diff --git a/htdocs/bom/class/bom.class.php b/htdocs/bom/class/bom.class.php index dd0ff4977d7..b53e2a7bc88 100644 --- a/htdocs/bom/class/bom.class.php +++ b/htdocs/bom/class/bom.class.php @@ -561,7 +561,7 @@ class BOM extends CommonObject { $num = $this->ref; } - $this->newref = $num; + $this->newref = dol_sanitizeFileName($num); // Validate $sql = "UPDATE ".MAIN_DB_PREFIX.$this->table_element; diff --git a/htdocs/comm/propal/class/api_proposals.class.php b/htdocs/comm/propal/class/api_proposals.class.php index d0ce31b5369..68194c7e997 100644 --- a/htdocs/comm/propal/class/api_proposals.class.php +++ b/htdocs/comm/propal/class/api_proposals.class.php @@ -1,6 +1,7 @@ * Copyright (C) 2016 Laurent Destailleur + * Copyright (C) 2020 Thibault FOUCART * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -64,11 +65,66 @@ class Proposals extends DolibarrApi */ public function get($id, $contact_list = 1) { + return $this->_fetch($id, '', '', '', $contact_list); + } + + /** + * Get properties of an proposal object by ref + * + * Return an array with proposal informations + * + * @param string $ref Ref of object + * @param int $contact_list 0: Returned array of contacts/addresses contains all properties, 1: Return array contains just id + * @return array|mixed data without useless information + * + * @url GET ref/{ref} + * + * @throws RestException + */ + public function getByRef($ref, $contact_list = 1) + { + return $this->_fetch('', $ref, '', '', $contact_list); + } + + /** + * Get properties of an proposal object by ref_ext + * + * Return an array with proposal informations + * + * @param string $ref_ext External reference of object + * @param int $contact_list 0: Returned array of contacts/addresses contains all properties, 1: Return array contains just id + * @return array|mixed data without useless information + * + * @url GET ref_ext/{ref_ext} + * + * @throws RestException + */ + public function getByRefExt($ref_ext, $contact_list = 1) + { + return $this->_fetch('', '', $ref_ext, '', $contact_list); + } + + /** + * Get properties of an proposal object + * + * Return an array with proposal informations + * + * @param int $id ID of order + * @param string $ref Ref of object + * @param string $ref_ext External reference of object + * @param string $ref_int Internal reference of other objec + * @param int $contact_list 0: Returned array of contacts/addresses contains all properties, 1: Return array contains just id + * @return array|mixed data without useless information + * + * @throws RestException + */ + private function _fetch($id, $ref = '', $ref_ext = '', $ref_int = '', $contact_list = 1) + { if(! DolibarrApiAccess::$user->rights->propal->lire) { throw new RestException(401); } - $result = $this->propal->fetch($id); + $result = $this->propal->fetch($id, $ref, $ref_ext, $ref_int); if( ! $result ) { throw new RestException(404, 'Commercial Proposal not found'); } diff --git a/htdocs/comm/propal/class/propal.class.php b/htdocs/comm/propal/class/propal.class.php index 3fa163594a2..2249627e9a3 100644 --- a/htdocs/comm/propal/class/propal.class.php +++ b/htdocs/comm/propal/class/propal.class.php @@ -1803,7 +1803,7 @@ class Propal extends CommonObject { $num = $this->ref; } - $this->newref = $num; + $this->newref = dol_sanitizeFileName($num); $sql = "UPDATE ".MAIN_DB_PREFIX."propal"; $sql .= " SET ref = '".$this->db->escape($num)."',"; diff --git a/htdocs/commande/class/commande.class.php b/htdocs/commande/class/commande.class.php index b19210f894a..3c75f2e9d08 100644 --- a/htdocs/commande/class/commande.class.php +++ b/htdocs/commande/class/commande.class.php @@ -384,7 +384,7 @@ class Commande extends CommonOrder { $num = $this->ref; } - $this->newref = $num; + $this->newref = dol_sanitizeFileName($num); // Validate $sql = "UPDATE ".MAIN_DB_PREFIX."commande"; diff --git a/htdocs/compta/facture/class/api_invoices.class.php b/htdocs/compta/facture/class/api_invoices.class.php index af69fd79008..dda35e4eafb 100644 --- a/htdocs/compta/facture/class/api_invoices.class.php +++ b/htdocs/compta/facture/class/api_invoices.class.php @@ -104,9 +104,9 @@ class Invoices extends DolibarrApi } /** - * Get properties of an order object + * Get properties of an invoice object * - * Return an array with order informations + * Return an array with invoice informations * * @param int $id ID of order * @param string $ref Ref of object diff --git a/htdocs/compta/facture/class/facture.class.php b/htdocs/compta/facture/class/facture.class.php index 92268d69040..11ce0f8df1f 100644 --- a/htdocs/compta/facture/class/facture.class.php +++ b/htdocs/compta/facture/class/facture.class.php @@ -2530,7 +2530,7 @@ class Facture extends CommonInvoice { $num = $this->ref; } - $this->newref = $num; + $this->newref = dol_sanitizeFileName($num); if ($num) { diff --git a/htdocs/compta/facture/invoicetemplate_list.php b/htdocs/compta/facture/invoicetemplate_list.php index c8b27fa4744..b55f0c412b9 100644 --- a/htdocs/compta/facture/invoicetemplate_list.php +++ b/htdocs/compta/facture/invoicetemplate_list.php @@ -536,21 +536,21 @@ if ($resql) } if (!empty($arrayfields['f.total']['checked'])) { - print ''.price($objp->total).''."\n"; + print ''.price($objp->total).''."\n"; if (!$i) $totalarray['nbfield']++; if (!$i) $totalarray['pos'][$totalarray['nbfield']] = 'f.total'; $totalarray['val']['f.total'] += $objp->total; } if (!empty($arrayfields['f.tva']['checked'])) { - print ''.price($objp->total_vat).''."\n"; + print ''.price($objp->total_vat).''."\n"; if (!$i) $totalarray['nbfield']++; if (!$i) $totalarray['pos'][$totalarray['nbfield']] = 'f.tva'; $totalarray['val']['f.tva'] += $objp->total_vat; } if (!empty($arrayfields['f.total_ttc']['checked'])) { - print ''.price($objp->total_ttc).''."\n"; + print ''.price($objp->total_ttc).''."\n"; if (!$i) $totalarray['nbfield']++; if (!$i) $totalarray['pos'][$totalarray['nbfield']] = 'f.total_ttc'; $totalarray['val']['f.total_ttc'] += $objp->total_ttc; diff --git a/htdocs/contrat/class/contrat.class.php b/htdocs/contrat/class/contrat.class.php index 17a153a2dc4..37928f33147 100644 --- a/htdocs/contrat/class/contrat.class.php +++ b/htdocs/contrat/class/contrat.class.php @@ -517,7 +517,7 @@ class Contrat extends CommonObject { $num = $this->ref; } - $this->newref = $num; + $this->newref = dol_sanitizeFileName($num); if ($num) { diff --git a/htdocs/expedition/class/expedition.class.php b/htdocs/expedition/class/expedition.class.php index bf20ac42611..82d7c942a8d 100644 --- a/htdocs/expedition/class/expedition.class.php +++ b/htdocs/expedition/class/expedition.class.php @@ -697,7 +697,7 @@ class Expedition extends CommonObject { $numref = "EXP".$this->id; } - $this->newref = $numref; + $this->newref = dol_sanitizeFileName($numref); $now = dol_now(); diff --git a/htdocs/expensereport/class/expensereport.class.php b/htdocs/expensereport/class/expensereport.class.php index c98d8af18d2..88238506125 100644 --- a/htdocs/expensereport/class/expensereport.class.php +++ b/htdocs/expensereport/class/expensereport.class.php @@ -1163,7 +1163,7 @@ class ExpenseReport extends CommonObject } if (empty($num) || $num < 0) return -1; - $this->newref = $num; + $this->newref = dol_sanitizeFileName($num); $this->db->begin(); diff --git a/htdocs/fichinter/class/fichinter.class.php b/htdocs/fichinter/class/fichinter.class.php index d857d6cf88c..f82f91986a0 100644 --- a/htdocs/fichinter/class/fichinter.class.php +++ b/htdocs/fichinter/class/fichinter.class.php @@ -544,7 +544,7 @@ class Fichinter extends CommonObject { $num = $this->ref; } - $this->newref = $num; + $this->newref = dol_sanitizeFileName($num); $sql = "UPDATE ".MAIN_DB_PREFIX."fichinter"; $sql .= " SET fk_statut = 1"; diff --git a/htdocs/fourn/class/fournisseur.commande.class.php b/htdocs/fourn/class/fournisseur.commande.class.php index bed02b94d55..ec1d2ca77c7 100644 --- a/htdocs/fourn/class/fournisseur.commande.class.php +++ b/htdocs/fourn/class/fournisseur.commande.class.php @@ -587,7 +587,7 @@ class CommandeFournisseur extends CommonOrder { $num = $this->ref; } - $this->newref = $num; + $this->newref = dol_sanitizeFileName($num); $sql = 'UPDATE '.MAIN_DB_PREFIX."commande_fournisseur"; $sql .= " SET ref='".$this->db->escape($num)."',"; @@ -971,7 +971,7 @@ class CommandeFournisseur extends CommonOrder { $num = $this->ref; } - $this->newref = $num; + $this->newref = dol_sanitizeFileName($num); // Do we have to change status now ? (If double approval is required and first approval, we keep status to 1 = validated) $movetoapprovestatus = true; diff --git a/htdocs/fourn/class/fournisseur.facture.class.php b/htdocs/fourn/class/fournisseur.facture.class.php index 6f5e3b6fc0a..d54e2da4eb1 100644 --- a/htdocs/fourn/class/fournisseur.facture.class.php +++ b/htdocs/fourn/class/fournisseur.facture.class.php @@ -1413,7 +1413,7 @@ class FactureFournisseur extends CommonInvoice { $num = $this->ref; } - $this->newref = $num; + $this->newref = dol_sanitizeFileName($num); $sql = "UPDATE ".MAIN_DB_PREFIX."facture_fourn"; $sql .= " SET ref='".$num."', fk_statut = 1, fk_user_valid = ".$user->id.", date_valid = '".$this->db->idate($now)."'"; diff --git a/htdocs/holiday/class/holiday.class.php b/htdocs/holiday/class/holiday.class.php index acd4be35b79..075ca5f5524 100644 --- a/htdocs/holiday/class/holiday.class.php +++ b/htdocs/holiday/class/holiday.class.php @@ -716,7 +716,7 @@ class Holiday extends CommonObject { $num = $this->ref; } - $this->newref = $num; + $this->newref = dol_sanitizeFileName($num); // Update status $sql = "UPDATE ".MAIN_DB_PREFIX."holiday SET"; diff --git a/htdocs/livraison/class/livraison.class.php b/htdocs/livraison/class/livraison.class.php index c8a3275dced..88a7a7372ad 100644 --- a/htdocs/livraison/class/livraison.class.php +++ b/htdocs/livraison/class/livraison.class.php @@ -404,7 +404,7 @@ class Livraison extends CommonObject { $numref = $this->ref; } - $this->newref = $numref; + $this->newref = dol_sanitizeFileName($numref); // Test if is not already in valid status. If so, we stop to avoid decrementing the stock twice. $sql = "SELECT ref"; diff --git a/htdocs/reception/class/reception.class.php b/htdocs/reception/class/reception.class.php index 260a3744e2e..c8802f6cd77 100644 --- a/htdocs/reception/class/reception.class.php +++ b/htdocs/reception/class/reception.class.php @@ -546,7 +546,7 @@ class Reception extends CommonObject $numref = $this->ref; } - $this->newref = $numref; + $this->newref = dol_sanitizeFileName($numref); $now = dol_now(); diff --git a/htdocs/supplier_proposal/class/supplier_proposal.class.php b/htdocs/supplier_proposal/class/supplier_proposal.class.php index afa8fcf4d77..0570b78bcdd 100644 --- a/htdocs/supplier_proposal/class/supplier_proposal.class.php +++ b/htdocs/supplier_proposal/class/supplier_proposal.class.php @@ -1462,7 +1462,7 @@ class SupplierProposal extends CommonObject { $num = $this->ref; } - $this->newref = $num; + $this->newref = dol_sanitizeFileName($num); $sql = "UPDATE ".MAIN_DB_PREFIX."supplier_proposal"; $sql .= " SET ref = '".$this->db->escape($num)."',";