diff --git a/ChangeLog b/ChangeLog index 48ba5daa562..f439186f5ca 100644 --- a/ChangeLog +++ b/ChangeLog @@ -2,27 +2,6 @@ English Dolibarr ChangeLog -------------------------------------------------------------- -***** ChangeLog for 13.0.4 compared to 13.0.2 ***** - -FIX: Allow disabling of a module (not a dangerous action) even if there is problem with token (due to bugged modules). -FIX: 13.0 - fatal - missing inclusion of ajax.lib.php for calling `ajax_autocompleter()` -FIX: #17919 pictures in docs. -FIX: #18006 -FIX: Accountancy - if we define a date start, automatic binding try to continue to solve old binding -FIX: Accoutancy Limit date payment not registered on purchases operations -FIX: Can't edit replacement invoice -FIX: deposit can create credit note in payment conf -FIX: division by zero on create -FIX: holiday: balances not updated correctly with pgsql because of case sensitivity field -FIX: holiday: status filter parameter has been renamed but not in links it was used -FIX: List and Create Companies Left Menus -FIX: method exists -FIX: need to add payment sum to getlibstatus function in object linked block -FIX: permission to close a proposal when using advanced permissions -FIX: Problem of z-index with popup and top menu -FIX: same thing on supplier orders -FIX: Status of invoice when making a replacement invoice -FIX: update contact birthday alert ***** ChangeLog for 14.0.0 compared to 13.0.0 ***** @@ -249,6 +228,29 @@ Following changes may create regressions for some external modules, but were nec * Removed constant MAIN_COUNTRIES_IN_EEC. You can now set if country is in Europe or not from the dictionary of countries. +***** ChangeLog for 13.0.4 compared to 13.0.3 ***** + +FIX: Allow disabling of a module (not a dangerous action) even if there is problem with token (due to bugged modules). +FIX: 13.0 - fatal - missing inclusion of ajax.lib.php for calling `ajax_autocompleter()` +FIX: #17919 pictures in docs. +FIX: #18006 +FIX: Accountancy - if we define a date start, automatic binding try to continue to solve old binding +FIX: Accoutancy Limit date payment not registered on purchases operations +FIX: Can't edit replacement invoice +FIX: deposit can create credit note in payment conf +FIX: division by zero on create +FIX: holiday: balances not updated correctly with pgsql because of case sensitivity field +FIX: holiday: status filter parameter has been renamed but not in links it was used +FIX: List and Create Companies Left Menus +FIX: method exists +FIX: need to add payment sum to getlibstatus function in object linked block +FIX: permission to close a proposal when using advanced permissions +FIX: Problem of z-index with popup and top menu +FIX: same thing on supplier orders +FIX: Status of invoice when making a replacement invoice +FIX: update contact birthday alert + + ***** ChangeLog for 13.0.3 compared to 13.0.2 ***** FIX: 13.0 warning - missing quotes around 'label' diff --git a/htdocs/comm/action/class/actioncomm.class.php b/htdocs/comm/action/class/actioncomm.class.php index 7fd294b89b2..c6c0d277edd 100644 --- a/htdocs/comm/action/class/actioncomm.class.php +++ b/htdocs/comm/action/class/actioncomm.class.php @@ -2340,7 +2340,7 @@ class ActionComm extends CommonObject $sendContent = make_substitutions($langs->trans($arraymessage->content), $substitutionarray); //Topic - $sendTopic = (!empty($arraymessage->topic)) ? $arraymessage->topic : html_entity_decode($langs->trans('EventReminder')); + $sendTopic = (!empty($arraymessage->topic)) ? $arraymessage->topic : html_entity_decode($langs->transnoentities('EventReminder')); // Recipient $recipient = new User($this->db); diff --git a/htdocs/comm/action/list.php b/htdocs/comm/action/list.php index e95cc3366c5..9c587a934e2 100644 --- a/htdocs/comm/action/list.php +++ b/htdocs/comm/action/list.php @@ -47,7 +47,7 @@ $massaction = GETPOST('massaction', 'alpha'); $contextpage = GETPOST('contextpage', 'aZ') ?GETPOST('contextpage', 'aZ') : 'actioncommlist'; // To manage different context of search $resourceid = GETPOST("search_resourceid", "int") ?GETPOST("search_resourceid", "int") : GETPOST("resourceid", "int"); $pid = GETPOST("search_projectid", 'int', 3) ?GETPOST("search_projectid", 'int', 3) : GETPOST("projectid", 'int', 3); -$search_status = (GETPOST("search_status", 'alpha') != '') ?GETPOST("search_status", 'alpha') : GETPOST("status", 'alpha'); +$search_status = (GETPOST("search_status", 'aZ09') != '') ? GETPOST("search_status", 'aZ09') : GETPOST("status", 'aZ09'); $type = GETPOST('search_type', 'alphanohtml') ?GETPOST('search_type', 'alphanohtml') : GETPOST('type', 'alphanohtml'); $optioncss = GETPOST('optioncss', 'alpha'); $year = GETPOST("year", 'int'); diff --git a/htdocs/contrat/card.php b/htdocs/contrat/card.php index 32edf9a1558..d5187c6a040 100644 --- a/htdocs/contrat/card.php +++ b/htdocs/contrat/card.php @@ -1003,7 +1003,7 @@ if ($action == 'create') { $soc->fetch($socid); } - if (GETPOST('origin') && GETPOST('originid')) { + if (GETPOST('origin') && GETPOST('originid', 'int')) { // Parse element/subelement (ex: project_task) $regs = array(); $element = $subelement = GETPOST('origin'); @@ -1013,7 +1013,7 @@ if ($action == 'create') { } if ($element == 'project') { - $projectid = GETPOST('originid'); + $projectid = GETPOST('originid', 'int'); } else { // For compatibility if ($element == 'order' || $element == 'commande') { @@ -1094,7 +1094,8 @@ if ($action == 'create') { print ''; } else { print ''; - print $form->select_company('', 'socid', '', 'SelectThirdParty', 1, 0, null, 0, 'minwidth300'); + print img_picto('', 'company', 'class="pictofixedwidth"'); + print $form->select_company('', 'socid', '', 'SelectThirdParty', 1, 0, null, 0, 'minwidth300 widthcentpercentminusxx maxwidth500'); print ' '; print ''; } @@ -1121,11 +1122,13 @@ if ($action == 'create') { // Commercial suivi print ''.$langs->trans("TypeContact_contrat_internal_SALESREPFOLL").''; + print img_picto('', 'user', 'class="pictofixedwidth"'); print $form->select_dolusers(GETPOST("commercial_suivi_id") ?GETPOST("commercial_suivi_id") : $user->id, 'commercial_suivi_id', 1, ''); print ''; // Commercial signature print ''.$langs->trans("TypeContact_contrat_internal_SALESREPSIGN").''; + print img_picto('', 'user', 'class="pictofixedwidth"'); print $form->select_dolusers(GETPOST("commercial_signature_id") ?GETPOST("commercial_signature_id") : $user->id, 'commercial_signature_id', 1, ''); print ''; @@ -1686,7 +1689,7 @@ if ($action == 'create') { $colspan++; } - // Ligne dates prevues + // Line dates planed print ''; print ''; print $langs->trans("DateStartPlanned").' '; @@ -1786,7 +1789,7 @@ if ($action == 'create') { print ''; print ''; - print ''; + print ''; print ''; $texte .= ''; - $texte .= ''; + $texte .= ''; $texte .= ''; diff --git a/htdocs/core/modules/product/modules_product.class.php b/htdocs/core/modules/product/modules_product.class.php index e0141348568..fef12717e3b 100644 --- a/htdocs/core/modules/product/modules_product.class.php +++ b/htdocs/core/modules/product/modules_product.class.php @@ -193,7 +193,8 @@ abstract class ModeleProductCode { global $conf; - $langs->load("admin"); + $langs->loadLangs(array("admin", "companies")); + $strikestart = ''; $strikeend = ''; if (!empty($conf->global->MAIN_COMPANY_CODE_ALWAYS_REQUIRED) && !empty($this->code_null)) { diff --git a/htdocs/core/modules/societe/modules_societe.class.php b/htdocs/core/modules/societe/modules_societe.class.php index 28d0120da72..09f6cb9c29d 100644 --- a/htdocs/core/modules/societe/modules_societe.class.php +++ b/htdocs/core/modules/societe/modules_societe.class.php @@ -198,7 +198,8 @@ abstract class ModeleThirdPartyCode { global $conf; - $langs->load("admin"); + $langs->loadLangs(array("admin", "companies")); + $strikestart = ''; $strikeend = ''; if (!empty($conf->global->MAIN_COMPANY_CODE_ALWAYS_REQUIRED) && !empty($this->code_null)) { diff --git a/htdocs/core/triggers/interface_50_modAgenda_ActionsAuto.class.php b/htdocs/core/triggers/interface_50_modAgenda_ActionsAuto.class.php index 8e23c258d88..fcc51c21df9 100644 --- a/htdocs/core/triggers/interface_50_modAgenda_ActionsAuto.class.php +++ b/htdocs/core/triggers/interface_50_modAgenda_ActionsAuto.class.php @@ -566,6 +566,11 @@ class InterfaceActionsAuto extends DolibarrTriggers } $object->actionmsg = $langs->transnoentities("SupplierOrderSubmitedInDolibarr", ($object->newref ? $object->newref : $object->ref)); + if (!empty($object->context['comments'])) { + $object->actionmsg .= '
'; + $object->actionmsg .= $langs->trans("Comment") . ': '.$object->context['comments']; + } + $object->sendtoid = 0; } elseif ($action == 'ORDER_SUPPLIER_RECEIVE') { // Load translation files required by the page diff --git a/htdocs/fourn/commande/card.php b/htdocs/fourn/commande/card.php index cc0f67e4b4e..14bb64164e6 100644 --- a/htdocs/fourn/commande/card.php +++ b/htdocs/fourn/commande/card.php @@ -983,7 +983,9 @@ if (empty($reshook)) { if ($action == 'commande') { $methodecommande = GETPOST('methodecommande', 'int'); - if ($methodecommande <= 0) { + if ($cancel) { + $action = ''; + } elseif ($methodecommande <= 0) { setEventMessages($langs->trans("ErrorFieldRequired", $langs->transnoentities("OrderMode")), null, 'errors'); $action = 'makeorder'; } @@ -1059,32 +1061,36 @@ if (empty($reshook)) { // Set status of reception (complete, partial, ...) if ($action == 'livraison' && $usercanreceived) { - $db->begin(); + if ($cancel) { + $action = ''; + } else { + $db->begin(); - if (GETPOST("type") != '') { - $date_liv = dol_mktime(GETPOST('rehour'), GETPOST('remin'), GETPOST('resec'), GETPOST("remonth"), GETPOST("reday"), GETPOST("reyear")); + if (GETPOST("type") != '') { + $date_liv = dol_mktime(GETPOST('rehour'), GETPOST('remin'), GETPOST('resec'), GETPOST("remonth"), GETPOST("reday"), GETPOST("reyear")); - $result = $object->Livraison($user, $date_liv, GETPOST("type"), GETPOST("comment")); // GETPOST("type") is 'tot', 'par', 'nev', 'can' - if ($result > 0) { - $langs->load("deliveries"); - setEventMessages($langs->trans("DeliveryStateSaved"), null); - $action = ''; - } elseif ($result == -3) { - $error++; - setEventMessages($object->error, $object->errors, 'errors'); + $result = $object->Livraison($user, $date_liv, GETPOST("type"), GETPOST("comment")); // GETPOST("type") is 'tot', 'par', 'nev', 'can' + if ($result > 0) { + $langs->load("deliveries"); + setEventMessages($langs->trans("DeliveryStateSaved"), null); + $action = ''; + } elseif ($result == -3) { + $error++; + setEventMessages($object->error, $object->errors, 'errors'); + } else { + $error++; + setEventMessages($object->error, $object->errors, 'errors'); + } } else { $error++; - setEventMessages($object->error, $object->errors, 'errors'); + setEventMessages($langs->trans("ErrorFieldRequired", $langs->transnoentities("Delivery")), null, 'errors'); } - } else { - $error++; - setEventMessages($langs->trans("ErrorFieldRequired", $langs->transnoentities("Delivery")), null, 'errors'); - } - if (!$error) { - $db->commit(); - } else { - $db->rollback(); + if (!$error) { + $db->commit(); + } else { + $db->rollback(); + } } } @@ -2640,7 +2646,11 @@ if ($action == 'create') { print ''; print ''; - print ''; + print ''; print "
'.$langs->trans("ServiceStatus").': '.$object->lines[$cursorline - 1]->getLibStatut(4).''.$langs->trans("ServiceStatus").': '.$object->lines[$cursorline - 1]->getLibStatut(4).''; if ($user->socid == 0) { if ($object->statut > 0 && $action != 'activateline' && $action != 'unactivateline') { diff --git a/htdocs/core/actions_dellink.inc.php b/htdocs/core/actions_dellink.inc.php index a7ac035506f..fbecacce515 100644 --- a/htdocs/core/actions_dellink.inc.php +++ b/htdocs/core/actions_dellink.inc.php @@ -27,17 +27,42 @@ // $permissiondellink must be defined $dellinkid = GETPOST('dellinkid', 'int'); +$addlink = GETPOST('addlink', 'alpha'); $addlinkid = GETPOST('idtolinkto', 'int'); +$addlinkref = GETPOST('reftolinkto', 'alpha'); +$cancellink = GETPOST('cancel', 'alpha'); // Link invoice to order -if ($action == 'addlink' && !empty($permissiondellink) && !GETPOST('cancel', 'alpha') && $id > 0 && $addlinkid > 0) { +if ($action == 'addlink' && !empty($permissiondellink) && !$cancellink && $id > 0 && $addlinkid > 0) { $object->fetch($id); $object->fetch_thirdparty(); - $result = $object->add_object_linked(GETPOST('addlink', 'alpha'), $addlinkid); + $result = $object->add_object_linked($addlink, $addlinkid); +} + +// Link by reference +if ($action == 'addlinkbyref' && ! empty($permissiondellink) && !$cancellink && $id > 0 && !empty($addlinkref) && !empty($conf->global->MAIN_LINK_BY_REF_IN_LINKTO)) { + $element_prop = getElementProperties($addlink); + if (is_array($element_prop)) { + dol_include_once('/' . $element_prop['classpath'] . '/' . $element_prop['classfile'] . '.class.php'); + + $objecttmp = new $element_prop['classname']($db); + $ret = $objecttmp->fetch(0, $addlinkref); + if ($ret > 0) { + $object->fetch($id); + $object->fetch_thirdparty(); + $result = $object->add_object_linked($addlink, $objecttmp->id); + if (isset($_POST['reftolinkto'])) unset($_POST['reftolinkto']); + } elseif ($ret < 0) { + setEventMessages($objecttmp->error, $objecttmp->errors, 'errors'); + } else { + $langs->load('errors'); + setEventMessage($langs->trans('ErrorRecordNotFound'), 'errors'); + } + } } // Delete link -if ($action == 'dellink' && !empty($permissiondellink) && !GETPOST('cancel', 'alpha') && $dellinkid > 0) { +if ($action == 'dellink' && !empty($permissiondellink) && !$cancellink && $dellinkid > 0) { $result = $object->deleteObjectLinked(0, '', 0, '', $dellinkid); if ($result < 0) { setEventMessages($object->error, $object->errors, 'errors'); diff --git a/htdocs/core/class/dolreceiptprinter.class.php b/htdocs/core/class/dolreceiptprinter.class.php index 45c87401416..a3ddb3d7c7f 100644 --- a/htdocs/core/class/dolreceiptprinter.class.php +++ b/htdocs/core/class/dolreceiptprinter.class.php @@ -680,9 +680,7 @@ class dolReceiptPrinter extends Printer foreach ($object->lines as $line) { $total_localtax1 += $line->total_localtax1; } - foreach ($vatarray as $vatkey => $vatvalue) { - $this->printer->text(str_pad(price($total_localtax1), 10, ' ', STR_PAD_LEFT)."\n"); - } + $this->printer->text(str_pad(price($total_localtax1), 10, ' ', STR_PAD_LEFT)."\n"); break; case 'DOL_PRINT_OBJECT_TAX2': //var_dump($object); @@ -690,9 +688,7 @@ class dolReceiptPrinter extends Printer foreach ($object->lines as $line) { $total_localtax2 += $line->total_localtax2; } - foreach ($vatarray as $vatkey => $vatvalue) { - $this->printer->text(str_pad(price($total_localtax2), 10, ' ', STR_PAD_LEFT)."\n"); - } + $this->printer->text(str_pad(price($total_localtax2), 10, ' ', STR_PAD_LEFT)."\n"); break; case 'DOL_PRINT_OBJECT_TOTAL': $title = $langs->trans('TotalHT'); diff --git a/htdocs/core/class/html.form.class.php b/htdocs/core/class/html.form.class.php index 178404da973..a6280a7c9f5 100644 --- a/htdocs/core/class/html.form.class.php +++ b/htdocs/core/class/html.form.class.php @@ -1332,7 +1332,7 @@ class Form } // We search companies - $sql = "SELECT s.rowid, s.nom as name, s.name_alias, s.client, s.fournisseur, s.code_client, s.code_fournisseur"; + $sql = "SELECT s.rowid, s.nom as name, s.name_alias, s.tva_intra, s.client, s.fournisseur, s.code_client, s.code_fournisseur"; if (!empty($conf->global->COMPANY_SHOW_ADDRESS_SELECTLIST)) { $sql .= ", s.address, s.zip, s.town"; $sql .= ", dictp.code as country_code"; @@ -1384,6 +1384,7 @@ class Form $sql .= " OR s.barcode LIKE '".$this->db->escape($prefix.$filterkey)."%'"; } $sql .= " OR s.code_client LIKE '".$this->db->escape($prefix.$filterkey)."%' OR s.code_fournisseur LIKE '".$this->db->escape($prefix.$filterkey)."%'"; + $sql .= " OR s.name_alias LIKE '".$this->db->escape($prefix.$filterkey)."%' OR s.tva_intra LIKE '".$this->db->escape($prefix.$filterkey)."%'"; $sql .= ")"; } $sql .= $this->db->order("nom", "ASC"); @@ -7970,6 +7971,21 @@ class Form if (!empty($possiblelink['perms']) && (empty($restrictlinksto) || in_array($key, $restrictlinksto)) && (empty($excludelinksto) || !in_array($key, $excludelinksto))) { print '
use_javascript_ajax) ? '' : ' style="display:none"').'>'; + + if (!empty($conf->global->MAIN_LINK_BY_REF_IN_LINKTO)) { + print '
'; + print ''; + print ''; + print ''; + print ''; + print ''; + print ''; + print ''; + print ''; + print '
' . $langs->trans("Ref") . '  
'; + print '
'; + } + $sql = $possiblelink['sql']; $resqllist = $this->db->query($sql); @@ -8027,7 +8043,7 @@ class Form print '
'; //$linktoelem.=($linktoelem?'   ':''); - if ($num > 0) { + if ($num > 0 || !empty($conf->global->MAIN_LINK_BY_REF_IN_LINKTO)) { $linktoelemlist .= '
  • '.$langs->trans($possiblelink['label']).' ('.$num.')
    • '; // } else $linktoelem.=$langs->trans($possiblelink['label']); } else { diff --git a/htdocs/core/class/html.formactions.class.php b/htdocs/core/class/html.formactions.class.php index 992efb79bbf..09c94485d11 100644 --- a/htdocs/core/class/html.formactions.class.php +++ b/htdocs/core/class/html.formactions.class.php @@ -97,7 +97,7 @@ class FormActions function select_status() { var defaultvalue = $('#select' + htmlname).val(); var percentage = $('input[name=percentage]'); - var selected = '".(isset($selected) ? $selected : '')."'; + var selected = '".(isset($selected) ? dol_escape_js($selected) : '')."'; var value = (selected>0?selected:(defaultvalue>=0?defaultvalue:'')); percentage.val(value); diff --git a/htdocs/core/js/lib_notification.js.php b/htdocs/core/js/lib_notification.js.php index 616463b944d..ee41555119a 100644 --- a/htdocs/core/js/lib_notification.js.php +++ b/htdocs/core/js/lib_notification.js.php @@ -131,8 +131,8 @@ function check_events() { if (value.type == 'agenda') { - url = '' + value.id_agenda; - title = 'trans('EventReminder')) ?>'; + url = '' + value.id_agenda; + title = 'transnoentities('EventReminder')) ?>'; } var extra = { icon: '', diff --git a/htdocs/core/js/timesheet.js b/htdocs/core/js/timesheet.js index 0c8c9ff3245..e9e66787aa0 100644 --- a/htdocs/core/js/timesheet.js +++ b/htdocs/core/js/timesheet.js @@ -1,5 +1,6 @@ /* Copyright (C) 2014 delcroip * Copyright (C) 2015-2017 Laurent Destailleur + * Copyright (C) 2021 Josep LluĂ­s Amador * * This program is free software: you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -257,7 +258,7 @@ function updateTotal(days,mode) result=parseTime(jQuery('.totalDay'+stringdays).text(),taskTime); if (result >= 0) { - totalhour = totalhour + taskTime.getHours(); + totalhour = totalhour + taskTime.getHours() + result*24; totalmin = totalmin + taskTime.getMinutes(); } } diff --git a/htdocs/core/lib/agenda.lib.php b/htdocs/core/lib/agenda.lib.php index ae96f59d407..9796c49cf59 100644 --- a/htdocs/core/lib/agenda.lib.php +++ b/htdocs/core/lib/agenda.lib.php @@ -61,13 +61,13 @@ function print_actions_filter($form, $canedit, $status, $year, $month, $day, $sh // Filters //print '
    '; print ''; - print ''; - print ''; - print ''; + print ''; + print ''; + print ''; if ($massaction != 'predelete' && $massaction != 'preaffecttag') { // When $massaction == 'predelete', action may be already output to 'delete' by the mass action system. print ''; } - print ''; + print ''; if ($canedit) { print '
    '; diff --git a/htdocs/core/lib/company.lib.php b/htdocs/core/lib/company.lib.php index cb710c19875..7d261f2d5ab 100644 --- a/htdocs/core/lib/company.lib.php +++ b/htdocs/core/lib/company.lib.php @@ -1948,7 +1948,9 @@ function show_subsidiaries($conf, $langs, $db, $object) $socstatic = new Societe($db); print load_fiche_titre($langs->trans("Subsidiaries"), '', ''); - print "\n".''."\n"; + + print "\n".'
    '."\n"; + print '
    '."\n"; print ''; print ''; @@ -1976,17 +1978,17 @@ function show_subsidiaries($conf, $langs, $db, $object) print ''; - print ''; - print ''; - print ''; - print ''; - print ''; + print ''; + print ''; + print ''; + print ''; print ''; @@ -1994,6 +1996,7 @@ function show_subsidiaries($conf, $langs, $db, $object) $i++; } print "\n
    '.$langs->trans("Company").''.$langs->trans("Address").''.$langs->trans("Zip").'
    '; + print ''; print $socstatic->getNomUrl(1); print ''.$obj->address.''.$obj->zip.''.$obj->town.''.$obj->code_client.''.dol_escape_htmltag($obj->address).''.$obj->zip.''.$obj->town.''.$obj->code_client.''; - print ''; + print ''; print img_edit(); print '
    \n"; + print '
    '."\n"; } print "
    \n"; diff --git a/htdocs/core/lib/functions.lib.php b/htdocs/core/lib/functions.lib.php index a8879ad64f5..a6c62ba2a47 100644 --- a/htdocs/core/lib/functions.lib.php +++ b/htdocs/core/lib/functions.lib.php @@ -10204,7 +10204,7 @@ function newToken() */ function currentToken() { - return $_SESSION['token']; + return isset($_SESSION['token']) ? $_SESSION['token'] : ''; } /** diff --git a/htdocs/core/modules/barcode/modules_barcode.class.php b/htdocs/core/modules/barcode/modules_barcode.class.php index 99fc8ed366d..01a00405452 100644 --- a/htdocs/core/modules/barcode/modules_barcode.class.php +++ b/htdocs/core/modules/barcode/modules_barcode.class.php @@ -138,7 +138,7 @@ abstract class ModeleNumRefBarCode { global $conf; - $langs->load("admin"); + $langs->loadLangs(array("admin", "companies")); $s = ''; $s .= $langs->trans("Name").': '.$this->name.'
    '; diff --git a/htdocs/core/modules/product/mod_codeproduct_elephant.php b/htdocs/core/modules/product/mod_codeproduct_elephant.php index 5936476e079..0b03bd9b6a4 100644 --- a/htdocs/core/modules/product/mod_codeproduct_elephant.php +++ b/htdocs/core/modules/product/mod_codeproduct_elephant.php @@ -118,7 +118,7 @@ class mod_codeproduct_elephant extends ModeleProductCode $texte .= '
    '.$langs->trans("Mask").' ('.$langs->trans("ProductCodeModel").'):'.$form->textwithpicto('', $tooltip, 1, 1).'   
    '.$langs->trans("Comment").'
    '; + print ''; + print '     '; + print ''; + print '
    \n"; print "\n"; print "
    "; diff --git a/htdocs/holiday/class/holiday.class.php b/htdocs/holiday/class/holiday.class.php index 527c0353486..b272d7b45fb 100644 --- a/htdocs/holiday/class/holiday.class.php +++ b/htdocs/holiday/class/holiday.class.php @@ -1296,11 +1296,11 @@ class Holiday extends CommonObject * * @param int $selected Id of preselected status * @param string $htmlname Name of HTML select field + * @param string $morecss More CSS on select component * @return string Show select of status */ - public function selectStatutCP($selected = '', $htmlname = 'select_statut') + public function selectStatutCP($selected = '', $htmlname = 'select_statut', $morecss = 'minwidth125') { - global $langs; // Liste des statuts @@ -1308,7 +1308,7 @@ class Holiday extends CommonObject $nb = count($name) + 1; // Select HTML - $out = ''."\n"; $out .= ''."\n"; // Boucle des statuts diff --git a/htdocs/holiday/list.php b/htdocs/holiday/list.php index ab57a497e8e..e7a09abea6e 100644 --- a/htdocs/holiday/list.php +++ b/htdocs/holiday/list.php @@ -636,7 +636,7 @@ if ($resql) { // Create date if (!empty($arrayfields['cp.date_create']['checked'])) { - print ''; + print ''; print ''; $formother->select_year($search_year_create, 'search_year_create', 1, $min_year, 0); print ''; @@ -644,7 +644,7 @@ if ($resql) { // Create date if (!empty($arrayfields['cp.tms']['checked'])) { - print ''; + print ''; print ''; $formother->select_year($search_year_update, 'search_year_update', 1, $min_year, 0); print ''; @@ -652,8 +652,8 @@ if ($resql) { // Status if (!empty($arrayfields['cp.statut']['checked'])) { - print ''; - $object->selectStatutCP($search_status, 'search_status'); + print ''; + $object->selectStatutCP($search_status, 'search_status', 'minwidth125'); print ''; } @@ -781,7 +781,7 @@ if ($resql) { } } if (!empty($arrayfields['cp.fk_type']['checked'])) { - print ''; + print ''; $labeltypeleavetoshow = ($langs->trans($typeleaves[$obj->fk_type]['code']) != $typeleaves[$obj->fk_type]['code'] ? $langs->trans($typeleaves[$obj->fk_type]['code']) : $typeleaves[$obj->fk_type]['label']); print empty($typeleaves[$obj->fk_type]['label']) ? $langs->trans("TypeWasDisabledOrRemoved", $obj->fk_type) : $labeltypeleavetoshow; print ''; diff --git a/htdocs/install/check.php b/htdocs/install/check.php index 35efe1f36b2..99e9e38c958 100644 --- a/htdocs/install/check.php +++ b/htdocs/install/check.php @@ -100,7 +100,7 @@ print "
    \n"; // Check PHP support for $_GET and $_POST if (!isset($_GET["testget"]) && !isset($_POST["testpost"])) { // We must keep $_GET and $_POST here print 'Warning '.$langs->trans("PHPSupportPOSTGETKo"); - print ' ('.$langs->trans("Recheck").')'; + print ' ('.$langs->trans("Recheck").')'; print "
    \n"; $checksok = 0; } else { diff --git a/htdocs/install/default.css b/htdocs/install/default.css index 731ac4131b4..85a2f4703c2 100644 --- a/htdocs/install/default.css +++ b/htdocs/install/default.css @@ -415,3 +415,6 @@ a.button:hover { vertical-align: text-bottom; } +.text-security { + -webkit-text-security: disc; +} diff --git a/htdocs/install/fileconf.php b/htdocs/install/fileconf.php index 42c8d3459fe..42ea5e423af 100644 --- a/htdocs/install/fileconf.php +++ b/htdocs/install/fileconf.php @@ -476,13 +476,13 @@ if (!empty($force_install_noedit)) { - 0 && !empty($force_install_databaserootlogin)) { print ' disabled'; } ?> @@ -556,10 +556,10 @@ if (!empty($force_install_noedit)) { autocomplete="off" id="db_pass_root" name="db_pass_root" - class="needroot" + class="needroot text-security" value="0 if there is an injection, 0 if none */ @@ -460,11 +460,15 @@ if (!defined('NOTOKENRENEWAL')) { if ((!defined('NOCSRFCHECK') && empty($dolibarr_nocsrfcheck) && !empty($conf->global->MAIN_SECURITY_CSRF_WITH_TOKEN)) || defined('CSRFCHECK_WITH_TOKEN')) { // Array of action code where CSRFCHECK with token will be forced (so token must be provided on url request) $arrayofactiontoforcetokencheck = array( - 'activate', 'add', 'addtimespent', 'update', 'install', - 'confirm_create_user', 'confirm_create_thirdparty', 'confirm_purge', 'confirm_reject_check', - 'delete', 'deletefilter', 'deleteoperation', 'deleteprof', 'deletepayment', 'disable', + 'activate', 'add', 'addrights', 'addtimespent', + 'confirm_create_user', 'confirm_create_thirdparty', 'confirm_delete', 'confirm_deletedir', 'confirm_deletefile', 'confirm_purge', 'confirm_reject_check', + 'delete', 'deletefilter', 'deleteoperation', 'deleteprof', 'deletepayment', 'delrights', + 'disable', 'doprev', 'donext', 'dvprev', 'dvnext', - 'enable', 'setpricelevel' + 'enable', + 'install', + 'setpricelevel', + 'update' ); $sensitiveget = false; if (in_array(GETPOST('action', 'aZ09'), $arrayofactiontoforcetokencheck)) { diff --git a/htdocs/modulebuilder/template/myobject_list.php b/htdocs/modulebuilder/template/myobject_list.php index 4633a69e6dd..1e319e18ec2 100644 --- a/htdocs/modulebuilder/template/myobject_list.php +++ b/htdocs/modulebuilder/template/myobject_list.php @@ -327,22 +327,21 @@ $reshook = $hookmanager->executeHooks('printFieldListWhere', $parameters, $objec $sql .= $hookmanager->resPrint; /* If a group by is required -$sql.= " GROUP BY "; -foreach($object->fields as $key => $val) -{ - $sql.='t.'.$key.', '; +$sql .= " GROUP BY "; +foreach($object->fields as $key => $val) { + $sql .= 't.'.$key.', '; } // Add fields from extrafields -if (! empty($extrafields->attributes[$object->table_element]['label'])) { +if (!empty($extrafields->attributes[$object->table_element]['label'])) { foreach ($extrafields->attributes[$object->table_element]['label'] as $key => $val) { $sql .= ($extrafields->attributes[$object->table_element]['type'][$key] != 'separate' ? "ef.".$key.', ' : ''); } } // Add where from hooks -$parameters=array(); -$reshook=$hookmanager->executeHooks('printFieldListGroupBy', $parameters, $object); // Note that $action and $object may have been modified by hook -$sql.=$hookmanager->resPrint; -$sql=preg_replace('/,\s*$/','', $sql); +$parameters = array(); +$reshook = $hookmanager->executeHooks('printFieldListGroupBy', $parameters, $object); // Note that $action and $object may have been modified by hook +$sql .= $hookmanager->resPrint; +$sql = preg_replace('/,\s*$/', '', $sql); */ $sql .= $db->order($sortfield, $sortorder); diff --git a/htdocs/product/admin/product.php b/htdocs/product/admin/product.php index 5a83c685e0f..fa75a20277f 100644 --- a/htdocs/product/admin/product.php +++ b/htdocs/product/admin/product.php @@ -295,13 +295,14 @@ $dirmodels = array_merge(array('/'), (array) $conf->modules_parts['models']); print load_fiche_titre($langs->trans("ProductCodeChecker"), '', ''); +print '
    '; print ''."\n"; print ''."\n"; print ' '; print ' '; print ' '; print ' '; -print ' '; +print ' '; print "\n"; foreach ($dirproduct as $dirroot) { @@ -333,7 +334,7 @@ foreach ($dirproduct as $dirroot) { print ''."\n"; print ''."\n"; print ''."\n"; - print ''."\n"; + print ''."\n"; if (!empty($conf->global->PRODUCT_CODEPRODUCT_ADDON) && $conf->global->PRODUCT_CODEPRODUCT_ADDON == $file) { print '
    '.$langs->trans("Name").''.$langs->trans("Description").''.$langs->trans("Example").''.$langs->trans("Status").''.$langs->trans("ShortInfo").'
    '.$modCodeProduct->name.''.$modCodeProduct->info($langs).''.$modCodeProduct->getExample($langs).''.$modCodeProduct->getExample($langs).''."\n"; @@ -366,6 +367,7 @@ foreach ($dirproduct as $dirroot) { } } print '
    '; +print '
    '; // Module to build doc $def = array(); @@ -390,13 +392,14 @@ print '
    '; print load_fiche_titre($langs->trans("ProductDocumentTemplates"), '', ''); +print '
    '; print ''; print ''; print ''; print ''; print '\n"; print '\n"; -print ''; +print ''; print ''; print "\n"; @@ -499,6 +502,8 @@ foreach ($dirmodels as $reldir) { } print '
    '.$langs->trans("Name").''.$langs->trans("Description").''.$langs->trans("Status")."'.$langs->trans("Default")."'.$langs->trans("ShortInfo").''.$langs->trans("Preview").'
    '; +print '
    '; + print "
    "; /* @@ -517,6 +522,7 @@ print ''; print load_fiche_titre($langs->trans("ProductOtherConf"), '', ''); +print '
    '; print ''; print ''; print ''."\n"; @@ -611,6 +617,7 @@ if ((!empty($conf->fournisseur->enabled) && empty($conf->global->MAIN_USE_NEW_SU } print '
    '.$langs->trans("Parameters").'
    '; +print '
    '; print '
    '; print ''; @@ -620,6 +627,7 @@ print '
    '; print load_fiche_titre($langs->trans("UserInterface"), '', ''); +print '
    '; print ''; print ''; print ''."\n"; @@ -671,7 +679,7 @@ print $form->selectarray( 0, 0, '', - 'maxwidth400', + 'minwidth100imp maxwidth400', 1 ); print ''; @@ -772,6 +780,7 @@ if (!empty($conf->global->PRODUCT_CANVAS_ABILITY)) { } print '
    '.$langs->trans("Parameters").'
    '; +print '
    '; print '
    '; print ''; diff --git a/htdocs/product/composition/card.php b/htdocs/product/composition/card.php index e1250f10cb3..e2539dae31c 100644 --- a/htdocs/product/composition/card.php +++ b/htdocs/product/composition/card.php @@ -51,6 +51,9 @@ if (!empty($user->socid)) { $fieldvalue = (!empty($id) ? $id : (!empty($ref) ? $ref : '')); $fieldtype = (!empty($ref) ? 'ref' : 'rowid'); +// Initialize technical object to manage hooks of page. Note that conf->hooks_modules contains array of hook context +$hookmanager->initHooks(array('productcompositioncard', 'globalcard')); + $object = new Product($db); $objectid = 0; if ($id > 0 || !empty($ref)) { diff --git a/htdocs/product/stats/card.php b/htdocs/product/stats/card.php index 6929c70a5ff..3e7d9045dc8 100644 --- a/htdocs/product/stats/card.php +++ b/htdocs/product/stats/card.php @@ -59,6 +59,9 @@ if (!empty($user->socid)) { $fieldvalue = (!empty($id) ? $id : $ref); $fieldtype = (!empty($ref) ? 'ref' : 'rowid'); +// Initialize technical object to manage hooks of page. Note that conf->hooks_modules contains array of hook context +$hookmanager->initHooks(array('productstatscard', 'globalcard')); + $tmp = dol_getdate(dol_now()); $currentyear = $tmp['year']; if (empty($search_year)) { diff --git a/htdocs/projet/card.php b/htdocs/projet/card.php index 3c2d5b02829..ec1a0fee47c 100644 --- a/htdocs/projet/card.php +++ b/htdocs/projet/card.php @@ -511,7 +511,7 @@ if ($action == 'create' && $user->rights->projet->creer) { // Ref $suggestedref = (GETPOST("ref") ? GETPOST("ref") : $defaultref); - print ''.$langs->trans("Ref").''; + print ''.$langs->trans("Ref").''; print ' '.$form->textwithpicto('', $langs->trans("YouCanCompleteRef", $suggestedref)); print ''; @@ -796,7 +796,7 @@ if ($action == 'create' && $user->rights->projet->creer) { // Ref $suggestedref = $object->ref; print ''.$langs->trans("Ref").''; - print ''; + print ''; print ' '.$form->textwithpicto('', $langs->trans("YouCanCompleteRef", $suggestedref)); print ''; diff --git a/htdocs/recruitment/class/recruitmentjobposition.class.php b/htdocs/recruitment/class/recruitmentjobposition.class.php index 2f180bcc8ec..892ba4121e9 100644 --- a/htdocs/recruitment/class/recruitmentjobposition.class.php +++ b/htdocs/recruitment/class/recruitmentjobposition.class.php @@ -101,13 +101,13 @@ class RecruitmentJobPosition extends CommonObject public $fields = array( 'rowid' => array('type'=>'integer', 'label'=>'TechnicalID', 'enabled'=>'1', 'position'=>1, 'notnull'=>1, 'visible'=>0, 'noteditable'=>'1', 'index'=>1, 'comment'=>"Id"), 'entity' => array('type'=>'integer', 'label'=>'Entity', 'enabled'=>1, 'visible'=>0, 'position'=>5, 'notnull'=>1, 'default'=>'1', 'index'=>1), - 'ref' => array('type'=>'varchar(128)', 'label'=>'Ref', 'enabled'=>'1', 'position'=>10, 'notnull'=>1, 'visible'=>4, 'noteditable'=>'1', 'default'=>'(PROV)', 'index'=>1, 'searchall'=>1, 'showoncombobox'=>'1', 'comment'=>"Reference of object"), + 'ref' => array('type'=>'varchar(128)', 'label'=>'Ref', 'enabled'=>'1', 'position'=>10, 'notnull'=>1, 'visible'=>4, 'noteditable'=>'1', 'default'=>'(PROV)', 'index'=>1, 'searchall'=>1, 'showoncombobox'=>'1', 'comment'=>"Reference of object", 'css'=>'nowraponall'), 'label' => array('type'=>'varchar(255)', 'label'=>'JobLabel', 'enabled'=>'1', 'position'=>30, 'notnull'=>1, 'visible'=>1, 'searchall'=>1, 'css'=>'minwidth500', 'csslist'=>'tdoverflowmax300', 'showoncombobox'=>'2', 'autofocusoncreate'=>1), 'qty' => array('type'=>'integer', 'label'=>'NbOfEmployeesExpected', 'enabled'=>'1', 'position'=>45, 'notnull'=>1, 'visible'=>1, 'default'=>'1', 'isameasure'=>'1', 'css'=>'maxwidth75imp'), 'fk_project' => array('type'=>'integer:Project:projet/class/project.class.php:1', 'label'=>'Project', 'enabled'=>'1', 'position'=>52, 'notnull'=>-1, 'visible'=>-1, 'index'=>1, 'css'=>'maxwidth500', 'picto'=>'project'), - 'fk_user_recruiter' => array('type'=>'integer:User:user/class/user.class.php', 'label'=>'ResponsibleOfRecruitement', 'enabled'=>'1', 'position'=>54, 'notnull'=>1, 'visible'=>1, 'foreignkey'=>'user.rowid', 'csslist'=>'tdoverflowmax150'), + 'fk_user_recruiter' => array('type'=>'integer:User:user/class/user.class.php', 'label'=>'ResponsibleOfRecruitement', 'enabled'=>'1', 'position'=>54, 'notnull'=>1, 'visible'=>1, 'foreignkey'=>'user.rowid', 'css'=>'maxwidth500', 'csslist'=>'tdoverflowmax150', 'picto'=>'user'), 'email_recruiter' => array('type'=>'varchar(255)', 'label'=>'EmailRecruiter', 'enabled'=>'1', 'position'=>54, 'notnull'=>0, 'visible'=>-1, 'help'=>'ToUseAGenericEmail', 'picto'=>'email'), - 'fk_user_supervisor' => array('type'=>'integer:User:user/class/user.class.php', 'label'=>'FutureManager', 'enabled'=>'1', 'position'=>55, 'notnull'=>0, 'visible'=>-1, 'foreignkey'=>'user.rowid',), + 'fk_user_supervisor' => array('type'=>'integer:User:user/class/user.class.php', 'label'=>'FutureManager', 'enabled'=>'1', 'position'=>55, 'notnull'=>0, 'visible'=>-1, 'foreignkey'=>'user.rowid', 'css'=>'maxwidth500', 'csslist'=>'tdoverflowmax150', 'picto'=>'user'), 'fk_establishment' => array('type'=>'integer:Establishment:hrm/class/establishment.class.php', 'label'=>'Establishment', 'enabled'=>'$conf->hrm->enabled', 'position'=>56, 'notnull'=>0, 'visible'=>-1, 'foreignkey'=>'establishment.rowid',), 'fk_soc' => array('type'=>'integer:Societe:societe/class/societe.class.php:1:status=1 AND entity IN (__SHARED_ENTITIES__)', 'label'=>'WorkPlace', 'enabled'=>'1', 'position'=>57, 'notnull'=>-1, 'visible'=>-1, 'css'=>'maxwidth500', 'index'=>1, 'help'=>"IfJobIsLocatedAtAPartner", 'picto'=>'company'), 'date_planned' => array('type'=>'date', 'label'=>'DateExpected', 'enabled'=>'1', 'position'=>60, 'notnull'=>0, 'visible'=>1,), diff --git a/htdocs/recruitment/recruitmentjobposition_list.php b/htdocs/recruitment/recruitmentjobposition_list.php index 7ccad1de16a..3398a47dca3 100644 --- a/htdocs/recruitment/recruitmentjobposition_list.php +++ b/htdocs/recruitment/recruitmentjobposition_list.php @@ -103,8 +103,9 @@ $sortfield = GETPOST('sortfield', 'aZ09comma'); $sortorder = GETPOST('sortorder', 'aZ09comma'); $page = GETPOSTISSET('pageplusone') ? (GETPOST('pageplusone') - 1) : GETPOST("page", 'int'); if (empty($page) || $page < 0 || GETPOST('button_search', 'alpha') || GETPOST('button_removefilter', 'alpha')) { + // If $page is not defined, or '' or -1 or if we click on clear filters $page = 0; -} // If $page is not defined, or '' or -1 or if we click on clear filters +} $offset = $limit * $page; $pageprev = $page - 1; $pagenext = $page + 1; @@ -123,6 +124,7 @@ $search_array_options = $extrafields->getOptionalsFromPost($object->table_elemen // Default sort order (if not yet defined by previous GETPOST) if (!$sortfield) { + reset($object->fields); // Reset is required to avoid key() to return null. $sortfield = "t.".key($object->fields); // Set here default search field. By default 1st field in definition. } if (!$sortorder) { @@ -146,17 +148,18 @@ foreach ($object->fields as $key => $val) { } } -// Definition of fields for list +// Definition of array of fields for columns $arrayfields = array(); foreach ($object->fields as $key => $val) { // If $val['visible']==0, then we never show the field if (!empty($val['visible'])) { - $visible = dol_eval($val['visible'], 1); + $visible = (int) dol_eval($val['visible'], 1); $arrayfields['t.'.$key] = array( 'label'=>$val['label'], 'checked'=>(($visible < 0) ? 0 : 1), 'enabled'=>($visible != 3 && dol_eval($val['enabled'], 1)), - 'position'=>$val['position'] + 'position'=>$val['position'], + 'help'=> isset($val['help']) ? $val['help'] : '' ); } } @@ -164,7 +167,7 @@ foreach ($object->fields as $key => $val) { include DOL_DOCUMENT_ROOT.'/core/tpl/extrafields_list_array_fields.tpl.php'; $object->fields = dol_sort_array($object->fields, 'position'); -$arrayfields['nbapplications'] = array('label'=>'Applications', 'checked'=>1, 'enabled'=>1, 'position'=>90); +$arrayfields['nbapplications'] = array('type'=>'integer', 'label'=>'Applications', 'checked'=>1, 'enabled'=>1, 'position'=>90, 'csslist'=>'right'); $arrayfields = dol_sort_array($arrayfields, 'position'); $permissiontoread = $user->rights->recruitment->recruitmentjobposition->read; @@ -184,7 +187,8 @@ $result = restrictedArea($user, 'recruitment', 0, 'recruitment_recruitmentjobpos */ if (GETPOST('cancel', 'alpha')) { - $action = 'list'; $massaction = ''; + $action = 'list'; + $massaction = ''; } if (!GETPOST('confirmmassaction', 'alpha') && $massaction != 'presend' && $massaction != 'confirm_presend') { $massaction = ''; @@ -238,13 +242,11 @@ $title = $langs->trans('ListOfPositionsToBeFilled'); // Build and execute select // -------------------------------------------------------------------- $sql = 'SELECT '; -foreach ($object->fields as $key => $val) { - $sql .= 't.'.$key.', '; -} +$sql .= $object->getFieldList('t'); // Add fields from extrafields if (!empty($extrafields->attributes[$object->table_element]['label'])) { foreach ($extrafields->attributes[$object->table_element]['label'] as $key => $val) { - $sql .= ($extrafields->attributes[$object->table_element]['type'][$key] != 'separate' ? "ef.".$key.' as options_'.$key.', ' : ''); + $sql .= ($extrafields->attributes[$object->table_element]['type'][$key] != 'separate' ? ", ef.".$key.' as options_'.$key.', ' : ''); } } // Add fields from hooks @@ -258,24 +260,42 @@ $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."recruitment_recruitmentcandidature as rc O if (isset($extrafields->attributes[$object->table_element]['label']) && is_array($extrafields->attributes[$object->table_element]['label']) && count($extrafields->attributes[$object->table_element]['label'])) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX.$object->table_element."_extrafields as ef on (t.rowid = ef.fk_object)"; } +// Add table from hooks +$parameters = array(); +$reshook = $hookmanager->executeHooks('printFieldListFrom', $parameters, $object); // Note that $action and $object may have been modified by hook +$sql .= $hookmanager->resPrint; if ($object->ismultientitymanaged == 1) { $sql .= " WHERE t.entity IN (".getEntity($object->element).")"; } else { $sql .= " WHERE 1 = 1"; } foreach ($search as $key => $val) { - if ($key == 'status' && $search[$key] == -1) { - continue; - } - $mode_search = (($object->isInt($object->fields[$key]) || $object->isFloat($object->fields[$key])) ? 1 : 0); - if (strpos($object->fields[$key]['type'], 'integer:') === 0) { - if ($search[$key] == '-1') { - $search[$key] = ''; + if (array_key_exists($key, $object->fields)) { + if ($key == 'status' && $search[$key] == -1) { + continue; + } + $mode_search = (($object->isInt($object->fields[$key]) || $object->isFloat($object->fields[$key])) ? 1 : 0); + if ((strpos($object->fields[$key]['type'], 'integer:') === 0) || (strpos($object->fields[$key]['type'], 'sellist:') === 0) || !empty($object->fields[$key]['arrayofkeyval'])) { + if ($search[$key] == '-1' || $search[$key] === '0') { + $search[$key] = ''; + } + $mode_search = 2; + } + if ($search[$key] != '') { + $sql .= natural_search($key, $search[$key], (($key == 'status') ? 2 : $mode_search)); + } + } else { + if (preg_match('/(_dtstart|_dtend)$/', $key) && $search[$key] != '') { + $columnName=preg_replace('/(_dtstart|_dtend)$/', '', $key); + if (preg_match('/^(date|timestamp|datetime)/', $object->fields[$columnName]['type'])) { + if (preg_match('/_dtstart$/', $key)) { + $sql .= " AND t." . $columnName . " >= '" . $db->idate($search[$key]) . "'"; + } + if (preg_match('/_dtend$/', $key)) { + $sql .= " AND t." . $columnName . " <= '" . $db->idate($search[$key]) . "'"; + } + } } - $mode_search = 2; - } - if ($search[$key] != '') { - $sql .= natural_search($key, $search[$key], (($key == 'status') ? 2 : $mode_search)); } } if ($search_all) { @@ -372,6 +392,10 @@ if ($optioncss != '') { } // Add $param from extra fields include DOL_DOCUMENT_ROOT.'/core/tpl/extrafields_list_search_param.tpl.php'; +// Add $param from hooks +$parameters = array(); +$reshook = $hookmanager->executeHooks('printFieldListSearchParam', $parameters, $object); // Note that $action and $object may have been modified by hook +$param .= $hookmanager->resPrint; // List of mass actions available $arrayofmassactions = array( @@ -449,30 +473,38 @@ print ''; foreach ($object->fields as $key => $val) { - $cssforfield = (empty($val['css']) ? '' : $val['css']); + $cssforfield = (empty($val['csslist']) ? (empty($val['css']) ? '' : $val['css']) : $val['csslist']); if ($key == 'status') { $cssforfield .= ($cssforfield ? ' ' : '').'center'; } elseif (in_array($val['type'], array('date', 'datetime', 'timestamp'))) { $cssforfield .= ($cssforfield ? ' ' : '').'center'; } elseif (in_array($val['type'], array('timestamp'))) { $cssforfield .= ($cssforfield ? ' ' : '').'nowrap'; - } elseif (in_array($val['type'], array('double(24,8)', 'double(6,3)', 'integer', 'real', 'price')) && $val['label'] != 'TechnicalID') { + } elseif (in_array($val['type'], array('double(24,8)', 'double(6,3)', 'integer', 'real', 'price')) && $val['label'] != 'TechnicalID' && empty($val['arrayofkeyval'])) { $cssforfield .= ($cssforfield ? ' ' : '').'right'; } if (!empty($arrayfields['t.'.$key]['checked'])) { print ''; } } // Extra fields include DOL_DOCUMENT_ROOT.'/core/tpl/extrafields_list_search_input.tpl.php'; + // Fields from hook $parameters = array('arrayfields'=>$arrayfields); $reshook = $hookmanager->executeHooks('printFieldListOption', $parameters, $object); // Note that $action and $object may have been modified by hook @@ -492,14 +524,14 @@ print ''."\n"; // -------------------------------------------------------------------- print ''; foreach ($object->fields as $key => $val) { - $cssforfield = (empty($val['css']) ? '' : $val['css']); + $cssforfield = (empty($val['csslist']) ? (empty($val['css']) ? '' : $val['css']) : $val['csslist']); if ($key == 'status') { $cssforfield .= ($cssforfield ? ' ' : '').'center'; } elseif (in_array($val['type'], array('date', 'datetime', 'timestamp'))) { $cssforfield .= ($cssforfield ? ' ' : '').'center'; } elseif (in_array($val['type'], array('timestamp'))) { $cssforfield .= ($cssforfield ? ' ' : '').'nowrap'; - } elseif (in_array($val['type'], array('double(24,8)', 'double(6,3)', 'integer', 'real', 'price')) && $val['label'] != 'TechnicalID') { + } elseif (in_array($val['type'], array('double(24,8)', 'double(6,3)', 'integer', 'real', 'price')) && $val['label'] != 'TechnicalID' && empty($val['arrayofkeyval'])) { $cssforfield .= ($cssforfield ? ' ' : '').'right'; } if (!empty($arrayfields['t.'.$key]['checked'])) { @@ -513,7 +545,7 @@ $parameters = array('arrayfields'=>$arrayfields, 'param'=>$param, 'sortfield'=>$ $reshook = $hookmanager->executeHooks('printFieldListTitle', $parameters, $object); // Note that $action and $object may have been modified by hook print $hookmanager->resPrint; if (!empty($arrayfields['nbapplications']['checked'])) { - print ''; + print ''; } // Action column print getTitleFieldOfList($selectedfields, 0, $_SERVER["PHP_SELF"], '', '', '', '', $sortfield, $sortorder, 'center maxwidthsearch ')."\n"; @@ -561,7 +593,7 @@ while ($i < ($limit ? min($num, $limit) : $num)) { $cssforfield .= ($cssforfield ? ' ' : '').'nowrap'; } - if (in_array($val['type'], array('double(24,8)', 'double(6,3)', 'integer', 'real', 'price')) && $key != 'status') { + if (in_array($val['type'], array('double(24,8)', 'double(6,3)', 'integer', 'real', 'price')) && !in_array($key, array('rowid', 'status')) && empty($val['arrayofkeyval'])) { $cssforfield .= ($cssforfield ? ' ' : '').'right'; } //if (in_array($key, array('fk_soc', 'fk_user', 'fk_warehouse'))) $cssforfield = 'tdoverflowmax100'; @@ -570,6 +602,8 @@ while ($i < ($limit ? min($num, $limit) : $num)) { print ''; if ($key == 'status') { print $object->getLibStatut(5); + } elseif ($key == 'rowid') { + print $object->showOutputField($val, $key, $object->id, ''); } else { print $object->showOutputField($val, $key, $object->$key, ''); } @@ -602,7 +636,7 @@ while ($i < ($limit ? min($num, $limit) : $num)) { } // Action column print ''; } elseif ($key == "fk_soc") { print ''; diff --git a/htdocs/user/card.php b/htdocs/user/card.php index 152c39f79ac..cb7aa69949c 100644 --- a/htdocs/user/card.php +++ b/htdocs/user/card.php @@ -314,8 +314,8 @@ if (empty($reshook)) { $id = $object->create($user); if ($id > 0) { - if (GETPOST('password')) { - $object->setPassword($user, GETPOST('password')); + if (GETPOST('password', 'none')) { + $object->setPassword($user, GETPOST('password', 'none')); } if (!empty($conf->categorie->enabled)) { // Categories association @@ -1437,7 +1437,7 @@ if ($action == 'create' || $action == 'adduserldap') { } // Employee - print ''."\n"; @@ -1803,7 +1803,7 @@ if ($action == 'create' || $action == 'adduserldap') { print dol_print_date($object->datepreviouslogin, "dayhour").' ('.$langs->trans("Previous").'), '; } if ($object->datelastlogin) { - print dol_print_date($object->datelastlogin, "dayhour").' ('.$langs->trans("Current").')'; + print dol_print_date($object->datelastlogin, "dayhour").' ('.$langs->trans("Currently").')'; } print ''; print "\n"; diff --git a/htdocs/user/class/user.class.php b/htdocs/user/class/user.class.php index 74137537e74..816d3dc3e27 100644 --- a/htdocs/user/class/user.class.php +++ b/htdocs/user/class/user.class.php @@ -1280,6 +1280,10 @@ class User extends CommonObject $langs->load("errors"); $this->error = $langs->trans("ErrorFieldRequired", $langs->transnoentitiesnoconv("Login")); return -1; + } elseif (preg_match('/[,@<>"\']/', $this->login)) { + $langs->load("errors"); + $this->error = $langs->trans("ErrorBadCharIntoLoginName"); + return -1; } $this->datec = dol_now(); @@ -1669,6 +1673,10 @@ class User extends CommonObject $langs->load("errors"); $this->error = $langs->trans("ErrorFieldRequired", 'Login'); return -1; + } elseif (preg_match('/[,@<>"\']/', $this->login)) { + $langs->load("errors"); + $this->error = $langs->trans("ErrorBadCharIntoLoginName"); + return -1; } $this->db->begin(); diff --git a/htdocs/user/group/perms.php b/htdocs/user/group/perms.php index 618d705bfcf..9fc4426ecac 100644 --- a/htdocs/user/group/perms.php +++ b/htdocs/user/group/perms.php @@ -235,9 +235,9 @@ if ($object->id > 0) { print ''; if ($caneditperms) { print ''; } print ''; @@ -286,9 +286,9 @@ if ($object->id > 0) { print ''; if ($caneditperms) { print ''; } else { print ''; @@ -326,7 +326,7 @@ if ($object->id > 0) { } else { // Do not own permission if ($caneditperms) { - print ''; @@ -336,7 +336,7 @@ if ($object->id > 0) { } else { // Do not own permission if ($caneditperms) { - print '';
    '; if (!empty($val['arrayofkeyval']) && is_array($val['arrayofkeyval'])) { print $form->selectarray('search_'.$key, $val['arrayofkeyval'], (isset($search[$key]) ? $search[$key] : ''), $val['notnull'], 0, 0, '', 1, 0, 0, '', 'maxwidth100', 1); - } elseif (strpos($val['type'], 'integer:') === 0) { - print $object->showInputField($val, $key, (isset($search[$key]) ? $search[$key] : ''), '', '', 'search_', 'maxwidth150', 1); - } elseif (!preg_match('/^(date|timestamp)/', $val['type'])) { + } elseif ((strpos($val['type'], 'integer:') === 0) || (strpos($val['type'], 'sellist:') === 0)) { + print $object->showInputField($val, $key, (isset($search[$key]) ? $search[$key] : ''), '', '', 'search_', 'maxwidth125', 1); + } elseif (!preg_match('/^(date|timestamp|datetime)/', $val['type'])) { print ''; + } elseif (preg_match('/^(date|timestamp|datetime)/', $val['type'])) { + print '
    '; + print $form->selectDate($search[$key.'_dtstart'] ? $search[$key.'_dtstart'] : '', "search_".$key."_dtstart", 0, 0, 1, '', 1, 0, 0, '', '', '', '', 1, '', $langs->trans('From')); + print '
    '; + print '
    '; + print $form->selectDate($search[$key.'_dtend'] ? $search[$key.'_dtend'] : '', "search_".$key."_dtend", 0, 0, 1, '', 1, 0, 0, '', '', '', '', 1, '', $langs->trans('to')); + print '
    '; } print '
    '.$langs->trans("Applications").''.$langs->trans("Applications").''; - if ($massactionbutton || $massaction) { // If we are in select mode (massactionbutton defined) or if we have already selected and sent an action ($massaction) defined + if ($massactionbutton || $massaction) { // If we are in select mode (massactionbutton defined) or if we have already selected and sent an action ($massaction) defined $selected = 0; if (in_array($object->id, $arrayofselected)) { $selected = 1; diff --git a/htdocs/ticket/list.php b/htdocs/ticket/list.php index 84ea65fef71..6a65efc8bac 100644 --- a/htdocs/ticket/list.php +++ b/htdocs/ticket/list.php @@ -798,7 +798,7 @@ foreach ($object->fields as $key => $val) { if (!empty($search[$key])) { $selectedarray = array_values($search[$key]); } - print Form::multiselectarray('search_fk_statut', $arrayofstatus, $selectedarray, 0, 0, 'minwidth100 maxwidth150', 1, 0, '', '', ''); + print Form::multiselectarray('search_fk_statut', $arrayofstatus, $selectedarray, 0, 0, 'minwidth100imp maxwidth150', 1, 0, '', '', ''); print '
    '.$langs->trans("Employee").''; + print '
    '.$langs->trans("Employee").''; print 'employee ? ' checked="checked"' : '').'>'; //print yn($object->employee); print '
    '.$langs->trans("Module").''; - print ''.$langs->trans("All").""; + print ''.$langs->trans("All").""; print '/'; - print ''.$langs->trans("None").""; + print ''.$langs->trans("None").""; print ' '; - print 'module.'">'.$langs->trans("All").""; + print 'module.'&token='.newToken().'">'.$langs->trans("All").""; print '/'; - print 'module.'">'.$langs->trans("None").""; + print 'module.'&token='.newToken().'">'.$langs->trans("None").""; print ' id.'">'; + print 'id.'&token='.newToken().'">'; //print img_edit_add($langs->trans("Add")); print img_picto($langs->trans("Add"), 'switch_off'); print 'id.'">'; + print 'id.'&token='.newToken().'">'; //print img_edit_add($langs->trans("Add")); print img_picto($langs->trans("Add"), 'switch_off'); print '