From 6c8293612d807d6eae8b9fd8daa45f7d962d96c1 Mon Sep 17 00:00:00 2001 From: Florian HENRY Date: Fri, 26 Mar 2021 16:41:48 +0100 Subject: [PATCH 01/84] 13.0 --- .gitignore | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/.gitignore b/.gitignore index 371c8be2f5e..18ae79180a0 100644 --- a/.gitignore +++ b/.gitignore @@ -43,6 +43,10 @@ htdocs/includes/squizlabs/ htdocs/includes/webmozart/ htdocs/.well-known/apple-developer-merchantid-domain-association + +cyberoffice/ +mycyberoffice/ + # Node Modules build/yarn-error.log build/node_modules/ From 63d7698b43b7ffd2be954bfbd0930428b6030481 Mon Sep 17 00:00:00 2001 From: Robin Date: Fri, 16 Apr 2021 15:26:29 +0200 Subject: [PATCH 02/84] ADD company option for disable Workforce --- htdocs/societe/card.php | 43 ++++++++++++++++++++++++++++------------- 1 file changed, 30 insertions(+), 13 deletions(-) diff --git a/htdocs/societe/card.php b/htdocs/societe/card.php index 66b5f68564e..512c66f9ddd 100644 --- a/htdocs/societe/card.php +++ b/htdocs/societe/card.php @@ -1459,15 +1459,22 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) } // Type - Workforce/Staff - print ''.$form->editfieldkey('ThirdPartyType', 'typent_id', '', $object, 0).'browser->layout == 'phone' ? ' colspan="3"' : '').'>'."\n"; + print ''.$form->editfieldkey('ThirdPartyType', 'typent_id', '', $object, 0).'browser->layout == 'phone' || !empty($conf->global->SOCIETE_DISABLE_WORKFORCE)) ? ' colspan="3"' : '').'>'."\n"; $sortparam = (empty($conf->global->SOCIETE_SORT_ON_TYPEENT) ? 'ASC' : $conf->global->SOCIETE_SORT_ON_TYPEENT); // NONE means we keep sort of original array, so we sort on position. ASC, means next function will sort on label. print $form->selectarray("typent_id", $formcompany->typent_array(0), $object->typent_id, 0, 0, 0, '', 0, 0, 0, $sortparam, '', 1); if ($user->admin) print ' '.info_admin($langs->trans("YouCanChangeValuesForThisListFromDictionarySetup"), 1); - print ''; - if ($conf->browser->layout == 'phone') print ''; - print ''.$form->editfieldkey('Workforce', 'effectif_id', '', $object, 0).'browser->layout == 'phone' ? ' colspan="3"' : '').'>'; - print $form->selectarray("effectif_id", $formcompany->effectif_array(0), $object->effectif_id, 0, 0, 0, '', 0, 0, 0, '', '', 1); - if ($user->admin) print ' '.info_admin($langs->trans("YouCanChangeValuesForThisListFromDictionarySetup"), 1); + if (empty($conf->global->SOCIETE_DISABLE_WORKFORCE)) + { + print ''; + if ($conf->browser->layout == 'phone') print ''; + print ''.$form->editfieldkey('Workforce', 'effectif_id', '', $object, 0).'browser->layout == 'phone' ? ' colspan="3"' : '').'>'; + print $form->selectarray("effectif_id", $formcompany->effectif_array(0), $object->effectif_id, 0, 0, 0, '', 0, 0, 0, '', '', 1); + if ($user->admin) print ' '.info_admin($langs->trans("YouCanChangeValuesForThisListFromDictionarySetup"), 1); + } + else + { + print ''; + } print ''; // Legal Form @@ -2081,14 +2088,21 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) print ''; // Type - Workforce/Staff - print ''.$form->editfieldkey('ThirdPartyType', 'typent_id', '', $object, 0).''; + print ''.$form->editfieldkey('ThirdPartyType', 'typent_id', '', $object, 0).'browser->layout == 'phone' || !empty($conf->global->SOCIETE_DISABLE_WORKFORCE)) ? ' colspan="3"' : '').'>'; print $form->selectarray("typent_id", $formcompany->typent_array(0), $object->typent_id, 0, 0, 0, '', 0, 0, 0, (empty($conf->global->SOCIETE_SORT_ON_TYPEENT) ? 'ASC' : $conf->global->SOCIETE_SORT_ON_TYPEENT), '', 1); if ($user->admin) print info_admin($langs->trans("YouCanChangeValuesForThisListFromDictionarySetup"), 1); - print ''; - if ($conf->browser->layout == 'phone') print ''; - print ''.$form->editfieldkey('Workforce', 'effectif_id', '', $object, 0).''; - print $form->selectarray("effectif_id", $formcompany->effectif_array(0), $object->effectif_id, 0, 0, 0, '', 0, 0, 0, '', '', 1); - if ($user->admin) print info_admin($langs->trans("YouCanChangeValuesForThisListFromDictionarySetup"), 1); + if (empty($conf->global->SOCIETE_DISABLE_WORKFORCE)) + { + print ''; + if ($conf->browser->layout == 'phone') print ''; + print ''.$form->editfieldkey('Workforce', 'effectif_id', '', $object, 0).''; + print $form->selectarray("effectif_id", $formcompany->effectif_array(0), $object->effectif_id, 0, 0, 0, '', 0, 0, 0, '', '', 1); + if ($user->admin) print info_admin($langs->trans("YouCanChangeValuesForThisListFromDictionarySetup"), 1); + } + else + { + print ''; + } print ''; // Juridical type @@ -2494,7 +2508,10 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) print ''; // Workforce/Staff - print ''.$langs->trans("Workforce").''.$object->effectif.''; + if (empty($conf->global->SOCIETE_DISABLE_WORKFORCE)) + { + print ''.$langs->trans("Workforce").''.$object->effectif.''; + } print ''; print ''; From f8fcf7c16b68fa4fe4bc80820be42808b5826df3 Mon Sep 17 00:00:00 2001 From: Gauthier PC portable 024 Date: Fri, 16 Apr 2021 16:55:19 +0200 Subject: [PATCH 03/84] FIX : type link extrafield case for advanced target emailing --- htdocs/comm/mailing/class/advtargetemailing.class.php | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/htdocs/comm/mailing/class/advtargetemailing.class.php b/htdocs/comm/mailing/class/advtargetemailing.class.php index 6987a27dacd..ff2e056344c 100644 --- a/htdocs/comm/mailing/class/advtargetemailing.class.php +++ b/htdocs/comm/mailing/class/advtargetemailing.class.php @@ -640,6 +640,10 @@ class AdvanceTargetingMailing extends CommonObject if ($arrayquery['options_'.$key]!=''){ $sqlwhere[]= " (te.".$key." = ".$arrayquery['options_'.$key].")"; } + } elseif ($extrafields->attributes[$elementtype]['type'][$key] == 'link') { + if ($arrayquery['options_'.$key] > 0){ + $sqlwhere[]= " (te.".$key." = ".$arrayquery['options_'.$key].")"; + } } else { if (is_array($arrayquery['options_'.$key])) { $sqlwhere[]= " (te.".$key." IN ('".implode("','", $arrayquery['options_'.$key])."'))"; @@ -666,7 +670,6 @@ class AdvanceTargetingMailing extends CommonObject while ($i < $num) { $obj = $this->db->fetch_object($resql); - $this->thirdparty_lines[$i] = $obj->rowid; $i++; From 37f44f4a07d05bd25de1e7d4aa6a776ec52c9d9f Mon Sep 17 00:00:00 2001 From: stickler-ci Date: Fri, 16 Apr 2021 14:58:57 +0000 Subject: [PATCH 04/84] Fixing style errors. --- htdocs/comm/mailing/class/advtargetemailing.class.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/comm/mailing/class/advtargetemailing.class.php b/htdocs/comm/mailing/class/advtargetemailing.class.php index ff2e056344c..3a8a9396d29 100644 --- a/htdocs/comm/mailing/class/advtargetemailing.class.php +++ b/htdocs/comm/mailing/class/advtargetemailing.class.php @@ -643,7 +643,7 @@ class AdvanceTargetingMailing extends CommonObject } elseif ($extrafields->attributes[$elementtype]['type'][$key] == 'link') { if ($arrayquery['options_'.$key] > 0){ $sqlwhere[]= " (te.".$key." = ".$arrayquery['options_'.$key].")"; - } + } } else { if (is_array($arrayquery['options_'.$key])) { $sqlwhere[]= " (te.".$key." IN ('".implode("','", $arrayquery['options_'.$key])."'))"; From 5b6439ca5eb742a41d13a40fbe1f33b00a5817f2 Mon Sep 17 00:00:00 2001 From: Gauthier PC portable 024 Date: Mon, 19 Apr 2021 09:15:47 +0200 Subject: [PATCH 05/84] FIX : cast int --- htdocs/comm/mailing/class/advtargetemailing.class.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/comm/mailing/class/advtargetemailing.class.php b/htdocs/comm/mailing/class/advtargetemailing.class.php index ff2e056344c..730ca263f1d 100644 --- a/htdocs/comm/mailing/class/advtargetemailing.class.php +++ b/htdocs/comm/mailing/class/advtargetemailing.class.php @@ -638,7 +638,7 @@ class AdvanceTargetingMailing extends CommonObject } } elseif ($extrafields->attributes[$elementtype]['type'][$key] == 'boolean') { if ($arrayquery['options_'.$key]!=''){ - $sqlwhere[]= " (te.".$key." = ".$arrayquery['options_'.$key].")"; + $sqlwhere[]= " (te.".$key." = ".((int)$arrayquery['options_'.$key]).")"; } } elseif ($extrafields->attributes[$elementtype]['type'][$key] == 'link') { if ($arrayquery['options_'.$key] > 0){ From 8c428081ab94113a19ae70e0b1d8b8be4eeab84c Mon Sep 17 00:00:00 2001 From: Gauthier PC portable 024 Date: Mon, 19 Apr 2021 09:17:33 +0200 Subject: [PATCH 06/84] FIX : test on link type --- htdocs/comm/mailing/class/advtargetemailing.class.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/htdocs/comm/mailing/class/advtargetemailing.class.php b/htdocs/comm/mailing/class/advtargetemailing.class.php index 4356039d080..bb472753204 100644 --- a/htdocs/comm/mailing/class/advtargetemailing.class.php +++ b/htdocs/comm/mailing/class/advtargetemailing.class.php @@ -638,11 +638,11 @@ class AdvanceTargetingMailing extends CommonObject } } elseif ($extrafields->attributes[$elementtype]['type'][$key] == 'boolean') { if ($arrayquery['options_'.$key]!=''){ - $sqlwhere[]= " (te.".$key." = ".((int)$arrayquery['options_'.$key]).")"; + $sqlwhere[]= " (te.".$key." = ".$arrayquery['options_'.$key].")"; } } elseif ($extrafields->attributes[$elementtype]['type'][$key] == 'link') { if ($arrayquery['options_'.$key] > 0){ - $sqlwhere[]= " (te.".$key." = ".$arrayquery['options_'.$key].")"; + $sqlwhere[]= " (te.".$key." = ".((int)$arrayquery['options_'.$key]).")"; } } else { if (is_array($arrayquery['options_'.$key])) { From 318a783237afa2c4c06226d282f28bcaf1cb7e31 Mon Sep 17 00:00:00 2001 From: stickler-ci Date: Mon, 19 Apr 2021 07:19:45 +0000 Subject: [PATCH 07/84] Fixing style errors. --- htdocs/comm/mailing/class/advtargetemailing.class.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/comm/mailing/class/advtargetemailing.class.php b/htdocs/comm/mailing/class/advtargetemailing.class.php index bb472753204..cb539768cf9 100644 --- a/htdocs/comm/mailing/class/advtargetemailing.class.php +++ b/htdocs/comm/mailing/class/advtargetemailing.class.php @@ -642,7 +642,7 @@ class AdvanceTargetingMailing extends CommonObject } } elseif ($extrafields->attributes[$elementtype]['type'][$key] == 'link') { if ($arrayquery['options_'.$key] > 0){ - $sqlwhere[]= " (te.".$key." = ".((int)$arrayquery['options_'.$key]).")"; + $sqlwhere[]= " (te.".$key." = ".((int) $arrayquery['options_'.$key]).")"; } } else { if (is_array($arrayquery['options_'.$key])) { From a6c6f9eb08443c2dd4e0c4e7568573ed08002521 Mon Sep 17 00:00:00 2001 From: Pierre Payet Date: Mon, 19 Apr 2021 10:20:51 +0200 Subject: [PATCH 08/84] add missing printFieldListFrom hook --- htdocs/fichinter/list.php | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/htdocs/fichinter/list.php b/htdocs/fichinter/list.php index d054f5e5bcc..d690feb7407 100644 --- a/htdocs/fichinter/list.php +++ b/htdocs/fichinter/list.php @@ -223,6 +223,10 @@ if (!empty($conf->contrat->enabled)) { } if (is_array($extrafields->attributes[$object->table_element]['label']) && count($extrafields->attributes[$object->table_element]['label'])) $sql .= " LEFT JOIN ".MAIN_DB_PREFIX.$object->table_element."_extrafields as ef on (f.rowid = ef.fk_object)"; if (empty($conf->global->FICHINTER_DISABLE_DETAILS) && $atleastonefieldinlines) $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."fichinterdet as fd ON fd.fk_fichinter = f.rowid"; +// Add table from hooks +$parameters = array(); +$reshook = $hookmanager->executeHooks('printFieldListFrom', $parameters, $object); // Note that $action and $object may have been modified by hook +$sql .= $hookmanager->resPrint; if (!$user->rights->societe->client->voir && empty($socid)) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql .= ", ".MAIN_DB_PREFIX."societe as s"; $sql .= " WHERE f.entity IN (".getEntity('intervention').")"; From 81907191ca3e75f57d029966b46136b4c477b16c Mon Sep 17 00:00:00 2001 From: altairis-noe Date: Tue, 20 Apr 2021 10:17:08 +0200 Subject: [PATCH 09/84] product card typo --- htdocs/product/card.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/product/card.php b/htdocs/product/card.php index 094ce8670a9..66f4b66aa75 100644 --- a/htdocs/product/card.php +++ b/htdocs/product/card.php @@ -894,7 +894,7 @@ if (empty($reshook)) { $result = $facture->addline( $desc, $pu_ht, - price2nm(GETPOST('qty'), 'MS'), + price2num(GETPOST('qty'), 'MS'), $tva_tx, $localtax1_tx, $localtax2_tx, From 53a89180d910e9fdfedb95eda2653c75b183558c Mon Sep 17 00:00:00 2001 From: UT from dolibit <45215329+dolibit-ut@users.noreply.github.com> Date: Tue, 20 Apr 2021 11:22:12 +0200 Subject: [PATCH 10/84] Update element.php merging by - if (!empty($conf->facture->enabled)) - if (!empty($conf->loan->enabled)) --- htdocs/projet/element.php | 4 ---- 1 file changed, 4 deletions(-) diff --git a/htdocs/projet/element.php b/htdocs/projet/element.php index 95c348a7e09..a6e3af11979 100644 --- a/htdocs/projet/element.php +++ b/htdocs/projet/element.php @@ -41,8 +41,6 @@ if (!empty($conf->propal->enabled)) { } if (!empty($conf->facture->enabled)) { require_once DOL_DOCUMENT_ROOT.'/compta/facture/class/facture.class.php'; -} -if (!empty($conf->facture->enabled)) { require_once DOL_DOCUMENT_ROOT.'/compta/facture/class/facture-rec.class.php'; } if (!empty($conf->commande->enabled)) { @@ -80,8 +78,6 @@ if (!empty($conf->don->enabled)) { } if (!empty($conf->loan->enabled)) { require_once DOL_DOCUMENT_ROOT.'/loan/class/loan.class.php'; -} -if (!empty($conf->loan->enabled)) { require_once DOL_DOCUMENT_ROOT.'/loan/class/loanschedule.class.php'; } if (!empty($conf->stock->enabled)) { From 3a1f70fe348082167469209bc8b8d2cad2fb3fb7 Mon Sep 17 00:00:00 2001 From: UT from dolibit <45215329+dolibit-ut@users.noreply.github.com> Date: Tue, 20 Apr 2021 11:31:45 +0200 Subject: [PATCH 11/84] Update bom_agenda.php MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit $help_url = 'EN:Module_Agenda_En|FR:Module_Agenda|ES:Módulo_Agenda'; --- htdocs/bom/bom_agenda.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/bom/bom_agenda.php b/htdocs/bom/bom_agenda.php index dc3421dea0c..0f18c39d2af 100644 --- a/htdocs/bom/bom_agenda.php +++ b/htdocs/bom/bom_agenda.php @@ -126,7 +126,7 @@ $form = new Form($db); if ($object->id > 0) { $title = $langs->trans("Agenda"); //if (! empty($conf->global->MAIN_HTML_TITLE) && preg_match('/thirdpartynameonly/',$conf->global->MAIN_HTML_TITLE) && $object->name) $title=$object->name." - ".$title; - $help_url = ''; + $help_url = 'EN:Module_Agenda_En|FR:Module_Agenda|ES:Módulo_Agenda'; llxHeader('', $title, $help_url); if (!empty($conf->notification->enabled)) { From cce6224c910740941f2e5ee74820100d33675c74 Mon Sep 17 00:00:00 2001 From: UT from dolibit <45215329+dolibit-ut@users.noreply.github.com> Date: Tue, 20 Apr 2021 11:33:47 +0200 Subject: [PATCH 12/84] Update bom_card.php $help_url ='EN:Module_BOM'; llxHeader('', $title, $help_url); --- htdocs/bom/bom_card.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/htdocs/bom/bom_card.php b/htdocs/bom/bom_card.php index 37ec67e1ba3..ae35eae14f4 100644 --- a/htdocs/bom/bom_card.php +++ b/htdocs/bom/bom_card.php @@ -241,8 +241,8 @@ $formfile = new FormFile($db); $title = $langs->trans('BOM'); - -llxHeader('', $title, ''); +$help_url ='EN:Module_BOM'; +llxHeader('', $title, $help_url); // Example : Adding jquery code print ' + + + + + + + + + + + + + + + + + + + + + + + + + + + +
 
+
+ + diff --git a/htdocs/margin/customerMargins.php b/htdocs/margin/customerMargins.php index 67639acb745..7fed219ffcd 100644 --- a/htdocs/margin/customerMargins.php +++ b/htdocs/margin/customerMargins.php @@ -234,7 +234,7 @@ if (!$user->rights->societe->client->voir && !$socid) { } $sql .= " WHERE f.fk_soc = s.rowid"; if ($socid > 0) { - $sql .= ' AND s.rowid = '.$socid; + $sql .= ' AND s.rowid = '.((int) $socid); } if (!$user->rights->societe->client->voir && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".$user->id; diff --git a/htdocs/mrp/class/mo.class.php b/htdocs/mrp/class/mo.class.php index d7635b9a78e..b357fd8a5b5 100644 --- a/htdocs/mrp/class/mo.class.php +++ b/htdocs/mrp/class/mo.class.php @@ -500,7 +500,7 @@ class Mo extends CommonObject $sql .= ' FROM '.MAIN_DB_PREFIX.$mostatic->table_element.' as t'; $sql .= " WHERE t.role = '".$this->db->escape($role)."'"; if ($lineid > 0) { - $sql .= ' AND t.fk_mrp_production = '.$lineid; + $sql .= ' AND t.fk_mrp_production = '.((int) $lineid); } else { $sql .= 'AND t.fk_mo = '.$this->id; } diff --git a/htdocs/product/stock/lib/replenishment.lib.php b/htdocs/product/stock/lib/replenishment.lib.php index 1faa67ad860..a7354c1d001 100644 --- a/htdocs/product/stock/lib/replenishment.lib.php +++ b/htdocs/product/stock/lib/replenishment.lib.php @@ -126,7 +126,7 @@ function ordered($product_id) } else { $sql .= ' cf.fk_statut < 5'; } - $sql .= ' AND cfd.fk_product = '.$product_id; + $sql .= ' AND cfd.fk_product = '.((int) $product_id); $sql .= ' GROUP BY cfd.fk_product'; $resql = $db->query($sql); diff --git a/htdocs/product/stock/replenishorders.php b/htdocs/product/stock/replenishorders.php index f5978313a1e..17490e330bb 100644 --- a/htdocs/product/stock/replenishorders.php +++ b/htdocs/product/stock/replenishorders.php @@ -154,7 +154,7 @@ if ($sall) { $sql .= natural_search(array('cf.ref', 'cf.note'), $sall); } if (!empty($socid)) { - $sql .= ' AND s.rowid = '.$socid; + $sql .= ' AND s.rowid = '.((int) $socid); } if (GETPOST('statut', 'int')) { $sql .= ' AND fk_statut = '.GETPOST('statut', 'int'); diff --git a/htdocs/product/stock/stockatdate.php b/htdocs/product/stock/stockatdate.php index e5eb2751109..788c75f1141 100644 --- a/htdocs/product/stock/stockatdate.php +++ b/htdocs/product/stock/stockatdate.php @@ -258,7 +258,7 @@ $sql .= $hookmanager->resPrint; $sql .= ' FROM '.MAIN_DB_PREFIX.'product as p'; if ($fk_warehouse > 0) { - $sql .= ' LEFT JOIN '.MAIN_DB_PREFIX.'product_stock as ps ON p.rowid = ps.fk_product AND ps.fk_entrepot = '.$fk_warehouse; + $sql .= ' LEFT JOIN '.MAIN_DB_PREFIX.'product_stock as ps ON p.rowid = ps.fk_product AND ps.fk_entrepot = '.((int) $fk_warehouse); } // Add fields from hooks $parameters = array(); diff --git a/htdocs/projet/activity/perday.php b/htdocs/projet/activity/perday.php index 5b238d96b92..3c67673ad49 100644 --- a/htdocs/projet/activity/perday.php +++ b/htdocs/projet/activity/perday.php @@ -201,7 +201,7 @@ if ($action == 'addtime' && $user->rights->projet->lire && GETPOST('assigntask') if ($result >= 0 || $result == -2) { // Contact add ok or already contact of task // Test if we are already contact of the project (should be rare but sometimes we can add as task contact without being contact of project, like when admin user has been removed from contact of project) $sql = 'SELECT ec.rowid FROM '.MAIN_DB_PREFIX.'element_contact as ec, '.MAIN_DB_PREFIX.'c_type_contact as tc WHERE tc.rowid = ec.fk_c_type_contact'; - $sql .= ' AND ec.fk_socpeople = '.$idfortaskuser." AND ec.element_id = '.$object->fk_project.' AND tc.element = 'project' AND source = 'internal'"; + $sql .= ' AND ec.fk_socpeople = '.((int) $idfortaskuser)." AND ec.element_id = '.$object->fk_project.' AND tc.element = 'project' AND source = 'internal'"; $resql = $db->query($sql); if ($resql) { $obj = $db->fetch_object($resql); diff --git a/htdocs/projet/activity/permonth.php b/htdocs/projet/activity/permonth.php index 43cdfa863f5..087fe5b8f0b 100644 --- a/htdocs/projet/activity/permonth.php +++ b/htdocs/projet/activity/permonth.php @@ -156,7 +156,7 @@ if ($action == 'addtime' && $user->rights->projet->lire && GETPOST('assigntask') if ($result >= 0 || $result == -2) { // Contact add ok or already contact of task // Test if we are already contact of the project (should be rare but sometimes we can add as task contact without being contact of project, like when admin user has been removed from contact of project) $sql = 'SELECT ec.rowid FROM '.MAIN_DB_PREFIX.'element_contact as ec, '.MAIN_DB_PREFIX.'c_type_contact as tc WHERE tc.rowid = ec.fk_c_type_contact'; - $sql .= ' AND ec.fk_socpeople = '.$idfortaskuser." AND ec.element_id = '.$object->fk_project.' AND tc.element = 'project' AND source = 'internal'"; + $sql .= ' AND ec.fk_socpeople = '.((int) $idfortaskuser)." AND ec.element_id = '.$object->fk_project.' AND tc.element = 'project' AND source = 'internal'"; $resql = $db->query($sql); if ($resql) { $obj = $db->fetch_object($resql); diff --git a/htdocs/projet/activity/perweek.php b/htdocs/projet/activity/perweek.php index 62f26a881b7..3d380ab7f4e 100644 --- a/htdocs/projet/activity/perweek.php +++ b/htdocs/projet/activity/perweek.php @@ -214,7 +214,7 @@ if ($action == 'addtime' && $user->rights->projet->lire && GETPOST('assigntask') if ($result >= 0 || $result == -2) { // Contact add ok or already contact of task // Test if we are already contact of the project (should be rare but sometimes we can add as task contact without being contact of project, like when admin user has been removed from contact of project) $sql = 'SELECT ec.rowid FROM '.MAIN_DB_PREFIX.'element_contact as ec, '.MAIN_DB_PREFIX.'c_type_contact as tc WHERE tc.rowid = ec.fk_c_type_contact'; - $sql .= ' AND ec.fk_socpeople = '.$idfortaskuser." AND ec.element_id = '.$object->fk_project.' AND tc.element = 'project' AND source = 'internal'"; + $sql .= ' AND ec.fk_socpeople = '.((int) $idfortaskuser)." AND ec.element_id = '.$object->fk_project.' AND tc.element = 'project' AND source = 'internal'"; $resql = $db->query($sql); if ($resql) { $obj = $db->fetch_object($resql); diff --git a/htdocs/public/payment/newpayment.php b/htdocs/public/payment/newpayment.php index 40c742d562a..7f9835069bf 100644 --- a/htdocs/public/payment/newpayment.php +++ b/htdocs/public/payment/newpayment.php @@ -802,7 +802,7 @@ if ($urllogo) { print ''."\n"; -print ''."\n"; +print ''."\n"; // Additionnal information for each payment system if (!empty($conf->paypal->enabled)) { print ''."\n"; diff --git a/htdocs/public/recruitment/index.php b/htdocs/public/recruitment/index.php index 5118f7ebfc0..7d4ec0223f1 100644 --- a/htdocs/public/recruitment/index.php +++ b/htdocs/public/recruitment/index.php @@ -258,15 +258,15 @@ if ($display_ticket_list) { if (!empty($filter)) { foreach ($filter as $key => $value) { if (strpos($key, 'date')) { // To allow $filter['YEAR(s.dated)']=>$year - $sql .= ' AND '.$key.' = \''.$value.'\''; + $sql .= ' AND '.$key.' = \''.$db->escape($value).'\''; } elseif ($key == 't.fk_statut') { if (is_array($value) && count($value) > 0) { $sql .= 'AND '.$key.' IN ('.$db->sanitize(implode(',', $value)).')'; } else { - $sql .= ' AND '.$key.' = '.$db->escape($value); + $sql .= ' AND '.$key.' = '.((int) $value); } } else { - $sql .= ' AND '.$key.' LIKE \'%'.$value.'%\''; + $sql .= ' AND '.$key.' LIKE \'%'.$db->escape($value).'%\''; } } } diff --git a/htdocs/public/ticket/list.php b/htdocs/public/ticket/list.php index 92962732a68..1e1eb08dd5e 100644 --- a/htdocs/public/ticket/list.php +++ b/htdocs/public/ticket/list.php @@ -359,17 +359,17 @@ if ($action == "view_ticketlist") { if (!empty($filter)) { foreach ($filter as $key => $value) { if (strpos($key, 'date')) { // To allow $filter['YEAR(s.dated)']=>$year - $sql .= ' AND '.$key.' = \''.$value.'\''; + $sql .= ' AND '.$key.' = \''.$db->escape($value).'\''; } elseif (($key == 't.fk_user_assign') || ($key == 't.type_code') || ($key == 't.category_code') || ($key == 't.severity_code')) { $sql .= " AND ".$key." = '".$db->escape($value)."'"; } elseif ($key == 't.fk_statut') { if (is_array($value) && count($value) > 0) { $sql .= 'AND '.$key.' IN ('.$db->sanitize(implode(',', $value)).')'; } else { - $sql .= ' AND '.$key.' = '.$db->escape($value); + $sql .= ' AND '.$key.' = '.((int) $value); } } else { - $sql .= ' AND '.$key.' LIKE \'%'.$value.'%\''; + $sql .= ' AND '.$key.' LIKE \'%'.$db->escape($value).'%\''; } } } diff --git a/htdocs/reception/list.php b/htdocs/reception/list.php index 44d4cf32a5c..7295b3df75a 100644 --- a/htdocs/reception/list.php +++ b/htdocs/reception/list.php @@ -460,7 +460,7 @@ if ($search_status <> '' && $search_status >= 0) { $sql .= " AND e.fk_statut = ".$search_status; } if ($search_billed != '' && $search_billed >= 0) { - $sql .= ' AND e.billed = '.$search_billed; + $sql .= ' AND e.billed = '.((int) $search_billed); } if ($search_town) { $sql .= natural_search('s.town', $search_town); diff --git a/htdocs/supplier_proposal/list.php b/htdocs/supplier_proposal/list.php index 2c7ba7694dd..3b9a7892310 100644 --- a/htdocs/supplier_proposal/list.php +++ b/htdocs/supplier_proposal/list.php @@ -371,7 +371,7 @@ if ($sall) { $sql .= natural_search(array_keys($fieldstosearchall), $sall); } if ($socid) { - $sql .= ' AND s.rowid = '.$socid; + $sql .= ' AND s.rowid = '.((int) $socid); } if ($search_status >= 0 && $search_status != '') { $sql .= ' AND sp.fk_statut IN ('.$db->sanitize($db->escape($search_status)).')'; @@ -379,7 +379,7 @@ if ($search_status >= 0 && $search_status != '') { $sql .= dolSqlDateFilter("sp.date_livraison", $day, $month, $year); $sql .= dolSqlDateFilter("sp.date_valid", $dayvalid, $monthvalid, $yearvalid); if ($search_sale > 0) { - $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".$search_sale; + $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $search_sale); } if ($search_user > 0) { $sql .= " AND c.fk_c_type_contact = tc.rowid AND tc.element='supplier_proposal' AND tc.source='internal' AND c.element_id = sp.rowid AND c.fk_socpeople = ".$search_user; diff --git a/htdocs/ticket/class/ticket.class.php b/htdocs/ticket/class/ticket.class.php index c16817ad7a5..6d5f7022a41 100644 --- a/htdocs/ticket/class/ticket.class.php +++ b/htdocs/ticket/class/ticket.class.php @@ -719,10 +719,10 @@ class Ticket extends CommonObject if (is_array($value) && count($value) > 0) { $sql .= 'AND '.$key.' IN ('.$this->db->sanitize(implode(',', $value)).')'; } else { - $sql .= ' AND '.$key.' = '.$this->db->escape($value); + $sql .= ' AND '.$key.' = '.((int) $value); } } else { - $sql .= ' AND '.$key.' LIKE \'%'.$value.'%\''; + $sql .= ' AND '.$key.' LIKE \'%'.$this->db->escape($value).'%\''; } } } diff --git a/htdocs/website/class/websitepage.class.php b/htdocs/website/class/websitepage.class.php index f22a5200148..2fd363c7965 100644 --- a/htdocs/website/class/websitepage.class.php +++ b/htdocs/website/class/websitepage.class.php @@ -413,7 +413,7 @@ class WebsitePage extends CommonObject if (count($filter) > 0) { foreach ($filter as $key => $value) { if ($key == 't.rowid' || $key == 't.fk_website' || $key == 'status') { - $sqlwhere[] = $key.' = '.$value; + $sqlwhere[] = $key.' = '.((int) $value); } elseif ($key == 'type_container') { $sqlwhere[] = $key." = '".$this->db->escape($value)."'"; } elseif ($key == 'lang' || $key == 't.lang') { @@ -515,7 +515,7 @@ class WebsitePage extends CommonObject if (count($filter) > 0) { foreach ($filter as $key => $value) { if ($key == 't.rowid' || $key == 't.fk_website' || $key == 'status') { - $sqlwhere[] = $key.' = '.$value; + $sqlwhere[] = $key.' = '.((int) $value); } elseif ($key == 'type_container') { $sqlwhere[] = $key." = '".$this->db->escape($value)."'"; } elseif ($key == 'lang' || $key == 't.lang') { @@ -528,7 +528,7 @@ class WebsitePage extends CommonObject } $listoflang[] = "'".$this->db->escape(substr(str_replace("'", '', $tmpvalue), 0, 2))."'"; } - $stringtouse = $key." IN (".$this->db->sanitize(join(',', $listoflang)).")"; + $stringtouse = $key." IN (".$this->db->sanitize(join(',', $listoflang), 1).")"; if ($foundnull) { $stringtouse = '('.$stringtouse.' OR '.$key.' IS NULL)'; } diff --git a/htdocs/website/websiteaccount_card.php b/htdocs/website/websiteaccount_card.php index 957173335c0..2074873a031 100644 --- a/htdocs/website/websiteaccount_card.php +++ b/htdocs/website/websiteaccount_card.php @@ -281,7 +281,7 @@ if ($object->id > 0 && (empty($action) || ($action != 'edit' && $action != 'crea $morehtmlref .= ''; if ($socid > 0) { - $object->next_prev_filter = 'te.fk_soc = '.$socid; + $object->next_prev_filter = 'te.fk_soc = '.((int) $socid); } dol_banner_tab($object, 'id', $linkback, 1, 'rowid', 'rowid', $morehtmlref); From b0fe08e411945e548acf7b7a3b37af2c99fd4669 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 26 Apr 2021 19:21:23 +0200 Subject: [PATCH 59/84] Clean code --- htdocs/api/index.php | 2 +- .../Luracast/Restler/explorer/explorer.html | 144 ------------------ 2 files changed, 1 insertion(+), 145 deletions(-) delete mode 100644 htdocs/includes/restler/framework/Luracast/Restler/explorer/explorer.html diff --git a/htdocs/api/index.php b/htdocs/api/index.php index c494730f795..d19754f9c35 100644 --- a/htdocs/api/index.php +++ b/htdocs/api/index.php @@ -119,7 +119,7 @@ if (preg_match('/api\/index\.php\/explorer/', $url) && !empty($conf->global->API // Analyze URLs // index.php/explorer do a redirect to index.php/explorer/ -// index.php/explorer/ called by swagger to build explorer page +// index.php/explorer/ called by swagger to build explorer page index.php/explorer/index.html // index.php/explorer/.../....png|.css|.js called by swagger for resources to build explorer page // index.php/explorer/resources.json called by swagger to get list of all services // index.php/explorer/resources.json/xxx called by swagger to get detail of services xxx diff --git a/htdocs/includes/restler/framework/Luracast/Restler/explorer/explorer.html b/htdocs/includes/restler/framework/Luracast/Restler/explorer/explorer.html deleted file mode 100644 index 7fedb694c17..00000000000 --- a/htdocs/includes/restler/framework/Luracast/Restler/explorer/explorer.html +++ /dev/null @@ -1,144 +0,0 @@ - - - - - - Swagger UI - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
 
-
- - From 8f7dd6211e9dee7b6f97d951749e40ed35704d72 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 26 Apr 2021 19:55:46 +0200 Subject: [PATCH 60/84] fix css --- htdocs/contrat/note.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/contrat/note.php b/htdocs/contrat/note.php index bd96eac7b0d..eab56b97a16 100644 --- a/htdocs/contrat/note.php +++ b/htdocs/contrat/note.php @@ -180,7 +180,7 @@ if ($id > 0 || !empty($ref)) { //print '
'; - $cssclass='fieldtitle'; + $cssclass='titlefield'; include DOL_DOCUMENT_ROOT.'/core/tpl/notes.tpl.php'; print dol_get_fiche_end(); From a29c26f299f349d00980e6f380bd0acc0ec2c598 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 26 Apr 2021 21:07:46 +0200 Subject: [PATCH 61/84] Fix amount chosen lost --- htdocs/salaries/paiement_salary.php | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/htdocs/salaries/paiement_salary.php b/htdocs/salaries/paiement_salary.php index 5ab67c71c0e..a266a2ed88b 100644 --- a/htdocs/salaries/paiement_salary.php +++ b/htdocs/salaries/paiement_salary.php @@ -286,9 +286,10 @@ if ($action == 'create') { if (!empty($conf->use_javascript_ajax)) { print img_picto("Auto fill", 'rightarrow', "class='AutoFillAmount' data-rowid='".$namef."' data-value='".($objp->amount - $sumpaid)."'"); } */ - $remaintopay = $objp->amount - $sumpaid; - print ''; - print ''; + $valuetoshow = GETPOSTISSET($namef) ? GETPOST($namef) : ($objp->amount - $sumpaid); + + print ''; + print ''; } else { print '-'; } From 3d5002b8f63bdf3e518ace6ffcc31ef526331017 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 26 Apr 2021 22:42:40 +0200 Subject: [PATCH 62/84] Update list.php --- htdocs/fichinter/list.php | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/htdocs/fichinter/list.php b/htdocs/fichinter/list.php index 3a09dab777f..77842037763 100644 --- a/htdocs/fichinter/list.php +++ b/htdocs/fichinter/list.php @@ -245,13 +245,19 @@ if (!empty($conf->contrat->enabled)) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."contrat as c on f.fk_contrat = c.rowid"; } -if (is_array($extrafields->attributes[$object->table_element]['label']) && count($extrafields->attributes[$object->table_element]['label'])) $sql .= " LEFT JOIN ".MAIN_DB_PREFIX.$object->table_element."_extrafields as ef on (f.rowid = ef.fk_object)"; -if (empty($conf->global->FICHINTER_DISABLE_DETAILS) && $atleastonefieldinlines) $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."fichinterdet as fd ON fd.fk_fichinter = f.rowid"; +if (is_array($extrafields->attributes[$object->table_element]['label']) && count($extrafields->attributes[$object->table_element]['label'])) { + $sql .= " LEFT JOIN ".MAIN_DB_PREFIX.$object->table_element."_extrafields as ef on (f.rowid = ef.fk_object)"; +} +if (empty($conf->global->FICHINTER_DISABLE_DETAILS) && $atleastonefieldinlines) { + $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."fichinterdet as fd ON fd.fk_fichinter = f.rowid"; +} // Add table from hooks $parameters = array(); $reshook = $hookmanager->executeHooks('printFieldListFrom', $parameters, $object); // Note that $action and $object may have been modified by hook $sql .= $hookmanager->resPrint; -if (!$user->rights->societe->client->voir && empty($socid)) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; +if (!$user->rights->societe->client->voir && empty($socid)) { + $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; +} $sql .= ", ".MAIN_DB_PREFIX."societe as s"; $sql .= " WHERE f.entity IN (".getEntity('intervention').")"; From fa1ad826631b58f85c1272e6df0ba079367f8fd5 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 26 Apr 2021 23:42:49 +0200 Subject: [PATCH 63/84] Fix id in comment --- htdocs/install/mysql/data/llx_10_c_regions.sql | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/install/mysql/data/llx_10_c_regions.sql b/htdocs/install/mysql/data/llx_10_c_regions.sql index 79d77e6d6af..97fca0f230b 100644 --- a/htdocs/install/mysql/data/llx_10_c_regions.sql +++ b/htdocs/install/mysql/data/llx_10_c_regions.sql @@ -100,7 +100,7 @@ insert into llx_c_regions (fk_pays, code_region, cheflieu, tncc, nom) values ( 0 INSERT INTO llx_c_regions (fk_pays, code_region, cheflieu, tncc, nom) values ( 13, 1301, '', 0, 'Algerie'); --- Andorra Regions (id country=18) +-- Andorra Regions (id country=34) INSERT INTO llx_c_regions (fk_pays, code_region, cheflieu, tncc, nom) VALUES ( 34, 34000, 'AD', NULL, 'Andorra'); From 5bfedbc248ca10e126dd330a35b35716f4d1a72e Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Tue, 27 Apr 2021 00:20:51 +0200 Subject: [PATCH 64/84] Fix regression --- htdocs/bookmarks/card.php | 17 ++--------------- 1 file changed, 2 insertions(+), 15 deletions(-) diff --git a/htdocs/bookmarks/card.php b/htdocs/bookmarks/card.php index f71a750027f..198247bb355 100644 --- a/htdocs/bookmarks/card.php +++ b/htdocs/bookmarks/card.php @@ -153,7 +153,7 @@ if ($action == 'create') { print load_fiche_titre($langs->trans("NewBookmark")); - print dol_get_fiche_head($head, $hselected, $langs->trans("Bookmark"), 0, 'bookmark'); + print dol_get_fiche_head($head, $hselected, $langs->trans("Bookmark"), -1, 'bookmark'); print ''; @@ -171,7 +171,7 @@ if ($action == 'create') { // Owner print ''; // Position @@ -193,20 +193,8 @@ if ($action == 'create') { if ($id > 0 && !preg_match('/^add/i', $action)) { - /* - * Fact bookmark mode or visually edition - */ $object->fetch($id); - $hselected = 'card'; - $head = array( - array( - '', - $langs->trans('Card'), - 'card' - ) - ); - if ($action == 'edit') { print ''; print ''; @@ -216,7 +204,6 @@ if ($id > 0 && !preg_match('/^add/i', $action)) { print ''; } - print dol_get_fiche_head($head, $hselected, $langs->trans("Bookmark"), -1, 'bookmark'); $linkback = ''.$langs->trans("BackToList").''; From 29b1f2b58af9febaba2d7624549494871ed25fe7 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Tue, 27 Apr 2021 00:48:39 +0200 Subject: [PATCH 65/84] Look and feel v14 --- htdocs/bookmarks/card.php | 23 ++++++++++++++--------- htdocs/bookmarks/list.php | 4 ++-- htdocs/theme/eldy/global.inc.php | 1 + 3 files changed, 17 insertions(+), 11 deletions(-) diff --git a/htdocs/bookmarks/card.php b/htdocs/bookmarks/card.php index 198247bb355..207395c267b 100644 --- a/htdocs/bookmarks/card.php +++ b/htdocs/bookmarks/card.php @@ -46,6 +46,9 @@ $position = GETPOST("position", "int"); $backtopage = GETPOST('backtopage', 'alpha'); $object = new Bookmark($db); +if ($id > 0) { + $object->fetch($id); +} /* @@ -133,7 +136,7 @@ $form = new Form($db); $head = array(); $h = 1; -$head[$h][0] = $_SERVER["PHP_SELF"].($object->id ? 'id='.$object->id : ''); +$head[$h][0] = $_SERVER["PHP_SELF"].($object->id ? '?id='.$object->id : ''); $head[$h][1] = $langs->trans("Bookmark"); $head[$h][2] = 'card'; $h++; @@ -157,20 +160,20 @@ if ($action == 'create') { print '
'.$langs->trans("Owner").''; - print img_picto('', 'user').' '.$form->select_dolusers(GETPOSTISSET('userid') ? GETPOST('userid', 'int') : $user->id, 'userid', 0, '', 0, GETPOSTISSET('userid') ? GETPOST('userid', 'int') : array($user->id), '', 0, 0, 0, '', ($user->admin) ? 1 : 0, '', 'maxwidth300'); + print img_picto('', 'user').' '.$form->select_dolusers(GETPOSTISSET('userid') ? GETPOST('userid', 'int') : $user->id, 'userid', 0, '', 0, ($user->admin ? '' : array($user->id)), '', 0, 0, 0, '', ($user->admin) ? 1 : 0, '', 'maxwidth300'); print ' 
'; - print ''; + print ''; dol_set_focus('#titlebookmark'); // Url - print ''; + print ''; // Target print ''; + print ''; // Owner - print ''; @@ -193,7 +196,6 @@ if ($action == 'create') { if ($id > 0 && !preg_match('/^add/i', $action)) { - $object->fetch($id); if ($action == 'edit') { print ''; @@ -246,7 +248,10 @@ if ($id > 0 && !preg_match('/^add/i', $action)) { if ($action == 'edit') { print 'url).'">'; } else { - print 'target ? ' target="_blank"' : '').'>'.$object->url.''; + print 'target ? ' target="_blank"' : '').'>'; + print img_picto('', 'globe', 'class="paddingright"'); + print $object->url; + print ''; } print ''; @@ -264,7 +269,7 @@ if ($id > 0 && !preg_match('/^add/i', $action)) { } print ''; - print ''; diff --git a/htdocs/bookmarks/list.php b/htdocs/bookmarks/list.php index 03310c3f593..7d644d3a103 100644 --- a/htdocs/bookmarks/list.php +++ b/htdocs/bookmarks/list.php @@ -181,7 +181,7 @@ print_liste_field_titre("Ref", $_SERVER["PHP_SELF"], "b.rowid", "", $param, 'ali print_liste_field_titre("Title", $_SERVER["PHP_SELF"], "b.title", "", $param, 'align="left"', $sortfield, $sortorder); print_liste_field_titre("Link", $_SERVER["PHP_SELF"], "b.url", "", $param, 'align="left"', $sortfield, $sortorder); print_liste_field_titre("Target", '', '', '', '', 'align="center"'); -print_liste_field_titre("Owner", $_SERVER["PHP_SELF"], "u.lastname", "", $param, 'align="center"', $sortfield, $sortorder); +print_liste_field_titre("Visibility", $_SERVER["PHP_SELF"], "u.lastname", "", $param, 'align="center"', $sortfield, $sortorder); print_liste_field_titre("Date", $_SERVER["PHP_SELF"], "b.dateb", "", $param, 'align="center"', $sortfield, $sortorder); print_liste_field_titre("Position", $_SERVER["PHP_SELF"], "b.position", "", $param, 'class="right"', $sortfield, $sortorder); print_liste_field_titre(''); @@ -253,7 +253,7 @@ while ($i < min($num, $limit)) { $tmpuser = $cacheOfUsers[$obj->fk_user]; print $tmpuser->getNomUrl(1); } else { - print $langs->trans("Public"); + print ''.$langs->trans("Everybody").''; if (!$user->admin) { $candelete = false; $canedit = false; diff --git a/htdocs/theme/eldy/global.inc.php b/htdocs/theme/eldy/global.inc.php index 3622d77de2f..1c6f711b154 100644 --- a/htdocs/theme/eldy/global.inc.php +++ b/htdocs/theme/eldy/global.inc.php @@ -143,6 +143,7 @@ input { input, input.flat, textarea, textarea.flat, form.flat select, select, select.flat, .dataTables_length label select { background-color: var(--inputbackgroundcolor); color: var(--colortext); + border-radius: 2px; } select.vmenusearchselectcombo { background-color: unset; From f54d14bfd6f97d213eea8cfea2195d5757232577 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Tue, 27 Apr 2021 01:05:14 +0200 Subject: [PATCH 66/84] Add method checkValForAPI to clean data from API input --- htdocs/api/class/api.class.php | 24 ++++++++++--------- .../action/class/api_agendaevents.class.php | 8 ++++--- .../bank/class/api_bankaccounts.class.php | 5 ++-- .../template/class/api_mymodule.class.php | 4 ++-- 4 files changed, 22 insertions(+), 19 deletions(-) diff --git a/htdocs/api/class/api.class.php b/htdocs/api/class/api.class.php index 356caa24ec2..6cb40825ee7 100644 --- a/htdocs/api/class/api.class.php +++ b/htdocs/api/class/api.class.php @@ -73,22 +73,24 @@ class DolibarrApi } /** - * Executed method when API is called without parameter + * Check and convert a string depending on its type/name. * * Display a short message an return a http code 200 * - * @return array + * @param string $field Field name + * @param string $value Value to check/clean + * @param stdClass $object Object + * @return string Value cleaned */ - /* Disabled, most APIs does not share same signature for method index - function index() + protected function checkValForAPI($field, $value, $object) { - return array( - 'success' => array( - 'code' => 200, - 'message' => __class__.' is up and running!' - ) - ); - }*/ + // TODO Use type detected in $object->fields + if (in_array($field, array('note', 'note_private', 'note_public', 'desc', 'description'))) { + return checkVal($value, 'restricthtml'); + } else { + return checkVal($value, 'alphanohtml'); + } + } // phpcs:disable PEAR.NamingConventions.ValidFunctionName.PublicUnderscore /** diff --git a/htdocs/comm/action/class/api_agendaevents.class.php b/htdocs/comm/action/class/api_agendaevents.class.php index 5d57b9624e3..75b9ae355e8 100644 --- a/htdocs/comm/action/class/api_agendaevents.class.php +++ b/htdocs/comm/action/class/api_agendaevents.class.php @@ -217,7 +217,7 @@ class AgendaEvents extends DolibarrApi $result = $this->_validate($request_data); foreach ($request_data as $field => $value) { - $this->actioncomm->$field = $value; + $this->actioncomm->$field = $this->checkValForAPI($field, $value, $this->actioncomm); } /*if (isset($request_data["lines"])) { $lines = array(); @@ -226,6 +226,7 @@ class AgendaEvents extends DolibarrApi } $this->expensereport->lines = $lines; }*/ + if ($this->actioncomm->create(DolibarrApiAccess::$user) < 0) { throw new RestException(500, "Error creating event", array_merge(array($this->actioncomm->error), $this->actioncomm->errors)); } @@ -268,7 +269,8 @@ class AgendaEvents extends DolibarrApi if ($field == 'id') { continue; } - $this->actioncomm->$field = $value; + + $this->actioncomm->$field = $this->checkValForAPI($field, $value, $this->actioncomm); } if ($this->actioncomm->update(DolibarrApiAccess::$user, 1) > 0) { @@ -299,7 +301,7 @@ class AgendaEvents extends DolibarrApi } if (!DolibarrApiAccess::$user->rights->agenda->allactions->delete && DolibarrApiAccess::$user->id != $this->actioncomm->userownerid) { - throw new RestException(401, "Insufficient rights to delete an Agenda Event of owner id ".$request_data['userownerid'].' Your id is '.DolibarrApiAccess::$user->id); + throw new RestException(401, "Insufficient rights to delete an Agenda Event of owner id ".$this->actioncomm->userownerid.' Your id is '.DolibarrApiAccess::$user->id); } if (!$result) { diff --git a/htdocs/compta/bank/class/api_bankaccounts.class.php b/htdocs/compta/bank/class/api_bankaccounts.class.php index 8cdd33425d6..4afeac70124 100644 --- a/htdocs/compta/bank/class/api_bankaccounts.class.php +++ b/htdocs/compta/bank/class/api_bankaccounts.class.php @@ -29,7 +29,6 @@ require_once DOL_DOCUMENT_ROOT.'/compta/bank/class/account.class.php'; */ class BankAccounts extends DolibarrApi { - /** * array $FIELDS Mandatory fields, checked when creating an object */ @@ -158,7 +157,7 @@ class BankAccounts extends DolibarrApi $account = new Account($this->db); foreach ($request_data as $field => $value) { - $account->$field = $value; + $account->$field = $this->checkValForAPI($field, $value, $account); } // Date of the initial balance (required to create an account). $account->date_solde = time(); @@ -333,7 +332,7 @@ class BankAccounts extends DolibarrApi if ($field == 'id') { continue; } - $account->$field = $value; + $account->$field = $this->checkValForAPI($field, $value, $account); } if ($account->update(DolibarrApiAccess::$user) > 0) { diff --git a/htdocs/modulebuilder/template/class/api_mymodule.class.php b/htdocs/modulebuilder/template/class/api_mymodule.class.php index 47a3ac984f9..e4b5fcca219 100644 --- a/htdocs/modulebuilder/template/class/api_mymodule.class.php +++ b/htdocs/modulebuilder/template/class/api_mymodule.class.php @@ -213,7 +213,7 @@ class MyModuleApi extends DolibarrApi $result = $this->_validate($request_data); foreach ($request_data as $field => $value) { - $this->myobject->$field = $value; + $this->myobject->$field = $this->checkValForAPI($field, $value, $this->myobject); } // Clean data @@ -255,7 +255,7 @@ class MyModuleApi extends DolibarrApi if ($field == 'id') { continue; } - $this->myobject->$field = $value; + $this->myobject->$field = $this->checkValForAPI($field, $value, $this->myobject); } // Clean data From d2b91e934af0dd2a745d6329f7332b5a09d15366 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Tue, 27 Apr 2021 01:09:46 +0200 Subject: [PATCH 67/84] Clean code --- htdocs/comm/action/class/api_agendaevents.class.php | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/htdocs/comm/action/class/api_agendaevents.class.php b/htdocs/comm/action/class/api_agendaevents.class.php index 75b9ae355e8..f8b9a2a353f 100644 --- a/htdocs/comm/action/class/api_agendaevents.class.php +++ b/htdocs/comm/action/class/api_agendaevents.class.php @@ -400,7 +400,9 @@ class AgendaEvents extends DolibarrApi unset($object->civility_id); unset($object->contact); unset($object->societe); - + unset($object->demand_reason_id); + unset($object->transport_mode_id); + unset($object->region_id); unset($object->actions); unset($object->lines); From 539954f7604e191ecab4513187aa8773e6207554 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Tue, 27 Apr 2021 01:12:40 +0200 Subject: [PATCH 68/84] Clean code --- htdocs/comm/action/class/api_agendaevents.class.php | 1 + 1 file changed, 1 insertion(+) diff --git a/htdocs/comm/action/class/api_agendaevents.class.php b/htdocs/comm/action/class/api_agendaevents.class.php index f8b9a2a353f..68da91d6ce2 100644 --- a/htdocs/comm/action/class/api_agendaevents.class.php +++ b/htdocs/comm/action/class/api_agendaevents.class.php @@ -405,6 +405,7 @@ class AgendaEvents extends DolibarrApi unset($object->region_id); unset($object->actions); unset($object->lines); + unset($object->modelpdf); return $object; } From efbed70286656a5758bfd9be2b0c6f7b9d64e640 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Tue, 27 Apr 2021 01:17:26 +0200 Subject: [PATCH 69/84] Update card.php --- htdocs/compta/facture/card.php | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/htdocs/compta/facture/card.php b/htdocs/compta/facture/card.php index 31cc5c3b6f3..8164ece1327 100644 --- a/htdocs/compta/facture/card.php +++ b/htdocs/compta/facture/card.php @@ -196,8 +196,7 @@ if (empty($reshook)) { setEventMessages($object->error, $object->errors, 'errors'); $action = ''; } - } // Change status of invoice - elseif ($action == 'reopen' && $usercanreopen) { + } elseif ($action == 'reopen' && $usercanreopen) { $result = $object->fetch($id); if ($object->statut == Facture::STATUS_CLOSED || ($object->statut == Facture::STATUS_ABANDONED && ($object->close_code != 'replaced' || $object->getIdReplacingInvoice() == 0)) || ($object->statut == Facture::STATUS_VALIDATED && $object->paye == 1)) { // ($object->statut == 1 && $object->paye == 1) should not happened but can be found when data are corrupted From e9b8e817738499d9470c34bbdb54fd2955270d21 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Tue, 27 Apr 2021 01:45:10 +0200 Subject: [PATCH 70/84] Update advtargetemailing.class.php --- htdocs/comm/mailing/class/advtargetemailing.class.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/htdocs/comm/mailing/class/advtargetemailing.class.php b/htdocs/comm/mailing/class/advtargetemailing.class.php index cb539768cf9..b43daf4bf0c 100644 --- a/htdocs/comm/mailing/class/advtargetemailing.class.php +++ b/htdocs/comm/mailing/class/advtargetemailing.class.php @@ -641,8 +641,8 @@ class AdvanceTargetingMailing extends CommonObject $sqlwhere[]= " (te.".$key." = ".$arrayquery['options_'.$key].")"; } } elseif ($extrafields->attributes[$elementtype]['type'][$key] == 'link') { - if ($arrayquery['options_'.$key] > 0){ - $sqlwhere[]= " (te.".$key." = ".((int) $arrayquery['options_'.$key]).")"; + if ($arrayquery['options_'.$key] > 0) { + $sqlwhere[]= " (te.".$key." = ".((int) $arrayquery['options_'.$key]).")"; } } else { if (is_array($arrayquery['options_'.$key])) { From 12a4bc64adb983e6a76325c8bd6183d7cde962d3 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Tue, 27 Apr 2021 02:01:46 +0200 Subject: [PATCH 71/84] Remove $_REQUEST --- htdocs/compta/paiement/card.php | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/htdocs/compta/paiement/card.php b/htdocs/compta/paiement/card.php index ff9f93bc297..680a8c501a2 100644 --- a/htdocs/compta/paiement/card.php +++ b/htdocs/compta/paiement/card.php @@ -109,14 +109,13 @@ if ($action == 'confirm_validate' && $confirm == 'yes' && $user->rights->facture if ($object->validate($user) > 0) { $db->commit(); - + // Loop on each invoice linked to this payment to rebuild PDF if (empty($conf->global->MAIN_DISABLE_PDF_AUTOUPDATE)) { $outputlangs = $langs; - if (!empty($_REQUEST['lang_id'])) - { + if (GETPOST('lang_id', 'aZ09')) { $outputlangs = new Translate("", $conf); - $outputlangs->setDefaultLang($_REQUEST['lang_id']); + $outputlangs->setDefaultLang(GETPOST('lang_id', 'aZ09')); } $hidedetails = ! empty($conf->global->MAIN_GENERATE_DOCUMENTS_HIDE_DETAILS) ? 1 : 0; From 27aa7cdb48cb08ee3625f4e5a4042d173b6a35a4 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Tue, 27 Apr 2021 02:08:36 +0200 Subject: [PATCH 72/84] Fix bad merge --- htdocs/compta/paiement/card.php | 2 +- htdocs/public/members/new.php | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/htdocs/compta/paiement/card.php b/htdocs/compta/paiement/card.php index 680a8c501a2..1bc1270e2d6 100644 --- a/htdocs/compta/paiement/card.php +++ b/htdocs/compta/paiement/card.php @@ -148,7 +148,7 @@ if ($action == 'confirm_validate' && $confirm == 'yes' && $user->rights->facture break; } - if ($invoice->generateDocument($fac->modelpdf, $outputlangs, $hidedetails, $hidedesc, $hideref) < 0) { + if ($invoice->generateDocument($invoice->modelpdf, $outputlangs, $hidedetails, $hidedesc, $hideref) < 0) { $errors++; setEventMessages($invoice->error, $invoice->errors, 'errors'); break; diff --git a/htdocs/public/members/new.php b/htdocs/public/members/new.php index 3d0ecc6fd16..cddfd0524b1 100644 --- a/htdocs/public/members/new.php +++ b/htdocs/public/members/new.php @@ -212,7 +212,7 @@ if (empty($reshook) && $action == 'add') { $error++; $errmsg .= $langs->trans('ErrorFieldRequired', $langs->transnoentitiesnoconv('Email'))."
\n"; } elseif (GETPOST("email") && !isValidEmail(GETPOST("email"))) { - + $langs->load('errors'); + $langs->load('errors'); $error++; $errmsg .= $langs->trans("ErrorBadEMail", GETPOST("email"))."
\n"; } From 098582d7a738241d59555107e375cad5f6145e46 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Tue, 27 Apr 2021 02:09:43 +0200 Subject: [PATCH 73/84] Fix bad merge --- htdocs/compta/paiement/card.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/compta/paiement/card.php b/htdocs/compta/paiement/card.php index 17cfeaca8dc..d9a1d73ec27 100644 --- a/htdocs/compta/paiement/card.php +++ b/htdocs/compta/paiement/card.php @@ -148,7 +148,7 @@ if ($action == 'confirm_valide' && $confirm == 'yes' && $user->rights->facture-> break; } - if ($invoice->generateDocument($fac->modelpdf, $outputlangs, $hidedetails, $hidedesc, $hideref) < 0) { + if ($invoice->generateDocument($invoice->modelpdf, $outputlangs, $hidedetails, $hidedesc, $hideref) < 0) { $errors++; setEventMessage($invoice->error, $invoice->errors, 'errors'); break; From c7f38c4cf03dffac3291854ee5f0008725167648 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Tue, 27 Apr 2021 02:10:52 +0200 Subject: [PATCH 74/84] Fix bad var --- htdocs/compta/paiement/card.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/compta/paiement/card.php b/htdocs/compta/paiement/card.php index f54417b8a6f..3f9e3551edd 100644 --- a/htdocs/compta/paiement/card.php +++ b/htdocs/compta/paiement/card.php @@ -148,7 +148,7 @@ if ($action == 'confirm_valide' && $confirm == 'yes' && $user->rights->facture-> break; } - if ($invoice->generateDocument($fac->modelpdf, $outputlangs, $hidedetails, $hidedesc, $hideref) < 0) { + if ($invoice->generateDocument($invoice->modelpdf, $outputlangs, $hidedetails, $hidedesc, $hideref) < 0) { $errors++; setEventMessage($invoice->error, $invoice->errors, 'errors'); break; From 2e9cf8d00b0c347cbc6c2bcfe94643f1be30baae Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Tue, 27 Apr 2021 02:15:58 +0200 Subject: [PATCH 75/84] Fix phpcs --- htdocs/compta/paiement/card.php | 1 - 1 file changed, 1 deletion(-) diff --git a/htdocs/compta/paiement/card.php b/htdocs/compta/paiement/card.php index 3f9e3551edd..dc892029829 100644 --- a/htdocs/compta/paiement/card.php +++ b/htdocs/compta/paiement/card.php @@ -165,7 +165,6 @@ if ($action == 'confirm_valide' && $confirm == 'yes' && $user->rights->facture-> $errors++; setEventMessage($db->error, $db->errors, 'errors'); } - } if (! $errors) { From ea08dfff5a697fc1d415bb3561ff5277767336ab Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Tue, 27 Apr 2021 02:21:02 +0200 Subject: [PATCH 76/84] Package for v14 --- build/rpm/dolibarr_fedora.spec | 2 ++ build/rpm/dolibarr_generic.spec | 5 ++++- build/rpm/dolibarr_mandriva.spec | 2 ++ build/rpm/dolibarr_opensuse.spec | 2 ++ 4 files changed, 10 insertions(+), 1 deletion(-) diff --git a/build/rpm/dolibarr_fedora.spec b/build/rpm/dolibarr_fedora.spec index d50c91d1f05..662c80adf6c 100755 --- a/build/rpm/dolibarr_fedora.spec +++ b/build/rpm/dolibarr_fedora.spec @@ -185,6 +185,7 @@ done >>%{name}.lang %_datadir/dolibarr/htdocs/don %_datadir/dolibarr/htdocs/ecm %_datadir/dolibarr/htdocs/emailcollector +%_datadir/dolibarr/htdocs/eventorganization %_datadir/dolibarr/htdocs/expedition %_datadir/dolibarr/htdocs/expensereport %_datadir/dolibarr/htdocs/exports @@ -206,6 +207,7 @@ done >>%{name}.lang %_datadir/dolibarr/htdocs/mrp %_datadir/dolibarr/htdocs/multicurrency %_datadir/dolibarr/htdocs/opensurvey +%_datadir/dolibarr/htdocs/partnership %_datadir/dolibarr/htdocs/paybox %_datadir/dolibarr/htdocs/paypal %_datadir/dolibarr/htdocs/printing diff --git a/build/rpm/dolibarr_generic.spec b/build/rpm/dolibarr_generic.spec index 4541868a04f..72cb7599b45 100755 --- a/build/rpm/dolibarr_generic.spec +++ b/build/rpm/dolibarr_generic.spec @@ -67,7 +67,8 @@ Requires: httpd, php >= 5.3.0, php-cli, php-gd, php-ldap, php-imap, php-mbstring Requires: mysql-server, mysql Requires: php-mysqli >= 4.1.0 %endif -%endif +%endif%_datadir/dolibarr/htdocs/eventorganization + %endif # Set yes to build test package, no for release (this disable need of /usr/bin/php not found by OpenSuse) @@ -265,6 +266,7 @@ done >>%{name}.lang %_datadir/dolibarr/htdocs/don %_datadir/dolibarr/htdocs/ecm %_datadir/dolibarr/htdocs/emailcollector +%_datadir/dolibarr/htdocs/eventorganization %_datadir/dolibarr/htdocs/expedition %_datadir/dolibarr/htdocs/expensereport %_datadir/dolibarr/htdocs/exports @@ -286,6 +288,7 @@ done >>%{name}.lang %_datadir/dolibarr/htdocs/mrp %_datadir/dolibarr/htdocs/multicurrency %_datadir/dolibarr/htdocs/opensurvey +%_datadir/dolibarr/htdocs/partnership %_datadir/dolibarr/htdocs/paybox %_datadir/dolibarr/htdocs/paypal %_datadir/dolibarr/htdocs/printing diff --git a/build/rpm/dolibarr_mandriva.spec b/build/rpm/dolibarr_mandriva.spec index d618b5729d5..a71a53e690f 100755 --- a/build/rpm/dolibarr_mandriva.spec +++ b/build/rpm/dolibarr_mandriva.spec @@ -182,6 +182,7 @@ done >>%{name}.lang %_datadir/dolibarr/htdocs/don %_datadir/dolibarr/htdocs/ecm %_datadir/dolibarr/htdocs/emailcollector +%_datadir/dolibarr/htdocs/eventorganization %_datadir/dolibarr/htdocs/expedition %_datadir/dolibarr/htdocs/expensereport %_datadir/dolibarr/htdocs/exports @@ -203,6 +204,7 @@ done >>%{name}.lang %_datadir/dolibarr/htdocs/mrp %_datadir/dolibarr/htdocs/multicurrency %_datadir/dolibarr/htdocs/opensurvey +%_datadir/dolibarr/htdocs/partnership %_datadir/dolibarr/htdocs/paybox %_datadir/dolibarr/htdocs/paypal %_datadir/dolibarr/htdocs/printing diff --git a/build/rpm/dolibarr_opensuse.spec b/build/rpm/dolibarr_opensuse.spec index 230a8946e99..0d86e4297cc 100755 --- a/build/rpm/dolibarr_opensuse.spec +++ b/build/rpm/dolibarr_opensuse.spec @@ -193,6 +193,7 @@ done >>%{name}.lang %_datadir/dolibarr/htdocs/don %_datadir/dolibarr/htdocs/ecm %_datadir/dolibarr/htdocs/emailcollector +%_datadir/dolibarr/htdocs/eventorganization %_datadir/dolibarr/htdocs/expedition %_datadir/dolibarr/htdocs/expensereport %_datadir/dolibarr/htdocs/exports @@ -214,6 +215,7 @@ done >>%{name}.lang %_datadir/dolibarr/htdocs/mrp %_datadir/dolibarr/htdocs/multicurrency %_datadir/dolibarr/htdocs/opensurvey +%_datadir/dolibarr/htdocs/partnership %_datadir/dolibarr/htdocs/paybox %_datadir/dolibarr/htdocs/paypal %_datadir/dolibarr/htdocs/printing From 5bb2531364f968ad77ac9de2cba9e6461e6d0c41 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Tue, 27 Apr 2021 02:52:24 +0200 Subject: [PATCH 77/84] Enhance ticket module --- htdocs/core/class/html.formticket.class.php | 14 ++++++++++---- htdocs/public/ticket/create_ticket.php | 1 + 2 files changed, 11 insertions(+), 4 deletions(-) diff --git a/htdocs/core/class/html.formticket.class.php b/htdocs/core/class/html.formticket.class.php index c5c3b38b29b..7d012077700 100644 --- a/htdocs/core/class/html.formticket.class.php +++ b/htdocs/core/class/html.formticket.class.php @@ -169,13 +169,15 @@ class FormTicket if ($this->withref) { // Ref $defaultref = $ticketstat->getDefaultRef(); - print ''; + print ''; } // TITLE if ($this->withemail) { print ''; } @@ -313,7 +315,7 @@ class FormTicket if ($this->withfile == 2) { // Can add other files $out .= ''; $out .= ' '; - $out .= ''; + $out .= ''; } $out .= "\n"; @@ -453,6 +455,8 @@ class FormTicket } print ''; + print ''."\n"; + print "\n"; print "\n"; } @@ -1083,7 +1087,7 @@ class FormTicket if ($this->withfile == 2) { // Can add other files $out .= ''; $out .= ' '; - $out .= ''; + $out .= ''; } $out .= "\n"; @@ -1100,6 +1104,8 @@ class FormTicket } print "\n"; + print ''."\n"; + print "\n"; print "\n"; } diff --git a/htdocs/public/ticket/create_ticket.php b/htdocs/public/ticket/create_ticket.php index 85b40430d4c..1d0339f83f8 100644 --- a/htdocs/public/ticket/create_ticket.php +++ b/htdocs/public/ticket/create_ticket.php @@ -79,6 +79,7 @@ $extrafields->fetch_name_optionals_label($object->table_element); /* * Actions */ + $parameters = array( 'id' => $id, ); From 0a0b3f414ad691fea848cd7b96dacdbbe1e0c441 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Tue, 27 Apr 2021 02:54:33 +0200 Subject: [PATCH 78/84] Fix phpcs --- htdocs/compta/paiement/card.php | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/htdocs/compta/paiement/card.php b/htdocs/compta/paiement/card.php index 1bc1270e2d6..30d2b994959 100644 --- a/htdocs/compta/paiement/card.php +++ b/htdocs/compta/paiement/card.php @@ -159,9 +159,7 @@ if ($action == 'confirm_validate' && $confirm == 'yes' && $user->rights->facture } $db->free($resql); - } - else - { + } else { $errors++; setEventMessages($db->error, $db->errors, 'errors'); } From 3e013ebad0ace178de5f32fd9c31ba54163de8ad Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Tue, 27 Apr 2021 03:16:11 +0200 Subject: [PATCH 79/84] Fix mass action delete of cron jobs --- htdocs/core/lib/functions.lib.php | 7 ++++--- htdocs/core/modules/modFacture.class.php | 2 +- htdocs/cron/list.php | 13 ++++++++----- 3 files changed, 13 insertions(+), 9 deletions(-) diff --git a/htdocs/core/lib/functions.lib.php b/htdocs/core/lib/functions.lib.php index 3de1b0d8948..7559b94a740 100644 --- a/htdocs/core/lib/functions.lib.php +++ b/htdocs/core/lib/functions.lib.php @@ -3542,7 +3542,7 @@ function img_picto($titlealt, $picto, $moreatt = '', $pictoisfullpath = false, $ 'recruitmentcandidature', 'recruitmentjobposition', 'resource', 'shapes', 'supplier_proposal', 'supplier_order', 'supplier_invoice', 'timespent', 'title_setup', 'title_accountancy', 'title_bank', 'title_hrm', 'title_agenda', - 'user-cog', 'website', 'workstation', + 'uncheck', 'user-cog', 'website', 'workstation', 'conferenceorbooth', 'eventorganization' ))) { $pictowithouttext = str_replace('object_', '', $pictowithouttext); @@ -3588,7 +3588,7 @@ function img_picto($titlealt, $picto, $moreatt = '', $pictoisfullpath = false, $ 'salary'=>'wallet', 'shipment'=>'dolly', 'stock'=>'box-open', 'stats' => 'chart-bar', 'split'=>'code-branch', 'stripe'=>'stripe-s', 'supplier_invoice'=>'file-invoice-dollar', 'technic'=>'cogs', 'ticket'=>'ticket-alt', 'timespent'=>'clock', 'title_setup'=>'tools', 'title_accountancy'=>'money-check-alt', 'title_bank'=>'university', 'title_hrm'=>'umbrella-beach', 'title_agenda'=>'calendar-alt', - 'uparrow'=>'share', 'vcard'=>'address-card', + 'uncheck'=>'times', 'uparrow'=>'share', 'vcard'=>'address-card', 'jabber'=>'comment-o', 'website'=>'globe-americas', 'workstation'=>'pallet', 'conferenceorbooth'=>'chalkboard-teacher', 'eventorganization'=>'project-diagram' @@ -3680,7 +3680,8 @@ function img_picto($titlealt, $picto, $moreatt = '', $pictoisfullpath = false, $ 'map-marker-alt'=>'#aaa', 'mrp'=>'#a69944', 'product'=>'#a69944', 'service'=>'#a69944', 'inventory'=>'#a69944', 'stock'=>'#a69944', 'movement'=>'#a69944', 'other'=>'#ddd', 'playdisabled'=>'#ccc', 'printer'=>'#444', 'projectpub'=>'#986c6a', 'reception'=>'#a69944', 'resize'=>'#444', 'rss'=>'#cba', - 'shipment'=>'#a69944', 'stats'=>'#444', 'switch_off'=>'#999', 'technic'=>'#999', 'timespent'=>'#555', 'uparrow'=>'#555', 'user-cog'=>'#999', 'country'=>'#aaa', 'globe-americas'=>'#aaa', + 'shipment'=>'#a69944', 'stats'=>'#444', 'switch_off'=>'#999', 'technic'=>'#999', 'timespent'=>'#555', + 'uncheck'=>'#800', 'uparrow'=>'#555', 'user-cog'=>'#999', 'country'=>'#aaa', 'globe-americas'=>'#aaa', 'website'=>'#304', 'workstation'=>'#a69944' ); if (isset($arrayconvpictotocolor[$pictowithouttext])) { diff --git a/htdocs/core/modules/modFacture.class.php b/htdocs/core/modules/modFacture.class.php index 8e9d242a6e3..01a691ed6fb 100644 --- a/htdocs/core/modules/modFacture.class.php +++ b/htdocs/core/modules/modFacture.class.php @@ -121,7 +121,7 @@ class modFacture extends DolibarrModules $datestart = dol_mktime(23, 0, 0, $arraydate['mon'], $arraydate['mday'], $arraydate['year']); $this->cronjobs = array( 0=>array('label'=>'RecurringInvoices', 'jobtype'=>'method', 'class'=>'compta/facture/class/facture-rec.class.php', 'objectname'=>'FactureRec', 'method'=>'createRecurringInvoices', 'parameters'=>'', 'comment'=>'Generate recurring invoices', 'frequency'=>1, 'unitfrequency'=>3600 * 24, 'priority'=>50, 'status'=>1, 'test'=>'$conf->facture->enabled', 'datestart'=>$datestart), - 1=>array('label'=>'SendEmailsRemindersOnDueDate', 'jobtype'=>'method', 'class'=>'compta/facture/class/facture.class.php', 'objectname'=>'Facture', 'method'=>'sendEmailsReminderOnDueDate', 'parameters'=>"10,all,EmailTemplateCode", 'comment'=>'Send an emails when the unpaid invoices reach a due date + n days (an email template with EmailTemplateCode must exists. the version in the language of the thirdparty will be used in priority)', 'frequency'=>1, 'unitfrequency'=>3600 * 24, 'priority'=>50, 'status'=>0, 'test'=>'$conf->facture->enabled', 'datestart'=>$datestart), + 1=>array('label'=>'SendEmailsRemindersOnInvoiceDueDate', 'jobtype'=>'method', 'class'=>'compta/facture/class/facture.class.php', 'objectname'=>'Facture', 'method'=>'sendEmailsReminderOnDueDate', 'parameters'=>"10,all,EmailTemplateCode", 'comment'=>'Send an emails when the unpaid invoices reach a due date + n days (an email template with EmailTemplateCode must exists. the version in the language of the thirdparty will be used in priority)', 'frequency'=>1, 'unitfrequency'=>3600 * 24, 'priority'=>50, 'status'=>0, 'test'=>'$conf->facture->enabled', 'datestart'=>$datestart), ); // Permissions diff --git a/htdocs/cron/list.php b/htdocs/cron/list.php index a88bcda9a66..e5d779d8e10 100644 --- a/htdocs/cron/list.php +++ b/htdocs/cron/list.php @@ -350,9 +350,6 @@ include DOL_DOCUMENT_ROOT.'/core/tpl/extrafields_list_search_param.tpl.php'; $stringcurrentdate = $langs->trans("CurrentHour").': '.dol_print_date(dol_now(), 'dayhour'); -if ($action == 'delete') { - print $form->formconfirm($_SERVER['PHP_SELF']."?id=".$id.$param, $langs->trans("CronDelete"), $langs->trans("CronConfirmDelete"), "confirm_delete", '', '', 1); -} if ($action == 'execute') { print $form->formconfirm($_SERVER['PHP_SELF']."?id=".$id.'&securitykey='.$securitykey.$param, $langs->trans("CronExecute"), $langs->trans("CronConfirmExecute"), "confirm_execute", '', '', 1); } @@ -362,12 +359,12 @@ $arrayofmassactions = array( //'presend'=>img_picto('', 'email', 'class="pictofixedwidth"').$langs->trans("SendByMail"), //'builddoc'=>img_picto('', 'pdf', 'class="pictofixedwidth"').$langs->trans("PDFMerge"), 'enable'=>img_picto('', 'check', 'class="pictofixedwidth"').$langs->trans("CronStatusActiveBtn"), - 'disable'=>img_picto('', 'title_close', 'class="pictofixedwidth"').$langs->trans("CronStatusInactiveBtn"), + 'disable'=>img_picto('', 'uncheck', 'class="pictofixedwidth"').$langs->trans("CronStatusInactiveBtn"), ); if ($user->rights->cron->delete) { $arrayofmassactions['predelete'] = img_picto('', 'delete', 'class="pictofixedwidth"').$langs->trans("Delete"); } -if (in_array($massaction, array('presend', 'predelete'))) { +if (GETPOST('nomassaction', 'int') || in_array($massaction, array('presend', 'predelete'))) { $arrayofmassactions = array(); } $massactionbutton = $form->selectMassAction('', $arrayofmassactions); @@ -406,6 +403,12 @@ if ($mode == 'modulesetup') { print_barre_liste($pagetitle, $page, $_SERVER["PHP_SELF"], $param, $sortfield, $sortorder, $massactionbutton, $num, $nbtotalofrecords, ($mode == 'modulesetup' ? '' : 'title_setup'), 0, $newcardbutton, '', $limit); +// Add code for pre mass action (confirmation or email presend form) +$topicmail = "SendCronRef"; +$modelmail = "cron"; +$objecttmp = new Cronjob($db); +$trackid = 'cron'.$object->id; +include DOL_DOCUMENT_ROOT.'/core/tpl/massactions_pre.tpl.php'; $text = $langs->trans("HoursOnThisPageAreOnServerTZ").' '.$stringcurrentdate.'
'; if (!empty($conf->global->CRON_WARNING_DELAY_HOURS)) { From 4b204301a9ab0e67a14e90bf2d94377466215f39 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Tue, 27 Apr 2021 03:25:49 +0200 Subject: [PATCH 80/84] Enhance logs --- htdocs/compta/facture/class/facture.class.php | 14 ++++++++------ htdocs/core/modules/modFacture.class.php | 2 +- 2 files changed, 9 insertions(+), 7 deletions(-) diff --git a/htdocs/compta/facture/class/facture.class.php b/htdocs/compta/facture/class/facture.class.php index dfb2d5a3b52..1b0a4a768b1 100644 --- a/htdocs/compta/facture/class/facture.class.php +++ b/htdocs/compta/facture/class/facture.class.php @@ -4902,7 +4902,7 @@ class Facture extends CommonInvoice * @param int|string $template Name (or id) of email template (Must be a template of type 'facture_send') * @return int 0 if OK, <>0 if KO (this function is used also by cron so only 0 is OK) */ - public function sendEmailsReminderOnDueDate($nbdays = 0, $paymentmode = 'all', $template = '') + public function sendEmailsRemindersOnInvoiceDueDate($nbdays = 0, $paymentmode = 'all', $template = '') { global $conf, $langs, $user; @@ -4914,12 +4914,12 @@ class Facture extends CommonInvoice if (empty($conf->facture->enabled)) { // Should not happen. If module disabled, cron job should not be visible. $langs->load("bills"); - $this->output = $langs->trans('ModuleNotEnabled', $langs->transnoentitiesnoconv("Facture")); + $this->output .= $langs->trans('ModuleNotEnabled', $langs->transnoentitiesnoconv("Facture")); return 0; } /*if (empty($conf->global->FACTURE_REMINDER_EMAIL)) { $langs->load("bills"); - $this->output = $langs->trans('EventRemindersByEmailNotEnabled', $langs->transnoentitiesnoconv("Facture")); + $this->output .= $langs->trans('EventRemindersByEmailNotEnabled', $langs->transnoentitiesnoconv("Facture")); return 0; } */ @@ -4941,7 +4941,7 @@ class Facture extends CommonInvoice $sql .= ", ".MAIN_DB_PREFIX."c_paiement as cp"; } $sql .= " WHERE f.paye = 0"; - $sql .= " AND f.date_lim_reglement = '".$this->db->idate(dol_get_first_hour(dol_time_plus_duree(dol_now(), -1 * $nbdays, 'd'), 'gmt'), 'gmt')."'"; + $sql .= " AND f.date_lim_reglement = '".$this->db->idate(dol_get_first_hour(dol_time_plus_duree($now, -1 * $nbdays, 'd'), 'gmt'), 'gmt')."'"; $sql .= " AND f.entity IN (".getEntity('facture').")"; if (!empty($paymentmode) && $paymentmode != 'all') { $sql .= " AND f.fk_mode_reglement = cp.id AND cp.code = '".$this->db->escape($paymentmode)."'"; @@ -4950,6 +4950,8 @@ class Facture extends CommonInvoice $sql .= $this->db->order("date_lim_reglement", "ASC"); $resql = $this->db->query($sql); + $this->output .= 'Search unpaid invoices with due date = '.$this->db->idate(dol_get_first_hour(dol_time_plus_duree($now, -1 * $nbdays, 'd'), 'gmt'), 'gmt').'
'; + if ($resql) { while ($obj = $this->db->fetch_object($resql)) { if (!$error) { @@ -4969,7 +4971,7 @@ class Facture extends CommonInvoice $arraymessage = $formmail->getEMailTemplate($this->db, 'facture_send', $user, $outputlangs, (is_numeric($template) ? $template : 0), 1, (is_numeric($template) ? '' : $template)); if (is_numeric($arraymessage) && $arraymessage <= 0) { $langs->load("bills"); - $this->output = $langs->trans('FailedToFindEmailTemplate', $template); + $this->output .= $langs->trans('FailedToFindEmailTemplate', $template); return 0; } @@ -5040,7 +5042,7 @@ class Facture extends CommonInvoice } if (!$error) { - $this->output = 'Nb of emails sent : '.$nbMailSend; + $this->output .= 'Nb of emails sent : '.$nbMailSend; $this->db->commit(); return 0; } else { diff --git a/htdocs/core/modules/modFacture.class.php b/htdocs/core/modules/modFacture.class.php index 01a691ed6fb..333ef747cf2 100644 --- a/htdocs/core/modules/modFacture.class.php +++ b/htdocs/core/modules/modFacture.class.php @@ -121,7 +121,7 @@ class modFacture extends DolibarrModules $datestart = dol_mktime(23, 0, 0, $arraydate['mon'], $arraydate['mday'], $arraydate['year']); $this->cronjobs = array( 0=>array('label'=>'RecurringInvoices', 'jobtype'=>'method', 'class'=>'compta/facture/class/facture-rec.class.php', 'objectname'=>'FactureRec', 'method'=>'createRecurringInvoices', 'parameters'=>'', 'comment'=>'Generate recurring invoices', 'frequency'=>1, 'unitfrequency'=>3600 * 24, 'priority'=>50, 'status'=>1, 'test'=>'$conf->facture->enabled', 'datestart'=>$datestart), - 1=>array('label'=>'SendEmailsRemindersOnInvoiceDueDate', 'jobtype'=>'method', 'class'=>'compta/facture/class/facture.class.php', 'objectname'=>'Facture', 'method'=>'sendEmailsReminderOnDueDate', 'parameters'=>"10,all,EmailTemplateCode", 'comment'=>'Send an emails when the unpaid invoices reach a due date + n days (an email template with EmailTemplateCode must exists. the version in the language of the thirdparty will be used in priority)', 'frequency'=>1, 'unitfrequency'=>3600 * 24, 'priority'=>50, 'status'=>0, 'test'=>'$conf->facture->enabled', 'datestart'=>$datestart), + 1=>array('label'=>'SendEmailsRemindersOnInvoiceDueDate', 'jobtype'=>'method', 'class'=>'compta/facture/class/facture.class.php', 'objectname'=>'Facture', 'method'=>'sendEmailsRemindersOnInvoiceDueDate', 'parameters'=>"10,all,EmailTemplateCode", 'comment'=>'Send an emails when the unpaid invoices reach a due date + n days (an email template with EmailTemplateCode must exists. the version in the language of the thirdparty will be used in priority)', 'frequency'=>1, 'unitfrequency'=>3600 * 24, 'priority'=>50, 'status'=>0, 'test'=>'$conf->facture->enabled', 'datestart'=>$datestart), ); // Permissions From 0d391ec185d24b99bc9773a54a30951bb2db4bc2 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Tue, 27 Apr 2021 11:20:04 +0200 Subject: [PATCH 81/84] Show name of sitemap file --- htdocs/langs/en_US/website.lang | 2 +- htdocs/website/index.php | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/htdocs/langs/en_US/website.lang b/htdocs/langs/en_US/website.lang index e70d88a3aa1..bd23bd39a5c 100644 --- a/htdocs/langs/en_US/website.lang +++ b/htdocs/langs/en_US/website.lang @@ -140,7 +140,7 @@ DefineListOfAltLanguagesInWebsiteProperties=Define list of all available languag GenerateSitemaps=Generate website sitemap file ConfirmGenerateSitemaps=If you confirm, you will erase the existing sitemap file... ConfirmSitemapsCreation=Confirm sitemap generation -SitemapGenerated=Sitemap file generated +SitemapGenerated=Sitemap file %s generated ImportFavicon=Favicon ErrorFaviconType=Favicon must be png ErrorFaviconSize=Favicon must be sized 16x16, 32x32 or 64x64 diff --git a/htdocs/website/index.php b/htdocs/website/index.php index 547f6ac217a..68df5208d84 100644 --- a/htdocs/website/index.php +++ b/htdocs/website/index.php @@ -2260,7 +2260,7 @@ if ($action == 'generatesitemaps' && $usercanedit) { $domtree->formatOutput = true; - $xmlname = 'sitemap.'.$websitekey.'.xml'; + $xmlname = 'sitemap.xml'; $sql = "SELECT wp.rowid, wp.type_container , wp.pageurl, wp.lang, wp.fk_page, wp.tms as tms,"; $sql .= " w.virtualhost, w.fk_default_home"; @@ -2396,7 +2396,7 @@ if ($action == 'generatesitemaps' && $usercanedit) { if (!empty($conf->global->MAIN_UMASK)) { @chmod($tempdir.$xmlname, octdec($conf->global->MAIN_UMASK)); } - setEventMessages($langs->trans("SitemapGenerated"), null, 'mesgs'); + setEventMessages($langs->trans("SitemapGenerated", $xmlname), null, 'mesgs'); } else { setEventMessages($object->error, $object->errors, 'errors'); } From 071fe087fd2a953aa2109bb8f223402bba1f585b Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Tue, 27 Apr 2021 11:29:47 +0200 Subject: [PATCH 82/84] Fix replacement of sitemap entry in robot.txt --- htdocs/website/index.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/website/index.php b/htdocs/website/index.php index 68df5208d84..e9af12a7dd6 100644 --- a/htdocs/website/index.php +++ b/htdocs/website/index.php @@ -2414,7 +2414,7 @@ if ($action == 'generatesitemaps' && $usercanedit) { $robotsitemap = "Sitemap: ".$domainname."/".$xmlname; $result = strpos($robotcontent, 'Sitemap: '); if ($result) { - $result = preg_replace("/Sitemap.*\n/", $robotsitemap, $robotcontent); + $result = preg_replace('/Sitemap:.*/', $robotsitemap, $robotcontent); $robotcontent = $result ? $result : $robotcontent; } else { $robotcontent .= $robotsitemap."\n"; From 9941236d76acbbab2ff96fa667f2df1038a77c5f Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Tue, 27 Apr 2021 11:47:33 +0200 Subject: [PATCH 83/84] Fix alternate into sitemap --- htdocs/website/index.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/htdocs/website/index.php b/htdocs/website/index.php index e9af12a7dd6..61a62fbf8df 100644 --- a/htdocs/website/index.php +++ b/htdocs/website/index.php @@ -2285,7 +2285,7 @@ if ($action == 'generatesitemaps' && $usercanedit) { $shortlangcode = substr($objp->lang, 0, 2); // en_US or en-US -> en } if (empty($shortlangcode)) { - $shortlangcode = substr($object->lang, 0, 2); // en_US or en-US -> en + $shortlangcode = substr($object->lang, 0, 2); // Use short lang code of website } // Forge $pageurl, adding language prefix if it is an alternative language @@ -2344,7 +2344,7 @@ if ($action == 'generatesitemaps' && $usercanedit) { $xhtmllink = $domtree->createElement('xhtml:link', ''); $xhtmllink->setAttribute("rel", "alternante"); $xhtmllink->setAttribute("hreflang", $tmpshortlangcode); - $xhtmllink->setAttribute("href", $domainname.($objp->fk_default_home == $tmppage->id ? '/' : (($tmpshortlangcode != substr($objp->lang, 0, 2)) ? '/'.$tmpshortlangcode : '').'/'.$tmppage->pageurl.'.php')); + $xhtmllink->setAttribute("href", $domainname.($objp->fk_default_home == $tmppage->id ? '/' : (($tmpshortlangcode != substr($object->lang, 0, 2)) ? '/'.$tmpshortlangcode : '').'/'.$tmppage->pageurl.'.php')); $url->appendChild($xhtmllink); $alternatefound++; @@ -2367,7 +2367,7 @@ if ($action == 'generatesitemaps' && $usercanedit) { $xhtmllink = $domtree->createElement('xhtml:link', ''); $xhtmllink->setAttribute("rel", "alternate"); $xhtmllink->setAttribute("hreflang", $tmpshortlangcode); - $xhtmllink->setAttribute("href", $domainname.($objp->fk_default_home == $objhastrans->id ? '/' : (($tmpshortlangcode != substr($objp->lang, 0, 2) ? '/'.$tmpshortlangcode : '')).'/'.$objhastrans->pageurl.'.php')); + $xhtmllink->setAttribute("href", $domainname.($objp->fk_default_home == $objhastrans->id ? '/' : (($tmpshortlangcode != substr($object->lang, 0, 2) ? '/'.$tmpshortlangcode : '')).'/'.$objhastrans->pageurl.'.php')); $url->appendChild($xhtmllink); $alternatefound++; From ae773ff9385c3439829264b37f3c655880426616 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Tue, 27 Apr 2021 12:12:45 +0200 Subject: [PATCH 84/84] FIX Disabled pages must not appears into sitemap --- htdocs/website/index.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/htdocs/website/index.php b/htdocs/website/index.php index 61a62fbf8df..fe37cb68418 100644 --- a/htdocs/website/index.php +++ b/htdocs/website/index.php @@ -2353,7 +2353,8 @@ if ($action == 'generatesitemaps' && $usercanedit) { } // Add "has translation pages" - $sql = 'SELECT rowid as id, lang, pageurl from '.MAIN_DB_PREFIX.'website_page where fk_page IN ('.$db->sanitize($objp->rowid.($translationof ? ', '.$translationof : '')).")"; + $sql = 'SELECT rowid as id, lang, pageurl from '.MAIN_DB_PREFIX.'website_page'; + $sql .= ' WHERE status = '.WebsitePage::STATUS_VALIDATED.' AND fk_page IN ('.$db->sanitize($objp->rowid.($translationof ? ', '.$translationof : '')).")"; $resqlhastrans = $db->query($sql); if ($resqlhastrans) { $num_rows_hastrans = $db->num_rows($resqlhastrans);
'.$langs->trans("BookmarkTitle").''.$langs->trans("SetHereATitleForLink").'
'.$langs->trans("BookmarkTitle").''.$langs->trans("SetHereATitleForLink").'
'.$langs->trans("UrlOrLink").''.$langs->trans("UseAnExternalHttpLinkOrRelativeDolibarrLink").'
'.$langs->trans("UrlOrLink").''.$langs->trans("UseAnExternalHttpLinkOrRelativeDolibarrLink").'
'.$langs->trans("BehaviourOnClick").''; $liste = array(0=>$langs->trans("ReplaceWindow"), 1=>$langs->trans("OpenANewWindow")); print $form->selectarray('target', $liste, 1); - print ''.$langs->trans("ChooseIfANewWindowMustBeOpenedOnClickOnBookmark").'
'.$langs->trans("ChooseIfANewWindowMustBeOpenedOnClickOnBookmark").'
'.$langs->trans("Owner").''; + print '
'.$langs->trans("Visibility").''; print img_picto('', 'user').' '.$form->select_dolusers(GETPOSTISSET('userid') ? GETPOST('userid', 'int') : $user->id, 'userid', 0, '', 0, ($user->admin ? '' : array($user->id)), '', 0, 0, 0, '', ($user->admin) ? 1 : 0, '', 'maxwidth300'); print ' 
'.$langs->trans("Owner").''; + print '
'.$langs->trans("Visibility").''; if ($action == 'edit' && $user->admin) { print img_picto('', 'user').' '.$form->select_dolusers(GETPOSTISSET('userid') ? GETPOST('userid', 'int') : ($object->fk_user ? $object->fk_user : ''), 'userid', 1, '', 0, '', '', 0, 0, 0, '', 0, '', 'maxwidth300'); } else { @@ -273,7 +278,7 @@ if ($id > 0 && !preg_match('/^add/i', $action)) { $fuser->fetch($object->fk_user); print $fuser->getNomUrl(1); } else { - print $langs->trans("Public"); + print ''.$langs->trans("Everybody").''; } } print '
'.$langs->trans("Ref").'
'.$langs->trans("Ref").''; + print ''; + print '
'; - print ''; + print ''; print '