From b798535af9ddf8c02049eef1267d23e9de78d33a Mon Sep 17 00:00:00 2001 From: atm-lena Date: Wed, 10 Mar 2021 14:15:03 +0100 Subject: [PATCH 01/18] FIX create sociales : keep values error form --- htdocs/compta/paiement_charge.php | 5 +++-- htdocs/compta/sociales/card.php | 12 ++++++------ 2 files changed, 9 insertions(+), 8 deletions(-) diff --git a/htdocs/compta/paiement_charge.php b/htdocs/compta/paiement_charge.php index 715a0851c65..7ed5baafcab 100644 --- a/htdocs/compta/paiement_charge.php +++ b/htdocs/compta/paiement_charge.php @@ -248,7 +248,7 @@ if ($action == 'create') print ''; print ''.$langs->trans("Comments").''; - print ''; + print ''; print ''; print ''; @@ -296,6 +296,7 @@ if ($action == 'create') print ''.price($objp->amount - $sumpaid).""; print ''; + if ($sumpaid < $objp->amount) { $namef = "amount_".$objp->id; @@ -304,7 +305,7 @@ if ($action == 'create') print img_picto("Auto fill", 'rightarrow', "class='AutoFillAmount' data-rowid='".$namef."' data-value='".($objp->amount - $sumpaid)."'"); $remaintopay = $objp->amount - $sumpaid; print ''; - print ''; + print ''; } else { diff --git a/htdocs/compta/sociales/card.php b/htdocs/compta/sociales/card.php index d2609fd4ff5..1b5bf72727f 100644 --- a/htdocs/compta/sociales/card.php +++ b/htdocs/compta/sociales/card.php @@ -45,7 +45,7 @@ $langs->loadLangs(array('compta', 'bills', 'banks')); $id = GETPOST('id', 'int'); $action = GETPOST('action', 'aZ09'); $confirm = GETPOST('confirm'); -$projectid = (GETPOST('projectid') ? GETPOST('projectid', 'int') : 0); +$fk_project = (GETPOST('fk_project') ? GETPOST('fk_project', 'int') : 0); $dateech = dol_mktime(GETPOST('echhour'), GETPOST('echmin'), GETPOST('echsec'), GETPOST('echmonth'), GETPOST('echday'), GETPOST('echyear')); $dateperiod = dol_mktime(GETPOST('periodhour'), GETPOST('periodmin'), GETPOST('periodsec'), GETPOST('periodmonth'), GETPOST('periodday'), GETPOST('periodyear')); @@ -91,7 +91,7 @@ if ($action == 'reopen' && $user->rights->tax->charges->creer) { if ($action == 'classin' && $user->rights->tax->charges->creer) { $object->fetch($id); - $object->setProject(GETPOST('projectid')); + $object->setProject(GETPOST('fk_project')); } if ($action == 'setlib' && $user->rights->tax->charges->creer) @@ -375,21 +375,21 @@ if ($action == 'create') print ''.$langs->trans("Project").''; - $numproject = $formproject->select_projects(-1, $projectid, 'fk_project', 0, 0, 1, 1); + $numproject = $formproject->select_projects(-1, $fk_project, 'fk_project', 0, 0, 1, 1); print ''; } // Payment Mode print ''.$langs->trans('PaymentMode').''; - $form->select_types_paiements($mode_reglement_id, 'mode_reglement_id'); + $form->select_types_paiements(GETPOST('mode_reglement_id', 'int'), 'mode_reglement_id'); print ''; // Bank Account if (!empty($conf->banque->enabled)) { print ''.$langs->trans('BankAccount').''; - $form->select_comptes($fk_account, 'fk_account', 0, '', 1); + $form->select_comptes(GETPOST('fk_account', 'int'), 'fk_account', 0, '', 1); print ''; } @@ -482,7 +482,7 @@ if ($id > 0) $morehtmlref .= '
'; $morehtmlref .= ''; $morehtmlref .= ''; - $morehtmlref .= $formproject->select_projects(0, $object->fk_project, 'projectid', $maxlength, 0, 1, 0, 1, 0, 0, '', 1); + $morehtmlref .= $formproject->select_projects(0, $object->fk_project, 'fk_project', $maxlength, 0, 1, 0, 1, 0, 0, '', 1); $morehtmlref .= ''; $morehtmlref .= '
'; } else { From c209d9b45ef3b9f0b8f13c570a54c9e777935aa1 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Wed, 10 Mar 2021 15:29:05 +0100 Subject: [PATCH 02/18] Update paiement_charge.php --- htdocs/compta/paiement_charge.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/compta/paiement_charge.php b/htdocs/compta/paiement_charge.php index 7ed5baafcab..aed2708e56c 100644 --- a/htdocs/compta/paiement_charge.php +++ b/htdocs/compta/paiement_charge.php @@ -305,7 +305,7 @@ if ($action == 'create') print img_picto("Auto fill", 'rightarrow', "class='AutoFillAmount' data-rowid='".$namef."' data-value='".($objp->amount - $sumpaid)."'"); $remaintopay = $objp->amount - $sumpaid; print ''; - print ''; + print ''; } else { From 3841005806af3b6e2a1703e46bd67a34578ed4ff Mon Sep 17 00:00:00 2001 From: Florian HENRY Date: Fri, 12 Mar 2021 10:41:21 +0100 Subject: [PATCH 03/18] fix message creted teicket trans no entities --- htdocs/public/ticket/create_ticket.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/public/ticket/create_ticket.php b/htdocs/public/ticket/create_ticket.php index 1c81faca1ad..c8decabb83a 100644 --- a/htdocs/public/ticket/create_ticket.php +++ b/htdocs/public/ticket/create_ticket.php @@ -307,7 +307,7 @@ if (empty($reshook) && $action == 'create_ticket' && GETPOST('add', 'alpha')) { //setEventMessages($langs->trans('YourTicketSuccessfullySaved'), null, 'mesgs'); // Make a redirect to avoid to have ticket submitted twice if we make back - setEventMessages($langs->trans('MesgInfosPublicTicketCreatedWithTrackId', ''.$object->track_id.'', ''.$object->ref.''), null, 'warnings'); + setEventMessages($langs->transnoentities('MesgInfosPublicTicketCreatedWithTrackId', ''.$object->track_id.'', ''.$object->ref.''), null, 'warnings'); setEventMessages($langs->trans('PleaseRememberThisId'), null, 'warnings'); header("Location: index.php"); exit; From 7a2e28497d3ff5010592ffb96885b76c43d528c4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20FRANCE?= Date: Fri, 12 Mar 2021 13:14:53 +0100 Subject: [PATCH 04/18] fix number is already used doesn't propose new code with elephant --- htdocs/core/modules/societe/mod_codeclient_elephant.php | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/htdocs/core/modules/societe/mod_codeclient_elephant.php b/htdocs/core/modules/societe/mod_codeclient_elephant.php index c7a2d600ede..b6113558822 100644 --- a/htdocs/core/modules/societe/mod_codeclient_elephant.php +++ b/htdocs/core/modules/societe/mod_codeclient_elephant.php @@ -303,6 +303,11 @@ class mod_codeclient_elephant extends ModeleThirdPartyCode { $this->error = $result; return -6; + } else { + $is_dispo = $this->verif_dispo($db, $code, $soc, $type); + if ($is_dispo <> 0) { + $result = -3; + } } } From 815a7683a252740629c5202868c40ee88525d492 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20FRANCE?= Date: Fri, 12 Mar 2021 16:48:43 +0100 Subject: [PATCH 05/18] force getnextref if project create fail --- htdocs/projet/card.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/projet/card.php b/htdocs/projet/card.php index 711d1b02935..db710e2715d 100644 --- a/htdocs/projet/card.php +++ b/htdocs/projet/card.php @@ -223,7 +223,7 @@ if (empty($reshook)) else { $db->rollback(); - + unset($_POST["ref"]); $action = 'create'; } } From 401c209a76ab9d018c69d55cc02b4354da48f621 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Sun, 14 Mar 2021 23:54:52 +0100 Subject: [PATCH 06/18] Prepare 13.0.2 --- ChangeLog | 45 +++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 45 insertions(+) diff --git a/ChangeLog b/ChangeLog index 6556db79da2..5eb26da852f 100644 --- a/ChangeLog +++ b/ChangeLog @@ -3,6 +3,51 @@ English Dolibarr ChangeLog -------------------------------------------------------------- +***** ChangeLog for 13.0.2 compared to 13.0.1 ***** + +FIX: 11.0 - $this->socid injected in query without checking for empty value +FIX: #16096 #16085 Any call of ajax pages must provide the token +FIX: #16296 +FIX: #16325 +FIX: #16341 : Fetch the Product ExtraFields in Shippment lines +FIX: #16366 +FIX: #16393 Do not sanitize +FIX: #16420 #16423 #16488 #16477 +FIX: #16431 +FIX: #16465 +FIX: #16480 +FIX: #16485 +FIX: #16487 +FIX: #16503 +FIX: #16530 +FIX: #16533 +FIX: Add "Now" link on social charges creation card +FIX: avoid undefined url and missing token +FIX: Bad project filter in ticket list +FIX: Buttons to disable bindings not working +FIX: class not found when creating recuring invoice from invoice+discount +FIX: File attachment on lots +FIX: handling $heightforinfotot when he's superior to a page height on Supplier Invoice +FIX: hourglass and hide button to pay +FIX: massaction validate invoice do not regenerate pdf +FIX: missing mp4 video mime +FIX: picto on shipment to reset qty to 0. Some quantities were not reset. +FIX: Protection to avoid #16504 +FIX: rounding amount on card updating +FIX: Rounding amount on social charges card updating +FIX: select list dependencies now work for ModuleBuilder sellist field +FIX: Status in popup of member in widget +FIX: status on tooltip on widgets +FIX: Timezone management for datetime on list of events +FIX: Timezone management for datetime with modulebuilder and extrafields +FIX: Total_ht not show in contract link element +FIX: use post instead get +FIX: use var "saved_url" instead global var "$url" +FIX: Various payment - Missing fields for check transmitter & bank name +FIX: warning if setup of chart of account is not yet done. +FIX: wrong extension + + ***** ChangeLog for 13.0.1 compared to 13.0.0 ***** FIX: 10.0 before crediting a withdrawal receipt, check whether it has been credited already. From 7bbcf4aa00007f0caffa0244b679c99d7d34f9bd Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 15 Mar 2021 11:21:14 +0100 Subject: [PATCH 07/18] FIX #16629 --- htdocs/public/ticket/create_ticket.php | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/htdocs/public/ticket/create_ticket.php b/htdocs/public/ticket/create_ticket.php index 1c81faca1ad..678d45f70ca 100644 --- a/htdocs/public/ticket/create_ticket.php +++ b/htdocs/public/ticket/create_ticket.php @@ -307,7 +307,9 @@ if (empty($reshook) && $action == 'create_ticket' && GETPOST('add', 'alpha')) { //setEventMessages($langs->trans('YourTicketSuccessfullySaved'), null, 'mesgs'); // Make a redirect to avoid to have ticket submitted twice if we make back - setEventMessages($langs->trans('MesgInfosPublicTicketCreatedWithTrackId', ''.$object->track_id.'', ''.$object->ref.''), null, 'warnings'); + $messagetoshow = $langs->trans('MesgInfosPublicTicketCreatedWithTrackId', '{s1}', '{s2}'); + $messagetoshow = str_replace(array('{s1}', '{s2}'), array(''.$object->track_id.'', ''.$object->ref.''), $messagetoshow); + setEventMessages($messagetoshow, null, 'warnings'); setEventMessages($langs->trans('PleaseRememberThisId'), null, 'warnings'); header("Location: index.php"); exit; From 614720fc0a898fbbdedbd013926b4f68362c86d1 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 15 Mar 2021 14:51:36 +0100 Subject: [PATCH 08/18] FIX #16671 Can not generate zip file of documents in backup tool --- htdocs/admin/tools/export_files.php | 3 ++- test/phpunit/FilesLibTest.php | 7 +++++++ 2 files changed, 9 insertions(+), 1 deletion(-) diff --git a/htdocs/admin/tools/export_files.php b/htdocs/admin/tools/export_files.php index 6e0b0508a07..5ec1d5d56f7 100644 --- a/htdocs/admin/tools/export_files.php +++ b/htdocs/admin/tools/export_files.php @@ -113,7 +113,8 @@ $utils = new Utils($db); if ($compression == 'zip') { $file .= '.zip'; - $ret = dol_compress_dir(DOL_DATA_ROOT, $outputdir."/".$file, $compression, '/(\.back|\.old|\.log|[\\\/]temp[\\\/]|documents[\\\/]admin[\\\/]documents[\\\/])/i'); + $excludefiles = '/(\.back|\.old|\.log|[\/\\\]temp[\/\\\]|documents[\/\\\]admin[\/\\\]documents[\/\\\])/i'; + $ret = dol_compress_dir(DOL_DATA_ROOT, $outputdir."/".$file, $compression, $excludefiles); if ($ret < 0) { if ($ret == -2) { diff --git a/test/phpunit/FilesLibTest.php b/test/phpunit/FilesLibTest.php index d80abac42fe..ef84b8db752 100644 --- a/test/phpunit/FilesLibTest.php +++ b/test/phpunit/FilesLibTest.php @@ -425,6 +425,13 @@ class FilesLibTest extends PHPUnit\Framework\TestCase $result=dol_uncompress($fileout, $dirout); print __METHOD__." result=".join(',', $result)."\n"; $this->assertEquals(0, count($result), "Pb with dol_uncompress_file of file ".$fileout); + + $excludefiles = '/(\.back|\.old|\.log|documents[\/\\\]admin[\/\\\]documents[\/\\\])/i'; + if (preg_match($excludefiles, 'a/temp/b')) { echo '----- Regex OK -----'."\n"; } + $result=dol_compress_dir($dirout, $conf->admin->dir_temp.'/testdir.zip', 'zip', $excludefiles); + print __METHOD__." result=".$result."\n"; + print join(', ', $conf->logbuffer); + $this->assertGreaterThanOrEqual(1, $result, "Pb with dol_compress_dir of ".$dirout." into ".$conf->admin->dir_temp.'/testdir.zip'); } /** From 8243ffc174603084237bf6f6ce4f395811e7d617 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 15 Mar 2021 14:53:40 +0100 Subject: [PATCH 09/18] Changelog --- ChangeLog | 2 ++ 1 file changed, 2 insertions(+) diff --git a/ChangeLog b/ChangeLog index 5eb26da852f..e685669f01d 100644 --- a/ChangeLog +++ b/ChangeLog @@ -21,6 +21,8 @@ FIX: #16487 FIX: #16503 FIX: #16530 FIX: #16533 +FIX: #16629 +FIX: #16671 Can not generate zip file of documents in backup tool FIX: Add "Now" link on social charges creation card FIX: avoid undefined url and missing token FIX: Bad project filter in ticket list From 631aad94e78bdf5e996e5b97a2d2c628aa9b3192 Mon Sep 17 00:00:00 2001 From: Florian Mortgat Date: Mon, 15 Mar 2021 15:05:01 +0100 Subject: [PATCH 10/18] FIX PHP version requirement in composer.json --- composer.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/composer.json b/composer.json index d26bbb05ad9..833bd2a633b 100644 --- a/composer.json +++ b/composer.json @@ -24,7 +24,7 @@ "vendor-dir" : "htdocs/includes" }, "require" : { - "php" : ">=5.5.0", + "php" : ">=5.6.0", "ext-curl" : "*", "ckeditor/ckeditor" : "4.12.1", "mike42/escpos-php" : "2.2", From 76cf3da449e16cefe5a1f9df567e8513bb0c6f78 Mon Sep 17 00:00:00 2001 From: Juanjo Menent Date: Mon, 15 Mar 2021 18:10:59 +0100 Subject: [PATCH 11/18] FIX: Cannot delete a batch material from item receipts --- htdocs/fourn/commande/dispatch.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/fourn/commande/dispatch.php b/htdocs/fourn/commande/dispatch.php index 6a42ad77aa3..13989286e33 100644 --- a/htdocs/fourn/commande/dispatch.php +++ b/htdocs/fourn/commande/dispatch.php @@ -411,7 +411,7 @@ if ($action == 'confirm_deleteline' && $confirm == 'yes' && $user->rights->fourn $product = $supplierorderdispatch->fk_product; $price = GETPOST('price'); $comment = $supplierorderdispatch->comment; - $eatby = $supplierorderdispatch->fk_product; + $eatby = $supplierorderdispatch->eatby; $sellby = $supplierorderdispatch->sellby; $batch = $supplierorderdispatch->batch; From 95ede60de22dd9f8de3aef5e8e92d438ab1d54f6 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Tue, 16 Mar 2021 14:46:00 +0100 Subject: [PATCH 12/18] Fix css --- htdocs/cron/list.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/cron/list.php b/htdocs/cron/list.php index fe81b57dbf5..ae7cbee0cf0 100644 --- a/htdocs/cron/list.php +++ b/htdocs/cron/list.php @@ -465,7 +465,7 @@ if ($num > 0) print $object->priority; print ''; - print ''; + print ''; if ($obj->jobtype == 'method') { $text = $langs->trans("CronClass"); From 971b97d78f1a41cc72ca55cb559935dc11b961fb Mon Sep 17 00:00:00 2001 From: Alexis LAURIER Date: Tue, 16 Mar 2021 14:58:51 +0100 Subject: [PATCH 13/18] correct nb_expedition count --- htdocs/commande/class/commande.class.php | 1 + 1 file changed, 1 insertion(+) diff --git a/htdocs/commande/class/commande.class.php b/htdocs/commande/class/commande.class.php index cc104261010..941d05f4ae6 100644 --- a/htdocs/commande/class/commande.class.php +++ b/htdocs/commande/class/commande.class.php @@ -2254,6 +2254,7 @@ class Commande extends CommonOrder $sql .= ' FROM '.MAIN_DB_PREFIX.'expedition as e'; $sql .= ', '.MAIN_DB_PREFIX.'element_element as el'; $sql .= ' WHERE el.fk_source = '.$this->id; + $sql .= " AND el.sourcetype = 'commande'"; $sql .= " AND el.fk_target = e.rowid"; $sql .= " AND el.targettype = 'shipping'"; From 26dc3ef1b0aacae520e86824e096a03073db205f Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Tue, 16 Mar 2021 18:56:10 +0100 Subject: [PATCH 14/18] FIX Filter on debit/credit Conflicts: htdocs/compta/bank/bankentries_list.php --- htdocs/compta/bank/bankentries_list.php | 16 ++++++++++------ 1 file changed, 10 insertions(+), 6 deletions(-) diff --git a/htdocs/compta/bank/bankentries_list.php b/htdocs/compta/bank/bankentries_list.php index 63021eb3b07..7abd2c6a2b7 100644 --- a/htdocs/compta/bank/bankentries_list.php +++ b/htdocs/compta/bank/bankentries_list.php @@ -515,13 +515,17 @@ if ($search_description) } $sql .= natural_search("b.label", $search_description_to_use); // Warning some text are just translation keys, not translated strings } -if ($search_bid > 0) $sql .= " AND b.rowid=l.lineid AND l.fk_categ=".$search_bid; -if (!empty($search_type)) $sql .= " AND b.fk_type = '".$db->escape($search_type)."' "; +if ($search_bid > 0) $sql .= " AND b.rowid=l.lineid AND l.fk_categ=".((int) $search_bid); +if (!empty($search_type)) $sql .= " AND b.fk_type = '".$db->escape($search_type)."'"; // Search criteria amount -$search_debit = price2num(str_replace('-', '', $search_debit)); -$search_credit = price2num(str_replace('-', '', $search_credit)); -if ($search_debit) $sql .= natural_search('- b.amount', $search_debit, 1); -if ($search_credit) $sql .= natural_search('b.amount', $search_credit, 1); +if ($search_debit) { + $sql .= natural_search('ABS(b.amount)', $search_debit, 1); + $sql .= ' AND b.amount <= 0'; +} +if ($search_credit) { + $sql .= natural_search('b.amount', $search_credit, 1); + $sql .= ' AND b.amount >= 0'; +} // Add where from extra fields include DOL_DOCUMENT_ROOT.'/core/tpl/extrafields_list_search_sql.tpl.php'; From e37e0399e5054d797d6d0fd02d444b10b12b4f25 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Thu, 18 Mar 2021 12:10:23 +0100 Subject: [PATCH 15/18] Fix bad message --- htdocs/opensurvey/results.php | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/htdocs/opensurvey/results.php b/htdocs/opensurvey/results.php index ea07900ba67..a6b192a4dba 100644 --- a/htdocs/opensurvey/results.php +++ b/htdocs/opensurvey/results.php @@ -596,7 +596,10 @@ if (GETPOST('ajoutsujet')) } if ($user->rights->opensurvey->write) { - print ''.$langs->trans("PollAdminDesc", img_picto('', 'delete'), $langs->trans("Add")).'
'; + print ''; + $s = $langs->trans("PollAdminDesc", '{s1}', $langs->trans("Add")); + print str_replace('{s1}', img_picto('', 'delete'), $s); + print '
'; } $nbcolonnes = substr_count($object->sujet, ',') + 1; From af340ec1335d5f419e989a482f8aa1488a4292c8 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Thu, 18 Mar 2021 12:18:38 +0100 Subject: [PATCH 16/18] Fix #yogosha5657 --- htdocs/opensurvey/exportcsv.php | 3 +++ 1 file changed, 3 insertions(+) diff --git a/htdocs/opensurvey/exportcsv.php b/htdocs/opensurvey/exportcsv.php index 6f9a699273b..fe814a44037 100644 --- a/htdocs/opensurvey/exportcsv.php +++ b/htdocs/opensurvey/exportcsv.php @@ -39,6 +39,9 @@ $object = new Opensurveysondage($db); $result = $object->fetch(0, $numsondage); if ($result <= 0) dol_print_error('', 'Failed to get survey id '.$numsondage); +// Security check +if (!$user->rights->opensurvey->read) accessforbidden(); + /* * Actions From 03941a59af74944ef99ca0cf041be8055a9719a8 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Thu, 18 Mar 2021 12:21:35 +0100 Subject: [PATCH 17/18] Clean code --- htdocs/opensurvey/card.php | 4 +++- htdocs/opensurvey/exportcsv.php | 4 +++- htdocs/opensurvey/fonctions.php | 1 - htdocs/opensurvey/index.php | 4 +++- htdocs/opensurvey/results.php | 6 +++--- 5 files changed, 12 insertions(+), 7 deletions(-) diff --git a/htdocs/opensurvey/card.php b/htdocs/opensurvey/card.php index ef583d08ff5..1a61773993f 100644 --- a/htdocs/opensurvey/card.php +++ b/htdocs/opensurvey/card.php @@ -32,7 +32,9 @@ require_once DOL_DOCUMENT_ROOT."/opensurvey/fonctions.php"; // Security check -if (!$user->rights->opensurvey->read) accessforbidden(); +if (empty($user->rights->opensurvey->read)) { + accessforbidden(); +} // Initialisation des variables $action = GETPOST('action', 'aZ09'); diff --git a/htdocs/opensurvey/exportcsv.php b/htdocs/opensurvey/exportcsv.php index fe814a44037..5abfd76f88e 100644 --- a/htdocs/opensurvey/exportcsv.php +++ b/htdocs/opensurvey/exportcsv.php @@ -40,7 +40,9 @@ $result = $object->fetch(0, $numsondage); if ($result <= 0) dol_print_error('', 'Failed to get survey id '.$numsondage); // Security check -if (!$user->rights->opensurvey->read) accessforbidden(); +if (empty($user->rights->opensurvey->read)) { + accessforbidden(); +} /* diff --git a/htdocs/opensurvey/fonctions.php b/htdocs/opensurvey/fonctions.php index 0ea701ebf0b..5832e57c46d 100644 --- a/htdocs/opensurvey/fonctions.php +++ b/htdocs/opensurvey/fonctions.php @@ -31,7 +31,6 @@ */ function opensurvey_prepare_head(Opensurveysondage $object) { - global $langs, $conf; $h = 0; diff --git a/htdocs/opensurvey/index.php b/htdocs/opensurvey/index.php index 50198e5202f..c8cc35a0c61 100644 --- a/htdocs/opensurvey/index.php +++ b/htdocs/opensurvey/index.php @@ -31,7 +31,9 @@ require_once DOL_DOCUMENT_ROOT."/core/lib/files.lib.php"; $langs->load("opensurvey"); // Security check -if (!$user->rights->opensurvey->read) accessforbidden(); +if (empty($user->rights->opensurvey->read)) { + accessforbidden(); +} $hookmanager = new HookManager($db); diff --git a/htdocs/opensurvey/results.php b/htdocs/opensurvey/results.php index a6b192a4dba..fe03c433738 100644 --- a/htdocs/opensurvey/results.php +++ b/htdocs/opensurvey/results.php @@ -29,10 +29,10 @@ require_once DOL_DOCUMENT_ROOT."/core/lib/files.lib.php"; require_once DOL_DOCUMENT_ROOT."/opensurvey/class/opensurveysondage.class.php"; require_once DOL_DOCUMENT_ROOT."/opensurvey/fonctions.php"; - // Security check -if (!$user->rights->opensurvey->read) accessforbidden(); - +if (empty($user->rights->opensurvey->read)) { + accessforbidden(); +} // Init vars $action = GETPOST('action', 'aZ09'); From df4a243f18434f395f813d2059fb94d15a01721a Mon Sep 17 00:00:00 2001 From: Florian HENRY Date: Thu, 18 Mar 2021 17:13:34 +0100 Subject: [PATCH 18/18] fix: PRODUIT_PDF_MERGE_PROPAL options do not work with new product feature --- htdocs/comm/propal/card.php | 1 + htdocs/core/modules/propale/doc/pdf_azur.modules.php | 4 ++-- htdocs/core/modules/propale/doc/pdf_cyan.modules.php | 4 ++-- 3 files changed, 5 insertions(+), 4 deletions(-) diff --git a/htdocs/comm/propal/card.php b/htdocs/comm/propal/card.php index 6779adc60c6..73ea01bc3f8 100644 --- a/htdocs/comm/propal/card.php +++ b/htdocs/comm/propal/card.php @@ -285,6 +285,7 @@ if (empty($reshook)) } elseif ($action == 'setecheance' && $usercancreate) { $result = $object->set_echeance($user, dol_mktime(12, 0, 0, $_POST['echmonth'], $_POST['echday'], $_POST['echyear'])); + $result = $object->generateDocument($model, $outputlangs, $hidedetails, $hidedesc, $hideref); if ($result < 0) dol_print_error($db, $object->error); } elseif ($action == 'setdate_livraison' && $usercancreate) diff --git a/htdocs/core/modules/propale/doc/pdf_azur.modules.php b/htdocs/core/modules/propale/doc/pdf_azur.modules.php index 0ad654e49d0..856828edc00 100644 --- a/htdocs/core/modules/propale/doc/pdf_azur.modules.php +++ b/htdocs/core/modules/propale/doc/pdf_azur.modules.php @@ -762,9 +762,9 @@ class pdf_azur extends ModelePDFPropales } } else { if (!empty($conf->product->enabled)) { - $filetomerge_dir = $conf->product->multidir_output[$entity_product_file].'/'.get_exdir(0, 0, 0, 0, $product, 'product').dol_sanitizeFileName($product->ref); + $filetomerge_dir = $conf->product->multidir_output[$entity_product_file].'/'.get_exdir(0, 0, 0, 0, $product, 'product'); } elseif (!empty($conf->service->enabled)) { - $filetomerge_dir = $conf->service->multidir_output[$entity_product_file].'/'.get_exdir(0, 0, 0, 0, $product, 'product').dol_sanitizeFileName($product->ref); + $filetomerge_dir = $conf->service->multidir_output[$entity_product_file].'/'.get_exdir(0, 0, 0, 0, $product, 'product'); } } diff --git a/htdocs/core/modules/propale/doc/pdf_cyan.modules.php b/htdocs/core/modules/propale/doc/pdf_cyan.modules.php index c4f11568456..c82fb592d82 100644 --- a/htdocs/core/modules/propale/doc/pdf_cyan.modules.php +++ b/htdocs/core/modules/propale/doc/pdf_cyan.modules.php @@ -907,9 +907,9 @@ class pdf_cyan extends ModelePDFPropales } } else { if (!empty($conf->product->enabled)) { - $filetomerge_dir = $conf->product->multidir_output[$entity_product_file].'/'.get_exdir(0, 0, 0, 0, $product, 'product').dol_sanitizeFileName($product->ref); + $filetomerge_dir = $conf->product->multidir_output[$entity_product_file].'/'.get_exdir(0, 0, 0, 0, $product, 'product'); } elseif (!empty($conf->service->enabled)) { - $filetomerge_dir = $conf->service->multidir_output[$entity_product_file].'/'.get_exdir(0, 0, 0, 0, $product, 'product').dol_sanitizeFileName($product->ref); + $filetomerge_dir = $conf->service->multidir_output[$entity_product_file].'/'.get_exdir(0, 0, 0, 0, $product, 'product'); } }