lainwir3d/dolibarr
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'Dolibarr/11.0' into 11

Browse Source
This commit is contained in:
Francis Appels 2020-07-16 21:30:15 +02:00
commit 3e55699275
74 changed files with 804 additions and 466 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

46
ChangeLog
View File

@ -2,6 +2,52 @@
English Dolibarr ChangeLog
--------------------------------------------------------------
***** ChangeLog for 11.0.5 compared to 11.0.4 *****
FIX: $arraydefaultmessage is an object, as well as in /htdocs/core/class/html.formmail.class.php
FIX: 10.0 - pagination in prelevement/bons.php
FIX: 10.0 - undefined $langs if template file copy fails during activation of modContrat
FIX: 11.0 - fatal with postgres on contact/agenda.php
FIX: 11.0 - multicurrency amount not fetched when fetching payments from llx_paiement or llx_paiementfourn
FIX: 11.0 - when using pdftk as per hidden conf USE_PDFTK_FOR_PDF_CONCAT, check that the file exists before displaying a success message
FIX: #13841
FIX: #13877 - Can validate invoice if there is a credit note with VAT 0% on an invoice with other lines with a VAT non 0%
FIX: #13968
FIX: #14001
FIX: #14002
FIX: 9.0 - delete unused mandatory argument from migrate_clean_association: argument count mismatch causes a fatal error since php7
FIX: 9.0 - fatal during migration from 3.1 using PHP 7
FIX: Accountancy - Binding index - Add a filter on sql request for module Subtotal & Jalon
FIX: avoid error "Call to undefined function measuringUnitString()"
FIX: BlindBoolean SQL injection reported by Christian Weiler
FIX: Can create a credit note on situation invoice if previous is also
FIX: can install module even if (x) was appended during download.
FIX: copy value date of VariousPayment onto the new AccountLine
FIX: count of open day when date and start are not open should be 0
FIX: Default bank account was not loaded for document generation.
FIX: Do not show stats panel if the user does not have permissions
FIX: Fix link of the button to create a credit note and fix the awareness of a error that happen when wo create a credit note
FIX: force rounding 2 on export ld compta
FIX: free text on cash desk
FIX: links into emails of notifications
FIX: missing file manifest.json.php
FIX: missing GetNomURL Hook in warehouse class
FIX: missing hook init + table class + $page not set
FIX: missing rollbacks on trigger bad return
FIX: missing translation value for key "NoMorePredefinedProductToDispatch"
FIX: percent must be displayed on one line
FIX: php error if multicompany disabled
FIX: Privilege escalation reported by wizlynx WLX-2020-011
FIX: replace filter parameter "none" by "restricthtml"
FIX: Rounding Total TVA in "crabe" model pdf
FIX: Show ref_customer, amount on contract link object
FIX: Site ec.europa.eu has moved to https://
FIX: Tickets mail models doesn't work
FIX: vulnerability reported by wizlynx WLX-2020-012
FIX: We must only rename current bank receipt
FIX: when creating a VariousPayment, the value date is not copied onto the AccountLine that gets created at the same time, so the bank transaction's value date will be the payment date instead of the payment's value date
FIX: wrong url param
FIX: XSS using the renaming of .noexe files - reported by Nolan.
***** ChangeLog for 11.0.4 compared to 11.0.3 *****
FIX: #13749
FIX: #7594 Expense report multi pagebreak

2
htdocs/accountancy/class/accountancyexport.class.php
View File

@ -985,7 +985,7 @@ class AccountancyExport
print $racine_subledger_account . $separator; // deprecated CPTG & CPTA use instead
// MONT
print price(abs($line->montant), 0, '', 1, 2).$separator;
print price(abs($line->montant), 0, '', 1, 2, 2).$separator;
// CODC
print $line->sens.$separator;
// CPTG

4
htdocs/accountancy/customer/card.php
View File

@ -34,8 +34,8 @@ $action = GETPOST('action', 'alpha');
$cancel = GETPOST('cancel', 'alpha');
$backtopage = GETPOST('backtopage', 'alpha');
$codeventil = GETPOST('codeventil');
$id = GETPOST('id');
$codeventil = GETPOST('codeventil', 'int');
$id = GETPOST('id', 'int');
// Security check
if ($user->socid > 0)

16
htdocs/accountancy/customer/index.php
View File

@ -251,6 +251,7 @@ $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."accounting_account as aa ON aa.rowid = fd
$sql .= " WHERE f.datef >= '".$db->idate($search_date_start)."'";
$sql .= " AND f.datef <= '".$db->idate($search_date_end)."'";
$sql .= " AND f.fk_statut > 0";
$sql .= " AND fd.product_type <= 2";
$sql .= " AND f.entity IN (".getEntity('invoice', 0).")"; // We don't share object for accountancy
$sql .= " AND aa.account_number IS NULL";
if (!empty($conf->global->FACTURE_DEPOSITS_ARE_JUST_PAYMENTS)) {
@ -327,10 +328,11 @@ $sql .= " WHERE f.datef >= '".$db->idate($search_date_start)."'";
$sql .= " AND f.datef <= '".$db->idate($search_date_end)."'";
$sql .= " AND f.entity IN (".getEntity('invoice', 0).")"; // We don't share object for accountancy
$sql .= " AND f.fk_statut > 0";
$sql .= " AND fd.product_type <= 2";
if (!empty($conf->global->FACTURE_DEPOSITS_ARE_JUST_PAYMENTS)) {
$sql .= " AND f.type IN (".Facture::TYPE_STANDARD.",".Facture::TYPE_REPLACEMENT.",".Facture::TYPE_CREDIT_NOTE.",".Facture::TYPE_SITUATION.")";
$sql .= " AND f.type IN (".Facture::TYPE_STANDARD.", ".Facture::TYPE_REPLACEMENT.", ".Facture::TYPE_CREDIT_NOTE.", ".Facture::TYPE_SITUATION.")";
} else {
$sql .= " AND f.type IN (".Facture::TYPE_STANDARD.",".Facture::TYPE_REPLACEMENT.",".Facture::TYPE_CREDIT_NOTE.",".Facture::TYPE_DEPOSIT.",".Facture::TYPE_SITUATION.")";
$sql .= " AND f.type IN (".Facture::TYPE_STANDARD.", ".Facture::TYPE_REPLACEMENT.", ".Facture::TYPE_CREDIT_NOTE.", ".Facture::TYPE_DEPOSIT.", ".Facture::TYPE_SITUATION.")";
}
$sql .= " AND aa.account_number IS NOT NULL";
$sql .= " GROUP BY fd.fk_code_ventilation,aa.account_number,aa.label";
@ -403,10 +405,11 @@ if ($conf->global->MAIN_FEATURES_LEVEL > 0) // This part of code looks strange.
$sql .= " AND f.datef <= '".$db->idate($search_date_end)."'";
$sql .= " AND f.entity IN (".getEntity('invoice', 0).")"; // We don't share object for accountancy
$sql .= " AND f.fk_statut > 0";
$sql .= " AND fd.product_type <= 2";
if (!empty($conf->global->FACTURE_DEPOSITS_ARE_JUST_PAYMENTS)) {
$sql .= " AND f.type IN (".Facture::TYPE_STANDARD.",".Facture::TYPE_REPLACEMENT.",".Facture::TYPE_CREDIT_NOTE.",".Facture::TYPE_SITUATION.")";
$sql .= " AND f.type IN (".Facture::TYPE_STANDARD.", ".Facture::TYPE_REPLACEMENT.", ".Facture::TYPE_CREDIT_NOTE.", ".Facture::TYPE_SITUATION.")";
} else {
$sql .= " AND f.type IN (".Facture::TYPE_STANDARD.",".Facture::TYPE_REPLACEMENT.",".Facture::TYPE_CREDIT_NOTE.",".Facture::TYPE_DEPOSIT.",".Facture::TYPE_SITUATION.")";
$sql .= " AND f.type IN (".Facture::TYPE_STANDARD.", ".Facture::TYPE_REPLACEMENT.", ".Facture::TYPE_CREDIT_NOTE.", ".Facture::TYPE_DEPOSIT.", ".Facture::TYPE_SITUATION.")";
}
dol_syslog('htdocs/accountancy/customer/index.php');
@ -455,10 +458,11 @@ if ($conf->global->MAIN_FEATURES_LEVEL > 0) // This part of code looks strange.
$sql .= " AND f.datef <= '".$db->idate($search_date_end)."'";
$sql .= " AND f.entity IN (".getEntity('invoice', 0).")"; // We don't share object for accountancy
$sql .= " AND f.fk_statut > 0";
$sql .= " AND fd.product_type <= 2";
if (!empty($conf->global->FACTURE_DEPOSITS_ARE_JUST_PAYMENTS)) {
$sql .= " AND f.type IN (".Facture::TYPE_STANDARD.",".Facture::TYPE_REPLACEMENT.",".Facture::TYPE_CREDIT_NOTE.",".Facture::TYPE_SITUATION.")";
$sql .= " AND f.type IN (".Facture::TYPE_STANDARD.", ".Facture::TYPE_REPLACEMENT.", ".Facture::TYPE_CREDIT_NOTE.", ".Facture::TYPE_SITUATION.")";
} else {
$sql .= " AND f.type IN (".Facture::TYPE_STANDARD.",".Facture::TYPE_REPLACEMENT.",".Facture::TYPE_CREDIT_NOTE.",".Facture::TYPE_DEPOSIT.",".Facture::TYPE_SITUATION.")";
$sql .= " AND f.type IN (".Facture::TYPE_STANDARD.", ".Facture::TYPE_REPLACEMENT.", ".Facture::TYPE_CREDIT_NOTE.", ".Facture::TYPE_DEPOSIT.", ".Facture::TYPE_SITUATION.")";
}
dol_syslog('htdocs/accountancy/customer/index.php');

4
htdocs/accountancy/expensereport/card.php
View File

@ -38,8 +38,8 @@ $action = GETPOST('action', 'alpha');
$cancel = GETPOST('cancel', 'alpha');
$backtopage = GETPOST('backtopage', 'alpha');
$codeventil = GETPOST('codeventil');
$id = GETPOST('id');
$codeventil = GETPOST('codeventil', 'int');
$id = GETPOST('id', 'int');
// Security check
if ($user->socid > 0)

19
htdocs/accountancy/journal/bankjournal.php
View File

@ -254,7 +254,9 @@ if ($result) {
} else {
$tabpay[$obj->rowid]["lib"] = dol_trunc($obj->label, 60);
}
$links = $object->get_url($obj->rowid); // Get an array('url'=>, 'url_id'=>, 'label'=>, 'type'=> 'fk_bank'=> )
// Load of url links to the line into llx_bank
$links = $object->get_url($obj->rowid); // Get an array('url'=>, 'url_id'=>, 'label'=>, 'type'=> 'fk_bank'=> )
//var_dump($i);
//var_dump($tabpay);
@ -319,7 +321,8 @@ if ($result) {
$chargestatic->id = $links[$key]['url_id'];
$chargestatic->ref = $links[$key]['url_id'];
$tabpay[$obj->rowid]["lib"] .= ' ' . $chargestatic->getNomUrl(2);
$tabpay[$obj->rowid]["lib"] .= ' '.$chargestatic->getNomUrl(2);
$reg = array();
if (preg_match('/^\((.*)\)$/i', $links[$key]['label'], $reg)) {
if ($reg[1] == 'socialcontribution')
$reg[1] = 'SocialContribution';
@ -331,12 +334,14 @@ if ($result) {
$tabpay[$obj->rowid]["soclib"] = $chargestatic->getNomUrl(1, 30);
$tabpay[$obj->rowid]["paymentscid"] = $chargestatic->id;
// Retreive the accounting code of the social contribution of the payment from link of payment.
// Note: We have the social contribution id, it can be faster to get accounting code from social contribution id.
$sqlmid = 'SELECT cchgsoc.accountancy_code';
$sqlmid .= " FROM " . MAIN_DB_PREFIX . "c_chargesociales cchgsoc ";
$sqlmid .= " INNER JOIN " . MAIN_DB_PREFIX . "chargesociales as chgsoc ON chgsoc.fk_type=cchgsoc.id";
$sqlmid .= " INNER JOIN " . MAIN_DB_PREFIX . "paiementcharge as paycharg ON paycharg.fk_charge=chgsoc.rowid";
$sqlmid .= " INNER JOIN " . MAIN_DB_PREFIX . "bank_url as bkurl ON bkurl.url_id=paycharg.rowid";
$sqlmid .= " WHERE bkurl.fk_bank=" . $obj->rowid;
$sqlmid .= " FROM ".MAIN_DB_PREFIX."c_chargesociales cchgsoc";
$sqlmid .= " INNER JOIN ".MAIN_DB_PREFIX."chargesociales as chgsoc ON chgsoc.fk_type=cchgsoc.id";
$sqlmid .= " INNER JOIN ".MAIN_DB_PREFIX."paiementcharge as paycharg ON paycharg.fk_charge=chgsoc.rowid";
$sqlmid .= " INNER JOIN ".MAIN_DB_PREFIX."bank_url as bkurl ON bkurl.url_id=paycharg.rowid AND bkurl.type = 'payment_sc'";
$sqlmid .= " WHERE bkurl.fk_bank=".$obj->rowid;
dol_syslog("accountancy/journal/bankjournal.php:: sqlmid=" . $sqlmid, LOG_DEBUG);
$resultmid = $db->query($sqlmid);

4
htdocs/accountancy/supplier/card.php
View File

@ -38,8 +38,8 @@ $action = GETPOST('action', 'alpha');
$cancel = GETPOST('cancel', 'alpha');
$backtopage = GETPOST('backtopage', 'alpha');
$codeventil = GETPOST('codeventil');
$id = GETPOST('id');
$codeventil = GETPOST('codeventil', 'int');
$id = GETPOST('id', 'int');
// Security check
if ($user->socid > 0)

3
htdocs/accountancy/supplier/index.php
View File

@ -249,6 +249,7 @@ $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."accounting_account as aa ON aa.rowid = ff
$sql .= " WHERE ff.datef >= '".$db->idate($search_date_start)."'";
$sql .= " AND ff.datef <= '".$db->idate($search_date_end)."'";
$sql .= " AND ff.fk_statut > 0";
$sql .= " AND ffd.product_type <= 2";
$sql .= " AND ff.entity IN (".getEntity('facture_fourn', 0).")"; // We don't share object for accountancy
$sql .= " AND aa.account_number IS NULL";
$sql .= " GROUP BY ffd.fk_code_ventilation,aa.account_number,aa.label";
@ -319,6 +320,7 @@ $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."accounting_account as aa ON aa.rowid = ff
$sql .= " WHERE ff.datef >= '".$db->idate($search_date_start)."'";
$sql .= " AND ff.datef <= '".$db->idate($search_date_end)."'";
$sql .= " AND ff.fk_statut > 0";
$sql .= " AND ffd.product_type <= 2";
$sql .= " AND ff.entity IN (".getEntity('facture_fourn', 0).")"; // We don't share object for accountancy
$sql .= " AND aa.account_number IS NOT NULL";
$sql .= " GROUP BY ffd.fk_code_ventilation,aa.account_number,aa.label";
@ -389,6 +391,7 @@ if ($conf->global->MAIN_FEATURES_LEVEL > 0) // This part of code looks strange.
$sql .= " WHERE ff.datef >= '".$db->idate($search_date_start)."'";
$sql .= " AND ff.datef <= '".$db->idate($search_date_end)."'";
$sql .= " AND ff.fk_statut > 0";
$sql .= " AND ffd.product_type <= 2";
$sql .= " AND ff.entity IN (".getEntity('facture_fourn', 0).")"; // We don't share object for accountancy
dol_syslog('htdocs/accountancy/supplier/index.php');

115
htdocs/adherents/card.php
View File

@ -243,18 +243,16 @@ if (empty($reshook))
require_once DOL_DOCUMENT_ROOT.'/core/lib/files.lib.php';
$birthdate = '';
if (isset($_POST["birthday"]) && $_POST["birthday"]
&& isset($_POST["birthmonth"]) && $_POST["birthmonth"]
&& isset($_POST["birthyear"]) && $_POST["birthyear"])
if (GETPOST("birthday", 'int') && GETPOST("birthmonth", 'int') && GETPOST("birthyear", 'int'))
{
$birthdate = dol_mktime(12, 0, 0, $_POST["birthmonth"], $_POST["birthday"], $_POST["birthyear"]);
$birthdate = dol_mktime(12, 0, 0, GETPOST("birthmonth", 'int'), GETPOST("birthday", 'int'), GETPOST("birthyear", 'int'));
}
$lastname = $_POST["lastname"];
$firstname = $_POST["firstname"];
$gender = $_POST["gender"];
$societe = $_POST["societe"];
$morphy = $_POST["morphy"];
$login = $_POST["login"];
$lastname = GETPOST("lastname", 'alphanohtml');
$firstname = GETPOST("firstname", 'alphanohtml');
$gender = GETPOST("gender", 'alphanohtml');
$societe = GETPOST("societe", 'alphanohtml');
$morphy = GETPOST("morphy", 'alphanohtml');
$login = GETPOST("login", 'alphanohtml');
if ($morphy != 'mor' && empty($lastname)) {
$error++;
$langs->load("errors");
@ -284,19 +282,19 @@ if (empty($reshook))
$object->oldcopy = clone $object;
// Change values
$object->civility_id = trim(GETPOST("civility_id", 'alpha'));
$object->firstname = trim(GETPOST("firstname", 'alpha'));
$object->lastname = trim(GETPOST("lastname", 'alpha'));
$object->gender = trim(GETPOST("gender", 'alpha'));
$object->civility_id = trim(GETPOST("civility_id", 'alphanohtml'));
$object->firstname = trim(GETPOST("firstname", 'alphanohtml'));
$object->lastname = trim(GETPOST("lastname", 'alphanohtml'));
$object->gender = trim(GETPOST("gender", 'alphanohtml'));
$object->login = trim(GETPOST("login", 'alpha'));
$object->pass = trim(GETPOST("pass", 'alpha'));
$object->societe = trim(GETPOST("societe", 'alpha')); // deprecated
$object->company = trim(GETPOST("societe", 'alpha'));
$object->societe = trim(GETPOST("societe", 'alphanohtml')); // deprecated
$object->company = trim(GETPOST("societe", 'alphanohtml'));
$object->address = trim(GETPOST("address", 'alpha'));
$object->zip = trim(GETPOST("zipcode", 'alpha'));
$object->town = trim(GETPOST("town", 'alpha'));
$object->address = trim(GETPOST("address", 'alphanohtml'));
$object->zip = trim(GETPOST("zipcode", 'alphanohtml'));
$object->town = trim(GETPOST("town", 'alphanohtml'));
$object->state_id = GETPOST("state_id", 'int');
$object->country_id = GETPOST("country_id", 'int');
@ -442,14 +440,14 @@ if (empty($reshook))
}
$typeid = GETPOST("typeid", 'int');
$civility_id = GETPOST("civility_id", 'alpha');
$lastname = GETPOST("lastname", 'alpha');
$firstname = GETPOST("firstname", 'alpha');
$gender = GETPOST("gender", 'alpha');
$societe = GETPOST("societe", 'alpha');
$address = GETPOST("address", 'alpha');
$zip = GETPOST("zipcode", 'alpha');
$town = GETPOST("town", 'alpha');
$civility_id = GETPOST("civility_id", 'alphanohtml');
$lastname = GETPOST("lastname", 'alphanohtml');
$firstname = GETPOST("firstname", 'alphanohtml');
$gender = GETPOST("gender", 'alphanohtml');
$societe = GETPOST("societe", 'alphanohtml');
$address = GETPOST("address", 'alphanohtml');
$zip = GETPOST("zipcode", 'alphanohtml');
$town = GETPOST("town", 'alphanohtml');
$state_id = GETPOST("state_id", 'int');
$country_id = GETPOST("country_id", 'int');
@ -465,9 +463,8 @@ if (empty($reshook))
$pass = GETPOST("password", 'alpha');
$photo = GETPOST("photo", 'alpha');
//$comment=GETPOST("comment",'none');
$morphy = GETPOST("morphy", 'alpha');
$subscription = GETPOST("subscription", 'alpha');
$public = GETPOST("public", 'alpha');
$morphy = GETPOST("morphy", 'alphanohtml');
$public = GETPOST("public", 'alphanohtml');
$userid = GETPOST("userid", 'int');
$socid = GETPOST("socid", 'int');
@ -976,7 +973,7 @@ else
print "</td>\n";
// Company
print '<tr><td id="tdcompany">'.$langs->trans("Company").'</td><td><input type="text" name="societe" class="minwidth300" maxlength="128" value="'.(GETPOST('societe', 'alpha') ?GETPOST('societe', 'alpha') : $object->company).'"></td></tr>';
print '<tr><td id="tdcompany">'.$langs->trans("Company").'</td><td><input type="text" name="societe" class="minwidth300" maxlength="128" value="'.(GETPOSTISSET('societe') ? GETPOST('societe', 'alphanohtml') : $object->company).'"></td></tr>';
// Civility
print '<tr><td>'.$langs->trans("UserTitle").'</td><td>';
@ -984,39 +981,39 @@ else
print '</tr>';
// Lastname
print '<tr><td id="tdlastname">'.$langs->trans("Lastname").'</td><td><input type="text" name="lastname" class="minwidth300" maxlength="50" value="'.(GETPOST('lastname', 'alpha') ?GETPOST('lastname', 'alpha') : $object->lastname).'"></td>';
print '<tr><td id="tdlastname">'.$langs->trans("Lastname").'</td><td><input type="text" name="lastname" class="minwidth300" maxlength="50" value="'.(GETPOSTISSET('lastname') ? GETPOST('lastname', 'alphanohtml') : $object->lastname).'"></td>';
print '</tr>';
// Firstname
print '<tr><td id="tdfirstname">'.$langs->trans("Firstname").'</td><td><input type="text" name="firstname" class="minwidth300" maxlength="50" value="'.(GETPOST('firstname', 'alpha') ?GETPOST('firstname', 'alpha') : $object->firstname).'"></td>';
print '<tr><td id="tdfirstname">'.$langs->trans("Firstname").'</td><td><input type="text" name="firstname" class="minwidth300" maxlength="50" value="'.(GETPOSTISSET('firstname') ? GETPOST('firstname', 'alphanohtml') : $object->firstname).'"></td>';
print '</tr>';
// Gender
print '<tr><td>'.$langs->trans("Gender").'</td>';
print '<td>';
$arraygender = array('man'=>$langs->trans("Genderman"), 'woman'=>$langs->trans("Genderwoman"));
print $form->selectarray('gender', $arraygender, GETPOST('gender'), 1);
print $form->selectarray('gender', $arraygender, GETPOST('gender', 'alphanohtml'), 1);
print '</td></tr>';
// EMail
print '<tr><td>'.img_picto('', 'object_email').' '.($conf->global->ADHERENT_MAIL_REQUIRED ? '<span class="fieldrequired">' : '').$langs->trans("EMail").($conf->global->ADHERENT_MAIL_REQUIRED ? '</span>' : '').'</td><td><input type="text" name="member_email" class="minwidth300" maxlength="255" value="'.(GETPOST('member_email', 'alpha') ?GETPOST('member_email', 'alpha') : $object->email).'"></td></tr>';
print '<tr><td>'.img_picto('', 'object_email').' '.($conf->global->ADHERENT_MAIL_REQUIRED ? '<span class="fieldrequired">' : '').$langs->trans("EMail").($conf->global->ADHERENT_MAIL_REQUIRED ? '</span>' : '').'</td><td><input type="text" name="member_email" class="minwidth300" maxlength="255" value="'.(GETPOSTISSET('member_email') ? GETPOST('member_email', 'alpha') : $object->email).'"></td></tr>';
// Address
print '<tr><td class="tdtop">'.$langs->trans("Address").'</td><td>';
print '<textarea name="address" wrap="soft" class="quatrevingtpercent" rows="2">'.(GETPOST('address', 'alphanohtml') ?GETPOST('address', 'alphanohtml') : $object->address).'</textarea>';
print '<textarea name="address" wrap="soft" class="quatrevingtpercent" rows="2">'.(GETPOSTISSET('address') ?GETPOST('address', 'alphanohtml') : $object->address).'</textarea>';
print '</td></tr>';
// Zip / Town
print '<tr><td>'.$langs->trans("Zip").' / '.$langs->trans("Town").'</td><td>';
print $formcompany->select_ziptown((GETPOST('zipcode', 'alphanohtml') ?GETPOST('zipcode', 'alphanohtml') : $object->zip), 'zipcode', array('town', 'selectcountry_id', 'state_id'), 6);
print $formcompany->select_ziptown((GETPOSTISSET('zipcode') ? GETPOST('zipcode', 'alphanohtml') : $object->zip), 'zipcode', array('town', 'selectcountry_id', 'state_id'), 6);
print ' ';
print $formcompany->select_ziptown((GETPOST('town', 'alphanohtml') ?GETPOST('town', 'alphanohtml') : $object->town), 'town', array('zipcode', 'selectcountry_id', 'state_id'));
print $formcompany->select_ziptown((GETPOSTISSET('town') ? GETPOST('town', 'alphanohtml') : $object->town), 'town', array('zipcode', 'selectcountry_id', 'state_id'));
print '</td></tr>';
// Country
$object->country_id = $object->country_id ? $object->country_id : $mysoc->country_id;
print '<tr><td width="25%">'.$langs->trans('Country').'</td><td>';
print $form->select_country(GETPOST('country_id', 'alpha') ?GETPOST('country_id', 'alpha') : $object->country_id, 'country_id');
print $form->select_country(GETPOSTISSET('country_id') ? GETPOST('country_id', 'alpha') : $object->country_id, 'country_id');
if ($user->admin) print info_admin($langs->trans("YouCanChangeValuesForThisListFromDictionarySetup"), 1);
print '</td></tr>';
@ -1026,7 +1023,7 @@ else
print '<tr><td>'.$langs->trans('State').'</td><td>';
if ($object->country_id)
{
print $formcompany->select_state(GETPOST('state_id', 'int') ?GETPOST('state_id', 'int') : $object->state_id, $object->country_code);
print $formcompany->select_state(GETPOSTISSET('state_id') ? GETPOST('state_id', 'int') : $object->state_id, $object->country_code);
}
else
{
@ -1036,18 +1033,18 @@ else
}
// Pro phone
print '<tr><td>'.img_picto('', 'object_phoning').' '.$langs->trans("PhonePro").'</td><td><input type="text" name="phone" size="20" value="'.(GETPOST('phone', 'alpha') ?GETPOST('phone', 'alpha') : $object->phone).'"></td></tr>';
print '<tr><td>'.img_picto('', 'object_phoning').' '.$langs->trans("PhonePro").'</td><td><input type="text" name="phone" size="20" value="'.(GETPOSTISSET('phone') ? GETPOST('phone', 'alpha') : $object->phone).'"></td></tr>';
// Personal phone
print '<tr><td>'.img_picto('', 'object_phoning').' '.$langs->trans("PhonePerso").'</td><td><input type="text" name="phone_perso" size="20" value="'.(GETPOST('phone_perso', 'alpha') ?GETPOST('phone_perso', 'alpha') : $object->phone_perso).'"></td></tr>';
print '<tr><td>'.img_picto('', 'object_phoning').' '.$langs->trans("PhonePerso").'</td><td><input type="text" name="phone_perso" size="20" value="'.(GETPOSTISSET('phone_perso') ? GETPOST('phone_perso', 'alpha') : $object->phone_perso).'"></td></tr>';
// Mobile phone
print '<tr><td>'.img_picto('', 'object_phoning_mobile').' '.$langs->trans("PhoneMobile").'</td><td><input type="text" name="phone_mobile" size="20" value="'.(GETPOST('phone_mobile', 'alpha') ?GETPOST('phone_mobile', 'alpha') : $object->phone_mobile).'"></td></tr>';
print '<tr><td>'.img_picto('', 'object_phoning_mobile').' '.$langs->trans("PhoneMobile").'</td><td><input type="text" name="phone_mobile" size="20" value="'.(GETPOSTISSET('phone_mobile') ? GETPOST('phone_mobile', 'alpha') : $object->phone_mobile).'"></td></tr>';
if (!empty($conf->socialnetworks->enabled)) {
foreach ($socialnetworks as $key => $value) {
if (!$value['active']) break;
print '<tr><td>'.$langs->trans($value['label']).'</td><td><input type="text" name="member_'.$key.'" size="40" value="'.(GETPOST('member_'.$key, 'alpha') ?GETPOST('member_'.$key, 'alpha') : $object->socialnetworks[$key]).'"></td></tr>';
print '<tr><td>'.$langs->trans($value['label']).'</td><td><input type="text" name="member_'.$key.'" size="40" value="'.(GETPOSTISSET('member_'.$key) ? GETPOST('member_'.$key, 'alpha') : $object->socialnetworks[$key]).'"></td></tr>';
}
}
@ -1196,14 +1193,14 @@ else
$morphys["phy"] = $langs->trans("Physical");
$morphys["mor"] = $langs->trans("Moral");
print '<tr><td><span class="fieldrequired">'.$langs->trans("MemberNature").'</span></td><td>';
print $form->selectarray("morphy", $morphys, (GETPOSTISSET("morphy") ?GETPOST("morphy", 'alpha') : $object->morphy));
print $form->selectarray("morphy", $morphys, (GETPOSTISSET("morphy") ? GETPOST("morphy", 'alpha') : $object->morphy));
print "</td></tr>";
// Type
print '<tr><td class="fieldrequired">'.$langs->trans("Type").'</td><td>';
if ($user->rights->adherent->creer)
{
print $form->selectarray("typeid", $adht->liste_array(), (GETPOSTISSET("typeid") ?GETPOST("typeid", 'int') : $object->typeid));
print $form->selectarray("typeid", $adht->liste_array(), (GETPOSTISSET("typeid") ? GETPOST("typeid", 'int') : $object->typeid));
}
else
{
@ -1213,27 +1210,27 @@ else
print "</td></tr>";
// Company
print '<tr><td id="tdcompany">'.$langs->trans("Company").'</td><td><input type="text" name="societe" class="minwidth300" maxlength="128" value="'.(isset($_POST["societe"]) ?GETPOST("societe", '', 2) : $object->company).'"></td></tr>';
print '<tr><td id="tdcompany">'.$langs->trans("Company").'</td><td><input type="text" name="societe" class="minwidth300" maxlength="128" value="'.(GETPOSTISSET("societe") ? GETPOST("societe", 'alphanohtml', 2) : $object->company).'"></td></tr>';
// Civility
print '<tr><td>'.$langs->trans("UserTitle").'</td><td>';
print $formcompany->select_civility(isset($_POST["civility_id"]) ? $_POST["civility_id"] : $object->civility_id)."\n";
print $formcompany->select_civility(GETPOSTISSET("civility_id") ? GETPOST("civility_id", 'alpha') : $object->civility_id)."\n";
print '</td>';
print '</tr>';
// Lastname
print '<tr><td id="tdlastname">'.$langs->trans("Lastname").'</td><td><input type="text" name="lastname" class="minwidth300" maxlength="50" value="'.(isset($_POST["lastname"]) ?GETPOST("lastname", '', 2) : $object->lastname).'"></td>';
print '<tr><td id="tdlastname">'.$langs->trans("Lastname").'</td><td><input type="text" name="lastname" class="minwidth300" maxlength="50" value="'.(GETPOSTISSET("lastname") ? GETPOST("lastname", 'alphanohtml', 2) : $object->lastname).'"></td>';
print '</tr>';
// Firstname
print '<tr><td id="tdfirstname">'.$langs->trans("Firstname").'</td><td><input type="text" name="firstname" class="minwidth300" maxlength="50" value="'.(isset($_POST["firstname"]) ?GETPOST("firstname", '', 3) : $object->firstname).'"></td>';
print '<tr><td id="tdfirstname">'.$langs->trans("Firstname").'</td><td><input type="text" name="firstname" class="minwidth300" maxlength="50" value="'.(GETPOSTISSET("firstname") ? GETPOST("firstname", 'alphanohtml', 3) : $object->firstname).'"></td>';
print '</tr>';
// Gender
print '<tr><td>'.$langs->trans("Gender").'</td>';
print '<td>';
$arraygender = array('man'=>$langs->trans("Genderman"), 'woman'=>$langs->trans("Genderwoman"));
print $form->selectarray('gender', $arraygender, GETPOST('gender') ?GETPOST('gender') : $object->gender, 1);
print $form->selectarray('gender', $arraygender, GETPOSTISSET('gender') ? GETPOST('gender', 'alphanohtml') : $object->gender, 1);
print '</td></tr>';
// Photo
@ -1256,14 +1253,14 @@ else
// Address
print '<tr><td>'.$langs->trans("Address").'</td><td>';
print '<textarea name="address" wrap="soft" class="quatrevingtpercent" rows="'.ROWS_2.'">'.(isset($_POST["address"]) ?GETPOST("address", '', 2) : $object->address).'</textarea>';
print '<textarea name="address" wrap="soft" class="quatrevingtpercent" rows="'.ROWS_2.'">'.(GETPOSTISSET("address") ? GETPOST("address", 'alphanohtml', 2) : $object->address).'</textarea>';
print '</td></tr>';
// Zip / Town
print '<tr><td>'.$langs->trans("Zip").' / '.$langs->trans("Town").'</td><td>';
print $formcompany->select_ziptown((isset($_POST["zipcode"]) ?GETPOST("zipcode", '', 2) : $object->zip), 'zipcode', array('town', 'selectcountry_id', 'state_id'), 6);
print $formcompany->select_ziptown((GETPOSTISSET("zipcode") ? GETPOST("zipcode", 'alphanohtml', 2) : $object->zip), 'zipcode', array('town', 'selectcountry_id', 'state_id'), 6);
print ' ';
print $formcompany->select_ziptown((isset($_POST["town"]) ?GETPOST("town", '', 2) : $object->town), 'town', array('zipcode', 'selectcountry_id', 'state_id'));
print $formcompany->select_ziptown((GETPOSTISSET("town") ? GETPOST("town", 'alphanohtml', 2) : $object->town), 'town', array('zipcode', 'selectcountry_id', 'state_id'));
print '</td></tr>';
// Country
@ -1282,18 +1279,18 @@ else
}
// Pro phone
print '<tr><td>'.img_picto('', 'object_phoning').' '.$langs->trans("PhonePro").'</td><td><input type="text" name="phone" size="20" value="'.(isset($_POST["phone"]) ?GETPOST("phone") : $object->phone).'"></td></tr>';
print '<tr><td>'.img_picto('', 'object_phoning').' '.$langs->trans("PhonePro").'</td><td><input type="text" name="phone" size="20" value="'.(GETPOSTISSET("phone") ? GETPOST("phone") : $object->phone).'"></td></tr>';
// Personal phone
print '<tr><td>'.img_picto('', 'object_phoning').' '.$langs->trans("PhonePerso").'</td><td><input type="text" name="phone_perso" size="20" value="'.(isset($_POST["phone_perso"]) ?GETPOST("phone_perso") : $object->phone_perso).'"></td></tr>';
print '<tr><td>'.img_picto('', 'object_phoning').' '.$langs->trans("PhonePerso").'</td><td><input type="text" name="phone_perso" size="20" value="'.(GETPOSTISSET("phone_perso") ? GETPOST("phone_perso") : $object->phone_perso).'"></td></tr>';
// Mobile phone
print '<tr><td>'.img_picto('', 'object_phoning_mobile').' '.$langs->trans("PhoneMobile").'</td><td><input type="text" name="phone_mobile" size="20" value="'.(isset($_POST["phone_mobile"]) ?GETPOST("phone_mobile") : $object->phone_mobile).'"></td></tr>';
print '<tr><td>'.img_picto('', 'object_phoning_mobile').' '.$langs->trans("PhoneMobile").'</td><td><input type="text" name="phone_mobile" size="20" value="'.(GETPOSTISSET("phone_mobile") ? GETPOST("phone_mobile") : $object->phone_mobile).'"></td></tr>';
if (!empty($conf->socialnetworks->enabled)) {
foreach ($socialnetworks as $key => $value) {
if (!$value['active']) break;
print '<tr><td>'.$langs->trans($value['label']).'</td><td><input type="text" name="'.$key.'" class="minwidth100" value="'.(isset($_POST[$key]) ?GETPOST($key) : $object->socialnetworks[$key]).'"></td></tr>';
print '<tr><td>'.$langs->trans($value['label']).'</td><td><input type="text" name="'.$key.'" class="minwidth100" value="'.(GETPOSTISSET($key) ? GETPOST($key, 'alphanohtml') : $object->socialnetworks[$key]).'"></td></tr>';
}
}
@ -1304,7 +1301,7 @@ else
// Public profil
print "<tr><td>".$langs->trans("Public")."</td><td>\n";
print $form->selectyesno("public", (isset($_POST["public"]) ?GETPOST("public", '', 2) : $object->public), 1);
print $form->selectyesno("public", (GETPOSTISSET("public") ? GETPOST("public", 'alphanohtml', 2) : $object->public), 1);
print "</td></tr>\n";
// Categories

2
htdocs/adherents/class/adherent.class.php
View File

@ -2282,7 +2282,7 @@ class Adherent extends CommonObject
$sql.= " WHERE a.fk_adherent_type = t.rowid";
$sql.= " AND a.statut = 1";
$sql.= " AND a.entity IN (".getEntity('adherent').")";
$sql.= " AND ((a.datefin IS NULL or a.datefin < '".$this->db->idate($now)."') AND t.subscription = 1)";
$sql.= " AND ((a.datefin IS NULL or a.datefin < '".$this->db->idate($now)."') AND t.subscription = '1')";
$resql=$this->db->query($sql);
if ($resql)

1
htdocs/admin/mails_templates.php
View File

@ -168,6 +168,7 @@ if ($conf->societe->enabled) $elementList['thirdparty'] = $langs->tran
if ($conf->adherent->enabled) $elementList['member'] = $langs->trans('MailToMember');
if ($conf->contrat->enabled) $elementList['contract'] = $langs->trans('MailToSendContract');
if ($conf->projet->enabled) $elementList['project'] = $langs->trans('MailToProject');
if ($conf->ticket->enabled) $elementList['ticket_send'] = $langs->trans('MailToTicket');
$elementList['user'] = $langs->trans('MailToUser');
$parameters = array('elementList'=>$elementList);

1
htdocs/admin/modules.php
View File

@ -118,6 +118,7 @@ if ($action == 'install')
// $original_file should match format module_modulename-x.y[.z].zip
$original_file = basename($_FILES["fileinstall"]["name"]);
$original_file = preg_replace('/\(\d+\)\.zip$/i', '.zip', $original_file);
$newfile = $conf->admin->dir_temp.'/'.$original_file.'/'.$original_file;
if (!$original_file)

2
htdocs/comm/mailing/info.php
View File

@ -27,7 +27,7 @@ require_once DOL_DOCUMENT_ROOT.'/comm/mailing/class/mailing.class.php';
require_once DOL_DOCUMENT_ROOT.'/core/lib/functions2.lib.php';
require_once DOL_DOCUMENT_ROOT.'/core/lib/emailing.lib.php';
$id = GETPOST('id');
$id = GETPOST('id', 'int');
// Load translation files required by the page
$langs->load("mails");

4
htdocs/commande/class/commande.class.php
View File

@ -1014,7 +1014,7 @@ class Commande extends CommonOrder
// Complete vat rate with code
$vatrate = $line->tva_tx;
if ($line->vat_src_code && !preg_match('/\(.*\)/', $vatrate)) $vatrate .= ' ('.$line->vat_src_code.')';
$origin = (!empty($line->origin) ? $line->origin : $this->element);
$result = $this->addline(
$line->desc,
$line->subprice,
@ -1039,7 +1039,7 @@ class Commande extends CommonOrder
$line->label,
$line->array_options,
$line->fk_unit,
$this->element,
$origin,
$line->id
);
if ($result < 0)

6
htdocs/compta/bank/class/paymentvarious.class.php
View File

@ -422,7 +422,11 @@ class PaymentVarious extends CommonObject
$sign * abs($this->amount),
$this->num_payment,
($this->category_transaction > 0 ? $this->category_transaction : 0),
$user
$user,
'',
'',
'',
$this->datev
);
// Update fk_bank into llx_paiement.

2
htdocs/compta/bank/releve.php
View File

@ -179,7 +179,7 @@ $sqlrequestforbankline = $sql;
if ($action == 'confirm_editbankreceipt' && !empty($oldbankreceipt) && !empty($newbankreceipt))
{
// TODO Add a test to check newbankreceipt does not exists yet
$sqlupdate = 'UPDATE '.MAIN_DB_PREFIX.'bank SET num_releve = "'.$db->escape($newbankreceipt).'" WHERE num_releve = "'.$db->escape($oldbankreceipt).'"';
$sqlupdate = 'UPDATE '.MAIN_DB_PREFIX.'bank SET num_releve = "'.$db->escape($newbankreceipt).'" WHERE num_releve = "'.$db->escape($oldbankreceipt).'" AND fk_account = '.$id;
$result = $db->query($sqlupdate);
if ($result < 0) dol_print_error($db);

69
htdocs/compta/facture/card.php
View File

@ -319,15 +319,23 @@ if (empty($reshook))
if (($tmp_total_ht < 0 || $tmp_total_ht_devise < 0) && empty($conf->global->FACTURE_ENABLE_NEGATIVE_LINES))
{
$langs->load("errors");
if ($object->type == $object::TYPE_DEPOSIT) {
$langs->load("errors");
// Using negative lines on deposit lead to headach and blocking problems when you want to consume them.
setEventMessages($langs->trans("ErrorLinesCantBeNegativeOnDeposits"), null, 'errors');
$error++;
$action = '';
} else {
setEventMessages($langs->trans("ErrorLinesCantBeNegativeForOneVATRate"), null, 'errors');
$tmpvatratetoshow = explode('_', $vatrate);
$tmpvatratetoshow[0] = round($tmpvatratetoshow[0], 2);
if ($tmpvatratetoshow[0] != 0) {
$langs->load("errors");
setEventMessages($langs->trans("ErrorLinesCantBeNegativeForOneVATRate", $tmpvatratetoshow[0]), null, 'errors');
$error++;
$action = '';
}
}
$error++;
$action = '';
}
}
}
@ -1092,6 +1100,11 @@ if (empty($reshook))
}
$id = $object->create($user);
// NOTE: Pb with situation invoice
// NOTE: fields total on situation invoice are stored as cumulative values on total of lines (bad) but delta on invoice total
// NOTE: fields total on credit note are stored as delta both on total of lines and on invoice total (good)
// NOTE: fields situation_percent on situation invoice are stored as cumulative values on lines (bad)
// NOTE: fields situation_percent on credit note are stored as delta on lines (good)
if (GETPOST('invoiceAvoirWithLines', 'int') == 1 && $id > 0)
{
if (!empty($facture_source->lines))
@ -1112,17 +1125,17 @@ if (empty($reshook))
}
if ($facture_source->type == Facture::TYPE_SITUATION)
{
$source_fk_prev_id = $line->fk_prev_id; // temporary storing situation invoice fk_prev_id
$line->fk_prev_id = $line->id; // Credit note line need to be linked to the situation invoice it is create from
$line->fk_prev_id = $line->id; // The new line of the new credit note we are creating must be linked to the situation invoice line it is created from
if (!empty($facture_source->tab_previous_situation_invoice))
{
// search the last invoice in cycle
$lineIndex = count($facture_source->tab_previous_situation_invoice) - 1;
// search the last standard invoice in cycle and the possible credit note between this last and facture_source
// TODO Move this out of loop of $facture_source->lines
$tab_jumped_credit_notes = array();
$lineIndex = count($facture_source->tab_previous_situation_invoice) - 1;
$searchPreviousInvoice = true;
while ($searchPreviousInvoice)
{
@ -1133,11 +1146,13 @@ if (empty($reshook))
}
else
{
if ($facture_source->tab_previous_situation_invoice[$lineIndex]->type == Facture::TYPE_CREDIT_NOTE) {
$tab_jumped_credit_notes[$lineIndex] = $facture_source->tab_previous_situation_invoice[$lineIndex]->id;
}
$lineIndex--; // go to previous invoice in cycle
}
}
$maxPrevSituationPercent = 0;
foreach ($facture_source->tab_previous_situation_invoice[$lineIndex]->lines as $prevLine)
{
@ -1161,6 +1176,36 @@ if (empty($reshook))
// prorata
$line->situation_percent = $maxPrevSituationPercent - $line->situation_percent;
//print 'New line based on invoice id '.$facture_source->tab_previous_situation_invoice[$lineIndex]->id.' fk_prev_id='.$source_fk_prev_id.' will be fk_prev_id='.$line->fk_prev_id.' '.$line->total_ht.' '.$line->situation_percent.'<br>';
// If there is some credit note between last situation invoice and invoice used for credit note generation (note: credit notes are stored as delta)
$maxPrevSituationPercent = 0;
foreach ($tab_jumped_credit_notes as $index => $creditnoteid) {
foreach ($facture_source->tab_previous_situation_invoice[$index]->lines as $prevLine)
{
if ($prevLine->fk_prev_id == $source_fk_prev_id)
{
$maxPrevSituationPercent = $prevLine->situation_percent;
$line->total_ht -= $prevLine->total_ht;
$line->total_tva -= $prevLine->total_tva;
$line->total_ttc -= $prevLine->total_ttc;
$line->total_localtax1 -= $prevLine->total_localtax1;
$line->total_localtax2 -= $prevLine->total_localtax2;
$line->multicurrency_subprice -= $prevLine->multicurrency_subprice;
$line->multicurrency_total_ht -= $prevLine->multicurrency_total_ht;
$line->multicurrency_total_tva -= $prevLine->multicurrency_total_tva;
$line->multicurrency_total_ttc -= $prevLine->multicurrency_total_ttc;
}
}
}
// prorata
$line->situation_percent += $maxPrevSituationPercent;
//print 'New line based on invoice id '.$facture_source->tab_previous_situation_invoice[$lineIndex]->id.' fk_prev_id='.$source_fk_prev_id.' will be fk_prev_id='.$line->fk_prev_id.' '.$line->total_ht.' '.$line->situation_percent.'<br>';
}
}
@ -1208,7 +1253,7 @@ if (empty($reshook))
}
// Add link between credit note and origin
if (!empty($object->fk_facture_source)) {
if (!empty($object->fk_facture_source) && $id > 0) {
$facture_source->fetch($object->fk_facture_source);
$facture_source->fetchObjectLinked();
@ -1397,7 +1442,7 @@ if (empty($reshook))
if ($_POST['type'] == Facture::TYPE_DEPOSIT)
{
$typeamount = GETPOST('typedeposit', 'alpha');
$valuedeposit = GETPOST('valuedeposit', 'int');
$valuedeposit = price2num(GETPOST('valuedeposit', 'alpha'), 'MU');
$amountdeposit = array();
if (!empty($conf->global->MAIN_DEPOSIT_MULTI_TVA))

5
htdocs/compta/facture/class/facture.class.php
View File

@ -1740,7 +1740,8 @@ class Facture extends CommonInvoice
}
/**
* Fetch previous and next situations invoices
* Fetch previous and next situations invoices.
* Return all previous and next invoices (both standard and credit notes).
*
* @return void
*/
@ -1751,7 +1752,7 @@ class Facture extends CommonInvoice
$this->tab_previous_situation_invoice = array();
$this->tab_next_situation_invoice = array();
$sql = 'SELECT rowid, situation_counter FROM '.MAIN_DB_PREFIX.'facture';
$sql = 'SELECT rowid, type, situation_cycle_ref, situation_counter FROM '.MAIN_DB_PREFIX.'facture';
$sql .= ' WHERE rowid <> '.$this->id;
$sql .= ' AND entity = '.$this->entity;
$sql .= ' AND situation_cycle_ref = '.(int) $this->situation_cycle_ref;

42
htdocs/compta/paiement/class/paiement.class.php
View File

@ -68,9 +68,10 @@ class Paiement extends CommonObject
*/
public $montant;
public $amount; // Total amount of payment
public $amounts=array(); // Array of amounts
public $multicurrency_amounts=array(); // Array of amounts
public $amount; // Total amount of payment (in the main currency)
public $multicurrency_amount; // Total amount of payment (in the currency of the bank account)
public $amounts=array(); // array: invoice ID => amount for that invoice (in the main currency)>
public $multicurrency_amounts=array(); // array: invoice ID => amount for that invoice (in the invoice's currency)>
public $author;
public $paiementid; // Type of payment. Id saved into fields fk_paiement on llx_paiement
public $paiementcode; // Code of payment.
@ -159,7 +160,7 @@ class Paiement extends CommonObject
*/
public function fetch($id, $ref = '', $fk_bank = '')
{
$sql = 'SELECT p.rowid, p.ref, p.datep as dp, p.amount, p.statut, p.ext_payment_id, p.ext_payment_site, p.fk_bank,';
$sql = 'SELECT p.rowid, p.ref, p.datep as dp, p.amount, p.statut, p.ext_payment_id, p.ext_payment_site, p.fk_bank, p.multicurrency_amount,';
$sql.= ' c.code as type_code, c.libelle as type_label,';
$sql.= ' p.num_paiement as num_payment, p.note,';
$sql.= ' b.fk_account';
@ -179,20 +180,21 @@ class Paiement extends CommonObject
if ($this->db->num_rows($resql))
{
$obj = $this->db->fetch_object($resql);
$this->id = $obj->rowid;
$this->ref = $obj->ref?$obj->ref:$obj->rowid;
$this->date = $this->db->jdate($obj->dp);
$this->datepaye = $this->db->jdate($obj->dp);
$this->num_paiement = $obj->num_payment; // deprecated
$this->num_payment = $obj->num_payment;
$this->montant = $obj->amount; // deprecated
$this->amount = $obj->amount;
$this->note = $obj->note;
$this->type_label = $obj->type_label;
$this->type_code = $obj->type_code;
$this->statut = $obj->statut;
$this->ext_payment_id = $obj->ext_payment_id;
$this->ext_payment_site = $obj->ext_payment_site;
$this->id = $obj->rowid;
$this->ref = $obj->ref?$obj->ref:$obj->rowid;
$this->date = $this->db->jdate($obj->dp);
$this->datepaye = $this->db->jdate($obj->dp);
$this->num_paiement = $obj->num_payment; // deprecated
$this->num_payment = $obj->num_payment;
$this->montant = $obj->amount; // deprecated
$this->amount = $obj->amount;
$this->multicurrency_amount = $obj->multicurrency_amount;
$this->note = $obj->note;
$this->type_label = $obj->type_label;
$this->type_code = $obj->type_code;
$this->statut = $obj->statut;
$this->ext_payment_id = $obj->ext_payment_id;
$this->ext_payment_site = $obj->ext_payment_site;
$this->bank_account = $obj->fk_account; // deprecated
$this->fk_account = $obj->fk_account;
@ -530,7 +532,9 @@ class Paiement extends CommonObject
$accline = new AccountLine($this->db);
$result=$accline->fetch($bank_line_id);
if ($result == 0) $accline->rowid=$bank_line_id; // If not found, we set artificially rowid to allow delete of llx_bank_url
if ($result == 0) {
$accline->id = $accline->rowid = $bank_line_id; // If not found, we set artificially rowid to allow delete of llx_bank_url
}
// Delete bank account url lines linked to payment
$result=$accline->delete_urls($user);

2
htdocs/compta/paiement/info.php
View File

@ -31,7 +31,7 @@ require_once DOL_DOCUMENT_ROOT.'/core/lib/payments.lib.php';
// Load translation files required by the page
$langs->loadLangs(array('bills', 'companies'));
$id = GETPOST('id');
$id = GETPOST('id', 'int');
$ref = GETPOST('ref', 'alpha');
$action = GETPOST('action', 'alpha');
$confirm = GETPOST('confirm', 'alpha');

8
htdocs/compta/prelevement/bons.php
View File

@ -31,6 +31,8 @@ require_once DOL_DOCUMENT_ROOT.'/compta/bank/class/account.class.php';
// Load translation files required by the page
$langs->loadLangs(array('banks', 'categories', 'widthdrawals'));
$contextpage = GETPOST('contextpage', 'aZ') ?GETPOST('contextpage', 'aZ') : 'contractlist'; // To manage different context of search
// Security check
$socid = GETPOST('socid', 'int');
if ($user->socid) $socid=$user->socid;
@ -102,7 +104,9 @@ if ($result)
$num = $db->num_rows($result);
$i = 0;
$urladd = "&amp;statut=".$statut;
$param = '';
$param .= "&statut=".$statut;
if ($limit != $conf->liste_limit) $param .= '&limit=' . $limit;
$selectedfields = '';
@ -123,7 +127,7 @@ if ($result)
print '<input type="hidden" name="page" value="'.$page.'">';
print '<input type="hidden" name="contextpage" value="'.$contextpage.'">';
print_barre_liste($langs->trans("WithdrawalsReceipts"), $page, $_SERVER["PHP_SELF"], $urladd, $sortfield, $sortorder, '', $num, $nbtotalofrecords, 'generic', 0, $newcardbutton, '', $limit);
print_barre_liste($langs->trans("WithdrawalsReceipts"), $page, $_SERVER["PHP_SELF"], $param, $sortfield, $sortorder, '', $num, $nbtotalofrecords, 'generic', 0, $newcardbutton, '', $limit);
$moreforfilter = '';

70
htdocs/compta/resultat/index.php
View File

@ -499,7 +499,7 @@ elseif ($modecompta == "BOOKKEEPING")
}
/*
* Charges sociales non deductibles
* Social contributions
*/
$subtotal_ht = 0;
@ -512,7 +512,6 @@ if (!empty($conf->tax->enabled) && ($modecompta == 'CREANCES-DETTES' || $modecom
$sql .= " FROM ".MAIN_DB_PREFIX."c_chargesociales as c";
$sql .= ", ".MAIN_DB_PREFIX."chargesociales as cs";
$sql .= " WHERE cs.fk_type = c.id";
$sql .= " AND c.deductible = 0";
if (!empty($date_start) && !empty($date_end))
$sql .= " AND cs.date_ech >= '".$db->idate($date_start)."' AND cs.date_ech <= '".$db->idate($date_end)."'";
}
@ -524,7 +523,6 @@ if (!empty($conf->tax->enabled) && ($modecompta == 'CREANCES-DETTES' || $modecom
$sql .= ", ".MAIN_DB_PREFIX."paiementcharge as p";
$sql .= " WHERE p.fk_charge = cs.rowid";
$sql .= " AND cs.fk_type = c.id";
$sql .= " AND c.deductible = 0";
if (!empty($date_start) && !empty($date_end))
$sql .= " AND p.datep >= '".$db->idate($date_start)."' AND p.datep <= '".$db->idate($date_end)."'";
}
@ -532,69 +530,7 @@ if (!empty($conf->tax->enabled) && ($modecompta == 'CREANCES-DETTES' || $modecom
$sql .= " AND cs.entity = ".$conf->entity;
$sql .= " GROUP BY c.libelle, dm";
dol_syslog("get social contributions deductible=0 ", LOG_DEBUG);
$result = $db->query($sql);
if ($result) {
$num = $db->num_rows($result);
$i = 0;
if ($num) {
while ($i < $num) {
$obj = $db->fetch_object($result);
if (!isset($decaiss[$obj->dm])) $decaiss[$obj->dm] = 0;
$decaiss[$obj->dm] += $obj->amount;
if (!isset($decaiss_ttc[$obj->dm])) $decaiss_ttc[$obj->dm] = 0;
$decaiss_ttc[$obj->dm] += $obj->amount;
$i++;
}
}
} else {
dol_print_error($db);
}
}
elseif ($modecompta == "BOOKKEEPING")
{
// Nothing from this table
}
/*
* Charges sociales deductibles
*/
$subtotal_ht = 0;
$subtotal_ttc = 0;
if (!empty($conf->tax->enabled) && ($modecompta == 'CREANCES-DETTES' || $modecompta == "RECETTES-DEPENSES"))
{
if ($modecompta == 'CREANCES-DETTES')
{
$sql = "SELECT c.libelle as nom, date_format(cs.date_ech,'%Y-%m') as dm, sum(cs.amount) as amount";
$sql .= " FROM ".MAIN_DB_PREFIX."c_chargesociales as c";
$sql .= ", ".MAIN_DB_PREFIX."chargesociales as cs";
$sql .= " WHERE cs.fk_type = c.id";
$sql .= " AND c.deductible = 1";
if (!empty($date_start) && !empty($date_end))
$sql .= " AND cs.date_ech >= '".$db->idate($date_start)."' AND cs.date_ech <= '".$db->idate($date_end)."'";
}
elseif ($modecompta == "RECETTES-DEPENSES")
{
$sql = "SELECT c.libelle as nom, date_format(p.datep,'%Y-%m') as dm, sum(p.amount) as amount";
$sql .= " FROM ".MAIN_DB_PREFIX."c_chargesociales as c";
$sql .= ", ".MAIN_DB_PREFIX."chargesociales as cs";
$sql .= ", ".MAIN_DB_PREFIX."paiementcharge as p";
$sql .= " WHERE p.fk_charge = cs.rowid";
$sql .= " AND cs.fk_type = c.id";
$sql .= " AND c.deductible = 1";
if (!empty($date_start) && !empty($date_end))
$sql .= " AND p.datep >= '".$db->idate($date_start)."' AND p.datep <= '".$db->idate($date_end)."'";
}
$sql .= " AND cs.entity = ".$conf->entity;
$sql .= " GROUP BY c.libelle, dm";
dol_syslog("get social contributions paid deductible=1", LOG_DEBUG);
dol_syslog("get social contributions", LOG_DEBUG);
$result = $db->query($sql);
if ($result) {
$num = $db->num_rows($result);
@ -734,7 +670,7 @@ elseif ($modecompta == 'BOOKKEEPING') {
/*
* Donation get dunning paiement
* Donation get dunning payments
*/
if (!empty($conf->don->enabled) && ($modecompta == 'CREANCES-DETTES' || $modecompta == "RECETTES-DEPENSES"))

1
htdocs/contact/card.php
View File

@ -403,6 +403,7 @@ if (empty($reshook))
//$object->twitter = GETPOST("twitter", 'alpha');
//$object->facebook = GETPOST("facebook", 'alpha');
//$object->linkedin = GETPOST("linkedin", 'alpha');
$object->socialnetworks = array();
if (!empty($conf->socialnetworks->enabled)) {
foreach ($socialnetworks as $key => $value) {
if (GETPOSTISSET($key) && GETPOST($key, 'alphanohtml') != '') {

13
htdocs/contact/class/contact.class.php
View File

@ -1067,9 +1067,6 @@ class Contact extends CommonObject
$error = 0;
//$this->old_lastname = $obj->lastname;
//$this->old_firstname = $obj->firstname;
$this->db->begin();
if (!$error)
@ -1081,7 +1078,7 @@ class Contact extends CommonObject
$sql .= " WHERE ec.fk_socpeople=".$this->id;
$sql .= " AND ec.fk_c_type_contact=tc.rowid";
$sql .= " AND tc.source='external'";
dol_syslog(get_class($this)."::delete", LOG_DEBUG);
dol_syslog(__METHOD__, LOG_DEBUG);
$resql = $this->db->query($sql);
if ($resql)
{
@ -1094,7 +1091,7 @@ class Contact extends CommonObject
$sqldel = "DELETE FROM ".MAIN_DB_PREFIX."element_contact";
$sqldel .= " WHERE rowid = ".$obj->rowid;
dol_syslog(get_class($this)."::delete", LOG_DEBUG);
dol_syslog(__METHOD__, LOG_DEBUG);
$result = $this->db->query($sqldel);
if (!$result)
{
@ -1116,7 +1113,7 @@ class Contact extends CommonObject
{
// Remove Roles
$sql = "DELETE FROM ".MAIN_DB_PREFIX."societe_contacts WHERE fk_socpeople = ".$this->id;
dol_syslog(get_class($this)."::delete", LOG_DEBUG);
dol_syslog(__METHOD__, LOG_DEBUG);
$resql = $this->db->query($sql);
if (!$resql)
{
@ -1130,7 +1127,7 @@ class Contact extends CommonObject
{
// Remove category
$sql = "DELETE FROM ".MAIN_DB_PREFIX."categorie_contact WHERE fk_socpeople = ".$this->id;
dol_syslog(get_class($this)."::delete", LOG_DEBUG);
dol_syslog(__METHOD__, LOG_DEBUG);
$resql = $this->db->query($sql);
if (!$resql)
{
@ -1144,7 +1141,7 @@ class Contact extends CommonObject
{
$sql = "DELETE FROM ".MAIN_DB_PREFIX."socpeople";
$sql .= " WHERE rowid=".$this->id;
dol_syslog(get_class($this)."::delete", LOG_DEBUG);
dol_syslog(__METHOD__, LOG_DEBUG);
$result = $this->db->query($sql);
if (!$result)
{

6
htdocs/core/actions_linkedfiles.inc.php
View File

@ -209,8 +209,10 @@ elseif ($action == 'renamefile' && GETPOST('renamefilesave', 'alpha'))
if (empty($reshook))
{
if (! file_exists($destpath))
{
if (preg_match('/^\./', $filenameto)) {
$langs->load("errors"); // key must be loaded because we can't rely on loading during output, we need var substitution to be done now.
setEventMessages($langs->trans("ErrorFilenameCantStartWithDot", $filenameto), null, 'errors');
} elseif (! file_exists($destpath)) {
$result = dol_move($srcpath, $destpath);
if ($result)
{

16
htdocs/core/actions_massactions.inc.php
View File

@ -1030,14 +1030,18 @@ if (!$error && $massaction == "builddoc" && $permissiontoread && !GETPOST('butto
$input_files .= ' '.escapeshellarg($f);
}
$cmd = 'pdftk '.escapeshellarg($input_files).' cat output '.escapeshellarg($file);
$cmd = 'pdftk ' . $input_files . ' cat output '.escapeshellarg($file);
exec($cmd);
if (!empty($conf->global->MAIN_UMASK))
@chmod($file, octdec($conf->global->MAIN_UMASK));
$langs->load("exports");
setEventMessages($langs->trans('FileSuccessfullyBuilt', $filename.'_'.dol_print_date($now, 'dayhourlog')), null, 'mesgs');
// check if pdftk is installed
if (file_exists($file)) {
if (!empty($conf->global->MAIN_UMASK))
@chmod($file, octdec($conf->global->MAIN_UMASK));
$langs->load("exports");
setEventMessages($langs->trans('FileSuccessfullyBuilt', $filename.'_'.dol_print_date($now, 'dayhourlog')), null, 'mesgs');
} else {
setEventMessages($langs->trans('ErrorPDFTkOutputFileNotFound'), null, 'errors');
}
}
else
{

4
htdocs/core/class/commondocgenerator.class.php
View File

@ -212,8 +212,8 @@ abstract class CommonDocGenerator
'company_idprof6'=>$object->idprof6,
'company_note_public'=>$object->note_public,
'company_note_private'=>$object->note_private,
'company_default_bank_iban'=>$object->bank_account->iban,
'company_default_bank_bic'=>$object->bank_account->bic
'company_default_bank_iban'=>(is_object($object->bank_account) ? $object->bank_account->iban : ''),
'company_default_bank_bic'=>(is_object($object->bank_account) ? $object->bank_account->bic : '')
);
// Retrieve extrafields

120
htdocs/core/class/commonobject.class.php
View File

@ -438,10 +438,14 @@ abstract class CommonObject
public $next_prev_filter;
/**
* @var array List of child tables. To know object to delete on cascade.
* if name like with @ClassNAme:FilePathClass;ParentFkFieldName' it will
* call method deleteByParentField(parentId,ParentFkFieldName) to fetch and delete child object
*/
protected $childtablesoncascade = array();
// No constructor as it is an abstract class
/**
* Check an object id/ref exists
* If you don't need/want to instantiate object and just need to know if object exists, use this method instead of fetch
@ -3045,7 +3049,12 @@ abstract class CommonObject
//print 'Line '.$i.' rowid='.$obj->rowid.' vat_rate='.$obj->vatrate.' total_ht='.$obj->total_ht.' total_tva='.$obj->total_tva.' total_ttc='.$obj->total_ttc.' total_ht_by_vats='.$total_ht_by_vats[$obj->vatrate].' total_tva_by_vats='.$total_tva_by_vats[$obj->vatrate].' (new calculation = '.$tmpvat.') total_ttc_by_vats='.$total_ttc_by_vats[$obj->vatrate].($diff?" => DIFF":"")."<br>\n";
if ($diff)
{
if (abs($diff) > 0.1) { dol_syslog('A rounding difference was detected into TOTAL but is too high to be corrected', LOG_WARNING); exit; }
if (abs($diff) > 0.1) {
$errmsg = 'A rounding difference was detected into TOTAL but is too high to be corrected. Some data in your line may be corrupted. Try to edit each line manually.';
dol_syslog($errmsg, LOG_WARNING);
dol_print_error('', $errmsg);
exit;
}
$sqlfix = "UPDATE ".MAIN_DB_PREFIX.$this->table_element_line." SET ".$fieldtva." = ".($obj->total_tva - $diff).", total_ttc = ".($obj->total_ttc - $diff)." WHERE rowid = ".$obj->rowid;
dol_syslog('We found a difference of '.$diff.' for line rowid = '.$obj->rowid.". We fix the total_vat and total_ttc of line by running sqlfix = ".$sqlfix);
$resqlfix = $this->db->query($sqlfix);
@ -7888,18 +7897,43 @@ abstract class CommonObject
}
// Delete cascade first
if (!empty($this->childtablesoncascade)) {
if (is_array($this->childtablesoncascade) && !empty($this->childtablesoncascade)) {
foreach ($this->childtablesoncascade as $table)
{
$sql = 'DELETE FROM '.MAIN_DB_PREFIX.$table.' WHERE '.$this->fk_element.' = '.$this->id;
$resql = $this->db->query($sql);
if (!$resql)
{
$this->error = $this->db->lasterror();
$this->errors[] = $this->error;
$this->db->rollback();
return -1;
}
$deleteFromObject = explode(':', $table);
if (count($deleteFromObject)>=2) {
$className = str_replace('@', '', $deleteFromObject[0]);
$filePath = $deleteFromObject[1];
$columnName = $deleteFromObject[2];
if (dol_include_once($filePath)) {
$childObject = new $className($this->db);
if (method_exists($childObject, 'deleteByParentField')) {
$result = $childObject->deleteByParentField($this->id, $columnName);
if ($result < 0) {
$error++;
$this->errors[] = $childObject->error;
break;
}
} else {
$error++;
$this->errors[] = "You defined a cascade delete on an object $childObject but there is no method deleteByParentField for it";
break;
}
} else {
$error++;
$this->errors[] = 'Cannot include child class file ' .$filePath;
break;
}
} else {
$sql = 'DELETE FROM ' . MAIN_DB_PREFIX . $table . ' WHERE ' . $this->fk_element . ' = ' . $this->id;
$resql = $this->db->query($sql);
if (!$resql) {
$error++;
$this->error = $this->db->lasterror();
$this->errors[] = $this->error;
break;
}
}
}
}
@ -7946,6 +7980,66 @@ abstract class CommonObject
}
}
/**
* Delete all child object from a parent ID
*
* @param int $parentId Parent Id
* @param string $parentField Name of Foreign key parent column
* @return int <0 if KO, >0 if OK
* @throws Exception
*/
public function deleteByParentField($parentId = 0, $parentField = '')
{
global $user;
$error = 0;
$deleted = 0;
if (!empty($parentId) && !empty($parentField)) {
$this->db->begin();
$sql = "SELECT rowid FROM " . MAIN_DB_PREFIX . $this->table_element;
$sql .= ' WHERE '.$parentField.' = ' . (int) $parentId;
$resql = $this->db->query($sql);
if (!$resql) {
$this->errors[] = $this->db->lasterror();
$error++;
} else {
while ($obj = $this->db->fetch_object($resql)) {
$result = $this->fetch($obj->rowid);
if ($result < 0) {
$error++;
$this->errors[] = $this->error;
} else {
if (get_class($this) == 'Contact') { // TODO special code because delete() for contact has not been standardized like other delete.
$result = $this->delete();
} else {
$result = $this->delete($user);
}
if ($result < 0) {
$error++;
$this->errors[] = $this->error;
} else {
$deleted++;
}
}
}
}
if (empty($error)) {
$this->db->commit();
return $deleted;
} else {
$this->error = implode(', ', $this->errors);
$this->db->rollback();
return $error * -1;
}
}
return $deleted;
}
/**
* Delete a line of object in database
*

9
htdocs/core/class/extrafields.class.php
View File

@ -1686,8 +1686,13 @@ class ExtraFields
}
elseif ($type == 'select')
{
if ($langfile && $param['options'][$value]) $value = $langs->trans($param['options'][$value]);
else $value = $param['options'][$value];
$valstr = $param['options'][$value];
if (($pos = strpos($valstr, "|")) !== false)
{
$valstr = substr($valstr, 0, $pos);
}
if ($langfile && $valstr) $value = $langs->trans($valstr);
else $value = $valstr;
}
elseif ($type == 'sellist')
{

7
htdocs/core/class/html.form.class.php
View File

@ -2802,6 +2802,7 @@ class Form
if ($result)
{
require_once DOL_DOCUMENT_ROOT.'/product/dynamic_price/class/price_parser.class.php';
require_once DOL_DOCUMENT_ROOT.'/core/lib/product.lib.php';
$num = $this->db->num_rows($result);
@ -3711,7 +3712,8 @@ class Form
$sql = 'SELECT rowid, ref, situation_cycle_ref, situation_counter, situation_final, fk_soc';
$sql .= ' FROM '.MAIN_DB_PREFIX.'facture';
$sql .= ' WHERE entity IN ('.getEntity('invoice').')';
$sql .= ' AND situation_counter>=1';
$sql .= ' AND situation_counter >= 1';
$sql .= ' AND type <> 2';
$sql .= ' ORDER by situation_cycle_ref, situation_counter desc';
$resql = $this->db->query($sql);
if ($resql && $this->db->num_rows($resql) > 0) {
@ -6946,7 +6948,8 @@ class Form
'order'=>array('enabled'=>$conf->commande->enabled, 'perms'=>1, 'label'=>'LinkToOrder', 'sql'=>"SELECT s.rowid as socid, s.nom as name, s.client, t.rowid, t.ref, t.ref_client, t.total_ht FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."commande as t WHERE t.fk_soc = s.rowid AND t.fk_soc IN (".$listofidcompanytoscan.') AND t.entity IN ('.getEntity('commande').')'),
'invoice'=>array('enabled'=>$conf->facture->enabled, 'perms'=>1, 'label'=>'LinkToInvoice', 'sql'=>"SELECT s.rowid as socid, s.nom as name, s.client, t.rowid, t.ref, t.ref_client, t.total as total_ht FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."facture as t WHERE t.fk_soc = s.rowid AND t.fk_soc IN (".$listofidcompanytoscan.') AND t.entity IN ('.getEntity('invoice').')'),
'invoice_template'=>array('enabled'=>$conf->facture->enabled, 'perms'=>1, 'label'=>'LinkToTemplateInvoice', 'sql'=>"SELECT s.rowid as socid, s.nom as name, s.client, t.rowid, t.titre as ref, t.total as total_ht FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."facture_rec as t WHERE t.fk_soc = s.rowid AND t.fk_soc IN (".$listofidcompanytoscan.') AND t.entity IN ('.getEntity('invoice').')'),
'contrat'=>array('enabled'=>$conf->contrat->enabled, 'perms'=>1, 'label'=>'LinkToContract', 'sql'=>"SELECT s.rowid as socid, s.nom as name, s.client, t.rowid, t.ref, t.ref_supplier, '' as total_ht FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."contrat as t WHERE t.fk_soc = s.rowid AND t.fk_soc IN (".$listofidcompanytoscan.') AND t.entity IN ('.getEntity('contract').')'),
'contrat'=>array('enabled'=>$conf->contrat->enabled, 'perms'=>1, 'label'=>'LinkToContract',
'sql'=>"SELECT s.rowid as socid, s.nom as name, s.client, t.rowid, t.ref, t.ref_customer as ref_client, t.ref_supplier, '' as total_ht FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."contrat as t WHERE t.fk_soc = s.rowid AND t.fk_soc IN (".$listofidcompanytoscan.') AND t.entity IN ('.getEntity('contract').')'),
'fichinter'=>array('enabled'=>$conf->ficheinter->enabled, 'perms'=>1, 'label'=>'LinkToIntervention', 'sql'=>"SELECT s.rowid as socid, s.nom as name, s.client, t.rowid, t.ref FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."fichinter as t WHERE t.fk_soc = s.rowid AND t.fk_soc IN (".$listofidcompanytoscan.') AND t.entity IN ('.getEntity('intervention').')'),
'supplier_proposal'=>array('enabled'=>$conf->supplier_proposal->enabled, 'perms'=>1, 'label'=>'LinkToSupplierProposal', 'sql'=>"SELECT s.rowid as socid, s.nom as name, s.client, t.rowid, t.ref, '' as ref_supplier, t.total_ht FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."supplier_proposal as t WHERE t.fk_soc = s.rowid AND t.fk_soc IN (".$listofidcompanytoscan.') AND t.entity IN ('.getEntity('supplier_proposal').')'),
'order_supplier'=>array('enabled'=>$conf->supplier_order->enabled, 'perms'=>1, 'label'=>'LinkToSupplierOrder', 'sql'=>"SELECT s.rowid as socid, s.nom as name, s.client, t.rowid, t.ref, t.ref_supplier, t.total_ht FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."commande_fournisseur as t WHERE t.fk_soc = s.rowid AND t.fk_soc IN (".$listofidcompanytoscan.') AND t.entity IN ('.getEntity('commande_fournisseur').')'),

3
htdocs/core/class/html.formfile.class.php
View File

@ -1269,7 +1269,8 @@ class FormFile
}
else
{
print dol_trunc($file['name'], 200);
$filenametoshow = preg_replace('/\.noexe$/', '', $file['name']);
print dol_trunc($filenametoshow, 200);
print '</a>';
}
// Preview link

8
htdocs/core/class/html.formticket.class.php
View File

@ -987,10 +987,10 @@ class FormTicket
}
// MESSAGE
$defaultmessage = "";
if (is_array($arraydefaultmessage) && count($arraydefaultmessage) > 0 && $arraydefaultmessage->content) {
$defaultmessage = $arraydefaultmessage->content;
}
$defaultmessage="";
if (is_object($arraydefaultmessage) && $arraydefaultmessage->content) {
$defaultmessage = $arraydefaultmessage->content;
}
$defaultmessage = str_replace('\n', "\n", $defaultmessage);
// Deal with format differences between message and signature (text / HTML)

4
htdocs/core/class/smtps.class.php
View File

@ -428,7 +428,7 @@ class SMTPs
$host=preg_replace('@ssl://@i', '', $host); // Remove prefix
$host=preg_replace('@tls://@i', '', $host); // Remove prefix
if ($usetls) $host='tls://'.$host;
if ($usetls && ! empty($conf->global->MAIN_SMTPS_ADD_TLS_TO_HOST_FOR_HELO)) $host = 'tls://'.$host;
$hosth = $host;
@ -568,6 +568,8 @@ class SMTPs
$host=preg_replace('@ssl://@i', '', $host); // Remove prefix
$host=preg_replace('@tls://@i', '', $host); // Remove prefix
if ($usetls && ! empty($conf->global->MAIN_SMTPS_ADD_TLS_TO_HOST_FOR_HELO)) $host = 'tls://'.$host;
$hosth = $host;
if (! empty($conf->global->MAIL_SMTP_USE_FROM_FOR_HELO))

4
htdocs/core/lib/company.lib.php
View File

@ -1448,7 +1448,7 @@ function show_actions_done($conf, $langs, $db, $filterobj, $objcon = '', $noprin
$langs->load("mails");
$sql2 = "SELECT m.rowid as id, m.titre as label, mc.date_envoi as dp, mc.date_envoi as dp2, '100' as percent, 'mailing' as type";
$sql2 .= ", '' as fk_element, '' as elementtype, '' as contact_id";
$sql2 .= ", null as fk_element, '' as elementtype, null as contact_id";
$sql2 .= ", 'AC_EMAILING' as acode, '' as alabel, '' as apicto";
$sql2 .= ", u.rowid as user_id, u.login as user_login, u.photo as user_photo, u.firstname as user_firstname, u.lastname as user_lastname"; // User that valid action
if (is_object($filterobj) && get_class($filterobj) == 'Societe') $sql2 .= ", '' as lastname, '' as firstname";
@ -1460,7 +1460,7 @@ function show_actions_done($conf, $langs, $db, $filterobj, $objcon = '', $noprin
$sql2 .= " WHERE mc.email = '".$db->escape($objcon->email)."'"; // Search is done on email.
$sql2 .= " AND mc.statut = 1";
$sql2 .= " AND u.rowid = m.fk_user_valid";
$sql2 .= " AND mc.fk_mailing=m.rowid";
$sql2 .= " AND mc.fk_mailing = m.rowid";
}
if (!empty($sql) && !empty($sql2)) {

41
htdocs/core/lib/files.lib.php
View File

@ -324,11 +324,13 @@ function completeFileArrayWithDatabaseInfo(&$filearray, $relativedir)
// Complete filearray with properties found into $filearrayindatabase
foreach ($filearray as $key => $val)
{
$tmpfilename = preg_replace('/\.noexe$/', '', $filearray[$key]['name']);
$found = 0;
// Search if it exists into $filearrayindatabase
foreach ($filearrayindatabase as $key2 => $val2)
{
if ($filearrayindatabase[$key2]['name'] == $filearray[$key]['name'])
if ($filearrayindatabase[$key2]['name'] == $tmpfilename)
{
$filearray[$key]['position_name'] = ($filearrayindatabase[$key2]['position'] ? $filearrayindatabase[$key2]['position'] : '0').'_'.$filearrayindatabase[$key2]['name'];
$filearray[$key]['position'] = $filearrayindatabase[$key2]['position'];
@ -349,7 +351,7 @@ function completeFileArrayWithDatabaseInfo(&$filearray, $relativedir)
$filearray[$key]['acl'] = '';
$rel_filename = preg_replace('/^'.preg_quote(DOL_DATA_ROOT, '/').'/', '', $filearray[$key]['fullname']);
if (!preg_match('/([\\/]temp[\\/]|[\\/]thumbs|\.meta$)/', $rel_filetorenameafter)) // If not a tmp file
if (!preg_match('/([\\/]temp[\\/]|[\\/]thumbs|\.meta$)/', $rel_filename)) // If not a tmp file
{
dol_syslog("list_of_documents We found a file called '".$filearray[$key]['name']."' not indexed into database. We add it");
include_once DOL_DOCUMENT_ROOT.'/ecm/class/ecmfiles.class.php';
@ -870,7 +872,7 @@ function dol_move($srcfile, $destfile, $newmask = 0, $overwriteifexists = 1, $te
{
$rel_filetorenamebefore = preg_replace('/^[\\/]/', '', $rel_filetorenamebefore);
$rel_filetorenameafter = preg_replace('/^[\\/]/', '', $rel_filetorenameafter);
//var_dump($rel_filetorenamebefore.' - '.$rel_filetorenameafter);
//var_dump($rel_filetorenamebefore.' - '.$rel_filetorenameafter);exit;
dol_syslog("Try to rename also entries in database for full relative path before = ".$rel_filetorenamebefore." after = ".$rel_filetorenameafter, LOG_DEBUG);
include_once DOL_DOCUMENT_ROOT.'/ecm/class/ecmfiles.class.php';
@ -893,6 +895,7 @@ function dol_move($srcfile, $destfile, $newmask = 0, $overwriteifexists = 1, $te
$ecmfile->filepath = $rel_dir;
$ecmfile->filename = $filename;
$resultecm = $ecmfile->update($user);
}
elseif ($resultecm == 0) // If no entry were found for src files, create/update target file
@ -995,7 +998,7 @@ function dolCheckVirus($src_file)
* @param integer $uploaderrorcode Value of PHP upload error code ($_FILES['field']['error'])
* @param int $nohook Disable all hooks
* @param string $varfiles _FILES var name
* @return int|string >0 if OK, <0 or string if KO
* @return int|string 1 if OK, 2 if OK and .noexe appended, <0 or string if KO
* @see dol_move()
*/
function dol_move_uploaded_file($src_file, $dest_file, $allowoverwrite, $disablevirusscan = 0, $uploaderrorcode = 0, $nohook = 0, $varfiles = 'addedfile')
@ -1005,6 +1008,7 @@ function dol_move_uploaded_file($src_file, $dest_file, $allowoverwrite, $disable
$reshook = 0;
$file_name = $dest_file;
$successcode = 1;
if (empty($nohook))
{
@ -1055,6 +1059,7 @@ function dol_move_uploaded_file($src_file, $dest_file, $allowoverwrite, $disable
if (isAFileWithExecutableContent($dest_file) && empty($conf->global->MAIN_DOCUMENT_IS_OUTSIDE_WEBROOT_SO_NOEXE_NOT_REQUIRED))
{
$file_name .= '.noexe';
$successcode = 2;
}
// Security:
@ -1109,7 +1114,7 @@ function dol_move_uploaded_file($src_file, $dest_file, $allowoverwrite, $disable
{
if (!empty($conf->global->MAIN_UMASK)) @chmod($file_name_osencoded, octdec($conf->global->MAIN_UMASK));
dol_syslog("Files.lib::dol_move_uploaded_file Success to move ".$src_file." to ".$file_name." - Umask=".$conf->global->MAIN_UMASK, LOG_DEBUG);
return 1; // Success
return $successcode; // Success
}
else
{
@ -1118,7 +1123,7 @@ function dol_move_uploaded_file($src_file, $dest_file, $allowoverwrite, $disable
}
}
return 1; // Success
return $successcode; // Success
}
/**
@ -1173,8 +1178,6 @@ function dol_delete_file($file, $disableglob = 0, $nophperrors = 0, $nohook = 0,
}
else
{
$error = 0;
//print "x".$file." ".$disableglob;exit;
$file_osencoded = dol_osencode($file); // New filename encoded in OS filesystem encoding charset
if (empty($disableglob) && !empty($file_osencoded))
@ -1197,10 +1200,11 @@ function dol_delete_file($file, $disableglob = 0, $nophperrors = 0, $nohook = 0,
$rel_filetodelete = preg_replace('/^'.preg_quote(DOL_DATA_ROOT, '/').'/', '', $filename);
if (!preg_match('/(\/temp\/|\/thumbs\/|\.meta$)/', $rel_filetodelete)) // If not a tmp file
{
$rel_filetodelete = preg_replace('/^[\\/]/', '', $rel_filetodelete);
if (is_object($db) && $indexdatabase) // $db may not be defined when lib is in a context with define('NOREQUIREDB',1)
{
$rel_filetodelete = preg_replace('/^[\\/]/', '', $rel_filetodelete);
$rel_filetodelete = preg_replace('/\.noexe$/', '', $rel_filetodelete);
dol_syslog("Try to remove also entries in database for full relative path = ".$rel_filetodelete, LOG_DEBUG);
include_once DOL_DOCUMENT_ROOT.'/ecm/class/ecmfiles.class.php';
$ecmfile = new EcmFiles($db);
@ -1527,6 +1531,7 @@ function dol_add_file_process($upload_dir, $allowoverwrite = 0, $donotupdatesess
if (!empty($_FILES[$varfiles])) // For view $_FILES[$varfiles]['error']
{
dol_syslog('dol_add_file_process upload_dir='.$upload_dir.' allowoverwrite='.$allowoverwrite.' donotupdatesession='.$donotupdatesession.' savingdocmask='.$savingdocmask, LOG_DEBUG);
if (dol_mkdir($upload_dir) >= 0)
{
$TFile = $_FILES[$varfiles];
@ -1552,6 +1557,13 @@ function dol_add_file_process($upload_dir, $allowoverwrite = 0, $donotupdatesess
$destfile=preg_replace('/__file__/', $TFile['name'][$i], $savingdocmask);
}
$filenameto = basename($destfile);
if (preg_match('/^\./', $filenameto)) {
$langs->load("errors"); // key must be loaded because we can't rely on loading during output, we need var substitution to be done now.
setEventMessages($langs->trans("ErrorFilenameCantStartWithDot", $filenameto), null, 'errors');
break;
}
// dol_sanitizeFileName the file name and lowercase extension
$info = pathinfo($destfull);
$destfull = $info['dirname'].'/'.dol_sanitizeFileName($info['filename'].($info['extension']!='' ? ('.'.strtolower($info['extension'])) : ''));
@ -1564,6 +1576,7 @@ function dol_add_file_process($upload_dir, $allowoverwrite = 0, $donotupdatesess
$destfile = dol_string_nohtmltag($destfile);
$destfull = dol_string_nohtmltag($destfull);
// Move file from temp directory to final directory. A .noexe may also be appended on file name.
$resupload = dol_move_uploaded_file($TFile['tmp_name'][$i], $destfull, $allowoverwrite, 0, $TFile['error'][$i], 0, $varfiles);
if (is_numeric($resupload) && $resupload > 0) // $resupload can be 'ErrorFileAlreadyExists'
@ -1600,10 +1613,10 @@ function dol_add_file_process($upload_dir, $allowoverwrite = 0, $donotupdatesess
// Update table of files
if ($donotupdatesession == 1)
{
$result = addFileIntoDatabaseIndex($upload_dir, basename($destfile), $TFile['name'][$i], 'uploaded', 0);
$result = addFileIntoDatabaseIndex($upload_dir, basename($destfile).($resupload == 2 ? '.noexe' : ''), $TFile['name'][$i], 'uploaded', 0);
if ($result < 0)
{
setEventMessages('FailedToAddFileIntoDatabaseIndex', '', 'warnings');
setEventMessages('WarningFailedToAddFileIntoDatabaseIndex', '', 'warnings');
}
}
@ -1714,7 +1727,7 @@ function dol_remove_file_process($filenb, $donotupdatesession = 0, $donotdeletef
* See also commonGenerateDocument that also add/update database index when a file is generated.
*
* @param string $dir Directory name (full real path without ending /)
* @param string $file File name
* @param string $file File name (May end with '.noexe')
* @param string $fullpathorig Full path of origin for file (can be '')
* @param string $mode How file was created ('uploaded', 'generated', ...)
* @param int $setsharekey Set also the share key
@ -1730,7 +1743,7 @@ function addFileIntoDatabaseIndex($dir, $file, $fullpathorig = '', $mode = 'uplo
if (!preg_match('/[\\/]temp[\\/]|[\\/]thumbs|\.meta$/', $rel_dir)) // If not a tmp dir
{
$filename = basename($file);
$filename = basename(preg_replace('/\.noexe$/', '', $file));
$rel_dir = preg_replace('/[\\/]$/', '', $rel_dir);
$rel_dir = preg_replace('/^[\\/]/', '', $rel_dir);

5
htdocs/core/lib/functions.lib.php
View File

@ -8562,15 +8562,16 @@ function dolGetButtonTitle($label, $helpText = '', $iconClass = 'fa fa-file', $u
/**
* Return if a file can contains executable content
*
* @param string $filename File NamedRange
* @param string $filename File name to test
* @return boolean True if yes, False if no
*/
function isAFileWithExecutableContent($filename)
{
if (preg_match('/\.(htm|html|js|php|php\d+|phtml|pl|py|cgi|ksh|sh|bash|bat|cmd|wpk|exe|dmg)$/i', $filename))
if (preg_match('/\.(htm|html|js|phar|php|php\d+|phtml|pht|pl|py|cgi|ksh|sh|shtml|bash|bat|cmd|wpk|exe|dmg)$/i', $filename))
{
return true;
}
return false;
}

13
htdocs/core/lib/security.lib.php
View File

@ -277,9 +277,12 @@ function restrictedArea($user, $features, $objectid = 0, $tableandshare = '', $f
if (!$readok) accessforbidden();
//print "Read access is ok";
// Check write permission from module (we need to know write permission to create but also to delete drafts record)
// Check write permission from module (we need to know write permission to create but also to delete drafts record or to upload files)
$createok = 1; $nbko = 0;
if (GETPOST('action', 'aZ09') == 'create' || GETPOST('action', 'aZ09') == 'update' || ((GETPOST("action", "aZ09") == 'confirm_delete' && GETPOST("confirm", "aZ09") == 'yes') || GETPOST("action", "aZ09") == 'delete'))
$wemustcheckpermissionforcreate = (GETPOST('sendit', 'alpha') || GETPOST('linkit', 'alpha') || GETPOST('action', 'aZ09') == 'create' || GETPOST('action', 'aZ09') == 'update');
$wemustcheckpermissionfordeletedraft = ((GETPOST("action", "aZ09") == 'confirm_delete' && GETPOST("confirm", "aZ09") == 'yes') || GETPOST("action", "aZ09") == 'delete');
if ($wemustcheckpermissionforcreate || $wemustcheckpermissionfordeletedraft)
{
foreach ($featuresarray as $feature)
{
@ -306,6 +309,10 @@ function restrictedArea($user, $features, $objectid = 0, $tableandshare = '', $f
elseif ($feature == 'cheque')
{
if (!$user->rights->banque->cheque) { $createok = 0; $nbko++; }
} elseif ($feature == 'import') {
if (!$user->rights->import->run) { $createok = 0; $nbko++; }
} elseif ($feature == 'ecm') {
if (!$user->rights->ecm->upload) { $createok = 0; $nbko++; }
}
elseif (!empty($feature2)) // This is for permissions on one level
{
@ -341,7 +348,7 @@ function restrictedArea($user, $features, $objectid = 0, $tableandshare = '', $f
// If a or and at least one ok
if (preg_match('/\|/', $features) && $nbko < count($featuresarray)) $createok = 1;
if ((GETPOST('action', 'aZ09') == 'create' || GETPOST('action', 'aZ09') == 'update') && !$createok) accessforbidden();
if ($wemustcheckpermissionforcreate && !$createok) accessforbidden();
//print "Write access is ok";
}

2
htdocs/core/lib/ticket.lib.php
View File

@ -427,7 +427,7 @@ function show_ticket_messaging($conf, $langs, $db, $filterobj, $objcon = '', $no
$langs->load("mails");
$sql2 = "SELECT m.rowid as id, m.titre as label, mc.date_envoi as dp, mc.date_envoi as dp2, '100' as percent, 'mailing' as type";
$sql2 .= ", '' as fk_element, '' as elementtype, '' as contact_id";
$sql2 .= ", null as fk_element, '' as elementtype, null as contact_id";
$sql2 .= ", 'AC_EMAILING' as acode, '' as alabel, '' as apicto";
$sql2 .= ", u.rowid as user_id, u.login as user_login, u.photo as user_photo, u.firstname as user_firstname, u.lastname as user_lastname"; // User that valid action
if (is_object($filterobj) && get_class($filterobj) == 'Societe') $sql2 .= ", '' as lastname, '' as firstname";

2
htdocs/core/modules/facture/doc/pdf_crabe.modules.php
View File

@ -1275,7 +1275,7 @@ class pdf_crabe extends ModelePDFFactures
$pdf->MultiCell($col2x - $col1x, $tab2_hl, $totalvat, 0, 'L', 1);
$pdf->SetXY($col2x, $tab2_top + $tab2_hl * $index);
$pdf->MultiCell($largcol2, $tab2_hl, price($tvaval, 0, $outputlangs), 0, 'R', 1);
$pdf->MultiCell($largcol2, $tab2_hl, price(price2num($tvaval, 'MT'), 0, $outputlangs), 0, 'R', 1);
}
}

2
htdocs/core/modules/modContrat.class.php
View File

@ -214,7 +214,7 @@ class modContrat extends DolibarrModules
*/
public function init($options = '')
{
global $conf;
global $conf, $langs;
// Nettoyage avant activation
$this->remove($options);

24
htdocs/core/modules/modFournisseur.class.php
View File

@ -297,6 +297,14 @@ class modFournisseur extends DolibarrModules
'p.ref'=>'ProductRef','p.label'=>'ProductLabel','p.accountancy_code_buy'=>'ProductAccountancyBuyCode','project.rowid'=>'ProjectId',
'project.ref'=>'ProjectRef','project.title'=>'ProjectLabel'
);
if (! empty($conf->multicurrency->enabled))
{
$this->export_fields_array[$r]['f.multicurrency_code'] = 'Currency';
$this->export_fields_array[$r]['f.multicurrency_tx'] = 'CurrencyRate';
$this->export_fields_array[$r]['f.multicurrency_total_ht'] = 'MulticurrencyAmountHT';
$this->export_fields_array[$r]['f.multicurrency_total_tva'] = 'MulticurrencyAmountVAT';
$this->export_fields_array[$r]['f.multicurrency_total_ttc'] = 'MulticurrencyAmountTTC';
}
//$this->export_TypeFields_array[$r]=array(
// 's.rowid'=>"List:societe:CompanyName",'s.nom'=>'Text','s.address'=>'Text','s.zip'=>'Text','s.town'=>'Text','c.code'=>'Text','s.phone'=>'Text','s.siren'=>'Text','s.siret'=>'Text',
// 's.ape'=>'Text','s.idprof4'=>'Text','s.tva_intra'=>'Text','f.ref'=>"Text",'f.datec'=>"Date",'f.datef'=>"Date",'f.total_ht'=>"Numeric",'f.total_ttc'=>"Numeric",'f.total_tva'=>"Numeric",
@ -423,6 +431,14 @@ class modFournisseur extends DolibarrModules
'f.fk_statut'=>'InvoiceStatus','f.note_public'=>"InvoiceNote",'p.rowid'=>'PaymentId','pf.amount'=>'AmountPayment',
'p.datep'=>'DatePayment','p.num_paiement'=>'PaymentNumber','p.fk_bank'=>'IdTransaction','project.rowid'=>'ProjectId','project.ref'=>'ProjectRef','project.title'=>'ProjectLabel'
);
if (! empty($conf->multicurrency->enabled))
{
$this->export_fields_array[$r]['f.multicurrency_code'] = 'Currency';
$this->export_fields_array[$r]['f.multicurrency_tx'] = 'CurrencyRate';
$this->export_fields_array[$r]['f.multicurrency_total_ht'] = 'MulticurrencyAmountHT';
$this->export_fields_array[$r]['f.multicurrency_total_tva'] = 'MulticurrencyAmountVAT';
$this->export_fields_array[$r]['f.multicurrency_total_ttc'] = 'MulticurrencyAmountTTC';
}
//$this->export_TypeFields_array[$r]=array(
// 's.rowid'=>"List:societe:CompanyName",'s.nom'=>'Text','s.address'=>'Text','s.zip'=>'Text','s.town'=>'Text','c.code'=>'Text','s.phone'=>'Text',
// 's.siren'=>'Text','s.siret'=>'Text','s.ape'=>'Text','s.idprof4'=>'Text','s.tva_intra'=>'Text','f.ref'=>"Text",'f.datec'=>"Date",'f.datef'=>"Date",
@ -508,6 +524,14 @@ class modFournisseur extends DolibarrModules
'fd.total_tva'=>"LineTotalVAT",'fd.product_type'=>'TypeOfLineServiceOrProduct','fd.ref'=>'RefSupplier','fd.fk_product'=>'ProductId',
'p.ref'=>'ProductRef','p.label'=>'ProductLabel','project.rowid'=>'ProjectId','project.ref'=>'ProjectRef','project.title'=>'ProjectLabel'
);
if (! empty($conf->multicurrency->enabled))
{
$this->export_fields_array[$r]['f.multicurrency_code'] = 'Currency';
$this->export_fields_array[$r]['f.multicurrency_tx'] = 'CurrencyRate';
$this->export_fields_array[$r]['f.multicurrency_total_ht'] = 'MulticurrencyAmountHT';
$this->export_fields_array[$r]['f.multicurrency_total_tva'] = 'MulticurrencyAmountVAT';
$this->export_fields_array[$r]['f.multicurrency_total_ttc'] = 'MulticurrencyAmountTTC';
}
if (empty($conf->global->SUPPLIER_ORDER_3_STEPS_TO_BE_APPROVED))
{
unset($this->export_fields_array['f.date_approve2']);

4
htdocs/core/tpl/filemanager.tpl.php
View File

@ -178,7 +178,7 @@ if (empty($action) || $action == 'editfile' || $action == 'file_manager' || preg
print '</td></tr>';
}
else // Show filtree when ajax is disabled (rare)
else // Show file tree when ajax is disabled (rare)
{
print '<tr><td style="padding-left: 20px">';
@ -212,7 +212,7 @@ if (empty($action) || $action == 'editfile' || $action == 'file_manager' || preg
<div class="pane-in ecm-in-layout-center">
<div id="ecmfileview" class="ecmfileview">
<?php
// Start right panel
// Start right panel - List of content of a directory
$mode='noajax';

36
htdocs/ecm/class/ecmfiles.class.php
View File

@ -138,7 +138,7 @@ class EcmFiles extends CommonObject
$this->entity = trim($this->entity);
}
if (isset($this->filename)) {
$this->filename = trim($this->filename);
$this->filename = preg_replace('/\.noexe$/', '', trim($this->filename));
}
if (isset($this->filepath)) {
$this->filepath = trim($this->filepath);
@ -346,12 +346,13 @@ class EcmFiles extends CommonObject
$sql .= " t.src_object_id";
$sql .= ' FROM ' . MAIN_DB_PREFIX . $this->table_element . ' as t';
$sql.= ' WHERE 1 = 1';
/* Fetching this table depends on filepath+filename, it must not depends on entity
/* Fetching this table depends on filepath+filename, it must not depends on entity because filesystem on disk does not know what is Dolibarr entities
if (! empty($conf->multicompany->enabled)) {
$sql .= " AND entity IN (" . getEntity('ecmfiles') . ")";
}*/
if ($relativepath) {
$sql .= " AND t.filepath = '" . $this->db->escape(dirname($relativepath)) . "' AND t.filename = '".$this->db->escape(basename($relativepath))."'";
$relativepathwithnoexe = preg_replace('/\.noexe$/', '', $relativepath); // We must never have the .noexe into the database
$sql .= " AND t.filepath = '" . $this->db->escape(dirname($relativepath)) . "' AND t.filename = '".$this->db->escape(basename($relativepathwithnoexe))."'";
$sql .= " AND t.entity = ".$conf->entity; // unique key include the entity so each company has its own index
}
elseif (! empty($ref)) { // hash of file path
@ -552,46 +553,47 @@ class EcmFiles extends CommonObject
// Clean parameters
if (isset($this->ref)) {
$this->ref = trim($this->ref);
$this->ref = trim($this->ref);
}
if (isset($this->label)) {
$this->label = trim($this->label);
$this->label = trim($this->label);
}
if (isset($this->share)) {
$this->share = trim($this->share);
$this->share = trim($this->share);
}
if (isset($this->entity)) {
$this->entity = trim($this->entity);
$this->entity = trim($this->entity);
}
if (isset($this->filename)) {
$this->filename = trim($this->filename);
$this->filename = preg_replace('/\.noexe$/', '', trim($this->filename));
}
if (isset($this->filepath)) {
$this->filepath = trim($this->filepath);
$this->filepath = trim($this->filepath);
$this->filepath = preg_replace('/[\\/]+$/', '', $this->filepath); // Remove last /
}
if (isset($this->fullpath_orig)) {
$this->fullpath_orig = trim($this->fullpath_orig);
$this->fullpath_orig = trim($this->fullpath_orig);
}
if (isset($this->description)) {
$this->description = trim($this->description);
$this->description = trim($this->description);
}
if (isset($this->keywords)) {
$this->keywords = trim($this->keywords);
$this->keywords = trim($this->keywords);
}
if (isset($this->cover)) {
$this->cover = trim($this->cover);
$this->cover = trim($this->cover);
}
if (isset($this->gen_or_uploaded)) {
$this->gen_or_uploaded = trim($this->gen_or_uploaded);
$this->gen_or_uploaded = trim($this->gen_or_uploaded);
}
if (isset($this->extraparams)) {
$this->extraparams = trim($this->extraparams);
$this->extraparams = trim($this->extraparams);
}
if (isset($this->fk_user_m)) {
$this->fk_user_m = trim($this->fk_user_m);
$this->fk_user_m = trim($this->fk_user_m);
}
if (isset($this->acl)) {
$this->acl = trim($this->acl);
$this->acl = trim($this->acl);
}
if (isset($this->src_object_type)) {
$this->src_object_type = trim($this->src_object_type);

26
htdocs/ecm/file_card.php
View File

@ -139,6 +139,12 @@ if ($action == 'update')
$oldfile = $olddir.$oldlabel;
$newfile = $newdir.$newlabel;
$newfileformove = $newfile;
// If old file end with .noexe, new file must also end with .noexe
if (preg_match('/\.noexe$/', $oldfile) && ! preg_match('/\.noexe$/', $newfileformove)) {
$newfileformove .= '.noexe';
}
//var_dump($oldfile);var_dump($newfile);exit;
// Now we update index of file
$db->begin();
@ -146,7 +152,7 @@ if ($action == 'update')
//print $oldfile.' - '.$newfile;
if ($newlabel != $oldlabel)
{
$result = dol_move($oldfile, $newfile); // This include update of database
$result = dol_move($oldfile, $newfileformove); // This include update of database
if (!$result)
{
$langs->load('errors');
@ -190,7 +196,7 @@ if ($action == 'update')
$object->entity = $conf->entity;
$object->filepath = preg_replace('/[\\/]+$/', '', $newdirrelativetodocument);
$object->filename = $newlabel;
$object->label = md5_file(dol_osencode($newfile)); // hash of file content
$object->label = md5_file(dol_osencode($newfileformove)); // hash of file content
$object->fullpath_orig = '';
$object->gen_or_uploaded = 'unknown';
$object->description = ''; // indexed content
@ -208,6 +214,11 @@ if ($action == 'update')
$db->commit();
$urlfile = $newlabel;
// If old file end with .noexe, new file must also end with .noexe
if (preg_match('/\.noexe$/', $newfileformove)) {
$urlfile .= '.noexe';
}
header('Location: '.$_SERVER["PHP_SELF"].'?urlfile='.urlencode($urlfile).'&section='.urlencode($section));
exit;
}
@ -264,9 +275,13 @@ while ($tmpecmdir && $result > 0)
$i++;
}
$urlfiletoshow = preg_replace('/\.noexe$/', '', $urlfile);
$s = img_picto('', 'object_dir').' <a href="'.DOL_URL_ROOT.'/ecm/index.php">'.$langs->trans("ECMRoot").'</a> -> '.$s.' -> ';
if ($action == 'edit') $s .= '<input type="text" name="label" class="quatrevingtpercent" value="'.$urlfile.'">';
else $s .= $urlfile;
if ($action == 'edit') $s .= '<input type="text" name="label" class="quatrevingtpercent" value="'.$urlfiletoshow.'">';
else $s .= $urlfiletoshow;
$morehtml = '';
$object->ref = ''; // Force to hide ref
dol_banner_tab($object, '', $morehtml, 0, '', '', $s);
@ -289,10 +304,9 @@ print dol_print_size($totalsize);
print '</td></tr>';
*/
// Hash of file content
print '<tr><td>'.$langs->trans("HashOfFileContent").'</td><td>';
$object = new EcmFiles($db);
//$filenametosearch=basename($filepath);
//$filedirtosearch=basedir($filepath);
$object->fetch(0, '', $filepathtodocument);
if (!empty($object->label))
{

6
htdocs/ecm/index.php
View File

@ -124,15 +124,17 @@ if ($action == 'confirm_deletefile')
if (GETPOST('confirm') == 'yes')
{
// GETPOST('urlfile','alpha') is full relative URL from ecm root dir. Contains path of all sections.
//var_dump(GETPOST('urlfile'));exit;
$upload_dir = $conf->ecm->dir_output.($relativepath?'/'.$relativepath:'');
$file = $upload_dir . "/" . GETPOST('urlfile', 'alpha');
//var_dump($file);exit;
$ret=dol_delete_file($file); // This include also the delete from file index in database.
if ($ret)
{
setEventMessages($langs->trans("FileWasRemoved", GETPOST('urlfile', 'alpha')), null, 'mesgs');
$urlfiletoshow = GETPOST('urlfile', 'alpha');
$urlfiletoshow = preg_replace('/\.noexe$/', '', $urlfiletoshow);
setEventMessages($langs->trans("FileWasRemoved", $urlfiletoshow), null, 'mesgs');
$result=$ecmdir->changeNbOfFiles('-');
}
else

18
htdocs/expensereport/class/expensereport.class.php
View File

@ -2318,7 +2318,7 @@ class ExpenseReport extends CommonObject
public function load_state_board()
{
// phpcs:enable
global $conf;
global $conf, $user;
$this->nb = array();
@ -2326,6 +2326,12 @@ class ExpenseReport extends CommonObject
$sql .= " FROM ".MAIN_DB_PREFIX."expensereport as ex";
$sql .= " WHERE ex.fk_statut > 0";
$sql .= " AND ex.entity IN (".getEntity('expensereport').")";
if (empty($user->rights->expensereport->readall))
{
$userchildids = $user->getAllChildIds(1);
$sql .= " AND (ex.fk_user_author IN (".join(',', $userchildids).")";
$sql .= " OR ex.fk_user_validator IN (".join(',', $userchildids)."))";
}
$resql = $this->db->query($sql);
if ($resql) {
@ -2360,15 +2366,17 @@ class ExpenseReport extends CommonObject
$now = dol_now();
$userchildids = $user->getAllChildIds(1);
$sql = "SELECT ex.rowid, ex.date_valid";
$sql .= " FROM ".MAIN_DB_PREFIX."expensereport as ex";
if ($option == 'toapprove') $sql .= " WHERE ex.fk_statut = 2";
else $sql .= " WHERE ex.fk_statut = 5";
$sql .= " AND ex.entity IN (".getEntity('expensereport').")";
$sql .= " AND (ex.fk_user_author IN (".join(',', $userchildids).")";
$sql .= " OR ex.fk_user_validator IN (".join(',', $userchildids)."))";
if (empty($user->rights->expensereport->readall))
{
$userchildids = $user->getAllChildIds(1);
$sql .= " AND (ex.fk_user_author IN (".join(',', $userchildids).")";
$sql .= " OR ex.fk_user_validator IN (".join(',', $userchildids)."))";
}
$resql = $this->db->query($sql);
if ($resql)

6
htdocs/fichinter/list.php
View File

@ -75,8 +75,6 @@ $pagenext = $page + 1;
if (!$sortorder) $sortorder = "DESC";
if (!$sortfield)
{
//if (empty($conf->global->FICHINTER_DISABLE_DETAILS)) $sortfield="fd.date";
//else
$sortfield = "f.ref";
}
@ -203,7 +201,7 @@ foreach ($arrayfields as $tmpkey => $tmpval)
$sql = "SELECT";
$sql .= " f.ref, f.rowid, f.fk_statut, f.description, f.datec as date_creation, f.tms as date_update, f.note_private,";
if (empty($conf->global->FICHINTER_DISABLE_DETAILS) && $atleastonefieldinlines) $sql .= "fd.rowid as lineid, fd.description as descriptiondetail, fd.date as dp, fd.duree,";
if (empty($conf->global->FICHINTER_DISABLE_DETAILS) && $atleastonefieldinlines) $sql .= " fd.rowid as lineid, fd.description as descriptiondetail, fd.date as dp, fd.duree,";
$sql .= " s.nom as name, s.rowid as socid, s.client";
if (!empty($conf->projet->enabled)) {
$sql .= ", pr.rowid as projet_id, pr.ref as projet_ref, pr.title as projet_title";
@ -245,7 +243,7 @@ if ($search_contrat_ref) {
$sql .= natural_search('c.ref', $search_contrat_ref);
}
if ($search_desc) {
if (empty($conf->global->FICHINTER_DISABLE_DETAILS)) $sql .= natural_search(array('f.description', 'fd.description'), $search_desc);
if (empty($conf->global->FICHINTER_DISABLE_DETAILS) && $atleastonefieldinlines) $sql .= natural_search(array('f.description', 'fd.description'), $search_desc);
else $sql .= natural_search(array('f.description'), $search_desc);
}
if ($search_status != '' && $search_status >= 0) {

2
htdocs/filefunc.inc.php
View File

@ -31,7 +31,7 @@
*/
if (! defined('DOL_APPLICATION_TITLE')) define('DOL_APPLICATION_TITLE', 'Dolibarr');
if (! defined('DOL_VERSION')) define('DOL_VERSION', '11.0.4'); // a.b.c-alpha, a.b.c-beta, a.b.c-rcX or a.b.c
if (! defined('DOL_VERSION')) define('DOL_VERSION', '11.0.5'); // a.b.c-alpha, a.b.c-beta, a.b.c-rcX or a.b.c
if (! defined('EURO')) define('EURO', chr(128));

5
htdocs/fourn/class/fournisseur.commande.class.php
View File

@ -330,7 +330,7 @@ class CommandeFournisseur extends CommonOrder
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."c_paiement as p ON c.fk_mode_reglement = p.id";
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."c_input_method as cm ON cm.rowid = c.fk_input_method";
$sql .= ' LEFT JOIN '.MAIN_DB_PREFIX.'c_incoterms as i ON c.fk_incoterms = i.rowid';
$sql .= " WHERE c.entity = ".$conf->entity;
$sql .= " WHERE c.entity IN (".getEntity('supplier_order').")";
if ($ref) $sql .= " AND c.ref='".$this->db->escape($ref)."'";
else $sql .= " AND c.rowid=".$id;
@ -892,6 +892,7 @@ class CommandeFournisseur extends CommonOrder
$sql = 'UPDATE '.MAIN_DB_PREFIX.'commande_fournisseur SET billed = 1';
$sql .= ' WHERE rowid = '.$this->id.' AND fk_statut > '.self::STATUS_DRAFT;
if ($this->db->query($sql))
{
if (!$error)
@ -1881,7 +1882,6 @@ class CommandeFournisseur extends CommonOrder
if ($result < 0)
{
$error++;
return -1;
}
// End call triggers
}
@ -1989,6 +1989,7 @@ class CommandeFournisseur extends CommonOrder
{
$this->errors[] = 'ErrorWhenRunningTrigger';
dol_syslog(get_class($this)."::delete ".$this->error, LOG_ERR);
$this->db->rollback();
return -1;
}
// End call triggers

37
htdocs/fourn/class/paiementfourn.class.php
View File

@ -89,7 +89,7 @@ class PaiementFourn extends Paiement
{
$error=0;
$sql = 'SELECT p.rowid, p.ref, p.entity, p.datep as dp, p.amount, p.statut, p.fk_bank,';
$sql = 'SELECT p.rowid, p.ref, p.entity, p.datep as dp, p.amount, p.statut, p.fk_bank, p.multicurrency_amount,';
$sql.= ' c.code as paiement_code, c.libelle as paiement_type,';
$sql.= ' p.num_paiement as num_payment, p.note, b.fk_account';
$sql.= ' FROM '.MAIN_DB_PREFIX.'paiementfourn as p';
@ -111,23 +111,24 @@ class PaiementFourn extends Paiement
if ($num > 0)
{
$obj = $this->db->fetch_object($resql);
$this->id = $obj->rowid;
$this->ref = $obj->ref;
$this->entity = $obj->entity;
$this->date = $this->db->jdate($obj->dp);
$this->datepaye = $this->db->jdate($obj->dp);
$this->num_paiement = $obj->num_payment;
$this->num_payment = $obj->num_payment;
$this->bank_account = $obj->fk_account;
$this->fk_account = $obj->fk_account;
$this->bank_line = $obj->fk_bank;
$this->montant = $obj->amount;
$this->amount = $obj->amount;
$this->note = $obj->note;
$this->note_private = $obj->note;
$this->type_code = $obj->paiement_code;
$this->type_label = $obj->paiement_type;
$this->statut = $obj->statut;
$this->id = $obj->rowid;
$this->ref = $obj->ref;
$this->entity = $obj->entity;
$this->date = $this->db->jdate($obj->dp);
$this->datepaye = $this->db->jdate($obj->dp);
$this->num_paiement = $obj->num_payment;
$this->num_payment = $obj->num_payment;
$this->bank_account = $obj->fk_account;
$this->fk_account = $obj->fk_account;
$this->bank_line = $obj->fk_bank;
$this->montant = $obj->amount;
$this->amount = $obj->amount;
$this->multicurrency_amount = $obj->multicurrency_amount;
$this->note = $obj->note;
$this->note_private = $obj->note;
$this->type_code = $obj->paiement_code;
$this->type_label = $obj->paiement_type;
$this->statut = $obj->statut;
$error = 1;
}
else

1
htdocs/fourn/facture/card.php
View File

@ -44,6 +44,7 @@ require_once DOL_DOCUMENT_ROOT.'/core/lib/files.lib.php';
require_once DOL_DOCUMENT_ROOT.'/core/class/doleditor.class.php';
if (!empty($conf->product->enabled)) {
require_once DOL_DOCUMENT_ROOT.'/product/class/product.class.php';
require_once DOL_DOCUMENT_ROOT.'/core/lib/product.lib.php';
}
if (!empty($conf->projet->enabled)) {
require_once DOL_DOCUMENT_ROOT.'/projet/class/project.class.php';

18
htdocs/holiday/class/holiday.class.php
View File

@ -2173,12 +2173,20 @@ class Holiday extends CommonObject
public function load_state_board()
{
// phpcs:enable
global $user;
$this->nb = array();
$sql = "SELECT count(h.rowid) as nb";
$sql .= " FROM ".MAIN_DB_PREFIX."holiday as h";
$sql .= " WHERE h.statut > 1";
$sql .= " AND h.entity IN (".getEntity('holiday').")";
if (empty($user->rights->expensereport->read_all))
{
$userchildids = $user->getAllChildIds(1);
$sql.= " AND (h.fk_user IN (".join(',', $userchildids).")";
$sql.= " OR h.fk_validator IN (".join(',', $userchildids)."))";
}
$resql = $this->db->query($sql);
if ($resql) {
@ -2212,14 +2220,16 @@ class Holiday extends CommonObject
$now=dol_now();
$userchildids = $user->getAllChildIds(1);
$sql = "SELECT h.rowid, h.date_debut";
$sql.= " FROM ".MAIN_DB_PREFIX."holiday as h";
$sql.= " WHERE h.statut = 2";
$sql.= " AND h.entity IN (".getEntity('holiday').")";
$sql.= " AND (h.fk_user IN (".join(',', $userchildids).")";
$sql.= " OR h.fk_validator IN (".join(',', $userchildids)."))";
if(!$user->rights->expensereport->read_all)
{
$userchildids = $user->getAllChildIds(1);
$sql.= " AND (h.fk_user IN (".join(',', $userchildids).")";
$sql.= " OR h.fk_validator IN (".join(',', $userchildids)."))";
}
$resql=$this->db->query($sql);
if ($resql)

2
htdocs/index.php
View File

@ -322,7 +322,7 @@ if (empty($user->socid) && empty($conf->global->MAIN_DISABLE_GLOBAL_BOXSTATS))
include_once $includes[$key]; // Loading a class cost around 1Mb
$board = new $classe($db);
$board->load_state_board($user);
$board->load_state_board();
$boardloaded[$classe] = $board;
}
else

6
htdocs/install/mysql/migration/repair.sql
View File

@ -495,7 +495,7 @@ UPDATE llx_accounting_bookkeeping set date_creation = tms where date_creation IS
UPDATE llx_facturedet SET situation_percent = 100 WHERE situation_percent IS NULL AND fk_prev_id IS NULL;
-- Test inconsistency of data into situation invoices: If it differs, it may be the total_ht that is wrong and situation_percent that is good.
-- select f.rowid, f.type, qty, subprice, situation_percent, total_ht, total_ttc, total_tva, multicurrency_total_ht, multicurrency_total_tva, multicurrency_total_ttc, (situation_percent / 100 * subprice * qty * (1 - (fd.remise_percent / 100)))
-- select f.rowid, f.type, fd.qty, fd.subprice, fd.situation_percent, fd.total_ht, fd.total_ttc, fd.total_tva, fd.multicurrency_total_ht, fd.multicurrency_total_tva, fd.multicurrency_total_ttc, (situation_percent / 100 * subprice * qty * (1 - (fd.remise_percent / 100)))
-- from llx_facturedet as fd, llx_facture as f where fd.fk_facture = f.rowid AND (total_ht - situation_percent / 100 * subprice * qty * (1 - (fd.remise_percent / 100))) > 0.01 and f.type = 5;
@ -519,3 +519,7 @@ UPDATE llx_facturedet SET situation_percent = 100 WHERE situation_percent IS NUL
-- update llx_societe set code_compta_fournisseur = concat('401', substr(code_fournisseur, 3, 2),substr(code_fournisseur, 8, 5)) where fournisseur in (1,2,3) and code_fournisseur is not null;
-- To fix a table with error 'ERROR 1118 (42000): Row size too large. The maximum row size for the used table type, not counting BLOBs, is 8126. This includes storage overhead, check the manual. You have to change some columns to TEXT or BLOBs'
--ALTER TABLE llx_tablename ROW_FORMAT=DYNAMIC;

4
htdocs/langs/en_US/admin.lang
View File

@ -1828,6 +1828,7 @@ MailToThirdparty=Third parties
MailToMember=Members
MailToUser=Users
MailToProject=Projects page
MailToTicket=Tickets
ByDefaultInList=Show by default on list view
YouUseLastStableVersion=You use the latest stable version
TitleExampleForMajorRelease=Example of message you can use to announce this major release (feel free to use it on your web sites)
@ -1977,4 +1978,5 @@ MakeAnonymousPing=Make an anonymous Ping '+1' to the Dolibarr foundation server
FeatureNotAvailableWithReceptionModule=Feature not available when module Reception is enabled
EmailTemplate=Template for email
EMailsWillHaveMessageID=Emails will have a tag 'References' matching this syntax
FafaIconSocialNetworksDesc=Enter here the code of a FontAwesome icon. If you don't know what is FontAwesome, you can use the generic value fa-address-book.
FafaIconSocialNetworksDesc=Enter here the code of a FontAwesome icon. If you don't know what is FontAwesome, you can use the generic value fa-address-book.
FeatureNotAvailableWithReceptionModule=Feature not available when module Reception is enabled

4
htdocs/langs/en_US/errors.lang
View File

@ -118,7 +118,7 @@ ErrorLoginHasNoEmail=This user has no email address. Process aborted.
ErrorBadValueForCode=Bad value for security code. Try again with new value...
ErrorBothFieldCantBeNegative=Fields %s and %s can't be both negative
ErrorFieldCantBeNegativeOnInvoice=Field <strong>%s</strong> cannot be negative on this type of invoice. If you need to add a discount line, just create the discount first (from field '%s' in thirdparty card) and apply it to the invoice.
ErrorLinesCantBeNegativeForOneVATRate=Total of lines can't be negative for a given VAT rate.
ErrorLinesCantBeNegativeForOneVATRate=Total of lines (net of tax) can't be negative for a given not null VAT rate (Found a negative total for VAT rate <b>%s</b>%%).
ErrorLinesCantBeNegativeOnDeposits=Lines can't be negative in a deposit. You will face problems when you will need to consume the deposit in final invoice if you do so.
ErrorQtyForCustomerInvoiceCantBeNegative=Quantity for line into customer invoices can't be negative
ErrorWebServerUserHasNotPermission=User account <b>%s</b> used to execute web server has no permission for that
@ -182,6 +182,7 @@ ErrorBadDefinitionOfMenuArrayInModuleDescriptor=Bad Definition Of Menu Array In
ErrorSavingChanges=An error has occurred when saving the changes
ErrorWarehouseRequiredIntoShipmentLine=Warehouse is required on the line to ship
ErrorFileMustHaveFormat=File must have format %s
ErrorFilenameCantStartWithDot=Filename can't start with a '.'
ErrorSupplierCountryIsNotDefined=Country for this vendor is not defined. Correct this first.
ErrorsThirdpartyMerge=Failed to merge the two records. Request canceled.
ErrorStockIsNotEnoughToAddProductOnOrder=Stock is not enough for product %s to add it into a new order.
@ -255,3 +256,4 @@ WarningNumberOfRecipientIsRestrictedInMassAction=Warning, number of different re
WarningDateOfLineMustBeInExpenseReportRange=Warning, the date of line is not in the range of the expense report
WarningProjectClosed=Project is closed. You must re-open it first.
WarningSomeBankTransactionByChequeWereRemovedAfter=Some bank transaction were removed after that the receipt including them were generated. So nb of cheques and total of receipt may differ from number and total in list.
WarningFailedToAddFileIntoDatabaseIndex=Warnin, failed to add file entry into ECM database index table

3
htdocs/langs/en_US/main.lang
View File

@ -837,6 +837,7 @@ Sincerely=Sincerely
ConfirmDeleteObject=Are you sure you want to delete this object?
DeleteLine=Delete line
ConfirmDeleteLine=Are you sure you want to delete this line?
ErrorPDFTkOutputFileNotFound=Error: the file was not generated. Please check that the 'pdftk' command is installed in a directory included in the $PATH environment variable (linux/unix only) or contact your system administrator.
NoPDFAvailableForDocGenAmongChecked=No PDF were available for the document generation among checked record
TooManyRecordForMassAction=Too many records selected for mass action. The action is restricted to a list of %s records.
NoRecordSelected=No record selected
@ -1017,4 +1018,4 @@ ContactDefault_ticket=Ticket
ContactAddedAutomatically=Contact added from contact thirdparty roles
More=More
ShowDetails=Show details
CustomReports=Custom reports
CustomReports=Custom reports

2
htdocs/langs/en_US/receptions.lang
View File

@ -43,3 +43,5 @@ ProductQtyInSuppliersReceptionAlreadyRecevied=Product quantity from open supplie
ValidateOrderFirstBeforeReception=You must first validate the order before being able to make receptions.
ReceptionsNumberingModules=Numbering module for receptions
ReceptionsReceiptModel=Document templates for receptions
NoMorePredefinedProductToDispatch=No more predefined products to dispatch

2
htdocs/langs/fr_FR/errors.lang
View File

@ -119,7 +119,7 @@ ErrorLoginHasNoEmail=Cet utilisateur n'a pas d'email. Impossible de continuer.
ErrorBadValueForCode=Mauvaise valeur saisie pour le code. Réessayez avec une nouvelle valeur...
ErrorBothFieldCantBeNegative=Les champs %s et %s ne peuvent être tous deux négatifs
ErrorFieldCantBeNegativeOnInvoice=Le champ <strong> %s </strong> ne peut pas être négatif sur ce type de facture. Si vous devez ajouter une ligne de remise, créez d'abord la remise (à partir du champ '%s' dans la fiche du tiers) et appliquez-la à la facture.
ErrorLinesCantBeNegativeForOneVATRate=Le total des lignes ne peut pas être négatif pour un taux de TVA donné.
ErrorLinesCantBeNegativeForOneVATRate=Le total des lignes (HT) ne peut pas être négatif pour un taux de TVA donné (Montant total négatif trouvé pour le taux <b>%s</b>%%).
ErrorLinesCantBeNegativeOnDeposits=Les lignes ne peuvent pas être négatives dans un acompte. Si vous le faites, vous rencontrerez des problèmes lorsque vous devrez consommer l'acompte dans la facture finale.
ErrorQtyForCustomerInvoiceCantBeNegative=La quantité d'une ligne ne peut pas être négative dans les factures clients
ErrorWebServerUserHasNotPermission=Le compte d'exécution du serveur web <b>%s</b> n'a pas les permissions pour cela

14
htdocs/product/card.php
View File

@ -193,7 +193,7 @@ if (empty($reshook))
{
$error = 0;
if (!GETPOST('label'))
if (!GETPOST('label', 'alphanohtml'))
{
setEventMessages($langs->trans('ErrorFieldRequired', $langs->transnoentities('Label')), null, 'errors');
$action = "create";
@ -217,8 +217,8 @@ if (empty($reshook))
$units = GETPOST('units', 'int');
$object->ref = $ref;
$object->label = GETPOST('label');
$object->price_base_type = GETPOST('price_base_type');
$object->label = GETPOST('label', 'alphanohtml');
$object->price_base_type = GETPOST('price_base_type', 'aZ09');
if ($object->price_base_type == 'TTC')
$object->price_ttc = GETPOST('price');
@ -293,7 +293,7 @@ if (empty($reshook))
$object->url = GETPOST('url');
$object->note_private = dol_htmlcleanlastbr(GETPOST('note_private', 'none'));
$object->note = $object->note_private; // deprecated
$object->customcode = GETPOST('customcode', 'alpha');
$object->customcode = GETPOST('customcode', 'alphanohtml');
$object->country_id = GETPOST('country_id', 'int');
$object->duration_value = $duration_value;
$object->duration_unit = $duration_unit;
@ -394,7 +394,7 @@ if (empty($reshook))
$object->oldcopy = clone $object;
$object->ref = $ref;
$object->label = GETPOST('label');
$object->label = GETPOST('label', 'alphanohtml');
$object->description = dol_htmlcleanlastbr(GETPOST('desc', 'none'));
$object->url = GETPOST('url');
if (!empty($conf->global->MAIN_DISABLE_NOTES_TAB))
@ -975,7 +975,7 @@ else
print '<tr>';
$tmpcode = '';
if (!empty($modCodeProduct->code_auto)) $tmpcode = $modCodeProduct->getNextValue($object, $type);
print '<td class="titlefieldcreate fieldrequired">'.$langs->trans("Ref").'</td><td colspan="3"><input id="ref" name="ref" class="maxwidth200" maxlength="128" value="'.dol_escape_htmltag(GETPOST('ref') ?GETPOST('ref') : $tmpcode).'">';
print '<td class="titlefieldcreate fieldrequired">'.$langs->trans("Ref").'</td><td colspan="3"><input id="ref" name="ref" class="maxwidth200" maxlength="128" value="'.dol_escape_htmltag(GETPOSTISSET('ref') ? GETPOST('ref', 'alphanohtml') : $tmpcode).'">';
if ($refalreadyexists)
{
print $langs->trans("RefAlreadyExists");
@ -983,7 +983,7 @@ else
print '</td></tr>';
// Label
print '<tr><td class="fieldrequired">'.$langs->trans("Label").'</td><td colspan="3"><input name="label" class="minwidth300 maxwidth400onsmartphone" maxlength="255" value="'.dol_escape_htmltag(GETPOST('label')).'"></td></tr>';
print '<tr><td class="fieldrequired">'.$langs->trans("Label").'</td><td colspan="3"><input name="label" class="minwidth300 maxwidth400onsmartphone" maxlength="255" value="'.dol_escape_htmltag(GETPOST('label', 'alphanohtml')).'"></td></tr>';
// On sell
print '<tr><td class="fieldrequired">'.$langs->trans("Status").' ('.$langs->trans("Sell").')</td><td colspan="3">';

25
htdocs/product/class/html.formproduct.class.php
View File

@ -237,13 +237,14 @@ class FormProduct
*/
public function selectWarehouses($selected = '', $htmlname = 'idwarehouse', $filterstatus = '', $empty = 0, $disabled = 0, $fk_product = 0, $empty_label = '', $showstock = 0, $forcecombo = 0, $events = array(), $morecss = 'minwidth200', $exclude = '', $showfullpath = 1, $stockMin = false, $orderBy = 'e.ref')
{
global $conf,$langs,$user;
global $conf,$langs,$user, $hookmanager;
dol_syslog(get_class($this)."::selectWarehouses $selected, $htmlname, $filterstatus, $empty, $disabled, $fk_product, $empty_label, $showstock, $forcecombo, $morecss", LOG_DEBUG);
$out='';
if (empty($conf->global->ENTREPOT_EXTRA_STATUS)) $filterstatus = '';
if (!empty($fk_product)) $this->cache_warehouses = array();
$this->loadWarehouses($fk_product, '', $filterstatus, true, $exclude, $stockMin, $orderBy);
$nbofwarehouses=count($this->cache_warehouses);
@ -282,6 +283,28 @@ class FormProduct
$out.='</select>';
if ($disabled) $out.='<input type="hidden" name="'.$htmlname.'" value="'.(($selected>0)?$selected:'').'">';
$parameters = array(
'selected' => $selected,
'htmlname' => $htmlname,
'filterstatus' => $filterstatus,
'empty' => $empty,
'disabled ' => $disabled,
'fk_product' => $fk_product,
'empty_label' => $empty_label,
'showstock' => $showstock,
'forcecombo' => $forcecombo,
'events' => $events,
'morecss' => $morecss,
'exclude' => $exclude,
'showfullpath' => $showfullpath,
'stockMin' => $stockMin,
'orderBy' => $orderBy
);
$reshook = $hookmanager->executeHooks('selectWarehouses', $parameters, $this);
if ($reshook > 0) $out = $hookmanager->resPrint;
elseif ($reshook == 0) $out .= $hookmanager->resPrint;
return $out;
}

2
htdocs/product/composition/card.php
View File

@ -70,7 +70,7 @@ if ($cancel) $action ='';
if ($action == 'add_prod' && ($user->rights->produit->creer || $user->rights->service->creer))
{
$error=0;
var_dump(GETPOST("max_prod", 'int'));
for ($i=0; $i < GETPOST("max_prod", 'int'); $i++)
{
$qty = price2num(GETPOST("prod_qty_".$i, 'alpha'), 'MS');

2
htdocs/product/stats/facture.php
View File

@ -225,7 +225,7 @@ if ($id > 0 || ! empty($ref))
print_liste_field_titre("CustomerCode", $_SERVER["PHP_SELF"], "s.code_client", "", $option, '', $sortfield, $sortorder);
print_liste_field_titre("DateInvoice", $_SERVER["PHP_SELF"], "f.datef", "", $option, 'align="center"', $sortfield, $sortorder);
print_liste_field_titre("Qty", $_SERVER["PHP_SELF"], "d.qty", "", $option, 'align="center"', $sortfield, $sortorder);
print_liste_field_titre("AmountHT", $_SERVER["PHP_SELF"], "f.total", "", $option, 'align="right"', $sortfield, $sortorder);
print_liste_field_titre("AmountHT", $_SERVER["PHP_SELF"], "d.total_ht", "", $option, 'align="right"', $sortfield, $sortorder);
print_liste_field_titre("Status", $_SERVER["PHP_SELF"], "f.paye,f.fk_statut", "", $option, 'align="right"', $sortfield, $sortorder);
print "</tr>\n";

12
htdocs/product/stock/class/entrepot.class.php
View File

@ -692,7 +692,7 @@ class Entrepot extends CommonObject
*/
public function getNomUrl($withpicto = 0, $option = '', $showfullpath = 0, $notooltip = 0)
{
global $conf, $langs;
global $conf, $langs, $hookmanager;
$langs->load("stocks");
if (! empty($conf->dol_no_mouse_hover)) $notooltip=1; // Force disable tooltips
@ -731,6 +731,16 @@ class Entrepot extends CommonObject
if ($withpicto != 2) $result.= ($showfullpath ? $this->get_full_arbo() : (empty($this->label)?$this->libelle:$this->label));
$result .= $linkend;
global $action;
$hookmanager->initHooks(array('warehousedao'));
$parameters = array('id'=>$this->id, 'getnomurl'=>$result, 'withpicto' => $withpicto, 'option' => $option, 'showfullpath' => $showfullpath, 'notooltip'=> $notooltip);
$reshook = $hookmanager->executeHooks('getNomUrl', $parameters, $this, $action); // Note that $action and $object may have been modified by some hooks
if ($reshook > 0) {
$result = $hookmanager->resPrint;
} else {
$result .= $hookmanager->resPrint;
}
return $result;
}

3
htdocs/product/stock/massstockmove.php
View File

@ -34,6 +34,9 @@ require_once DOL_DOCUMENT_ROOT.'/product/class/html.formproduct.class.php';
// Load translation files required by the page
$langs->loadLangs(array('products', 'stocks', 'orders', 'productbatch'));
//init Hook
$hookmanager->initHooks(array('massstockmove'));
// Security check
if ($user->socid) {
$socid = $user->socid;

3
htdocs/product/stock/replenish.php
View File

@ -376,8 +376,11 @@ if ($usevirtualstock)
$sqlExpeditionsCli = "(SELECT ".$db->ifsql("SUM(ed2.qty) IS NULL", "0", "SUM(ed2.qty)")." as qty"; // We need the ifsql because if result is 0 for product p.rowid, we must return 0 and not NULL
$sqlExpeditionsCli .= " FROM ".MAIN_DB_PREFIX."expedition as e2,";
$sqlExpeditionsCli .= " ".MAIN_DB_PREFIX."expeditiondet as ed2,";
$sqlExpeditionsCli .= " ".MAIN_DB_PREFIX."commande as c2,";
$sqlExpeditionsCli .= " ".MAIN_DB_PREFIX."commandedet as cd2";
$sqlExpeditionsCli .= " WHERE ed2.fk_expedition = e2.rowid AND cd2.rowid = ed2.fk_origin_line AND e2.entity IN (".getEntity('expedition').")";
$sqlExpeditionsCli .= " AND cd2.fk_commande = c2.rowid";
$sqlExpeditionsCli .= " AND c2.fk_statut IN (1,2)";
$sqlExpeditionsCli .= " AND cd2.fk_product = p.rowid";
$sqlExpeditionsCli .= " AND e2.fk_statut IN (1,2))";
} else {

1
htdocs/projet/tasks/list.php
View File

@ -58,6 +58,7 @@ $search_task_label = GETPOST('search_task_label');
$search_task_description = GETPOST('search_task_description');
$search_project_user = GETPOST('search_project_user');
$search_task_user = GETPOST('search_task_user');
$search_societe = GETPOST('search_societe');
$mine = $_REQUEST['mode'] == 'mine' ? 1 : 0;
if ($mine) { $search_task_user = $user->id; $mine = 0; }

7
htdocs/public/notice.php
View File

@ -41,9 +41,8 @@ if (! GETPOST('transkey', 'alphanohtml') && ! GETPOST('transphrase', 'alphanohtm
}
else
{
$langs->load("error");
$langs->load("other");
$langs->loadLangs(array("error", "other"));
if (GETPOST('transphrase', 'alphanohtml')) print GETPOST('transphrase', 'alphanohtml');
if (GETPOST('transkey', 'alphanohtml')) print $langs->trans(GETPOST('transkey', 'alphanohtml'));
if (GETPOST('transphrase', 'alphanohtml')) print dol_escape_htmltag(GETPOST('transphrase', 'alphanohtml'));
elseif (GETPOST('transkey', 'alphanohtml')) print dol_escape_htmltag($langs->trans(GETPOST('transkey', 'alphanohtml')));
}

111
htdocs/societe/card.php
View File

@ -390,23 +390,23 @@ if (empty($reshook))
if (GETPOST("private", 'int') == 1) // Ask to create a contact
{
$object->particulier = GETPOST("private");
$object->particulier = GETPOST("private", 'int');
$object->name = dolGetFirstLastname(GETPOST('firstname', 'alpha'), GETPOST('name', 'alpha'));
$object->civility_id = GETPOST('civility_id'); // Note: civility id is a code, not an int
$object->name = dolGetFirstLastname(GETPOST('firstname', 'alphanohtml'), GETPOST('name', 'alphanohtml'));
$object->civility_id = GETPOST('civility_id', 'alphanohtml'); // Note: civility id is a code, not an int
// Add non official properties
$object->name_bis = GETPOST('name', 'alpha');
$object->firstname = GETPOST('firstname', 'alpha');
$object->name_bis = GETPOST('name', 'alphanohtml');
$object->firstname = GETPOST('firstname', 'alphanohtml');
}
else
{
$object->name = GETPOST('name', 'alpha');
$object->name = GETPOST('name', 'alphanohtml');
}
$object->entity = (GETPOSTISSET('entity') ?GETPOST('entity', 'int') : $conf->entity);
$object->name_alias = GETPOST('name_alias');
$object->address = GETPOST('address');
$object->zip = GETPOST('zipcode', 'alpha');
$object->town = GETPOST('town', 'alpha');
$object->entity = (GETPOSTISSET('entity') ? GETPOST('entity', 'int') : $conf->entity);
$object->name_alias = GETPOST('name_alias', 'alphanohtml');
$object->address = GETPOST('address', 'alphanohtml');
$object->zip = GETPOST('zipcode', 'alphanohtml');
$object->town = GETPOST('town', 'alphanohtml');
$object->country_id = GETPOST('country_id', 'int');
$object->state_id = GETPOST('state_id', 'int');
//$object->skype = GETPOST('skype', 'alpha');
@ -425,19 +425,19 @@ if (empty($reshook))
$object->fax = GETPOST('fax', 'alpha');
$object->email = trim(GETPOST('email', 'custom', 0, FILTER_SANITIZE_EMAIL));
$object->url = trim(GETPOST('url', 'custom', 0, FILTER_SANITIZE_URL));
$object->idprof1 = trim(GETPOST('idprof1', 'alpha'));
$object->idprof2 = trim(GETPOST('idprof2', 'alpha'));
$object->idprof3 = trim(GETPOST('idprof3', 'alpha'));
$object->idprof4 = trim(GETPOST('idprof4', 'alpha'));
$object->idprof5 = trim(GETPOST('idprof5', 'alpha'));
$object->idprof6 = trim(GETPOST('idprof6', 'alpha'));
$object->prefix_comm = GETPOST('prefix_comm', 'alpha');
$object->idprof1 = trim(GETPOST('idprof1', 'alphanohtml'));
$object->idprof2 = trim(GETPOST('idprof2', 'alphanohtml'));
$object->idprof3 = trim(GETPOST('idprof3', 'alphanohtml'));
$object->idprof4 = trim(GETPOST('idprof4', 'alphanohtml'));
$object->idprof5 = trim(GETPOST('idprof5', 'alphanohtml'));
$object->idprof6 = trim(GETPOST('idprof6', 'alphanohtml'));
$object->prefix_comm = GETPOST('prefix_comm', 'alphanohtml');
$object->code_client = GETPOSTISSET('customer_code') ?GETPOST('customer_code', 'alpha') : GETPOST('code_client', 'alpha');
$object->code_fournisseur = GETPOSTISSET('supplier_code') ?GETPOST('supplier_code', 'alpha') : GETPOST('code_fournisseur', 'alpha');
$object->capital = GETPOST('capital', 'alpha');
$object->barcode = GETPOST('barcode', 'alpha');
$object->capital = GETPOST('capital', 'alphanohtml');
$object->barcode = GETPOST('barcode', 'alphanohtml');
$object->tva_intra = GETPOST('tva_intra', 'alpha');
$object->tva_intra = GETPOST('tva_intra', 'alphanohtml');
$object->tva_assuj = GETPOST('assujtva_value', 'alpha');
$object->status = GETPOST('status', 'alpha');
@ -861,6 +861,11 @@ if (empty($reshook))
$id = $socid;
$object->fetch($socid);
// Selection of new fields
if (!empty($conf->global->MAIN_DUPLICATE_CONTACTS_TAB_ON_MAIN_CARD) && (empty($conf->global->SOCIETE_DISABLE_CONTACTS) || !empty($conf->global->SOCIETE_ADDRESSES_MANAGEMENT))) {
include DOL_DOCUMENT_ROOT . '/core/actions_changeselectedfields.inc.php';
}
// Actions to send emails
$triggersendname = 'COMPANY_SENTBYMAIL';
$paramname = 'socid';
@ -964,16 +969,16 @@ else
if (GETPOST("type") == 'p') { $object->client = 2; }
if (!empty($conf->fournisseur->enabled) && (GETPOST("type") == 'f' || (GETPOST("type") == '' && !empty($conf->global->THIRDPARTY_SUPPLIER_BY_DEFAULT)))) { $object->fournisseur = 1; }
$object->name = GETPOST('name', 'alpha');
$object->name_alias = GETPOST('name_alias', 'alpha');
$object->firstname = GETPOST('firstname', 'alpha');
$object->name = GETPOST('name', 'alphanohtml');
$object->name_alias = GETPOST('name_alias', 'alphanohtml');
$object->firstname = GETPOST('firstname', 'alphanohtml');
$object->particulier = $private;
$object->prefix_comm = GETPOST('prefix_comm', 'alpha');
$object->prefix_comm = GETPOST('prefix_comm', 'alphanohtml');
$object->client = GETPOST('client', 'int') ?GETPOST('client', 'int') : $object->client;
if (empty($duplicate_code_error)) {
$object->code_client = GETPOST('customer_code', 'alpha');
$object->fournisseur = GETPOST('fournisseur') ?GETPOST('fournisseur') : $object->fournisseur;
$object->fournisseur = GETPOST('fournisseur') ? GETPOST('fournisseur', 'int') : $object->fournisseur;
$object->code_fournisseur = GETPOST('supplier_code', 'alpha');
}
else {
@ -981,9 +986,9 @@ else
}
$object->address = GETPOST('address', 'alpha');
$object->zip = GETPOST('zipcode', 'alpha');
$object->town = GETPOST('town', 'alpha');
$object->address = GETPOST('address', 'alphanohtml');
$object->zip = GETPOST('zipcode', 'alphanohtml');
$object->town = GETPOST('town', 'alphanohtml');
$object->state_id = GETPOST('state_id', 'int');
//$object->skype = GETPOST('skype', 'alpha');
//$object->twitter = GETPOST('twitter', 'alpha');
@ -1001,14 +1006,14 @@ else
$object->fax = GETPOST('fax', 'alpha');
$object->email = GETPOST('email', 'custom', 0, FILTER_SANITIZE_EMAIL);
$object->url = GETPOST('url', 'custom', 0, FILTER_SANITIZE_URL);
$object->capital = GETPOST('capital', 'alpha');
$object->barcode = GETPOST('barcode', 'alpha');
$object->idprof1 = GETPOST('idprof1', 'alpha');
$object->idprof2 = GETPOST('idprof2', 'alpha');
$object->idprof3 = GETPOST('idprof3', 'alpha');
$object->idprof4 = GETPOST('idprof4', 'alpha');
$object->idprof5 = GETPOST('idprof5', 'alpha');
$object->idprof6 = GETPOST('idprof6', 'alpha');
$object->capital = GETPOST('capital', 'alphanohtml');
$object->barcode = GETPOST('barcode', 'alphanohtml');
$object->idprof1 = GETPOST('idprof1', 'alphanohtml');
$object->idprof2 = GETPOST('idprof2', 'alphanohtml');
$object->idprof3 = GETPOST('idprof3', 'alphanohtml');
$object->idprof4 = GETPOST('idprof4', 'alphanohtml');
$object->idprof5 = GETPOST('idprof5', 'alphanohtml');
$object->idprof6 = GETPOST('idprof6', 'alphanohtml');
$object->typent_id = GETPOST('typent_id', 'int');
$object->effectif_id = GETPOST('effectif_id', 'int');
$object->civility_id = GETPOST('civility_id', 'alpha');
@ -1023,7 +1028,7 @@ else
$object->localtax1_value = GETPOST('lt1', 'int');
$object->localtax2_value = GETPOST('lt2', 'int');
$object->tva_intra = GETPOST('tva_intra', 'alpha');
$object->tva_intra = GETPOST('tva_intra', 'alphanohtml');
$object->commercial_id = GETPOST('commercial_id', 'int');
$object->default_lang = GETPOST('default_lang');
@ -1252,7 +1257,7 @@ else
print '<td>'.$form->editfieldkey('Vendor', 'fournisseur', '', $object, 0, 'string', '', 1).'</td><td>';
$default = -1;
if (!empty($conf->global->THIRDPARTY_SUPPLIER_BY_DEFAULT)) $default = 1;
print $form->selectyesno("fournisseur", (GETPOST('fournisseur', 'int') != '' ?GETPOST('fournisseur', 'int') : (GETPOST("type", 'alpha') == '' ? $default : $object->fournisseur)), 1, 0, (GETPOST("type", 'alpha') == '' ? 1 : 0));
print $form->selectyesno("fournisseur", (GETPOST('fournisseur', 'int') != '' ? GETPOST('fournisseur', 'int') : (GETPOST("type", 'alpha') == '' ? $default : $object->fournisseur)), 1, 0, (GETPOST("type", 'alpha') == '' ? 1 : 0));
print '</td>';
@ -1651,15 +1656,15 @@ else
if (GETPOSTISSET('name'))
{
// We overwrite with values if posted
$object->name = GETPOST('name', 'alpha');
$object->prefix_comm = GETPOST('prefix_comm', 'alpha');
$object->name = GETPOST('name', 'alphanohtml');
$object->prefix_comm = GETPOST('prefix_comm', 'alphanohtml');
$object->client = GETPOST('client', 'int');
$object->code_client = GETPOST('customer_code', 'alpha');
$object->fournisseur = GETPOST('fournisseur', 'int');
$object->code_fournisseur = GETPOST('supplier_code', 'alpha');
$object->address = GETPOST('address', 'alpha');
$object->zip = GETPOST('zipcode', 'alpha');
$object->town = GETPOST('town', 'alpha');
$object->address = GETPOST('address', 'alphanohtml');
$object->zip = GETPOST('zipcode', 'alphanohtml');
$object->town = GETPOST('town', 'alphanohtml');
$object->country_id = GETPOST('country_id') ?GETPOST('country_id', 'int') : $mysoc->country_id;
$object->state_id = GETPOST('state_id', 'int');
//$object->skype = GETPOST('skype', 'alpha');
@ -1678,21 +1683,21 @@ else
$object->fax = GETPOST('fax', 'alpha');
$object->email = GETPOST('email', 'custom', 0, FILTER_SANITIZE_EMAIL);
$object->url = GETPOST('url', 'custom', 0, FILTER_SANITIZE_URL);
$object->capital = GETPOST('capital', 'alpha');
$object->idprof1 = GETPOST('idprof1', 'alpha');
$object->idprof2 = GETPOST('idprof2', 'alpha');
$object->idprof3 = GETPOST('idprof3', 'alpha');
$object->idprof4 = GETPOST('idprof4', 'alpha');
$object->idprof5 = GETPOST('idprof5', 'alpha');
$object->idprof6 = GETPOST('idprof6', 'alpha');
$object->capital = GETPOST('capital', 'alphanohtml');
$object->idprof1 = GETPOST('idprof1', 'alphanohtml');
$object->idprof2 = GETPOST('idprof2', 'alphanohtml');
$object->idprof3 = GETPOST('idprof3', 'alphanohtml');
$object->idprof4 = GETPOST('idprof4', 'alphanohtml');
$object->idprof5 = GETPOST('idprof5', 'alphanohtml');
$object->idprof6 = GETPOST('idprof6', 'alphanohtml');
$object->typent_id = GETPOST('typent_id', 'int');
$object->effectif_id = GETPOST('effectif_id', 'int');
$object->barcode = GETPOST('barcode', 'alpha');
$object->barcode = GETPOST('barcode', 'alphanohtml');
$object->forme_juridique_code = GETPOST('forme_juridique_code', 'int');
$object->default_lang = GETPOST('default_lang', 'alpha');
$object->tva_assuj = GETPOST('assujtva_value', 'int');
$object->tva_intra = GETPOST('tva_intra', 'alpha');
$object->tva_intra = GETPOST('tva_intra', 'alphanohtml');
$object->status = GETPOST('status', 'int');
// Webservices url/key

58
htdocs/societe/class/societe.class.php
View File

@ -83,7 +83,8 @@ class Societe extends CommonObject
);
/**
* @var array List of child tables. To know object to delete on cascade.
* @var array List of child tables. To know object to delete on cascade.
* if name like with @ClassNAme:FilePathClass;ParentFkFieldName' it will call method deleteByParentField (with parentId as parameters) and FieldName to fetch and delete child object
*/
protected $childtablesoncascade = array(
"societe_prices",
@ -92,7 +93,7 @@ class Societe extends CommonObject
"product_fournisseur_price",
"product_customer_price_log",
"product_customer_price",
"socpeople",
"@Contact:/contact/class/contact.class.php:fk_soc",
"adherent",
"societe_account",
"societe_rib",
@ -636,6 +637,12 @@ class Societe extends CommonObject
*/
public $multicurrency_code;
/**
* @var Account Default BAN account
*/
public $bank_account;
/**
* Constructor
*
@ -1671,16 +1678,36 @@ class Societe extends CommonObject
}
}
foreach ($this->childtablesoncascade as $tabletodelete)
if (!$error)
{
if (!$error)
foreach ($this->childtablesoncascade as $tabletodelete)
{
$sql = "DELETE FROM ".MAIN_DB_PREFIX.$tabletodelete;
$sql .= " WHERE fk_soc = ".$id;
if (!$this->db->query($sql))
{
$error++;
$this->errors[] = $this->db->lasterror();
$deleteFromObject=explode(':', $tabletodelete);
if (count($deleteFromObject)>=2) {
$className=str_replace('@', '', $deleteFromObject[0]);
$filepath=$deleteFromObject[1];
$columnName=$deleteFromObject[2];
if (dol_include_once($filepath)) {
$child_object = new $className($this->db);
$result = $child_object->deleteByParentField($id, $columnName);
if ($result < 0) {
$error++;
$this->errors[] = $child_object->error;
break;
}
} else {
$error++;
$this->errors[] = 'Cannot include child class file ' .$filepath;
break;
}
} else {
$sql = "DELETE FROM " . MAIN_DB_PREFIX . $tabletodelete;
$sql .= " WHERE fk_soc = " . $id;
if (!$this->db->query($sql)) {
$error++;
$this->errors[] = $this->db->lasterror();
break;
}
}
}
}
@ -4155,6 +4182,17 @@ class Societe extends CommonObject
}
}
if (! isset($this->bank_account)) {
require_once DOL_DOCUMENT_ROOT.'/societe/class/companybankaccount.class.php';
$bac = new CompanyBankAccount($this->db);
$result = $bac->fetch(0, $this->id);
if ($result > 0) {
$this->bank_account = $bac;
} else {
$this->bank_account = '';
}
}
$modelpath = "core/modules/societe/doc/";
$result = $this->commonGenerateDocument($modelpath, $modele, $outputlangs, $hidedetails, $hidedesc, $hideref, $moreparams);

18
htdocs/ticket/card.php
View File

@ -129,11 +129,11 @@ if ($cancel)
if (GETPOST('add', 'alpha') && $user->rights->ticket->write) {
$error = 0;
if (!GETPOST("subject", 'alpha')) {
if (!GETPOST("subject", 'alphanohtml')) {
$error++;
setEventMessages($langs->trans("ErrorFieldRequired", $langs->transnoentities("Subject")), null, 'errors');
$action = 'create';
} elseif (!GETPOST("message", 'alpha')) {
} elseif (!GETPOST("message", 'restricthtml')) {
$error++;
setEventMessages($langs->trans("ErrorFieldRequired", $langs->transnoentities("Message")), null, 'errors');
$action = 'create';
@ -142,10 +142,10 @@ if (GETPOST('add', 'alpha') && $user->rights->ticket->write) {
if (!$error) {
$db->begin();
$object->ref = GETPOST("ref", 'alpha');
$object->ref = GETPOST("ref", 'alphanohtml');
$object->fk_soc = GETPOST("socid", 'int') > 0 ? GETPOST("socid", 'int') : 0;
$object->subject = GETPOST("subject", 'alpha');
$object->message = GETPOST("message", 'none');
$object->subject = GETPOST("subject", 'alphanohtml');
$object->message = GETPOST("message", 'restricthtml');
$object->type_code = GETPOST("type_code", 'alpha');
$object->category_code = GETPOST("category_code", 'alpha');
@ -274,7 +274,7 @@ if (GETPOST('update', 'alpha') && GETPOST('id', 'int') && $user->rights->ticket-
$error++;
array_push($object->errors, $langs->trans("ErrorFieldRequired", $langs->transnoentities("Label")));
$action = 'edit';
} elseif (!GETPOST("subject")) {
} elseif (!GETPOST("subject", 'alphanohtml')) {
$error++;
array_push($object->errors, $langs->trans("ErrorFieldRequired", $langs->transnoentities("Subject")));
$action = 'edit';
@ -284,7 +284,7 @@ if (GETPOST('update', 'alpha') && GETPOST('id', 'int') && $user->rights->ticket-
$db->begin();
$object->label = GETPOST("label", 'alphanohtml');
$object->description = GETPOST("description", 'none');
$object->description = GETPOST("description", 'restricthtml');
//...
$ret = $object->update($user);
@ -459,7 +459,7 @@ if ($action == 'set_progression' && $user->rights->ticket->write) {
if ($action == 'setsubject') {
if ($object->fetch(GETPOST('id', 'int'))) {
if ($action == 'setsubject') {
$object->subject = trim(GETPOST('subject', 'alpha'));
$object->subject = trim(GETPOST('subject', 'alphanohtml'));
}
if ($action == 'setsubject' && empty($object->subject)) {
@ -512,7 +512,7 @@ elseif ($action == 'setcontract' && $user->rights->ticket->write) {
if (!GETPOST('cancel')) {
$object->fetch('', '', GETPOST('track_id', 'alpha'));
$oldvalue_message = $object->message;
$fieldtomodify = GETPOST('message_initial');
$fieldtomodify = GETPOST('message_initial', 'restricthtml');
$object->message = $fieldtomodify;
$ret = $object->update($user);

5
htdocs/ticket/class/ticket.class.php
View File

@ -2455,8 +2455,9 @@ class Ticket extends CommonObject
// If destination file already exists, we add a suffix to avoid to overwrite
if (is_file($destfile))
{
$now = dol_now();
$destfile .= '.'.dol_print_date($now, 'dayhourlog');
$pathinfo = pathinfo($filename[$i]);
$now = dol_now();
$destfile = $destdir.'/'.$pathinfo['filename'].' - '.dol_print_date($now, 'dayhourlog').'.'.$pathinfo['extension'];
}
$res = dol_move($filepath[$i], $destfile, 0, 1);

114
htdocs/user/card.php
View File

@ -1631,32 +1631,36 @@ else
print "</tr>\n";
// Expense report validator
print '<tr><td>';
$text = $langs->trans("ForceUserExpenseValidator");
print $form->textwithpicto($text, $langs->trans("ValidatorIsSupervisorByDefault"), 1, 'help');
print '</td>';
print '<td>';
if (!empty($object->fk_user_expense_validator)) {
$evuser = new User($db);
$evuser->fetch($object->fk_user_expense_validator);
print $evuser->getNomUrl(1);
if (!empty($conf->expensereport->enabled)) {
print '<tr><td>';
$text = $langs->trans("ForceUserExpenseValidator");
print $form->textwithpicto($text, $langs->trans("ValidatorIsSupervisorByDefault"), 1, 'help');
print '</td>';
print '<td>';
if (!empty($object->fk_user_expense_validator)) {
$evuser = new User($db);
$evuser->fetch($object->fk_user_expense_validator);
print $evuser->getNomUrl(1);
}
print '</td>';
print "</tr>\n";
}
print '</td>';
print "</tr>\n";
// Holiday request validator
print '<tr><td>';
$text = $langs->trans("ForceUserHolidayValidator");
print $form->textwithpicto($text, $langs->trans("ValidatorIsSupervisorByDefault"), 1, 'help');
print '</td>';
print '<td>';
if (!empty($object->fk_user_holiday_validator)) {
$hvuser = new User($db);
$hvuser->fetch($object->fk_user_holiday_validator);
print $hvuser->getNomUrl(1);
if (!empty($conf->holiday->enabled)) {
print '<tr><td>';
$text = $langs->trans("ForceUserHolidayValidator");
print $form->textwithpicto($text, $langs->trans("ValidatorIsSupervisorByDefault"), 1, 'help');
print '</td>';
print '<td>';
if (!empty($object->fk_user_holiday_validator)) {
$hvuser = new User($db);
$hvuser->fetch($object->fk_user_holiday_validator);
print $hvuser->getNomUrl(1);
}
print '</td>';
print "</tr>\n";
}
print '</td>';
print "</tr>\n";
// Default warehouse
if (!empty($conf->stock->enabled) && !empty($conf->global->USER_DEFAULT_WAREHOUSE)) // TODO What is goal of this. How it is used ?
@ -2345,44 +2349,42 @@ else
print "</tr>\n";
// Expense report validator
print '<tr><td class="titlefield">';
$text = $langs->trans("ForceUserExpenseValidator");
print $form->textwithpicto($text, $langs->trans("ValidatorIsSupervisorByDefault"), 1, 'help');
print '</td>';
print '<td>';
if ($caneditfield)
{
print $form->select_dolusers($object->fk_user_expense_validator, 'fk_user_expense_validator', 1, array($object->id), 0, '', 0, $object->entity, 0, 0, '', 0, '', 'maxwidth300');
if (!empty($conf->expensereport->enabled)) {
print '<tr><td class="titlefield">';
$text = $langs->trans("ForceUserExpenseValidator");
print $form->textwithpicto($text, $langs->trans("ValidatorIsSupervisorByDefault"), 1, 'help');
print '</td>';
print '<td>';
if ($caneditfield) {
print $form->select_dolusers($object->fk_user_expense_validator, 'fk_user_expense_validator', 1, array($object->id), 0, '', 0, $object->entity, 0, 0, '', 0, '', 'maxwidth300');
} else {
print '<input type="hidden" name="fk_user_expense_validator" value="' . $object->fk_user_expense_validator . '">';
$evuser = new User($db);
$evuser->fetch($object->fk_user_expense_validator);
print $evuser->getNomUrl(1);
}
print '</td>';
print "</tr>\n";
}
else
{
print '<input type="hidden" name="fk_user_expense_validator" value="'.$object->fk_user_expense_validator.'">';
$evuser = new User($db);
$evuser->fetch($object->fk_user_expense_validator);
print $evuser->getNomUrl(1);
}
print '</td>';
print "</tr>\n";
// Holiday request validator
print '<tr><td class="titlefield">';
$text = $langs->trans("ForceUserHolidayValidator");
print $form->textwithpicto($text, $langs->trans("ValidatorIsSupervisorByDefault"), 1, 'help');
print '</td>';
print '<td>';
if ($caneditfield)
{
print $form->select_dolusers($object->fk_user_holiday_validator, 'fk_user_holiday_validator', 1, array($object->id), 0, '', 0, $object->entity, 0, 0, '', 0, '', 'maxwidth300');
if (!empty($conf->holiday->enabled)) {
print '<tr><td class="titlefield">';
$text = $langs->trans("ForceUserHolidayValidator");
print $form->textwithpicto($text, $langs->trans("ValidatorIsSupervisorByDefault"), 1, 'help');
print '</td>';
print '<td>';
if ($caneditfield) {
print $form->select_dolusers($object->fk_user_holiday_validator, 'fk_user_holiday_validator', 1, array($object->id), 0, '', 0, $object->entity, 0, 0, '', 0, '', 'maxwidth300');
} else {
print '<input type="hidden" name="fk_user_holiday_validator" value="' . $object->fk_user_holiday_validator . '">';
$hvuser = new User($db);
$hvuser->fetch($object->fk_user_holiday_validator);
print $hvuser->getNomUrl(1);
}
print '</td>';
print "</tr>\n";
}
else
{
print '<input type="hidden" name="fk_user_holiday_validator" value="'.$object->fk_user_holiday_validator.'">';
$hvuser = new User($db);
$hvuser->fetch($object->fk_user_holiday_validator);
print $hvuser->getNomUrl(1);
}
print '</td>';
print "</tr>\n";
print '</table><hr><table class="border centpercent">';

2
htdocs/variants/ajax/get_attribute_values.php
View File

@ -28,7 +28,7 @@ require_once DOL_DOCUMENT_ROOT.'/variants/class/ProductAttributeValue.class.php'
header('Content-Type: application/json');
$id = GETPOST('id');
$id = GETPOST('id', 'int');
if (!$id) {
print json_encode(array(