From 6574e54a41e9f2be5aae55c4478767e15b38236b Mon Sep 17 00:00:00 2001 From: ATM john Date: Tue, 4 May 2021 18:09:13 +0200 Subject: [PATCH 01/30] Fix saving template email --- htdocs/admin/mails_templates.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/htdocs/admin/mails_templates.php b/htdocs/admin/mails_templates.php index 60a15f4899e..f82e67096eb 100644 --- a/htdocs/admin/mails_templates.php +++ b/htdocs/admin/mails_templates.php @@ -257,7 +257,7 @@ if (empty($reshook)) $sql = "INSERT INTO ".$tabname[$id]." ("; // List of fields $sql .= $tabfieldinsert[$id]; - $sql .= ",active)"; + $sql .= ",active,enabled)"; $sql .= " VALUES("; // List of values @@ -289,7 +289,7 @@ if (empty($reshook)) $i++; } - $sql .= ", 1)"; + $sql .= ", 1, 1)"; dol_syslog("actionadd", LOG_DEBUG); $result = $db->query($sql); From 139ae3db0025ce86d1898739f3df4e6e7a24ec0a Mon Sep 17 00:00:00 2001 From: Marc de Lima Lucio <68746600+marc-dll@users.noreply.github.com> Date: Wed, 5 May 2021 11:49:11 +0200 Subject: [PATCH 02/30] FIX: pgsql: prevent 'WHERE 1' --- build/exe/doliwamp/config.inc.php.install | 2 +- htdocs/core/lib/functions.lib.php | 2 +- htdocs/user/class/user.class.php | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/build/exe/doliwamp/config.inc.php.install b/build/exe/doliwamp/config.inc.php.install index 19a3d36a45e..6ad04752766 100644 --- a/build/exe/doliwamp/config.inc.php.install +++ b/build/exe/doliwamp/config.inc.php.install @@ -542,7 +542,7 @@ $cfg['ThemePerServer'] = FALSE; // allow diferent theme for each co * %f will be replaced by a list of field names. * (%t and %f only applies to DefaultQueryTable) */ -$cfg['DefaultQueryTable'] = 'SELECT * FROM %t WHERE 1'; +$cfg['DefaultQueryTable'] = 'SELECT * FROM %t WHERE 1 = 1'; $cfg['DefaultQueryDatabase'] = ''; /** diff --git a/htdocs/core/lib/functions.lib.php b/htdocs/core/lib/functions.lib.php index fccb019a730..4148d385716 100644 --- a/htdocs/core/lib/functions.lib.php +++ b/htdocs/core/lib/functions.lib.php @@ -8123,7 +8123,7 @@ function getDictvalue($tablename, $field, $id, $checkentity = false, $rowidfield if (!isset($dictvalues[$tablename])) { $dictvalues[$tablename] = array(); - $sql = 'SELECT * FROM '.$tablename.' WHERE 1'; // Here select * is allowed as it is generic code and we don't have list of fields + $sql = 'SELECT * FROM '.$tablename.' WHERE 1 = 1'; // Here select * is allowed as it is generic code and we don't have list of fields if ($checkentity) $sql .= ' AND entity IN (0,'.getEntity($tablename).')'; $resql = $db->query($sql); diff --git a/htdocs/user/class/user.class.php b/htdocs/user/class/user.class.php index cc405571990..89995a4584e 100644 --- a/htdocs/user/class/user.class.php +++ b/htdocs/user/class/user.class.php @@ -3320,7 +3320,7 @@ class User extends CommonObject } else { - $sql .= " WHERE 1"; + $sql .= " WHERE 1 = 1"; } // Manage filter From 63292255ccbc7ad08270bb6820f033f2bc7ed0ff Mon Sep 17 00:00:00 2001 From: ATM john Date: Wed, 5 May 2021 18:45:23 +0200 Subject: [PATCH 03/30] Fix search accented words in product description --- htdocs/societe/consumption.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/societe/consumption.php b/htdocs/societe/consumption.php index cd82533fc88..420282c4cef 100644 --- a/htdocs/societe/consumption.php +++ b/htdocs/societe/consumption.php @@ -309,7 +309,7 @@ if (!empty($sql_select)) if ($sref) $sql.= " AND ".$doc_number." LIKE '%".$db->escape($sref)."%'"; if ($sprod_fulldescr) { - $sql.= " AND (d.description LIKE '%".$db->escape($sprod_fulldescr)."%'"; + $sql.= " AND (d.description LIKE '%".$db->escape($sprod_fulldescr)."%' OR d.description LIKE '%".$db->escape(dol_htmlentities($sprod_fulldescr))."%'"; if (GETPOST('type_element') != 'fichinter') $sql.= " OR p.ref LIKE '%".$db->escape($sprod_fulldescr)."%'"; if (GETPOST('type_element') != 'fichinter') $sql.= " OR p.label LIKE '%".$db->escape($sprod_fulldescr)."%'"; $sql.=")"; From 2fda3b1b46af161950b5e2a5e62553fcec4e475a Mon Sep 17 00:00:00 2001 From: John BOTELLA Date: Sat, 8 May 2021 13:53:20 +0200 Subject: [PATCH 04/30] FIX ; var case On this page $datePrint is not used but $dateprint yes --- htdocs/societe/consumption.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/societe/consumption.php b/htdocs/societe/consumption.php index 420282c4cef..aad5b004f9b 100644 --- a/htdocs/societe/consumption.php +++ b/htdocs/societe/consumption.php @@ -218,7 +218,7 @@ if ($type_element == 'propal') $where = " WHERE c.fk_soc = s.rowid AND s.rowid = ".$socid; $where.= " AND d.fk_propal = c.rowid"; $where.= " AND c.entity = ".$conf->entity; - $datePrint = 'c.datep'; + $dateprint = 'c.datep'; $doc_number='c.ref'; $thirdTypeSelect='customer'; } From 8fb474c6873cd23c9361febee6d1d7e56a8dce97 Mon Sep 17 00:00:00 2001 From: atm-lena Date: Tue, 11 May 2021 11:35:54 +0200 Subject: [PATCH 05/30] Add Hook Extrafields Update - init extrafieldssdao --- htdocs/core/class/extrafields.class.php | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/htdocs/core/class/extrafields.class.php b/htdocs/core/class/extrafields.class.php index d657c519650..f37d2e1932c 100644 --- a/htdocs/core/class/extrafields.class.php +++ b/htdocs/core/class/extrafields.class.php @@ -603,6 +603,8 @@ class ExtraFields */ public function update($attrname, $label, $type, $length, $elementtype, $unique = 0, $required = 0, $pos = 0, $param = '', $alwayseditable = 0, $perms = '', $list = '', $help = '', $default = '', $computed = '', $entity = '', $langfile = '', $enabled = '1', $totalizable = 0, $printable = 0) { + global $hookmanager; + if ($elementtype == 'thirdparty') $elementtype = 'societe'; if ($elementtype == 'contact') $elementtype = 'socpeople'; @@ -643,6 +645,18 @@ class ExtraFields } $field_desc = array('type'=>$typedb, 'value'=>$lengthdb, 'null'=>($required ? 'NOT NULL' : 'NULL'), 'default'=>$default); + if (is_object($hookmanager)) + { + $hookmanager->initHooks(array('extrafieldsdao')); + $parameters = array('field_desc'=>&$field_desc, 'table'=>$table, 'attr_name'=>$attrname, 'label'=>$label, 'type'=>$type, 'length'=>$length, 'unique'=>$unique, 'required'=>$required, 'pos'=>$pos, 'param'=>$param, 'alwayseditable'=>$alwayseditable, 'perms'=>$perms, 'list'=>$list, 'help'=>$help, 'default'=>$default, 'computed'=>$computed, 'entity'=>$entity, 'langfile'=>$langfile, 'enabled'=>$enabled, 'totalizable'=>$totalizable, 'printable'=>$printable); + $reshook = $hookmanager->executeHooks('updateExtrafields', $parameters, $this, $action); // Note that $action and $object may have been modified by some hooks + + if ($reshook < 0) { + $this->error = $this->db->lasterror(); + return -1; + } + } + if ($type != 'separate') // No table update when separate type { $result = $this->db->DDLUpdateField(MAIN_DB_PREFIX.$table, $attrname, $field_desc); From c2fa19a0b4c4ed66d671c947d02f630644ecfa63 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Tue, 11 May 2021 20:15:20 +0200 Subject: [PATCH 06/30] fix phpcs --- .travis.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.travis.yml b/.travis.yml index 1002216b7cb..dff10e73049 100644 --- a/.travis.yml +++ b/.travis.yml @@ -43,7 +43,7 @@ jobs: include: - if: type = push php: '5.5' - env: DB=postgresql + env: DB=mysql - if: type = pull_request OR type = push php: '7.4' env: DB=mysql From 56d78cf12a4e57ab23868ce7caf9eda017727fa0 Mon Sep 17 00:00:00 2001 From: Quentin VIAL-GOUTEYRON Date: Wed, 12 May 2021 11:02:27 +0200 Subject: [PATCH 07/30] FIX missing town and zip filter in contract list sql request --- htdocs/contrat/list.php | 2 ++ 1 file changed, 2 insertions(+) diff --git a/htdocs/contrat/list.php b/htdocs/contrat/list.php index a7b5114501f..96754e639fd 100644 --- a/htdocs/contrat/list.php +++ b/htdocs/contrat/list.php @@ -256,6 +256,8 @@ if ($search_email) $sql .= natural_search('s.email', $search_email); if ($search_contract) $sql .= natural_search(array('c.rowid', 'c.ref'), $search_contract); if (!empty($search_ref_customer)) $sql .= natural_search(array('c.ref_customer'), $search_ref_customer); if (!empty($search_ref_supplier)) $sql .= natural_search(array('c.ref_supplier'), $search_ref_supplier); +if ($search_zip) $sql .= natural_search(array('s.zip'), $search_zip); +if ($search_town) $sql .= natural_search(array('s.town'), $search_town); if ($search_sale > 0) { $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$search_sale; From c577d1c51eeb16c3abb33c022502d57b011aae5b Mon Sep 17 00:00:00 2001 From: Ferran Marcet Date: Thu, 13 May 2021 13:35:28 +0200 Subject: [PATCH 08/30] FIX: Impossible to add multiple localtax2 --- htdocs/admin/dict.php | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/htdocs/admin/dict.php b/htdocs/admin/dict.php index b7f65ddf91f..fbe7d924cbc 100644 --- a/htdocs/admin/dict.php +++ b/htdocs/admin/dict.php @@ -9,7 +9,7 @@ * Copyright (C) 2012-2015 Marcos García * Copyright (C) 2012 Christophe Battarel * Copyright (C) 2011-2016 Alexandre Spangaro - * Copyright (C) 2015 Ferran Marcet + * Copyright (C) 2015-2021 Ferran Marcet * Copyright (C) 2016 Raphaël Doursenaud * Copyright (C) 2019 Frédéric France * @@ -777,6 +777,9 @@ if (GETPOST('actionadd') || GETPOST('actionmodify')) elseif (in_array($keycode, array('joinfile', 'private', 'position', 'scale'))) { $sql .= (int) GETPOST($keycode, 'int'); } + elseif ($keycode == 'localtax2') { + $sql .= "'".GETPOST($keycode, 'alpha')."'"; + } else { $sql .= "'".$db->escape(GETPOST($keycode, 'nohtml'))."'"; } @@ -843,6 +846,9 @@ if (GETPOST('actionadd') || GETPOST('actionmodify')) elseif (in_array($keycode, array('private', 'position', 'scale'))) { $sql .= (int) GETPOST($keycode, 'int'); } + elseif ($keycode == 'localtax2') { + $sql .= "'".GETPOST($keycode, 'alpha')."'"; + } else { $sql .= "'".$db->escape(GETPOST($keycode, 'nohtml'))."'"; } From acadef72c1d8bd734573e3afdadff24271f70818 Mon Sep 17 00:00:00 2001 From: Maxime Kohlhaas Date: Fri, 14 May 2021 18:01:22 +0200 Subject: [PATCH 09/30] Fix use supplier relative discount in replenish order creation --- htdocs/product/stock/replenish.php | 3 +++ 1 file changed, 3 insertions(+) diff --git a/htdocs/product/stock/replenish.php b/htdocs/product/stock/replenish.php index dbf07c92d01..5d8e1f4a790 100644 --- a/htdocs/product/stock/replenish.php +++ b/htdocs/product/stock/replenish.php @@ -211,7 +211,9 @@ if ($action == 'order' && isset($_POST['valid'])) if ($resql && $db->num_rows($resql) > 0) { $obj = $db->fetch_object($resql); $order->fetch($obj->rowid); + $order->fetch_thirdparty(); foreach ($supplier['lines'] as $line) { + if(empty($line->remise_percent)) $line->remise_percent = $order->thirdparty->remise_supplier_percent; $result = $order->addline( $line->desc, $line->subprice, @@ -248,6 +250,7 @@ if ($action == 'order' && isset($_POST['valid'])) //trick to know which orders have been generated this way $order->source = 42; foreach ($supplier['lines'] as $line) { + if(empty($line->remise_percent)) $line->remise_percent = $order->thirdparty->remise_supplier_percent; $order->lines[] = $line; } $order->cond_reglement_id = $order->thirdparty->cond_reglement_supplier_id; From db32f882e8f03eb833dc59cd6cd45d8e32d88f27 Mon Sep 17 00:00:00 2001 From: Maxime Kohlhaas Date: Sat, 15 May 2021 07:45:04 +0200 Subject: [PATCH 10/30] Fix use of DatePropal instead of Date --- htdocs/comm/propal/card.php | 6 +++--- htdocs/comm/propal/list.php | 2 +- htdocs/core/modules/propale/doc/pdf_azur.modules.php | 2 +- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/htdocs/comm/propal/card.php b/htdocs/comm/propal/card.php index 32994e816de..ada520c293b 100644 --- a/htdocs/comm/propal/card.php +++ b/htdocs/comm/propal/card.php @@ -325,7 +325,7 @@ if (empty($reshook)) $duration = GETPOST('duree_validite', 'int'); if (empty($datep)) { - setEventMessages($langs->trans("ErrorFieldRequired", $langs->transnoentitiesnoconv("Date")), null, 'errors'); + setEventMessages($langs->trans("ErrorFieldRequired", $langs->transnoentitiesnoconv("DatePropal")), null, 'errors'); $action = 'create'; $error++; } @@ -1614,7 +1614,7 @@ if ($action == 'create') } // Date - print ''.$langs->trans('Date').''; + print ''.$langs->trans('DatePropal').''; print $form->selectDate('', '', '', '', '', "addprop", 1, 1); print ''; @@ -2044,7 +2044,7 @@ if ($action == 'create') print ''; print ''; print ''; if ($action != 'editdate' && $object->statut == Propal::STATUS_DRAFT && $usercancreate) print ''; diff --git a/htdocs/comm/propal/list.php b/htdocs/comm/propal/list.php index 522e8f5eaa3..f8481997051 100644 --- a/htdocs/comm/propal/list.php +++ b/htdocs/comm/propal/list.php @@ -157,7 +157,7 @@ $arrayfields = array( 'state.nom'=>array('label'=>"StateShort", 'checked'=>0), 'country.code_iso'=>array('label'=>"Country", 'checked'=>0), 'typent.code'=>array('label'=>"ThirdPartyType", 'checked'=>$checkedtypetiers), - 'p.date'=>array('label'=>"Date", 'checked'=>1), + 'p.date'=>array('label'=>"DatePropal", 'checked'=>1), 'p.fin_validite'=>array('label'=>"DateEnd", 'checked'=>1), 'p.date_livraison'=>array('label'=>"DeliveryDate", 'checked'=>0), 'ava.rowid'=>array('label'=>"AvailabilityPeriod", 'checked'=>0), diff --git a/htdocs/core/modules/propale/doc/pdf_azur.modules.php b/htdocs/core/modules/propale/doc/pdf_azur.modules.php index 1235a312006..44192cf6067 100644 --- a/htdocs/core/modules/propale/doc/pdf_azur.modules.php +++ b/htdocs/core/modules/propale/doc/pdf_azur.modules.php @@ -1533,7 +1533,7 @@ class pdf_azur extends ModelePDFPropales $posy += 4; $pdf->SetXY($posx, $posy); $pdf->SetTextColor(0, 0, 60); - $pdf->MultiCell(100, 3, $outputlangs->transnoentities("Date")." : ".dol_print_date($object->date, "day", false, $outputlangs, true), '', 'R'); + $pdf->MultiCell(100, 3, $outputlangs->transnoentities("DatePropal")." : ".dol_print_date($object->date, "day", false, $outputlangs, true), '', 'R'); $posy += 4; $pdf->SetXY($posx, $posy); From 1cbe0e3f2d2be8373950fe06daab4d23a1d47abc Mon Sep 17 00:00:00 2001 From: piernov Date: Sat, 15 May 2021 18:01:34 +0200 Subject: [PATCH 11/30] Fix: properly set gid for Group LDAP synchro Even if the gidNumber field was set in the configuration, a gid different from the Dolibarr's one was generated and stored into LDAP. Now the gidNumber is properly set to Dolibarr's gid if gidNumber field is set in the LDAP module configuration. --- .../core/triggers/interface_50_modLdap_Ldapsynchro.class.php | 4 ++-- htdocs/user/class/usergroup.class.php | 2 +- htdocs/user/group/ldap.php | 4 ++-- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/htdocs/core/triggers/interface_50_modLdap_Ldapsynchro.class.php b/htdocs/core/triggers/interface_50_modLdap_Ldapsynchro.class.php index ec6d23e2f01..17efdca41c5 100644 --- a/htdocs/core/triggers/interface_50_modLdap_Ldapsynchro.class.php +++ b/htdocs/core/triggers/interface_50_modLdap_Ldapsynchro.class.php @@ -282,8 +282,8 @@ class InterfaceLdapsynchro extends DolibarrTriggers $info=$object->_load_ldap_info(); $dn=$object->_load_ldap_dn($info); - // Get a gid number for objectclass PosixGroup - if (in_array('posixGroup', $info['objectclass'])) { + // Get a gid number for objectclass PosixGroup if none was provided + if (empty($info[$conf->global->LDAP_GROUP_FIELD_GROUPID]) && in_array('posixGroup', $info['objectclass'])) { $info['gidNumber'] = $ldap->getNextGroupGid('LDAP_KEY_GROUPS'); } diff --git a/htdocs/user/class/usergroup.class.php b/htdocs/user/class/usergroup.class.php index aa4a6b3f8b6..e1e003267b0 100644 --- a/htdocs/user/class/usergroup.class.php +++ b/htdocs/user/class/usergroup.class.php @@ -983,7 +983,7 @@ class UserGroup extends CommonObject } $info[$conf->global->LDAP_GROUP_FIELD_GROUPMEMBERS] = (!empty($valueofldapfield)?$valueofldapfield:''); } - if(!empty($info[$conf->global->LDAP_GROUP_FIELD_GROUPID])){ + if(!empty($conf->global->LDAP_GROUP_FIELD_GROUPID)){ $info[$conf->global->LDAP_GROUP_FIELD_GROUPID]=$this->id; } return $info; diff --git a/htdocs/user/group/ldap.php b/htdocs/user/group/ldap.php index eca923f68be..f28ca81c42a 100644 --- a/htdocs/user/group/ldap.php +++ b/htdocs/user/group/ldap.php @@ -69,8 +69,8 @@ if ($action == 'dolibarr2ldap') { $info=$object->_load_ldap_info(); - // Get a gid number for objectclass PosixGroup - if (in_array('posixGroup', $info['objectclass'])) { + // Get a gid number for objectclass PosixGroup if none was provided + if (empty($info[$conf->global->LDAP_GROUP_FIELD_GROUPID]) && in_array('posixGroup', $info['objectclass'])) { $info['gidNumber'] = $ldap->getNextGroupGid('LDAP_KEY_GROUPS'); } From 7af0bda3a532554cbdb728c72058112a7fce13ab Mon Sep 17 00:00:00 2001 From: Maxime Kohlhaas Date: Sun, 16 May 2021 11:33:07 +0200 Subject: [PATCH 12/30] Update admin_extrafields_view.tpl.php --- htdocs/core/tpl/admin_extrafields_view.tpl.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/core/tpl/admin_extrafields_view.tpl.php b/htdocs/core/tpl/admin_extrafields_view.tpl.php index 96620da28d9..79f852f49a9 100644 --- a/htdocs/core/tpl/admin_extrafields_view.tpl.php +++ b/htdocs/core/tpl/admin_extrafields_view.tpl.php @@ -120,7 +120,7 @@ if (is_array($extrafields->attributes[$elementtype]['type']) && count($extrafiel } else { - $colspan = 13; + $colspan = 14; if (!empty($conf->multicompany->enabled)) $colspan++; print ''; From f923c70f380d4145153b20bcbb8037caf7ea7a4c Mon Sep 17 00:00:00 2001 From: Ferran Marcet Date: Mon, 17 May 2021 10:17:54 +0200 Subject: [PATCH 13/30] Fix: Before there was no mistake --- htdocs/admin/dict.php | 10 ++-------- 1 file changed, 2 insertions(+), 8 deletions(-) diff --git a/htdocs/admin/dict.php b/htdocs/admin/dict.php index fbe7d924cbc..648537ec3f8 100644 --- a/htdocs/admin/dict.php +++ b/htdocs/admin/dict.php @@ -9,7 +9,7 @@ * Copyright (C) 2012-2015 Marcos García * Copyright (C) 2012 Christophe Battarel * Copyright (C) 2011-2016 Alexandre Spangaro - * Copyright (C) 2015-2021 Ferran Marcet + * Copyright (C) 2015 Ferran Marcet * Copyright (C) 2016 Raphaël Doursenaud * Copyright (C) 2019 Frédéric France * @@ -777,10 +777,7 @@ if (GETPOST('actionadd') || GETPOST('actionmodify')) elseif (in_array($keycode, array('joinfile', 'private', 'position', 'scale'))) { $sql .= (int) GETPOST($keycode, 'int'); } - elseif ($keycode == 'localtax2') { - $sql .= "'".GETPOST($keycode, 'alpha')."'"; - } - else { + else { $sql .= "'".$db->escape(GETPOST($keycode, 'nohtml'))."'"; } @@ -846,9 +843,6 @@ if (GETPOST('actionadd') || GETPOST('actionmodify')) elseif (in_array($keycode, array('private', 'position', 'scale'))) { $sql .= (int) GETPOST($keycode, 'int'); } - elseif ($keycode == 'localtax2') { - $sql .= "'".GETPOST($keycode, 'alpha')."'"; - } else { $sql .= "'".$db->escape(GETPOST($keycode, 'nohtml'))."'"; } From 547f1dd3703a625b72ee594b238c211a0a684297 Mon Sep 17 00:00:00 2001 From: Dorian Vabre Date: Mon, 17 May 2021 11:54:53 +0200 Subject: [PATCH 14/30] Fix: user rest api rights --- htdocs/user/class/api_users.class.php | 38 +++++++++++++-------------- 1 file changed, 19 insertions(+), 19 deletions(-) diff --git a/htdocs/user/class/api_users.class.php b/htdocs/user/class/api_users.class.php index fa139e2c69f..7c1eef84c2c 100644 --- a/htdocs/user/class/api_users.class.php +++ b/htdocs/user/class/api_users.class.php @@ -71,7 +71,7 @@ class Users extends DolibarrApi $obj_ret = array(); - if (!DolibarrApiAccess::$user->rights->user->user->lire) { + if (!DolibarrApiAccess::$user->rights->user->user->lire && !DolibarrApiAccess::$user->admin) { throw new RestException(401, "You are not allowed to read list of users"); } @@ -142,9 +142,9 @@ class Users extends DolibarrApi */ public function get($id, $includepermissions = 0) { - //if (!DolibarrApiAccess::$user->rights->user->user->lire) { - //throw new RestException(401); - //} + if (!DolibarrApiAccess::$user->rights->user->user->lire && !DolibarrApiAccess::$user->admin) { + throw new RestException(401); + } $result = $this->useraccount->fetch($id); if (!$result) @@ -208,9 +208,9 @@ class Users extends DolibarrApi public function post($request_data = null) { // check user authorization - //if(! DolibarrApiAccess::$user->rights->user->creer) { - // throw new RestException(401, "User creation not allowed"); - //} + if(! DolibarrApiAccess::$user->rights->user->creer && !DolibarrApiAccess::$user->admin) { + throw new RestException(401, "User creation not allowed"); + } // check mandatory fields /*if (!isset($request_data["login"])) throw new RestException(400, "login field missing"); @@ -242,9 +242,9 @@ class Users extends DolibarrApi */ public function put($id, $request_data = null) { - //if (!DolibarrApiAccess::$user->rights->user->user->creer) { - //throw new RestException(401); - //} + if (!DolibarrApiAccess::$user->rights->user->user->creer && !DolibarrApiAccess::$user->admin) { + throw new RestException(401); + } $result = $this->useraccount->fetch($id); if (!$result) @@ -299,7 +299,7 @@ class Users extends DolibarrApi { $obj_ret = array(); - if (!DolibarrApiAccess::$user->rights->user->user->lire) { + if (!DolibarrApiAccess::$user->rights->user->user->lire && !DolibarrApiAccess::$user->admin) { throw new RestException(401); } @@ -334,9 +334,9 @@ class Users extends DolibarrApi global $conf; - //if (!DolibarrApiAccess::$user->rights->user->user->supprimer) { - //throw new RestException(401); - //} + if (!DolibarrApiAccess::$user->rights->user->user->supprimer && !DolibarrApiAccess::$user->admin) { + throw new RestException(401); + } $result = $this->useraccount->fetch($id); if (!$result) { @@ -389,7 +389,7 @@ class Users extends DolibarrApi $obj_ret = array(); - if (!DolibarrApiAccess::$user->rights->user->group_advance->read) { + if (!DolibarrApiAccess::$user->rights->user->group_advance->read && !DolibarrApiAccess::$user->admin) { throw new RestException(401, "You are not allowed to read list of groups"); } @@ -463,7 +463,7 @@ class Users extends DolibarrApi { global $db, $conf; - if (!DolibarrApiAccess::$user->rights->user->group_advance->read) { + if (!DolibarrApiAccess::$user->rights->user->group_advance->read && !DolibarrApiAccess::$user->admin) { throw new RestException(401, "You are not allowed to read groups"); } @@ -486,9 +486,9 @@ class Users extends DolibarrApi */ public function delete($id) { - //if (!DolibarrApiAccess::$user->rights->user->user->supprimer) { - //throw new RestException(401); - //} + if (!DolibarrApiAccess::$user->rights->user->user->supprimer && !DolibarrApiAccess::$user->admin) { + throw new RestException(401); + } $result = $this->useraccount->fetch($id); if (!$result) { From a3aba28c95fd41c3db3b390f642b6fd05e873105 Mon Sep 17 00:00:00 2001 From: stickler-ci Date: Mon, 17 May 2021 10:06:41 +0000 Subject: [PATCH 15/30] Fixing style errors. --- htdocs/user/class/api_users.class.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/user/class/api_users.class.php b/htdocs/user/class/api_users.class.php index 7c1eef84c2c..39f3b302599 100644 --- a/htdocs/user/class/api_users.class.php +++ b/htdocs/user/class/api_users.class.php @@ -209,7 +209,7 @@ class Users extends DolibarrApi { // check user authorization if(! DolibarrApiAccess::$user->rights->user->creer && !DolibarrApiAccess::$user->admin) { - throw new RestException(401, "User creation not allowed"); + throw new RestException(401, "User creation not allowed"); } // check mandatory fields /*if (!isset($request_data["login"])) From c54e010126fb1cc297f644f5bf045a26a0c0b09c Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 17 May 2021 16:16:45 +0200 Subject: [PATCH 16/30] Fix perms on API user --- htdocs/user/class/api_users.class.php | 30 ++++++++++++++++----------- 1 file changed, 18 insertions(+), 12 deletions(-) diff --git a/htdocs/user/class/api_users.class.php b/htdocs/user/class/api_users.class.php index 39f3b302599..9f5ea935372 100644 --- a/htdocs/user/class/api_users.class.php +++ b/htdocs/user/class/api_users.class.php @@ -71,7 +71,7 @@ class Users extends DolibarrApi $obj_ret = array(); - if (!DolibarrApiAccess::$user->rights->user->user->lire && !DolibarrApiAccess::$user->admin) { + if (!DolibarrApiAccess::$user->rights->user->user->lire && empty(DolibarrApiAccess::$user->admin)) { throw new RestException(401, "You are not allowed to read list of users"); } @@ -142,7 +142,7 @@ class Users extends DolibarrApi */ public function get($id, $includepermissions = 0) { - if (!DolibarrApiAccess::$user->rights->user->user->lire && !DolibarrApiAccess::$user->admin) { + if (!DolibarrApiAccess::$user->rights->user->user->lire && empty(DolibarrApiAccess::$user->admin)) { throw new RestException(401); } @@ -177,7 +177,11 @@ class Users extends DolibarrApi */ public function getInfo() { - $apiUser = DolibarrApiAccess::$user; + if (empty(DolibarrApiAccess::$user->rights->user->user->lire) && empty(DolibarrApiAccess::$user->admin)) { + throw new RestException(401, 'Not allowed'); + } + + $apiUser = DolibarrApiAccess::$user; $result = $this->useraccount->fetch($apiUser->id); if (!$result) { @@ -208,7 +212,7 @@ class Users extends DolibarrApi public function post($request_data = null) { // check user authorization - if(! DolibarrApiAccess::$user->rights->user->creer && !DolibarrApiAccess::$user->admin) { + if (empty(DolibarrApiAccess::$user->rights->user->creer) && empty(DolibarrApiAccess::$user->admin)) { throw new RestException(401, "User creation not allowed"); } // check mandatory fields @@ -242,7 +246,7 @@ class Users extends DolibarrApi */ public function put($id, $request_data = null) { - if (!DolibarrApiAccess::$user->rights->user->user->creer && !DolibarrApiAccess::$user->admin) { + if (empty(DolibarrApiAccess::$user->rights->user->user->creer) && empty(DolibarrApiAccess::$user->admin)) { throw new RestException(401); } @@ -299,7 +303,7 @@ class Users extends DolibarrApi { $obj_ret = array(); - if (!DolibarrApiAccess::$user->rights->user->user->lire && !DolibarrApiAccess::$user->admin) { + if (empty(DolibarrApiAccess::$user->rights->user->user->lire) && empty(DolibarrApiAccess::$user->admin)) { throw new RestException(401); } @@ -334,7 +338,7 @@ class Users extends DolibarrApi global $conf; - if (!DolibarrApiAccess::$user->rights->user->user->supprimer && !DolibarrApiAccess::$user->admin) { + if (empty(DolibarrApiAccess::$user->rights->user->user->creer) && empty(DolibarrApiAccess::$user->admin)) { throw new RestException(401); } $result = $this->useraccount->fetch($id); @@ -389,9 +393,10 @@ class Users extends DolibarrApi $obj_ret = array(); - if (!DolibarrApiAccess::$user->rights->user->group_advance->read && !DolibarrApiAccess::$user->admin) { - throw new RestException(401, "You are not allowed to read list of groups"); - } + if ((empty($conf->global->MAIN_USE_ADVANCED_PERMS) && empty(DolibarrApiAccess::$user->rights->user->user->lire) && empty(DolibarrApiAccess::$user->admin)) || + !empty($conf->global->MAIN_USE_ADVANCED_PERMS) && empty(DolibarrApiAccess::$user->rights->user->group_advance->read) && empty(DolibarrApiAccess::$user->admin)) { + throw new RestException(401, "You are not allowed to read groups"); + } // case of external user, $societe param is ignored and replaced by user's socid //$socid = DolibarrApiAccess::$user->socid ? DolibarrApiAccess::$user->socid : $societe; @@ -463,7 +468,8 @@ class Users extends DolibarrApi { global $db, $conf; - if (!DolibarrApiAccess::$user->rights->user->group_advance->read && !DolibarrApiAccess::$user->admin) { + if ((empty($conf->global->MAIN_USE_ADVANCED_PERMS) && empty(DolibarrApiAccess::$user->rights->user->user->lire) && empty(DolibarrApiAccess::$user->admin)) || + !empty($conf->global->MAIN_USE_ADVANCED_PERMS) && empty(DolibarrApiAccess::$user->rights->user->group_advance->read) && empty(DolibarrApiAccess::$user->admin)) { throw new RestException(401, "You are not allowed to read groups"); } @@ -486,7 +492,7 @@ class Users extends DolibarrApi */ public function delete($id) { - if (!DolibarrApiAccess::$user->rights->user->user->supprimer && !DolibarrApiAccess::$user->admin) { + if (empty(DolibarrApiAccess::$user->rights->user->user->supprimer) && empty(DolibarrApiAccess::$user->admin)) { throw new RestException(401); } $result = $this->useraccount->fetch($id); From a865f49d72049f7ffbb949da11386ab151fdfd16 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 17 May 2021 19:19:26 +0200 Subject: [PATCH 17/30] Fix phpcs --- htdocs/user/class/api_users.class.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/user/class/api_users.class.php b/htdocs/user/class/api_users.class.php index 9f5ea935372..75aedba09bd 100644 --- a/htdocs/user/class/api_users.class.php +++ b/htdocs/user/class/api_users.class.php @@ -180,7 +180,7 @@ class Users extends DolibarrApi if (empty(DolibarrApiAccess::$user->rights->user->user->lire) && empty(DolibarrApiAccess::$user->admin)) { throw new RestException(401, 'Not allowed'); } - + $apiUser = DolibarrApiAccess::$user; $result = $this->useraccount->fetch($apiUser->id); From 6170b28c3b1419468bbb9dd05c18b057d3cf0af8 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Tue, 18 May 2021 11:58:49 +0200 Subject: [PATCH 18/30] FIx #17651 --- htdocs/product/stock/replenish.php | 16 +++++++++------- 1 file changed, 9 insertions(+), 7 deletions(-) diff --git a/htdocs/product/stock/replenish.php b/htdocs/product/stock/replenish.php index 5d8e1f4a790..d316d6cdf98 100644 --- a/htdocs/product/stock/replenish.php +++ b/htdocs/product/stock/replenish.php @@ -48,7 +48,7 @@ $hookmanager->initHooks(array('stockreplenishlist')); //checks if a product has been ordered -$action = GETPOST('action', 'alpha'); +$action = GETPOST('action', 'aZ09'); $sref = GETPOST('sref', 'alpha'); $snom = GETPOST('snom', 'alpha'); $sall = trim((GETPOST('search_all', 'alphanohtml') != '') ?GETPOST('search_all', 'alphanohtml') : GETPOST('sall', 'alphanohtml')); @@ -308,7 +308,7 @@ if (!empty($conf->global->STOCK_ALLOW_ADD_LIMIT_STOCK_BY_WAREHOUSE) && $fk_entre $sql = 'SELECT p.rowid, p.ref, p.label, p.description, p.price,'; -$sql .= ' p.price_ttc, p.price_base_type,p.fk_product_type,'; +$sql .= ' p.price_ttc, p.price_base_type, p.fk_product_type,'; $sql .= ' p.tms as datem, p.duration, p.tobuy,'; $sql .= ' p.desiredstock, p.seuil_stock_alerte,'; if (!empty($conf->global->STOCK_ALLOW_ADD_LIMIT_STOCK_BY_WAREHOUSE) && $fk_entrepot > 0) { @@ -326,11 +326,8 @@ $sql .= $hookmanager->resPrint; $sql .= ' FROM '.MAIN_DB_PREFIX.'product as p'; $sql .= ' LEFT JOIN '.MAIN_DB_PREFIX.'product_stock as s ON p.rowid = s.fk_product'; $sql .= ' LEFT JOIN '.MAIN_DB_PREFIX.'entrepot AS ent ON s.fk_entrepot = ent.rowid AND ent.entity IN('.getEntity('stock').')'; -if ($fk_supplier > 0) { - $sql .= ' INNER JOIN '.MAIN_DB_PREFIX.'product_fournisseur_price pfp ON (pfp.fk_product = p.rowid AND pfp.fk_soc = '.$fk_supplier.')'; -} if (!empty($conf->global->STOCK_ALLOW_ADD_LIMIT_STOCK_BY_WAREHOUSE) && $fk_entrepot > 0) { - $sql .= ' LEFT JOIN '.MAIN_DB_PREFIX.'product_warehouse_properties AS pse ON (p.rowid = pse.fk_product AND pse.fk_entrepot = '.$fk_entrepot.')'; + $sql .= ' LEFT JOIN '.MAIN_DB_PREFIX.'product_warehouse_properties AS pse ON (p.rowid = pse.fk_product AND pse.fk_entrepot = '.((int) $fk_entrepot).')'; } // Add fields from hooks @@ -352,6 +349,9 @@ if ($sref) $sql .= natural_search('p.ref', $sref); if ($snom) $sql .= natural_search('p.label', $snom); $sql .= ' AND p.tobuy = 1'; if (!empty($canvas)) $sql .= ' AND p.canvas = "'.$db->escape($canvas).'"'; +if ($fk_supplier > 0) { + $sql .= ' AND EXISTS (SELECT pfp.rowid FROM '.MAIN_DB_PREFIX.'product_fournisseur_price as pfp WHERE pfp.fk_product = p.rowid AND pfp.fk_soc = '.((int) $fk_supplier).' AND pfp.entity IN ('.getEntity('product_fournisseur_price').'))'; +} $sql .= ' GROUP BY p.rowid, p.ref, p.label, p.description, p.price'; $sql .= ', p.price_ttc, p.price_base_type,p.fk_product_type, p.tms'; $sql .= ', p.duration, p.tobuy'; @@ -762,7 +762,9 @@ while ($i < ($limit ? min($num, $limit) : $num)) print ''; // Current stock (all warehouses) - print ''; + print ''; // Already ordered print ''; From 90d159fbc3b9755201fde87ee19beb257b462b34 Mon Sep 17 00:00:00 2001 From: Adrien Raze Date: Tue, 18 May 2021 14:58:46 +0200 Subject: [PATCH 19/30] FIX : Missing hook in cibles.php (for mailing) --- htdocs/comm/mailing/cibles.php | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/htdocs/comm/mailing/cibles.php b/htdocs/comm/mailing/cibles.php index 8bfa82260b9..bf4b2e3d39c 100644 --- a/htdocs/comm/mailing/cibles.php +++ b/htdocs/comm/mailing/cibles.php @@ -66,6 +66,8 @@ $modulesdir = dolGetModulesDirs('/mailings'); $object = new Mailing($db); $result = $object->fetch($id); +// Initialize technical object to manage hooks of page. Note that conf->hooks_modules contains array of hook context +$hookmanager->initHooks(array('ciblescard', 'globalcard')); /* * Actions @@ -471,6 +473,10 @@ if ($object->fetch($id) >= 0) } } // End foreach dir + $parameters = array(); + $reshook = $hookmanager->executeHooks('formObjectOptions', $parameters, $object, $action); // Note that $action and $object may have been modified by hook + print $hookmanager->resPrint; + print ''; print '

'; From 57732d4265f36bfb1c80c50c8ad9c39b3819a1f1 Mon Sep 17 00:00:00 2001 From: gmilad <61253440+gmilad@users.noreply.github.com> Date: Tue, 18 May 2021 19:45:15 +0200 Subject: [PATCH 20/30] Fix issue #17608 for branch 10 Fix issue #17608 for branch 10 --- htdocs/admin/translation.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/admin/translation.php b/htdocs/admin/translation.php index 2a9983d95b1..1a3fa4d4122 100644 --- a/htdocs/admin/translation.php +++ b/htdocs/admin/translation.php @@ -200,7 +200,7 @@ if ($action == 'delete') $form = new Form($db); $formadmin = new FormAdmin($db); -$wikihelp='EN:Setup|FR:Paramétrage|ES:Configuración'; +$wikihelp = 'EN:Setup_Translation|FR:Paramétrage_Traduction|ES:Configuración_Traducción'; llxHeader('', $langs->trans("Setup"), $wikihelp); $param='&mode='.$mode; From 4bb18db90516bd71c43685c71131b3a1742af23d Mon Sep 17 00:00:00 2001 From: gmilad <61253440+gmilad@users.noreply.github.com> Date: Tue, 18 May 2021 19:53:35 +0200 Subject: [PATCH 21/30] Fix issue #17608 for branch 11 Fix issue #17608 for branch 11 --- htdocs/admin/translation.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/admin/translation.php b/htdocs/admin/translation.php index c641be11a59..23c2a69c127 100644 --- a/htdocs/admin/translation.php +++ b/htdocs/admin/translation.php @@ -197,7 +197,7 @@ if ($action == 'delete') $form = new Form($db); $formadmin = new FormAdmin($db); -$wikihelp = 'EN:Setup|FR:Paramétrage|ES:Configuración'; +$wikihelp = 'EN:Setup_Translation|FR:Paramétrage_Traduction|ES:Configuración_Traducción'; llxHeader('', $langs->trans("Setup"), $wikihelp); $param = '&mode='.$mode; From e2e6d4ba14434f52b8385bbbca5580250c6e3cc9 Mon Sep 17 00:00:00 2001 From: lvessiller Date: Wed, 19 May 2021 14:29:46 +0200 Subject: [PATCH 22/30] FIX keep special code on supplier order lines for external modules --- htdocs/fourn/commande/card.php | 2 ++ 1 file changed, 2 insertions(+) diff --git a/htdocs/fourn/commande/card.php b/htdocs/fourn/commande/card.php index 0b7eb338b69..ef127e84811 100644 --- a/htdocs/fourn/commande/card.php +++ b/htdocs/fourn/commande/card.php @@ -1239,6 +1239,8 @@ if (empty($reshook)) $tva_tx = get_default_tva($soc, $mysoc, $lines[$i]->fk_product, $product_fourn_price_id); } + $object->special_code = $lines[$i]->special_code; + $result = $object->addline( $desc, $lines[$i]->subprice, From 7d223beae53e05c5b671f745110ffdd231779b36 Mon Sep 17 00:00:00 2001 From: Florian HENRY Date: Mon, 24 May 2021 12:51:58 +0200 Subject: [PATCH 23/30] fix: export balance with doublequote --- htdocs/accountancy/bookkeeping/balance.php | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/htdocs/accountancy/bookkeeping/balance.php b/htdocs/accountancy/bookkeeping/balance.php index 6c15fd6615c..664f659fb46 100644 --- a/htdocs/accountancy/bookkeeping/balance.php +++ b/htdocs/accountancy/bookkeeping/balance.php @@ -158,11 +158,11 @@ if ($action == 'export_csv') foreach ($object->lines as $line) { - print length_accountg($line->numero_compte).$sep; - print $object->get_compte_desc($line->numero_compte).$sep; - print price($line->debit).$sep; - print price($line->credit).$sep; - print price($line->debit - $line->credit).$sep; + print '"'.length_accountg($line->numero_compte).'"'.$sep; + print '"'.$object->get_compte_desc($line->numero_compte).'"'.$sep; + print '"'.price($line->debit).'"'.$sep; + print '"'.price($line->credit).'"'.$sep; + print '"'.price($line->debit - $line->credit).'"'.$sep; print "\n"; } From 60176f7f5ed78b0e43a2240cb286722280c1bde7 Mon Sep 17 00:00:00 2001 From: piernov Date: Mon, 24 May 2021 18:01:27 +0200 Subject: [PATCH 24/30] Fix add/del user to group modifies LDAP group Adding or removing a user from a group modifies the user object on Dolibarr's side. In LDAP however, members of a group are stored in the group itself. Therefore group must be updated after adding/removing a user from it. Update group in LDAP with new list of users at the end of USER_MODIFY trigger. --- ...interface_50_modLdap_Ldapsynchro.class.php | 46 +++++++++++++++++++ 1 file changed, 46 insertions(+) diff --git a/htdocs/core/triggers/interface_50_modLdap_Ldapsynchro.class.php b/htdocs/core/triggers/interface_50_modLdap_Ldapsynchro.class.php index d0b91bcbe37..d92f4c3ecc4 100644 --- a/htdocs/core/triggers/interface_50_modLdap_Ldapsynchro.class.php +++ b/htdocs/core/triggers/interface_50_modLdap_Ldapsynchro.class.php @@ -126,6 +126,52 @@ class InterfaceLdapsynchro extends DolibarrTriggers $newparent = $object->_load_ldap_dn($info, 1); $result = $ldap->update($dn, $info, $user, $olddn, $newrdn, $newparent); + + if ($result > 0 && !empty($object->context['newgroupid'])) { // We are in context of adding a new group to user + $usergroup = new Usergroup($this->db); + + $usergroup->fetch($object->context['newgroupid']); + + $oldinfo = $usergroup->_load_ldap_info(); + $olddn = $usergroup->_load_ldap_dn($oldinfo); + + // Verify if entry exist + $container = $usergroup->_load_ldap_dn($oldinfo, 1); + $search = "(".$usergroup->_load_ldap_dn($oldinfo, 2).")"; + $records = $ldap->search($container, $search); + if (count($records) && $records['count'] == 0) + { + $olddn = ''; + } + + $info = $usergroup->_load_ldap_info(); // Contains all members, included the new one (insert already done before trigger call) + $dn = $usergroup->_load_ldap_dn($info); + + $result = $ldap->update($dn, $info, $user, $olddn); + } + + if ($result > 0 && !empty($object->context['oldgroupid'])) { // We are in context of removing a group from user + $usergroup = new Usergroup($this->db); + + $usergroup->fetch($object->context['oldgroupid']); + + $oldinfo = $usergroup->_load_ldap_info(); + $olddn = $usergroup->_load_ldap_dn($oldinfo); + + // Verify if entry exist + $container = $usergroup->_load_ldap_dn($oldinfo, 1); + $search = "(".$usergroup->_load_ldap_dn($oldinfo, 2).")"; + $records = $ldap->search($container, $search); + if (count($records) && $records['count'] == 0) + { + $olddn = ''; + } + + $info = $usergroup->_load_ldap_info(); // Contains all members, except the old one (remove already done before trigger call) + $dn = $usergroup->_load_ldap_dn($info); + + $result = $ldap->update($dn, $info, $user, $olddn); + } } if ($result < 0) $this->error = "ErrorLDAP ".$ldap->error; From 1d5b8cbb19f82a4c6192ee1c66bd677f5ce2a9bc Mon Sep 17 00:00:00 2001 From: Maxime Kohlhaas Date: Wed, 26 May 2021 14:59:28 +0200 Subject: [PATCH 25/30] Fix Quadra accountancy export for due date --- htdocs/accountancy/class/accountancyexport.class.php | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/htdocs/accountancy/class/accountancyexport.class.php b/htdocs/accountancy/class/accountancyexport.class.php index 114d0edf35a..0459c20a380 100644 --- a/htdocs/accountancy/class/accountancyexport.class.php +++ b/htdocs/accountancy/class/accountancyexport.class.php @@ -498,9 +498,8 @@ class AccountancyExport $Tab['contrepartie'] = str_repeat(' ', 8); // elarifr: date format must be fixed format : 6 char ddmmyy = %d%m%yand not defined by user / dolibarr setting - if (!empty($data->date_echeance)) - //$Tab['date_echeance'] = dol_print_date($data->date_echeance, $conf->global->ACCOUNTING_EXPORT_DATE); - $Tab['date_echeance'] = dol_print_date($data->date_echeance, '%d%m%y'); // elarifr: format must be ddmmyy + if (!empty($data->date_lim_reglement)) + $Tab['date_echeance'] = dol_print_date($data->date_lim_reglement, '%d%m%y'); // elarifr: format must be ddmmyy else $Tab['date_echeance'] = '000000'; From b3a6bcd34f6b66a69b8614eadb4d1b9b8c90da0c Mon Sep 17 00:00:00 2001 From: Maxime Kohlhaas Date: Wed, 26 May 2021 15:01:31 +0200 Subject: [PATCH 26/30] Fix Winfic accountancy export for due date --- htdocs/accountancy/class/accountancyexport.class.php | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/htdocs/accountancy/class/accountancyexport.class.php b/htdocs/accountancy/class/accountancyexport.class.php index 6fd3518689d..358d0e282c8 100644 --- a/htdocs/accountancy/class/accountancyexport.class.php +++ b/htdocs/accountancy/class/accountancyexport.class.php @@ -617,9 +617,8 @@ class AccountancyExport $Tab['code_stat'] = str_repeat(' ', 4); - if (!empty($data->date_echeance)) - //$Tab['date_echeance'] = dol_print_date($data->date_echeance, $conf->global->ACCOUNTING_EXPORT_DATE); - $Tab['date_echeance'] = dol_print_date($data->date_echeance, '%d%m%Y'); + if (!empty($data->date_lim_reglement)) + $Tab['date_echeance'] = dol_print_date($data->date_lim_reglement, '%d%m%Y'); else $Tab['date_echeance'] = dol_print_date($data->doc_date, '%d%m%Y'); From 9c83bdff519aa2a6ce88ad98083efcbb79c6b184 Mon Sep 17 00:00:00 2001 From: Adrien Raze Date: Wed, 26 May 2021 17:02:34 +0200 Subject: [PATCH 27/30] FIX : Add parameters (object and action) for user list DoActions hook --- htdocs/user/list.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/user/list.php b/htdocs/user/list.php index 1f59656dcbd..e2b4fd3889d 100644 --- a/htdocs/user/list.php +++ b/htdocs/user/list.php @@ -154,7 +154,7 @@ if (GETPOST('cancel', 'alpha')) { $action = 'list'; $massaction = ''; } if (!GETPOST('confirmmassaction', 'alpha') && $massaction != 'presend' && $massaction != 'confirm_presend' && $massaction != 'confirm_createbills') { $massaction = ''; } $parameters = array(); -$reshook = $hookmanager->executeHooks('doActions', $parameters); // Note that $action and $object may have been modified by some hooks +$reshook = $hookmanager->executeHooks('doActions', $parameters, $object, $action); // Note that $action and $object may have been modified by some hooks if ($reshook < 0) setEventMessages($hookmanager->error, $hookmanager->errors, 'errors'); if (empty($reshook)) From 3ebe6eb014d440b7602a40252fc2fbb9ffc1caa3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20FRANCE?= Date: Thu, 27 May 2021 00:02:01 +0200 Subject: [PATCH 28/30] fix bad setup of MAIN_USE_BACKGROUND_ON_PDF --- htdocs/core/lib/pdf.lib.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/htdocs/core/lib/pdf.lib.php b/htdocs/core/lib/pdf.lib.php index 1babc31b4c2..281e45baf51 100644 --- a/htdocs/core/lib/pdf.lib.php +++ b/htdocs/core/lib/pdf.lib.php @@ -623,8 +623,8 @@ function pdf_pagehead(&$pdf, $outputlangs, $page_height) { global $conf; - // Add a background image on document - if (!empty($conf->global->MAIN_USE_BACKGROUND_ON_PDF)) // Warning, this option make TCPDF generation being crazy and some content disappeared behind the image + // Add a background image on document only if good setup of const + if (!empty($conf->global->MAIN_USE_BACKGROUND_ON_PDF) && ($conf->global->MAIN_USE_BACKGROUND_ON_PDF != '-1')) // Warning, this option make TCPDF generation being crazy and some content disappeared behind the image { $pdf->SetAutoPageBreak(0, 0); // Disable auto pagebreak before adding image $pdf->Image($conf->mycompany->dir_output.'/logos/'.$conf->global->MAIN_USE_BACKGROUND_ON_PDF, (isset($conf->global->MAIN_USE_BACKGROUND_ON_PDF_X) ? $conf->global->MAIN_USE_BACKGROUND_ON_PDF_X : 0), (isset($conf->global->MAIN_USE_BACKGROUND_ON_PDF_Y) ? $conf->global->MAIN_USE_BACKGROUND_ON_PDF_Y : 0), 0, $page_height); From c91b9d613afc5c72f27b59e554b53a75ed3cc299 Mon Sep 17 00:00:00 2001 From: Florian HENRY Date: Tue, 1 Jun 2021 15:30:17 +0200 Subject: [PATCH 29/30] FIX: order supplier stats by category now display figures --- htdocs/commande/class/commandestats.class.php | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/htdocs/commande/class/commandestats.class.php b/htdocs/commande/class/commandestats.class.php index cbb93b940de..7d98c5be996 100644 --- a/htdocs/commande/class/commandestats.class.php +++ b/htdocs/commande/class/commandestats.class.php @@ -78,6 +78,7 @@ class CommandeStats extends Stats $this->field = 'total_ht'; $this->field_line = 'total_ht'; $this->where .= " c.fk_statut > 0"; // Not draft and not cancelled + $this->categ_link=MAIN_DB_PREFIX.'categorie_societe'; } elseif ($mode == 'supplier') { @@ -87,6 +88,7 @@ class CommandeStats extends Stats $this->field = 'total_ht'; $this->field_line = 'total_ht'; $this->where .= " c.fk_statut > 2"; // Only approved & ordered + $this->categ_link=MAIN_DB_PREFIX.'categorie_fournisseur'; } //$this->where.= " AND c.fk_soc = s.rowid AND c.entity = ".$conf->entity; $this->where .= ' AND c.entity IN ('.getEntity('commande').')'; @@ -106,7 +108,7 @@ class CommandeStats extends Stats if ($categid) { - $this->join .= ' LEFT JOIN '.MAIN_DB_PREFIX.'categorie_societe as cats ON cats.fk_soc = c.fk_soc'; + $this->join .= ' LEFT JOIN '.$this->categ_link.' as cats ON cats.fk_soc = c.fk_soc'; $this->join .= ' LEFT JOIN '.MAIN_DB_PREFIX.'categorie as cat ON cat.rowid = cats.fk_categorie'; $this->where .= ' AND cat.rowid = '.$categid; } From f875bcfe09be360570096a8b610396a4574a3b09 Mon Sep 17 00:00:00 2001 From: atm-greg Date: Wed, 2 Jun 2021 10:30:48 +0200 Subject: [PATCH 30/30] update ->nom field if different from ->name --- htdocs/user/class/usergroup.class.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/user/class/usergroup.class.php b/htdocs/user/class/usergroup.class.php index 20ac35b370f..b271eec5754 100644 --- a/htdocs/user/class/usergroup.class.php +++ b/htdocs/user/class/usergroup.class.php @@ -675,7 +675,7 @@ class UserGroup extends CommonObject { global $user, $conf; - if (empty($this->nom) && !empty($this->name)) { + if ((empty($this->nom) || $this->nom != $this->name) && !empty($this->name)) { $this->nom = $this->name; }
'; - print $langs->trans('Date'); + print $langs->trans('DatePropal'); print 'id.'">'.img_edit($langs->trans('SetDate'), 1).'
'.$alertstock.''.$warning.$stock.''.$warning.$stock; + print ''; + print ''.$ordered.' '.$picto.'