From 9d89e48d154276396e0dcd1c217cfa59577ac7df Mon Sep 17 00:00:00 2001
From: Julien Gainza <gainza.julien@gmail.com>
Date: Mon, 6 Sep 2021 15:55:33 +0200
Subject: [PATCH 1/5] Fix : Add extrafields on API "get events list"

---
 htdocs/comm/action/class/api_agendaevents.class.php | 1 +
 1 file changed, 1 insertion(+)

diff --git a/htdocs/comm/action/class/api_agendaevents.class.php b/htdocs/comm/action/class/api_agendaevents.class.php
index d9feb4472b6..bf35ed95be0 100644
--- a/htdocs/comm/action/class/api_agendaevents.class.php
+++ b/htdocs/comm/action/class/api_agendaevents.class.php
@@ -171,6 +171,7 @@ class AgendaEvents extends DolibarrApi
                 $obj = $db->fetch_object($result);
                 $actioncomm_static = new ActionComm($db);
                 if ($actioncomm_static->fetch($obj->rowid)) {
+                    $actioncomm_static->fetch_optionals();
                     $obj_ret[] = $this->_cleanObjectDatas($actioncomm_static);
                 }
                 $i++;

From 65c4a2189860f8176955db309531fa75aea55e4c Mon Sep 17 00:00:00 2001
From: Julien Gainza <gainza.julien@gmail.com>
Date: Mon, 13 Sep 2021 16:35:13 +0200
Subject: [PATCH 2/5] FIX move fetch_optionnal into $ac_static->fetch()

---
 htdocs/comm/action/class/actioncomm.class.php       | 1 +
 htdocs/comm/action/class/api_agendaevents.class.php | 1 -
 2 files changed, 1 insertion(+), 1 deletion(-)

diff --git a/htdocs/comm/action/class/actioncomm.class.php b/htdocs/comm/action/class/actioncomm.class.php
index 9e562173b04..a6252ecebe3 100644
--- a/htdocs/comm/action/class/actioncomm.class.php
+++ b/htdocs/comm/action/class/actioncomm.class.php
@@ -763,6 +763,7 @@ class ActionComm extends CommonObject
                 $this->elementid = $obj->elementid;
                 $this->elementtype = $obj->elementtype;
 
+                $this->fetch_optionals();
                 $this->fetchResources();
             }
             $this->db->free($resql);
diff --git a/htdocs/comm/action/class/api_agendaevents.class.php b/htdocs/comm/action/class/api_agendaevents.class.php
index bf35ed95be0..d9feb4472b6 100644
--- a/htdocs/comm/action/class/api_agendaevents.class.php
+++ b/htdocs/comm/action/class/api_agendaevents.class.php
@@ -171,7 +171,6 @@ class AgendaEvents extends DolibarrApi
                 $obj = $db->fetch_object($result);
                 $actioncomm_static = new ActionComm($db);
                 if ($actioncomm_static->fetch($obj->rowid)) {
-                    $actioncomm_static->fetch_optionals();
                     $obj_ret[] = $this->_cleanObjectDatas($actioncomm_static);
                 }
                 $i++;

From 7a637104b26a5b985011fdd7f0cbe5dd9f1fb53b Mon Sep 17 00:00:00 2001
From: Ferran Marcet <fmarcet@2byte.es>
Date: Wed, 15 Sep 2021 11:29:12 +0200
Subject: [PATCH 3/5] Fix: Not filter by company when it is an external user

---
 htdocs/compta/paiement/list.php | 11 +++++------
 htdocs/fourn/paiement/list.php  |  6 ++++--
 2 files changed, 9 insertions(+), 8 deletions(-)

diff --git a/htdocs/compta/paiement/list.php b/htdocs/compta/paiement/list.php
index cfcdead5fed..20f69401fd6 100644
--- a/htdocs/compta/paiement/list.php
+++ b/htdocs/compta/paiement/list.php
@@ -6,7 +6,7 @@
  * Copyright (C) 2015		Jean-François Ferry		<jfefe@aternatik.fr>
  * Copyright (C) 2015		Juanjo Menent			<jmenent@2byte.es>
  * Copyright (C) 2017		Alexandre Spangaro		<aspangaro@open-dsi.fr>
- * Copyright (C) 2018		Ferran Marcet			<fmarcet@2byte.es>
+ * Copyright (C) 2018-2021	Ferran Marcet			<fmarcet@2byte.es>
  * Copyright (C) 2018		Charlene Benke			<charlie@patas-monkey.com>
  * Copyright (C) 2020		Tobias Sekan			<tobias.sekan@startmail.com>
  *
@@ -31,11 +31,6 @@
  */
 
 require '../../main.inc.php';
-
-// Security check
-if ($user->socid) $socid = $user->socid;
-$result = restrictedArea($user, 'facture', $facid, '');
-
 require_once DOL_DOCUMENT_ROOT.'/compta/paiement/class/paiement.class.php';
 require_once DOL_DOCUMENT_ROOT.'/compta/bank/class/account.class.php';
 require_once DOL_DOCUMENT_ROOT.'/core/class/html.formother.class.php';
@@ -58,6 +53,10 @@ $day = GETPOST('day', 'int');
 $month				= GETPOST('month', 'int');
 $year = GETPOST('year', 'int');
 
+// Security check
+if ($user->socid) $socid = $user->socid;
+$result = restrictedArea($user, 'facture', $facid, '');
+
 $search_ref = GETPOST("search_ref", "alpha");
 $search_company		= GETPOST("search_company", 'alpha');
 $search_paymenttype	= GETPOST("search_paymenttype");
diff --git a/htdocs/fourn/paiement/list.php b/htdocs/fourn/paiement/list.php
index f61d1795cba..13adc9d1ffc 100644
--- a/htdocs/fourn/paiement/list.php
+++ b/htdocs/fourn/paiement/list.php
@@ -35,8 +35,7 @@
 
 require '../../main.inc.php';
 
-// Security check
-if ($user->socid) $socid = $user->socid;
+
 
 // doesn't work :-(
 // restrictedArea($user, 'fournisseur');
@@ -64,6 +63,9 @@ $contextpage			= GETPOST('contextpage', 'aZ') ? GETPOST('contextpage', 'aZ') : '
 
 $socid = GETPOST('socid', 'int');
 
+// Security check
+if ($user->socid) $socid = $user->socid;
+
 $search_ref				= GETPOST('search_ref', 'alpha');
 $search_day				= GETPOST('search_day', 'int');
 $search_month = GETPOST('search_month', 'int');

From 88cd8fface58a2f95cc6c4f6e41320b04879acb4 Mon Sep 17 00:00:00 2001
From: Marc de Lima Lucio <68746600+marc-dll@users.noreply.github.com>
Date: Thu, 16 Sep 2021 17:53:47 +0200
Subject: [PATCH 4/5] FIX: task time: can't filter by user with pgsql + show
 error message

---
 htdocs/projet/tasks/time.php | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/htdocs/projet/tasks/time.php b/htdocs/projet/tasks/time.php
index 2a4b1d6aeee..7baac31a51a 100644
--- a/htdocs/projet/tasks/time.php
+++ b/htdocs/projet/tasks/time.php
@@ -1058,7 +1058,7 @@ if (($id > 0 || !empty($ref)) || $projectidforalltimes > 0)
 		if ($search_note) $sql .= natural_search('t.note', $search_note);
 		if ($search_task_ref) $sql .= natural_search('pt.ref', $search_task_ref);
 		if ($search_task_label) $sql .= natural_search('pt.label', $search_task_label);
-		if ($search_user > 0) $sql .= natural_search('t.fk_user', $search_user);
+		if ($search_user > 0) $sql .= ' AND t.fk_user = ' . intval($search_user);
 		if ($search_valuebilled == '1') $sql .= ' AND t.invoice_id > 0';
 		if ($search_valuebilled == '0') $sql .= ' AND (t.invoice_id = 0 OR t.invoice_id IS NULL)';
 		$sql .= dolSqlDateFilter('t.task_datehour', $search_day, $search_month, $search_year);
@@ -1069,6 +1069,12 @@ if (($id > 0 || !empty($ref)) || $projectidforalltimes > 0)
 		if (empty($conf->global->MAIN_DISABLE_FULL_SCANLIST))
 		{
 			$resql = $db->query($sql);
+
+			if (! $resql) {
+				dol_print_error($db);
+				exit;
+			}
+
 			$nbtotalofrecords = $db->num_rows($resql);
 			if (($page * $limit) > $nbtotalofrecords)	// if total of record found is smaller than page * limit, goto and load page 0
 			{

From 571d130c3cb1e9665da68b2c8a3e38a9cc00a93d Mon Sep 17 00:00:00 2001
From: Marc de Lima Lucio <68746600+marc-dll@users.noreply.github.com>
Date: Fri, 17 Sep 2021 10:51:37 +0200
Subject: [PATCH 5/5] FIX: task time: keep on using natural_search

---
 htdocs/projet/tasks/time.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/htdocs/projet/tasks/time.php b/htdocs/projet/tasks/time.php
index 7baac31a51a..b29c434963d 100644
--- a/htdocs/projet/tasks/time.php
+++ b/htdocs/projet/tasks/time.php
@@ -1058,7 +1058,7 @@ if (($id > 0 || !empty($ref)) || $projectidforalltimes > 0)
 		if ($search_note) $sql .= natural_search('t.note', $search_note);
 		if ($search_task_ref) $sql .= natural_search('pt.ref', $search_task_ref);
 		if ($search_task_label) $sql .= natural_search('pt.label', $search_task_label);
-		if ($search_user > 0) $sql .= ' AND t.fk_user = ' . intval($search_user);
+		if ($search_user > 0) $sql .= natural_search('t.fk_user', $search_user, 2);
 		if ($search_valuebilled == '1') $sql .= ' AND t.invoice_id > 0';
 		if ($search_valuebilled == '0') $sql .= ' AND (t.invoice_id = 0 OR t.invoice_id IS NULL)';
 		$sql .= dolSqlDateFilter('t.task_datehour', $search_day, $search_month, $search_year);