lainwir3d/dolibarr
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'upstream/develop' into php8-fix

Browse Source
This commit is contained in:
Frédéric FRANCE 2021-03-15 11:18:41 +01:00
commit 15c751ae89
No known key found for this signature in database
GPG Key ID: 06809324E4B2ABC1
175 changed files with 762 additions and 569 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
htdocs/accountancy/class/accountancycategory.class.php
View File

@ -261,7 +261,7 @@ class AccountancyCategory // extends CommonObject
$sql .= " t.active";
$sql .= " FROM ".MAIN_DB_PREFIX."c_accounting_category as t";
if ($id) {
$sql .= " WHERE t.rowid = ".$id;
$sql .= " WHERE t.rowid = ".((int) $id);
} else {
$sql .= " WHERE t.entity IN (".getEntity('c_accounting_category').")"; // Dont't use entity if you use rowid
if ($code) {
@ -354,7 +354,7 @@ class AccountancyCategory // extends CommonObject
$sql .= " position=".(isset($this->position) ? $this->position : "null").",";
$sql .= " fk_country=".(isset($this->fk_country) ? $this->fk_country : "null").",";
$sql .= " active=".(isset($this->active) ? $this->active : "null")."";
$sql .= " WHERE rowid=".$this->id;
$sql .= " WHERE rowid=".((int) $this->id);
$this->db->begin();
@ -392,7 +392,7 @@ class AccountancyCategory // extends CommonObject
$error = 0;
$sql = "DELETE FROM ".MAIN_DB_PREFIX."c_accounting_category";
$sql .= " WHERE rowid=".$this->id;
$sql .= " WHERE rowid=".((int) $this->id);
$this->db->begin();

4
htdocs/accountancy/class/accountingaccount.class.php
View File

@ -414,7 +414,7 @@ class AccountingAccount extends CommonObject
if (!$error) {
$sql = "DELETE FROM ".MAIN_DB_PREFIX."accounting_account";
$sql .= " WHERE rowid=".$this->id;
$sql .= " WHERE rowid=".((int) $this->id);
dol_syslog(get_class($this)."::delete sql=".$sql);
$resql = $this->db->query($sql);
@ -553,7 +553,7 @@ class AccountingAccount extends CommonObject
{
$sql = 'SELECT a.rowid, a.datec, a.fk_user_author, a.fk_user_modif, a.tms';
$sql .= ' FROM '.MAIN_DB_PREFIX.'accounting_account as a';
$sql .= ' WHERE a.rowid = '.$id;
$sql .= ' WHERE a.rowid = '.((int) $id);
dol_syslog(get_class($this).'::info sql='.$sql);
$result = $this->db->query($sql);

6
htdocs/accountancy/class/bookkeeping.class.php
View File

@ -729,7 +729,7 @@ class BookKeeping extends CommonObject
if (null !== $ref) {
$sql .= " AND t.ref = '".$this->db->escape($ref)."'";
} else {
$sql .= ' AND t.rowid = '.$id;
$sql .= ' AND t.rowid = '.((int) $id);
}
$resql = $this->db->query($sql);
@ -1262,7 +1262,7 @@ class BookKeeping extends CommonObject
$sql .= ' code_journal = '.(isset($this->code_journal) ? "'".$this->db->escape($this->code_journal)."'" : "null").',';
$sql .= ' journal_label = '.(isset($this->journal_label) ? "'".$this->db->escape($this->journal_label)."'" : "null").',';
$sql .= ' piece_num = '.(isset($this->piece_num) ? $this->piece_num : "null");
$sql .= ' WHERE rowid='.$this->id;
$sql .= ' WHERE rowid='.((int) $this->id);
$this->db->begin();
@ -1359,7 +1359,7 @@ class BookKeeping extends CommonObject
if (!$error) {
$sql = 'DELETE FROM '.MAIN_DB_PREFIX.$this->table_element.$mode;
$sql .= ' WHERE rowid='.$this->id;
$sql .= ' WHERE rowid='.((int) $this->id);
$resql = $this->db->query($sql);
if (!$resql) {

4
htdocs/accountancy/customer/card.php
View File

@ -55,7 +55,7 @@ if ($action == 'ventil' && $user->rights->accounting->bind->write) {
$sql = " UPDATE ".MAIN_DB_PREFIX."facturedet";
$sql .= " SET fk_code_ventilation = ".$codeventil;
$sql .= " WHERE rowid = ".$id;
$sql .= " WHERE rowid = ".((int) $id);
$resql = $db->query($sql);
if (!$resql) {
@ -99,7 +99,7 @@ if (!empty($id)) {
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."product as p ON p.rowid = l.fk_product";
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."accounting_account as aa ON l.fk_code_ventilation = aa.rowid";
$sql .= " INNER JOIN ".MAIN_DB_PREFIX."facture as f ON f.rowid = l.fk_facture";
$sql .= " WHERE f.fk_statut > 0 AND l.rowid = ".$id;
$sql .= " WHERE f.fk_statut > 0 AND l.rowid = ".((int) $id);
$sql .= " AND f.entity IN (".getEntity('invoice', 0).")"; // We don't share object for accountancy
dol_syslog("/accounting/customer/card.php sql=".$sql, LOG_DEBUG);

4
htdocs/accountancy/expensereport/card.php
View File

@ -59,7 +59,7 @@ if ($action == 'ventil' && $user->rights->accounting->bind->write) {
$sql = " UPDATE ".MAIN_DB_PREFIX."expensereport_det";
$sql .= " SET fk_code_ventilation = ".$codeventil;
$sql .= " WHERE rowid = ".$id;
$sql .= " WHERE rowid = ".((int) $id);
$resql = $db->query($sql);
if (!$resql) {
@ -101,7 +101,7 @@ if (!empty($id)) {
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."c_type_fees as f ON f.id = erd.fk_c_type_fees";
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."accounting_account as aa ON erd.fk_code_ventilation = aa.rowid";
$sql .= " INNER JOIN ".MAIN_DB_PREFIX."expensereport as er ON er.rowid = erd.fk_expensereport";
$sql .= " WHERE er.fk_statut > 0 AND erd.rowid = ".$id;
$sql .= " WHERE er.fk_statut > 0 AND erd.rowid = ".((int) $id);
$sql .= " AND er.entity IN (".getEntity('expensereport', 0).")"; // We don't share object for accountancy
dol_syslog("/accounting/expensereport/card.php sql=".$sql, LOG_DEBUG);

4
htdocs/accountancy/index.php
View File

@ -1,7 +1,7 @@
<?php
/* Copyright (C) 2016-2020 Laurent Destailleur <eldy@users.sourceforge.net>
* Copyright (C) 2016-2019 Alexandre Spangaro <aspangaro@open-dsi.fr>
* Copyright (C) 2019 Frédéric France <frederic.france@netlogic.fr>
* Copyright (C) 2019-2021 Frédéric France <frederic.france@netlogic.fr>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -220,7 +220,7 @@ if ($conf->accounting->enabled) {
/*
* Show boxes
*/
$boxlist .= '<div class="twocolumns">';
$boxlist = '<div class="twocolumns">';
$boxlist .= '<div class="firstcolumn fichehalfleft boxhalfleft" id="boxhalfleft">';

4
htdocs/accountancy/supplier/card.php
View File

@ -59,7 +59,7 @@ if ($action == 'ventil' && $user->rights->accounting->bind->write) {
$sql = " UPDATE ".MAIN_DB_PREFIX."facture_fourn_det";
$sql .= " SET fk_code_ventilation = ".$codeventil;
$sql .= " WHERE rowid = ".$id;
$sql .= " WHERE rowid = ".((int) $id);
$resql = $db->query($sql);
if (!$resql) {
@ -101,7 +101,7 @@ if (!empty($id)) {
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."product as p ON p.rowid = l.fk_product";
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."accounting_account as aa ON l.fk_code_ventilation = aa.rowid";
$sql .= " INNER JOIN ".MAIN_DB_PREFIX."facture_fourn as f ON f.rowid = l.fk_facture_fourn ";
$sql .= " WHERE f.fk_statut > 0 AND l.rowid = ".$id;
$sql .= " WHERE f.fk_statut > 0 AND l.rowid = ".((int) $id);
$sql .= " AND f.entity IN (".getEntity('facture_fourn', 0).")"; // We don't share object for accountancy
dol_syslog("/accounting/supplier/card.php sql=".$sql, LOG_DEBUG);

8
htdocs/adherents/class/adherent.class.php
View File

@ -2085,9 +2085,9 @@ class Adherent extends CommonObject
}
$label .= '</div>';
$url = DOL_URL_ROOT.'/adherents/card.php?rowid='.$this->id;
$url = DOL_URL_ROOT.'/adherents/card.php?rowid='.((int) $this->id);
if ($option == 'subscription') {
$url = DOL_URL_ROOT.'/adherents/subscription.php?rowid='.$this->id;
$url = DOL_URL_ROOT.'/adherents/subscription.php?rowid='.((int) $this->id);
}
if ($option != 'nolink') {
@ -2216,7 +2216,7 @@ class Adherent extends CommonObject
$statusType = 'status1';
$labelStatus = $langs->trans("MemberStatusActive");
$labelStatusShort = $langs->trans("MemberStatusActiveShort");
} elseif ($date_end_subscription < time()) {
} elseif ($date_end_subscription < dol_now()) {
$statusType = 'status3';
$labelStatus = $langs->trans("MemberStatusActiveLate");
$labelStatusShort = $langs->trans("MemberStatusActiveLateShort");
@ -2644,7 +2644,7 @@ class Adherent extends CommonObject
$sql .= ' a.tms as datem,';
$sql .= ' a.fk_user_author, a.fk_user_valid, a.fk_user_mod';
$sql .= ' FROM '.MAIN_DB_PREFIX.'adherent as a';
$sql .= ' WHERE a.rowid = '.$id;
$sql .= ' WHERE a.rowid = '.((int) $id);
dol_syslog(get_class($this)."::info", LOG_DEBUG);
$result = $this->db->query($sql);

2
htdocs/adherents/class/adherent_type.class.php
View File

@ -623,7 +623,7 @@ class AdherentType extends CommonObject
$label .= '<br>'.$langs->trans("SubscriptionRequired").': '.yn($this->subscription);
}
$linkstart = '<a href="'.DOL_URL_ROOT.'/adherents/type.php?rowid='.$this->id.'" title="'.dol_escape_htmltag($label, 1).'" class="classfortooltip">';
$linkstart = '<a href="'.DOL_URL_ROOT.'/adherents/type.php?rowid='.((int) $this->id).'" title="'.dol_escape_htmltag($label, 1).'" class="classfortooltip">';
$linkend = '</a>';
$result .= $linkstart;

4
htdocs/adherents/class/subscription.class.php
View File

@ -417,7 +417,7 @@ class Subscription extends CommonObject
$label .= '<br><b>'.$langs->trans('DateEnd').':</b> '.dol_print_date($this->datef, 'day');
}
$url = DOL_URL_ROOT.'/adherents/subscription/card.php?rowid='.$this->id;
$url = DOL_URL_ROOT.'/adherents/subscription/card.php?rowid='.((int) $this->id);
if ($option != 'nolink') {
// Add param to save lastsearch_values or not
@ -483,7 +483,7 @@ class Subscription extends CommonObject
$sql = 'SELECT c.rowid, c.datec,';
$sql .= ' c.tms as datem';
$sql .= ' FROM '.MAIN_DB_PREFIX.'subscription as c';
$sql .= ' WHERE c.rowid = '.$id;
$sql .= ' WHERE c.rowid = '.((int) $id);
$result = $this->db->query($sql);
if ($result) {

30
htdocs/adherents/index.php
View File

@ -79,10 +79,10 @@ $subscriptionstatic = new Subscription($db);
print load_fiche_titre($langs->trans("MembersArea"), $resultboxes['selectboxlist'], 'members');
$Adherents = array();
$AdherentsAValider = array();
$MemberUpToDate = array();
$AdherentsResilies = array();
$MembersValidated = array();
$MembersToValidate = array();
$MembersUpToDate = array();
$MembersResiliated = array();
$AdherentType = array();
@ -111,7 +111,7 @@ if ($result) {
$AdherentType[$objp->rowid] = $adhtype;
if ($objp->statut == -1) {
$MemberToValidate[$objp->rowid] = $objp->somme;
$MembersToValidate[$objp->rowid] = $objp->somme;
}
if ($objp->statut == 1) {
$MembersValidated[$objp->rowid] = $objp->somme;
@ -144,7 +144,7 @@ if ($result) {
$i = 0;
while ($i < $num) {
$objp = $db->fetch_object($result);
$MemberUpToDate[$objp->fk_adherent_type] = $objp->somme;
$MembersUpToDate[$objp->fk_adherent_type] = $objp->somme;
$i++;
}
$db->free();
@ -202,13 +202,13 @@ if ($conf->use_javascript_ajax) {
$dataval = array();
$i = 0;
foreach ($AdherentType as $key => $adhtype) {
$dataval['draft'][] = array($i, isset($MemberToValidate[$key]) ? $MemberToValidate[$key] : 0);
$dataval['notuptodate'][] = array($i, isset($MembersValidated[$key]) ? $MembersValidated[$key] - (isset($MemberUpToDate[$key]) ? $MemberUpToDate[$key] : 0) : 0);
$dataval['uptodate'][] = array($i, isset($MemberUpToDate[$key]) ? $MemberUpToDate[$key] : 0);
$dataval['draft'][] = array($i, isset($MembersToValidate[$key]) ? $MembersToValidate[$key] : 0);
$dataval['notuptodate'][] = array($i, isset($MembersValidated[$key]) ? $MembersValidated[$key] - (isset($MembersUpToDate[$key]) ? $MembersUpToDate[$key] : 0) : 0);
$dataval['uptodate'][] = array($i, isset($MembersUpToDate[$key]) ? $MembersUpToDate[$key] : 0);
$dataval['resiliated'][] = array($i, isset($MembersResiliated[$key]) ? $MembersResiliated[$key] : 0);
$SommeA += isset($MemberToValidate[$key]) ? $MemberToValidate[$key] : 0;
$SommeB += isset($MembersValidated[$key]) ? $MembersValidated[$key] - (isset($MemberUpToDate[$key]) ? $MemberUpToDate[$key] : 0) : 0;
$SommeC += isset($MemberUpToDate[$key]) ? $MemberUpToDate[$key] : 0;
$SommeA += isset($MembersToValidate[$key]) ? $MembersToValidate[$key] : 0;
$SommeB += isset($MembersValidated[$key]) ? $MembersValidated[$key] - (isset($MembersUpToDate[$key]) ? $MembersUpToDate[$key] : 0) : 0;
$SommeC += isset($MembersUpToDate[$key]) ? $MembersUpToDate[$key] : 0;
$SommeD += isset($MembersResiliated[$key]) ? $MembersResiliated[$key] : 0;
$i++;
}
@ -476,9 +476,9 @@ print "</tr>\n";
foreach ($AdherentType as $key => $adhtype) {
print '<tr class="oddeven">';
print '<td>'.$adhtype->getNomUrl(1, dol_size(32)).'</td>';
print '<td class="right">'.(isset($MemberToValidate[$key]) && $MemberToValidate[$key] > 0 ? $MemberToValidate[$key] : '').' '.$staticmember->LibStatut(-1, $adhtype->subscription, 0, 3).'</td>';
print '<td class="right">'.(isset($MembersValidated[$key]) && ($MembersValidated[$key] - (isset($MemberUpToDate[$key]) ? $MemberUpToDate[$key] : 0) > 0) ? $MembersValidated[$key] - (isset($MemberUpToDate[$key]) ? $MemberUpToDate[$key] : 0) : '').' '.$staticmember->LibStatut(1, $adhtype->subscription, 0, 3).'</td>';
print '<td class="right">'.(isset($MemberUpToDate[$key]) && $MemberUpToDate[$key] > 0 ? $MemberUpToDate[$key] : '').' '.$staticmember->LibStatut(1, $adhtype->subscription, $now, 3).'</td>';
print '<td class="right">'.(isset($MembersToValidate[$key]) && $MembersToValidate[$key] > 0 ? $MembersToValidate[$key] : '').' '.$staticmember->LibStatut(-1, $adhtype->subscription, 0, 3).'</td>';
print '<td class="right">'.(isset($MembersValidated[$key]) && ($MembersValidated[$key] - (isset($MembersUpToDate[$key]) ? $MembersUpToDate[$key] : 0) > 0) ? $MembersValidated[$key] - (isset($MembersUpToDate[$key]) ? $MembersUpToDate[$key] : 0) : '').' '.$staticmember->LibStatut(1, $adhtype->subscription, 0, 3).'</td>';
print '<td class="right">'.(isset($MembersUpToDate[$key]) && $MembersUpToDate[$key] > 0 ? $MembersUpToDate[$key] : '').' '.$staticmember->LibStatut(1, $adhtype->subscription, $now, 3).'</td>';
print '<td class="right">'.(isset($MembersResiliated[$key]) && $MembersResiliated[$key] > 0 ? $MembersResiliated[$key] : '').' '.$staticmember->LibStatut(0, $adhtype->subscription, 0, 3).'</td>';
print "</tr>\n";
}

2
htdocs/admin/eventorganization_confbooth_extrafields.php
View File

@ -60,7 +60,7 @@ require DOL_DOCUMENT_ROOT.'/core/actions_extrafields.inc.php';
*/
llxHeader('', $langs->trans("EventOrganizationSetup"), $help_url);
llxHeader('', $langs->trans("EventOrganizationSetup"));
$linkback = '<a href="'.DOL_URL_ROOT.'/admin/modules.php?restore_lastsearch_values=1">'.$langs->trans("BackToModuleList").'</a>';

4
htdocs/admin/index.php
View File

@ -81,7 +81,7 @@ print '<br>';
if (empty($conf->global->MAIN_INFO_SOCIETE_NOM) || empty($conf->global->MAIN_INFO_SOCIETE_COUNTRY)) {
$setupcompanynotcomplete = 1;
}
print img_picto('', 'puce').' '.$langs->trans("SetupDescription3", DOL_URL_ROOT.'/admin/company.php?mainmenu=home'.(empty($setupcompanynotcomplete) ? '' : '&action=edit'), $langs->transnoentities("Setup"), $langs->transnoentities("MenuCompanySetup"));
print img_picto('', 'company', 'class="paddingright"').' '.$langs->trans("SetupDescription3", DOL_URL_ROOT.'/admin/company.php?mainmenu=home'.(empty($setupcompanynotcomplete) ? '' : '&action=edit'), $langs->transnoentities("Setup"), $langs->transnoentities("MenuCompanySetup"));
if (!empty($setupcompanynotcomplete)) {
$langs->load("errors");
$warnpicto = img_warning($langs->trans("WarningMandatorySetupNotComplete"), 'style="padding-right: 6px;"');
@ -92,7 +92,7 @@ print '<br>';
print '<br>';
// Show info setup module
print img_picto('', 'puce').' '.$langs->trans("SetupDescription4", DOL_URL_ROOT.'/admin/modules.php?mainmenu=home', $langs->transnoentities("Setup"), $langs->transnoentities("Modules"));
print img_picto('', 'cog', 'class="paddingright"').' '.$langs->trans("SetupDescription4", DOL_URL_ROOT.'/admin/modules.php?mainmenu=home', $langs->transnoentities("Setup"), $langs->transnoentities("Modules"));
if (count($conf->modules) <= (empty($conf->global->MAIN_MIN_NB_ENABLED_MODULE_FOR_WARNING) ? 1 : $conf->global->MAIN_MIN_NB_ENABLED_MODULE_FOR_WARNING)) { // If only user module enabled
$langs->load("errors");
$warnpicto = img_warning($langs->trans("WarningEnableYourModulesApplications"), 'style="padding-right: 6px;"');

24
htdocs/admin/modules.php
View File

@ -464,7 +464,7 @@ asort($orders);
$nbofactivatedmodules = count($conf->modules);
$moreinfo = $langs->trans("TitleNumberOfActivatedModules");
$moreinfo2 = ($nbofactivatedmodules - 1)." / ".count($modules);
$moreinfo2 = '<b class="largenumber">'.($nbofactivatedmodules - 1).'</b> / <b class="largenumber">'.count($modules).'</b>';
if ($nbofactivatedmodules <= 1) {
$moreinfo2 .= ' '.img_warning($langs->trans("YouMustEnableOneModule"));
}
@ -476,16 +476,16 @@ $deschelp = '';
if ($mode == 'common' || $mode == 'commonkanban') {
$desc = $langs->trans("ModulesDesc", '{picto}');
$desc = str_replace('{picto}', img_picto('', 'switch_off'), $desc);
$deschelp = '<span class="opacitymedium hideonsmartphone">'.$desc."<br><br></span>\n";
$deschelp = '<div class="info hideonsmartphone">'.$desc."<br></div><br>\n";
}
if ($mode == 'marketplace') {
$deschelp = '<span class="opacitymedium hideonsmartphone">'.$langs->trans("ModulesMarketPlaceDesc")."<br><br></span>\n";
//$deschelp = '<div class="info hideonsmartphone">'.$langs->trans("ModulesMarketPlaceDesc")."<br></div><br>\n";
}
if ($mode == 'deploy') {
$deschelp = '<span class="opacitymedium hideonsmartphone">'.$langs->trans("ModulesDeployDesc", $langs->transnoentitiesnoconv("AvailableModules"))."<br><br></span>\n";
$deschelp = '<div class="info hideonsmartphone">'.$langs->trans("ModulesDeployDesc", $langs->transnoentitiesnoconv("AvailableModules"))."<br></div><br>\n";
}
if ($mode == 'develop') {
$deschelp = '<span class="opacitymedium hideonsmartphone">'.$langs->trans("ModulesDevelopDesc")."<br><br></span>\n";
$deschelp = '<div class="info hideonsmartphone">'.$langs->trans("ModulesDevelopDesc")."<br></div><br>\n";
}
$head = modules_prepare_head();
@ -521,11 +521,11 @@ if ($mode == 'common' || $mode == 'commonkanban') {
$moreforfilter .= dolGetButtonTitle($langs->trans('ViewList'), '', 'fa fa-list-alt imgforviewmode', $_SERVER["PHP_SELF"].'?mode=common'.$param, '', 1, array('morecss'=>'reposition'.($mode == 'commonkanban' ? '' : ' btnTitleSelected')));
$moreforfilter .= '</li></ul></div>';
$moreforfilter .= '<div class="floatright center marginrightonly hideonsmartphone" style="padding-top: 3px"><span class="">'.$moreinfo.'</span><br><b class="largenumber">'.$moreinfo2.'</b></div>';
$moreforfilter .= '<div class="floatright center marginrightonly hideonsmartphone" style="padding-top: 3px"><span class="paddingright">'.$moreinfo.'</span> '.$moreinfo2.'</div>';
$moreforfilter .= '<div class="colorbacktimesheet float valignmiddle">';
$moreforfilter .= '<div class="divsearchfield paddingtop">';
$moreforfilter .= img_picto($langs->trans("Filter"), 'filter', 'class="paddingright opacitymedium"').'<input type="text" id="search_keyword" name="search_keyword" class="maxwidth125" value="'.dol_escape_htmltag($search_keyword).'" placeholder="'.dol_escape_htmltag($langs->trans('Keyword')).'">';
$moreforfilter .= img_picto($langs->trans("Filter"), 'filter', 'class="paddingright opacityhigh"').'<input type="text" id="search_keyword" name="search_keyword" class="maxwidth125" value="'.dol_escape_htmltag($search_keyword).'" placeholder="'.dol_escape_htmltag($langs->trans('Keyword')).'">';
$moreforfilter .= '</div>';
$moreforfilter .= '<div class="divsearchfield paddingtop">';
$moreforfilter .= $form->selectarray('search_nature', $arrayofnatures, dol_escape_htmltag($search_nature), $langs->trans('Origin'), 0, 0, '', 0, 0, 0, '', 'maxwidth200', 1);
@ -745,7 +745,7 @@ if ($mode == 'common' || $mode == 'commonkanban') {
}
} else {
if (!empty($objMod->warnings_unactivation[$mysoc->country_code]) && method_exists($objMod, 'alreadyUsed') && $objMod->alreadyUsed()) {
$codeenabledisable .= '<a class="reposition valignmiddle" href="'.$_SERVER["PHP_SELF"].'?id='.$objMod->numero.'&amp;token='.newToken().'&amp;module_position='.$module_position.'&amp;action=reset_confirm&amp;confirm_message_code='.$objMod->warnings_unactivation[$mysoc->country_code].'&amp;value='.$modName.'&amp;mode='.$mode.$param.'">';
$codeenabledisable .= '<a class="reposition valignmiddle" href="'.$_SERVER["PHP_SELF"].'?id='.$objMod->numero.'&amp;token='.newToken().'&amp;module_position='.$module_position.'&amp;action=reset_confirm&amp;confirm_message_code='.urlencode($objMod->warnings_unactivation[$mysoc->country_code]).'&amp;value='.$modName.'&amp;mode='.$mode.$param.'">';
$codeenabledisable .= img_picto($langs->trans("Activated"), 'switch_on');
$codeenabledisable .= '</a>';
} else {
@ -762,13 +762,13 @@ if ($mode == 'common' || $mode == 'commonkanban') {
$backtourlparam .= ($backtourlparam ? '&' : '?').'search_keyword='.$search_keyword; // No urlencode here, done later
}
if ($search_nature > -1) {
$backtourlparam .= ($backtourlparam ? '&' : '?').'search_nature='.$search_nature;
$backtourlparam .= ($backtourlparam ? '&' : '?').'search_nature='.$search_nature; // No urlencode here, done later
}
if ($search_version > -1) {
$backtourlparam .= ($backtourlparam ? '&' : '?').'search_version='.$search_version;
$backtourlparam .= ($backtourlparam ? '&' : '?').'search_version='.$search_version; // No urlencode here, done later
}
if ($search_status > -1) {
$backtourlparam .= ($backtourlparam ? '&' : '?').'search_status='.$search_status;
$backtourlparam .= ($backtourlparam ? '&' : '?').'search_status='.$search_status; // No urlencode here, done later
}
$backtourl = $_SERVER["PHP_SELF"].$backtourlparam;
@ -955,7 +955,7 @@ if ($mode == 'marketplace') {
print '<tr class="oddeven">'."\n";
$url = 'https://www.dolistore.com';
print '<td class="hideonsmartphone"><a href="'.$url.'" target="_blank" rel="external"><img border="0" class="imgautosize imgmaxwidth180" src="'.DOL_URL_ROOT.'/theme/dolistore_logo.png"></a></td>';
print '<td>'.$langs->trans("DoliStoreDesc").'</td>';
print '<td><span class="opacitymedium">'.$langs->trans("DoliStoreDesc").'</span></td>';
print '<td><a href="'.$url.'" target="_blank" rel="external">'.$url.'</a></td>';
print '</tr>';

2
htdocs/asset/class/asset.class.php
View File

@ -414,7 +414,7 @@ class Asset extends CommonObject
$sql = 'SELECT rowid, date_creation as datec, tms as datem,';
$sql .= ' fk_user_creat, fk_user_modif';
$sql .= ' FROM '.MAIN_DB_PREFIX.$this->table_element.' as t';
$sql .= ' WHERE t.rowid = '.$id;
$sql .= ' WHERE t.rowid = '.((int) $id);
$result = $this->db->query($sql);
if ($result) {
if ($this->db->num_rows($result)) {

2
htdocs/asset/class/asset_type.class.php
View File

@ -397,7 +397,7 @@ class AssetType extends CommonObject
$result = '';
$label = $langs->trans("ShowTypeCard", $this->label);
$linkstart = '<a href="'.DOL_URL_ROOT.'/asset/type.php?rowid='.$this->id.'" title="'.dol_escape_htmltag($label, 1).'" class="classfortooltip">';
$linkstart = '<a href="'.DOL_URL_ROOT.'/asset/type.php?rowid='.((int) $this->id).'" title="'.dol_escape_htmltag($label, 1).'" class="classfortooltip">';
$linkend = '</a>';
$result .= $linkstart;

4
htdocs/blockedlog/class/authority.class.php
View File

@ -161,7 +161,7 @@ class BlockedLogAuthority
$sql .= " FROM ".MAIN_DB_PREFIX."blockedlog_authority as b";
if ($id) {
$sql .= " WHERE b.rowid = ".$id;
$sql .= " WHERE b.rowid = ".((int) $id);
} elseif ($signature) {
$sql .= " WHERE b.signature = '".$this->db->escape($signature)."'";
}
@ -259,7 +259,7 @@ class BlockedLogAuthority
$sql = "UPDATE ".MAIN_DB_PREFIX."blockedlog_authority SET ";
$sql .= " blockchain='".$this->db->escape($this->blockchain)."'";
$sql .= " WHERE rowid=".$this->id;
$sql .= " WHERE rowid=".((int) $this->id);
$res = $this->db->query($sql);
if ($res) {

2
htdocs/blockedlog/class/blockedlog.class.php
View File

@ -796,7 +796,7 @@ class BlockedLog
public function setCertified()
{
$res = $this->db->query("UPDATE ".MAIN_DB_PREFIX."blockedlog SET certified=1 WHERE rowid=".$this->id);
$res = $this->db->query("UPDATE ".MAIN_DB_PREFIX."blockedlog SET certified=1 WHERE rowid=".((int) $this->id));
if ($res === false) {
return false;
}

4
htdocs/bom/class/bom.class.php
View File

@ -892,7 +892,7 @@ class BOM extends CommonObject
$sql = 'SELECT rowid, date_creation as datec, tms as datem,';
$sql .= ' fk_user_creat, fk_user_modif';
$sql .= ' FROM '.MAIN_DB_PREFIX.$this->table_element.' as t';
$sql .= ' WHERE t.rowid = '.$id;
$sql .= ' WHERE t.rowid = '.((int) $id);
$result = $this->db->query($sql);
if ($result) {
if ($this->db->num_rows($result)) {
@ -1469,7 +1469,7 @@ class BOMLine extends CommonObjectLine
$sql = 'SELECT rowid, date_creation as datec, tms as datem,';
$sql .= ' fk_user_creat, fk_user_modif';
$sql .= ' FROM '.MAIN_DB_PREFIX.$this->table_element.' as t';
$sql .= ' WHERE t.rowid = '.$id;
$sql .= ' WHERE t.rowid = '.((int) $id);
$result = $this->db->query($sql);
if ($result) {
if ($this->db->num_rows($result)) {

10
htdocs/bom/lib/bom.lib.php
View File

@ -1,6 +1,6 @@
<?php
/* Copyright (C) 2019 Maxime Kohlhaas <maxime@atm-consulting.fr>
* Copyright (C) 2019 Frédéric France <frederic.france@netlogic.fr>
* Copyright (C) 2019-2021 Frédéric France <frederic.france@netlogic.fr>
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -41,17 +41,11 @@ function bomAdminPrepareHead()
$head[$h][2] = 'settings';
$h++;
$head[$h][0] = dol_buildpath("/admin/bom_extrafields.php", 1);
$head[$h][0] = DOL_URL_ROOT."/admin/bom_extrafields.php";
$head[$h][1] = $langs->trans("ExtraFields");
$head[$h][2] = 'bom_extrafields';
$h++;
/*$head[$h][0] = DOL_URL_ROOT."/bom/admin/about.php";
$head[$h][1] = $langs->trans("About");
$head[$h][2] = 'about';
$h++;
*/
// Show more tabs from modules
// Entries must be declared in modules descriptor with line
//$this->tabs = array(

4
htdocs/bookmarks/class/bookmark.class.php
View File

@ -117,7 +117,7 @@ class Bookmark extends CommonObject
$sql = "SELECT rowid, fk_user, dateb as datec, url, target,";
$sql .= " title, position, favicon";
$sql .= " FROM ".MAIN_DB_PREFIX."bookmark";
$sql .= " WHERE rowid = ".$id;
$sql .= " WHERE rowid = ".((int) $id);
$sql .= " AND entity = ".$conf->entity;
dol_syslog("Bookmark::fetch", LOG_DEBUG);
@ -239,7 +239,7 @@ class Bookmark extends CommonObject
public function remove($id)
{
$sql = "DELETE FROM ".MAIN_DB_PREFIX."bookmark";
$sql .= " WHERE rowid = ".$id;
$sql .= " WHERE rowid = ".((int) $id);
dol_syslog("Bookmark::remove", LOG_DEBUG);
$resql = $this->db->query($sql);

4
htdocs/categories/class/categorie.class.php
View File

@ -323,8 +323,8 @@ class Categorie extends CommonObject
$sql = "SELECT rowid, fk_parent, entity, label, description, color, fk_soc, visible, type, ref_ext";
$sql .= ", date_creation, tms, fk_user_creat, fk_user_modif";
$sql .= " FROM ".MAIN_DB_PREFIX."categorie";
if ($id > 0) {
$sql .= " WHERE rowid = ".$id;
if ($id) {
$sql .= " WHERE rowid = ".((int) $id);
} elseif (!empty($ref_ext)) {
$sql .= " WHERE ref_ext LIKE '".$this->db->escape($ref_ext)."'";
} else {

5
htdocs/categories/index.php
View File

@ -5,6 +5,7 @@
* Copyright (C) 2007 Patrick Raguin <patrick.raguin@gmail.com>
* Copyright (C) 2005-2012 Regis Houssin <regis.houssin@inodbox.com>
* Copyright (C) 2015 Raphaël Doursenaud <rdoursenaud@gpcsolutions.fr>
* Copyright (C) 2021 Frédéric France <frederic.france@netlogic.fr>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -151,7 +152,7 @@ $cate_arbo = $categstatic->get_full_arbo($typetext);
$fulltree = $cate_arbo;
// Load possible missing includes
if ($conf->global->CATEGORY_SHOW_COUNTS) {
if (!empty($conf->global->CATEGORY_SHOW_COUNTS)) {
if ($type == Categorie::TYPE_MEMBER) {
require_once DOL_DOCUMENT_ROOT.'/adherents/class/adherent.class.php';
}
@ -177,7 +178,7 @@ foreach ($fulltree as $key => $val) {
$desc = dol_htmlcleanlastbr($val['description']);
$counter = '';
if ($conf->global->CATEGORY_SHOW_COUNTS) {
if (!empty($conf->global->CATEGORY_SHOW_COUNTS)) {
// we need only a count of the elements, so it is enough to consume only the id's from the database
$elements = $type == Categorie::TYPE_ACCOUNT
? $categstatic->getObjectsInCateg("account", 1) // Categorie::TYPE_ACCOUNT is "bank_account" instead of "account"

6
htdocs/categories/info.php
View File

@ -71,11 +71,11 @@ $title = Categorie::$MAP_TYPE_TITLE_AREA[$type];
$head = categories_prepare_head($object, $type);
print dol_get_fiche_head($head, 'info', $langs->trans($title), -1, 'category');
$backtolist = (GETPOST('backtolist') ? GETPOST('backtolist') : DOL_URL_ROOT.'/categories/index.php?leftmenu=cat&type='.$type);
$linkback = '<a href="'.$backtolist.'">'.$langs->trans("BackToList").'</a>';
$backtolist = (GETPOST('backtolist') ? GETPOST('backtolist') : DOL_URL_ROOT.'/categories/index.php?leftmenu=cat&type='.urlencode($type));
$linkback = '<a href="'.dol_sanitizeUrl($backtolist).'">'.$langs->trans("BackToList").'</a>';
$object->next_prev_filter = ' type = '.$object->type;
$object->ref = $object->label;
$morehtmlref = '<br><div class="refidno"><a href="'.DOL_URL_ROOT.'/categories/index.php?leftmenu=cat&type='.$type.'">'.$langs->trans("Root").'</a> >> ';
$morehtmlref = '<br><div class="refidno"><a href="'.DOL_URL_ROOT.'/categories/index.php?leftmenu=cat&type='.urlencode($type).'">'.$langs->trans("Root").'</a> >> ';
$ways = $object->print_all_ways(" &gt;&gt; ", '', 1);
foreach ($ways as $way) {
$morehtmlref .= $way."<br>\n";

3
htdocs/categories/photos.php
View File

@ -108,7 +108,8 @@ if ($object->id) {
$head = categories_prepare_head($object, $type);
print dol_get_fiche_head($head, 'photos', $langs->trans($title), -1, 'category');
$linkback = '<a href="'.DOL_URL_ROOT.'/categories/index.php?leftmenu=cat&type='.$type.'">'.$langs->trans("BackToList").'</a>';
$backtolist = (GETPOST('backtolist') ? GETPOST('backtolist') : DOL_URL_ROOT.'/categories/index.php?leftmenu=cat&type='.urlencode($type));
$linkback = '<a href="'.dol_sanitizeUrl($backtolist).'">'.$langs->trans("BackToList").'</a>';
$object->next_prev_filter = ' type = '.$object->type;
$object->ref = $object->label;
$morehtmlref = '<br><div class="refidno"><a href="'.DOL_URL_ROOT.'/categories/index.php?leftmenu=cat&type='.$type.'">'.$langs->trans("Root").'</a> >> ';

3
htdocs/categories/traduction.php
View File

@ -184,7 +184,8 @@ if (!empty($object->multilangs)) {
print dol_get_fiche_head($head, 'translation', $langs->trans($title), -1, 'category');
$linkback = '<a href="'.DOL_URL_ROOT.'/categories/index.php?leftmenu=cat&type='.$type.'">'.$langs->trans("BackToList").'</a>';
$backtolist = (GETPOST('backtolist') ? GETPOST('backtolist') : DOL_URL_ROOT.'/categories/index.php?leftmenu=cat&type='.urlencode($type));
$linkback = '<a href="'.dol_sanitizeUrl($backtolist).'">'.$langs->trans("BackToList").'</a>';
$object->next_prev_filter = ' type = '.$object->type;
$object->ref = $object->label;
$morehtmlref = '<br><div class="refidno"><a href="'.DOL_URL_ROOT.'/categories/index.php?leftmenu=cat&type='.$type.'">'.$langs->trans("Root").'</a> >> ';

8
htdocs/categories/viewcat.php
View File

@ -215,18 +215,18 @@ $title = Categorie::$MAP_TYPE_TITLE_AREA[$type];
$head = categories_prepare_head($object, $type);
print dol_get_fiche_head($head, 'card', $langs->trans($title), -1, 'category');
$backtolist = (GETPOST('backtolist') ? GETPOST('backtolist') : DOL_URL_ROOT.'/categories/index.php?leftmenu=cat&type='.$type);
$linkback = '<a href="'.$backtolist.'">'.$langs->trans("BackToList").'</a>';
$backtolist = (GETPOST('backtolist') ? GETPOST('backtolist') : DOL_URL_ROOT.'/categories/index.php?leftmenu=cat&type='.urlencode($type));
$linkback = '<a href="'.dol_sanitizeUrl($backtolist).'">'.$langs->trans("BackToList").'</a>';
$object->next_prev_filter = ' type = '.$object->type;
$object->ref = $object->label;
$morehtmlref = '<br><div class="refidno"><a href="'.DOL_URL_ROOT.'/categories/index.php?leftmenu=cat&type='.$type.'">'.$langs->trans("Root").'</a> >> ';
$morehtmlref = '<br><div class="refidno"><a href="'.DOL_URL_ROOT.'/categories/index.php?leftmenu=cat&type='.urlencode($type).'">'.$langs->trans("Root").'</a> >> ';
$ways = $object->print_all_ways(" &gt;&gt; ", '', 1);
foreach ($ways as $way) {
$morehtmlref .= $way."<br>\n";
}
$morehtmlref .= '</div>';
dol_banner_tab($object, 'label', $linkback, ($user->socid ? 0 : 1), 'label', 'label', $morehtmlref, '&type='.$type, 0, '', '', 1);
dol_banner_tab($object, 'label', $linkback, ($user->socid ? 0 : 1), 'label', 'label', $morehtmlref, '&type='.urlencode($type), 0, '', '', 1);
/*

18
htdocs/comm/action/index.php
View File

@ -7,7 +7,7 @@
* Copyright (C) 2014 Cedric GROSS <c.gross@kreiz-it.fr>
* Copyright (C) 2015 Marcos García <marcosgdf@gmail.com>
* Copyright (C) 2017 Open-DSI <support@open-dsi.fr>
* Copyright (C) 2018 Frédéric France <frederic.france@netlogic.fr>
* Copyright (C) 2018-2021 Frédéric France <frederic.france@netlogic.fr>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -258,7 +258,13 @@ if (empty($conf->global->AGENDA_DISABLE_EXT)) {
$buggedfile = 'AGENDA_EXT_BUGGEDFILE'.$i;
if (!empty($conf->global->$source) && !empty($conf->global->$name)) {
// Note: $conf->global->buggedfile can be empty or 'uselocalandtznodaylight' or 'uselocalandtzdaylight'
$listofextcals[] = array('src'=>$conf->global->$source, 'name'=>$conf->global->$name, 'offsettz'=>$conf->global->$offsettz, 'color'=>$conf->global->$color, 'buggedfile'=>(isset($conf->global->buggedfile) ? $conf->global->buggedfile : 0));
$listofextcals[] = array(
'src'=>$conf->global->$source,
'name'=>$conf->global->$name,
'offsettz' => (!empty($conf->global->$offsettz) ? $conf->global->$offsettz : 0),
'color'=>$conf->global->$color,
'buggedfile'=>(isset($conf->global->buggedfile) ? $conf->global->buggedfile : 0)
);
}
}
}
@ -275,7 +281,13 @@ if (empty($user->conf->AGENDA_DISABLE_EXT)) {
$buggedfile = 'AGENDA_EXT_BUGGEDFILE_'.$user->id.'_'.$i;
if (!empty($user->conf->$source) && !empty($user->conf->$name)) {
// Note: $conf->global->buggedfile can be empty or 'uselocalandtznodaylight' or 'uselocalandtzdaylight'
$listofextcals[] = array('src'=>$user->conf->$source, 'name'=>$user->conf->$name, 'offsettz'=>$user->conf->$offsettz, 'color'=>$user->conf->$color, 'buggedfile'=>(isset($user->conf->buggedfile) ? $user->conf->buggedfile : 0));
$listofextcals[] = array(
'src'=>$user->conf->$source,
'name'=>$user->conf->$name,
'offsettz' => (!empty($user->conf->$offsettz) ? $user->conf->$offsettz : 0),
'color'=>$user->conf->$color,
'buggedfile'=>(isset($user->conf->buggedfile) ? $user->conf->buggedfile : 0)
);
}
}
}

1
htdocs/comm/action/rapport/index.php
View File

@ -38,6 +38,7 @@ $action = GETPOST('action', 'aZ09');
$month = GETPOST('month', 'int');
$year = GETPOST('year', 'int');
$optioncss = GETPOST('optioncss', 'alpha');
$limit = GETPOST('limit', 'int') ?GETPOST('limit', 'int') : $conf->liste_limit;
$sortfield = GETPOST("sortfield", 'alpha');
$sortorder = GETPOST("sortorder", 'alpha');

6
htdocs/comm/mailing/class/advtargetemailing.class.php
View File

@ -228,7 +228,7 @@ class AdvanceTargetingMailing extends CommonObject
$sql .= " t.tms";
$sql .= " FROM ".MAIN_DB_PREFIX."advtargetemailing as t";
$sql .= " WHERE t.rowid = ".$id;
$sql .= " WHERE t.rowid = ".((int) $id);
dol_syslog(get_class($this)."::fetch sql=".$sql, LOG_DEBUG);
$resql = $this->db->query($sql);
@ -419,7 +419,7 @@ class AdvanceTargetingMailing extends CommonObject
$sql .= " filtervalue=".(isset($this->filtervalue) ? "'".$this->db->escape($this->filtervalue)."'" : "null").",";
$sql .= " fk_user_mod=".$user->id;
$sql .= " WHERE rowid=".$this->id;
$sql .= " WHERE rowid=".((int) $this->id);
$this->db->begin();
dol_syslog(get_class($this)."::update sql=".$sql, LOG_DEBUG);
@ -459,7 +459,7 @@ class AdvanceTargetingMailing extends CommonObject
if (!$error) {
$sql = "DELETE FROM ".MAIN_DB_PREFIX."advtargetemailing";
$sql .= " WHERE rowid=".$this->id;
$sql .= " WHERE rowid=".((int) $this->id);
dol_syslog(get_class($this)."::delete sql=".$sql);
$resql = $this->db->query($sql);

6
htdocs/comm/propal/class/propal.class.php
View File

@ -1644,7 +1644,7 @@ class Propal extends CommonObject
$sql .= " note_public=".(isset($this->note_public) ? "'".$this->db->escape($this->note_public)."'" : "null").",";
$sql .= " model_pdf=".(isset($this->model_pdf) ? "'".$this->db->escape($this->model_pdf)."'" : "null").",";
$sql .= " import_key=".(isset($this->import_key) ? "'".$this->db->escape($this->import_key)."'" : "null")."";
$sql .= " WHERE rowid=".$this->id;
$sql .= " WHERE rowid=".((int) $this->id);
$this->db->begin();
@ -2996,7 +2996,7 @@ class Propal extends CommonObject
$sql = 'UPDATE '.MAIN_DB_PREFIX.'propal';
$sql .= ' SET fk_availability = '.$availability_id;
$sql .= ' WHERE rowid='.$this->id;
$sql .= ' WHERE rowid='.((int) $this->id);
dol_syslog(__METHOD__.' availability('.$availability_id.')', LOG_DEBUG);
$resql = $this->db->query($sql);
@ -3060,7 +3060,7 @@ class Propal extends CommonObject
$sql = 'UPDATE '.MAIN_DB_PREFIX.'propal';
$sql .= ' SET fk_input_reason = '.$demand_reason_id;
$sql .= ' WHERE rowid='.$this->id;
$sql .= ' WHERE rowid='.((int) $this->id);
dol_syslog(__METHOD__.' demand_reason('.$demand_reason_id.')', LOG_DEBUG);
$resql = $this->db->query($sql);

10
htdocs/commande/class/commande.class.php
View File

@ -1060,7 +1060,7 @@ class Commande extends CommonOrder
$initialref = $this->ref;
}
$sql = 'UPDATE '.MAIN_DB_PREFIX."commande SET ref='".$this->db->escape($initialref)."' WHERE rowid=".$this->id;
$sql = 'UPDATE '.MAIN_DB_PREFIX."commande SET ref='".$this->db->escape($initialref)."' WHERE rowid=".((int) $this->id);
if ($this->db->query($sql)) {
$this->ref = $initialref;
@ -2741,7 +2741,7 @@ class Commande extends CommonOrder
$sql = 'UPDATE '.MAIN_DB_PREFIX.'commande';
$sql .= ' SET fk_availability = '.$availability_id;
$sql .= ' WHERE rowid='.$this->id;
$sql .= ' WHERE rowid='.((int) $this->id);
dol_syslog(__METHOD__, LOG_DEBUG);
$resql = $this->db->query($sql);
@ -2805,7 +2805,7 @@ class Commande extends CommonOrder
$sql = 'UPDATE '.MAIN_DB_PREFIX.'commande';
$sql .= ' SET fk_input_reason = '.$demand_reason_id;
$sql .= ' WHERE rowid='.$this->id;
$sql .= ' WHERE rowid='.((int) $this->id);
dol_syslog(__METHOD__, LOG_DEBUG);
$resql = $this->db->query($sql);
@ -3310,7 +3310,7 @@ class Commande extends CommonOrder
$sql .= " model_pdf=".(isset($this->model_pdf) ? "'".$this->db->escape($this->model_pdf)."'" : "null").",";
$sql .= " import_key=".(isset($this->import_key) ? "'".$this->db->escape($this->import_key)."'" : "null")."";
$sql .= " WHERE rowid=".$this->id;
$sql .= " WHERE rowid=".((int) $this->id);
$this->db->begin();
@ -3763,7 +3763,7 @@ class Commande extends CommonOrder
$sql .= ' date_cloture as datecloture,';
$sql .= ' fk_user_author, fk_user_valid, fk_user_cloture';
$sql .= ' FROM '.MAIN_DB_PREFIX.'commande as c';
$sql .= ' WHERE c.rowid = '.$id;
$sql .= ' WHERE c.rowid = '.((int) $id);
$result = $this->db->query($sql);
if ($result) {
if ($this->db->num_rows($result)) {

2
htdocs/compta/accounting-files.php
View File

@ -694,7 +694,7 @@ if (!empty($date_start) && !empty($date_stop)) {
} elseif ($data['item'] == 'SalaryPayment') {
$salary_payment->id = $data['id'];
$salary_payment->ref = $data['ref'];
print $salary_payment->getNomUrl(1, '', 0, '', 0);
print $salary_payment->getNomUrl(1);
} elseif ($data['item'] == 'Donation') {
$don->id = $data['id'];
$don->ref = $data['ref'];

4
htdocs/compta/bank/class/account.class.php
View File

@ -2271,7 +2271,7 @@ class AccountLine extends CommonObject
$sql = 'SELECT b.rowid, b.datec, b.tms as datem,';
$sql .= ' b.fk_user_author, b.fk_user_rappro';
$sql .= ' FROM '.MAIN_DB_PREFIX.'bank as b';
$sql .= ' WHERE b.rowid = '.$id;
$sql .= ' WHERE b.rowid = '.((int) $id);
$result = $this->db->query($sql);
if ($result) {
@ -2319,7 +2319,7 @@ class AccountLine extends CommonObject
$label = img_picto('', $this->picto).' <u>'.$langs->trans("Transaction").'</u>:<br>';
$label .= '<b>'.$langs->trans("Ref").':</b> '.$this->ref;
$linkstart = '<a href="'.DOL_URL_ROOT.'/compta/bank/line.php?rowid='.$this->id.'&save_lastsearch_values=1" title="'.dol_escape_htmltag($label, 1).'" class="classfortooltip">';
$linkstart = '<a href="'.DOL_URL_ROOT.'/compta/bank/line.php?rowid='.((int) $this->id).'&save_lastsearch_values=1" title="'.dol_escape_htmltag($label, 1).'" class="classfortooltip">';
$linkend = '</a>';
$result .= $linkstart;

6
htdocs/compta/bank/class/bankcateg.class.php
View File

@ -126,7 +126,7 @@ class BankCateg // extends CommonObject
$sql .= " t.rowid,";
$sql .= " t.label";
$sql .= " FROM ".MAIN_DB_PREFIX."bank_categ as t";
$sql .= " WHERE t.rowid = ".$id;
$sql .= " WHERE t.rowid = ".((int) $id);
$sql .= " AND t.entity = ".$conf->entity;
dol_syslog(get_class($this)."::fetch", LOG_DEBUG);
@ -170,7 +170,7 @@ class BankCateg // extends CommonObject
// Update request
$sql = "UPDATE ".MAIN_DB_PREFIX."bank_categ SET";
$sql .= " label=".(isset($this->label) ? "'".$this->db->escape($this->label)."'" : "null")."";
$sql .= " WHERE rowid=".$this->id;
$sql .= " WHERE rowid=".((int) $this->id);
$sql .= " AND entity = ".$conf->entity;
$this->db->begin();
@ -237,7 +237,7 @@ class BankCateg // extends CommonObject
// Delete bank categ
if (!$error) {
$sql = "DELETE FROM ".MAIN_DB_PREFIX."bank_categ";
$sql .= " WHERE rowid=".$this->id;
$sql .= " WHERE rowid=".((int) $this->id);
$resql = $this->db->query($sql);
if (!$resql) {

8
htdocs/compta/bank/class/paymentvarious.class.php
View File

@ -214,7 +214,7 @@ class PaymentVarious extends CommonObject
$sql .= " fk_bank=".($this->fk_bank > 0 ? $this->fk_bank : "null").",";
$sql .= " fk_user_author=".(int) $this->fk_user_author.",";
$sql .= " fk_user_modif=".(int) $this->fk_user_modif;
$sql .= " WHERE rowid=".$this->id;
$sql .= " WHERE rowid=".((int) $this->id);
dol_syslog(get_class($this)."::update", LOG_DEBUG);
$resql = $this->db->query($sql);
@ -274,7 +274,7 @@ class PaymentVarious extends CommonObject
$sql .= " b.rappro";
$sql .= " FROM ".MAIN_DB_PREFIX."payment_various as v";
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."bank as b ON v.fk_bank = b.rowid";
$sql .= " WHERE v.rowid = ".$id;
$sql .= " WHERE v.rowid = ".((int) $id);
dol_syslog(get_class($this)."::fetch", LOG_DEBUG);
$resql = $this->db->query($sql);
@ -334,7 +334,7 @@ class PaymentVarious extends CommonObject
$sql = "DELETE FROM ".MAIN_DB_PREFIX."payment_various";
$sql .= " WHERE rowid=".$this->id;
$sql .= " WHERE rowid=".((int) $this->id);
dol_syslog(get_class($this)."::delete", LOG_DEBUG);
$resql = $this->db->query($sql);
@ -742,7 +742,7 @@ class PaymentVarious extends CommonObject
{
$sql = 'SELECT v.rowid, v.datec, v.fk_user_author';
$sql .= ' FROM '.MAIN_DB_PREFIX.'payment_various as v';
$sql .= ' WHERE v.rowid = '.$id;
$sql .= ' WHERE v.rowid = '.((int) $id);
dol_syslog(get_class($this).'::info', LOG_DEBUG);
$result = $this->db->query($sql);

2
htdocs/compta/cashcontrol/class/cashcontrol.class.php
View File

@ -244,7 +244,7 @@ class CashControl extends CommonObject
$sql .= " SET status = ".self::STATUS_VALIDATED.",";
$sql .= " date_valid='".$this->db->idate($now)."',";
$sql .= " fk_user_valid = ".$user->id;
$sql .= " WHERE rowid=".$this->id;
$sql .= " WHERE rowid=".((int) $this->id);
$this->db->begin();

6
htdocs/compta/deplacement/class/deplacement.class.php
View File

@ -278,7 +278,7 @@ class Deplacement extends CommonObject
if ($ref) {
$sql .= " AND ref ='".$this->db->escape($ref)."'";
} else {
$sql .= " AND rowid = ".$id;
$sql .= " AND rowid = ".((int) $id);
}
dol_syslog(get_class($this)."::fetch", LOG_DEBUG);
@ -317,7 +317,7 @@ class Deplacement extends CommonObject
{
$this->db->begin();
$sql = "DELETE FROM ".MAIN_DB_PREFIX."deplacement WHERE rowid = ".$id;
$sql = "DELETE FROM ".MAIN_DB_PREFIX."deplacement WHERE rowid = ".((int) $id);
dol_syslog(get_class($this)."::delete", LOG_DEBUG);
$result = $this->db->query($sql);
@ -471,7 +471,7 @@ class Deplacement extends CommonObject
$sql = 'SELECT c.rowid, c.datec, c.fk_user_author, c.fk_user_modif,';
$sql .= ' c.tms';
$sql .= ' FROM '.MAIN_DB_PREFIX.'deplacement as c';
$sql .= ' WHERE c.rowid = '.$id;
$sql .= ' WHERE c.rowid = '.((int) $id);
dol_syslog(get_class($this).'::info', LOG_DEBUG);
$result = $this->db->query($sql);

2
htdocs/compta/facture/class/facture-rec.class.php
View File

@ -1967,7 +1967,7 @@ class FactureLigneRec extends CommonInvoiceLine
}
if (!$error) {
$sql = 'DELETE FROM '.MAIN_DB_PREFIX.$this->table_element.' WHERE rowid='.$this->id;
$sql = 'DELETE FROM '.MAIN_DB_PREFIX.$this->table_element.' WHERE rowid='.((int) $this->id);
$res = $this->db->query($sql);
if ($res === false) {

14
htdocs/compta/facture/class/facture.class.php
View File

@ -694,7 +694,7 @@ class Facture extends CommonInvoice
// Update ref with new one
$this->ref = '(PROV'.$this->id.')';
$sql = 'UPDATE '.MAIN_DB_PREFIX."facture SET ref='".$this->db->escape($this->ref)."' WHERE rowid=".$this->id;
$sql = 'UPDATE '.MAIN_DB_PREFIX."facture SET ref='".$this->db->escape($this->ref)."' WHERE rowid=".((int) $this->id);
$resql = $this->db->query($sql);
if (!$resql) {
@ -1978,7 +1978,7 @@ class Facture extends CommonInvoice
$sql .= " retained_warranty=".(empty($this->retained_warranty) ? "0" : $this->db->escape($this->retained_warranty)).",";
$sql .= " retained_warranty_date_limit=".(strval($this->retained_warranty_date_limit) != '' ? "'".$this->db->idate($this->retained_warranty_date_limit)."'" : 'null').",";
$sql .= " retained_warranty_fk_cond_reglement=".(isset($this->retained_warranty_fk_cond_reglement) ?intval($this->retained_warranty_fk_cond_reglement) : "null");
$sql .= " WHERE rowid=".$this->id;
$sql .= " WHERE rowid=".((int) $this->id);
$this->db->begin();
@ -2375,7 +2375,7 @@ class Facture extends CommonInvoice
$now = dol_now();
dol_syslog(get_class($this)."::set_paid rowid=".$this->id, LOG_DEBUG);
dol_syslog(get_class($this)."::set_paid rowid=".((int) $this->id), LOG_DEBUG);
$sql = 'UPDATE '.MAIN_DB_PREFIX.'facture SET';
$sql .= ' fk_statut='.self::STATUS_CLOSED;
@ -2513,7 +2513,7 @@ class Facture extends CommonInvoice
*/
public function setCanceled($user, $close_code = '', $close_note = '')
{
dol_syslog(get_class($this)."::setCanceled rowid=".$this->id, LOG_DEBUG);
dol_syslog(get_class($this)."::setCanceled rowid=".((int) $this->id), LOG_DEBUG);
$this->db->begin();
@ -3955,7 +3955,7 @@ class Facture extends CommonInvoice
$sql .= ' date_closing as dateclosing,';
$sql .= ' fk_user_author, fk_user_valid, fk_user_closing';
$sql .= ' FROM '.MAIN_DB_PREFIX.'facture as c';
$sql .= ' WHERE c.rowid = '.$id;
$sql .= ' WHERE c.rowid = '.((int) $id);
$result = $this->db->query($sql);
if ($result) {
@ -4825,7 +4825,7 @@ class Facture extends CommonInvoice
$fieldname = 'retained_warranty';
$sql = 'UPDATE '.MAIN_DB_PREFIX.$this->table_element;
$sql .= ' SET '.$fieldname.' = '.floatval($value);
$sql .= ' WHERE rowid='.$this->id;
$sql .= ' WHERE rowid='.((int) $this->id);
if ($this->db->query($sql)) {
$this->retained_warranty = floatval($value);
@ -4862,7 +4862,7 @@ class Facture extends CommonInvoice
$fieldname = 'retained_warranty_date_limit';
$sql = 'UPDATE '.MAIN_DB_PREFIX.$this->table_element;
$sql .= ' SET '.$fieldname.' = '.(strval($timestamp) != '' ? '\''.$this->db->idate($timestamp).'\'' : 'null');
$sql .= ' WHERE rowid='.$this->id;
$sql .= ' WHERE rowid='.((int) $this->id);
if ($this->db->query($sql)) {
$this->retained_warranty_date_limit = $timestamp;

2
htdocs/compta/facture/class/paymentterm.class.php
View File

@ -192,7 +192,7 @@ class PaymentTerm // extends CommonObject
$sql .= " FROM ".MAIN_DB_PREFIX."c_payment_term as t";
$sql .= " WHERE t.rowid = ".$id;
$sql .= " WHERE t.rowid = ".((int) $id);
dol_syslog(get_class($this)."::fetch", LOG_DEBUG);
$resql = $this->db->query($sql);

3
htdocs/compta/index.php
View File

@ -9,6 +9,7 @@
* Copyright (C) 2019 Nicolas ZABOURI <info@inovea-conseil.com>
* Copyright (C) 2020 Tobias Sekan <tobias.sekan@startmail.com>
* Copyright (C) 2020 Josep Lluís Amador <joseplluis@lliuretic.cat>
* Copyright (C) 2021 Frédéric France <frederic.france@netlogic.fr>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -997,6 +998,7 @@ if (!empty($conf->facture->enabled) && $user->rights->facture->lire) {
$sql .= ", s.nom as name";
$sql .= ", s.rowid as socid, s.email";
$sql .= ", s.code_client, s.code_compta";
$sql .= ", s.code_fournisseur, s.code_compta_fournisseur";
$sql .= ", cc.rowid as country_id, cc.code as country_code";
$sql .= ", sum(pf.amount) as am";
$sql .= " FROM ".MAIN_DB_PREFIX."societe as s LEFT JOIN ".MAIN_DB_PREFIX."c_country as cc ON cc.rowid = s.fk_pays,".MAIN_DB_PREFIX."facture as f";
@ -1019,6 +1021,7 @@ if (!empty($conf->facture->enabled) && $user->rights->facture->lire) {
$sql .= " GROUP BY f.rowid, f.ref, f.fk_statut, f.datef, f.type, f.total, f.tva, f.total_ttc, f.paye, f.tms, f.date_lim_reglement,";
$sql .= " s.nom, s.rowid, s.email, s.code_client, s.code_compta, cc.rowid, cc.code";
$sql .= ", s.code_fournisseur, s.code_compta_fournisseur";
$sql .= " ORDER BY f.datef ASC, f.ref ASC";
$resql = $db->query($sql);

6
htdocs/compta/localtax/class/localtax.class.php
View File

@ -180,7 +180,7 @@ class Localtax extends CommonObject
$sql .= " fk_bank=".(int) $this->fk_bank.",";
$sql .= " fk_user_creat=".(int) $this->fk_user_creat.",";
$sql .= " fk_user_modif=".(int) $this->fk_user_modif;
$sql .= " WHERE rowid=".$this->id;
$sql .= " WHERE rowid=".((int) $this->id);
dol_syslog(get_class($this)."::update", LOG_DEBUG);
$resql = $this->db->query($sql);
@ -234,7 +234,7 @@ class Localtax extends CommonObject
$sql .= " b.rappro";
$sql .= " FROM ".MAIN_DB_PREFIX."localtax as t";
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."bank as b ON t.fk_bank = b.rowid";
$sql .= " WHERE t.rowid = ".$id;
$sql .= " WHERE t.rowid = ".((int) $id);
dol_syslog(get_class($this)."::fetch", LOG_DEBUG);
$resql = $this->db->query($sql);
@ -284,7 +284,7 @@ class Localtax extends CommonObject
// End call triggers
$sql = "DELETE FROM ".MAIN_DB_PREFIX."localtax";
$sql .= " WHERE rowid=".$this->id;
$sql .= " WHERE rowid=".((int) $this->id);
dol_syslog(get_class($this)."::delete", LOG_DEBUG);
$resql = $this->db->query($sql);

2
htdocs/compta/paiement/cheque/class/remisecheque.class.php
View File

@ -191,7 +191,7 @@ class RemiseCheque extends CommonObject
if ($this->id > 0 && $this->errno == 0) {
$sql = "UPDATE ".MAIN_DB_PREFIX."bordereau_cheque";
$sql .= " SET ref='(PROV".$this->id.")'";
$sql .= " WHERE rowid=".$this->id."";
$sql .= " WHERE rowid=".((int) $this->id)."";
$resql = $this->db->query($sql);
if (!$resql) {

4
htdocs/compta/paiement/class/paiement.class.php
View File

@ -169,7 +169,7 @@ class Paiement extends CommonObject
$sql .= ' LEFT JOIN '.MAIN_DB_PREFIX.'bank as b ON p.fk_bank = b.rowid';
$sql .= ' WHERE p.entity IN ('.getEntity('invoice').')';
if ($id > 0) {
$sql .= ' AND p.rowid = '.$id;
$sql .= ' AND p.rowid = '.((int) $id);
} elseif ($ref) {
$sql .= " AND p.ref = '".$ref."'";
} elseif ($fk_bank) {
@ -899,7 +899,7 @@ class Paiement extends CommonObject
{
$sql = 'SELECT p.rowid, p.datec, p.fk_user_creat, p.fk_user_modif, p.tms';
$sql .= ' FROM '.MAIN_DB_PREFIX.'paiement as p';
$sql .= ' WHERE p.rowid = '.$id;
$sql .= ' WHERE p.rowid = '.((int) $id);
dol_syslog(get_class($this).'::info', LOG_DEBUG);
$result = $this->db->query($sql);

2
htdocs/compta/prelevement/class/bonprelevement.class.php
View File

@ -427,7 +427,7 @@ class BonPrelevement extends CommonObject
$sql .= " SET fk_user_credit = ".$user->id;
$sql .= ", statut = ".self::STATUS_CREDITED;
$sql .= ", date_credit = '".$this->db->idate($date)."'";
$sql .= " WHERE rowid=".$this->id;
$sql .= " WHERE rowid=".((int) $this->id);
$sql .= " AND entity = ".$conf->entity;
$sql .= " AND statut = ".self::STATUS_TRANSFERED;

2
htdocs/compta/prelevement/class/rejetprelevement.class.php
View File

@ -128,7 +128,7 @@ class RejetPrelevement
// Tag the line to refused
$sql = " UPDATE ".MAIN_DB_PREFIX."prelevement_lignes ";
$sql .= " SET statut = 3";
$sql .= " WHERE rowid = ".$id;
$sql .= " WHERE rowid = ".((int) $id);
if (!$this->db->query($sql)) {
dol_syslog("RejetPrelevement::create Erreur 5");

8
htdocs/compta/sociales/class/chargesociales.class.php
View File

@ -149,7 +149,7 @@ class ChargeSociales extends CommonObject
if ($ref) {
$sql .= " AND cs.rowid = ".$ref;
} else {
$sql .= " AND cs.rowid = ".$id;
$sql .= " AND cs.rowid = ".((int) $id);
}
dol_syslog(get_class($this)."::fetch", LOG_DEBUG);
@ -311,7 +311,7 @@ class ChargeSociales extends CommonObject
}
if (!$error) {
$sql = "DELETE FROM ".MAIN_DB_PREFIX."chargesociales WHERE rowid=".$this->id;
$sql = "DELETE FROM ".MAIN_DB_PREFIX."chargesociales WHERE rowid=".((int) $this->id);
dol_syslog(get_class($this)."::delete", LOG_DEBUG);
$resql = $this->db->query($sql);
if (!$resql) {
@ -350,7 +350,7 @@ class ChargeSociales extends CommonObject
$sql .= ", fk_projet=".($this->fk_project > 0 ? $this->db->escape($this->fk_project) : "NULL");
$sql .= ", fk_user=".($this->fk_user > 0 ? $this->db->escape($this->fk_user) : "NULL");
$sql .= ", fk_user_modif=".$user->id;
$sql .= " WHERE rowid=".$this->id;
$sql .= " WHERE rowid=".((int) $this->id);
dol_syslog(get_class($this)."::update", LOG_DEBUG);
$resql = $this->db->query($sql);
@ -672,7 +672,7 @@ class ChargeSociales extends CommonObject
$sql = "SELECT e.rowid, e.tms as datem, e.date_creation as datec, e.date_valid as datev, e.import_key,";
$sql .= " e.fk_user_author, e.fk_user_modif, e.fk_user_valid";
$sql .= " FROM ".MAIN_DB_PREFIX."chargesociales as e";
$sql .= " WHERE e.rowid = ".$id;
$sql .= " WHERE e.rowid = ".((int) $id);
dol_syslog(get_class($this)."::info", LOG_DEBUG);
$result = $this->db->query($sql);

6
htdocs/compta/sociales/class/paymentsocialcontribution.class.php
View File

@ -262,7 +262,7 @@ class PaymentSocialContribution extends CommonObject
$sql .= ' b.fk_account';
$sql .= " FROM ".MAIN_DB_PREFIX."paiementcharge as t LEFT JOIN ".MAIN_DB_PREFIX."c_paiement as pt ON t.fk_typepaiement = pt.id";
$sql .= ' LEFT JOIN '.MAIN_DB_PREFIX.'bank as b ON t.fk_bank = b.rowid';
$sql .= " WHERE t.rowid = ".$id;
$sql .= " WHERE t.rowid = ".((int) $id);
// TODO link on entity of tax;
dol_syslog(get_class($this)."::fetch", LOG_DEBUG);
@ -362,7 +362,7 @@ class PaymentSocialContribution extends CommonObject
$sql .= " fk_user_modif=".(isset($this->fk_user_modif) ? $this->fk_user_modif : "null")."";
$sql .= " WHERE rowid=".$this->id;
$sql .= " WHERE rowid=".((int) $this->id);
$this->db->begin();
@ -416,7 +416,7 @@ class PaymentSocialContribution extends CommonObject
if (!$error) {
$sql = "DELETE FROM ".MAIN_DB_PREFIX."paiementcharge";
$sql .= " WHERE rowid=".$this->id;
$sql .= " WHERE rowid=".((int) $this->id);
dol_syslog(get_class($this)."::delete", LOG_DEBUG);
$resql = $this->db->query($sql);

4
htdocs/compta/stats/byratecountry.php
View File

@ -1,6 +1,6 @@
<?php
/* Copyright (C) 2018 Laurent Destailleur <eldy@users.sourceforge.net>
* Copyright (C) 2018 Frédéric France <frederic.france@netlogic.fr>
* Copyright (C) 2018-2021 Frédéric France <frederic.france@netlogic.fr>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -114,7 +114,7 @@ if (empty($min)) {
// Define modetax (0 or 1)
// 0=normal, 1=option vat for services is on debit, 2=option on payments for products
$modetax = $conf->global->TAX_MODE;
$modetax = empty($conf->global->TAX_MODE) ? 0 : $conf->global->TAX_MODE;
if (GETPOSTISSET("modetax")) {
$modetax = GETPOST("modetax", 'int');
}

6
htdocs/compta/tva/class/paymentvat.class.php
View File

@ -261,7 +261,7 @@ class PaymentVAT extends CommonObject
$sql .= ' b.fk_account';
$sql .= " FROM ".MAIN_DB_PREFIX."payment_vat as t LEFT JOIN ".MAIN_DB_PREFIX."c_paiement as pt ON t.fk_typepaiement = pt.id";
$sql .= ' LEFT JOIN '.MAIN_DB_PREFIX.'bank as b ON t.fk_bank = b.rowid';
$sql .= " WHERE t.rowid = ".$id;
$sql .= " WHERE t.rowid = ".((int) $id);
// TODO link on entity of tax;
dol_syslog(get_class($this)."::fetch", LOG_DEBUG);
@ -365,7 +365,7 @@ class PaymentVAT extends CommonObject
$sql .= " fk_user_modif=".(isset($this->fk_user_modif) ? $this->fk_user_modif : "null")."";
$sql .= " WHERE rowid=".$this->id;
$sql .= " WHERE rowid=".((int) $this->id);
$this->db->begin();
@ -419,7 +419,7 @@ class PaymentVAT extends CommonObject
if (!$error) {
$sql = "DELETE FROM ".MAIN_DB_PREFIX."payment_vat";
$sql .= " WHERE rowid=".$this->id;
$sql .= " WHERE rowid=".((int) $this->id);
dol_syslog(get_class($this)."::delete", LOG_DEBUG);
$resql = $this->db->query($sql);

6
htdocs/compta/tva/class/tva.class.php
View File

@ -209,7 +209,7 @@ class Tva extends CommonObject
$sql .= " note='".$this->db->escape($this->note)."',";
$sql .= " fk_user_creat=".$this->fk_user_creat.",";
$sql .= " fk_user_modif=".($this->fk_user_modif > 0 ? $this->fk_user_modif : $user->id)."";
$sql .= " WHERE rowid=".$this->id;
$sql .= " WHERE rowid=".((int) $this->id);
dol_syslog(get_class($this)."::update", LOG_DEBUG);
$resql = $this->db->query($sql);
@ -305,7 +305,7 @@ class Tva extends CommonObject
$sql .= " FROM ".MAIN_DB_PREFIX."tva as t";
//$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."bank as b ON t.fk_bank = b.rowid";
$sql .= " WHERE t.rowid = ".$id;
$sql .= " WHERE t.rowid = ".((int) $id);
dol_syslog(get_class($this)."::fetch", LOG_DEBUG);
$resql = $this->db->query($sql);
@ -360,7 +360,7 @@ class Tva extends CommonObject
// End call triggers
$sql = "DELETE FROM ".MAIN_DB_PREFIX."tva";
$sql .= " WHERE rowid=".$this->id;
$sql .= " WHERE rowid=".((int) $this->id);
dol_syslog(get_class($this)."::delete", LOG_DEBUG);
$resql = $this->db->query($sql);

10
htdocs/compta/tva/quadri_detail.php
View File

@ -4,7 +4,7 @@
* Copyright (C) 2004-2013 Laurent Destailleur <eldy@users.sourceforge.net>
* Copyright (C) 2006-2015 Yannick Warnier <ywarnier@beeznest.org>
* Copyright (C) 2014 Ferran Marcet <fmarcet@2byte.es>
* Copyright (C) 2018 Frédéric France <frederic.france@netlogic.fr>
* Copyright (C) 2018-2021 Frédéric France <frederic.france@netlogic.fr>
* Copyright (C) 2019 Eric Seigne <eric.seigne@cap-rel.fr>
*
* This program is free software; you can redistribute it and/or modify
@ -116,16 +116,16 @@ if (empty($min)) {
// Define modetax (0 or 1)
// 0=normal, 1=option vat for services is on debit, 2=option on payments for products
$modetax = $conf->global->TAX_MODE;
$modetax = (empty($conf->global->TAX_MODE) ? 0 : $conf->global->TAX_MODE);
if (GETPOSTISSET("modetax")) {
$modetax = GETPOST("modetax", 'int');
$modetax = GETPOSTINT("modetax");
}
if (empty($modetax)) {
$modetax = 0;
}
// Security check
$socid = GETPOST('socid', 'int');
$socid = GETPOSTINT('socid');
if ($user->socid) {
$socid = $user->socid;
}
@ -242,7 +242,7 @@ if ($mysoc->tva_assuj) {
$vatsup .= ' ('.$langs->trans("ToGetBack").')';
}
$optioncss = GETPOST('optioncss');
$optioncss = GETPOST('optioncss', 'alpha');
if ($optioncss != "print") {
report_header($name, '', $period, $periodlink, $description, $builddate, $exportlink, array(), $calcmode);
}

2
htdocs/contact/class/contact.class.php
View File

@ -1275,7 +1275,7 @@ class Contact extends CommonObject
if (!$error) {
$sql = "DELETE FROM ".MAIN_DB_PREFIX."socpeople";
$sql .= " WHERE rowid=".$this->id;
$sql .= " WHERE rowid=".((int) $this->id);
dol_syslog(__METHOD__, LOG_DEBUG);
$result = $this->db->query($sql);
if (!$result) {

10
htdocs/contrat/class/contrat.class.php
View File

@ -979,7 +979,7 @@ class Contrat extends CommonObject
if (!empty($modCodeContract->code_auto)) {
// Force the ref to a draft value if numbering module is an automatic numbering
$sql = 'UPDATE '.MAIN_DB_PREFIX."contrat SET ref='(PROV".$this->id.")' WHERE rowid=".$this->id;
$sql = 'UPDATE '.MAIN_DB_PREFIX."contrat SET ref='(PROV".$this->id.")' WHERE rowid=".((int) $this->id);
if ($this->db->query($sql)) {
if ($this->id) {
$this->ref = "(PROV".$this->id.")";
@ -1225,7 +1225,7 @@ class Contrat extends CommonObject
// Delete contract
if (!$error) {
$sql = "DELETE FROM ".MAIN_DB_PREFIX."contrat";
$sql .= " WHERE rowid=".$this->id;
$sql .= " WHERE rowid=".((int) $this->id);
dol_syslog(get_class($this)."::delete contrat", LOG_DEBUG);
$resql = $this->db->query($sql);
@ -1353,7 +1353,7 @@ class Contrat extends CommonObject
$sql .= " note_public=".(isset($this->note_public) ? "'".$this->db->escape($this->note_public)."'" : "null").",";
$sql .= " import_key=".(isset($this->import_key) ? "'".$this->db->escape($this->import_key)."'" : "null")."";
//$sql.= " extraparams=".(isset($this->extraparams)?"'".$this->db->escape($this->extraparams)."'":"null")."";
$sql .= " WHERE rowid=".$this->id;
$sql .= " WHERE rowid=".((int) $this->id);
$this->db->begin();
@ -2873,7 +2873,7 @@ class ContratLigne extends CommonObjectLine
$sql .= " t.fk_unit";
$sql .= " FROM ".MAIN_DB_PREFIX."contratdet as t LEFT JOIN ".MAIN_DB_PREFIX."product as p ON p.rowid = t.fk_product";
if ($id) {
$sql .= " WHERE t.rowid = ".$id;
$sql .= " WHERE t.rowid = ".((int) $id);
}
if ($ref) {
$sql .= " WHERE t.rowid = '".$this->db->escape($ref)."'";
@ -3098,7 +3098,7 @@ class ContratLigne extends CommonObjectLine
$sql .= " fk_user_cloture=".($this->fk_user_cloture > 0 ? $this->fk_user_cloture : "NULL").",";
$sql .= " commentaire='".$this->db->escape($this->commentaire)."',";
$sql .= " fk_unit=".(!$this->fk_unit ? 'NULL' : $this->fk_unit);
$sql .= " WHERE rowid=".$this->id;
$sql .= " WHERE rowid=".((int) $this->id);
dol_syslog(get_class($this)."::update", LOG_DEBUG);
$resql = $this->db->query($sql);

6
htdocs/core/boxes/box_accountancy_last_manual_entries.php
View File

@ -102,9 +102,11 @@ class box_accountancy_last_manual_entries extends ModeleBoxes
$date = $this->db->jdate($objp->date_movement);
$journal = $objp->code_journal;
$label = $objp->label_operation;
$amount = $objp->amount;
$amount = $objp->amount;
$bookkeepingstatic->id = $objp->id;
// adding id (rowid) will give two lines (debit and credit)
// so rowid isn't in sql request
// $bookkeepingstatic->id = $objp->id;
$bookkeepingstatic->piece_num = $objp->piece_num;
$this->info_box_contents[$line][] = array(

4
htdocs/core/class/ccountry.class.php
View File

@ -240,7 +240,7 @@ class Ccountry // extends CommonObject
$sql .= " code_iso=".(isset($this->code_iso) ? "'".$this->db->escape($this->code_iso)."'" : "null").",";
$sql .= " label=".(isset($this->label) ? "'".$this->db->escape($this->label)."'" : "null").",";
$sql .= " active=".(isset($this->active) ? $this->active : "null")."";
$sql .= " WHERE rowid=".$this->id;
$sql .= " WHERE rowid=".((int) $this->id);
$this->db->begin();
@ -279,7 +279,7 @@ class Ccountry // extends CommonObject
$error = 0;
$sql = "DELETE FROM ".MAIN_DB_PREFIX."c_country";
$sql .= " WHERE rowid=".$this->id;
$sql .= " WHERE rowid=".((int) $this->id);
$this->db->begin();

4
htdocs/core/class/comment.class.php
View File

@ -262,7 +262,7 @@ class Comment extends CommonObject
$sql .= " fk_user_modif=".$user->id.",";
$sql .= " entity=".(!empty($this->entity) ? $this->entity : '1').",";
$sql .= " import_key=".(!empty($this->import_key) ? "'".$this->db->escape($this->import_key)."'" : "null");
$sql .= " WHERE rowid=".$this->id;
$sql .= " WHERE rowid=".((int) $this->id);
$this->db->begin();
@ -316,7 +316,7 @@ class Comment extends CommonObject
$this->db->begin();
$sql = "DELETE FROM ".MAIN_DB_PREFIX.$this->table_element;
$sql .= " WHERE rowid=".$this->id;
$sql .= " WHERE rowid=".((int) $this->id);
$resql = $this->db->query($sql);
if (!$resql) {

28
htdocs/core/class/commonobject.class.php
View File

@ -1847,7 +1847,7 @@ abstract class CommonObject
$result = false;
if (!empty($id) && !empty($field) && !empty($table)) {
$sql = "SELECT ".$field." FROM ".MAIN_DB_PREFIX.$table;
$sql .= " WHERE rowid = ".$id;
$sql .= " WHERE rowid = ".((int) $id);
dol_syslog(get_class($this).'::getValueFrom', LOG_DEBUG);
$resql = $this->db->query($sql);
@ -2243,7 +2243,7 @@ abstract class CommonObject
$sql = 'UPDATE '.MAIN_DB_PREFIX.$this->table_element;
$sql .= ' SET '.$fieldname.' = '.(($id > 0 || $id == '0') ? $id : 'NULL');
$sql .= ' WHERE rowid='.$this->id;
$sql .= ' WHERE rowid='.((int) $this->id);
if ($this->db->query($sql)) {
$this->mode_reglement_id = $id;
@ -2278,7 +2278,7 @@ abstract class CommonObject
$sql = 'UPDATE '.MAIN_DB_PREFIX.$this->table_element;
$sql .= ' SET '.$fieldname." = '".$this->db->escape($code)."'";
$sql .= ' WHERE rowid='.$this->id;
$sql .= ' WHERE rowid='.((int) $this->id);
if ($this->db->query($sql)) {
$this->multicurrency_code = $code;
@ -2316,7 +2316,7 @@ abstract class CommonObject
$sql = 'UPDATE '.MAIN_DB_PREFIX.$this->table_element;
$sql .= ' SET '.$fieldname.' = '.$rate;
$sql .= ' WHERE rowid='.$this->id;
$sql .= ' WHERE rowid='.((int) $this->id);
if ($this->db->query($sql)) {
$this->multicurrency_tx = $rate;
@ -2524,7 +2524,7 @@ abstract class CommonObject
$sql = 'UPDATE '.MAIN_DB_PREFIX.$this->table_element;
$sql .= ' SET '.$fieldname.' = '.(($id > 0 || $id == '0') ? $id : 'NULL');
$sql .= ' WHERE rowid='.$this->id;
$sql .= ' WHERE rowid='.((int) $this->id);
if ($this->db->query($sql)) {
$this->cond_reglement_id = $id;
@ -2566,7 +2566,7 @@ abstract class CommonObject
$sql = 'UPDATE '.MAIN_DB_PREFIX.$this->table_element;
$sql .= ' SET '.$fieldname.' = '.(($id > 0 || $id == '0') ? $id : 'NULL');
$sql .= ' WHERE rowid='.$this->id;
$sql .= ' WHERE rowid='.((int) $this->id);
if ($this->db->query($sql)) {
$this->transport_mode_id = $id;
@ -2601,7 +2601,7 @@ abstract class CommonObject
$sql = 'UPDATE '.MAIN_DB_PREFIX.$this->table_element;
$sql .= ' SET '.$fieldname.' = '.$id;
$sql .= ' WHERE rowid='.$this->id;
$sql .= ' WHERE rowid='.((int) $this->id);
if ($this->db->query($sql)) {
$this->retained_warranty_fk_cond_reglement = $id;
@ -2679,7 +2679,7 @@ abstract class CommonObject
$sql = "UPDATE ".MAIN_DB_PREFIX.$this->table_element;
$sql .= " SET fk_shipping_method = ".$shipping_method_id;
$sql .= " WHERE rowid=".$this->id;
$sql .= " WHERE rowid=".((int) $this->id);
$resql = $this->db->query($sql);
if (!$resql) {
dol_syslog(get_class($this).'::setShippingMethod Error ', LOG_DEBUG);
@ -2726,7 +2726,7 @@ abstract class CommonObject
$sql = "UPDATE ".MAIN_DB_PREFIX.$this->table_element;
$sql .= " SET fk_warehouse = ".$warehouse_id;
$sql .= " WHERE rowid=".$this->id;
$sql .= " WHERE rowid=".((int) $this->id);
if ($this->db->query($sql)) {
$this->warehouse_id = ($warehouse_id == 'NULL') ?null:$warehouse_id;
@ -2803,7 +2803,7 @@ abstract class CommonObject
$sql = "UPDATE ".MAIN_DB_PREFIX.$this->table_element;
$sql .= " SET fk_account = ".$fk_account;
$sql .= " WHERE rowid=".$this->id;
$sql .= " WHERE rowid=".((int) $this->id);
$resql = $this->db->query($sql);
if (!$resql) {
@ -4173,7 +4173,7 @@ abstract class CommonObject
$sql .= " FROM ".MAIN_DB_PREFIX.$this->table_element;
$sql .= " WHERE entity IN (".getEntity($this->element).")";
if (!empty($id)) {
$sql .= " AND rowid = ".$id;
$sql .= " AND rowid = ".((int) $id);
}
if (!empty($ref)) {
$sql .= " AND ref = '".$this->db->escape($ref)."'";
@ -8480,7 +8480,7 @@ abstract class CommonObject
$sql .= ' FROM '.MAIN_DB_PREFIX.$this->table_element.' as t';
if (!empty($id)) {
$sql .= ' WHERE t.rowid = '.$id;
$sql .= ' WHERE t.rowid = '.((int) $id);
} elseif (!empty($ref)) {
$sql .= " WHERE t.ref = ".$this->quote($ref, $this->fields['ref']);
} else {
@ -8622,7 +8622,7 @@ abstract class CommonObject
}*/
}
$sql = 'UPDATE '.MAIN_DB_PREFIX.$this->table_element.' SET '.implode(', ', $tmp).' WHERE rowid='.$this->id;
$sql = 'UPDATE '.MAIN_DB_PREFIX.$this->table_element.' SET '.implode(', ', $tmp).' WHERE rowid='.((int) $this->id);
$this->db->begin();
if (!$error) {
@ -8768,7 +8768,7 @@ abstract class CommonObject
}
if (!$error) {
$sql = 'DELETE FROM '.MAIN_DB_PREFIX.$this->table_element.' WHERE rowid='.$this->id;
$sql = 'DELETE FROM '.MAIN_DB_PREFIX.$this->table_element.' WHERE rowid='.((int) $this->id);
$res = $this->db->query($sql);
if ($res === false) {

2
htdocs/core/class/cproductnature.class.php
View File

@ -151,7 +151,7 @@ class CProductNature // extends CommonObject
$sql .= " FROM ".MAIN_DB_PREFIX.$this->table_element." as t";
$sql_where = array();
if ($id) {
$sql_where[] = " t.rowid = ".$id;
$sql_where[] = " t.rowid = ".((int) $id);
}
if ($code >= 0) {
$sql_where[] = " t.code = ".((int) $code);

6
htdocs/core/class/cstate.class.php
View File

@ -163,7 +163,7 @@ class Cstate // extends CommonObject
$sql .= " t.active";
$sql .= " FROM ".MAIN_DB_PREFIX."c_departements as t";
if ($id) {
$sql .= " WHERE t.rowid = ".$id;
$sql .= " WHERE t.rowid = ".((int) $id);
} elseif ($code) {
$sql .= " WHERE t.code_departement = '".$this->db->escape($code)."'";
}
@ -223,7 +223,7 @@ class Cstate // extends CommonObject
$sql .= " code_departement=".(isset($this->code_departement) ? "'".$this->db->escape($this->code_departement)."'" : "null").",";
$sql .= " nom=".(isset($this->nom) ? "'".$this->db->escape($this->nom)."'" : "null").",";
$sql .= " active=".(isset($this->active) ? $this->active : "null")."";
$sql .= " WHERE rowid=".$this->id;
$sql .= " WHERE rowid=".((int) $this->id);
$this->db->begin();
@ -261,7 +261,7 @@ class Cstate // extends CommonObject
$error = 0;
$sql = "DELETE FROM ".MAIN_DB_PREFIX."c_departements";
$sql .= " WHERE rowid=".$this->id;
$sql .= " WHERE rowid=".((int) $this->id);
$this->db->begin();

4
htdocs/core/class/ctyperesource.class.php
View File

@ -320,7 +320,7 @@ class Ctyperesource
$sql .= ' active = '.(isset($this->active) ? $this->active : "null");
$sql .= ' WHERE rowid='.$this->id;
$sql .= ' WHERE rowid='.((int) $this->id);
$this->db->begin();
@ -383,7 +383,7 @@ class Ctyperesource
if (!$error) {
$sql = 'DELETE FROM '.MAIN_DB_PREFIX.$this->table_element;
$sql .= ' WHERE rowid='.$this->id;
$sql .= ' WHERE rowid='.((int) $this->id);
$resql = $this->db->query($sql);
if (!$resql) {

6
htdocs/core/class/cunits.class.php
View File

@ -181,7 +181,7 @@ class CUnits // extends CommonObject
$sql .= " FROM ".MAIN_DB_PREFIX."c_units as t";
$sql_where = array();
if ($id) {
$sql_where[] = " t.rowid = ".$id;
$sql_where[] = " t.rowid = ".((int) $id);
}
if ($unit_type) {
$sql_where[] = " t.unit_type = '".$this->db->escape($unit_type)."'";
@ -345,7 +345,7 @@ class CUnits // extends CommonObject
$sql .= " unit_type=".(isset($this->unit_type) ? "'".$this->db->escape($this->unit_type)."'" : "null").",";
$sql .= " scale=".(isset($this->scale) ? "'".$this->db->escape($this->scale)."'" : "null").",";
$sql .= " active=".(isset($this->active) ? $this->active : "null");
$sql .= " WHERE rowid=".$this->id;
$sql .= " WHERE rowid=".((int) $this->id);
$this->db->begin();
@ -384,7 +384,7 @@ class CUnits // extends CommonObject
$error = 0;
$sql = "DELETE FROM ".MAIN_DB_PREFIX."c_units";
$sql .= " WHERE rowid=".$this->id;
$sql .= " WHERE rowid=".((int) $this->id);
$this->db->begin();

2
htdocs/core/class/emailsenderprofile.class.php
View File

@ -350,7 +350,7 @@ class EmailSenderProfile extends CommonObject
$sql = 'SELECT rowid, date_creation as datec, tms as datem,';
$sql .= ' fk_user_creat, fk_user_modif';
$sql .= ' FROM '.MAIN_DB_PREFIX.$this->table_element.' as t';
$sql .= ' WHERE t.rowid = '.$id;
$sql .= ' WHERE t.rowid = '.((int) $id);
$result = $this->db->query($sql);
if ($result) {
if ($this->db->num_rows($result)) {

6
htdocs/core/class/events.class.php
View File

@ -206,7 +206,7 @@ class Events // extends CommonObject
$sql .= " type='".$this->db->escape($this->type)."',";
$sql .= " dateevent='".$this->db->idate($this->dateevent)."',";
$sql .= " description='".$this->db->escape($this->description)."'";
$sql .= " WHERE rowid=".$this->id;
$sql .= " WHERE rowid=".((int) $this->id);
dol_syslog(get_class($this)."::update", LOG_DEBUG);
$resql = $this->db->query($sql);
@ -238,7 +238,7 @@ class Events // extends CommonObject
$sql .= " t.user_agent,";
$sql .= " t.prefix_session";
$sql .= " FROM ".MAIN_DB_PREFIX."events as t";
$sql .= " WHERE t.rowid = ".$id;
$sql .= " WHERE t.rowid = ".((int) $id);
dol_syslog(get_class($this)."::fetch", LOG_DEBUG);
$resql = $this->db->query($sql);
@ -275,7 +275,7 @@ class Events // extends CommonObject
public function delete($user)
{
$sql = "DELETE FROM ".MAIN_DB_PREFIX."events";
$sql .= " WHERE rowid=".$this->id;
$sql .= " WHERE rowid=".((int) $this->id);
dol_syslog(get_class($this)."::delete", LOG_DEBUG);
$resql = $this->db->query($sql);

6
htdocs/core/class/fiscalyear.class.php
View File

@ -222,7 +222,7 @@ class Fiscalyear extends CommonObject
{
$sql = "SELECT rowid, label, date_start, date_end, statut";
$sql .= " FROM ".MAIN_DB_PREFIX."accounting_fiscalyear";
$sql .= " WHERE rowid = ".$id;
$sql .= " WHERE rowid = ".((int) $id);
dol_syslog(get_class($this)."::fetch", LOG_DEBUG);
$result = $this->db->query($sql);
@ -253,7 +253,7 @@ class Fiscalyear extends CommonObject
{
$this->db->begin();
$sql = "DELETE FROM ".MAIN_DB_PREFIX."accounting_fiscalyear WHERE rowid = ".$id;
$sql = "DELETE FROM ".MAIN_DB_PREFIX."accounting_fiscalyear WHERE rowid = ".((int) $id);
dol_syslog(get_class($this)."::delete", LOG_DEBUG);
$result = $this->db->query($sql);
@ -417,7 +417,7 @@ class Fiscalyear extends CommonObject
$sql = 'SELECT fy.rowid, fy.datec, fy.fk_user_author, fy.fk_user_modif,';
$sql .= ' fy.tms';
$sql .= ' FROM '.MAIN_DB_PREFIX.'accounting_fiscalyear as fy';
$sql .= ' WHERE fy.rowid = '.$id;
$sql .= ' WHERE fy.rowid = '.((int) $id);
dol_syslog(get_class($this)."::fetch info", LOG_DEBUG);
$result = $this->db->query($sql);

3
htdocs/core/class/html.formfile.class.php
View File

@ -7,7 +7,7 @@
* Copyright (C) 2014 Marcos García <marcosgdf@gmail.com>
* Copyright (C) 2015 Bahfir Abbes <bafbes@gmail.com>
* Copyright (C) 2016-2017 Ferran Marcet <fmarcet@2byte.es>
* Copyright (C) 2019 Frédéric France <frederic.france@netlogic.fr>
* Copyright (C) 2019-2021 Frédéric France <frederic.france@netlogic.fr>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -966,6 +966,7 @@ class FormFile
// Loop on each file found
$found = 0;
$i = 0;
foreach ($file_list as $file) {
$i++;
if ($filter && !preg_match('/'.$filter.'/i', $file["name"])) {

8
htdocs/core/class/menubase.class.php
View File

@ -294,7 +294,7 @@ class Menubase
$resql = $this->db->query($sql);
if ($resql) {
$this->id = $this->db->last_insert_id(MAIN_DB_PREFIX."menu");
dol_syslog(get_class($this)."::create record added has rowid=".$this->id, LOG_DEBUG);
dol_syslog(get_class($this)."::create record added has rowid=".((int) $this->id), LOG_DEBUG);
return $this->id;
} else {
@ -364,7 +364,7 @@ class Menubase
$sql .= " perms='".$this->db->escape($this->perms)."',";
$sql .= " enabled='".$this->db->escape($this->enabled)."',";
$sql .= " usertype='".$this->db->escape($this->user)."'";
$sql .= " WHERE rowid=".$this->id;
$sql .= " WHERE rowid=".((int) $this->id);
dol_syslog(get_class($this)."::update", LOG_DEBUG);
$resql = $this->db->query($sql);
@ -410,7 +410,7 @@ class Menubase
$sql .= " t.usertype as user,";
$sql .= " t.tms";
$sql .= " FROM ".MAIN_DB_PREFIX."menu as t";
$sql .= " WHERE t.rowid = ".$id;
$sql .= " WHERE t.rowid = ".((int) $id);
dol_syslog(get_class($this)."::fetch", LOG_DEBUG);
$resql = $this->db->query($sql);
@ -461,7 +461,7 @@ class Menubase
//global $conf, $langs;
$sql = "DELETE FROM ".MAIN_DB_PREFIX."menu";
$sql .= " WHERE rowid=".$this->id;
$sql .= " WHERE rowid=".((int) $this->id);
dol_syslog(get_class($this)."::delete", LOG_DEBUG);
$resql = $this->db->query($sql);

4
htdocs/core/lib/accounting.lib.php
View File

@ -3,6 +3,7 @@
* Copyright (C) 2013-2017 Alexandre Spangaro <aspangaro@open-dsi.fr>
* Copyright (C) 2014 Florian Henry <florian.henry@open-concept.pro>
* Copyright (C) 2019 Eric Seigne <eric.seigne@cap-rel.fr>
* Copyright (C) 2021 Frédéric France <frederic.france@netlogic.fr>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -274,8 +275,7 @@ function getDefaultDatesForTransfer()
global $db, $conf;
// Period by default on transfer (0: previous month | 1: current month | 2: fiscal year)
$periodbydefaultontransfer = $conf->global->ACCOUNTING_DEFAULT_PERIOD_ON_TRANSFER;
isset($periodbydefaultontransfer) ? $periodbydefaultontransfer : 0;
$periodbydefaultontransfer = (empty($conf->global->ACCOUNTING_DEFAULT_PERIOD_ON_TRANSFER) ? 0 : $conf->global->ACCOUNTING_DEFAULT_PERIOD_ON_TRANSFER);
if ($periodbydefaultontransfer == 2) {
$sql = "SELECT date_start, date_end from ".MAIN_DB_PREFIX."accounting_fiscalyear ";
$sql .= " where date_start < '".$db->idate(dol_now())."' and date_end > '".$db->idate(dol_now())."'";

8
htdocs/core/lib/cron.lib.php
View File

@ -34,12 +34,12 @@ function cronadmin_prepare_head()
$h = 0;
$head = array();
$head[$h][0] = dol_buildpath('/cron/admin/cron.php', 1);
$head[$h][0] = DOL_URL_ROOT.'/cron/admin/cron.php';
$head[$h][1] = $langs->trans("Miscellaneous");
$head[$h][2] = 'setup';
$h++;
$head[$h][0] = dol_buildpath('/cron/list.php?mode=modulesetup', 1);
$head[$h][0] = DOL_URL_ROOT.'/cron/list.php?mode=modulesetup';
$head[$h][1] = $langs->trans("Module2300Name");
$head[$h][2] = 'jobs';
$h++;
@ -64,12 +64,12 @@ function cron_prepare_head(Cronjob $object)
$h = 0;
$head = array();
$head[$h][0] = dol_buildpath('/cron/card.php', 1).'?id='.$object->id;
$head[$h][0] = DOL_URL_ROOT.'/cron/card.php?id='.$object->id;
$head[$h][1] = $langs->trans("CronTask");
$head[$h][2] = 'card';
$h++;
$head[$h][0] = dol_buildpath('/cron/info.php', 1).'?id='.$object->id;
$head[$h][0] = DOL_URL_ROOT.'/cron/info.php?id='.$object->id;
$head[$h][1] = $langs->trans("Info");
$head[$h][2] = 'info';
$h++;

74
htdocs/core/lib/functions.lib.php
View File

@ -611,9 +611,16 @@ function GETPOST($paramname, $check = 'alphanohtml', $method = 0, $filter = null
}
// Sanitizing for special parameters. There is no reason to allow the backtopage parameter to contains an external URL.
if ($paramname == 'backtopage') {
if ($paramname == 'backtopage' || $paramname == 'backtolist') {
$out = str_replace('\\', '/', $out);
$out = preg_replace(array('/^\/\/+/', '/^[a-z]*:/i'), '', $out);
$out = str_replace(array(':', ';', '@'), '', $out);
do {
$oldstringtoclean = $out;
$out = str_ireplace(array('javascript', 'vbscript', '&colon', '&#'), '', $out);
} while ($oldstringtoclean != $out);
$out = preg_replace(array('/^[a-z]*\/\/+/i'), '', $out);
}
// Code for search criteria persistence.
@ -999,6 +1006,43 @@ function dol_sanitizePathName($str, $newstr = '_', $unaccent = 1)
return dol_string_nospecial($unaccent ? dol_string_unaccent($str) : $str, $newstr, $filesystem_forbidden_chars);
}
/**
* Clean a string to use it as an URL (into a href or src attribute)
*
* @param string $stringtoclean String to clean
* @param int $type 0=Accept all Url, 1=Clean external Url (keep only relative Url)
* @return string Escaped string.
*/
function dol_sanitizeUrl($stringtoclean, $type = 1)
{
// We clean string because some hacks try to obfuscate evil strings by inserting non printable chars. Example: 'java(ascci09)scr(ascii00)ipt' is processed like 'javascript' (whatever is place of evil ascii char)
// We should use dol_string_nounprintableascii but function may not be yet loaded/available
$stringtoclean = preg_replace('/[\x00-\x1F\x7F]/u', '', $stringtoclean); // /u operator makes UTF8 valid characters being ignored so are not included into the replace
// We clean html comments because some hacks try to obfuscate evil strings by inserting HTML comments. Example: on<!-- -->error=alert(1)
$stringtoclean = preg_replace('/<!--[^>]*-->/', '', $stringtoclean);
$stringtoclean = str_replace('\\', '/', $stringtoclean);
if ($type == 1) {
// removing : should disable links to external url like http:aaa)
// removing ';' should disable "named" html entities encode into an url (we should not have this into an url)
$stringtoclean = str_replace(array(':', ';', '@'), '', $stringtoclean);
}
do {
$oldstringtoclean = $stringtoclean;
// removing '&colon' should disable links to external url like http:aaa)
// removing '&#' should disable "numeric" html entities encode into an url (we should not have this into an url)
$stringtoclean = str_ireplace(array('javascript', 'vbscript', '&colon', '&#'), '', $stringtoclean);
} while ($oldstringtoclean != $stringtoclean);
if ($type == 1) {
// removing '//' should disable links to external url like //aaa or http//)
$stringtoclean = preg_replace(array('/^[a-z]*\/\/+/i'), '', $stringtoclean);
}
return $stringtoclean;
}
/**
* Clean a string from all accent characters to be used as ref, login or by dol_sanitizeFileName
*
@ -1097,7 +1141,6 @@ function dol_string_nounprintableascii($str, $removetabcrlf = 1)
}
}
/**
* Returns text escaped for inclusion into javascript code
*
@ -3443,7 +3486,7 @@ function img_picto($titlealt, $picto, $moreatt = '', $pictoisfullpath = false, $
'1downarrow', '1uparrow', '1leftarrow', '1rightarrow', '1uparrow_selected', '1downarrow_selected', '1leftarrow_selected', '1rightarrow_selected',
'accountancy', 'account', 'accountline', 'action', 'add', 'address', 'angle-double-down', 'angle-double-up', 'asset',
'bank_account', 'barcode', 'bank', 'bill', 'billa', 'billr', 'billd', 'bookmark', 'bom', 'building',
'cash-register', 'category', 'chart', 'check', 'clock', 'close_title', 'cog', 'company', 'contact', 'contract', 'cron', 'cubes',
'cash-register', 'category', 'chart', 'check', 'clock', 'close_title', 'cog', 'collab', 'company', 'contact', 'contract', 'cron', 'cubes',
'delete', 'dolly', 'dollyrevert', 'donation', 'download', 'edit', 'ellipsis-h', 'email', 'eraser', 'external-link-alt', 'external-link-square-alt',
'filter', 'file-code', 'file-export', 'file-import', 'file-upload', 'folder', 'folder-open', 'globe', 'globe-americas', 'grip', 'grip_title', 'group',
'help', 'holiday',
@ -3474,7 +3517,7 @@ function img_picto($titlealt, $picto, $moreatt = '', $pictoisfullpath = false, $
'recruitmentcandidature', 'recruitmentjobposition', 'resource',
'shapes', 'supplier_proposal', 'supplier_order', 'supplier_invoice',
'timespent', 'title_setup', 'title_accountancy', 'title_bank', 'title_hrm', 'title_agenda',
'user-cog',
'user-cog', 'website',
'eventorganization', 'object_eventorganization'
))) {
$pictowithouttext = str_replace('object_', '', $pictowithouttext);
@ -3494,7 +3537,8 @@ function img_picto($titlealt, $picto, $moreatt = '', $pictoisfullpath = false, $
'account'=>'university', 'accountline'=>'receipt', 'accountancy'=>'search-dollar', 'action'=>'calendar-alt', 'add'=>'plus-circle', 'address'=> 'address-book', 'asset'=>'money-check-alt',
'bank_account'=>'university', 'bill'=>'file-invoice-dollar', 'billa'=>'file-excel', 'billr'=>'file-invoice-dollar', 'supplier_invoicea'=>'file-excel', 'billd'=>'file-medical', 'supplier_invoiced'=>'file-medical',
'bom'=>'shapes',
'chart'=>'chart-line', 'company'=>'building', 'contact'=>'address-book', 'contract'=>'suitcase', 'conversation'=>'comments', 'donation'=>'file-alt', 'dynamicprice'=>'hand-holding-usd',
'chart'=>'chart-line', 'company'=>'building', 'contact'=>'address-book', 'contract'=>'suitcase', 'collab'=>'people-arrows', 'conversation'=>'comments',
'donation'=>'file-alt', 'dynamicprice'=>'hand-holding-usd',
'setup'=>'cog', 'companies'=>'building', 'products'=>'cube', 'commercial'=>'suitcase', 'invoicing'=>'coins',
'accounting'=>'chart-line', 'category'=>'tag', 'dollyrevert'=>'dolly',
'hrm'=>'user-tie', 'margin'=>'calculator', 'members'=>'user-friends', 'ticket'=>'ticket-alt', 'globe'=>'external-link-alt', 'lot'=>'barcode',
@ -3552,10 +3596,10 @@ function img_picto($titlealt, $picto, $moreatt = '', $pictoisfullpath = false, $
$fakey = 'fa-'.$pictowithouttext;
}
if (in_array($pictowithouttext, array('holiday', 'dollyrevert', 'member', 'members', 'contract', 'group', 'resource', 'shipment'))) {
if (in_array($pictowithouttext, array('dollyrevert', 'member', 'members', 'contract', 'group', 'resource', 'shipment'))) {
$morecss = 'em092';
}
if (in_array($pictowithouttext, array('holiday', 'project'))) {
if (in_array($pictowithouttext, array('collab', 'holiday', 'project'))) {
$morecss = 'em088';
}
if (in_array($pictowithouttext, array('intervention', 'info', 'payment', 'loan', 'stock', 'technic'))) {
@ -3577,7 +3621,7 @@ function img_picto($titlealt, $picto, $moreatt = '', $pictoisfullpath = false, $
'action'=>'infobox-action', 'account'=>'infobox-bank_account', 'accountline'=>'infobox-bank_account', 'accountancy'=>'infobox-bank_account', 'asset'=>'infobox-bank_account',
'bank_account'=>'bg-infobox-bank_account',
'bill'=>'infobox-commande', 'billa'=>'infobox-commande', 'billr'=>'infobox-commande', 'billd'=>'infobox-commande',
'cash-register'=>'infobox-bank_account', 'contract'=>'infobox-contrat', 'check'=>'font-status4', 'conversation'=>'infobox-contrat',
'cash-register'=>'infobox-bank_account', 'contract'=>'infobox-contrat', 'check'=>'font-status4', 'collab'=>'infobox-action', 'conversation'=>'infobox-contrat',
'donation'=>'infobox-commande', 'dollyrevert'=>'flip', 'ecm'=>'infobox-action',
'hrm'=>'infobox-adherent', 'group'=>'infobox-adherent', 'intervention'=>'infobox-contrat',
'multicurrency'=>'infobox-bank_account',
@ -6153,12 +6197,13 @@ function dol_string_nohtmltag($stringtoclean, $removelinefeed = 1, $pagecodeto =
if ($strip_tags) {
$temp = strip_tags($temp);
} else {
$temp = str_replace('<>', '', $temp); // No reason to have this into a text, except if value is to try bypass the next html cleaning
$pattern = "/<[^<>]+>/";
// Example of $temp: <a href="/myurl" title="<u>A title</u>">0000-021</a>
$temp = preg_replace($pattern, "", $temp); // pass 1 - $temp after pass 1: <a href="/myurl" title="A title">0000-021
$temp = preg_replace($pattern, "", $temp); // pass 2 - $temp after pass 2: 0000-021
// Remove '<' into remainging, so non closing html tags like '<abc'. Note: '<123abc' is not a html tag (can be kept), but '<abc123' is (must be removed).
$temp = preg_replace('/<([a-z]+)/i', '\1', $temp);
// Remove '<' into remainging, so remove non closing html tags like '<abc' or '<<abc'. Note: '<123abc' is not a html tag (can be kept), but '<abc123' is (must be removed).
$temp = preg_replace('/<+([a-z]+)/i', '\1', $temp);
}
$temp = dol_html_entity_decode($temp, ENT_COMPAT, $pagecodeto);
@ -6205,10 +6250,11 @@ function dol_string_onlythesehtmltags($stringtoclean, $cleanalsosomestyles = 1,
$stringtoclean = str_replace('<!DOCTYPE html>', '__!DOCTYPE_HTML__', $stringtoclean); // Replace DOCTYPE to avoid to have it removed by the strip_tags
$stringtoclean = dol_string_nounprintableascii($stringtoclean, 0);
$stringtoclean = preg_replace('/&colon;/i', ':', $stringtoclean);
$stringtoclean = preg_replace('/<!--[^>]*-->/', '', $stringtoclean);
$stringtoclean = preg_replace('/&#58;|&#0000058|&#x3A/i', '', $stringtoclean); // refused string ':' encoded (no reason to have it encoded) to lock 'javascript:...'
$stringtoclean = preg_replace('/&colon;/i', ':', $stringtoclean);
$stringtoclean = preg_replace('/&#58;|&#0+58|&#x3A/i', '', $stringtoclean); // refused string ':' encoded (no reason to have a : encoded like this) to disable 'javascript:...'
$stringtoclean = preg_replace('/javascript\s*:/i', '', $stringtoclean);
$temp = strip_tags($stringtoclean, $allowed_tags_string);
@ -6221,7 +6267,7 @@ function dol_string_onlythesehtmltags($stringtoclean, $cleanalsosomestyles = 1,
}
// Remove 'javascript:' that we should not find into a text with
// Warning: This is not reliable to fight against obfuscated javascript, there is a lot of other solution to include js into a common html tag (only filtered by the GETPOST).
// Warning: This is not reliable to fight against obfuscated javascript, there is a lot of other solution to include js into a common html tag (only filtered by a GETPOST(.., powerfullfilter)).
if ($cleanalsojavascript) {
$temp = preg_replace('/javascript\s*:/i', '', $temp);
}

39
htdocs/core/menus/standard/eldy.lib.php
View File

@ -76,7 +76,7 @@ function print_eldy_menu($db, $atarget, $type_user, &$tabMenu, &$menu, $noout =
$menu_arr[] = array(
'name' => 'Home',
'link' => '/index.php?mainmenu=home&amp;leftmenu=home',
'title' => (!empty($conf->global->THEME_TOPMENU_DISABLE_IMAGE) ? '<span class="fa fa-home"></span>' : "Home"),
'title' => "Home",
'level' => 0,
'enabled' => $showmode = 1,
'target' => $atarget,
@ -86,7 +86,7 @@ function print_eldy_menu($db, $atarget, $type_user, &$tabMenu, &$menu, $noout =
'id' => $id,
'idsel' => 'home',
'classname' => $classname = ($_SESSION["mainmenu"] && $_SESSION["mainmenu"] == "home") ? 'class="tmenusel"' : 'class="tmenu"',
'prefix' => '',
'prefix' => '<span class="fa fa-home fa-fw paddingright"></span>',
'session' => (($_SESSION["mainmenu"] && $_SESSION["mainmenu"] == "home") ? 0 : 1),
'loadLangs' => array(),
'submenus' => array(),
@ -111,7 +111,7 @@ function print_eldy_menu($db, $atarget, $type_user, &$tabMenu, &$menu, $noout =
'id' => $id,
'idsel' => 'members',
'classname' => $classname = ($_SESSION["mainmenu"] && $_SESSION["mainmenu"] == "members") ? 'class="tmenusel"' : 'class="tmenu"',
'prefix' => '',
'prefix' => img_picto('', 'member', 'class="fa-fw paddingright"'),
'session' => (($_SESSION["mainmenu"] && $_SESSION["mainmenu"] == "members") ? 0 : 1),
'loadLangs' => array(),
'submenus' => array(),
@ -140,7 +140,7 @@ function print_eldy_menu($db, $atarget, $type_user, &$tabMenu, &$menu, $noout =
'id' => $id,
'idsel' => 'companies',
'classname' => $classname = ($_SESSION["mainmenu"] && $_SESSION["mainmenu"] == "companies") ? 'class="tmenusel"' : 'class="tmenu"',
'prefix' => '',
'prefix' => img_picto('', 'company', 'class="fa-fw paddingright"'),
'session' => (($_SESSION["mainmenu"] && $_SESSION["mainmenu"] == "companies") ? 0 : 1),
'loadLangs' => array("companies", "suppliers"),
'submenus' => array(),
@ -167,7 +167,7 @@ function print_eldy_menu($db, $atarget, $type_user, &$tabMenu, &$menu, $noout =
'id' => $id,
'idsel' => 'products',
'classname' => $classname = ($_SESSION["mainmenu"] && $_SESSION["mainmenu"] == "products") ? 'class="tmenusel"' : 'class="tmenu"',
'prefix' => '',
'prefix' => img_picto('', 'product', 'class="fa-fw paddingright"'),
'session' => (($_SESSION["mainmenu"] && $_SESSION["mainmenu"] == "products") ? 0 : 1),
'loadLangs' => array("products"),
'submenus' => array(),
@ -192,7 +192,7 @@ function print_eldy_menu($db, $atarget, $type_user, &$tabMenu, &$menu, $noout =
'id' => $id,
'idsel' => 'mrp',
'classname' => $classname = ($_SESSION["mainmenu"] && $_SESSION["mainmenu"] == "mrp") ? 'class="tmenusel"' : 'class="tmenu"',
'prefix' => '',
'prefix' => img_picto('', 'mrp', 'class="fa-fw paddingright"'),
'session' => (($_SESSION["mainmenu"] && $_SESSION["mainmenu"] == "mrp") ? 0 : 1),
'loadLangs' => array("mrp"),
'submenus' => array(),
@ -217,7 +217,7 @@ function print_eldy_menu($db, $atarget, $type_user, &$tabMenu, &$menu, $noout =
'id' => $id,
'idsel' => 'project',
'classname' => $classname = ($_SESSION["mainmenu"] && $_SESSION["mainmenu"] == "project") ? 'class="tmenusel"' : 'class="tmenu"',
'prefix' => '',
'prefix' => img_picto('', 'project', 'class="fa-fw paddingright"'),
'session' => (($_SESSION["mainmenu"] && $_SESSION["mainmenu"] == "project") ? 0 : 1),
'loadLangs' => array("projects"),
'submenus' => array(),
@ -263,7 +263,7 @@ function print_eldy_menu($db, $atarget, $type_user, &$tabMenu, &$menu, $noout =
'id' => $id,
'idsel' => 'commercial',
'classname' => $classname = ($_SESSION["mainmenu"] && $_SESSION["mainmenu"] == "commercial") ? 'class="tmenusel"' : 'class="tmenu"',
'prefix' => '',
'prefix' => img_picto('', 'contract', 'class="fa-fw paddingright"'),
'session' => (($_SESSION["mainmenu"] && $_SESSION["mainmenu"] == "commercial") ? 0 : 1),
'loadLangs' => array("commercial"),
'submenus' => array(),
@ -297,7 +297,7 @@ function print_eldy_menu($db, $atarget, $type_user, &$tabMenu, &$menu, $noout =
'id' => $id,
'idsel' => 'billing',
'classname' => $classname = ($_SESSION["mainmenu"] && $_SESSION["mainmenu"] == "billing") ? 'class="tmenusel"' : 'class="tmenu"',
'prefix' => '',
'prefix' => img_picto('', 'bill', 'class="fa-fw paddingright"'),
'session' => (($_SESSION["mainmenu"] && $_SESSION["mainmenu"] == "billing") ? 0 : 1),
'loadLangs' => array("compta"),
'submenus' => array(),
@ -322,10 +322,8 @@ function print_eldy_menu($db, $atarget, $type_user, &$tabMenu, &$menu, $noout =
'id' => $id,
'idsel' => 'bank',
'classname' => $classname = ($_SESSION["mainmenu"] && $_SESSION["mainmenu"] == "bank") ? 'class="tmenusel"' : 'class="tmenu"',
'prefix' => '',
'prefix' => img_picto('', 'bank', 'class="fa-fw paddingright"'),
'session' => (($_SESSION["mainmenu"] && $_SESSION["mainmenu"] == "bank") ? 0 : 1),
'loadLangs' => array("compta", "banks"),
'submenus' => array(),
);
@ -349,10 +347,8 @@ function print_eldy_menu($db, $atarget, $type_user, &$tabMenu, &$menu, $noout =
'id' => $id,
'idsel' => 'accountancy',
'classname' => $classname = ($_SESSION["mainmenu"] && $_SESSION["mainmenu"] == "accountancy") ? 'class="tmenusel"' : 'class="tmenu"',
'prefix' => '',
'prefix' => img_picto('', 'account', 'class="fa-fw paddingright"'),
'session' => (($_SESSION["mainmenu"] && $_SESSION["mainmenu"] == "accountancy") ? 0 : 1),
'loadLangs' => array("compta", "accountancy", "assets", "intracommreport"),
'submenus' => array(),
);
@ -377,10 +373,8 @@ function print_eldy_menu($db, $atarget, $type_user, &$tabMenu, &$menu, $noout =
'id' => $id,
'idsel' => 'hrm',
'classname' => $classname = ($_SESSION["mainmenu"] && $_SESSION["mainmenu"] == "hrm") ? 'class="tmenusel"' : 'class="tmenu"',
'prefix' => '',
'prefix' => img_picto('', 'hrm', 'class="fa-fw paddingright"'),
'session' => (($_SESSION["mainmenu"] && $_SESSION["mainmenu"] == "hrm") ? 0 : 1),
'loadLangs' => array("holiday"),
'submenus' => array(),
);
@ -404,10 +398,8 @@ function print_eldy_menu($db, $atarget, $type_user, &$tabMenu, &$menu, $noout =
'id' => $id,
'idsel' => 'tools',
'classname' => $classname = ($_SESSION["mainmenu"] && $_SESSION["mainmenu"] == "tools") ? 'class="tmenusel"' : 'class="tmenu"',
'prefix' => '',
'prefix' => img_picto('', 'tools', 'class="fa-fw paddingright"'),
'session' => (($_SESSION["mainmenu"] && $_SESSION["mainmenu"] == "tools") ? 0 : 1),
'loadLangs' => array("other"),
'submenus' => array(),
);
@ -496,7 +488,8 @@ function print_eldy_menu($db, $atarget, $type_user, &$tabMenu, &$menu, $noout =
$newTabMenu[$i]['position'],
$id,
$idsel,
$classname
$classname,
$newTabMenu[$i]['prefix']
);
}
@ -712,7 +705,7 @@ function print_left_eldy_menu($db, $menu_array_before, $menu_array_after, &$tabM
$newmenu->add("/index.php?mainmenu=home&amp;leftmenu=home", $langs->trans("MyDashboard"), 0, 1, '', $mainmenu, 'home', 0, '', '', '', '<i class="fa fa-bar-chart fa-fw paddingright pictofixedwidth"></i>');
// Setup
$newmenu->add("/admin/index.php?mainmenu=home&amp;leftmenu=setup", $langs->trans("Setup"), 0, $user->admin, '', $mainmenu, 'setup', 0, '', '', '', '<i class="fa fa-wrench fa-fw paddingright pictofixedwidth"></i>');
$newmenu->add("/admin/index.php?mainmenu=home&amp;leftmenu=setup", $langs->trans("Setup"), 0, $user->admin, '', $mainmenu, 'setup', 0, '', '', '', '<i class="fa fa-tools fa-fw paddingright pictofixedwidth"></i>');
if ($usemenuhider || empty($leftmenu) || $leftmenu == "setup") {
// Load translation files required by the page

6
htdocs/core/menus/standard/eldy_menu.php
View File

@ -185,8 +185,8 @@ class MenuManager
print '<a class="alilevel0" href="#">';
// Add font-awesome
if ($val['level'] == 0 && $val['mainmenu'] == 'home') {
print '<span class="fa fa-home fa-fw paddingright" aria-hidden="true"></span>';
if ($val['level'] == 0 && !empty($val['prefix'])) {
print $val['prefix'];
}
print $val['titre'];
@ -213,7 +213,7 @@ class MenuManager
print str_pad('', 1).'<li class="lilevel1 ui-btn-icon-right ui-btn">'; // ui-btn to highlight on clic
print '<a href="'.$relurl.'">';
if ($langs->trans(ucfirst($val['mainmenu'])."Dashboard") == ucfirst($val['mainmenu'])."Dashboard") { // No translation
if (in_array($val['mainmenu'], array('cashdesk', 'externalsite', 'website', 'collab'))) {
if (in_array($val['mainmenu'], array('cashdesk', 'externalsite', 'website', 'collab', 'takepos'))) {
print $langs->trans("Access");
} else {
print $langs->trans("Dashboard");

2
htdocs/core/modules/mailings/modules_mailings.php
View File

@ -184,7 +184,7 @@ class MailingTargets // This can't be abstract as it is used for some method
$sql .= "'".$this->db->escape($targetarray['other'])."',";
$sql .= "'".$this->db->escape($targetarray['source_url'])."',";
$sql .= (empty($targetarray['source_id']) ? 'null' : "'".$this->db->escape($targetarray['source_id'])."'").",";
$sql .= "'".$this->db->escape(dol_hash($dolibarr_main_instance_unique_id.';'.$targetarray['email'].';'.$targetarray['lastname'].';'.$mailing_id.';'.$conf->global->MAILING_EMAIL_UNSUBSCRIBE_KEY), 'md5')."',";
$sql .= "'".$this->db->escape(dol_hash($dolibarr_main_instance_unique_id.';'.$targetarray['email'].';'.$targetarray['lastname'].';'.$mailing_id.';'.$conf->global->MAILING_EMAIL_UNSUBSCRIBE_KEY, 'md5'))."',";
$sql .= "'".$this->db->escape($targetarray['source_type'])."')";
dol_syslog(__METHOD__, LOG_DEBUG);
$result = $this->db->query($sql);

1
htdocs/core/modules/modAgenda.class.php
View File

@ -206,6 +206,7 @@ class modAgenda extends DolibarrModules
'fk_menu'=>0,
'type'=>'top',
'titre'=>'TMenuAgenda',
'prefix' => img_picto('', $this->picto, 'class="paddingright pictofixedwidth"'),
'mainmenu'=>'agenda',
'url'=>'/comm/action/index.php',
'langs'=>'agenda',

3
htdocs/core/modules/modCollab.class.php
View File

@ -55,7 +55,7 @@ class modCollab extends DolibarrModules
// Key used in llx_const table to save module status enabled/disabled (where MYMODULE is value of property name of module in uppercase)
$this->const_name = 'MAIN_MODULE_'.strtoupper($this->name);
// Name of image file used for this module.
$this->picto = 'website';
$this->picto = 'collab';
// Data directories to create when module is enabled
$this->dirs = array("/collab/temp");
@ -113,6 +113,7 @@ class modCollab extends DolibarrModules
'fk_menu'=>'0', // Use 'fk_mainmenu=xxx' or 'fk_mainmenu=xxx,fk_leftmenu=yyy' where xxx is mainmenucode and yyy is a leftmenucode
'type'=>'top', // This is a Left menu entry
'titre'=>'Collab',
'prefix' => img_picto('', $this->picto, 'class="paddingright pictofixedwidth em092"'),
'mainmenu'=>'collab',
'url'=>'/collab/index.php',
'langs'=>'collab', // Lang file to use (without .lang) by module. File must be in langs/code_CODE/ directory.

1
htdocs/core/modules/modECM.class.php
View File

@ -127,6 +127,7 @@ class modECM extends DolibarrModules
'fk_menu'=>0,
'type'=>'top',
'titre'=>'MenuECM',
'prefix' => img_picto('', $this->picto, 'class="paddingright pictofixedwidth"'),
'mainmenu'=>'ecm',
'url'=>'/ecm/index.php',
'langs'=>'ecm',

3
htdocs/core/modules/modExternalSite.class.php
View File

@ -59,7 +59,7 @@ class modExternalSite extends DolibarrModules
// Key used in llx_const table to save module status enabled/disabled (XXX is id value)
$this->const_name = 'MAIN_MODULE_'.strtoupper($this->name);
// Name of png file (without png) used for this module
$this->picto = 'bookmark';
$this->picto = 'website';
// Call to inside lang's file
$this->langfiles = array("externalsite");
@ -103,6 +103,7 @@ class modExternalSite extends DolibarrModules
'fk_menu'=>0,
'type'=>'top',
'titre'=>'__[EXTERNALSITE_LABEL]__',
'prefix' => img_picto('', $this->picto, 'class="paddingright pictofixedwidth em092"'),
'mainmenu'=>'externalsite',
'url'=>'/externalsite/frames.php',
'langs'=>'other',

1
htdocs/core/modules/modTicket.class.php
View File

@ -198,6 +198,7 @@ class modTicket extends DolibarrModules
$this->menu[$r] = array('fk_menu' => 0, // Put 0 if this is a top menu
'type' => 'top', // This is a Top menu entry
'titre' => 'Ticket',
'prefix' => img_picto('', $this->picto, 'class="paddingright pictofixedwidth em092"'),
'mainmenu' => 'ticket',
'leftmenu' => '1', // Use 1 if you also want to add left menu entries using this descriptor.
'url' => '/ticket/index.php',

1
htdocs/core/modules/modWebsite.class.php
View File

@ -114,6 +114,7 @@ class modWebsite extends DolibarrModules
$this->menu[$r] = array('fk_menu'=>'0', // Use 'fk_mainmenu=xxx' or 'fk_mainmenu=xxx,fk_leftmenu=yyy' where xxx is mainmenucode and yyy is a leftmenucode
'type'=>'top', // This is a Left menu entry
'titre'=>'WebSites',
'prefix' => img_picto('', $this->picto, 'class="paddingright pictofixedwidth em092"'),
'mainmenu'=>'website',
'url'=>'/website/index.php',
'langs'=>'website', // Lang file to use (without .lang) by module. File must be in langs/code_CODE/ directory.

2
htdocs/core/tpl/extrafields_list_array_fields.tpl.php
View File

@ -14,7 +14,7 @@ if (empty($extrafieldsobjectkey) && is_object($object)) {
// Loop to show all columns of extrafields from $obj, $extrafields and $db
if (!empty($extrafieldsobjectkey)) { // $extrafieldsobject is the $object->table_element like 'societe', 'socpeople', ...
if (is_array($extrafields->attributes[$extrafieldsobjectkey]['label']) && count($extrafields->attributes[$extrafieldsobjectkey]['label']) > 0) {
if (isset($extrafields->attributes[$extrafieldsobjectkey]['label']) && is_array($extrafields->attributes[$extrafieldsobjectkey]['label']) && count($extrafields->attributes[$extrafieldsobjectkey]['label']) > 0) {
if (empty($extrafieldsobjectprefix)) {
$extrafieldsobjectprefix = 'ef.';
}

2
htdocs/core/triggers/interface_20_modWorkflow_WorkflowManager.class.php
View File

@ -62,7 +62,7 @@ class InterfaceWorkflowManager extends DolibarrTriggers
*/
public function runTrigger($action, $object, User $user, Translate $langs, Conf $conf)
{
if (empty($conf->workflow->enabled)) {
if (empty($conf->workflow) || empty($conf->workflow->enabled)) {
return 0; // Module not active, we do nothing
}

2
htdocs/core/triggers/interface_50_modAgenda_ActionsAuto.class.php
View File

@ -75,7 +75,7 @@ class InterfaceActionsAuto extends DolibarrTriggers
*/
public function runTrigger($action, $object, User $user, Translate $langs, Conf $conf)
{
if (empty($conf->agenda->enabled)) {
if (empty($conf->agenda) || empty($conf->agenda->enabled)) {
return 0; // Module not active, we do nothing
}

2
htdocs/core/triggers/interface_50_modBlockedlog_ActionsBlockedLog.class.php
View File

@ -59,7 +59,7 @@ class InterfaceActionsBlockedLog extends DolibarrTriggers
*/
public function runTrigger($action, $object, User $user, Translate $langs, Conf $conf)
{
if (empty($conf->blockedlog->enabled)) {
if (empty($conf->blockedlog) || empty($conf->blockedlog->enabled)) {
return 0; // Module not active, we do nothing
}

2
htdocs/core/triggers/interface_50_modEventOrganization_EventOrganization.class.php
View File

@ -71,7 +71,7 @@ class InterfaceEventOrganization extends DolibarrTriggers
*/
public function runTrigger($action, $object, User $user, Translate $langs, Conf $conf)
{
if (empty($conf->eventorganization->enabled)) {
if (empty($conf->eventorganization) || empty($conf->eventorganization->enabled)) {
return 0; // Module not active, we do nothing
}

2
htdocs/core/triggers/interface_50_modLdap_Ldapsynchro.class.php
View File

@ -61,7 +61,7 @@ class InterfaceLdapsynchro extends DolibarrTriggers
*/
public function runTrigger($action, $object, User $user, Translate $langs, Conf $conf)
{
if (empty($conf->ldap->enabled)) {
if (empty($conf->ldap) || empty($conf->ldap->enabled)) {
return 0; // Module not active, we do nothing
}
if (defined('DISABLE_LDAP_SYNCHRO')) {

2
htdocs/core/triggers/interface_50_modMailmanspip_Mailmanspipsynchro.class.php
View File

@ -59,7 +59,7 @@ class InterfaceMailmanSpipsynchro extends DolibarrTriggers
*/
public function runTrigger($action, $object, User $user, Translate $langs, Conf $conf)
{
if (empty($conf->mailmanspip->enabled)) {
if (empty($conf->mailmanspip) || empty($conf->mailmanspip->enabled)) {
return 0; // Module not active, we do nothing
}

2
htdocs/core/triggers/interface_50_modNotification_Notification.class.php
View File

@ -80,7 +80,7 @@ class InterfaceNotification extends DolibarrTriggers
*/
public function runTrigger($action, $object, User $user, Translate $langs, Conf $conf)
{
if (empty($conf->notification->enabled)) {
if (empty($conf->notification) || empty($conf->notification->enabled)) {
return 0; // Module not active, we do nothing
}

2
htdocs/core/triggers/interface_50_modTicket_TicketEmail.class.php
View File

@ -61,7 +61,7 @@ class InterfaceTicketEmail extends DolibarrTriggers
{
$ok = 0;
if (empty($conf->ticket->enabled)) {
if (empty($conf->ticket) || empty($conf->ticket->enabled)) {
return 0; // Module not active, we do nothing
}

8
htdocs/core/triggers/interface_80_modStripe_Stripe.class.php
View File

@ -69,13 +69,13 @@ class InterfaceStripe extends DolibarrTriggers
// Data and type of action are stored into $object and $action
global $langs, $db, $conf;
require_once DOL_DOCUMENT_ROOT.'/stripe/class/stripe.class.php';
$stripe = new Stripe($db);
if (empty($conf->stripe->enabled)) {
if (empty($conf->stripe) || empty($conf->stripe->enabled)) {
return 0;
}
require_once DOL_DOCUMENT_ROOT.'/stripe/class/stripe.class.php';
$stripe = new Stripe($db);
$ok = 1;
$service = 'StripeTest';

3
htdocs/core/triggers/interface_99_modZapier_ZapierTriggers.class.php
View File

@ -70,10 +70,11 @@ class InterfaceZapierTriggers extends DolibarrTriggers
*/
public function runTrigger($action, $object, User $user, Translate $langs, Conf $conf)
{
if (empty($conf->zapier->enabled)) {
if (empty($conf->zapier) || empty($conf->zapier->enabled)) {
// Module not active, we do nothing
return 0;
}
$logtriggeraction = false;
$sql = '';
if ($action != '') {

8
htdocs/cron/class/cronjob.class.php
View File

@ -435,7 +435,7 @@ class Cronjob extends CommonObject
$sql .= " t.test";
$sql .= " FROM ".MAIN_DB_PREFIX."cronjob as t";
if ($id > 0) {
$sql .= " WHERE t.rowid = ".$id;
$sql .= " WHERE t.rowid = ".((int) $id);
} else {
$sql .= " WHERE t.entity IN(0, ".getEntity('cron').")";
$sql .= " AND t.objectname = '".$this->db->escape($objectname)."'";
@ -786,7 +786,7 @@ class Cronjob extends CommonObject
$sql .= " maxrun=".((isset($this->maxrun) && $this->maxrun > 0) ? $this->maxrun : "0").",";
$sql .= " libname=".(isset($this->libname) ? "'".$this->db->escape($this->libname)."'" : "null").",";
$sql .= " test=".(isset($this->test) ? "'".$this->db->escape($this->test)."'" : "null");
$sql .= " WHERE rowid=".$this->id;
$sql .= " WHERE rowid=".((int) $this->id);
$this->db->begin();
@ -825,7 +825,7 @@ class Cronjob extends CommonObject
$this->db->begin();
$sql = "DELETE FROM ".MAIN_DB_PREFIX."cronjob";
$sql .= " WHERE rowid=".$this->id;
$sql .= " WHERE rowid=".((int) $this->id);
dol_syslog(get_class($this)."::delete", LOG_DEBUG);
$resql = $this->db->query($sql);
@ -1027,7 +1027,7 @@ class Cronjob extends CommonObject
$sql = "SELECT";
$sql .= " f.rowid, f.datec, f.tms, f.fk_user_mod, f.fk_user_author";
$sql .= " FROM ".MAIN_DB_PREFIX."cronjob as f";
$sql .= " WHERE f.rowid = ".$id;
$sql .= " WHERE f.rowid = ".((int) $id);
dol_syslog(get_class($this)."::fetch", LOG_DEBUG);
$resql = $this->db->query($sql);

2
htdocs/delivery/class/delivery.class.php
View File

@ -307,7 +307,7 @@ class Delivery extends CommonObject
$sql .= " FROM ".MAIN_DB_PREFIX."delivery as l";
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."element_element as el ON el.fk_target = l.rowid AND el.targettype = '".$this->db->escape($this->element)."'";
$sql .= ' LEFT JOIN '.MAIN_DB_PREFIX.'c_incoterms as i ON l.fk_incoterms = i.rowid';
$sql .= " WHERE l.rowid = ".$id;
$sql .= " WHERE l.rowid = ".((int) $id);
dol_syslog(get_class($this)."::fetch", LOG_DEBUG);
$result = $this->db->query($sql);

6
htdocs/don/class/don.class.php
View File

@ -565,7 +565,7 @@ class Don extends CommonObject
if (!$error) {
$sql = "DELETE FROM ".MAIN_DB_PREFIX."don";
$sql .= " WHERE rowid=".$this->id;
$sql .= " WHERE rowid=".((int) $this->id);
$resql = $this->db->query($sql);
if (!$resql) {
@ -787,7 +787,7 @@ class Don extends CommonObject
public function set_cancel($id)
{
// phpcs:enable
$sql = "UPDATE ".MAIN_DB_PREFIX."don SET fk_statut = -1 WHERE rowid = ".$id;
$sql = "UPDATE ".MAIN_DB_PREFIX."don SET fk_statut = -1 WHERE rowid = ".((int) $id);
$resql = $this->db->query($sql);
if ($resql) {
@ -953,7 +953,7 @@ class Don extends CommonObject
$sql = 'SELECT d.rowid, d.datec, d.fk_user_author, d.fk_user_valid,';
$sql .= ' d.tms';
$sql .= ' FROM '.MAIN_DB_PREFIX.'don as d';
$sql .= ' WHERE d.rowid = '.$id;
$sql .= ' WHERE d.rowid = '.((int) $id);
dol_syslog(get_class($this).'::info', LOG_DEBUG);
$result = $this->db->query($sql);

4
htdocs/don/class/paymentdonation.class.php
View File

@ -234,7 +234,7 @@ class PaymentDonation extends CommonObject
$sql .= " FROM ".MAIN_DB_PREFIX."payment_donation as t";
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."c_paiement as pt ON t.fk_typepayment = pt.id";
$sql .= ' LEFT JOIN '.MAIN_DB_PREFIX.'bank as b ON t.fk_bank = b.rowid';
$sql .= " WHERE t.rowid = ".$id;
$sql .= " WHERE t.rowid = ".((int) $id);
dol_syslog(get_class($this)."::fetch", LOG_DEBUG);
$resql = $this->db->query($sql);
@ -394,7 +394,7 @@ class PaymentDonation extends CommonObject
if (!$error) {
$sql = "DELETE FROM ".MAIN_DB_PREFIX."payment_donation";
$sql .= " WHERE rowid=".$this->id;
$sql .= " WHERE rowid=".((int) $this->id);
dol_syslog(get_class($this)."::delete", LOG_DEBUG);
$resql = $this->db->query($sql);

2
htdocs/don/payment/card.php
View File

@ -150,7 +150,7 @@ $sql = 'SELECT d.rowid as did, d.paid, d.amount as d_amount, pd.amount';
$sql .= ' FROM '.MAIN_DB_PREFIX.'payment_donation as pd,'.MAIN_DB_PREFIX.'don as d';
$sql .= ' WHERE pd.fk_donation = d.rowid';
$sql .= ' AND d.entity = '.$conf->entity;
$sql .= ' AND pd.rowid = '.$id;
$sql .= ' AND pd.rowid = '.((int) $id);
dol_syslog("don/payment/card.php", LOG_DEBUG);
$resql = $db->query($sql);

4
htdocs/ecm/class/ecmdirectory.class.php
View File

@ -262,7 +262,7 @@ class EcmDirectory extends CommonObject
$sql .= " label='".$this->db->escape($this->label)."',";
$sql .= " fk_parent='".$this->db->escape($this->fk_parent)."',";
$sql .= " description='".$this->db->escape($this->description)."'";
$sql .= " WHERE rowid=".$this->id;
$sql .= " WHERE rowid=".((int) $this->id);
dol_syslog(get_class($this)."::update", LOG_DEBUG);
$resql = $this->db->query($sql);
@ -403,7 +403,7 @@ class EcmDirectory extends CommonObject
$this->db->begin();
$sql = "DELETE FROM ".MAIN_DB_PREFIX."ecm_directories";
$sql .= " WHERE rowid=".$this->id;
$sql .= " WHERE rowid=".((int) $this->id);
dol_syslog(get_class($this)."::delete", LOG_DEBUG);
$resql = $this->db->query($sql);

4
htdocs/ecm/class/ecmfiles.class.php
View File

@ -679,7 +679,7 @@ class EcmFiles extends CommonObject
$sql .= ' acl = '.(isset($this->acl) ? "'".$this->db->escape($this->acl)."'" : "null").',';
$sql .= ' src_object_id = '.($this->src_object_id > 0 ? $this->src_object_id : "null").',';
$sql .= ' src_object_type = '.(isset($this->src_object_type) ? "'".$this->db->escape($this->src_object_type)."'" : "null");
$sql .= ' WHERE rowid='.$this->id;
$sql .= ' WHERE rowid='.((int) $this->id);
$this->db->begin();
@ -742,7 +742,7 @@ class EcmFiles extends CommonObject
if (!$error) {
$sql = 'DELETE FROM '.MAIN_DB_PREFIX.$this->table_element;
$sql .= ' WHERE rowid='.$this->id;
$sql .= ' WHERE rowid='.((int) $this->id);
$resql = $this->db->query($sql);
if (!$resql) {

2
htdocs/emailcollector/class/emailcollector.class.php
View File

@ -610,7 +610,7 @@ class EmailCollector extends CommonObject
$sql = 'SELECT rowid, date_creation as datec, tms as datem,';
$sql .= ' fk_user_creat, fk_user_modif';
$sql .= ' FROM '.MAIN_DB_PREFIX.$this->table_element.' as t';
$sql .= ' WHERE t.rowid = '.$id;
$sql .= ' WHERE t.rowid = '.((int) $id);
$result = $this->db->query($sql);
if ($result) {
if ($this->db->num_rows($result)) {

2
htdocs/emailcollector/class/emailcollectoraction.class.php
View File

@ -477,7 +477,7 @@ class EmailCollectorAction extends CommonObject
$sql = 'SELECT rowid, date_creation as datec, tms as datem,';
$sql .= ' fk_user_creat, fk_user_modif';
$sql .= ' FROM '.MAIN_DB_PREFIX.$this->table_element.' as t';
$sql .= ' WHERE t.rowid = '.$id;
$sql .= ' WHERE t.rowid = '.((int) $id);
$result = $this->db->query($sql);
if ($result) {
if ($this->db->num_rows($result)) {

Some files were not shown because too many files have changed in this diff Show More