From 5e2b034031f87de817ce1339ea7e766003909a15 Mon Sep 17 00:00:00 2001 From: simnandez Date: Wed, 2 May 2012 18:10:25 +0200 Subject: [PATCH 1/4] Trad: Add missing trans --- htdocs/langs/ca_ES/orders.lang | 9 ++++++++- htdocs/langs/es_ES/orders.lang | 8 +++++++- 2 files changed, 15 insertions(+), 2 deletions(-) diff --git a/htdocs/langs/ca_ES/orders.lang b/htdocs/langs/ca_ES/orders.lang index 8f0a392f6c8..52b2ebcffab 100644 --- a/htdocs/langs/ca_ES/orders.lang +++ b/htdocs/langs/ca_ES/orders.lang @@ -3,6 +3,7 @@ CHARSET=UTF-8 OrdersArea=Àrea comandes de clients SuppliersOrdersArea=Àrea comandes a proveïdors OrderCard=Fitxa comanda +OrderId=Id comanda Order=Comanda Orders=Comandes OrderLine=Línia de comanda @@ -29,6 +30,7 @@ StatusOrderDraftShort=Esborrany StatusOrderValidatedShort=Validada StatusOrderOnProcessShort=Per rebre StatusOrderSentShort=Expedició en curs +StatusOrderSent=Enviament en curs StatusOrderProcessedShort=Processada StatusOrderToBillShort=A facturar StatusOrderApprovedShort=Aprovada @@ -108,6 +110,7 @@ PaymentOrderRef=Pagament comanda %s CloneOrder=Clonar comanda ConfirmCloneOrder=Esteu segur de voler clonar aquesta comanda %s? DispatchSupplierOrder=Recepció de la comanda a proveïdor %s +DateDeliveryPlanned=Data prevista de lliurament ##### Types de contacts ##### TypeContact_commande_internal_SALESREPFOLL=Responsable seguiment comanda client TypeContact_commande_internal_SHIPPING=Responsable enviament comanda client @@ -119,10 +122,12 @@ TypeContact_order_supplier_internal_SHIPPING=Responsable recepció comanda a pro TypeContact_order_supplier_external_BILLING=Contacte proveïdor facturació comanda TypeContact_order_supplier_external_SHIPPING=Contacte proveïdor lliurament comanda TypeContact_order_supplier_external_CUSTOMER=Contacte proveïdor seguiment comanda + Error_COMMANDE_SUPPLIER_ADDON_NotDefined=Constant COMMANDE_SUPPLIER_ADDON no definida Error_COMMANDE_ADDON_NotDefined=Constant COMMANDE_ADDON no definida Error_FailedToLoad_COMMANDE_SUPPLIER_ADDON_File=Error en la càrrega de l'arxiu mòdul '%s' Error_FailedToLoad_COMMANDE_ADDON_File=Error en la càrrega de l'arxiu mòdul '%s' + # Sources OrderSource0=Pressupost OrderSource1=Internet @@ -134,12 +139,14 @@ OrderSource6=Revistes QtyOrdered=Qt. demanda AddDeliveryCostLine=Afegir una línia de despeses de ports indicant el pes de la comanda SetDemandReason=Indicar origen de la comanda + # Document models PDFEinsteinDescription=Model de comanda complet (logo...) PDFEdisonDescription=Model de comanda simple + # Orders modes OrderByMail=Correu OrderByFax=Fax OrderByEMail=E-Mail OrderByWWW=En línia -OrderByPhone=Telèfon +OrderByPhone=Telèfon \ No newline at end of file diff --git a/htdocs/langs/es_ES/orders.lang b/htdocs/langs/es_ES/orders.lang index 2cc068560d2..7d1638d6e8a 100644 --- a/htdocs/langs/es_ES/orders.lang +++ b/htdocs/langs/es_ES/orders.lang @@ -3,6 +3,7 @@ CHARSET=UTF-8 OrdersArea=Área pedidos de clientes SuppliersOrdersArea=Área pedidos a proveedores OrderCard=Ficha pedido +OrderId=Id pedido Order=Pedido Orders=Pedidos OrderLine=Línea de pedido @@ -29,6 +30,7 @@ StatusOrderDraftShort=Borrador StatusOrderValidatedShort=Validado StatusOrderOnProcessShort=Pdte. Recibir StatusOrderSentShort=Expedición en curso +StatusOrderSent=Envío en curso StatusOrderProcessedShort=Procesado StatusOrderToBillShort=A facturar StatusOrderApprovedShort=Aprobado @@ -108,6 +110,7 @@ PaymentOrderRef=Pago pedido %s CloneOrder=Clonar pedido ConfirmCloneOrder=¿Está seguro de querer clonar este pedido %s? DispatchSupplierOrder=Recepción del pedido a proveedor %s +DateDeliveryPlanned=Fecha prevista de entrega ##### Types de contacts ##### TypeContact_commande_internal_SALESREPFOLL=Responsable seguimiento pedido cliente TypeContact_commande_internal_SHIPPING=Responsable envío pedido cliente @@ -119,10 +122,12 @@ TypeContact_order_supplier_internal_SHIPPING=Responsable recepción pedido a pro TypeContact_order_supplier_external_BILLING=Contacto proveedor facturación pedido TypeContact_order_supplier_external_SHIPPING=Contacto proveedor entrega pedido TypeContact_order_supplier_external_CUSTOMER=Contacto proveedor seguimiento pedido + Error_COMMANDE_SUPPLIER_ADDON_NotDefined=Constante COMMANDE_SUPPLIER_ADDON no definida Error_COMMANDE_ADDON_NotDefined=Constante COMMANDE_ADDON no definida Error_FailedToLoad_COMMANDE_SUPPLIER_ADDON_File=Error en la carga del archivo módulo '%s' Error_FailedToLoad_COMMANDE_ADDON_File=Error en la carga del archivo módulo '%s' + # Sources OrderSource0=Presupuesto OrderSource1=Internet @@ -134,6 +139,7 @@ OrderSource6=Revistas QtyOrdered=Cant. pedida AddDeliveryCostLine=Añadir una línea de gastos de portes indicando el peso del pedido SetDemandReason=Indicar origen del pedido + # Document models PDFEinsteinDescription=Modelo de pedido completo (logo...) PDFEdisonDescription=Modelo de pedido simple @@ -142,4 +148,4 @@ OrderByMail=Correo OrderByFax=Fax OrderByEMail=E-Mail OrderByWWW=En línea -OrderByPhone=Teléfono +OrderByPhone=Teléfono \ No newline at end of file From c4d17076f65d3a09388036f27628ac8a21de42f2 Mon Sep 17 00:00:00 2001 From: simnandez Date: Wed, 2 May 2012 18:17:21 +0200 Subject: [PATCH 2/4] Trad: add missing translations --- htdocs/langs/ca_ES/ecm.lang | 1 + htdocs/langs/es_ES/ecm.lang | 1 + 2 files changed, 2 insertions(+) diff --git a/htdocs/langs/ca_ES/ecm.lang b/htdocs/langs/ca_ES/ecm.lang index 773759cf1f9..55df2e125c1 100644 --- a/htdocs/langs/ca_ES/ecm.lang +++ b/htdocs/langs/ca_ES/ecm.lang @@ -36,6 +36,7 @@ ECMSearchByEntity=Cercar per objecte ECMSectionOfDocuments=Carpetes de documents ECMTypeManual=Manual ECMTypeAuto=Automàtic +ECMDocsBySocialContributions=Documents asociats a càrreges socials ECMDocsByThirdParties=Documents associats a tercers ECMDocsByProposals=Documents associats a pressupostos ECMDocsByOrders=Documents associats a comandes diff --git a/htdocs/langs/es_ES/ecm.lang b/htdocs/langs/es_ES/ecm.lang index af2beaa143d..2a15ce63dd8 100644 --- a/htdocs/langs/es_ES/ecm.lang +++ b/htdocs/langs/es_ES/ecm.lang @@ -36,6 +36,7 @@ ECMSearchByEntity=Buscar por objeto ECMSectionOfDocuments=Directorios de documentos ECMTypeManual=Manual ECMTypeAuto=Automático +ECMDocsBySocialContributions=Documentos asociados a cargas sociales ECMDocsByThirdParties=Documentos asociados a terceros ECMDocsByProposals=Documentos asociados a presupuestos ECMDocsByOrders=Documentos asociados a pedidos From 3b2159b34d037686b492acbde292c311662db7c1 Mon Sep 17 00:00:00 2001 From: Regis Houssin Date: Thu, 3 May 2012 11:31:42 +0200 Subject: [PATCH 3/4] Fix: changelog --- ChangeLog | 16 +++++++++++++++- 1 file changed, 15 insertions(+), 1 deletion(-) diff --git a/ChangeLog b/ChangeLog index ba3a70749fc..1cd73ce4178 100644 --- a/ChangeLog +++ b/ChangeLog @@ -15,7 +15,7 @@ For developers: - Can add a link on title field of added dictionnary. -***** ChangeLog for 3.2 compared to 3.1 ***** +***** ChangeLog for 3.2.0 compared to 3.1.2 ***** WARNING: PHP lower than 5.x are no more supported. WARNING: Because of a major datastructure change onto supplier prices tables, be aware to make a backup of your database before making upgrade. @@ -109,6 +109,20 @@ For developers: WARNING: To reduce technic debt, all functions dolibarr_xxx were renamed int dol_xxx. + +***** ChangeLog for 3.1.2 compared to 3.1.1 ***** + +- Fix: Can clone a proposal +- Fix: Add member ID in substitution method +- Fix: Duplicate end tag and missing form parts +- Fix: Support companies with no prof id. +- Fix: Sanitize data +- Fix: Bug #318 +- Fix: Bug #369 +- Fix: More bugs + + + ***** ChangeLog for 3.1.1 compared to 3.1.0 ***** - New: Add option FACTURE_DEPOSITS_ARE_JUST_PAYMENTS. With this option added, From 1b350fafd1f923b2c22acbddc9aa290ad93adaca Mon Sep 17 00:00:00 2001 From: Regis Houssin Date: Thu, 3 May 2012 18:40:52 +0200 Subject: [PATCH 4/4] Fix: missing entity field in contract Fix: multicompany compatibility --- htdocs/compta/facture/fiche-rec.php | 15 +++++++-------- htdocs/contrat/class/contrat.class.php | 11 ++++++++--- htdocs/contrat/index.php | 20 ++++++++++---------- htdocs/core/lib/security.lib.php | 7 +++++++ htdocs/projet/class/project.class.php | 12 +++++++----- htdocs/projet/fiche.php | 2 +- 6 files changed, 40 insertions(+), 27 deletions(-) diff --git a/htdocs/compta/facture/fiche-rec.php b/htdocs/compta/facture/fiche-rec.php index 2960624597a..56ffc93ccaf 100644 --- a/htdocs/compta/facture/fiche-rec.php +++ b/htdocs/compta/facture/fiche-rec.php @@ -1,7 +1,7 @@ * Copyright (C) 2004-2010 Laurent Destailleur - * Copyright (C) 2005-2010 Regis Houssin + * Copyright (C) 2005-2012 Regis Houssin * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -58,7 +58,7 @@ $sortfield="f.datef"; // Create predefined invoice -if ($_POST["action"] == 'add') +if ($action == 'add') { $facturerec = new FactureRec($db); $facturerec->titre = $_POST["titre"]; @@ -71,17 +71,16 @@ if ($_POST["action"] == 'add') } else { - $_GET["action"] = "create"; - $_GET["facid"] = $_POST["facid"]; + $action = "create"; $mesg = '
'.$facturerec->error.'
'; } } // Suppression -if ($_REQUEST["action"] == 'delete' && $user->rights->facture->supprimer) +if ($action == 'delete' && $user->rights->facture->supprimer) { $facrec = new FactureRec($db); - $facrec->fetch(GETPOST('facid','int')); + $facrec->fetch($facid); $facrec->delete(); $facid = 0 ; } @@ -99,7 +98,7 @@ $form = new Form($db); /* * Create mode */ -if ($_GET["action"] == 'create') +if ($action == 'create') { print_fiche_titre($langs->trans("CreateRepeatableInvoice")); @@ -108,7 +107,7 @@ if ($_GET["action"] == 'create') $facture = new Facture($db); // Source invoice $product_static=new Product($db); - if ($facture->fetch($_GET["facid"]) > 0) + if ($facture->fetch($facid) > 0) { print '
'; print ''; diff --git a/htdocs/contrat/class/contrat.class.php b/htdocs/contrat/class/contrat.class.php index ff9496898bf..9e38c6eed0d 100644 --- a/htdocs/contrat/class/contrat.class.php +++ b/htdocs/contrat/class/contrat.class.php @@ -324,7 +324,11 @@ class Contrat extends CommonObject $sql.= " fk_commercial_signature, fk_commercial_suivi,"; $sql.= " note as note_private, note_public, extraparams"; $sql.= " FROM ".MAIN_DB_PREFIX."contrat"; - if ($ref) $sql.= " WHERE ref='".$ref."'"; + if ($ref) + { + $sql.= " WHERE ref='".$ref."'"; + $sql.= " AND entity IN (".getEntity('contract').")"; + } else $sql.= " WHERE rowid=".$id; dol_syslog(get_class($this)."::fetch sql=".$sql, LOG_DEBUG); @@ -624,13 +628,14 @@ class Contrat extends CommonObject // Insert contract $sql = "INSERT INTO ".MAIN_DB_PREFIX."contrat (datec, fk_soc, fk_user_author, date_contrat,"; $sql.= " fk_commercial_signature, fk_commercial_suivi, fk_projet,"; - $sql.= " ref)"; + $sql.= " ref, entity)"; $sql.= " VALUES (".$this->db->idate($now).",".$this->socid.",".$user->id; $sql.= ",".$this->db->idate($this->date_contrat); $sql.= ",".($this->commercial_signature_id>0?$this->commercial_signature_id:"NULL"); $sql.= ",".($this->commercial_suivi_id>0?$this->commercial_suivi_id:"NULL"); $sql.= ",".($this->fk_projet>0?$this->fk_projet:"NULL"); - $sql .= ", " . (dol_strlen($this->ref)<=0 ? "null" : "'".$this->ref."'"); + $sql.= ", ".(dol_strlen($this->ref)<=0 ? "null" : "'".$this->ref."'"); + $sql.= ", ".$conf->entity; $sql.= ")"; $resql=$this->db->query($sql); if ($resql) diff --git a/htdocs/contrat/index.php b/htdocs/contrat/index.php index 71146ed1b03..8f7a3f5f63e 100644 --- a/htdocs/contrat/index.php +++ b/htdocs/contrat/index.php @@ -1,7 +1,7 @@ * Copyright (C) 2004-2011 Laurent Destailleur - * Copyright (C) 2005-2009 Regis Houssin + * Copyright (C) 2005-2012 Regis Houssin * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -38,9 +38,9 @@ $statut=isset($_GET["statut"])?$_GET["statut"]:1; // Security check $socid=0; -$contratid = isset($_GET["id"])?$_GET["id"]:''; +$id = GETPOST('id','int'); if ($user->societe_id) $socid=$user->societe_id; -$result = restrictedArea($user, 'contrat',$contratid,''); +$result = restrictedArea($user, 'contrat',$id,''); $staticcompany=new Societe($db); $staticcontrat=new Contrat($db); @@ -104,7 +104,7 @@ $sql.= ", ".MAIN_DB_PREFIX."contratdet as cd, ".MAIN_DB_PREFIX."contrat as c"; if (!$user->rights->societe->client->voir && !$socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql.= " WHERE cd.fk_contrat = c.rowid AND c.fk_soc = s.rowid"; $sql.= " AND (cd.statut != 4 OR (cd.statut = 4 AND (cd.date_fin_validite is null or cd.date_fin_validite >= '".$db->idate($now)."')))"; -$sql.= " AND c.entity = ".$conf->entity; +$sql.= " AND c.entity IN (".getEntity('contract').")"; if ($user->societe_id) $sql.=' AND c.fk_soc = '.$user->societe_id; if (!$user->rights->societe->client->voir && !$socid) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; $sql.= " GROUP BY cd.statut"; @@ -141,7 +141,7 @@ $sql.= ", ".MAIN_DB_PREFIX."contratdet as cd, ".MAIN_DB_PREFIX."contrat as c"; if (!$user->rights->societe->client->voir && !$socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql.= " WHERE cd.fk_contrat = c.rowid AND c.fk_soc = s.rowid"; $sql.= " AND (cd.statut = 4 AND cd.date_fin_validite < '".$db->idate($now)."')"; -$sql.= " AND c.entity = ".$conf->entity; +$sql.= " AND c.entity IN (".getEntity('contract').")"; if ($user->societe_id) $sql.=' AND c.fk_soc = '.$user->societe_id; if (!$user->rights->societe->client->voir && !$socid) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; $sql.= " GROUP BY cd.statut"; @@ -230,7 +230,7 @@ if ($conf->contrat->enabled && $user->rights->contrat->lire) $sql .= " FROM ".MAIN_DB_PREFIX."contrat as c, ".MAIN_DB_PREFIX."societe as s"; if (!$user->rights->societe->client->voir && !$socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql.= " WHERE s.rowid = c.fk_soc"; - $sql.= " AND c.entity = ".$conf->entity; + $sql.= " AND c.entity IN (".getEntity('contract').")"; $sql.= " AND c.statut = 0"; if (!$user->rights->societe->client->voir && !$socid) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; if ($socid) $sql.= " AND s.fk_soc = ".$socid; @@ -301,7 +301,7 @@ if (!$user->rights->societe->client->voir && !$socid) $sql.= " ".MAIN_DB_PREFIX. $sql.= " ".MAIN_DB_PREFIX."contrat as c"; $sql.= " LEFT JOIN ".MAIN_DB_PREFIX."contratdet as cd ON c.rowid = cd.fk_contrat"; $sql.= " WHERE c.fk_soc = s.rowid"; -$sql.= " AND c.entity = ".$conf->entity; +$sql.= " AND c.entity IN (".getEntity('contract').")"; $sql.= " AND c.statut > 0"; if (!$user->rights->societe->client->voir && !$socid) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; if ($socid) $sql.= " AND s.rowid = ".$socid; @@ -373,7 +373,7 @@ $sql.= ", ".MAIN_DB_PREFIX."societe as s"; if (!$user->rights->societe->client->voir && !$socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql.= ", ".MAIN_DB_PREFIX."contratdet as cd"; $sql.= ") LEFT JOIN ".MAIN_DB_PREFIX."product as p ON cd.fk_product = p.rowid"; -$sql.= " WHERE c.entity = ".$conf->entity; +$sql.= " WHERE c.entity IN (".getEntity('contract').")"; $sql.= " AND cd.fk_contrat = c.rowid"; $sql.= " AND c.fk_soc = s.rowid"; if (!$user->rights->societe->client->voir && !$socid) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; @@ -451,7 +451,7 @@ $sql.= ", ".MAIN_DB_PREFIX."societe as s"; if (!$user->rights->societe->client->voir && !$socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql.= ", ".MAIN_DB_PREFIX."contratdet as cd"; $sql.= " ) LEFT JOIN ".MAIN_DB_PREFIX."product as p ON cd.fk_product = p.rowid"; -$sql.= " WHERE c.entity = ".$conf->entity; +$sql.= " WHERE c.entity IN (".getEntity('contract').")"; $sql.= " AND c.statut = 1"; $sql.= " AND cd.statut = 0"; $sql.= " AND cd.fk_contrat = c.rowid"; @@ -530,7 +530,7 @@ $sql.= ", ".MAIN_DB_PREFIX."societe as s"; if (!$user->rights->societe->client->voir && !$socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql.= ", ".MAIN_DB_PREFIX."contratdet as cd"; $sql.= " ) LEFT JOIN ".MAIN_DB_PREFIX."product as p ON cd.fk_product = p.rowid"; -$sql.= " WHERE c.entity = ".$conf->entity; +$sql.= " WHERE c.entity IN (".getEntity('contract').")"; $sql.= " AND c.statut = 1"; $sql.= " AND cd.statut = 4"; $sql.= " AND cd.date_fin_validite < '".$db->idate($now)."'"; diff --git a/htdocs/core/lib/security.lib.php b/htdocs/core/lib/security.lib.php index 561f2e2b88f..75107f05a86 100644 --- a/htdocs/core/lib/security.lib.php +++ b/htdocs/core/lib/security.lib.php @@ -377,6 +377,13 @@ function restrictedArea($user, $features, $objectid=0, $dbtablename='', $feature $tmparray=explode(',',$tmps); if (! in_array($objectid,$tmparray)) accessforbidden(); } + else + { + $sql = "SELECT dbt.".$dbt_select; + $sql.= " FROM ".MAIN_DB_PREFIX.$dbtablename." as dbt"; + $sql.= " WHERE dbt.".$dbt_select." = ".$objectid; + $sql.= " AND dbt.entity IN (".getEntity($sharedelement, 1).")"; + } } else if (! in_array($feature,$nocheck)) // By default we check with link to third party { diff --git a/htdocs/projet/class/project.class.php b/htdocs/projet/class/project.class.php index 58c3ad97ca8..0589bc3a15e 100644 --- a/htdocs/projet/class/project.class.php +++ b/htdocs/projet/class/project.class.php @@ -240,8 +240,12 @@ class Project extends CommonObject $sql = "SELECT rowid, ref, title, description, public, datec"; $sql.= ", tms, dateo, datee, fk_soc, fk_user_creat, fk_statut, note_private, note_public"; $sql.= " FROM " . MAIN_DB_PREFIX . "projet"; - if ($ref) $sql.= " WHERE ref='" . $ref . "'"; - else $sql.= " WHERE rowid=" . $id; + if ($ref) + { + $sql.= " WHERE ref='".$ref."'"; + $sql.= " AND entity IN (".getEntity('project').")"; + } + else $sql.= " WHERE rowid=".$id; dol_syslog(get_class($this)."::fetch sql=" . $sql, LOG_DEBUG); $resql = $this->db->query($sql); @@ -813,8 +817,6 @@ class Project extends CommonObject */ function getProjectsAuthorizedForUser($user, $mode=0, $list=0, $socid=0) { - global $conf; - $projects = array(); $temp = array(); @@ -825,7 +827,7 @@ class Project extends CommonObject $sql.= ", " . MAIN_DB_PREFIX . "element_contact as ec"; $sql.= ", " . MAIN_DB_PREFIX . "c_type_contact as ctc"; } - $sql.= " WHERE p.entity = " . $conf->entity; + $sql.= " WHERE p.entity IN (".getEntity('project').")"; // Internal users must see project he is contact to even if project linked to a third party he can't see. //if ($socid || ! $user->rights->societe->client->voir) $sql.= " AND (p.fk_soc IS NULL OR p.fk_soc = 0 OR p.fk_soc = ".$socid.")"; if ($socid > 0) $sql.= " AND (p.fk_soc IS NULL OR p.fk_soc = 0 OR p.fk_soc = " . $socid . ")"; diff --git a/htdocs/projet/fiche.php b/htdocs/projet/fiche.php index 8b0146a08f1..1c6b0626ad1 100644 --- a/htdocs/projet/fiche.php +++ b/htdocs/projet/fiche.php @@ -1,7 +1,7 @@ * Copyright (C) 2004-2012 Laurent Destailleur - * Copyright (C) 2005-2011 Regis Houssin + * Copyright (C) 2005-2012 Regis Houssin * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by