Merge branch 'develop' of git@github.com:Dolibarr/dolibarr.git into develop
This commit is contained in:
Laurent Destailleur
commit
2f28240ce4
@ -187,7 +187,7 @@ $tabsql[9] = "SELECT c.code_iso as code, c.label, c.unicode, c.active FROM ".MAI
|
||||
$tabsql[10]= "SELECT t.rowid, t.code, t.taux, t.localtax1_type, t.localtax1, t.localtax2_type, t.localtax2, c.label as country, c.code as country_code, t.fk_pays as country_id, t.recuperableonly, t.note, t.active, t.accountancy_code_sell, t.accountancy_code_buy FROM ".MAIN_DB_PREFIX."c_tva as t, ".MAIN_DB_PREFIX."c_country as c WHERE t.fk_pays=c.rowid";
|
||||
$tabsql[11]= "SELECT t.rowid as rowid, t.element, t.source, t.code, t.libelle, t.position, t.active FROM ".MAIN_DB_PREFIX."c_type_contact AS t";
|
||||
$tabsql[12]= "SELECT c.rowid as rowid, c.code, c.libelle, c.libelle_facture, c.nbjour, c.type_cdr, c.decalage, c.active, c.sortorder, c.entity FROM ".MAIN_DB_PREFIX."c_payment_term AS c WHERE c.entity = " . getEntity($tabname[12]);
|
||||
$tabsql[13]= "SELECT c.id as rowid, c.code, c.libelle, c.type, c.active, c.accountancy_code, c.entity FROM ".MAIN_DB_PREFIX."c_paiement AS c WHERE c.entity = " . getEntity($tabname[13]);
|
||||
$tabsql[13]= "SELECT c.id as rowid, c.code, c.libelle, c.type, c.active, c.entity FROM ".MAIN_DB_PREFIX."c_paiement AS c WHERE c.entity = " . getEntity($tabname[13]);
|
||||
$tabsql[14]= "SELECT e.rowid as rowid, e.code as code, e.libelle, e.price, e.organization, e.fk_pays as country_id, c.code as country_code, c.label as country, e.active FROM ".MAIN_DB_PREFIX."c_ecotaxe AS e, ".MAIN_DB_PREFIX."c_country as c WHERE e.fk_pays=c.rowid and c.active=1";
|
||||
$tabsql[15]= "SELECT rowid as rowid, code, label as libelle, width, height, unit, active FROM ".MAIN_DB_PREFIX."c_paper_format";
|
||||
$tabsql[16]= "SELECT code, label as libelle, sortorder, active FROM ".MAIN_DB_PREFIX."c_prospectlevel";
|
||||
@ -265,7 +265,7 @@ $tabfield[9] = "code,label,unicode";
|
||||
$tabfield[10]= "country_id,country,code,taux,localtax1_type,localtax1,localtax2_type,localtax2,recuperableonly,accountancy_code_sell,accountancy_code_buy,note";
|
||||
$tabfield[11]= "element,source,code,libelle,position";
|
||||
$tabfield[12]= "code,libelle,libelle_facture,nbjour,type_cdr,decalage,sortorder,entity";
|
||||
$tabfield[13]= "code,libelle,type,accountancy_code,entity";
|
||||
$tabfield[13]= "code,libelle,type,entity";
|
||||
$tabfield[14]= "code,libelle,price,organization,country_id,country";
|
||||
$tabfield[15]= "code,libelle,width,height,unit";
|
||||
$tabfield[16]= "code,libelle,sortorder";
|
||||
@ -304,7 +304,7 @@ $tabfieldvalue[9] = "code,label,unicode";
|
||||
$tabfieldvalue[10]= "country,code,taux,localtax1_type,localtax1,localtax2_type,localtax2,recuperableonly,accountancy_code_sell,accountancy_code_buy,note";
|
||||
$tabfieldvalue[11]= "element,source,code,libelle,position";
|
||||
$tabfieldvalue[12]= "code,libelle,libelle_facture,nbjour,type_cdr,decalage,sortorder";
|
||||
$tabfieldvalue[13]= "code,libelle,type,accountancy_code";
|
||||
$tabfieldvalue[13]= "code,libelle,type";
|
||||
$tabfieldvalue[14]= "code,libelle,price,organization,country";
|
||||
$tabfieldvalue[15]= "code,libelle,width,height,unit";
|
||||
$tabfieldvalue[16]= "code,libelle,sortorder";
|
||||
@ -343,7 +343,7 @@ $tabfieldinsert[9] = "code_iso,label,unicode";
|
||||
$tabfieldinsert[10]= "fk_pays,code,taux,localtax1_type,localtax1,localtax2_type,localtax2,recuperableonly,accountancy_code_sell,accountancy_code_buy,note";
|
||||
$tabfieldinsert[11]= "element,source,code,libelle,position";
|
||||
$tabfieldinsert[12]= "code,libelle,libelle_facture,nbjour,type_cdr,decalage,sortorder,entity";
|
||||
$tabfieldinsert[13]= "code,libelle,type,accountancy_code,entity";
|
||||
$tabfieldinsert[13]= "code,libelle,type,entity";
|
||||
$tabfieldinsert[14]= "code,libelle,price,organization,fk_pays";
|
||||
$tabfieldinsert[15]= "code,label,width,height,unit";
|
||||
$tabfieldinsert[16]= "code,label,sortorder";
|
||||
|
||||
@ -359,7 +359,8 @@ print '</td>';
|
||||
|
||||
// User
|
||||
print '<td class="liste_titre">';
|
||||
print $form->select_dolusers($search_fk_user, 'search_fk_user', 1);
|
||||
print $form->select_dolusers($search_fk_user, 'search_fk_user', 1, null, 0, '', '', 0, 0, 0, '', 0, '', 'maxwidth300');
|
||||
|
||||
print '</td>';
|
||||
|
||||
// Actions code
|
||||
|
||||
@ -353,7 +353,7 @@ if ($type == Categorie::TYPE_PRODUCT)
|
||||
|
||||
print "<br>";
|
||||
print "<table class='noborder' width='100%'>\n";
|
||||
print '<tr class="liste_titre"><td colspan="3">'.$langs->trans("ProductsAndServices")."</td></tr>\n";
|
||||
print '<tr class="liste_titre"><td colspan="3">'.$langs->trans("ProductsAndServices")." (".count($prods).")</td></tr>\n";
|
||||
|
||||
if (count($prods) > 0)
|
||||
{
|
||||
@ -402,7 +402,7 @@ if ($type == Categorie::TYPE_SUPPLIER)
|
||||
{
|
||||
print "<br>";
|
||||
print '<table class="noborder" width="100%">'."\n";
|
||||
print '<tr class="liste_titre"><td colspan="2">'.$langs->trans("Suppliers")."</td></tr>\n";
|
||||
print '<tr class="liste_titre"><td colspan="2">'.$langs->trans("Suppliers")." (".count($socs).")</td></tr>\n";
|
||||
|
||||
if (count($socs) > 0)
|
||||
{
|
||||
@ -451,7 +451,7 @@ if($type == Categorie::TYPE_CUSTOMER)
|
||||
{
|
||||
print "<br>";
|
||||
print '<table class="noborder" width="100%">'."\n";
|
||||
print '<tr class="liste_titre"><td colspan="2">'.$langs->trans("Customers")."</td></tr>\n";
|
||||
print '<tr class="liste_titre"><td colspan="2">'.$langs->trans("Customers")." (".count($socs).")</td></tr>\n";
|
||||
|
||||
if (count($socs) > 0)
|
||||
{
|
||||
@ -507,7 +507,7 @@ if ($type == Categorie::TYPE_MEMBER)
|
||||
{
|
||||
print "<br>";
|
||||
print "<table class='noborder' width='100%'>\n";
|
||||
print '<tr class="liste_titre"><td colspan="4">'.$langs->trans("Member")."</td></tr>\n";
|
||||
print '<tr class="liste_titre"><td colspan="4">'.$langs->trans("Member")." (".count($prods).")</td></tr>\n";
|
||||
|
||||
if (count($prods) > 0)
|
||||
{
|
||||
@ -558,7 +558,7 @@ if ($type == Categorie::TYPE_CONTACT)
|
||||
{
|
||||
print "<br>";
|
||||
print '<table class="noborder" width="100%">'."\n";
|
||||
print '<tr class="liste_titre"><td colspan="2">'.$langs->trans("Contact")."</td></tr>\n";
|
||||
print '<tr class="liste_titre"><td colspan="2">'.$langs->trans("Contact")." (".count($contacts).")</td></tr>\n";
|
||||
|
||||
if (count($contacts) > 0)
|
||||
{
|
||||
@ -613,7 +613,7 @@ if ($type == Categorie::TYPE_ACCOUNT)
|
||||
{
|
||||
print "<br>";
|
||||
print "<table class='noborder' width='100%'>\n";
|
||||
print '<tr class="liste_titre"><td colspan="4">'.$langs->trans("Account")."</td></tr>\n";
|
||||
print '<tr class="liste_titre"><td colspan="4">'.$langs->trans("Account")." (".count($accounts).")</td></tr>\n";
|
||||
|
||||
if (count($accounts) > 0)
|
||||
{
|
||||
@ -666,7 +666,7 @@ if ($type == Categorie::TYPE_PROJECT)
|
||||
{
|
||||
print "<br>";
|
||||
print "<table class='noborder' width='100%'>\n";
|
||||
print '<tr class="liste_titre"><td colspan="4">'.$langs->trans("Project")."</td></tr>\n";
|
||||
print '<tr class="liste_titre"><td colspan="4">'.$langs->trans("Project")." (".count($projects).")</td></tr>\n";
|
||||
|
||||
if (count($projects) > 0)
|
||||
{
|
||||
|
||||
@ -2188,7 +2188,7 @@ function dol_print_skype($skype,$cid=0,$socid=0,$addlink=0,$max=64)
|
||||
*/
|
||||
function dol_print_phone($phone,$countrycode='',$cid=0,$socid=0,$addlink='',$separ=" ",$withpicto='',$titlealt='',$adddivfloat=0)
|
||||
{
|
||||
global $conf,$user,$langs,$mysoc;
|
||||
global $conf, $user, $langs, $mysoc, $hookmanager;
|
||||
|
||||
// Clean phone parameter
|
||||
$phone = preg_replace("/[\s.-]/","",trim($phone));
|
||||
@ -2278,23 +2278,33 @@ function dol_print_phone($phone,$countrycode='',$cid=0,$socid=0,$addlink='',$sep
|
||||
$titlealt=($withpicto=='fax'?$langs->trans("Fax"):$langs->trans("Phone"));
|
||||
}
|
||||
$rep='';
|
||||
$picto = '';
|
||||
if($withpicto){
|
||||
if($withpicto=='fax'){
|
||||
$picto = 'phoning_fax';
|
||||
}elseif($withpicto=='phone'){
|
||||
$picto = 'phoning';
|
||||
}elseif($withpicto=='mobile'){
|
||||
$picto = 'phoning_mobile';
|
||||
}else{
|
||||
$picto = '';
|
||||
|
||||
if ($hookmanager) {
|
||||
$parameters = array('countrycode' => $countrycode, 'cid' => $cid, 'socid' => $socid,'titlealt' => $titlealt, 'picto' => $withpicto);
|
||||
$reshook = $hookmanager->executeHooks('printPhone', $parameters, $phone);
|
||||
$rep.=$hookmanager->resPrint;
|
||||
}
|
||||
if (empty($reshook))
|
||||
{
|
||||
$picto = '';
|
||||
if($withpicto){
|
||||
if($withpicto=='fax'){
|
||||
$picto = 'phoning_fax';
|
||||
}elseif($withpicto=='phone'){
|
||||
$picto = 'phoning';
|
||||
}elseif($withpicto=='mobile'){
|
||||
$picto = 'phoning_mobile';
|
||||
}else{
|
||||
$picto = '';
|
||||
}
|
||||
}
|
||||
}
|
||||
if ($adddivfloat) $rep.='<div class="nospan float" style="margin-right: 10px">';
|
||||
else $rep.='<span style="margin-right: 10px;">';
|
||||
$rep.=($withpicto?img_picto($titlealt, 'object_'.$picto.'.png').' ':'').$newphone;
|
||||
if ($adddivfloat) $rep.='</div>';
|
||||
else $rep.='</span>';
|
||||
if ($adddivfloat) $rep.='<div class="nospan float" style="margin-right: 10px">';
|
||||
else $rep.='<span style="margin-right: 10px;">';
|
||||
$rep.=($withpicto?img_picto($titlealt, 'object_'.$picto.'.png').' ':'').$newphone;
|
||||
if ($adddivfloat) $rep.='</div>';
|
||||
else $rep.='</span>';
|
||||
}
|
||||
|
||||
return $rep;
|
||||
}
|
||||
|
||||
@ -3357,18 +3367,19 @@ function img_searchclear($titlealt = 'default', $other = '')
|
||||
* @param integer $infoonimgalt Info is shown only on alt of star picto, otherwise it is show on output after the star picto
|
||||
* @param int $nodiv No div
|
||||
* @param string $admin '1'=Info for admin users. '0'=Info for standard users (change only the look), 'xxx'=Other
|
||||
* @param string $morecss More CSS
|
||||
* @return string String with info text
|
||||
*/
|
||||
function info_admin($text, $infoonimgalt = 0, $nodiv=0, $admin='1')
|
||||
function info_admin($text, $infoonimgalt = 0, $nodiv=0, $admin='1', $morecss='')
|
||||
{
|
||||
global $conf, $langs;
|
||||
|
||||
if ($infoonimgalt)
|
||||
{
|
||||
return img_picto($text, 'info', 'class="hideonsmartphone"');
|
||||
return img_picto($text, 'info', 'class="hideonsmartphone'.($morecss?' '.$morecss:'').'"');
|
||||
}
|
||||
|
||||
return ($nodiv?'':'<div class="'.(empty($admin)?'':($admin=='1'?'info':$admin)).' hideonsmartphone">').'<span class="fa fa-info-circle" title="'.dol_escape_htmltag($admin?$langs->trans('InfoAdmin'):$langs->trans('Note')).'"></span> '.$text.($nodiv?'':'</div>');
|
||||
return ($nodiv?'':'<div class="'.(empty($admin)?'':($admin=='1'?'info':$admin)).' hideonsmartphone'.($morecss?' '.$morecss:'').'">').'<span class="fa fa-info-circle" title="'.dol_escape_htmltag($admin?$langs->trans('InfoAdmin'):$langs->trans('Note')).'"></span> '.$text.($nodiv?'':'</div>');
|
||||
}
|
||||
|
||||
|
||||
|
||||
@ -82,6 +82,10 @@ function dol_hash($chain, $type='0')
|
||||
{
|
||||
global $conf;
|
||||
|
||||
// No need to add salt for password_hash
|
||||
if ($type == '0' && ! empty($conf->global->MAIN_SECURITY_HASH_ALGO) && $conf->global->MAIN_SECURITY_HASH_ALGO == 'password_hash' && function_exists('password_hash'))
|
||||
return password_hash($chain, PASSWORD_DEFAULT);
|
||||
|
||||
// Salt value
|
||||
if (! empty($conf->global->MAIN_SECURITY_SALT)) $chain=$conf->global->MAIN_SECURITY_SALT.$chain;
|
||||
|
||||
@ -97,6 +101,32 @@ function dol_hash($chain, $type='0')
|
||||
return md5($chain);
|
||||
}
|
||||
|
||||
/**
|
||||
* Compute a hash and compare it to the given one
|
||||
* For backward compatibility reasons, if the hash is not in the password_hash format, we will try to match against md5 and sha1md5
|
||||
* If constant MAIN_SECURITY_HASH_ALGO is defined, we use this function as hashing function.
|
||||
* If constant MAIN_SECURITY_SALT is defined, we use it as a salt.
|
||||
*
|
||||
* @param string $chain String to hash
|
||||
* @param string $hash hash to compare
|
||||
* @param string $type Type of hash ('0':auto, '1':sha1, '2':sha1+md5, '3':md5, '4':md5 for OpenLdap, '5':sha256). Use '3' here, if hash is not needed for security purpose, for security need, prefer '0'.
|
||||
* @return bool True if the computed hash is the same as the given one
|
||||
*/
|
||||
function dol_verifyHash($chain, $hash, $type='0')
|
||||
{
|
||||
global $conf;
|
||||
|
||||
if ($type == '0' && ! empty($conf->global->MAIN_SECURITY_HASH_ALGO) && $conf->global->MAIN_SECURITY_HASH_ALGO == 'password_hash' && function_exists('password_verify')) {
|
||||
if ($hash[0] == '$') return password_verify($chain, $hash);
|
||||
else if(strlen($hash) == 32) return dol_verifyHash($chain, $hash, '3'); // md5
|
||||
else if(strlen($hash) == 40) return dol_verifyHash($chain, $hash, '2'); // sha1md5
|
||||
|
||||
return false;
|
||||
}
|
||||
|
||||
return dol_hash($chain, $type) == $hash;
|
||||
}
|
||||
|
||||
|
||||
/**
|
||||
* Check permissions of a user to show a page and an object. Check read permission.
|
||||
@ -607,4 +637,3 @@ function accessforbidden($message='',$printheader=1,$printfooter=1,$showonlymess
|
||||
if ($printfooter && function_exists("llxFooter")) llxFooter();
|
||||
exit(0);
|
||||
}
|
||||
|
||||
|
||||
@ -84,7 +84,7 @@ function check_user_password_dolibarr($usertotest,$passwordtotest,$entitytotest=
|
||||
// Check crypted password according to crypt algorithm
|
||||
if ($cryptType == 'md5')
|
||||
{
|
||||
if (dol_hash($passtyped) == $passcrypted)
|
||||
if (dol_verifyHash($passtyped, $passcrypted))
|
||||
{
|
||||
$passok=true;
|
||||
dol_syslog("functions_dolibarr::check_user_password_dolibarr Authentification ok - ".$cryptType." of pass is ok");
|
||||
@ -152,5 +152,3 @@ function check_user_password_dolibarr($usertotest,$passwordtotest,$entitytotest=
|
||||
|
||||
return $login;
|
||||
}
|
||||
|
||||
|
||||
|
||||
@ -656,7 +656,7 @@ if ($user->admin && empty($conf->global->MAIN_REMOVE_INSTALL_WARNING))
|
||||
{
|
||||
$langs->load("errors");
|
||||
//if (! empty($message)) $message.='<br>';
|
||||
$message.=info_admin($langs->trans("WarningLockFileDoesNotExists",DOL_DATA_ROOT).' '.$langs->trans("WarningUntilDirRemoved",DOL_DOCUMENT_ROOT."/install"));
|
||||
$message.=info_admin($langs->trans("WarningLockFileDoesNotExists",DOL_DATA_ROOT).' '.$langs->trans("WarningUntilDirRemoved", DOL_DOCUMENT_ROOT."/install"), 0, 0, '1', 'clearboth');
|
||||
}
|
||||
|
||||
// Conf files must be in read only mode
|
||||
@ -665,7 +665,7 @@ if ($user->admin && empty($conf->global->MAIN_REMOVE_INSTALL_WARNING))
|
||||
$langs->load("errors");
|
||||
//$langs->load("other");
|
||||
//if (! empty($message)) $message.='<br>';
|
||||
$message.=info_admin($langs->transnoentities("WarningConfFileMustBeReadOnly").' '.$langs->trans("WarningUntilDirRemoved",DOL_DOCUMENT_ROOT."/install"));
|
||||
$message.=info_admin($langs->transnoentities("WarningConfFileMustBeReadOnly").' '.$langs->trans("WarningUntilDirRemoved", DOL_DOCUMENT_ROOT."/install"), 0, 0, '1', 'clearboth');
|
||||
}
|
||||
|
||||
if ($message)
|
||||
|
||||
26
htdocs/install/mysql/migration/7.0.0-8.0.0.sql
Normal file
26
htdocs/install/mysql/migration/7.0.0-8.0.0.sql
Normal file
@ -0,0 +1,26 @@
|
||||
--
|
||||
-- Be carefull to requests order.
|
||||
-- This file must be loaded by calling /install/index.php page
|
||||
-- when current version is 7.0.0 or higher.
|
||||
--
|
||||
-- To rename a table: ALTER TABLE llx_table RENAME TO llx_table_new;
|
||||
-- To add a column: ALTER TABLE llx_table ADD COLUMN newcol varchar(60) NOT NULL DEFAULT '0' AFTER existingcol;
|
||||
-- To rename a column: ALTER TABLE llx_table CHANGE COLUMN oldname newname varchar(60);
|
||||
-- To drop a column: ALTER TABLE llx_table DROP COLUMN oldname;
|
||||
-- To change type of field: ALTER TABLE llx_table MODIFY COLUMN name varchar(60);
|
||||
-- To drop a foreign key: ALTER TABLE llx_table DROP FOREIGN KEY fk_name;
|
||||
-- To drop an index: -- VMYSQL4.0 DROP INDEX nomindex on llx_table
|
||||
-- To drop an index: -- VPGSQL8.0 DROP INDEX nomindex
|
||||
-- To restrict request to Mysql version x.y minimum use -- VMYSQLx.y
|
||||
-- To restrict request to Pgsql version x.y minimum use -- VPGSQLx.y
|
||||
-- To make pk to be auto increment (mysql): -- VMYSQL4.3 ALTER TABLE llx_c_shipment_mode CHANGE COLUMN rowid rowid INTEGER NOT NULL AUTO_INCREMENT;
|
||||
-- To make pk to be auto increment (postgres): -- VPGSQL8.2 NOT POSSIBLE. MUST DELETE/CREATE TABLE
|
||||
-- To set a field as NULL: -- VMYSQL4.3 ALTER TABLE llx_table MODIFY COLUMN name varchar(60) NULL;
|
||||
-- To set a field as NULL: -- VPGSQL8.2 ALTER TABLE llx_table ALTER COLUMN name DROP NOT NULL;
|
||||
-- To set a field as NOT NULL: -- VMYSQL4.3 ALTER TABLE llx_table MODIFY COLUMN name varchar(60) NOT NULL;
|
||||
-- To set a field as NOT NULL: -- VPGSQL8.2 ALTER TABLE llx_table ALTER COLUMN name SET NOT NULL;
|
||||
-- To set a field as default NULL: -- VPGSQL8.2 ALTER TABLE llx_table ALTER COLUMN name SET DEFAULT NULL;
|
||||
-- Note: fields with type BLOB/TEXT can't have default value.
|
||||
|
||||
-- For 8.0
|
||||
ALTER TABLE llx_societe ADD COLUMN fk_entrepot int DEFAULT 0;
|
||||
@ -181,7 +181,10 @@ if ($action == "set" || empty($action) || preg_match('/upgrade/i',$action))
|
||||
// Define default setup for password encryption
|
||||
dolibarr_set_const($db, "DATABASE_PWD_ENCRYPTED", "1", 'chaine', 0, '', $conf->entity);
|
||||
dolibarr_set_const($db, "MAIN_SECURITY_SALT", dol_print_date(dol_now(), 'dayhourlog'), 'chaine', 0, '', 0); // All entities
|
||||
dolibarr_set_const($db, "MAIN_SECURITY_HASH_ALGO", 'sha1md5', 'chaine', 0, '', 0); // All entities
|
||||
if (function_exists('password_hash'))
|
||||
dolibarr_set_const($db, "MAIN_SECURITY_HASH_ALGO", 'password_hash', 'chaine', 0, '', 0); // All entities
|
||||
else
|
||||
dolibarr_set_const($db, "MAIN_SECURITY_HASH_ALGO", 'sha1md5', 'chaine', 0, '', 0); // All entities
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@ -78,7 +78,7 @@ if ($action == 'validatenewpassword' && $username && $passwordhash)
|
||||
}
|
||||
else
|
||||
{
|
||||
if (dol_hash($edituser->pass_temp) == $passwordhash)
|
||||
if (dol_verifyHash($edituser->pass_temp, $passwordhash))
|
||||
{
|
||||
$newpassword=$edituser->setPassword($user,$edituser->pass_temp,0);
|
||||
dol_syslog("passwordforgotten.php new password for user->id=".$edituser->id." validated in database");
|
||||
@ -218,4 +218,3 @@ $reshook = $hookmanager->executeHooks('getPasswordForgottenPageExtraOptions',$pa
|
||||
$moreloginextracontent = $hookmanager->resPrint;
|
||||
|
||||
include $template_dir.'passwordforgotten.tpl.php'; // To use native PHP
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user