Merge branch 'develop' of git@github.com:Dolibarr/dolibarr.git into develop

2021-06-05 01:11:16 +02:00 · 2021-06-05 01:11:16 +02:00 · 5d063ab880
commit 5d063ab880
parent f0118183c8 2c04f2c018
4 changed files with 22 additions and 5 deletions
--- a/dev/examples/zapier/creates/thirdparty.js
+++ b/dev/examples/zapier/creates/thirdparty.js
@ -6,7 +6,7 @@ const createThirdparty = async (z, bundle) => {
    const response = await z.request({
        method: 'POST',
        url: apiurl,
-        body: JSON.stringify({
+        body: {
            name: bundle.inputData.name,
            name_alias: bundle.inputData.name_alias,
            ref_ext: bundle.inputData.ref_ext,
@ -24,7 +24,7 @@ const createThirdparty = async (z, bundle) => {
            code_client: bundle.inputData.code_client,
            code_fournisseur: bundle.inputData.code_fournisseur,
            sens: 'fromzapier'
-        })
+        }
    });
    const result = z.JSON.parse(response.content);
    // api returns an integer when ok, a json when ko
--- a/dev/examples/zapier/package.json
+++ b/dev/examples/zapier/package.json
@ -15,7 +15,7 @@
    "npm": ">=5.6.0"
  },
  "dependencies": {
-    "zapier-platform-core": "11.0.0"
+    "zapier-platform-core": "11.0.1"
  },
  "devDependencies": {
    "mocha": "^5.2.0",
--- a/dev/examples/zapier/triggers/thirdparty.js
+++ b/dev/examples/zapier/triggers/thirdparty.js
@ -56,6 +56,12 @@ const getThirdparty = (z, bundle) => {
        fournisseur: bundle.cleanedRequest.fournisseur,
        code_client: bundle.cleanedRequest.code_client,
        code_fournisseur: bundle.cleanedRequest.code_fournisseur,
+        idprof1: bundle.cleanedRequest.idprof1,
+        idprof2: bundle.cleanedRequest.idprof2,
+        idprof3: bundle.cleanedRequest.idprof3,
+        idprof4: bundle.cleanedRequest.idprof4,
+        idprof5: bundle.cleanedRequest.idprof5,
+        idprof6: bundle.cleanedRequest.idprof6,
        authorId: bundle.cleanedRequest.authorId,
        createdAt: bundle.cleanedRequest.createdAt,
        action: bundle.cleanedRequest.action
@ -170,7 +176,13 @@ module.exports = {
            {key: 'client', label: 'Customer/Prospect 0/1/2/3'},
            {key: 'fournisseur', label: 'Supplier 0/1'},
            {key: 'code_client', label: 'Customer code'},
-            {key: 'code_fournisseur', label: 'Supplier code'}
+            {key: 'code_fournisseur', label: 'Supplier code'},
+            {key: 'idprof1', label: 'Id Prof 1'},
+            {key: 'idprof2', label: 'Id Prof 2'},
+            {key: 'idprof3', label: 'Id Prof 3'},
+            {key: 'idprof4', label: 'Id Prof 4'},
+            {key: 'idprof5', label: 'Id Prof 5'},
+            {key: 'idprof6', label: 'Id Prof 6'}
        ]
    }
 };
--- a/htdocs/public/payment/newpayment.php
+++ b/htdocs/public/payment/newpayment.php
@ -278,16 +278,21 @@ if ($tmpsource == 'membersubscription') {
 }
 $valid = true;
 if (!empty($conf->global->PAYMENT_SECURITY_TOKEN)) {
+	$token = '';
+	$tokenoldcompat = '';
 	if (!empty($conf->global->PAYMENT_SECURITY_TOKEN_UNIQUE)) {
 		if ($tmpsource && $REF) {
 			$token = dol_hash($conf->global->PAYMENT_SECURITY_TOKEN.$tmpsource.$REF, 2); // Use the source in the hash to avoid duplicates if the references are identical
+			if ($tmpsource != $source) {
+				$tokenoldcompat = dol_hash($conf->global->PAYMENT_SECURITY_TOKEN.$source.$REF, 2); // for retro-compatibility (token may have been hashed with membersubscription in external module)
+			}
 		} else {
 			$token = dol_hash($conf->global->PAYMENT_SECURITY_TOKEN, 2);
 		}
 	} else {
 		$token = $conf->global->PAYMENT_SECURITY_TOKEN;
 	}
-	if ($SECUREKEY != $token) {
+	if ($SECUREKEY != $token && (empty($tokenoldcompat) || $SECUREKEY != $tokenoldcompat)) {
 		if (empty($conf->global->PAYMENT_SECURITY_ACCEPT_ANY_TOKEN)) {
 			$valid = false; // PAYMENT_SECURITY_ACCEPT_ANY_TOKEN is for backward compatibility
 		} else {