diff --git a/ChangeLog b/ChangeLog index 6664dbe8941..d4bcd3ea17c 100644 --- a/ChangeLog +++ b/ChangeLog @@ -3,6 +3,90 @@ English Dolibarr ChangeLog -------------------------------------------------------------- +***** ChangeLog for 8.0.5 compared to 8.0.4 ***** +FIX: #10381 +FIX: #10460 compatibility with MariaDB 10.4 +FIX: #11025 +FIX: Accountancy - Add transaction with multicompany use all the time 1st entity +FIX: Accountancy - Format EBP import +FIX: actioncomm export: ORDER BY clause is in wrong export property + event type filter does not work +FIX: actioncomm: sort events by date after external calendars and hook +FIX: action list: add printFieldListSelect and printFieldListWhere hooks +FIX: add fk_unit on addline action +FIX: avoid php warning +FIX: bad sql request +FIX: better method +FIX: better test +FIX: better test on fetch +FIX: broken external authentication module feature and avoid warning +FIX: Can not create contract with numbering module without autogen rule +FIX: can't add lines on invoices +FIX: Can't generate invoice pdf +FIX: Can't insert if there is extrafields mandatory on another entity. +FIX: Can't insert if there is extrafields mandatory on another entity. FIX: Can't set default value of extrafield of type varchar +FIX: Check for old picture name if the new one was not found +FIX: Civility not saved when creating a member. +FIX: $conf->fournisseur->commande->enabled doesn't exist, we must use $conf->fournisseur->enabled +FIX: could not create several superadmin in transversal mode +FIX: credit note can have negative value +FIX: Default value on sales representative on third party creation +FIX: Don't show journal:getNomUrl without data +FIX: Erreur dans le Total +FIX: error messages not displayed +FIX: expedition: reset status on rollback + replace hardcoded status with const +FIX: Fix PHP warning "count(): Parameter must be an array..." +FIX: fk_default_warehouse missing in group by +FIX: function sendEmailsReminder isn't completely developed, then MAIN_FEATURES_LEVEL must be 2 to "use" it +FIX: holidays get natural_search if search params are set only +FIX: if empty error message, we just see "error" displayed +FIX: if(!method_exists(dol_loginfunction)) +FIX: If we build one invoice for several orders, we must put the ref of order on the line to not lose information. +FIX: in fact expensereport must be in $check array +FIX: Interface regression for bind people. Fix option MAIN_OPTIMIZEFORTEXTBROWSER +FIX: line edit template: keep fk_parent_line +FIX: Loan impossible to account +FIX: Mark credit note as available for credit note in other currency +FIX: missing access security checking with multicompany +FIX: missing entity filter and wrong var name +FIX: missing entity filter in function "build_filterField()" (export) +FIX: Missing field in import/export of users +FIX: missing hook completeTabsHead in margins module +FIX: missing $ismultientitymanaged for previous/next ref +FIX: Missing province in export of invoice +FIX: multicompany compatibility +FIX: must fetch member in current entity +FIX: need an order by in case we found other invoice with same number but not same date +FIX: need to round with 2 decimals to avoid movements not correctly balanced +FIX: no need to test anything to display documents tabs on expense report +FIX: positive values creating diff on addline rounding +FIX: problem with multicompany transverse mode +FIX: Product accountancey sell intra code must be visible if main feature level 1 +FIX: project_title for display of getNomUrl() +FIX: quick search for supplier orders +FIX: Remane of project +FIX: same thing here +FIX: Selection of email recipient with option MAIN_OPTIMIZEFORTEXTBROWSER +FIX: several hooks in shipping/delivery cards +FIX: shipping default warehouse if only one warehouse +FIX: SQL injection on rowid of dict.php +FIX: 'statut' is ignored when updating a user with the REST API. +FIX: supplier invoice payment total dont care about deposit or credit +FIX: supplier invoice product stats total ht is line total not invoice total +FIX: The minimum amount filter does not work in the VAT report per customer +FIX: Total per day shows 00:00 if the total time spent is equal to 12:00 +FIX: Update/delete currency on same languages +FIX: [URGENT] broken feature, "$usercancreate" is for Dolibarr 9 +FIX: useless join +FIX: we need to keep originline special_code +FIX: we want to be able to reopen fourn credit note +FIX: when 2 extra fields are mandatory in 2 different entities +FIX: when we add a payment on an invoice which already has payments with credit note or deposit amount, and then we get an excess received, discount amount must be $total_paiements + $total_creditnote_and_deposit - $object->total_ttc; +FIX: when we create deposit with multi tva, we mustn't add line if amount = 0 (example when we have a 100% reduc on one of origin invoice line) +FIX: wrong redirect link on holiday refuse +FIX: wrong test enabled +FIX: Wrong variable name +FIX: XSS + ***** ChangeLog for 8.0.4 compared to 8.0.3 ***** FIX: #10030 better german chart FIX: #10036 diff --git a/htdocs/admin/multicurrency.php b/htdocs/admin/multicurrency.php index b301a2c7a03..54ba9e6b1ce 100644 --- a/htdocs/admin/multicurrency.php +++ b/htdocs/admin/multicurrency.php @@ -106,9 +106,7 @@ elseif ($action == 'update_currency') { $error = 0; - $submit = GETPOST('submit', 'alpha'); - - if ($submit == $langs->trans('Modify')) + if (GETPOST('updatecurrency', 'alpha')) { $fk_multicurrency = GETPOST('fk_multicurrency', 'int'); $rate = price2num(GETPOST('rate', 'alpha')); @@ -127,7 +125,7 @@ elseif ($action == 'update_currency') } } } - elseif ($submit == $langs->trans('Delete')) + elseif (GETPOST('deletecurrency', 'alpha')) { $fk_multicurrency = GETPOST('fk_multicurrency', 'int'); $currency = new MultiCurrency($db); @@ -334,8 +332,8 @@ foreach ($TCurrency as &$currency) print ''; print '1 '.$conf->currency.' = '; print ' '.$currency->code.' '; - print ' '; - print ''; + print ' '; + print ''; print ''; print ''; } diff --git a/htdocs/comm/action/index.php b/htdocs/comm/action/index.php index c4d719b2e6f..9824334b325 100644 --- a/htdocs/comm/action/index.php +++ b/htdocs/comm/action/index.php @@ -1006,6 +1006,11 @@ if (! empty($hookmanager->resArray['eventarray'])) { } } +// Sort events +foreach($eventarray as $keyDate => &$dateeventarray) +{ + usort($dateeventarray, 'sort_events_by_date'); +} $maxnbofchar=0; @@ -1700,3 +1705,22 @@ function dol_color_minus($color, $minus, $minusunit = 16) } return $newcolor; } + + +/** + * Sort events by date + * + * @param object $a Event A + * @param object $b Event B + * @return int < 0 if event A should be before event B, > 0 otherwise, 0 if they have the exact same time slot + */ +function sort_events_by_date($a, $b) +{ + if($a->datep != $b->datep) + { + return $a->datep - $b->datep; + } + + // If both events have the same start time, longest first + return $b->datef - $a->datef; +} diff --git a/htdocs/comm/remx.php b/htdocs/comm/remx.php index a66e8e66500..eb1c14a4beb 100644 --- a/htdocs/comm/remx.php +++ b/htdocs/comm/remx.php @@ -1,7 +1,8 @@ - * Copyright (C) 2004-2012 Laurent Destailleur - * Copyright (C) 2008 Raphael Bertrand (Resultic) +/* Copyright (C) 2001-2004 Rodolphe Quiedeville + * Copyright (C) 2004-2012 Laurent Destailleur + * Copyright (C) 2008 Raphael Bertrand (Resultic) + * Copyright (C) 2019 Frédéric France * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -127,6 +128,8 @@ if ($action == 'confirm_split' && GETPOST("confirm") == 'yes') $db->begin(); $discount->fk_facture_source=0; // This is to delete only the require record (that we will recreate with two records) and not all family with same fk_facture_source + // This is to delete only the require record (that we will recreate with two records) and not all family with same fk_invoice_supplier_source + $discount->fk_invoice_supplier_source=0; $res=$discount->delete($user); $newid1=$newdiscount1->create($user); $newid2=$newdiscount2->create($user); diff --git a/htdocs/compta/facture/card.php b/htdocs/compta/facture/card.php index cc58f1e6dec..10a8296c144 100644 --- a/htdocs/compta/facture/card.php +++ b/htdocs/compta/facture/card.php @@ -1537,14 +1537,16 @@ if (empty($reshook)) $datefacture = dol_mktime(12, 0, 0, $_POST['remonth'], $_POST['reday'], $_POST['reyear']); if (empty($datefacture)) { $error++; - $mesg = '
' . $langs->trans("ErrorFieldRequired", $langs->trans("Date")) . '
'; + $mesg = $langs->trans("ErrorFieldRequired", $langs->trans("Date")); + setEventMessages($mesg, null, 'errors'); } $date_pointoftax = dol_mktime(12, 0, 0, $_POST['date_pointoftaxmonth'], $_POST['date_pointoftaxday'], $_POST['date_pointoftaxyear']); if (!($_POST['situations'] > 0)) { $error++; - $mesg = '
' . $langs->trans("ErrorFieldRequired", $langs->trans("InvoiceSituation")) . '
'; + $mesg = $langs->trans("ErrorFieldRequired", $langs->trans("InvoiceSituation")); + setEventMessages($mesg, null, 'errors'); } if (!$error) { @@ -2270,11 +2272,13 @@ if (empty($reshook)) if (!$object->fetch($id) > 0) dol_print_error($db); if (!is_null(GETPOST('all_progress')) && GETPOST('all_progress') != "") { + $all_progress = GETPOST('all_progress', 'int'); foreach ($object->lines as $line) { $percent = $line->get_prev_progress($object->id); - if (GETPOST('all_progress') < $percent) { - $mesg = '
' . $langs->trans("CantBeLessThanMinPercent") . '
'; + if (floatval($all_progress) < floatval($percent)) { + $mesg = $langs->trans("Line") . ' ' . $i . ' '. $line->ref .' : ' . $langs->trans("CantBeLessThanMinPercent"); + setEventMessages($mesg, null, 'warnings'); $result = -1; } else $object->update_percent($line, $_POST['all_progress']); diff --git a/htdocs/compta/facture/class/facture.class.php b/htdocs/compta/facture/class/facture.class.php index d303e6edf21..93f67a5a064 100644 --- a/htdocs/compta/facture/class/facture.class.php +++ b/htdocs/compta/facture/class/facture.class.php @@ -4492,7 +4492,7 @@ class FactureLigne extends CommonInvoiceLine $sql.= " '".$this->db->escape($this->localtax1_type)."',"; $sql.= " '".$this->db->escape($this->localtax2_type)."',"; $sql.= ' '.(! empty($this->fk_product)?$this->fk_product:"null").','; - $sql.= " ".$this->product_type.","; + $sql.= " ".((int) $this->product_type).","; $sql.= " ".price2num($this->remise_percent).","; $sql.= " ".price2num($this->subprice).","; $sql.= ' '.(! empty($this->fk_remise_except)?$this->fk_remise_except:"null").','; diff --git a/htdocs/contrat/list.php b/htdocs/contrat/list.php index b4255046ad4..c7b75a26ee1 100644 --- a/htdocs/contrat/list.php +++ b/htdocs/contrat/list.php @@ -3,7 +3,7 @@ * Copyright (C) 2004-2017 Laurent Destailleur * Copyright (C) 2005-2012 Regis Houssin * Copyright (C) 2013 Cédric Salvador - * Copyright (C) 2014 Juanjo Menent + * Copyright (C) 2014-2019 Juanjo Menent * Copyright (C) 2015 Claudio Aschieri * Copyright (C) 2015 Jean-François Ferry * Copyright (C) 2016-2018 Ferran Marcet @@ -45,14 +45,14 @@ $confirm=GETPOST('confirm','alpha'); $toselect = GETPOST('toselect', 'array'); $contextpage= GETPOST('contextpage','aZ')?GETPOST('contextpage','aZ'):'contractlist'; // To manage different context of search -$search_name=GETPOST('search_name'); -$search_email=GETPOST('search_email'); +$search_name=GETPOST('search_name', 'alpha'); +$search_email=GETPOST('search_email', 'alpha'); $search_town=GETPOST('search_town','alpha'); $search_zip=GETPOST('search_zip','alpha'); $search_state=trim(GETPOST("search_state")); $search_country=GETPOST("search_country",'int'); $search_type_thirdparty=GETPOST("search_type_thirdparty",'int'); -$search_contract=GETPOST('search_contract'); +$search_contract=GETPOST('search_contract','alpha'); $search_ref_customer=GETPOST('search_ref_customer','alpha'); $search_ref_supplier=GETPOST('search_ref_supplier','alpha'); $sall=trim((GETPOST('search_all', 'alphanohtml')!='')?GETPOST('search_all', 'alphanohtml'):GETPOST('sall', 'alphanohtml')); diff --git a/htdocs/contrat/services_list.php b/htdocs/contrat/services_list.php index 66c56e2a162..88ea8a08e28 100644 --- a/htdocs/contrat/services_list.php +++ b/htdocs/contrat/services_list.php @@ -4,6 +4,7 @@ * Copyright (C) 2005-2012 Regis Houssin * Copyright (C) 2015 Jean-François Ferry * Copyright (C) 2018 Ferran Marcet + * Copyright (C) 2019 Juanjo Menent * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -46,9 +47,9 @@ if (! $sortorder) $sortorder="ASC"; $mode = GETPOST("mode"); $filter=GETPOST("filter"); -$search_name=GETPOST("search_name"); -$search_contract=GETPOST("search_contract"); -$search_service=GETPOST("search_service"); +$search_name=GETPOST("search_name", 'alpha'); +$search_contract=GETPOST("search_contract", 'alpha'); +$search_service=GETPOST("search_service", 'alpha'); $search_status=GETPOST("search_status","alpha"); $statut=GETPOST('statut')?GETPOST('statut'):1; $search_product_category=GETPOST('search_product_category','int'); diff --git a/htdocs/core/class/html.formmargin.class.php b/htdocs/core/class/html.formmargin.class.php index da8acce83d4..72352bc5bdb 100644 --- a/htdocs/core/class/html.formmargin.class.php +++ b/htdocs/core/class/html.formmargin.class.php @@ -91,7 +91,7 @@ class FormMargin $line->pa_ht = $line->subprice * (1 - ($line->remise_percent / 100)); } - $pv = $line->qty * $line->subprice * (1 - $line->remise_percent / 100); + $pv = $line->total_ht; $pa_ht = ($pv < 0 ? - $line->pa_ht : $line->pa_ht); // We choosed to have line->pa_ht always positive in database, so we guess the correct sign $pa = $line->qty * $pa_ht; diff --git a/htdocs/core/js/timesheet.js b/htdocs/core/js/timesheet.js index aaec6971e2f..4eae63154d4 100644 --- a/htdocs/core/js/timesheet.js +++ b/htdocs/core/js/timesheet.js @@ -91,17 +91,11 @@ function parseTime(timeStr, dt) dt = new Date(); } - var time = timeStr.match(/(\d+)(?::(\d\d))?\s*(p?)/i); + var time = timeStr.match(/(\d+)(?::(\d\d))?/i); if (!time) { return -1; } var hours = parseInt(time[1], 10); - if (hours == 12 && !time[3]) { - hours = 0; - } - else { - hours += (hours < 12 && time[3]) ? 12 : 0; - } dt.setHours(hours); dt.setMinutes(parseInt(time[2], 10) || 0); diff --git a/htdocs/core/lib/files.lib.php b/htdocs/core/lib/files.lib.php index 210626f461c..3e7e2796eca 100644 --- a/htdocs/core/lib/files.lib.php +++ b/htdocs/core/lib/files.lib.php @@ -1556,7 +1556,10 @@ function dol_add_file_process($upload_dir, $allowoverwrite=0, $donotupdatesessio $destfull = $info['dirname'].'/'.dol_sanitizeFileName($info['filename'].'.'.strtolower($info['extension'])); $info = pathinfo($destfile); $destfile = dol_sanitizeFileName($info['filename'].'.'.strtolower($info['extension'])); - + // We apply dol_string_nohtmltag also to clean file names (this remove duplicate spaces) because + // this function is also applied when we make try to download file (by the GETPOST(filename, 'alphanohtml') call). + $destfile = dol_string_nohtmltag($destfile); + $destfull = dol_string_nohtmltag($destfull); $resupload = dol_move_uploaded_file($TFile['tmp_name'][$i], $destfull, $allowoverwrite, 0, $TFile['error'][$i], 0, $varfiles); if (is_numeric($resupload) && $resupload > 0) // $resupload can be 'ErrorFileAlreadyExists' diff --git a/htdocs/core/lib/usergroups.lib.php b/htdocs/core/lib/usergroups.lib.php index 81989d0aaa1..efe0dbb52bd 100644 --- a/htdocs/core/lib/usergroups.lib.php +++ b/htdocs/core/lib/usergroups.lib.php @@ -144,8 +144,8 @@ function user_prepare_head($object) if ((! empty($conf->salaries->enabled) && ! empty($user->rights->salaries->read)) || (! empty($conf->hrm->enabled) && ! empty($user->rights->hrm->employee->read)) - || (! empty($conf->expensereport->enabled) && ! empty($user->rights->expensereport->lire) && $user->id == $object->id) - || (! empty($conf->holiday->enabled) && ! empty($user->rights->holiday->read) && $user->id == $object->id ) + || (! empty($conf->expensereport->enabled) && ! empty($user->rights->expensereport->lire) && ($user->id == $object->id || $user->rights->expensereport->readall)) + || (! empty($conf->holiday->enabled) && ! empty($user->rights->holiday->read) && ($user->id == $object->id || $user->rights->holiday->read_all)) ) { // Bank diff --git a/htdocs/core/modules/project/doc/pdf_beluga.modules.php b/htdocs/core/modules/project/doc/pdf_beluga.modules.php index d7cae4726c5..562f6a093dc 100644 --- a/htdocs/core/modules/project/doc/pdf_beluga.modules.php +++ b/htdocs/core/modules/project/doc/pdf_beluga.modules.php @@ -273,7 +273,7 @@ class pdf_beluga extends ModelePDFProjects 'table'=>'commande', 'datefieldname'=>'date_commande', 'test'=>$conf->commande->enabled && $user->rights->commande->lire, - 'lang'=>'order'), + 'lang'=>'orders'), 'invoice'=>array( 'name'=>"CustomersInvoices", 'title'=>"ListInvoicesAssociatedProject", diff --git a/htdocs/expensereport/list.php b/htdocs/expensereport/list.php index e576889d363..3b153bcf843 100644 --- a/htdocs/expensereport/list.php +++ b/htdocs/expensereport/list.php @@ -4,6 +4,7 @@ * Copyright (C) 2004 Eric Seigne * Copyright (C) 2005-2009 Regis Houssin * Copyright (C) 2015 Alexandre Spangaro + * Copyright (C) 2019 Juanjo Menent * Copyright (C) 2018 Ferran Marcet * * This program is free software; you can redistribute it and/or modify @@ -68,7 +69,7 @@ if (!$sortfield) $sortfield="d.date_debut"; $id = GETPOST('id', 'int'); $sall = trim((GETPOST('search_all', 'alphanohtml')!='')?GETPOST('search_all', 'alphanohtml'):GETPOST('sall', 'alphanohtml')); -$search_ref = GETPOST('search_ref'); +$search_ref = GETPOST('search_ref', 'alpha'); $search_user = GETPOST('search_user','int'); $search_amount_ht = GETPOST('search_amount_ht','alpha'); $search_amount_vat = GETPOST('search_amount_vat','alpha'); diff --git a/htdocs/filefunc.inc.php b/htdocs/filefunc.inc.php index 3981de21751..fbc1f52cac7 100644 --- a/htdocs/filefunc.inc.php +++ b/htdocs/filefunc.inc.php @@ -31,7 +31,7 @@ */ if (! defined('DOL_APPLICATION_TITLE')) define('DOL_APPLICATION_TITLE','Dolibarr'); -if (! defined('DOL_VERSION')) define('DOL_VERSION','8.0.5'); // a.b.c-alpha, a.b.c-beta, a.b.c-rcX or a.b.c +if (! defined('DOL_VERSION')) define('DOL_VERSION','8.0.6'); // a.b.c-alpha, a.b.c-beta, a.b.c-rcX or a.b.c if (! defined('EURO')) define('EURO',chr(128)); diff --git a/htdocs/fourn/commande/card.php b/htdocs/fourn/commande/card.php index 41a6d030e16..4143cd0246e 100644 --- a/htdocs/fourn/commande/card.php +++ b/htdocs/fourn/commande/card.php @@ -2391,14 +2391,11 @@ elseif (! empty($object->id)) } // Create bill - if (! empty($conf->facture->enabled)) + if (! empty($conf->fournisseur->enabled) && ($object->statut >= 2 && $object->statut != 7 && $object->billed != 1)) // statut 2 means approved, 7 means canceled { - if (! empty($conf->fournisseur->enabled) && ($object->statut >= 2 && $object->statut != 7 && $object->billed != 1)) // statut 2 means approved, 7 means canceled + if ($user->rights->fournisseur->facture->creer) { - if ($user->rights->fournisseur->facture->creer) - { - print ''.$langs->trans("CreateBill").''; - } + print ''.$langs->trans("CreateBill").''; } } diff --git a/htdocs/fourn/commande/orderstoinvoice.php b/htdocs/fourn/commande/orderstoinvoice.php index 4c229518eba..82058d087b5 100644 --- a/htdocs/fourn/commande/orderstoinvoice.php +++ b/htdocs/fourn/commande/orderstoinvoice.php @@ -216,7 +216,7 @@ if (($action == 'create' || $action == 'add') && ! $error) { $fk_parent_line = 0; } // FIXME Missing $lines[$i]->ref_supplier and $lines[$i]->label into addline and updateline methods. They are filled when coming from order for example. - $result = $object->addline($desc, $lines[$i]->subprice, $lines[$i]->tva_tx, $lines[$i]->localtax1_tx, $lines[$i]->localtax2_tx, $lines[$i]->qty, $lines[$i]->fk_product, $lines[$i]->remise_percent, $date_start, $date_end, 0, $lines[$i]->info_bits, 'HT', $product_type, -1, false, 0, $lines[$i]->fk_unit); + $result = $object->addline($desc, $lines[$i]->subprice, $lines[$i]->tva_tx, $lines[$i]->localtax1_tx, $lines[$i]->localtax2_tx, $lines[$i]->qty, $lines[$i]->fk_product, $lines[$i]->remise_percent, $date_start, $date_end, 0, $lines[$i]->info_bits, 'HT', $product_type, -1, false, 0, $lines[$i]->fk_unit, $line[$i]->id); if ($result > 0) { $lineid = $result; diff --git a/htdocs/install/mysql/migration/7.0.0-8.0.0.sql b/htdocs/install/mysql/migration/7.0.0-8.0.0.sql index cee3a17e061..380c64c28fc 100644 --- a/htdocs/install/mysql/migration/7.0.0-8.0.0.sql +++ b/htdocs/install/mysql/migration/7.0.0-8.0.0.sql @@ -560,3 +560,5 @@ UPDATE llx_advtargetemailing SET fk_element = fk_mailing, type_element='mailing' ALTER TABLE llx_advtargetemailing DROP COLUMN fk_mailing; DROP TABLE llx_ticket_logs; + +ALTER TABLE llx_actioncomm MODIFY COLUMN code varchar(50); diff --git a/htdocs/install/mysql/tables/llx_actioncomm.sql b/htdocs/install/mysql/tables/llx_actioncomm.sql index 72321e19db5..231dd3bad1a 100644 --- a/htdocs/install/mysql/tables/llx_actioncomm.sql +++ b/htdocs/install/mysql/tables/llx_actioncomm.sql @@ -29,7 +29,7 @@ create table llx_actioncomm datep2 datetime, -- date end fk_action integer, -- type of action (optional link with id in llx_c_actioncomm or null) - code varchar(32) NULL, -- code of action for automatic action ('AC_OTH_AUTO' for automatic actions, 'AC_EMAILIN_AUTO' for email input, 'AC_xxx' for manual action...) + code varchar(50) NULL, -- code of action for automatic action ('AC_OTH_AUTO' for automatic actions, 'AC_EMAILIN_AUTO' for email input, 'AC_xxx' for manual action...) datec datetime, -- date creation tms timestamp, -- date modification diff --git a/htdocs/modulebuilder/template/class/myobject.class.php b/htdocs/modulebuilder/template/class/myobject.class.php index 12f31439985..7593d0c550e 100644 --- a/htdocs/modulebuilder/template/class/myobject.class.php +++ b/htdocs/modulebuilder/template/class/myobject.class.php @@ -90,7 +90,7 @@ class MyObject extends CommonObject 'date_creation' =>array('type'=>'datetime', 'label'=>'DateCreation', 'enabled'=>1, 'visible'=>-2, 'notnull'=>1, 'position'=>500), 'tms' =>array('type'=>'timestamp', 'label'=>'DateModification', 'enabled'=>1, 'visible'=>-2, 'notnull'=>1, 'position'=>501), //'date_valid' =>array('type'=>'datetime', 'label'=>'DateCreation', 'enabled'=>1, 'visible'=>-2, 'position'=>502), - 'fk_user_creat' =>array('type'=>'integer', 'label'=>'UserAuthor', 'enabled'=>1, 'visible'=>-2, 'notnull'=>1, 'position'=>510, 'foreignkey'=>'llx_user.rowid'), + 'fk_user_creat' =>array('type'=>'integer', 'label'=>'UserAuthor', 'enabled'=>1, 'visible'=>-2, 'notnull'=>1, 'position'=>510, 'foreignkey'=>'user.rowid'), 'fk_user_modif' =>array('type'=>'integer', 'label'=>'UserModif', 'enabled'=>1, 'visible'=>-2, 'notnull'=>-1, 'position'=>511), //'fk_user_valid' =>array('type'=>'integer', 'label'=>'UserValidation', 'enabled'=>1, 'visible'=>-1, 'position'=>512), 'import_key' =>array('type'=>'varchar(14)', 'label'=>'ImportId', 'enabled'=>1, 'visible'=>-2, 'notnull'=>-1, 'index'=>0, 'position'=>1000), diff --git a/htdocs/product/list.php b/htdocs/product/list.php index f2d869c9a45..ce829e6b442 100644 --- a/htdocs/product/list.php +++ b/htdocs/product/list.php @@ -3,7 +3,7 @@ * Copyright (C) 2004-2018 Laurent Destailleur * Copyright (C) 2005-2012 Regis Houssin * Copyright (C) 2012-2016 Marcos García - * Copyright (C) 2013-2016 Juanjo Menent + * Copyright (C) 2013-2019 Juanjo Menent * Copyright (C) 2013-2015 Raphaël Doursenaud * Copyright (C) 2013 Jean Heimburger * Copyright (C) 2013 Cédric Salvador @@ -50,11 +50,11 @@ $confirm=GETPOST('confirm','alpha'); $toselect = GETPOST('toselect', 'array'); $sall=trim((GETPOST('search_all', 'alphanohtml')!='')?GETPOST('search_all', 'alphanohtml'):GETPOST('sall', 'alphanohtml')); -$search_ref=GETPOST("search_ref"); -$search_barcode=GETPOST("search_barcode"); -$search_label=GETPOST("search_label"); +$search_ref=GETPOST("search_ref",'alpha'); +$search_barcode=GETPOST("search_barcode",'alpha'); +$search_label=GETPOST("search_label", 'alpha'); $search_type = GETPOST("search_type",'int'); -$search_sale = GETPOST("search_sale"); +$search_sale = GETPOST("search_sale", 'int'); $search_categ = GETPOST("search_categ",'int'); $search_tosell = GETPOST("search_tosell", 'int'); $search_tobuy = GETPOST("search_tobuy", 'int'); diff --git a/htdocs/product/reassort.php b/htdocs/product/reassort.php index 9ee9ab0aead..40793b13153 100644 --- a/htdocs/product/reassort.php +++ b/htdocs/product/reassort.php @@ -4,6 +4,7 @@ * Copyright (C) 2005-2018 Regis Houssin * Copyright (C) 2013 Cédric Salvador * Copyright (C) 2015 Raphaël Doursenaud + * Copyright (C) 2019 Juanjo Menent * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -40,11 +41,11 @@ $result=restrictedArea($user,'produit|service'); $action=GETPOST('action','alpha'); -$sref=GETPOST("sref"); -$snom=GETPOST("snom"); +$sref=GETPOST("sref", 'alpha'); +$snom=GETPOST("snom", 'alpha'); $sall=trim((GETPOST('search_all', 'alphanohtml')!='')?GETPOST('search_all', 'alphanohtml'):GETPOST('sall', 'alphanohtml')); $type=GETPOST("type","int"); -$search_barcode=GETPOST("search_barcode"); +$search_barcode=GETPOST("search_barcode", 'alpha'); $catid=GETPOST('catid','int'); $toolowstock=GETPOST('toolowstock'); $tosell = GETPOST("tosell"); diff --git a/htdocs/product/reassortlot.php b/htdocs/product/reassortlot.php index 3a58924108d..caf17bb6681 100644 --- a/htdocs/product/reassortlot.php +++ b/htdocs/product/reassortlot.php @@ -5,6 +5,7 @@ * Copyright (C) 2013 Cédric Salvador * Copyright (C) 2015 Raphaël Doursenaud * Copyright (C) 2016 Ferran Marcet + * Copyright (C) 2019 Juanjo Menent * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -42,8 +43,8 @@ $result=restrictedArea($user,'produit|service'); $action=GETPOST('action','alpha'); -$sref=GETPOST("sref"); -$snom=GETPOST("snom"); +$sref=GETPOST("sref", 'alpha'); +$snom=GETPOST("snom", 'alpha'); $sall=trim((GETPOST('search_all', 'alphanohtml')!='')?GETPOST('search_all', 'alphanohtml'):GETPOST('sall', 'alphanohtml')); $type=GETPOST("type","int"); $search_barcode=GETPOST("search_barcode",'alpha'); diff --git a/htdocs/product/stock/tpl/stockcorrection.tpl.php b/htdocs/product/stock/tpl/stockcorrection.tpl.php index 3d2e1c99e9b..4a9f23301a8 100644 --- a/htdocs/product/stock/tpl/stockcorrection.tpl.php +++ b/htdocs/product/stock/tpl/stockcorrection.tpl.php @@ -100,7 +100,7 @@ if (empty($conf) || ! is_object($conf)) { print ''.$langs->trans('Project').''; print ''; - $formproject->select_projects(0, '', 'projectid', 0, 0, 1, 0, 0, 0, 0, '', 0, 0, 'maxwidth300'); + $formproject->select_projects(-1, '', 'projectid', 0, 0, 1, 0, 0, 0, 0, '', 0, 0, 'maxwidth300'); print ''; } print ''; diff --git a/htdocs/projet/list.php b/htdocs/projet/list.php index 78d21d36424..e806580ffea 100644 --- a/htdocs/projet/list.php +++ b/htdocs/projet/list.php @@ -6,6 +6,7 @@ * Copyright (C) 2013 Cédric Salvador * Copyright (C) 2015 Claudio Aschieri * Copyright (C) 2018 Ferran Marcet + * Copyright (C) 2019 Juanjo Menent * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -72,9 +73,9 @@ $pagenext = $page + 1; $search_all=GETPOST('search_all', 'alphanohtml') ? GETPOST('search_all', 'alphanohtml') : GETPOST('sall', 'alphanohtml'); $search_categ=GETPOST("search_categ",'alpha'); -$search_ref=GETPOST("search_ref"); -$search_label=GETPOST("search_label"); -$search_societe=GETPOST("search_societe"); +$search_ref=GETPOST("search_ref",'alpha'); +$search_label=GETPOST("search_label",'alpha'); +$search_societe=GETPOST("search_societe",'alpha'); $search_year=GETPOST("search_year"); $search_status=GETPOST("search_status",'int'); $search_opp_status=GETPOST("search_opp_status",'alpha');