From d4057c3febe9e1254adfa65263585bd39cd86bea Mon Sep 17 00:00:00 2001
From: aspangaro <alexandre.spangaro@gmail.com>
Date: Mon, 15 Feb 2016 06:56:51 +0100
Subject: [PATCH 1/3] Fixed: Correct problem of rights beetween tax and
 salaries module

---
 htdocs/compta/charges/index.php | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/htdocs/compta/charges/index.php b/htdocs/compta/charges/index.php
index 45b10f2363c..6e136be1b25 100644
--- a/htdocs/compta/charges/index.php
+++ b/htdocs/compta/charges/index.php
@@ -2,7 +2,7 @@
 /* Copyright (C) 2001-2003 Rodolphe Quiedeville <rodolphe@quiedeville.org>
  * Copyright (C) 2004-2014 Laurent Destailleur  <eldy@users.sourceforge.net>
  * Copyright (C) 2005-2010 Regis Houssin        <regis.houssin@capnetworks.com>
- * Copyright (C) 2011-2014 Alexandre Spangaro   <aspangaro.dolibarr@gmail.com>
+ * Copyright (C) 2011-2016 Alexandre Spangaro   <aspangaro.dolibarr@gmail.com>
  * Copyright (C) 2011-2014 Juanjo Menent	    <jmenent@2byte.es>
  * Copyright (C) 2015      Jean-François Ferry	<jfefe@aternatik.fr>
  *
@@ -86,7 +86,7 @@ if (GETPOST("mode") != 'sconly')
 }
 
 // Payment Salary
-if ($conf->salaries->enabled)
+if (! empty($conf->salaries->enabled) && $user->rights->salaries->read)
 {
 	if (empty($_GET["mode"]) || $_GET["mode"] != 'sconly')
 	{
@@ -167,7 +167,7 @@ if ($conf->salaries->enabled)
 }
 
 
-if ($conf->tax->enabled)
+if (! empty($conf->tax->enabled) && $user->rights->tax->charges->lire)
 {
 	// Social contributions only
 	if (GETPOST("mode") != 'sconly')
@@ -278,7 +278,7 @@ if ($conf->tax->enabled)
 }
 
 // VAT
-if ($conf->tax->enabled)
+if (! empty($conf->tax->enabled) && $user->rights->tax->charges->lire)
 {
 	if (empty($_GET["mode"]) || $_GET["mode"] != 'sconly')
 	{

From d55ac472c3d2ca1cfc85c43f9dafcf2c081d0cad Mon Sep 17 00:00:00 2001
From: Regis Houssin <regis.houssin@capnetworks.com>
Date: Tue, 16 Feb 2016 11:27:58 +0100
Subject: [PATCH 2/3] Fix: issue when bank module is disabled Fix: missing
 entity filter for lines of payment

---
 .../core/modules/rapport/pdf_paiement.class.php   | 15 ++++++++++-----
 1 file changed, 10 insertions(+), 5 deletions(-)

diff --git a/htdocs/core/modules/rapport/pdf_paiement.class.php b/htdocs/core/modules/rapport/pdf_paiement.class.php
index 83bbb0a59b4..cc47c9570a6 100644
--- a/htdocs/core/modules/rapport/pdf_paiement.class.php
+++ b/htdocs/core/modules/rapport/pdf_paiement.class.php
@@ -146,10 +146,11 @@ class pdf_paiement
         $num=0;
         $lines=array();
 
-		// count number of ligne of payement
+		// count number of lines of payment
 		$sql = "SELECT p.rowid as prowid";
 		$sql.= " FROM ".MAIN_DB_PREFIX."paiement as p";
 		$sql.= " WHERE p.datep BETWEEN '".$this->db->idate(dol_get_first_day($year,$month))."' AND '".$this->db->idate(dol_get_last_day($year,$month))."'";
+		$sql.= " AND p.entity = " . $conf->entity;
 		$result = $this->db->query($sql);
 		if ($result)
 		{
@@ -160,19 +161,23 @@ class pdf_paiement
 		$sql = "SELECT p.datep as dp, f.facnumber";
 		//$sql .= ", c.libelle as paiement_type, p.num_paiement";
 		$sql.= ", c.code as paiement_code, p.num_paiement";
-		$sql.= ", p.amount as paiement_amount, f.total_ttc as facture_amount ";
-		$sql.= ", pf.amount as pf_amount , ba.ref as bankaccount ";
+		$sql.= ", p.amount as paiement_amount, f.total_ttc as facture_amount";
+		$sql.= ", pf.amount as pf_amount";
+		if (! empty($conf->banque->enabled))
+			$sql.= ", ba.ref as bankaccount";
 		$sql.= ", p.rowid as prowid";
 		$sql.= " FROM ".MAIN_DB_PREFIX."paiement as p, ".MAIN_DB_PREFIX."facture as f,";
 		$sql.= " ".MAIN_DB_PREFIX."c_paiement as c, ".MAIN_DB_PREFIX."paiement_facture as pf,";
-		$sql.= " ".MAIN_DB_PREFIX."bank as b, ".MAIN_DB_PREFIX."bank_account as ba,";
+		if (! empty($conf->banque->enabled))
+			$sql.= " ".MAIN_DB_PREFIX."bank as b, ".MAIN_DB_PREFIX."bank_account as ba,";
 		$sql.= " ".MAIN_DB_PREFIX."societe as s";
 		if (! $user->rights->societe->client->voir && ! $socid)
 		{
 			$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
 		}
 		$sql.= " WHERE f.fk_soc = s.rowid AND pf.fk_facture = f.rowid AND pf.fk_paiement = p.rowid";
-		$sql.= " AND p.fk_bank = b.rowid AND b.fk_account = ba.rowid ";
+		if (! empty($conf->banque->enabled))
+			$sql.= " AND p.fk_bank = b.rowid AND b.fk_account = ba.rowid ";
 		$sql.= " AND f.entity = ".$conf->entity;
 		$sql.= " AND p.fk_paiement = c.id ";
 		$sql.= " AND p.datep BETWEEN '".$this->db->idate(dol_get_first_day($year,$month))."' AND '".$this->db->idate(dol_get_last_day($year,$month))."'";

From dfe7c6f06f1ef5d399c776297b3df939b666e0eb Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Rapha=C3=ABl=20Doursenaud?= <rdoursenaud@gpcsolutions.fr>
Date: Thu, 18 Feb 2016 12:21:11 +0100
Subject: [PATCH 3/3] Fix #4649 Wrong parameters order

---
 htdocs/product/price.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/htdocs/product/price.php b/htdocs/product/price.php
index 73064859297..c06158ae2ff 100644
--- a/htdocs/product/price.php
+++ b/htdocs/product/price.php
@@ -1256,7 +1256,7 @@ if (! empty($conf->global->PRODUIT_CUSTOMER_PRICES))
 		// Count total nb of records
 		$nbtotalofrecords = 0;
 		if (empty($conf->global->MAIN_DISABLE_FULL_SCANLIST)) {
-			$nbtotalofrecords = $prodcustprice->fetch_all($sortfield, $sortorder, 0, 0, $filter);
+			$nbtotalofrecords = $prodcustprice->fetch_all($sortorder, $sortfield, 0, 0, $filter);
 		}
 
 		$result = $prodcustprice->fetch_all($sortorder, $sortfield, $conf->liste_limit, $offset, $filter);