From b57c40ef78ae366d03f0af2ff733080a47dd88eb Mon Sep 17 00:00:00 2001 From: lvessiller Date: Tue, 12 Jul 2022 11:32:12 +0200 Subject: [PATCH 01/28] FIX load product stock in inventory lines --- htdocs/product/inventory/inventory.php | 56 ++++++++++++++++++++++++-- 1 file changed, 53 insertions(+), 3 deletions(-) diff --git a/htdocs/product/inventory/inventory.php b/htdocs/product/inventory/inventory.php index 85cd0932f46..2c8a9bd2e13 100644 --- a/htdocs/product/inventory/inventory.php +++ b/htdocs/product/inventory/inventory.php @@ -103,6 +103,8 @@ if ($cancel) { $action = ''; } +$error = 0; + if ($action == 'cancel_record' && $permissiontoadd) { $object->setCanceled($user); } @@ -111,6 +113,8 @@ if ($action == 'update' && !empty($user->rights->stock->mouvement->creer)) { $stockmovment = new MouvementStock($db); $stockmovment->origin = $object; + $cacheOfProducts = array(); + $db->begin(); $sql = 'SELECT id.rowid, id.datec as date_creation, id.tms as date_modification, id.fk_inventory, id.fk_warehouse,'; @@ -127,8 +131,29 @@ if ($action == 'update' && !empty($user->rights->stock->mouvement->creer)) { $qty_stock = $line->qty_stock; $qty_view = $line->qty_view; // The quantity viewed by inventorier, the qty we target + // Load real stock we have now. + $option = ''; + if (isset($cacheOfProducts[$line->fk_product])) { + $product_static = $cacheOfProducts[$line->fk_product]; + } else { + $product_static = new Product($db); + $result = $product_static->fetch($line->fk_product, '', '', '', 1, 1, 1); + + //$option = 'nobatch'; + $option .= ',novirtual'; + $product_static->load_stock($option); // Load stock_reel + stock_warehouse. + + $cacheOfProducts[$product_static->id] = $product_static; + } + + // Get the real quantity in stock now, but before the stock move for inventory. + $realqtynow = $product_static->stock_warehouse[$line->fk_warehouse]->real; + if ($conf->productbatch->enabled && $product_static->hasbatch()) { + $realqtynow = $product_static->stock_warehouse[$line->fk_warehouse]->detail_batch[$line->batch]->qty; + } + if (!is_null($qty_view)) { - $stock_movement_qty = price2num($qty_view - $qty_stock, 'MS'); + $stock_movement_qty = price2num($qty_view - $realqtynow, 'MS'); if ($stock_movement_qty != 0) { if ($stock_movement_qty < 0) { $movement_type = 1; @@ -144,6 +169,19 @@ if ($action == 'update' && !empty($user->rights->stock->mouvement->creer)) { setEventMessages($stockmovment->error, $stockmovment->errors, 'errors'); break; } + + // Update line with id of stock movement (and the start quantity if it has changed this last recording) + if ($qty_stock != $realqtynow) { + $sqlupdate = "UPDATE ".MAIN_DB_PREFIX."inventorydet"; + $sqlupdate .= " SET qty_stock = ".((float) $realqtynow); + $sqlupdate .= " WHERE rowid = ".((int) $line->rowid); + $resqlupdate = $db->query($sqlupdate); + if (! $resqlupdate) { + $error++; + setEventMessages($db->lasterror(), null, 'errors'); + break; + } + } } } $i++; @@ -191,6 +229,7 @@ if ($action =='updateinventorylines' && $permissiontoadd) { setEventMessages($langs->trans("FieldCannotBeNegative", $langs->transnoentitiesnoconv("RealQty")), null, 'errors'); } if ($result > 0) { + $inventoryline->qty_stock = price2num(GETPOST('stock_qty_'.$lineid, 'alpha'), 'MS'); // The new value that was set in as hidden field $inventoryline->qty_view = $qtytoupdate; $resultupdate = $inventoryline->update($user); } @@ -625,13 +664,14 @@ if ($object->id > 0) { $cacheOfWarehouses[$warehouse_static->id] = $warehouse_static; } + $option = ''; if (isset($cacheOfProducts[$obj->fk_product])) { $product_static = $cacheOfProducts[$obj->fk_product]; } else { $product_static = new Product($db); $result = $product_static->fetch($obj->fk_product, '', '', '', 1, 1, 1); - $option = 'nobatch'; + //$option = 'nobatch'; $option .= ',novirtual'; $product_static->load_stock($option); // Load stock_reel + stock_warehouse. This can also call load_virtual_stock() @@ -654,7 +694,17 @@ if ($object->id > 0) { // Expected quantity print ''; - print $obj->qty_stock; + $valuetoshow = $obj->qty_stock; + // For inventory not yet close, we overwrite with the real value in stock now + if ($object->status == $object::STATUS_DRAFT || $object->status == $object::STATUS_VALIDATED) { + if (!empty($conf->productbatch->enabled) && $product_static->hasbatch()) { + $valuetoshow = $product_static->stock_warehouse[$obj->fk_warehouse]->detail_batch[$obj->batch]->qty; + } else { + $valuetoshow = $product_static->stock_warehouse[$obj->fk_warehouse]->real; + } + } + print price2num($valuetoshow, 'MS'); + print ''; print ''; // Real quantity From be491cc6cf3c226c7528ee589edbc4cc6921c0cb Mon Sep 17 00:00:00 2001 From: Alexandre SPANGARO Date: Fri, 15 Jul 2022 16:22:22 +0200 Subject: [PATCH 02/28] FIX Accountancy - Model account list - Problem of CSRF --- htdocs/accountancy/admin/accountmodel.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/accountancy/admin/accountmodel.php b/htdocs/accountancy/admin/accountmodel.php index 0f4d538cfac..d98e444befe 100644 --- a/htdocs/accountancy/admin/accountmodel.php +++ b/htdocs/accountancy/admin/accountmodel.php @@ -679,7 +679,7 @@ if ($id) { // Can an entry be erased or disabled ? $iserasable = 1; $canbedisabled = 1; $canbemodified = 1; // true by default - $url = $_SERVER["PHP_SELF"].'?'.($page ? 'page='.$page.'&' : '').'sortfield='.$sortfield.'&sortorder='.$sortorder.'&rowid='.(!empty($obj->rowid) ? $obj->rowid : (!empty($obj->code) ? $obj->code : '')).'&code='.(!empty($obj->code) ?urlencode($obj->code) : ''); + $url = $_SERVER["PHP_SELF"].'?token='.newToken().($page ? '&page='.$page : '').'&sortfield='.$sortfield.'&sortorder='.$sortorder.'&rowid='.(!empty($obj->rowid) ? $obj->rowid : (!empty($obj->code) ? $obj->code : '')).'&code='.(!empty($obj->code) ?urlencode($obj->code) : ''); if ($param) { $url .= '&'.$param; } From 71af854bf4f402e5c23cc2eac2b3e6a74f05e5d2 Mon Sep 17 00:00:00 2001 From: Alexandre SPANGARO Date: Fri, 15 Jul 2022 17:31:30 +0200 Subject: [PATCH 03/28] FIX Bank transfer - Link on supplier invoice was bad --- htdocs/compta/prelevement/list.php | 16 ++++++++++++---- 1 file changed, 12 insertions(+), 4 deletions(-) diff --git a/htdocs/compta/prelevement/list.php b/htdocs/compta/prelevement/list.php index 095d07460b9..1bc250993b8 100644 --- a/htdocs/compta/prelevement/list.php +++ b/htdocs/compta/prelevement/list.php @@ -256,9 +256,17 @@ if ($result) { print ''; print ''; - print ''; - print img_object($langs->trans("ShowBill"), "bill"); - print ' '.$obj->invoiceref."\n"; + $link_to_bill = '/compta/facture/card.php?facid='; + $link_title = 'Invoice'; + $link_picto = 'bill'; + if ($type == 'bank-transfer') { + $link_to_bill = '/fourn/facture/card.php?facid='; + $link_title = 'SupplierInvoice'; + $link_picto = 'supplier_invoice'; + } + print ''; + print img_object($langs->trans($link_title), $link_picto); + print ' '.$obj->invoiceref."\n"; print ''; print ''; @@ -266,7 +274,7 @@ if ($result) { print $company->getNomUrl(1); print "\n"; - print ''.$obj->code_client."\n"; + print ''.$obj->code_client."\n"; print ''.dol_print_date($db->jdate($obj->datec), 'day')."\n"; From 149b86e459b3a51604105cafba1c7e05cb804d3d Mon Sep 17 00:00:00 2001 From: Alexandre SPANGARO Date: Sat, 16 Jul 2022 06:34:52 +0200 Subject: [PATCH 04/28] FIX Bank transfer - Link on code supplier invoice was bad --- htdocs/compta/prelevement/list.php | 31 +++++++++++++++++++++--------- 1 file changed, 22 insertions(+), 9 deletions(-) diff --git a/htdocs/compta/prelevement/list.php b/htdocs/compta/prelevement/list.php index 1bc250993b8..787b9d05aaa 100644 --- a/htdocs/compta/prelevement/list.php +++ b/htdocs/compta/prelevement/list.php @@ -1,8 +1,9 @@ - * Copyright (C) 2005-2016 Laurent Destailleur - * Copyright (C) 2005-2009 Regis Houssin - * Copyright (C) 2010-2018 Juanjo Menent +/* Copyright (C) 2005 Rodolphe Quiedeville + * Copyright (C) 2005-2016 Laurent Destailleur + * Copyright (C) 2005-2009 Regis Houssin + * Copyright (C) 2010-2018 Juanjo Menent + * Copyright (C) 2022 Alexandre Spangaro * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -108,7 +109,7 @@ llxHeader('', $langs->trans("WithdrawalsLines")); $sql = "SELECT p.rowid, p.ref, p.statut as status, p.datec"; $sql .= " , f.rowid as facid, f.ref as invoiceref, f.total_ttc"; -$sql .= " , s.rowid as socid, s.nom as name, s.code_client, s.email"; +$sql .= " , s.rowid as socid, s.nom as name, s.code_client, s.code_fournisseur, s.email"; $sql .= " , pl.amount, pl.statut as statut_ligne, pl.rowid as rowid_ligne"; $sql .= " FROM ".MAIN_DB_PREFIX."prelevement_bons as p"; $sql .= " , ".MAIN_DB_PREFIX."prelevement_lignes as pl"; @@ -139,7 +140,7 @@ if ($search_bon) { } if ($type == 'bank-transfer') { if ($search_code) { - $sql .= natural_search("s.code_fourn", $search_code); + $sql .= natural_search("s.code_fournisseur", $search_code); } } else { if ($search_code) { @@ -204,7 +205,7 @@ if ($result) { print ''; print ' '; print ''; - print ''; + print ''; print ' '; print ' '; print ''; @@ -214,8 +215,12 @@ if ($result) { print ''; $columntitle = "WithdrawalsReceipts"; + $columntitlethirdparty = "CustomerCode"; + $columncodethirdparty = "s.code_client"; if ($type == 'bank-transfer') { $columntitle = "BankTransferReceipts"; + $columntitlethirdparty = "SupplierCode"; + $columncodethirdparty = "s.code_fournisseur"; } print ''; @@ -223,7 +228,7 @@ if ($result) { print_liste_field_titre("Line", $_SERVER["PHP_SELF"], '', '', $param, '', $sortfield, $sortorder); print_liste_field_titre("Bill", $_SERVER["PHP_SELF"], "f.ref", '', $param, '', $sortfield, $sortorder); print_liste_field_titre("Company", $_SERVER["PHP_SELF"], "s.nom", '', $param, '', $sortfield, $sortorder); - print_liste_field_titre("CustomerCode", $_SERVER["PHP_SELF"], "s.code_client", '', $param, '', $sortfield, $sortorder, 'center '); + print_liste_field_titre($columntitlethirdparty, $_SERVER["PHP_SELF"], $columncodethirdparty, '', $param, '', $sortfield, $sortorder, 'center '); print_liste_field_titre("Date", $_SERVER["PHP_SELF"], "p.datec", "", $param, '', $sortfield, $sortorder, 'center '); print_liste_field_titre("Amount", $_SERVER["PHP_SELF"], "pl.amount", "", $param, '', $sortfield, $sortorder, 'right '); print_liste_field_titre(''); @@ -274,7 +279,15 @@ if ($result) { print $company->getNomUrl(1); print "\n"; - print ''.$obj->code_client."\n"; + + print ''; + $link_to_tab = '/comm/card.php?socid='; + $link_code = $obj->code_client; + if ($type == 'bank-transfer') { + $link_to_tab = 'fourn/card.php?socid='; + $link_code = $obj->code_fournisseur; + } + print ''.$link_code."\n"; print ''.dol_print_date($db->jdate($obj->datec), 'day')."\n"; From ad2ced727aea60b80bf8946d94170135f6083cae Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Sat, 16 Jul 2022 10:59:36 +0200 Subject: [PATCH 05/28] Fix php8 --- htdocs/core/class/rssparser.class.php | 63 ++++++++++++++++----------- 1 file changed, 37 insertions(+), 26 deletions(-) diff --git a/htdocs/core/class/rssparser.class.php b/htdocs/core/class/rssparser.class.php index 4d62f9139b3..66e9241d9f5 100644 --- a/htdocs/core/class/rssparser.class.php +++ b/htdocs/core/class/rssparser.class.php @@ -51,6 +51,12 @@ class RssParser private $current_namespace; + private $initem; + private $intextinput; + private $incontent; + private $inimage; + private $inchannel; + // For parsing with xmlparser public $stack = array(); // parser stack private $_CONTENT_CONSTRUCTS = array('content', 'summary', 'info', 'title', 'tagline', 'copyright'); @@ -254,21 +260,26 @@ class RssParser return -1; } - $xmlparser = xml_parser_create(''); + try { + $xmlparser = xml_parser_create(null); - if (!is_resource($xmlparser) && !is_object($xmlparser)) { - $this->error = "ErrorFailedToCreateParser"; - return -1; + if (!is_resource($xmlparser) && !is_object($xmlparser)) { + $this->error = "ErrorFailedToCreateParser"; + return -1; + } + + xml_set_object($xmlparser, $this); + xml_set_element_handler($xmlparser, 'feed_start_element', 'feed_end_element'); + xml_set_character_data_handler($xmlparser, 'feed_cdata'); + + $status = xml_parse($xmlparser, $str, false); + + xml_parser_free($xmlparser); + $rss = $this; + //var_dump($status.' '.$rss->_format);exit; + } catch (Exception $e) { + $rss = null; } - - xml_set_object($xmlparser, $this); - xml_set_element_handler($xmlparser, 'feed_start_element', 'feed_end_element'); - xml_set_character_data_handler($xmlparser, 'feed_cdata'); - - $status = xml_parse($xmlparser, $str); - xml_parser_free($xmlparser); - $rss = $this; - //var_dump($status.' '.$rss->_format);exit; } } @@ -443,7 +454,7 @@ class RssParser // Loop on each category $itemCategory = array(); - if (is_array($item->category)) { + if (!empty($item->category) && is_array($item->category)) { foreach ($item->category as $cat) { $itemCategory[] = (string) $cat; } @@ -514,7 +525,7 @@ class RssParser * @param array $attrs Attributes of tags * @return void */ - public function feed_start_element($p, $element, &$attrs) + public function feed_start_element($p, $element, $attrs) { // phpcs:enable $el = $element = strtolower($element); @@ -681,9 +692,9 @@ class RssParser public function append_content($text) { // phpcs:enable - if ($this->initem) { + if (!empty($this->initem)) { $this->concat($this->current_item[$this->incontent], $text); - } elseif ($this->inchannel) { + } elseif (!empty($this->inchannel)) { $this->concat($this->channel[$this->incontent], $text); } } @@ -700,24 +711,24 @@ class RssParser if (!$el) { return; } - if ($this->current_namespace) { - if ($this->initem) { + if (!empty($this->current_namespace)) { + if (!empty($this->initem)) { $this->concat($this->current_item[$this->current_namespace][$el], $text); - } elseif ($this->inchannel) { + } elseif (!empty($this->inchannel)) { $this->concat($this->channel[$this->current_namespace][$el], $text); - } elseif ($this->intextinput) { + } elseif (!empty($this->intextinput)) { $this->concat($this->textinput[$this->current_namespace][$el], $text); - } elseif ($this->inimage) { + } elseif (!empty($this->inimage)) { $this->concat($this->image[$this->current_namespace][$el], $text); } } else { - if ($this->initem) { + if (!empty($this->initem)) { $this->concat($this->current_item[$el], $text); - } elseif ($this->intextinput) { + } elseif (!empty($this->intextinput)) { $this->concat($this->textinput[$el], $text); - } elseif ($this->inimage) { + } elseif (!empty($this->inimage)) { $this->concat($this->image[$el], $text); - } elseif ($this->inchannel) { + } elseif (!empty($this->inchannel)) { $this->concat($this->channel[$el], $text); } } From 2c707f025895591ec76c2ac2ca6e97e348f6ec36 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Sat, 16 Jul 2022 12:02:30 +0200 Subject: [PATCH 06/28] Doc --- htdocs/user/class/user.class.php | 4 ---- 1 file changed, 4 deletions(-) diff --git a/htdocs/user/class/user.class.php b/htdocs/user/class/user.class.php index ee6d0e7bd14..2dc06fda052 100644 --- a/htdocs/user/class/user.class.php +++ b/htdocs/user/class/user.class.php @@ -2058,8 +2058,6 @@ class User extends CommonObject $adh->pass = $this->pass; - //$adh->societe = (empty($adh->societe) && $this->societe_id ? $this->societe_id : $adh->societe); - $adh->address = $this->address; $adh->town = $this->town; $adh->zip = $this->zip; @@ -2109,8 +2107,6 @@ class User extends CommonObject //$tmpobj->pass=$this->pass; - //$tmpobj->societe=(empty($tmpobj->societe) && $this->societe_id ? $this->societe_id : $tmpobj->societe); - $tmpobj->email = $this->email; $tmpobj->socialnetworks = $this->socialnetworks; From 0c7a86830602d451ee8ccbb6712957516ac6c0c6 Mon Sep 17 00:00:00 2001 From: Regis Houssin Date: Sat, 16 Jul 2022 15:20:45 +0200 Subject: [PATCH 07/28] FIX avoid Passing null to parameter #1 of type string is deprecated --- htdocs/core/db/mysqli.class.php | 4 +- htdocs/core/lib/functions.lib.php | 6 +-- htdocs/user/card.php | 2 +- htdocs/user/class/user.class.php | 80 +++++++++++++++---------------- 4 files changed, 45 insertions(+), 47 deletions(-) diff --git a/htdocs/core/db/mysqli.class.php b/htdocs/core/db/mysqli.class.php index 0074e2d910e..29c2d30df2f 100644 --- a/htdocs/core/db/mysqli.class.php +++ b/htdocs/core/db/mysqli.class.php @@ -471,7 +471,7 @@ class DoliDBMysqli extends DoliDB */ public function escape($stringtoencode) { - return $this->db->real_escape_string($stringtoencode); + return $this->db->real_escape_string((string) $stringtoencode); } /** @@ -482,7 +482,7 @@ class DoliDBMysqli extends DoliDB */ public function escapeunderscore($stringtoencode) { - return str_replace('_', '\_', $stringtoencode); + return str_replace('_', '\_', (string) $stringtoencode); } /** diff --git a/htdocs/core/lib/functions.lib.php b/htdocs/core/lib/functions.lib.php index a529bed6a6e..bad0466186a 100644 --- a/htdocs/core/lib/functions.lib.php +++ b/htdocs/core/lib/functions.lib.php @@ -6569,10 +6569,10 @@ function get_exdir($num, $level, $alpha, $withoutslash, $object, $modulepart = ' * * @param string $dir Directory to create (Separator must be '/'. Example: '/mydir/mysubdir') * @param string $dataroot Data root directory (To avoid having the data root in the loop. Using this will also lost the warning on first dir PHP has no permission when open_basedir is used) - * @param string|null $newmask Mask for new file (Defaults to $conf->global->MAIN_UMASK or 0755 if unavailable). Example: '0444' + * @param string $newmask Mask for new file (Defaults to $conf->global->MAIN_UMASK or 0755 if unavailable). Example: '0444' * @return int < 0 if KO, 0 = already exists, > 0 if OK */ -function dol_mkdir($dir, $dataroot = '', $newmask = null) +function dol_mkdir($dir, $dataroot = '', $newmask = '') { global $conf; @@ -6613,7 +6613,7 @@ function dol_mkdir($dir, $dataroot = '', $newmask = null) dol_syslog("functions.lib::dol_mkdir: Directory '".$ccdir."' does not exists or is outside open_basedir PHP setting.", LOG_DEBUG); umask(0); - $dirmaskdec = octdec($newmask); + $dirmaskdec = octdec((string) $newmask); if (empty($newmask)) { $dirmaskdec = empty($conf->global->MAIN_UMASK) ? octdec('0755') : octdec($conf->global->MAIN_UMASK); } diff --git a/htdocs/user/card.php b/htdocs/user/card.php index 36807533a66..2cbf7a1b345 100644 --- a/htdocs/user/card.php +++ b/htdocs/user/card.php @@ -476,7 +476,7 @@ if (empty($reshook)) { $object->lang = GETPOST('default_lang', 'aZ09'); // Do we update also ->entity ? - if (!empty($conf->multicompany->enabled && $user->entity == 0 && !empty($user->admin))) { // If multicompany is not enabled, we never update the entity of a user. + if (!empty($conf->multicompany->enabled) && empty($user->entity) && !empty($user->admin)) { // If multicompany is not enabled, we never update the entity of a user. if (GETPOST('superadmin', 'int')) { $object->entity = 0; } else { diff --git a/htdocs/user/class/user.class.php b/htdocs/user/class/user.class.php index 2dc06fda052..74abb5fc369 100644 --- a/htdocs/user/class/user.class.php +++ b/htdocs/user/class/user.class.php @@ -1485,8 +1485,8 @@ class User extends CommonObject // Clean parameters $this->setUpperOrLowerCase(); - $this->civility_code = trim($this->civility_code); - $this->login = trim($this->login); + $this->civility_code = trim((string) $this->civility_code); + $this->login = trim((string) $this->login); if (!isset($this->entity)) { $this->entity = $conf->entity; // If not defined, we use default value } @@ -1848,47 +1848,45 @@ class User extends CommonObject dol_syslog(get_class($this)."::update notrigger=".$notrigger.", nosyncmember=".$nosyncmember.", nosyncmemberpass=".$nosyncmemberpass); // Clean parameters - $this->civility_code = trim($this->civility_code); - $this->lastname = trim($this->lastname); - $this->firstname = trim($this->firstname); - $this->ref_employee = trim($this->ref_employee); - $this->national_registration_number = trim($this->national_registration_number); - $this->employee = $this->employee ? $this->employee : 0; - $this->login = trim($this->login); - $this->gender = trim($this->gender); - $this->pass = trim($this->pass); - $this->api_key = trim($this->api_key); - $this->address = $this->address ? trim($this->address) : trim($this->address); - $this->zip = $this->zip ? trim($this->zip) : trim($this->zip); - $this->town = $this->town ? trim($this->town) : trim($this->town); + $this->civility_code = trim((string) $this->civility_code); + $this->lastname = trim((string) $this->lastname); + $this->firstname = trim((string) $this->firstname); + $this->ref_employee = trim((string) $this->ref_employee); + $this->national_registration_number = trim((string) $this->national_registration_number); + $this->employee = ($this->employee > 0 ? $this->employee : 0); + $this->login = trim((string) $this->login); + $this->gender = trim((string) $this->gender); + $this->pass = trim((string) $this->pass); + $this->api_key = trim((string) $this->api_key); + $this->address = trim((string) $this->address); + $this->zip = trim((string) $this->zip); + $this->town = trim((string) $this->town); $this->setUpperOrLowerCase(); - $this->state_id = trim($this->state_id); - $this->country_id = ($this->country_id > 0) ? $this->country_id : 0; - $this->office_phone = trim($this->office_phone); - $this->office_fax = trim($this->office_fax); - $this->user_mobile = trim($this->user_mobile); - $this->personal_mobile = trim($this->personal_mobile); - $this->email = trim($this->email); - $this->personal_email = trim($this->personal_email); - $this->job = trim($this->job); - $this->signature = trim($this->signature); - $this->note_public = trim($this->note_public); - $this->note_private = trim($this->note_private); - $this->openid = trim(empty($this->openid) ? '' : $this->openid); // Avoid warning - $this->admin = $this->admin ? $this->admin : 0; - $this->address = empty($this->address) ? '' : $this->address; - $this->zip = empty($this->zip) ? '' : $this->zip; - $this->town = empty($this->town) ? '' : $this->town; - $this->setUpperOrLowerCase(); - $this->accountancy_code = trim($this->accountancy_code); - $this->color = empty($this->color) ? '' : $this->color; - $this->dateemployment = empty($this->dateemployment) ? '' : $this->dateemployment; - $this->dateemploymentend = empty($this->dateemploymentend) ? '' : $this->dateemploymentend; - $this->datestartvalidity = empty($this->datestartvalidity) ? '' : $this->datestartvalidity; - $this->dateendvalidity = empty($this->dateendvalidity) ? '' : $this->dateendvalidity; - $this->birth = trim($this->birth); - $this->fk_warehouse = (int) $this->fk_warehouse; + $this->state_id = ($this->state_id > 0 ? $this->state_id : 0); + $this->country_id = ($this->country_id > 0 ? $this->country_id : 0); + $this->office_phone = trim((string) $this->office_phone); + $this->office_fax = trim((string) $this->office_fax); + $this->user_mobile = trim((string) $this->user_mobile); + $this->personal_mobile = trim((string) $this->personal_mobile); + $this->email = trim((string) $this->email); + $this->personal_email = trim((string) $this->personal_email); + + $this->job = trim((string) $this->job); + $this->signature = trim((string) $this->signature); + $this->note_public = trim((string) $this->note_public); + $this->note_private = trim((string) $this->note_private); + $this->openid = trim((string) $this->openid); + $this->admin = ($this->admin > 0 ? $this->admin : 0); + + $this->accountancy_code = trim((string) $this->accountancy_code); + $this->color = trim((string) $this->color); + $this->dateemployment = empty($this->dateemployment) ? '' : $this->dateemployment; + $this->dateemploymentend = empty($this->dateemploymentend) ? '' : $this->dateemploymentend; + $this->datestartvalidity = empty($this->datestartvalidity) ? '' : $this->datestartvalidity; + $this->dateendvalidity = empty($this->dateendvalidity) ? '' : $this->dateendvalidity; + $this->birth = empty($this->birth) ? '' : $this->birth; + $this->fk_warehouse = (int) $this->fk_warehouse; // Check parameters $badCharUnauthorizedIntoLoginName = getDolGlobalString('MAIN_LOGIN_BADCHARUNAUTHORIZED', ',@<>"\''); From ce15b8c44ec86773664764f801f5ed6f09a2ae5d Mon Sep 17 00:00:00 2001 From: Alexandre SPANGARO Date: Mon, 18 Jul 2022 07:23:25 +0200 Subject: [PATCH 08/28] FIX #21472 On the bank transfer lists, a change of page switches to the lists of the direct debit module --- htdocs/compta/prelevement/list.php | 5 ++++- htdocs/compta/prelevement/orders_list.php | 3 +++ 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/htdocs/compta/prelevement/list.php b/htdocs/compta/prelevement/list.php index 787b9d05aaa..a7bab4281c2 100644 --- a/htdocs/compta/prelevement/list.php +++ b/htdocs/compta/prelevement/list.php @@ -173,6 +173,9 @@ if ($result) { $param = "&statut=".urlencode($statut); $param .= "&search_bon=".urlencode($search_bon); + if ($type == 'bank-transfer') { + $param .= '&type=bank-transfer'; + } if ($limit > 0 && $limit != $conf->liste_limit) { $param .= '&limit='.urlencode($limit); } @@ -284,7 +287,7 @@ if ($result) { $link_to_tab = '/comm/card.php?socid='; $link_code = $obj->code_client; if ($type == 'bank-transfer') { - $link_to_tab = 'fourn/card.php?socid='; + $link_to_tab = '/fourn/card.php?socid='; $link_code = $obj->code_fournisseur; } print ''.$link_code."\n"; diff --git a/htdocs/compta/prelevement/orders_list.php b/htdocs/compta/prelevement/orders_list.php index 2733223b5b5..6737ea258ea 100644 --- a/htdocs/compta/prelevement/orders_list.php +++ b/htdocs/compta/prelevement/orders_list.php @@ -132,6 +132,9 @@ if ($result) { if (!empty($contextpage) && $contextpage != $_SERVER["PHP_SELF"]) { $param .= '&contextpage='.urlencode($contextpage); } + if ($type == 'bank-transfer') { + $param .= '&type=bank-transfer'; + } if ($limit > 0 && $limit != $conf->liste_limit) { $param .= '&limit='.urlencode($limit); } From 576c185e0c4c1fa5af2d9e9bfd1f74f98476e1e8 Mon Sep 17 00:00:00 2001 From: Alexandre SPANGARO Date: Mon, 18 Jul 2022 09:20:54 +0200 Subject: [PATCH 09/28] Move old link on data --- htdocs/install/mysql/data/llx_c_forme_juridique.sql | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/install/mysql/data/llx_c_forme_juridique.sql b/htdocs/install/mysql/data/llx_c_forme_juridique.sql index bb8dd4c4efb..7baa5007b3d 100644 --- a/htdocs/install/mysql/data/llx_c_forme_juridique.sql +++ b/htdocs/install/mysql/data/llx_c_forme_juridique.sql @@ -109,7 +109,7 @@ insert into llx_c_forme_juridique (fk_pays, code, libelle) values (2, '228', 'VO insert into llx_c_forme_juridique (fk_pays, code, libelle) values (2, '229', 'VS0 - Vennootschap met sociaal oogmerk'); --- France: Extrait de http://www.insee.fr/fr/nom_def_met/nomenclatures/cj/cjniveau2.htm +-- France: Extrait de https://www.insee.fr/fr/information/2028129 insert into llx_c_forme_juridique (fk_pays, code, libelle) values (1,'11','Artisan Commerçant (EI)'); insert into llx_c_forme_juridique (fk_pays, code, libelle) values (1,'12','Commerçant (EI)'); insert into llx_c_forme_juridique (fk_pays, code, libelle) values (1,'13','Artisan (EI)'); From 36226c7b4b5e330ca988dba6fffeb05f3be2775d Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 18 Jul 2022 11:07:48 +0200 Subject: [PATCH 10/28] FIX Picto google plus --- htdocs/admin/dict.php | 2 ++ htdocs/install/mysql/data/llx_c_socialnetworks.sql | 2 +- 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/htdocs/admin/dict.php b/htdocs/admin/dict.php index 6453210e596..fa5d6deae97 100644 --- a/htdocs/admin/dict.php +++ b/htdocs/admin/dict.php @@ -2090,6 +2090,8 @@ if ($id > 0) { $valuetoshow = $langs->trans($obj->{$value}); } elseif ($value == 'block_if_negative') { $valuetoshow = yn($obj->{$value}); + } elseif ($value == 'icon') { + $valuetoshow = $obj->{$value}." ".img_picto("", $obj->{$value}); } elseif ($value == 'type_duration') { $TDurationTypes = array('y'=>$langs->trans('Years'), 'm'=>$langs->trans('Month'), 'w'=>$langs->trans('Weeks'), 'd'=>$langs->trans('Days'), 'h'=>$langs->trans('Hours'), 'i'=>$langs->trans('Minutes')); $valuetoshow =$TDurationTypes[$obj->{$value}]; diff --git a/htdocs/install/mysql/data/llx_c_socialnetworks.sql b/htdocs/install/mysql/data/llx_c_socialnetworks.sql index 468086291fc..7741f8cdfef 100644 --- a/htdocs/install/mysql/data/llx_c_socialnetworks.sql +++ b/htdocs/install/mysql/data/llx_c_socialnetworks.sql @@ -37,7 +37,7 @@ INSERT INTO llx_c_socialnetworks (entity, code, label, url, icon, active) VALUES INSERT INTO llx_c_socialnetworks (entity, code, label, url, icon, active) VALUES ( 1, 'gifycat', 'Gificat', '{socialid}', '', 0); INSERT INTO llx_c_socialnetworks (entity, code, label, url, icon, active) VALUES ( 1, 'giphy', 'Giphy', '{socialid}', '', 0); INSERT INTO llx_c_socialnetworks (entity, code, label, url, icon, active) VALUES ( 1, 'github', 'GitHub', 'https://www.github.com/{socialid}', '', 0); -INSERT INTO llx_c_socialnetworks (entity, code, label, url, icon, active) VALUES ( 1, 'googleplus', 'GooglePlus', 'https://www.googleplus.com/{socialid}', 'fa-google-plus-g', 0); +INSERT INTO llx_c_socialnetworks (entity, code, label, url, icon, active) VALUES ( 1, 'googleplus', 'GooglePlus', 'https://www.googleplus.com/{socialid}', 'fa-google-plus', 0); INSERT INTO llx_c_socialnetworks (entity, code, label, url, icon, active) VALUES ( 1, 'instagram', 'Instagram', 'https://www.instagram.com/{socialid}', 'fa-instagram', 1); INSERT INTO llx_c_socialnetworks (entity, code, label, url, icon, active) VALUES ( 1, 'linkedin', 'LinkedIn', 'https://www.linkedin.com/{socialid}', 'fa-linkedin', 1); INSERT INTO llx_c_socialnetworks (entity, code, label, url, icon, active) VALUES ( 1, 'mastodon', 'Mastodon', '{socialid}', '', 0); From 8edebcf3147752c4a4d8091bd781ae82f3ba6f77 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 18 Jul 2022 11:51:28 +0200 Subject: [PATCH 11/28] FIX Debug v16 --- htdocs/contact/card.php | 14 ++++----- htdocs/core/class/html.formcompany.class.php | 15 +++++----- htdocs/core/lib/company.lib.php | 31 +++++++++++++++----- htdocs/societe/card.php | 16 ++++++++++ htdocs/societe/contact.php | 2 +- htdocs/user/class/user.class.php | 11 ++++--- htdocs/user/home.php | 18 ++++++------ 7 files changed, 71 insertions(+), 36 deletions(-) diff --git a/htdocs/contact/card.php b/htdocs/contact/card.php index 67b144ffd89..9e3036e29a0 100644 --- a/htdocs/contact/card.php +++ b/htdocs/contact/card.php @@ -1299,11 +1299,10 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { $action = 'presend'; } + // View mode if (!empty($id) && $action != 'edit' && $action != 'create') { $objsoc = new Societe($db); - // View mode - // Show errors dol_htmloutput_errors(is_numeric($error) ? '' : $error, $errors); @@ -1528,9 +1527,12 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { if ($object->user_id) { $dolibarr_user = new User($db); $result = $dolibarr_user->fetch($object->user_id); - print $dolibarr_user->getLoginUrl(1); + print $dolibarr_user->getLoginUrl(-1); } else { - print $langs->trans("NoDolibarrAccess"); + //print ''.$langs->trans("NoDolibarrAccess").''; + if (!$object->user_id && $user->rights->user->user->creer) { + print ''.img_picto($langs->trans("CreateDolibarrLogin"), 'add').' '.$langs->trans("CreateDolibarrLogin").''; + } } print ''; @@ -1563,10 +1565,6 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { print ''.$langs->trans('Modify').''; } - if (!$object->user_id && $user->rights->user->user->creer) { - print ''.$langs->trans("CreateDolibarrLogin").''; - } - // Activer if ($object->statut == 0 && $user->rights->societe->contact->creer) { print ''.$langs->trans("Reactivate").''; diff --git a/htdocs/core/class/html.formcompany.class.php b/htdocs/core/class/html.formcompany.class.php index 32f2a9b1007..2a900ea53a4 100644 --- a/htdocs/core/class/html.formcompany.class.php +++ b/htdocs/core/class/html.formcompany.class.php @@ -825,13 +825,14 @@ class FormCompany extends Form /** * showContactRoles on view and edit mode * - * @param string $htmlname Html component name and id - * @param Contact $contact Contact Obejct - * @param string $rendermode view, edit - * @param array $selected $key=>$val $val is selected Roles for input mode - * @return string String with contacts roles + * @param string $htmlname Html component name and id + * @param Contact $contact Contact Obejct + * @param string $rendermode view, edit + * @param array $selected $key=>$val $val is selected Roles for input mode + * @param string $morecss More css + * @return string String with contacts roles */ - public function showRoles($htmlname, Contact $contact, $rendermode = 'view', $selected = array()) + public function showRoles($htmlname, Contact $contact, $rendermode = 'view', $selected = array(), $morecss = 'minwidth500') { if ($rendermode === 'view') { $toprint = array(); @@ -856,7 +857,7 @@ class FormCompany extends Form $selected = $newselected; } } - return $this->multiselectarray($htmlname, $contactType, $selected, 0, 0, 'minwidth500'); + return $this->multiselectarray($htmlname, $contactType, $selected, 0, 0, $morecss); } return 'ErrorBadValueForParameterRenderMode'; // Should not happened diff --git a/htdocs/core/lib/company.lib.php b/htdocs/core/lib/company.lib.php index 6c097e97073..908dacb870c 100644 --- a/htdocs/core/lib/company.lib.php +++ b/htdocs/core/lib/company.lib.php @@ -896,14 +896,15 @@ function show_projects($conf, $langs, $db, $object, $backtopage = '', $nocreatel /** * Show html area for list of contacts * - * @param Conf $conf Object conf - * @param Translate $langs Object langs - * @param DoliDB $db Database handler - * @param Societe $object Third party object - * @param string $backtopage Url to go once contact is created + * @param Conf $conf Object conf + * @param Translate $langs Object langs + * @param DoliDB $db Database handler + * @param Societe $object Third party object + * @param string $backtopage Url to go once contact is created + * @param int $showuserlogin 1=Show also user login if it exists * @return int */ -function show_contacts($conf, $langs, $db, $object, $backtopage = '') +function show_contacts($conf, $langs, $db, $object, $backtopage = '', $showuserlogin = 0) { global $user, $conf, $extrafields, $hookmanager; global $contextpage; @@ -1137,13 +1138,16 @@ function show_contacts($conf, $langs, $db, $object, $backtopage = '') if (in_array($key, array('statut'))) { print $form->selectarray('search_status', array('-1'=>'', '0'=>$contactstatic->LibStatut(0, 1), '1'=>$contactstatic->LibStatut(1, 1)), $search_status); } elseif (in_array($key, array('role'))) { - print $formcompany->showRoles("search_roles", $contactstatic, 'edit', $search_roles); + print $formcompany->showRoles("search_roles", $contactstatic, 'edit', $search_roles, 'minwidth200 maxwidth300'); } else { print ''; } print ''; } } + if ($showuserlogin) { + print ''; + } // Extra fields $extrafieldsobjectkey = $contactstatic->table_element; include DOL_DOCUMENT_ROOT.'/core/tpl/extrafields_list_search_input.tpl.php'; @@ -1183,6 +1187,9 @@ function show_contacts($conf, $langs, $db, $object, $backtopage = '') print getTitleFieldOfList($arrayfields['sc.'.$key]['label'], 0, $_SERVER['PHP_SELF'], '', '', $param, ($align ? 'class="'.$align.'"' : ''), $sortfield, $sortorder, $align.' ')."\n"; } } + if ($showuserlogin) { + print ''.$langs->trans("DolibarrLogin").''; + } // Extra fields $extrafieldsobjectkey = $contactstatic->table_element; include DOL_DOCUMENT_ROOT.'/core/tpl/extrafields_list_search_title.tpl.php'; @@ -1281,6 +1288,16 @@ function show_contacts($conf, $langs, $db, $object, $backtopage = '') print ''.$contactstatic->getLibStatut(5).''; } + if ($showuserlogin) { + print ''; + $tmpuser= new User($db); + $resfetch = $tmpuser->fetch(0, '', '', 0, -1, '', $contactstatic->id); + if ($resfetch > 0) { + print $tmpuser->getNomUrl(1, '', 0, 0, 24, 1); + } + print ''; + } + // Extra fields $extrafieldsobjectkey = $contactstatic->table_element; include DOL_DOCUMENT_ROOT.'/core/tpl/extrafields_list_print_fields.tpl.php'; diff --git a/htdocs/societe/card.php b/htdocs/societe/card.php index 8e347a6d487..93540eb097c 100644 --- a/htdocs/societe/card.php +++ b/htdocs/societe/card.php @@ -3033,6 +3033,22 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { print "\n"; } + // Link user (you must create a contact to get a user) + /* + print ''.$langs->trans("DolibarrLogin").''; + if ($object->user_id) { + $dolibarr_user = new User($db); + $result = $dolibarr_user->fetch($object->user_id); + print $dolibarr_user->getLoginUrl(-1); + } else { + //print ''.$langs->trans("NoDolibarrAccess").''; + if (!$object->user_id && $user->rights->user->user->creer) { + print ''.img_picto($langs->trans("CreateDolibarrLogin"), 'add').' '.$langs->trans("CreateDolibarrLogin").''; + } + } + print ''; + */ + // Webservices url/key if (!empty($conf->syncsupplierwebservices->enabled)) { print ''.$langs->trans("WebServiceURL").''.dol_print_url($object->webservices_url).''; diff --git a/htdocs/societe/contact.php b/htdocs/societe/contact.php index a09c9751f1f..4ecfc2a8cf4 100644 --- a/htdocs/societe/contact.php +++ b/htdocs/societe/contact.php @@ -173,7 +173,7 @@ print '
'; if ($action != 'presend') { // Contacts list if (empty($conf->global->SOCIETE_DISABLE_CONTACTS)) { - $result = show_contacts($conf, $langs, $db, $object, $_SERVER["PHP_SELF"].'?socid='.$object->id); + $result = show_contacts($conf, $langs, $db, $object, $_SERVER["PHP_SELF"].'?socid='.$object->id, 1); } } diff --git a/htdocs/user/class/user.class.php b/htdocs/user/class/user.class.php index 2dc06fda052..59efc9af418 100644 --- a/htdocs/user/class/user.class.php +++ b/htdocs/user/class/user.class.php @@ -416,9 +416,10 @@ class User extends CommonObject * @param int $loadpersonalconf 1=also load personal conf of user (in $user->conf->xxx), 0=do not load personal conf. * @param int $entity If a value is >= 0, we force the search on a specific entity. If -1, means search depens on default setup. * @param int $email If defined, email to used for search + * @param int $fk_socpeople If defined, id of contact for search * @return int <0 if KO, 0 not found, >0 if OK */ - public function fetch($id = '', $login = '', $sid = '', $loadpersonalconf = 0, $entity = -1, $email = '') + public function fetch($id = '', $login = '', $sid = '', $loadpersonalconf = 0, $entity = -1, $email = '', $fk_socpeople = 0) { global $conf, $user; @@ -486,6 +487,8 @@ class User extends CommonObject $sql .= " AND u.login = '".$this->db->escape($login)."'"; } elseif ($email) { $sql .= " AND u.email = '".$this->db->escape($email)."'"; + } elseif ($fk_socpeople > 0) { + $sql .= " AND u.fk_socpeople = ".((int) $fk_socpeople); } else { $sql .= " AND u.rowid = ".((int) $id); } @@ -2751,10 +2754,10 @@ class User extends CommonObject if (empty($hidethirdpartylogo)) { $companylink = ' '.$thirdpartystatic->getNomUrl(2, (($option == 'nolink') ? 'nolink' : '')); // picto only of company } - $company = ' ('.$langs->trans("Company").': '.dol_string_nohtmltag($thirdpartystatic->name).')'; + $company = ' ('.$langs->trans("Company").': '.img_picto('', 'company').' '.dol_string_nohtmltag($thirdpartystatic->name).')'; } - $type = ($this->socid ? $langs->trans("External").$company : $langs->trans("Internal")); - $label .= '
'.$langs->trans("Type").': '.dol_string_nohtmltag($type); + $type = ($this->socid ? $langs->trans("ExternalUser").$company : $langs->trans("InternalUser")); + $label .= '
'.$langs->trans("Type").': '.$type; $label .= ''; if ($infologin > 0) { $label .= '
'; diff --git a/htdocs/user/home.php b/htdocs/user/home.php index c8dbdf2c1b8..a8b8bb92086 100644 --- a/htdocs/user/home.php +++ b/htdocs/user/home.php @@ -163,7 +163,7 @@ if ($resql) { $companystatic->canvas = $obj->canvas; $lastcreatedbox .= ''; - $lastcreatedbox .= ''; + $lastcreatedbox .= ''; $lastcreatedbox .= $fuserstatic->getNomUrl(-1); if (!empty($conf->multicompany->enabled) && $obj->admin && !$obj->entity) { $lastcreatedbox .= img_picto($langs->trans("SuperAdministrator"), 'redstar'); @@ -171,17 +171,16 @@ if ($resql) { $lastcreatedbox .= img_picto($langs->trans("Administrator"), 'star'); } $lastcreatedbox .= ""; - $lastcreatedbox .= ''.$obj->login.''; - $lastcreatedbox .= ""; + $lastcreatedbox .= ''.dol_escape_htmltag($obj->login).''; + $texttoshow = ''; if ($obj->fk_soc) { - $lastcreatedbox .= $companystatic->getNomUrl(1); + $texttoshow .= $companystatic->getNomUrl(1); } else { - $lastcreatedbox .= $langs->trans("InternalUser"); + $texttoshow .= ''.$langs->trans("InternalUser").''; } if ($obj->ldap_sid) { - $lastcreatedbox .= ' ('.$langs->trans("DomainUser").')'; + $texttoshow .= ' ('.$langs->trans("DomainUser").')'; } - $entity = $obj->entity; $entitystring = ''; // TODO Set of entitystring should be done with a hook @@ -193,8 +192,9 @@ if ($resql) { $entitystring = $mc->label; } } - $lastcreatedbox .= ($entitystring ? ' ('.$entitystring.')' : ''); - + $texttoshow .= ($entitystring ? ' ('.$entitystring.')' : ''); + $lastcreatedbox .= ''; + $lastcreatedbox .= $texttoshow; $lastcreatedbox .= ''; $lastcreatedbox .= ''.dol_print_date($db->jdate($obj->datec), 'dayhour').''; $lastcreatedbox .= ''; From ade854a469dbe756572927ca0f24f9e1c5368347 Mon Sep 17 00:00:00 2001 From: Regis Houssin Date: Mon, 18 Jul 2022 16:48:53 +0200 Subject: [PATCH 12/28] FIX security breach if we have same ref number in multiple entities --- htdocs/comm/propal/class/propal.class.php | 5 ++- htdocs/core/lib/signature.lib.php | 7 ++-- htdocs/public/onlinesign/newonlinesign.php | 42 +++++++++------------- 3 files changed, 24 insertions(+), 30 deletions(-) diff --git a/htdocs/comm/propal/class/propal.class.php b/htdocs/comm/propal/class/propal.class.php index c18e0e7a6df..37d6c96a6e5 100644 --- a/htdocs/comm/propal/class/propal.class.php +++ b/htdocs/comm/propal/class/propal.class.php @@ -1452,6 +1452,8 @@ class Propal extends CommonObject */ public function fetch($rowid, $ref = '', $ref_ext = '') { + global $conf; + $sql = "SELECT p.rowid, p.ref, p.entity, p.remise, p.remise_percent, p.remise_absolue, p.fk_soc"; $sql .= ", p.total_ttc, p.total_tva, p.localtax1, p.localtax2, p.total_ht"; $sql .= ", p.datec"; @@ -1490,9 +1492,10 @@ class Propal extends CommonObject $sql .= ' LEFT JOIN '.MAIN_DB_PREFIX.'c_incoterms as i ON p.fk_incoterms = i.rowid'; if ($ref) { - $sql .= " WHERE p.entity IN (".getEntity('propal').")"; // Dont't use entity if you use rowid + $sql .= " WHERE p.entity = ".(int) $conf->entity; // Check only the current entity because we may have the same reference in several entities $sql .= " AND p.ref='".$this->db->escape($ref)."'"; } else { + // Dont't use entity if you use rowid $sql .= " WHERE p.rowid = ".((int) $rowid); } diff --git a/htdocs/core/lib/signature.lib.php b/htdocs/core/lib/signature.lib.php index c57807800d7..5c6e8a08eed 100644 --- a/htdocs/core/lib/signature.lib.php +++ b/htdocs/core/lib/signature.lib.php @@ -59,7 +59,8 @@ function showOnlineSignatureUrl($type, $ref) */ function getOnlineSignatureUrl($mode, $type, $ref = '', $localorexternal = 1) { - global $conf, $db, $langs, $dolibarr_main_url_root; + global $conf, $dolibarr_main_url_root; + global $object; $ref = str_replace(' ', '', $ref); $out = ''; @@ -90,7 +91,7 @@ function getOnlineSignatureUrl($mode, $type, $ref = '', $localorexternal = 1) if ($mode == 1) { $out .= "hash('".$securekeyseed."' + '".$type."' + proposal_ref)"; } else { - $out .= '&securekey='.dol_hash($securekeyseed.$type.$ref, '0'); + $out .= '&securekey='.dol_hash($securekeyseed.$type.$ref.$object->entity, '0'); } /* if ($mode == 1) { @@ -120,7 +121,7 @@ function getOnlineSignatureUrl($mode, $type, $ref = '', $localorexternal = 1) // For multicompany if (!empty($out) && !empty($conf->multicompany->enabled)) { - $out .= "&entity=".$conf->entity; // Check the entity because we may have the same reference in several entities + $out .= "&entity=".$object->entity; // Check the entity of object because we may have the same reference in several entities } return $out; diff --git a/htdocs/public/onlinesign/newonlinesign.php b/htdocs/public/onlinesign/newonlinesign.php index d1020dc2c1d..06332d5867a 100644 --- a/htdocs/public/onlinesign/newonlinesign.php +++ b/htdocs/public/onlinesign/newonlinesign.php @@ -139,7 +139,7 @@ if ($source == 'proposal') { $securekeyseed = $conf->global->PROPOSAL_ONLINE_SIGNATURE_SECURITY_TOKEN; } -if (!dol_verifyHash($securekeyseed.$type.$ref, $SECUREKEY, '0')) { +if (!dol_verifyHash($securekeyseed.$type.$ref.$object->entity, $SECUREKEY, '0')) { http_response_code(403); print 'Bad value for securitykey. Value provided '.dol_escape_htmltag($SECUREKEY).' does not match expected value for ref='.dol_escape_htmltag($ref); exit(-1); @@ -288,18 +288,8 @@ $error = 0; // Signature on commercial proposal if ($source == 'proposal') { $found = true; - $langs->load("proposal"); - require_once DOL_DOCUMENT_ROOT.'/comm/propal/class/propal.class.php'; - - $proposal = new Propal($db); - $result = $proposal->fetch('', $ref); - if ($result <= 0) { - $mesg = $proposal->error; - $error++; - } else { - $result = $proposal->fetch_thirdparty($proposal->socid); - } + $result = $object->fetch_thirdparty($object->socid); // Creditor @@ -315,39 +305,39 @@ if ($source == 'proposal') { print ''.$langs->trans("ThirdParty"); print ''; print img_picto('', 'company', 'class="pictofixedwidth"'); - print ''.$proposal->thirdparty->name.''; + print ''.$object->thirdparty->name.''; print ''."\n"; // Amount print ''.$langs->trans("Amount"); print ''; - print ''.price($proposal->total_ttc, 0, $langs, 1, -1, -1, $conf->currency).''; + print ''.price($object->total_ttc, 0, $langs, 1, -1, -1, $conf->currency).''; print ''."\n"; // Object - $text = ''.$langs->trans("SignatureProposalRef", $proposal->ref).''; + $text = ''.$langs->trans("SignatureProposalRef", $object->ref).''; print ''.$langs->trans("Designation"); print ''.$text; - if ($proposal->status == $proposal::STATUS_VALIDATED) { - $directdownloadlink = $proposal->getLastMainDocLink('proposal'); + if ($object->status == $object::STATUS_VALIDATED) { + $directdownloadlink = $object->getLastMainDocLink('proposal'); if ($directdownloadlink) { print '
'; - print img_mime($proposal->last_main_doc, ''); + print img_mime($object->last_main_doc, ''); print $langs->trans("DownloadDocument").''; } } else { - $last_main_doc_file = $proposal->last_main_doc; + $last_main_doc_file = $object->last_main_doc; - if ($proposal->status == $proposal::STATUS_NOTSIGNED) { - $directdownloadlink = $proposal->getLastMainDocLink('proposal'); + if ($object->status == $object::STATUS_NOTSIGNED) { + $directdownloadlink = $object->getLastMainDocLink('proposal'); if ($directdownloadlink) { print '
'; - print img_mime($proposal->last_main_doc, ''); + print img_mime($object->last_main_doc, ''); print $langs->trans("DownloadDocument").''; } - } elseif ($proposal->status == $proposal::STATUS_SIGNED || $proposal->status == $proposal::STATUS_BILLED) { + } elseif ($object->status == $object::STATUS_SIGNED || $object->status == $object::STATUS_BILLED) { if (preg_match('/_signed-(\d+)/', $last_main_doc_file)) { // If the last main doc has been signed $last_main_doc_file_not_signed = preg_replace('/_signed-(\d+)/', '', $last_main_doc_file); @@ -355,10 +345,10 @@ if ($source == 'proposal') { $datefilenotsigned = dol_filemtime($last_main_doc_file_not_signed); if (empty($datefilenotsigned) || $datefilesigned > $datefilenotsigned) { - $directdownloadlink = $proposal->getLastMainDocLink('proposal'); + $directdownloadlink = $object->getLastMainDocLink('proposal'); if ($directdownloadlink) { print '
'; - print img_mime($proposal->last_main_doc, ''); + print img_mime($object->last_main_doc, ''); print $langs->trans("DownloadDocument").''; } } @@ -367,7 +357,7 @@ if ($source == 'proposal') { } print ''; - print ''; + print ''; print ''."\n"; // TODO Add link to download PDF (similar code than for invoice) From 7db5f7eb1ce7fc996379dd95e3f60c0bcc749b20 Mon Sep 17 00:00:00 2001 From: Regis Houssin Date: Mon, 18 Jul 2022 19:26:13 +0200 Subject: [PATCH 13/28] FIX regression + add $forceentity parameter --- htdocs/comm/propal/class/propal.class.php | 21 ++++++++++++--------- htdocs/core/lib/signature.lib.php | 2 +- htdocs/public/onlinesign/newonlinesign.php | 2 +- 3 files changed, 14 insertions(+), 11 deletions(-) diff --git a/htdocs/comm/propal/class/propal.class.php b/htdocs/comm/propal/class/propal.class.php index 37d6c96a6e5..5b91caa2673 100644 --- a/htdocs/comm/propal/class/propal.class.php +++ b/htdocs/comm/propal/class/propal.class.php @@ -1445,15 +1445,14 @@ class Propal extends CommonObject /** * Load a proposal from database. Get also lines. * - * @param int $rowid id of object to load - * @param string $ref Ref of proposal - * @param string $ref_ext Ref ext of proposal - * @return int >0 if OK, <0 if KO + * @param int $rowid id of object to load + * @param string $ref Ref of proposal + * @param string $ref_ext Ref ext of proposal + * @param int $forceentity Entity id to force + * @return int >0 if OK, <0 if KO */ - public function fetch($rowid, $ref = '', $ref_ext = '') + public function fetch($rowid, $ref = '', $ref_ext = '', $forceentity = 0) { - global $conf; - $sql = "SELECT p.rowid, p.ref, p.entity, p.remise, p.remise_percent, p.remise_absolue, p.fk_soc"; $sql .= ", p.total_ttc, p.total_tva, p.localtax1, p.localtax2, p.total_ht"; $sql .= ", p.datec"; @@ -1491,8 +1490,12 @@ class Propal extends CommonObject $sql .= ' LEFT JOIN '.MAIN_DB_PREFIX.'c_input_reason as dr ON p.fk_input_reason = dr.rowid'; $sql .= ' LEFT JOIN '.MAIN_DB_PREFIX.'c_incoterms as i ON p.fk_incoterms = i.rowid'; - if ($ref) { - $sql .= " WHERE p.entity = ".(int) $conf->entity; // Check only the current entity because we may have the same reference in several entities + if (!empty($ref)) { + if (!empty($forceentity)) { + $sql .= " WHERE p.entity = ".(int) $forceentity; // Check only the current entity because we may have the same reference in several entities + } else { + $sql .= " WHERE p.entity IN (".getEntity('propal').")"; + } $sql .= " AND p.ref='".$this->db->escape($ref)."'"; } else { // Dont't use entity if you use rowid diff --git a/htdocs/core/lib/signature.lib.php b/htdocs/core/lib/signature.lib.php index 5c6e8a08eed..6a8d824872d 100644 --- a/htdocs/core/lib/signature.lib.php +++ b/htdocs/core/lib/signature.lib.php @@ -26,7 +26,7 @@ */ function showOnlineSignatureUrl($type, $ref) { - global $conf, $langs; + global $langs; // Load translation files required by the page $langs->loadLangs(array("payment", "paybox")); diff --git a/htdocs/public/onlinesign/newonlinesign.php b/htdocs/public/onlinesign/newonlinesign.php index 06332d5867a..9ebea80aeb3 100644 --- a/htdocs/public/onlinesign/newonlinesign.php +++ b/htdocs/public/onlinesign/newonlinesign.php @@ -126,7 +126,7 @@ $creditor = $mysoc->name; $type = $source; if ($source == 'proposal') { $object = new Propal($db); - $object->fetch(0, $ref); + $object->fetch(0, $ref, '', $entity); } else { accessforbidden('Bad value for source'); exit; From 888328b03b5c9a464490f48b181c7829fc4ec46f Mon Sep 17 00:00:00 2001 From: comaiteseb <109105553+comaiteseb@users.noreply.github.com> Date: Tue, 19 Jul 2022 15:31:29 +0200 Subject: [PATCH 14/28] FIX issue Dolibarr#21495 for v15 FIX #21495 Error when calculate the date when AGENDA_EXPORT_FIX_TZ is set. The resulting date is 1969-12-31 --- htdocs/comm/action/class/actioncomm.class.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/htdocs/comm/action/class/actioncomm.class.php b/htdocs/comm/action/class/actioncomm.class.php index a5c8a11ade0..627855a94e8 100644 --- a/htdocs/comm/action/class/actioncomm.class.php +++ b/htdocs/comm/action/class/actioncomm.class.php @@ -2065,8 +2065,8 @@ class ActionComm extends CommonObject } if (!empty($conf->global->AGENDA_EXPORT_FIX_TZ)) { - $timestampStart = - ($conf->global->AGENDA_EXPORT_FIX_TZ * 3600); - $timestampEnd = - ($conf->global->AGENDA_EXPORT_FIX_TZ * 3600); + $timestampStart = $timestampStart - ($conf->global->AGENDA_EXPORT_FIX_TZ * 3600); + $timestampEnd = $timestampEnd - ($conf->global->AGENDA_EXPORT_FIX_TZ * 3600); } $urlwithouturlroot = preg_replace('/'.preg_quote(DOL_URL_ROOT, '/').'$/i', '', trim($dolibarr_main_url_root)); From 276168ef6faea6cc6288d9d5cb578b3ce4895963 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?No=C3=A9=20Courtier?= Date: Tue, 19 Jul 2022 17:14:57 +0200 Subject: [PATCH 15/28] Fix: tabhelp must be present in every module --- htdocs/core/modules/modIncoterm.class.php | 3 ++- .../template/core/modules/modMyModule.class.php | 5 ++++- 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/htdocs/core/modules/modIncoterm.class.php b/htdocs/core/modules/modIncoterm.class.php index 70e6c738801..c13555ef7cf 100644 --- a/htdocs/core/modules/modIncoterm.class.php +++ b/htdocs/core/modules/modIncoterm.class.php @@ -94,7 +94,8 @@ class modIncoterm extends DolibarrModules 'tabfieldvalue'=>array("code,libelle"), // List of fields (list of fields to edit a record) 'tabfieldinsert'=>array("code,libelle"), // List of fields (list of fields for insert) 'tabrowid'=>array("rowid"), // Name of columns with primary key (try to always name it 'rowid') - 'tabcond'=>array($conf->incoterm->enabled) + 'tabcond'=>array($conf->incoterm->enabled), + 'tabhelp' => array(array()) ); $this->boxes = array(); // List of boxes diff --git a/htdocs/modulebuilder/template/core/modules/modMyModule.class.php b/htdocs/modulebuilder/template/core/modules/modMyModule.class.php index 0959a650d6e..3fca508f961 100644 --- a/htdocs/modulebuilder/template/core/modules/modMyModule.class.php +++ b/htdocs/modulebuilder/template/core/modules/modMyModule.class.php @@ -221,7 +221,10 @@ class modMyModule extends DolibarrModules // Name of columns with primary key (try to always name it 'rowid') 'tabrowid'=>array("rowid", "rowid", "rowid"), // Condition to show each dictionary - 'tabcond'=>array($conf->mymodule->enabled, $conf->mymodule->enabled, $conf->mymodule->enabled) + 'tabcond'=>array($conf->mymodule->enabled, $conf->mymodule->enabled, $conf->mymodule->enabled), + // Tooltip for every fields of dictionaries: DO NOT PUT AN EMPTY ARRAY + 'tabhelp'=>array(array('field1' => 'field1tooltip', 'field2' => 'field2tooltip'), array('field1' => 'field1tooltip', 'field2' => 'field2tooltip'), ...), + ); */ From 2aae7525daee3c79bf40c99d8c1d99fd951b42ee Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?No=C3=A9=20Courtier?= Date: Tue, 19 Jul 2022 17:27:15 +0200 Subject: [PATCH 16/28] Fix: tabhelp must be present in every module --- htdocs/core/modules/modPartnership.class.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/htdocs/core/modules/modPartnership.class.php b/htdocs/core/modules/modPartnership.class.php index d7041eca754..36cad1a5b06 100644 --- a/htdocs/core/modules/modPartnership.class.php +++ b/htdocs/core/modules/modPartnership.class.php @@ -231,7 +231,8 @@ class modPartnership extends DolibarrModules // Name of columns with primary key (try to always name it 'rowid') 'tabrowid'=>array("rowid"), // Condition to show each dictionary - 'tabcond'=>array($conf->partnership->enabled) + 'tabcond'=>array($conf->partnership->enabled), + 'tabhelp' => array(array()) ); // Boxes/Widgets From 840437d312ce755f36ee727c093f018cb37463e2 Mon Sep 17 00:00:00 2001 From: Yoan Mollard Date: Tue, 19 Jul 2022 23:55:55 +0200 Subject: [PATCH 17/28] Fixed labels for permission errors --- htdocs/expensereport/card.php | 2 +- htdocs/expensereport/list.php | 2 +- htdocs/langs/en_US/main.lang | 3 ++- htdocs/user/bank.php | 2 +- 4 files changed, 5 insertions(+), 4 deletions(-) diff --git a/htdocs/expensereport/card.php b/htdocs/expensereport/card.php index 2e811445c90..8770c23ce42 100644 --- a/htdocs/expensereport/card.php +++ b/htdocs/expensereport/card.php @@ -263,7 +263,7 @@ if (empty($reshook)) { if ((empty($conf->global->MAIN_USE_ADVANCED_PERMS) && empty($user->rights->expensereport->creer)) || (!empty($conf->global->MAIN_USE_ADVANCED_PERMS) && empty($user->rights->expensereport->creer) && empty($user->rights->expensereport->writeall_advance))) { $error++; - setEventMessages($langs->trans("NotEnoughPermission"), null, 'errors'); + setEventMessages($langs->trans("NotEnoughPermissions"), null, 'errors'); } if (!$error) { if (empty($conf->global->MAIN_USE_ADVANCED_PERMS) || empty($user->rights->expensereport->writeall_advance)) { diff --git a/htdocs/expensereport/list.php b/htdocs/expensereport/list.php index 760c25e4db8..ed03f603a18 100644 --- a/htdocs/expensereport/list.php +++ b/htdocs/expensereport/list.php @@ -482,7 +482,7 @@ if ($resql) { if ($canedit) { print ''.$langs->trans("AddTrip").''; } else { - print ''.$langs->trans("AddTrip").''; + print ''.$langs->trans("AddTrip").''; } print ''; diff --git a/htdocs/langs/en_US/main.lang b/htdocs/langs/en_US/main.lang index 6cb069d53c3..b31a8335fb5 100644 --- a/htdocs/langs/en_US/main.lang +++ b/htdocs/langs/en_US/main.lang @@ -344,7 +344,7 @@ KiloBytes=Kilobytes MegaBytes=Megabytes GigaBytes=Gigabytes TeraBytes=Terabytes -UserAuthor=Ceated by +UserAuthor=Created by UserModif=Updated by b=b. Kb=Kb @@ -709,6 +709,7 @@ FeatureDisabled=Feature disabled MoveBox=Move widget Offered=Offered NotEnoughPermissions=You don't have permission for this action +UserNotInHierachy=This action is reserved to the supervisors of this user SessionName=Session name Method=Method Receive=Receive diff --git a/htdocs/user/bank.php b/htdocs/user/bank.php index 59f593f5b74..d2379388cb4 100644 --- a/htdocs/user/bank.php +++ b/htdocs/user/bank.php @@ -692,7 +692,7 @@ if ($action != 'edit' && $action != 'create') { // If not bank account yet, $ac if ($permissiontoaddbankaccount) { $morehtmlright = dolGetButtonTitle($langs->trans('Add'), '', 'fa fa-plus-circle', $_SERVER["PHP_SELF"].'?id='.$object->id.'&action=create'); } else { - $morehtmlright = dolGetButtonTitle($langs->trans('Add'), 'NotEnoughPermission', 'fa fa-plus-circle', '', '', -2); + $morehtmlright = dolGetButtonTitle($langs->trans('Add'), $langs->trans('NotEnoughPermissions'), 'fa fa-plus-circle', '', '', -2); } } else { $morehtmlright = dolGetButtonTitle($langs->trans('Add'), 'AlreadyOneBankAccount', 'fa fa-plus-circle', '', '', -2); From 21353e54c20cd8135be3b69b5285742af59ae389 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9bastien=20NASSIET?= Date: Wed, 20 Jul 2022 21:56:12 +0200 Subject: [PATCH 18/28] correction warning php Undefined property: stdClass:: in /space/www/v16/htdocs/societe/index.php on line 181 lorsque le module fournisseur n'est pas actif en se rendant sur le module Tiers --- htdocs/societe/index.php | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/htdocs/societe/index.php b/htdocs/societe/index.php index f4637186b4d..d23fa01fd35 100644 --- a/htdocs/societe/index.php +++ b/htdocs/societe/index.php @@ -178,10 +178,12 @@ if (!empty($conf->use_javascript_ajax) && ((round($third['prospect']) ? 1 : 0) + $statstring .= ""; } $statstring2 = ''; - if (((isModEnabled('societe') && $user->rights->fournisseur->facture->lire && empty($conf->global->MAIN_USE_NEW_SUPPLIERMOD)) || (isModEnabled('supplier_order') && $user->rights->supplier_order->lire) || (isModEnabled('supplier_invoice') && $user->rights->supplier_invoice->lire)) && empty($conf->global->SOCIETE_DISABLE_SUPPLIERS_STATS)) { - $statstring2 = ""; - $statstring2 .= ''.$langs->trans("Suppliers").''.round($third['supplier']).''; - $statstring2 .= ""; + if (isModEnabled('fournisseur')) { + if (((isModEnabled('societe') && $user->rights->fournisseur->facture->lire && empty($conf->global->MAIN_USE_NEW_SUPPLIERMOD)) || (isModEnabled('supplier_order') && $user->rights->supplier_order->lire) || (isModEnabled('supplier_invoice') && $user->rights->supplier_invoice->lire)) && empty($conf->global->SOCIETE_DISABLE_SUPPLIERS_STATS)) { + $statstring2 = ""; + $statstring2 .= ''.$langs->trans("Suppliers").''.round($third['supplier']).''; + $statstring2 .= ""; + } } $thirdpartygraph .= $statstring; $thirdpartygraph .= $statstring2; From 7177bc09263d4d7f716e79dcf3e49f422e5ad005 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?S=C3=A9bastien=20NASSIET?= Date: Wed, 20 Jul 2022 22:07:42 +0200 Subject: [PATCH 19/28] correction warning php Undefined property: stdClass:: in /space/www/v16/htdocs/societe/index.php on line 181 lorsque le module fournisseur n'est pas actif en se rendant sur le module Tiers --- htdocs/societe/index.php | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/htdocs/societe/index.php b/htdocs/societe/index.php index d23fa01fd35..a13d8a3de99 100644 --- a/htdocs/societe/index.php +++ b/htdocs/societe/index.php @@ -178,12 +178,10 @@ if (!empty($conf->use_javascript_ajax) && ((round($third['prospect']) ? 1 : 0) + $statstring .= ""; } $statstring2 = ''; - if (isModEnabled('fournisseur')) { - if (((isModEnabled('societe') && $user->rights->fournisseur->facture->lire && empty($conf->global->MAIN_USE_NEW_SUPPLIERMOD)) || (isModEnabled('supplier_order') && $user->rights->supplier_order->lire) || (isModEnabled('supplier_invoice') && $user->rights->supplier_invoice->lire)) && empty($conf->global->SOCIETE_DISABLE_SUPPLIERS_STATS)) { - $statstring2 = ""; - $statstring2 .= ''.$langs->trans("Suppliers").''.round($third['supplier']).''; - $statstring2 .= ""; - } + if (((isModEnabled('fournisseur') && $user->rights->fournisseur->facture->lire && empty($conf->global->MAIN_USE_NEW_SUPPLIERMOD)) || (isModEnabled('supplier_order') && $user->rights->supplier_order->lire) || (isModEnabled('supplier_invoice') && $user->rights->supplier_invoice->lire)) && empty($conf->global->SOCIETE_DISABLE_SUPPLIERS_STATS)) { + $statstring2 = ""; + $statstring2 .= ''.$langs->trans("Suppliers").''.round($third['supplier']).''; + $statstring2 .= ""; } $thirdpartygraph .= $statstring; $thirdpartygraph .= $statstring2; From 5e4eb58a43666ed46a0c12f724e296f6924af16b Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Thu, 21 Jul 2022 10:59:15 +0200 Subject: [PATCH 20/28] FIX phpv8 --- htdocs/admin/notification.php | 16 ++++++++++------ htdocs/compta/paiement/class/paiement.class.php | 2 ++ htdocs/projet/tasks.php | 1 + htdocs/projet/tasks/comment.php | 2 +- htdocs/projet/tasks/contact.php | 2 +- htdocs/projet/tasks/document.php | 2 +- htdocs/projet/tasks/note.php | 2 +- htdocs/projet/tasks/task.php | 6 +++--- 8 files changed, 20 insertions(+), 13 deletions(-) diff --git a/htdocs/admin/notification.php b/htdocs/admin/notification.php index 38245b5e204..760df948d34 100644 --- a/htdocs/admin/notification.php +++ b/htdocs/admin/notification.php @@ -188,6 +188,7 @@ print '
'; print ''; print ''; +print '
'; print ''; print ''; print ''; @@ -198,7 +199,7 @@ print ''; print ''; print ''; @@ -224,7 +225,7 @@ if ($conf->use_javascript_ajax) { print ajax_constantonoff('NOTIFICATION_EMAIL_DISABLE_CONFIRM_MESSAGE_USER'); } else { $arrval = array('0' => $langs->trans("No"), '1' => $langs->trans("Yes")); - print $form->selectarray("NOTIFICATION_EMAIL_DISABLE_CONFIRM_MESSAGE_USER", $arrval, $conf->global->NOTIFICATION_EMAIL_DISABLE_CONFIRM_MESSAGE_USER); + print $form->selectarray("NOTIFICATION_EMAIL_DISABLE_CONFIRM_MESSAGE_USER", $arrval, getDolGlobalString('NOTIFICATION_EMAIL_DISABLE_CONFIRM_MESSAGE_USER')); } print ''; print ''; @@ -236,11 +237,12 @@ if ($conf->use_javascript_ajax) { print ajax_constantonoff('NOTIFICATION_EMAIL_DISABLE_CONFIRM_MESSAGE_FIX'); } else { $arrval = array('0' => $langs->trans("No"), '1' => $langs->trans("Yes")); - print $form->selectarray("NOTIFICATION_EMAIL_DISABLE_CONFIRM_MESSAGE_FIX", $arrval, $conf->global->NOTIFICATION_EMAIL_DISABLE_CONFIRM_MESSAGE_FIX); + print $form->selectarray("NOTIFICATION_EMAIL_DISABLE_CONFIRM_MESSAGE_FIX", $arrval, getDolGlobalString('NOTIFICATION_EMAIL_DISABLE_CONFIRM_MESSAGE_FIX')); } print ''; print ''; print '
'.$langs->trans("Parameter").'
'; print $langs->trans("NotificationEMailFrom").''; print img_picto('', 'email', 'class="pictofixedwidth"'); -print ''; +print ''; if (!empty($conf->global->NOTIFICATION_EMAIL_FROM) && !isValidEmail($conf->global->NOTIFICATION_EMAIL_FROM)) { print ' '.img_warning($langs->trans("ErrorBadEMail")); } @@ -212,7 +213,7 @@ if ($conf->use_javascript_ajax) { print ajax_constantonoff('NOTIFICATION_EMAIL_DISABLE_CONFIRM_MESSAGE_CONTACT'); } else { $arrval = array('0' => $langs->trans("No"), '1' => $langs->trans("Yes")); - print $form->selectarray("NOTIFICATION_EMAIL_DISABLE_CONFIRM_MESSAGE_CONTACT", $arrval, $conf->global->NOTIFICATION_EMAIL_DISABLE_CONFIRM_MESSAGE_CONTACT); + print $form->selectarray("NOTIFICATION_EMAIL_DISABLE_CONFIRM_MESSAGE_CONTACT", $arrval, getDolGlobalString('NOTIFICATION_EMAIL_DISABLE_CONFIRM_MESSAGE_CONTACT')); } print '
'; +print '
'; print $form->buttonsSaveCancel("Save", ''); @@ -387,6 +389,7 @@ if (!empty($conf->societe->enabled)) { } print ''; +print '
'; print ''; print ''; print ''; @@ -449,7 +452,7 @@ foreach ($listofnotifiedevents as $notifiedevent) { $param = 'NOTIFICATION_FIXEDEMAIL_'.$notifiedevent['code'].'_THRESHOLD_HIGHER_'.$reg[1]; $value = GETPOST('NOTIF_'.$notifiedevent['code'].'_old_'.$reg[1].'_key') ?GETPOST('NOTIF_'.$notifiedevent['code'].'_old_'.$reg[1].'_key', 'alpha') : $conf->global->$param; - $s = ''; // Do not use type="email" here, we must be able to enter a list of email with , separator. + $s = ''; // Do not use type="email" here, we must be able to enter a list of email with , separator. $arrayemail = explode(',', $value); $showwarning = 0; foreach ($arrayemail as $keydet => $valuedet) { @@ -468,7 +471,7 @@ foreach ($listofnotifiedevents as $notifiedevent) { } // New entry input fields if (empty($inputfieldalreadyshown) || !$codehasnotrigger) { - $s = ''; // Do not use type="email" here, we must be able to enter a list of email with , separator. + $s = ''; // Do not use type="email" here, we must be able to enter a list of email with , separator. print $form->textwithpicto($s, $langs->trans("YouCanUseCommaSeparatorForSeveralRecipients").'
'.$langs->trans("YouCanAlsoUseSupervisorKeyword"), 1, 'help', '', 0, 2); } print ''; @@ -501,6 +504,7 @@ foreach ($listofnotifiedevents as $notifiedevent) { print ''; } print '
'.$langs->trans("Module").'
'; +print '
'; print $form->buttonsSaveCancel("Save", ''); diff --git a/htdocs/compta/paiement/class/paiement.class.php b/htdocs/compta/paiement/class/paiement.class.php index f63d58db933..25543ed9d82 100644 --- a/htdocs/compta/paiement/class/paiement.class.php +++ b/htdocs/compta/paiement/class/paiement.class.php @@ -57,6 +57,7 @@ class Paiement extends CommonObject public $facid; public $datepaye; + public $date; // same than $datepaye /** * @deprecated @@ -153,6 +154,7 @@ class Paiement extends CommonObject */ public $ref_ext; + /** * Constructor * diff --git a/htdocs/projet/tasks.php b/htdocs/projet/tasks.php index 612aa0e6fe7..06734790495 100644 --- a/htdocs/projet/tasks.php +++ b/htdocs/projet/tasks.php @@ -1059,6 +1059,7 @@ if ($action == 'create' && $user->rights->projet->creer && (empty($object->third print_liste_field_titre($selectedfields, $_SERVER["PHP_SELF"], "", '', '', '', $sortfield, $sortorder, 'center maxwidthsearch '); print "\n"; + $nboftaskshown = 0; if (count($tasksarray) > 0) { // Show all lines in taskarray (recursive function to go down on tree) $j = 0; $level = 0; diff --git a/htdocs/projet/tasks/comment.php b/htdocs/projet/tasks/comment.php index 82628d5136b..bed307d65bf 100644 --- a/htdocs/projet/tasks/comment.php +++ b/htdocs/projet/tasks/comment.php @@ -175,7 +175,7 @@ if ($id > 0 || !empty($ref)) { print '
'; } if (!empty($conf->eventorganization->enabled)) { - print 'usage_organize_event ? ' checked="checked"' : '')).'"> '; + print 'usage_organize_event ? ' checked="checked"' : '')).'"> '; $htmltext = $langs->trans("EventOrganizationDescriptionLong"); print $form->textwithpicto($langs->trans("ManageOrganizeEvent"), $htmltext); } diff --git a/htdocs/projet/tasks/contact.php b/htdocs/projet/tasks/contact.php index 9718a0ffccb..44f981a46db 100644 --- a/htdocs/projet/tasks/contact.php +++ b/htdocs/projet/tasks/contact.php @@ -234,7 +234,7 @@ if ($id > 0 || !empty($ref)) { print '
'; } if (!empty($conf->eventorganization->enabled)) { - print 'usage_organize_event ? ' checked="checked"' : '')).'"> '; + print 'usage_organize_event ? ' checked="checked"' : '')).'"> '; $htmltext = $langs->trans("EventOrganizationDescriptionLong"); print $form->textwithpicto($langs->trans("ManageOrganizeEvent"), $htmltext); } diff --git a/htdocs/projet/tasks/document.php b/htdocs/projet/tasks/document.php index ad0a2c0b628..3ef93529b64 100644 --- a/htdocs/projet/tasks/document.php +++ b/htdocs/projet/tasks/document.php @@ -190,7 +190,7 @@ if ($object->id > 0) { print '
'; } if (!empty($conf->eventorganization->enabled)) { - print 'usage_organize_event ? ' checked="checked"' : '')).'"> '; + print 'usage_organize_event ? ' checked="checked"' : '')).'"> '; $htmltext = $langs->trans("EventOrganizationDescriptionLong"); print $form->textwithpicto($langs->trans("ManageOrganizeEvent"), $htmltext); } diff --git a/htdocs/projet/tasks/note.php b/htdocs/projet/tasks/note.php index 206a92afb36..a91879c2116 100644 --- a/htdocs/projet/tasks/note.php +++ b/htdocs/projet/tasks/note.php @@ -180,7 +180,7 @@ if ($object->id > 0) { print '
'; } if (!empty($conf->eventorganization->enabled)) { - print 'usage_organize_event ? ' checked="checked"' : '')).'"> '; + print 'usage_organize_event ? ' checked="checked"' : '')).'"> '; $htmltext = $langs->trans("EventOrganizationDescriptionLong"); print $form->textwithpicto($langs->trans("ManageOrganizeEvent"), $htmltext); } diff --git a/htdocs/projet/tasks/task.php b/htdocs/projet/tasks/task.php index 3df3cf8928e..ec02492433b 100644 --- a/htdocs/projet/tasks/task.php +++ b/htdocs/projet/tasks/task.php @@ -253,7 +253,7 @@ if ($id > 0 || !empty($ref)) { print ''; // Usage - if (!empty($conf->global->PROJECT_USE_OPPORTUNITIES) || empty($conf->global->PROJECT_HIDE_TASKS) || !empty($conf->eventorganization->enabled)) { + if (!empty($conf->global->PROJECT_USE_OPPORTUNITIES) || empty($conf->global->PROJECT_HIDE_TASKS) || isModEnabled('eventorganization')) { print ''; @@ -276,8 +276,8 @@ if ($id > 0 || !empty($ref)) { print $form->textwithpicto($langs->trans("BillTime"), $htmltext); print '
'; } - if (!empty($conf->eventorganization->enabled)) { - print 'usage_organize_event ? ' checked="checked"' : '')).'"> '; + if (isModEnabled('eventorganization')) { + print 'usage_organize_event ? ' checked="checked"' : '')).'"> '; $htmltext = $langs->trans("EventOrganizationDescriptionLong"); print $form->textwithpicto($langs->trans("ManageOrganizeEvent"), $htmltext); } From b4c8fbdec26549833931c89a964606628eb659c3 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Thu, 21 Jul 2022 11:08:02 +0200 Subject: [PATCH 21/28] Fix remove "use Stripe\" --- htdocs/compta/deplacement/class/deplacement.class.php | 2 -- htdocs/core/modules/bank/doc/pdf_sepamandate.modules.php | 2 -- 2 files changed, 4 deletions(-) diff --git a/htdocs/compta/deplacement/class/deplacement.class.php b/htdocs/compta/deplacement/class/deplacement.class.php index fb4f9eb17d4..226c4bc350e 100644 --- a/htdocs/compta/deplacement/class/deplacement.class.php +++ b/htdocs/compta/deplacement/class/deplacement.class.php @@ -1,6 +1,4 @@ * Copyright (C) 2004-2011 Laurent Destailleur * Copyright (C) 2009-2012 Regis Houssin diff --git a/htdocs/core/modules/bank/doc/pdf_sepamandate.modules.php b/htdocs/core/modules/bank/doc/pdf_sepamandate.modules.php index 8afafd8c06c..314a1fa7853 100644 --- a/htdocs/core/modules/bank/doc/pdf_sepamandate.modules.php +++ b/htdocs/core/modules/bank/doc/pdf_sepamandate.modules.php @@ -1,6 +1,4 @@ * Copyright (C) 2020 Josep Lluís Amador * From 17cf336383fb4d240f65cebffcb728b3ec7a0701 Mon Sep 17 00:00:00 2001 From: lmarcouiller Date: Tue, 19 Jul 2022 11:39:23 +0200 Subject: [PATCH 22/28] Fix : PHP 8.1 warnings --- htdocs/ftp/index.php | 3 +++ 1 file changed, 3 insertions(+) diff --git a/htdocs/ftp/index.php b/htdocs/ftp/index.php index 419727b1cca..8b4b7bf31c4 100644 --- a/htdocs/ftp/index.php +++ b/htdocs/ftp/index.php @@ -510,6 +510,7 @@ if (!function_exists('ftp_connect')) { $nboflines = count($contents); $rawlisthasfailed = false; $i = 0; + $nbofentries = 0; while ($i < $nboflines && $i < 1000) { $vals = preg_split('@ +@', utf8_encode($buff[$i]), 9); //$vals=preg_split('@ +@','drwxr-xr-x 2 root root 4096 Aug 30 2008 backup_apollon1',9); @@ -527,6 +528,7 @@ if (!function_exists('ftp_connect')) { // Is it a directory ? $is_directory = 0; + $is_link = 0; if ($file == '..') { $is_directory = 1; } elseif (!$rawlisthasfailed) { @@ -695,6 +697,7 @@ function dol_ftp_connect($ftp_server, $ftp_port, $ftp_user, $ftp_password, $sect $ok = 1; $conn_id = null; + $mesg=""; if (!is_numeric($ftp_port)) { $mesg = $langs->transnoentitiesnoconv("FailedToConnectToFTPServer", $ftp_server, $ftp_port); From df6da726ca79104294dcceff6e521afdb8f0085f Mon Sep 17 00:00:00 2001 From: lmarcouiller Date: Tue, 19 Jul 2022 12:08:23 +0200 Subject: [PATCH 23/28] Fix ; scrutinizer bug --- htdocs/webhook/target_card.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/webhook/target_card.php b/htdocs/webhook/target_card.php index dd0d5e171e8..1e1f6522ea1 100644 --- a/htdocs/webhook/target_card.php +++ b/htdocs/webhook/target_card.php @@ -532,7 +532,7 @@ if ($object->id > 0 && (empty($action) || ($action != 'edit' && $action != 'crea } // Clone - print dolGetButtonAction($langs->trans('ToClone'), '', 'default', $_SERVER['PHP_SELF'].'?id='.$object->id.(!empty($object->socid)?'&socid='.$object->socid:'').'&action=clone&token='.newToken(), '', $permissiontoadd); + print dolGetButtonAction($langs->trans('ToClone'), '', 'default', $_SERVER['PHP_SELF'].'?id='.$object->id.'&action=clone&token='.newToken(), '', $permissiontoadd); /* if ($permissiontoadd) { From 14c8b4b826e31eac59299aaafea8bfbaa4dc1b65 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Thu, 21 Jul 2022 12:51:58 +0200 Subject: [PATCH 24/28] FIX doleval with @ --- htdocs/core/lib/functions.lib.php | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/htdocs/core/lib/functions.lib.php b/htdocs/core/lib/functions.lib.php index bad0466186a..77ab8eab79a 100644 --- a/htdocs/core/lib/functions.lib.php +++ b/htdocs/core/lib/functions.lib.php @@ -8585,7 +8585,8 @@ function dol_eval($s, $returnvalue = 0, $hideerrors = 1, $onlysimplestring = '1' if ($onlysimplestring == '1') { // We must accept: '1 && getDolGlobalInt("doesnotexist1") && $conf->global->MAIN_FEATURES_LEVEL' // We must accept: '$conf->barcode->enabled && preg_match(\'/^(AAA|BBB)/\',$leftmenu)' - if (preg_match('/[^a-z0-9\s'.preg_quote('^$_+-.*>&|=!?():"\',/', '/').']/i', $s)) { + // We must accept: '$user->rights->cabinetmed->read && $object->canvas=="patient@cabinetmed"' + if (preg_match('/[^a-z0-9\s'.preg_quote('^$_+-.*>&|=!?():"\',/@', '/').']/i', $s)) { if ($returnvalue) { return 'Bad string syntax to evaluate (found chars that are not chars for simplestring): '.$s; } else { @@ -9006,6 +9007,7 @@ function complete_head_from_modules($conf, $langs, $object, &$head, &$h, $type, if ($values[0] != $type) { continue; } + //var_dump(verifCond($values[4])); if (verifCond($values[4])) { if ($values[3]) { From 46075188b2461f0d9901e77afac2d59f199cf0dd Mon Sep 17 00:00:00 2001 From: atm-lena Date: Thu, 21 Jul 2022 15:59:46 +0200 Subject: [PATCH 25/28] Tasks List Search : several same lines --- htdocs/projet/tasks/list.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/htdocs/projet/tasks/list.php b/htdocs/projet/tasks/list.php index 697969c6060..4af49c7a3d5 100644 --- a/htdocs/projet/tasks/list.php +++ b/htdocs/projet/tasks/list.php @@ -322,7 +322,7 @@ $sql .= " t.rowid as id, t.ref, t.label, t.planned_workload, t.duration_effectiv $sql .= " t.description, t.fk_task_parent"; $sql .= " ,t.budget_amount"; // We'll need these fields in order to filter by categ -if ($search_categ) { +if ($search_categ > 0) { $sql .= ", cs.fk_categorie, cs.fk_project"; } // Add sum fields @@ -342,7 +342,7 @@ $sql .= $hookmanager->resPrint; $sql .= " FROM ".MAIN_DB_PREFIX."projet as p"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s on p.fk_soc = s.rowid"; // We'll need this table joined to the select in order to filter by categ -if (!empty($search_categ)) { +if ($search_categ > 0) { $sql .= ' LEFT JOIN '.MAIN_DB_PREFIX."categorie_project as cs ON p.rowid = cs.fk_project"; // We'll need this table joined to the select in order to filter by categ } $sql .= ", ".MAIN_DB_PREFIX."projet_task as t"; From bac8efd4c81e4a9febf17be2f9de7e4fd6fceb04 Mon Sep 17 00:00:00 2001 From: lmarcouiller Date: Wed, 20 Jul 2022 16:35:51 +0200 Subject: [PATCH 26/28] Fix : PHP 8.1 warnings --- htdocs/adherents/card.php | 2 +- htdocs/comm/card.php | 6 ++++-- htdocs/contact/card.php | 1 + htdocs/contact/consumption.php | 2 +- htdocs/contact/list.php | 3 +++ htdocs/core/lib/functions.lib.php | 4 ++-- .../core/modules/member/doc/pdf_standard.class.php | 14 +++++++------- .../core/tpl/extrafields_list_print_fields.tpl.php | 3 +++ htdocs/product/stock/card.php | 4 +++- htdocs/product/stock/info.php | 4 ++-- htdocs/product/stock/movement_list.php | 1 + htdocs/product/stock/productlot_list.php | 1 + htdocs/product/stock/tpl/stocktransfer.tpl.php | 4 ++-- 13 files changed, 31 insertions(+), 18 deletions(-) diff --git a/htdocs/adherents/card.php b/htdocs/adherents/card.php index 0096ba9a285..70b86338db8 100644 --- a/htdocs/adherents/card.php +++ b/htdocs/adherents/card.php @@ -1510,7 +1510,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { $outputlangs->loadLangs(array("main", "members", "companies", "install", "other")); // Get email content from template $arraydefaultmessage = null; - $labeltouse = $conf->global->ADHERENT_EMAIL_TEMPLATE_MEMBER_VALIDATION; + $labeltouse = getDolGlobalString("ADHERENT_EMAIL_TEMPLATE_MEMBER_VALIDATION"); if (!empty($labeltouse)) { $arraydefaultmessage = $formmail->getEMailTemplate($db, 'member', $user, $outputlangs, 0, 1, $labeltouse); diff --git a/htdocs/comm/card.php b/htdocs/comm/card.php index 4b51a519223..57f2662bcfc 100644 --- a/htdocs/comm/card.php +++ b/htdocs/comm/card.php @@ -914,8 +914,10 @@ if ($object->id > 0) { * Latest orders */ if (!empty($conf->commande->enabled) && $user->rights->commande->lire) { + $param =""; + $sql = "SELECT s.nom, s.rowid"; - $sql .= ", c.rowid as cid, c.total_ht"; + $sql .= ", c.rowid as cid, c.entity, c.total_ht"; $sql .= ", c.total_tva"; $sql .= ", c.total_ttc"; $sql .= ", c.ref, c.ref_client, c.fk_statut, c.facture"; @@ -1024,7 +1026,7 @@ if ($object->id > 0) { */ if (!empty($conf->expedition->enabled) && $user->rights->expedition->lire) { $sql = 'SELECT e.rowid as id'; - $sql .= ', e.ref'; + $sql .= ', e.ref, e.entity'; $sql .= ', e.date_creation'; $sql .= ', e.fk_statut as statut'; $sql .= ', s.nom'; diff --git a/htdocs/contact/card.php b/htdocs/contact/card.php index 9e3036e29a0..6650cd140d7 100644 --- a/htdocs/contact/card.php +++ b/htdocs/contact/card.php @@ -1197,6 +1197,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { // Categories if (!empty($conf->categorie->enabled) && !empty($user->rights->categorie->lire)) { + $arrayselected = array(); print ''; print ''; if (empty($conf->global->PRODUCT_DISABLE_SELLBY)) { print ''; } if (empty($conf->global->PRODUCT_DISABLE_EATBY)) { print ''; } print ''; From 36c0936856b25ff112a2aea52421f2e13681d421 Mon Sep 17 00:00:00 2001 From: Anthony Berton Date: Wed, 20 Jul 2022 18:39:11 +0200 Subject: [PATCH 27/28] FIX - php8 migration --- htdocs/core/class/menubase.class.php | 26 +++++++++++++------------- 1 file changed, 13 insertions(+), 13 deletions(-) diff --git a/htdocs/core/class/menubase.class.php b/htdocs/core/class/menubase.class.php index 6b45cd08f98..caeece975f2 100644 --- a/htdocs/core/class/menubase.class.php +++ b/htdocs/core/class/menubase.class.php @@ -181,21 +181,21 @@ class Menubase if (!isset($this->enabled)) { $this->enabled = '1'; } - $this->menu_handler = trim($this->menu_handler); - $this->module = trim($this->module); - $this->type = trim($this->type); - $this->mainmenu = trim($this->mainmenu); - $this->leftmenu = trim($this->leftmenu); + $this->menu_handler = trim((string) $this->menu_handler); + $this->module = trim((string) $this->module); + $this->type = trim((string) $this->type); + $this->mainmenu = trim((string) $this->mainmenu); + $this->leftmenu = trim((string) $this->leftmenu); $this->fk_menu = (int) $this->fk_menu; // If -1, fk_mainmenu and fk_leftmenu must be defined - $this->fk_mainmenu = trim($this->fk_mainmenu); - $this->fk_leftmenu = trim($this->fk_leftmenu); + $this->fk_mainmenu = trim((string) $this->fk_mainmenu); + $this->fk_leftmenu = trim((string) $this->fk_leftmenu); $this->position = (int) $this->position; - $this->url = trim($this->url); - $this->target = trim($this->target); - $this->title = trim($this->title); - $this->langs = trim($this->langs); - $this->perms = trim($this->perms); - $this->enabled = trim($this->enabled); + $this->url = trim((string) $this->url); + $this->target = trim((string) $this->target); + $this->title = trim((string) $this->title); + $this->langs = trim((string) $this->langs); + $this->perms = trim((string) $this->perms); + $this->enabled = trim((string) $this->enabled); $this->user = (int) $this->user; if (empty($this->position)) { $this->position = 0; From edb2e95aaf2c590c32e40e5608a836e0968defd6 Mon Sep 17 00:00:00 2001 From: Yoan Mollard Date: Tue, 19 Jul 2022 23:55:55 +0200 Subject: [PATCH 28/28] Fixed labels for permission errors --- htdocs/expensereport/card.php | 2 +- htdocs/expensereport/list.php | 2 +- htdocs/langs/en_US/main.lang | 3 ++- htdocs/user/bank.php | 2 +- 4 files changed, 5 insertions(+), 4 deletions(-) diff --git a/htdocs/expensereport/card.php b/htdocs/expensereport/card.php index 47eefb01be9..c714ad452c1 100644 --- a/htdocs/expensereport/card.php +++ b/htdocs/expensereport/card.php @@ -263,7 +263,7 @@ if (empty($reshook)) { if ((empty($conf->global->MAIN_USE_ADVANCED_PERMS) && empty($user->rights->expensereport->creer)) || (!empty($conf->global->MAIN_USE_ADVANCED_PERMS) && empty($user->rights->expensereport->creer) && empty($user->rights->expensereport->writeall_advance))) { $error++; - setEventMessages($langs->trans("NotEnoughPermission"), null, 'errors'); + setEventMessages($langs->trans("NotEnoughPermissions"), null, 'errors'); } if (!$error) { if (empty($conf->global->MAIN_USE_ADVANCED_PERMS) || empty($user->rights->expensereport->writeall_advance)) { diff --git a/htdocs/expensereport/list.php b/htdocs/expensereport/list.php index 24432cb7cf1..38f85c6c006 100644 --- a/htdocs/expensereport/list.php +++ b/htdocs/expensereport/list.php @@ -482,7 +482,7 @@ if ($resql) { if ($canedit) { print ''.$langs->trans("AddTrip").''; } else { - print ''.$langs->trans("AddTrip").''; + print ''.$langs->trans("AddTrip").''; } print ''; diff --git a/htdocs/langs/en_US/main.lang b/htdocs/langs/en_US/main.lang index 9241120c9db..1859c9814ff 100644 --- a/htdocs/langs/en_US/main.lang +++ b/htdocs/langs/en_US/main.lang @@ -345,7 +345,7 @@ KiloBytes=Kilobytes MegaBytes=Megabytes GigaBytes=Gigabytes TeraBytes=Terabytes -UserAuthor=Ceated by +UserAuthor=Created by UserModif=Updated by b=b. Kb=Kb @@ -712,6 +712,7 @@ FeatureDisabled=Feature disabled MoveBox=Move widget Offered=Offered NotEnoughPermissions=You don't have permission for this action +UserNotInHierachy=This action is reserved to the supervisors of this user SessionName=Session name Method=Method Receive=Receive diff --git a/htdocs/user/bank.php b/htdocs/user/bank.php index 7cd8bbe6863..cdcfb33af72 100644 --- a/htdocs/user/bank.php +++ b/htdocs/user/bank.php @@ -748,7 +748,7 @@ if ($action != 'edit' && $action != 'create') { // If not bank account yet, $ac if ($permissiontoaddbankaccount) { $morehtmlright = dolGetButtonTitle($langs->trans('Add'), '', 'fa fa-plus-circle', $_SERVER["PHP_SELF"].'?id='.$object->id.'&action=create'); } else { - $morehtmlright = dolGetButtonTitle($langs->trans('Add'), 'NotEnoughPermission', 'fa fa-plus-circle', '', '', -2); + $morehtmlright = dolGetButtonTitle($langs->trans('Add'), $langs->trans('NotEnoughPermissions'), 'fa fa-plus-circle', '', '', -2); } } else { $morehtmlright = dolGetButtonTitle($langs->trans('Add'), 'AlreadyOneBankAccount', 'fa fa-plus-circle', '', '', -2);
'; print $langs->trans("Usage"); print '
'.$form->editfieldkey('Categories', 'contcats', '', $object, 0).''; $cate_arbo = $form->select_all_categories(Categorie::TYPE_CONTACT, null, null, null, null, 1); diff --git a/htdocs/contact/consumption.php b/htdocs/contact/consumption.php index 41a6a74dd4b..0ba88228666 100644 --- a/htdocs/contact/consumption.php +++ b/htdocs/contact/consumption.php @@ -167,7 +167,7 @@ if ($object->thirdparty->client) { } } -if ($conf->ficheinter->enabled && $user->rights->ficheinter->lire) { +if (!empty($conf->ficheinter->enabled) && $user->rights->ficheinter->lire) { $elementTypeArray['fichinter'] = $langs->transnoentitiesnoconv('Interventions'); } diff --git a/htdocs/contact/list.php b/htdocs/contact/list.php index e68274ecff2..8a1765118da 100644 --- a/htdocs/contact/list.php +++ b/htdocs/contact/list.php @@ -341,6 +341,9 @@ $formother = new FormOther($db); $formcompany = new FormCompany($db); $contactstatic = new Contact($db); +$morejs=array(); +$morecss = array(); + if (!empty($conf->global->THIRDPARTY_ENABLE_PROSPECTION_ON_ALTERNATIVE_ADRESSES)) { $contactstatic->loadCacheOfProspStatus(); } diff --git a/htdocs/core/lib/functions.lib.php b/htdocs/core/lib/functions.lib.php index 77ab8eab79a..13490de9886 100644 --- a/htdocs/core/lib/functions.lib.php +++ b/htdocs/core/lib/functions.lib.php @@ -7447,8 +7447,8 @@ function getCommonSubstitutionArray($outputlangs, $onlykey = 0, $exclude = null, $substitutionarray['__MEMBER_PHONEMOBILE__'] = (isset($object->phone_mobile) ? dol_print_phone($object->phone_mobile) : ''); $substitutionarray['__MEMBER_TYPE__'] = (isset($object->type) ? $object->type : ''); $substitutionarray['__MEMBER_FIRST_SUBSCRIPTION_DATE__'] = dol_print_date($object->first_subscription_date, 'dayrfc'); - $substitutionarray['__MEMBER_FIRST_SUBSCRIPTION_DATE_START__'] = dol_print_date($object->first_subscription_date_start, 'dayrfc'); - $substitutionarray['__MEMBER_FIRST_SUBSCRIPTION_DATE_END__'] = dol_print_date($object->first_subscription_date_end, 'dayrfc'); + $substitutionarray['__MEMBER_FIRST_SUBSCRIPTION_DATE_START__'] = (isset($object->first_subscription_date_start) ? dol_print_date($object->first_subscription_date_start, 'dayrfc') : ''); + $substitutionarray['__MEMBER_FIRST_SUBSCRIPTION_DATE_END__'] = (isset($object->first_subscription_date_end) ? dol_print_date($object->first_subscription_date_end, 'dayrfc') : ''); $substitutionarray['__MEMBER_LAST_SUBSCRIPTION_DATE__'] = dol_print_date($object->last_subscription_date, 'dayrfc'); $substitutionarray['__MEMBER_LAST_SUBSCRIPTION_DATE_START__'] = dol_print_date($object->last_subscription_date_start, 'dayrfc'); $substitutionarray['__MEMBER_LAST_SUBSCRIPTION_DATE_END__'] = dol_print_date($object->last_subscription_date_end, 'dayrfc'); diff --git a/htdocs/core/modules/member/doc/pdf_standard.class.php b/htdocs/core/modules/member/doc/pdf_standard.class.php index 0fc13cbe134..842495c242d 100644 --- a/htdocs/core/modules/member/doc/pdf_standard.class.php +++ b/htdocs/core/modules/member/doc/pdf_standard.class.php @@ -173,7 +173,7 @@ class pdf_standard extends CommonStickerGenerator $widthtouse = $maxwidthtouse; $heighttouse = 0; // old value for image $tmp = dol_getImageSize($photo, false); - if ($tmp['height']) { + if (isset($tmp['height'])) { $imgratio = $tmp['width'] / $tmp['height']; if ($imgratio >= $defaultratio) { $widthtouse = $maxwidthtouse; @@ -314,10 +314,10 @@ class pdf_standard extends CommonStickerGenerator complete_substitutions_array($substitutionarray, $langs); // For business cards - $textleft = make_substitutions($conf->global->ADHERENT_CARD_TEXT, $substitutionarray); - $textheader = make_substitutions($conf->global->ADHERENT_CARD_HEADER_TEXT, $substitutionarray); - $textfooter = make_substitutions($conf->global->ADHERENT_CARD_FOOTER_TEXT, $substitutionarray); - $textright = make_substitutions($conf->global->ADHERENT_CARD_TEXT_RIGHT, $substitutionarray); + $textleft = make_substitutions(getDolGlobalString("ADHERENT_CARD_TEXT"), $substitutionarray); + $textheader = make_substitutions(getDolGlobalString("ADHERENT_CARD_HEADER_TEXT"), $substitutionarray); + $textfooter = make_substitutions(getDolGlobalString("ADHERENT_CARD_FOOTER_TEXT"), $substitutionarray); + $textright = make_substitutions(getDolGlobalString("ADHERENT_CARD_TEXT_RIGHT"), $substitutionarray); $nb = $_Avery_Labels[$this->code]['NX'] * $_Avery_Labels[$this->code]['NY']; if ($nb <= 0) { @@ -330,8 +330,8 @@ class pdf_standard extends CommonStickerGenerator 'textheader'=>$textheader, 'textfooter'=>$textfooter, 'textright'=>$textright, - 'id'=>$object->rowid, - 'photo'=>$object->photo + 'id'=>(isset($object->rowid) ? $object->rowid : ""), + 'photo'=>(isset($object->photo) ? $object->photo : "") ); } diff --git a/htdocs/core/tpl/extrafields_list_print_fields.tpl.php b/htdocs/core/tpl/extrafields_list_print_fields.tpl.php index aeafac07962..2a12a07fd23 100644 --- a/htdocs/core/tpl/extrafields_list_print_fields.tpl.php +++ b/htdocs/core/tpl/extrafields_list_print_fields.tpl.php @@ -68,6 +68,9 @@ if (!empty($extrafieldsobjectkey) && !empty($extrafields->attributes[$extrafield $totalarray['totalizable'][$key]['pos'] = $totalarray['nbfield']; } if (is_numeric($obj->$tmpkey)) { + if (!isset($totalarray['totalizable'][$key]['total'])) { + $totalarray['totalizable'][$key]['total'] = 0; + } $totalarray['totalizable'][$key]['total'] += $obj->$tmpkey; } } diff --git a/htdocs/product/stock/card.php b/htdocs/product/stock/card.php index 3ef85adeb84..02797fdbb37 100644 --- a/htdocs/product/stock/card.php +++ b/htdocs/product/stock/card.php @@ -715,7 +715,9 @@ if ($action == 'create') { $productstatic->type = $objp->type; $productstatic->entity = $objp->entity; $productstatic->status_batch = $objp->tobatch; - $productstatic->fk_unit = $objp->fk_unit; + if (!empty($conf->global->PRODUCT_USE_UNITS)) { + $productstatic->fk_unit = $objp->fk_unit; + } $productstatic->status = $objp->tosell; $productstatic->status_buy = $objp->tobuy; $productstatic->barcode = $objp->barcode; diff --git a/htdocs/product/stock/info.php b/htdocs/product/stock/info.php index de9f72fbcd6..29e337c3728 100644 --- a/htdocs/product/stock/info.php +++ b/htdocs/product/stock/info.php @@ -35,7 +35,7 @@ $ref = GETPOST('ref', 'alpha'); // Security check //$result=restrictedArea($user,'stock', $id, 'entrepot&stock'); $result = restrictedArea($user, 'stock'); - +$usercancreate = $user->rights->stock->creer; /* * View @@ -75,7 +75,7 @@ if (!empty($conf->project->enabled)) { $morehtmlref .= ''; $morehtmlref .= ''; } else { - $morehtmlref .= $form->form_project($_SERVER['PHP_SELF'].'?id='.$object->id, $object->socid, $object->fk_project, 'none', 0, 0, 0, 1); + $morehtmlref .= $form->form_project($_SERVER['PHP_SELF'].'?id='.$object->id, (!empty($object->socid) ? $object->socid : 0), $object->fk_project, 'none', 0, 0, 0, 1); } } else { if (!empty($object->fk_project)) { diff --git a/htdocs/product/stock/movement_list.php b/htdocs/product/stock/movement_list.php index 34a2a074ec5..ab3afad20b0 100644 --- a/htdocs/product/stock/movement_list.php +++ b/htdocs/product/stock/movement_list.php @@ -59,6 +59,7 @@ $confirm = GETPOST('confirm', 'alpha'); // Result of a confirmation $cancel = GETPOST('cancel', 'alpha'); $contextpage = GETPOST('contextpage', 'aZ') ?GETPOST('contextpage', 'aZ') : 'movementlist'; $toselect = GETPOST('toselect', 'array'); // Array of ids of elements selected into a list +$backtopage = GETPOST("backtopage", "alpha"); $idproduct = GETPOST('idproduct', 'int'); $sall = trim((GETPOST('search_all', 'alphanohtml') != '') ?GETPOST('search_all', 'alphanohtml') : GETPOST('sall', 'alphanohtml')); diff --git a/htdocs/product/stock/productlot_list.php b/htdocs/product/stock/productlot_list.php index 2743c4a5ea7..ba6b81abd79 100644 --- a/htdocs/product/stock/productlot_list.php +++ b/htdocs/product/stock/productlot_list.php @@ -42,6 +42,7 @@ $backtopage = GETPOST('backtopage', 'alpha'); $toselect = GETPOST('toselect', 'array'); // Array of ids of elements selected into a list $contextpage = GETPOST('contextpage', 'aZ') ? GETPOST('contextpage', 'aZ') : 'productlotlist'; // To manage different context of search $optioncss = GETPOST('optioncss', 'alpha'); +$mode = GETPOST('mode', 'alpha'); $search_entity = GETPOST('search_entity', 'int'); $search_product = GETPOST('search_product', 'alpha'); diff --git a/htdocs/product/stock/tpl/stocktransfer.tpl.php b/htdocs/product/stock/tpl/stocktransfer.tpl.php index cfb46231a72..53803b0929d 100644 --- a/htdocs/product/stock/tpl/stocktransfer.tpl.php +++ b/htdocs/product/stock/tpl/stocktransfer.tpl.php @@ -112,12 +112,12 @@ if (!empty($conf->productbatch->enabled) && print '
'.$langs->trans("SellByDate").''; - print $form->selectDate(($d_sellby ? $d_sellby : $pdluo->sellby), 'sellby', '', '', 1, "", 1, 0, ($pdluoid > 0 ? 1 : 0)); // If form was opened for a specific pdluoid, field is disabled + print $form->selectDate((!empty($d_sellby) ? $d_sellby : $pdluo->sellby), 'sellby', '', '', 1, "", 1, 0, ($pdluoid > 0 ? 1 : 0)); // If form was opened for a specific pdluoid, field is disabled print ''.$langs->trans("EatByDate").''; - print $form->selectDate(($d_eatby ? $d_eatby : $pdluo->eatby), 'eatby', '', '', 1, "", 1, 0, ($pdluoid > 0 ? 1 : 0)); // If form was opened for a specific pdluoid, field is disabled + print $form->selectDate((!empty($d_eatby) ? $d_eatby : $pdluo->eatby), 'eatby', '', '', 1, "", 1, 0, ($pdluoid > 0 ? 1 : 0)); // If form was opened for a specific pdluoid, field is disabled print '