diff --git a/.travis.yml b/.travis.yml index 22d4b2b0827..df6e24a7e02 100644 --- a/.travis.yml +++ b/.travis.yml @@ -9,6 +9,9 @@ dist: xenial language: php +git: + depth: 1 + # Start on every boot services: - memcached @@ -264,24 +267,27 @@ script: echo - | - echo "Checking PHP syntax errors" + echo "Checking PHP syntax errors (only 1 version to not overload travis and avoid duplicate tests)" # Ensure we catch errors set -e #parallel-lint --exclude htdocs/includes --blame . - parallel-lint --exclude dev/tools/test/namespacemig --exclude htdocs/includes/composer --exclude htdocs/includes/myclabs --exclude htdocs/includes/phpspec --exclude dev/initdata/dbf/includes \ - --exclude htdocs/includes/sabre --exclude htdocs/includes/phpoffice/PhpSpreadsheet --exclude htdocs/includes/sebastian \ - --exclude htdocs/includes/squizlabs/php_codesniffer --exclude htdocs/includes/jakub-onderka --exclude htdocs/includes/php-parallel-lint --exclude htdocs/includes/symfony \ - --exclude htdocs/includes/mike42/escpos-php/example --exclude htdocs/includes/maximebf \ - --exclude htdocs/includes/phpunit/ --exclude htdocs/includes/tecnickcom/tcpdf/include/barcodes --exclude htdocs/includes/webmozart --blame . + # Exclusions are defined in the ruleset.xml file + if [ "$TRAVIS_PHP_VERSION" = "7.4" ]; then + parallel-lint -e php --exclude dev/tools/test/namespacemig --exclude htdocs/includes/composer --exclude htdocs/includes/myclabs --exclude htdocs/includes/phpspec --exclude dev/initdata/dbf/includes \ + --exclude htdocs/includes/sabre --exclude htdocs/includes/phpoffice/PhpSpreadsheet --exclude htdocs/includes/sebastian \ + --exclude htdocs/includes/squizlabs/php_codesniffer --exclude htdocs/includes/jakub-onderka --exclude htdocs/includes/php-parallel-lint --exclude htdocs/includes/symfony \ + --exclude htdocs/includes/mike42/escpos-php/example --exclude htdocs/includes/maximebf \ + --exclude htdocs/includes/phpunit/ --exclude htdocs/includes/tecnickcom/tcpdf/include/barcodes --exclude htdocs/includes/webmozart --blame . + fi set +e echo - | - echo "Checking coding style (excluding Pull Requests builds to not overload travis, excluding also some jobs to avoid duplicate tests)" + echo "Checking coding style (only for Pull Requests builds and 1 version to not overload travis and avoid duplicate tests)" # Ensure we catch errors set -e # Exclusions are defined in the ruleset.xml file - if [ "$TRAVIS_PULL_REQUEST" = "false" ] && [ "$TRAVIS_PHP_VERSION" = "7.4" ] && [ "$DB" = "mysql" ]; then + if [ "$TRAVIS_PULL_REQUEST" = "false" ] && [ "$TRAVIS_PHP_VERSION" = "7.4" ]; then phpcs -s -p -d memory_limit=-1 --extensions=php --colors --tab-width=4 --standard=dev/setup/codesniffer/ruleset.xml --encoding=utf-8 --runtime-set ignore_warnings_on_exit true .; fi set +e @@ -401,8 +407,12 @@ script: php upgrade.php 13.0.0 14.0.0 ignoredbversion > $TRAVIS_BUILD_DIR/upgrade13001400.log php upgrade2.php 13.0.0 14.0.0 > $TRAVIS_BUILD_DIR/upgrade13001400-2.log php step5.php 13.0.0 14.0.0 > $TRAVIS_BUILD_DIR/upgrade13001400-3.log + ls -alrt $TRAVIS_BUILD_DIR/ +- | + echo "Enabling new modules" # Enable modules not enabled into original dump + cd htdocs/install php upgrade2.php 0.0.0 0.0.0 MAIN_MODULE_API,MAIN_MODULE_PRODUCTBATCH,MAIN_MODULE_SUPPLIERPROPOSAL,MAIN_MODULE_STRIPE > $TRAVIS_BUILD_DIR/enablemodule.log php upgrade2.php 0.0.0 0.0.0 MAIN_MODULE_WEBSITE,MAIN_MODULE_TICKET,MAIN_MODULE_ACCOUNTING,MAIN_MODULE_MRP >> $TRAVIS_BUILD_DIR/enablemodule.log php upgrade2.php 0.0.0 0.0.0 MAIN_MODULE_RECEPTION,MAIN_MODULE_RECRUITMENT >> $TRAVIS_BUILD_DIR/enablemodule.log diff --git a/ChangeLog b/ChangeLog index 50a0ff10131..1fdb321822f 100644 --- a/ChangeLog +++ b/ChangeLog @@ -10,13 +10,63 @@ For users: NEW: Module Recruitement to follow application to job positions is now stable. NEW: Feature to make Stock Inventories NEW: Several security issues after a second private bug hunting campaign. -NEW: Add a security center page with all information and advices related to the security of your instance -NEW: Add a performance center page with all information and advices related to the performance of your instance NEW: A lot of fix into english text after a small proofreading campaign (still not perfect, but really better) NEW: All main menu entries are using the picto of the module NEW: Add a copy to clipboard button on some fields -NEW: Add an example of scheduled job to send email reminder for unpayed invoices -NEW: Can make massive stock transfers from a CSV file. +NEW: Add an example of scheduled job to send email reminder for unpaid invoices +NEW: Add some color and picto for the direction of movement +NEW: add the column "Channel" into the list of orders +NEW: Add the column "alias" of company in the list of proposal, order, invoice +NEW: Add the column "Office phone" and "User mobile" in user list +NEW: Add the column "Price level" in thirdparty list +NEW: Add some company information in the dropdown login menu +NEW: Add edit/delete action icons on categories list pages +NEW: Add hidden option to auto load input line extrafield into new lines +NEW: Add import profile to import BOM +NEW: Add link picto to the stock movement on the detail of production +NEW: Add mass action "Set tag" for product/service, user, thirdparty, warehouse, project, bank account, members +NEW: Add bulk action Validate and Set to billed on order list. +NEW: Add possibility to exports userGroups fields on user exports +NEW: Can search on lots or serials into the quick search bar +NEW: Add support for Friday as a non working day +NEW: auto notification with module Notification can use templated emails +NEW: Can clone a cron job +NEW: Can create a lot from the list view (Look and feel standardization). +NEW: Can filter on extrafields date on lists +NEW: Can filter on rowid in list of blocked logs +NEW: Can hide columns "time consumed" on timesheet per week +NEW: Can set an employee on each social contribution +NEW: Can set order of execution of hooks +NEW: Can toggle FCKeditor on public/private notes +NEW: Check update availability for externals modules using a button on module page +NEW: Choose lines to use while creating intervention card from origin +NEW: Columns shipment method, payment mode, payment term in proposal and order list +NEW: Conf for default actioncomm status +NEW: Dictionary for availability - Add a column position +NEW: Can set a user related to a social contribution +NEW: ICS Direct debit can be set with a different value for each bank account +NEW: LDAP: usergroup search can be filtered +NEW: Make public bookmarks editable by admin users only +NEW: If main logo not defined, can use the squarred logo on login page +NEW: The manifest file can use the squared image if available +NEW: Enhance the multicurrency rate editor +NEW: Normalyse Type company field with ajax combobox +NEW: preload product description on selection for customer propal/order/invoice +NEW: Search usergroups & resources +NEW: Setup Page for module creation with module builder enhancement #FoundationFunding +NEW: Show picto of module into the list of dictionaries +NEW: Show the total of payment on the payment confirmation page +NEW: The global setup for Mandatory fields can now be done on combo list too. +NEW: translate in "en_US" to complete PR 16980 +NEW: Update the list of taxes available by default for France +NEW: Salary payment request and Salary payment are 2 different steps in workflow on Salary payment recording +NEW: VAT payment request and VAT payment are now 2 different steps in workflow on VAT payment recording +NEW: VAT report - Optimisation & collapse by rate +NEW: When a doc file is shared, link is visible from the main page of doc. +NEW: #16378 more E-Mail Contact substitution Values for better salutation +NEW: option to keep the "Automatically create a total payment" checkbox empty on the tax creation page + + Accountancy NEW: Accountancy - Add FEC import NEW: Accountancy - Add a confirmation form with options on export NEW: Accountancy - Add select date from/to in already bind customer and supplier list @@ -24,152 +74,158 @@ NEW: Accountancy - Format FEC - Add new field DateLimitReglmt NEW: Accountancy - In ledger & journals, show link on bank transaction NEW: Accountancy - Possibility to filter on journals in balance NEW: Accountancy - Add a page to list subledger accounts -NEW: add the Channel column into the list of orders -NEW: Add a check to avoid an invoice date in the future -NEW: Add some color and picto for the direction of movement -NEW: Add the column "alias" of company in the list of proposal, order, invoice -NEW: Add the column "Office phone" and "User mobile" in user list -NEW: Add the column "Price level"in thirdparty list -NEW: Add some company information in the dropdown login menu -NEW: Add constant MAIN_BUGTRACK_URL to set a custom url to redirect to when clicking on link "declare a bug" -NEW: Add contact tag and bulk email status on the thirparty+contact create form -NEW: Add db fields note_public and note_private for ECM module -NEW: Manage deposit on supplier invoice (& somes ajustments) -NEW: Add edit/delete action icons on categories list pages -NEW: Add hidden option to auto load input line extrafield into new lines -NEW: Add import profile to import BOM -NEW: Add last date of modification for website pages in the list of pages -NEW: Add link picto to the stock movement on the detail of production -NEW: Add mass action "Set tag" for product/service, user, thirdparty, warehouse, project, bank account, members -NEW: Add bulk action Validate and Set to billed on order list. -NEW: add bulk action to set a commercial proposal to status "Refused" -NEW: Add option CONTRACT_ALLOW_EXTERNAL_DOWNLOAD and SUPPLIER_PROPOSAL_ALLOW_EXTERNAL_DOWNLOAD to make generated doc automatically shared. -NEW: Add option MAIN_SECURITY_ANTI_SSRF_SERVER_IP to define list of IPs that are local IPs -NEW: Add option SOCIETE_DISABLE_WORKFORCE to hide staff field -NEW: Add a new permission "Export website" -NEW: Add possibility to exports userGroups fields on user exports -NEW: Add price min and price min including tax into product export -NEW: Can search on lots or serials into the quick search bar -NEW: Add support for Friday as a non working day -NEW: Add a total in page of margin by user -NEW: Add the total of margin in invoice list -NEW: Can set a Warehouse on a Thirparty -NEW: auto notification with module Notification can use templated emails -NEW: Bank Entries : display user linked to a salary or a taxes -NEW: Can set a warehouse in a proposal -NEW: Can clone a cron job. -NEW: Can create a lot from the list view (Look and feel standardization). -NEW: Can filter files in GED on status Shared/Not shared -NEW: Can filter on extrafields date on lists -NEW: Can filter on rowid in list of blocked logs. -NEW: Can hide columns "time consumed" on timesheet per week. -NEW: Can set an employee on each social contribution -NEW: Can set a percentage when creating an invoice from another object -NEW: Can set if a ticket group is visible on public interface or not. -NEW: Can set order of execution of hooks -NEW: Can show the leave dates/holidays on the agenda view. -NEW: Can show the project ref into PDF documents -NEW: Can toggle FCKeditor on public/private notes -NEW: Can use captcha on public page to create a ticket -NEW: Check update availability for externals modules using a button on module page -NEW: Choose lines to use while creating intervention card from origin -NEW: Column shippement method, payment mode, payment term in proposal and order list -NEW: Conf for default actiomm status -NEW: customer ref for product customer prices -NEW: date and user signature on proposal (Issue 16062) -NEW: Dictionary for availability - Add a column position -NEW: TAKEPOS delayed payment in TakePOS -NEW: TAKEPOS display date range if exist in TakePOS -NEW: TAKEPOS display resiliate status in TakePOS for member -NEW: TAKEPOS Edit sales lines rights in TakePOS -NEW: TAKEPOS Option for Takepos to show the total price without tax -NEW: TAKEPOS More permission in TakePOS (Can edit added line, can modify once order sent to kitchen) -NEW: Can set a user related to a social contribution -NEW: ICS Direct debit can be set with a different value for each bank account -NEW: LDAP: usergroup search can be filtered -NEW: Make public bookmarks editable by admin users only -NEW: If main logo not defined, can use the squarred logo on login page -NEW: The manifest file can use the squared image if available -NEW: Add bulk actions for Bank Transfer -NEW: Enhance the multicurrency rate editor NEW: Multiselect ledger account code filter on book keeping list -NEW: Normalyse Type company field with ajax combobox -NEW: option to automatically close an open project when all its tasks are done (=progress 100%) -NEW: option to select membership type on the online payment page for membership subscription or renewal -NEW: preload product description on selection for customer propal/order/invoice -NEW: Add a ref in product customer price -NEW: Save old page with .old extension on disk when editing a website page -NEW: Search usergroups & resources -NEW: Set status of all variants when changing status of parent -NEW: Setup Page for module creation with module builder enhancement #FoundationFunding -NEW: Show picto of module into the list of dictionaries -NEW: Show the total of payment on the payment confirmation page -NEW: Stock movement list - Add more complete date field + + Agenda +NEW: add support for Friday as a non working day +NEW: can show the leave dates/holidays on the agenda view NEW: Support color for types of event -NEW: The global setup for Mandatory fields can now be done on combo list too. -NEW: translate in "en_US" to complete PR 16980 -NEW: Update the list of taxes available by default for France -NEW: Add captcha on public page to create a ticket -NEW: Salary payment request and Salary payment are 2 different steps in workflow on Salary payment recording -NEW: VAT payment request and VAT payment are now 2 different steps in workflow on VAT payment recording -NEW: VAT report - Optimisation & collapse by rate -NEW: When we add contacts/users to a project, ask to also affect them on tasks. -NEW: When a doc file is shared, link is visible from the main page of doc. -NEW: Add option in Workflow module to set a shipment as closed. -NEW: Option to automatically create a login/user when a new subscription of a member is done online -NEW: #16378 More E-Mail Contact substitution Values for better salutation -NEW: option to keep the "Automatically create a total payment" checkbox empty on the tax creation page -NEW: #17113 Can upload a favicon in website module + + Bank +NEW: Bank Entries : display user linked to a salary or a taxes +NEW: Add bulk actions for Bank Transfer + + ECM/GED +NEW: add DB fields note_public and note_private for ECM module +NEW: can filter files in ECM/GED on status Shared / Not shared + + Invoices +NEW: add a check to avoid an invoice date in the future +NEW: add the total of margin in invoice list +NEW: can set a percentage when creating an invoice from another object +NEW: Support down payment on supplier invoice (& somes ajustments) + + Margin +NEW: add the total of margin in invoice list +NEW: add the total of margin in page by user + + Members NEW: #17292 default subscription amount by adherent type +NEW: option to automatically create a login/user when a new subscription of a member is done online +NEW: option to select membership type on the online payment page for membership subscription or renewal + + Products +NEW: Add price min and price min including tax into product export +NEW: Add a ref in product customer price +NEW: customer ref for product customer prices +NEW: Set status of all variants when changing status of parent + + Projects/Tasks +NEW: option to automatically close an open project when all its tasks are done (=progress 100%) +NEW: can show the project ref into PDF documents +NEW: when we add contacts/users to a project, ask to also affect them on tasks +NEW: Can hide columns "time consumed" on timesheet per week + + Proposals +NEW: add bulk action to set a commercial proposal to status "Refused" +NEW: can set a warehouse in a proposal +NEW: date and user signature on proposal (Issue 16062) #16980 + + Shipment +NEW: add option in Workflow module to set a shipment as closed + + TakePOS +NEW: delayed payment in TakePOS #14456? +NEW: display date range if exist in TakePOS +NEW: display resiliate status in TakePOS for member +NEW: edit sales lines rights in TakePOS +NEW: option for TakePOS to show the total price without tax +NEW: more permissions in TakePOS (can edit added line, can modify once order sent to kitchen) + + Third Party / Contacts +NEW: add contact tag and bulk email status on the thirdparty + contact create form +NEW: can set a warehouse on a thirdparty + + Tickets +NEW: can use captcha on public page to create a ticket #16347 +NEW: can set if a ticket group is visible on public interface or not + + Warehouse/Stock +NEW: Feature to make Stock Inventories +NEW: can make massive stock transfers from a CSV file +NEW: Stock movement list - add more complete date field +NEW: can set a warehouse in a proposal +NEW: can set a warehouse on a thirdparty + + Website Module +NEW: #17113 Can upload a favicon in website module +NEW: add a new permission "Export website" +NEW: add last date of modification for website pages in the list of pages +NEW: Save old page with .old extension on disk when editing a website page + + Workflows +NEW: add option in Workflow module to set a shipment as closed + + + for Admins +NEW: Add a security center page with all information and advices related to the security of your instance +NEW: Add a performance center page with all information and advices related to the performance of your instance + + Modules +NEW: Module Recruitement is now stable NEW: start new experimental module Event Organization Management NEW: start new experimental module Partnership Management NEW: start new experimental module Knowledge Management -NEW: start new experimental module Workstations management +NEW: start new experimental module Workstations Management +NEW: Check update availability for externals modules using a button on module page +Module SimplePOS is deprecated - TakePOS is recommended for the future + + new Options +NEW: add option CONTRACT_ALLOW_EXTERNAL_DOWNLOAD to make generated doc automatically shared +NEW: add option SUPPLIER_PROPOSAL_ALLOW_EXTERNAL_DOWNLOAD to make generated doc automatically shared +NEW: add option MAIN_SECURITY_ANTI_SSRF_SERVER_IP to define list of IPs that are local IPs +NEW: add option SOCIETE_DISABLE_WORKFORCE to hide staff field +NEW: add constant MAIN_BUGTRACK_URL to set a custom url to redirect to when clicking on link "declare a bug" For developers: --------------- NEW: Can edit an object property in module builder -NEW: hook printFieldListTitle for cabyprodserv.php -NEW: Hook to allow external modules to add their own shortlist of recent objects -NEW: SQL-altering hooks in the turnover by product report NEW: Add data-eec=1 for EEC countries on select for js interaction NEW: Add experimental repair script to switch to dynamic row format and utf8mb4 encoding -NEW: add form confirm hook on company card NEW: Add function showValueWithClipboardCPButton() to add a copy/paste -NEW: Add hook addSectionECMAuto method to add custom diretory into ECM auto files -NEW: Add native compression in rest apis -NEW: Product Variants API, add variant stock to response by parameter NEW: Upgrade Stripe PHP lib to 7.67.0 -NEW: Add link to OpenAPI specifications xml file in REST API module setup: swagger.json file can be included into external tools like redoc NEW: Support sepa_debit in stripe paymentmethods list NEW: Update doleditor.class.php for easily activate SCAYT NEW: Add triggers in the function add_object_linked(), updateObjectLinked() and deleteObjectLinked() NEW: Add triggers OBJECT_LINK_INSERT, OBJECT_LINK_UPDATE et OBJECT_LINK_DELETE in the function add_object_linked(), updateObjectLinked() and deleteObjectLinked() -NEW: API Add option $includeifobjectisused to get a product -NEW: API Get the list of product ids only -NEW: Can set a target image in dolcropresize function. -NEW: Can set a label as placeholder for combo lists. +NEW: can set a target image in dolcropresize function +NEW: can set a label as placeholder for combo lists NEW: Add pagination on Get Products response API NEW: Add the DefaultValues CRUD class NEW: Extrafields of documents lines are inside the lines, not any more on separate TR NEW: unit selection on object edit line -NEW: #13739 #17390 Product API route added to get product stock and product with or without variants + + APIs +NEW: API add option $includeifobjectisused to get a product +NEW: API get the list of product ids only +NEW: add link to OpenAPI specifications XML file in REST API module setup: swagger.json file can be included into external tools like redoc +NEW: add native compression in REST APIs +NEW: Product Variants API, add variant stock to response by parameter +NEW: Product API route added to get product stock and product with or without variants #13739 #17390 + + Hooks +NEW: hook printFieldListTitle for cabyprodserv.php +NEW: hook to allow external modules to add their own shortlist of recent objects +NEW: SQL-altering hooks in the turnover by product report +NEW: add form confirm hook on company card +NEW: add hook addSectionECMAuto method to add custom diretory into ECM auto files WARNING: Following changes may create regressions for some external modules, but were necessary to make Dolibarr better: * Module SimplePOS is deprecated. If you need a POS module, please use the module TakePOS. -* The ICS value for direct debit or credit transfer is now store on each bank account instead of into the global setup. +* The ICS value for direct debit or credit transfer is now stored on each bank account instead of into the global setup. * API /setup/shipment_methods has been replaced with API /setup/shipping_methods -* Field "total" renamed into to "total_ht" for table llx_facture, llx_facture_rec for better field name consistency -* Field "tva" renamed into "total_tva" for table llx_propal, llx_supplier_proposal, llx_commande, llx_commande_fournisseur for better field name consistency -* Field "total" renamed into "total_ttc" for table lx_propal, llx_supplier_proposal for better field name consistency -* If your database is PostgreSql, you must use version 9.1.0 or more (Dolibarr need the SQL function CONCAT) -* If your database is MySql or MariaDB, you need at least version 5.1 +* Field "total" renamed into "total_ht" for table llx_facture, llx_facture_rec for better field name consistency +* Field "tva" renamed into "total_tva" for table llx_propal, llx_supplier_proposal, llx_commande, llx_commande_fournisseur for better field name consistency +* Field "total" renamed into "total_ttc" for table llx_propal, llx_supplier_proposal for better field name consistency +* If your database is PostgreSQL, you must use version 9.1.0 or more (Dolibarr need the SQL function CONCAT) +* If your database is MySQL or MariaDB, you need at least version 5.1 * Function set_price_level() has been renamed into setPriceLevel() to follow camelcase rules -* Remove deprecated subtituion key __REFCLIENT__ (Replaced with __REF_CLIENT__) +* removed deprecated subtituion key __REFCLIENT__ (replaced with __REF_CLIENT__) + ***** ChangeLog for 13.0.3 compared to 13.0.2 ***** @@ -180,6 +236,8 @@ FIX: #17060 FIX: #17192 - With tz < 0, event is show in bad day on calendar views FIX: #17363 FIX: #17476 releve.php: Fix SQL statement +FIX: #17967 +Fix: #17906 : fix access denied FIX: Accountancy - Import in general ledger FIX: Accountancy - Quadra export - wrong data on credit FIX: Accountancy - Warning on the pages of the preparatory statements of accounting entries @@ -193,7 +251,7 @@ FIX: create sociales : keep values error form FIX: dol_print_date for %a and %b with some timezone FIX: email is not case sensitive FIX: error for duplicate thirdparty found correctly returned by ws -FIX: Espadon PDF shippment model with long public note now wroking +FIX: Espadon PDF shippment model with long public note now working FIX: esupplier order: error 500 when using packaging with product where it is not defined FIX: Filter on debit/credit FIX: Filter on supplier payment list diff --git a/README.md b/README.md index 34162fd5682..7878f6270a7 100644 --- a/README.md +++ b/README.md @@ -97,49 +97,80 @@ See the [ChangeLog](https://github.com/Dolibarr/dolibarr/blob/develop/ChangeLog) ### Main application/modules (all optional) -- Customers, Prospects (Leads) and/or Suppliers directory + Contacts -- Members/Membership management -- Products and/or Services catalog -- Commercial proposals management -- Customer & Supplier Orders management -- Invoices and payment management -- Shipping management -- Warehouse/Stock management/Inventory -- Manufacturing Orders -- Bank accounts management -- Direct debit orders management (European SEPA) -- Accounting management -- Shared calendar/agenda (with ical and vcal export for third party tools integration) -- Opportunities or Leads management -- Projects & Tasks management -- Ticket System -- Contracts management -- Interventions management -- Employee's leave requests management -- Expense reports -- Recruitment management -- Timesheets -- Electronic Document Management (EDM) -- Foundations members management -- Point of Sale (POS) -- … (around 100 modules available by default, 1000+ on the addon market place) +- Third-Parties Management: Customers, Prospects (Leads) and/or Suppliers + Contacts +- Members/Membership/Foundation management + + Product Management +- Products and/or Services catalog +- Stock / Warehouse management + Inventory +- Barcodes +- Batches / Lots / Serials +- Product Variants +- Bill of Materials (BOM) +- Manufacturing Orders + + Customer/Sales Management +- Customers/Prospects + Contacts management +- Opportunities or Leads management +- Commercial proposals management +- Customer Orders management +- Contracts/Subscription management +- Interventions management +- Ticket System +- Shipping management +- Customer Invoices/Credit notes and payment management +- Point of Sale (POS) + + Supplier/Purchase Management +- Suppliers/Vendors + Contacts +- Supplier (price) requests +- Purchase Orders management +- Delivery/Receiption +- Supplier Invoices/credit notes and payment management +- INCOTERMS + + Finance / Accounting +- Invoices / Payments +- Bank accounts management +- Direct debit orders management (European SEPA) +- Accounting management +- Donations management +- Loan management +- Margins +- Reports + + Collaboration +- Shared calendar/agenda (with ical and vcal export for third party tools integration) +- Projects & Tasks management +- Ticket System +- Surveys + + HR +- Employee's leave requests management +- Expense reports +- Recruitment management +- Timesheets + ### Other application/modules +- Electronic Document Management (EDM) - Bookmarks management -- Donations management - Reporting -- Surveys - Data export/import -- Barcodes support +- Barcodes - Margin calculations - LDAP connectivity - ClickToDial integration - Mass emailing - RSS integration - Skype integration +- Social platforms linking - Payment platforms integration (PayPal, Stripe, Paybox...) -- … +- Email-Collector + +(around 100 modules available by default, 1000+ on the addon market place) + ### Other general features @@ -171,9 +202,12 @@ See the [ChangeLog](https://github.com/Dolibarr/dolibarr/blob/develop/ChangeLog) ### System Environment / Requirements -- Works with PHP 5.6+ and MariaDB 5.0.3+, MySQL 5.0.3+ or PostgreSQL 8.1.4+ (See requirements on the [Wiki](https://wiki.dolibarr.org/index.php/Prerequisite)) +- PHP +- MariaDB, MySQL or PostgreSQL - Compatible with all Cloud solutions that match PHP & MySQL or PostgreSQL prerequisites. +See exact requirements on the [Wiki](https://wiki.dolibarr.org/index.php/Prerequisite) + ### Extending diff --git a/dev/examples/zapier/creates/contact.js b/dev/examples/zapier/creates/contact.js new file mode 100644 index 00000000000..bcb849ad63d --- /dev/null +++ b/dev/examples/zapier/creates/contact.js @@ -0,0 +1,74 @@ +/*jshint esversion: 6 */ +// create a particular contact by name +const createContact = async (z, bundle) => { + const apiurl = bundle.authData.url + '/api/index.php/contacts'; + + const response = await z.request({ + method: 'POST', + url: apiurl, + body: { + name: bundle.inputData.name, + name_alias: bundle.inputData.name_alias, + ref_ext: bundle.inputData.ref_ext, + ref_int: bundle.inputData.ref_int, + address: bundle.inputData.address, + zip: bundle.inputData.zip, + town: bundle.inputData.town, + country_code: bundle.inputData.country_code, + country_id: bundle.inputData.country_id, + country: bundle.inputData.country, + phone: bundle.inputData.phone, + email: bundle.inputData.email, + sens: 'fromzapier' + } + }); + const result = z.JSON.parse(response.content); + // api returns an integer when ok, a json when ko + return result.response || {id: response}; +}; + +module.exports = { + key: 'contact', + noun: 'Contact', + + display: { + label: 'Create Contact', + description: 'Creates a contact.' + }, + + operation: { + inputFields: [ + {key: 'name', required: true}, + {key: 'name_alias', required: false}, + {key: 'address', required: false}, + {key: 'zip', required: false}, + {key: 'town', required: false}, + {key: 'email', required: false} + ], + perform: createContact, + + sample: { + id: 1, + name: 'DUPOND', + name_alias: 'DUPOND Ltd', + address: 'Rue des Canaries', + zip: '34090', + town: 'MONTPELLIER', + phone: '0123456789', + fax: '2345678901', + email: 'robot@domain.com' + }, + + outputFields: [ + {key: 'id', type: "integer", label: 'ID'}, + {key: 'name', label: 'Name'}, + {key: 'name_alias', label: 'Name alias'}, + {key: 'address', label: 'Address'}, + {key: 'zip', label: 'Zip'}, + {key: 'town', label: 'Town'}, + {key: 'phone', label: 'Phone'}, + {key: 'fax', label: 'Fax'}, + {key: 'email', label: 'Email'} + ] + } +}; diff --git a/dev/examples/zapier/creates/member.js b/dev/examples/zapier/creates/member.js new file mode 100644 index 00000000000..152f1129e79 --- /dev/null +++ b/dev/examples/zapier/creates/member.js @@ -0,0 +1,74 @@ +/*jshint esversion: 6 */ +// create a particular member by name +const createMember = async (z, bundle) => { + const apiurl = bundle.authData.url + '/api/index.php/members'; + + const response = await z.request({ + method: 'POST', + url: apiurl, + body: { + name: bundle.inputData.name, + name_alias: bundle.inputData.name_alias, + ref_ext: bundle.inputData.ref_ext, + ref_int: bundle.inputData.ref_int, + address: bundle.inputData.address, + zip: bundle.inputData.zip, + town: bundle.inputData.town, + country_code: bundle.inputData.country_code, + country_id: bundle.inputData.country_id, + country: bundle.inputData.country, + phone: bundle.inputData.phone, + email: bundle.inputData.email, + sens: 'fromzapier' + } + }); + const result = z.JSON.parse(response.content); + // api returns an integer when ok, a json when ko + return result.response || {id: response}; +}; + +module.exports = { + key: 'member', + noun: 'Member', + + display: { + label: 'Create Member', + description: 'Creates a member.' + }, + + operation: { + inputFields: [ + {key: 'name', required: true}, + {key: 'name_alias', required: false}, + {key: 'address', required: false}, + {key: 'zip', required: false}, + {key: 'town', required: false}, + {key: 'email', required: false} + ], + perform: createMember, + + sample: { + id: 1, + name: 'DUPOND', + name_alias: 'DUPOND Ltd', + address: 'Rue des Canaries', + zip: '34090', + town: 'MONTPELLIER', + phone: '0123456789', + fax: '2345678901', + email: 'robot@domain.com' + }, + + outputFields: [ + {key: 'id', type: "integer", label: 'ID'}, + {key: 'name', label: 'Name'}, + {key: 'name_alias', label: 'Name alias'}, + {key: 'address', label: 'Address'}, + {key: 'zip', label: 'Zip'}, + {key: 'town', label: 'Town'}, + {key: 'phone', label: 'Phone'}, + {key: 'fax', label: 'Fax'}, + {key: 'email', label: 'Email'} + ] + } +}; diff --git a/dev/examples/zapier/index.js b/dev/examples/zapier/index.js index d1897673b39..fdd1ed29a53 100644 --- a/dev/examples/zapier/index.js +++ b/dev/examples/zapier/index.js @@ -2,12 +2,18 @@ const triggerAction = require('./triggers/action'); const triggerOrder = require('./triggers/order'); const triggerThirdparty = require('./triggers/thirdparty'); +const triggerContact = require('./triggers/contact'); const triggerTicket = require('./triggers/ticket'); const triggerUser = require('./triggers/user'); +const triggerMember = require('./triggers/member'); const searchThirdparty = require('./searches/thirdparty'); +const searchContact = require('./searches/contact'); +const searchMember = require('./searches/member'); const createThirdparty = require('./creates/thirdparty'); +const createContact = require('./creates/contact'); +const createMember = require('./creates/member'); const { config: authentication, @@ -62,18 +68,24 @@ const App = { [triggerAction.key]: triggerAction, [triggerOrder.key]: triggerOrder, [triggerThirdparty.key]: triggerThirdparty, + [triggerContact.key]: triggerContact, [triggerTicket.key]: triggerTicket, [triggerUser.key]: triggerUser, + [triggerMember.key]: triggerMember, }, // If you want your searches to show up, you better include it here! searches: { [searchThirdparty.key]: searchThirdparty, + [searchContact.key]: searchContact, + [searchMember.key]: searchMember, }, // If you want your creates to show up, you better include it here! creates: { [createThirdparty.key]: createThirdparty, + [createContact.key]: createContact, + [createMember.key]: createMember, } }; diff --git a/dev/examples/zapier/package.json b/dev/examples/zapier/package.json index 4d5c5daa867..a9d519dec69 100644 --- a/dev/examples/zapier/package.json +++ b/dev/examples/zapier/package.json @@ -1,6 +1,6 @@ { "name": "dolibarr", - "version": "1.13.0", + "version": "1.14.0", "description": "An app for connecting Dolibarr to the Zapier platform.", "repository": "Dolibarr/dolibarr", "homepage": "https://www.dolibarr.org/", @@ -11,7 +11,7 @@ "test": "mocha --recursive" }, "engines": { - "node": "8.10.0", + "node": "14.0.0", "npm": ">=5.6.0" }, "dependencies": { diff --git a/dev/examples/zapier/searches/contact.js b/dev/examples/zapier/searches/contact.js new file mode 100644 index 00000000000..b52b8d3e367 --- /dev/null +++ b/dev/examples/zapier/searches/contact.js @@ -0,0 +1,95 @@ +module.exports = { + key: 'contact', + + // You'll want to provide some helpful display labels and descriptions + // for users. Zapier will put them into the UX. + noun: 'Contact', + display: { + label: 'Find a Contact', + description: 'Search for contact.' + }, + + // `operation` is where we make the call to your API to do the search + operation: { + // This search only has one search field. Your searches might have just one, or many + // search fields. + inputFields: [ + { + key: 'lastname', + type: 'string', + label: 'Lastname', + helpText: 'Lastname to limit to the search to (i.e. The company or %company%).' + }, + { + key: 'email', + type: 'string', + label: 'Email', + helpText: 'Email to limit to the search to.' + } + ], + + perform: async (z, bundle) => { + const url = bundle.authData.url + '/api/index.php/contacts/'; + + // Put the search value in a query param. The details of how to build + // a search URL will depend on how your API works. + let filter = ''; + if (bundle.inputData.lastname) { + filter = "t.lastname like \'%"+bundle.inputData.name+"%\'"; + } + if (bundle.inputData.email) { + if (bundle.inputData.lastname) { + filter += " and "; + } + filter += "t.email like \'"+bundle.inputData.email+"\'"; + } + const response = await z.request({ + url: url, + // this parameter avoid throwing errors and let us manage them + skipThrowForStatus: true, + params: { + sqlfilters: filter + } + }); + //z.console.log(response); + if (response.status != 200) { + return []; + } + return response.json; + }, + + // In cases where Zapier needs to show an example record to the user, but we are unable to get a live example + // from the API, Zapier will fallback to this hard-coded sample. It should reflect the data structure of + // returned records, and have obviously dummy values that we can show to any user. + sample: { + id: 1, + createdAt: 1472069465, + name: 'DOE', + firstname: 'John', + authorId: 1, + directions: '1. Boil Noodles\n2.Serve with sauce', + style: 'italian' + }, + + // If the resource can have fields that are custom on a per-user basis, define a function to fetch the custom + // field definitions. The result will be used to augment the sample. + // outputFields: () => { return []; } + // Alternatively, a static field definition should be provided, to specify labels for the fields + outputFields: [ + { + key: 'id', + type: "integer", + label: 'ID' + }, + {key: 'createdAt', type: "integer", label: 'Created At'}, + {key: 'name', label: 'Name'}, + {key: 'firstname', label: 'Firstname'}, + {key: 'directions', label: 'Directions'}, + {key: 'authorId', type: "integer", label: 'Author ID'}, + { + key: 'style', + label: 'Style' + } + ] + } +}; diff --git a/dev/examples/zapier/searches/member.js b/dev/examples/zapier/searches/member.js new file mode 100644 index 00000000000..f1a84061146 --- /dev/null +++ b/dev/examples/zapier/searches/member.js @@ -0,0 +1,88 @@ +module.exports = { + key: 'member', + + // You'll want to provide some helpful display labels and descriptions + // for users. Zapier will put them into the UX. + noun: 'Member', + display: { + label: 'Find a Member', + description: 'Search for member.' + }, + + // `operation` is where we make the call to your API to do the search + operation: { + // This search only has one search field. Your searches might have just one, or many + // search fields. + inputFields: [ + { + key: 'lastname', + type: 'string', + label: 'Lastname', + helpText: 'Lastname to limit to the search to (i.e. The company or %company%).' + }, + { + key: 'email', + type: 'string', + label: 'Email', + helpText: 'Email to limit to the search to.' + } + ], + + perform: async (z, bundle) => { + const url = bundle.authData.url + '/api/index.php/members/'; + + // Put the search value in a query param. The details of how to build + // a search URL will depend on how your API works. + let filter = ''; + if (bundle.inputData.lastname) { + filter = "t.lastname like \'%" + bundle.inputData.name + "%\'"; + } + if (bundle.inputData.email) { + if (bundle.inputData.lastname) { + filter += " and "; + } + filter += "t.email like \'" + bundle.inputData.email + "\'"; + } + const response = await z.request({ + url: url, + // this parameter avoid throwing errors and let us manage them + skipThrowForStatus: true, + params: { + sqlfilters: filter + } + }); + //z.console.log(response); + if (response.status != 200) { + return []; + } + return response.json; + }, + + // In cases where Zapier needs to show an example record to the user, but we are unable to get a live example + // from the API, Zapier will fallback to this hard-coded sample. It should reflect the data structure of + // returned records, and have obviously dummy values that we can show to any user. + sample: { + id: 1, + createdAt: 1472069465, + name: 'DOE', + firstname: 'John', + authorId: 1, + }, + + // If the resource can have fields that are custom on a per-user basis, define a function to fetch the custom + // field definitions. The result will be used to augment the sample. + // outputFields: () => { return []; } + // Alternatively, a static field definition should be provided, to specify labels for the fields + outputFields: [ + { + key: 'id', + type: "integer", + label: 'ID' + }, + { key: 'createdAt', type: "integer", label: 'Created At' }, + { key: 'name', label: 'Name' }, + { key: 'firstname', label: 'Firstname' }, + { key: 'authorId', type: "integer", label: 'Author ID' }, + ] + } +}; diff --git a/dev/examples/zapier/searches/thirdparty.js b/dev/examples/zapier/searches/thirdparty.js index 8f72b9270e5..e1e6878f5b3 100644 --- a/dev/examples/zapier/searches/thirdparty.js +++ b/dev/examples/zapier/searches/thirdparty.js @@ -19,21 +19,43 @@ module.exports = { type: 'string', label: 'Name', helpText: 'Name to limit to the search to (i.e. The company or %company%).' + }, + { + key: 'email', + type: 'string', + label: 'Email', + helpText: 'Email to limit to the search to.' } ], - perform: (z, bundle) => { + perform: async (z, bundle) => { const url = bundle.authData.url + '/api/index.php/thirdparties/'; // Put the search value in a query param. The details of how to build // a search URL will depend on how your API works. - const options = { - params: { - sqlfilters: "t.nom like \'%"+bundle.inputData.name+"%\'" + let filter = ''; + if (bundle.inputData.name) { + filter = "t.nom like \'%"+bundle.inputData.name+"%\'"; + } + if (bundle.inputData.email) { + if (bundle.inputData.name) { + filter += " and "; } - }; - - return z.request(url, options).then(response => JSON.parse(response.content)); + filter += "t.email like \'"+bundle.inputData.email+"\'"; + } + const response = await z.request({ + url: url, + // this parameter avoid throwing errors and let us manage them + skipThrowForStatus: true, + params: { + sqlfilters: filter + } + }); + //z.console.log(response); + if (response.status != 200) { + return []; + } + return response.json; }, // In cases where Zapier needs to show an example record to the user, but we are unable to get a live example diff --git a/dev/examples/zapier/triggers/contact.js b/dev/examples/zapier/triggers/contact.js new file mode 100644 index 00000000000..2ba3bd226f8 --- /dev/null +++ b/dev/examples/zapier/triggers/contact.js @@ -0,0 +1,171 @@ +const subscribeHook = (z, bundle) => { + // `z.console.log()` is similar to `console.log()`. + z.console.log('suscribing hook!'); + + // bundle.targetUrl has the Hook URL this app should call when an action is created. + const data = { + url: bundle.targetUrl, + event: bundle.event, + module: 'contact', + action: bundle.inputData.action + }; + + const url = bundle.authData.url + '/api/index.php/zapierapi/hook'; + + // You can build requests and our client will helpfully inject all the variables + // you need to complete. You can also register middleware to control this. + const options = { + url: url, + method: 'POST', + body: data, + }; + + // You may return a promise or a normal data structure from any perform method. + return z.request(options).then((response) => JSON.parse(response.content)); +}; + +const unsubscribeHook = (z, bundle) => { + // bundle.subscribeData contains the parsed response JSON from the subscribe + // request made initially. + z.console.log('unsuscribing hook!'); + + // You can build requests and our client will helpfully inject all the variables + // you need to complete. You can also register middleware to control this. + const options = { + url: bundle.authData.url + '/api/index.php/zapierapi/hook/' + bundle.subscribeData.id, + method: 'DELETE', + }; + + // You may return a promise or a normal data structure from any perform method. + return z.request(options).then((response) => JSON.parse(response.content)); +}; + +const getContact = (z, bundle) => { + // bundle.cleanedRequest will include the parsed JSON object (if it's not a + // test poll) and also a .querystring property with the URL's query string. + const contact = { + id: bundle.cleanedRequest.id, + name: bundle.cleanedRequest.name, + name_alias: bundle.cleanedRequest.name_alias, + firstname: bundle.cleanedRequest.firstname, + address: bundle.cleanedRequest.address, + zip: bundle.cleanedRequest.zip, + town: bundle.cleanedRequest.town, + email: bundle.cleanedRequest.email, + phone_pro: bundle.cleanedRequest.phone_pro, + phone_perso: bundle.cleanedRequest.phone_perso, + phone_mobile: bundle.cleanedRequest.phone_mobile, + authorId: bundle.cleanedRequest.authorId, + createdAt: bundle.cleanedRequest.createdAt, + action: bundle.cleanedRequest.action + }; + + return [contact]; +}; + +const getFallbackRealContact = (z, bundle) => { + // For the test poll, you should get some real data, to aid the setup process. + const module = bundle.inputData.module; + const options = { + url: bundle.authData.url + '/api/index.php/contacts/0', + }; + + return z.request(options).then((response) => [JSON.parse(response.content)]); +}; + +// const getModulesChoices = (z/*, bundle*/) => { +// // For the test poll, you should get some real data, to aid the setup process. +// const options = { +// url: bundle.authData.url + '/api/index.php/zapierapi/getmoduleschoices', +// }; + +// return z.request(options).then((response) => JSON.parse(response.content)); +// }; +// const getModulesChoices = () => { +// return { +// orders: "Order", +// invoices: "Invoice", +// contacts: "Contact", +// contacts: "Contacts" +// }; +// }; + +// const getActionsChoices = (z, bundle) => { +// // For the test poll, you should get some real data, to aid the setup process. +// const module = bundle.inputData.module; +// const options = { +// url: url: bundle.authData.url + '/api/index.php/zapierapi/getactionschoices/thirparty`, +// }; + +// return z.request(options).then((response) => JSON.parse(response.content)); +// }; + +// We recommend writing your triggers separate like this and rolling them +// into the App definition at the end. +module.exports = { + key: 'contact', + + // You'll want to provide some helpful display labels and descriptions + // for users. Zapier will put them into the UX. + noun: 'Contact', + display: { + label: 'New Contact', + description: 'Triggers when a new contact action is done in Dolibarr.' + }, + + // `operation` is where the business logic goes. + operation: { + + // `inputFields` can define the fields a user could provide, + // we'll pass them in as `bundle.inputData` later. + inputFields: [ + { + key: 'action', + required: true, + type: 'string', + helpText: 'Which action of contact this should trigger on.', + choices: { + create: "Create", + modify: "Modify", + validate: "Validate", + } + } + ], + + type: 'hook', + + performSubscribe: subscribeHook, + performUnsubscribe: unsubscribeHook, + + perform: getContact, + performList: getFallbackRealContact, + + // In cases where Zapier needs to show an example record to the user, but we are unable to get a live example + // from the API, Zapier will fallback to this hard-coded sample. It should reflect the data structure of + // returned records, and have obviously dummy values that we can show to any user. + sample: { + id: 1, + createdAt: 1472069465, + lastname: 'DOE', + firstname: 'John', + authorId: 1, + action: 'create' + }, + + // If the resource can have fields that are custom on a per-user basis, define a function to fetch the custom + // field definitions. The result will be used to augment the sample. + // outputFields: () => { return []; } + // Alternatively, a static field definition should be provided, to specify labels for the fields + outputFields: [ + {key: 'id', type: "integer", label: 'ID'}, + {key: 'createdAt', label: 'Created At'}, + {key: 'lastname', label: 'Lastname'}, + {key: 'firstname', label: 'Firstname'}, + {key: 'phone', label: 'Phone pro'}, + {key: 'phone_perso', label: 'Phone perso'}, + {key: 'phone_mobile', label: 'Phone mobile'}, + {key: 'authorId', type: "integer", label: 'Author ID'}, + {key: 'action', label: 'Action'} + ] + } +}; diff --git a/dev/examples/zapier/triggers/member.js b/dev/examples/zapier/triggers/member.js new file mode 100644 index 00000000000..3385cdca625 --- /dev/null +++ b/dev/examples/zapier/triggers/member.js @@ -0,0 +1,171 @@ +const subscribeHook = (z, bundle) => { + // `z.console.log()` is similar to `console.log()`. + z.console.log('suscribing hook!'); + + // bundle.targetUrl has the Hook URL this app should call when an action is created. + const data = { + url: bundle.targetUrl, + event: bundle.event, + module: 'member', + action: bundle.inputData.action + }; + + const url = bundle.authData.url + '/api/index.php/zapierapi/hook'; + + // You can build requests and our client will helpfully inject all the variables + // you need to complete. You can also register middleware to control this. + const options = { + url: url, + method: 'POST', + body: data, + }; + + // You may return a promise or a normal data structure from any perform method. + return z.request(options).then((response) => JSON.parse(response.content)); +}; + +const unsubscribeHook = (z, bundle) => { + // bundle.subscribeData contains the parsed response JSON from the subscribe + // request made initially. + z.console.log('unsuscribing hook!'); + + // You can build requests and our client will helpfully inject all the variables + // you need to complete. You can also register middleware to control this. + const options = { + url: bundle.authData.url + '/api/index.php/zapierapi/hook/' + bundle.subscribeData.id, + method: 'DELETE', + }; + + // You may return a promise or a normal data structure from any perform method. + return z.request(options).then((response) => JSON.parse(response.content)); +}; + +const getMember = (z, bundle) => { + // bundle.cleanedRequest will include the parsed JSON object (if it's not a + // test poll) and also a .querystring property with the URL's query string. + const member = { + id: bundle.cleanedRequest.id, + name: bundle.cleanedRequest.name, + name_alias: bundle.cleanedRequest.name_alias, + firstname: bundle.cleanedRequest.firstname, + address: bundle.cleanedRequest.address, + zip: bundle.cleanedRequest.zip, + town: bundle.cleanedRequest.town, + email: bundle.cleanedRequest.email, + phone_pro: bundle.cleanedRequest.phone_pro, + phone_perso: bundle.cleanedRequest.phone_perso, + phone_mobile: bundle.cleanedRequest.phone_mobile, + authorId: bundle.cleanedRequest.authorId, + createdAt: bundle.cleanedRequest.createdAt, + action: bundle.cleanedRequest.action + }; + + return [member]; +}; + +const getFallbackRealMember = (z, bundle) => { + // For the test poll, you should get some real data, to aid the setup process. + const module = bundle.inputData.module; + const options = { + url: bundle.authData.url + '/api/index.php/members/0', + }; + + return z.request(options).then((response) => [JSON.parse(response.content)]); +}; + +// const getModulesChoices = (z/*, bundle*/) => { +// // For the test poll, you should get some real data, to aid the setup process. +// const options = { +// url: bundle.authData.url + '/api/index.php/zapierapi/getmoduleschoices', +// }; + +// return z.request(options).then((response) => JSON.parse(response.content)); +// }; +// const getModulesChoices = () => { +// return { +// orders: "Order", +// invoices: "Invoice", +// members: "Member", +// members: "Members" +// }; +// }; + +// const getActionsChoices = (z, bundle) => { +// // For the test poll, you should get some real data, to aid the setup process. +// const module = bundle.inputData.module; +// const options = { +// url: url: bundle.authData.url + '/api/index.php/zapierapi/getactionschoices/thirparty`, +// }; + +// return z.request(options).then((response) => JSON.parse(response.content)); +// }; + +// We recommend writing your triggers separate like this and rolling them +// into the App definition at the end. +module.exports = { + key: 'member', + + // You'll want to provide some helpful display labels and descriptions + // for users. Zapier will put them into the UX. + noun: 'Member', + display: { + label: 'New Member', + description: 'Triggers when a new member action is done in Dolibarr.' + }, + + // `operation` is where the business logic goes. + operation: { + + // `inputFields` can define the fields a user could provide, + // we'll pass them in as `bundle.inputData` later. + inputFields: [ + { + key: 'action', + required: true, + type: 'string', + helpText: 'Which action of member this should trigger on.', + choices: { + create: "Create", + modify: "Modify", + validate: "Validate", + } + } + ], + + type: 'hook', + + performSubscribe: subscribeHook, + performUnsubscribe: unsubscribeHook, + + perform: getMember, + performList: getFallbackRealMember, + + // In cases where Zapier needs to show an example record to the user, but we are unable to get a live example + // from the API, Zapier will fallback to this hard-coded sample. It should reflect the data structure of + // returned records, and have obviously dummy values that we can show to any user. + sample: { + id: 1, + createdAt: 1472069465, + lastname: 'DOE', + firstname: 'John', + authorId: 1, + action: 'create' + }, + + // If the resource can have fields that are custom on a per-user basis, define a function to fetch the custom + // field definitions. The result will be used to augment the sample. + // outputFields: () => { return []; } + // Alternatively, a static field definition should be provided, to specify labels for the fields + outputFields: [ + {key: 'id', type: "integer", label: 'ID'}, + {key: 'createdAt', label: 'Created At'}, + {key: 'lastname', label: 'Lastname'}, + {key: 'firstname', label: 'Firstname'}, + {key: 'phone', label: 'Phone pro'}, + {key: 'phone_perso', label: 'Phone perso'}, + {key: 'phone_mobile', label: 'Phone mobile'}, + {key: 'authorId', type: "integer", label: 'Author ID'}, + {key: 'action', label: 'Action'} + ] + } +}; diff --git a/dev/examples/zapier/triggers/thirdparty.js b/dev/examples/zapier/triggers/thirdparty.js index 0fecd4434ce..76194acbc9a 100644 --- a/dev/examples/zapier/triggers/thirdparty.js +++ b/dev/examples/zapier/triggers/thirdparty.js @@ -118,7 +118,7 @@ module.exports = { noun: 'Thirdparty', display: { label: 'New Thirdparty', - description: 'Triggers when a new thirdpaty action is done in Dolibarr.' + description: 'Triggers when a new thirdparty action is done in Dolibarr.' }, // `operation` is where the business logic goes. diff --git a/doc/install/README b/doc/install/README index 0c7341b196c..0192ff27521 100644 --- a/doc/install/README +++ b/doc/install/README @@ -19,7 +19,7 @@ Download Install -------------------------------- -* For a Quick guide, take a look at README file into root directory. +* For a Quick guide, take a look at README.md file into root directory. * More complete documentations are also available on line on the Dolibarr Wiki: https://wiki.dolibarr.org diff --git a/doc/install/README-DE b/doc/install/README-DE index 047e1915d18..f4cb3c1a6f5 100644 --- a/doc/install/README-DE +++ b/doc/install/README-DE @@ -23,7 +23,7 @@ Download / Herunterladen Installation / Hilfe ------------------------------------ -* Für eine kurze Einleitung schau in die README Datei im Hauptverzeichnis. +* Für eine kurze Einleitung schau in die README.md Datei im Hauptverzeichnis. * Umfangreiche Dokumentationen sind im Dolibarr Wiki zu finden: https://wiki.dolibarr.org/index.php/Hauptseite diff --git a/doc/install/README-FR b/doc/install/README-FR index 5872ec0e3d1..c362316b39c 100644 --- a/doc/install/README-FR +++ b/doc/install/README-FR @@ -20,9 +20,7 @@ https://www.dolistore.com Documentation utilisateur -------------------------------- -* Pour une prise en main et installation rapide, consultez le fichier -README-FR à la racine. +* Pour une prise en main et installation rapide, consultez le fichier README-FR.md à la racine. -* Une documentation utilisateur francophone plus consistante est disponible en -ligne sur le wiki de Dolibarr à l'adresse: -https://wiki.dolibarr.org/index.php/Accueil +* Une documentation utilisateur francophone plus consistante est disponible en ligne sur le wiki de Dolibarr à l'adresse: + https://wiki.dolibarr.org diff --git a/doc/user/README b/doc/user/README index 129dff11058..ecde765cde3 100644 --- a/doc/user/README +++ b/doc/user/README @@ -4,4 +4,5 @@ User guide -------------------------------- * All Dolibarr guides are available, on line, on the Dolibarr Web site: + https://www.dolibarr.org diff --git a/doc/user/README-DE.md b/doc/user/README-DE similarity index 99% rename from doc/user/README-DE.md rename to doc/user/README-DE index 4c7a635a522..336e7ab7085 100644 --- a/doc/user/README-DE.md +++ b/doc/user/README-DE @@ -7,9 +7,7 @@ Benutzeranleitung Alle Dolibarr-Informationen sind online verfuegbar ueber die Webseiten: - https://www.dolibarr.de (de) oder https://www.dolibarr.org (intl) https://wiki.dolibarr.org/index.php/Hauptseite (de) - diff --git a/doc/user/README-FR b/doc/user/README-FR index fbf67fd89bc..f5cb72ea1c6 100644 --- a/doc/user/README-FR +++ b/doc/user/README-FR @@ -3,9 +3,6 @@ README (french) Documentation utilisateur -------------------------------- -* Pour une prise en main et installation rapide, consultez le fichier -README-FR à la racine. +La documentation utilisateur francophone est disponible en ligne sur le site Web de Dolibarr à l'adresse: -* Une documentation utilisateur francophone plus consistante est disponible en -ligne sur le site Web de Dolibarr à l'adresse: https://www.dolibarr.fr diff --git a/htdocs/accountancy/admin/categories_list.php b/htdocs/accountancy/admin/categories_list.php index c5091ef4207..9a8a84893fe 100644 --- a/htdocs/accountancy/admin/categories_list.php +++ b/htdocs/accountancy/admin/categories_list.php @@ -444,7 +444,7 @@ if ($search_country_id > 0) { } else { $sql .= " WHERE "; } - $sql .= " (a.fk_country = ".$search_country_id." OR a.fk_country = 0)"; + $sql .= " (a.fk_country = ".((int) $search_country_id)." OR a.fk_country = 0)"; } // If sort order is "country", we use country_code instead diff --git a/htdocs/accountancy/bookkeeping/balance.php b/htdocs/accountancy/bookkeeping/balance.php index a35333020cd..b84fe255760 100644 --- a/htdocs/accountancy/bookkeeping/balance.php +++ b/htdocs/accountancy/bookkeeping/balance.php @@ -388,7 +388,7 @@ if ($action != 'export_csv') { } elseif (empty($tmparrayforrootaccount['label'])) { // $tmparrayforrootaccount['label'] not defined = the account has not parent with a parent. // This is useless, we should not create a new account when an account has no parent, we must edit it to fix its parent. - // BUG 1: Accounts on level root or level 1 must not have a parent 2 level higher, so shoule not show a link to create another account. + // BUG 1: Accounts on level root or level 1 must not have a parent 2 level higher, so should not show a link to create another account. // BUG 2: Adding a link to create a new accounting account here is useless because it is not add as parent of the orphelin. //$link = '' . img_edit_add() . ''; } @@ -401,14 +401,14 @@ if ($action != 'export_csv') { print ''; print ''.$langs->trans("SubTotal").':'; if (!empty($conf->global->ACCOUNTANCY_SHOW_OPENING_BALANCE)) { - print ''.price($sous_total_opening_balance).''; + print ''.price($sous_total_opening_balance).''; } - print ''.price($sous_total_debit).''; - print ''.price($sous_total_credit).''; + print ''.price($sous_total_debit).''; + print ''.price($sous_total_credit).''; if (!empty($conf->global->ACCOUNTANCY_SHOW_OPENING_BALANCE)) { - print ''.price(price2num($sous_total_opening_balance + $sous_total_debit - $sous_total_credit)).''; + print ''.price(price2num($sous_total_opening_balance + $sous_total_debit - $sous_total_credit)).''; } else { - print ''.price(price2num($sous_total_debit - $sous_total_credit)).''; + print ''.price(price2num($sous_total_debit - $sous_total_credit)).''; } print "\n"; print ''; @@ -429,7 +429,7 @@ if ($action != 'export_csv') { print ''; print ''.$accounting_account.''; if (!empty($conf->global->ACCOUNTANCY_SHOW_OPENING_BALANCE)) { - print ''.price($opening_balance).''; + print ''.price($opening_balance).''; } $urlzoom = ''; @@ -443,14 +443,14 @@ if ($action != 'export_csv') { } } // Debit - print ''.price($line->debit).''; + print ''.price($line->debit).''; // Credit - print ''.price($line->credit).''; + print ''.price($line->credit).''; if (!empty($conf->global->ACCOUNTANCY_SHOW_OPENING_BALANCE)) { - print ''.price(price2num($opening_balance + $line->debit - $line->credit, 'MT')).''; + print ''.price(price2num($opening_balance + $line->debit - $line->credit, 'MT')).''; } else { - print ''.price(price2num($line->debit - $line->credit, 'MT')).''; + print ''.price(price2num($line->debit - $line->credit, 'MT')).''; } print ''; print $link; @@ -466,14 +466,14 @@ if ($action != 'export_csv') { if (!empty($show_subgroup)) { print ''.$langs->trans("SubTotal").':'; if (!empty($conf->global->ACCOUNTANCY_SHOW_OPENING_BALANCE)) { - print ''.price($sous_total_opening_balance).''; + print ''.price($sous_total_opening_balance).''; } - print ''.price($sous_total_debit).''; - print ''.price($sous_total_credit).''; + print ''.price($sous_total_debit).''; + print ''.price($sous_total_credit).''; if (!empty($conf->global->ACCOUNTANCY_SHOW_OPENING_BALANCE)) { - print '' . price(price2num($sous_total_opening_balance + $sous_total_debit - $sous_total_credit, 'MT')) . ''; + print '' . price(price2num($sous_total_opening_balance + $sous_total_debit - $sous_total_credit, 'MT')) . ''; } else { - print '' . price(price2num($sous_total_debit - $sous_total_credit, 'MT')) . ''; + print '' . price(price2num($sous_total_debit - $sous_total_credit, 'MT')) . ''; } print "\n"; print ''; @@ -483,12 +483,12 @@ if ($action != 'export_csv') { if (!empty($conf->global->ACCOUNTANCY_SHOW_OPENING_BALANCE)) { print ''.price($total_opening_balance).''; } - print ''.price($total_debit).''; - print ''.price($total_credit).''; + print ''.price($total_debit).''; + print ''.price($total_credit).''; if (!empty($conf->global->ACCOUNTANCY_SHOW_OPENING_BALANCE)) { - print '' . price(price2num($total_opening_balance + $total_debit - $total_credit, 'MT')) . ''; + print '' . price(price2num($total_opening_balance + $total_debit - $total_credit, 'MT')) . ''; } else { - print '' . price(price2num($total_debit - $total_credit, 'MT')) . ''; + print '' . price(price2num($total_debit - $total_credit, 'MT')) . ''; } print "\n"; print ''; diff --git a/htdocs/accountancy/bookkeeping/card.php b/htdocs/accountancy/bookkeeping/card.php index f91b1821df4..4c7194b2255 100644 --- a/htdocs/accountancy/bookkeeping/card.php +++ b/htdocs/accountancy/bookkeeping/card.php @@ -1,7 +1,7 @@ * Copyright (C) 2013-2017 Florian Henry - * Copyright (C) 2013-2018 Alexandre Spangaro + * Copyright (C) 2013-2021 Alexandre Spangaro * Copyright (C) 2017 Laurent Destailleur * Copyright (C) 2018-2020 Frédéric France * @@ -537,6 +537,22 @@ if ($action == 'create') { print ''; print ''; + // Date document creation + print ''; + print ''.$langs->trans("DateExport").''; + print ''; + print $object->date_export ? dol_print_date($object->date_export, 'dayhour') : ' '; + print ''; + print ''; + + // Date document creation + print ''; + print ''.$langs->trans("DateValidation").''; + print ''; + print $object->date_validation ? dol_print_date($object->date_validation, 'dayhour') : ' '; + print ''; + print ''; + // Validate /* print ''; @@ -619,7 +635,9 @@ if ($action == 'create') { print_liste_field_titre("LabelOperation"); print_liste_field_titre("Debit", "", "", "", "", 'class="right"'); print_liste_field_titre("Credit", "", "", "", "", 'class="right"'); - print_liste_field_titre("Action", "", "", "", "", 'width="60" class="center"'); + if (empty($object->date_validation)) { + print_liste_field_titre("Action", "", "", "", "", 'width="60" class="center"'); + } print "\n"; @@ -662,21 +680,25 @@ if ($action == 'create') { } print ''; print ''.$line->label_operation.''; - print ''.price($line->debit).''; - print ''.price($line->credit).''; + print ''.price($line->debit).''; + print ''.price($line->credit).''; - print ''; - print 'id.'&piece_num='.urlencode($line->piece_num).'&mode='.urlencode($mode).'&token='.urlencode(newToken()).'">'; - print img_edit('', 0, 'class="marginrightonly"'); - print '  '; - - $actiontodelete = 'delete'; - if ($mode == '_tmp' || $action != 'delmouv') { - $actiontodelete = 'confirm_delete'; + if (empty($line->date_export) || empty($line->date_validation)) { + print ''; + print 'id . '&piece_num=' . urlencode($line->piece_num) . '&mode=' . urlencode($mode) . '&token=' . urlencode(newToken()) . '">'; + print img_edit('', 0, 'class="marginrightonly"'); + print '  '; } - print ''; - print img_delete(); + if (empty($line->date_validation)) { + $actiontodelete = 'delete'; + if ($mode == '_tmp' || $action != 'delmouv') { + $actiontodelete = 'confirm_delete'; + } + + print ''; + print img_delete(); + } print ''; print ''; @@ -691,32 +713,33 @@ if ($action == 'create') { setEventMessages(null, array($langs->trans('MvtNotCorrectlyBalanced', $total_debit, $total_credit)), 'warnings'); } - if ($action == "" || $action == 'add') { - print ''; - print ''; - print ''; - print $formaccounting->select_account('', 'accountingaccount_number', 1, array(), 1, 1, ''); - print ''; - print ''; - // TODO For the moment we keep a free input text instead of a combo. The select_auxaccount has problem because: - // It does not use the setup of "key pressed" to select a thirdparty and this hang browser on large databases. - // Also, it is not possible to use a value that is not in the list. - // Also, the label is not automatically filled when a value is selected. - if (!empty($conf->global->ACCOUNTANCY_COMBO_FOR_AUX)) { - print $formaccounting->select_auxaccount('', 'subledger_account', 1); - } else { - print ''; + if (empty($object->date_export) || empty($object->date_validation)) { + if ($action == "" || $action == 'add') { + print ''; + print ''; + print ''; + print $formaccounting->select_account('', 'accountingaccount_number', 1, array(), 1, 1, ''); + print ''; + print ''; + // TODO For the moment we keep a free input text instead of a combo. The select_auxaccount has problem because: + // It does not use the setup of "key pressed" to select a thirdparty and this hang browser on large databases. + // Also, it is not possible to use a value that is not in the list. + // Also, the label is not automatically filled when a value is selected. + if (!empty($conf->global->ACCOUNTANCY_COMBO_FOR_AUX)) { + print $formaccounting->select_auxaccount('', 'subledger_account', 1); + } else { + print ''; + } + print '
'; + print ''; + print ''; + print ''; + print ''; + print ''; + print ''; } - print '
'; - print ''; - print ''; - print ''; - print ''; - print ''; - print ''; + print ''; } - print ''; - if ($mode == '_tmp' && $action == '') { print '
'; diff --git a/htdocs/accountancy/bookkeeping/list.php b/htdocs/accountancy/bookkeeping/list.php index a8a24e67d9d..a70bb710937 100644 --- a/htdocs/accountancy/bookkeeping/list.php +++ b/htdocs/accountancy/bookkeeping/list.php @@ -1,7 +1,7 @@ * Copyright (C) 2013-2016 Florian Henry - * Copyright (C) 2013-2020 Alexandre Spangaro + * Copyright (C) 2013-2021 Alexandre Spangaro * Copyright (C) 2016-2017 Laurent Destailleur * Copyright (C) 2018-2021 Frédéric France * @@ -44,15 +44,47 @@ $action = GETPOST('action', 'aZ09'); $search_mvt_num = GETPOST('search_mvt_num', 'int'); $search_doc_type = GETPOST("search_doc_type", 'alpha'); $search_doc_ref = GETPOST("search_doc_ref", 'alpha'); -$search_date_start = dol_mktime(0, 0, 0, GETPOST('search_date_startmonth', 'int'), GETPOST('search_date_startday', 'int'), GETPOST('search_date_startyear', 'int')); -$search_date_end = dol_mktime(23, 59, 59, GETPOST('search_date_endmonth', 'int'), GETPOST('search_date_endday', 'int'), GETPOST('search_date_endyear', 'int')); +$search_date_startyear = GETPOST('search_date_startyear', 'int'); +$search_date_startmonth = GETPOST('search_date_startmonth', 'int'); +$search_date_startday = GETPOST('search_date_startday', 'int'); +$search_date_endyear = GETPOST('search_date_endyear', 'int'); +$search_date_endmonth = GETPOST('search_date_endmonth', 'int'); +$search_date_endday = GETPOST('search_date_endday', 'int'); +$search_date_start = dol_mktime(0, 0, 0, $search_date_startmonth, $search_date_startday, $search_date_startyear); +$search_date_end = dol_mktime(23, 59, 59, $search_date_endmonth, $search_date_endday, $search_date_endyear); $search_doc_date = dol_mktime(0, 0, 0, GETPOST('doc_datemonth', 'int'), GETPOST('doc_dateday', 'int'), GETPOST('doc_dateyear', 'int')); -$search_date_creation_start = dol_mktime(0, 0, 0, GETPOST('date_creation_startmonth', 'int'), GETPOST('date_creation_startday', 'int'), GETPOST('date_creation_startyear', 'int')); -$search_date_creation_end = dol_mktime(23, 59, 59, GETPOST('date_creation_endmonth', 'int'), GETPOST('date_creation_endday', 'int'), GETPOST('date_creation_endyear', 'int')); -$search_date_modification_start = dol_mktime(0, 0, 0, GETPOST('date_modification_startmonth', 'int'), GETPOST('date_modification_startday', 'int'), GETPOST('date_modification_startyear', 'int')); -$search_date_modification_end = dol_mktime(23, 59, 59, GETPOST('date_modification_endmonth', 'int'), GETPOST('date_modification_endday', 'int'), GETPOST('date_modification_endyear', 'int')); -$search_date_export_start = dol_mktime(0, 0, 0, GETPOST('date_export_startmonth', 'int'), GETPOST('date_export_startday', 'int'), GETPOST('date_export_startyear', 'int')); -$search_date_export_end = dol_mktime(23, 59, 59, GETPOST('date_export_endmonth', 'int'), GETPOST('date_export_endday', 'int'), GETPOST('date_export_endyear', 'int')); +$search_date_creation_startyear = GETPOST('search_date_creation_startyear', 'int'); +$search_date_creation_startmonth = GETPOST('search_date_creation_startmonth', 'int'); +$search_date_creation_startday = GETPOST('search_date_creation_startday', 'int'); +$search_date_creation_endyear = GETPOST('search_date_creation_endyear', 'int'); +$search_date_creation_endmonth = GETPOST('search_date_creation_endmonth', 'int'); +$search_date_creation_endday = GETPOST('search_date_creation_endday', 'int'); +$search_date_creation_start = dol_mktime(0, 0, 0, $search_date_creation_startmonth, $search_date_creation_startday, $search_date_creation_startyear); +$search_date_creation_end = dol_mktime(23, 59, 59, $search_date_creation_endmonth, $search_date_creation_endday, $search_date_creation_endyear); +$search_date_modification_startyear = GETPOST('search_date_modification_startyear', 'int'); +$search_date_modification_startmonth = GETPOST('search_date_modification_startmonth', 'int'); +$search_date_modification_startday = GETPOST('search_date_modification_startday', 'int'); +$search_date_modification_endyear = GETPOST('search_date_modification_endyear', 'int'); +$search_date_modification_endmonth = GETPOST('search_date_modification_endmonth', 'int'); +$search_date_modification_endday = GETPOST('search_date_modification_endday', 'int'); +$search_date_modification_start = dol_mktime(0, 0, 0, $search_date_modification_startmonth, $search_date_modification_startday, $search_date_modification_startyear); +$search_date_modification_end = dol_mktime(23, 59, 59, $search_date_modification_endmonth, $search_date_modification_endday, $search_date_modification_endyear); +$search_date_export_startyear = GETPOST('search_date_export_startyear', 'int'); +$search_date_export_startmonth = GETPOST('search_date_export_startmonth', 'int'); +$search_date_export_startday = GETPOST('search_date_export_startday', 'int'); +$search_date_export_endyear = GETPOST('search_date_export_endyear', 'int'); +$search_date_export_endmonth = GETPOST('search_date_export_endmonth', 'int'); +$search_date_export_endday = GETPOST('search_date_export_endday', 'int'); +$search_date_export_start = dol_mktime(0, 0, 0, $search_date_export_startmonth, $search_date_export_startday, $search_date_export_startyear); +$search_date_export_end = dol_mktime(23, 59, 59, $search_date_export_endmonth, $search_date_export_endday, $search_date_export_endyear); +$search_date_validation_startyear = GETPOST('search_date_validation_startyear', 'int'); +$search_date_validation_startmonth = GETPOST('search_date_validation_startmonth', 'int'); +$search_date_validation_startday = GETPOST('search_date_validation_startday', 'int'); +$search_date_validation_endyear = GETPOST('search_date_validation_endyear', 'int'); +$search_date_validation_endmonth = GETPOST('search_date_validation_endmonth', 'int'); +$search_date_validation_endday = GETPOST('search_date_validation_endday', 'int'); +$search_date_validation_start = dol_mktime(0, 0, 0, $search_date_validation_startmonth, $search_date_validation_startday, $search_date_validation_startyear); +$search_date_validation_end = dol_mktime(23, 59, 59, $search_date_validation_endmonth, $search_date_validation_endday, $search_date_validation_endyear); //var_dump($search_date_start);exit; if (GETPOST("button_delmvt_x") || GETPOST("button_delmvt.x") || GETPOST("button_delmvt")) { @@ -157,6 +189,7 @@ $arrayfields = array( 't.date_creation'=>array('label'=>$langs->trans("DateCreation"), 'checked'=>0), 't.tms'=>array('label'=>$langs->trans("DateModification"), 'checked'=>0), 't.date_export'=>array('label'=>$langs->trans("DateExport"), 'checked'=>1), + 't.date_validated'=>array('label'=>$langs->trans("DateValidation"), 'checked'=>1), ); if (empty($conf->global->ACCOUNTING_ENABLE_LETTERING)) { @@ -216,14 +249,46 @@ if (empty($reshook)) { $search_mvt_label = ''; $search_direction = ''; $search_ledger_code = array(); + $search_date_startyear = ''; + $search_date_startmonth = ''; + $search_date_startday = ''; + $search_date_endyear = ''; + $search_date_endmonth = ''; + $search_date_endday = ''; $search_date_start = ''; $search_date_end = ''; + $search_date_creation_startyear = ''; + $search_date_creation_startmonth = ''; + $search_date_creation_startday = ''; + $search_date_creation_endyear = ''; + $search_date_creation_endmonth = ''; + $search_date_creation_endday = ''; $search_date_creation_start = ''; $search_date_creation_end = ''; + $search_date_modification_startyear = ''; + $search_date_modification_startmonth = ''; + $search_date_modification_startday = ''; + $search_date_modification_endyear = ''; + $search_date_modification_endmonth = ''; + $search_date_modification_endday = ''; $search_date_modification_start = ''; $search_date_modification_end = ''; + $search_date_export_startyear = ''; + $search_date_export_startmonth = ''; + $search_date_export_startday = ''; + $search_date_export_endyear = ''; + $search_date_export_endmonth = ''; + $search_date_export_endday = ''; $search_date_export_start = ''; $search_date_export_end = ''; + $search_date_validation_startyear = ''; + $search_date_validation_startmonth = ''; + $search_date_validation_startday = ''; + $search_date_validation_endyear = ''; + $search_date_validation_endmonth = ''; + $search_date_validation_endday = ''; + $search_date_validation_start = ''; + $search_date_validation_end = ''; $search_debit = ''; $search_credit = ''; $search_lettering_code = ''; @@ -328,6 +393,16 @@ if (empty($reshook)) { $tmp = dol_getdate($search_date_export_end); $param .= '&date_export_endmonth='.urlencode($tmp['mon']).'&date_export_endday='.urlencode($tmp['mday']).'&date_export_endyear='.urlencode($tmp['year']); } + if (!empty($search_date_validation_start)) { + $filter['t.date_validated>='] = $search_date_validation_start; + $tmp = dol_getdate($search_date_validation_start); + $param .= '&date_validation_startmonth='.urlencode($tmp['mon']).'&date_validation_startday='.urlencode($tmp['mday']).'&date_validation_startyear='.urlencode($tmp['year']); + } + if (!empty($search_date_validation_end)) { + $filter['t.date_validated<='] = $search_date_validation_end; + $tmp = dol_getdate($search_date_validation_end); + $param .= '&date_validation_endmonth='.urlencode($tmp['mon']).'&date_validation_endday='.urlencode($tmp['mday']).'&date_validation_endyear='.urlencode($tmp['year']); + } if (!empty($search_debit)) { $filter['t.debit'] = $search_debit; $param .= '&search_debit='.urlencode($search_debit); @@ -447,7 +522,8 @@ $sql .= " t.journal_label,"; $sql .= " t.piece_num,"; $sql .= " t.date_creation,"; $sql .= " t.tms as date_modification,"; -$sql .= " t.date_export"; +$sql .= " t.date_export,"; +$sql .= " t.date_validated as date_validation"; $sql .= ' FROM '.MAIN_DB_PREFIX.$object->table_element.' as t'; // Manage filter $sqlwhere = array(); @@ -471,6 +547,8 @@ if (count($filter) > 0) { $sqlwhere[] = $key.'\''.$db->idate($value).'\''; } elseif ($key == 't.date_export>=' || $key == 't.date_export<=') { $sqlwhere[] = $key.'\''.$db->idate($value).'\''; + } elseif ($key == 't.date_validated>=' || $key == 't.date_validated<=') { + $sqlwhere[] = $key.'\''.$db->idate($value).'\''; } elseif ($key == 't.credit' || $key == 't.debit') { $sqlwhere[] = natural_search($key, $value, 1, 1); } elseif ($key == 't.reconciled_option') { @@ -508,10 +586,13 @@ if ($action == 'export_fileconfirm' && $user->rights->accounting->mouvements->ex $accountancyexport = new AccountancyExport($db); $accountancyexport->export($object->lines, $formatexportset); + $notifiedexportdate = GETPOST('notifiedexportdate', 'alpha'); + $notifiedvalidationdate = GETPOST('notifiedvalidationdate', 'alpha'); + if (!empty($accountancyexport->errors)) { setEventMessages('', $accountancyexport->errors, 'errors'); - } else { - // Specify as export : update field date_export + } elseif (!$notifiedexportdate || !$notifiedvalidationdate) { + // Specify as export : update field date_export or date_validated $error = 0; $db->begin(); @@ -520,8 +601,15 @@ if ($action == 'export_fileconfirm' && $user->rights->accounting->mouvements->ex $now = dol_now(); $sql = " UPDATE ".MAIN_DB_PREFIX."accounting_bookkeeping"; - $sql .= " SET date_export = '".$db->idate($now)."'"; - $sql .= " , date_validated = '".$db->idate($now)."'"; + $sql .= " SET"; + if (!$notifiedexportdate && !$notifiedvalidationdate) { + $sql .= " date_export = '".$db->idate($now)."'"; + $sql .= ", date_validated = '".$db->idate($now)."'"; + } elseif (!$notifiedexportdate) { + $sql .= " date_export = '".$db->idate($now)."'"; + } elseif (!$notifiedvalidationdate) { + $sql .= " date_validated = '".$db->idate($now)."'"; + } $sql .= " WHERE rowid = ".((int) $movement->id); dol_syslog("/accountancy/bookeeping/list.php Function export_file Specify movements as exported sql=".$sql, LOG_DEBUG); @@ -535,11 +623,11 @@ if ($action == 'export_fileconfirm' && $user->rights->accounting->mouvements->ex if (!$error) { $db->commit(); - // setEventMessages($langs->trans("AllExportedMovementsWereRecordedAsExported"), null, 'mesgs'); + // setEventMessages($langs->trans("AllExportedMovementsWereRecordedAsExportedOrValidated"), null, 'mesgs'); } else { $error++; $db->rollback(); - setEventMessages($langs->trans("NotAllExportedMovementsCouldBeRecordedAsExported"), null, 'errors'); + setEventMessages($langs->trans("NotAllExportedMovementsCouldBeRecordedAsExportedOrValidated"), null, 'errors'); } } exit; @@ -587,6 +675,8 @@ if (is_numeric($nbtotalofrecords) && $limit > $nbtotalofrecords) { llxHeader('', $title_page); +$formconfirm = ''; + if ($action == 'export_file') { $form_question = array(); @@ -598,17 +688,15 @@ if ($action == 'export_file') { ); $form_question['notifiedvalidationdate'] = array( 'name' => 'notifiedvalidationdate', - 'type' => 'checkbox', // We don't use select here, the journal_array is already a select html component + 'type' => 'checkbox', 'label' => $langs->trans('NotifiedValidationDate'), 'value' => (!empty($conf->global->ACCOUNTING_DEFAULT_NOT_NOTIFIED_VALIDATION_DATE) ? 'false' : 'true'), ); - $formconfirm = $form->formconfirm($_SERVER["PHP_SELF"].'?'.$param, $langs->trans("ExportFilteredList").' ('.$listofformat[$formatexportset].')', $langs->trans('ConfirmExportFile'), 'export_fileconfirm', $form_question, '', 1, 300); - print $formconfirm; + $formconfirm = $form->formconfirm($_SERVER["PHP_SELF"].'?'.$param, $langs->trans("ExportFilteredList").' ('.$listofformat[$formatexportset].')', $langs->trans('ConfirmExportFile'), 'export_fileconfirm', $form_question, '', 1, 300, 600); } if ($action == 'delmouv') { $formconfirm = $form->formconfirm($_SERVER["PHP_SELF"].'?mvt_num='.GETPOST('mvt_num').$param, $langs->trans('DeleteMvt'), $langs->trans('ConfirmDeleteMvtPartial'), 'delmouvconfirm', '', 0, 1); - print $formconfirm; } if ($action == 'delbookkeepingyear') { $form_question = array(); @@ -648,9 +736,11 @@ if ($action == 'delbookkeepingyear') { ); $formconfirm = $form->formconfirm($_SERVER["PHP_SELF"].'?'.$param, $langs->trans('DeleteMvt'), $langs->trans('ConfirmDeleteMvt', $langs->transnoentitiesnoconv("RegistrationInAccounting")), 'delbookkeepingyearconfirm', $form_question, '', 1, 300); - print $formconfirm; } +// Print form confirm +print $formconfirm; + //$param=''; param started before if (!empty($contextpage) && $contextpage != $_SERVER["PHP_SELF"]) { $param .= '&contextpage='.urlencode($contextpage); @@ -669,6 +759,8 @@ print ''; print ''; +$massactionbutton = ''; + if (count($filter)) { $buttonLabel = $langs->trans("ExportFilteredList"); } else { @@ -701,7 +793,7 @@ if (empty($reshook)) { $newcardbutton .= dolGetButtonTitle($langs->trans('NewAccountingMvt'), '', 'fa fa-plus-circle paddingleft', $url, '', $user->rights->accounting->mouvements->creer); } -print_barre_liste($title_page, $page, $_SERVER["PHP_SELF"], $param, $sortfield, $sortorder, '', $num, $nbtotalofrecords, 'title_accountancy', 0, $newcardbutton, '', $limit, 0, 0, 1); +print_barre_liste($title_page, $page, $_SERVER["PHP_SELF"], $param, $sortfield, $sortorder, $massactionbutton, $num, $nbtotalofrecords, 'title_accountancy', 0, $newcardbutton, '', $limit, 0, 0, 1); $varpage = empty($contextpage) ? $_SERVER["PHP_SELF"] : $contextpage; $selectedfields = $form->multiSelectArrayWithCheckbox('selectedfields', $arrayfields, $varpage); // This also change content of $arrayfields @@ -841,6 +933,17 @@ if (!empty($arrayfields['t.date_export']['checked'])) { print ''; print ''; } +// Date validation +if (!empty($arrayfields['t.date_validated']['checked'])) { + print ''; + print '
'; + print $form->selectDate($search_date_validation_start, 'date_validation_start', 0, 0, 1, '', 1, 0, 0, '', '', '', '', 1, '', $langs->trans("From")); + print '
'; + print '
'; + print $form->selectDate($search_date_validation_end, 'date_validation_end', 0, 0, 1, '', 1, 0, 0, '', '', '', '', 1, '', $langs->trans("to")); + print '
'; + print ''; +} // Action column print ''; $searchpicto = $form->showFilterButtons(); @@ -892,6 +995,9 @@ if (!empty($arrayfields['t.tms']['checked'])) { if (!empty($arrayfields['t.date_export']['checked'])) { print_liste_field_titre($arrayfields['t.date_export']['label'], $_SERVER['PHP_SELF'], "t.date_export", "", $param, '', $sortfield, $sortorder, 'center '); } +if (!empty($arrayfields['t.date_validated']['checked'])) { + print_liste_field_titre($arrayfields['t.date_validated']['label'], $_SERVER['PHP_SELF'], "t.date_validated", "", $param, '', $sortfield, $sortorder, 'center '); +} print_liste_field_titre($selectedfields, $_SERVER["PHP_SELF"], "", '', '', '', $sortfield, $sortorder, 'center maxwidthsearch '); print "\n"; @@ -934,6 +1040,7 @@ while ($i < min($num, $limit)) { $line->date_creation = $db->jdate($obj->date_creation); $line->date_modification = $db->jdate($obj->date_modification); $line->date_export = $db->jdate($obj->date_export); + $line->date_validation = $db->jdate($obj->date_validation); $total_debit += $line->debit; $total_credit += $line->credit; @@ -1067,7 +1174,7 @@ while ($i < min($num, $limit)) { // Amount debit if (!empty($arrayfields['t.debit']['checked'])) { - print ''.($line->debit != 0 ? price($line->debit) : '').''; + print ''.($line->debit != 0 ? price($line->debit) : '').''; if (!$i) { $totalarray['nbfield']++; } @@ -1079,7 +1186,7 @@ while ($i < min($num, $limit)) { // Amount credit if (!empty($arrayfields['t.credit']['checked'])) { - print ''.($line->credit != 0 ? price($line->credit) : '').''; + print ''.($line->credit != 0 ? price($line->credit) : '').''; if (!$i) { $totalarray['nbfield']++; } @@ -1126,12 +1233,22 @@ while ($i < min($num, $limit)) { } } + // Validated operation date + if (!empty($arrayfields['t.date_validated']['checked'])) { + print ''.dol_print_date($line->date_validation, 'dayhour').''; + if (!$i) { + $totalarray['nbfield']++; + } + } + // Action column print ''; - if (empty($line->date_export)) { + if (empty($line->date_export) || empty($line->date_validation)) { if ($user->rights->accounting->mouvements->creer) { - print ''.img_edit().''; + print '' . img_edit() . ''; } + } + if (empty($line->date_validation)) { if ($user->rights->accounting->mouvements->supprimer) { print ''.img_delete().''; } diff --git a/htdocs/accountancy/bookkeeping/listbyaccount.php b/htdocs/accountancy/bookkeeping/listbyaccount.php index 406664938cc..98c3f14191b 100644 --- a/htdocs/accountancy/bookkeeping/listbyaccount.php +++ b/htdocs/accountancy/bookkeeping/listbyaccount.php @@ -55,7 +55,7 @@ $search_date_export_endyear = GETPOST('search_date_export_endyear', 'int'); $search_date_export_endmonth = GETPOST('search_date_export_endmonth', 'int'); $search_date_export_endday = GETPOST('search_date_export_endday', 'int'); $search_date_export_start = dol_mktime(0, 0, 0, $search_date_export_startmonth, $search_date_export_startday, $search_date_export_startyear); -$search_date_export_end = dol_mktime(0, 0, 0, $search_date_export_endmonth, $search_date_export_endday, $search_date_export_endyear); +$search_date_export_end = dol_mktime(23, 59, 59, $search_date_export_endmonth, $search_date_export_endday, $search_date_export_endyear); $search_accountancy_code = GETPOST("search_accountancy_code"); $search_accountancy_code_start = GETPOST('search_accountancy_code_start', 'alpha'); @@ -807,7 +807,7 @@ while ($i < min($num, $limit)) { // Amount debit if (!empty($arrayfields['t.debit']['checked'])) { - print ''.($line->debit ? price($line->debit) : '').''; + print ''.($line->debit ? price($line->debit) : '').''; if (!$i) { $totalarray['nbfield']++; } @@ -819,7 +819,7 @@ while ($i < min($num, $limit)) { // Amount credit if (!empty($arrayfields['t.credit']['checked'])) { - print ''.($line->credit ? price($line->credit) : '').''; + print ''.($line->credit ? price($line->credit) : '').''; if (!$i) { $totalarray['nbfield']++; } diff --git a/htdocs/accountancy/bookkeeping/listbysubaccount.php b/htdocs/accountancy/bookkeeping/listbysubaccount.php index 43d4acf343f..20899c693c6 100644 --- a/htdocs/accountancy/bookkeeping/listbysubaccount.php +++ b/htdocs/accountancy/bookkeeping/listbysubaccount.php @@ -821,7 +821,7 @@ while ($i < min($num, $limit)) { // Amount debit if (!empty($arrayfields['t.debit']['checked'])) { - print ''.($line->debit ? price($line->debit) : '').''; + print ''.($line->debit ? price($line->debit) : '').''; if (!$i) { $totalarray['nbfield']++; } @@ -833,7 +833,7 @@ while ($i < min($num, $limit)) { // Amount credit if (!empty($arrayfields['t.credit']['checked'])) { - print ''.($line->credit ? price($line->credit) : '').''; + print ''.($line->credit ? price($line->credit) : '').''; if (!$i) { $totalarray['nbfield']++; } diff --git a/htdocs/accountancy/bookkeeping/thirdparty_lettering_customer.php b/htdocs/accountancy/bookkeeping/thirdparty_lettering_customer.php index 8669cae7c2f..29a0171fe08 100644 --- a/htdocs/accountancy/bookkeeping/thirdparty_lettering_customer.php +++ b/htdocs/accountancy/bookkeeping/thirdparty_lettering_customer.php @@ -296,15 +296,15 @@ if ($resql) { print ''; print ''.$langs->trans("Total").':'."\n"; - print ''.price($debit).''; - print ''.price($credit).''; + print ''.price($debit).''; + print ''.price($credit).''; print ''; print "\n"; print ''; print ''.$langs->trans("Balancing").':'."\n"; print ' '; - print ''.price($credit - $debit).''; + print ''.price($credit - $debit).''; print ''; print "\n"; diff --git a/htdocs/accountancy/bookkeeping/thirdparty_lettering_supplier.php b/htdocs/accountancy/bookkeeping/thirdparty_lettering_supplier.php index a73f711e15a..d62a1e9fc25 100644 --- a/htdocs/accountancy/bookkeeping/thirdparty_lettering_supplier.php +++ b/htdocs/accountancy/bookkeeping/thirdparty_lettering_supplier.php @@ -293,15 +293,15 @@ if ($resql) { print ''; print ''.$langs->trans("Total").':'."\n"; - print ''.price($debit).''; - print ''.price($credit).''; + print ''.price($debit).''; + print ''.price($credit).''; print ''; print "\n"; print ''; print ''.$langs->trans("Balancing").':'."\n"; print ' '; - print ''.price($credit - $debit).''; + print ''.price($credit - $debit).''; print ''; print "\n"; diff --git a/htdocs/accountancy/class/accountancycategory.class.php b/htdocs/accountancy/class/accountancycategory.class.php index d8e1598d1ac..77d10516daa 100644 --- a/htdocs/accountancy/class/accountancycategory.class.php +++ b/htdocs/accountancy/class/accountancycategory.class.php @@ -201,7 +201,7 @@ class AccountancyCategory // extends CommonObject $sql .= "entity"; $sql .= ") VALUES ("; if ($this->rowid > 0) { - $sql .= " ".$this->rowid.","; + $sql .= " ".((int) $this->rowid).","; } $sql .= " ".(!isset($this->code) ? 'NULL' : "'".$this->db->escape($this->code)."'").","; $sql .= " ".(!isset($this->label) ? 'NULL' : "'".$this->db->escape($this->label)."'").","; @@ -209,9 +209,9 @@ class AccountancyCategory // extends CommonObject $sql .= " ".(!isset($this->sens) ? 'NULL' : "'".$this->db->escape($this->sens)."'").","; $sql .= " ".(!isset($this->category_type) ? 'NULL' : "'".$this->db->escape($this->category_type)."'").","; $sql .= " ".(!isset($this->formula) ? 'NULL' : "'".$this->db->escape($this->formula)."'").","; - $sql .= " ".(!isset($this->position) ? 'NULL' : $this->db->escape($this->position)).","; - $sql .= " ".(!isset($this->fk_country) ? 'NULL' : $this->db->escape($this->fk_country)).","; - $sql .= " ".(!isset($this->active) ? 'NULL' : $this->db->escape($this->active)); + $sql .= " ".(!isset($this->position) ? 'NULL' : ((int) $this->position)).","; + $sql .= " ".(!isset($this->fk_country) ? 'NULL' : ((int) $this->fk_country)).","; + $sql .= " ".(!isset($this->active) ? 'NULL' : ((int) $this->active)); $sql .= ", ".$conf->entity; $sql .= ")"; @@ -263,7 +263,7 @@ class AccountancyCategory // extends CommonObject if ($id) { $sql .= " WHERE t.rowid = ".((int) $id); } else { - $sql .= " WHERE t.entity IN (".getEntity('c_accounting_category').")"; // Dont't use entity if you use rowid + $sql .= " WHERE t.entity IN (".getEntity('c_accounting_category').")"; // Don't use entity if you use rowid if ($code) { $sql .= " AND t.code = '".$this->db->escape($code)."'"; } elseif ($label) { @@ -675,7 +675,7 @@ class AccountancyCategory // extends CommonObject $sql .= " FROM ".MAIN_DB_PREFIX."c_accounting_category as c"; $sql .= " WHERE c.active = 1"; $sql .= " AND c.entity = ".$conf->entity; - $sql .= " AND (c.fk_country = ".$mysoc->country_id." OR c.fk_country = 0)"; + $sql .= " AND (c.fk_country = ".((int) $mysoc->country_id)." OR c.fk_country = 0)"; $sql .= " AND cat.rowid = t.fk_accounting_category"; $sql .= " AND t.entity = ".$conf->entity; $sql .= " ORDER BY cat.position ASC"; @@ -806,7 +806,7 @@ class AccountancyCategory // extends CommonObject if ($categorytype >= 0) { $sql .= " AND c.category_type = 1"; } - $sql .= " AND (c.fk_country = ".$mysoc->country_id." OR c.fk_country = 0)"; + $sql .= " AND (c.fk_country = ".((int) $mysoc->country_id)." OR c.fk_country = 0)"; $sql .= " ORDER BY c.position ASC"; $resql = $this->db->query($sql); diff --git a/htdocs/accountancy/class/accountingaccount.class.php b/htdocs/accountancy/class/accountingaccount.class.php index 28601380ac1..99a0dc0dc48 100644 --- a/htdocs/accountancy/class/accountingaccount.class.php +++ b/htdocs/accountancy/class/accountingaccount.class.php @@ -602,7 +602,7 @@ class AccountingAccount extends CommonObject $sql = "UPDATE ".MAIN_DB_PREFIX."accounting_account "; $sql .= "SET ".$fieldtouse." = '0'"; - $sql .= " WHERE rowid = ".$this->db->escape($id); + $sql .= " WHERE rowid = ".((int) $id); dol_syslog(get_class($this)."::accountDeactivate ".$fieldtouse." sql=".$sql, LOG_DEBUG); $result = $this->db->query($sql); @@ -640,7 +640,7 @@ class AccountingAccount extends CommonObject $sql = "UPDATE ".MAIN_DB_PREFIX."accounting_account"; $sql .= " SET ".$fieldtouse." = '1'"; - $sql .= " WHERE rowid = ".$this->db->escape($id); + $sql .= " WHERE rowid = ".((int) $id); dol_syslog(get_class($this)."::account_activate ".$fieldtouse." sql=".$sql, LOG_DEBUG); $result = $this->db->query($sql); diff --git a/htdocs/accountancy/class/bookkeeping.class.php b/htdocs/accountancy/class/bookkeeping.class.php index 3594bb26fc8..6bd39f4e227 100644 --- a/htdocs/accountancy/class/bookkeeping.class.php +++ b/htdocs/accountancy/class/bookkeeping.class.php @@ -294,14 +294,14 @@ class BookKeeping extends CommonObject $sql = "SELECT count(*) as nb"; $sql .= " FROM ".MAIN_DB_PREFIX.$this->table_element; $sql .= " WHERE doc_type = '".$this->db->escape($this->doc_type)."'"; - $sql .= " AND fk_doc = ".$this->fk_doc; + $sql .= " AND fk_doc = ".((int) $this->fk_doc); if (!empty($conf->global->ACCOUNTANCY_ENABLE_FKDOCDET)) { // DO NOT USE THIS IN PRODUCTION. This will generate a lot of trouble into reports and will corrupt database (by generating duplicate entries. - $sql .= " AND fk_docdet = " . $this->fk_docdet; // This field can be 0 if record is for several lines + $sql .= " AND fk_docdet = ".$this->fk_docdet; // This field can be 0 if record is for several lines } $sql .= " AND numero_compte = '".$this->db->escape($this->numero_compte)."'"; $sql .= " AND label_operation = '".$this->db->escape($this->label_operation)."'"; - $sql .= " AND entity = ".$conf->entity; // Do not use getEntity for accounting features + $sql .= " AND entity = ".$conf->entity; // Do not use getEntity for accounting features $resql = $this->db->query($sql); @@ -312,13 +312,13 @@ class BookKeeping extends CommonObject $sqlnum = "SELECT piece_num"; $sqlnum .= " FROM ".MAIN_DB_PREFIX.$this->table_element; $sqlnum .= " WHERE doc_type = '".$this->db->escape($this->doc_type)."'"; // For example doc_type = 'bank' - $sqlnum .= " AND fk_doc = ".$this->fk_doc; + $sqlnum .= " AND fk_doc = ".((int) $this->fk_doc); if (!empty($conf->global->ACCOUNTANCY_ENABLE_FKDOCDET)) { // fk_docdet is rowid into llx_bank or llx_facturedet or llx_facturefourndet, or ... $sqlnum .= " AND fk_docdet = ".((int) $this->fk_docdet); } $sqlnum .= " AND doc_ref = '".$this->db->escape($this->doc_ref)."'"; // ref of source object - $sqlnum .= " AND entity = ".$conf->entity; // Do not use getEntity for accounting features + $sqlnum .= " AND entity = ".$conf->entity; // Do not use getEntity for accounting features dol_syslog(get_class($this).":: create sqlnum=".$sqlnum, LOG_DEBUG); $resqlnum = $this->db->query($sqlnum); @@ -331,7 +331,7 @@ class BookKeeping extends CommonObject if (empty($this->piece_num)) { $sqlnum = "SELECT MAX(piece_num)+1 as maxpiecenum"; $sqlnum .= " FROM ".MAIN_DB_PREFIX.$this->table_element; - $sqlnum .= " WHERE entity = ".$conf->entity; // Do not use getEntity for accounting features + $sqlnum .= " WHERE entity = ".$conf->entity; // Do not use getEntity for accounting features $resqlnum = $this->db->query($sqlnum); if ($resqlnum) { @@ -728,7 +728,9 @@ class BookKeeping extends CommonObject $sql .= " t.code_journal,"; $sql .= " t.journal_label,"; $sql .= " t.piece_num,"; - $sql .= " t.date_creation"; + $sql .= " t.date_creation,"; + $sql .= " t.date_export,"; + $sql .= " t.date_validated as date_validation"; $sql .= ' FROM '.MAIN_DB_PREFIX.$this->table_element.$mode.' as t'; $sql .= ' WHERE 1 = 1'; $sql .= " AND entity IN (".getEntity('accountancy').")"; @@ -769,6 +771,9 @@ class BookKeeping extends CommonObject $this->journal_label = $obj->journal_label; $this->piece_num = $obj->piece_num; $this->date_creation = $this->db->jdate($obj->date_creation); + $this->date_export = $this->db->jdate($obj->date_export); + $this->date_validation = $this->db->jdate($obj->date_validated); + $this->date_validation = $this->db->jdate($obj->date_validation); } $this->db->free($resql); @@ -834,7 +839,8 @@ class BookKeeping extends CommonObject $sql .= " t.journal_label,"; $sql .= " t.piece_num,"; $sql .= " t.date_creation,"; - $sql .= " t.date_export"; + $sql .= " t.date_export,"; + $sql .= " t.date_validated as date_validation"; // Manage filter $sqlwhere = array(); if (count($filter) > 0) { @@ -853,6 +859,8 @@ class BookKeeping extends CommonObject $sqlwhere[] = $key.'\''.$this->db->idate($value).'\''; } elseif ($key == 't.date_export>=' || $key == 't.date_export<=') { $sqlwhere[] = $key.'\''.$this->db->idate($value).'\''; + } elseif ($key == 't.date_validated>=' || $key == 't.date_validated<=') { + $sqlwhere[] = $key.'\''.$this->db->idate($value).'\''; } elseif ($key == 't.credit' || $key == 't.debit') { $sqlwhere[] = natural_search($key, $value, 1, 1); } elseif ($key == 't.reconciled_option') { @@ -926,6 +934,8 @@ class BookKeeping extends CommonObject $line->piece_num = $obj->piece_num; $line->date_creation = $this->db->jdate($obj->date_creation); $line->date_export = $this->db->jdate($obj->date_export); + $line->date_validation = $this->db->jdate($obj->date_validated); + $line->date_validation = $this->db->jdate($obj->date_validation); $this->lines[] = $line; @@ -987,7 +997,8 @@ class BookKeeping extends CommonObject $sql .= " t.date_creation,"; $sql .= " t.date_lim_reglement,"; $sql .= " t.tms as date_modification,"; - $sql .= " t.date_export"; + $sql .= " t.date_export,"; + $sql .= " t.date_validated as date_validation"; $sql .= ' FROM '.MAIN_DB_PREFIX.$this->table_element.' as t'; // Manage filter $sqlwhere = array(); @@ -1009,6 +1020,8 @@ class BookKeeping extends CommonObject $sqlwhere[] = $key.'\''.$this->db->idate($value).'\''; } elseif ($key == 't.date_export>=' || $key == 't.date_export<=') { $sqlwhere[] = $key.'\''.$this->db->idate($value).'\''; + } elseif ($key == 't.date_validated>=' || $key == 't.date_validated<=') { + $sqlwhere[] = $key.'\''.$this->db->idate($value).'\''; } elseif ($key == 't.credit' || $key == 't.debit') { $sqlwhere[] = natural_search($key, $value, 1, 1); } else { @@ -1054,7 +1067,7 @@ class BookKeeping extends CommonObject $line->label_operation = $obj->label_operation; $line->debit = $obj->debit; $line->credit = $obj->credit; - $line->montant = $obj->amount; // deprecated + $line->montant = $obj->amount; // deprecated $line->amount = $obj->amount; $line->sens = $obj->sens; $line->lettering_code = $obj->lettering_code; @@ -1068,6 +1081,8 @@ class BookKeeping extends CommonObject $line->date_lim_reglement = $this->db->jdate($obj->date_lim_reglement); $line->date_modification = $this->db->jdate($obj->date_modification); $line->date_export = $this->db->jdate($obj->date_export); + $line->date_validation = $this->db->jdate($obj->date_validated); + $line->date_validation = $this->db->jdate($obj->date_validation); $this->lines[] = $line; @@ -1454,6 +1469,8 @@ class BookKeeping extends CommonObject $sql .= " AND code_journal = '".$this->db->escape($journal)."'"; } $sql .= " AND entity IN (".getEntity('accountancy').")"; + // Exclusion of validated entries at the time of deletion + $sql .= " AND date_validated IS NULL"; // TODO: In a future we must forbid deletion if record is inside a closed fiscal period. @@ -1603,7 +1620,8 @@ class BookKeeping extends CommonObject { global $conf; - $sql = "SELECT piece_num,doc_date,code_journal,journal_label,doc_ref,doc_type,date_creation"; + $sql = "SELECT piece_num, doc_date,code_journal, journal_label, doc_ref, doc_type,"; + $sql .= " date_creation, tms as date_modification, date_export, date_validated as date_validation"; $sql .= " FROM ".MAIN_DB_PREFIX.$this->table_element.$mode; $sql .= " WHERE piece_num = ".$piecenum; $sql .= " AND entity IN (".getEntity('accountancy').")"; @@ -1620,6 +1638,10 @@ class BookKeeping extends CommonObject $this->doc_ref = $obj->doc_ref; $this->doc_type = $obj->doc_type; $this->date_creation = $obj->date_creation; + $this->date_modification = $obj->date_modification; + $this->date_export = $obj->date_export; + $this->date_validation = $obj->date_validated; + $this->date_validation = $obj->date_validation; } else { $this->error = "Error ".$this->db->lasterror(); dol_syslog(__METHOD__.$this->error, LOG_ERR); @@ -1675,7 +1697,8 @@ class BookKeeping extends CommonObject $sql = "SELECT rowid, doc_date, doc_type,"; $sql .= " doc_ref, fk_doc, fk_docdet, thirdparty_code, subledger_account, subledger_label,"; $sql .= " numero_compte, label_compte, label_operation, debit, credit,"; - $sql .= " montant as amount, sens, fk_user_author, import_key, code_journal, journal_label, piece_num, date_creation"; + $sql .= " montant as amount, sens, fk_user_author, import_key, code_journal, journal_label, piece_num,"; + $sql .= " date_creation, tms as date_modification, date_export, date_validated as date_validation"; $sql .= " FROM ".MAIN_DB_PREFIX.$this->table_element.$mode; $sql .= " WHERE piece_num = ".$piecenum; $sql .= " AND entity IN (".getEntity('accountancy').")"; @@ -1708,6 +1731,10 @@ class BookKeeping extends CommonObject $line->journal_label = $obj->journal_label; $line->piece_num = $obj->piece_num; $line->date_creation = $obj->date_creation; + $line->date_modification = $obj->date_modification; + $line->date_export = $obj->date_export; + $line->date_validation = $obj->date_validated; + $line->date_validation = $obj->date_validation; $this->linesmvt[] = $line; } @@ -1735,7 +1762,8 @@ class BookKeeping extends CommonObject $sql = "SELECT rowid, doc_date, doc_type,"; $sql .= " doc_ref, fk_doc, fk_docdet, thirdparty_code, subledger_account, subledger_label,"; $sql .= " numero_compte, label_compte, label_operation, debit, credit,"; - $sql .= " montant as amount, sens, fk_user_author, import_key, code_journal, piece_num"; + $sql .= " montant as amount, sens, fk_user_author, import_key, code_journal, piece_num,"; + $sql .= " date_validated as date_validation"; $sql .= " FROM ".MAIN_DB_PREFIX.$this->table_element; $sql .= " WHERE entity IN (".getEntity('accountancy').")"; @@ -1770,6 +1798,8 @@ class BookKeeping extends CommonObject $line->sens = $obj->sens; $line->code_journal = $obj->code_journal; $line->piece_num = $obj->piece_num; + $line->date_validation = $obj->date_validated; + $line->date_validation = $obj->date_validation; $this->linesexport[] = $line; } @@ -2103,4 +2133,9 @@ class BookKeepingLine * @var integer|string $date_export; */ public $date_export; + + /** + * @var integer|string $date_validation; + */ + public $date_validation; } diff --git a/htdocs/accountancy/closure/index.php b/htdocs/accountancy/closure/index.php index bcb3d7901f5..b612762d358 100644 --- a/htdocs/accountancy/closure/index.php +++ b/htdocs/accountancy/closure/index.php @@ -12,7 +12,7 @@ * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License - * along with this program. If not, see . + * along with this program. If not, see . * */ @@ -124,7 +124,11 @@ if ($action == 'validate_movements_confirm' && !empty($user->rights->accounting- $form = new Form($db); $formaccounting = new FormAccounting($db); -llxHeader('', $langs->trans("Closure")); +$title = $langs->trans('Closure'); + +$help_url ='EN:Module_Double_Entry_Accounting'; + +llxHeader('', $title, $help_url); if ($action == 'validate_movements') { $form_question = array(); diff --git a/htdocs/accountancy/customer/index.php b/htdocs/accountancy/customer/index.php index 9580e8bca37..dde599a1462 100644 --- a/htdocs/accountancy/customer/index.php +++ b/htdocs/accountancy/customer/index.php @@ -141,6 +141,9 @@ if ($action == 'validatehistory') { $sql .= " FROM ".MAIN_DB_PREFIX."facture as f"; $sql .= " INNER JOIN ".MAIN_DB_PREFIX."societe as s ON s.rowid = f.fk_soc"; + if (!empty($conf->global->MAIN_COMPANY_PERENTITY_SHARED)) { + $sql .= " LEFT JOIN " . MAIN_DB_PREFIX . "societe_perentity as spe ON spe.fk_soc = s.rowid AND spe.entity = " . ((int) $conf->entity); + } $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."c_country as co ON co.rowid = s.fk_pays "; $sql .= " INNER JOIN ".MAIN_DB_PREFIX."facturedet as l ON f.rowid = l.fk_facture"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."product as p ON p.rowid = l.fk_product"; @@ -319,10 +322,10 @@ if ($resql) { } print ''; for ($i = 2; $i <= 12; $i++) { - print ''.price($row[$i]).''; + print ''.price($row[$i]).''; } - print ''.price($row[13]).''; - print ''.price($row[14]).''; + print ''.price($row[13]).''; + print ''.price($row[14]).''; print ''; } $db->free($resql); @@ -405,10 +408,10 @@ if ($resql) { print ''; for ($i = 2; $i <= 12; $i++) { - print ''.price($row[$i]).''; + print ''.price($row[$i]).''; } - print ''.price($row[13]).''; - print ''.price($row[14]).''; + print ''.price($row[13]).''; + print ''.price($row[14]).''; print ''; } $db->free($resql); @@ -472,9 +475,9 @@ if ($conf->global->MAIN_FEATURES_LEVEL > 0) { // This part of code looks strange while ($row = $db->fetch_row($resql)) { print ''.$row[0].''; for ($i = 1; $i <= 12; $i++) { - print ''.price($row[$i]).''; + print ''.price($row[$i]).''; } - print ''.price($row[13]).''; + print ''.price($row[13]).''; print ''; } $db->free($resql); @@ -533,9 +536,9 @@ if ($conf->global->MAIN_FEATURES_LEVEL > 0) { // This part of code looks strange while ($row = $db->fetch_row($resql)) { print ''.$row[0].''; for ($i = 1; $i <= 12; $i++) { - print ''.price(price2num($row[$i])).''; + print ''.price(price2num($row[$i])).''; } - print ''.price(price2num($row[13])).''; + print ''.price(price2num($row[13])).''; print ''; } $db->free($resql); diff --git a/htdocs/accountancy/customer/lines.php b/htdocs/accountancy/customer/lines.php index 1e6fb660c62..884de9dd232 100644 --- a/htdocs/accountancy/customer/lines.php +++ b/htdocs/accountancy/customer/lines.php @@ -492,7 +492,7 @@ if ($result) { print $form->textwithtooltip(dol_trunc($text, $trunclength), $objp->description); print ''; - print ''.price($objp->total_ht).''; + print ''.price($objp->total_ht).''; print ''.vatrate($objp->tva_tx.($objp->vat_src_code ? ' ('.$objp->vat_src_code.')' : '')).''; diff --git a/htdocs/accountancy/customer/list.php b/htdocs/accountancy/customer/list.php index 4df8d6b9b15..97d94a42f00 100644 --- a/htdocs/accountancy/customer/list.php +++ b/htdocs/accountancy/customer/list.php @@ -495,7 +495,7 @@ if ($result) { //print_liste_field_titre("ProductLabel", $_SERVER["PHP_SELF"], "p.label", "", $param, '', $sortfield, $sortorder); print_liste_field_titre("ProductDescription", $_SERVER["PHP_SELF"], "l.description", "", $param, '', $sortfield, $sortorder); print_liste_field_titre("Amount", $_SERVER["PHP_SELF"], "l.total_ht", "", $param, '', $sortfield, $sortorder, 'right maxwidth50 '); - print_liste_field_titre("VATRate", $_SERVER["PHP_SELF"], "l.tva_tx", "", $param, '', $sortfield, $sortorder, 'right '); + print_liste_field_titre("VATRate", $_SERVER["PHP_SELF"], "l.tva_tx", "", $param, '', $sortfield, $sortorder, 'right ', '', 1); print_liste_field_titre("ThirdParty", $_SERVER["PHP_SELF"], "s.nom", "", $param, '', $sortfield, $sortorder); print_liste_field_titre("Country", $_SERVER["PHP_SELF"], "co.label", "", $param, '', $sortfield, $sortorder); print_liste_field_titre("VATIntraShort", $_SERVER["PHP_SELF"], "s.tva_intra", "", $param, '', $sortfield, $sortorder); @@ -687,7 +687,7 @@ if ($result) { print $form->textwithtooltip(dol_trunc($text, $trunclength), $objp->description); print ''; - print ''; + print ''; print price($objp->total_ht); print ''; @@ -703,13 +703,13 @@ if ($result) { print ''.$thirdpartystatic->getNomUrl(1, 'customer').''; // Country - print ''; $labelcountry = ($objp->country_code && ($langs->trans("Country".$objp->country_code) != "Country".$objp->country_code)) ? $langs->trans("Country".$objp->country_code) : $objp->country_label; - print $labelcountry; + print ''; + print dol_escape_htmltag($labelcountry); print ''; // VAT Num - print ''.$objp->tva_intra.''; + print ''.dol_escape_htmltag($objp->tva_intra).''; // Found accounts print ''; diff --git a/htdocs/accountancy/expensereport/index.php b/htdocs/accountancy/expensereport/index.php index baeefa1bbfb..f06dd5f8d6f 100644 --- a/htdocs/accountancy/expensereport/index.php +++ b/htdocs/accountancy/expensereport/index.php @@ -210,10 +210,10 @@ if ($resql) { } print ''; for ($i = 2; $i <= 12; $i++) { - print ''.price($row[$i]).''; + print ''.price($row[$i]).''; } - print ''.price($row[13]).''; - print ''.price($row[14]).''; + print ''.price($row[13]).''; + print ''.price($row[14]).''; print ''; } $db->free($resql); @@ -290,10 +290,10 @@ if ($resql) { } print ''; for ($i = 2; $i <= 12; $i++) { - print ''.price($row[$i]).''; + print ''.price($row[$i]).''; } - print ''.price($row[13]).''; - print ''.price($row[14]).''; + print ''.price($row[13]).''; + print ''.price($row[14]).''; print ''; } $db->free($resql); @@ -352,9 +352,9 @@ if ($conf->global->MAIN_FEATURES_LEVEL > 0) { // This part of code looks strange while ($row = $db->fetch_row($resql)) { print ''.$row[0].''; for ($i = 1; $i <= 12; $i++) { - print ''.price($row[$i]).''; + print ''.price($row[$i]).''; } - print ''.price($row[13]).''; + print ''.price($row[13]).''; print ''; } diff --git a/htdocs/accountancy/expensereport/lines.php b/htdocs/accountancy/expensereport/lines.php index df50eaaff87..b262f85367a 100644 --- a/htdocs/accountancy/expensereport/lines.php +++ b/htdocs/accountancy/expensereport/lines.php @@ -388,7 +388,7 @@ if ($result) { print ''; // Amount without taxes - print ''.price($objp->total_ht).''; + print ''.price($objp->total_ht).''; // Vat rate print ''.vatrate($objp->tva_tx.($objp->vat_src_code ? ' ('.$objp->vat_src_code.')' : '')).''; diff --git a/htdocs/accountancy/expensereport/list.php b/htdocs/accountancy/expensereport/list.php index 810f65c68df..d69e78fead2 100644 --- a/htdocs/accountancy/expensereport/list.php +++ b/htdocs/accountancy/expensereport/list.php @@ -434,7 +434,7 @@ if ($result) { print ''; // Amount without taxes - print ''; + print ''; print price($objp->price); print ''; diff --git a/htdocs/accountancy/index.php b/htdocs/accountancy/index.php index d073139a533..6e13a662948 100644 --- a/htdocs/accountancy/index.php +++ b/htdocs/accountancy/index.php @@ -61,7 +61,7 @@ if (empty($user->rights->compta->resultat->lire) && empty($user->rights->account if (GETPOST('addbox')) { // Add box (when submit is done from a form when ajax disabled) require_once DOL_DOCUMENT_ROOT.'/core/class/infobox.class.php'; - $zone = GETPOST('areacode', 'aZ09'); + $zone = GETPOST('areacode', 'int'); $userid = GETPOST('userid', 'int'); $boxorder = GETPOST('boxorder', 'aZ09'); $boxorder .= GETPOST('boxcombo', 'aZ09'); diff --git a/htdocs/accountancy/journal/bankjournal.php b/htdocs/accountancy/journal/bankjournal.php index 76984d55fba..34e533974fc 100644 --- a/htdocs/accountancy/journal/bankjournal.php +++ b/htdocs/accountancy/journal/bankjournal.php @@ -1108,8 +1108,8 @@ if (empty($action) || $action == 'view') { print $reflabel; print ""; print ''.$val["type_payment"].""; - print ''.($mt >= 0 ? price($mt) : '').""; - print ''.($mt < 0 ? price(-$mt) : '').""; + print ''.($mt >= 0 ? price($mt) : '').""; + print ''.($mt < 0 ? price(-$mt) : '').""; print ""; } } @@ -1222,8 +1222,8 @@ if (empty($action) || $action == 'view') { print ""; print "".$reflabel.""; print ''.$val["type_payment"].""; - print ''.($mt < 0 ? price(-$mt) : '').""; - print ''.($mt >= 0 ? price($mt) : '').""; + print ''.($mt < 0 ? price(-$mt) : '').""; + print ''.($mt >= 0 ? price($mt) : '').""; print ""; } } @@ -1259,8 +1259,8 @@ if (empty($action) || $action == 'view') { print ""; print "".$reflabel.""; print ''.$val["type_payment"].""; - print ''.($mt < 0 ? price(-$mt) : '').""; - print ''.($mt >= 0 ? price($mt) : '').""; + print ''.($mt < 0 ? price(-$mt) : '').""; + print ''.($mt >= 0 ? price($mt) : '').""; print ""; } } @@ -1320,7 +1320,7 @@ function getSourceDocRef($val, $typerecord) if ($typerecord == 'payment') { $sqlmid = 'SELECT payfac.fk_facture as id, f.ref as ref'; $sqlmid .= " FROM ".MAIN_DB_PREFIX."paiement_facture as payfac, ".MAIN_DB_PREFIX."facture as f"; - $sqlmid .= " WHERE payfac.fk_facture = f.rowid AND payfac.fk_paiement=".$val["paymentid"]; + $sqlmid .= " WHERE payfac.fk_facture = f.rowid AND payfac.fk_paiement=".((int) $val["paymentid"]); $ref = $langs->transnoentitiesnoconv("Invoice"); } elseif ($typerecord == 'payment_supplier') { $sqlmid = 'SELECT payfac.fk_facturefourn as id, f.ref'; diff --git a/htdocs/accountancy/journal/expensereportsjournal.php b/htdocs/accountancy/journal/expensereportsjournal.php index 0273690ae81..c1a62847b32 100644 --- a/htdocs/accountancy/journal/expensereportsjournal.php +++ b/htdocs/accountancy/journal/expensereportsjournal.php @@ -610,8 +610,8 @@ if (empty($action) || $action == 'view') { $userstatic->id = $tabuser[$key]['id']; $userstatic->name = $tabuser[$key]['name']; print "".$userstatic->getNomUrl(0, 'user', 16).' - '.$accountingaccount->label.""; - print ''.($mt >= 0 ? price($mt) : '').""; - print ''.($mt < 0 ? price(-$mt) : '').""; + print ''.($mt >= 0 ? price($mt) : '').""; + print ''.($mt < 0 ? price(-$mt) : '').""; print ""; } } @@ -644,8 +644,8 @@ if (empty($action) || $action == 'view') { } print ''; print "".$userstatic->getNomUrl(0, 'user', 16).' - '.$langs->trans("SubledgerAccount").""; - print ''.($mt < 0 ? price(-$mt) : '').""; - print ''.($mt >= 0 ? price($mt) : '').""; + print ''.($mt < 0 ? price(-$mt) : '').""; + print ''.($mt >= 0 ? price($mt) : '').""; print ""; } @@ -680,8 +680,8 @@ if (empty($action) || $action == 'view') { print ''; print "".$userstatic->getNomUrl(0, 'user', 16).' - '.$langs->trans("VAT").' '.join(', ', $def_tva[$key][$k]).' %'.($numtax ? ' - Localtax '.$numtax : ''); print ""; - print ''.($mt >= 0 ? price($mt) : '').""; - print ''.($mt < 0 ? price(-$mt) : '').""; + print ''.($mt >= 0 ? price($mt) : '').""; + print ''.($mt < 0 ? price(-$mt) : '').""; print ""; } } diff --git a/htdocs/accountancy/journal/purchasesjournal.php b/htdocs/accountancy/journal/purchasesjournal.php index 2677f8569f2..9b979da37d6 100644 --- a/htdocs/accountancy/journal/purchasesjournal.php +++ b/htdocs/accountancy/journal/purchasesjournal.php @@ -911,8 +911,8 @@ if (empty($action) || $action == 'view') { } print ''; print "".$companystatic->getNomUrl(0, 'supplier', 16).' - '.$invoicestatic->ref_supplier.' - '.$langs->trans("SubledgerAccount").""; - print ''.($mt < 0 ? price(-$mt) : '').""; - print ''.($mt >= 0 ? price($mt) : '').""; + print ''.($mt < 0 ? price(-$mt) : '').""; + print ''.($mt >= 0 ? price($mt) : '').""; print ""; } @@ -940,8 +940,8 @@ if (empty($action) || $action == 'view') { $companystatic->id = $tabcompany[$key]['id']; $companystatic->name = $tabcompany[$key]['name']; print "".$companystatic->getNomUrl(0, 'supplier', 16).' - '.$invoicestatic->ref_supplier.' - '.$accountingaccount->label.""; - print ''.($mt >= 0 ? price($mt) : '').""; - print ''.($mt < 0 ? price(-$mt) : '').""; + print ''.($mt >= 0 ? price($mt) : '').""; + print ''.($mt < 0 ? price(-$mt) : '').""; print ""; } @@ -977,8 +977,8 @@ if (empty($action) || $action == 'view') { print ""; print $companystatic->getNomUrl(0, 'supplier', 16).' - '.$invoicestatic->ref_supplier.' - '.$langs->trans("VAT").' '.join(', ', $def_tva[$key][$k]).' %'.($numtax ? ' - Localtax '.$numtax : ''); print ""; - print ''.($mt >= 0 ? price($mt) : '').""; - print ''.($mt < 0 ? price(-$mt) : '').""; + print ''.($mt >= 0 ? price($mt) : '').""; + print ''.($mt < 0 ? price(-$mt) : '').""; print ""; } } @@ -1005,8 +1005,8 @@ if (empty($action) || $action == 'view') { print ""; print ''; print "".$companystatic->getNomUrl(0, 'supplier', 16).' - '.$invoicestatic->ref_supplier.' - '.$langs->trans("VAT")." NPR (counterpart)"; - print ''.($mt < 0 ? price(-$mt) : '').""; - print ''.($mt >= 0 ? price($mt) : '').""; + print ''.($mt < 0 ? price(-$mt) : '').""; + print ''.($mt >= 0 ? price($mt) : '').""; print ""; } } diff --git a/htdocs/accountancy/journal/sellsjournal.php b/htdocs/accountancy/journal/sellsjournal.php index d147186a8d8..93be8e8b1b9 100644 --- a/htdocs/accountancy/journal/sellsjournal.php +++ b/htdocs/accountancy/journal/sellsjournal.php @@ -851,8 +851,8 @@ if (empty($action) || $action == 'view') { } print ''; print "".$companystatic->getNomUrl(0, 'customer', 16).' - '.$invoicestatic->ref.' - '.$langs->trans("SubledgerAccount").""; - print ''.($mt >= 0 ? price($mt) : '').""; - print ''.($mt < 0 ? price(-$mt) : '').""; + print ''.($mt >= 0 ? price($mt) : '').""; + print ''.($mt < 0 ? price(-$mt) : '').""; print ""; } @@ -880,8 +880,8 @@ if (empty($action) || $action == 'view') { $companystatic->id = $tabcompany[$key]['id']; $companystatic->name = $tabcompany[$key]['name']; print "".$companystatic->getNomUrl(0, 'customer', 16).' - '.$invoicestatic->ref.' - '.$accountingaccount->label.""; - print ''.($mt < 0 ? price(-$mt) : '').""; - print ''.($mt >= 0 ? price($mt) : '').""; + print ''.($mt < 0 ? price(-$mt) : '').""; + print ''.($mt >= 0 ? price($mt) : '').""; print ""; } @@ -916,8 +916,8 @@ if (empty($action) || $action == 'view') { print ''; print "".$companystatic->getNomUrl(0, 'customer', 16).' - '.$invoicestatic->ref.' - '.$langs->trans("VAT").' '.join(', ', $def_tva[$key][$k]).' %'.($numtax ? ' - Localtax '.$numtax : ''); print ""; - print ''.($mt < 0 ? price(-$mt) : '').""; - print ''.($mt >= 0 ? price($mt) : '').""; + print ''.($mt < 0 ? price(-$mt) : '').""; + print ''.($mt >= 0 ? price($mt) : '').""; print ""; } } diff --git a/htdocs/accountancy/supplier/index.php b/htdocs/accountancy/supplier/index.php index c1a3ffe23a6..b5c6804c7d6 100644 --- a/htdocs/accountancy/supplier/index.php +++ b/htdocs/accountancy/supplier/index.php @@ -149,6 +149,9 @@ if ($action == 'validatehistory') { $sql .= " FROM ".MAIN_DB_PREFIX."facture_fourn as f"; $sql .= " INNER JOIN ".MAIN_DB_PREFIX."societe as s ON s.rowid = f.fk_soc"; + if (!empty($conf->global->MAIN_COMPANY_PERENTITY_SHARED)) { + $sql .= " LEFT JOIN " . MAIN_DB_PREFIX . "societe_perentity as spe ON spe.fk_soc = s.rowid AND spe.entity = " . ((int) $conf->entity); + } $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."c_country as co ON co.rowid = s.fk_pays "; $sql .= " INNER JOIN ".MAIN_DB_PREFIX."facture_fourn_det as l ON f.rowid = l.fk_facture_fourn"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."product as p ON p.rowid = l.fk_product"; @@ -314,10 +317,10 @@ if ($resql) { } print ''; for ($i = 2; $i <= 12; $i++) { - print ''.price($row[$i]).''; + print ''.price($row[$i]).''; } - print ''.price($row[13]).''; - print ''.price($row[14]).''; + print ''.price($row[13]).''; + print ''.price($row[14]).''; print ''; } $db->free($resql); @@ -393,10 +396,10 @@ if ($resql) { } print ''; for ($i = 2; $i <= 12; $i++) { - print ''.price($row[$i]).''; + print ''.price($row[$i]).''; } - print ''.price($row[13]).''; - print ''.price($row[14]).''; + print ''.price($row[13]).''; + print ''.price($row[14]).''; print ''; } $db->free($resql); @@ -456,9 +459,9 @@ if ($conf->global->MAIN_FEATURES_LEVEL > 0) { // This part of code looks strange while ($row = $db->fetch_row($resql)) { print ''.$row[0].''; for ($i = 1; $i <= 12; $i++) { - print ''.price($row[$i]).''; + print ''.price($row[$i]).''; } - print ''.price($row[13]).''; + print ''.price($row[13]).''; print ''; } $db->free($resql); diff --git a/htdocs/accountancy/supplier/lines.php b/htdocs/accountancy/supplier/lines.php index 90e7213c8f9..4a3b8cd53ac 100644 --- a/htdocs/accountancy/supplier/lines.php +++ b/htdocs/accountancy/supplier/lines.php @@ -497,7 +497,7 @@ if ($result) { print $form->textwithtooltip(dol_trunc($text, $trunclength), $objp->description); print ''; - print ''.price($objp->total_ht).''; + print ''.price($objp->total_ht).''; print ''.vatrate($objp->tva_tx.($objp->vat_src_code ? ' ('.$objp->vat_src_code.')' : '')).''; diff --git a/htdocs/accountancy/supplier/list.php b/htdocs/accountancy/supplier/list.php index 63dd996a546..4fd16df2afe 100644 --- a/htdocs/accountancy/supplier/list.php +++ b/htdocs/accountancy/supplier/list.php @@ -482,7 +482,7 @@ if ($result) { print ''; print ''; print ''; - print $form->select_country($search_country, 'search_country', '', 0, 'maxwidth125', 'code2', 1, 0, 1); + print $form->select_country($search_country, 'search_country', '', 0, 'maxwidth125', 'code2', 1, 0, 1, null, 1); //print ''; print ''; print ''; @@ -503,7 +503,7 @@ if ($result) { //print_liste_field_titre("ProductLabel", $_SERVER["PHP_SELF"], "p.label", "", $param, '', $sortfield, $sortorder); print_liste_field_titre("ProductDescription", $_SERVER["PHP_SELF"], "l.description", "", $param, '', $sortfield, $sortorder); print_liste_field_titre("Amount", $_SERVER["PHP_SELF"], "l.total_ht", "", $param, '', $sortfield, $sortorder, 'right maxwidth50 '); - print_liste_field_titre("VATRate", $_SERVER["PHP_SELF"], "l.tva_tx", "", $param, '', $sortfield, $sortorder, 'right '); + print_liste_field_titre("VATRate", $_SERVER["PHP_SELF"], "l.tva_tx", "", $param, '', $sortfield, $sortorder, 'right ', '', 1); print_liste_field_titre("ThirdParty", $_SERVER["PHP_SELF"], "s.nom", "", $param, '', $sortfield, $sortorder); print_liste_field_titre("Country", $_SERVER["PHP_SELF"], "co.label", "", $param, '', $sortfield, $sortorder); print_liste_field_titre("VATIntraShort", $_SERVER["PHP_SELF"], "s.tva_intra", "", $param, '', $sortfield, $sortorder); @@ -671,7 +671,7 @@ if ($result) { print $form->textwithtooltip(dol_trunc($text, $trunclength), $objp->description); print ''; - print ''; + print ''; print price($objp->total_ht); print ''; @@ -687,13 +687,13 @@ if ($result) { print ''.$thirdpartystatic->getNomUrl(1, 'supplier').''; // Country - print ''; $labelcountry = ($objp->country_code && ($langs->trans("Country".$objp->country_code) != "Country".$objp->country_code)) ? $langs->trans("Country".$objp->country_code) : $objp->country_label; - print $labelcountry; + print ''; + print dol_escape_htmltag($labelcountry); print ''; // VAT Num - print ''.$objp->tva_intra.''; + print ''.dol_escape_htmltag($objp->tva_intra).''; // Found accounts print ''; diff --git a/htdocs/adherents/canvas/default/tpl/adherentcard_create.tpl.php b/htdocs/adherents/canvas/default/tpl/adherentcard_create.tpl.php index b6c0b542d27..87b8a6874c4 100644 --- a/htdocs/adherents/canvas/default/tpl/adherentcard_create.tpl.php +++ b/htdocs/adherents/canvas/default/tpl/adherentcard_create.tpl.php @@ -68,7 +68,7 @@ echo $this->control->tpl['ajax_selectcountry']; ?> trans("Morphy"); ?> - + @@ -105,7 +105,7 @@ echo $this->control->tpl['ajax_selectcountry']; ?> trans("Email"); ?> - + diff --git a/htdocs/adherents/canvas/default/tpl/adherentcard_edit.tpl.php b/htdocs/adherents/canvas/default/tpl/adherentcard_edit.tpl.php index 3259df07b8d..9056ff201e4 100644 --- a/htdocs/adherents/canvas/default/tpl/adherentcard_edit.tpl.php +++ b/htdocs/adherents/canvas/default/tpl/adherentcard_edit.tpl.php @@ -77,7 +77,7 @@ echo $this->control->tpl['ajax_selectcountry']; trans("Morphy"); ?> - + @@ -114,7 +114,7 @@ echo $this->control->tpl['ajax_selectcountry']; trans("Email"); ?> - + diff --git a/htdocs/adherents/card.php b/htdocs/adherents/card.php index d20318090e0..da84fd5bf6b 100644 --- a/htdocs/adherents/card.php +++ b/htdocs/adherents/card.php @@ -1727,15 +1727,14 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { // Password if (empty($conf->global->ADHERENT_LOGIN_NOT_REQUIRED)) { - print ''.$langs->trans("Password").''.preg_replace('/./i', '*', $object->pass); + print ''.$langs->trans("Password").''; if ($object->pass) { print preg_replace('/./i', '*', $object->pass); } else { if ($user->admin) { - print $langs->trans("Crypted").': '.$object->pass_indatabase_crypted; - } else { - print $langs->trans("Hidden"); + print ''; } + print 'trans("Hidden").''; } if ((!empty($object->pass) || !empty($object->pass_crypted)) && empty($object->user_id)) { $langs->load("errors"); diff --git a/htdocs/adherents/class/adherent.class.php b/htdocs/adherents/class/adherent.class.php index 18d8746cca7..2d5eae90938 100644 --- a/htdocs/adherents/class/adherent.class.php +++ b/htdocs/adherents/class/adherent.class.php @@ -260,9 +260,9 @@ class Adherent extends CommonObject public $datefin; - // From member table - // Fields loaded by fetch_subscriptions() + // Fields loaded by fetch_subscriptions() from member table + public $first_subscription_date; public $first_subscription_amount; @@ -277,6 +277,12 @@ class Adherent extends CommonObject public $subscriptions = array(); + + // Fields loaded by fetchPartnerships() from partnership table + + public $partnerships = array(); + + /** * @var Adherent To contains a clone of this when we need to save old properties of object */ @@ -592,8 +598,8 @@ class Adherent extends CommonObject if ($this->user_id) { // Add link to user $sql = "UPDATE ".MAIN_DB_PREFIX."user SET"; - $sql .= " fk_member = ".$this->id; - $sql .= " WHERE rowid = ".$this->user_id; + $sql .= " fk_member = ".((int) $this->id); + $sql .= " WHERE rowid = ".((int) $this->user_id); dol_syslog(get_class($this)."::create", LOG_DEBUG); $resql = $this->db->query($sql); if (!$resql) { @@ -722,7 +728,7 @@ class Adherent extends CommonObject if (!empty($this->oldcopy) && $this->typeid != $this->oldcopy->typeid) { $sql2 = "SELECT libelle as label"; $sql2 .= " FROM ".MAIN_DB_PREFIX."adherent_type"; - $sql2 .= " WHERE rowid = ".$this->typeid; + $sql2 .= " WHERE rowid = ".((int) $this->typeid); $resql2 = $this->db->query($sql2); if ($resql2) { while ($obj = $this->db->fetch_object($resql2)) { @@ -1439,11 +1445,12 @@ class Adherent extends CommonObject // phpcs:disable PEAR.NamingConventions.ValidFunctionName.ScopeNotCamelCaps /** - * Function to get member subscriptions data - * first_subscription_date, first_subscription_date_start, first_subscription_date_end, first_subscription_amount - * last_subscription_date, last_subscription_date_start, last_subscription_date_end, last_subscription_amount + * Function to get member subscriptions data: + * subscriptions, + * first_subscription_date, first_subscription_date_start, first_subscription_date_end, first_subscription_amount + * last_subscription_date, last_subscription_date_start, last_subscription_date_end, last_subscription_amount * - * @return int <0 si KO, >0 si OK + * @return int <0 if KO, >0 if OK */ public function fetch_subscriptions() { @@ -1475,7 +1482,7 @@ class Adherent extends CommonObject $this->first_subscription_amount = $obj->subscription; } $this->last_subscription_date = $this->db->jdate($obj->datec); - $this->last_subscription_date_start = $this->db->jdate($obj->datef); + $this->last_subscription_date_start = $this->db->jdate($obj->dateh); $this->last_subscription_date_end = $this->db->jdate($obj->datef); $this->last_subscription_amount = $obj->subscription; @@ -1503,6 +1510,25 @@ class Adherent extends CommonObject } + /** + * Function to get partnerships array + * + * @param string $mode 'member' or 'thirdparty' + * @return int <0 if KO, >0 if OK + */ + public function fetchPartnerships($mode) + { + global $langs; + + require_once DOL_DOCUMENT_ROOT.'/parntership/class/partnership.class.php'; + + + $this->partnerships[] = array(); + + return 1; + } + + /** * Insert subscription into database and eventually add links to banks, mailman, etc... * @@ -1712,7 +1738,8 @@ class Adherent extends CommonObject } } $invoice->socid = $this->fk_soc; - $invoice->date = $datesubscription; + //$invoice->date = $datesubscription; + $invoice->date = dol_now(); // Possibility to add external linked objects with hooks $invoice->linked_objects['subscription'] = $subscriptionid; diff --git a/htdocs/adherents/class/adherent_type.class.php b/htdocs/adherents/class/adherent_type.class.php index 0104f8f36e8..1cb9fcdb12c 100644 --- a/htdocs/adherents/class/adherent_type.class.php +++ b/htdocs/adherents/class/adherent_type.class.php @@ -362,7 +362,7 @@ class AdherentType extends CommonObject $sql = "UPDATE ".MAIN_DB_PREFIX."adherent_type "; $sql .= "SET "; - $sql .= "statut = ".$this->status.","; + $sql .= "statut = ".((int) $this->status).","; $sql .= "libelle = '".$this->db->escape($this->label)."',"; $sql .= "morphy = '".$this->db->escape($this->morphy)."',"; $sql .= "subscription = '".$this->db->escape($this->subscription)."',"; diff --git a/htdocs/adherents/class/adherentstats.class.php b/htdocs/adherents/class/adherentstats.class.php index 1f3dbd32cb6..489ed20d6c2 100644 --- a/htdocs/adherents/class/adherentstats.class.php +++ b/htdocs/adherents/class/adherentstats.class.php @@ -92,7 +92,7 @@ class AdherentStats extends Stats $sql = "SELECT date_format(p.dateadh,'%m') as dm, count(*)"; $sql .= " FROM ".$this->from; //if (!$user->rights->societe->client->voir && !$user->socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; - $sql .= " WHERE date_format(p.dateadh,'%Y') = ".((int) $year); + $sql .= " WHERE ".dolSqlDateFilter('p.dateadh', 0, 0, (int) $year, 1); $sql .= " AND ".$this->where; $sql .= " GROUP BY dm"; $sql .= $this->db->order('dm', 'DESC'); @@ -133,7 +133,7 @@ class AdherentStats extends Stats $sql = "SELECT date_format(p.dateadh,'%m') as dm, sum(p.".$this->field.")"; $sql .= " FROM ".$this->from; //if (!$user->rights->societe->client->voir && !$user->socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; - $sql .= " WHERE date_format(p.dateadh,'%Y') = ".((int) $year); + $sql .= " WHERE ".dolSqlDateFilter('p.dateadh', 0, 0, (int) $year, 1); $sql .= " AND ".$this->where; $sql .= " GROUP BY dm"; $sql .= $this->db->order('dm', 'DESC'); @@ -154,7 +154,7 @@ class AdherentStats extends Stats $sql = "SELECT date_format(p.dateadh,'%m') as dm, avg(p.".$this->field.")"; $sql .= " FROM ".$this->from; //if (!$user->rights->societe->client->voir && !$this->socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; - $sql .= " WHERE date_format(p.dateadh,'%Y') = ".((int) $year); + $sql .= " WHERE ".dolSqlDateFilter('p.dateadh', 0, 0, (int) $year, 1); $sql .= " AND ".$this->where; $sql .= " GROUP BY dm"; $sql .= $this->db->order('dm', 'DESC'); diff --git a/htdocs/adherents/class/api_members.class.php b/htdocs/adherents/class/api_members.class.php index 5573961456f..d57a01510d4 100644 --- a/htdocs/adherents/class/api_members.class.php +++ b/htdocs/adherents/class/api_members.class.php @@ -228,12 +228,12 @@ class Members extends DolibarrApi } $sql .= ' WHERE t.entity IN ('.getEntity('adherent').')'; if (!empty($typeid)) { - $sql .= ' AND t.fk_adherent_type='.$typeid; + $sql .= ' AND t.fk_adherent_type='.((int) $typeid); } // Select members of given category if ($category > 0) { - $sql .= " AND c.fk_categorie = ".$this->db->escape($category); - $sql .= " AND c.fk_member = t.rowid "; + $sql .= " AND c.fk_categorie = ".((int) $category); + $sql .= " AND c.fk_member = t.rowid"; } // Add sql filters if ($sqlfilters) { diff --git a/htdocs/adherents/class/subscription.class.php b/htdocs/adherents/class/subscription.class.php index 1285b12b2d0..fff9d925cd9 100644 --- a/htdocs/adherents/class/subscription.class.php +++ b/htdocs/adherents/class/subscription.class.php @@ -168,7 +168,7 @@ class Subscription extends CommonObject $sql .= " VALUES (".((int) $this->fk_adherent).", '".$this->db->escape($type)."', '".$this->db->idate($now)."',"; $sql .= " '".$this->db->idate($this->dateh)."',"; $sql .= " '".$this->db->idate($this->datef)."',"; - $sql .= " ".$this->amount.","; + $sql .= " ".((float) $this->amount).","; $sql .= " '".$this->db->escape($this->note_public ? $this->note_public : $this->note)."')"; $resql = $this->db->query($sql); @@ -267,14 +267,14 @@ class Subscription extends CommonObject } $sql = "UPDATE ".MAIN_DB_PREFIX."subscription SET "; - $sql .= " fk_type = ".$this->fk_type.","; - $sql .= " fk_adherent = ".$this->fk_adherent.","; + $sql .= " fk_type = ".((int) $this->fk_type).","; + $sql .= " fk_adherent = ".((int) $this->fk_adherent).","; $sql .= " note=".($this->note ? "'".$this->db->escape($this->note)."'" : 'null').","; $sql .= " subscription = ".price2num($this->amount).","; $sql .= " dateadh='".$this->db->idate($this->dateh)."',"; $sql .= " datef='".$this->db->idate($this->datef)."',"; $sql .= " datec='".$this->db->idate($this->datec)."',"; - $sql .= " fk_bank = ".($this->fk_bank ? $this->fk_bank : 'null'); + $sql .= " fk_bank = ".($this->fk_bank ? ((int) $this->fk_bank) : 'null'); $sql .= " WHERE rowid = ".$this->id; dol_syslog(get_class($this)."::update", LOG_DEBUG); @@ -341,7 +341,7 @@ class Subscription extends CommonObject } if (!$error) { - $sql = "DELETE FROM ".MAIN_DB_PREFIX."subscription WHERE rowid = ".$this->id; + $sql = "DELETE FROM ".MAIN_DB_PREFIX."subscription WHERE rowid = ".((int) $this->id); dol_syslog(get_class($this)."::delete", LOG_DEBUG); $resql = $this->db->query($sql); if ($resql) { diff --git a/htdocs/adherents/document.php b/htdocs/adherents/document.php index f2a7c6f3f55..98c0e026139 100644 --- a/htdocs/adherents/document.php +++ b/htdocs/adherents/document.php @@ -182,7 +182,7 @@ if ($id > 0) { print dol_get_fiche_end(); $modulepart = 'member'; - $permission = $user->rights->adherent->creer; + $permissiontoadd = $user->rights->adherent->creer; $permtoedit = $user->rights->adherent->creer; $param = '&id='.$object->id; include DOL_DOCUMENT_ROOT.'/core/tpl/document_actions_post_headers.tpl.php'; diff --git a/htdocs/adherents/index.php b/htdocs/adherents/index.php index 998736e137f..8b59c0d3ca4 100644 --- a/htdocs/adherents/index.php +++ b/htdocs/adherents/index.php @@ -52,7 +52,7 @@ $result = restrictedArea($user, 'adherent'); if (GETPOST('addbox')) { // Add box (when submit is done from a form when ajax disabled) require_once DOL_DOCUMENT_ROOT.'/core/class/infobox.class.php'; - $zone = GETPOST('areacode', 'aZ09'); + $zone = GETPOST('areacode', 'int'); $userid = GETPOST('userid', 'int'); $boxorder = GETPOST('boxorder', 'aZ09'); $boxorder .= GETPOST('boxcombo', 'aZ09'); diff --git a/htdocs/adherents/list.php b/htdocs/adherents/list.php index 749eacbbe10..7a4a7d5bc1f 100644 --- a/htdocs/adherents/list.php +++ b/htdocs/adherents/list.php @@ -473,28 +473,28 @@ llxHeader('', $langs->trans("Member"), 'EN:Module_Foundations|FR:Module_Adh&eacu $titre = $langs->trans("MembersList"); if (GETPOSTISSET("search_status")) { - if ($search_status == '-1,1') { + if ($search_status == '-1,1') { // TODO : check this test as -1 == Adherent::STATUS_DRAFT and -2 == Adherent::STATUS_EXLCUDED $titre = $langs->trans("MembersListQualified"); } - if ($search_status == '-1') { + if ($search_status == Adherent::STATUS_DRAFT) { $titre = $langs->trans("MembersListToValid"); } - if ($search_status == '1' && $filter == '') { + if ($search_status == Adherent::STATUS_VALIDATED && $filter == '') { $titre = $langs->trans("MembersValidated"); } - if ($search_status == '1' && $filter == 'withoutsubscription') { + if ($search_status == Adherent::STATUS_VALIDATED && $filter == 'withoutsubscription') { $titre = $langs->trans("MembersWithSubscriptionToReceive"); } - if ($search_status == '1' && $filter == 'uptodate') { + if ($search_status == Adherent::STATUS_VALIDATED && $filter == 'uptodate') { $titre = $langs->trans("MembersListUpToDate"); } - if ($search_status == '1' && $filter == 'outofdate') { + if ($search_status == Adherent::STATUS_VALIDATED && $filter == 'outofdate') { $titre = $langs->trans("MembersListNotUpToDate"); } - if ($search_status == '0') { + if ($search_status == Adherent::STATUS_RESILIATED) { $titre = $langs->trans("MembersListResiliated"); } - if ($search_status == '-2') { + if ($search_status == Adherent::STATUS_EXCLUDED) { $titre = $langs->trans("MembersListExcluded"); } } elseif ($action == 'search') { @@ -571,7 +571,7 @@ if ($search_phone_mobile != '') { if ($search_filter && $search_filter != '-1') { $param .= "&search_filter=".urlencode($search_filter); } -if ($search_status != "" && $search_status != '-1') { +if ($search_status != "" && $search_status != Adherent::STATUS_DRAFT) { $param .= "&search_status=".urlencode($search_status); } if ($search_type > 0) { @@ -796,10 +796,10 @@ if (!empty($arrayfields['d.tms']['checked'])) { if (!empty($arrayfields['d.statut']['checked'])) { print ''; $liststatus = array( - '-1'=>$langs->trans("Draft"), - '1'=>$langs->trans("Validated"), - '0'=>$langs->trans("MemberStatusResiliatedShort"), - '-2'=>$langs->trans("MemberStatusExcludedShort") + Adherent::STATUS_DRAFT => $langs->trans("Draft"), + Adherent::STATUS_VALIDATED => $langs->trans("Validated"), + Adherent::STATUS_RESILIATED => $langs->trans("MemberStatusResiliatedShort"), + Adherent::STATUS_EXCLUDED =>$langs->trans("MemberStatusExcludedShort") ); print $form->selectarray('search_status', $liststatus, $search_status, -3); print ''; diff --git a/htdocs/adherents/stats/byproperties.php b/htdocs/adherents/stats/byproperties.php index 1238fd0fe15..63deec867ef 100644 --- a/htdocs/adherents/stats/byproperties.php +++ b/htdocs/adherents/stats/byproperties.php @@ -29,7 +29,7 @@ $graphwidth = 700; $mapratio = 0.5; $graphheight = round($graphwidth * $mapratio); -$mode = GETPOST('mode') ?GETPOST('mode') : ''; +$mode = GETPOST('mode') ? GETPOST('mode') : ''; // Security check @@ -40,7 +40,7 @@ if ($user->socid > 0) { $result = restrictedArea($user, 'adherent', '', '', 'cotisation'); $year = strftime("%Y", time()); -$startyear = $year - 2; +$startyear = $year - (empty($conf->global->MAIN_STATS_GRAPHS_SHOW_N_YEARS) ? 2 : max(1, min(10, $conf->global->MAIN_STATS_GRAPHS_SHOW_N_YEARS))); $endyear = $year; // Load translation files required by the page @@ -69,7 +69,7 @@ $sql .= " d.morphy as code"; $sql .= " FROM ".MAIN_DB_PREFIX."adherent as d"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."subscription as s ON s.fk_adherent = d.rowid"; $sql .= " WHERE d.entity IN (".getEntity('adherent').")"; -$sql .= " AND d.statut != -1"; // Not draft +$sql .= " AND d.statut <> ".Adherent::STATUS_DRAFT; $sql .= " GROUP BY d.morphy"; $foundphy = $foundmor = 0; @@ -104,7 +104,7 @@ $sql .= " d.morphy as code"; $sql .= " FROM ".MAIN_DB_PREFIX."adherent as d"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."subscription as s ON s.fk_adherent = d.rowid"; $sql .= " WHERE d.entity IN (".getEntity('adherent').")"; -$sql .= " AND d.statut >= 1"; // Active (not draft=-1, not resiliated=0) +$sql .= " AND d.statut >= 1"; // Active (not excluded=-2, not draft=-1, not resiliated=0) $sql .= " GROUP BY d.morphy"; $foundphy = $foundmor = 0; diff --git a/htdocs/adherents/stats/geo.php b/htdocs/adherents/stats/geo.php index 74a5c9b014e..16dfc3ccff6 100644 --- a/htdocs/adherents/stats/geo.php +++ b/htdocs/adherents/stats/geo.php @@ -42,7 +42,7 @@ if ($user->socid > 0) { $result = restrictedArea($user, 'adherent', '', '', 'cotisation'); $year = strftime("%Y", time()); -$startyear = $year - 2; +$startyear = $year - (empty($conf->global->MAIN_STATS_GRAPHS_SHOW_N_YEARS) ? 2 : max(1, min(10, $conf->global->MAIN_STATS_GRAPHS_SHOW_N_YEARS))); $endyear = $year; // Load translation files required by the page @@ -92,7 +92,7 @@ if ($mode) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."c_country as c on d.country = c.rowid"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."subscription as s ON s.fk_adherent = d.rowid"; $sql .= " WHERE d.entity IN (".getEntity('adherent').")"; - $sql .= " AND d.statut != -1"; + $sql .= " AND d.statut <> ".Adherent::STATUS_DRAFT; $sql .= " GROUP BY c.label, c.code"; //print $sql; } @@ -110,7 +110,7 @@ if ($mode) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."c_country as co on d.country = co.rowid"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."subscription as s ON s.fk_adherent = d.rowid"; $sql .= " WHERE d.entity IN (".getEntity('adherent').")"; - $sql .= " AND d.statut != -1"; + $sql .= " AND d.statut <> ".Adherent::STATUS_DRAFT; $sql .= " GROUP BY co.label, co.code, c.nom"; //print $sql; } @@ -127,7 +127,7 @@ if ($mode) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."c_country as co on d.country = co.rowid"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."subscription as s ON s.fk_adherent = d.rowid"; $sql .= " WHERE d.entity IN (".getEntity('adherent').")"; - $sql .= " AND d.statut != -1"; + $sql .= " AND d.statut <> ".Adherent::STATUS_DRAFT; $sql .= " GROUP BY co.label, co.code, r.nom"; //+ //print $sql; } @@ -142,7 +142,7 @@ if ($mode) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."c_country as c on d.country = c.rowid"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."subscription as s ON s.fk_adherent = d.rowid"; $sql .= " WHERE d.entity IN (".getEntity('adherent').")"; - $sql .= " AND d.statut != -1"; + $sql .= " AND d.statut <> ".Adherent::STATUS_DRAFT; $sql .= " GROUP BY c.label, c.code, d.town"; //print $sql; } diff --git a/htdocs/adherents/stats/index.php b/htdocs/adherents/stats/index.php index e820d0a0d23..ed79978552f 100644 --- a/htdocs/adherents/stats/index.php +++ b/htdocs/adherents/stats/index.php @@ -47,7 +47,7 @@ if ($user->socid > 0) { $result = restrictedArea($user, 'adherent', '', '', 'cotisation'); $year = strftime("%Y", time()); -$startyear = $year - 2; +$startyear = $year - (empty($conf->global->MAIN_STATS_GRAPHS_SHOW_N_YEARS) ? 2 : max(1, min(10, $conf->global->MAIN_STATS_GRAPHS_SHOW_N_YEARS))); $endyear = $year; // Load translation files required by the page @@ -151,12 +151,14 @@ print ''; print ''; print ''; print ''; print ''; -print ''; +print ''; print '
'.$langs->trans("Filter").'
'.$langs->trans("Member").''; +print img_picto('', 'company', 'class="pictofixedwidth"'); print $form->select_company($id,'memberid','',1); print '
'.$langs->trans("User").''; -print $form->select_dolusers($userid, 'userid', 1, '', 0, '', '', 0, 0, 0, '', 0, '', 'maxwidth300'); +print img_picto('', 'user', 'class="pictofixedwidth"'); +print $form->select_dolusers($userid, 'userid', 1, '', 0, '', '', 0, 0, 0, '', 0, '', 'widthcentpercentminusx maxwidth300'); print '
'; print ''; print '

'; @@ -187,8 +189,8 @@ foreach ($data as $val) { //print ''; print ''; print '0'; - print '0'; - print '0'; + print '0'; + print '0'; print ''; } print ''; @@ -198,8 +200,8 @@ foreach ($data as $val) { //print ''; print ''; print ''.$val['nb'].''; - print ''.price(price2num($val['total'], 'MT'), 1).''; - print ''.price(price2num($val['avg'], 'MT'), 1).''; + print ''.price(price2num($val['total'], 'MT'), 1).''; + print ''.price(price2num($val['avg'], 'MT'), 1).''; print ''; $oldyear = $year; } diff --git a/htdocs/admin/accountant.php b/htdocs/admin/accountant.php index 56c9605c460..1e924699cd5 100644 --- a/htdocs/admin/accountant.php +++ b/htdocs/admin/accountant.php @@ -144,23 +144,23 @@ print ''."\n"; print ''; print img_picto('', 'object_phoning', '', false, 0, 0, '', 'paddingright'); -print ''; +print ''; print ''."\n"; print ''; print img_picto('', 'object_phoning_fax', '', false, 0, 0, '', 'paddingright'); -print ''; +print ''; print ''."\n"; print ''; print img_picto('', 'object_email', '', false, 0, 0, '', 'paddingright'); -print ''; +print ''; print ''."\n"; // Web print ''; print img_picto('', 'globe', '', false, 0, 0, '', 'paddingright'); -print ''; +print ''; print ''."\n"; // Code diff --git a/htdocs/admin/agenda_extsites.php b/htdocs/admin/agenda_extsites.php index 9ce55583d99..272da835741 100644 --- a/htdocs/admin/agenda_extsites.php +++ b/htdocs/admin/agenda_extsites.php @@ -3,6 +3,7 @@ * Copyright (C) 2011-2015 Juanjo Menent * Copyright (C) 2015 Jean-François Ferry * Copyright (C) 2016 Raphaël Doursenaud + * Copyright (C) 2021 Frédéric France * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -158,14 +159,6 @@ print dol_get_fiche_head($head, 'extsites', $langs->trans("Agenda"), -1, 'action print ''.$langs->trans("AgendaExtSitesDesc")."
\n"; print "
\n"; - -$selectedvalue = $conf->global->AGENDA_DISABLE_EXT; -if ($selectedvalue == 1) { - $selectedvalue = 0; -} else { - $selectedvalue = 1; -} - print ""; print ""; @@ -226,15 +219,15 @@ while ($i <= $MAXAGENDA) { // Nb print '"; // Name - print ''; + print ''; // URL - print ''; + print ''; // Offset TZ - print ''; + print ''; // Color (Possible colors are limited by Google) print ''; print ""; $i++; diff --git a/htdocs/admin/bom.php b/htdocs/admin/bom.php index 528f2f6b29f..c401c6cabf1 100644 --- a/htdocs/admin/bom.php +++ b/htdocs/admin/bom.php @@ -179,6 +179,7 @@ print dol_get_fiche_head($head, 'settings', $langs->trans("BOMs"), -1, 'bom'); print load_fiche_titre($langs->trans("BOMsNumberingModules"), '', ''); +print '
'; print '
'.$langs->trans("AgendaExtNb", $key)."'; //print $formadmin->selectColor($conf->global->$color, "google_agenda_color".$key, $colorlist); - print $formother->selectColor((GETPOST("AGENDA_EXT_COLOR".$key) ?GETPOST("AGENDA_EXT_COLOR".$key) : $conf->global->$color), "AGENDA_EXT_COLOR".$key, 'extsitesconfig', 1, '', 'hideifnotset'); + print $formother->selectColor((GETPOST("AGENDA_EXT_COLOR".$key) ?GETPOST("AGENDA_EXT_COLOR".$key) : getDolGlobalString($color)), "AGENDA_EXT_COLOR".$key, 'extsitesconfig', 1, '', 'hideifnotset'); print '
'; print ''; print ''; @@ -272,7 +273,9 @@ foreach ($dirmodels as $reldir) { } } } -print "
'.$langs->trans("Name").'

\n"; +print ""; +print ""; +print "
\n"; /* @@ -301,6 +304,7 @@ if ($resql) { } +print '
'; print "\n"; print "\n"; print ''; @@ -414,6 +418,7 @@ foreach ($dirmodels as $reldir) { } print '
'.$langs->trans("Name").'
'; +print '
'; print "
"; /* @@ -421,6 +426,8 @@ print "
"; */ print load_fiche_titre($langs->trans("OtherOptions"), '', ''); + +print '
'; print ''; print ''; print ''; @@ -469,6 +476,7 @@ print "\n"; print ''; print '
'.$langs->trans("Parameter").'
'; +print '
'; print '
'; diff --git a/htdocs/admin/boxes.php b/htdocs/admin/boxes.php index df691eba688..56971457f76 100644 --- a/htdocs/admin/boxes.php +++ b/htdocs/admin/boxes.php @@ -115,7 +115,7 @@ if ($action == 'add') { $sql = "INSERT INTO ".MAIN_DB_PREFIX."boxes ("; $sql .= "box_id, position, box_order, fk_user, entity"; $sql .= ") VALUES ("; - $sql .= $boxid['value'].", ".((int) $pos).", '".(($nbboxonleft > $nbboxonright) ? 'B01' : 'A01')."', ".$fk_user.", ".$conf->entity; + $sql .= ((int) $boxid['value']).", ".((int) $pos).", '".(($nbboxonleft > $nbboxonright) ? 'B01' : 'A01')."', ".((int) $fk_user).", ".$conf->entity; $sql .= ")"; dol_syslog("boxes.php activate box", LOG_DEBUG); @@ -149,11 +149,6 @@ if ($action == 'delete') { if (!empty($obj->box_id)) { $db->begin(); - // Remove all personalized setup when a box is activated or disabled (why removing all ? We removed only removed boxes) - // $sql = "DELETE FROM ".MAIN_DB_PREFIX."user_param"; - // $sql.= " WHERE param LIKE 'MAIN_BOXES_%'"; - // $resql = $db->query($sql); - $sql = "DELETE FROM ".MAIN_DB_PREFIX."boxes"; $sql .= " WHERE entity = ".$conf->entity; $sql .= " AND box_id=".((int) $obj->box_id); @@ -184,6 +179,7 @@ if ($action == 'switch') { $newsecondnum = preg_replace('/[a-zA-Z]+/', '', $newsecond); $newsecond = sprintf("%s%02d", $newsecondchar ? $newsecondchar : 'A', $newsecondnum + 1); } + $sql = "UPDATE ".MAIN_DB_PREFIX."boxes SET box_order='".$db->escape($newfirst)."' WHERE rowid=".((int) $objfrom->rowid); dol_syslog($sql); $resultupdatefrom = $db->query($sql); @@ -426,7 +422,7 @@ foreach ($boxactivated as $key => $box) { $hasnext = ($key < (count($boxactivated) - 1)); $hasprevious = ($key != 0); print ''.($key + 1).''; - print ''; + print ''; print ($hasnext ? ''.img_down().' ' : ''); print ($hasprevious ? ''.img_up().'' : ''); print ''; diff --git a/htdocs/admin/commande.php b/htdocs/admin/commande.php index 89363a9027b..7407961649c 100644 --- a/htdocs/admin/commande.php +++ b/htdocs/admin/commande.php @@ -367,8 +367,8 @@ if ($resql) { print '
'; -print "\n"; -print "\n"; +print '
'."\n"; +print ''."\n"; print ''; print ''; print '\n"; @@ -498,6 +498,7 @@ print load_fiche_titre($langs->trans("SuggestedPaymentModesIfNotDefinedInOrder") print ''; print ''; +print '
'; print '
'.$langs->trans("Name").''.$langs->trans("Description").''.$langs->trans("Status")."
'; print ''; @@ -584,6 +585,8 @@ if (empty($conf->facture->enabled)) { } print ""; print "
"; +print '
'; + print ""; @@ -594,6 +597,8 @@ print '
'; */ print load_fiche_titre($langs->trans("OtherOptions"), '', ''); + +print '
'; print ''; print ''; print ''; @@ -704,6 +709,8 @@ if ($conf->stock->enabled) { */ print '
'.$langs->trans("Parameter").'
'; +print '
'; + print '
'; @@ -712,6 +719,8 @@ print '
'; */ print load_fiche_titre($langs->trans("Notifications"), '', ''); + +print '
'; print ''; print ''; print ''; @@ -725,6 +734,7 @@ print '\n"; print '
'.$langs->trans("Parameter").''; print "
'; +print '
'; // End of page llxFooter(); diff --git a/htdocs/admin/company.php b/htdocs/admin/company.php index 0c6da346285..804ed9934bf 100644 --- a/htdocs/admin/company.php +++ b/htdocs/admin/company.php @@ -418,7 +418,7 @@ print ''; print img_picto('', 'globe-americas', 'class="paddingrightonly"'); -print $form->select_country($mysoc->country_id, 'country_id'); +print $form->select_country($mysoc->country_id, 'country_id', '', 0); if ($user->admin) { print info_admin($langs->trans("YouCanChangeValuesForThisListFromDictionarySetup"), 1); } @@ -441,25 +441,25 @@ print ''."\n"; // Phone print ''; print img_picto('', 'object_phoning', '', false, 0, 0, '', 'paddingright'); -print ''; +print ''; print ''."\n"; // Fax print ''; print img_picto('', 'object_phoning_fax', '', false, 0, 0, '', 'paddingright'); -print ''; +print ''; print ''."\n"; // Email print ''; print img_picto('', 'object_email', '', false, 0, 0, '', 'paddingright'); -print ''; +print ''; print ''."\n"; // Web print ''; print img_picto('', 'globe', '', false, 0, 0, '', 'paddingright'); -print ''; +print ''; print ''."\n"; // Barcode @@ -467,19 +467,19 @@ if (!empty($conf->barcode->enabled)) { print ''; print ''; print ''; - print ''; + print ''; print ''; } // Logo print ''; -print '
'; -print ''; +print '
'; +print ''; print '
'; if (!empty($mysoc->logo_small)) { if (file_exists($conf->mycompany->dir_output.'/logos/thumbs/'.$mysoc->logo_small)) { print '
'; - print ''; + print ''; print '
'; } elseif (!empty($mysoc->logo)) { if (!file_exists($conf->mycompany->dir_output.'/logos/thumbs/'.$mysoc->logo_mini)) { @@ -487,10 +487,12 @@ if (!empty($mysoc->logo_small)) { } $imgThumbSmall = vignette($conf->mycompany->dir_output.'/logos/'.$mysoc->logo, $maxwidthmini, $maxheightmini, '_small', $quality); print '
'; - print ''; + print ''; print '
'; } - print '
'.img_delete($langs->trans("Delete"), '', 'marginleftonly').'
'; + print '
'; + print ''.img_delete($langs->trans("Delete"), '', 'marginleftonly').''; + print '
'; } elseif (!empty($mysoc->logo)) { if (file_exists($conf->mycompany->dir_output.'/logos/'.$mysoc->logo)) { print '
'; @@ -508,8 +510,8 @@ print ''; // Logo (squarred) print ''; -print '
'; -print ''; +print '
'; +print ''; print '
'; if (!empty($mysoc->logo_squarred_small)) { if (file_exists($conf->mycompany->dir_output.'/logos/thumbs/'.$mysoc->logo_squarred_small)) { @@ -551,20 +553,21 @@ print ''; print '
'; // IDs of the company (country-specific) +print '
'; print ''; -print ''; +print ''; $langs->load("companies"); // Managing Director(s) print ''; +print ''; // GDPR contact print ''; +print 'global->MAIN_INFO_GDPR) ? $conf->global->MAIN_INFO_GDPR : ''))).'">'; // Capital print ''; @@ -456,7 +456,7 @@ if ($mode == 'template' && $user->admin) { if ($action != 'edittemplate') { print ''; - print ''; + print ''; print '\n"; print '\n"; */ print '
'.$langs->trans("CompanyIds").''.$langs->trans("Value").'
'.$langs->trans("CompanyIds").''.$langs->trans("Value").'
'; -print '
'; print $form->textwithpicto($langs->trans("GDPRContact"), $langs->trans("GDPRContactDesc")); print ''; -print 'global->MAIN_INFO_GDPR) ? $conf->global->MAIN_INFO_GDPR : ''))).'">
'; @@ -656,6 +659,7 @@ print ''; print '
'; print ''; diff --git a/htdocs/admin/reception_setup.php b/htdocs/admin/reception_setup.php index 7cc9ae3e3be..e9a4a724871 100644 --- a/htdocs/admin/reception_setup.php +++ b/htdocs/admin/reception_setup.php @@ -465,7 +465,7 @@ print "
'; print $form->textwithpicto($langs->trans("WatermarkOnDraftContractCards"), $htmltext).'
'; -print ''; +print ''; print "
'; diff --git a/htdocs/admin/security.php b/htdocs/admin/security.php index b1dd28956dc..e94dd6bad39 100644 --- a/htdocs/admin/security.php +++ b/htdocs/admin/security.php @@ -39,9 +39,11 @@ if (!$user->admin) { // Allow/Disallow change to clear passwords once passwords are crypted $allow_disable_encryption = true; + /* * Actions */ + if ($action == 'setgeneraterule') { if (!dolibarr_set_const($db, 'USER_PASSWORD_GENERATED', $_GET["value"], 'chaine', 0, '', $conf->entity)) { dol_print_error($db); @@ -215,6 +217,7 @@ if (is_resource($handle)) { } asort($arrayhandler); +print '
'; print ''; print ''; print ''; @@ -266,6 +269,8 @@ foreach ($arrayhandler as $key => $module) { } } print '
'.$langs->trans("RuleForGeneratedPasswords").'
'; +print '
'; + print ''; //if($conf->global->MAIN_SECURITY_DISABLEFORGETPASSLINK == 1) @@ -273,45 +278,47 @@ print ''; if ($conf->global->USER_PASSWORD_GENERATED == "Perso") { $tabConf = explode(";", $conf->global->USER_PASSWORD_PATTERN); print '
'; + + print '
'; print ''; print ''; - print ''; + print ''; print ''; print ''; print '"; - print ''; + print ''; print ''; print ''; print '"; - print ''; + print ''; print ''; print ''; print '"; - print ''; + print ''; print ''; print ''; print '"; - print ''; + print ''; print ''; print ''; print '"; - print ''; + print ''; print ''; print ''; print '"; - print ''; + print ''; print ''; print '
'.$langs->trans("PasswordPatternDesc").' '.$langs->trans("PasswordPatternDesc").'
'.$langs->trans("MinLength")."
'.$langs->trans("NbMajMin")."
'.$langs->trans("NbNumMin")."
'.$langs->trans("NbSpeMin")."
'.$langs->trans("NbIteConsecutive")."
'.$langs->trans("NoAmbiCaracAutoGeneration")." '.($tabConf[5] ? $langs->trans("Activated") : $langs->trans("Disabled")).' '.($tabConf[5] ? $langs->trans("Activated") : $langs->trans("Disabled")).'
'; diff --git a/htdocs/admin/supplier_proposal.php b/htdocs/admin/supplier_proposal.php index d74c4d5dbf7..68066a2aebc 100644 --- a/htdocs/admin/supplier_proposal.php +++ b/htdocs/admin/supplier_proposal.php @@ -490,7 +490,7 @@ print "'; print $form->textwithpicto($langs->trans("WatermarkOnDraftProposal"), $htmltext, 1, 'help', '', 0, 2, 'watermarktooltip').'
'; print ''; -print ''; +print ''; print ''; print ''; print "\n"; diff --git a/htdocs/admin/system/perf.php b/htdocs/admin/system/perf.php index 2a8dfa975cd..758a93a765d 100644 --- a/htdocs/admin/system/perf.php +++ b/htdocs/admin/system/perf.php @@ -172,7 +172,8 @@ jQuery(document).ready(function() { var compphpstring; getphpurl = $.ajax({ type: "GET", - url: \''.DOL_URL_ROOT.'/index.php\', + data: { token: \''.currentToken().'\' }, + url: \''.DOL_URL_ROOT.'/public/notice.php\', cache: false, /* async: false, */ /* crossDomain: true,*/ @@ -211,10 +212,11 @@ jQuery(document).ready(function() { var compcssstring; getcssurl = $.ajax({ type: "GET", + data: { token: \'notrequired\' }, url: \''.DOL_URL_ROOT.'/includes/jquery/css/base/jquery-ui.css\', cache: false, /* async: false, */ - /*crossDomain: true, */ + /* crossDomain: true, */ success: function () { cachecssstring=getcssurl.getResponseHeader(\'Cache-Control\'); /* alert(\'css:\'+getcssurl.getAllResponseHeaders()); */ @@ -250,10 +252,11 @@ jQuery(document).ready(function() { var compcssphpstring; getcssphpurl = $.ajax({ type: "GET", + data: { token: \''.currentToken().'\' }, url: \''.DOL_URL_ROOT.'/theme/eldy/style.css.php\', cache: false, /* async: false, */ - /*crossDomain: true,*/ + /* crossDomain: true,*/ success: function () { cachecssphpstring=getcssphpurl.getResponseHeader(\'Cache-Control\'); /* alert(\'cssphp:\'+getcssphpurl.getAllResponseHeaders()); */ @@ -289,10 +292,11 @@ jQuery(document).ready(function() { var compimgstring; getimgurl = $.ajax({ type: "GET", + data: { token: \'notrequired\' }, url: \''.DOL_URL_ROOT.'/theme/eldy/img/help.png\', cache: false, /* async: false, */ - /*crossDomain: true,*/ + /* crossDomain: true,*/ success: function () { cacheimgstring=getimgurl.getResponseHeader(\'Cache-Control\'); /* alert(\'img:\'+getimgurl.getAllResponseHeaders()); */ @@ -328,6 +332,7 @@ jQuery(document).ready(function() { var compjsstring; getjsurl = $.ajax({ type: "GET", + data: { token: \'notrequired\' }, url: \''.DOL_URL_ROOT.'/core/js/lib_rare.js\', cache: false, /* async: false, */ @@ -367,6 +372,7 @@ jQuery(document).ready(function() { var compjsphpstring; getjsphpurl = $.ajax({ type: "GET", + data: { token: \''.currentToken().'\' }, url: \''.DOL_URL_ROOT.'/core/js/lib_head.js.php\', cache: false, /* async: false, */ diff --git a/htdocs/admin/system/security.php b/htdocs/admin/system/security.php index e972581beaa..0b2f2678521 100644 --- a/htdocs/admin/system/security.php +++ b/htdocs/admin/system/security.php @@ -228,7 +228,7 @@ print '
'; print '
'; print load_fiche_titre($langs->trans("ConfigurationFile").' ('.$conffile.')', '', 'folder'); -print '$dolibarr_main_prod: '.$dolibarr_main_prod; +print '$dolibarr_main_prod: '.($dolibarr_main_prod ? $dolibarr_main_prod : '0'); if (empty($dolibarr_main_prod)) { print '   '.img_picto('', 'warning').' '.$langs->trans("IfYouAreOnAProductionSetThis", 1); } @@ -245,8 +245,22 @@ if (empty($dolibarr_main_restrict_ip)) { print ''.$langs->trans("None").''; //print ' ('.$langs->trans("RecommendedValueIs", $langs->transnoentitiesnoconv("IPsOfUsers")).')'; } + print '
'; +if (empty($conf->global->SECURITY_DISABLE_TEST_ON_OBFUSCATED_CONF)) { + print '$dolibarr_main_db_pass: '; + if (!empty($dolibarr_main_db_pass) && empty($dolibarr_main_db_encrypted_pass)) { + print img_picto('', 'warning').' '.$langs->trans("DatabasePasswordNotObfuscated").'   ('.$langs->trans("Recommanded").': '.$langs->trans("SetOptionTo", $langs->transnoentitiesnoconv("MainDbPasswordFileConfEncrypted"), yn(1)).')'; + //print ' ('.$langs->trans("RecommendedValueIs", $langs->transnoentitiesnoconv("IPsOfUsers")).')'; + } else { + print img_picto('', 'tick').' '.$langs->trans("DatabasePasswordObfuscated"); + } + + print '
'; +} + + // Menu security @@ -277,7 +291,7 @@ if ($conf->global->MAIN_SECURITY_HASH_ALGO != 'password_hash') { print '
'; -print 'MAIN_SECURITY_ANTI_SSRF_SERVER_IP = '.(empty($conf->global->MAIN_SECURITY_ANTI_SSRF_SERVER_IP) ? ''.$langs->trans("Undefined").'' : $conf->global->MAIN_SECURITY_ANTI_SSRF_SERVER_IP)."
"; +print 'MAIN_SECURITY_ANTI_SSRF_SERVER_IP = '.(empty($conf->global->MAIN_SECURITY_ANTI_SSRF_SERVER_IP) ? ''.$langs->trans("Undefined").'   ('.$langs->trans("Example").': static-ips-of-server - '.$langs->trans("Note").': common loopback ip like 127.*.*.*, [::1] are already added)' : $conf->global->MAIN_SECURITY_ANTI_SSRF_SERVER_IP)."
"; print '
'; print 'MAIN_ALLOW_SVG_FILES_AS_IMAGES = '.(empty($conf->global->MAIN_ALLOW_SVG_FILES_AS_IMAGES) ? '0   ('.$langs->trans("Recommanded").': 0)' : $conf->global->MAIN_ALLOW_SVG_FILES_AS_IMAGES)."
"; @@ -315,6 +329,7 @@ $securityevent = new Events($db); $eventstolog = $securityevent->eventstolog; print ''.$langs->trans("AuditedSecurityEvents").': '; +$out = ''; if (!empty($eventstolog) && is_array($eventstolog)) { // Loop on each event type $i = 0; @@ -324,18 +339,22 @@ if (!empty($eventstolog) && is_array($eventstolog)) { $value = empty($conf->global->$key) ? '' : $conf->global->$key; if ($value) { if ($i > 0) { - print ', '; + $out .= ', '; } - print ''.$key.''; + $out .= ''.$key.''; $i++; } } } - print '
'; -} else { - print img_warning().' '.$langs->trans("NoSecurityEventsAreAduited", $langs->transnoentities("Home").' - '.$langs->transnoentities("Setup").' - '.$langs->transnoentities("Audit")).'
'; + print $out; } +if (empty($out)) { + print img_warning().' '.$langs->trans("NoSecurityEventsAreAduited", $langs->transnoentities("Home").' - '.$langs->transnoentities("Setup").' - '.$langs->transnoentities("Security").' - '.$langs->transnoentities("Audit")).'
'; +} + +print '
'; + // Modules/Applications diff --git a/htdocs/admin/translation.php b/htdocs/admin/translation.php index 362b29c0163..3fa2e5d0af9 100644 --- a/htdocs/admin/translation.php +++ b/htdocs/admin/translation.php @@ -296,19 +296,8 @@ if ($mode == 'overwrite') { print ''; print ''; print ''; - // Limit to superadmin - /*if (! empty($conf->multicompany->enabled) && !$user->entity) - { - print ''; - print ''; - print ''; - print ''; - } - else - {*/ - print ''; - print ''; - //} + print ''; + print ''; print ''; print "\n"; print ''; @@ -500,7 +489,7 @@ if ($mode == 'searchkey') { //} print ''; // Action column - print ''; + print ''; $searchpicto = $form->showFilterAndCheckAddButtons(!empty($massactionbutton) ? 1 : 0, 'checkforselect', 1); print $searchpicto; print ''; diff --git a/htdocs/admin/user.php b/htdocs/admin/user.php index 83649d46a28..6d8cfe21f00 100644 --- a/htdocs/admin/user.php +++ b/htdocs/admin/user.php @@ -109,6 +109,7 @@ if ($action == 'set_default') { } } + /* * View */ diff --git a/htdocs/api/class/api_setup.class.php b/htdocs/api/class/api_setup.class.php index 15d31140874..1f59762c865 100644 --- a/htdocs/api/class/api_setup.class.php +++ b/htdocs/api/class/api_setup.class.php @@ -200,7 +200,7 @@ class Setup extends DolibarrApi $sql = "SELECT id, code, type, libelle as label, module"; $sql .= " FROM ".MAIN_DB_PREFIX."c_paiement as t"; $sql .= " WHERE t.entity IN (".getEntity('c_paiement').")"; - $sql .= " AND t.active = ".$active; + $sql .= " AND t.active = ".((int) $active); // Add sql filters if ($sqlfilters) { if (!DolibarrApi::_checkFilters($sqlfilters)) { @@ -1055,7 +1055,7 @@ class Setup extends DolibarrApi $sql = "SELECT rowid AS id, zip, town, fk_county, fk_pays AS fk_country"; $sql .= " FROM ".MAIN_DB_PREFIX."c_ziptown as t"; - $sql .= " AND t.active = ".$active; + $sql .= " AND t.active = ".((int) $active); if ($zipcode) { $sql .= " AND t.zip LIKE '%".$this->db->escape($zipcode)."%'"; } @@ -1125,7 +1125,7 @@ class Setup extends DolibarrApi $sql = "SELECT rowid as id, code, sortorder, libelle as label, libelle_facture as descr, type_cdr, nbjour, decalage, module"; $sql .= " FROM ".MAIN_DB_PREFIX."c_payment_term as t"; $sql .= " WHERE t.entity IN (".getEntity('c_payment_term').")"; - $sql .= " AND t.active = ".$active; + $sql .= " AND t.active = ".((int) $active); // Add sql filters if ($sqlfilters) { if (!DolibarrApi::_checkFilters($sqlfilters)) { @@ -1183,7 +1183,7 @@ class Setup extends DolibarrApi $sql = "SELECT rowid as id, code, libelle as label, description, tracking, module"; $sql .= " FROM ".MAIN_DB_PREFIX."c_shipment_mode as t"; $sql .= " WHERE t.entity IN (".getEntity('c_shipment_mode').")"; - $sql .= " AND t.active = ".$active; + $sql .= " AND t.active = ".((int) $active); // Add sql filters if ($sqlfilters) { if (!DolibarrApi::_checkFilters($sqlfilters)) { @@ -1307,7 +1307,7 @@ class Setup extends DolibarrApi $sql = "SELECT t.rowid, t.entity, t.code, t.label, t.url, t.icon, t.active"; $sql .= " FROM ".MAIN_DB_PREFIX."c_socialnetworks as t"; $sql .= " WHERE t.entity IN (".getEntity('c_socialnetworks').")"; - $sql .= " AND t.active = ".$active; + $sql .= " AND t.active = ".((int) $active); // Add sql filters if ($sqlfilters) { if (!DolibarrApi::_checkFilters($sqlfilters)) { diff --git a/htdocs/asset/class/asset_type.class.php b/htdocs/asset/class/asset_type.class.php index 36c654c28ba..335cd63115a 100644 --- a/htdocs/asset/class/asset_type.class.php +++ b/htdocs/asset/class/asset_type.class.php @@ -332,7 +332,7 @@ class AssetType extends CommonObject /** * Return array of Asset objects for asset type this->id (or all if this->id not defined) * - * @param string $excludefilter Filter to exclude. This parameter must not be provided by input of users + * @param string $excludefilter Filter string to exclude. This parameter must not be provided by input of users * @param int $mode 0=Return array of asset instance * 1=Return array of asset instance without extra data * 2=Return array of asset id only @@ -347,7 +347,7 @@ class AssetType extends CommonObject $sql = "SELECT a.rowid"; $sql .= " FROM ".MAIN_DB_PREFIX."asset as a"; $sql .= " WHERE a.entity IN (".getEntity('asset').")"; - $sql .= " AND a.fk_asset_type = ".$this->id; + $sql .= " AND a.fk_asset_type = ".((int) $this->id); if (!empty($excludefilter)) { $sql .= ' AND ('.$excludefilter.')'; } diff --git a/htdocs/asset/document.php b/htdocs/asset/document.php index 91e46269994..b4ee3a0a175 100644 --- a/htdocs/asset/document.php +++ b/htdocs/asset/document.php @@ -128,7 +128,7 @@ if ($id > 0 || !empty($ref)) { print dol_get_fiche_end(); $modulepart = 'asset'; - $permission = $user->rights->asset->write; + $permissiontoadd = $user->rights->asset->write; $permtoedit = $user->rights->asset->write; $param = '&id='.$object->id; include DOL_DOCUMENT_ROOT.'/core/tpl/document_actions_post_headers.tpl.php'; diff --git a/htdocs/asset/list.php b/htdocs/asset/list.php index 1e906677e7d..056a73328dc 100644 --- a/htdocs/asset/list.php +++ b/htdocs/asset/list.php @@ -103,7 +103,7 @@ foreach ($object->fields as $key => $val) { // List of fields to search into when doing a "search in all" $fieldstosearchall = array(); foreach ($object->fields as $key => $val) { - if ($val['searchall']) { + if (!empty($val['searchall'])) { $fieldstosearchall['t.'.$key] = $val['label']; } } @@ -542,6 +542,12 @@ while ($i < ($limit ? min($num, $limit) : $num)) { if (!$i) { $totalarray['pos'][$totalarray['nbfield']] = 't.'.$key; } + if (!isset($totalarray['val'])) { + $totalarray['val'] = array(); + } + if (!isset($totalarray['val']['t.'.$key])) { + $totalarray['val']['t.'.$key] = 0; + } $totalarray['val']['t.'.$key] += $object->$key; } } diff --git a/htdocs/blockedlog/admin/blockedlog_list.php b/htdocs/blockedlog/admin/blockedlog_list.php index 6b59c009ae7..265c12dd49c 100644 --- a/htdocs/blockedlog/admin/blockedlog_list.php +++ b/htdocs/blockedlog/admin/blockedlog_list.php @@ -613,8 +613,10 @@ jQuery(document).ready(function () { var fk_block = $(this).attr("data-blockid"); $.ajax({ - url:"../ajax/block-info.php?id="+fk_block - ,dataType:"html" + method: "GET", + data: { token: \''.currentToken().'\' }, + url: "'.DOL_URL_ROOT.'/blockedlog/ajax/block-info.php?id="+fk_block, + dataType: "html" }).done(function(data) { jQuery("#dialogforpopup").html(data); }); @@ -630,10 +632,11 @@ if (!empty($conf->global->BLOCKEDLOG_USE_REMOTE_AUTHORITY) && !empty($conf->glob '."\n"; } if (!GETPOSTISSET("no_email") && !empty($object->email)) { - $result=$object->getNoEmail(); - if ($result<0) { + $result = $object->getNoEmail(); + if ($result < 0) { setEventMessages($object->error, $object->errors, 'errors'); } } print ''; print ''; - print ''.$form->selectyesno('no_email', (GETPOSTISSET("no_email") ? GETPOST("no_email", 'int') : $conf->global->MAILING_CONTACT_DEFAULT_BULK_STATUS), 1, false, ($conf->global->MAILING_CONTACT_DEFAULT_BULK_STATUS==-1)).''; + print ''.$form->selectyesno('no_email', (GETPOSTISSET("no_email") ? GETPOST("no_email", 'int') : $conf->global->MAILING_CONTACT_DEFAULT_BULK_STATUS), 1, false, ($conf->global->MAILING_CONTACT_DEFAULT_BULK_STATUS == -1)).''; print ''; } @@ -1080,8 +1078,8 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { print ''."\n"; } if (!GETPOSTISSET("no_email") && !empty($object->email)) { - $result=$object->getNoEmail(); - if ($result<0) { + $result = $object->getNoEmail(); + if ($result < 0) { setEventMessages($object->error, $object->errors, 'errors'); } } @@ -1315,8 +1313,8 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { // Unsubscribe opt-out if (!empty($conf->mailing->enabled)) { - $result=$object->getNoEmail(); - if ($result<0) { + $result = $object->getNoEmail(); + if ($result < 0) { setEventMessages($object->error, $object->errors, 'errors'); } print ''.$langs->trans("No_Email").''.yn($object->no_email).''; diff --git a/htdocs/contact/class/contact.class.php b/htdocs/contact/class/contact.class.php index 78e4ffae99b..cc3688d03a0 100644 --- a/htdocs/contact/class/contact.class.php +++ b/htdocs/contact/class/contact.class.php @@ -455,18 +455,18 @@ class Contact extends CommonObject $sql .= ") VALUES ("; $sql .= "'".$this->db->idate($now)."',"; if ($this->socid > 0) { - $sql .= " ".$this->db->escape($this->socid).","; + $sql .= " ".((int) $this->socid).","; } else { $sql .= "null,"; } $sql .= "'".$this->db->escape($this->lastname)."',"; $sql .= "'".$this->db->escape($this->firstname)."',"; - $sql .= " ".($user->id > 0 ? "'".$this->db->escape($user->id)."'" : "null").","; - $sql .= " ".$this->db->escape($this->priv).","; + $sql .= " ".($user->id > 0 ? ((int) $user->id) : "null").","; + $sql .= " ".((int) $this->priv).","; $sql .= " 0,"; - $sql .= " ".$this->db->escape($this->statut).","; + $sql .= " ".((int) $this->statut).","; $sql .= " ".(!empty($this->canvas) ? "'".$this->db->escape($this->canvas)."'" : "null").","; - $sql .= " ".$this->db->escape($this->entity).","; + $sql .= " ".((int) $this->entity).","; $sql .= "'".$this->db->escape($this->ref_ext)."',"; $sql .= " ".(!empty($this->import_key) ? "'".$this->db->escape($this->import_key)."'" : "null"); $sql .= ")"; @@ -539,14 +539,13 @@ class Contact extends CommonObject $this->entity = ((isset($this->entity) && is_numeric($this->entity)) ? $this->entity : $conf->entity); // Clean parameters + $this->ref_ext = trim($this->ref_ext); $this->lastname = trim($this->lastname) ?trim($this->lastname) : trim($this->lastname); $this->firstname = trim($this->firstname); $this->email = trim($this->email); $this->phone_pro = trim($this->phone_pro); $this->phone_perso = trim($this->phone_perso); $this->phone_mobile = trim($this->phone_mobile); - $this->jabberid = trim($this->jabberid); - $this->skype = trim($this->skype); $this->photo = trim($this->photo); $this->fax = trim($this->fax); $this->zip = (empty($this->zip) ? '' : trim($this->zip)); @@ -561,18 +560,19 @@ class Contact extends CommonObject } $this->db->begin(); - $sql = "UPDATE ".MAIN_DB_PREFIX."socpeople SET "; + $sql = "UPDATE ".MAIN_DB_PREFIX."socpeople SET"; if ($this->socid > 0) { - $sql .= " fk_soc='".$this->db->escape($this->socid)."',"; + $sql .= " fk_soc = ".((int) $this->socid).","; } elseif ($this->socid == -1) { - $sql .= " fk_soc=null,"; + $sql .= " fk_soc = NULL,"; } - $sql .= " civility='".$this->db->escape($this->civility_code)."'"; + $sql .= " civility='".$this->db->escape($this->civility_code)."'"; $sql .= ", lastname='".$this->db->escape($this->lastname)."'"; $sql .= ", firstname='".$this->db->escape($this->firstname)."'"; $sql .= ", address='".$this->db->escape($this->address)."'"; $sql .= ", zip='".$this->db->escape($this->zip)."'"; $sql .= ", town='".$this->db->escape($this->town)."'"; + $sql .= ", ref_ext = ".(!empty($this->ref_ext) ? "'".$this->db->escape($this->ref_ext)."'" : "NULL"); $sql .= ", fk_pays=".($this->country_id > 0 ? $this->country_id : 'NULL'); $sql .= ", fk_departement=".($this->state_id > 0 ? $this->state_id : 'NULL'); $sql .= ", poste='".$this->db->escape($this->poste)."'"; @@ -581,21 +581,21 @@ class Contact extends CommonObject $sql .= ", socialnetworks = '".$this->db->escape(json_encode($this->socialnetworks))."'"; $sql .= ", photo='".$this->db->escape($this->photo)."'"; $sql .= ", birthday=".($this->birthday ? "'".$this->db->idate($this->birthday)."'" : "null"); - $sql .= ", note_private = ".(isset($this->note_private) ? "'".$this->db->escape($this->note_private)."'" : "null"); - $sql .= ", note_public = ".(isset($this->note_public) ? "'".$this->db->escape($this->note_public)."'" : "null"); - $sql .= ", phone = ".(isset($this->phone_pro) ? "'".$this->db->escape($this->phone_pro)."'" : "null"); - $sql .= ", phone_perso = ".(isset($this->phone_perso) ? "'".$this->db->escape($this->phone_perso)."'" : "null"); - $sql .= ", phone_mobile = ".(isset($this->phone_mobile) ? "'".$this->db->escape($this->phone_mobile)."'" : "null"); + $sql .= ", note_private = ".(isset($this->note_private) ? "'".$this->db->escape($this->note_private)."'" : "NULL"); + $sql .= ", note_public = ".(isset($this->note_public) ? "'".$this->db->escape($this->note_public)."'" : "NULL"); + $sql .= ", phone = ".(isset($this->phone_pro) ? "'".$this->db->escape($this->phone_pro)."'" : "NULL"); + $sql .= ", phone_perso = ".(isset($this->phone_perso) ? "'".$this->db->escape($this->phone_perso)."'" : "NULL"); + $sql .= ", phone_mobile = ".(isset($this->phone_mobile) ? "'".$this->db->escape($this->phone_mobile)."'" : "NULL"); $sql .= ", priv = '".$this->db->escape($this->priv)."'"; $sql .= ", fk_prospectcontactlevel = '".$this->db->escape($this->fk_prospectlevel)."'"; if (isset($this->stcomm_id)) { $sql .= ", fk_stcommcontact = ".($this->stcomm_id > 0 || $this->stcomm_id == -1 ? $this->stcomm_id : "0"); } - $sql .= ", statut = ".$this->db->escape($this->statut); + $sql .= ", statut = ".((int) $this->statut); $sql .= ", fk_user_modif=".($user->id > 0 ? "'".$this->db->escape($user->id)."'" : "NULL"); $sql .= ", default_lang=".($this->default_lang ? "'".$this->db->escape($this->default_lang)."'" : "NULL"); - $sql .= ", entity = ".$this->db->escape($this->entity); - $sql .= " WHERE rowid=".$this->db->escape($id); + $sql .= ", entity = ".((int) $this->entity); + $sql .= " WHERE rowid=".((int) $id); dol_syslog(get_class($this)."::update", LOG_DEBUG); $result = $this->db->query($sql); @@ -1190,10 +1190,11 @@ class Contact extends CommonObject } /** - * Efface le contact de la base + * Delete a contact from database + * // TODO Add $user as first param * - * @param int $notrigger Disable all trigger - * @return int <0 if KO, >0 if OK + * @param int $notrigger Disable all trigger + * @return int <0 if KO, >0 if OK */ public function delete($notrigger = 0) { @@ -1221,7 +1222,7 @@ class Contact extends CommonObject $obj = $this->db->fetch_object($resql); $sqldel = "DELETE FROM ".MAIN_DB_PREFIX."element_contact"; - $sqldel .= " WHERE rowid = ".$obj->rowid; + $sqldel .= " WHERE rowid = ".((int) $obj->rowid); dol_syslog(__METHOD__, LOG_DEBUG); $result = $this->db->query($sqldel); if (!$result) { @@ -1324,7 +1325,7 @@ class Contact extends CommonObject $sql = "SELECT c.rowid, c.datec as datec, c.fk_user_creat,"; $sql .= " c.tms as tms, c.fk_user_modif"; $sql .= " FROM ".MAIN_DB_PREFIX."socpeople as c"; - $sql .= " WHERE c.rowid = ".$this->db->escape($id); + $sql .= " WHERE c.rowid = ".((int) $id); $resql = $this->db->query($sql); if ($resql) { @@ -1770,10 +1771,10 @@ class Contact extends CommonObject $sql = "SELECT sc.fk_socpeople as id, sc.fk_c_type_contact"; $sql .= " FROM ".MAIN_DB_PREFIX."c_type_contact tc"; $sql .= ", ".MAIN_DB_PREFIX."societe_contacts sc"; - $sql .= " WHERE sc.fk_soc =".$this->socid; + $sql .= " WHERE sc.fk_soc =".((int) $this->socid); $sql .= " AND sc.fk_c_type_contact=tc.rowid"; - $sql .= " AND tc.element='".$this->db->escape($element)."'"; - $sql .= " AND tc.active=1"; + $sql .= " AND tc.element = '".$this->db->escape($element)."'"; + $sql .= " AND tc.active = 1"; dol_syslog(__METHOD__, LOG_DEBUG); $resql = $this->db->query($sql); diff --git a/htdocs/contact/document.php b/htdocs/contact/document.php index e980b0ee94c..3005c6b7827 100644 --- a/htdocs/contact/document.php +++ b/htdocs/contact/document.php @@ -182,7 +182,7 @@ if ($object->id) { print dol_get_fiche_end(); $modulepart = 'contact'; - $permission = $user->rights->societe->contact->creer; + $permissiontoadd = $user->rights->societe->contact->creer; $permtoedit = $user->rights->societe->contact->creer; $param = '&id='.$object->id; include DOL_DOCUMENT_ROOT.'/core/tpl/document_actions_post_headers.tpl.php'; diff --git a/htdocs/contact/list.php b/htdocs/contact/list.php index 74e3c704739..fe8e20bac9c 100644 --- a/htdocs/contact/list.php +++ b/htdocs/contact/list.php @@ -375,13 +375,13 @@ if (is_array($extrafields->attributes[$object->table_element]['label']) && count $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."c_country as co ON co.rowid = p.fk_pays"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON s.rowid = p.fk_soc"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."c_stcommcontact as st ON st.id = p.fk_stcommcontact"; -if (!empty($search_categ)) { +if (!empty($search_categ) && $search_categ != '-1') { $sql .= ' LEFT JOIN '.MAIN_DB_PREFIX."categorie_contact as cc ON p.rowid = cc.fk_socpeople"; // We need this table joined to the select in order to filter by categ } -if (!empty($search_categ_thirdparty)) { +if (!empty($search_categ_thirdparty) && $search_categ_thirdparty != '-1') { $sql .= ' LEFT JOIN '.MAIN_DB_PREFIX."categorie_societe as cs ON s.rowid = cs.fk_soc"; // We need this table joined to the select in order to filter by categ } -if (!empty($search_categ_supplier)) { +if (!empty($search_categ_supplier) && $search_categ_supplier != '-1') { $sql .= ' LEFT JOIN '.MAIN_DB_PREFIX."categorie_fournisseur as cs2 ON s.rowid = cs2.fk_soc"; // We need this table joined to the select in order to filter by categ } if (!$user->rights->societe->client->voir && !$socid) { @@ -392,7 +392,7 @@ if (!$user->rights->societe->client->voir && !$socid) { //restriction $sql .= " AND (sc.fk_user = ".$user->id." OR p.fk_soc IS NULL)"; } if (!empty($userid)) { // propre au commercial - $sql .= " AND p.fk_user_creat=".$db->escape($userid); + $sql .= " AND p.fk_user_creat=".((int) $userid); } if ($search_level) { $sql .= natural_search("p.fk_prospectcontactlevel", join(',', $search_level), 3); @@ -414,19 +414,19 @@ if ($search_priv != '0' && $search_priv != '1') { } if ($search_categ > 0) { - $sql .= " AND cc.fk_categorie = ".$db->escape($search_categ); + $sql .= " AND cc.fk_categorie = ".((int) $search_categ); } if ($search_categ == -2) { $sql .= " AND cc.fk_categorie IS NULL"; } if ($search_categ_thirdparty > 0) { - $sql .= " AND cs.fk_categorie = ".$db->escape($search_categ_thirdparty); + $sql .= " AND cs.fk_categorie = ".((int) $search_categ_thirdparty); } if ($search_categ_thirdparty == -2) { $sql .= " AND cs.fk_categorie IS NULL"; } if ($search_categ_supplier > 0) { - $sql .= " AND cs2.fk_categorie = ".$db->escape($search_categ_supplier); + $sql .= " AND cs2.fk_categorie = ".((int) $search_categ_supplier); } if ($search_categ_supplier == -2) { $sql .= " AND cs2.fk_categorie IS NULL"; @@ -495,10 +495,10 @@ if (count($search_roles) > 0) { $sql .= " AND p.rowid IN (SELECT sc.fk_socpeople FROM ".MAIN_DB_PREFIX."societe_contacts as sc WHERE sc.fk_c_type_contact IN (".$db->sanitize(implode(',', $search_roles))."))"; } if ($search_no_email != '' && $search_no_email >= 0) { - $sql .= " AND p.no_email = ".$db->escape($search_no_email); + $sql .= " AND p.no_email = ".((int) $search_no_email); } if ($search_status != '' && $search_status >= 0) { - $sql .= " AND p.statut = ".$db->escape($search_status); + $sql .= " AND p.statut = ".((int) $search_status); } if ($search_import_key) { $sql .= natural_search("p.import_key", $search_import_key); diff --git a/htdocs/contact/perso.php b/htdocs/contact/perso.php index 628c73b0afc..261ffebf29c 100644 --- a/htdocs/contact/perso.php +++ b/htdocs/contact/perso.php @@ -60,8 +60,8 @@ if ($action == 'update' && !GETPOST("cancel") && $user->rights->societe->contact $result = $object->update_perso($id, $user); if ($result > 0) { - $object->old_name = ''; - $object->old_firstname = ''; + $object->oldcopy = clone $object; + // Logo/Photo save $dir = $conf->societe->dir_output.'/contact/'.get_exdir($object->id, 0, 0, 1, $object, 'contact').'/photos'; diff --git a/htdocs/contrat/class/contrat.class.php b/htdocs/contrat/class/contrat.class.php index 186e4ee5761..5436c55faeb 100644 --- a/htdocs/contrat/class/contrat.class.php +++ b/htdocs/contrat/class/contrat.class.php @@ -1546,11 +1546,11 @@ class Contrat extends CommonObject $sql .= ") VALUES ("; $sql .= $this->id.", '', '".$this->db->escape($desc)."',"; $sql .= ($fk_product > 0 ? $fk_product : "null").","; - $sql .= " ".$qty.","; - $sql .= " ".$txtva.","; + $sql .= " ".((float) $qty).","; + $sql .= " ".((float) $txtva).","; $sql .= " ".($vat_src_code ? "'".$this->db->escape($vat_src_code)."'" : "null").","; - $sql .= " ".$txlocaltax1.","; - $sql .= " ".$txlocaltax2.","; + $sql .= " ".((float) $txlocaltax1).","; + $sql .= " ".((float) $txlocaltax2).","; $sql .= " '".$this->db->escape($localtax1_type)."',"; $sql .= " '".$this->db->escape($localtax2_type)."',"; $sql .= " ".price2num($remise_percent).","; @@ -1559,7 +1559,7 @@ class Contrat extends CommonObject $sql .= " '".$this->db->escape($info_bits)."',"; $sql .= " ".price2num($price).",".price2num($remise).","; if (isset($fk_fournprice)) { - $sql .= ' '.$fk_fournprice.','; + $sql .= ' '.((int) $fk_fournprice).','; } else { $sql .= ' null,'; } @@ -3066,9 +3066,9 @@ class ContratLigne extends CommonObjectLine // Update request $sql = "UPDATE ".MAIN_DB_PREFIX."contratdet SET"; - $sql .= " fk_contrat=".$this->fk_contrat.","; + $sql .= " fk_contrat=".((int) $this->fk_contrat).","; $sql .= " fk_product=".($this->fk_product ? "'".$this->db->escape($this->fk_product)."'" : 'null').","; - $sql .= " statut=".$this->statut.","; + $sql .= " statut=".((int) $this->statut).","; $sql .= " label='".$this->db->escape($this->label)."',"; $sql .= " description='".$this->db->escape($this->description)."',"; $sql .= " date_commande=".($this->date_commande != '' ? "'".$this->db->idate($this->date_commande)."'" : "null").","; @@ -3373,11 +3373,11 @@ class ContratLigne extends CommonObjectLine $this->db->begin(); - $sql = "UPDATE ".MAIN_DB_PREFIX."contratdet SET statut = ".ContratLigne::STATUS_CLOSED.","; + $sql = "UPDATE ".MAIN_DB_PREFIX."contratdet SET statut = ".((int) ContratLigne::STATUS_CLOSED).","; $sql .= " date_cloture = '".$this->db->idate($date_end)."',"; $sql .= " fk_user_cloture = ".$user->id.","; $sql .= " commentaire = '".$this->db->escape($comment)."'"; - $sql .= " WHERE rowid = ".$this->id." AND statut = ".ContratLigne::STATUS_OPEN; + $sql .= " WHERE rowid = ".$this->id." AND statut = ".((int) ContratLigne::STATUS_OPEN); $resql = $this->db->query($sql); if ($resql) { diff --git a/htdocs/contrat/document.php b/htdocs/contrat/document.php index 1dd87fd75e3..0d66204f81d 100644 --- a/htdocs/contrat/document.php +++ b/htdocs/contrat/document.php @@ -192,7 +192,7 @@ if ($object->id) { print dol_get_fiche_end(); $modulepart = 'contract'; - $permission = $user->rights->contrat->creer; + $permissiontoadd = $user->rights->contrat->creer; $permtoedit = $user->rights->contrat->creer; $param = '&id='.$object->id; include DOL_DOCUMENT_ROOT.'/core/tpl/document_actions_post_headers.tpl.php'; diff --git a/htdocs/contrat/index.php b/htdocs/contrat/index.php index aed4cba2fe1..a5e3da943b7 100644 --- a/htdocs/contrat/index.php +++ b/htdocs/contrat/index.php @@ -250,7 +250,7 @@ if (!empty($conf->contrat->enabled) && $user->rights->contrat->lire) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".$user->id; } if ($socid) { - $sql .= " AND c.fk_soc = ".$socid; + $sql .= " AND c.fk_soc = ".((int) $socid); } $resql = $db->query($sql); diff --git a/htdocs/contrat/list.php b/htdocs/contrat/list.php index cf19f1178f6..ccb36830844 100644 --- a/htdocs/contrat/list.php +++ b/htdocs/contrat/list.php @@ -265,10 +265,10 @@ if ($search_type_thirdparty != '' && $search_type_thirdparty > 0) { $sql .= " AND s.fk_typent IN (".$db->sanitize($db->escape($search_type_thirdparty)).')'; } if ($search_product_category > 0) { - $sql .= " AND cp.fk_categorie = ".$search_product_category; + $sql .= " AND cp.fk_categorie = ".((int) $search_product_category); } if ($socid) { - $sql .= " AND s.rowid = ".$db->escape($socid); + $sql .= " AND s.rowid = ".((int) $socid); } if (!$user->rights->societe->client->voir && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".$user->id; @@ -296,13 +296,13 @@ if ($search_town) { $sql .= natural_search(array('s.town'), $search_town); } if ($search_sale > 0) { - $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".$search_sale; + $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $search_sale); } if ($sall) { $sql .= natural_search(array_keys($fieldstosearchall), $sall); } if ($search_user > 0) { - $sql .= " AND ec.fk_c_type_contact = tc.rowid AND tc.element='contrat' AND tc.source='internal' AND ec.element_id = c.rowid AND ec.fk_socpeople = ".$search_user; + $sql .= " AND ec.fk_c_type_contact = tc.rowid AND tc.element='contrat' AND tc.source='internal' AND ec.element_id = c.rowid AND ec.fk_socpeople = ".((int) $search_user); } // Add where from extra fields include DOL_DOCUMENT_ROOT.'/core/tpl/extrafields_list_search_sql.tpl.php'; diff --git a/htdocs/contrat/services_list.php b/htdocs/contrat/services_list.php index a0ecc6b4be8..8368bffbab2 100644 --- a/htdocs/contrat/services_list.php +++ b/htdocs/contrat/services_list.php @@ -257,7 +257,7 @@ if ($search_product_category > 0) { $sql .= " WHERE c.entity = ".$conf->entity; $sql .= " AND c.rowid = cd.fk_contrat"; if ($search_product_category > 0) { - $sql .= " AND cp.fk_categorie = ".$search_product_category; + $sql .= " AND cp.fk_categorie = ".((int) $search_product_category); } $sql .= " AND c.fk_soc = s.rowid"; if (!$user->rights->societe->client->voir && !$socid) { diff --git a/htdocs/core/actions_extrafields.inc.php b/htdocs/core/actions_extrafields.inc.php index b03c2c3d192..1ca04a00c8b 100644 --- a/htdocs/core/actions_extrafields.inc.php +++ b/htdocs/core/actions_extrafields.inc.php @@ -137,7 +137,7 @@ if ($action == 'add') { // Check reserved keyword with more than 3 characters if (!$error) { - if (in_array(GETPOST('attrname', 'aZ09'), array('and', 'keyword', 'table', 'index', 'integer', 'float', 'double', 'position'))) { + if (in_array(GETPOST('attrname', 'aZ09'), array('and', 'keyword', 'table', 'index', 'int', 'integer', 'float', 'double', 'real', 'position'))) { $error++; $langs->load("errors"); $mesg[] = $langs->trans("ErrorReservedKeyword", GETPOST('attrname', 'aZ09')); diff --git a/htdocs/core/actions_linkedfiles.inc.php b/htdocs/core/actions_linkedfiles.inc.php index 750ed2b2d9a..3e2438f63d3 100644 --- a/htdocs/core/actions_linkedfiles.inc.php +++ b/htdocs/core/actions_linkedfiles.inc.php @@ -27,6 +27,15 @@ //var_dump($upload_dirold); +// Protection to understand what happen when submitting files larger than post_max_size +if (GETPOST('uploadform', 'int') && empty($_POST) && empty($_FILES)) { + dol_syslog("The PHP parameter 'post_max_size' is too low. All POST parameters and FILES were set to empty."); + $langs->loadLangs(array("errors", "install")); + print $langs->trans("ErrorFileSizeTooLarge").' '; + print $langs->trans("ErrorGoBackAndCorrectParameters"); + die; +} + // Submit file/link if (GETPOST('sendit', 'alpha') && !empty($conf->global->MAIN_UPLOAD_DOC) && (!isset($permissiontoadd) || $permissiontoadd)) { if (!empty($_FILES)) { diff --git a/htdocs/core/actions_massactions.inc.php b/htdocs/core/actions_massactions.inc.php index f39c73b5bf0..cd8a3817602 100644 --- a/htdocs/core/actions_massactions.inc.php +++ b/htdocs/core/actions_massactions.inc.php @@ -712,7 +712,7 @@ if ($massaction == 'confirm_createbills') { // Create bills from orders. for ($i = 0; $i < $num; $i++) { $desc = ($lines[$i]->desc ? $lines[$i]->desc : ''); - // If we build one invoice for several order, we must put the invoice of order on the line + // If we build one invoice for several orders, we must put the ref of order on the invoice line if (!empty($createbills_onebythird)) { $desc = dol_concatdesc($desc, $langs->trans("Order").' '.$cmd->ref.' - '.dol_print_date($cmd->date, 'day')); } @@ -772,6 +772,8 @@ if ($massaction == 'confirm_createbills') { // Create bills from orders. $array_options = $lines[$i]->array_options; } + $objecttmp->context['createfromclone']; + $result = $objecttmp->addline( $desc, $lines[$i]->subprice, @@ -1051,9 +1053,9 @@ if (!$error && $massaction == "builddoc" && $permissiontoread && !GETPOST('butto if ($conf->global->MAIN_MULTILANGS && empty($newlang) && GETPOST('lang_id', 'aZ09')) { $newlang = GETPOST('lang_id', 'aZ09'); } - if ($conf->global->MAIN_MULTILANGS && empty($newlang)) { - $newlang = $objecttmp->thirdparty->default_lang; - } + //elseif ($conf->global->MAIN_MULTILANGS && empty($newlang) && is_object($objecttmp->thirdparty)) { // On massaction, we can have several values for $objecttmp->thirdparty + // $newlang = $objecttmp->thirdparty->default_lang; + //} if (!empty($newlang)) { $outputlangs = new Translate("", $conf); $outputlangs->setDefaultLang($newlang); diff --git a/htdocs/core/actions_sendmails.inc.php b/htdocs/core/actions_sendmails.inc.php index b4e583387c9..83a823edeb2 100644 --- a/htdocs/core/actions_sendmails.inc.php +++ b/htdocs/core/actions_sendmails.inc.php @@ -345,7 +345,7 @@ if (($action == 'send' || $action == 'relance') && !$_POST['addfile'] && !$_POST $subject = make_substitutions($subject, $substitutionarray); $message = make_substitutions($message, $substitutionarray); - if (method_exists($object, 'makeSubstitution')) { + if (is_object($object) && method_exists($object, 'makeSubstitution')) { $subject = $object->makeSubstitution($subject); $message = $object->makeSubstitution($message); } diff --git a/htdocs/core/ajax/ajaxdirpreview.php b/htdocs/core/ajax/ajaxdirpreview.php index cf619f70de6..09292dd4991 100644 --- a/htdocs/core/ajax/ajaxdirpreview.php +++ b/htdocs/core/ajax/ajaxdirpreview.php @@ -54,8 +54,8 @@ if (!isset($mode) || $mode != 'noajax') { // For ajax call $search_doc_ref = GETPOST('search_doc_ref', 'alpha'); $limit = GETPOST('limit', 'int') ? GETPOST('limit', 'int') : $conf->liste_limit; - $sortfield = GETPOST("sortfield", 'alpha'); - $sortorder = GETPOST("sortorder", 'alpha'); + $sortfield = GETPOST("sortfield", 'aZ09comma'); + $sortorder = GETPOST("sortorder", 'aZ09comma'); $page = GETPOSTISSET('pageplusone') ? (GETPOST('pageplusone') - 1) : GETPOST("page", 'int'); if (empty($page) || $page == -1) { $page = 0; @@ -82,8 +82,8 @@ if (!isset($mode) || $mode != 'noajax') { // For ajax call //exit; } } -} else // For no ajax call -{ +} else { + // For no ajax call $rootdirfordoc = $conf->ecm->dir_output; $ecmdir = new EcmDirectory($db); @@ -376,7 +376,7 @@ if ($type == 'directory') { // When we show list of files for ECM files, $filearray contains file list, and directory is defined with modulepart + section into $param // When we show list of files for a directory, $filearray ciontains file list, and directory is defined with modulepart + $relativepath //var_dump("section=".$section." title=".$title." modulepart=".$modulepart." useinecm=".$useinecm." perm=".$perm." relativepath=".$relativepath." param=".$param." url=".$url); - $formfile->list_of_documents($filearray, '', $modulepart, $param, 1, $relativepath, $perm, $useinecm, $textifempty, $maxlengthname, $title, $url, 0, $perm); + $formfile->list_of_documents($filearray, '', $modulepart, $param, 1, $relativepath, $perm, $useinecm, $textifempty, $maxlengthname, $title, $url, 0, $perm, '', $sortfield, $sortorder); } } @@ -430,6 +430,7 @@ if ($useajax || $action == 'delete') { } if ($useajax) { + print ''."\n"; print ''; + jQuery(document).ready(function () { + jQuery(".button_'.$name.'").click(function () { + console.log("Open popup with jQuery(...).dialog() on URL '.dol_escape_js(DOL_URL_ROOT.$url).'") + var $dialog = $(\'
\').html(\'\') + .dialog({ + autoOpen: false, + modal: true, + height: (window.innerHeight - 150), + width: \'80%\', + title: "'.dol_escape_js($label).'" + }); + $dialog.dialog(\'open\'); + }); + }); + '; return $out; } @@ -3499,7 +3501,8 @@ function img_picto($titlealt, $picto, $moreatt = '', $pictoisfullpath = false, $ 'accountancy', 'account', 'accountline', 'action', 'add', 'address', 'angle-double-down', 'angle-double-up', 'asset', 'bank_account', 'barcode', 'bank', 'bill', 'billa', 'billr', 'billd', 'bookmark', 'bom', 'bug', 'building', 'calendar', 'calendarmonth', 'calendarweek', 'calendarday', 'calendarperuser', 'calendarpertype', - 'cash-register', 'category', 'chart', 'check', 'clock', 'close_title', 'cog', 'collab', 'company', 'contact', 'country', 'contract', 'cron', 'cubes', 'multicurrency', + 'cash-register', 'category', 'chart', 'check', 'clock', 'close_title', 'cog', 'collab', 'company', 'contact', 'country', 'contract', 'conversation', 'cron', 'cubes', + 'multicurrency', 'delete', 'dolly', 'dollyrevert', 'donation', 'download', 'dynamicprice', 'edit', 'ellipsis-h', 'email', 'eraser', 'establishment', 'expensereport', 'external-link-alt', 'external-link-square-alt', 'filter', 'file-code', 'file-export', 'file-import', 'file-upload', 'autofill', 'folder', 'folder-open', 'folder-plus', @@ -3509,12 +3512,14 @@ function img_picto($titlealt, $picto, $moreatt = '', $pictoisfullpath = false, $ 'label', 'language', 'link', 'list', 'list-alt', 'listlight', 'loan', 'lot', 'long-arrow-alt-right', 'margin', 'map-marker-alt', 'member', 'meeting', 'money-bill-alt', 'movement', 'mrp', 'note', 'next', 'off', 'on', 'order', - 'paiment', 'paragraph', 'play', 'pdf', 'phone', 'playdisabled', 'previous', 'poll', 'pos', 'printer', 'product', 'propal', 'stock', 'resize', 'service', 'stats', 'trip', + 'paiment', 'paragraph', 'play', 'pdf', 'phone', 'phoning', 'phoning_mobile', 'phoning_fax', 'playdisabled', 'previous', 'poll', 'pos', 'printer', 'product', 'propal', 'stock', 'resize', 'service', 'stats', 'trip', 'security', 'setup', 'share-alt', 'sign-out', 'split', 'stripe', 'stripe-s', 'switch_off', 'switch_on', 'tools', 'unlink', 'uparrow', 'user', 'vcard', 'wrench', 'github', 'jabber', 'skype', 'twitter', 'facebook', 'linkedin', 'instagram', 'snapchat', 'youtube', 'google-plus-g', 'whatsapp', 'chevron-left', 'chevron-right', 'chevron-down', 'chevron-top', 'commercial', 'companies', 'generic', 'home', 'hrm', 'members', 'products', 'invoicing', - 'partnership', 'payment', 'pencil-ruler', 'preview', 'project', 'projectpub', 'projecttask', 'question', 'refresh', 'salary', 'shipment', 'supplier_invoice', 'technic', 'ticket', + 'partnership', 'payment', 'pencil-ruler', 'preview', 'project', 'projectpub', 'projecttask', 'question', 'refresh', 'salary', 'shipment', + 'supplier_invoice', 'supplier_invoicea', 'supplier_invoicer', 'supplier_invoiced', + 'technic', 'ticket', 'error', 'warning', 'recent', 'reception', 'recruitmentcandidature', 'recruitmentjobposition', 'resource', 'shapes', 'supplier', 'supplier_proposal', 'supplier_order', 'supplier_invoice', @@ -3535,7 +3540,9 @@ function img_picto($titlealt, $picto, $moreatt = '', $pictoisfullpath = false, $ $arrayconvpictotofa = array( 'account'=>'university', 'accountline'=>'receipt', 'accountancy'=>'search-dollar', 'action'=>'calendar-alt', 'add'=>'plus-circle', 'address'=> 'address-book', 'asset'=>'money-check-alt', 'autofill'=>'fill', - 'bank_account'=>'university', 'bill'=>'file-invoice-dollar', 'billa'=>'file-excel', 'billr'=>'file-invoice-dollar', 'supplier_invoicea'=>'file-excel', 'billd'=>'file-medical', 'supplier_invoiced'=>'file-medical', + 'bank_account'=>'university', + 'bill'=>'file-invoice-dollar', 'billa'=>'file-excel', 'billr'=>'file-invoice-dollar', 'billd'=>'file-medical', + 'supplier_invoice'=>'file-invoice-dollar', 'supplier_invoicea'=>'file-excel', 'supplier_invoicer'=>'file-invoice-dollar', 'supplier_invoiced'=>'file-medical', 'bom'=>'shapes', 'chart'=>'chart-line', 'company'=>'building', 'contact'=>'address-book', 'contract'=>'suitcase', 'collab'=>'people-arrows', 'conversation'=>'comments', 'country'=>'globe-americas', 'cron'=>'business-time', 'donation'=>'file-alt', 'dynamicprice'=>'hand-holding-usd', @@ -5185,7 +5192,7 @@ function price($amount, $form = 0, $outlangs = '', $trunc = 1, $rounding = -1, $ * @param int $option Put 1 if you know that content is already universal format number (so no correction on decimal will be done) * Put 2 if you know that number is a user input (so we know we don't have to fix decimal separator). * @return string Amount with universal numeric format (Example: '99.99999'). - * If conversion fails, it return text unchanged if $rounding = '' or '0' if $rounding is defined. + * If conversion fails, it return text unchanged if ($rounding = '' and $option = 1) or '0' if ($rounding is defined and $option = 1). * If amount is null or '', it returns '' if $rounding = '' or '0' if $rounding is defined.. * * @see price() Opposite function of price2num @@ -7134,14 +7141,14 @@ function getCommonSubstitutionArray($outputlangs, $onlykey = 0, $exclude = null, $substitutionarray['__AMOUNT_TAX3__'] = is_object($object) ? $object->total_localtax2 : ''; } - $substitutionarray['__AMOUNT_FORMATED__'] = is_object($object) ? ($object->total_ttc ? price($object->total_ttc, 0, $outputlangs, 0, 0, -1, $conf->currency) : null) : ''; - $substitutionarray['__AMOUNT_EXCL_TAX_FORMATED__'] = is_object($object) ? ($object->total_ht ? price($object->total_ht, 0, $outputlangs, 0, 0, -1, $conf->currency) : null) : ''; - $substitutionarray['__AMOUNT_VAT_FORMATED__'] = is_object($object) ? (isset($object->total_vat) ? price($object->total_vat, 0, $outputlangs, 0, 0, -1, $conf->currency) : ($object->total_tva ? price($object->total_tva, 0, $outputlangs, 0, 0, -1, $conf->currency) : null)) : ''; + $substitutionarray['__AMOUNT_FORMATED__'] = is_object($object) ? ($object->total_ttc ? price($object->total_ttc, 0, $outputlangs, 0, -1, -1, $conf->currency) : null) : ''; + $substitutionarray['__AMOUNT_EXCL_TAX_FORMATED__'] = is_object($object) ? ($object->total_ht ? price($object->total_ht, 0, $outputlangs, 0, -1, -1, $conf->currency) : null) : ''; + $substitutionarray['__AMOUNT_VAT_FORMATED__'] = is_object($object) ? (isset($object->total_vat) ? price($object->total_vat, 0, $outputlangs, 0, -1, -1, $conf->currency) : ($object->total_tva ? price($object->total_tva, 0, $outputlangs, 0, -1, -1, $conf->currency) : null)) : ''; if ($onlykey != 2 || $mysoc->useLocalTax(1)) { - $substitutionarray['__AMOUNT_TAX2_FORMATED__'] = is_object($object) ? ($object->total_localtax1 ? price($object->total_localtax1, 0, $outputlangs, 0, 0, -1, $conf->currency) : null) : ''; + $substitutionarray['__AMOUNT_TAX2_FORMATED__'] = is_object($object) ? ($object->total_localtax1 ? price($object->total_localtax1, 0, $outputlangs, 0, -1, -1, $conf->currency) : null) : ''; } if ($onlykey != 2 || $mysoc->useLocalTax(2)) { - $substitutionarray['__AMOUNT_TAX3_FORMATED__'] = is_object($object) ? ($object->total_localtax2 ? price($object->total_localtax2, 0, $outputlangs, 0, 0, -1, $conf->currency) : null) : ''; + $substitutionarray['__AMOUNT_TAX3_FORMATED__'] = is_object($object) ? ($object->total_localtax2 ? price($object->total_localtax2, 0, $outputlangs, 0, -1, -1, $conf->currency) : null) : ''; } $substitutionarray['__AMOUNT_MULTICURRENCY__'] = (is_object($object) && isset($object->multicurrency_total_ttc)) ? $object->multicurrency_total_ttc : ''; @@ -7994,6 +8001,29 @@ function dol_eval($s, $returnvalue = 0, $hideerrors = 1) global $obj; // To get $obj used into list when dol_eval is used for computed fields and $obj is not yet $object global $soc; // For backward compatibility + // Replace dangerous char (used for RCE), we allow only PHP variable testing. + if (strpos($s, '`') !== false) { + return 'Bad string syntax to evaluate: '.$s; + } + + // We block using of php exec or php file functions + $forbiddenphpstrings = array("exec(", "passthru(", "shell_exec(", "system(", "proc_open(", "popen(", "eval(", "dol_eval(", "executeCLI("); + $forbiddenphpstrings = array_merge($forbiddenphpstrings, array("fopen(", "file_put_contents(", "fputs(", "fputscsv(", "fwrite(", "fpassthru(", "unlink(", "mkdir(", "rmdir(", "symlink(", "touch(", "umask(")); + $forbiddenphpstrings = array_merge($forbiddenphpstrings, array('function(', '$$', 'call_user_func(')); + $forbiddenphpstrings = array_merge($forbiddenphpstrings, array('_ENV', '_SESSION', '_COOKIE', '_GET', '_POST', '_REQUEST')); + $forbiddenphpregex = 'global\s+\$'; + do { + $oldstringtoclean = $s; + $s = str_ireplace($forbiddenphpstrings, '__forbiddenstring__', $s); + $s = preg_replace('/'.$forbiddenphpregex.'/', '__forbiddenstring__', $s); + //$s = preg_replace('/\$[a-zA-Z0-9_\->\$]+\(/i', '', $s); // Remove $function( call and $mycall->mymethod( + } while ($oldstringtoclean != $s); + + if (strpos($s, '__forbiddenstring__') !== false) { + dol_syslog('Bad string syntax to evaluate: '.$s, LOG_WARNING); + return 'Bad string syntax to evaluate: '.$s; + } + //print $s."
\n"; if ($returnvalue) { if ($hideerrors) { diff --git a/htdocs/core/lib/functions2.lib.php b/htdocs/core/lib/functions2.lib.php index e279ced2a3d..6f5d2ccb891 100644 --- a/htdocs/core/lib/functions2.lib.php +++ b/htdocs/core/lib/functions2.lib.php @@ -1043,7 +1043,7 @@ function get_next_value($db, $mask, $table, $field, $where = '', $objsoc = '', $ $regType = array(); if (preg_match('/\{(t+)\}/i', $mask, $regType)) { $masktype = $regType[1]; - $masktype_value = substr(preg_replace('/^TE_/', '', $objsoc->typent_code), 0, dol_strlen($regType[1])); // get n first characters of thirdpaty typent_code (where n is length in mask) + $masktype_value = substr(preg_replace('/^TE_/', '', $objsoc->typent_code), 0, dol_strlen($regType[1])); // get n first characters of thirdparty typent_code (where n is length in mask) $masktype_value = str_pad($masktype_value, dol_strlen($regType[1]), "#", STR_PAD_RIGHT); // we fill on right with # to have same number of char than into mask } else { $masktype = ''; @@ -2679,57 +2679,6 @@ if (!function_exists('dolEscapeXML')) { } -/** - * Return automatic or manual in current language - * - * @param string $automaticmanual Value to test (1, 'automatic', 'true' or 0, 'manual', 'false') - * @param integer $case 1=Yes/No, 0=yes/no, 2=Disabled checkbox, 3=Disabled checkbox + Automatic/Manual - * @param int $color 0=texte only, 1=Text is formated with a color font style ('ok' or 'error'), 2=Text is formated with 'ok' color. - * @return string HTML string - */ -function autoOrManual($automaticmanual, $case = 1, $color = 0) -{ - global $langs; - $result = 'unknown'; - $classname = ''; - if ($automaticmanual == 1 || strtolower($automaticmanual) == 'automatic' || strtolower($automaticmanual) == 'true') { // A mettre avant test sur no a cause du == 0 - $result = $langs->trans('automatic'); - if ($case == 1 || $case == 3) { - $result = $langs->trans("Automatic"); - } - if ($case == 2) { - $result = ''; - } - if ($case == 3) { - $result = ' '.$result; - } - - $classname = 'ok'; - } elseif ($automaticmanual == 0 || strtolower($automaticmanual) == 'manual' || strtolower($automaticmanual) == 'false') { - $result = $langs->trans("manual"); - if ($case == 1 || $case == 3) { - $result = $langs->trans("Manual"); - } - if ($case == 2) { - $result = ''; - } - if ($case == 3) { - $result = ' '.$result; - } - - if ($color == 2) { - $classname = 'ok'; - } else { - $classname = 'error'; - } - } - if ($color) { - return ''.$result.''; - } - return $result; -} - - /** * Convert links to local wrapper to medias files into a string into a public external URL readable on internet * diff --git a/htdocs/core/lib/geturl.lib.php b/htdocs/core/lib/geturl.lib.php index 9feddb6f7f5..f87e7b7b4cd 100644 --- a/htdocs/core/lib/geturl.lib.php +++ b/htdocs/core/lib/geturl.lib.php @@ -24,7 +24,9 @@ /** * Function to get a content from an URL (use proxy if proxy defined). * Support Dolibarr setup for timeout and proxy. - * Enhancement of CURL to add an anti SSRF protection. + * Enhancement of CURL to add an anti SSRF protection: + * - you can set MAIN_SECURITY_ANTI_SSRF_SERVER_IP to set static ip of server + * - common local lookup ips like 127.*.*.* are automatically added * * @param string $url URL to call. * @param string $postorget 'POST', 'GET', 'HEAD', 'PUT', 'PUTALREADYFORMATED', 'POSTALREADYFORMATED', 'DELETE' @@ -199,12 +201,13 @@ function getURLContent($url, $postorget = 'GET', $param = '', $followlocation = } } if ($localurl == 1) { // Only local url allowed (dangerous, may allow to get metadata on server or make internal port scanning) + // Deny ips NOT like 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16, 0.0.0.0/8, 169.254.0.0/16, 127.0.0.0/8 et 240.0.0.0/4, ::1/128, ::/128, ::ffff:0:0/96, fe80::/10... if (filter_var($iptocheck, FILTER_VALIDATE_IP, FILTER_FLAG_NO_PRIV_RANGE | FILTER_FLAG_NO_RES_RANGE)) { $info['http_code'] = 400; $info['content'] = 'Error bad hostname '.$iptocheck.'. Must be a local URL.'; break; } - if (!empty($conf->global->MAIN_SECURITY_ANTI_SSRF_SERVER_IP) && !in_array($iptocheck, explode(',', '127.0.0.1,::1,'.$conf->global->MAIN_SECURITY_ANTI_SSRF_SERVER_IP))) { + if (!empty($conf->global->MAIN_SECURITY_ANTI_SSRF_SERVER_IP) && !in_array($iptocheck, explode(',', $conf->global->MAIN_SECURITY_ANTI_SSRF_SERVER_IP))) { $info['http_code'] = 400; $info['content'] = 'Error bad hostname IP (IP is not a local IP defined into list MAIN_SECURITY_SERVER_IP). Must be a local URL in allowed list.'; break; diff --git a/htdocs/core/lib/images.lib.php b/htdocs/core/lib/images.lib.php index 0a0ebe3ce02..0ccb6a415fc 100644 --- a/htdocs/core/lib/images.lib.php +++ b/htdocs/core/lib/images.lib.php @@ -590,7 +590,7 @@ function vignette($file, $maxWidth = 160, $maxHeight = 120, $extName = '_small', break; } - if (!is_resource($img)) { + if (!is_resource($img) && !($img instanceof \GdImage)) { dol_syslog('Failed to detect type of image. We found infoImg[2]='.$infoImg[2], LOG_WARNING); return 0; } diff --git a/htdocs/core/lib/invoice.lib.php b/htdocs/core/lib/invoice.lib.php index 16891214ca5..3838829f8cd 100644 --- a/htdocs/core/lib/invoice.lib.php +++ b/htdocs/core/lib/invoice.lib.php @@ -458,8 +458,9 @@ function getPurchaseInvoicePieChart($socid = 0) /** * Return an HTML table that contains a pie chart of the number of customers or supplier invoices - * @param string $mode Can be customer or fourn - * @return string A HTML table that contains a pie chart of customers or supplier invoices + * + * @param string $mode Can be 'customers' or 'suppliers' + * @return string A HTML table that contains a pie chart of customers or supplier invoices */ function getNumberInvoicesPieChart($mode) { @@ -487,48 +488,55 @@ function getNumberInvoicesPieChart($mode) $sql .= ", sum(".$db->ifsql("f.date_lim_reglement > '".date_format($datenowadd30, 'Y-m-d')."'", 1, 0).") as nbnotlate30"; if ($mode == 'customers') { $sql .= " FROM ".MAIN_DB_PREFIX."facture as f"; - } elseif ($mode == 'fourn') { + } elseif ($mode == 'fourn' || $mode == 'suppliers') { $sql .= " FROM ".MAIN_DB_PREFIX."facture_fourn as f"; } else { return ''; } $sql .= " WHERE f.type <> 2"; $sql .= " AND f.fk_statut = 1"; + if (isset($user->socid) && $user->socid > 0) { + $sql .= " AND f.fk_soc = ".((int) $user->socid); + } + $resql = $db->query($sql); if ($resql) { $num = $db->num_rows($resql); $i = 0; $total = 0; $dataseries = array(); + while ($i < $num) { $obj = $db->fetch_object($resql); - $dataseries = array(array($langs->trans('InvoiceLate30Days'),$obj->nblate30) - ,array($langs->trans('InvoiceLate15Days'),$obj->nblate15-$obj->nblate30) - ,array($langs->trans('InvoiceLateMinus15Days'),$obj->nblatenow-$obj->nblate15) - ,array($langs->trans('InvoiceNotLate'),$obj->nbnotlatenow-$obj->nbnotlate15) - ,array($langs->trans('InvoiceNotLate15Days'),$obj->nbnotlate15-$obj->nbnotlate30) - ,array($langs->trans('InvoiceNotLate30Days'),$obj->nbnotlate30)); + $dataseries = array(array($langs->trans('InvoiceLate30Days'), $obj->nblate30) + ,array($langs->trans('InvoiceLate15Days'), $obj->nblate15 - $obj->nblate30) + ,array($langs->trans('InvoiceLateMinus15Days'), $obj->nblatenow - $obj->nblate15) + ,array($langs->trans('InvoiceNotLate'), $obj->nbnotlatenow - $obj->nbnotlate15) + ,array($langs->trans('InvoiceNotLate15Days'), $obj->nbnotlate15 - $obj->nbnotlate30) + ,array($langs->trans('InvoiceNotLate30Days'), $obj->nbnotlate30)); $i++; } foreach ($dataseries as $key=>$value) { - $total+=$value[1]; + $total += $value[1]; } $colorseries = array($badgeStatus8, $badgeStatus1, $badgeStatus3, $badgeStatus4, $badgeStatus11, '-'.$badgeStatus11); - if ($conf->use_javascript_ajax) { - $result = '
'; - $result .= ''; - $result .= ''; - $result .= ''; - } elseif ($mode == 'fourn') { - $result .= $langs->trans("SupplierInvoice").''; - } else { - return ''; - } - $result .= ''; + $result = '
'; + $result .= '
'.$langs->trans("Statistics").' - '; - if ($mode == 'customers') { - $result .= $langs->trans("CustomerInvoice").'
'; + $result .= ''; + $result .= ''; + $result .= ''; + + if ($conf->use_javascript_ajax) { $dolgraph = new DolGraph(); $dolgraph->SetData($dataseries); $dolgraph->SetDataColor(array_values($colorseries)); @@ -539,17 +547,21 @@ function getNumberInvoicesPieChart($mode) $dolgraph->setWidth('300'); if ($mode == 'customers') { $dolgraph->draw('idgraphcustomerinvoices'); - } elseif ($mode == 'fourn') { + } elseif ($mode == 'fourn' || $mode == 'suppliers') { $dolgraph->draw('idgraphfourninvoices'); } else { return ''; } $result .= ''; - $result .= ''; + $result .= ''; $result .= ''; - $result .= '
'.$langs->trans("Statistics").' - '; + if ($mode == 'customers') { + $result .= $langs->trans("CustomerInvoice"); + } elseif ($mode == 'fourn' || $mode == 'suppliers') { + $result .= $langs->trans("SupplierInvoice"); + } else { + return ''; + } + $result .= '
'.$dolgraph->show($total ? 0 : 1).''.$dolgraph->show($total ? 0 : $langs->trans("NoOpenInvoice")).'
'; - $result .= '
'; + } else { + // Print text lines } + + $result .= ''; + $result .= '
'; + return $result; } else { dol_print_error($db); @@ -603,7 +615,7 @@ function getCustomerInvoiceDraftTable($maxCount = 500, $socid = 0) $sql .= " s.nom, s.rowid, s.email, s.code_client, s.code_compta, s.code_fournisseur, s.code_compta_fournisseur,"; $sql .= " cc.rowid, cc.code"; if (!$user->rights->societe->client->voir && !$socid) { - $sql.= ", sc.fk_soc, sc.fk_user"; + $sql .= ", sc.fk_soc, sc.fk_user"; } // Add Group from hooks @@ -734,7 +746,7 @@ function getDraftSupplierTable($maxCount = 500, $socid = 0) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".$user->id; } if ($socid) { - $sql .= " AND f.fk_soc = ".$socid; + $sql .= " AND f.fk_soc = ".((int) $socid); } // Add where from hooks $parameters = array(); @@ -842,8 +854,8 @@ function getCustomerInvoiceLatestEditTable($maxCount = 5, $socid = 0) { global $conf, $db, $langs, $user; - $sql = "SELECT f.rowid, f.entity, f.ref, f.fk_statut as status, f.paye, s.nom as socname, s.rowid as socid, s.canvas, s.client,"; - $sql .= " f.datec"; + $sql = "SELECT f.rowid, f.entity, f.ref, f.fk_statut as status, f.paye, f.type, f.total_ht, f.total_tva, f.total_ttc, f.datec,"; + $sql .= " s.nom as socname, s.rowid as socid, s.canvas, s.client"; $sql .= " FROM ".MAIN_DB_PREFIX."facture as f"; $sql .= ", ".MAIN_DB_PREFIX."societe as s"; if (!$user->rights->societe->client->voir && !$socid) { @@ -892,6 +904,10 @@ function getCustomerInvoiceLatestEditTable($maxCount = 5, $socid = 0) $objectstatic->ref = $obj->ref; $objectstatic->paye = $obj->paye; $objectstatic->statut = $obj->status; + $objectstatic->total_ht = $obj->total_ht; + $objectstatic->total_tva = $obj->total_tva; + $objectstatic->total_ttc = $obj->total_ttc; + $objectstatic->type = $obj->type; $companystatic->id = $obj->socid; $companystatic->name = $obj->socname; @@ -940,8 +956,8 @@ function getPurchaseInvoiceLatestEditTable($maxCount = 5, $socid = 0) { global $conf, $db, $langs, $user; - $sql = "SELECT f.rowid, f.entity, f.ref, f.fk_statut as status, f.paye, s.nom as socname, s.rowid as socid, s.canvas, s.client,"; - $sql .= " f.datec"; + $sql = "SELECT f.rowid, f.entity, f.ref, f.fk_statut as status, f.paye, f.total_ht, f.total_tva, f.total_ttc, f.type, f.ref_supplier, f.datec,"; + $sql .= " s.nom as socname, s.rowid as socid, s.canvas, s.client"; $sql .= " FROM ".MAIN_DB_PREFIX."facture_fourn as f"; $sql .= ", ".MAIN_DB_PREFIX."societe as s"; if (!$user->rights->societe->client->voir && !$socid) { @@ -950,7 +966,7 @@ function getPurchaseInvoiceLatestEditTable($maxCount = 5, $socid = 0) $sql .= " WHERE f.fk_soc = s.rowid"; $sql .= " AND f.entity IN (".getEntity('facture_fourn').")"; if ($socid) { - $sql .= " AND f.fk_soc = ".$socid; + $sql .= " AND f.fk_soc = ".((int) $socid); } if (!$user->rights->societe->client->voir && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".$user->id; @@ -990,6 +1006,10 @@ function getPurchaseInvoiceLatestEditTable($maxCount = 5, $socid = 0) $objectstatic->ref = $obj->ref; $objectstatic->paye = $obj->paye; $objectstatic->statut = $obj->status; + $objectstatic->total_ht = $obj->total_ht; + $objectstatic->total_tva = $obj->total_tva; + $objectstatic->total_ttc = $obj->total_ttc; + $objectstatic->type = $obj->type; $companystatic->id = $obj->socid; $companystatic->name = $obj->socname; @@ -1062,7 +1082,7 @@ function getCustomerInvoiceUnpaidOpenTable($maxCount = 500, $socid = 0) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".$user->id; } if ($socid) { - $sql .= " AND f.fk_soc = ".$socid; + $sql .= " AND f.fk_soc = ".((int) $socid); } // Add where from hooks $parameters = array(); @@ -1250,7 +1270,7 @@ function getPurchaseInvoiceUnpaidOpenTable($maxCount = 500, $socid = 0) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".$user->id; } if ($socid) { - $sql .= " AND ff.fk_soc = ".$socid; + $sql .= " AND ff.fk_soc = ".((int) $socid); } // Add where from hooks $parameters = array(); diff --git a/htdocs/core/lib/pdf.lib.php b/htdocs/core/lib/pdf.lib.php index 880c63970f7..4821bfde2b9 100644 --- a/htdocs/core/lib/pdf.lib.php +++ b/htdocs/core/lib/pdf.lib.php @@ -705,8 +705,8 @@ function pdf_pagehead(&$pdf, $outputlangs, $page_height) { global $conf; - // Add a background image on document - if (!empty($conf->global->MAIN_USE_BACKGROUND_ON_PDF)) { // Warning, this option make TCPDF generation being crazy and some content disappeared behind the image + // Add a background image on document only if good setup of const + if (!empty($conf->global->MAIN_USE_BACKGROUND_ON_PDF) && ($conf->global->MAIN_USE_BACKGROUND_ON_PDF != '-1')) { // Warning, this option make TCPDF generation being crazy and some content disappeared behind the image $pdf->SetAutoPageBreak(0, 0); // Disable auto pagebreak before adding image $pdf->Image($conf->mycompany->dir_output.'/logos/'.$conf->global->MAIN_USE_BACKGROUND_ON_PDF, (isset($conf->global->MAIN_USE_BACKGROUND_ON_PDF_X) ? $conf->global->MAIN_USE_BACKGROUND_ON_PDF_X : 0), (isset($conf->global->MAIN_USE_BACKGROUND_ON_PDF_Y) ? $conf->global->MAIN_USE_BACKGROUND_ON_PDF_Y : 0), 0, $page_height); $pdf->SetAutoPageBreak(1, 0); // Restore pagebreak @@ -1328,7 +1328,7 @@ function pdf_getlinedesc($object, $i, $outputlangs, $hideref = 0, $hidedesc = 0, // ($textwasnotmodified is replaced with $textwasmodifiedorcompleted and we add completion). // Set label - // If we want another language, and if label is same than default language (we did force it to a specific value), we can use translation. + // If we want another language, and if label is same than default language (we did not force it to a specific value), we can use translation. //var_dump($outputlangs->defaultlang.' - '.$langs->defaultlang.' - '.$label.' - '.$prodser->label);exit; $textwasnotmodified = ($label == $prodser->label); if (!empty($prodser->multilangs[$outputlangs->defaultlang]["label"]) && ($textwasnotmodified || $translatealsoifmodified)) { @@ -1354,9 +1354,7 @@ function pdf_getlinedesc($object, $i, $outputlangs, $hideref = 0, $hidedesc = 0, } } } elseif ($object->element == 'facture' || $object->element == 'facturefourn') { - if ($object->type == $object::TYPE_DEPOSIT) { - $desc = str_replace('(DEPOSIT)', $outputlangs->trans('Deposit'), $desc); - } + $desc = str_replace('(DEPOSIT)', $outputlangs->trans('Deposit'), $desc); } // Description short of product line diff --git a/htdocs/core/lib/product.lib.php b/htdocs/core/lib/product.lib.php index 9825b2dac2c..64cc72a8879 100644 --- a/htdocs/core/lib/product.lib.php +++ b/htdocs/core/lib/product.lib.php @@ -360,7 +360,8 @@ function product_lot_admin_prepare_head() */ function show_stats_for_company($product, $socid) { - global $conf, $langs, $user, $db; + global $conf, $langs, $user, $db, $hookmanager; + $form = new Form($db); $nblines = 0; @@ -558,6 +559,12 @@ function show_stats_for_company($product, $socid) print ''; print ''; } + $parameters = array('socid'=>$socid); + $reshook = $hookmanager->executeHooks('addMoreProductStat', $parameters, $product, $nblines); // Note that $action and $object may have been modified by some hooks + if ($reshook < 0) setEventMessages($hookmanager->error, $hookmanager->errors, 'errors'); + + print $hookmanager->resPrint; + return $nblines++; } diff --git a/htdocs/core/lib/sendings.lib.php b/htdocs/core/lib/sendings.lib.php index 880019d7b97..0814c0f4825 100644 --- a/htdocs/core/lib/sendings.lib.php +++ b/htdocs/core/lib/sendings.lib.php @@ -246,7 +246,7 @@ function show_list_sending_receive($origin, $origin_id, $filter = '') $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."product as p ON obj.fk_product = p.rowid"; //TODO Add link to expeditiondet_batch $sql .= " WHERE e.entity IN (".getEntity('expedition').")"; - $sql .= " AND obj.fk_".$origin." = ".$origin_id; + $sql .= " AND obj.fk_".$origin." = ".((int) $origin_id); $sql .= " AND obj.rowid = ed.fk_origin_line"; $sql .= " AND ed.fk_expedition = e.rowid"; if ($filter) { diff --git a/htdocs/core/lib/ticket.lib.php b/htdocs/core/lib/ticket.lib.php index 4d9d4bb2fa2..43e12c9c490 100644 --- a/htdocs/core/lib/ticket.lib.php +++ b/htdocs/core/lib/ticket.lib.php @@ -248,6 +248,12 @@ function llxHeaderTicket($title, $head = "", $disablejs = 0, $disablehead = 0, $ print '
'; } + if (!empty($conf->global->TICKET_IMAGE_PUBLIC_INTERFACE)) { + print '
'; + print ''; + print '
'; + } + print '
'; print '
'; @@ -336,7 +342,7 @@ function show_ticket_messaging($conf, $langs, $db, $filterobj, $objcon = '', $no if (is_object($objcon) && $objcon->id > 0) { $force_filter_contact = true; $sql .= " INNER JOIN ".MAIN_DB_PREFIX."actioncomm_resources as r ON a.id = r.fk_actioncomm"; - $sql .= " AND r.element_type = '".$db->escape($objcon->table_element)."' AND r.fk_element = ".$objcon->id; + $sql .= " AND r.element_type = '".$db->escape($objcon->table_element)."' AND r.fk_element = ".((int) $objcon->id); } if (is_object($filterobj) && get_class($filterobj) == 'Societe') { diff --git a/htdocs/core/lib/treeview.lib.php b/htdocs/core/lib/treeview.lib.php index 255bc47d9a9..fda21e28a21 100644 --- a/htdocs/core/lib/treeview.lib.php +++ b/htdocs/core/lib/treeview.lib.php @@ -162,10 +162,9 @@ function tree_recur($tab, $pere, $rang, $iddivjstree = 'iddivjstree', $donoreset print "\n".'
  • '; if ($showfk) { print '
    '; - print '   '; - print $tab[$x]['title']; - print '  (fk_mainmenu='.$tab[$x]['fk_mainmenu'].' fk_leftmenu='.$tab[$x]['fk_leftmenu'].')'; - print ''; + print ''.$tab[$x]['title'].''; + print '  (fk_mainmenu='.$tab[$x]['fk_mainmenu'].' fk_leftmenu='.$tab[$x]['fk_leftmenu'].')'; + print ''; print $tab[$x]['buttons']; print '
    '; } else { diff --git a/htdocs/core/lib/usergroups.lib.php b/htdocs/core/lib/usergroups.lib.php index 6d01fcfee0a..cd9ae5ad297 100644 --- a/htdocs/core/lib/usergroups.lib.php +++ b/htdocs/core/lib/usergroups.lib.php @@ -110,7 +110,7 @@ function user_prepare_head($object) $nbNote = 0; $sql = "SELECT COUNT(n.rowid) as nb"; $sql .= " FROM ".MAIN_DB_PREFIX."notify_def as n"; - $sql .= " WHERE fk_user = ".$object->id; + $sql .= " WHERE fk_user = ".((int) $object->id); $resql = $db->query($sql); if ($resql) { $num = $db->num_rows($resql); diff --git a/htdocs/core/menus/standard/eldy.lib.php b/htdocs/core/menus/standard/eldy.lib.php index 2232b3333dd..80ea1d5ea7b 100644 --- a/htdocs/core/menus/standard/eldy.lib.php +++ b/htdocs/core/menus/standard/eldy.lib.php @@ -1373,7 +1373,7 @@ function print_left_eldy_menu($db, $menu_array_before, $menu_array_after, &$tabM $modecompta = 'CREANCES-DETTES'; if (!empty($conf->accounting->enabled) && !empty($user->rights->accounting->comptarapport->lire) && $mainmenu == 'accountancy') { - $modecompta = 'BOOKKEEPING'; // Not yet implemented. Should be BOOKKEEPINGCOLLECTED + $modecompta = 'BOOKKEEPING'; // Not yet implemented. } if ($modecompta && ((!empty($conf->fournisseur->enabled) && empty($conf->global->MAIN_USE_NEW_SUPPLIERMOD)) || !empty($conf->supplier_invoice->enabled))) { if ($usemenuhider || empty($leftmenu) || preg_match('/accountancy_report/', $leftmenu)) { @@ -1384,7 +1384,9 @@ function print_left_eldy_menu($db, $menu_array_before, $menu_array_after, &$tabM } $modecompta = 'RECETTES-DEPENSES'; - //if (! empty($conf->accounting->enabled) && ! empty($user->rights->accounting->comptarapport->lire) && $mainmenu == 'accountancy') $modecompta=''; // Not yet implemented. Should be BOOKKEEPINGCOLLECTED + if (!empty($conf->accounting->enabled) && !empty($user->rights->accounting->comptarapport->lire) && $mainmenu == 'accountancy') { + $modecompta = 'BOOKKEEPINGCOLLECTED'; // Not yet implemented. + } if ($modecompta && ((!empty($conf->fournisseur->enabled) && empty($conf->global->MAIN_USE_NEW_SUPPLIERMOD)) || !empty($conf->supplier_invoice->enabled))) { if ($usemenuhider || empty($leftmenu) || preg_match('/accountancy_report/', $leftmenu)) { $newmenu->add("/compta/stats/supplier_turnover.php?leftmenu=accountancy_report&modecompta=".$modecompta, $langs->trans("ReportPurchaseTurnoverCollected"), 2, $user->rights->accounting->comptarapport->lire); @@ -1410,7 +1412,6 @@ function print_left_eldy_menu($db, $menu_array_before, $menu_array_after, &$tabM $newmenu->add("/compta/resultat/compteres.php?leftmenu=report","Compte de resultat",2,$user->rights->compta->resultat->lire); $newmenu->add("/compta/resultat/bilan.php?leftmenu=report","Bilan",2,$user->rights->compta->resultat->lire); */ - $newmenu->add("/compta/stats/index.php?leftmenu=report", $langs->trans("ReportTurnover"), 1, $user->rights->compta->resultat->lire); /* $newmenu->add("/compta/stats/cumul.php?leftmenu=report","Cumule",2,$user->rights->compta->resultat->lire); @@ -1419,14 +1420,32 @@ function print_left_eldy_menu($db, $menu_array_before, $menu_array_after, &$tabM $newmenu->add("/compta/stats/comp.php?leftmenu=report","Transforme",2,$user->rights->compta->resultat->lire); } */ - $newmenu->add("/compta/stats/casoc.php?leftmenu=report", $langs->trans("ByCompanies"), 2, $user->rights->compta->resultat->lire); - $newmenu->add("/compta/stats/cabyuser.php?leftmenu=report", $langs->trans("ByUsers"), 2, $user->rights->compta->resultat->lire); - $newmenu->add("/compta/stats/cabyprodserv.php?leftmenu=report", $langs->trans("ByProductsAndServices"), 2, $user->rights->compta->resultat->lire); - $newmenu->add("/compta/stats/byratecountry.php?leftmenu=report", $langs->trans("ByVatRate"), 2, $user->rights->compta->resultat->lire); + + $modecompta = 'CREANCES-DETTES'; + $newmenu->add("/compta/stats/index.php?leftmenu=report&modecompta=".$modecompta, $langs->trans("ReportTurnover"), 1, $user->rights->compta->resultat->lire); + $newmenu->add("/compta/stats/casoc.php?leftmenu=report&modecompta=".$modecompta, $langs->trans("ByCompanies"), 2, $user->rights->compta->resultat->lire); + $newmenu->add("/compta/stats/cabyuser.php?leftmenu=report&modecompta=".$modecompta, $langs->trans("ByUsers"), 2, $user->rights->compta->resultat->lire); + $newmenu->add("/compta/stats/cabyprodserv.php?leftmenu=report&modecompta=".$modecompta, $langs->trans("ByProductsAndServices"), 2, $user->rights->compta->resultat->lire); + $newmenu->add("/compta/stats/byratecountry.php?leftmenu=report&modecompta=".$modecompta, $langs->trans("ByVatRate"), 2, $user->rights->compta->resultat->lire); + + $modecompta = 'RECETTES-DEPENSES'; + $newmenu->add("/compta/stats/index.php?leftmenu=accountancy_report&modecompta=".$modecompta, $langs->trans("ReportTurnoverCollected"), 1, $user->rights->compta->resultat->lire); + $newmenu->add("/compta/stats/casoc.php?leftmenu=accountancy_report&modecompta=".$modecompta, $langs->trans("ByCompanies"), 2, $user->rights->compta->resultat->lire); + $newmenu->add("/compta/stats/cabyuser.php?leftmenu=accountancy_report&modecompta=".$modecompta, $langs->trans("ByUsers"), 2, $user->rights->compta->resultat->lire); + //Achats - $newmenu->add("/compta/stats/supplier_turnover.php?leftmenu=accountancy_report", $langs->trans("ReportPurchaseTurnover"), 1, $user->rights->compta->resultat->lire); - $newmenu->add("/compta/stats/supplier_turnover_by_thirdparty.php?leftmenu=accountancy_report", $langs->trans("ByCompanies"), 2, $user->rights->compta->resultat->lire); - $newmenu->add("/compta/stats/supplier_turnover_by_prodserv.php?leftmenu=accountancy_report", $langs->trans("ByProductsAndServices"), 2, $user->rights->compta->resultat->lire); + $modecompta = 'CREANCES-DETTES'; + $newmenu->add("/compta/stats/supplier_turnover.php?leftmenu=accountancy_report&modecompta=".$modecompta, $langs->trans("ReportPurchaseTurnover"), 1, $user->rights->compta->resultat->lire); + $newmenu->add("/compta/stats/supplier_turnover_by_thirdparty.php?leftmenu=accountancy_report&modecompta=".$modecompta, $langs->trans("ByCompanies"), 2, $user->rights->compta->resultat->lire); + $newmenu->add("/compta/stats/supplier_turnover_by_prodserv.php?leftmenu=accountancy_report&modecompta=".$modecompta, $langs->trans("ByProductsAndServices"), 2, $user->rights->compta->resultat->lire); + + /* + $modecompta = 'RECETTES-DEPENSES'; + $newmenu->add("/compta/stats/index.php?leftmenu=accountancy_report&modecompta=".$modecompta, $langs->trans("ReportPurchaseTurnoverCollected"), 1, $user->rights->compta->resultat->lire); + $newmenu->add("/compta/stats/casoc.php?leftmenu=accountancy_report&modecompta=".$modecompta, $langs->trans("ByCompanies"), 2, $user->rights->compta->resultat->lire); + $newmenu->add("/compta/stats/cabyuser.php?leftmenu=accountancy_report&modecompta=".$modecompta, $langs->trans("ByUsers"), 2, $user->rights->compta->resultat->lire); + */ + // Journals $newmenu->add("/compta/journal/sellsjournal.php?leftmenu=report", $langs->trans("SellsJournal"), 1, $user->rights->compta->resultat->lire, '', '', '', 50); $newmenu->add("/compta/journal/purchasesjournal.php?leftmenu=report", $langs->trans("PurchasesJournal"), 1, $user->rights->compta->resultat->lire, '', '', '', 51); @@ -1598,21 +1617,19 @@ function print_left_eldy_menu($db, $menu_array_before, $menu_array_after, &$tabM } // Inventory - if ($conf->global->MAIN_FEATURES_LEVEL >= 2) { - if (!empty($conf->stock->enabled)) { - $langs->load("stocks"); - if (empty($conf->global->MAIN_USE_ADVANCED_PERMS)) { - $newmenu->add("/product/inventory/list.php?leftmenu=stock_inventories", $langs->trans("Inventories"), 0, $user->rights->stock->lire, '', $mainmenu, 'stock', 0, '', '', '', img_picto('', 'inventory', 'class="pictofixedwidth"')); - if ($usemenuhider || empty($leftmenu) || $leftmenu == "stock_inventories") { - $newmenu->add("/product/inventory/card.php?action=create&leftmenu=stock_inventories", $langs->trans("NewInventory"), 1, $user->rights->stock->creer); - $newmenu->add("/product/inventory/list.php?leftmenu=stock_inventories", $langs->trans("List"), 1, $user->rights->stock->lire); - } - } else { - $newmenu->add("/product/inventory/list.php?leftmenu=stock_inventories", $langs->trans("Inventories"), 0, $user->rights->stock->inventory_advance->read, '', $mainmenu, 'stock', 0, '', '', '', img_picto('', 'inventory', 'class="pictofixedwidth"')); - if ($usemenuhider || empty($leftmenu) || $leftmenu == "stock_inventories") { - $newmenu->add("/product/inventory/card.php?action=create&leftmenu=stock_inventories", $langs->trans("NewInventory"), 1, $user->rights->stock->inventory_advance->write); - $newmenu->add("/product/inventory/list.php?leftmenu=stock_inventories", $langs->trans("List"), 1, $user->rights->stock->inventory_advance->read); - } + if (!empty($conf->stock->enabled)) { + $langs->load("stocks"); + if (empty($conf->global->MAIN_USE_ADVANCED_PERMS)) { + $newmenu->add("/product/inventory/list.php?leftmenu=stock_inventories", $langs->trans("Inventories"), 0, $user->rights->stock->lire, '', $mainmenu, 'stock', 0, '', '', '', img_picto('', 'inventory', 'class="pictofixedwidth"')); + if ($usemenuhider || empty($leftmenu) || $leftmenu == "stock_inventories") { + $newmenu->add("/product/inventory/card.php?action=create&leftmenu=stock_inventories", $langs->trans("NewInventory"), 1, $user->rights->stock->creer); + $newmenu->add("/product/inventory/list.php?leftmenu=stock_inventories", $langs->trans("List"), 1, $user->rights->stock->lire); + } + } else { + $newmenu->add("/product/inventory/list.php?leftmenu=stock_inventories", $langs->trans("Inventories"), 0, $user->rights->stock->inventory_advance->read, '', $mainmenu, 'stock', 0, '', '', '', img_picto('', 'inventory', 'class="pictofixedwidth"')); + if ($usemenuhider || empty($leftmenu) || $leftmenu == "stock_inventories") { + $newmenu->add("/product/inventory/card.php?action=create&leftmenu=stock_inventories", $langs->trans("NewInventory"), 1, $user->rights->stock->inventory_advance->write); + $newmenu->add("/product/inventory/list.php?leftmenu=stock_inventories", $langs->trans("List"), 1, $user->rights->stock->inventory_advance->read); } } } diff --git a/htdocs/core/modules/DolibarrModules.class.php b/htdocs/core/modules/DolibarrModules.class.php index 5fbfc05a9fb..3b7cc0d1184 100644 --- a/htdocs/core/modules/DolibarrModules.class.php +++ b/htdocs/core/modules/DolibarrModules.class.php @@ -1371,7 +1371,7 @@ class DolibarrModules // Can not be abstract, because we need to instantiate it if ($command) { $sql .= " AND command = '".$this->db->escape($command)."'"; } - $sql .= " AND entity = ".$entity; // Must be exact entity + $sql .= " AND entity = ".((int) $entity); // Must be exact entity $now = dol_now(); @@ -1612,7 +1612,7 @@ class DolibarrModules // Can not be abstract, because we need to instantiate it $sql = "SELECT count(*)"; $sql .= " FROM ".MAIN_DB_PREFIX."const"; $sql .= " WHERE ".$this->db->decrypt('name')." = '".$this->db->escape($name)."'"; - $sql .= " AND entity = ".$entity; + $sql .= " AND entity = ".((int) $entity); $result = $this->db->query($sql); if ($result) { @@ -2197,7 +2197,7 @@ class DolibarrModules // Can not be abstract, because we need to instantiate it $sql = "DELETE FROM ".MAIN_DB_PREFIX."const"; $sql .= " WHERE ".$this->db->decrypt('name')." LIKE '".$this->db->escape($this->const_name)."_".strtoupper($key)."'"; - $sql .= " AND entity = ".$entity; + $sql .= " AND entity = ".((int) $entity); dol_syslog(get_class($this)."::delete_const_".$key."", LOG_DEBUG); if (!$this->db->query($sql)) { diff --git a/htdocs/core/modules/bank/doc/pdf_ban.modules.php b/htdocs/core/modules/bank/doc/pdf_ban.modules.php index 1bbf2e14cc0..a87817cdc73 100644 --- a/htdocs/core/modules/bank/doc/pdf_ban.modules.php +++ b/htdocs/core/modules/bank/doc/pdf_ban.modules.php @@ -72,9 +72,9 @@ class pdf_ban extends ModeleBankAccountDoc $this->marge_haute = isset($conf->global->MAIN_PDF_MARGIN_TOP) ? $conf->global->MAIN_PDF_MARGIN_TOP : 10; $this->marge_basse = isset($conf->global->MAIN_PDF_MARGIN_BOTTOM) ? $conf->global->MAIN_PDF_MARGIN_BOTTOM : 10; - $this->option_logo = 1; // Affiche logo FAC_PDF_LOGO - $this->option_tva = 1; // Gere option tva FACTURE_TVAOPTION - $this->option_codeproduitservice = 1; // Affiche code produit-service + $this->option_logo = 1; // Display logo FAC_PDF_LOGO + $this->option_tva = 1; // Manage the vat option FACTURE_TVAOPTION + $this->option_codeproduitservice = 1; // Display product-service code // Retrieves transmitter $this->emetteur = $mysoc; diff --git a/htdocs/core/modules/bank/doc/pdf_sepamandate.modules.php b/htdocs/core/modules/bank/doc/pdf_sepamandate.modules.php index f1ebc5bf64f..49e311f1c89 100644 --- a/htdocs/core/modules/bank/doc/pdf_sepamandate.modules.php +++ b/htdocs/core/modules/bank/doc/pdf_sepamandate.modules.php @@ -75,9 +75,9 @@ class pdf_sepamandate extends ModeleBankAccountDoc $this->marge_haute = isset($conf->global->MAIN_PDF_MARGIN_TOP) ? $conf->global->MAIN_PDF_MARGIN_TOP : 10; $this->marge_basse = isset($conf->global->MAIN_PDF_MARGIN_BOTTOM) ? $conf->global->MAIN_PDF_MARGIN_BOTTOM : 10; - $this->option_logo = 1; // Affiche logo FAC_PDF_LOGO - $this->option_tva = 1; // Gere option tva FACTURE_TVAOPTION - $this->option_codeproduitservice = 1; // Affiche code produit-service + $this->option_logo = 1; // Display logo FAC_PDF_LOGO + $this->option_tva = 1; // Manage the vat option FACTURE_TVAOPTION + $this->option_codeproduitservice = 1; //Display product-service code // Retrieves transmitter $this->emetteur = $mysoc; diff --git a/htdocs/core/modules/barcode/doc/phpbarcode.modules.php b/htdocs/core/modules/barcode/doc/phpbarcode.modules.php index 56c2a12fee6..fe36f7604c2 100644 --- a/htdocs/core/modules/barcode/doc/phpbarcode.modules.php +++ b/htdocs/core/modules/barcode/doc/phpbarcode.modules.php @@ -186,6 +186,11 @@ class modPhpbarcode extends ModeleBarCode global $conf, $filebarcode; dol_mkdir($conf->barcode->dir_temp); + if (!is_writable($conf->barcode->dir_temp)) { + $this->error = "Failed to write in temp directory ".$conf->barcode->dir_temp; + dol_syslog('Error in write_file: '.$this->error, LOG_ERR); + return -1; + } $file = $conf->barcode->dir_temp.'/barcode_'.$code.'_'.$encoding.'.png'; diff --git a/htdocs/core/modules/barcode/doc/tcpdfbarcode.modules.php b/htdocs/core/modules/barcode/doc/tcpdfbarcode.modules.php index 90b7cd4f543..df9ec39546d 100644 --- a/htdocs/core/modules/barcode/doc/tcpdfbarcode.modules.php +++ b/htdocs/core/modules/barcode/doc/tcpdfbarcode.modules.php @@ -158,6 +158,12 @@ class modTcpdfbarcode extends ModeleBarCode global $conf, $_GET; dol_mkdir($conf->barcode->dir_temp); + if (!is_writable($conf->barcode->dir_temp)) { + $this->error = "Failed to write in temp directory ".$conf->barcode->dir_temp; + dol_syslog('Error in write_file: '.$this->error, LOG_ERR); + return -1; + } + $file = $conf->barcode->dir_temp.'/barcode_'.$code.'_'.$encoding.'.png'; $tcpdfEncoding = $this->getTcpdfEncodingType($encoding); diff --git a/htdocs/core/modules/barcode/mod_barcode_product_standard.php b/htdocs/core/modules/barcode/mod_barcode_product_standard.php index 7bbedd0aa67..0d1bee3c28a 100644 --- a/htdocs/core/modules/barcode/mod_barcode_product_standard.php +++ b/htdocs/core/modules/barcode/mod_barcode_product_standard.php @@ -107,7 +107,7 @@ class mod_barcode_product_standard extends ModeleNumRefBarCode // Mask parameter //$texte.= ''.$langs->trans("Mask").' ('.$langs->trans("BarCodeModel").'):'; $texte .= ''.$langs->trans("Mask").':'; - $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; + $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; $texte .= '  '; $texte .= ''; diff --git a/htdocs/core/modules/bom/doc/doc_generic_bom_odt.modules.php b/htdocs/core/modules/bom/doc/doc_generic_bom_odt.modules.php index 20ce1373b66..ce85203930f 100644 --- a/htdocs/core/modules/bom/doc/doc_generic_bom_odt.modules.php +++ b/htdocs/core/modules/bom/doc/doc_generic_bom_odt.modules.php @@ -151,7 +151,7 @@ class doc_generic_bom_odt extends ModelePDFBom $texte .= $conf->global->BOM_ADDON_PDF_ODT_PATH; $texte .= ''; $texte .= '
    • '; - $texte .= ''; + $texte .= ''; $texte .= '
    '; // Scan directories @@ -278,7 +278,11 @@ class doc_generic_bom_odt extends ModelePDFBom //print "conf->societe->dir_temp=".$conf->societe->dir_temp; dol_mkdir($conf->bom->dir_temp); - + if (!is_writable($conf->bom->dir_temp)) { + $this->error = "Failed to write in temp directory ".$conf->bom->dir_temp; + dol_syslog('Error in write_file: '.$this->error, LOG_ERR); + return -1; + } // If CUSTOMER contact defined on order, we use it $usecontact = false; diff --git a/htdocs/core/modules/bom/mod_bom_advanced.php b/htdocs/core/modules/bom/mod_bom_advanced.php index 71bd2788c82..d590c3ff70c 100644 --- a/htdocs/core/modules/bom/mod_bom_advanced.php +++ b/htdocs/core/modules/bom/mod_bom_advanced.php @@ -79,7 +79,7 @@ class mod_bom_advanced extends ModeleNumRefboms // Parametrage du prefix $texte .= ''.$langs->trans("Mask").':'; - $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; + $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; $texte .= '  '; diff --git a/htdocs/core/modules/cheque/mod_chequereceipt_thyme.php b/htdocs/core/modules/cheque/mod_chequereceipt_thyme.php index 36a2b30e6e0..16e0f666774 100644 --- a/htdocs/core/modules/cheque/mod_chequereceipt_thyme.php +++ b/htdocs/core/modules/cheque/mod_chequereceipt_thyme.php @@ -73,7 +73,7 @@ class mod_chequereceipt_thyme extends ModeleNumRefChequeReceipts // Parametrage du prefix $texte .= ''.$langs->trans("Mask").':'; - $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; + $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; $texte .= ' '; diff --git a/htdocs/core/modules/commande/doc/doc_generic_order_odt.modules.php b/htdocs/core/modules/commande/doc/doc_generic_order_odt.modules.php index 33b31135caf..239ec7639ec 100644 --- a/htdocs/core/modules/commande/doc/doc_generic_order_odt.modules.php +++ b/htdocs/core/modules/commande/doc/doc_generic_order_odt.modules.php @@ -3,7 +3,7 @@ * Copyright (C) 2012 Juanjo Menent * Copyright (C) 2014 Marcos García * Copyright (C) 2016 Charlie Benke - * Copyright (C) 2018-2019 Philippe Grand + * Copyright (C) 2018-2021 Philippe Grand * Copyright (C) 2018-2019 Frédéric France * * This program is free software; you can redistribute it and/or modify @@ -85,13 +85,13 @@ class doc_generic_order_odt extends ModelePDFCommandes $this->marge_haute = 0; $this->marge_basse = 0; - $this->option_logo = 1; // Affiche logo - $this->option_tva = 0; // Gere option tva COMMANDE_TVAOPTION - $this->option_modereg = 0; // Affiche mode reglement - $this->option_condreg = 0; // Affiche conditions reglement - $this->option_codeproduitservice = 0; // Affiche code produit-service - $this->option_multilang = 1; // Dispo en plusieurs langues - $this->option_escompte = 0; // Affiche si il y a eu escompte + $this->option_logo = 1; // Display logo + $this->option_tva = 0; // Manage the vat option COMMANDE_TVAOPTION + $this->option_modereg = 0; // Display payment mode + $this->option_condreg = 0; // Display payment terms + $this->option_codeproduitservice = 0; // Display product-service code + $this->option_multilang = 1; // Available in several languages + $this->option_escompte = 0; // Displays if there has been a discount $this->option_credit_note = 0; // Support credit notes $this->option_freetext = 1; // Support add of a personalised text $this->option_draft_watermark = 0; // Support add of a watermark on drafts @@ -158,7 +158,7 @@ class doc_generic_order_odt extends ModelePDFCommandes $texte .= $conf->global->COMMANDE_ADDON_PDF_ODT_PATH; $texte .= ''; $texte .= '
    '; - $texte .= ''; + $texte .= ''; $texte .= '
    '; // Scan directories @@ -182,7 +182,7 @@ class doc_generic_order_odt extends ModelePDFCommandes // Add input to upload a new template file. $texte .= '
    '.$langs->trans("UploadNewTemplate").' '; $texte .= ''; - $texte .= ''; + $texte .= ''; $texte .= '
    '; $texte .= ''; @@ -290,7 +290,11 @@ class doc_generic_order_odt extends ModelePDFCommandes //print "conf->societe->dir_temp=".$conf->societe->dir_temp; dol_mkdir($conf->commande->dir_temp); - + if (!is_writable($conf->commande->dir_temp)) { + $this->error = "Failed to write in temp directory ".$conf->commande->dir_temp; + dol_syslog('Error in write_file: '.$this->error, LOG_ERR); + return -1; + } // If CUSTOMER contact defined on order, we use it $usecontact = false; diff --git a/htdocs/core/modules/commande/mod_commande_saphir.php b/htdocs/core/modules/commande/mod_commande_saphir.php index 4099686c1b6..8b4ccdfaba7 100644 --- a/htdocs/core/modules/commande/mod_commande_saphir.php +++ b/htdocs/core/modules/commande/mod_commande_saphir.php @@ -79,7 +79,7 @@ class mod_commande_saphir extends ModeleNumRefCommandes // Parametrage du prefix $texte .= ''.$langs->trans("Mask").':'; - $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; + $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; $texte .= '  '; diff --git a/htdocs/core/modules/contract/doc/doc_generic_contract_odt.modules.php b/htdocs/core/modules/contract/doc/doc_generic_contract_odt.modules.php index 7b451287ae1..b1e441175d9 100644 --- a/htdocs/core/modules/contract/doc/doc_generic_contract_odt.modules.php +++ b/htdocs/core/modules/contract/doc/doc_generic_contract_odt.modules.php @@ -84,13 +84,13 @@ class doc_generic_contract_odt extends ModelePDFContract $this->marge_haute = 0; $this->marge_basse = 0; - $this->option_logo = 1; // Affiche logo - $this->option_tva = 0; // Gere option tva CONTRACT_TVAOPTION - $this->option_modereg = 0; // Affiche mode reglement - $this->option_condreg = 0; // Affiche conditions reglement - $this->option_codeproduitservice = 0; // Affiche code produit-service - $this->option_multilang = 1; // Dispo en plusieurs langues - $this->option_escompte = 0; // Affiche si il y a eu escompte + $this->option_logo = 1; // Display logo + $this->option_tva = 0; // Manage the vat CONTRACT_TVAOPTION + $this->option_modereg = 0; // Display payment mode + $this->option_condreg = 0; // Display payment terms + $this->option_codeproduitservice = 0; // Display product-service code + $this->option_multilang = 1; // Available in several languages + $this->option_escompte = 0; // Displays if there has been a discount $this->option_credit_note = 0; // Support credit notes $this->option_freetext = 1; // Support add of a personalised text $this->option_draft_watermark = 0; // Support add of a watermark on drafts @@ -157,7 +157,7 @@ class doc_generic_contract_odt extends ModelePDFContract $texte .= $conf->global->CONTRACT_ADDON_PDF_ODT_PATH; $texte .= ''; $texte .= '
    '; - $texte .= ''; + $texte .= ''; $texte .= '
    '; // Scan directories @@ -168,7 +168,7 @@ class doc_generic_contract_odt extends ModelePDFContract // Add input to upload a new template file. $texte .= '
    '.$langs->trans("UploadNewTemplate").' '; $texte .= ''; - $texte .= ''; + $texte .= ''; $texte .= '
    '; $texte .= ''; @@ -278,7 +278,11 @@ class doc_generic_contract_odt extends ModelePDFContract //print "conf->contrat->dir_temp=".$conf->contrat->dir_temp; dol_mkdir($conf->contrat->dir_temp); - + if (!is_writable($conf->contrat->dir_temp)) { + $this->error = "Failed to write in temp directory ".$conf->contrat->dir_temp; + dol_syslog('Error in write_file: '.$this->error, LOG_ERR); + return -1; + } // If CUSTOMER contact defined on contract, we use it $usecontact = false; diff --git a/htdocs/core/modules/contract/mod_contract_magre.php b/htdocs/core/modules/contract/mod_contract_magre.php index d696ac06fdd..dcaee5eadbc 100644 --- a/htdocs/core/modules/contract/mod_contract_magre.php +++ b/htdocs/core/modules/contract/mod_contract_magre.php @@ -85,7 +85,7 @@ class mod_contract_magre extends ModelNumRefContracts $tooltip .= $langs->trans("GenericMaskCodes5"); $texte .= ''.$langs->trans("Mask").':'; - $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; + $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; $texte .= '  '; $texte .= ''; $texte .= ''; diff --git a/htdocs/core/modules/delivery/mod_delivery_saphir.php b/htdocs/core/modules/delivery/mod_delivery_saphir.php index af1900803c8..d5ac288b52a 100644 --- a/htdocs/core/modules/delivery/mod_delivery_saphir.php +++ b/htdocs/core/modules/delivery/mod_delivery_saphir.php @@ -83,7 +83,7 @@ class mod_delivery_saphir extends ModeleNumRefDeliveryOrder // Parametrage du prefix $texte .= ''.$langs->trans("Mask").':'; - $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; + $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; $texte .= '  '; diff --git a/htdocs/core/modules/expedition/doc/doc_generic_shipment_odt.modules.php b/htdocs/core/modules/expedition/doc/doc_generic_shipment_odt.modules.php index 797530a6c13..8a2b6b2b121 100644 --- a/htdocs/core/modules/expedition/doc/doc_generic_shipment_odt.modules.php +++ b/htdocs/core/modules/expedition/doc/doc_generic_shipment_odt.modules.php @@ -3,7 +3,7 @@ * Copyright (C) 2012 Juanjo Menent * Copyright (C) 2014 Marcos García * Copyright (C) 2016 Charlie Benke - * Copyright (C) 2018-2019 Philippe Grand + * Copyright (C) 2018-2021 Philippe Grand * Copyright (C) 2018-2019 Frédéric France * * This program is free software; you can redistribute it and/or modify @@ -86,13 +86,13 @@ class doc_generic_shipment_odt extends ModelePdfExpedition $this->marge_haute = 0; $this->marge_basse = 0; - $this->option_logo = 1; // Affiche logo - $this->option_tva = 0; // Gere option tva EXPEDITION_TVAOPTION - $this->option_modereg = 0; // Affiche mode reglement - $this->option_condreg = 0; // Affiche conditions reglement - $this->option_codeproduitservice = 0; // Affiche code produit-service - $this->option_multilang = 1; // Dispo en plusieurs langues - $this->option_escompte = 0; // Affiche si il y a eu escompte + $this->option_logo = 1; // Display logo + $this->option_tva = 0; // Manage the vat option EXPEDITION_TVAOPTION + $this->option_modereg = 0; // Display payment mode + $this->option_condreg = 0; // Display payment terms + $this->option_codeproduitservice = 0; // Display product-service code + $this->option_multilang = 1; // Available in several languages + $this->option_escompte = 0; // Displays if there has been a discount $this->option_credit_note = 0; // Support credit notes $this->option_freetext = 1; // Support add of a personalised text $this->option_draft_watermark = 0; // Support add of a watermark on drafts @@ -182,7 +182,7 @@ class doc_generic_shipment_odt extends ModelePdfExpedition // Add input to upload a new template file. $texte .= '
    '.$langs->trans("UploadNewTemplate").' '; $texte .= ''; - $texte .= ''; + $texte .= ''; $texte .= '
    '; $texte .= ''; @@ -290,7 +290,11 @@ class doc_generic_shipment_odt extends ModelePdfExpedition //print "conf->societe->dir_temp=".$conf->societe->dir_temp; dol_mkdir($conf->expedition->dir_temp); - + if (!is_writable($conf->expedition->dir_temp)) { + $this->error = "Failed to write in temp directory ".$conf->expedition->dir_temp; + dol_syslog('Error in write_file: '.$this->error, LOG_ERR); + return -1; + } // If SHIPMENT contact defined on invoice, we use it $usecontact = false; diff --git a/htdocs/core/modules/expedition/doc/pdf_espadon.modules.php b/htdocs/core/modules/expedition/doc/pdf_espadon.modules.php index 42999248026..aed43ea40ac 100644 --- a/htdocs/core/modules/expedition/doc/pdf_espadon.modules.php +++ b/htdocs/core/modules/expedition/doc/pdf_espadon.modules.php @@ -139,7 +139,7 @@ class pdf_espadon extends ModelePdfExpedition $this->marge_haute = isset($conf->global->MAIN_PDF_MARGIN_TOP) ? $conf->global->MAIN_PDF_MARGIN_TOP : 10; $this->marge_basse = isset($conf->global->MAIN_PDF_MARGIN_BOTTOM) ? $conf->global->MAIN_PDF_MARGIN_BOTTOM : 10; - $this->option_logo = 1; + $this->option_logo = 1; // Display logo // Get source company $this->emetteur = $mysoc; diff --git a/htdocs/core/modules/expedition/mod_expedition_ribera.php b/htdocs/core/modules/expedition/mod_expedition_ribera.php index 0303dfde3dc..79bbcbdb481 100644 --- a/htdocs/core/modules/expedition/mod_expedition_ribera.php +++ b/htdocs/core/modules/expedition/mod_expedition_ribera.php @@ -80,7 +80,7 @@ class mod_expedition_ribera extends ModelNumRefExpedition $tooltip .= $langs->trans("GenericMaskCodes5"); $texte .= ''.$langs->trans("Mask").':'; - $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; + $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; $texte .= '  '; $texte .= ''; $texte .= ''; diff --git a/htdocs/core/modules/expensereport/doc/pdf_standard.modules.php b/htdocs/core/modules/expensereport/doc/pdf_standard.modules.php index 1815321ab18..b1f48450d0d 100644 --- a/htdocs/core/modules/expensereport/doc/pdf_standard.modules.php +++ b/htdocs/core/modules/expensereport/doc/pdf_standard.modules.php @@ -1,7 +1,7 @@ * Copyright (C) 2015 Alexandre Spangaro - * Copyright (C) 2016-2019 Philippe Grand + * Copyright (C) 2016-2021 Philippe Grand * Copyright (C) 2018-2020 Frédéric France * Copyright (C) 2018 Francis Appels * Copyright (C) 2019 Markus Welters @@ -151,13 +151,13 @@ class pdf_standard extends ModeleExpenseReport $this->marge_haute = isset($conf->global->MAIN_PDF_MARGIN_TOP) ? $conf->global->MAIN_PDF_MARGIN_TOP : 10; $this->marge_basse = isset($conf->global->MAIN_PDF_MARGIN_BOTTOM) ? $conf->global->MAIN_PDF_MARGIN_BOTTOM : 10; - $this->option_logo = 1; // Affiche logo - $this->option_tva = 1; // Gere option tva FACTURE_TVAOPTION - $this->option_modereg = 1; // Affiche mode reglement - $this->option_condreg = 1; // Affiche conditions reglement - $this->option_codeproduitservice = 1; // Affiche code produit-service - $this->option_multilang = 1; // Dispo en plusieurs langues - $this->option_escompte = 0; // Affiche si il y a eu escompte + $this->option_logo = 1; // Display logo + $this->option_tva = 1; // Manage the vat option FACTURE_TVAOPTION + $this->option_modereg = 1; // Display payment mode + $this->option_condreg = 1; // Display payment terms + $this->option_codeproduitservice = 1; // Display product-service code + $this->option_multilang = 1; // Available in several languages + $this->option_escompte = 0; // Displays if there has been a discount $this->option_credit_note = 0; // Support credit notes $this->option_freetext = 1; // Support add of a personalised text $this->option_draft_watermark = 1; // Support add of a watermark on drafts diff --git a/htdocs/core/modules/expensereport/mod_expensereport_sand.php b/htdocs/core/modules/expensereport/mod_expensereport_sand.php index 195667692f1..482b8c06431 100644 --- a/htdocs/core/modules/expensereport/mod_expensereport_sand.php +++ b/htdocs/core/modules/expensereport/mod_expensereport_sand.php @@ -82,7 +82,7 @@ class mod_expensereport_sand extends ModeleNumRefExpenseReport // Parametrage du prefix $texte .= ''.$langs->trans("Mask").':'; - $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; + $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; $texte .= '  '; diff --git a/htdocs/core/modules/facture/doc/doc_generic_invoice_odt.modules.php b/htdocs/core/modules/facture/doc/doc_generic_invoice_odt.modules.php index eb48373a443..0d360269d46 100644 --- a/htdocs/core/modules/facture/doc/doc_generic_invoice_odt.modules.php +++ b/htdocs/core/modules/facture/doc/doc_generic_invoice_odt.modules.php @@ -85,13 +85,13 @@ class doc_generic_invoice_odt extends ModelePDFFactures $this->marge_haute = 0; $this->marge_basse = 0; - $this->option_logo = 1; // Affiche logo - $this->option_tva = 0; // Gere option tva FACTURE_TVAOPTION - $this->option_modereg = 0; // Affiche mode reglement - $this->option_condreg = 0; // Affiche conditions reglement - $this->option_codeproduitservice = 0; // Affiche code produit-service - $this->option_multilang = 1; // Dispo en plusieurs langues - $this->option_escompte = 0; // Affiche si il y a eu escompte + $this->option_logo = 1; // Display logo + $this->option_tva = 0; // Manage the vat option FACTURE_TVAOPTION + $this->option_modereg = 0; // Display payment mode + $this->option_condreg = 0; // Display payment terms + $this->option_codeproduitservice = 0; // Display product-service code + $this->option_multilang = 1; // Available in several languages + $this->option_escompte = 0; // Displays if there has been a discount $this->option_credit_note = 0; // Support credit notes $this->option_freetext = 1; // Support add of a personalised text $this->option_draft_watermark = 0; // Support add of a watermark on drafts @@ -158,7 +158,7 @@ class doc_generic_invoice_odt extends ModelePDFFactures $texte .= $conf->global->FACTURE_ADDON_PDF_ODT_PATH; $texte .= ''; $texte .= '
    '; - $texte .= ''; + $texte .= ''; $texte .= '
    '; // Scan directories @@ -181,7 +181,7 @@ class doc_generic_invoice_odt extends ModelePDFFactures // Add input to upload a new template file. $texte .= '
    '.$langs->trans("UploadNewTemplate").' '; $texte .= ''; - $texte .= ''; + $texte .= ''; $texte .= '
    '; $texte .= ''; @@ -291,7 +291,11 @@ class doc_generic_invoice_odt extends ModelePDFFactures //print "conf->societe->dir_temp=".$conf->societe->dir_temp; dol_mkdir($conf->facture->dir_temp); - + if (!is_writable($conf->facture->dir_temp)) { + $this->error = "Failed to write in temp directory ".$conf->facture->dir_temp; + dol_syslog('Error in write_file: '.$this->error, LOG_ERR); + return -1; + } // If BILLING contact defined on invoice, we use it $usecontact = false; diff --git a/htdocs/core/modules/facture/mod_facture_mercure.php b/htdocs/core/modules/facture/mod_facture_mercure.php index 70fde36f549..32e06f285a9 100644 --- a/htdocs/core/modules/facture/mod_facture_mercure.php +++ b/htdocs/core/modules/facture/mod_facture_mercure.php @@ -76,7 +76,7 @@ class mod_facture_mercure extends ModeleNumRefFactures // Setting the prefix $texte .= ''.$langs->trans("Mask").' ('.$langs->trans("InvoiceStandard").'):'; - $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; + $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; $texte .= '  '; @@ -84,17 +84,17 @@ class mod_facture_mercure extends ModeleNumRefFactures // Prefix setting of replacement invoices $texte .= ''.$langs->trans("Mask").' ('.$langs->trans("InvoiceReplacement").'):'; - $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; + $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; $texte .= ''; // Prefix setting of credit note $texte .= ''.$langs->trans("Mask").' ('.$langs->trans("InvoiceAvoir").'):'; - $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; + $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; $texte .= ''; // Prefix setting of deposit $texte .= ''.$langs->trans("Mask").' ('.$langs->trans("InvoiceDeposit").'):'; - $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; + $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; $texte .= ''; $texte .= ''; diff --git a/htdocs/core/modules/fichinter/mod_arctic.php b/htdocs/core/modules/fichinter/mod_arctic.php index fa5dd49f0fa..91025817a9d 100644 --- a/htdocs/core/modules/fichinter/mod_arctic.php +++ b/htdocs/core/modules/fichinter/mod_arctic.php @@ -84,7 +84,7 @@ class mod_arctic extends ModeleNumRefFicheinter // Setting the prefix $texte .= ''.$langs->trans("Mask").':'; - $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; + $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; $texte .= '  '; diff --git a/htdocs/core/modules/holiday/mod_holiday_immaculate.php b/htdocs/core/modules/holiday/mod_holiday_immaculate.php index b8cb33f550e..000c7881561 100644 --- a/htdocs/core/modules/holiday/mod_holiday_immaculate.php +++ b/htdocs/core/modules/holiday/mod_holiday_immaculate.php @@ -85,7 +85,7 @@ class mod_holiday_immaculate extends ModelNumRefHolidays $tooltip .= $langs->trans("GenericMaskCodes5"); $texte .= ''.$langs->trans("Mask").':'; - $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; + $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; $texte .= '  '; $texte .= ''; $texte .= ''; diff --git a/htdocs/core/modules/mailings/pomme.modules.php b/htdocs/core/modules/mailings/pomme.modules.php index 03334e62322..a2a54c02c55 100644 --- a/htdocs/core/modules/mailings/pomme.modules.php +++ b/htdocs/core/modules/mailings/pomme.modules.php @@ -171,7 +171,7 @@ class mailing_pomme extends MailingTargets $sql .= " FROM ".MAIN_DB_PREFIX."user as u"; $sql .= " WHERE u.email <> ''"; // u.email IS NOT NULL est implicite dans ce test $sql .= " AND u.entity IN (0,".$conf->entity.")"; - $sql .= " AND u.email NOT IN (SELECT email FROM ".MAIN_DB_PREFIX."mailing_cibles WHERE fk_mailing=".$mailing_id.")"; + $sql .= " AND u.email NOT IN (SELECT email FROM ".MAIN_DB_PREFIX."mailing_cibles WHERE fk_mailing=".((int) $mailing_id).")"; if (GETPOSTISSET("filter") && GETPOST("filter") == '1') { $sql .= " AND u.statut=1"; } diff --git a/htdocs/core/modules/mailings/thirdparties.modules.php b/htdocs/core/modules/mailings/thirdparties.modules.php index b3b88224df6..f764c3f5f71 100644 --- a/htdocs/core/modules/mailings/thirdparties.modules.php +++ b/htdocs/core/modules/mailings/thirdparties.modules.php @@ -77,7 +77,7 @@ class mailing_thirdparties extends MailingTargets $sql .= " FROM ".MAIN_DB_PREFIX."societe as s"; $sql .= " WHERE s.email <> ''"; $sql .= " AND s.entity IN (".getEntity('societe').")"; - $sql .= " AND s.email NOT IN (SELECT email FROM ".MAIN_DB_PREFIX."mailing_cibles WHERE fk_mailing=".$mailing_id.")"; + $sql .= " AND s.email NOT IN (SELECT email FROM ".MAIN_DB_PREFIX."mailing_cibles WHERE fk_mailing=".((int) $mailing_id).")"; } else { $addFilter = ""; if (GETPOSTISSET("filter_client") && GETPOST("filter_client") <> '-1') { @@ -112,7 +112,7 @@ class mailing_thirdparties extends MailingTargets $sql .= " FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."categorie_societe as cs, ".MAIN_DB_PREFIX."categorie as c"; $sql .= " WHERE s.email <> ''"; $sql .= " AND s.entity IN (".getEntity('societe').")"; - $sql .= " AND s.email NOT IN (SELECT email FROM ".MAIN_DB_PREFIX."mailing_cibles WHERE fk_mailing=".$mailing_id.")"; + $sql .= " AND s.email NOT IN (SELECT email FROM ".MAIN_DB_PREFIX."mailing_cibles WHERE fk_mailing=".((int) $mailing_id).")"; $sql .= " AND cs.fk_soc = s.rowid"; $sql .= " AND c.rowid = cs.fk_categorie"; $sql .= " AND c.rowid=".((int) GETPOST('filter', 'int')); @@ -122,7 +122,7 @@ class mailing_thirdparties extends MailingTargets $sql .= " FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."categorie_fournisseur as cs, ".MAIN_DB_PREFIX."categorie as c"; $sql .= " WHERE s.email <> ''"; $sql .= " AND s.entity IN (".getEntity('societe').")"; - $sql .= " AND s.email NOT IN (SELECT email FROM ".MAIN_DB_PREFIX."mailing_cibles WHERE fk_mailing=".$mailing_id.")"; + $sql .= " AND s.email NOT IN (SELECT email FROM ".MAIN_DB_PREFIX."mailing_cibles WHERE fk_mailing=".((int) $mailing_id).")"; $sql .= " AND cs.fk_soc = s.rowid"; $sql .= " AND c.rowid = cs.fk_categorie"; $sql .= " AND c.rowid=".((int) GETPOST('filter', 'int')); diff --git a/htdocs/core/modules/mailings/thirdparties_services_expired.modules.php b/htdocs/core/modules/mailings/thirdparties_services_expired.modules.php index 7b5d4f38737..4c848b69ac0 100644 --- a/htdocs/core/modules/mailings/thirdparties_services_expired.modules.php +++ b/htdocs/core/modules/mailings/thirdparties_services_expired.modules.php @@ -110,7 +110,7 @@ class mailing_thirdparties_services_expired extends MailingTargets $sql .= " FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."contrat as c"; $sql .= ", ".MAIN_DB_PREFIX."contratdet as cd, ".MAIN_DB_PREFIX."product as p"; $sql .= " WHERE s.entity IN (".getEntity('societe').")"; - $sql .= " AND s.email NOT IN (SELECT email FROM ".MAIN_DB_PREFIX."mailing_cibles WHERE fk_mailing=".$mailing_id.")"; + $sql .= " AND s.email NOT IN (SELECT email FROM ".MAIN_DB_PREFIX."mailing_cibles WHERE fk_mailing=".((int) $mailing_id).")"; $sql .= " AND s.rowid = c.fk_soc AND cd.fk_contrat = c.rowid AND s.email != ''"; $sql .= " AND cd.statut= 4 AND cd.fk_product=p.rowid AND p.ref = '".$this->db->escape($product)."'"; $sql .= " AND cd.date_fin_validite < '".$this->db->idate($now)."'"; diff --git a/htdocs/core/modules/member/doc/doc_generic_member_odt.class.php b/htdocs/core/modules/member/doc/doc_generic_member_odt.class.php index 5ff5a1f767a..939c78f32e3 100644 --- a/htdocs/core/modules/member/doc/doc_generic_member_odt.class.php +++ b/htdocs/core/modules/member/doc/doc_generic_member_odt.class.php @@ -81,13 +81,13 @@ class doc_generic_member_odt extends ModelePDFMember $this->marge_haute = 0; $this->marge_basse = 0; - $this->option_logo = 1; // Affiche logo - $this->option_tva = 0; // Gere option tva MEMBER_TVAOPTION - $this->option_modereg = 0; // Affiche mode reglement - $this->option_condreg = 0; // Affiche conditions reglement - $this->option_codeproduitservice = 0; // Affiche code produit-service - $this->option_multilang = 1; // Dispo en plusieurs langues - $this->option_escompte = 0; // Affiche si il y a eu escompte + $this->option_logo = 1; // Display logo + $this->option_tva = 0; // Manage the vat option FACTURE_TVAOPTION + $this->option_modereg = 0; // Display payment mode + $this->option_condreg = 0; // Display payment terms + $this->option_codeproduitservice = 0; // Display product-service code + $this->option_multilang = 1; // Available in several languages + $this->option_escompte = 0; // Displays if there has been a discount $this->option_credit_note = 0; // Support credit notes $this->option_freetext = 1; // Support add of a personalised text $this->option_draft_watermark = 0; // Support add of a watermark on drafts @@ -154,7 +154,7 @@ class doc_generic_member_odt extends ModelePDFMember $texte .= $conf->global->MEMBER_ADDON_PDF_ODT_PATH; $texte .= ''; $texte .= '
    '; - $texte .= ''; + $texte .= ''; $texte .= '
    '; // Scan directories @@ -171,7 +171,7 @@ class doc_generic_member_odt extends ModelePDFMember // Add input to upload a new template file. $texte .= '
    '.$langs->trans("UploadNewTemplate").' '; $texte .= ''; - $texte .= ''; + $texte .= ''; $texte .= '
    '; $texte .= ''; @@ -279,7 +279,11 @@ class doc_generic_member_odt extends ModelePDFMember //print "conf->adherent->dir_temp=".$conf->adherent->dir_temp; dol_mkdir($conf->adherent->dir_temp); - + if (!is_writable($conf->adherent->dir_temp)) { + $this->error = "Failed to write in temp directory ".$conf->adherent->dir_temp; + dol_syslog('Error in write_file: '.$this->error, LOG_ERR); + return -1; + } // If CUSTOMER contact defined on member, we use it $usecontact = false; diff --git a/htdocs/core/modules/member/modules_cards.php b/htdocs/core/modules/member/modules_cards.php index 0e041a17559..937e8a06870 100644 --- a/htdocs/core/modules/member/modules_cards.php +++ b/htdocs/core/modules/member/modules_cards.php @@ -48,7 +48,7 @@ class ModelePDFCards * @param integer $maxfilenamelength Max length of value to show * @return array List of templates */ - public function liste_modeles($db, $maxfilenamelength = 0) + public static function liste_modeles($db, $maxfilenamelength = 0) { // phpcs:enable global $conf; diff --git a/htdocs/core/modules/modFacture.class.php b/htdocs/core/modules/modFacture.class.php index b296fa3b32c..a9765f45ada 100644 --- a/htdocs/core/modules/modFacture.class.php +++ b/htdocs/core/modules/modFacture.class.php @@ -120,8 +120,36 @@ class modFacture extends DolibarrModules $arraydate = dol_getdate(dol_now()); $datestart = dol_mktime(23, 0, 0, $arraydate['mon'], $arraydate['mday'], $arraydate['year']); $this->cronjobs = array( - 0=>array('label'=>'RecurringInvoices', 'jobtype'=>'method', 'class'=>'compta/facture/class/facture-rec.class.php', 'objectname'=>'FactureRec', 'method'=>'createRecurringInvoices', 'parameters'=>'', 'comment'=>'Generate recurring invoices', 'frequency'=>1, 'unitfrequency'=>3600 * 24, 'priority'=>50, 'status'=>1, 'test'=>'$conf->facture->enabled', 'datestart'=>$datestart), - 1=>array('label'=>'SendEmailsRemindersOnInvoiceDueDate', 'jobtype'=>'method', 'class'=>'compta/facture/class/facture.class.php', 'objectname'=>'Facture', 'method'=>'sendEmailsRemindersOnInvoiceDueDate', 'parameters'=>"10,all,EmailTemplateCode", 'comment'=>'Send an emails when the unpaid invoices reach a due date + n days = today. First param is the offset n of days, second parameter is "all" or a payment mode code, last paramater is the code of email template to use (an email template with EmailTemplateCode must exists. the version in the language of the thirdparty will be used in priority).', 'frequency'=>1, 'unitfrequency'=>3600 * 24, 'priority'=>50, 'status'=>0, 'test'=>'$conf->facture->enabled', 'datestart'=>$datestart), + 0 => array( + 'label'=>'RecurringInvoices', + 'jobtype'=>'method', + 'class'=>'compta/facture/class/facture-rec.class.php', + 'objectname'=>'FactureRec', + 'method'=>'createRecurringInvoices', + 'parameters'=>'', + 'comment'=>'Generate recurring invoices', + 'frequency'=>1, + 'unitfrequency'=>3600 * 24, + 'priority'=>50, + 'status'=>1, + 'test'=>'$conf->facture->enabled', + 'datestart'=>$datestart + ), + 1 => array( + 'label'=>'SendEmailsRemindersOnInvoiceDueDate', + 'jobtype'=>'method', + 'class'=>'compta/facture/class/facture.class.php', + 'objectname'=>'Facture', + 'method'=>'sendEmailsRemindersOnInvoiceDueDate', + 'parameters'=>"10,all,EmailTemplateCode", + 'comment'=>'Send an emails when the unpaid invoices reach a due date + n days = today. First param is the offset n of days, second parameter is "all" or a payment mode code, last paramater is the code of email template to use (an email template with EmailTemplateCode must exists. the version in the language of the thirdparty will be used in priority).', + 'frequency'=>1, + 'unitfrequency'=>3600 * 24, + 'priority'=>50, + 'status'=>0, + 'test'=>'$conf->facture->enabled', + 'datestart'=>$datestart + ), ); // Permissions diff --git a/htdocs/core/modules/modFournisseur.class.php b/htdocs/core/modules/modFournisseur.class.php index 71f101014ad..fae1cfc0eb8 100644 --- a/htdocs/core/modules/modFournisseur.class.php +++ b/htdocs/core/modules/modFournisseur.class.php @@ -488,7 +488,8 @@ class modFournisseur extends DolibarrModules $tmp = ''; $tmpparam = unserialize($obj->param); // $tmp ay be array 'options' => array 'c_currencies:code_iso:code_iso' => null if ($tmpparam['options'] && is_array($tmpparam['options'])) { - $tmp = array_shift(array_keys($tmpparam['options'])); + $array_keys = array_keys($tmpparam['options']); + $tmp = array_shift($array_keys); } if (preg_match('/[a-z0-9_]+:[a-z0-9_]+:[a-z0-9_]+/', $tmp)) { $typeFilter = "List:".$tmp; diff --git a/htdocs/core/modules/modSalaries.class.php b/htdocs/core/modules/modSalaries.class.php index 759804b409e..3464a5e14b3 100644 --- a/htdocs/core/modules/modSalaries.class.php +++ b/htdocs/core/modules/modSalaries.class.php @@ -101,7 +101,7 @@ class modSalaries extends DolibarrModules $r++; $this->rights[$r][0] = 511; - $this->rights[$r][1] = 'Read payments of employee salaries (yours and your subordinates)'; + $this->rights[$r][1] = 'Read employee salaries and payments (yours and your subordinates)'; $this->rights[$r][2] = 'r'; $this->rights[$r][3] = 0; $this->rights[$r][4] = 'read'; @@ -125,7 +125,7 @@ class modSalaries extends DolibarrModules $r++; $this->rights[$r][0] = 517; - $this->rights[$r][1] = 'Read payments of salariests of every employee'; + $this->rights[$r][1] = 'Read salaries and payments of all employees'; $this->rights[$r][2] = 'r'; $this->rights[$r][3] = 0; $this->rights[$r][4] = 'readall'; diff --git a/htdocs/core/modules/modWorkstation.class.php b/htdocs/core/modules/modWorkstation.class.php index b0fae39bb52..8e2d676bf27 100755 --- a/htdocs/core/modules/modWorkstation.class.php +++ b/htdocs/core/modules/modWorkstation.class.php @@ -263,73 +263,12 @@ class modWorkstation extends DolibarrModules $this->menu = array(); $r = 0; // Add here entries to declare new menus - /* BEGIN MODULEBUILDER TOPMENU */ - /*$this->menu[$r++] = array( - 'fk_menu'=>'', // '' if this is a top menu. For left menu, use 'fk_mainmenu=xxx' or 'fk_mainmenu=xxx,fk_leftmenu=yyy' where xxx is mainmenucode and yyy is a leftmenucode - 'type'=>'top', // This is a Top menu entry - 'titre'=>$langs->trans('GPAO'), - 'mainmenu'=>'gpao', - 'leftmenu'=>'', - 'url'=>'/workstation/workstationindex.php', - 'langs'=>'workstation@workstation', // Lang file to use (without .lang) by module. File must be in langs/code_CODE/ directory. - 'position'=>1000 + $r, - 'enabled'=>'$conf->workstation->enabled', // Define condition to show or hide menu entry. Use '$conf->workstation->enabled' if entry must be visible if module is enabled. - 'perms'=>'1', // Use 'perms'=>'$user->rights->workstation->workstation->read' if you want your menu with a permission rules - 'target'=>'', - 'user'=>2, // 0=Menu for internal users, 1=external users, 2=both - );*/ - /* END MODULEBUILDER TOPMENU */ - /* BEGIN MODULEBUILDER LEFTMENU WORKSTATION - $this->menu[$r++]=array( - 'fk_menu'=>'fk_mainmenu=workstation', // '' if this is a top menu. For left menu, use 'fk_mainmenu=xxx' or 'fk_mainmenu=xxx,fk_leftmenu=yyy' where xxx is mainmenucode and yyy is a leftmenucode - 'type'=>'left', // This is a Top menu entry - 'titre'=>'Workstation', - 'mainmenu'=>'workstation', - 'leftmenu'=>'workstation', - 'url'=>'/workstation/workstationindex.php', - 'langs'=>'workstation@workstation', // Lang file to use (without .lang) by module. File must be in langs/code_CODE/ directory. - 'position'=>1000+$r, - 'enabled'=>'$conf->workstation->enabled', // Define condition to show or hide menu entry. Use '$conf->workstation->enabled' if entry must be visible if module is enabled. - 'perms'=>'$user->rights->workstation->workstation->read', // Use 'perms'=>'$user->rights->workstation->level1->level2' if you want your menu with a permission rules - 'target'=>'', - 'user'=>2, // 0=Menu for internal users, 1=external users, 2=both - ); - $this->menu[$r++]=array( - 'fk_menu'=>'fk_mainmenu=workstation,fk_leftmenu=workstation', // '' if this is a top menu. For left menu, use 'fk_mainmenu=xxx' or 'fk_mainmenu=xxx,fk_leftmenu=yyy' where xxx is mainmenucode and yyy is a leftmenucode - 'type'=>'left', // This is a Left menu entry - 'titre'=>'List_Workstation', - 'mainmenu'=>'workstation', - 'leftmenu'=>'workstation_workstation_list', - 'url'=>'/workstation/workstation_list.php', - 'langs'=>'workstation@workstation', // Lang file to use (without .lang) by module. File must be in langs/code_CODE/ directory. - 'position'=>1000+$r, - 'enabled'=>'$conf->workstation->enabled', // Define condition to show or hide menu entry. Use '$conf->workstation->enabled' if entry must be visible if module is enabled. Use '$leftmenu==\'system\'' to show if leftmenu system is selected. - 'perms'=>'$user->rights->workstation->workstation->read', // Use 'perms'=>'$user->rights->workstation->level1->level2' if you want your menu with a permission rules - 'target'=>'', - 'user'=>2, // 0=Menu for internal users, 1=external users, 2=both - ); - $this->menu[$r++]=array( - 'fk_menu'=>'fk_mainmenu=workstation,fk_leftmenu=workstation', // '' if this is a top menu. For left menu, use 'fk_mainmenu=xxx' or 'fk_mainmenu=xxx,fk_leftmenu=yyy' where xxx is mainmenucode and yyy is a leftmenucode - 'type'=>'left', // This is a Left menu entry - 'titre'=>'New_Workstation', - 'mainmenu'=>'workstation', - 'leftmenu'=>'workstation_workstation_new', - 'url'=>'/workstation/workstation_card.php?action=create', - 'langs'=>'workstation@workstation', // Lang file to use (without .lang) by module. File must be in langs/code_CODE/ directory. - 'position'=>1000+$r, - 'enabled'=>'$conf->workstation->enabled', // Define condition to show or hide menu entry. Use '$conf->workstation->enabled' if entry must be visible if module is enabled. Use '$leftmenu==\'system\'' to show if leftmenu system is selected. - 'perms'=>'$user->rights->workstation->workstation->write', // Use 'perms'=>'$user->rights->workstation->level1->level2' if you want your menu with a permission rules - 'target'=>'', - 'user'=>2, // 0=Menu for internal users, 1=external users, 2=both - ); - */ - $this->menu[$r++]=array( // '' if this is a top menu. For left menu, use 'fk_mainmenu=xxx' or 'fk_mainmenu=xxx,fk_leftmenu=yyy' where xxx is mainmenucode and yyy is a leftmenucode 'fk_menu'=>'fk_mainmenu=mrp', // This is a Left menu entry 'type'=>'left', - 'titre'=>$langs->trans('Workstations'), + 'titre'=>'Workstations', 'prefix' => img_picto('', $this->picto, 'class="paddingright pictofixedwidth"'), 'mainmenu'=>'mrp', 'leftmenu'=>'workstation_workstation', @@ -350,7 +289,7 @@ class modWorkstation extends DolibarrModules 'fk_menu'=>'fk_mainmenu=mrp,fk_leftmenu=workstation_workstation', // This is a Left menu entry 'type'=>'left', - 'titre'=>$langs->trans('WorkstationCreate'), + 'titre'=>'WorkstationCreate', 'mainmenu'=>'mrp', 'leftmenu'=>'workstation_workstation_left_create', 'url'=>'/workstation/workstation_card.php?action=create', @@ -370,7 +309,7 @@ class modWorkstation extends DolibarrModules 'fk_menu'=>'fk_mainmenu=mrp,fk_leftmenu=workstation_workstation', // This is a Left menu entry 'type'=>'left', - 'titre'=>$langs->trans('List'), + 'titre'=>'List', 'mainmenu'=>'mrp', 'leftmenu'=>'workstation_workstation_left_list', 'url'=>'/workstation/workstation_list.php', diff --git a/htdocs/core/modules/movement/doc/pdf_standard.modules.php b/htdocs/core/modules/movement/doc/pdf_standard.modules.php index 82d930a1aac..e029c4d5d66 100644 --- a/htdocs/core/modules/movement/doc/pdf_standard.modules.php +++ b/htdocs/core/modules/movement/doc/pdf_standard.modules.php @@ -137,12 +137,12 @@ class pdf_stdandard extends ModelePDFMovement $this->marge_haute = isset($conf->global->MAIN_PDF_MARGIN_TOP) ? $conf->global->MAIN_PDF_MARGIN_TOP : 10; $this->marge_basse = isset($conf->global->MAIN_PDF_MARGIN_BOTTOM) ? $conf->global->MAIN_PDF_MARGIN_BOTTOM : 10; - $this->option_logo = 1; // Affiche logo - $this->option_codestockservice = 0; // Affiche code stock-service - $this->option_multilang = 1; // Dispo en plusieurs langues + $this->option_logo = 1; // Display logo + $this->option_codestockservice = 0; // Display stock-service code + $this->option_multilang = 1; // Available in several languages $this->option_freetext = 0; // Support add of a personalised text - // Recupere emetteur + // Get source company $this->emetteur = $mysoc; if (!$this->emetteur->country_code) { $this->emetteur->country_code = substr($langs->defaultlang, -2); // By default if not defined @@ -529,8 +529,8 @@ class pdf_stdandard extends ModelePDFMovement if (!empty($conf->global->MAIN_MULTILANGS)) { // si l'option est active $sql = "SELECT label"; $sql .= " FROM ".MAIN_DB_PREFIX."product_lang"; - $sql .= " WHERE fk_product=".$objp->rowid; - $sql .= " AND lang='".$this->db->escape($langs->getDefaultLang())."'"; + $sql .= " WHERE fk_product = ".((int) $objp->rowid); + $sql .= " AND lang = '".$this->db->escape($langs->getDefaultLang())."'"; $sql .= " LIMIT 1"; $result = $this->db->query($sql); diff --git a/htdocs/core/modules/mrp/doc/doc_generic_mo_odt.modules.php b/htdocs/core/modules/mrp/doc/doc_generic_mo_odt.modules.php index 374ae5b4337..e93ecd1af0a 100644 --- a/htdocs/core/modules/mrp/doc/doc_generic_mo_odt.modules.php +++ b/htdocs/core/modules/mrp/doc/doc_generic_mo_odt.modules.php @@ -3,7 +3,7 @@ * Copyright (C) 2012 Juanjo Menent * Copyright (C) 2014 Marcos García * Copyright (C) 2016 Charlie Benke - * Copyright (C) 2018-2019 Philippe Grand + * Copyright (C) 2018-2021 Philippe Grand * Copyright (C) 2018 Frédéric France * * This program is free software; you can redistribute it and/or modify @@ -85,18 +85,18 @@ class doc_generic_mo_odt extends ModelePDFMo $this->marge_haute = 0; $this->marge_basse = 0; - $this->option_logo = 1; // Affiche logo - $this->option_tva = 0; // Gere option tva - $this->option_modereg = 0; // Affiche mode reglement - $this->option_condreg = 0; // Affiche conditions reglement - $this->option_codeproduitservice = 0; // Affiche code produit-service - $this->option_multilang = 1; // Dispo en plusieurs langues - $this->option_escompte = 0; // Affiche si il y a eu escompte + $this->option_logo = 1; // Display logo + $this->option_tva = 0; // Manage the vat option + $this->option_modereg = 0; // Display payment mode + $this->option_condreg = 0; // Display payment terms + $this->option_codeproduitservice = 0; // Display product-service code + $this->option_multilang = 1; // Available in several languages + $this->option_escompte = 0; // Displays if there has been a discount $this->option_credit_note = 0; // Support credit notes $this->option_freetext = 1; // Support add of a personalised text $this->option_draft_watermark = 0; // Support add of a watermark on drafts - // Recupere emetteur + // Get source company $this->emetteur = $mysoc; if (!$this->emetteur->country_code) { $this->emetteur->country_code = substr($langs->defaultlang, -2); // By default if not defined @@ -158,7 +158,7 @@ class doc_generic_mo_odt extends ModelePDFMo $texte .= $conf->global->MRP_MO_ADDON_PDF_ODT_PATH; $texte .= ''; $texte .= '
    '; - $texte .= ''; + $texte .= ''; $texte .= '
    '; // Scan directories @@ -175,7 +175,7 @@ class doc_generic_mo_odt extends ModelePDFMo $texte .= '
    '; // Show list of found files foreach ($listoffiles as $file) { - $texte .= '- '.$file['name'].' '.img_picto('', 'listlight').'
    '; + $texte .= '- '.$file['name'].' '.img_picto('', 'listlight').'
    '; } $texte .= '
    '; } @@ -284,8 +284,12 @@ class doc_generic_mo_odt extends ModelePDFMo //print "file=".$file; //print "conf->societe->dir_temp=".$conf->societe->dir_temp; - dol_mkdir($conf->bom->dir_temp); - + dol_mkdir($conf->mrp->dir_temp); + if (!is_writable($conf->mrp->dir_temp)) { + $this->error = "Failed to write in temp directory ".$conf->mrp->dir_temp; + dol_syslog('Error in write_file: '.$this->error, LOG_ERR); + return -1; + } // If CUSTOMER contact defined on order, we use it $usecontact = false; @@ -342,11 +346,13 @@ class doc_generic_mo_odt extends ModelePDFMo dol_syslog($e->getMessage(), LOG_INFO); return -1; } + // After construction $odfHandler->contentXml contains content and // [!-- BEGIN row.lines --]*[!-- END row.lines --] has been replaced by // [!-- BEGIN lines --]*[!-- END lines --] //print html_entity_decode($odfHandler->__toString()); //print exit; + /* // Make substitutions into odt of freetext @@ -379,20 +385,22 @@ class doc_generic_mo_odt extends ModelePDFMo foreach ($tmparray as $key => $value) { try { - if (preg_match('/logo$/', $key)) { // Image + if (preg_match('/logo$/', $key)) { + // Image if (file_exists($value)) { $odfHandler->setImage($key, $value); } else { $odfHandler->setVars($key, 'ErrorFileNotFound', true, 'UTF-8'); } - } else // Text - { + } else { + // Text $odfHandler->setVars($key, $value, true, 'UTF-8'); } } catch (OdfException $e) { dol_syslog($e->getMessage(), LOG_INFO); } } + // Replace tags of lines try { $foundtagforlines = 1; @@ -403,6 +411,7 @@ class doc_generic_mo_odt extends ModelePDFMo $foundtagforlines = 0; dol_syslog($e->getMessage(), LOG_INFO); } + if ($foundtagforlines) { $linenumber = 0; foreach ($object->lines as $line) { @@ -445,14 +454,14 @@ class doc_generic_mo_odt extends ModelePDFMo $parameters = array('odfHandler'=>&$odfHandler, 'file'=>$file, 'object'=>$object, 'outputlangs'=>$outputlangs, 'substitutionarray'=>&$tmparray); $reshook = $hookmanager->executeHooks('beforeODTSave', $parameters, $this, $action); // Note that $action and $object may have been modified by some hooks - + */ // Write new file if (!empty($conf->global->MAIN_ODT_AS_PDF)) { try { $odfHandler->exportAsAttachedPDF($file); } catch (Exception $e) { $this->error = $e->getMessage(); - dol_syslog($e->getMessage(), LOG_INFO); + dol_syslog('Error in exportAsAttachedPDF: '.$e->getMessage(), LOG_INFO); return -1; } } else { @@ -460,7 +469,7 @@ class doc_generic_mo_odt extends ModelePDFMo $odfHandler->saveToDisk($file); } catch (Exception $e) { $this->error = $e->getMessage(); - dol_syslog($e->getMessage(), LOG_INFO); + dol_syslog('Error in saveToDisk: '.$e->getMessage(), LOG_INFO); return -1; } } diff --git a/htdocs/core/modules/mrp/mod_mo_advanced.php b/htdocs/core/modules/mrp/mod_mo_advanced.php index 3d70ded1ba2..14292f7f896 100644 --- a/htdocs/core/modules/mrp/mod_mo_advanced.php +++ b/htdocs/core/modules/mrp/mod_mo_advanced.php @@ -80,7 +80,7 @@ class mod_mo_advanced extends ModeleNumRefMos // Parametrage du prefix $texte .= ''.$langs->trans("Mask").':'; - $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; + $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; $texte .= '  '; diff --git a/htdocs/core/modules/mrp/modules_mo.php b/htdocs/core/modules/mrp/modules_mo.php index 82a1a9f3b56..454df89bcde 100644 --- a/htdocs/core/modules/mrp/modules_mo.php +++ b/htdocs/core/modules/mrp/modules_mo.php @@ -52,7 +52,7 @@ abstract class ModelePDFMo extends CommonDocGenerator // phpcs:enable global $conf; - $type = 'mo'; + $type = 'mrp'; $list = array(); include_once DOL_DOCUMENT_ROOT.'/core/lib/functions2.lib.php'; diff --git a/htdocs/core/modules/payment/mod_payment_ant.php b/htdocs/core/modules/payment/mod_payment_ant.php index 10926805721..dca32b26505 100644 --- a/htdocs/core/modules/payment/mod_payment_ant.php +++ b/htdocs/core/modules/payment/mod_payment_ant.php @@ -82,7 +82,7 @@ class mod_payment_ant extends ModeleNumRefPayments // Parametrage du prefix $texte .= ''.$langs->trans("Mask").':'; - $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; + $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; $texte .= '  '; diff --git a/htdocs/core/modules/product/doc/doc_generic_product_odt.modules.php b/htdocs/core/modules/product/doc/doc_generic_product_odt.modules.php index 19a752d5be7..1acf50dd95a 100644 --- a/htdocs/core/modules/product/doc/doc_generic_product_odt.modules.php +++ b/htdocs/core/modules/product/doc/doc_generic_product_odt.modules.php @@ -83,18 +83,18 @@ class doc_generic_product_odt extends ModelePDFProduct $this->marge_haute = 0; $this->marge_basse = 0; - $this->option_logo = 1; // Affiche logo - $this->option_tva = 0; // Gere option tva PRODUCT_TVAOPTION - $this->option_modereg = 0; // Affiche mode reglement - $this->option_condreg = 0; // Affiche conditions reglement - $this->option_codeproduitservice = 0; // Affiche code produit-service - $this->option_multilang = 1; // Dispo en plusieurs langues - $this->option_escompte = 0; // Affiche si il y a eu escompte + $this->option_logo = 1; // Display logo + $this->option_tva = 0; // Manage the vat option PRODUCT_TVAOPTION + $this->option_modereg = 0; // Display payment mode + $this->option_condreg = 0; // Display payment terms + $this->option_codeproduitservice = 0; // Display product-service code + $this->option_multilang = 1; // Available in several languages + $this->option_escompte = 0; // Displays if there has been a discount $this->option_credit_note = 0; // Support credit notes $this->option_freetext = 1; // Support add of a personalised text $this->option_draft_watermark = 0; // Support add of a watermark on drafts - // Recupere emetteur + // Get source company $this->emetteur = $mysoc; if (!$this->emetteur->country_code) { $this->emetteur->country_code = substr($langs->defaultlang, -2); // By default if not defined @@ -161,7 +161,7 @@ class doc_generic_product_odt extends ModelePDFProduct $texte .= $conf->global->PRODUCT_ADDON_PDF_ODT_PATH; $texte .= ''; $texte .= '
    '; - $texte .= ''; + $texte .= ''; $texte .= '
    '; // Scan directories @@ -302,7 +302,11 @@ class doc_generic_product_odt extends ModelePDFProduct //print "conf->product->dir_temp=".$conf->product->dir_temp; dol_mkdir($conf->product->dir_temp); - + if (!is_writable($conf->product->dir_temp)) { + $this->error = "Failed to write in temp directory ".$conf->product->dir_temp; + dol_syslog('Error in write_file: '.$this->error, LOG_ERR); + return -1; + } // If CUSTOMER contact defined on product, we use it $usecontact = false; diff --git a/htdocs/core/modules/product/doc/pdf_standard.modules.php b/htdocs/core/modules/product/doc/pdf_standard.modules.php index 99b6ff69236..815fc4d1c66 100644 --- a/htdocs/core/modules/product/doc/pdf_standard.modules.php +++ b/htdocs/core/modules/product/doc/pdf_standard.modules.php @@ -137,12 +137,12 @@ class pdf_standard extends ModelePDFProduct $this->marge_haute = isset($conf->global->MAIN_PDF_MARGIN_TOP) ? $conf->global->MAIN_PDF_MARGIN_TOP : 10; $this->marge_basse = isset($conf->global->MAIN_PDF_MARGIN_BOTTOM) ? $conf->global->MAIN_PDF_MARGIN_BOTTOM : 10; - $this->option_logo = 1; // Affiche logo - $this->option_codeproduitservice = 0; // Affiche code produit-service - $this->option_multilang = 1; // Dispo en plusieurs langues + $this->option_logo = 1; // Display logo + $this->option_codeproduitservice = 0; // Display product-service code + $this->option_multilang = 1; // Available in several languages $this->option_freetext = 0; // Support add of a personalised text - // Recupere emetteur + // Get source company $this->emetteur = $mysoc; if (!$this->emetteur->country_code) { $this->emetteur->country_code = substr($langs->defaultlang, -2); // By default if not defined diff --git a/htdocs/core/modules/product/mod_codeproduct_elephant.php b/htdocs/core/modules/product/mod_codeproduct_elephant.php index 0a302c0fb6b..5936476e079 100644 --- a/htdocs/core/modules/product/mod_codeproduct_elephant.php +++ b/htdocs/core/modules/product/mod_codeproduct_elephant.php @@ -116,7 +116,7 @@ class mod_codeproduct_elephant extends ModeleProductCode // Parametrage du prefix customers $texte .= ''.$langs->trans("Mask").' ('.$langs->trans("ProductCodeModel").'):'; - $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; + $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; $texte .= '  '; @@ -124,7 +124,7 @@ class mod_codeproduct_elephant extends ModeleProductCode // Parametrage du prefix suppliers $texte .= ''.$langs->trans("Mask").' ('.$langs->trans("ServiceCodeModel").'):'; - $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; + $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; $texte .= ''; $texte .= ''; diff --git a/htdocs/core/modules/product_batch/mod_lot_advanced.php b/htdocs/core/modules/product_batch/mod_lot_advanced.php index c580d8915c9..0bbb124d14b 100644 --- a/htdocs/core/modules/product_batch/mod_lot_advanced.php +++ b/htdocs/core/modules/product_batch/mod_lot_advanced.php @@ -80,7 +80,7 @@ class mod_lot_advanced extends ModeleNumRefBatch // Parametrage du prefix $texte .= ''.$langs->trans("Mask").':'; - $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; + $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; $texte .= '  '; diff --git a/htdocs/core/modules/product_batch/mod_sn_advanced.php b/htdocs/core/modules/product_batch/mod_sn_advanced.php index 74f36a55fe6..8117b9e6c6e 100644 --- a/htdocs/core/modules/product_batch/mod_sn_advanced.php +++ b/htdocs/core/modules/product_batch/mod_sn_advanced.php @@ -80,7 +80,7 @@ class mod_sn_advanced extends ModeleNumRefBatch // Parametrage du prefix $texte .= ''.$langs->trans("Mask").':'; - $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; + $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; $texte .= '  '; diff --git a/htdocs/core/modules/project/doc/doc_generic_project_odt.modules.php b/htdocs/core/modules/project/doc/doc_generic_project_odt.modules.php index d007b421fd7..233180630b0 100644 --- a/htdocs/core/modules/project/doc/doc_generic_project_odt.modules.php +++ b/htdocs/core/modules/project/doc/doc_generic_project_odt.modules.php @@ -120,18 +120,18 @@ class doc_generic_project_odt extends ModelePDFProjects $this->marge_haute = 0; $this->marge_basse = 0; - $this->option_logo = 1; // Affiche logo - $this->option_tva = 0; // Gere option tva COMMANDE_TVAOPTION - $this->option_modereg = 0; // Affiche mode reglement - $this->option_condreg = 0; // Affiche conditions reglement - $this->option_codeproduitservice = 0; // Affiche code produit-service - $this->option_multilang = 1; // Dispo en plusieurs langues - $this->option_escompte = 0; // Affiche si il y a eu escompte + $this->option_logo = 1; // Display logo + $this->option_tva = 0; // Manage the vat option COMMANDE_TVAOPTION + $this->option_modereg = 0; // Display payment mode + $this->option_condreg = 0; // Display payment terms + $this->option_codeproduitservice = 0; // Display product-service code + $this->option_multilang = 1; // Available in several languages + $this->option_escompte = 0; // Displays if there has been a discount $this->option_credit_note = 0; // Support credit notes $this->option_freetext = 1; // Support add of a personalised text $this->option_draft_watermark = 0; // Support add of a watermark on drafts - // Recupere emetteur + // Get source company $this->emetteur = $mysoc; if (!$this->emetteur->pays_code) { $this->emetteur->pays_code = substr($langs->defaultlang, -2); // Par defaut, si n'etait pas defini @@ -449,7 +449,7 @@ class doc_generic_project_odt extends ModelePDFProjects $texte .= $conf->global->PROJECT_ADDON_PDF_ODT_PATH; $texte .= ''; $texte .= '
    '; - $texte .= ''; + $texte .= ''; $texte .= '
    '; // Scan directories @@ -574,6 +574,11 @@ class doc_generic_project_odt extends ModelePDFProjects //print "conf->societe->dir_temp=".$conf->societe->dir_temp; dol_mkdir($conf->projet->dir_temp); + if (!is_writable($conf->projet->dir_temp)) { + $this->error = "Failed to write in temp directory ".$conf->projet->dir_temp; + dol_syslog('Error in write_file: '.$this->error, LOG_ERR); + return -1; + } // If PROJECTLEADER contact defined on project, we use it $usecontact = false; @@ -742,7 +747,7 @@ class doc_generic_project_odt extends ModelePDFProjects $sql .= ", u.lastname, u.firstname, t.thm"; $sql .= " FROM ".MAIN_DB_PREFIX."projet_task_time as t"; $sql .= " , ".MAIN_DB_PREFIX."user as u"; - $sql .= " WHERE t.fk_task =".$task->id; + $sql .= " WHERE t.fk_task =".((int) $task->id); $sql .= " AND t.fk_user = u.rowid"; $sql .= " ORDER BY t.task_date DESC"; diff --git a/htdocs/core/modules/project/mod_project_universal.php b/htdocs/core/modules/project/mod_project_universal.php index 3ab4079c1b7..480d19396c3 100644 --- a/htdocs/core/modules/project/mod_project_universal.php +++ b/htdocs/core/modules/project/mod_project_universal.php @@ -83,7 +83,7 @@ class mod_project_universal extends ModeleNumRefProjects // Parametrage du prefix $texte .= ''.$langs->trans("Mask").':'; - $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; + $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; $texte .= '  '; diff --git a/htdocs/core/modules/project/task/doc/doc_generic_task_odt.modules.php b/htdocs/core/modules/project/task/doc/doc_generic_task_odt.modules.php index 2d263aae6c0..566c7f07a2e 100644 --- a/htdocs/core/modules/project/task/doc/doc_generic_task_odt.modules.php +++ b/htdocs/core/modules/project/task/doc/doc_generic_task_odt.modules.php @@ -121,21 +121,21 @@ class doc_generic_task_odt extends ModelePDFTask $this->marge_haute = 0; $this->marge_basse = 0; - $this->option_logo = 1; // Affiche logo - $this->option_tva = 0; // Gere option tva COMMANDE_TVAOPTION - $this->option_modereg = 0; // Affiche mode reglement - $this->option_condreg = 0; // Affiche conditions reglement - $this->option_codeproduitservice = 0; // Affiche code produit-service - $this->option_multilang = 0; // Dispo en plusieurs langues - $this->option_escompte = 0; // Affiche si il y a eu escompte + $this->option_logo = 1; // Display logo + $this->option_tva = 0; // Manage the vat option COMMANDE_TVAOPTION + $this->option_modereg = 0; // Display payment mode + $this->option_condreg = 0; // Display payment terms + $this->option_codeproduitservice = 0; // Display product-service code + $this->option_multilang = 0; // Available in several languages + $this->option_escompte = 0; // Displays if there has been a discount $this->option_credit_note = 0; // Support credit notes $this->option_freetext = 1; // Support add of a personalised text $this->option_draft_watermark = 0; // Support add of a watermark on drafts - // Recupere emetteur + // Get source company $this->emetteur = $mysoc; if (!$this->emetteur->pays_code) { - $this->emetteur->pays_code = substr($langs->defaultlang, -2); // Par defaut, si n'etait pas defini + $this->emetteur->pays_code = substr($langs->defaultlang, -2); // By default, if was not defined } } @@ -416,7 +416,7 @@ class doc_generic_task_odt extends ModelePDFTask $texte .= $conf->global->PROJECT_TASK_ADDON_PDF_ODT_PATH; $texte .= ''; $texte .= '
    '; - $texte .= ''; + $texte .= ''; $texte .= '
    '; // Scan directories @@ -524,6 +524,11 @@ class doc_generic_task_odt extends ModelePDFTask //print "conf->societe->dir_temp=".$conf->societe->dir_temp; dol_mkdir($conf->projet->dir_temp); + if (!is_writable($conf->task->dir_temp)) { + $this->error = "Failed to write in temp directory ".$conf->task->dir_temp; + dol_syslog('Error in write_file: '.$this->error, LOG_ERR); + return -1; + } $socobject = $project->thirdparty; @@ -657,7 +662,7 @@ class doc_generic_task_odt extends ModelePDFTask $sql .= ", u.lastname, u.firstname"; $sql .= " FROM ".MAIN_DB_PREFIX."projet_task_time as t"; $sql .= " , ".MAIN_DB_PREFIX."user as u"; - $sql .= " WHERE t.fk_task =".$object->id; + $sql .= " WHERE t.fk_task =".((int) $object->id); $sql .= " AND t.fk_user = u.rowid"; $sql .= " ORDER BY t.task_date DESC"; diff --git a/htdocs/core/modules/project/task/mod_task_universal.php b/htdocs/core/modules/project/task/mod_task_universal.php index 011ac381254..3a6ef89f3fb 100644 --- a/htdocs/core/modules/project/task/mod_task_universal.php +++ b/htdocs/core/modules/project/task/mod_task_universal.php @@ -83,7 +83,7 @@ class mod_task_universal extends ModeleNumRefTask // Parametrage du prefix $texte .= ''.$langs->trans("Mask").':'; - $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; + $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; $texte .= '  '; diff --git a/htdocs/core/modules/propale/doc/doc_generic_proposal_odt.modules.php b/htdocs/core/modules/propale/doc/doc_generic_proposal_odt.modules.php index 4a292d4a97b..9c7e0af4df0 100644 --- a/htdocs/core/modules/propale/doc/doc_generic_proposal_odt.modules.php +++ b/htdocs/core/modules/propale/doc/doc_generic_proposal_odt.modules.php @@ -82,18 +82,18 @@ class doc_generic_proposal_odt extends ModelePDFPropales $this->marge_haute = 0; $this->marge_basse = 0; - $this->option_logo = 1; // Affiche logo - $this->option_tva = 0; // Gere option tva PROPALE_TVAOPTION - $this->option_modereg = 0; // Affiche mode reglement - $this->option_condreg = 0; // Affiche conditions reglement - $this->option_codeproduitservice = 0; // Affiche code produit-service - $this->option_multilang = 1; // Dispo en plusieurs langues - $this->option_escompte = 0; // Affiche si il y a eu escompte + $this->option_logo = 1; // Display logo + $this->option_tva = 0; // Manage the vat option PROPALE_TVAOPTION + $this->option_modereg = 0; // Display payment mode + $this->option_condreg = 0; // Display payment terms + $this->option_codeproduitservice = 0; // Display product-service code + $this->option_multilang = 1; // Available in several languages + $this->option_escompte = 0; // Displays if there has been a discount $this->option_credit_note = 0; // Support credit notes $this->option_freetext = 1; // Support add of a personalised text $this->option_draft_watermark = 0; // Support add of a watermark on drafts - // Recupere emetteur + // Get source company $this->emetteur = $mysoc; if (!$this->emetteur->country_code) { $this->emetteur->country_code = substr($langs->defaultlang, -2); // By default if not defined @@ -160,7 +160,7 @@ class doc_generic_proposal_odt extends ModelePDFPropales $texte .= $conf->global->PROPALE_ADDON_PDF_ODT_PATH; $texte .= ''; $texte .= '
    '; - $texte .= ''; + $texte .= ''; $texte .= '
    '; // Scan directories @@ -209,7 +209,7 @@ class doc_generic_proposal_odt extends ModelePDFPropales // Add input to upload a new template file. $texte .= '
    '.$langs->trans("UploadNewTemplate").' '; $texte .= ''; - $texte .= ''; + $texte .= ''; $texte .= '
    '; $texte .= ''; @@ -318,7 +318,11 @@ class doc_generic_proposal_odt extends ModelePDFPropales //print "conf->propal->dir_temp=".$conf->propal->dir_temp; dol_mkdir($conf->propal->multidir_temp[$object->entity]); - + if (!is_writable($conf->propal->dir_temp)) { + $this->error = "Failed to write in temp directory ".$conf->propal->dir_temp; + dol_syslog('Error in write_file: '.$this->error, LOG_ERR); + return -1; + } // If CUSTOMER contact defined on proposal, we use it $usecontact = false; diff --git a/htdocs/core/modules/propale/mod_propale_saphir.php b/htdocs/core/modules/propale/mod_propale_saphir.php index 5fb7eeaa6fb..ce78f341319 100644 --- a/htdocs/core/modules/propale/mod_propale_saphir.php +++ b/htdocs/core/modules/propale/mod_propale_saphir.php @@ -85,7 +85,7 @@ class mod_propale_saphir extends ModeleNumRefPropales // Parametrage du prefix $texte .= ''.$langs->trans("Mask").':'; - $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; + $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; $texte .= '  '; diff --git a/htdocs/core/modules/rapport/pdf_paiement.class.php b/htdocs/core/modules/rapport/pdf_paiement.class.php index b69ebdeb828..9f85aca1aff 100644 --- a/htdocs/core/modules/rapport/pdf_paiement.class.php +++ b/htdocs/core/modules/rapport/pdf_paiement.class.php @@ -209,7 +209,7 @@ class pdf_paiement $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".$user->id; } if (!empty($socid)) { - $sql .= " AND s.rowid = ".$socid; + $sql .= " AND s.rowid = ".((int) $socid); } // If global param PAYMENTS_REPORT_GROUP_BY_MOD is set, payement are ordered by paiement_code if (!empty($conf->global->PAYMENTS_REPORT_GROUP_BY_MOD)) { diff --git a/htdocs/core/modules/reception/doc/doc_generic_reception_odt.modules.php b/htdocs/core/modules/reception/doc/doc_generic_reception_odt.modules.php index 13a05b3378d..93dbc4995b4 100644 --- a/htdocs/core/modules/reception/doc/doc_generic_reception_odt.modules.php +++ b/htdocs/core/modules/reception/doc/doc_generic_reception_odt.modules.php @@ -80,18 +80,18 @@ class doc_generic_reception_odt extends ModelePdfReception $this->marge_haute = 0; $this->marge_basse = 0; - $this->option_logo = 1; // Affiche logo - $this->option_tva = 0; // Gere option tva RECEPTION_TVAOPTION - $this->option_modereg = 0; // Affiche mode reglement - $this->option_condreg = 0; // Affiche conditions reglement - $this->option_codeproduitservice = 0; // Affiche code produit-service - $this->option_multilang = 1; // Dispo en plusieurs langues - $this->option_escompte = 0; // Affiche si il y a eu escompte + $this->option_logo = 1; // Display logo + $this->option_tva = 0; // Manage the vat option RECEPTION_TVAOPTION + $this->option_modereg = 0; // Display payment mode + $this->option_condreg = 0; // Display payment terms + $this->option_codeproduitservice = 0; // Display product-service code + $this->option_multilang = 1; // Available in several languages + $this->option_escompte = 0; // Displays if there has been a discount $this->option_credit_note = 0; // Support credit notes $this->option_freetext = 1; // Support add of a personalised text $this->option_draft_watermark = 0; // Support add of a watermark on drafts - // Recupere emetteur + // Get source company $this->emetteur = $mysoc; if (!$this->emetteur->country_code) { $this->emetteur->country_code = substr($langs->defaultlang, -2); // By default if not defined @@ -153,7 +153,7 @@ class doc_generic_reception_odt extends ModelePdfReception $texte .= $conf->global->RECEPTION_ADDON_PDF_ODT_PATH; $texte .= ''; $texte .= '
    '; - $texte .= ''; + $texte .= ''; $texte .= '
    '; // Scan directories @@ -282,7 +282,11 @@ class doc_generic_reception_odt extends ModelePdfReception //print "conf->societe->dir_temp=".$conf->societe->dir_temp; dol_mkdir($conf->reception->dir_temp); - + if (!is_writable($conf->reception->dir_temp)) { + $this->error = "Failed to write in temp directory ".$conf->reception->dir_temp; + dol_syslog('Error in write_file: '.$this->error, LOG_ERR); + return -1; + } // If BILLING contact defined on invoice, we use it $usecontact = false; diff --git a/htdocs/core/modules/reception/doc/pdf_squille.modules.php b/htdocs/core/modules/reception/doc/pdf_squille.modules.php index 0e4474b6b8c..f7ba7a42842 100644 --- a/htdocs/core/modules/reception/doc/pdf_squille.modules.php +++ b/htdocs/core/modules/reception/doc/pdf_squille.modules.php @@ -32,7 +32,11 @@ require_once DOL_DOCUMENT_ROOT.'/core/lib/pdf.lib.php'; */ class pdf_squille extends ModelePdfReception { - public $emetteur; // Objet societe qui emet + /** + * Issuer + * @var Societe object that emits + */ + public $emetteur; /** @@ -58,7 +62,7 @@ class pdf_squille extends ModelePdfReception $this->marge_haute = isset($conf->global->MAIN_PDF_MARGIN_TOP) ? $conf->global->MAIN_PDF_MARGIN_TOP : 10; $this->marge_basse = isset($conf->global->MAIN_PDF_MARGIN_BOTTOM) ? $conf->global->MAIN_PDF_MARGIN_BOTTOM : 10; - $this->option_logo = 1; + $this->option_logo = 1; // Display logo // Get source company $this->emetteur = $mysoc; diff --git a/htdocs/core/modules/reception/mod_reception_moonstone.php b/htdocs/core/modules/reception/mod_reception_moonstone.php index bcab451ab9e..0d0ced20eb4 100644 --- a/htdocs/core/modules/reception/mod_reception_moonstone.php +++ b/htdocs/core/modules/reception/mod_reception_moonstone.php @@ -61,7 +61,7 @@ class mod_reception_moonstone extends ModelNumRefReception $tooltip .= $langs->trans("GenericMaskCodes5"); $texte .= ''.$langs->trans("Mask").':'; - $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; + $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; $texte .= '  '; $texte .= ''; $texte .= ''; diff --git a/htdocs/core/modules/societe/doc/doc_generic_odt.modules.php b/htdocs/core/modules/societe/doc/doc_generic_odt.modules.php index 1822a5b8c95..fdafb22e96b 100644 --- a/htdocs/core/modules/societe/doc/doc_generic_odt.modules.php +++ b/htdocs/core/modules/societe/doc/doc_generic_odt.modules.php @@ -76,12 +76,12 @@ class doc_generic_odt extends ModeleThirdPartyDoc $this->marge_haute = 0; $this->marge_basse = 0; - $this->option_logo = 1; // Affiche logo + $this->option_logo = 1; // Display logo // Retrieves transmitter $this->emetteur = $mysoc; if (!$this->emetteur->country_code) { - $this->emetteur->country_code = substr($langs->defaultlang, -2); // Par defaut, si n'etait pas defini + $this->emetteur->country_code = substr($langs->defaultlang, -2); // By default, if was not defined } } @@ -141,7 +141,7 @@ class doc_generic_odt extends ModeleThirdPartyDoc $texte .= ''; $texte .= ''; $texte .= '  '; - $texte .= ''; + $texte .= ''; $texte .= ''; $texte .= ''; $texte .= ''; @@ -167,7 +167,7 @@ class doc_generic_odt extends ModeleThirdPartyDoc // Add input to upload a new template file. $texte .= '
    '.$langs->trans("UploadNewTemplate").' '; $texte .= ''; - $texte .= ''; + $texte .= ''; $texte .= '
    '; $texte .= ''; @@ -266,6 +266,11 @@ class doc_generic_odt extends ModeleThirdPartyDoc //exit; dol_mkdir($conf->societe->multidir_temp[$object->entity]); + if (!is_writable($conf->societe->multidir_temp[$object->entity])) { + $this->error = "Failed to write in temp directory ".$conf->societe->multidir_temp[$object->entity]; + dol_syslog('Error in write_file: '.$this->error, LOG_ERR); + return -1; + } // Open and load template require_once ODTPHP_PATH.'odf.php'; diff --git a/htdocs/core/modules/societe/mod_codeclient_elephant.php b/htdocs/core/modules/societe/mod_codeclient_elephant.php index 9ddf77abe44..705564e7e8e 100644 --- a/htdocs/core/modules/societe/mod_codeclient_elephant.php +++ b/htdocs/core/modules/societe/mod_codeclient_elephant.php @@ -132,7 +132,7 @@ class mod_codeclient_elephant extends ModeleThirdPartyCode // Parametrage du prefix customers $texte .= ''.$langs->trans("Mask").' ('.$langs->trans("CustomerCodeModel").'):'; - $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; + $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; $texte .= '  '; @@ -140,7 +140,7 @@ class mod_codeclient_elephant extends ModeleThirdPartyCode // Parametrage du prefix suppliers $texte .= ''.$langs->trans("Mask").' ('.$langs->trans("SupplierCodeModel").'):'; - $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; + $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; $texte .= ''; $texte .= ''; diff --git a/htdocs/core/modules/stock/doc/doc_generic_stock_odt.modules.php b/htdocs/core/modules/stock/doc/doc_generic_stock_odt.modules.php index 2819adea021..5ca5019588a 100644 --- a/htdocs/core/modules/stock/doc/doc_generic_stock_odt.modules.php +++ b/htdocs/core/modules/stock/doc/doc_generic_stock_odt.modules.php @@ -82,18 +82,18 @@ class doc_generic_stock_odt extends ModelePDFStock $this->marge_haute = 0; $this->marge_basse = 0; - $this->option_logo = 1; // Affiche logo - $this->option_tva = 0; // Gere option tva STOCK_TVAOPTION - $this->option_modereg = 0; // Affiche mode reglement - $this->option_condreg = 0; // Affiche conditions reglement - $this->option_codeproduitservice = 0; // Affiche code produit-service - $this->option_multilang = 1; // Dispo en plusieurs langues - $this->option_escompte = 0; // Affiche si il y a eu escompte + $this->option_logo = 1; // Display logo + $this->option_tva = 0; // Manage the vat option STOCK_TVAOPTION + $this->option_modereg = 0; // Display payment mode + $this->option_condreg = 0; // Display payment terms + $this->option_codeproduitservice = 0; // Display product-service code + $this->option_multilang = 1; // Available in several languages + $this->option_escompte = 0; // Displays if there has been a discount $this->option_credit_note = 0; // Support credit notes $this->option_freetext = 1; // Support add of a personalised text $this->option_draft_watermark = 0; // Support add of a watermark on drafts - // Recupere emetteur + // Get source company $this->emetteur = $mysoc; if (!$this->emetteur->country_code) { $this->emetteur->country_code = substr($langs->defaultlang, -2); // By default if not defined @@ -155,7 +155,7 @@ class doc_generic_stock_odt extends ModelePDFStock $texte .= $conf->global->STOCK_ADDON_PDF_ODT_PATH; $texte .= ''; $texte .= '
    '; - $texte .= ''; + $texte .= ''; $texte .= '
    '; // Scan directories @@ -179,7 +179,7 @@ class doc_generic_stock_odt extends ModelePDFStock // Add input to upload a new template file. $texte .= '
    '.$langs->trans("UploadNewTemplate").' '; $texte .= ''; - $texte .= ''; + $texte .= ''; $texte .= '
    '; $texte .= ''; @@ -291,7 +291,11 @@ class doc_generic_stock_odt extends ModelePDFStock //print "conf->product->dir_temp=".$conf->product->dir_temp; dol_mkdir($conf->product->dir_temp); - + if (!is_writable($conf->product->dir_temp)) { + $this->error = "Failed to write in temp directory ".$conf->product->dir_temp; + dol_syslog('Error in write_file: '.$this->error, LOG_ERR); + return -1; + } // If CUSTOMER contact defined on stock, we use it $usecontact = false; diff --git a/htdocs/core/modules/stock/doc/pdf_standard.modules.php b/htdocs/core/modules/stock/doc/pdf_standard.modules.php index a57b996086b..ebc109151d6 100644 --- a/htdocs/core/modules/stock/doc/pdf_standard.modules.php +++ b/htdocs/core/modules/stock/doc/pdf_standard.modules.php @@ -137,12 +137,12 @@ class pdf_standard extends ModelePDFStock $this->marge_haute = isset($conf->global->MAIN_PDF_MARGIN_TOP) ? $conf->global->MAIN_PDF_MARGIN_TOP : 10; $this->marge_basse = isset($conf->global->MAIN_PDF_MARGIN_BOTTOM) ? $conf->global->MAIN_PDF_MARGIN_BOTTOM : 10; - $this->option_logo = 1; // Affiche logo - $this->option_codestockservice = 0; // Affiche code stock-service - $this->option_multilang = 1; // Dispo en plusieurs langues + $this->option_logo = 1; // Display logo + $this->option_codestockservice = 0; // Display product-service code + $this->option_multilang = 1; // Available in several languages $this->option_freetext = 0; // Support add of a personalised text - // Recupere emetteur + // Get source company $this->emetteur = $mysoc; if (!$this->emetteur->country_code) { $this->emetteur->country_code = substr($langs->defaultlang, -2); // By default if not defined @@ -315,7 +315,7 @@ class pdf_standard extends ModelePDFStock $sql .= " FROM ".MAIN_DB_PREFIX."product_stock as ps, ".MAIN_DB_PREFIX."product as p"; $sql .= " WHERE ps.fk_product = p.rowid"; $sql .= " AND ps.reel <> 0"; // We do not show if stock is 0 (no product in this warehouse) - $sql .= " AND ps.fk_entrepot = ".$object->id; + $sql .= " AND ps.fk_entrepot = ".((int) $object->id); $sql .= $this->db->order($sortfield, $sortorder); //dol_syslog('List products', LOG_DEBUG); diff --git a/htdocs/core/modules/supplier_invoice/mod_facture_fournisseur_tulip.php b/htdocs/core/modules/supplier_invoice/mod_facture_fournisseur_tulip.php index 3cf0a4a209e..57d5798c29e 100644 --- a/htdocs/core/modules/supplier_invoice/mod_facture_fournisseur_tulip.php +++ b/htdocs/core/modules/supplier_invoice/mod_facture_fournisseur_tulip.php @@ -93,7 +93,7 @@ class mod_facture_fournisseur_tulip extends ModeleNumRefSuppliersInvoices // Setting the prefix $texte .= ''.$langs->trans("Mask").' ('.$langs->trans("InvoiceStandard").')'; $texte .= ':'; - $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; + $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; $texte .= '  '; @@ -101,19 +101,19 @@ class mod_facture_fournisseur_tulip extends ModeleNumRefSuppliersInvoices // Prefix setting of credit note $texte .= ''.$langs->trans("Mask").' ('.$langs->trans("InvoiceAvoir").'):'; - $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; + $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; $texte .= ''; if ($conf->global->MAIN_FEATURE_LEVEL >= 2) { // Parametrage du prefix des replacement $texte .= ''.$langs->trans("Mask").' ('.$langs->trans("InvoiceReplacement").'):'; - $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; + $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; $texte .= ''; } // Prefix setting of deposit $texte .= ''.$langs->trans("Mask").' ('.$langs->trans("InvoiceDeposit").'):'; - $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; + $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; $texte .= ''; $texte .= ''; diff --git a/htdocs/core/modules/supplier_order/doc/doc_generic_supplier_order_odt.modules.php b/htdocs/core/modules/supplier_order/doc/doc_generic_supplier_order_odt.modules.php index 9e9799f44c6..3a2775bef82 100644 --- a/htdocs/core/modules/supplier_order/doc/doc_generic_supplier_order_odt.modules.php +++ b/htdocs/core/modules/supplier_order/doc/doc_generic_supplier_order_odt.modules.php @@ -86,13 +86,13 @@ class doc_generic_supplier_order_odt extends ModelePDFSuppliersOrders $this->marge_haute = 0; $this->marge_basse = 0; - $this->option_logo = 1; // Affiche logo - $this->option_tva = 0; // Gere option tva COMMANDE_TVAOPTION - $this->option_modereg = 0; // Affiche mode reglement - $this->option_condreg = 0; // Affiche conditions reglement - $this->option_codeproduitservice = 0; // Affiche code produit-service - $this->option_multilang = 1; // Dispo en plusieurs langues - $this->option_escompte = 0; // Affiche si il y a eu escompte + $this->option_logo = 1; // Display logo + $this->option_tva = 0; // Manage the vat option COMMANDE_TVAOPTION + $this->option_modereg = 0; // Display payment mode + $this->option_condreg = 0; // Display payment terms + $this->option_codeproduitservice = 0; // Display product-service code + $this->option_multilang = 1; // Available in several languages + $this->option_escompte = 0; // Displays if there has been a discount $this->option_credit_note = 0; // Support credit notes $this->option_freetext = 1; // Support add of a personalised text $this->option_draft_watermark = 0; // Support add of a watermark on drafts @@ -159,7 +159,7 @@ class doc_generic_supplier_order_odt extends ModelePDFSuppliersOrders $texte .= $conf->global->SUPPLIER_ORDER_ADDON_PDF_ODT_PATH; $texte .= ''; $texte .= '
    '; - $texte .= ''; + $texte .= ''; $texte .= '
    '; // Scan directories @@ -280,8 +280,12 @@ class doc_generic_supplier_order_odt extends ModelePDFSuppliersOrders //print "file=".$file; //print "conf->societe->dir_temp=".$conf->societe->dir_temp; - dol_mkdir($conf->commande->dir_temp); - + dol_mkdir($conf->fournisseur->commande->dir_temp); + if (!is_writable($conf->fournisseur->commande->dir_temp)) { + $this->error = "Failed to write in temp directory ".$conf->fournisseur->commande->dir_temp; + dol_syslog('Error in write_file: '.$this->error, LOG_ERR); + return -1; + } // If CUSTOMER contact defined on order, we use it $usecontact = false; diff --git a/htdocs/core/modules/supplier_order/doc/pdf_cornas.modules.php b/htdocs/core/modules/supplier_order/doc/pdf_cornas.modules.php index 245897e1956..dc898c98cb5 100644 --- a/htdocs/core/modules/supplier_order/doc/pdf_cornas.modules.php +++ b/htdocs/core/modules/supplier_order/doc/pdf_cornas.modules.php @@ -148,13 +148,13 @@ class pdf_cornas extends ModelePDFSuppliersOrders $this->marge_haute = isset($conf->global->MAIN_PDF_MARGIN_TOP) ? $conf->global->MAIN_PDF_MARGIN_TOP : 10; $this->marge_basse = isset($conf->global->MAIN_PDF_MARGIN_BOTTOM) ? $conf->global->MAIN_PDF_MARGIN_BOTTOM : 10; - $this->option_logo = 1; // Affiche logo - $this->option_tva = 1; // Gere option tva FACTURE_TVAOPTION - $this->option_modereg = 1; // Affiche mode reglement - $this->option_condreg = 1; // Affiche conditions reglement - $this->option_codeproduitservice = 1; // Affiche code produit-service - $this->option_multilang = 1; // Dispo en plusieurs langues - $this->option_escompte = 0; // Affiche si il y a eu escompte + $this->option_logo = 1; // Display logo + $this->option_tva = 1; // Manage the vat option FACTURE_TVAOPTION + $this->option_modereg = 1; // Display payment mode + $this->option_condreg = 1; // Display payment terms + $this->option_codeproduitservice = 1; // Display product-service code + $this->option_multilang = 1; //Available in several languages + $this->option_escompte = 0; // Displays if there has been a discount $this->option_credit_note = 0; // Support credit notes $this->option_freetext = 1; // Support add of a personalised text $this->option_draft_watermark = 1; // Support add of a watermark on drafts diff --git a/htdocs/core/modules/supplier_order/mod_commande_fournisseur_orchidee.php b/htdocs/core/modules/supplier_order/mod_commande_fournisseur_orchidee.php index a609eeade08..c691b1448ef 100644 --- a/htdocs/core/modules/supplier_order/mod_commande_fournisseur_orchidee.php +++ b/htdocs/core/modules/supplier_order/mod_commande_fournisseur_orchidee.php @@ -85,7 +85,7 @@ class mod_commande_fournisseur_orchidee extends ModeleNumRefSuppliersOrders // Parametrage du prefix $texte .= ''.$langs->trans("Mask").':'; - $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; + $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; $texte .= '  '; diff --git a/htdocs/core/modules/supplier_payment/mod_supplier_payment_brodator.php b/htdocs/core/modules/supplier_payment/mod_supplier_payment_brodator.php index 8f3b7ad36df..19e632a6264 100644 --- a/htdocs/core/modules/supplier_payment/mod_supplier_payment_brodator.php +++ b/htdocs/core/modules/supplier_payment/mod_supplier_payment_brodator.php @@ -82,7 +82,7 @@ class mod_supplier_payment_brodator extends ModeleNumRefSupplierPayments // Parametrage du prefix $texte .= ''.$langs->trans("Mask").':'; - $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; + $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; $texte .= '  '; diff --git a/htdocs/core/modules/supplier_proposal/doc/doc_generic_supplier_proposal_odt.modules.php b/htdocs/core/modules/supplier_proposal/doc/doc_generic_supplier_proposal_odt.modules.php index 4b761f8099b..717818448ec 100644 --- a/htdocs/core/modules/supplier_proposal/doc/doc_generic_supplier_proposal_odt.modules.php +++ b/htdocs/core/modules/supplier_proposal/doc/doc_generic_supplier_proposal_odt.modules.php @@ -84,13 +84,13 @@ class doc_generic_supplier_proposal_odt extends ModelePDFSupplierProposal $this->marge_haute = 0; $this->marge_basse = 0; - $this->option_logo = 1; // Affiche logo - $this->option_tva = 0; // Gere option tva PROPALE_TVAOPTION - $this->option_modereg = 0; // Affiche mode reglement - $this->option_condreg = 0; // Affiche conditions reglement - $this->option_codeproduitservice = 0; // Affiche code produit-service - $this->option_multilang = 1; // Dispo en plusieurs langues - $this->option_escompte = 0; // Affiche si il y a eu escompte + $this->option_logo = 1; // Display logo + $this->option_tva = 0; // Manage the vat option PROPALE_TVAOPTION + $this->option_modereg = 0; // Display payment mode + $this->option_condreg = 0; // Display payment terms + $this->option_codeproduitservice = 0; // Display product-service code + $this->option_multilang = 1; // Available in several languages + $this->option_escompte = 0; // Displays if there has been a discount $this->option_credit_note = 0; // Support credit notes $this->option_freetext = 1; // Support add of a personalised text $this->option_draft_watermark = 0; // Support add of a watermark on drafts @@ -162,7 +162,7 @@ class doc_generic_supplier_proposal_odt extends ModelePDFSupplierProposal $texte .= $conf->global->SUPPLIER_PROPOSAL_ADDON_PDF_ODT_PATH; $texte .= ''; $texte .= '
    '; - $texte .= ''; + $texte .= ''; $texte .= '
    '; // Scan directories @@ -315,7 +315,11 @@ class doc_generic_supplier_proposal_odt extends ModelePDFSupplierProposal //print "conf->propal->dir_temp=".$conf->propal->dir_temp; dol_mkdir($conf->supplier_proposal->dir_temp); - + if (!is_writable($conf->supplier_proposal->dir_temp)) { + $this->error = "Failed to write in temp directory ".$conf->supplier_proposal->dir_temp; + dol_syslog('Error in write_file: '.$this->error, LOG_ERR); + return -1; + } // If BILLING contact defined on invoice, we use it $usecontact = false; diff --git a/htdocs/core/modules/supplier_proposal/doc/pdf_aurore.modules.php b/htdocs/core/modules/supplier_proposal/doc/pdf_aurore.modules.php index cbcec7cfdd9..5bd9b8cf339 100644 --- a/htdocs/core/modules/supplier_proposal/doc/pdf_aurore.modules.php +++ b/htdocs/core/modules/supplier_proposal/doc/pdf_aurore.modules.php @@ -145,13 +145,13 @@ class pdf_aurore extends ModelePDFSupplierProposal $this->marge_haute = isset($conf->global->MAIN_PDF_MARGIN_TOP) ? $conf->global->MAIN_PDF_MARGIN_TOP : 10; $this->marge_basse = isset($conf->global->MAIN_PDF_MARGIN_BOTTOM) ? $conf->global->MAIN_PDF_MARGIN_BOTTOM : 10; - $this->option_logo = 1; // Affiche logo - $this->option_tva = 1; // Gere option tva FACTURE_TVAOPTION - $this->option_modereg = 1; // Affiche mode reglement - $this->option_condreg = 1; // Affiche conditions reglement - $this->option_codeproduitservice = 1; // Affiche code produit-service - $this->option_multilang = 1; // Dispo en plusieurs langues - $this->option_escompte = 1; // Affiche si il y a eu escompte + $this->option_logo = 1; // Display logo + $this->option_tva = 1; // Manage the vat option FACTURE_TVAOPTION + $this->option_modereg = 1; // Display payment mode + $this->option_condreg = 1; // Display payment terms + $this->option_codeproduitservice = 1; // Display product-service code + $this->option_multilang = 1; // Available in several languages + $this->option_escompte = 1; // Displays if there has been a discount $this->option_credit_note = 1; // Support credit notes $this->option_freetext = 1; // Support add of a personalised text $this->option_draft_watermark = 1; //Support add of a watermark on drafts diff --git a/htdocs/core/modules/supplier_proposal/mod_supplier_proposal_saphir.php b/htdocs/core/modules/supplier_proposal/mod_supplier_proposal_saphir.php index adf53aed4e6..3b8754d9928 100644 --- a/htdocs/core/modules/supplier_proposal/mod_supplier_proposal_saphir.php +++ b/htdocs/core/modules/supplier_proposal/mod_supplier_proposal_saphir.php @@ -85,7 +85,7 @@ class mod_supplier_proposal_saphir extends ModeleNumRefSupplierProposal // Parametrage du prefix $texte .= ''.$langs->trans("Mask").':'; - $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; + $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; $texte .= '  '; diff --git a/htdocs/core/modules/takepos/mod_takepos_ref_universal.php b/htdocs/core/modules/takepos/mod_takepos_ref_universal.php index e6487db6ed1..d103dbe3b0b 100644 --- a/htdocs/core/modules/takepos/mod_takepos_ref_universal.php +++ b/htdocs/core/modules/takepos/mod_takepos_ref_universal.php @@ -79,7 +79,7 @@ class mod_takepos_ref_universal extends ModeleNumRefTakepos // Parametrage du prefix $texte .= ''.$langs->trans("Mask").':'; - $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; + $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; $texte .= '  '; diff --git a/htdocs/core/modules/ticket/doc/doc_generic_ticket_odt.modules.php b/htdocs/core/modules/ticket/doc/doc_generic_ticket_odt.modules.php index eb90baef7e5..2e6172d4181 100644 --- a/htdocs/core/modules/ticket/doc/doc_generic_ticket_odt.modules.php +++ b/htdocs/core/modules/ticket/doc/doc_generic_ticket_odt.modules.php @@ -81,13 +81,13 @@ class doc_generic_ticket_odt extends ModelePDFTicket $this->marge_haute = 0; $this->marge_basse = 0; - $this->option_logo = 1; // Affiche logo - $this->option_tva = 0; // Gere option tva USER_TVAOPTION - $this->option_multilang = 1; // Dispo en plusieurs langues + $this->option_logo = 1; // Display logo + $this->option_tva = 0; // Manage the vat option USER_TVAOPTION + $this->option_multilang = 1; // Available in several languages $this->option_freetext = 0; // Support add of a personalised text $this->option_draft_watermark = 0; // Support add of a watermark on drafts - // Recupere emetteur + // Get source company $this->emetteur = $mysoc; if (!$this->emetteur->country_code) { $this->emetteur->country_code = substr($langs->defaultlang, -2); // By default if not defined @@ -150,7 +150,7 @@ class doc_generic_ticket_odt extends ModelePDFTicket $texte .= $conf->global->TICKET_ADDON_PDF_ODT_PATH; $texte .= ''; $texte .= '
    '; - $texte .= ''; + $texte .= ''; $texte .= '
    '; // Scan directories @@ -167,7 +167,7 @@ class doc_generic_ticket_odt extends ModelePDFTicket // Add input to upload a new template file. $texte .= '
    '.$langs->trans("UploadNewTemplate").' '; $texte .= ''; - $texte .= ''; + $texte .= ''; $texte .= '
    '; $texte .= ''; @@ -222,7 +222,7 @@ class doc_generic_ticket_odt extends ModelePDFTicket // Load translation files required by the page $outputlangs->loadLangs(array("main", "companies", "bills", "dict")); - if ($conf->user->dir_output) { + if ($conf->ticket->dir_output) { // If $object is id instead of object if (!is_object($object)) { $id = $object; @@ -236,7 +236,7 @@ class doc_generic_ticket_odt extends ModelePDFTicket $object->fetch_thirdparty(); - $dir = $conf->user->dir_output; + $dir = $conf->ticket->dir_output; $objectref = dol_sanitizeFileName($object->ref); if (!preg_match('/specimen/i', $objectref)) { $dir .= "/".$objectref; @@ -274,10 +274,14 @@ class doc_generic_ticket_odt extends ModelePDFTicket //print "newdir=".$dir; //print "newfile=".$newfile; //print "file=".$file; - //print "conf->user->dir_temp=".$conf->user->dir_temp; - - dol_mkdir($conf->user->dir_temp); + //print "conf->ticket->dir_temp=".$conf->ticket->dir_temp; + dol_mkdir($conf->ticket->dir_temp); + if (!is_writable($conf->ticket->dir_temp)) { + $this->error = "Failed to write in temp directory ".$conf->ticket->dir_temp; + dol_syslog('Error in write_file: '.$this->error, LOG_ERR); + return -1; + } // If CUSTOMER contact defined on user, we use it $usecontact = false; @@ -306,7 +310,7 @@ class doc_generic_ticket_odt extends ModelePDFTicket $odfHandler = new odf( $srctemplatepath, array( - 'PATH_TO_TMP' => $conf->user->dir_temp, + 'PATH_TO_TMP' => $conf->ticket->dir_temp, 'ZIP_PROXY' => 'PclZipProxy', // PhpZipProxy or PclZipProxy. Got "bad compression method" error when using PhpZipProxy. 'DELIMITER_LEFT' => '{', 'DELIMITER_RIGHT' => '}' diff --git a/htdocs/core/modules/ticket/mod_ticket_universal.php b/htdocs/core/modules/ticket/mod_ticket_universal.php index 1a528359221..f60b1f16481 100644 --- a/htdocs/core/modules/ticket/mod_ticket_universal.php +++ b/htdocs/core/modules/ticket/mod_ticket_universal.php @@ -81,7 +81,7 @@ class mod_ticket_universal extends ModeleNumRefTicket // Parametrage du prefix $texte .= ''.$langs->trans("Mask").':'; - $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; + $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; $texte .= '  '; diff --git a/htdocs/core/modules/user/doc/doc_generic_user_odt.modules.php b/htdocs/core/modules/user/doc/doc_generic_user_odt.modules.php index fb24e2782c9..b0d98a525df 100644 --- a/htdocs/core/modules/user/doc/doc_generic_user_odt.modules.php +++ b/htdocs/core/modules/user/doc/doc_generic_user_odt.modules.php @@ -81,18 +81,18 @@ class doc_generic_user_odt extends ModelePDFUser $this->marge_haute = 0; $this->marge_basse = 0; - $this->option_logo = 1; // Affiche logo - $this->option_tva = 0; // Gere option tva USER_TVAOPTION - $this->option_modereg = 0; // Affiche mode reglement - $this->option_condreg = 0; // Affiche conditions reglement - $this->option_codeproduitservice = 0; // Affiche code produit-service - $this->option_multilang = 1; // Dispo en plusieurs langues - $this->option_escompte = 0; // Affiche si il y a eu escompte + $this->option_logo = 1; // Display logo + $this->option_tva = 0; // Manage the vat option USER_TVAOPTION + $this->option_modereg = 0; // Display payment mode + $this->option_condreg = 0; // Display payment terms + $this->option_codeproduitservice = 0; // Display product-service code + $this->option_multilang = 1; // Available in several languages + $this->option_escompte = 0; // Displays if there has been a discount $this->option_credit_note = 0; // Support credit notes $this->option_freetext = 1; // Support add of a personalised text $this->option_draft_watermark = 0; // Support add of a watermark on drafts - // Recupere emetteur + // Get source company $this->emetteur = $mysoc; if (!$this->emetteur->country_code) { $this->emetteur->country_code = substr($langs->defaultlang, -2); // By default if not defined @@ -159,7 +159,7 @@ class doc_generic_user_odt extends ModelePDFUser $texte .= $conf->global->USER_ADDON_PDF_ODT_PATH; $texte .= ''; $texte .= '
    '; - $texte .= ''; + $texte .= ''; $texte .= '
    '; // Scan directories @@ -199,7 +199,7 @@ class doc_generic_user_odt extends ModelePDFUser // Add input to upload a new template file. $texte .= '
    '.$langs->trans("UploadNewTemplate").' '; $texte .= ''; - $texte .= ''; + $texte .= ''; $texte .= '
    '; $texte .= ''; @@ -309,7 +309,11 @@ class doc_generic_user_odt extends ModelePDFUser //print "conf->user->dir_temp=".$conf->user->dir_temp; dol_mkdir($conf->user->dir_temp); - + if (!is_writable($conf->user->dir_temp)) { + $this->error = "Failed to write in temp directory ".$conf->user->dir_temp; + dol_syslog('Error in write_file: '.$this->error, LOG_ERR); + return -1; + } // If CUSTOMER contact defined on user, we use it $usecontact = false; diff --git a/htdocs/core/modules/usergroup/doc/doc_generic_usergroup_odt.modules.php b/htdocs/core/modules/usergroup/doc/doc_generic_usergroup_odt.modules.php index 45a9469753e..5a1bca6377d 100644 --- a/htdocs/core/modules/usergroup/doc/doc_generic_usergroup_odt.modules.php +++ b/htdocs/core/modules/usergroup/doc/doc_generic_usergroup_odt.modules.php @@ -84,18 +84,18 @@ class doc_generic_usergroup_odt extends ModelePDFUserGroup $this->marge_haute = 0; $this->marge_basse = 0; - $this->option_logo = 1; // Affiche logo - $this->option_tva = 0; // Gere option tva USERGROUP_TVAOPTION - $this->option_modereg = 0; // Affiche mode reglement - $this->option_condreg = 0; // Affiche conditions reglement - $this->option_codeproduitservice = 0; // Affiche code produit-service - $this->option_multilang = 1; // Dispo en plusieurs langues - $this->option_escompte = 0; // Affiche si il y a eu escompte + $this->option_logo = 1; // Display logo + $this->option_tva = 0; // Manage the vat option USERGROUP_TVAOPTION + $this->option_modereg = 0; // Display payment mode + $this->option_condreg = 0; // Display payment terms + $this->option_codeproduitservice = 0; // Display product-service code + $this->option_multilang = 1; // Available in several languages + $this->option_escompte = 0; // Displays if there has been a discount $this->option_credit_note = 0; // Support credit notes $this->option_freetext = 1; // Support add of a personalised text $this->option_draft_watermark = 0; // Support add of a watermark on drafts - // Recupere emetteur + // Get source company $this->emetteur = $mysoc; if (!$this->emetteur->country_code) { $this->emetteur->country_code = substr($langs->defaultlang, -2); // By default if not defined @@ -162,7 +162,7 @@ class doc_generic_usergroup_odt extends ModelePDFUserGroup $texte .= $conf->global->USERGROUP_ADDON_PDF_ODT_PATH; $texte .= ''; $texte .= '
    '; - $texte .= ''; + $texte .= ''; $texte .= '
    '; // Scan directories @@ -299,7 +299,11 @@ class doc_generic_usergroup_odt extends ModelePDFUserGroup //print "conf->user->dir_temp=".$conf->user->dir_temp; dol_mkdir($conf->user->dir_temp); - + if (!is_writable($conf->user->dir_temp)) { + $this->error = "Failed to write in temp directory ".$conf->user->dir_temp; + dol_syslog('Error in write_file: '.$this->error, LOG_ERR); + return -1; + } // If CUSTOMER contact defined on user, we use it $usecontact = false; diff --git a/htdocs/core/modules/workstation/mod_workstation_advanced.php b/htdocs/core/modules/workstation/mod_workstation_advanced.php index 4e23219581c..bf783542c75 100755 --- a/htdocs/core/modules/workstation/mod_workstation_advanced.php +++ b/htdocs/core/modules/workstation/mod_workstation_advanced.php @@ -80,7 +80,7 @@ class mod_workstation_advanced extends ModeleNumRefWorkstation // Parametrage du prefix $texte .= ''.$langs->trans("Mask").':'; - $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; + $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; $texte .= '  '; diff --git a/htdocs/core/tpl/admin_extrafields_add.tpl.php b/htdocs/core/tpl/admin_extrafields_add.tpl.php index ddcdfdf9e4b..d9c0f650395 100644 --- a/htdocs/core/tpl/admin_extrafields_add.tpl.php +++ b/htdocs/core/tpl/admin_extrafields_add.tpl.php @@ -138,7 +138,7 @@ $listofexamplesforlink = 'Societe:societe/class/societe.class.php
    Contact:con
    " method="post"> - + diff --git a/htdocs/core/tpl/ajax/fileupload_main.tpl.php b/htdocs/core/tpl/ajax/fileupload_main.tpl.php index a4563c7536a..8be24f7450f 100644 --- a/htdocs/core/tpl/ajax/fileupload_main.tpl.php +++ b/htdocs/core/tpl/ajax/fileupload_main.tpl.php @@ -63,8 +63,11 @@ $(function () { "trans('Ok'); ?>": function() { $( "#confirm-delete" ).dialog( "close" ); if (data.url) { - $.ajax(data) - .success(function (data) { + $.ajax({ + method: "POST", + data: { token: '' }, + url: data.url + }).success(function (data) { if (data) { that._adjustMaxNumberOfFiles(1); $(this).fadeOut(function () { diff --git a/htdocs/core/tpl/card_presend.tpl.php b/htdocs/core/tpl/card_presend.tpl.php index 731cc580ea1..c741fb213c2 100644 --- a/htdocs/core/tpl/card_presend.tpl.php +++ b/htdocs/core/tpl/card_presend.tpl.php @@ -194,7 +194,7 @@ if ($action == 'presend') { $formmail->withto = $liste; $formmail->withtofree = (GETPOSTISSET('sendto') ? (GETPOST('sendto', 'alphawithlgt') ? GETPOST('sendto', 'alphawithlgt') : '1') : '1'); $formmail->withtocc = $liste; - $formmail->withtoccc = $conf->global->MAIN_EMAIL_USECCC; + $formmail->withtoccc = getDolGlobalString('MAIN_EMAIL_USECCC'); $formmail->withtopic = $topicmail; $formmail->withfile = 2; $formmail->withbody = 1; diff --git a/htdocs/core/tpl/contacts.tpl.php b/htdocs/core/tpl/contacts.tpl.php index 511c03a931b..d0d4d25740c 100644 --- a/htdocs/core/tpl/contacts.tpl.php +++ b/htdocs/core/tpl/contacts.tpl.php @@ -2,6 +2,7 @@ /* Copyright (C) 2012 Regis Houssin * Copyright (C) 2013-2015 Laurent Destailleur * Copyright (C) 2015-2016 Charlie BENKE + * Copyright (C) 2021 Frédéric France * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -100,11 +101,11 @@ if ($permission) { if (empty($hideaddcontactforuser)) { ?> " /> + - '; } ?> @@ -130,23 +131,21 @@ if ($permission) { ?> " /> + - '; } ?>
    - socid; ?> - socid) ? 0 : $object->socid); // add company icon before select list if ($selectedCompany) { echo img_object('', 'company', 'class="hideonsmartphone"'); } - ?> - selectCompaniesForNewContact($object, 'id', $selectedCompany, 'newcompany', '', 0, '', 'minwidth300imp'); ?> + $selectedCompany = $formcompany->selectCompaniesForNewContact($object, 'id', $selectedCompany, 'newcompany', '', 0, '', 'minwidth300imp'); ?>
    diff --git a/htdocs/core/tpl/document_actions_post_headers.tpl.php b/htdocs/core/tpl/document_actions_post_headers.tpl.php index 4a43da6d6cc..4ec69efbac8 100644 --- a/htdocs/core/tpl/document_actions_post_headers.tpl.php +++ b/htdocs/core/tpl/document_actions_post_headers.tpl.php @@ -47,6 +47,9 @@ if (!isset($permission)) { if (!isset($permtoedit)) { $permtoedit = $permissiontoadd; } +if (!isset($param)) { + $param = ''; +} // Drag and drop for up and down allowed on product, thirdparty, ... // The drag and drop call the page core/ajax/row.php @@ -112,7 +115,7 @@ if (!isset($savingdocmask) || !empty($conf->global->MAIN_DISABLE_SUGGEST_REF_AS_ } } -if (!is_object($formfile)) { +if (empty($formfile) || !is_object($formfile)) { $formfile = new FormFile($db); } diff --git a/htdocs/core/tpl/extrafields_list_array_fields.tpl.php b/htdocs/core/tpl/extrafields_list_array_fields.tpl.php index ebab4e8608a..f7c9fc201f4 100644 --- a/htdocs/core/tpl/extrafields_list_array_fields.tpl.php +++ b/htdocs/core/tpl/extrafields_list_array_fields.tpl.php @@ -23,6 +23,7 @@ if (!empty($extrafieldsobjectkey)) { // $extrafieldsobject is the $object->table if (!empty($extrafields->attributes[$extrafieldsobjectkey]['list'][$key])) { $arrayfields[$extrafieldsobjectprefix.$key] = array( 'label' => $extrafields->attributes[$extrafieldsobjectkey]['label'][$key], + 'type' => $extrafields->attributes[$extrafieldsobjectkey]['type'][$key], 'checked' => (($extrafields->attributes[$extrafieldsobjectkey]['list'][$key] < 0) ? 0 : 1), 'position' => $extrafields->attributes[$extrafieldsobjectkey]['pos'][$key], 'enabled' => (abs((int) $extrafields->attributes[$extrafieldsobjectkey]['list'][$key]) != 3 && $extrafields->attributes[$extrafieldsobjectkey]['perms'][$key]), diff --git a/htdocs/core/tpl/extrafields_list_print_fields.tpl.php b/htdocs/core/tpl/extrafields_list_print_fields.tpl.php index 021ff42a9d3..7d547d52dea 100644 --- a/htdocs/core/tpl/extrafields_list_print_fields.tpl.php +++ b/htdocs/core/tpl/extrafields_list_print_fields.tpl.php @@ -11,7 +11,7 @@ if (empty($extrafieldsobjectkey) && is_object($object)) { } // Loop to show all columns of extrafields from $obj, $extrafields and $db -if (!empty($extrafieldsobjectkey)) { // $extrafieldsobject is the $object->table_element like 'societe', 'socpeople', ... +if (!empty($extrafieldsobjectkey) && !empty($extrafields->attributes[$extrafieldsobjectkey])) { // $extrafieldsobject is the $object->table_element like 'societe', 'socpeople', ... if (key_exists('label', $extrafields->attributes[$extrafieldsobjectkey]) && is_array($extrafields->attributes[$extrafieldsobjectkey]['label']) && count($extrafields->attributes[$extrafieldsobjectkey]['label'])) { if (empty($extrafieldsobjectprefix)) { $extrafieldsobjectprefix = 'ef.'; @@ -66,6 +66,12 @@ if (!empty($extrafieldsobjectkey)) { // $extrafieldsobject is the $object->table if (!$i) { $totalarray['pos'][$totalarray['nbfield']] = $extrafieldsobjectprefix.$tmpkey; } + if (!isset($totalarray['val'])) { + $totalarray['val'] = array(); + } + if (!isset($totalarray['val'][$extrafieldsobjectprefix.$tmpkey])) { + $totalarray['val'][$extrafieldsobjectprefix.$tmpkey] = 0; + } $totalarray['val'][$extrafieldsobjectprefix.$tmpkey] += $obj->$tmpkey; } } diff --git a/htdocs/core/tpl/filemanager.tpl.php b/htdocs/core/tpl/filemanager.tpl.php index d8bbe0c7cc0..57a95c48ece 100644 --- a/htdocs/core/tpl/filemanager.tpl.php +++ b/htdocs/core/tpl/filemanager.tpl.php @@ -16,6 +16,7 @@ * * Output code for the filemanager * $module must be defined ('ecm', 'medias', ...) + * $formalreadyopen can be set to 1 to avoid to open the to submit files a second time */ // Protection to avoid direct call of template @@ -128,7 +129,7 @@ $nameforformuserfile = 'formuserfileecm'; print '
    '; -// To attach new file +// For to attach a new file if ((!empty($conf->use_javascript_ajax) && empty($conf->global->MAIN_ECM_DISABLE_JS)) || !empty($section)) { if ((empty($section) || $section == -1) && ($module != 'medias')) { ?> @@ -141,10 +142,11 @@ if ((!empty($conf->use_javascript_ajax) && empty($conf->global->MAIN_ECM_DISABLE } $sectiondir = GETPOST('file', 'alpha') ?GETPOST('file', 'alpha') : GETPOST('section_dir', 'alpha'); + print ''."\n"; include_once DOL_DOCUMENT_ROOT.'/core/class/html.formfile.class.php'; $formfile = new FormFile($db); - $formfile->form_attach_new_file($_SERVER["PHP_SELF"], 'none', 0, ($section ? $section : -1), $permtoupload, 48, null, '', 0, '', 0, $nameforformuserfile, '', $sectiondir); + print $formfile->form_attach_new_file($_SERVER["PHP_SELF"], 'none', 0, ($section ? $section : -1), $permtoupload, 48, null, '', 0, '', 0, $nameforformuserfile, '', $sectiondir, empty($formalreadyopen) ? 0 : $formalreadyopen, 0, 0, 1); } else { print ' '; } diff --git a/htdocs/core/tpl/passwordforgotten.tpl.php b/htdocs/core/tpl/passwordforgotten.tpl.php index 6e890f06e80..9e0a222725b 100644 --- a/htdocs/core/tpl/passwordforgotten.tpl.php +++ b/htdocs/core/tpl/passwordforgotten.tpl.php @@ -91,7 +91,7 @@ $(document).ready(function () {