From 545db83ecd4db0a28865bc7256a50116d23f211f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20FRANCE?=
 <frederic34@users.noreply.github.com>
Date: Tue, 16 Aug 2022 20:17:44 +0200
Subject: [PATCH 1/3] remove duplicate

---
 htdocs/admin/oauthlogintokens.php | 1 -
 1 file changed, 1 deletion(-)

diff --git a/htdocs/admin/oauthlogintokens.php b/htdocs/admin/oauthlogintokens.php
index 8697b400a2b..574d4d96353 100644
--- a/htdocs/admin/oauthlogintokens.php
+++ b/htdocs/admin/oauthlogintokens.php
@@ -190,7 +190,6 @@ if ($mode == 'setup' && $user->admin) {
 		$tokenobj = null;
 		// Token
 		require_once DOL_DOCUMENT_ROOT.'/includes/OAuth/bootstrap.php';
-		require_once DOL_DOCUMENT_ROOT.'/includes/OAuth/bootstrap.php';
 		// Dolibarr storage
 		$storage = new DoliStorage($db, $conf);
 		try {

From 1d1228286ce2d29664d51c3a5d20fa808415bfe7 Mon Sep 17 00:00:00 2001
From: ksar <35605507+ksar-ksar@users.noreply.github.com>
Date: Wed, 17 Aug 2022 09:45:27 +0200
Subject: [PATCH 2/3] FIX #21772

---
 htdocs/fourn/facture/paiement.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/htdocs/fourn/facture/paiement.php b/htdocs/fourn/facture/paiement.php
index cb9ca7437bb..1431e1bc4bf 100644
--- a/htdocs/fourn/facture/paiement.php
+++ b/htdocs/fourn/facture/paiement.php
@@ -183,7 +183,7 @@ if (empty($reshook)) {
 				if ($result <= 0) {
 					dol_print_error($db);
 				}
-				$multicurrency_amountsresttopay[$cursorfacid] = price2num($tmpinvoice->total_ttc - $tmpinvoice->getSommePaiement(1));
+				$multicurrency_amountsresttopay[$cursorfacid] = price2num($tmpinvoice->multicurrency_total_ttc - $tmpinvoice->getSommePaiement(1));
 				if ($multicurrency_amounts[$cursorfacid]) {
 					// Check amount
 					if ($multicurrency_amounts[$cursorfacid] && (abs($multicurrency_amounts[$cursorfacid]) > abs($multicurrency_amountsresttopay[$cursorfacid]))) {

From 293ad34ca8dd426ca952daab1c376a7cc6ec88ff Mon Sep 17 00:00:00 2001
From: Regis Houssin <regis.houssin@inodbox.com>
Date: Thu, 18 Aug 2022 17:02:20 +0200
Subject: [PATCH 3/3] FIX security for Multicompany

---
 htdocs/core/ajax/onlineSign.php            | 2 +-
 htdocs/core/lib/signature.lib.php          | 2 +-
 htdocs/public/onlinesign/newonlinesign.php | 6 +-----
 3 files changed, 3 insertions(+), 7 deletions(-)

diff --git a/htdocs/core/ajax/onlineSign.php b/htdocs/core/ajax/onlineSign.php
index 56cc79662ae..67c3c989a3a 100644
--- a/htdocs/core/ajax/onlineSign.php
+++ b/htdocs/core/ajax/onlineSign.php
@@ -73,7 +73,7 @@ if ($type == 'proposal') {
 	$securekeyseed = getDolGlobalString('PROPOSAL_ONLINE_SIGNATURE_SECURITY_TOKEN');
 }
 
-if (!dol_verifyHash($securekeyseed.$type.$ref, $SECUREKEY, '0')) {
+if (!dol_verifyHash($securekeyseed.$type.$ref.(empty($conf->multicompany->enabled) ? '' : $entity), $SECUREKEY, '0')) {
 	http_response_code(403);
 	print 'Bad value for securitykey. Value provided '.dol_escape_htmltag($SECUREKEY).' does not match expected value for ref='.dol_escape_htmltag($ref);
 	exit(-1);
diff --git a/htdocs/core/lib/signature.lib.php b/htdocs/core/lib/signature.lib.php
index 33b0a1e8e5e..0351043b110 100644
--- a/htdocs/core/lib/signature.lib.php
+++ b/htdocs/core/lib/signature.lib.php
@@ -91,7 +91,7 @@ function getOnlineSignatureUrl($mode, $type, $ref = '', $localorexternal = 1)
 		if ($mode == 1) {
 			$out .= "hash('".$securekeyseed."' + '".$type."' + proposal_ref)";
 		} else {
-			$out .= '&securekey='.dol_hash($securekeyseed.$type.$ref, '0');
+			$out .= '&securekey='.dol_hash($securekeyseed.$type.$ref.(empty($conf->multicompany->enabled) ? '' : $object->entity), '0');
 		}
 		/*
 		if ($mode == 1) {
diff --git a/htdocs/public/onlinesign/newonlinesign.php b/htdocs/public/onlinesign/newonlinesign.php
index 5dca1604f58..a3ad1eaf645 100644
--- a/htdocs/public/onlinesign/newonlinesign.php
+++ b/htdocs/public/onlinesign/newonlinesign.php
@@ -139,7 +139,7 @@ if ($source == 'proposal') {
 	$securekeyseed = $conf->global->PROPOSAL_ONLINE_SIGNATURE_SECURITY_TOKEN;
 }
 
-if (!dol_verifyHash($securekeyseed.$type.$ref, $SECUREKEY, '0')) {
+if (!dol_verifyHash($securekeyseed.$type.$ref.(empty($conf->multicompany->enabled) ? '' : $entity), $SECUREKEY, '0')) {
 	http_response_code(403);
 	print 'Bad value for securitykey. Value provided '.dol_escape_htmltag($SECUREKEY).' does not match expected value for ref='.dol_escape_htmltag($ref);
 	exit(-1);
@@ -292,7 +292,6 @@ if ($source == 'proposal') {
 	$result = $object->fetch_thirdparty($object->socid);
 
 	// Creditor
-
 	print '<tr class="CTableRow2"><td class="CTableRow2">'.$langs->trans("Creditor");
 	print '</td><td class="CTableRow2">';
 	print img_picto('', 'company', 'class="pictofixedwidth"');
@@ -301,7 +300,6 @@ if ($source == 'proposal') {
 	print '</td></tr>'."\n";
 
 	// Debitor
-
 	print '<tr class="CTableRow2"><td class="CTableRow2">'.$langs->trans("ThirdParty");
 	print '</td><td class="CTableRow2">';
 	print img_picto('', 'company', 'class="pictofixedwidth"');
@@ -309,14 +307,12 @@ if ($source == 'proposal') {
 	print '</td></tr>'."\n";
 
 	// Amount
-
 	print '<tr class="CTableRow2"><td class="CTableRow2">'.$langs->trans("Amount");
 	print '</td><td class="CTableRow2">';
 	print '<b>'.price($object->total_ttc, 0, $langs, 1, -1, -1, $conf->currency).'</b>';
 	print '</td></tr>'."\n";
 
 	// Object
-
 	$text = '<b>'.$langs->trans("SignatureProposalRef", $object->ref).'</b>';
 	print '<tr class="CTableRow2"><td class="CTableRow2">'.$langs->trans("Designation");
 	print '</td><td class="CTableRow2">'.$text;