diff --git a/htdocs/main.inc.php b/htdocs/main.inc.php index bd0d77d3389..e9f5b16b6a9 100644 --- a/htdocs/main.inc.php +++ b/htdocs/main.inc.php @@ -509,7 +509,7 @@ if ((!defined('NOCSRFCHECK') && empty($dolibarr_nocsrfcheck) && !empty($conf->gl //print 'Unset POST by CSRF protection in main.inc.php.'; // Do not output anything because this create problems when using the BACK button on browsers. setEventMessages('SecurityTokenHasExpiredSoActionHasBeenCanceledPleaseRetry', null, 'warnings'); //if ($conf->global->MAIN_FEATURES_LEVEL >= 1) setEventMessages('Unset POST and GET params by CSRF protection in main.inc.php (Token provided was not generated by the previous page).'."
\n".'$_SERVER[REQUEST_URI] = '.$_SERVER['REQUEST_URI'].' $_SERVER[REQUEST_METHOD] = '.$_SERVER['REQUEST_METHOD'].' GETPOST(token) = '.GETPOST('token', 'alpha').' $_SESSION[token] = '.$_SESSION['token'], null, 'warnings'); - $savid = ((int) $_POST['id']); + if (isset($_POST['id'])) $savid = ((int) $_POST['id']); unset($_POST); //unset($_POST['action']); unset($_POST['massaction']); //unset($_POST['confirm']); unset($_POST['confirmmassaction']); @@ -517,7 +517,7 @@ if ((!defined('NOCSRFCHECK') && empty($dolibarr_nocsrfcheck) && !empty($conf->gl unset($_GET['action']); unset($_GET['confirmmassaction']); unset($_GET['massaction']); - $_POST['id'] = ((int) $savid); + if (isset($savid)) $_POST['id'] = ((int) $savid); } // Note: There is another CSRF protection into the filefunc.inc.php @@ -3146,7 +3146,7 @@ if (!function_exists("llxFooter")) { } // Wrapper to add log when clicking on download or preview - if (!empty($conf->blockedlog->enabled) && is_object($object) && $object->id > 0 && $object->statut > 0) { + if (!empty($conf->blockedlog->enabled) && is_object($object) && !empty($object->id) && $object->id > 0 && $object->statut > 0) { if (in_array($object->element, array('facture'))) { // Restrict for the moment to element 'facture' print "\n\n"; ?> diff --git a/htdocs/projet/class/project.class.php b/htdocs/projet/class/project.class.php index ce2db90fa5d..a570e8ed7bb 100644 --- a/htdocs/projet/class/project.class.php +++ b/htdocs/projet/class/project.class.php @@ -2050,7 +2050,7 @@ class Project extends CommonObject $response->nbtodo++; $project_static->statut = $obj->status; - $project_static->opp_status = $obj->opp_status; + $project_static->opp_status = $obj->fk_opp_status; $project_static->datee = $this->db->jdate($obj->datee); if ($project_static->hasDelay()) { diff --git a/htdocs/projet/class/task.class.php b/htdocs/projet/class/task.class.php index bd25398776e..5e17c92c562 100644 --- a/htdocs/projet/class/task.class.php +++ b/htdocs/projet/class/task.class.php @@ -2118,7 +2118,7 @@ class Task extends CommonObject $now = dol_now(); - $datetouse = ($this->date_end > 0) ? $this->date_end : ($this->datee > 0 ? $this->datee : 0); + $datetouse = ($this->date_end > 0) ? $this->date_end : ((isset($this->datee) && $this->datee > 0) ? $this->datee : 0); return ($datetouse > 0 && ($datetouse < ($now - $conf->projet->task->warning_delay))); } diff --git a/htdocs/supplier_proposal/class/supplier_proposal.class.php b/htdocs/supplier_proposal/class/supplier_proposal.class.php index eb003cdab9e..6d43222bcf2 100644 --- a/htdocs/supplier_proposal/class/supplier_proposal.class.php +++ b/htdocs/supplier_proposal/class/supplier_proposal.class.php @@ -2216,7 +2216,7 @@ class SupplierProposal extends CommonObject $this->nbtodo = $this->nbtodolate = 0; $clause = " WHERE"; - $sql = "SELECT p.rowid, p.ref, p.datec as datec"; + $sql = "SELECT p.rowid, p.ref, p.datec as datec, p.date_cloture as datefin"; $sql .= " FROM ".MAIN_DB_PREFIX."supplier_proposal as p"; if (!$user->rights->societe->client->voir && !$user->socid) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON p.fk_soc = sc.fk_soc"; @@ -2239,13 +2239,13 @@ class SupplierProposal extends CommonObject $label = $labelShort = ''; $status = ''; if ($mode == 'opened') { - $delay_warning = $conf->supplier_proposal->cloture->warning_delay; + $delay_warning = !empty($conf->supplier_proposal->cloture->warning_delay) ? $conf->supplier_proposal->cloture->warning_delay : 0; $status = self::STATUS_VALIDATED; $label = $langs->trans("SupplierProposalsToClose"); $labelShort = $langs->trans("ToAcceptRefuse"); } if ($mode == 'signed') { - $delay_warning = $conf->supplier_proposal->facturation->warning_delay; + $delay_warning = !empty($conf->supplier_proposal->facturation->warning_delay) ? $conf->supplier_proposal->facturation->warning_delay : 0; $status = self::STATUS_SIGNED; $label = $langs->trans("SupplierProposalsToProcess"); // May be billed or ordered $labelShort = $langs->trans("ToClose"); diff --git a/htdocs/user/class/user.class.php b/htdocs/user/class/user.class.php index 37ce6544cd0..acfe581b3c9 100644 --- a/htdocs/user/class/user.class.php +++ b/htdocs/user/class/user.class.php @@ -3298,7 +3298,7 @@ class User extends CommonObject $i = 0; $cursor_user = $id_user; $useridfound = array($id_user); - while (!empty($this->parentof[$cursor_user])) { + while (!empty($this->parentof[$cursor_user]) && !empty($this->users[$this->parentof[$cursor_user]])) { if (in_array($this->parentof[$cursor_user], $useridfound)) { dol_syslog("The hierarchy of user has a recursive loop", LOG_WARNING); return -1; // Should not happen. Protection against looping hierarchy