From 6080e5335f91e427ba7b7b0179efa77964fbff00 Mon Sep 17 00:00:00 2001
From: Laurent Destailleur <eldy@destailleur.fr>
Date: Thu, 5 Nov 2020 12:56:20 +0100
Subject: [PATCH 1/7] Minor fix

---
 htdocs/langs/en_US/suppliers.lang |  1 +
 htdocs/product/fournisseurs.php   | 10 +++-------
 2 files changed, 4 insertions(+), 7 deletions(-)

diff --git a/htdocs/langs/en_US/suppliers.lang b/htdocs/langs/en_US/suppliers.lang
index 51562b8bb7a..03b03c75269 100644
--- a/htdocs/langs/en_US/suppliers.lang
+++ b/htdocs/langs/en_US/suppliers.lang
@@ -38,6 +38,7 @@ MenuOrdersSupplierToBill=Purchase orders to invoice
 NbDaysToDelivery=Delivery delay (days)
 DescNbDaysToDelivery=The longest delivery delay of the products from this order
 SupplierReputation=Vendor reputation
+ReferenceReputation=Reference reputation
 DoNotOrderThisProductToThisSupplier=Do not order
 NotTheGoodQualitySupplier=Low quality
 ReputationForThisProduct=Reputation
diff --git a/htdocs/product/fournisseurs.php b/htdocs/product/fournisseurs.php
index 9140de09513..3e43937e697 100644
--- a/htdocs/product/fournisseurs.php
+++ b/htdocs/product/fournisseurs.php
@@ -623,12 +623,8 @@ if ($id > 0 || $ref)
                     $currencycodetouse = GETPOST('multicurrency_code') ?GETPOST('multicurrency_code') : (isset($object->fourn_multicurrency_code) ? $object->fourn_multicurrency_code : '');
                     if (empty($currencycodetouse) && $object->fourn_multicurrency_tx == 1) $currencycodetouse = $conf->currency;
                     print $form->selectMultiCurrency($currencycodetouse, "multicurrency_code", 1);
-                    print '</td>';
-                    print '</tr>';
-
-                    // Currency tx
-                    print '<tr><td class="fieldrequired">'.$langs->trans("CurrencyRate").'</td>';
-                    print '<td><input class="flat" name="multicurrency_tx" size="4" value="'.vatrate(GETPOST('multicurrency_tx') ?GETPOST('multicurrency_tx') : (isset($object->fourn_multicurrency_tx) ? $object->fourn_multicurrency_tx : '')).'">';
+                    print ' &nbsp; '.$langs->trans("CurrencyRate").' ';
+                    print '<input class="flat" name="multicurrency_tx" size="4" value="'.vatrate(GETPOST('multicurrency_tx') ?GETPOST('multicurrency_tx') : (isset($object->fourn_multicurrency_tx) ? $object->fourn_multicurrency_tx : '')).'">';
                     print '</td>';
                     print '</tr>';
 
@@ -725,7 +721,7 @@ SCRIPT;
 				print '</tr>';
 
 				// Reputation
-				print '<tr><td>'.$langs->trans("SupplierReputation").'</td><td>';
+				print '<tr><td>'.$langs->trans("ReferenceReputation").'</td><td>';
 				echo $form->selectarray('supplier_reputation', $object->reputations, $supplier_reputation ? $supplier_reputation : $object->supplier_reputation);
 				print '</td></tr>';
 

From 4689d42afd4172da0fa6198320c8715f9ac48de3 Mon Sep 17 00:00:00 2001
From: Laurent Destailleur <eldy@destailleur.fr>
Date: Thu, 5 Nov 2020 14:10:46 +0100
Subject: [PATCH 2/7] FIX #15303

---
 htdocs/fourn/product/list.php | 31 ++++++++++++++++---------------
 1 file changed, 16 insertions(+), 15 deletions(-)

diff --git a/htdocs/fourn/product/list.php b/htdocs/fourn/product/list.php
index 5e83ae93923..3f3703166e9 100644
--- a/htdocs/fourn/product/list.php
+++ b/htdocs/fourn/product/list.php
@@ -35,10 +35,10 @@ $langs->loadLangs(array("products", "suppliers"));
 
 if (!$user->rights->produit->lire && !$user->rights->service->lire) accessforbidden();
 
-$sref = GETPOST('sref');
+$sref = GETPOST('sref', 'alphanohtml');
 $sRefSupplier = GETPOST('srefsupplier');
-$snom = GETPOST('snom');
-$type = GETPOST('type');
+$snom = GETPOST('snom', 'alphanohtml');
+$type = GETPOST('type', 'alphanohtml');
 $optioncss = GETPOST('optioncss', 'alpha');
 
 // Load variable for pagination
@@ -127,7 +127,7 @@ if (in_array($massaction, array('presend', 'predelete'))) $arrayofmassactions =
 $massactionbutton = $form->selectMassAction('', $arrayofmassactions);
 
 
-$sql = "SELECT p.rowid, p.label, p.ref, p.fk_product_type, p.entity,";
+$sql = "SELECT p.rowid, p.label, p.ref, p.fk_product_type, p.entity, p.tosell, p.tobuy, p.barcode, p.fk_barcode_type,";
 $sql .= " ppf.fk_soc, ppf.ref_fourn, ppf.price as price, ppf.quantity as qty, ppf.unitprice,";
 $sql .= " s.rowid as socid, s.nom as name";
 // Add fields to SELECT from hooks
@@ -208,12 +208,10 @@ if ($resql)
 
 	llxHeader("", "", $texte);
 
-
-	$param = "&tobuy=".$tobuy."&sref=".$sref."&snom=".$snom."&fourn_id=".$fourn_id.(isset($type) ? "&amp;type=".$type : "").(empty($sRefSupplier) ? "" : "&amp;srefsupplier=".$sRefSupplier);
+	$param = "&sref=".$sref."&snom=".$snom."&fourn_id=".$fourn_id.(isset($type) ? "&amp;type=".$type : "").(empty($sRefSupplier) ? "" : "&amp;srefsupplier=".$sRefSupplier);
 	if ($optioncss != '') $param .= '&optioncss='.$optioncss;
 	print_barre_liste($texte, $page, $_SERVER["PHP_SELF"], $param, $sortfield, $sortorder, '', $num, $nbtotalofrecords);
 
-
 	if (!empty($catid))
 	{
 		print "<div id='ways'>";
@@ -243,13 +241,13 @@ if ($resql)
 	// Fields title search
 	print '<tr class="liste_titre">';
 	print '<td class="liste_titre">';
-	print '<input class="flat" type="text" name="sref" value="'.$sref.'" size="12">';
+	print '<input class="flat maxwidth100" type="text" name="sref" value="'.$sref.'">';
 	print '</td>';
 	print '<td class="liste_titre">';
-	print '<input class="flat" type="text" name="srefsupplier" value="'.$sRefSupplier.'" size="12">';
+	print '<input class="flat maxwidth100" type="text" name="srefsupplier" value="'.$sRefSupplier.'">';
 	print '</td>';
 	print '<td class="liste_titre">';
-	print '<input class="flat" type="text" name="snom" value="'.$snom.'">';
+	print '<input class="flat maxwidth100" type="text" name="snom" value="'.$snom.'">';
 	print '</td>';
 	print '<td></td>';
 	print '<td></td>';
@@ -283,19 +281,22 @@ if ($resql)
 	print_liste_field_titre('', $_SERVER["PHP_SELF"]);
 	print "</tr>\n";
 
-	$oldid = '';
-
 	while ($i < min($num, $limit))
 	{
 		$objp = $db->fetch_object($resql);
 
-		print '<tr class="oddeven">';
-
-		print '<td>';
 		$productstatic->id = $objp->rowid;
 		$productstatic->ref = $objp->ref;
 		$productstatic->type = $objp->fk_product_type;
 		$productstatic->entity = $objp->entity;
+		$productstatic->status = $objp->tosell;
+		$productstatic->status_buy = $objp->tobuy;
+		$productstatic->barcode = $objp->barcode;
+		$productstatic->barcode_type = $objp->fk_barcode_type;
+
+		print '<tr class="oddeven">';
+
+		print '<td>';
 		print $productstatic->getNomUrl(1, 'supplier');
 		print '</td>';
 

From 047785b273a06a996aa6febf79fccd3b672563af Mon Sep 17 00:00:00 2001
From: atm-lena <lena@atm-consulting.fr>
Date: Fri, 6 Nov 2020 11:58:36 +0100
Subject: [PATCH 3/7] FIX - Don't display inactive users in birthday box and
 soc card

---
 htdocs/core/boxes/box_birthdays.php | 3 ++-
 htdocs/societe/card.php             | 2 +-
 2 files changed, 3 insertions(+), 2 deletions(-)

diff --git a/htdocs/core/boxes/box_birthdays.php b/htdocs/core/boxes/box_birthdays.php
index 2df1f0d331e..4f7eb6890b4 100644
--- a/htdocs/core/boxes/box_birthdays.php
+++ b/htdocs/core/boxes/box_birthdays.php
@@ -89,7 +89,8 @@ class box_birthdays extends ModeleBoxes
 			$sql = "SELECT u.rowid, u.firstname, u.lastname, u.birth";
 			$sql.= " FROM ".MAIN_DB_PREFIX."user as u";
 			$sql.= " WHERE u.entity IN (".getEntity('user').")";
-			$sql.= dolSqlDateFilter('u.birth', 0, $tmparray['mon'], 0);
+            $sql.= " AND u.statut = 1";
+            $sql.= dolSqlDateFilter('u.birth', 0, $tmparray['mon'], 0);
 			$sql.= " ORDER BY u.birth ASC";
 			$sql.= $this->db->plimit($max, 0);
 
diff --git a/htdocs/societe/card.php b/htdocs/societe/card.php
index ee252677bf2..f6abc142054 100644
--- a/htdocs/societe/card.php
+++ b/htdocs/societe/card.php
@@ -1570,7 +1570,7 @@ else
 		print '<tr>';
 		print '<td>'.$form->editfieldkey('AllocateCommercial', 'commercial_id', '', $object, 0).'</td>';
 		print '<td colspan="3" class="maxwidthonsmartphone">';
-		$userlist = $form->select_dolusers('', '', 0, null, 0, '', '', 0, 0, 0, '', 0, '', '', 0, 1);
+		$userlist = $form->select_dolusers('', '', 0, null, 0, '', '', 0, 0, 0, 'AND u.statut = 1', 0, '', '', 0, 1);
 		// Note: If user has no right to "see all thirdparties", we force selection of sale representative to him, so after creation he can see the record.
 		$selected = (count(GETPOST('commercial', 'array')) > 0 ? GETPOST('commercial', 'array') : (GETPOST('commercial', 'int') > 0 ? array(GETPOST('commercial', 'int')) : (empty($user->rights->societe->client->voir) ? array($user->id) : array())));
 		print $form->multiselectarray('commercial', $userlist, $selected, null, null, null, null, "90%");

From 2f11f4e104b881c7e58e5bc6de6b015edace9d3e Mon Sep 17 00:00:00 2001
From: Got2be <gauthier.verdol@atm-consulting.fr>
Date: Mon, 9 Nov 2020 11:22:07 +0100
Subject: [PATCH 4/7] FIX : disabled users must not be available in sales
 representative list on societe edit mode

---
 htdocs/societe/card.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/htdocs/societe/card.php b/htdocs/societe/card.php
index f6abc142054..022727f7003 100644
--- a/htdocs/societe/card.php
+++ b/htdocs/societe/card.php
@@ -2252,7 +2252,7 @@ else
             print '<tr>';
             print '<td>'.$form->editfieldkey('AllocateCommercial', 'commercial_id', '', $object, 0).'</td>';
             print '<td colspan="3" class="maxwidthonsmartphone">';
-            $userlist = $form->select_dolusers('', '', 0, null, 0, '', '', 0, 0, 0, '', 0, '', '', 0, 1);
+            $userlist = $form->select_dolusers('', '', 0, null, 0, '', '', 0, 0, 0, 'AND u.statut = 1', 0, '', '', 0, 1);
             $arrayselected = GETPOST('commercial', 'array');
             if (empty($arrayselected)) $arrayselected = $object->getSalesRepresentatives($user, 1);
             print $form->multiselectarray('commercial', $userlist, $arrayselected, null, null, null, null, "90%");

From 617c93057484554faa131ca32eca9f303a006961 Mon Sep 17 00:00:00 2001
From: Alexandre SPANGARO <aspangaro.dolibarr@gmail.com>
Date: Mon, 9 Nov 2020 14:13:09 +0100
Subject: [PATCH 5/7] FIX: Accountancy - Some ajustments on length of the
 account (general & auxiliary)

---
 htdocs/accountancy/class/accountancyexport.class.php | 2 +-
 htdocs/accountancy/journal/bankjournal.php           | 8 ++++----
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/htdocs/accountancy/class/accountancyexport.class.php b/htdocs/accountancy/class/accountancyexport.class.php
index b3a4430db36..11486bf76c9 100644
--- a/htdocs/accountancy/class/accountancyexport.class.php
+++ b/htdocs/accountancy/class/accountancyexport.class.php
@@ -351,7 +351,7 @@ class AccountancyExport
 			print price($line->debit) . $separator;
 			print price($line->credit) . $separator;
 			print 'E' . $separator;
-			print length_accountg($line->subledger_account) . $separator;
+			print length_accounta($line->subledger_account) . $separator;
 			print $end_line;
 		}
 	}
diff --git a/htdocs/accountancy/journal/bankjournal.php b/htdocs/accountancy/journal/bankjournal.php
index 070e58f5c0d..c69806862c6 100644
--- a/htdocs/accountancy/journal/bankjournal.php
+++ b/htdocs/accountancy/journal/bankjournal.php
@@ -866,7 +866,7 @@ if ($action == 'exportcsv') {		// ISO and not UTF8 !
 				print '"' . $date . '"' . $sep;
 				print '"' . $val["type_payment"] . '"' . $sep;
 				print '"' . length_accountg(html_entity_decode($k)) . '"' . $sep;
-				print '"' . length_accountg(html_entity_decode($k)) . '"' . $sep;
+				print '"' . length_accounta(html_entity_decode($k)) . '"' . $sep;
 				print "  " . $sep;
 				print '"' . $reflabel . '"' . $sep;
 				print '"' . ($mt >= 0 ? price($mt) : '') . '"' . $sep;
@@ -896,7 +896,7 @@ if ($action == 'exportcsv') {		// ISO and not UTF8 !
 					print '"' . $key . '"' . $sep;
 					print '"' . $date . '"' . $sep;
 					print '"' . $val["type_payment"] . '"' . $sep;
-					print '"' . length_accounta(html_entity_decode($k)) . '"' . $sep;
+					print '"' . length_accountg(html_entity_decode($k)) . '"' . $sep;
 					if ($tabtype[$key] == 'payment_supplier') {
 						print '"' . $conf->global->ACCOUNTING_ACCOUNT_SUPPLIER . '"' . $sep;
 					} elseif($tabtype[$key] == 'payment') {
@@ -906,7 +906,7 @@ if ($action == 'exportcsv') {		// ISO and not UTF8 !
 					} elseif($tabtype[$key] == 'payment_salary') {
 						print '"' . $conf->global->SALARIES_ACCOUNTING_ACCOUNT_PAYMENT . '"' . $sep;
 					} else {
-						print '"' . length_accounta(html_entity_decode($k)) . '"' . $sep;
+						print '"' . length_accountg(html_entity_decode($k)) . '"' . $sep;
 					}
 					print '"' . length_accounta(html_entity_decode($k)) . '"' . $sep;
 					print '"' . $reflabel . '"' . $sep;
@@ -929,7 +929,7 @@ if ($action == 'exportcsv') {		// ISO and not UTF8 !
 					print '"' . $date . '"' . $sep;
 					print '"' . $val["type_payment"] . '"' . $sep;
 					print '"' . length_accountg($conf->global->ACCOUNTING_ACCOUNT_SUSPENSE) . '"' . $sep;
-					print '"' . length_accountg($conf->global->ACCOUNTING_ACCOUNT_SUSPENSE) . '"' . $sep;
+					print '"' . length_accounta($conf->global->ACCOUNTING_ACCOUNT_SUSPENSE) . '"' . $sep;
 					print "" . $sep;
 					print '"' . $reflabel . '"' . $sep;
 					print '"' . ($mt < 0 ? price(- $mt) : '') . '"' . $sep;

From 0a078da8e47f096f098d1c7d7f08bf22a846fd8d Mon Sep 17 00:00:00 2001
From: Alexandre SPANGARO <aspangaro.dolibarr@gmail.com>
Date: Mon, 9 Nov 2020 14:59:29 +0100
Subject: [PATCH 6/7] FIX: Accountancy - Some ajustments on length of the
 account

---
 htdocs/accountancy/journal/bankjournal.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/htdocs/accountancy/journal/bankjournal.php b/htdocs/accountancy/journal/bankjournal.php
index c69806862c6..081104ce7a1 100644
--- a/htdocs/accountancy/journal/bankjournal.php
+++ b/htdocs/accountancy/journal/bankjournal.php
@@ -1133,7 +1133,7 @@ if (empty($action) || $action == 'view') {
 					if ($tabtype[$key] == 'payment_vat')			$account_ledger = $conf->global->ACCOUNTING_VAT_PAY_ACCOUNT;
 					if ($tabtype[$key] == 'member')					$account_ledger = $conf->global->ADHERENT_SUBSCRIPTION_ACCOUNTINGACCOUNT;
 					if ($tabtype[$key] == 'payment_various')	    $account_ledger = $tabpay[$key]["account_various"];
-					$accounttoshow = length_accounta($account_ledger);
+					$accounttoshow = length_accountg($account_ledger);
 					if (empty($accounttoshow) || $accounttoshow == 'NotDefined')
 					{
 						if ($tabtype[$key] == 'unknown')

From bf27c56fa7f0b2c12311ec50286487192971da10 Mon Sep 17 00:00:00 2001
From: Florian Mortgat <florian.mortgat@atm-consulting.fr>
Date: Mon, 9 Nov 2020 17:09:06 +0100
Subject: [PATCH 7/7] Following PR#15336: it should not be possible to modify
 the third party of an invoice

---
 htdocs/compta/facture/card.php | 9 ---------
 1 file changed, 9 deletions(-)

diff --git a/htdocs/compta/facture/card.php b/htdocs/compta/facture/card.php
index 93ce8bc0f5f..34a051508f8 100644
--- a/htdocs/compta/facture/card.php
+++ b/htdocs/compta/facture/card.php
@@ -345,15 +345,6 @@ if (empty($reshook))
 		}
 	}
 
-	elseif ($action == 'set_thirdparty' && $usercancreate)
-	{
-		$object->fetch($id);
-		$object->setValueFrom('fk_soc', $socid, '', null, 'int', '', $user, 'BILL_MODIFY');
-
-		header('Location: '.$_SERVER["PHP_SELF"].'?facid='.$id);
-		exit();
-	}
-
 	elseif ($action == 'classin' && $usercancreate)
 	{
 		$object->fetch($id);