lainwir3d/dolibarr
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge branch 'develop' into deleteFromDocMB

Browse Source
This commit is contained in:
lamrani abdelwadoud 2023-04-05 11:08:34 +02:00 committed by GitHub
commit 29f8ba3a0f
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2048 changed files with 13257 additions and 7982 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
.travis.yml
View File

@ -473,7 +473,7 @@ script:
- |
echo "Unit testing"
# Ensure we catch errors. Set this to +e if you want to go to the end to see dolibarr.log file.
# Ensure we catch errors. Set this to +e instead of -e if you want to go to the end to see dolibarr.log file.
set -e
phpunit -d memory_limit=-1 -c test/phpunit/phpunittest.xml test/phpunit/AllTests.php
phpunitresult=$?
@ -501,7 +501,7 @@ after_failure:
# Show upgrade log files
for ficlog in `ls $TRAVIS_BUILD_DIR/*.log`
do
echo "Debugging informations for file $ficlog"
#echo "Debugging informations for file $ficlog"
#cat $ficlog
done
# Show Apache log file

6
COPYRIGHT
View File

@ -26,14 +26,14 @@ PHP libraries:
EvalMath 1.0 BSD Yes Safe math expressions evaluation
Escpos-php 2.2 MIT License Yes Thermal receipt printer library, for use with ESC/POS compatible printers
GeoIP2 0.2.0 Apache License 2.0 Yes Lib to make geoip convert
Mobiledetect 2.8.39 MIT License Yes Detect mobile devices browsers
Mobiledetect 2.8.41 MIT License Yes Detect mobile devices browsers
NuSoap 0.9.5 LGPL 2.1+ Yes Library to develop SOAP Web services (not into rpm and deb package)
PEAR Mail_MIME 1.8.9 BSD Yes NuSoap dependency
ParseDown 1.6 MIT License Yes Markdown parser
PCLZip 2.8.4 LGPL-3+ Yes Library to zip/unzip files
PHPDebugBar 1.18.2 MIT License Yes Used only by the module "debugbar" for developers
PHP-Imap 2.7.2 MIT License Yes Library to use IMAP with OAuth
PHPSpreadSheet 1.8.2 LGPL-2.1+ Yes Read/Write XLS files, read ODS files
PHPSpreadSheet 1.12.0 LGPL-2.1+ Yes Read/Write XLS files, read ODS files
php-iban 4.1.1 LGPL-3+ Yes Parse and validate IBAN (and IIBAN) bank account information in PHP
PHPoAuthLib 0.8.2 MIT License Yes Library to provide oauth1 and oauth2 to different service
PHPPrintIPP 1.3 GPL-2+ Yes Library to send print IPP requests
@ -51,7 +51,7 @@ JS libraries:
Ace 1.4.14 BSD Yes JS library to get code syntaxique coloration in a textarea.
ChartJS 3.7.1 MIT License Yes JS library for graph
CKEditor 4.18 LGPL-2.1+ Yes Editor WYSIWYG
jQuery 3.6.0 MIT License Yes JS library
jQuery 3.6.4 MIT License Yes JS library
jQuery UI 1.13.2 GPL and MIT License Yes JS library plugin UI
jQuery select2 4.0.13 GPL and Apache License Yes JS library plugin for sexier multiselect. Warning: 4.0.6+ create troubles without patching css
jQuery blockUI 2.70.0 GPL and MIT License Yes JS library plugin blockUI (to use ajax popups)

99
ChangeLog
View File

@ -17,12 +17,63 @@ Following changes may create regressions for some external modules, but were nec
* Revert default type of hooks. Default is now 'addreplace' hooks (and exception become 'output' hooks, that become deprecated).
* Deprecated property libelle removed from entrepot class.
* The type 'text' in ->fields property dos not accept html content anymore. Use the type 'html' for that.
* The module for WebService SOAP API have been deprecated. Use instead the Webservice REST API module.
* The method htmlPrintOnlinePaymentFooter() used for public footer pages has been renamed into htmlPrintOnlineFooter() and moved into company.lib.php
***** ChangeLog for 17.0.1 compared to 17.0.0 *****
TODO
FIX: 17.0 PHP Warning invalid argument supplied for foreach
FIX: #[23799] - External users are not able to create events - correction
FIX: #23966 Error "Param dbt_keyfield is required but not defined
FIX: #24138 Fix box_birthdays SQL for postgres
FIX: #24201 Upload of external module fails to copy from incorrectly generated temp source dir
FIX: #24240 Dolibarr V17.0.0 PHP8 fatal error
FIX: accountancy lettering: better error management
FIX: accountancy lettering: correctly calculated number of lettering operations done
FIX: accountancy lettering: error management and prevention
FIX: accountancy lettering: prevent null results when fetching link with payments
FIX: action delete card fac rec
FIX: Add bookmark with search fields that are arrays (backport 4157263cb898f1847cfcfc22dee6007c01b13a4d)
FIX: Add missing hook on LibStatut
FIX: Add more context for selectForFormsListWhere Hook
FIX: Autofill / clear qty in inventory page
FIX: avoid php8 warnings
FIX: avoid phpunit error
FIX: can not show all csv fields (a reason for that ?)
FIX: change date on select date input when prefix is used
FIX: dol_textishtml() function
FIX: expense report accountancy: sql syntax error when performing automatic linking
FIX: Extrafields in Notes to unify with orders or invoices.
FIX: fatal error when margin enable (missing check on element), fix User::hasRight() when checking a margin right
FIX: feedbacks
FIX: FILTER_VALIDATE_EMAIL param is not a string
FIX: #24298 No error or 0.00 instead of NULL in database anymore when emptying an extrafield of type price on a propal card
FIX: full group by handle
FIX: holiday counter massaction: ErrorBadValueForParamNotAString and PHP 8 warning when no approval user right
FIX: installation superadmin creation: PHP 8 warning
FIX: invoices order on sells journal
FIX: it was not possible to update extrafields of expedition lines with batch without editing batch value
FIX: limit after order in get objects in category
FIX: method dolGetGlobalString not defined with saphir
FIX: missing column default workstation
FIX: missing drop foreign key before modify field
FIX: missing "multidir_output" for project sharing (Multicompany)
FIX: missing protection on ajax public ticket page for valid email
FIX: ODT management inverted between purchase invoice and order
FIX: PDF Espadon => display extrafields
FIX: PDF Espadon Expedition : notes and tracking number
FIX: Phpunit Rename WebsiteTest.class.php to WebsiteTest.php
FIX: project referent elements list: conf to hide tasks was flipped
FIX: Protection on agenda view for a thirdparty id that does not exist
FIX: search_project_user
FIX: societe list: regression to redirection to customer card when single result of search filters
FIX: SQL error "unknown column p.fk_soc" because ANSI-92 joins take precedence over ANSI-89 joins
FIX: task have the same entity of project
FIX: token error when closing ticket from public interface
FIX: Warning on purchase order + Property fk_commande not defined
***** ChangeLog for 17.0.0 compared to 16.0.0 *****
@ -232,7 +283,51 @@ Following changes may create regressions for some external modules, but were nec
***** ChangeLog for 16.0.5 compared to 16.0.4 *****
TODO
FIX: 16.0 propalestats Unknown column 'p.fk_soc' in 'on clause'
FIX: #23804
FIX: #23860
FIX: #23966 Error "Param dbt_keyfield is required but not defined"
FIX: accountancy lettering: better error management
FIX: accountancy lettering: correctly calculated number of lettering operations done
FIX: accountancy lettering: error management and prevention
FIX: accountancy lettering: prevent null results when fetching link with payments
FIX: Add missing hook on LibStatut
FIX: Add more context for selectForFormsListWhere Hook
FIX: attach file and send by mail in ticket
FIX: bad check on if in get_all_ways
FIX: Cannot import find type_fees with cgenericdic.class because it has id and not rowid
FIX: clicktodial backtopage
FIX: discount wasn't taken into account when adding a line in BOM
FIX: expense reports: error when selecting mileage fees expense type if MAIN_USE_EXPENSE_IK disabled
FIX: expense reports: JS error when selecting mileage fees expense type if MAIN_USE_EXPENSE_IK disabled
FIX: Extrafields in Notes to unify with orders or invoices.
FIX: fatal error on clicktodial backtopage
FIX: filter sql accounting account
FIX: Get data back on product update
FIX: Get data back when error on command create
FIX: label dictionary is used by barcode and member module
FIX: mandatory date for service didnt work for invoice
FIX: missing "authorid" for getNomUrl link right access
FIX: missing getEntity filter
FIX: vulnerability: missing protection on ajax public ticket page for valid email.
FIX: Missing right to edit service note when module product is disabled
FIX: multicompany compatibility
FIX: object $user is not defined
FIX: Object of class LDAP\Connection could not be converted to string
FIX: parse error and NAN
FIX: product ref fourn same size in supplier order/invoice as in product price fourn
FIX: Profit calculation on project preview tab.
FIX: Remove orphelan $this->db->rollback() in the function insertExtrafields()
FIX: request new password with "mc" and "twofactor" authentication
FIX: Resolve error message due to missing arguments
FIX: select for task in event card
FIX: several email sent to the same recipient when adding message from ticket
FIX: shipping list for external user
FIX: SQL error "unknown column p.fk_soc" because ANSI-92 joins take precedence over ANSI-89 joins
FIX: strato pdf
FIX: typos in getAttchments() $arrayobject
FIX: whitespaces
FIX: wrong url param name action
***** ChangeLog for 16.0.4 compared to 16.0.3 *****

2
build/generate_filelist_xml.php
View File

@ -56,7 +56,7 @@ if (empty($argv[1])) {
$i=0;
$result=array();
$result = array();
while ($i < $argc) {
if (!empty($argv[$i])) {
parse_str($argv[$i], $result); // set all params $release, $includecustom, $includeconstant, $buildzip ...

4
htdocs/accountancy/admin/export.php
View File

@ -269,9 +269,9 @@ if ($num2) {
// Value
print '<td>';
if (is_array($key['param'])) {
print $form->selectarray($label, $key['param'], $conf->global->$label, 0);
print $form->selectarray($label, $key['param'], getDolGlobalString($label), 0);
} else {
print '<input type="text" size="20" id="'.$label.'" name="'.$key['label'].'" value="'.$conf->global->$label.'">';
print '<input type="text" size="20" id="'.$label.'" name="'.$key['label'].'" value="'.getDolGlobalString($label).'">';
}
print '</td></tr>';

2
htdocs/accountancy/expensereport/index.php
View File

@ -112,7 +112,7 @@ if ($action == 'validatehistory') {
$sql1 = "SELECT erd.rowid, accnt.rowid as suggestedid";
$sql1 .= " FROM ".MAIN_DB_PREFIX."expensereport_det as erd";
$sql1 .= " LEFT JOIN ".MAIN_DB_PREFIX."c_type_fees as t ON erd.fk_c_type_fees = t.id";
$sql1 .= " LEFT JOIN ".MAIN_DB_PREFIX."accounting_account as accnt ON t.accountancy_code = accnt.account_number AND accnt.active = 1 AND accnt.fk_pcg_version = '".$db->escape($chartaccountcode)."' AND accnt.entity =".((int) $conf->entity);
$sql1 .= " LEFT JOIN ".MAIN_DB_PREFIX."accounting_account as accnt ON t.accountancy_code = accnt.account_number AND accnt.active = 1 AND accnt.fk_pcg_version = '".$db->escape($chartaccountcode)."' AND accnt.entity =".((int) $conf->entity).",";
$sql1 .= " ".MAIN_DB_PREFIX."expensereport as er";
$sql1 .= " WHERE erd.fk_expensereport = er.rowid AND er.entity = ".((int) $conf->entity);
$sql1 .= " AND er.fk_statut IN (".ExpenseReport::STATUS_APPROVED.", ".ExpenseReport::STATUS_CLOSED.") AND erd.fk_code_ventilation <= 0";

2
htdocs/accountancy/journal/sellsjournal.php
View File

@ -158,7 +158,7 @@ if ($in_bookkeeping == 'notyet') {
$sql .= " AND f.rowid NOT IN (SELECT fk_doc FROM ".MAIN_DB_PREFIX."accounting_bookkeeping as ab WHERE ab.doc_type='customer_invoice')";
// $sql .= " AND fd.rowid NOT IN (SELECT fk_docdet FROM " . MAIN_DB_PREFIX . "accounting_bookkeeping as ab WHERE ab.doc_type='customer_invoice')"; // Useless, we save one line for all products with same account
}
$sql .= " ORDER BY f.datef";
$sql .= " ORDER BY f.datef, f.ref";
//print $sql; exit;
dol_syslog('accountancy/journal/sellsjournal.php', LOG_DEBUG);

2
htdocs/adherents/admin/member.php
View File

@ -511,7 +511,7 @@ foreach ($dirmodels as $reldir) {
// Defaut
print '<td class="center">';
if (getDolGlobalString('MEMBER_ADDON_PDF') == $name) {
if (getDolGlobalString('MEMBER_ADDON_PDF_ODT') == $name) {
print img_picto($langs->trans("Default"), 'on');
} else {
print '<a href="'.$_SERVER["PHP_SELF"].'?action=setdoc&token='.newToken().'&value='.$name.'&scandir='.(!empty($module->scandir) ? $module->scandir : '').'&label='.urlencode($module->name).'" alt="'.$langs->trans("Default").'">'.img_picto($langs->trans("Disabled"), 'off').'</a>';

30
htdocs/adherents/admin/member_emails.php
View File

@ -48,18 +48,23 @@ $action = GETPOST('action', 'aZ09');
$error = 0;
$helptext = '*'.$langs->trans("FollowingConstantsWillBeSubstituted").'<br>';
$helptext .= '__DOL_MAIN_URL_ROOT__, __ID__, __FIRSTNAME__, __LASTNAME__, __FULLNAME__, __LOGIN__, __PASSWORD__, ';
$helptext .= '__COMPANY__, __ADDRESS__, __ZIP__, __TOWN__, __COUNTRY__, __EMAIL__, __BIRTH__, __PHOTO__, __TYPE__, ';
//$helptext.='__YEAR__, __MONTH__, __DAY__'; // Not supported
// Editing global variables not related to a specific theme
$constantes = array(
'MEMBER_REMINDER_EMAIL'=>array('type'=>'yesno', 'label'=>$langs->trans('MEMBER_REMINDER_EMAIL', $langs->transnoentities("Module2300Name"))),
'ADHERENT_EMAIL_TEMPLATE_REMIND_EXPIRATION' =>'emailtemplate:member',
'ADHERENT_EMAIL_TEMPLATE_AUTOREGISTER' =>'emailtemplate:member', // until Dolibarr 7 it was ADHERENT_AUTOREGISTER_MAIL
'ADHERENT_EMAIL_TEMPLATE_MEMBER_VALIDATION' =>'emailtemplate:member', // until Dolibarr 7 it was ADHERENT_MAIL_VALID
'ADHERENT_EMAIL_TEMPLATE_SUBSCRIPTION' =>'emailtemplate:member', // until Dolibarr 7 it was ADHERENT_MAIL_COTIS
'ADHERENT_EMAIL_TEMPLATE_CANCELATION' =>'emailtemplate:member', // until Dolibarr 7 it was ADHERENT_MAIL_RESIL
'ADHERENT_EMAIL_TEMPLATE_EXCLUSION' =>'emailtemplate:member',
'ADHERENT_MAIL_FROM' =>'string',
'ADHERENT_AUTOREGISTER_NOTIF_MAIL_SUBJECT' =>'string',
'ADHERENT_AUTOREGISTER_NOTIF_MAIL' =>'html',
'ADHERENT_EMAIL_TEMPLATE_REMIND_EXPIRATION' =>array('type'=>'emailtemplate:member'),
'ADHERENT_EMAIL_TEMPLATE_AUTOREGISTER' =>array('type'=>'emailtemplate:member'),
'ADHERENT_EMAIL_TEMPLATE_MEMBER_VALIDATION' =>array('type'=>'emailtemplate:member'),
'ADHERENT_EMAIL_TEMPLATE_SUBSCRIPTION' =>array('type'=>'emailtemplate:member'),
'ADHERENT_EMAIL_TEMPLATE_CANCELATION' =>array('type'=>'emailtemplate:member'),
'ADHERENT_EMAIL_TEMPLATE_EXCLUSION' =>array('type'=>'emailtemplate:member'),
'ADHERENT_MAIL_FROM' =>array('type'=>'string'),
'ADHERENT_AUTOREGISTER_NOTIF_MAIL_SUBJECT' =>array('type'=>'string'),
'ADHERENT_AUTOREGISTER_NOTIF_MAIL' =>array('type'=>'html', 'tooltip'=>$helptext)
);
@ -147,12 +152,7 @@ print '<form action="'.$_SERVER["PHP_SELF"].'" method="POST">';
print '<input type="hidden" name="token" value="'.newToken().'">';
print '<input type="hidden" name="action" value="updateall">';
$helptext = '*'.$langs->trans("FollowingConstantsWillBeSubstituted").'<br>';
$helptext .= '__DOL_MAIN_URL_ROOT__, __ID__, __FIRSTNAME__, __LASTNAME__, __FULLNAME__, __LOGIN__, __PASSWORD__, ';
$helptext .= '__COMPANY__, __ADDRESS__, __ZIP__, __TOWN__, __COUNTRY__, __EMAIL__, __BIRTH__, __PHOTO__, __TYPE__, ';
//$helptext.='__YEAR__, __MONTH__, __DAY__'; // Not supported
form_constantes($constantes, 3, $helptext);
form_constantes($constantes, 3, '');
print '<div class="center"><input type="submit" class="button" value="'.$langs->trans("Update").'" name="update"></div>';
print '</form>';

2
htdocs/adherents/admin/website.php
View File

@ -60,7 +60,7 @@ if ($action == 'update') {
$amount = price2num(GETPOST('MEMBER_NEWFORM_AMOUNT'), 'MT', 2);
$minamount = GETPOST('MEMBER_MIN_AMOUNT');
$publiccounters = GETPOST('MEMBER_COUNTERS_ARE_PUBLIC');
$showtable = GETPOST('MEMBER_SHOW_TABLE');;
$showtable = GETPOST('MEMBER_SHOW_TABLE');
$showvoteallowed = GETPOST('MEMBER_SHOW_VOTE_ALLOWED');
$payonline = GETPOST('MEMBER_NEWFORM_PAYONLINE');
$forcetype = GETPOST('MEMBER_NEWFORM_FORCETYPE', 'int');

9
htdocs/adherents/class/adherent.class.php
View File

@ -2365,10 +2365,11 @@ class Adherent extends CommonObject
];
if (getDolGlobalInt('MAIN_ENABLE_AJAX_TOOLTIP')) {
$classfortooltip = 'classforajaxtooltip';
$dataparams = ' data-params='.json_encode($params);
// $label = $langs->trans('Loading');
$dataparams = ' data-params="'.dol_escape_htmltag(json_encode($params)).'"';
$label = '';
} else {
$label = implode($this->getTooltipContentArray($params));
}
$label = implode($this->getTooltipContentArray($params));
$url = DOL_URL_ROOT.'/adherents/card.php?rowid='.((int) $this->id);
if ($option == 'subscription') {
@ -2394,7 +2395,7 @@ class Adherent extends CommonObject
$label = $langs->trans("ShowUser");
$linkclose .= ' alt="'.dol_escape_htmltag($label, 1).'"';
}
$linkclose .= ' title="'.dol_escape_htmltag($label, 1).'"';
$linkclose .= ($label ? ' title="'.dol_escape_htmltag($label, 1).'"' : ' title="tocomplete"');
$linkclose .= $dataparams.' class="'.$classfortooltip.($morecss ? ' '.$morecss : '').'"';
}

22
htdocs/adherents/class/adherent_type.class.php
View File

@ -749,12 +749,12 @@ class AdherentType extends CommonObject
];
if (getDolGlobalInt('MAIN_ENABLE_AJAX_TOOLTIP')) {
$classfortooltip = 'classforajaxtooltip';
$dataparams = ' data-params='.json_encode($params);
// $label = $langs->trans('Loading');
$dataparams = ' data-params="'.dol_escape_htmltag(json_encode($params)).'"';
$label = '';
} else {
$label = implode($this->getTooltipContentArray($params));
}
$label = implode($this->getTooltipContentArray($params));
$url = DOL_URL_ROOT.'/adherents/type.php?rowid='.((int) $this->id);
if ($option != 'nolink') {
// Add param to save lastsearch_values or not
@ -766,7 +766,10 @@ class AdherentType extends CommonObject
$url .= '&save_lastsearch_values=1';
}
}
$linkstart = '<a href="'.$url.'" title="'.dol_escape_htmltag($label, 1).'"'.$dataparams.' class="'.$classfortooltip.'">';
$linkstart = '<a href="'.$url.'"';
$linkstart .= ($label ? ' title="'.dol_escape_htmltag($label, 1).'"' : ' title="tocomplete"');
$linkstart .= $dataparams.' class="'.$classfortooltip.'">';
$linkend = '</a>';
$result .= $linkstart;
@ -993,8 +996,6 @@ class AdherentType extends CommonObject
{
global $langs, $user;
$selected = (empty($arraydata['selected']) ? 0 : $arraydata['selected']);
$return = '<div class="box-flex-item box-flex-grow-zero">';
$return .= '<div class="info-box info-box-sm">';
$return .= '<span class="info-box-icon bg-infobox-action">';
@ -1002,9 +1003,12 @@ class AdherentType extends CommonObject
$return .= '</span>';
$return .= '<div class="info-box-content">';
$return .= '<span class="info-box-ref">'.(method_exists($this, 'getNomUrl') ? $this->getNomUrl() : $this->ref).'</span>';
$return .= '<input id="cb'.$this->id.'" class="flat checkforselect fright" type="checkbox" name="toselect[]" value="'.$this->id.'"'.($selected ? ' checked="checked"' : '').'>';
//$selected = (empty($arraydata['selected']) ? 0 : $arraydata['selected']);
//$return .= '<input id="cb'.$this->id.'" class="flat checkforselect fright" type="checkbox" name="toselect[]" value="'.$this->id.'"'.($selected ? ' checked="checked"' : '').'>';
if ($user->rights->adherent->configurer) {
$return .= '<span class="right paddingleft"><a class="editfielda" href="'.$_SERVER["PHP_SELF"].'?action=edit&rowid='.$this->ref.'">'.img_edit().'</a></span>';
$return .= '<span class="right paddingleft"><a class="editfielda" href="'.$_SERVER["PHP_SELF"].'?action=edit&rowid='.urlencode($this->ref).'">'.img_edit().'</a></span>';
} else {
$return .= '<span class="right">&nbsp;</span>';
}

5
htdocs/adherents/list.php
View File

@ -424,10 +424,10 @@ if ($search_filter == 'waitingsubscription') {
$sql .= " AND (datefin IS NULL AND t.subscription = '1')";
}
if ($search_filter == 'uptodate') {
$sql .= " AND (datefin >= '".$db->idate($now)."' OR t.subscription = '0')";
$sql .= " AND (datefin >= '".$db->idate($now)."' OR (datefin IS NULL AND t.subscription = '0'))";
}
if ($search_filter == 'outofdate') {
$sql .= " AND (datefin < '".$db->idate($now)."' AND t.subscription = '1')";
$sql .= " AND (datefin < '".$db->idate($now)."')";
}
if ($search_status != '') {
// Peut valoir un nombre ou liste de nombre separes par virgules
@ -516,6 +516,7 @@ if (empty($conf->global->MAIN_DISABLE_FULL_SCANLIST)) {
}
$db->free($resql);
}
//print $sql;
// Complete request and execute it with limit
$sql .= $db->order($sortfield, $sortorder);

4
htdocs/adherents/subscription/card.php
View File

@ -352,10 +352,10 @@ if ($rowid && $action != 'edit') {
print '<div class="tabsAction">';
if ($user->hasRight('adherent', 'cotisation', 'creer')) {
if (!empty($bankline->rappro)) {
if (!empty($bankline->rappro) || empty($bankline)) {
print '<div class="inline-block divButAction"><a class="butAction" href="'.$_SERVER["PHP_SELF"]."?rowid=".$object->id.'&action=edit&token='.newToken().'">'.$langs->trans("Modify")."</a></div>";
} else {
print '<div class="inline-block divButAction"><a class="butActionRefused classfortooltip" title="'.$langs->trans("BankLineConciliated")."\" href=\"#\">".$langs->trans("Modify")."</a></div>";
print '<div class="inline-block divButAction"><a class="butActionRefused classfortooltip" title="'.$langs->trans("BankLineConciliated").'" href="#">'.$langs->trans("Modify")."</a></div>";
}
}

258
htdocs/adherents/subscription/list.php
View File

@ -32,13 +32,16 @@ require_once DOL_DOCUMENT_ROOT.'/compta/bank/class/account.class.php';
$langs->loadLangs(array("members", "companies"));
$action = GETPOST('action', 'aZ09');
$massaction = GETPOST('massaction', 'alpha');
$confirm = GETPOST('confirm', 'alpha');
$toselect = GETPOST('toselect', 'array');
$contextpage = GETPOST('contextpage', 'aZ') ? GETPOST('contextpage', 'aZ') : 'subscriptionlist'; // To manage different context of search
$mode = GETPOST('mode', 'alpha');
$action = GETPOST('action', 'aZ09') ? GETPOST('action', 'aZ09') : 'view'; // The action 'create'/'add', 'edit'/'update', 'view', ...
$massaction = GETPOST('massaction', 'alpha'); // The bulk action (combo box choice into lists)
$show_files = GETPOST('show_files', 'int'); // Show files area generated by bulk actions ?
$confirm = GETPOST('confirm', 'alpha'); // Result of a confirmation
$cancel = GETPOST('cancel', 'alpha'); // We click on a Cancel button
$toselect = GETPOST('toselect', 'array'); // Array of ids of elements selected into a list
$contextpage = GETPOST('contextpage', 'aZ') ? GETPOST('contextpage', 'aZ') : str_replace('_', '', basename(dirname(__FILE__)).basename(__FILE__, '.php')); // To manage different context of search
$backtopage = GETPOST('backtopage', 'alpha'); // Go back to a dedicated page
$optioncss = GETPOST('optioncss', 'aZ'); // Option for the css output (always '' except when 'print')
$mode = GETPOST('mode', 'aZ'); // The output mode ('list', 'kanban', 'hierarchy', 'calendar', ...)
$statut = (GETPOSTISSET("statut") ?GETPOST("statut", "alpha") : 1);
$search_ref = GETPOST('search_ref', 'alpha');
@ -49,18 +52,19 @@ $search_login = GETPOST('search_login', 'alpha');
$search_note = GETPOST('search_note', 'alpha');
$search_account = GETPOST('search_account', 'int');
$search_amount = GETPOST('search_amount', 'alpha');
$optioncss = GETPOST('optioncss', 'alpha');
$sall = '';
$search_all = '';
$date_select = GETPOST("date_select", 'alpha');
$limit = GETPOST('limit', 'int') ?GETPOST('limit', 'int') : $conf->liste_limit;
// Load variable for pagination
$limit = GETPOST('limit', 'int') ? GETPOST('limit', 'int') : $conf->liste_limit;
$sortfield = GETPOST('sortfield', 'aZ09comma');
$sortorder = GETPOST('sortorder', 'aZ09comma');
$page = GETPOSTISSET('pageplusone') ? (GETPOST('pageplusone') - 1) : GETPOST("page", 'int');
if (empty($page) || $page == -1) {
if (empty($page) || $page < 0 || GETPOST('button_search', 'alpha') || GETPOST('button_removefilter', 'alpha')) {
// If $page is not defined, or '' or -1 or if we click on clear filters
$page = 0;
} // If $page is not defined, or '' or -1
}
$offset = $limit * $page;
$pageprev = $page - 1;
$pagenext = $page + 1;
@ -71,13 +75,12 @@ if (!$sortfield) {
$sortfield = "c.dateadh";
}
// Initialize technical objects
$object = new Subscription($db);
// Initialize technical object to manage hooks of page. Note that conf->hooks_modules contains array of hook context
$hookmanager->initHooks(array('subscriptionlist'));
$extrafields = new ExtraFields($db);
$hookmanager->initHooks(array('subscriptionlist'));
// fetch optionals attributes and labels
// Fetch optionals attributes and labels
$extrafields->fetch_name_optionals_label($object->table_element);
$search_array_options = $extrafields->getOptionalsFromPost($object->table_element, '', 'search_');
@ -106,13 +109,16 @@ $arrayfields = array(
// Security check
$result = restrictedArea($user, 'adherent', '', '', 'cotisation');
$permissiontodelete = $user->hasRight('adherent', 'cotisation', 'creer');
/*
* Actions
*/
if (GETPOST('cancel', 'alpha')) {
$action = 'list'; $massaction = '';
$action = 'list';
$massaction = '';
}
if (!GETPOST('confirmmassaction', 'alpha') && $massaction != 'presend' && $massaction != 'confirm_presend') {
$massaction = '';
@ -141,6 +147,16 @@ if (empty($reshook)) {
$toselect = array();
$search_array_options = array();
}
if (GETPOST('button_removefilter_x', 'alpha') || GETPOST('button_removefilter.x', 'alpha') || GETPOST('button_removefilter', 'alpha')
|| GETPOST('button_search_x', 'alpha') || GETPOST('button_search.x', 'alpha') || GETPOST('button_search', 'alpha')) {
$massaction = ''; // Protection to avoid mass action if we force a new search during a mass action confirmation
}
// Mass actions
$objectclass = 'Subscription';
$objectlabel = 'Subscription';
$uploaddir = $conf->adherent->dir_output;
include DOL_DOCUMENT_ROOT.'/core/actions_massactions.inc.php';
}
@ -162,6 +178,20 @@ $sql .= " c.rowid as crowid, c.fk_type, c.subscription,";
$sql .= " c.dateadh, c.datef, c.datec as date_creation, c.tms as date_update,";
$sql .= " c.fk_bank as bank, c.note,";
$sql .= " b.fk_account";
// Add fields from extrafields
if (!empty($extrafields->attributes[$object->table_element]['label'])) {
foreach ($extrafields->attributes[$object->table_element]['label'] as $key => $val) {
$sql .= ($extrafields->attributes[$object->table_element]['type'][$key] != 'separate' ? ", ef.".$key." as options_".$key : '');
}
}
// Add fields from hooks
$parameters = array();
$reshook = $hookmanager->executeHooks('printFieldListSelect', $parameters, $object, $action); // Note that $action and $object may have been modified by hook
$sql .= $hookmanager->resPrint;
$sql = preg_replace('/,\s*$/', '', $sql);
$sqlfields = $sql; // $sql fields to remove for count total
$sql .= " FROM ".MAIN_DB_PREFIX."adherent as d";
$sql .= " JOIN ".MAIN_DB_PREFIX."subscription as c on d.rowid = c.fk_adherent";
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."adherent_extrafields as ef on (d.rowid = ef.fk_object)";
@ -199,60 +229,72 @@ if ($search_account > 0) {
if ($search_amount) {
$sql .= natural_search('c.subscription', $search_amount, 1);
}
if ($search_all) {
$sql .= natural_search(array_keys($fieldstosearchall), $search_all);
}
// Add where from extra fields
include DOL_DOCUMENT_ROOT.'/core/tpl/extrafields_list_search_sql.tpl.php';
// Add where from hooks
$parameters = array();
$reshook = $hookmanager->executeHooks('printFieldListWhere', $parameters); // Note that $action and $object may have been modified by hook
$reshook = $hookmanager->executeHooks('printFieldListWhere', $parameters, $object, $action); // Note that $action and $object may have been modified by hook
$sql .= $hookmanager->resPrint;
$sql .= $db->order($sortfield, $sortorder);
// Count total nb of records with no order and no limits
// Count total nb of records
$nbtotalofrecords = '';
if (empty($conf->global->MAIN_DISABLE_FULL_SCANLIST)) {
$resql = $db->query($sql);
/* The fast and low memory method to get and count full list converts the sql into a sql count */
$sqlforcount = preg_replace('/^'.preg_quote($sqlfields, '/').'/', 'SELECT COUNT(*) as nbtotalofrecords', $sql);
$sqlforcount = preg_replace('/GROUP BY .*$/', '', $sqlforcount);
$resql = $db->query($sqlforcount);
if ($resql) {
$nbtotalofrecords = $db->num_rows($resql);
$objforcount = $db->fetch_object($resql);
$nbtotalofrecords = $objforcount->nbtotalofrecords;
} else {
dol_print_error($db);
}
if (($page * $limit) > $nbtotalofrecords) { // if total resultset is smaller then paging size (filtering), goto and load page 0
if (($page * $limit) > $nbtotalofrecords) { // if total resultset is smaller than the paging size (filtering), goto and load page 0
$page = 0;
$offset = 0;
}
$db->free($resql);
}
// Add limit
$sql .= $db->plimit($limit + 1, $offset);
$result = $db->query($sql);
if (!$result) {
// Complete request and execute it with limit
$sql .= $db->order($sortfield, $sortorder);
if ($limit) {
$sql .= $db->plimit($limit + 1, $offset);
}
$resql = $db->query($sql);
if (!$resql) {
dol_print_error($db);
exit;
}
$num = $db->num_rows($result);
$num = $db->num_rows($resql);
$arrayofselected = is_array($toselect) ? $toselect : array();
if ($num == 1 && !empty($conf->global->MAIN_SEARCH_DIRECT_OPEN_IF_ONLY_ONE) && $sall) {
// Direct jump if only one record found
if ($num == 1 && !empty($conf->global->MAIN_SEARCH_DIRECT_OPEN_IF_ONLY_ONE) && $search_all && !$page) {
$obj = $db->fetch_object($resql);
$id = $obj->rowid;
header("Location: ".DOL_URL_ROOT.'/adherents/subscription/card.php?id='.$id);
exit;
}
// Output page
// --------------------------------------------------------------------
$title = $langs->trans("Subscriptions");
if (!empty($date_select)) {
$title .= ' ('.$langs->trans("Year").' '.$date_select.')';
}
$help_url = 'EN:Module_Foundations|FR:Module_Adh&eacute;rents|ES:M&oacute;dulo_Miembros|DE:Modul_Mitglieder';
llxHeader('', $title, $help_url);
$i = 0;
$arrayofselected = is_array($toselect) ? $toselect : array();
$param = '';
if (!empty($mode)) {
@ -262,7 +304,7 @@ if (!empty($contextpage) && $contextpage != $_SERVER["PHP_SELF"]) {
$param .= '&contextpage='.urlencode($contextpage);
}
if ($limit > 0 && $limit != $conf->liste_limit) {
$param .= '&limit='.urlencode($limit);
$param .= '&limit='.((int) $limit);
}
if ($statut != '') {
$param .= "&statut=".urlencode($statut);
@ -290,27 +332,25 @@ if ($optioncss != '') {
}
// Add $param from extra fields
include DOL_DOCUMENT_ROOT.'/core/tpl/extrafields_list_search_param.tpl.php';
// Add $param from hooks
$parameters = array();
$reshook = $hookmanager->executeHooks('printFieldListSearchParam', $parameters, $object, $action); // Note that $action and $object may have been modified by hook
$param .= $hookmanager->resPrint;
// List of mass actions available
$arrayofmassactions = array(
//'presend'=>img_picto('', 'email', 'class="pictofixedwidth"').$langs->trans("SendByMail"),
//'builddoc'=>img_picto('', 'pdf', 'class="pictofixedwidth"').$langs->trans("PDFMerge"),
);
//if ($user->hasRight('adherent', 'supprimer')) $arrayofmassactions['predelete'] = img_picto('', 'delete', 'class="pictofixedwidth"').$langs->trans("Delete");
if (in_array($massaction, array('presend', 'predelete'))) {
if (!empty($permissiontodelete)) {
$arrayofmassactions['predelete'] = img_picto('', 'delete', 'class="pictofixedwidth"').$langs->trans("Delete");
}
if (GETPOST('nomassaction', 'int') || in_array($massaction, array('presend', 'predelete'))) {
$arrayofmassactions = array();
}
$massactionbutton = $form->selectMassAction('', $arrayofmassactions);
$newcardbutton = '';
$newcardbutton .= dolGetButtonTitle($langs->trans('ViewList'), '', 'fa fa-bars imgforviewmode', $_SERVER["PHP_SELF"].'?mode=common'.preg_replace('/(&|\?)*mode=[^&]+/', '', $param), '', ((empty($mode) || $mode == 'common') ? 2 : 1), array('morecss'=>'reposition'));
$newcardbutton .= dolGetButtonTitle($langs->trans('ViewKanban'), '', 'fa fa-th-list imgforviewmode', $_SERVER["PHP_SELF"].'?mode=kanban'.preg_replace('/(&|\?)*mode=[^&]+/', '', $param), '', ($mode == 'kanban' ? 2 : 1), array('morecss'=>'reposition'));
if ($user->hasRight('adherent', 'cotisation', 'creer')) {
$newcardbutton .= dolGetButtonTitle($langs->trans('NewSubscription'), '', 'fa fa-plus-circle', DOL_URL_ROOT.'/adherents/list.php?status=-1,1');
}
print '<form method="POST" id="searchFormList" action="'.$_SERVER["PHP_SELF"].'">';
print '<form method="POST" id="searchFormList" action="'.$_SERVER["PHP_SELF"].'">'."\n";
if ($optioncss != '') {
print '<input type="hidden" name="optioncss" value="'.$optioncss.'">';
}
@ -319,10 +359,19 @@ print '<input type="hidden" name="formfilteraction" id="formfilteraction" value=
print '<input type="hidden" name="action" value="list">';
print '<input type="hidden" name="sortfield" value="'.$sortfield.'">';
print '<input type="hidden" name="sortorder" value="'.$sortorder.'">';
print '<input type="hidden" name="page" value="'.$page.'">';
print '<input type="hidden" name="contextpage" value="'.$contextpage.'">';
print '<input type="hidden" name="date_select" value="'.$date_select.'">';
print '<input type="hidden" name="page_y" value="">';
print '<input type="hidden" name="mode" value="'.$mode.'">';
$newcardbutton = '';
$newcardbutton .= dolGetButtonTitle($langs->trans('ViewList'), '', 'fa fa-bars imgforviewmode', $_SERVER["PHP_SELF"].'?mode=common'.preg_replace('/(&|\?)*mode=[^&]+/', '', $param), '', ((empty($mode) || $mode == 'common') ? 2 : 1), array('morecss'=>'reposition'));
$newcardbutton .= dolGetButtonTitle($langs->trans('ViewKanban'), '', 'fa fa-th-list imgforviewmode', $_SERVER["PHP_SELF"].'?mode=kanban'.preg_replace('/(&|\?)*mode=[^&]+/', '', $param), '', ($mode == 'kanban' ? 2 : 1), array('morecss'=>'reposition'));
if ($user->hasRight('adherent', 'cotisation', 'creer')) {
$newcardbutton .= dolGetButtonTitleSeparator();
$newcardbutton .= dolGetButtonTitle($langs->trans('NewSubscription'), '', 'fa fa-plus-circle', DOL_URL_ROOT.'/adherents/list.php?status=-1,1');
}
print_barre_liste($title, $page, $_SERVER["PHP_SELF"], $param, $sortfield, $sortorder, $massactionbutton, $num, $nbtotalofrecords, $subscription->picto, 0, $newcardbutton, '', $limit, 0, 0, 1);
@ -332,30 +381,51 @@ $objecttmp = new Subscription($db);
$trackid = 'sub'.$object->id;
include DOL_DOCUMENT_ROOT.'/core/tpl/massactions_pre.tpl.php';
if ($sall) {
if ($search_all) {
$setupstring = '';
foreach ($fieldstosearchall as $key => $val) {
$fieldstosearchall[$key] = $langs->trans($val);
$setupstring .= $key."=".$val.";";
}
print '<div class="divsearchfieldfilter">'.$langs->trans("FilterOnInto", $sall).join(', ', $fieldstosearchall).'</div>';
print '<!-- Search done like if MYOBJECT_QUICKSEARCH_ON_FIELDS = '.$setupstring.' -->'."\n";
print '<div class="divsearchfieldfilter">'.$langs->trans("FilterOnInto", $search_all).join(', ', $fieldstosearchall).'</div>'."\n";
}
$moreforfilter = '';
/*$moreforfilter.='<div class="divsearchfield">';
$moreforfilter.= $langs->trans('MyFilter') . ': <input type="text" name="search_myfield" value="'.dol_escape_htmltag($search_myfield).'">';
$moreforfilter.= '</div>';*/
$varpage = empty($contextpage) ? $_SERVER["PHP_SELF"] : $contextpage;
$selectedfields = $form->multiSelectArrayWithCheckbox('selectedfields', $arrayfields, $varpage, getDolGlobalString('MAIN_CHECKBOX_LEFT_COLUMN')); // This also change content of $arrayfields
if ($massactionbutton) {
$selectedfields .= $form->showCheckAddButtons('checkforselect', 1);
$parameters = array();
$reshook = $hookmanager->executeHooks('printFieldPreListTitle', $parameters, $object, $action); // Note that $action and $object may have been modified by hook
if (empty($reshook)) {
$moreforfilter .= $hookmanager->resPrint;
} else {
$moreforfilter = $hookmanager->resPrint;
}
print '<div class="div-table-responsive">';
if (!empty($moreforfilter)) {
print '<div class="liste_titre liste_titre_bydiv centpercent">';
print $moreforfilter;
$parameters = array();
$reshook = $hookmanager->executeHooks('printFieldPreListTitle', $parameters, $object, $action); // Note that $action and $object may have been modified by hook
print $hookmanager->resPrint;
print '</div>';
}
$varpage = empty($contextpage) ? $_SERVER["PHP_SELF"] : $contextpage;
$selectedfields = ($mode != 'kanban' ? $form->multiSelectArrayWithCheckbox('selectedfields', $arrayfields, $varpage, getDolGlobalString('MAIN_CHECKBOX_LEFT_COLUMN', '')) : ''); // This also change content of $arrayfields
$selectedfields .= (count($arrayofmassactions) ? $form->showCheckAddButtons('checkforselect', 1) : '');
print '<div class="div-table-responsive">'; // You can use div-table-responsive-no-min if you dont need reserved height for your table
print '<table class="tagtable nobottomiftotal liste'.($moreforfilter ? " listwithfilterbefore" : "").'">'."\n";
// Line for filters fields
// Fields title search
// --------------------------------------------------------------------
print '<tr class="liste_titre_filter">';
// Action column
if (getDolGlobalString('MAIN_CHECKBOX_LEFT_COLUMN')) {
print '<td class="liste_titre right">';
print '<td class="liste_titre center maxwidthsearch">';
$searchpicto = $form->showFilterButtons('left');
print $searchpicto;
print '</td>';
@ -423,7 +493,7 @@ include DOL_DOCUMENT_ROOT.'/core/tpl/extrafields_list_search_input.tpl.php';
// Fields from hook
$parameters = array('arrayfields'=>$arrayfields);
$reshook = $hookmanager->executeHooks('printFieldListOption', $parameters); // Note that $action and $object may have been modified by hook
$reshook = $hookmanager->executeHooks('printFieldListOption', $parameters, $object, $action); // Note that $action and $object may have been modified by hook
print $hookmanager->resPrint;
// Date creation
if (!empty($arrayfields['c.datec']['checked'])) {
@ -438,55 +508,71 @@ if (!empty($arrayfields['c.tms']['checked'])) {
// Action column
if (!getDolGlobalString('MAIN_CHECKBOX_LEFT_COLUMN')) {
print '<td class="liste_titre right">';
print '<td class="liste_titre center maxwidthsearch">';
$searchpicto = $form->showFilterButtons();
print $searchpicto;
print '</td>';
}
print "</tr>\n";
print '</tr>'."\n";
$totalarray = array();
$totalarray['nbfield'] = 0;
// Fields title label
// --------------------------------------------------------------------
print '<tr class="liste_titre">';
// Action column
if (getDolGlobalString('MAIN_CHECKBOX_LEFT_COLUMN')) {
print_liste_field_titre($selectedfields, $_SERVER["PHP_SELF"], '', '', '', 'align="center"', $sortfield, $sortorder, 'maxwidthsearch ');
$totalarray['nbfield']++;
}
if (!empty($arrayfields['d.ref']['checked'])) {
print_liste_field_titre($arrayfields['d.ref']['label'], $_SERVER["PHP_SELF"], "c.rowid", $param, "", "", $sortfield, $sortorder);
$totalarray['nbfield']++;
}
if (!empty($arrayfields['d.fk_type']['checked'])) {
print_liste_field_titre($arrayfields['d.fk_type']['label'], $_SERVER["PHP_SELF"], "c.fk_type", $param, "", "", $sortfield, $sortorder);
$totalarray['nbfield']++;
}
if (!empty($arrayfields['d.lastname']['checked'])) {
print_liste_field_titre($arrayfields['d.lastname']['label'], $_SERVER["PHP_SELF"], "d.lastname", $param, "", "", $sortfield, $sortorder);
$totalarray['nbfield']++;
}
if (!empty($arrayfields['d.firstname']['checked'])) {
print_liste_field_titre($arrayfields['d.firstname']['label'], $_SERVER["PHP_SELF"], "d.firstname", $param, "", "", $sortfield, $sortorder);
$totalarray['nbfield']++;
}
if (!empty($arrayfields['d.login']['checked'])) {
print_liste_field_titre($arrayfields['d.login']['label'], $_SERVER["PHP_SELF"], "d.login", $param, "", "", $sortfield, $sortorder);
$totalarray['nbfield']++;
}
if (!empty($arrayfields['t.libelle']['checked'])) {
print_liste_field_titre($arrayfields['t.libelle']['label'], $_SERVER["PHP_SELF"], "c.note", $param, "", '', $sortfield, $sortorder);
$totalarray['nbfield']++;
}
if (!empty($arrayfields['d.bank']['checked'])) {
print_liste_field_titre($arrayfields['d.bank']['label'], $_SERVER["PHP_SELF"], "b.fk_account", $param, "", "", $sortfield, $sortorder);
$totalarray['nbfield']++;
}
if (!empty($arrayfields['c.dateadh']['checked'])) {
print_liste_field_titre($arrayfields['c.dateadh']['label'], $_SERVER["PHP_SELF"], "c.dateadh", $param, "", '', $sortfield, $sortorder, 'center nowraponall ');
$totalarray['nbfield']++;
}
if (!empty($arrayfields['c.datef']['checked'])) {
print_liste_field_titre($arrayfields['c.datef']['label'], $_SERVER["PHP_SELF"], "c.datef", $param, "", '', $sortfield, $sortorder, 'center nowraponall ');
$totalarray['nbfield']++;
}
if (!empty($arrayfields['d.amount']['checked'])) {
print_liste_field_titre($arrayfields['d.amount']['label'], $_SERVER["PHP_SELF"], "c.subscription", $param, "", '', $sortfield, $sortorder, 'right ');
$totalarray['nbfield']++;
}
// Extra fields
include DOL_DOCUMENT_ROOT.'/core/tpl/extrafields_list_search_title.tpl.php';
// Hook fields
$parameters = array('arrayfields'=>$arrayfields, 'param'=>$param, 'sortfield'=>$sortfield, 'sortorder'=>$sortorder);
$reshook = $hookmanager->executeHooks('printFieldListTitle', $parameters); // Note that $action and $object may have been modified by hook
$parameters = array('arrayfields'=>$arrayfields, 'param'=>$param, 'sortfield'=>$sortfield, 'sortorder'=>$sortorder, 'totalarray'=>&$totalarray);
$reshook = $hookmanager->executeHooks('printFieldListTitle', $parameters, $object, $action); // Note that $action and $object may have been modified by hook
print $hookmanager->resPrint;
if (!empty($arrayfields['c.datec']['checked'])) {
print_liste_field_titre($arrayfields['c.datec']['label'], $_SERVER["PHP_SELF"], "c.datec", "", $param, 'align="center" class="nowrap"', $sortfield, $sortorder);
@ -494,17 +580,25 @@ if (!empty($arrayfields['c.datec']['checked'])) {
if (!empty($arrayfields['c.tms']['checked'])) {
print_liste_field_titre($arrayfields['c.tms']['label'], $_SERVER["PHP_SELF"], "c.tms", "", $param, 'align="center" class="nowrap"', $sortfield, $sortorder);
}
// Action column
if (!getDolGlobalString('MAIN_CHECKBOX_LEFT_COLUMN')) {
print_liste_field_titre($selectedfields, $_SERVER["PHP_SELF"], '', '', '', 'align="center"', $sortfield, $sortorder, 'maxwidthsearch ');
print getTitleFieldOfList($selectedfields, 0, $_SERVER["PHP_SELF"], '', '', '', '', $sortfield, $sortorder, 'center maxwidthsearch ')."\n";
$totalarray['nbfield']++;
}
print "</tr>\n";
print '</tr>'."\n";
// Loop on record
// --------------------------------------------------------------------
$i = 0;
$savnbfield = $totalarray['nbfield'];
$totalarray = array();
$totalarray['nbfield'] = 0;
$imaxinloop = ($limit ? min($num, $limit) : $num);
while ($i < $imaxinloop) {
$obj = $db->fetch_object($result);
$obj = $db->fetch_object($resql);
if (empty($obj)) {
break; // Should not happen
}
$subscription->ref = $obj->crowid;
$subscription->id = $obj->crowid;
@ -532,9 +626,16 @@ while ($i < $imaxinloop) {
if ($mode == 'kanban') {
if ($i == 0) {
print '<tr><td colspan="12">';
print '<tr><td colspan="'.$savnbfield.'">';
print '<div class="box-flex-container kanban">';
}
// Output Kanban
if ($massactionbutton || $massaction) { // If we are in select mode (massactionbutton defined) or if we have already selected and sent an action ($massaction) defined
$selected = 0;
if (in_array($object->id, $arrayofselected)) {
$selected = 1;
}
}
//fetch informations needs on this mode
$subscription->fk_adherent = $adherent->getNomUrl(1);
@ -552,10 +653,12 @@ while ($i < $imaxinloop) {
print '</td></tr>';
}
} else {
print '<tr class="oddeven">';
// Show here line of result
$j = 0;
print '<tr data-rowid="'.$object->id.'" class="oddeven">';
// Action column
if (getDolGlobalString('MAIN_CHECKBOX_LEFT_COLUMN')) {
print '<td class="center">';
print '<td class="nowrap center">';
if ($massactionbutton || $massaction) { // If we are in select mode (massactionbutton defined) or if we have already selected and sent an action ($massaction) defined
$selected = 0;
if (in_array($obj->crowid, $arrayofselected)) {
@ -690,7 +793,7 @@ while ($i < $imaxinloop) {
}
// Action column
if (!getDolGlobalString('MAIN_CHECKBOX_LEFT_COLUMN')) {
print '<td class="center">';
print '<td class="nowrap center">';
if ($massactionbutton || $massaction) { // If we are in select mode (massactionbutton defined) or if we have already selected and sent an action ($massaction) defined
$selected = 0;
if (in_array($obj->crowid, $arrayofselected)) {
@ -703,7 +806,8 @@ while ($i < $imaxinloop) {
$totalarray['nbfield']++;
}
}
print "</tr>\n";
print '</tr>'."\n";
}
$i++;
}
@ -720,19 +824,19 @@ if ($num == 0) {
$colspan++;
}
}
print '<tr><td colspan="'.$colspan.'" class="opacitymedium">'.$langs->trans("NoRecordFound").'</td></tr>';
print '<tr><td colspan="'.$colspan.'"><span class="opacitymedium">'.$langs->trans("NoRecordFound").'</span></td></tr>';
}
$db->free($resql);
$parameters = array('sql' => $sql);
$reshook = $hookmanager->executeHooks('printFieldListFooter', $parameters); // Note that $action and $object may have been modified by hook
$parameters = array('arrayfields'=>$arrayfields, 'sql' => $sql);
$reshook = $hookmanager->executeHooks('printFieldListFooter', $parameters, $object, $action); // Note that $action and $object may have been modified by hook
print $hookmanager->resPrint;
print "</table>";
print '</div>';
print '</form>';
print '</table>'."\n";
print '</div>'."\n";
print '</form>'."\n";
// End of page
llxFooter();

72
htdocs/adherents/type.php
View File

@ -433,7 +433,7 @@ if ($action == 'create') {
print $form->selectarray("morphy", $morphys, GETPOSTISSET("morphy") ? GETPOST("morphy", 'aZ09') : 'morphy');
print "</td></tr>";
print '<tr><td>'.$langs->trans("SubscriptionRequired").'</td><td>';
print '<tr><td>'.$form->textwithpicto($langs->trans("SubscriptionRequired"), $langs->trans("SubscriptionRequiredDesc")).'</td><td>';
print $form->selectyesno("subscription", 1, 1);
print '</td></tr>';
@ -509,7 +509,7 @@ if ($rowid > 0) {
print '<tr><td>'.$langs->trans("MembersNature").'</td><td class="valeur" >'.$object->getmorphylib($object->morphy).'</td>';
print '</tr>';
print '<tr><td class="titlefield">'.$langs->trans("SubscriptionRequired").'</td><td>';
print '<tr><td>'.$form->textwithpicto($langs->trans("SubscriptionRequired"), $langs->trans("SubscriptionRequiredDesc")).'</td><td>';
print yn($object->subscription);
print '</tr>';
@ -585,6 +585,9 @@ if ($rowid > 0) {
$sql .= " d.datefin,";
$sql .= " d.email, d.fk_adherent_type as type_id, d.morphy, d.statut as status,";
$sql .= " t.libelle as type, t.subscription, t.amount";
$sqlfields = $sql; // $sql fields to remove for count total
$sql .= " FROM ".MAIN_DB_PREFIX."adherent as d, ".MAIN_DB_PREFIX."adherent_type as t";
$sql .= " WHERE d.fk_adherent_type = t.rowid ";
$sql .= " AND d.entity IN (".getEntity('adherent').")";
@ -616,24 +619,32 @@ if ($rowid > 0) {
$sql .= " AND (datefin < '".$db->idate($now)."' AND t.subscription = 1)";
}
$sql .= " ".$db->order($sortfield, $sortorder);
// Count total nb of records
$nbtotalofrecords = '';
if (empty($conf->global->MAIN_DISABLE_FULL_SCANLIST)) {
$resql = $db->query($sql);
/* The fast and low memory method to get and count full list converts the sql into a sql count */
$sqlforcount = preg_replace('/^'.preg_quote($sqlfields, '/').'/', 'SELECT COUNT(*) as nbtotalofrecords', $sql);
$sqlforcount = preg_replace('/GROUP BY .*$/', '', $sqlforcount);
$resql = $db->query($sqlforcount);
if ($resql) {
$nbtotalofrecords = $db->num_rows($result);
$objforcount = $db->fetch_object($resql);
$nbtotalofrecords = $objforcount->nbtotalofrecords;
} else {
dol_print_error($db);
}
if (($page * $limit) > $nbtotalofrecords) { // if total resultset is smaller then paging size (filtering), goto and load page 0
if (($page * $limit) > $nbtotalofrecords) { // if total resultset is smaller than the paging size (filtering), goto and load page 0
$page = 0;
$offset = 0;
}
$db->free($resql);
}
$sql .= " ".$db->plimit($conf->liste_limit + 1, $offset);
// Complete request and execute it with limit
$sql .= $db->order($sortfield, $sortorder);
if ($limit) {
$sql .= $db->plimit($limit + 1, $offset);
}
$resql = $db->query($sql);
if ($resql) {
@ -668,6 +679,15 @@ if ($rowid > 0) {
}
$param = "&rowid=".urlencode($object->id);
if (!empty($mode)) {
$param .= '&mode='.urlencode($mode);
}
if (!empty($contextpage) && $contextpage != $_SERVER["PHP_SELF"]) {
$param .= '&contextpage='.urlencode($contextpage);
}
if ($limit > 0 && $limit != $conf->liste_limit) {
$param .= '&limit='.((int) $limit);
}
if (!empty($status)) {
$param .= "&status=".urlencode($status);
}
@ -691,12 +711,11 @@ if ($rowid > 0) {
print $langs->trans("Filter")." (".$langs->trans("Lastname").", ".$langs->trans("Firstname").", ".$langs->trans("EMail").", ".$langs->trans("Address")." ".$langs->trans("or")." ".$langs->trans("Town")."): ".$sall;
}
print '<form method="POST" action="'.$_SERVER["PHP_SELF"].'">';
print '<form method="POST" id="searchFormList" action="'.$_SERVER["PHP_SELF"].'" name="formfilter" autocomplete="off">';
print '<input type="hidden" name="token" value="'.newToken().'">';
print '<input class="flat" type="hidden" name="rowid" value="'.$object->id.'" size="12"></td>';
print '<input class="flat" type="hidden" name="rowid" value="'.$object->id.'"></td>';
print '<br>';
print_barre_liste('', $page, $_SERVER["PHP_SELF"], $param, $sortfield, $sortorder, '', $num, $nbtotalofrecords);
print_barre_liste('', $page, $_SERVER["PHP_SELF"], $param, $sortfield, $sortorder, '', $num, $nbtotalofrecords, 'generic', 0, '', '', $limit);
$moreforfilter = '';
@ -706,24 +725,35 @@ if ($rowid > 0) {
// Fields title search
print '<tr class="liste_titre_filter">';
print '<td class="liste_titre left">';
print '<input class="flat" type="text" name="search_lastname" value="'.dol_escape_htmltag($search_lastname).'" size="12"></td>';
if (getDolGlobalString('MAIN_CHECKBOX_LEFT_COLUMN')) {
print '<td class="liste_titre center maxwidthsearch">';
$searchpicto = $form->showFilterButtons('left');
print $searchpicto;
print '</td>';
}
print '<td class="liste_titre left">';
print '<input class="flat" type="text" name="search_login" value="'.dol_escape_htmltag($search_login).'" size="7"></td>';
print '<input class="flat maxwidth100" type="text" name="search_lastname" value="'.dol_escape_htmltag($search_lastname).'"></td>';
print '<td class="liste_titre left">';
print '<input class="flat maxwidth100" type="text" name="search_login" value="'.dol_escape_htmltag($search_login).'"></td>';
print '<td class="liste_titre">&nbsp;</td>';
print '<td class="liste_titre left">';
print '<input class="flat" type="text" name="search_email" value="'.dol_escape_htmltag($search_email).'" size="12"></td>';
print '<input class="flat maxwidth100" type="text" name="search_email" value="'.dol_escape_htmltag($search_email).'"></td>';
print '<td class="liste_titre">&nbsp;</td>';
print '<td class="liste_titre right" colspan="2">';
print '<input type="image" class="liste_titre" src="'.DOL_URL_ROOT.'/theme/'.$conf->theme.'/img/search.png" name="button_search" value="'.dol_escape_htmltag($langs->trans("Search")).'" title="'.dol_escape_htmltag($langs->trans("Search")).'">';
print '&nbsp; ';
print '<input type="image" class="liste_titre" src="'.DOL_URL_ROOT.'/theme/'.$conf->theme.'/img/searchclear.png" name="button_removefilter" value="'.dol_escape_htmltag($langs->trans("RemoveFilter")).'" title="'.dol_escape_htmltag($langs->trans("RemoveFilter")).'">';
print '</td>';
print '<td class="liste_titre">&nbsp;</td>';
if (!getDolGlobalString('MAIN_CHECKBOX_LEFT_COLUMN')) {
print '<td class="liste_titre center nowraponall">';
print '<input type="image" class="liste_titre" src="'.DOL_URL_ROOT.'/theme/'.$conf->theme.'/img/search.png" name="button_search" value="'.dol_escape_htmltag($langs->trans("Search")).'" title="'.dol_escape_htmltag($langs->trans("Search")).'">';
print '&nbsp; ';
print '<input type="image" class="liste_titre" src="'.DOL_URL_ROOT.'/theme/'.$conf->theme.'/img/searchclear.png" name="button_removefilter" value="'.dol_escape_htmltag($langs->trans("RemoveFilter")).'" title="'.dol_escape_htmltag($langs->trans("RemoveFilter")).'">';
print '</td>';
}
print "</tr>\n";

10
htdocs/admin/emailcollector_card.php
View File

@ -684,18 +684,18 @@ if ($object->id > 0 && (empty($action) || ($action != 'edit' && $action != 'crea
print '</table>';
print '</div>';
print '<div class="clearboth"></div><br>';
print '<div class="clearboth"></div><br><br>';
// Operations
print '<div class="div-table-responsive">';
print '<table id="tablelines" class="noborder margintable noshadow">';
print '<div class="div-table-responsive-no-min">';
print '<table id="tablelines" class="noborder noshadow">';
print '<tr class="liste_titre nodrag nodrop">';
print '<td>'.img_picto('', 'technic', 'class="pictofixedwidth"').$form->textwithpicto($langs->trans("EmailcollectorOperations"), $langs->trans("EmailcollectorOperationsDesc")).'</td><td></td><td></td><td></td>';
print '</tr>';
$arrayoftypes = array(
'loadthirdparty' => $langs->trans('LoadThirdPartyFromName', $langs->transnoentities("ThirdPartyName")),
'loadandcreatethirdparty' => $langs->trans('LoadThirdPartyFromNameOrCreate', $langs->transnoentities("ThirdPartyName")),
'loadthirdparty' => $langs->trans('LoadThirdPartyFromName', $langs->transnoentities("ThirdPartyName").'/'.$langs->transnoentities("AliasNameShort").'/'.$langs->transnoentities("Email").'/'.$langs->transnoentities("ID")),
'loadandcreatethirdparty' => $langs->trans('LoadThirdPartyFromNameOrCreate', $langs->transnoentities("ThirdPartyName").'/'.$langs->transnoentities("AliasNameShort").'/'.$langs->transnoentities("Email").'/'.$langs->transnoentities("ID")),
'recordjoinpiece' => 'AttachJoinedDocumentsToObject',
'recordevent' => 'RecordEvent'
);

2
htdocs/admin/emailcollector_list.php
View File

@ -597,7 +597,7 @@ while ($i < $imaxinloop) {
if (!empty($arrayfields['t.'.$key]['checked'])) {
print '<td'.($cssforfield ? ' class="'.$cssforfield.(preg_match('/tdoverflow/', $cssforfield) ? ' classfortooltip' : '').'"' : '');
if (preg_match('/tdoverflow/', $cssforfield)) {
if (preg_match('/tdoverflow/', $cssforfield) && !is_numeric($object->$key)) {
print ' title="'.dol_escape_htmltag($object->$key).'"';
}
print '>';

5
htdocs/admin/mails.php
View File

@ -924,7 +924,7 @@ if ($action == 'edit') {
print '<a class="butAction" href="'.$_SERVER["PHP_SELF"].'?action=testconnect&date='.dol_now().'#formmailaftertstconnect">'.$langs->trans("DoTestServerAvailability").'</a>';
}
} else {
print '<a class="butActionRefused classfortooltip" href="#" title="'.$langs->trans("FeatureNotAvailableOnLinux").'">'.$langs->trans("DoTestServerAvailability").'</a>';
//print '<a class="butActionRefused classfortooltip" href="#" title="'.$langs->trans("FeatureNotAvailableOnLinux").'">'.$langs->trans("DoTestServerAvailability").'</a>';
}
print '<a class="butAction" href="'.$_SERVER["PHP_SELF"].'?action=test&mode=init#formmailbeforetitle">'.$langs->trans("DoTestSend").'</a>';
@ -1028,7 +1028,7 @@ if ($action == 'edit') {
print '<div id="formmailbeforetitle" name="formmailbeforetitle"></div>';
print load_fiche_titre($action == 'testhtml' ? $langs->trans("DoTestSendHTML") : $langs->trans("DoTestSend"));
print dol_get_fiche_head('');
print dol_get_fiche_head(array(), '', '', -1);
// Cree l'objet formulaire mail
include_once DOL_DOCUMENT_ROOT.'/core/class/html.formmail.class.php';
@ -1073,6 +1073,7 @@ if ($action == 'edit') {
print dol_get_fiche_end();
// References
print '<br><br>';
print '<span class="opacitymedium">'.$langs->trans("EMailsWillHaveMessageID").': ';
print dol_escape_htmltag('<timestamp.*@'.dol_getprefix('email').'>');
print '</span>';

2
htdocs/admin/mails_senderprofile_list.php
View File

@ -670,7 +670,7 @@ if ($num == 0) {
$colspan++;
}
}
print '<tr><td colspan="'.$colspan.'" class="opacitymedium">'.$langs->trans("NoRecordFound").'</td></tr>';
print '<tr><td colspan="'.$colspan.'"><span class="opacitymedium">'.$langs->trans("NoRecordFound").'</span></td></tr>';
}

7
htdocs/admin/modules.php
View File

@ -4,7 +4,7 @@
* Copyright (C) 2004-2017 Laurent Destailleur <eldy@users.sourceforge.net>
* Copyright (C) 2004 Eric Seigne <eric.seigne@ryxeo.com>
* Copyright (C) 2005-2017 Regis Houssin <regis.houssin@inodbox.com>
* Copyright (C) 2011 Juanjo Menent <jmenent@2byte.es>
* Copyright (C) 2011-2023 Juanjo Menent <jmenent@2byte.es>
* Copyright (C) 2015 Jean-François Ferry <jfefe@aternatik.fr>
* Copyright (C) 2015 Raphaël Doursenaud <rdoursenaud@gpcsolutions.fr>
* Copyright (C) 2018 Nicolas ZABOURI <info@inovea-conseil.com>
@ -230,7 +230,10 @@ if ($action == 'install') {
// Now we install the module
if (!$error) {
@dol_delete_dir_recursive($dirins.'/'.$modulenameval); // delete the target directory
$submodulenamedir = $conf->admin->dir_temp.'/'.$tmpdir.'/htdocs/'.$modulenameval;
$submodulenamedir = $conf->admin->dir_temp.'/'.$tmpdir.'/'.$modulenameval;
if (!dol_is_dir($modulenamedir)) {
$submodulenamedir = $conf->admin->dir_temp.'/'.$tmpdir.'/htdocs/'.$modulenameval;
}
dol_syslog("We copy now directory ".$submodulenamedir." into target dir ".$dirins.'/'.$modulenameval);
$result = dolCopyDir($submodulenamedir, $dirins.'/'.$modulenameval, '0444', 1);
if ($result <= 0) {

4
htdocs/admin/system/browser.php
View File

@ -1,5 +1,5 @@
<?php
/* Copyright (C) 2005-2012 Laurent Destailleur <eldy@users.sourceforge.net>
/* Copyright (C) 2005-2023 Laurent Destailleur <eldy@users.sourceforge.net>
* Copyright (C) 2007 Rodolphe Quiedeville <rodolphe@quiedeville.org>
* Copyright (C) 2007-2012 Regis Houssin <regis.houssin@inodbox.com>
*
@ -65,7 +65,7 @@ if (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {
}
print '</td></tr>'."\n";
print '<tr class="oddeven"><td width="300">'.$langs->trans("SessionName").'</td><td colspan="2">'.session_name().'</td></tr>'."\n";
print '<tr class="oddeven"><td width="300">'.$langs->trans("SessionId").'</td><td colspan="2">'.session_id().'</td></tr>'."\n";
print '<tr class="oddeven"><td width="300">'.$langs->trans("SessionId").'</td><td colspan="2">********</td></tr>'."\n";
print '<tr class="oddeven"><td width="300">'.$langs->trans("Screen").'</td><td colspan="2">';
print $_SESSION['dol_screenwidth'].' x '.$_SESSION['dol_screenheight'];

31
htdocs/admin/system/security.php
View File

@ -241,14 +241,41 @@ print '<br>';
print '<br>';
$installlock = DOL_DATA_ROOT.'/install.lock';
$upgradeunlock = DOL_DATA_ROOT.'/upgrade.unlock';
$installmoduleslock = DOL_DATA_ROOT.'/installmodules.lock';
// Is install (upgrade) locked
print '<strong>'.$langs->trans("DolibarrSetup").'</strong>: ';
if (file_exists($installlock)) {
print img_picto('', 'tick').' '.$langs->trans("InstallAndUpgradeLockedBy", $installlock);
if (file_exists($upgradeunlock)) {
print img_picto('', 'tick').' '.$langs->trans("InstallLockedBy", $installlock);
} else {
print img_picto('', 'tick').' '.$langs->trans("InstallAndUpgradeLockedBy", $installlock);
}
} else {
print img_warning().' '.$langs->trans("WarningLockFileDoesNotExists", DOL_DATA_ROOT);
}
print '<br>';
// Is upgrade unlocked
if (file_exists($installlock)) { // If install not locked, no need to show this.
if (file_exists($upgradeunlock)) {
print '<strong>'.$langs->trans("DolibarrUpgrade").'</strong>: ';
print img_warning().' '.$langs->trans("UpgradeHasBeenUnlocked", $upgradeunlock);
print '<br>';
}
}
// Is addon install locked ?
print '<strong>'.$langs->trans("DolibarrAddonInstall").'</strong>: ';
if (file_exists($installmoduleslock)) {
print img_picto('', 'tick').' '.$langs->trans("InstallAndUpgradeLockedBy", $installmoduleslock);
} else {
print $langs->trans("InstallOfAddonIsNotBlocked", DOL_DATA_ROOT);
}
print '<br>';
// File conf.php
@ -286,7 +313,7 @@ if (empty($dolibarr_main_restrict_os_commands)) {
} else {
print $dolibarr_main_restrict_os_commands;
}
print ' <span class="opacitymedium">('.$langs->trans("RecommendedValueIs", 'mysqldump, mysql, pg_dump, pgrestore').')</span>';
print ' <span class="opacitymedium">('.$langs->trans("RecommendedValueIs", 'mysqldump, mysql, pg_dump, pgrestore, clamdscan').')</span>';
print '<br>';
if (empty($conf->global->SECURITY_DISABLE_TEST_ON_OBFUSCATED_CONF)) {

14
htdocs/admin/ticket_public.php
View File

@ -379,6 +379,20 @@ if (!empty($conf->global->TICKET_ENABLE_PUBLIC_INTERFACE)) {
print '</td>';
print '</tr>';
// Show progression
print '<tr class="oddeven"><td>'.$langs->trans("TicketsShowProgression").'</td>';
print '<td class="left">';
if (empty(getDolGlobalInt('TICKET_SHOW_PROGRESSION'))) {
print '<a href="' . $_SERVER['PHP_SELF'] . '?action=set_TICKET_SHOW_PROGRESSION">' . img_picto($langs->trans('Disabled'), 'switch_off') . '</a>';
} else {
print '<a href="' . $_SERVER['PHP_SELF'] . '?action=del_TICKET_SHOW_PROGRESSION">' . img_picto($langs->trans('Enabled'), 'switch_on') . '</a>';
}
print '</td>';
print '<td class="center width75">';
print $form->textwithpicto('', $langs->trans("TicketsShowProgressionHelp"), 1, 'help');
print '</td>';
print '</tr>';
// Also send to main email address
if ($conf->global->MAIN_FEATURES_LEVEL >= 2) {
print '<tr class="oddeven"><td>'.$langs->trans("TicketsEmailAlsoSendToMainAddress").'</td>';

30
htdocs/admin/tools/dolibarr_export.php
View File

@ -163,13 +163,13 @@ $title = $langs->trans("BackupDumpWizard");
print load_fiche_titre($title);
print '<table class="liste nohover centpercent noborderbottom">';
print '<tr class="liste_titre">';
print '<td class="liste_titre">';
print $langs->trans("DatabaseName").' : <b>'.$dolibarr_main_db_name.'</b><br>';
print '</td>';
print '</tr>';
print '<tr class="oddeven nohover"><td class="nohover">';
//print '<table class="liste nohover centpercent noborderbottom">';
//print '<tr class="liste_titre">';
//print '<td class="liste_titre">';
print '<span class="opacitymedium">'.$langs->trans("DatabaseName").' : </span><b>'.$dolibarr_main_db_name.'</b><br><br>';
//print '</td>';
//print '</tr>';
//print '<tr class="oddeven nohover"><td class="nohover">';
print '<table class="centpercent noborderbottom">';
@ -589,8 +589,8 @@ if (!empty($_SESSION["commandbackuptorun"])) {
print "</div> <!-- end div center button -->\n";
print '</td></tr>';
print '</table>';
//print '</td></tr>';
//print '</table>';
print "</div> <!-- end div fichehalfleft -->\n";
@ -598,7 +598,7 @@ print "</div> <!-- end div fichehalfleft -->\n";
print '<div id="backupdatabaseright" class="fichehalfright">';
$filearray = dol_dir_list($conf->admin->dir_output.'/backup', 'files', 0, '', '', $sortfield, (strtolower($sortorder) == 'asc' ?SORT_ASC:SORT_DESC), 1);
$result = $formfile->list_of_documents($filearray, null, 'systemtools', '', 1, 'backup/', 1, 0, $langs->trans("NoBackupFileAvailable"), 0, $langs->trans("PreviousDumpFiles"), '', 0, -1, '', '', 'ASC', 1, 0, -1, 'style="height:480px; overflow: auto;"');
$result = $formfile->list_of_documents($filearray, null, 'systemtools', '', 1, 'backup/', 1, 0, $langs->trans("NoBackupFileAvailable"), 0, $langs->trans("PreviousDumpFiles"), '', 0, -1, '', '', 'ASC', 1, 0, -1, 'style="height:250px; overflow: auto;"');
print '<br>';
print '</div>';
@ -652,12 +652,12 @@ foreach ($filecompression as $key => $val) {
if ($key == 'gz') {
$checked = ' checked';
}
print '<input type="radio" name="compression" value="'.$key.'" id="'.$val['id'].'"'.$checked.'>';
print ' <label for="'.$val['id'].'">'.$val['label'].'</label>';
print '<input type="radio" name="compression" value="'.$key.'" id="'.$val['id'].'2"'.$checked.'>';
print ' <label for="'.$val['id'].'2">'.$val['label'].'</label>';
} else // Disabled export format
{
print '<input type="radio" name="compression" value="'.$key.'" id="'.$val['id'].'" disabled>';
print ' <label for="'.$val['id'].'">'.$val['label'].'</label>';
print '<input type="radio" name="compression" value="'.$key.'" id="'.$val['id'].'2" disabled>';
print ' <label for="'.$val['id'].'2">'.$val['label'].'</label>';
print ' <span class="opacitymedium">('.$langs->trans("NotAvailable").')</span>';
}
print ' &nbsp; &nbsp; ';
@ -686,6 +686,8 @@ print '</div>';
print '</fieldset>';
print '</form>';
print '<br>';
// End of page
llxFooter();
$db->close();

14
htdocs/asset/class/asset.class.php
View File

@ -162,20 +162,6 @@ class Asset extends CommonObject
*/
public $oldcopy;
// /**
// * @var string Field with ID of parent key if this object has a parent
// */
// public $fk_element = 'fk_asset';
// /**
// * @var array List of child tables. To test if we can delete object.
// */
// protected $childtables = array();
// /**
// * @var array List of child tables. To know object to delete on cascade.
// * If name matches '@ClassNAme:FilePathClass;ParentFkFieldName' it will
// * call method deleteByParentField(parentId, ParentFkFieldName) to fetch and delete child object
// */
// protected $childtablesoncascade = array('asset_assetdet');
/**
* @var AssetDepreciationOptions Used for computed fields of depreciation options class.

2
htdocs/asset/list.php
View File

@ -639,7 +639,7 @@ if ($num == 0) {
$colspan++;
}
}
print '<tr><td colspan="'.$colspan.'" class="opacitymedium">'.$langs->trans("NoRecordFound").'</td></tr>';
print '<tr><td colspan="'.$colspan.'"><span class="opacitymedium">'.$langs->trans("NoRecordFound").'</span></td></tr>';
}

11
htdocs/blockedlog/class/authority.class.php
View File

@ -20,6 +20,11 @@
*/
class BlockedLogAuthority
{
/**
* DoliDB
* @var DoliDB
*/
public $db;
/**
* Id of the log
@ -45,6 +50,12 @@ class BlockedLogAuthority
*/
public $tms = 0;
/**
* Error message
* @var string
*/
public $error;
/**
* Constructor
*

2
htdocs/bom/bom_agenda.php
View File

@ -92,7 +92,7 @@ if ($id > 0 || !empty($ref)) {
//if ($user->socid > 0) accessforbidden();
//if ($user->socid > 0) $socid = $user->socid;
$isdraft = (($object->status == $object::STATUS_DRAFT) ? 1 : 0);
restrictedArea($user, 'bom', $object->id, 'bom_bom', '', '', 'rowid', $isdraft);
restrictedArea($user, 'bom', $object->id, $object->table_element, '', '', 'rowid', $isdraft);
/*

2
htdocs/bom/bom_card.php
View File

@ -84,7 +84,7 @@ if ($object->id > 0) {
//if ($user->socid > 0) accessforbidden();
//if ($user->socid > 0) $socid = $user->socid;
$isdraft = (($object->status == $object::STATUS_DRAFT) ? 1 : 0);
$result = restrictedArea($user, 'bom', $object->id, 'bom_bom', '', '', 'rowid', $isdraft);
$result = restrictedArea($user, 'bom', $object->id, $object->table_element, '', '', 'rowid', $isdraft);
// Permissions
$permissionnote = $user->hasRight('bom', 'write'); // Used by the include of actions_setnotes.inc.php

2
htdocs/bom/bom_document.php
View File

@ -83,7 +83,7 @@ if ($id > 0 || !empty($ref)) {
//if ($user->socid > 0) accessforbidden();
//if ($user->socid > 0) $socid = $user->socid;
$isdraft = (($object->status == $object::STATUS_DRAFT) ? 1 : 0);
restrictedArea($user, 'bom', $object->id, 'bom_bom', '', '', 'rowid', $isdraft);
restrictedArea($user, 'bom', $object->id, $object->table_element, '', '', 'rowid', $isdraft);
$permissiontoadd = $user->hasRight('bom', 'write'); // Used by the include of actions_addupdatedelete.inc.php and actions_linkedfiles.inc.php

4
htdocs/bom/bom_list.php
View File

@ -728,8 +728,8 @@ while ($i < $imaxinloop) {
}
if (!empty($arrayfields['t.'.$key]['checked'])) {
print '<td'.($cssforfield ? ' class="'.$cssforfield.'"' : '');
if (preg_match('/tdoverflow/', $cssforfield)) {
print '<td'.($cssforfield ? ' class="'.$cssforfield.(preg_match('/tdoverflow/', $cssforfield) ? ' classfortooltip' : '').'"' : '');
if (preg_match('/tdoverflow/', $cssforfield) && !is_numeric($object->$key)) {
print ' title="'.dol_escape_htmltag($object->$key).'"';
}
print '>';

2
htdocs/bom/bom_net_needs.php
View File

@ -81,7 +81,7 @@ if ($object->id > 0) {
//if ($user->socid > 0) accessforbidden();
//if ($user->socid > 0) $socid = $user->socid;
$isdraft = (($object->status == $object::STATUS_DRAFT) ? 1 : 0);
$result = restrictedArea($user, 'bom', $object->id, 'bom_bom', '', '', 'rowid', $isdraft);
$result = restrictedArea($user, 'bom', $object->id, $object->table_element, '', '', 'rowid', $isdraft);
// Permissions
$permissionnote = $user->hasRight('bom', 'write'); // Used by the include of actions_setnotes.inc.php

2
htdocs/bom/bom_note.php
View File

@ -67,7 +67,7 @@ $permissionnote = $user->hasRight('bom', 'write'); // Used by the include of act
//if ($user->socid > 0) accessforbidden();
//if ($user->socid > 0) $socid = $user->socid;
$isdraft = (($object->status == $object::STATUS_DRAFT) ? 1 : 0);
restrictedArea($user, 'bom', $object->id, 'bom_bom', '', '', 'rowid', $isdraft);
restrictedArea($user, 'bom', $object->id, $object->table_element, '', '', 'rowid', $isdraft);
/*

11
htdocs/bom/class/bom.class.php
View File

@ -1131,13 +1131,12 @@ class BOM extends CommonObject
$dataparams = '';
if (getDolGlobalInt('MAIN_ENABLE_AJAX_TOOLTIP')) {
$classfortooltip = 'classforajaxtooltip';
$dataparams = ' data-params='.json_encode($params);
// $label = $langs->trans('Loading');
$dataparams = ' data-params="'.dol_escape_htmltag(json_encode($params)).'"';
$label = '';
} else {
$label = implode($this->getTooltipContentArray($params));
}
$label = implode($this->getTooltipContentArray($params));
$url = DOL_URL_ROOT.'/bom/bom_card.php?id='.$this->id;
if ($option != 'nolink') {
@ -1157,7 +1156,7 @@ class BOM extends CommonObject
$label = $langs->trans("ShowBillOfMaterials");
$linkclose .= ' alt="'.dol_escape_htmltag($label, 1).'"';
}
$linkclose .= ' title="'.dol_escape_htmltag($label, 1).'"';
$linkclose .= ($label ? ' title="'.dol_escape_htmltag($label, 1).'"' : ' title="tocomplete"');
$linkclose .= $dataparams.' class="'.$classfortooltip.($morecss ? ' '.$morecss : '').'"';
} else {
$linkclose = ($morecss ? ' class="'.$morecss.'"' : '');

9
htdocs/bom/tpl/objectline_create.tpl.php
View File

@ -114,17 +114,18 @@ if (isModEnabled("product") || isModEnabled("service")) {
$statustoshow = -1;
if (!empty($conf->global->ENTREPOT_EXTRA_STATUS)) {
// hide products in closed warehouse, but show products for internal transfer
$form->select_produits(GETPOST('idprod', 'int'), (($filtertype == 1) ? 'idprodservice' : 'idprod'), $filtertype, $conf->product->limit_size, $buyer->price_level, $statustoshow, 2, '', 1, array(), $buyer->id, '1', 0, 'maxwidth500', 0, 'warehouseopen,warehouseinternal', GETPOST('combinations', 'array'));
print $form->select_produits(GETPOST('idprod', 'int'), (($filtertype == 1) ? 'idprodservice' : 'idprod'), $filtertype, $conf->product->limit_size, $buyer->price_level, $statustoshow, 2, '', 1, array(), $buyer->id, '1', 0, 'maxwidth500', 0, 'warehouseopen,warehouseinternal', GETPOST('combinations', 'array'), 1);
} else {
$form->select_produits(GETPOST('idprod', 'int'), (($filtertype == 1) ? 'idprodservice' : 'idprod'), $filtertype, $conf->product->limit_size, $buyer->price_level, $statustoshow, 2, '', 1, array(), $buyer->id, '1', 0, 'maxwidth500', 0, '', GETPOST('combinations', 'array'));
print $form->select_produits(GETPOST('idprod', 'int'), (($filtertype == 1) ? 'idprodservice' : 'idprod'), $filtertype, $conf->product->limit_size, $buyer->price_level, $statustoshow, 2, '', 1, array(), $buyer->id, '1', 0, 'maxwidth500', 0, '', GETPOST('combinations', 'array'), 1);
}
$urltocreateproduct = DOL_URL_ROOT.'/product/card.php?action=create&backtopage='.urlencode($_SERVER["PHP_SELF"].'?id='.$object->id);
print '<a href="'.$urltocreateproduct.'"><span class="fa fa-plus-circle valignmiddle paddingleft" title="'.$langs->trans("AddProduct").'"></span></a>';
echo '</span>';
}
if (!empty($conf->global->BOM_SUB_BOM) && $filtertype!=1) {
print '<br><span class="opacitymedium">'.$langs->trans("or").'</span><br>'.$langs->trans("BOM");
// TODO Add component to select a BOM
$form->select_bom();
print $form->select_bom('', 'bom_id', 0, 1, 0, '1', '', 1);
}
if (is_object($objectline)) {

4
htdocs/bookcal/availabilities_list.php
View File

@ -682,8 +682,8 @@ while ($i < $imaxinloop) {
//if (in_array($key, array('fk_soc', 'fk_user', 'fk_warehouse'))) $cssforfield = 'tdoverflowmax100';
if (!empty($arrayfields['t.'.$key]['checked'])) {
print '<td'.($cssforfield ? ' class="'.$cssforfield.'"' : '');
if (preg_match('/tdoverflow/', $cssforfield)) {
print '<td'.($cssforfield ? ' class="'.$cssforfield.(preg_match('/tdoverflow/', $cssforfield) ? ' classfortooltip' : '').'"' : '');
if (preg_match('/tdoverflow/', $cssforfield) && !is_numeric($object->$key)) {
print ' title="'.dol_escape_htmltag($object->$key).'"';
}
print '>';

4
htdocs/bookcal/booking_list.php
View File

@ -682,8 +682,8 @@ while ($i < $imaxinloop) {
//if (in_array($key, array('fk_soc', 'fk_user', 'fk_warehouse'))) $cssforfield = 'tdoverflowmax100';
if (!empty($arrayfields['t.'.$key]['checked'])) {
print '<td'.($cssforfield ? ' class="'.$cssforfield.'"' : '');
if (preg_match('/tdoverflow/', $cssforfield)) {
print '<td'.($cssforfield ? ' class="'.$cssforfield.(preg_match('/tdoverflow/', $cssforfield) ? ' classfortooltip' : '').'"' : '');
if (preg_match('/tdoverflow/', $cssforfield) && !is_numeric($object->$key)) {
print ' title="'.dol_escape_htmltag($object->$key).'"';
}
print '>';

13
htdocs/categories/class/categorie.class.php
View File

@ -1624,6 +1624,8 @@ class Categorie extends CommonObject
{
global $langs;
$langs->load('categories');
$datas = [];
$datas['label'] = $langs->trans("ShowCategory").': '.($this->ref ? $this->ref : $this->label);
@ -1655,10 +1657,11 @@ class Categorie extends CommonObject
$dataparams = '';
if (getDolGlobalInt('MAIN_ENABLE_AJAX_TOOLTIP')) {
$classfortooltip = 'classforajaxtooltip';
$dataparams = ' data-params='.json_encode($params);
// $label = $langs->trans('Loading');
$dataparams = ' data-params="'.dol_escape_htmltag(json_encode($params)).'"';
$label = '';
} else {
$label = implode($this->getTooltipContentArray($params));
}
$label = implode($this->getTooltipContentArray($params));
// Check contrast with background and correct text color
$forced_color = 'categtextwhite';
@ -1668,7 +1671,9 @@ class Categorie extends CommonObject
}
}
$link = '<a href="'.DOL_URL_ROOT.'/categories/viewcat.php?id='.$this->id.'&type='.$this->type.$moreparam.'&backtopage='.urlencode($_SERVER['PHP_SELF'].($moreparam ? '?'.$moreparam : ''));
$link .= '"'.$dataparams.' title="'.dol_escape_htmltag($label, 1).'" class="'.$classfortooltip.' '.$forced_color.'">';
$link .= '"'.$dataparams;
$link .= ($label ? ' title="'.dol_escape_htmltag($label, 1).'"' : ' title="tocomplete"');
$link .= ' class="'.$classfortooltip.' '.$forced_color.'">';
$linkend = '</a>';
$picto = 'category';

7
htdocs/comm/action/card.php
View File

@ -32,7 +32,6 @@
// Load Dolibarr environment
require '../../main.inc.php';
require_once DOL_DOCUMENT_ROOT.'/core/class/extrafields.class.php';
require_once DOL_DOCUMENT_ROOT.'/core/class/html.form.class.php';
require_once DOL_DOCUMENT_ROOT.'/core/class/html.formactions.class.php';
@ -102,8 +101,8 @@ if (GETPOST('datep')) {
// Security check
$socid = GETPOST('socid', 'int');
$id = GETPOST('id', 'int');
if ($user->socid) {
$socid = $user->socid;
if ($user->socid && ($socid != $user->socid)) {
accessforbidden();
}
$error = GETPOST("error");
@ -154,7 +153,7 @@ if (!empty($conf->global->AGENDA_REMINDER_EMAIL)) {
$TDurationTypes = array('y'=>$langs->trans('Years'), 'm'=>$langs->trans('Month'), 'w'=>$langs->trans('Weeks'), 'd'=>$langs->trans('Days'), 'h'=>$langs->trans('Hours'), 'i'=>$langs->trans('Minutes'));
$result = restrictedArea($user, 'agenda', $object->id, 'actioncomm&societe', 'myactions|allactions', 'fk_soc', 'id');
$result = restrictedArea($user, 'agenda', $object, 'actioncomm&societe', 'myactions|allactions', 'fk_soc', 'id');
$usercancreate = $user->hasRight('agenda', 'allactions', 'create') || (($object->authorid == $user->id || $object->userownerid == $user->id) && $user->rights->agenda->myactions->create);

14
htdocs/comm/action/class/actioncomm.class.php
View File

@ -1319,15 +1319,17 @@ class ActionComm extends CommonObject
*/
public function getActions($socid = 0, $fk_element = 0, $elementtype = '', $filter = '', $sortfield = 'a.datep', $sortorder = 'DESC', $limit = 0)
{
global $conf, $langs;
global $conf, $langs, $hookmanager;
$resarray = array();
dol_syslog(get_class()."::getActions", LOG_DEBUG);
require_once DOL_DOCUMENT_ROOT . '/core/class/hookmanager.class.php';
$hookmanager = new HookManager($this->db);
// Initialize technical object to manage hooks of page. Note that conf->hooks_modules contains array of hook context
if (!is_object($hookmanager)) {
include_once DOL_DOCUMENT_ROOT.'/core/class/hookmanager.class.php';
$hookmanager = new HookManager($db);
}
$hookmanager->initHooks(array('agendadao'));
$sql = "SELECT a.id";
@ -1744,8 +1746,8 @@ class ActionComm extends CommonObject
'nofetch' => 1,
];
$classfortooltip = 'classforajaxtooltip';
$dataparams = ' data-params='.json_encode($params);
// $label = $langs->trans('Loading');
$dataparams = ' data-params="'.dol_escape_htmltag(json_encode($params)).'"';
$tooltip = '';
}
//if (!empty($conf->global->AGENDA_USE_EVENT_TYPE) && $this->type_color)
// $linkclose = ' style="background-color:#'.$this->type_color.'"';
@ -1755,7 +1757,7 @@ class ActionComm extends CommonObject
$label = $langs->trans("ShowAction");
$linkclose .= ' alt="'.dol_escape_htmltag($tooltip, 1).'"';
}
$linkclose .= ' title="'.dol_escape_htmltag($tooltip, 1, 0, '', 1).'"';
$linkclose .= ($label ? ' title="'.dol_escape_htmltag($label, 1).'"' : ' title="tocomplete"');
$linkclose .= $dataparams.' class="'.$classname.' '.$classfortooltip.'"';
} else {
$linkclose .= ' class="'.$classname.'"';

50
htdocs/comm/action/index.php
View File

@ -927,6 +927,7 @@ if ($resql) {
}
//var_dump($eventarray);
// BIRTHDATES CALENDAR
// Complete $eventarray with birthdates
if ($showbirthday) {
@ -972,6 +973,8 @@ if ($showbirthday) {
$event->percentage = 100;
$event->fulldayevent = 1;
$event->contact_id = $obj->rowid;
$event->date_start_in_calendar = $db->jdate($event->datep);
$event->date_end_in_calendar = $db->jdate($event->datef);
@ -1000,7 +1003,7 @@ if ($showbirthday) {
}
}
// LEAVE CALENDAR
// LEAVE-HOLIDAY CALENDAR
$sql = "SELECT u.rowid as uid, u.lastname, u.firstname, u.statut, x.rowid, x.date_debut as date_start, x.date_fin as date_end, x.halfday, x.statut as status";
$sql .= " FROM ".MAIN_DB_PREFIX."holiday as x, ".MAIN_DB_PREFIX."user as u";
$sql .= " WHERE u.rowid = x.fk_user";
@ -1012,12 +1015,12 @@ if ($mode == 'show_day') {
$sql .= " AND '".$db->escape($year)."-".$db->escape($month)."-".$db->escape($day)."' BETWEEN x.date_debut AND x.date_fin"; // date_debut and date_fin are date without time
} elseif ($mode == 'show_week') {
// Restrict on current month (we get more, but we will filter later)
$sql .= " AND date_debut < '".dol_get_last_day($year, $month)."'";
$sql .= " AND date_fin >= '".dol_get_first_day($year, $month)."'";
$sql .= " AND date_debut < '".$db->idate(dol_get_last_day($year, $month))."'";
$sql .= " AND date_fin >= '".$db->idate(dol_get_first_day($year, $month))."'";
} elseif ($mode == 'show_month') {
// Restrict on current month
$sql .= " AND date_debut <= '".dol_get_last_day($year, $month)."'";
$sql .= " AND date_fin >= '".dol_get_first_day($year, $month)."'";
$sql .= " AND date_debut <= '".$db->idate(dol_get_last_day($year, $month))."'";
$sql .= " AND date_fin >= '".$db->idate(dol_get_first_day($year, $month))."'";
}
$resql = $db->query($sql);
@ -1800,7 +1803,10 @@ function show_day_events($db, $day, $month, $year, $monthshown, $style, &$eventa
$color = ($event->icalcolor ? $event->icalcolor : -1);
$cssclass = (!empty($event->icalname) ? 'family_ext'.md5($event->icalname) : 'family_other');
} elseif ($event->type_code == 'BIRTHDAY') {
$numbirthday++; $colorindex = 2; $cssclass = 'family_birthday '; $color = sprintf("%02x%02x%02x", $theme_datacolor[$colorindex][0], $theme_datacolor[$colorindex][1], $theme_datacolor[$colorindex][2]);
$numbirthday++;
$colorindex = 2;
$cssclass = 'family_birthday ';
$color = sprintf("%02x%02x%02x", $theme_datacolor[$colorindex][0], $theme_datacolor[$colorindex][1], $theme_datacolor[$colorindex][2]);
} else {
$numother++;
$color = ($event->icalcolor ? $event->icalcolor : -1);
@ -1930,9 +1936,31 @@ function show_day_events($db, $day, $month, $year, $monthshown, $style, &$eventa
$daterange = '';
if ($event->type_code == 'BIRTHDAY') { // It's birthday calendar
print $event->getNomUrl(1, $maxnbofchar, 'cal_event', 'birthday', 'contact');
} elseif ($event->type_code == 'HOLIDAY') { // It's holiday calendar
if ($event->type_code == 'BIRTHDAY') {
// It's birthday calendar
$picb = '<i class="fas fa-birthday-cake inline-block"></i>';
//$pice = '<i class="fas fa-briefcase inline-block"></i>';
//$typea = ($objp->typea == 'birth') ? $picb : $pice;
//var_dump($event);
print $picb.' '.$langs->trans("Birthday").'<br>';
//print img_picto($langs->trans("Birthday"), 'birthday-cake').' ';
$tmpid = $event->id;
if (empty($cachecontacts[$tmpid])) {
$newcontact = new Contact($db);
$newcontact->fetch($tmpid);
$cachecontact[$tmpid] = $newcontact;
}
print $cachecontact[$tmpid]->getNomUrl(1);
//$event->picto = 'birthday-cake';
//print $event->getNomUrl(1, $maxnbofchar, 'cal_event', 'birthday', 'contact');
/*$listofcontacttoshow = '';
$listofcontacttoshow .= '<br>'.$cacheusers[$tmpid]->getNomUrl(-1, '', 0, 0, 0, 0, '', 'paddingright valignmiddle');
print $listofcontacttoshow;
*/
} elseif ($event->type_code == 'HOLIDAY') {
// It's holiday calendar
$tmpholiday->fetch($event->id);
print $tmpholiday->getNomUrl(1);
@ -1947,8 +1975,8 @@ function show_day_events($db, $day, $month, $year, $monthshown, $style, &$eventa
$listofusertoshow = '';
$listofusertoshow .= '<br>'.$cacheusers[$tmpid]->getNomUrl(-1, '', 0, 0, 0, 0, '', 'paddingright valignmiddle');
print $listofusertoshow;
} else { // Other calendar
// Picto
} else {
// Other calendar
if (empty($event->fulldayevent)) {
//print $event->getNomUrl(2).' ';
}

4
htdocs/comm/action/info.php
View File

@ -1,6 +1,6 @@
<?php
/* Copyright (C) 2004 Rodolphe Quiedeville <rodolphe@quiedeville.org>
* Copyright (C) 2004-2010 Laurent Destailleur <eldy@users.sourceforge.net>
* Copyright (C) 2004-2023 Laurent Destailleur <eldy@users.sourceforge.net>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -98,8 +98,6 @@ if (empty($reshook)) {
$linkback .= $out;
$morehtmlref = '<div class="refidno">';
// Thirdparty
//$morehtmlref.='<br>'.$langs->trans('ThirdParty') . ' : ' . $object->thirdparty->getNomUrl(1);
// Project
if (isModEnabled('project')) {
$langs->load("projects");

11
htdocs/comm/mailing/class/mailing.class.php
View File

@ -792,10 +792,11 @@ class Mailing extends CommonObject
$dataparams = '';
if (getDolGlobalInt('MAIN_ENABLE_AJAX_TOOLTIP')) {
$classfortooltip = 'classforajaxtooltip';
$dataparams = ' data-params='.json_encode($params);
// $label = $langs->trans('Loading');
$dataparams = ' data-params="'.dol_escape_htmltag(json_encode($params)).'"';
$label = '';
} else {
$label = implode($this->getTooltipContentArray($params));
}
$label = implode($this->getTooltipContentArray($params));
$url = DOL_URL_ROOT.'/comm/mailing/card.php?id='.$this->id;
@ -816,8 +817,8 @@ class Mailing extends CommonObject
$label = $langs->trans("ShowEMailing");
$linkclose .= ' alt="'.dol_escape_htmltag($label, 1).'"';
}
$linkclose .= $dataparams.' title="'.dol_escape_htmltag($label, 1).'"';
$linkclose .= ' class="'.$classfortooltip.($morecss ? ' '.$morecss : '').'"';
$linkclose .= ($label ? ' title="'.dol_escape_htmltag($label, 1).'"' : ' title="tocomplete"');
$linkclose .= $dataparams.' class="'.$classfortooltip.($morecss ? ' '.$morecss : '').'"';
} else {
$linkclose = ($morecss ? ' class="'.$morecss.'"' : '');
}

7
htdocs/comm/propal/card.php
View File

@ -221,7 +221,7 @@ if (empty($reshook)) {
}
}
$result = $object->createFromClone($user, $socid, (GETPOSTISSET('entity') ? GETPOST('entity', 'int') : null), (GETPOST('update_prices', 'aZ') ? true : false));
$result = $object->createFromClone($user, $socid, (GETPOSTISSET('entity') ? GETPOST('entity', 'int') : null), (GETPOST('update_prices', 'aZ') ? true : false), (GETPOST('update_desc', 'aZ') ? true : false));
if ($result > 0) {
header("Location: ".$_SERVER['PHP_SELF'].'?id='.$result);
exit();
@ -1599,7 +1599,7 @@ if (empty($reshook)) {
$error++;
}
if (!$error) {
$result = $object->updateExtraField(GETPOST('attribute', 'restricthtml'), 'PROPAL_MODIFY', $user);
$result = $object->insertExtraFields('PROPAL_MODIFY');
if ($result < 0) {
setEventMessages($object->error, $object->errors, 'errors');
$error++;
@ -2137,7 +2137,8 @@ if ($action == 'create') {
// 'text' => $langs->trans("ConfirmClone"),
// array('type' => 'checkbox', 'name' => 'clone_content', 'label' => $langs->trans("CloneMainAttributes"), 'value' => 1),
array('type' => 'other', 'name' => 'socid', 'label' => $langs->trans("SelectThirdParty"), 'value' => $form->select_company(GETPOST('socid', 'int'), 'socid', '(s.client=1 OR s.client=2 OR s.client=3)', '', 0, 0, null, 0, 'maxwidth300')),
array('type' => 'checkbox', 'name' => 'update_prices', 'label' => $langs->trans('PuttingPricesUpToDate'), 'value' => (!empty($conf->global->PROPOSAL_CLONE_UPDATE_PRICES) ? 1 : 0)),
array('type' => 'checkbox', 'name' => 'update_prices', 'label' => $langs->trans('PuttingPricesUpToDate'), 'value' => 0),
array('type' => 'checkbox', 'name' => 'update_desc', 'label' => $langs->trans('PuttingDescUpToDate'), 'value' => 0),
);
if (!empty($conf->global->PROPAL_CLONE_DATE_DELIVERY) && !empty($object->delivery_date)) {
$formquestion[] = array('type' => 'date', 'name' => 'date_delivery', 'label' => $langs->trans("DeliveryDate"), 'value' => $object->delivery_date);

69
htdocs/comm/propal/class/propal.class.php
View File

@ -1360,9 +1360,10 @@ class Propal extends CommonObject
* @param int $socid Id of thirdparty
* @param int $forceentity Entity id to force
* @param bool $update_prices [=false] Update prices if true
* @param bool $update_desc [=false] Update description if true
* @return int New id of clone
*/
public function createFromClone(User $user, $socid = 0, $forceentity = null, $update_prices = false)
public function createFromClone(User $user, $socid = 0, $forceentity = null, $update_prices = false, $update_desc = false)
{
global $conf, $hookmanager, $mysoc;
@ -1413,9 +1414,9 @@ class Propal extends CommonObject
}
// update prices
if ($update_prices === true) {
if ($update_prices === true || $update_desc === true) {
if ($objsoc->id > 0 && !empty($object->lines)) {
if (!empty($conf->global->PRODUIT_CUSTOMER_PRICES)) {
if ($update_prices === true && !empty($conf->global->PRODUIT_CUSTOMER_PRICES)) {
// If price per customer
require_once DOL_DOCUMENT_ROOT . '/product/class/productcustomerprice.class.php';
}
@ -1425,36 +1426,41 @@ class Propal extends CommonObject
$prod = new Product($this->db);
$res = $prod->fetch($line->fk_product);
if ($res > 0) {
$pu_ht = $prod->price;
$tva_tx = get_default_tva($mysoc, $objsoc, $prod->id);
$remise_percent = $objsoc->remise_percent;
if ($update_prices === true) {
$pu_ht = $prod->price;
$tva_tx = get_default_tva($mysoc, $objsoc, $prod->id);
$remise_percent = $objsoc->remise_percent;
if (!empty($conf->global->PRODUIT_MULTIPRICES) && $objsoc->price_level > 0) {
$pu_ht = $prod->multiprices[$objsoc->price_level];
if (!empty($conf->global->PRODUIT_MULTIPRICES_USE_VAT_PER_LEVEL)) { // using this option is a bug. kept for backward compatibility
if (isset($prod->multiprices_tva_tx[$objsoc->price_level])) {
$tva_tx = $prod->multiprices_tva_tx[$objsoc->price_level];
if (!empty($conf->global->PRODUIT_MULTIPRICES) && $objsoc->price_level > 0) {
$pu_ht = $prod->multiprices[$objsoc->price_level];
if (!empty($conf->global->PRODUIT_MULTIPRICES_USE_VAT_PER_LEVEL)) { // using this option is a bug. kept for backward compatibility
if (isset($prod->multiprices_tva_tx[$objsoc->price_level])) {
$tva_tx = $prod->multiprices_tva_tx[$objsoc->price_level];
}
}
}
} elseif (!empty($conf->global->PRODUIT_CUSTOMER_PRICES)) {
$prodcustprice = new Productcustomerprice($this->db);
$filter = array('t.fk_product' => $prod->id, 't.fk_soc' => $objsoc->id);
$result = $prodcustprice->fetchAll('', '', 0, 0, $filter);
if ($result) {
// If there is some prices specific to the customer
if (count($prodcustprice->lines) > 0) {
$pu_ht = price($prodcustprice->lines[0]->price);
$tva_tx = ($prodcustprice->lines[0]->default_vat_code ? $prodcustprice->lines[0]->tva_tx.' ('.$prodcustprice->lines[0]->default_vat_code.' )' : $prodcustprice->lines[0]->tva_tx);
if ($prodcustprice->lines[0]->default_vat_code && !preg_match('/\(.*\)/', $tva_tx)) {
$tva_tx .= ' ('.$prodcustprice->lines[0]->default_vat_code.')';
} elseif (!empty($conf->global->PRODUIT_CUSTOMER_PRICES)) {
$prodcustprice = new Productcustomerprice($this->db);
$filter = array('t.fk_product' => $prod->id, 't.fk_soc' => $objsoc->id);
$result = $prodcustprice->fetchAll('', '', 0, 0, $filter);
if ($result) {
// If there is some prices specific to the customer
if (count($prodcustprice->lines) > 0) {
$pu_ht = price($prodcustprice->lines[0]->price);
$tva_tx = ($prodcustprice->lines[0]->default_vat_code ? $prodcustprice->lines[0]->tva_tx.' ('.$prodcustprice->lines[0]->default_vat_code.' )' : $prodcustprice->lines[0]->tva_tx);
if ($prodcustprice->lines[0]->default_vat_code && !preg_match('/\(.*\)/', $tva_tx)) {
$tva_tx .= ' ('.$prodcustprice->lines[0]->default_vat_code.')';
}
}
}
}
}
$line->subprice = $pu_ht;
$line->tva_tx = $tva_tx;
$line->remise_percent = $remise_percent;
$line->subprice = $pu_ht;
$line->tva_tx = $tva_tx;
$line->remise_percent = $remise_percent;
}
if ($update_desc === true) {
$line->desc = $prod->description;
}
}
}
}
@ -3790,10 +3796,11 @@ class Propal extends CommonObject
$dataparams = '';
if (getDolGlobalInt('MAIN_ENABLE_AJAX_TOOLTIP')) {
$classfortooltip = 'classforajaxtooltip';
$dataparams = ' data-params='.json_encode($params);
// $label = $langs->trans('Loading');
$dataparams = ' data-params="'.dol_escape_htmltag(json_encode($params)).'"';
$label = '';
} else {
$label = implode($this->getTooltipContentArray($params));
}
$label = implode($this->getTooltipContentArray($params));
$url = '';
if ($user->rights->propal->lire) {
@ -3825,7 +3832,7 @@ class Propal extends CommonObject
$label = $langs->trans("Proposal");
$linkclose .= ' alt="'.dol_escape_htmltag($label, 1).'"';
}
$linkclose .= ' title="'.dol_escape_htmltag($label, 1).'"';
$linkclose .= ($label ? ' title="'.dol_escape_htmltag($label, 1).'"' : ' title="tocomplete"');
$linkclose .= $dataparams.' class="'.$classfortooltip.'"';
}

10
htdocs/commande/class/commande.class.php
View File

@ -3834,19 +3834,19 @@ class Commande extends CommonOrder
$dataparams = '';
if (getDolGlobalInt('MAIN_ENABLE_AJAX_TOOLTIP')) {
$classfortooltip = 'classforajaxtooltip';
$dataparams = ' data-params='.json_encode($params);
// $label = $langs->trans('Loading');
$dataparams = ' data-params="'.dol_escape_htmltag(json_encode($params)).'"';
$label = '';
} else {
$label = implode($this->getTooltipContentArray($params));
}
$label = implode($this->getTooltipContentArray($params));
$linkclose = '';
if (empty($notooltip) && $user->hasRight('commande', 'lire')) {
if (!empty($conf->global->MAIN_OPTIMIZEFORTEXTBROWSER)) {
$label = $langs->trans("Order");
$linkclose .= ' alt="'.dol_escape_htmltag($label, 1).'"';
}
$linkclose .= ' title="'.dol_escape_htmltag($label, 1).'"';
$linkclose .= ($label ? ' title="'.dol_escape_htmltag($label, 1).'"' : ' title="tocomplete"');
$linkclose .= $dataparams.' class="'.$classfortooltip.'"';
$target_value = array('_self', '_blank', '_parent', '_top');

12
htdocs/commande/list.php
View File

@ -893,19 +893,19 @@ if ($search_status <> '') {
if ($search_status == 1 && empty($conf->expedition->enabled)) {
$sql .= ' AND c.fk_statut IN (1,2)'; // If module expedition disabled, we include order with status 'sending in process' into 'validated'
} else {
$sql .= ' AND c.fk_statut = '.((int) $search_status); // brouillon, validee, en cours, annulee
$sql .= ' AND c.fk_statut = '.((int) $search_status); // draft, validated, in process or canceled
}
}
if ($search_status == -2) { // To process
if ($search_status == -2) { // "validated + in process"
//$sql.= ' AND c.fk_statut IN (1,2,3) AND c.facture = 0';
$sql .= " AND ((c.fk_statut IN (1,2)) OR (c.fk_statut = 3 AND c.facture = 0))"; // If status is 2 and facture=1, it must be selected
$sql .= " AND (c.fk_statut IN (1,2))";
}
if ($search_status == -3) { // To bill
if ($search_status == -3) { // "validated + in process + delivered"
//$sql.= ' AND c.fk_statut in (1,2,3)';
//$sql.= ' AND c.facture = 0'; // invoice not created
$sql .= ' AND ((c.fk_statut IN (1,2)) OR (c.fk_statut = 3 AND c.facture = 0))'; // validated, in process or closed but not billed
$sql .= ' AND (c.fk_statut IN (1,2,3))'; // validated, in process or closed
}
if ($search_status == -4) { // "validate and in progress"
if ($search_status == -4) { // "validate + in progress"
$sql .= ' AND (c.fk_statut IN (1,2))'; // validated, in process
}
}

21
htdocs/compta/bank/class/account.class.php
View File

@ -1409,13 +1409,15 @@ class Account extends CommonObject
/**
* getTooltipContentArray
* @param array $params params to construct tooltip data
* @since v18
* @return array
*
* @param array $params Params to construct tooltip data
* @since v18
* @return array
*/
public function getTooltipContentArray($params)
{
global $langs;
$langs->loadLangs(['banks', 'compta']);
include_once DOL_DOCUMENT_ROOT.'/core/lib/bank.lib.php';
$datas = array();
@ -1461,6 +1463,7 @@ class Account extends CommonObject
public function getNomUrl($withpicto = 0, $mode = '', $option = '', $save_lastsearch_value = -1, $notooltip = 0)
{
global $conf, $langs, $user;
include_once DOL_DOCUMENT_ROOT.'/core/lib/bank.lib.php';
$result = '';
@ -1474,11 +1477,15 @@ class Account extends CommonObject
];
if (getDolGlobalInt('MAIN_ENABLE_AJAX_TOOLTIP')) {
$classfortooltip = 'classforajaxtooltip';
$dataparams = ' data-params='.json_encode($params);
$dataparams = ' data-params="'.dol_escape_htmltag(json_encode($params)).'"';
$label = '';
} else {
$label = implode($this->getTooltipContentArray($params));
}
$label = implode($this->getTooltipContentArray($params));
$linkclose = '"'.$dataparams.' title="'.dol_escape_htmltag($label, 1).'" class="'.$classfortooltip.'">';
$linkclose = '';
$linkclose .= ($label ? ' title="'.dol_escape_htmltag($label, 1).'"' : ' title="tocomplete"');
$linkclose .= $dataparams.' class="'.$classfortooltip.'">';
$url = DOL_URL_ROOT.'/compta/bank/card.php?id='.$this->id;
if ($mode == 'transactions') {
@ -1498,7 +1505,7 @@ class Account extends CommonObject
}
}
$linkstart = '<a href="'.$url.$linkclose;
$linkstart = '<a href="'.$url.'"'.$linkclose;
$linkend = '</a>';
if ($option == 'nolink') {

32
htdocs/compta/bank/class/paymentvarious.class.php
View File

@ -828,4 +828,36 @@ class PaymentVarious extends CommonObject
$return .= '</div>';
return $return;
}
/**
* Return General accounting account with defined length (used for product and miscellaneous)
*
* @param string $account General accounting account
* @return string String with defined length
*/
public function lengthAccountg($account)
{
include_once DOL_DOCUMENT_ROOT.'/core/lib/accounting.lib.php';
/*
if (isModEnabled('accounting')) {
$accountingaccount = new AccountingAccount($db);
$accountingaccount->fetch('', $valuetoshow, 1);
}*/
return length_accountg($account);
}
/**
* Return Auxiliary accounting account of thirdparties with defined length
*
* @param string $account Auxiliary accounting account
* @return string String with defined length
*/
public function lengthAccounta($account)
{
include_once DOL_DOCUMENT_ROOT.'/core/lib/accounting.lib.php';
return length_accounta($account);
}
}

2
htdocs/compta/bank/transfer.php
View File

@ -346,7 +346,7 @@ for ($i = 1 ; $i < $MAXLINES; $i++) {
print '<td class="hideobject" class="multicurrency"><input name="'.$i.'_amountto" class="flat" type="text" size="6" value="'.dol_escape_htmltag($amountto).'"></td>';
print '</tr>';
};
}
print '</table>';
print '</div>';

87
htdocs/compta/bank/various_payment/card.php
View File

@ -1,6 +1,7 @@
<?php
/* Copyright (C) 2017-2021 Alexandre Spangaro <aspangaro@open-dsi.fr>
* Copyright (C) 2018-2020 Frédéric France <frederic.france@netlogic.fr>
* Copyright (C) 2023 Laurent Destailleur <eldy@users.sourceforge.net>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -71,6 +72,8 @@ $object = new PaymentVarious($db);
// Initialize technical object to manage hooks of page. Note that conf->hooks_modules contains array of hook context
$hookmanager->initHooks(array('variouscard', 'globalcard'));
$permissiontoadd = $user->hasRight('banque', 'modifier');
/**
* Actions
@ -83,14 +86,8 @@ if ($reshook < 0) {
}
if (empty($reshook)) {
// Link to a project
if ($action == 'classin' && $user->rights->banque->modifier) {
$object->fetch($id);
$object->setProject(GETPOST('projectid'));
}
if ($cancel) {
if ($action != 'addlink') {
if ($action != 'addlink' && $action != 'setaccountancy_code' && $action != 'setsubledger_account') {
$urltogo = $backtopage ? $backtopage : dol_buildpath('/compta/bank/various_payment/list.php', 1);
header("Location: ".$urltogo);
exit;
@ -101,6 +98,12 @@ if (empty($reshook)) {
$action = '';
}
// Link to a project
if ($action == 'classin' && $permissiontoadd) {
$object->fetch($id);
$object->setProject(GETPOST('projectid', 'int'));
}
if ($action == 'add') {
$error = 0;
@ -214,6 +217,22 @@ if (empty($reshook)) {
}
}
if ($action == 'setaccountancy_code') {
$db->begin();
$result = $object->fetch($id);
$object->accountancy_code = GETPOST('accountancy_code', 'alpha');
$res = $object->update($user);
if ($res > 0) {
$db->commit();
} else {
$db->rollback();
setEventMessages($object->error, $object->errors, 'errors');
}
}
if ($action == 'setsubledger_account') {
$db->begin();
@ -236,7 +255,7 @@ if ($action == 'confirm_clone' && $confirm != 'yes') {
$action = '';
}
if ($action == 'confirm_clone' && $confirm == 'yes' && ($user->rights->banque->modifier)) {
if ($action == 'confirm_clone' && $confirm == 'yes' && $permissiontoadd) {
$db->begin();
$originalId = $id;
@ -560,32 +579,25 @@ if ($id) {
// Project
if (isModEnabled('project')) {
$langs->load("projects");
$morehtmlref .= $langs->trans('Project').' ';
if ($user->rights->banque->modifier) {
//$morehtmlref .= '<br>';
if ($permissiontoadd) {
$morehtmlref .= img_picto($langs->trans("Project"), 'project', 'class="pictofixedwidth"');
if ($action != 'classify') {
$morehtmlref .= '<a class="editfielda" href="'.$_SERVER['PHP_SELF'].'?action=classify&token='.newToken().'&id='.$object->id.'">'.img_edit($langs->transnoentitiesnoconv('SetProject')).'</a> : ';
}
if ($action == 'classify') {
//$morehtmlref.=$form->form_project($_SERVER['PHP_SELF'] . '?id=' . $object->id, $object->socid, $object->fk_project, 'projectid', 0, 0, 1, 1);
$morehtmlref .= '<form method="post" action="'.$_SERVER['PHP_SELF'].'?id='.$object->id.'">';
$morehtmlref .= '<input type="hidden" name="action" value="classin">';
$morehtmlref .= '<input type="hidden" name="token" value="'.newToken().'">';
$morehtmlref .= $formproject->select_projects(0, $object->fk_project, 'projectid', $maxlength, 0, 1, 0, 1, 0, 0, '', 1);
$morehtmlref .= '<input type="submit" class="button valignmiddle" value="'.$langs->trans("Modify").'">';
$morehtmlref .= '</form>';
} else {
$morehtmlref .= $form->form_project($_SERVER['PHP_SELF'].'?id='.$object->id, $object->socid, $object->fk_project, 'none', 0, 0, 0, 1, '', 'maxwidth300');
$morehtmlref .= '<a class="editfielda" href="'.$_SERVER['PHP_SELF'].'?action=classify&token='.newToken().'&id='.$object->id.'">'.img_edit($langs->transnoentitiesnoconv('SetProject')).'</a> ';
}
$morehtmlref .= $form->form_project($_SERVER['PHP_SELF'].'?id='.$object->id, $object->socid, $object->fk_project, ($action == 'classify' ? 'projectid' : 'none'), 0, 0, 0, 1, '', 'maxwidth300');
} else {
if (!empty($object->fk_project)) {
$proj = new Project($db);
$proj->fetch($object->fk_project);
$morehtmlref .= $proj->getNomUrl(1);
} else {
$morehtmlref .= '';
if ($proj->title) {
$morehtmlref .= '<span class="opacitymedium"> - '.dol_escape_htmltag($proj->title).'</span>';
}
}
}
}
$morehtmlref .= '</div>';
$linkback = '<a href="'.DOL_URL_ROOT.'/compta/bank/various_payment/list.php?restore_lastsearch_values=1'.(!empty($socid) ? '&socid='.$socid : '').'">'.$langs->trans("BackToList").'</a>';
@ -622,25 +634,24 @@ if ($id) {
print '<tr><td>'.$langs->trans("Amount").'</td><td><span class="amount">'.price($object->amount, 0, $langs, 1, -1, -1, $conf->currency).'</span></td></tr>';
// Accountancy code
print '<tr><td class="nowrap">';
print $langs->trans("AccountAccounting");
print '</td><td>';
// Account of Chart of account
$editvalue = '';
if (isModEnabled('accounting')) {
$accountingaccount = new AccountingAccount($db);
$accountingaccount->fetch('', $object->accountancy_code, 1);
print $accountingaccount->getNomUrl(0, 1, 1, '', 1);
} else {
print $object->accountancy_code;
$editvalue = $formaccounting->select_account($object->accountancy_code, 'accountancy_code', 1, null, 1, 1);
}
print '</td></tr>';
print '<tr><td class="nowrap">';
print $form->editfieldkey('AccountAccounting', 'accountancy_code', $object->accountancy_code, $object, (!$alreadyaccounted && $permissiontoadd), 'string', '', 0);
print '</td><td>';
print $form->editfieldval('AccountAccounting', 'accountancy_code', $object->accountancy_code, $object, (!$alreadyaccounted && $permissiontoadd), 'asis', $editvalue, 0, null, '', 1, 'lengthAccountg');
print '</td></tr>';
// Subledger account
print '<tr><td class="nowrap">';
print $form->editfieldkey('SubledgerAccount', 'subledger_account', $object->subledger_account, $object, (!$alreadyaccounted && $user->rights->banque->modifier), 'string', '', 0);
print $form->editfieldkey('SubledgerAccount', 'subledger_account', $object->subledger_account, $object, (!$alreadyaccounted && $permissiontoadd), 'string', '', 0);
print '</td><td>';
print $form->editfieldval('SubledgerAccount', 'subledger_account', $object->subledger_account, $object, (!$alreadyaccounted && $user->rights->banque->modifier), 'string', '', 0);
print $form->editfieldval('SubledgerAccount', 'subledger_account', $object->subledger_account, $object, (!$alreadyaccounted && $permissiontoadd), 'string', '', 0, null, '', 1, 'lengthAccounta');
print '</td></tr>';
$bankaccountnotfound = 0;
@ -689,13 +700,13 @@ if ($id) {
// Add button modify
// Clone
if ($user->rights->banque->modifier) {
if ($permissiontoadd) {
print '<div class="inline-block divButAction"><a class="butAction" href="'.dol_buildpath("/compta/bank/various_payment/card.php", 1).'?id='.$object->id.'&amp;action=clone">'.$langs->trans("ToClone")."</a></div>";
}
// Delete
if (empty($object->rappro) || $bankaccountnotfound) {
if (!empty($user->rights->banque->modifier)) {
if ($permissiontoadd) {
if ($alreadyaccounted) {
print '<div class="inline-block divButAction"><a class="butActionRefused classfortooltip" href="#" title="'.$langs->trans("Accounted").'">'.$langs->trans("Delete").'</a></div>';
} else {

1
htdocs/compta/bank/various_payment/document.php
View File

@ -100,7 +100,6 @@ if ($object->id) {
// Project
if (isModEnabled('project')) {
$langs->load("projects");
$morehtmlref .= $langs->trans('Project').' : ';
if ($user->rights->banque->modifier && 0) {
if ($action != 'classify') {
$morehtmlref .= '<a class="editfielda" href="'.$_SERVER['PHP_SELF'].'?action=classify&token='.newToken().'&id='.$object->id.'">'.img_edit($langs->transnoentitiesnoconv('SetProject')).'</a> : ';

1
htdocs/compta/bank/various_payment/info.php
View File

@ -60,7 +60,6 @@ $morehtmlref = '<div class="refidno">';
// Project
if (isModEnabled('project')) {
$langs->load("projects");
$morehtmlref .= $langs->trans('Project').' : ';
if ($user->rights->banque->modifier && 0) {
if ($action != 'classify') {
$morehtmlref .= '<a class="editfielda" href="'.$_SERVER['PHP_SELF'].'?action=classify&token='.newToken().'&id='.$object->id.'">'.img_edit($langs->transnoentitiesnoconv('SetProject')).'</a> : ';

4
htdocs/compta/cashcontrol/cashcontrol_list.php
View File

@ -622,8 +622,8 @@ while ($i < ($limit ? min($num, $limit) : $num)) {
//if (in_array($key, array('fk_soc', 'fk_user', 'fk_warehouse'))) $cssforfield = 'tdoverflowmax100';
if (!empty($arrayfields['t.'.$key]['checked'])) {
print '<td'.($cssforfield ? ' class="'.$cssforfield.'"' : '');
if (preg_match('/tdoverflow/', $cssforfield)) {
print '<td'.($cssforfield ? ' class="'.$cssforfield.(preg_match('/tdoverflow/', $cssforfield) ? ' classfortooltip' : '').'"' : '');
if (preg_match('/tdoverflow/', $cssforfield) && !is_numeric($object->$key)) {
print ' title="'.dol_escape_htmltag($object->$key).'"';
}
print '>';

2
htdocs/compta/facture/agenda.php
View File

@ -29,7 +29,7 @@ require_once DOL_DOCUMENT_ROOT.'/core/lib/functions2.lib.php';
require_once DOL_DOCUMENT_ROOT.'/core/lib/company.lib.php';
// Load translation files required by the page
$langs->loadLangs(array("facture", "other"));
$langs->loadLangs(array("bills", "other"));
// Get parameters
$id = GETPOST('id', 'int');

21
htdocs/compta/facture/class/facture.class.php
View File

@ -574,6 +574,7 @@ class Facture extends CommonInvoice
$this->type = self::TYPE_STANDARD;
}
$this->ref_client = trim($this->ref_client);
$this->ref_customer = trim($this->ref_customer);
$this->note_public = trim($this->note_public);
$this->note_private = trim($this->note_private);
$this->note_private = dol_concatdesc($this->note_private, $langs->trans("GeneratedFromRecurringInvoice", $_facrec->ref));
@ -591,8 +592,6 @@ class Facture extends CommonInvoice
// We do not add link to template invoice or next invoice will be linked to all generated invoices
//$this->linked_objects['facturerec'][0] = $this->fac_rec;
$forceduedate = $this->calculate_date_lim_reglement();
// For recurring invoices, update date and number of last generation of recurring template invoice, before inserting new invoice
if ($_facrec->frequency > 0) {
dol_syslog("This is a recurring invoice so we set date_last_gen and next date_when");
@ -1897,10 +1896,11 @@ class Facture extends CommonInvoice
$dataparams = '';
if (getDolGlobalInt('MAIN_ENABLE_AJAX_TOOLTIP')) {
$classfortooltip = 'classforajaxtooltip';
$dataparams = ' data-params='.json_encode($params);
// $label = $langs->trans('Loading');
$dataparams = ' data-params="'.dol_escape_htmltag(json_encode($params)).'"';
$label = '';
} else {
$label = implode($this->getTooltipContentArray($params));
}
$label = implode($this->getTooltipContentArray($params));
$linkclose = ($target ? ' target="'.$target.'"' : '');
if (empty($notooltip) && $user->hasRight("facture", "read")) {
@ -1908,8 +1908,8 @@ class Facture extends CommonInvoice
$label = $langs->trans("Invoice");
$linkclose .= ' alt="'.dol_escape_htmltag($label, 1).'"';
}
$linkclose .= $dataparams.' title="'.dol_escape_htmltag($label, 1).'"';
$linkclose .= ' class="'.$classfortooltip.'"';
$linkclose .= ($label ? ' title="'.dol_escape_htmltag($label, 1).'"' : ' title="tocomplete"');
$linkclose .= $dataparams.' class="'.$classfortooltip.'"';
}
$linkstart = '<a href="'.$url.'"';
@ -5468,10 +5468,10 @@ class Facture extends CommonInvoice
/**
* Send reminders by emails for ivoices that are due
* Send reminders by emails for invoices that are due
* CAN BE A CRON TASK
*
* @param int $nbdays Delay after due date (or before if delay is negative)
* @param int $nbdays Delay before due date (or after if delay is negative)
* @param string $paymentmode '' or 'all' by default (no filter), or 'LIQ', 'CHQ', CB', ...
* @param int|string $template Name (or id) of email template (Must be a template of type 'facture_send')
* @param string $forcerecipient Force email of recipient (for example to send the email to an accountant supervisor instead of the customer)
@ -5656,7 +5656,7 @@ class Facture extends CommonInvoice
$actioncomm->contact_id = 0;
$actioncomm->code = 'AC_EMAIL';
$actioncomm->label = 'sendEmailsRemindersOnInvoiceDueDateOK';
$actioncomm->label = 'sendEmailsRemindersOnInvoiceDueDateOK (nbdays='.$nbdays.' paymentmode='.$paymentmode.' template='.$template.' forcerecipient='.$forcerecipient.')';
$actioncomm->note_private = $sendContent;
$actioncomm->fk_project = $tmpinvoice->fk_project;
$actioncomm->datep = dol_now();
@ -5666,6 +5666,7 @@ class Facture extends CommonInvoice
$actioncomm->userownerid = $user->id; // Owner of action
// Fields when action is an email (content should be added into note)
$actioncomm->email_msgid = $cMailFile->msgid;
$actioncomm->email_subject = $sendTopic;
$actioncomm->email_from = $from;
$actioncomm->email_sender = '';
$actioncomm->email_to = $to;

12
htdocs/compta/facture/list.php
View File

@ -1952,7 +1952,7 @@ if ($resql) {
// Action column
if (!empty($conf->global->MAIN_CHECKBOX_LEFT_COLUMN)) {
print '<td class="nowrap" align="center">';
print '<td class="nowrap center">';
if (($massactionbutton || $massaction) && $contextpage != 'poslist') { // If we are in select mode (massactionbutton defined) or if we have already selected and sent an action ($massaction) defined
$selected = 0;
if (in_array($obj->id, $arrayofselected)) {
@ -2430,7 +2430,7 @@ if ($resql) {
}
}
if (!empty($arrayfields['multicurrency_dynamount_payed']['checked'])) {
print '<td class="right nowraponall amount">'.(!empty($multicurrency_totalpay) ?price($multicurrency_totalpay, 0, $langs) : '&nbsp;').'</td>'; // TODO Use a denormalized field
print '<td class="right nowraponall amount">'.(!empty($multicurrency_totalpay) ? price($multicurrency_totalpay, 0, $langs) : '&nbsp;').'</td>'; // TODO Use a denormalized field
if (!$i) {
$totalarray['nbfield']++;
}
@ -2440,7 +2440,7 @@ if ($resql) {
if (!empty($arrayfields['multicurrency_rtp']['checked'])) {
print '<td class="right nowraponall">';
print (!empty($multicurrency_remaintopay) ? price($multicurrency_remaintopay, 0, $langs) : '&nbsp;');
print '</td>'; // TODO Use a denormalized field
print '</td>'; // TODO Use a denormalized field ?
if (!$i) {
$totalarray['nbfield']++;
}
@ -2448,14 +2448,14 @@ if ($resql) {
// Total buying or cost price
if (!empty($arrayfields['total_pa']['checked'])) {
print '<td class="right nowrap">'.price($marginInfo['pa_total']).'</td>';
print '<td class="right nowrap">'.price($marginInfo['pa_total'], 0, $langs, 1, -1, 'MT').'</td>';
if (!$i) {
$totalarray['nbfield']++;
}
}
// Total margin
if (!empty($arrayfields['total_margin']['checked'])) {
print '<td class="right nowrap">'.price($marginInfo['total_margin']).'</td>';
print '<td class="right nowrap">'.price($marginInfo['total_margin'], 0, $langs, 1, -1, 'MT').'</td>';
if (!$i) {
$totalarray['nbfield']++;
}
@ -2570,7 +2570,7 @@ if ($resql) {
// Action column (Show the massaction button only when this page is not opend from the Extended POS)
if (empty($conf->global->MAIN_CHECKBOX_LEFT_COLUMN)) {
print '<td class="nowrap" align="center">';
print '<td class="nowrap center">';
if (($massactionbutton || $massaction) && $contextpage != 'poslist') { // If we are in select mode (massactionbutton defined) or if we have already selected and sent an action ($massaction) defined
$selected = 0;
if (in_array($obj->id, $arrayofselected)) {

10
htdocs/compta/facture/prelevement.php
View File

@ -693,6 +693,16 @@ if ($object->id > 0) {
$resteapayer = price2num($object->total_ttc - $totalpaid - $totalcreditnotes - $totaldeposits, 'MT');
// Hook to change amount for other reasons, e.g. apply cash discount for payment before agreed date
$parameters = array('remaintopay' => $resteapayer);
$reshook = $hookmanager->executeHooks('finalizeAmountOfSupplierInvoice', $parameters, $object, $action); // Note that $action and $object may have been modified by some hooks
if ($reshook > 0) {
print $hookmanager->resPrint;
if (!empty($remaintopay = $hookmanager->resArray['remaintopay'])) {
$resteapayer = $remaintopay;
}
}
// TODO Replace this by an include with same code to show already done payment visible in invoice card
print '<tr><td>'.$langs->trans('RemainderToPay').'</td><td class="nowrap">'.price($resteapayer, 1, '', 1, - 1, - 1, $conf->currency).'</td></tr>';

21
htdocs/compta/paiement/card.php
View File

@ -36,6 +36,9 @@ require_once DOL_DOCUMENT_ROOT.'/core/lib/payments.lib.php';
if (isModEnabled("banque")) {
require_once DOL_DOCUMENT_ROOT.'/compta/bank/class/account.class.php';
}
if (!empty($conf->margin->enabled)) {
require_once DOL_DOCUMENT_ROOT.'/core/class/html.formmargin.class.php';
}
// Load translation files required by the page
$langs->loadLangs(array('bills', 'banks', 'companies'));
@ -432,6 +435,10 @@ if ($resql) {
if (isModEnabled('multicompany') && !empty($conf->global->MULTICOMPANY_INVOICE_SHARING_ENABLED)) {
print '<td>'.$langs->trans('Entity').'</td>';
}
//Add Margin
if (!empty($conf->margin->enabled) && getDolGlobalInt('MARGIN_SHOW_MARGIN_ON_PAYMENT')) {
print '<td class="right">'.$langs->trans('Margin').'</td>';
}
print '<td class="right">'.$langs->trans('ExpectedToPay').'</td>';
print '<td class="right">'.$langs->trans('PayedByThisPayment').'</td>';
print '<td class="right">'.$langs->trans('RemainderToPay').'</td>';
@ -447,6 +454,14 @@ if ($resql) {
$invoice = new Facture($db);
$invoice->fetch($objp->facid);
// Add Margin
if (!empty($conf->margin->enabled) && getDolGlobalInt('MARGIN_SHOW_MARGIN_ON_PAYMENT')) {
$formmargin = new FormMargin($db);
$marginInfo = array();
$invoice->fetch_lines();
$marginInfo = $formmargin->getMarginInfosArray($invoice);
}
$paiement = $invoice->getSommePaiement();
$creditnotes = $invoice->getSumCreditNotesUsed();
$deposits = $invoice->getSumDepositsUsed();
@ -472,6 +487,12 @@ if ($resql) {
print $mc->label;
print '</td>';
}
// Add margin
if (!empty($conf->margin->enabled) && getDolGlobalInt('MARGIN_SHOW_MARGIN_ON_PAYMENT')) {
print '<td class="right">'.price($marginInfo['total_margin']).'</td>';
}
// Expected to pay
print '<td class="right"><span class="amount">'.price($objp->total_ttc).'</span></td>';

15
htdocs/compta/paiement/class/paiement.class.php
View File

@ -11,6 +11,7 @@
* Copyright (C) 2018-2022 Frédéric France <frederic.france@netlogic.fr>
* Copyright (C) 2020 Andreu Bisquerra Gaya <jove@bisquerra.com>
* Copyright (C) 2021 OpenDsi <support@open-dsi.fr>
* Copyright (C) 2023 Joachim Kueter <git-jk@bloxera.com>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -382,7 +383,19 @@ class Paiement extends CommonObject
if (!in_array($invoice->type, $affected_types)) {
dol_syslog("Invoice ".$facid." is not a standard, nor replacement invoice, nor credit note, nor deposit invoice, nor situation invoice. We do nothing more.");
} elseif ($remaintopay) {
dol_syslog("Remain to pay for invoice ".$facid." not null. We do nothing more.");
// hook to have an option to automatically close a closable invoice with less payment than the total amount (e.g. agreed cash discount terms)
global $hookmanager;
$hookmanager->initHooks(array('paymentdao'));
$parameters = array('facid' => $facid, 'invoice' => $invoice, 'remaintopay' => $remaintopay);
$action = 'CLOSEPAIDINVOICE';
$reshook = $hookmanager->executeHooks('createPayment', $parameters, $this, $action); // Note that $action and $object may have been modified by some hooks
if ($reshook < 0) {
$this->errors[] = $hookmanager->error;
$this->error = $hookmanager->error;
$error++;
} elseif ($reshook == 0) {
dol_syslog("Remain to pay for invoice " . $facid . " not null. We do nothing more.");
}
// } else if ($mustwait) dol_syslog("There is ".$mustwait." differed payment to process, we do nothing more.");
} else {
// If invoice is a down payment, we also convert down payment to discount

14
htdocs/compta/prelevement/line.php
View File

@ -119,7 +119,13 @@ if ($action == 'confirm_rejet') {
* View
*/
$invoicestatic = new Facture($db);
if ($type == 'bank-transfer') {
require_once DOL_DOCUMENT_ROOT.'/fourn/class/fournisseur.facture.class.php';
$invoicestatic = new FactureFournisseur($db);
} else {
require_once DOL_DOCUMENT_ROOT.'/compta/facture/class/facture.class.php';
$invoicestatic = new Facture($db);
}
$title = $langs->trans("WithdrawalsLine");
if ($type == 'bank-transfer') {
@ -318,7 +324,11 @@ if ($id) {
print '<a href="'.DOL_URL_ROOT.'/compta/facture/card.php?facid='.$obj->facid.'">'.$obj->ref."</a></td>\n";
}
print '<td><a href="'.DOL_URL_ROOT.'/comm/card.php?socid='.$obj->socid.'">';
if ($type == 'bank-transfer') {
print '<td><a href="'.DOL_URL_ROOT.'/fourn/card.php?socid='.$obj->socid.'">';
} else {
print '<td><a href="'.DOL_URL_ROOT.'/comm/card.php?socid='.$obj->socid.'">';
}
print img_object($langs->trans("ShowCompany"), "company").' '.$obj->name."</a></td>\n";
print '<td class="right"><span class="amount">'.price($obj->total_ttc)."</span></td>\n";

1
htdocs/contact/card.php
View File

@ -680,6 +680,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) {
print '<td colspan="3"><input name="lastname" id="lastname" type="text" class="maxwidth100onsmartphone" maxlength="80" value="'.dol_escape_htmltag(GETPOST("lastname", 'alpha') ?GETPOST("lastname", 'alpha') : $object->lastname).'" autofocus="autofocus"></td>';
print '</tr>';
// Firstname
print '<tr>';
print '<td><label for="firstname">';
print $form->textwithpicto($langs->trans("Firstname"), $langs->trans("KeepEmptyIfGenericAddress")).'</label></td>';

9
htdocs/contact/class/contact.class.php
View File

@ -1495,10 +1495,11 @@ class Contact extends CommonObject
$dataparams = '';
if (getDolGlobalInt('MAIN_ENABLE_AJAX_TOOLTIP')) {
$classfortooltip = 'classforajaxtooltip';
$dataparams = ' data-params='.json_encode($params);
// $label = $langs->trans('Loading');
$dataparams = ' data-params="'.dol_escape_htmltag(json_encode($params)).'"';
$label = '';
} else {
$label = implode($this->getTooltipContentArray($params));
}
$label = implode($this->getTooltipContentArray($params));
$url = DOL_URL_ROOT.'/contact/card.php?id='.$this->id;
@ -1521,7 +1522,7 @@ class Contact extends CommonObject
$label = $langs->trans("ShowContact");
$linkclose .= ' alt="'.dol_escape_htmltag($label, 1).'"';
}
$linkclose .= ' title="'.dol_escape_htmltag($label, 1).'"';
$linkclose .= ($label ? ' title="'.dol_escape_htmltag($label, 1).'"' : ' title="tocomplete"');
$linkclose .= $dataparams.' class="'.$classfortooltip.($morecss ? ' '.$morecss : '').'"';
}

2
htdocs/contact/consumption.php
View File

@ -377,7 +377,7 @@ if ($sql_select) {
$num = $db->num_rows($resql);
$param = "&socid=".urlencode($socid)."&type_element=".urlencode($type_element);
$param = "&socid=".urlencode($socid)."&type_element=".urlencode($type_element)."&id=".urlencode($id);
if (!empty($contextpage) && $contextpage != $_SERVER["PHP_SELF"]) {
$param .= '&contextpage='.urlencode($contextpage);
}

83
htdocs/contact/perso.php
View File

@ -27,6 +27,7 @@
// Load Dolibarr environment
require '../main.inc.php';
require_once DOL_DOCUMENT_ROOT.'/contact/class/contact.class.php';
require_once DOL_DOCUMENT_ROOT.'/core/class/html.formcompany.class.php';
require_once DOL_DOCUMENT_ROOT.'/core/lib/contact.lib.php';
// Load translation files required by the page
@ -42,6 +43,9 @@ if ($user->socid) {
$result = restrictedArea($user, 'contact', $id, 'socpeople&societe');
$object = new Contact($db);
$errors = array();
/*
* Action
*/
@ -123,6 +127,7 @@ $help_url = 'EN:Module_Third_Parties|FR:Module_Tiers|ES:Empresas';
llxHeader('', $title, $help_url);
$form = new Form($db);
$formcompany = new FormCompany($db);
$object->fetch($id, $user);
@ -143,38 +148,13 @@ if ($action == 'edit') {
print '<table class="border centpercent">';
// Ref
print '<tr><td class="titlefieldcreate">'.$langs->trans("Ref").'</td><td colspan="3">';
print '<tr><td class="titlefieldcreate">'.$langs->trans("Ref").'</td><td>';
print $object->id;
print '</td>';
// Photo
print '<td class="center hideonsmartphone valignmiddle" rowspan="6">';
print $form->showphoto('contact', $object)."\n";
if ($object->photo) {
print "<br>\n";
}
print '<table class="nobordernopadding">';
if ($object->photo) {
print '<tr><td class="center"><input type="checkbox" class="flat photodelete" name="deletephoto" id="photodelete"> '.$langs->trans("Delete").'<br><br></td></tr>';
}
print '<tr><td>'.$langs->trans("PhotoFile").'</td></tr>';
print '<tr><td>';
$maxfilesizearray = getMaxFileSizeArray();
$maxmin = $maxfilesizearray['maxmin'];
if ($maxmin > 0) {
print '<input type="hidden" name="MAX_FILE_SIZE" value="'.($maxmin * 1024).'">'; // MAX_FILE_SIZE must precede the field type=file
}
print '<input type="file" class="flat" name="photo" id="photoinput">';
print '</td></tr>';
print '</table>';
print '</td></tr>';
// Name
print '<tr><td>'.$langs->trans("Lastname").' / '.$langs->trans("Label").'</td><td colspan="3">'.$object->lastname.'</td></tr>';
print '<tr><td>'.$langs->trans("Firstname").'</td><td colspan="3">'.$object->firstname.'</td>';
print '<tr><td>'.$langs->trans("Lastname").' / '.$langs->trans("Label").'</td><td>'.$object->lastname.'</td></tr>';
print '<tr><td>'.$langs->trans("Firstname").'</td><td>'.$object->firstname.'</td>';
// Company
if (empty($conf->global->SOCIETE_DISABLE_CONTACTS)) {
@ -182,31 +162,62 @@ if ($action == 'edit') {
$objsoc = new Societe($db);
$objsoc->fetch($object->socid);
print '<tr><td>'.$langs->trans("ThirdParty").'</td><td colspan="3">'.$objsoc->getNomUrl(1).'</td>';
print '<tr><td>'.$langs->trans("ThirdParty").'</td><td>'.$objsoc->getNomUrl(1).'</td>';
} else {
print '<tr><td>'.$langs->trans("ThirdParty").'</td><td colspan="3">';
print '<tr><td>'.$langs->trans("ThirdParty").'</td><td>';
print $langs->trans("ContactNotLinkedToCompany");
print '</td></tr>';
}
}
// Civility
print '<tr><td>'.$langs->trans("UserTitle").'</td><td colspan="3">';
print '<tr><td><label for="civility_code">'.$langs->trans("UserTitle").'</label></td><td>';
print $object->getCivilityLabel();
//print $formcompany->select_civility(GETPOSTISSET("civility_code") ? GETPOST("civility_code", 'alpha') : $object->civility_code, 'civility_code');
print '</td></tr>';
// Photo
print '<tr class="hideonsmartphone">';
print '<td>'.$form->editfieldkey('PhotoFile', 'photoinput', '', $object, 0).'</td>';
print '<td>';
if ($object->photo) {
print $form->showphoto('contact', $object);
}
$caneditfield = 1;
if ($caneditfield) {
if ($object->photo) {
print "<br>\n";
}
print '<table class="nobordernopadding">';
if ($object->photo) {
print '<tr><td><input type="checkbox" class="flat photodelete" name="deletephoto" id="photodelete"> <label for="photodelete">'.$langs->trans("Delete").'</photo><br><br></td></tr>';
}
//print '<tr><td>'.$langs->trans("PhotoFile").'</td></tr>';
print '<tr><td>';
$maxfilesizearray = getMaxFileSizeArray();
$maxmin = $maxfilesizearray['maxmin'];
if ($maxmin > 0) {
print '<input type="hidden" name="MAX_FILE_SIZE" value="'.($maxmin * 1024).'">'; // MAX_FILE_SIZE must precede the field type=file
}
print '<input type="file" class="flat" name="photo" id="photoinput">';
print '</td></tr>';
print '</table>';
}
print '</td>';
print '</tr>';
// Date To Birth
print '<tr><td>'.$langs->trans("DateOfBirth").'</td><td>';
$form = new Form($db);
print $form->selectDate($object->birthday, 'birthday', 0, 0, 1, "perso", 1, 0);
print '</td>';
print '<td colspan="2">'.$langs->trans("Alert").': ';
print ' &nbsp; &nbsp; ';
print '<label for="birthday_alert">'.$langs->trans("BirthdayAlert").':</label> ';
if (!empty($object->birthday_alert)) {
print '<input type="checkbox" name="birthday_alert" checked></td>';
print '<input type="checkbox" id="birthday_alert" name="birthday_alert" checked>';
} else {
print '<input type="checkbox" name="birthday_alert"></td>';
print '<input type="checkbox" id="birthday_alert" name="birthday_alert">';
}
print '</td>';
print '</tr>';
print "</table>";

20
htdocs/contrat/class/contrat.class.php
View File

@ -2075,19 +2075,19 @@ class Contrat extends CommonObject
$dataparams = '';
if (getDolGlobalInt('MAIN_ENABLE_AJAX_TOOLTIP')) {
$classfortooltip = 'classforajaxtooltip';
$dataparams = ' data-params='.json_encode($params);
// $label = $langs->trans('Loading');
$dataparams = ' data-params="'.dol_escape_htmltag(json_encode($params)).'"';
$label = '';
} else {
$label = implode($this->getTooltipContentArray($params));
}
$label = implode($this->getTooltipContentArray($params));
$linkclose = '';
if (empty($notooltip) && $user->hasRight('contrat', 'lire')) {
if (!empty($conf->global->MAIN_OPTIMIZEFORTEXTBROWSER)) {
$label = $langs->trans("ShowContract");
$linkclose .= ' alt="'.dol_escape_htmltag($label, 1).'"';
}
$linkclose .= ' title="'.dol_escape_htmltag($label, 1).'"';
$linkclose .= ($label ? ' title="'.dol_escape_htmltag($label, 1).'"' : ' title="tocomplete"');
$linkclose .= $dataparams.' class="'.$classfortooltip.'"';
}
$linkstart = '<a href="'.$url.'"';
@ -3163,11 +3163,13 @@ class ContratLigne extends CommonObjectLine
'objecttype' => $this->element,
];
$classfortooltip = 'classforajaxtooltip';
$dataparams = ' data-params='.json_encode($params);
// $label = $langs->trans('Loading');
$dataparams = ' data-params="'.dol_escape_htmltag(json_encode($params)).'"';
$label = '';
}
$link = '<a href="'.DOL_URL_ROOT.'/contrat/card.php?id='.$this->fk_contrat;
$link = '"'.$dataparams.' title="'.dol_escape_htmltag($label, 1).'" class="'.$classfortooltip.'">';
$link = '<a href="'.DOL_URL_ROOT.'/contrat/card.php?id='.$this->fk_contrat.'"';
$link .= ($label ? ' title="'.dol_escape_htmltag($label, 1).'"' : ' title="tocomplete"');
$link .= $dataparams.' class="'.$classfortooltip.'">';
$linkend = '</a>';
$picto = 'service';

33
htdocs/core/ajax/ajaxcompanies.php
View File

@ -31,6 +31,14 @@ if (!defined('NOREQUIRESOC')) define('NOREQUIRESOC', '1');
// Load Dolibarr environment
require '../../main.inc.php';
require_once DOL_DOCUMENT_ROOT.'/societe/class/societe.class.php';
$object = new Societe($db);
$usesublevelpermission = '';
// Security check
restrictedArea($user, $object->module, $object, $object->table_element, $usesublevelpermission);
/*
@ -54,9 +62,9 @@ if (GETPOST('newcompany') || GETPOST('socid', 'int') || GETPOST('id_fourn')) {
$return_arr = array();
// Define filter on text typed
$socid = $_GET['newcompany'] ? $_GET['newcompany'] : '';
if (!$socid) $socid = $_GET['socid'] ? $_GET['socid'] : '';
if (!$socid) $socid = $_GET['id_fourn'] ? $_GET['id_fourn'] : '';
$socid = GETPOST('newcompany');
if (!$socid) $socid = GETPOST('socid');
if (!$socid) $socid = GETPOST('id_fourn');
$sql = "SELECT s.rowid, s.nom, s.name_alias, s.code_client, s.code_fournisseur, s.address, s.zip, s.town, s.email, s.siren, s.siret, s.ape, s.idprof4, s.client, s.fournisseur, s.datec, s.logo";
$sql .= " , c.label as country, d.nom as departement";
@ -68,17 +76,22 @@ if (GETPOST('newcompany') || GETPOST('socid', 'int') || GETPOST('id_fourn')) {
$sql .= " AND (";
// Add criteria on name/code
if (!empty($conf->global->COMPANY_DONOTSEARCH_ANYWHERE)) { // Can use index
$sql .= "s.nom LIKE '".$db->escape($socid)."%'";
$sql .= " OR s.code_client LIKE '".$db->escape($socid)."%'";
$sql .= " OR s.code_fournisseur LIKE '".$db->escape($socid)."%'";
$sql .= "s.nom LIKE '".$db->escape($db->escapeforlike($socid))."%'";
$sql .= " OR s.code_client LIKE '".$db->escape($db->escapeforlike($socid))."%'";
$sql .= " OR s.code_fournisseur LIKE '".$db->escape($db->escapeforlike($socid))."%'";
} else {
$sql .= "s.nom LIKE '%".$db->escape($socid)."%'";
$sql .= " OR s.code_client LIKE '%".$db->escape($socid)."%'";
$sql .= " OR s.code_fournisseur LIKE '%".$db->escape($socid)."%'";
$sql .= "s.nom LIKE '%".$db->escape($db->escapeforlike($socid))."%'";
$sql .= " OR s.code_client LIKE '%".$db->escape($db->escapeforlike($socid))."%'";
$sql .= " OR s.code_fournisseur LIKE '%".$db->escape($db->escapeforlike($socid))."%'";
}
if (!empty($conf->global->SOCIETE_ALLOW_SEARCH_ON_ROWID)) {
$sql .= " OR s.rowid = ".((int) $socid);
}
if (!empty($conf->global->SOCIETE_ALLOW_SEARCH_ON_ROWID)) $sql .= " OR s.rowid = '".$db->escape($socid)."'";
$sql .= ")";
}
if ($user->socid > 0) {
$sql .= " AND s.rowid = ".((int) $user->socid);
}
//if (GETPOST("filter")) $sql.= " AND (".GETPOST("filter", "alpha").")"; // Add other filters
$sql .= " ORDER BY s.nom ASC";

13
htdocs/core/ajax/ajaxdirpreview.php
View File

@ -117,14 +117,14 @@ if (empty($url)) { // autoset $url but it is better to have it defined before in
// Load translation files required by the page
$langs->loadLangs(array("ecm", "companies", "other"));
if (empty($modulepart)) {
$modulepart = $module;
}
// Security check
if ($user->socid > 0) {
$socid = $user->socid;
}
//print 'xxx'.$upload_dir;
// Security:
// On interdit les remontees de repertoire ainsi que les pipe dans les noms de fichiers.
if (preg_match('/\.\./', $upload_dir) || preg_match('/[<>|]/', $upload_dir)) {
dol_syslog("Refused to deliver file ".$upload_dir);
@ -132,11 +132,6 @@ if (preg_match('/\.\./', $upload_dir) || preg_match('/[<>|]/', $upload_dir)) {
dol_print_error(0, $langs->trans("ErrorFileNameInvalid", $upload_dir));
exit;
}
if (empty($modulepart)) {
$modulepart = $module;
}
// Check permissions
if ($modulepart == 'ecm') {
if (!$user->hasRight('ecm', 'read')) {

2
htdocs/core/ajax/ajaxdirtree.php
View File

@ -103,7 +103,7 @@ if (empty($modulepart)) {
$modulepart = $module;
}
// Check permissions
// Security check
if ($modulepart == 'ecm') {
if (!$user->hasRight('ecm', 'read')) {
accessforbidden();

1
htdocs/core/ajax/ajaxinvoiceline.php
View File

@ -39,7 +39,6 @@ $action = GETPOST('action', 'aZ09');
$htmlname = GETPOST('htmlname', 'alpha');
// Security check
restrictedArea($user, 'facture', $invoice_id, '', '', 'fk_soc', 'rowid');

221
htdocs/core/ajax/ajaxtooltip.php
View File

@ -1,5 +1,5 @@
<?php
/* Copyright (C) 2007-2018 Laurent Destailleur <eldy@users.sourceforge.net>
/* Copyright (C) 2007-2023 Laurent Destailleur <eldy@users.sourceforge.net>
* Copyright (C) 2018-2023 Frédéric France <frederic.france@netlogic.fr>
*
* This program is free software; you can redistribute it and/or modify
@ -22,7 +22,6 @@
* \brief This script returns content of tooltip
*/
if (!defined('NOTOKENRENEWAL')) {
define('NOTOKENRENEWAL', 1); // Disables token renewal
}
@ -36,17 +35,13 @@ if (!defined('NOREQUIREAJAX')) {
define('NOREQUIREAJAX', '1');
}
include '../../main.inc.php';
include_once DOL_DOCUMENT_ROOT.'/core/lib/functions2.lib.php';
include_once DOL_DOCUMENT_ROOT.'/core/class/html.form.class.php';
top_httphead();
// opensurvey as aZ09 id
$id = GETPOST('id', 'aZ09');
$objecttype = GETPOST('objecttype', 'aZ09');
$objecttype = GETPOST('objecttype', 'aZ09arobase'); // 'module' or 'myobject@mymodule', 'mymodule_myobject'
$html = '';
$regs = array();
$params = array();
if (GETPOSTISSET('infologin')) {
$params['infologin'] = GETPOST('infologin', 'int');
@ -54,182 +49,42 @@ if (GETPOSTISSET('infologin')) {
if (GETPOSTISSET('option')) {
$params['option'] = GETPOST('option', 'restricthtml');
}
// If we ask a resource form external module (instead of default path)
if (preg_match('/^([^@]+)@([^@]+)$/i', $objecttype, $regs)) {
$myobject = $regs[1];
$module = $regs[2];
} else {
// Parse $objecttype (ex: project_task)
$module = $myobject = $objecttype;
if (preg_match('/^([^_]+)_([^_]+)/i', $objecttype, $regs)) {
$module = $regs[1];
$myobject = $regs[2];
}
}
// Generic case for $classpath
$classpath = $module.'/class';
// Special cases, to work with non standard path
if ($objecttype == 'facture' || $objecttype == 'invoice') {
$langs->load('bills');
$classpath = 'compta/facture/class';
$module = 'facture';
$myobject = 'facture';
} elseif ($objecttype == 'bank_account') {
$langs->loadLangs(['banks', 'compta']);
$classpath = 'compta/bank/class';
$module = 'banque';
$myobject = 'account';
} elseif ($objecttype == 'category') {
$langs->loadLangs(['categories']);
$classpath = 'categories/class';
$module = 'categorie';
$myobject = 'categorie';
} elseif ($objecttype == 'commande' || $objecttype == 'order') {
$langs->load('orders');
$classpath = 'commande/class';
$module = 'commande';
$myobject = 'commande';
} elseif ($objecttype == 'propal') {
$langs->load('propal');
$classpath = 'comm/propal/class';
} elseif ($objecttype == 'action') {
$langs->load('agenda');
$classpath = 'comm/action/class';
$module = 'agenda';
$myobject = 'actioncomm';
} elseif ($objecttype == 'supplier_proposal') {
$langs->load('supplier_proposal');
$classpath = 'supplier_proposal/class';
} elseif ($objecttype == 'shipping') {
$langs->load('sendings');
$classpath = 'expedition/class';
$myobject = 'expedition';
$module = 'expedition_bon';
} elseif ($objecttype == 'delivery') {
$langs->load('deliveries');
$classpath = 'delivery/class';
$myobject = 'delivery';
$module = 'delivery_note';
} elseif ($objecttype == 'contract') {
$langs->load('contracts');
$classpath = 'contrat/class';
$module = 'contrat';
$myobject = 'contrat';
} elseif ($objecttype == 'member') {
$classpath = 'adherents/class';
$module = 'adherent';
$myobject = 'adherent';
} elseif ($objecttype == 'fichinter') {
$langs->load('interventions');
$classpath = 'fichinter/class';
$module = 'ficheinter';
$myobject = 'fichinter';
} elseif ($objecttype == 'project') {
$langs->load('projects');
$classpath = 'projet/class';
$module = 'projet';
} elseif ($objecttype == 'project_task') {
$classpath = 'projet/class';
$module = 'projet';
$myobject = 'task';
} elseif ($objecttype == 'stock') {
$classpath = 'product/stock/class';
$module = 'stock';
$myobject = 'stock';
} elseif ($objecttype == 'inventory') {
$classpath = 'product/inventory/class';
$module = 'stock';
$myobject = 'inventory';
} elseif ($objecttype == 'mo') {
$classpath = 'mrp/class';
$module = 'mrp';
$myobject = 'mo';
} elseif ($objecttype == 'productlot') {
$classpath = 'product/stock/class';
$module = 'stock';
$myobject = 'productlot';
} elseif ($objecttype == 'usergroup') {
$classpath = 'user/class';
$module = 'user';
$myobject = 'usergroup';
} elseif ($objecttype == 'dolresource') {
$classpath = 'resource/class';
$module = 'resource';
$myobject = 'dolresource';
} elseif ($objecttype == 'opensurvey_sondage') {
$classpath = 'opensurvey/class';
$module = 'opensurvey';
$myobject = 'opensurveysondage';
} elseif ($objecttype == 'knowledgerecord') {
$classpath = 'knowledgemanagement/class';
$module = 'knowledgemanagement';
$myobject = 'knowledgerecord';
}
// Generic case for $classfile and $classname
$classfile = strtolower($myobject);
$classname = ucfirst($myobject);
if ($objecttype == 'invoice_supplier') {
$classfile = 'fournisseur.facture';
$classname = 'FactureFournisseur';
$classpath = 'fourn/class';
$module = 'fournisseur';
} elseif ($objecttype == 'order_supplier') {
$classfile = 'fournisseur.commande';
$classname = 'CommandeFournisseur';
$classpath = 'fourn/class';
$module = 'fournisseur';
} elseif ($objecttype == 'supplier_proposal') {
$classfile = 'supplier_proposal';
$classname = 'SupplierProposal';
$classpath = 'supplier_proposal/class';
$module = 'supplier_proposal';
} elseif ($objecttype == 'stock') {
$classpath = 'product/stock/class';
$classfile = 'entrepot';
$classname = 'Entrepot';
} elseif ($objecttype == 'facturerec') {
$classpath = 'compta/facture/class';
$classfile = 'facture-rec';
$classname = 'FactureRec';
$module = 'facture';
} elseif ($objecttype == 'mailing') {
$classpath = 'comm/mailing/class';
$classfile = 'mailing';
$classname = 'Mailing';
} elseif ($objecttype == 'adherent_type') {
$classpath = 'adherents/class';
$classfile = 'adherent_type';
$module = 'adherent';
$myobject = 'adherent_type';
$classname = 'AdherentType';
} elseif ($objecttype == 'contact') {
$module = 'societe';
} elseif ($objecttype == 'salary') {
$classpath = 'salaries/class';
$module = 'salaries';
}
// print "objecttype=".$objecttype." module=".$module." subelement=".$subelement." classfile=".$classfile." classname=".$classname." classpath=".$classpath."<br>";
if (isModEnabled($module)) {
$res = dol_include_once('/'.$classpath.'/'.$classfile.'.class.php');
if ($res) {
if (class_exists($classname)) {
$object = new $classname($db);
$res = $object->fetch($id);
if ($res > 0) {
$html = $object->getTooltipContent($params);
} elseif ($res == 0) {
$html = $langs->trans('Deleted');
}
unset($object);
} else {
dol_syslog("Class with classname ".$classname." is unknown even after the include", LOG_ERR);
}
// Load object according to $element
$object = fetchObjectByElement($id, $objecttype);
if (empty($object->element)) {
httponly_accessforbidden('Failed to get object with fetchObjectByElement(id='.$id.', objectype='.$objecttype.')');
}
$module = $object->module;
$element = $object->element;
$usesublevelpermission = ($module != $element ? $element : '');
if ($usesublevelpermission && !isset($user->rights->$module->$element)) { // There is no permission on object defined, we will check permission on module directly
$usesublevelpermission = '';
}
//print $object->id.' - '.$object->module.' - '.$object->element.' - '.$object->table_element.' - '.$usesublevelpermission."\n";
// Security check
restrictedArea($user, $object->module, $object, $object->table_element, $usesublevelpermission);
/*
* View
*/
top_httphead();
$html = '';
if (is_object($object)) {
if ($object->id > 0 || !empty($object->ref)) {
$html = $object->getTooltipContent($params);
} elseif ($res == 0) {
$html = $langs->trans('Deleted');
}
unset($object);
}
print $html;

3
htdocs/core/ajax/bankconciliate.php
View File

@ -44,6 +44,9 @@ require_once DOL_DOCUMENT_ROOT.'/compta/bank/class/account.class.php';
$action = GETPOST('action', 'aZ09');
// Security check
// Checks are done later
/*
* View

12
htdocs/core/ajax/box.php
View File

@ -18,7 +18,7 @@
/**
* \file htdocs/core/ajax/box.php
* \brief File to return Ajax response on Box move or close
* \brief File to return Ajax response on a Box move or close
*/
if (!defined('NOTOKENRENEWAL')) {
@ -46,16 +46,16 @@ $boxorder = GETPOST('boxorder');
$zone = GETPOST('zone', 'int');
$userid = GETPOST('userid', 'int');
// Security check
if ($userid != $user->id) {
httponly_accessforbidden('Bad userid parameter. Must match logged user.');
}
/*
* View
*/
// Ajout directives pour resoudre bug IE
//header('Cache-Control: Public, must-revalidate');
//header('Pragma: public');
//top_htmlhead("", "", 1); // Replaced with top_httphead. An ajax page does not need html header.
top_httphead();
print '<!-- Ajax page called with url '.dol_escape_htmltag($_SERVER["PHP_SELF"]).'?'.dol_escape_htmltag($_SERVER["QUERY_STRING"]).' -->'."\n";

18
htdocs/core/ajax/check_notifications.php
View File

@ -44,6 +44,9 @@ $time = dol_now();
$action = GETPOST('action', 'aZ09');
$listofreminderids = GETPOST('listofreminderids', 'aZ09');
// Security check
// No permission check at top, but action later are all done with a test on $user->id.
/*
* Actions
@ -68,6 +71,7 @@ if ($action == 'stopreminder') {
// Clean database
$sql = 'DELETE FROM '.MAIN_DB_PREFIX.'actioncomm_reminder';
$sql .= " WHERE dateremind < '".$db->idate(dol_time_plus_duree(dol_now(), -1, 'm'))."'";
$sql .= " AND fk_user = ".((int) $user->id).' AND entity = '.((int) $conf->entity);
$resql = $db->query($sql);
if (!$resql) {
dol_print_error($db);
@ -124,18 +128,10 @@ if (empty($_SESSION['auto_check_events_not_before']) || $time >= $_SESSION['auto
$sql = 'SELECT a.id as id_agenda, a.code, a.datep, a.label, a.location, ar.rowid as id_reminder, ar.dateremind, ar.fk_user as id_user_reminder';
$sql .= ' FROM '.MAIN_DB_PREFIX.'actioncomm as a';
if (!empty($user->conf->MAIN_USER_WANT_ALL_EVENTS_NOTIFICATIONS)) {
$sql .= ' LEFT JOIN '.MAIN_DB_PREFIX.'actioncomm_reminder as ar ON a.id = ar.fk_actioncomm AND ar.fk_user = '.((int) $user->id);
$sql .= ' WHERE a.code <> "AC_OTH_AUTO"';
$sql .= ' AND (';
$sql .= " ar.typeremind = 'browser' AND ar.dateremind < '".$db->idate(dol_now())."' AND ar.status = 0 AND ar.entity = ".$conf->entity;
$sql .= ' )';
} else {
$sql .= ' JOIN '.MAIN_DB_PREFIX.'actioncomm_reminder as ar ON a.id = ar.fk_actioncomm AND ar.fk_user = '.((int) $user->id);
$sql .= " AND ar.typeremind = 'browser' AND ar.dateremind < '".$db->idate(dol_now())."' AND ar.status = 0 AND ar.entity = ".$conf->entity;
}
$sql .= ' INNER JOIN '.MAIN_DB_PREFIX.'actioncomm_reminder as ar ON a.id = ar.fk_actioncomm AND ar.fk_user = '.((int) $user->id);
$sql .= " AND ar.typeremind = 'browser' AND ar.dateremind < '".$db->idate(dol_now())."' AND ar.status = 0 AND ar.entity = ".((int) $conf->entity); // No sharing of entity for alerts
$sql .= $db->order('datep', 'ASC');
$sql .= ' LIMIT 10'; // Avoid too many notification at once
$sql .= $db->plimit(10); // Avoid too many notification at once
$resql = $db->query($sql);
if ($resql) {

20
htdocs/core/ajax/constantonoff.php
View File

@ -52,28 +52,26 @@ $name = GETPOST('name', 'alpha');
$entity = GETPOST('entity', 'int');
$value = (GETPOST('value', 'aZ09') != '' ? GETPOST('value', 'aZ09') : 1);
// Security check
if (empty($user->admin)) {
httponly_accessforbidden('This ajax component can be called by admin user only');
}
/*
* View
*/
// Ajout directives pour resoudre bug IE
//header('Cache-Control: Public, must-revalidate');
//header('Pragma: public');
//top_htmlhead("", "", 1); // Replaced with top_httphead. An ajax page does not need html header.
top_httphead();
//print '<!-- Ajax page called with url '.dol_escape_htmltag($_SERVER["PHP_SELF"]).'?'.dol_escape_htmltag($_SERVER["QUERY_STRING"]).' -->'."\n";
// Registering the new value of constant
if (!empty($action) && !empty($name)) {
if ($user->admin) {
if ($action == 'set') {
dolibarr_set_const($db, $name, $value, 'chaine', 0, '', $entity);
} elseif ($action == 'del') {
dolibarr_del_const($db, $name, $entity);
}
if ($action == 'set') {
dolibarr_set_const($db, $name, $value, 'chaine', 0, '', $entity);
} elseif ($action == 'del') {
dolibarr_del_const($db, $name, $entity);
}
} else {
http_response_code(403);

69
htdocs/core/ajax/extraparams.php
View File

@ -17,7 +17,8 @@
/**
* \file /htdocs/core/ajax/extraparams.php
* \brief File to make Ajax action on setting extra parameters of elements
* \brief File to make Ajax action on setting extra parameters of elements.
* Called bu bloc_showhide.tpl.php, itself called when MAIN_DISABLE_CONTACTS_TAB or MAIN_DISABLE_NOTES_TAB are set
*/
if (!defined('NOTOKENRENEWAL')) {
@ -39,10 +40,29 @@ if (!defined('NOREQUIRESOC')) {
include '../../main.inc.php';
$id = GETPOST('id', 'int');
$element = GETPOST('element', 'alpha');
$element = GETPOST('element', 'aZ09arobase');
$htmlelement = GETPOST('htmlelement', 'alpha');
$type = GETPOST('type', 'alpha');
// Load object according to $id and $element
$object = fetchObjectByElement($id, $element);
$module = $object->module;
$element = $object->element;
$usesublevelpermission = ($module != $element ? $element : '');
if ($usesublevelpermission && !isset($user->rights->$module->$element)) { // There is no permission on object defined, we will check permission on module directly
$usesublevelpermission = '';
}
//print $object->id.' - '.$object->module.' - '.$object->element.' - '.$object->table_element.' - '.$usesublevelpermission."\n";
// Security check
$result = restrictedArea($user, $object->module, $object, $object->table_element, $usesublevelpermission, 'fk_soc', 'rowid', 0, 1); // Call with mode return
if (!$result) {
httponly_accessforbidden('Not allowed by restrictArea');
}
/*
* View
*/
@ -57,47 +77,10 @@ if (!empty($id) && !empty($element) && !empty($htmlelement) && !empty($type)) {
dol_syslog("AjaxSetExtraParameters id=".$id." element=".$element." htmlelement=".$htmlelement." type=".$type." value=".$value, LOG_DEBUG);
$classpath = $subelement = $element;
if (is_object($object)) {
$params[$htmlelement] = array($type => $value);
$object->extraparams = array_merge($object->extraparams, $params);
// For compatibility
if ($element == 'order' || $element == 'commande') {
$classpath = $subelement = 'commande';
} elseif ($element == 'propal') {
$classpath = 'comm/propal';
$subelement = 'propal';
} elseif ($element == 'facture') {
$classpath = 'compta/facture';
$subelement = 'facture';
} elseif ($element == 'contract') {
$classpath = $subelement = 'contrat';
} elseif ($element == 'shipping') {
$classpath = $subelement = 'expedition';
} elseif ($element == 'deplacement') {
$classpath = 'compta/deplacement';
$subelement = 'deplacement';
} elseif ($element == 'order_supplier') {
$classpath = 'fourn';
$subelement = 'fournisseur.commande';
} elseif ($element == 'invoice_supplier') {
$classpath = 'fourn';
$subelement = 'fournisseur.facture';
$result = $object->setExtraParameters();
}
dol_include_once('/'.$classpath.'/class/'.$subelement.'.class.php');
if ($element == 'order_supplier') {
$classname = 'CommandeFournisseur';
} elseif ($element == 'invoice_supplier') {
$classname = 'FactureFournisseur';
} else {
$classname = ucfirst($subelement);
}
$object = new $classname($db);
$object->fetch($id);
$params[$htmlelement] = array($type => $value);
$object->extraparams = array_merge($object->extraparams, $params);
$result = $object->setExtraParameters();
}

10
htdocs/core/ajax/fetchKnowledgeRecord.php
View File

@ -36,7 +36,7 @@ if (!defined('NOREQUIREMENU')) {
define('NOREQUIREMENU', '1');
}
// If there is no need to load and show top and left menu
if (!empty($_GET['public'])) {
if (!empty($_GET['public'])) { // GETPOST() is not yet defined so we use $_GET
if (!defined("NOLOGIN")) {
define("NOLOGIN", '1');
}
@ -54,10 +54,10 @@ $idticketgroup = GETPOST('idticketgroup', 'aZ09');
$idticketgroup = GETPOST('idticketgroup', 'aZ09');
$lang = GETPOST('lang', 'aZ09');
/*if (defined("NOLOGIN") && !getDolGlobalString('TICKET_ENABLE_PUBLIC_INTERFACE')) {
// If we ask public content (so without login), we block if option TICKET_ENABLE_PUBLIC_INTERFACE is not enabled
httponly_accessforbidden('');
}*/
// Security check
if (!defined("NOLOGIN")) { // No need of restrictedArea if not logged: Later the select will filter on public articles only if not logged.
restrictedArea($user, 'knowledgemanagement', 0, 'knowledgemanagement_knowledgerecord', 'knowledgerecord');
}
/*

46
htdocs/core/ajax/fileupload.php
View File

@ -19,24 +19,25 @@
/**
* \file htdocs/core/ajax/fileupload.php
* \brief File to return Ajax response on file upload
*
* Option MAIN_USE_JQUERY_FILEUPLOAD must be enabled to have this feature working. Use is NOT secured !
*/
if (!defined('NOTOKENRENEWAL')) {
define('NOTOKENRENEWAL', '1');
}
if (!defined('NOREQUIREMENU')) {
define('NOREQUIREMENU', '1'); // If there is no menu to show
}
if (!defined('NOREQUIREHTML')) {
define('NOREQUIREHTML', '1'); // If we don't need to load the html.form.class.php
}
if (!defined('NOREQUIREAJAX')) {
define('NOREQUIREAJAX', '1');
}
if (!defined('NOREQUIRESOC')) {
define('NOREQUIRESOC', '1');
}
// Load Dolibarr environment
require '../../main.inc.php';
require_once DOL_DOCUMENT_ROOT.'/core/class/fileupload.class.php';
require_once DOL_DOCUMENT_ROOT.'/core/class/genericobject.class.php';
error_reporting(E_ALL | E_STRICT);
@ -44,14 +45,33 @@ error_reporting(E_ALL | E_STRICT);
//print_r($_GET);
//print 'upload_dir='.GETPOST('upload_dir');
$fk_element = GETPOST('fk_element', 'int');
$element = GETPOST('element', 'alpha');
$id = GETPOST('fk_element', 'int');
$element = GETPOST('element', 'alpha'); // 'myobject' (myobject=mymodule) or 'myobject@mymodule' or 'myobject_mysubobject' (myobject=mymodule)
$elementupload = $element;
$upload_handler = new FileUpload(null, $fk_element, $element);
// Load object according to $id and $element
$object = fetchObjectByElement($id, $element);
// Feature not enabled. Warning feature not used and not secured so disabled.
if (!getDolGlobalInt('MAIN_USE_JQUERY_FILEUPLOAD')) {
return;
$module = $object->module;
$element = $object->element;
$usesublevelpermission = ($module != $element ? $element : '');
if ($usesublevelpermission && !isset($user->rights->$module->$element)) { // There is no permission on object defined, we will check permission on module directly
$usesublevelpermission = '';
}
//print $object->id.' - '.$object->module.' - '.$object->element.' - '.$object->table_element.' - '.$usesublevelpermission."\n";
// Security check
if (!empty($user->socid)) {
$socid = $user->socid;
if (!empty($object->socid) && $socid != $object->socid) {
httponly_accessforbidden("Access on object not allowed for this external user."); // This includes the exit.
}
}
$result = restrictedArea($user, $object->module, $object, $object->table_element, $usesublevelpermission, 'fk_soc', 'rowid', 0, 1); // Call with mode return
if (!$result) {
httponly_accessforbidden('Not allowed by restrictArea');
}
@ -59,6 +79,8 @@ if (!getDolGlobalInt('MAIN_USE_JQUERY_FILEUPLOAD')) {
* View
*/
$upload_handler = new FileUpload(null, $id, $elementupload);
top_httphead();
header('Pragma: no-cache');

44
htdocs/core/ajax/flowjs-server.php
View File

@ -1,5 +1,5 @@
<?php
/* Copyright (C) 2012 Laurent Destailleur <eldy@users.sourceforge.net>
/* Copyright (C) 2023 Laurent Destailleur <eldy@users.sourceforge.net>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -16,8 +16,8 @@
*/
/**
* \file htdocs/core/ajax/bankconciliate.php
* \brief File to set data for bank concilation
* \file htdocs/core/ajax/flowjs-server.php
* \brief File to upload very large file, higher than PHP limit. Using flowjs library.
*/
if (!defined('NOTOKENRENEWAL')) {
@ -46,20 +46,33 @@ require '../../main.inc.php';
require_once DOL_DOCUMENT_ROOT.'/core/lib/files.lib.php';
$action = GETPOST('action', 'aZ09');
$module = GETPOST('module', 'aZ09');
$upload_dir = GETPOST('upload_dir', 'alpha');
$module = GETPOST('module', 'aZ09arobase');
$flowFilename = GETPOST('flowFilename', 'alpha');
$flowIdentifier = GETPOST('flowIdentifier', 'alpha');
$flowChunkNumber = GETPOST('flowChunkNumber', 'alpha');
$flowChunkSize = GETPOST('flowChunkSize', 'alpha');
$flowTotalSize = GETPOST('flowTotalSize', 'alpha');
$result = restrictedArea($user, $module, 0, '', 0, 'fk_soc', 'rowid', 0, 1); // Call with mode return
if ($action != 'upload') {
httponly_accessforbidden("Param action must be 'upload'");
}
if (!empty($conf->$module->dir_temp)) {
$upload_dir = $conf->$module->dir_temp;
} else {
httponly_accessforbidden("Param module does not has a dir_temp directory. Module does not exists or is not activated.");
}
/*
* Action
*/
top_httphead();
dol_syslog(join(',', $_GET));
$result = false;
@ -123,19 +136,19 @@ if ($result) {
/**
* Check if all the parts exist, and
* gather all the parts of the file together
* @param string $temp_dir - the temporary directory holding all the parts of the file
* @param string $upload_dir - the temporary directory to create file
* @param string $fileName - the original file name
* @param string $chunkSize - each chunk size (in bytes)
* @param string $totalSize - original file size (in bytes)
* @return bool true if Ok false else
* Check if all the parts exist, and gather all the parts of the file together.
*
* @param string $temp_dir the temporary directory holding all the parts of the file
* @param string $upload_dir the temporary directory to create file
* @param string $fileName the original file name
* @param string $chunkSize each chunk size (in bytes)
* @param string $totalSize original file size (in bytes)
* @return bool true if Ok false else
*/
function createFileFromChunks($temp_dir, $upload_dir, $fileName, $chunkSize, $totalSize)
{
dol_syslog(__METHOD__, LOG_DEBUG);
// count all the parts of this file
$total_files = 0;
$files = dol_dir_list($temp_dir, 'files');
@ -164,5 +177,6 @@ function createFileFromChunks($temp_dir, $upload_dir, $fileName, $chunkSize, $to
// concurrent chunks uploads)
@rename($temp_dir, $temp_dir.'_UNUSED');
}
return true;
}

3
htdocs/core/ajax/getaccountcurrency.php
View File

@ -35,6 +35,9 @@ require '../../main.inc.php';
$id = GETPOST('id', 'int');
// Security check
$result = restrictedArea($user, 'banque', $id, 'bank_account&bank_account');
/*
* View

27
htdocs/core/ajax/loadinplace.php
View File

@ -17,7 +17,7 @@
/**
* \file htdocs/core/ajax/loadinplace.php
* \brief File to load field value
* \brief File to load field value. used only when option "Edit In Place" is set (MAIN_USE_JQUERY_JEDITABLE).
*/
if (!defined('NOTOKENRENEWAL')) {
@ -41,6 +41,30 @@ $field = GETPOST('field', 'alpha');
$element = GETPOST('element', 'alpha');
$table_element = GETPOST('table_element', 'alpha');
$fk_element = GETPOST('fk_element', 'alpha');
$id = $fk_element;
// Load object according to $id and $element
$object = fetchObjectByElement($id, $element);
$module = $object->module;
$element = $object->element;
$usesublevelpermission = ($module != $element ? $element : '');
if ($usesublevelpermission && !isset($user->rights->$module->$element)) { // There is no permission on object defined, we will check permission on module directly
$usesublevelpermission = '';
}
//print $object->id.' - '.$object->module.' - '.$object->element.' - '.$object->table_element.' - '.$usesublevelpermission."\n";
// Security check
$result = restrictedArea($user, $object->module, $object, $object->table_element, $usesublevelpermission, 'fk_soc', 'rowid', 0, 1); // Call with mode return
if (!$result) {
httponly_accessforbidden('Not allowed by restrictArea');
}
if (!getDolGlobalString('MAIN_USE_JQUERY_JEDITABLE')) {
httponly_accessforbidden('Can be used only when option MAIN_USE_JQUERY_JEDITABLE is set');
}
/*
* View
@ -94,6 +118,7 @@ if (!empty($field) && !empty($element) && !empty($table_element) && !empty($fk_e
}
} elseif (!empty($ext_element)) {
$module = $subelement = $ext_element;
$regs = array();
if (preg_match('/^([^_]+)_([^_]+)/i', $ext_element, $regs)) {
$module = $regs[1];
$subelement = $regs[2];

13
htdocs/core/ajax/locationincoterms.php
View File

@ -43,6 +43,12 @@ if (!defined('NOREQUIRESOC')) {
require '../../main.inc.php';
require_once DOL_DOCUMENT_ROOT.'/core/class/html.form.class.php';
// Security check
if (!isModEnabled('incoterm')) {
httponly_accessforbidden("Module incoterm not enabled"); // This includes the exit.
}
// There is no other permission on this component. Everybody connected can read content of the incoterm table
/*
* View
@ -70,13 +76,12 @@ if (GETPOST('location_incoterms')) {
if (!empty($conf->global->MAIN_USE_LOCATION_INCOTERMS_DICTIONNARY)) { // Use location_incoterms
$sql = "SELECT z.location as location_incoterms, z.label as label";
$sql .= " FROM ".MAIN_DB_PREFIX."c_location_incoterms as z";
$sql .= " WHERE z.active = 1 AND UPPER(z.location) LIKE UPPER('%".$db->escape($location_incoterms)."%')";
$sql .= " WHERE z.active = 1 AND z.location LIKE '%".$db->escape($db->escapeforlike($location_incoterms))."%'";
$sql .= " ORDER BY z.location";
$sql .= $db->plimit(100); // Avoid pb with bad criteria
} else // Use table of commande
{
} else { // Use table of sale orders
$sql = "SELECT DISTINCT s.location_incoterms FROM ".MAIN_DB_PREFIX.'commande as s';
$sql .= " WHERE UPPER(s.location_incoterms) LIKE UPPER('%".$db->escape($location_incoterms)."%')";
$sql .= " WHERE s.location_incoterms LIKE '%".$db->escape($db->escapeforlike($location_incoterms))."%'";
//Todo: merge with data from table of supplier order
/* $sql .=" UNION";

53
htdocs/core/ajax/objectonoff.php
View File

@ -18,7 +18,7 @@
/**
* \file htdocs/core/ajax/objectonoff.php
* \brief File to set status for an object
* This Ajax service is called when option MAIN_DIRECT_STATUS_UPDATE is set.
* This Ajax service is oftenly called when option MAIN_DIRECT_STATUS_UPDATE is set.
*/
if (!defined('NOTOKENRENEWAL')) {
@ -45,37 +45,46 @@ require '../../main.inc.php';
require_once DOL_DOCUMENT_ROOT.'/core/class/genericobject.class.php';
$action = GETPOST('action', 'aZ09');
$id = GETPOST('id', 'int');
$value = GETPOST('value', 'int');
$element = GETPOST('element', 'alpha'); // 'myobject' (myobject=mymodule) or 'myobject@mymodule' or 'myobject_mysubobject' (myobject=mymodule)
$field = GETPOST('field', 'alpha');
$element = GETPOST('element', 'alpha');
$value = GETPOST('value', 'int');
$format = 'int';
$object = new GenericObject($db);
$tablename = $element;
if ($tablename == 'websitepage') {
$tablename = 'website_page';
// Load object according to $id and $element
$object = fetchObjectByElement($id, $element);
if (!is_object($object)) {
httponly_accessforbidden("Bad value for combination of parameters element/field: Object not found."); // This includes the exit.
}
$object->table_element = $tablename;
$object->id = $id;
$object->fields[$field] = array('type' => $format, 'enabled' => 1);
$module = $object->module;
$element = $object->element;
$usesublevelpermission = ($module != $element ? $element : '');
if ($usesublevelpermission && !isset($user->rights->$module->$element)) { // There is no permission on object defined, we will check permission on module directly
$usesublevelpermission = '';
}
//print $object->id.' - '.$object->module.' - '.$object->element.' - '.$object->table_element.' - '.$usesublevelpermission."\n";
// Security check
if (!empty($user->socid)) {
$socid = $user->socid;
if (!empty($object->socid) && $socid != $object->socid) {
httponly_accessforbidden("Access on object not allowed for this external user."); // This includes the exit.
}
}
//$user->hasRight('societe', 'lire') = 0;$user->rights->fournisseur->lire = 0;
//restrictedArea($user, 'societe', $id);
if (in_array($field, array('status'))) {
restrictedArea($user, $element, $id);
// We check permission.
// Check is done on $user->rights->element->create or $user->rights->element->subelement->create (because $action = 'set')
if (preg_match('/status$/', $field)) {
restrictedArea($user, $object->module, $object, $object->table_element, $usesublevelpermission);
} elseif ($element == 'product' && in_array($field, array('tosell', 'tobuy', 'tobatch'))) { // Special case for products
restrictedArea($user, 'produit|service', $id, 'product&product', '', '', 'rowid');
restrictedArea($user, 'produit|service', $object, 'product&product', '', '', 'rowid');
} else {
httponly_accessforbidden("Bad value for combination of parameters element/field.");
httponly_accessforbidden("Bad value for combination of parameters element/field: Field not supported."); // This includes the exit.
}
@ -89,7 +98,7 @@ print '<!-- Ajax page called with url '.dol_escape_htmltag($_SERVER["PHP_SELF"])
// Registering new values
if (($action == 'set') && !empty($id)) {
$triggerkey = strtoupper($element).'_UPDATE';
$triggerkey = strtoupper(($module != $element ? $module.'_' : '').$element).'_UPDATE';
// Special case
if ($triggerkey == 'SOCIETE_UPDATE') {
$triggerkey = 'COMPANY_MODIFY';
@ -98,5 +107,11 @@ if (($action == 'set') && !empty($id)) {
$triggerkey = 'PRODUCT_MODIFY';
}
$object->setValueFrom($field, $value, $tablename, $id, $format, '', $user, $triggerkey);
$result = $object->setValueFrom($field, $value, $object->table_element, $id, $format, '', $user, $triggerkey);
if ($result < 0) {
print $object->error;
http_response_code(500);
exit;
}
}

2
htdocs/core/ajax/onlineSign.php
View File

@ -66,7 +66,7 @@ $response = "";
$type = $mode;
// Check securitykey
// Security check
$securekeyseed = '';
if ($type == 'proposal') {
$securekeyseed = getDolGlobalString('PROPOSAL_ONLINE_SIGNATURE_SECURITY_TOKEN');

5
htdocs/core/ajax/pingresult.php
View File

@ -50,15 +50,16 @@ $hash_algo = GETPOST('hash_algo', 'alpha');
// Security check
// None.
// None. Beeing connected is enough.
$now = dol_now();
/*
* View
*/
$now = dol_now();
top_httphead();
print '<!-- Ajax page called with url '.dol_escape_htmltag($_SERVER["PHP_SELF"]).'?'.dol_escape_htmltag($_SERVER["QUERY_STRING"]).' -->'."\n";

4
htdocs/core/ajax/price.php
View File

@ -40,6 +40,10 @@ $output = GETPOST('output', 'alpha');
$amount = price2num(GETPOST('amount', 'alpha'));
$tva_tx = str_replace('*', '', GETPOST('tva_tx', 'alpha'));
// Security check
// None. This is a formatting only component.
/*
* View
*/

2
htdocs/core/ajax/row.php
View File

@ -49,7 +49,9 @@ if (!defined('NOREQUIRETRAN')) {
// Load Dolibarr environment
require '../../main.inc.php';
require_once DOL_DOCUMENT_ROOT.'/core/class/genericobject.class.php';
$hookmanager->initHooks(array('rowinterface'));
// Security check
// This is done later into view.

25
htdocs/core/ajax/saveinplace.php
View File

@ -17,7 +17,7 @@
/**
* \file htdocs/core/ajax/saveinplace.php
* \brief File to save field value
* \brief File to load field value. used only when option "Edit In Place" is set (MAIN_USE_JQUERY_JEDITABLE).
*/
if (!defined('NOTOKENRENEWAL')) {
@ -41,6 +41,7 @@ $field = GETPOST('field', 'alpha', 2);
$element = GETPOST('element', 'alpha', 2);
$table_element = GETPOST('table_element', 'alpha', 2);
$fk_element = GETPOST('fk_element', 'alpha', 2);
$id = $fk_element;
/* Example:
field:editval_ref_customer (8 first chars will removed to know name of property)
@ -54,6 +55,28 @@ savemethod:
savemethodname:
*/
// Load object according to $id and $element
$object = fetchObjectByElement($id, $element);
$module = $object->module;
$element = $object->element;
$usesublevelpermission = ($module != $element ? $element : '');
if ($usesublevelpermission && !isset($user->rights->$module->$element)) { // There is no permission on object defined, we will check permission on module directly
$usesublevelpermission = '';
}
//print $object->id.' - '.$object->module.' - '.$object->element.' - '.$object->table_element.' - '.$usesublevelpermission."\n";
// Security check
$result = restrictedArea($user, $object->module, $object, $object->table_element, $usesublevelpermission, 'fk_soc', 'rowid', 0, 1); // Call with mode return
if (!$result) {
httponly_accessforbidden('Not allowed by restrictArea');
}
if (!getDolGlobalString('MAIN_USE_JQUERY_JEDITABLE')) {
httponly_accessforbidden('Can be used only when option MAIN_USE_JQUERY_JEDITABLE is set');
}
/*
* View

7
htdocs/core/ajax/security.php
View File

@ -17,8 +17,8 @@
/**
* \file htdocs/core/ajax/security.php
* \brief This ajax component is used to generated hash keys for security purposes
* like key to use into URL to protect them.
* \brief This ajax component is used to generated hash keys for security purposes,
* like the key to use into URL to protect them.
*/
if (!defined('NOTOKENRENEWAL')) {
@ -46,6 +46,9 @@ require '../../main.inc.php';
$action = GETPOST('action');
// Security check
// None. This is public component with no effect on data.
/*
* View

50
htdocs/core/ajax/selectobject.php
View File

@ -38,33 +38,18 @@ if (!defined('NOREQUIRESOC')) {
// Load Dolibarr environment
require '../../main.inc.php';
require_once DOL_DOCUMENT_ROOT.'/core/class/html.form.class.php';
$objectdesc = GETPOST('objectdesc', 'alpha');
$htmlname = GETPOST('htmlname', 'aZ09');
$outjson = (GETPOST('outjson', 'int') ? GETPOST('outjson', 'int') : 0);
$id = GETPOST('id', 'int');
$filter = GETPOST('filter', 'alphanohtml');
/*
* View
*/
//print '<!-- Ajax page called with url '.dol_escape_htmltag($_SERVER["PHP_SELF"]).'?'.dol_escape_htmltag($_SERVER["QUERY_STRING"]).' -->'."\n";
//print_r($_GET);
require_once DOL_DOCUMENT_ROOT.'/core/class/html.form.class.php';
$form = new Form($db);
//$langs->load("companies");
top_httphead();
$filter = GETPOST('filter', 'alphanohtml'); // Universal Syntax filter
if (empty($htmlname)) {
return;
httponly_accessforbidden('Bad value for param htmlname');
}
$InfoFieldList = explode(":", $objectdesc);
$classname = $InfoFieldList[0];
$classpath = $InfoFieldList[1];
@ -75,16 +60,41 @@ if (!empty($classpath)) {
}
}
if (!is_object($objecttmp)) {
dol_syslog('Error bad param objectdesc', LOG_WARNING);
print 'Error bad param objectdesc';
httponly_accessforbidden('Bad value for param objectdesc');
}
/*
// Load object according to $id and $element
$object = fetchObjectByElement($id, $element);
$module = $object->module;
$element = $object->element;
$usesublevelpermission = ($module != $element ? $element : '');
if ($usesublevelpermission && !isset($user->rights->$module->$element)) { // There is no permission on object defined, we will check permission on module directly
$usesublevelpermission = '';
}
*/
// When used from jQuery, the search term is added as GET param "term".
$searchkey = (($id && GETPOST($id, 'alpha')) ? GETPOST($id, 'alpha') : (($htmlname && GETPOST($htmlname, 'alpha')) ? GETPOST($htmlname, 'alpha') : ''));
// Add a security test to avoid to get content of all tables
restrictedArea($user, $objecttmp->element, $id);
/*
* View
*/
//print '<!-- Ajax page called with url '.dol_escape_htmltag($_SERVER["PHP_SELF"]).'?'.dol_escape_htmltag($_SERVER["QUERY_STRING"]).' -->'."\n";
//print_r($_GET);
//$langs->load("companies");
$form = new Form($db);
top_httphead($outjson ? 'application/json' : 'text/html');
$arrayresult = $form->selectForFormsList($objecttmp, $htmlname, '', 0, $searchkey, '', '', '', 0, 1, 0, '', $filter);
$db->close();

7
htdocs/core/ajax/selectsearchbox.php
View File

@ -1,5 +1,5 @@
<?php
/* Copyright (C) 2015-2018 Laurent Destailleur <eldy@users.sourceforge.net>
/* Copyright (C) 2015-2023 Laurent Destailleur <eldy@users.sourceforge.net>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -18,7 +18,7 @@
/**
* \file htdocs/core/ajax/selectsearchbox.php
* \ingroup core
* \brief This script returns content of possible search
* \brief This script returns json array of possible searches or just set the array if called by an include
*/
// This script is called with a POST method or as an include.
@ -43,6 +43,9 @@ if (!isset($usedbyinclude) || empty($usedbyinclude)) {
$res = @include '../../main.inc.php';
// Security check
// None. Beeing connected is enough.
top_httphead('application/json');
if ($res == 'ERROR_NOT_LOGGED') {

11
htdocs/core/ajax/vatrates.php
View File

@ -17,7 +17,7 @@
/**
* \file htdocs/core/ajax/vatrates.php
* \brief File to load vat rates combobox
* \brief File to load vat rates combobox according to thirdparty ID. Values are returned in JSON format.
*/
if (!defined('NOTOKENRENEWAL')) {
@ -34,16 +34,20 @@ if (!defined('NOREQUIREAJAX')) {
require '../../main.inc.php';
$id = GETPOST('id', 'int');
$action = GETPOST('action', 'aZ09');
$action = GETPOST('action', 'aZ09'); // 'getSellerVATRates' or 'getBuyerVATRates'
$htmlname = GETPOST('htmlname', 'alpha');
$selected = (GETPOST('selected') ?GETPOST('selected') : '-1');
$productid = (GETPOST('productid', 'int') ?GETPOST('productid', 'int') : 0);
// Security check
$result = restrictedArea($user, 'societe', $id, '&societe', '', 'fk_soc', 'rowid', 0);
/*
* View
*/
top_httphead();
top_httphead('application/json');
//print '<!-- Ajax page called with url '.dol_escape_htmltag($_SERVER["PHP_SELF"]).'?'.dol_escape_htmltag($_SERVER["QUERY_STRING"]).' -->'."\n";
@ -63,7 +67,6 @@ if (!empty($id) && !empty($action) && !empty($htmlname)) {
}
$return = array();
$return['value'] = $form->load_tva('tva_tx', $selected, $seller, $buyer, $productid, 0, '', true);
$return['num'] = $form->num;
$return['error'] = $form->error;

22
htdocs/core/ajax/ziptown.php
View File

@ -42,6 +42,11 @@ if (!defined('NOREQUIRESOC')) {
require '../../main.inc.php';
require_once DOL_DOCUMENT_ROOT.'/core/class/html.formcompany.class.php';
// Security check
if (!getDolGlobalString('MAIN_USE_ZIPTOWN_DICTIONNARY')) {
// If MAIN_USE_ZIPTOWN_DICTIONNARY is set, we make a search into a public page. If not we search into societe so we must check we have read permission.
$result = restrictedArea($user, 'societe', 0, '&societe', '', 'fk_soc', 'rowid', 0);
}
/*
@ -53,11 +58,11 @@ require_once DOL_DOCUMENT_ROOT.'/core/class/html.formcompany.class.php';
//header('Pragma: public');
//top_htmlhead("", "", 1); // Replaced with top_httphead. An ajax page does not need html header.
top_httphead();
top_httphead('application/json');
//print '<!-- Ajax page called with url '.dol_escape_htmltag($_SERVER["PHP_SELF"]).'?'.dol_escape_htmltag($_SERVER["QUERY_STRING"]).' -->'."\n";
dol_syslog('ziptown call with MAIN_USE_ZIPTOWN_DICTIONNARY='.(empty($conf->global->MAIN_USE_ZIPTOWN_DICTIONNARY) ? '' : $conf->global->MAIN_USE_ZIPTOWN_DICTIONNARY));
dol_syslog('ziptown call with MAIN_USE_ZIPTOWN_DICTIONNARY='.getDolGlobalString('MAIN_USE_ZIPTOWN_DICTIONNARY'));
//var_dump($_GET);
// Generation of list of zip-town
@ -69,7 +74,7 @@ if (GETPOST('zipcode') || GETPOST('town')) {
$zipcode = GETPOST('zipcode');
$town = GETPOST('town');
if (!empty($conf->global->MAIN_USE_ZIPTOWN_DICTIONNARY)) { // Use zip-town table
if (getDolGlobalString('MAIN_USE_ZIPTOWN_DICTIONNARY')) { // Use zip-town table
$sql = "SELECT z.rowid, z.zip, z.town, z.fk_county, z.fk_pays as fk_country";
$sql .= ", c.rowid as fk_country, c.code as country_code, c.label as country";
$sql .= ", d.rowid as fk_county, d.code_departement as county_code, d.nom as county";
@ -80,15 +85,14 @@ if (GETPOST('zipcode') || GETPOST('town')) {
$sql .= " WHERE z.fk_pays = c.rowid";
$sql .= " AND z.active = 1 AND c.active = 1";
if ($zipcode) {
$sql .= " AND z.zip LIKE '".$db->escape($zipcode)."%'";
$sql .= " AND z.zip LIKE '".$db->escape($db->escapeforlike($zipcode))."%'";
}
if ($town) {
$sql .= " AND z.town LIKE '%".$db->escape($town)."%'";
$sql .= " AND z.town LIKE '%".$db->escape($db->escapeforlike($town))."%'";
}
$sql .= " ORDER BY z.zip, z.town";
$sql .= $db->plimit(100); // Avoid pb with bad criteria
} else // Use table of third parties
{
} else { // Use table of third parties
$sql = "SELECT DISTINCT s.zip, s.town, s.fk_departement as fk_county, s.fk_pays as fk_country";
$sql .= ", c.code as country_code, c.label as country";
$sql .= ", d.code_departement as county_code , d.nom as county";
@ -97,10 +101,10 @@ if (GETPOST('zipcode') || GETPOST('town')) {
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX.'c_country as c ON s.fk_pays = c.rowid';
$sql .= " WHERE";
if ($zipcode) {
$sql .= " s.zip LIKE '".$db->escape($zipcode)."%'";
$sql .= " s.zip LIKE '".$db->escape($db->escapeforlike($zipcode))."%'";
}
if ($town) {
$sql .= " s.town LIKE '%".$db->escape($town)."%'";
$sql .= " s.town LIKE '%".$db->escape($db->escapeforlike($town))."%'";
}
$sql .= " ORDER BY s.fk_pays, s.zip, s.town";
$sql .= $db->plimit(100); // Avoid pb with bad criteria

3
htdocs/core/boxes/box_members_by_tags.php
View File

@ -2,7 +2,7 @@
/* Copyright (C) 2003-2007 Rodolphe Quiedeville <rodolphe@quiedeville.org>
* Copyright (C) 2004-2017 Laurent Destailleur <eldy@users.sourceforge.net>
* Copyright (C) 2005-2012 Regis Houssin <regis.houssin@inodbox.com>
* Copyright (C) 2015-2020 Frederic France <frederic.france@netlogic.fr>
* Copyright (C) 2015-2023 Frédéric France <frederic.france@netlogic.fr>
* Copyright (C) 2021-2022 Waël Almoman <info@almoman.com>
*
* This program is free software; you can redistribute it and/or modify
@ -87,6 +87,7 @@ class box_members_by_tags extends ModeleBoxes
include_once DOL_DOCUMENT_ROOT . '/adherents/class/adherent.class.php';
$staticmember = new Adherent($this->db);
$now = dol_now();
$year = date('Y');
$numberyears = empty(getDolGlobalInt("MAIN_NB_OF_YEAR_IN_WIDGET_GRAPH")) ? 2 : getDolGlobalInt("MAIN_NB_OF_YEAR_IN_WIDGET_GRAPH");

67
htdocs/core/class/CMailFile.class.php
View File

@ -641,7 +641,7 @@ class CMailFile
*/
public function sendfile()
{
global $conf, $db, $langs;
global $conf, $db, $langs, $hookmanager;
$errorlevel = error_reporting();
//error_reporting($errorlevel ^ E_WARNING); // Desactive warnings
@ -649,8 +649,10 @@ class CMailFile
$res = false;
if (empty($conf->global->MAIN_DISABLE_ALL_MAILS)) {
require_once DOL_DOCUMENT_ROOT.'/core/class/hookmanager.class.php';
$hookmanager = new HookManager($db);
if (!is_object($hookmanager)) {
include_once DOL_DOCUMENT_ROOT.'/core/class/hookmanager.class.php';
$hookmanager = new HookManager($db);
}
$hookmanager->initHooks(array('mail'));
$parameters = array();
@ -686,6 +688,8 @@ class CMailFile
$this->error .= '<br>'.$langs->trans("MailSendSetupIs3", $conf->global->MAILING_SMTP_SETUP_EMAILS_FOR_QUESTIONS);
$this->errors[] = $langs->trans("MailSendSetupIs3", $conf->global->MAILING_SMTP_SETUP_EMAILS_FOR_QUESTIONS);
}
dol_syslog("CMailFile::sendfile: mail end error=".$this->error, LOG_WARNING);
return false;
}
@ -756,7 +760,7 @@ class CMailFile
// Use mail php function (default PHP method)
// ------------------------------------------
dol_syslog("CMailFile::sendfile addr_to=".$this->addr_to.", subject=".$this->subject, LOG_DEBUG);
dol_syslog("CMailFile::sendfile header=\n".$this->headers, LOG_DEBUG);
//dol_syslog("CMailFile::sendfile header=\n".$this->headers, LOG_DEBUG);
//dol_syslog("CMailFile::sendfile message=\n".$message);
// If Windows, sendmail_from must be defined
@ -845,7 +849,7 @@ class CMailFile
dol_syslog("CMailFile::sendfile: mail end error=".$this->error, LOG_ERR);
if (!empty($conf->global->MAIN_MAIL_DEBUG)) {
$this->save_dump_mail_in_err();
$this->save_dump_mail_in_err('Mail with topic '.$this->subject);
}
} else {
dol_syslog("CMailFile::sendfile: mail end success", LOG_DEBUG);
@ -995,7 +999,26 @@ class CMailFile
$this->dump_mail();
}
$result = $this->smtps->getErrors();
if (! $result) {
$smtperrorcode = $this->smtps->lastretval; // SMTP error code
dol_syslog("CMailFile::sendfile: mail SMTP error code ".$smtperrorcode, LOG_WARNING);
if ($smtperrorcode == '421') { // Try later
// TODO Add a delay and try again
/*
dol_syslog("CMailFile::sendfile: Try later error, so we wait and we retry");
sleep(2);
$result = $this->smtps->sendMsg();
if (!empty($conf->global->MAIN_MAIL_DEBUG)) {
$this->dump_mail();
}
*/
}
}
$result = $this->smtps->getErrors(); // applicative error code (not SMTP error code)
if (empty($this->error) && empty($result)) {
dol_syslog("CMailFile::sendfile: mail end success", LOG_DEBUG);
$res = true;
@ -1007,7 +1030,7 @@ class CMailFile
$res = false;
if (!empty($conf->global->MAIN_MAIL_DEBUG)) {
$this->save_dump_mail_in_err();
$this->save_dump_mail_in_err('Mail smtp error '.$smtperrorcode.' with topic '.$this->subject);
}
}
}
@ -1147,7 +1170,7 @@ class CMailFile
$res = false;
if (!empty($conf->global->MAIN_MAIL_DEBUG)) {
$this->save_dump_mail_in_err();
$this->save_dump_mail_in_err('Mail with topic '.$this->subject);
}
} else {
dol_syslog("CMailFile::sendfile: mail end success", LOG_DEBUG);
@ -1258,16 +1281,40 @@ class CMailFile
* Save content if mail is in error
* Used for debugging.
*
* @param string $message Add also a message
* @return void
*/
public function save_dump_mail_in_err()
public function save_dump_mail_in_err($message = '')
{
global $dolibarr_main_data_root;
if (@is_writeable($dolibarr_main_data_root)) { // Avoid fatal error on fopen with open_basedir
$srcfile = $dolibarr_main_data_root."/dolibarr_mail.log";
$destfile = $dolibarr_main_data_root."/dolibarr_mail.err";
// Add message to dolibarr_mail.log. We do not use dol_syslog() on purpose,
// to be sure to write into dolibarr_mail.log
if ($message) {
// Test constant SYSLOG_FILE_NO_ERROR (should stay a constant defined with define('SYSLOG_FILE_NO_ERROR',1);
if (defined('SYSLOG_FILE_NO_ERROR')) {
$filefd = @fopen($srcfile, 'a+');
} else {
$filefd = fopen($srcfile, 'a+');
}
if ($filefd) {
fwrite($filefd, $message."\n");
fclose($filefd);
dolChmod($srcfile);
}
}
// Move dolibarr_mail.log into a dolibarr_mail.err or dolibarr_mail.date.err
if (getDolGlobalString('MAIN_MAIL_DEBUG_ERR_WITH_DATE')) {
$destfile = $dolibarr_main_data_root."/dolibarr_mail.".dol_print_date(dol_now(), 'dayhourlog', 'gmt').".err";
} else {
$destfile = $dolibarr_main_data_root."/dolibarr_mail.err";
}
require_once DOL_DOCUMENT_ROOT.'/core/lib/files.lib.php';
dol_move($srcfile, $destfile, 0, 1, 0, 0);
}
}

12
htdocs/core/class/commondocgenerator.class.php
View File

@ -1582,7 +1582,7 @@ abstract class CommonDocGenerator
$colDef['title']['label'] = !empty($colDef['title']['label']) ? $colDef['title']['label'] : $outputlangs->transnoentities($colDef['title']['textkey']);
// Add column separator
if (!empty($colDef['border-left'])) {
if (!empty($colDef['border-left']) && isset($colDef['xStartPos'])) {
$pdf->line($colDef['xStartPos'], $tab_top, $colDef['xStartPos'], $tab_top + $tab_height);
}
@ -1599,17 +1599,21 @@ abstract class CommonDocGenerator
// set cell padding with column title definition
$pdf->setCellPaddings($colDef['title']['padding'][3], $colDef['title']['padding'][0], $colDef['title']['padding'][1], $colDef['title']['padding'][2]);
}
if (isset($colDef['title']['align'])) {
$align = $colDef['title']['align'];
} else {
$align = '';
}
$pdf->SetXY($colDef['xStartPos'], $tab_top);
$textWidth = $colDef['width'];
$pdf->MultiCell($textWidth, 2, $colDef['title']['label'], '', $colDef['title']['align']);
$pdf->MultiCell($textWidth, 2, $colDef['title']['label'], '', $align);
// Add variant of translation if $outputlangsbis is an object
if (is_object($outputlangsbis) && trim($colDef['title']['label'])) {
$pdf->setCellPaddings($colDef['title']['padding'][3], 0, $colDef['title']['padding'][1], $colDef['title']['padding'][2]);
$pdf->SetXY($colDef['xStartPos'], $pdf->GetY());
$textbis = $outputlangsbis->transnoentities($colDef['title']['textkey']);
$pdf->MultiCell($textWidth, 2, $textbis, '', $colDef['title']['align']);
$pdf->MultiCell($textWidth, 2, $textbis, '', $align);
}
$this->tabTitleHeight = max($pdf->GetY() - $tab_top, $this->tabTitleHeight);

64
htdocs/core/class/commonobject.class.php
View File

@ -86,6 +86,11 @@ abstract class CommonObject
*/
public $element;
/**
* @var int The related element
*/
public $fk_element;
/**
* @var string Name to use for 'features' parameter to check module permissions user->rights->feature with restrictedArea().
* Undefined means same value than $element. Can be use to force a check on another element for example for class of line, we mention here the parent element.
@ -391,6 +396,22 @@ abstract class CommonObject
*/
public $shipping_method_id;
/**
* @var string Shipping method label
* @see setShippingMethod()
*/
public $shipping_method;
/**
* @var string multicurrency code
*/
public $multicurrency_code;
/**
* @var string multicurrency tx
*/
public $multicurrency_tx;
/**
* @var string
* @see SetDocModel()
@ -710,19 +731,24 @@ abstract class CommonObject
{
global $action, $extrafields, $langs, $hookmanager;
$MAX_EXTRAFIELDS_TO_SHOW_IN_TOOLTIP = 5; // If there is too much extrafields, we do not include them into tooltip
$datas = $this->getTooltipContentArray($params);
// Add extrafields
if (!empty($extrafields->attributes[$this->table_element]['label'])) {
foreach ($extrafields->attributes[$this->table_element]['label'] as $key => $val) {
if (!empty($extrafields->attributes[$this->table_element]['langfile'][$key])) {
$langs->load($extrafields->attributes[$this->table_element]['langfile'][$key]);
}
$labelextra = $langs->trans((string) $extrafields->attributes[$this->table_element]['label'][$key]);
if ($extrafields->attributes[$this->table_element]['type'][$key] == 'separate') {
$datas[$key]= '<br><b><u>'. $labelextra . '</u></b>';
} else {
$value = $this->array_options['options_' . $key];
$datas[$key]= '<br><b>'. $labelextra . ':</b> ' . $extrafields->showOutputField($key, $value, '', $this->table_element);
if (count($extrafields->attributes[$this->table_element]['label']) < $MAX_EXTRAFIELDS_TO_SHOW_IN_TOOLTIP) {
foreach ($extrafields->attributes[$this->table_element]['label'] as $key => $val) {
if (!empty($extrafields->attributes[$this->table_element]['langfile'][$key])) {
$langs->load($extrafields->attributes[$this->table_element]['langfile'][$key]);
}
$labelextra = $langs->trans((string) $extrafields->attributes[$this->table_element]['label'][$key]);
if ($extrafields->attributes[$this->table_element]['type'][$key] == 'separate') {
$datas[$key]= '<br><b><u>'. $labelextra . '</u></b>';
} else {
$value = (empty($this->array_options['options_' . $key]) ? '' : $this->array_options['options_' . $key]);
$datas[$key]= '<br><b>'. $labelextra . ':</b> ' . $extrafields->showOutputField($key, $value, '', $this->table_element);
}
}
}
}
@ -2122,6 +2148,8 @@ abstract class CommonObject
$error = 0;
dol_syslog(__METHOD__, LOG_DEBUG);
$this->db->begin();
$sql = "UPDATE ".$this->db->prefix().$table." SET ";
@ -2146,7 +2174,6 @@ abstract class CommonObject
$sql .= " WHERE ".$id_field." = ".((int) $id);
dol_syslog(__METHOD__, LOG_DEBUG);
$resql = $this->db->query($sql);
if ($resql) {
if ($trigkey) {
@ -4623,7 +4650,7 @@ abstract class CommonObject
}
/**
* Function to check if an object is used by others.
* Function to check if an object is used by others (by children).
* Check is done into this->childtables. There is no check into llx_element_element.
*
* @param int $id Force id of object
@ -4644,8 +4671,8 @@ abstract class CommonObject
return -1;
}
$arraytoscan = $this->childtables;
// For backward compatibility, we check if array is old format array('table1', 'table2', ...)
$arraytoscan = $this->childtables; // array('tablename'=>array('fk_element'=>'parentfield'), ...) or array('tablename'=>array('parent'=>table_parent, 'parentkey'=>'nameoffieldforparentfkkey'), ...)
// For backward compatibility, we check if array is old format array('tablename1', 'tablename2', ...)
$tmparray = array_keys($this->childtables);
if (is_numeric($tmparray[0])) {
$arraytoscan = array_flip($this->childtables);
@ -4661,7 +4688,11 @@ abstract class CommonObject
if (!empty($element['parent']) && !empty($element['parentkey'])) {
$sql.= ", ".$this->db->prefix().$element['parent']." as p";
}
$sql.= " WHERE c.".$this->fk_element." = ".((int) $id);
if (!empty($element['fk_element'])) {
$sql.= " WHERE c.".$element['fk_element']." = ".((int) $id);
} else {
$sql.= " WHERE c.".$this->fk_element." = ".((int) $id);
}
if (!empty($element['parent']) && !empty($element['parentkey'])) {
$sql.= " AND c.".$element['parentkey']." = p.rowid";
}
@ -4675,6 +4706,7 @@ abstract class CommonObject
$sql.= " AND c.entity = ".((int) $entity);
}
}
$resql = $this->db->query($sql);
if ($resql) {
$obj = $this->db->fetch_object($resql);
@ -9684,7 +9716,7 @@ abstract class CommonObject
return -1;
}
}
} elseif (!empty($this->fk_element) && !empty($this->childtables)) { // If object has childs linked with a foreign key field, we check all child tables.
} elseif (!empty($this->childtables)) { // If object has childs linked with a foreign key field, we check all child tables.
$objectisused = $this->isObjectUsed($this->id);
if (!empty($objectisused)) {
dol_syslog(get_class($this)."::deleteCommon Can't delete record as it has some child", LOG_WARNING);

3
htdocs/core/class/extrafields.class.php
View File

@ -1124,6 +1124,9 @@ class ExtraFields
continue;
}
$valarray = explode('|', $val);
$val = $valarray[0];
if ($langfile && $val) {
$options[$okey] = $langs->trans($val);
} else {

35
htdocs/core/class/fileupload.class.php
View File

@ -19,8 +19,6 @@
/**
* \file htdocs/core/class/fileupload.class.php
* \brief File to return Ajax response on file upload
*
* Option MAIN_USE_JQUERY_FILEUPLOAD must be enabled to have feature working. Use is NOT secured !
*/
require_once DOL_DOCUMENT_ROOT.'/core/lib/files.lib.php';
@ -49,17 +47,13 @@ class FileUpload
global $object;
global $hookmanager;
// Feature not enabled. Warning feature not used and not secured so disabled.
if (!getDolGlobalInt('MAIN_USE_JQUERY_FILEUPLOAD')) {
return;
}
$hookmanager->initHooks(array('fileupload'));
$this->fk_element = $fk_element;
$this->element = $element;
$pathname = $filename = $element;
$regs = array();
if (preg_match('/^([^_]+)_([^_]+)/i', $element, $regs)) {
$pathname = $regs[1];
$filename = $regs[2];
@ -265,9 +259,6 @@ class FileUpload
*/
protected function getFileObject($file_name)
{
if (!getDolGlobalInt('MAIN_USE_JQUERY_FILEUPLOAD')) {
return null;
}
$file_path = $this->options['upload_dir'].$file_name;
if (is_file($file_path) && $file_name[0] !== '.') {
@ -309,10 +300,6 @@ class FileUpload
{
global $maxwidthmini, $maxheightmini;
if (!getDolGlobalInt('MAIN_USE_JQUERY_FILEUPLOAD')) {
return false;
}
$file_path = $this->options['upload_dir'].$file_name;
$new_file_path = $options['upload_dir'].$file_name;
@ -344,10 +331,6 @@ class FileUpload
*/
protected function validate($uploaded_file, $file, $error, $index)
{
if (!getDolGlobalInt('MAIN_USE_JQUERY_FILEUPLOAD')) {
return false;
}
if ($error) {
$file->error = $error;
return false;
@ -463,10 +446,6 @@ class FileUpload
*/
protected function handleFileUpload($uploaded_file, $name, $size, $type, $error, $index)
{
if (!getDolGlobalInt('MAIN_USE_JQUERY_FILEUPLOAD')) {
return null;
}
$file = new stdClass();
$file->name = $this->trimFileName($name, $type, $index);
$file->mime = dol_mimetype($file->name, '', 2);
@ -513,10 +492,6 @@ class FileUpload
*/
public function get()
{
if (!getDolGlobalInt('MAIN_USE_JQUERY_FILEUPLOAD')) {
return;
}
$file_name = isset($_REQUEST['file']) ?
basename(stripslashes($_REQUEST['file'])) : null;
if ($file_name) {
@ -535,10 +510,6 @@ class FileUpload
*/
public function post()
{
if (!getDolGlobalInt('MAIN_USE_JQUERY_FILEUPLOAD')) {
return;
}
if (isset($_REQUEST['_method']) && $_REQUEST['_method'] === 'DELETE') {
return $this->delete();
}
@ -594,10 +565,6 @@ class FileUpload
*/
public function delete()
{
if (!getDolGlobalInt('MAIN_USE_JQUERY_FILEUPLOAD')) {
return null;
}
$file_name = isset($_REQUEST['file']) ?
basename(stripslashes($_REQUEST['file'])) : null;
$file_path = $this->options['upload_dir'].$file_name;

Some files were not shown because too many files have changed in this diff Show More