lainwir3d/dolibarr
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge branch 'develop' into patch-3

Browse Source
This commit is contained in:
Laurent Destailleur 2022-01-23 13:42:05 +01:00 committed by GitHub
commit 51521f2ff9
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
967 changed files with 20100 additions and 17109 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
.travis.yml
View File

@ -57,7 +57,7 @@ jobs:
php: nightly
env: DB=mysql
- stage: PHP Dev
if: type = push AND branch = 14.0
if: type = push AND branch = 15.0
php: nightly
env: DB=mysql
@ -411,6 +411,12 @@ script:
php upgrade.php 13.0.0 14.0.0 ignoredbversion > $TRAVIS_BUILD_DIR/upgrade13001400.log
php upgrade2.php 13.0.0 14.0.0 > $TRAVIS_BUILD_DIR/upgrade13001400-2.log
php step5.php 13.0.0 14.0.0 > $TRAVIS_BUILD_DIR/upgrade13001400-3.log
php upgrade.php 14.0.0 15.0.0 ignoredbversion > $TRAVIS_BUILD_DIR/upgrade14001500.log
php upgrade2.php 14.0.0 15.0.0 > $TRAVIS_BUILD_DIR/upgrade14001500-2.log
php step5.php 14.0.0 15.0.0 > $TRAVIS_BUILD_DIR/upgrade14001500-3.log
php upgrade.php 15.0.0 16.0.0 ignoredbversion > $TRAVIS_BUILD_DIR/upgrade15001600.log
php upgrade2.php 15.0.0 16.0.0 > $TRAVIS_BUILD_DIR/upgrade15001600-2.log
php step5.php 15.0.0 16.0.0 > $TRAVIS_BUILD_DIR/upgrade15001600-3.log
ls -alrt $TRAVIS_BUILD_DIR/
- |

10
ChangeLog
View File

@ -15,7 +15,7 @@ NEW: Add option to disable globaly some notifications emails.
NEW: #18326 Workflow: Close order on shipment closing.
NEW: #18401 Add __NEWREF__ subtitute to get new object reference.
NEW: #18403 Add __URL_SHIPMENT__ substitute to get the URL of a shipment
NEW: #18689 REST API module: add api key generate / modify right.
NEW: #18689 REST API module: add api key generate / modify pemrission.
NEW: #18663 Make "L'Annuaire des Entreprises" the default provider for SIREN verification for French thirdparties.
NEW: #18046 Add tags on ticket/categories
NEW: #18326 Workflow: Close order on shipment closing.
@ -109,6 +109,13 @@ NEW: External backups can be downloaded from the "About info page".
NEW: Add massaction to switch status on sale / on purchase of a product.
Modules
NEW: Stable module Knowledge Management
NEW: Experimental module Event Organization Management
NEW: Experimental module Workstations Management
NEW: Development of module Partnership Management
For developers:
---------------
@ -116,6 +123,7 @@ NEW: Introduce method hasRight
NEW: Can use textarea field into a confirm popup.
NEW: Can use the result_mode of mysqli driver. Save memory for list count
NEW: #18319 REST API - Shipment: Add 'close' action / endpoint / POST method.
NEW: Add API /approve and /makeOrder for purchase orders.
NEW: add action trigger for member excluded
NEW: add option MAIN_IBAN_IS_NEVER_MANDATORY, MAIN_IBAN_NOT_MANDATORY, PROPAL_NOT_BILLABLE, PROPAL_REOPEN_UNSIGNED_ONLY, PROPOSAL_ARE_NOT_BILLABLE, TICKETS_MESSAGE_FORCE_MAIL
NEW: Add code codebar column on serial/lot structure

2
SECURITY.md
View File

@ -67,7 +67,7 @@ Scope is the web application (back office) and the APIs.
* Remote code execution (RCE)
* Local files access and manipulation (LFI, RFI, XXE, SSRF, XSPA)
* Code injections (HTML, JS, SQL, PHP, ...)
* Cross-Site Scripting (XSS), except from setup page of module "External web site" (allowing any content here, editable by admin user only, is accepted on purpose or into module "Web site" when permission to edit website content is allowed).
* Cross-Site Scripting (XSS), except from setup page of module "External web site" (allowing any content here, editable by admin user only, is accepted on purpose) and except into module "Web site" when permission to edit website content is allowed (injecting any data in this case is allowed too).
* Cross-Site Requests Forgery (CSRF) with real security impact (when using GET URLs, CSRF are qualified only for creating, updating or deleting data from pages restricted to admin users)
* Open redirect
* Broken authentication & session management

12
htdocs/adherents/cartes/carte.php
View File

@ -275,7 +275,7 @@ dol_htmloutput_errors($mesg);
print '<br>';
print img_picto('', 'puce').' '.$langs->trans("DocForAllMembersCards", (!empty($conf->global->ADHERENT_CARD_TYPE) ? $conf->global->ADHERENT_CARD_TYPE : $langs->transnoentitiesnoconv("None"))).' ';
print img_picto('', 'card').' '.$langs->trans("DocForAllMembersCards", (!empty($conf->global->ADHERENT_CARD_TYPE) ? $conf->global->ADHERENT_CARD_TYPE : $langs->transnoentitiesnoconv("None"))).' ';
print '<form action="'.$_SERVER["PHP_SELF"].'" method="POST">';
print '<input type="hidden" name="token" value="'.newToken().'">';
print '<input type="hidden" name="foruserid" value="all">';
@ -289,12 +289,12 @@ foreach (array_keys($_Avery_Labels) as $codecards) {
}
asort($arrayoflabels);
print $form->selectarray('modelcard', $arrayoflabels, (GETPOST('modelcard') ? GETPOST('modelcard') : (empty($conf->global->ADHERENT_CARD_TYPE) ? '' : $conf->global->ADHERENT_CARD_TYPE)), 1, 0, 0, '', 0, 0, 0, '', '', 1);
print '<br><input type="submit" class="button" value="'.$langs->trans("BuildDoc").'">';
print '<br><input type="submit" class="button small" value="'.$langs->trans("BuildDoc").'">';
print '</form>';
print '<br><br>';
print img_picto('', 'puce').' '.$langs->trans("DocForOneMemberCards", (!empty($conf->global->ADHERENT_CARD_TYPE) ? $conf->global->ADHERENT_CARD_TYPE : $langs->transnoentitiesnoconv("None"))).' ';
print img_picto('', 'card').' '.$langs->trans("DocForOneMemberCards", (!empty($conf->global->ADHERENT_CARD_TYPE) ? $conf->global->ADHERENT_CARD_TYPE : $langs->transnoentitiesnoconv("None"))).' ';
print '<form action="'.$_SERVER["PHP_SELF"].'" method="POST">';
print '<input type="hidden" name="token" value="'.newToken().'">';
print '<input type="hidden" name="mode" value="cardlogin">';
@ -308,12 +308,12 @@ foreach (array_keys($_Avery_Labels) as $codecards) {
asort($arrayoflabels);
print $form->selectarray('model', $arrayoflabels, (GETPOST('model') ?GETPOST('model') : (empty($conf->global->ADHERENT_CARD_TYPE) ? '' : $conf->global->ADHERENT_CARD_TYPE)), 1, 0, 0, '', 0, 0, 0, '', '', 1);
print '<br>'.$langs->trans("Login").': <input size="10" type="text" name="foruserlogin" value="'.GETPOST('foruserlogin').'">';
print '<br><input type="submit" class="button" value="'.$langs->trans("BuildDoc").'">';
print '<br><input type="submit" class="button small" value="'.$langs->trans("BuildDoc").'">';
print '</form>';
print '<br><br>';
print img_picto('', 'puce').' '.$langs->trans("DocForLabels", (empty($conf->global->ADHERENT_ETIQUETTE_TYPE) ? '' : $conf->global->ADHERENT_ETIQUETTE_TYPE)).' ';
print img_picto('', 'card').' '.$langs->trans("DocForLabels", (empty($conf->global->ADHERENT_ETIQUETTE_TYPE) ? '' : $conf->global->ADHERENT_ETIQUETTE_TYPE)).' ';
print '<form action="'.$_SERVER["PHP_SELF"].'" method="POST">';
print '<input type="hidden" name="token" value="'.newToken().'">';
print '<input type="hidden" name="mode" value="label">';
@ -326,7 +326,7 @@ foreach (array_keys($_Avery_Labels) as $codecards) {
}
asort($arrayoflabels);
print $form->selectarray('modellabel', $arrayoflabels, (GETPOST('modellabel') ? GETPOST('modellabel') : (empty($conf->global->ADHERENT_ETIQUETTE_TYPE) ? '' : $conf->global->ADHERENT_ETIQUETTE_TYPE)), 1, 0, 0, '', 0, 0, 0, '', '', 1);
print '<br><input type="submit" class="button" value="'.$langs->trans("BuildDoc").'">';
print '<br><input type="submit" class="button small" value="'.$langs->trans("BuildDoc").'">';
print '</form>';
// End of page

21
htdocs/adherents/partnership.php
View File

@ -22,27 +22,6 @@
* \brief Page to create/edit/view partnership
*/
//if (! defined('NOREQUIREDB')) define('NOREQUIREDB', '1'); // Do not create database handler $db
//if (! defined('NOREQUIREUSER')) define('NOREQUIREUSER', '1'); // Do not load object $user
//if (! defined('NOREQUIRESOC')) define('NOREQUIRESOC', '1'); // Do not load object $mysoc
//if (! defined('NOREQUIRETRAN')) define('NOREQUIRETRAN', '1'); // Do not load object $langs
//if (! defined('NOSCANGETFORINJECTION')) define('NOSCANGETFORINJECTION', '1'); // Do not check injection attack on GET parameters
//if (! defined('NOSCANPOSTFORINJECTION')) define('NOSCANPOSTFORINJECTION', '1'); // Do not check injection attack on POST parameters
//if (! defined('NOCSRFCHECK')) define('NOCSRFCHECK', '1'); // Do not check CSRF attack (test on referer + on token if option MAIN_SECURITY_CSRF_WITH_TOKEN is on).
//if (! defined('NOTOKENRENEWAL')) define('NOTOKENRENEWAL', '1'); // Do not roll the Anti CSRF token (used if MAIN_SECURITY_CSRF_WITH_TOKEN is on)
//if (! defined('NOSTYLECHECK')) define('NOSTYLECHECK', '1'); // Do not check style html tag into posted data
//if (! defined('NOREQUIREMENU')) define('NOREQUIREMENU', '1'); // If there is no need to load and show top and left menu
//if (! defined('NOREQUIREHTML')) define('NOREQUIREHTML', '1'); // If we don't need to load the html.form.class.php
//if (! defined('NOREQUIREAJAX')) define('NOREQUIREAJAX', '1'); // Do not load ajax.lib.php library
//if (! defined("NOLOGIN")) define("NOLOGIN", '1'); // If this page is public (can be called outside logged session). This include the NOIPCHECK too.
//if (! defined('NOIPCHECK')) define('NOIPCHECK', '1'); // Do not check IP defined into conf $dolibarr_main_restrict_ip
//if (! defined("MAIN_LANG_DEFAULT")) define('MAIN_LANG_DEFAULT', 'auto'); // Force lang to a particular value
//if (! defined("MAIN_AUTHENTICATION_MODE")) define('MAIN_AUTHENTICATION_MODE', 'aloginmodule'); // Force authentication handler
//if (! defined("NOREDIRECTBYMAINTOLOGIN")) define('NOREDIRECTBYMAINTOLOGIN', 1); // The main.inc.php does not make a redirect if not logged, instead show simple error message
//if (! defined("FORCECSP")) define('FORCECSP', 'none'); // Disable all Content Security Policies
//if (! defined('CSRFCHECK_WITH_TOKEN')) define('CSRFCHECK_WITH_TOKEN', '1'); // Force use of CSRF protection with tokens even for GET
//if (! defined('NOBROWSERNOTIF')) define('NOBROWSERNOTIF', '1'); // Disable browser notification
// Load Dolibarr environment
require '../main.inc.php';
require_once DOL_DOCUMENT_ROOT.'/core/class/html.formfile.class.php';

10
htdocs/adherents/subscription.php
View File

@ -1163,9 +1163,13 @@ if ($rowid > 0) {
print dol_get_fiche_end();
print '<div class="center">';
print '<input type="submit" class="button" name="add" value="'.$langs->trans("AddSubscription").'">';
print '&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;';
print '<input type="submit" class="button button-cancel" name="cancel" value="'.$langs->trans("Cancel").'">';
$parameters = array();
$reshook = $hookmanager->executeHooks('addMoreActionsButtons', $parameters, $object, $action);
if (empty($reshook)) {
print '<input type="submit" class="button" name="add" value="'.$langs->trans("AddSubscription").'">';
print '&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;';
print '<input type="submit" class="button button-cancel" name="cancel" value="'.$langs->trans("Cancel").'">';
}
print '</div>';
print '</form>';

1
htdocs/admin/agenda.php
View File

@ -192,6 +192,7 @@ if (!empty($triggers)) {
}
if ($search_event === '' || preg_match('/'.preg_quote($search_event, '/').'/i', $trigger['code'])) {
print '<!-- '.$trigger['position'].' -->';
print '<tr class="oddeven">';
print '<td>'.$trigger['code'].'</td>';
print '<td>'.$trigger['label'].'</td>';

22
htdocs/admin/agenda_other.php
View File

@ -104,6 +104,8 @@ if ($action == 'set') {
$resultCreat = $defaultValues->create($user);
if ($resultCreat < 0) {
setEventMessages($defaultValues->error, $defaultValues->errors, 'errors');
} else {
setEventMessages($langs->trans("RecordSaved"), null, 'mesgs');
}
} elseif ($action == 'specimen') { // For orders
$modele = GETPOST('module', 'alpha');
@ -316,6 +318,16 @@ print '<td class="center">&nbsp;</td>'."\n";
print '<td class="right">'.$langs->trans("Value").'</td>'."\n";
print '</tr>'."\n";
// AGENDA_DEFAULT_VIEW
print '<tr class="oddeven">'."\n";
$htmltext = $langs->trans("ThisValueCanOverwrittenOnUserLevel", $langs->transnoentitiesnoconv("UserGUISetup"));
print '<td>'.$form->textwithpicto($langs->trans("AGENDA_DEFAULT_VIEW"), $htmltext).'</td>'."\n";
print '<td class="center">&nbsp;</td>'."\n";
print '<td class="right">'."\n";
$tmplist = array(''=>'&nbsp;', 'show_list'=>$langs->trans("ViewList"), 'show_month'=>$langs->trans("ViewCal"), 'show_week'=>$langs->trans("ViewWeek"), 'show_day'=>$langs->trans("ViewDay"), 'show_peruser'=>$langs->trans("ViewPerUser"));
print $form->selectarray('AGENDA_DEFAULT_VIEW', $tmplist, $conf->global->AGENDA_DEFAULT_VIEW);
print '</td></tr>'."\n";
// Manual or automatic
print '<tr class="oddeven">'."\n";
@ -340,16 +352,6 @@ if (!empty($conf->global->AGENDA_USE_EVENT_TYPE)) {
print '</td></tr>'."\n";
}
// AGENDA_DEFAULT_VIEW
print '<tr class="oddeven">'."\n";
$htmltext = $langs->trans("ThisValueCanOverwrittenOnUserLevel", $langs->transnoentitiesnoconv("UserGUISetup"));
print '<td>'.$form->textwithpicto($langs->trans("AGENDA_DEFAULT_VIEW"), $htmltext).'</td>'."\n";
print '<td class="center">&nbsp;</td>'."\n";
print '<td class="right">'."\n";
$tmplist = array(''=>'&nbsp;', 'show_list'=>$langs->trans("ViewList"), 'show_month'=>$langs->trans("ViewCal"), 'show_week'=>$langs->trans("ViewWeek"), 'show_day'=>$langs->trans("ViewDay"), 'show_peruser'=>$langs->trans("ViewPerUser"));
print $form->selectarray('AGENDA_DEFAULT_VIEW', $tmplist, $conf->global->AGENDA_DEFAULT_VIEW);
print '</td></tr>'."\n";
// AGENDA_EVENT_DEFAULT_STATUS
print '<tr class="oddeven">'."\n";
print '<td>'.$langs->trans("AGENDA_EVENT_DEFAULT_STATUS").'</td>'."\n";

2
htdocs/admin/const.php
View File

@ -37,8 +37,6 @@ if (!$user->admin) {
$rowid = GETPOST('rowid', 'int');
$entity = GETPOST('entity', 'int');
$action = GETPOST('action', 'aZ09');
$update = GETPOST('update', 'alpha');
$delete = GETPOST('delete', 'none'); // Do not use alpha here
$debug = GETPOST('debug', 'int');
$consts = GETPOST('const', 'array');
$constname = GETPOST('constname', 'alphanohtml');

2
htdocs/admin/defaultvalues.php
View File

@ -64,7 +64,7 @@ if (!$sortorder) {
$defaulturl = GETPOST('defaulturl', 'alphanohtml');
$defaultkey = GETPOST('defaultkey', 'alphanohtml');
$defaultvalue = GETPOST('defaultvalue', 'none');
$defaultvalue = GETPOST('defaultvalue', 'restricthtml');
$defaulturl = preg_replace('/^\//', '', $defaulturl);

1
htdocs/admin/dolistore/css/dolistore.css
View File

@ -1,6 +1,5 @@
div.divsearchfield {
float: left;
margin: 4px 12px 4px 2px;
padding-left: 2px;
}

8
htdocs/admin/eventorganization.php
View File

@ -32,7 +32,7 @@ require_once DOL_DOCUMENT_ROOT.'/core/lib/eventorganization.lib.php';
require_once DOL_DOCUMENT_ROOT.'/categories/class/categorie.class.php';
// Translations
$langs->loadLangs(array("admin", "eventorganization"));
$langs->loadLangs(array("admin", "eventorganization", "categories"));
// Parameters
$action = GETPOST('action', 'aZ09');
@ -54,11 +54,11 @@ $arrayofparameters = array(
'EVENTORGANIZATION_TEMPLATE_EMAIL_ASK_BOOTH'=>array('type'=>'emailtemplate:conferenceorbooth', 'enabled'=>1),
'EVENTORGANIZATION_TEMPLATE_EMAIL_AFT_SUBS_BOOTH'=>array('type'=>'emailtemplate:conferenceorbooth', 'enabled'=>1),
'EVENTORGANIZATION_TEMPLATE_EMAIL_AFT_SUBS_EVENT'=>array('type'=>'emailtemplate:conferenceorbooth', 'enabled'=>1),
'EVENTORGANIZATION_TEMPLATE_EMAIL_BULK_SPEAKER'=>array('type'=>'emailtemplate:conferenceorbooth', 'enabled'=>1),
'EVENTORGANIZATION_TEMPLATE_EMAIL_BULK_ATTENDES'=>array('type'=>'emailtemplate:conferenceorbooth', 'enabled'=>1),
'EVENTORGANIZATION_SECUREKEY'=>array('type'=>'securekey', 'enabled'=>1),
//'EVENTORGANIZATION_TEMPLATE_EMAIL_BULK_SPEAKER'=>array('type'=>'emailtemplate:conferenceorbooth', 'enabled'=>1),
//'EVENTORGANIZATION_TEMPLATE_EMAIL_BULK_ATTENDES'=>array('type'=>'emailtemplate:conferenceorbooth', 'enabled'=>1),
'SERVICE_BOOTH_LOCATION'=>array('type'=>'product', 'enabled'=>1),
'SERVICE_CONFERENCE_ATTENDEE_SUBSCRIPTION'=>array('type'=>'product', 'enabled'=>1),
'EVENTORGANIZATION_SECUREKEY'=>array('type'=>'securekey', 'enabled'=>1),
);
$error = 0;

16
htdocs/admin/modules.php
View File

@ -535,11 +535,11 @@ if ($mode == 'common' || $mode == 'commonkanban') {
//$moreforfilter .= '<div class="floatright center marginrightonly hideonsmartphone" style="padding-top: 3px"><span class="paddingright">'.$moreinfo.'</span> '.$moreinfo2.'</div>';
$moreforfilter .= '<div class="colorbacktimesheet float valignmiddle">';
$moreforfilter .= '<div class="divsearchfield paddingtop">';
$moreforfilter .= '<div class="divfilteralone colorbacktimesheet float valignmiddle">';
$moreforfilter .= '<div class="divsearchfield paddingtop paddingbottom valignmiddle inline-block">';
$moreforfilter .= img_picto($langs->trans("Filter"), 'filter', 'class="paddingright opacityhigh hideonsmartphone"').'<input type="text" id="search_keyword" name="search_keyword" class="maxwidth125" value="'.dol_escape_htmltag($search_keyword).'" placeholder="'.dol_escape_htmltag($langs->trans('Keyword')).'">';
$moreforfilter .= '</div>';
$moreforfilter .= '<div class="divsearchfield paddingtop">';
$moreforfilter .= '<div class="divsearchfield paddingtop paddingbottom valignmiddle inline-block">';
$moreforfilter .= $form->selectarray('search_nature', $arrayofnatures, dol_escape_htmltag($search_nature), $langs->trans('Origin'), 0, 0, '', 0, 0, 0, '', 'maxwidth250', 1);
$moreforfilter .= '</div>';
if (getDolGlobalInt('MAIN_FEATURES_LEVEL')) {
@ -553,16 +553,16 @@ if ($mode == 'common' || $mode == 'commonkanban') {
if ($conf->global->MAIN_FEATURES_LEVEL > 1) {
$array_version['development'] = $langs->trans("Development");
}
$moreforfilter .= '<div class="divsearchfield paddingtop">';
$moreforfilter .= '<div class="divsearchfield paddingtop paddingbottom valignmiddle inline-block">';
$moreforfilter .= $form->selectarray('search_version', $array_version, $search_version, $langs->trans('Version'), 0, 0, '', 0, 0, 0, '', 'maxwidth150', 1);
$moreforfilter .= '</div>';
}
$moreforfilter .= '<div class="divsearchfield paddingtop">';
$moreforfilter .= '<div class="divsearchfield paddingtop paddingbottom valignmiddle inline-block">';
$moreforfilter .= $form->selectarray('search_status', array('active'=>$langs->transnoentitiesnoconv("Enabled"), 'disabled'=>$langs->transnoentitiesnoconv("Disabled")), $search_status, $langs->trans('Status'), 0, 0, '', 0, 0, 0, '', 'maxwidth150', 1);
$moreforfilter .= '</div>';
$moreforfilter .= ' ';
$moreforfilter .= '<div class="divsearchfield">';
$moreforfilter .= '<input type="submit" name="buttonsubmit" class="button" value="'.dol_escape_htmltag($langs->trans("Refresh")).'">';
$moreforfilter .= '<div class="divsearchfield valignmiddle inline-block">';
$moreforfilter .= '<input type="submit" name="buttonsubmit" class="button small" value="'.dol_escape_htmltag($langs->trans("Refresh")).'">';
if ($search_keyword || ($search_nature && $search_nature != '-1') || ($search_version && $search_version != '-1') || ($search_status && $search_status != '-1')) {
$moreforfilter .= ' ';
$moreforfilter .= '<input type="submit" name="buttonreset" class="buttonreset noborderbottom" value="'.dol_escape_htmltag($langs->trans("Reset")).'">';
@ -1139,7 +1139,7 @@ if ($mode == 'deploy') {
}
if ($allowfromweb == 1) {
print $langs->trans("UnpackPackageInModulesRoot", $dirins).'<br>';
print '<span class="opacitymedium">'.$langs->trans("UnpackPackageInModulesRoot", $dirins).'</span><br>';
print '<br>';

22
htdocs/admin/oauth.php
View File

@ -27,6 +27,7 @@ require '../main.inc.php';
require_once DOL_DOCUMENT_ROOT.'/core/lib/admin.lib.php';
require_once DOL_DOCUMENT_ROOT.'/core/lib/oauth.lib.php';
// $supportedoauth2array is defined into oauth.lib.php
// Define $urlwithroot
$urlwithouturlroot = preg_replace('/'.preg_quote(DOL_URL_ROOT, '/').'$/i', '', trim($dolibarr_main_url_root));
@ -96,10 +97,12 @@ print '<table class="noborder centpercent">';
$i = 0;
// $list is defined into oauth.lib.php
// $list is defined into oauth.lib.php to the list of supporter OAuth providers.
foreach ($list as $key) {
$supported = 0;
if (in_array($key[0], array_keys($supportedoauth2array))) {
$keyforsupportedoauth2array = $key[0];
if (in_array($keyforsupportedoauth2array, array_keys($supportedoauth2array))) {
$supported = 1;
}
if (!$supported) {
@ -110,20 +113,23 @@ foreach ($list as $key) {
print '<tr class="liste_titre'.($i > 1 ? ' liste_titre_add' : '').'">';
// Api Name
$label = $langs->trans($key[0]);
print '<td>'.$label.'</td>';
$label = $langs->trans($keyforsupportedoauth2array);
print '<td>';
if (!empty($key[3])) {
print $langs->trans($key[3]);
print img_picto('', $supportedoauth2array[$keyforsupportedoauth2array]['picto'], 'class="pictofixedwidth"');
print $label;
print '</td>';
print '<td>';
if (!empty($supportedoauth2array[$keyforsupportedoauth2array]['urlforapp'])) {
print $langs->trans($supportedoauth2array[$keyforsupportedoauth2array]['urlforapp']);
}
print '</td>';
print '</tr>';
if ($supported) {
$redirect_uri = $urlwithroot.'/core/modules/oauth/'.$supportedoauth2array[$key[0]].'_oauthcallback.php';
$redirect_uri = $urlwithroot.'/core/modules/oauth/'.$supportedoauth2array[$keyforsupportedoauth2array]['callbackfile'].'_oauthcallback.php';
print '<tr class="oddeven value">';
print '<td>'.$langs->trans("UseTheFollowingUrlAsRedirectURI").'</td>';
print '<td><input style="width: 80%" type"text" name="uri'.$key[0].'" value="'.$redirect_uri.'">';
print '<td><input style="width: 80%" type"text" name="uri'.$keyforsupportedoauth2array.'" value="'.$redirect_uri.'">';
print '</td></tr>';
} else {
print '<tr class="oddeven value">';

67
htdocs/admin/oauthlogintokens.php
View File

@ -25,17 +25,13 @@
require '../main.inc.php';
require_once DOL_DOCUMENT_ROOT.'/core/lib/admin.lib.php';
require_once DOL_DOCUMENT_ROOT.'/core/lib/oauth.lib.php'; // This define $list
require_once DOL_DOCUMENT_ROOT.'/core/lib/oauth.lib.php'; // This define $list and $supportedoauth2array
require_once DOL_DOCUMENT_ROOT.'/core/class/doleditor.class.php';
use OAuth\Common\Storage\DoliStorage;
// Load translation files required by the page
$langs->loadLangs(array('admin', 'printing', 'oauth'));
if (!$user->admin) {
accessforbidden();
}
$action = GETPOST('action', 'aZ09');
$mode = GETPOST('mode', 'alpha');
$value = GETPOST('value', 'alpha');
@ -50,6 +46,10 @@ if (!$mode) {
$mode = 'setup';
}
if (!$user->admin) {
accessforbidden();
}
/*
* Action
@ -122,7 +122,7 @@ $urlwithroot = $urlwithouturlroot.DOL_URL_ROOT; // This is to use external domai
$form = new Form($db);
llxHeader('', $langs->trans("PrintingSetup"));
llxHeader('', $langs->trans("TokenManager"));
$linkback = '<a href="'.DOL_URL_ROOT.'/admin/modules.php?restore_lastsearch_values=1">'.$langs->trans("BackToModuleList").'</a>';
print load_fiche_titre($langs->trans('ConfigOAuth'), $linkback, 'title_setup');
@ -140,7 +140,9 @@ if ($mode == 'setup' && $user->admin) {
foreach ($list as $key) {
$supported = 0;
if (in_array($key[0], array_keys($supportedoauth2array))) {
$keyforsupportedoauth2array = $key[0];
if (in_array($keyforsupportedoauth2array, array_keys($supportedoauth2array))) {
$supported = 1;
}
if (!$supported) {
@ -148,34 +150,44 @@ if ($mode == 'setup' && $user->admin) {
}
$OAUTH_SERVICENAME = 'Unknown';
if ($key[0] == 'OAUTH_GITHUB_NAME') {
$OAUTH_SERVICENAME = 'GitHub';
$OAUTH_SERVICENAME = empty($supportedoauth2array[$keyforsupportedoauth2array]['name']) ? 'Unknown' : $supportedoauth2array[$keyforsupportedoauth2array]['name'];
// Define $shortscope, $urltorenew, $urltodelete, $urltocheckperms
// TODO Use array $supportedoauth2array
if ($keyforsupportedoauth2array == 'OAUTH_GITHUB_NAME') {
// List of keys that will be converted into scopes (from constants 'SCOPE_state_in_uppercase' in file of service).
// We pass this param list in to 'state' because we need it before and after the redirect.
$shortscope = 'user,public_repo';
$urltorenew = $urlwithroot.'/core/modules/oauth/github_oauthcallback.php?shortscope='.$shortscope.'&state='.$shortscope.'&backtourl='.urlencode(DOL_URL_ROOT.'/admin/oauthlogintokens.php');
$urltodelete = $urlwithroot.'/core/modules/oauth/github_oauthcallback.php?action=delete&token='.newToken().'&backtourl='.urlencode(DOL_URL_ROOT.'/admin/oauthlogintokens.php');
$urltocheckperms = 'https://github.com/settings/applications/';
} elseif ($key[0] == 'OAUTH_GOOGLE_NAME') {
$OAUTH_SERVICENAME = 'Google';
} elseif ($keyforsupportedoauth2array == 'OAUTH_GOOGLE_NAME') {
// List of keys that will be converted into scopes (from constants 'SCOPE_state_in_uppercase' in file of service).
// We pass this param list in to 'state' because we need it before and after the redirect.
$shortscope = 'userinfo_email,userinfo_profile,cloud_print';
if (!empty($conf->global->OAUTH_GSUITE)) {
// List of scopes for Google are here: https://developers.google.com/identity/protocols/oauth2/scopes
// We pass this key list into the param 'state' because we need it before and after the redirect.
$shortscope = 'userinfo_email,userinfo_profile';
$shortscope .= ',openid,email,profile'; // For openid connect
if (!empty($conf->printing->enabled)) {
$shortscope .= ',cloud_print';
}
if (!empty($conf->global->OAUTH_GOOGLE_GSUITE)) {
$shortscope .= ',admin_directory_user';
}
//$scope.=',gmail_full';
$urltorenew = $urlwithroot.'/core/modules/oauth/google_oauthcallback.php?shortscope='.$shortscope.'&state='.$shortscope.'&backtourl='.urlencode(DOL_URL_ROOT.'/admin/oauthlogintokens.php');
if (!empty($conf->global->OAUTH_GOOGLE_GMAIL)) {
$shortscope.=',gmail_full';
}
$oauthstateanticsrf = bin2hex(random_bytes(128/8));
$_SESSION['oauthstateanticsrf'] = $shortscope.'-'.$oauthstateanticsrf;
$urltorenew = $urlwithroot.'/core/modules/oauth/google_oauthcallback.php?shortscope='.$shortscope.'&state='.$shortscope.'-'.$oauthstateanticsrf.'&backtourl='.urlencode(DOL_URL_ROOT.'/admin/oauthlogintokens.php');
$urltodelete = $urlwithroot.'/core/modules/oauth/google_oauthcallback.php?action=delete&token='.newToken().'&backtourl='.urlencode(DOL_URL_ROOT.'/admin/oauthlogintokens.php');
$urltocheckperms = 'https://security.google.com/settings/security/permissions';
} elseif ($key[0] == 'OAUTH_STRIPE_TEST_NAME') {
$OAUTH_SERVICENAME = 'StripeTest';
} elseif ($keyforsupportedoauth2array == 'OAUTH_STRIPE_TEST_NAME') {
$urltorenew = $urlwithroot.'/core/modules/oauth/stripetest_oauthcallback.php?backtourl='.urlencode(DOL_URL_ROOT.'/admin/oauthlogintokens.php');
$urltodelete = '';
$urltocheckperms = '';
} elseif ($key[0] == 'OAUTH_STRIPE_LIVE_NAME') {
$OAUTH_SERVICENAME = 'StripeLive';
} elseif ($keyforsupportedoauth2array == 'OAUTH_STRIPE_LIVE_NAME') {
$urltorenew = $urlwithroot.'/core/modules/oauth/stripelive_oauthcallback.php?backtourl='.urlencode(DOL_URL_ROOT.'/admin/oauthlogintokens.php');
$urltodelete = '';
$urltocheckperms = '';
@ -230,11 +242,14 @@ if ($mode == 'setup' && $user->admin) {
print '<input type="hidden" name="token" value="'.newToken().'">';
print '<input type="hidden" name="action" value="setconst">';
print '<div class="div-table-responsive">';
print '<div class="div-table-responsive-no-min">';
print '<table class="noborder centpercent">'."\n";
print '<tr class="liste_titre">';
print '<th class="titlefieldcreate">'.$langs->trans($key[0]).'</th>';
print '<th class="titlefieldcreate">';
print img_picto('', $supportedoauth2array[$keyforsupportedoauth2array]['picto'], 'class="pictofixedwidth"');
print $langs->trans($keyforsupportedoauth2array);
print '</th>';
print '<th></th>';
print '<th></th>';
print "</tr>\n";
@ -244,7 +259,7 @@ if ($mode == 'setup' && $user->admin) {
//var_dump($key);
print $langs->trans("OAuthIDSecret").'</td>';
print '<td>';
print $langs->trans("SeePreviousTab");
print '<span class="opacitymedium">'.$langs->trans("SeePreviousTab").'</span>';
print '</td>';
print '<td>';
print '</td>';
@ -259,7 +274,7 @@ if ($mode == 'setup' && $user->admin) {
if (is_object($tokenobj)) {
print $langs->trans("HasAccessToken");
} else {
print $langs->trans("NoAccessToken");
print '<span class="opacitymedium">'.$langs->trans("NoAccessToken").'</span>';
}
print '</td>';
print '<td width="50%">';
@ -346,7 +361,7 @@ if ($mode == 'setup' && $user->admin) {
if ($mode == 'test' && $user->admin) {
print $langs->trans('PrintTestDesc'.$driver)."<br><br>\n";
print '<div class="div-table-responsive">';
print '<div class="div-table-responsive-no-min">';
print '<table class="noborder centpercent">';
if (!empty($driver)) {
require_once DOL_DOCUMENT_ROOT.'/core/modules/printing/'.$driver.'.modules.php';

4
htdocs/admin/tools/export_files.php
View File

@ -137,7 +137,7 @@ $dirtocompress = basename($fulldirtocompress);
if ($compression == 'zip') {
$file .= '.zip';
$excludefiles = '/(\.back|\.old|\.log|[\/\\\]temp[\/\\\]|documents[\/\\\]admin[\/\\\]documents[\/\\\])/i';
$excludefiles = '/(\.back|\.old|\.log|\.pdf_preview-.*\.png|[\/\\\]temp[\/\\\]|documents[\/\\\]admin[\/\\\]documents[\/\\\])/i';
//var_dump($fulldirtocompress);
//var_dump($outputdir."/".$file);exit;
@ -173,7 +173,7 @@ if ($compression == 'zip') {
// We also exclude '/temp/' dir and 'documents/admin/documents'
// We make escapement here and call executeCLI without escapement because we don't want to have the '*.log' escaped.
$cmd = "tar -cf ".escapeshellcmd($outputdir."/".$file)." --exclude-vcs --exclude-caches-all --exclude='temp' --exclude='*.log' --exclude='documents/admin/documents' -C '".escapeshellcmd(dol_sanitizePathName($dirtoswitch))."' '".escapeshellcmd(dol_sanitizeFileName($dirtocompress))."'";
$cmd = "tar -cf ".escapeshellcmd($outputdir."/".$file)." --exclude-vcs --exclude-caches-all --exclude='temp' --exclude='*.log' --exclude='*.pdf_preview-*.png' --exclude='documents/admin/documents' -C '".escapeshellcmd(dol_sanitizePathName($dirtoswitch))."' '".escapeshellcmd(dol_sanitizeFileName($dirtocompress))."'";
$result = $utils->executeCLI($cmd, $outputfile, 0, null, 1);

3
htdocs/api/class/api_documents.class.php
View File

@ -624,6 +624,9 @@ class Documents extends DolibarrApi
} elseif ($modulepart == 'expensereport') {
require_once DOL_DOCUMENT_ROOT.'/expensereport/class/expensereport.class.php';
$object = new ExpenseReport($this->db);
} elseif ($modulepart == 'fichinter') {
require_once DOL_DOCUMENT_ROOT.'/fichinter/class/fichinter.class.php';
$object = new Fichinter($this->db);
} elseif ($modulepart == 'adherent' || $modulepart == 'member') {
$modulepart = 'adherent';
require_once DOL_DOCUMENT_ROOT.'/adherents/class/adherent.class.php';

18
htdocs/comm/action/card.php
View File

@ -937,7 +937,7 @@ if ($action == 'create') {
$("#selectcomplete").change(function() {
if ($("#selectcomplete").val() == 100)
{
if ($("#doneby").val() <= 0) $("#doneby").val(\''.$user->id.'\');
if ($("#doneby").val() <= 0) $("#doneby").val(\''.((int) $user->id).'\');
}
if ($("#selectcomplete").val() == 0)
{
@ -992,7 +992,8 @@ if ($action == 'create') {
if (!empty($conf->global->AGENDA_USE_EVENT_TYPE)) {
print '<tr><td class="titlefieldcreate"><span class="fieldrequired">'.$langs->trans("Type").'</span></b></td><td>';
$default = (empty($conf->global->AGENDA_USE_EVENT_TYPE_DEFAULT) ? 'AC_RDV' : $conf->global->AGENDA_USE_EVENT_TYPE_DEFAULT);
$formactions->select_type_actions(GETPOSTISSET("actioncode") ? GETPOST("actioncode", 'aZ09') : ($object->type_code ? $object->type_code : $default), "actioncode", "systemauto", 0, -1);
print img_picto($langs->trans("ActionType"), 'square', 'class="fawidth30 inline-block" style="color: #ddd;"');
print $formactions->select_type_actions(GETPOSTISSET("actioncode") ? GETPOST("actioncode", 'aZ09') : ($object->type_code ? $object->type_code : $default), "actioncode", "systemauto", 0, -1, 0, 1); // TODO Replace 0 with -2 in onlyautoornot
print '</td></tr>';
}
@ -1000,7 +1001,7 @@ if ($action == 'create') {
print '<tr><td'.(empty($conf->global->AGENDA_USE_EVENT_TYPE) ? ' class="fieldrequired titlefieldcreate"' : '').'>'.$langs->trans("Label").'</td><td><input type="text" id="label" name="label" class="soixantepercent" value="'.GETPOST('label').'"></td></tr>';
// Full day
print '<tr><td>'.$langs->trans("EventOnFullDay").'</td><td><input type="checkbox" id="fullday" name="fullday" '.(GETPOST('fullday') ? ' checked' : '').'></td></tr>';
print '<tr><td><label for="fullday">'.$langs->trans("EventOnFullDay").'</label></td><td><input type="checkbox" id="fullday" name="fullday" '.(GETPOST('fullday') ? ' checked' : '').'></td></tr>';
$datep = ($datep ? $datep : (is_null($object->datep) ? '' : $object->datep));
if (GETPOST('datep', 'int', 1)) {
@ -1311,7 +1312,7 @@ if ($action == 'create') {
print '</table>';
if ($conf->global->AGENDA_REMINDER_EMAIL || $conf->global->AGENDA_REMINDER_BROWSER) {
if (getDolGlobalString('AGENDA_REMINDER_EMAIL') || getDolGlobalString('AGENDA_REMINDER_BROWSER')) {
//checkbox create reminder
print '<hr>';
print '<br>';
@ -1336,10 +1337,11 @@ if ($action == 'create') {
print '</td></tr>';
//Mail Model
print '<tr><td class="titlefieldcreate nowrap">'.$langs->trans("EMailTemplates").'</td><td colspan="3">';
print $form->selectModelMail('actioncommsend', 'actioncomm_send', 1, 1);
print '</td></tr>';
if (getDolGlobalString('AGENDA_REMINDER_EMAIL')) {
print '<tr><td class="titlefieldcreate nowrap">'.$langs->trans("EMailTemplates").'</td><td colspan="3">';
print $form->selectModelMail('actioncommsend', 'actioncomm_send', 1, 1);
print '</td></tr>';
}
print '</table>';
print '</div>';

91
htdocs/comm/action/class/actioncomm.class.php
View File

@ -123,16 +123,17 @@ class ActionComm extends CommonObject
*/
public $label;
/**
* @var string Agenda event label
* @deprecated Use $label
*/
public $libelle;
/**
* @var integer Date creation record (datec)
*/
public $datec;
/**
* @var integer Date end record (datef)
*/
public $datef;
/**
* @var integer Duration (duree)
*/
@ -172,6 +173,21 @@ class ActionComm extends CommonObject
*/
public $datep;
/**
* @var integer Date action end (datef)
*/
public $datef;
/**
* @var integer This is date start action (datep) but modified to not be outside calendar view.
*/
public $date_start_in_calendar;
/**
* @var integer This is date end action (datef) but modified to not be outside calendar view.
*/
public $date_end_in_calendar;
/**
* @var integer Date action end (datep2)
*/
@ -188,6 +204,11 @@ class ActionComm extends CommonObject
*/
public $fulldayevent = 0;
/**
* @var int 1=???
*/
public $ponctuel;
/**
* @var integer Percentage
*/
@ -219,8 +240,7 @@ class ActionComm extends CommonObject
public $userownerid;
/**
* @var int Id of user done (deprecated)
* @deprecated
* @var int Id of user that has done the event. Used only if AGENDA_ENABLE_DONEBY is set.
*/
public $userdoneid;
@ -239,20 +259,6 @@ class ActionComm extends CommonObject
*/
public $reminders = array();
/**
* @var User Object user of owner
* @deprecated
* @see $userownerid
*/
public $usertodo;
/**
* @var User Object user that did action
* @deprecated
* @see $userdoneid
*/
public $userdone;
/**
* @var int thirdparty id linked to action
*/
@ -827,18 +833,17 @@ class ActionComm extends CommonObject
$this->usermodid = $obj->fk_user_mod;
if (!is_object($this->author)) {
$this->author = new stdClass(); // To avoid warning
$this->author = new User($this->db); // To avoid warning
}
$this->author->id = $obj->fk_user_author; // deprecated
$this->author->firstname = $obj->firstname; // deprecated
$this->author->lastname = $obj->lastname; // deprecated
if (!is_object($this->usermod)) {
$this->usermod = new stdClass(); // To avoid warning
$this->usermod = new User($this->db); // To avoid warning
}
$this->usermod->id = $obj->fk_user_mod; // deprecated
$this->userownerid = $obj->fk_user_action;
$this->userdoneid = $obj->fk_user_done;
$this->priority = $obj->priority;
$this->fulldayevent = $obj->fulldayevent;
$this->location = $obj->location;
@ -1130,18 +1135,18 @@ class ActionComm extends CommonObject
$sql .= ", datep2 = ".(strval($this->datef) != '' ? "'".$this->db->idate($this->datef)."'" : 'null');
$sql .= ", durationp = ".(isset($this->durationp) && $this->durationp >= 0 && $this->durationp != '' ? "'".$this->db->escape($this->durationp)."'" : "null"); // deprecated
$sql .= ", note = '".$this->db->escape($this->note_private)."'";
$sql .= ", fk_project =".($this->fk_project > 0 ? $this->fk_project : "null");
$sql .= ", fk_soc =".($socid > 0 ? $socid : "null");
$sql .= ", fk_contact =".($contactid > 0 ? $contactid : "null");
$sql .= ", fk_project =".($this->fk_project > 0 ? ((int) $this->fk_project) : "null");
$sql .= ", fk_soc =".($socid > 0 ? ((int) $socid) : "null");
$sql .= ", fk_contact =".($contactid > 0 ? ((int) $contactid) : "null");
$sql .= ", priority = '".$this->db->escape($this->priority)."'";
$sql .= ", fulldayevent = '".$this->db->escape($this->fulldayevent)."'";
$sql .= ", location = ".($this->location ? "'".$this->db->escape($this->location)."'" : "null");
$sql .= ", transparency = '".$this->db->escape($this->transparency)."'";
$sql .= ", fk_user_mod = ".$user->id;
$sql .= ", fk_user_action = ".($userownerid > 0 ? "'".$this->db->escape($userownerid)."'" : "null");
$sql .= ", fk_user_done = ".($userdoneid > 0 ? "'".$this->db->escape($userdoneid)."'" : "null");
$sql .= ", fk_user_mod = ".((int) $user->id);
$sql .= ", fk_user_action = ".($userownerid > 0 ? ((int) $userownerid) : "null");
$sql .= ", fk_user_done = ".($userdoneid > 0 ? ((int) $userdoneid) : "null");
if (!empty($this->fk_element)) {
$sql .= ", fk_element=".($this->fk_element ? $this->db->escape($this->fk_element) : "null");
$sql .= ", fk_element=".($this->fk_element ? ((int) $this->fk_element) : "null");
}
if (!empty($this->elementtype)) {
$sql .= ", elementtype=".($this->elementtype ? "'".$this->db->escape($this->elementtype)."'" : "null");
@ -1439,9 +1444,9 @@ class ActionComm extends CommonObject
/**
* Return label of status
* Return the label of the status
*
* @param int $mode 0=libelle long, 1=libelle court, 2=Picto + Libelle court, 3=Picto, 4=Picto + Libelle long, 5=Libelle court + Picto
* @param int $mode 0=Long label, 1=Short label, 2=Picto+Short label, 3=Picto, 4=Picto+Short label, 5=Short label+Picto, 6=Picto+Long label, 7=Very short label+Picto
* @param int $hidenastatus 1=Show nothing if status is "Not applicable"
* @return string String with status
*/
@ -1628,36 +1633,34 @@ class ActionComm extends CommonObject
}
if ($withpicto == 2) {
$libelle = $label;
if (!empty($conf->global->AGENDA_USE_EVENT_TYPE)) {
$libelle = $labeltype;
$label = $labeltype;
}
$libelleshort = '';
$labelshort = '';
} else {
$libelle = (empty($this->libelle) ? $label : $this->libelle.(($label && $label != $this->libelle) ? ' '.$label : ''));
if (!empty($conf->global->AGENDA_USE_EVENT_TYPE) && empty($libelle)) {
$libelle = $labeltype;
if (!empty($conf->global->AGENDA_USE_EVENT_TYPE) && empty($label)) {
$label = $labeltype;
}
if ($maxlength < 0) {
$libelleshort = $this->ref;
$labelshort = $this->ref;
} else {
$libelleshort = dol_trunc($libelle, $maxlength);
$labelshort = dol_trunc($label, $maxlength);
}
}
if ($withpicto) {
if (!empty($conf->global->AGENDA_USE_EVENT_TYPE)) { // Add code into ()
if ($labeltype) {
$libelle .= (preg_match('/'.preg_quote($labeltype, '/').'/', $libelle) ? '' : ' ('.$langs->transnoentities("Action".$this->type_code).')');
$label .= (preg_match('/'.preg_quote($labeltype, '/').'/', $label) ? '' : ' ('.$langs->transnoentities("Action".$this->type_code).')');
}
}
}
$result .= $linkstart;
if ($withpicto) {
$result .= img_object(($notooltip ? '' : $langs->trans("ShowAction").': '.$libelle), ($overwritepicto ? $overwritepicto : 'action'), (($this->type_color && $overwritepicto) ? 'style="color: #'.$this->type_color.' !important;" ' : '').($notooltip ? 'class="'.(($withpicto != 2) ? 'paddingright ' : '').'"' : 'class="'.(($withpicto != 2) ? 'paddingright ' : '').'classfortooltip"'), 0, 0, $notooltip ? 0 : 1);
$result .= img_object(($notooltip ? '' : $langs->trans("ShowAction").': '.$label), ($overwritepicto ? $overwritepicto : 'action'), (($this->type_color && $overwritepicto) ? 'style="color: #'.$this->type_color.' !important;" ' : '').($notooltip ? 'class="'.(($withpicto != 2) ? 'paddingright ' : '').'"' : 'class="'.(($withpicto != 2) ? 'paddingright ' : '').'classfortooltip"'), 0, 0, $notooltip ? 0 : 1);
}
$result .= $libelleshort;
$result .= $labelshort;
$result .= $linkend;
global $action;

4
htdocs/comm/action/class/actioncommreminder.class.php
View File

@ -205,9 +205,9 @@ class ActionCommReminder extends CommonObject
}
/**
* Retourne le libelle du status d'un user (actif, inactif)
* Return label of the status of a reminder
*
* @param int $mode 0=libelle long, 1=libelle court, 2=Picto + Libelle court, 3=Picto, 4=Picto + Libelle long, 5=Libelle court + Picto
* @param int $mode 0=long label, 1=short label, 2=Picto + short label, 3=Picto, 4=Picto + long label, 5=Short label + Picto, 6=Long label + Picto
* @return string Label of status
*/
public function getLibStatut($mode = 0)

4
htdocs/comm/action/class/cactioncomm.class.php
View File

@ -145,7 +145,7 @@ class CActionComm
* @param string|int $active 1 or 0 to filter on event state active or not ('' by default = no filter)
* @param string $idorcode 'id' or 'code' or 'all'
* @param string $excludetype Type to exclude ('system' or 'systemauto')
* @param int $onlyautoornot 1=Group all type AC_XXX into 1 line AC_MANUAL. 0=Keep details of type, -1=Keep details and add a combined line per calendar (Default, Auto, BoothConf, ...)
* @param int $onlyautoornot 1=Group all type AC_XXX into 1 line AC_MANUAL. 0=Keep details of type, -1 or -2=Keep details and add a combined line per calendar (Default, Auto, BoothConf, ...)
* @param string $morefilter Add more SQL filter
* @param int $shortlabel 1=Get short label instead of long label
* @return mixed Array of all event types if OK, <0 if KO. Key of array is id or code depending on parameter $idorcode.
@ -241,7 +241,7 @@ class CActionComm
$transcode = $langs->trans($keyfortrans);
}
$label = (($transcode != $keyfortrans) ? $transcode : $langs->trans($obj->label));
if ($onlyautoornot == -1 && !empty($conf->global->AGENDA_USE_EVENT_TYPE)) {
if (($onlyautoornot == -1 || $onlyautoornot == -2) && !empty($conf->global->AGENDA_USE_EVENT_TYPE)) {
if ($typecalendar == 'system') {
$label = '&nbsp;&nbsp; '.$label;
$repid[-99] = $langs->trans("ActionAC_MANUAL");

38
htdocs/comm/action/index.php
View File

@ -107,10 +107,10 @@ $year = GETPOST("year", "int") ?GETPOST("year", "int") : date("Y");
$month = GETPOST("month", "int") ?GETPOST("month", "int") : date("m");
$week = GETPOST("week", "int") ?GETPOST("week", "int") : date("W");
$day = GETPOST("day", "int") ?GETPOST("day", "int") : date("d");
$pid = GETPOST("search_projectid", "int", 3) ?GETPOST("search_projectid", "int", 3) : GETPOST("projectid", "int", 3);
$status = GETPOST("search_status", 'aZ09') ?GETPOST("search_status", 'aZ09') : GETPOST("status", 'aZ09'); // status may be 0, 50, 100, 'todo'
$type = GETPOST("search_type", 'aZ09') ?GETPOST("search_type", 'aZ09') : GETPOST("type", 'aZ09');
$maxprint = (isset($_GET["maxprint"]) ?GETPOST("maxprint") : $conf->global->AGENDA_MAX_EVENTS_DAY_VIEW);
$pid = GETPOST("search_projectid", "int", 3) ? GETPOST("search_projectid", "int", 3) : GETPOST("projectid", "int", 3);
$status = GETPOSTISSET("search_status") ? GETPOST("search_status", 'aZ09') : GETPOST("status", 'aZ09'); // status may be 0, 50, 100, 'todo'
$type = GETPOSTISSET("search_type", 'aZ09') ? GETPOST("search_type", 'aZ09') : GETPOST("type", 'aZ09');
$maxprint = GETPOSTISSET("maxprint") ? GETPOST("maxprint", 'int') : $conf->global->AGENDA_MAX_EVENTS_DAY_VIEW;
$optioncss = GETPOST('optioncss', 'aZ'); // Option for the css output (always '' except when 'print')
$dateselect = dol_mktime(0, 0, 0, GETPOST('dateselectmonth', 'int'), GETPOST('dateselectday', 'int'), GETPOST('dateselectyear', 'int'));
@ -570,7 +570,7 @@ if (!empty($conf->use_javascript_ajax)) { // If javascript on
$s .= 'console.log("found parent div.dayevent with id = "+newval);'."\n";
$s .= 'var frm=jQuery("#searchFormList");'."\n";
$s .= 'var newurl = ui.item.find("a.cal_event").attr("href");'."\n";
$s .= 'console.log(newurl);'."\n";
$s .= 'console.log("Found url on href of a.cal_event"+newurl+", we submit form with actionmove=mupdate");'."\n";
$s .= 'frm.attr("action", newurl).children("#newdate").val(newval);frm.submit();}'."\n";
$s .= '});'."\n";
}
@ -837,7 +837,7 @@ if ($resql) {
$event->fk_project = $obj->fk_project;
$event->thirdparty_id = $obj->fk_soc;
$event->socid = $obj->fk_soc;
$event->contact_id = $obj->fk_contact;
// Defined date_start_in_calendar and date_end_in_calendar property
@ -848,10 +848,6 @@ if ($resql) {
} else {
$event->date_end_in_calendar = $event->datep;
}
// Define ponctual property
if ($event->date_start_in_calendar == $event->date_end_in_calendar) {
$event->ponctuel = 1;
}
// Check values
if ($event->date_end_in_calendar < $firstdaytoshow || $event->date_start_in_calendar >= $lastdaytoshow) {
@ -945,7 +941,6 @@ if ($showbirthday) {
$event->date_start_in_calendar = $db->jdate($event->datep);
$event->date_end_in_calendar = $db->jdate($event->datef);
$event->ponctuel = 0;
// Add an entry in eventarray for each day
$daycursor = $event->datep;
@ -1288,12 +1283,6 @@ if (count($listofextcals)) {
$event->date_end_in_calendar = $event->datep;
}
// Define ponctual property
if ($event->date_start_in_calendar == $event->date_end_in_calendar) {
$event->ponctuel = 1;
//print 'x'.$datestart.'-'.$dateend;exit;
}
// Add event into $eventarray if date range are ok.
if ($event->date_end_in_calendar < $firstdaytoshow || $event->date_start_in_calendar >= $lastdaytoshow) {
//print 'x'.$datestart.'-'.$dateend;exit;
@ -1393,7 +1382,7 @@ if (empty($mode) || $mode == 'show_month') { // View by month
print '</div>';
print '<div class="div-table-responsive-no-min sectioncalendarbymonth maxscreenheightless300">';
print '<table width="100%" class="noborder nocellnopadd cal_pannel cal_month">';
print '<table class="centpercent noborder nocellnopadd cal_pannel cal_month">';
print ' <tr class="liste_titre">';
// Column title of weeks numbers
echo ' <td class="center">#</td>';
@ -1482,7 +1471,7 @@ if (empty($mode) || $mode == 'show_month') { // View by month
print '</div>';
print '<input type="hidden" name="actionmove" value="mupdate">';
print '<input type="hidden" name="backtopage" value="'.dol_escape_htmltag($_SERVER['PHP_SELF']).'?'.dol_escape_htmltag($_SERVER['QUERY_STRING']).'">';
print '<input type="hidden" name="backtopage" value="'.dol_escape_htmltag($_SERVER['PHP_SELF']).'?mode=show_month&'.dol_escape_htmltag($_SERVER['QUERY_STRING']).'">';
print '<input type="hidden" name="newdate" id="newdate">';
} elseif ($mode == 'show_week') {
// View by week
@ -1502,7 +1491,7 @@ if (empty($mode) || $mode == 'show_month') { // View by month
print '</div></div>';
print '<div class="div-table-responsive-no-min sectioncalendarbyweek maxscreenheightless300">';
print '<table width="100%" class="noborder nocellnopadd cal_pannel cal_month">';
print '<table class="centpercent noborder nocellnopadd cal_pannel cal_month">';
print ' <tr class="liste_titre">';
$i = 0;
while ($i < 7) {
@ -1544,10 +1533,9 @@ if (empty($mode) || $mode == 'show_month') { // View by month
print '</div>';
echo '<input type="hidden" name="actionmove" value="mupdate">';
echo '<input type="hidden" name="backtopage" value="'.dol_escape_htmltag($_SERVER['PHP_SELF']).'?'.dol_escape_htmltag($_SERVER['QUERY_STRING']).'">';
echo '<input type="hidden" name="backtopage" value="'.dol_escape_htmltag($_SERVER['PHP_SELF']).'?mode=show_week&'.dol_escape_htmltag($_SERVER['QUERY_STRING']).'">';
echo '<input type="hidden" name="newdate" id="newdate">';
} else // View by day
{
} else { // View by day
$newparam = $param; // newparam is for birthday links
$newparam = preg_replace('/mode=show_month&?/i', '', $newparam);
$newparam = preg_replace('/mode=show_week&?/i', '', $newparam);
@ -1965,7 +1953,7 @@ function show_day_events($db, $day, $month, $year, $monthshown, $style, &$eventa
if ($event->type_code != 'ICALEVENT') {
$savlabel = $event->label ? $event->label : $event->libelle;
$event->label = $titletoshow;
$event->libelle = $titletoshow;
$event->libelle = $titletoshow; // deprecatd
// Note: List of users are inside $event->userassigned. Link may be clickable depending on permissions of user.
$titletoshow = (($event->type_picto || $event->type_code) ? $event->getTypePicto() : '');
$titletoshow .= $event->getNomUrl(0, $maxnbofchar, 'cal_event cal_event_title', '', 0, 0);
@ -1997,7 +1985,7 @@ function show_day_events($db, $day, $month, $year, $monthshown, $style, &$eventa
print '<br>('.dol_trunc($event->icalname, $maxnbofchar).')';
}
$thirdparty_id = ($event->thirdparty_id > 0 ? $event->thirdparty_id : ((is_object($event->societe) && $event->societe->id > 0) ? $event->societe->id : 0));
$thirdparty_id = ($event->socid > 0 ? $event->socid : ((is_object($event->societe) && $event->societe->id > 0) ? $event->societe->id : 0));
$contact_id = ($event->contact_id > 0 ? $event->contact_id : ((is_object($event->contact) && $event->contact->id > 0) ? $event->contact->id : 0));
// If action related to company / contact

8
htdocs/comm/action/pertype.php
View File

@ -683,10 +683,6 @@ if ($resql) {
$event->date_end_in_calendar = $datep;
}
}
// Define ponctual property
if ($event->date_start_in_calendar == $event->date_end_in_calendar) {
$event->ponctuel = 1;
}
// Check values
if ($event->date_end_in_calendar < $firstdaytoshow ||
@ -1236,9 +1232,9 @@ function show_day_events_pertype($username, $day, $month, $year, $monthshown, $s
$color2 = '222222';
}
print '<table class="nobordernopadding" width="100%">';
print '<tr><td '.($color1 ? 'style="background: #'.$color1.';"' : '').'class="'.($style1 ? $style1.' ' : '').'onclickopenref'.($title1 ? ' cursorpointer' : '').'" ref="ref_'.$username->id.'_'.sprintf("%04d", $year).'_'.sprintf("%02d", $month).'_'.sprintf("%02d", $day).'_'.sprintf("%02d", $h).'_00_'.($ids1 ? $ids1 : 'none').'"'.($title1 ? ' title="'.$title1.'"' : '').'>';
print '<tr><td '.($color1 ? 'style="background: #'.$color1.';"' : '').'class="'.($style1 ? $style1.' ' : '').'onclickopenref center'.($title1 ? ' cursorpointer' : '').'" ref="ref_'.$username->id.'_'.sprintf("%04d", $year).'_'.sprintf("%02d", $month).'_'.sprintf("%02d", $day).'_'.sprintf("%02d", $h).'_00_'.($ids1 ? $ids1 : 'none').'"'.($title1 ? ' title="'.$title1.'"' : '').'>';
print $string1;
print '</td><td '.($color2 ? 'style="background: #'.$color2.';"' : '').'class="'.($style2 ? $style2.' ' : '').'onclickopenref'.($title1 ? ' cursorpointer' : '').'" ref="ref_'.$username->id.'_'.sprintf("%04d", $year).'_'.sprintf("%02d", $month).'_'.sprintf("%02d", $day).'_'.sprintf("%02d", $h).'_30_'.($ids2 ? $ids2 : 'none').'"'.($title2 ? ' title="'.$title2.'"' : '').'>';
print '</td><td '.($color2 ? 'style="background: #'.$color2.';"' : '').'class="'.($style2 ? $style2.' ' : '').'onclickopenref center'.($title1 ? ' cursorpointer' : '').'" ref="ref_'.$username->id.'_'.sprintf("%04d", $year).'_'.sprintf("%02d", $month).'_'.sprintf("%02d", $day).'_'.sprintf("%02d", $h).'_30_'.($ids2 ? $ids2 : 'none').'"'.($title2 ? ' title="'.$title2.'"' : '').'>';
print $string2;
print '</td></tr>';
print '</table>';

8
htdocs/comm/action/peruser.php
View File

@ -711,10 +711,6 @@ if ($resql) {
$event->date_end_in_calendar = $datep;
}
}
// Define ponctual property
if ($event->date_start_in_calendar == $event->date_end_in_calendar) {
$event->ponctuel = 1;
}
// Check values
if ($event->date_end_in_calendar < $firstdaytoshow ||
@ -1441,7 +1437,7 @@ function show_day_events2($username, $day, $month, $year, $monthshown, $style, &
}
print 'class="';
print ($style1 ? $style1.' ' : '');
print 'onclickopenref'.($title2 ? ' classfortooltip' : '').($title1 ? ' cursorpointer' : '').'" ref="ref_'.$username->id.'_'.sprintf("%04d", $year).'_'.sprintf("%02d", $month).'_'.sprintf("%02d", $day).'_'.sprintf("%02d", $h).'_00_'.($ids1 ? $ids1 : 'none').'"'.($title1 ? ' title="'.$title1.'"' : '').'>';
print 'onclickopenref center'.($title2 ? ' classfortooltip' : '').($title1 ? ' cursorpointer' : '').'" ref="ref_'.$username->id.'_'.sprintf("%04d", $year).'_'.sprintf("%02d", $month).'_'.sprintf("%02d", $day).'_'.sprintf("%02d", $h).'_00_'.($ids1 ? $ids1 : 'none').'"'.($title1 ? ' title="'.$title1.'"' : '').'>';
print $string1;
print '</td><td ';
if ($style2 == 'peruser_notbusy') {
@ -1451,7 +1447,7 @@ function show_day_events2($username, $day, $month, $year, $monthshown, $style, &
}
print 'class="';
print ($style2 ? $style2.' ' : '');
print 'onclickopenref'.($title2 ? ' classfortooltip' : '').($title1 ? ' cursorpointer' : '').'" ref="ref_'.$username->id.'_'.sprintf("%04d", $year).'_'.sprintf("%02d", $month).'_'.sprintf("%02d", $day).'_'.sprintf("%02d", $h).'_30_'.($ids2 ? $ids2 : 'none').'"'.($title2 ? ' title="'.$title2.'"' : '').'>';
print 'onclickopenref center'.($title2 ? ' classfortooltip' : '').($title1 ? ' cursorpointer' : '').'" ref="ref_'.$username->id.'_'.sprintf("%04d", $year).'_'.sprintf("%02d", $month).'_'.sprintf("%02d", $day).'_'.sprintf("%02d", $h).'_30_'.($ids2 ? $ids2 : 'none').'"'.($title2 ? ' title="'.$title2.'"' : '').'>';
print $string2;
print '</td></tr>';
print '</table>';

4
htdocs/comm/contact.php
View File

@ -157,10 +157,10 @@ if ($resql) {
print '<tr class="oddeven">';
print '<td><a href="'.DOL_URL_ROOT.'/contact/card.php?id='.$obj->cidp.'&socid='.$obj->rowid.'">'.img_object($langs->trans("ShowContact"), "contact");
print '</a>&nbsp;<a href="'.DOL_URL_ROOT.'/contact/card.php?id='.$obj->cidp.'&socid='.$obj->rowid.'">'.$obj->name.'</a></td>';
print "<td>$obj->firstname</TD>";
print '<td>'.dol_escape_htmltag($obj->firstname).'</td>';
print '<td><a href="'.$_SERVER["PHP_SELF"].'?type='.$type.'&socid='.$obj->rowid.'">'.img_object($langs->trans("ShowCompany"), "company").'</a>&nbsp;';
print "<a href=\"".$urlfiche."?socid=".$obj->rowid."\">$obj->name</a></td>\n";
print '<a href="'.$urlfiche."?socid=".$obj->rowid.'">'.$obj->name."</a></td>\n";
print '<td>'.dol_print_phone($obj->email, $obj->cidp, $obj->rowid, 'AC_EMAIL').'</td>';

12
htdocs/comm/mailing/card.php
View File

@ -493,9 +493,9 @@ if (empty($reshook)) {
if ($action == 'add') {
$mesgs = array();
$object->email_from = (string) GETPOST("from", "none"); // Must allow 'name <email>'
$object->email_replyto = (string) GETPOST("replyto", "none"); // Must allow 'name <email>'
$object->email_errorsto = (string) GETPOST("errorsto", "none"); // Must allow 'name <email>'
$object->email_from = (string) GETPOST("from", 'alphawithlgt'); // Must allow 'name <email>'
$object->email_replyto = (string) GETPOST("replyto", 'alphawithlgt'); // Must allow 'name <email>'
$object->email_errorsto = (string) GETPOST("errorsto", 'alphawithlgt'); // Must allow 'name <email>'
$object->title = (string) GETPOST("title");
$object->sujet = (string) GETPOST("sujet");
$object->body = (string) GETPOST("bodyemail", 'restricthtml');
@ -531,11 +531,11 @@ if (empty($reshook)) {
if ($action == 'settitle') {
$object->title = trim(GETPOST('title', 'alpha'));
} elseif ($action == 'setemail_from') {
$object->email_from = trim(GETPOST('email_from', 'none')); // Must allow 'name <email>'
$object->email_from = trim(GETPOST('email_from', 'alphawithlgt')); // Must allow 'name <email>'
} elseif ($action == 'setemail_replyto') {
$object->email_replyto = trim(GETPOST('email_replyto', 'none')); // Must allow 'name <email>'
$object->email_replyto = trim(GETPOST('email_replyto', 'alphawithlgt')); // Must allow 'name <email>'
} elseif ($action == 'setemail_errorsto') {
$object->email_errorsto = trim(GETPOST('email_errorsto', 'none')); // Must allow 'name <email>'
$object->email_errorsto = trim(GETPOST('email_errorsto', 'alphawithlgt')); // Must allow 'name <email>'
} elseif ($action == 'settitle' && empty($object->title)) {
$mesg = $langs->trans("ErrorFieldRequired", $langs->transnoentities("MailTitle"));
} elseif ($action == 'setfrom' && empty($object->email_from)) {

4
htdocs/comm/mailing/class/html.formadvtargetemailing.class.php
View File

@ -230,7 +230,7 @@ class FormAdvTargetEmailing extends Form
$InfoFieldList = explode(":", $param_list [0]);
// 0 1 : tableName
// 1 2 : label field name Nom du champ contenant le libelle
// 1 2 : label field name Name of field that contains the label
// 2 3 : key fields name (if differ of rowid)
// 3 4 : where clause filter on column or table extrafield, syntax field='value' or extra.field=value
@ -304,7 +304,7 @@ class FormAdvTargetEmailing extends Form
if ($num) {
while ($i < $num) {
$obj = $this->db->fetch_object($resql);
// Si traduction existe, on l'utilise, sinon on prend le libelle par defaut
// If a translation exists, we use it, else we use the default label
$label = ($langs->trans("Civility".$obj->code) != "Civility".$obj->code ? $langs->trans("Civility".$obj->code) : ($obj->civilite != '-' ? $obj->civilite : ''));
$options_array[$obj->code] = $label;

10
htdocs/comm/mailing/class/mailing.class.php
View File

@ -754,7 +754,7 @@ class Mailing extends CommonObject
/**
* Return label of status of emailing (draft, validated, ...)
*
* @param int $mode 0=libelle long, 1=libelle court, 2=Picto + Libelle court, 3=Picto, 4=Picto + Libelle long
* @param int $mode 0=Long label, 1=Short label, 2=Picto+Short label, 3=Picto, 4=Picto+Short label, 5=Short label+Picto, 6=Picto+Long label, 7=Very short label+Picto
* @return string Label
*/
public function getLibStatut($mode = 0)
@ -764,10 +764,10 @@ class Mailing extends CommonObject
// phpcs:disable PEAR.NamingConventions.ValidFunctionName.ScopeNotCamelCaps
/**
* Renvoi le libelle d'un statut donne
* Return the label of a given status
*
* @param int $status Id status
* @param int $mode 0=libelle long, 1=libelle court, 2=Picto + Libelle court, 3=Picto, 4=Picto + Libelle long, 5=Libelle court + Picto
* @param int $mode 0=Long label, 1=Short label, 2=Picto+Short label, 3=Picto, 4=Picto+Short label, 5=Short label+Picto, 6=Picto+Long label, 7=Very short label+Picto
* @return string Label
*/
public function LibStatut($status, $mode = 0)
@ -792,11 +792,11 @@ class Mailing extends CommonObject
/**
* Renvoi le libelle d'un statut donne
* Return the label of a given status of a recipient
* TODO Add class mailin_target.class.php
*
* @param int $status Id status
* @param int $mode 0=libelle long, 1=libelle court, 2=Picto + Libelle court, 3=Picto, 4=Picto + Libelle long, 5=Libelle court + Picto
* @param int $mode 0=Long label, 1=Short label, 2=Picto+Short label, 3=Picto, 4=Picto+Short label, 5=Short label+Picto, 6=Picto+Long label, 7=Very short label+Picto
* @param string $desc Desc error
* @return string Label
*/

2
htdocs/comm/prospect/index.php
View File

@ -77,7 +77,7 @@ if (!empty($conf->propal->enabled)) {
*
*/
$sql = "SELECT count(*) as cc, st.libelle, st.picto, st.id";
$sql = "SELECT count(*) as cc, st.libelle as stcomm, st.picto, st.id";
$sql .= " FROM ".MAIN_DB_PREFIX."societe as s";
$sql .= ", ".MAIN_DB_PREFIX."c_stcomm as st ";
if (empty($user->rights->societe->client->voir) && !$socid) {

18
htdocs/commande/class/commande.class.php
View File

@ -490,7 +490,8 @@ class Commande extends CommonOrder
$sql .= " SET ref = '".$this->db->escape($num)."',";
$sql .= " fk_statut = ".self::STATUS_VALIDATED.",";
$sql .= " date_valid='".$this->db->idate($now)."',";
$sql .= " fk_user_valid = ".((int) $user->id);
$sql .= " fk_user_valid = ".((int) $user->id).",";
$sql .= " fk_user_modif = ".((int) $user->id);
$sql .= " WHERE rowid = ".((int) $this->id);
dol_syslog(get_class($this)."::valid", LOG_DEBUG);
@ -620,7 +621,8 @@ class Commande extends CommonOrder
$this->db->begin();
$sql = "UPDATE ".MAIN_DB_PREFIX."commande";
$sql .= " SET fk_statut = ".self::STATUS_DRAFT;
$sql .= " SET fk_statut = ".self::STATUS_DRAFT."',";
$sql .= " fk_user_modif = ".((int) $user->id);
$sql .= " WHERE rowid = ".((int) $this->id);
if ($this->db->query($sql)) {
@ -694,7 +696,8 @@ class Commande extends CommonOrder
$this->db->begin();
$sql = 'UPDATE '.MAIN_DB_PREFIX.'commande';
$sql .= ' SET fk_statut='.self::STATUS_VALIDATED.', facture=0';
$sql .= ' SET fk_statut='.self::STATUS_VALIDATED.', facture=0,';
$sql .= " fk_user_modif = ".((int) $user->id);
$sql .= " WHERE rowid = ".((int) $this->id);
dol_syslog(get_class($this)."::set_reopen", LOG_DEBUG);
@ -755,7 +758,8 @@ class Commande extends CommonOrder
$sql = 'UPDATE '.MAIN_DB_PREFIX.$this->table_element;
$sql .= ' SET fk_statut = '.self::STATUS_CLOSED.',';
$sql .= ' fk_user_cloture = '.((int) $user->id).',';
$sql .= " date_cloture = '".$this->db->idate($now)."'";
$sql .= " date_cloture = '".$this->db->idate($now)."',";
$sql .= " fk_user_modif = ".((int) $user->id);
$sql .= " WHERE rowid = ".((int) $this->id).' AND fk_statut > '.self::STATUS_DRAFT;
if ($this->db->query($sql)) {
@ -803,7 +807,8 @@ class Commande extends CommonOrder
$this->db->begin();
$sql = "UPDATE ".MAIN_DB_PREFIX."commande";
$sql .= " SET fk_statut = ".self::STATUS_CANCELED;
$sql .= " SET fk_statut = ".self::STATUS_CANCELED.",";
$sql .= " fk_user_modif = ".((int) $user->id);
$sql .= " WHERE rowid = ".((int) $this->id);
$sql .= " AND fk_statut = ".self::STATUS_VALIDATED;
@ -1779,7 +1784,7 @@ class Commande extends CommonOrder
return -1;
}
$sql = 'SELECT c.rowid, c.entity, c.date_creation, c.ref, c.fk_soc, c.fk_user_author, c.fk_user_valid, c.fk_statut';
$sql = 'SELECT c.rowid, c.entity, c.date_creation, c.ref, c.fk_soc, c.fk_user_author, c.fk_user_valid, c.fk_user_modif, c.fk_statut';
$sql .= ', c.amount_ht, c.total_ht, c.total_ttc, c.total_tva, c.localtax1 as total_localtax1, c.localtax2 as total_localtax2, c.fk_cond_reglement, c.fk_mode_reglement, c.fk_availability, c.fk_input_reason';
$sql .= ', c.fk_account';
$sql .= ', c.date_commande, c.date_valid, c.tms';
@ -1844,6 +1849,7 @@ class Commande extends CommonOrder
$this->user_author_id = $obj->fk_user_author;
$this->user_valid = $obj->fk_user_valid;
$this->user_modification = $obj->fk_user_modif;
$this->total_ht = $obj->total_ht;
$this->total_tva = $obj->total_tva;
$this->total_localtax1 = $obj->total_localtax1;

6
htdocs/compta/facture/class/facture.class.php
View File

@ -527,9 +527,9 @@ class Facture extends CommonInvoice
// Fields coming from GUI (priority on template). TODO Value of template should be used as default value on GUI so we can use here always value from GUI
$this->fk_project = GETPOST('projectid', 'int') > 0 ? ((int) GETPOST('projectid', 'int')) : $_facrec->fk_project;
$this->note_public = GETPOST('note_public', 'none') ? GETPOST('note_public', 'restricthtml') : $_facrec->note_public;
$this->note_private = GETPOST('note_private', 'none') ? GETPOST('note_private', 'restricthtml') : $_facrec->note_private;
$this->model_pdf = GETPOST('model', 'alpha') ? GETPOST('model', 'alpha') : $_facrec->model_pdf;
$this->note_public = GETPOSTISSET('note_public') ? GETPOST('note_public', 'restricthtml') : $_facrec->note_public;
$this->note_private = GETPOSTISSET('note_private') ? GETPOST('note_private', 'restricthtml') : $_facrec->note_private;
$this->model_pdf = GETPOSTISSET('model') ? GETPOST('model', 'alpha') : $_facrec->model_pdf;
$this->cond_reglement_id = GETPOST('cond_reglement_id', 'int') > 0 ? ((int) GETPOST('cond_reglement_id', 'int')) : $_facrec->cond_reglement_id;
$this->mode_reglement_id = GETPOST('mode_reglement_id', 'int') > 0 ? ((int) GETPOST('mode_reglement_id', 'int')) : $_facrec->mode_reglement_id;
$this->fk_account = GETPOST('fk_account') > 0 ? ((int) GETPOST('fk_account')) : $_facrec->fk_account;

5
htdocs/compta/tva/card.php
View File

@ -196,7 +196,8 @@ if ($action == 'add' && !$cancel) {
}
$object->amount = $amount;
$object->label = GETPOST("label", 'alpha');
$object->note = GETPOST("note", 'none');
$object->note = GETPOST("note", 'restricthtml');
$object->note_private = GETPOST("note", 'restricthtml');
if (empty($object->datep)) {
setEventMessages($langs->trans("ErrorFieldRequired", $langs->transnoentitiesnoconv("DatePayment")), null, 'errors');
@ -236,7 +237,7 @@ if ($action == 'add' && !$cancel) {
$paiement->amounts = array($object->id=>$amount); // Tableau de montant
$paiement->paiementtype = GETPOST("type_payment", 'alphanohtml');
$paiement->num_payment = GETPOST("num_payment", 'alphanohtml');
$paiement->note = GETPOST("note", 'none');
$paiement->note = GETPOST("note", 'restricthtml');
if (!$error) {
$paymentid = $paiement->create($user, (int) GETPOST('closepaidtva'));

2
htdocs/core/actions_massactions.inc.php
View File

@ -81,7 +81,7 @@ if (!$error && $massaction == 'confirm_presend') {
$listofobjectref = array();
$contactidtosend = array();
$attachedfilesThirdpartyObj = array();
$oneemailperrecipient = (GETPOST('oneemailperrecipient') == 'on' ? 1 : 0);
$oneemailperrecipient = (GETPOST('oneemailperrecipient', 'int') ? 1 : 0);
if (!$error) {
$thirdparty = new Societe($db);

41
htdocs/core/actions_setmoduleoptions.inc.php
View File

@ -29,13 +29,13 @@
// $formSetup may be defined
if ($action == 'update' && !empty($formSetup) && is_object($formSetup)) {
if ($action == 'update' && !empty($formSetup) && is_object($formSetup) && !empty($user->admin)) {
$formSetup->saveConfFromPost();
return;
}
if ($action == 'update' && is_array($arrayofparameters)) {
if ($action == 'update' && is_array($arrayofparameters) && !empty($user->admin)) {
$db->begin();
foreach ($arrayofparameters as $key => $val) {
@ -72,8 +72,37 @@ if ($action == 'update' && is_array($arrayofparameters)) {
}
}
if ($action == 'deletefile' && $modulepart == 'doctemplates' && !empty($user->admin)) {
include_once DOL_DOCUMENT_ROOT.'/core/lib/files.lib.php';
$keyforuploaddir = GETPOST('keyforuploaddir', 'aZ09');
$listofdir = explode(',', preg_replace('/[\r\n]+/', ',', trim(getDolGlobalString($keyforuploaddir))));
foreach ($listofdir as $key => $tmpdir) {
$tmpdir = preg_replace('/DOL_DATA_ROOT\/*/', '', $tmpdir); // Clean string if we found a hardcoded DOL_DATA_ROOT
if (!$tmpdir) {
unset($listofdir[$key]);
continue;
}
$tmpdir = DOL_DATA_ROOT.'/'.$tmpdir; // Complete with DOL_DATA_ROOT. Only files into DOL_DATA_ROOT can be reach/set
if (!is_dir($tmpdir)) {
if (empty($nomessageinsetmoduleoptions)) {
setEventMessages($langs->trans("ErrorDirNotFound", $tmpdir), null, 'warnings');
}
} else {
$upload_dir = $tmpdir;
break; // So we take the first directory found into setup $conf->global->$keyforuploaddir
}
}
$filetodelete = $tmpdir.'/'.GETPOST('file');
$result = dol_delete_file($filetodelete);
if ($result > 0) {
setEventMessages($langs->trans("FileWasRemoved", GETPOST('file')), null, 'mesgs');
}
}
// Define constants for submodules that contains parameters (forms with param1, param2, ... and value1, value2, ...)
if ($action == 'setModuleOptions') {
if ($action == 'setModuleOptions' && !empty($user->admin)) {
$db->begin();
// Process common param fields
@ -97,20 +126,22 @@ if ($action == 'setModuleOptions') {
if (GETPOST('upload', 'alpha') && GETPOST('keyforuploaddir', 'aZ09')) {
include_once DOL_DOCUMENT_ROOT.'/core/lib/files.lib.php';
$keyforuploaddir = GETPOST('keyforuploaddir', 'aZ09');
$listofdir = explode(',', preg_replace('/[\r\n]+/', ',', trim($conf->global->$keyforuploaddir)));
$listofdir = explode(',', preg_replace('/[\r\n]+/', ',', trim(getDolGlobalString($keyforuploaddir))));
foreach ($listofdir as $key => $tmpdir) {
$tmpdir = trim($tmpdir);
$tmpdir = preg_replace('/DOL_DATA_ROOT/', DOL_DATA_ROOT, $tmpdir);
$tmpdir = preg_replace('/DOL_DATA_ROOT\/*/', '', $tmpdir); // Clean string if we found a hardcoded DOL_DATA_ROOT
if (!$tmpdir) {
unset($listofdir[$key]);
continue;
}
$tmpdir = DOL_DATA_ROOT.'/'.$tmpdir; // Complete with DOL_DATA_ROOT. Only files into DOL_DATA_ROOT can be reach/set
if (!is_dir($tmpdir)) {
if (empty($nomessageinsetmoduleoptions)) {
setEventMessages($langs->trans("ErrorDirNotFound", $tmpdir), null, 'warnings');
}
} else {
$upload_dir = $tmpdir;
break; // So we take the first directory found into setup $conf->global->$keyforuploaddir
}
}
if ($upload_dir) {

6
htdocs/core/ajax/check_notifications.php
View File

@ -170,8 +170,10 @@ if (empty($_SESSION['auto_check_events_not_before']) || $time >= $_SESSION['auto
$event['code'] = $obj->code;
$event['label'] = $obj->label;
$event['location'] = $obj->location;
$event['reminder_date_formated'] = dol_print_date($db->jdate($obj->dateremind), 'standard');
$event['event_date_start_formated'] = dol_print_date($db->jdate($obj->datep), 'standard');
$event['reminder_date_formated_tzserver'] = dol_print_date($db->jdate($obj->dateremind), 'standard', 'tzserver');
$event['event_date_start_formated_tzserver'] = dol_print_date($db->jdate($obj->datep), 'standard', 'tzserver');
$event['reminder_date_formated'] = dol_print_date($db->jdate($obj->dateremind), 'standard', 'tzuser');
$event['event_date_start_formated'] = dol_print_date($db->jdate($obj->datep), 'standard', 'tzuser');
$eventfound[$obj->id_agenda] = $event;
}

6
htdocs/core/boxes/box_produits_alerte_stock.php
View File

@ -94,12 +94,12 @@ class box_produits_alerte_stock extends ModeleBoxes
$sql .= " FROM ".MAIN_DB_PREFIX."product as p";
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."product_stock as s on p.rowid = s.fk_product";
$sql .= ' WHERE p.entity IN ('.getEntity($productstatic->element).')';
$sql .= " AND p.tosell = 1 AND p.seuil_stock_alerte > 0";
$sql .= " AND p.seuil_stock_alerte > 0";
if (empty($user->rights->produit->lire)) {
$sql .= ' AND p.fk_product_type != 0';
$sql .= ' AND p.fk_product_type <> 0';
}
if (empty($user->rights->service->lire)) {
$sql .= ' AND p.fk_product_type != 1';
$sql .= ' AND p.fk_product_type <> 1';
}
// Add where from hooks
if (is_object($hookmanager)) {

5
htdocs/core/boxes/box_validated_projects.php
View File

@ -26,6 +26,7 @@
*/
include_once DOL_DOCUMENT_ROOT."/core/boxes/modules_boxes.php";
/**
* Class to manage the box to show last projet
*/
@ -63,7 +64,7 @@ class box_validated_projects extends ModeleBoxes
$langs->loadLangs(array('boxes', 'projects'));
$this->db = $db;
$this->boxlabel = "ProjectsWithTask";
$this->boxlabel = "ProjectTasksWithoutTimeSpent";
$this->hidden = !($user->rights->projet->lire);
@ -116,7 +117,7 @@ class box_validated_projects extends ModeleBoxes
$sql .= " INNER JOIN ".MAIN_DB_PREFIX."element_contact as ec ON ec.element_id = t.rowid AND fk_c_type_contact IN (-1, -2, -3)";
$sql .= " WHERE p.fk_statut = 1"; // Only open projects
if ($projectsListId) {
$sql .= ' AND p.rowid IN ('.$this->db->sanitize($projectsListId).')'; // Only project are allowed
$sql .= ' AND p.rowid IN ('.$this->db->sanitize($projectsListId).')'; // Only projects that are allowed
}
$sql .= " AND t.rowid NOT IN (SELECT fk_task FROM ".MAIN_DB_PREFIX."projet_task_time WHERE fk_user = ".((int) $user->id).")";
$sql .= " GROUP BY p.rowid, p.ref, p.fk_soc, p.dateo";

10
htdocs/core/class/CSMSFile.class.php
View File

@ -29,8 +29,9 @@
/**
* Class to send SMS
* Usage: $smsfile = new CSMSFile($subject,$sendto,$replyto,$message,$filepath,$mimetype,$filename,$cc,$ccc,$deliveryreceipt,$msgishtml,$errors_to);
* $smsfile->sendfile();
* Usage: $smsfile = new CSMSFile($subject,$sendto,$replyto,$message,$filepath,$mimetype,$filename,$cc,$ccc,$deliveryreceipt,$msgishtml,$errors_to);
* $smsfile->socid=...; $smsfile->contact_id=...; $smsfile->member_id=...; $smsfile->fk_project=...;
* $smsfile->sendfile();
*/
class CSMSFile
{
@ -48,7 +49,8 @@ class CSMSFile
public $nostop;
public $socid;
public $contactid;
public $contact_id;
public $member_id;
public $fk_project;
@ -135,6 +137,7 @@ class CSMSFile
$sms->socid = $this->socid;
$sms->contact_id = $this->contact_id;
$sms->member_id = $this->member_id;
$sms->project = $this->fk_project;
$res = $sms->SmsSend();
@ -167,6 +170,7 @@ class CSMSFile
$sms->socid = $this->socid;
$sms->contact_id = $this->contact_id;
$sms->member_id = $this->member_id;
$sms->fk_project = $this->fk_project;
$res = $sms->SmsSend();

11
htdocs/core/class/commonobject.class.php
View File

@ -1215,17 +1215,20 @@ abstract class CommonObject
public function delete_linked_contact($source = '', $code = '')
{
// phpcs:enable
$listId = '';
$temp = array();
$typeContact = $this->liste_type_contact($source, '', 0, 0, $code);
foreach ($typeContact as $key => $value) {
array_push($temp, $key);
if (!empty($typeContact)) {
foreach ($typeContact as $key => $value) {
array_push($temp, $key);
}
$listId = implode(",", $temp);
}
$listId = implode(",", $temp);
$sql = "DELETE FROM ".MAIN_DB_PREFIX."element_contact";
$sql .= " WHERE element_id = ".((int) $this->id);
if ($listId) {
if (!empty($listId)) {
$sql .= " AND fk_c_type_contact IN (".$this->db->sanitize($listId).")";
}

2
htdocs/core/class/conf.class.php
View File

@ -258,7 +258,7 @@ class Conf
// Define all global constants into $this->global->key=value
$sql = "SELECT ".$db->decrypt('name')." as name,";
$sql .= " ".$db->decrypt('value')." as value, entity";
$sql .= " FROM ".MAIN_DB_PREFIX."const";
$sql .= " FROM ".$db->prefix()."const";
$sql .= " WHERE entity IN (0,".$this->entity.")";
$sql .= " ORDER BY entity"; // This is to have entity 0 first, then entity 1 that overwrite.

2
htdocs/core/class/hookmanager.class.php
View File

@ -111,7 +111,7 @@ class HookManager
if (in_array($context, $arrayhooks) || in_array('all', $arrayhooks)) { // We instantiate action class only if initialized hook is handled by module
// Include actions class overwriting hooks
if (empty($this->hooks[$context][$module]) || !is_object($this->hooks[$context][$module])) { // If set to an object value, class was already loaded
if (empty($this->hooks[$context][$module]) || !is_object($this->hooks[$context][$module])) { // If set to an object value, class was already loaded so we do nothing.
$path = '/'.$module.'/class/';
$actionfile = 'actions_'.$module.'.class.php';

4
htdocs/core/class/html.formactions.class.php
View File

@ -352,7 +352,7 @@ class FormActions
* @param array|string $selected Type pre-selected (can be 'manual', 'auto' or 'AC_xxx'). Can be an array too.
* @param string $htmlname Name of select field
* @param string $excludetype A type to exclude ('systemauto', 'system', '')
* @param integer $onlyautoornot 1=Group all type AC_XXX into 1 line AC_MANUAL. 0=Keep details of type, -1=Keep details and add a combined line "All manual"
* @param integer $onlyautoornot 1=Group all type AC_XXX into 1 line AC_MANUAL. 0=Keep details of type, -1=Keep details and add a combined line "All manual", -2=Combined line is disabled (not implemented yet)
* @param int $hideinfohelp 1=Do not show info help, 0=Show, -1=Show+Add info to tell how to set default value
* @param int $multiselect 1=Allow multiselect of action type
* @param int $nooutput 1=No output
@ -373,7 +373,7 @@ class FormActions
$caction = new CActionComm($this->db);
// Suggest a list with manual events or all auto events
$arraylist = $caction->liste_array(1, 'code', $excludetype, $onlyautoornot);
$arraylist = $caction->liste_array(1, 'code', $excludetype, $onlyautoornot, '', 0); // If we use param 'all' instead of 'code', there is no group by include in answer but the key 'type' of answer array contains the key for the group by.
if (empty($multiselect)) {
// Add empty line at start only if no multiselect
array_unshift($arraylist, '&nbsp;');

22
htdocs/core/class/html.formadmin.class.php
View File

@ -73,15 +73,19 @@ class FormAdmin
$langs_available = $langs->get_available_languages(DOL_DOCUMENT_ROOT, 12, 0, $mainlangonly);
// If the language to select is not inside the list of available language and empty value is not available, we must find
// an alternative as the language code to pre-select (to avoid to have first element in list pre-selected).
if ($selected && !array_key_exists($selected, $langs_available) && empty($showempty)) {
$tmparray = explode('_', $selected);
if (!empty($tmparray[1])) {
$selected = getLanguageCodeFromCountryCode($tmparray[1]);
}
if (empty($selected)) {
$selected = $langs->defaultlang;
// If empty value is not allowed and the language to select is not inside the list of available language and we must find
// an alternative of the language code to pre-select (to avoid to have first element in list pre-selected).
if ($selected && empty($showempty)) {
if (!is_array($selected) && !array_key_exists($selected, $langs_available)) {
$tmparray = explode('_', $selected);
if (!empty($tmparray[1])) {
$selected = getLanguageCodeFromCountryCode($tmparray[1]);
}
if (empty($selected)) {
$selected = $langs->defaultlang;
}
} else {
// If the preselected value is an array, we do not try to find alternative to preselect
}
}

4
htdocs/core/class/html.formfile.class.php
View File

@ -379,9 +379,10 @@ class FormFile
* @param Object $object Object when method is called from an object card.
* @param int $hideifempty Hide section of generated files if there is no file
* @param string $removeaction (optional) The action to remove a file
* @param string $tooltipontemplatecombo Text to show on a tooltip after the combo list of templates
* @return string Output string with HTML array of documents (might be empty string)
*/
public function showdocuments($modulepart, $modulesubdir, $filedir, $urlsource, $genallowed, $delallowed = 0, $modelselected = '', $allowgenifempty = 1, $forcenomultilang = 0, $iconPDF = 0, $notused = 0, $noform = 0, $param = '', $title = '', $buttonlabel = '', $codelang = '', $morepicto = '', $object = null, $hideifempty = 0, $removeaction = 'remove_file')
public function showdocuments($modulepart, $modulesubdir, $filedir, $urlsource, $genallowed, $delallowed = 0, $modelselected = '', $allowgenifempty = 1, $forcenomultilang = 0, $iconPDF = 0, $notused = 0, $noform = 0, $param = '', $title = '', $buttonlabel = '', $codelang = '', $morepicto = '', $object = null, $hideifempty = 0, $removeaction = 'remove_file', $tooltipontemplatecombo = '')
{
global $dolibarr_main_url_root;
@ -769,6 +770,7 @@ class FormFile
if ($conf->use_javascript_ajax) {
$out .= ajax_combobox('model');
}
$out .= $form->textwithpicto('', $tooltipontemplatecombo, 1, 'help', 'marginrightonly', 0, 3, '', 0);
} else {
$out .= '<div class="float">'.$langs->trans("Files").'</div>';
}

40
htdocs/core/class/html.formmail.class.php
View File

@ -157,6 +157,7 @@ class FormMail extends Form
public $lines_model;
// -1 suggest the checkbox 'one email per recipient' not checked, 0 = no suggestion, 1 = suggest and checked
public $withoptiononeemailperrecipient;
@ -357,7 +358,7 @@ class FormMail extends Form
// phpcs:enable
global $conf, $langs, $user, $hookmanager, $form;
// Required to show preview of mail attachments
// Required to show preview wof mail attachments
require_once DOL_DOCUMENT_ROOT.'/core/class/html.formfile.class.php';
$formfile = new Formfile($this->db);
@ -366,7 +367,7 @@ class FormMail extends Form
}
// Load translation files required by the page
$langs->loadLangs(array('other', 'mails'));
$langs->loadLangs(array('other', 'mails', 'members'));
// Clear temp files. Must be done before call of triggers, at beginning (mode = init), or when we select a new template
if (GETPOST('mode', 'alpha') == 'init' || (GETPOST('modelselected') && GETPOST('modelmailselected', 'alpha') && GETPOST('modelmailselected', 'alpha') != '-1')) {
@ -464,11 +465,10 @@ class FormMail extends Form
$modelmail_array = array();
if ($this->param['models'] != 'none') {
$result = $this->fetchAllEMailTemplate($this->param["models"], $user, $outputlangs);
if ($result < 0) {
setEventMessages($this->error, $this->errors, 'errors');
}
$langs->trans("members");
foreach ($this->lines_model as $line) {
$reg = array();
if (preg_match('/\((.*)\)/', $line->label, $reg)) {
@ -503,7 +503,7 @@ class FormMail extends Form
}
$out .= ' &nbsp; ';
$out .= '<input type="submit" class="button" value="'.$langs->trans('Apply').'" name="modelselected" id="modelselected">';
$out .= '<input type="submit" class="button reposition" value="'.$langs->trans('Apply').'" name="modelselected" id="modelselected">';
$out .= ' &nbsp; ';
$out .= '</div>';
} elseif (!empty($this->param['models']) && in_array($this->param['models'], array(
@ -526,7 +526,7 @@ class FormMail extends Form
}
$out .= '<table class="tableforemailform boxtablenotop" width="100%">'."\n";
$out .= '<table class="tableforemailform boxtablenotop centpercent">'."\n";
// Substitution array/string
$helpforsubstitution = '';
@ -688,16 +688,20 @@ class FormMail extends Form
// With option one email per recipient
if (!empty($this->withoptiononeemailperrecipient)) {
$out .= '<tr><td class="minwidth200">';
$out .= $langs->trans("GroupEmails");
$out .= '</td><td>';
$out .= ' <input type="checkbox" id="oneemailperrecipient" name="oneemailperrecipient"'.($this->withoptiononeemailperrecipient > 0 ? ' checked="checked"' : '').'> ';
$out .= '<label for="oneemailperrecipient">'.$langs->trans("OneEmailPerRecipient").'</label>';
$out .= '<span class="hideonsmartphone opacitymedium">';
$out .= ' - ';
$out .= $langs->trans("WarningIfYouCheckOneRecipientPerEmail");
$out .= '</span>';
$out .= '</td></tr>';
if (abs($this->withoptiononeemailperrecipient) == 1) {
$out .= '<tr><td class="minwidth200">';
$out .= $langs->trans("GroupEmails");
$out .= '</td><td>';
$out .= ' <input type="checkbox" id="oneemailperrecipient" value="1" name="oneemailperrecipient"'.($this->withoptiononeemailperrecipient > 0 ? ' checked="checked"' : '').'> ';
$out .= '<label for="oneemailperrecipient">'.$langs->trans("OneEmailPerRecipient").'</label>';
$out .= '<span class="hideonsmartphone opacitymedium">';
$out .= ' - ';
$out .= $langs->trans("WarningIfYouCheckOneRecipientPerEmail");
$out .= '</span>';
$out .= '</td></tr>';
} else {
$out .= '<tr><td><input type="hidden" name="oneemailperrecipient" value="1"></td><td></td></tr>';
}
}
// CC
@ -813,8 +817,7 @@ class FormMail extends Form
$out .= '<br></div>';
}
} elseif (empty($this->withmaindocfile)) {
// Do not show message if we asked to show the checkbox
$out .= $langs->trans("NoAttachedFiles").'<br>';
$out .= '<span class="opacitymedium">'.$langs->trans("NoAttachedFiles").'</span><br>';
}
if ($this->withfile == 2) {
// Can add other files
@ -1217,6 +1220,7 @@ class FormMail extends Form
global $conf, $langs, $form;
$defaulttopic = GETPOST('subject', 'restricthtml');
if (!GETPOST('modelselected', 'alpha') || GETPOST('modelmailselected') != '-1') {
if ($arraydefaultmessage && $arraydefaultmessage->topic) {
$defaulttopic = $arraydefaultmessage->topic;

2
htdocs/core/class/html.formticket.class.php
View File

@ -1261,7 +1261,7 @@ class FormTicket
// Zone to select its email template
if (count($modelmail_array) > 0) {
print '<tr class="email_line"><td></td><td colspan="2"><div style="padding: 3px 0 3px 0">'."\n";
print $langs->trans('SelectMailModel').': '.$formmail->selectarray('modelmailselected', $modelmail_array, $this->param['models_id'], 1);
print $langs->trans('SelectMailModel').': '.$formmail->selectarray('modelmailselected', $modelmail_array, $this->param['models_id'], 1, 0, "", "", 0, 0, 0, '', 'minwidth200');
if ($user->admin) {
print info_admin($langs->trans("YouCanChangeValuesForThisListFromDictionarySetup"), 1);
}

2
htdocs/core/class/link.class.php
View File

@ -249,7 +249,7 @@ class Link extends CommonObject
$resql = $this->db->query($sql);
if ($resql) {
$num = $this->db->num_rows($resql);
dol_syslog(get_class($this)."::fetchAll ".$num."records", LOG_DEBUG);
dol_syslog(get_class($this)."::fetchAll num=".((int) $num), LOG_DEBUG);
if ($num > 0) {
while ($obj = $this->db->fetch_object($resql)) {
$link = new Link($this->db);

2
htdocs/core/customreports.php
View File

@ -56,7 +56,7 @@ if (!defined('USE_CUSTOM_REPORT_AS_INCLUDE')) {
}
$search_yaxis = GETPOST('search_yaxis', 'array');
$search_graph = GETPOST('search_graph', 'none');
$search_graph = GETPOST('search_graph', 'restricthtml');
// Load variable for pagination
$limit = GETPOST('limit', 'int') ? GETPOST('limit', 'int') : $conf->liste_limit;

15
htdocs/core/db/DoliDB.class.php
View File

@ -62,11 +62,26 @@ abstract class DoliDB implements Database
/** @var string Last error number. For example: 'DB_ERROR_RECORD_ALREADY_EXISTS', '12345', ... */
public $lasterrno;
/** @var string If we need to set a prefix specific to the database so it can be reused (when defined instead of MAIN_DB_PREFIX) to forge requests */
public $prefix_db;
/** @var bool Status */
public $ok;
/** @var string */
public $error;
/**
* Return the DB prefix
*
* @return string The DB prefix
*/
public function prefix()
{
return (empty($this->prefix_db) ? MAIN_DB_PREFIX : $this->prefix_db);
}
/**
* Format a SQL IF
*

3
htdocs/core/get_menudiv.php
View File

@ -121,12 +121,13 @@ print '
display: none;
}
a.alilevel0 {
a.alilevel0, span.spanlilevel0 {
background-image: url(\''.DOL_URL_ROOT.'/theme/'.urlencode($conf->theme).'/img/next.png\') !important;
background-repeat: no-repeat !important;
background-position-x: 10px;
background-position-y: 16px;
padding: 1em 15px 1em 40px;
display: block;
}
li.lilevel0 font.vsmenudisabled {
background-repeat: no-repeat !important;

2
htdocs/core/js/lib_notification.js.php
View File

@ -64,7 +64,7 @@ print "jQuery(document).ready(function () {\n";
//print " console.log('referrer=".dol_escape_js($_SERVER['HTTP_REFERER'])."');\n";
print ' var nowtime = Date.now();';
print ' var time_auto_update = '.$conf->global->MAIN_BROWSER_NOTIFICATION_FREQUENCY.';'."\n"; // Always defined
print ' var time_auto_update = '.max(1, getDolGlobalInt('MAIN_BROWSER_NOTIFICATION_FREQUENCY')).';'."\n"; // Always defined
print ' var time_js_next_test;'."\n";
?>

55
htdocs/core/lib/functions.lib.php
View File

@ -17,6 +17,7 @@
* Copyright (C) 2019 Thibault Foucart <support@ptibogxiv.net>
* Copyright (C) 2020 Open-Dsi <support@open-dsi.fr>
* Copyright (C) 2021 Gauthier VERDOL <gauthier.verdol@atm-consulting.fr>
* Copyright (C) 2022 Anthony Berton <anthony.berton@bb2a.fr>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -641,7 +642,7 @@ function GETPOST($paramname, $check = 'alphanohtml', $method = 0, $filter = null
}
// Check rule
if (preg_match('/^array/', $check)) { // If 'array' or 'array:restricthtml' or 'array:aZ09'
if (preg_match('/^array/', $check)) { // If 'array' or 'array:restricthtml' or 'array:aZ09' or 'array:intcomma'
if (!is_array($out) || empty($out)) {
$out = array();
} else {
@ -828,7 +829,10 @@ function checkVal($out = '', $check = 'alphanohtml', $filter = null, $options =
// We replace chars from a/A to z/Z encoded with numeric HTML entities with the real char so we won't loose the chars at the next step (preg_replace).
// No need to use a loop here, this step is not to sanitize (this is done at next step, this is to try to save chars, even if they are
// using a non coventionnel way to be encoded, to not have them sanitized just after)
$out = preg_replace_callback('/&#(x?[0-9][0-9a-f]+;?)/i', 'realCharForNumericEntities', $out);
//$out = preg_replace_callback('/&#(x?[0-9][0-9a-f]+;?)/i', 'realCharForNumericEntities', $out);
$out = preg_replace_callback('/&#(x?[0-9][0-9a-f]+;?)/i', function ($m) {
return realCharForNumericEntities($m); }, $out);
// Now we remove all remaining HTML entities starting with a number. We don't want such entities.
$out = preg_replace('/&#x?[0-9]+/i', '', $out); // For example if we have j&#x61vascript with an entities without the ; to hide the 'a' of 'javascript'.
@ -1894,7 +1898,7 @@ function dol_banner_tab($object, $paramid, $morehtml = '', $shownav = 1, $fieldi
if ($object->element == 'product') {
$width = 80;
$cssclass = 'photoref';
$cssclass = 'photowithmargin photoref';
$showimage = $object->is_photo_available($conf->product->multidir_output[$entity]);
$maxvisiblephotos = (isset($conf->global->PRODUCT_MAX_VISIBLE_PHOTO) ? $conf->global->PRODUCT_MAX_VISIBLE_PHOTO : 5);
if ($conf->browser->layout == 'phone') {
@ -1996,7 +2000,7 @@ function dol_banner_tab($object, $paramid, $morehtml = '', $shownav = 1, $fieldi
}
}
} elseif (!$phototoshow) { // example if modulepart = 'societe' or 'photo'
$phototoshow .= $form->showphoto($modulepart, $object, 0, 0, 0, 'photoref', 'small', 1, 0, $maxvisiblephotos);
$phototoshow .= $form->showphoto($modulepart, $object, 0, 0, 0, 'photowithmargin photoref', 'small', 1, 0, $maxvisiblephotos);
}
if ($phototoshow) {
@ -3640,7 +3644,7 @@ function img_picto($titlealt, $picto, $moreatt = '', $pictoisfullpath = false, $
'1downarrow', '1uparrow', '1leftarrow', '1rightarrow', '1uparrow_selected', '1downarrow_selected', '1leftarrow_selected', '1rightarrow_selected',
'accountancy', 'accounting_account', 'account', 'accountline', 'action', 'add', 'address', 'angle-double-down', 'angle-double-up', 'asset',
'bank_account', 'barcode', 'bank', 'bell', 'bill', 'billa', 'billr', 'billd', 'bookmark', 'bom', 'bug', 'building',
'calendar', 'calendarmonth', 'calendarweek', 'calendarday', 'calendarperuser', 'calendarpertype',
'card', 'calendar', 'calendarmonth', 'calendarweek', 'calendarday', 'calendarperuser', 'calendarpertype',
'cash-register', 'category', 'chart', 'check', 'clock', 'close_title', 'cog', 'collab', 'company', 'contact', 'country', 'contract', 'conversation', 'cron', 'cubes',
'multicurrency',
'delete', 'dolly', 'dollyrevert', 'donation', 'download', 'dynamicprice',
@ -3652,9 +3656,10 @@ function img_picto($titlealt, $picto, $moreatt = '', $pictoisfullpath = false, $
'label', 'language', 'link', 'list', 'list-alt', 'listlight', 'loan', 'lot', 'long-arrow-alt-right',
'margin', 'map-marker-alt', 'member', 'meeting', 'money-bill-alt', 'movement', 'mrp', 'note', 'next',
'off', 'on', 'order',
'paiment', 'paragraph', 'play', 'pdf', 'phone', 'phoning', 'phoning_mobile', 'phoning_fax', 'playdisabled', 'previous', 'poll', 'pos', 'printer', 'product', 'propal', 'stock', 'resize', 'service', 'stats', 'trip',
'paiment', 'paragraph', 'play', 'pdf', 'phone', 'phoning', 'phoning_mobile', 'phoning_fax', 'playdisabled', 'previous', 'poll', 'pos', 'printer', 'product', 'propal', 'puce',
'stock', 'resize', 'service', 'stats', 'trip',
'security', 'setup', 'share-alt', 'sign-out', 'split', 'stripe', 'stripe-s', 'switch_off', 'switch_on', 'switch_on_red', 'tools', 'unlink', 'uparrow', 'user', 'vcard', 'wrench',
'github', 'jabber', 'skype', 'twitter', 'facebook', 'linkedin', 'instagram', 'snapchat', 'youtube', 'google-plus-g', 'whatsapp',
'github', 'google', 'jabber', 'skype', 'twitter', 'facebook', 'linkedin', 'instagram', 'snapchat', 'youtube', 'google-plus-g', 'whatsapp',
'chevron-left', 'chevron-right', 'chevron-down', 'chevron-top', 'commercial', 'companies',
'generic', 'home', 'hrm', 'members', 'products', 'invoicing',
'partnership', 'payment', 'payment_vat', 'pencil-ruler', 'preview', 'project', 'projectpub', 'projecttask', 'question', 'refresh', 'region',
@ -3671,10 +3676,10 @@ function img_picto($titlealt, $picto, $moreatt = '', $pictoisfullpath = false, $
$facolor = '';
$fasize = '';
$fa = 'fas';
if (in_array($pictowithouttext, array('bell', 'clock', 'establishment', 'generic', 'minus-square', 'object_generic', 'pdf', 'plus-square', 'timespent', 'note', 'off', 'on', 'object_bookmark', 'bookmark', 'vcard'))) {
if (in_array($pictowithouttext, array('card', 'bell', 'clock', 'establishment', 'generic', 'minus-square', 'object_generic', 'pdf', 'plus-square', 'timespent', 'note', 'off', 'on', 'object_bookmark', 'bookmark', 'vcard'))) {
$fa = 'far';
}
if (in_array($pictowithouttext, array('black-tie', 'github', 'skype', 'twitter', 'facebook', 'linkedin', 'instagram', 'snapchat', 'stripe', 'stripe-s', 'youtube', 'google-plus-g', 'whatsapp'))) {
if (in_array($pictowithouttext, array('black-tie', 'github', 'google', 'skype', 'twitter', 'facebook', 'linkedin', 'instagram', 'snapchat', 'stripe', 'stripe-s', 'youtube', 'google-plus-g', 'whatsapp'))) {
$fa = 'fab';
}
@ -3684,7 +3689,7 @@ function img_picto($titlealt, $picto, $moreatt = '', $pictoisfullpath = false, $
'bill'=>'file-invoice-dollar', 'billa'=>'file-excel', 'billr'=>'file-invoice-dollar', 'billd'=>'file-medical',
'supplier_invoice'=>'file-invoice-dollar', 'supplier_invoicea'=>'file-excel', 'supplier_invoicer'=>'file-invoice-dollar', 'supplier_invoiced'=>'file-medical',
'bom'=>'shapes',
'chart'=>'chart-line', 'company'=>'building', 'contact'=>'address-book', 'contract'=>'suitcase', 'collab'=>'people-arrows', 'conversation'=>'comments', 'country'=>'globe-americas', 'cron'=>'business-time',
'card'=>'address-card', 'chart'=>'chart-line', 'company'=>'building', 'contact'=>'address-book', 'contract'=>'suitcase', 'collab'=>'people-arrows', 'conversation'=>'comments', 'country'=>'globe-americas', 'cron'=>'business-time',
'donation'=>'file-alt', 'dynamicprice'=>'hand-holding-usd',
'setup'=>'cog', 'companies'=>'building', 'products'=>'cube', 'commercial'=>'suitcase', 'invoicing'=>'coins',
'accounting'=>'search-dollar', 'category'=>'tag', 'dollyrevert'=>'dolly',
@ -3704,10 +3709,11 @@ function img_picto($titlealt, $picto, $moreatt = '', $pictoisfullpath = false, $
'error'=>'exclamation-triangle', 'warning'=>'exclamation-triangle',
'other'=>'square',
'playdisabled'=>'play', 'pdf'=>'file-pdf', 'poll'=>'check-double', 'pos'=>'cash-register', 'preview'=>'binoculars', 'project'=>'project-diagram', 'projectpub'=>'project-diagram', 'projecttask'=>'tasks', 'propal'=>'file-signature',
'partnership'=>'handshake', 'payment'=>'money-check-alt', 'payment_vat'=>'money-check-alt', 'phoning'=>'phone', 'phoning_mobile'=>'mobile-alt', 'phoning_fax'=>'fax', 'previous'=>'arrow-alt-circle-left', 'printer'=>'print', 'product'=>'cube', 'service'=>'concierge-bell',
'partnership'=>'handshake', 'payment'=>'money-check-alt', 'payment_vat'=>'money-check-alt', 'phoning'=>'phone', 'phoning_mobile'=>'mobile-alt', 'phoning_fax'=>'fax', 'previous'=>'arrow-alt-circle-left', 'printer'=>'print', 'product'=>'cube', 'puce'=>'angle-right',
'recent' => 'question', 'reception'=>'dolly', 'recruitmentjobposition'=>'id-card-alt', 'recruitmentcandidature'=>'id-badge',
'resize'=>'crop', 'supplier_order'=>'dol-order_supplier', 'supplier_proposal'=>'file-signature',
'refresh'=>'redo', 'region'=>'map-marked', 'resource'=>'laptop-house', 'recurring'=>'history',
'service'=>'concierge-bell',
'state'=>'map-marked-alt', 'security'=>'key', 'salary'=>'wallet', 'shipment'=>'dolly', 'stock'=>'box-open', 'stats' => 'chart-bar', 'split'=>'code-branch', 'stripe'=>'stripe-s',
'supplier'=>'building', 'technic'=>'cogs',
'timespent'=>'clock', 'title_setup'=>'tools', 'title_accountancy'=>'money-check-alt', 'title_bank'=>'university', 'title_hrm'=>'umbrella-beach',
@ -6946,6 +6952,10 @@ function getCommonSubstitutionArray($outputlangs, $onlykey = 0, $exclude = null,
'__USER_ID__' => (string) $user->id,
'__USER_LOGIN__' => (string) $user->login,
'__USER_EMAIL__' => (string) $user->email,
'__USER_PHONE__' => (string) dol_print_phone($user->office_phone),
'__USER_PHONEPRO__' => (string) dol_print_phone($user->user_mobile),
'__USER_PHONEMOBILE__' => (string) dol_print_phone($user->personal_mobile),
'__USER_FAX__' => (string) $user->office_fax,
'__USER_LASTNAME__' => (string) $user->lastname,
'__USER_FIRSTNAME__' => (string) $user->firstname,
'__USER_FULLNAME__' => (string) $user->getFullName($outputlangs),
@ -6958,8 +6968,8 @@ function getCommonSubstitutionArray($outputlangs, $onlykey = 0, $exclude = null,
$substitutionarray = array_merge($substitutionarray, array(
'__MYCOMPANY_NAME__' => $mysoc->name,
'__MYCOMPANY_EMAIL__' => $mysoc->email,
'__MYCOMPANY_PHONE__' => $mysoc->phone,
'__MYCOMPANY_FAX__' => $mysoc->fax,
'__MYCOMPANY_PHONE__' => dol_print_phone($mysoc->phone),
'__MYCOMPANY_FAX__' => dol_print_phone($mysoc->fax),
'__MYCOMPANY_PROFID1__' => $mysoc->idprof1,
'__MYCOMPANY_PROFID2__' => $mysoc->idprof2,
'__MYCOMPANY_PROFID3__' => $mysoc->idprof3,
@ -7107,9 +7117,9 @@ function getCommonSubstitutionArray($outputlangs, $onlykey = 0, $exclude = null,
$substitutionarray['__MEMBER_PHOTO__'] = (isset($object->photo) ? $object->photo : '');
$substitutionarray['__MEMBER_LOGIN__'] = (isset($object->login) ? $object->login : '');
$substitutionarray['__MEMBER_PASSWORD__'] = (isset($object->pass) ? $object->pass : '');
$substitutionarray['__MEMBER_PHONE__'] = (isset($object->phone) ? $object->phone : '');
$substitutionarray['__MEMBER_PHONEPRO__'] = (isset($object->phone_perso) ? $object->phone_perso : '');
$substitutionarray['__MEMBER_PHONEMOBILE__'] = (isset($object->phone_mobile) ? $object->phone_mobile : '');
$substitutionarray['__MEMBER_PHONE__'] = (isset($object->phone) ? dol_print_phone($object->phone) : '');
$substitutionarray['__MEMBER_PHONEPRO__'] = (isset($object->phone_perso) ? dol_print_phone($object->phone_perso) : '');
$substitutionarray['__MEMBER_PHONEMOBILE__'] = (isset($object->phone_mobile) ? dol_print_phone($object->phone_mobile) : '');
$substitutionarray['__MEMBER_TYPE__'] = (isset($object->type) ? $object->type : '');
$substitutionarray['__MEMBER_FIRST_SUBSCRIPTION_DATE__'] = dol_print_date($object->first_subscription_date, 'dayrfc');
$substitutionarray['__MEMBER_FIRST_SUBSCRIPTION_DATE_START__'] = dol_print_date($object->first_subscription_date_start, 'dayrfc');
@ -7126,8 +7136,8 @@ function getCommonSubstitutionArray($outputlangs, $onlykey = 0, $exclude = null,
$substitutionarray['__THIRDPARTY_CODE_CLIENT__'] = (is_object($object) ? $object->code_client : '');
$substitutionarray['__THIRDPARTY_CODE_FOURNISSEUR__'] = (is_object($object) ? $object->code_fournisseur : '');
$substitutionarray['__THIRDPARTY_EMAIL__'] = (is_object($object) ? $object->email : '');
$substitutionarray['__THIRDPARTY_PHONE__'] = (is_object($object) ? $object->phone : '');
$substitutionarray['__THIRDPARTY_FAX__'] = (is_object($object) ? $object->fax : '');
$substitutionarray['__THIRDPARTY_PHONE__'] = (is_object($object) ? dol_print_phone($object->phone) : '');
$substitutionarray['__THIRDPARTY_FAX__'] = (is_object($object) ? dol_print_phone($object->fax) : '');
$substitutionarray['__THIRDPARTY_ADDRESS__'] = (is_object($object) ? $object->address : '');
$substitutionarray['__THIRDPARTY_ZIP__'] = (is_object($object) ? $object->zip : '');
$substitutionarray['__THIRDPARTY_TOWN__'] = (is_object($object) ? $object->town : '');
@ -7149,8 +7159,8 @@ function getCommonSubstitutionArray($outputlangs, $onlykey = 0, $exclude = null,
$substitutionarray['__THIRDPARTY_CODE_CLIENT__'] = (is_object($object->thirdparty) ? $object->thirdparty->code_client : '');
$substitutionarray['__THIRDPARTY_CODE_FOURNISSEUR__'] = (is_object($object->thirdparty) ? $object->thirdparty->code_fournisseur : '');
$substitutionarray['__THIRDPARTY_EMAIL__'] = (is_object($object->thirdparty) ? $object->thirdparty->email : '');
$substitutionarray['__THIRDPARTY_PHONE__'] = (is_object($object->thirdparty) ? $object->thirdparty->phone : '');
$substitutionarray['__THIRDPARTY_FAX__'] = (is_object($object->thirdparty) ? $object->thirdparty->fax : '');
$substitutionarray['__THIRDPARTY_PHONE__'] = (is_object($object->thirdparty) ? dol_print_phone($object->thirdparty->phone) : '');
$substitutionarray['__THIRDPARTY_FAX__'] = (is_object($object->thirdparty) ? dol_print_phone($object->thirdparty->fax) : '');
$substitutionarray['__THIRDPARTY_ADDRESS__'] = (is_object($object->thirdparty) ? $object->thirdparty->address : '');
$substitutionarray['__THIRDPARTY_ZIP__'] = (is_object($object->thirdparty) ? $object->thirdparty->zip : '');
$substitutionarray['__THIRDPARTY_TOWN__'] = (is_object($object->thirdparty) ? $object->thirdparty->town : '');
@ -7231,6 +7241,11 @@ function getCommonSubstitutionArray($outputlangs, $onlykey = 0, $exclude = null,
$substitutionarray['__EXTRAFIELD_'.strtoupper($key).'_LOCALE__'] = ($datetime != "0000-00-00 00:00:00" ? dol_print_date($datetime, 'dayhour', 'tzserver', $outputlangs) : '');
$substitutionarray['__EXTRAFIELD_'.strtoupper($key).'_DAY_LOCALE__'] = ($datetime != "0000-00-00 00:00:00" ? dol_print_date($datetime, 'day', 'tzserver', $outputlangs) : '');
$substitutionarray['__EXTRAFIELD_'.strtoupper($key).'_RFC__'] = ($datetime != "0000-00-00 00:00:00" ? dol_print_date($datetime, 'dayhourrfc') : '');
} elseif ($extrafields->attributes[$object->table_element]['type'][$key] == 'phone') {
$substitutionarray['__EXTRAFIELD_'.strtoupper($key).'__'] = dol_print_phone($object->array_options['options_'.$key]);
} elseif ($extrafields->attributes[$object->table_element]['type'][$key] == 'price') {
$substitutionarray['__EXTRAFIELD_'.strtoupper($key).'__'] = $object->array_options['options_'.$key];
$substitutionarray['__EXTRAFIELD_'.strtoupper($key).'_FORMATED__'] = price($object->array_options['options_'.$key]);
}
}
}

27
htdocs/core/lib/geturl.lib.php
View File

@ -35,9 +35,10 @@
* @param string[] $addheaders Array of string to add into header. Example: ('Accept: application/xrds+xml', ....)
* @param string[] $allowedschemes List of schemes that are allowed ('http' + 'https' only by default)
* @param int $localurl 0=Only external URL are possible, 1=Only local URL, 2=Both external and local URL are allowed.
* @param int $ssl_verifypeer -1=Auto (no ssl check on dev, check on prod), 0=No ssl check, 1=Always ssl check
* @return array Returns an associative array containing the response from the server array('content'=>response, 'curl_error_no'=>errno, 'curl_error_msg'=>errmsg...)
*/
function getURLContent($url, $postorget = 'GET', $param = '', $followlocation = 1, $addheaders = array(), $allowedschemes = array('http', 'https'), $localurl = 0)
function getURLContent($url, $postorget = 'GET', $param = '', $followlocation = 1, $addheaders = array(), $allowedschemes = array('http', 'https'), $localurl = 0, $ssl_verifypeer = -1)
{
//declaring of global variables
global $conf;
@ -75,8 +76,17 @@ function getURLContent($url, $postorget = 'GET', $param = '', $followlocation =
}
//curl_setopt($ch, CURLOPT_SSLVERSION, 6); for tls 1.2
// Turning on or off the ssl target certificate
if ($ssl_verifypeer < 0) {
global $dolibarr_main_prod;
$ssl_verifypeer = ($dolibarr_main_prod ? true : false);
}
if (!empty($conf->global->MAIN_CURL_DISABLE_VERIFYPEER)) {
$ssl_verifypeer = 0;
}
// Turning off the server and peer verification(TrustManager Concept).
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, ($ssl_verifypeer ? true : false));
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
// Restrict use to some protocols only
@ -214,11 +224,14 @@ function getURLContent($url, $postorget = 'GET', $param = '', $followlocation =
}
}
// Common check (local and external)
if (in_array($iptocheck, array('100.100.100.200'))) {
$info['http_code'] = 400;
$info['content'] = 'Error bad hostname IP (Used by Alibaba metadata). Must be an external URL.';
break;
// Common check on ip (local and external)
$arrayofmetadataserver = array('100.100.100.200' => 'Alibaba', '192.0.0.192'=> 'Oracle', '192.80.8.124'=>'Packet');
foreach ($arrayofmetadataserver as $ipofmetadataserver => $nameofmetadataserver) {
if ($iptocheck == $ipofmetadataserver) {
$info['http_code'] = 400;
$info['content'] = 'Error bad hostname IP (Used by '.$nameofmetadataserver.' metadata server). This IP is forbidden.';
break 2; // exit the foreach and the do...
}
}
// Set CURLOPT_CONNECT_TO so curl will not try another resolution that may give a different result. Possible only on PHP v7+

10
htdocs/core/lib/oauth.lib.php
View File

@ -25,13 +25,13 @@
// Supported OAUTH (a provider is supported when a file xxx_oauthcallback.php is available into htdocs/core/modules/oauth)
$supportedoauth2array = array(
'OAUTH_GOOGLE_NAME'=>'google',
'OAUTH_GOOGLE_NAME'=>array('callbackfile' => 'google', 'picto' => 'google', 'urlforapp' => 'OAUTH_GOOGLE_DESC', 'name'=>'Google'),
);
if ($conf->global->MAIN_FEATURES_LEVEL >= 2) {
$supportedoauth2array['OAUTH_STRIPE_TEST_NAME'] = 'stripetest';
$supportedoauth2array['OAUTH_STRIPE_LIVE_NAME'] = 'stripelive';
if (!empty($conf->stripe->enabled)) {
$supportedoauth2array['OAUTH_STRIPE_TEST_NAME'] = array('callbackfile' => 'stripetest', 'picto' => 'stripe', 'urlforapp' => '', 'name'=>'StripeTest');
$supportedoauth2array['OAUTH_STRIPE_LIVE_NAME'] = array('callbackfile' => 'stripelive', 'picto' => 'stripe', 'urlforapp' => '', 'name'=>'StripeLive');
}
$supportedoauth2array['OAUTH_GITHUB_NAME'] = 'github';
$supportedoauth2array['OAUTH_GITHUB_NAME'] = array('callbackfile' => 'github', 'picto' => 'github', 'urlforapp' => 'OAUTH_GITHUB_DESC', 'name'=>'GitHub');

2
htdocs/core/lib/project.lib.php
View File

@ -823,7 +823,7 @@ function projectLinesa(&$inc, $parent, &$lines, &$level, $var, $showproject, &$t
}
}
if (count($arrayfields) > 0 && !empty($arrayfields['c.budget_amount']['checked'])) {
if (count($arrayfields) > 0 && !empty($arrayfields['t.budget_amount']['checked'])) {
print '<td class="center">';
print price($lines[$i]->budget_amount, 0, $langs, 1, 0, 0, $conf->currency);
$total_budget_amount += $lines[$i]->budget_amount;

2
htdocs/core/menus/standard/eldy_menu.php
View File

@ -317,7 +317,7 @@ class MenuManager
print '</ul>';
}
if ($val['enabled'] == 2) {
print '<span class="vsmenudisabled">';
print '<span class="spanlilevel0 vsmenudisabled">';
// Add font-awesome
if ($val['level'] == 0 && !empty($val['prefix'])) {
print $val['prefix'];

10
htdocs/core/modules/modCommande.class.php
View File

@ -210,6 +210,13 @@ class modCommande extends DolibarrModules
$this->export_fields_array[$r]['c.multicurrency_total_tva'] = 'MulticurrencyAmountVAT';
$this->export_fields_array[$r]['c.multicurrency_total_ttc'] = 'MulticurrencyAmountTTC';
}
// Add multicompany field
if (!empty($conf->global->MULTICOMPANY_ENTITY_IN_EXPORT_IF_SHARED)) {
$nbofallowedentities = count(explode(',', getEntity('commande')));
if (!empty($conf->multicompany->enabled) && $nbofallowedentities > 1) {
$this->export_fields_array[$r]['c.entity'] = 'Entity';
}
}
//$this->export_TypeFields_array[$r]=array(
// 's.rowid'=>"List:societe:nom",'s.nom'=>'Text','s.address'=>'Text','s.zip'=>'Text','s.town'=>'Text','co.label'=>'List:c_country:label:label',
// 'co.code'=>'Text','s.phone'=>'Text','s.siren'=>'Text','s.siret'=>'Text','s.ape'=>'Text','s.idprof4'=>'Text','c.ref'=>"Text",'c.ref_client'=>"Text",
@ -224,7 +231,8 @@ class modCommande extends DolibarrModules
'c.date_commande'=>"Date", 'c.date_livraison'=>"Date", 'c.amount_ht'=>"Numeric", 'c.remise_percent'=>"Numeric", 'c.total_ht'=>"Numeric",
'c.total_ttc'=>"Numeric", 'c.facture'=>"Boolean", 'c.fk_statut'=>'Status', 'c.note_public'=>"Text", 'c.date_livraison'=>'Date', 'pj.ref'=>'Text',
'cd.description'=>"Text", 'cd.product_type'=>'Boolean', 'cd.tva_tx'=>"Numeric", 'cd.qty'=>"Numeric", 'cd.total_ht'=>"Numeric", 'cd.total_tva'=>"Numeric",
'cd.total_ttc'=>"Numeric", 'p.rowid'=>'List:product:ref::product', 'p.ref'=>'Text', 'p.label'=>'Text', 'd.nom'=>'Text'
'cd.total_ttc'=>"Numeric", 'p.rowid'=>'List:product:ref::product', 'p.ref'=>'Text', 'p.label'=>'Text', 'd.nom'=>'Text',
'c.entity'=>'List:entity:label:rowid',
);
$this->export_entities_array[$r] = array(
's.rowid'=>"company", 's.nom'=>'company', 'ps.nom'=>'company', 's.address'=>'company', 's.zip'=>'company', 's.town'=>'company', 'd.nom'=>'company', 'co.label'=>'company',

2
htdocs/core/modules/modEventOrganization.class.php
View File

@ -55,7 +55,7 @@ class modEventOrganization extends DolibarrModules
$this->description = "EventOrganizationDescription";
$this->descriptionlong = "EventOrganizationDescriptionLong";
$this->version = 'development';
$this->version = 'experimental';
// Key used in llx_const table to save module status enabled/disabled (where EVENTORGANIZATION is value of property name of module in uppercase)

10
htdocs/core/modules/modFacture.class.php
View File

@ -270,6 +270,13 @@ class modFacture extends DolibarrModules
$this->export_fields_array[$r]['f.module_source'] = 'Module';
$this->export_fields_array[$r]['f.pos_source'] = 'POSTerminal';
}
// Add multicompany field
if (!empty($conf->global->MULTICOMPANY_ENTITY_IN_EXPORT_IF_SHARED)) {
$nbofallowedentities = count(explode(',', getEntity('invoice')));
if (!empty($conf->multicompany->enabled) && $nbofallowedentities > 1) {
$this->export_fields_array[$r]['f.entity'] = 'Entity';
}
}
$this->export_TypeFields_array[$r] = array(
's.rowid'=>'Numeric', 's.nom'=>'Text', 'ps.nom'=>'Text', 's.code_client'=>'Text', 's.address'=>'Text', 's.zip'=>'Text', 's.town'=>'Text', 'c.code'=>'Text', 'cd.nom'=>'Text', 's.phone'=>'Text', 's.siren'=>'Text',
's.siret'=>'Text', 's.ape'=>'Text', 's.idprof4'=>'Text', 's.code_compta'=>'Text', 's.code_compta_fournisseur'=>'Text', 's.tva_intra'=>'Text',
@ -280,7 +287,8 @@ class modFacture extends DolibarrModules
'pj.ref'=>'Text', 'pj.title'=>'Text', 'fd.rowid'=>'Numeric', 'fd.label'=>'Text', 'fd.description'=>"Text", 'fd.subprice'=>"Numeric", 'fd.tva_tx'=>"Numeric",
'fd.qty'=>"Numeric", 'fd.total_ht'=>"Numeric", 'fd.total_tva'=>"Numeric", 'fd.total_ttc'=>"Numeric", 'fd.date_start'=>"Date", 'fd.date_end'=>"Date",
'fd.special_code'=>'Numeric', 'fd.product_type'=>"Numeric", 'fd.fk_product'=>'List:product:label', 'p.ref'=>'Text', 'p.label'=>'Text',
$alias_product_perentity . '.accountancy_code_sell'=>'Text'
$alias_product_perentity . '.accountancy_code_sell'=>'Text',
'f.entity'=>'List:entity:label:rowid',
);
if (!empty($conf->cashdesk->enabled) || !empty($conf->takepos->enabled) || !empty($conf->global->INVOICE_SHOW_POS)) {
$this->export_TypeFields_array[$r]['f.module_source'] = 'Text';

1
htdocs/core/modules/modPrinting.class.php
View File

@ -34,7 +34,6 @@ include_once DOL_DOCUMENT_ROOT.'/core/modules/DolibarrModules.class.php';
*/
class modPrinting extends DolibarrModules
{
/**
* Constructor
*

10
htdocs/core/modules/modPropale.class.php
View File

@ -204,6 +204,13 @@ class modPropale extends DolibarrModules
$this->export_fields_array[$r]['c.multicurrency_total_tva'] = 'MulticurrencyAmountVAT';
$this->export_fields_array[$r]['c.multicurrency_total_ttc'] = 'MulticurrencyAmountTTC';
}
// Add multicompany field
if (!empty($conf->global->MULTICOMPANY_ENTITY_IN_EXPORT_IF_SHARED)) {
$nbofallowedentities = count(explode(',', getEntity('propal')));
if (!empty($conf->multicompany->enabled) && $nbofallowedentities > 1) {
$this->export_fields_array[$r]['c.entity'] = 'Entity';
}
}
//$this->export_TypeFields_array[$r]=array(
// 's.rowid'=>"List:societe:nom",'s.nom'=>'Text','s.address'=>'Text','s.zip'=>'Text','s.town'=>'Text','co.code'=>'Text','s.phone'=>'Text',
// 's.siren'=>'Text','s.siret'=>'Text','s.ape'=>'Text','s.idprof4'=>'Text','c.ref'=>"Text",'c.ref_client'=>"Text",'c.datec'=>"Date",'c.datep'=>"Date",
@ -216,7 +223,8 @@ class modPropale extends DolibarrModules
's.ape'=>'Text', 's.idprof4'=>'Text', 'c.ref'=>"Text", 'c.ref_client'=>"Text", 'c.datec'=>"Date", 'c.datep'=>"Date", 'c.fin_validite'=>"Date",
'c.remise_percent'=>"Numeric", 'c.total_ht'=>"Numeric", 'c.total_ttc'=>"Numeric", 'c.fk_statut'=>'Status', 'c.note_public'=>"Text", 'c.date_livraison'=>'Date',
'pj.ref'=>'Text', 'cd.description'=>"Text", 'cd.product_type'=>'Boolean', 'cd.tva_tx'=>"Numeric", 'cd.qty'=>"Numeric", 'cd.total_ht'=>"Numeric",
'cd.total_tva'=>"Numeric", 'cd.total_ttc'=>"Numeric", 'p.ref'=>'Text', 'p.label'=>'Text'
'cd.total_tva'=>"Numeric", 'cd.total_ttc'=>"Numeric", 'p.ref'=>'Text', 'p.label'=>'Text',
'c.entity'=>'List:entity:label:rowid',
);
$this->export_entities_array[$r] = array(
's.rowid'=>"company", 's.nom'=>'company', 'ps.nom'=>'company', 's.address'=>'company', 's.zip'=>'company', 's.town'=>'company', 'co.code'=>'company', 's.phone'=>'company',

23
htdocs/core/modules/modSociete.class.php
View File

@ -327,7 +327,7 @@ class modSociete extends DolibarrModules
'payterm.libelle'=>'Text', 'paymode.libelle'=>'Text',
's.outstanding_limit'=>'Numeric', 'pbacc.ref'=>'Text', 'incoterm.code'=>'Text',
'u.login'=>'Text', 'u.firstname'=>'Text', 'u.lastname'=>'Text',
's.entity'=>'Numeric', 's.price_level'=>'Numeric',
's.entity'=>'List:entity:label:rowid', 's.price_level'=>'Numeric',
's.accountancy_code_sell'=>'Text', 's.accountancy_code_buy'=>'Text'
);
@ -376,6 +376,20 @@ class modSociete extends DolibarrModules
's.address'=>'Address', 's.zip'=>"Zip", 's.town'=>"Town", 's.phone'=>'Phone', 's.email'=>"Email",
't.libelle'=>"ThirdPartyType"
);
// Add multicompany field
if (! empty($conf->global->MULTICOMPANY_ENTITY_IN_EXPORT_IF_SHARED)) {
if (!empty($conf->multicompany->enabled)) {
$nbofallowedentities = count(explode(',', getEntity('socpeople')));
if ($nbofallowedentities > 1) {
$this->export_fields_array[$r]['c.entity'] = 'Entity';
}
$nbofallowedentities = count(explode(',', getEntity('societe')));
if ($nbofallowedentities > 1) {
$this->export_fields_array[$r]['s.entity'] = 'Entity';
}
}
}
$this->export_examplevalues_array[$r] = array('s.client'=>'0 (no customer no prospect)/1 (customer)/2 (prospect)/3 (customer and prospect)', 's.fournisseur'=>'0 (not a supplier) or 1 (supplier)');
$this->export_TypeFields_array[$r] = array(
'c.civility'=>"List:c_civility:label:code", 'c.lastname'=>'Text', 'c.firstname'=>'Text', 'c.poste'=>'Text', 'c.datec'=>"Date", 'c.priv'=>"Boolean",
@ -386,14 +400,17 @@ class modSociete extends DolibarrModules
's.code_compta'=>"Text", 's.code_compta_fournisseur'=>"Text",
's.client'=>"Text", 's.fournisseur'=>"Text",
's.address'=>"Text", 's.zip'=>"Text", 's.town'=>"Text", 's.phone'=>"Text", 's.email'=>"Text",
't.libelle'=>"Text"
't.libelle'=>"Text",
'c.entity'=>'List:entity:label:rowid',
's.entity'=>'List:entity:label:rowid',
);
$this->export_entities_array[$r] = array(
's.rowid'=>"company", 's.nom'=>"company", 's.status'=>'company', 's.code_client'=>"company", 's.code_fournisseur'=>"company",
's.code_compta'=>"company", 's.code_compta_fournisseur'=>"company",
's.client'=>"company", 's.fournisseur'=>"company",
's.address'=>"company", 's.zip'=>"company", 's.town'=>"company", 's.phone'=>"company", 's.email'=>"company",
't.libelle'=>"company"
't.libelle'=>"company",
's.entity'=>'company',
); // We define here only fields that use another picto
if (empty($conf->fournisseur->enabled) && empty($conf->global->MAIN_USE_NEW_SUPPLIERMOD) || !empty($conf->supplier_order->enabled) || !empty($conf->supplier_invoice->enabled)) {
unset($this->export_fields_array[$r]['s.code_fournisseur']);

104
htdocs/core/modules/oauth/google_oauthcallback.php
View File

@ -16,6 +16,9 @@
* along with this program. If not, see <https://www.gnu.org/licenses/>.
*/
// This page should make the process to login and get token as described here:
// https://developers.google.com/identity/protocols/oauth2/openid-connect#server-flow
/**
* \file htdocs/core/modules/oauth/google_oauthcallback.php
* \ingroup oauth
@ -70,9 +73,13 @@ $credentials = new Credentials(
$currentUri->getAbsoluteUri()
);
$state = GETPOST('state');
$requestedpermissionsarray = array();
if (GETPOST('state')) {
$requestedpermissionsarray = explode(',', GETPOST('state')); // Example: 'userinfo_email,userinfo_profile,cloud_print'. 'state' parameter is standard to store a hash value and can be used to retrieve some parameters back
if ($state) {
// 'state' parameter is standard to store a hash value and can be used to retrieve some parameters back
$statewithscopeonly = preg_replace('/\-.*$/', '', $state);
$requestedpermissionsarray = explode(',', $statewithscopeonly); // Example: 'userinfo_email,userinfo_profile,openid,email,profile,cloud_print'.
}
if ($action != 'delete' && empty($requestedpermissionsarray)) {
print 'Error, parameter state is not defined';
@ -80,6 +87,8 @@ if ($action != 'delete' && empty($requestedpermissionsarray)) {
}
//var_dump($requestedpermissionsarray);exit;
// Instantiate the Api service using the credentials, http client and storage mechanism for the token
// $requestedpermissionsarray contains list of scopes.
// Conversion into URL is done by Reflection on constant with name SCOPE_scope_in_uppercase
@ -89,7 +98,6 @@ $apiService = $serviceFactory->createService('Google', $credentials, $storage, $
// also note that a refresh token is sent only after a prompt
$apiService->setAccessType('offline');
$apiService->setApprouvalPrompt('force');
$langs->load("oauth");
@ -108,48 +116,86 @@ if ($action == 'delete') {
exit();
}
if (!empty($_GET['code'])) { // We are coming from oauth provider page
if (GETPOST('code')) { // We are coming from oauth provider page.
dol_syslog("We are coming from the oauth provider page");
//llxHeader('',$langs->trans("OAuthSetup"));
//$linkback='<a href="'.DOL_URL_ROOT.'/admin/modules.php?restore_lastsearch_values=1">'.$langs->trans("BackToModuleList").'</a>';
//print load_fiche_titre($langs->trans("OAuthSetup"),$linkback,'title_setup');
// We must validate that the $state is the same than the one into $_SESSION['oauthstateanticsrf'], return error if not.
if (isset($_SESSION['oauthstateanticsrf']) && $state != $_SESSION['oauthstateanticsrf']) {
print 'Value for state = '.dol_escape_htmltag($state).' differs from value in $_SESSION["oauthstateanticsrf"]. Code is refused.';
unset($_SESSION['oauthstateanticsrf']);
} else {
// This was a callback request from service, get the token
try {
//var_dump($_GET['code']);
//var_dump($state);
//var_dump($apiService); // OAuth\OAuth2\Service\Google
//print dol_get_fiche_head();
// retrieve the CSRF state parameter
$state = isset($_GET['state']) ? $_GET['state'] : null;
//print '<table>';
// This request the token
// Result is stored into object managed by class DoliStorage into includes/OAuth/Common/Storage/DoliStorage.php, so into table llx_oauth_token
$token = $apiService->requestAccessToken(GETPOST('code'), $state);
// This was a callback request from service, get the token
try {
//var_dump($_GET['code']);
//var_dump($state);
//var_dump($apiService); // OAuth\OAuth2\Service\Google
// Note: The extraparams has the 'id_token' than contains a lot of information about the user.
$extraparams = $token->getExtraParams();
$jwt = explode('.', $extraparams['id_token']);
$token = $apiService->requestAccessToken($_GET['code'], $state);
// Extract the middle part, base64 decode, then json_decode it
if (!empty($jwt[1])) {
$userinfo = json_decode(base64_decode($jwt[1]), true);
setEventMessages($langs->trans('NewTokenStored'), null, 'mesgs'); // Stored into object managed by class DoliStorage so into table oauth_token
// TODO
// We should make the 5 steps of validation of id_token
// Verify that the ID token is properly signed by the issuer. Google-issued tokens are signed using one of the certificates found at the URI specified in the jwks_uri metadata value of the Discovery document.
// Verify that the value of the iss claim in the ID token is equal to https://accounts.google.com or accounts.google.com.
// Verify that the value of the aud claim in the ID token is equal to your app's client ID.
// Verify that the expiry time (exp claim) of the ID token has not passed.
// If you specified a hd parameter value in the request, verify that the ID token has a hd claim that matches an accepted G Suite hosted domain.
$backtourl = $_SESSION["backtourlsavedbeforeoauthjump"];
unset($_SESSION["backtourlsavedbeforeoauthjump"]);
/*
$useremailuniq = $userinfo['sub'];
$useremail = $userinfo['email'];
$useremailverified = $userinfo['email_verified'];
$username = $userinfo['name'];
$userfamilyname = $userinfo['family_name'];
$usergivenname = $userinfo['given_name'];
$hd = $userinfo['hd'];
*/
}
header('Location: '.$backtourl);
exit();
} catch (Exception $e) {
print $e->getMessage();
setEventMessages($langs->trans('NewTokenStored'), null, 'mesgs');
$backtourl = $_SESSION["backtourlsavedbeforeoauthjump"];
unset($_SESSION["backtourlsavedbeforeoauthjump"]);
header('Location: '.$backtourl);
exit();
} catch (Exception $e) {
print $e->getMessage();
}
}
} else // If entry on page with no parameter, we arrive here
{
} else {
// If we enter this page without 'code' parameter, we arrive here. this is the case when we want to get the redirect
// to the OAuth provider login page
$_SESSION["backtourlsavedbeforeoauthjump"] = $backtourl;
if (!preg_match('/^forlogin/', $state)) {
$apiService->setApprouvalPrompt('force');
}
// This may create record into oauth_state before the header redirect.
// Creation of record with state in this tables depend on the Provider used (see its constructor).
if (GETPOST('state')) {
$url = $apiService->getAuthorizationUri(array('state'=>GETPOST('state')));
if ($state) {
$url = $apiService->getAuthorizationUri(array('state' => $state));
} else {
$url = $apiService->getAuthorizationUri(); // Parameter state will be randomly generated
}
// Add more param
$url .= '&nonce='.bin2hex(random_bytes(64/8));
// TODO Add param hd and/or login_hint
if (!preg_match('/^forlogin/', $state)) {
//$url .= 'hd=xxx';
}
// we go on oauth provider authorization page
header('Location: '.$url);
exit();
@ -160,6 +206,6 @@ if (!empty($_GET['code'])) { // We are coming from oauth provider page
* View
*/
// No view at all, just actions
// No view at all, just actions, so we never reach this line.
$db->close();

5
htdocs/core/modules/product/doc/doc_generic_product_odt.modules.php
View File

@ -170,7 +170,10 @@ class doc_generic_product_odt extends ModelePDFProduct
$texte .= '<div id="div_'.get_class($this).'" class="hiddenx">';
// Show list of found files
foreach ($listoffiles as $file) {
$texte .= '- '.$file['name'].' <a href="'.DOL_URL_ROOT.'/document.php?modulepart=doctemplates&file=products/'.urlencode(basename($file['name'])).'">'.img_picto('', 'listlight').'</a><br>';
$texte .= '- '.$file['name'];
$texte .= ' <a href="'.DOL_URL_ROOT.'/document.php?modulepart=doctemplates&file=products/'.urlencode(basename($file['name'])).'">'.img_picto('', 'listlight').'</a>';
$texte .= ' &nbsp; <a class="reposition" href="'.$_SERVER["PHP_SELF"].'?modulepart=doctemplates&keyforuploaddir=PRODUCT_ADDON_PDF_ODT_PATH&action=deletefile&token='.newToken().'&file='.urlencode(basename($file['name'])).'">'.img_picto('', 'delete').'</a>';
$texte .= '<br>';
}
$texte .= '</div>';
}

7
htdocs/core/modules/societe/doc/doc_generic_odt.modules.php
View File

@ -102,12 +102,13 @@ class doc_generic_odt extends ModeleThirdPartyDoc
$form = new Form($this->db);
$texte = $this->description.".<br>\n";
$texte .= '<!-- form for option of ODT templates -->';
$texte .= '<form action="'.$_SERVER["PHP_SELF"].'" method="POST" enctype="multipart/form-data">';
$texte .= '<input type="hidden" name="token" value="'.newToken().'">';
$texte .= '<input type="hidden" name="page_y" value="">';
$texte .= '<input type="hidden" name="action" value="setModuleOptions">';
$texte .= '<input type="hidden" name="param1" value="COMPANY_ADDON_PDF_ODT_PATH">';
$texte .= '<table class="nobordernopadding" width="100%">';
$texte .= '<table class="nobordernopadding centpercent">';
// List of directories area
$texte .= '<tr><td>';
@ -161,7 +162,9 @@ class doc_generic_odt extends ModeleThirdPartyDoc
$texte .= '<div id="div_'.get_class($this).'" class="hiddenx">';
// Show list of found files
foreach ($listoffiles as $file) {
$texte .= '- '.$file['name'].' <a href="'.DOL_URL_ROOT.'/document.php?modulepart=doctemplates&file=thirdparties/'.urlencode(basename($file['name'])).'">'.img_picto('', 'listlight').'</a><br>';
$texte .= '- '.$file['name'].' &nbsp; <a class="reposition" href="'.DOL_URL_ROOT.'/document.php?modulepart=doctemplates&file=thirdparties/'.urlencode(basename($file['name'])).'">'.img_picto('', 'listlight').'</a>';
$texte .= ' &nbsp; <a class="reposition" href="'.$_SERVER["PHP_SELF"].'?modulepart=doctemplates&keyforuploaddir=COMPANY_ADDON_PDF_ODT_PATH&action=deletefile&token='.newToken().'&file='.urlencode(basename($file['name'])).'">'.img_picto('', 'delete').'</a>';
$texte .= '<br>';
}
$texte .= '</div>';
}

37
htdocs/core/modules/stock/doc/pdf_standard.modules.php
View File

@ -179,6 +179,8 @@ class pdf_standard extends ModelePDFStock
$this->localtax2 = array();
$this->atleastoneratenotnull = 0;
$this->atleastonediscount = 0;
$this->tabTitleHeight = 11;
}
@ -321,7 +323,6 @@ class pdf_standard extends ModelePDFStock
$i = 0;
$nblines = $num;
$this->tabTitleHeight = 10;
$nexY = $tab_top + $this->tabTitleHeight;
for ($i = 0; $i < $nblines; $i++) {
@ -733,7 +734,7 @@ class pdf_standard extends ModelePDFStock
if (empty($hidetop)) {
$pdf->SetDrawColor(200, 200, 200);
$pdf->SetLineStyle(array('dash' => '0', 'color' => array(200, 200, 200)));
$pdf->line($this->marge_gauche, $tab_top + 10, $this->page_largeur - $this->marge_droite, $tab_top + 10);
$pdf->line($this->marge_gauche, $tab_top + $this->tabTitleHeight, $this->page_largeur - $this->marge_droite, $tab_top + $this->tabTitleHeight);
$pdf->SetLineStyle(array('dash' => 0));
}
}
@ -767,8 +768,8 @@ class pdf_standard extends ModelePDFStock
pdf_pagehead($pdf, $outputlangs, $this->page_hauteur);
// Show Draft Watermark
if ($object->statut == 0 && (!empty($conf->global->COMMANDE_DRAFT_WATERMARK))) {
pdf_watermark($pdf, $outputlangs, $this->page_hauteur, $this->page_largeur, 'mm', $conf->global->COMMANDE_DRAFT_WATERMARK);
if ($object->statut == 0 && (!empty($conf->global->STOCK_DRAFT_WATERMARK))) {
pdf_watermark($pdf, $outputlangs, $this->page_hauteur, $this->page_largeur, 'mm', $conf->global->STOCK_DRAFT_WATERMARK);
}
$pdf->SetTextColor(0, 0, 60);
@ -780,6 +781,7 @@ class pdf_standard extends ModelePDFStock
$pdf->SetXY($this->marge_gauche, $posy);
// Logo
$height = 0;
$logo = $conf->mycompany->dir_output.'/logos/'.$this->emetteur->logo;
if ($this->emetteur->logo) {
if (is_readable($logo)) {
@ -796,29 +798,19 @@ class pdf_standard extends ModelePDFStock
$pdf->MultiCell(100, 4, $outputlangs->convToOutputCharset($text), 0, 'L');
}
$yafterleft = $pdf->GetY() + $height;
$pdf->SetFont('', 'B', $default_font_size + 3);
$pdf->SetXY($posx, $posy);
$pdf->SetTextColor(0, 0, 60);
$title = $outputlangs->transnoentities("Warehouse");
$pdf->MultiCell(100, 3, $title, '', 'R');
$pdf->SetFont('', 'B', $default_font_size);
$pdf->MultiCell(100, 4, $outputlangs->transnoentities("Warehouse").' '.$outputlangs->convToOutputCharset($object->label), '', 'R');
$posy += 5;
$pdf->SetXY($posx, $posy);
$pdf->SetTextColor(0, 0, 60);
$pdf->MultiCell(100, 4, $outputlangs->transnoentities("Ref")." : ".$outputlangs->convToOutputCharset($object->label), '', 'R');
$posy += 5;
$posy += 6;
$pdf->SetFont('', '', $default_font_size - 1);
$pdf->SetXY($posx, $posy);
$pdf->SetTextColor(0, 0, 60);
$pdf->MultiCell(100, 3, $outputlangs->transnoentities("LocationSummary").' :', '', 'R');
$posy += 4;
$pdf->SetXY($posx - 50, $posy);
$pdf->MultiCell(150, 3, $object->lieu, '', 'R');
$pdf->MultiCell(100, 3, $outputlangs->transnoentities("Label").' : '.$object->lieu, '', 'R');
$posy += 4;
$pdf->SetXY($posx, $posy);
@ -836,8 +828,10 @@ class pdf_standard extends ModelePDFStock
$pdf->MultiCell(150, 3, $e->label, '', 'R');
}
$yafterright = $pdf->GetY();
// Description
$nexY = $pdf->GetY();
$nexY = max($yafterleft, $yafterright);
$nexY += 5;
$pdf->SetXY($posx, $posy);
$pdf->writeHTMLCell(190, 2, $this->marge_gauche, $nexY, '<b>'.$outputlangs->transnoentities("Description").' : </b>'.nl2br($object->description), 0, 1);
@ -859,6 +853,9 @@ class pdf_standard extends ModelePDFStock
$pdf->writeHTMLCell(190, 2, $this->marge_gauche, $nexY, '<b>'.$outputlangs->transnoentities("EstimatedStockValueShort").' : </b>'.price((empty($calcproducts['value']) ? '0' : price2num($calcproducts['value'], 'MT')), 0, $langs, 0, -1, -1, $conf->currency), 0, 1);
$nexY = $pdf->GetY();
// Value
$pdf->writeHTMLCell(190, 2, $this->marge_gauche, $nexY, '<b>'.$outputlangs->transnoentities("Date").' : </b>'.dol_print_date(dol_now(), 'dayhour'), 0, 1);
$nexY = $pdf->GetY();
// Last movement
$sql = "SELECT max(m.datem) as datem";

2
htdocs/core/tpl/admin_extrafields_add.tpl.php
View File

@ -185,7 +185,7 @@ $listofexamplesforlink = 'Societe:societe/class/societe.class.php<br>Contact:con
<?php } else { ?>
<td><?php echo $form->textwithpicto($langs->trans("ComputedFormula"), $langs->trans("ComputedFormulaDesc")).$form->textwithpicto($langs->trans("Computedpersistent"), $langs->trans("ComputedpersistentDesc"), 1, 'warning'); ?></td>
<?php } ?>
<td class="valeur"><textarea name="computed_value" id="computed_value" class="quatrevingtpercent" rows="<?php echo ROWS_4 ?>"><?php echo (GETPOST('computed_value', 'none') ?GETPOST('computed_value', 'none') : ''); ?></textarea></td>
<td class="valeur"><textarea name="computed_value" id="computed_value" class="quatrevingtpercent" rows="<?php echo ROWS_4 ?>"><?php echo (GETPOSTISSET('computed_value') ? GETPOST('computed_value', 'restricthtml') : ''); ?></textarea></td>
</tr>
<!-- Default Value (at sql setup level) -->
<tr class="extra_default_value"><td><?php echo $langs->trans("DefaultValue").' ('.$langs->trans("Database").')'; ?></td><td class="valeur"><input id="default_value" type="text" name="default_value" size="5" value="<?php echo (GETPOST('default_value', 'alpha') ?GETPOST('default_value', 'alpha') : ''); ?>"></td></tr>

28
htdocs/core/tpl/login.tpl.php
View File

@ -33,6 +33,8 @@ if (empty($conf) || !is_object($conf)) {
require_once DOL_DOCUMENT_ROOT.'/core/lib/functions2.lib.php';
header('Cache-Control: Public, must-revalidate');
header("Content-type: text/html; charset=".$conf->file->character_set_client);
@ -316,6 +318,32 @@ if (isset($conf->file->main_authentication) && preg_match('/openid/', $conf->fil
echo '</div>';
}
if (isset($conf->file->main_authentication) && preg_match('/google/', $conf->file->main_authentication)) {
$langs->load("users");
global $dolibarr_main_url_root;
// Define $urlwithroot
$urlwithouturlroot = preg_replace('/'.preg_quote(DOL_URL_ROOT, '/').'$/i', '', trim($dolibarr_main_url_root));
$urlwithroot = $urlwithouturlroot.DOL_URL_ROOT; // This is to use external domain name found into config file
//$urlwithroot=DOL_MAIN_URL_ROOT; // This is to use same domain name than current
echo '<br>';
echo '<div class="center" style="margin-top: 4px;">';
//$shortscope = 'userinfo_email,userinfo_profile';
$shortscope = 'openid,email,profile'; // For openid connect
$oauthstateanticsrf = bin2hex(random_bytes(128/8));
$_SESSION['oauthstateanticsrf'] = $shortscope.'-'.$oauthstateanticsrf;
$urltorenew = $urlwithroot.'/core/modules/oauth/google_oauthcallback.php?shortscope='.$shortscope.'&state=forlogin-'.$shortscope.'-'.$oauthstateanticsrf;
$url = $urltorenew;
print img_picto('', 'google', 'class="pictofixedwidth"').'<a class="alogin" href="'.$url.'">'.$langs->trans("LoginWith", "Google").'</a>';
echo '</div>';
}
?>

65
htdocs/core/tpl/massactions_pre.tpl.php
View File

@ -19,12 +19,17 @@
*/
// Following var must be set:
// $action
// $arrayofselected = array of id selected
// $object
// $objecttmp=new Propal($db);
// $objecttmp = new MyObject($db);
// $topicmail="SendSupplierProposalRef";
// $modelmail="supplier_proposal_send";
// $trackid='ord'.$object->id;
// $trackid='ord'.$objecttmp->id;
//
// Following var can be set
// $object = Object fetched;
// $sendto
// $withmaindocfilemail
if ($massaction == 'predeletedraft') {
@ -41,6 +46,7 @@ if ($massaction == 'preaffecttag') {
$categ_types = array();
$categ_type_array = $categ->getMapList();
foreach ($categ_type_array as $categdef) {
// Test on $object (should be useless, we already check on $objecttmp just after)
if (isset($object) && $categdef['obj_table'] == $object->table_element) {
if (!array_key_exists($categdef['code'], $categ_types)) {
$categ_types[$categdef['code']] = array('code'=>$categdef['code'], 'label'=>$langs->trans($categdef['obj_class']));
@ -76,7 +82,7 @@ if ($massaction == 'presend') {
$langs->load("mails");
$listofselectedid = array();
$listofselectedthirdparties = array();
$listofselectedrecipientobjid = array();
$listofselectedref = array();
if (!GETPOST('cancel', 'alpha')) {
@ -84,14 +90,19 @@ if ($massaction == 'presend') {
$result = $objecttmp->fetch($toselectid);
if ($result > 0) {
$listofselectedid[$toselectid] = $toselectid;
$thirdpartyid = ($objecttmp->fk_soc ? $objecttmp->fk_soc : $objecttmp->socid);
if ($objecttmp->element == 'societe') {
$thirdpartyid = ($objecttmp->fk_soc ? $objecttmp->fk_soc : $objecttmp->socid); // For proposal, order, invoice, conferenceorbooth, ...
if (in_array($objecttmp->element, array('societe', 'conferenceorboothattendee'))) {
$thirdpartyid = $objecttmp->id;
}
if ($objecttmp->element == 'expensereport') {
$thirdpartyid = $objecttmp->fk_user_author;
}
$listofselectedthirdparties[$thirdpartyid] = $thirdpartyid;
if (empty($thirdpartyid)) {
$thirdpartyid = 0;
}
if ($thirdpartyid) {
$listofselectedrecipientobjid[$thirdpartyid] = $thirdpartyid;
}
$listofselectedref[$thirdpartyid][$toselectid] = $objecttmp->ref;
}
}
@ -113,9 +124,9 @@ if ($massaction == 'presend') {
$formmail->trackid = $trackid;
$formmail->withfrom = 1;
$liste = $langs->trans("AllRecipientSelected", count($arrayofselected));
if (count($listofselectedthirdparties) == 1) { // Only 1 different recipient selected, we can suggest contacts
if (count($listofselectedrecipientobjid) == 1) { // Only 1 different recipient selected, we can suggest contacts
$liste = array();
$thirdpartyid = array_shift($listofselectedthirdparties);
$thirdpartyid = array_shift($listofselectedrecipientobjid);
if ($objecttmp->element == 'expensereport') {
$fuser = new User($db);
$fuser->fetch($thirdpartyid);
@ -136,19 +147,31 @@ if ($massaction == 'presend') {
$formmail->withtoreadonly = 1;
}
$formmail->withoptiononeemailperrecipient = ((count($listofselectedref) == 1 && count(reset($listofselectedref)) == 1) || empty($liste)) ? 0 : ((GETPOST('oneemailperrecipient') == 'on') ? 1 : -1);
$formmail->withoptiononeemailperrecipient = ((count($listofselectedref) == 1 && count(reset($listofselectedref)) == 1) || empty($liste)) ? 0 : (GETPOST('oneemailperrecipient', 'int') ? 1 : -1);
if (in_array($objecttmp->element, array('conferenceorboothattendee'))) {
$formmail->withoptiononeemailperrecipient = 0;
}
$formmail->withto = empty($liste) ? (GETPOST('sendto', 'alpha') ?GETPOST('sendto', 'alpha') : array()) : $liste;
$formmail->withtofree = empty($liste) ? 1 : 0;
$formmail->withtocc = 1;
$formmail->withtoccc = $conf->global->MAIN_EMAIL_USECCC;
$formmail->withtopic = $langs->transnoentities($topicmail, '__REF__', '__REF_CLIENT__');
$formmail->withfile = 1;
// $formmail->withfile = 2; Not yet supported in mass action
$formmail->withmaindocfile = 1; // Add a checkbox "Attach also main document"
if ($objecttmp->element != 'societe') {
$formmail->withfile = '<span class="hideonsmartphone opacitymedium">'.$langs->trans("OnlyPDFattachmentSupported").'</span>';
$formmail->withmaindocfile = - 1; // Add a checkbox "Attach also main document" but not checked by default
if (!empty($topicmail)) {
$formmail->withtopic = $langs->transnoentities($topicmail, '__REF__', '__REF_CLIENT__');
} else {
$formmail->withtopic = 1;
}
$formmail->withfile = 1; // $formmail->withfile = 2 to allow to upload files is not yet supported in mass action
// Add a checkbox "Attach also main document"
if (isset($withmaindocfilemail)) {
$formmail->withmaindocfile = $withmaindocfilemail;
} else { // Do an automatic definition of $formmail->withmaindocfile
$formmail->withmaindocfile = 1;
if ($objecttmp->element != 'societe') {
$formmail->withfile = '<span class="hideonsmartphone opacitymedium">'.$langs->trans("OnlyPDFattachmentSupported").'</span>';
$formmail->withmaindocfile = -1; // Add a checkbox "Attach also main document" but not checked by default
}
}
$formmail->withbody = 1;
$formmail->withdeliveryreceipt = 1;
@ -167,16 +190,16 @@ if ($massaction == 'presend') {
);
complete_substitutions_array($substitutionarray, $langs, $object, $parameters);
// Tableau des substitutions
// Array of substitutions
$formmail->substit = $substitutionarray;
// Tableau des parametres complementaires du post
$formmail->param['action'] = $action;
$formmail->param['models'] = $modelmail;
$formmail->param['models_id'] = GETPOST('modelmailselected', 'int');
$formmail->param['models'] = $modelmail; // the filter to know which kind of template emails to show. 'none' means no template suggested.
$formmail->param['models_id'] = GETPOST('modelmailselected', 'int') ? GETPOST('modelmailselected', 'int') : '-1';
$formmail->param['id'] = join(',', $arrayofselected);
// $formmail->param['returnurl']=$_SERVER["PHP_SELF"].'?id='.$object->id;
if (!empty($conf->global->MAILING_LIMIT_SENDBYWEB) && count($listofselectedthirdparties) > $conf->global->MAILING_LIMIT_SENDBYWEB) {
if (!empty($conf->global->MAILING_LIMIT_SENDBYWEB) && count($listofselectedrecipientobjid) > $conf->global->MAILING_LIMIT_SENDBYWEB) {
$langs->load("errors");
print img_warning().' '.$langs->trans('WarningNumberOfRecipientIsRestrictedInMassAction', $conf->global->MAILING_LIMIT_SENDBYWEB);
print ' - <a href="javascript: window.history.go(-1)">'.$langs->trans("GoBack").'</a>';

6
htdocs/core/triggers/interface_50_modAgenda_ActionsAuto.class.php
View File

@ -66,7 +66,7 @@ class InterfaceActionsAuto extends DolibarrTriggers
* $object->elementtype (->element of object to link action to)
* $object->module (if defined, elementtype in llx_actioncomm will be elementtype@module)
*
* @param string $action Event action code ('CONTRACT_MODIFY', 'RECRUITMENTCANDIDATURE_MODIFIY', ...)
* @param string $action Event action code ('CONTRACT_MODIFY', 'RECRUITMENTCANDIDATURE_MODIFIY', or example by external module: 'SENTBYSMS'...)
* @param Object $object Object
* @param User $user Object user
* @param Translate $langs Object langs
@ -88,6 +88,7 @@ class InterfaceActionsAuto extends DolibarrTriggers
//var_dump($action.' - '.$conf->global->$key);exit;
// Do not log events not enabled for this action
// GUI allow to set this option only if entry exists into table llx_c_action_trigger
if (empty($conf->global->$key)) {
return 0;
}
@ -887,8 +888,9 @@ class InterfaceActionsAuto extends DolibarrTriggers
} else {
// TODO Merge all previous cases into this generic one
// $action = BILL_DELETE, TICKET_CREATE, TICKET_MODIFY, TICKET_DELETE, CONTACT_SENTBYMAIL, RECRUITMENTCANDIDATURE_MODIFY, ...
// Can also be a value defined by an external module like SENTBYSMS, COMPANY_SENTBYSMS, MEMBER_SENTBYSMS, ...
// Note: We are here only if $conf->global->MAIN_AGENDA_ACTIONAUTO_action is on (tested at begining of this function).
// Note that these key can be set in agenda setup, only if defined into c_action_trigger
// Note that these key can be set in agenda setup, only if defined into llx_c_action_trigger
// Load translation files required by the page
if (empty($object->actionmsg2)) {
$langs->loadLangs(array("agenda", "other"));

10
htdocs/eventorganization/conferenceorbooth_list.php
View File

@ -621,8 +621,8 @@ $arrayofmassactions = array(
//'validate'=>img_picto('', 'check', 'class="pictofixedwidth"').$langs->trans("Validate"),
//'generate_doc'=>img_picto('', 'pdf', 'class="pictofixedwidth"').$langs->trans("ReGeneratePDF"),
//'builddoc'=>img_picto('', 'pdf', 'class="pictofixedwidth"').$langs->trans("PDFMerge"),
'presend'=>img_picto('', 'email', 'class="pictofixedwidth"').$langs->trans("SendByMail").' - '.$langs->trans("ConferenceOrBooth"),
'presend_attendees'=>img_picto('', 'email', 'class="pictofixedwidth"').$langs->trans("SendByMail").' - '.$langs->trans("Attendees"),
'presend'=>img_picto('', 'email', 'class="pictofixedwidth"').$langs->trans("SendByMail").' ('.$langs->trans("ToSpeakers").')',
//'presend_attendees'=>img_picto('', 'email', 'class="pictofixedwidth"').$langs->trans("SendByMail").' - '.$langs->trans("Attendees"),
);
if ($permissiontodelete) {
$arrayofmassactions['predelete'] = img_picto('', 'delete', 'class="pictofixedwidth"').$langs->trans("Delete");
@ -650,12 +650,13 @@ $newcardbutton = dolGetButtonTitle($langs->trans('New'), '', 'fa fa-plus-circle'
print_barre_liste($title, $page, $_SERVER["PHP_SELF"], $param, $sortfield, $sortorder, $massactionbutton, $num, $nbtotalofrecords, $object->picto, 0, $newcardbutton, '', $limit, 0, 0, 1);
// Add code for pre mass action (confirmation or email presend form)
$topicmail = $object->ref;
$topicmail = $projectstatic->title;
$modelmail = "conferenceorbooth";
$objecttmp = new ConferenceOrBooth($db);
$trackid = 'conferenceorbooth_'.$object->id;
include DOL_DOCUMENT_ROOT.'/eventorganization/tpl/massactions_mail_pre.tpl.php';
$withmaindocfilemail = 0;
include DOL_DOCUMENT_ROOT.'/core/tpl/massactions_pre.tpl.php';
@ -689,6 +690,7 @@ $varpage = empty($contextpage) ? $_SERVER["PHP_SELF"] : $contextpage;
$selectedfields = $form->multiSelectArrayWithCheckbox('selectedfields', $arrayfields, $varpage); // This also change content of $arrayfields
$selectedfields .= (count($arrayofmassactions) ? $form->showCheckAddButtons('checkforselect', 1) : '');
print '<div class="div-table-responsive">'; // You can use div-table-responsive-no-min if you dont need reserved height for your table
print '<table class="tagtable nobottomiftotal liste'.($moreforfilter ? " listwithfilterbefore" : "").'">'."\n";

17
htdocs/eventorganization/conferenceorboothattendee_list.php
View File

@ -182,8 +182,8 @@ if (GETPOST('cancel', 'alpha')) {
$massaction = '';
}
if (!GETPOST('confirmmassaction', 'alpha') && $massaction != 'presend' && $massaction != 'confirm_presend'
&& $massaction != 'presend_attendees'
&& $massaction != 'confirm_presend_attendees') {
&& $massaction != 'presend'
&& $massaction != 'confirm_presend') {
$massaction = '';
}
@ -676,8 +676,7 @@ $arrayofmassactions = array(
//'validate'=>img_picto('', 'check', 'class="pictofixedwidth"').$langs->trans("Validate"),
//'generate_doc'=>img_picto('', 'pdf', 'class="pictofixedwidth"').$langs->trans("ReGeneratePDF"),
//'builddoc'=>img_picto('', 'pdf', 'class="pictofixedwidth"').$langs->trans("PDFMerge"),
//'presend'=>img_picto('', 'email', 'class="pictofixedwidth"').$langs->trans("SendByMail"),
'presend_attendees'=>img_picto('', 'email', 'class="pictofixedwidth"').$langs->trans("SendByMail").' - '.$langs->trans("Attendees"),
'presend'=>img_picto('', 'email', 'class="pictofixedwidth"').$langs->trans("SendByMail"),
);
if ($permissiontodelete) {
$arrayofmassactions['predelete'] = img_picto('', 'delete', 'class="pictofixedwidth"').$langs->trans("Delete");
@ -706,14 +705,16 @@ $newcardbutton = dolGetButtonTitle($langs->trans('New'), '', 'fa fa-plus-circle'
print_barre_liste($title, $page, $_SERVER["PHP_SELF"], $param, $sortfield, $sortorder, $massactionbutton, $num, $nbtotalofrecords, $object->picto, 0, $newcardbutton, '', $limit, 0, 0, 1);
// Add code for pre mass action (confirmation or email presend form)
$topicmail = "SendConferenceOrBoothAttendeeRef";
$modelmail = "conferenceorboothattendee";
$topicmail = $projectstatic->title;
$modelmail = "conferenceorbooth";
$objecttmp = new ConferenceOrBoothAttendee($db);
$trackid = 'xxxx'.$object->id;
include DOL_DOCUMENT_ROOT.'/eventorganization/tpl/massactions_mail_pre.tpl.php';
$trackid = 'conferenceorbooth_'.$object->id;
$withmaindocfilemail = 0;
include DOL_DOCUMENT_ROOT.'/core/tpl/massactions_pre.tpl.php';
if ($search_all) {
foreach ($fieldstosearchall as $key => $val) {
$fieldstosearchall[$key] = $langs->trans($val);

1
htdocs/eventorganization/conferenceorboothattendee_note.php
View File

@ -39,7 +39,6 @@
//if (! defined("MAIN_LANG_DEFAULT")) define('MAIN_LANG_DEFAULT', 'auto'); // Force lang to a particular value
//if (! defined("MAIN_AUTHENTICATION_MODE")) define('MAIN_AUTHENTICATION_MODE', 'aloginmodule'); // Force authentication handler
//if (! defined("NOREDIRECTBYMAINTOLOGIN")) define('NOREDIRECTBYMAINTOLOGIN', 1); // The main.inc.php does not make a redirect if not logged, instead show simple error message
//if (! defined("FORCECSP")) define('FORCECSP', 'none'); // Disable all Content Security Policies
//if (! defined('CSRFCHECK_WITH_TOKEN')) define('CSRFCHECK_WITH_TOKEN', '1'); // Force use of CSRF protection with tokens even for GET
//if (! defined('NOBROWSERNOTIF')) define('NOBROWSERNOTIF', '1'); // Disable browser notification

2
htdocs/eventorganization/core/actions_massactions_mail.inc.php
View File

@ -78,7 +78,7 @@ if (!$error && $massaction == 'confirm_presend_attendees') {
$listofobjectid = array();
$listofobjectref = array();
$oneemailperrecipient = (GETPOST('oneemailperrecipient') == 'on' ? 1 : 0);
$oneemailperrecipient = (GETPOST('oneemailperrecipient', 'int') ? 1 : 0);
if (!$error) {
require_once DOL_DOCUMENT_ROOT . '/eventorganization/class/conferenceorboothattendee.class.php';

126
htdocs/eventorganization/tpl/massactions_mail_pre.tpl.php
View File

@ -1,126 +0,0 @@
<?php
/* Copyright (C) 2013 Cédric Salvador <csalvador@gpcsolutions.fr>
* Copyright (C) 2013-2014 Laurent Destailleur <eldy@users.sourceforge.net>
* Copyright (C) 2015 Marcos García <marcosgdf@gmail.com>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <https://www.gnu.org/licenses/>.
* or see https://www.gnu.org/
*/
// Following var must be set:
// $arrayofselected = array of id selected
// $object
// $objecttmp=new Propal($db);
// $topicmail="SendSupplierProposalRef";
// $modelmail="supplier_proposal_send";
// $trackid='ord'.$object->id;
if ($massaction == 'presend_attendees') {
$langs->load("mails");
require_once DOL_DOCUMENT_ROOT.'/eventorganization/class/conferenceorboothattendee.class.php';
$attendee = new ConferenceOrBoothAttendee($db);
$listofselectedid = array();
$listofselectedref = array();
if (!GETPOST('cancel', 'alpha')) {
foreach ($arrayofselected as $toselectid) {
$result = $objecttmp->fetch($toselectid);
if ($result > 0) {
$attendees = $attendee->fetchAll();
if (is_array($attendees) && count($attendees)>0) {
foreach ($attendees as $attmail) {
if (!empty($attmail->email)) {
$listofselectedid[$attmail->email] = $attmail->id;
$listofselectedref[$attmail->id][$toselectid] = $objecttmp->ref;
}
}
}
}
}
}
print '<input type="hidden" name="massaction" value="confirm_presend_attendees">';
print '<input type="hidden" name="projectid" value="'.GETPOST('projectid', 'int').'">';
include_once DOL_DOCUMENT_ROOT.'/core/class/html.formmail.class.php';
$formmail = new FormMail($db);
print dol_get_fiche_head(null, '', '');
// Create form for email
include_once DOL_DOCUMENT_ROOT.'/core/class/html.formmail.class.php';
$formmail = new FormMail($db);
$formmail->withform = -1;
$formmail->fromtype = (GETPOST('fromtype') ? GETPOST('fromtype') : (!empty($conf->global->MAIN_MAIL_DEFAULT_FROMTYPE) ? $conf->global->MAIN_MAIL_DEFAULT_FROMTYPE : 'user'));
if ($formmail->fromtype === 'user') {
$formmail->fromid = $user->id;
}
$formmail->trackid = $trackid;
$formmail->withfrom = 1;
$liste = $langs->trans("AllRecipientSelected", count($listofselectedid));
$formmail->withtoreadonly = 1;
$formmail->withoptiononeemailperrecipient = ((count($listofselectedref) == 1 && count(reset($listofselectedref)) == 1) || empty($liste)) ? 0 : ((GETPOST('oneemailperrecipient') == 'on') ? 1 : -1);
$formmail->withto = empty($liste) ? (GETPOST('sendto', 'alpha') ?GETPOST('sendto', 'alpha') : array()) : $liste;
$formmail->withtofree = empty($liste) ? 1 : 0;
$formmail->withtocc = 1;
$formmail->withtoccc = $conf->global->MAIN_EMAIL_USECCC;
$formmail->withtopic = $langs->transnoentities($topicmail, '__REF__', '__REF_CLIENT__');
$formmail->withfile = 0;
// $formmail->withfile = 2; Not yet supported in mass action
$formmail->withmaindocfile = 0; // Add a checkbox "Attach also main document"
$formmail->withbody = 1;
$formmail->withdeliveryreceipt = 1;
$formmail->withcancel = 1;
// Make substitution in email content
$substitutionarray = getCommonSubstitutionArray($langs, 0, null, $object);
$substitutionarray['__EMAIL__'] = $sendto;
$substitutionarray['__CHECK_READ__'] = (is_object($object) && is_object($object->thirdparty)) ? '<img src="'.DOL_MAIN_URL_ROOT.'/public/emailing/mailing-read.php?tag='.urlencode($object->thirdparty->tag).'&securitykey='.urlencode($conf->global->MAILING_EMAIL_UNSUBSCRIBE_KEY).'" width="1" height="1" style="width:1px;height:1px" border="0"/>' : '';
$substitutionarray['__PERSONALIZED__'] = ''; // deprecated
$substitutionarray['__CONTACTCIVNAME__'] = '';
$parameters = array(
'mode' => 'formemail'
);
complete_substitutions_array($substitutionarray, $langs, $object, $parameters);
// Tableau des substitutions
$formmail->substit = $substitutionarray;
// Tableau des parametres complementaires du post
$formmail->param['action'] = $action;
$formmail->param['models'] = $modelmail;
$formmail->param['models_id'] = empty(GETPOST('modelmailselected', 'int'))?$conf->global->EVENTORGANIZATION_TEMPLATE_EMAIL_BULK_ATTENDES:GETPOST('modelmailselected', 'int');
$formmail->param['id'] = join(',', $arrayofselected);
// $formmail->param['returnurl']=$_SERVER["PHP_SELF"].'?id='.$object->id;
if (!empty($conf->global->MAILING_LIMIT_SENDBYWEB) && count($listofselectedid) > $conf->global->MAILING_LIMIT_SENDBYWEB) {
$langs->load("errors");
print img_warning().' '.$langs->trans('WarningNumberOfRecipientIsRestrictedInMassAction', $conf->global->MAILING_LIMIT_SENDBYWEB);
print ' - <a href="javascript: window.history.go(-1)">'.$langs->trans("GoBack").'</a>';
$arrayofmassactions = array();
} else {
print $formmail->get_form();
}
print dol_get_fiche_end();
}
// Allow Pre-Mass-Action hook (eg for confirmation dialog)
$parameters = array(
'toselect' => $toselect,
'uploaddir' => isset($uploaddir) ? $uploaddir : null
);

4
htdocs/externalsite/admin/index.php
View File

@ -57,7 +57,7 @@ if ($action == 'update') {
$label = GETPOST('EXTERNALSITE_LABEL', 'alphanohtml');
// exturl can be an url or a HTML string
$exturl = GETPOST('EXTERNALSITE_URL', 'none');
$exturl = GETPOST('EXTERNALSITE_URL', 'restricthtml');
$exturl = dol_string_onlythesehtmltags($exturl, 1, 1, 0, 1);
$exturl = dol_string_onlythesehtmlattributes($exturl);
@ -110,7 +110,7 @@ print '<tr class="oddeven">';
print '<td class="fieldrequired">'.$langs->trans("ExternalSiteURL")."</td>";
print '<td><textarea class="flat minwidth500" name="EXTERNALSITE_URL">';
$exturl = GETPOST('EXTERNALSITE_URL', 'none');
$exturl = GETPOST('EXTERNALSITE_URL', 'restricthtml');
$exturl = dol_string_onlythesehtmltags($exturl, 1, 1, 0, 1);
$exturl = dol_string_onlythesehtmlattributes($exturl);

183
htdocs/fourn/class/api_supplier_orders.class.php
View File

@ -369,6 +369,189 @@ class SupplierOrders extends DolibarrApi
);
}
/**
* Approve an order
*
* @param int $id Order ID
* @param int $idwarehouse Warehouse ID
* @param int $secondlevel 1=Does not execute triggers, 0= execute triggers
*
* @url POST {id}/approve
*
* @return array
* FIXME An error 403 is returned if the request has an empty body.
* Error message: "Forbidden: Content type `text/plain` is not supported."
* Workaround: send this in the body
* {
* "idwarehouse": 0,
* "secondlevel": 0
* }
*/
public function approve($id, $idwarehouse = 0, $secondlevel = 0)
{
if (empty(DolibarrApiAccess::$user->rights->fournisseur->commande->creer) && empty(DolibarrApiAccess::$user->rights->supplier_order->creer)) {
throw new RestException(401);
}
$result = $this->order->fetch($id);
if (!$result) {
throw new RestException(404, 'Order not found');
}
if (!DolibarrApi::_checkAccessToResource('fournisseur', $this->order->id, 'commande_fournisseur', 'commande')) {
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
}
$result = $this->order->approve(DolibarrApiAccess::$user, $idwarehouse, $secondlevel);
if ($result == 0) {
throw new RestException(304, 'Error nothing done. May be object is already approved');
}
if ($result < 0) {
throw new RestException(500, 'Error when approve Order: '.$this->order->error);
}
return array(
'success' => array(
'code' => 200,
'message' => 'Order approved (Ref='.$this->order->ref.')'
)
);
}
/**
* Sends an order to the vendor
*
* @param int $id Order ID
* @param integer $date Date (unix timestamp in sec)
* @param int $method Method
* @param string $comment Comment
*
* @url POST {id}/makeorder
*
* @return array
* FIXME An error 403 is returned if the request has an empty body.
* Error message: "Forbidden: Content type `text/plain` is not supported."
* Workaround: send this in the body
* {
* "date": 0,
* "method": 0,
* "comment": ""
* }
*/
public function makeOrder($id, $date, $method, $comment = '')
{
if (empty(DolibarrApiAccess::$user->rights->fournisseur->commande->creer) && empty(DolibarrApiAccess::$user->rights->supplier_order->creer)) {
throw new RestException(401);
}
$result = $this->order->fetch($id);
if (!$result) {
throw new RestException(404, 'Order not found');
}
if (!DolibarrApi::_checkAccessToResource('fournisseur', $this->order->id, 'commande_fournisseur', 'commande')) {
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
}
$result = $this->order->commande(DolibarrApiAccess::$user, $date, $method, $comment);
if ($result == 0) {
throw new RestException(304, 'Error nothing done. May be object is already sent');
}
if ($result < 0) {
throw new RestException(500, 'Error when sending Order: '.$this->order->error);
}
return array(
'success' => array(
'code' => 200,
'message' => 'Order sent (Ref='.$this->order->ref.')'
)
);
}
/**
* Receives the order, dispatches products.
*
* Example:
* <code> {
* "closeopenorder": 1,
* "comment": "",
* "lines": [{
* "id": 14,
* "fk_product": 112,
* "qty": 18,
* "warehouse": 1,
* "price": 114,
* "comment": "",
* "eatby": 0,
* "sellby": 0,
* "batch": 0,
* "notrigger": 0
* }]
* }</code>
*
* @param int $id Order ID
* @param integer $closeopenorder Close order if everything is received {@required false}
* @param string $comment Comment {@required false}
* @param array $lines Array of product dispatches
*
* @url POST {id}/receive
*
* @return array
* FIXME An error 403 is returned if the request has an empty body.
* Error message: "Forbidden: Content type `text/plain` is not supported."
*
*/
public function receiveOrder($id, $closeopenorder, $comment, $lines)
{
if (empty(DolibarrApiAccess::$user->rights->fournisseur->commande->creer) && empty(DolibarrApiAccess::$user->rights->supplier_order->creer)) {
throw new RestException(401);
}
$result = $this->order->fetch($id);
if (!$result) {
throw new RestException(404, 'Order not found');
}
if (!DolibarrApi::_checkAccessToResource('fournisseur', $this->order->id, 'commande_fournisseur', 'commande')) {
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
}
foreach ($lines as $line) {
$lineObj =(object) $line;
$result=$this->order->dispatchProduct(DolibarrApiAccess::$user,
$lineObj->fk_product,
$lineObj->qty,
$lineObj->warehouse,
$lineObj->price,
$lineObj->comment,
$lineObj->eatby,
$lineObj->sellby,
$lineObj->batch,
$lineObj->id,
$lineObj->notrigger);
if ($result < 0) {
throw new RestException(500, 'Error dispatch order line '.$line->id.': '.$this->order->error);
}
}
$result = $this->order->calcAndSetStatusDispatch(DolibarrApiAccess::$user, $closeopenorder, $comment);
if ($result == 0) {
throw new RestException(304, 'Error nothing done. May be object is already dispatched');
}
if ($result < 0) {
throw new RestException(500, 'Error when receivce order: '.$this->order->error);
}
return array(
'success' => array(
'code' => 200,
'message' => 'Order received (Ref='.$this->order->ref.')'
)
);
}
// phpcs:disable PEAR.NamingConventions.ValidFunctionName.PublicUnderscore
/**
* Clean sensible object datas

2
htdocs/fourn/class/fournisseur.commande.class.php
View File

@ -2012,6 +2012,8 @@ class CommandeFournisseur extends CommonOrder
if ($product > 0) {
// $price should take into account discount (except if option STOCK_EXCLUDE_DISCOUNT_FOR_PMP is on)
$mouv->origin = &$this;
$mouv->origin_type = $this->element;
$mouv->origin_id = $this->id;
$result = $mouv->reception($user, $product, $entrepot, $qty, $price, $comment, $eatby, $sellby, $batch);
if ($result < 0) {
$this->error = $mouv->error;

6
htdocs/fourn/commande/card.php
View File

@ -129,7 +129,7 @@ $result = restrictedArea($user, 'fournisseur', $id, 'commande_fournisseur', 'com
// Common permissions
$usercanread = ($user->rights->fournisseur->commande->lire || $user->rights->supplier_order->lire);
$usercancreate = ($user->rights->fournisseur->commande->creer || $user->rights->supplier_order->creer);
$usercandelete = ($user->rights->fournisseur->commande->supprimer || $user->rights->supplier_order->supprimer);
$usercandelete = (($user->rights->fournisseur->commande->supprimer || $user->rights->supplier_order->supprimer) || ($usercancreate && isset($object->statut) && $object->statut == $object::STATUS_DRAFT));
// Advanced permissions
$usercanvalidate = ((empty($conf->global->MAIN_USE_ADVANCED_PERMS) && !empty($usercancreate)) || (!empty($conf->global->MAIN_USE_ADVANCED_PERMS) && !empty($user->rights->fournisseur->supplier_order_advance->validate)));
@ -2582,14 +2582,14 @@ if ($action == 'create') {
}
// Cancel
if ($object->statut == 2) {
if ($object->statut == CommandeFournisseur::STATUS_ACCEPTED) {
if ($usercanorder) {
print '<a class="butActionDelete" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&amp;action=cancel">'.$langs->trans("CancelOrder").'</a>';
}
}
// Delete
if (!empty($usercandelete) || ($object->statut == CommandeFournisseur::STATUS_DRAFT && !empty($usercancreate))) {
if (!empty($usercandelete)) {
if ($hasreception) {
print '<a class="butActionRefused classfortooltip" href="#" title="'.$langs->trans("ReceptionExist").'">'.$langs->trans("Delete").'</a>';
} else {

18
htdocs/fourn/facture/paiement.php
View File

@ -11,6 +11,7 @@
* Copyright (C) 2017 Alexandre Spangaro <aspangaro@open-dsi.fr>
* Copyright (C) 2018-2020 Frédéric France <frederic.france@netlogic.fr>
* Copyright (C) 2021 Charlene Benke <charlene@patas-monkey.com>
* Copyright (C) 2022 Udo Tamm <dev@dolibit.de>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -54,11 +55,11 @@ $day = GETPOST('day', 'int');
$month = GETPOST('month', 'int');
$year = GETPOST('year', 'int');
$search_ref = GETPOST("search_ref", "alpha");
$search_account = GETPOST("search_account", "int");
$search_paymenttype = GETPOST("search_paymenttype");
$search_amount = GETPOST("search_amount", 'alpha'); // alpha because we must be able to search on "< x"
$search_company = GETPOST("search_company", 'alpha');
$search_ref = GETPOST('search_ref', 'alpha');
$search_account = GETPOST('search_account', 'int');
$search_paymenttype = GETPOST('search_paymenttype');
$search_amount = GETPOST('search_amount', 'alpha'); // alpha because we must be able to search on "< x"
$search_company = GETPOST('search_company', 'alpha');
$search_payment_num = GETPOST('search_payment_num', 'alpha');
$limit = GETPOST('limit', 'int') ?GETPOST('limit', 'int') : $conf->liste_limit;
@ -773,10 +774,13 @@ if ($action == 'create' || $action == 'confirm_paiement' || $action == 'add_paie
}
}
// Save Button
// Save + Cancel Buttons
if ($action != 'add_paiement') {
print '<br><div class="center"><input type="checkbox" checked name="closepaidinvoices"> '.$langs->trans("ClosePaidInvoicesAutomatically");
print '<br><input type="submit" class="button" value="'.$langs->trans('ToMakePayment').'"></div>';
print '<p>&nbsp;</p>';
print '<br><input type="submit" class="button" value="'.$langs->trans('ToMakePayment').'">';
print '<p>&nbsp;</p>';
print '<br><input type="button" class="button button-cancel" value="'.$langs->trans("Cancel").'" onClick="javascript:history.go(-1)"></div>';
}
// Form to confirm payment

1
htdocs/hrm/position.php
View File

@ -42,7 +42,6 @@
//if (! defined("MAIN_LANG_DEFAULT")) define('MAIN_LANG_DEFAULT', 'auto'); // Force lang to a particular value
//if (! defined("MAIN_AUTHENTICATION_MODE")) define('MAIN_AUTHENTICATION_MODE', 'aloginmodule'); // Force authentication handler
//if (! defined("NOREDIRECTBYMAINTOLOGIN")) define('NOREDIRECTBYMAINTOLOGIN', 1); // The main.inc.php does not make a redirect if not logged, instead show simple error message
//if (! defined("FORCECSP")) define('FORCECSP', 'none'); // Disable all Content Security Policies
//if (! defined('CSRFCHECK_WITH_TOKEN')) define('CSRFCHECK_WITH_TOKEN', '1'); // Force use of CSRF protection with tokens even for GET
//if (! defined('NOBROWSERNOTIF')) define('NOBROWSERNOTIF', '1'); // Disable browser notification

318
htdocs/includes/OAuth/OAuth2/Service/Google.php
View File

@ -13,194 +13,196 @@ use OAuth\Common\Http\Uri\Uri;
class Google extends AbstractService
{
/**
* Defined scopes - More scopes are listed here:
* https://developers.google.com/oauthplayground/
*
* Make a pull request if you need more scopes.
*/
/**
* Defined scopes - More scopes are listed here:
* https://developers.google.com/oauthplayground/
*
* Make a pull request if you need more scopes.
*/
// Basic
const SCOPE_EMAIL = 'email';
const SCOPE_PROFILE = 'profile';
// Basic
const SCOPE_EMAIL = 'email';
const SCOPE_PROFILE = 'profile';
const SCOPE_USERINFO_EMAIL = 'https://www.googleapis.com/auth/userinfo.email';
const SCOPE_USERINFO_PROFILE = 'https://www.googleapis.com/auth/userinfo.profile';
const SCOPE_USERINFO_EMAIL = 'https://www.googleapis.com/auth/userinfo.email';
const SCOPE_USERINFO_PROFILE = 'https://www.googleapis.com/auth/userinfo.profile';
// Google+
const SCOPE_GPLUS_ME = 'https://www.googleapis.com/auth/plus.me';
const SCOPE_GPLUS_LOGIN = 'https://www.googleapis.com/auth/plus.login';
const SCOPE_GPLUS_CIRCLES_READ = 'https://www.googleapis.com/auth/plus.circles.read';
const SCOPE_GPLUS_CIRCLES_WRITE = 'https://www.googleapis.com/auth/plus.circles.write';
const SCOPE_GPLUS_STREAM_READ = 'https://www.googleapis.com/auth/plus.stream.read';
const SCOPE_GPLUS_STREAM_WRITE = 'https://www.googleapis.com/auth/plus.stream.write';
const SCOPE_GPLUS_MEDIA = 'https://www.googleapis.com/auth/plus.media.upload';
// Google+
const SCOPE_GPLUS_ME = 'https://www.googleapis.com/auth/plus.me';
const SCOPE_GPLUS_LOGIN = 'https://www.googleapis.com/auth/plus.login';
const SCOPE_GPLUS_CIRCLES_READ = 'https://www.googleapis.com/auth/plus.circles.read';
const SCOPE_GPLUS_CIRCLES_WRITE = 'https://www.googleapis.com/auth/plus.circles.write';
const SCOPE_GPLUS_STREAM_READ = 'https://www.googleapis.com/auth/plus.stream.read';
const SCOPE_GPLUS_STREAM_WRITE = 'https://www.googleapis.com/auth/plus.stream.write';
const SCOPE_GPLUS_MEDIA = 'https://www.googleapis.com/auth/plus.media.upload';
// Google Drive
const SCOPE_DOCUMENTSLIST = 'https://docs.google.com/feeds/';
const SCOPE_SPREADSHEETS = 'https://spreadsheets.google.com/feeds/';
const SCOPE_GOOGLEDRIVE = 'https://www.googleapis.com/auth/drive';
const SCOPE_DRIVE_APPS = 'https://www.googleapis.com/auth/drive.appdata';
const SCOPE_DRIVE_APPS_READ_ONLY = 'https://www.googleapis.com/auth/drive.apps.readonly';
const SCOPE_GOOGLEDRIVE_FILES = 'https://www.googleapis.com/auth/drive.file';
const SCOPE_DRIVE_METADATA_READ_ONLY = 'https://www.googleapis.com/auth/drive.metadata.readonly';
const SCOPE_DRIVE_READ_ONLY = 'https://www.googleapis.com/auth/drive.readonly';
const SCOPE_DRIVE_SCRIPTS = 'https://www.googleapis.com/auth/drive.scripts';
// Google Drive
const SCOPE_DOCUMENTSLIST = 'https://docs.google.com/feeds/';
const SCOPE_SPREADSHEETS = 'https://spreadsheets.google.com/feeds/';
const SCOPE_GOOGLEDRIVE = 'https://www.googleapis.com/auth/drive';
const SCOPE_DRIVE_APPS = 'https://www.googleapis.com/auth/drive.appdata';
const SCOPE_DRIVE_APPS_READ_ONLY = 'https://www.googleapis.com/auth/drive.apps.readonly';
const SCOPE_GOOGLEDRIVE_FILES = 'https://www.googleapis.com/auth/drive.file';
const SCOPE_DRIVE_METADATA_READ_ONLY = 'https://www.googleapis.com/auth/drive.metadata.readonly';
const SCOPE_DRIVE_READ_ONLY = 'https://www.googleapis.com/auth/drive.readonly';
const SCOPE_DRIVE_SCRIPTS = 'https://www.googleapis.com/auth/drive.scripts';
// Cloud Print
const SCOPE_CLOUD_PRINT = 'https://www.googleapis.com/auth/cloudprint';
// Cloud Print
const SCOPE_CLOUD_PRINT = 'https://www.googleapis.com/auth/cloudprint';
// Adwords
const SCOPE_ADSENSE = 'https://www.googleapis.com/auth/adsense';
const SCOPE_ADWORDS = 'https://www.googleapis.com/auth/adwords/';
const SCOPE_GAN = 'https://www.googleapis.com/auth/gan'; // google affiliate network...?
// Adwords
const SCOPE_ADSENSE = 'https://www.googleapis.com/auth/adsense';
const SCOPE_ADWORDS = 'https://www.googleapis.com/auth/adwords/';
const SCOPE_GAN = 'https://www.googleapis.com/auth/gan'; // google affiliate network...?
// Google Analytics
const SCOPE_ANALYTICS = 'https://www.googleapis.com/auth/analytics';
const SCOPE_ANALYTICS_EDIT = 'https://www.googleapis.com/auth/analytics.edit';
const SCOPE_ANALYTICS_MANAGE_USERS = 'https://www.googleapis.com/auth/analytics.manage.users';
const SCOPE_ANALYTICS_READ_ONLY = 'https://www.googleapis.com/auth/analytics.readonly';
// Google Analytics
const SCOPE_ANALYTICS = 'https://www.googleapis.com/auth/analytics';
const SCOPE_ANALYTICS_EDIT = 'https://www.googleapis.com/auth/analytics.edit';
const SCOPE_ANALYTICS_MANAGE_USERS = 'https://www.googleapis.com/auth/analytics.manage.users';
const SCOPE_ANALYTICS_READ_ONLY = 'https://www.googleapis.com/auth/analytics.readonly';
//Gmail
const SCOPE_GMAIL_MODIFY = 'https://www.googleapis.com/auth/gmail.modify';
const SCOPE_GMAIL_READONLY = 'https://www.googleapis.com/auth/gmail.readonly';
const SCOPE_GMAIL_COMPOSE = 'https://www.googleapis.com/auth/gmail.compose';
const SCOPE_GMAIL_SEND = 'https://www.googleapis.com/auth/gmail.send';
const SCOPE_GMAIL_INSERT = 'https://www.googleapis.com/auth/gmail.insert';
const SCOPE_GMAIL_LABELS = 'https://www.googleapis.com/auth/gmail.labels';
const SCOPE_GMAIL_FULL = 'https://mail.google.com/';
//Gmail
const SCOPE_GMAIL_MODIFY = 'https://www.googleapis.com/auth/gmail.modify';
const SCOPE_GMAIL_READONLY = 'https://www.googleapis.com/auth/gmail.readonly';
const SCOPE_GMAIL_COMPOSE = 'https://www.googleapis.com/auth/gmail.compose';
const SCOPE_GMAIL_SEND = 'https://www.googleapis.com/auth/gmail.send';
const SCOPE_GMAIL_INSERT = 'https://www.googleapis.com/auth/gmail.insert';
const SCOPE_GMAIL_LABELS = 'https://www.googleapis.com/auth/gmail.labels';
const SCOPE_GMAIL_FULL = 'https://mail.google.com/';
// Other services
const SCOPE_BOOKS = 'https://www.googleapis.com/auth/books';
const SCOPE_BLOGGER = 'https://www.googleapis.com/auth/blogger';
const SCOPE_CALENDAR = 'https://www.googleapis.com/auth/calendar';
const SCOPE_CALENDAR_READ_ONLY = 'https://www.googleapis.com/auth/calendar.readonly';
const SCOPE_CONTACT = 'https://www.google.com/m8/feeds/';
const SCOPE_CONTACTS_RO = 'https://www.googleapis.com/auth/contacts.readonly';
const SCOPE_CHROMEWEBSTORE = 'https://www.googleapis.com/auth/chromewebstore.readonly';
const SCOPE_GMAIL = 'https://mail.google.com/mail/feed/atom';
const SCOPE_GMAIL_IMAP_SMTP = 'https://mail.google.com';
const SCOPE_PICASAWEB = 'https://picasaweb.google.com/data/';
const SCOPE_SITES = 'https://sites.google.com/feeds/';
const SCOPE_URLSHORTENER = 'https://www.googleapis.com/auth/urlshortener';
const SCOPE_WEBMASTERTOOLS = 'https://www.google.com/webmasters/tools/feeds/';
const SCOPE_TASKS = 'https://www.googleapis.com/auth/tasks';
// Other services
const SCOPE_BOOKS = 'https://www.googleapis.com/auth/books';
const SCOPE_BLOGGER = 'https://www.googleapis.com/auth/blogger';
const SCOPE_CALENDAR = 'https://www.googleapis.com/auth/calendar';
const SCOPE_CALENDAR_READ_ONLY = 'https://www.googleapis.com/auth/calendar.readonly';
const SCOPE_CONTACT = 'https://www.google.com/m8/feeds/';
const SCOPE_CONTACTS_RO = 'https://www.googleapis.com/auth/contacts.readonly';
const SCOPE_CHROMEWEBSTORE = 'https://www.googleapis.com/auth/chromewebstore.readonly';
const SCOPE_GMAIL = 'https://mail.google.com/mail/feed/atom';
const SCOPE_GMAIL_IMAP_SMTP = 'https://mail.google.com';
const SCOPE_PICASAWEB = 'https://picasaweb.google.com/data/';
const SCOPE_SITES = 'https://sites.google.com/feeds/';
const SCOPE_URLSHORTENER = 'https://www.googleapis.com/auth/urlshortener';
const SCOPE_WEBMASTERTOOLS = 'https://www.google.com/webmasters/tools/feeds/';
const SCOPE_TASKS = 'https://www.googleapis.com/auth/tasks';
// Cloud services
const SCOPE_CLOUDSTORAGE = 'https://www.googleapis.com/auth/devstorage.read_write';
const SCOPE_CONTENTFORSHOPPING = 'https://www.googleapis.com/auth/structuredcontent'; // what even is this
const SCOPE_USER_PROVISIONING = 'https://apps-apis.google.com/a/feeds/user/';
const SCOPE_GROUPS_PROVISIONING = 'https://apps-apis.google.com/a/feeds/groups/';
const SCOPE_NICKNAME_PROVISIONING = 'https://apps-apis.google.com/a/feeds/alias/';
// Cloud services
const SCOPE_CLOUDSTORAGE = 'https://www.googleapis.com/auth/devstorage.read_write';
const SCOPE_CONTENTFORSHOPPING = 'https://www.googleapis.com/auth/structuredcontent'; // what even is this
const SCOPE_USER_PROVISIONING = 'https://apps-apis.google.com/a/feeds/user/';
const SCOPE_GROUPS_PROVISIONING = 'https://apps-apis.google.com/a/feeds/groups/';
const SCOPE_NICKNAME_PROVISIONING = 'https://apps-apis.google.com/a/feeds/alias/';
// Old
const SCOPE_ORKUT = 'https://www.googleapis.com/auth/orkut';
const SCOPE_GOOGLELATITUDE =
'https://www.googleapis.com/auth/latitude.all.best https://www.googleapis.com/auth/latitude.all.city';
const SCOPE_OPENID = 'openid';
// Old
const SCOPE_ORKUT = 'https://www.googleapis.com/auth/orkut';
const SCOPE_GOOGLELATITUDE =
'https://www.googleapis.com/auth/latitude.all.best https://www.googleapis.com/auth/latitude.all.city';
const SCOPE_OPENID = 'openid';
// YouTube
const SCOPE_YOUTUBE_GDATA = 'https://gdata.youtube.com';
const SCOPE_YOUTUBE_ANALYTICS_MONETARY = 'https://www.googleapis.com/auth/yt-analytics-monetary.readonly';
const SCOPE_YOUTUBE_ANALYTICS = 'https://www.googleapis.com/auth/yt-analytics.readonly';
const SCOPE_YOUTUBE = 'https://www.googleapis.com/auth/youtube';
const SCOPE_YOUTUBE_READ_ONLY = 'https://www.googleapis.com/auth/youtube.readonly';
const SCOPE_YOUTUBE_UPLOAD = 'https://www.googleapis.com/auth/youtube.upload';
const SCOPE_YOUTUBE_PARTNER = 'https://www.googleapis.com/auth/youtubepartner';
const SCOPE_YOUTUBE_PARTNER_AUDIT = 'https://www.googleapis.com/auth/youtubepartner-channel-audit';
// YouTube
const SCOPE_YOUTUBE_GDATA = 'https://gdata.youtube.com';
const SCOPE_YOUTUBE_ANALYTICS_MONETARY = 'https://www.googleapis.com/auth/yt-analytics-monetary.readonly';
const SCOPE_YOUTUBE_ANALYTICS = 'https://www.googleapis.com/auth/yt-analytics.readonly';
const SCOPE_YOUTUBE = 'https://www.googleapis.com/auth/youtube';
const SCOPE_YOUTUBE_READ_ONLY = 'https://www.googleapis.com/auth/youtube.readonly';
const SCOPE_YOUTUBE_UPLOAD = 'https://www.googleapis.com/auth/youtube.upload';
const SCOPE_YOUTUBE_PARTNER = 'https://www.googleapis.com/auth/youtubepartner';
const SCOPE_YOUTUBE_PARTNER_AUDIT = 'https://www.googleapis.com/auth/youtubepartner-channel-audit';
// Google Glass
const SCOPE_GLASS_TIMELINE = 'https://www.googleapis.com/auth/glass.timeline';
const SCOPE_GLASS_LOCATION = 'https://www.googleapis.com/auth/glass.location';
// Google Glass
const SCOPE_GLASS_TIMELINE = 'https://www.googleapis.com/auth/glass.timeline';
const SCOPE_GLASS_LOCATION = 'https://www.googleapis.com/auth/glass.location';
// Android Publisher
const SCOPE_ANDROID_PUBLISHER = 'https://www.googleapis.com/auth/androidpublisher';
// Android Publisher
const SCOPE_ANDROID_PUBLISHER = 'https://www.googleapis.com/auth/androidpublisher';
// Google Gsuite
// Google Gsuite
const SCOPE_ADMIN_DIRECTORY_USER = "https://www.googleapis.com/auth/admin.directory.user";
const SCOPE_ADMIN_DIRECTORY_CUSTOMER = "https://www.googleapis.com/auth/admin.directory.customer";
protected $accessType = 'online';
protected $accessType = 'online';
public function __construct(
CredentialsInterface $credentials,
ClientInterface $httpClient,
TokenStorageInterface $storage,
$scopes = array(),
UriInterface $baseApiUri = null
) {
parent::__construct($credentials, $httpClient, $storage, $scopes, $baseApiUri, true);
public function __construct(
CredentialsInterface $credentials,
ClientInterface $httpClient,
TokenStorageInterface $storage,
$scopes = array(),
UriInterface $baseApiUri = null
) {
parent::__construct($credentials, $httpClient, $storage, $scopes, $baseApiUri, true);
if (null === $baseApiUri) {
$this->baseApiUri = new Uri('https://www.googleapis.com/oauth2/v1/');
}
}
if (null === $baseApiUri) {
$this->baseApiUri = new Uri('https://www.googleapis.com/oauth2/v1/');
}
}
public function setAccessType($accessType)
{
if (!in_array($accessType, array('online', 'offline'), true)) {
throw new InvalidAccessTypeException('Invalid accessType, expected either online or offline');
}
$this->accessType = $accessType;
}
public function setAccessType($accessType)
{
if (!in_array($accessType, array('online', 'offline'), true)) {
throw new InvalidAccessTypeException('Invalid accessType, expected either online or offline');
}
$this->accessType = $accessType;
}
// LDR CHANGE Add approval_prompt to force the prompt if value is set to 'force' so it force return of a "refresh token" in addition to "standard token"
public $approvalPrompt='auto';
public function setApprouvalPrompt($prompt)
{
if (!in_array($prompt, array('auto', 'force'), true)) {
// @todo Maybe could we rename this exception
throw new InvalidAccessTypeException('Invalid approuvalPrompt, expected either auto or force.');
}
$this->approvalPrompt = $prompt;
}
// LDR CHANGE Add approval_prompt to force the prompt if value is set to 'force' so it force return of a "refresh token" in addition to "standard token"
public $approvalPrompt='auto';
public function setApprouvalPrompt($prompt)
{
if (!in_array($prompt, array('auto', 'force'), true)) {
// @todo Maybe could we rename this exception
throw new InvalidAccessTypeException('Invalid approuvalPrompt, expected either auto or force.');
}
$this->approvalPrompt = $prompt;
}
/**
* {@inheritdoc}
*/
public function getAuthorizationEndpoint()
{
// LDR CHANGE Add approval_prompt to force the prompt if value is set to 'force' so it force return of a "refresh token" in addition to "standard token"
//return new Uri('https://accounts.google.com/o/oauth2/auth?access_type='.$this->accessType);
return new Uri('https://accounts.google.com/o/oauth2/auth?'.($this->approvalPrompt?'approval_prompt='.$this->approvalPrompt.'&':'').'access_type='.$this->accessType);
}
/**
* {@inheritdoc}
*/
public function getAuthorizationEndpoint()
{
// LDR CHANGE Add approval_prompt to force the prompt if value is set to 'force' so it force return of a "refresh token" in addition to "standard token"
//return new Uri('https://accounts.google.com/o/oauth2/auth?access_type='.$this->accessType);
$url = 'https://accounts.google.com/o/oauth2/auth?'.($this->approvalPrompt?'approval_prompt='.$this->approvalPrompt.'&':'').'access_type='.$this->accessType;
/**
* {@inheritdoc}
*/
public function getAccessTokenEndpoint()
{
return new Uri('https://accounts.google.com/o/oauth2/token');
}
return new Uri($url);
}
/**
* {@inheritdoc}
*/
protected function parseAccessTokenResponse($responseBody)
{
$data = json_decode($responseBody, true);
/**
* {@inheritdoc}
*/
public function getAccessTokenEndpoint()
{
return new Uri('https://accounts.google.com/o/oauth2/token');
}
if (null === $data || !is_array($data)) {
throw new TokenResponseException('Unable to parse response.');
} elseif (isset($data['error'])) {
throw new TokenResponseException('Error in retrieving token: "' . $data['error'] . '"');
}
/**
* {@inheritdoc}
*/
protected function parseAccessTokenResponse($responseBody)
{
$data = json_decode($responseBody, true);
$token = new StdOAuth2Token();
$token->setAccessToken($data['access_token']);
$token->setLifetime($data['expires_in']);
if (null === $data || !is_array($data)) {
throw new TokenResponseException('Unable to parse response.');
} elseif (isset($data['error'])) {
throw new TokenResponseException('Error in retrieving token: "' . $data['error'] . '"');
}
if (isset($data['refresh_token'])) {
$token->setRefreshToken($data['refresh_token']);
unset($data['refresh_token']);
}
$token = new StdOAuth2Token();
$token->setAccessToken($data['access_token']);
$token->setLifetime($data['expires_in']);
unset($data['access_token']);
unset($data['expires_in']);
if (isset($data['refresh_token'])) {
$token->setRefreshToken($data['refresh_token']);
unset($data['refresh_token']);
}
$token->setExtraParams($data);
unset($data['access_token']);
unset($data['expires_in']);
return $token;
}
$token->setExtraParams($data);
return $token;
}
}

97
htdocs/includes/OAuth/OAuth2/Service/WordPress.php Executable file
View File

@ -0,0 +1,97 @@
<?php
namespace OAuth\OAuth2\Service;
use OAuth\Common\Consumer\CredentialsInterface;
use OAuth\Common\Http\Client\ClientInterface;
use OAuth\Common\Http\Uri\UriInterface;
use OAuth\Common\Storage\TokenStorageInterface;
use OAuth\OAuth2\Token\StdOAuth2Token;
use OAuth\Common\Http\Exception\TokenResponseException;
use OAuth\OAuth2\Service\Exception\InvalidAccessTypeException;
use OAuth\Common\Http\Uri\Uri;
class WordPress extends AbstractService
{
protected $accessType = 'online';
public function __construct(
CredentialsInterface $credentials,
ClientInterface $httpClient,
TokenStorageInterface $storage,
$scopes = array(),
UriInterface $baseApiUri = null
) {
parent::__construct($credentials, $httpClient, $storage, $scopes, $baseApiUri, true);
if (null === $baseApiUri) {
$this->baseApiUri = new Uri('https://addresse_de_votre_site_wordpress');
}
}
/*
// LDR CHANGE Add approval_prompt to force the prompt if value is set to 'force' so it force return of a "refresh token" in addition to "standard token"
public $approvalPrompt='auto';
public function setApprouvalPrompt($prompt)
{
if (!in_array($prompt, array('auto', 'force'), true)) {
// @todo Maybe could we rename this exception
throw new InvalidAccessTypeException('Invalid approuvalPrompt, expected either auto or force.');
}
$this->approvalPrompt = $prompt;
}*/
/**
* {@inheritdoc}
*/
public function getAuthorizationEndpoint()
{
return new Uri(sprintf('%s/oauth/authorize', $this->baseApiUri));
}
/**
* {@inheritdoc}
*/
public function getAccessTokenEndpoint()
{
return new Uri(sprintf('%s/oauth/token', $this->baseApiUri));
}
/**
* {@inheritdoc}
*/
protected function getAuthorizationMethod()
{
global $conf;
return empty($conf->global->OAUTH_WORDPRESS_AUTHORIZATION_METHOD_QUERY_STRING) ? static::AUTHORIZATION_METHOD_HEADER_BEARER : static::AUTHORIZATION_METHOD_QUERY_STRING;
}
/**
* {@inheritdoc}
*/
protected function parseAccessTokenResponse($responseBody)
{
$data = json_decode($responseBody, true);
if (null === $data || !is_array($data)) {
throw new TokenResponseException('Unable to parse response: "'.(isset($responseBody)?$responseBody:'NULL').'"');
} elseif (isset($data['error'])) {
throw new TokenResponseException('Error in retrieving token: "' . $data['error'] . '" : "'.$data['error_description'].'"');
}
$token = new StdOAuth2Token();
$token->setAccessToken($data['access_token']);
$token->setLifetime($data['expires_in']);
if (isset($data['refresh_token'])) {
$token->setRefreshToken($data['refresh_token']);
unset($data['refresh_token']);
}
unset($data['access_token']);
unset($data['expires_in']);
$token->setExtraParams($data);
return $token;
}
}

74
htdocs/includes/swiftmailer/egulias/email-validator/EmailValidator/EmailLexer.php
View File

@ -13,6 +13,8 @@ class EmailLexer extends AbstractLexer
const S_BACKSLASH = 92;
const S_DOT = 46;
const S_DQUOTE = 34;
const S_SQUOTE = 39;
const S_BACKTICK = 96;
const S_OPENPARENTHESIS = 49;
const S_CLOSEPARENTHESIS = 261;
const S_OPENBRACKET = 262;
@ -58,6 +60,8 @@ class EmailLexer extends AbstractLexer
'/' => self::S_SLASH,
',' => self::S_COMMA,
'.' => self::S_DOT,
"'" => self::S_SQUOTE,
"`" => self::S_BACKTICK,
'"' => self::S_DQUOTE,
'-' => self::S_HYPHEN,
'::' => self::S_DOUBLECOLON,
@ -73,25 +77,73 @@ class EmailLexer extends AbstractLexer
'\0' => self::C_NUL,
);
/**
* @var bool
*/
protected $hasInvalidTokens = false;
protected $previous;
/**
* @var array
*
* @psalm-var array{value:string, type:null|int, position:int}|array<empty, empty>
*/
protected $previous = [];
/**
* The last matched/seen token.
*
* @var array
*
* @psalm-var array{value:string, type:null|int, position:int}
*/
public $token;
/**
* The next token in the input.
*
* @var array|null
*/
public $lookahead;
/**
* @psalm-var array{value:'', type:null, position:0}
*/
private static $nullToken = [
'value' => '',
'type' => null,
'position' => 0,
];
public function __construct()
{
$this->previous = $this->token = self::$nullToken;
$this->lookahead = null;
}
/**
* @return void
*/
public function reset()
{
$this->hasInvalidTokens = false;
parent::reset();
$this->previous = $this->token = self::$nullToken;
}
/**
* @return bool
*/
public function hasInvalidTokens()
{
return $this->hasInvalidTokens;
}
/**
* @param $type
* @param int $type
* @throws \UnexpectedValueException
* @return boolean
*
* @psalm-suppress InvalidScalarArgument
*/
public function find($type)
{
@ -107,7 +159,7 @@ class EmailLexer extends AbstractLexer
/**
* getPrevious
*
* @return array token
* @return array
*/
public function getPrevious()
{
@ -122,8 +174,10 @@ class EmailLexer extends AbstractLexer
public function moveNext()
{
$this->previous = $this->token;
$hasNext = parent::moveNext();
$this->token = $this->token ?: self::$nullToken;
return parent::moveNext();
return $hasNext;
}
/**
@ -179,6 +233,11 @@ class EmailLexer extends AbstractLexer
return self::GENERIC;
}
/**
* @param string $value
*
* @return bool
*/
protected function isValid($value)
{
if (isset($this->charValue[$value])) {
@ -189,7 +248,7 @@ class EmailLexer extends AbstractLexer
}
/**
* @param $value
* @param string $value
* @return bool
*/
protected function isNullType($value)
@ -202,7 +261,7 @@ class EmailLexer extends AbstractLexer
}
/**
* @param $value
* @param string $value
* @return bool
*/
protected function isUTF8Invalid($value)
@ -214,6 +273,9 @@ class EmailLexer extends AbstractLexer
return false;
}
/**
* @return string
*/
protected function getModifiers()
{
return 'iu';

39
htdocs/includes/swiftmailer/egulias/email-validator/EmailValidator/EmailParser.php
View File

@ -17,11 +17,33 @@ class EmailParser
{
const EMAIL_MAX_LENGTH = 254;
protected $warnings;
/**
* @var array
*/
protected $warnings = [];
/**
* @var string
*/
protected $domainPart = '';
/**
* @var string
*/
protected $localPart = '';
/**
* @var EmailLexer
*/
protected $lexer;
/**
* @var LocalPart
*/
protected $localPartParser;
/**
* @var DomainPart
*/
protected $domainPartParser;
public function __construct(EmailLexer $lexer)
@ -29,11 +51,10 @@ class EmailParser
$this->lexer = $lexer;
$this->localPartParser = new LocalPart($this->lexer);
$this->domainPartParser = new DomainPart($this->lexer);
$this->warnings = new \SplObjectStorage();
}
/**
* @param $str
* @param string $str
* @return array
*/
public function parse($str)
@ -57,6 +78,9 @@ class EmailParser
return array('local' => $this->localPart, 'domain' => $this->domainPart);
}
/**
* @return Warning\Warning[]
*/
public function getWarnings()
{
$localPartWarnings = $this->localPartParser->getWarnings();
@ -68,11 +92,17 @@ class EmailParser
return $this->warnings;
}
/**
* @return string
*/
public function getParsedDomainPart()
{
return $this->domainPart;
}
/**
* @param string $email
*/
protected function setParts($email)
{
$parts = explode('@', $email);
@ -80,6 +110,9 @@ class EmailParser
$this->localPart = $parts[0];
}
/**
* @return bool
*/
protected function hasAtToken()
{
$this->lexer->moveNext();

10
htdocs/includes/swiftmailer/egulias/email-validator/EmailValidator/EmailValidator.php
View File

@ -13,12 +13,12 @@ class EmailValidator
private $lexer;
/**
* @var array
* @var Warning\Warning[]
*/
protected $warnings;
protected $warnings = [];
/**
* @var InvalidEmail
* @var InvalidEmail|null
*/
protected $error;
@ -28,7 +28,7 @@ class EmailValidator
}
/**
* @param $email
* @param string $email
* @param EmailValidation $emailValidation
* @return bool
*/
@ -58,7 +58,7 @@ class EmailValidator
}
/**
* @return InvalidEmail
* @return InvalidEmail|null
*/
public function getError()
{

9
htdocs/includes/swiftmailer/egulias/email-validator/EmailValidator/Exception/DomainAcceptsNoMail.php Normal file
View File

@ -0,0 +1,9 @@
<?php
namespace Egulias\EmailValidator\Exception;
class DomainAcceptsNoMail extends InvalidEmail
{
const CODE = 154;
const REASON = 'Domain accepts no mail (Null MX, RFC7505)';
}

2
htdocs/includes/swiftmailer/egulias/email-validator/EmailValidator/Exception/ExpectingQPair.php
View File

@ -2,7 +2,7 @@
namespace Egulias\EmailValidator\Exception;
class ExpectedQPair extends InvalidEmail
class ExpectingQPair extends InvalidEmail
{
const CODE = 136;
const REASON = "Expecting QPAIR";

9
htdocs/includes/swiftmailer/egulias/email-validator/EmailValidator/Exception/LocalOrReservedDomain.php Normal file
View File

@ -0,0 +1,9 @@
<?php
namespace Egulias\EmailValidator\Exception;
class LocalOrReservedDomain extends InvalidEmail
{
const CODE = 153;
const REASON = 'Local, mDNS or reserved domain (RFC2606, RFC6762)';
}

2
htdocs/includes/swiftmailer/egulias/email-validator/EmailValidator/Exception/NoDNSRecord.php
View File

@ -2,8 +2,6 @@
namespace Egulias\EmailValidator\Exception;
use Egulias\EmailValidator\Exception\InvalidEmail;
class NoDNSRecord extends InvalidEmail
{
const CODE = 5;

2
htdocs/includes/swiftmailer/egulias/email-validator/EmailValidator/Exception/UnclosedComment.php
View File

@ -5,5 +5,5 @@ namespace Egulias\EmailValidator\Exception;
class UnclosedComment extends InvalidEmail
{
const CODE = 146;
const REASON = "No colosing comment token found";
const REASON = "No closing comment token found";
}

125
htdocs/includes/swiftmailer/egulias/email-validator/EmailValidator/Parser/DomainPart.php
View File

@ -35,27 +35,18 @@ use Egulias\EmailValidator\Warning\TLD;
class DomainPart extends Parser
{
const DOMAIN_MAX_LENGTH = 254;
const LABEL_MAX_LENGTH = 63;
/**
* @var string
*/
protected $domainPart = '';
public function parse($domainPart)
{
$this->lexer->moveNext();
if ($this->lexer->token['type'] === EmailLexer::S_DOT) {
throw new DotAtStart();
}
if ($this->lexer->token['type'] === EmailLexer::S_EMPTY) {
throw new NoDomainPart();
}
if ($this->lexer->token['type'] === EmailLexer::S_HYPHEN) {
throw new DomainHyphened();
}
if ($this->lexer->token['type'] === EmailLexer::S_OPENPARENTHESIS) {
$this->warnings[DeprecatedComment::CODE] = new DeprecatedComment();
$this->parseDomainComments();
}
$this->performDomainStartChecks();
$domain = $this->doParseDomainPart();
@ -77,11 +68,50 @@ class DomainPart extends Parser
$this->domainPart = $domain;
}
private function performDomainStartChecks()
{
$this->checkInvalidTokensAfterAT();
$this->checkEmptyDomain();
if ($this->lexer->token['type'] === EmailLexer::S_OPENPARENTHESIS) {
$this->warnings[DeprecatedComment::CODE] = new DeprecatedComment();
$this->parseDomainComments();
}
}
private function checkEmptyDomain()
{
$thereIsNoDomain = $this->lexer->token['type'] === EmailLexer::S_EMPTY ||
($this->lexer->token['type'] === EmailLexer::S_SP &&
!$this->lexer->isNextToken(EmailLexer::GENERIC));
if ($thereIsNoDomain) {
throw new NoDomainPart();
}
}
private function checkInvalidTokensAfterAT()
{
if ($this->lexer->token['type'] === EmailLexer::S_DOT) {
throw new DotAtStart();
}
if ($this->lexer->token['type'] === EmailLexer::S_HYPHEN) {
throw new DomainHyphened();
}
}
/**
* @return string
*/
public function getDomainPart()
{
return $this->domainPart;
}
/**
* @param string $addressLiteral
* @param int $maxGroups
*/
public function checkIPV6Tag($addressLiteral, $maxGroups = 8)
{
$prev = $this->lexer->getPrevious();
@ -125,9 +155,13 @@ class DomainPart extends Parser
}
}
/**
* @return string
*/
protected function doParseDomainPart()
{
$domain = '';
$label = '';
$openedParenthesis = 0;
do {
$prev = $this->lexer->getPrevious();
@ -158,7 +192,12 @@ class DomainPart extends Parser
$this->parseDomainLiteral();
}
$this->checkLabelLength($prev);
if ($this->lexer->token['type'] === EmailLexer::S_DOT) {
$this->checkLabelLength($label);
$label = '';
} else {
$label .= $this->lexer->token['value'];
}
if ($this->isFWS()) {
$this->parseFWS();
@ -166,12 +205,17 @@ class DomainPart extends Parser
$domain .= $this->lexer->token['value'];
$this->lexer->moveNext();
} while ($this->lexer->token);
if ($this->lexer->token['type'] === EmailLexer::S_SP) {
throw new CharNotAllowed();
}
} while (null !== $this->lexer->token['type']);
$this->checkLabelLength($label);
return $domain;
}
private function checkNotAllowedChars($token)
private function checkNotAllowedChars(array $token)
{
$notAllowed = [EmailLexer::S_BACKSLASH => true, EmailLexer::S_SLASH=> true];
if (isset($notAllowed[$token['type']])) {
@ -179,6 +223,9 @@ class DomainPart extends Parser
}
}
/**
* @return string|false
*/
protected function parseDomainLiteral()
{
if ($this->lexer->isNextToken(EmailLexer::S_COLON)) {
@ -195,6 +242,9 @@ class DomainPart extends Parser
return $this->doParseDomainLiteral();
}
/**
* @return string|false
*/
protected function doParseDomainLiteral()
{
$IPv6TAG = false;
@ -262,6 +312,11 @@ class DomainPart extends Parser
return $addressLiteral;
}
/**
* @param string $addressLiteral
*
* @return string|false
*/
protected function checkIPV4Tag($addressLiteral)
{
$matchesIP = array();
@ -279,16 +334,18 @@ class DomainPart extends Parser
return false;
}
// Convert IPv4 part to IPv6 format for further testing
$addressLiteral = substr($addressLiteral, 0, $index) . '0:0';
$addressLiteral = substr($addressLiteral, 0, (int) $index) . '0:0';
}
return $addressLiteral;
}
protected function checkDomainPartExceptions($prev)
protected function checkDomainPartExceptions(array $prev)
{
$invalidDomainTokens = array(
EmailLexer::S_DQUOTE => true,
EmailLexer::S_SQUOTE => true,
EmailLexer::S_BACKTICK => true,
EmailLexer::S_SEMICOLON => true,
EmailLexer::S_GREATERTHAN => true,
EmailLexer::S_LOWERTHAN => true,
@ -320,6 +377,9 @@ class DomainPart extends Parser
}
}
/**
* @return bool
*/
protected function hasBrackets()
{
if ($this->lexer->token['type'] !== EmailLexer::S_OPENBRACKET) {
@ -335,16 +395,31 @@ class DomainPart extends Parser
return true;
}
protected function checkLabelLength($prev)
/**
* @param string $label
*/
protected function checkLabelLength($label)
{
if ($this->lexer->token['type'] === EmailLexer::S_DOT &&
$prev['type'] === EmailLexer::GENERIC &&
strlen($prev['value']) > 63
) {
if ($this->isLabelTooLong($label)) {
$this->warnings[LabelTooLong::CODE] = new LabelTooLong();
}
}
/**
* @param string $label
* @return bool
*/
private function isLabelTooLong($label)
{
if (preg_match('/[^\x00-\x7F]/', $label)) {
idn_to_ascii($label, IDNA_DEFAULT, INTL_IDNA_VARIANT_UTS46, $idnaInfo);
return (bool) ($idnaInfo['errors'] & IDNA_ERROR_LABEL_TOO_LONG);
}
return strlen($label) > self::LABEL_MAX_LENGTH;
}
protected function parseDomainComments()
{
$this->isUnclosedComment();

25
htdocs/includes/swiftmailer/egulias/email-validator/EmailValidator/Parser/LocalPart.php
View File

@ -5,7 +5,6 @@ namespace Egulias\EmailValidator\Parser;
use Egulias\EmailValidator\Exception\DotAtEnd;
use Egulias\EmailValidator\Exception\DotAtStart;
use Egulias\EmailValidator\EmailLexer;
use Egulias\EmailValidator\EmailValidator;
use Egulias\EmailValidator\Exception\ExpectingAT;
use Egulias\EmailValidator\Exception\ExpectingATEXT;
use Egulias\EmailValidator\Exception\UnclosedQuotedString;
@ -20,9 +19,10 @@ class LocalPart extends Parser
$parseDQuote = true;
$closingQuote = false;
$openedParenthesis = 0;
$totalLength = 0;
while ($this->lexer->token['type'] !== EmailLexer::S_AT && $this->lexer->token) {
if ($this->lexer->token['type'] === EmailLexer::S_DOT && !$this->lexer->getPrevious()) {
while ($this->lexer->token['type'] !== EmailLexer::S_AT && null !== $this->lexer->token['type']) {
if ($this->lexer->token['type'] === EmailLexer::S_DOT && null === $this->lexer->getPrevious()['type']) {
throw new DotAtStart();
}
@ -35,12 +35,13 @@ class LocalPart extends Parser
$this->parseComments();
$openedParenthesis += $this->getOpenedParenthesis();
}
if ($this->lexer->token['type'] === EmailLexer::S_CLOSEPARENTHESIS) {
if ($openedParenthesis === 0) {
throw new UnopenedComment();
} else {
$openedParenthesis--;
}
$openedParenthesis--;
}
$this->checkConsecutiveDots();
@ -58,15 +59,18 @@ class LocalPart extends Parser
$this->parseFWS();
}
$totalLength += strlen($this->lexer->token['value']);
$this->lexer->moveNext();
}
$prev = $this->lexer->getPrevious();
if (strlen($prev['value']) > LocalTooLong::LOCAL_PART_LENGTH) {
if ($totalLength > LocalTooLong::LOCAL_PART_LENGTH) {
$this->warnings[LocalTooLong::CODE] = new LocalTooLong();
}
}
/**
* @return bool
*/
protected function parseDoubleQuote()
{
$parseAgain = true;
@ -86,7 +90,7 @@ class LocalPart extends Parser
$this->lexer->moveNext();
while ($this->lexer->token['type'] !== EmailLexer::S_DQUOTE && $this->lexer->token) {
while ($this->lexer->token['type'] !== EmailLexer::S_DQUOTE && null !== $this->lexer->token['type']) {
$parseAgain = false;
if (isset($special[$this->lexer->token['type']]) && $setSpecialsWarning) {
$this->warnings[CFWSWithFWS::CODE] = new CFWSWithFWS();
@ -118,7 +122,10 @@ class LocalPart extends Parser
return $parseAgain;
}
protected function isInvalidToken($token, $closingQuote)
/**
* @param bool $closingQuote
*/
protected function isInvalidToken(array $token, $closingQuote)
{
$forbidden = array(
EmailLexer::S_COMMA,

40
htdocs/includes/swiftmailer/egulias/email-validator/EmailValidator/Parser/Parser.php
View File

@ -8,7 +8,7 @@ use Egulias\EmailValidator\Exception\ConsecutiveDot;
use Egulias\EmailValidator\Exception\CRLFAtTheEnd;
use Egulias\EmailValidator\Exception\CRLFX2;
use Egulias\EmailValidator\Exception\CRNoLF;
use Egulias\EmailValidator\Exception\ExpectedQPair;
use Egulias\EmailValidator\Exception\ExpectingQPair;
use Egulias\EmailValidator\Exception\ExpectingATEXT;
use Egulias\EmailValidator\Exception\ExpectingCTEXT;
use Egulias\EmailValidator\Exception\UnclosedComment;
@ -21,8 +21,19 @@ use Egulias\EmailValidator\Warning\QuotedString;
abstract class Parser
{
/**
* @var array
*/
protected $warnings = [];
/**
* @var EmailLexer
*/
protected $lexer;
/**
* @var int
*/
protected $openedParenthesis = 0;
public function __construct(EmailLexer $lexer)
@ -30,11 +41,17 @@ abstract class Parser
$this->lexer = $lexer;
}
/**
* @return \Egulias\EmailValidator\Warning\Warning[]
*/
public function getWarnings()
{
return $this->warnings;
}
/**
* @param string $str
*/
abstract public function parse($str);
/** @return int */
@ -50,7 +67,7 @@ abstract class Parser
{
if (!($this->lexer->token['type'] === EmailLexer::INVALID
|| $this->lexer->token['type'] === EmailLexer::C_DEL)) {
throw new ExpectedQPair();
throw new ExpectingQPair();
}
$this->warnings[QuotedPart::CODE] =
@ -80,6 +97,9 @@ abstract class Parser
}
}
/**
* @return bool
*/
protected function isUnclosedComment()
{
try {
@ -122,6 +142,9 @@ abstract class Parser
}
}
/**
* @return bool
*/
protected function isFWS()
{
if ($this->escaped()) {
@ -140,11 +163,14 @@ abstract class Parser
return false;
}
/**
* @return bool
*/
protected function escaped()
{
$previous = $this->lexer->getPrevious();
if ($previous['type'] === EmailLexer::S_BACKSLASH
if ($previous && $previous['type'] === EmailLexer::S_BACKSLASH
&&
$this->lexer->token['type'] !== EmailLexer::GENERIC
) {
@ -154,6 +180,9 @@ abstract class Parser
return false;
}
/**
* @return bool
*/
protected function warnEscaping()
{
if ($this->lexer->token['type'] !== EmailLexer::S_BACKSLASH) {
@ -174,6 +203,11 @@ abstract class Parser
}
/**
* @param bool $hasClosingQuote
*
* @return bool
*/
protected function checkDQUOTE($hasClosingQuote)
{
if ($this->lexer->token['type'] !== EmailLexer::S_DQUOTE) {

129
htdocs/includes/swiftmailer/egulias/email-validator/EmailValidator/Validation/DNSCheckValidation.php
View File

@ -4,6 +4,8 @@ namespace Egulias\EmailValidator\Validation;
use Egulias\EmailValidator\EmailLexer;
use Egulias\EmailValidator\Exception\InvalidEmail;
use Egulias\EmailValidator\Exception\LocalOrReservedDomain;
use Egulias\EmailValidator\Exception\DomainAcceptsNoMail;
use Egulias\EmailValidator\Warning\NoDNSMXRecord;
use Egulias\EmailValidator\Exception\NoDNSRecord;
@ -15,10 +17,23 @@ class DNSCheckValidation implements EmailValidation
private $warnings = [];
/**
* @var InvalidEmail
* @var InvalidEmail|null
*/
private $error;
/**
* @var array
*/
private $mxRecords = [];
public function __construct()
{
if (!function_exists('idn_to_ascii')) {
throw new \LogicException(sprintf('The %s class requires the Intl extension.', __CLASS__));
}
}
public function isValid($email, EmailLexer $emailLexer)
{
// use the input to check DNS if we cannot extract something similar to a domain
@ -29,7 +44,40 @@ class DNSCheckValidation implements EmailValidation
$host = substr($email, $lastAtPos + 1);
}
return $this->checkDNS($host);
// Get the domain parts
$hostParts = explode('.', $host);
// Reserved Top Level DNS Names (https://tools.ietf.org/html/rfc2606#section-2),
// mDNS and private DNS Namespaces (https://tools.ietf.org/html/rfc6762#appendix-G)
$reservedTopLevelDnsNames = [
// Reserved Top Level DNS Names
'test',
'example',
'invalid',
'localhost',
// mDNS
'local',
// Private DNS Namespaces
'intranet',
'internal',
'private',
'corp',
'home',
'lan',
];
$isLocalDomain = count($hostParts) <= 1;
$isReservedTopLevel = in_array($hostParts[(count($hostParts) - 1)], $reservedTopLevelDnsNames, true);
// Exclude reserved top level DNS names
if ($isLocalDomain || $isReservedTopLevel) {
$this->error = new LocalOrReservedDomain();
return false;
}
return $this->checkDns($host);
}
public function getError()
@ -42,20 +90,77 @@ class DNSCheckValidation implements EmailValidation
return $this->warnings;
}
protected function checkDNS($host)
/**
* @param string $host
*
* @return bool
*/
protected function checkDns($host)
{
$host = rtrim($host, '.') . '.';
$variant = INTL_IDNA_VARIANT_UTS46;
$Aresult = true;
$MXresult = checkdnsrr($host, 'MX');
$host = rtrim(idn_to_ascii($host, IDNA_DEFAULT, $variant), '.') . '.';
if (!$MXresult) {
$this->warnings[NoDNSMXRecord::CODE] = new NoDNSMXRecord();
$Aresult = checkdnsrr($host, 'A') || checkdnsrr($host, 'AAAA');
if (!$Aresult) {
$this->error = new NoDNSRecord();
return $this->validateDnsRecords($host);
}
/**
* Validate the DNS records for given host.
*
* @param string $host A set of DNS records in the format returned by dns_get_record.
*
* @return bool True on success.
*/
private function validateDnsRecords($host)
{
// Get all MX, A and AAAA DNS records for host
// Using @ as workaround to fix https://bugs.php.net/bug.php?id=73149
$dnsRecords = @dns_get_record($host, DNS_MX + DNS_A + DNS_AAAA);
// No MX, A or AAAA DNS records
if (empty($dnsRecords)) {
$this->error = new NoDNSRecord();
return false;
}
// For each DNS record
foreach ($dnsRecords as $dnsRecord) {
if (!$this->validateMXRecord($dnsRecord)) {
return false;
}
}
return $MXresult || $Aresult;
// No MX records (fallback to A or AAAA records)
if (empty($this->mxRecords)) {
$this->warnings[NoDNSMXRecord::CODE] = new NoDNSMXRecord();
}
return true;
}
/**
* Validate an MX record
*
* @param array $dnsRecord Given DNS record.
*
* @return bool True if valid.
*/
private function validateMxRecord($dnsRecord)
{
if ($dnsRecord['type'] !== 'MX') {
return true;
}
// "Null MX" record indicates the domain accepts no mail (https://tools.ietf.org/html/rfc7505)
if (empty($dnsRecord['target']) || $dnsRecord['target'] === '.') {
$this->error = new DomainAcceptsNoMail();
return false;
}
$this->mxRecords[] = $dnsRecord;
return true;
}
}

3
htdocs/includes/swiftmailer/egulias/email-validator/EmailValidator/Validation/Exception/EmptyValidationList.php
View File

@ -6,6 +6,9 @@ use Exception;
class EmptyValidationList extends \InvalidArgumentException
{
/**
* @param int $code
*/
public function __construct($code = 0, Exception $previous = null)
{
parent::__construct("Empty validation list is not allowed", $code, $previous);

8
htdocs/includes/swiftmailer/egulias/email-validator/EmailValidator/Validation/MultipleErrors.php
View File

@ -9,16 +9,22 @@ class MultipleErrors extends InvalidEmail
const CODE = 999;
const REASON = "Accumulated errors for multiple validations";
/**
* @var array
* @var InvalidEmail[]
*/
private $errors = [];
/**
* @param InvalidEmail[] $errors
*/
public function __construct(array $errors)
{
$this->errors = $errors;
parent::__construct();
}
/**
* @return InvalidEmail[]
*/
public function getErrors()
{
return $this->errors;

22
htdocs/includes/swiftmailer/egulias/email-validator/EmailValidator/Validation/MultipleValidationWithAnd.php
View File

@ -30,12 +30,12 @@ class MultipleValidationWithAnd implements EmailValidation
private $warnings = [];
/**
* @var MultipleErrors
* @var MultipleErrors|null
*/
private $error;
/**
* @var bool
* @var int
*/
private $mode;
@ -62,7 +62,8 @@ class MultipleValidationWithAnd implements EmailValidation
$errors = [];
foreach ($this->validations as $validation) {
$emailLexer->reset();
$result = $result && $validation->isValid($email, $emailLexer);
$validationResult = $validation->isValid($email, $emailLexer);
$result = $result && $validationResult;
$this->warnings = array_merge($this->warnings, $validation->getWarnings());
$errors = $this->addNewError($validation->getError(), $errors);
@ -78,6 +79,12 @@ class MultipleValidationWithAnd implements EmailValidation
return $result;
}
/**
* @param \Egulias\EmailValidator\Exception\InvalidEmail|null $possibleError
* @param \Egulias\EmailValidator\Exception\InvalidEmail[] $errors
*
* @return \Egulias\EmailValidator\Exception\InvalidEmail[]
*/
private function addNewError($possibleError, array $errors)
{
if (null !== $possibleError) {
@ -87,13 +94,20 @@ class MultipleValidationWithAnd implements EmailValidation
return $errors;
}
/**
* @param bool $result
*
* @return bool
*/
private function shouldStop($result)
{
return !$result && $this->mode === self::STOP_ON_ERROR;
}
/**
* {@inheritdoc}
* Returns the validation errors.
*
* @return MultipleErrors|null
*/
public function getError()
{

5
htdocs/includes/swiftmailer/egulias/email-validator/EmailValidator/Validation/NoRFCWarningsValidation.php
View File

@ -9,7 +9,7 @@ use Egulias\EmailValidator\Validation\Error\RFCWarnings;
class NoRFCWarningsValidation extends RFCValidation
{
/**
* @var InvalidEmail
* @var InvalidEmail|null
*/
private $error;
@ -22,8 +22,7 @@ class NoRFCWarningsValidation extends RFCValidation
return false;
}
$ret = $this->getWarnings();
if (empty($ret)) {
if (empty($this->getWarnings())) {
return true;
}

4
htdocs/includes/swiftmailer/egulias/email-validator/EmailValidator/Validation/RFCValidation.php
View File

@ -9,7 +9,7 @@ use Egulias\EmailValidator\Exception\InvalidEmail;
class RFCValidation implements EmailValidation
{
/**
* @var EmailParser
* @var EmailParser|null
*/
private $parser;
@ -19,7 +19,7 @@ class RFCValidation implements EmailValidation
private $warnings = [];
/**
* @var InvalidEmail
* @var InvalidEmail|null
*/
private $error;

Some files were not shown because too many files have changed in this diff Show More