diff --git a/htdocs/admin/tools/export_files.php b/htdocs/admin/tools/export_files.php index 36be1f273ff..a3c20d0dffc 100644 --- a/htdocs/admin/tools/export_files.php +++ b/htdocs/admin/tools/export_files.php @@ -173,7 +173,7 @@ if ($compression == 'zip') { // We also exclude '/temp/' dir and 'documents/admin/documents' // We make escapement here and call executeCLI without escapement because we don't want to have the '*.log' escaped. - $cmd = "tar -cf ".escapeshellcmd($outputdir."/".$file)." --exclude-vcs --exclude-caches-all --exclude='temp' --exclude='*.log' --exclude='*.pdf_preview-*.png' --exclude='documents/admin/documents' -C '".escapeshellcmd(dol_sanitizePathName($dirtoswitch))."' '".escapeshellcmd(dol_sanitizeFileName($dirtocompress))."'"; + $cmd = "tar -cf '".escapeshellcmd($outputdir."/".$file)."' --exclude-vcs --exclude-caches-all --exclude='temp' --exclude='*.log' --exclude='*.pdf_preview-*.png' --exclude='documents/admin/documents' -C '".escapeshellcmd(dol_sanitizePathName($dirtoswitch))."' '".escapeshellcmd(dol_sanitizeFileName($dirtocompress))."'"; $result = $utils->executeCLI($cmd, $outputfile, 0, null, 1); diff --git a/htdocs/bookmarks/bookmarks.lib.php b/htdocs/bookmarks/bookmarks.lib.php index 83b5b69283f..e5781d98561 100644 --- a/htdocs/bookmarks/bookmarks.lib.php +++ b/htdocs/bookmarks/bookmarks.lib.php @@ -66,7 +66,7 @@ function printDropdownBookmarksList() // Url to list bookmark - $listbtn = ''; + $listbtn = ''; $listbtn .= img_picto('', 'bookmark', 'class="paddingright"').$langs->trans('Bookmarks').''; // Url to go on create new bookmark page diff --git a/htdocs/comm/propal/card.php b/htdocs/comm/propal/card.php index 61a406a2378..61ecb966359 100644 --- a/htdocs/comm/propal/card.php +++ b/htdocs/comm/propal/card.php @@ -1955,7 +1955,7 @@ if ($action == 'create') { // We verify whether the object is provisionally numbering $ref = substr($object->ref, 1, 4); - if ($ref == 'PROV') { + if ($ref == 'PROV' || $ref == '') { $numref = $object->getNextNumRef($soc); if (empty($numref)) { $error++; diff --git a/htdocs/commande/card.php b/htdocs/commande/card.php index 9b11a477d52..1470ee210e8 100644 --- a/htdocs/commande/card.php +++ b/htdocs/commande/card.php @@ -1900,8 +1900,12 @@ if ($action == 'create' && $usercancreate) { if ($action == 'validate') { // We check that object has a temporary ref $ref = substr($object->ref, 1, 4); - if ($ref == 'PROV') { + if ($ref == 'PROV' || $ref == '') { $numref = $object->getNextNumRef($soc); + if (empty($numref)) { + $error++; + setEventMessages($object->error, $object->errors, 'errors'); + } } else { $numref = $object->ref; } @@ -1952,8 +1956,9 @@ if ($action == 'create' && $usercancreate) { if ($nbMandated > 0 ) $text .= '
'.$langs->trans("mandatoryPeriodNeedTobeSetMsgValidate").'
'; - - $formconfirm = $form->formconfirm($_SERVER["PHP_SELF"].'?id='.$object->id, $langs->trans('ValidateOrder'), $text, 'confirm_validate', $formquestion, 0, 1, 220); + if (!$error) { + $formconfirm = $form->formconfirm($_SERVER["PHP_SELF"].'?id='.$object->id, $langs->trans('ValidateOrder'), $text, 'confirm_validate', $formquestion, 0, 1, 220); + } } // Confirm back to draft status diff --git a/htdocs/compta/resultat/clientfourn.php b/htdocs/compta/resultat/clientfourn.php index 342360bd454..30d4f4ce825 100644 --- a/htdocs/compta/resultat/clientfourn.php +++ b/htdocs/compta/resultat/clientfourn.php @@ -934,33 +934,29 @@ if ($modecompta == 'BOOKKEEPING') { if ($modecompta == 'CREANCES-DETTES' || $modecompta == 'RECETTES-DEPENSES') { if ($modecompta == 'CREANCES-DETTES') { - //$column = 's.dateep'; // We use the date of salary - $column = 'p.datep'; + $column = 's.dateep'; // We use the date of end of period of salary + + $sql = "SELECT u.rowid, u.firstname, u.lastname, s.fk_user as fk_user, s.label as label, date_format($column,'%Y-%m') as dm, sum(s.amount) as amount"; + $sql .= " FROM ".MAIN_DB_PREFIX."salary as s"; + $sql .= " INNER JOIN ".MAIN_DB_PREFIX."user as u ON u.rowid = s.fk_user"; + $sql .= " WHERE s.entity IN (".getEntity('salary').")"; + if (!empty($date_start) && !empty($date_end)) { + $sql .= " AND $column >= '".$db->idate($date_start)."' AND $column <= '".$db->idate($date_end)."'"; + } + $sql .= " GROUP BY u.rowid, u.firstname, u.lastname, s.fk_user, s.label, dm"; } else { $column = 'p.datep'; - } - $sql = "SELECT u.rowid, u.firstname, u.lastname, s.fk_user as fk_user, p.label as label, date_format($column,'%Y-%m') as dm, sum(p.amount) as amount"; - $sql .= " FROM ".MAIN_DB_PREFIX."payment_salary as p"; - $sql .= " INNER JOIN ".MAIN_DB_PREFIX."salary as s ON s.rowid=p.fk_salary"; - $sql .= " INNER JOIN ".MAIN_DB_PREFIX."user as u ON u.rowid=s.fk_user"; - $sql .= " WHERE s.entity IN (".getEntity('salary').")"; - if (!empty($date_start) && !empty($date_end)) { - $sql .= " AND $column >= '".$db->idate($date_start)."' AND $column <= '".$db->idate($date_end)."'"; + $sql = "SELECT u.rowid, u.firstname, u.lastname, s.fk_user as fk_user, p.label as label, date_format($column,'%Y-%m') as dm, sum(p.amount) as amount"; + $sql .= " FROM ".MAIN_DB_PREFIX."payment_salary as p"; + $sql .= " INNER JOIN ".MAIN_DB_PREFIX."salary as s ON s.rowid = p.fk_salary"; + $sql .= " INNER JOIN ".MAIN_DB_PREFIX."user as u ON u.rowid = s.fk_user"; + $sql .= " WHERE p.entity IN (".getEntity('payment_salary').")"; + if (!empty($date_start) && !empty($date_end)) { + $sql .= " AND $column >= '".$db->idate($date_start)."' AND $column <= '".$db->idate($date_end)."'"; + } + $sql .= " GROUP BY u.rowid, u.firstname, u.lastname, s.fk_user, p.label, dm"; } - $sql .= " GROUP BY u.rowid, u.firstname, u.lastname, s.fk_user, p.label, dm"; - - // For backward compatibility with old module salary - $column = 'p.datep'; - $sql .= " UNION "; - $sql .= " SELECT u.rowid, u.firstname, u.lastname, p.fk_user as fk_user, p.label as label, date_format($column,'%Y-%m') as dm, sum(p.amount) as amount"; - $sql .= " FROM ".MAIN_DB_PREFIX."payment_salary as p"; - $sql .= " INNER JOIN ".MAIN_DB_PREFIX."user as u ON u.rowid=p.fk_user"; - $sql .= " WHERE p.entity IN (".getEntity('payment_salary').")"; - if (!empty($date_start) && !empty($date_end)) { - $sql .= " AND $column >= '".$db->idate($date_start)."' AND $column <= '".$db->idate($date_end)."'"; - } - $sql .= " GROUP BY u.rowid, u.firstname, u.lastname, p.fk_user, p.label, dm"; $newsortfield = $sortfield; if ($newsortfield == 's.nom, s.rowid') { @@ -975,7 +971,7 @@ if ($modecompta == 'BOOKKEEPING') { $sql .= $db->order($newsortfield, $sortorder); } - dol_syslog("get payment salaries"); + dol_syslog("get salaries"); $result = $db->query($sql); $subtotal_ht = 0; $subtotal_ttc = 0; diff --git a/htdocs/compta/resultat/index.php b/htdocs/compta/resultat/index.php index 6aab9093c05..ff770acf554 100644 --- a/htdocs/compta/resultat/index.php +++ b/htdocs/compta/resultat/index.php @@ -615,23 +615,31 @@ if (!empty($conf->tax->enabled) && ($modecompta == 'CREANCES-DETTES' || $modecom if (!empty($conf->salaries->enabled) && ($modecompta == 'CREANCES-DETTES' || $modecompta == "RECETTES-DEPENSES")) { if ($modecompta == 'CREANCES-DETTES') { - //$column = 's.dateep'; // we use the date of salary - $column = 'p.datep'; + $column = 's.dateep'; // we use the date of end of period of salary + + $sql = "SELECT s.label as nom, date_format(".$column.",'%Y-%m') as dm, sum(s.amount) as amount"; + $sql .= " FROM ".MAIN_DB_PREFIX."salary as s"; + $sql .= " WHERE s.entity IN (".getEntity('salary').")"; + if (!empty($date_start) && !empty($date_end)) { + $sql .= " AND ".$column." >= '".$db->idate($date_start)."' AND ".$column." <= '".$db->idate($date_end)."'"; + } + $sql .= " GROUP BY s.label, dm"; } if ($modecompta == "RECETTES-DEPENSES") { $column = 'p.datep'; + + $sql = "SELECT p.label as nom, date_format(".$column.",'%Y-%m') as dm, sum(p.amount) as amount"; + $sql .= " FROM ".MAIN_DB_PREFIX."payment_salary as p"; + $sql .= " INNER JOIN ".MAIN_DB_PREFIX."salary as s ON p.fk_salary = s.rowid"; + $sql .= " WHERE p.entity IN (".getEntity('payment_salary').")"; + if (!empty($date_start) && !empty($date_end)) { + $sql .= " AND ".$column." >= '".$db->idate($date_start)."' AND ".$column." <= '".$db->idate($date_end)."'"; + } + $sql .= " GROUP BY p.label, dm"; } $subtotal_ht = 0; $subtotal_ttc = 0; - $sql = "SELECT p.label as nom, date_format(".$column.",'%Y-%m') as dm, sum(p.amount) as amount"; - $sql .= " FROM ".MAIN_DB_PREFIX."payment_salary as p, ".MAIN_DB_PREFIX."salary as s"; - $sql .= " WHERE p.fk_salary = s.rowid"; - $sql .= " AND s.entity IN (".getEntity('salary').")"; - if (!empty($date_start) && !empty($date_end)) { - $sql .= " AND ".$column." >= '".$db->idate($date_start)."' AND ".$column." <= '".$db->idate($date_end)."'"; - } - $sql .= " GROUP BY p.label, dm"; dol_syslog("get social salaries payments"); $result = $db->query($sql); diff --git a/htdocs/core/lib/files.lib.php b/htdocs/core/lib/files.lib.php index 60382cc4906..efde963d077 100644 --- a/htdocs/core/lib/files.lib.php +++ b/htdocs/core/lib/files.lib.php @@ -987,7 +987,7 @@ function dol_unescapefile($filename) */ function dolCheckVirus($src_file) { - global $conf; + global $conf, $db; if (!empty($conf->global->MAIN_ANTIVIRUS_COMMAND)) { if (!class_exists('AntiVir')) { @@ -2374,6 +2374,10 @@ function dol_check_secure_access_document($modulepart, $original_file, $entity, $accessallowed = 1; } $original_file = $conf->user->dir_output.'/'.$original_file; + } elseif (($modulepart == 'companylogo') && !empty($conf->mycompany->dir_output)) { + // Wrapping for users logos + $accessallowed = 1; + $original_file = $conf->mycompany->dir_output.'/logos/'.$original_file; } elseif ($modulepart == 'memberphoto' && !empty($conf->adherent->dir_output)) { // Wrapping for members photos $accessallowed = 0; diff --git a/htdocs/core/lib/pdf.lib.php b/htdocs/core/lib/pdf.lib.php index a0c6bcfd054..ea8c6c2ce23 100644 --- a/htdocs/core/lib/pdf.lib.php +++ b/htdocs/core/lib/pdf.lib.php @@ -1393,7 +1393,7 @@ function pdf_getlinedesc($object, $i, $outputlangs, $hideref = 0, $hidedesc = 0, $note = $prodser->multilangs[$outputlangs->defaultlang]["other"]; } } - } elseif ($object->element == 'facture' || $object->element == 'facturefourn') { + } elseif (($object->element == 'facture' || $object->element == 'facturefourn') && preg_match('/^\(DEPOSIT\).+/', $desc)) { // We must not replace '(DEPOSIT)' when it is alone, it will be translated and detailed later $desc = str_replace('(DEPOSIT)', $outputlangs->trans('Deposit'), $desc); } diff --git a/htdocs/holiday/card.php b/htdocs/holiday/card.php index 6ea0ec3b83c..d8643c0783b 100644 --- a/htdocs/holiday/card.php +++ b/htdocs/holiday/card.php @@ -112,7 +112,7 @@ if ($object->statut == Holiday::STATUS_DRAFT && $user->rights->holiday->write && if ($user->socid) { $socid = $user->socid; } -$result = restrictedArea($user, 'holiday', $object->id, 'holiday'); +$result = restrictedArea($user, 'holiday', $object->id, 'holiday', '', '', 'rowid', $object->statut); /* @@ -1414,7 +1414,7 @@ if ((empty($id) && empty($ref)) || $action == 'create' || $action == 'add') { // Confirmation messages if ($action == 'delete') { - if ($user->rights->holiday->delete) { + if ($candelete) { print $form->formconfirm($_SERVER["PHP_SELF"]."?id=".$object->id, $langs->trans("TitleDeleteCP"), $langs->trans("ConfirmDeleteCP"), "confirm_delete", '', 0, 1); } } diff --git a/htdocs/projet/tasks/document.php b/htdocs/projet/tasks/document.php index 155cb261040..c57610d0130 100644 --- a/htdocs/projet/tasks/document.php +++ b/htdocs/projet/tasks/document.php @@ -74,7 +74,7 @@ $socid = 0; restrictedArea($user, 'projet', $object->fk_project, 'projet&project'); -$permissiontoadd = $$user->rights->mrp->write; // Used by the include of actions_addupdatedelete.inc.php and actions_linkedfiles.inc.php +$permissiontoadd = $user->rights->projet->creer; // Used by the include of actions_addupdatedelete.inc.php and actions_linkedfiles.inc.php /* diff --git a/htdocs/projet/tasks/time.php b/htdocs/projet/tasks/time.php index 3890b2a9990..ef8ac6aa9df 100644 --- a/htdocs/projet/tasks/time.php +++ b/htdocs/projet/tasks/time.php @@ -659,9 +659,10 @@ if ($action == 'confirm_generateinter') { if (!$error) { $arrayoftasks = array(); foreach ($toselect as $key => $value) { - // Get userid, timepent + // Get userid, timespent $object->fetchTimeSpent($value); // $object->id is the task id + $arrayoftasks[$object->timespent_id]['id'] = $object->id; $arrayoftasks[$object->timespent_id]['timespent'] = $object->timespent_duration; $arrayoftasks[$object->timespent_id]['totalvaluetodivideby3600'] = $object->timespent_duration * $object->timespent_thm; $arrayoftasks[$object->timespent_id]['note'] = $object->timespent_note; @@ -670,7 +671,7 @@ if ($action == 'confirm_generateinter') { foreach ($arrayoftasks as $timespent_id => $value) { $ftask = new Task($db); - $ftask->fetch($object->id); + $ftask->fetch($value['id']); // Define qty per hour $qtyhour = $value['timespent'] / 3600; $qtyhourtext = convertSecondToTime($value['timespent'], 'all', $conf->global->MAIN_DURATION_OF_WORKDAY); diff --git a/htdocs/societe/admin/societe.php b/htdocs/societe/admin/societe.php index 236551c1c2e..55161f42e09 100644 --- a/htdocs/societe/admin/societe.php +++ b/htdocs/societe/admin/societe.php @@ -626,7 +626,7 @@ foreach ($dirsociete as $dirroot) { // Preview print ''; if ($module->type == 'pdf') { - $linkspec = ''.img_object($langs->trans("Preview"), 'bill').''; + $linkspec = ''.img_object($langs->trans("Preview"), 'pdf').''; } else { $linkspec = img_object($langs->trans("PreviewNotAvailable"), 'generic'); }