoice=Be carefull, depending on your product price settings, you should change thirdparty before adding product to POS. EmailAlreadyExistsPleaseRewriteYourCompanyName=email already exists please rewrite your company name TwoRecordsOfCompanyName=more than one record exists for this company, please contact us to complete your partnership request -CompanySection=Company section \ No newline at end of file +CompanySection=Company section +ShowSocialNetwork=Show social networks +HideSocialNetwork=Hide social networks \ No newline at end of file From c4521efa57db526986f80197afda81c568a86db8 Mon Sep 17 00:00:00 2001 From: FLIO Date: Mon, 23 Jan 2023 16:31:14 +0100 Subject: [PATCH 005/227] fix(qodana) fix function comment bad return --- htdocs/fichinter/class/api_interventions.class.php | 4 ++-- htdocs/fourn/class/fournisseur.product.class.php | 4 ++-- htdocs/product/class/product.class.php | 4 ++-- .../class/price_global_variable_updater.class.php | 4 ++-- htdocs/product/stock/class/entrepot.class.php | 4 ++-- htdocs/reception/class/api_receptions.class.php | 4 ++-- htdocs/societe/class/api_thirdparties.class.php | 4 ++-- 7 files changed, 14 insertions(+), 14 deletions(-) diff --git a/htdocs/fichinter/class/api_interventions.class.php b/htdocs/fichinter/class/api_interventions.class.php index f96dc3d6aa7..6cd6595432d 100644 --- a/htdocs/fichinter/class/api_interventions.class.php +++ b/htdocs/fichinter/class/api_interventions.class.php @@ -341,7 +341,7 @@ class Interventions extends DolibarrApi * * @url POST {id}/validate * - * @return array + * @return Object */ public function validate($id, $notrigger = 0) { @@ -377,7 +377,7 @@ class Interventions extends DolibarrApi * * @url POST {id}/close * - * @return array + * @return Object */ public function closeFichinter($id) { diff --git a/htdocs/fourn/class/fournisseur.product.class.php b/htdocs/fourn/class/fournisseur.product.class.php index fa1706a523a..1d764cee490 100644 --- a/htdocs/fourn/class/fournisseur.product.class.php +++ b/htdocs/fourn/class/fournisseur.product.class.php @@ -673,7 +673,7 @@ class ProductFournisseur extends Product * @param int $limit Limit * @param int $offset Offset * @param int $socid Filter on a third party id - * @return array Array of ProductFournisseur with new properties to define supplier price + * @return array|int Array of ProductFournisseur with new properties to define supplier price */ public function list_product_fournisseur_price($prodid, $sortfield = '', $sortorder = '', $limit = 0, $offset = 0, $socid = 0) { @@ -1042,7 +1042,7 @@ class ProductFournisseur extends Product * @param string $sortorder Sort order * @param int $limit Limit * @param int $offset Offset - * @return array Array of Log prices + * @return array|int Array of Log prices */ public function listProductFournisseurPriceLog($product_fourn_price_id, $sortfield = '', $sortorder = '', $limit = 0, $offset = 0) { diff --git a/htdocs/product/class/product.class.php b/htdocs/product/class/product.class.php index 11133d6a6e0..e1251efe8f7 100644 --- a/htdocs/product/class/product.class.php +++ b/htdocs/product/class/product.class.php @@ -4829,7 +4829,7 @@ class Product extends CommonObject /** * Return all parent products for current product (first level only) * - * @return array Array of product + * @return array|int Array of product * @see hasFatherOrChild() */ public function getFather() @@ -4871,7 +4871,7 @@ class Product extends CommonObject * @param int $firstlevelonly Return only direct child * @param int $level Level of recursing call (start to 1) * @param array $parents Array of all parents of $id - * @return array Return array(prodid=>array(0=prodid, 1=>qty, 2=>product type, 3=>label, 4=>incdec, 5=>product ref) + * @return array|int Return array(prodid=>array(0=prodid, 1=>qty, 2=>product type, 3=>label, 4=>incdec, 5=>product ref) */ public function getChildsArbo($id, $firstlevelonly = 0, $level = 1, $parents = array()) { diff --git a/htdocs/product/dynamic_price/class/price_global_variable_updater.class.php b/htdocs/product/dynamic_price/class/price_global_variable_updater.class.php index 317bc7fb5fd..d43a2e3bf56 100644 --- a/htdocs/product/dynamic_price/class/price_global_variable_updater.class.php +++ b/htdocs/product/dynamic_price/class/price_global_variable_updater.class.php @@ -367,7 +367,7 @@ class PriceGlobalVariableUpdater /** * List all price global variables * - * @return array Array of price global variable updaters + * @return array|int Array of price global variable updaters */ public function listUpdaters() { @@ -404,7 +404,7 @@ class PriceGlobalVariableUpdater /** * List all updaters which need to be processed * - * @return array Array of price global variable updaters + * @return array|int Array of price global variable updaters */ public function listPendingUpdaters() { diff --git a/htdocs/product/stock/class/entrepot.class.php b/htdocs/product/stock/class/entrepot.class.php index 6e09a81eb7f..d537d7d06cf 100644 --- a/htdocs/product/stock/class/entrepot.class.php +++ b/htdocs/product/stock/class/entrepot.class.php @@ -564,7 +564,7 @@ class Entrepot extends CommonObject /** * Return number of unique different product into a warehouse * - * @return Array Array('nb'=>Nb, 'value'=>Value) + * @return array|int Array('nb'=>Nb, 'value'=>Value) */ public function nb_different_products() { @@ -595,7 +595,7 @@ class Entrepot extends CommonObject /** * Return stock and value of warehosue * - * @return Array Array('nb'=>Nb, 'value'=>Value) + * @return array|int Array('nb'=>Nb, 'value'=>Value) */ public function nb_products() { diff --git a/htdocs/reception/class/api_receptions.class.php b/htdocs/reception/class/api_receptions.class.php index 473650161e2..68da64fcc36 100644 --- a/htdocs/reception/class/api_receptions.class.php +++ b/htdocs/reception/class/api_receptions.class.php @@ -502,7 +502,7 @@ class Receptions extends DolibarrApi * * @url POST {id}/validate * - * @return array + * @return Object * \todo An error 403 is returned if the request has an empty body. * Error message: "Forbidden: Content type `text/plain` is not supported." * Workaround: send this in the body @@ -630,7 +630,7 @@ class Receptions extends DolibarrApi * * @url POST {id}/close * - * @return int + * @return Object */ public function close($id, $notrigger = 0) { diff --git a/htdocs/societe/class/api_thirdparties.class.php b/htdocs/societe/class/api_thirdparties.class.php index c4781c0df6a..f81fd066a2c 100644 --- a/htdocs/societe/class/api_thirdparties.class.php +++ b/htdocs/societe/class/api_thirdparties.class.php @@ -524,7 +524,7 @@ class Thirdparties extends DolibarrApi * Delete thirdparty * * @param int $id Thirdparty ID - * @return integer + * @return array */ public function delete($id) { @@ -1354,7 +1354,7 @@ class Thirdparties extends DolibarrApi * @param int $id Thirdparty id * @param int $companybankid Companybank id * @param string $model Model of document to generate - * @return void + * @return array * * @url GET {id}/generateBankAccountDocument/{companybankid}/{model} */ From 7f6d993040979d61a4a359d722cb2109c26c90a1 Mon Sep 17 00:00:00 2001 From: David Pareja Rodriguez Date: Tue, 24 Jan 2023 10:54:48 +0100 Subject: [PATCH 006/227] Encase database name in backticks --- htdocs/core/db/mysqli.class.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/core/db/mysqli.class.php b/htdocs/core/db/mysqli.class.php index fa24e4a70ac..3514777dd45 100644 --- a/htdocs/core/db/mysqli.class.php +++ b/htdocs/core/db/mysqli.class.php @@ -678,7 +678,7 @@ class DoliDBMysqli extends DoliDB } $tmpdatabase = preg_replace('/[^a-z0-9\.\-\_]/i', '', $database); - $sql = "SHOW TABLES FROM ".$tmpdatabase." ".$like.";"; + $sql = "SHOW TABLES FROM `".$tmpdatabase."` ".$like.";"; //print $sql; $result = $this->query($sql); if ($result) { From 02f4f470830283fbf5dd7a6690fa4ca51bdab3fe Mon Sep 17 00:00:00 2001 From: FLIO Date: Tue, 24 Jan 2023 23:11:28 +0100 Subject: [PATCH 007/227] fix (qodana) Return value type is not compatible with declared --- htdocs/bom/class/api_boms.class.php | 2 +- htdocs/core/class/commonobject.class.php | 2 +- htdocs/core/db/sqlite3.class.php | 2 +- htdocs/don/class/api_donations.class.php | 2 +- htdocs/ecm/class/ecmdirectory.class.php | 2 +- htdocs/expedition/class/api_shipments.class.php | 4 ++-- htdocs/supplier_proposal/class/supplier_proposal.class.php | 4 ++-- 7 files changed, 9 insertions(+), 9 deletions(-) diff --git a/htdocs/bom/class/api_boms.class.php b/htdocs/bom/class/api_boms.class.php index fb7d175a229..c2df69b9012 100644 --- a/htdocs/bom/class/api_boms.class.php +++ b/htdocs/bom/class/api_boms.class.php @@ -365,7 +365,7 @@ class Boms extends DolibarrApi * * @url PUT {id}/lines/{lineid} * - * @return array|bool + * @return object|bool */ public function putLine($id, $lineid, $request_data = null) { diff --git a/htdocs/core/class/commonobject.class.php b/htdocs/core/class/commonobject.class.php index 37f250bf92f..7df0c4efe9c 100644 --- a/htdocs/core/class/commonobject.class.php +++ b/htdocs/core/class/commonobject.class.php @@ -4277,7 +4277,7 @@ abstract class CommonObject * @param string $field_select name of field we need to get a list * @param string $field_where name of field of object we need to get linked items * @param string $table_element name of association table - * @return array Array of record + * @return array|int Array of record, -1 if empty */ public static function getAllItemsLinkedByObjectID($fk_object_where, $field_select, $field_where, $table_element) { diff --git a/htdocs/core/db/sqlite3.class.php b/htdocs/core/db/sqlite3.class.php index 8c10c26d464..40d0f10baa8 100644 --- a/htdocs/core/db/sqlite3.class.php +++ b/htdocs/core/db/sqlite3.class.php @@ -316,7 +316,7 @@ class DoliDBSqlite3 extends DoliDB * @param string $passwd password * @param string $name name of database (not used for mysql, used for pgsql) * @param integer $port Port of database server - * @return SQLite3 Database access handler + * @return SQLite3|string Database access handler * @see close() */ public function connect($host, $login, $passwd, $name, $port = 0) diff --git a/htdocs/don/class/api_donations.class.php b/htdocs/don/class/api_donations.class.php index f9af0568bf0..eee681cea7b 100644 --- a/htdocs/don/class/api_donations.class.php +++ b/htdocs/don/class/api_donations.class.php @@ -295,7 +295,7 @@ class Donations extends DolibarrApi * @throws RestException 404 * @throws RestException 500 System error * - * @return array + * @return object */ public function validate($id, $idwarehouse = 0, $notrigger = 0) { diff --git a/htdocs/ecm/class/ecmdirectory.class.php b/htdocs/ecm/class/ecmdirectory.class.php index fb9b2a35dd0..21a43565a25 100644 --- a/htdocs/ecm/class/ecmdirectory.class.php +++ b/htdocs/ecm/class/ecmdirectory.class.php @@ -633,7 +633,7 @@ class EcmDirectory extends CommonObject * level Level of line (Added by buildPathFromId call) * * @param int $force Force reload of full arbo even if already loaded in cache $this->cats - * @return array Tableau de array + * @return array|int Tableau de array if OK, -1 if KO */ public function get_full_arbo($force = 0) { diff --git a/htdocs/expedition/class/api_shipments.class.php b/htdocs/expedition/class/api_shipments.class.php index 357683ef35a..e5e1f584f5e 100644 --- a/htdocs/expedition/class/api_shipments.class.php +++ b/htdocs/expedition/class/api_shipments.class.php @@ -502,7 +502,7 @@ class Shipments extends DolibarrApi * * @url POST {id}/validate * - * @return array + * @return object * \todo An error 403 is returned if the request has an empty body. * Error message: "Forbidden: Content type `text/plain` is not supported." * Workaround: send this in the body @@ -630,7 +630,7 @@ class Shipments extends DolibarrApi * * @url POST {id}/close * - * @return int + * @return object */ public function close($id, $notrigger = 0) { diff --git a/htdocs/supplier_proposal/class/supplier_proposal.class.php b/htdocs/supplier_proposal/class/supplier_proposal.class.php index 1f95e3de5fd..1604cf928e7 100644 --- a/htdocs/supplier_proposal/class/supplier_proposal.class.php +++ b/htdocs/supplier_proposal/class/supplier_proposal.class.php @@ -1942,7 +1942,7 @@ class SupplierProposal extends CommonObject * @param int $offset For pagination * @param string $sortfield Sort criteria * @param string $sortorder Sort order - * @return int -1 if KO, array with result if OK + * @return array|int -1 if KO, array with result if OK */ public function liste_array($shortlist = 0, $draft = 0, $notcurrentuser = 0, $socid = 0, $limit = 0, $offset = 0, $sortfield = 'p.datec', $sortorder = 'DESC') { @@ -2223,7 +2223,7 @@ class SupplierProposal extends CommonObject * * @param User $user Object user * @param int $mode "opened" for askprice to close, "signed" for proposal to invoice - * @return int <0 if KO, >0 if OK + * @return WorkboardResponse|int <0 if KO, WorkboardResponse if OK */ public function load_board($user, $mode) { From 59f163f6998d5929607528513e305e5538539332 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Thu, 26 Jan 2023 02:12:42 +0100 Subject: [PATCH 008/227] Fix regression --- htdocs/expensereport/card.php | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/htdocs/expensereport/card.php b/htdocs/expensereport/card.php index 0756cb1bc7f..0201dfdd7f6 100644 --- a/htdocs/expensereport/card.php +++ b/htdocs/expensereport/card.php @@ -1158,12 +1158,17 @@ if (empty($reshook)) { unset($date); } else { + $error++; setEventMessages($object->error, $object->errors, 'errors'); } } - header("Location: ".$_SERVER["PHP_SELF"]."?id=".GETPOST('id', 'int')); - exit; + if (!$error) { + header("Location: ".$_SERVER["PHP_SELF"]."?id=".GETPOST('id', 'int')); + exit; + } else { + $action = ''; + } } if ($action == 'confirm_delete_line' && GETPOST("confirm", 'alpha') == "yes" && $user->rights->expensereport->creer) { From 6aadb7b9ccf4150c5b1dbf45ff974cf3eb5cbea3 Mon Sep 17 00:00:00 2001 From: Anthony Berton Date: Thu, 26 Jan 2023 10:36:44 +0100 Subject: [PATCH 009/227] =?UTF-8?q?FIX=20-=20Error=20to=20g=C3=A9n=C3=A9ra?= =?UTF-8?q?te=20product=20doc=20-=20NEW=20-=20Add=20photo=20on=20product?= =?UTF-8?q?=20doc?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../product/doc/pdf_standard.modules.php | 73 ++++++++++++++----- 1 file changed, 56 insertions(+), 17 deletions(-) diff --git a/htdocs/core/modules/product/doc/pdf_standard.modules.php b/htdocs/core/modules/product/doc/pdf_standard.modules.php index 8baef2ffa75..9247e8c7e34 100644 --- a/htdocs/core/modules/product/doc/pdf_standard.modules.php +++ b/htdocs/core/modules/product/doc/pdf_standard.modules.php @@ -209,10 +209,10 @@ class pdf_standard extends ModelePDFProduct $pdf->SetDrawColor(128, 128, 128); $pdf->SetTitle($outputlangs->convToOutputCharset($object->ref)); - $pdf->SetSubject($outputlangs->transnoentities("Order")); + $pdf->SetSubject($outputlangs->transnoentities("Product")); $pdf->SetCreator("Dolibarr ".DOL_VERSION); $pdf->SetAuthor($outputlangs->convToOutputCharset($user->getFullName($outputlangs))); - $pdf->SetKeyWords($outputlangs->convToOutputCharset($object->ref)." ".$outputlangs->transnoentities("Order")." ".$outputlangs->convToOutputCharset($object->thirdparty->name)); + $pdf->SetKeyWords($outputlangs->convToOutputCharset($object->ref)." ".$outputlangs->transnoentities("Product")); if (getDolGlobalString('MAIN_DISABLE_PDF_COMPRESSION')) { $pdf->SetCompression(false); } @@ -242,6 +242,53 @@ class pdf_standard extends ModelePDFProduct $pdf->writeHTMLCell(190, 3, $this->marge_gauche, $tab_top, dol_htmlentitiesbr($object->label), 0, 1); $nexY = $pdf->GetY(); + // Show photo + if (getDolGlobalInt('PRODUCT_USE_OLD_PATH_FOR_PHOTO')) { + $pdir[0] = get_exdir($object->id, 2, 0, 0, $object, 'product').$object->id."/photos/"; + $pdir[1] = get_exdir(0, 0, 0, 0, $object, 'product').dol_sanitizeFileName($object->ref).'/'; + } else { + $pdir[0] = get_exdir(0, 0, 0, 0, $object, 'product'); // default + $pdir[1] = get_exdir($object->id, 2, 0, 0, $object, 'product').$object->id."/photos/"; // alternative + } + + $arephoto = false; + foreach ($pdir as $midir) { + if (!$arephoto) { + if ($conf->entity != $object->entity) { + $dir = $conf->product->multidir_output[$object->entity].'/'.$midir; //Check repertories of current entities + } else { + $dir = $conf->product->dir_output.'/'.$midir; //Check repertory of the current product + } + foreach ($object->liste_photos($dir, 1) as $key => $obj) { + if (!getDolGlobalInt('CAT_HIGH_QUALITY_IMAGES')) { // If CAT_HIGH_QUALITY_IMAGES not defined, we use thumb if defined and then original photo + if ($obj['photo_vignette']) { + $filename = $obj['photo_vignette']; + } else { + $filename = $obj['photo']; + } + } else { + $filename = $obj['photo']; + } + $realpath = $dir.$filename; + $arephoto = true; + } + } + } + // Define size of image if we need it + $imglinesize = array(); + if (!empty($realpath) && $arephoto) { + $imgsize = pdf_getSizeForImage($realpath); + $imgsizewidth = $imgsize['width'] + 20; + $imgsizeheight = $imgsize['height'] + 20; + + $midelpage = ($this->page_largeur - $this->marge_gauche - $this->marge_droite) / 2; + $posxphoto = $midelpage + ($midelpage / 2) - ($imgsizewidth / 2); + $posyphoto = $tab_top - 1; + $pdf->Image($realpath, $posxphoto, $posyphoto, $imgsizewidth, $imgsizeheight, '', '', '', 2, 300); // Use 300 dpi + $nexyafterphoto = $tab_top + $imgsizeheight; + } + + // Description $pdf->SetFont('', '', $default_font_size); $pdf->writeHTMLCell(190, 3, $this->marge_gauche, $nexY, dol_htmlentitiesbr($object->description), 0, 1); $nexY = $pdf->GetY(); @@ -276,30 +323,22 @@ class pdf_standard extends ModelePDFProduct $nexY = $pdf->GetY(); } + $tab_top = 88; + if (!empty($nexyafterphoto) && $nexyafterphoto > $tab_top) { + $tab_top = $nexyafterphoto; + } + // Show notes // TODO There is no public note on product yet $notetoshow = empty($object->note_public) ? '' : $object->note_public; - if (!empty($conf->global->MAIN_ADD_SALE_REP_SIGNATURE_IN_NOTE)) { - // Get first sale rep - if (is_object($object->thirdparty)) { - $salereparray = $object->thirdparty->getSalesRepresentatives($user); - $salerepobj = new User($this->db); - $salerepobj->fetch($salereparray[0]['id']); - if (!empty($salerepobj->signature)) { - $notetoshow = dol_concatdesc($notetoshow, $salerepobj->signature); - } - } - } if ($notetoshow) { $substitutionarray = pdf_getSubstitutionArray($outputlangs, null, $object); complete_substitutions_array($substitutionarray, $outputlangs, $object); $notetoshow = make_substitutions($notetoshow, $substitutionarray, $outputlangs); $notetoshow = convertBackOfficeMediasLinksToPublicLinks($notetoshow); - $tab_top = 88; - $pdf->SetFont('', '', $default_font_size - 1); - $pdf->writeHTMLCell(190, 3, $this->posxdesc - 1, $tab_top, dol_htmlentitiesbr($notetoshow), 0, 1); + $pdf->writeHTMLCell(190, 3, $this->marge_gauche - 1, $tab_top, dol_htmlentitiesbr($notetoshow), 0, 1); $nexY = $pdf->GetY(); $height_note = $nexY - $tab_top; @@ -687,7 +726,7 @@ class pdf_standard extends ModelePDFProduct pdf_pagehead($pdf, $outputlangs, $this->page_hauteur); // Show Draft Watermark - if ($object->statut == 0 && getDolGlobalString('COMMANDE_DRAFT_WATERMARK')) { + if ($object->statut == 0 && getDolGlobalString('PRODUCT_DRAFT_WATERMARK')) { pdf_watermark($pdf, $outputlangs, $this->page_hauteur, $this->page_largeur, 'mm', getDolGlobalString('COMMANDE_DRAFT_WATERMARK')); } From 2a26ca7212c177091e3e68ed91f46acde90a52cc Mon Sep 17 00:00:00 2001 From: Anthony Berton Date: Thu, 26 Jan 2023 10:40:41 +0100 Subject: [PATCH 010/227] Cop --- htdocs/core/modules/product/doc/pdf_standard.modules.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/htdocs/core/modules/product/doc/pdf_standard.modules.php b/htdocs/core/modules/product/doc/pdf_standard.modules.php index 9247e8c7e34..44d75b99726 100644 --- a/htdocs/core/modules/product/doc/pdf_standard.modules.php +++ b/htdocs/core/modules/product/doc/pdf_standard.modules.php @@ -1,5 +1,6 @@ +/* Copyright (C) 2017 Laurent Destailleur + * Copyright (C) 2017 Anthony Berton * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by From 890f9120d71e59af514a02fcb5f8a10cf7e5a49d Mon Sep 17 00:00:00 2001 From: Anthony Berton Date: Thu, 26 Jan 2023 10:48:27 +0100 Subject: [PATCH 011/227] Cop --- htdocs/core/modules/product/doc/pdf_standard.modules.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/core/modules/product/doc/pdf_standard.modules.php b/htdocs/core/modules/product/doc/pdf_standard.modules.php index 44d75b99726..7427fc7170e 100644 --- a/htdocs/core/modules/product/doc/pdf_standard.modules.php +++ b/htdocs/core/modules/product/doc/pdf_standard.modules.php @@ -1,6 +1,6 @@ - * Copyright (C) 2017 Anthony Berton + * Copyright (C) 2023 Anthony Berton * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by From 35b05cfc7b45ad79cad9c3ebccb0135c65d7158d Mon Sep 17 00:00:00 2001 From: mgabriel Date: Thu, 26 Jan 2023 11:00:00 +0100 Subject: [PATCH 012/227] Implements MAIN_SECURITY_ALLOW_UNSECURED_REF_LABELS for product refs and labels. --- htdocs/product/card.php | 12 ++++++++++-- htdocs/product/class/product.class.php | 18 +++++++++++++++--- 2 files changed, 25 insertions(+), 5 deletions(-) diff --git a/htdocs/product/card.php b/htdocs/product/card.php index ac465b16bd7..ba1bc47046f 100644 --- a/htdocs/product/card.php +++ b/htdocs/product/card.php @@ -93,7 +93,11 @@ $refalreadyexists = 0; // Get parameters $id = GETPOST('id', 'int'); -$ref = (GETPOSTISSET('ref') ? GETPOST('ref', 'alpha') : null); +if (!empty($conf->global->MAIN_SECURITY_ALLOW_UNSECURED_REF_LABELS)) { + $ref = (GETPOSTISSET('ref') ? GETPOST('ref', 'nohtml') : null); +} else { + $ref = (GETPOSTISSET('ref') ? GETPOST('ref', 'alpha') : null); +} $type = (GETPOSTISSET('type') ? GETPOST('type', 'int') : Product::TYPE_PRODUCT); $action = (GETPOST('action', 'alpha') ? GETPOST('action', 'alpha') : 'view'); $cancel = GETPOST('cancel', 'alpha'); @@ -113,7 +117,11 @@ $accountancy_code_buy_export = GETPOST('accountancy_code_buy_export', 'alpha'); $checkmandatory = GETPOST('accountancy_code_buy_export', 'alpha'); // by default 'alphanohtml' (better security); hidden conf MAIN_SECURITY_ALLOW_UNSECURED_LABELS_WITH_HTML allows basic html -$label_security_check = empty($conf->global->MAIN_SECURITY_ALLOW_UNSECURED_LABELS_WITH_HTML) ? 'alphanohtml' : 'restricthtml'; +if (!empty($conf->global->MAIN_SECURITY_ALLOW_UNSECURED_REF_LABELS)) { + $label_security_check = 'nohtml'; +} else { + $label_security_check = empty($conf->global->MAIN_SECURITY_ALLOW_UNSECURED_LABELS_WITH_HTML) ? 'alphanohtml' : 'restricthtml'; +} if (!empty($user->socid)) { $socid = $user->socid; diff --git a/htdocs/product/class/product.class.php b/htdocs/product/class/product.class.php index d464871941a..1a2b3fa4cf2 100644 --- a/htdocs/product/class/product.class.php +++ b/htdocs/product/class/product.class.php @@ -572,7 +572,11 @@ class Product extends CommonObject */ public function check() { - $this->ref = dol_sanitizeFileName(stripslashes($this->ref)); + if (!empty($conf->global->MAIN_SECURITY_ALLOW_UNSECURED_REF_LABELS)) { + $this->ref = trim($this->ref); + } else { + $this->ref = dol_sanitizeFileName(stripslashes($this->ref)); + } $err = 0; if (dol_strlen(trim($this->ref)) == 0) { @@ -604,7 +608,11 @@ class Product extends CommonObject $error = 0; // Clean parameters - $this->ref = dol_sanitizeFileName(dol_string_nospecial(trim($this->ref))); + if (!empty($conf->global->MAIN_SECURITY_ALLOW_UNSECURED_REF_LABELS)) { + $this->ref = trim($this->ref); + } else { + $this->ref = dol_sanitizeFileName(dol_string_nospecial(trim($this->ref))); + } $this->label = trim($this->label); $this->price_ttc = price2num($this->price_ttc); $this->price = price2num($this->price); @@ -999,7 +1007,11 @@ class Product extends CommonObject } // Clean parameters - $this->ref = dol_string_nospecial(trim($this->ref)); + if (!empty($conf->global->MAIN_SECURITY_ALLOW_UNSECURED_REF_LABELS)) { + $this->ref = trim($this->ref); + } else { + $this->ref = dol_string_nospecial(trim($this->ref)); + } $this->label = trim($this->label); $this->description = trim($this->description); $this->note_private = (isset($this->note_private) ? trim($this->note_private) : null); From d4f7b3e42f0aa3e2c0e8e69812f25aade4c0a79f Mon Sep 17 00:00:00 2001 From: Anthony Berton Date: Thu, 26 Jan 2023 11:01:44 +0100 Subject: [PATCH 013/227] FIX - Logo MYCOMPANY --- .../product/doc/pdf_standard.modules.php | 40 +++++++++++++------ 1 file changed, 28 insertions(+), 12 deletions(-) diff --git a/htdocs/core/modules/product/doc/pdf_standard.modules.php b/htdocs/core/modules/product/doc/pdf_standard.modules.php index 7427fc7170e..c8190a362f5 100644 --- a/htdocs/core/modules/product/doc/pdf_standard.modules.php +++ b/htdocs/core/modules/product/doc/pdf_standard.modules.php @@ -713,6 +713,9 @@ class pdf_standard extends ModelePDFProduct { global $conf, $langs, $hookmanager; + $ltrdirection = 'L'; + if ($outputlangs->trans("DIRECTION") == 'rtl') $ltrdirection = 'R'; + // Load traductions files required by page $outputlangs->loadLangs(array("main", "propal", "companies", "bills", "orders")); @@ -734,28 +737,41 @@ class pdf_standard extends ModelePDFProduct $pdf->SetTextColor(0, 0, 60); $pdf->SetFont('', 'B', $default_font_size + 3); + $w = 100; + $posy = $this->marge_haute; $posx = $this->page_largeur - $this->marge_droite - 100; $pdf->SetXY($this->marge_gauche, $posy); // Logo - $logo = $conf->mycompany->dir_output.'/logos/'.$this->emetteur->logo; - if ($this->emetteur->logo) { - if (is_readable($logo)) { - $height = pdf_getHeightForLogo($logo); - $pdf->Image($logo, $this->marge_gauche, $posy, 0, $height); // width=0 (auto) + if (!getDolGlobalInt('PDF_DISABLE_MYCOMPANY_LOGO')) { + if ($this->emetteur->logo) { + $logodir = $conf->mycompany->dir_output; + if (!empty($conf->mycompany->multidir_output[$object->entity])) { + $logodir = $conf->mycompany->multidir_output[$object->entity]; + } + if (!getDolGlobalInt('MAIN_PDF_USE_LARGE_LOGO')) { + $logo = $logodir.'/logos/thumbs/'.$this->emetteur->logo_small; + } else { + $logo = $logodir.'/logos/'.$this->emetteur->logo; + } + if (is_readable($logo)) { + $height = pdf_getHeightForLogo($logo); + $pdf->Image($logo, $this->marge_gauche, $posy, 0, $height); // width=0 (auto) + } else { + $pdf->SetTextColor(200, 0, 0); + $pdf->SetFont('', 'B', $default_font_size - 2); + $pdf->MultiCell($w, 3, $outputlangs->transnoentities("ErrorLogoFileNotFound", $logo), 0, 'L'); + $pdf->MultiCell($w, 3, $outputlangs->transnoentities("ErrorGoToGlobalSetup"), 0, 'L'); + } } else { - $pdf->SetTextColor(200, 0, 0); - $pdf->SetFont('', 'B', $default_font_size - 2); - $pdf->MultiCell(100, 3, $outputlangs->transnoentities("ErrorLogoFileNotFound", $logo), 0, 'L'); - $pdf->MultiCell(100, 3, $outputlangs->transnoentities("ErrorGoToGlobalSetup"), 0, 'L'); + $text = $this->emetteur->name; + $pdf->MultiCell($w, 4, $outputlangs->convToOutputCharset($text), 0, $ltrdirection); } - } else { - $text = $this->emetteur->name; - $pdf->MultiCell(100, 4, $outputlangs->convToOutputCharset($text), 0, 'L'); } + $pdf->SetFont('', 'B', $default_font_size + 3); $pdf->SetXY($posx, $posy); $pdf->SetTextColor(0, 0, 60); From 3de3b421b92938e037fc26a3e56996fcca2ba22d Mon Sep 17 00:00:00 2001 From: Philippe GRAND Date: Thu, 26 Jan 2023 14:37:15 +0100 Subject: [PATCH 014/227] fix : Warning: Trying to access array offset on value of type bool in /home/httpd/vhosts/aflac.fr/domains/dev.aflac.fr/httpdocs/includes/tcpdi/tcpdi_parser.php on line 1377 --- htdocs/includes/tcpdi/tcpdi_parser.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/includes/tcpdi/tcpdi_parser.php b/htdocs/includes/tcpdi/tcpdi_parser.php index 13e9839f2b4..6d3cf789b6a 100644 --- a/htdocs/includes/tcpdi/tcpdi_parser.php +++ b/htdocs/includes/tcpdi/tcpdi_parser.php @@ -1373,7 +1373,7 @@ class tcpdi_parser { return false; } else { $res = $this->_getPageRotation($obj[1][1]['/Parent']); - if ($res[0] == PDF_TYPE_OBJECT) + if ($res && $res[0] == PDF_TYPE_OBJECT) return $res[1]; return $res; } From 777cfd5753a3d41fe75d3724a736a1e81e0426c8 Mon Sep 17 00:00:00 2001 From: Adrien Raze Date: Thu, 26 Jan 2023 15:26:24 +0100 Subject: [PATCH 015/227] FIX : Sub-Bom costs were not good --- htdocs/bom/tpl/objectline_view.tpl.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/bom/tpl/objectline_view.tpl.php b/htdocs/bom/tpl/objectline_view.tpl.php index 5992578a6e0..2df13e9af83 100644 --- a/htdocs/bom/tpl/objectline_view.tpl.php +++ b/htdocs/bom/tpl/objectline_view.tpl.php @@ -171,7 +171,7 @@ $tmpbom->calculateCosts(); print ''; $coldisplay++; if (!empty($line->fk_bom_child)) { - echo ''.price($tmpbom->total_cost).''; + echo ''.price($tmpbom->total_cost * $line->qty).''; } else { echo ''.price($line->total_cost).''; } From 52c39d05f796f2435f061e3ee18d0555f2e5590a Mon Sep 17 00:00:00 2001 From: Adrien Raze Date: Thu, 26 Jan 2023 15:32:37 +0100 Subject: [PATCH 016/227] FIX : Make help text part bold --- htdocs/langs/fr_FR/mrp.lang | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/langs/fr_FR/mrp.lang b/htdocs/langs/fr_FR/mrp.lang index 557b1f09175..47e8dcf13d3 100644 --- a/htdocs/langs/fr_FR/mrp.lang +++ b/htdocs/langs/fr_FR/mrp.lang @@ -82,7 +82,7 @@ ProductsToConsume=Produits à consommer ProductsToProduce=Produits à produire UnitCost=Coût unitaire TotalCost=Coût total -BOMTotalCost=Le coût de production de cette nomenclature basé sur chaque quantité et produit à consommer (utilise le cout de la sous BOM si existante, sinon le prix de revient du produit si défini, sinon le PMP si défini, sinon le meilleur prix d'achat) +BOMTotalCost=Le coût de production de cette nomenclature basé sur chaque quantité et produit à consommer (utilise le cout de la sous BOM si existante, sinon le prix de revient du produit si défini, sinon le PMP si défini, sinon le meilleur prix d'achat) BOMTotalCostService=Si le module "Poste de travail" est activé et qu'un poste de travail est défini par défaut sur la ligne, alors le calcul est "quantité (convertie en heures) x poste de travail ahr", sinon "quantité (convertie en heures) x prix de revient du service" GoOnTabProductionToProduceFirst=Vous devez avoir la production pour clôturer un Ordre de Fabrication (voir onglet '%s'). Mais vous pouvez l'annuler. ErrorAVirtualProductCantBeUsedIntoABomOrMo=Un kit ne peut pas être utilisé dans une Nomenclature ou un Ordre de fabrication. From 331dd7d4792ab881701845a053628da4087fa7c8 Mon Sep 17 00:00:00 2001 From: Adrien Raze Date: Thu, 26 Jan 2023 15:56:04 +0100 Subject: [PATCH 017/227] FIX : Sub-Bom indentations were not good --- htdocs/bom/tpl/objectline_view.tpl.php | 18 +++++++++++------- 1 file changed, 11 insertions(+), 7 deletions(-) diff --git a/htdocs/bom/tpl/objectline_view.tpl.php b/htdocs/bom/tpl/objectline_view.tpl.php index 2df13e9af83..ac277f6e880 100644 --- a/htdocs/bom/tpl/objectline_view.tpl.php +++ b/htdocs/bom/tpl/objectline_view.tpl.php @@ -269,16 +269,20 @@ if ($resql) { $label = $sub_bom_product->getLabelOfUnit('long'); if ($sub_bom_line->qty_frozen > 0) { print ''.price($sub_bom_line->qty, 0, '', 0, 0).''; - print ''; - if ($label !== '') print $langs->trans($label); - print ''; + if (!empty($conf->global->PRODUCT_USE_UNITS)) { + print ''; + if ($label !== '') print $langs->trans($label); + print ''; + } print ''.$langs->trans('Yes').''; } else { print ''.price($sub_bom_line->qty * $line->qty, 0, '', 0, 0).''; - print ''; - if ($label !== '') print $langs->trans($label); - print ''; - print ''; + if (!empty($conf->global->PRODUCT_USE_UNITS)) { + print ''; + if ($label !== '') print $langs->trans($label); + print ''; + } + print ' '; } From 1200174b83e2974d9c07c5d442527feb55a7a2d4 Mon Sep 17 00:00:00 2001 From: Adrien Raze Date: Thu, 26 Jan 2023 18:03:18 +0100 Subject: [PATCH 018/227] FIX : The folder on BOM card who display or not the sub BOM was not working --- htdocs/bom/bom_card.php | 3 --- 1 file changed, 3 deletions(-) diff --git a/htdocs/bom/bom_card.php b/htdocs/bom/bom_card.php index 333b6232f9f..b25785ae368 100644 --- a/htdocs/bom/bom_card.php +++ b/htdocs/bom/bom_card.php @@ -613,9 +613,6 @@ if (empty($reshook)) { print "\n"; - mrpCollapseBomManagement(); - - //Services $filtertype = 1; $res = $object->fetchLinesbytypeproduct(1); From f6ad2c3a7628e73c815bcbe7863d380c1bea5af9 Mon Sep 17 00:00:00 2001 From: hystepik Date: Fri, 27 Jan 2023 11:01:16 +0100 Subject: [PATCH 019/227] Fix : php 8.1 warning --- htdocs/compta/paiement/card.php | 4 ++++ htdocs/compta/paiement/list.php | 7 ++++++- 2 files changed, 10 insertions(+), 1 deletion(-) diff --git a/htdocs/compta/paiement/card.php b/htdocs/compta/paiement/card.php index 073365fa876..14442e6c965 100644 --- a/htdocs/compta/paiement/card.php +++ b/htdocs/compta/paiement/card.php @@ -46,6 +46,10 @@ $action = GETPOST('action', 'aZ09'); $confirm = GETPOST('confirm', 'alpha'); $backtopage = GETPOST('backtopage', 'alpha'); +$socid = GETPOST('socid', 'int'); if ($socid < 0) { + $socid = 0; +} + $object = new Paiement($db); // Initialize technical object to manage hooks of page. Note that conf->hooks_modules contains array of hook context $hookmanager->initHooks(array('paymentcard', 'globalcard')); diff --git a/htdocs/compta/paiement/list.php b/htdocs/compta/paiement/list.php index 658f2c150f1..6db18f6aa55 100644 --- a/htdocs/compta/paiement/list.php +++ b/htdocs/compta/paiement/list.php @@ -513,6 +513,7 @@ foreach ($arrayfields as $column) { $i = 0; $totalarray = array(); +$totalarray['nbfield'] = 0; while ($i < min($num, $limit)) { $objp = $db->fetch_object($resql); @@ -620,7 +621,11 @@ while ($i < min($num, $limit)) { $totalarray['nbfield']++; } $totalarray['pos'][$checkedCount] = 'amount'; - $totalarray['val']['amount'] += $objp->amount; + if (empty($totalarray['val']['amount'])) { + $totalarray['val']['amount'] = $objp->amount; + } else { + $totalarray['val']['amount'] += $objp->amount; + } } // Status From 923e63c8e31bda7139fe3f973c307fb2101ba8da Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Fri, 27 Jan 2023 11:05:06 +0100 Subject: [PATCH 020/227] Trans --- htdocs/langs/en_US/main.lang | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/htdocs/langs/en_US/main.lang b/htdocs/langs/en_US/main.lang index 405417d7da6..f22666c4197 100644 --- a/htdocs/langs/en_US/main.lang +++ b/htdocs/langs/en_US/main.lang @@ -1220,4 +1220,5 @@ NoSpecificContactAddressBis=This tab is dedicated to force specific contacts or HideOnVCard=Hide %s AddToContacts=Add address to my contacts LastAccess=Last access -UploadAnImageToSeeAPhotoHere=Upload an image from the tab %s to see a photo here \ No newline at end of file +UploadAnImageToSeeAPhotoHere=Upload an image from the tab %s to see a photo here +LastPasswordChangeDate=Last password change date \ No newline at end of file From 9c904236c43998d5b04e828fc2b7b93a9a4e0fcb Mon Sep 17 00:00:00 2001 From: Anthony Berton Date: Fri, 27 Jan 2023 11:25:55 +0100 Subject: [PATCH 021/227] NEW - Add hook online sign --- htdocs/public/onlinesign/newonlinesign.php | 27 +++++++++++++++++----- 1 file changed, 21 insertions(+), 6 deletions(-) diff --git a/htdocs/public/onlinesign/newonlinesign.php b/htdocs/public/onlinesign/newonlinesign.php index c47bbd7f734..c6f11e6b2ac 100644 --- a/htdocs/public/onlinesign/newonlinesign.php +++ b/htdocs/public/onlinesign/newonlinesign.php @@ -156,6 +156,8 @@ if ($source == 'proposal') { httponly_accessforbidden($langs->trans('ErrorBadParameters')." - Bad value for source", 400, 1); } +// Initialize technical object to manage hooks of page. Note that conf->hooks_modules contains array of hook context +$hookmanager->initHooks(array('onlinesign')); /* * Actions @@ -346,10 +348,21 @@ if ($source == 'proposal') { print ''."\n"; // Amount - print ''.$langs->trans("Amount"); - print ''; - print ''.price($object->total_ttc, 0, $langs, 1, -1, -1, $conf->currency).''; - print ''."\n"; + $amount = ''.$langs->trans("Amount"); + $amount .= ''; + $amount .= ''.price($object->total_ttc, 0, $langs, 1, -1, -1, $conf->currency).''; + $amount .= ''."\n"; + + // Call Hook formConfirm + $parameters = array('source' => $source); + $reshook = $hookmanager->executeHooks('amountpropalsign', $parameters, $object, $action); // Note that $action and $object may have been modified by hook + if (empty($reshook)) { + $amount .= $hookmanager->resPrint; + } elseif ($reshook > 0) { + $amount = $hookmanager->resPrint; + } + + print $amount; // Object $text = ''.$langs->trans("SignatureProposalRef", $object->ref).''; @@ -457,6 +470,7 @@ if ($source == 'proposal') { $langs->load("fichinter"); $result = $object->fetch_thirdparty($object->socid); + // Proposer print ''.$langs->trans("Proposer"); print ''; @@ -496,13 +510,14 @@ if ($source == 'proposal') { print $langs->trans("DownloadDocument").''; } } - - print ''; print ''; print ''."\n"; } +// Call Hook addformsign +$parameters = array('source' => $source); +$reshook = $hookmanager->executeHooks('addformsign', $parameters, $object, $action); // Note that $action and $object may have been modified by hook if (!$found && !$mesg) { $mesg = $langs->transnoentitiesnoconv("ErrorBadParameters"); From 6715cdec0fa4719920148a29627d23c90edfcbba Mon Sep 17 00:00:00 2001 From: Anthony Berton Date: Fri, 27 Jan 2023 11:27:25 +0100 Subject: [PATCH 022/227] case --- htdocs/public/onlinesign/newonlinesign.php | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/htdocs/public/onlinesign/newonlinesign.php b/htdocs/public/onlinesign/newonlinesign.php index c6f11e6b2ac..e5a195471de 100644 --- a/htdocs/public/onlinesign/newonlinesign.php +++ b/htdocs/public/onlinesign/newonlinesign.php @@ -353,9 +353,9 @@ if ($source == 'proposal') { $amount .= ''.price($object->total_ttc, 0, $langs, 1, -1, -1, $conf->currency).''; $amount .= ''."\n"; - // Call Hook formConfirm + // Call Hook amountPropalSign $parameters = array('source' => $source); - $reshook = $hookmanager->executeHooks('amountpropalsign', $parameters, $object, $action); // Note that $action and $object may have been modified by hook + $reshook = $hookmanager->executeHooks('amountPropalSign', $parameters, $object, $action); // Note that $action and $object may have been modified by hook if (empty($reshook)) { $amount .= $hookmanager->resPrint; } elseif ($reshook > 0) { @@ -515,9 +515,9 @@ if ($source == 'proposal') { print ''."\n"; } -// Call Hook addformsign +// Call Hook addFormSign $parameters = array('source' => $source); -$reshook = $hookmanager->executeHooks('addformsign', $parameters, $object, $action); // Note that $action and $object may have been modified by hook +$reshook = $hookmanager->executeHooks('addFormSign', $parameters, $object, $action); // Note that $action and $object may have been modified by hook if (!$found && !$mesg) { $mesg = $langs->transnoentitiesnoconv("ErrorBadParameters"); From c4245e2c05ede1ac4a0d9072e6d0d822542909c6 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Fri, 27 Jan 2023 11:52:58 +0100 Subject: [PATCH 023/227] Prepare use of upgrade.unlock --- htdocs/install/step5.php | 20 ++++++++++++++------ 1 file changed, 14 insertions(+), 6 deletions(-) diff --git a/htdocs/install/step5.php b/htdocs/install/step5.php index 31b086636f2..c516cc70aef 100644 --- a/htdocs/install/step5.php +++ b/htdocs/install/step5.php @@ -368,13 +368,16 @@ if ($action == "set" || empty($action) || preg_match('/upgrade/i', $action)) { if ($action == "set") { if ($success) { if (empty($conf->global->MAIN_VERSION_LAST_UPGRADE) || ($conf->global->MAIN_VERSION_LAST_UPGRADE == DOL_VERSION)) { - // Install is finished + // Install is finished (database is on same version than files) print '
'.$langs->trans("SystemIsInstalled")."
"; + // Create install.lock file + // No need for the moment to create it automatically, creation by web assistant means permissions are given + // to the web user, it is better to show a warning to say to create it manually with correct user/permission (not erasable by a web process) $createlock = 0; - if (!empty($force_install_lockinstall) || !empty($conf->global->MAIN_ALWAYS_CREATE_LOCK_AFTER_LAST_UPGRADE)) { - // Install is finished, we create the lock file + // Install is finished, we create the "install.lock" file, so install won't be possible anymore. + // TODO Upgrade will be still be possible if a file "upgrade.unlock" is present $lockfile = DOL_DATA_ROOT.'/install.lock'; $fp = @fopen($lockfile, "w"); if ($fp) { @@ -413,13 +416,14 @@ if ($action == "set") { } elseif (empty($action) || preg_match('/upgrade/i', $action)) { // If upgrade if (empty($conf->global->MAIN_VERSION_LAST_UPGRADE) || ($conf->global->MAIN_VERSION_LAST_UPGRADE == DOL_VERSION)) { - // Upgrade is finished + // Upgrade is finished (database is on same version than files) print 'Configuration '.$langs->trans("SystemIsUpgraded")."
"; + // Create install.lock file if it does not exists. + // Note: it should always exists. A better solution to allow upgrade will be to add an upgrade.unlock file $createlock = 0; - if (!empty($force_install_lockinstall) || !empty($conf->global->MAIN_ALWAYS_CREATE_LOCK_AFTER_LAST_UPGRADE)) { - // Upgrade is finished, we create the lock file + // Upgrade is finished, we modify the lock file $lockfile = DOL_DATA_ROOT.'/install.lock'; $fp = @fopen($lockfile, "w"); if ($fp) { @@ -436,6 +440,10 @@ if ($action == "set") { print '
'.$langs->trans("WarningRemoveInstallDir")."
"; } + // Delete the upgrade.unlock file it it exists + $unlockupgradefile = DOL_DATA_ROOT.'/upgrade.unlock'; + dol_delete_file($unlockupgradefile, 0, 0, 0, null, false, 0); + print "
"; $morehtml = '
'; From dfcba305775af1d5fd1fab9515e87a52ee6421c0 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Fri, 27 Jan 2023 14:06:31 +0100 Subject: [PATCH 024/227] FIX Check of date of validity --- htdocs/api/class/api_access.class.php | 18 +++++++------ htdocs/core/lib/security2.lib.php | 3 ++- htdocs/core/login/functions_dolibarr.php | 20 +-------------- htdocs/dav/fileserver.php | 19 +++++++++++--- htdocs/main.inc.php | 23 ++++++++++++----- htdocs/user/class/user.class.php | 32 ++++++++++++++++++++++-- 6 files changed, 76 insertions(+), 39 deletions(-) diff --git a/htdocs/api/class/api_access.class.php b/htdocs/api/class/api_access.class.php index e5cc664fa0e..6874d3faaed 100644 --- a/htdocs/api/class/api_access.class.php +++ b/htdocs/api/class/api_access.class.php @@ -155,17 +155,19 @@ class DolibarrApiAccess implements iAuthenticate throw new RestException(503, 'Error when fetching user. This user has been locked or disabled'); } - $now = dol_now(); - - // Check date start validity - if ($fuser->datestartvalidity && $this->db->jdate($fuser->datestartvalidity) > $now) { - throw new RestException(503, $genericmessageerroruser); - } - // Check date end validity - if ($fuser->dateendvalidity && $this->db->jdate($fuser->dateendvalidity) < dol_get_first_hour($now)) { + // Check if session was unvalidated by a password change + if (($fuser->flagdelsessionsbefore && !empty($_SESSION["dol_logindate"]) && $fuser->flagdelsessionsbefore > $_SESSION["dol_logindate"])) { + // Session is no more valid + dol_syslog("The user has a date for session invalidation = ".$fuser->flagdelsessionsbefore." and a session date = ".$_SESSION["dol_logindate"].". We must invalidate its sessions."); throw new RestException(503, $genericmessageerroruser); } + // Check date validity + if ($fuser->isNotIntoValidityDateRange()) { + // User validity dates are no more valid + dol_syslog("The user login has a validity between [".$fuser->datestartvalidity." and ".$fuser->dateendvalidity."], curren date is ".dol_now()); + throw new RestException(503, $genericmessageerroruser); + } // User seems valid $fuser->getrights(); diff --git a/htdocs/core/lib/security2.lib.php b/htdocs/core/lib/security2.lib.php index f450d390dff..93da106aebd 100644 --- a/htdocs/core/lib/security2.lib.php +++ b/htdocs/core/lib/security2.lib.php @@ -96,7 +96,8 @@ function checkLoginPassEntity($usertotest, $passwordtotest, $entitytotest, $auth // Call function to check user/password $function = 'check_user_password_'.$mode; $login = call_user_func($function, $usertotest, $passwordtotest, $entitytotest, $context); - if ($login && $login != '--bad-login-validity--') { // Login is successfull + if ($login && $login != '--bad-login-validity--') { + // Login is successfull with this method $test = false; // To stop once at first login success $conf->authmode = $mode; // This properties is defined only when logged to say what mode was successfully used /*$dol_tz = GETPOST('tz'); diff --git a/htdocs/core/login/functions_dolibarr.php b/htdocs/core/login/functions_dolibarr.php index 5f4b722ea1c..9b65bf4d877 100644 --- a/htdocs/core/login/functions_dolibarr.php +++ b/htdocs/core/login/functions_dolibarr.php @@ -74,24 +74,6 @@ function check_user_password_dolibarr($usertotest, $passwordtotest, $entitytotes if ($resql) { $obj = $db->fetch_object($resql); if ($obj) { - $now = dol_now(); - // Check date start validity - if ($obj->datestartvalidity && $db->jdate($obj->datestartvalidity) > $now) { - // Load translation files required by the page - $langs->loadLangs(array('main', 'errors')); - $_SESSION["dol_loginmesg"] = $langs->transnoentitiesnoconv("ErrorLoginDateValidity"); - dol_syslog("functions_dolibarr::check_user_password_dolibarr bad datestart validity", LOG_WARNING); - return '--bad-login-validity--'; - } - // Check date end validity - if ($obj->dateendvalidity && $db->jdate($obj->dateendvalidity) < dol_get_first_hour($now)) { - // Load translation files required by the page - $langs->loadLangs(array('main', 'errors')); - $_SESSION["dol_loginmesg"] = $langs->transnoentitiesnoconv("ErrorLoginDateValidity"); - dol_syslog("functions_dolibarr::check_user_password_dolibarr bad date end validity", LOG_WARNING); - return '--bad-login-validity--'; - } - $passclear = $obj->pass; $passcrypted = $obj->pass_crypted; $passtyped = $passwordtotest; @@ -121,7 +103,7 @@ function check_user_password_dolibarr($usertotest, $passwordtotest, $entitytotes if ((!$passcrypted || $passtyped) && ($passclear && ($passtyped == $passclear))) { $passok = true; - dol_syslog("functions_dolibarr::check_user_password_dolibarr Authentification ok - found pass in database"); + dol_syslog("functions_dolibarr::check_user_password_dolibarr Authentification ok - found old pass in database", LOG_WARNING); } } diff --git a/htdocs/dav/fileserver.php b/htdocs/dav/fileserver.php index 7abe3f2bacf..15d9cd1764f 100644 --- a/htdocs/dav/fileserver.php +++ b/htdocs/dav/fileserver.php @@ -92,8 +92,7 @@ $tmpDir = $conf->dav->multidir_output[$entity]; // We need root dir, not a dir t // Authentication callback function $authBackend = new \Sabre\DAV\Auth\Backend\BasicCallBack(function ($username, $password) { - global $user; - global $conf; + global $user, $conf; global $dolibarr_main_authentication, $dolibarr_auto_user; if (empty($user->login)) { @@ -101,7 +100,7 @@ $authBackend = new \Sabre\DAV\Auth\Backend\BasicCallBack(function ($username, $p return false; } if ($user->socid > 0) { - dol_syslog("Failed to authenticate to DAV, use is an external user", LOG_WARNING); + dol_syslog("Failed to authenticate to DAV, user is an external user", LOG_WARNING); return false; } if ($user->login != $username) { @@ -132,6 +131,20 @@ $authBackend = new \Sabre\DAV\Auth\Backend\BasicCallBack(function ($username, $p return false; } + // Check if session was unvalidated by a password change + if (($user->flagdelsessionsbefore && !empty($_SESSION["dol_logindate"]) && $user->flagdelsessionsbefore > $_SESSION["dol_logindate"])) { + // Session is no more valid + dol_syslog("The user has a date for session invalidation = ".$user->flagdelsessionsbefore." and a session date = ".$_SESSION["dol_logindate"].". We must invalidate its sessions."); + return false; + } + + // Check date validity + if ($user->isNotIntoValidityDateRange()) { + // User validity dates are no more valid + dol_syslog("The user login has a validity between [".$user->datestartvalidity." and ".$user->dateendvalidity."], curren date is ".dol_now()); + return false; + } + return true; }); diff --git a/htdocs/main.inc.php b/htdocs/main.inc.php index 115be3cf0cf..24ce10ea7c1 100644 --- a/htdocs/main.inc.php +++ b/htdocs/main.inc.php @@ -879,8 +879,8 @@ if (!defined('NOLOGIN')) { exit; } - $resultFetchUser = $user->fetch('', $login, '', 1, ($entitytotest > 0 ? $entitytotest : -1)); // login was retrieved previously when checking password. - if ($resultFetchUser <= 0) { + $resultFetchUser = $user->fetch('', $login, '', 1, ($entitytotest > 0 ? $entitytotest : -1)); // value for $login was retrieved previously when checking password. + if ($resultFetchUser <= 0 || $user->isNotIntoValidityDateRange()) { dol_syslog('User not found, connexion refused'); session_destroy(); session_set_cookie_params(0, '/', null, (empty($dolibarr_main_force_https) ? false : true), true); // Add tag secure and httponly on session cookie @@ -894,11 +894,17 @@ if (!defined('NOLOGIN')) { $_SESSION["dol_loginmesg"] = $langs->transnoentitiesnoconv("ErrorCantLoadUserFromDolibarrDatabase", $login); $user->trigger_mesg = 'ErrorCantLoadUserFromDolibarrDatabase - login='.$login; - } - if ($resultFetchUser < 0) { + } elseif ($resultFetchUser < 0) { $_SESSION["dol_loginmesg"] = $user->error; $user->trigger_mesg = $user->error; + } else { + // Load translation files required by the page + $langs->loadLangs(array('main', 'errors')); + + $_SESSION["dol_loginmesg"] = $langs->transnoentitiesnoconv("ErrorLoginDateValidity"); + + $user->trigger_mesg = $langs->trans("ErrorLoginDateValidity").' - login='.$login; } // Call trigger @@ -943,13 +949,18 @@ if (!defined('NOLOGIN')) { dol_syslog("- This is an already logged session. _SESSION['dol_login']=".$login." _SESSION['dol_entity']=".$entity, LOG_DEBUG); $resultFetchUser = $user->fetch('', $login, '', 1, ($entity > 0 ? $entity : -1)); - if ($resultFetchUser <= 0 || ($user->flagdelsessionsbefore && !empty($_SESSION["dol_logindate"]) && $user->flagdelsessionsbefore > $_SESSION["dol_logindate"])) { + if ($resultFetchUser <= 0 + || ($user->flagdelsessionsbefore && !empty($_SESSION["dol_logindate"]) && $user->flagdelsessionsbefore > $_SESSION["dol_logindate"]) + || ($user->isNotIntoValidtyDateRange())) { if ($resultFetchUser <= 0) { // Account has been removed after login dol_syslog("Can't load user even if session logged. _SESSION['dol_login']=".$login, LOG_WARNING); - } else { + } elseif ($user->flagdelsessionsbefore && !empty($_SESSION["dol_logindate"]) && $user->flagdelsessionsbefore > $_SESSION["dol_logindate"]) { // Session is no more valid dol_syslog("The user has a date for session invalidation = ".$user->flagdelsessionsbefore." and a session date = ".$_SESSION["dol_logindate"].". We must invalidate its sessions."); + } else { + // User validity dates are no more valid + dol_syslog("The user login has a validity between [".$user->datestartvalidity." and ".$user->dateendvalidity."], curren date is ".dol_now()); } session_destroy(); session_set_cookie_params(0, '/', null, (empty($dolibarr_main_force_https) ? false : true), true); // Add tag secure and httponly on session cookie diff --git a/htdocs/user/class/user.class.php b/htdocs/user/class/user.class.php index b32c23ab7fc..f8d437d4fa0 100644 --- a/htdocs/user/class/user.class.php +++ b/htdocs/user/class/user.class.php @@ -1885,8 +1885,12 @@ class User extends CommonObject $this->employee = ($this->employee > 0 ? $this->employee : 0); $this->login = trim((string) $this->login); $this->gender = trim((string) $this->gender); + $this->pass = trim((string) $this->pass); $this->api_key = trim((string) $this->api_key); + $this->datestartvalidity = empty($this->datestartvalidity) ? '' : $this->datestartvalidity; + $this->dateendvalidity = empty($this->dateendvalidity) ? '' : $this->dateendvalidity; + $this->address = trim((string) $this->address); $this->zip = trim((string) $this->zip); $this->town = trim((string) $this->town); @@ -1911,8 +1915,7 @@ class User extends CommonObject $this->color = trim((string) $this->color); $this->dateemployment = empty($this->dateemployment) ? '' : $this->dateemployment; $this->dateemploymentend = empty($this->dateemploymentend) ? '' : $this->dateemploymentend; - $this->datestartvalidity = empty($this->datestartvalidity) ? '' : $this->datestartvalidity; - $this->dateendvalidity = empty($this->dateendvalidity) ? '' : $this->dateendvalidity; + $this->birth = empty($this->birth) ? '' : $this->birth; $this->fk_warehouse = (int) $this->fk_warehouse; @@ -2695,6 +2698,31 @@ class User extends CommonObject } + /** + * Return a link with photo + * Use this->id,this->photo + * + * @return int 0=No more valid, >0 if OK + */ + public function isNotIntoValidtyDateRange() + { + include_once DOL_DOCUMENT_ROOT.'/core/lib/date.lib.php'; + + $now = dol_now(); + + // Check date start validity + if ($this->datestartvalidity && $this->datestartvalidity > dol_get_last_hour($now)) { + return 0; + } + // Check date end validity + if ($this->dateendvalidity && $this->dateendvalidity < dol_get_first_hour($now)) { + return 0; + } + + return 1; + } + + /** * Return a link with photo * Use this->id,this->photo From e7c63bfe1ba64c520bf382f62bb467ba3e8265cf Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Fri, 27 Jan 2023 14:27:51 +0100 Subject: [PATCH 025/227] FIX Check of date of validity --- htdocs/langs/en_US/errors.lang | 2 +- htdocs/main.inc.php | 7 +++++-- htdocs/user/class/user.class.php | 12 +++++++----- 3 files changed, 13 insertions(+), 8 deletions(-) diff --git a/htdocs/langs/en_US/errors.lang b/htdocs/langs/en_US/errors.lang index b779c901b54..240dd7c4c41 100644 --- a/htdocs/langs/en_US/errors.lang +++ b/htdocs/langs/en_US/errors.lang @@ -303,7 +303,7 @@ ErrorValueForTooLow=Value for %s is too low ErrorValueCantBeNull=Value for %s can't be null ErrorDateOfMovementLowerThanDateOfFileTransmission=The date of the bank transaction can't be lower than the date of the file transmission ErrorTooMuchFileInForm=Too much files in form, the maximum number is %s file(s) -ErrorSessionInvalidatedAfterPasswordChange=The session was invalidated after a password change. Please relogin. +ErrorSessionInvalidatedAfterPasswordChange=The session was invalidated after a password or dates of validity change. Please relogin. # Warnings WarningParamUploadMaxFileSizeHigherThanPostMaxSize=Your PHP parameter upload_max_filesize (%s) is higher than PHP parameter post_max_size (%s). This is not a consistent setup. diff --git a/htdocs/main.inc.php b/htdocs/main.inc.php index 24ce10ea7c1..df62eea68c4 100644 --- a/htdocs/main.inc.php +++ b/htdocs/main.inc.php @@ -881,7 +881,7 @@ if (!defined('NOLOGIN')) { $resultFetchUser = $user->fetch('', $login, '', 1, ($entitytotest > 0 ? $entitytotest : -1)); // value for $login was retrieved previously when checking password. if ($resultFetchUser <= 0 || $user->isNotIntoValidityDateRange()) { - dol_syslog('User not found, connexion refused'); + dol_syslog('User not found or not valid, connexion refused'); session_destroy(); session_set_cookie_params(0, '/', null, (empty($dolibarr_main_force_https) ? false : true), true); // Add tag secure and httponly on session cookie session_name($sessionname); @@ -949,9 +949,12 @@ if (!defined('NOLOGIN')) { dol_syslog("- This is an already logged session. _SESSION['dol_login']=".$login." _SESSION['dol_entity']=".$entity, LOG_DEBUG); $resultFetchUser = $user->fetch('', $login, '', 1, ($entity > 0 ? $entity : -1)); + + //var_dump(dol_print_date($user->flagdelsessionsbefore, 'dayhour', 'gmt')." ".dol_print_date($_SESSION["dol_logindate"], 'dayhour', 'gmt')); + if ($resultFetchUser <= 0 || ($user->flagdelsessionsbefore && !empty($_SESSION["dol_logindate"]) && $user->flagdelsessionsbefore > $_SESSION["dol_logindate"]) - || ($user->isNotIntoValidtyDateRange())) { + || ($user->isNotIntoValidityDateRange())) { if ($resultFetchUser <= 0) { // Account has been removed after login dol_syslog("Can't load user even if session logged. _SESSION['dol_login']=".$login, LOG_WARNING); diff --git a/htdocs/user/class/user.class.php b/htdocs/user/class/user.class.php index f8d437d4fa0..2893378bdd9 100644 --- a/htdocs/user/class/user.class.php +++ b/htdocs/user/class/user.class.php @@ -2702,24 +2702,26 @@ class User extends CommonObject * Return a link with photo * Use this->id,this->photo * - * @return int 0=No more valid, >0 if OK + * @return int 0=Valid, >0 if not valid */ - public function isNotIntoValidtyDateRange() + public function isNotIntoValidityDateRange() { include_once DOL_DOCUMENT_ROOT.'/core/lib/date.lib.php'; $now = dol_now(); + //dol_syslog("isNotIntoValidityDateRange ".$this->datestartvalidity); + // Check date start validity if ($this->datestartvalidity && $this->datestartvalidity > dol_get_last_hour($now)) { - return 0; + return 1; } // Check date end validity if ($this->dateendvalidity && $this->dateendvalidity < dol_get_first_hour($now)) { - return 0; + return 1; } - return 1; + return 0; } From 0765a1196f421c4aeff269c416985ea4d61ddf00 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Fri, 27 Jan 2023 14:27:51 +0100 Subject: [PATCH 026/227] FIX Check of date of validity --- htdocs/api/class/api_access.class.php | 9 +++++++-- htdocs/dav/fileserver.php | 7 +++++++ htdocs/langs/en_US/errors.lang | 2 +- htdocs/main.inc.php | 11 +++++++++-- htdocs/user/class/user.class.php | 12 +++++++----- 5 files changed, 31 insertions(+), 10 deletions(-) diff --git a/htdocs/api/class/api_access.class.php b/htdocs/api/class/api_access.class.php index 6874d3faaed..541682101c6 100644 --- a/htdocs/api/class/api_access.class.php +++ b/htdocs/api/class/api_access.class.php @@ -144,6 +144,7 @@ class DolibarrApiAccess implements iAuthenticate throw new RestException(503, 'Error when searching login user from api key'); } + $genericmessageerroruser = 'Error user not valid (not found or bad status or bad validity dates) (conf->entity='.$conf->entity.')'; $fuser = new User($this->db); @@ -151,8 +152,12 @@ class DolibarrApiAccess implements iAuthenticate if ($result <= 0) { throw new RestException(503, $genericmessageerroruser); } - if ($fuser->statut == 0) { - throw new RestException(503, 'Error when fetching user. This user has been locked or disabled'); + + // Check if user status is enabled + if ($fuser->statut != $fuser::STATUS_ENABLED) { + // Status is disabled + dol_syslog("The user has been disabled"); + throw new RestException(503, $genericmessageerroruser); } // Check if session was unvalidated by a password change diff --git a/htdocs/dav/fileserver.php b/htdocs/dav/fileserver.php index 15d9cd1764f..af23fde5fff 100644 --- a/htdocs/dav/fileserver.php +++ b/htdocs/dav/fileserver.php @@ -131,6 +131,13 @@ $authBackend = new \Sabre\DAV\Auth\Backend\BasicCallBack(function ($username, $p return false; } + // Check if user status is enabled + if ($user->statut != $user::STATUS_ENABLED) { + // Status is disabled + dol_syslog("The user has been disabled."); + return false; + } + // Check if session was unvalidated by a password change if (($user->flagdelsessionsbefore && !empty($_SESSION["dol_logindate"]) && $user->flagdelsessionsbefore > $_SESSION["dol_logindate"])) { // Session is no more valid diff --git a/htdocs/langs/en_US/errors.lang b/htdocs/langs/en_US/errors.lang index b779c901b54..240dd7c4c41 100644 --- a/htdocs/langs/en_US/errors.lang +++ b/htdocs/langs/en_US/errors.lang @@ -303,7 +303,7 @@ ErrorValueForTooLow=Value for %s is too low ErrorValueCantBeNull=Value for %s can't be null ErrorDateOfMovementLowerThanDateOfFileTransmission=The date of the bank transaction can't be lower than the date of the file transmission ErrorTooMuchFileInForm=Too much files in form, the maximum number is %s file(s) -ErrorSessionInvalidatedAfterPasswordChange=The session was invalidated after a password change. Please relogin. +ErrorSessionInvalidatedAfterPasswordChange=The session was invalidated after a password or dates of validity change. Please relogin. # Warnings WarningParamUploadMaxFileSizeHigherThanPostMaxSize=Your PHP parameter upload_max_filesize (%s) is higher than PHP parameter post_max_size (%s). This is not a consistent setup. diff --git a/htdocs/main.inc.php b/htdocs/main.inc.php index 24ce10ea7c1..8a4efc8466b 100644 --- a/htdocs/main.inc.php +++ b/htdocs/main.inc.php @@ -881,7 +881,7 @@ if (!defined('NOLOGIN')) { $resultFetchUser = $user->fetch('', $login, '', 1, ($entitytotest > 0 ? $entitytotest : -1)); // value for $login was retrieved previously when checking password. if ($resultFetchUser <= 0 || $user->isNotIntoValidityDateRange()) { - dol_syslog('User not found, connexion refused'); + dol_syslog('User not found or not valid, connexion refused'); session_destroy(); session_set_cookie_params(0, '/', null, (empty($dolibarr_main_force_https) ? false : true), true); // Add tag secure and httponly on session cookie session_name($sessionname); @@ -949,15 +949,22 @@ if (!defined('NOLOGIN')) { dol_syslog("- This is an already logged session. _SESSION['dol_login']=".$login." _SESSION['dol_entity']=".$entity, LOG_DEBUG); $resultFetchUser = $user->fetch('', $login, '', 1, ($entity > 0 ? $entity : -1)); + + //var_dump(dol_print_date($user->flagdelsessionsbefore, 'dayhour', 'gmt')." ".dol_print_date($_SESSION["dol_logindate"], 'dayhour', 'gmt')); + if ($resultFetchUser <= 0 || ($user->flagdelsessionsbefore && !empty($_SESSION["dol_logindate"]) && $user->flagdelsessionsbefore > $_SESSION["dol_logindate"]) - || ($user->isNotIntoValidtyDateRange())) { + || ($user->status != $user::STATUS_ENABLED) + || ($user->isNotIntoValidityDateRange())) { if ($resultFetchUser <= 0) { // Account has been removed after login dol_syslog("Can't load user even if session logged. _SESSION['dol_login']=".$login, LOG_WARNING); } elseif ($user->flagdelsessionsbefore && !empty($_SESSION["dol_logindate"]) && $user->flagdelsessionsbefore > $_SESSION["dol_logindate"]) { // Session is no more valid dol_syslog("The user has a date for session invalidation = ".$user->flagdelsessionsbefore." and a session date = ".$_SESSION["dol_logindate"].". We must invalidate its sessions."); + } elseif ($user->status != $user::STATUS_ENABLED) { + // User is not enabled + dol_syslog("The user login is disabled"); } else { // User validity dates are no more valid dol_syslog("The user login has a validity between [".$user->datestartvalidity." and ".$user->dateendvalidity."], curren date is ".dol_now()); diff --git a/htdocs/user/class/user.class.php b/htdocs/user/class/user.class.php index f8d437d4fa0..2893378bdd9 100644 --- a/htdocs/user/class/user.class.php +++ b/htdocs/user/class/user.class.php @@ -2702,24 +2702,26 @@ class User extends CommonObject * Return a link with photo * Use this->id,this->photo * - * @return int 0=No more valid, >0 if OK + * @return int 0=Valid, >0 if not valid */ - public function isNotIntoValidtyDateRange() + public function isNotIntoValidityDateRange() { include_once DOL_DOCUMENT_ROOT.'/core/lib/date.lib.php'; $now = dol_now(); + //dol_syslog("isNotIntoValidityDateRange ".$this->datestartvalidity); + // Check date start validity if ($this->datestartvalidity && $this->datestartvalidity > dol_get_last_hour($now)) { - return 0; + return 1; } // Check date end validity if ($this->dateendvalidity && $this->dateendvalidity < dol_get_first_hour($now)) { - return 0; + return 1; } - return 1; + return 0; } From 9ecd2c4beef7af17e3e029e05a12827cb12c63b1 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Fri, 27 Jan 2023 14:47:43 +0100 Subject: [PATCH 027/227] Trans --- htdocs/langs/en_US/errors.lang | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/langs/en_US/errors.lang b/htdocs/langs/en_US/errors.lang index 240dd7c4c41..50d5c0e90d7 100644 --- a/htdocs/langs/en_US/errors.lang +++ b/htdocs/langs/en_US/errors.lang @@ -303,7 +303,7 @@ ErrorValueForTooLow=Value for %s is too low ErrorValueCantBeNull=Value for %s can't be null ErrorDateOfMovementLowerThanDateOfFileTransmission=The date of the bank transaction can't be lower than the date of the file transmission ErrorTooMuchFileInForm=Too much files in form, the maximum number is %s file(s) -ErrorSessionInvalidatedAfterPasswordChange=The session was invalidated after a password or dates of validity change. Please relogin. +ErrorSessionInvalidatedAfterPasswordChange=The session was been invalidated following a change of password, status or dates of validity. Please relogin. # Warnings WarningParamUploadMaxFileSizeHigherThanPostMaxSize=Your PHP parameter upload_max_filesize (%s) is higher than PHP parameter post_max_size (%s). This is not a consistent setup. From 2a104af20e111b7c92bbd9e7e375a2b2bc3cee14 Mon Sep 17 00:00:00 2001 From: Anthony Berton Date: Fri, 27 Jan 2023 15:11:14 +0100 Subject: [PATCH 028/227] Cop --- htdocs/public/onlinesign/newonlinesign.php | 1 + 1 file changed, 1 insertion(+) diff --git a/htdocs/public/onlinesign/newonlinesign.php b/htdocs/public/onlinesign/newonlinesign.php index e5a195471de..cd793a91bfc 100644 --- a/htdocs/public/onlinesign/newonlinesign.php +++ b/htdocs/public/onlinesign/newonlinesign.php @@ -2,6 +2,7 @@ /* Copyright (C) 2001-2002 Rodolphe Quiedeville * Copyright (C) 2006-2017 Laurent Destailleur * Copyright (C) 2009-2012 Regis Houssin + * Copyright (C) 2023 anthony Berton * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by From 791a69dd09b8c487f57ce4b7175f22f68355e732 Mon Sep 17 00:00:00 2001 From: Alexandre SPANGARO Date: Sat, 28 Jan 2023 04:48:55 +0100 Subject: [PATCH 029/227] FIX Accountancy - Quadra export --- .../class/accountancyexport.class.php | 22 +++++++++++++------ 1 file changed, 15 insertions(+), 7 deletions(-) diff --git a/htdocs/accountancy/class/accountancyexport.class.php b/htdocs/accountancy/class/accountancyexport.class.php index 73035c55d5d..2215ed1352e 100644 --- a/htdocs/accountancy/class/accountancyexport.class.php +++ b/htdocs/accountancy/class/accountancyexport.class.php @@ -5,7 +5,7 @@ * Copyright (C) 2015 Florian Henry * Copyright (C) 2015 Raphaël Doursenaud * Copyright (C) 2016 Pierre-Henry Favre - * Copyright (C) 2016-2021 Alexandre Spangaro + * Copyright (C) 2016-2023 Alexandre Spangaro * Copyright (C) 2013-2017 Olivier Geffroy * Copyright (C) 2017 Elarifr. Ari Elbaz * Copyright (C) 2017-2019 Frédéric France @@ -518,7 +518,7 @@ class AccountancyExport /** * Export format : Quadratus (Format ASCII) * Format since 2015 compatible QuadraCOMPTA - * Last review for this format : 2021/09/13 Alexandre Spangaro (aspangaro@open-dsi.fr) + * Last review for this format : 2023/01/28 Alexandre Spangaro (aspangaro@open-dsi.fr) * * Help : https://docplayer.fr/20769649-Fichier-d-entree-ascii-dans-quadracompta.html * In QuadraCompta | Use menu : "Outils" > "Suivi des dossiers" > "Import ASCII(Compta)" @@ -536,6 +536,14 @@ class AccountancyExport // $date_ecriture = dol_print_date(dol_now(), $conf->global->ACCOUNTING_EXPORT_DATE); // format must be ddmmyy // $date_ecriture = dol_print_date(time(), $conf->global->ACCOUNTING_EXPORT_DATE); // format must be ddmmyy foreach ($TData as $data) { + // Clean some data + $data->doc_ref = dol_string_unaccent($data->doc_ref); + $data->label_operation = dol_string_unaccent($data->label_operation); + $data->numero_compte = dol_string_unaccent($data->numero_compte); + $data->label_compte = dol_string_unaccent($data->label_compte); + $data->subledger_account = dol_string_unaccent($data->subledger_account); + $data->subledger_label = dol_string_unaccent($data->subledger_label); + $code_compta = $data->numero_compte; if (!empty($data->subledger_account)) { $code_compta = $data->subledger_account; @@ -567,9 +575,9 @@ class AccountancyExport if ($data->doc_type == 'customer_invoice') { $Tab['type_compte'] = 'C'; } elseif ($data->doc_type == 'supplier_invoice') { - $Tab['coll_compte'] = 'F'; + $Tab['type_compte'] = 'F'; } else { - $Tab['coll_compte'] = 'G'; + $Tab['type_compte'] = 'G'; } $Tab['filler3'] = str_repeat(' ', 235); @@ -590,7 +598,7 @@ class AccountancyExport //$Tab['date_ecriture'] = $date_ecriture; $Tab['date_ecriture'] = dol_print_date($data->doc_date, '%d%m%y'); $Tab['filler'] = ' '; - $Tab['libelle_ecriture'] = str_pad(self::trunc(dol_string_unaccent($data->doc_ref).' '.dol_string_unaccent($data->label_operation), 20), 20); + $Tab['libelle_ecriture'] = str_pad(self::trunc($data->doc_ref.' '.$data->label_operation, 20), 20); // Credit invoice - invert sens /* @@ -640,8 +648,8 @@ class AccountancyExport // TODO: we should filter more than only accent to avoid wrong line size // TODO: remove invoice number doc_ref in libelle, // TODO: we should offer an option for customer to build the libelle using invoice number / name / date in accounting software - //$Tab['libelle_ecriture2'] = str_pad(self::trunc(dol_string_unaccent($data->doc_ref) . ' ' . dol_string_unaccent($data->label_operation), 30), 30); - $Tab['libelle_ecriture2'] = str_pad(self::trunc(dol_string_unaccent($data->label_operation), 30), 30); + //$Tab['libelle_ecriture2'] = str_pad(self::trunc($data->doc_ref . ' ' . $data->label_operation, 30), 30); + $Tab['libelle_ecriture2'] = str_pad(self::trunc($data->label_operation, 30), 30); $Tab['codetva'] = str_repeat(' ', 2); // We need to keep the 10 lastest number of invoice doc_ref not the beginning part that is the unusefull almost same part From a27642cbfe91dd09627af0ab7600e9d5602aedf7 Mon Sep 17 00:00:00 2001 From: Philippe GRAND Date: Sat, 28 Jan 2023 10:32:07 +0100 Subject: [PATCH 030/227] better comment --- htdocs/core/class/commondocgenerator.class.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/htdocs/core/class/commondocgenerator.class.php b/htdocs/core/class/commondocgenerator.class.php index b4eddcc252f..dda475e8c89 100644 --- a/htdocs/core/class/commondocgenerator.class.php +++ b/htdocs/core/class/commondocgenerator.class.php @@ -1279,7 +1279,7 @@ abstract class CommonDocGenerator $extrafieldOptionsKey = $extrafieldsKeyPrefix.$extrafieldKey; - // Load extrafiels if not allready does + // Load extra fields if they haven't been loaded already. if (empty($this->extrafieldsCache)) { $this->extrafieldsCache = new ExtraFields($this->db); } @@ -1605,7 +1605,7 @@ abstract class CommonDocGenerator return 0; } - // Load extrafiels if not allready does + // Load extra fields if they haven't been loaded already. if (empty($this->extrafieldsCache)) { $this->extrafieldsCache = new ExtraFields($this->db); } From 6cfe70dfe5144b07ef2c63bd6e74a96c12bcc9e9 Mon Sep 17 00:00:00 2001 From: Philippe GRAND Date: Sat, 28 Jan 2023 10:36:34 +0100 Subject: [PATCH 031/227] fix : Warning: Undefined array key label --- htdocs/core/class/commondocgenerator.class.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/core/class/commondocgenerator.class.php b/htdocs/core/class/commondocgenerator.class.php index dda475e8c89..9d18fccf423 100644 --- a/htdocs/core/class/commondocgenerator.class.php +++ b/htdocs/core/class/commondocgenerator.class.php @@ -1615,7 +1615,7 @@ abstract class CommonDocGenerator $extrafields = $this->extrafieldsCache; - if (!empty($extrafields->attributes[$object->table_element]) && is_array($extrafields->attributes[$object->table_element]['label'])) { + if (!empty($extrafields->attributes[$object->table_element]) && is_array($extrafields->attributes[$object->table_element]) && array_key_exists('label', $extrafields->attributes[$object->table_element]) && is_array($extrafields->attributes[$object->table_element]['label'])) { foreach ($extrafields->attributes[$object->table_element]['label'] as $key => $label) { // Dont display separator yet even is set to be displayed (not compatible yet) if ($extrafields->attributes[$object->table_element]['type'][$key] == 'separate') { From d3b1ee367ac0dec93e5d5be52a6f2b7a40500ff3 Mon Sep 17 00:00:00 2001 From: Eric Seigne Date: Sat, 28 Jan 2023 14:27:45 +0100 Subject: [PATCH 032/227] fix #23716 : handle hookmanagers returns --- htdocs/public/payment/newpayment.php | 23 ++++++++++++++++++++++- 1 file changed, 22 insertions(+), 1 deletion(-) diff --git a/htdocs/public/payment/newpayment.php b/htdocs/public/payment/newpayment.php index 9cecbc90885..69ce8977030 100644 --- a/htdocs/public/payment/newpayment.php +++ b/htdocs/public/payment/newpayment.php @@ -212,6 +212,11 @@ $parameters = [ 'validpaymentmethod' => &$validpaymentmethod ]; $reshook = $hookmanager->executeHooks('doValidatePayment', $parameters, $object, $action); +if ($reshook < 0) { + setEventMessages($hookmanager->error, $hookmanager->errors, 'errors'); +} elseif ($reshook > 0) { + print $hookmanager->resPrint; +} // Check security token $valid = true; @@ -1674,6 +1679,12 @@ if ($action != 'dopayment') 'object' => $object ]; $reshook = $hookmanager->executeHooks('doCheckStatus', $parameters, $object, $action); + if ($reshook < 0) { + setEventMessages($hookmanager->error, $hookmanager->errors, 'errors'); + } elseif ($reshook > 0) { + print $hookmanager->resPrint; + } + if ($source == 'order' && $object->billed) { print '

'.$langs->trans("OrderBilled").''; @@ -1699,6 +1710,12 @@ if ($action != 'dopayment') 'paymentmethod' => $paymentmethod ]; $reshook = $hookmanager->executeHooks('doAddButton', $parameters, $object, $action); + if ($reshook < 0) { + setEventMessages($hookmanager->error, $hookmanager->errors, 'errors'); + } elseif ($reshook > 0) { + print $hookmanager->resPrint; + } + if ((empty($paymentmethod) || $paymentmethod == 'paybox') && !empty($conf->paybox->enabled)) { print '
'; @@ -2299,9 +2316,13 @@ if (preg_match('/^dopayment/', $action)) // If we choosed/click on the payment 'dopayment' => GETPOST('dopayment', 'alpha') ]; $reshook = $hookmanager->executeHooks('doPayment', $parameters, $object, $action); + if ($reshook < 0) { + setEventMessages($hookmanager->error, $hookmanager->errors, 'errors'); + } elseif ($reshook > 0) { + print $hookmanager->resPrint; + } } - htmlPrintOnlinePaymentFooter($mysoc, $langs, 1, $suffix, $object); llxFooter('', 'public'); From f4bfe865214047ebdec4deefb901469e9f2b4016 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Sat, 28 Jan 2023 17:48:43 +0100 Subject: [PATCH 033/227] css --- htdocs/product/class/product.class.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/product/class/product.class.php b/htdocs/product/class/product.class.php index d464871941a..2a1ac8dc932 100644 --- a/htdocs/product/class/product.class.php +++ b/htdocs/product/class/product.class.php @@ -515,7 +515,7 @@ class Product extends CommonObject 'rowid' => array('type'=>'integer', 'label'=>'TechnicalID', 'enabled'=>1, 'visible'=>-2, 'notnull'=>1, 'index'=>1, 'position'=>1, 'comment'=>'Id'), 'ref' =>array('type'=>'varchar(128)', 'label'=>'Ref', 'enabled'=>1, 'visible'=>1, 'notnull'=>1, 'showoncombobox'=>1, 'index'=>1, 'position'=>10, 'searchall'=>1, 'comment'=>'Reference of object'), 'entity' =>array('type'=>'integer', 'label'=>'Entity', 'enabled'=>1, 'visible'=>0, 'default'=>1, 'notnull'=>1, 'index'=>1, 'position'=>5), - 'label' =>array('type'=>'varchar(255)', 'label'=>'Label', 'enabled'=>1, 'visible'=>1, 'notnull'=>1, 'showoncombobox'=>2, 'position'=>15), + 'label' =>array('type'=>'varchar(255)', 'label'=>'Label', 'enabled'=>1, 'visible'=>1, 'notnull'=>1, 'showoncombobox'=>2, 'position'=>15, 'csslist'=>'tdoverflowmax250'), 'barcode' =>array('type'=>'varchar(255)', 'label'=>'Barcode', 'enabled'=>'isModEnabled("barcode")', 'position'=>20, 'visible'=>-1, 'showoncombobox'=>3), 'fk_barcode_type' => array('type'=>'integer', 'label'=>'BarcodeType', 'enabled'=>'1', 'position'=>21, 'notnull'=>0, 'visible'=>-1,), 'note_public' =>array('type'=>'html', 'label'=>'NotePublic', 'enabled'=>1, 'visible'=>0, 'position'=>61), From a2a18ffb7173f05befdab55ebe8e827df39af969 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Sat, 28 Jan 2023 18:35:01 +0100 Subject: [PATCH 034/227] Trans --- htdocs/langs/en_US/mrp.lang | 1 + 1 file changed, 1 insertion(+) diff --git a/htdocs/langs/en_US/mrp.lang b/htdocs/langs/en_US/mrp.lang index 6bdea0cc951..82cf7c38012 100644 --- a/htdocs/langs/en_US/mrp.lang +++ b/htdocs/langs/en_US/mrp.lang @@ -102,6 +102,7 @@ NbOperatorsRequired=Number of operators required THMOperatorEstimated=Estimated operator THM THMMachineEstimated=Estimated machine THM WorkstationType=Workstation type +DefaultWorkstation=Default workstation Human=Human Machine=Machine HumanMachine=Human / Machine From da3e228504bb3444c5e29af99cfd9159d95d536f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20FRANCE?= Date: Sat, 28 Jan 2023 18:45:37 +0100 Subject: [PATCH 035/227] input is too small --- htdocs/admin/mails_senderprofile_list.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/admin/mails_senderprofile_list.php b/htdocs/admin/mails_senderprofile_list.php index 95f57d5dfc5..a73b899dd00 100644 --- a/htdocs/admin/mails_senderprofile_list.php +++ b/htdocs/admin/mails_senderprofile_list.php @@ -416,7 +416,7 @@ if ($action != 'create') { print ''.$langs->trans("Label").''; print ''.$langs->trans("Email").''; print img_picto('', 'email', 'class="pictofixedwidth"'); - print ''; + print ''; print ''.$langs->trans("Signature").''; require_once DOL_DOCUMENT_ROOT.'/core/class/doleditor.class.php'; $doleditor = new DolEditor('signature', GETPOST('signature'), '', 138, 'dolibarr_notes', 'In', true, true, empty($conf->global->FCKEDITOR_ENABLE_USERSIGN) ? 0 : 1, ROWS_4, '90%'); From 474f5d74a2262b8d3937f5cd398269e5ba038eae Mon Sep 17 00:00:00 2001 From: notmarrco Date: Sun, 29 Jan 2023 01:31:44 +0100 Subject: [PATCH 036/227] feat(invoice): Add bankline id to listOfPayments fields --- htdocs/core/class/commoninvoice.class.php | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/htdocs/core/class/commoninvoice.class.php b/htdocs/core/class/commoninvoice.class.php index d1eb324cc7f..dd0ec988062 100644 --- a/htdocs/core/class/commoninvoice.class.php +++ b/htdocs/core/class/commoninvoice.class.php @@ -332,6 +332,7 @@ abstract class CommonInvoice extends CommonObject $field = 'fk_facture'; $field2 = 'fk_paiement'; $field3 = ', p.ref_ext'; + $field4 = ', p.fk_bank'; // Bank line id $sharedentity = 'facture'; if ($this->element == 'facture_fourn' || $this->element == 'invoice_supplier') { $table = 'paiementfourn_facturefourn'; @@ -342,7 +343,7 @@ abstract class CommonInvoice extends CommonObject $sharedentity = 'facture_fourn'; } - $sql = "SELECT p.ref, pf.amount, pf.multicurrency_amount, p.fk_paiement, p.datep, p.num_paiement as num, t.code".$field3; + $sql = "SELECT p.ref, pf.amount, pf.multicurrency_amount, p.fk_paiement, p.datep, p.num_paiement as num, t.code".$field3 . $field4; $sql .= " FROM ".$this->db->prefix().$table." as pf, ".$this->db->prefix().$table2." as p, ".$this->db->prefix()."c_paiement as t"; $sql .= " WHERE pf.".$field." = ".((int) $this->id); $sql .= " AND pf.".$field2." = p.rowid"; @@ -363,6 +364,9 @@ abstract class CommonInvoice extends CommonObject if (!empty($field3)) { $tmp['ref_ext'] = $obj->ref_ext; } + if (!empty($field4)) { + $tmp['fk_bank_line'] = $obj->fk_bank; + } $retarray[] = $tmp; $i++; } From b963ddb0bc27daae5e2cb6e1d13c9720a6b83386 Mon Sep 17 00:00:00 2001 From: daraelmin Date: Sun, 29 Jan 2023 14:33:13 +0100 Subject: [PATCH 037/227] Fix PHP8 Warning --- htdocs/core/modules/project/task/mod_task_universal.php | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/htdocs/core/modules/project/task/mod_task_universal.php b/htdocs/core/modules/project/task/mod_task_universal.php index 6de02dcaf99..ba61a0363df 100644 --- a/htdocs/core/modules/project/task/mod_task_universal.php +++ b/htdocs/core/modules/project/task/mod_task_universal.php @@ -128,8 +128,7 @@ class mod_task_universal extends ModeleNumRefTask require_once DOL_DOCUMENT_ROOT.'/core/lib/functions2.lib.php'; - // On defini critere recherche compteur - $mask = $conf->global->PROJECT_TASK_UNIVERSAL_MASK; + $mask = !empty($conf->global->PROJECT_TASK_UNIVERSAL_MASK) ? $conf->global->PROJECT_TASK_UNIVERSAL_MASK : ''; if (!$mask) { $this->error = 'NotConfigured'; From b0332730a6e9ac64f4757c043fa2baced81278dd Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Sun, 29 Jan 2023 18:45:09 +0100 Subject: [PATCH 038/227] Fix count --- htdocs/contrat/list.php | 1 + 1 file changed, 1 insertion(+) diff --git a/htdocs/contrat/list.php b/htdocs/contrat/list.php index 31d489c4b1f..38c37c1389e 100644 --- a/htdocs/contrat/list.php +++ b/htdocs/contrat/list.php @@ -469,6 +469,7 @@ if (empty($conf->global->MAIN_DISABLE_FULL_SCANLIST)) { } else { /* The fast and low memory method to get and count full list converts the sql into a sql count */ $sqlforcount = preg_replace('/^'.preg_quote($sqlfields, '/').'/', 'SELECT COUNT(*) as nbtotalofrecords', $sql); + $sqlforcount = preg_replace('/LEFT JOIN '.MAIN_DB_PREFIX.'contratdet as cd ON c.rowid = cd.fk_contrat /', '', $sqlforcount); $sqlforcount = preg_replace('/GROUP BY.*$/', '', $sqlforcount); $resql = $db->query($sqlforcount); From 22ffef7b4e2b2e1fa40863256167eb35b391b91f Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Sun, 29 Jan 2023 20:25:42 +0100 Subject: [PATCH 039/227] Update card.php --- htdocs/compta/paiement/card.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/htdocs/compta/paiement/card.php b/htdocs/compta/paiement/card.php index 14442e6c965..36f14dca2fc 100644 --- a/htdocs/compta/paiement/card.php +++ b/htdocs/compta/paiement/card.php @@ -46,7 +46,8 @@ $action = GETPOST('action', 'aZ09'); $confirm = GETPOST('confirm', 'alpha'); $backtopage = GETPOST('backtopage', 'alpha'); -$socid = GETPOST('socid', 'int'); if ($socid < 0) { +$socid = GETPOST('socid', 'int'); +if ($socid < 0) { $socid = 0; } From 244239d44db2104570f37dcc13016a95d51174e9 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Sun, 29 Jan 2023 20:52:24 +0100 Subject: [PATCH 040/227] Doc --- dev/dolibarr_changes.txt | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/dev/dolibarr_changes.txt b/dev/dolibarr_changes.txt index 461db52f959..e12c237e28e 100644 --- a/dev/dolibarr_changes.txt +++ b/dev/dolibarr_changes.txt @@ -209,6 +209,11 @@ with with foreach ($value[1] as $k => $v) { +* Fix by replacing + if ($res[0] == PDF_TYPE_OBJECT) +with + if ($res && $res[0] == PDF_TYPE_OBJECT) + JSGANTT: From 0279f1ec44e377135ffb25b38cbfdfdcb9973caf Mon Sep 17 00:00:00 2001 From: Christian Humpel Date: Sun, 29 Jan 2023 23:05:39 +0100 Subject: [PATCH 041/227] filter on extrafields --- htdocs/projet/class/api_projects.class.php | 1 + 1 file changed, 1 insertion(+) diff --git a/htdocs/projet/class/api_projects.class.php b/htdocs/projet/class/api_projects.class.php index 8cbb3949cd5..fc10f49d38d 100644 --- a/htdocs/projet/class/api_projects.class.php +++ b/htdocs/projet/class/api_projects.class.php @@ -122,6 +122,7 @@ class Projects extends DolibarrApi $sql .= ", sc.fk_soc, sc.fk_user"; // We need these fields in order to filter by sale (including the case where the user can only see his prospects) } $sql .= " FROM ".MAIN_DB_PREFIX."projet as t"; + $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."projet_extrafields AS ef ON ef.fk_object = t.rowid"; // So we will be able to filter on extrafields if ($category > 0) { $sql .= ", ".MAIN_DB_PREFIX."categorie_project as c"; } From d03ec374d083c832f8858e515b04c7c098bf09a3 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 30 Jan 2023 02:21:54 +0100 Subject: [PATCH 042/227] NEW Can set a checkbox in formconfirm by clicking on the label --- htdocs/accountancy/class/accountancyexport.class.php | 2 +- htdocs/core/class/html.form.class.php | 2 +- htdocs/core/modules/modAccounting.class.php | 4 ++-- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/htdocs/accountancy/class/accountancyexport.class.php b/htdocs/accountancy/class/accountancyexport.class.php index 4c6e2d09838..cec3cc5be73 100644 --- a/htdocs/accountancy/class/accountancyexport.class.php +++ b/htdocs/accountancy/class/accountancyexport.class.php @@ -203,7 +203,7 @@ class AccountancyExport 'ACCOUNTING_EXPORT_FORMAT' => empty($conf->global->ACCOUNTING_EXPORT_FORMAT) ? 'txt' : $conf->global->ACCOUNTING_EXPORT_FORMAT, 'ACCOUNTING_EXPORT_SEPARATORCSV' => empty($conf->global->ACCOUNTING_EXPORT_SEPARATORCSV) ? ',' : $conf->global->ACCOUNTING_EXPORT_SEPARATORCSV, 'ACCOUNTING_EXPORT_ENDLINE' => empty($conf->global->ACCOUNTING_EXPORT_ENDLINE) ? 1 : $conf->global->ACCOUNTING_EXPORT_ENDLINE, - 'ACCOUNTING_EXPORT_DATE' => empty($conf->global->ACCOUNTING_EXPORT_DATE) ? '%d%m%Y' : $conf->global->ACCOUNTING_EXPORT_DATE, + 'ACCOUNTING_EXPORT_DATE' => getDolGlobalString('ACCOUNTING_EXPORT_DATE', '%Y-%m-%d'), ), self::$EXPORT_TYPE_CEGID => array( 'label' => $langs->trans('Modelcsv_CEGID'), diff --git a/htdocs/core/class/html.form.class.php b/htdocs/core/class/html.form.class.php index 7ed3f76c4bf..a9e69ed9b2b 100644 --- a/htdocs/core/class/html.form.class.php +++ b/htdocs/core/class/html.form.class.php @@ -5109,7 +5109,7 @@ class Form $more .= '
'."\n"; } elseif ($input['type'] == 'checkbox') { $more .= '
'; - $more .= '
'.$input['label'].'
'; + $more .= '
'; $more .= 'const[11] = array( "ACCOUNTING_EXPORT_DATE", "chaine", - "%d%m%Y", + "%Y-%m-%d", "", 0, 'current', 0 ); $this->const[12] = array( @@ -338,7 +338,7 @@ class modAccounting extends DolibarrModules 'b.sens'=>'C' // This field is still used by accounting export. We can remove it once it has been replace into accountancyexport.class.php by a detection using ->debit and ->credit ); - // General ledger - Fichier FEC + // General ledger - File FEC $r++; $this->import_code[$r] = $this->rights_class.'_'.$r; $this->import_label[$r] = 'ImportAccountingEntriesFECFormat'; From 3fdc32337871ce06dda75eda1b251cc452fbfe7d Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 30 Jan 2023 02:41:13 +0100 Subject: [PATCH 043/227] Fix menu --- htdocs/core/menus/standard/eldy.lib.php | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/htdocs/core/menus/standard/eldy.lib.php b/htdocs/core/menus/standard/eldy.lib.php index bf75035f333..d04cf9edc1a 100644 --- a/htdocs/core/menus/standard/eldy.lib.php +++ b/htdocs/core/menus/standard/eldy.lib.php @@ -1726,7 +1726,10 @@ function get_left_menu_accountancy($mainmenu, &$newmenu, $usemenuhider = 1, $lef if ($nature) { $langs->load('accountancy'); - $journallabel = $langs->transnoentities($objp->label); // Label of bank account in llx_accounting_journal + $journallabel = ''; + if ($objp->label) { + $journallabel = '('.$langs->transnoentities($objp->label).')'; // Label of bank account in llx_accounting_journal + } $key = $langs->trans("AccountingJournalType".strtoupper($objp->nature)); $transferlabel = ($objp->nature && $key != "AccountingJournalType".strtoupper($langs->trans($objp->nature)) ? $key.($journallabel != $key ? ' '.$journallabel : ''): $journallabel); From 1fe08ad3b84beb95fece41902c98a936c6729b13 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 30 Jan 2023 02:56:29 +0100 Subject: [PATCH 044/227] Fix missing hook --- htdocs/core/lib/payments.lib.php | 20 ++++++++++++++++++-- 1 file changed, 18 insertions(+), 2 deletions(-) diff --git a/htdocs/core/lib/payments.lib.php b/htdocs/core/lib/payments.lib.php index 44691f7c2c4..29947dda57c 100644 --- a/htdocs/core/lib/payments.lib.php +++ b/htdocs/core/lib/payments.lib.php @@ -146,7 +146,7 @@ function payment_supplier_prepare_head(Paiement $object) */ function getValidOnlinePaymentMethods($paymentmethod = '') { - global $conf, $langs; + global $conf, $langs, $hookmanager, $action; $validpaymentmethod = array(); @@ -162,8 +162,24 @@ function getValidOnlinePaymentMethods($paymentmethod = '') $langs->load("stripe"); $validpaymentmethod['stripe'] = 'valid'; } - // TODO Add trigger + // This hook is used to complete the $validpaymentmethod array so an external payment modules + // can add its own key (ie 'payzen' for Payzen, ...) + $parameters = [ + 'paymentmethod' => $paymentmethod, + 'validpaymentmethod' => &$validpaymentmethod + ]; + $tmpobject = new stdClass(); + $reshook = $hookmanager->executeHooks('getValidPayment', $parameters, $tmpobject, $action); + if ($reshook < 0) { + setEventMessages($hookmanager->error, $hookmanager->errors, 'errors'); + } elseif (!empty($hookmanager->resArray['validpaymentmethod'])) { + if ($reshook == 0) { + $validpaymentmethod = array_merge($validpaymentmethod, $hookmanager->resArray['validpaymentmethod']); + } else { + $validpaymentmethod = $hookmanager->resArray['validpaymentmethod']; + } + } return $validpaymentmethod; } From 854bd4efa1f4d0be7037aa7db56644f1bde07e04 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 30 Jan 2023 05:08:05 +0000 Subject: [PATCH 045/227] Bump JetBrains/qodana-action from 2022.3.0 to 2022.3.2 Bumps [JetBrains/qodana-action](https://github.com/JetBrains/qodana-action) from 2022.3.0 to 2022.3.2. - [Release notes](https://github.com/JetBrains/qodana-action/releases) - [Commits](https://github.com/JetBrains/qodana-action/compare/v2022.3.0...v2022.3.2) --- updated-dependencies: - dependency-name: JetBrains/qodana-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] --- .github/workflows/code_quality.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/code_quality.yml b/.github/workflows/code_quality.yml index 65f350e1b53..e5351acaf78 100644 --- a/.github/workflows/code_quality.yml +++ b/.github/workflows/code_quality.yml @@ -18,7 +18,7 @@ jobs: fetch-depth: 1 #php-version: '7.1' - name: 'Qodana Scan' - uses: JetBrains/qodana-action@v2022.3.0 + uses: JetBrains/qodana-action@v2022.3.2 #with: # php-version: '7.1' env: From 6765a14a58ec692021f887522f266c266ab731cb Mon Sep 17 00:00:00 2001 From: Philippe GRAND Date: Mon, 30 Jan 2023 11:36:00 +0100 Subject: [PATCH 046/227] fix : Warning: Undefined property: BOM:: in /home/httpd/vhosts/aflac.fr/domains/dev.aflac.fr/httpdocs/core/class/commondocgenerator.class.php on line 446 --- htdocs/core/class/commondocgenerator.class.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/core/class/commondocgenerator.class.php b/htdocs/core/class/commondocgenerator.class.php index e1780985c7c..b94fcccd99c 100644 --- a/htdocs/core/class/commondocgenerator.class.php +++ b/htdocs/core/class/commondocgenerator.class.php @@ -443,7 +443,7 @@ abstract class CommonDocGenerator } } - $date = ($object->element == 'contrat' ? $object->date_contrat : $object->date); + $date = (isset($object->element) && $object->element == 'contrat' && isset($object->date_contrat)) ? $object->date_contrat : (isset($object->date) ? $object->date : null); $resarray = array( $array_key.'_id'=>$object->id, From 79f401f5fb68ff05598f01c5e9efddf34a0c6c6b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Benjamin=20Fali=C3=A8re?= Date: Mon, 30 Jan 2023 11:50:23 +0100 Subject: [PATCH 047/227] Get data back when error on command create --- htdocs/commande/card.php | 23 ++++++++++++----------- 1 file changed, 12 insertions(+), 11 deletions(-) diff --git a/htdocs/commande/card.php b/htdocs/commande/card.php index 586cf98d606..776b07e0a93 100644 --- a/htdocs/commande/card.php +++ b/htdocs/commande/card.php @@ -13,8 +13,9 @@ * Copyright (C) 2014 Ferran Marcet * Copyright (C) 2015 Jean-François Ferry * Copyright (C) 2018-2021 Frédéric France - * Copyright (C) 2022 Gauthier VERDOL - * + * Copyright (C) 2022 Gauthier VERDOL + * Copyright (C) 2023 Benjamin Falière + * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 3 of the License, or @@ -1730,32 +1731,32 @@ if ($action == 'create' && $usercancreate) { // Delivery delay print ''.$langs->trans('AvailabilityPeriod').''; print img_picto('', 'clock', 'class="pictofixedwidth"'); - $form->selectAvailabilityDelay($availability_id, 'availability_id', '', 1, 'maxwidth200 widthcentpercentminusx'); + $form->selectAvailabilityDelay((GETPOST('availability_id')?GETPOST('availability_id'):$availability_id), 'availability_id', '', 1, 'maxwidth200 widthcentpercentminusx'); print ''; // Terms of payment print ''.$langs->trans('PaymentConditionsShort').''; print img_picto('', 'payment', 'class="pictofixedwidth"'); - $form->select_conditions_paiements($cond_reglement_id, 'cond_reglement_id', 1, 1, 0, 'maxwidth200 widthcentpercentminusx', $deposit_percent); + $form->select_conditions_paiements((GETPOST('cond_reglement_id')?GETPOST('cond_reglement_id'):$cond_reglement_id), 'cond_reglement_id', 1, 1, 0, 'maxwidth200 widthcentpercentminusx', $deposit_percent); print ''; // Payment mode print ''.$langs->trans('PaymentMode').''; print img_picto('', 'bank', 'class="pictofixedwidth"'); - $form->select_types_paiements($mode_reglement_id, 'mode_reglement_id', 'CRDT', 0, 1, 0, 0, 1, 'maxwidth200 widthcentpercentminusx'); + $form->select_types_paiements((GETPOST('mode_reglement_id')?GETPOST('mode_reglement_id'):$mode_reglement_id), 'mode_reglement_id', 'CRDT', 0, 1, 0, 0, 1, 'maxwidth200 widthcentpercentminusx'); print ''; // Bank Account if (!empty($conf->global->BANK_ASK_PAYMENT_BANK_DURING_ORDER) && !empty($conf->banque->enabled)) { print ''.$langs->trans('BankAccount').''; - print img_picto('', 'bank_account', 'class="pictofixedwidth"').$form->select_comptes($fk_account, 'fk_account', 0, '', 1, '', 0, 'maxwidth200 widthcentpercentminusx', 1); + print img_picto('', 'bank_account', 'class="pictofixedwidth"').$form->select_comptes((GETPOST('fk_account')?GETPOST('fk_account'):$fk_account), 'fk_account', 0, '', 1, '', 0, 'maxwidth200 widthcentpercentminusx', 1); print ''; } // Shipping Method if (isModEnabled('expedition')) { print ''.$langs->trans('SendingMethod').''; - print img_picto('', 'object_dolly', 'class="pictofixedwidth"').$form->selectShippingMethod($shipping_method_id, 'shipping_method_id', '', 1, '', 0, 'maxwidth200 widthcentpercentminusx'); + print img_picto('', 'object_dolly', 'class="pictofixedwidth"').$form->selectShippingMethod((GETPOST('shipping_method_id')?GETPOST('shipping_method_id'):$shipping_method_id), 'shipping_method_id', '', 1, '', 0, 'maxwidth200 widthcentpercentminusx'); print ''; } @@ -1764,14 +1765,14 @@ if ($action == 'create' && $usercancreate) { require_once DOL_DOCUMENT_ROOT.'/product/class/html.formproduct.class.php'; $formproduct = new FormProduct($db); print ''.$langs->trans('Warehouse').''; - print img_picto('', 'stock', 'class="pictofixedwidth"').$formproduct->selectWarehouses($warehouse_id, 'warehouse_id', '', 1, 0, 0, '', 0, 0, array(), 'maxwidth500 widthcentpercentminusxx'); + print img_picto('', 'stock', 'class="pictofixedwidth"').$formproduct->selectWarehouses((GETPOST('warehouse_id')?GETPOST('warehouse_id'):$warehouse_id), 'warehouse_id', '', 1, 0, 0, '', 0, 0, array(), 'maxwidth500 widthcentpercentminusxx'); print ''; } // Source / Channel - What trigger creation print ''.$langs->trans('Channel').''; print img_picto('', 'question', 'class="pictofixedwidth"'); - $form->selectInputReason($demand_reason_id, 'demand_reason_id', '', 1, 'maxwidth200 widthcentpercentminusx'); + $form->selectInputReason((GETPOST('demand_reason_id')?GETPOST('demand_reason_id'):$demand_reason_id), 'demand_reason_id', '', 1, 'maxwidth200 widthcentpercentminusx'); print ''; // TODO How record was recorded OrderMode (llx_c_input_method) @@ -1781,7 +1782,7 @@ if ($action == 'create' && $usercancreate) { $langs->load("projects"); print ''; print ''.$langs->trans("Project").''; - print img_picto('', 'project', 'class="pictofixedwidth"').$formproject->select_projects(($soc->id > 0 ? $soc->id : -1), $projectid, 'projectid', 0, 0, 1, 0, 0, 0, 0, '', 1, 0, 'maxwidth500 widthcentpercentminusxx'); + print img_picto('', 'project', 'class="pictofixedwidth"').$formproject->select_projects(($soc->id > 0 ? $soc->id : -1), (GETPOST('projectid')?GETPOST('projectid'):$projectid), 'projectid', 0, 0, 1, 0, 0, 0, 0, '', 1, 0, 'maxwidth500 widthcentpercentminusxx'); print ' id).'">'; print ''; print ''; @@ -1840,7 +1841,7 @@ if ($action == 'create' && $usercancreate) { print ''; print ''.$form->editfieldkey("Currency", 'multicurrency_code', '', $object, 0).''; print ''; - print img_picto('', 'currency', 'class="pictofixedwidth"').$form->selectMultiCurrency($currency_code, 'multicurrency_code', 0, '', false, 'maxwidth200 widthcentpercentminusx'); + print img_picto('', 'currency', 'class="pictofixedwidth"').$form->selectMultiCurrency((GETPOST('multicurrency_code')?GETPOST('multicurrency_code'):$currency_code), 'multicurrency_code', 0, '', false, 'maxwidth200 widthcentpercentminusx'); print ''; } From 665acb45cf3539559e6b5a3212959958c6adeea3 Mon Sep 17 00:00:00 2001 From: Christian Humpel Date: Sun, 29 Jan 2023 23:05:39 +0100 Subject: [PATCH 048/227] filter on extrafields --- htdocs/projet/class/api_projects.class.php | 1 + 1 file changed, 1 insertion(+) diff --git a/htdocs/projet/class/api_projects.class.php b/htdocs/projet/class/api_projects.class.php index 6a522346210..9ed1bbf1441 100644 --- a/htdocs/projet/class/api_projects.class.php +++ b/htdocs/projet/class/api_projects.class.php @@ -123,6 +123,7 @@ class Projects extends DolibarrApi $sql .= ", sc.fk_soc, sc.fk_user"; // We need these fields in order to filter by sale (including the case where the user can only see his prospects) } $sql .= " FROM ".MAIN_DB_PREFIX."projet as t"; + $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."projet_extrafields AS ef ON ef.fk_object = t.rowid"; // So we will be able to filter on extrafields if ($category > 0) { $sql .= ", ".MAIN_DB_PREFIX."categorie_project as c"; } From cd9db0067c157514e4ae98ce2affcf24ad6086de Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20FRANCE?= Date: Sat, 28 Jan 2023 18:45:37 +0100 Subject: [PATCH 049/227] input is too small --- htdocs/admin/mails_senderprofile_list.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/admin/mails_senderprofile_list.php b/htdocs/admin/mails_senderprofile_list.php index 95f57d5dfc5..a73b899dd00 100644 --- a/htdocs/admin/mails_senderprofile_list.php +++ b/htdocs/admin/mails_senderprofile_list.php @@ -416,7 +416,7 @@ if ($action != 'create') { print ''.$langs->trans("Label").''; print ''.$langs->trans("Email").''; print img_picto('', 'email', 'class="pictofixedwidth"'); - print ''; + print ''; print ''.$langs->trans("Signature").''; require_once DOL_DOCUMENT_ROOT.'/core/class/doleditor.class.php'; $doleditor = new DolEditor('signature', GETPOST('signature'), '', 138, 'dolibarr_notes', 'In', true, true, empty($conf->global->FCKEDITOR_ENABLE_USERSIGN) ? 0 : 1, ROWS_4, '90%'); From 7e9d3c22e288a773b5c6a53c91cb6ad9e74ed16a Mon Sep 17 00:00:00 2001 From: Philippe GRAND Date: Sat, 28 Jan 2023 10:36:34 +0100 Subject: [PATCH 050/227] fix : Warning: Undefined array key label --- htdocs/core/class/commondocgenerator.class.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/core/class/commondocgenerator.class.php b/htdocs/core/class/commondocgenerator.class.php index b94fcccd99c..74d0c9fa6b5 100644 --- a/htdocs/core/class/commondocgenerator.class.php +++ b/htdocs/core/class/commondocgenerator.class.php @@ -1618,7 +1618,7 @@ abstract class CommonDocGenerator $extrafields = $this->extrafieldsCache; - if (!empty($extrafields->attributes[$object->table_element]) && is_array($extrafields->attributes[$object->table_element]['label'])) { + if (!empty($extrafields->attributes[$object->table_element]) && is_array($extrafields->attributes[$object->table_element]) && array_key_exists('label', $extrafields->attributes[$object->table_element]) && is_array($extrafields->attributes[$object->table_element]['label'])) { foreach ($extrafields->attributes[$object->table_element]['label'] as $key => $label) { // Dont display separator yet even is set to be displayed (not compatible yet) if ($extrafields->attributes[$object->table_element]['type'][$key] == 'separate') { From 5d787a0ba93c46dfdfdd3250c6ed207d35a8f278 Mon Sep 17 00:00:00 2001 From: hystepik Date: Fri, 27 Jan 2023 11:01:16 +0100 Subject: [PATCH 051/227] Fix : php 8.1 warning --- htdocs/compta/paiement/card.php | 4 ++++ htdocs/compta/paiement/list.php | 7 ++++++- 2 files changed, 10 insertions(+), 1 deletion(-) diff --git a/htdocs/compta/paiement/card.php b/htdocs/compta/paiement/card.php index 4930ce9e53c..29d9ce25bb6 100644 --- a/htdocs/compta/paiement/card.php +++ b/htdocs/compta/paiement/card.php @@ -46,6 +46,10 @@ $action = GETPOST('action', 'aZ09'); $confirm = GETPOST('confirm', 'alpha'); $backtopage = GETPOST('backtopage', 'alpha'); +$socid = GETPOST('socid', 'int'); if ($socid < 0) { + $socid = 0; +} + $object = new Paiement($db); // Initialize technical object to manage hooks of page. Note that conf->hooks_modules contains array of hook context $hookmanager->initHooks(array('paymentcard', 'globalcard')); diff --git a/htdocs/compta/paiement/list.php b/htdocs/compta/paiement/list.php index 658f2c150f1..6db18f6aa55 100644 --- a/htdocs/compta/paiement/list.php +++ b/htdocs/compta/paiement/list.php @@ -513,6 +513,7 @@ foreach ($arrayfields as $column) { $i = 0; $totalarray = array(); +$totalarray['nbfield'] = 0; while ($i < min($num, $limit)) { $objp = $db->fetch_object($resql); @@ -620,7 +621,11 @@ while ($i < min($num, $limit)) { $totalarray['nbfield']++; } $totalarray['pos'][$checkedCount] = 'amount'; - $totalarray['val']['amount'] += $objp->amount; + if (empty($totalarray['val']['amount'])) { + $totalarray['val']['amount'] = $objp->amount; + } else { + $totalarray['val']['amount'] += $objp->amount; + } } // Status From 3a7552431fc79820e41ffaa2d5239f580801ab57 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Fri, 27 Jan 2023 01:03:44 +0100 Subject: [PATCH 052/227] Fix duplicate --- htdocs/contrat/class/contrat.class.php | 1 - 1 file changed, 1 deletion(-) diff --git a/htdocs/contrat/class/contrat.class.php b/htdocs/contrat/class/contrat.class.php index 1e8f0e1f7e5..8f66cbdef2e 100644 --- a/htdocs/contrat/class/contrat.class.php +++ b/htdocs/contrat/class/contrat.class.php @@ -242,7 +242,6 @@ class Contrat extends CommonObject 'model_pdf' =>array('type'=>'varchar(255)', 'label'=>'Model pdf', 'enabled'=>1, 'visible'=>0, 'position'=>115), 'import_key' =>array('type'=>'varchar(14)', 'label'=>'ImportId', 'enabled'=>1, 'visible'=>-2, 'position'=>120), 'extraparams' =>array('type'=>'varchar(255)', 'label'=>'Extraparams', 'enabled'=>1, 'visible'=>-1, 'position'=>125), - 'ref_customer' =>array('type'=>'varchar(50)', 'label'=>'Ref customer', 'enabled'=>1, 'visible'=>-1, 'position'=>130), 'fk_user_modif' =>array('type'=>'integer:User:user/class/user.class.php', 'label'=>'UserModif', 'enabled'=>1, 'visible'=>-2, 'notnull'=>-1, 'position'=>135), 'last_main_doc' =>array('type'=>'varchar(255)', 'label'=>'Last main doc', 'enabled'=>1, 'visible'=>-1, 'position'=>140), 'statut' =>array('type'=>'smallint(6)', 'label'=>'Statut', 'enabled'=>1, 'visible'=>-1, 'position'=>500, 'notnull'=>1, 'arrayofkeyval'=>array(0=>'Draft', 1=>'Validated', 2=>'Closed')) From 3692f9534ee52e9ddf5f49b453979faae3036e69 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Thu, 26 Jan 2023 19:23:43 +0100 Subject: [PATCH 053/227] Fix properties --- htdocs/comm/card.php | 2 ++ 1 file changed, 2 insertions(+) diff --git a/htdocs/comm/card.php b/htdocs/comm/card.php index e6162b45b52..b64673f0670 100644 --- a/htdocs/comm/card.php +++ b/htdocs/comm/card.php @@ -1458,6 +1458,8 @@ if ($object->id > 0) { $facturestatic->total_tva = $objp->total_tva; $facturestatic->total_ttc = $objp->total_ttc; $facturestatic->statut = $objp->status; + $facturestatic->date = $db->jdate($objp->df); + $facturestatic->date_lim_reglement = $db->jdate($objp->dl); print ''; print ''; From f2c877f66af1433a003934c9c8958a867ba2e6bf Mon Sep 17 00:00:00 2001 From: stickler-ci Date: Mon, 30 Jan 2023 11:06:30 +0000 Subject: [PATCH 054/227] Fixing style errors. --- htdocs/commande/card.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/commande/card.php b/htdocs/commande/card.php index 776b07e0a93..4b0fb283e17 100644 --- a/htdocs/commande/card.php +++ b/htdocs/commande/card.php @@ -15,7 +15,7 @@ * Copyright (C) 2018-2021 Frédéric France * Copyright (C) 2022 Gauthier VERDOL * Copyright (C) 2023 Benjamin Falière - * + * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 3 of the License, or From 47d241bf502a3b35f579ff0832293b50cbb8109f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20FRANCE?= Date: Wed, 25 Jan 2023 21:56:49 +0100 Subject: [PATCH 055/227] fix php8.2 warnings --- htdocs/debugbar/class/DataCollector/DolLogsCollector.php | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/htdocs/debugbar/class/DataCollector/DolLogsCollector.php b/htdocs/debugbar/class/DataCollector/DolLogsCollector.php index d21cdd6233f..893804ae865 100644 --- a/htdocs/debugbar/class/DataCollector/DolLogsCollector.php +++ b/htdocs/debugbar/class/DataCollector/DolLogsCollector.php @@ -20,6 +20,11 @@ class DolLogsCollector extends MessagesCollector */ protected $maxnboflines; + /** + * @var int number of lines + */ + protected $nboflines; + /** * Constructor * @@ -33,7 +38,7 @@ class DolLogsCollector extends MessagesCollector parent::__construct($name); $this->nboflines = 0; - $this->maxnboflines = empty($conf->global->DEBUGBAR_LOGS_LINES_NUMBER) ? 250 : $conf->global->DEBUGBAR_LOGS_LINES_NUMBER; // High number slows seriously output + $this->maxnboflines = getDolGlobalInt('DEBUGBAR_LOGS_LINES_NUMBER', 250); // High number slows seriously output $this->path = $path ?: $this->getLogsFile(); } From d52d39318548bd0b67e61b31d662c340e6a825bb Mon Sep 17 00:00:00 2001 From: Anthony Berton Date: Wed, 25 Jan 2023 15:35:09 +0100 Subject: [PATCH 056/227] FIX - PHP8 Warnning admin commande --- htdocs/admin/commande.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/admin/commande.php b/htdocs/admin/commande.php index 79c42f6e2db..20064ca099c 100644 --- a/htdocs/admin/commande.php +++ b/htdocs/admin/commande.php @@ -117,7 +117,7 @@ if ($action == 'updateMask') { } elseif ($action == 'del') { $ret = delDocumentModel($value, $type); if ($ret > 0) { - if ($conf->global->COMMANDE_ADDON_PDF == "$value") { + if (getDolGlobalString('COMMANDE_ADDON_PDF') == $value) { dolibarr_del_const($db, 'COMMANDE_ADDON_PDF', $conf->entity); } } From a8bb58f2989a4b1d8e6c28dc59a2548373d8f291 Mon Sep 17 00:00:00 2001 From: kkhelifa Date: Wed, 25 Jan 2023 15:28:34 +0100 Subject: [PATCH 057/227] FIX: Rights on action for payments by bank transfer --- htdocs/compta/prelevement/card.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/htdocs/compta/prelevement/card.php b/htdocs/compta/prelevement/card.php index c9f90b8b240..33a4409bac9 100644 --- a/htdocs/compta/prelevement/card.php +++ b/htdocs/compta/prelevement/card.php @@ -272,7 +272,7 @@ if ($id > 0 || $ref) { print $formconfirm; - if (empty($object->date_trans) && $user->rights->prelevement->bons->send && $action == 'settransmitted') { + if (empty($object->date_trans) && (($user->rights->prelevement->bons->send && $object->type != 'bank-transfer') || ($user->rights->paymentbybanktransfer->send && $object->type == 'bank-transfer')) && $action == 'settransmitted') { print '
'; print ''; print ''; @@ -291,7 +291,7 @@ if ($id > 0 || $ref) { print '
'; } - if (!empty($object->date_trans) && empty($object->date_credit) && $user->rights->prelevement->bons->credit && $action == 'setcredited') { + if (!empty($object->date_trans) && empty($object->date_credit) && (($user->rights->prelevement->bons->credit && $object->type != 'bank-transfer') || ($user->rights->paymentbybanktransfer->debit && $object->type == 'bank-transfer')) && $action == 'setcredited') { $btnLabel = ($object->type == 'bank-transfer') ? $langs->trans("ClassDebited") : $langs->trans("ClassCredited"); print ''; print ''; From 6ab7ca1279354787e5b64a3f6cad4ff35c1caced Mon Sep 17 00:00:00 2001 From: Philippe GRAND Date: Mon, 30 Jan 2023 12:28:20 +0100 Subject: [PATCH 058/227] fix : Warning: Undefined variable in /home/httpd/vhosts/aflac.fr/domains/dev.aflac.fr/httpdocs/core/class/commondocgenerator.class.php on line 455 --- htdocs/core/class/commondocgenerator.class.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/core/class/commondocgenerator.class.php b/htdocs/core/class/commondocgenerator.class.php index 74d0c9fa6b5..f6725c6aef1 100644 --- a/htdocs/core/class/commondocgenerator.class.php +++ b/htdocs/core/class/commondocgenerator.class.php @@ -452,7 +452,7 @@ abstract class CommonDocGenerator $array_key.'_ref_ext' => (property_exists($object, 'ref_ext') ? $object->ref_ext : ''), $array_key.'_ref_customer'=>(!empty($object->ref_client) ? $object->ref_client : (empty($object->ref_customer) ? '' : $object->ref_customer)), $array_key.'_ref_supplier'=>(!empty($object->ref_fournisseur) ? $object->ref_fournisseur : (empty($object->ref_supplier) ? '' : $object->ref_supplier)), - $array_key.'_source_invoice_ref'=>$invoice_source->ref, + $array_key.'_source_invoice_ref'=>(!empty($invoice_source->ref) ? $invoice_source->ref : (empty($invoice_source->ref) ? '' : $invoice_source->ref)), // Dates $array_key.'_hour'=>dol_print_date($date, 'hour'), $array_key.'_date'=>dol_print_date($date, 'day'), From 3349cd392edebf5570adc765d1a7406a6929c396 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 30 Jan 2023 13:22:44 +0100 Subject: [PATCH 059/227] Update commondocgenerator.class.php --- htdocs/core/class/commondocgenerator.class.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/core/class/commondocgenerator.class.php b/htdocs/core/class/commondocgenerator.class.php index f6725c6aef1..5799a1607e9 100644 --- a/htdocs/core/class/commondocgenerator.class.php +++ b/htdocs/core/class/commondocgenerator.class.php @@ -452,7 +452,7 @@ abstract class CommonDocGenerator $array_key.'_ref_ext' => (property_exists($object, 'ref_ext') ? $object->ref_ext : ''), $array_key.'_ref_customer'=>(!empty($object->ref_client) ? $object->ref_client : (empty($object->ref_customer) ? '' : $object->ref_customer)), $array_key.'_ref_supplier'=>(!empty($object->ref_fournisseur) ? $object->ref_fournisseur : (empty($object->ref_supplier) ? '' : $object->ref_supplier)), - $array_key.'_source_invoice_ref'=>(!empty($invoice_source->ref) ? $invoice_source->ref : (empty($invoice_source->ref) ? '' : $invoice_source->ref)), + $array_key.'_source_invoice_ref'=>((empty($invoice_source) || empty($invoice_source->ref)) ? '' : $invoice_source->ref), // Dates $array_key.'_hour'=>dol_print_date($date, 'hour'), $array_key.'_date'=>dol_print_date($date, 'day'), From ca04491b2ee966f730dacabfdd373e77be947c69 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 30 Jan 2023 13:57:11 +0100 Subject: [PATCH 060/227] Rename object into socialobject to avoid confusion --- htdocs/admin/company.php | 6 +++--- htdocs/core/modules/dons/html_cerfafr.modules.php | 2 +- htdocs/societe/class/societe.class.php | 2 +- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/htdocs/admin/company.php b/htdocs/admin/company.php index d6760ef45e8..7b2708e1906 100644 --- a/htdocs/admin/company.php +++ b/htdocs/admin/company.php @@ -195,7 +195,7 @@ if (($action == 'update' && !GETPOST("cancel", 'alpha')) dolibarr_set_const($db, "MAIN_INFO_PROFID6", GETPOST("MAIN_INFO_PROFID6", 'alphanohtml'), 'chaine', 0, '', $conf->entity); dolibarr_set_const($db, "MAIN_INFO_TVAINTRA", GETPOST("tva", 'alphanohtml'), 'chaine', 0, '', $conf->entity); - dolibarr_set_const($db, "MAIN_INFO_SOCIETE_OBJECT", GETPOST("object", 'alphanohtml'), 'chaine', 0, '', $conf->entity); + dolibarr_set_const($db, "MAIN_INFO_SOCIETE_OBJECT", GETPOST("socialobject", 'alphanohtml'), 'chaine', 0, '', $conf->entity); dolibarr_set_const($db, "SOCIETE_FISCAL_MONTH_START", GETPOST("SOCIETE_FISCAL_MONTH_START", 'int'), 'chaine', 0, '', $conf->entity); @@ -676,8 +676,8 @@ print ''; -print ''; +print ''; +print ''; print ''; print ''; diff --git a/htdocs/core/modules/dons/html_cerfafr.modules.php b/htdocs/core/modules/dons/html_cerfafr.modules.php index d859ae0ca56..155d16842ec 100644 --- a/htdocs/core/modules/dons/html_cerfafr.modules.php +++ b/htdocs/core/modules/dons/html_cerfafr.modules.php @@ -162,7 +162,7 @@ class html_cerfafr extends ModeleDon $form = str_replace('__MAIN_INFO_SOCIETE_ADDRESS__', $mysoc->address, $form); $form = str_replace('__MAIN_INFO_SOCIETE_ZIP__', $mysoc->zip, $form); $form = str_replace('__MAIN_INFO_SOCIETE_TOWN__', $mysoc->town, $form); - $form = str_replace('__MAIN_INFO_SOCIETE_OBJECT__', $mysoc->object, $form); + $form = str_replace('__MAIN_INFO_SOCIETE_OBJECT__', $mysoc->socialobject, $form); $form = str_replace('__DONATOR_FIRSTNAME__', $don->firstname, $form); $form = str_replace('__DONATOR_LASTNAME__', $don->lastname, $form); $form = str_replace('__DONATOR_SOCIETE__', $don->societe, $form); diff --git a/htdocs/societe/class/societe.class.php b/htdocs/societe/class/societe.class.php index e0309535ab7..9a8aaf7d96b 100644 --- a/htdocs/societe/class/societe.class.php +++ b/htdocs/societe/class/societe.class.php @@ -4268,7 +4268,7 @@ class Societe extends CommonObject $this->zip = empty($conf->global->MAIN_INFO_SOCIETE_ZIP) ? '' : $conf->global->MAIN_INFO_SOCIETE_ZIP; $this->town = empty($conf->global->MAIN_INFO_SOCIETE_TOWN) ? '' : $conf->global->MAIN_INFO_SOCIETE_TOWN; $this->region_code = empty($conf->global->MAIN_INFO_SOCIETE_REGION) ? '' : $conf->global->MAIN_INFO_SOCIETE_REGION; - $this->object = empty($conf->global->MAIN_INFO_SOCIETE_OBJECT) ? '' : $conf->global->MAIN_INFO_SOCIETE_OBJECT; + $this->socialobject = empty($conf->global->MAIN_INFO_SOCIETE_OBJECT) ? '' : $conf->global->MAIN_INFO_SOCIETE_OBJECT; $this->note_private = empty($conf->global->MAIN_INFO_SOCIETE_NOTE) ? '' : $conf->global->MAIN_INFO_SOCIETE_NOTE; From c533b7235157cadfa5ec1cb494f6f527c9da6e01 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 30 Jan 2023 13:59:36 +0100 Subject: [PATCH 061/227] Update societe.class.php --- htdocs/societe/class/societe.class.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/htdocs/societe/class/societe.class.php b/htdocs/societe/class/societe.class.php index a6027eccd02..d1796e54577 100644 --- a/htdocs/societe/class/societe.class.php +++ b/htdocs/societe/class/societe.class.php @@ -486,10 +486,10 @@ class Societe extends CommonObject public $idprof6; /** - * Object of company + * Social object of the company * @var string */ - public $object; + public $socialobject; /** * @var string Prefix comm From e7c6eac984eeb56167b72c0b78a8313e57cc5cf9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Benjamin=20Fali=C3=A8re?= Date: Mon, 30 Jan 2023 14:05:17 +0100 Subject: [PATCH 062/227] Replaced GETPOST with GETPOSTISSET --- htdocs/commande/card.php | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/htdocs/commande/card.php b/htdocs/commande/card.php index 4b0fb283e17..d746c93a315 100644 --- a/htdocs/commande/card.php +++ b/htdocs/commande/card.php @@ -1731,32 +1731,32 @@ if ($action == 'create' && $usercancreate) { // Delivery delay print ''.$langs->trans('AvailabilityPeriod').''; print img_picto('', 'clock', 'class="pictofixedwidth"'); - $form->selectAvailabilityDelay((GETPOST('availability_id')?GETPOST('availability_id'):$availability_id), 'availability_id', '', 1, 'maxwidth200 widthcentpercentminusx'); + $form->selectAvailabilityDelay((GETPOSTISSET('availability_id')?GETPOST('availability_id'):$availability_id), 'availability_id', '', 1, 'maxwidth200 widthcentpercentminusx'); print ''; // Terms of payment print ''.$langs->trans('PaymentConditionsShort').''; print img_picto('', 'payment', 'class="pictofixedwidth"'); - $form->select_conditions_paiements((GETPOST('cond_reglement_id')?GETPOST('cond_reglement_id'):$cond_reglement_id), 'cond_reglement_id', 1, 1, 0, 'maxwidth200 widthcentpercentminusx', $deposit_percent); + $form->select_conditions_paiements((GETPOSTISSET('cond_reglement_id')?GETPOST('cond_reglement_id'):$cond_reglement_id), 'cond_reglement_id', 1, 1, 0, 'maxwidth200 widthcentpercentminusx', $deposit_percent); print ''; // Payment mode print ''.$langs->trans('PaymentMode').''; print img_picto('', 'bank', 'class="pictofixedwidth"'); - $form->select_types_paiements((GETPOST('mode_reglement_id')?GETPOST('mode_reglement_id'):$mode_reglement_id), 'mode_reglement_id', 'CRDT', 0, 1, 0, 0, 1, 'maxwidth200 widthcentpercentminusx'); + $form->select_types_paiements((GETPOSTISSET('mode_reglement_id')?GETPOST('mode_reglement_id'):$mode_reglement_id), 'mode_reglement_id', 'CRDT', 0, 1, 0, 0, 1, 'maxwidth200 widthcentpercentminusx'); print ''; // Bank Account if (!empty($conf->global->BANK_ASK_PAYMENT_BANK_DURING_ORDER) && !empty($conf->banque->enabled)) { print ''.$langs->trans('BankAccount').''; - print img_picto('', 'bank_account', 'class="pictofixedwidth"').$form->select_comptes((GETPOST('fk_account')?GETPOST('fk_account'):$fk_account), 'fk_account', 0, '', 1, '', 0, 'maxwidth200 widthcentpercentminusx', 1); + print img_picto('', 'bank_account', 'class="pictofixedwidth"').$form->select_comptes((GETPOSTISSET('fk_account')?GETPOST('fk_account'):$fk_account), 'fk_account', 0, '', 1, '', 0, 'maxwidth200 widthcentpercentminusx', 1); print ''; } // Shipping Method if (isModEnabled('expedition')) { print ''.$langs->trans('SendingMethod').''; - print img_picto('', 'object_dolly', 'class="pictofixedwidth"').$form->selectShippingMethod((GETPOST('shipping_method_id')?GETPOST('shipping_method_id'):$shipping_method_id), 'shipping_method_id', '', 1, '', 0, 'maxwidth200 widthcentpercentminusx'); + print img_picto('', 'object_dolly', 'class="pictofixedwidth"').$form->selectShippingMethod((GETPOST('shipping_method_id')?GETPOSTISSET('shipping_method_id'):$shipping_method_id), 'shipping_method_id', '', 1, '', 0, 'maxwidth200 widthcentpercentminusx'); print ''; } @@ -1765,14 +1765,14 @@ if ($action == 'create' && $usercancreate) { require_once DOL_DOCUMENT_ROOT.'/product/class/html.formproduct.class.php'; $formproduct = new FormProduct($db); print ''.$langs->trans('Warehouse').''; - print img_picto('', 'stock', 'class="pictofixedwidth"').$formproduct->selectWarehouses((GETPOST('warehouse_id')?GETPOST('warehouse_id'):$warehouse_id), 'warehouse_id', '', 1, 0, 0, '', 0, 0, array(), 'maxwidth500 widthcentpercentminusxx'); + print img_picto('', 'stock', 'class="pictofixedwidth"').$formproduct->selectWarehouses((GETPOSTISSET('warehouse_id')?GETPOST('warehouse_id'):$warehouse_id), 'warehouse_id', '', 1, 0, 0, '', 0, 0, array(), 'maxwidth500 widthcentpercentminusxx'); print ''; } // Source / Channel - What trigger creation print ''.$langs->trans('Channel').''; print img_picto('', 'question', 'class="pictofixedwidth"'); - $form->selectInputReason((GETPOST('demand_reason_id')?GETPOST('demand_reason_id'):$demand_reason_id), 'demand_reason_id', '', 1, 'maxwidth200 widthcentpercentminusx'); + $form->selectInputReason((GETPOSTISSET('demand_reason_id')?GETPOST('demand_reason_id'):$demand_reason_id), 'demand_reason_id', '', 1, 'maxwidth200 widthcentpercentminusx'); print ''; // TODO How record was recorded OrderMode (llx_c_input_method) @@ -1782,7 +1782,7 @@ if ($action == 'create' && $usercancreate) { $langs->load("projects"); print ''; print ''.$langs->trans("Project").''; - print img_picto('', 'project', 'class="pictofixedwidth"').$formproject->select_projects(($soc->id > 0 ? $soc->id : -1), (GETPOST('projectid')?GETPOST('projectid'):$projectid), 'projectid', 0, 0, 1, 0, 0, 0, 0, '', 1, 0, 'maxwidth500 widthcentpercentminusxx'); + print img_picto('', 'project', 'class="pictofixedwidth"').$formproject->select_projects(($soc->id > 0 ? $soc->id : -1), (GETPOSTISSET('projectid')?GETPOST('projectid'):$projectid), 'projectid', 0, 0, 1, 0, 0, 0, 0, '', 1, 0, 'maxwidth500 widthcentpercentminusxx'); print ' id).'">'; print ''; print ''; @@ -1841,7 +1841,7 @@ if ($action == 'create' && $usercancreate) { print ''; print ''.$form->editfieldkey("Currency", 'multicurrency_code', '', $object, 0).''; print ''; - print img_picto('', 'currency', 'class="pictofixedwidth"').$form->selectMultiCurrency((GETPOST('multicurrency_code')?GETPOST('multicurrency_code'):$currency_code), 'multicurrency_code', 0, '', false, 'maxwidth200 widthcentpercentminusx'); + print img_picto('', 'currency', 'class="pictofixedwidth"').$form->selectMultiCurrency((GETPOSTISSET('multicurrency_code')?GETPOST('multicurrency_code'):$currency_code), 'multicurrency_code', 0, '', false, 'maxwidth200 widthcentpercentminusx'); print ''; } From 2a0a0fc4706206eb4af6cfcda481de8bf715046a Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 30 Jan 2023 14:13:02 +0100 Subject: [PATCH 063/227] Clean old deprecated code on social networks fields --- htdocs/adherents/card.php | 9 -- htdocs/api/class/api_setup.class.php | 5 - htdocs/contact/card.php | 10 -- htdocs/contact/class/contact.class.php | 19 ---- htdocs/core/class/commonobject.class.php | 21 ----- .../core/class/commonsocialnetworks.class.php | 6 ++ htdocs/core/class/ldap.class.php | 1 - .../class/actions_datapolicy.class.php | 91 ++----------------- .../societe/class/api_thirdparties.class.php | 10 -- htdocs/societe/class/societe.class.php | 5 - htdocs/user/class/api_users.class.php | 5 - 11 files changed, 13 insertions(+), 169 deletions(-) diff --git a/htdocs/adherents/card.php b/htdocs/adherents/card.php index f72682ce22a..f57bb2e312d 100644 --- a/htdocs/adherents/card.php +++ b/htdocs/adherents/card.php @@ -313,10 +313,6 @@ if (empty($reshook)) { $object->socialnetworks[$key] = trim(GETPOST($key, 'alphanohtml')); } } - //$object->skype = trim(GETPOST("skype", 'alpha')); - //$object->twitter = trim(GETPOST("twitter", 'alpha')); - //$object->facebook = trim(GETPOST("facebook", 'alpha')); - //$object->linkedin = trim(GETPOST("linkedin", 'alpha')); $object->birth = $birthdate; $object->default_lang = GETPOST('default_lang', 'alpha'); $object->typeid = GETPOST("typeid", 'int'); @@ -488,11 +484,6 @@ if (empty($reshook)) { } } - // $object->skype = $skype; - // $object->twitter = $twitter; - // $object->facebook = $facebook; - // $object->linkedin = $linkedin; - $object->email = $email; $object->url = $url; $object->login = $login; diff --git a/htdocs/api/class/api_setup.class.php b/htdocs/api/class/api_setup.class.php index c79a3e63653..17649370ae0 100644 --- a/htdocs/api/class/api_setup.class.php +++ b/htdocs/api/class/api_setup.class.php @@ -1762,11 +1762,6 @@ class Setup extends DolibarrApi throw new RestException(403, 'Error API open to admin users only or to the users with logins defined into constant API_LOGINS_ALLOWED_FOR_GET_COMPANY'); } - unset($mysoc->skype); - unset($mysoc->twitter); - unset($mysoc->facebook); - unset($mysoc->linkedin); - unset($mysoc->pays); unset($mysoc->note); unset($mysoc->nom); diff --git a/htdocs/contact/card.php b/htdocs/contact/card.php index 4fde1b75552..cd94f4ebbac 100644 --- a/htdocs/contact/card.php +++ b/htdocs/contact/card.php @@ -213,11 +213,6 @@ if (empty($reshook)) { $object->town = (string) GETPOST("town", 'alpha'); $object->country_id = (int) GETPOST("country_id", 'int'); $object->state_id = (int) GETPOST("state_id", 'int'); - //$object->jabberid = GETPOST("jabberid", 'alpha'); - //$object->skype = GETPOST("skype", 'alpha'); - //$object->twitter = GETPOST("twitter", 'alpha'); - //$object->facebook = GETPOST("facebook", 'alpha'); - //$object->linkedin = GETPOST("linkedin", 'alpha'); $object->socialnetworks = array(); if (isModEnabled('socialnetworks')) { foreach ($socialnetworks as $key => $value) { @@ -419,11 +414,6 @@ if (empty($reshook)) { $object->email = (string) GETPOST('email', 'custom', 0, FILTER_SANITIZE_EMAIL); $object->no_email = GETPOST("no_email", "int"); - //$object->jabberid = GETPOST("jabberid", 'alpha'); - //$object->skype = GETPOST("skype", 'alpha'); - //$object->twitter = GETPOST("twitter", 'alpha'); - //$object->facebook = GETPOST("facebook", 'alpha'); - //$object->linkedin = GETPOST("linkedin", 'alpha'); $object->socialnetworks = array(); if (isModEnabled('socialnetworks')) { foreach ($socialnetworks as $key => $value) { diff --git a/htdocs/contact/class/contact.class.php b/htdocs/contact/class/contact.class.php index c9d62c410b3..52ea2b69c8d 100644 --- a/htdocs/contact/class/contact.class.php +++ b/htdocs/contact/class/contact.class.php @@ -702,22 +702,6 @@ class Contact extends CommonObject $tmpobj->socialnetworks = $this->socialnetworks; $usermustbemodified++; } - // if ($tmpobj->skype != $this->skype) { - // $tmpobj->skype = $this->skype; - // $usermustbemodified++; - // } - // if ($tmpobj->twitter != $this->twitter) { - // $tmpobj->twitter = $this->twitter; - // $usermustbemodified++; - // } - // if ($tmpobj->facebook != $this->facebook) { - // $tmpobj->facebook = $this->facebook; - // $usermustbemodified++; - // } - // if ($tmpobj->linkedin != $this->linkedin) { - // $tmpobj->linkedin = $this->linkedin; - // $usermustbemodified++; - // } if ($usermustbemodified) { $result = $tmpobj->update($user, 0, 1, 1, 1); if ($result < 0) { @@ -850,9 +834,6 @@ class Contact extends CommonObject if ($this->fax && !empty($conf->global->LDAP_CONTACT_FIELD_FAX)) { $info[$conf->global->LDAP_CONTACT_FIELD_FAX] = $this->fax; } - if ($this->skype && !empty($conf->global->LDAP_CONTACT_FIELD_SKYPE)) { - $info[$conf->global->LDAP_CONTACT_FIELD_SKYPE] = $this->skype; - } if ($this->note_private && !empty($conf->global->LDAP_CONTACT_FIELD_DESCRIPTION)) { $info[$conf->global->LDAP_CONTACT_FIELD_DESCRIPTION] = dol_string_nohtmltag($this->note_private, 2); } diff --git a/htdocs/core/class/commonobject.class.php b/htdocs/core/class/commonobject.class.php index 9b8f0dfc6dd..25f16cbbdb4 100644 --- a/htdocs/core/class/commonobject.class.php +++ b/htdocs/core/class/commonobject.class.php @@ -961,27 +961,6 @@ abstract class CommonObject } $outdone++; } - } else { // Old code to remove - if (!empty($this->skype)) { - $outsocialnetwork .= dol_print_socialnetworks($this->skype, $this->id, $object->id, 'skype'); - } - $outdone++; - if (!empty($this->jabberid)) { - $outsocialnetwork .= dol_print_socialnetworks($this->jabberid, $this->id, $object->id, 'jabber'); - } - $outdone++; - if (!empty($this->twitter)) { - $outsocialnetwork .= dol_print_socialnetworks($this->twitter, $this->id, $object->id, 'twitter'); - } - $outdone++; - if (!empty($this->facebook)) { - $outsocialnetwork .= dol_print_socialnetworks($this->facebook, $this->id, $object->id, 'facebook'); - } - $outdone++; - if (!empty($this->linkedin)) { - $outsocialnetwork .= dol_print_socialnetworks($this->linkedin, $this->id, $object->id, 'linkedin'); - } - $outdone++; } if ($outsocialnetwork) { diff --git a/htdocs/core/class/commonsocialnetworks.class.php b/htdocs/core/class/commonsocialnetworks.class.php index eeb6583ca65..4ec32194f3d 100644 --- a/htdocs/core/class/commonsocialnetworks.class.php +++ b/htdocs/core/class/commonsocialnetworks.class.php @@ -27,6 +27,12 @@ */ trait CommonSocialNetworks { + /** + * @var array array of socialnetworks + */ + public $socialnetworks; + + /** * Show social network part if the module is enabled with hiding functionality * diff --git a/htdocs/core/class/ldap.class.php b/htdocs/core/class/ldap.class.php index 9ad06ba137c..8b3c9177d3e 100644 --- a/htdocs/core/class/ldap.class.php +++ b/htdocs/core/class/ldap.class.php @@ -1291,7 +1291,6 @@ class Ldap $this->firstname = $this->convToOutputCharset($result[0][$this->attr_firstname][0], $this->ldapcharset); $this->login = $this->convToOutputCharset($result[0][$this->attr_login][0], $this->ldapcharset); $this->phone = $this->convToOutputCharset($result[0][$this->attr_phone][0], $this->ldapcharset); - $this->skype = $this->convToOutputCharset($result[0][$this->attr_skype][0], $this->ldapcharset); $this->fax = $this->convToOutputCharset($result[0][$this->attr_fax][0], $this->ldapcharset); $this->mail = $this->convToOutputCharset($result[0][$this->attr_mail][0], $this->ldapcharset); $this->mobile = $this->convToOutputCharset($result[0][$this->attr_mobile][0], $this->ldapcharset); diff --git a/htdocs/datapolicy/class/actions_datapolicy.class.php b/htdocs/datapolicy/class/actions_datapolicy.class.php index ac360674c85..768ddd216d7 100644 --- a/htdocs/datapolicy/class/actions_datapolicy.class.php +++ b/htdocs/datapolicy/class/actions_datapolicy.class.php @@ -82,11 +82,11 @@ class ActionsDatapolicy /** * Overloading the doActions function : replacing the parent's function with the one below * - * @param array $parameters Hook metadatas (context, etc...) - * @param CommonObject $object The object to process (an invoice if you are in invoice module, a propale in propale's module, etc...) - * @param string $action Current action (if set). Generally create or edit or null - * @param HookManager $hookmanager Hook manager propagated to allow calling another hook - * @return int < 0 on error, 0 on success, 1 to replace standard code + * @param array $parameters Hook metadatas (context, etc...) + * @param Societe|CommonObject $object The object to process (an invoice if you are in invoice module, a propale in propale's module, etc...) + * @param string $action Current action (if set). Generally create or edit or null + * @param HookManager $hookmanager Hook manager propagated to allow calling another hook + * @return int < 0 on error, 0 on success, 1 to replace standard code */ public function doActions($parameters, &$object, &$action, $hookmanager) { @@ -103,7 +103,6 @@ class ActionsDatapolicy // on verifie si l'objet est utilisé if ($object->isObjectUsed(GETPOST('socid'))) { $object->name = $langs->trans('ANONYME'); - $object->name_bis = ''; $object->name_alias = ''; $object->address = ''; $object->town = ''; @@ -115,7 +114,7 @@ class ActionsDatapolicy $object->state = ''; $object->country = ''; $object->state_id = ''; - $object->skype = ''; + $object->socialnetworks = ''; $object->country_id = ''; $object->note_private = $object->note_private.'
'.$langs->trans('ANONYMISER_AT', dol_print_date(time())); @@ -128,76 +127,6 @@ class ActionsDatapolicy header('Location:'.$_SERVER["PHP_SELF"]."?socid=".$object->id); } } - } elseif ($parameters['currentcontext'] == 'thirdpartycard' && $action == 'datapolicy_portabilite') { - header('Content-Type: application/csv'); - header('Content-Disposition: attachment; filename=datapolicy_portabilite.csv'); - header('Pragma: no-cache'); - $object->fetch(GETPOST('socid')); - echo 'Name;Firstname;Civility;Thirdparty;Function;Address;ZipCode;City;Department;Country;Email;Pro Phone;Perso Phone;Mobile Phone;Instant Mail;Birthday;'.PHP_EOL; - echo $object->name.';'; - echo ';'; - echo ';'; - echo ';'; - echo ';'; - echo $object->address.';'; - echo $object->zip.';'; - echo $object->town.';'; - echo $object->state.';'; - echo $object->country.';'; - echo $object->email.';'; - echo $object->phone.';'; - echo ';'; - echo ';'; - echo $object->skype.';'; - echo ';'; - exit; - } elseif ($parameters['currentcontext'] == 'membercard' && $action == 'datapolicy_portabilite') { - header('Content-Type: application/csv'); - header('Content-Disposition: attachment; filename=datapolicy_portabilite.csv'); - header('Pragma: no-cache'); - $soc = $object->fetch_thirdparty(); - - echo 'Name;Firstname;Civility;Thirdparty;Function;Address;ZipCode;City;Department;Country;Email;Pro Phone;Perso Phone;Mobile Phone;Instant Mail;Birthday;'.PHP_EOL; - echo $object->lastname.';'; - echo $object->firstname.';'; - echo $object->getCivilityLabel().';'; - echo ($soc != -1 ? $object->thirdparty->name : '').';'; - echo ';'; - echo $object->address.';'; - echo $object->zip.';'; - echo $object->town.';'; - echo $object->state.';'; - echo $object->country.';'; - echo $object->email.';'; - echo $object->phone.';'; - echo $object->phone_perso.';'; - echo $object->phone_mobile.';'; - echo $object->skype.';'; - echo dol_print_date($object->birth).';'; - exit; - } elseif ($parameters['currentcontext'] == 'contactcard' && $action == 'datapolicy_portabilite') { - $object->fetch(GETPOST('id')); - header('Content-Type: application/csv'); - header('Content-Disposition: attachment; filename=datapolicy_portabilite.csv'); - header('Pragma: no-cache'); - $soc = $object->fetch_thirdparty(); - echo 'Name;Firstname;Civility;Thirdparty;Function;Address;ZipCode;City;Department;Country;Email;Pro Phone;Perso Phone;Mobile Phone;Instant Mail;Birthday;'.PHP_EOL; - echo $object->lastname.';'; - echo $object->firstname.';'; - echo $object->getCivilityLabel().';'; - echo ($soc != -1 ? $object->thirdparty->name : '').';'; - echo $object->poste.';'; - echo $object->address.';'; - echo $object->zip.';'; - echo $object->town.';'; - echo $object->state.';'; - echo $object->country.';'; - echo $object->email.';'; - echo $object->phone_pro.';'; - echo $object->phone_perso.';'; - echo $object->phone_mobile.';'; - echo dol_print_date($object->birth).';'; - exit; } elseif ($parameters['currentcontext'] == 'contactcard' && $action == 'send_datapolicy') { $object->fetch(GETPOST('id')); @@ -358,13 +287,7 @@ class ActionsDatapolicy } ); '; echo $dialog; - if ($parameters['currentcontext'] == 'thirdpartycard' && in_array($object->forme_juridique_code, array(11, 12, 13, 15, 17, 18, 19, 35, 60, 200, 311, 312, 316, 401, 600, 700, 1005)) || $object->typent_id == 8) { - echo '
'.$langs->trans("DATAPOLICY_PORTABILITE").'
'; - } elseif ($parameters['currentcontext'] == 'membercard') { - echo '
'.$langs->trans("DATAPOLICY_PORTABILITE").'
'; - } elseif ($parameters['currentcontext'] == 'contactcard') { - echo '
'.$langs->trans("DATAPOLICY_PORTABILITE").'
'; - } + // TODO Replace test of hardcoded values if (!empty($object->mail) && empty($object->array_options['options_datapolicy_send']) && $parameters['currentcontext'] == 'thirdpartycard' && in_array($object->forme_juridique_code, array(11, 12, 13, 15, 17, 18, 19, 35, 60, 200, 311, 312, 316, 401, 600, 700, 1005)) || $object->typent_id == 8) { echo '
'.$langs->trans("DATAPOLICY_SEND").'
'; } elseif (!empty($object->mail) && empty($object->array_options['options_datapolicy_send']) && $parameters['currentcontext'] == 'membercard') { diff --git a/htdocs/societe/class/api_thirdparties.class.php b/htdocs/societe/class/api_thirdparties.class.php index 10266b6f0ac..9921167d00c 100644 --- a/htdocs/societe/class/api_thirdparties.class.php +++ b/htdocs/societe/class/api_thirdparties.class.php @@ -1826,16 +1826,6 @@ class Thirdparties extends DolibarrApi unset($object->fk_delivery_address); // deprecated feature - unset($object->skype); - unset($object->twitter); - unset($object->facebook); - unset($object->linkedin); - unset($object->instagram); - unset($object->snapchat); - unset($object->googleplus); - unset($object->youtube); - unset($object->whatsapp); - return $object; } diff --git a/htdocs/societe/class/societe.class.php b/htdocs/societe/class/societe.class.php index e8e8d044b74..fa6d77ad485 100644 --- a/htdocs/societe/class/societe.class.php +++ b/htdocs/societe/class/societe.class.php @@ -382,11 +382,6 @@ class Societe extends CommonObject */ public $no_email; - /** - * @var array array of socialnetworks - */ - public $socialnetworks; - /** * Skype username * @var string diff --git a/htdocs/user/class/api_users.class.php b/htdocs/user/class/api_users.class.php index 747d4ab3286..2bbadd267cf 100644 --- a/htdocs/user/class/api_users.class.php +++ b/htdocs/user/class/api_users.class.php @@ -701,11 +701,6 @@ class Users extends DolibarrApi unset($object->lines); unset($object->model_pdf); - unset($object->skype); - unset($object->twitter); - unset($object->facebook); - unset($object->linkedin); - $canreadsalary = ((!empty($conf->salaries->enabled) && !empty(DolibarrApiAccess::$user->rights->salaries->read)) || (empty($conf->salaries->enabled))); if (!$canreadsalary) { From 9f85e4a60f93dfe1609c89a192d0243a62d3b395 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Benjamin=20Fali=C3=A8re?= Date: Mon, 30 Jan 2023 14:21:10 +0100 Subject: [PATCH 064/227] Fixed another little error --- htdocs/commande/card.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/commande/card.php b/htdocs/commande/card.php index d746c93a315..6e4c5f45420 100644 --- a/htdocs/commande/card.php +++ b/htdocs/commande/card.php @@ -1756,7 +1756,7 @@ if ($action == 'create' && $usercancreate) { // Shipping Method if (isModEnabled('expedition')) { print ''.$langs->trans('SendingMethod').''; - print img_picto('', 'object_dolly', 'class="pictofixedwidth"').$form->selectShippingMethod((GETPOST('shipping_method_id')?GETPOSTISSET('shipping_method_id'):$shipping_method_id), 'shipping_method_id', '', 1, '', 0, 'maxwidth200 widthcentpercentminusx'); + print img_picto('', 'object_dolly', 'class="pictofixedwidth"').$form->selectShippingMethod((GETPOSTISSET('shipping_method_id')?GETPOST('shipping_method_id'):$shipping_method_id), 'shipping_method_id', '', 1, '', 0, 'maxwidth200 widthcentpercentminusx'); print ''; } From d1c19d9c96012324fdb764cad1664bb9cc79122d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20FRANCE?= Date: Mon, 30 Jan 2023 14:41:25 +0100 Subject: [PATCH 065/227] Add files via upload --- htdocs/theme/common/flags/xk.png | Bin 0 -> 371 bytes 1 file changed, 0 insertions(+), 0 deletions(-) create mode 100644 htdocs/theme/common/flags/xk.png diff --git a/htdocs/theme/common/flags/xk.png b/htdocs/theme/common/flags/xk.png new file mode 100644 index 0000000000000000000000000000000000000000..d90e8277ac9eaec104db360252fd59cb72f0b613 GIT binary patch literal 371 zcmeAS@N?(olHy`uVBq!ia0vp^0zk~o!2~3KHq6QcQjEnx?oJHr&dIz4a#+$GeH|GX zHuiJ>Nn{1`ISV`@iy17M4uLS^MYatoKn)z8E{-7@!O1BFapxSk64C;=8jTJ*c+GGQ z>p30ZdceW;!Rh|}b8>v*>;JT#YGf2{dGs`CWk-N{nCObWYbnWze?GoGzy5yx&YP0y zViGU4KQ6D(a+t!%c*V1ahllanBWE(OD7k`fG(l_68R>ObZJ P1B$`Z)z4*}Q$iB}`3aRW literal 0 HcmV?d00001 From 2a35dc32c69533abd059b4f6fd39c7b46cdedbb9 Mon Sep 17 00:00:00 2001 From: Thomas Negre Date: Fri, 27 Jan 2023 17:17:42 +0100 Subject: [PATCH 066/227] NEW Order export : allow to export field 'shipment method'. --- htdocs/core/modules/modCommande.class.php | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/htdocs/core/modules/modCommande.class.php b/htdocs/core/modules/modCommande.class.php index 38b81cdb4fb..29e9f8c12f4 100644 --- a/htdocs/core/modules/modCommande.class.php +++ b/htdocs/core/modules/modCommande.class.php @@ -204,7 +204,7 @@ class modCommande extends DolibarrModules 'co.code'=>"CountryCode", 's.phone'=>'Phone', 's.siren'=>'ProfId1', 's.siret'=>'ProfId2', 's.ape'=>'ProfId3', 's.idprof4'=>'ProfId4', 'c.rowid'=>"Id", 'c.ref'=>"Ref", 'c.ref_client'=>"RefCustomer", 'c.fk_soc'=>"IdCompany", 'c.date_creation'=>"DateCreation", 'c.date_commande'=>"OrderDate", 'c.date_livraison'=>"DateDeliveryPlanned", 'c.amount_ht'=>"Amount", 'c.total_ht'=>"TotalHT", - 'c.total_ttc'=>"TotalTTC", 'c.facture'=>"Billed", 'c.fk_statut'=>'Status', 'c.note_public'=>"Note", + 'c.total_ttc'=>"TotalTTC", 'c.facture'=>"Billed", 'c.fk_statut'=>'Status', 'c.note_public'=>"Note", 'sm.code'=>'SendingMethod', 'c.fk_user_author'=>'CreatedById', 'uc.login'=>'CreatedByLogin', 'c.fk_user_valid'=>'ValidatedById', 'uv.login'=>'ValidatedByLogin', 'pj.ref'=>'ProjectRef', 'cd.rowid'=>'LineId', 'cd.description'=>"LineDescription", 'cd.product_type'=>'TypeOfLineServiceOrProduct', 'cd.tva_tx'=>"LineVATRate", 'cd.qty'=>"LineQty", 'cd.total_ht'=>"LineTotalHT", 'cd.total_tva'=>"LineTotalVAT", 'cd.total_ttc'=>"LineTotalTTC", @@ -235,7 +235,7 @@ class modCommande extends DolibarrModules $this->export_TypeFields_array[$r] = array( 's.nom'=>'Text', 'ps.nom'=>'Text', 's.address'=>'Text', 's.zip'=>'Text', 's.town'=>'Text', 'co.label'=>'List:c_country:label:label', 'co.code'=>'Text', 's.phone'=>'Text', 's.siren'=>'Text', 's.siret'=>'Text', 's.ape'=>'Text', 's.idprof4'=>'Text', 'c.ref'=>"Text", 'c.ref_client'=>"Text", 'c.date_creation'=>"Date", - 'c.date_commande'=>"Date", 'c.date_livraison'=>"Date", 'c.amount_ht'=>"Numeric", 'c.total_ht'=>"Numeric", + 'c.date_commande'=>"Date", 'c.date_livraison'=>"Date", 'sm.code'=>"Text", 'c.amount_ht'=>"Numeric", 'c.total_ht'=>"Numeric", 'c.total_ttc'=>"Numeric", 'c.facture'=>"Boolean", 'c.fk_statut'=>'Status', 'c.note_public'=>"Text", 'pj.ref'=>'Text', 'cd.description'=>"Text", 'cd.product_type'=>'Boolean', 'cd.tva_tx'=>"Numeric", 'cd.qty'=>"Numeric", 'cd.total_ht'=>"Numeric", 'cd.total_tva'=>"Numeric", 'cd.total_ttc'=>"Numeric", 'p.rowid'=>'List:product:ref::product', 'p.ref'=>'Text', 'p.label'=>'Text', 'd.nom'=>'Text', @@ -244,9 +244,9 @@ class modCommande extends DolibarrModules $this->export_entities_array[$r] = array( 's.rowid'=>"company", 's.nom'=>'company', 'ps.nom'=>'company', 's.address'=>'company', 's.zip'=>'company', 's.town'=>'company', 'd.nom'=>'company', 'co.label'=>'company', 'co.code'=>'company', 's.phone'=>'company', 's.siren'=>'company', 's.ape'=>'company', 's.idprof4'=>'company', 's.siret'=>'company', 'c.rowid'=>"order", - 'c.ref'=>"order", 'c.ref_client'=>"order", 'c.fk_soc'=>"order", 'c.date_creation'=>"order", 'c.date_commande'=>"order", 'c.amount_ht'=>"order", + 'c.ref'=>"order", 'c.ref_client'=>"order", 'c.fk_soc'=>"order", 'c.date_creation'=>"order", 'c.date_commande'=>"order", 'c.amount_ht'=>"order", 'c.total_ht'=>"order", 'c.total_ttc'=>"order", 'c.facture'=>"order", 'c.fk_statut'=>"order", 'c.note'=>"order", - 'c.date_livraison'=>"order", 'pj.ref'=>'project', 'cd.rowid'=>'order_line', 'cd.description'=>"order_line", + 'c.date_livraison'=>"order", 'sm.code'=>"order", 'pj.ref'=>'project', 'cd.rowid'=>'order_line', 'cd.description'=>"order_line", 'cd.product_type'=>'order_line', 'cd.tva_tx'=>"order_line", 'cd.qty'=>"order_line", 'cd.total_ht'=>"order_line", 'cd.total_tva'=>"order_line", 'cd.total_ttc'=>"order_line", 'p.rowid'=>'product', 'p.ref'=>'product', 'p.label'=>'product' ); @@ -277,6 +277,7 @@ class modCommande extends DolibarrModules $this->export_sql_end[$r] .= ' LEFT JOIN '.MAIN_DB_PREFIX.'c_departements as d ON s.fk_departement = d.rowid'; $this->export_sql_end[$r] .= ' LEFT JOIN '.MAIN_DB_PREFIX.'c_country as co ON s.fk_pays = co.rowid,'; $this->export_sql_end[$r] .= ' '.MAIN_DB_PREFIX.'commande as c'; + $this->export_sql_end[$r] .= ' LEFT JOIN '.MAIN_DB_PREFIX.'c_shipment_mode as sm ON c.fk_shipping_method = sm.rowid'; $this->export_sql_end[$r] .= ' LEFT JOIN '.MAIN_DB_PREFIX.'projet as pj ON c.fk_projet = pj.rowid'; $this->export_sql_end[$r] .= ' LEFT JOIN '.MAIN_DB_PREFIX.'user as uc ON c.fk_user_author = uc.rowid'; $this->export_sql_end[$r] .= ' LEFT JOIN '.MAIN_DB_PREFIX.'user as uv ON c.fk_user_valid = uv.rowid'; From 95cb4237bf3376e88e4342f92c9ae4b082a4eca1 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 30 Jan 2023 15:51:34 +0100 Subject: [PATCH 067/227] Fix css --- htdocs/admin/emailcollector_list.php | 6 +++++- htdocs/emailcollector/class/emailcollector.class.php | 4 ++-- htdocs/modulebuilder/template/myobject_list.php | 2 +- 3 files changed, 8 insertions(+), 4 deletions(-) diff --git a/htdocs/admin/emailcollector_list.php b/htdocs/admin/emailcollector_list.php index 3be38cca113..fb09143412f 100644 --- a/htdocs/admin/emailcollector_list.php +++ b/htdocs/admin/emailcollector_list.php @@ -601,13 +601,17 @@ while ($i < $imaxinloop) { //if (in_array($key, array('fk_soc', 'fk_user', 'fk_warehouse'))) $cssforfield = 'tdoverflowmax100'; if (!empty($arrayfields['t.'.$key]['checked'])) { - print ''; if ($key == 'status') { print $object->getLibStatut(5); + } elseif ($key == 'lastresult') { + print '
'; + print $object->showOutputField($val, $key, $object->$key, ''); + print '
'; } elseif ($key == 'rowid') { print $object->showOutputField($val, $key, $object->id, ''); } else { diff --git a/htdocs/emailcollector/class/emailcollector.class.php b/htdocs/emailcollector/class/emailcollector.class.php index b2b3cb70f39..ba274fba2c2 100644 --- a/htdocs/emailcollector/class/emailcollector.class.php +++ b/htdocs/emailcollector/class/emailcollector.class.php @@ -128,7 +128,7 @@ class EmailCollector extends CommonObject public $fields = array( 'rowid' => array('type'=>'integer', 'label'=>'TechnicalID', 'visible'=>2, 'enabled'=>1, 'position'=>1, 'notnull'=>1, 'index'=>1), 'entity' => array('type'=>'integer', 'label'=>'Entity', 'enabled'=>1, 'visible'=>0, 'default'=>1, 'notnull'=>1, 'index'=>1, 'position'=>20), - 'ref' => array('type'=>'varchar(128)', 'label'=>'Ref', 'enabled'=>1, 'visible'=>1, 'notnull'=>1, 'showoncombobox'=>1, 'index'=>1, 'position'=>10, 'searchall'=>1, 'help'=>'Example: MyCollector1', 'csslist'=>'tdoverflowmax150'), + 'ref' => array('type'=>'varchar(128)', 'label'=>'Ref', 'enabled'=>1, 'visible'=>1, 'notnull'=>1, 'showoncombobox'=>1, 'index'=>1, 'position'=>10, 'searchall'=>1, 'help'=>'Example: MyCollector1', 'csslist'=>'tdoverflowmax200'), 'label' => array('type'=>'varchar(255)', 'label'=>'Label', 'visible'=>1, 'enabled'=>1, 'position'=>30, 'notnull'=>-1, 'searchall'=>1, 'help'=>'Example: My Email collector', 'csslist'=>'tdoverflowmax150'), 'description' => array('type'=>'text', 'label'=>'Description', 'visible'=>-1, 'enabled'=>1, 'position'=>60, 'notnull'=>-1, 'csslist'=>'small'), 'host' => array('type'=>'varchar(255)', 'label'=>'EMailHost', 'visible'=>1, 'enabled'=>1, 'position'=>90, 'notnull'=>1, 'searchall'=>1, 'comment'=>"IMAP server", 'help'=>'Example: imap.gmail.com', 'csslist'=>'tdoverflowmax125'), @@ -145,7 +145,7 @@ class EmailCollector extends CommonObject 'maxemailpercollect' => array('type'=>'integer', 'label'=>'MaxEmailCollectPerCollect', 'visible'=>-1, 'enabled'=>1, 'position'=>111, 'default'=>100), 'datelastresult' => array('type'=>'datetime', 'label'=>'DateLastCollectResult', 'visible'=>1, 'enabled'=>'$action != "create" && $action != "edit"', 'position'=>121, 'notnull'=>-1, 'csslist'=>'nowraponall'), 'codelastresult' => array('type'=>'varchar(16)', 'label'=>'CodeLastResult', 'visible'=>1, 'enabled'=>'$action != "create" && $action != "edit"', 'position'=>122, 'notnull'=>-1,), - 'lastresult' => array('type'=>'varchar(255)', 'label'=>'LastResult', 'visible'=>1, 'enabled'=>'$action != "create" && $action != "edit"', 'position'=>123, 'notnull'=>-1, 'csslist'=>'small'), + 'lastresult' => array('type'=>'varchar(255)', 'label'=>'LastResult', 'visible'=>1, 'enabled'=>'$action != "create" && $action != "edit"', 'position'=>123, 'notnull'=>-1, 'csslist'=>'small tdoverflowmax200'), 'datelastok' => array('type'=>'datetime', 'label'=>'DateLastcollectResultOk', 'visible'=>1, 'enabled'=>'$action != "create"', 'position'=>125, 'notnull'=>-1, 'csslist'=>'nowraponall'), 'note_public' => array('type'=>'html', 'label'=>'NotePublic', 'visible'=>0, 'enabled'=>1, 'position'=>61, 'notnull'=>-1,), 'note_private' => array('type'=>'html', 'label'=>'NotePrivate', 'visible'=>0, 'enabled'=>1, 'position'=>62, 'notnull'=>-1,), diff --git a/htdocs/modulebuilder/template/myobject_list.php b/htdocs/modulebuilder/template/myobject_list.php index 66aa7b0b35e..78e7c31077b 100644 --- a/htdocs/modulebuilder/template/myobject_list.php +++ b/htdocs/modulebuilder/template/myobject_list.php @@ -737,7 +737,7 @@ while ($i < $imaxinloop) { //if (in_array($key, array('fk_soc', 'fk_user', 'fk_warehouse'))) $cssforfield = 'tdoverflowmax100'; if (!empty($arrayfields['t.'.$key]['checked'])) { - print ' Date: Mon, 30 Jan 2023 15:51:34 +0100 Subject: [PATCH 068/227] Fix css --- htdocs/admin/emailcollector_list.php | 6 +++++- htdocs/emailcollector/class/emailcollector.class.php | 4 ++-- htdocs/modulebuilder/template/myobject_list.php | 2 +- 3 files changed, 8 insertions(+), 4 deletions(-) diff --git a/htdocs/admin/emailcollector_list.php b/htdocs/admin/emailcollector_list.php index 3be38cca113..fb09143412f 100644 --- a/htdocs/admin/emailcollector_list.php +++ b/htdocs/admin/emailcollector_list.php @@ -601,13 +601,17 @@ while ($i < $imaxinloop) { //if (in_array($key, array('fk_soc', 'fk_user', 'fk_warehouse'))) $cssforfield = 'tdoverflowmax100'; if (!empty($arrayfields['t.'.$key]['checked'])) { - print ''; if ($key == 'status') { print $object->getLibStatut(5); + } elseif ($key == 'lastresult') { + print '
'; + print $object->showOutputField($val, $key, $object->$key, ''); + print '
'; } elseif ($key == 'rowid') { print $object->showOutputField($val, $key, $object->id, ''); } else { diff --git a/htdocs/emailcollector/class/emailcollector.class.php b/htdocs/emailcollector/class/emailcollector.class.php index 7bf8306f4fd..6d8a8a048d3 100644 --- a/htdocs/emailcollector/class/emailcollector.class.php +++ b/htdocs/emailcollector/class/emailcollector.class.php @@ -128,7 +128,7 @@ class EmailCollector extends CommonObject public $fields = array( 'rowid' => array('type'=>'integer', 'label'=>'TechnicalID', 'visible'=>2, 'enabled'=>1, 'position'=>1, 'notnull'=>1, 'index'=>1), 'entity' => array('type'=>'integer', 'label'=>'Entity', 'enabled'=>1, 'visible'=>0, 'default'=>1, 'notnull'=>1, 'index'=>1, 'position'=>20), - 'ref' => array('type'=>'varchar(128)', 'label'=>'Ref', 'enabled'=>1, 'visible'=>1, 'notnull'=>1, 'showoncombobox'=>1, 'index'=>1, 'position'=>10, 'searchall'=>1, 'help'=>'Example: MyCollector1', 'csslist'=>'tdoverflowmax150'), + 'ref' => array('type'=>'varchar(128)', 'label'=>'Ref', 'enabled'=>1, 'visible'=>1, 'notnull'=>1, 'showoncombobox'=>1, 'index'=>1, 'position'=>10, 'searchall'=>1, 'help'=>'Example: MyCollector1', 'csslist'=>'tdoverflowmax200'), 'label' => array('type'=>'varchar(255)', 'label'=>'Label', 'visible'=>1, 'enabled'=>1, 'position'=>30, 'notnull'=>-1, 'searchall'=>1, 'help'=>'Example: My Email collector', 'csslist'=>'tdoverflowmax150'), 'description' => array('type'=>'text', 'label'=>'Description', 'visible'=>-1, 'enabled'=>1, 'position'=>60, 'notnull'=>-1, 'csslist'=>'small'), 'host' => array('type'=>'varchar(255)', 'label'=>'EMailHost', 'visible'=>1, 'enabled'=>1, 'position'=>90, 'notnull'=>1, 'searchall'=>1, 'comment'=>"IMAP server", 'help'=>'Example: imap.gmail.com', 'csslist'=>'tdoverflowmax125'), @@ -145,7 +145,7 @@ class EmailCollector extends CommonObject 'maxemailpercollect' => array('type'=>'integer', 'label'=>'MaxEmailCollectPerCollect', 'visible'=>-1, 'enabled'=>1, 'position'=>111, 'default'=>100), 'datelastresult' => array('type'=>'datetime', 'label'=>'DateLastCollectResult', 'visible'=>1, 'enabled'=>'$action != "create" && $action != "edit"', 'position'=>121, 'notnull'=>-1, 'csslist'=>'nowraponall'), 'codelastresult' => array('type'=>'varchar(16)', 'label'=>'CodeLastResult', 'visible'=>1, 'enabled'=>'$action != "create" && $action != "edit"', 'position'=>122, 'notnull'=>-1,), - 'lastresult' => array('type'=>'varchar(255)', 'label'=>'LastResult', 'visible'=>1, 'enabled'=>'$action != "create" && $action != "edit"', 'position'=>123, 'notnull'=>-1, 'csslist'=>'small'), + 'lastresult' => array('type'=>'varchar(255)', 'label'=>'LastResult', 'visible'=>1, 'enabled'=>'$action != "create" && $action != "edit"', 'position'=>123, 'notnull'=>-1, 'csslist'=>'small tdoverflowmax200'), 'datelastok' => array('type'=>'datetime', 'label'=>'DateLastcollectResultOk', 'visible'=>1, 'enabled'=>'$action != "create"', 'position'=>125, 'notnull'=>-1, 'csslist'=>'nowraponall'), 'note_public' => array('type'=>'html', 'label'=>'NotePublic', 'visible'=>0, 'enabled'=>1, 'position'=>61, 'notnull'=>-1,), 'note_private' => array('type'=>'html', 'label'=>'NotePrivate', 'visible'=>0, 'enabled'=>1, 'position'=>62, 'notnull'=>-1,), diff --git a/htdocs/modulebuilder/template/myobject_list.php b/htdocs/modulebuilder/template/myobject_list.php index 95442195ff9..44e870b12de 100644 --- a/htdocs/modulebuilder/template/myobject_list.php +++ b/htdocs/modulebuilder/template/myobject_list.php @@ -730,7 +730,7 @@ while ($i < $imaxinloop) { //if (in_array($key, array('fk_soc', 'fk_user', 'fk_warehouse'))) $cssforfield = 'tdoverflowmax100'; if (!empty($arrayfields['t.'.$key]['checked'])) { - print ' Date: Mon, 30 Jan 2023 16:16:36 +0100 Subject: [PATCH 069/227] NEW The refresh link for imap collector is always visible --- htdocs/admin/emailcollector_card.php | 19 +++++++++++-------- 1 file changed, 11 insertions(+), 8 deletions(-) diff --git a/htdocs/admin/emailcollector_card.php b/htdocs/admin/emailcollector_card.php index b3d6e045470..034997b1716 100644 --- a/htdocs/admin/emailcollector_card.php +++ b/htdocs/admin/emailcollector_card.php @@ -387,7 +387,7 @@ if ($object->id > 0 && (empty($action) || ($action != 'edit' && $action != 'crea $morehtmlref = '
'; $morehtmlref .= '
'; - $morehtml = $langs->trans("NbOfEmailsInInbox").' : '; + $morehtml = ''; $sourcedir = $object->source_directory; $targetdir = ($object->target_directory ? $object->target_directory : ''); // Can be '[Gmail]/Trash' or 'mytag' @@ -404,6 +404,7 @@ if ($object->id > 0 && (empty($action) || ($action != 'edit' && $action != 'crea $connectstringserver = $object->getConnectStringIMAP($usessl); if ($action == 'scan') { + $nbemail = ''; if (!empty($conf->global->MAIN_IMAP_USE_PHPIMAP)) { if ($object->acces_type == 1) { // Mode OAUth2 with PHP-IMAP @@ -493,7 +494,6 @@ if ($object->id > 0 && (empty($action) || ($action != 'edit' && $action != 'crea $f = $client->getFolders(false, $object->source_directory); $nbemail = $f[0]->examine()["exists"]; - $morehtml .= $nbemail; } else { try { if ($sourcedir) { @@ -525,15 +525,15 @@ if ($object->id > 0 && (empty($action) || ($action != 'edit' && $action != 'crea } if (!$connection) { - $morehtml .= 'Failed to open IMAP connection '.$connectstringsource; + $nbemail .= 'Failed to open IMAP connection '.$connectstringsource; if (function_exists('imap_last_error')) { - $morehtml .= '
'.imap_last_error(); + $nbemail .= '
'.imap_last_error(); } dol_syslog("Error ".$morehtml, LOG_WARNING); //var_dump(imap_errors()) } else { dol_syslog("Imap connected. Now we call imap_num_msg()"); - $morehtml .= imap_num_msg($connection); + $nbemail .= imap_num_msg($connection); } if ($connection) { @@ -541,12 +541,15 @@ if ($object->id > 0 && (empty($action) || ($action != 'edit' && $action != 'crea imap_close($connection); } } - } else { - $morehtml .= ''.img_picto('', 'refresh', 'class="paddingrightonly"').$langs->trans("Refresh").''; } - $morehtml .= $form->textwithpicto('', 'connect string '.$connectstringserver); + $morehtml .= $form->textwithpicto($langs->trans("NbOfEmailsInInbox"), 'connect string '.$connectstringserver).': '; + + $morehtml .= ($nbemail != '' ? $nbemail : '?'); + + $morehtml .= '   '.img_picto('', 'refresh', 'class="paddingrightonly"').$langs->trans("Refresh").''; } else { + $morehtml .= $langs->trans("NbOfEmailsInInbox").': '; $morehtml .= 'IMAP functions not available on your PHP. '; } From cc9cd3e3c7cc468b6c287012de088501c1dd9014 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 30 Jan 2023 19:06:18 +0100 Subject: [PATCH 070/227] NEW Can set background style with MAIN_LOGIN_BACKGROUND_STYLE --- htdocs/core/tpl/login.tpl.php | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/htdocs/core/tpl/login.tpl.php b/htdocs/core/tpl/login.tpl.php index 7f97e751ded..4900acc9ec2 100644 --- a/htdocs/core/tpl/login.tpl.php +++ b/htdocs/core/tpl/login.tpl.php @@ -133,9 +133,15 @@ $(document).ready(function () { -"; - $db->free($resql); - } else { - dol_print_error($db); } return $result; From 1f195a3be57844a5e791b529f859426d54380857 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Sat, 4 Feb 2023 14:04:25 +0100 Subject: [PATCH 168/227] Fix #yogosha14963 --- ChangeLog | 2 +- htdocs/adherents/class/subscription.class.php | 2 +- htdocs/comm/propal/class/propal.class.php | 4 +-- htdocs/commande/class/commande.class.php | 4 +-- htdocs/compta/bank/class/account.class.php | 2 +- .../facture/class/facture-rec.class.php | 4 +-- htdocs/compta/facture/class/facture.class.php | 4 +-- htdocs/contact/class/contact.class.php | 6 ++--- htdocs/contrat/class/contrat.class.php | 8 +++--- htdocs/core/actions_addupdatedelete.inc.php | 25 ++++++++++++++++--- .../core/class/emailsenderprofile.class.php | 2 +- htdocs/core/lib/company.lib.php | 2 +- htdocs/core/lib/functions.lib.php | 2 +- htdocs/core/tpl/commonfields_add.tpl.php | 18 +++++++++++-- htdocs/core/tpl/commonfields_edit.tpl.php | 10 +++++++- .../class/emailcollector.class.php | 2 -- .../class/conferenceorbooth.class.php | 2 +- .../class/expensereport.class.php | 4 +-- htdocs/fichinter/class/fichinter.class.php | 6 ++--- .../class/fournisseur.commande.class.php | 4 +-- .../class/fournisseur.facture-rec.class.php | 4 +-- .../fourn/class/fournisseur.facture.class.php | 4 +-- htdocs/projet/class/project.class.php | 4 +-- htdocs/societe/class/societe.class.php | 4 +-- htdocs/societe/class/societeaccount.class.php | 4 +-- htdocs/ticket/class/ticket.class.php | 2 +- htdocs/website/class/websitepage.class.php | 2 +- 27 files changed, 88 insertions(+), 49 deletions(-) diff --git a/ChangeLog b/ChangeLog index 00fbde60b91..350a29fe051 100644 --- a/ChangeLog +++ b/ChangeLog @@ -15,7 +15,7 @@ Following changes may create regressions for some external modules, but were nec * The method "nb_expedition()" has been renamed into "countNbOfShipments()" * Revert default type of hooks. Default is now 'addreplace' hooks (and exception become 'output' hooks, that become deprecated). * Deprecated property libelle removed from entrepot class. - +* The type 'text' in ->fields property dos not accept html content anymore. Use the type 'html' for that. ***** ChangeLog for 17.0.0 compared to 16.0.0 ***** diff --git a/htdocs/adherents/class/subscription.class.php b/htdocs/adherents/class/subscription.class.php index b5079676603..c8994283fe1 100644 --- a/htdocs/adherents/class/subscription.class.php +++ b/htdocs/adherents/class/subscription.class.php @@ -109,7 +109,7 @@ class Subscription extends CommonObject 'datef' =>array('type'=>'datetime', 'label'=>'DateEndSubscription', 'enabled'=>1, 'visible'=>-1, 'position'=>35), 'subscription' =>array('type'=>'double(24,8)', 'label'=>'Amount', 'enabled'=>1, 'visible'=>-1, 'position'=>40, 'isameasure'=>1), 'fk_bank' =>array('type'=>'integer', 'label'=>'BankId', 'enabled'=>1, 'visible'=>-1, 'position'=>45), - 'note' =>array('type'=>'text', 'label'=>'Note', 'enabled'=>1, 'visible'=>-1, 'position'=>50), + 'note' =>array('type'=>'html', 'label'=>'Note', 'enabled'=>1, 'visible'=>-1, 'position'=>50), 'fk_type' =>array('type'=>'integer', 'label'=>'MemberType', 'enabled'=>1, 'visible'=>-1, 'position'=>55), 'fk_user_creat' =>array('type'=>'integer:User:user/class/user.class.php', 'label'=>'UserAuthor', 'enabled'=>1, 'visible'=>-2, 'position'=>60), 'fk_user_valid' =>array('type'=>'integer:User:user/class/user.class.php', 'label'=>'UserValidation', 'enabled'=>1, 'visible'=>-1, 'position'=>65), diff --git a/htdocs/comm/propal/class/propal.class.php b/htdocs/comm/propal/class/propal.class.php index c4328328f18..41913afe8b9 100644 --- a/htdocs/comm/propal/class/propal.class.php +++ b/htdocs/comm/propal/class/propal.class.php @@ -327,8 +327,8 @@ class Propal extends CommonObject 'fk_cond_reglement' =>array('type'=>'integer', 'label'=>'PaymentTerm', 'enabled'=>1, 'visible'=>-1, 'position'=>160), 'deposit_percent' =>array('type'=>'varchar(63)', 'label'=>'DepositPercent', 'enabled'=>1, 'visible'=>-1, 'position'=>161), 'fk_mode_reglement' =>array('type'=>'integer', 'label'=>'PaymentMode', 'enabled'=>1, 'visible'=>-1, 'position'=>165), - 'note_private' =>array('type'=>'text', 'label'=>'NotePrivate', 'enabled'=>1, 'visible'=>0, 'position'=>170), - 'note_public' =>array('type'=>'text', 'label'=>'NotePublic', 'enabled'=>1, 'visible'=>0, 'position'=>175), + 'note_private' =>array('type'=>'html', 'label'=>'NotePrivate', 'enabled'=>1, 'visible'=>0, 'position'=>170), + 'note_public' =>array('type'=>'html', 'label'=>'NotePublic', 'enabled'=>1, 'visible'=>0, 'position'=>175), 'model_pdf' =>array('type'=>'varchar(255)', 'label'=>'PDFTemplate', 'enabled'=>1, 'visible'=>0, 'position'=>180), 'date_livraison' =>array('type'=>'date', 'label'=>'DateDeliveryPlanned', 'enabled'=>1, 'visible'=>-1, 'position'=>185), 'fk_shipping_method' =>array('type'=>'integer', 'label'=>'ShippingMethod', 'enabled'=>1, 'visible'=>-1, 'position'=>190), diff --git a/htdocs/commande/class/commande.class.php b/htdocs/commande/class/commande.class.php index 2a462f77bc4..bca5992b5ba 100644 --- a/htdocs/commande/class/commande.class.php +++ b/htdocs/commande/class/commande.class.php @@ -328,8 +328,8 @@ class Commande extends CommonOrder 'localtax2' =>array('type'=>'double(24,8)', 'label'=>'LocalTax2', 'enabled'=>1, 'visible'=>-1, 'position'=>135, 'isameasure'=>1), 'total_ht' =>array('type'=>'double(24,8)', 'label'=>'TotalHT', 'enabled'=>1, 'visible'=>-1, 'position'=>140, 'isameasure'=>1), 'total_ttc' =>array('type'=>'double(24,8)', 'label'=>'TotalTTC', 'enabled'=>1, 'visible'=>-1, 'position'=>145, 'isameasure'=>1), - 'note_private' =>array('type'=>'text', 'label'=>'NotePrivate', 'enabled'=>1, 'visible'=>0, 'position'=>150), - 'note_public' =>array('type'=>'text', 'label'=>'NotePublic', 'enabled'=>1, 'visible'=>0, 'position'=>155), + 'note_private' =>array('type'=>'html', 'label'=>'NotePrivate', 'enabled'=>1, 'visible'=>0, 'position'=>150), + 'note_public' =>array('type'=>'html', 'label'=>'NotePublic', 'enabled'=>1, 'visible'=>0, 'position'=>155), 'model_pdf' =>array('type'=>'varchar(255)', 'label'=>'PDFTemplate', 'enabled'=>1, 'visible'=>0, 'position'=>160), //'facture' =>array('type'=>'tinyint(4)', 'label'=>'ParentInvoice', 'enabled'=>1, 'visible'=>-1, 'position'=>165), 'fk_account' =>array('type'=>'integer', 'label'=>'BankAccount', 'enabled'=>'$conf->banque->enabled', 'visible'=>-1, 'position'=>170), diff --git a/htdocs/compta/bank/class/account.class.php b/htdocs/compta/bank/class/account.class.php index 71ec8393e09..36bf8795f47 100644 --- a/htdocs/compta/bank/class/account.class.php +++ b/htdocs/compta/bank/class/account.class.php @@ -323,7 +323,7 @@ class Account extends CommonObject 'tms' =>array('type'=>'timestamp', 'label'=>'DateModification', 'enabled'=>1, 'visible'=>-1, 'notnull'=>1, 'position'=>157), 'fk_user_author' =>array('type'=>'integer:User:user/class/user.class.php', 'label'=>'Fk user author', 'enabled'=>1, 'visible'=>-1, 'position'=>160), 'fk_user_modif' =>array('type'=>'integer:User:user/class/user.class.php', 'label'=>'UserModif', 'enabled'=>1, 'visible'=>-2, 'notnull'=>-1, 'position'=>165), - 'note_public' =>array('type'=>'text', 'label'=>'NotePublic', 'enabled'=>1, 'visible'=>0, 'position'=>170), + 'note_public' =>array('type'=>'html', 'label'=>'NotePublic', 'enabled'=>1, 'visible'=>0, 'position'=>170), 'model_pdf' =>array('type'=>'varchar(255)', 'label'=>'Model pdf', 'enabled'=>1, 'visible'=>0, 'position'=>175), 'import_key' =>array('type'=>'varchar(14)', 'label'=>'ImportId', 'enabled'=>1, 'visible'=>-2, 'position'=>180), 'extraparams' =>array('type'=>'varchar(255)', 'label'=>'Extraparams', 'enabled'=>1, 'visible'=>-1, 'position'=>185), diff --git a/htdocs/compta/facture/class/facture-rec.class.php b/htdocs/compta/facture/class/facture-rec.class.php index 269c5267ab3..0ec2deed6e1 100644 --- a/htdocs/compta/facture/class/facture-rec.class.php +++ b/htdocs/compta/facture/class/facture-rec.class.php @@ -185,8 +185,8 @@ class FactureRec extends CommonInvoice 'fk_cond_reglement' =>array('type'=>'integer', 'label'=>'Fk cond reglement', 'enabled'=>1, 'visible'=>-1, 'position'=>90), 'fk_mode_reglement' =>array('type'=>'integer', 'label'=>'Fk mode reglement', 'enabled'=>1, 'visible'=>-1, 'position'=>95), 'date_lim_reglement' =>array('type'=>'date', 'label'=>'Date lim reglement', 'enabled'=>1, 'visible'=>-1, 'position'=>100), - 'note_private' =>array('type'=>'text', 'label'=>'NotePrivate', 'enabled'=>1, 'visible'=>0, 'position'=>105), - 'note_public' =>array('type'=>'text', 'label'=>'NotePublic', 'enabled'=>1, 'visible'=>0, 'position'=>110), + 'note_private' =>array('type'=>'html', 'label'=>'NotePrivate', 'enabled'=>1, 'visible'=>0, 'position'=>105), + 'note_public' =>array('type'=>'html', 'label'=>'NotePublic', 'enabled'=>1, 'visible'=>0, 'position'=>110), 'modelpdf' =>array('type'=>'varchar(255)', 'label'=>'Modelpdf', 'enabled'=>1, 'visible'=>-1, 'position'=>115), 'date_when' =>array('type'=>'datetime', 'label'=>'Date when', 'enabled'=>1, 'visible'=>-1, 'position'=>130), 'date_last_gen' =>array('type'=>'datetime', 'label'=>'Date last gen', 'enabled'=>1, 'visible'=>-1, 'position'=>135), diff --git a/htdocs/compta/facture/class/facture.class.php b/htdocs/compta/facture/class/facture.class.php index 561ebf3e9ed..75869a900dd 100644 --- a/htdocs/compta/facture/class/facture.class.php +++ b/htdocs/compta/facture/class/facture.class.php @@ -341,8 +341,8 @@ class Facture extends CommonInvoice 'fk_currency' =>array('type'=>'varchar(3)', 'label'=>'CurrencyCode', 'enabled'=>1, 'visible'=>-1, 'position'=>185), 'fk_cond_reglement' =>array('type'=>'integer', 'label'=>'PaymentTerm', 'enabled'=>1, 'visible'=>-1, 'notnull'=>1, 'position'=>190), 'fk_mode_reglement' =>array('type'=>'integer', 'label'=>'PaymentMode', 'enabled'=>1, 'visible'=>-1, 'position'=>195), - 'note_private' =>array('type'=>'text', 'label'=>'NotePrivate', 'enabled'=>1, 'visible'=>0, 'position'=>205), - 'note_public' =>array('type'=>'text', 'label'=>'NotePublic', 'enabled'=>1, 'visible'=>0, 'position'=>210), + 'note_private' =>array('type'=>'html', 'label'=>'NotePrivate', 'enabled'=>1, 'visible'=>0, 'position'=>205), + 'note_public' =>array('type'=>'html', 'label'=>'NotePublic', 'enabled'=>1, 'visible'=>0, 'position'=>210), 'model_pdf' =>array('type'=>'varchar(255)', 'label'=>'Model pdf', 'enabled'=>1, 'visible'=>0, 'position'=>215), 'extraparams' =>array('type'=>'varchar(255)', 'label'=>'Extraparams', 'enabled'=>1, 'visible'=>-1, 'position'=>225), 'situation_cycle_ref' =>array('type'=>'smallint(6)', 'label'=>'Situation cycle ref', 'enabled'=>'$conf->global->INVOICE_USE_SITUATION', 'visible'=>-1, 'position'=>230), diff --git a/htdocs/contact/class/contact.class.php b/htdocs/contact/class/contact.class.php index 52ea2b69c8d..b9963b1e16c 100644 --- a/htdocs/contact/class/contact.class.php +++ b/htdocs/contact/class/contact.class.php @@ -101,7 +101,7 @@ class Contact extends CommonObject 'poste' =>array('type'=>'varchar(80)', 'label'=>'PostOrFunction', 'enabled'=>1, 'visible'=>-1, 'position'=>52), 'address' =>array('type'=>'varchar(255)', 'label'=>'Address', 'enabled'=>1, 'visible'=>-1, 'position'=>55), 'zip' =>array('type'=>'varchar(25)', 'label'=>'Zip', 'enabled'=>1, 'visible'=>1, 'position'=>60), - 'town' =>array('type'=>'text', 'label'=>'Town', 'enabled'=>1, 'visible'=>-1, 'position'=>65), + 'town' =>array('type'=>'varchar(50)', 'label'=>'Town', 'enabled'=>1, 'visible'=>-1, 'position'=>65), 'fk_departement' =>array('type'=>'integer', 'label'=>'Fk departement', 'enabled'=>1, 'visible'=>3, 'position'=>70), 'fk_pays' =>array('type'=>'integer', 'label'=>'Fk pays', 'enabled'=>1, 'visible'=>3, 'position'=>75), 'fk_soc' =>array('type'=>'integer', 'label'=>'ThirdParty', 'enabled'=>1, 'visible'=>1, 'position'=>77, 'searchall'=>1), @@ -117,8 +117,8 @@ class Contact extends CommonObject 'fk_stcommcontact' =>array('type'=>'integer', 'label'=>'ProspectStatus', 'enabled'=>1, 'visible'=>-1, 'notnull'=>1, 'position'=>220), 'fk_prospectlevel' =>array('type'=>'varchar(12)', 'label'=>'ProspectLevel', 'enabled'=>1, 'visible'=>-1, 'position'=>255), 'no_email' =>array('type'=>'smallint(6)', 'label'=>'No_Email', 'enabled'=>1, 'visible'=>-1, 'notnull'=>1, 'position'=>180), - 'note_private' =>array('type'=>'text', 'label'=>'NotePrivate', 'enabled'=>1, 'visible'=>3, 'position'=>195, 'searchall'=>1), - 'note_public' =>array('type'=>'text', 'label'=>'NotePublic', 'enabled'=>1, 'visible'=>3, 'position'=>200, 'searchall'=>1), + 'note_private' =>array('type'=>'html', 'label'=>'NotePrivate', 'enabled'=>1, 'visible'=>3, 'position'=>195, 'searchall'=>1), + 'note_public' =>array('type'=>'html', 'label'=>'NotePublic', 'enabled'=>1, 'visible'=>3, 'position'=>200, 'searchall'=>1), 'default_lang' =>array('type'=>'varchar(6)', 'label'=>'Default lang', 'enabled'=>1, 'visible'=>3, 'position'=>205), 'canvas' =>array('type'=>'varchar(32)', 'label'=>'Canvas', 'enabled'=>1, 'visible'=>3, 'position'=>210), 'datec' =>array('type'=>'datetime', 'label'=>'DateCreation', 'enabled'=>1, 'visible'=>-1, 'position'=>300), diff --git a/htdocs/contrat/class/contrat.class.php b/htdocs/contrat/class/contrat.class.php index ad2cbcea84b..6078e33cb6a 100644 --- a/htdocs/contrat/class/contrat.class.php +++ b/htdocs/contrat/class/contrat.class.php @@ -238,8 +238,8 @@ class Contrat extends CommonObject 'fk_commercial_signature' =>array('type'=>'integer:User:user/class/user.class.php', 'label'=>'SaleRepresentative Signature', 'enabled'=>1, 'visible'=>-1, 'position'=>80), 'fk_commercial_suivi' =>array('type'=>'integer:User:user/class/user.class.php', 'label'=>'SaleRepresentative follower', 'enabled'=>1, 'visible'=>-1, 'position'=>85), 'fk_user_author' =>array('type'=>'integer:User:user/class/user.class.php', 'label'=>'UserAuthor', 'enabled'=>1, 'visible'=>-1, 'notnull'=>1, 'position'=>90), - 'note_public' =>array('type'=>'text', 'label'=>'NotePublic', 'enabled'=>1, 'visible'=>0, 'position'=>105, 'searchall'=>1), - 'note_private' =>array('type'=>'text', 'label'=>'NotePrivate', 'enabled'=>1, 'visible'=>0, 'position'=>110, 'searchall'=>1), + 'note_public' =>array('type'=>'html', 'label'=>'NotePublic', 'enabled'=>1, 'visible'=>0, 'position'=>105, 'searchall'=>1), + 'note_private' =>array('type'=>'html', 'label'=>'NotePrivate', 'enabled'=>1, 'visible'=>0, 'position'=>110, 'searchall'=>1), 'model_pdf' =>array('type'=>'varchar(255)', 'label'=>'Model pdf', 'enabled'=>1, 'visible'=>0, 'position'=>115), 'import_key' =>array('type'=>'varchar(14)', 'label'=>'ImportId', 'enabled'=>1, 'visible'=>-2, 'position'=>120), 'extraparams' =>array('type'=>'varchar(255)', 'label'=>'Extraparams', 'enabled'=>1, 'visible'=>-1, 'position'=>125), @@ -2988,8 +2988,8 @@ class ContratLigne extends CommonObjectLine 'fk_contrat' =>array('type'=>'integer:Contrat:contrat/class/contrat.class.php', 'label'=>'Contract', 'enabled'=>1, 'visible'=>-1, 'notnull'=>1, 'position'=>70), 'fk_product' =>array('type'=>'integer:Product:product/class/product.class.php:1', 'label'=>'Product', 'enabled'=>1, 'visible'=>-1, 'position'=>75), //'fk_user_author' =>array('type'=>'integer:User:user/class/user.class.php', 'label'=>'Fk user author', 'enabled'=>1, 'visible'=>-1, 'notnull'=>1, 'position'=>90), - 'note_private' =>array('type'=>'text', 'label'=>'NotePublic', 'enabled'=>1, 'visible'=>0, 'position'=>105), - 'note_public' =>array('type'=>'text', 'label'=>'NotePrivate', 'enabled'=>1, 'visible'=>0, 'position'=>110), + 'note_private' =>array('type'=>'html', 'label'=>'NotePublic', 'enabled'=>1, 'visible'=>0, 'position'=>105), + 'note_public' =>array('type'=>'html', 'label'=>'NotePrivate', 'enabled'=>1, 'visible'=>0, 'position'=>110), //'model_pdf' =>array('type'=>'varchar(255)', 'label'=>'Model pdf', 'enabled'=>1, 'visible'=>0, 'position'=>115), //'import_key' =>array('type'=>'varchar(14)', 'label'=>'ImportId', 'enabled'=>1, 'visible'=>-2, 'position'=>120), //'extraparams' =>array('type'=>'varchar(255)', 'label'=>'Extraparams', 'enabled'=>1, 'visible'=>-1, 'position'=>125), diff --git a/htdocs/core/actions_addupdatedelete.inc.php b/htdocs/core/actions_addupdatedelete.inc.php index 18ab3ac5eda..71901f8db44 100644 --- a/htdocs/core/actions_addupdatedelete.inc.php +++ b/htdocs/core/actions_addupdatedelete.inc.php @@ -76,8 +76,20 @@ if ($action == 'add' && !empty($permissiontoadd)) { } // Set value to insert - if (in_array($object->fields[$key]['type'], array('text', 'html'))) { - $value = GETPOST($key, 'restricthtml'); + if (preg_match('/^text/', $object->fields[$key]['type'])) { + $tmparray = explode(':', $object->fields[$key]['type']); + if (!empty($tmparray[1])) { + $value = GETPOST($key, $tmparray[1]); + } else { + $value = GETPOST($key, 'nohtml'); + } + } elseif (preg_match('/^html/', $object->fields[$key]['type'])) { + $tmparray = explode(':', $object->fields[$key]['type']); + if (!empty($tmparray[1])) { + $value = GETPOST($key, $tmparray[1]); + } else { + $value = GETPOST($key, 'restricthtml'); + } } elseif ($object->fields[$key]['type'] == 'date') { $value = dol_mktime(12, 0, 0, GETPOST($key.'month', 'int'), GETPOST($key.'day', 'int'), GETPOST($key.'year', 'int')); // for date without hour, we use gmt } elseif ($object->fields[$key]['type'] == 'datetime') { @@ -205,7 +217,14 @@ if ($action == 'update' && !empty($permissiontoadd)) { } // Set value to update - if (preg_match('/^(text|html)/', $object->fields[$key]['type'])) { + if (preg_match('/^text/', $object->fields[$key]['type'])) { + $tmparray = explode(':', $object->fields[$key]['type']); + if (!empty($tmparray[1])) { + $value = GETPOST($key, $tmparray[1]); + } else { + $value = GETPOST($key, 'nohtml'); + } + } elseif (preg_match('/^html/', $object->fields[$key]['type'])) { $tmparray = explode(':', $object->fields[$key]['type']); if (!empty($tmparray[1])) { $value = GETPOST($key, $tmparray[1]); diff --git a/htdocs/core/class/emailsenderprofile.class.php b/htdocs/core/class/emailsenderprofile.class.php index 583dd7faca0..c43ba48db10 100644 --- a/htdocs/core/class/emailsenderprofile.class.php +++ b/htdocs/core/class/emailsenderprofile.class.php @@ -98,7 +98,7 @@ class EmailSenderProfile extends CommonObject 'label' => array('type'=>'varchar(255)', 'label'=>'Label', 'visible'=>1, 'enabled'=>1, 'position'=>30, 'notnull'=>1), 'email' => array('type'=>'varchar(255)', 'label'=>'Email', 'visible'=>1, 'enabled'=>1, 'position'=>40, 'notnull'=>-1), 'private' => array('type'=>'integer:User:user/class/user.class.php', 'label'=>'User', 'visible'=>-1, 'enabled'=>1, 'position'=>50, 'default'=>'0', 'notnull'=>1), - 'signature' => array('type'=>'text', 'label'=>'Signature', 'visible'=>3, 'enabled'=>1, 'position'=>400, 'notnull'=>-1, 'index'=>1,), + 'signature' => array('type'=>'html', 'label'=>'Signature', 'visible'=>3, 'enabled'=>1, 'position'=>400, 'notnull'=>-1, 'index'=>1,), 'position' => array('type'=>'integer', 'label'=>'Position', 'visible'=>1, 'enabled'=>1, 'position'=>405, 'notnull'=>-1, 'index'=>1,), 'date_creation' => array('type'=>'datetime', 'label'=>'DateCreation', 'visible'=>-1, 'enabled'=>1, 'position'=>500, 'notnull'=>1,), 'tms' => array('type'=>'timestamp', 'label'=>'DateModification', 'visible'=>-1, 'enabled'=>1, 'position'=>500, 'notnull'=>1,), diff --git a/htdocs/core/lib/company.lib.php b/htdocs/core/lib/company.lib.php index a29c22cbcf7..a6069634243 100644 --- a/htdocs/core/lib/company.lib.php +++ b/htdocs/core/lib/company.lib.php @@ -1011,7 +1011,7 @@ function show_contacts($conf, $langs, $db, $object, $backtopage = '', $showuserl 'name' =>array('type'=>'varchar(128)', 'label'=>'Name', 'enabled'=>1, 'visible'=>1, 'notnull'=>1, 'showoncombobox'=>1, 'index'=>1, 'position'=>10, 'searchall'=>1), 'poste' =>array('type'=>'varchar(128)', 'label'=>'PostOrFunction', 'enabled'=>1, 'visible'=>1, 'notnull'=>1, 'showoncombobox'=>2, 'index'=>1, 'position'=>20), 'address' =>array('type'=>'varchar(128)', 'label'=>'Address', 'enabled'=>1, 'visible'=>1, 'notnull'=>1, 'showoncombobox'=>3, 'index'=>1, 'position'=>30), - 'note_private' =>array('type'=>'text', 'label'=>'NotePrivate', 'enabled'=>(!getDolGlobalInt('MAIN_LIST_HIDE_PRIVATE_NOTES')), 'visible'=>3, 'position'=>35), + 'note_private' =>array('type'=>'html', 'label'=>'NotePrivate', 'enabled'=>(!getDolGlobalInt('MAIN_LIST_HIDE_PRIVATE_NOTES')), 'visible'=>3, 'position'=>35), 'role' =>array('type'=>'checkbox', 'label'=>'Role', 'enabled'=>1, 'visible'=>1, 'notnull'=>1, 'showoncombobox'=>4, 'index'=>1, 'position'=>40), 'birthday' =>array('type'=>'date', 'label'=>'Birthday', 'enabled'=>1, 'visible'=>-1, 'notnull'=> 0, 'position'=>45), 'statut' =>array('type'=>'integer', 'label'=>'Status', 'enabled'=>1, 'visible'=>1, 'notnull'=>1, 'default'=>0, 'index'=>1, 'position'=>50, 'arrayofkeyval'=>array(0=>$contactstatic->LibStatut(0, 1), 1=>$contactstatic->LibStatut(1, 1))), diff --git a/htdocs/core/lib/functions.lib.php b/htdocs/core/lib/functions.lib.php index 4be0fd2006f..6e2ee88134d 100644 --- a/htdocs/core/lib/functions.lib.php +++ b/htdocs/core/lib/functions.lib.php @@ -515,7 +515,7 @@ function GETPOSTISARRAY($paramname, $method = 0) * 'aZ09'=check it's simple alpha string (recommended for keys) * 'aZ09comma'=check it's a string for a sortfield or sortorder * 'san_alpha'=Use filter_var with FILTER_SANITIZE_STRING (do not use this for free text string) - * 'nohtml'=check there is no html content and no " and no ../ + * 'nohtml'=check there is no html content * 'restricthtml'=check html content is restricted to some tags only * 'custom'= custom filter specify $filter and $options) * @param int $method Type of method (0 = get then post, 1 = only get, 2 = only post, 3 = post then get) diff --git a/htdocs/core/tpl/commonfields_add.tpl.php b/htdocs/core/tpl/commonfields_add.tpl.php index 24fddc2fda4..abdb45eff4e 100644 --- a/htdocs/core/tpl/commonfields_add.tpl.php +++ b/htdocs/core/tpl/commonfields_add.tpl.php @@ -69,8 +69,22 @@ foreach ($object->fields as $key => $val) { $value = GETPOST($key, 'int'); } elseif ($val['type'] == 'double') { $value = price2num(GETPOST($key, 'alphanohtml')); - } elseif ($val['type'] == 'text' || $val['type'] == 'html') { - $value = GETPOST($key, 'restricthtml'); + } elseif (preg_match('/^text/', $val['type'])) { + $tmparray = explode(':', $val['type']); + if (!empty($tmparray[1])) { + $check = $tmparray[1]; + } else { + $check = 'nohtml'; + } + $value = GETPOST($key, $check); + } elseif (preg_match('/^html/', $val['type'])) { + $tmparray = explode(':', $val['type']); + if (!empty($tmparray[1])) { + $check = $tmparray[1]; + } else { + $check = 'restricthtml'; + } + $value = GETPOST($key, $check); } elseif ($val['type'] == 'date') { $value = dol_mktime(12, 0, 0, GETPOST($key.'month', 'int'), GETPOST($key.'day', 'int'), GETPOST($key.'year', 'int')); } elseif ($val['type'] == 'datetime') { diff --git a/htdocs/core/tpl/commonfields_edit.tpl.php b/htdocs/core/tpl/commonfields_edit.tpl.php index 1439ce73afe..1643ea77e98 100644 --- a/htdocs/core/tpl/commonfields_edit.tpl.php +++ b/htdocs/core/tpl/commonfields_edit.tpl.php @@ -72,7 +72,15 @@ foreach ($object->fields as $key => $val) { $value = GETPOSTISSET($key) ?GETPOST($key, 'int') : $object->$key; } elseif ($val['type'] == 'double') { $value = GETPOSTISSET($key) ? price2num(GETPOST($key, 'alphanohtml')) : $object->$key; - } elseif (preg_match('/^(text|html)/', $val['type'])) { + } elseif (preg_match('/^text/', $val['type'])) { + $tmparray = explode(':', $val['type']); + if (!empty($tmparray[1])) { + $check = $tmparray[1]; + } else { + $check = 'nohtml'; + } + $value = GETPOSTISSET($key) ? GETPOST($key, $check) : $object->$key; + } elseif (preg_match('/^html/', $val['type'])) { $tmparray = explode(':', $val['type']); if (!empty($tmparray[1])) { $check = $tmparray[1]; diff --git a/htdocs/emailcollector/class/emailcollector.class.php b/htdocs/emailcollector/class/emailcollector.class.php index 69d1ea61a30..13fcbfbef6b 100644 --- a/htdocs/emailcollector/class/emailcollector.class.php +++ b/htdocs/emailcollector/class/emailcollector.class.php @@ -139,8 +139,6 @@ class EmailCollector extends CommonObject 'password' => array('type'=>'password', 'label'=>'Password', 'visible'=>-1, 'enabled'=>"1", 'position'=>103, 'notnull'=>-1, 'comment'=>"IMAP password", 'help'=>'WithGMailYouCanCreateADedicatedPassword'), 'oauth_service' => array('type'=>'varchar(128)', 'label'=>'oauthService', 'visible'=>-1, 'enabled'=>"getDolGlobalInt('MAIN_IMAP_USE_PHPIMAP')", 'position'=>104, 'notnull'=>0, 'index'=>1, 'comment'=>"IMAP login oauthService", 'arrayofkeyval'=>array(), 'help'=>'TokenMustHaveBeenCreated'), 'source_directory' => array('type'=>'varchar(255)', 'label'=>'MailboxSourceDirectory', 'visible'=>-1, 'enabled'=>1, 'position'=>104, 'notnull'=>1, 'default' => 'Inbox', 'help'=>'Example: INBOX'), - //'filter' => array('type'=>'text', 'label'=>'Filter', 'visible'=>1, 'enabled'=>1, 'position'=>105), - //'actiontodo' => array('type'=>'varchar(255)', 'label'=>'ActionToDo', 'visible'=>1, 'enabled'=>1, 'position'=>106), 'target_directory' => array('type'=>'varchar(255)', 'label'=>'MailboxTargetDirectory', 'visible'=>1, 'enabled'=>1, 'position'=>110, 'notnull'=>0, 'help'=>"EmailCollectorTargetDir"), 'maxemailpercollect' => array('type'=>'integer', 'label'=>'MaxEmailCollectPerCollect', 'visible'=>-1, 'enabled'=>1, 'position'=>111, 'default'=>100), 'datelastresult' => array('type'=>'datetime', 'label'=>'DateLastCollectResult', 'visible'=>1, 'enabled'=>'$action != "create" && $action != "edit"', 'position'=>121, 'notnull'=>-1, 'csslist'=>'nowraponall'), diff --git a/htdocs/eventorganization/class/conferenceorbooth.class.php b/htdocs/eventorganization/class/conferenceorbooth.class.php index b15dcf3e545..9da7aa06a84 100644 --- a/htdocs/eventorganization/class/conferenceorbooth.class.php +++ b/htdocs/eventorganization/class/conferenceorbooth.class.php @@ -108,7 +108,7 @@ class ConferenceOrBooth extends ActionComm 'label' => array('type'=>'varchar(255)', 'label'=>'Label', 'enabled'=>'1', 'position'=>30, 'notnull'=>1, 'visible'=>1, 'searchall'=>1, 'css'=>'minwidth300', 'csslist'=>'tdoverflowmax125', 'help'=>"OrganizationEvenLabelName", 'showoncombobox'=>'1', 'autofocusoncreate'=>1), 'fk_project' => array('type'=>'integer:Project:projet/class/project.class.php:1:t.usage_organize_event=1', 'label'=>'Project', 'enabled'=>"isModEnabled('project')", 'position'=>52, 'notnull'=>-1, 'visible'=>1, 'index'=>1, 'picto'=>'project', 'css'=>'tdoverflowmax150 maxwidth500', 'csslist'=>'width100'), 'fk_soc' => array('type'=>'integer:Societe:societe/class/societe.class.php:1:status=1 AND entity IN (__SHARED_ENTITIES__)', 'label'=>'ThirdParty', 'enabled'=>'$conf->societe->enabled', 'position'=>50, 'notnull'=>-1, 'visible'=>1, 'index'=>1, 'help'=>"OrganizationEventLinkToThirdParty", 'picto'=>'company', 'csslist'=>'tdoverflowmax125', 'css'=>'maxwidth500'), - 'note' => array('type'=>'text', 'label'=>'Description', 'enabled'=>'1', 'position'=>60, 'notnull'=>0, 'visible'=>3), + 'note' => array('type'=>'html', 'label'=>'Description', 'enabled'=>'1', 'position'=>60, 'notnull'=>0, 'visible'=>3), 'fk_action' => array('type'=>'sellist:c_actioncomm:libelle:id::module LIKE (\'%@eventorganization\')', 'label'=>'Format', 'enabled'=>'1', 'position'=>60, 'notnull'=>1, 'visible'=>1, 'css'=>'width100', 'csslist'=>'tdoverflowmax100'), 'datep' => array('type'=>'datetime', 'label'=>'DateStart', 'enabled'=>'1', 'position'=>70, 'notnull'=>0, 'visible'=>1, 'showoncombobox'=>'2',), 'datep2' => array('type'=>'datetime', 'label'=>'DateEnd', 'enabled'=>'1', 'position'=>71, 'notnull'=>0, 'visible'=>1, 'showoncombobox'=>'3',), diff --git a/htdocs/expensereport/class/expensereport.class.php b/htdocs/expensereport/class/expensereport.class.php index 06adcd92770..38c39d96b6f 100644 --- a/htdocs/expensereport/class/expensereport.class.php +++ b/htdocs/expensereport/class/expensereport.class.php @@ -191,8 +191,8 @@ class ExpenseReport extends CommonObject 'fk_user_cancel' =>array('type'=>'integer', 'label'=>'Fk user cancel', 'enabled'=>1, 'visible'=>-1, 'position'=>130), 'fk_c_paiement' =>array('type'=>'integer', 'label'=>'Fk c paiement', 'enabled'=>1, 'visible'=>-1, 'position'=>140), 'paid' =>array('type'=>'integer', 'label'=>'Paid', 'enabled'=>1, 'visible'=>-1, 'notnull'=>1, 'position'=>145), - 'note_public' =>array('type'=>'text', 'label'=>'Note public', 'enabled'=>1, 'visible'=>0, 'position'=>150), - 'note_private' =>array('type'=>'text', 'label'=>'Note private', 'enabled'=>1, 'visible'=>0, 'position'=>155), + 'note_public' =>array('type'=>'html', 'label'=>'Note public', 'enabled'=>1, 'visible'=>0, 'position'=>150), + 'note_private' =>array('type'=>'html', 'label'=>'Note private', 'enabled'=>1, 'visible'=>0, 'position'=>155), 'detail_refuse' =>array('type'=>'varchar(255)', 'label'=>'Detail refuse', 'enabled'=>1, 'visible'=>-1, 'position'=>160), 'detail_cancel' =>array('type'=>'varchar(255)', 'label'=>'Detail cancel', 'enabled'=>1, 'visible'=>-1, 'position'=>165), 'integration_compta' =>array('type'=>'integer', 'label'=>'Integration compta', 'enabled'=>1, 'visible'=>-1, 'position'=>170), diff --git a/htdocs/fichinter/class/fichinter.class.php b/htdocs/fichinter/class/fichinter.class.php index 450e2c63af3..66645583216 100644 --- a/htdocs/fichinter/class/fichinter.class.php +++ b/htdocs/fichinter/class/fichinter.class.php @@ -57,9 +57,9 @@ class Fichinter extends CommonObject 'datee' =>array('type'=>'date', 'label'=>'Datee', 'enabled'=>1, 'visible'=>-1, 'position'=>90), 'datet' =>array('type'=>'date', 'label'=>'Datet', 'enabled'=>1, 'visible'=>-1, 'position'=>95), 'duree' =>array('type'=>'double', 'label'=>'Duree', 'enabled'=>1, 'visible'=>-1, 'position'=>100), - 'description' =>array('type'=>'text', 'label'=>'Description', 'enabled'=>1, 'visible'=>-1, 'position'=>105, 'showoncombobox'=>2), - 'note_private' =>array('type'=>'text', 'label'=>'NotePrivate', 'enabled'=>1, 'visible'=>0, 'position'=>110), - 'note_public' =>array('type'=>'text', 'label'=>'NotePublic', 'enabled'=>1, 'visible'=>0, 'position'=>115), + 'description' =>array('type'=>'html', 'label'=>'Description', 'enabled'=>1, 'visible'=>-1, 'position'=>105, 'showoncombobox'=>2), + 'note_private' =>array('type'=>'html', 'label'=>'NotePrivate', 'enabled'=>1, 'visible'=>0, 'position'=>110), + 'note_public' =>array('type'=>'html', 'label'=>'NotePublic', 'enabled'=>1, 'visible'=>0, 'position'=>115), 'model_pdf' =>array('type'=>'varchar(255)', 'label'=>'Model pdf', 'enabled'=>1, 'visible'=>0, 'position'=>120), 'last_main_doc' =>array('type'=>'varchar(255)', 'label'=>'Last main doc', 'enabled'=>1, 'visible'=>-1, 'position'=>125), 'import_key' =>array('type'=>'varchar(14)', 'label'=>'ImportId', 'enabled'=>1, 'visible'=>-2, 'position'=>130), diff --git a/htdocs/fourn/class/fournisseur.commande.class.php b/htdocs/fourn/class/fournisseur.commande.class.php index 94415f5f1f3..c7357813d43 100644 --- a/htdocs/fourn/class/fournisseur.commande.class.php +++ b/htdocs/fourn/class/fournisseur.commande.class.php @@ -237,8 +237,8 @@ class CommandeFournisseur extends CommonOrder 'localtax2' =>array('type'=>'double(24,8)', 'label'=>'Localtax2', 'enabled'=>1, 'visible'=>3, 'position'=>140, 'isameasure'=>1), 'total_ht' =>array('type'=>'double(24,8)', 'label'=>'TotalHT', 'enabled'=>1, 'visible'=>1, 'position'=>145, 'isameasure'=>1), 'total_ttc' =>array('type'=>'double(24,8)', 'label'=>'TotalTTC', 'enabled'=>1, 'visible'=>-1, 'position'=>150, 'isameasure'=>1), - 'note_public' =>array('type'=>'text', 'label'=>'NotePublic', 'enabled'=>1, 'visible'=>0, 'position'=>155, 'searchall'=>1), - 'note_private' =>array('type'=>'text', 'label'=>'NotePrivate', 'enabled'=>1, 'visible'=>0, 'position'=>160, 'searchall'=>1), + 'note_public' =>array('type'=>'html', 'label'=>'NotePublic', 'enabled'=>1, 'visible'=>0, 'position'=>155, 'searchall'=>1), + 'note_private' =>array('type'=>'html', 'label'=>'NotePrivate', 'enabled'=>1, 'visible'=>0, 'position'=>160, 'searchall'=>1), 'model_pdf' =>array('type'=>'varchar(255)', 'label'=>'ModelPDF', 'enabled'=>1, 'visible'=>0, 'position'=>165), 'fk_input_method' =>array('type'=>'integer', 'label'=>'OrderMode', 'enabled'=>1, 'visible'=>3, 'position'=>170), 'fk_cond_reglement' =>array('type'=>'integer', 'label'=>'PaymentTerm', 'enabled'=>1, 'visible'=>3, 'position'=>175), diff --git a/htdocs/fourn/class/fournisseur.facture-rec.class.php b/htdocs/fourn/class/fournisseur.facture-rec.class.php index 8964213f83d..a05aa22a59a 100644 --- a/htdocs/fourn/class/fournisseur.facture-rec.class.php +++ b/htdocs/fourn/class/fournisseur.facture-rec.class.php @@ -201,8 +201,8 @@ class FactureFournisseurRec extends CommonInvoice 'fk_mode_reglement' =>array('type'=>'integer', 'label'=>'Fk mode reglement', 'enabled'=>1, 'visible'=>-1, 'position'=>95), 'date_lim_reglement' =>array('type'=>'date', 'label'=>'Date lim reglement', 'enabled'=>1, 'visible'=>-1, 'position'=>100), - 'note_private' =>array('type'=>'text', 'label'=>'NotePublic', 'enabled'=>1, 'visible'=>0, 'position'=>105), - 'note_public' =>array('type'=>'text', 'label'=>'NotePrivate', 'enabled'=>1, 'visible'=>0, 'position'=>110), + 'note_private' =>array('type'=>'html', 'label'=>'NotePublic', 'enabled'=>1, 'visible'=>0, 'position'=>105), + 'note_public' =>array('type'=>'html', 'label'=>'NotePrivate', 'enabled'=>1, 'visible'=>0, 'position'=>110), 'modelpdf' =>array('type'=>'varchar(255)', 'label'=>'Modelpdf', 'enabled'=>1, 'visible'=>-1, 'position'=>115), 'fk_multicurrency' =>array('type'=>'integer', 'label'=>'Fk multicurrency', 'enabled'=>1, 'visible'=>-1, 'position'=>180), diff --git a/htdocs/fourn/class/fournisseur.facture.class.php b/htdocs/fourn/class/fournisseur.facture.class.php index 2c45a8d67d5..dd9ba7a6248 100644 --- a/htdocs/fourn/class/fournisseur.facture.class.php +++ b/htdocs/fourn/class/fournisseur.facture.class.php @@ -300,8 +300,8 @@ class FactureFournisseur extends CommonInvoice 'fk_cond_reglement' =>array('type'=>'integer', 'label'=>'PaymentTerm', 'enabled'=>1, 'visible'=>-1, 'position'=>155), 'fk_mode_reglement' =>array('type'=>'integer', 'label'=>'PaymentMode', 'enabled'=>1, 'visible'=>-1, 'position'=>160), 'date_lim_reglement' =>array('type'=>'date', 'label'=>'DateLimReglement', 'enabled'=>1, 'visible'=>-1, 'position'=>165), - 'note_private' =>array('type'=>'text', 'label'=>'NotePrivate', 'enabled'=>1, 'visible'=>0, 'position'=>170), - 'note_public' =>array('type'=>'text', 'label'=>'NotePublic', 'enabled'=>1, 'visible'=>0, 'position'=>175), + 'note_private' =>array('type'=>'html', 'label'=>'NotePrivate', 'enabled'=>1, 'visible'=>0, 'position'=>170), + 'note_public' =>array('type'=>'html', 'label'=>'NotePublic', 'enabled'=>1, 'visible'=>0, 'position'=>175), 'model_pdf' =>array('type'=>'varchar(255)', 'label'=>'ModelPdf', 'enabled'=>1, 'visible'=>0, 'position'=>180), 'extraparams' =>array('type'=>'varchar(255)', 'label'=>'Extraparams', 'enabled'=>1, 'visible'=>-1, 'position'=>190), 'fk_incoterms' =>array('type'=>'integer', 'label'=>'IncotermCode', 'enabled'=>1, 'visible'=>-1, 'position'=>195), diff --git a/htdocs/projet/class/project.class.php b/htdocs/projet/class/project.class.php index 79ea13dcd40..6eb7384c11d 100644 --- a/htdocs/projet/class/project.class.php +++ b/htdocs/projet/class/project.class.php @@ -281,8 +281,8 @@ class Project extends CommonObject 'public' =>array('type'=>'integer', 'label'=>'Visibility', 'enabled'=>1, 'visible'=>1, 'position'=>65), 'fk_opp_status' =>array('type'=>'integer', 'label'=>'OpportunityStatusShort', 'enabled'=>'getDolGlobalString("PROJECT_USE_OPPORTUNITIES")', 'visible'=>1, 'position'=>75), 'opp_percent' =>array('type'=>'double(5,2)', 'label'=>'OpportunityProbabilityShort', 'enabled'=>'getDolGlobalString("PROJECT_USE_OPPORTUNITIES")', 'visible'=>1, 'position'=>80), - 'note_private' =>array('type'=>'text', 'label'=>'NotePrivate', 'enabled'=>1, 'visible'=>0, 'position'=>85, 'searchall'=>1), - 'note_public' =>array('type'=>'text', 'label'=>'NotePublic', 'enabled'=>1, 'visible'=>0, 'position'=>90, 'searchall'=>1), + 'note_private' =>array('type'=>'html', 'label'=>'NotePrivate', 'enabled'=>1, 'visible'=>0, 'position'=>85, 'searchall'=>1), + 'note_public' =>array('type'=>'html', 'label'=>'NotePublic', 'enabled'=>1, 'visible'=>0, 'position'=>90, 'searchall'=>1), 'model_pdf' =>array('type'=>'varchar(255)', 'label'=>'ModelPdf', 'enabled'=>1, 'visible'=>0, 'position'=>95), 'date_close' =>array('type'=>'datetime', 'label'=>'DateClosing', 'enabled'=>1, 'visible'=>0, 'position'=>105), 'fk_user_close' =>array('type'=>'integer', 'label'=>'UserClosing', 'enabled'=>1, 'visible'=>0, 'position'=>110), diff --git a/htdocs/societe/class/societe.class.php b/htdocs/societe/class/societe.class.php index fa6d77ad485..5f4a8c36b7c 100644 --- a/htdocs/societe/class/societe.class.php +++ b/htdocs/societe/class/societe.class.php @@ -212,8 +212,8 @@ class Societe extends CommonObject 'tva_intra' =>array('type'=>'varchar(20)', 'label'=>'Tva intra', 'enabled'=>1, 'visible'=>-1, 'position'=>210), 'capital' =>array('type'=>'double(24,8)', 'label'=>'Capital', 'enabled'=>1, 'visible'=>-1, 'position'=>215), 'fk_stcomm' =>array('type'=>'integer', 'label'=>'CommercialStatus', 'enabled'=>1, 'visible'=>-1, 'notnull'=>1, 'position'=>220), - 'note_public' =>array('type'=>'text', 'label'=>'NotePublic', 'enabled'=>1, 'visible'=>0, 'position'=>225), - 'note_private' =>array('type'=>'text', 'label'=>'NotePrivate', 'enabled'=>1, 'visible'=>0, 'position'=>230), + 'note_public' =>array('type'=>'html', 'label'=>'NotePublic', 'enabled'=>1, 'visible'=>0, 'position'=>225), + 'note_private' =>array('type'=>'html', 'label'=>'NotePrivate', 'enabled'=>1, 'visible'=>0, 'position'=>230), 'prefix_comm' =>array('type'=>'varchar(5)', 'label'=>'Prefix comm', 'enabled'=>"getDolGlobalInt('SOCIETE_USEPREFIX')", 'visible'=>-1, 'position'=>235), 'client' =>array('type'=>'tinyint(4)', 'label'=>'Client', 'enabled'=>1, 'visible'=>-1, 'position'=>240), 'fournisseur' =>array('type'=>'tinyint(4)', 'label'=>'Fournisseur', 'enabled'=>1, 'visible'=>-1, 'position'=>245), diff --git a/htdocs/societe/class/societeaccount.class.php b/htdocs/societe/class/societeaccount.class.php index 411b11a4cd9..09fee02c8a3 100644 --- a/htdocs/societe/class/societeaccount.class.php +++ b/htdocs/societe/class/societeaccount.class.php @@ -90,8 +90,8 @@ class SocieteAccount extends CommonObject 'key_account' => array('type'=>'varchar(128)', 'label'=>'KeyAccount', 'visible'=>0, 'enabled'=>1, 'position'=>48, 'notnull'=>0, 'index'=>1, 'searchall'=>1, 'comment'=>'The id of third party in the external web site (for site_account if site_account defined)',), 'date_last_login' => array('type'=>'datetime', 'label'=>'LastConnexion', 'visible'=>2, 'enabled'=>1, 'position'=>50, 'notnull'=>0,), 'date_previous_login' => array('type'=>'datetime', 'label'=>'PreviousConnexion', 'visible'=>2, 'enabled'=>1, 'position'=>51, 'notnull'=>0,), - //'note_public' => array('type'=>'text', 'label'=>'NotePublic', 'visible'=>-1, 'enabled'=>1, 'position'=>45, 'notnull'=>-1,), - 'note_private' => array('type'=>'text', 'label'=>'NotePrivate', 'visible'=>-1, 'enabled'=>1, 'position'=>46, 'notnull'=>-1,), + //'note_public' => array('type'=>'html', 'label'=>'NotePublic', 'visible'=>-1, 'enabled'=>1, 'position'=>45, 'notnull'=>-1,), + 'note_private' => array('type'=>'html', 'label'=>'NotePrivate', 'visible'=>-1, 'enabled'=>1, 'position'=>46, 'notnull'=>-1,), 'date_creation' => array('type'=>'datetime', 'label'=>'DateCreation', 'visible'=>-2, 'enabled'=>1, 'position'=>500, 'notnull'=>1,), 'tms' => array('type'=>'timestamp', 'label'=>'DateModification', 'visible'=>-2, 'enabled'=>1, 'position'=>500, 'notnull'=>1,), 'fk_user_creat' => array('type'=>'integer', 'label'=>'UserAuthor', 'visible'=>-2, 'enabled'=>1, 'position'=>500, 'notnull'=>1,), diff --git a/htdocs/ticket/class/ticket.class.php b/htdocs/ticket/class/ticket.class.php index be035f7ea46..5faea34ad6c 100644 --- a/htdocs/ticket/class/ticket.class.php +++ b/htdocs/ticket/class/ticket.class.php @@ -290,7 +290,7 @@ class Ticket extends CommonObject 'fk_user_assign' => array('type'=>'integer:User:user/class/user.class.php', 'label'=>'AssignedTo', 'visible'=>1, 'enabled'=>1, 'position'=>505, 'notnull'=>1, 'csslist'=>'tdoverflowmax100 maxwidth150onsmartphone'), 'date_close' => array('type'=>'datetime', 'label'=>'TicketCloseOn', 'visible'=>-1, 'enabled'=>1, 'position'=>510, 'notnull'=>1), 'tms' => array('type'=>'timestamp', 'label'=>'DateModification', 'visible'=>-1, 'enabled'=>1, 'position'=>520, 'notnull'=>1), - 'message' => array('type'=>'text', 'label'=>'Message', 'visible'=>-2, 'enabled'=>1, 'position'=>540, 'notnull'=>-1,), + 'message' => array('type'=>'html', 'label'=>'Message', 'visible'=>-2, 'enabled'=>1, 'position'=>540, 'notnull'=>-1,), 'email_msgid' => array('type'=>'varchar(255)', 'label'=>'EmailMsgID', 'visible'=>-2, 'enabled'=>1, 'position'=>540, 'notnull'=>-1, 'help'=>'EmailMsgIDDesc', 'csslist'=>'tdoverflowmax100'), 'email_date' => array('type'=>'datetime', 'label'=>'EmailDate', 'visible'=>-2, 'enabled'=>1, 'position'=>541), 'progress' => array('type'=>'integer', 'label'=>'Progression', 'visible'=>-1, 'enabled'=>1, 'position'=>540, 'notnull'=>-1, 'css'=>'right', 'help'=>"", 'isameasure'=>2, 'csslist'=>'width50'), diff --git a/htdocs/website/class/websitepage.class.php b/htdocs/website/class/websitepage.class.php index c4efd987d0b..932762b3998 100644 --- a/htdocs/website/class/websitepage.class.php +++ b/htdocs/website/class/websitepage.class.php @@ -174,7 +174,7 @@ class WebsitePage extends CommonObject 'fk_website' =>array('type'=>'integer', 'label'=>'WebsiteId', 'enabled'=>1, 'visible'=>1, 'notnull'=>1, 'position'=>40, 'searchall'=>0, 'foreignkey'=>'websitepage.rowid'), 'fk_page' =>array('type'=>'integer', 'label'=>'ParentPageId', 'enabled'=>1, 'visible'=>1, 'notnull'=>-1, 'position'=>45, 'searchall'=>0, 'foreignkey'=>'website.rowid'), 'allowed_in_frames' =>array('type'=>'integer', 'label'=>'AllowedInFrames', 'enabled'=>1, 'visible'=>-1, 'position'=>48, 'searchall'=>0, 'default'=>0), - 'htmlheader' =>array('type'=>'text', 'label'=>'HtmlHeader', 'enabled'=>1, 'visible'=>0, 'position'=>50, 'searchall'=>0), + 'htmlheader' =>array('type'=>'html', 'label'=>'HtmlHeader', 'enabled'=>1, 'visible'=>0, 'position'=>50, 'searchall'=>0), 'content' =>array('type'=>'mediumtext', 'label'=>'Content', 'enabled'=>1, 'visible'=>0, 'position'=>51, 'searchall'=>0), 'grabbed_from' =>array('type'=>'varchar(255)', 'label'=>'GrabbedFrom', 'enabled'=>1, 'visible'=>1, 'index'=>1, 'position'=>400, 'comment'=>'URL page content was grabbed from'), 'date_creation' =>array('type'=>'datetime', 'label'=>'DateCreation', 'enabled'=>1, 'visible'=>-1, 'notnull'=>1, 'position'=>500), From e782930670e88eab24467d5461650ab097be0659 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Sat, 4 Feb 2023 00:18:30 +0100 Subject: [PATCH 169/227] Fix #yogosha --- htdocs/bookmarks/card.php | 12 +++++----- htdocs/bookmarks/class/bookmark.class.php | 11 ++++----- htdocs/bookmarks/list.php | 29 +++++++++++++---------- htdocs/core/lib/security.lib.php | 8 ++++++- 4 files changed, 35 insertions(+), 25 deletions(-) diff --git a/htdocs/bookmarks/card.php b/htdocs/bookmarks/card.php index 245161ed253..e8075833d22 100644 --- a/htdocs/bookmarks/card.php +++ b/htdocs/bookmarks/card.php @@ -51,12 +51,12 @@ if ($id > 0) { $object->fetch($id); } - // Security check -if (empty($user->rights->bookmark->lire)) { - restrictedArea($user, 'bookmarks'); -} +restrictedArea($user, 'bookmark', $object); +$permissiontoread = $user->hasRight('bookmark', 'lire'); +$permissiontoadd = $user->hasRight('bookmark', 'creer'); +$permissiontodelete = $user->hasRight('bookmark', 'supprimer'); @@ -326,12 +326,12 @@ if ($id > 0 && !preg_match('/^add/i', $action)) { print "
\n"; // Edit - if ($user->rights->bookmark->creer && $action != 'edit') { + if ($permissiontoadd && $action != 'edit') { print ''.$langs->trans("Edit").''."\n"; } // Remove - if ($user->rights->bookmark->supprimer && $action != 'edit') { + if ($permissiontodelete && $action != 'edit') { print ''.$langs->trans("Delete").''."\n"; } diff --git a/htdocs/bookmarks/class/bookmark.class.php b/htdocs/bookmarks/class/bookmark.class.php index 39bb06c2ada..0ffa4505cb6 100644 --- a/htdocs/bookmarks/class/bookmark.class.php +++ b/htdocs/bookmarks/class/bookmark.class.php @@ -60,7 +60,7 @@ class Bookmark extends CommonObject public $id; /** - * @var int User ID + * @var int User ID. If > 0, bookmark of one user. If == 0, bookmark public (for everybody) */ public $fk_user; @@ -233,15 +233,14 @@ class Bookmark extends CommonObject /** * Removes the bookmark * - * @param int $id Id removed bookmark - * @return int <0 si ko, >0 si ok + * @param User $user User deleting + * @return int <0 if KO, >0 if OK */ - public function remove($id) + public function delete($user) { $sql = "DELETE FROM ".MAIN_DB_PREFIX."bookmark"; - $sql .= " WHERE rowid = ".((int) $id); + $sql .= " WHERE rowid = ".((int) $this->id); - dol_syslog("Bookmark::remove", LOG_DEBUG); $resql = $this->db->query($sql); if ($resql) { return 1; diff --git a/htdocs/bookmarks/list.php b/htdocs/bookmarks/list.php index 2adef615a70..c6af6bfdc11 100644 --- a/htdocs/bookmarks/list.php +++ b/htdocs/bookmarks/list.php @@ -60,14 +60,17 @@ if (!$sortorder) { // Initialize Objects $object = new Bookmark($db); +if ($id > 0) { + $object->fetch($id); +} // Security check -restrictedArea($user, 'bookmark'); +restrictedArea($user, 'bookmark', $object); // Permissions -$permissiontoread = !empty($user->rights->bookmark->lire); -$permissiontoadd = !empty($user->rights->bookmark->creer); -$permissiontodelete = !empty($user->rights->bookmark->supprimer); +$permissiontoread = $user->hasRight('bookmark', 'lire'); +$permissiontoadd = $user->hasRight('bookmark', 'creer'); +$permissiontodelete = ($user->hasRight('bookmark', 'supprimer') || ($permissiontoadd && $object->fk_user == $user->id)); /* @@ -82,13 +85,15 @@ if (!GETPOST('confirmmassaction', 'alpha') && $massaction != 'presend' && $massa $massaction = ''; } -if ($action == 'delete') { - $res = $object->remove($id); +if ($action == 'delete' && $permissiontodelete) { + $object->fetch($id); + $res = $object->delete($user); if ($res > 0) { header("Location: ".$_SERVER["PHP_SELF"]); exit; } else { setEventMessages($object->error, $object->errors, 'errors'); + $action = ''; } } @@ -193,7 +198,7 @@ print ''; print ''; $newcardbutton = ''; -$newcardbutton .= dolGetButtonTitle($langs->trans('New'), '', 'fa fa-plus-circle', DOL_URL_ROOT.'/bookmarks/card.php?action=create&backtopage='.urlencode(DOL_URL_ROOT.'/bookmarks/list.php'), '', !empty($user->rights->bookmark->creer)); +$newcardbutton .= dolGetButtonTitle($langs->trans('New'), '', 'fa fa-plus-circle', DOL_URL_ROOT.'/bookmarks/card.php?action=create&backtopage='.urlencode(DOL_URL_ROOT.'/bookmarks/list.php'), '', $permissiontoadd); print_barre_liste($title, $page, $_SERVER["PHP_SELF"], $param, $sortfield, $sortorder, $massactionbutton, $num, $nbtotalofrecords, 'bookmark', 0, $newcardbutton, '', $limit, 0, 0, 1); @@ -232,8 +237,8 @@ while ($i < min($num, $limit)) { } $title = $obj->title; $link = $obj->url; - $canedit = $user->rights->bookmark->supprimer; - $candelete = $user->rights->bookmark->creer; + $canedit = $permissiontoadd; + $candelete = $permissiontodelete; // Title print ''; @@ -265,7 +270,7 @@ while ($i < min($num, $limit)) { // Author print ''; - if ($obj->fk_user) { + if ($obj->fk_user > 0) { if (empty($conf->cache['users'][$obj->fk_user])) { $tmpuser = new User($db); $tmpuser->fetch($obj->fk_user); @@ -291,10 +296,10 @@ while ($i < min($num, $limit)) { // Actions print ''; if ($canedit) { - print ''.img_edit().""; + print ''.img_edit().""; } if ($candelete) { - print 'rowid.'">'.img_delete().''; + print 'rowid.'">'.img_delete().''; } print ""; print "\n"; diff --git a/htdocs/core/lib/security.lib.php b/htdocs/core/lib/security.lib.php index dfb114576a3..4700c9dc5a0 100644 --- a/htdocs/core/lib/security.lib.php +++ b/htdocs/core/lib/security.lib.php @@ -635,7 +635,13 @@ function restrictedArea(User $user, $features, $object = 0, $tableandshare = '', $nbko = 0; if ((GETPOST("action", "aZ09") == 'confirm_delete' && GETPOST("confirm", "aZ09") == 'yes') || GETPOST("action", "aZ09") == 'delete') { foreach ($featuresarray as $feature) { - if ($feature == 'contact') { + if ($feature == 'bookmark') { + if (!$user->rights->bookmark->supprimer) { + if ($user->id != $object->fk_user || empty($user->rights->bookmark->creer)) { + $deleteok = 0; + } + } + } elseif ($feature == 'contact') { if (!$user->rights->societe->contact->supprimer) { $deleteok = 0; } From 7a3c75291401d21ef0038eb29ebf83304068600d Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Fri, 3 Feb 2023 21:13:12 +0100 Subject: [PATCH 170/227] Fix permission on an inherited group inside entity 0 no visible --- htdocs/user/class/user.class.php | 4 +++- htdocs/user/perms.php | 38 +++++++++++++++++++++++++++----- 2 files changed, 35 insertions(+), 7 deletions(-) diff --git a/htdocs/user/class/user.class.php b/htdocs/user/class/user.class.php index 7c4e9a76712..9cbfb403397 100644 --- a/htdocs/user/class/user.class.php +++ b/htdocs/user/class/user.class.php @@ -1207,6 +1207,7 @@ class User extends CommonObject $sql .= " ".$this->db->prefix()."usergroup_user as gu,"; $sql .= " ".$this->db->prefix()."rights_def as r"; $sql .= " WHERE r.id = gr.fk_id"; + // A very strange business rules. Must be same than into user->getrights() user/perms.php and user/group/perms.php if (!empty($conf->global->MULTICOMPANY_BACKWARD_COMPATIBILITY)) { if (isModEnabled('multicompany') && !empty($conf->global->MULTICOMPANY_TRANSVERSE_MODE)) { $sql .= " AND gu.entity IN (0,".$conf->entity.")"; @@ -1215,12 +1216,13 @@ class User extends CommonObject } } else { $sql .= " AND gr.entity = ".((int) $conf->entity); // Only groups created in current entity - // The entity on the table usergroup_user should be useless and shoumd never be used because it is alreay into gr and r. + // The entity on the table usergroup_user should be useless and should never be used because it is alreay into gr and r. // but when using MULTICOMPANY_TRANSVERSE_MODE, we may insert record that make rubbish result due to duplicate record of // other entities, so we are forced to add a filter here $sql .= " AND gu.entity IN (0,".$conf->entity.")"; $sql .= " AND r.entity = ".((int) $conf->entity); // Only permission of modules enabled in current entity } + // End of strange business rule $sql .= " AND gr.fk_usergroup = gu.fk_usergroup"; $sql .= " AND gu.fk_user = ".((int) $this->id); $sql .= " AND r.perms IS NOT NULL"; diff --git a/htdocs/user/perms.php b/htdocs/user/perms.php index 1cd094d882d..17bd708f2e0 100644 --- a/htdocs/user/perms.php +++ b/htdocs/user/perms.php @@ -216,13 +216,29 @@ if ($result) { dol_print_error($db); } -// Lecture des droits groupes +// Read the permissions of a user inherited by its groups $permsgroupbyentity = array(); -$sql = "SELECT DISTINCT gr.fk_id, gu.entity"; +$sql = "SELECT DISTINCT gr.fk_id, gu.entity"; // fk_id are permission id and entity is entity of the group $sql .= " FROM ".MAIN_DB_PREFIX."usergroup_rights as gr,"; -$sql .= " ".MAIN_DB_PREFIX."usergroup_user as gu"; -$sql .= " WHERE gr.entity = ".((int) $entity); +$sql .= " ".MAIN_DB_PREFIX."usergroup_user as gu"; // all groups of a user +$sql .= " WHERE 1 = 1"; +// A very strange business rules. Must be same than into user->getrights() user/perms.php and user/group/perms.php +if (!empty($conf->global->MULTICOMPANY_BACKWARD_COMPATIBILITY)) { + if (isModEnabled('multicompany') && !empty($conf->global->MULTICOMPANY_TRANSVERSE_MODE)) { + $sql .= " AND gu.entity IN (0,".$conf->entity.")"; + } else { + //$sql .= " AND r.entity = ".((int) $conf->entity); + } +} else { + $sql .= " AND gr.entity = ".((int) $conf->entity); // Only groups created in current entity + // The entity on the table usergroup_user should be useless and should never be used because it is alreay into gr and r. + // but when using MULTICOMPANY_TRANSVERSE_MODE, we may insert record that make rubbish result due to duplicate record of + // other entities, so we are forced to add a filter here + $sql .= " AND gu.entity IN (0,".$conf->entity.")"; + //$sql .= " AND r.entity = ".((int) $conf->entity); // Only permission of modules enabled in current entity +} +// End of strange business rule $sql .= " AND gr.fk_usergroup = gu.fk_usergroup"; $sql .= " AND gu.fk_user = ".((int) $object->id); @@ -245,6 +261,7 @@ if ($result) { } + /* * Part to add/remove permissions */ @@ -496,6 +513,15 @@ if ($result) { $isexpanded = ! $ishidden; //var_dump("isexpanded=".$isexpanded); + $permsgroupbyentitypluszero = array(); + if (!empty($permsgroupbyentity[0])) { + $permsgroupbyentitypluszero = array_merge($permsgroupbyentitypluszero, $permsgroupbyentity[0]); + } + if (!empty($permsgroupbyentity[$entity])) { + $permsgroupbyentitypluszero = array_merge($permsgroupbyentitypluszero, $permsgroupbyentity[$entity]); + } + //var_dump($permsgroupbyentitypluszero); + // Break found, it's a new module to catch if (isset($obj->module) && ($oldmod <> $obj->module)) { $oldmod = $obj->module; @@ -603,8 +629,8 @@ if ($result) { //print img_picto($langs->trans("Active"), 'tick'); } print ''; - } elseif (isset($permsgroupbyentity[$entity]) && is_array($permsgroupbyentity[$entity])) { - if (in_array($obj->id, $permsgroupbyentity[$entity])) { // Permission granted by group + } elseif (isset($permsgroupbyentitypluszero) && is_array($permsgroupbyentitypluszero)) { + if (in_array($obj->id, $permsgroupbyentitypluszero)) { // Permission granted by group if ($caneditperms) { print ''; print $form->textwithtooltip($langs->trans("Inherited"), $langs->trans("PermissionInheritedFromAGroup")); From f32fdf3f29a0e11cd62e8471a20b279016fb039b Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Sat, 4 Feb 2023 10:58:00 +0100 Subject: [PATCH 171/227] FIX #yogosha14972 --- htdocs/core/lib/security.lib.php | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/htdocs/core/lib/security.lib.php b/htdocs/core/lib/security.lib.php index 4700c9dc5a0..51c3434a456 100644 --- a/htdocs/core/lib/security.lib.php +++ b/htdocs/core/lib/security.lib.php @@ -811,6 +811,7 @@ function checkUserAccessToObject($user, array $featuresarray, $object = 0, $tabl $checkproject = array('projet', 'project'); // Test for project object $checktask = array('projet_task'); // Test for task object $checkhierarchy = array('expensereport', 'holiday'); // check permission among the hierarchy of user + $checkuser = array('bookmark'); // check permission among the fk_user (must be myself or null) $nocheck = array('barcode', 'stock'); // No test //$checkdefault = 'all other not already defined'; // Test on entity + link to third party on field $dbt_keyfield. Not allowed if link is empty (Ex: invoice, orders...). @@ -1033,6 +1034,15 @@ function checkUserAccessToObject($user, array $featuresarray, $object = 0, $tabl } } + // For some object, we also have to check it is public or owned by user + // Param $object must be the full object and not a simple id to have this test possible. + if (in_array($feature, $checkuser) && is_object($object) && $objectid > 0) { + $useridtocheck = $object->fk_user; + if (!empty($useridtocheck) && $useridtocheck > 0 && $useridtocheck != $user->id && empty($user->admin)) { + return false; + } + } + if ($sql) { $resql = $db->query($sql); if ($resql) { From c0dc9d47e334bd0911eed13968447e471c3abd69 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Sat, 4 Feb 2023 12:31:50 +0100 Subject: [PATCH 172/227] Fix permissions #yogosha13771 --- htdocs/compta/index.php | 2 +- htdocs/core/class/utils.class.php | 9 +- htdocs/core/lib/invoice.lib.php | 427 +++++++++++++++--------------- 3 files changed, 226 insertions(+), 212 deletions(-) diff --git a/htdocs/compta/index.php b/htdocs/compta/index.php index cfec4d87238..0334afe9986 100644 --- a/htdocs/compta/index.php +++ b/htdocs/compta/index.php @@ -111,7 +111,7 @@ if (isModEnabled('facture')) { } if (isModEnabled('fournisseur') || isModEnabled('supplier_invoice')) { - print getNumberInvoicesPieChart('fourn'); + print getNumberInvoicesPieChart('suppliers'); print '
'; } diff --git a/htdocs/core/class/utils.class.php b/htdocs/core/class/utils.class.php index 16e000e7f59..60ab5806994 100644 --- a/htdocs/core/class/utils.class.php +++ b/htdocs/core/class/utils.class.php @@ -417,13 +417,16 @@ class Utils } - // TODO Replace with Utils->executeCLI() function but - // we must first introduce the variant with $lowmemorydump into this method. if ($execmethod == 1) { $output_arr = array(); $retval = null; exec($fullcommandclear, $output_arr, $retval); + // TODO Replace this exec with Utils->executeCLI() function. + // We must check that the case for $lowmemorydump works too... + //$utils = new Utils($db); + //$outputfile = $conf->admin->dir_temp.'/dump.tmp'; + //$utils->executeCLI($fullcommandclear, $outputfile, 0); if ($retval != 0) { $langs->load("errors"); @@ -438,6 +441,8 @@ class Utils if ($i == 1 && preg_match('/Warning.*Using a password/i', $read)) { continue; } + // Now check into the result file, that the file end with "-- Dump completed" + // This is possible only if $output_arr is the clear dump file, so not possible with $lowmemorydump set because file is already compressed. if (!$lowmemorydump) { fwrite($handle, $read.($execmethod == 2 ? '' : "\n")); if (preg_match('/'.preg_quote('-- Dump completed', '/').'/i', $read)) { diff --git a/htdocs/core/lib/invoice.lib.php b/htdocs/core/lib/invoice.lib.php index 0d14b322953..f4aca8ef9a7 100644 --- a/htdocs/core/lib/invoice.lib.php +++ b/htdocs/core/lib/invoice.lib.php @@ -280,8 +280,9 @@ function supplier_invoice_rec_prepare_head($object) function getNumberInvoicesPieChart($mode) { global $conf, $db, $langs, $user; + if (($mode == 'customers' && isModEnabled('facture') && !empty($user->rights->facture->lire)) - || ($mode = 'suppliers') && (isModEnabled('fournisseur') || isModEnabled('supplier_invoice')) && !empty($user->rights->facture->lire) + || ($mode == 'suppliers' && (isModEnabled('fournisseur') || isModEnabled('supplier_invoice')) && !empty($user->rights->facture->lire)) ) { include DOL_DOCUMENT_ROOT.'/theme/'.$conf->theme.'/theme_vars.inc.php'; @@ -406,7 +407,9 @@ function getNumberInvoicesPieChart($mode) dol_print_error($db); } } + return ''; } + /** * Return a HTML table that contains a list with customer invoice drafts * @@ -418,137 +421,140 @@ function getCustomerInvoiceDraftTable($maxCount = 500, $socid = 0) { global $conf, $db, $langs, $user, $hookmanager; - $maxofloop = (empty($conf->global->MAIN_MAXLIST_OVERLOAD) ? 500 : $conf->global->MAIN_MAXLIST_OVERLOAD); - $result = ''; - $tmpinvoice = new Facture($db); - $sql = "SELECT f.rowid, f.ref, f.datef as date, f.total_ht, f.total_tva, f.total_ttc, f.ref_client"; - $sql .= ", f.type, f.fk_statut as status, f.paye"; - $sql .= ", s.nom as name"; - $sql .= ", s.rowid as socid, s.email"; - $sql .= ", s.code_client, s.code_compta, s.code_fournisseur, s.code_compta_fournisseur"; - $sql .= ", cc.rowid as country_id, cc.code as country_code"; - if (empty($user->rights->societe->client->voir) && !$socid) { - $sql .= ", sc.fk_soc, sc.fk_user "; - } - $sql .= " FROM ".MAIN_DB_PREFIX."facture as f, ".MAIN_DB_PREFIX."societe as s LEFT JOIN ".MAIN_DB_PREFIX."c_country as cc ON cc.rowid = s.fk_pays"; - if (empty($user->rights->societe->client->voir) && !$socid) { - $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; - } - $sql .= " WHERE s.rowid = f.fk_soc AND f.fk_statut = ".Facture::STATUS_DRAFT; - $sql .= " AND f.entity IN (".getEntity('invoice').")"; - if (empty($user->rights->societe->client->voir) && !$socid) { - $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); - } + if (isModEnabled('facture') && !empty($user->rights->facture->lire)) { + $maxofloop = (empty($conf->global->MAIN_MAXLIST_OVERLOAD) ? 500 : $conf->global->MAIN_MAXLIST_OVERLOAD); - if ($socid) { - $sql .= " AND f.fk_soc = ".((int) $socid); - } - // Add where from hooks - $parameters = array(); - $reshook = $hookmanager->executeHooks('printFieldListWhereCustomerDraft', $parameters); - $sql .= $hookmanager->resPrint; + $tmpinvoice = new Facture($db); - $sql .= " GROUP BY f.rowid, f.ref, f.datef, f.total_ht, f.total_tva, f.total_ttc, f.ref_client, f.type, f.fk_statut, f.paye,"; - $sql .= " s.nom, s.rowid, s.email, s.code_client, s.code_compta, s.code_fournisseur, s.code_compta_fournisseur,"; - $sql .= " cc.rowid, cc.code"; - if (empty($user->rights->societe->client->voir) && !$socid) { - $sql .= ", sc.fk_soc, sc.fk_user"; - } + $sql = "SELECT f.rowid, f.ref, f.datef as date, f.total_ht, f.total_tva, f.total_ttc, f.ref_client"; + $sql .= ", f.type, f.fk_statut as status, f.paye"; + $sql .= ", s.nom as name"; + $sql .= ", s.rowid as socid, s.email"; + $sql .= ", s.code_client, s.code_compta, s.code_fournisseur, s.code_compta_fournisseur"; + $sql .= ", cc.rowid as country_id, cc.code as country_code"; + if (empty($user->rights->societe->client->voir) && !$socid) { + $sql .= ", sc.fk_soc, sc.fk_user "; + } + $sql .= " FROM ".MAIN_DB_PREFIX."facture as f, ".MAIN_DB_PREFIX."societe as s LEFT JOIN ".MAIN_DB_PREFIX."c_country as cc ON cc.rowid = s.fk_pays"; + if (empty($user->rights->societe->client->voir) && !$socid) { + $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; + } + $sql .= " WHERE s.rowid = f.fk_soc AND f.fk_statut = ".Facture::STATUS_DRAFT; + $sql .= " AND f.entity IN (".getEntity('invoice').")"; + if (empty($user->rights->societe->client->voir) && !$socid) { + $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); + } - // Add Group from hooks - $parameters = array(); - $reshook = $hookmanager->executeHooks('printFieldListGroupByCustomerDraft', $parameters); - $sql .= $hookmanager->resPrint; + if ($socid) { + $sql .= " AND f.fk_soc = ".((int) $socid); + } + // Add where from hooks + $parameters = array(); + $reshook = $hookmanager->executeHooks('printFieldListWhereCustomerDraft', $parameters); + $sql .= $hookmanager->resPrint; - $resql = $db->query($sql); + $sql .= " GROUP BY f.rowid, f.ref, f.datef, f.total_ht, f.total_tva, f.total_ttc, f.ref_client, f.type, f.fk_statut, f.paye,"; + $sql .= " s.nom, s.rowid, s.email, s.code_client, s.code_compta, s.code_fournisseur, s.code_compta_fournisseur,"; + $sql .= " cc.rowid, cc.code"; + if (empty($user->rights->societe->client->voir) && !$socid) { + $sql .= ", sc.fk_soc, sc.fk_user"; + } - if ($resql) { - $num = $db->num_rows($resql); - $nbofloop = min($num, $maxofloop); + // Add Group from hooks + $parameters = array(); + $reshook = $hookmanager->executeHooks('printFieldListGroupByCustomerDraft', $parameters); + $sql .= $hookmanager->resPrint; - $result .= '
'; - $result .= ''; + $resql = $db->query($sql); - $result .= ''; - $result .= ''; - $result .= ''; + if ($resql) { + $num = $db->num_rows($resql); + $nbofloop = min($num, $maxofloop); - if ($num) { - $companystatic = new Societe($db); + $result .= '
'; + $result .= '
'; - $result .= $langs->trans("CustomersDraftInvoices").' '; - $result .= ''; - $result .= ''.$num.''; - $result .= ''; - $result .= '
'; - $i = 0; - $othernb = 0; - $tot_ttc = 0; - while ($i < $nbofloop) { - $obj = $db->fetch_object($resql); + $result .= ''; + $result .= ''; + $result .= ''; - if ($i >= $maxCount) { - $othernb += 1; - $i++; + if ($num) { + $companystatic = new Societe($db); + + $i = 0; + $othernb = 0; + $tot_ttc = 0; + while ($i < $nbofloop) { + $obj = $db->fetch_object($resql); + + if ($i >= $maxCount) { + $othernb += 1; + $i++; + $tot_ttc += $obj->total_ttc; + continue; + } + + $tmpinvoice->id = $obj->rowid; + $tmpinvoice->ref = $obj->ref; + $tmpinvoice->date = $db->jdate($obj->date); + $tmpinvoice->type = $obj->type; + $tmpinvoice->total_ht = $obj->total_ht; + $tmpinvoice->total_tva = $obj->total_tva; + $tmpinvoice->total_ttc = $obj->total_ttc; + $tmpinvoice->ref_client = $obj->ref_client; + $tmpinvoice->statut = $obj->status; + $tmpinvoice->paye = $obj->paye; + + $companystatic->id = $obj->socid; + $companystatic->name = $obj->name; + $companystatic->email = $obj->email; + $companystatic->country_id = $obj->country_id; + $companystatic->country_code = $obj->country_code; + $companystatic->client = 1; + $companystatic->code_client = $obj->code_client; + $companystatic->code_fournisseur = $obj->code_fournisseur; + $companystatic->code_compta = $obj->code_compta; + $companystatic->code_compta_fournisseur = $obj->code_compta_fournisseur; + + $result .= ''; + $result .= ''; + $result .= ''; + $result .= ''; + $result .= ''; $tot_ttc += $obj->total_ttc; - continue; + $i++; } - $tmpinvoice->id = $obj->rowid; - $tmpinvoice->ref = $obj->ref; - $tmpinvoice->date = $db->jdate($obj->date); - $tmpinvoice->type = $obj->type; - $tmpinvoice->total_ht = $obj->total_ht; - $tmpinvoice->total_tva = $obj->total_tva; - $tmpinvoice->total_ttc = $obj->total_ttc; - $tmpinvoice->ref_client = $obj->ref_client; - $tmpinvoice->statut = $obj->status; - $tmpinvoice->paye = $obj->paye; + if ($othernb) { + $result .= ''; + $result .= ''; + $result .= "\n"; + } - $companystatic->id = $obj->socid; - $companystatic->name = $obj->name; - $companystatic->email = $obj->email; - $companystatic->country_id = $obj->country_id; - $companystatic->country_code = $obj->country_code; - $companystatic->client = 1; - $companystatic->code_client = $obj->code_client; - $companystatic->code_fournisseur = $obj->code_fournisseur; - $companystatic->code_compta = $obj->code_compta; - $companystatic->code_compta_fournisseur = $obj->code_compta_fournisseur; - - $result .= ''; - $result .= ''; - $result .= ''; - $result .= ''; + $result .= ''; + $result .= ''; $result .= ''; - $tot_ttc += $obj->total_ttc; - $i++; + } else { + $result .= ''; } - - if ($othernb) { - $result .= ''; - $result .= ''; - $result .= "\n"; - } - - $result .= ''; - $result .= ''; - $result .= ''; + $result .= "
'; + $result .= $langs->trans("CustomersDraftInvoices").' '; + $result .= ''; + $result .= ''.$num.''; + $result .= ''; + $result .= '
'; + $result .= $tmpinvoice->getNomUrl(1, ''); + $result .= ''; + $result .= $companystatic->getNomUrl(1, 'customer'); + $result .= ''.price($obj->total_ttc).'
'; + $result .= ''.$langs->trans("More").'...'.($othernb < $maxofloop ? ' ('.$othernb.')' : '').''; + $result .= '
'; - $result .= $tmpinvoice->getNomUrl(1, ''); - $result .= ''; - $result .= $companystatic->getNomUrl(1, 'customer'); - $result .= ''.price($obj->total_ttc).'
'.$langs->trans("Total").''.price($tot_ttc).'
'.$langs->trans("NoInvoice").'
'; - $result .= ''.$langs->trans("More").'...'.($othernb < $maxofloop ? ' ('.$othernb.')' : '').''; - $result .= '
'.$langs->trans("Total").''.price($tot_ttc).'
"; + $db->free($resql); } else { - $result .= ''.$langs->trans("NoInvoice").''; + dol_print_error($db); } - $result .= "
"; - $db->free($resql); - } else { - dol_print_error($db); } return $result; @@ -565,119 +571,122 @@ function getDraftSupplierTable($maxCount = 500, $socid = 0) { global $conf, $db, $langs, $user, $hookmanager; - $maxofloop = (empty($conf->global->MAIN_MAXLIST_OVERLOAD) ? 500 : $conf->global->MAIN_MAXLIST_OVERLOAD); - $result = ''; - $facturesupplierstatic = new FactureFournisseur($db); - $sql = "SELECT f.ref, f.rowid, f.total_ht, f.total_tva, f.total_ttc, f.type, f.ref_supplier, f.fk_statut as status, f.paye"; - $sql .= ", s.nom as name"; - $sql .= ", s.rowid as socid, s.email"; - $sql .= ", s.code_client, s.code_compta"; - $sql .= ", s.code_fournisseur, s.code_compta_fournisseur"; - $sql .= ", cc.rowid as country_id, cc.code as country_code"; - $sql .= " FROM ".MAIN_DB_PREFIX."facture_fourn as f, ".MAIN_DB_PREFIX."societe as s LEFT JOIN ".MAIN_DB_PREFIX."c_country as cc ON cc.rowid = s.fk_pays"; - if (empty($user->rights->societe->client->voir) && !$socid) { - $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; - } - $sql .= " WHERE s.rowid = f.fk_soc AND f.fk_statut = ".FactureFournisseur::STATUS_DRAFT; - $sql .= " AND f.entity IN (".getEntity('invoice').')'; - if (empty($user->rights->societe->client->voir) && !$socid) { - $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); - } - if ($socid) { - $sql .= " AND f.fk_soc = ".((int) $socid); - } - // Add where from hooks - $parameters = array(); - $reshook = $hookmanager->executeHooks('printFieldListWhereSupplierDraft', $parameters); - $sql .= $hookmanager->resPrint; - $resql = $db->query($sql); + if ((isModEnabled('fournisseur') || isModEnabled('supplier_invoice')) && !empty($user->rights->facture->lire)) { + $maxofloop = (empty($conf->global->MAIN_MAXLIST_OVERLOAD) ? 500 : $conf->global->MAIN_MAXLIST_OVERLOAD); - if ($resql) { - $num = $db->num_rows($resql); - $nbofloop = min($num, $maxofloop); + $facturesupplierstatic = new FactureFournisseur($db); - $result .= '
'; - $result .= ''; + $sql = "SELECT f.ref, f.rowid, f.total_ht, f.total_tva, f.total_ttc, f.type, f.ref_supplier, f.fk_statut as status, f.paye"; + $sql .= ", s.nom as name"; + $sql .= ", s.rowid as socid, s.email"; + $sql .= ", s.code_client, s.code_compta"; + $sql .= ", s.code_fournisseur, s.code_compta_fournisseur"; + $sql .= ", cc.rowid as country_id, cc.code as country_code"; + $sql .= " FROM ".MAIN_DB_PREFIX."facture_fourn as f, ".MAIN_DB_PREFIX."societe as s LEFT JOIN ".MAIN_DB_PREFIX."c_country as cc ON cc.rowid = s.fk_pays"; + if (empty($user->rights->societe->client->voir) && !$socid) { + $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; + } + $sql .= " WHERE s.rowid = f.fk_soc AND f.fk_statut = ".FactureFournisseur::STATUS_DRAFT; + $sql .= " AND f.entity IN (".getEntity('invoice').')'; + if (empty($user->rights->societe->client->voir) && !$socid) { + $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); + } + if ($socid) { + $sql .= " AND f.fk_soc = ".((int) $socid); + } + // Add where from hooks + $parameters = array(); + $reshook = $hookmanager->executeHooks('printFieldListWhereSupplierDraft', $parameters); + $sql .= $hookmanager->resPrint; + $resql = $db->query($sql); - $result .= ''; - $result .= ''; - $result .= ''; + if ($resql) { + $num = $db->num_rows($resql); + $nbofloop = min($num, $maxofloop); - if ($num) { - $companystatic = new Societe($db); + $result .= '
'; + $result .= '
'; - $result .= $langs->trans("SuppliersDraftInvoices").' '; - $result .= ''; - $result .= ''.$num.''; - $result .= ''; - $result .= '
'; - $i = 0; - $othernb = 0; - $tot_ttc = 0; - while ($i < $nbofloop) { - $obj = $db->fetch_object($resql); + $result .= ''; + $result .= ''; + $result .= ''; - if ($i >= $maxCount) { - $othernb += 1; - $i++; + if ($num) { + $companystatic = new Societe($db); + + $i = 0; + $othernb = 0; + $tot_ttc = 0; + while ($i < $nbofloop) { + $obj = $db->fetch_object($resql); + + if ($i >= $maxCount) { + $othernb += 1; + $i++; + $tot_ttc += $obj->total_ttc; + continue; + } + + $facturesupplierstatic->ref = $obj->ref; + $facturesupplierstatic->id = $obj->rowid; + $facturesupplierstatic->total_ht = $obj->total_ht; + $facturesupplierstatic->total_tva = $obj->total_tva; + $facturesupplierstatic->total_ttc = $obj->total_ttc; + $facturesupplierstatic->ref_supplier = $obj->ref_supplier; + $facturesupplierstatic->type = $obj->type; + $facturesupplierstatic->statut = $obj->status; + $facturesupplierstatic->paye = $obj->paye; + + $companystatic->id = $obj->socid; + $companystatic->name = $obj->name; + $companystatic->email = $obj->email; + $companystatic->country_id = $obj->country_id; + $companystatic->country_code = $obj->country_code; + $companystatic->fournisseur = 1; + $companystatic->code_client = $obj->code_client; + $companystatic->code_fournisseur = $obj->code_fournisseur; + $companystatic->code_compta = $obj->code_compta; + $companystatic->code_compta_fournisseur = $obj->code_compta_fournisseur; + + $result .= ''; + $result .= ''; + $result .= ''; + $result .= ''; + $result .= ''; $tot_ttc += $obj->total_ttc; - continue; + $i++; } - $facturesupplierstatic->ref = $obj->ref; - $facturesupplierstatic->id = $obj->rowid; - $facturesupplierstatic->total_ht = $obj->total_ht; - $facturesupplierstatic->total_tva = $obj->total_tva; - $facturesupplierstatic->total_ttc = $obj->total_ttc; - $facturesupplierstatic->ref_supplier = $obj->ref_supplier; - $facturesupplierstatic->type = $obj->type; - $facturesupplierstatic->statut = $obj->status; - $facturesupplierstatic->paye = $obj->paye; + if ($othernb) { + $result .= ''; + $result .= ''; + $result .= "\n"; + } - $companystatic->id = $obj->socid; - $companystatic->name = $obj->name; - $companystatic->email = $obj->email; - $companystatic->country_id = $obj->country_id; - $companystatic->country_code = $obj->country_code; - $companystatic->fournisseur = 1; - $companystatic->code_client = $obj->code_client; - $companystatic->code_fournisseur = $obj->code_fournisseur; - $companystatic->code_compta = $obj->code_compta; - $companystatic->code_compta_fournisseur = $obj->code_compta_fournisseur; - - $result .= ''; - $result .= ''; - $result .= ''; - $result .= ''; + $result .= ''; + $result .= ''; $result .= ''; - $tot_ttc += $obj->total_ttc; - $i++; + } else { + $result .= ''; } - - if ($othernb) { - $result .= ''; - $result .= ''; - $result .= "\n"; - } - - $result .= ''; - $result .= ''; - $result .= ''; + $result .= "
'; + $result .= $langs->trans("SuppliersDraftInvoices").' '; + $result .= ''; + $result .= ''.$num.''; + $result .= ''; + $result .= '
'; + $result .= $facturesupplierstatic->getNomUrl(1, ''); + $result .= ''; + $result .= $companystatic->getNomUrl(1, 'supplier'); + $result .= ''.price($obj->total_ttc).'
'; + $result .= ''.$langs->trans("More").'...'.($othernb < $maxofloop ? ' ('.$othernb.')' : '').''; + $result .= '
'; - $result .= $facturesupplierstatic->getNomUrl(1, ''); - $result .= ''; - $result .= $companystatic->getNomUrl(1, 'supplier'); - $result .= ''.price($obj->total_ttc).'
'.$langs->trans("Total").''.price($tot_ttc).'
'.$langs->trans("NoInvoice").'
'; - $result .= ''.$langs->trans("More").'...'.($othernb < $maxofloop ? ' ('.$othernb.')' : '').''; - $result .= '
'.$langs->trans("Total").''.price($tot_ttc).'
"; + $db->free($resql); } else { - $result .= ''.$langs->trans("NoInvoice").''; + dol_print_error($db); } - $result .= "
"; - $db->free($resql); - } else { - dol_print_error($db); } return $result; From 2cc19f0e4252b46050494f4709366cd4bb7ff9d7 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Sat, 4 Feb 2023 14:59:44 +0100 Subject: [PATCH 173/227] Fix css --- htdocs/core/class/extrafields.class.php | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/htdocs/core/class/extrafields.class.php b/htdocs/core/class/extrafields.class.php index 8ac336f84f8..45cafc61237 100644 --- a/htdocs/core/class/extrafields.class.php +++ b/htdocs/core/class/extrafields.class.php @@ -1975,6 +1975,8 @@ class ExtraFields if (!empty($extrafield_param) && is_array($extrafield_param)) { $extrafield_param_list = array_keys($extrafield_param['options']); } + + // Set $extrafield_collapse_display_value (do we have to collapse/expand the group after the separator) $extrafield_collapse_display_value = -1; $expand_display = false; if (is_array($extrafield_param_list) && count($extrafield_param_list) > 0) { @@ -1989,7 +1991,7 @@ class ExtraFields $out .= '<'.$tagtype_dyn.' '.(!empty($colspan)?'colspan="' . $colspan . '"':'').'>'; // Some js code will be injected here to manage the collapsing of extrafields // Output the picto - $out .= ''; + $out .= ''; $out .= ' '; $out .= ''; $out .= $langs->trans($this->attributes[$object->table_element]['label'][$key]); From 3cc415af47624e6ffa40b36333cda5223976a1fc Mon Sep 17 00:00:00 2001 From: Rept0id Date: Thu, 2 Feb 2023 16:50:50 +0200 Subject: [PATCH 174/227] Updated function dol_eval, added error handling - There were cases that dol_eval() would break the whole system. -That was happening in case of using a new version plugin on an old version dolibarr. New plugin validates through isModActive() instead of $conf->moduleName->enabled. Even if you were deactivating the plugin, or totally delete it, the records were still on database for menu, so there were no obvious solution. This update adds a backwards compatibility, makes doli more stable and counterparts the use of eval, making it more safe. - Use of eval is not bad, as well there are techniques in any project that are project-related useful and smart. For example, Linux kernel uses GOTO. But in such cases, there needs to be a safety net. -I found out this after a lot of trouble, I hope this small fix will save other developers. :+1: --- htdocs/core/lib/functions.lib.php | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/htdocs/core/lib/functions.lib.php b/htdocs/core/lib/functions.lib.php index aebbc332966..701b34c4042 100644 --- a/htdocs/core/lib/functions.lib.php +++ b/htdocs/core/lib/functions.lib.php @@ -8914,6 +8914,7 @@ function verifCond($strToEvaluate) */ function dol_eval($s, $returnvalue = 0, $hideerrors = 1, $onlysimplestring = '1') { + try { // Only global variables can be changed by eval function and returned to caller global $db, $langs, $user, $conf, $website, $websitepage; global $action, $mainmenu, $leftmenu; @@ -9017,6 +9018,13 @@ function dol_eval($s, $returnvalue = 0, $hideerrors = 1, $onlysimplestring = '1' eval($s); } } + } catch (Error $e) { + $error = 'Caught error : '; + $error .= $e->getMessage() . ', '; + $error .= 'Trace : '; + $error .= json_encode($e->getTrace()); + error_log($error, 1); + } } /** From 70c6ce9bfbc439425e93740b7cde8a1ab6bbc9c5 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Sat, 4 Feb 2023 15:21:32 +0100 Subject: [PATCH 175/227] Enhance error catching on dol_eval --- htdocs/core/lib/functions.lib.php | 171 +++++++++++++++--------------- 1 file changed, 87 insertions(+), 84 deletions(-) diff --git a/htdocs/core/lib/functions.lib.php b/htdocs/core/lib/functions.lib.php index 701b34c4042..3150ea706cc 100644 --- a/htdocs/core/lib/functions.lib.php +++ b/htdocs/core/lib/functions.lib.php @@ -8914,7 +8914,6 @@ function verifCond($strToEvaluate) */ function dol_eval($s, $returnvalue = 0, $hideerrors = 1, $onlysimplestring = '1') { - try { // Only global variables can be changed by eval function and returned to caller global $db, $langs, $user, $conf, $website, $websitepage; global $action, $mainmenu, $leftmenu; @@ -8925,106 +8924,110 @@ function dol_eval($s, $returnvalue = 0, $hideerrors = 1, $onlysimplestring = '1' global $obj; // To get $obj used into list when dol_eval is used for computed fields and $obj is not yet $object global $soc; // For backward compatibility - // Test on dangerous char (used for RCE), we allow only characters to make PHP variable testing - if ($onlysimplestring == '1') { - // We must accept: '1 && getDolGlobalInt("doesnotexist1") && $conf->global->MAIN_FEATURES_LEVEL' - // We must accept: '$conf->barcode->enabled || preg_match(\'/^AAA/\',$leftmenu)' - // We must accept: '$user->rights->cabinetmed->read && !$object->canvas=="patient@cabinetmed"' - if (preg_match('/[^a-z0-9\s'.preg_quote('^$_+-.*>&|=!?():"\',/@', '/').']/i', $s)) { - if ($returnvalue) { - return 'Bad string syntax to evaluate (found chars that are not chars for simplestring): '.$s; - } else { - dol_syslog('Bad string syntax to evaluate (found chars that are not chars for simplestring): '.$s); - return ''; + try { + // Test on dangerous char (used for RCE), we allow only characters to make PHP variable testing + if ($onlysimplestring == '1') { + // We must accept: '1 && getDolGlobalInt("doesnotexist1") && $conf->global->MAIN_FEATURES_LEVEL' + // We must accept: '$conf->barcode->enabled || preg_match(\'/^AAA/\',$leftmenu)' + // We must accept: '$user->rights->cabinetmed->read && !$object->canvas=="patient@cabinetmed"' + if (preg_match('/[^a-z0-9\s'.preg_quote('^$_+-.*>&|=!?():"\',/@', '/').']/i', $s)) { + if ($returnvalue) { + return 'Bad string syntax to evaluate (found chars that are not chars for simplestring): '.$s; + } else { + dol_syslog('Bad string syntax to evaluate (found chars that are not chars for simplestring): '.$s); + return ''; + } + // TODO + // We can exclude all parenthesis ( that are not '($db' and 'getDolGlobalInt(' and 'getDolGlobalString(' and 'preg_match(' and 'isModEnabled(' + // ... + } + } elseif ($onlysimplestring == '2') { + // We must accept: (($reloadedobj = new Task($db)) && ($reloadedobj->fetchNoCompute($object->id) > 0) && ($secondloadedobj = new Project($db)) && ($secondloadedobj->fetchNoCompute($reloadedobj->fk_project) > 0)) ? $secondloadedobj->ref : "Parent project not found" + if (preg_match('/[^a-z0-9\s'.preg_quote('^$_+-.*>&|=!?():"\',/@;[]', '/').']/i', $s)) { + if ($returnvalue) { + return 'Bad string syntax to evaluate (found chars that are not chars for simplestring): '.$s; + } else { + dol_syslog('Bad string syntax to evaluate (found chars that are not chars for simplestring): '.$s); + return ''; + } } - // TODO - // We can exclude all parenthesis ( that are not '($db' and 'getDolGlobalInt(' and 'getDolGlobalString(' and 'preg_match(' and 'isModEnabled(' - // ... } - } elseif ($onlysimplestring == '2') { - // We must accept: (($reloadedobj = new Task($db)) && ($reloadedobj->fetchNoCompute($object->id) > 0) && ($secondloadedobj = new Project($db)) && ($secondloadedobj->fetchNoCompute($reloadedobj->fk_project) > 0)) ? $secondloadedobj->ref : "Parent project not found" - if (preg_match('/[^a-z0-9\s'.preg_quote('^$_+-.*>&|=!?():"\',/@;[]', '/').']/i', $s)) { + if (strpos($s, '::') !== false) { if ($returnvalue) { - return 'Bad string syntax to evaluate (found chars that are not chars for simplestring): '.$s; + return 'Bad string syntax to evaluate (double : char is forbidden): '.$s; } else { - dol_syslog('Bad string syntax to evaluate (found chars that are not chars for simplestring): '.$s); + dol_syslog('Bad string syntax to evaluate (double : char is forbidden): '.$s); return ''; } } - } - if (strpos($s, '::') !== false) { - if ($returnvalue) { - return 'Bad string syntax to evaluate (double : char is forbidden): '.$s; - } else { - dol_syslog('Bad string syntax to evaluate (double : char is forbidden): '.$s); - return ''; + if (strpos($s, '`') !== false) { + if ($returnvalue) { + return 'Bad string syntax to evaluate (backtick char is forbidden): '.$s; + } else { + dol_syslog('Bad string syntax to evaluate (backtick char is forbidden): '.$s); + return ''; + } } - } - if (strpos($s, '`') !== false) { - if ($returnvalue) { - return 'Bad string syntax to evaluate (backtick char is forbidden): '.$s; - } else { - dol_syslog('Bad string syntax to evaluate (backtick char is forbidden): '.$s); - return ''; + if (preg_match('/[^0-9]+\.[^0-9]+/', $s)) { // We refuse . if not between 2 numbers + if ($returnvalue) { + return 'Bad string syntax to evaluate (dot char is forbidden): '.$s; + } else { + dol_syslog('Bad string syntax to evaluate (dot char is forbidden): '.$s); + return ''; + } } - } - if (preg_match('/[^0-9]+\.[^0-9]+/', $s)) { // We refuse . if not between 2 numbers - if ($returnvalue) { - return 'Bad string syntax to evaluate (dot char is forbidden): '.$s; - } else { - dol_syslog('Bad string syntax to evaluate (dot char is forbidden): '.$s); - return ''; + + // We block use of php exec or php file functions + $forbiddenphpstrings = array('$$'); + $forbiddenphpstrings = array_merge($forbiddenphpstrings, array('_ENV', '_SESSION', '_COOKIE', '_GET', '_POST', '_REQUEST')); + + $forbiddenphpfunctions = array("exec", "passthru", "shell_exec", "system", "proc_open", "popen", "eval", "dol_eval", "executeCLI", "verifCond", "base64_decode"); + $forbiddenphpfunctions = array_merge($forbiddenphpfunctions, array("fopen", "file_put_contents", "fputs", "fputscsv", "fwrite", "fpassthru", "require", "include", "mkdir", "rmdir", "symlink", "touch", "unlink", "umask")); + $forbiddenphpfunctions = array_merge($forbiddenphpfunctions, array("function", "call_user_func")); + + $forbiddenphpregex = 'global\s+\$|\b('.implode('|', $forbiddenphpfunctions).')\b'; + + do { + $oldstringtoclean = $s; + $s = str_ireplace($forbiddenphpstrings, '__forbiddenstring__', $s); + $s = preg_replace('/'.$forbiddenphpregex.'/i', '__forbiddenstring__', $s); + //$s = preg_replace('/\$[a-zA-Z0-9_\->\$]+\(/i', '', $s); // Remove $function( call and $mycall->mymethod( + } while ($oldstringtoclean != $s); + + if (strpos($s, '__forbiddenstring__') !== false) { + dol_syslog('Bad string syntax to evaluate: '.$s, LOG_WARNING); + if ($returnvalue) { + return 'Bad string syntax to evaluate: '.$s; + } else { + dol_syslog('Bad string syntax to evaluate: '.$s); + return ''; + } } - } - // We block use of php exec or php file functions - $forbiddenphpstrings = array('$$'); - $forbiddenphpstrings = array_merge($forbiddenphpstrings, array('_ENV', '_SESSION', '_COOKIE', '_GET', '_POST', '_REQUEST')); - - $forbiddenphpfunctions = array("exec", "passthru", "shell_exec", "system", "proc_open", "popen", "eval", "dol_eval", "executeCLI", "verifCond", "base64_decode"); - $forbiddenphpfunctions = array_merge($forbiddenphpfunctions, array("fopen", "file_put_contents", "fputs", "fputscsv", "fwrite", "fpassthru", "require", "include", "mkdir", "rmdir", "symlink", "touch", "unlink", "umask")); - $forbiddenphpfunctions = array_merge($forbiddenphpfunctions, array("function", "call_user_func")); - - $forbiddenphpregex = 'global\s+\$|\b('.implode('|', $forbiddenphpfunctions).')\b'; - - do { - $oldstringtoclean = $s; - $s = str_ireplace($forbiddenphpstrings, '__forbiddenstring__', $s); - $s = preg_replace('/'.$forbiddenphpregex.'/i', '__forbiddenstring__', $s); - //$s = preg_replace('/\$[a-zA-Z0-9_\->\$]+\(/i', '', $s); // Remove $function( call and $mycall->mymethod( - } while ($oldstringtoclean != $s); - - if (strpos($s, '__forbiddenstring__') !== false) { - dol_syslog('Bad string syntax to evaluate: '.$s, LOG_WARNING); + //print $s."
\n"; if ($returnvalue) { - return 'Bad string syntax to evaluate: '.$s; + if ($hideerrors) { + return @eval('return '.$s.';'); + } else { + return eval('return '.$s.';'); + } } else { - dol_syslog('Bad string syntax to evaluate: '.$s); - return ''; + if ($hideerrors) { + @eval($s); + } else { + eval($s); + } } + } catch (Error $e) { + $error = 'Caught error : '; + $error .= $e->getMessage(); + //$error .= ', Trace : '; + //$error .= json_encode($e->getTrace()); + error_log($error, 1); } - - //print $s."
\n"; if ($returnvalue) { - if ($hideerrors) { - return @eval('return '.$s.';'); - } else { - return eval('return '.$s.';'); - } - } else { - if ($hideerrors) { - @eval($s); - } else { - eval($s); - } + return ''; } - } catch (Error $e) { - $error = 'Caught error : '; - $error .= $e->getMessage() . ', '; - $error .= 'Trace : '; - $error .= json_encode($e->getTrace()); - error_log($error, 1); - } } /** From ecadaf966647fb46af86af79efade17a2bbd9609 Mon Sep 17 00:00:00 2001 From: jyhere Date: Fri, 3 Feb 2023 13:11:17 +0100 Subject: [PATCH 176/227] [FIX] sellist / chkboxlist extrafields error when table is _extrafields This patch fixes error when an sellist /chkboxlist extrafield directly use an *_extrafields table (as main table) --- htdocs/core/class/extrafields.class.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/htdocs/core/class/extrafields.class.php b/htdocs/core/class/extrafields.class.php index 45cafc61237..5d91febc65d 100644 --- a/htdocs/core/class/extrafields.class.php +++ b/htdocs/core/class/extrafields.class.php @@ -1233,7 +1233,7 @@ class ExtraFields $InfoFieldList[4] = str_replace('$ID$', '0', $InfoFieldList[4]); } //We have to join on extrafield table - if (strpos($InfoFieldList[4], 'extra') !== false) { + if (strpos($InfoFieldList[4], 'extra.') !== false) { $sql .= ' as main, '.$this->db->prefix().$InfoFieldList[0].'_extrafields as extra'; $sqlwhere .= " WHERE extra.fk_object=main.".$InfoFieldList[2]." AND ".$InfoFieldList[4]; } else { @@ -1690,7 +1690,7 @@ class ExtraFields $sql = "SELECT ".$keyList; $sql .= ' FROM '.$this->db->prefix().$InfoFieldList[0]; - if (!empty($InfoFieldList[4]) && strpos($InfoFieldList[4], 'extra') !== false) { + if (!empty($InfoFieldList[4]) && strpos($InfoFieldList[4], 'extra.') !== false) { $sql .= ' as main'; } if ($selectkey == 'rowid' && empty($value)) { @@ -1806,7 +1806,7 @@ class ExtraFields $sql = "SELECT ".$keyList; $sql .= " FROM ".$this->db->prefix().$InfoFieldList[0]; - if (strpos($InfoFieldList[4], 'extra') !== false) { + if (strpos($InfoFieldList[4], 'extra.') !== false) { $sql .= ' as main'; } // $sql.= " WHERE ".$selectkey."='".$this->db->escape($value)."'"; From 18708dfdeebf9cfd140547393cdb526175912c51 Mon Sep 17 00:00:00 2001 From: Sylvain Legrand Date: Wed, 1 Feb 2023 22:42:41 +0100 Subject: [PATCH 177/227] Fix input for progress not shown on lines in edit mode --- htdocs/core/tpl/objectline_edit.tpl.php | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/htdocs/core/tpl/objectline_edit.tpl.php b/htdocs/core/tpl/objectline_edit.tpl.php index dbc8b407fa5..fba73125aa5 100644 --- a/htdocs/core/tpl/objectline_edit.tpl.php +++ b/htdocs/core/tpl/objectline_edit.tpl.php @@ -70,7 +70,7 @@ if (!empty($inputalsopricewithtax)) { if (in_array($object->element, array('propal', 'supplier_proposal', 'facture', 'facturerec', 'invoice', 'commande', 'order', 'order_supplier', 'invoice_supplier', 'invoice_supplier_rec'))) { $colspan++; // With this, there is a column move button } -if (isModEnabled("multicurrency") && $this->multicurrency_code != $conf->currency) { +if (isModEnabled("multicurrency") && $object->multicurrency_code != $conf->currency) { $colspan += 2; } if (isModEnabled('asset') && $object->element == 'invoice_supplier') { @@ -218,7 +218,7 @@ $coldisplay++; } print '>'; - if (isModEnabled("multicurrency") && $this->multicurrency_code != $conf->currency) { + if (isModEnabled("multicurrency") && $object->multicurrency_code != $conf->currency) { $coldisplay++; print ''; } @@ -286,7 +286,7 @@ $coldisplay++; situation_cycle_ref) { + if ($object->situation_cycle_ref) { $coldisplay++; print '%'; $coldisplay++; @@ -490,7 +490,7 @@ jQuery(document).ready(function() } }); - table_element_line, array('propaldet', 'commandedet', 'facturedet'))) { ?> + table_element_line, array('propaldet', 'commandedet', 'facturedet'))) { ?> $("#date_start, #date_end").focusout(function() { if ( $(this).val() == '' && !$(this).hasClass('inputmandatory') ) { $(this).addClass('inputmandatory'); From 116cf440de31c72838ecbeee99c9b49761e2e32b Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Sat, 4 Feb 2023 15:52:25 +0100 Subject: [PATCH 178/227] Fix stripe warning --- htdocs/stripe/class/stripe.class.php | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/htdocs/stripe/class/stripe.class.php b/htdocs/stripe/class/stripe.class.php index 53adfdbe85b..873ff9ea616 100644 --- a/htdocs/stripe/class/stripe.class.php +++ b/htdocs/stripe/class/stripe.class.php @@ -466,11 +466,13 @@ class Stripe extends CommonObject "payment_method_types" => $paymentmethodtypes, "description" => $description, "statement_descriptor_suffix" => $descriptor, // For card payment, 22 chars that appears on bank receipt (prefix into stripe setup + this suffix) - "statement_descriptor" => $descriptor, // For SEPA, it will take only statement_descriptor, not statement_descriptor_suffix //"save_payment_method" => true, "setup_future_usage" => "on_session", "metadata" => $metadata ); + if ($descriptor) { + $dataforintent["statement_descriptor"] = $descriptor; // For SEPA, it will take only statement_descriptor, not statement_descriptor_suffix + } if (!is_null($customer)) { $dataforintent["customer"] = $customer; } From 30ed31291337403acb239df4bb573965bccc97f9 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Sat, 4 Feb 2023 16:01:00 +0100 Subject: [PATCH 179/227] FIX Try to fix stripe warning --- htdocs/public/payment/newpayment.php | 2 +- htdocs/stripe/class/stripe.class.php | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/htdocs/public/payment/newpayment.php b/htdocs/public/payment/newpayment.php index d0cfe22d664..264ead82877 100644 --- a/htdocs/public/payment/newpayment.php +++ b/htdocs/public/payment/newpayment.php @@ -2239,7 +2239,7 @@ if (preg_match('/^dopayment/', $action)) { // If we choosed/click on the payme if (!empty($conf->global->STRIPE_USE_INTENT_WITH_AUTOMATIC_CONFIRMATION)) { $noidempotency_key = (GETPOSTISSET('noidempotency') ? GETPOST('noidempotency', 'int') : 0); // By default noidempotency is unset, so we must use a different tag/ref for each payment. If set, we can pay several times the same tag/ref. - $paymentintent = $stripe->getPaymentIntent($amount, $currency, $tag, 'Stripe payment: '.$fulltag.(is_object($object) ? ' ref='.$object->ref : ''), $object, $stripecu, $stripeacc, $servicestatus, 0, 'automatic', false, null, 0, $noidempotency_key); + $paymentintent = $stripe->getPaymentIntent($amount, $currency, ($tag ? $tag : $fulltag), 'Stripe payment: '.$fulltag.(is_object($object) ? ' ref='.$object->ref : ''), $object, $stripecu, $stripeacc, $servicestatus, 0, 'automatic', false, null, 0, $noidempotency_key); // The paymentintnent has status 'requires_payment_method' (even if paymentintent was already paid) //var_dump($paymentintent); if ($stripe->error) { diff --git a/htdocs/stripe/class/stripe.class.php b/htdocs/stripe/class/stripe.class.php index 873ff9ea616..7fc11568cc7 100644 --- a/htdocs/stripe/class/stripe.class.php +++ b/htdocs/stripe/class/stripe.class.php @@ -465,12 +465,12 @@ class Stripe extends CommonObject "currency" => $currency_code, "payment_method_types" => $paymentmethodtypes, "description" => $description, - "statement_descriptor_suffix" => $descriptor, // For card payment, 22 chars that appears on bank receipt (prefix into stripe setup + this suffix) //"save_payment_method" => true, "setup_future_usage" => "on_session", "metadata" => $metadata ); if ($descriptor) { + $dataforintent["statement_descriptor_suffix"] = $descriptor; // For card payment, 22 chars that appears on bank receipt (prefix into stripe setup + this suffix) $dataforintent["statement_descriptor"] = $descriptor; // For SEPA, it will take only statement_descriptor, not statement_descriptor_suffix } if (!is_null($customer)) { From 05a0c775b62b17e4cd43e9f7ca6b388f18d9b5b2 Mon Sep 17 00:00:00 2001 From: kkhelifa Date: Wed, 1 Feb 2023 15:33:14 +0100 Subject: [PATCH 180/227] FIX: Remove orphelan $this->db->rollback() in the function insertExtrafields() --- htdocs/core/class/commonobject.class.php | 1 - 1 file changed, 1 deletion(-) diff --git a/htdocs/core/class/commonobject.class.php b/htdocs/core/class/commonobject.class.php index 139c4b420ef..e42748bc61d 100644 --- a/htdocs/core/class/commonobject.class.php +++ b/htdocs/core/class/commonobject.class.php @@ -6314,7 +6314,6 @@ abstract class CommonObject $new_array_options[$key] = $object->id; } else { $this->error = "Id/Ref '".$value."' for object '".$object->element."' not found"; - $this->db->rollback(); return -1; } } From 2c826a4fccec04a00748deb6fd2a0a4a46113342 Mon Sep 17 00:00:00 2001 From: kkhelifa Date: Wed, 1 Feb 2023 15:33:14 +0100 Subject: [PATCH 181/227] FIX: Remove orphelan $this->db->rollback() in the function insertExtrafields() --- htdocs/core/class/commonobject.class.php | 1 - 1 file changed, 1 deletion(-) diff --git a/htdocs/core/class/commonobject.class.php b/htdocs/core/class/commonobject.class.php index d322260175a..f91f34c0867 100644 --- a/htdocs/core/class/commonobject.class.php +++ b/htdocs/core/class/commonobject.class.php @@ -6296,7 +6296,6 @@ abstract class CommonObject $new_array_options[$key] = $object->id; } else { $this->error = "Id/Ref '".$value."' for object '".$object->element."' not found"; - $this->db->rollback(); return -1; } } From c69e5a98b11774fdbf69e1d86ed00102817a6c4e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20FRANCE?= Date: Mon, 30 Jan 2023 14:41:25 +0100 Subject: [PATCH 182/227] Add files via upload --- htdocs/theme/common/flags/xk.png | Bin 0 -> 371 bytes 1 file changed, 0 insertions(+), 0 deletions(-) create mode 100644 htdocs/theme/common/flags/xk.png diff --git a/htdocs/theme/common/flags/xk.png b/htdocs/theme/common/flags/xk.png new file mode 100644 index 0000000000000000000000000000000000000000..d90e8277ac9eaec104db360252fd59cb72f0b613 GIT binary patch literal 371 zcmeAS@N?(olHy`uVBq!ia0vp^0zk~o!2~3KHq6QcQjEnx?oJHr&dIz4a#+$GeH|GX zHuiJ>Nn{1`ISV`@iy17M4uLS^MYatoKn)z8E{-7@!O1BFapxSk64C;=8jTJ*c+GGQ z>p30ZdceW;!Rh|}b8>v*>;JT#YGf2{dGs`CWk-N{nCObWYbnWze?GoGzy5yx&YP0y zViGU4KQ6D(a+t!%c*V1ahllanBWE(OD7k`fG(l_68R>ObZJ P1B$`Z)z4*}Q$iB}`3aRW literal 0 HcmV?d00001 From e04cd242b01479feb1b2e64608a39d7c99fff347 Mon Sep 17 00:00:00 2001 From: Eric Seigne Date: Sat, 4 Feb 2023 17:12:09 +0100 Subject: [PATCH 183/227] fix #21072: error message if deocument model not found --- htdocs/core/actions_setnotes.inc.php | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/htdocs/core/actions_setnotes.inc.php b/htdocs/core/actions_setnotes.inc.php index b9dd4194268..79ab36e1486 100644 --- a/htdocs/core/actions_setnotes.inc.php +++ b/htdocs/core/actions_setnotes.inc.php @@ -54,7 +54,12 @@ if ($action == 'setnote_public' && !empty($permissionnote) && !GETPOST('cancel', $hidedesc = (GETPOST('hidedesc', 'int') ? GETPOST('hidedesc', 'int') : (!empty($conf->global->MAIN_GENERATE_DOCUMENTS_HIDE_DESC) ? 1 : 0)); $hideref = (GETPOST('hideref', 'int') ? GETPOST('hideref', 'int') : (!empty($conf->global->MAIN_GENERATE_DOCUMENTS_HIDE_REF) ? 1 : 0)); - $result = $object->generateDocument($model, $outputlangs, $hidedetails, $hidedesc, $hideref); + //see #21072: Update a public note with a "document model not found" is not really a problem : the PDF is not created/updated + //but the note is saved, so just add a notification will be enought + $resultGenDoc = $object->generateDocument($model, $outputlangs, $hidedetails, $hidedesc, $hideref); + if ($resultGenDoc < 0) { + setEventMessages($object->error, $object->errors, 'errors'); + } if ($result < 0) dol_print_error($db, $result); } From 1aaec5325fce3eaf36a496087543d543b6d7672c Mon Sep 17 00:00:00 2001 From: Eric Seigne Date: Sat, 4 Feb 2023 17:21:13 +0100 Subject: [PATCH 184/227] warnings is better than error --- htdocs/core/actions_setnotes.inc.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/core/actions_setnotes.inc.php b/htdocs/core/actions_setnotes.inc.php index 79ab36e1486..5d61c49d85f 100644 --- a/htdocs/core/actions_setnotes.inc.php +++ b/htdocs/core/actions_setnotes.inc.php @@ -58,7 +58,7 @@ if ($action == 'setnote_public' && !empty($permissionnote) && !GETPOST('cancel', //but the note is saved, so just add a notification will be enought $resultGenDoc = $object->generateDocument($model, $outputlangs, $hidedetails, $hidedesc, $hideref); if ($resultGenDoc < 0) { - setEventMessages($object->error, $object->errors, 'errors'); + setEventMessages($object->error, $object->errors, 'warnings'); } if ($result < 0) dol_print_error($db, $result); From 9213ba76d8e112cc27071919db1f2d4c02b6c22d Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20FRANCE?= Date: Sat, 4 Feb 2023 19:10:35 +0100 Subject: [PATCH 185/227] Update admin.lang --- htdocs/langs/en_US/admin.lang | 3 +++ 1 file changed, 3 insertions(+) diff --git a/htdocs/langs/en_US/admin.lang b/htdocs/langs/en_US/admin.lang index 8e0acd832d5..6ea2ef4fd10 100644 --- a/htdocs/langs/en_US/admin.lang +++ b/htdocs/langs/en_US/admin.lang @@ -2366,3 +2366,6 @@ MaxNumberOfAttachementOnForms=Max number of joinded files in a form IfDefinedUseAValueBeetween=If defined, use a value between %s and %s Reload=Reload ConfirmReload=Confirm module reload +WarningModuleHasChangedLastVersionCheckParameter=Warning module %s has changed last version check parameter +WarningModuleHasChangedSecurityCsrfParameter=Warning module %s has changed security CSRF parameter + From 741fd1bf9cae362565d3f6f6084d7d2e059fb2ff Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20FRANCE?= Date: Sat, 4 Feb 2023 19:11:59 +0100 Subject: [PATCH 186/227] Update modules.php --- htdocs/admin/modules.php | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/htdocs/admin/modules.php b/htdocs/admin/modules.php index 6e0d90499d4..6adfe48ebfe 100644 --- a/htdocs/admin/modules.php +++ b/htdocs/admin/modules.php @@ -8,7 +8,7 @@ * Copyright (C) 2015 Jean-François Ferry * Copyright (C) 2015 Raphaël Doursenaud * Copyright (C) 2018 Nicolas ZABOURI - * Copyright (C) 2021 Frédéric France + * Copyright (C) 2021-2023 Frédéric France * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -251,7 +251,15 @@ if ($action == 'install') { } if ($action == 'set' && $user->admin) { + $checkOldValue = getDolGlobalInt('CHECKLASTVERSION_EXTERNALMODULE'); + $csrfCheckOldValue = getDolGlobalInt('MAIN_SECURITY_CSRF_WITH_TOKEN'); $resarray = activateModule($value); + if ($checkOldValue != getDolGlobalInt('CHECKLASTVERSION_EXTERNALMODULE')) { + setEventMessage($langs->trans('WarningModuleHasChangedLastVersionCheckParameter', $value), 'warnings'); + } + if ($csrfCheckOldValue != getDolGlobalInt('MAIN_SECURITY_CSRF_WITH_TOKEN')) { + setEventMessage($langs->trans('WarningModuleHasChangedSecurityCsrfParameter', $value), 'warnings'); + } dolibarr_set_const($db, "MAIN_IHM_PARAMS_REV", (int) $conf->global->MAIN_IHM_PARAMS_REV + 1, 'chaine', 0, '', $conf->entity); if (!empty($resarray['errors'])) { setEventMessages('', $resarray['errors'], 'errors'); From 17397d635cc76c1c1bf2ed3f2d8b0f67b4273bb5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?G=C3=BCnter=20Lukas?= Date: Sun, 5 Feb 2023 08:24:09 +0100 Subject: [PATCH 187/227] #23783 --- htdocs/comm/index.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/comm/index.php b/htdocs/comm/index.php index a57c7232885..cdcac66f54b 100644 --- a/htdocs/comm/index.php +++ b/htdocs/comm/index.php @@ -699,7 +699,7 @@ if (!empty($conf->societe->enabled) && $user->rights->societe->lire) { /* * Last suppliers */ -if (((!empty($conf->fournisseur->enabled) && empty($conf->global->MAIN_USE_NEW_SUPPLIERMOD)) || !empty($conf->supplier_order->enabled) || !empty($conf->supplier_invoice->enabled)) && $user->rights->societe->lire) { +if (((!empty($conf->fournisseur->enabled) && empty($conf->global->MAIN_USE_NEW_SUPPLIERMOD)) || !empty($conf->supplier_order->enabled) || !empty($conf->supplier_invoice->enabled)) && $user->rights->fournisseur->lire) { $sql = "SELECT s.rowid as socid, s.nom as name, s.name_alias"; $sql .= ", s.code_client, s.code_compta, s.client"; $sql .= ", s.code_fournisseur, s.code_compta_fournisseur, s.fournisseur"; From d8ff9468afa0342237acfd2088ce5e3f6c783887 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?G=C3=BCnter=20Lukas?= Date: Sun, 5 Feb 2023 08:35:45 +0100 Subject: [PATCH 188/227] Update index.php --- htdocs/comm/index.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/comm/index.php b/htdocs/comm/index.php index cdcac66f54b..a57c7232885 100644 --- a/htdocs/comm/index.php +++ b/htdocs/comm/index.php @@ -699,7 +699,7 @@ if (!empty($conf->societe->enabled) && $user->rights->societe->lire) { /* * Last suppliers */ -if (((!empty($conf->fournisseur->enabled) && empty($conf->global->MAIN_USE_NEW_SUPPLIERMOD)) || !empty($conf->supplier_order->enabled) || !empty($conf->supplier_invoice->enabled)) && $user->rights->fournisseur->lire) { +if (((!empty($conf->fournisseur->enabled) && empty($conf->global->MAIN_USE_NEW_SUPPLIERMOD)) || !empty($conf->supplier_order->enabled) || !empty($conf->supplier_invoice->enabled)) && $user->rights->societe->lire) { $sql = "SELECT s.rowid as socid, s.nom as name, s.name_alias"; $sql .= ", s.code_client, s.code_compta, s.client"; $sql .= ", s.code_fournisseur, s.code_compta_fournisseur, s.fournisseur"; From f5600fdffc780de458ebedfc40c616b52e39485c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?G=C3=BCnter=20Lukas?= Date: Sun, 5 Feb 2023 08:38:46 +0100 Subject: [PATCH 189/227] Update index.php --- htdocs/comm/index.php | 12 ++---------- 1 file changed, 2 insertions(+), 10 deletions(-) diff --git a/htdocs/comm/index.php b/htdocs/comm/index.php index a57c7232885..167005cf2f4 100644 --- a/htdocs/comm/index.php +++ b/htdocs/comm/index.php @@ -60,19 +60,11 @@ if (isset($user->socid) && $user->socid > 0) { $socid = $user->socid; } +restrictedArea($user, 'societe', $socid, '&societe', '', 'fk_soc', 'rowid', 0); + $max = $conf->global->MAIN_SIZE_SHORTLIST_LIMIT; $now = dol_now(); -// Security check -$socid = GETPOST("socid", 'int'); -if ($user->socid > 0) { - $action = ''; - $id = $user->socid; -} else { - $id = 0; -} -restrictedArea($user, 'societe', $id, '&societe', '', 'fk_soc', 'rowid', 0); - $maxofloop = (empty($conf->global->MAIN_MAXLIST_OVERLOAD) ? 500 : $conf->global->MAIN_MAXLIST_OVERLOAD); From 31984b8f2eef16d6bda64e2aa630db24ff6a24c1 Mon Sep 17 00:00:00 2001 From: Guenter Lukas Date: Sun, 5 Feb 2023 09:33:54 +0100 Subject: [PATCH 190/227] update --- htdocs/comm/index.php | 12 ++---------- 1 file changed, 2 insertions(+), 10 deletions(-) diff --git a/htdocs/comm/index.php b/htdocs/comm/index.php index a57c7232885..167005cf2f4 100644 --- a/htdocs/comm/index.php +++ b/htdocs/comm/index.php @@ -60,19 +60,11 @@ if (isset($user->socid) && $user->socid > 0) { $socid = $user->socid; } +restrictedArea($user, 'societe', $socid, '&societe', '', 'fk_soc', 'rowid', 0); + $max = $conf->global->MAIN_SIZE_SHORTLIST_LIMIT; $now = dol_now(); -// Security check -$socid = GETPOST("socid", 'int'); -if ($user->socid > 0) { - $action = ''; - $id = $user->socid; -} else { - $id = 0; -} -restrictedArea($user, 'societe', $id, '&societe', '', 'fk_soc', 'rowid', 0); - $maxofloop = (empty($conf->global->MAIN_MAXLIST_OVERLOAD) ? 500 : $conf->global->MAIN_MAXLIST_OVERLOAD); From edb81d19553983b80869f36baad258fc4437485d Mon Sep 17 00:00:00 2001 From: Guenter Lukas Date: Sun, 5 Feb 2023 11:43:09 +0100 Subject: [PATCH 191/227] update --- htdocs/comm/action/peruser.php | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/htdocs/comm/action/peruser.php b/htdocs/comm/action/peruser.php index 87def7240f5..724a6a89a59 100644 --- a/htdocs/comm/action/peruser.php +++ b/htdocs/comm/action/peruser.php @@ -915,6 +915,11 @@ while ($currentdaytoshow < $lastdaytoshow) { if ($usergroup > 0) { $sql .= " AND ug.fk_usergroup = ".((int) $usergroup); } + if ($user->socid > 0) + { + // External users should see only contacts of their company + $sql .= " AND fk_soc=" . $socid; + } //print $sql; $resql = $db->query($sql); From d2a6d89fca58163b07fcbc2a15b90f04afd85415 Mon Sep 17 00:00:00 2001 From: stickler-ci Date: Sun, 5 Feb 2023 10:48:29 +0000 Subject: [PATCH 192/227] Fixing style errors. --- htdocs/comm/action/peruser.php | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/htdocs/comm/action/peruser.php b/htdocs/comm/action/peruser.php index 724a6a89a59..e0e6e9ff004 100644 --- a/htdocs/comm/action/peruser.php +++ b/htdocs/comm/action/peruser.php @@ -915,8 +915,7 @@ while ($currentdaytoshow < $lastdaytoshow) { if ($usergroup > 0) { $sql .= " AND ug.fk_usergroup = ".((int) $usergroup); } - if ($user->socid > 0) - { + if ($user->socid > 0) { // External users should see only contacts of their company $sql .= " AND fk_soc=" . $socid; } From 6c61b807786efbfc085c27837073c33dc55242f9 Mon Sep 17 00:00:00 2001 From: Philippe GRAND Date: Sun, 5 Feb 2023 14:57:36 +0100 Subject: [PATCH 193/227] fix : Warning: Trying to access array offset on value of type bool in /home/httpd/vhosts/aflac.fr/domains/dev.aflac.fr/httpdocs/includes/tcpdi/tcpdi_parser.php on line 1376 --- htdocs/includes/tcpdi/tcpdi_parser.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/htdocs/includes/tcpdi/tcpdi_parser.php b/htdocs/includes/tcpdi/tcpdi_parser.php index 13e9839f2b4..174c496d4f4 100644 --- a/htdocs/includes/tcpdi/tcpdi_parser.php +++ b/htdocs/includes/tcpdi/tcpdi_parser.php @@ -1365,7 +1365,7 @@ class tcpdi_parser { $obj = $this->getObjectVal($obj); if (isset ($obj[1][1]['/Rotate'])) { $res = $this->getObjectVal($obj[1][1]['/Rotate']); - if ($res[0] == PDF_TYPE_OBJECT) + if (isset($res[0]) && $res[0] == PDF_TYPE_OBJECT) return $res[1]; return $res; } else { @@ -1373,7 +1373,7 @@ class tcpdi_parser { return false; } else { $res = $this->_getPageRotation($obj[1][1]['/Parent']); - if ($res[0] == PDF_TYPE_OBJECT) + if (isset($res[0]) && $res[0] == PDF_TYPE_OBJECT) return $res[1]; return $res; } From d903008786951cb9302c7863a1e28b4570a567df Mon Sep 17 00:00:00 2001 From: Philippe GRAND Date: Sun, 5 Feb 2023 15:14:23 +0100 Subject: [PATCH 194/227] fix : Warning: Undefined variable in /home/httpd/vhosts/aflac.fr/domains/dev.aflac.fr/httpdocs/commande/card.php on line 688 --- htdocs/commande/card.php | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/htdocs/commande/card.php b/htdocs/commande/card.php index 0a69e485adf..8521e5be6fc 100644 --- a/htdocs/commande/card.php +++ b/htdocs/commande/card.php @@ -5,7 +5,7 @@ * Copyright (C) 2005-2015 Regis Houssin * Copyright (C) 2006 Andre Cianfarani * Copyright (C) 2010-2013 Juanjo Menent - * Copyright (C) 2011-2022 Philippe Grand + * Copyright (C) 2011-2023 Philippe Grand * Copyright (C) 2012-2013 Christophe Battarel * Copyright (C) 2012-2016 Marcos García * Copyright (C) 2012 Cedric Salvador @@ -660,6 +660,10 @@ if (empty($reshook)) { $price_ht_devise = ''; $price_ttc = ''; $price_ttc_devise = ''; + $pu_ht = ''; + $pu_ttc = ''; + $pu_ht_devise = ''; + $pu_ttc_devise = ''; if (GETPOST('price_ht') !== '') { $price_ht = price2num(GETPOST('price_ht'), 'MU', 2); From 7a1c9b468acd93f41826603b6ceabd6e8a249578 Mon Sep 17 00:00:00 2001 From: Philippe GRAND Date: Sun, 5 Feb 2023 17:04:13 +0100 Subject: [PATCH 195/227] fix : Warning: Undefined array key label in /home/httpd/vhosts/aflac.fr/domains/dev.aflac.fr/httpdocs/expedition/card.php on line 340 --- htdocs/expedition/card.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/expedition/card.php b/htdocs/expedition/card.php index 8c62cdc3914..a9fcea34440 100644 --- a/htdocs/expedition/card.php +++ b/htdocs/expedition/card.php @@ -337,7 +337,7 @@ if (empty($reshook)) { // Extrafields $array_options[$i] = $extrafields->getOptionalsFromPost($object->table_element_line, $i); // Unset extrafield - if (is_array($extrafields->attributes[$object->table_element_line]['label'])) { + if (isset($extrafields->attributes[$object->table_element_line]['label']) && is_array($extrafields->attributes[$object->table_element_line]['label'])) { // Get extra fields foreach ($extrafields->attributes[$object->table_element_line]['label'] as $key => $value) { unset($_POST["options_".$key]); From 0633ead0e6dde2f503780d27166c47e612d44436 Mon Sep 17 00:00:00 2001 From: Philippe GRAND Date: Sun, 5 Feb 2023 18:05:03 +0100 Subject: [PATCH 196/227] fix : Warning: Undefined array key delivery in /home/httpd/vhosts/aflac.fr/domains/dev.aflac.fr/httpdocs/core/lib/sendings.lib.php on line 53 --- htdocs/core/lib/sendings.lib.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/core/lib/sendings.lib.php b/htdocs/core/lib/sendings.lib.php index 6d9598a04ae..a2fbaeef92e 100644 --- a/htdocs/core/lib/sendings.lib.php +++ b/htdocs/core/lib/sendings.lib.php @@ -50,7 +50,7 @@ function shipping_prepare_head($object) if ($conf->delivery_note->enabled && $user->rights->expedition->delivery->lire) { // delivery link $object->fetchObjectLinked($object->id, $object->element); - if (is_array($object->linkedObjectsIds['delivery']) && count($object->linkedObjectsIds['delivery']) > 0) { // If there is a delivery + if (isset($object->linkedObjectsIds['delivery']) && is_array($object->linkedObjectsIds['delivery']) && count($object->linkedObjectsIds['delivery']) > 0) { // If there is a delivery // Take first one element of array $tmp = reset($object->linkedObjectsIds['delivery']); From d0e1e16567b61fe696968aa0de7f0e93df244803 Mon Sep 17 00:00:00 2001 From: John Veness Date: Sun, 5 Feb 2023 18:51:32 +0000 Subject: [PATCH 197/227] Improve English in DoliWamp installer --- build/exe/doliwamp/Languages/MyEnglish.isl | 44 +++++++++++----------- 1 file changed, 22 insertions(+), 22 deletions(-) diff --git a/build/exe/doliwamp/Languages/MyEnglish.isl b/build/exe/doliwamp/Languages/MyEnglish.isl index 7ad94c4ca86..9c91ae92e4a 100644 --- a/build/exe/doliwamp/Languages/MyEnglish.isl +++ b/build/exe/doliwamp/Languages/MyEnglish.isl @@ -11,38 +11,38 @@ LaunchProgram=Launch %1 AssocFileExtension=&Associate %1 with the %2 file extension AssocingFileExtension=Associating %1 with the %2 file extension... -YouWillInstallDoliWamp=You will install DoliWamp (so Dolibarr + all required third party software like Apache, Mysql and PHP) on your computer. -ThisAssistantInstallOrUpgrade=WARNING: Using an ERP CRM installed on a local computer can be dangerous: if your computer break down, you can lose all your data. Do this if you are ready to manage backup yourself seriously. If not, use an installation in Saas instead (see https://saas.dolibarr.org). -IfYouHaveTechnicalKnowledge=Moreover, if you have technical knowledges and want to manage your Apache, Mysql and PHP yourself, you should not use this assistant and make a manual installation of Dolibarr on your existing server with Apache, Mysql and PHP. -ButIfYouLook=But if you look for an automatic setup on your local computer, you''re on the good way... -DoYouWantToStart=Do you want to start installation process ? +YouWillInstallDoliWamp=You will install DoliWamp (so Dolibarr plus all required third-party software like Apache, MySQL and PHP) on your computer. +ThisAssistantInstallOrUpgrade=WARNING: Using an ERP CRM installed on a local computer can be dangerous: if your computer breaks down, you can lose all your data. Do this if you are ready to manage backups yourself seriously. If not, use an installation in SaaS instead (see https://saas.dolibarr.org). +IfYouHaveTechnicalKnowledge=Moreover, if you have technical knowledge and want to manage Apache, MySQL and PHP yourself, you should not use this assistant and instead make a manual installation of Dolibarr on your existing server with Apache, MySQL and PHP. +ButIfYouLook=But if you are looking for an automatic setup on your local computer, you're on the right path... +DoYouWantToStart=Do you want to start the installation process? TechnicalParameters=Technical parameters -IfFirstInstall=If first install, please specify some technical parameters. If you don't understand, are not sure, or are doing an upgrade, just leave the default values. +IfFirstInstall=If this is the first install, please specify some technical parameters. If you don't understand, are not sure, or are doing an upgrade, just keep the default values. ; WARNING !!! STRINGS HERE MUST BE LOWER THAN 60 CHARACTERS -SMTPServer=SMTP server (your own or ISP SMTP server, first install only) : -ApachePort=Apache port (first install only, common choice is 80) : -MySqlPort=MySql port (first install only, common choice is 3306) : -MySqlPassword=MySql server and database password you want for root (first install only): +SMTPServer=SMTP server (your own or ISP SMTP server, first install only): +ApachePort=Apache port (first install only, common choice is 80): +MySqlPort=MySQL port (first install only, common choice is 3306): +MySqlPassword=MySQL server and database password you want for root (first install only): -FailedToDeleteLock=Failed to delete the file %1/www/dolibarr/install.lock. You can ignore warning but you may have to remove it manually later when asked. Click OK to continue... +FailedToDeleteLock=Failed to delete the file %1/www/dolibarr/install.lock. You can ignore this warning but you may have to remove the file manually later when asked. Click OK to continue... -PortAlreadyInUse=Port %1 seems to be already in use. You should cancel to go back and choose another value for %2 port. Cancel choice and choose another value ? +PortAlreadyInUse=Port %1 seems to already be in use. You should cancel to go back and choose another value for %2 port. Cancel choice and choose another value? -FirefoxDetected=Firefox has been detected on your computer. Would you like to use it as the default browser for Dolibarr ? -ChromeDetected=Chrome has been detected on your computer. Would you like to use it as the default browser for Dolibarr ? -MicrosoftEdgeDetected=Microsoft Edge has been detected on your computer. Would you like to use it as the default browser for Dolibarr ? -ChooseDefaultBrowser=Please choose your default browser (iexplore.exe, firefox.exe, chrome.exe, MicrosoftEdge.exe...). If you are not sure, just click Open : +FirefoxDetected=Firefox has been detected on your computer. Would you like to use it as the default browser for Dolibarr? +ChromeDetected=Chrome has been detected on your computer. Would you like to use it as the default browser for Dolibarr? +MicrosoftEdgeDetected=Microsoft Edge has been detected on your computer. Would you like to use it as the default browser for Dolibarr? +ChooseDefaultBrowser=Please choose your default browser (iexplore.exe, firefox.exe, chrome.exe, MicrosoftEdge.exe...). If you are not sure, just click Open: LaunchNow=Launch Dolibarr now -ProgramHasBeenRemoved=Dolibarr program files have been removed. However, all your data files are still in directory %1. You must remove this directory manually for a complete uninstall. +ProgramHasBeenRemoved=Dolibarr's program files have been removed. However, all your data files are still in directory %1. You must remove this directory manually for a complete uninstall. -DoliWampWillStartApacheMysql=DoliWamp installer will now start or restart Apache and Mysql, this may last from several seconds to one minute after this confirmation. Start to install or upgrade the web and database server required by Dolibarr ? +DoliWampWillStartApacheMysql=DoliWamp installer will now start or restart Apache and MySQL. This may take from several seconds to one minute. Start to install or upgrade the web and database server required by Dolibarr? -OldVersionFoundAndMoveInNew=An old database version has been found and moved to be used by new Dolibarr version -OldVersionFoundButFailedToMoveInNew=An old database version has been found but could not be moved to be used with new Dolibarr version +OldVersionFoundAndMoveInNew=An old database version has been found and moved to be used by the new Dolibarr version +OldVersionFoundButFailedToMoveInNew=An old database version has been found but could not be moved to be used with the new Dolibarr version -DLLMissing=Your Windows installation is missing The "Micrsoft Visual C++ Redistributable for Visual Studio 2012" component. Please install the 32-bit version (vcredist_x86.exe) first (you can find it at https://www.microsoft.com/en-us/download/) and restart DoliWamp installation/upgrade after. -ContinueAnyway=Continue anyway (install process may fails without this prerequisite) +DLLMissing=Your Windows installation is missing the "Microsoft Visual C++ Redistributable for Visual Studio 2012" component. Please install the 32-bit version (vcredist_x86.exe) first (you can find it at https://www.microsoft.com/en-us/download/) and restart DoliWamp installation/upgrade after. +ContinueAnyway=Continue anyway (install process may fail without this prerequisite) From 090c04b904e8a8929dc64c08e91c6e8915bb4893 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Sun, 5 Feb 2023 20:16:58 +0100 Subject: [PATCH 198/227] Fix filter on contact category --- htdocs/contact/list.php | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/htdocs/contact/list.php b/htdocs/contact/list.php index 3e5103d319a..3843529a0fc 100644 --- a/htdocs/contact/list.php +++ b/htdocs/contact/list.php @@ -434,7 +434,6 @@ if ($search_priv != '0' && $search_priv != '1') { $sql .= " AND (p.priv='1' AND p.fk_user_creat=".((int) $user->id).")"; } } - $searchCategoryContactList = $search_categ ? array($search_categ) : array(); $searchCategoryContactOperator = 0; // Search for tag/category ($searchCategoryContactList is an array of ID) @@ -443,17 +442,17 @@ if (!empty($searchCategoryContactList)) { $listofcategoryid = ''; foreach ($searchCategoryContactList as $searchCategoryContact) { if (intval($searchCategoryContact) == -2) { - $searchCategoryContactSqlList[] = "NOT EXISTS (SELECT ck.fk_socpeople FROM ".MAIN_DB_PREFIX."categorie_contact as ck WHERE s.rowid = ck.fk_socpeople)"; + $searchCategoryContactSqlList[] = "NOT EXISTS (SELECT ck.fk_socpeople FROM ".MAIN_DB_PREFIX."categorie_contact as ck WHERE p.rowid = ck.fk_socpeople)"; } elseif (intval($searchCategoryContact) > 0) { if ($searchCategoryContactOperator == 0) { - $searchCategoryContactSqlList[] = " EXISTS (SELECT ck.fk_socpeople FROM ".MAIN_DB_PREFIX."categorie_contact as ck WHERE s.rowid = ck.fk_socpeople AND ck.fk_categorie = ".((int) $searchCategoryContact).")"; + $searchCategoryContactSqlList[] = " EXISTS (SELECT ck.fk_socpeople FROM ".MAIN_DB_PREFIX."categorie_contact as ck WHERE p.rowid = ck.fk_socpeople AND ck.fk_categorie = ".((int) $searchCategoryContact).")"; } else { $listofcategoryid .= ($listofcategoryid ? ', ' : '') .((int) $searchCategoryContact); } } } if ($listofcategoryid) { - $searchCategoryContactSqlList[] = " EXISTS (SELECT ck.fk_socpeople FROM ".MAIN_DB_PREFIX."categorie_contact as ck WHERE s.rowid = ck.fk_socpeople AND ck.fk_categorie IN (".$db->sanitize($listofcategoryid)."))"; + $searchCategoryContactSqlList[] = " EXISTS (SELECT ck.fk_socpeople FROM ".MAIN_DB_PREFIX."categorie_contact as ck WHERE p.rowid = ck.fk_socpeople AND ck.fk_categorie IN (".$db->sanitize($listofcategoryid)."))"; } if ($searchCategoryContactOperator == 1) { if (!empty($searchCategoryContactSqlList)) { From 89c5af14f4e08d5032100bf6e79151ace35ba3a6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20FRANCE?= Date: Sun, 5 Feb 2023 21:14:09 +0100 Subject: [PATCH 199/227] add extrafields count in salary(ies) admin --- htdocs/core/lib/salaries.lib.php | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/htdocs/core/lib/salaries.lib.php b/htdocs/core/lib/salaries.lib.php index 51ec880e31e..7909773260f 100644 --- a/htdocs/core/lib/salaries.lib.php +++ b/htdocs/core/lib/salaries.lib.php @@ -3,6 +3,7 @@ * Copyright (C) 2015 Charlie BENKE * Copyright (C) 2019 Alexandre Spangaro * Copyright (C) 2021 Gauthier VERDOL + * Copyright (C) 2023 Frédéric France * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -76,7 +77,10 @@ function salaries_prepare_head($object) */ function salaries_admin_prepare_head() { - global $langs, $conf, $user; + global $conf, $db, $langs, $user; + + $extrafields = new ExtraFields($db); + $extrafields->fetch_name_optionals_label('salary'); $h = 0; $head = array(); @@ -94,6 +98,10 @@ function salaries_admin_prepare_head() $head[$h][0] = DOL_URL_ROOT.'/salaries/admin/salaries_extrafields.php'; $head[$h][1] = $langs->trans("ExtraFieldsSalaries"); + $nbExtrafields = $extrafields->attributes['salary']['count']; + if ($nbExtrafields > 0) { + $head[$h][1] .= ''.$nbExtrafields.''; + } $head[$h][2] = 'attributes'; $h++; From 631168f56cf7009a5cdd0511802ab65e78763e69 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Sun, 5 Feb 2023 22:17:09 +0100 Subject: [PATCH 200/227] NEW Collapse/Expand separators supported in edit and create mode --- htdocs/core/class/commonobject.class.php | 20 ++++++++++++++++---- htdocs/core/class/extrafields.class.php | 24 +++++++++++++++--------- htdocs/core/lib/functions.lib.php | 12 +++++++----- htdocs/core/tpl/extrafields_edit.tpl.php | 6 +++++- htdocs/core/tpl/extrafields_view.tpl.php | 3 +++ 5 files changed, 46 insertions(+), 19 deletions(-) diff --git a/htdocs/core/class/commonobject.class.php b/htdocs/core/class/commonobject.class.php index 25f16cbbdb4..29643850e60 100644 --- a/htdocs/core/class/commonobject.class.php +++ b/htdocs/core/class/commonobject.class.php @@ -8066,10 +8066,16 @@ abstract class CommonObject $out .= "\n"; $nbofextrafieldsshown = 0; - $extrafields_collapse_num = ''; $e = 0; // var to manage the modulo (odd/even) + $lastseparatorkeyfound = ''; + $extrafields_collapse_num = ''; + $extrafields_collapse_num_old = ''; + $i = 0; + foreach ($extrafields->attributes[$this->table_element]['label'] as $key => $label) { + $i++; + // Show only the key field in params if (is_array($params) && array_key_exists('onlykey', $params) && $key != $params['onlykey']) { continue; @@ -8104,6 +8110,7 @@ abstract class CommonObject if (empty($perms)) { continue; } + // Load language if required if (!empty($extrafields->attributes[$this->table_element]['langfile'][$key])) { $langs->load($extrafields->attributes[$this->table_element]['langfile'][$key]); @@ -8165,14 +8172,19 @@ abstract class CommonObject $extrafield_collapse_display_value = intval($extrafield_param_list[0]); if ($extrafield_collapse_display_value == 1 || $extrafield_collapse_display_value == 2) { - $extrafields_collapse_num = $extrafields->attributes[$this->table_element]['pos'][$key]; + //$extrafields_collapse_num = $extrafields->attributes[$this->table_element]['pos'][$key]; + $extrafields_collapse_num = $key; } } } // if colspan=0 or 1, the second column is not extended, so the separator must be on 2 columns $out .= $extrafields->showSeparator($key, $this, ($colspan ? $colspan + 1 : 2), $display_type, $mode); + + $lastseparatorkeyfound = $key; } else { + $collapse_group = $extrafields_collapse_num.(!empty($this->id) ? '_'.$this->id : ''); + $class = (!empty($extrafields->attributes[$this->table_element]['hidden'][$key]) ? 'hideobject ' : ''); $csstyle = ''; if (is_array($params) && count($params) > 0) { @@ -8243,13 +8255,13 @@ abstract class CommonObject $helptoshow = $langs->trans($extrafields->attributes[$this->table_element]['help'][$key]); if ($display_type == 'card') { - $out .= ''; + $out .= ''; if (!empty($conf->global->MAIN_VIEW_LINE_NUMBER) && ($action == 'view' || $action == 'valid' || $action == 'editline' || $action == 'confirm_valid' || $action == 'confirm_cancel')) { $out .= ''; } $out .= ''; + $out .= '
'; $out .= '
table_element.'_extrafields_'.$key]) || GETPOST('ignorecollapsesetup', 'int')) ? (empty($_COOKIE['DOLCOLLAPSE_'.$object->table_element.'_extrafields_'.$key]) ? false : true) : ($extrafield_collapse_display_value == 2 ? false : true)); } + $disabledcookiewrite = 0; if ($mode == 'create') { - $extrafield_collapse_display_value = 0; + // On create mode, force separator group to not be collapsable + $extrafield_collapse_display_value = 1; + $expand_display = true; // We force group to be shown expanded + $disabledcookiewrite = 1; // We keep status of group unchanged into the cookie } $out = '<'.$tagtype.' id="trextrafieldseparator'.$key.(!empty($object->id)?'_'.$object->id:'').'" class="trextrafieldseparator trextrafieldseparator'.$key.(!empty($object->id)?'_'.$object->id:'').'">'; @@ -2004,19 +2008,21 @@ class ExtraFields // Set the collapse_display status to cookie in priority or if ignorecollapsesetup is 1, if cookie and ignorecollapsesetup not defined, use the setup. $this->expand_display[$collapse_group] = $expand_display; - if (!empty($conf->use_javascript_ajax) && $mode != 'create') { + if (!empty($conf->use_javascript_ajax)) { $out .= ''."\n"; $out .= '