diff --git a/dev/examples/zapier/creates/thirdparty.js b/dev/examples/zapier/creates/thirdparty.js index 3e20fd10e41..2abeef6ae4c 100644 --- a/dev/examples/zapier/creates/thirdparty.js +++ b/dev/examples/zapier/creates/thirdparty.js @@ -6,7 +6,7 @@ const createThirdparty = async (z, bundle) => { const response = await z.request({ method: 'POST', url: apiurl, - body: JSON.stringify({ + body: { name: bundle.inputData.name, name_alias: bundle.inputData.name_alias, ref_ext: bundle.inputData.ref_ext, @@ -24,7 +24,7 @@ const createThirdparty = async (z, bundle) => { code_client: bundle.inputData.code_client, code_fournisseur: bundle.inputData.code_fournisseur, sens: 'fromzapier' - }) + } }); const result = z.JSON.parse(response.content); // api returns an integer when ok, a json when ko diff --git a/dev/examples/zapier/package.json b/dev/examples/zapier/package.json index cc0768a27ef..4d5c5daa867 100644 --- a/dev/examples/zapier/package.json +++ b/dev/examples/zapier/package.json @@ -15,7 +15,7 @@ "npm": ">=5.6.0" }, "dependencies": { - "zapier-platform-core": "11.0.0" + "zapier-platform-core": "11.0.1" }, "devDependencies": { "mocha": "^5.2.0", diff --git a/dev/examples/zapier/triggers/thirdparty.js b/dev/examples/zapier/triggers/thirdparty.js index 4656f836e74..0fecd4434ce 100644 --- a/dev/examples/zapier/triggers/thirdparty.js +++ b/dev/examples/zapier/triggers/thirdparty.js @@ -56,6 +56,12 @@ const getThirdparty = (z, bundle) => { fournisseur: bundle.cleanedRequest.fournisseur, code_client: bundle.cleanedRequest.code_client, code_fournisseur: bundle.cleanedRequest.code_fournisseur, + idprof1: bundle.cleanedRequest.idprof1, + idprof2: bundle.cleanedRequest.idprof2, + idprof3: bundle.cleanedRequest.idprof3, + idprof4: bundle.cleanedRequest.idprof4, + idprof5: bundle.cleanedRequest.idprof5, + idprof6: bundle.cleanedRequest.idprof6, authorId: bundle.cleanedRequest.authorId, createdAt: bundle.cleanedRequest.createdAt, action: bundle.cleanedRequest.action @@ -170,7 +176,13 @@ module.exports = { {key: 'client', label: 'Customer/Prospect 0/1/2/3'}, {key: 'fournisseur', label: 'Supplier 0/1'}, {key: 'code_client', label: 'Customer code'}, - {key: 'code_fournisseur', label: 'Supplier code'} + {key: 'code_fournisseur', label: 'Supplier code'}, + {key: 'idprof1', label: 'Id Prof 1'}, + {key: 'idprof2', label: 'Id Prof 2'}, + {key: 'idprof3', label: 'Id Prof 3'}, + {key: 'idprof4', label: 'Id Prof 4'}, + {key: 'idprof5', label: 'Id Prof 5'}, + {key: 'idprof6', label: 'Id Prof 6'} ] } }; diff --git a/htdocs/public/payment/newpayment.php b/htdocs/public/payment/newpayment.php index 49093e0913e..3a7f9a4ed9f 100644 --- a/htdocs/public/payment/newpayment.php +++ b/htdocs/public/payment/newpayment.php @@ -278,16 +278,21 @@ if ($tmpsource == 'membersubscription') { } $valid = true; if (!empty($conf->global->PAYMENT_SECURITY_TOKEN)) { + $token = ''; + $tokenoldcompat = ''; if (!empty($conf->global->PAYMENT_SECURITY_TOKEN_UNIQUE)) { if ($tmpsource && $REF) { $token = dol_hash($conf->global->PAYMENT_SECURITY_TOKEN.$tmpsource.$REF, 2); // Use the source in the hash to avoid duplicates if the references are identical + if ($tmpsource != $source) { + $tokenoldcompat = dol_hash($conf->global->PAYMENT_SECURITY_TOKEN.$source.$REF, 2); // for retro-compatibility (token may have been hashed with membersubscription in external module) + } } else { $token = dol_hash($conf->global->PAYMENT_SECURITY_TOKEN, 2); } } else { $token = $conf->global->PAYMENT_SECURITY_TOKEN; } - if ($SECUREKEY != $token) { + if ($SECUREKEY != $token && (empty($tokenoldcompat) || $SECUREKEY != $tokenoldcompat)) { if (empty($conf->global->PAYMENT_SECURITY_ACCEPT_ANY_TOKEN)) { $valid = false; // PAYMENT_SECURITY_ACCEPT_ANY_TOKEN is for backward compatibility } else {