lainwir3d/dolibarr
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge branch 'develop' of https://github.com/Dolibarr/dolibarr.git into

Browse Source 
develop_ticket

Conflicts:
	htdocs/core/class/html.formticketsup.class.php
This commit is contained in:
Regis Houssin 2018-04-19 15:58:14 +02:00
commit 5b79b76685
37 changed files with 493 additions and 563 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
htdocs/adherents/cartes/carte.php
View File

@ -29,19 +29,18 @@ require_once DOL_DOCUMENT_ROOT.'/adherents/class/adherent.class.php';
require_once DOL_DOCUMENT_ROOT.'/core/modules/member/modules_cards.php'; require_once DOL_DOCUMENT_ROOT.'/core/modules/member/modules_cards.php';
require_once DOL_DOCUMENT_ROOT.'/core/modules/printsheet/modules_labels.php'; require_once DOL_DOCUMENT_ROOT.'/core/modules/printsheet/modules_labels.php';
$langs->load("members"); $langs->loadLangs(array("members","errors"));
$langs->load("errors");
// Choix de l'annee d'impression ou annee courante. // Choix de l'annee d'impression ou annee courante.
$now = dol_now(); $now = dol_now();
$year=dol_print_date($now,'%Y'); $year=dol_print_date($now,'%Y');
$month=dol_print_date($now,'%m'); $month=dol_print_date($now,'%m');
$day=dol_print_date($now,'%d'); $day=dol_print_date($now,'%d');
$foruserid=GETPOST('foruserid'); $foruserid=GETPOST('foruserid','alphanohtml');
$foruserlogin=GETPOST('foruserlogin'); $foruserlogin=GETPOST('foruserlogin','alphanohtml');
$mode=GETPOST('mode'); $mode=GETPOST('mode','aZ09');
$model=GETPOST("model"); // Doc template to use for business cards $model=GETPOST("model",'aZ09'); // Doc template to use for business cards
$modellabel=GETPOST("modellabel"); // Doc template to use for address sheet $modellabel=GETPOST("modellabel",'aZ09'); // Doc template to use for address sheet
$mesg=''; $mesg='';
$adherentstatic=new Adherent($db); $adherentstatic=new Adherent($db);

2
htdocs/adherents/list.php
View File

@ -43,7 +43,7 @@ $toselect = GETPOST('toselect', 'array');
$result=restrictedArea($user,'adherent'); $result=restrictedArea($user,'adherent');
$filter=GETPOST("filter",'alpha'); $filter=GETPOST("filter",'alpha');
$statut=GETPOST("statut",'alpha'); $statut=GETPOST("statut",'intcomma');
$search=GETPOST("search",'alpha'); $search=GETPOST("search",'alpha');
$search_ref=GETPOST("search_ref",'alpha'); $search_ref=GETPOST("search_ref",'alpha');
$search_lastname=GETPOST("search_lastname",'alpha'); $search_lastname=GETPOST("search_lastname",'alpha');

34
htdocs/admin/agenda.php
View File

@ -75,6 +75,12 @@ else
if (GETPOST('button_removefilter_x','alpha') || GETPOST('button_removefilter.x','alpha') ||GETPOST('button_removefilter','alpha')) // All tests are required to be compatible with all browsers if (GETPOST('button_removefilter_x','alpha') || GETPOST('button_removefilter.x','alpha') ||GETPOST('button_removefilter','alpha')) // All tests are required to be compatible with all browsers
{ {
$search_event = ''; $search_event = '';
$action = '';
}
if (GETPOST('button_search_x','alpha') || GETPOST('button_search.x','alpha') ||GETPOST('button_search','alpha')) // To avoid the save when we click on search
{
$action = '';
} }
if ($action == "save" && empty($cancel)) if ($action == "save" && empty($cancel))
@ -106,34 +112,6 @@ if ($action == "save" && empty($cancel))
} }
} }
if (preg_match('/set_(.*)/',$action,$reg))
{
$code=$reg[1];
$value=(GETPOST($code) ? GETPOST($code) : 1);
if (dolibarr_set_const($db, $code, $value, 'chaine', 0, '', $conf->entity) > 0)
{
Header("Location: ".$_SERVER["PHP_SELF"]);
exit;
}
else
{
dol_print_error($db);
}
}
if (preg_match('/del_(.*)/',$action,$reg))
{
$code=$reg[1];
if (dolibarr_del_const($db, $code, $conf->entity) > 0)
{
Header("Location: ".$_SERVER["PHP_SELF"]);
exit;
}
else
{
dol_print_error($db);
}
}
/** /**

6
htdocs/admin/agenda_other.php
View File

@ -52,10 +52,10 @@ $type = 'action';
include DOL_DOCUMENT_ROOT.'/core/actions_setmoduleoptions.inc.php'; include DOL_DOCUMENT_ROOT.'/core/actions_setmoduleoptions.inc.php';
if (preg_match('/set_(.*)/',$action,$reg)) if (preg_match('/set_([a-z0-9_\-]+)/i',$action,$reg))
{ {
$code=$reg[1]; $code=$reg[1];
$value=(GETPOST($code) ? GETPOST($code) : 1); $value=(GETPOST($code, 'alpha') ? GETPOST($code, 'alpha') : 1);
if (dolibarr_set_const($db, $code, $value, 'chaine', 0, '', $conf->entity) > 0) if (dolibarr_set_const($db, $code, $value, 'chaine', 0, '', $conf->entity) > 0)
{ {
Header("Location: ".$_SERVER["PHP_SELF"]); Header("Location: ".$_SERVER["PHP_SELF"]);
@ -67,7 +67,7 @@ if (preg_match('/set_(.*)/',$action,$reg))
} }
} }
if (preg_match('/del_(.*)/',$action,$reg)) if (preg_match('/del_([a-z0-9_\-]+)/i',$action,$reg))
{ {
$code=$reg[1]; $code=$reg[1];
if (dolibarr_del_const($db, $code, $conf->entity) > 0) if (dolibarr_del_const($db, $code, $conf->entity) > 0)

6
htdocs/admin/agenda_reminder.php
View File

@ -47,10 +47,10 @@ $type = 'action';
include DOL_DOCUMENT_ROOT.'/core/actions_setmoduleoptions.inc.php'; include DOL_DOCUMENT_ROOT.'/core/actions_setmoduleoptions.inc.php';
if (preg_match('/set_(.*)/',$action,$reg)) if (preg_match('/set_([a-z0-9_\-]+)/i',$action,$reg))
{ {
$code=$reg[1]; $code=$reg[1];
$value=(GETPOST($code) ? GETPOST($code) : 1); $value=(GETPOST($code, 'alpha') ? GETPOST($code, 'alpha') : 1);
if (dolibarr_set_const($db, $code, $value, 'chaine', 0, '', $conf->entity) > 0) if (dolibarr_set_const($db, $code, $value, 'chaine', 0, '', $conf->entity) > 0)
{ {
Header("Location: ".$_SERVER["PHP_SELF"]); Header("Location: ".$_SERVER["PHP_SELF"]);
@ -62,7 +62,7 @@ if (preg_match('/set_(.*)/',$action,$reg))
} }
} }
if (preg_match('/del_(.*)/',$action,$reg)) if (preg_match('/del_([a-z0-9_\-]+)/i',$action,$reg))
{ {
$code=$reg[1]; $code=$reg[1];
if (dolibarr_del_const($db, $code, $conf->entity) > 0) if (dolibarr_del_const($db, $code, $conf->entity) > 0)

4
htdocs/admin/ecm.php
View File

@ -33,7 +33,7 @@ if (! $user->admin) accessforbidden();
/* /*
* Action * Action
*/ */
if (preg_match('/set_(.*)/',$action,$reg)) if (preg_match('/set_([a-z0-9_\-]+)/i',$action,$reg))
{ {
$code=$reg[1]; $code=$reg[1];
if (dolibarr_set_const($db, $code, 1, 'chaine', 0, '', $conf->entity) > 0) if (dolibarr_set_const($db, $code, 1, 'chaine', 0, '', $conf->entity) > 0)
@ -47,7 +47,7 @@ if (preg_match('/set_(.*)/',$action,$reg))
} }
} }
if (preg_match('/del_(.*)/',$action,$reg)) if (preg_match('/del_([a-z0-9_\-]+)/i',$action,$reg))
{ {
$code=$reg[1]; $code=$reg[1];
if (dolibarr_del_const($db, $code, $conf->entity) > 0) if (dolibarr_del_const($db, $code, $conf->entity) > 0)

7
htdocs/admin/multicurrency.php
View File

@ -48,10 +48,11 @@ $action = GETPOST('action', 'alpha');
*/ */
if (preg_match('/set_(.*)/',$action,$reg)) if (preg_match('/set_([a-z0-9_\-]+)/i',$action,$reg))
{ {
$code=$reg[1]; $code=$reg[1];
if (dolibarr_set_const($db, $code, GETPOST($code), 'chaine', 0, '', $conf->entity) > 0) $value=(GETPOST($code, 'alpha') ? GETPOST($code, 'alpha') : 1);
if (dolibarr_set_const($db, $code, $value, 'chaine', 0, '', $conf->entity) > 0)
{ {
header("Location: ".$_SERVER["PHP_SELF"]); header("Location: ".$_SERVER["PHP_SELF"]);
exit; exit;
@ -62,7 +63,7 @@ if (preg_match('/set_(.*)/',$action,$reg))
} }
} }
if (preg_match('/del_(.*)/',$action,$reg)) if (preg_match('/del_([a-z0-9_\-]+)/i',$action,$reg))
{ {
$code=$reg[1]; $code=$reg[1];
if (dolibarr_del_const($db, $code, 0) > 0) if (dolibarr_del_const($db, $code, 0) > 0)

44
htdocs/admin/security_file.php
View File

@ -51,41 +51,17 @@ if (GETPOST('sendit') && ! empty($conf->global->MAIN_UPLOAD_DOC))
dol_add_file_process($upload_dir, 0, 0, 'userfile'); dol_add_file_process($upload_dir, 0, 0, 'userfile');
} }
if (preg_match('/set_(.*)/',$action,$reg)) if ($action == 'updateform')
{ {
$code=$reg[1]; $antivircommand = GETPOST('MAIN_ANTIVIRUS_COMMAND','none'); // Use GETPOST none because we must accept ". Example c:\Progra~1\ClamWin\bin\clamscan.exe
$value=(GETPOST($code, 'alpha') ? GETPOST($code, 'alpha') : 1); $antivirparam = GETPOST('MAIN_ANTIVIRUS_PARAM','none'); // Use GETPOST none because we must accept ". Example --database="C:\Program Files (x86)\ClamWin\lib"
if (dolibarr_set_const($db, $code, $value, 'chaine', 0, '', $conf->entity) > 0) $antivircommand = dol_string_nospecial($antivircommand, '', array("|", ";", "<", ">", "&")); // Sanitize command
{ $antivirparam = dol_string_nospecial($antivirparam, '', array("|", ";", "<", ">", "&")); // Sanitize params
Header("Location: ".$_SERVER["PHP_SELF"]);
exit;
}
else
{
dol_print_error($db);
}
}
else if (preg_match('/del_(.*)/',$action,$reg))
{
$code=$reg[1];
if (dolibarr_del_const($db, $code, $conf->entity) > 0)
{
Header("Location: ".$_SERVER["PHP_SELF"]);
exit;
}
else
{
dol_print_error($db);
}
}
else if ($action == 'updateform')
{
$res3=dolibarr_set_const($db, 'MAIN_UPLOAD_DOC',GETPOST('MAIN_UPLOAD_DOC','alpha'),'chaine',0,'',$conf->entity); $res3=dolibarr_set_const($db, 'MAIN_UPLOAD_DOC',GETPOST('MAIN_UPLOAD_DOC','alpha'),'chaine',0,'',$conf->entity);
$res4=dolibarr_set_const($db, "MAIN_UMASK", GETPOST('MAIN_UMASK','alpha'),'chaine',0,'',$conf->entity); $res4=dolibarr_set_const($db, "MAIN_UMASK", GETPOST('MAIN_UMASK','alpha'),'chaine',0,'',$conf->entity);
$res5=dolibarr_set_const($db, "MAIN_ANTIVIRUS_COMMAND", trim(GETPOST('MAIN_ANTIVIRUS_COMMAND','none')),'chaine',0,'',$conf->entity); // Use GETPOST none because we must accept " $res5=dolibarr_set_const($db, "MAIN_ANTIVIRUS_COMMAND", trim($antivircommand),'chaine',0,'',$conf->entity);
$res6=dolibarr_set_const($db, "MAIN_ANTIVIRUS_PARAM", trim(GETPOST('MAIN_ANTIVIRUS_PARAM','none')),'chaine',0,'',$conf->entity); // Use GETPOST none because we must accept " $res6=dolibarr_set_const($db, "MAIN_ANTIVIRUS_PARAM", trim($antivirparam),'chaine',0,'',$conf->entity);
if ($res3 && $res4 && $res5 && $res6) setEventMessages($langs->trans("RecordModifiedSuccessfully"), null, 'mesgs'); if ($res3 && $res4 && $res5 && $res6) setEventMessages($langs->trans("RecordModifiedSuccessfully"), null, 'mesgs');
} }
@ -95,10 +71,10 @@ else if ($action == 'updateform')
else if ($action == 'delete') else if ($action == 'delete')
{ {
$langs->load("other"); $langs->load("other");
$file = $conf->admin->dir_temp . '/' . GETPOST('urlfile'); // Do not use urldecode here ($_GET and $_REQUEST are already decoded by PHP). $file = $conf->admin->dir_temp . '/' . GETPOST('urlfile','alpha'); // Do not use urldecode here ($_GET and $_REQUEST are already decoded by PHP).
$ret=dol_delete_file($file); $ret=dol_delete_file($file);
if ($ret) setEventMessages($langs->trans("FileWasRemoved", GETPOST('urlfile')), null, 'mesgs'); if ($ret) setEventMessages($langs->trans("FileWasRemoved", GETPOST('urlfile','alpha')), null, 'mesgs');
else setEventMessages($langs->trans("ErrorFailToDeleteFile", GETPOST('urlfile')), null, 'errors'); else setEventMessages($langs->trans("ErrorFailToDeleteFile", GETPOST('urlfile','alpha')), null, 'errors');
Header('Location: '.$_SERVER["PHP_SELF"]); Header('Location: '.$_SERVER["PHP_SELF"]);
exit; exit;
} }

6
htdocs/admin/security_other.php
View File

@ -43,10 +43,10 @@ $action=GETPOST('action','alpha');
* Actions * Actions
*/ */
if (preg_match('/set_(.*)/',$action,$reg)) if (preg_match('/set_([a-z0-9_\-]+)/i',$action,$reg))
{ {
$code=$reg[1]; $code=$reg[1];
$value=(GETPOST($code) ? GETPOST($code) : 1); $value=(GETPOST($code, 'alpha') ? GETPOST($code, 'alpha') : 1);
if (dolibarr_set_const($db, $code, $value, 'chaine', 0, '', $conf->entity) > 0) if (dolibarr_set_const($db, $code, $value, 'chaine', 0, '', $conf->entity) > 0)
{ {
Header("Location: ".$_SERVER["PHP_SELF"]); Header("Location: ".$_SERVER["PHP_SELF"]);
@ -58,7 +58,7 @@ if (preg_match('/set_(.*)/',$action,$reg))
} }
} }
else if (preg_match('/del_(.*)/',$action,$reg)) else if (preg_match('/del_([a-z0-9_\-]+)/i',$action,$reg))
{ {
$code=$reg[1]; $code=$reg[1];
if (dolibarr_del_const($db, $code, $conf->entity) > 0) if (dolibarr_del_const($db, $code, $conf->entity) > 0)

82
htdocs/admin/ticketsup.php
View File

@ -71,7 +71,7 @@ if ($action == 'updateMask') {
if (!empty($notification_email)) { if (!empty($notification_email)) {
$res = dolibarr_set_const($db, 'TICKETS_NOTIFICATION_EMAIL_FROM', $notification_email, 'chaine', 0, '', $conf->entity); $res = dolibarr_set_const($db, 'TICKETS_NOTIFICATION_EMAIL_FROM', $notification_email, 'chaine', 0, '', $conf->entity);
} else { } else {
$res = dolibarr_set_const($db, 'TICKETS_NOTIFICATION_EMAIL_FROM', '000000', 'chaine', 0, '', $conf->entity); $res = dolibarr_set_const($db, 'TICKETS_NOTIFICATION_EMAIL_FROM', '', 'chaine', 0, '', $conf->entity);
} }
if (!$res > 0) { if (!$res > 0) {
$error++; $error++;
@ -82,7 +82,7 @@ if ($action == 'updateMask') {
if (!empty($notification_email_to)) { if (!empty($notification_email_to)) {
$res = dolibarr_set_const($db, 'TICKETS_NOTIFICATION_EMAIL_TO', $notification_email_to, 'chaine', 0, '', $conf->entity); $res = dolibarr_set_const($db, 'TICKETS_NOTIFICATION_EMAIL_TO', $notification_email_to, 'chaine', 0, '', $conf->entity);
} else { } else {
$res = dolibarr_set_const($db, 'TICKETS_NOTIFICATION_EMAIL_TO', '000000', 'chaine', 0, '', $conf->entity); $res = dolibarr_set_const($db, 'TICKETS_NOTIFICATION_EMAIL_TO', '', 'chaine', 0, '', $conf->entity);
} }
if (!$res > 0) { if (!$res > 0) {
$error++; $error++;
@ -184,16 +184,22 @@ if ($action == 'setvarother') {
$error++; $error++;
} }
$param_show_module_logo = GETPOST('TICKETS_SHOW_MODULE_LOGO', 'alpha'); if ($conf->global->MAIN_FEATURES_LEVEL >= 2)
$res = dolibarr_set_const($db, 'TICKETS_SHOW_MODULE_LOGO', $param_show_module_logo, 'chaine', 0, '', $conf->entity); {
if (!$res > 0) { $param_show_module_logo = GETPOST('TICKETS_SHOW_MODULE_LOGO', 'alpha');
$error++; $res = dolibarr_set_const($db, 'TICKETS_SHOW_MODULE_LOGO', $param_show_module_logo, 'chaine', 0, '', $conf->entity);
if (!$res > 0) {
$error++;
}
} }
$param_notification_also_main_addressemail = GETPOST('TICKETS_NOTIFICATION_ALSO_MAIN_ADDRESS', 'alpha'); if ($conf->global->MAIN_FEATURES_LEVEL >= 2)
$res = dolibarr_set_const($db, 'TICKETS_NOTIFICATION_ALSO_MAIN_ADDRESS', $param_notification_also_main_addressemail, 'chaine', 0, '', $conf->entity); {
if (!$res > 0) { $param_notification_also_main_addressemail = GETPOST('TICKETS_NOTIFICATION_ALSO_MAIN_ADDRESS', 'alpha');
$error++; $res = dolibarr_set_const($db, 'TICKETS_NOTIFICATION_ALSO_MAIN_ADDRESS', $param_notification_also_main_addressemail, 'chaine', 0, '', $conf->entity);
if (!$res > 0) {
$error++;
}
} }
$param_limit_view = GETPOST('TICKETS_LIMIT_VIEW_ASSIGNED_ONLY', 'alpha'); $param_limit_view = GETPOST('TICKETS_LIMIT_VIEW_ASSIGNED_ONLY', 'alpha');
@ -380,20 +386,23 @@ print $form->textwithpicto('', $langs->trans("TicketsEmailMustExistHelp"), 1, 'h
print '</td>'; print '</td>';
print '</tr>'; print '</tr>';
// Show logo for module if ($conf->global->MAIN_FEATURES_LEVEL >= 2)
print '<tr class="pair"><td width="70%">' . $langs->trans("TicketsShowModuleLogo") . '</td>'; {
print '<td align="left">'; // Show logo for module
if ($conf->use_javascript_ajax) { print '<tr class="pair"><td width="70%">' . $langs->trans("TicketsShowModuleLogo") . '</td>';
print ajax_constantonoff('TICKETS_SHOW_MODULE_LOGO'); print '<td align="left">';
} else { if ($conf->use_javascript_ajax) {
$arrval = array('0' => $langs->trans("No"), '1' => $langs->trans("Yes")); print ajax_constantonoff('TICKETS_SHOW_MODULE_LOGO');
print $form->selectarray("TICKETS_SHOW_MODULE_LOGO", $arrval, $conf->global->TICKETS_SHOW_MODULE_LOGO); } else {
$arrval = array('0' => $langs->trans("No"), '1' => $langs->trans("Yes"));
print $form->selectarray("TICKETS_SHOW_MODULE_LOGO", $arrval, $conf->global->TICKETS_SHOW_MODULE_LOGO);
}
print '</td>';
print '<td align="center">';
print $form->textwithpicto('', $langs->trans("TicketsShowModuleLogoHelp"), 1, 'help');
print '</td>';
print '</tr>';
} }
print '</td>';
print '<td align="center">';
print $form->textwithpicto('', $langs->trans("TicketsShowModuleLogoHelp"), 1, 'help');
print '</td>';
print '</tr>';
// Show logo for company // Show logo for company
print '<tr class="pair"><td width="70%">' . $langs->trans("TicketsShowCompanyLogo") . '</td>'; print '<tr class="pair"><td width="70%">' . $langs->trans("TicketsShowCompanyLogo") . '</td>';
@ -446,19 +455,22 @@ print '</td>';
print '</tr>'; print '</tr>';
// Also send to main email address // Also send to main email address
print '<tr class="pair"><td width="70%">' . $langs->trans("TicketsEmailAlsoSendToMainAddress") . '</td>'; if ($conf->global->MAIN_FEATURES_LEVEL >= 2)
print '<td align="left">'; {
if ($conf->use_javascript_ajax) { print '<tr class="pair"><td width="70%">' . $langs->trans("TicketsEmailAlsoSendToMainAddress") . '</td>';
print ajax_constantonoff('TICKETS_NOTIFICATION_ALSO_MAIN_ADDRESS'); print '<td align="left">';
} else { if ($conf->use_javascript_ajax) {
$arrval = array('0' => $langs->trans("No"), '1' => $langs->trans("Yes")); print ajax_constantonoff('TICKETS_NOTIFICATION_ALSO_MAIN_ADDRESS');
print $form->selectarray("TICKETS_NOTIFICATION_ALSO_MAIN_ADDRESS", $arrval, $conf->global->TICKETS_NOTIFICATION_ALSO_MAIN_ADDRESS); } else {
$arrval = array('0' => $langs->trans("No"), '1' => $langs->trans("Yes"));
print $form->selectarray("TICKETS_NOTIFICATION_ALSO_MAIN_ADDRESS", $arrval, $conf->global->TICKETS_NOTIFICATION_ALSO_MAIN_ADDRESS);
}
print '</td>';
print '<td align="center">';
print $form->textwithpicto('', $langs->trans("TicketsEmailAlsoSendToMainAddressHelp"), 1, 'help');
print '</td>';
print '</tr>';
} }
print '</td>';
print '<td align="center">';
print $form->textwithpicto('', $langs->trans("TicketsEmailAlsoSendToMainAddressHelp"), 1, 'help');
print '</td>';
print '</tr>';
// Limiter la vue des tickets à ceux assignés à l'utilisateur // Limiter la vue des tickets à ceux assignés à l'utilisateur
print '<tr class="pair"><td width="70%">' . $langs->trans("TicketsLimitViewAssignedOnly") . '</td>'; print '<tr class="pair"><td width="70%">' . $langs->trans("TicketsLimitViewAssignedOnly") . '</td>';

4
htdocs/admin/user.php
View File

@ -86,7 +86,7 @@ elseif ($action == 'setdoc')
} }
$res = true; $res = true;
} }
elseif (preg_match('/set_(.*)/',$action,$reg)) elseif (preg_match('/set_([a-z0-9_\-]+)/i',$action,$reg))
{ {
$code=$reg[1]; $code=$reg[1];
if (dolibarr_set_const($db, $code, 1, 'chaine', 0, '', $conf->entity) > 0) if (dolibarr_set_const($db, $code, 1, 'chaine', 0, '', $conf->entity) > 0)
@ -100,7 +100,7 @@ elseif (preg_match('/set_(.*)/',$action,$reg))
} }
} }
elseif (preg_match('/del_(.*)/',$action,$reg)) elseif (preg_match('/del_([a-z0-9_\-]+)/i',$action,$reg))
{ {
$code=$reg[1]; $code=$reg[1];
if (dolibarr_del_const($db, $code, $conf->entity) > 0) if (dolibarr_del_const($db, $code, $conf->entity) > 0)

4
htdocs/admin/usergroup.php
View File

@ -83,7 +83,7 @@ elseif ($action == 'setdoc')
} }
$res = true; $res = true;
} }
elseif (preg_match('/set_(.*)/',$action,$reg)) elseif (preg_match('/set_([a-z0-9_\-]+)/i',$action,$reg))
{ {
$code=$reg[1]; $code=$reg[1];
if (dolibarr_set_const($db, $code, 1, 'chaine', 0, '', $conf->entity) > 0) if (dolibarr_set_const($db, $code, 1, 'chaine', 0, '', $conf->entity) > 0)
@ -97,7 +97,7 @@ elseif (preg_match('/set_(.*)/',$action,$reg))
} }
} }
elseif (preg_match('/del_(.*)/',$action,$reg)) elseif (preg_match('/del_([a-z0-9_\-]+)/i',$action,$reg))
{ {
$code=$reg[1]; $code=$reg[1];
if (dolibarr_del_const($db, $code, $conf->entity) > 0) if (dolibarr_del_const($db, $code, $conf->entity) > 0)

4
htdocs/categories/admin/categorie.php
View File

@ -38,7 +38,7 @@ $action=GETPOST('action','aZ09');
* Actions * Actions
*/ */
if (preg_match('/set_(.*)/',$action,$reg)) if (preg_match('/set_([a-z0-9_\-]+)/i',$action,$reg))
{ {
$code=$reg[1]; $code=$reg[1];
if (dolibarr_set_const($db, $code, 1, 'chaine', 0, '', $conf->entity) > 0) if (dolibarr_set_const($db, $code, 1, 'chaine', 0, '', $conf->entity) > 0)
@ -52,7 +52,7 @@ if (preg_match('/set_(.*)/',$action,$reg))
} }
} }
if (preg_match('/del_(.*)/',$action,$reg)) if (preg_match('/del_([a-z0-9_\-]+)/i',$action,$reg))
{ {
$code=$reg[1]; $code=$reg[1];
if (dolibarr_del_const($db, $code, $conf->entity) > 0) if (dolibarr_del_const($db, $code, $conf->entity) > 0)

3
htdocs/core/boxes/box_graph_invoices_permonth.php
View File

@ -222,13 +222,14 @@ class box_graph_invoices_permonth extends ModeleBoxes
$stringtoshow.='<div class="center hideobject" id="idfilter'.$this->boxcode.'">'; // hideobject is to start hidden $stringtoshow.='<div class="center hideobject" id="idfilter'.$this->boxcode.'">'; // hideobject is to start hidden
$stringtoshow.='<form class="flat formboxfilter" method="POST" action="'.$_SERVER["PHP_SELF"].'">'; $stringtoshow.='<form class="flat formboxfilter" method="POST" action="'.$_SERVER["PHP_SELF"].'">';
$stringtoshow.='<input type="hidden" name="action" value="'.$refreshaction.'">'; $stringtoshow.='<input type="hidden" name="action" value="'.$refreshaction.'">';
$stringtoshow.='<input type="hidden" name="page_y" value="">';
$stringtoshow.='<input type="hidden" name="DOL_AUTOSET_COOKIE" value="DOLUSERCOOKIE_box_'.$this->boxcode.':year,shownb,showtot">'; $stringtoshow.='<input type="hidden" name="DOL_AUTOSET_COOKIE" value="DOLUSERCOOKIE_box_'.$this->boxcode.':year,shownb,showtot">';
$stringtoshow.='<input type="checkbox" name="'.$param_shownb.'"'.($shownb?' checked':'').'> '.$langs->trans("NumberOfBillsByMonth"); $stringtoshow.='<input type="checkbox" name="'.$param_shownb.'"'.($shownb?' checked':'').'> '.$langs->trans("NumberOfBillsByMonth");
$stringtoshow.=' &nbsp; '; $stringtoshow.=' &nbsp; ';
$stringtoshow.='<input type="checkbox" name="'.$param_showtot.'"'.($showtot?' checked':'').'> '.$langs->trans("AmountOfBillsByMonthHT"); $stringtoshow.='<input type="checkbox" name="'.$param_showtot.'"'.($showtot?' checked':'').'> '.$langs->trans("AmountOfBillsByMonthHT");
$stringtoshow.='<br>'; $stringtoshow.='<br>';
$stringtoshow.=$langs->trans("Year").' <input class="flat" size="4" type="text" name="'.$param_year.'" value="'.$endyear.'">'; $stringtoshow.=$langs->trans("Year").' <input class="flat" size="4" type="text" name="'.$param_year.'" value="'.$endyear.'">';
$stringtoshow.='<input type="image" alt="'.$langs->trans("Refresh").'" src="'.img_picto($langs->trans("Refresh"),'refresh.png','','',1).'">'; $stringtoshow.='<input class="reposition inline-block valigntextbottom" type="image" alt="'.$langs->trans("Refresh").'" src="'.img_picto($langs->trans("Refresh"),'refresh.png','','',1).'">';
$stringtoshow.='</form>'; $stringtoshow.='</form>';
$stringtoshow.='</div>'; $stringtoshow.='</div>';
if ($shownb && $showtot) if ($shownb && $showtot)

3
htdocs/core/boxes/box_graph_invoices_supplier_permonth.php
View File

@ -219,13 +219,14 @@ class box_graph_invoices_supplier_permonth extends ModeleBoxes
$stringtoshow.='<div class="center hideobject" id="idfilter'.$this->boxcode.'">'; // hideobject is to start hidden $stringtoshow.='<div class="center hideobject" id="idfilter'.$this->boxcode.'">'; // hideobject is to start hidden
$stringtoshow.='<form class="flat formboxfilter" method="POST" action="'.$_SERVER["PHP_SELF"].'">'; $stringtoshow.='<form class="flat formboxfilter" method="POST" action="'.$_SERVER["PHP_SELF"].'">';
$stringtoshow.='<input type="hidden" name="action" value="'.$refreshaction.'">'; $stringtoshow.='<input type="hidden" name="action" value="'.$refreshaction.'">';
$stringtoshow.='<input type="hidden" name="page_y" value="">';
$stringtoshow.='<input type="hidden" name="DOL_AUTOSET_COOKIE" value="DOLUSERCOOKIE_box_'.$this->boxcode.':year,shownb,showtot">'; $stringtoshow.='<input type="hidden" name="DOL_AUTOSET_COOKIE" value="DOLUSERCOOKIE_box_'.$this->boxcode.':year,shownb,showtot">';
$stringtoshow.='<input type="checkbox" name="'.$param_shownb.'"'.($shownb?' checked':'').'> '.$langs->trans("NumberOfBillsByMonth"); $stringtoshow.='<input type="checkbox" name="'.$param_shownb.'"'.($shownb?' checked':'').'> '.$langs->trans("NumberOfBillsByMonth");
$stringtoshow.=' &nbsp; '; $stringtoshow.=' &nbsp; ';
$stringtoshow.='<input type="checkbox" name="'.$param_showtot.'"'.($showtot?' checked':'').'> '.$langs->trans("AmountOfBillsByMonthHT"); $stringtoshow.='<input type="checkbox" name="'.$param_showtot.'"'.($showtot?' checked':'').'> '.$langs->trans("AmountOfBillsByMonthHT");
$stringtoshow.='<br>'; $stringtoshow.='<br>';
$stringtoshow.=$langs->trans("Year").' <input class="flat" size="4" type="text" name="'.$param_year.'" value="'.$endyear.'">'; $stringtoshow.=$langs->trans("Year").' <input class="flat" size="4" type="text" name="'.$param_year.'" value="'.$endyear.'">';
$stringtoshow.='<input type="image" class="inline-block valigntextbottom" alt="'.$langs->trans("Refresh").'" src="'.img_picto($langs->trans("Refresh"),'refresh.png','','',1).'">'; $stringtoshow.='<input type="image" class="reposition inline-block valigntextbottom" alt="'.$langs->trans("Refresh").'" src="'.img_picto($langs->trans("Refresh"),'refresh.png','','',1).'">';
$stringtoshow.='</form>'; $stringtoshow.='</form>';
$stringtoshow.='</div>'; $stringtoshow.='</div>';
if ($shownb && $showtot) if ($shownb && $showtot)

3
htdocs/core/boxes/box_graph_orders_permonth.php
View File

@ -218,13 +218,14 @@ class box_graph_orders_permonth extends ModeleBoxes
$stringtoshow.='<div class="center hideobject" id="idfilter'.$this->boxcode.'">'; // hideobject is to start hidden $stringtoshow.='<div class="center hideobject" id="idfilter'.$this->boxcode.'">'; // hideobject is to start hidden
$stringtoshow.='<form class="flat formboxfilter" method="POST" action="'.$_SERVER["PHP_SELF"].'">'; $stringtoshow.='<form class="flat formboxfilter" method="POST" action="'.$_SERVER["PHP_SELF"].'">';
$stringtoshow.='<input type="hidden" name="action" value="'.$refreshaction.'">'; $stringtoshow.='<input type="hidden" name="action" value="'.$refreshaction.'">';
$stringtoshow.='<input type="hidden" name="page_y" value="">';
$stringtoshow.='<input type="hidden" name="DOL_AUTOSET_COOKIE" value="DOLUSERCOOKIE_box_'.$this->boxcode.':year,shownb,showtot">'; $stringtoshow.='<input type="hidden" name="DOL_AUTOSET_COOKIE" value="DOLUSERCOOKIE_box_'.$this->boxcode.':year,shownb,showtot">';
$stringtoshow.='<input type="checkbox" name="'.$param_shownb.'"'.($shownb?' checked':'').'> '.$langs->trans("NumberOfOrdersByMonth"); $stringtoshow.='<input type="checkbox" name="'.$param_shownb.'"'.($shownb?' checked':'').'> '.$langs->trans("NumberOfOrdersByMonth");
$stringtoshow.=' &nbsp; '; $stringtoshow.=' &nbsp; ';
$stringtoshow.='<input type="checkbox" name="'.$param_showtot.'"'.($showtot?' checked':'').'> '.$langs->trans("AmountOfOrdersByMonthHT"); $stringtoshow.='<input type="checkbox" name="'.$param_showtot.'"'.($showtot?' checked':'').'> '.$langs->trans("AmountOfOrdersByMonthHT");
$stringtoshow.='<br>'; $stringtoshow.='<br>';
$stringtoshow.=$langs->trans("Year").' <input class="flat" size="4" type="text" name="'.$param_year.'" value="'.$endyear.'">'; $stringtoshow.=$langs->trans("Year").' <input class="flat" size="4" type="text" name="'.$param_year.'" value="'.$endyear.'">';
$stringtoshow.='<input type="image" alt="'.$langs->trans("Refresh").'" src="'.img_picto($langs->trans("Refresh"),'refresh.png','','',1).'">'; $stringtoshow.='<input type="image" class="reposition inline-block valigntextbottom" alt="'.$langs->trans("Refresh").'" src="'.img_picto($langs->trans("Refresh"),'refresh.png','','',1).'">';
$stringtoshow.='</form>'; $stringtoshow.='</form>';
$stringtoshow.='</div>'; $stringtoshow.='</div>';
if ($shownb && $showtot) if ($shownb && $showtot)

3
htdocs/core/boxes/box_graph_orders_supplier_permonth.php
View File

@ -217,13 +217,14 @@ class box_graph_orders_supplier_permonth extends ModeleBoxes
$stringtoshow.='<div class="center hideobject" id="idfilter'.$this->boxcode.'">'; // hideobject is to start hidden $stringtoshow.='<div class="center hideobject" id="idfilter'.$this->boxcode.'">'; // hideobject is to start hidden
$stringtoshow.='<form class="flat formboxfilter" method="POST" action="'.$_SERVER["PHP_SELF"].'">'; $stringtoshow.='<form class="flat formboxfilter" method="POST" action="'.$_SERVER["PHP_SELF"].'">';
$stringtoshow.='<input type="hidden" name="action" value="'.$refreshaction.'">'; $stringtoshow.='<input type="hidden" name="action" value="'.$refreshaction.'">';
$stringtoshow.='<input type="hidden" name="page_y" value="">';
$stringtoshow.='<input type="hidden" name="DOL_AUTOSET_COOKIE" value="DOLUSERCOOKIE_box_'.$this->boxcode.':year,shownb,showtot">'; $stringtoshow.='<input type="hidden" name="DOL_AUTOSET_COOKIE" value="DOLUSERCOOKIE_box_'.$this->boxcode.':year,shownb,showtot">';
$stringtoshow.='<input type="checkbox" name="'.$param_shownb.'"'.($shownb?' checked':'').'> '.$langs->trans("NumberOfOrdersByMonth"); $stringtoshow.='<input type="checkbox" name="'.$param_shownb.'"'.($shownb?' checked':'').'> '.$langs->trans("NumberOfOrdersByMonth");
$stringtoshow.=' &nbsp; '; $stringtoshow.=' &nbsp; ';
$stringtoshow.='<input type="checkbox" name="'.$param_showtot.'"'.($showtot?' checked':'').'> '.$langs->trans("AmountOfOrdersByMonthHT"); $stringtoshow.='<input type="checkbox" name="'.$param_showtot.'"'.($showtot?' checked':'').'> '.$langs->trans("AmountOfOrdersByMonthHT");
$stringtoshow.='<br>'; $stringtoshow.='<br>';
$stringtoshow.=$langs->trans("Year").' <input class="flat" size="4" type="text" name="'.$param_year.'" value="'.$endyear.'">'; $stringtoshow.=$langs->trans("Year").' <input class="flat" size="4" type="text" name="'.$param_year.'" value="'.$endyear.'">';
$stringtoshow.='<input type="image" alt="'.$langs->trans("Refresh").'" src="'.img_picto($langs->trans("Refresh"),'refresh.png','','',1).'">'; $stringtoshow.='<input type="image" class="reposition inline-block valigntextbottom" alt="'.$langs->trans("Refresh").'" src="'.img_picto($langs->trans("Refresh"),'refresh.png','','',1).'">';
$stringtoshow.='</form>'; $stringtoshow.='</form>';
$stringtoshow.='</div>'; $stringtoshow.='</div>';
if ($shownb && $showtot) if ($shownb && $showtot)

3
htdocs/core/boxes/box_graph_product_distribution.php
View File

@ -338,6 +338,7 @@ class box_graph_product_distribution extends ModeleBoxes
$stringtoshow.='<div class="center hideobject" id="idfilter'.$this->boxcode.'">'; // hideobject is to start hidden $stringtoshow.='<div class="center hideobject" id="idfilter'.$this->boxcode.'">'; // hideobject is to start hidden
$stringtoshow.='<form class="flat formboxfilter" method="POST" action="'.$_SERVER["PHP_SELF"].'">'; $stringtoshow.='<form class="flat formboxfilter" method="POST" action="'.$_SERVER["PHP_SELF"].'">';
$stringtoshow.='<input type="hidden" name="action" value="'.$refreshaction.'">'; $stringtoshow.='<input type="hidden" name="action" value="'.$refreshaction.'">';
$stringtoshow.='<input type="hidden" name="page_y" value="">';
$stringtoshow.='<input type="hidden" name="DOL_AUTOSET_COOKIE" value="DOLUSERCOOKIE_box_'.$this->boxcode.':year,showinvoicenb,showpropalnb,showordernb">'; $stringtoshow.='<input type="hidden" name="DOL_AUTOSET_COOKIE" value="DOLUSERCOOKIE_box_'.$this->boxcode.':year,showinvoicenb,showpropalnb,showordernb">';
if (! empty($conf->facture->enabled) || ! empty($user->rights->facture->lire)) if (! empty($conf->facture->enabled) || ! empty($user->rights->facture->lire))
{ {
@ -355,7 +356,7 @@ class box_graph_product_distribution extends ModeleBoxes
} }
$stringtoshow.='<br>'; $stringtoshow.='<br>';
$stringtoshow.=$langs->trans("Year").' <input class="flat" size="4" type="text" name="'.$param_year.'" value="'.$year.'">'; $stringtoshow.=$langs->trans("Year").' <input class="flat" size="4" type="text" name="'.$param_year.'" value="'.$year.'">';
$stringtoshow.='<input type="image" alt="'.$langs->trans("Refresh").'" src="'.img_picto('','refresh.png','','',1).'">'; $stringtoshow.='<input type="image" class="reposition inline-block valigntextbottom" alt="'.$langs->trans("Refresh").'" src="'.img_picto('','refresh.png','','',1).'">';
$stringtoshow.='</form>'; $stringtoshow.='</form>';
$stringtoshow.='</div>'; $stringtoshow.='</div>';

3
htdocs/core/boxes/box_graph_propales_permonth.php
View File

@ -219,13 +219,14 @@ class box_graph_propales_permonth extends ModeleBoxes
$stringtoshow.='<div class="center hideobject divboxfilter" id="idfilter'.$this->boxcode.'">'; // hideobject is to start hidden $stringtoshow.='<div class="center hideobject divboxfilter" id="idfilter'.$this->boxcode.'">'; // hideobject is to start hidden
$stringtoshow.='<form class="flat formboxfilter" method="POST" action="'.$_SERVER["PHP_SELF"].'">'; $stringtoshow.='<form class="flat formboxfilter" method="POST" action="'.$_SERVER["PHP_SELF"].'">';
$stringtoshow.='<input type="hidden" name="action" value="'.$refreshaction.'">'; $stringtoshow.='<input type="hidden" name="action" value="'.$refreshaction.'">';
$stringtoshow.='<input type="hidden" name="page_y" value="">';
$stringtoshow.='<input type="hidden" name="DOL_AUTOSET_COOKIE" value="DOLUSERCOOKIE_box_'.$this->boxcode.':year,shownb,showtot">'; $stringtoshow.='<input type="hidden" name="DOL_AUTOSET_COOKIE" value="DOLUSERCOOKIE_box_'.$this->boxcode.':year,shownb,showtot">';
$stringtoshow.='<input type="checkbox" name="'.$param_shownb.'"'.($shownb?' checked':'').'> '.$langs->trans("NumberOfProposalsByMonth"); $stringtoshow.='<input type="checkbox" name="'.$param_shownb.'"'.($shownb?' checked':'').'> '.$langs->trans("NumberOfProposalsByMonth");
$stringtoshow.=' &nbsp; '; $stringtoshow.=' &nbsp; ';
$stringtoshow.='<input type="checkbox" name="'.$param_showtot.'"'.($showtot?' checked':'').'> '.$langs->trans("AmountOfProposalsByMonthHT"); $stringtoshow.='<input type="checkbox" name="'.$param_showtot.'"'.($showtot?' checked':'').'> '.$langs->trans("AmountOfProposalsByMonthHT");
$stringtoshow.='<br>'; $stringtoshow.='<br>';
$stringtoshow.=$langs->trans("Year").' <input class="flat" size="4" type="text" name="'.$param_year.'" value="'.$endyear.'">'; $stringtoshow.=$langs->trans("Year").' <input class="flat" size="4" type="text" name="'.$param_year.'" value="'.$endyear.'">';
$stringtoshow.='<input type="image" alt="'.$langs->trans("Refresh").'" src="'.img_picto($langs->trans("Refresh"),'refresh.png','','',1).'">'; $stringtoshow.='<input type="image" class="reposition inline-block valigntextbottom" alt="'.$langs->trans("Refresh").'" src="'.img_picto($langs->trans("Refresh"),'refresh.png','','',1).'">';
$stringtoshow.='</form>'; $stringtoshow.='</form>';
$stringtoshow.='</div>'; $stringtoshow.='</div>';
if ($shownb && $showtot) if ($shownb && $showtot)

142
htdocs/core/class/cookie.class.php
View File

@ -1,142 +0,0 @@
<?php
/* Copyright (C) 2009-2015 Regis Houssin <regis.houssin@capnetworks.com>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
/**
* \file htdocs/core/class/cookie.class.php
* \ingroup core
* \brief File of class to manage cookies
*/
/**
* Class to manage cookies.
* This class is used by external module multicompany but will be removed soon only and must not be used by
*
* @deprecated PHP already provide function to read/store a cookie. No need to use a dedicated class. Also storing sensitive information into cookie is forbidden, so encryption is useless.
* If a data is sensitive, it must be stored into database (if we need a long term retention) or into session.
*/
class DolCookie
{
private $_myKey;
private $_iv;
var $myCookie;
var $myValue;
var $myExpire;
var $myPath;
var $myDomain;
var $mySecure;
var $cookie;
/**
* Constructor
*
* @param string $key Personnal key
* @deprecated
*/
function __construct($key = '')
{
$this->_myKey = hash('sha256', $key, true);
$this->_iv = md5(md5($this->_myKey));
$this->cookie = "";
$this->myCookie = "";
$this->myValue = "";
}
/**
* Encrypt en create the cookie
*
* @return void
*/
private function _cryptCookie()
{
if (!empty($this->_myKey) && !empty($this->_iv))
{
$valuecrypt = base64_encode($this->myValue);
$this->cookie = base64_encode(mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $this->_myKey, $valuecrypt, MCRYPT_MODE_CBC, $this->_iv));
}
else
{
$this->cookie = $this->myValue;
}
setcookie($this->myCookie, $this->cookie, $this->myExpire, $this->myPath, $this->myDomain, $this->mySecure);
}
/**
* Decrypt the cookie
*
* @return string
*/
private function _decryptCookie()
{
if (!empty($this->_myKey) && !empty($this->_iv))
{
$this->cookie = $_COOKIE[$this->myCookie];
$this->myValue = trim(mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $this->_myKey, base64_decode($this->cookie), MCRYPT_MODE_CBC, $this->_iv));
return(base64_decode($this->myValue));
}
else
{
return($_COOKIE[$this->myCookie]);
}
}
/**
* Set and create the cookie
*
* @param string $cookie Cookie name
* @param string $value Cookie value
* @param integer $expire Expiration
* @param string $path Path of cookie
* @param string $domain Domain name
* @param int $secure 0 or 1
* @return void
*/
public function setCookie($cookie, $value, $expire=0, $path="/", $domain="", $secure=0)
{
$this->myCookie = $cookie;
$this->myValue = $value;
$this->myExpire = $expire;
$this->myPath = $path;
$this->myDomain = $domain;
$this->mySecure = $secure;
//print 'key='.$this->myKey.' name='.$this->myCookie.' value='.$this->myValue.' expire='.$this->myExpire;
$this->_cryptCookie();
}
/**
* Get the cookie
*
* @param string $cookie Cookie name
* @return string Decrypted value
*/
public function getCookie($cookie)
{
$this->myCookie = $cookie;
$decryptValue = $this->_decryptCookie();
return $decryptValue;
}
}

24
htdocs/core/class/html.formticketsup.class.php
View File

@ -113,10 +113,10 @@ class FormTicketsup
/** /**
* Show the form to input ticket * Show the form to input ticket
* *
* @param string $width Width of form * @param int $withdolfichehead With dol_fiche_head
* @return void * @return void
*/ */
public function showForm($width = '100%') public function showForm($withdolfichehead=0)
{ {
global $conf, $langs, $user, $hookmanager; global $conf, $langs, $user, $hookmanager;
@ -140,7 +140,9 @@ class FormTicketsup
print "\n<!-- Begin form TICKETSUP -->\n"; print "\n<!-- Begin form TICKETSUP -->\n";
print '<form method="POST" style="margin-bottom: 30px;" name="ticketsup" id="form_create_ticket" enctype="multipart/form-data" action="' . $this->param["returnurl"] . '">'; if ($withdolfichehead) dol_fiche_head(null, 'card', '', 0, '');
print '<form method="POST" '.($withdolfichehead?'':'style="margin-bottom: 30px;" ').'name="ticketsup" id="form_create_ticket" enctype="multipart/form-data" action="' . $this->param["returnurl"] . '">';
print '<input type="hidden" name="token" value="' . $_SESSION['newtoken'] . '">'; print '<input type="hidden" name="token" value="' . $_SESSION['newtoken'] . '">';
print '<input type="hidden" name="action" value="' . $this->action . '">'; print '<input type="hidden" name="action" value="' . $this->action . '">';
foreach ($this->param as $key => $value) { foreach ($this->param as $key => $value) {
@ -149,8 +151,7 @@ class FormTicketsup
print '<input type="hidden" name="fk_user_create" value="' . $this->fk_user_create . '">'; print '<input type="hidden" name="fk_user_create" value="' . $this->fk_user_create . '">';
dol_fiche_head(''); dol_fiche_head('');
print '<table class="tableticket centpercent">';
print '<table class="tableticket" width="' . $width . '">';
if ($this->withref) { if ($this->withref) {
@ -271,7 +272,7 @@ class FormTicketsup
dol_include_once('/' . $element . '/class/' . $subelement . '.class.php'); dol_include_once('/' . $element . '/class/' . $subelement . '.class.php');
$classname = ucfirst($subelement); $classname = ucfirst($subelement);
$objectsrc = new $classname($this->db); $objectsrc = new $classname($this->db);
$objectsrc->fetch(GETPOST('originid')); $objectsrc->fetch(GETPOST('originid','int'));
if (empty($objectsrc->lines) && method_exists($objectsrc, 'fetch_lines')) { if (empty($objectsrc->lines) && method_exists($objectsrc, 'fetch_lines')) {
$objectsrc->fetch_lines(); $objectsrc->fetch_lines();
@ -298,9 +299,12 @@ class FormTicketsup
print '</td></tr>'; print '</td></tr>';
// Notify thirdparty at creation // Notify thirdparty at creation
print '<tr><td><label for="notify_tiers_at_create">' . $langs->trans("TicketNotifyTiersAtCreation") . '</label></td><td>'; if (empty($this->ispublic))
print '<input type="checkbox" id="notify_tiers_at_create" name="notify_tiers_at_create"'.((GETPOST('notify_tiers_at_create') ? ' checked="checked"' : $this->withnotifytiersatcreate?' checked="checked"':'')).'>'; {
print '</td></tr>'; print '<tr><td><label for="notify_tiers_at_create">' . $langs->trans("TicketNotifyTiersAtCreation") . '</label></td><td>';
print '<input type="checkbox" id="notify_tiers_at_create" name="notify_tiers_at_create"'.($this->withnotifytiersatcreate?' checked="checked"':'').'>';
print '</td></tr>';
}
// TITLE // TITLE
if ($this->withtitletopic) { if ($this->withtitletopic) {
@ -395,6 +399,8 @@ class FormTicketsup
print '</table>'; print '</table>';
print '</div>'; print '</div>';
if ($withdolfichehead) dol_fiche_end();
print '<center>'; print '<center>';
print '<input class="button" type="submit" name="add_ticket" value="' . $langs->trans(($this->withthreadid > 0 ? "SendResponse" : "NewTicket")) . '" />'; print '<input class="button" type="submit" name="add_ticket" value="' . $langs->trans(($this->withthreadid > 0 ? "SendResponse" : "NewTicket")) . '" />';

21
htdocs/core/js/lib_foot.js.php
View File

@ -131,16 +131,29 @@ if ($conf->browser->layout != 'phone')
' . "\n"; ' . "\n";
} }
// Code to manage reposition
print "\n/* JS CODE TO ENABLE reposition management (does not work if a redirect is done after action of submission) */\n"; print "\n/* JS CODE TO ENABLE reposition management (does not work if a redirect is done after action of submission) */\n";
print ' print '
jQuery(document).ready(function() { jQuery(document).ready(function() {
/* If page_y set, we set scollbar with it */ /* If page_y set, we set scollbar with it */
page_y=getParameterByName(\'page_y\', 0); if (page_y > 0) $(\'html, body\').scrollTop(page_y); page_y=getParameterByName(\'page_y\', 0); /* search in GET parameter */
/* Set handler to add page_y param on some a href links */ if (page_y == 0) page_y = jQuery("#page_y").text(); /* search in POST parameter that is filed at bottom of page */
console.log("page_y found is "+page_y);
if (page_y > 0) $(\'html, body\').scrollTop(page_y);
/* Set handler to add page_y param on output (click on href links or submit button) */
jQuery(".reposition").click(function() { jQuery(".reposition").click(function() {
var page_y = $(document).scrollTop(); var page_y = $(document).scrollTop();
this.href=this.href+\'&page_y=\'+page_y; if (this.ref)
console.log("We click on tag with .reposition class. this.ref is now "+this.href) {
this.href=this.href+\'&page_y=\'+page_y;
console.log("We click on tag with .reposition class. this.ref is now "+this.href);
}
else
{
console.log("We click on tag with .reposition class but element is not an <a> html tag, so we try to update form field page_y with value "+page_y);
jQuery("input[type=hidden][name=page_y]").val(page_y);
}
}); });
});'."\n"; });'."\n";

12
htdocs/core/lib/functions.lib.php
View File

@ -3906,16 +3906,20 @@ function dol_print_error($db='',$error='',$errors=null)
* @param string $errormessage Complete error message * @param string $errormessage Complete error message
* @param array $errormessages Array of error messages * @param array $errormessages Array of error messages
* @param string $morecss More css * @param string $morecss More css
* @param string $email Email
* @return void * @return void
*/ */
function dol_print_error_email($prefixcode, $errormessage='', $errormessages=array(), $morecss='error') function dol_print_error_email($prefixcode, $errormessage='', $errormessages=array(), $morecss='error', $email='')
{ {
global $langs,$conf; global $langs,$conf;
if (empty($email)) $email=$conf->global->MAIN_INFO_SOCIETE_MAIL;
$langs->load("errors"); $langs->load("errors");
$now=dol_now(); $now=dol_now();
print '<br><div class="center login_main_message"><div class="'.$morecss.'">'; print '<br><div class="center login_main_message"><div class="'.$morecss.'">';
print $langs->trans("ErrorContactEMail", $conf->global->MAIN_INFO_SOCIETE_MAIL, $prefixcode.dol_print_date($now,'%Y%m%d')); print $langs->trans("ErrorContactEMail", $email, $prefixcode.dol_print_date($now,'%Y%m%d'));
if ($errormessage) print '<br><br>'.$errormessage; if ($errormessage) print '<br><br>'.$errormessage;
if (is_array($errormessages) && count($errormessages)) if (is_array($errormessages) && count($errormessages))
{ {
@ -6884,6 +6888,10 @@ function printCommonFooter($zone='private')
if ($zone == 'private') print "\n".'<!-- Common footer for private page -->'."\n"; if ($zone == 'private') print "\n".'<!-- Common footer for private page -->'."\n";
else print "\n".'<!-- Common footer for public page -->'."\n"; else print "\n".'<!-- Common footer for public page -->'."\n";
// A div to store page_y POST parameter so we can read it using javascript
print "\n<!-- A div to store page_y POST paramater -->\n";
print '<div id="page_y" style="display: none;">'.$_POST['page_y'].'</div>'."\n";
$parameters=array(); $parameters=array();
$reshook=$hookmanager->executeHooks('printCommonFooter',$parameters); // Note that $action and $object may have been modified by some hooks $reshook=$hookmanager->executeHooks('printCommonFooter',$parameters); // Note that $action and $object may have been modified by some hooks
if (empty($reshook)) if (empty($reshook))

63
htdocs/core/lib/security.lib.php
View File

@ -27,44 +27,75 @@
/** /**
* Encode a string with base 64 algorithm + specific change * Encode a string with base 64 algorithm + specific delta change.
* Code of this function is useless and we should use base64_encode only instead
* *
* @param string $chain string to encode * @param string $chain string to encode
* @param string $key rule to use for delta ('0', '1' or 'myownkey')
* @return string encoded string * @return string encoded string
* @see dol_decode
*/ */
function dol_encode($chain) function dol_encode($chain, $key='1')
{ {
$strlength=dol_strlen($chain); if (is_numeric($key) && $key == '1') // rule 1 is offset of 17 for char
for ($i=0; $i < $strlength; $i++)
{ {
$output_tab[$i] = chr(ord(substr($chain,$i,1))+17); $strlength=dol_strlen($chain);
for ($i=0; $i < $strlength; $i++)
{
$output_tab[$i] = chr(ord(substr($chain,$i,1))+17);
}
$chain = implode("",$output_tab);
}
elseif ($key)
{
$result='';
$strlength=dol_strlen($chain);
for ($i=0; $i < $strlength; $i++)
{
$keychar = substr($key, ($i % strlen($key))-1, 1);
$result.= chr(ord(substr($chain,$i,1))+(ord($keychar)-65));
}
$chain=$result;
} }
$string_coded = base64_encode(implode("",$output_tab)); return base64_encode($chain);
return $string_coded;
} }
/** /**
* Decode a base 64 encoded + specific string. * Decode a base 64 encoded + specific delta change.
* This function is called by filefunc.inc.php at each page call. * This function is called by filefunc.inc.php at each page call.
* Code of this function is useless and we should use base64_decode only instead
* *
* @param string $chain string to decode * @param string $chain string to decode
* @param string $key rule to use for delta ('0', '1' or 'myownkey')
* @return string decoded string * @return string decoded string
* @see dol_encode
*/ */
function dol_decode($chain) function dol_decode($chain, $key='1')
{ {
$chain = base64_decode($chain); $chain = base64_decode($chain);
$strlength=dol_strlen($chain); if (is_numeric($key) && $key == '1') // rule 1 is offset of 17 for char
for($i=0; $i < $strlength;$i++)
{ {
$output_tab[$i] = chr(ord(substr($chain,$i,1))-17); $strlength=dol_strlen($chain);
for ($i=0; $i < $strlength;$i++)
{
$output_tab[$i] = chr(ord(substr($chain,$i,1))-17);
}
$chain = implode("",$output_tab);
}
elseif ($key)
{
$result='';
$strlength=dol_strlen($chain);
for ($i=0; $i < $strlength; $i++)
{
$keychar = substr($key, ($i % strlen($key))-1, 1);
$result.= chr(ord(substr($chain, $i, 1))-(ord($keychar)-65));
}
$chain=$result;
} }
$string_decoded = implode("",$output_tab); return $chain;
return $string_decoded;
} }

2
htdocs/core/lib/ticketsup.lib.php
View File

@ -195,7 +195,7 @@ function showlogo()
$urllogo = DOL_URL_ROOT . '/theme/dolibarr_logo.png'; $urllogo = DOL_URL_ROOT . '/theme/dolibarr_logo.png';
} }
print '<center>'; print '<center>';
print '<a href="' . ($conf->global->TICKETS_URL_PUBLIC_INTERFACE ? $conf->global->TICKETS_URL_PUBLIC_INTERFACE : dol_buildpath('/ticketsup/public/index.php', 1)) . '"><img alt="Logo" id="logosubscribe" title="" src="' . $urllogo . '" style="max-width: 440px" /></a><br>'; print '<a href="' . ($conf->global->TICKETS_URL_PUBLIC_INTERFACE ? $conf->global->TICKETS_URL_PUBLIC_INTERFACE : dol_buildpath('/public/ticketsup/index.php', 1)) . '"><img alt="Logo" id="logosubscribe" title="" src="' . $urllogo . '" style="max-width: 440px" /></a><br>';
print '<strong>' . ($conf->global->TICKETS_PUBLIC_INTERFACE_TOPIC ? $conf->global->TICKETS_PUBLIC_INTERFACE_TOPIC : $langs->trans("TicketSystem")) . '</strong>'; print '<strong>' . ($conf->global->TICKETS_PUBLIC_INTERFACE_TOPIC ? $conf->global->TICKETS_PUBLIC_INTERFACE_TOPIC : $langs->trans("TicketSystem")) . '</strong>';
print '</center><br>'; print '</center><br>';
} }

350
htdocs/core/triggers/interface_50_modTicketsup_TicketEmail.class.php
View File

@ -110,189 +110,209 @@ class InterfaceTicketEmail extends DolibarrTriggers
case 'TICKET_ASSIGNED': case 'TICKET_ASSIGNED':
dol_syslog("Trigger '" . $this->name . "' for action '$action' launched by " . __FILE__ . ". id=" . $object->id); dol_syslog("Trigger '" . $this->name . "' for action '$action' launched by " . __FILE__ . ". id=" . $object->id);
if ($object->fk_user_assign > 0 && $object->fk_user_assign != $user->id) { if ($object->fk_user_assign > 0 && $object->fk_user_assign != $user->id)
{
$userstat = new User($this->db); $userstat = new User($this->db);
$res = $userstat->fetch($object->fk_user_assign); $res = $userstat->fetch($object->fk_user_assign);
if ($res) { if ($res > 0)
// Send email to assigned user {
$subject = '[' . $conf->global->MAIN_INFO_SOCIETE_NOM . '] ' . $langs->transnoentities('TicketAssignedToYou'); if (empty($conf->global->TICKETS_DISABLE_ALL_MAILS))
$message = '<p>' . $langs->transnoentities('TicketAssignedEmailBody', $object->track_id, dolGetFirstLastname($user->firstname, $user->lastname)) . "</p>"; {
$message .= '<ul><li>' . $langs->trans('Title') . ' : ' . $object->subject . '</li>'; // Init to avoid errors
$message .= '<li>' . $langs->trans('Type') . ' : ' . $object->type_label . '</li>'; $filepath = array();
$message .= '<li>' . $langs->trans('Category') . ' : ' . $object->category_label . '</li>'; $filename = array();
$message .= '<li>' . $langs->trans('Severity') . ' : ' . $object->severity_label . '</li>'; $mimetype = array();
// Extrafields
if (is_array($object->array_options) && count($object->array_options) > 0) { // Send email to assigned user
foreach ($object->array_options as $key => $value) { $subject = '[' . $conf->global->MAIN_INFO_SOCIETE_NOM . '] ' . $langs->transnoentities('TicketAssignedToYou');
$message .= '<li>' . $langs->trans($key) . ' : ' . $value . '</li>'; $message = '<p>' . $langs->transnoentities('TicketAssignedEmailBody', $object->track_id, dolGetFirstLastname($user->firstname, $user->lastname)) . "</p>";
$message .= '<ul><li>' . $langs->trans('Title') . ' : ' . $object->subject . '</li>';
$message .= '<li>' . $langs->trans('Type') . ' : ' . $object->type_label . '</li>';
$message .= '<li>' . $langs->trans('Category') . ' : ' . $object->category_label . '</li>';
$message .= '<li>' . $langs->trans('Severity') . ' : ' . $object->severity_label . '</li>';
// Extrafields
if (is_array($object->array_options) && count($object->array_options) > 0) {
foreach ($object->array_options as $key => $value) {
$message .= '<li>' . $langs->trans($key) . ' : ' . $value . '</li>';
}
}
$message .= '</ul>';
$message .= '<p>' . $langs->trans('Message') . ' : <br>' . $object->message . '</p>';
$message .= '<p><a href="' . dol_buildpath('/ticketsup/card.php', 2) . '?track_id=' . $object->track_id . '">' . $langs->trans('SeeThisTicketIntomanagementInterface') . '</a></p>';
$sendto = $userstat->email;
$from = dolGetFirstLastname($user->firstname, $user->lastname) . '<' . $user->email . '>';
$message = dol_nl2br($message);
if (!empty($conf->global->TICKETS_DISABLE_MAIL_AUTOCOPY_TO)) {
$old_MAIN_MAIL_AUTOCOPY_TO = $conf->global->MAIN_MAIL_AUTOCOPY_TO;
$conf->global->MAIN_MAIL_AUTOCOPY_TO = '';
} }
} include_once DOL_DOCUMENT_ROOT . '/core/class/CMailFile.class.php';
$mailfile = new CMailFile($subject, $sendto, $from, $message, $filepath, $mimetype, $filename, '', '', 0, -1);
$message .= '</ul>'; if ($mailfile->error) {
$message .= '<p>' . $langs->trans('Message') . ' : <br>' . $object->message . '</p>'; setEventMessage($mailfile->error, 'errors');
$message .= '<p><a href="' . dol_buildpath('/ticketsup/card.php', 2) . '?track_id=' . $object->track_id . '">' . $langs->trans('SeeThisTicketIntomanagementInterface') . '</a></p>'; } else {
$result = $mailfile->sendfile();
$sendto = $userstat->email; }
$from = dolGetFirstLastname($user->firstname, $user->lastname) . '<' . $user->email . '>'; if (!empty($conf->global->TICKETS_DISABLE_MAIL_AUTOCOPY_TO)) {
$conf->global->MAIN_MAIL_AUTOCOPY_TO = $old_MAIN_MAIL_AUTOCOPY_TO;
// Init to avoid errors }
$filepath = array(); }
$filename = array();
$mimetype = array();
$message = dol_nl2br($message);
if (!empty($conf->global->TICKETS_DISABLE_MAIL_AUTOCOPY_TO)) {
$old_MAIN_MAIL_AUTOCOPY_TO = $conf->global->MAIN_MAIL_AUTOCOPY_TO;
$conf->global->MAIN_MAIL_AUTOCOPY_TO = '';
}
include_once DOL_DOCUMENT_ROOT . '/core/class/CMailFile.class.php';
$mailfile = new CMailFile($subject, $sendto, $from, $message, $filepath, $mimetype, $filename, '', '', 0, -1);
if ($mailfile->error) {
setEventMessage($mailfile->error, 'errors');
} else {
$result = $mailfile->sendfile();
}
if (!empty($conf->global->TICKETS_DISABLE_MAIL_AUTOCOPY_TO)) {
$conf->global->MAIN_MAIL_AUTOCOPY_TO = $old_MAIN_MAIL_AUTOCOPY_TO;
}
$ok = 1; $ok = 1;
} }
else
{
$this->error = $userstat->error;
$this->errors = $userstat->errors;
}
} }
break; break;
case 'TICKET_CREATE': case 'TICKET_CREATE':
dol_syslog("Trigger '" . $this->name . "' for action '$action' launched by " . __FILE__ . ". id=" . $object->id); dol_syslog("Trigger '" . $this->name . "' for action '$action' launched by " . __FILE__ . ". id=" . $object->id);
// Init to avoid errors
$filepath = array();
$filename = array();
$mimetype = array();
$langs->load('ticketsup'); $langs->load('ticketsup');
$object->fetch('', $object->track_id); $object->fetch('', $object->track_id); // Should be useless
/* Send email to admin */
$sendto = $conf->global->TICKETS_NOTIFICATION_EMAIL_TO; // Send email to notification email
$subject = '['.$conf->global->MAIN_INFO_SOCIETE_NOM.'] '.$langs->transnoentities('TicketNewEmailSubjectAdmin');
$message_admin= $langs->transnoentities('TicketNewEmailBodyAdmin', $object->track_id)."\n\n"; if (empty($conf->global->TICKETS_DISABLE_ALL_MAILS) && empty($object->context['disableticketsupemail']))
$message_admin.='<ul><li>'.$langs->trans('Title').' : '.$object->subject.'</li>'; {
$message_admin.='<li>'.$langs->trans('Type').' : '.$object->type_label.'</li>'; $sendto = $conf->global->TICKETS_NOTIFICATION_EMAIL_TO;
$message_admin.='<li>'.$langs->trans('Category').' : '.$object->category_label.'</li>';
$message_admin.='<li>'.$langs->trans('Severity').' : '.$object->severity_label.'</li>'; if ($sendto)
$message_admin.='<li>'.$langs->trans('From').' : '.( $object->email_from ? $object->email_from : ( $object->fk_user_create > 0 ? $langs->trans('Internal') : '') ).'</li>'; {
// Extrafields // Init to avoid errors
if (is_array($object->array_options) && count($object->array_options) > 0) { $filepath = array();
foreach ($object->array_options as $key => $value) { $filename = array();
$message_admin.='<li>'.$langs->trans($key).' : '.$value.'</li>'; $mimetype = array();
/* Send email to admin */
$subject = '['.$conf->global->MAIN_INFO_SOCIETE_NOM.'] '.$langs->transnoentities('TicketNewEmailSubjectAdmin');
$message_admin= $langs->transnoentities('TicketNewEmailBodyAdmin', $object->track_id)."\n\n";
$message_admin.='<ul><li>'.$langs->trans('Title').' : '.$object->subject.'</li>';
$message_admin.='<li>'.$langs->trans('Type').' : '.$object->type_label.'</li>';
$message_admin.='<li>'.$langs->trans('Category').' : '.$object->category_label.'</li>';
$message_admin.='<li>'.$langs->trans('Severity').' : '.$object->severity_label.'</li>';
$message_admin.='<li>'.$langs->trans('From').' : '.( $object->email_from ? $object->email_from : ( $object->fk_user_create > 0 ? $langs->trans('Internal') : '') ).'</li>';
// Extrafields
if (is_array($object->array_options) && count($object->array_options) > 0) {
foreach ($object->array_options as $key => $value) {
$message_admin.='<li>'.$langs->trans($key).' : '.$value.'</li>';
}
}
$message_admin.='</ul>';
if ($object->fk_soc > 0) {
$object->fetch_thirdparty();
$message_admin.='<p>'.$langs->trans('Company'). ' : '.$object->thirdparty->name.'</p>';
}
$message_admin.='<p>'.$langs->trans('Message').' : <br>'.$object->message.'</p>';
$message_admin.='<p><a href="'.dol_buildpath('/ticketsup/card.php', 2).'?track_id='.$object->track_id.'">'.$langs->trans('SeeThisTicketIntomanagementInterface').'</a></p>';
$from = $conf->global->MAIN_INFO_SOCIETE_NOM.'<'.$conf->global->TICKETS_NOTIFICATION_EMAIL_FROM.'>';
$replyto = $from;
$message_admin = dol_nl2br($message_admin);
if (!empty($conf->global->TICKETS_DISABLE_MAIL_AUTOCOPY_TO)) {
$old_MAIN_MAIL_AUTOCOPY_TO = $conf->global->MAIN_MAIL_AUTOCOPY_TO;
$conf->global->MAIN_MAIL_AUTOCOPY_TO = '';
}
include_once DOL_DOCUMENT_ROOT.'/core/class/CMailFile.class.php';
$mailfile = new CMailFile($subject, $sendto, $from, $message_admin, $filepath, $mimetype, $filename, $sendtocc, '', $deliveryreceipt, -1);
if ($mailfile->error) {
dol_syslog($mailfile->error, LOG_DEBUG);
} else {
$result=$mailfile->sendfile();
}
if (!empty($conf->global->TICKETS_DISABLE_MAIL_AUTOCOPY_TO)) {
$conf->global->MAIN_MAIL_AUTOCOPY_TO = $old_MAIN_MAIL_AUTOCOPY_TO;
}
}
}
// Send email to customer
if (empty($conf->global->TICKETS_DISABLE_ALL_MAILS) && empty($object->context['disableticketsupemail']) && $object->notify_tiers_at_create)
{
$sendto = '';
if (empty($user->socid) && empty($user->email)) {
$object->fetch_thirdparty();
$sendto = $object->thirdparty->email;
} else {
$sendto = $user->email;
}
if ($sendto) {
// Init to avoid errors
$filepath = array();
$filename = array();
$mimetype = array();
$subject = '['.$conf->global->MAIN_INFO_SOCIETE_NOM.'] '.$langs->transnoentities('TicketNewEmailSubjectCustomer');
$message_customer= $langs->transnoentities('TicketNewEmailBodyCustomer', $object->track_id)."\n\n";
$message_customer.='<ul><li>'.$langs->trans('Title').' : '.$object->subject.'</li>';
$message_customer.='<li>'.$langs->trans('Type').' : '.$object->type_label.'</li>';
$message_customer.='<li>'.$langs->trans('Category').' : '.$object->category_label.'</li>';
$message_customer.='<li>'.$langs->trans('Severity').' : '.$object->severity_label.'</li>';
// Extrafields
foreach ($this->attributes[$object->table_element]['label'] as $key => $value)
{
$enabled = 1;
if ($enabled && isset($this->attributes[$object->table_element]['list'][$key]))
{
$enabled = dol_eval($this->attributes[$object->table_element]['list'][$key], 1);
}
$perms = 1;
if ($perms && isset($this->attributes[$object->table_element]['perms'][$key]))
{
$perms = dol_eval($this->attributes[$object->table_element]['perms'][$key], 1);
}
$qualified = true;
if (empty($enabled)) $qualified = false;
if (empty($perms)) $qualified = false;
if ($qualified) $message_customer.='<li>'.$langs->trans($key).' : '.$value.'</li>';
}
$message_customer.='</ul>';
$message_customer.='<p>'.$langs->trans('Message').' : <br>'.$object->message.'</p>';
$url_public_ticket = ($conf->global->TICKETS_URL_PUBLIC_INTERFACE?$conf->global->TICKETS_URL_PUBLIC_INTERFACE.'/':dol_buildpath('/public/ticketsup/view.php', 2)).'?track_id='.$object->track_id;
$message_customer.='<p>' . $langs->trans('TicketNewEmailBodyInfosTrackUrlCustomer') . ' : <a href="'.$url_public_ticket.'">'.$url_public_ticket.'</a></p>';
$message_customer.='<p>'.$langs->trans('TicketEmailPleaseDoNotReplyToThisEmail').'</p>';
$from = $conf->global->MAIN_INFO_SOCIETE_NOM.'<'.$conf->global->TICKETS_NOTIFICATION_EMAIL_FROM.'>';
$replyto = $from;
$message_customer = dol_nl2br($message_customer);
if (!empty($conf->global->TICKETS_DISABLE_MAIL_AUTOCOPY_TO)) {
$old_MAIN_MAIL_AUTOCOPY_TO = $conf->global->MAIN_MAIL_AUTOCOPY_TO;
$conf->global->MAIN_MAIL_AUTOCOPY_TO = '';
}
include_once DOL_DOCUMENT_ROOT.'/core/class/CMailFile.class.php';
$mailfile = new CMailFile($subject, $sendto, $from, $message_customer, $filepath, $mimetype, $filename, $sendtocc, '', $deliveryreceipt, -1);
if ($mailfile->error) {
dol_syslog($mailfile->error, LOG_DEBUG);
} else {
$result=$mailfile->sendfile();
}
if (!empty($conf->global->TICKETS_DISABLE_MAIL_AUTOCOPY_TO)) {
$conf->global->MAIN_MAIL_AUTOCOPY_TO = $old_MAIN_MAIL_AUTOCOPY_TO;
}
} }
} }
$message_admin.='</ul>';
if ($object->fk_soc > 0) {
$object->fetch_thirdparty();
$message_admin.='<p>'.$langs->trans('Company'). ' : '.$object->thirdparty->name.'</p>';
}
$message_admin.='<p>'.$langs->trans('Message').' : <br>'.$object->message.'</p>';
$message_admin.='<p><a href="'.dol_buildpath('/ticketsup/card.php', 2).'?track_id='.$object->track_id.'">'.$langs->trans('SeeThisTicketIntomanagementInterface').'</a></p>';
$from = $conf->global->MAIN_INFO_SOCIETE_NOM.'<'.$conf->global->TICKETS_NOTIFICATION_EMAIL_FROM.'>';
$replyto = $from;
$message_admin = dol_nl2br($message_admin);
if (!empty($conf->global->TICKETS_DISABLE_MAIL_AUTOCOPY_TO)) {
$old_MAIN_MAIL_AUTOCOPY_TO = $conf->global->MAIN_MAIL_AUTOCOPY_TO;
$conf->global->MAIN_MAIL_AUTOCOPY_TO = '';
}
include_once DOL_DOCUMENT_ROOT.'/core/class/CMailFile.class.php';
$mailfile = new CMailFile($subject, $sendto, $from, $message_admin, $filepath, $mimetype, $filename, $sendtocc, '', $deliveryreceipt, -1);
if ($mailfile->error) {
dol_syslog($mailfile->error, LOG_DEBUG);
} else {
$result=$mailfile->sendfile();
}
if (!empty($conf->global->TICKETS_DISABLE_MAIL_AUTOCOPY_TO)) {
$conf->global->MAIN_MAIL_AUTOCOPY_TO = $old_MAIN_MAIL_AUTOCOPY_TO;
}
/* Send email to customer */
$sendto = '';
if (empty($user->socid) && empty($user->email)) {
$object->fetch_thirdparty();
$sendto = $object->thirdparty->email;
} else {
$sendto = $user->email;
}
if ($sendto && $object->notify_tiers_at_create) {
$subject = '['.$conf->global->MAIN_INFO_SOCIETE_NOM.'] '.$langs->transnoentities('TicketNewEmailSubjectCustomer');
$message_customer= $langs->transnoentities('TicketNewEmailBodyCustomer', $object->track_id)."\n\n";
$message_customer.='<ul><li>'.$langs->trans('Title').' : '.$object->subject.'</li>';
$message_customer.='<li>'.$langs->trans('Type').' : '.$object->type_label.'</li>';
$message_customer.='<li>'.$langs->trans('Category').' : '.$object->category_label.'</li>';
$message_customer.='<li>'.$langs->trans('Severity').' : '.$object->severity_label.'</li>';
// Extrafields
foreach ($this->attributes[$object->table_element]['label'] as $key => $value)
{
$enabled = 1;
if ($enabled && isset($this->attributes[$object->table_element]['list'][$key]))
{
$enabled = dol_eval($this->attributes[$object->table_element]['list'][$key], 1);
}
$perms = 1;
if ($perms && isset($this->attributes[$object->table_element]['perms'][$key]))
{
$perms = dol_eval($this->attributes[$object->table_element]['perms'][$key], 1);
}
$qualified = true;
if (empty($enabled)) $qualified = false;
if (empty($perms)) $qualified = false;
if ($qualified) $message_customer.='<li>'.$langs->trans($key).' : '.$value.'</li>';
}
$message_customer.='</ul>';
$message_customer.='<p>'.$langs->trans('Message').' : <br>'.$object->message.'</p>';
$url_public_ticket = ($conf->global->TICKETS_URL_PUBLIC_INTERFACE?$conf->global->TICKETS_URL_PUBLIC_INTERFACE.'/':dol_buildpath('/ticketsup/public/view.php', 2)).'?track_id='.$object->track_id;
$message_customer.='<p>' . $langs->trans('TicketNewEmailBodyInfosTrackUrlCustomer') . ' : <a href="'.$url_public_ticket.'">'.$url_public_ticket.'</a></p>';
$message_customer.='<p>'.$langs->trans('TicketEmailPleaseDoNotReplyToThisEmail').'</p>';
$from = $conf->global->MAIN_INFO_SOCIETE_NOM.'<'.$conf->global->TICKETS_NOTIFICATION_EMAIL_FROM.'>';
$replyto = $from;
// Init to avoid errors
$filepath = array();
$filename = array();
$mimetype = array();
$message_customer = dol_nl2br($message_customer);
if (!empty($conf->global->TICKETS_DISABLE_MAIL_AUTOCOPY_TO)) {
$old_MAIN_MAIL_AUTOCOPY_TO = $conf->global->MAIN_MAIL_AUTOCOPY_TO;
$conf->global->MAIN_MAIL_AUTOCOPY_TO = '';
}
include_once DOL_DOCUMENT_ROOT.'/core/class/CMailFile.class.php';
$mailfile = new CMailFile($subject, $sendto, $from, $message_customer, $filepath, $mimetype, $filename, $sendtocc, '', $deliveryreceipt, -1);
if ($mailfile->error) {
dol_syslog($mailfile->error, LOG_DEBUG);
} else {
$result=$mailfile->sendfile();
}
if (!empty($conf->global->TICKETS_DISABLE_MAIL_AUTOCOPY_TO)) {
$conf->global->MAIN_MAIL_AUTOCOPY_TO = $old_MAIN_MAIL_AUTOCOPY_TO;
}
}
$ok = 1; $ok = 1;
break; break;
case 'TICKET_DELETE': case 'TICKET_DELETE':

3
htdocs/langs/en_US/dict.lang
View File

@ -5,7 +5,8 @@ CountryIT=Italy
CountryES=Spain CountryES=Spain
CountryDE=Germany CountryDE=Germany
CountryCH=Switzerland CountryCH=Switzerland
CountryGB=Great Britain # Warning, country code GB is for United Kingdom. UK Does not exists as country code in ISO standard.
CountryGB=United Kingdom
CountryUK=United Kingdom CountryUK=United Kingdom
CountryIE=Ireland CountryIE=Ireland
CountryCN=China CountryCN=China

2
htdocs/main.inc.php
View File

@ -198,7 +198,7 @@ if (! empty($_POST["DOL_AUTOSET_COOKIE"]))
{ {
$tmpautoset=explode(':',$_POST["DOL_AUTOSET_COOKIE"],2); $tmpautoset=explode(':',$_POST["DOL_AUTOSET_COOKIE"],2);
$tmplist=explode(',',$tmpautoset[1]); $tmplist=explode(',',$tmpautoset[1]);
$cookiearrayvalue=''; $cookiearrayvalue=array();
foreach ($tmplist as $tmpkey) foreach ($tmplist as $tmpkey)
{ {
$postkey=$tmpautoset[0].'_'.$tmpkey; $postkey=$tmpautoset[0].'_'.$tmpkey;

4
htdocs/margin/admin/margin.php
View File

@ -42,7 +42,7 @@ $action=GETPOST('action','alpha');
/* /*
* Action * Action
*/ */
if (preg_match('/set_(.*)/',$action,$reg)) if (preg_match('/set_([a-z0-9_\-]+)/i',$action,$reg))
{ {
$code=$reg[1]; $code=$reg[1];
if (dolibarr_set_const($db, $code, 1, 'yesno', 0, '', $conf->entity) > 0) if (dolibarr_set_const($db, $code, 1, 'yesno', 0, '', $conf->entity) > 0)
@ -56,7 +56,7 @@ if (preg_match('/set_(.*)/',$action,$reg))
} }
} }
if (preg_match('/del_(.*)/',$action,$reg)) if (preg_match('/del_([a-z0-9_\-]+)/i',$action,$reg))
{ {
$code=$reg[1]; $code=$reg[1];
if (dolibarr_del_const($db, $code, $conf->entity) > 0) if (dolibarr_del_const($db, $code, $conf->entity) > 0)

164
htdocs/public/ticketsup/create_ticket.php
View File

@ -17,9 +17,9 @@
*/ */
/** /**
* Display public form to add new ticket * \file htdocs/public/ticketsup/index.php
* * \ingroup ticketsup
* \ingroup ticketsup * \brief Display public form to add new ticket
*/ */
if (!defined('NOREQUIREUSER')) { if (!defined('NOREQUIREUSER')) {
define('NOREQUIREUSER', '1'); define('NOREQUIREUSER', '1');
@ -127,11 +127,11 @@ if ($action == 'create_ticket' && GETPOST('add_ticket')) {
} }
} }
if (!GETPOST("subject")) { if (!GETPOST("subject","none")) {
$error++; $error++;
array_push($object->errors, $langs->trans("ErrorFieldRequired", $langs->transnoentities("Subject"))); array_push($object->errors, $langs->trans("ErrorFieldRequired", $langs->transnoentities("Subject")));
$action = ''; $action = '';
} elseif (!GETPOST("message")) { } elseif (!GETPOST("message","none")) {
$error++; $error++;
array_push($object->errors, $langs->trans("ErrorFieldRequired", $langs->transnoentities("message"))); array_push($object->errors, $langs->trans("ErrorFieldRequired", $langs->transnoentities("message")));
$action = ''; $action = '';
@ -149,13 +149,13 @@ if ($action == 'create_ticket' && GETPOST('add_ticket')) {
$object->track_id = generate_random_id(16); $object->track_id = generate_random_id(16);
$object->subject = GETPOST("subject"); $object->subject = GETPOST("subject","none");
$object->message = GETPOST("message"); $object->message = GETPOST("message","none");
$object->origin_email = $origin_email; $object->origin_email = $origin_email;
$object->type_code = GETPOST("type_code"); $object->type_code = GETPOST("type_code", 'az09');
$object->category_code = GETPOST("category_code"); $object->category_code = GETPOST("category_code", 'az09');
$object->severity_code = GETPOST("severity_code"); $object->severity_code = GETPOST("severity_code", 'az09');
if (is_array($searched_companies)) { if (is_array($searched_companies)) {
$object->fk_soc = $searched_companies[0]->id; $object->fk_soc = $searched_companies[0]->id;
} }
@ -172,7 +172,10 @@ if ($action == 'create_ticket' && GETPOST('add_ticket')) {
if (!is_object($user)) { if (!is_object($user)) {
$user = new User($db); $user = new User($db);
} }
$id = $object->create($user, 1); // Disable trigger for email (send by this page)
$object->context['disableticketsupemail']=1; // Disable emails sent by ticketsup trigger when creation is done from this page, emails are already sent later
$id = $object->create($user);
if ($id <= 0) { if ($id <= 0) {
$error++; $error++;
$errors = ($object->error ? array($object->error) : $object->errors); $errors = ($object->error ? array($object->error) : $object->errors);
@ -184,9 +187,20 @@ if ($action == 'create_ticket' && GETPOST('add_ticket')) {
if ($usertoassign > 0) { if ($usertoassign > 0) {
$object->add_contact($usertoassign, "SUPPORTCLI", 'external', $notrigger = 0); $object->add_contact($usertoassign, "SUPPORTCLI", 'external', $notrigger = 0);
} }
}
$object->db->commit(); if (! $error)
{
$object->db->commit();
$action = "infos_success";
} else {
$object->db->rollback();
setEventMessage($object->errors, 'errors');
$action = 'create_ticket';
}
if (! $error)
{
$res = $object->fetch($id); $res = $object->fetch($id);
if ($res) { if ($res) {
// Create form object // Create form object
@ -205,18 +219,19 @@ if ($action == 'create_ticket' && GETPOST('add_ticket')) {
$mimetype = $attachedfiles['mimes']; $mimetype = $attachedfiles['mimes'];
// Send email to customer // Send email to customer
$subject = '[' . $conf->global->MAIN_INFO_SOCIETE_NOM . '] ' . $langs->transnoentities('TicketNewEmailSubject'); $subject = '[' . $conf->global->MAIN_INFO_SOCIETE_NOM . '] ' . $langs->transnoentities('TicketNewEmailSubject');
$message .= ($conf->global->TICKETS_MESSAGE_MAIL_NEW ? $conf->global->TICKETS_MESSAGE_MAIL_NEW : $langs->transnoentities('TicketNewEmailBody')) . "\n\n"; $message .= ($conf->global->TICKETS_MESSAGE_MAIL_NEW ? $conf->global->TICKETS_MESSAGE_MAIL_NEW : $langs->transnoentities('TicketNewEmailBody')) . "\n\n";
$message .= $langs->transnoentities('TicketNewEmailBodyInfosTicket') . "\n"; $message .= $langs->transnoentities('TicketNewEmailBodyInfosTicket') . "\n";
$url_public_ticket = ($conf->global->TICKETS_URL_PUBLIC_INTERFACE ? $conf->global->TICKETS_URL_PUBLIC_INTERFACE . '/' : dol_buildpath('/ticketsup/public/view.php', 2)) . '?track_id=' . $object->track_id; $url_public_ticket = ($conf->global->TICKETS_URL_PUBLIC_INTERFACE ? $conf->global->TICKETS_URL_PUBLIC_INTERFACE . '/' : dol_buildpath('/public/ticketsup/view.php', 2)) . '?track_id=' . $object->track_id;
$infos_new_ticket = $langs->transnoentities('TicketNewEmailBodyInfosTrackId', '<a href="' . $url_public_ticket . '">' . $object->track_id . '</a>') . "\n"; $infos_new_ticket = $langs->transnoentities('TicketNewEmailBodyInfosTrackId', '<a href="' . $url_public_ticket . '">' . $object->track_id . '</a>') . "\n";
$infos_new_ticket .= $langs->transnoentities('TicketNewEmailBodyInfosTrackUrl') . "\n\n"; $infos_new_ticket .= $langs->transnoentities('TicketNewEmailBodyInfosTrackUrl') . "\n\n";
$message .= dol_nl2br($infos_new_ticket); $message .= dol_nl2br($infos_new_ticket);
$message .= $conf->global->TICKETS_MESSAGE_MAIL_SIGNATURE ? $conf->global->TICKETS_MESSAGE_MAIL_SIGNATURE : $langs->transnoentities('TicketMessageMailSignatureText'); $message .= $conf->global->TICKETS_MESSAGE_MAIL_SIGNATURE ? $conf->global->TICKETS_MESSAGE_MAIL_SIGNATURE : $langs->transnoentities('TicketMessageMailSignatureText');
$sendto = GETPOST('email'); $sendto = GETPOST('email','alpha');
$from = $conf->global->MAIN_INFO_SOCIETE_NOM . '<' . $conf->global->TICKETS_NOTIFICATION_EMAIL_FROM . '>'; $from = $conf->global->MAIN_INFO_SOCIETE_NOM . '<' . $conf->global->TICKETS_NOTIFICATION_EMAIL_FROM . '>';
$replyto = $from; $replyto = $from;
@ -238,79 +253,80 @@ if ($action == 'create_ticket' && GETPOST('add_ticket')) {
$conf->global->MAIN_MAIL_AUTOCOPY_TO = $old_MAIN_MAIL_AUTOCOPY_TO; $conf->global->MAIN_MAIL_AUTOCOPY_TO = $old_MAIN_MAIL_AUTOCOPY_TO;
} }
/* Send email to admin */
// Send email to TICKETS_NOTIFICATION_EMAIL_TO
$sendto = $conf->global->TICKETS_NOTIFICATION_EMAIL_TO; $sendto = $conf->global->TICKETS_NOTIFICATION_EMAIL_TO;
$subject = '[' . $conf->global->MAIN_INFO_SOCIETE_NOM . '] ' . $langs->transnoentities('TicketNewEmailSubjectAdmin');
$message_admin = $langs->transnoentities('TicketNewEmailBodyAdmin', $object->track_id) . "\n\n";
$message_admin .= '<ul><li>' . $langs->trans('Title') . ' : ' . $object->subject . '</li>';
$message_admin .= '<li>' . $langs->trans('Type') . ' : ' . $object->type_label . '</li>';
$message_admin .= '<li>' . $langs->trans('Category') . ' : ' . $object->category_label . '</li>';
$message_admin .= '<li>' . $langs->trans('Severity') . ' : ' . $object->severity_label . '</li>';
$message_admin .= '<li>' . $langs->trans('From') . ' : ' . $object->origin_email . '</li>';
if (is_array($extrafields->attributes[$object->table_element]['label'])) if ($sendto)
{ {
foreach($extrafields->attributes[$object->table_element]['label'] as $key => $val) $subject = '[' . $conf->global->MAIN_INFO_SOCIETE_NOM . '] ' . $langs->transnoentities('TicketNewEmailSubjectAdmin');
{ $message_admin = $langs->transnoentities('TicketNewEmailBodyAdmin', $object->track_id) . "\n\n";
$enabled = 1; $message_admin .= '<ul><li>' . $langs->trans('Title') . ' : ' . $object->subject . '</li>';
if ($qualified && isset($extrafields->attributes[$object->table_element]['list'][$key])) $message_admin .= '<li>' . $langs->trans('Type') . ' : ' . $object->type_label . '</li>';
{ $message_admin .= '<li>' . $langs->trans('Category') . ' : ' . $object->category_label . '</li>';
$enabled = dol_eval($extrafields->attributes[$object->table_element]['list'][$key], 1); $message_admin .= '<li>' . $langs->trans('Severity') . ' : ' . $object->severity_label . '</li>';
} $message_admin .= '<li>' . $langs->trans('From') . ' : ' . $object->origin_email . '</li>';
$perms = 1;
if ($perms && isset($extrafields->attributes[$object->table_element]['perms'][$key]))
{
$perms = dol_eval($extrafields->attributes[$object->table_element]['perms'][$key], 1);
}
$qualified=true; if (is_array($extrafields->attributes[$object->table_element]['label']))
if (empty($enabled) || $enabled == 2) $qualified = false; {
if (empty($perms)) $qualified = false; foreach($extrafields->attributes[$object->table_element]['label'] as $key => $val)
if ($qualified) $message_admin .= '<li>' . $langs->trans($key) . ' : ' . $value . '</li>'; {
} $enabled = 1;
} if ($qualified && isset($extrafields->attributes[$object->table_element]['list'][$key]))
{
$enabled = dol_eval($extrafields->attributes[$object->table_element]['list'][$key], 1);
}
$perms = 1;
if ($perms && isset($extrafields->attributes[$object->table_element]['perms'][$key]))
{
$perms = dol_eval($extrafields->attributes[$object->table_element]['perms'][$key], 1);
}
$message_admin .= '</ul>'; $qualified=true;
$message_admin .= '<p>' . $langs->trans('Message') . ' : <br>' . $object->message . '</p>'; if (empty($enabled) || $enabled == 2) $qualified = false;
$message_admin .= '<p><a href="' . dol_buildpath('/ticketsup/card.php', 2) . '?track_id=' . $object->track_id . '">' . $langs->trans('SeeThisTicketIntomanagementInterface') . '</a></p>'; if (empty($perms)) $qualified = false;
if ($qualified) $message_admin .= '<li>' . $langs->trans($key) . ' : ' . $value . '</li>';
}
}
$from = $conf->global->MAIN_INFO_SOCIETE_NOM . '<' . $conf->global->TICKETS_NOTIFICATION_EMAIL_FROM . '>'; $message_admin .= '</ul>';
$replyto = $from; $message_admin .= '<p>' . $langs->trans('Message') . ' : <br>' . $object->message . '</p>';
$message_admin .= '<p><a href="' . dol_buildpath('/ticketsup/card.php', 2) . '?track_id=' . $object->track_id . '">' . $langs->trans('SeeThisTicketIntomanagementInterface') . '</a></p>';
$message_admin = dol_nl2br($message_admin); $from = $conf->global->MAIN_INFO_SOCIETE_NOM . '<' . $conf->global->TICKETS_NOTIFICATION_EMAIL_FROM . '>';
$replyto = $from;
if (!empty($conf->global->TICKETS_DISABLE_MAIL_AUTOCOPY_TO)) { $message_admin = dol_nl2br($message_admin);
$old_MAIN_MAIL_AUTOCOPY_TO = $conf->global->MAIN_MAIL_AUTOCOPY_TO;
$conf->global->MAIN_MAIL_AUTOCOPY_TO = '';
}
include_once DOL_DOCUMENT_ROOT . '/core/class/CMailFile.class.php';
$mailfile = new CMailFile($subject, $sendto, $from, $message_admin, $filepath, $mimetype, $filename, $sendtocc, '', $deliveryreceipt, -1);
if ($mailfile->error) {
setEventMessage($mailfile->error, 'errors');
} else {
$result = $mailfile->sendfile();
}
if (!empty($conf->global->TICKETS_DISABLE_MAIL_AUTOCOPY_TO)) {
$conf->global->MAIN_MAIL_AUTOCOPY_TO = $old_MAIN_MAIL_AUTOCOPY_TO;
}
// Copy files into ticket directory if (!empty($conf->global->TICKETS_DISABLE_MAIL_AUTOCOPY_TO)) {
$destdir = $conf->ticketsup->dir_output . '/' . $object->track_id; $old_MAIN_MAIL_AUTOCOPY_TO = $conf->global->MAIN_MAIL_AUTOCOPY_TO;
if (!dol_is_dir($destdir)) { $conf->global->MAIN_MAIL_AUTOCOPY_TO = '';
dol_mkdir($destdir); }
} include_once DOL_DOCUMENT_ROOT . '/core/class/CMailFile.class.php';
foreach ($filename as $i => $val) { $mailfile = new CMailFile($subject, $sendto, $from, $message_admin, $filepath, $mimetype, $filename, $sendtocc, '', $deliveryreceipt, -1);
dol_move($filepath[$i], $destdir . '/' . $filename[$i], 0, 1); if ($mailfile->error) {
$formmail->remove_attached_files($i); setEventMessage($mailfile->error, 'errors');
} else {
$result = $mailfile->sendfile();
}
if (!empty($conf->global->TICKETS_DISABLE_MAIL_AUTOCOPY_TO)) {
$conf->global->MAIN_MAIL_AUTOCOPY_TO = $old_MAIN_MAIL_AUTOCOPY_TO;
}
} }
} }
// Copy files into ticket directory
$destdir = $conf->ticketsup->dir_output . '/' . $object->track_id;
if (! dol_is_dir($destdir)) {
dol_mkdir($destdir);
}
foreach ($filename as $i => $val) {
dol_move($filepath[$i], $destdir . '/' . $filename[$i], 0, 1);
$formmail->remove_attached_files($i);
}
setEventMessage($langs->trans('YourTicketSuccessfullySaved')); setEventMessage($langs->trans('YourTicketSuccessfullySaved'));
$action = "infos_success";
} else {
$object->db->rollback();
setEventMessage($object->errors, 'errors');
$action = 'create_ticket';
} }
} else { } else {
setEventMessage($object->errors, 'errors'); setEventMessage($object->errors, 'errors');

6
htdocs/public/ticketsup/index.php
View File

@ -16,9 +16,9 @@
*/ */
/** /**
* \file ticketsup/public/index.php * \file htdocs/public/ticketsup/index.php
* \ingroup ticketsup * \ingroup ticketsup
* \brief Public file to add and manage ticket * \brief Public file to add and manage ticket
*/ */
//if (! defined('NOREQUIREUSER')) define('NOREQUIREUSER','1'); //if (! defined('NOREQUIREUSER')) define('NOREQUIREUSER','1');

10
htdocs/public/ticketsup/list.php
View File

@ -16,9 +16,9 @@
*/ */
/** /**
* \file ticketsup/public/index.php * \file htdocs/public/ticketsup/list.php
* \ingroup ticketsup * \ingroup ticketsup
* \brief Public file to add and manage ticket * \brief Public file to add and manage ticket
*/ */
if (!defined('NOCSRFCHECK')) { if (!defined('NOCSRFCHECK')) {
@ -155,7 +155,7 @@ if ($action == "view_ticketlist") {
$search_fk_user_assign = GETPOST("search_fk_user_assign", 'int'); $search_fk_user_assign = GETPOST("search_fk_user_assign", 'int');
// Store current page url // Store current page url
$url_page_current = dol_buildpath('/ticketsup/public/list.php', 1); $url_page_current = dol_buildpath('/public/ticketsup/list.php', 1);
// Do we click on purge search criteria ? // Do we click on purge search criteria ?
if (GETPOST("button_removefilter_x")) { if (GETPOST("button_removefilter_x")) {
@ -633,7 +633,7 @@ if ($action == "view_ticketlist") {
print '</table>'; print '</table>';
print '</form>'; print '</form>';
print '<form method="post" id="form_view_ticket" name="form_view_ticket" enctype="multipart/form-data" action="' . dol_buildpath('/ticketsup/public/view.php', 1) . '" style="display:none;">'; print '<form method="post" id="form_view_ticket" name="form_view_ticket" enctype="multipart/form-data" action="' . dol_buildpath('/public/ticketsup/view.php', 1) . '" style="display:none;">';
print '<input type="hidden" name="token" value="' . $_SESSION['newtoken'] . '">'; print '<input type="hidden" name="token" value="' . $_SESSION['newtoken'] . '">';
print '<input type="hidden" name="action" value="view_ticket">'; print '<input type="hidden" name="action" value="view_ticket">';
print '<input type="hidden" name="btn_view_ticket_list" value="1">'; print '<input type="hidden" name="btn_view_ticket_list" value="1">';

2
htdocs/public/ticketsup/view.php
View File

@ -16,7 +16,7 @@
*/ */
/** /**
* \file ticketsup/public/index.php * \file htdocs/public/ticketsup/index.php
* \ingroup ticketsup * \ingroup ticketsup
* \brief Public file to add and manage ticket * \brief Public file to add and manage ticket
*/ */

4
htdocs/ticketsup/class/actions_ticketsup.class.php
View File

@ -759,7 +759,7 @@ class ActionsTicketsup
$url_public_ticket = (!empty($conf->global->TICKETS_ENABLE_PUBLIC_INTERFACE) ? $url_public_ticket = (!empty($conf->global->TICKETS_ENABLE_PUBLIC_INTERFACE) ?
(!empty($conf->global->TICKETS_URL_PUBLIC_INTERFACE) ? (!empty($conf->global->TICKETS_URL_PUBLIC_INTERFACE) ?
$conf->global->TICKETS_URL_PUBLIC_INTERFACE . '/view.php' : $conf->global->TICKETS_URL_PUBLIC_INTERFACE . '/view.php' :
dol_buildpath('/ticketsup/public/view.php', 2) dol_buildpath('/public/ticketsup/view.php', 2)
) : ) :
dol_buildpath('/ticketsup/card.php', 2) dol_buildpath('/ticketsup/card.php', 2)
) . '?track_id=' . $object->track_id; ) . '?track_id=' . $object->track_id;
@ -928,7 +928,7 @@ class ActionsTicketsup
$message .= (!empty($recipient) ? $langs->trans('TicketNotificationRecipient') . ' : ' . $recipient . "\n" : ''); $message .= (!empty($recipient) ? $langs->trans('TicketNotificationRecipient') . ' : ' . $recipient . "\n" : '');
} }
$url_public_ticket = ($conf->global->TICKETS_URL_PUBLIC_INTERFACE ? $conf->global->TICKETS_URL_PUBLIC_INTERFACE . '/view.php' : dol_buildpath('/ticketsup/public/view.php', 2)) . '?track_id=' . $object->track_id; $url_public_ticket = ($conf->global->TICKETS_URL_PUBLIC_INTERFACE ? $conf->global->TICKETS_URL_PUBLIC_INTERFACE . '/view.php' : dol_buildpath('/public/ticketsup/view.php', 2)) . '?track_id=' . $object->track_id;
$message .= "\n\n" . $langs->trans('TicketNewEmailBodyInfosTrackUrlCustomer') . ' : ' . $url_public_ticket . "\n"; $message .= "\n\n" . $langs->trans('TicketNewEmailBodyInfosTrackUrlCustomer') . ' : ' . $url_public_ticket . "\n";
// Add signature // Add signature

2
htdocs/ticketsup/class/ticketsup.class.php
View File

@ -1588,7 +1588,7 @@ class Ticketsup extends CommonObject
$url_internal_ticket = dol_buildpath('/ticketsup/card.php', 2) . '?track_id=' . $this->track_id; $url_internal_ticket = dol_buildpath('/ticketsup/card.php', 2) . '?track_id=' . $this->track_id;
$message .= "\n" . $langs->transnoentities('TicketNotificationEmailBodyInfosTrackUrlinternal') . ' : ' . '<a href="' . $url_internal_ticket . '">' . $this->track_id . '</a>' . "\n"; $message .= "\n" . $langs->transnoentities('TicketNotificationEmailBodyInfosTrackUrlinternal') . ' : ' . '<a href="' . $url_internal_ticket . '">' . $this->track_id . '</a>' . "\n";
} else { } else {
$url_public_ticket = ($conf->global->TICKETS_URL_PUBLIC_INTERFACE ? $conf->global->TICKETS_URL_PUBLIC_INTERFACE . '/' : dol_buildpath('/ticketsup/public/view.php', 2)) . '?track_id=' . $this->track_id; $url_public_ticket = ($conf->global->TICKETS_URL_PUBLIC_INTERFACE ? $conf->global->TICKETS_URL_PUBLIC_INTERFACE . '/' : dol_buildpath('/public/ticketsup/view.php', 2)) . '?track_id=' . $this->track_id;
$message .= "\n" . $langs->transnoentities('TicketNewEmailBodyInfosTrackUrlCustomer') . ' : ' . '<a href="' . $url_public_ticket . '">' . $this->track_id . '</a>' . "\n"; $message .= "\n" . $langs->transnoentities('TicketNewEmailBodyInfosTrackUrlCustomer') . ' : ' . '<a href="' . $url_public_ticket . '">' . $this->track_id . '</a>' . "\n";
} }

2
htdocs/ticketsup/new.php
View File

@ -88,7 +88,7 @@ if ($action == 'create_ticket') {
$defaultref = ''; $defaultref = '';
} }
$formticket->showForm(); $formticket->showForm(1);
} }
//$somethingshown=$object->showLinkedObjectBlock(); //$somethingshown=$object->showLinkedObjectBlock();

9
test/phpunit/SecurityTest.php
View File

@ -234,12 +234,17 @@ class SecurityTest extends PHPUnit_Framework_TestCase
*/ */
public function testEncodeDecode() public function testEncodeDecode()
{ {
$stringtotest="This is a string to test encode/decode"; $stringtotest="This is a string to test encode/decode. This is a string to test encode/decode. This is a string to test encode/decode.";
$encodedstring=dol_encode($stringtotest); $encodedstring=dol_encode($stringtotest);
$decodedstring=dol_decode($encodedstring); $decodedstring=dol_decode($encodedstring);
print __METHOD__." encodedstring=".$encodedstring." ".base64_encode($stringtotest)."\n"; print __METHOD__." encodedstring=".$encodedstring." ".base64_encode($stringtotest)."\n";
$this->assertEquals($stringtotest,$decodedstring); $this->assertEquals($stringtotest,$decodedstring, 'Use dol_encode/decode with no parameter');
$encodedstring=dol_encode($stringtotest, 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ');
$decodedstring=dol_decode($encodedstring, 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ');
print __METHOD__." encodedstring=".$encodedstring." ".base64_encode($stringtotest)."\n";
$this->assertEquals($stringtotest,$decodedstring, 'Use dol_encode/decode with a key parameter');
return 0; return 0;
} }