diff --git a/htdocs/admin/agenda.php b/htdocs/admin/agenda.php index 3b79df6c5eb..7c7eecc84f0 100644 --- a/htdocs/admin/agenda.php +++ b/htdocs/admin/agenda.php @@ -194,6 +194,10 @@ if (!empty($triggers)) { if ($trigger['code'] == 'FICHINTER_CLASSIFY_UNBILLED' && empty($conf->global->FICHINTER_CLASSIFY_BILLED)) { continue; } + if ($trigger['code'] == 'ACTION_CREATE') { + // This is the trigger to add an event, enabling it will create infinite loop + continue; + } if ($search_event === '' || preg_match('/'.preg_quote($search_event, '/').'/i', $trigger['code'])) { print ''; diff --git a/htdocs/admin/notification.php b/htdocs/admin/notification.php index d3ad20f68b7..a7fd042969b 100644 --- a/htdocs/admin/notification.php +++ b/htdocs/admin/notification.php @@ -265,7 +265,7 @@ print load_fiche_titre($title, '', 'email'); // Load array of available notifications $notificationtrigger = new InterfaceNotification($db); $listofnotifiedevents = $notificationtrigger->getListOfManagedEvents(); - +var_dump($listofnotifiedevents); // Editing global variables not related to a specific theme $constantes = array(); foreach ($listofnotifiedevents as $notifiedevent) { @@ -427,11 +427,13 @@ foreach ($listofnotifiedevents as $notifiedevent) { } elseif ($notifiedevent['elementtype'] == 'expensereport' || $notifiedevent['elementtype'] == 'expense_report') { $elementPicto = 'expensereport'; $elementLabel = $langs->trans('ExpenseReport'); + } elseif ($notifiedevent['elementtype'] == 'agenda') { + $elementPicto = 'action'; } $labelfortrigger = 'AmountHT'; $codehasnotrigger = 0; - if (preg_match('/^HOLIDAY/', $notifiedevent['code'])) { + if (preg_match('/^(ACTION|HOLIDAY)/', $notifiedevent['code'])) { $codehasnotrigger++; } diff --git a/htdocs/admin/pdf.php b/htdocs/admin/pdf.php index f5f87877ab7..f1eb8ed1e15 100644 --- a/htdocs/admin/pdf.php +++ b/htdocs/admin/pdf.php @@ -271,9 +271,19 @@ print ''; clearstatcache(); +if (getDolGlobalString('PDF_SECURITY_ENCRYPTION')) { + print '
'; + print 'The not supported and hidden option PDF_SECURITY_ENCRYPTION has been enabled. This means a lof of feature related to PDF will be broken, like mass PDF generation or online signature of PDF.'."\n"; + print 'You should disable this option.'; + print '
'; +} + + + // Misc options print load_fiche_titre($langs->trans("DictionaryPaperFormat"), '', ''); + print '
'; print ''; print ''; diff --git a/htdocs/admin/system/security.php b/htdocs/admin/system/security.php index 10c3eecca1d..98093ef299a 100644 --- a/htdocs/admin/system/security.php +++ b/htdocs/admin/system/security.php @@ -580,11 +580,11 @@ print '
'; print 'MAIN_DOCUMENT_IS_OUTSIDE_WEBROOT_SO_NOEXE_NOT_REQUIRED = '.getDolGlobalString('MAIN_DOCUMENT_IS_OUTSIDE_WEBROOT_SO_NOEXE_NOT_REQUIRED', ''.$langs->trans("Undefined").'   ('.$langs->trans("Recommended").': '.$langs->trans("Undefined").' '.$langs->trans("or").' 0)')."
"; print '
'; -$examplecsprule = "frame-ancestors 'self'; img-src * data:; default-src 'self' 'unsafe-inline' 'unsafe-eval' *.paypal.com *.stripe.com *.google.com *.googlapis.com *.google-analytics.com *.googletagmanager.com;"; +$examplecsprule = "frame-ancestors 'self'; img-src * data:; font-src *; default-src 'self' 'unsafe-inline' 'unsafe-eval' *.paypal.com *.stripe.com *.google.com *.googleapis.com *.google-analytics.com *.googletagmanager.com;"; print 'MAIN_SECURITY_FORCECSPRO = '.getDolGlobalString('MAIN_SECURITY_FORCECSP', ''.$langs->trans("Undefined").'').'   ('.$langs->trans("Example").': "'.$examplecsprule.'")
'; print '
'; -$examplecsprule = "frame-ancestors 'self'; img-src * data:; default-src 'self' 'unsafe-inline' 'unsafe-eval' *.paypal.com *.stripe.com *.google.com *.googlapis.com *.google-analytics.com *.googletagmanager.com;"; +$examplecsprule = "frame-ancestors 'self'; img-src * data:; font-src *; default-src 'self' 'unsafe-inline' 'unsafe-eval' *.paypal.com *.stripe.com *.google.com *.googleapis.com *.google-analytics.com *.googletagmanager.com;"; print 'MAIN_SECURITY_FORCECSP = '.getDolGlobalString('MAIN_SECURITY_FORCERP', ''.$langs->trans("Undefined").'').'   ('.$langs->trans("Example").': "'.$examplecsprule.'")
'; print '
'; diff --git a/htdocs/core/ajax/fileupload.php b/htdocs/core/ajax/fileupload.php index b57e03972f1..379a2e689a3 100644 --- a/htdocs/core/ajax/fileupload.php +++ b/htdocs/core/ajax/fileupload.php @@ -45,9 +45,14 @@ error_reporting(E_ALL | E_STRICT); $fk_element = GETPOST('fk_element', 'int'); $element = GETPOST('element', 'alpha'); - $upload_handler = new FileUpload(null, $fk_element, $element); +// Feature not enabled. Warning feature not used and not secured so disabled. +if (!getDolGlobalInt('MAIN_USE_JQUERY_FILEUPLOAD')) { + return; +} + + /* * View */ diff --git a/htdocs/core/ajax/onlineSign.php b/htdocs/core/ajax/onlineSign.php index 939c5fdce32..ea5c33092ca 100644 --- a/htdocs/core/ajax/onlineSign.php +++ b/htdocs/core/ajax/onlineSign.php @@ -91,7 +91,8 @@ if (empty($SECUREKEY) || !dol_verifyHash($securekeyseed.$type.$ref.(!isModEnable top_httphead(); if ($action == "importSignature") { - if (!empty($signature) && $signature[0] == "image/png;base64") { + $issignatureok = (!empty($signature) && $signature[0] == "image/png;base64"); + if ($issignatureok) { $signature = $signature[1]; $data = base64_decode($signature); @@ -148,7 +149,6 @@ if ($action == "importSignature") { $pdf->SetCompression(false); } - //$pdf->Open(); $pagecount = $pdf->setSourceFile($sourcefile); // original PDF @@ -160,7 +160,7 @@ if ($action == "importSignature") { $pdf->AddPage($s['h'] > $s['w'] ? 'P' : 'L'); $pdf->useTemplate($tppl); } catch (Exception $e) { - dol_syslog("Error when manipulating some PDF by onlineSign: ".$e->getMessage(), LOG_ERR); + dol_syslog("Error when manipulating the PDF ".$sourcefile." by onlineSign: ".$e->getMessage(), LOG_ERR); $response = $e->getMessage(); $error++; } @@ -218,9 +218,6 @@ if ($action == "importSignature") { } if (!$error) { - $db->commit(); - $response = "success"; - setEventMessages("PropalSigned", null, 'warnings'); if (method_exists($object, 'call_trigger')) { //customer is not a user !?! so could we use same user as validation ? $user = new User($db); @@ -229,17 +226,25 @@ if ($action == "importSignature") { $result = $object->call_trigger('PROPAL_CLOSE_SIGNED', $user); if ($result < 0) { $error++; + $response = "error in trigger ".$object->error; + } else { + $response = "success"; } - $result = $object->call_trigger('PROPAL_CLOSE_SIGNED_WEB', $user); - if ($result < 0) { - $error++; - } + } else { + $response = "success"; } } else { - $db->rollback(); $error++; $response = "error sql"; } + + if (!$error) { + $db->commit(); + $response = "success"; + setEventMessages("PropalSigned", null, 'warnings'); + } else { + $db->rollback(); + } } } elseif ($mode == 'contract') { require_once DOL_DOCUMENT_ROOT.'/contrat/class/contrat.class.php'; diff --git a/htdocs/core/class/fileupload.class.php b/htdocs/core/class/fileupload.class.php index 75662d57f94..763e97a17e4 100644 --- a/htdocs/core/class/fileupload.class.php +++ b/htdocs/core/class/fileupload.class.php @@ -46,6 +46,12 @@ class FileUpload global $db, $conf; global $object; global $hookmanager; + + // Feature not enabled. Warning feature not used and not secured so disabled. + if (!getDolGlobalInt('MAIN_USE_JQUERY_FILEUPLOAD')) { + return; + } + $hookmanager->initHooks(array('fileupload')); $this->fk_element = $fk_element; @@ -238,6 +244,10 @@ class FileUpload */ protected function getFileObject($file_name) { + if (!getDolGlobalInt('MAIN_USE_JQUERY_FILEUPLOAD')) { + return; + } + $file_path = $this->options['upload_dir'].$file_name; if (is_file($file_path) && $file_name[0] !== '.') { $file = new stdClass(); @@ -278,6 +288,10 @@ class FileUpload { global $maxwidthmini, $maxheightmini; + if (!getDolGlobalInt('MAIN_USE_JQUERY_FILEUPLOAD')) { + return; + } + $file_path = $this->options['upload_dir'].$file_name; $new_file_path = $options['upload_dir'].$file_name; @@ -309,6 +323,10 @@ class FileUpload */ protected function validate($uploaded_file, $file, $error, $index) { + if (!getDolGlobalInt('MAIN_USE_JQUERY_FILEUPLOAD')) { + return; + } + if ($error) { $file->error = $error; return false; @@ -399,8 +417,8 @@ class FileUpload // Also remove control characters and spaces (\x00..\x20) around the filename: $file_name = trim(basename(stripslashes($name)), ".\x00..\x20"); // Add missing file extension for known image types: - if (strpos($file_name, '.') === false && - preg_match('/^image\/(gif|jpe?g|png)/', $type, $matches)) { + $matches = array(); + if (strpos($file_name, '.') === false && preg_match('/^image\/(gif|jpe?g|png)/', $type, $matches)) { $file_name .= '.'.$matches[1]; } if ($this->options['discard_aborted_uploads']) { @@ -424,6 +442,10 @@ class FileUpload */ protected function handleFileUpload($uploaded_file, $name, $size, $type, $error, $index) { + if (!getDolGlobalInt('MAIN_USE_JQUERY_FILEUPLOAD')) { + return; + } + $file = new stdClass(); $file->name = $this->trimFileName($name, $type, $index); $file->mime = dol_mimetype($file->name, '', 2); @@ -470,6 +492,10 @@ class FileUpload */ public function get() { + if (!getDolGlobalInt('MAIN_USE_JQUERY_FILEUPLOAD')) { + return; + } + $file_name = isset($_REQUEST['file']) ? basename(stripslashes($_REQUEST['file'])) : null; if ($file_name) { @@ -488,6 +514,10 @@ class FileUpload */ public function post() { + if (!getDolGlobalInt('MAIN_USE_JQUERY_FILEUPLOAD')) { + return; + } + if (isset($_REQUEST['_method']) && $_REQUEST['_method'] === 'DELETE') { return $this->delete(); } @@ -543,6 +573,10 @@ class FileUpload */ public function delete() { + if (!getDolGlobalInt('MAIN_USE_JQUERY_FILEUPLOAD')) { + return; + } + $file_name = isset($_REQUEST['file']) ? basename(stripslashes($_REQUEST['file'])) : null; $file_path = $this->options['upload_dir'].$file_name; diff --git a/htdocs/core/class/html.formcompany.class.php b/htdocs/core/class/html.formcompany.class.php index 91d18049070..e2a1cafcb3d 100644 --- a/htdocs/core/class/html.formcompany.class.php +++ b/htdocs/core/class/html.formcompany.class.php @@ -908,7 +908,7 @@ class FormCompany extends Form * @param string $morecss More css * @return string HTML string with prof id */ - public function get_input_id_prof($idprof, $htmlname, $preselected, $country_code, $morecss = 'maxwidth100onsmartphone quatrevingtpercent') + public function get_input_id_prof($idprof, $htmlname, $preselected, $country_code, $morecss = 'maxwidth200') { // phpcs:enable global $conf, $langs, $hookmanager; diff --git a/htdocs/core/class/html.formticket.class.php b/htdocs/core/class/html.formticket.class.php index e8187fe7290..c4548657c33 100644 --- a/htdocs/core/class/html.formticket.class.php +++ b/htdocs/core/class/html.formticket.class.php @@ -1431,7 +1431,7 @@ class FormTicket $res = $ticketstat->fetch('', '', $this->track_id); print ''; - print ''; // Recipients / adressed-to @@ -1497,8 +1497,8 @@ class FormTicket } } - if ($conf->global->TICKET_NOTIFICATION_ALSO_MAIN_ADDRESS) { - $sendto[] = $conf->global->TICKET_NOTIFICATION_EMAIL_TO.' (generic email)'; + if (getDolGlobalInt('TICKET_NOTIFICATION_ALSO_MAIN_ADDRESS')) { + $sendto[] = getDolGlobalString('TICKET_NOTIFICATION_EMAIL_TO').' (generic email)'; } // Print recipient list diff --git a/htdocs/core/class/notify.class.php b/htdocs/core/class/notify.class.php index fc562913c08..3a668d3c0c6 100644 --- a/htdocs/core/class/notify.class.php +++ b/htdocs/core/class/notify.class.php @@ -71,9 +71,7 @@ class Notify 'ORDER_VALIDATE', 'PROPAL_VALIDATE', 'PROPAL_CLOSE_SIGNED', - 'PROPAL_CLOSE_SIGNED_WEB', 'PROPAL_CLOSE_REFUSED', - 'PROPAL_CLOSE_REFUSED_WEB', 'FICHINTER_VALIDATE', 'FICHINTER_ADD_CONTACT', 'ORDER_SUPPLIER_VALIDATE', @@ -359,6 +357,7 @@ class Notify global $dolibarr_main_url_root; global $action; + // Complete the array Notify::$arrayofnotifsupported if (!is_object($hookmanager)) { include_once DOL_DOCUMENT_ROOT.'/core/class/hookmanager.class.php'; $hookmanager = new HookManager($this->db); @@ -373,13 +372,14 @@ class Notify } } + // If the trigger code is not managed by the Notification module if (!in_array($notifcode, Notify::$arrayofnotifsupported)) { return 0; } include_once DOL_DOCUMENT_ROOT.'/core/lib/files.lib.php'; - dol_syslog(get_class($this)."::send notifcode=".$notifcode.", object=".$object->id); + dol_syslog(get_class($this)."::send notifcode=".$notifcode.", object id=".$object->id); $langs->load("other"); @@ -407,7 +407,7 @@ class Notify // Check notification per third party if (!empty($object->socid) && $object->socid > 0) { $sql .= "SELECT 'tocontactid' as type_target, c.email, c.rowid as cid, c.lastname, c.firstname, c.default_lang,"; - $sql .= " a.rowid as adid, a.label, a.code, n.rowid, n.type"; + $sql .= " a.rowid as adid, a.label, a.code, n.rowid, n.threshold, n.context, n.type"; $sql .= " FROM ".$this->db->prefix()."socpeople as c,"; $sql .= " ".$this->db->prefix()."c_action_trigger as a,"; $sql .= " ".$this->db->prefix()."notify_def as n,"; @@ -427,7 +427,7 @@ class Notify // Check notification per user $sql .= "SELECT 'touserid' as type_target, c.email, c.rowid as cid, c.lastname, c.firstname, c.lang as default_lang,"; - $sql .= " a.rowid as adid, a.label, a.code, n.rowid, n.type"; + $sql .= " a.rowid as adid, a.label, a.code, n.rowid, n.threshold, n.context, n.type"; $sql .= " FROM ".$this->db->prefix()."user as c,"; $sql .= " ".$this->db->prefix()."c_action_trigger as a,"; $sql .= " ".$this->db->prefix()."notify_def as n"; @@ -439,6 +439,11 @@ class Notify $sql .= " AND a.code = '".$this->db->escape($notifcode)."'"; // New usage } + // Check notification fixed + // TODO Move part found after, into a sql here + + + // Loop on all notifications enabled $result = $this->db->query($sql); if ($result) { $num = $this->db->num_rows($result); @@ -511,13 +516,9 @@ class Notify $object_type = 'propal'; $labeltouse = $conf->global->PROPAL_CLOSE_REFUSED_TEMPLATE; $mesg = $outputlangs->transnoentitiesnoconv("EMailTextProposalClosedRefused", $link); - break; - case 'PROPAL_CLOSE_REFUSED_WEB': - $link = ''.$newref.''; - $dir_output = $conf->propal->multidir_output[$object->entity]."/".get_exdir(0, 0, 0, 1, $object, 'propal'); - $object_type = 'propal'; - $labeltouse = $conf->global->PROPAL_CLOSE_REFUSED_TEMPLATE; - $mesg = $outputlangs->transnoentitiesnoconv("EMailTextProposalClosedRefusedWeb", $link); + if (!empty($object->context['closedfromonlinesignature'])) { + $mesg .= ' - From online page'; + } break; case 'PROPAL_CLOSE_SIGNED': $link = ''.$newref.''; @@ -525,13 +526,9 @@ class Notify $object_type = 'propal'; $labeltouse = $conf->global->PROPAL_CLOSE_SIGNED_TEMPLATE; $mesg = $outputlangs->transnoentitiesnoconv("EMailTextProposalClosedSigned", $link); - break; - case 'PROPAL_CLOSE_SIGNED_WEB': - $link = ''.$newref.''; - $dir_output = $conf->propal->multidir_output[$object->entity]."/".get_exdir(0, 0, 0, 1, $object, 'propal'); - $object_type = 'propal'; - $labeltouse = $conf->global->PROPAL_CLOSE_SIGNED_TEMPLATE; - $mesg = $outputlangs->transnoentitiesnoconv("EMailTextProposalClosedSigned", $link); + if (!empty($object->context['closedfromonlinesignature'])) { + $mesg .= ' - From online page'; + } break; case 'FICHINTER_ADD_CONTACT': $link = ''.$newref.''; @@ -651,6 +648,23 @@ class Notify $labeltouse = !empty($labeltouse) ? $labeltouse : ''; + // Replace keyword __SUPERVISOREMAIL__ + if (preg_match('/__SUPERVISOREMAIL__/', $sendto)) { + $newval = ''; + if ($user->fk_user > 0) { + $supervisoruser = new User($this->db); + $supervisoruser->fetch($user->fk_user); + if ($supervisoruser->email) { + $newval = trim(dolGetFirstLastname($supervisoruser->firstname, $supervisoruser->lastname).' <'.$supervisoruser->email.'>'); + } + } + dol_syslog("Replace the __SUPERVISOREMAIL__ key into recipient email string with ".$newval); + $sendto = preg_replace('/__SUPERVISOREMAIL__/', $newval, $sendto); + $sendto = preg_replace('/,\s*,/', ',', $sendto); // in some case you can have $sendto like "email, __SUPERVISOREMAIL__ , otheremail" then you have "email, , othermail" and it's not valid + $sendto = preg_replace('/^[\s,]+/', '', $sendto); // Clean start of string + $sendto = preg_replace('/[\s,]+$/', '', $sendto); // Clean end of string + } + $parameters = array('notifcode'=>$notifcode, 'sendto'=>$sendto, 'replyto'=>$replyto, 'file'=>$filename_list, 'mimefile'=>$mimetype_list, 'filename'=>$mimefilename_list, 'outputlangs'=>$outputlangs, 'labeltouse'=>$labeltouse); if (!isset($action)) { $action = ''; @@ -721,6 +735,7 @@ class Notify } // Check notification using fixed email + // TODO Move vars NOTIFICATION_FIXEDEMAIL into table llx_notify_def and inclulde the case into previous loop of sql result if (!$error) { foreach ($conf->global as $key => $val) { $reg = array(); diff --git a/htdocs/core/modules/modPartnership.class.php b/htdocs/core/modules/modPartnership.class.php index 8e8421540c7..44ef6b527db 100644 --- a/htdocs/core/modules/modPartnership.class.php +++ b/htdocs/core/modules/modPartnership.class.php @@ -212,7 +212,7 @@ class modPartnership extends DolibarrModules // Dictionaries $this->dictionaries=array( - 'langs'=>'partnership@partnership', + 'langs'=>'partnership', // List of tables we want to see into dictonnary editor 'tabname'=>array("c_partnership_type"), // Label of tables @@ -291,7 +291,7 @@ class modPartnership extends DolibarrModules // 'leftmenu'=>'partnership', // 'url'=>'/partnership/partnership_list.php', // // Lang file to use (without .lang) by module. File must be in langs/code_CODE/ directory. - // 'langs'=>'partnership@partnership', + // 'langs'=>'partnership', // 'position'=>1100+$r, // // Define condition to show or hide menu entry. Use '$conf->partnership->enabled' if entry must be visible if module is enabled. Use '$leftmenu==\'system\'' to show if leftmenu system is selected. // 'enabled'=>'$conf->partnership->enabled', @@ -349,18 +349,18 @@ class modPartnership extends DolibarrModules $r = 1; /* BEGIN MODULEBUILDER EXPORT PARTNERSHIP */ /* - $langs->load("partnership@partnership"); + $langs->load("partnership"); $this->export_code[$r]=$this->rights_class.'_'.$r; $this->export_label[$r]='PartnershipLines'; // Translation key (used only if key ExportDataset_xxx_z not found) - $this->export_icon[$r]='partnership@partnership'; + $this->export_icon[$r]='partnership'; // Define $this->export_fields_array, $this->export_TypeFields_array and $this->export_entities_array - $keyforclass = 'Partnership'; $keyforclassfile='/partnership/class/partnership.class.php'; $keyforelement='partnership@partnership'; + $keyforclass = 'Partnership'; $keyforclassfile='/partnership/class/partnership.class.php'; $keyforelement='partnership'; include DOL_DOCUMENT_ROOT.'/core/commonfieldsinexport.inc.php'; //$this->export_fields_array[$r]['t.fieldtoadd']='FieldToAdd'; $this->export_TypeFields_array[$r]['t.fieldtoadd']='Text'; //unset($this->export_fields_array[$r]['t.fieldtoremove']); //$keyforclass = 'PartnershipLine'; $keyforclassfile='/partnership/class/partnership.class.php'; $keyforelement='partnershipline@partnership'; $keyforalias='tl'; //include DOL_DOCUMENT_ROOT.'/core/commonfieldsinexport.inc.php'; - $keyforselect='partnership'; $keyforaliasextra='extra'; $keyforelement='partnership@partnership'; + $keyforselect='partnership'; $keyforaliasextra='extra'; $keyforelement='partnership'; include DOL_DOCUMENT_ROOT.'/core/extrafieldsinexport.inc.php'; //$keyforselect='partnershipline'; $keyforaliasextra='extraline'; $keyforelement='partnershipline@partnership'; //include DOL_DOCUMENT_ROOT.'/core/extrafieldsinexport.inc.php'; @@ -380,13 +380,13 @@ class modPartnership extends DolibarrModules $r = 1; /* BEGIN MODULEBUILDER IMPORT PARTNERSHIP */ /* - $langs->load("partnership@partnership"); + $langs->load("partnership"); $this->export_code[$r]=$this->rights_class.'_'.$r; $this->export_label[$r]='PartnershipLines'; // Translation key (used only if key ExportDataset_xxx_z not found) - $this->export_icon[$r]='partnership@partnership'; - $keyforclass = 'Partnership'; $keyforclassfile='/partnership/class/partnership.class.php'; $keyforelement='partnership@partnership'; + $this->export_icon[$r]='partnership'; + $keyforclass = 'Partnership'; $keyforclassfile='/partnership/class/partnership.class.php'; $keyforelement='partnership'; include DOL_DOCUMENT_ROOT.'/core/commonfieldsinexport.inc.php'; - $keyforselect='partnership'; $keyforaliasextra='extra'; $keyforelement='partnership@partnership'; + $keyforselect='partnership'; $keyforaliasextra='extra'; $keyforelement='partnership'; include DOL_DOCUMENT_ROOT.'/core/extrafieldsinexport.inc.php'; //$this->export_dependencies_array[$r]=array('mysubobject'=>'ts.rowid', 't.myfield'=>array('t.myfield2','t.myfield3')); // To force to activate one or several fields if we select some fields that need same (like to select a unique key if we ask a field of a child to avoid the DISTINCT to discard them, or for computed field than need several other fields) $this->export_sql_start[$r]='SELECT DISTINCT '; @@ -417,11 +417,11 @@ class modPartnership extends DolibarrModules // Create extrafields during init //include_once DOL_DOCUMENT_ROOT.'/core/class/extrafields.class.php'; //$extrafields = new ExtraFields($this->db); - //$result1=$extrafields->addExtraField('partnership_myattr1', "New Attr 1 label", 'boolean', 1, 3, 'thirdparty', 0, 0, '', '', 1, '', 0, 0, '', '', 'partnership@partnership', '$conf->partnership->enabled'); - //$result2=$extrafields->addExtraField('partnership_myattr2', "New Attr 2 label", 'varchar', 1, 10, 'project', 0, 0, '', '', 1, '', 0, 0, '', '', 'partnership@partnership', '$conf->partnership->enabled'); - //$result3=$extrafields->addExtraField('partnership_myattr3', "New Attr 3 label", 'varchar', 1, 10, 'bank_account', 0, 0, '', '', 1, '', 0, 0, '', '', 'partnership@partnership', '$conf->partnership->enabled'); - //$result4=$extrafields->addExtraField('partnership_myattr4', "New Attr 4 label", 'select', 1, 3, 'thirdparty', 0, 1, '', array('options'=>array('code1'=>'Val1','code2'=>'Val2','code3'=>'Val3')), 1,'', 0, 0, '', '', 'partnership@partnership', '$conf->partnership->enabled'); - //$result5=$extrafields->addExtraField('partnership_myattr5', "New Attr 5 label", 'text', 1, 10, 'user', 0, 0, '', '', 1, '', 0, 0, '', '', 'partnership@partnership', '$conf->partnership->enabled'); + //$result1=$extrafields->addExtraField('partnership_myattr1', "New Attr 1 label", 'boolean', 1, 3, 'thirdparty', 0, 0, '', '', 1, '', 0, 0, '', '', 'partnership', '$conf->partnership->enabled'); + //$result2=$extrafields->addExtraField('partnership_myattr2', "New Attr 2 label", 'varchar', 1, 10, 'project', 0, 0, '', '', 1, '', 0, 0, '', '', 'partnership', '$conf->partnership->enabled'); + //$result3=$extrafields->addExtraField('partnership_myattr3', "New Attr 3 label", 'varchar', 1, 10, 'bank_account', 0, 0, '', '', 1, '', 0, 0, '', '', 'partnership', '$conf->partnership->enabled'); + //$result4=$extrafields->addExtraField('partnership_myattr4', "New Attr 4 label", 'select', 1, 3, 'thirdparty', 0, 1, '', array('options'=>array('code1'=>'Val1','code2'=>'Val2','code3'=>'Val3')), 1,'', 0, 0, '', '', 'partnership', '$conf->partnership->enabled'); + //$result5=$extrafields->addExtraField('partnership_myattr5', "New Attr 5 label", 'text', 1, 10, 'user', 0, 0, '', '', 1, '', 0, 0, '', '', 'partnership', '$conf->partnership->enabled'); // Permissions $this->remove($options); diff --git a/htdocs/core/triggers/interface_20_modWorkflow_WorkflowManager.class.php b/htdocs/core/triggers/interface_20_modWorkflow_WorkflowManager.class.php index b6bd9bb73a8..f85a26697b7 100644 --- a/htdocs/core/triggers/interface_20_modWorkflow_WorkflowManager.class.php +++ b/htdocs/core/triggers/interface_20_modWorkflow_WorkflowManager.class.php @@ -75,7 +75,10 @@ class InterfaceWorkflowManager extends DolibarrTriggers if (isModEnabled('commande') && !empty($conf->global->WORKFLOW_PROPAL_AUTOCREATE_ORDER)) { $object->fetchObjectLinked(); if (!empty($object->linkedObjectsIds['commande'])) { - setEventMessages($langs->trans("OrderExists"), null, 'warnings'); + if (empty($object->context['closedfromonlinesignature'])) { + $langs->load("orders"); + setEventMessages($langs->trans("OrderExists"), null, 'warnings'); + } return $ret; } else { include_once DOL_DOCUMENT_ROOT.'/commande/class/commande.class.php'; diff --git a/htdocs/core/triggers/interface_50_modAgenda_ActionsAuto.class.php b/htdocs/core/triggers/interface_50_modAgenda_ActionsAuto.class.php index de46c09d3a2..71e0d18fc99 100644 --- a/htdocs/core/triggers/interface_50_modAgenda_ActionsAuto.class.php +++ b/htdocs/core/triggers/interface_50_modAgenda_ActionsAuto.class.php @@ -992,6 +992,8 @@ class InterfaceActionsAuto extends DolibarrTriggers $object->trackid = 'sub'.$object->id; } elseif (preg_match('/^MEMBER_/', $action)) { $object->trackid = 'mem'.$object->id; + } elseif (preg_match('/^PARTNERSHIP_/', $action)) { + $object->trackid = 'pship'.$object->id; } elseif (preg_match('/^PROJECT_/', $action)) { $object->trackid = 'proj'.$object->id; } elseif (preg_match('/^TASK_/', $action)) { @@ -1090,7 +1092,7 @@ class InterfaceActionsAuto extends DolibarrTriggers $actioncomm->errors_to = empty($object->errors_to) ? null : $object->errors_to; } - // Object linked (if link is for thirdparty, contact, project it is a recording error. We should not have links in link table + // Object linked (if link is for thirdparty, contact or project, it is a recording error. We should not have links in link table // for such objects because there is already a dedicated field into table llx_actioncomm or llx_actioncomm_resources. if (!in_array($elementtype, array('societe', 'contact', 'project'))) { $actioncomm->fk_element = $elementid; diff --git a/htdocs/core/triggers/interface_50_modNotification_Notification.class.php b/htdocs/core/triggers/interface_50_modNotification_Notification.class.php index f25aabee871..bc10b6cf0ee 100644 --- a/htdocs/core/triggers/interface_50_modNotification_Notification.class.php +++ b/htdocs/core/triggers/interface_50_modNotification_Notification.class.php @@ -45,7 +45,7 @@ class InterfaceNotification extends DolibarrTriggers $this->name = preg_replace('/^Interface/i', '', get_class($this)); $this->family = "notification"; - $this->description = "Triggers of this module send email notifications according to Notification module setup."; + $this->description = "Triggers of this module send Email notifications according to Notification module setup."; // 'development', 'experimental', 'dolibarr' or version $this->version = self::VERSION_DOLIBARR; $this->picto = 'email'; @@ -70,6 +70,7 @@ class InterfaceNotification extends DolibarrTriggers return 0; // Module not active, we do nothing } + // If the trigger code is not managed by the Notification module if (!in_array($action, $this->listofmanagedevents)) { return 0; } @@ -112,7 +113,7 @@ class InterfaceNotification extends DolibarrTriggers $ret = array(); - $sql = "SELECT rowid, code, label, description, elementtype"; + $sql = "SELECT rowid, code, contexts, label, description, elementtype"; $sql .= " FROM ".MAIN_DB_PREFIX."c_action_trigger"; $sql .= $this->db->order("rang, elementtype, code"); @@ -153,7 +154,7 @@ class InterfaceNotification extends DolibarrTriggers } if ($qualified) { - $ret[] = array('rowid'=>$obj->rowid, 'code'=>$obj->code, 'label'=>$obj->label, 'description'=>$obj->description, 'elementtype'=>$obj->elementtype); + $ret[] = array('rowid'=>$obj->rowid, 'code'=>$obj->code, 'contexts'=>$obj->contexts, 'label'=>$obj->label, 'description'=>$obj->description, 'elementtype'=>$obj->elementtype); } $i++; diff --git a/htdocs/core/website.inc.php b/htdocs/core/website.inc.php index b934f333b1a..d9fe10c8868 100644 --- a/htdocs/core/website.inc.php +++ b/htdocs/core/website.inc.php @@ -117,8 +117,8 @@ if (!defined('USEDOLIBARRSERVER') && !defined('USEDOLIBARREDITOR')) { // Pre-existing site that uses too much js code to fix but wants to ensure resources are loaded only over https and disable plugins: // default-src https: 'unsafe-inline' 'unsafe-eval'; object-src 'none' // - // $contentsecuritypolicy = "frame-ancestors 'self'; img-src * data:; default-src 'self' 'unsafe-inline' 'unsafe-eval' *.paypal.com *.stripe.com *.google.com *.googlapis.com *.google-analytics.com *.googletagmanager.com;"; - // $contentsecuritypolicy = "frame-ancestors 'self'; img-src * data:; default-src *; script-src 'self' 'unsafe-inline' *.paypal.com *.stripe.com *.google.com *.googlapis.com *.google-analytics.com *.googletagmanager.com; style-src 'self' 'unsafe-inline'; connect-src 'self';"; + // $contentsecuritypolicy = "frame-ancestors 'self'; img-src * data:; font-src *; default-src 'self' 'unsafe-inline' 'unsafe-eval' *.paypal.com *.stripe.com *.google.com *.googleapis.com *.google-analytics.com *.googletagmanager.com;"; + // $contentsecuritypolicy = "frame-ancestors 'self'; img-src * data:; font-src *; default-src *; script-src 'self' 'unsafe-inline' *.paypal.com *.stripe.com *.google.com *.googleapis.com *.google-analytics.com *.googletagmanager.com; style-src 'self' 'unsafe-inline'; connect-src 'self';"; $contentsecuritypolicy = getDolGlobalString('WEBSITE_MAIN_SECURITY_FORCECSPRO'); if (!is_object($hookmanager)) { @@ -149,8 +149,8 @@ if (!defined('USEDOLIBARRSERVER') && !defined('USEDOLIBARREDITOR')) { // Pre-existing site that uses too much js code to fix but wants to ensure resources are loaded only over https and disable plugins: // default-src https: 'unsafe-inline' 'unsafe-eval'; object-src 'none' // - // $contentsecuritypolicy = "frame-ancestors 'self'; img-src * data:; default-src 'self' 'unsafe-inline' 'unsafe-eval' *.paypal.com *.stripe.com *.google.com *.googlapis.com *.google-analytics.com *.googletagmanager.com;"; - // $contentsecuritypolicy = "frame-ancestors 'self'; img-src * data:; default-src *; script-src 'self' 'unsafe-inline' *.paypal.com *.stripe.com *.google.com *.googlapis.com *.google-analytics.com *.googletagmanager.com; style-src 'self' 'unsafe-inline'; connect-src 'self';"; + // $contentsecuritypolicy = "frame-ancestors 'self'; img-src * data:; font-src *; default-src 'self' 'unsafe-inline' 'unsafe-eval' *.paypal.com *.stripe.com *.google.com *.googleapis.com *.google-analytics.com *.googletagmanager.com;"; + // $contentsecuritypolicy = "frame-ancestors 'self'; img-src * data:; font-src *; default-src *; script-src 'self' 'unsafe-inline' *.paypal.com *.stripe.com *.google.com *.googleapis.com *.google-analytics.com *.googletagmanager.com; style-src 'self' 'unsafe-inline'; connect-src 'self';"; $contentsecuritypolicy = getDolGlobalString('WEBSITE_MAIN_SECURITY_FORCECSP'); if (!is_object($hookmanager)) { diff --git a/htdocs/includes/tcpdi/tcpdi.php b/htdocs/includes/tcpdi/tcpdi.php index aaa1d70c095..9e87ac2f221 100644 --- a/htdocs/includes/tcpdi/tcpdi.php +++ b/htdocs/includes/tcpdi/tcpdi.php @@ -333,7 +333,7 @@ class TCPDI extends FPDF_TPL { break; } } - } elseif ($tpl['x'] != 0 || $tpl['y'] != 0) { + } elseif (!empty($tpl['x']) || !empty($tpl['y'])) { $tx = -$tpl['x'] * 2; $ty = $tpl['y'] * 2; } diff --git a/htdocs/install/mysql/data/llx_c_action_trigger.sql b/htdocs/install/mysql/data/llx_c_action_trigger.sql index 98fa2523a3f..0216d567591 100644 --- a/htdocs/install/mysql/data/llx_c_action_trigger.sql +++ b/htdocs/install/mysql/data/llx_c_action_trigger.sql @@ -43,9 +43,7 @@ insert into llx_c_action_trigger (code,label,description,elementtype,rang) value insert into llx_c_action_trigger (code,label,description,elementtype,rang) values ('PROPAL_MODIFY','Customer proposal modified','Executed when a customer proposal is modified','propal',2); insert into llx_c_action_trigger (code,label,description,elementtype,rang) values ('PROPAL_SENTBYMAIL','Commercial proposal sent by mail','Executed when a commercial proposal is sent by mail','propal',3); insert into llx_c_action_trigger (code,label,description,elementtype,rang) values ('PROPAL_CLOSE_SIGNED','Customer proposal closed signed','Executed when a customer proposal is closed signed','propal',2); -insert into llx_c_action_trigger (code,label,description,elementtype,rang) values ('PROPAL_CLOSE_SIGNED_WEB','Customer proposal closed signed on portal','Executed when a customer proposal is closed signed on portal','propal',2); insert into llx_c_action_trigger (code,label,description,elementtype,rang) values ('PROPAL_CLOSE_REFUSED','Customer proposal closed refused','Executed when a customer proposal is closed refused','propal',2); -insert into llx_c_action_trigger (code,label,description,elementtype,rang) values ('PROPAL_CLOSE_REFUSED_WEB','Customer proposal closed refused on portal','Executed when a customer proposal is closed refused on portal','propal',2); insert into llx_c_action_trigger (code,label,description,elementtype,rang) values ('PROPAL_CLASSIFY_BILLED','Customer proposal set billed','Executed when a customer proposal is set to billed','propal',2); insert into llx_c_action_trigger (code,label,description,elementtype,rang) values ('PROPAL_DELETE','Customer proposal deleted','Executed when a customer proposal is deleted','propal',2); insert into llx_c_action_trigger (code,label,description,elementtype,rang) values ('ORDER_VALIDATE','Customer order validate','Executed when a customer order is validated','commande',4); @@ -153,6 +151,8 @@ insert into llx_c_action_trigger (code,label,description,elementtype,rang) value insert into llx_c_action_trigger (code,label,description,elementtype,rang) values ('CONTACT_MODIFY','Contact address update','Executed when a contact is updated','contact',51); insert into llx_c_action_trigger (code,label,description,elementtype,rang) values ('CONTACT_SENTBYMAIL','Mails sent from third party card','Executed when you send email from contact address record','contact',52); insert into llx_c_action_trigger (code,label,description,elementtype,rang) values ('CONTACT_DELETE','Contact address deleted','Executed when a contact is deleted','contact',53); + +-- recruitment module insert into llx_c_action_trigger (code,label,description,elementtype,rang) values ('RECRUITMENTJOBPOSITION_CREATE','Job created','Executed when a job is created','recruitment',7500); insert into llx_c_action_trigger (code,label,description,elementtype,rang) values ('RECRUITMENTJOBPOSITION_MODIFY','Job modified','Executed when a job is modified','recruitment',7502); insert into llx_c_action_trigger (code,label,description,elementtype,rang) values ('RECRUITMENTJOBPOSITION_SENTBYMAIL','Mails sent from job record','Executed when you send email from job record','recruitment',7504); @@ -181,3 +181,10 @@ insert into llx_c_action_trigger (code,label,description,elementtype,rang) value insert into llx_c_action_trigger (code,label,description,elementtype,rang) values ('BILLREC_MODIFY','Template invoices update','Executed when a Template invoices is updated','facturerec',901); insert into llx_c_action_trigger (code,label,description,elementtype,rang) values ('BILLREC_DELETE','Template invoices deleted','Executed when a Template invoices is deleted','facturerec',902); insert into llx_c_action_trigger (code,label,description,elementtype,rang) values ('BILLREC_AUTOCREATEBILL','Template invoices use to create invoices with auto batch','Executed when a Template invoices is use to create invoice with auto batch','facturerec',903); + +-- partnership module +insert into llx_c_action_trigger (code,label,description,elementtype,rang) values ('PARTNERSHIP_CREATE','Partnership created','Executed when a partnership is created','partnership',58000); +insert into llx_c_action_trigger (code,label,description,elementtype,rang) values ('PARTNERSHIP_MODIFY','Partnership modified','Executed when a partnership is modified','partnership',58002); +insert into llx_c_action_trigger (code,label,description,elementtype,rang) values ('PARTNERSHIP_SENTBYMAIL','Mails sent from partnership file','Executed when you send email from partnership file','partnership',58004); +insert into llx_c_action_trigger (code,label,description,elementtype,rang) values ('PARTNERSHIP_DELETE','Partnership deleted','Executed when a partnership is deleted','partnership',58006); + diff --git a/htdocs/install/mysql/migration/16.0.0-17.0.0.sql b/htdocs/install/mysql/migration/16.0.0-17.0.0.sql index ed7bf8756a7..4ec2e7228b2 100644 --- a/htdocs/install/mysql/migration/16.0.0-17.0.0.sql +++ b/htdocs/install/mysql/migration/16.0.0-17.0.0.sql @@ -64,6 +64,7 @@ ALTER TABLE llx_actioncomm ADD INDEX idx_actioncomm_percent (percent); UPDATE llx_c_paiement SET code = 'BANCON' WHERE code = 'BAN' AND libelle = 'Bancontact'; +ALTER TABLE llx_partnership DROP FOREIGN KEY llx_partnership_fk_user_creat; -- VMYSQL4.3 ALTER TABLE llx_partnership MODIFY COLUMN fk_user_creat integer NULL; -- VPGSQL8.2 ALTER TABLE llx_partnership ALTER COLUMN fk_user_creat DROP NOT NULL; @@ -241,9 +242,7 @@ insert into llx_c_action_trigger (code,label,description,elementtype,rang) value insert into llx_c_action_trigger (code,label,description,elementtype,rang) values ('PROPAL_MODIFY','Customer proposal modified','Executed when a customer proposal is modified','propal',2); insert into llx_c_action_trigger (code,label,description,elementtype,rang) values ('PROPAL_SENTBYMAIL','Commercial proposal sent by mail','Executed when a commercial proposal is sent by mail','propal',3); insert into llx_c_action_trigger (code,label,description,elementtype,rang) values ('PROPAL_CLOSE_SIGNED','Customer proposal closed signed','Executed when a customer proposal is closed signed','propal',2); -insert into llx_c_action_trigger (code,label,description,elementtype,rang) values ('PROPAL_CLOSE_SIGNED_WEB','Customer proposal closed signed on portal','Executed when a customer proposal is closed signed on portal','propal',2); insert into llx_c_action_trigger (code,label,description,elementtype,rang) values ('PROPAL_CLOSE_REFUSED','Customer proposal closed refused','Executed when a customer proposal is closed refused','propal',2); -insert into llx_c_action_trigger (code,label,description,elementtype,rang) values ('PROPAL_CLOSE_REFUSED_WEB','Customer proposal closed refused on portal','Executed when a customer proposal is closed refused on portal','propal',2); insert into llx_c_action_trigger (code,label,description,elementtype,rang) values ('PROPAL_CLASSIFY_BILLED','Customer proposal set billed','Executed when a customer proposal is set to billed','propal',2); insert into llx_c_action_trigger (code,label,description,elementtype,rang) values ('PROPAL_DELETE','Customer proposal deleted','Executed when a customer proposal is deleted','propal',2); insert into llx_c_action_trigger (code,label,description,elementtype,rang) values ('ORDER_VALIDATE','Customer order validate','Executed when a customer order is validated','commande',4); diff --git a/htdocs/install/mysql/migration/17.0.0-18.0.0.sql b/htdocs/install/mysql/migration/17.0.0-18.0.0.sql index 9c2643688dd..718863849a6 100644 --- a/htdocs/install/mysql/migration/17.0.0-18.0.0.sql +++ b/htdocs/install/mysql/migration/17.0.0-18.0.0.sql @@ -45,6 +45,12 @@ ALTER TABLE llx_facture_fourn_det MODIFY COLUMN ref varchar(128); -- v18 +ALTER TABLE llx_notify_def ADD COLUMN email varchar(255); +ALTER TABLE llx_notify_def ADD COLUMN threshold double(24,8); +ALTER TABLE llx_notify_def ADD COLUMN context varchar(128); + +ALTER TABLE llx_c_action_trigger ADD COLUMN contexts varchar(255) NULL; + insert into llx_c_action_trigger (code,label,description,elementtype,rang) values ('PROJECT_CLOSE','Project closed','Executed when a project is closed','project',145); -- amount was removed in v12 diff --git a/htdocs/install/mysql/tables/llx_c_action_trigger.sql b/htdocs/install/mysql/tables/llx_c_action_trigger.sql index be1c8580541..e20ec7fdd6e 100644 --- a/htdocs/install/mysql/tables/llx_c_action_trigger.sql +++ b/htdocs/install/mysql/tables/llx_c_action_trigger.sql @@ -24,6 +24,7 @@ create table llx_c_action_trigger rowid integer AUTO_INCREMENT PRIMARY KEY, elementtype varchar(64) NOT NULL, code varchar(128) NOT NULL, + contexts varchar(255) NULL, -- list of possible contexts when ther is different context of trigger label varchar(128) NOT NULL, description varchar(255), rang integer DEFAULT 0 diff --git a/htdocs/install/mysql/tables/llx_notify_def.sql b/htdocs/install/mysql/tables/llx_notify_def.sql index aed10027347..65274cad266 100644 --- a/htdocs/install/mysql/tables/llx_notify_def.sql +++ b/htdocs/install/mysql/tables/llx_notify_def.sql @@ -27,5 +27,8 @@ create table llx_notify_def fk_soc integer, fk_contact integer, fk_user integer, + email varchar(255), -- for fixed email notif + threshold double(24,8), -- threshold on an amount to qualify the notification + context varchar(128), -- only for a particular contet type varchar(16) DEFAULT 'email' -- 'browser', 'email', 'sms', 'webservice', ... )ENGINE=innodb; diff --git a/htdocs/langs/en_US/other.lang b/htdocs/langs/en_US/other.lang index 3d92fe4f69b..b03d35a68da 100644 --- a/htdocs/langs/en_US/other.lang +++ b/htdocs/langs/en_US/other.lang @@ -46,9 +46,7 @@ Notify_ORDER_SUPPLIER_APPROVE=Purchase order approved Notify_ORDER_SUPPLIER_REFUSE=Purchase order refused Notify_PROPAL_VALIDATE=Customer proposal validated Notify_PROPAL_CLOSE_SIGNED=Customer proposal closed signed -Notify_PROPAL_CLOSE_SIGNED_WEB=Customer proposal closed signed on portal page Notify_PROPAL_CLOSE_REFUSED=Customer proposal closed refused -Notify_PROPAL_CLOSE_REFUSED_WEB=Customer proposal closed refused on portal page Notify_PROPAL_SENTBYMAIL=Commercial proposal sent by mail Notify_WITHDRAW_TRANSMIT=Transmission withdrawal Notify_WITHDRAW_CREDIT=Credit withdrawal diff --git a/htdocs/langs/en_US/partnership.lang b/htdocs/langs/en_US/partnership.lang index f4ea73a1a8f..105456dc719 100644 --- a/htdocs/langs/en_US/partnership.lang +++ b/htdocs/langs/en_US/partnership.lang @@ -93,4 +93,5 @@ ReasonDeclineOrCancel=Reason for declining or canceling NewPartnershipRequest=New partnership request NewPartnershipRequestDesc=This form allows you to request to be part of one of our partnership program. If you need help to fill this form, please contact by email %s. +ThisUrlMustContainsAtLeastOneLinkToWebsite=This page must contains at least one link to one of the following domain: %s diff --git a/htdocs/main.inc.php b/htdocs/main.inc.php index b287a595e71..2ba86f7d319 100644 --- a/htdocs/main.inc.php +++ b/htdocs/main.inc.php @@ -1504,8 +1504,8 @@ function top_httphead($contenttype = 'text/html', $forcenocache = 0) // Pre-existing site that uses too much js code to fix but wants to ensure resources are loaded only over https and disable plugins: // default-src https: 'unsafe-inline' 'unsafe-eval'; object-src 'none' // - // $contentsecuritypolicy = "frame-ancestors 'self'; img-src * data:; default-src 'self' 'unsafe-inline' 'unsafe-eval' *.paypal.com *.stripe.com *.google.com *.googlapis.com *.google-analytics.com *.googletagmanager.com;"; - // $contentsecuritypolicy = "frame-ancestors 'self'; img-src * data:; default-src *; script-src 'self' 'unsafe-inline' *.paypal.com *.stripe.com *.google.com *.googlapis.com *.google-analytics.com *.googletagmanager.com; style-src 'self' 'unsafe-inline'; connect-src 'self';"; + // $contentsecuritypolicy = "frame-ancestors 'self'; img-src * data:; font-src *; default-src 'self' 'unsafe-inline' 'unsafe-eval' *.paypal.com *.stripe.com *.google.com *.googleapis.com *.google-analytics.com *.googletagmanager.com;"; + // $contentsecuritypolicy = "frame-ancestors 'self'; img-src * data:; font-src *; default-src *; script-src 'self' 'unsafe-inline' *.paypal.com *.stripe.com *.google.com *.googleapis.com *.google-analytics.com *.googletagmanager.com; style-src 'self' 'unsafe-inline'; connect-src 'self';"; $contentsecuritypolicy = getDolGlobalString('MAIN_SECURITY_FORCECSPRO'); if (!is_object($hookmanager)) { @@ -1541,8 +1541,8 @@ function top_httphead($contenttype = 'text/html', $forcenocache = 0) // Pre-existing site that uses too much js code to fix but wants to ensure resources are loaded only over https and disable plugins: // default-src https: 'unsafe-inline' 'unsafe-eval'; object-src 'none' // - // $contentsecuritypolicy = "frame-ancestors 'self'; img-src * data:; default-src 'self' 'unsafe-inline' 'unsafe-eval' *.paypal.com *.stripe.com *.google.com *.googlapis.com *.google-analytics.com *.googletagmanager.com;"; - // $contentsecuritypolicy = "frame-ancestors 'self'; img-src * data:; default-src *; script-src 'self' 'unsafe-inline' *.paypal.com *.stripe.com *.google.com *.googlapis.com *.google-analytics.com *.googletagmanager.com; style-src 'self' 'unsafe-inline'; connect-src 'self';"; + // $contentsecuritypolicy = "frame-ancestors 'self'; img-src * data:; font-src *; default-src 'self' 'unsafe-inline' 'unsafe-eval' *.paypal.com *.stripe.com *.google.com *.googleapis.com *.google-analytics.com *.googletagmanager.com;"; + // $contentsecuritypolicy = "frame-ancestors 'self'; img-src * data:; font-src *; default-src *; script-src 'self' 'unsafe-inline' *.paypal.com *.stripe.com *.google.com *.googleapis.com *.google-analytics.com *.googletagmanager.com; style-src 'self' 'unsafe-inline'; connect-src 'self';"; $contentsecuritypolicy = getDolGlobalString('MAIN_SECURITY_FORCECSP'); if (!is_object($hookmanager)) { diff --git a/htdocs/modulebuilder/template/myobject_card.php b/htdocs/modulebuilder/template/myobject_card.php index b66848a7e06..c6cf1b43c26 100644 --- a/htdocs/modulebuilder/template/myobject_card.php +++ b/htdocs/modulebuilder/template/myobject_card.php @@ -521,7 +521,7 @@ if ($object->id > 0 && (empty($action) || ($action != 'edit' && $action != 'crea if (empty($reshook)) { // Send if (empty($user->socid)) { - print dolGetButtonAction('', $langs->trans('SendMail'), 'default', $_SERVER["PHP_SELF"].'?id='.$object->id.'&action=presend&mode=init&token='.newToken().'#formmailbeforetitle'); + print dolGetButtonAction('', $langs->trans('SendMail'), 'default', $_SERVER["PHP_SELF"].'?id='.$object->id.'&action=presend&token='.newToken().'&mode=init#formmailbeforetitle'); } // Back to draft diff --git a/htdocs/partnership/admin/about.php b/htdocs/partnership/admin/about.php deleted file mode 100644 index 47423bf4709..00000000000 --- a/htdocs/partnership/admin/about.php +++ /dev/null @@ -1,74 +0,0 @@ - - * Copyright (C) 2021 Dorian Laurent - * - * This program is free software: you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation, either version 3 of the License, or - * (at your option) any later version. - * - * This program is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program. If not, see . - */ - -/** - * \file partnership/admin/about.php - * \ingroup partnership - * \brief About page of module Partnership. - */ - -// Load Dolibarr environment -require '../../main.inc.php'; -require_once DOL_DOCUMENT_ROOT.'/core/lib/admin.lib.php'; -require_once DOL_DOCUMENT_ROOT.'/core/lib/functions2.lib.php'; -require_once '../lib/partnership.lib.php'; - -// Translations -$langs->loadLangs(array("errors", "admin", "partnership@partnership")); - -// Access control -if (!$user->admin) { - accessforbidden(); -} - -// Parameters -$action = GETPOST('action', 'aZ09'); -$backtopage = GETPOST('backtopage', 'alpha'); - - -/* - * Actions - */ - - -/* - * View - */ - -$form = new Form($db); - -$page_name = "PartnershipAbout"; -llxHeader('', $langs->trans($page_name)); - -// Subheader -$linkback = ''.$langs->trans("BackToModuleList").''; - -print load_fiche_titre($langs->trans($page_name), $linkback, 'title_setup'); - -// Configuration header -$head = partnershipAdminPrepareHead(); -print dol_get_fiche_head($head, 'about', '', 0, 'partnership@partnership'); - -require_once DOL_DOCUMENT_ROOT.'/core/modules/modPartnership.class.php'; -$tmpmodule = new modPartnership($db); -print $tmpmodule->getDescLong(); - -// Page end -print dol_get_fiche_end(); -llxFooter(); -$db->close(); diff --git a/htdocs/partnership/class/partnership.class.php b/htdocs/partnership/class/partnership.class.php index 6a5f4623618..fcec2935103 100644 --- a/htdocs/partnership/class/partnership.class.php +++ b/htdocs/partnership/class/partnership.class.php @@ -555,6 +555,9 @@ class Partnership extends CommonObject $this->error[] = "ErrorThirpdartyOrMemberidIsMandatory"; return -1; } + if (empty($this->fk_user_creat)) { // For the case the object was created with empty user (from public page). + $this->fk_user_creat = $user->id; + } return $this->updateCommon($user, $notrigger); } diff --git a/htdocs/partnership/partnership_card.php b/htdocs/partnership/partnership_card.php index b544ad94fc7..7679b63da09 100644 --- a/htdocs/partnership/partnership_card.php +++ b/htdocs/partnership/partnership_card.php @@ -39,10 +39,11 @@ $ref = GETPOST('ref', 'alpha'); $action = GETPOST('action', 'aZ09'); $confirm = GETPOST('confirm', 'alpha'); $cancel = GETPOST('cancel', 'aZ09'); -$contextpage = GETPOST('contextpage', 'aZ') ? GETPOST('contextpage', 'aZ') : 'partnershipcard'; // To manage different context of search +$contextpage = GETPOST('contextpage', 'aZ') ? GETPOST('contextpage', 'aZ') : str_replace('_', '', basename(dirname(__FILE__)).basename(__FILE__, '.php')); // To manage different context of search $backtopage = GETPOST('backtopage', 'alpha'); $backtopageforcancel = GETPOST('backtopageforcancel', 'alpha'); $lineid = GETPOST('lineid', 'int'); +$dol_openinpopup = GETPOST('dol_openinpopup', 'aZ09'); // Initialize technical objects $object = new Partnership($db); @@ -73,20 +74,25 @@ if (empty($action) && empty($id) && empty($ref)) { include DOL_DOCUMENT_ROOT.'/core/actions_fetchobject.inc.php'; // Must be include, not include_once. -$permissiontoread = $user->rights->partnership->read; -$permissiontoadd = $user->rights->partnership->write; // Used by the include of actions_addupdatedelete.inc.php and actions_lineupdown.inc.php -$permissiontodelete = $user->rights->partnership->delete || ($permissiontoadd && isset($object->status) && $object->status == $object::STATUS_DRAFT); -$permissionnote = $user->rights->partnership->write; // Used by the include of actions_setnotes.inc.php -$permissiondellink = $user->rights->partnership->write; // Used by the include of actions_dellink.inc.php +$permissiontoread = $user->hasRight('partnership', 'read'); +$permissiontoadd = $user->hasRight('partnership', 'write'); // Used by the include of actions_addupdatedelete.inc.php and actions_lineupdown.inc.php +$permissiontodelete = $user->hasRight('partnership', 'delete') || ($permissiontoadd && isset($object->status) && $object->status == $object::STATUS_DRAFT); +$permissionnote = $user->hasRight('partnership', 'write'); // Used by the include of actions_setnotes.inc.php +$permissiondellink = $user->hasRight('partnership', 'write'); // Used by the include of actions_dellink.inc.php $upload_dir = $conf->partnership->multidir_output[isset($object->entity) ? $object->entity : 1]; $managedfor = getDolGlobalString('PARTNERSHIP_IS_MANAGED_FOR', 'thirdparty'); -// Security check - Protection if external user +// Security check (enable the most restrictive one) //if ($user->socid > 0) accessforbidden(); //if ($user->socid > 0) $socid = $user->socid; -//$result = restrictedArea($user, 'partnership', $object->id); -if (empty($conf->partnership->enabled)) accessforbidden(); -if (empty($permissiontoread)) accessforbidden(); +//$isdraft = (isset($object->status) && ($object->status == $object::STATUS_DRAFT) ? 1 : 0); +//restrictedArea($user, $object->module, $object->id, $object->table_element, $object->element, 'fk_soc', 'rowid', $isdraft); +if (!isModEnabled('partnership')) { + accessforbidden(); +} +if (!$permissiontoread) { + accessforbidden(); +} if ($object->id > 0 && !($object->fk_member > 0) && $managedfor == 'member') accessforbidden(); if ($object->id > 0 && !($object->fk_soc > 0) && $managedfor == 'thirdparty') accessforbidden(); @@ -119,11 +125,11 @@ if (empty($reshook)) { $fk_partner = ($managedfor == 'member') ? GETPOST('fk_member', 'int') : GETPOST('fk_soc', 'int'); $obj_partner = ($managedfor == 'member') ? $object->fk_member : $object->fk_soc; + $triggermodname = 'PARTNERSHIP_MODIFY'; // Name of trigger action code to execute when we modify record + // Actions cancel, add, update, update_extras, confirm_validate, confirm_delete, confirm_deleteline, confirm_clone, confirm_close, confirm_setdraft, confirm_reopen include DOL_DOCUMENT_ROOT.'/core/actions_addupdatedelete.inc.php'; - $triggermodname = 'PARTNERSHIP_MODIFY'; // Name of trigger action code to execute when we modify record - // Action accept object if ($action == 'confirm_validate' && $confirm == 'yes' && $permissiontoadd) { $result = $object->validate($user); @@ -264,6 +270,10 @@ llxHeader('', $title, $help_url); // Part to create if ($action == 'create') { + if (empty($permissiontoadd)) { + accessforbidden('NotEnoughPermissions', 0, 1); + } + print load_fiche_titre($langs->trans("NewPartnership"), '', 'object_'.$object->picto); print '
'; @@ -333,9 +343,8 @@ if (($id || $ref) && $action == 'edit') { // Part to show record if ($object->id > 0 && (empty($action) || ($action != 'edit' && $action != 'create'))) { - $res = $object->fetch_optionals(); - $head = partnershipPrepareHead($object); + print dol_get_fiche_head($head, 'card', $langs->trans("Partnership"), -1, $object->picto); $formconfirm = ''; @@ -405,38 +414,35 @@ if ($object->id > 0 && (empty($action) || ($action != 'edit' && $action != 'crea $morehtmlref = '
'; /* // Ref customer - $morehtmlref.=$form->editfieldkey("RefCustomer", 'ref_client', $object->ref_client, $object, 0, 'string', '', 0, 1); - $morehtmlref.=$form->editfieldval("RefCustomer", 'ref_client', $object->ref_client, $object, 0, 'string', '', null, null, '', 1); + $morehtmlref .= $form->editfieldkey("RefCustomer", 'ref_client', $object->ref_client, $object, 0, 'string', '', 0, 1); + $morehtmlref .= $form->editfieldval("RefCustomer", 'ref_client', $object->ref_client, $object, 0, 'string', '', null, null, '', 1); // Thirdparty - $morehtmlref.='
'.$langs->trans('ThirdParty') . ' : ' . (is_object($object->thirdparty) ? $object->thirdparty->getNomUrl(1) : ''); + $morehtmlref .= '
'.$object->thirdparty->getNomUrl(1, 'customer'); + if (empty($conf->global->MAIN_DISABLE_OTHER_LINK) && $object->thirdparty->id > 0) { + $morehtmlref .= ' ('.$langs->trans("OtherOrders").')'; + } // Project - if (!empty($conf->project->enabled)) { - $langs->load("projects"); - $morehtmlref .= '
'.$langs->trans('Project') . ' '; - if ($permissiontoadd) { - //if ($action != 'classify') $morehtmlref.='' . img_edit($langs->transnoentitiesnoconv('SetProject')) . ' '; - $morehtmlref .= ' : '; - if ($action == 'classify') { - //$morehtmlref .= $form->form_project($_SERVER['PHP_SELF'] . '?id=' . $object->id, $object->socid, $object->fk_project, 'projectid', 0, 0, 0, 1, '', 'maxwidth300'); - $morehtmlref .= ''; - $morehtmlref .= ''; - $morehtmlref .= ''; - $morehtmlref .= $formproject->select_projects($object->socid, $object->fk_project, 'projectid', $maxlength, 0, 1, 0, 1, 0, 0, '', 1); - $morehtmlref .= ''; - $morehtmlref .= ''; - } else { - $morehtmlref.=$form->form_project($_SERVER['PHP_SELF'] . '?id=' . $object->id, $object->socid, $object->fk_project, 'none', 0, 0, 0, 1, '', 'maxwidth300'); - } - } else { - if (!empty($object->fk_project)) { - $proj = new Project($db); - $proj->fetch($object->fk_project); - $morehtmlref .= ': '.$proj->getNomUrl(); - } else { - $morehtmlref .= ''; - } - } - }*/ + if (isModEnabled('project')) { + $langs->load("projects"); + $morehtmlref .= '
'; + if ($permissiontoadd) { + $morehtmlref .= img_picto($langs->trans("Project"), 'project', 'class="pictofixedwidth"'); + if ($action != 'classify') { + $morehtmlref .= ''.img_edit($langs->transnoentitiesnoconv('SetProject')).' '; + } + $morehtmlref .= $form->form_project($_SERVER['PHP_SELF'].'?id='.$object->id, $object->socid, $object->fk_project, ($action == 'classify' ? 'projectid' : 'none'), 0, 0, 0, 1, '', 'maxwidth300'); + } else { + if (!empty($object->fk_project)) { + $proj = new Project($db); + $proj->fetch($object->fk_project); + $morehtmlref .= $proj->getNomUrl(1); + if ($proj->title) { + $morehtmlref .= ' - '.dol_escape_htmltag($proj->title).''; + } + } + } + } + */ $morehtmlref .= '
'; if (!isset($npfilter)) { $npfilter = ""; @@ -632,8 +638,8 @@ if ($object->id > 0 && (empty($action) || ($action != 'edit' && $action != 'crea $relativepath = $objref.'/'.$objref.'.pdf'; $filedir = $conf->partnership->dir_output.'/'.$object->element.'/'.$objref; $urlsource = $_SERVER["PHP_SELF"]."?id=".$object->id; - $genallowed = $user->rights->partnership->read; // If you can read, you can build the PDF to read content - $delallowed = $user->rights->partnership->write; // If you can create/edit, you can remove a file on card + $genallowed = $permissiontoread; // If you can read, you can build the PDF to read content + $delallowed = $permissiontoadd; // If you can create/edit, you can remove a file on card print $formfile->showdocuments('partnership:Partnership', $object->element.'/'.$objref, $filedir, $urlsource, $genallowed, $delallowed, $object->model_pdf, 1, 0, 0, 28, 0, '', '', '', $langs->defaultlang); } @@ -651,7 +657,7 @@ if ($object->id > 0 && (empty($action) || ($action != 'edit' && $action != 'crea // List of actions on element include_once DOL_DOCUMENT_ROOT.'/core/class/html.formactions.class.php'; $formactions = new FormActions($db); - $somethingshown = $formactions->showactions($object, $object->element, (is_object($object->thirdparty) ? $object->thirdparty->id : 0), 1, '', $MAXEVENT, '', $morehtmlcenter); + $somethingshown = $formactions->showactions($object, $object->element.'@'.$object->module, (is_object($object->thirdparty) ? $object->thirdparty->id : 0), 1, '', $MAXEVENT, '', $morehtmlcenter); print ''; } diff --git a/htdocs/public/onlinesign/newonlinesign.php b/htdocs/public/onlinesign/newonlinesign.php index ac88f7b638f..f67894988c9 100644 --- a/htdocs/public/onlinesign/newonlinesign.php +++ b/htdocs/public/onlinesign/newonlinesign.php @@ -160,6 +160,9 @@ if ($source == 'proposal') { // Initialize technical object to manage hooks of page. Note that conf->hooks_modules contains array of hook context $hookmanager->initHooks(array('onlinesign')); +$error = 0; + + /* * Actions */ @@ -191,10 +194,6 @@ if ($action == 'confirm_refusepropal' && $confirm == 'yes') { if ($result < 0) { $error++; } - $result = $object->call_trigger('PROPAL_CLOSE_REFUSED_WEB', $user); - if ($result < 0) { - $error++; - } } } else { $db->rollback(); diff --git a/htdocs/public/partnership/new.php b/htdocs/public/partnership/new.php index 9891a9f3c9d..fdc62ce366a 100644 --- a/htdocs/public/partnership/new.php +++ b/htdocs/public/partnership/new.php @@ -270,6 +270,7 @@ if (empty($reshook) && $action == 'add') { $company->zip = GETPOST('zipcode'); $company->town = GETPOST('town'); $company->email = GETPOST('email'); + $company->url = GETPOST('url'); $company->country_id = GETPOST('country_id', 'int'); $company->state_id = GETPOST('state_id', 'int'); $company->name_alias = dolGetFirstLastname(GETPOST('firstname'), GETPOST('lastname')); @@ -303,12 +304,16 @@ if (empty($reshook) && $action == 'add') { if (empty($company->email)) { $company->email = GETPOST('email'); } + if (empty($company->url)) { + $company->url = GETPOST('url'); + } if (empty($company->state_id)) { $company->state_id = GETPOST('state_id', 'int'); } if (empty($company->name_alias)) { $company->name_alias = dolGetFirstLastname(GETPOST('firstname'), GETPOST('lastname')); } + $company->update(0); } @@ -617,6 +622,20 @@ print ''."\n"; +// Url +print ''."\n"; // Address print ''."\n"; diff --git a/htdocs/ticket/agenda.php b/htdocs/ticket/agenda.php index 69011f19cfc..81771003082 100644 --- a/htdocs/ticket/agenda.php +++ b/htdocs/ticket/agenda.php @@ -46,6 +46,9 @@ $track_id = GETPOST('track_id', 'alpha', 3); $socid = GETPOST('socid', 'int'); $action = GETPOST('action', 'aZ09'); +// Store current page url +$url_page_current = DOL_URL_ROOT.'/ticket/agenda.php'; + $limit = GETPOST('limit', 'int') ? GETPOST('limit', 'int') : $conf->liste_limit; $sortfield = GETPOST('sortfield', 'aZ09comma'); $sortorder = GETPOST('sortorder', 'aZ09comma'); diff --git a/htdocs/ticket/contact.php b/htdocs/ticket/contact.php index d858a4d7334..3168e3dd01e 100644 --- a/htdocs/ticket/contact.php +++ b/htdocs/ticket/contact.php @@ -252,7 +252,7 @@ if ($id > 0 || !empty($track_id) || !empty($ref)) { $linkback = ''.$langs->trans("BackToList").' '; - dol_banner_tab($object, 'ref', $linkback, ($user->socid ? 0 : 1), 'ref', 'ref', $morehtmlref, '', 0, '', '', 1, ''); + dol_banner_tab($object, 'ref', $linkback, (empty($user->socid) ? 1 : 0), 'ref', 'ref', $morehtmlref, '', 0, '', '', 1, ''); print dol_get_fiche_end(); diff --git a/htdocs/ticket/document.php b/htdocs/ticket/document.php index 1c7a25323e2..9c2208e9864 100644 --- a/htdocs/ticket/document.php +++ b/htdocs/ticket/document.php @@ -49,6 +49,9 @@ $track_id = GETPOST('track_id', 'alpha'); $action = GETPOST('action', 'alpha'); $confirm = GETPOST('confirm', 'alpha'); +// Store current page url +$url_page_current = DOL_URL_ROOT.'/ticket/document.php'; + // Get parameters $limit = GETPOST('limit', 'int') ? GETPOST('limit', 'int') : $conf->liste_limit; $sortfield = GETPOST('sortfield', 'aZ09comma'); diff --git a/htdocs/ticket/messaging.php b/htdocs/ticket/messaging.php index a8e5fa8dbd8..a1e912fd05f 100644 --- a/htdocs/ticket/messaging.php +++ b/htdocs/ticket/messaging.php @@ -46,6 +46,9 @@ $track_id = GETPOST('track_id', 'alpha', 3); $socid = GETPOST('socid', 'int'); $action = GETPOST('action', 'aZ09'); +// Store current page url +$url_page_current = DOL_URL_ROOT.'/ticket/messaging.php'; + $limit = GETPOST('limit', 'int') ?GETPOST('limit', 'int') : $conf->liste_limit; $sortfield = GETPOST("sortfield", "aZ09comma"); $sortorder = GETPOST("sortorder", 'aZ09comma');
'.$langs->trans("Parameters").''.$langs->trans("Value").'
'; - $checkbox_selected = (GETPOST('send_email') == "1" ? ' checked' : ($conf->global->TICKETS_MESSAGE_FORCE_MAIL?'checked':'')); + $checkbox_selected = (GETPOST('send_email') == "1" ? ' checked' : (getDolGlobalInt('TICKETS_MESSAGE_FORCE_MAIL')?'checked':'')); print ' '; print ''; $texttooltip = $langs->trans("TicketMessageSendEmailHelp", '{s1}'); @@ -1463,7 +1463,7 @@ class FormTicket // Subject print '
'.$langs->trans("Email").' *'; //print img_picto('', 'email', 'class="pictofixedwidth"'); print '
'.$langs->trans("Url").' *'; +print ''; +if (getDolGlobalString('PARTNERSHIP_BACKLINKS_TO_CHECK')) { + $listofkeytocheck = explode('|', getDolGlobalString('PARTNERSHIP_BACKLINKS_TO_CHECK')); + $i = 0; + $s = ''; + foreach ($listofkeytocheck as $val) { + $i++; + $s .= ($s ? ($i == count($listofkeytocheck) ? ' '.$langs->trans("or").' ' : ', ') : '').$val; + } + print '
'.$langs->trans("ThisUrlMustContainsAtLeastOneLinkToWebsite", $s).''; +} +print '
'.$langs->trans("Address").''."\n"; print '