From 6cdee3ceb0a38a5cdaf9ee12631fe2878b63855f Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Sat, 25 Feb 2012 01:18:02 +0100 Subject: [PATCH 01/39] New: Increase size of professional ids. --- htdocs/install/mysql/migration/3.1.0-3.2.0.sql | 6 ++++++ htdocs/install/mysql/tables/llx_societe.sql | 11 ++++++----- 2 files changed, 12 insertions(+), 5 deletions(-) diff --git a/htdocs/install/mysql/migration/3.1.0-3.2.0.sql b/htdocs/install/mysql/migration/3.1.0-3.2.0.sql index d3f867b464f..b6a42e3625d 100755 --- a/htdocs/install/mysql/migration/3.1.0-3.2.0.sql +++ b/htdocs/install/mysql/migration/3.1.0-3.2.0.sql @@ -31,7 +31,13 @@ ALTER TABLE llx_user ADD COLUMN ref_int varchar(50) AFTER ref_ext; ALTER TABLE llx_societe MODIFY code_client varchar(24); ALTER TABLE llx_societe MODIFY code_fournisseur varchar(24); +ALTER TABLE llx_societe MODIFY siren varchar(128); +ALTER TABLE llx_societe MODIFY siret varchar(128); +ALTER TABLE llx_societe MODIFY ape varchar(128); +ALTER TABLE llx_societe MODIFY idprof4 varchar(128); +ALTER TABLE llx_societe ADD COLUMN idprof5 varchar(128); + ALTER TABLE llx_chargesociales ADD COLUMN tms timestamp; ALTER TABLE llx_chargesociales ADD COLUMN date_creation datetime; ALTER TABLE llx_chargesociales ADD COLUMN date_valid datetime; diff --git a/htdocs/install/mysql/tables/llx_societe.sql b/htdocs/install/mysql/tables/llx_societe.sql index 16713302e6a..e0ac91bf360 100644 --- a/htdocs/install/mysql/tables/llx_societe.sql +++ b/htdocs/install/mysql/tables/llx_societe.sql @@ -52,12 +52,13 @@ create table llx_societe fk_secteur integer DEFAULT 0, -- fk_effectif integer DEFAULT 0, -- fk_typent integer DEFAULT 0, -- - fk_forme_juridique integer DEFAULT 0, -- forme juridique INSEE + fk_forme_juridique integer DEFAULT 0, -- juridical status fk_currency integer DEFAULT 0, -- currency - siren varchar(32), -- IDProf1: siren ou RCS pour france - siret varchar(32), -- IDProf2: siret pour france - ape varchar(32), -- IDProf3: code ape pour france - idprof4 varchar(32), -- IDProf4: nu pour france + siren varchar(128), -- IDProf1: siren or RCS for france + siret varchar(128), -- IDProf2: siret for france + ape varchar(128), -- IDProf3: code ape for france + idprof4 varchar(128), -- IDProf4: nu for france + idprof5 varchar(128), -- IDProf5: nu for france tva_intra varchar(20), -- tva capital real, -- capital de la societe description text, -- From 9d9439e498560457b72494a9d466a173c85076d5 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Sat, 25 Feb 2012 01:34:05 +0100 Subject: [PATCH 02/39] New: All professional id can contains up to 128 chars instead of 32. --- ChangeLog | 1 + htdocs/core/class/html.formcompany.class.php | 9 ++++++--- 2 files changed, 7 insertions(+), 3 deletions(-) diff --git a/ChangeLog b/ChangeLog index af3f8290f70..a00f52055f4 100644 --- a/ChangeLog +++ b/ChangeLog @@ -52,6 +52,7 @@ For users: - New: Increase usability of module project. - New: Automatic list of documents in ECM module is ok for customers, suppliers invoice, orders, customers orders, proposals and social contributions. +- New: All professional id can contains up to 128 chars instead of 32. - New: [ task #176 ] Allow to use ODT templates for proposals and orders like it's done for invoices - Fix: Can use POS module with several concurrent users. - Fix: Installer don't fails with Mysql version that added a ssl_cypher field. diff --git a/htdocs/core/class/html.formcompany.class.php b/htdocs/core/class/html.formcompany.class.php index c0adef92519..1f81f385944 100644 --- a/htdocs/core/class/html.formcompany.class.php +++ b/htdocs/core/class/html.formcompany.class.php @@ -528,7 +528,7 @@ class FormCompany } } $sql.= " ORDER BY nom ASC"; - + $resql = $this->db->query($sql); if ($resql) { @@ -669,7 +669,7 @@ class FormCompany { global $conf,$langs; - $formlength=24; + $formlength=0; if ($country_code == 'FR' && empty($conf->global->MAIN_DISABLEPROFIDRULES)) { if ($idprof==1) $formlength=9; @@ -691,7 +691,10 @@ class FormCompany if (! $selected && $idprof==3) $selected=$this->idprof3; if (! $selected && $idprof==4) $selected=$this->idprof4; - $out = ''; + $maxlength=$formlength; + if (empty($formlength)) { $formlength=24; $maxlength=128; } + + $out = ''; return $out; } From 58c1cb3e7c9f49e1e7931f3904f0eb1adc84c2e2 Mon Sep 17 00:00:00 2001 From: Regis Houssin Date: Sat, 25 Feb 2012 09:05:36 +0100 Subject: [PATCH 03/39] Fix: function is outside of class and add TODO --- htdocs/core/class/html.formother.class.php | 90 +++++++++++----------- 1 file changed, 44 insertions(+), 46 deletions(-) diff --git a/htdocs/core/class/html.formother.class.php b/htdocs/core/class/html.formother.class.php index 3ecce003beb..e39c4ad26dd 100644 --- a/htdocs/core/class/html.formother.class.php +++ b/htdocs/core/class/html.formother.class.php @@ -631,6 +631,49 @@ class FormOther return $out; } + /** + * Show form to select addresse + * + * @param int $page Page + * @param string $selected Id condition pre-selectionne + * @param string $htmlname Nom du formulaire select + * @param string $origin Origine de l'appel pour pouvoir creer un retour + * @param int $originid Id de l'origine + * @return void + */ + function form_address($page, $selected='', $socid, $htmlname='address_id', $origin='', $originid='') + { + global $langs,$conf; + if ($htmlname != "none") + { + print '
'; + print ''; + print ''; + print ''; + print ''; + print '
'; + $this->select_address($selected, $socid, $htmlname, 1); + print ''; + $langs->load("companies"); + print '   '.$langs->trans("AddAddress").''; + print '
'; + } + else + { + if ($selected) + { + require_once(DOL_DOCUMENT_ROOT ."/societe/class/address.class.php"); + $address=new Address($this->db); + $result=$address->fetch_address($selected); + print ''.$address->label.''; + } + else + { + print " "; + } + } + } + } @@ -644,6 +687,7 @@ class FormOther * @param int $selectedtask Id selected task * @param int $selectedproject Id selected project * @return void + * TODO why this function is here ? */ function PLineSelect(&$inc, $parent, $lines, $level=0, $selectedtask=0, $selectedproject=0) { @@ -713,52 +757,6 @@ function PLineSelect(&$inc, $parent, $lines, $level=0, $selectedtask=0, $selecte $level--; } } - - - /** - * Show form to select addresse - * - * @param int $page Page - * @param string $selected Id condition pre-selectionne - * @param string $htmlname Nom du formulaire select - * @param string $origin Origine de l'appel pour pouvoir creer un retour - * @param int $originid Id de l'origine - * @return void - * @deprecated - */ - function form_address($page, $selected='', $socid, $htmlname='address_id', $origin='', $originid='') - { - global $langs,$conf; - if ($htmlname != "none") - { - print '
'; - print ''; - print ''; - print ''; - print ''; - print '
'; - $this->select_address($selected, $socid, $htmlname, 1); - print ''; - $langs->load("companies"); - print '   '.$langs->trans("AddAddress").''; - print '
'; - } - else - { - if ($selected) - { - require_once(DOL_DOCUMENT_ROOT ."/societe/class/address.class.php"); - $address=new Address($this->db); - $result=$address->fetch_address($selected); - print ''.$address->label.''; - } - else - { - print " "; - } - } - } - } ?> From 19f53e6caa20203d09313a1cfc982ebae5bf1f6a Mon Sep 17 00:00:00 2001 From: Regis Houssin Date: Sat, 25 Feb 2012 11:10:38 +0100 Subject: [PATCH 04/39] Fix: default customer language problem --- htdocs/commande/fiche.php | 21 +++++++++++---------- htdocs/fourn/commande/fiche.php | 17 +++++++++++------ htdocs/fourn/facture/fiche.php | 16 ++++++++++------ 3 files changed, 32 insertions(+), 22 deletions(-) diff --git a/htdocs/commande/fiche.php b/htdocs/commande/fiche.php index f252443df80..155d5accabe 100644 --- a/htdocs/commande/fiche.php +++ b/htdocs/commande/fiche.php @@ -637,18 +637,19 @@ if ($action == 'addline' && $user->rights->commande->creer) if ($result > 0) { - // Define output language - $outputlangs = $langs; - $newlang=''; - if ($conf->global->MAIN_MULTILANGS && empty($newlang) && ! empty($_REQUEST['lang_id'])) $newlang=$_REQUEST['lang_id']; - if ($conf->global->MAIN_MULTILANGS && empty($newlang)) $newlang=$object->client->default_lang; - if (! empty($newlang)) - { - $outputlangs = new Translate("",$conf); - $outputlangs->setDefaultLang($newlang); - } if (empty($conf->global->MAIN_DISABLE_PDF_AUTOUPDATE)) { + // Define output language + $outputlangs = $langs; + $newlang=''; + if ($conf->global->MAIN_MULTILANGS && empty($newlang) && GETPOST('lang_id','int')) $newlang=GETPOST('lang_id','int'); + if ($conf->global->MAIN_MULTILANGS && empty($newlang)) $newlang=$object->client->default_lang; + if (! empty($newlang)) + { + $outputlangs = new Translate("",$conf); + $outputlangs->setDefaultLang($newlang); + } + $ret=$object->fetch($id); // Reload to get new records commande_pdf_create($db, $object, $object->modelpdf, $outputlangs, GETPOST('hidedetails'), GETPOST('hidedesc'), GETPOST('hideref'), $hookmanager); } diff --git a/htdocs/fourn/commande/fiche.php b/htdocs/fourn/commande/fiche.php index b30dd309167..09ebb908820 100644 --- a/htdocs/fourn/commande/fiche.php +++ b/htdocs/fourn/commande/fiche.php @@ -217,14 +217,19 @@ if ($action == 'addline' && $user->rights->fournisseur->commande->creer) //print "xx".$tva_tx; exit; if ($result > 0) { - $outputlangs = $langs; - if (! empty($_REQUEST['lang_id'])) - { - $outputlangs = new Translate("",$conf); - $outputlangs->setDefaultLang($_REQUEST['lang_id']); - } if (empty($conf->global->MAIN_DISABLE_PDF_AUTOUPDATE)) { + // Define output language + $outputlangs = $langs; + $newlang=''; + if ($conf->global->MAIN_MULTILANGS && empty($newlang) && GETPOST('lang_id','int')) $newlang=GETPOST('lang_id','int'); + if ($conf->global->MAIN_MULTILANGS && empty($newlang)) $newlang=$object->client->default_lang; + if (! empty($newlang)) + { + $outputlangs = new Translate("",$conf); + $outputlangs->setDefaultLang($newlang); + } + $ret=$object->fetch($id); // Reload to get new records supplier_order_pdf_create($db, $object, $object->modelpdf, $outputlangs, GETPOST('hidedetails'), GETPOST('hidedesc'), GETPOST('hideref')); } diff --git a/htdocs/fourn/facture/fiche.php b/htdocs/fourn/facture/fiche.php index 001666bea71..0d7bdc829b5 100644 --- a/htdocs/fourn/facture/fiche.php +++ b/htdocs/fourn/facture/fiche.php @@ -507,12 +507,16 @@ if ($action == 'addline') //print "xx".$tva_tx; exit; if ($result > 0) { - $outputlangs = $langs; - if (! empty($_REQUEST['lang_id'])) - { - $outputlangs = new Translate("",$conf); - $outputlangs->setDefaultLang($_REQUEST['lang_id']); - } + // Define output language + $outputlangs = $langs; + $newlang=''; + if ($conf->global->MAIN_MULTILANGS && empty($newlang) && GETPOST('lang_id','int')) $newlang=GETPOST('lang_id','int'); + if ($conf->global->MAIN_MULTILANGS && empty($newlang)) $newlang=$object->client->default_lang; + if (! empty($newlang)) + { + $outputlangs = new Translate("",$conf); + $outputlangs->setDefaultLang($newlang); + } //if (empty($conf->global->MAIN_DISABLE_PDF_AUTOUPDATE)) supplier_invoice_pdf_create($db, $object->id, $object->modelpdf, $outputlangs); unset($_POST['qty']); From 70c9b2bda351511e479caf24322c7631d152b0ec Mon Sep 17 00:00:00 2001 From: Regis Houssin Date: Sat, 25 Feb 2012 12:09:27 +0100 Subject: [PATCH 05/39] Fix: compatibility with edit in place --- htdocs/core/ajax/loadinplace.php | 12 +++++++-- htdocs/core/ajax/saveinplace.php | 12 +++++++-- htdocs/fourn/facture/fiche.php | 46 ++++++++++++++++---------------- 3 files changed, 43 insertions(+), 27 deletions(-) diff --git a/htdocs/core/ajax/loadinplace.php b/htdocs/core/ajax/loadinplace.php index 17c909b9c3f..4e70f4a5a92 100644 --- a/htdocs/core/ajax/loadinplace.php +++ b/htdocs/core/ajax/loadinplace.php @@ -54,7 +54,7 @@ if((isset($_GET['field']) && ! empty($_GET['field'])) $type = GETPOST('type'); $loadmethod = (GETPOST('loadmethod') ? GETPOST('loadmethod') : 'getValueFrom'); - if (preg_match('/^([^_]+)_([^_]+)/i',$element,$regs)) + if ($element != 'order_supplier' && $element != 'invoice_supplier' && preg_match('/^([^_]+)_([^_]+)/i',$element,$regs)) { $element = $regs[1]; $subelement = $regs[2]; @@ -62,9 +62,17 @@ if((isset($_GET['field']) && ! empty($_GET['field'])) if ($element == 'propal') $element = 'propale'; else if ($element == 'fichinter') $element = 'ficheinter'; + else if ($element == 'order_supplier') { + $element = 'fournisseur'; + $subelement = 'commande'; + } + else if ($element == 'invoice_supplier') { + $element = 'fournisseur'; + $subelement = 'facture'; + } if ($user->rights->$element->lire || $user->rights->$element->read - || $user->rights->$element->$subelement->lire || $user->rights->$element->$subelement->read + || (isset($subelement) && ($user->rights->$element->$subelement->lire || $user->rights->$element->$subelement->read)) || ($element == 'payment' && $user->rights->facture->lire) || ($element == 'payment_supplier' && $user->rights->fournisseur->facture->lire)) { diff --git a/htdocs/core/ajax/saveinplace.php b/htdocs/core/ajax/saveinplace.php index fb80c1bd7fb..7462e66283b 100644 --- a/htdocs/core/ajax/saveinplace.php +++ b/htdocs/core/ajax/saveinplace.php @@ -61,7 +61,7 @@ if((isset($_POST['field']) && ! empty($_POST['field'])) $return=array(); $error=0; - if (preg_match('/^([^_]+)_([^_]+)/i',$element,$regs)) + if ($element != 'order_supplier' && $element != 'invoice_supplier' && preg_match('/^([^_]+)_([^_]+)/i',$element,$regs)) { $element = $regs[1]; $subelement = $regs[2]; @@ -69,9 +69,17 @@ if((isset($_POST['field']) && ! empty($_POST['field'])) if ($element == 'propal') $element = 'propale'; else if ($element == 'fichinter') $element = 'ficheinter'; + else if ($element == 'order_supplier') { + $element = 'fournisseur'; + $subelement = 'commande'; + } + else if ($element == 'invoice_supplier') { + $element = 'fournisseur'; + $subelement = 'facture'; + } if ($user->rights->$element->creer || $user->rights->$element->write - || $user->rights->$element->$subelement->creer || $user->rights->$element->$subelement->write + || (isset($subelement) && ($user->rights->$element->$subelement->creer || $user->rights->$element->$subelement->write)) || ($element == 'payment' && $user->rights->facture->paiement) || ($element == 'payment_supplier' && $user->rights->fournisseur->facture->creer)) { diff --git a/htdocs/fourn/facture/fiche.php b/htdocs/fourn/facture/fiche.php index 0d7bdc829b5..5706396fd10 100644 --- a/htdocs/fourn/facture/fiche.php +++ b/htdocs/fourn/facture/fiche.php @@ -82,7 +82,7 @@ if ($action == 'confirm_clone' && $confirm == 'yes') } } -if ($action == 'confirm_valid' && $confirm == 'yes' && $user->rights->fournisseur->facture->valider) +elseif ($action == 'confirm_valid' && $confirm == 'yes' && $user->rights->fournisseur->facture->valider) { $idwarehouse=GETPOST('idwarehouse'); @@ -111,7 +111,7 @@ if ($action == 'confirm_valid' && $confirm == 'yes' && $user->rights->fournisseu } } -if ($action == 'confirm_delete' && $confirm == 'yes' && $user->rights->fournisseur->facture->supprimer) +elseif ($action == 'confirm_delete' && $confirm == 'yes' && $user->rights->fournisseur->facture->supprimer) { $object->fetch($id); $result=$object->delete($id); @@ -126,7 +126,7 @@ if ($action == 'confirm_delete' && $confirm == 'yes' && $user->rights->fournisse } } -if ($action == 'confirm_deleteline' && $confirm == 'yes' && $user->rights->fournisseur->facture->creer) +elseif ($action == 'confirm_deleteline' && $confirm == 'yes' && $user->rights->fournisseur->facture->creer) { $object->fetch($id); $ret = $object->deleteline(GETPOST('lineid')); @@ -141,21 +141,21 @@ if ($action == 'confirm_deleteline' && $confirm == 'yes' && $user->rights->fourn } } -if ($action == 'confirm_paid' && $confirm == 'yes' && $user->rights->fournisseur->facture->creer) +elseif ($action == 'confirm_paid' && $confirm == 'yes' && $user->rights->fournisseur->facture->creer) { $object->fetch($id); $result=$object->set_paid($user); } // Set supplier ref -if (($action == 'setref_supplier' || $action == 'set_ref_supplier') && $user->rights->fournisseur->facture->creer) +elseif (($action == 'setref_supplier' || $action == 'set_ref_supplier') && $user->rights->fournisseur->facture->creer) { $object->fetch($id); $result=$object->set_ref_supplier($user, $_POST['ref_supplier']); } // Set label -if ($action == 'setlabel' && $user->rights->fournisseur->facture->creer) +elseif ($action == 'setlabel' && $user->rights->fournisseur->facture->creer) { $object->fetch($id); $object->label=$_POST['label']; @@ -163,25 +163,25 @@ if ($action == 'setlabel' && $user->rights->fournisseur->facture->creer) if ($result < 0) dol_print_error($db); } -if ($action == 'setdate' && $user->rights->fournisseur->facture->creer) +elseif ($action == 'setdate' && $user->rights->fournisseur->facture->creer) { $object->fetch($id); - $object->date=dol_mktime(12,0,0,$_POST['datemonth'],$_POST['dateday'],$_POST['dateyear']); + $object->date=dol_mktime(12,0,0,$_POST['datefmonth'],$_POST['datefday'],$_POST['datefyear']); if ($object->date_echeance < $object->date) $object->date_echeance=$object->date; $result=$object->update($user); if ($result < 0) dol_print_error($db,$object->error); } -if ($action == 'setdate_echeance' && $user->rights->fournisseur->facture->creer) +elseif ($action == 'setdate_echeance' && $user->rights->fournisseur->facture->creer) { $object->fetch($id); - $object->date_echeance=dol_mktime(12,0,0,$_POST['date_echeancemonth'],$_POST['date_echeanceday'],$_POST['date_echeanceyear']); + $object->date_echeance=dol_mktime(12,0,0,$_POST['date_lim_reglementmonth'],$_POST['date_lim_reglementday'],$_POST['date_lim_reglementyear']); if ($object->date_echeance < $object->date) $object->date_echeance=$object->date; $result=$object->update($user); if ($result < 0) dol_print_error($db,$object->error); } // Delete payment -if($action == 'deletepaiement') +elseif($action == 'deletepaiement') { $object->fetch($id); if ($object->statut == 1 && $object->paye == 0 && $user->societe_id == 0) @@ -193,7 +193,7 @@ if($action == 'deletepaiement') } // Create -if ($action == 'add' && $user->rights->fournisseur->facture->creer) +elseif ($action == 'add' && $user->rights->fournisseur->facture->creer) { $error=0; @@ -379,7 +379,7 @@ if ($action == 'add' && $user->rights->fournisseur->facture->creer) } // Modification d'une ligne -if ($action == 'update_line') +elseif ($action == 'update_line') { if ($_REQUEST['etat'] == '1' && ! $_REQUEST['cancel']) // si on valide la modification { @@ -428,7 +428,7 @@ if ($action == 'update_line') } } -if ($action == 'addline') +elseif ($action == 'addline') { $ret=$object->fetch($id); if ($ret < 0) @@ -539,7 +539,7 @@ if ($action == 'addline') $action = ''; } -if ($action == 'classin') +elseif ($action == 'classin') { $object->fetch($id); $result=$object->setProject($_POST['projectid']); @@ -547,7 +547,7 @@ if ($action == 'classin') // Set invoice to draft status -if ($action == 'edit' && $user->rights->fournisseur->facture->creer) +elseif ($action == 'edit' && $user->rights->fournisseur->facture->creer) { $object->fetch($id); @@ -573,7 +573,7 @@ if ($action == 'edit' && $user->rights->fournisseur->facture->creer) } // Set invoice to validated/unpaid status -if ($action == 'reopen' && $user->rights->fournisseur->facture->creer) +elseif ($action == 'reopen' && $user->rights->fournisseur->facture->creer) { $result = $object->fetch($id); if ($object->statut == 2 @@ -778,7 +778,7 @@ if ($action == 'send' && ! $_POST['addfile'] && ! $_POST['removedfile'] && ! $_P } // Build document -if ($action == 'builddoc') +elseif ($action == 'builddoc') { // Save modele used $object->fetch($id); @@ -807,7 +807,7 @@ if ($action == 'builddoc') } // Delete file in doc form -if ($action == 'remove_file') +elseif ($action == 'remove_file') { require_once(DOL_DOCUMENT_ROOT."/core/lib/files.lib.php"); @@ -1340,13 +1340,13 @@ else print ''; // Date - print ''.$form->editfieldkey("Date",'date',$object->datep,$object,($object->statut<2 && $user->rights->fournisseur->facture->creer && $object->getSommePaiement() <= 0),'datepicker').''; - print $form->editfieldval("Date",'date',$object->datep,$object,($object->statut<2 && $user->rights->fournisseur->facture->creer && $object->getSommePaiement() <= 0),'datepicker'); + print ''.$form->editfieldkey("Date",'datef',$object->datep,$object,($object->statut<2 && $user->rights->fournisseur->facture->creer && $object->getSommePaiement() <= 0),'datepicker').''; + print $form->editfieldval("Date",'datef',$object->datep,$object,($object->statut<2 && $user->rights->fournisseur->facture->creer && $object->getSommePaiement() <= 0),'datepicker'); print ''; // Due date - print ''.$form->editfieldkey("DateMaxPayment",'date_echeance',$object->date_echeance,$object,($object->statut<2 && $user->rights->fournisseur->facture->creer && $object->getSommePaiement() <= 0),'datepicker').''; - print $form->editfieldval("DateMaxPayment",'date_echeance',$object->date_echeance,$object,($object->statut<2 && $user->rights->fournisseur->facture->creer && $object->getSommePaiement() <= 0),'datepicker'); + print ''.$form->editfieldkey("DateMaxPayment",'date_lim_reglement',$object->date_echeance,$object,($object->statut<2 && $user->rights->fournisseur->facture->creer && $object->getSommePaiement() <= 0),'datepicker').''; + print $form->editfieldval("DateMaxPayment",'date_lim_reglement',$object->date_echeance,$object,($object->statut<2 && $user->rights->fournisseur->facture->creer && $object->getSommePaiement() <= 0),'datepicker'); print ''; // Status From 1429411cc986b987f2b879137839022be8f0836a Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Sat, 25 Feb 2012 16:01:24 +0100 Subject: [PATCH 06/39] Fix: Bad lastname --- htdocs/adherents/liste.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/adherents/liste.php b/htdocs/adherents/liste.php index a88056930b7..57eb88dee8e 100644 --- a/htdocs/adherents/liste.php +++ b/htdocs/adherents/liste.php @@ -79,7 +79,7 @@ llxHeader('',$langs->trans("Member"),'EN:Module_Foundations|FR:Module_Adhé $now=dol_now(); -$sql = "SELECT d.rowid, d.login, d.prenom as firstname, d.nom as name, d.societe, "; +$sql = "SELECT d.rowid, d.login, d.nom as lastname, d.prenom as firstname, d.societe, "; $sql.= " d.datefin,"; $sql.= " d.email, d.fk_adherent_type as type_id, d.morphy, d.statut,"; $sql.= " t.libelle as type, t.cotisation"; From de187ab398cccee634ae66152609f8dd21a1fea4 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Sat, 25 Feb 2012 16:14:41 +0100 Subject: [PATCH 07/39] Try a better fix --- htdocs/commande/fiche.php | 7 +++---- htdocs/fourn/commande/fiche.php | 7 +++---- htdocs/fourn/facture/fiche.php | 5 ++--- 3 files changed, 8 insertions(+), 11 deletions(-) diff --git a/htdocs/commande/fiche.php b/htdocs/commande/fiche.php index 155d5accabe..26fe52579b3 100644 --- a/htdocs/commande/fiche.php +++ b/htdocs/commande/fiche.php @@ -229,7 +229,7 @@ if ($action == 'add' && $user->rights->commande->creer) $object->origin = $_POST['origin']; $object->origin_id = $_POST['originid']; - + // Possibility to add external linked objects with hooks $object->linked_objects[$object->origin] = $object->origin_id; if (is_array($_POST['other_linked_objects']) && ! empty($_POST['other_linked_objects'])) @@ -641,15 +641,14 @@ if ($action == 'addline' && $user->rights->commande->creer) { // Define output language $outputlangs = $langs; - $newlang=''; - if ($conf->global->MAIN_MULTILANGS && empty($newlang) && GETPOST('lang_id','int')) $newlang=GETPOST('lang_id','int'); + $newlang=GETPOST('lang_id','alpha'); if ($conf->global->MAIN_MULTILANGS && empty($newlang)) $newlang=$object->client->default_lang; if (! empty($newlang)) { $outputlangs = new Translate("",$conf); $outputlangs->setDefaultLang($newlang); } - + $ret=$object->fetch($id); // Reload to get new records commande_pdf_create($db, $object, $object->modelpdf, $outputlangs, GETPOST('hidedetails'), GETPOST('hidedesc'), GETPOST('hideref'), $hookmanager); } diff --git a/htdocs/fourn/commande/fiche.php b/htdocs/fourn/commande/fiche.php index 09ebb908820..a2954d7263e 100644 --- a/htdocs/fourn/commande/fiche.php +++ b/htdocs/fourn/commande/fiche.php @@ -221,15 +221,14 @@ if ($action == 'addline' && $user->rights->fournisseur->commande->creer) { // Define output language $outputlangs = $langs; - $newlang=''; - if ($conf->global->MAIN_MULTILANGS && empty($newlang) && GETPOST('lang_id','int')) $newlang=GETPOST('lang_id','int'); - if ($conf->global->MAIN_MULTILANGS && empty($newlang)) $newlang=$object->client->default_lang; + $newlang=GETPOST('lang_id','alpha'); + if ($conf->global->MAIN_MULTILANGS && empty($newlang)) $newlang=$object->client->default_lang; if (! empty($newlang)) { $outputlangs = new Translate("",$conf); $outputlangs->setDefaultLang($newlang); } - + $ret=$object->fetch($id); // Reload to get new records supplier_order_pdf_create($db, $object, $object->modelpdf, $outputlangs, GETPOST('hidedetails'), GETPOST('hidedesc'), GETPOST('hideref')); } diff --git a/htdocs/fourn/facture/fiche.php b/htdocs/fourn/facture/fiche.php index 5706396fd10..4aad2f8a79d 100644 --- a/htdocs/fourn/facture/fiche.php +++ b/htdocs/fourn/facture/fiche.php @@ -509,9 +509,8 @@ elseif ($action == 'addline') { // Define output language $outputlangs = $langs; - $newlang=''; - if ($conf->global->MAIN_MULTILANGS && empty($newlang) && GETPOST('lang_id','int')) $newlang=GETPOST('lang_id','int'); - if ($conf->global->MAIN_MULTILANGS && empty($newlang)) $newlang=$object->client->default_lang; + $newlang=GETPOST('lang_id','alpha'); + if ($conf->global->MAIN_MULTILANGS && empty($newlang)) $newlang=$object->client->default_lang; if (! empty($newlang)) { $outputlangs = new Translate("",$conf); From 45f2f7b449d686cbeab5378acb121c15e766eb18 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Sat, 25 Feb 2012 16:14:59 +0100 Subject: [PATCH 08/39] Fix: Second field is required --- .../core/modules/commande/doc/doc_generic_order_odt.modules.php | 2 +- .../modules/facture/doc/doc_generic_invoice_odt.modules.php | 2 +- .../modules/propale/doc/doc_generic_proposal_odt.modules.php | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/htdocs/core/modules/commande/doc/doc_generic_order_odt.modules.php b/htdocs/core/modules/commande/doc/doc_generic_order_odt.modules.php index a124b6a5f35..667971d4b86 100644 --- a/htdocs/core/modules/commande/doc/doc_generic_order_odt.modules.php +++ b/htdocs/core/modules/commande/doc/doc_generic_order_odt.modules.php @@ -129,7 +129,7 @@ class doc_generic_order_odt extends ModelePDFCommandes global $conf; return array( - 'line_fulldesc'=>doc_getlinedesc($line), + 'line_fulldesc'=>doc_getlinedesc($line,$outputlangs), 'line_product_ref'=>$line->product_ref, 'line_product_label'=>$line->product_label, 'line_desc'=>$line->desc, diff --git a/htdocs/core/modules/facture/doc/doc_generic_invoice_odt.modules.php b/htdocs/core/modules/facture/doc/doc_generic_invoice_odt.modules.php index e84184c85b9..831df574b3d 100644 --- a/htdocs/core/modules/facture/doc/doc_generic_invoice_odt.modules.php +++ b/htdocs/core/modules/facture/doc/doc_generic_invoice_odt.modules.php @@ -139,7 +139,7 @@ class doc_generic_invoice_odt extends ModelePDFFactures global $conf; return array( - 'line_fulldesc'=>doc_getlinedesc($line), + 'line_fulldesc'=>doc_getlinedesc($line,$outputlangs), 'line_product_ref'=>$line->product_ref, 'line_product_label'=>$line->product_label, 'line_desc'=>$line->desc, diff --git a/htdocs/core/modules/propale/doc/doc_generic_proposal_odt.modules.php b/htdocs/core/modules/propale/doc/doc_generic_proposal_odt.modules.php index ee12598ce52..73a3b64a3a2 100644 --- a/htdocs/core/modules/propale/doc/doc_generic_proposal_odt.modules.php +++ b/htdocs/core/modules/propale/doc/doc_generic_proposal_odt.modules.php @@ -128,7 +128,7 @@ class doc_generic_proposal_odt extends ModelePDFPropales global $conf; return array( - 'line_fulldesc'=>doc_getlinedesc($line), + 'line_fulldesc'=>doc_getlinedesc($line,$outputlangs), 'line_product_ref'=>$line->product_ref, 'line_product_label'=>$line->product_label, 'line_desc'=>$line->desc, From e519bf0c402c35ddb75a9d340f96ef67e489e496 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Sat, 25 Feb 2012 16:24:36 +0100 Subject: [PATCH 09/39] Fix: Fix TODO Doxygen --- htdocs/core/class/html.formother.class.php | 996 +++++++++++---------- 1 file changed, 501 insertions(+), 495 deletions(-) diff --git a/htdocs/core/class/html.formother.class.php b/htdocs/core/class/html.formother.class.php index e39c4ad26dd..c1640110553 100644 --- a/htdocs/core/class/html.formother.class.php +++ b/htdocs/core/class/html.formother.class.php @@ -37,355 +37,436 @@ */ class FormOther { - var $db; - var $error; + var $db; + var $error; - /** - * Constructor - * - * @param DoliDB $db Database handler - */ - function FormOther($db) - { - $this->db = $db; + /** + * Constructor + * + * @param DoliDB $db Database handler + */ + function FormOther($db) + { + $this->db = $db; - return 1; - } + return 1; + } - /** + /** * Return HTML select list of export models * - * @param string $selected Id modele pre-selectionne - * @param string $htmlname Nom de la zone select - * @param string $type Type des modeles recherches - * @param int $useempty Affiche valeur vide dans liste - * @return void - */ - function select_export_model($selected='',$htmlname='exportmodelid',$type='',$useempty=0) - { - $sql = "SELECT rowid, label"; - $sql.= " FROM ".MAIN_DB_PREFIX."export_model"; - $sql.= " WHERE type = '".$type."'"; - $sql.= " ORDER BY rowid"; - $result = $this->db->query($sql); - if ($result) - { - print ''; + if ($useempty) + { + print ''; + } - $num = $this->db->num_rows($result); - $i = 0; - while ($i < $num) - { - $obj = $this->db->fetch_object($result); - if ($selected == $obj->rowid) - { - print ''; - $i++; - } - print ""; - } - else { - dol_print_error($this->db); - } - } + $num = $this->db->num_rows($result); + $i = 0; + while ($i < $num) + { + $obj = $this->db->fetch_object($result); + if ($selected == $obj->rowid) + { + print ''; + $i++; + } + print ""; + } + else { + dol_print_error($this->db); + } + } - /** + /** * Return list of export models * - * @param string $selected Id modele pre-selectionne - * @param string $htmlname Nom de la zone select - * @param string $type Type des modeles recherches - * @param int $useempty Affiche valeur vide dans liste - * @return void - */ - function select_import_model($selected='',$htmlname='importmodelid',$type='',$useempty=0) - { - $sql = "SELECT rowid, label"; - $sql.= " FROM ".MAIN_DB_PREFIX."import_model"; - $sql.= " WHERE type = '".$type."'"; - $sql.= " ORDER BY rowid"; - $result = $this->db->query($sql); - if ($result) - { - print ''; + if ($useempty) + { + print ''; + } - $num = $this->db->num_rows($result); - $i = 0; - while ($i < $num) - { - $obj = $this->db->fetch_object($result); - if ($selected == $obj->rowid) - { - print ''; - $i++; - } - print ""; - } - else { - dol_print_error($this->db); - } - } + $num = $this->db->num_rows($result); + $i = 0; + while ($i < $num) + { + $obj = $this->db->fetch_object($result); + if ($selected == $obj->rowid) + { + print ''; + $i++; + } + print ""; + } + else { + dol_print_error($this->db); + } + } - /** - * Retourne la liste des ecotaxes avec tooltip sur le libelle - * - * @param string $selected code ecotaxes pre-selectionne - * @param string $htmlname nom de la liste deroulante - * @return void - */ - function select_ecotaxes($selected='',$htmlname='ecotaxe_id') - { - global $langs; + /** + * Retourne la liste des ecotaxes avec tooltip sur le libelle + * + * @param string $selected code ecotaxes pre-selectionne + * @param string $htmlname nom de la liste deroulante + * @return void + */ + function select_ecotaxes($selected='',$htmlname='ecotaxe_id') + { + global $langs; - $sql = "SELECT e.rowid, e.code, e.libelle, e.price, e.organization,"; - $sql.= " p.libelle as pays"; - $sql.= " FROM ".MAIN_DB_PREFIX."c_ecotaxe as e,".MAIN_DB_PREFIX."c_pays as p"; - $sql.= " WHERE e.active = 1 AND e.fk_pays = p.rowid"; - $sql.= " ORDER BY pays, e.organization ASC, e.code ASC"; + $sql = "SELECT e.rowid, e.code, e.libelle, e.price, e.organization,"; + $sql.= " p.libelle as pays"; + $sql.= " FROM ".MAIN_DB_PREFIX."c_ecotaxe as e,".MAIN_DB_PREFIX."c_pays as p"; + $sql.= " WHERE e.active = 1 AND e.fk_pays = p.rowid"; + $sql.= " ORDER BY pays, e.organization ASC, e.code ASC"; $resql=$this->db->query($sql); - if ($resql) - { - print ''; - return 0; - } - else - { - dol_print_error($this->db); - return 1; - } - } + if ($resql) + { + print ''; + return 0; + } + else + { + dol_print_error($this->db); + return 1; + } + } - /** - * Return a HTML select list to select a percent - * - * @param string $selected pourcentage pre-selectionne - * @param string $htmlname nom de la liste deroulante - * @param int $increment increment value - * @param int $start start value - * @param int $end end value - * @return string HTML select string - */ - function select_percent($selected=0,$htmlname='percent',$disabled=0,$increment=5,$start=0,$end=100) - { - $return = ''; - for ($i = $start ; $i <= $end ; $i += $increment) - { - if ($selected == $i) - { - $return.= ''; - } + for ($i = $start ; $i <= $end ; $i += $increment) + { + if ($selected == $i) + { + $return.= ''; + } - $return.= ''; + $return.= ''; - return $return; - } + return $return; + } - /** - * Return select list for categories (to use in form search selectors) - * - * @param int $type Type of categories (0=product, 1=suppliers, 2=customers, 3=members) - * @param string $selected Preselected value - * @param string $htmlname Name of combo list - * @return string Html combo list code - */ - function select_categories($type,$selected=0,$htmlname='search_categ') - { - global $langs; - require_once(DOL_DOCUMENT_ROOT."/categories/class/categorie.class.php"); + /** + * Return select list for categories (to use in form search selectors) + * + * @param int $type Type of categories (0=product, 1=suppliers, 2=customers, 3=members) + * @param string $selected Preselected value + * @param string $htmlname Name of combo list + * @return string Html combo list code + */ + function select_categories($type,$selected=0,$htmlname='search_categ') + { + global $langs; + require_once(DOL_DOCUMENT_ROOT."/categories/class/categorie.class.php"); - // Load list of "categories" - $static_categs = new Categorie($this->db); - $tab_categs = $static_categs->get_full_arbo($type); + // Load list of "categories" + $static_categs = new Categorie($this->db); + $tab_categs = $static_categs->get_full_arbo($type); - // Print a select with each of them - $moreforfilter =''; + $moreforfilter.=''; - if (is_array($tab_categs)) - { - foreach ($tab_categs as $categ) - { - $moreforfilter.=''; - // Get list of users allowed to be viewed - $sql_usr = "SELECT u.rowid, u.name as name, u.firstname, u.login"; - $sql_usr.= " FROM ".MAIN_DB_PREFIX."user as u"; - $sql_usr.= " WHERE u.entity IN (0,".$conf->entity.")"; - if (empty($user->rights->user->user->lire)) $sql_usr.=" AND u.fk_societe = ".($user->societe_id?$user->societe_id:0); + // Get list of users allowed to be viewed + $sql_usr = "SELECT u.rowid, u.name as name, u.firstname, u.login"; + $sql_usr.= " FROM ".MAIN_DB_PREFIX."user as u"; + $sql_usr.= " WHERE u.entity IN (0,".$conf->entity.")"; + if (empty($user->rights->user->user->lire)) $sql_usr.=" AND u.fk_societe = ".($user->societe_id?$user->societe_id:0); // Add existing sales representatives of company - if (empty($user->rights->user->user->lire) && $user->societe_id) - { + if (empty($user->rights->user->user->lire) && $user->societe_id) + { $sql_usr.=" UNION "; $sql_usr.= "SELECT u2.rowid, u2.name as name, u2.firstname, u2.login"; $sql_usr.= " FROM ".MAIN_DB_PREFIX."user as u2, ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql_usr.= " WHERE u2.entity IN (0,".$conf->entity.")"; $sql_usr.= " AND u2.rowid = sc.fk_user AND sc.fk_soc=".$user->societe_id; - } + } $sql_usr.= " ORDER BY name ASC"; //print $sql_usr;exit; $resql_usr = $this->db->query($sql_usr); - if ($resql_usr) - { - while ($obj_usr = $this->db->fetch_object($resql_usr)) - { - $moreforfilter.=''; - } - $this->db->free($resql_usr); - } - else - { - dol_print_error($this->db); - } - $moreforfilter.=''; + $moreforfilter.='>'; + $moreforfilter.=$obj_usr->firstname." ".$obj_usr->name." (".$obj_usr->login.')'; + $moreforfilter.=''; + } + $this->db->free($resql_usr); + } + else + { + dol_print_error($this->db); + } + $moreforfilter.=''; - return $moreforfilter; - } + return $moreforfilter; + } - /** - * Return list of project and tasks - * - * @param int $selectedtask Pre-selected task - * @param int $projectid Project id - * @param string $htmlname Name of html select - * @param int $modeproject 1 to restrict on projects owned by user - * @param int $modetask 1 to restrict on tasks associated to user - * @param int $mode 0=Return list of tasks and their projects, 1=Return projects and tasks if exists - * @param int $useempty 0=Allow empty values - * @return void - */ - function selectProjectTasks($selectedtask='', $projectid=0, $htmlname='task_parent', $modeproject=0, $modetask=0, $mode=0, $useempty=0) - { - global $user, $langs; + /** + * Return list of project and tasks + * + * @param int $selectedtask Pre-selected task + * @param int $projectid Project id + * @param string $htmlname Name of html select + * @param int $modeproject 1 to restrict on projects owned by user + * @param int $modetask 1 to restrict on tasks associated to user + * @param int $mode 0=Return list of tasks and their projects, 1=Return projects and tasks if exists + * @param int $useempty 0=Allow empty values + * @return void + */ + function selectProjectTasks($selectedtask='', $projectid=0, $htmlname='task_parent', $modeproject=0, $modetask=0, $mode=0, $useempty=0) + { + global $user, $langs; - require_once(DOL_DOCUMENT_ROOT."/projet/class/task.class.php"); + require_once(DOL_DOCUMENT_ROOT."/projet/class/task.class.php"); - //print $modeproject.'-'.$modetask; - $task=new Task($this->db); - $tasksarray=$task->getTasksArray($modetask?$user:0, $modeproject?$user:0, $projectid, 0, $mode); - if ($tasksarray) - { - print ''; - } - else - { - print '
'.$langs->trans("NoProject").'
'; - } - } + //print $modeproject.'-'.$modetask; + $task=new Task($this->db); + $tasksarray=$task->getTasksArray($modetask?$user:0, $modeproject?$user:0, $projectid, 0, $mode); + if ($tasksarray) + { + print ''; + } + else + { + print '
'.$langs->trans("NoProject").'
'; + } + } + /** + * Write all lines of a project (if parent = 0) + * + * @param int &$inc Cursor counter + * @param int $parent Id parent + * @param Object $lines Line object + * @param int $level Level + * @param int $selectedtask Id selected task + * @param int $selectedproject Id selected project + * @return void + */ + private function _pLineSelect(&$inc, $parent, $lines, $level=0, $selectedtask=0, $selectedproject=0) + { + global $langs, $user, $conf; - /** - * Output a HTML code to select a color - * - * @param string $set_color Pre-selected color - * @param string $prefix Name of HTML field - * @param string $form_name Name of form - * @param int $showcolorbox 1=Show color code and color box, 0=Show only color code - * @param array $arrayofcolors Array of colors. Example: array('29527A','5229A3','A32929','7A367A','B1365F','0D7813') - * @return void - */ - function select_color($set_color='', $prefix='f_color', $form_name='objForm', $showcolorbox=1, $arrayofcolors='') - { - global $langs; - if (! is_array($arrayofcolors) || count($arrayofcolors) < 1) - { - $langs->load("other"); - print ''; + $lastprojectid=0; + + $numlines=count($lines); + for ($i = 0 ; $i < $numlines ; $i++) + { + if ($lines[$i]->fk_parent == $parent) + { + $var = !$var; + + // Break on a new project + if ($parent == 0) + { + if ($lines[$i]->fk_project != $lastprojectid) + { + if ($i > 0 && $conf->browser->firefox) print ''; + print '\n"; + + $lastprojectid=$lines[$i]->fk_project; + $inc++; + } + } + + // Print task + if ($lines[$i]->id > 0) + { + print '\n"; + $inc++; + } + + $level++; + if ($lines[$i]->id) $this->_pLineSelect($inc, $lines[$i]->id, $lines, $level, $selectedtask, $selectedproject); + $level--; + } + } + } + + /** + * Output a HTML code to select a color + * + * @param string $set_color Pre-selected color + * @param string $prefix Name of HTML field + * @param string $form_name Name of form + * @param int $showcolorbox 1=Show color code and color box, 0=Show only color code + * @param array $arrayofcolors Array of colors. Example: array('29527A','5229A3','A32929','7A367A','B1365F','0D7813') + * @return void + */ + function select_color($set_color='', $prefix='f_color', $form_name='objForm', $showcolorbox=1, $arrayofcolors='') + { + global $langs; + if (! is_array($arrayofcolors) || count($arrayofcolors) < 1) + { + $langs->load("other"); + print ''; print ''; print ''; print ''; - } - else // In most cases, this is not used. We used instead function with no specific list of colors - { + } + else // In most cases, this is not used. We used instead function with no specific list of colors + { print ''; print ''; - print ''; - print ''; - } - } + print ''; + } + } - /** - * Creation d'un icone de couleur - * - * @param string $color Couleur de l'image - * @param string $module Nom du module - * @param string $name Nom de l'image - * @param int $x Largeur de l'image en pixels - * @param int $y Hauteur de l'image en pixels - */ - function CreateColorIcon($color,$module,$name,$x='12',$y='12') - { - global $conf; + /** + * Creation d'un icone de couleur + * + * @param string $color Couleur de l'image + * @param string $module Nom du module + * @param string $name Nom de l'image + * @param int $x Largeur de l'image en pixels + * @param int $y Hauteur de l'image en pixels + * @return void + */ + function CreateColorIcon($color,$module,$name,$x='12',$y='12') + { + global $conf; - $file = $conf->$module->dir_temp.'/'.$name.'.png'; + $file = $conf->$module->dir_temp.'/'.$name.'.png'; - // On cree le repertoire contenant les icones - if (! file_exists($conf->$module->dir_temp)) - { - dol_mkdir($conf->$module->dir_temp); - } + // On cree le repertoire contenant les icones + if (! file_exists($conf->$module->dir_temp)) + { + dol_mkdir($conf->$module->dir_temp); + } - // On cree l'image en vraies couleurs - $image = imagecreatetruecolor($x,$y); + // On cree l'image en vraies couleurs + $image = imagecreatetruecolor($x,$y); - $color = substr($color,1,6); + $color = substr($color,1,6); - $rouge = hexdec(substr($color,0,2)); //conversion du canal rouge - $vert = hexdec(substr($color,2,2)); //conversion du canal vert - $bleu = hexdec(substr($color,4,2)); //conversion du canal bleu + $rouge = hexdec(substr($color,0,2)); //conversion du canal rouge + $vert = hexdec(substr($color,2,2)); //conversion du canal vert + $bleu = hexdec(substr($color,4,2)); //conversion du canal bleu - $couleur = imagecolorallocate($image,$rouge,$vert,$bleu); - //print $rouge.$vert.$bleu; - imagefill($image,0,0,$couleur); //on remplit l'image - // On cree la couleur et on l'attribue a une variable pour ne pas la perdre - ImagePng($image,$file); //renvoie une image sous format png - ImageDestroy($image); - } + $couleur = imagecolorallocate($image,$rouge,$vert,$bleu); + //print $rouge.$vert.$bleu; + imagefill($image,0,0,$couleur); //on remplit l'image + // On cree la couleur et on l'attribue a une variable pour ne pas la perdre + ImagePng($image,$file); //renvoie une image sous format png + ImageDestroy($image); + } /** * Return HTML combo list of week @@ -541,7 +623,7 @@ class FormOther */ function select_month($selected='',$htmlname='monthid',$useempty=0) { - global $langs; + global $langs; require_once(DOL_DOCUMENT_ROOT."/core/lib/date.lib.php"); @@ -569,36 +651,42 @@ class FormOther } /** - * Return HTML combo list of years + * Return HTML combo list of years * - * @param string $selected Preselected value (''=current year, -1=none, year otherwise) - * @param string $htmlname Name of HTML select object - * @param int $useempty Affiche valeur vide dans liste - * @param int $min_year Offset of minimum year into list (by default current year -10) - * @param int $max_year Offset of maximum year into list (by default current year + 5) - * @return void + * @param string $selected Preselected value (''=current year, -1=none, year otherwise) + * @param string $htmlname Name of HTML select object + * @param int $useempty Affiche valeur vide dans liste + * @param int $min_year Offset of minimum year into list (by default current year -10) + * @param int $max_year Offset of maximum year into list (by default current year + 5) + * @param int $offset Offset + * @param int $invert Invert + * @param string $option Option + * @return void */ - function select_year($selected='',$htmlname='yearid',$useempty=0, $min_year=10, $max_year=5, $offset=0, $invert=0, $option='') + function select_year($selected='',$htmlname='yearid',$useempty=0, $min_year=10, $max_year=5, $offset=0, $invert=0, $option='') { - print $this->selectyear($selected,$htmlname,$useempty,$min_year,$max_year,$offset,$invert,$option); + print $this->selectyear($selected,$htmlname,$useempty,$min_year,$max_year,$offset,$invert,$option); } /** - * Return HTML combo list of years + * Return HTML combo list of years * - * @param string $selected Preselected value (''=current year, -1=none, year otherwise) - * @param string $htmlname Name of HTML select object - * @param int $useempty Affiche valeur vide dans liste - * @param int $min_year Offset of minimum year into list (by default current year -10) - * @param int $max_year Offset of maximum year into list (by default current year + 5) - * @return void + * @param string $selected Preselected value (''=current year, -1=none, year otherwise) + * @param string $htmlname Name of HTML select object + * @param int $useempty Affiche valeur vide dans liste + * @param int $min_year Offset of minimum year into list (by default current year -10) + * @param int $max_year Offset of maximum year into list (by default current year + 5) + * @param int $offset Offset + * @param int $invert Invert + * @param string $option Option + * @return void */ - function selectyear($selected='',$htmlname='yearid',$useempty=0, $min_year=10, $max_year=5, $offset=0, $invert=0, $option='') + function selectyear($selected='',$htmlname='yearid',$useempty=0, $min_year=10, $max_year=5, $offset=0, $invert=0, $option='') { - $out=''; + $out=''; $currentyear = date("Y")+$offset; - $max_year = $currentyear+$max_year; + $max_year = $currentyear+$max_year; $min_year = $currentyear-$min_year; if(empty($selected)) $selected = $currentyear; @@ -610,21 +698,21 @@ class FormOther } if (! $invert) { - for ($y = $max_year; $y >= $min_year; $y--) - { - $selected_html=''; - if ($selected > 0 && $y == $selected) $selected_html = ' selected="selected"'; - $out.= ''; - } + for ($y = $max_year; $y >= $min_year; $y--) + { + $selected_html=''; + if ($selected > 0 && $y == $selected) $selected_html = ' selected="selected"'; + $out.= ''; + } } else { - for ($y = $min_year; $y <= $max_year; $y++) - { - $selected_html=''; - if ($selected > 0 && $y == $selected) $selected_html = ' selected="selected"'; - $out.= ''; - } + for ($y = $min_year; $y <= $max_year; $y++) + { + $selected_html=''; + if ($selected > 0 && $y == $selected) $selected_html = ' selected="selected"'; + $out.= ''; + } } $out.= "\n"; @@ -633,130 +721,48 @@ class FormOther /** * Show form to select addresse - * + * * @param int $page Page - * @param string $selected Id condition pre-selectionne - * @param string $htmlname Nom du formulaire select + * @param string $selected Id condition pre-selectionne + * @param int $socid Id of third party + * @param string $htmlname Nom du formulaire select * @param string $origin Origine de l'appel pour pouvoir creer un retour - * @param int $originid Id de l'origine + * @param int $originid Id de l'origine * @return void */ - function form_address($page, $selected='', $socid, $htmlname='address_id', $origin='', $originid='') + function form_address($page, $selected, $socid, $htmlname='address_id', $origin='', $originid='') { - global $langs,$conf; - if ($htmlname != "none") - { - print '
'; - print ''; - print ''; - print ''; - print ''; - print '
'; - $this->select_address($selected, $socid, $htmlname, 1); - print ''; - $langs->load("companies"); - print '   '.$langs->trans("AddAddress").''; - print '
'; - } - else - { - if ($selected) - { - require_once(DOL_DOCUMENT_ROOT ."/societe/class/address.class.php"); - $address=new Address($this->db); - $result=$address->fetch_address($selected); - print ''.$address->label.''; - } - else - { - print " "; - } - } + global $langs,$conf; + if ($htmlname != "none") + { + print '
'; + print ''; + print ''; + print ''; + print ''; + print '
'; + $this->select_address($selected, $socid, $htmlname, 1); + print ''; + $langs->load("companies"); + print '   '.$langs->trans("AddAddress").''; + print '
'; + } + else + { + if ($selected) + { + require_once(DOL_DOCUMENT_ROOT ."/societe/class/address.class.php"); + $address=new Address($this->db); + $result=$address->fetch_address($selected); + print ''.$address->label.''; + } + else + { + print " "; + } + } } } - -/** - * Write all lines of a project (if parent = 0) - * - * @param int &$inc Cursor counter - * @param int $parent Id parent - * @param Object $lines Line object - * @param int $level Level - * @param int $selectedtask Id selected task - * @param int $selectedproject Id selected project - * @return void - * TODO why this function is here ? - */ -function PLineSelect(&$inc, $parent, $lines, $level=0, $selectedtask=0, $selectedproject=0) -{ - global $langs, $user, $conf; - - $lastprojectid=0; - - $numlines=count($lines); - for ($i = 0 ; $i < $numlines ; $i++) - { - if ($lines[$i]->fk_parent == $parent) - { - $var = !$var; - - // Break on a new project - if ($parent == 0) - { - if ($lines[$i]->fk_project != $lastprojectid) - { - if ($i > 0 && $conf->browser->firefox) print ''; - print '\n"; - - $lastprojectid=$lines[$i]->fk_project; - $inc++; - } - } - - // Print task - if ($lines[$i]->id > 0) - { - print '\n"; - $inc++; - } - - $level++; - if ($lines[$i]->id) PLineSelect($inc, $lines[$i]->id, $lines, $level, $selectedtask, $selectedproject); - $level--; - } - } -} - ?> From 1a0793de917afab448759159f822e6eb8f36f9f9 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Sat, 25 Feb 2012 20:17:19 +0100 Subject: [PATCH 10/39] Fix: Box feature was lost --- htdocs/boxes.php | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/htdocs/boxes.php b/htdocs/boxes.php index 77c63b8bce1..c83a37ef87e 100644 --- a/htdocs/boxes.php +++ b/htdocs/boxes.php @@ -210,11 +210,11 @@ class InfoBox } else { - $boxname=preg_replace('/.php$/i','',$obj->file); - $sourcefile = DOL_DOCUMENT_ROOT."/core/boxes/".$boxname.".php"; + $boxname=preg_replace('/\.php$/i','',$obj->file); + $sourcefile = "/core/boxes/".$boxname.".php"; } - dol_include_once($sourcefile); + dol_include_once($sourcefile); // Do not use dol_include_once here because sourcefile is already good fullpath if (class_exists($boxname)) { $box=new $boxname($this->db,$obj->note); @@ -271,15 +271,15 @@ class InfoBox { $boxname = $regs[1]; $module = $regs[2]; - $sourcefile = "/".$module."/core/boxes/".$boxname.".php"; + $relsourcefile = "/".$module."/core/boxes/".$boxname.".php"; } else { $boxname=preg_replace('/.php$/i','',$obj->file); - $sourcefile = "/core/boxes/".$boxname.".php"; + $relsourcefile = "/core/boxes/".$boxname.".php"; } - dol_include_once($sourcefile); + dol_include_once($relsourcefile); if (class_exists($boxname)) { $box=new $boxname($this->db,$obj->note); From 24422afe441a71424e37b8354764a7a599663dbb Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Sun, 26 Feb 2012 02:54:16 +0100 Subject: [PATCH 11/39] Better fix --- htdocs/fourn/commande/fiche.php | 4 ++-- htdocs/fourn/facture/fiche.php | 21 ++++++++------------- 2 files changed, 10 insertions(+), 15 deletions(-) diff --git a/htdocs/fourn/commande/fiche.php b/htdocs/fourn/commande/fiche.php index a2954d7263e..5d18b8bbed2 100644 --- a/htdocs/fourn/commande/fiche.php +++ b/htdocs/fourn/commande/fiche.php @@ -157,8 +157,8 @@ if ($action == 'addline' && $user->rights->fournisseur->commande->creer) $type = $productsupplier->type; // Local Taxes - $localtax1_tx= get_localtax($tva_tx, 1, $object->thirdparty); - $localtax2_tx= get_localtax($tva_tx, 2, $object->thirdparty); + $localtax1_tx= get_localtax($tva_tx, 1, $mysoc); + $localtax2_tx= get_localtax($tva_tx, 2, $mysoc); $result=$object->addline( $desc, diff --git a/htdocs/fourn/facture/fiche.php b/htdocs/fourn/facture/fiche.php index 4aad2f8a79d..afae39f9309 100644 --- a/htdocs/fourn/facture/fiche.php +++ b/htdocs/fourn/facture/fiche.php @@ -416,8 +416,8 @@ elseif ($action == 'update_line') } $label = $_POST['desc']; $type = $_POST["type"]?$_POST["type"]:0; - $localtax1tx= get_localtax($_POST['tauxtva'], 1, $societe); - $localtax2tx= get_localtax($_POST['tauxtva'], 2, $societe); + $localtax1tx= get_localtax($_POST['tauxtva'], 1, $mysoc); + $localtax2tx= get_localtax($_POST['tauxtva'], 2, $mysoc); } $result=$object->updateline($_GET['lineid'], $label, $pu, $_POST['tauxtva'], $localtax1tx, $localtax2tx, $_POST['qty'], $_POST['idprod'], $price_base_type, 0, $type); @@ -436,12 +436,7 @@ elseif ($action == 'addline') dol_print_error($db,$object->error); exit; } - - if ($object->socid) - { - $societe=new Societe($db); - $societe->fetch($object->socid); - } + $ret=$object->fetch_thirdparty(); if ($_POST['idprodfournprice']) // > 0 or -1 { @@ -456,10 +451,10 @@ elseif ($action == 'addline') // $label = '['.$product->ref.'] - '. $product->libelle; $label = $product->description; - $tvatx=get_default_tva($societe,$mysoc,$product->id); + $tvatx=get_default_tva($object->thirdparty,$mysoc,$product->id); - $localtax1tx= get_localtax($tvatx, 1, $societe); - $localtax2tx= get_localtax($tvatx, 2, $societe); + $localtax1tx= get_localtax($tvatx, 1, $mysoc); + $localtax2tx= get_localtax($tvatx, 2, $mysoc); $type = $product->type; @@ -476,8 +471,8 @@ elseif ($action == 'addline') else { $tauxtva = price2num($_POST['tauxtva']); - $localtax1tx= get_localtax($tauxtva, 1, $societe); - $localtax2tx= get_localtax($tauxtva, 2, $societe); + $localtax1tx= get_localtax($tauxtva, 1, $mysoc); + $localtax2tx= get_localtax($tauxtva, 2, $mysoc); if (! $_POST['dp_desc']) { From 9270e4603b9093aa10b0b30420a86b2d66bc1cf6 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Sun, 26 Feb 2012 13:32:16 +0100 Subject: [PATCH 12/39] Fix: Bad filters on stock movement list --- htdocs/product/stock/class/entrepot.class.php | 58 ++++++++----------- htdocs/product/stock/mouvement.php | 37 ++++++------ 2 files changed, 42 insertions(+), 53 deletions(-) diff --git a/htdocs/product/stock/class/entrepot.class.php b/htdocs/product/stock/class/entrepot.class.php index 4554d82000e..8ff30ceebec 100644 --- a/htdocs/product/stock/class/entrepot.class.php +++ b/htdocs/product/stock/class/entrepot.class.php @@ -28,10 +28,8 @@ require_once(DOL_DOCUMENT_ROOT."/core/class/commonobject.class.php"); /** - * \class Entrepot - * \brief Classe permettant la gestion des entrepots + * Class to manage warehouses */ - class Entrepot extends CommonObject { public $element='label'; @@ -52,11 +50,11 @@ class Entrepot extends CommonObject /** * Constructor * - * @param DoliDB $DB Database handler + * @param DoliDB $db Database handler */ - function Entrepot($DB) + function __construct($db) { - $this->db = $DB; + $this->db = $db; // List of short language codes for status $this->statuts[0] = 'Closed2'; @@ -78,12 +76,14 @@ class Entrepot extends CommonObject return 0; } + $now=dol_now(); + $this->db->begin(); $sql = "INSERT INTO ".MAIN_DB_PREFIX."entrepot (datec, fk_user_author, label)"; - $sql .= " VALUES (".$this->db->idate(mktime()).",".$user->id.",'".$this->db->escape($this->libelle)."')"; + $sql .= " VALUES (".$this->db->idate($now).",".$user->id.",'".$this->db->escape($this->libelle)."')"; - dol_syslog("Entrepot::create sql=".$sql); + dol_syslog(get_class($this)."::create sql=".$sql); $result=$this->db->query($sql); if ($result) { @@ -99,21 +99,21 @@ class Entrepot extends CommonObject } else { - dol_syslog("Entrepot::Create return -3"); + dol_syslog(get_class($this)."::create return -3"); $this->db->rollback(); return -3; } } else { $this->error="Failed to get insert id"; - dol_syslog("Entrepot::Create return -2"); + dol_syslog(get_class($this)."::create return -2"); return -2; } } else { $this->error=$this->db->error(); - dol_syslog("Entrepot::Create Error ".$this->db->error()); + dol_syslog(get_class($this)."::create Error ".$this->db->error()); $this->db->rollback(); return -1; } @@ -153,7 +153,7 @@ class Entrepot extends CommonObject $this->db->begin(); - dol_syslog("Entrepot::update sql=".$sql); + dol_syslog(get_class($this)."::update sql=".$sql); $resql=$this->db->query($sql); if ($resql) { @@ -164,7 +164,7 @@ class Entrepot extends CommonObject { $this->db->rollback(); $this->error=$this->db->lasterror(); - dol_syslog("Entrepot::update ".$this->error, LOG_ERR); + dol_syslog(get_class($this)."::update ".$this->error, LOG_ERR); return -1; } } @@ -196,7 +196,7 @@ class Entrepot extends CommonObject $sql = "DELETE FROM ".MAIN_DB_PREFIX."entrepot"; $sql.= " WHERE rowid = " . $this->id; - dol_syslog("Entrepot::delete sql=".$sql); + dol_syslog(get_class($this)."::delete sql=".$sql); $resql=$this->db->query($sql); if ($resql) { @@ -207,7 +207,7 @@ class Entrepot extends CommonObject { $this->db->rollback(); $this->error=$this->db->lasterror(); - dol_syslog("Entrepot::delete ".$this->error, LOG_ERR); + dol_syslog(get_class($this)."::delete ".$this->error, LOG_ERR); return -1; } } @@ -215,7 +215,7 @@ class Entrepot extends CommonObject { $this->db->rollback(); $this->error=$this->db->lasterror(); - dol_syslog("Entrepot::delete ".$this->error, LOG_ERR); + dol_syslog(get_class($this)."::delete ".$this->error, LOG_ERR); return -1; } @@ -234,7 +234,7 @@ class Entrepot extends CommonObject $sql .= " FROM ".MAIN_DB_PREFIX."entrepot"; $sql .= " WHERE rowid = ".$id; - dol_syslog("Entrepot::fetch sql=".$sql); + dol_syslog(get_class($this)."::fetch sql=".$sql); $result = $this->db->query($sql); if ($result) { @@ -254,25 +254,13 @@ class Entrepot extends CommonObject $this->town = $obj->town; $this->country_id = $obj->country_id; - if ($this->country_id) - { - $sqlp = "SELECT code,libelle from ".MAIN_DB_PREFIX."c_pays where rowid = ".$this->country_id; - $resql=$this->db->query($sqlp); - if ($resql) - { - $objp = $this->db->fetch_object($resql); - } - else - { - dol_print_error($this->db); - } - $this->pays=$objp->libelle; - $this->pays_code=$objp->code; - $this->country=$objp->libelle; - $this->country_code=$objp->code; - } + include_once(DOL_DOCUMENT_ROOT.'/core/lib/company.lib.php'); + $tmp=getCountry($this->country_id,'all'); + $this->pays=$tmp['label']; + $this->pays_code=$tmp['code']; + $this->country=$tmp['label']; + $this->country_code=$tmp['code']; - $this->db->free($result); return 1; } else diff --git a/htdocs/product/stock/mouvement.php b/htdocs/product/stock/mouvement.php index 24705f4069a..5797b3671a3 100644 --- a/htdocs/product/stock/mouvement.php +++ b/htdocs/product/stock/mouvement.php @@ -36,6 +36,7 @@ $langs->load("stocks"); if (!$user->rights->produit->lire) accessforbidden(); +$id=GETPOST('id','int'); $idproduct = isset($_GET["idproduct"])?$_GET["idproduct"]:$_PRODUCT["idproduct"]; $year = isset($_GET["year"])?$_GET["year"]:$_POST["year"]; $month = isset($_GET["month"])?$_GET["month"]:$_POST["month"]; @@ -79,16 +80,16 @@ $sql.= " e.label as stock, e.rowid as entrepot_id,"; $sql.= " m.rowid as mid, m.value, m.datem, m.fk_user_author, m.label,"; $sql.= " u.login"; $sql.= " FROM (".MAIN_DB_PREFIX."entrepot as e,"; -$sql.= " ".MAIN_DB_PREFIX."stock_mouvement as m,"; -$sql.= " ".MAIN_DB_PREFIX."product as p)"; +$sql.= " ".MAIN_DB_PREFIX."product as p,"; +$sql.= " ".MAIN_DB_PREFIX."stock_mouvement as m)"; $sql.= " LEFT JOIN ".MAIN_DB_PREFIX."user as u ON m.fk_user_author = u.rowid"; $sql.= " WHERE m.fk_product = p.rowid"; $sql.= " AND m.fk_entrepot = e.rowid"; $sql.= " AND e.entity = ".$conf->entity; if (empty($conf->global->STOCK_SUPPORTS_SERVICES)) $sql.= " AND p.fk_product_type = 0"; -if ($_GET["id"]) +if ($id) { - $sql.= " AND e.rowid ='".$_GET["id"]."'"; + $sql.= " AND e.rowid ='".$id."'"; } if ($month > 0) { @@ -119,7 +120,7 @@ if (! empty($search_user)) } if (! empty($_GET['idproduct'])) { - $sql.= " AND p.rowid = '".$_GET['idproduct']."'"; + $sql.= " AND p.rowid = '".$idproduct."'"; } $sql.= $db->order($sortfield,$sortorder); $sql.= $db->plimit($conf->liste_limit+1, $offset); @@ -139,7 +140,7 @@ if ($resql) if ($_GET["id"]) { $entrepot = new Entrepot($db); - $result = $entrepot->fetch($_GET["id"]); + $result = $entrepot->fetch($id); if ($result < 0) { dol_print_error($db); @@ -156,7 +157,7 @@ if ($resql) /* * Show tab only if we ask a particular warehouse */ - if ($_GET["id"]) + if ($id) { $head = stock_prepare_head($entrepot); @@ -180,18 +181,18 @@ if ($resql) print $entrepot->address; print ''; - // Ville - print ''.$langs->trans('Zip').''.$entrepot->cp.''; - print ''.$langs->trans('Town').''.$entrepot->ville.''; + // Town + print ''.$langs->trans('Zip').''.$entrepot->zip.''; + print ''.$langs->trans('Town').''.$entrepot->town.''; // Country print ''.$langs->trans('Country').''; $img=picto_from_langcode($entrepot->country_code); print ($img?$img.' ':''); - print $entrepot->pays; + print $entrepot->country; print ''; - // Statut + // Status print ''.$langs->trans("Status").''.$entrepot->getLibStatut(4).''; $calcproducts=$entrepot->nb_products(); @@ -207,7 +208,7 @@ if ($resql) print ""; // Last movement - $sql = "SELECT max(m.datem) as datem"; + $sql = "SELECT MAX(m.datem) as datem"; $sql .= " FROM ".MAIN_DB_PREFIX."stock_mouvement as m"; $sql .= " WHERE m.fk_entrepot = '".$entrepot->id."'"; $resqlbis = $db->query($sql); @@ -238,7 +239,7 @@ if ($resql) } $param=''; - if ($_GET["id"]) $param.='&id='.$_GET["id"]; + if ($id) $param.='&id='.$id; if ($search_movement) $param.='&search_movement='.urlencode($search_movement); if ($search_product) $param.='&search_product='.urlencode($search_product); if ($search_warehouse) $param.='&search_warehouse='.urlencode($search_warehouse); @@ -246,7 +247,7 @@ if ($resql) if ($snom) $param.='&snom='.urlencode($snom); if ($search_user) $param.='&search_user='.urlencode($search_user); if ($idproduct > 0) $param.='&idproduct='.$idproduct; - if ($_GET["id"]) print_barre_liste($texte, $page, "mouvement.php", $param, $sortfield, $sortorder,'',$num,0,''); + if ($id) print_barre_liste($texte, $page, "mouvement.php", $param, $sortfield, $sortorder,'',$num,0,''); else print_barre_liste($texte, $page, "mouvement.php", $param, $sortfield, $sortorder,'',$num); print ''; @@ -255,20 +256,20 @@ if ($resql) print_liste_field_titre($langs->trans("Date"),$_SERVER["PHP_SELF"], "m.datem","",$param,"",$sortfield,$sortorder); print_liste_field_titre($langs->trans("Label"),$_SERVER["PHP_SELF"], "m.label","",$param,"",$sortfield,$sortorder); print_liste_field_titre($langs->trans("Product"),$_SERVER["PHP_SELF"], "p.ref","",$param,"",$sortfield,$sortorder); - print_liste_field_titre($langs->trans("Warehouse"),$_SERVER["PHP_SELF"], "s.label","",$param,"",$sortfield,$sortorder); + print_liste_field_titre($langs->trans("Warehouse"),$_SERVER["PHP_SELF"], "e.label","",$param,"",$sortfield,$sortorder); print_liste_field_titre($langs->trans("Author"),$_SERVER["PHP_SELF"], "m.fk_user_author","",$param,"",$sortfield,$sortorder); print_liste_field_titre($langs->trans("Units"),$_SERVER["PHP_SELF"], "m.value","",$param,'align="right"',$sortfield,$sortorder); print "\n"; // Lignes des champs de filtre print ''; + if ($id) print ''; print ''; print ''; // Label of movement From 8c09d4dcbb394ed5c3c28e4df11da83a902329a5 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Sun, 26 Feb 2012 13:32:39 +0100 Subject: [PATCH 13/39] No more need to rename constructor method --- dev/skeletons/skeleton_class.class.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/dev/skeletons/skeleton_class.class.php b/dev/skeletons/skeleton_class.class.php index 1c63ce5c43e..f5de8e82f8c 100644 --- a/dev/skeletons/skeleton_class.class.php +++ b/dev/skeletons/skeleton_class.class.php @@ -51,7 +51,7 @@ class Skeleton_Class // extends CommonObject * * @param DoliDb $db Database handler */ - function Skeleton_Class($db) + function __construct($db) { $this->db = $db; return 1; From 16ad5452b681dc1902787ae33200245a257461d4 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Sun, 26 Feb 2012 14:27:19 +0100 Subject: [PATCH 14/39] Fix: When company name is too long, wrapping overwrite address. --- .../commande/doc/pdf_edison.modules.php | 4 +-- .../commande/doc/pdf_einstein.modules.php | 4 +-- .../doc/pdf_expedition_merou.modules.php | 27 ++++++++++--------- .../doc/pdf_expedition_rouget.modules.php | 4 +-- .../modules/facture/doc/pdf_crabe.modules.php | 12 ++++----- .../facture/doc/pdf_oursin.modules.php | 4 +-- .../fichinter/doc/pdf_soleil.modules.php | 10 +++---- .../livraison/pdf/pdf_sirocco.modules.php | 2 +- .../livraison/pdf/pdf_typhon.modules.php | 2 +- .../modules/propale/doc/pdf_azur.modules.php | 4 +-- .../modules/propale/doc/pdf_jaune.modules.php | 4 +-- .../pdf/pdf_canelle.modules.php | 4 +-- .../pdf/pdf_muscadet.modules.php | 4 +-- 13 files changed, 42 insertions(+), 43 deletions(-) diff --git a/htdocs/core/modules/commande/doc/pdf_edison.modules.php b/htdocs/core/modules/commande/doc/pdf_edison.modules.php index 6c802f673f3..0da4c51ca34 100644 --- a/htdocs/core/modules/commande/doc/pdf_edison.modules.php +++ b/htdocs/core/modules/commande/doc/pdf_edison.modules.php @@ -611,7 +611,7 @@ class pdf_edison extends ModelePDFCommandes $pdf->SetFont('','', $default_font_size - 2); $pdf->SetXY($posx+2,$posy-5); $pdf->MultiCell(80,5, $outputlangs->transnoentities("BillTo").":",0,'L'); - $pdf->rect($posx, $posy, 100, $hautcadre); + $pdf->Rect($posx, $posy, 100, $hautcadre); // Show recipient name $pdf->SetXY($posx+2,$posy+3); @@ -620,7 +620,7 @@ class pdf_edison extends ModelePDFCommandes // Show recipient information $pdf->SetFont('','', $default_font_size - 1); - $pdf->SetXY($posx+2,$posy+8); + $pdf->SetXY($posx+2,$posy+4+(dol_nboflines_bis($carac_client_name,50)*4)); $pdf->MultiCell(86,4, $carac_client, 0, 'L'); } diff --git a/htdocs/core/modules/commande/doc/pdf_einstein.modules.php b/htdocs/core/modules/commande/doc/pdf_einstein.modules.php index e3b43203cf6..ffe6d287de8 100644 --- a/htdocs/core/modules/commande/doc/pdf_einstein.modules.php +++ b/htdocs/core/modules/commande/doc/pdf_einstein.modules.php @@ -982,7 +982,7 @@ class pdf_einstein extends ModelePDFCommandes $pdf->SetFont('','', $default_font_size - 2); $pdf->SetXY($posx+2,$posy-5); $pdf->MultiCell(80,5, $outputlangs->transnoentities("BillTo").":",0,'L'); - $pdf->rect($posx, $posy, 100, $hautcadre); + $pdf->Rect($posx, $posy, 100, $hautcadre); // Show recipient name $pdf->SetXY($posx+2,$posy+3); @@ -991,7 +991,7 @@ class pdf_einstein extends ModelePDFCommandes // Show recipient information $pdf->SetFont('','', $default_font_size - 1); - $pdf->SetXY($posx+2,$posy+8); + $pdf->SetXY($posx+2,$posy+4+(dol_nboflines_bis($carac_client_name,50)*4)); $pdf->MultiCell(86,4, $carac_client, 0, 'L'); } } diff --git a/htdocs/core/modules/expedition/doc/pdf_expedition_merou.modules.php b/htdocs/core/modules/expedition/doc/pdf_expedition_merou.modules.php index dd0878f55b8..68e59eb3f40 100644 --- a/htdocs/core/modules/expedition/doc/pdf_expedition_merou.modules.php +++ b/htdocs/core/modules/expedition/doc/pdf_expedition_merou.modules.php @@ -42,7 +42,7 @@ Class pdf_expedition_merou extends ModelePdfExpedition /** * Constructor * - * @param DoliDB $DB Database handler + * @param DoliDB $db Database handler */ function pdf_expedition_merou($db=0) { @@ -72,10 +72,11 @@ Class pdf_expedition_merou extends ModelePdfExpedition /** - * \brief Fonction generant le document sur le disque - * \param object Objet expedition a generer (ou id si ancienne methode) - * \param outputlangs Lang output object - * \return int 1=ok, 0=ko + * Fonction generant le document sur le disque + * + * @param object Objet expedition a generer (ou id si ancienne methode) + * @param outputlangs Lang output object + * @return int 1=ok, 0=ko */ function write_file(&$object, $outputlangs) { @@ -200,8 +201,8 @@ Class pdf_expedition_merou extends ModelePdfExpedition // Description de la ligne produit //Creation des cases a cocher - $pdf->rect(10+3, $curY+1, 3, 3); - $pdf->rect(20+3, $curY+1, 3, 3); + $pdf->Rect(10+3, $curY+1, 3, 3); + $pdf->Rect(20+3, $curY+1, 3, 3); //Insertion de la reference du produit $pdf->SetXY(30, $curY+1 ); $pdf->SetFont('','B', $default_font_size - 3); @@ -400,7 +401,7 @@ Class pdf_expedition_merou extends ModelePdfExpedition //Num Expedition $Yoff = $Yoff+7; $Xoff = 142; - //$pdf->rect($Xoff, $Yoff, 85, 8); + //$pdf->Rect($Xoff, $Yoff, 85, 8); $pdf->SetXY($Xoff,$Yoff); $pdf->SetFont('','', $default_font_size - 2); $pdf->SetTextColor(0,0,0); @@ -542,20 +543,20 @@ Class pdf_expedition_merou extends ModelePdfExpedition $blW=50; $Yoff = $Ydef +1; - $pdf->Rect($blDestX, $Yoff-1, $blW, 26); - - //Titre + // Show recipient frame $pdf->SetFont('','B', $default_font_size - 3); $pdf->SetXY($blDestX,$Yoff-4); $pdf->MultiCell($blW,3, $outputlangs->transnoentities("Recipient"), 0, 'L'); + $pdf->Rect($blDestX, $Yoff-1, $blW, 26); - // Show customer/recipient + // Show recipient name $pdf->SetFont('','B', $default_font_size - 3); $pdf->SetXY($blDestX,$Yoff); $pdf->MultiCell($blW,3, $carac_client_name, 0, 'L'); + // Show recipient information $pdf->SetFont('','', $default_font_size - 3); - $pdf->SetXY($blDestX,$Yoff+4); + $pdf->SetXY($blDestX,$Yoff+(dol_nboflines_bis($carac_client_name,50)*4)); $pdf->MultiCell($blW,2, $carac_client, 0, 'L'); } } diff --git a/htdocs/core/modules/expedition/doc/pdf_expedition_rouget.modules.php b/htdocs/core/modules/expedition/doc/pdf_expedition_rouget.modules.php index 45ec40686d5..22a8b55ca60 100644 --- a/htdocs/core/modules/expedition/doc/pdf_expedition_rouget.modules.php +++ b/htdocs/core/modules/expedition/doc/pdf_expedition_rouget.modules.php @@ -517,7 +517,7 @@ Class pdf_expedition_rouget extends ModelePdfExpedition $pdf->SetFont('','', $default_font_size - 2); $pdf->SetXY($posx,$posy-5); $pdf->MultiCell(80, 4, $outputlangs->transnoentities("Recipient").":", 0, 'L'); - $pdf->rect($posx, $posy, 100, $hautcadre); + $pdf->Rect($posx, $posy, 100, $hautcadre); $pdf->SetTextColor(0,0,0); // Show recipient name @@ -527,7 +527,7 @@ Class pdf_expedition_rouget extends ModelePdfExpedition // Show recipient information $pdf->SetFont('','', $default_font_size - 1); - $pdf->SetXY($posx+2,$posy+8); + $pdf->SetXY($posx+2,$posy+4+(dol_nboflines_bis($carac_client_name,50)*4)); $pdf->MultiCell(86,4, $carac_client, 0, 'L'); } diff --git a/htdocs/core/modules/facture/doc/pdf_crabe.modules.php b/htdocs/core/modules/facture/doc/pdf_crabe.modules.php index 9b8fe8f3aa4..fb7e0ee8b80 100755 --- a/htdocs/core/modules/facture/doc/pdf_crabe.modules.php +++ b/htdocs/core/modules/facture/doc/pdf_crabe.modules.php @@ -1,5 +1,5 @@ +/* Copyright (C) 2004-2012 Laurent Destailleur * Copyright (C) 2005-2011 Regis Houssin * Copyright (C) 2008 Raphael Bertrand * Copyright (C) 2010-2011 Juanjo Menent @@ -22,7 +22,7 @@ /** * \file htdocs/core/modules/facture/doc/pdf_crabe.modules.php * \ingroup facture - * \brief File of class to generate customers invoices from crab model + * \brief File of class to generate customers invoices from crabe model */ require_once(DOL_DOCUMENT_ROOT."/core/modules/facture/modules_facture.php"); @@ -33,10 +33,8 @@ require_once(DOL_DOCUMENT_ROOT.'/core/lib/pdf.lib.php'); /** - * \class pdf_crabe - * \brief Classe permettant de generer les factures au modele Crabe + * Class to manage PDF invoice template Crabe */ - class pdf_crabe extends ModelePDFFactures { var $db; @@ -1222,7 +1220,7 @@ class pdf_crabe extends ModelePDFFactures $pdf->SetFont('','', $default_font_size - 2); $pdf->SetXY($posx+2,$posy-5); $pdf->MultiCell(80,5, $outputlangs->transnoentities("BillTo").":",0,'L'); - $pdf->rect($posx, $posy, 100, $hautcadre); + $pdf->Rect($posx, $posy, 100, $hautcadre); // Show recipient name $pdf->SetXY($posx+2,$posy+3); @@ -1231,7 +1229,7 @@ class pdf_crabe extends ModelePDFFactures // Show recipient information $pdf->SetFont('','', $default_font_size - 1); - $pdf->SetXY($posx+2,$posy+8); + $pdf->SetXY($posx+2,$posy+4+(dol_nboflines_bis($carac_client_name,50)*4)); $pdf->MultiCell(86,4, $carac_client, 0, 'L'); } } diff --git a/htdocs/core/modules/facture/doc/pdf_oursin.modules.php b/htdocs/core/modules/facture/doc/pdf_oursin.modules.php index 80f2b3706a5..a4e96ce799f 100755 --- a/htdocs/core/modules/facture/doc/pdf_oursin.modules.php +++ b/htdocs/core/modules/facture/doc/pdf_oursin.modules.php @@ -905,7 +905,7 @@ class pdf_oursin extends ModelePDFFactures $pdf->SetFont('','', $default_font_size - 2); $pdf->SetXY($posx+2,$posy-5); $pdf->MultiCell(80,5, $outputlangs->transnoentities("BillTo").":",0,'L'); - $pdf->rect($posx, $posy, 100, $hautcadre); + $pdf->Rect($posx, $posy, 100, $hautcadre); // Show recipient name $pdf->SetXY($posx+2,$posy+3); @@ -914,7 +914,7 @@ class pdf_oursin extends ModelePDFFactures // Show recipient information $pdf->SetFont('','', $default_font_size - 1); - $pdf->SetXY($posx+2,$posy+8); + $pdf->SetXY($posx+2,$posy+4+(dol_nboflines_bis($carac_client_name,50)*4)); $pdf->MultiCell(86,4, $carac_client, 0, 'L'); } diff --git a/htdocs/core/modules/fichinter/doc/pdf_soleil.modules.php b/htdocs/core/modules/fichinter/doc/pdf_soleil.modules.php index bc0d10ad00f..ea0e332b1b9 100644 --- a/htdocs/core/modules/fichinter/doc/pdf_soleil.modules.php +++ b/htdocs/core/modules/fichinter/doc/pdf_soleil.modules.php @@ -41,10 +41,10 @@ class pdf_soleil extends ModelePDFFicheinter var $name; var $description; var $type; - + var $phpmin = array(4,3,0); // Minimum version of PHP required by module var $version = 'dolibarr'; - + var $page_largeur; var $page_hauteur; var $format; @@ -299,7 +299,7 @@ class pdf_soleil extends ModelePDFFicheinter } } } - + // Show square if ($pagenb == 1) { @@ -556,7 +556,7 @@ class pdf_soleil extends ModelePDFFicheinter $pdf->SetTextColor(0,0,0); $pdf->SetFont('','', $default_font_size - 2); $pdf->SetXY($posx,$posy-5); - $pdf->rect($posx, $posy, 100, $hautcadre); + $pdf->Rect($posx, $posy, 100, $hautcadre); $pdf->SetTextColor(0,0,0); // Show recipient name @@ -566,7 +566,7 @@ class pdf_soleil extends ModelePDFFicheinter // Show recipient information $pdf->SetFont('','', $default_font_size - 1); - $pdf->SetXY($posx+2,$posy+8); + $pdf->SetXY($posx+2,$posy+4+(dol_nboflines_bis($carac_client_name,50)*4)); $pdf->MultiCell(100,4, $carac_client, 0, 'L'); } } diff --git a/htdocs/core/modules/livraison/pdf/pdf_sirocco.modules.php b/htdocs/core/modules/livraison/pdf/pdf_sirocco.modules.php index 22b0592b370..860cabb1fea 100644 --- a/htdocs/core/modules/livraison/pdf/pdf_sirocco.modules.php +++ b/htdocs/core/modules/livraison/pdf/pdf_sirocco.modules.php @@ -395,7 +395,7 @@ class pdf_sirocco extends ModelePDFDeliveryOrder $pdf->SetFont('','B', $default_font_size); $pdf->SetXY(102,47); $pdf->MultiCell(96,5, $carac_client, 0, 'L'); - $pdf->rect(100, 40, 100, 40); + $pdf->Rect(100, 40, 100, 40); $pdf->SetTextColor(0,0,60); diff --git a/htdocs/core/modules/livraison/pdf/pdf_typhon.modules.php b/htdocs/core/modules/livraison/pdf/pdf_typhon.modules.php index 2995e984349..361e9b0c168 100644 --- a/htdocs/core/modules/livraison/pdf/pdf_typhon.modules.php +++ b/htdocs/core/modules/livraison/pdf/pdf_typhon.modules.php @@ -617,7 +617,7 @@ class pdf_typhon extends ModelePDFDeliveryOrder $pdf->MultiCell(80,5, $outputlangs->transnoentities("DeliveryAddress").":", 0, 'L'); // Cadre client destinataire - $pdf->rect(100, $posy, 100, $hautcadre); + $pdf->Rect(100, $posy, 100, $hautcadre); // If SHIPPING contact defined on invoice, we use it $usecontact=false; diff --git a/htdocs/core/modules/propale/doc/pdf_azur.modules.php b/htdocs/core/modules/propale/doc/pdf_azur.modules.php index d2df8d79190..227a354aa66 100644 --- a/htdocs/core/modules/propale/doc/pdf_azur.modules.php +++ b/htdocs/core/modules/propale/doc/pdf_azur.modules.php @@ -1031,7 +1031,7 @@ class pdf_azur extends ModelePDFPropales $pdf->SetFont('','', $default_font_size - 2); $pdf->SetXY($posx,$posy-5); $pdf->MultiCell(100, 4, $outputlangs->transnoentities("BillTo").":", 0, 'L'); - $pdf->rect($posx, $posy, 100, $hautcadre); + $pdf->Rect($posx, $posy, 100, $hautcadre); $pdf->SetTextColor(0,0,0); // Show recipient name @@ -1041,7 +1041,7 @@ class pdf_azur extends ModelePDFPropales // Show recipient information $pdf->SetFont('','', $default_font_size - 1); - $pdf->SetXY($posx+2,$posy+8); + $pdf->SetXY($posx+2,$posy+4+(dol_nboflines_bis($carac_client_name,50)*4)); $pdf->MultiCell(100,4, $carac_client, 0, 'L'); } } diff --git a/htdocs/core/modules/propale/doc/pdf_jaune.modules.php b/htdocs/core/modules/propale/doc/pdf_jaune.modules.php index 50977092f3f..b4c5f485542 100644 --- a/htdocs/core/modules/propale/doc/pdf_jaune.modules.php +++ b/htdocs/core/modules/propale/doc/pdf_jaune.modules.php @@ -1031,7 +1031,7 @@ class pdf_jaune extends ModelePDFPropales $pdf->SetFont('','', $default_font_size - 2); $pdf->SetXY($posx,$posy-5); $pdf->MultiCell(100, 4, $outputlangs->transnoentities("BillTo").":", 0, 'L'); - $pdf->rect($posx, $posy, 100, $hautcadre); + $pdf->Rect($posx, $posy, 100, $hautcadre); $pdf->SetTextColor(0,0,0); // Show recipient name @@ -1041,7 +1041,7 @@ class pdf_jaune extends ModelePDFPropales // Show recipient information $pdf->SetFont('','', $default_font_size - 1); - $pdf->SetXY($posx+2,$posy+8); + $pdf->SetXY($posx+2,$posy+4+(dol_nboflines_bis($carac_client_name,50)*4)); $pdf->MultiCell(100,4, $carac_client, 0, 'L'); } } diff --git a/htdocs/core/modules/supplier_invoice/pdf/pdf_canelle.modules.php b/htdocs/core/modules/supplier_invoice/pdf/pdf_canelle.modules.php index 829f6e20420..cda3b1d39fd 100755 --- a/htdocs/core/modules/supplier_invoice/pdf/pdf_canelle.modules.php +++ b/htdocs/core/modules/supplier_invoice/pdf/pdf_canelle.modules.php @@ -893,7 +893,7 @@ class pdf_canelle extends ModelePDFSuppliersInvoices $pdf->SetFont('','', $default_font_size - 2); $pdf->SetXY($posx+2,$posy-5); $pdf->MultiCell(80,5, $outputlangs->transnoentities("BillTo").":",0,'L'); - $pdf->rect($posx, $posy, 100, $hautcadre); + $pdf->Rect($posx, $posy, 100, $hautcadre); // Show recipient name $pdf->SetXY($posx+2,$posy+3); @@ -902,7 +902,7 @@ class pdf_canelle extends ModelePDFSuppliersInvoices // Show recipient information $pdf->SetFont('','', $default_font_size - 1); - $pdf->SetXY($posx+2,$posy+8); + $pdf->SetXY($posx+2,$posy+4+(dol_nboflines_bis($carac_client_name,50)*4)); $pdf->MultiCell(86,4, $carac_client, 0, 'L'); } } diff --git a/htdocs/core/modules/supplier_order/pdf/pdf_muscadet.modules.php b/htdocs/core/modules/supplier_order/pdf/pdf_muscadet.modules.php index 7dd01cb4b0d..096cdaae868 100644 --- a/htdocs/core/modules/supplier_order/pdf/pdf_muscadet.modules.php +++ b/htdocs/core/modules/supplier_order/pdf/pdf_muscadet.modules.php @@ -975,7 +975,7 @@ class pdf_muscadet extends ModelePDFSuppliersOrders $pdf->SetFont('','', $default_font_size - 2); $pdf->SetXY($posx+2,$posy-5); $pdf->MultiCell(80,5, $outputlangs->transnoentities("BillTo").":",0,'L'); - $pdf->rect($posx, $posy, 100, $hautcadre); + $pdf->Rect($posx, $posy, 100, $hautcadre); // Show recipient name $pdf->SetXY($posx+2,$posy+3); @@ -984,7 +984,7 @@ class pdf_muscadet extends ModelePDFSuppliersOrders // Show recipient information $pdf->SetFont('','', $default_font_size - 1); - $pdf->SetXY($posx+2,$posy+8); + $pdf->SetXY($posx+2,$posy+4+(dol_nboflines_bis($carac_client_name,50)*4)); $pdf->MultiCell(86,4, $carac_client, 0, 'L'); } } From ef90a7801963f2f78fccb6a2c8fc46013250ab31 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Sun, 26 Feb 2012 14:27:54 +0100 Subject: [PATCH 15/39] Comment --- htdocs/includes/tcpdf/config/tcpdf_config.php | 1 + 1 file changed, 1 insertion(+) diff --git a/htdocs/includes/tcpdf/config/tcpdf_config.php b/htdocs/includes/tcpdf/config/tcpdf_config.php index 55304504120..bf575fbe2c6 100644 --- a/htdocs/includes/tcpdf/config/tcpdf_config.php +++ b/htdocs/includes/tcpdf/config/tcpdf_config.php @@ -82,6 +82,7 @@ if (!defined('K_TCPDF_EXTERNAL_CONFIG')) { * cache directory for temporary files (full path) */ // define ('K_PATH_CACHE', K_PATH_MAIN.'cache/'); +// DOL_CHANGE define ('K_PATH_CACHE', DOL_DATA_ROOT.'/admin/temp/'); dol_mkdir(K_PATH_CACHE); From 6b7abfe9e2c750abe5f5d8c4de6fbfdb577434cb Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Sun, 26 Feb 2012 14:54:04 +0100 Subject: [PATCH 16/39] Prepare code for brazil --- htdocs/langs/en_US/companies.lang | 6 ++++++ htdocs/langs/fr_FR/companies.lang | 6 ++++++ htdocs/langs/pt_BR/companies.lang | 14 ++++++++++---- 3 files changed, 22 insertions(+), 4 deletions(-) diff --git a/htdocs/langs/en_US/companies.lang b/htdocs/langs/en_US/companies.lang index 10b28da4546..e2ba0bd1f11 100644 --- a/htdocs/langs/en_US/companies.lang +++ b/htdocs/langs/en_US/companies.lang @@ -113,6 +113,12 @@ ProfId2BE=- ProfId3BE=- ProfId4BE=- ProfId5BE=- +#ProfId1BR=CNAE +#ProfId2BR=CNPJ +#ProfId3BR=CPF +#ProfId4BR=INSS +#ProfId5BR=IE +#ProfId6BR=IM ProfId1CH=- ProfId2CH=- ProfId3CH=Prof Id 1 (Federal number) diff --git a/htdocs/langs/fr_FR/companies.lang b/htdocs/langs/fr_FR/companies.lang index e86327e4959..ff4fe6e02b4 100644 --- a/htdocs/langs/fr_FR/companies.lang +++ b/htdocs/langs/fr_FR/companies.lang @@ -115,6 +115,12 @@ ProfId2BE=- ProfId3BE=- ProfId4BE=- ProfId5BE=- +#ProfId1BR=CNAE +#ProfId2BR=CNPJ +#ProfId3BR=CPF +#ProfId4BR=INSS +#ProfId5BR=IE +#ProfId6BR=IM ProfId1CH=- ProfId2CH=- ProfId3CH=Numéro fédéral diff --git a/htdocs/langs/pt_BR/companies.lang b/htdocs/langs/pt_BR/companies.lang index cc06891a942..b966398e699 100644 --- a/htdocs/langs/pt_BR/companies.lang +++ b/htdocs/langs/pt_BR/companies.lang @@ -35,7 +35,7 @@ Companies=Empresas CountryIsInEEC=País da Comunidadeee Económica Europeia ThirdParty=Fornecedor -## Alterado o THirdParties em 19/04/2011 para Empresas pois uma forma mais generica dos Thirs Parties +## Alterado o THirdParties em 19/04/2011 para Empresas pois � uma forma mais generica dos Thirs Parties #ThirdParties=Fornecedores ThirdParties=Empresas ThirdPartyAll=Fornecedores (Todos) @@ -92,7 +92,7 @@ ProfId1AU=ABN ProfId2AU=- ProfId3AU=- ProfId4AU=- -ProfId1BE=N� da Ordem +ProfId1BE=Núm da Ordem ProfId2BE=- ProfId3BE=- ProfId4BE=- @@ -112,6 +112,12 @@ ProfId1PT=NIPC ProfId2PT=Núm. Segurança Social ProfId3PT=Num. Reg. Comercial ProfId4PT=Conservatória +#ProfId1BR=CNAE +#ProfId2BR=CNPJ +#ProfId3BR=CPF +#ProfId4BR=INSS +#ProfId5BR=IE +#ProfId6BR=IM ProfId1TN=RC ProfId2TN=Matrícula Fiscal ProfId3TN=Código na Alfandega @@ -183,7 +189,7 @@ NoContactForAnyProposal=Este contato não é contato de nenhum orçamento NoContactForAnyContract=Este contato não é contato de nenhum contrato NoContactForAnyInvoice=Este contato não é contato de nenhuma fatura NewContact=Novo Contato -LastContacts=�ltimos contatos +LastContacts=Ultimos contatos MyContacts=Os Meus Contatos Phones=Telefones Capital=Capital @@ -234,7 +240,7 @@ ChangeContactInProcess=Alterar o Estado para 'Contato em Curso' ChangeContactDone=Alterar o Estado para 'Contato Realizado' ProspectsByStatus=Clientes Potenciais por Estado BillingContact=Contato para Faturação -NbOfAttachedFiles=N� de Arquivos Anexos +NbOfAttachedFiles=N de Arquivos Anexos AttachANewFile=Adicionar um Novo Arquivo NoRIB=Nenhuma Conta Definida NoParentCompany=Nenhuma From 41380d1958d7ee3cfc29c9cae40f98beb37184f6 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Sun, 26 Feb 2012 16:46:31 +0100 Subject: [PATCH 17/39] Fix: Removed warning --- htdocs/compta/facture/class/facture.class.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/compta/facture/class/facture.class.php b/htdocs/compta/facture/class/facture.class.php index 3a7e59c7a80..d551171758b 100644 --- a/htdocs/compta/facture/class/facture.class.php +++ b/htdocs/compta/facture/class/facture.class.php @@ -3411,7 +3411,7 @@ class FactureLigne $sql = 'SELECT fd.rowid, fd.fk_facture, fd.fk_parent_line, fd.fk_product, fd.product_type, fd.description, fd.price, fd.qty, fd.tva_tx,'; $sql.= ' fd.localtax1_tx, fd. localtax2_tx, fd.remise, fd.remise_percent, fd.fk_remise_except, fd.subprice,'; $sql.= ' fd.date_start as date_start, fd.date_end as date_end,'; - $sql.= ' fd.info_bits, fd.total_ht, fd.total_tva, fd.total_ttc, fd.rang,'; + $sql.= ' fd.info_bits, fd.total_ht, fd.total_tva, fd.total_ttc, fd.total_localtax1, fd.total_localtax2, fd.rang,'; $sql.= ' fd.fk_code_ventilation, fd.fk_export_compta,'; $sql.= ' p.ref as product_ref, p.label as product_libelle, p.description as product_desc'; $sql.= ' FROM '.MAIN_DB_PREFIX.'facturedet as fd'; From 7a4398e5a03169fe433f632fdf169bc87a9eab46 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 27 Feb 2012 00:58:00 +0100 Subject: [PATCH 18/39] doxygen --- htdocs/core/lib/functions.lib.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/core/lib/functions.lib.php b/htdocs/core/lib/functions.lib.php index 07535a8adec..f9836b4165a 100644 --- a/htdocs/core/lib/functions.lib.php +++ b/htdocs/core/lib/functions.lib.php @@ -3405,7 +3405,7 @@ function dol_textishtml($msg,$option=0) * @param string $chaine Source string in which we must do substitution * @param array $substitutionarray Array with key->val to substitute * @return string Output string after subsitutions - * @see make_substitutions + * @see complete_substitutions_array */ function make_substitutions($chaine,$substitutionarray) { From b745eb1e05629b4f4c8dfe4e1d072c6b2ff48ff2 Mon Sep 17 00:00:00 2001 From: Regis Houssin Date: Mon, 27 Feb 2012 08:02:59 +0100 Subject: [PATCH 19/39] Fix: wrong object --- htdocs/commande/fiche.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/htdocs/commande/fiche.php b/htdocs/commande/fiche.php index 26fe52579b3..f8b2a4049cf 100644 --- a/htdocs/commande/fiche.php +++ b/htdocs/commande/fiche.php @@ -1816,11 +1816,11 @@ else if ($action == 'editdelivery_adress') { - $form->form_address($_SERVER['PHP_SELF'].'?id='.$object->id,$object->fk_delivery_address,$socid,'fk_address','commande',$object->id); + $formother->form_address($_SERVER['PHP_SELF'].'?id='.$object->id,$object->fk_delivery_address,$socid,'fk_address','commande',$object->id); } else { - $form->form_address($_SERVER['PHP_SELF'].'?id='.$object->id,$object->fk_delivery_address,$socid,'none','commande',$object->id); + $formother->form_address($_SERVER['PHP_SELF'].'?id='.$object->id,$object->fk_delivery_address,$socid,'none','commande',$object->id); } print ''; } From f4bab2f6de0164b486cafc478ee8c58d9c599a4a Mon Sep 17 00:00:00 2001 From: Regis Houssin Date: Mon, 27 Feb 2012 08:47:25 +0100 Subject: [PATCH 20/39] Fix: avoid warning and deprecated variable --- htdocs/compta/facture/class/facture.class.php | 14 +++++++------- htdocs/core/class/conf.class.php | 2 +- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/htdocs/compta/facture/class/facture.class.php b/htdocs/compta/facture/class/facture.class.php index d551171758b..8a1cb98c4b7 100644 --- a/htdocs/compta/facture/class/facture.class.php +++ b/htdocs/compta/facture/class/facture.class.php @@ -838,7 +838,7 @@ class Facture extends CommonObject $sql.= ' l.rang, l.special_code,'; $sql.= ' l.date_start as date_start, l.date_end as date_end,'; $sql.= ' l.info_bits, l.total_ht, l.total_tva, l.total_localtax1, l.total_localtax2, l.total_ttc, l.fk_code_ventilation, l.fk_export_compta,'; - $sql.= ' p.ref as product_ref, p.fk_product_type as fk_product_type, p.label as label, p.description as product_desc'; + $sql.= ' p.ref as product_ref, p.fk_product_type as fk_product_type, p.label as product_label, p.description as product_desc'; $sql.= ' FROM '.MAIN_DB_PREFIX.'facturedet as l'; $sql.= ' LEFT JOIN '.MAIN_DB_PREFIX.'product as p ON l.fk_product = p.rowid'; $sql.= ' WHERE l.fk_facture = '.$this->id; @@ -856,12 +856,12 @@ class Facture extends CommonObject $line = new FactureLigne($this->db); $line->rowid = $objp->rowid; - $line->desc = $objp->description; // Description line - $line->product_type = $objp->product_type; // Type of line - $line->product_ref = $objp->product_ref; // Ref product - $line->libelle = $objp->label; // Label product - $line->product_label = $objp->product_label; - $line->product_desc = $objp->product_desc; // Description product + $line->desc = $objp->description; // Description line + $line->product_type = $objp->product_type; // Type of line + $line->product_ref = $objp->product_ref; // Ref product + $line->libelle = $objp->product_label; // TODO deprecated + $line->product_label = $objp->product_label; // Label product + $line->product_desc = $objp->product_desc; // Description product $line->fk_product_type = $objp->fk_product_type; // Type of product $line->qty = $objp->qty; $line->subprice = $objp->subprice; diff --git a/htdocs/core/class/conf.class.php b/htdocs/core/class/conf.class.php index 6fb47d6100f..84b49901ce8 100644 --- a/htdocs/core/class/conf.class.php +++ b/htdocs/core/class/conf.class.php @@ -161,7 +161,7 @@ class Conf $partname = strtolower($reg[2]); $varname = $partname.'_modules'; if (! is_array($this->$varname)) { $this->$varname = array(); } - $arrValue = unserialize($value); + $arrValue = @unserialize($value); if (is_array($arrValue) && ! empty($arrValue)) $value = $arrValue; else $value = ($value == 1 ? '/'.$modulename.'/core/'.$partname.'/' : $value); $this->$varname = array_merge($this->$varname, array($modulename => $value)); From 47688668d974586c22da5f8765f299a5fc7a2a9b Mon Sep 17 00:00:00 2001 From: Regis Houssin Date: Mon, 27 Feb 2012 08:58:12 +0100 Subject: [PATCH 21/39] Fix: add repair for broken projects --- htdocs/install/mysql/migration/repair.sql | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/htdocs/install/mysql/migration/repair.sql b/htdocs/install/mysql/migration/repair.sql index 312dcf5adcd..e293c763f83 100644 --- a/htdocs/install/mysql/migration/repair.sql +++ b/htdocs/install/mysql/migration/repair.sql @@ -23,3 +23,13 @@ update llx_deplacement set dated='2010-01-01' where dated < '2000-01-01'; update llx_cotisation set fk_bank = null where fk_bank not in (select rowid from llx_bank); +update llx_propal set fk_projet = null where fk_projet not in (select rowid from llx_projet); +update llx_commande set fk_projet = null where fk_projet not in (select rowid from llx_projet); +update llx_facture set fk_projet = null where fk_projet not in (select rowid from llx_projet); +update llx_commande_fournisseur set fk_projet = null where fk_projet not in (select rowid from llx_projet); +update llx_contrat set fk_projet = null where fk_projet not in (select rowid from llx_projet); +update llx_deplacement set fk_projet = null where fk_projet not in (select rowid from llx_projet); +update llx_facture_fourn set fk_projet = null where fk_projet not in (select rowid from llx_projet); +update llx_facture_rec set fk_projet = null where fk_projet not in (select rowid from llx_projet); +update llx_fichinter set fk_projet = null where fk_projet not in (select rowid from llx_projet); +update llx_projet_task set fk_projet = null where fk_projet not in (select rowid from llx_projet); From a56011e1da2d683c675cbafc7417d7c72c09bb8d Mon Sep 17 00:00:00 2001 From: Regis Houssin Date: Mon, 27 Feb 2012 08:59:07 +0100 Subject: [PATCH 22/39] Works on multi-currency and bank account select --- .../install/mysql/migration/3.1.0-3.2.0.sql | 37 +++++++++ .../install/mysql/tables/llx_commande.key.sql | 19 ++++- htdocs/install/mysql/tables/llx_commande.sql | 78 +++++++++--------- .../install/mysql/tables/llx_facture.key.sql | 8 +- htdocs/install/mysql/tables/llx_facture.sql | 80 ++++++++++--------- .../install/mysql/tables/llx_propal.key.sql | 17 +++- htdocs/install/mysql/tables/llx_propal.sql | 68 ++++++++-------- 7 files changed, 191 insertions(+), 116 deletions(-) diff --git a/htdocs/install/mysql/migration/3.1.0-3.2.0.sql b/htdocs/install/mysql/migration/3.1.0-3.2.0.sql index b6a42e3625d..b643467d906 100755 --- a/htdocs/install/mysql/migration/3.1.0-3.2.0.sql +++ b/htdocs/install/mysql/migration/3.1.0-3.2.0.sql @@ -197,6 +197,43 @@ ALTER TABLE llx_expedition ADD CONSTRAINT fk_expedition_fk_expedition_methode F -- VMYSQL4.1 UPDATE llx_chargesociales set tms = date_creation WHERE tms = '0000-00-00 00:00:00'; +ALTER TABLE llx_propal ADD COLUMN fk_account integer AFTER total; +ALTER TABLE llx_propal ADD COLUMN fk_currency varchar(2) AFTER fk_account; +ALTER TABLE llx_propal ADD INDEX idx_propal_fk_user_author (fk_user_author); +ALTER TABLE llx_propal ADD INDEX idx_propal_fk_user_valid (fk_user_valid); +ALTER TABLE llx_propal ADD INDEX idx_propal_fk_user_cloture (fk_user_cloture); +ALTER TABLE llx_propal ADD INDEX idx_propal_fk_projet (fk_projet); +ALTER TABLE llx_propal ADD INDEX idx_propal_fk_account(fk_account); +ALTER TABLE llx_propal ADD INDEX idx_propal_fk_currency(fk_currency); +ALTER TABLE llx_propal ADD CONSTRAINT fk_propal_fk_user_author FOREIGN KEY (fk_user_author) REFERENCES llx_user (rowid); +ALTER TABLE llx_propal ADD CONSTRAINT fk_propal_fk_user_valid FOREIGN KEY (fk_user_valid) REFERENCES llx_user (rowid); +ALTER TABLE llx_propal ADD CONSTRAINT fk_propal_fk_user_cloture FOREIGN KEY (fk_user_cloture) REFERENCES llx_user (rowid); +ALTER TABLE llx_propal ADD CONSTRAINT fk_propal_fk_projet FOREIGN KEY (fk_projet) REFERENCES llx_projet (rowid); +ALTER TABLE llx_propal ADD CONSTRAINT fk_propal_fk_account FOREIGN KEY (fk_account) REFERENCES llx_bank_account (rowid); +ALTER TABLE llx_propal ADD CONSTRAINT fk_propal_fk_currency FOREIGN KEY (fk_currency) REFERENCES llx_c_currencies (code); + +ALTER TABLE llx_commande ADD COLUMN fk_account integer AFTER facture; +ALTER TABLE llx_commande ADD COLUMN fk_currency varchar(2) AFTER fk_account; +ALTER TABLE llx_commande ADD INDEX idx_commande_fk_user_author (fk_user_author); +ALTER TABLE llx_commande ADD INDEX idx_commande_fk_user_valid (fk_user_valid); +ALTER TABLE llx_commande ADD INDEX idx_commande_fk_user_cloture (fk_user_cloture); +ALTER TABLE llx_commande ADD INDEX idx_commande_fk_projet (fk_projet); +ALTER TABLE llx_commande ADD INDEX idx_commande_fk_account(fk_account); +ALTER TABLE llx_commande ADD INDEX idx_commande_fk_currency(fk_currency); +ALTER TABLE llx_commande ADD CONSTRAINT fk_commande_fk_user_author FOREIGN KEY (fk_user_author) REFERENCES llx_user (rowid); +ALTER TABLE llx_commande ADD CONSTRAINT fk_commande_fk_user_valid FOREIGN KEY (fk_user_valid) REFERENCES llx_user (rowid); +ALTER TABLE llx_commande ADD CONSTRAINT fk_commande_fk_user_cloture FOREIGN KEY (fk_user_cloture) REFERENCES llx_user (rowid); +ALTER TABLE llx_commande ADD CONSTRAINT fk_commande_fk_projet FOREIGN KEY (fk_projet) REFERENCES llx_projet (rowid); +ALTER TABLE llx_commande ADD CONSTRAINT fk_commande_fk_account FOREIGN KEY (fk_account) REFERENCES llx_bank_account (rowid); +ALTER TABLE llx_commande ADD CONSTRAINT fk_commande_fk_currency FOREIGN KEY (fk_currency) REFERENCES llx_c_currencies (code); + +ALTER TABLE llx_facture ADD COLUMN fk_account integer AFTER fk_projet; +ALTER TABLE llx_facture ADD COLUMN fk_currency varchar(2) AFTER fk_account; +ALTER TABLE llx_facture ADD INDEX idx_facture_fk_account (fk_account); +ALTER TABLE llx_facture ADD INDEX idx_facture_fk_currency (fk_currency); +ALTER TABLE llx_facture ADD CONSTRAINT fk_facture_fk_account FOREIGN KEY (fk_account) REFERENCES llx_bank_account (rowid); +ALTER TABLE llx_facture ADD CONSTRAINT fk_facture_fk_currency FOREIGN KEY (fk_currency) REFERENCES llx_c_currencies (code); + ALTER TABLE llx_actioncomm DROP COLUMN propalrowid; ALTER TABLE llx_actioncomm DROP COLUMN fk_facture; ALTER TABLE llx_actioncomm DROP COLUMN fk_supplier_order; diff --git a/htdocs/install/mysql/tables/llx_commande.key.sql b/htdocs/install/mysql/tables/llx_commande.key.sql index e03e853ce15..7a117535b47 100644 --- a/htdocs/install/mysql/tables/llx_commande.key.sql +++ b/htdocs/install/mysql/tables/llx_commande.key.sql @@ -1,6 +1,6 @@ -- ============================================================================ --- Copyright (C) 2006 Laurent Destailleur --- Copyright (C) 2009 Regis Houssin +-- Copyright (C) 2006 Laurent Destailleur +-- Copyright (C) 2009-2012 Regis Houssin -- -- This program is free software; you can redistribute it and/or modify -- it under the terms of the GNU General Public License as published by @@ -24,4 +24,17 @@ ALTER TABLE llx_commande ADD UNIQUE INDEX uk_commande_ref (ref, entity); ALTER TABLE llx_commande ADD INDEX idx_commande_fk_soc (fk_soc); -ALTER TABLE llx_commande ADD CONSTRAINT fk_commande_fk_soc FOREIGN KEY (fk_soc) REFERENCES llx_societe (rowid); +ALTER TABLE llx_commande ADD INDEX idx_commande_fk_user_author (fk_user_author); +ALTER TABLE llx_commande ADD INDEX idx_commande_fk_user_valid (fk_user_valid); +ALTER TABLE llx_commande ADD INDEX idx_commande_fk_user_cloture (fk_user_cloture); +ALTER TABLE llx_commande ADD INDEX idx_commande_fk_projet (fk_projet); +ALTER TABLE llx_commande ADD INDEX idx_commande_fk_account(fk_account); +ALTER TABLE llx_commande ADD INDEX idx_commande_fk_currency(fk_currency); + +ALTER TABLE llx_commande ADD CONSTRAINT fk_commande_fk_soc FOREIGN KEY (fk_soc) REFERENCES llx_societe (rowid); +ALTER TABLE llx_commande ADD CONSTRAINT fk_commande_fk_user_author FOREIGN KEY (fk_user_author) REFERENCES llx_user (rowid); +ALTER TABLE llx_commande ADD CONSTRAINT fk_commande_fk_user_valid FOREIGN KEY (fk_user_valid) REFERENCES llx_user (rowid); +ALTER TABLE llx_commande ADD CONSTRAINT fk_commande_fk_user_cloture FOREIGN KEY (fk_user_cloture) REFERENCES llx_user (rowid); +ALTER TABLE llx_commande ADD CONSTRAINT fk_commande_fk_projet FOREIGN KEY (fk_projet) REFERENCES llx_projet (rowid); +ALTER TABLE llx_commande ADD CONSTRAINT fk_commande_fk_account FOREIGN KEY (fk_account) REFERENCES llx_bank_account (rowid); +ALTER TABLE llx_commande ADD CONSTRAINT fk_commande_fk_currency FOREIGN KEY (fk_currency) REFERENCES llx_c_currencies (code); diff --git a/htdocs/install/mysql/tables/llx_commande.sql b/htdocs/install/mysql/tables/llx_commande.sql index 0c972d3bc8d..f72bae34f18 100644 --- a/htdocs/install/mysql/tables/llx_commande.sql +++ b/htdocs/install/mysql/tables/llx_commande.sql @@ -1,6 +1,6 @@ -- =================================================================== -- Copyright (C) 2003 Rodolphe Quiedeville --- Copyright (C) 2005-2009 Regis Houssin +-- Copyright (C) 2005-2012 Regis Houssin -- Copyright (C) 2010 Juanjo Menent -- -- This program is free software; you can redistribute it and/or modify @@ -20,46 +20,50 @@ create table llx_commande ( - rowid integer AUTO_INCREMENT PRIMARY KEY, - ref varchar(30) NOT NULL, -- order reference number - entity integer DEFAULT 1 NOT NULL, -- multi company id + rowid integer AUTO_INCREMENT PRIMARY KEY, + ref varchar(30) NOT NULL, -- order reference number + entity integer DEFAULT 1 NOT NULL, -- multi company id - ref_ext varchar(255), -- reference into an external system (not used by dolibarr) + ref_ext varchar(255), -- reference into an external system (not used by dolibarr) ref_int varchar(255), -- reference into an internal system (used by dolibarr) - ref_client varchar(255), -- reference for customer + ref_client varchar(255), -- reference for customer - fk_soc integer NOT NULL, - fk_projet integer DEFAULT 0, -- projet auquel est rattache la commande + fk_soc integer NOT NULL, + fk_projet integer DEFAULT 0, -- projet auquel est rattache la commande - tms timestamp, - date_creation datetime, -- date de creation - date_valid datetime, -- date de validation - date_cloture datetime, -- date de cloture - date_commande date, -- date de la commande - fk_user_author integer, -- createur de la commande - fk_user_valid integer, -- valideur de la commande - fk_user_cloture integer, -- auteur cloture - source smallint, - fk_statut smallint default 0, - amount_ht real default 0, - remise_percent real default 0, - remise_absolue real default 0, - remise real default 0, - tva double(24,8) default 0, - localtax1 double(24,8) default 0, -- total localtax1 - localtax2 double(24,8) default 0, -- total localtax2 - total_ht double(24,8) default 0, - total_ttc double(24,8) default 0, - note text, - note_public text, - model_pdf varchar(255), + tms timestamp, + date_creation datetime, -- date de creation + date_valid datetime, -- date de validation + date_cloture datetime, -- date de cloture + date_commande date, -- date de la commande + fk_user_author integer, -- createur de la commande + fk_user_valid integer, -- valideur de la commande + fk_user_cloture integer, -- auteur cloture + source smallint, + fk_statut smallint default 0, + amount_ht real default 0, + remise_percent real default 0, + remise_absolue real default 0, + remise real default 0, + tva double(24,8) default 0, + localtax1 double(24,8) default 0, -- total localtax1 + localtax2 double(24,8) default 0, -- total localtax2 + total_ht double(24,8) default 0, + total_ttc double(24,8) default 0, + note text, + note_public text, + model_pdf varchar(255), - facture tinyint default 0, - fk_cond_reglement integer, -- condition de reglement - fk_mode_reglement integer, -- mode de reglement - date_livraison date default NULL, - fk_availability integer NULL, + facture tinyint default 0, + fk_account integer, -- bank account + fk_currency varchar(2), -- currency code + fk_cond_reglement integer, -- condition de reglement + fk_mode_reglement integer, -- mode de reglement + + date_livraison date default NULL, + fk_availability integer NULL, fk_demand_reason integer, -- should be named fk_input_reason - fk_adresse_livraison integer, -- delivery address (deprecated) - import_key varchar(14) + fk_adresse_livraison integer, -- delivery address (deprecated) + import_key varchar(14) + )ENGINE=innodb; diff --git a/htdocs/install/mysql/tables/llx_facture.key.sql b/htdocs/install/mysql/tables/llx_facture.key.sql index 22e9aaa2200..328d856d76d 100644 --- a/htdocs/install/mysql/tables/llx_facture.key.sql +++ b/htdocs/install/mysql/tables/llx_facture.key.sql @@ -1,7 +1,7 @@ -- ============================================================================ -- Copyright (C) 2002-2004 Rodolphe Quiedeville --- Copyright (C) 2004-2009 Laurent Destailleur --- Copyright (C) 2005-2009 Regis Houssin +-- Copyright (C) 2004-2012 Laurent Destailleur +-- Copyright (C) 2005-2012 Regis Houssin -- -- This program is free software; you can redistribute it and/or modify -- it under the terms of the GNU General Public License as published by @@ -26,9 +26,13 @@ ALTER TABLE llx_facture ADD INDEX idx_facture_fk_user_author (fk_user_author); ALTER TABLE llx_facture ADD INDEX idx_facture_fk_user_valid (fk_user_valid); ALTER TABLE llx_facture ADD INDEX idx_facture_fk_facture_source (fk_facture_source); ALTER TABLE llx_facture ADD INDEX idx_facture_fk_projet (fk_projet); +ALTER TABLE llx_facture ADD INDEX idx_facture_fk_account (fk_account); +ALTER TABLE llx_facture ADD INDEX idx_facture_fk_currency (fk_currency); ALTER TABLE llx_facture ADD CONSTRAINT fk_facture_fk_soc FOREIGN KEY (fk_soc) REFERENCES llx_societe (rowid); ALTER TABLE llx_facture ADD CONSTRAINT fk_facture_fk_user_author FOREIGN KEY (fk_user_author) REFERENCES llx_user (rowid); ALTER TABLE llx_facture ADD CONSTRAINT fk_facture_fk_user_valid FOREIGN KEY (fk_user_valid) REFERENCES llx_user (rowid); ALTER TABLE llx_facture ADD CONSTRAINT fk_facture_fk_facture_source FOREIGN KEY (fk_facture_source) REFERENCES llx_facture (rowid); ALTER TABLE llx_facture ADD CONSTRAINT fk_facture_fk_projet FOREIGN KEY (fk_projet) REFERENCES llx_projet (rowid); +ALTER TABLE llx_facture ADD CONSTRAINT fk_facture_fk_account FOREIGN KEY (fk_account) REFERENCES llx_bank_account (rowid); +ALTER TABLE llx_facture ADD CONSTRAINT fk_facture_fk_currency FOREIGN KEY (fk_currency) REFERENCES llx_c_currencies (code); \ No newline at end of file diff --git a/htdocs/install/mysql/tables/llx_facture.sql b/htdocs/install/mysql/tables/llx_facture.sql index be0ac897b42..b35ce19f309 100644 --- a/htdocs/install/mysql/tables/llx_facture.sql +++ b/htdocs/install/mysql/tables/llx_facture.sql @@ -1,7 +1,7 @@ -- =========================================================================== -- Copyright (C) 2001-2005 Rodolphe Quiedeville --- Copyright (C) 2004-2010 Laurent Destailleur --- Copyright (C) 2005-2009 Regis Houssin +-- Copyright (C) 2004-2012 Laurent Destailleur +-- Copyright (C) 2005-2012 Regis Houssin -- Copyright (C) 2010 Juanjo Menent -- -- This program is free software; you can redistribute it and/or modify @@ -22,52 +22,54 @@ create table llx_facture ( - rowid integer AUTO_INCREMENT PRIMARY KEY, + rowid integer AUTO_INCREMENT PRIMARY KEY, - facnumber varchar(30) NOT NULL, -- invoice reference number - entity integer DEFAULT 1 NOT NULL, -- multi company id + facnumber varchar(30) NOT NULL, -- invoice reference number + entity integer DEFAULT 1 NOT NULL, -- multi company id - ref_ext varchar(255), -- reference into an external system (not used by dolibarr) - ref_int varchar(255), -- reference into an internal system (used by dolibarr) - ref_client varchar(255), -- reference for customer + ref_ext varchar(255), -- reference into an external system (not used by dolibarr) + ref_int varchar(255), -- reference into an internal system (used by dolibarr) + ref_client varchar(255), -- reference for customer - type smallint DEFAULT 0 NOT NULL, -- type of invoice - increment varchar(10), - fk_soc integer NOT NULL, - datec datetime, -- date de creation de la facture - datef date, -- date de la facture - date_valid date, -- date de validation - tms timestamp, -- date creation/modification - paye smallint DEFAULT 0 NOT NULL, - amount double(24,8) DEFAULT 0 NOT NULL, - remise_percent real DEFAULT 0, -- remise relative - remise_absolue real DEFAULT 0, -- remise absolue - remise real DEFAULT 0, -- remise totale calculee + type smallint DEFAULT 0 NOT NULL, -- type of invoice + increment varchar(10), + fk_soc integer NOT NULL, + datec datetime, -- date de creation de la facture + datef date, -- date de la facture + date_valid date, -- date de validation + tms timestamp, -- date creation/modification + paye smallint DEFAULT 0 NOT NULL, + amount double(24,8) DEFAULT 0 NOT NULL, + remise_percent real DEFAULT 0, -- remise relative + remise_absolue real DEFAULT 0, -- remise absolue + remise real DEFAULT 0, -- remise totale calculee - close_code varchar(16), -- Code motif cloture sans paiement complet - close_note varchar(128), -- Commentaire cloture sans paiement complet + close_code varchar(16), -- Code motif cloture sans paiement complet + close_note varchar(128), -- Commentaire cloture sans paiement complet - tva double(24,8) DEFAULT 0, -- montant tva apres remise totale - localtax1 double(24,8) DEFAULT 0, -- amount localtax1 - localtax2 double(24,8) DEFAULT 0, -- amount localtax2 - total double(24,8) DEFAULT 0, -- montant total ht apres remise totale - total_ttc double(24,8) DEFAULT 0, -- montant total ttc apres remise totale + tva double(24,8) DEFAULT 0, -- montant tva apres remise totale + localtax1 double(24,8) DEFAULT 0, -- amount localtax1 + localtax2 double(24,8) DEFAULT 0, -- amount localtax2 + total double(24,8) DEFAULT 0, -- montant total ht apres remise totale + total_ttc double(24,8) DEFAULT 0, -- montant total ttc apres remise totale - fk_statut smallint DEFAULT 0 NOT NULL, + fk_statut smallint DEFAULT 0 NOT NULL, - fk_user_author integer, -- createur de la facture - fk_user_valid integer, -- valideur de la facture + fk_user_author integer, -- createur de la facture + fk_user_valid integer, -- valideur de la facture - fk_facture_source integer, -- facture origine si facture avoir - fk_projet integer, -- projet auquel est associee la facture + fk_facture_source integer, -- facture origine si facture avoir + fk_projet integer, -- projet auquel est associee la facture - fk_cond_reglement integer DEFAULT 1 NOT NULL, -- condition de reglement (30 jours, fin de mois ...) - fk_mode_reglement integer, -- mode de reglement (Virement, Prelevement) - date_lim_reglement date, -- date limite de reglement + fk_account integer, -- bank account + fk_currency varchar(2), -- currency code + fk_cond_reglement integer DEFAULT 1 NOT NULL, -- condition de reglement (30 jours, fin de mois ...) + fk_mode_reglement integer, -- mode de reglement (Virement, Prelevement) + date_lim_reglement date, -- date limite de reglement - note text, - note_public text, - model_pdf varchar(255), - import_key varchar(14) + note text, + note_public text, + model_pdf varchar(255), + import_key varchar(14) )ENGINE=innodb; diff --git a/htdocs/install/mysql/tables/llx_propal.key.sql b/htdocs/install/mysql/tables/llx_propal.key.sql index b9f28962876..a2de94225c1 100644 --- a/htdocs/install/mysql/tables/llx_propal.key.sql +++ b/htdocs/install/mysql/tables/llx_propal.key.sql @@ -1,7 +1,7 @@ -- ============================================================================ -- Copyright (C) 2002-2004 Rodolphe Quiedeville -- Copyright (C) 2004-2005 Laurent Destailleur --- Copyright (C) 2005-2009 Regis Houssin +-- Copyright (C) 2005-2012 Regis Houssin -- -- This program is free software; you can redistribute it and/or modify -- it under the terms of the GNU General Public License as published by @@ -22,4 +22,17 @@ ALTER TABLE llx_propal ADD UNIQUE INDEX uk_propal_ref (ref, entity); ALTER TABLE llx_propal ADD INDEX idx_propal_fk_soc (fk_soc); -ALTER TABLE llx_propal ADD CONSTRAINT fk_propal_fk_soc FOREIGN KEY (fk_soc) REFERENCES llx_societe (rowid); \ No newline at end of file +ALTER TABLE llx_propal ADD INDEX idx_propal_fk_user_author (fk_user_author); +ALTER TABLE llx_propal ADD INDEX idx_propal_fk_user_valid (fk_user_valid); +ALTER TABLE llx_propal ADD INDEX idx_propal_fk_user_cloture (fk_user_cloture); +ALTER TABLE llx_propal ADD INDEX idx_propal_fk_projet (fk_projet); +ALTER TABLE llx_propal ADD INDEX idx_propal_fk_account(fk_account); +ALTER TABLE llx_propal ADD INDEX idx_propal_fk_currency(fk_currency); + +ALTER TABLE llx_propal ADD CONSTRAINT fk_propal_fk_soc FOREIGN KEY (fk_soc) REFERENCES llx_societe (rowid); +ALTER TABLE llx_propal ADD CONSTRAINT fk_propal_fk_user_author FOREIGN KEY (fk_user_author) REFERENCES llx_user (rowid); +ALTER TABLE llx_propal ADD CONSTRAINT fk_propal_fk_user_valid FOREIGN KEY (fk_user_valid) REFERENCES llx_user (rowid); +ALTER TABLE llx_propal ADD CONSTRAINT fk_propal_fk_user_cloture FOREIGN KEY (fk_user_cloture) REFERENCES llx_user (rowid); +ALTER TABLE llx_propal ADD CONSTRAINT fk_propal_fk_projet FOREIGN KEY (fk_projet) REFERENCES llx_projet (rowid); +ALTER TABLE llx_propal ADD CONSTRAINT fk_propal_fk_account FOREIGN KEY (fk_account) REFERENCES llx_bank_account (rowid); +ALTER TABLE llx_propal ADD CONSTRAINT fk_propal_fk_currency FOREIGN KEY (fk_currency) REFERENCES llx_c_currencies (code); \ No newline at end of file diff --git a/htdocs/install/mysql/tables/llx_propal.sql b/htdocs/install/mysql/tables/llx_propal.sql index a293e9b5c0e..4e433b27b90 100644 --- a/htdocs/install/mysql/tables/llx_propal.sql +++ b/htdocs/install/mysql/tables/llx_propal.sql @@ -1,6 +1,6 @@ -- =================================================================== -- Copyright (C) 2001-2003 Rodolphe Quiedeville --- Copyright (C) 2005-2011 Regis Houssin +-- Copyright (C) 2005-2012 Regis Houssin -- Copyright (C) 2010 Laurent Destailleur -- Copyright (C) 2010 Juanjo Menent -- @@ -21,45 +21,47 @@ create table llx_propal ( - rowid integer AUTO_INCREMENT PRIMARY KEY, - ref varchar(30) NOT NULL, -- proposal reference number - entity integer DEFAULT 1 NOT NULL, -- multi company id + rowid integer AUTO_INCREMENT PRIMARY KEY, + ref varchar(30) NOT NULL, -- proposal reference number + entity integer DEFAULT 1 NOT NULL, -- multi company id - ref_ext varchar(255), -- reference into an external system (not used by dolibarr) - ref_int varchar(255), -- reference into an internal system (used by dolibarr) - ref_client varchar(255), -- customer proposal number + ref_ext varchar(255), -- reference into an external system (not used by dolibarr) + ref_int varchar(255), -- reference into an internal system (used by dolibarr) + ref_client varchar(255), -- customer proposal number - fk_soc integer, - fk_projet integer DEFAULT 0, -- projet auquel est rattache la propale + fk_soc integer, + fk_projet integer DEFAULT 0, -- projet auquel est rattache la propale - tms timestamp, - datec datetime, -- date de creation - datep date, -- date de la propal - fin_validite datetime, -- date de fin de validite - date_valid datetime, -- date de validation - date_cloture datetime, -- date de cloture - fk_user_author integer, -- createur de la propale - fk_user_valid integer, -- valideur de la propale - fk_user_cloture integer, -- cloture de la propale signee ou non signee - fk_statut smallint DEFAULT 0 NOT NULL, - price real DEFAULT 0, -- (obsolete) - remise_percent real DEFAULT 0, -- remise globale relative en pourcent (obsolete) - remise_absolue real DEFAULT 0, -- remise globale absolue (obsolete) - remise real DEFAULT 0, -- remise calculee (obsolete) - total_ht double(24,8) DEFAULT 0, -- montant total ht apres remise globale - tva double(24,8) DEFAULT 0, -- montant total tva apres remise globale - localtax1 double(24,8) DEFAULT 0, -- amount total localtax1 - localtax2 double(24,8) DEFAULT 0, -- amount total localtax2 - total double(24,8) DEFAULT 0, -- montant total ttc apres remise globale + tms timestamp, + datec datetime, -- date de creation + date date, -- date de la propal + fin_validite datetime, -- date de fin de validite + date_valid datetime, -- date de validation + date_cloture datetime, -- date de cloture + fk_user_author integer, -- createur de la propale + fk_user_valid integer, -- valideur de la propale + fk_user_cloture integer, -- cloture de la propale signee ou non signee + fk_statut smallint DEFAULT 0 NOT NULL, + price real DEFAULT 0, -- (obsolete) + remise_percent real DEFAULT 0, -- remise globale relative en pourcent (obsolete) + remise_absolue real DEFAULT 0, -- remise globale absolue (obsolete) + remise real DEFAULT 0, -- remise calculee (obsolete) + total_ht double(24,8) DEFAULT 0, -- montant total ht apres remise globale + tva double(24,8) DEFAULT 0, -- montant total tva apres remise globale + localtax1 double(24,8) DEFAULT 0, -- amount total localtax1 + localtax2 double(24,8) DEFAULT 0, -- amount total localtax2 + total double(24,8) DEFAULT 0, -- montant total ttc apres remise globale - fk_cond_reglement integer, -- condition de reglement (30 jours, fin de mois ...) - fk_mode_reglement integer, -- mode de reglement (Virement, Prelevement) + fk_account integer, -- bank account + fk_currency varchar(2), -- currency code + fk_cond_reglement integer, -- condition de reglement (30 jours, fin de mois ...) + fk_mode_reglement integer, -- mode de reglement (Virement, Prelevement) note text, note_public text, model_pdf varchar(255), - date_livraison date DEFAULT NULL, -- delivery date - fk_availability integer NULL, + date_livraison date DEFAULT NULL, -- delivery date + fk_availability integer NULL, fk_demand_reason integer, - fk_adresse_livraison integer -- delivery address (deprecated) + fk_adresse_livraison integer -- delivery address (deprecated) )ENGINE=innodb; From 03e68b3d77908ba4ba86050675f2aa4656f1658d Mon Sep 17 00:00:00 2001 From: Regis Houssin Date: Mon, 27 Feb 2012 09:04:41 +0100 Subject: [PATCH 23/39] Fix: avoid warning --- htdocs/core/modules/DolibarrModules.class.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/htdocs/core/modules/DolibarrModules.class.php b/htdocs/core/modules/DolibarrModules.class.php index 8137f6151f6..7a7ea3d4050 100644 --- a/htdocs/core/modules/DolibarrModules.class.php +++ b/htdocs/core/modules/DolibarrModules.class.php @@ -1263,7 +1263,7 @@ abstract class DolibarrModules $err=0; $entity=$conf->entity; - if (is_array($this->module_parts) && ! empty($this->module_parts)) + if (isset($this->module_parts) && is_array($this->module_parts) && ! empty($this->module_parts)) { foreach($this->module_parts as $key => $value) { @@ -1324,7 +1324,7 @@ abstract class DolibarrModules $err=0; - if (is_array($this->module_parts) && ! empty($this->module_parts)) + if (isset($this->module_parts) && is_array($this->module_parts) && ! empty($this->module_parts)) { foreach($this->module_parts as $key => $value) { From 476168410ea93068a5fd65be7d6d8ed2c31c20cb Mon Sep 17 00:00:00 2001 From: Regis Houssin Date: Mon, 27 Feb 2012 09:09:34 +0100 Subject: [PATCH 24/39] Fix: declaration of property --- htdocs/core/modules/DolibarrModules.class.php | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/htdocs/core/modules/DolibarrModules.class.php b/htdocs/core/modules/DolibarrModules.class.php index 7a7ea3d4050..ffb90f0ec9a 100644 --- a/htdocs/core/modules/DolibarrModules.class.php +++ b/htdocs/core/modules/DolibarrModules.class.php @@ -35,7 +35,7 @@ abstract class DolibarrModules //! Database handler var $db; //! Relative path to module style sheet - var $style_sheet = ''; + var $style_sheet = ''; // deprecated //! Path to create when module activated var $dirs = array(); //! Tableau des boites @@ -46,6 +46,8 @@ abstract class DolibarrModules var $rights; //! Tableau des menus var $menu=array(); + //! Module parts array + var $module_parts=array(); //! Tableau des documents ??? var $docs; @@ -1263,7 +1265,7 @@ abstract class DolibarrModules $err=0; $entity=$conf->entity; - if (isset($this->module_parts) && is_array($this->module_parts) && ! empty($this->module_parts)) + if (is_array($this->module_parts) && ! empty($this->module_parts)) { foreach($this->module_parts as $key => $value) { @@ -1324,7 +1326,7 @@ abstract class DolibarrModules $err=0; - if (isset($this->module_parts) && is_array($this->module_parts) && ! empty($this->module_parts)) + if (is_array($this->module_parts) && ! empty($this->module_parts)) { foreach($this->module_parts as $key => $value) { From 563acb596850cf1e479ac3f20c09dbfd5a7f6727 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 27 Feb 2012 10:18:34 +0100 Subject: [PATCH 25/39] For backward compatibility --- htdocs/core/modules/modSociete.class.php | 1 + 1 file changed, 1 insertion(+) diff --git a/htdocs/core/modules/modSociete.class.php b/htdocs/core/modules/modSociete.class.php index 111c9dd4c09..6f5f3080ef2 100644 --- a/htdocs/core/modules/modSociete.class.php +++ b/htdocs/core/modules/modSociete.class.php @@ -199,6 +199,7 @@ class modSociete extends DolibarrModules $this->export_icon[$r]='company'; $this->export_permission[$r]=array(array("societe","export")); $this->export_fields_array[$r]=array('s.rowid'=>"Id",'s.nom'=>"Name",'s.status'=>"Status",'s.client'=>"Customer",'s.fournisseur'=>"Supplier",'s.datec'=>"DateCreation",'s.tms'=>"DateLastModification",'s.code_client'=>"CustomerCode",'s.code_fournisseur'=>"SupplierCode",'s.address'=>"Address",'s.cp'=>"Zip",'s.ville'=>"Town",'p.libelle'=>"Country",'p.code'=>"CountryCode",'s.tel'=>"Phone",'s.fax'=>"Fax",'s.url'=>"Url",'s.email'=>"Email",'s.default_lang'=>"DefaultLang",'s.siret'=>"IdProf1",'s.siren'=>"IdProf2",'s.ape'=>"IdProf3",'s.idprof4'=>"IdProf4",'s.tva_intra'=>"VATIntraShort",'s.capital'=>"Capital",'s.note'=>"Note",'t.libelle'=>"ThirdPartyType",'ce.code'=>"Effectif","cfj.libelle"=>"JuridicalStatus",'s.fk_prospectlevel'=>'ProspectLevel','s.fk_stcomm'=>'ProspectStatus','d.nom'=>'State'); + if (! empty($conf->global->SOCIETE_USEPREFIX)) $this->export_fields_array[$r]['s.prefix']='Prefix'; $this->export_entities_array[$r]=array(); // We define here only fields that use another picto // Add extra fields $sql="SELECT name, label FROM ".MAIN_DB_PREFIX."extrafields WHERE elementtype = 'company'"; From b0490bf0aa9d4acdeec5b7bb7af0677cfa257945 Mon Sep 17 00:00:00 2001 From: Regis Houssin Date: Mon, 27 Feb 2012 11:55:46 +0100 Subject: [PATCH 26/39] Fix: remove constraints --- htdocs/install/mysql/migration/3.1.0-3.2.0.sql | 3 --- htdocs/install/mysql/tables/llx_commande.key.sql | 1 - htdocs/install/mysql/tables/llx_facture.key.sql | 1 - htdocs/install/mysql/tables/llx_propal.key.sql | 1 - 4 files changed, 6 deletions(-) diff --git a/htdocs/install/mysql/migration/3.1.0-3.2.0.sql b/htdocs/install/mysql/migration/3.1.0-3.2.0.sql index b643467d906..21521e28bc0 100755 --- a/htdocs/install/mysql/migration/3.1.0-3.2.0.sql +++ b/htdocs/install/mysql/migration/3.1.0-3.2.0.sql @@ -209,7 +209,6 @@ ALTER TABLE llx_propal ADD CONSTRAINT fk_propal_fk_user_author FOREIGN KEY (fk_u ALTER TABLE llx_propal ADD CONSTRAINT fk_propal_fk_user_valid FOREIGN KEY (fk_user_valid) REFERENCES llx_user (rowid); ALTER TABLE llx_propal ADD CONSTRAINT fk_propal_fk_user_cloture FOREIGN KEY (fk_user_cloture) REFERENCES llx_user (rowid); ALTER TABLE llx_propal ADD CONSTRAINT fk_propal_fk_projet FOREIGN KEY (fk_projet) REFERENCES llx_projet (rowid); -ALTER TABLE llx_propal ADD CONSTRAINT fk_propal_fk_account FOREIGN KEY (fk_account) REFERENCES llx_bank_account (rowid); ALTER TABLE llx_propal ADD CONSTRAINT fk_propal_fk_currency FOREIGN KEY (fk_currency) REFERENCES llx_c_currencies (code); ALTER TABLE llx_commande ADD COLUMN fk_account integer AFTER facture; @@ -224,14 +223,12 @@ ALTER TABLE llx_commande ADD CONSTRAINT fk_commande_fk_user_author FOREIGN KEY ( ALTER TABLE llx_commande ADD CONSTRAINT fk_commande_fk_user_valid FOREIGN KEY (fk_user_valid) REFERENCES llx_user (rowid); ALTER TABLE llx_commande ADD CONSTRAINT fk_commande_fk_user_cloture FOREIGN KEY (fk_user_cloture) REFERENCES llx_user (rowid); ALTER TABLE llx_commande ADD CONSTRAINT fk_commande_fk_projet FOREIGN KEY (fk_projet) REFERENCES llx_projet (rowid); -ALTER TABLE llx_commande ADD CONSTRAINT fk_commande_fk_account FOREIGN KEY (fk_account) REFERENCES llx_bank_account (rowid); ALTER TABLE llx_commande ADD CONSTRAINT fk_commande_fk_currency FOREIGN KEY (fk_currency) REFERENCES llx_c_currencies (code); ALTER TABLE llx_facture ADD COLUMN fk_account integer AFTER fk_projet; ALTER TABLE llx_facture ADD COLUMN fk_currency varchar(2) AFTER fk_account; ALTER TABLE llx_facture ADD INDEX idx_facture_fk_account (fk_account); ALTER TABLE llx_facture ADD INDEX idx_facture_fk_currency (fk_currency); -ALTER TABLE llx_facture ADD CONSTRAINT fk_facture_fk_account FOREIGN KEY (fk_account) REFERENCES llx_bank_account (rowid); ALTER TABLE llx_facture ADD CONSTRAINT fk_facture_fk_currency FOREIGN KEY (fk_currency) REFERENCES llx_c_currencies (code); ALTER TABLE llx_actioncomm DROP COLUMN propalrowid; diff --git a/htdocs/install/mysql/tables/llx_commande.key.sql b/htdocs/install/mysql/tables/llx_commande.key.sql index 7a117535b47..a608b46f075 100644 --- a/htdocs/install/mysql/tables/llx_commande.key.sql +++ b/htdocs/install/mysql/tables/llx_commande.key.sql @@ -36,5 +36,4 @@ ALTER TABLE llx_commande ADD CONSTRAINT fk_commande_fk_user_author FOREIGN KEY ( ALTER TABLE llx_commande ADD CONSTRAINT fk_commande_fk_user_valid FOREIGN KEY (fk_user_valid) REFERENCES llx_user (rowid); ALTER TABLE llx_commande ADD CONSTRAINT fk_commande_fk_user_cloture FOREIGN KEY (fk_user_cloture) REFERENCES llx_user (rowid); ALTER TABLE llx_commande ADD CONSTRAINT fk_commande_fk_projet FOREIGN KEY (fk_projet) REFERENCES llx_projet (rowid); -ALTER TABLE llx_commande ADD CONSTRAINT fk_commande_fk_account FOREIGN KEY (fk_account) REFERENCES llx_bank_account (rowid); ALTER TABLE llx_commande ADD CONSTRAINT fk_commande_fk_currency FOREIGN KEY (fk_currency) REFERENCES llx_c_currencies (code); diff --git a/htdocs/install/mysql/tables/llx_facture.key.sql b/htdocs/install/mysql/tables/llx_facture.key.sql index 328d856d76d..e4034b5e4a3 100644 --- a/htdocs/install/mysql/tables/llx_facture.key.sql +++ b/htdocs/install/mysql/tables/llx_facture.key.sql @@ -34,5 +34,4 @@ ALTER TABLE llx_facture ADD CONSTRAINT fk_facture_fk_user_author FOREIGN KEY ALTER TABLE llx_facture ADD CONSTRAINT fk_facture_fk_user_valid FOREIGN KEY (fk_user_valid) REFERENCES llx_user (rowid); ALTER TABLE llx_facture ADD CONSTRAINT fk_facture_fk_facture_source FOREIGN KEY (fk_facture_source) REFERENCES llx_facture (rowid); ALTER TABLE llx_facture ADD CONSTRAINT fk_facture_fk_projet FOREIGN KEY (fk_projet) REFERENCES llx_projet (rowid); -ALTER TABLE llx_facture ADD CONSTRAINT fk_facture_fk_account FOREIGN KEY (fk_account) REFERENCES llx_bank_account (rowid); ALTER TABLE llx_facture ADD CONSTRAINT fk_facture_fk_currency FOREIGN KEY (fk_currency) REFERENCES llx_c_currencies (code); \ No newline at end of file diff --git a/htdocs/install/mysql/tables/llx_propal.key.sql b/htdocs/install/mysql/tables/llx_propal.key.sql index a2de94225c1..92200fca65c 100644 --- a/htdocs/install/mysql/tables/llx_propal.key.sql +++ b/htdocs/install/mysql/tables/llx_propal.key.sql @@ -34,5 +34,4 @@ ALTER TABLE llx_propal ADD CONSTRAINT fk_propal_fk_user_author FOREIGN KEY (fk_u ALTER TABLE llx_propal ADD CONSTRAINT fk_propal_fk_user_valid FOREIGN KEY (fk_user_valid) REFERENCES llx_user (rowid); ALTER TABLE llx_propal ADD CONSTRAINT fk_propal_fk_user_cloture FOREIGN KEY (fk_user_cloture) REFERENCES llx_user (rowid); ALTER TABLE llx_propal ADD CONSTRAINT fk_propal_fk_projet FOREIGN KEY (fk_projet) REFERENCES llx_projet (rowid); -ALTER TABLE llx_propal ADD CONSTRAINT fk_propal_fk_account FOREIGN KEY (fk_account) REFERENCES llx_bank_account (rowid); ALTER TABLE llx_propal ADD CONSTRAINT fk_propal_fk_currency FOREIGN KEY (fk_currency) REFERENCES llx_c_currencies (code); \ No newline at end of file From e999e3daadc5db77a3dd4c77c328b2fef83ad837 Mon Sep 17 00:00:00 2001 From: Regis Houssin Date: Mon, 27 Feb 2012 12:04:31 +0100 Subject: [PATCH 27/39] Fix: remove constraints --- htdocs/install/mysql/migration/3.1.0-3.2.0.sql | 6 +++--- htdocs/install/mysql/tables/llx_commande.key.sql | 1 - htdocs/install/mysql/tables/llx_facture.key.sql | 1 - htdocs/install/mysql/tables/llx_propal.key.sql | 1 - 4 files changed, 3 insertions(+), 6 deletions(-) diff --git a/htdocs/install/mysql/migration/3.1.0-3.2.0.sql b/htdocs/install/mysql/migration/3.1.0-3.2.0.sql index b643467d906..bc0a4ac8223 100755 --- a/htdocs/install/mysql/migration/3.1.0-3.2.0.sql +++ b/htdocs/install/mysql/migration/3.1.0-3.2.0.sql @@ -209,8 +209,8 @@ ALTER TABLE llx_propal ADD CONSTRAINT fk_propal_fk_user_author FOREIGN KEY (fk_u ALTER TABLE llx_propal ADD CONSTRAINT fk_propal_fk_user_valid FOREIGN KEY (fk_user_valid) REFERENCES llx_user (rowid); ALTER TABLE llx_propal ADD CONSTRAINT fk_propal_fk_user_cloture FOREIGN KEY (fk_user_cloture) REFERENCES llx_user (rowid); ALTER TABLE llx_propal ADD CONSTRAINT fk_propal_fk_projet FOREIGN KEY (fk_projet) REFERENCES llx_projet (rowid); -ALTER TABLE llx_propal ADD CONSTRAINT fk_propal_fk_account FOREIGN KEY (fk_account) REFERENCES llx_bank_account (rowid); ALTER TABLE llx_propal ADD CONSTRAINT fk_propal_fk_currency FOREIGN KEY (fk_currency) REFERENCES llx_c_currencies (code); +ALTER TABLE llx_propal DROP FOREIGN KEY fk_propal_fk_account; ALTER TABLE llx_commande ADD COLUMN fk_account integer AFTER facture; ALTER TABLE llx_commande ADD COLUMN fk_currency varchar(2) AFTER fk_account; @@ -224,15 +224,15 @@ ALTER TABLE llx_commande ADD CONSTRAINT fk_commande_fk_user_author FOREIGN KEY ( ALTER TABLE llx_commande ADD CONSTRAINT fk_commande_fk_user_valid FOREIGN KEY (fk_user_valid) REFERENCES llx_user (rowid); ALTER TABLE llx_commande ADD CONSTRAINT fk_commande_fk_user_cloture FOREIGN KEY (fk_user_cloture) REFERENCES llx_user (rowid); ALTER TABLE llx_commande ADD CONSTRAINT fk_commande_fk_projet FOREIGN KEY (fk_projet) REFERENCES llx_projet (rowid); -ALTER TABLE llx_commande ADD CONSTRAINT fk_commande_fk_account FOREIGN KEY (fk_account) REFERENCES llx_bank_account (rowid); ALTER TABLE llx_commande ADD CONSTRAINT fk_commande_fk_currency FOREIGN KEY (fk_currency) REFERENCES llx_c_currencies (code); +ALTER TABLE llx_commande DROP FOREIGN KEY fk_commande_fk_account; ALTER TABLE llx_facture ADD COLUMN fk_account integer AFTER fk_projet; ALTER TABLE llx_facture ADD COLUMN fk_currency varchar(2) AFTER fk_account; ALTER TABLE llx_facture ADD INDEX idx_facture_fk_account (fk_account); ALTER TABLE llx_facture ADD INDEX idx_facture_fk_currency (fk_currency); -ALTER TABLE llx_facture ADD CONSTRAINT fk_facture_fk_account FOREIGN KEY (fk_account) REFERENCES llx_bank_account (rowid); ALTER TABLE llx_facture ADD CONSTRAINT fk_facture_fk_currency FOREIGN KEY (fk_currency) REFERENCES llx_c_currencies (code); +ALTER TABLE llx_facture DROP FOREIGN KEY fk_facture_fk_account; ALTER TABLE llx_actioncomm DROP COLUMN propalrowid; ALTER TABLE llx_actioncomm DROP COLUMN fk_facture; diff --git a/htdocs/install/mysql/tables/llx_commande.key.sql b/htdocs/install/mysql/tables/llx_commande.key.sql index 7a117535b47..a608b46f075 100644 --- a/htdocs/install/mysql/tables/llx_commande.key.sql +++ b/htdocs/install/mysql/tables/llx_commande.key.sql @@ -36,5 +36,4 @@ ALTER TABLE llx_commande ADD CONSTRAINT fk_commande_fk_user_author FOREIGN KEY ( ALTER TABLE llx_commande ADD CONSTRAINT fk_commande_fk_user_valid FOREIGN KEY (fk_user_valid) REFERENCES llx_user (rowid); ALTER TABLE llx_commande ADD CONSTRAINT fk_commande_fk_user_cloture FOREIGN KEY (fk_user_cloture) REFERENCES llx_user (rowid); ALTER TABLE llx_commande ADD CONSTRAINT fk_commande_fk_projet FOREIGN KEY (fk_projet) REFERENCES llx_projet (rowid); -ALTER TABLE llx_commande ADD CONSTRAINT fk_commande_fk_account FOREIGN KEY (fk_account) REFERENCES llx_bank_account (rowid); ALTER TABLE llx_commande ADD CONSTRAINT fk_commande_fk_currency FOREIGN KEY (fk_currency) REFERENCES llx_c_currencies (code); diff --git a/htdocs/install/mysql/tables/llx_facture.key.sql b/htdocs/install/mysql/tables/llx_facture.key.sql index 328d856d76d..e4034b5e4a3 100644 --- a/htdocs/install/mysql/tables/llx_facture.key.sql +++ b/htdocs/install/mysql/tables/llx_facture.key.sql @@ -34,5 +34,4 @@ ALTER TABLE llx_facture ADD CONSTRAINT fk_facture_fk_user_author FOREIGN KEY ALTER TABLE llx_facture ADD CONSTRAINT fk_facture_fk_user_valid FOREIGN KEY (fk_user_valid) REFERENCES llx_user (rowid); ALTER TABLE llx_facture ADD CONSTRAINT fk_facture_fk_facture_source FOREIGN KEY (fk_facture_source) REFERENCES llx_facture (rowid); ALTER TABLE llx_facture ADD CONSTRAINT fk_facture_fk_projet FOREIGN KEY (fk_projet) REFERENCES llx_projet (rowid); -ALTER TABLE llx_facture ADD CONSTRAINT fk_facture_fk_account FOREIGN KEY (fk_account) REFERENCES llx_bank_account (rowid); ALTER TABLE llx_facture ADD CONSTRAINT fk_facture_fk_currency FOREIGN KEY (fk_currency) REFERENCES llx_c_currencies (code); \ No newline at end of file diff --git a/htdocs/install/mysql/tables/llx_propal.key.sql b/htdocs/install/mysql/tables/llx_propal.key.sql index a2de94225c1..92200fca65c 100644 --- a/htdocs/install/mysql/tables/llx_propal.key.sql +++ b/htdocs/install/mysql/tables/llx_propal.key.sql @@ -34,5 +34,4 @@ ALTER TABLE llx_propal ADD CONSTRAINT fk_propal_fk_user_author FOREIGN KEY (fk_u ALTER TABLE llx_propal ADD CONSTRAINT fk_propal_fk_user_valid FOREIGN KEY (fk_user_valid) REFERENCES llx_user (rowid); ALTER TABLE llx_propal ADD CONSTRAINT fk_propal_fk_user_cloture FOREIGN KEY (fk_user_cloture) REFERENCES llx_user (rowid); ALTER TABLE llx_propal ADD CONSTRAINT fk_propal_fk_projet FOREIGN KEY (fk_projet) REFERENCES llx_projet (rowid); -ALTER TABLE llx_propal ADD CONSTRAINT fk_propal_fk_account FOREIGN KEY (fk_account) REFERENCES llx_bank_account (rowid); ALTER TABLE llx_propal ADD CONSTRAINT fk_propal_fk_currency FOREIGN KEY (fk_currency) REFERENCES llx_c_currencies (code); \ No newline at end of file From 5381986e50dd6055f2b3b63281eaacffa0449da2 Mon Sep 17 00:00:00 2001 From: Regis Houssin Date: Mon, 27 Feb 2012 16:49:41 +0100 Subject: [PATCH 28/39] Fix: Multiple directory traversal vulnerabilities with backtopage --- htdocs/comm/action/fiche.php | 26 ++++++++++---------------- htdocs/comm/remise.php | 16 +++++++++------- htdocs/comm/remx.php | 15 ++++++++------- htdocs/contact/fiche.php | 27 ++++++++++++++------------- htdocs/core/lib/functions.lib.php | 6 +++++- htdocs/projet/fiche.php | 13 +++++++------ htdocs/projet/tasks.php | 11 ++++++----- htdocs/public/members/new.php | 8 ++++---- 8 files changed, 63 insertions(+), 59 deletions(-) diff --git a/htdocs/comm/action/fiche.php b/htdocs/comm/action/fiche.php index 85bb92979bd..2951f701c77 100644 --- a/htdocs/comm/action/fiche.php +++ b/htdocs/comm/action/fiche.php @@ -2,7 +2,7 @@ /* Copyright (C) 2001-2005 Rodolphe Quiedeville * Copyright (C) 2004-2012 Laurent Destailleur * Copyright (C) 2005 Simon TOSSER - * Copyright (C) 2005-2011 Regis Houssin + * Copyright (C) 2005-2012 Regis Houssin * Copyright (C) 2010 Juanjo Menent * * This program is free software; you can redistribute it and/or modify @@ -43,11 +43,12 @@ $langs->load("bills"); $langs->load("orders"); $langs->load("agenda"); -$action=GETPOST("action"); +$action=GETPOST('action','alpha'); +$backtopage=GETPOST('backtopage','alpha'); // Security check -$socid = GETPOST('socid'); -$id = GETPOST('id'); +$socid = GETPOST('socid','int'); +$id = GETPOST('id','int'); if ($user->societe_id) $socid=$user->societe_id; //$result = restrictedArea($user, 'agenda', $id, 'actioncomm', 'actions', '', 'id'); @@ -66,9 +67,7 @@ if ($action == 'add_action') { $error=0; - $backtopage=''; - if (! empty($_POST["backtopage"])) $backtopage=$_POST["backtopage"]; - if (! $backtopage) + if (empty($backtopage)) { if ($socid > 0) $backtopage = DOL_URL_ROOT.'/societe/agenda.php?socid='.$socid; else $backtopage=DOL_URL_ROOT.'/comm/action/index.php'; @@ -339,14 +338,9 @@ if ($action == 'update') } else { - if (! empty($_POST["from"])) // deprecated. Use backtopage instead - { - header("Location: ".$_POST["from"]); - exit; - } - if (! empty($_POST["backtopage"])) + if (! empty($backtopage)) { - header("Location: ".$_POST["backtopage"]); + header("Location: ".$backtopage); exit; } } @@ -426,7 +420,7 @@ if ($action == 'create') print ''; print ''; print ''; - if (GETPOST("backtopage")) print ''; + print ''; if (GETPOST("actioncode") == 'AC_RDV') print_fiche_titre($langs->trans("AddActionRendezVous")); else print_fiche_titre($langs->trans("AddAnAction")); @@ -679,7 +673,7 @@ if ($id) print ''; print ''; print ''; - if (GETPOST("backtopage")) print ''; + print ''; print '
'; print $langs->trans('Month').': '; print ' '.$langs->trans('Year').': '; - $max_year = date("Y"); - $syear = $year; + $syear = GETPOST('year')?GETPOST('year'):-1; $formother->select_year($syear,'year',1, 20, 5); print '
'; diff --git a/htdocs/comm/remise.php b/htdocs/comm/remise.php index abfb5005972..b124a83714f 100644 --- a/htdocs/comm/remise.php +++ b/htdocs/comm/remise.php @@ -30,21 +30,23 @@ $langs->load("companies"); $langs->load("orders"); $langs->load("bills"); -$socid = GETPOST("id"); +$socid = GETPOST('id','int'); // Security check if ($user->societe_id > 0) { $socid = $user->societe_id; } +$backtopage = GETPOST('backtopage','alpha'); + /* * Actions */ -if (GETPOST('cancel') && GETPOST('backtopage')) +if (GETPOST('cancel') && ! empty($backtopage)) { - Header("Location: ".GETPOST("backtopage")); + Header("Location: ".$backtopage); exit; } @@ -56,9 +58,9 @@ if (GETPOST("action") == 'setremise') if ($result > 0) { - if (GETPOST('backtopage')) + if (! empty($backtopage)) { - Header("Location: ".GETPOST('backtopage')); + Header("Location: ".$backtopage); exit; } else @@ -122,7 +124,7 @@ if ($socid > 0) print ''; print ''; print ''; - print ''; + print ''; print '
'; @@ -138,7 +140,7 @@ if ($socid > 0) print '
'; print ''; - if (GETPOST("backtopage")) + if (! empty($backtopage)) { print '    '; print ''; diff --git a/htdocs/comm/remx.php b/htdocs/comm/remx.php index 8f26a58463e..42bac50817f 100644 --- a/htdocs/comm/remx.php +++ b/htdocs/comm/remx.php @@ -32,7 +32,8 @@ $langs->load("orders"); $langs->load("bills"); $langs->load("companies"); -$action=GETPOST('action'); +$action=GETPOST('action','alpha'); +$backtopage=GETPOST('backtopage','alpha'); // Security check $socid = GETPOST("id"); @@ -46,9 +47,9 @@ if ($user->societe_id > 0) * Actions */ -if (GETPOST('cancel') && GETPOST('backtopage')) +if (GETPOST('cancel') && ! empty($backtopage)) { - Header("Location: ".GETPOST("backtopage")); + Header("Location: ".$backtopage); exit; } @@ -151,9 +152,9 @@ if ($action == 'setremise') if ($discountid > 0) { - if (GETPOST("backtopage")) + if (! empty($backtopage)) { - Header("Location: ".GETPOST("backtopage").'&discountid='.$discountid); + Header("Location: ".$backtopage.'&discountid='.$discountid); exit; } else @@ -228,7 +229,7 @@ if ($socid > 0) print ''; print ''; print ''; - print ''; + print ''; print '
'; @@ -280,7 +281,7 @@ if ($socid > 0) print '
'; print ''; - if (GETPOST("backtopage")) + if (! empty($backtopage)) { print '    '; print ''; diff --git a/htdocs/contact/fiche.php b/htdocs/contact/fiche.php index 213980d55a1..bb6ff79a06d 100644 --- a/htdocs/contact/fiche.php +++ b/htdocs/contact/fiche.php @@ -39,10 +39,11 @@ $langs->load("commercial"); $mesg=''; $error=0; $errors=array(); -$action = (GETPOST('action') ? GETPOST('action') : 'view'); -$confirm = GETPOST('confirm'); -$id = GETPOST("id"); -$socid = GETPOST("socid"); +$action = (GETPOST('action','alpha') ? GETPOST('action','alpha') : 'view'); +$confirm = GETPOST('confirm','alpha'); +$backtopage = GETPOST('backtopage','alpha'); +$id = GETPOST('id','int'); +$socid = GETPOST('socid','int'); if ($user->societe_id) $socid=$user->societe_id; $object = new Contact($db); @@ -76,9 +77,9 @@ $reshook=$hookmanager->executeHooks('doActions',$parameters,$object,$action); if (empty($reshook)) { // Cancel - if (GETPOST("cancel") && GETPOST('backtopage')) + if (GETPOST("cancel") && ! empty($backtopage)) { - header("Location: ".GETPOST('backtopage')); + header("Location: ".$backtopage); exit; } @@ -86,7 +87,7 @@ if (empty($reshook)) if ($action == 'confirm_create_user' && $confirm == 'yes' && $user->rights->user->user->creer) { // Recuperation contact actuel - $result = $object->fetch($_GET["id"]); + $result = $object->fetch($id); if ($result > 0) { @@ -172,7 +173,7 @@ if (empty($reshook)) if (! $error && $id > 0) { $db->commit(); - if (GETPOST('backtopage')) $url=GETPOST('backtopage'); + if (! empty($backtopage)) $url=$backtopage; else $url='fiche.php?id='.$id; Header("Location: ".$url); exit; @@ -368,7 +369,7 @@ else print ''; print ''; print ''; - print ''; + print ''; print '
'; // Name @@ -497,7 +498,7 @@ else print '
'; print ''; - if (GETPOST('backtopage')) + if (! empty($backtopage)) { print '     '; print ''; @@ -537,11 +538,11 @@ else print ''; } - print ''; + print ''; print ''; - print ''; + print ''; print ''; - print ''; + print ''; print ''; print ''; print ''; diff --git a/htdocs/core/lib/functions.lib.php b/htdocs/core/lib/functions.lib.php index f9836b4165a..5dfcda5ab17 100644 --- a/htdocs/core/lib/functions.lib.php +++ b/htdocs/core/lib/functions.lib.php @@ -257,7 +257,11 @@ function GETPOST($paramname,$check='',$method=0) // Check if alpha //if ($check == 'alpha' && ! preg_match('/^[ =:@#\/\\\(\)\-\._a-z0-9]+$/i',trim($out))) $out=''; // '"' is dangerous because param in url can close the href= or src= and add javascript functions. - if ($check == 'alpha' && preg_match('/"/',trim($out))) $out=''; + if ($check == 'alpha') + { + if (preg_match('/"/',trim($out))) $out=''; + else if (preg_match('/(\.\.\/)+/',trim($out))) $out=''; + } } return $out; diff --git a/htdocs/projet/fiche.php b/htdocs/projet/fiche.php index 95aba87efb0..371028f02fd 100644 --- a/htdocs/projet/fiche.php +++ b/htdocs/projet/fiche.php @@ -34,8 +34,9 @@ $langs->load("projects"); $langs->load('companies'); $id=GETPOST('id','int'); -$ref = GETPOST('ref'); -$action=GETPOST('action'); +$ref = GETPOST('ref','alpha'); +$action=GETPOST('action','alpha'); +$backtopage=GETPOST('backtopage','alpha'); if ($id == '' && $ref == '' && ($action != "create" && $action != "add" && $action != "update" && ! $_POST["cancel"])) accessforbidden(); @@ -55,9 +56,9 @@ $result = restrictedArea($user, 'projet', $id); */ // Cancel -if (GETPOST("cancel") && GETPOST('backtopage')) +if (GETPOST("cancel") && ! empty($backtopage)) { - header("Location: ".GETPOST('backtopage')); + header("Location: ".$backtopage); exit; } @@ -276,7 +277,7 @@ if ($action == 'create' && $user->rights->projet->creer) print ''; print ''; print ''; - print ''; + print ''; print '
'; @@ -332,7 +333,7 @@ if ($action == 'create' && $user->rights->projet->creer) print '
'; print ''; - if (GETPOST('backtopage')) + if (! empty($backtopage)) { print '     '; print ''; diff --git a/htdocs/projet/tasks.php b/htdocs/projet/tasks.php index c05bac91f4e..6c4ccb733fa 100644 --- a/htdocs/projet/tasks.php +++ b/htdocs/projet/tasks.php @@ -36,6 +36,7 @@ $langs->load("projects"); $action = GETPOST('action', 'alpha'); $id = GETPOST('id', 'int'); $ref = GETPOST('ref', 'alpha'); +$backtopage=GETPOST('backtopage','alpha'); $mode = GETPOST('mode', 'alpha'); $mine = ($mode == 'mine' ? 1 : 0); @@ -111,9 +112,9 @@ if ($action == 'createtask' && $user->rights->projet->creer) if (! $error) { - if (GETPOST('backtopage')) + if (! empty($backtopage)) { - Header("Location: ".GETPOST('backtopage')); + Header("Location: ".$backtopage); exit; } else if (empty($projectid)) @@ -125,9 +126,9 @@ if ($action == 'createtask' && $user->rights->projet->creer) } else { - if (GETPOST('backtopage')) + if (! empty($backtopage)) { - Header("Location: ".GETPOST('backtopage')); + Header("Location: ".$backtopage); exit; } else if (empty($id)) @@ -219,7 +220,7 @@ if ($action == 'create' && $user->rights->projet->creer && (empty($object->socie print ''; print ''; print ''; - print ''; + print ''; if (! empty($object->id)) print ''; if (! empty($mode)) print ''; diff --git a/htdocs/public/members/new.php b/htdocs/public/members/new.php index fc7feedb0ae..d1d63d0310e 100644 --- a/htdocs/public/members/new.php +++ b/htdocs/public/members/new.php @@ -47,8 +47,8 @@ require_once(DOL_DOCUMENT_ROOT."/core/lib/company.lib.php"); $errmsg=''; $num=0; $error=0; -$backtopage=GETPOST('backtopage'); -$action=GETPOST('action'); +$backtopage=GETPOST('backtopage','alpha'); +$action=GETPOST('action','alpha'); // Load translation files $langs->load("main"); @@ -255,7 +255,7 @@ if ($action == 'add') $result=$adh->send_an_email($conf->global->ADHERENT_AUTOREGISTER_MAIL,$conf->global->ADHERENT_AUTOREGISTER_MAIL_SUBJECT,array(),array(),array(),"","",0,-1); } - if ($backtopage) $urlback=$backtopage; + if (! empty($backtopage)) $urlback=$backtopage; else if ($conf->global->MEMBER_URL_REDIRECT_SUBSCRIPTION) { $urlback=$conf->global->MEMBER_URL_REDIRECT_SUBSCRIPTION; @@ -545,7 +545,7 @@ print "
\n"; // Save print '
'; print ''; -if ($backtopage) +if (! empty($backtopage)) { print '     '; } From 8f9b9987ffb42cfbe907fe31ded3001bfc1b3417 Mon Sep 17 00:00:00 2001 From: Regis Houssin Date: Mon, 27 Feb 2012 17:02:56 +0100 Subject: [PATCH 29/39] Fix: Multiple directory traversal vulnerabilities with document.php --- htdocs/comm/action/document.php | 2 +- htdocs/comm/action/fiche.php | 26 ++++++++++---------------- htdocs/comm/remise.php | 16 +++++++++------- htdocs/comm/remx.php | 15 ++++++++------- htdocs/contact/fiche.php | 27 ++++++++++++++------------- htdocs/core/lib/functions.lib.php | 6 +++++- htdocs/document.php | 12 ++++++------ htdocs/projet/fiche.php | 13 +++++++------ htdocs/projet/tasks.php | 11 ++++++----- htdocs/public/members/new.php | 8 ++++---- 10 files changed, 70 insertions(+), 66 deletions(-) diff --git a/htdocs/comm/action/document.php b/htdocs/comm/action/document.php index da79ff42233..88fa0f440ea 100755 --- a/htdocs/comm/action/document.php +++ b/htdocs/comm/action/document.php @@ -2,7 +2,7 @@ /* Copyright (C) 2003-2004 Rodolphe Quiedeville * Copyright (C) 2004-2010 Laurent Destailleur * Copyright (C) 2005 Marc Barilley / Ocebo - * Copyright (C) 2005-2009 Regis Houssin + * Copyright (C) 2005-2012 Regis Houssin * Copyright (C) 2005 Simon TOSSER * * This program is free software; you can redistribute it and/or modify diff --git a/htdocs/comm/action/fiche.php b/htdocs/comm/action/fiche.php index 85bb92979bd..2951f701c77 100644 --- a/htdocs/comm/action/fiche.php +++ b/htdocs/comm/action/fiche.php @@ -2,7 +2,7 @@ /* Copyright (C) 2001-2005 Rodolphe Quiedeville * Copyright (C) 2004-2012 Laurent Destailleur * Copyright (C) 2005 Simon TOSSER - * Copyright (C) 2005-2011 Regis Houssin + * Copyright (C) 2005-2012 Regis Houssin * Copyright (C) 2010 Juanjo Menent * * This program is free software; you can redistribute it and/or modify @@ -43,11 +43,12 @@ $langs->load("bills"); $langs->load("orders"); $langs->load("agenda"); -$action=GETPOST("action"); +$action=GETPOST('action','alpha'); +$backtopage=GETPOST('backtopage','alpha'); // Security check -$socid = GETPOST('socid'); -$id = GETPOST('id'); +$socid = GETPOST('socid','int'); +$id = GETPOST('id','int'); if ($user->societe_id) $socid=$user->societe_id; //$result = restrictedArea($user, 'agenda', $id, 'actioncomm', 'actions', '', 'id'); @@ -66,9 +67,7 @@ if ($action == 'add_action') { $error=0; - $backtopage=''; - if (! empty($_POST["backtopage"])) $backtopage=$_POST["backtopage"]; - if (! $backtopage) + if (empty($backtopage)) { if ($socid > 0) $backtopage = DOL_URL_ROOT.'/societe/agenda.php?socid='.$socid; else $backtopage=DOL_URL_ROOT.'/comm/action/index.php'; @@ -339,14 +338,9 @@ if ($action == 'update') } else { - if (! empty($_POST["from"])) // deprecated. Use backtopage instead - { - header("Location: ".$_POST["from"]); - exit; - } - if (! empty($_POST["backtopage"])) + if (! empty($backtopage)) { - header("Location: ".$_POST["backtopage"]); + header("Location: ".$backtopage); exit; } } @@ -426,7 +420,7 @@ if ($action == 'create') print ''; print ''; print ''; - if (GETPOST("backtopage")) print ''; + print ''; if (GETPOST("actioncode") == 'AC_RDV') print_fiche_titre($langs->trans("AddActionRendezVous")); else print_fiche_titre($langs->trans("AddAnAction")); @@ -679,7 +673,7 @@ if ($id) print ''; print ''; print ''; - if (GETPOST("backtopage")) print ''; + print ''; print ''; diff --git a/htdocs/comm/remise.php b/htdocs/comm/remise.php index abfb5005972..b124a83714f 100644 --- a/htdocs/comm/remise.php +++ b/htdocs/comm/remise.php @@ -30,21 +30,23 @@ $langs->load("companies"); $langs->load("orders"); $langs->load("bills"); -$socid = GETPOST("id"); +$socid = GETPOST('id','int'); // Security check if ($user->societe_id > 0) { $socid = $user->societe_id; } +$backtopage = GETPOST('backtopage','alpha'); + /* * Actions */ -if (GETPOST('cancel') && GETPOST('backtopage')) +if (GETPOST('cancel') && ! empty($backtopage)) { - Header("Location: ".GETPOST("backtopage")); + Header("Location: ".$backtopage); exit; } @@ -56,9 +58,9 @@ if (GETPOST("action") == 'setremise') if ($result > 0) { - if (GETPOST('backtopage')) + if (! empty($backtopage)) { - Header("Location: ".GETPOST('backtopage')); + Header("Location: ".$backtopage); exit; } else @@ -122,7 +124,7 @@ if ($socid > 0) print ''; print ''; print ''; - print ''; + print ''; print '
'; @@ -138,7 +140,7 @@ if ($socid > 0) print '
'; print ''; - if (GETPOST("backtopage")) + if (! empty($backtopage)) { print '    '; print ''; diff --git a/htdocs/comm/remx.php b/htdocs/comm/remx.php index 8f26a58463e..42bac50817f 100644 --- a/htdocs/comm/remx.php +++ b/htdocs/comm/remx.php @@ -32,7 +32,8 @@ $langs->load("orders"); $langs->load("bills"); $langs->load("companies"); -$action=GETPOST('action'); +$action=GETPOST('action','alpha'); +$backtopage=GETPOST('backtopage','alpha'); // Security check $socid = GETPOST("id"); @@ -46,9 +47,9 @@ if ($user->societe_id > 0) * Actions */ -if (GETPOST('cancel') && GETPOST('backtopage')) +if (GETPOST('cancel') && ! empty($backtopage)) { - Header("Location: ".GETPOST("backtopage")); + Header("Location: ".$backtopage); exit; } @@ -151,9 +152,9 @@ if ($action == 'setremise') if ($discountid > 0) { - if (GETPOST("backtopage")) + if (! empty($backtopage)) { - Header("Location: ".GETPOST("backtopage").'&discountid='.$discountid); + Header("Location: ".$backtopage.'&discountid='.$discountid); exit; } else @@ -228,7 +229,7 @@ if ($socid > 0) print ''; print ''; print ''; - print ''; + print ''; print '
'; @@ -280,7 +281,7 @@ if ($socid > 0) print '
'; print ''; - if (GETPOST("backtopage")) + if (! empty($backtopage)) { print '    '; print ''; diff --git a/htdocs/contact/fiche.php b/htdocs/contact/fiche.php index 213980d55a1..bb6ff79a06d 100644 --- a/htdocs/contact/fiche.php +++ b/htdocs/contact/fiche.php @@ -39,10 +39,11 @@ $langs->load("commercial"); $mesg=''; $error=0; $errors=array(); -$action = (GETPOST('action') ? GETPOST('action') : 'view'); -$confirm = GETPOST('confirm'); -$id = GETPOST("id"); -$socid = GETPOST("socid"); +$action = (GETPOST('action','alpha') ? GETPOST('action','alpha') : 'view'); +$confirm = GETPOST('confirm','alpha'); +$backtopage = GETPOST('backtopage','alpha'); +$id = GETPOST('id','int'); +$socid = GETPOST('socid','int'); if ($user->societe_id) $socid=$user->societe_id; $object = new Contact($db); @@ -76,9 +77,9 @@ $reshook=$hookmanager->executeHooks('doActions',$parameters,$object,$action); if (empty($reshook)) { // Cancel - if (GETPOST("cancel") && GETPOST('backtopage')) + if (GETPOST("cancel") && ! empty($backtopage)) { - header("Location: ".GETPOST('backtopage')); + header("Location: ".$backtopage); exit; } @@ -86,7 +87,7 @@ if (empty($reshook)) if ($action == 'confirm_create_user' && $confirm == 'yes' && $user->rights->user->user->creer) { // Recuperation contact actuel - $result = $object->fetch($_GET["id"]); + $result = $object->fetch($id); if ($result > 0) { @@ -172,7 +173,7 @@ if (empty($reshook)) if (! $error && $id > 0) { $db->commit(); - if (GETPOST('backtopage')) $url=GETPOST('backtopage'); + if (! empty($backtopage)) $url=$backtopage; else $url='fiche.php?id='.$id; Header("Location: ".$url); exit; @@ -368,7 +369,7 @@ else print ''; print ''; print ''; - print ''; + print ''; print '
'; // Name @@ -497,7 +498,7 @@ else print '
'; print ''; - if (GETPOST('backtopage')) + if (! empty($backtopage)) { print '     '; print ''; @@ -537,11 +538,11 @@ else print ''; } - print ''; + print ''; print ''; - print ''; + print ''; print ''; - print ''; + print ''; print ''; print ''; print ''; diff --git a/htdocs/core/lib/functions.lib.php b/htdocs/core/lib/functions.lib.php index f9836b4165a..5dfcda5ab17 100644 --- a/htdocs/core/lib/functions.lib.php +++ b/htdocs/core/lib/functions.lib.php @@ -257,7 +257,11 @@ function GETPOST($paramname,$check='',$method=0) // Check if alpha //if ($check == 'alpha' && ! preg_match('/^[ =:@#\/\\\(\)\-\._a-z0-9]+$/i',trim($out))) $out=''; // '"' is dangerous because param in url can close the href= or src= and add javascript functions. - if ($check == 'alpha' && preg_match('/"/',trim($out))) $out=''; + if ($check == 'alpha') + { + if (preg_match('/"/',trim($out))) $out=''; + else if (preg_match('/(\.\.\/)+/',trim($out))) $out=''; + } } return $out; diff --git a/htdocs/document.php b/htdocs/document.php index 9c59f1da051..8836ebdbf97 100644 --- a/htdocs/document.php +++ b/htdocs/document.php @@ -2,7 +2,7 @@ /* Copyright (C) 2004-2007 Rodolphe Quiedeville * Copyright (C) 2004-2012 Laurent Destailleur * Copyright (C) 2005 Simon Tosser - * Copyright (C) 2005-2011 Regis Houssin + * Copyright (C) 2005-2012 Regis Houssin * Copyright (C) 2010 Pierre Morin * Copyright (C) 2010 Juanjo Menent * @@ -50,10 +50,10 @@ require("./main.inc.php"); // Load $user and permissions require_once(DOL_DOCUMENT_ROOT.'/core/lib/files.lib.php'); $encoding = ''; -$action = GETPOST("action"); -$original_file = GETPOST("file"); // Do not use urldecode here ($_GET are already decoded by PHP). -$modulepart = GETPOST("modulepart"); -$urlsource = GETPOST("urlsource"); +$action = GETPOST('action','alpha'); +$original_file = GETPOST('file','alpha'); // Do not use urldecode here ($_GET are already decoded by PHP). +$modulepart = GETPOST('modulepart','alpha'); +$urlsource = GETPOST('urlsource','alpha'); // Security check if (empty($modulepart)) accessforbidden('Bad value for parameter modulepart'); @@ -72,7 +72,7 @@ if (empty($modulepart)) accessforbidden('Bad value for parameter modulepart'); // Define mime type $type = 'application/octet-stream'; -if (GETPOST('type')) $type=GETPOST('type'); +if (GETPOST('type','alpha')) $type=GETPOST('type','alpha'); else $type=dol_mimetype($original_file); //print 'X'.$type.'-'.$original_file;exit; diff --git a/htdocs/projet/fiche.php b/htdocs/projet/fiche.php index 95aba87efb0..371028f02fd 100644 --- a/htdocs/projet/fiche.php +++ b/htdocs/projet/fiche.php @@ -34,8 +34,9 @@ $langs->load("projects"); $langs->load('companies'); $id=GETPOST('id','int'); -$ref = GETPOST('ref'); -$action=GETPOST('action'); +$ref = GETPOST('ref','alpha'); +$action=GETPOST('action','alpha'); +$backtopage=GETPOST('backtopage','alpha'); if ($id == '' && $ref == '' && ($action != "create" && $action != "add" && $action != "update" && ! $_POST["cancel"])) accessforbidden(); @@ -55,9 +56,9 @@ $result = restrictedArea($user, 'projet', $id); */ // Cancel -if (GETPOST("cancel") && GETPOST('backtopage')) +if (GETPOST("cancel") && ! empty($backtopage)) { - header("Location: ".GETPOST('backtopage')); + header("Location: ".$backtopage); exit; } @@ -276,7 +277,7 @@ if ($action == 'create' && $user->rights->projet->creer) print ''; print ''; print ''; - print ''; + print ''; print '
'; @@ -332,7 +333,7 @@ if ($action == 'create' && $user->rights->projet->creer) print '
'; print ''; - if (GETPOST('backtopage')) + if (! empty($backtopage)) { print '     '; print ''; diff --git a/htdocs/projet/tasks.php b/htdocs/projet/tasks.php index c05bac91f4e..6c4ccb733fa 100644 --- a/htdocs/projet/tasks.php +++ b/htdocs/projet/tasks.php @@ -36,6 +36,7 @@ $langs->load("projects"); $action = GETPOST('action', 'alpha'); $id = GETPOST('id', 'int'); $ref = GETPOST('ref', 'alpha'); +$backtopage=GETPOST('backtopage','alpha'); $mode = GETPOST('mode', 'alpha'); $mine = ($mode == 'mine' ? 1 : 0); @@ -111,9 +112,9 @@ if ($action == 'createtask' && $user->rights->projet->creer) if (! $error) { - if (GETPOST('backtopage')) + if (! empty($backtopage)) { - Header("Location: ".GETPOST('backtopage')); + Header("Location: ".$backtopage); exit; } else if (empty($projectid)) @@ -125,9 +126,9 @@ if ($action == 'createtask' && $user->rights->projet->creer) } else { - if (GETPOST('backtopage')) + if (! empty($backtopage)) { - Header("Location: ".GETPOST('backtopage')); + Header("Location: ".$backtopage); exit; } else if (empty($id)) @@ -219,7 +220,7 @@ if ($action == 'create' && $user->rights->projet->creer && (empty($object->socie print ''; print ''; print ''; - print ''; + print ''; if (! empty($object->id)) print ''; if (! empty($mode)) print ''; diff --git a/htdocs/public/members/new.php b/htdocs/public/members/new.php index fc7feedb0ae..d1d63d0310e 100644 --- a/htdocs/public/members/new.php +++ b/htdocs/public/members/new.php @@ -47,8 +47,8 @@ require_once(DOL_DOCUMENT_ROOT."/core/lib/company.lib.php"); $errmsg=''; $num=0; $error=0; -$backtopage=GETPOST('backtopage'); -$action=GETPOST('action'); +$backtopage=GETPOST('backtopage','alpha'); +$action=GETPOST('action','alpha'); // Load translation files $langs->load("main"); @@ -255,7 +255,7 @@ if ($action == 'add') $result=$adh->send_an_email($conf->global->ADHERENT_AUTOREGISTER_MAIL,$conf->global->ADHERENT_AUTOREGISTER_MAIL_SUBJECT,array(),array(),array(),"","",0,-1); } - if ($backtopage) $urlback=$backtopage; + if (! empty($backtopage)) $urlback=$backtopage; else if ($conf->global->MEMBER_URL_REDIRECT_SUBSCRIPTION) { $urlback=$conf->global->MEMBER_URL_REDIRECT_SUBSCRIPTION; @@ -545,7 +545,7 @@ print "
\n"; // Save print '
'; print ''; -if ($backtopage) +if (! empty($backtopage)) { print '     '; } From 0bae0148c1b0379ce3cddb7644ca33c75a832cce Mon Sep 17 00:00:00 2001 From: Regis Houssin Date: Mon, 27 Feb 2012 17:24:56 +0100 Subject: [PATCH 30/39] Fix: sql injection --- htdocs/adherents/fiche.php | 93 +++++++++++++++++++------------------- 1 file changed, 47 insertions(+), 46 deletions(-) diff --git a/htdocs/adherents/fiche.php b/htdocs/adherents/fiche.php index 7621df556b1..d567cb5bd23 100644 --- a/htdocs/adherents/fiche.php +++ b/htdocs/adherents/fiche.php @@ -2,7 +2,7 @@ /* Copyright (C) 2001-2004 Rodolphe Quiedeville * Copyright (C) 2002-2003 Jean-Louis Bergamo * Copyright (C) 2004-2011 Laurent Destailleur - * Copyright (C) 2005-2011 Regis Houssin + * Copyright (C) 2005-2012 Regis Houssin * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -49,9 +49,12 @@ $extrafields = new ExtraFields($db); $errmsg=''; $errmsgs=array(); -$action=GETPOST("action"); -$rowid=GETPOST("rowid"); -$typeid=GETPOST("typeid"); +$action=GETPOST('action','alpha'); +$confirm=GETPOST('confirm','alpha'); +$rowid=GETPOST('rowid','int'); +$typeid=GETPOST('typeid','int'); +$userid=GETPOST('userid','int'); +$socid=GETPOST('socid','int'); if ($rowid) { @@ -93,12 +96,12 @@ $parameters=array('socid'=>$socid); $reshook=$hookmanager->executeHooks('doActions',$parameters,$object,$action); // Note that $action and $object may have been modified by some hooks -if ($_POST['action'] == 'setuserid' && ($user->rights->user->self->creer || $user->rights->user->user->creer)) +if ($action == 'setuserid' && ($user->rights->user->self->creer || $user->rights->user->user->creer)) { $error=0; if (empty($user->rights->user->user->creer)) // If can edit only itself user, we can link to itself only { - if ($_POST["userid"] != $user->id && $_POST["userid"] != $object->user_id) + if ($userid != $user->id && $userid != $object->user_id) { $error++; $mesg='
'.$langs->trans("ErrorUserPermissionAllowsToLinksToItselfOnly").'
'; @@ -107,24 +110,23 @@ if ($_POST['action'] == 'setuserid' && ($user->rights->user->self->creer || $use if (! $error) { - if ($_POST["userid"] != $object->user_id) // If link differs from currently in database + if ($userid != $object->user_id) // If link differs from currently in database { - $result=$object->setUserId($_POST["userid"]); + $result=$object->setUserId($userid); if ($result < 0) dol_print_error($object->db,$object->error); - $_POST['action']=''; $action=''; } } } -if ($_POST['action'] == 'setsocid') +if ($action == 'setsocid') { $error=0; if (! $error) { - if ($_POST["socid"] != $object->fk_soc) // If link differs from currently in database + if ($socid != $object->fk_soc) // If link differs from currently in database { $sql ="SELECT rowid FROM ".MAIN_DB_PREFIX."adherent"; - $sql.=" WHERE fk_soc = '".$_POST["socid"]."'"; + $sql.=" WHERE fk_soc = '".$socid."'"; $sql.=" AND entity = ".$conf->entity; $resql = $db->query($sql); if ($resql) @@ -135,7 +137,7 @@ if ($_POST['action'] == 'setsocid') $othermember=new Adherent($db); $othermember->fetch($obj->rowid); $thirdparty=new Societe($db); - $thirdparty->fetch($_POST["socid"]); + $thirdparty->fetch($socid); $error++; $errmsg='
'.$langs->trans("ErrorMemberIsAlreadyLinkedToThisThirdParty",$othermember->getFullName($langs),$othermember->login,$thirdparty->name).'
'; } @@ -143,9 +145,8 @@ if ($_POST['action'] == 'setsocid') if (! $error) { - $result=$object->setThirdPartyId($_POST["socid"]); + $result=$object->setThirdPartyId($socid); if ($result < 0) dol_print_error($object->db,$object->error); - $_POST['action']=''; $action=''; } } @@ -153,13 +154,13 @@ if ($_POST['action'] == 'setsocid') } // Create user from a member -if ($_POST["action"] == 'confirm_create_user' && $_POST["confirm"] == 'yes' && $user->rights->user->user->creer) +if ($action == 'confirm_create_user' && $confirm == 'yes' && $user->rights->user->user->creer) { if ($result > 0) { // Creation user $nuser = new User($db); - $result=$nuser->create_from_member($object,$_POST["login"]); + $result=$nuser->create_from_member($object,GETPOST('login','alpha')); if ($result < 0) { @@ -174,13 +175,13 @@ if ($_POST["action"] == 'confirm_create_user' && $_POST["confirm"] == 'yes' && $ } // Create third party from a member -if ($_POST["action"] == 'confirm_create_thirdparty' && $_POST["confirm"] == 'yes' && $user->rights->societe->creer) +if ($action == 'confirm_create_thirdparty' && $confirm == 'yes' && $user->rights->societe->creer) { if ($result > 0) { // Creation user $company = new Societe($db); - $result=$company->create_from_member($object,$_POST["companyname"]); + $result=$company->create_from_member($object,GETPOST('companyname','alpha')); if ($result < 0) { @@ -195,7 +196,7 @@ if ($_POST["action"] == 'confirm_create_thirdparty' && $_POST["confirm"] == 'yes } } -if ($_REQUEST["action"] == 'confirm_sendinfo' && $_REQUEST["confirm"] == 'yes') +if ($action == 'confirm_sendinfo' && $confirm == 'yes') { if ($object->email) { @@ -204,7 +205,7 @@ if ($_REQUEST["action"] == 'confirm_sendinfo' && $_REQUEST["confirm"] == 'yes') } } -if ($_REQUEST["action"] == 'update' && ! $_POST["cancel"] && $user->rights->adherent->creer) +if ($action == 'update' && ! $_POST["cancel"] && $user->rights->adherent->creer) { require_once(DOL_DOCUMENT_ROOT."/core/lib/files.lib.php"); @@ -328,8 +329,8 @@ if ($_REQUEST["action"] == 'update' && ! $_POST["cancel"] && $user->rights->adhe } } - $_GET["rowid"]=$object->id; - $_REQUEST["action"]=''; + $rowid=$object->id; + $action=''; } else { @@ -340,7 +341,7 @@ if ($_REQUEST["action"] == 'update' && ! $_POST["cancel"] && $user->rights->adhe } } -if ($_POST["action"] == 'add' && $user->rights->adherent->creer) +if ($action == 'add' && $user->rights->adherent->creer) { $datenaiss=''; if (isset($_POST["naissday"]) && $_POST["naissday"] @@ -499,7 +500,7 @@ if ($_POST["action"] == 'add' && $user->rights->adherent->creer) } } -if ($user->rights->adherent->supprimer && $_REQUEST["action"] == 'confirm_delete' && $_REQUEST["confirm"] == 'yes') +if ($user->rights->adherent->supprimer && $action == 'confirm_delete' && $confirm == 'yes') { $result=$object->delete($rowid); if ($result > 0) @@ -513,7 +514,7 @@ if ($user->rights->adherent->supprimer && $_REQUEST["action"] == 'confirm_delete } } -if ($user->rights->adherent->creer && $_POST["action"] == 'confirm_valid' && $_POST["confirm"] == 'yes') +if ($user->rights->adherent->creer && $action == 'confirm_valid' && $confirm == 'yes') { $result=$object->validate($user); @@ -547,7 +548,7 @@ if ($user->rights->adherent->creer && $_POST["action"] == 'confirm_valid' && $_P } } -if ($user->rights->adherent->supprimer && $_POST["action"] == 'confirm_resign' && $_POST["confirm"] == 'yes') +if ($user->rights->adherent->supprimer && $action == 'confirm_resign' && $confirm == 'yes') { $adht = new AdherentType($db); $adht->fetch($object->typeid); @@ -580,7 +581,7 @@ if ($user->rights->adherent->supprimer && $_POST["action"] == 'confirm_resign' & } } -if ($user->rights->adherent->supprimer && $_POST["action"] == 'confirm_del_spip' && $_POST["confirm"] == 'yes') +if ($user->rights->adherent->supprimer && $action == 'confirm_del_spip' && $confirm == 'yes') { if (! count($object->errors)) { @@ -591,7 +592,7 @@ if ($user->rights->adherent->supprimer && $_POST["action"] == 'confirm_del_spip' } } -if ($user->rights->adherent->creer && $_POST["action"] == 'confirm_add_spip' && $_POST["confirm"] == 'yes') +if ($user->rights->adherent->creer && $action == 'confirm_add_spip' && $confirm == 'yes') { if (! count($object->errors)) { @@ -629,7 +630,7 @@ if ($action == 'create') $object->fk_departement = $_POST["departement_id"]; // We set country_id, country_code and country for the selected country - $object->country_id=$_POST["country_id"]?$_POST["country_id"]:$mysoc->country_id; + $object->country_id=GETPOST('country_id','int')?GETPOST('country_id','int'):$mysoc->country_id; if ($object->country_id) { $tmparray=getCountry($object->country_id,'all'); @@ -674,7 +675,7 @@ if ($action == 'create') $morphys["phy"] = $langs->trans("Physical"); $morphys["mor"] = $langs->trans("Moral"); print ''.$langs->trans("Nature")."\n"; - print $form->selectarray("morphy", $morphys, isset($_POST["morphy"])?$_POST["morphy"]:$object->morphy, 1); + print $form->selectarray("morphy", $morphys, GETPOST('morphy','alpha')?GETPOST('morphy','alpha'):$object->morphy, 1); print "\n"; // Type @@ -682,26 +683,26 @@ if ($action == 'create') $listetype=$adht->liste_array(); if (count($listetype)) { - print $form->selectarray("typeid", $listetype, isset($_POST["typeid"])?$_POST["typeid"]:$typeid, 1); + print $form->selectarray("typeid", $listetype, GETPOST('typeid','int')?GETPOST('typeid','int'):$typeid, 1); } else { print ''.$langs->trans("NoTypeDefinedGoToSetup").''; } print "\n"; // Company - print ''.$langs->trans("Company").'societe).'">'; + print ''.$langs->trans("Company").''; // Civility print ''.$langs->trans("UserTitle").''; - print $formcompany->select_civility(isset($_POST["civilite_id"])?$_POST["civilite_id"]:$object->civilite_id,'civilite_id').''; + print $formcompany->select_civility(GETPOST('civilite_id','int')?GETPOST('civilite_id','int'):$object->civilite_id,'civilite_id').''; print ''; // Lastname - print ''.$langs->trans("Lastname").'lastname).'" size="40">'; + print ''.$langs->trans("Lastname").''; print ''; // Firstname - print ''.$langs->trans("Firstname").'firstname).'">'; + print ''.$langs->trans("Firstname").''; print ''; // Password @@ -716,20 +717,20 @@ if ($action == 'create') // Address print ''.$langs->trans("Address").''; - print ''; + print ''; print ''; // Zip / Town print ''.$langs->trans("Zip").' / '.$langs->trans("Town").''; - print $formcompany->select_ziptown((isset($_POST["zipcode"])?$_POST["zipcode"]:$object->zip),'zipcode',array('town','selectcountry_id','departement_id'),6); + print $formcompany->select_ziptown((GETPOST('zipcode','alpha')?GETPOST('zipcode','alpha'):$object->zip),'zipcode',array('town','selectcountry_id','departement_id'),6); print ' '; - print $formcompany->select_ziptown((isset($_POST["town"])?$_POST["town"]:$object->town),'town',array('zipcode','selectcountry_id','departement_id')); + print $formcompany->select_ziptown((GETPOST('town','alpha')?GETPOST('town','alpha'):$object->town),'town',array('zipcode','selectcountry_id','departement_id')); print ''; // Country $object->country_id=$object->country_id?$object->country_id:$mysoc->country_id; print ''.$langs->trans('Country').''; - print $form->select_country(isset($_POST["country_id"])?$_POST["country_id"]:$object->country_id,'country_id'); + print $form->select_country(GETPOST('country_id','alpha')?GETPOST('country_id','alpha'):$object->country_id,'country_id'); if ($user->admin) print info_admin($langs->trans("YouCanChangeValuesForThisListFromDictionnarySetup"),1); print ''; @@ -739,7 +740,7 @@ if ($action == 'create') print ''.$langs->trans('State').''; if ($object->country_id) { - print $formcompany->select_state(isset($_POST["departement_id"])?$_POST["departement_id"]:$object->fk_departement,$object->country_code); + print $formcompany->select_state(GETPOST('departement_id','int')?GETPOST('departement_id','int'):$object->fk_departement,$object->country_code); } else { @@ -749,16 +750,16 @@ if ($action == 'create') } // Tel pro - print ''.$langs->trans("PhonePro").'phone).'">'; + print ''.$langs->trans("PhonePro").''; // Tel perso - print ''.$langs->trans("PhonePerso").'phone_perso).'">'; + print ''.$langs->trans("PhonePerso").''; // Tel mobile - print ''.$langs->trans("PhoneMobile").'phone_mobile).'">'; + print ''.$langs->trans("PhoneMobile").''; // EMail - print ''.($conf->global->ADHERENT_MAIL_REQUIRED?'':'').$langs->trans("EMail").($conf->global->ADHERENT_MAIL_REQUIRED?'':'').'email).'">'; + print ''.($conf->global->ADHERENT_MAIL_REQUIRED?'':'').$langs->trans("EMail").($conf->global->ADHERENT_MAIL_REQUIRED?'':'').''; // Birthday print "".$langs->trans("Birthday")."\n"; @@ -777,7 +778,7 @@ if ($action == 'create') { foreach($extrafields->attribute_label as $key=>$label) { - $value=(isset($_POST["options_".$key])?$_POST["options_".$key]:$object->array_options["options_".$key]); + $value=(GETPOST('options_'.$key,'alpha')?GETPOST('options_'.$key,'alpha'):$object->array_options["options_".$key]); print ''.$label.''; print $extrafields->showInputField($key,$value); print ''."\n"; From 4bec281dd84cbdd0e2ed8d9f88fb78790c76fcb9 Mon Sep 17 00:00:00 2001 From: Regis Houssin Date: Mon, 27 Feb 2012 17:36:27 +0100 Subject: [PATCH 31/39] Fix: access forbidden if rowid is empty --- htdocs/adherents/fiche.php | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/htdocs/adherents/fiche.php b/htdocs/adherents/fiche.php index d567cb5bd23..3278d89ae44 100644 --- a/htdocs/adherents/fiche.php +++ b/htdocs/adherents/fiche.php @@ -56,7 +56,7 @@ $typeid=GETPOST('typeid','int'); $userid=GETPOST('userid','int'); $socid=GETPOST('socid','int'); -if ($rowid) +if ($rowid > 0) { // Load member $result = $object->fetch($rowid); @@ -73,6 +73,10 @@ if ($rowid) || (($user->id != $adh->user_id) && $user->rights->user->user->password) ); } } +else +{ + accessforbidden(); +} // Define variables to know what current user can do on members $canaddmember=$user->rights->adherent->creer; From 9f40d520ceb819098002c749a78bf488690c04a8 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 27 Feb 2012 22:03:11 +0100 Subject: [PATCH 32/39] If a post was done, we must keep value of post, even if value is '' --- htdocs/adherents/fiche.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/adherents/fiche.php b/htdocs/adherents/fiche.php index 3278d89ae44..27acbae6c54 100644 --- a/htdocs/adherents/fiche.php +++ b/htdocs/adherents/fiche.php @@ -782,7 +782,7 @@ if ($action == 'create') { foreach($extrafields->attribute_label as $key=>$label) { - $value=(GETPOST('options_'.$key,'alpha')?GETPOST('options_'.$key,'alpha'):$object->array_options["options_".$key]); + $value=(isset($_POST["options_".$key])?GETPOST('options_'.$key,'alpha'):$object->array_options["options_".$key]); print ''.$label.''; print $extrafields->showInputField($key,$value); print ''."\n"; From 1645ddbe4750718ebc40a8eeae05d30224713c40 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 27 Feb 2012 22:26:22 +0100 Subject: [PATCH 33/39] Sec: Sanitize all input for ids. --- htdocs/adherents/agenda.php | 2 +- htdocs/adherents/card_subscriptions.php | 8 ++++---- htdocs/adherents/document.php | 2 +- htdocs/adherents/ldap.php | 2 +- htdocs/adherents/note.php | 2 +- htdocs/adherents/stats/index.php | 4 ++-- htdocs/admin/dict.php | 10 +++++----- htdocs/cashdesk/admin/cashdesk.php | 4 ++-- htdocs/cashdesk/index.php | 2 +- htdocs/cashdesk/index_verif.php | 2 +- htdocs/cashdesk/tpl/ticket.tpl.php | 2 +- htdocs/categories/categorie.php | 4 ++-- htdocs/categories/edit.php | 2 +- htdocs/categories/fiche.php | 2 +- htdocs/categories/photos.php | 2 +- htdocs/categories/viewcat.php | 2 +- htdocs/comm/action/document.php | 2 +- htdocs/comm/action/fiche.php | 14 +++++++------- htdocs/comm/action/rapport/index.php | 4 ++-- htdocs/comm/contact.php | 2 +- htdocs/comm/fiche.php | 2 +- htdocs/comm/list.php | 2 +- htdocs/comm/mailing/cibles.php | 2 +- htdocs/comm/propal.php | 6 +++--- htdocs/comm/propal/apercu.php | 2 +- htdocs/comm/propal/document.php | 2 +- htdocs/comm/propal/stats/index.php | 4 ++-- htdocs/comm/prospect/fiche.php | 2 +- htdocs/comm/remx.php | 4 ++-- htdocs/commande/apercu.php | 2 +- htdocs/commande/contact.php | 2 +- htdocs/commande/document.php | 2 +- htdocs/commande/fiche.php | 8 ++++---- htdocs/commande/index.php | 2 +- htdocs/commande/liste.php | 2 +- htdocs/commande/stats/index.php | 4 ++-- htdocs/compta/bank/fiche.php | 4 ++-- htdocs/compta/deplacement/fiche.php | 4 ++-- htdocs/compta/deplacement/index.php | 2 +- htdocs/compta/deplacement/info.php | 2 +- htdocs/compta/deplacement/list.php | 2 +- htdocs/compta/deplacement/stats/index.php | 4 ++-- htdocs/compta/dons/fiche.php | 2 +- htdocs/compta/facture.php | 4 ++-- htdocs/compta/facture/apercu.php | 2 +- htdocs/compta/facture/contact.php | 15 +++++++-------- htdocs/compta/facture/document.php | 2 +- htdocs/compta/facture/fiche-rec.php | 4 ++-- htdocs/compta/facture/stats/index.php | 4 ++-- htdocs/compta/localtax/clients.php | 2 +- htdocs/compta/paiement.php | 2 +- htdocs/compta/paiement/cheque/fiche.php | 4 ++-- htdocs/compta/paiement/liste.php | 6 +++--- htdocs/compta/prelevement/bon.php | 2 +- htdocs/compta/prelevement/bons.php | 2 +- htdocs/compta/prelevement/demandes.php | 2 +- htdocs/compta/prelevement/factures.php | 4 ++-- htdocs/compta/prelevement/fiche-rejet.php | 2 +- htdocs/compta/prelevement/fiche-stat.php | 2 +- htdocs/compta/prelevement/fiche.php | 2 +- htdocs/compta/prelevement/index.php | 2 +- htdocs/compta/prelevement/ligne.php | 4 ++-- htdocs/compta/prelevement/lignes.php | 4 ++-- htdocs/compta/prelevement/liste.php | 2 +- htdocs/compta/prelevement/rejets.php | 2 +- htdocs/compta/prelevement/stats.php | 2 +- htdocs/compta/resultat/clientfourn.php | 2 +- htdocs/compta/resultat/index.php | 2 +- htdocs/compta/sociales/charges.php | 4 ++-- htdocs/compta/sociales/document.php | 2 +- htdocs/compta/sociales/info.php | 4 ++-- htdocs/compta/stats/index.php | 4 ++-- htdocs/compta/tva/clients.php | 2 +- htdocs/compta/tva/quadri_detail.php | 2 +- .../canvas/default/tpl/contactcard_edit.tpl.php | 4 ++-- htdocs/contact/fiche.php | 4 ++-- htdocs/contrat/contact.php | 2 +- htdocs/contrat/fiche.php | 4 ++-- htdocs/contrat/services.php | 4 ++-- htdocs/ecm/index.php | 2 +- htdocs/expedition/fiche.php | 2 +- htdocs/fichinter/apercu.php | 2 +- htdocs/fichinter/contact.php | 2 +- htdocs/fichinter/document.php | 2 +- htdocs/fichinter/fiche.php | 4 ++-- htdocs/fichinter/info.php | 2 +- htdocs/fichinter/list.php | 4 ++-- htdocs/fichinter/note.php | 2 +- htdocs/fourn/commande/fiche.php | 4 ++-- htdocs/fourn/facture/contact.php | 2 +- htdocs/fourn/facture/document.php | 2 +- htdocs/fourn/facture/fiche.php | 2 +- htdocs/fourn/facture/index.php | 2 +- htdocs/fourn/facture/note.php | 2 +- htdocs/fourn/facture/paiement.php | 2 +- htdocs/fourn/fiche.php | 2 +- htdocs/fourn/liste.php | 2 +- htdocs/product/fiche.php | 2 +- htdocs/product/stats/fiche.php | 2 +- htdocs/projet/activity/list.php | 2 +- htdocs/projet/contact.php | 2 +- htdocs/projet/document.php | 2 +- htdocs/projet/fiche.php | 2 +- htdocs/projet/ganttview.php | 2 +- htdocs/projet/note.php | 2 +- htdocs/projet/tasks/contact.php | 2 +- htdocs/projet/tasks/document.php | 2 +- htdocs/projet/tasks/index.php | 2 +- htdocs/projet/tasks/note.php | 2 +- htdocs/projet/tasks/task.php | 4 ++-- htdocs/projet/tasks/time.php | 2 +- htdocs/societe/agenda.php | 2 +- htdocs/societe/ajaxcompanies.php | 2 +- htdocs/societe/document.php | 2 +- htdocs/societe/lien.php | 2 +- htdocs/societe/soc.php | 2 +- htdocs/societe/societe.php | 2 +- htdocs/user/group/perms.php | 2 +- test/phpunit/SecurityTest.php | 2 +- 119 files changed, 173 insertions(+), 174 deletions(-) diff --git a/htdocs/adherents/agenda.php b/htdocs/adherents/agenda.php index 973762b780c..bd5f0f66894 100644 --- a/htdocs/adherents/agenda.php +++ b/htdocs/adherents/agenda.php @@ -37,7 +37,7 @@ $langs->load("members"); $mesg=isset($_GET["mesg"])?'
'.$_GET["mesg"].'
':''; -$id = GETPOST("id"); +$id = GETPOST('id','int'); // Security check if (! $user->rights->adherent->lire) accessforbidden(); diff --git a/htdocs/adherents/card_subscriptions.php b/htdocs/adherents/card_subscriptions.php index 4291d998559..a831ec46a2e 100644 --- a/htdocs/adherents/card_subscriptions.php +++ b/htdocs/adherents/card_subscriptions.php @@ -141,10 +141,10 @@ if ($action == 'setsocid') $error=0; if (! $error) { - if (GETPOST("socid") != $adh->fk_soc) // If link differs from currently in database + if (GETPOST('socid','int') != $adh->fk_soc) // If link differs from currently in database { $sql ="SELECT rowid FROM ".MAIN_DB_PREFIX."adherent"; - $sql.=" WHERE fk_soc = '".GETPOST("socid")."'"; + $sql.=" WHERE fk_soc = '".GETPOST('socid','int')."'"; $resql = $db->query($sql); if ($resql) { @@ -154,7 +154,7 @@ if ($action == 'setsocid') $othermember=new Adherent($db); $othermember->fetch($obj->rowid); $thirdparty=new Societe($db); - $thirdparty->fetch(GETPOST("socid")); + $thirdparty->fetch(GETPOST('socid','int')); $error++; $mesg='
'.$langs->trans("ErrorMemberIsAlreadyLinkedToThisThirdParty",$othermember->getFullName($langs),$othermember->login,$thirdparty->name).'
'; } @@ -162,7 +162,7 @@ if ($action == 'setsocid') if (! $error) { - $result=$adh->setThirdPartyId(GETPOST("socid")); + $result=$adh->setThirdPartyId(GETPOST('socid','int')); if ($result < 0) dol_print_error($adh->db,$adh->error); $_POST['action']=''; $action=''; diff --git a/htdocs/adherents/document.php b/htdocs/adherents/document.php index c7e596fe1a1..f62b7781be8 100644 --- a/htdocs/adherents/document.php +++ b/htdocs/adherents/document.php @@ -37,7 +37,7 @@ $langs->load('other'); $mesg = ""; // Security check -$id = GETPOST('id'); +$id = GETPOST('id','int'); if ($user->societe_id > 0) { $id = $user->societe_id; diff --git a/htdocs/adherents/ldap.php b/htdocs/adherents/ldap.php index 5e3456c2cfd..304e0664225 100644 --- a/htdocs/adherents/ldap.php +++ b/htdocs/adherents/ldap.php @@ -34,7 +34,7 @@ $langs->load("members"); $langs->load("ldap"); $langs->load("admin"); -$rowid = GETPOST("id"); +$rowid = GETPOST('id','int'); $action = GETPOST('action'); // Protection diff --git a/htdocs/adherents/note.php b/htdocs/adherents/note.php index 7a2b9c3aca3..0cae0490222 100644 --- a/htdocs/adherents/note.php +++ b/htdocs/adherents/note.php @@ -28,7 +28,7 @@ require_once(DOL_DOCUMENT_ROOT.'/adherents/class/adherent.class.php'); require_once(DOL_DOCUMENT_ROOT."/adherents/class/adherent_type.class.php"); $action=GETPOST('action'); -$id=GETPOST("id"); +$id=GETPOST('id','int'); $langs->load("companies"); $langs->load("members"); diff --git a/htdocs/adherents/stats/index.php b/htdocs/adherents/stats/index.php index c3486f5aeb1..8c5484d3e92 100644 --- a/htdocs/adherents/stats/index.php +++ b/htdocs/adherents/stats/index.php @@ -31,8 +31,8 @@ require_once(DOL_DOCUMENT_ROOT."/core/lib/member.lib.php"); $WIDTH=500; $HEIGHT=200; -$userid=GETPOST('userid'); if ($userid < 0) $userid=0; -$socid=GETPOST('socid'); if ($socid < 0) $socid=0; +$userid=GETPOST('userid','int'); if ($userid < 0) $userid=0; +$socid=GETPOST('socid','int'); if ($socid < 0) $socid=0; // Security check if ($user->societe_id > 0) { diff --git a/htdocs/admin/dict.php b/htdocs/admin/dict.php index 65f1fc4f64a..3b5baa48d1e 100644 --- a/htdocs/admin/dict.php +++ b/htdocs/admin/dict.php @@ -296,7 +296,7 @@ complete_dictionnary_with_modules($taborder,$tabname,$tablib,$tabsql,$tabsqlsort // Define elementList and sourceList (used for dictionnary "type of contacts") $elementList = array(); $sourceList=array(); -if (GETPOST("id") == 11) +if (GETPOST('id','int') == 11) { $langs->load("orders"); $langs->load("contracts"); @@ -702,7 +702,7 @@ if ($_GET["id"]) if ($num > $listlimit) { print ''; - print_fleche_navigation($page,$_SERVER["PHP_SELF"],'&id='.GETPOST('id'),($num > $listlimit),$langs->trans("Page").' '.($page+1)); + print_fleche_navigation($page,$_SERVER["PHP_SELF"],'&id='.GETPOST('id','int'),($num > $listlimit),$langs->trans("Page").' '.($page+1)); print ''; } @@ -737,10 +737,10 @@ if ($_GET["id"]) // Affiche nom du champ if ($showfield) { - print_liste_field_titre($valuetoshow,"dict.php",$fieldlist[$field],($page?'page='.$page.'&':'').'&id='.GETPOST("id"),"","",$sortfield,$sortorder); + print_liste_field_titre($valuetoshow,"dict.php",$fieldlist[$field],($page?'page='.$page.'&':'').'&id='.GETPOST('id','int'),"","",$sortfield,$sortorder); } } - print_liste_field_titre($langs->trans("Status"),"dict.php","active",($page?'page='.$page.'&':'').'&id='.GETPOST("id"),"",'align="center"',$sortfield,$sortorder); + print_liste_field_titre($langs->trans("Status"),"dict.php","active",($page?'page='.$page.'&':'').'&id='.GETPOST('id','int'),"",'align="center"',$sortfield,$sortorder); print ' '; print ''; @@ -756,7 +756,7 @@ if ($_GET["id"]) { print ''; print ''; - print ''; + print ''; print ''; print ''; diff --git a/htdocs/cashdesk/admin/cashdesk.php b/htdocs/cashdesk/admin/cashdesk.php index 254ea1c6263..8b3bb8a9fcf 100644 --- a/htdocs/cashdesk/admin/cashdesk.php +++ b/htdocs/cashdesk/admin/cashdesk.php @@ -49,11 +49,11 @@ if (GETPOST("action") == 'set') { $db->begin(); - if (GETPOST("socid") < 0) $_POST["socid"]=''; + if (GETPOST('socid','int') < 0) $_POST["socid"]=''; /*if (GETPOST("CASHDESK_ID_BANKACCOUNT") < 0) $_POST["CASHDESK_ID_BANKACCOUNT"]=''; if (GETPOST("CASHDESK_ID_WAREHOUSE") < 0) $_POST["CASHDESK_ID_WAREHOUSE"]='';*/ - $res = dolibarr_set_const($db,"CASHDESK_ID_THIRDPARTY",GETPOST("socid"),'chaine',0,'',$conf->entity); + $res = dolibarr_set_const($db,"CASHDESK_ID_THIRDPARTY",GETPOST('socid','int'),'chaine',0,'',$conf->entity); $res = dolibarr_set_const($db,"CASHDESK_ID_BANKACCOUNT_CASH",GETPOST("CASHDESK_ID_BANKACCOUNT_CASH"),'chaine',0,'',$conf->entity); $res = dolibarr_set_const($db,"CASHDESK_ID_BANKACCOUNT_CHEQUE",GETPOST("CASHDESK_ID_BANKACCOUNT_CHEQUE"),'chaine',0,'',$conf->entity); $res = dolibarr_set_const($db,"CASHDESK_ID_BANKACCOUNT_CB",GETPOST("CASHDESK_ID_BANKACCOUNT_CB"),'chaine',0,'',$conf->entity); diff --git a/htdocs/cashdesk/index.php b/htdocs/cashdesk/index.php index 104532b469d..3f5edb9e290 100644 --- a/htdocs/cashdesk/index.php +++ b/htdocs/cashdesk/index.php @@ -93,7 +93,7 @@ print ''; $disabled=0; $langs->load("companies"); if (! empty($conf->global->CASHDESK_ID_THIRDPARTY)) $disabled=1; // If a particular third party is defined, we disable choice -print $form->select_company(GETPOST('socid')?GETPOST('socid'):$conf->global->CASHDESK_ID_THIRDPARTY,'socid','s.client in (1,3)',!$disabled,$disabled,1); +print $form->select_company(GETPOST('socid','int')?GETPOST('socid','int'):$conf->global->CASHDESK_ID_THIRDPARTY,'socid','s.client in (1,3)',!$disabled,$disabled,1); //print ''; print ''; print "\n"; diff --git a/htdocs/cashdesk/index_verif.php b/htdocs/cashdesk/index_verif.php index 104035ce6e3..50b18218902 100644 --- a/htdocs/cashdesk/index_verif.php +++ b/htdocs/cashdesk/index_verif.php @@ -30,7 +30,7 @@ $langs->load("cashdesk"); $username = GETPOST("txtUsername"); $password = GETPOST("pwdPassword"); -$thirdpartyid = (GETPOST("socid")!='')?GETPOST("socid"):$conf->global->CASHDESK_ID_THIRDPARTY; +$thirdpartyid = (GETPOST('socid','int')!='')?GETPOST('socid','int'):$conf->global->CASHDESK_ID_THIRDPARTY; $warehouseid = (GETPOST("warehouseid")!='')?GETPOST("warehouseid"):$conf->global->CASHDESK_ID_WAREHOUSE; // Check username diff --git a/htdocs/cashdesk/tpl/ticket.tpl.php b/htdocs/cashdesk/tpl/ticket.tpl.php index af52f517f8d..a3a055ac082 100644 --- a/htdocs/cashdesk/tpl/ticket.tpl.php +++ b/htdocs/cashdesk/tpl/ticket.tpl.php @@ -20,7 +20,7 @@ include_once(DOL_DOCUMENT_ROOT.'/compta/facture/class/facture.class.php'); $langs->load("main"); header("Content-type: text/html; charset=".$conf->file->character_set_client); -$facid=GETPOST('facid'); +$facid=GETPOST('facid','int'); $object=new Facture($db); $object->fetch($facid); diff --git a/htdocs/categories/categorie.php b/htdocs/categories/categorie.php index 5ca949410b6..1a159d03257 100644 --- a/htdocs/categories/categorie.php +++ b/htdocs/categories/categorie.php @@ -32,8 +32,8 @@ require_once(DOL_DOCUMENT_ROOT."/categories/class/categorie.class.php"); $langs->load("categories"); $langs->load("products"); -$socid = GETPOST('socid'); -$id = GETPOST('id'); +$socid = GETPOST('socid','int'); +$id = GETPOST('id','int'); $ref = GETPOST('ref'); $type = GETPOST('type'); $mesg = GETPOST('mesg'); diff --git a/htdocs/categories/edit.php b/htdocs/categories/edit.php index efc432e7f94..ca82944a32a 100644 --- a/htdocs/categories/edit.php +++ b/htdocs/categories/edit.php @@ -28,7 +28,7 @@ require("../main.inc.php"); require_once(DOL_DOCUMENT_ROOT."/categories/class/categorie.class.php"); -$id=GETPOST('id'); +$id=GETPOST('id','int'); $ref=GETPOST('ref'); $type=GETPOST('type'); $action=GETPOST('action'); diff --git a/htdocs/categories/fiche.php b/htdocs/categories/fiche.php index 893afea90e3..727524f7521 100644 --- a/htdocs/categories/fiche.php +++ b/htdocs/categories/fiche.php @@ -31,7 +31,7 @@ $langs->load("categories"); // Security check -$socid=GETPOST('socid'); +$socid=GETPOST('socid','int'); if (!$user->rights->categorie->lire) accessforbidden(); $action = GETPOST('action'); diff --git a/htdocs/categories/photos.php b/htdocs/categories/photos.php index 76f65ac07a0..747d2c92a5b 100644 --- a/htdocs/categories/photos.php +++ b/htdocs/categories/photos.php @@ -35,7 +35,7 @@ $langs->load("bills"); $mesg = ''; -$id=GETPOST('id'); +$id=GETPOST('id','int'); $ref=GETPOST('ref'); $type=GETPOST('type'); $action=GETPOST('action'); diff --git a/htdocs/categories/viewcat.php b/htdocs/categories/viewcat.php index 88f5dcec269..5efa8c9ecec 100644 --- a/htdocs/categories/viewcat.php +++ b/htdocs/categories/viewcat.php @@ -31,7 +31,7 @@ require_once(DOL_DOCUMENT_ROOT."/core/lib/categories.lib.php"); $langs->load("categories"); $mesg = ''; -$id=GETPOST('id'); +$id=GETPOST('id','int'); $ref=GETPOST('ref'); $type=GETPOST('type'); $action=GETPOST('action'); diff --git a/htdocs/comm/action/document.php b/htdocs/comm/action/document.php index 88fa0f440ea..9993faac02b 100755 --- a/htdocs/comm/action/document.php +++ b/htdocs/comm/action/document.php @@ -40,7 +40,7 @@ $langs->load("other"); $langs->load("bills"); if (isset($_GET["error"])) $error=$_GET["error"]; -$objectid = GETPOST("id"); +$objectid = GETPOST('id','int'); // Security check if ($user->societe_id > 0) diff --git a/htdocs/comm/action/fiche.php b/htdocs/comm/action/fiche.php index 2951f701c77..023a12b1fee 100644 --- a/htdocs/comm/action/fiche.php +++ b/htdocs/comm/action/fiche.php @@ -153,10 +153,10 @@ if ($action == 'add_action') $actioncomm->note = trim($_POST["note"]); if (isset($_POST["contactid"])) $actioncomm->contact = $contact; - if (GETPOST("socid") > 0) + if (GETPOST('socid','int') > 0) { $societe = new Societe($db); - $societe->fetch(GETPOST("socid")); + $societe->fetch(GETPOST('socid','int')); $actioncomm->societe = $societe; } @@ -508,12 +508,12 @@ if ($action == 'create') // Societe, contact print ''.$langs->trans("ActionOnCompany").''; - if (GETPOST("socid") > 0) + if (GETPOST('socid','int') > 0) { $societe = new Societe($db); - $societe->fetch(GETPOST("socid")); + $societe->fetch(GETPOST('socid','int')); print $societe->getNomUrl(1); - print ''; + print ''; } else { @@ -522,10 +522,10 @@ if ($action == 'create') print ''; // If company is forced, we propose contacts (may be contact is also forced) - if (GETPOST("contactid") > 0 || GETPOST("socid") > 0) + if (GETPOST("contactid") > 0 || GETPOST('socid','int') > 0) { print ''.$langs->trans("ActionOnContact").''; - $form->select_contacts(GETPOST("socid"),GETPOST('contactid'),'contactid',1); + $form->select_contacts(GETPOST('socid','int'),GETPOST('contactid'),'contactid',1); print ''; } diff --git a/htdocs/comm/action/rapport/index.php b/htdocs/comm/action/rapport/index.php index 25d0403f3c4..57c23879b45 100644 --- a/htdocs/comm/action/rapport/index.php +++ b/htdocs/comm/action/rapport/index.php @@ -40,7 +40,7 @@ if (! $sortorder) $sortorder="DESC"; if (! $sortfield) $sortfield="a.datep"; // Security check -$socid = GETPOST("socid"); +$socid = GETPOST('socid','int'); if ($user->societe_id) $socid=$user->societe_id; $result = restrictedArea($user, 'agenda', $socid, '', 'myactions'); @@ -53,7 +53,7 @@ $langs->load("commercial"); if ($_GET["action"] == 'builddoc') { $cat = new CommActionRapport($db, $_GET["month"], $_GET["year"]); - $result=$cat->write_file(GETPOST("id")); + $result=$cat->write_file(GETPOST('id','int')); if ($result < 0) { $mesg=$cat->error; diff --git a/htdocs/comm/contact.php b/htdocs/comm/contact.php index 38c9c4bed4c..38c20e438a6 100644 --- a/htdocs/comm/contact.php +++ b/htdocs/comm/contact.php @@ -40,7 +40,7 @@ $offset = $limit * $page ; $type=$_GET["type"]; // Security check -$socid = GETPOST('socid'); +$socid = GETPOST('socid','int'); if ($user->societe_id) $socid=$user->societe_id; $result = restrictedArea($user, 'societe',$socid,''); diff --git a/htdocs/comm/fiche.php b/htdocs/comm/fiche.php index 56e78a0f523..cc83e426ca0 100644 --- a/htdocs/comm/fiche.php +++ b/htdocs/comm/fiche.php @@ -49,7 +49,7 @@ if ($conf->notification->enabled) $langs->load("mails"); if (!empty($conf->global->MAIN_MODULE_CHRONODOCS)) $langs->load("chronodocs"); // Security check -$id = (GETPOST('socid','int') ? GETPOST('socid','int') : GETPOST('id')); +$id = (GETPOST('socid','int') ? GETPOST('socid','int') : GETPOST('id','int')); if ($user->societe_id > 0) $id=$user->societe_id; $result = restrictedArea($user,'societe',$id,'&societe'); diff --git a/htdocs/comm/list.php b/htdocs/comm/list.php index 0c47814e6f1..b636c8bd3b7 100755 --- a/htdocs/comm/list.php +++ b/htdocs/comm/list.php @@ -32,7 +32,7 @@ $langs->load("suppliers"); $langs->load("commercial"); // Security check -$socid = GETPOST("socid"); +$socid = GETPOST('socid','int'); if ($user->societe_id) $socid=$user->societe_id; $result = restrictedArea($user,'societe',$socid,''); diff --git a/htdocs/comm/mailing/cibles.php b/htdocs/comm/mailing/cibles.php index 45092f15267..01cd0bd4347 100644 --- a/htdocs/comm/mailing/cibles.php +++ b/htdocs/comm/mailing/cibles.php @@ -47,7 +47,7 @@ $pagenext = $page + 1; if (! $sortorder) $sortorder="ASC"; if (! $sortfield) $sortfield="email"; -$id=GETPOST('rowid')?GETPOST('rowid'):GETPOST('id'); +$id=GETPOST('rowid')?GETPOST('rowid'):GETPOST('id','int'); $action=GETPOST("action"); $search_nom=GETPOST("search_nom"); $search_prenom=GETPOST("search_prenom"); diff --git a/htdocs/comm/propal.php b/htdocs/comm/propal.php index cab31680ba3..4310a9de860 100644 --- a/htdocs/comm/propal.php +++ b/htdocs/comm/propal.php @@ -1080,7 +1080,7 @@ if ($id > 0 || ! empty($ref)) //'text' => $langs->trans("ConfirmClone"), //array('type' => 'checkbox', 'name' => 'clone_content', 'label' => $langs->trans("CloneMainAttributes"), 'value' => 1), //array('type' => 'checkbox', 'name' => 'update_prices', 'label' => $langs->trans("PuttingPricesUpToDate"), 'value' => 1), - array('type' => 'other', 'name' => 'socid', 'label' => $langs->trans("SelectThirdParty"), 'value' => $form->select_company(GETPOST('socid'),'socid','(s.client=1 OR s.client=3)')) + array('type' => 'other', 'name' => 'socid', 'label' => $langs->trans("SelectThirdParty"), 'value' => $form->select_company(GETPOST('socid','int'),'socid','(s.client=1 OR s.client=3)')) ); // Paiement incomplet. On demande si motif = escompte ou autre $formconfirm=$form->formconfirm($_SERVER["PHP_SELF"].'?id='.$object->id,$langs->trans('ClonePropal'),$langs->trans('ConfirmClonePropal',$object->ref),'confirm_clone',$formquestion,'yes',1); @@ -1352,11 +1352,11 @@ if ($id > 0 || ! empty($ref)) if ($action == 'editdelivery_address') { - $formother->form_address($_SERVER['PHP_SELF'].'?id='.$object->id,$object->fk_delivery_address,GETPOST('socid'),'fk_address','propal',$object->id); + $formother->form_address($_SERVER['PHP_SELF'].'?id='.$object->id,$object->fk_delivery_address,GETPOST('socid','int'),'fk_address','propal',$object->id); } else { - $formother->form_address($_SERVER['PHP_SELF'].'?id='.$object->id,$object->fk_delivery_address,GETPOST('socid'),'none','propal',$object->id); + $formother->form_address($_SERVER['PHP_SELF'].'?id='.$object->id,$object->fk_delivery_address,GETPOST('socid','int'),'none','propal',$object->id); } print ''; } diff --git a/htdocs/comm/propal/apercu.php b/htdocs/comm/propal/apercu.php index 56a0c9c06de..ea03bf2875a 100644 --- a/htdocs/comm/propal/apercu.php +++ b/htdocs/comm/propal/apercu.php @@ -37,7 +37,7 @@ $langs->load('compta'); // Security check $socid=0; -$id = GETPOST("id"); +$id = GETPOST('id','int'); $ref = GETPOST("ref"); if ($user->societe_id) $socid=$user->societe_id; $result = restrictedArea($user, 'propale', $id, 'propal'); diff --git a/htdocs/comm/propal/document.php b/htdocs/comm/propal/document.php index 56f8fd581fa..30592f90426 100644 --- a/htdocs/comm/propal/document.php +++ b/htdocs/comm/propal/document.php @@ -35,7 +35,7 @@ $langs->load('other'); $action = GETPOST('action'); $confirm = GETPOST('confirm'); -$id = GETPOST('id'); +$id = GETPOST('id','int'); $ref = GETPOST('ref'); // Security check diff --git a/htdocs/comm/propal/stats/index.php b/htdocs/comm/propal/stats/index.php index 7dcff4a5b54..408abed65cf 100644 --- a/htdocs/comm/propal/stats/index.php +++ b/htdocs/comm/propal/stats/index.php @@ -30,8 +30,8 @@ require_once(DOL_DOCUMENT_ROOT."/core/class/dolgraph.class.php"); $WIDTH=500; $HEIGHT=200; -$userid=GETPOST('userid'); if ($userid < 0) $userid=0; -$socid=GETPOST('socid'); if ($socid < 0) $socid=0; +$userid=GETPOST('userid','int'); if ($userid < 0) $userid=0; +$socid=GETPOST('socid','int'); if ($socid < 0) $socid=0; // Security check if ($user->societe_id > 0) { diff --git a/htdocs/comm/prospect/fiche.php b/htdocs/comm/prospect/fiche.php index db6a493c54e..020cc203f10 100644 --- a/htdocs/comm/prospect/fiche.php +++ b/htdocs/comm/prospect/fiche.php @@ -37,7 +37,7 @@ $langs->load('projects'); $langs->load('propal'); // Security check -$socid = GETPOST("socid"); +$socid = GETPOST('socid','int'); if ($user->societe_id) $socid=$user->societe_id; $result = restrictedArea($user, 'societe', $socid, '&societe'); diff --git a/htdocs/comm/remx.php b/htdocs/comm/remx.php index 42bac50817f..828d231d3b8 100644 --- a/htdocs/comm/remx.php +++ b/htdocs/comm/remx.php @@ -36,7 +36,7 @@ $action=GETPOST('action','alpha'); $backtopage=GETPOST('backtopage','alpha'); // Security check -$socid = GETPOST("id"); +$socid = GETPOST('id','int'); if ($user->societe_id > 0) { $socid = $user->societe_id; @@ -189,7 +189,7 @@ if (GETPOST("action") == 'confirm_remove' && GETPOST("confirm")=='yes') if ($result > 0) { $db->commit(); - header("Location: ".$_SERVER["PHP_SELF"].'?id='.GETPOST('id')); // To avoid pb whith back + header("Location: ".$_SERVER["PHP_SELF"].'?id='.GETPOST('id','int')); // To avoid pb whith back exit; } else diff --git a/htdocs/commande/apercu.php b/htdocs/commande/apercu.php index 70561e6b8d4..0407eced627 100644 --- a/htdocs/commande/apercu.php +++ b/htdocs/commande/apercu.php @@ -40,7 +40,7 @@ $langs->load('sendings'); // Security check $socid=0; -$id = GETPOST("id"); +$id = GETPOST('id','int'); $ref = GETPOST("ref"); if ($user->societe_id) $socid=$user->societe_id; $result=restrictedArea($user,'commande',$id,''); diff --git a/htdocs/commande/contact.php b/htdocs/commande/contact.php index 966e2c660fc..828dc7c0a26 100644 --- a/htdocs/commande/contact.php +++ b/htdocs/commande/contact.php @@ -79,7 +79,7 @@ if ($_POST["action"] == 'addcontact' && $user->rights->commande->creer) if ($_GET["action"] == 'swapstatut' && $user->rights->commande->creer) { $commande = new Commande($db); - if ($commande->fetch(GETPOST("id"))) + if ($commande->fetch(GETPOST('id','int'))) { $result=$commande->swapContactStatus(GETPOST('ligne')); } diff --git a/htdocs/commande/document.php b/htdocs/commande/document.php index e2b9f431043..f4838e1663e 100644 --- a/htdocs/commande/document.php +++ b/htdocs/commande/document.php @@ -36,7 +36,7 @@ $langs->load('other'); $action = GETPOST('action'); $confirm = GETPOST('confirm'); -$id = GETPOST('id'); +$id = GETPOST('id','int'); $ref = GETPOST('ref'); // Security check diff --git a/htdocs/commande/fiche.php b/htdocs/commande/fiche.php index f8b2a4049cf..a8383c52d55 100644 --- a/htdocs/commande/fiche.php +++ b/htdocs/commande/fiche.php @@ -51,9 +51,9 @@ $langs->load('propal'); $langs->load('deliveries'); $langs->load('products'); -$id = (GETPOST("id")?GETPOST("id"):GETPOST("orderid")); +$id = (GETPOST('id','int')?GETPOST('id','int'):GETPOST("orderid")); $ref = GETPOST('ref'); -$socid = GETPOST('socid'); +$socid = GETPOST('socid','int'); $action = GETPOST('action'); $confirm = GETPOST('confirm'); $lineid = GETPOST('lineid'); @@ -191,7 +191,7 @@ if ($action == 'add' && $user->rights->commande->creer) $datecommande = dol_mktime(12, 0, 0, $_POST['remonth'], $_POST['reday'], $_POST['reyear']); $datelivraison = dol_mktime(12, 0, 0, $_POST['liv_month'],$_POST['liv_day'],$_POST['liv_year']); - $object->socid=GETPOST('socid'); + $object->socid=GETPOST('socid','int'); $object->fetch_thirdparty(); $db->begin(); @@ -1652,7 +1652,7 @@ else //'text' => $langs->trans("ConfirmClone"), //array('type' => 'checkbox', 'name' => 'clone_content', 'label' => $langs->trans("CloneMainAttributes"), 'value' => 1), //array('type' => 'checkbox', 'name' => 'update_prices', 'label' => $langs->trans("PuttingPricesUpToDate"), 'value' => 1), - array('type' => 'other', 'name' => 'socid', 'label' => $langs->trans("SelectThirdParty"), 'value' => $form->select_company(GETPOST('socid'),'socid','(s.client=1 OR s.client=3)')) + array('type' => 'other', 'name' => 'socid', 'label' => $langs->trans("SelectThirdParty"), 'value' => $form->select_company(GETPOST('socid','int'),'socid','(s.client=1 OR s.client=3)')) ); // Paiement incomplet. On demande si motif = escompte ou autre $formconfirm=$form->formconfirm($_SERVER["PHP_SELF"].'?id='.$object->id,$langs->trans('CloneOrder'),$langs->trans('ConfirmCloneOrder',$object->ref),'confirm_clone',$formquestion,'yes',1); diff --git a/htdocs/commande/index.php b/htdocs/commande/index.php index 94946d75c65..d70aaf52af1 100644 --- a/htdocs/commande/index.php +++ b/htdocs/commande/index.php @@ -33,7 +33,7 @@ if (!$user->rights->commande->lire) accessforbidden(); $langs->load("orders"); // Security check -$socid=GETPOST('socid'); +$socid=GETPOST('socid','int'); if ($user->societe_id > 0) { $action = ''; diff --git a/htdocs/commande/liste.php b/htdocs/commande/liste.php index 6ffe19b3df9..d628610b94c 100644 --- a/htdocs/commande/liste.php +++ b/htdocs/commande/liste.php @@ -44,7 +44,7 @@ $sall=GETPOST('sall'); $socid=GETPOST('socid','int'); // Security check -$id = (GETPOST('orderid')?GETPOST('orderid'):GETPOST('id')); +$id = (GETPOST('orderid')?GETPOST('orderid'):GETPOST('id','int')); if ($user->societe_id) $socid=$user->societe_id; $result = restrictedArea($user, 'commande', $id,''); diff --git a/htdocs/commande/stats/index.php b/htdocs/commande/stats/index.php index 57ce188be25..6ef7e808126 100644 --- a/htdocs/commande/stats/index.php +++ b/htdocs/commande/stats/index.php @@ -34,8 +34,8 @@ $mode=GETPOST("mode")?GETPOST("mode"):'customer'; if ($mode == 'customer' && ! $user->rights->commande->lire) accessforbidden(); if ($mode == 'supplier' && ! $user->rights->fournisseur->commande->lire) accessforbidden(); -$userid=GETPOST('userid'); if ($userid < 0) $userid=0; -$socid=GETPOST('socid'); if ($socid < 0) $socid=0; +$userid=GETPOST('userid','int'); if ($userid < 0) $userid=0; +$socid=GETPOST('socid','int'); if ($socid < 0) $socid=0; // Security check if ($user->societe_id > 0) { diff --git a/htdocs/compta/bank/fiche.php b/htdocs/compta/bank/fiche.php index 5a57bef27b7..f61d78641bb 100644 --- a/htdocs/compta/bank/fiche.php +++ b/htdocs/compta/bank/fiche.php @@ -468,10 +468,10 @@ else /* */ /* ************************************************************************** */ - if (GETPOST("id") && $action == 'edit' && $user->rights->banque->configurer) + if (GETPOST('id','int') && $action == 'edit' && $user->rights->banque->configurer) { $account = new Account($db); - $account->fetch(GETPOST("id")); + $account->fetch(GETPOST('id','int')); print_fiche_titre($langs->trans("EditFinancialAccount")); print "
"; diff --git a/htdocs/compta/deplacement/fiche.php b/htdocs/compta/deplacement/fiche.php index fce385ea57e..66680ef089d 100644 --- a/htdocs/compta/deplacement/fiche.php +++ b/htdocs/compta/deplacement/fiche.php @@ -36,7 +36,7 @@ $langs->load("trips"); // Security check -$id = GETPOST('id'); +$id = GETPOST('id','int'); if ($user->societe_id) $socid=$user->societe_id; $result = restrictedArea($user, 'deplacement', $id,''); @@ -287,7 +287,7 @@ if ($action == 'create') // Company print ""; print ''.$langs->trans("CompanyVisited").''; - print $form->select_company(GETPOST("socid"),'socid','',1); + print $form->select_company(GETPOST('socid','int'),'socid','',1); print ''; // Public note diff --git a/htdocs/compta/deplacement/index.php b/htdocs/compta/deplacement/index.php index 273e27bec66..1fe0e9549ac 100644 --- a/htdocs/compta/deplacement/index.php +++ b/htdocs/compta/deplacement/index.php @@ -32,7 +32,7 @@ $langs->load("users"); $langs->load("trips"); // Security check -$socid = GETPOST('socid'); +$socid = GETPOST('socid','int'); if ($user->societe_id) $socid=$user->societe_id; $result = restrictedArea($user, 'deplacement','',''); diff --git a/htdocs/compta/deplacement/info.php b/htdocs/compta/deplacement/info.php index 7dee9417339..1d0874af388 100644 --- a/htdocs/compta/deplacement/info.php +++ b/htdocs/compta/deplacement/info.php @@ -30,7 +30,7 @@ require_once(DOL_DOCUMENT_ROOT."/compta/deplacement/class/deplacement.class.php" $langs->load("trips"); // Security check -$id = GETPOST('id'); +$id = GETPOST('id','int'); if ($user->societe_id) $socid=$user->societe_id; $result = restrictedArea($user, 'deplacement', $id, ''); diff --git a/htdocs/compta/deplacement/list.php b/htdocs/compta/deplacement/list.php index bd3ffc66e36..cc3d4542316 100755 --- a/htdocs/compta/deplacement/list.php +++ b/htdocs/compta/deplacement/list.php @@ -32,7 +32,7 @@ $langs->load("users"); $langs->load("trips"); // Security check -$socid = GETPOST('socid'); +$socid = GETPOST('socid','int'); if ($user->societe_id) $socid=$user->societe_id; $result = restrictedArea($user, 'deplacement','',''); diff --git a/htdocs/compta/deplacement/stats/index.php b/htdocs/compta/deplacement/stats/index.php index d9847f8cb52..d07f816f1bc 100755 --- a/htdocs/compta/deplacement/stats/index.php +++ b/htdocs/compta/deplacement/stats/index.php @@ -31,8 +31,8 @@ $langs->load("trips"); $WIDTH=500; $HEIGHT=200; -$userid=GETPOST('userid'); if ($userid < 0) $userid=0; -$socid=GETPOST('socid'); if ($socid < 0) $socid=0; +$userid=GETPOST('userid','int'); if ($userid < 0) $userid=0; +$socid=GETPOST('socid','int'); if ($socid < 0) $socid=0; // Securite acces client if ($user->societe_id > 0) { diff --git a/htdocs/compta/dons/fiche.php b/htdocs/compta/dons/fiche.php index 5ee0351d559..5ee0ae1c95b 100644 --- a/htdocs/compta/dons/fiche.php +++ b/htdocs/compta/dons/fiche.php @@ -34,7 +34,7 @@ $langs->load("companies"); $langs->load("donations"); $langs->load("bills"); -$id=GETPOST('rowid')?GETPOST('rowid'):GETPOST('id'); +$id=GETPOST('rowid')?GETPOST('rowid'):GETPOST('id','int'); $action=GETPOST('action'); $mesg=""; diff --git a/htdocs/compta/facture.php b/htdocs/compta/facture.php index 33ef351b0f8..e608d07d1a9 100644 --- a/htdocs/compta/facture.php +++ b/htdocs/compta/facture.php @@ -53,7 +53,7 @@ if (GETPOST('mesg','int',1) && isset($_SESSION['message'])) $mesg=$_SESSION['mes $sall=trim(GETPOST('sall')); $projectid=(GETPOST('projectid')?GETPOST('projectid','int'):0); -$id=(GETPOST('id')?GETPOST('id','int'):GETPOST('facid','int')); // For backward compatibility +$id=(GETPOST('id','int')?GETPOST('id','int'):GETPOST('facid','int')); // For backward compatibility $ref=GETPOST('ref','alpha'); $socid=GETPOST('socid','int'); $action=GETPOST('action','alpha'); @@ -558,7 +558,7 @@ if ($action == 'confirm_converttoreduc' && $confirm == 'yes' && $user->rights->f */ if ($action == 'add' && $user->rights->facture->creer) { - $object->socid=GETPOST('socid'); + $object->socid=GETPOST('socid','int'); $db->begin(); diff --git a/htdocs/compta/facture/apercu.php b/htdocs/compta/facture/apercu.php index 6c07791e272..f29038bf0d3 100644 --- a/htdocs/compta/facture/apercu.php +++ b/htdocs/compta/facture/apercu.php @@ -36,7 +36,7 @@ $langs->load("bills"); // Security check $socid=0; -$id = GETPOST("facid"); +$id = GETPOST('facid','int'); $ref = GETPOST("ref"); if ($user->societe_id) $socid=$user->societe_id; $result = restrictedArea($user, 'facture', $id); diff --git a/htdocs/compta/facture/contact.php b/htdocs/compta/facture/contact.php index 410cfcff75e..8e34d0aa48f 100644 --- a/htdocs/compta/facture/contact.php +++ b/htdocs/compta/facture/contact.php @@ -32,7 +32,9 @@ require_once(DOL_DOCUMENT_ROOT.'/core/class/html.formcompany.class.php'); $langs->load("bills"); $langs->load("companies"); -$facid = isset($_GET["facid"])?$_GET["facid"]:''; +$facid = GETPOST('facid'); +$id = GETPOST('facid'); +$ref= GETPOST('ref'); // Security check if ($user->societe_id) $socid=$user->societe_id; @@ -45,12 +47,11 @@ $result = restrictedArea($user, 'facture', $facid); if ($_POST["action"] == 'addcontact' && $user->rights->facture->creer) { - $result = 0; $facture = new Facture($db); - $result = $facture->fetch($_GET["facid"]); + $result = $facture->fetch($facid); - if ($result > 0 && $_GET["facid"] > 0) + if ($result > 0 && $facid > 0) { $result = $facture->add_contact($_POST["contactid"], $_POST["type"], $_POST["source"]); } @@ -78,7 +79,7 @@ if ($_POST["action"] == 'addcontact' && $user->rights->facture->creer) if ($_GET["action"] == 'swapstatut' && $user->rights->facture->creer) { $facture = new Facture($db); - if ($facture->fetch(GETPOST("facid"))) + if ($facture->fetch($facid)) { $result=$facture->swapContactStatus(GETPOST('ligne')); } @@ -92,7 +93,7 @@ if ($_GET["action"] == 'swapstatut' && $user->rights->facture->creer) if ($_GET["action"] == 'deleteline' && $user->rights->facture->creer) { $facture = new Facture($db); - $facture->fetch($_GET["facid"]); + $facture->fetch($facid); $result = $facture->delete_contact($_GET["lineid"]); if ($result >= 0) @@ -125,8 +126,6 @@ $userstatic=new User($db); /* *************************************************************************** */ dol_htmloutput_mesg($mesg); -$id = $_GET['facid']; -$ref= $_GET['ref']; if ($id > 0 || ! empty($ref)) { $facture = new Facture($db); diff --git a/htdocs/compta/facture/document.php b/htdocs/compta/facture/document.php index 720d37f7772..d76b6fc4b2d 100644 --- a/htdocs/compta/facture/document.php +++ b/htdocs/compta/facture/document.php @@ -39,7 +39,7 @@ $langs->load("bills"); $action = GETPOST('action'); $confirm = GETPOST('confirm'); -$id = GETPOST('facid'); +$id = GETPOST('facid','int'); $ref = GETPOST('ref'); // Security check diff --git a/htdocs/compta/facture/fiche-rec.php b/htdocs/compta/facture/fiche-rec.php index 36f8777f234..2960624597a 100644 --- a/htdocs/compta/facture/fiche-rec.php +++ b/htdocs/compta/facture/fiche-rec.php @@ -31,7 +31,7 @@ require_once(DOL_DOCUMENT_ROOT."/product/class/product.class.php"); $langs->load('bills'); // Security check -$facid=GETPOST("facid"); +$facid=GETPOST('facid','int'); $action=GETPOST("action"); if ($user->societe_id) $socid=$user->societe_id; $objecttype = 'facture_rec'; @@ -81,7 +81,7 @@ if ($_POST["action"] == 'add') if ($_REQUEST["action"] == 'delete' && $user->rights->facture->supprimer) { $facrec = new FactureRec($db); - $facrec->fetch(GETPOST("facid")); + $facrec->fetch(GETPOST('facid','int')); $facrec->delete(); $facid = 0 ; } diff --git a/htdocs/compta/facture/stats/index.php b/htdocs/compta/facture/stats/index.php index 54dc1244aeb..3b579f6e56f 100644 --- a/htdocs/compta/facture/stats/index.php +++ b/htdocs/compta/facture/stats/index.php @@ -33,8 +33,8 @@ $mode=GETPOST("mode")?GETPOST("mode"):'customer'; if ($mode == 'customer' && ! $user->rights->facture->lire) accessforbidden(); if ($mode == 'supplier' && ! $user->rights->fournisseur->facture->lire) accessforbidden(); -$userid=GETPOST('userid'); if ($userid < 0) $userid=0; -$socid=GETPOST('socid'); if ($socid < 0) $socid=0; +$userid=GETPOST('userid','int'); if ($userid < 0) $userid=0; +$socid=GETPOST('socid','int'); if ($socid < 0) $socid=0; // Security check if ($user->societe_id > 0) { diff --git a/htdocs/compta/localtax/clients.php b/htdocs/compta/localtax/clients.php index ce0dbf389d8..bea4c61aec4 100644 --- a/htdocs/compta/localtax/clients.php +++ b/htdocs/compta/localtax/clients.php @@ -75,7 +75,7 @@ $modetax = $conf->global->TAX_MODE; if (isset($_REQUEST["modetax"])) $modetax=$_REQUEST["modetax"]; // Security check -$socid = GETPOST("socid"); +$socid = GETPOST('socid','int'); if ($user->societe_id) $socid=$user->societe_id; $result = restrictedArea($user, 'tax', '', '', 'charges'); diff --git a/htdocs/compta/paiement.php b/htdocs/compta/paiement.php index 95658793d12..7d8caf6e69c 100644 --- a/htdocs/compta/paiement.php +++ b/htdocs/compta/paiement.php @@ -37,7 +37,7 @@ $langs->load('banks'); $action = GETPOST('action'); $confirm = GETPOST('confirm'); -$facid = GETPOST('facid'); +$facid = GETPOST('facid','int'); $socname = GETPOST('socname'); $accountid = GETPOST('accountid'); $paymentnum = GETPOST('num_paiement'); diff --git a/htdocs/compta/paiement/cheque/fiche.php b/htdocs/compta/paiement/cheque/fiche.php index a67c000f748..6c49ce2a582 100644 --- a/htdocs/compta/paiement/cheque/fiche.php +++ b/htdocs/compta/paiement/cheque/fiche.php @@ -35,7 +35,7 @@ $langs->load('banks'); $langs->load('companies'); $langs->load('compta'); -$id =GETPOST("id"); +$id =GETPOST('id','int'); $ref=GETPOST("ref"); $action=GETPOST('action'); @@ -67,7 +67,7 @@ $filteraccountid=GETPOST('accountid'); if ($action == 'setdate' && $user->rights->banque->cheque) { $remisecheque = new RemiseCheque($db); - $result = $remisecheque->fetch(GETPOST('id')); + $result = $remisecheque->fetch(GETPOST('id','int')); if ($result > 0) { //print "x ".$_POST['liv_month'].", ".$_POST['liv_day'].", ".$_POST['liv_year']; diff --git a/htdocs/compta/paiement/liste.php b/htdocs/compta/paiement/liste.php index ddc95aa5642..b7c53db2c67 100644 --- a/htdocs/compta/paiement/liste.php +++ b/htdocs/compta/paiement/liste.php @@ -30,9 +30,9 @@ require_once(DOL_DOCUMENT_ROOT.'/compta/bank/class/account.class.php'); $langs->load("bills"); // Security check -$facid =GETPOST("facid"); -$socid =GETPOST("socid"); -$userid=GETPOST('userid'); +$facid =GETPOST('facid','int'); +$socid =GETPOST('socid','int'); +$userid=GETPOST('userid','int'); if ($user->societe_id) $socid=$user->societe_id; $result = restrictedArea($user, 'facture',$facid,''); diff --git a/htdocs/compta/prelevement/bon.php b/htdocs/compta/prelevement/bon.php index 67d7baee6ef..4a42b1fb08e 100644 --- a/htdocs/compta/prelevement/bon.php +++ b/htdocs/compta/prelevement/bon.php @@ -33,7 +33,7 @@ $langs->load("categories"); // Security check $socid=0; -$id = GETPOST("id"); +$id = GETPOST('id','int'); $ref = GETPOST("ref"); if ($user->societe_id) $socid=$user->societe_id; $result = restrictedArea($user, 'prelevement', $id); diff --git a/htdocs/compta/prelevement/bons.php b/htdocs/compta/prelevement/bons.php index ff656c9857e..4cfbbf0a481 100644 --- a/htdocs/compta/prelevement/bons.php +++ b/htdocs/compta/prelevement/bons.php @@ -31,7 +31,7 @@ $langs->load("widthdrawals"); $langs->load("categories"); // Security check -$socid = GETPOST("socid"); +$socid = GETPOST('socid','int'); if ($user->societe_id) $socid=$user->societe_id; $result = restrictedArea($user, 'prelevement','','','bons'); diff --git a/htdocs/compta/prelevement/demandes.php b/htdocs/compta/prelevement/demandes.php index 82ab1bb4402..4038446afb1 100644 --- a/htdocs/compta/prelevement/demandes.php +++ b/htdocs/compta/prelevement/demandes.php @@ -32,7 +32,7 @@ $langs->load("companies"); $langs->load("categories"); // Security check -$socid = GETPOST("socid"); +$socid = GETPOST('socid','int'); if ($user->societe_id) $socid=$user->societe_id; $result = restrictedArea($user, 'prelevement','','','bons'); diff --git a/htdocs/compta/prelevement/factures.php b/htdocs/compta/prelevement/factures.php index 58fe3761db9..67e47420061 100644 --- a/htdocs/compta/prelevement/factures.php +++ b/htdocs/compta/prelevement/factures.php @@ -37,8 +37,8 @@ $langs->load("categories"); if ($user->societe_id > 0) accessforbidden(); // Get supervariables -$prev_id = GETPOST("id"); -$socid = GETPOST("socid"); +$prev_id = GETPOST('id','int'); +$socid = GETPOST('socid','int'); $page = GETPOST("page"); $sortorder = ((GETPOST("sortorder")=="")) ? "DESC" : GETPOST("sortorder"); $sortfield = ((GETPOST("sortfield")=="")) ? "p.ref" : GETPOST("sortfield"); diff --git a/htdocs/compta/prelevement/fiche-rejet.php b/htdocs/compta/prelevement/fiche-rejet.php index 0fb5e55cf77..f3ad78b9b64 100644 --- a/htdocs/compta/prelevement/fiche-rejet.php +++ b/htdocs/compta/prelevement/fiche-rejet.php @@ -35,7 +35,7 @@ $langs->load("categories"); if ($user->societe_id > 0) accessforbidden(); // Get supervariables -$prev_id = GETPOST("id"); +$prev_id = GETPOST('id','int'); $page = GETPOST("page"); /* diff --git a/htdocs/compta/prelevement/fiche-stat.php b/htdocs/compta/prelevement/fiche-stat.php index 9d8261cf209..63b269c6286 100644 --- a/htdocs/compta/prelevement/fiche-stat.php +++ b/htdocs/compta/prelevement/fiche-stat.php @@ -34,7 +34,7 @@ $langs->load("withdrawals"); $langs->load("categories"); // Get supervariables -$prev_id = GETPOST("id"); +$prev_id = GETPOST('id','int'); $page = GETPOST("page"); /* diff --git a/htdocs/compta/prelevement/fiche.php b/htdocs/compta/prelevement/fiche.php index 4b76e9c3a02..e2d5a32fafe 100644 --- a/htdocs/compta/prelevement/fiche.php +++ b/htdocs/compta/prelevement/fiche.php @@ -40,7 +40,7 @@ if ($user->societe_id > 0) accessforbidden(); // Get supervariables $action = GETPOST("action"); -$id = GETPOST("id"); +$id = GETPOST('id','int'); /* * Actions diff --git a/htdocs/compta/prelevement/index.php b/htdocs/compta/prelevement/index.php index 7c9a1347d9b..a208b9d6b47 100644 --- a/htdocs/compta/prelevement/index.php +++ b/htdocs/compta/prelevement/index.php @@ -32,7 +32,7 @@ $langs->load("withdrawals"); $langs->load("categories"); // Security check -$socid = GETPOST("socid"); +$socid = GETPOST('socid','int'); if ($user->societe_id) $socid=$user->societe_id; $result = restrictedArea($user, 'prelevement','',''); diff --git a/htdocs/compta/prelevement/ligne.php b/htdocs/compta/prelevement/ligne.php index 0914abbdc65..9af1d17b642 100644 --- a/htdocs/compta/prelevement/ligne.php +++ b/htdocs/compta/prelevement/ligne.php @@ -39,8 +39,8 @@ $langs->load("categories"); // Get supervariables $action = GETPOST("action"); -$id = GETPOST("id"); -$socid = GETPOST("socid"); +$id = GETPOST('id','int'); +$socid = GETPOST('socid','int'); $page = GETPOST("page"); $sortorder = GETPOST("sortorder"); diff --git a/htdocs/compta/prelevement/lignes.php b/htdocs/compta/prelevement/lignes.php index 6df698b529a..4d0db99de3c 100644 --- a/htdocs/compta/prelevement/lignes.php +++ b/htdocs/compta/prelevement/lignes.php @@ -36,8 +36,8 @@ if ($user->societe_id > 0) accessforbidden(); $langs->load("categories"); // Get supervariables -$prev_id = GETPOST("id"); -$socid = GETPOST("socid"); +$prev_id = GETPOST('id','int'); +$socid = GETPOST('socid','int'); $page = GETPOST("page"); $sortorder = ((GETPOST("sortorder")=="")) ? "DESC" : GETPOST("sortorder"); $sortfield = ((GETPOST("sortfield")=="")) ? "pl.fk_soc" : GETPOST("sortfield"); diff --git a/htdocs/compta/prelevement/liste.php b/htdocs/compta/prelevement/liste.php index ba827ad3675..c27e09502d6 100644 --- a/htdocs/compta/prelevement/liste.php +++ b/htdocs/compta/prelevement/liste.php @@ -32,7 +32,7 @@ $langs->load("companies"); $langs->load("categories"); // Security check -$socid = GETPOST("socid"); +$socid = GETPOST('socid','int'); if ($user->societe_id) $socid=$user->societe_id; $result = restrictedArea($user, 'prelevement','','','bons'); diff --git a/htdocs/compta/prelevement/rejets.php b/htdocs/compta/prelevement/rejets.php index 7a2faf26d59..2428cd8c016 100644 --- a/htdocs/compta/prelevement/rejets.php +++ b/htdocs/compta/prelevement/rejets.php @@ -30,7 +30,7 @@ $langs->load("companies"); $langs->load("categories"); // Security check -$socid = GETPOST("socid"); +$socid = GETPOST('socid','int'); if ($user->societe_id) $socid=$user->societe_id; $result = restrictedArea($user, 'prelevement','','','bons'); diff --git a/htdocs/compta/prelevement/stats.php b/htdocs/compta/prelevement/stats.php index 85b525d2917..62ec73caa64 100644 --- a/htdocs/compta/prelevement/stats.php +++ b/htdocs/compta/prelevement/stats.php @@ -31,7 +31,7 @@ $langs->load("companies"); $langs->load("categories"); // Security check -$socid = GETPOST("socid"); +$socid = GETPOST('socid','int'); if ($user->societe_id) $socid=$user->societe_id; $result = restrictedArea($user, 'prelevement','','','bons'); diff --git a/htdocs/compta/resultat/clientfourn.php b/htdocs/compta/resultat/clientfourn.php index e023149849a..4160071c1e4 100644 --- a/htdocs/compta/resultat/clientfourn.php +++ b/htdocs/compta/resultat/clientfourn.php @@ -33,7 +33,7 @@ require_once(DOL_DOCUMENT_ROOT."/core/lib/date.lib.php"); $langs->load("bills"); // Security check -$socid = GETPOST("socid"); +$socid = GETPOST('socid','int'); if ($user->societe_id > 0) $socid = $user->societe_id; if (!$user->rights->compta->resultat->lire && !$user->rights->accounting->comptarapport->lire) accessforbidden(); diff --git a/htdocs/compta/resultat/index.php b/htdocs/compta/resultat/index.php index 5237142309c..928c74e24ce 100644 --- a/htdocs/compta/resultat/index.php +++ b/htdocs/compta/resultat/index.php @@ -38,7 +38,7 @@ else { } // Security check -$socid = GETPOST('socid'); +$socid = GETPOST('socid','int'); if ($user->societe_id > 0) $socid = $user->societe_id; if (!$user->rights->compta->resultat->lire && !$user->rights->accounting->comptarapport->lire) accessforbidden(); diff --git a/htdocs/compta/sociales/charges.php b/htdocs/compta/sociales/charges.php index 097571677f7..f9124c2edfd 100644 --- a/htdocs/compta/sociales/charges.php +++ b/htdocs/compta/sociales/charges.php @@ -30,11 +30,11 @@ require_once(DOL_DOCUMENT_ROOT."/core/lib/tax.lib.php"); $langs->load("compta"); $langs->load("bills"); -$id=GETPOST("id"); +$id=GETPOST('id','int'); $action=GETPOST("action"); // Security check -$socid = GETPOST("socid"); +$socid = GETPOST('socid','int'); if ($user->societe_id) $socid=$user->societe_id; $result = restrictedArea($user, 'tax', $langs->trans("SocialContribution"), '', 'charges'); diff --git a/htdocs/compta/sociales/document.php b/htdocs/compta/sociales/document.php index 953d394896c..3261fab405a 100644 --- a/htdocs/compta/sociales/document.php +++ b/htdocs/compta/sociales/document.php @@ -38,7 +38,7 @@ $langs->load("companies"); $langs->load("compta"); $langs->load("bills"); -$id = GETPOST("id"); +$id = GETPOST('id','int'); $action = GETPOST("action"); // Security check diff --git a/htdocs/compta/sociales/info.php b/htdocs/compta/sociales/info.php index fc1a30fc15e..d48386bb623 100644 --- a/htdocs/compta/sociales/info.php +++ b/htdocs/compta/sociales/info.php @@ -29,11 +29,11 @@ require_once(DOL_DOCUMENT_ROOT."/core/lib/functions2.lib.php"); $langs->load("compta"); $langs->load("bills"); -$id=GETPOST("id"); +$id=GETPOST('id','int'); $action=GETPOST("action"); // Security check -$socid = GETPOST("socid"); +$socid = GETPOST('socid','int'); if ($user->societe_id) $socid=$user->societe_id; $result = restrictedArea($user, 'tax', $langs->trans("SocialContribution"), '', 'charges'); diff --git a/htdocs/compta/stats/index.php b/htdocs/compta/stats/index.php index 8d2ed89267d..8fef71e5ff8 100644 --- a/htdocs/compta/stats/index.php +++ b/htdocs/compta/stats/index.php @@ -37,8 +37,8 @@ else { $year_end=$year_start + ($nbofyear-1); } -$userid=GETPOST('userid'); -$socid=GETPOST('socid'); +$userid=GETPOST('userid','int'); +$socid=GETPOST('socid','int'); // Security check if ($user->societe_id > 0) $socid = $user->societe_id; if (!$user->rights->compta->resultat->lire && !$user->rights->accounting->comptarapport->lire) accessforbidden(); diff --git a/htdocs/compta/tva/clients.php b/htdocs/compta/tva/clients.php index be5ab8163ab..9aeb55fa505 100644 --- a/htdocs/compta/tva/clients.php +++ b/htdocs/compta/tva/clients.php @@ -78,7 +78,7 @@ $modetax = $conf->global->TAX_MODE; if (isset($_REQUEST["modetax"])) $modetax=$_REQUEST["modetax"]; // Security check -$socid = GETPOST("socid"); +$socid = GETPOST('socid','int'); if ($user->societe_id) $socid=$user->societe_id; $result = restrictedArea($user, 'tax', '', '', 'charges'); diff --git a/htdocs/compta/tva/quadri_detail.php b/htdocs/compta/tva/quadri_detail.php index 62c3a1f052e..7123e828c1d 100644 --- a/htdocs/compta/tva/quadri_detail.php +++ b/htdocs/compta/tva/quadri_detail.php @@ -85,7 +85,7 @@ if (isset($_REQUEST["modetax"])) $modetax=$_REQUEST["modetax"]; if (empty($modetax)) $modetax=0; // Security check -$socid = GETPOST("socid"); +$socid = GETPOST('socid','int'); if ($user->societe_id) $socid=$user->societe_id; $result = restrictedArea($user, 'tax', '', '', 'charges'); diff --git a/htdocs/contact/canvas/default/tpl/contactcard_edit.tpl.php b/htdocs/contact/canvas/default/tpl/contactcard_edit.tpl.php index 43278ab3794..2ba3716dc6d 100644 --- a/htdocs/contact/canvas/default/tpl/contactcard_edit.tpl.php +++ b/htdocs/contact/canvas/default/tpl/contactcard_edit.tpl.php @@ -32,10 +32,10 @@ echo $this->control->tpl['ajax_selectcountry'];
-"> -"> + diff --git a/htdocs/contact/fiche.php b/htdocs/contact/fiche.php index bb6ff79a06d..6021767dbae 100644 --- a/htdocs/contact/fiche.php +++ b/htdocs/contact/fiche.php @@ -390,7 +390,7 @@ else } else { print ''.$langs->trans("Company").''; - print $form->select_company(GETPOST("socid"),'socid','',1); + print $form->select_company(GETPOST('socid','int'),'socid','',1); print ''; } } @@ -562,7 +562,7 @@ else { print ''.$langs->trans("Company").''; print ''; - print $form->select_company(GETPOST("socid")?GETPOST("socid"):($object->socid?$object->socid:-1),'socid','',1); + print $form->select_company(GETPOST('socid','int')?GETPOST('socid','int'):($object->socid?$object->socid:-1),'socid','',1); print ''; print ''; } diff --git a/htdocs/contrat/contact.php b/htdocs/contrat/contact.php index df9f6cc6126..158fe53da6c 100644 --- a/htdocs/contrat/contact.php +++ b/htdocs/contrat/contact.php @@ -77,7 +77,7 @@ if ($_POST["action"] == 'addcontact' && $user->rights->contrat->creer) if ($_GET["action"] == 'swapstatut' && $user->rights->contrat->creer) { $contrat = new Contrat($db); - if ($contrat->fetch(GETPOST("id"))) + if ($contrat->fetch(GETPOST('id','int'))) { $result=$contrat->swapContactStatus(GETPOST('ligne')); } diff --git a/htdocs/contrat/fiche.php b/htdocs/contrat/fiche.php index 769190bbae4..0714edb72c2 100644 --- a/htdocs/contrat/fiche.php +++ b/htdocs/contrat/fiche.php @@ -41,8 +41,8 @@ $langs->load("bills"); $langs->load("products"); $action=GETPOST('action'); -$socid = GETPOST("socid"); -$contratid = GETPOST("id"); +$socid = GETPOST('socid','int'); +$contratid = GETPOST('id','int'); // Security check if ($user->societe_id) $socid=$user->societe_id; diff --git a/htdocs/contrat/services.php b/htdocs/contrat/services.php index fdcf83dba1f..30e0e81a72c 100644 --- a/htdocs/contrat/services.php +++ b/htdocs/contrat/services.php @@ -48,10 +48,10 @@ $search_nom=GETPOST("search_nom"); $search_contract=GETPOST("search_contract"); $search_service=GETPOST("search_service"); $statut=isset($_GET["statut"])?$_GET["statut"]:1; -$socid=GETPOST("socid"); +$socid=GETPOST('socid','int'); // Security check -$contratid = GETPOST("id"); +$contratid = GETPOST('id','int'); if ($user->societe_id) $socid=$user->societe_id; $result = restrictedArea($user, 'contrat',$contratid,''); diff --git a/htdocs/ecm/index.php b/htdocs/ecm/index.php index 712f51e2cda..4258632f8c2 100644 --- a/htdocs/ecm/index.php +++ b/htdocs/ecm/index.php @@ -50,7 +50,7 @@ $result = restrictedArea($user, 'ecm', 0); $user->getrights('ecm'); // Get parameters -$socid=GETPOST('socid'); +$socid=GETPOST('socid','int'); $action=GETPOST("action"); $section=GETPOST("section"); $module=GETPOST("module"); diff --git a/htdocs/expedition/fiche.php b/htdocs/expedition/fiche.php index ac06265df3f..40fb5917e89 100644 --- a/htdocs/expedition/fiche.php +++ b/htdocs/expedition/fiche.php @@ -50,7 +50,7 @@ $langs->load('other'); $langs->load('propal'); $origin = GETPOST("origin")?GETPOST("origin"):'expedition'; // Example: commande, propal -$origin_id = GETPOST("id")?GETPOST("id"):''; +$origin_id = GETPOST('id','int')?GETPOST('id','int'):''; if (empty($origin_id)) $origin_id = GETPOST("origin_id"); // Id of order or propal if (empty($origin_id)) $origin_id = GETPOST("object_id"); // Id of order or propal $id = $origin_id; diff --git a/htdocs/fichinter/apercu.php b/htdocs/fichinter/apercu.php index 5d713eda2ca..f338c0b5b0d 100644 --- a/htdocs/fichinter/apercu.php +++ b/htdocs/fichinter/apercu.php @@ -35,7 +35,7 @@ $langs->load('interventions'); // Security check $socid=0; -$id = GETPOST("id"); +$id = GETPOST('id','int'); $ref = GETPOST("ref"); if ($user->societe_id) $socid=$user->societe_id; $result = restrictedArea($user, 'ficheinter', $id, 'fichinter'); diff --git a/htdocs/fichinter/contact.php b/htdocs/fichinter/contact.php index 467e8683527..74fa3b5b9a3 100644 --- a/htdocs/fichinter/contact.php +++ b/htdocs/fichinter/contact.php @@ -78,7 +78,7 @@ if ($_POST["action"] == 'addcontact' && $user->rights->ficheinter->creer) if ($_GET["action"] == 'swapstatut' && $user->rights->ficheinter->creer) { $fichinter = new Fichinter($db); - if ($fichinter->fetch(GETPOST("id"))) + if ($fichinter->fetch(GETPOST('id','int'))) { $result=$fichinter->swapContactStatus(GETPOST('ligne')); } diff --git a/htdocs/fichinter/document.php b/htdocs/fichinter/document.php index be142263326..23c1196a088 100644 --- a/htdocs/fichinter/document.php +++ b/htdocs/fichinter/document.php @@ -38,7 +38,7 @@ $langs->load("fichinter"); $langs->load("companies"); $langs->load("interventions"); -$id = GETPOST("id"); +$id = GETPOST('id','int'); $action = GETPOST("action"); // Security check diff --git a/htdocs/fichinter/fiche.php b/htdocs/fichinter/fiche.php index 40c42a2e81c..9f753db3060 100644 --- a/htdocs/fichinter/fiche.php +++ b/htdocs/fichinter/fiche.php @@ -43,9 +43,9 @@ if (! empty($conf->global->FICHEINTER_ADDON) && is_readable(DOL_DOCUMENT_ROOT ." $langs->load("companies"); $langs->load("interventions"); -$id = GETPOST('id'); +$id = GETPOST('id','int'); $ref = GETPOST('ref'); -$socid = GETPOST('socid'); +$socid = GETPOST('socid','int'); $action = GETPOST("action"); $confirm = GETPOST("confirm"); $mesg = GETPOST("msg"); diff --git a/htdocs/fichinter/info.php b/htdocs/fichinter/info.php index 05c74544d24..1029880d487 100644 --- a/htdocs/fichinter/info.php +++ b/htdocs/fichinter/info.php @@ -31,7 +31,7 @@ require_once(DOL_DOCUMENT_ROOT."/core/lib/fichinter.lib.php"); $langs->load('companies'); $langs->load("interventions"); -$fichinterid = GETPOST("id"); +$fichinterid = GETPOST('id','int'); // Security check if ($user->societe_id) $socid=$user->societe_id; diff --git a/htdocs/fichinter/list.php b/htdocs/fichinter/list.php index dfd0b4d39e5..a693e261e6c 100755 --- a/htdocs/fichinter/list.php +++ b/htdocs/fichinter/list.php @@ -40,11 +40,11 @@ $offset = $conf->liste_limit * $page; $pageprev = $page - 1; $pagenext = $page + 1; -$socid=GETPOST("socid"); +$socid=GETPOST('socid','int'); $page=GETPOST("page"); // Security check -$fichinterid = GETPOST("id"); +$fichinterid = GETPOST('id','int'); if ($user->societe_id) $socid=$user->societe_id; $result = restrictedArea($user, 'ficheinter', $fichinterid,'fichinter'); diff --git a/htdocs/fichinter/note.php b/htdocs/fichinter/note.php index 2622e58c6f2..891ffca9036 100644 --- a/htdocs/fichinter/note.php +++ b/htdocs/fichinter/note.php @@ -29,7 +29,7 @@ require_once(DOL_DOCUMENT_ROOT."/core/lib/fichinter.lib.php"); $langs->load('companies'); $langs->load("interventions"); -$fichinterid = GETPOST("id"); +$fichinterid = GETPOST('id','int'); $action=GETPOST("action"); // Security check diff --git a/htdocs/fourn/commande/fiche.php b/htdocs/fourn/commande/fiche.php index 5d18b8bbed2..9a8d2d9f637 100644 --- a/htdocs/fourn/commande/fiche.php +++ b/htdocs/fourn/commande/fiche.php @@ -47,12 +47,12 @@ $langs->load('deliveries'); $langs->load('products'); $langs->load('stocks'); -$id = GETPOST("id"); +$id = GETPOST('id','int'); $ref = GETPOST("ref"); $action = GETPOST("action"); $confirm = GETPOST("confirm"); $comclientid = GETPOST("comid"); -$socid = GETPOST("socid"); +$socid = GETPOST('socid','int'); $projectid = GETPOST("projectid"); // Security check diff --git a/htdocs/fourn/facture/contact.php b/htdocs/fourn/facture/contact.php index c10bf7bca87..42993e32703 100644 --- a/htdocs/fourn/facture/contact.php +++ b/htdocs/fourn/facture/contact.php @@ -80,7 +80,7 @@ if ($_POST["action"] == 'addcontact' && $user->rights->fournisseur->facture->cre if ($_GET["action"] == 'swapstatut' && $user->rights->fournisseur->facture->creer) { $facture = new FactureFournisseur($db); - if ($facture->fetch(GETPOST("facid"))) + if ($facture->fetch(GETPOST('facid','int'))) { $result=$facture->swapContactStatus(GETPOST('ligne')); } diff --git a/htdocs/fourn/facture/document.php b/htdocs/fourn/facture/document.php index 5a934218c9f..f007070618c 100644 --- a/htdocs/fourn/facture/document.php +++ b/htdocs/fourn/facture/document.php @@ -35,7 +35,7 @@ $langs->load('bills'); $langs->load('other'); $langs->load("companies"); -$facid = GETPOST("facid")?GETPOST("facid"):GETPOST("id"); +$facid = GETPOST('facid','int')?GETPOST('facid','int'):GETPOST('id','int'); $action=empty($_GET['action']) ? (empty($_POST['action']) ? '' : $_POST['action']) : $_GET['action']; // Security check diff --git a/htdocs/fourn/facture/fiche.php b/htdocs/fourn/facture/fiche.php index afae39f9309..ec0ca5d6ec4 100644 --- a/htdocs/fourn/facture/fiche.php +++ b/htdocs/fourn/facture/fiche.php @@ -42,7 +42,7 @@ $langs->load('suppliers'); $langs->load('companies'); $mesg=''; -$id = (GETPOST("facid") ? GETPOST("facid") : GETPOST("id")); +$id = (GETPOST('facid','int') ? GETPOST('facid','int') : GETPOST('id','int')); $action = GETPOST("action"); $confirm = GETPOST("confirm"); diff --git a/htdocs/fourn/facture/index.php b/htdocs/fourn/facture/index.php index 372534d9bc0..eabafefda14 100644 --- a/htdocs/fourn/facture/index.php +++ b/htdocs/fourn/facture/index.php @@ -34,7 +34,7 @@ if (!$user->rights->fournisseur->facture->lire) accessforbidden(); $langs->load("companies"); $langs->load("bills"); -$socid = GETPOST("socid"); +$socid = GETPOST('socid','int'); // Security check if ($user->societe_id > 0) diff --git a/htdocs/fourn/facture/note.php b/htdocs/fourn/facture/note.php index 98b73a767f6..7522b527fdb 100644 --- a/htdocs/fourn/facture/note.php +++ b/htdocs/fourn/facture/note.php @@ -31,7 +31,7 @@ require_once(DOL_DOCUMENT_ROOT.'/fourn/class/fournisseur.facture.class.php'); $langs->load('bills'); $langs->load("companies"); -$facid = GETPOST("facid")?GETPOST("facid"):GETPOST('id'); +$facid = GETPOST('facid','int')?GETPOST('facid','int'):GETPOST('id','int'); $action = GETPOST('action'); // Security check diff --git a/htdocs/fourn/facture/paiement.php b/htdocs/fourn/facture/paiement.php index e36158bfa00..1024a16c8f9 100644 --- a/htdocs/fourn/facture/paiement.php +++ b/htdocs/fourn/facture/paiement.php @@ -34,7 +34,7 @@ $langs->load('companies'); $langs->load('bills'); $langs->load('banks'); -$facid=GETPOST('facid'); +$facid=GETPOST('facid','int'); $action=GETPOST('action'); $socid=GETPOST('socid','int'); diff --git a/htdocs/fourn/fiche.php b/htdocs/fourn/fiche.php index 7741ddfc42f..abf566aab22 100644 --- a/htdocs/fourn/fiche.php +++ b/htdocs/fourn/fiche.php @@ -42,7 +42,7 @@ $langs->load('commercial'); $action = GETPOST('action'); // Security check -$id = (GETPOST("socid") ? GETPOST("socid") : GETPOST("id")); +$id = (GETPOST('socid','int') ? GETPOST('socid','int') : GETPOST('id','int')); if ($user->societe_id) $id=$user->societe_id; $result = restrictedArea($user, 'societe&fournisseur', $id, ''); diff --git a/htdocs/fourn/liste.php b/htdocs/fourn/liste.php index 71da3a75c5b..c8fdfb40d83 100644 --- a/htdocs/fourn/liste.php +++ b/htdocs/fourn/liste.php @@ -39,7 +39,7 @@ $search_compta_fournisseur = GETPOST("search_compta_fournisseur"); $search_datec = GETPOST("search_datec"); // Security check -$socid = GETPOST('socid'); +$socid = GETPOST('socid','int'); if ($user->societe_id) $socid=$user->societe_id; $result = restrictedArea($user,'societe',$socid,''); diff --git a/htdocs/product/fiche.php b/htdocs/product/fiche.php index a81069d21dd..5f5e5074e7f 100644 --- a/htdocs/product/fiche.php +++ b/htdocs/product/fiche.php @@ -49,7 +49,7 @@ $id = GETPOST('id', 'int'); $ref = GETPOST('ref', 'alpha'); $action=(GETPOST('action') ? GETPOST('action') : 'view'); $confirm=GETPOST('confirm'); -$socid=GETPOST("socid"); +$socid=GETPOST('socid','int'); if ($user->societe_id) $socid=$user->societe_id; $object = new Product($db); diff --git a/htdocs/product/stats/fiche.php b/htdocs/product/stats/fiche.php index c567b876561..8c0752d0c7c 100644 --- a/htdocs/product/stats/fiche.php +++ b/htdocs/product/stats/fiche.php @@ -34,7 +34,7 @@ $langs->load("products"); $langs->load("bills"); $langs->load("other"); -$id = GETPOST('id'); +$id = GETPOST('id','int'); $ref = GETPOST('ref'); $mode = (GETPOST('mode') ? GETPOST('mode') : 'byunit'); $error = 0; diff --git a/htdocs/projet/activity/list.php b/htdocs/projet/activity/list.php index 254beb16949..fc876fcc7a5 100644 --- a/htdocs/projet/activity/list.php +++ b/htdocs/projet/activity/list.php @@ -34,7 +34,7 @@ $langs->load('projects'); $action=GETPOST('action'); $mode=GETPOST("mode"); -$id=GETPOST('id'); +$id=GETPOST('id','int'); $mine=0; if ($mode == 'mine') $mine=1; diff --git a/htdocs/projet/contact.php b/htdocs/projet/contact.php index 2a218703394..d7f501e0a0f 100644 --- a/htdocs/projet/contact.php +++ b/htdocs/projet/contact.php @@ -30,7 +30,7 @@ require_once(DOL_DOCUMENT_ROOT.'/core/class/html.formcompany.class.php'); $langs->load("projects"); $langs->load("companies"); -$id = GETPOST('id'); +$id = GETPOST('id','int'); $ref= GETPOST('ref'); $mine = $_REQUEST['mode']=='mine' ? 1 : 0; diff --git a/htdocs/projet/document.php b/htdocs/projet/document.php index 9d2fc5cbaff..5bf9971b9d7 100644 --- a/htdocs/projet/document.php +++ b/htdocs/projet/document.php @@ -33,7 +33,7 @@ $langs->load('other'); $action=GETPOST('action'); $mine = $_REQUEST['mode']=='mine' ? 1 : 0; //if (! $user->rights->projet->all->lire) $mine=1; // Special for projects -$id = GETPOST('id'); +$id = GETPOST('id','int'); $ref= GETPOST('ref'); // Security check diff --git a/htdocs/projet/fiche.php b/htdocs/projet/fiche.php index 371028f02fd..d93a6462db6 100644 --- a/htdocs/projet/fiche.php +++ b/htdocs/projet/fiche.php @@ -302,7 +302,7 @@ if ($action == 'create' && $user->rights->projet->creer) // Customer print ''.$langs->trans("ThirdParty").''; - $text=$form->select_company(GETPOST("socid"),'socid','',1,1); + $text=$form->select_company(GETPOST('socid','int'),'socid','',1,1); $texthelp=$langs->trans("IfNeedToUseOhterObjectKeepEmpty"); print $form->textwithtooltip($text.' '.img_help(),$texthelp,1); print ''; diff --git a/htdocs/projet/ganttview.php b/htdocs/projet/ganttview.php index b22deee7ff7..bd759d27bbe 100644 --- a/htdocs/projet/ganttview.php +++ b/htdocs/projet/ganttview.php @@ -30,7 +30,7 @@ require_once(DOL_DOCUMENT_ROOT."/core/lib/project.lib.php"); require_once(DOL_DOCUMENT_ROOT."/core/lib/date.lib.php"); require_once(DOL_DOCUMENT_ROOT."/core/class/html.formother.class.php"); -$id=GETPOST('id'); +$id=GETPOST('id','int'); $ref=GETPOST('ref'); $mine = $_REQUEST['mode']=='mine' ? 1 : 0; //if (! $user->rights->projet->all->lire) $mine=1; // Special for projects diff --git a/htdocs/projet/note.php b/htdocs/projet/note.php index dc7a81e7774..51493df8346 100644 --- a/htdocs/projet/note.php +++ b/htdocs/projet/note.php @@ -28,7 +28,7 @@ require_once(DOL_DOCUMENT_ROOT."/core/lib/project.lib.php"); $langs->load('projects'); $action=GETPOST('action'); -$id = GETPOST('id'); +$id = GETPOST('id','int'); $ref= GETPOST('ref'); $mine = $_REQUEST['mode']=='mine' ? 1 : 0; diff --git a/htdocs/projet/tasks/contact.php b/htdocs/projet/tasks/contact.php index bf1cd5ae804..0e745f928ca 100644 --- a/htdocs/projet/tasks/contact.php +++ b/htdocs/projet/tasks/contact.php @@ -34,7 +34,7 @@ $langs->load("projects"); $langs->load("companies"); $taskid = isset($_GET["id"])?$_GET["id"]:''; -$id = GETPOST('id'); +$id = GETPOST('id','int'); $ref= GETPOST('ref'); $action=GETPOST('action'); $withproject=GETPOST('withproject'); diff --git a/htdocs/projet/tasks/document.php b/htdocs/projet/tasks/document.php index 3b8b260d9ee..bb5fd636665 100644 --- a/htdocs/projet/tasks/document.php +++ b/htdocs/projet/tasks/document.php @@ -35,7 +35,7 @@ $langs->load('other'); $action=GETPOST('action'); $mine = $_REQUEST['mode']=='mine' ? 1 : 0; //if (! $user->rights->projet->all->lire) $mine=1; // Special for projects -$id = GETPOST('id'); +$id = GETPOST('id','int'); $ref= GETPOST('ref'); $withproject=GETPOST('withproject'); diff --git a/htdocs/projet/tasks/index.php b/htdocs/projet/tasks/index.php index 406eae738a5..94bb854e933 100644 --- a/htdocs/projet/tasks/index.php +++ b/htdocs/projet/tasks/index.php @@ -32,7 +32,7 @@ require_once(DOL_DOCUMENT_ROOT."/core/lib/date.lib.php"); $langs->load('projects'); $langs->load('users'); -$id=GETPOST('id'); +$id=GETPOST('id','int'); // Security check $socid=0; diff --git a/htdocs/projet/tasks/note.php b/htdocs/projet/tasks/note.php index 2fb8e0c9bdf..b22351ac2bd 100644 --- a/htdocs/projet/tasks/note.php +++ b/htdocs/projet/tasks/note.php @@ -31,7 +31,7 @@ $langs->load('projects'); $action=GETPOST('action'); $mine = $_REQUEST['mode']=='mine' ? 1 : 0; //if (! $user->rights->projet->all->lire) $mine=1; // Special for projects -$id = GETPOST('id'); +$id = GETPOST('id','int'); $ref= GETPOST('ref'); $withproject=GETPOST('withproject'); diff --git a/htdocs/projet/tasks/task.php b/htdocs/projet/tasks/task.php index 821ff229059..5903649c5e5 100644 --- a/htdocs/projet/tasks/task.php +++ b/htdocs/projet/tasks/task.php @@ -29,9 +29,9 @@ require_once(DOL_DOCUMENT_ROOT."/projet/class/task.class.php"); require_once(DOL_DOCUMENT_ROOT."/core/lib/project.lib.php"); require_once(DOL_DOCUMENT_ROOT."/core/class/html.formother.class.php"); -$taskid = GETPOST("id"); +$taskid = GETPOST('id','int'); $taskref = GETPOST("ref"); -$id = GETPOST('id'); +$id = GETPOST('id','int'); $ref= GETPOST('ref'); $action=GETPOST('action'); $withproject=GETPOST('withproject'); diff --git a/htdocs/projet/tasks/time.php b/htdocs/projet/tasks/time.php index bed27babac4..ac6bda48e22 100644 --- a/htdocs/projet/tasks/time.php +++ b/htdocs/projet/tasks/time.php @@ -33,7 +33,7 @@ require_once(DOL_DOCUMENT_ROOT."/core/lib/date.lib.php"); $langs->load('projects'); $taskid = isset($_GET["id"])?$_GET["id"]:''; -$id = GETPOST('id'); +$id = GETPOST('id','int'); $ref= GETPOST('ref'); $action=GETPOST('action'); $withproject=GETPOST('withproject'); diff --git a/htdocs/societe/agenda.php b/htdocs/societe/agenda.php index 330cff56858..3c033a9f80e 100644 --- a/htdocs/societe/agenda.php +++ b/htdocs/societe/agenda.php @@ -35,7 +35,7 @@ $langs->load("companies"); $mesg=isset($_GET["mesg"])?'
'.$_GET["mesg"].'
':''; // Security check -$socid = GETPOST("socid"); +$socid = GETPOST('socid','int'); if ($user->societe_id) $socid=$user->societe_id; $result = restrictedArea($user, 'societe', $socid); diff --git a/htdocs/societe/ajaxcompanies.php b/htdocs/societe/ajaxcompanies.php index 1127542dc78..49b49988eaf 100644 --- a/htdocs/societe/ajaxcompanies.php +++ b/htdocs/societe/ajaxcompanies.php @@ -50,7 +50,7 @@ dol_syslog(join(',',$_GET)); // Generation liste des societes -if (GETPOST('newcompany') || GETPOST('socid') || GETPOST('id_fourn')) +if (GETPOST('newcompany') || GETPOST('socid','int') || GETPOST('id_fourn')) { $return_arr = array(); diff --git a/htdocs/societe/document.php b/htdocs/societe/document.php index fe2ec2a24f7..792ef0e99cc 100644 --- a/htdocs/societe/document.php +++ b/htdocs/societe/document.php @@ -37,7 +37,7 @@ $mesg=''; $action = GETPOST('action'); $confirm = GETPOST('confirm'); -$socid = (GETPOST('socid') ? GETPOST('socid') : GETPOST('id')); +$socid = (GETPOST('socid','int') ? GETPOST('socid','int') : GETPOST('id','int')); // Security check if ($user->societe_id > 0) diff --git a/htdocs/societe/lien.php b/htdocs/societe/lien.php index 6ae5d7fb4dc..a8d80f2f84a 100644 --- a/htdocs/societe/lien.php +++ b/htdocs/societe/lien.php @@ -33,7 +33,7 @@ $langs->load("suppliers"); $langs->load("banks"); // Security check -$socid = GETPOST("socid"); +$socid = GETPOST('socid','int'); if ($user->societe_id) $socid=$user->societe_id; $result = restrictedArea($user, 'societe','',''); diff --git a/htdocs/societe/soc.php b/htdocs/societe/soc.php index 4ebe1a4aeb3..6145155fafa 100644 --- a/htdocs/societe/soc.php +++ b/htdocs/societe/soc.php @@ -49,7 +49,7 @@ $mesg=''; $error=0; $errors=array(); $action = (GETPOST('action') ? GETPOST('action') : 'view'); $confirm = GETPOST('confirm'); -$socid = GETPOST("socid"); +$socid = GETPOST('socid','int'); if ($user->societe_id) $socid=$user->societe_id; $object = new Societe($db); diff --git a/htdocs/societe/societe.php b/htdocs/societe/societe.php index 99f456cdd73..2403a204c02 100644 --- a/htdocs/societe/societe.php +++ b/htdocs/societe/societe.php @@ -32,7 +32,7 @@ $langs->load("customers"); $langs->load("suppliers"); // Security check -$socid = GETPOST("socid"); +$socid = GETPOST('socid','int'); if ($user->societe_id) $socid=$user->societe_id; $result = restrictedArea($user,'societe',$socid,''); diff --git a/htdocs/user/group/perms.php b/htdocs/user/group/perms.php index 9b367e7aeb4..175f005646a 100644 --- a/htdocs/user/group/perms.php +++ b/htdocs/user/group/perms.php @@ -30,7 +30,7 @@ require_once(DOL_DOCUMENT_ROOT."/core/lib/usergroups.lib.php"); $langs->load("users"); -$id=GETPOST("id"); +$id=GETPOST('id','int'); $action=GETPOST("action"); $confirm=GETPOST("confirm"); $module=GETPOST("module"); diff --git a/test/phpunit/SecurityTest.php b/test/phpunit/SecurityTest.php index f4deb98b7a3..ef231baa464 100755 --- a/test/phpunit/SecurityTest.php +++ b/test/phpunit/SecurityTest.php @@ -145,7 +145,7 @@ class SecurityTest extends PHPUnit_Framework_TestCase $_GET["param2"]='a/b#e(pr)qq-rr\cc'; $_GET["param3"]='"a/b#e(pr)qq-rr\cc'; // Same than param2 + " - $result=GETPOST("id"); // Must return nothing + $result=GETPOST('id','int'); // Must return nothing print __METHOD__." result=".$result."\n"; $this->assertEquals($result,''); From 1c4ca9b335d2e3ce5711cfe57fd7b685412f7aff Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 27 Feb 2012 22:57:19 +0100 Subject: [PATCH 34/39] New: Add hidden option MAIN_ADD_PDF_BACKGROUND to add a PDF as background of invoice/order generated PDF. --- ChangeLog | 2 ++ .../modules/commande/doc/pdf_edison.modules.php | 8 ++++++++ .../commande/doc/pdf_einstein.modules.php | 8 ++++++++ .../doc/pdf_expedition_merou.modules.php | 6 ++++++ .../doc/pdf_expedition_rouget.modules.php | 16 ++++++++++++---- .../modules/facture/doc/pdf_crabe.modules.php | 8 ++++++++ .../modules/facture/doc/pdf_oursin.modules.php | 8 ++++++++ .../modules/fichinter/doc/pdf_soleil.modules.php | 8 ++++++++ .../livraison/pdf/pdf_sirocco.modules.php | 7 +++++++ .../modules/livraison/pdf/pdf_typhon.modules.php | 7 +++++++ .../modules/propale/doc/pdf_azur.modules.php | 8 ++++++++ .../modules/propale/doc/pdf_jaune.modules.php | 8 ++++++++ .../supplier_invoice/pdf/pdf_canelle.modules.php | 8 ++++++++ .../supplier_order/pdf/pdf_muscadet.modules.php | 8 ++++++++ 14 files changed, 106 insertions(+), 4 deletions(-) diff --git a/ChangeLog b/ChangeLog index a00f52055f4..2c0e2377f61 100644 --- a/ChangeLog +++ b/ChangeLog @@ -54,8 +54,10 @@ For users: suppliers invoice, orders, customers orders, proposals and social contributions. - New: All professional id can contains up to 128 chars instead of 32. - New: [ task #176 ] Allow to use ODT templates for proposals and orders like it's done for invoices +- New: Add hidden option MAIN_ADD_PDF_BACKGROUND to add a PDF as background of invoice/order generated PDF. - Fix: Can use POS module with several concurrent users. - Fix: Installer don't fails with Mysql version that added a ssl_cypher field. +- Fix: Sanitize input parameters. For developers: - New: Can add a left menu into an existing top menu or left menu. diff --git a/htdocs/core/modules/commande/doc/pdf_edison.modules.php b/htdocs/core/modules/commande/doc/pdf_edison.modules.php index 0da4c51ca34..ed649b24c62 100644 --- a/htdocs/core/modules/commande/doc/pdf_edison.modules.php +++ b/htdocs/core/modules/commande/doc/pdf_edison.modules.php @@ -148,6 +148,12 @@ class pdf_edison extends ModelePDFCommandes $pdf->setPrintFooter(false); } $pdf->SetFont(pdf_getPDFFont($outputlangs)); + // Set path to the background PDF File + if (empty($conf->global->MAIN_DISABLE_FPDI) && ! empty($conf->global->MAIN_ADD_PDF_BACKGROUND)) + { + $pagecount = $pdf->setSourceFile($conf->mycompany->dir_output.'/'.$conf->global->MAIN_ADD_PDF_BACKGROUND); + $tplidx = $pdf->importPage(1); + } $pdf->Open(); $pagenb=0; @@ -165,6 +171,7 @@ class pdf_edison extends ModelePDFCommandes // New page $pdf->AddPage(); + if (! empty($tplidx)) $pdf->useTemplate($tplidx); $pagenb++; $this->_pagehead($pdf, $object, 1, $outputlangs); $pdf->SetFont('','', $default_font_size - 1); @@ -240,6 +247,7 @@ class pdf_edison extends ModelePDFCommandes // New page $pdf->AddPage(); + if (! empty($tplidx)) $pdf->useTemplate($tplidx); $pagenb++; $this->_pagehead($pdf, $object, 0, $outputlangs); $pdf->SetFont('','', $default_font_size - 1); diff --git a/htdocs/core/modules/commande/doc/pdf_einstein.modules.php b/htdocs/core/modules/commande/doc/pdf_einstein.modules.php index ffe6d287de8..67794b02c91 100644 --- a/htdocs/core/modules/commande/doc/pdf_einstein.modules.php +++ b/htdocs/core/modules/commande/doc/pdf_einstein.modules.php @@ -185,6 +185,12 @@ class pdf_einstein extends ModelePDFCommandes $pdf->setPrintFooter(false); } $pdf->SetFont(pdf_getPDFFont($outputlangs)); + // Set path to the background PDF File + if (empty($conf->global->MAIN_DISABLE_FPDI) && ! empty($conf->global->MAIN_ADD_PDF_BACKGROUND)) + { + $pagecount = $pdf->setSourceFile($conf->mycompany->dir_output.'/'.$conf->global->MAIN_ADD_PDF_BACKGROUND); + $tplidx = $pdf->importPage(1); + } $pdf->Open(); $pagenb=0; @@ -211,6 +217,7 @@ class pdf_einstein extends ModelePDFCommandes // New page $pdf->AddPage(); + if (! empty($tplidx)) $pdf->useTemplate($tplidx); $pagenb++; $this->_pagehead($pdf, $object, 1, $outputlangs); $pdf->SetFont('','', $default_font_size - 1); @@ -356,6 +363,7 @@ class pdf_einstein extends ModelePDFCommandes // New page $pdf->AddPage(); + if (! empty($tplidx)) $pdf->useTemplate($tplidx); $pagenb++; $this->_pagehead($pdf, $object, 0, $outputlangs); $pdf->SetFont('','', $default_font_size - 1); diff --git a/htdocs/core/modules/expedition/doc/pdf_expedition_merou.modules.php b/htdocs/core/modules/expedition/doc/pdf_expedition_merou.modules.php index 68e59eb3f40..eca5df7abd3 100644 --- a/htdocs/core/modules/expedition/doc/pdf_expedition_merou.modules.php +++ b/htdocs/core/modules/expedition/doc/pdf_expedition_merou.modules.php @@ -155,6 +155,12 @@ Class pdf_expedition_merou extends ModelePdfExpedition $pdf->setPrintFooter(false); } $pdf->SetFont(pdf_getPDFFont($outputlangs)); + // Set path to the background PDF File + if (empty($conf->global->MAIN_DISABLE_FPDI) && ! empty($conf->global->MAIN_ADD_PDF_BACKGROUND)) + { + $pagecount = $pdf->setSourceFile($conf->mycompany->dir_output.'/'.$conf->global->MAIN_ADD_PDF_BACKGROUND); + $tplidx = $pdf->importPage(1); + } $pdf->Open(); $pagenb=0; diff --git a/htdocs/core/modules/expedition/doc/pdf_expedition_rouget.modules.php b/htdocs/core/modules/expedition/doc/pdf_expedition_rouget.modules.php index 22a8b55ca60..4a813247a3b 100644 --- a/htdocs/core/modules/expedition/doc/pdf_expedition_rouget.modules.php +++ b/htdocs/core/modules/expedition/doc/pdf_expedition_rouget.modules.php @@ -74,10 +74,11 @@ Class pdf_expedition_rouget extends ModelePdfExpedition } /** - * \brief Fonction generant le document sur le disque - * \param object Objet expedition a generer (ou id si ancienne methode) - * \param outputlangs Lang output object - * \return int 1=ok, 0=ko + * Fonction generant le document sur le disque + * + * @param object Objet expedition a generer (ou id si ancienne methode) + * @param outputlangs Lang output object + * @return int 1=ok, 0=ko */ function write_file(&$object, $outputlangs) { @@ -133,6 +134,12 @@ Class pdf_expedition_rouget extends ModelePdfExpedition $pdf->setPrintFooter(false); } $pdf->SetFont(pdf_getPDFFont($outputlangs)); + // Set path to the background PDF File + if (empty($conf->global->MAIN_DISABLE_FPDI) && ! empty($conf->global->MAIN_ADD_PDF_BACKGROUND)) + { + $pagecount = $pdf->setSourceFile($conf->mycompany->dir_output.'/'.$conf->global->MAIN_ADD_PDF_BACKGROUND); + $tplidx = $pdf->importPage(1); + } $pdf->Open(); $pagenb=0; @@ -152,6 +159,7 @@ Class pdf_expedition_rouget extends ModelePdfExpedition // New page $pdf->AddPage(); + if (! empty($tplidx)) $pdf->useTemplate($tplidx); $pagenb++; $this->_pagehead($pdf, $object, 1, $outputlangs); $pdf->SetFont('','', $default_font_size - 1); diff --git a/htdocs/core/modules/facture/doc/pdf_crabe.modules.php b/htdocs/core/modules/facture/doc/pdf_crabe.modules.php index fb7e0ee8b80..01002ddf9f9 100755 --- a/htdocs/core/modules/facture/doc/pdf_crabe.modules.php +++ b/htdocs/core/modules/facture/doc/pdf_crabe.modules.php @@ -185,6 +185,12 @@ class pdf_crabe extends ModelePDFFactures $pdf->setPrintFooter(false); } $pdf->SetFont(pdf_getPDFFont($outputlangs)); + // Set path to the background PDF File + if (empty($conf->global->MAIN_DISABLE_FPDI) && ! empty($conf->global->MAIN_ADD_PDF_BACKGROUND)) + { + $pagecount = $pdf->setSourceFile($conf->mycompany->dir_output.'/'.$conf->global->MAIN_ADD_PDF_BACKGROUND); + $tplidx = $pdf->importPage(1); + } $pdf->Open(); $pagenb=0; @@ -211,6 +217,7 @@ class pdf_crabe extends ModelePDFFactures // New page $pdf->AddPage(); + if (! empty($tplidx)) $pdf->useTemplate($tplidx); $pagenb++; $this->_pagehead($pdf, $object, 1, $outputlangs); $pdf->SetFont('','', $default_font_size - 1); @@ -360,6 +367,7 @@ class pdf_crabe extends ModelePDFFactures // New page $pdf->AddPage(); + if (! empty($tplidx)) $pdf->useTemplate($tplidx); $pagenb++; $this->_pagehead($pdf, $object, 0, $outputlangs); $pdf->SetFont('','', $default_font_size - 1); diff --git a/htdocs/core/modules/facture/doc/pdf_oursin.modules.php b/htdocs/core/modules/facture/doc/pdf_oursin.modules.php index a4e96ce799f..db3cc2218b6 100755 --- a/htdocs/core/modules/facture/doc/pdf_oursin.modules.php +++ b/htdocs/core/modules/facture/doc/pdf_oursin.modules.php @@ -174,6 +174,12 @@ class pdf_oursin extends ModelePDFFactures $pdf->setPrintFooter(false); } $pdf->SetFont(pdf_getPDFFont($outputlangs)); + // Set path to the background PDF File + if (empty($conf->global->MAIN_DISABLE_FPDI) && ! empty($conf->global->MAIN_ADD_PDF_BACKGROUND)) + { + $pagecount = $pdf->setSourceFile($conf->mycompany->dir_output.'/'.$conf->global->MAIN_ADD_PDF_BACKGROUND); + $tplidx = $pdf->importPage(1); + } $pdf->Open(); $pagenb=0; @@ -191,6 +197,7 @@ class pdf_oursin extends ModelePDFFactures // New page $pdf->AddPage(); + if (! empty($tplidx)) $pdf->useTemplate($tplidx); $pagenb++; $this->_pagehead($pdf, $object, 1, $outputlangs); $pdf->SetFont('','', $default_font_size - 1); @@ -260,6 +267,7 @@ class pdf_oursin extends ModelePDFFactures // New page $pdf->AddPage(); + if (! empty($tplidx)) $pdf->useTemplate($tplidx); $pagenb++; $this->_pagehead($pdf, $object, 0, $outputlangs); $pdf->SetFont('','', $default_font_size - 1); diff --git a/htdocs/core/modules/fichinter/doc/pdf_soleil.modules.php b/htdocs/core/modules/fichinter/doc/pdf_soleil.modules.php index ea0e332b1b9..a173051ec76 100644 --- a/htdocs/core/modules/fichinter/doc/pdf_soleil.modules.php +++ b/htdocs/core/modules/fichinter/doc/pdf_soleil.modules.php @@ -142,6 +142,12 @@ class pdf_soleil extends ModelePDFFicheinter $pdf->setPrintFooter(false); } $pdf->SetFont(pdf_getPDFFont($outputlangs)); + // Set path to the background PDF File + if (empty($conf->global->MAIN_DISABLE_FPDI) && ! empty($conf->global->MAIN_ADD_PDF_BACKGROUND)) + { + $pagecount = $pdf->setSourceFile($conf->mycompany->dir_output.'/'.$conf->global->MAIN_ADD_PDF_BACKGROUND); + $tplidx = $pdf->importPage(1); + } $pdf->Open(); $pagenb=0; @@ -159,6 +165,7 @@ class pdf_soleil extends ModelePDFFicheinter // New page $pdf->AddPage(); + if (! empty($tplidx)) $pdf->useTemplate($tplidx); $pagenb++; $this->_pagehead($pdf, $object, 1, $outputlangs); $pdf->SetTextColor(0,0,0); @@ -289,6 +296,7 @@ class pdf_soleil extends ModelePDFFicheinter // New page $pdf->AddPage(); + if (! empty($tplidx)) $pdf->useTemplate($tplidx); $pagenb++; $this->_pagehead($pdf, $object, 0, $outputlangs); $pdf->SetFont('','', $default_font_size - 1); diff --git a/htdocs/core/modules/livraison/pdf/pdf_sirocco.modules.php b/htdocs/core/modules/livraison/pdf/pdf_sirocco.modules.php index 860cabb1fea..e401d748da7 100644 --- a/htdocs/core/modules/livraison/pdf/pdf_sirocco.modules.php +++ b/htdocs/core/modules/livraison/pdf/pdf_sirocco.modules.php @@ -126,6 +126,12 @@ class pdf_sirocco extends ModelePDFDeliveryOrder $pdf->setPrintFooter(false); } $pdf->SetFont(pdf_getPDFFont($outputlangs)); + // Set path to the background PDF File + if (empty($conf->global->MAIN_DISABLE_FPDI) && ! empty($conf->global->MAIN_ADD_PDF_BACKGROUND)) + { + $pagecount = $pdf->setSourceFile($conf->mycompany->dir_output.'/'.$conf->global->MAIN_ADD_PDF_BACKGROUND); + $tplidx = $pdf->importPage(1); + } // Complete object by loading several other informations $expedition=new Expedition($this->db); @@ -155,6 +161,7 @@ class pdf_sirocco extends ModelePDFDeliveryOrder // New page $pdf->AddPage(); + if (! empty($tplidx)) $pdf->useTemplate($tplidx); $pagenb++; $this->_pagehead($pdf, $object, 1, $outputlangs); $pdf->SetFont('','', $default_font_size - 1); diff --git a/htdocs/core/modules/livraison/pdf/pdf_typhon.modules.php b/htdocs/core/modules/livraison/pdf/pdf_typhon.modules.php index 361e9b0c168..dc129126ccb 100644 --- a/htdocs/core/modules/livraison/pdf/pdf_typhon.modules.php +++ b/htdocs/core/modules/livraison/pdf/pdf_typhon.modules.php @@ -148,6 +148,12 @@ class pdf_typhon extends ModelePDFDeliveryOrder $pdf->setPrintFooter(false); } $pdf->SetFont(pdf_getPDFFont($outputlangs)); + // Set path to the background PDF File + if (empty($conf->global->MAIN_DISABLE_FPDI) && ! empty($conf->global->MAIN_ADD_PDF_BACKGROUND)) + { + $pagecount = $pdf->setSourceFile($conf->mycompany->dir_output.'/'.$conf->global->MAIN_ADD_PDF_BACKGROUND); + $tplidx = $pdf->importPage(1); + } // Complete object by loading several other informations $expedition=new Expedition($this->db); @@ -188,6 +194,7 @@ class pdf_typhon extends ModelePDFDeliveryOrder // New page $pdf->AddPage(); + if (! empty($tplidx)) $pdf->useTemplate($tplidx); $pagenb++; $this->_pagehead($pdf, $object, 1, $outputlangs); $pdf->SetFont('','', $default_font_size - 1); diff --git a/htdocs/core/modules/propale/doc/pdf_azur.modules.php b/htdocs/core/modules/propale/doc/pdf_azur.modules.php index 227a354aa66..0a710b986c4 100644 --- a/htdocs/core/modules/propale/doc/pdf_azur.modules.php +++ b/htdocs/core/modules/propale/doc/pdf_azur.modules.php @@ -170,6 +170,12 @@ class pdf_azur extends ModelePDFPropales $pdf->setPrintFooter(false); } $pdf->SetFont(pdf_getPDFFont($outputlangs)); + // Set path to the background PDF File + if (empty($conf->global->MAIN_DISABLE_FPDI) && ! empty($conf->global->MAIN_ADD_PDF_BACKGROUND)) + { + $pagecount = $pdf->setSourceFile($conf->mycompany->dir_output.'/'.$conf->global->MAIN_ADD_PDF_BACKGROUND); + $tplidx = $pdf->importPage(1); + } $pdf->Open(); $pagenb=0; @@ -196,6 +202,7 @@ class pdf_azur extends ModelePDFPropales // New page $pdf->AddPage(); + if (! empty($tplidx)) $pdf->useTemplate($tplidx); $pagenb++; $this->_pagehead($pdf, $object, 1, $outputlangs); $pdf->SetFont('','', $default_font_size - 1); @@ -341,6 +348,7 @@ class pdf_azur extends ModelePDFPropales // New page $pdf->AddPage(); + if (! empty($tplidx)) $pdf->useTemplate($tplidx); $pagenb++; $this->_pagehead($pdf, $object, 0, $outputlangs); $pdf->SetFont('','', $default_font_size - 1); diff --git a/htdocs/core/modules/propale/doc/pdf_jaune.modules.php b/htdocs/core/modules/propale/doc/pdf_jaune.modules.php index b4c5f485542..2873569fab9 100644 --- a/htdocs/core/modules/propale/doc/pdf_jaune.modules.php +++ b/htdocs/core/modules/propale/doc/pdf_jaune.modules.php @@ -170,6 +170,12 @@ class pdf_jaune extends ModelePDFPropales $pdf->setPrintFooter(false); } $pdf->SetFont(pdf_getPDFFont($outputlangs)); + // Set path to the background PDF File + if (empty($conf->global->MAIN_DISABLE_FPDI) && ! empty($conf->global->MAIN_ADD_PDF_BACKGROUND)) + { + $pagecount = $pdf->setSourceFile($conf->mycompany->dir_output.'/'.$conf->global->MAIN_ADD_PDF_BACKGROUND); + $tplidx = $pdf->importPage(1); + } $pdf->Open(); $pagenb=0; @@ -196,6 +202,7 @@ class pdf_jaune extends ModelePDFPropales // New page $pdf->AddPage(); + if (! empty($tplidx)) $pdf->useTemplate($tplidx); $pagenb++; $this->_pagehead($pdf, $object, 1, $outputlangs); $pdf->SetFont('','', $default_font_size - 1); @@ -341,6 +348,7 @@ class pdf_jaune extends ModelePDFPropales // New page $pdf->AddPage(); + if (! empty($tplidx)) $pdf->useTemplate($tplidx); $pagenb++; $this->_pagehead($pdf, $object, 0, $outputlangs); $pdf->SetFont('','', $default_font_size - 1); diff --git a/htdocs/core/modules/supplier_invoice/pdf/pdf_canelle.modules.php b/htdocs/core/modules/supplier_invoice/pdf/pdf_canelle.modules.php index cda3b1d39fd..4cd34062c50 100755 --- a/htdocs/core/modules/supplier_invoice/pdf/pdf_canelle.modules.php +++ b/htdocs/core/modules/supplier_invoice/pdf/pdf_canelle.modules.php @@ -177,6 +177,12 @@ class pdf_canelle extends ModelePDFSuppliersInvoices $pdf->setPrintFooter(false); } $pdf->SetFont(pdf_getPDFFont($outputlangs)); + // Set path to the background PDF File + if (empty($conf->global->MAIN_DISABLE_FPDI) && ! empty($conf->global->MAIN_ADD_PDF_BACKGROUND)) + { + $pagecount = $pdf->setSourceFile($conf->mycompany->dir_output.'/'.$conf->global->MAIN_ADD_PDF_BACKGROUND); + $tplidx = $pdf->importPage(1); + } $pdf->Open(); $pagenb=0; @@ -203,6 +209,7 @@ class pdf_canelle extends ModelePDFSuppliersInvoices // New page $pdf->AddPage(); + if (! empty($tplidx)) $pdf->useTemplate($tplidx); $pagenb++; $this->_pagehead($pdf, $object, 1, $outputlangs); $pdf->SetFont('','', $default_font_size - 1); @@ -347,6 +354,7 @@ class pdf_canelle extends ModelePDFSuppliersInvoices // New page $pdf->AddPage(); + if (! empty($tplidx)) $pdf->useTemplate($tplidx); $pagenb++; $this->_pagehead($pdf, $object, 0, $outputlangs); $pdf->SetFont('','', $default_font_size - 1); diff --git a/htdocs/core/modules/supplier_order/pdf/pdf_muscadet.modules.php b/htdocs/core/modules/supplier_order/pdf/pdf_muscadet.modules.php index 096cdaae868..257b44340fb 100644 --- a/htdocs/core/modules/supplier_order/pdf/pdf_muscadet.modules.php +++ b/htdocs/core/modules/supplier_order/pdf/pdf_muscadet.modules.php @@ -183,6 +183,12 @@ class pdf_muscadet extends ModelePDFSuppliersOrders $pdf->setPrintFooter(false); } $pdf->SetFont(pdf_getPDFFont($outputlangs)); + // Set path to the background PDF File + if (empty($conf->global->MAIN_DISABLE_FPDI) && ! empty($conf->global->MAIN_ADD_PDF_BACKGROUND)) + { + $pagecount = $pdf->setSourceFile($conf->mycompany->dir_output.'/'.$conf->global->MAIN_ADD_PDF_BACKGROUND); + $tplidx = $pdf->importPage(1); + } $pdf->Open(); $pagenb=0; @@ -209,6 +215,7 @@ class pdf_muscadet extends ModelePDFSuppliersOrders // New page $pdf->AddPage(); + if (! empty($tplidx)) $pdf->useTemplate($tplidx); $pagenb++; $this->_pagehead($pdf, $object, 1, $outputlangs); $pdf->SetFont('','', $default_font_size - 1); @@ -353,6 +360,7 @@ class pdf_muscadet extends ModelePDFSuppliersOrders // New page $pdf->AddPage(); + if (! empty($tplidx)) $pdf->useTemplate($tplidx); $pagenb++; $this->_pagehead($pdf, $object, 0, $outputlangs); $pdf->SetFont('','', $default_font_size - 1); From 5e32fc70ad0cc9f8e02b85fee89f8caf575efa24 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Tue, 28 Feb 2012 16:48:18 +0100 Subject: [PATCH 35/39] Fix: action must always be provided as value can be change during actions --- .../canvas/default/tpl/contactcard_view.tpl.php | 3 +-- htdocs/contact/fiche.php | 6 ++++-- htdocs/core/class/canvas.class.php | 16 ++++++++-------- htdocs/product/fiche.php | 2 +- htdocs/societe/soc.php | 4 ++-- 5 files changed, 16 insertions(+), 15 deletions(-) diff --git a/htdocs/contact/canvas/default/tpl/contactcard_view.tpl.php b/htdocs/contact/canvas/default/tpl/contactcard_view.tpl.php index 20e8f544bb4..53531c72d0e 100644 --- a/htdocs/contact/canvas/default/tpl/contactcard_view.tpl.php +++ b/htdocs/contact/canvas/default/tpl/contactcard_view.tpl.php @@ -17,7 +17,6 @@ */ $contact = $GLOBALS['objcanvas']->control->object; - ?> @@ -98,7 +97,7 @@ dol_htmloutput_errors($this->control->tpl['error'],$this->control->tpl['errors'] control->tpl['email']; ?> control->tpl['nb_emailing']) { ?> trans("NbOfEMailingsReceived"); ?> - control->tpl['nb_emailing']; ?> + control->tpl['nb_emailing']; ?>   diff --git a/htdocs/contact/fiche.php b/htdocs/contact/fiche.php index 6021767dbae..d50dd537181 100644 --- a/htdocs/contact/fiche.php +++ b/htdocs/contact/fiche.php @@ -249,10 +249,12 @@ if (empty($reshook)) { $object->old_name=''; $object->old_firstname=''; + $action = 'view'; } else { $error=$object->error; $errors=$object->errors; + $action = 'edit'; } } } @@ -277,7 +279,7 @@ if ($socid > 0) $objsoc->fetch($socid); } -if (is_object($objcanvas) && $objcanvas->displayCanvasExists()) +if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { // ----------------------------------------- // When used with CANVAS @@ -288,7 +290,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists()) $object->fetch($id); // For use with "pure canvas" (canvas that contains templates only) } $objcanvas->assign_values($action, $id); // Set value for templates - $objcanvas->display_canvas(); // Show template + $objcanvas->display_canvas($action); // Show template } else { diff --git a/htdocs/core/class/canvas.class.php b/htdocs/core/class/canvas.class.php index a2b88dc7572..6caf410ee85 100644 --- a/htdocs/core/class/canvas.class.php +++ b/htdocs/core/class/canvas.class.php @@ -50,9 +50,9 @@ class Canvas * @param DoliDB $DB Database handler * @param string $actiontype Action type ('create', 'view', 'edit', 'list') */ - function __construct($DB, $actiontype='view') + function __construct($db, $actiontype='view') { - $this->db = $DB; + $this->db = $db; $this->actiontype = $actiontype; if ($this->actiontype == 'add') $this->actiontype='create'; @@ -128,11 +128,11 @@ class Canvas * * @return int 0=Canvas template file does not exist, 1=Canvas template file exists */ - function displayCanvasExists() - { + function displayCanvasExists($action) + { if (empty($this->template_dir)) return 0; - //print $this->template_dir.($this->card?$this->card.'_':'').$this->actiontype.'.tpl.php'; - if (file_exists($this->template_dir.($this->card?$this->card.'_':'').$this->actiontype.'.tpl.php')) return 1; + + if (file_exists($this->template_dir.($this->card?$this->card.'_':'').$this->action.'.tpl.php')) return 1; else return 0; } @@ -142,12 +142,12 @@ class Canvas * * @return void */ - function display_canvas() + function display_canvas($action) { global $db, $conf, $langs, $user, $canvas; global $form, $formfile; - include($this->template_dir.($this->card?$this->card.'_':'').$this->actiontype.'.tpl.php'); // Include native PHP template + include($this->template_dir.($this->card?$this->card.'_':'').$this->action.'.tpl.php'); // Include native PHP template } diff --git a/htdocs/product/fiche.php b/htdocs/product/fiche.php index 5f5e5074e7f..d6360b1dd6f 100644 --- a/htdocs/product/fiche.php +++ b/htdocs/product/fiche.php @@ -661,7 +661,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) $object->fetch($id, $ref); // For use with "pure canvas" (canvas that contains templates only) } $objcanvas->assign_values($action, $id, $ref); // Set value for templates - $objcanvas->display_canvas(); // Show template + $objcanvas->display_canvas($action); // Show template } else { diff --git a/htdocs/societe/soc.php b/htdocs/societe/soc.php index 6145155fafa..0ba5c8e23fb 100644 --- a/htdocs/societe/soc.php +++ b/htdocs/societe/soc.php @@ -468,7 +468,7 @@ $formcompany = new FormCompany($db); $countrynotdefined=$langs->trans("ErrorSetACountryFirst").' ('.$langs->trans("SeeAbove").')'; -if (is_object($objcanvas) && $objcanvas->displayCanvasExists()) +if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { // ----------------------------------------- // When used with CANVAS @@ -479,7 +479,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists()) $object->fetch($socid); // For use with "pure canvas" (canvas that contains templates only) } $objcanvas->assign_values($action, $socid); // Set value for templates - $objcanvas->display_canvas(); // Show template + $objcanvas->display_canvas($action); // Show template } else { From 508e77e5505a893ace5199f48cc08c7bdede3bd2 Mon Sep 17 00:00:00 2001 From: simnandez Date: Tue, 28 Feb 2012 18:50:52 +0100 Subject: [PATCH 36/39] Trad: Add missing translations --- htdocs/langs/ca_ES/admin.lang | 10 +++++++++- htdocs/langs/ca_ES/compta.lang | 2 +- htdocs/langs/ca_ES/errors.lang | 4 +++- htdocs/langs/ca_ES/main.lang | 11 +++++++++++ htdocs/langs/es_ES/admin.lang | 11 ++++++++--- htdocs/langs/es_ES/compta.lang | 2 +- htdocs/langs/es_ES/errors.lang | 2 ++ htdocs/langs/es_ES/main.lang | 10 ++++++++++ 8 files changed, 45 insertions(+), 7 deletions(-) diff --git a/htdocs/langs/ca_ES/admin.lang b/htdocs/langs/ca_ES/admin.lang index f67c7d64036..71a131af213 100644 --- a/htdocs/langs/ca_ES/admin.lang +++ b/htdocs/langs/ca_ES/admin.lang @@ -19,6 +19,7 @@ ConfirmLockNewSessions=Esteu segur de voler restringir l'accés a Dolibarr al se UnlockNewSessions=Eliminar bloqueig de connexions YourSession=La seva sessió Sessions=Sessions d'usuaris +WebUserGroup=Servidor web usuari/grup NoSessionFound=Sembla que el seu PHP no pot llistar les sessions actives. El directori de salvaguardat de sessions (%s) pot estar protegit (per exemple, pels permisos del sistema operatiu o per la directiva open_basedir del seu PHP) HTMLCharset=Charset de les pàgines HTML DBStoringCharset=Charset base de dades per emmagatzematge de dades @@ -168,6 +169,7 @@ Datas=Dades NameColumn=Nom de les columnes ExtendedInsert=Instruccions INSERT esteses DelayedInsert=Insercions amb retard +NoLockBeforeInsert=Sense intrucció LOCK abans del INSERT EncodeBinariesInHexa=Codificar els camps binaris en hexacesimal IgnoreDuplicateRecords=Ignorar els errors de duplicació (INSERT IGNORE) Yes=Sí @@ -370,8 +372,10 @@ Module80Name=Expedicions Module80Desc=Gestió d'expedicions i recepcions Module85Name=Bancs i caixes Module85Desc=Gestió dels comptes financers de tipus comptes bancaris, postals o efectiu -Module100Name=ExternalSite +Module100Name=External site Module100Desc=Inclou qualsevol lloc web extern en els menús de Dolibarr, veient-lo en un frame +Module105Name=Mailman i Sip +Module105Desc=Interface amb Mailman o Spip per al mòdul Membres Module200Name=LDAP Module200Desc=sincronització amb un anuari LDAP Module210Name=PostNuke @@ -865,6 +869,10 @@ ExtraFields=Atributs addicionals ExtraFieldHasWrongValue=L'atribut %s te un valor incorrecte. SendingMailSetup=Configuració de l'enviament per mail SendmailOptionNotComplete=Atenció, en alguns sistemes Linux, amb aquest mètode d'enviament, per poder enviar mails en nom seu, la configuració de sendmail ha de contenir l'opció -ba (paràmetre mail.force_extra_parameters a l'arxiu php.ini). Si alguns dels seus destinataris no reben els seus missatges, proveu de modificar aquest paràmetre PHP amb mail.force_extra_parameters =-ba . +PathToDocuments=Rutes d'accés a documents +PathDirectory=Directori +SendmailOptionMayHurtBuggedMTA=La funcionalitat d'enviar correu electrònic a través del "correu directe PHP" genera una sol·licitud que pot ser mal interpretada per alguns servidors de correu. Això es tradueix en missatges de correu electrònic il·legibles per a les persones allotjades en aquestes plataformes. Aquest és el cas de clients en certs proveïdors de serveis d'Internet (Ex: Orange). Això no és un problema ni de Dolibarr ni de PHP, però sí del servidor de correu. No obstant això, podeu afegir l'opció MAIN_FIX_FOR_BUGGED_MTA amb valor 1 en configuració-varis per tractar que Dolibarr eviti l'error. Una altra solució (recomanada) és utilitzar el mètode d'enviament per SMTP que no té aquest inconvenient. + ##### Module password generation PasswordGenerationStandard=Retorna una contrasenya generada per l'algoritme intern Dolibarr: 8 caràcters, números i caràcters en minúscules barrejades. PasswordGenerationNone=No ofereix contrasenyes. La contrasenya s'introdueix manualment. diff --git a/htdocs/langs/ca_ES/compta.lang b/htdocs/langs/ca_ES/compta.lang index 5f099381a98..24f410badb2 100644 --- a/htdocs/langs/ca_ES/compta.lang +++ b/htdocs/langs/ca_ES/compta.lang @@ -48,7 +48,7 @@ ToGetBack=A recuperar TaxAndDividendsArea=Àrea impostos, càrregues socials i dividends SocialContribution=Càrrega social SocialContributions=Càrregues socials -MenuTaxAndDividends=Impostos i dividends +MenuTaxAndDividends=Impostos i càrregues MenuSocialContributions=Càrregues socials MenuNewSocialContribution=Nova càrrega NewSocialContribution=Nova càrrega social diff --git a/htdocs/langs/ca_ES/errors.lang b/htdocs/langs/ca_ES/errors.lang index 70153f88163..e086b1ffdd6 100644 --- a/htdocs/langs/ca_ES/errors.lang +++ b/htdocs/langs/ca_ES/errors.lang @@ -1,7 +1,7 @@ # Dolibarr language file - ca_ES - errors CHARSET=UTF-8 MenuManager=Gestor de menú -# Errors=undefined= +# Errors Error=Error Errors=Errors ErrorBadEMail=e-mail %s incorrecte @@ -10,6 +10,7 @@ ErrorLoginAlreadyExists=El login %s ja existeix. ErrorGroupAlreadyExists=El grup %s ja existeix. ErrorRecordNotFound=Registre no trobat ErrorDuplicateTrigger=Un arxiu trigger de nom '%s' està carregat. Treure el doble de la carpeta '%s'. +ErrorFailToCopyFile=Error al copiar l'arxiu '%s' a '%s'. ErrorFailToRenameFile=Error al renomenar l'arxiu '%s' a '%s'. ErrorFailToCreateFile=Error al crear l'arxiu '%s' ErrorFailToDeleteFile=Error al suprimir el fitxer '%s'. @@ -102,6 +103,7 @@ ErrorLoginHasNoEmail=Aquest usuari no té e-mail. Impossible continuar. ErrorBadValueForCode=Valor no vàlid per al codi. Torneu a intentar-ho amb un nou valor ... ErrorBothFieldCantBeNegative=Els camps %s i %s no poden ser negatius ErrorNoActivatedBarcode=Cap tipus de codi de barres activat +ErrorWebServerUserHasNotPermission=El compte d'execució del servidor web %s no disposa dels permisos per això # Warnings WarningSafeModeOnCheckExecDir=Atenció, està activada l'opció PHP safe_mode, la comanda ha d'estar dins d'un directori declarat dins del paràmetre php safe_mode_exec_dir. diff --git a/htdocs/langs/ca_ES/main.lang b/htdocs/langs/ca_ES/main.lang index fb34a2976a3..59f7f3e2bfc 100644 --- a/htdocs/langs/ca_ES/main.lang +++ b/htdocs/langs/ca_ES/main.lang @@ -330,6 +330,7 @@ ActionDoneShort=Acabat CompanyFoundation=Empresa o institució ContactsForCompany=Contactes/adreces d'aquest tercer ActionsOnCompany=Esdeveniments respecte aquest tercer +ActionsOnMember=Esdeveniments respecte aquest membre NActions=%s esdeveniments NActionsLate=%s en retard Filter=Filtre @@ -607,6 +608,16 @@ URLPhoto=Url de la foto/logo SetLinkToThirdParty=Vincular a un altre tercer CreateDraft=Crea esborrany ClickToEdit=Clic per a editar +ObjectDeleted=Objecte %s eliminat +ByCountry=Per país +ByTown=Per població +ByDate=Per data +ByMonthYear=Per mes/any +ByYear=Per any +ByMonth=Per mes +ByDay=Per dia +BySalesRepresentative=Per comercial + # Week day Monday=Dilluns diff --git a/htdocs/langs/es_ES/admin.lang b/htdocs/langs/es_ES/admin.lang index 1e4ddc292f0..4104ffd7dd2 100644 --- a/htdocs/langs/es_ES/admin.lang +++ b/htdocs/langs/es_ES/admin.lang @@ -19,6 +19,7 @@ ConfirmLockNewSessions=¿Está seguro de querer restringir el acceso a Dolibarr UnlockNewSessions=Eliminar bloqueo de conexiones YourSession=Su sesión Sessions=Sesiones de usuarios +WebUserGroup=Servidor web usuario/grupo NoSessionFound=Parece que su PHP no puede listar las sesiones activas. El directorio de salvaguardado de sesiones (%s) puede estar protegido (por ejemplo, por los permisos del sistema operativo o por la directiva open_basedir de su PHP). HTMLCharset=Charset de las páginas HTML DBStoringCharset=Charset base de datos para almacenamiento de datos @@ -167,6 +168,7 @@ AddDropTable=Añadir órdenes DROP TABLE Datas=Datos NameColumn=Nombre las columnas ExtendedInsert=Instrucciones INSERT extendidas +NoLockBeforeInsert=Sin intrucción LOCK antes del INSERT DelayedInsert=Inserciones con retraso EncodeBinariesInHexa=Codificar los campos binarios en hexadecimal IgnoreDuplicateRecords=Ignorar los errores de duplicación (INSERT IGNORE) @@ -370,8 +372,10 @@ Module80Name=Expediciones Module80Desc=Gestión de expediciones y recepciones Module85Name=Bancos y cajas Module85Desc=Gestión de las cuentas financieras de tipo cuentas bancarias, postales o efectivo -Module100Name=ExternalSite +Module100Name=External site Module100Desc=Incluye cualquier sitio web externo en los menús de Dolibarr, viéndolo en un frame +Module105Name=Mailman y Sip +Module105Desc=Interface con Mailman o Spip para el módulo Miembros Module200Name=LDAP Module200Desc=sincronización con un anuario LDAP Module210Name=PostNuke @@ -866,8 +870,9 @@ ExtraFieldHasWrongValue=El atributo %s tiene un valor incorrecto. SendingMailSetup=Configuració de l'enviament per mail SendmailOptionNotComplete=Atención, en algunos sistemas Linux, con este método de envio, para poder enviar mails en su nombre, la configuración de sendmail debe contener la opción -ba (parámetro mail.force_extra_parameters en el archivo php.ini). Si algunos de sus destinatarios no reciben sus mensajes, pruebe a modificar este parámetro PHP con mail.force_extra_parameters=-ba. PathToDocuments=Rutas de acceso a documentos -PathDirectory=Catálogo -##### Module password generation= undefined= +PathDirectory=Directorio +SendmailOptionMayHurtBuggedMTA=La funcionalidad de enviar correo electrónico a través del "correo directo PHP" genera una solicitud que puede ser mal interpretado por algunos servidores de correo. Esto se traduce en mensajes de correo electrónico ilegibles para las personas alojadas en estas plataformas. Este es el caso de clientes en ciertos proveedores de servicios de Internet (Ej: Orange). Esto no es un problema ni de Dolibarr ni de PHP, pero sí del servidor de correo. Sin embargo, puede agregar la opción MAIN_FIX_FOR_BUGGED_MTA con valor 1 en configuración-varios para tratar que Dolibarr evite el error. Otra solución (recomendada) es utilizar el método de envío por SMTP que no tiene este inconveniente. +##### Module password generation PasswordGenerationStandard=Devuelve una contraseña generada por el algoritmo interno Dolibarr: 8 caracteres, números y caracteres en minúsculas mezcladas. PasswordGenerationNone=No ofrece contraseñas. La contraseña se introduce manualmente. ##### Users setup ##### diff --git a/htdocs/langs/es_ES/compta.lang b/htdocs/langs/es_ES/compta.lang index 3a59b93ea84..b92ae7380b9 100644 --- a/htdocs/langs/es_ES/compta.lang +++ b/htdocs/langs/es_ES/compta.lang @@ -48,7 +48,7 @@ ToGetBack=A recuperar TaxAndDividendsArea=Área impuestos, cargas sociales y dividendos SocialContribution=Carga social SocialContributions=Cargas sociales -MenuTaxAndDividends=Impuestos y dividendos +MenuTaxAndDividends=Impuestos y cargas MenuSocialContributions=Cargas sociales MenuNewSocialContribution=Nueva carga NewSocialContribution=Nueva carga social diff --git a/htdocs/langs/es_ES/errors.lang b/htdocs/langs/es_ES/errors.lang index f4bcee3f9e2..fd1765a345f 100644 --- a/htdocs/langs/es_ES/errors.lang +++ b/htdocs/langs/es_ES/errors.lang @@ -10,6 +10,7 @@ ErrorLoginAlreadyExists=El login %s ya existe. ErrorGroupAlreadyExists=El grupo %s ya existe. ErrorRecordNotFound=Registro no encontrado ErrorDuplicateTrigger=Un archivo trigger de nombre '%s' está cargado. Elimine el doble del directorio '%s'. +ErrorFailToCopyFile=Error al copiar el archivo '%s' en '%s'. ErrorFailToRenameFile=Error al renombrar el archivo '%s' a '%s'. ErrorFailToCreateFile=Error al crear el archivo '%s' ErrorFailToDeleteFile=Error al eliminar el archivo '%s'. @@ -102,6 +103,7 @@ ErrorLoginHasNoEmail=Este usuario no tiene e-mail. Imposible continuar. ErrorBadValueForCode=Valor incorrecto para el código. Vuelva a intentar con un nuevo valor... ErrorBothFieldCantBeNegative=Los campos %s y %s no pueden ser negativos ErrorNoActivatedBarcode=Ningún tipo de código de barra activado +ErrorWebServerUserHasNotPermission=La cuenta de ejecución del servidor web %s no dispone de los permisos para esto # Warnings WarningSafeModeOnCheckExecDir=Atención, está activada la opción PHP safe_mode, el comando deberá estar dentro de un directorio declarado dentro del parámetro php safe_mode_exec_dir. diff --git a/htdocs/langs/es_ES/main.lang b/htdocs/langs/es_ES/main.lang index 6c6a579d777..92e37752683 100644 --- a/htdocs/langs/es_ES/main.lang +++ b/htdocs/langs/es_ES/main.lang @@ -330,6 +330,7 @@ ActionDoneShort=Terminado CompanyFoundation=Empresa o institución ContactsForCompany=Contactos/direcciones de este tercero ActionsOnCompany=Eventos respecto a este tercero +ActionsOnMember=Eventos respecto a este miembro NActions=%s eventos NActionsLate=%s en retraso Filter=Filtro @@ -607,6 +608,15 @@ URLPhoto=Url de la foto/logo SetLinkToThirdParty=Vincular a otro tercero CreateDraft=Crear borrador ClickToEdit=Clic para editar +ObjectDeleted=Objeto %s eliminado +ByCountry=Par país +ByTown=Por población +ByDate=Por fecha +ByMonthYear=Por mes/año +ByYear=Por año +ByMonth=Por mes +ByDay=Por día +BySalesRepresentative=Por comercial # Week day Monday=Lunes From ffc492ba1f7a9cc41a64c582a84f2f3213ebb0fc Mon Sep 17 00:00:00 2001 From: Regis Houssin Date: Tue, 28 Feb 2012 19:18:24 +0100 Subject: [PATCH 37/39] Fix: security --- htdocs/categories/fiche.php | 14 +++++++------- htdocs/core/lib/security2.lib.php | 2 +- htdocs/public/demo/index.php | 2 +- 3 files changed, 9 insertions(+), 9 deletions(-) diff --git a/htdocs/categories/fiche.php b/htdocs/categories/fiche.php index 893afea90e3..6cc51539721 100644 --- a/htdocs/categories/fiche.php +++ b/htdocs/categories/fiche.php @@ -34,13 +34,13 @@ $langs->load("categories"); $socid=GETPOST('socid'); if (!$user->rights->categorie->lire) accessforbidden(); -$action = GETPOST('action'); -$cancel = GETPOST('cancel'); -$origin = GETPOST('origin'); -$catorigin = GETPOST('catorigin'); -$nbcats = (GETPOST('choix') ? GETPOST('choix') : 1); -$type = GETPOST('type'); -$urlfrom = GETPOST("urlfrom"); +$action = GETPOST('action','alpha'); +$cancel = GETPOST('cancel','alpha'); +$origin = GETPOST('origin','alpha'); +$catorigin = GETPOST('catorigin','int'); +$nbcats = (GETPOST('choix') ? GETPOST('choix') : 1); // TODO not use ? +$type = GETPOST('type','alpha'); +$urlfrom = GETPOST('urlfrom','alpha'); if ($origin) { diff --git a/htdocs/core/lib/security2.lib.php b/htdocs/core/lib/security2.lib.php index 338efbb5e80..10846f14e16 100644 --- a/htdocs/core/lib/security2.lib.php +++ b/htdocs/core/lib/security2.lib.php @@ -209,7 +209,7 @@ function dol_loginfunction($langs,$conf,$mysoc) $sessiontimeout='DOLSESSTIMEOUT_'.$prefix; if (! empty($conf->global->MAIN_SESSION_TIMEOUT)) setcookie($sessiontimeout, $conf->global->MAIN_SESSION_TIMEOUT, 0, "/", '', 0); - if (GETPOST("urlfrom")) $_SESSION["urlfrom"]=GETPOST("urlfrom"); + if (GETPOST('urlfrom','alpha')) $_SESSION["urlfrom"]=GETPOST('urlfrom','alpha'); else unset($_SESSION["urlfrom"]); if (! GETPOST("username")) $focus_element='username'; diff --git a/htdocs/public/demo/index.php b/htdocs/public/demo/index.php index 9926d7f54fc..e5619c3db1e 100644 --- a/htdocs/public/demo/index.php +++ b/htdocs/public/demo/index.php @@ -222,7 +222,7 @@ if (GETPOST("action") == 'gotodemo') if ($disablestring) { $url=DOL_URL_ROOT.'/index.php?disablemodules='.$disablestring; - if (GETPOST("urlfrom")) $url.='&urlfrom='.GETPOST("urlfrom"); + if (GETPOST('urlfrom','alpha')) $url.='&urlfrom='.GETPOST('urlfrom','alpha'); header("Location: ".$url); exit; } From 6550ba53f6e29476226077ef12da8089e0500a36 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Wed, 29 Feb 2012 11:48:03 +0100 Subject: [PATCH 38/39] More phpunit test --- htdocs/categories/fiche.php | 1 - htdocs/core/lib/functions.lib.php | 14 ++++++++------ test/phpunit/SecurityTest.php | 9 +++++++-- 3 files changed, 15 insertions(+), 9 deletions(-) diff --git a/htdocs/categories/fiche.php b/htdocs/categories/fiche.php index ac5c9a1c978..15ccad5b5d1 100644 --- a/htdocs/categories/fiche.php +++ b/htdocs/categories/fiche.php @@ -38,7 +38,6 @@ $action = GETPOST('action','alpha'); $cancel = GETPOST('cancel','alpha'); $origin = GETPOST('origin','alpha'); $catorigin = GETPOST('catorigin','int'); -$nbcats = (GETPOST('choix') ? GETPOST('choix') : 1); // TODO not use ? $type = GETPOST('type','alpha'); $urlfrom = GETPOST('urlfrom','alpha'); diff --git a/htdocs/core/lib/functions.lib.php b/htdocs/core/lib/functions.lib.php index 5dfcda5ab17..90167a94b87 100644 --- a/htdocs/core/lib/functions.lib.php +++ b/htdocs/core/lib/functions.lib.php @@ -249,18 +249,20 @@ function GETPOST($paramname,$check='',$method=0) elseif ($method==1) $out = isset($_GET[$paramname])?$_GET[$paramname]:''; elseif ($method==2) $out = isset($_POST[$paramname])?$_POST[$paramname]:''; elseif ($method==3) $out = isset($_POST[$paramname])?$_POST[$paramname]:(isset($_GET[$paramname])?$_GET[$paramname]:''); + else return 'BadParameter'; if (! empty($check)) { + $out=trim($out); // Check if numeric - if ($check == 'int' && ! preg_match('/^[-\.,0-9]+$/i',trim($out))) $out=''; + if ($check == 'int' && ! preg_match('/^[-\.,0-9]+$/i',$out)) $out=''; // Check if alpha - //if ($check == 'alpha' && ! preg_match('/^[ =:@#\/\\\(\)\-\._a-z0-9]+$/i',trim($out))) $out=''; - // '"' is dangerous because param in url can close the href= or src= and add javascript functions. - if ($check == 'alpha') + elseif ($check == 'alpha') { - if (preg_match('/"/',trim($out))) $out=''; - else if (preg_match('/(\.\.\/)+/',trim($out))) $out=''; + // '"' is dangerous because param in url can close the href= or src= and add javascript functions. + // '../' is dangerous because it allows dir transversals + if (preg_match('/"/',$out)) $out=''; + else if (preg_match('/\.\.\//',$out)) $out=''; } } diff --git a/test/phpunit/SecurityTest.php b/test/phpunit/SecurityTest.php index ef231baa464..10d395ff94e 100755 --- a/test/phpunit/SecurityTest.php +++ b/test/phpunit/SecurityTest.php @@ -144,6 +144,7 @@ class SecurityTest extends PHPUnit_Framework_TestCase $_POST["param1"]="333"; $_GET["param2"]='a/b#e(pr)qq-rr\cc'; $_GET["param3"]='"a/b#e(pr)qq-rr\cc'; // Same than param2 + " + $_GET["param4"]='../dir'; $result=GETPOST('id','int'); // Must return nothing print __METHOD__." result=".$result."\n"; @@ -161,11 +162,15 @@ class SecurityTest extends PHPUnit_Framework_TestCase print __METHOD__." result=".$result."\n"; $this->assertEquals($result,$_GET["param2"]); - $result=GETPOST("param3",'alpha'); // Must return '' as there is a forbidden char + $result=GETPOST("param3",'alpha'); // Must return '' as there is a forbidden char " print __METHOD__." result=".$result."\n"; $this->assertEquals($result,''); - return $result; + $result=GETPOST("param4",'alpha'); // Must return '' as there is a forbidden char ../ + print __METHOD__." result=".$result."\n"; + $this->assertEquals($result,''); + + return $result; } /** From 693d07d9253d9afec4f78a02739c5a04ea43bfc7 Mon Sep 17 00:00:00 2001 From: simnandez Date: Wed, 29 Feb 2012 14:12:49 +0100 Subject: [PATCH 39/39] Trad: Add missing translations --- htdocs/langs/ca_ES/banks.lang | 6 +++++- htdocs/langs/ca_ES/companies.lang | 6 ++++++ htdocs/langs/ca_ES/errors.lang | 1 + htdocs/langs/ca_ES/mails.lang | 1 + htdocs/langs/ca_ES/main.lang | 2 +- htdocs/langs/ca_ES/paypal.lang | 3 ++- htdocs/langs/es_ES/banks.lang | 6 +++++- htdocs/langs/es_ES/companies.lang | 6 ++++++ htdocs/langs/es_ES/errors.lang | 1 + htdocs/langs/es_ES/mails.lang | 1 + htdocs/langs/es_ES/main.lang | 2 +- htdocs/langs/es_ES/paypal.lang | 3 ++- 12 files changed, 32 insertions(+), 6 deletions(-) diff --git a/htdocs/langs/ca_ES/banks.lang b/htdocs/langs/ca_ES/banks.lang index ea189a52be2..c740fa5ef87 100644 --- a/htdocs/langs/ca_ES/banks.lang +++ b/htdocs/langs/ca_ES/banks.lang @@ -142,4 +142,8 @@ AllAccounts=Tots els comptes bancaris/de caixa BackToAccount=Tornar al compte ShowAllAccounts=Mostra per a tots els comptes FutureTransaction=Transacció futura. No és possible conciliar. -SelectChequeTransactionAndGenerate=Seleccioneu/filtreu els xecs a incloure a la remesa i feu clic a "Crear". \ No newline at end of file +SelectChequeTransactionAndGenerate=Seleccioneu/filtreu els xecs a incloure a la remesa i feu clic a "Crear". +InputReceiptNumber=Indiqui l'extracte bancari relacionat amb la conciliació. Utilitzeu un valor numèric ordenable (per exemple, AAAAMM) +EventualyAddCategory=Eventualment, indiqui una categoria en la qual classificar els registres +ToConciliate=A conciliar? +ThenCheckLinesAndConciliate=A continuació, comproveu les línies presents en l'extracte bancari i feu clic \ No newline at end of file diff --git a/htdocs/langs/ca_ES/companies.lang b/htdocs/langs/ca_ES/companies.lang index 3cdf9b80129..2838478d6c1 100644 --- a/htdocs/langs/ca_ES/companies.lang +++ b/htdocs/langs/ca_ES/companies.lang @@ -115,6 +115,12 @@ ProfId2BE=- ProfId3BE=- ProfId4BE=- ProfId5BE=- +#ProfId1BR=CNAE +#ProfId2BR=CNPJ +#ProfId3BR=CPF +#ProfId4BR=INSS +#ProfId5BR=IE +#ProfId6BR=IM ProfId1CH=- ProfId2CH=- ProfId3CH=Número federat diff --git a/htdocs/langs/ca_ES/errors.lang b/htdocs/langs/ca_ES/errors.lang index e086b1ffdd6..a1ff701cdd2 100644 --- a/htdocs/langs/ca_ES/errors.lang +++ b/htdocs/langs/ca_ES/errors.lang @@ -104,6 +104,7 @@ ErrorBadValueForCode=Valor no vàlid per al codi. Torneu a intentar-ho amb un no ErrorBothFieldCantBeNegative=Els camps %s i %s no poden ser negatius ErrorNoActivatedBarcode=Cap tipus de codi de barres activat ErrorWebServerUserHasNotPermission=El compte d'execució del servidor web %s no disposa dels permisos per això +ErrorNoActivatedBarcode=No hi ha activat cap tipus de codi de barres # Warnings WarningSafeModeOnCheckExecDir=Atenció, està activada l'opció PHP safe_mode, la comanda ha d'estar dins d'un directori declarat dins del paràmetre php safe_mode_exec_dir. diff --git a/htdocs/langs/ca_ES/mails.lang b/htdocs/langs/ca_ES/mails.lang index 30605b3e2a4..24a5be04af4 100644 --- a/htdocs/langs/ca_ES/mails.lang +++ b/htdocs/langs/ca_ES/mails.lang @@ -39,6 +39,7 @@ MailingStatusDraft=Esborrany MailingStatusValidated=Validat MailingStatusApproved=Aprovat MailingStatusSent=Enviat +MailingStatusRead=Llegit MailingStatusSentPartialy=Enviat parcialment MailingStatusSentCompletely=Enviat completament MailingStatusError=Error diff --git a/htdocs/langs/ca_ES/main.lang b/htdocs/langs/ca_ES/main.lang index 59f7f3e2bfc..3db44046497 100644 --- a/htdocs/langs/ca_ES/main.lang +++ b/htdocs/langs/ca_ES/main.lang @@ -175,7 +175,7 @@ Info=Log Family=Familia Description=Descripció Designation=Descripción -Action=Esdeveniment +Action=Acció Model=Model DefaultModel=Model per defecte About=Sobre diff --git a/htdocs/langs/ca_ES/paypal.lang b/htdocs/langs/ca_ES/paypal.lang index 4759aa1f822..762d2628b42 100644 --- a/htdocs/langs/ca_ES/paypal.lang +++ b/htdocs/langs/ca_ES/paypal.lang @@ -15,4 +15,5 @@ ThisIsTransactionId=Identificador de la transacció: %s PAYPAL_ADD_PAYMENT_URL=Afegir la url del pagament Paypal en enviar un document per e-mail PAYPAL_IPN_MAIL_ADDRESS=Adreça e-mail per les notificacions instantànies de pagament (IPN) PredefinedMailContentSendOrderWithPaypalLink=Us adjuntem la comanda __ORDERREF__\n\nPodeu fer clic a l'enllaç assegurança de sota per realitzar el seu pagament a través de PayPal\n\n%s\n\nCordialment\n\n -PredefinedMailContentSendInvoiceWithPaypalLink=Us adjuntem la factura __FACREF__\n\nPodeu fer clic a l'enllaç assegurança de sota per realitzar el seu pagament a través de PayPal\n\n%s\n\nCordialment\n\n \ No newline at end of file +PredefinedMailContentSendInvoiceWithPaypalLink=Us adjuntem la factura __FACREF__\n\nPodeu fer clic a l'enllaç assegurança de sota per realitzar el seu pagament a través de PayPal\n\n%s\n\nCordialment\n\n +YouAreCurrentlyInSandboxMode=Actualment es troba en mode "sandbox" \ No newline at end of file diff --git a/htdocs/langs/es_ES/banks.lang b/htdocs/langs/es_ES/banks.lang index 9e87caff24f..8c0ae21ca39 100644 --- a/htdocs/langs/es_ES/banks.lang +++ b/htdocs/langs/es_ES/banks.lang @@ -142,4 +142,8 @@ AllAccounts=Todas las cuentas bancarias/de caja BackToAccount=Volver a la cuenta ShowAllAccounts=Mostrar para todas las cuentas FutureTransaction=Transacción futura. No es posible conciliar. -SelectChequeTransactionAndGenerate=Seleccione/filtre los cheques a incluir en la remesa y haga clic en "Crear". \ No newline at end of file +SelectChequeTransactionAndGenerate=Seleccione/filtre los cheques a incluir en la remesa y haga clic en "Crear". +InputReceiptNumber=Indique el extracto bancario relacionado con la conciliación. Utilice un valor numérico ordenable (por ejemplo, AAAAMM) +EventualyAddCategory=Eventualmente, indique una categoría en la que clasificar los registros +ToConciliate=¿A conciliar? +ThenCheckLinesAndConciliate=A continuación, compruebe las líneas presentes en el extracto bancario y haga clic \ No newline at end of file diff --git a/htdocs/langs/es_ES/companies.lang b/htdocs/langs/es_ES/companies.lang index 199f90333c8..9ca56737e70 100644 --- a/htdocs/langs/es_ES/companies.lang +++ b/htdocs/langs/es_ES/companies.lang @@ -115,6 +115,12 @@ ProfId2BE=- ProfId3BE=- ProfId4BE=- ProfId5BE=- +#ProfId1BR=CNAE +#ProfId2BR=CNPJ +#ProfId3BR=CPF +#ProfId4BR=INSS +#ProfId5BR=IE +#ProfId6BR=IM ProfId1CH=- ProfId2CH=- ProfId3CH=Número federado diff --git a/htdocs/langs/es_ES/errors.lang b/htdocs/langs/es_ES/errors.lang index fd1765a345f..d1a35024ea9 100644 --- a/htdocs/langs/es_ES/errors.lang +++ b/htdocs/langs/es_ES/errors.lang @@ -104,6 +104,7 @@ ErrorBadValueForCode=Valor incorrecto para el código. Vuelva a intentar con un ErrorBothFieldCantBeNegative=Los campos %s y %s no pueden ser negativos ErrorNoActivatedBarcode=Ningún tipo de código de barra activado ErrorWebServerUserHasNotPermission=La cuenta de ejecución del servidor web %s no dispone de los permisos para esto +ErrorNoActivatedBarcode=No hay activado ningún tipo de código de barras # Warnings WarningSafeModeOnCheckExecDir=Atención, está activada la opción PHP safe_mode, el comando deberá estar dentro de un directorio declarado dentro del parámetro php safe_mode_exec_dir. diff --git a/htdocs/langs/es_ES/mails.lang b/htdocs/langs/es_ES/mails.lang index c5c2ed7e51e..3957b886cae 100644 --- a/htdocs/langs/es_ES/mails.lang +++ b/htdocs/langs/es_ES/mails.lang @@ -39,6 +39,7 @@ MailingStatusDraft=Borrador MailingStatusValidated=Validado MailingStatusApproved=Aprovado MailingStatusSent=Enviado +MailingStatusRead=Leido MailingStatusSentPartialy=Enviado parcialmente MailingStatusSentCompletely=Enviado completamente MailingStatusError=Error diff --git a/htdocs/langs/es_ES/main.lang b/htdocs/langs/es_ES/main.lang index 92e37752683..578803f08bd 100644 --- a/htdocs/langs/es_ES/main.lang +++ b/htdocs/langs/es_ES/main.lang @@ -175,7 +175,7 @@ Info=Log Family=Familia Description=Descripción Designation=Descripción -Action=Evento +Action=Acción Model=Modelo DefaultModel=Modelo por defecto About=Acerca de diff --git a/htdocs/langs/es_ES/paypal.lang b/htdocs/langs/es_ES/paypal.lang index 8616d2e5e2b..2320ceebc39 100644 --- a/htdocs/langs/es_ES/paypal.lang +++ b/htdocs/langs/es_ES/paypal.lang @@ -15,4 +15,5 @@ ThisIsTransactionId=Identificador de la transacción: %s PAYPAL_ADD_PAYMENT_URL=Añadir la url del pago Paypal al enviar un documento por e-mail PAYPAL_IPN_MAIL_ADDRESS=Dirección e-mail para las notificaciones instantáneas de pago (IPN) PredefinedMailContentSendOrderWithPaypalLink=Le adjuntamos el pedido __ORDERREF__\n\nPuede hacer clic en el enlace seguro de abajo para realizar su pago a través de PayPal\n\n%s\n\nCordialmente\n\n -PredefinedMailContentSendInvoiceWithPaypalLink=Le adjuntamos la factura __FACREF__\n\nPuede hacer clic en el enlace seguro de abajo para realizar su pago a través de PayPal\n\n%s\n\nCordialmente\n\n \ No newline at end of file +PredefinedMailContentSendInvoiceWithPaypalLink=Le adjuntamos la factura __FACREF__\n\nPuede hacer clic en el enlace seguro de abajo para realizar su pago a través de PayPal\n\n%s\n\nCordialmente\n\n +YouAreCurrentlyInSandboxMode=Actualmente se encuentra en modo "sandbox" \ No newline at end of file