From 7c2bed2846d33f522f5b9a5e366feda58f11bf96 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jean=20Traull=C3=A9?= Date: Fri, 6 Mar 2020 16:22:41 +0000 Subject: [PATCH 01/14] Fix #13296 --- htdocs/core/class/html.form.class.php | 3 ++- htdocs/expedition/card.php | 2 +- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/htdocs/core/class/html.form.class.php b/htdocs/core/class/html.form.class.php index 83fd976f627..c422bb91528 100644 --- a/htdocs/core/class/html.form.class.php +++ b/htdocs/core/class/html.form.class.php @@ -202,7 +202,7 @@ class Form $ret .= ''; if (empty($notabletag)) $ret .= ''; if (empty($notabletag)) $ret .= ''; // Incoterms From f7dda657b1c6eb5d5fb28afb113d4b7bfe6cc999 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jean=20Traull=C3=A9?= <613615+jtraulle@users.noreply.github.com> Date: Fri, 6 Mar 2020 17:46:45 +0100 Subject: [PATCH 02/14] Fix Call to a member function getMessage() on null Because we are not in the exception block, $e is necessarily undefined. Thus replacing $e->getMessage(); by value of $paymentintent->status. --- htdocs/public/payment/newpayment.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/htdocs/public/payment/newpayment.php b/htdocs/public/payment/newpayment.php index 9a9c3fff27d..9f9aab20665 100644 --- a/htdocs/public/payment/newpayment.php +++ b/htdocs/public/payment/newpayment.php @@ -665,9 +665,9 @@ if ($action == 'charge' && !empty($conf->stripe->enabled)) if ($paymentintent->status != 'succeeded') { $error++; - $errormessage = "StatusOfRetreivedIntent is not succeeded: ".$e->getMessage(); + $errormessage = "StatusOfRetreivedIntent is not succeeded: ".$paymentintent->status; dol_syslog($errormessage, LOG_WARNING, 0, '_stripe'); - setEventMessages($e->getMessage(), null, 'errors'); + setEventMessages($paymentintent->status, null, 'errors'); $action = ''; } else From 1fb6d1d43d99d36d1b0804a2de358bd97c4b6a63 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Sun, 8 Mar 2020 20:49:50 +0100 Subject: [PATCH 03/14] FIX menu export document was not visible when using "simple accounting" --- htdocs/core/menus/standard/eldy.lib.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/core/menus/standard/eldy.lib.php b/htdocs/core/menus/standard/eldy.lib.php index 298b19c7147..eafbdaf5ddd 100644 --- a/htdocs/core/menus/standard/eldy.lib.php +++ b/htdocs/core/menus/standard/eldy.lib.php @@ -1372,7 +1372,7 @@ function print_left_eldy_menu($db, $menu_array_before, $menu_array_after, &$tabM if (!empty($conf->comptabilite->enabled)) { // Files - if ((!empty($conf->global->MAIN_FEATURES_LEVEL) && $conf->global->MAIN_FEATURES_LEVEL >= 1) || !empty($conf->global->ACCOUNTANCY_SHOW_EXPORT_FILES_MENU)) + if (empty($conf->global->ACCOUNTANCY_HIDE_EXPORT_FILES_MENU)) { $newmenu->add("/compta/accounting-files.php?mainmenu=accountancy&leftmenu=accountancy_files", $langs->trans("AccountantFiles"), 0, $user->rights->compta->resultat->lire, '', $mainmenu, 'files'); } From ca4c62be56851bda4aa2716f5e4c1fba09c6c324 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 9 Mar 2020 13:56:25 +0100 Subject: [PATCH 04/14] Fix var init --- htdocs/core/class/dolgraph.class.php | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/htdocs/core/class/dolgraph.class.php b/htdocs/core/class/dolgraph.class.php index e2f9c501bc1..6511512d2ad 100644 --- a/htdocs/core/class/dolgraph.class.php +++ b/htdocs/core/class/dolgraph.class.php @@ -1207,19 +1207,20 @@ class DolGraph $oldstacknum = -1; while ($i < $nblot) // Loop on each serie { + $usecolorvariantforgroupby=0; // We used a 'group by' and we have too many colors so we generated color variants per if (is_array($arrayofgroupslegend[$i]) && count($arrayofgroupslegend[$i]) > 0) { // If we used a group by. $nbofcolorneeds = count($arrayofgroupslegend); $nbofcolorsavailable = count($theme_datacolor); if ($nbofcolorneeds > $nbofcolorsavailable) { - $usecolorvariantforgroypby = 1; + $usecolorvariantforgroupby = 1; } $textoflegend = $arrayofgroupslegend[$i]['legendwithgroup']; } else { $textoflegend = $this->Legend[$i]; } - if ($usecolorvariantforgroypby) { + if ($usecolorvariantforgroupby) { $newcolor = $this->datacolor[$arrayofgroupslegend[$i]['stacknum']]; // If we change the stack if ($oldstacknum == -1 || $arrayofgroupslegend[$i]['stacknum'] != $oldstacknum) { From 82f0d8a3bc8dfdcacc7cf47f9ec458ee04486367 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 9 Mar 2020 17:38:47 +0100 Subject: [PATCH 05/14] Fix bad params --- htdocs/comm/propal/class/api_proposals.class.php | 6 +++--- htdocs/commande/class/api_orders.class.php | 6 +++--- htdocs/compta/facture/class/api_invoices.class.php | 6 +++--- 3 files changed, 9 insertions(+), 9 deletions(-) diff --git a/htdocs/comm/propal/class/api_proposals.class.php b/htdocs/comm/propal/class/api_proposals.class.php index 1530f9ada69..9326082b193 100644 --- a/htdocs/comm/propal/class/api_proposals.class.php +++ b/htdocs/comm/propal/class/api_proposals.class.php @@ -65,7 +65,7 @@ class Proposals extends DolibarrApi */ public function get($id, $contact_list = 1) { - return $this->_fetch($id, '', '', '', $contact_list); + return $this->_fetch($id, '', '', $contact_list); } /** @@ -83,7 +83,7 @@ class Proposals extends DolibarrApi */ public function getByRef($ref, $contact_list = 1) { - return $this->_fetch('', $ref, '', '', $contact_list); + return $this->_fetch('', $ref, '', $contact_list); } /** @@ -101,7 +101,7 @@ class Proposals extends DolibarrApi */ public function getByRefExt($ref_ext, $contact_list = 1) { - return $this->_fetch('', '', $ref_ext, '', $contact_list); + return $this->_fetch('', '', $ref_ext, $contact_list); } /** diff --git a/htdocs/commande/class/api_orders.class.php b/htdocs/commande/class/api_orders.class.php index b63086cb51c..03cdf990071 100644 --- a/htdocs/commande/class/api_orders.class.php +++ b/htdocs/commande/class/api_orders.class.php @@ -64,7 +64,7 @@ class Orders extends DolibarrApi */ public function get($id, $contact_list = 1) { - return $this->_fetch($id, '', '', '', $contact_list); + return $this->_fetch($id, '', '', $contact_list); } /** @@ -82,7 +82,7 @@ class Orders extends DolibarrApi */ public function getByRef($ref, $contact_list = 1) { - return $this->_fetch('', $ref, '', '', $contact_list); + return $this->_fetch('', $ref, '', $contact_list); } /** @@ -100,7 +100,7 @@ class Orders extends DolibarrApi */ public function getByRefExt($ref_ext, $contact_list = 1) { - return $this->_fetch('', '', $ref_ext, '', $contact_list); + return $this->_fetch('', '', $ref_ext, $contact_list); } /** diff --git a/htdocs/compta/facture/class/api_invoices.class.php b/htdocs/compta/facture/class/api_invoices.class.php index 2c6d4c92662..969d351d1bb 100644 --- a/htdocs/compta/facture/class/api_invoices.class.php +++ b/htdocs/compta/facture/class/api_invoices.class.php @@ -64,7 +64,7 @@ class Invoices extends DolibarrApi */ public function get($id, $contact_list = 1) { - return $this->_fetch($id, '', '', '', $contact_list); + return $this->_fetch($id, '', '', $contact_list); } /** @@ -82,7 +82,7 @@ class Invoices extends DolibarrApi */ public function getByRef($ref, $contact_list = 1) { - return $this->_fetch('', $ref, '', '', $contact_list); + return $this->_fetch('', $ref, '', $contact_list); } /** @@ -100,7 +100,7 @@ class Invoices extends DolibarrApi */ public function getByRefExt($ref_ext, $contact_list = 1) { - return $this->_fetch('', '', $ref_ext, '', $contact_list); + return $this->_fetch('', '', $ref_ext, $contact_list); } /** From e536ee87b8acf651ffe3f39a42e0dfe3a7c4acb5 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 9 Mar 2020 18:54:34 +0100 Subject: [PATCH 06/14] FIX link when using anchor on "/" --- htdocs/core/lib/website.lib.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/core/lib/website.lib.php b/htdocs/core/lib/website.lib.php index fe559374506..a0a1da26b3c 100644 --- a/htdocs/core/lib/website.lib.php +++ b/htdocs/core/lib/website.lib.php @@ -163,7 +163,7 @@ function dolWebsiteReplacementOfLinks($website, $content, $removephppart = 0, $c $content = str_replace('href="'.DOL_URL_ROOT.'/document.php', 'href="!~!~!~'.DOL_URL_ROOT.'/document.php', $content); // Replace relative link '/' with dolibarr URL - $content = preg_replace('/(href=")\/\"/', '\1!~!~!~'.DOL_URL_ROOT.'/website/index.php?website='.$website->ref.'&pageid='.$website->fk_default_home.'"', $content, -1, $nbrep); + $content = preg_replace('/(href=")\/(#[^\"<>]*)?\"/', '\1!~!~!~'.DOL_URL_ROOT.'/website/index.php?website='.$website->ref.'&pageid='.$website->fk_default_home.'\2"', $content, -1, $nbrep); // Replace relative link /xxx.php#aaa or /xxx.php with dolibarr URL (we discard param ?...) $content = preg_replace('/(href=")\/?([^:\"\!]*)\.php(#[^\"<>]*)?\"/', '\1!~!~!~'.DOL_URL_ROOT.'/website/index.php?website='.$website->ref.'&pageref=\2\3"', $content, -1, $nbrep); // Replace relative link /xxx.php?a=b&c=d#aaa or /xxx.php?a=b&c=d with dolibarr URL From 86f6736a18ada5f269e7066ef7fb6b2cdb74a3e8 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 9 Mar 2020 18:55:47 +0100 Subject: [PATCH 07/14] Fix phpcs --- htdocs/core/class/dolgraph.class.php | 1 - htdocs/core/class/html.formother.class.php | 6 ++++-- 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/htdocs/core/class/dolgraph.class.php b/htdocs/core/class/dolgraph.class.php index 6511512d2ad..d9521505216 100644 --- a/htdocs/core/class/dolgraph.class.php +++ b/htdocs/core/class/dolgraph.class.php @@ -1246,7 +1246,6 @@ class DolGraph $color = 'rgb('.$newcolor[0].', '.$newcolor[1].', '.$newcolor[2].', 0.9)'; $bordercolor = 'rgb('.$newcolor[0].', '.$newcolor[1].', '.$newcolor[2].')'; - } else { // We do not use a 'group by' $color = 'rgb('.$this->datacolor[$i][0].', '.$this->datacolor[$i][1].', '.$this->datacolor[$i][2].', 0.9)'; $bordercolor = $color; diff --git a/htdocs/core/class/html.formother.class.php b/htdocs/core/class/html.formother.class.php index 958a5b296d7..829a3f9c72f 100644 --- a/htdocs/core/class/html.formother.class.php +++ b/htdocs/core/class/html.formother.class.php @@ -1348,7 +1348,8 @@ class FormOther * @param array $arrayofgroupby Array of groupby to fill * @return string HTML string component */ - public function selectGroupByField($object, $search_groupby, &$arrayofgroupby) { + public function selectGroupByField($object, $search_groupby, &$arrayofgroupby) + { global $langs, $extrafields, $form; $YYYY=substr($langs->trans("Year"), 0, 1).substr($langs->trans("Year"), 0, 1).substr($langs->trans("Year"), 0, 1).substr($langs->trans("Year"), 0, 1); @@ -1404,7 +1405,8 @@ class FormOther * @param array $arrayofxaxis Array of groupby to fill * @return string HTML string component */ - public function selectXAxisField($object, $search_xaxis, &$arrayofxaxis) { + public function selectXAxisField($object, $search_xaxis, &$arrayofxaxis) + { global $langs, $extrafields, $form; $YYYY=substr($langs->trans("Year"), 0, 1).substr($langs->trans("Year"), 0, 1).substr($langs->trans("Year"), 0, 1).substr($langs->trans("Year"), 0, 1); From 99b1c773a7095f97e005b5ae730a281f1f09c983 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 9 Mar 2020 18:54:34 +0100 Subject: [PATCH 08/14] FIX link when using anchor on "/" --- htdocs/core/lib/website.lib.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/core/lib/website.lib.php b/htdocs/core/lib/website.lib.php index f97c6efed1c..fef0265e24c 100644 --- a/htdocs/core/lib/website.lib.php +++ b/htdocs/core/lib/website.lib.php @@ -163,7 +163,7 @@ function dolWebsiteReplacementOfLinks($website, $content, $removephppart = 0, $c $content = str_replace('href="'.DOL_URL_ROOT.'/document.php', 'href="!~!~!~'.DOL_URL_ROOT.'/document.php', $content); // Replace relative link '/' with dolibarr URL - $content = preg_replace('/(href=")\/\"/', '\1!~!~!~'.DOL_URL_ROOT.'/website/index.php?website='.$website->ref.'&pageid='.$website->fk_default_home.'"', $content, -1, $nbrep); + $content = preg_replace('/(href=")\/(#[^\"<>]*)?\"/', '\1!~!~!~'.DOL_URL_ROOT.'/website/index.php?website='.$website->ref.'&pageid='.$website->fk_default_home.'\2"', $content, -1, $nbrep); // Replace relative link /xxx.php#aaa or /xxx.php with dolibarr URL (we discard param ?...) $content = preg_replace('/(href=")\/?([^:\"\!]*)\.php(#[^\"<>]*)?\"/', '\1!~!~!~'.DOL_URL_ROOT.'/website/index.php?website='.$website->ref.'&pageref=\2\3"', $content, -1, $nbrep); // Replace relative link /xxx.php?a=b&c=d#aaa or /xxx.php?a=b&c=d with dolibarr URL From a937fc8ef1d6bd27d4ea9c37ddb304cba11c39ef Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 9 Mar 2020 19:49:14 +0100 Subject: [PATCH 09/14] Fix home page after first page creation --- htdocs/website/index.php | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/htdocs/website/index.php b/htdocs/website/index.php index 46fce8d7e74..03587b97d32 100644 --- a/htdocs/website/index.php +++ b/htdocs/website/index.php @@ -849,6 +849,13 @@ if ($action == 'addcontainer') { $error++; setEventMessages($object->error, $object->errors, 'errors'); + } else { + $filetpl = $pathofwebsite.'/page'.$pageid.'.tpl.php'; + + // Generate the index.php page to be the home page + $result = dolSaveIndexPage($pathofwebsite, $fileindex, $filetpl, $filewrapper); + + if ($result <= 0) setEventMessages('Failed to write file '.$fileindex, null, 'errors'); } } } @@ -1327,8 +1334,9 @@ if ($action == 'setashome') { $db->commit(); + $filetpl = $pathofwebsite.'/page'.$pageid.'.tpl.php'; + // Generate the index.php page to be the home page - //------------------------------------------------- $result = dolSaveIndexPage($pathofwebsite, $fileindex, $filetpl, $filewrapper); if ($result) setEventMessages($langs->trans("Saved"), null, 'mesgs'); From b81c02de04135be6513bb892a820a6d7005aa965 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 9 Mar 2020 19:49:14 +0100 Subject: [PATCH 10/14] Fix home page after first page creation --- htdocs/website/index.php | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/htdocs/website/index.php b/htdocs/website/index.php index 85b50b3d13b..ac255693b0d 100644 --- a/htdocs/website/index.php +++ b/htdocs/website/index.php @@ -841,6 +841,13 @@ if ($action == 'addcontainer') { $error++; setEventMessages($object->error, $object->errors, 'errors'); + } else { + $filetpl = $pathofwebsite.'/page'.$pageid.'.tpl.php'; + + // Generate the index.php page to be the home page + $result = dolSaveIndexPage($pathofwebsite, $fileindex, $filetpl, $filewrapper); + + if ($result <= 0) setEventMessages('Failed to write file '.$fileindex, null, 'errors'); } } } @@ -1312,8 +1319,9 @@ if ($action == 'setashome') { $db->commit(); + $filetpl = $pathofwebsite.'/page'.$pageid.'.tpl.php'; + // Generate the index.php page to be the home page - //------------------------------------------------- $result = dolSaveIndexPage($pathofwebsite, $fileindex, $filetpl, $filewrapper); if ($result) setEventMessages($langs->trans("Saved"), null, 'mesgs'); From e66313d47e37656d5a1bd5d0483b738b245563ae Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 9 Mar 2020 20:06:47 +0100 Subject: [PATCH 11/14] FIX use bad var to check if total is positive for each VAT rate when validating invoice. --- htdocs/compta/facture/card.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/compta/facture/card.php b/htdocs/compta/facture/card.php index 3363548095f..611d7d791ec 100644 --- a/htdocs/compta/facture/card.php +++ b/htdocs/compta/facture/card.php @@ -306,7 +306,7 @@ if (empty($reshook)) if (empty($array_of_total_ht_per_vat_rate[$line->tva_tx.'_'.$line->vat_src_code])) $array_of_total_ht_per_vat_rate[$line->tva_tx.'_'.$line->vat_src_code] = 0; if (empty($array_of_total_ht_devise_per_vat_rate[$line->tva_tx.'_'.$line->vat_src_code])) $array_of_total_ht_devise_per_vat_rate[$line->tva_tx.'_'.$line->vat_src_code] = 0; $array_of_total_ht_per_vat_rate[$line->tva_tx.'_'.$line->vat_src_code] += $line->total_ht; - $array_of_total_ht_devise_per_vat_rate[$line->tva_tx.'_'.$line->vat_src_code] += $line->multicurrency_subprice; + $array_of_total_ht_devise_per_vat_rate[$line->tva_tx.'_'.$line->vat_src_code] += $line->multicurrency_total_ht; } //var_dump($array_of_total_ht_per_vat_rate);exit; From b1bb7de2fb2aa4a736cf24a3d3cf1b89bbe1c907 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 9 Mar 2020 20:19:28 +0100 Subject: [PATCH 12/14] FIX CSRF error when creating an intervention --- htdocs/fichinter/card.php | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/htdocs/fichinter/card.php b/htdocs/fichinter/card.php index 5e360739ea4..faf7943107f 100644 --- a/htdocs/fichinter/card.php +++ b/htdocs/fichinter/card.php @@ -1061,9 +1061,11 @@ if ($action == 'create') } else { + print '
'; + print ''; + dol_fiche_head(''); - print ''; if (is_object($objectsrc)) { print ''; From cc1a02f0ea1f72011f86168541127cf20b4122e6 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 9 Mar 2020 22:52:30 +0100 Subject: [PATCH 13/14] Support of null values in graph --- htdocs/core/class/dolgraph.class.php | 15 +++++++++++---- 1 file changed, 11 insertions(+), 4 deletions(-) diff --git a/htdocs/core/class/dolgraph.class.php b/htdocs/core/class/dolgraph.class.php index d9521505216..3f3f905166e 100644 --- a/htdocs/core/class/dolgraph.class.php +++ b/htdocs/core/class/dolgraph.class.php @@ -965,9 +965,13 @@ class DolGraph $legends = array(); $nblot = 0; - if (is_array($this->data) && is_array($this->data[0])) { - $nblot = count($this->data[0]) - 1; // -1 to remove legend + if (is_array($this->data)) { + foreach ($this->data as $valarray) // Loop on each x + { + $nblot = max($nblot, count($valarray) - 1); // -1 to remove legend + } } + //var_dump($nblot); if ($nblot < 0) dol_syslog('Bad value for property ->data. Must be set by mydolgraph->SetData before calling mydolgrapgh->draw', LOG_WARNING); $firstlot = 0; // Works with line but not with bars @@ -1000,17 +1004,20 @@ class DolGraph ); } else { $tmpvalue = (array_key_exists('y_'.$i, $valarray) ? $valarray['y_'.$i] : $valarray[$i + 1]); + //var_dump($i.'_'.$x.'_'.$tmpvalue); $values[$x] = (is_numeric($tmpvalue) ? $tmpvalue : null); } $x++; } - + //var_dump($values); $j = 0; foreach ($values as $x => $y) { if (isset($y)) { $serie[$i] .= ($j > 0 ? ", " : "").$y; - $j++; + } else { + $serie[$i] .= ($j > 0 ? ", " : "").'null'; } + $j++; } $values = null; // Free mem From 935aa4e71ea90f989ac78700c32934016b594ea8 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 9 Mar 2020 23:12:56 +0100 Subject: [PATCH 14/14] Fix export ebsite tool --- htdocs/website/class/website.class.php | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/htdocs/website/class/website.class.php b/htdocs/website/class/website.class.php index 1856b92ff8e..275df563c53 100644 --- a/htdocs/website/class/website.class.php +++ b/htdocs/website/class/website.class.php @@ -1002,7 +1002,7 @@ class Website extends CommonObject fputs($fp, $line); // Warning: We must keep llx_ here. It is a generic SQL. - $line = 'INSERT INTO llx_website_page(rowid, fk_page, fk_website, pageurl, aliasalt, title, description, lang, otherlang, image, keywords, status, date_creation, tms, import_key, grabbed_from, type_container, htmlheader, content)'; + $line = 'INSERT INTO llx_website_page(rowid, fk_page, fk_website, pageurl, aliasalt, title, description, lang, image, keywords, status, date_creation, tms, import_key, grabbed_from, type_container, htmlheader, content)'; $line .= " VALUES("; $line .= $objectpageold->newid."__+MAX_llx_website_page__, "; @@ -1013,7 +1013,6 @@ class Website extends CommonObject $line .= "'".$this->db->escape($objectpageold->title)."', "; $line .= "'".$this->db->escape($objectpageold->description)."', "; $line .= "'".$this->db->escape($objectpageold->lang)."', "; - $line .= "'".$this->db->escape($objectpageold->otherlang)."', "; $line .= "'".$this->db->escape($objectpageold->image)."', "; $line .= "'".$this->db->escape($objectpageold->keywords)."', "; $line .= "'".$this->db->escape($objectpageold->status)."', ";
'; - if (preg_match('/^(string|email)/', $typeofdata)) + if (preg_match('/^(string|safehtmlstring|email)/', $typeofdata)) { $tmp = explode(':', $typeofdata); $ret .= ''; @@ -276,6 +276,7 @@ class Form if (preg_match('/^(email)/', $typeofdata)) $ret .= dol_print_email($value, 0, 0, 0, 0, 1); elseif (preg_match('/^(amount|numeric)/', $typeofdata)) $ret .= ($value != '' ? price($value, '', $langs, 0, -1, -1, $conf->currency) : ''); elseif (preg_match('/^text/', $typeofdata) || preg_match('/^note/', $typeofdata)) $ret .= dol_htmlentitiesbr($value); + elseif (preg_match('/^safehtmlstring/', $typeofdata)) $ret .= dol_string_onlythesehtmltags($value); elseif ($typeofdata == 'day' || $typeofdata == 'datepicker') $ret .= dol_print_date($value, 'day'); elseif ($typeofdata == 'dayhour' || $typeofdata == 'datehourpicker') $ret .= dol_print_date($value, 'dayhour'); elseif (preg_match('/^select;/', $typeofdata)) diff --git a/htdocs/expedition/card.php b/htdocs/expedition/card.php index 66b47ab563f..b137e6cdfa5 100644 --- a/htdocs/expedition/card.php +++ b/htdocs/expedition/card.php @@ -1967,7 +1967,7 @@ elseif ($id || $ref) // Tracking Number print '
'.$form->editfieldkey("TrackingNumber", 'tracking_number', $object->tracking_number, $object, $user->rights->expedition->creer).''; - print $form->editfieldval("TrackingNumber", 'tracking_number', $object->tracking_url, $object, $user->rights->expedition->creer, 'string', $object->tracking_number); + print $form->editfieldval("TrackingNumber", 'tracking_number', $object->tracking_url, $object, $user->rights->expedition->creer, 'safehtmlstring', $object->tracking_number); print '