Merge branch '14.0' of git@github.com:Dolibarr/dolibarr.git into develop
This commit is contained in:
Laurent Destailleur
commit
5f019e0857
@ -739,13 +739,11 @@ if ($result) {
|
||||
$s .= (empty($objp->code_sell_p) ? '<span style="'.$code_sell_p_notset.'">'.$langs->trans("NotDefined").'</span>' : length_accountg($objp->code_sell_p));
|
||||
print $form->textwithpicto($s, $shelp, 1, $ttype, '', 0, 2, '', 1);
|
||||
} else {
|
||||
if (!empty($conf->global->ACCOUNTANCY_USE_PRODUCT_ACCOUNT_ON_THIRDPARTY)) {
|
||||
print '<br>';
|
||||
$s = '2. '.(($objp->type_l == 1) ? $langs->trans("ThisService") : $langs->trans("ThisProduct")).': ';
|
||||
$shelp = '';
|
||||
$s .= $langs->trans("NotDefined");
|
||||
print $form->textwithpicto($s, $shelp, 1, 'help', '', 0, 2, '', 1);
|
||||
}
|
||||
print '<br>';
|
||||
$s = '2. '.(($objp->type_l == 1) ? $langs->trans("ThisService") : $langs->trans("ThisProduct")).': ';
|
||||
$shelp = '';
|
||||
$s .= $langs->trans("NotDefined");
|
||||
print $form->textwithpicto($s, $shelp, 1, 'help', '', 0, 2, '', 1);
|
||||
}
|
||||
if (!empty($conf->global->ACCOUNTANCY_USE_PRODUCT_ACCOUNT_ON_THIRDPARTY)) {
|
||||
print '<br>';
|
||||
|
||||
@ -315,21 +315,6 @@ if ($num == 1 && !empty($conf->global->MAIN_SEARCH_DIRECT_OPEN_IF_ONLY_ONE) && $
|
||||
|
||||
llxHeader('', $title, $help_url);
|
||||
|
||||
// Example : Adding jquery code
|
||||
print '<script type="text/javascript" language="javascript">
|
||||
jQuery(document).ready(function() {
|
||||
function init_myfunc()
|
||||
{
|
||||
jQuery("#myid").removeAttr(\'disabled\');
|
||||
jQuery("#myid").attr(\'disabled\',\'disabled\');
|
||||
}
|
||||
init_myfunc();
|
||||
jQuery("#mybutton").click(function() {
|
||||
init_myfunc();
|
||||
});
|
||||
});
|
||||
</script>';
|
||||
|
||||
$arrayofselected = is_array($toselect) ? $toselect : array();
|
||||
|
||||
$param = '';
|
||||
|
||||
@ -305,21 +305,6 @@ if ($num == 1 && !empty($conf->global->MAIN_SEARCH_DIRECT_OPEN_IF_ONLY_ONE) && $
|
||||
|
||||
llxHeader('', $title, $help_url);
|
||||
|
||||
// Example : Adding jquery code
|
||||
print '<script type="text/javascript" language="javascript">
|
||||
jQuery(document).ready(function() {
|
||||
function init_myfunc()
|
||||
{
|
||||
jQuery("#myid").removeAttr(\'disabled\');
|
||||
jQuery("#myid").attr(\'disabled\',\'disabled\');
|
||||
}
|
||||
init_myfunc();
|
||||
jQuery("#mybutton").click(function() {
|
||||
init_myfunc();
|
||||
});
|
||||
});
|
||||
</script>';
|
||||
|
||||
$arrayofselected = is_array($toselect) ? $toselect : array();
|
||||
|
||||
$param = '';
|
||||
|
||||
@ -244,22 +244,6 @@ $title = $langs->trans('BOM');
|
||||
$help_url ='EN:Module_BOM';
|
||||
llxHeader('', $title, $help_url);
|
||||
|
||||
// Example : Adding jquery code
|
||||
print '<script type="text/javascript" language="javascript">
|
||||
jQuery(document).ready(function() {
|
||||
function init_myfunc()
|
||||
{
|
||||
jQuery("#myid").removeAttr(\'disabled\');
|
||||
jQuery("#myid").attr(\'disabled\',\'disabled\');
|
||||
}
|
||||
init_myfunc();
|
||||
jQuery("#mybutton").click(function() {
|
||||
init_myfunc();
|
||||
});
|
||||
});
|
||||
</script>';
|
||||
|
||||
|
||||
// Part to create
|
||||
if ($action == 'create') {
|
||||
print load_fiche_titre($langs->trans("NewBOM"), '', 'bom');
|
||||
|
||||
@ -65,6 +65,8 @@ $socid = GETPOST("socid", 'int');
|
||||
if ($user->socid > 0) {
|
||||
$action = '';
|
||||
$id = $user->socid;
|
||||
} else {
|
||||
$id = 0;
|
||||
}
|
||||
restrictedArea($user, 'societe', $id, '&societe', '', 'fk_soc', 'rowid', 0);
|
||||
|
||||
|
||||
@ -2535,12 +2535,12 @@ class Propal extends CommonObject
|
||||
$resql = $this->db->query($sql);
|
||||
if ($resql) {
|
||||
// Status self::STATUS_REFUSED by default
|
||||
$modelpdf = $conf->global->PROPALE_ADDON_PDF_ODT_CLOSED ? $conf->global->PROPALE_ADDON_PDF_ODT_CLOSED : $this->model_pdf;
|
||||
$modelpdf = !empty($conf->global->PROPALE_ADDON_PDF_ODT_CLOSED) ? $conf->global->PROPALE_ADDON_PDF_ODT_CLOSED : $this->model_pdf;
|
||||
$trigger_name = 'PROPAL_CLOSE_REFUSED';
|
||||
|
||||
if ($status == self::STATUS_SIGNED) { // Status self::STATUS_SIGNED
|
||||
$trigger_name = 'PROPAL_CLOSE_SIGNED';
|
||||
$modelpdf = $conf->global->PROPALE_ADDON_PDF_ODT_TOBILL ? $conf->global->PROPALE_ADDON_PDF_ODT_TOBILL:$this->model_pdf;
|
||||
$modelpdf = !empty($conf->global->PROPALE_ADDON_PDF_ODT_TOBILL) ? $conf->global->PROPALE_ADDON_PDF_ODT_TOBILL : $this->model_pdf;
|
||||
|
||||
// The connected company is classified as a client
|
||||
$soc=new Societe($this->db);
|
||||
|
||||
@ -1368,7 +1368,7 @@ class Commande extends CommonOrder
|
||||
}
|
||||
// Possibility to add external linked objects with hooks
|
||||
$this->linked_objects[$this->origin] = $this->origin_id;
|
||||
if (is_array($object->other_linked_objects) && !empty($object->other_linked_objects)) {
|
||||
if (isset($object->other_linked_objects) && is_array($object->other_linked_objects) && !empty($object->other_linked_objects)) {
|
||||
$this->linked_objects = array_merge($this->linked_objects, $object->other_linked_objects);
|
||||
}
|
||||
|
||||
@ -4014,7 +4014,7 @@ class Commande extends CommonOrder
|
||||
|
||||
$now = dol_now();
|
||||
|
||||
return max($this->date_commande, $this->date_livraison) < ($now - $conf->commande->client->warning_delay);
|
||||
return max($this->date, $this->date_livraison) < ($now - $conf->commande->client->warning_delay);
|
||||
}
|
||||
|
||||
/**
|
||||
@ -4131,7 +4131,7 @@ class OrderLine extends CommonOrderLine
|
||||
$sql .= ' cd.fk_unit,';
|
||||
$sql .= ' cd.fk_multicurrency, cd.multicurrency_code, cd.multicurrency_subprice, cd.multicurrency_total_ht, cd.multicurrency_total_tva, cd.multicurrency_total_ttc,';
|
||||
$sql .= ' p.ref as product_ref, p.label as product_label, p.description as product_desc, p.tobatch as product_tobatch,';
|
||||
$sql .= ' cd.date_start, cd.date_end';
|
||||
$sql .= ' cd.date_start, cd.date_end, cd.vat_src_code';
|
||||
$sql .= ' FROM '.MAIN_DB_PREFIX.'commandedet as cd';
|
||||
$sql .= ' LEFT JOIN '.MAIN_DB_PREFIX.'product as p ON cd.fk_product = p.rowid';
|
||||
$sql .= ' WHERE cd.rowid = '.((int) $rowid);
|
||||
@ -4352,7 +4352,8 @@ class OrderLine extends CommonOrderLine
|
||||
|
||||
// if buy price not defined, define buyprice as configured in margin admin
|
||||
if ($this->pa_ht == 0 && $pa_ht_isemptystring) {
|
||||
if (($result = $this->defineBuyPrice($this->subprice, $this->remise_percent, $this->fk_product)) < 0) {
|
||||
$result = $this->defineBuyPrice($this->subprice, $this->remise_percent, $this->fk_product);
|
||||
if ($result < 0) {
|
||||
return $result;
|
||||
} else {
|
||||
$this->pa_ht = $result;
|
||||
@ -4529,7 +4530,8 @@ class OrderLine extends CommonOrderLine
|
||||
|
||||
// if buy price not defined, define buyprice as configured in margin admin
|
||||
if ($this->pa_ht == 0 && $pa_ht_isemptystring) {
|
||||
if (($result = $this->defineBuyPrice($this->subprice, $this->remise_percent, $this->fk_product)) < 0) {
|
||||
$result = $this->defineBuyPrice($this->subprice, $this->remise_percent, $this->fk_product);
|
||||
if ($result < 0) {
|
||||
return $result;
|
||||
} else {
|
||||
$this->pa_ht = $result;
|
||||
|
||||
@ -1373,7 +1373,7 @@ if ($resql) {
|
||||
$generic_product = new Product($db);
|
||||
$userstatic = new User($db);
|
||||
$i = 0;
|
||||
$totalarray = array();
|
||||
$totalarray = array('nbfield' => 0, 'val' => array(), 'pos' => array());
|
||||
while ($i < min($num, $limit)) {
|
||||
$obj = $db->fetch_object($resql);
|
||||
|
||||
@ -1610,7 +1610,11 @@ if ($resql) {
|
||||
if (!$i) {
|
||||
$totalarray['pos'][$totalarray['nbfield']] = 'c.total_ht';
|
||||
}
|
||||
$totalarray['val']['c.total_ht'] += $obj->total_ht;
|
||||
if (isset($totalarray['val']['c.total_ht'])) {
|
||||
$totalarray['val']['c.total_ht'] += $obj->total_ht;
|
||||
} else {
|
||||
$totalarray['val']['c.total_ht'] = $obj->total_ht;
|
||||
}
|
||||
}
|
||||
// Amount VAT
|
||||
if (!empty($arrayfields['c.total_vat']['checked'])) {
|
||||
|
||||
@ -47,7 +47,7 @@ foreach ($linkedObjectBlock as $key => $objectlink) {
|
||||
}
|
||||
echo '<tr class="'.$trclass.'" >';
|
||||
echo '<td class="linkedcol-element" >'.$langs->trans("CustomerOrder");
|
||||
if (!empty($showImportButton) && $conf->global->MAIN_ENABLE_IMPORT_LINKED_OBJECT_LINES) {
|
||||
if (!empty($showImportButton) && !empty($conf->global->MAIN_ENABLE_IMPORT_LINKED_OBJECT_LINES)) {
|
||||
print '<a class="objectlinked_importbtn" href="'.$objectlink->getNomUrl(0, '', 0, 1).'&action=selectlines" data-element="'.$objectlink->element.'" data-id="'.$objectlink->id.'" > <i class="fa fa-indent"></i> </a';
|
||||
}
|
||||
echo '</td>';
|
||||
|
||||
@ -343,21 +343,6 @@ if ($num == 1 && !empty($conf->global->MAIN_SEARCH_DIRECT_OPEN_IF_ONLY_ONE) && $
|
||||
|
||||
llxHeader('', $title, $help_url, '', 0, 0, $morejs, $morecss, '', 'classforhorizontalscrolloftabs');
|
||||
|
||||
// Example : Adding jquery code
|
||||
print '<script type="text/javascript" language="javascript">
|
||||
jQuery(document).ready(function() {
|
||||
function init_myfunc()
|
||||
{
|
||||
jQuery("#myid").removeAttr(\'disabled\');
|
||||
jQuery("#myid").attr(\'disabled\',\'disabled\');
|
||||
}
|
||||
init_myfunc();
|
||||
jQuery("#mybutton").click(function() {
|
||||
init_myfunc();
|
||||
});
|
||||
});
|
||||
</script>';
|
||||
|
||||
$arrayofselected = is_array($toselect) ? $toselect : array();
|
||||
|
||||
$param = '';
|
||||
|
||||
@ -112,7 +112,12 @@ $extrafields->fetch_name_optionals_label($object->table_element);
|
||||
// Load object
|
||||
if ($id > 0 || !empty($ref)) {
|
||||
if ($action != 'add') {
|
||||
$ret = $object->fetch($id, $ref, '', '', $conf->global->INVOICE_USE_SITUATION);
|
||||
if (empty($conf->global->INVOICE_USE_SITUATION)) {
|
||||
$fetch_situation = false;
|
||||
} else {
|
||||
$fetch_situation = true;
|
||||
}
|
||||
$ret = $object->fetch($id, $ref, '', '', $fetch_situation);
|
||||
}
|
||||
}
|
||||
|
||||
@ -607,7 +612,7 @@ if (empty($reshook)) {
|
||||
}
|
||||
|
||||
// Check for mandatory fields in invoice
|
||||
$array_to_check = array('REF_CUSTOMER'=>'RefCustomer');
|
||||
$array_to_check = array('REF_CLIENT'=>'RefCustomer');
|
||||
foreach ($array_to_check as $key => $val) {
|
||||
$keymin = strtolower($key);
|
||||
$vallabel = $object->$keymin;
|
||||
@ -2362,25 +2367,26 @@ if (empty($reshook)) {
|
||||
$line = new FactureLigne($db);
|
||||
$line->fetch(GETPOST('lineid', 'int'));
|
||||
$percent = $line->get_prev_progress($object->id);
|
||||
$progress = price2num(GETPOST('progress', 'alpha'));
|
||||
|
||||
if ($object->type == Facture::TYPE_CREDIT_NOTE && $object->situation_cycle_ref > 0) {
|
||||
// in case of situation credit note
|
||||
if (GETPOST('progress') >= 0) {
|
||||
if ($progress >= 0) {
|
||||
$mesg = $langs->trans("CantBeNullOrPositive");
|
||||
setEventMessages($mesg, null, 'warnings');
|
||||
$error++;
|
||||
$result = -1;
|
||||
} elseif (GETPOST('progress') < $line->situation_percent) { // TODO : use a modified $line->get_prev_progress($object->id) result
|
||||
} elseif ($progress < $line->situation_percent) { // TODO : use a modified $line->get_prev_progress($object->id) result
|
||||
$mesg = $langs->trans("CantBeLessThanMinPercent");
|
||||
setEventMessages($mesg, null, 'warnings');
|
||||
$error++;
|
||||
$result = -1;
|
||||
} elseif ($progress < $percent) {
|
||||
$mesg = '<div class="warning">'.$langs->trans("CantBeLessThanMinPercent").'</div>';
|
||||
setEventMessages($mesg, null, 'warnings');
|
||||
$error++;
|
||||
$result = -1;
|
||||
}
|
||||
} elseif (GETPOST('progress') < $percent) {
|
||||
$mesg = '<div class="warning">'.$langs->trans("CantBeLessThanMinPercent").'</div>';
|
||||
setEventMessages($mesg, null, 'warnings');
|
||||
$error++;
|
||||
$result = -1;
|
||||
}
|
||||
|
||||
// Check minimum price
|
||||
|
||||
@ -885,30 +885,32 @@ class Contact extends CommonObject
|
||||
$this->error = $this->db->lasterror();
|
||||
}
|
||||
|
||||
// Mis a jour alerte birthday
|
||||
if (!empty($this->birthday_alert)) {
|
||||
//check existing
|
||||
$sql_check = "SELECT rowid FROM ".MAIN_DB_PREFIX."user_alert WHERE type=1 AND fk_contact=".$this->db->escape($id)." AND fk_user=".$user->id;
|
||||
$result_check = $this->db->query($sql_check);
|
||||
if (!$result_check || ($this->db->num_rows($result_check) < 1)) {
|
||||
//insert
|
||||
$sql = "INSERT INTO ".MAIN_DB_PREFIX."user_alert(type,fk_contact,fk_user) ";
|
||||
$sql .= "VALUES (1,".$this->db->escape($id).",".$user->id.")";
|
||||
if ($user) {
|
||||
// Update birthday alert
|
||||
if (!empty($this->birthday_alert)) {
|
||||
//check existing
|
||||
$sql_check = "SELECT rowid FROM " . MAIN_DB_PREFIX . "user_alert WHERE type = 1 AND fk_contact = " . ((int) $id) . " AND fk_user = " . ((int) $user->id);
|
||||
$result_check = $this->db->query($sql_check);
|
||||
if (!$result_check || ($this->db->num_rows($result_check) < 1)) {
|
||||
//insert
|
||||
$sql = "INSERT INTO " . MAIN_DB_PREFIX . "user_alert(type, fk_contact, fk_user) ";
|
||||
$sql .= "VALUES (1," . ((int) $id) . "," . ((int) $user->id) . ")";
|
||||
$result = $this->db->query($sql);
|
||||
if (!$result) {
|
||||
$error++;
|
||||
$this->error = $this->db->lasterror();
|
||||
}
|
||||
} else {
|
||||
$result = true;
|
||||
}
|
||||
} else {
|
||||
$sql = "DELETE FROM " . MAIN_DB_PREFIX . "user_alert ";
|
||||
$sql .= "WHERE type=1 AND fk_contact=" . ((int) $id) . " AND fk_user=" . ((int) $user->id);
|
||||
$result = $this->db->query($sql);
|
||||
if (!$result) {
|
||||
$error++;
|
||||
$this->error = $this->db->lasterror();
|
||||
}
|
||||
} else {
|
||||
$result = true;
|
||||
}
|
||||
} else {
|
||||
$sql = "DELETE FROM ".MAIN_DB_PREFIX."user_alert ";
|
||||
$sql .= "WHERE type=1 AND fk_contact=".$this->db->escape($id)." AND fk_user=".$user->id;
|
||||
$result = $this->db->query($sql);
|
||||
if (!$result) {
|
||||
$error++;
|
||||
$this->error = $this->db->lasterror();
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@ -940,7 +940,7 @@ abstract class CommonObject
|
||||
$ecmfile->fullpath_orig = '';
|
||||
$ecmfile->gen_or_uploaded = 'generated';
|
||||
$ecmfile->description = ''; // indexed content
|
||||
$ecmfile->keyword = ''; // keyword content
|
||||
$ecmfile->keywords = ''; // keyword content
|
||||
$ecmfile->share = getRandomPassword(true);
|
||||
$result = $ecmfile->create($user);
|
||||
if ($result < 0)
|
||||
@ -5261,7 +5261,7 @@ abstract class CommonObject
|
||||
$ecmfile->fullpath_orig = '';
|
||||
$ecmfile->gen_or_uploaded = 'generated';
|
||||
$ecmfile->description = ''; // indexed content
|
||||
$ecmfile->keyword = ''; // keyword content
|
||||
$ecmfile->keywords = ''; // keyword content
|
||||
$result = $ecmfile->update($user);
|
||||
if ($result < 0) {
|
||||
setEventMessages($ecmfile->error, $ecmfile->errors, 'warnings');
|
||||
@ -5274,7 +5274,7 @@ abstract class CommonObject
|
||||
$ecmfile->fullpath_orig = '';
|
||||
$ecmfile->gen_or_uploaded = 'generated';
|
||||
$ecmfile->description = ''; // indexed content
|
||||
$ecmfile->keyword = ''; // keyword content
|
||||
$ecmfile->keywords = ''; // keyword content
|
||||
$ecmfile->src_object_type = $this->table_element;
|
||||
$ecmfile->src_object_id = $this->id;
|
||||
|
||||
|
||||
@ -5085,7 +5085,12 @@ class Form
|
||||
} else {
|
||||
if ($selected) {
|
||||
$this->load_cache_conditions_paiements();
|
||||
print $this->cache_conditions_paiements[$selected]['label'];
|
||||
if (isset($this->cache_conditions_paiements[$selected])) {
|
||||
print $this->cache_conditions_paiements[$selected]['label'];
|
||||
} else {
|
||||
$langs->load('errors');
|
||||
print $langs->trans('ErrorNotInDictionaryPaymentConditions');
|
||||
}
|
||||
} else {
|
||||
print " ";
|
||||
}
|
||||
@ -7778,7 +7783,7 @@ class Form
|
||||
print '<input type="radio" name="idtolinkto" id="'.$key.'_'.$objp->rowid.'" value="'.$objp->rowid.'">';
|
||||
print '</td>';
|
||||
print '<td class="center"><label for="'.$key.'_'.$objp->rowid.'">'.$objp->ref.'</label></td>';
|
||||
print '<td>'.(!empty($objp->ref_client) ? $objp->ref_client : $objp->ref_supplier).'</td>';
|
||||
print '<td>'.(!empty($objp->ref_client) ? $objp->ref_client : (!empty($objp->ref_supplier) ? $objp->ref_supplier : '')).'</td>';
|
||||
print '<td class="right">';
|
||||
if ($possiblelink['label'] == 'LinkToContract') {
|
||||
$form = new Form($this->db);
|
||||
|
||||
@ -377,7 +377,7 @@ function completeFileArrayWithDatabaseInfo(&$filearray, $relativedir)
|
||||
$ecmfile->fullpath_orig = $filearray[$key]['fullname'];
|
||||
$ecmfile->gen_or_uploaded = 'unknown';
|
||||
$ecmfile->description = ''; // indexed content
|
||||
$ecmfile->keyword = ''; // keyword content
|
||||
$ecmfile->keywords = ''; // keyword content
|
||||
$result = $ecmfile->create($user);
|
||||
if ($result < 0) {
|
||||
setEventMessages($ecmfile->error, $ecmfile->errors, 'warnings');
|
||||
@ -933,7 +933,7 @@ function dol_move($srcfile, $destfile, $newmask = 0, $overwriteifexists = 1, $te
|
||||
$ecmfile->fullpath_orig = $srcfile;
|
||||
$ecmfile->gen_or_uploaded = 'unknown';
|
||||
$ecmfile->description = ''; // indexed content
|
||||
$ecmfile->keyword = ''; // keyword content
|
||||
$ecmfile->keywords = ''; // keyword content
|
||||
$resultecm = $ecmfile->create($user);
|
||||
if ($resultecm < 0) {
|
||||
setEventMessages($ecmfile->error, $ecmfile->errors, 'warnings');
|
||||
@ -1785,7 +1785,7 @@ function addFileIntoDatabaseIndex($dir, $file, $fullpathorig = '', $mode = 'uplo
|
||||
$ecmfile->fullpath_orig = $fullpathorig;
|
||||
$ecmfile->gen_or_uploaded = $mode;
|
||||
$ecmfile->description = ''; // indexed content
|
||||
$ecmfile->keyword = ''; // keyword content
|
||||
$ecmfile->keywords = ''; // keyword content
|
||||
|
||||
if (is_object($object) && $object->id > 0) {
|
||||
$ecmfile->src_object_id = $object->id;
|
||||
|
||||
@ -778,8 +778,12 @@ function checkVal($out = '', $check = 'alphanohtml', $filter = null, $options =
|
||||
do {
|
||||
$oldstringtoclean = $out;
|
||||
|
||||
// We replace chars encoded with numeric HTML entities with real char (to avoid to have numeric entities used for obfuscation of injections)
|
||||
$out = preg_replace_callback('/&#(x?[0-9][0-9a-f]+);/i', 'realCharForNumericEntities', $out);
|
||||
// We replace chars from a/A to z/Z encoded with numeric HTML entities with the real char so we won't loose the chars at the next step.
|
||||
// No need to use a loop here, this step is not to sanitize (this is done at next step, this is to try to save chars, even if they are
|
||||
// using a non coventionnel way to be encoded, to not have them sanitized just after)
|
||||
$out = preg_replace_callback('/&#(x?[0-9][0-9a-f]+;?)/i', 'realCharForNumericEntities', $out);
|
||||
|
||||
// Now we remove all remaining HTML entities staring with a number. We don't want such entities.
|
||||
$out = preg_replace('/&#x?[0-9]+/i', '', $out); // For example if we have javascript with an entities without the ; to hide the 'a' of 'javascript'.
|
||||
|
||||
$out = dol_string_onlythesehtmltags($out, 0, 1, 1);
|
||||
|
||||
@ -223,7 +223,7 @@ function getURLContent($url, $postorget = 'GET', $param = '', $followlocation =
|
||||
|
||||
// Set CURLOPT_CONNECT_TO so curl will not try another resolution that may give a different result. Possible only on PHP v7+
|
||||
if (defined('CURLOPT_CONNECT_TO')) {
|
||||
$connect_to = array(sprintf("%s:%d:%s:%d", $newUrlArray['host'], $newUrlArray['port'], $iptocheck, $newUrlArray['port']));
|
||||
$connect_to = array(sprintf("%s:%d:%s:%d", $newUrlArray['host'], empty($newUrlArray['port'])?'':$newUrlArray['port'], $iptocheck, empty($newUrlArray['port'])?'':$newUrlArray['port']));
|
||||
//var_dump($newUrlArray);
|
||||
//var_dump($connect_to);
|
||||
curl_setopt($ch, CURLOPT_CONNECT_TO, $connect_to);
|
||||
|
||||
@ -76,8 +76,8 @@ insert into llx_menu (module, enabled, menu_handler, type, rowid, mainmenu, left
|
||||
|
||||
-- Third parties
|
||||
insert into llx_menu (module, enabled, menu_handler, type, rowid, mainmenu, leftmenu, fk_menu, url, titre, level, langs, perms, target, usertype, position, entity) values ('', '$conf->societe->enabled', __HANDLER__, 'left', 500__+MAX_llx_menu__, 'companies', 'thirdparties', 2__+MAX_llx_menu__, '/societe/index.php?mainmenu=companies&leftmenu=thirdparties', 'ThirdParty', 0, 'companies', '$user->rights->societe->lire', '', 2, 0, __ENTITY__);
|
||||
insert into llx_menu (module, enabled, menu_handler, type, rowid, mainmenu, leftmenu, fk_menu, url, titre, level, langs, perms, target, usertype, position, entity) values ('', '$conf->societe->enabled', __HANDLER__, 'left', 501__+MAX_llx_menu__, 'companies', '', 500__+MAX_llx_menu__, '/societe/card.php?mainmenu=companies&action=create', 'MenuNewThirdParty', 1, 'companies', '$user->rights->societe->lire', '', 2, 0, __ENTITY__);
|
||||
insert into llx_menu (module, enabled, menu_handler, type, rowid, mainmenu, leftmenu, fk_menu, url, titre, level, langs, perms, target, usertype, position, entity) values ('', '$conf->societe->enabled', __HANDLER__, 'left', 502__+MAX_llx_menu__, 'companies', '', 500__+MAX_llx_menu__, '/societe/list.php?mainmenu=companies&action=create', 'List', 1, 'companies', '$user->rights->societe->lire', '', 2, 0, __ENTITY__);
|
||||
insert into llx_menu (module, enabled, menu_handler, type, rowid, mainmenu, leftmenu, fk_menu, url, titre, level, langs, perms, target, usertype, position, entity) values ('', '$conf->societe->enabled', __HANDLER__, 'left', 501__+MAX_llx_menu__, 'companies', '', 500__+MAX_llx_menu__, '/societe/card.php?mainmenu=companies&action=create', 'MenuNewThirdParty', 1, 'companies', '$user->rights->societe->creer', '', 2, 0, __ENTITY__);
|
||||
insert into llx_menu (module, enabled, menu_handler, type, rowid, mainmenu, leftmenu, fk_menu, url, titre, level, langs, perms, target, usertype, position, entity) values ('', '$conf->societe->enabled', __HANDLER__, 'left', 502__+MAX_llx_menu__, 'companies', '', 500__+MAX_llx_menu__, '/societe/list.php?mainmenu=companies&leftmenu=thirdparties', 'List', 1, 'companies', '$user->rights->societe->lire', '', 2, 0, __ENTITY__);
|
||||
insert into llx_menu (module, enabled, menu_handler, type, rowid, mainmenu, leftmenu, fk_menu, url, titre, level, langs, perms, target, usertype, position, entity) values ('', '$conf->societe->enabled && (!empty($conf->fournisseur->enabled) && empty($conf->global->MAIN_USE_NEW_SUPPLIERMOD) || !empty($conf->supplier_order->enabled) || !empty($conf->supplier_invoice->enabled))', __HANDLER__, 'left', 503__+MAX_llx_menu__, 'companies', '', 500__+MAX_llx_menu__, '/societe/list.php?mainmenu=companies&type=f&leftmenu=suppliers', 'ListSuppliersShort', 1, 'suppliers', '$user->rights->societe->lire && $user->rights->fournisseur->lire', '', 2, 5, __ENTITY__);
|
||||
insert into llx_menu (module, enabled, menu_handler, type, rowid, mainmenu, leftmenu, fk_menu, url, titre, level, langs, perms, target, usertype, position, entity) values ('', '$conf->societe->enabled && (!empty($conf->fournisseur->enabled) && empty($conf->global->MAIN_USE_NEW_SUPPLIERMOD) || !empty($conf->supplier_order->enabled) || !empty($conf->supplier_invoice->enabled))', __HANDLER__, 'left', 504__+MAX_llx_menu__, 'companies', '', 503__+MAX_llx_menu__, '/societe/card.php?mainmenu=companies&leftmenu=supplier&action=create&type=f', 'NewSupplier', 2, 'suppliers', '$user->rights->societe->creer', '', 2, 0, __ENTITY__);
|
||||
insert into llx_menu (module, enabled, menu_handler, type, rowid, mainmenu, leftmenu, fk_menu, url, titre, level, langs, perms, target, usertype, position, entity) values ('', '$conf->societe->enabled', __HANDLER__, 'left', 506__+MAX_llx_menu__, 'companies', '', 500__+MAX_llx_menu__, '/societe/list.php?mainmenu=companies&type=p&leftmenu=prospects', 'ListProspectsShort', 1, 'companies', '$user->rights->societe->lire', '', 2, 3, __ENTITY__);
|
||||
|
||||
@ -251,7 +251,7 @@ class pdf_eratosthene extends ModelePDFCommandes
|
||||
$pdir[0] = get_exdir($objphoto->id, 2, 0, 0, $objphoto, 'product').$objphoto->id."/photos/";
|
||||
$pdir[1] = get_exdir(0, 0, 0, 0, $objphoto, 'product').dol_sanitizeFileName($objphoto->ref).'/';
|
||||
} else {
|
||||
$pdir[0] = get_exdir(0, 0, 0, 0, $objphoto, 'product').dol_sanitizeFileName($objphoto->ref).'/'; // default
|
||||
$pdir[0] = get_exdir(0, 0, 0, 0, $objphoto, 'product'); // default
|
||||
$pdir[1] = get_exdir($objphoto->id, 2, 0, 0, $objphoto, 'product').$objphoto->id."/photos/"; // alternative
|
||||
}
|
||||
|
||||
|
||||
@ -240,7 +240,7 @@ class pdf_storm extends ModelePDFDeliveryOrder
|
||||
$pdir[0] = get_exdir($objphoto->id, 2, 0, 0, $objphoto, 'product').$objphoto->id."/photos/";
|
||||
$pdir[1] = get_exdir(0, 0, 0, 0, $objphoto, 'product').dol_sanitizeFileName($objphoto->ref).'/';
|
||||
} else {
|
||||
$pdir[0] = get_exdir(0, 0, 0, 0, $objphoto, 'product').dol_sanitizeFileName($objphoto->ref).'/'; // default
|
||||
$pdir[0] = get_exdir(0, 0, 0, 0, $objphoto, 'product'); // default
|
||||
$pdir[1] = get_exdir($objphoto->id, 2, 0, 0, $objphoto, 'product').$objphoto->id."/photos/"; // alternative
|
||||
}
|
||||
|
||||
|
||||
@ -201,14 +201,13 @@ class pdf_espadon extends ModelePdfExpedition
|
||||
continue;
|
||||
}
|
||||
|
||||
$objphoto = new Product($this->db);
|
||||
$objphoto->fetch($object->lines[$i]->fk_product);
|
||||
|
||||
if (!empty($conf->global->PRODUCT_USE_OLD_PATH_FOR_PHOTO)) {
|
||||
$pdir = get_exdir($object->lines[$i]->fk_product, 2, 0, 0, $objphoto, 'product').$object->lines[$i]->fk_product."/photos/";
|
||||
$dir = $conf->product->dir_output.'/'.$pdir;
|
||||
} else {
|
||||
$pdir = get_exdir(0, 2, 0, 0, $objphoto, 'product').dol_sanitizeFileName($objphoto->ref).'/';
|
||||
$pdir = get_exdir(0, 0, 0, 0, $objphoto, 'product');
|
||||
$dir = $conf->product->dir_output.'/'.$pdir;
|
||||
}
|
||||
|
||||
@ -609,7 +608,7 @@ class pdf_espadon extends ModelePdfExpedition
|
||||
$posYAfterDescription = $pdf->GetY();
|
||||
}
|
||||
|
||||
$nexY = $pdf->GetY();
|
||||
$nexY = max($pdf->GetY(), $posYAfterImage);
|
||||
$pageposafter = $pdf->getPage();
|
||||
|
||||
$pdf->setPage($pageposbefore);
|
||||
|
||||
@ -257,7 +257,7 @@ class pdf_sponge extends ModelePDFFactures
|
||||
$pdir[0] = get_exdir($objphoto->id, 2, 0, 0, $objphoto, 'product').$objphoto->id."/photos/";
|
||||
$pdir[1] = get_exdir(0, 0, 0, 0, $objphoto, 'product').dol_sanitizeFileName($objphoto->ref).'/';
|
||||
} else {
|
||||
$pdir[0] = get_exdir(0, 0, 0, 0, $objphoto, 'product').dol_sanitizeFileName($objphoto->ref).'/'; // default
|
||||
$pdir[0] = get_exdir(0, 0, 0, 0, $objphoto, 'product'); // default
|
||||
$pdir[1] = get_exdir($objphoto->id, 2, 0, 0, $objphoto, 'product').$objphoto->id."/photos/"; // alternative
|
||||
}
|
||||
|
||||
|
||||
@ -145,8 +145,13 @@ class pdf_squille extends ModelePdfReception
|
||||
$objphoto = new Product($this->db);
|
||||
$objphoto->fetch($object->lines[$i]->fk_product);
|
||||
|
||||
$pdir = get_exdir($object->lines[$i]->fk_product, 2, 0, 0, $objphoto, 'product').$object->lines[$i]->fk_product."/photos/";
|
||||
$dir = $conf->product->dir_output.'/'.$pdir;
|
||||
if (!empty($conf->global->PRODUCT_USE_OLD_PATH_FOR_PHOTO)) {
|
||||
$pdir = get_exdir($object->lines[$i]->fk_product, 2, 0, 0, $objphoto, 'product').$object->lines[$i]->fk_product."/photos/";
|
||||
$dir = $conf->product->dir_output.'/'.$pdir;
|
||||
} else {
|
||||
$pdir = get_exdir(0, 2, 0, 0, $objphoto, 'product');
|
||||
$dir = $conf->product->dir_output.'/'.$pdir;
|
||||
}
|
||||
|
||||
$realpath = '';
|
||||
|
||||
@ -446,7 +451,7 @@ class pdf_squille extends ModelePdfReception
|
||||
}
|
||||
$posYAfterDescription = $pdf->GetY();
|
||||
|
||||
$nexY = $pdf->GetY();
|
||||
$nexY = max($pdf->GetY(), $posYAfterImage);
|
||||
$pageposafter = $pdf->getPage();
|
||||
|
||||
$pdf->setPage($pageposbefore);
|
||||
|
||||
@ -383,7 +383,7 @@ if ($action == 'confirm_resize' && GETPOSTISSET("file") && GETPOSTISSET("sizex")
|
||||
$ecmfile->fullpath_orig = $fullpath;
|
||||
$ecmfile->gen_or_uploaded = 'unknown';
|
||||
$ecmfile->description = ''; // indexed content
|
||||
$ecmfile->keyword = ''; // keyword content
|
||||
$ecmfile->keywords = ''; // keyword content
|
||||
$result = $ecmfile->create($user);
|
||||
if ($result < 0) {
|
||||
setEventMessages($ecmfile->error, $ecmfile->errors, 'warnings');
|
||||
@ -448,7 +448,7 @@ if ($action == 'confirm_crop') {
|
||||
$ecmfile->fullpath_orig = $fullpath;
|
||||
$ecmfile->gen_or_uploaded = 'unknown';
|
||||
$ecmfile->description = ''; // indexed content
|
||||
$ecmfile->keyword = ''; // keyword content
|
||||
$ecmfile->keywords = ''; // keyword content
|
||||
$result = $ecmfile->create($user);
|
||||
if ($result < 0) {
|
||||
setEventMessages($ecmfile->error, $ecmfile->errors, 'warnings');
|
||||
|
||||
@ -79,7 +79,6 @@ $(document).ready(function(){
|
||||
function() {
|
||||
console.log("tableDND end of ajax call");
|
||||
if (reloadpage == 1) {
|
||||
//console.log('<?php echo $urltorefreshaftermove.' - '.$_SERVER['PHP_SELF'].' - '.dol_escape_js($_SERVER['QUERY_STRING']); ?>');
|
||||
<?php
|
||||
$redirectURL = empty($urltorefreshaftermove) ? ($_SERVER['PHP_SELF'].'?'.dol_escape_js($_SERVER['QUERY_STRING'])) : $urltorefreshaftermove;
|
||||
// remove action parameter from URL
|
||||
|
||||
@ -53,7 +53,7 @@ if ($isNewObject) {
|
||||
|
||||
// Is there is commercial discount or down payment available ?
|
||||
if ($absolute_discount > 0) {
|
||||
if ($cannotApplyDiscount || !$isInvoice || $isNewObject || $object->statut > $objclassname::STATUS_DRAFT || $object->type == $objclassname::TYPE_CREDIT_NOTE || $object->type == $objclassname::TYPE_DEPOSIT) {
|
||||
if (!empty($cannotApplyDiscount) || !$isInvoice || $isNewObject || $object->statut > $objclassname::STATUS_DRAFT || $object->type == $objclassname::TYPE_CREDIT_NOTE || $object->type == $objclassname::TYPE_DEPOSIT) {
|
||||
$translationKey = !empty($discount_type) ? 'HasAbsoluteDiscountFromSupplier' : 'CompanyHasAbsoluteDiscount';
|
||||
$text = $langs->trans($translationKey, price($absolute_discount), $langs->transnoentities("Currency".$conf->currency)).'.';
|
||||
|
||||
|
||||
@ -128,7 +128,7 @@ if ($nolinesbefore) {
|
||||
<td class="linecoldiscount right"><?php echo $langs->trans('ReductionShort'); ?></td>
|
||||
<?php
|
||||
// Fields for situation invoice
|
||||
if ($this->situation_cycle_ref) {
|
||||
if (isset($this->situation_cycle_ref) && $this->situation_cycle_ref) {
|
||||
print '<td class="linecolcycleref right">'.$langs->trans('Progress').'</td>';
|
||||
print '<td class="linecolcycleref2 right"></td>';
|
||||
}
|
||||
@ -416,7 +416,7 @@ if ($nolinesbefore) {
|
||||
?>
|
||||
<td class="nobottom nowrap linecoldiscount right"><input type="text" size="1" name="remise_percent" id="remise_percent" class="flat right" value="<?php echo (GETPOSTISSET("remise_percent") ? GETPOST("remise_percent", 'alpha', 2) : $remise_percent); ?>"><span class="hideonsmartphone">%</span></td>
|
||||
<?php
|
||||
if ($this->situation_cycle_ref) {
|
||||
if (isset($this->situation_cycle_ref) && $this->situation_cycle_ref) {
|
||||
$coldisplay++;
|
||||
print '<td class="nobottom nowrap right"><input class="falt right" type="text" size="1" value="0" name="progress">%</td>';
|
||||
$coldisplay++;
|
||||
|
||||
@ -105,7 +105,7 @@ if (!empty($conf->global->PRODUCT_USE_UNITS)) {
|
||||
print '<td class="linecoldiscount right">'.$langs->trans('ReductionShort').'</td>';
|
||||
|
||||
// Fields for situation invoice
|
||||
if ($this->situation_cycle_ref) {
|
||||
if (isset($this->situation_cycle_ref) && $this->situation_cycle_ref) {
|
||||
print '<td class="linecolcycleref right">'.$langs->trans('Progress').'</td>';
|
||||
print '<td class="linecolcycleref2 right">'.$form->textwithpicto($langs->trans('TotalHT100Short'), $langs->trans('UnitPriceXQtyLessDiscount')).'</td>';
|
||||
}
|
||||
|
||||
@ -132,7 +132,7 @@ if (($line->info_bits & 2) == 2) {
|
||||
}
|
||||
}
|
||||
} else {
|
||||
$format = $conf->global->MAIN_USE_HOURMIN_IN_DATE_RANGE ? 'dayhour' : 'day';
|
||||
$format = (!empty($conf->global->MAIN_USE_HOURMIN_IN_DATE_RANGE) ? 'dayhour' : 'day');
|
||||
|
||||
if ($line->fk_product > 0) {
|
||||
print $form->textwithtooltip($text, $description, 3, '', '', $i, 0, (!empty($line->fk_parent_line) ?img_picto('', 'rightarrow') : ''));
|
||||
@ -288,7 +288,7 @@ if (!empty($line->remise_percent) && $line->special_code != 3) {
|
||||
}
|
||||
|
||||
// Fields for situation invoices
|
||||
if ($this->situation_cycle_ref) {
|
||||
if (isset($this->situation_cycle_ref) && $this->situation_cycle_ref) {
|
||||
include_once DOL_DOCUMENT_ROOT.'/core/lib/price.lib.php';
|
||||
$coldisplay++;
|
||||
print '<td class="linecolcycleref nowrap right">'.$line->situation_percent.'%</td>';
|
||||
|
||||
@ -205,7 +205,7 @@ if ($action == 'update' && $permtoadd) {
|
||||
$object->fullpath_orig = '';
|
||||
$object->gen_or_uploaded = 'unknown';
|
||||
$object->description = ''; // indexed content
|
||||
$object->keyword = ''; // keyword content
|
||||
$object->keywords = ''; // keyword content
|
||||
$result = $object->create($user);
|
||||
if ($result < 0) {
|
||||
setEventMessages($object->error, $object->errors, 'warnings');
|
||||
|
||||
@ -253,20 +253,6 @@ if ($projectid > 0) {
|
||||
|
||||
llxHeader('', $title, $help_url);
|
||||
|
||||
// Example : Adding jquery code
|
||||
print '<script type="text/javascript" language="javascript">
|
||||
jQuery(document).ready(function() {
|
||||
function init_myfunc()
|
||||
{
|
||||
jQuery("#myid").removeAttr(\'disabled\');
|
||||
jQuery("#myid").attr(\'disabled\',\'disabled\');
|
||||
}
|
||||
init_myfunc();
|
||||
jQuery("#mybutton").click(function() {
|
||||
init_myfunc();
|
||||
});
|
||||
});
|
||||
</script>';
|
||||
|
||||
if ($projectid > 0) {
|
||||
// To verify role of users
|
||||
|
||||
@ -610,7 +610,7 @@ $sql .= ' cf.fk_multicurrency, cf.multicurrency_code, cf.multicurrency_tx, cf.mu
|
||||
$sql .= ' cf.date_creation as date_creation, cf.tms as date_update,';
|
||||
$sql .= ' cf.note_public, cf.note_private,';
|
||||
$sql .= " p.rowid as project_id, p.ref as project_ref, p.title as project_title,";
|
||||
$sql .= " u.firstname, u.lastname, u.photo, u.login, u.email as user_email";
|
||||
$sql .= " u.firstname, u.lastname, u.photo, u.login, u.email as user_email, u.statut as user_status";
|
||||
// Add fields from extrafields
|
||||
if (!empty($extrafields->attributes[$object->table_element]['label'])) {
|
||||
foreach ($extrafields->attributes[$object->table_element]['label'] as $key => $val) {
|
||||
@ -1346,6 +1346,7 @@ if ($resql) {
|
||||
$userstatic->login = $obj->login;
|
||||
$userstatic->photo = $obj->photo;
|
||||
$userstatic->email = $obj->user_email;
|
||||
$userstatic->statut = $obj->user_status;
|
||||
if (!empty($arrayfields['u.login']['checked'])) {
|
||||
print '<td class="tdoverflowmax150">';
|
||||
if ($userstatic->id) {
|
||||
|
||||
@ -353,3 +353,6 @@ INSERT INTO llx_c_shipment_mode (rowid,code,libelle,description,tracking,active)
|
||||
INSERT INTO llx_c_shipment_mode (rowid,code,libelle,description,tracking,active) VALUES (14,'MAINFREIGHT', 'Mainfreight', NULL, 'https://www.mainfreight.com/track?{TRACKID}', 0);
|
||||
|
||||
|
||||
UPDATE llx_menu SET perms = '$user->rights->societe->creer' WHERE titre = 'MenuNewThirdParty' AND url = '/societe/card.php?mainmenu=companies&action=create';
|
||||
UPDATE llx_menu SET url = '/societe/list.php?mainmenu=companies&leftmenu=thirdparties' WHERE titre = 'List' AND url = '/societe/list.php?mainmenu=companies&action=create';
|
||||
|
||||
|
||||
@ -580,6 +580,11 @@ insert into llx_c_action_trigger (code,label,description,elementtype,rang) value
|
||||
|
||||
-- Removed no more used function
|
||||
-- VPGSQL8.2 DROP FUNCTION IF EXISTS update_modified_column_date_m() CASCADE;
|
||||
-- VPGSQL8.2 DROP TRIGGER update_customer_modtime ON llx_ecm_directories;
|
||||
-- VPGSQL8.2 DROP TRIGGER update_customer_modtime ON llx_ecm_files;
|
||||
-- VPGSQL8.2 CREATE TRIGGER update_customer_modtime BEFORE UPDATE ON llx_ecm_directories FOR EACH ROW EXECUTE PROCEDURE update_modified_column_tms();
|
||||
-- VPGSQL8.2 CREATE TRIGGER update_customer_modtime BEFORE UPDATE ON llx_ecm_files FOR EACH ROW EXECUTE PROCEDURE update_modified_column_tms();
|
||||
|
||||
|
||||
insert into llx_c_actioncomm (id, code, type, libelle, module, active, position) values ( 6,'AC_EMAIL_IN','system','reception Email',NULL, 1, 4);
|
||||
|
||||
|
||||
@ -301,3 +301,4 @@ ErrorActionCommPropertyUserowneridNotDefined=User's owner is required
|
||||
ErrorActionCommBadType=Selected event type (id: %n, code: %s) do not exist in Event Type dictionary
|
||||
CheckVersionFail=Version check fail
|
||||
ErrorWrongFileName=Name of the file cannot have __SOMETHING__ in it
|
||||
ErrorNotInDictionaryPaymentConditions=Not in Payment Terms Dictionary, please modify.
|
||||
|
||||
@ -31,7 +31,7 @@ AddWebsite=Add website
|
||||
Webpage=Web page/container
|
||||
AddPage=Add page/container
|
||||
PageContainer=Page
|
||||
PreviewOfSiteNotYetAvailable=Preview of your website <strong>%s</strong> not yet available. You must first '<strong>Import a full website template</strong>' or just '<strong>Add a page/container</strong>'.
|
||||
PreviewOfSiteNotYetAvailable=The preview of your website <strong>%s</strong> is not yet available. You must first '<strong>Import a full website template</strong>' or just '<strong>Add a page/container</strong>'.
|
||||
RequestedPageHasNoContentYet=Requested page with id %s has no content yet, or cache file .tpl.php was removed. Edit content of the page to solve this.
|
||||
SiteDeleted=Web site '%s' deleted
|
||||
PageContent=Page/Contenair
|
||||
|
||||
@ -10,10 +10,10 @@ SeparatorDecimal=,
|
||||
SeparatorThousand=Space
|
||||
FormatDateShort=%m/%d/%Y
|
||||
FormatDateShortInput=%m/%d/%Y
|
||||
FormatDateShortJava=MM/dd/jjjj
|
||||
FormatDateShortJavaInput=MM/dd/jjjj
|
||||
FormatDateShortJQuery=mm/dd/jj
|
||||
FormatDateShortJQueryInput=mm/dd/jj
|
||||
FormatDateShortJava=MM/dd/yyyy
|
||||
FormatDateShortJavaInput=MM/dd/yyyy
|
||||
FormatDateShortJQuery=mm/dd/yy
|
||||
FormatDateShortJQueryInput=mm/dd/yy
|
||||
FormatHourShortJQuery=HH:MI
|
||||
FormatHourShort=%I:%M %p
|
||||
FormatHourShortDuration=%H:%M
|
||||
|
||||
@ -53,25 +53,26 @@ if (!empty($_SERVER['MAIN_SHOW_TUNING_INFO'])) {
|
||||
|
||||
/**
|
||||
* Return the real char for a numeric entities.
|
||||
* This function is required by testSqlAndScriptInject().
|
||||
* WARNING: This function is required by testSqlAndScriptInject() and the GETPOST 'restricthtml'. Regex calling must be similar.
|
||||
*
|
||||
* @param string $matches String of numeric entity
|
||||
* @return string New value
|
||||
*/
|
||||
function realCharForNumericEntities($matches)
|
||||
{
|
||||
$newstringnumentity = $matches[1];
|
||||
$newstringnumentity = preg_replace('/;$/', '', $matches[1]);
|
||||
//print ' $newstringnumentity='.$newstringnumentity;
|
||||
|
||||
if (preg_match('/^x/i', $newstringnumentity)) {
|
||||
$newstringnumentity = hexdec(preg_replace('/^x/i', '', $newstringnumentity));
|
||||
}
|
||||
|
||||
// The numeric value we don't want as entities
|
||||
// The numeric value we don't want as entities because they encode ascii char, and why using html entities on ascii except for haking ?
|
||||
if (($newstringnumentity >= 65 && $newstringnumentity <= 90) || ($newstringnumentity >= 97 && $newstringnumentity <= 122)) {
|
||||
return chr((int) $newstringnumentity);
|
||||
}
|
||||
|
||||
return '&#'.$matches[1];
|
||||
return '&#'.$matches[1]; // Value will be unchanged because regex was /&#( )/
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
@ -240,14 +240,12 @@ class pdf_standard_myobject extends ModelePDFMyObject
|
||||
{
|
||||
if (empty($object->lines[$i]->fk_product)) continue;
|
||||
|
||||
$objphoto->fetch($object->lines[$i]->fk_product);
|
||||
//var_dump($objphoto->ref);exit;
|
||||
if (!empty($conf->global->PRODUCT_USE_OLD_PATH_FOR_PHOTO))
|
||||
{
|
||||
if (!empty($conf->global->PRODUCT_USE_OLD_PATH_FOR_PHOTO)) {
|
||||
$pdir[0] = get_exdir($objphoto->id, 2, 0, 0, $objphoto, 'product').$objphoto->id."/photos/";
|
||||
$pdir[1] = get_exdir(0, 0, 0, 0, $objphoto, 'product').dol_sanitizeFileName($objphoto->ref).'/';
|
||||
} else {
|
||||
$pdir[0] = get_exdir(0, 0, 0, 0, $objphoto, 'product').dol_sanitizeFileName($objphoto->ref).'/'; // default
|
||||
$pdir[0] = get_exdir(0, 0, 0, 0, $objphoto, 'product'); // default
|
||||
$pdir[1] = get_exdir($objphoto->id, 2, 0, 0, $objphoto, 'product').$objphoto->id."/photos/"; // alternative
|
||||
}
|
||||
|
||||
|
||||
@ -212,19 +212,19 @@ $help_url = '';
|
||||
llxHeader('', $title, $help_url);
|
||||
|
||||
// Example : Adding jquery code
|
||||
print '<script type="text/javascript" language="javascript">
|
||||
jQuery(document).ready(function() {
|
||||
function init_myfunc()
|
||||
{
|
||||
jQuery("#myid").removeAttr(\'disabled\');
|
||||
jQuery("#myid").attr(\'disabled\',\'disabled\');
|
||||
}
|
||||
init_myfunc();
|
||||
jQuery("#mybutton").click(function() {
|
||||
init_myfunc();
|
||||
});
|
||||
});
|
||||
</script>';
|
||||
// print '<script type="text/javascript" language="javascript">
|
||||
// jQuery(document).ready(function() {
|
||||
// function init_myfunc()
|
||||
// {
|
||||
// jQuery("#myid").removeAttr(\'disabled\');
|
||||
// jQuery("#myid").attr(\'disabled\',\'disabled\');
|
||||
// }
|
||||
// init_myfunc();
|
||||
// jQuery("#mybutton").click(function() {
|
||||
// init_myfunc();
|
||||
// });
|
||||
// });
|
||||
// </script>';
|
||||
|
||||
|
||||
// Part to create
|
||||
|
||||
@ -386,19 +386,19 @@ if ($num == 1 && !empty($conf->global->MAIN_SEARCH_DIRECT_OPEN_IF_ONLY_ONE) && $
|
||||
llxHeader('', $title, $help_url, '', 0, 0, $morejs, $morecss, '', 'classforhorizontalscrolloftabs');
|
||||
|
||||
// Example : Adding jquery code
|
||||
print '<script type="text/javascript" language="javascript">
|
||||
jQuery(document).ready(function() {
|
||||
function init_myfunc()
|
||||
{
|
||||
jQuery("#myid").removeAttr(\'disabled\');
|
||||
jQuery("#myid").attr(\'disabled\',\'disabled\');
|
||||
}
|
||||
init_myfunc();
|
||||
jQuery("#mybutton").click(function() {
|
||||
init_myfunc();
|
||||
});
|
||||
});
|
||||
</script>';
|
||||
// print '<script type="text/javascript" language="javascript">
|
||||
// jQuery(document).ready(function() {
|
||||
// function init_myfunc()
|
||||
// {
|
||||
// jQuery("#myid").removeAttr(\'disabled\');
|
||||
// jQuery("#myid").attr(\'disabled\',\'disabled\');
|
||||
// }
|
||||
// init_myfunc();
|
||||
// jQuery("#mybutton").click(function() {
|
||||
// init_myfunc();
|
||||
// });
|
||||
// });
|
||||
// </script>';
|
||||
|
||||
$arrayofselected = is_array($toselect) ? $toselect : array();
|
||||
|
||||
|
||||
@ -201,20 +201,6 @@ $title = $langs->trans('Mo')." - ".$langs->trans("Card");
|
||||
|
||||
llxHeader('', $title, '');
|
||||
|
||||
// Example : Adding jquery code
|
||||
print '<script type="text/javascript" language="javascript">
|
||||
jQuery(document).ready(function() {
|
||||
function init_myfunc()
|
||||
{
|
||||
jQuery("#myid").removeAttr(\'disabled\');
|
||||
jQuery("#myid").attr(\'disabled\',\'disabled\');
|
||||
}
|
||||
init_myfunc();
|
||||
jQuery("#mybutton").click(function() {
|
||||
init_myfunc();
|
||||
});
|
||||
});
|
||||
</script>';
|
||||
|
||||
|
||||
// Part to create
|
||||
|
||||
@ -299,20 +299,6 @@ if ($num == 1 && !empty($conf->global->MAIN_SEARCH_DIRECT_OPEN_IF_ONLY_ONE) && $
|
||||
|
||||
llxHeader('', $title, $help_url);
|
||||
|
||||
// Example : Adding jquery code
|
||||
print '<script type="text/javascript" language="javascript">
|
||||
jQuery(document).ready(function() {
|
||||
function init_myfunc()
|
||||
{
|
||||
jQuery("#myid").removeAttr(\'disabled\');
|
||||
jQuery("#myid").attr(\'disabled\',\'disabled\');
|
||||
}
|
||||
init_myfunc();
|
||||
jQuery("#mybutton").click(function() {
|
||||
init_myfunc();
|
||||
});
|
||||
});
|
||||
</script>';
|
||||
|
||||
$arrayofselected = is_array($toselect) ? $toselect : array();
|
||||
|
||||
|
||||
@ -398,20 +398,6 @@ if ($num == 1 && !empty($conf->global->MAIN_SEARCH_DIRECT_OPEN_IF_ONLY_ONE) && $
|
||||
|
||||
llxHeader('', $title, $help_url, '', 0, 0, $morejs, $morecss, '', 'classforhorizontalscrolloftabs');
|
||||
|
||||
// Example : Adding jquery code
|
||||
print '<script type="text/javascript" language="javascript">
|
||||
jQuery(document).ready(function() {
|
||||
function init_myfunc()
|
||||
{
|
||||
jQuery("#myid").removeAttr(\'disabled\');
|
||||
jQuery("#myid").attr(\'disabled\',\'disabled\');
|
||||
}
|
||||
init_myfunc();
|
||||
jQuery("#mybutton").click(function() {
|
||||
init_myfunc();
|
||||
});
|
||||
});
|
||||
</script>';
|
||||
|
||||
$arrayofselected = is_array($toselect) ? $toselect : array();
|
||||
|
||||
|
||||
@ -235,7 +235,7 @@ if (!empty($action) && $action == 'fetch' && !empty($id)) {
|
||||
// When used from jQuery, the search term is added as GET param "term".
|
||||
$searchkey = (($idprod && GETPOST($idprod, 'alpha')) ? GETPOST($idprod, 'alpha') : (GETPOST($htmlname, 'alpha') ? GETPOST($htmlname, 'alpha') : ''));
|
||||
|
||||
if (!is_object($form)) {
|
||||
if (!isset($form) || !is_object($form)) {
|
||||
$form = new Form($db);
|
||||
}
|
||||
|
||||
|
||||
@ -168,20 +168,6 @@ $help_url = 'EN:Module_Stocks_En|FR:Module_Stock|ES:Módulo_Stocks|DE:Modul_Best
|
||||
|
||||
llxHeader('', $title, $help_url);
|
||||
|
||||
// Example : Adding jquery code
|
||||
print '<script type="text/javascript" language="javascript">
|
||||
jQuery(document).ready(function() {
|
||||
function init_myfunc()
|
||||
{
|
||||
jQuery("#myid").removeAttr(\'disabled\');
|
||||
jQuery("#myid").attr(\'disabled\',\'disabled\');
|
||||
}
|
||||
init_myfunc();
|
||||
jQuery("#mybutton").click(function() {
|
||||
init_myfunc();
|
||||
});
|
||||
});
|
||||
</script>';
|
||||
|
||||
|
||||
// Part to create
|
||||
|
||||
@ -253,12 +253,11 @@ class pdf_standard_recruitmentjobposition extends ModelePDFRecruitmentJobPositio
|
||||
|
||||
$objphoto->fetch($object->lines[$i]->fk_product);
|
||||
//var_dump($objphoto->ref);exit;
|
||||
if (!empty($conf->global->PRODUCT_USE_OLD_PATH_FOR_PHOTO))
|
||||
{
|
||||
if (!empty($conf->global->PRODUCT_USE_OLD_PATH_FOR_PHOTO)) {
|
||||
$pdir[0] = get_exdir($objphoto->id, 2, 0, 0, $objphoto, 'product').$objphoto->id."/photos/";
|
||||
$pdir[1] = get_exdir(0, 0, 0, 0, $objphoto, 'product').dol_sanitizeFileName($objphoto->ref).'/';
|
||||
} else {
|
||||
$pdir[0] = get_exdir(0, 0, 0, 0, $objphoto, 'product').dol_sanitizeFileName($objphoto->ref).'/'; // default
|
||||
$pdir[0] = get_exdir(0, 0, 0, 0, $objphoto, 'product'); // default
|
||||
$pdir[1] = get_exdir($objphoto->id, 2, 0, 0, $objphoto, 'product').$objphoto->id."/photos/"; // alternative
|
||||
}
|
||||
|
||||
|
||||
@ -305,21 +305,6 @@ $title = $langs->trans("RecruitmentCandidature");
|
||||
$help_url = '';
|
||||
llxHeader('', $title, $help_url);
|
||||
|
||||
// Example : Adding jquery code
|
||||
print '<script type="text/javascript" language="javascript">
|
||||
jQuery(document).ready(function() {
|
||||
function init_myfunc()
|
||||
{
|
||||
jQuery("#myid").removeAttr(\'disabled\');
|
||||
jQuery("#myid").attr(\'disabled\',\'disabled\');
|
||||
}
|
||||
init_myfunc();
|
||||
jQuery("#mybutton").click(function() {
|
||||
init_myfunc();
|
||||
});
|
||||
});
|
||||
</script>';
|
||||
|
||||
|
||||
// Part to create
|
||||
if ($action == 'create') {
|
||||
|
||||
@ -348,21 +348,6 @@ if ($num == 1 && !empty($conf->global->MAIN_SEARCH_DIRECT_OPEN_IF_ONLY_ONE) && $
|
||||
|
||||
llxHeader('', $title, $help_url);
|
||||
|
||||
// Example : Adding jquery code
|
||||
print '<script type="text/javascript" language="javascript">
|
||||
jQuery(document).ready(function() {
|
||||
function init_myfunc()
|
||||
{
|
||||
jQuery("#myid").removeAttr(\'disabled\');
|
||||
jQuery("#myid").attr(\'disabled\',\'disabled\');
|
||||
}
|
||||
init_myfunc();
|
||||
jQuery("#mybutton").click(function() {
|
||||
init_myfunc();
|
||||
});
|
||||
});
|
||||
</script>';
|
||||
|
||||
$arrayofselected = is_array($toselect) ? $toselect : array();
|
||||
|
||||
$param = '';
|
||||
|
||||
@ -349,21 +349,6 @@ if ($num == 1 && !empty($conf->global->MAIN_SEARCH_DIRECT_OPEN_IF_ONLY_ONE) && $
|
||||
|
||||
llxHeader('', $title, $help_url);
|
||||
|
||||
// Example : Adding jquery code
|
||||
print '<script type="text/javascript" language="javascript">
|
||||
jQuery(document).ready(function() {
|
||||
function init_myfunc()
|
||||
{
|
||||
jQuery("#myid").removeAttr(\'disabled\');
|
||||
jQuery("#myid").attr(\'disabled\',\'disabled\');
|
||||
}
|
||||
init_myfunc();
|
||||
jQuery("#mybutton").click(function() {
|
||||
init_myfunc();
|
||||
});
|
||||
});
|
||||
</script>';
|
||||
|
||||
$arrayofselected = is_array($toselect) ? $toselect : array();
|
||||
|
||||
$param = '';
|
||||
|
||||
@ -1659,8 +1659,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) {
|
||||
$accountancy_code_buy = GETPOST('accountancy_code_buy', 'alpha');
|
||||
print $formaccounting->select_account($accountancy_code_buy, 'accountancy_code_buy', 1, null, 1, 1, '');
|
||||
print '</td></tr>';
|
||||
} else // For external software
|
||||
{
|
||||
} else { // For external software
|
||||
// Accountancy_code_sell
|
||||
print '<tr><td class="titlefieldcreate">'.$langs->trans("ProductAccountancySellCode").'</td>';
|
||||
print '<td class="maxwidthonsmartphone"><input class="minwidth100" name="accountancy_code_sell" value="'.$object->accountancy_code_sell.'">';
|
||||
@ -2364,8 +2363,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) {
|
||||
print '<td>';
|
||||
print $formaccounting->select_account($object->accountancy_code_buy, 'accountancy_code_buy', 1, '', 1, 1);
|
||||
print '</td></tr>';
|
||||
} else // For external software
|
||||
{
|
||||
} else { // For external software
|
||||
// Accountancy_code_sell
|
||||
print '<tr><td class="titlefield">'.$langs->trans("ProductAccountancySellCode").'</td>';
|
||||
print '<td><input name="accountancy_code_sell" class="maxwidth200" value="'.$object->accountancy_code_sell.'">';
|
||||
|
||||
@ -233,6 +233,10 @@ class WebsitePage extends CommonObject
|
||||
$this->aliasalt = ','.preg_replace('/,+$/', '', preg_replace('/^,+/', '', $this->aliasalt)).','; // content in database must be ',xxx,...,yyy,'
|
||||
}
|
||||
|
||||
$this->pageurl = preg_replace('/[^a-z0-9\-\_]/i', '', $this->pageurl);
|
||||
$this->pageurl = preg_replace('/\-\-+/', '-', $this->pageurl);
|
||||
$this->pageurl = preg_replace('/^\-/', '', $this->pageurl);
|
||||
|
||||
// Remove spaces and be sure we have main language only
|
||||
$this->lang = preg_replace('/[_-].*$/', '', trim($this->lang)); // en_US or en-US -> en
|
||||
|
||||
@ -576,6 +580,10 @@ class WebsitePage extends CommonObject
|
||||
$this->aliasalt = ','.preg_replace('/,+$/', '', preg_replace('/^,+/', '', $this->aliasalt)).','; // content in database must be ',xxx,...,yyy,'
|
||||
}
|
||||
|
||||
$this->pageurl = preg_replace('/[^a-z0-9\-\_]/i', '', $this->pageurl);
|
||||
$this->pageurl = preg_replace('/\-\-+/', '-', $this->pageurl);
|
||||
$this->pageurl = preg_replace('/^\-/', '', $this->pageurl);
|
||||
|
||||
// Remove spaces and be sure we have main language only
|
||||
$this->lang = preg_replace('/[_-].*$/', '', trim($this->lang)); // en_US or en-US -> en
|
||||
|
||||
|
||||
@ -117,22 +117,6 @@ $formfile = new FormFile($db);
|
||||
|
||||
llxHeader('', 'WebsiteAccount', '');
|
||||
|
||||
// Example : Adding jquery code
|
||||
print '<script type="text/javascript" language="javascript">
|
||||
jQuery(document).ready(function() {
|
||||
function init_myfunc()
|
||||
{
|
||||
jQuery("#myid").removeAttr(\'disabled\');
|
||||
jQuery("#myid").attr(\'disabled\',\'disabled\');
|
||||
}
|
||||
init_myfunc();
|
||||
jQuery("#mybutton").click(function() {
|
||||
init_myfunc();
|
||||
});
|
||||
});
|
||||
</script>';
|
||||
|
||||
|
||||
// Part to create
|
||||
if ($action == 'create') {
|
||||
print load_fiche_titre($langs->trans("NewObject", $langs->transnoentitiesnoconv("WebsiteAccount")));
|
||||
|
||||
@ -159,7 +159,7 @@ $help_url = 'EN:Module_Workstation';
|
||||
|
||||
llxHeader('', $title, $help_url);
|
||||
|
||||
// Example : Adding jquery code
|
||||
// jquery code
|
||||
?>
|
||||
<script type="text/javascript" language="javascript">
|
||||
|
||||
|
||||
@ -3,7 +3,10 @@
|
||||
|
||||
$path = __DIR__ . '/';
|
||||
|
||||
|
||||
$res=@include_once $path.'/../htdocs/master.inc.php';
|
||||
$res=@include_once $path.'/../../htdocs/master.inc.php';
|
||||
if (! $res) @include_once '../../master.inc.php';
|
||||
if (! $res) @include_once '../master.inc.php';
|
||||
if (! $res) @include_once './master.inc.php';
|
||||
include_once DOL_DOCUMENT_ROOT.'/societe/class/societe.class.php';
|
||||
|
||||
@ -87,7 +87,7 @@ class KnowledgeRecordTest extends PHPUnit\Framework\TestCase
|
||||
$db->begin(); // This is to have all actions inside a transaction even if test launched without suite.
|
||||
|
||||
if (empty($conf->knowledgemanagement->enabled)) {
|
||||
print __METHOD__." module knowledgemanagement order must be enabled.\n"; die(1);
|
||||
print __METHOD__." module knowledgemanagement must be enabled.\n"; die(1);
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@ -345,7 +345,7 @@ class SecurityTest extends PHPUnit\Framework\TestCase
|
||||
$_GET["param5"]="a_1-b";
|
||||
$_POST["param6"]=""><svg onload='console.log("123")'>";
|
||||
$_POST["param6b"]='<<<../>../>../svg><<<../>../>../animate =alert(1)>abc';
|
||||
$_GET["param7"]='"c:\this is a path~1\aaan" abc<bad>def</bad>';
|
||||
$_GET["param7"]='"c:\this is a path~1\aaan &#x110;" abc<bad>def</bad>';
|
||||
$_POST["param8a"]="Hacker<svg onload='console.log("123")'"; // html tag is not closed so it is not detected as html tag but is still harmfull
|
||||
$_POST['param8b']='<img src=x onerror=alert(document.location) t='; // this is html obfuscated by non closing tag
|
||||
$_POST['param8c']='< with space after is ok';
|
||||
@ -479,8 +479,8 @@ class SecurityTest extends PHPUnit\Framework\TestCase
|
||||
$this->assertEquals('">', $result);
|
||||
|
||||
$result=GETPOST("param7", 'restricthtml');
|
||||
print __METHOD__." result=".$result."\n";
|
||||
$this->assertEquals('"c:\this is a path~1\aaan" abcdef', $result);
|
||||
print __METHOD__." result param7 = ".$result."\n";
|
||||
$this->assertEquals('"c:\this is a path~1\aaan &#x;;;;" abcdef', $result);
|
||||
|
||||
$result=GETPOST("param12", 'restricthtml');
|
||||
print __METHOD__." result=".$result."\n";
|
||||
@ -488,11 +488,11 @@ class SecurityTest extends PHPUnit\Framework\TestCase
|
||||
|
||||
$result=GETPOST("param13", 'restricthtml');
|
||||
print __METHOD__." result=".$result."\n";
|
||||
$this->assertEquals('n n > < " <a href=\"alert(document.domain)\">XSS</a>', $result, 'Test that HTML entities are decoded with restricthtml, but only for common alpha chars');
|
||||
$this->assertEquals('n n > < " <a href=\"alert(document.domain)\">XSS</a>', $result, 'Test 13 that HTML entities are decoded with restricthtml, but only for common alpha chars');
|
||||
|
||||
$result=GETPOST("param13b", 'restricthtml');
|
||||
print __METHOD__." result=".$result."\n";
|
||||
$this->assertEquals('n n > < " <a href=\"jvascript:alert(document.domain)\">XSS</a>', $result, 'Test that HTML entities are decoded with restricthtml, but only for common alpha chars');
|
||||
$this->assertEquals('n n > < " <a href=\"alert(document.domain)\">XSS</a>', $result, 'Test 13b that HTML entities are decoded with restricthtml, but only for common alpha chars');
|
||||
|
||||
// Special test for GETPOST of backtopage, backtolist or backtourl parameter
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user