lainwir3d/dolibarr
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'Dolibarr/13.0' into 13

Browse Source
This commit is contained in:
Francis Appels 2021-02-23 21:30:07 +01:00
commit 335bdb7671
10 changed files with 76 additions and 26 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
htdocs/accountancy/bookkeeping/list.php
View File

@ -110,7 +110,7 @@ $form = new Form($db);
if (!in_array($action, array('export_file', 'delmouv', 'delmouvconfirm')) && !GETPOSTISSET('begin') && !GETPOSTISSET('formfilteraction') && GETPOST('page', 'int') == '' && !GETPOST('noreset', 'int') && $user->rights->accounting->mouvements->export)
{
if (empty($search_date_start) && empty($search_date_end) && !GETPOSTISSET('restore_lastsearch_values'))
if (empty($search_date_start) && empty($search_date_end) && !GETPOSTISSET('restore_lastsearch_values') && !GETPOST('search_accountancy_code_start'))
{
$query = "SELECT date_start, date_end from ".MAIN_DB_PREFIX."accounting_fiscalyear ";
$query .= " where date_start < '".$db->idate(dol_now())."' and date_end > '".$db->idate(dol_now())."' limit 1";

2
htdocs/compta/facture/card.php
View File

@ -3596,7 +3596,7 @@ if ($action == 'create')
if (is_array($objectsrc->linkedObjects['facture']) && count($objectsrc->linkedObjects['facture']) >= 1)
{
setEventMessages('WarningBillExist', null, 'warnings');
echo ' ('.$langs->trans('LatestRelatedBill').end($objectsrc->linkedObjects['facture'])->getNomUrl(1).')';
echo ' ('.$langs->trans('LatestRelatedBill').' '.end($objectsrc->linkedObjects['facture'])->getNomUrl(1).')';
}
echo '</td></tr>';
print '<tr><td>'.$langs->trans('AmountHT').'</td><td colspan="2">'.price($objectsrc->total_ht).'</td></tr>';

2
htdocs/contact/card.php
View File

@ -831,7 +831,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action))
print '<tr><td>'.$langs->trans("ContactByDefaultFor").'</td>';
print '<td colspan="3">';
$contactType = $object->listeTypeContacts('external', '', 1);
print $form->multiselectarray('roles', $contactType);
print $form->multiselectarray('roles', $contactType, array(), 0, 0, 'minwidth500');
print '</td></tr>';
}

41
htdocs/core/actions_massactions.inc.php
View File

@ -3,7 +3,7 @@
* Copyright (C) 2018 Nicolas ZABOURI <info@inovea-conseil.com>
* Copyright (C) 2018 Juanjo Menent <jmenent@2byte.es>
* Copyright (C) 2019 Ferran Marcet <fmarcet@2byte.es>
* Copyright (C) 2019 Frédéric France <frederic.france@netlogic.fr>
* Copyright (C) 2019-2021 Frédéric France <frederic.france@netlogic.fr>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -1111,18 +1111,47 @@ if (!$error && $massaction == 'validate' && $permissiontoadd)
if ($result > 0)
{
$result = $objecttmp->validate($user);
if ($result == 0)
{
if ($result == 0) {
$langs->load("errors");
setEventMessages($langs->trans("ErrorObjectMustHaveStatusDraftToBeValidated", $objecttmp->ref), null, 'errors');
$error++;
break;
} elseif ($result < 0)
{
} elseif ($result < 0) {
setEventMessages($objecttmp->error, $objecttmp->errors, 'errors');
$error++;
break;
} else $nbok++;
} else {
// validate() rename pdf but do not regenerate
// Define output language
if (empty($conf->global->MAIN_DISABLE_PDF_AUTOUPDATE)) {
$outputlangs = $langs;
$newlang = '';
if ($conf->global->MAIN_MULTILANGS && empty($newlang) && GETPOST('lang_id', 'aZ09')) {
$newlang = GETPOST('lang_id', 'aZ09');
}
if ($conf->global->MAIN_MULTILANGS && empty($newlang)) {
$newlang = $objecttmp->thirdparty->default_lang;
}
if (!empty($newlang)) {
$outputlangs = new Translate("", $conf);
$outputlangs->setDefaultLang($newlang);
$outputlangs->load('products');
}
$model = $objecttmp->model_pdf;
$ret = $objecttmp->fetch($objecttmp->id); // Reload to get new records
// To be sure vars is defined
$hidedetails = !empty($hidedetails) ? $hidedetails : 0;
$hidedesc = !empty($hidedesc) ? $hidedesc : 0;
$hideref = !empty($hideref) ? $hideref : 0;
$moreparams = !empty($moreparams) ? $moreparams : null;
$result = $objecttmp->generateDocument($model, $outputlangs, $hidedetails, $hidedesc, $hideref);
if ($result < 0) {
setEventMessages($objecttmp->error, $objecttmp->errors, 'errors');
}
}
$nbok++;
}
} else {
setEventMessages($objecttmp->error, $objecttmp->errors, 'errors');
$error++;

12
htdocs/core/class/commonobject.class.php
View File

@ -1399,6 +1399,8 @@ abstract class CommonObject
if ($resql) {
$num = $this->db->num_rows($resql);
if ($num > 0) {
$langs->loadLangs(array("propal", "orders", "bills", "suppliers", "contracts", "supplier_proposal"));
while ($obj = $this->db->fetch_object($resql)) {
$modulename = $obj->element;
if (strpos($obj->element, 'project') !== false) {
@ -1414,11 +1416,15 @@ abstract class CommonObject
}
if ($conf->{$modulename}->enabled) {
$libelle_element = $langs->trans('ContactDefault_'.$obj->element);
$transkey = "TypeContact_".$obj->element."_".$source."_".$obj->code;
$tmpelement = $obj->element;
$transkey = "TypeContact_".$tmpelement."_".$source."_".$obj->code;
$libelle_type = ($langs->trans($transkey) != $transkey ? $langs->trans($transkey) : $obj->libelle);
if (empty($option))
if (empty($option)) {
$tab[$obj->rowid] = $libelle_element.' - '.$libelle_type;
else $tab[$obj->rowid] = $libelle_element.' - '.$libelle_type;
}
else {
$tab[$obj->rowid] = $libelle_element.' - '.$libelle_type;
}
}
}
}

25
htdocs/core/js/lib_head.js.php
View File

@ -520,9 +520,9 @@ function hideMessage(fieldId,message) {
* Used by button to set on/off.
* Call url then make complementary action (like show/hide, enable/disable or set another option).
*
* @param string url Url
* @param string url Url (warning: as any url called in ajax mode, the url called here must not renew the token)
* @param string code Code
* @param string intput Input
* @param string intput Array of complementary actions to do if success
* @param int entity Entity
* @param int strict Strict
* @param int forcereload Force reload
@ -536,7 +536,7 @@ function setConstant(url, code, input, entity, strict, forcereload, userid, toke
entity: entity,
token: token
},
function() {
function() { /* handler for success of post */
console.log("url request success forcereload="+forcereload);
$("#set_" + code).hide();
$("#del_" + code).show();
@ -574,11 +574,12 @@ function setConstant(url, code, input, entity, strict, forcereload, userid, toke
$.each(data, function(key, value) {
$("#set_" + key).hide();
$("#del_" + key).show();
$.get( url, {
$.post( url, {
action: "set",
name: key,
value: value,
entity: entity
entity: entity,
token: token
});
});
}
@ -593,9 +594,9 @@ function setConstant(url, code, input, entity, strict, forcereload, userid, toke
* Used by button to set on/off
* Call url then make complementary action (like show/hide, enable/disable or set another option).
*
* @param string url Url
* @param string url Url (warning: as any url called in ajax mode, the url called here must not renew the token)
* @param string code Code
* @param string intput Input
* @param string intput Array of complementary actions to do if success
* @param int entity Entity
* @param int strict Strict
* @param int forcereload Force reload
@ -644,10 +645,11 @@ function delConstant(url, code, input, entity, strict, forcereload, userid, toke
$.each(data, function(key, value) {
$("#del_" + value).hide();
$("#set_" + value).show();
$.get( url, {
$.post( url, {
action: "del",
name: value,
entity: entity
entity: entity,
token: token
});
});
}
@ -659,12 +661,13 @@ function delConstant(url, code, input, entity, strict, forcereload, userid, toke
}
/*
* Used by button to set on/off
* Call the setConstant or delConstant but with a confirmation before.
* Used by button to set on/off.
*
* @param string action Action
* @param string url Url
* @param string code Code
* @param string intput Input
* @param string intput Array of complementary actions to do if success
* @param string box Box
* @param int entity Entity
* @param int yesButton yesButton

6
htdocs/core/lib/ajax.lib.php
View File

@ -491,13 +491,13 @@ function ajax_combobox($htmlname, $events = array(), $minLengthToAutocomplete =
* On/off button for constant
*
* @param string $code Name of constant
* @param array $input Array of options. ("disabled"|"enabled'|'set'|'del') => CSS element to switch, 'alert' => message to show, ... Example: array('disabled'=>array(0=>'cssid'))
* @param int $entity Entity to set. Use current entity if null.
* @param array $input Array of complementary actions to do if success ("disabled"|"enabled'|'set'|'del') => CSS element to switch, 'alert' => message to show, ... Example: array('disabled'=>array(0=>'cssid'))
* @param int $entity Entity. Current entity is used if null.
* @param int $revertonoff Revert on/off
* @param int $strict Use only "disabled" with delConstant and "enabled" with setConstant
* @param int $forcereload Force to reload page if we click/change value (this is supported only when there is no 'alert' option in input)
* @param string $marginleftonlyshort 1 = Add a short left margin on picto, 2 = Add a larger left margin on picto, 0 = No left margin. Works for fontawesome picto only.
* @param int $forcenoajax 1=Force to use a ahref link instead of ajax code.
* @param int $forcenoajax 1 = Force to use a ahref link instead of ajax code.
* @return string
*/
function ajax_constantonoff($code, $input = array(), $entity = null, $revertonoff = 0, $strict = 0, $forcereload = 0, $marginleftonlyshort = 2, $forcenoajax = 0)

4
htdocs/core/lib/functions.lib.php
View File

@ -5833,6 +5833,8 @@ function dol_string_onlythesehtmltags($stringtoclean, $cleanalsosomestyles = 1,
$allowed_tags_string = join("><", $allowed_tags);
$allowed_tags_string = '<'.$allowed_tags_string.'>';
$stringtoclean = str_replace('<!DOCTYPE html>', '__!DOCTYPE_HTML__', $stringtoclean); // Replace DOCTYPE to avoid to have it removed by the strip_tags
$stringtoclean = dol_string_nounprintableascii($stringtoclean, 0);
$stringtoclean = preg_replace('/&colon;/i', ':', $stringtoclean);
@ -5855,6 +5857,8 @@ function dol_string_onlythesehtmltags($stringtoclean, $cleanalsosomestyles = 1,
$temp = preg_replace('/javascript\s*:/i', '', $temp);
}
$temp = str_replace('__!DOCTYPE_HTML__', '<!DOCTYPE html>', $temp); // Restore the DOCTYPE
return $temp;
}

3
htdocs/langs/en_US/supplier_proposal.lang
View File

@ -53,3 +53,6 @@ SupplierProposalsToClose=Vendor proposals to close
SupplierProposalsToProcess=Vendor proposals to process
LastSupplierProposals=Latest %s price requests
AllPriceRequests=All requests
TypeContact_supplier_proposal_external_SHIPPING=Vendor contact for delivery
TypeContact_supplier_proposal_external_BILLING=Vendor contact for billing
TypeContact_supplier_proposal_external_SERVICE=Representative following-up proposal

5
test/phpunit/SecurityTest.php
View File

@ -300,6 +300,7 @@ class SecurityTest extends PHPUnit\Framework\TestCase
$_POST["param9"]='is_object($object) ? ($object->id < 10 ? round($object->id / 2, 2) : (2 * $user->id) * (int) substr($mysoc->zip, 1, 2)) : \'objnotdefined\'';
$_POST["param10"]='is_object($object) ? ($object->id < 10 ? round($object->id / 2, 2) : (2 * $user->id) * (int) substr($mysoc->zip, 1, 2)) : \'<abc>objnotdefined\'';
$_POST["param11"]=' Name <email@email.com> ';
$_POST["param12"]='<!DOCTYPE html><html>aaa</html>';
$result=GETPOST('id', 'int'); // Must return nothing
print __METHOD__." result=".$result."\n";
@ -397,6 +398,10 @@ class SecurityTest extends PHPUnit\Framework\TestCase
print __METHOD__." result=".$result."\n";
$this->assertEquals(trim($_POST["param11"]), $result, 'Test an email string with alphawithlgt');
$result=GETPOST("param12", 'restricthtml');
print __METHOD__." result=".$result."\n";
$this->assertEquals(trim($_POST["param12"]), $result, 'Test a string with DOCTYPE and restricthtml');
return $result;
}