From 91885c9d6fee6c785f3de70a059d07b185669043 Mon Sep 17 00:00:00 2001
From: Alexis Algoud <alexis@atm-consulting.fr>
Date: Fri, 22 May 2015 17:22:57 +0200
Subject: [PATCH 1/7] FIX when multicompany was enabled, this function didn't
 check just on the good entity (problem when both company use same mask)

---
 htdocs/core/class/commonobject.class.php | 12 ++++++++----
 1 file changed, 8 insertions(+), 4 deletions(-)

diff --git a/htdocs/core/class/commonobject.class.php b/htdocs/core/class/commonobject.class.php
index e0bab998982..10e83d80595 100644
--- a/htdocs/core/class/commonobject.class.php
+++ b/htdocs/core/class/commonobject.class.php
@@ -65,13 +65,17 @@ abstract class CommonObject
      */
     static function isExistingObject($element, $id, $ref='', $ref_ext='')
     {
-    	global $db;
+    	global $db,$conf;
 
 		$sql = "SELECT rowid, ref, ref_ext";
 		$sql.= " FROM ".MAIN_DB_PREFIX.$element;
-		if ($id > 0) $sql.= " WHERE rowid = ".$db->escape($id);
-		else if ($ref) $sql.= " WHERE ref = '".$db->escape($ref)."'";
-		else if ($ref_ext) $sql.= " WHERE ref_ext = '".$db->escape($ref_ext)."'";
+		
+		if($conf->multicompany->enabled)$sql.= " WHERE entity=".$conf->entity; 
+		else $sql.=" WHERE 1 ";
+		
+		if ($id > 0) $sql.= " AND rowid = ".$db->escape($id);
+		else if ($ref) $sql.= " AND ref = '".$db->escape($ref)."'";
+		else if ($ref_ext) $sql.= " AND ref_ext = '".$db->escape($ref_ext)."'";
 		else {
 			$error='ErrorWrongParameters';
 			dol_print_error(get_class()."::isExistingObject ".$error, LOG_ERR);

From 44c46d68ed4a443962dbdbb8d8ad130f9ee31f82 Mon Sep 17 00:00:00 2001
From: Alexis ALGOUD <alexis@atm-consulting.fr>
Date: Sat, 23 May 2015 23:51:49 +0200
Subject: [PATCH 2/7] Remove the useless if

---
 htdocs/core/class/commonobject.class.php | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/htdocs/core/class/commonobject.class.php b/htdocs/core/class/commonobject.class.php
index 10e83d80595..73019b52eef 100644
--- a/htdocs/core/class/commonobject.class.php
+++ b/htdocs/core/class/commonobject.class.php
@@ -70,8 +70,7 @@ abstract class CommonObject
 		$sql = "SELECT rowid, ref, ref_ext";
 		$sql.= " FROM ".MAIN_DB_PREFIX.$element;
 		
-		if($conf->multicompany->enabled)$sql.= " WHERE entity=".$conf->entity; 
-		else $sql.=" WHERE 1 ";
+		$sql.= " WHERE entity=".$conf->entity; 
 		
 		if ($id > 0) $sql.= " AND rowid = ".$db->escape($id);
 		else if ($ref) $sql.= " AND ref = '".$db->escape($ref)."'";

From dd7febe2b984f0ab2c60d435279e3a0a6374a5c0 Mon Sep 17 00:00:00 2001
From: Alexis Algoud <alexis@atm-consulting.fr>
Date: Fri, 29 May 2015 15:10:59 +0200
Subject: [PATCH 3/7] replace test by getEntity()

---
 htdocs/core/class/commonobject.class.php | 4 +---
 1 file changed, 1 insertion(+), 3 deletions(-)

diff --git a/htdocs/core/class/commonobject.class.php b/htdocs/core/class/commonobject.class.php
index 10e83d80595..03d044a2ee6 100644
--- a/htdocs/core/class/commonobject.class.php
+++ b/htdocs/core/class/commonobject.class.php
@@ -69,9 +69,7 @@ abstract class CommonObject
 
 		$sql = "SELECT rowid, ref, ref_ext";
 		$sql.= " FROM ".MAIN_DB_PREFIX.$element;
-		
-		if($conf->multicompany->enabled)$sql.= " WHERE entity=".$conf->entity; 
-		else $sql.=" WHERE 1 ";
+		$sql.= " WHERE entity IN (".getEntity($element).")" ; 
 		
 		if ($id > 0) $sql.= " AND rowid = ".$db->escape($id);
 		else if ($ref) $sql.= " AND ref = '".$db->escape($ref)."'";

From 3f1613197e006e29163b4cdaa1e4c2519827e217 Mon Sep 17 00:00:00 2001
From: Florian HENRY <florian.henry@open-concept.pro>
Date: Tue, 2 Jun 2015 08:41:42 +0200
Subject: [PATCH 4/7] FIX : If supplier invoice block linked element is display
 after other block total HT amount is not reset to 0 and sum other block (like
 customer orders values)

---
 htdocs/fourn/facture/tpl/linkedobjectblock.tpl.php | 1 +
 1 file changed, 1 insertion(+)

diff --git a/htdocs/fourn/facture/tpl/linkedobjectblock.tpl.php b/htdocs/fourn/facture/tpl/linkedobjectblock.tpl.php
index c10fea8bb8a..2f66049143e 100644
--- a/htdocs/fourn/facture/tpl/linkedobjectblock.tpl.php
+++ b/htdocs/fourn/facture/tpl/linkedobjectblock.tpl.php
@@ -40,6 +40,7 @@ else print_titre($langs->trans("RelatedBill"));
 	<td align="right"><?php echo $langs->trans("Status"); ?></td>
 </tr>
 <?php
+$total=0;
 $var=true;
 foreach($linkedObjectBlock as $object)
 {

From fb29fa486afbbb92be7e5da3ba2b1dcdb84bb2e7 Mon Sep 17 00:00:00 2001
From: Florian HENRY <florian.henry@open-concept.pro>
Date: Tue, 2 Jun 2015 11:20:08 +0200
Subject: [PATCH 5/7] FIX : total amount in tpl linked object are not reset

---
 htdocs/expedition/tpl/linkedobjectblock.tpl.php     | 1 +
 htdocs/fourn/commande/tpl/linkedobjectblock.tpl.php | 1 +
 2 files changed, 2 insertions(+)

diff --git a/htdocs/expedition/tpl/linkedobjectblock.tpl.php b/htdocs/expedition/tpl/linkedobjectblock.tpl.php
index 364afb92177..a235944bff8 100644
--- a/htdocs/expedition/tpl/linkedobjectblock.tpl.php
+++ b/htdocs/expedition/tpl/linkedobjectblock.tpl.php
@@ -41,6 +41,7 @@ print_titre($langs->trans('RelatedShippings'));
 	<td align="right"><?php echo $langs->trans("Status"); ?></td>
 </tr>
 <?php
+$total=0;
 $var=true;
 foreach($linkedObjectBlock as $object)
 {
diff --git a/htdocs/fourn/commande/tpl/linkedobjectblock.tpl.php b/htdocs/fourn/commande/tpl/linkedobjectblock.tpl.php
index fc1942e0f61..6fbcf0fe5cf 100644
--- a/htdocs/fourn/commande/tpl/linkedobjectblock.tpl.php
+++ b/htdocs/fourn/commande/tpl/linkedobjectblock.tpl.php
@@ -39,6 +39,7 @@ print_titre($langs->trans('RelatedOrders'));
 	<td align="right"><?php echo $langs->trans("Status"); ?></td>
 </tr>
 <?php
+$total=0;
 $var=true;
 foreach($linkedObjectBlock as $object)
 {

From 195a1b2708655a2d62d00879c574e93d22d7bcdc Mon Sep 17 00:00:00 2001
From: jfefe <jf.ferry@aternatik.fr>
Date: Thu, 4 Jun 2015 18:10:29 +0200
Subject: [PATCH 6/7] FIX #2957 : missing $langs object for trigger

---
 htdocs/fourn/class/fournisseur.product.class.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/htdocs/fourn/class/fournisseur.product.class.php b/htdocs/fourn/class/fournisseur.product.class.php
index b642926f802..140bc3d4230 100644
--- a/htdocs/fourn/class/fournisseur.product.class.php
+++ b/htdocs/fourn/class/fournisseur.product.class.php
@@ -156,7 +156,7 @@ class ProductFournisseur extends Product
      */
     function update_buyprice($qty, $buyprice, $user, $price_base_type, $fourn, $availability, $ref_fourn, $tva_tx, $charges=0, $remise_percent=0, $remise=0, $newnpr=0)
     {
-        global $conf,$mysoc;
+        global $conf,$mysoc, $langs;
 
         // Clean parameter
         if (empty($qty)) $qty=0;

From f7493de50c4c16bf698f04b4d887a9f67442a1d7 Mon Sep 17 00:00:00 2001
From: Maxime Kohlhaas <maxime@atm-consulting.fr>
Date: Fri, 5 Jun 2015 13:42:29 +0200
Subject: [PATCH 7/7] Fix : supplier order clone was buggy if notes contains
 apostrophe

---
 htdocs/fourn/class/fournisseur.commande.class.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/htdocs/fourn/class/fournisseur.commande.class.php b/htdocs/fourn/class/fournisseur.commande.class.php
index 8e618ba0eee..b69818bbdb1 100644
--- a/htdocs/fourn/class/fournisseur.commande.class.php
+++ b/htdocs/fourn/class/fournisseur.commande.class.php
@@ -911,8 +911,8 @@ class CommandeFournisseur extends CommonOrder
         $sql.= " VALUES (";
         $sql.= "''";
         $sql.= ", '".$this->ref_supplier."'";
-        $sql.= ", '".$this->note_private."'";
-        $sql.= ", '".$this->note_public."'";
+        $sql.= ", '".$this->db->escape($this->note_private)."'";
+        $sql.= ", '".$this->db->escape($this->note_public)."'";
         $sql.= ", ".$conf->entity;
         $sql.= ", ".$this->socid;
         $sql.= ", '".$this->db->idate($now)."'";