diff --git a/COPYRIGHT b/COPYRIGHT index 45b3047a375..83d054d63be 100644 --- a/COPYRIGHT +++ b/COPYRIGHT @@ -52,7 +52,7 @@ Ace 1.4.14 BSD Yes ChartJS 3.7.1 MIT License Yes JS library for graph CKEditor 4.18 LGPL-2.1+ Yes Editor WYSIWYG jQuery 3.6.0 MIT License Yes JS library -jQuery UI 1.13.1 GPL and MIT License Yes JS library plugin UI +jQuery UI 1.13.2 GPL and MIT License Yes JS library plugin UI jQuery select2 4.0.13 GPL and Apache License Yes JS library plugin for sexier multiselect. Warning: 4.0.6+ create troubles without patching css jQuery blockUI 2.70.0 GPL and MIT License Yes JS library plugin blockUI (to use ajax popups) jQuery Colorpicker 1.1 MIT License Yes JS library for color picker for a defined list of colors diff --git a/htdocs/accountancy/index.php b/htdocs/accountancy/index.php index 99ae0bd845b..926097c1509 100644 --- a/htdocs/accountancy/index.php +++ b/htdocs/accountancy/index.php @@ -49,7 +49,7 @@ if (empty($user->rights->accounting->mouvements->lire)) { if (empty($conf->comptabilite->enabled) && empty($conf->accounting->enabled) && empty($conf->asset->enabled) && empty($conf->intracommreport->enabled)) { accessforbidden(); } -if (empty($user->rights->compta->resultat->lire) && empty($user->rights->accounting->comptarapport->lire) && empty($user->rights->accounting->mouvements->lire) && empty($user->rights->asset->read) && empty($user->rights->intracommreport->read)) { +if (empty($user->hasRight('compta', 'resultat', 'lire')) && empty($user->hasRight('accounting', 'comptarapport', 'lire')) && empty($user->hasRight('accounting', 'mouvements', 'lire')) && empty($user->hasRight('asset', 'read')) && empty($user->hasRight('intracommreport', 'read'))) { accessforbidden(); } @@ -117,7 +117,7 @@ if (!empty($conf->global->INVOICE_USE_SITUATION) && $conf->global->INVOICE_USE_S print '
'; // hideobject is to start hidden print "
\n"; print ''.$langs->trans("AccountancyAreaDescIntro")."
\n"; - if (!empty($user->rights->accounting->chartofaccount)) { + if ($user->hasRight('accounting', 'chartofaccount')) { print "
\n"; print "
\n"; print load_fiche_titre(' '.$langs->trans("AccountancyAreaDescActionOnce"), '', '')."\n"; diff --git a/htdocs/adherents/card.php b/htdocs/adherents/card.php index 44a12293e67..fbc3eefd641 100644 --- a/htdocs/adherents/card.php +++ b/htdocs/adherents/card.php @@ -40,6 +40,7 @@ require_once DOL_DOCUMENT_ROOT.'/adherents/class/subscription.class.php'; require_once DOL_DOCUMENT_ROOT.'/categories/class/categorie.class.php'; require_once DOL_DOCUMENT_ROOT.'/compta/bank/class/account.class.php'; require_once DOL_DOCUMENT_ROOT.'/core/class/extrafields.class.php'; +require_once DOL_DOCUMENT_ROOT.'/core/class/html.formadmin.class.php'; require_once DOL_DOCUMENT_ROOT.'/core/class/html.formcompany.class.php'; require_once DOL_DOCUMENT_ROOT.'/core/class/html.formfile.class.php'; @@ -277,7 +278,7 @@ if (empty($reshook)) { } // Create new object if ($result > 0 && !$error) { - $object->oldcopy = clone $object; + $object->oldcopy = dol_clone($object); // Change values $object->civility_id = trim(GETPOST("civility_id", 'alphanohtml')); @@ -311,8 +312,8 @@ if (empty($reshook)) { //$object->twitter = trim(GETPOST("twitter", 'alpha')); //$object->facebook = trim(GETPOST("facebook", 'alpha')); //$object->linkedin = trim(GETPOST("linkedin", 'alpha')); - $object->birth = $birthdate; - + $object->birth = $birthdate; + $object->default_lang = GETPOST('default_lang', 'alpha'); $object->typeid = GETPOST("typeid", 'int'); //$object->note = trim(GETPOST("comment","alpha")); $object->morphy = GETPOST("morphy", 'alpha'); @@ -457,6 +458,7 @@ if (empty($reshook)) { $userid = GETPOST("userid", 'int'); $socid = GETPOST("socid", 'int'); + $default_lang = GETPOST('default_lang', 'alpha'); $object->civility_id = $civility_id; $object->firstname = $firstname; @@ -498,7 +500,7 @@ if (empty($reshook)) { $object->user_id = $userid; $object->socid = $socid; $object->public = $public; - + $object->default_lang = $default_lang; // Fill array 'array_options' with data from add form $ret = $extrafields->setOptionalsFromPost(null, $object); if ($ret < 0) { @@ -580,36 +582,16 @@ if (empty($reshook)) { $id = $object->id; } else { $db->rollback(); + setEventMessages($object->error, $object->errors, 'errors'); - if ($object->error) { - setEventMessages($object->error, $object->errors, 'errors'); - } else { - setEventMessages($object->error, $object->errors, 'errors'); - } } + // Auto-create thirdparty on member creation if (!empty($conf->global->ADHERENT_DEFAULT_CREATE_THIRDPARTY)) { if ($result > 0) { - // User creation + // Create third party out of a member $company = new Societe($db); - - $companyalias = ''; - $fullname = $object->getFullName($langs); - - if ($object->morphy == 'mor') { - $companyname = $object->company; - if (!empty($fullname)) { - $companyalias = $fullname; - } - } else { - $companyname = $fullname; - if (!empty($object->company)) { - $companyalias = $object->company; - } - } - - $result = $company->create_from_member($object, $companyname, $companyalias); - + $result = $company->create_from_member($object); if ($result < 0) { $langs->load("errors"); setEventMessages($langs->trans($company->error), null, 'errors'); @@ -899,6 +881,7 @@ if (empty($reshook)) { $form = new Form($db); $formfile = new FormFile($db); +$formadmin = new FormAdmin($db); $formcompany = new FormCompany($db); $title = $langs->trans("Member")." - ".$langs->trans("Card"); @@ -1363,6 +1346,14 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { print $form->selectDate(($object->birth ? $object->birth : -1), 'birth', '', '', 1, 'formsoc'); print "\n"; + // Default language + if (!empty($conf->global->MAIN_MULTILANGS)) { + print ''.$form->editfieldkey('DefaultLang', 'default_lang', '', $object, 0).''."\n"; + print img_picto('', 'language').$formadmin->select_language($object->default_lang, 'default_lang', 0, 0, 1); + print ''; + print ''; + } + // Public profil print "".$langs->trans("Public")."\n"; print $form->selectyesno("public", (GETPOSTISSET("public") ? GETPOST("public", 'alphanohtml', 2) : $object->public), 1); @@ -1803,6 +1794,19 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { // Birth Date print ''.$langs->trans("DateOfBirth").''.dol_print_date($object->birth, 'day').''; + // Default language + if (!empty($conf->global->MAIN_MULTILANGS)) { + require_once DOL_DOCUMENT_ROOT.'/core/lib/functions2.lib.php'; + print ''.$langs->trans("DefaultLang").''; + //$s=picto_from_langcode($object->default_lang); + //print ($s?$s.' ':''); + $langs->load("languages"); + $labellang = ($object->default_lang ? $langs->trans('Language_'.$object->default_lang) : ''); + print picto_from_langcode($object->default_lang, 'class="paddingrightonly saturatemedium opacitylow"'); + print $labellang; + print ''; + } + // Public print ''.$langs->trans("Public").''.yn($object->public).''; diff --git a/htdocs/adherents/class/adherent.class.php b/htdocs/adherents/class/adherent.class.php index dec7584b68e..318dc4ac794 100644 --- a/htdocs/adherents/class/adherent.class.php +++ b/htdocs/adherents/class/adherent.class.php @@ -215,6 +215,12 @@ class Adherent extends CommonObject */ public $public; + /** + * Default language code of member (en_US, ...) + * @var string + */ + public $default_lang; + /** * @var string photo of member */ @@ -328,6 +334,7 @@ class Adherent extends CommonObject 'photo' => array('type' => 'varchar(255)', 'label' => 'Photo', 'enabled' => 1, 'visible' => -1, 'position' => 135), 'public' => array('type' => 'smallint(6)', 'label' => 'Public', 'enabled' => 1, 'visible' => -1, 'notnull' => 1, 'position' => 145), 'datefin' => array('type' => 'datetime', 'label' => 'DateEnd', 'enabled' => 1, 'visible' => -1, 'position' => 150), + 'default_lang' =>array('type'=>'varchar(6)', 'label'=>'Default lang', 'enabled'=>1, 'visible'=>-1, 'position'=> 153), 'note_private' => array('type' => 'text', 'label' => 'NotePublic', 'enabled' => 1, 'visible' => 0, 'position' => 155), 'note_public' => array('type' => 'text', 'label' => 'NotePrivate', 'enabled' => 1, 'visible' => 0, 'position' => 160), 'datevalid' => array('type' => 'datetime', 'label' => 'DateValidation', 'enabled' => 1, 'visible' => -1, 'position' => 165), @@ -710,9 +717,11 @@ class Adherent extends CommonObject $sql .= ", photo = ".($this->photo ? "'".$this->db->escape($this->photo)."'" : "null"); $sql .= ", public = '".$this->db->escape($this->public)."'"; $sql .= ", statut = ".$this->db->escape($this->statut); + $sql .= ", default_lang = ".(!empty($this->default_lang) ? "'".$this->db->escape($this->default_lang)."'" : "null"); $sql .= ", fk_adherent_type = ".$this->db->escape($this->typeid); $sql .= ", morphy = '".$this->db->escape($this->morphy)."'"; $sql .= ", birth = ".($this->birth ? "'".$this->db->idate($this->birth)."'" : "null"); + if ($this->datefin) { $sql .= ", datefin = '".$this->db->idate($this->datefin)."'"; // Must be modified only when deleting a subscription } @@ -833,6 +842,8 @@ class Adherent extends CommonObject $luser->office_phone = $this->phone; $luser->user_mobile = $this->phone_mobile; + $luser->lang = $this->default_lang; + $luser->fk_member = $this->id; $result = $luser->update($user, 0, 1, 1); // Use nosync to 1 to avoid cyclic updates @@ -868,6 +879,7 @@ class Adherent extends CommonObject $lthirdparty->state_id = $this->state_id; $lthirdparty->country_id = $this->country_id; //$lthirdparty->phone_mobile=$this->phone_mobile; + $lthirdparty->default_lang = $this->default_lang; $result = $lthirdparty->update($this->fk_soc, $user, 0, 1, 1, 'update'); // Use sync to 0 to avoid cyclic updates @@ -1314,7 +1326,7 @@ class Adherent extends CommonObject $sql .= " d.photo, d.fk_adherent_type, d.morphy, d.entity,"; $sql .= " d.datec as datec,"; $sql .= " d.tms as datem,"; - $sql .= " d.datefin as datefin,"; + $sql .= " d.datefin as datefin, d.default_lang,"; $sql .= " d.birth as birthday,"; $sql .= " d.datevalid as datev,"; $sql .= " d.country,"; @@ -1407,6 +1419,8 @@ class Adherent extends CommonObject $this->date_validation = $this->db->jdate($obj->datev); $this->birth = $this->db->jdate($obj->birthday); + $this->default_lang = $obj->default_lang; + $this->note_private = $obj->note_private; $this->note_public = $obj->note_public; $this->morphy = $obj->morphy; @@ -2556,6 +2570,7 @@ class Adherent extends CommonObject $this->datefin = $now; $this->datevalid = $now; + $this->default_lang = ''; $this->typeid = 1; // Id type adherent $this->type = 'Type adherent'; // Libelle type adherent diff --git a/htdocs/adherents/type.php b/htdocs/adherents/type.php index f3d5f96a78a..e37d52480fa 100644 --- a/htdocs/adherents/type.php +++ b/htdocs/adherents/type.php @@ -170,7 +170,8 @@ if ($action == 'add' && $user->rights->adherent->configurer) { if ($action == 'update' && $user->rights->adherent->configurer) { $object->fetch($rowid); - $object->oldcopy = clone $object; + $object->oldcopy = dol_clone($object); + $object->label= trim($label); $object->morphy = trim($morphy); $object->status = (int) $status; diff --git a/htdocs/admin/dict.php b/htdocs/admin/dict.php index dd29ee1cde3..3cba1a333ca 100644 --- a/htdocs/admin/dict.php +++ b/htdocs/admin/dict.php @@ -1220,14 +1220,16 @@ if ($id > 0) { $sql .= natural_search("code_iso", $search_code); } elseif ($search_code != '' && $id == 28) { $sql .= natural_search("h.code", $search_code); - } elseif ($search_code != '' && $id == 32) { + } elseif ($search_code != '' && ($id == 7 || $id == 32)) { $sql .= natural_search("a.code", $search_code); } elseif ($search_code != '' && $id == 3) { $sql .= natural_search("r.code_region", $search_code); - } elseif ($search_code != '' && $id == 7) { - $sql .= natural_search("a.code", $search_code); - } elseif ($search_code != '' && $id == 10) { + } elseif ($search_code != '' && ($id == 8 || $id == 10)) { $sql .= natural_search("t.code", $search_code); + } elseif ($search_code != '' && $id == 1) { + $sql .= natural_search("f.code", $search_code); + } elseif ($search_code != '' && $id == 2) { + $sql .= natural_search("d.code_departement", $search_code); } elseif ($search_code != '' && $id != 9) { $sql .= natural_search("code", $search_code); } diff --git a/htdocs/admin/mails.php b/htdocs/admin/mails.php index 67bf775bdd9..0504315075d 100644 --- a/htdocs/admin/mails.php +++ b/htdocs/admin/mails.php @@ -88,7 +88,15 @@ if ($action == 'update' && !$cancel) { dolibarr_set_const($db, "MAIN_MAIL_SMTP_PORT", GETPOST("MAIN_MAIL_SMTP_PORT", 'int'), 'chaine', 0, '', $conf->entity); dolibarr_set_const($db, "MAIN_MAIL_SMTP_SERVER", GETPOST("MAIN_MAIL_SMTP_SERVER", 'alphanohtml'), 'chaine', 0, '', $conf->entity); dolibarr_set_const($db, "MAIN_MAIL_SMTPS_ID", GETPOST("MAIN_MAIL_SMTPS_ID", 'alphanohtml'), 'chaine', 0, '', $conf->entity); - dolibarr_set_const($db, "MAIN_MAIL_SMTPS_PW", GETPOST("MAIN_MAIL_SMTPS_PW", 'none'), 'chaine', 0, '', $conf->entity); + if (GETPOSTISSET("MAIN_MAIL_SMTPS_PW")) { + dolibarr_set_const($db, "MAIN_MAIL_SMTPS_PW", GETPOST("MAIN_MAIL_SMTPS_PW", 'none'), 'chaine', 0, '', $conf->entity); + } + if (GETPOSTISSET("MAIN_MAIL_SMTPS_AUTH_TYPE")) { + dolibarr_set_const($db, "MAIN_MAIL_SMTPS_AUTH_TYPE", GETPOST("MAIN_MAIL_SMTPS_AUTH_TYPE", 'chaine'), 'chaine', 0, '', $conf->entity); + } + if (GETPOSTISSET("MAIN_MAIL_SMTPS_OAUTH_SERVICE")) { + dolibarr_set_const($db, "MAIN_MAIL_SMTPS_OAUTH_SERVICE", GETPOST("MAIN_MAIL_SMTPS_OAUTH_SERVICE", 'chaine'), 'chaine', 0, '', $conf->entity); + } dolibarr_set_const($db, "MAIN_MAIL_EMAIL_TLS", GETPOST("MAIN_MAIL_EMAIL_TLS", 'int'), 'chaine', 0, '', $conf->entity); dolibarr_set_const($db, "MAIN_MAIL_EMAIL_STARTTLS", GETPOST("MAIN_MAIL_EMAIL_STARTTLS", 'int'), 'chaine', 0, '', $conf->entity); dolibarr_set_const($db, "MAIN_MAIL_EMAIL_SMTP_ALLOW_SELF_SIGNED", GETPOST("MAIN_MAIL_EMAIL_SMTP_ALLOW_SELF_SIGNED", 'int'), 'chaine', 0, '', $conf->entity); @@ -171,6 +179,24 @@ if (version_compare(phpversion(), '7.0', '>=')) { $listofmethods['swiftmailer'] = 'Swift Mailer socket library'; } +// List of oauth services +$oauthservices = array(); + +foreach ($conf->global as $key => $val) { + if (!empty($val) && preg_match('/^OAUTH_.*_ID$/', $key)) { + $key = preg_replace('/^OAUTH_/', '', $key); + $key = preg_replace('/_ID$/', '', $key); + if (preg_match('/^.*-/', $key)) { + $name = preg_replace('/^.*-/', '', $key); + } else { + $name = $langs->trans("NoName"); + } + $provider = preg_replace('/-.*$/', '', $key); + $provider = ucfirst(strtolower($provider)); + + $oauthservices[$key] = $name." (".$provider.")"; + } +} if ($action == 'edit') { if ($conf->use_javascript_ajax) { @@ -195,6 +221,7 @@ if ($action == 'edit') { jQuery("#MAIN_MAIL_EMAIL_DKIM_PRIVATE_KEY").prop("disabled", true); jQuery(".smtp_method").hide(); jQuery(".dkim").hide(); + jQuery(".smtp_auth_method").hide(); '; if ($linuxlike) { print ' @@ -237,6 +264,7 @@ if ($action == 'edit') { jQuery("#smtp_port_mess").hide(); jQuery(".smtp_method").show(); jQuery(".dkim").hide(); + jQuery(".smtp_auth_method").show(); } if (jQuery("#MAIN_MAIL_SENDMODE").val()==\'swiftmailer\') { @@ -264,12 +292,34 @@ if ($action == 'edit') { jQuery("#smtp_port_mess").hide(); jQuery(".smtp_method").show(); jQuery(".dkim").show(); + jQuery(".smtp_auth_method").show(); } } + function change_smtp_auth_method() { + console.log(jQuery("#radio_pw").prop("checked")); + if (jQuery("#MAIN_MAIL_SENDMODE").val()==\'smtps\' && jQuery("#radio_oauth").prop("checked")) { + jQuery(".smtp_oauth_service").show(); + jQuery(".smtp_pw").hide(); + } else if (jQuery("#MAIN_MAIL_SENDMODE").val()==\'swiftmailer\' && jQuery("#radio_oauth").prop("checked")) { + jQuery(".smtp_oauth_service").show(); + jQuery(".smtp_pw").hide(); + } else if(jQuery("#MAIN_MAIL_SENDMODE").val()==\'mail\'){ + jQuery(".smtp_oauth_service").hide(); + jQuery(".smtp_pw").hide(); + } else { + jQuery(".smtp_oauth_service").hide(); + jQuery(".smtp_pw").show(); + } + } initfields(); + change_smtp_auth_method(); jQuery("#MAIN_MAIL_SENDMODE").change(function() { initfields(); + change_smtp_auth_method(); }); + jQuery("#radio_pw, #radio_oauth").change(function() { + change_smtp_auth_method(); + }); jQuery("#MAIN_MAIL_EMAIL_TLS").change(function() { if (jQuery("#MAIN_MAIL_EMAIL_TLS").val() == 1) jQuery("#MAIN_MAIL_EMAIL_STARTTLS").val(0); @@ -413,10 +463,29 @@ if ($action == 'edit') { print ''; } + + // OAUTH + if (!empty($conf->use_javascript_ajax) || (isset($conf->global->MAIN_MAIL_SENDMODE) && in_array($conf->global->MAIN_MAIL_SENDMODE, array('smtps', 'swiftmailer')))) { + print ''.$langs->trans("MAIN_MAIL_SMTPS_AUTH_TYPE").''; + if (empty($conf->multicompany->enabled) || ($user->admin && !$user->entity)) { + print ' '; + print ''; + print '            '; + print ' '; + print ''; + } else { + $value = getDolGlobalString('MAIN_MAIL_SMTPS_AUTH_TYPE', 'LOGIN'); + $htmltext = $langs->trans("ContactSuperAdminForChange"); + print $form->textwithpicto($langs->trans("MAIN_MAIL_SMTPS_AUTH_TYPE"), $htmltext, 1, 'superadmin'); + print ''; + } + print ''; + } + // PW if (!empty($conf->use_javascript_ajax) || (isset($conf->global->MAIN_MAIL_SENDMODE) && in_array($conf->global->MAIN_MAIL_SENDMODE, array('smtps', 'swiftmailer')))) { $mainsmtppw = (!empty($conf->global->MAIN_MAIL_SMTPS_PW) ? $conf->global->MAIN_MAIL_SMTPS_PW : ''); - print ''; + print ''; print $form->textwithpicto($langs->trans("MAIN_MAIL_SMTPS_PW"), $langs->trans("WithGMailYouCanCreateADedicatedPassword")); print ''; // SuperAdministrator access only @@ -430,6 +499,24 @@ if ($action == 'edit') { print ''; } + // OAUTH service provider + if (!empty($conf->use_javascript_ajax) || (isset($conf->global->MAIN_MAIL_SENDMODE) && in_array($conf->global->MAIN_MAIL_SENDMODE, array('smtps', 'swiftmailer')))) { + print ''.$langs->trans("MAIN_MAIL_SMTPS_OAUTH_SERVICE").''; + + // SuperAdministrator access only + if ((empty($conf->global->MAIN_MODULE_MULTICOMPANY)) || ($user->admin && !$user->entity)) { + print $form->selectarray('MAIN_MAIL_SMTPS_OAUTH_SERVICE', $oauthservices, $conf->global->MAIN_MAIL_SMTPS_OAUTH_SERVICE); + } else { + $text = $oauthservices[$conf->global->MAIN_MAIL_SMTPS_OAUTH_SERVICE]; + if (empty($text)) { + $text = $langs->trans("Undefined"); + } + $htmltext = $langs->trans("ContactSuperAdminForChange"); + print $form->textwithpicto($text, $htmltext, 1, 'superadmin'); + print ''; + } + print ''; + } // TLS print ''.$langs->trans("MAIN_MAIL_EMAIL_TLS").''; if (!empty($conf->use_javascript_ajax) || (isset($conf->global->MAIN_MAIL_SENDMODE) && in_array($conf->global->MAIN_MAIL_SENDMODE, array('smtps', 'swiftmailer')))) { @@ -595,29 +682,46 @@ if ($action == 'edit') { print ''; // Host server - if ($linuxlike && (isset($conf->global->MAIN_MAIL_SENDMODE) && $conf->global->MAIN_MAIL_SENDMODE == 'mail')) { + if ($linuxlike && (getDolGlobalString('MAIN_MAIL_SENDMODE') == 'mail')) { print ''.$langs->trans("MAIN_MAIL_SMTP_SERVER_NotAvailableOnLinuxLike").''.$langs->trans("SeeLocalSendMailSetup").''; } else { print ''.$langs->trans("MAIN_MAIL_SMTP_SERVER", ini_get('SMTP') ?ini_get('SMTP') : $langs->transnoentities("Undefined")).''.(!empty($conf->global->MAIN_MAIL_SMTP_SERVER) ? $conf->global->MAIN_MAIL_SMTP_SERVER : '').''; } + // Port - if ($linuxlike && (isset($conf->global->MAIN_MAIL_SENDMODE) && $conf->global->MAIN_MAIL_SENDMODE == 'mail')) { + if ($linuxlike && (getDolGlobalString('MAIN_MAIL_SENDMODE') == 'mail')) { print ''.$langs->trans("MAIN_MAIL_SMTP_PORT_NotAvailableOnLinuxLike").''.$langs->trans("SeeLocalSendMailSetup").''; } else { print ''.$langs->trans("MAIN_MAIL_SMTP_PORT", ini_get('smtp_port') ?ini_get('smtp_port') : $langs->transnoentities("Undefined")).''.(!empty($conf->global->MAIN_MAIL_SMTP_PORT) ? $conf->global->MAIN_MAIL_SMTP_PORT : '').''; } // SMTPS ID - if (isset($conf->global->MAIN_MAIL_SENDMODE) && in_array($conf->global->MAIN_MAIL_SENDMODE, array('smtps', 'swiftmailer'))) { + if (in_array(getDolGlobalString('MAIN_MAIL_SENDMODE'), array('smtps', 'swiftmailer'))) { print ''.$langs->trans("MAIN_MAIL_SMTPS_ID").''.$conf->global->MAIN_MAIL_SMTPS_ID.''; } + // AUTH method + if (in_array(getDolGlobalString('MAIN_MAIL_SENDMODE'), array('smtps', 'swiftmailer'))) { + $authtype = getDolGlobalString('MAIN_MAIL_SMTPS_AUTH_TYPE', 'LOGIN'); + $text = ($authtype === "LOGIN") ? $langs->trans("UsePassword") : ($authtype === "XOAUTH2" ? $langs->trans("UseOauth") : '') ; + print ''.$langs->trans("MAIN_MAIL_SMTPS_AUTH_TYPE").''.$text.''; + } + // SMTPS PW - if (isset($conf->global->MAIN_MAIL_SENDMODE) && in_array($conf->global->MAIN_MAIL_SENDMODE, array('smtps', 'swiftmailer'))) { + if (in_array(getDolGlobalString('MAIN_MAIL_SENDMODE'), array('smtps', 'swiftmailer')) && getDolGlobalString('MAIN_MAIL_SMTPS_AUTH_TYPE') != "XOAUTH2") { print ''.$langs->trans("MAIN_MAIL_SMTPS_PW").''.preg_replace('/./', '*', $conf->global->MAIN_MAIL_SMTPS_PW).''; } + // SMTPS oauth service + if (in_array(getDolGlobalString('MAIN_MAIL_SENDMODE'), array('smtps', 'swiftmailer')) && getDolGlobalString('MAIN_MAIL_SMTPS_AUTH_TYPE') === "XOAUTH2") { + $text = $oauthservices[$conf->global->MAIN_MAIL_SMTPS_OAUTH_SERVICE]; + if (empty($text)) { + $text = $langs->trans("Undefined").img_warning(); + } + print ''.$langs->trans("MAIN_MAIL_SMTPS_OAUTH_SERVICE").''.$text.''; + } + // TLS print ''.$langs->trans("MAIN_MAIL_EMAIL_TLS").''; if (isset($conf->global->MAIN_MAIL_SENDMODE) && in_array($conf->global->MAIN_MAIL_SENDMODE, array('smtps', 'swiftmailer'))) { diff --git a/htdocs/admin/mails_senderprofile_list.php b/htdocs/admin/mails_senderprofile_list.php index 8e31d0e6d62..db92c33a7fb 100644 --- a/htdocs/admin/mails_senderprofile_list.php +++ b/htdocs/admin/mails_senderprofile_list.php @@ -557,6 +557,7 @@ if (!empty($extrafields->attributes[$object->table_element]['computed']) && is_a // -------------------------------------------------------------------- $i = 0; $totalarray = array(); +$totalarray['nbfield'] = 0; while ($i < ($limit ? min($num, $limit) : $num)) { $obj = $db->fetch_object($resql); if (empty($obj)) { diff --git a/htdocs/admin/modules.php b/htdocs/admin/modules.php index 286ccc424e8..d04039aefdf 100644 --- a/htdocs/admin/modules.php +++ b/htdocs/admin/modules.php @@ -43,10 +43,15 @@ require_once DOL_DOCUMENT_ROOT.'/admin/dolistore/class/dolistore.class.php'; // Load translation files required by the page $langs->loadLangs(array("errors", "admin", "modulebuilder")); -$mode = GETPOSTISSET('mode') ? GETPOST('mode', 'alpha') : (empty($conf->global->MAIN_MODULE_SETUP_ON_LIST_BY_DEFAULT) ? 'commonkanban' : 'common'); -if (empty($mode)) { - $mode = 'common'; +// if we set another view list mode, we keep it (till we change one more time) +if (GETPOSTISSET('mode')) { + $mode = GETPOST('mode', 'alpha'); + if ($mode =='common' || $mode =='commonkanban') + dolibarr_set_const($db, "MAIN_MODULE_SETUP_ON_LIST_BY_DEFAULT", $mode, 'chaine', 0, '', $conf->entity); +} else { + $mode = (empty($conf->global->MAIN_MODULE_SETUP_ON_LIST_BY_DEFAULT) ? 'commonkanban' : $conf->global->MAIN_MODULE_SETUP_ON_LIST_BY_DEFAULT); } + $action = GETPOST('action', 'aZ09'); $value = GETPOST('value', 'alpha'); $page_y = GETPOST('page_y', 'int'); diff --git a/htdocs/admin/oauth.php b/htdocs/admin/oauth.php index 772055f0809..ade561c4ef1 100644 --- a/htdocs/admin/oauth.php +++ b/htdocs/admin/oauth.php @@ -62,7 +62,7 @@ if ($action == 'add') { // $provider is OAUTH_XXX setEventMessages($langs->trans("AOAuthEntryForThisProviderAndLabelAlreadyHasAKey"), null, 'errors'); $error++; } else { - dolibarr_set_const($db, $constname, 'ToComplete', 'chaine', 0, '', $conf->entity); + dolibarr_set_const($db, $constname, $langs->trans('ToComplete'), 'chaine', 0, '', $conf->entity); setEventMessages($langs->trans("OAuthProviderAdded"), null); } } @@ -78,6 +78,16 @@ if ($action == 'update') { if (!dolibarr_set_const($db, $constvalue.'_SECRET', GETPOST($constvalue.'_ID') ? GETPOST($constvalue.'_SECRET') : '', 'chaine', 0, '', $conf->entity)) { $error++; } + if (GETPOSTISSET($constvalue.'_URLAUTHORIZE')) { + if (!dolibarr_set_const($db, $constvalue.'_URLAUTHORIZE', GETPOST($constvalue.'_URLAUTHORIZE'), 'chaine', 0, '', $conf->entity)) { + $error++; + } + } + if (GETPOSTISSET($constvalue.'_SCOPE')) { + if (!dolibarr_set_const($db, $constvalue.'_SCOPE', GETPOST($constvalue.'_SCOPE'), 'chaine', 0, '', $conf->entity)) { + $error++; + } + } } } @@ -147,11 +157,17 @@ print ''; $i = 0; -//var_dump($list); +// Define $listinsetup foreach ($conf->global as $key => $val) { if (!empty($val) && preg_match('/^OAUTH_.*_ID$/', $key)) { $provider = preg_replace('/_ID$/', '', $key); - $listinsetup[] = array($provider.'_NAME', $provider.'_ID', $provider.'_SECRET', 'OAUTH Provider '.str_replace('OAUTH_', '', $provider)); + $listinsetup[] = array( + $provider.'_NAME', + $provider.'_ID', + $provider.'_SECRET', + $provider.'_URLAUTHORIZE', // For custom oauth links + $provider.'_SCOPE' // For custom oauth links + ); } } @@ -178,12 +194,16 @@ foreach ($listinsetup as $key) { $i++; - print ''; // Api Name $label = $langs->trans($keyforsupportedoauth2array); + print ''; print ''; print ''; - print ''; + + if ($keyforsupportedoauth2array == 'OAUTH_OTHER_NAME') { + print ''; + print ''; + print ''; + } } else { print ''; print ''; @@ -213,14 +240,32 @@ foreach ($listinsetup as $key) { // Api Id print ''; print ''; - print ''; // Api Secret print ''; print ''; - print ''; + + // TODO Move this into token generation + if ($supported) { + if ($keyforsupportedoauth2array == 'OAUTH_OTHER_NAME') { + print ''; + print ''; + print ''; + } else { + print ''; + print ''; + print ''; + } + } } print '
'; print img_picto('', $supportedoauth2array[$keyforsupportedoauth2array]['picto'], 'class="pictofixedwidth"'); - print $label; + if ($label == $keyforsupportedoauth2array) { + print $supportedoauth2array[$keyforsupportedoauth2array]['name']; + } else { + print $label; + } if ($keyforprovider) { print ' ('.$keyforprovider.')'; } else { @@ -201,8 +221,15 @@ foreach ($listinsetup as $key) { $redirect_uri = $urlwithroot.'/core/modules/oauth/'.$supportedoauth2array[$keyforsupportedoauth2array]['callbackfile'].'_oauthcallback.php'; print '
'.$langs->trans("UseTheFollowingUrlAsRedirectURI").''; + print ''; print '
'.$langs->trans("URLOfServiceForAuthorization").''; + print '
'.$langs->trans("UseTheFollowingUrlAsRedirectURI").'
'; + print ''; print '
'; + print ''; print '
'.$langs->trans("Scopes").''; + print ''; + print '
'.$langs->trans("Scopes").''; + //print ''; + print $supportedoauth2array[$keyforsupportedoauth2array]['defaultscope']; + print '
'."\n"; diff --git a/htdocs/admin/oauthlogintokens.php b/htdocs/admin/oauthlogintokens.php index b2830f95743..00daaf01e27 100644 --- a/htdocs/admin/oauthlogintokens.php +++ b/htdocs/admin/oauthlogintokens.php @@ -138,11 +138,17 @@ if (GETPOST('error')) { if ($mode == 'setup' && $user->admin) { print ''.$langs->trans("OAuthSetupForLogin")."

\n"; - //var_dump($list); + // Define $listinsetup foreach ($conf->global as $key => $val) { if (!empty($val) && preg_match('/^OAUTH_.*_ID$/', $key)) { $provider = preg_replace('/_ID$/', '', $key); - $listinsetup[] = array($provider.'_NAME', $provider.'_ID', $provider.'_SECRET', 'OAUTH Provider '.str_replace('OAUTH_', '', $provider)); + $listinsetup[] = array( + $provider.'_NAME', + $provider.'_ID', + $provider.'_SECRET', + $provider.'_URLAUTHORIZE', // For custom oauth links + $provider.'_SCOPE' // For custom oauth links + ); } } @@ -165,46 +171,39 @@ if ($mode == 'setup' && $user->admin) { $OAUTH_SERVICENAME = (empty($supportedoauth2array[$keyforsupportedoauth2array]['name']) ? 'Unknown' : $supportedoauth2array[$keyforsupportedoauth2array]['name'].($keyforprovider ? '-'.$keyforprovider : '')); - // Define $shortscope, $urltorenew, $urltodelete, $urltocheckperms + $shortscope = $supportedoauth2array[$keyforsupportedoauth2array]['defaultscope']; + if (getDolGlobalString($key[4])) { + $shortscope = getDolGlobalString($key[4]); + } + $state = $shortscope; // TODO USe a better state + + // Define $urltorenew, $urltodelete, $urltocheckperms // TODO Use array $supportedoauth2array if ($keyforsupportedoauth2array == 'OAUTH_GITHUB_NAME') { // List of keys that will be converted into scopes (from constants 'SCOPE_state_in_uppercase' in file of service). // We pass this param list in to 'state' because we need it before and after the redirect. - $shortscope = 'user,public_repo'; - // Note: github does not accept csrf key inside the state parameter (only know values) - $urltorenew = $urlwithroot.'/core/modules/oauth/github_oauthcallback.php?shortscope='.$shortscope.'&state='.$shortscope.'&backtourl='.urlencode(DOL_URL_ROOT.'/admin/oauthlogintokens.php'); + // Note: github does not accept csrf key inside the state parameter (only known values) + $urltorenew = $urlwithroot.'/core/modules/oauth/github_oauthcallback.php?shortscope='.urlencode($shortscope).'&state='.$shortscope.'&backtourl='.urlencode(DOL_URL_ROOT.'/admin/oauthlogintokens.php'); $urltodelete = $urlwithroot.'/core/modules/oauth/github_oauthcallback.php?action=delete&token='.newToken().'&backtourl='.urlencode(DOL_URL_ROOT.'/admin/oauthlogintokens.php'); $urltocheckperms = 'https://github.com/settings/applications/'; } elseif ($keyforsupportedoauth2array == 'OAUTH_GOOGLE_NAME') { // List of keys that will be converted into scopes (from constants 'SCOPE_state_in_uppercase' in file of service). // List of scopes for Google are here: https://developers.google.com/identity/protocols/oauth2/scopes // We pass this key list into the param 'state' because we need it before and after the redirect. - $shortscope = 'userinfo_email,userinfo_profile'; - $shortscope .= ',openid,email,profile'; // For openid connect - if (!empty($conf->printing->enabled)) { - $shortscope .= ',cloud_print'; - } - if (!empty($conf->global->OAUTH_GOOGLE_GSUITE)) { - $shortscope .= ',admin_directory_user'; - } - if (!empty($conf->global->OAUTH_GOOGLE_GMAIL)) { - $shortscope.=',gmail_full'; - } - - $urltorenew = $urlwithroot.'/core/modules/oauth/google_oauthcallback.php?shortscope='.$shortscope.'&state='.$shortscope.'-'.$oauthstateanticsrf.'&backtourl='.urlencode(DOL_URL_ROOT.'/admin/oauthlogintokens.php'); + $urltorenew = $urlwithroot.'/core/modules/oauth/google_oauthcallback.php?shortscope='.urlencode($shortscope).'&state='.urlencode($state).'-'.$oauthstateanticsrf.'&backtourl='.urlencode(DOL_URL_ROOT.'/admin/oauthlogintokens.php'); $urltodelete = $urlwithroot.'/core/modules/oauth/google_oauthcallback.php?action=delete&token='.newToken().'&backtourl='.urlencode(DOL_URL_ROOT.'/admin/oauthlogintokens.php'); $urltocheckperms = 'https://security.google.com/settings/security/permissions'; } elseif ($keyforsupportedoauth2array == 'OAUTH_STRIPE_TEST_NAME') { - $shortscope = 'none'; - - $urltorenew = $urlwithroot.'/core/modules/oauth/stripetest_oauthcallback.php?backtourl='.urlencode(DOL_URL_ROOT.'/admin/oauthlogintokens.php'); + $urltorenew = $urlwithroot.'/core/modules/oauth/stripetest_oauthcallback.php?shortscope='.urlencode($shortscope).'&state='.urlencode($state).'&backtourl='.urlencode(DOL_URL_ROOT.'/admin/oauthlogintokens.php'); $urltodelete = ''; $urltocheckperms = ''; } elseif ($keyforsupportedoauth2array == 'OAUTH_STRIPE_LIVE_NAME') { - $shortscope = 'none'; - - $urltorenew = $urlwithroot.'/core/modules/oauth/stripelive_oauthcallback.php?backtourl='.urlencode(DOL_URL_ROOT.'/admin/oauthlogintokens.php'); + $urltorenew = $urlwithroot.'/core/modules/oauth/stripelive_oauthcallback.php?shortscope='.urlencode($shortscope).'&state='.urlencode($state).'&backtourl='.urlencode(DOL_URL_ROOT.'/admin/oauthlogintokens.php'); + $urltodelete = ''; + $urltocheckperms = ''; + } elseif ($keyforsupportedoauth2array = 'OAUTH_OTHER_NAME') { + $urltorenew = $urlwithroot.'/core/modules/oauth/generic_oauthcallback.php?shortscope='.urlencode($shortscope).'&state='.urlencode($state).'&backtourl='.urlencode(DOL_URL_ROOT.'/admin/oauthlogintokens.php'); $urltodelete = ''; $urltocheckperms = ''; } else { @@ -212,7 +211,8 @@ if ($mode == 'setup' && $user->admin) { $urltodelete = ''; $urltocheckperms = ''; } - $urltorenew .= '&keyforprovider='.$keyforprovider; + + $urltorenew .= '&keyforprovider='.urlencode($keyforprovider); // Show value of token $tokenobj = null; @@ -246,7 +246,7 @@ if ($mode == 'setup' && $user->admin) { } elseif ($endoflife == $tokenobj::EOL_UNKNOWN) { $expiredat = $langs->trans("Unknown"); } else { - $expiredat = dol_print_date($endoflife, "dayhour"); + $expiredat = dol_print_date($endoflife, "dayhour", 'tzuserrel'); } } } @@ -260,10 +260,16 @@ if ($mode == 'setup' && $user->admin) { print '
'; print ''."\n"; + // Api Name + $label = $langs->trans($keyforsupportedoauth2array); print ''; print ''; if (isModEnabled('productbatch')) { print ''; } // Qty -print ''; +print ''; // Button to add line print ''; @@ -641,14 +641,14 @@ foreach ($listofdata as $key => $val) { print $warehousestatict->getNomUrl(1); print ''; print ''; if (isModEnabled('productbatch')) { print ''; } - print ''; + print ''; print ''; print ''; } diff --git a/htdocs/product/stock/replenish.php b/htdocs/product/stock/replenish.php index 86b91f73e2b..91833e95271 100644 --- a/htdocs/product/stock/replenish.php +++ b/htdocs/product/stock/replenish.php @@ -623,7 +623,7 @@ if (empty($reshook)) { } print '
'; -print ''; +print ''; print '
'; print ''; @@ -697,7 +697,7 @@ $texte = $langs->trans('Replenishment'); print '
'; -print '
'; // You can use div-table-responsive-no-min if you dont need reserved height for your table +print '
'; if (!empty($conf->global->REPLENISH_ALLOW_VARIABLESIZELIST)) { print_barre_liste( @@ -894,7 +894,8 @@ while ($i < ($limit ? min($num, $limit) : $num)) { print '
'; - print ''; diff --git a/htdocs/product/stock/replenishorders.php b/htdocs/product/stock/replenishorders.php index a78694bf830..b66eff03a71 100644 --- a/htdocs/product/stock/replenishorders.php +++ b/htdocs/product/stock/replenishorders.php @@ -217,13 +217,13 @@ if ($resql) { print ''; print ''; print ''; print ''; print ''; + print ''; // Author $userstatic->id = $obj->fk_user_author; diff --git a/htdocs/product/stock/stockatdate.php b/htdocs/product/stock/stockatdate.php index d4f1bbf4861..82d818af2c9 100644 --- a/htdocs/product/stock/stockatdate.php +++ b/htdocs/product/stock/stockatdate.php @@ -518,13 +518,9 @@ while ($i < ($limit ? min($num, $limit) : $num)) { } if ($mode == 'future') { - $prod->load_stock('warehouseopen, warehouseinternal', 0); // This call also ->load_virtual_stock() - - //$result = $prod->load_stats_reception(0, '4'); - //print $prod->stats_commande_fournisseur['qty'].'
'."\n"; - //print $prod->stats_reception['qty']; - - $stock = ''.$langs->trans("FeatureNotYetAvailable").''; + $prod->load_stock('warehouseopen, warehouseinternal', 0, $dateendofday); + $stock = $prod->stock_theorique; + $prod->load_stock('warehouseopen, warehouseinternal', 0); $virtualstock = $prod->stock_theorique; } else { if ($fk_warehouse > 0) { diff --git a/htdocs/product/stock/tpl/stockcorrection.tpl.php b/htdocs/product/stock/tpl/stockcorrection.tpl.php index 19974c49afe..08a66d1b8c6 100644 --- a/htdocs/product/stock/tpl/stockcorrection.tpl.php +++ b/htdocs/product/stock/tpl/stockcorrection.tpl.php @@ -106,7 +106,7 @@ if ($object->element == 'stock') { print ''; print ''; print 'element == 'stock' ? '' : ' class="fieldrequired"').'>'.$langs->trans("batch_number").''; print ''; print ''; @@ -161,7 +161,7 @@ if (!empty($conf->project->enabled)) { print ''; print ''; } print ''; @@ -171,7 +171,7 @@ $valformovementlabel = ((GETPOST("label") && (GETPOST('label') != $langs->trans( print ''; print ''; print ''; print ''; print ''; } if ($object->element == 'stock') { @@ -87,7 +87,7 @@ if ($object->element == 'stock') { } print ''; print ''; print ''; @@ -104,7 +104,7 @@ if (!empty($conf->productbatch->enabled) && print ''; print ''; } else { - print ''; + print ''; } print ''; print ''; @@ -128,7 +128,7 @@ $valformovementlabel = (GETPOST("label") ? GETPOST("label") : $langs->trans("Mov print ''; print ''; print ''; print ''; print ''; } diff --git a/htdocs/user/class/user.class.php b/htdocs/user/class/user.class.php index 4c044f329b2..008aaae5007 100644 --- a/htdocs/user/class/user.class.php +++ b/htdocs/user/class/user.class.php @@ -2073,6 +2073,8 @@ class User extends CommonObject $adh->phone = $this->office_phone; $adh->phone_mobile = $this->user_mobile; + $adh->default_lang = $this->lang; + $adh->user_id = $this->id; $adh->user_login = $this->login; @@ -2117,6 +2119,8 @@ class User extends CommonObject $tmpobj->phone_mobile = $this->user_mobile; $tmpobj->fax = $this->office_fax; + $tmpobj->default_lang = $this->lang; + $tmpobj->address = $this->address; $tmpobj->town = $this->town; $tmpobj->zip = $this->zip; diff --git a/htdocs/user/logout.php b/htdocs/user/logout.php index 57a653a01d1..661995bb729 100644 --- a/htdocs/user/logout.php +++ b/htdocs/user/logout.php @@ -33,6 +33,11 @@ if (!defined('NOREQUIREHTML')) { if (!defined('NOREQUIREAJAX')) { define('NOREQUIREAJAX', '1'); } +/* We do now force CSRF check so we can logout using logout.php page (required for DoliDroid for example) +if (!defined('CSRFCHECK_WITH_TOKEN')) { + define('CSRFCHECK_WITH_TOKEN', '1'); +} +*/ //if (! defined('NOREQUIRESOC')) define('NOREQUIRESOC','1'); // We need company to get correct logo onto home page if (!defined('EVEN_IF_ONLY_LOGIN_ALLOWED')) { define('EVEN_IF_ONLY_LOGIN_ALLOWED', '1'); diff --git a/htdocs/website/class/website.class.php b/htdocs/website/class/website.class.php index aa405861e6a..811c0e9c7cc 100644 --- a/htdocs/website/class/website.class.php +++ b/htdocs/website/class/website.class.php @@ -1034,7 +1034,10 @@ class Website extends CommonObject $allaliases = $objectpageold->pageurl; $allaliases .= ($objectpageold->aliasalt ? ','.$objectpageold->aliasalt : ''); - $line = '-- Page ID '.$objectpageold->id.' -> '.$objectpageold->newid.'__+MAX_llx_website_page__ - Aliases '.$allaliases.' --;'; // newid start at 1, 2... + $line = '-- File generated by Dolibarr '.DOL_VERSION.' -- '.dol_print_date(dol_now('gmt'), 'standard', 'gmt').' UTC --;'; + $line .= "\n"; + + $line .= '-- Page ID '.$objectpageold->id.' -> '.$objectpageold->newid.'__+MAX_llx_website_page__ - Aliases '.$allaliases.' --;'; // newid start at 1, 2... $line .= "\n"; fputs($fp, $line); diff --git a/htdocs/website/index.php b/htdocs/website/index.php index 90277e59594..5020ad00626 100644 --- a/htdocs/website/index.php +++ b/htdocs/website/index.php @@ -2741,8 +2741,12 @@ if (!GETPOST('hide_websitemenu')) { print ''; - //print ''; - print ''; + // Delete website + if ($website->status == $website::STATUS_VALIDATED) { + print ''; + } else { + print ''; + } // Regenerate all pages print 'ref).'" class="button bordertransp"'.$disabled.' title="'.dol_escape_htmltag($langs->trans("RegenerateWebsiteContent")).'">'; diff --git a/test/phpunit/SecurityTest.php b/test/phpunit/SecurityTest.php index 4f7a78790f1..cc43d6c3a31 100644 --- a/test/phpunit/SecurityTest.php +++ b/test/phpunit/SecurityTest.php @@ -382,6 +382,9 @@ class SecurityTest extends PHPUnit\Framework\TestCase $_POST["param13b"]='n n > < " XSS'; $_POST["param14"]="Text with ' encoded with the numeric html entity converted into text entity ' (like when submited by CKEditor)"; $_POST["param15"]=" src=>0xbeefed"; + $_POST["param16"]='abc'; + $_POST["param17"]='abc'; + $_POST["param18"]='abc'; //$_POST["param13"]='javascript%26colon%26%23x3B%3Balert(1)'; //$_POST["param14"]='javascripT&javascript#x3a alert(1)'; @@ -554,6 +557,18 @@ class SecurityTest extends PHPUnit\Framework\TestCase print __METHOD__." result=".$result."\n"; $this->assertEquals('0xbeefed', $result, 'Test 15b'); + $result=GETPOST('param16', 'restricthtml'); + print __METHOD__." result=".$result."\n"; + $this->assertEquals('abc', $result, 'Test tag a with forbidden attribute z-index'); + + $result=GETPOST('param17', 'restricthtml'); + print __METHOD__." result=".$result."\n"; + $this->assertEquals('abc', $result, 'Test anytag with a forbidden value for attribute'); + + $result=GETPOST('param18', 'restricthtml'); + print __METHOD__." result=".$result."\n"; + $this->assertEquals('abc', $result, 'Test anytag with a forbidden value for attribute'); + unset($conf->global->MAIN_RESTRICTHTML_REMOVE_ALSO_BAD_ATTRIBUTES); @@ -589,6 +604,13 @@ class SecurityTest extends PHPUnit\Framework\TestCase print __METHOD__." result=".$result."\n"; $this->assertEquals('x3aalert(1)', $result, 'Test for backtopage param'); + + $conf->global->MAIN_SECURITY_MAX_IMG_IN_HTML_CONTENT = 3; + $_POST["pagecontentwithlinks"]=''; + $result=GETPOST("pagecontentwithlinks", 'restricthtml'); + print __METHOD__." result=".$result."\n"; + $this->assertEquals('TooManyLinksIntoHTMLString', $result, 'Test on limit on GETPOST fails'); + return $result; }
'; print img_picto('', $supportedoauth2array[$keyforsupportedoauth2array]['picto'], 'class="pictofixedwidth"'); - print $langs->trans($keyforsupportedoauth2array); + if ($label == $keyforsupportedoauth2array) { + print $supportedoauth2array[$keyforsupportedoauth2array]['name']; + } else { + print $label; + } if ($keyforprovider) { print ' ('.$keyforprovider.')'; } else { @@ -292,7 +298,8 @@ if ($mode == 'setup' && $user->admin) { print ''; print ''; if (is_object($tokenobj)) { - print $langs->trans("HasAccessToken"); + // TODO Read in database to get the date of creation of token + print $form->textwithpicto(yn(1), $langs->trans("HasAccessToken").' : '); } else { print ''.$langs->trans("NoAccessToken").''; } @@ -305,7 +312,9 @@ if ($mode == 'setup' && $user->admin) { } // Request remote token if ($urltorenew) { - print ''.$langs->trans('RequestAccess').'
'; + print ''.$langs->trans('GetAccess').''; + print $form->textwithpicto('', $langs->trans('RequestAccess')); + print '
'; } // Check remote access if ($urltocheckperms) { @@ -378,8 +387,8 @@ if ($mode == 'setup' && $user->admin) { } } - print ''; + print '
'; } } diff --git a/htdocs/barcode/printsheet.php b/htdocs/barcode/printsheet.php index 763463d6fb8..c55db4ef2a1 100644 --- a/htdocs/barcode/printsheet.php +++ b/htdocs/barcode/printsheet.php @@ -203,25 +203,30 @@ if ($action == 'builddoc') { $forceimgscalewidth = (empty($conf->global->BARCODE_FORCEIMGSCALEWIDTH) ? 1 : $conf->global->BARCODE_FORCEIMGSCALEWIDTH); $forceimgscaleheight = (empty($conf->global->BARCODE_FORCEIMGSCALEHEIGHT) ? 1 : $conf->global->BARCODE_FORCEIMGSCALEHEIGHT); - for ($i = 0; $i < $numberofsticker; $i++) { - $arrayofrecords[] = array( - 'textleft'=>$textleft, - 'textheader'=>$textheader, - 'textfooter'=>$textfooter, - 'textright'=>$textright, - 'code'=>$code, - 'encoding'=>$encoding, - 'is2d'=>$is2d, - 'photo'=>$barcodeimage // Photo must be a file that exists with format supported by TCPDF - ); + $MAXSTICKERS = 1000; + if ($numberofsticker <= $MAXSTICKERS) { + for ($i = 0; $i < $numberofsticker; $i++) { + $arrayofrecords[] = array( + 'textleft'=>$textleft, + 'textheader'=>$textheader, + 'textfooter'=>$textfooter, + 'textright'=>$textright, + 'code'=>$code, + 'encoding'=>$encoding, + 'is2d'=>$is2d, + 'photo'=>$barcodeimage // Photo must be a file that exists with format supported by TCPDF + ); + } + } else { + $mesg = $langs->trans("ErrorQuantityIsLimitedTo", $MAXSTICKERS); + $error++; } } $i++; - $mesg = ''; // Build and output PDF - if ($mode == 'label') { + if (!$error && $mode == 'label') { if (!count($arrayofrecords)) { $mesg = $langs->trans("ErrorRecordNotFound"); } @@ -240,7 +245,7 @@ if ($action == 'builddoc') { } } - if ($result <= 0 || $mesg) { + if ($result <= 0 || $mesg || $error) { if (empty($mesg)) { $mesg = 'Error '.$result; } @@ -272,8 +277,6 @@ print '
'; print ''.$langs->trans("PageToGenerateBarCodeSheets", $langs->transnoentitiesnoconv("BuildPageToPrint")).'
'; print '
'; -dol_htmloutput_errors($mesg); - //print img_picto('','puce').' '.$langs->trans("PrintsheetForOneBarCode").'
'; //print '
'; diff --git a/htdocs/categories/class/api_categories.class.php b/htdocs/categories/class/api_categories.class.php index fcac14f1337..0a618974024 100644 --- a/htdocs/categories/class/api_categories.class.php +++ b/htdocs/categories/class/api_categories.class.php @@ -305,7 +305,8 @@ class Categories extends DolibarrApi Categorie::TYPE_CUSTOMER, Categorie::TYPE_SUPPLIER, Categorie::TYPE_MEMBER, - Categorie::TYPE_PROJECT + Categorie::TYPE_PROJECT, + Categorie::TYPE_KNOWLEDGEMANAGEMENT ])) { throw new RestException(401); } @@ -322,6 +323,8 @@ class Categories extends DolibarrApi throw new RestException(401); } elseif ($type == Categorie::TYPE_PROJECT && !DolibarrApiAccess::$user->rights->projet->lire) { throw new RestException(401); + } elseif ($type == Categorie::TYPE_KNOWLEDGEMANAGEMENT && !DolibarrApiAccess::$user->rights->knowledgemanagement->knowledgerecord->read) { + throw new RestException(401); } $categories = $this->category->getListForItem($id, $type, $sortfield, $sortorder, $limit, $page); diff --git a/htdocs/categories/class/categorie.class.php b/htdocs/categories/class/categorie.class.php index 8d26b5583d4..b222f70110a 100644 --- a/htdocs/categories/class/categorie.class.php +++ b/htdocs/categories/class/categorie.class.php @@ -703,13 +703,14 @@ class Categorie extends CommonObject $type = $obj->element; } + dol_syslog(get_class($this).'::add_type', LOG_DEBUG); + $this->db->begin(); $sql = "INSERT INTO ".MAIN_DB_PREFIX."categorie_".(empty($this->MAP_CAT_TABLE[$type]) ? $type : $this->MAP_CAT_TABLE[$type]); $sql .= " (fk_categorie, fk_".(empty($this->MAP_CAT_FK[$type]) ? $type : $this->MAP_CAT_FK[$type]).")"; $sql .= " VALUES (".((int) $this->id).", ".((int) $obj->id).")"; - dol_syslog(get_class($this).'::add_type', LOG_DEBUG); if ($this->db->query($sql)) { if (!empty($conf->global->CATEGORIE_RECURSIV_ADD)) { $sql = 'SELECT fk_parent FROM '.MAIN_DB_PREFIX.'categorie'; diff --git a/htdocs/categories/viewcat.php b/htdocs/categories/viewcat.php index 5450127bff3..5405b33d994 100644 --- a/htdocs/categories/viewcat.php +++ b/htdocs/categories/viewcat.php @@ -1030,7 +1030,7 @@ if ($type == Categorie::TYPE_PROJECT) { } // List of users -if ($type == Categorie::TYPE_USER) { +if ($type == Categorie::TYPE_USER && $user->hasRight("user", "user", "read")) { require_once DOL_DOCUMENT_ROOT.'/user/class/user.class.php'; $users = $object->getObjectsInCateg($type); @@ -1099,6 +1099,9 @@ if ($type == Categorie::TYPE_USER) { print ''."\n"; } +} else { + print_barre_liste($langs->trans("Users"), null, $_SERVER["PHP_SELF"], '', '', '', '', '', '', 'user'); + accessforbidden($langs->trans("NotEnoughPermissions"), 0, 0); } diff --git a/htdocs/comm/action/card.php b/htdocs/comm/action/card.php index ed25d89db67..6dd6cd5663b 100644 --- a/htdocs/comm/action/card.php +++ b/htdocs/comm/action/card.php @@ -538,7 +538,7 @@ if (empty($reshook) && $action == 'add') { $error++; } // End date - $repeateventlimitdate = dol_mktime('23', '59', '59', GETPOSTISSET("limitmonth", 'int') ? GETPOST("limitmonth", 'int') : 01, GETPOSTISSET("limitday", 'int') ? GETPOST("limitday", 'int') : 01, GETPOSTISSET("limityear", 'int') && GETPOST("limityear", 'int') < 2100 ? GETPOST("limityear", 'int') : 2100, $tzforfullday ? $tzforfullday : 'tzuser'); + $repeateventlimitdate = dol_mktime('23', '59', '59', GETPOSTISSET("limitmonth") ? GETPOST("limitmonth", 'int') : 01, GETPOSTISSET("limitday", 'int') ? GETPOST("limitday", 'int') : 01, GETPOSTISSET("limityear", 'int') && GETPOST("limityear", 'int') < 2100 ? GETPOST("limityear", 'int') : 2100, $tzforfullday ? $tzforfullday : 'tzuser'); // Set date of end of event $deltatime = num_between_day($object->datep, $datep); $datef = dol_time_plus_duree($datef, $deltatime, 'd'); @@ -677,7 +677,7 @@ if (empty($reshook) && $action == 'update') { $object->fetch($id); $object->fetch_optionals(); $object->fetch_userassigned(); - $object->oldcopy = clone $object; + $object->oldcopy = dol_clone($object); // Clean parameters if ($fulldayevent) { @@ -927,7 +927,7 @@ if (empty($reshook) && $action == 'confirm_delete' && GETPOST("confirm") == 'yes $object->fetch($id); $object->fetch_optionals(); $object->fetch_userassigned(); - $object->oldcopy = clone $object; + $object->oldcopy = dol_clone($object); if ($user->rights->agenda->myactions->delete || $user->rights->agenda->allactions->delete) { diff --git a/htdocs/comm/action/index.php b/htdocs/comm/action/index.php index 2afad30c454..c60f10be857 100644 --- a/htdocs/comm/action/index.php +++ b/htdocs/comm/action/index.php @@ -212,7 +212,7 @@ if (GETPOST("viewperuser", 'alpha') || $mode == 'show_peruser') { $event->fetch($actionid); $event->fetch_optionals(); $event->fetch_userassigned(); - $event->oldcopy = clone $event; + $event->oldcopy = dol_clone($event); $result = $event->delete(); } diff --git a/htdocs/comm/action/pertype.php b/htdocs/comm/action/pertype.php index 85eb355f2b6..d21b20bbfaf 100644 --- a/htdocs/comm/action/pertype.php +++ b/htdocs/comm/action/pertype.php @@ -189,7 +189,7 @@ if ($action == 'delete_action' && $user->rights->agenda->delete) { $event->fetch($actionid); $event->fetch_optionals(); $event->fetch_userassigned(); - $event->oldcopy = clone $event; + $event->oldcopy = dol_clone($event); $result = $event->delete(); } diff --git a/htdocs/comm/action/peruser.php b/htdocs/comm/action/peruser.php index 87def7240f5..b30ef8f7ba9 100644 --- a/htdocs/comm/action/peruser.php +++ b/htdocs/comm/action/peruser.php @@ -196,7 +196,7 @@ if ($action == 'delete_action' && $user->rights->agenda->delete) { $event->fetch($actionid); $event->fetch_optionals(); $event->fetch_userassigned(); - $event->oldcopy = clone $event; + $event->oldcopy = dol_clone($event); $result = $event->delete(); } diff --git a/htdocs/comm/multiprix.php b/htdocs/comm/multiprix.php index 8da9a17ebb2..0e582946df9 100644 --- a/htdocs/comm/multiprix.php +++ b/htdocs/comm/multiprix.php @@ -75,7 +75,7 @@ if ($_socid > 0) { // We load data of thirdparty $objsoc = new Societe($db); $objsoc->id = $_socid; - $objsoc->fetch($_socid, $to); + $objsoc->fetch($_socid); $head = societe_prepare_head($objsoc); @@ -141,7 +141,6 @@ if ($_socid > 0) { $resql = $db->query($sql); if ($resql) { print ''; - $tag = !$tag; print ''; print ''; print ''; diff --git a/htdocs/comm/propal/card.php b/htdocs/comm/propal/card.php index f1a92d032cf..0521d203331 100644 --- a/htdocs/comm/propal/card.php +++ b/htdocs/comm/propal/card.php @@ -112,9 +112,9 @@ if ($id > 0 || !empty($ref)) { // Initialize technical object to manage hooks of page. Note that conf->hooks_modules contains array of hook context $hookmanager->initHooks(array('propalcard', 'globalcard')); -$usercanread = $user->rights->propal->lire; -$usercancreate = $user->rights->propal->creer; -$usercandelete = $user->rights->propal->supprimer; +$usercanread = $user->hasRight("propal", "lire"); +$usercancreate = $user->hasRight("propal", "creer"); +$usercandelete = $user->hasRight("propal", "supprimer"); $usercanclose = ((empty($conf->global->MAIN_USE_ADVANCED_PERMS) && $usercancreate) || (!empty($conf->global->MAIN_USE_ADVANCED_PERMS) && !empty($user->rights->propal->propal_advance->close))); $usercanvalidate = ((empty($conf->global->MAIN_USE_ADVANCED_PERMS) && $usercancreate) || (!empty($conf->global->MAIN_USE_ADVANCED_PERMS) && !empty($user->rights->propal->propal_advance->validate))); @@ -1851,7 +1851,7 @@ if ($action == 'create') { // Calcul contrat->price (HT), contrat->total (TTC), contrat->tva $objectsrc->remise_absolue = $remise_absolue; // deprecated $objectsrc->remise_percent = $remise_percent; - $objectsrc->update_price(1, - 1, 1); + $objectsrc->update_price(1, 'auto', 1); } print "\n"; diff --git a/htdocs/commande/card.php b/htdocs/commande/card.php index aa26e7be794..43c49bdc8a2 100644 --- a/htdocs/commande/card.php +++ b/htdocs/commande/card.php @@ -108,9 +108,9 @@ $extrafields->fetch_name_optionals_label($object->table_element); // Load object include DOL_DOCUMENT_ROOT.'/core/actions_fetchobject.inc.php'; // Must be include, not include_once -$usercanread = $user->hasRight('commande', 'lire'); -$usercancreate = $user->hasRight('commande', 'creer'); -$usercandelete = $user->hasRight('commande', 'supprimer'); +$usercanread = $user->hasRight("commande", "lire"); +$usercancreate = $user->hasRight("commande", "creer"); +$usercandelete = $user->hasRight("commande", "supprimer"); // Advanced permissions $usercanclose = ((empty($conf->global->MAIN_USE_ADVANCED_PERMS) && !empty($usercancreate)) || (!empty($conf->global->MAIN_USE_ADVANCED_PERMS) && !empty($user->hasRight('commande', 'order_advance', 'close')))); diff --git a/htdocs/compta/bank/bankentries_list.php b/htdocs/compta/bank/bankentries_list.php index 511d75a12c8..f24afc0700b 100644 --- a/htdocs/compta/bank/bankentries_list.php +++ b/htdocs/compta/bank/bankentries_list.php @@ -235,8 +235,12 @@ if (empty($reshook)) { include DOL_DOCUMENT_ROOT.'/core/actions_massactions.inc.php'; } +$rowids = GETPOST('rowid', 'array'); + // Conciliation -if ((GETPOST('confirm_savestatement', 'alpha') || GETPOST('confirm_reconcile', 'alpha')) && !empty($user->rights->banque->consolidate) +if ((GETPOST('confirm_savestatement', 'alpha') || GETPOST('confirm_reconcile', 'alpha')) + && (GETPOST("num_releve", "alpha") || !empty($rowids)) + && !empty($user->rights->banque->consolidate) && (!GETPOSTISSET('pageplusone') || (GETPOST('pageplusone') == GETPOST('pageplusoneold')))) { $error = 0; diff --git a/htdocs/compta/bank/card.php b/htdocs/compta/bank/card.php index 2751947c023..3dfe18a3581 100644 --- a/htdocs/compta/bank/card.php +++ b/htdocs/compta/bank/card.php @@ -846,6 +846,9 @@ if ($action == 'create') { $object = new Account($db); $object->fetch(GETPOST('id', 'int')); + $title = $object->ref." - ".$langs->trans("Card"); + llxHeader("", $title, $help_url); + print load_fiche_titre($langs->trans("EditFinancialAccount"), '', 'bank_account'); if ($conf->use_javascript_ajax) { @@ -1014,7 +1017,7 @@ if ($action == 'create') { $tdextra = ' class="fieldrequired titlefieldcreate"'; } - print ''.$langs->trans("AccountancyCode").''; + print ''.$langs->trans("AccountancyCode").''; print ''; // Filter print ''; print ''; if (!$i) { $totalarray['nbfield']++; diff --git a/htdocs/core/actions_sendmails.inc.php b/htdocs/core/actions_sendmails.inc.php index f0ef66eb78b..3749b403469 100644 --- a/htdocs/core/actions_sendmails.inc.php +++ b/htdocs/core/actions_sendmails.inc.php @@ -361,7 +361,7 @@ if (($action == 'send' || $action == 'relance') && !GETPOST('addfile') && !GETPO } $mailfile = new CMailFile($subject, $sendto, $from, $message, $filepath, $mimetype, $filename, $sendtocc, $sendtobcc, $deliveryreceipt, -1, '', '', $trackid, '', $sendcontext); - if ($mailfile->error) { + if (!empty($mailfile->error) || !empty($mailfile->errors)) { setEventMessages($mailfile->error, $mailfile->errors, 'errors'); $action = 'presend'; } else { @@ -427,9 +427,14 @@ if (($action == 'send' || $action == 'relance') && !GETPOST('addfile') && !GETPO } else { $langs->load("other"); $mesg = '
'; - if ($mailfile->error) { + if (!empty($mailfile->error) || !empty($mailfile->errors)) { $mesg .= $langs->transnoentities('ErrorFailedToSendMail', dol_escape_htmltag($from), dol_escape_htmltag($sendto)); - $mesg .= '
'.$mailfile->error; + if (!empty($mailfile->error)) { + $mesg .= '
'.$mailfile->error; + } + if (!empty($mailfile->errors) && is_array($mailfile->errors)) { + $mesg .= '
'.implode('
', $mailfile->errors); + } } else { $mesg .= $langs->transnoentities('ErrorFailedToSendMail', dol_escape_htmltag($from), dol_escape_htmltag($sendto)); if (!empty($conf->global->MAIN_DISABLE_ALL_MAILS)) { diff --git a/htdocs/core/class/CMailFile.class.php b/htdocs/core/class/CMailFile.class.php index 7acd7ac3db0..79291aacdf0 100644 --- a/htdocs/core/class/CMailFile.class.php +++ b/htdocs/core/class/CMailFile.class.php @@ -30,6 +30,8 @@ * \brief File of class to send emails (with attachments or not) */ +use OAuth\Common\Storage\DoliStorage; +use OAuth\Common\Consumer\Credentials; /** * Class to send emails (with attachments or not) * Usage: $mailfile = new CMailFile($subject,$sendto,$replyto,$message,$filepath,$mimetype,$filename,$cc,$ccc,$deliveryreceipt,$msgishtml,$errors_to,$css,$trackid,$moreinheader,$sendcontext,$replyto); @@ -71,9 +73,29 @@ class CMailFile */ public $error = ''; + /** + * @var string[] Array of Error code (or message) + */ + public $errors = array(); + public $smtps; // Contains SMTPs object (if this method is used) public $phpmailer; // Contains PHPMailer object (if this method is used) + /** + * @var Swift_SmtpTransport + */ + public $transport; + + /** + * @var Swift_Mailer + */ + public $mailer; + + /** + * @var Swift_Plugins_Loggers_ArrayLogger + */ + public $logger; + /** * @var string CSS */ @@ -470,12 +492,12 @@ class CMailFile $emailMatchs = preg_match_all($regexp, $from, $adressEmailFrom); $adressEmailFrom = reset($adressEmailFrom); if ($emailMatchs !== false && filter_var($conf->global->MAIN_MAIL_SMTPS_ID, FILTER_VALIDATE_EMAIL) && $conf->global->MAIN_MAIL_SMTPS_ID !== $adressEmailFrom) { - $result = $this->message->setFrom($conf->global->MAIN_MAIL_SMTPS_ID); + $this->message->setFrom($conf->global->MAIN_MAIL_SMTPS_ID); } else { - $result = $this->message->setFrom($this->getArrayAddress($this->addr_from)); + $this->message->setFrom($this->getArrayAddress($this->addr_from)); } } else { - $result = $this->message->setFrom($this->getArrayAddress($this->addr_from)); + $this->message->setFrom($this->getArrayAddress($this->addr_from)); } } catch (Exception $e) { $this->errors[] = $e->getMessage(); @@ -485,7 +507,7 @@ class CMailFile // Set the To addresses with an associative array if (!empty($this->addr_to)) { try { - $result = $this->message->setTo($this->getArrayAddress($this->addr_to)); + $this->message->setTo($this->getArrayAddress($this->addr_to)); } catch (Exception $e) { $this->errors[] = $e->getMessage(); } @@ -493,14 +515,14 @@ class CMailFile if (!empty($this->reply_to)) { try { - $result = $this->message->SetReplyTo($this->getArrayAddress($this->reply_to)); + $this->message->SetReplyTo($this->getArrayAddress($this->reply_to)); } catch (Exception $e) { $this->errors[] = $e->getMessage(); } } try { - $result = $this->message->setCharSet($conf->file->character_set_client); + $this->message->setCharSet($conf->file->character_set_client); } catch (Exception $e) { $this->errors[] = $e->getMessage(); } @@ -562,7 +584,11 @@ class CMailFile } //if (! empty($this->errors_to)) $this->message->setErrorsTo($this->getArrayAddress($this->errors_to)); if (isset($this->deliveryreceipt) && $this->deliveryreceipt == 1) { - $this->message->setReadReceiptTo($this->getArrayAddress($this->addr_from)); + try { + $this->message->setReadReceiptTo($this->getArrayAddress($this->addr_from)); + } catch (Exception $e) { + $this->errors[] = $e->getMessage(); + } } } else { // Send mail method not correctly defined @@ -665,6 +691,8 @@ class CMailFile } $keyforsmtpserver = 'MAIN_MAIL_SMTP_SERVER'; + $keyforsmtpauthtype = "MAIN_MAIL_SMTPS_AUTH_TYPE"; + $keyforsmtpoauthservice = "MAIN_MAIL_SMTPS_OAUTH_SERVICE"; $keyforsmtpport = 'MAIN_MAIL_SMTP_PORT'; $keyforsmtpid = 'MAIN_MAIL_SMTPS_ID'; $keyforsmtppw = 'MAIN_MAIL_SMTPS_PW'; @@ -840,6 +868,36 @@ class CMailFile $this->smtps->setPW($loginpass); } + if (getDolGlobalString($keyforsmtpauthtype) === "XOAUTH2") { + require_once DOL_DOCUMENT_ROOT.'/core/lib/oauth.lib.php'; // define $supportedoauth2array + $keyforsupportedoauth2array = $conf->global->$keyforsmtpoauthservice; + if (preg_match('/^.*-/', $keyforsupportedoauth2array)) { + $keyforprovider = preg_replace('/^.*-/', '', $keyforsupportedoauth2array); + } else { + $keyforprovider = ''; + } + $keyforsupportedoauth2array = preg_replace('/-.*$/', '', $keyforsupportedoauth2array); + $keyforsupportedoauth2array = 'OAUTH_'.$keyforsupportedoauth2array.'_NAME'; + + $OAUTH_SERVICENAME = (empty($supportedoauth2array[$keyforsupportedoauth2array]['name']) ? 'Unknown' : $supportedoauth2array[$keyforsupportedoauth2array]['name'].($keyforprovider ? '-'.$keyforprovider : '')); + + require_once DOL_DOCUMENT_ROOT.'/includes/OAuth/bootstrap.php'; + + $storage = new DoliStorage($db, $conf); + try { + $tokenobj = $storage->retrieveAccessToken($OAUTH_SERVICENAME); + if (is_object($tokenobj)) { + $this->smtps->setToken($tokenobj->getAccessToken()); + } else { + $this->error = "Token not found"; + } + } catch (Exception $e) { + // Return an error if token not found + $this->error = $e->getMessage(); + dol_syslog("CMailFile::sendfile: mail end error=".$this->error, LOG_ERR); + } + } + $res = true; $from = $this->smtps->getFrom('org'); if ($res && !$from) { @@ -860,7 +918,6 @@ class CMailFile } $result = $this->smtps->sendMsg(); - //print $result; if (!empty($conf->global->MAIN_MAIL_DEBUG)) { $this->dump_mail(); @@ -906,9 +963,62 @@ class CMailFile if (!empty($conf->global->$keyforsmtpid)) { $this->transport->setUsername($conf->global->$keyforsmtpid); } - if (!empty($conf->global->$keyforsmtppw)) { + if (!empty($conf->global->$keyforsmtppw) && getDolGlobalString($keyforsmtpauthtype) != "XOAUTH2") { $this->transport->setPassword($conf->global->$keyforsmtppw); } + if (getDolGlobalString($keyforsmtpauthtype) === "XOAUTH2") { + require_once DOL_DOCUMENT_ROOT.'/core/lib/oauth.lib.php'; // define $supportedoauth2array + $keyforsupportedoauth2array = getDolGlobalString($keyforsmtpoauthservice); + if (preg_match('/^.*-/', $keyforsupportedoauth2array)) { + $keyforprovider = preg_replace('/^.*-/', '', $keyforsupportedoauth2array); + } else { + $keyforprovider = ''; + } + $keyforsupportedoauth2array = preg_replace('/-.*$/', '', $keyforsupportedoauth2array); + $keyforsupportedoauth2array = 'OAUTH_'.$keyforsupportedoauth2array.'_NAME'; + + $OAUTH_SERVICENAME = (empty($supportedoauth2array[$keyforsupportedoauth2array]['name']) ? 'Unknown' : $supportedoauth2array[$keyforsupportedoauth2array]['name'].($keyforprovider ? '-'.$keyforprovider : '')); + + require_once DOL_DOCUMENT_ROOT.'/includes/OAuth/bootstrap.php'; + + $storage = new DoliStorage($db, $conf); + + try { + $tokenobj = $storage->retrieveAccessToken($OAUTH_SERVICENAME); + $expire = false; + // Is token expired or will token expire in the next 30 seconds + if (is_object($tokenobj)) { + $expire = ($tokenobj->getEndOfLife() !== -9002 && $tokenobj->getEndOfLife() !== -9001 && time() > ($tokenobj->getEndOfLife() - 30)); + } + // Token expired so we refresh it + if (is_object($tokenobj) && $expire) { + $credentials = new Credentials( + getDolGlobalString('OAUTH_'.getDolGlobalString('MAIN_MAIL_SMTPS_OAUTH_SERVICE').'_ID'), + getDolGlobalString('OAUTH_'.getDolGlobalString('MAIN_MAIL_SMTPS_OAUTH_SERVICE').'_SECRET'), + getDolGlobalString('OAUTH_'.getDolGlobalString('MAIN_MAIL_SMTPS_OAUTH_SERVICE').'_URLAUTHORIZE') + ); + $serviceFactory = new \OAuth\ServiceFactory(); + $oauthname = explode('-', $OAUTH_SERVICENAME); + // ex service is Google-Emails we need only the first part Google + $apiService = $serviceFactory->createService($oauthname[0], $credentials, $storage, array()); + // il faut sauvegarder le refresh token car google ne le donne qu'une seule fois + $refreshtoken = $tokenobj->getRefreshToken(); + $tokenobj = $apiService->refreshAccessToken($tokenobj); + $tokenobj->setRefreshToken($refreshtoken); + $storage->storeAccessToken($OAUTH_SERVICENAME, $tokenobj); + } + if (is_object($tokenobj)) { + $this->transport->setAuthMode('XOAUTH2'); + $this->transport->setPassword($tokenobj->getAccessToken()); + } else { + $this->errors[] = "Token not found"; + } + } catch (Exception $e) { + // Return an error if token not found + $this->errors[] = $e->getMessage(); + dol_syslog("CMailFile::sendfile: mail end error=".$e->getMessage(), LOG_ERR); + } + } if (!empty($conf->global->$keyforsslseflsigned)) { $this->transport->setStreamOptions(array('ssl' => array('allow_self_signed' => true, 'verify_peer' => false))); } @@ -941,16 +1051,16 @@ class CMailFile try { $result = $this->mailer->send($this->message, $failedRecipients); } catch (Exception $e) { - $this->error = $e->getMessage(); + $this->errors[] = $e->getMessage(); } if (!empty($conf->global->MAIN_MAIL_DEBUG)) { $this->dump_mail(); } $res = true; - if (!empty($this->error) || !$result) { + if (!empty($this->error) || !empty($this->errors) || !$result) { if (!empty($failedRecipients)) { - $this->error = 'Transport failed for the following addresses: "' . join('", "', $failedRecipients) . '".'; + $this->errors[] = 'Transport failed for the following addresses: "' . join('", "', $failedRecipients) . '".'; } dol_syslog("CMailFile::sendfile: mail end error=".$this->error, LOG_ERR); $res = false; diff --git a/htdocs/core/class/comment.class.php b/htdocs/core/class/comment.class.php index 937ca6f7875..960d2ac4744 100644 --- a/htdocs/core/class/comment.class.php +++ b/htdocs/core/class/comment.class.php @@ -71,19 +71,19 @@ class Comment extends CommonObject public $fk_user_modif; /** - * @var int Entity + * @var int Entity */ public $entity; /** - * @var string import key + * @var string Import key */ public $import_key; public $comments = array(); /** - * @var Comment Object oldcopy + * @var Comment Object oldcopy */ public $oldcopy; diff --git a/htdocs/core/class/commonobject.class.php b/htdocs/core/class/commonobject.class.php index 3c24b3c484f..eaba8121505 100644 --- a/htdocs/core/class/commonobject.class.php +++ b/htdocs/core/class/commonobject.class.php @@ -141,7 +141,7 @@ abstract class CommonObject public $linkedObjectsFullLoaded = array(); /** - * @var Object To store a cloned copy of object before to edit it and keep track of old properties + * @var CommonObject To store a cloned copy of object before to edit it and keep track of old properties */ public $oldcopy; @@ -3512,7 +3512,7 @@ abstract class CommonObject * * @param int $exclspec >0 = Exclude special product (product_type=9) * @param string $roundingadjust 'none'=Do nothing, 'auto'=Use default method (MAIN_ROUNDOFTOTAL_NOT_TOTALOFROUND if defined, or '0'), '0'=Force mode Total of rounding, '1'=Force mode Rounding of total - * @param int $nodatabaseupdate 1=Do not update database. Update only properties of object. + * @param int $nodatabaseupdate 1=Do not update database total fields of the main object. Update only properties in memory. Can be used to save SQL when this method is called several times, so we can do it only once at end. * @param Societe $seller If roundingadjust is '0' or '1' or maybe 'auto', it means we recalculate total for lines before calculating total for object and for this, we need seller object (used to analyze lines to check corrupted data). * @return int <0 if KO, >0 if OK */ @@ -3558,10 +3558,6 @@ abstract class CommonObject include_once DOL_DOCUMENT_ROOT.'/core/lib/price.lib.php'; - if ($roundingadjust == '-1') { - $roundingadjust = 'auto'; // For backward compatibility - } - $forcedroundingmode = $roundingadjust; if ($forcedroundingmode == 'auto' && isset($conf->global->MAIN_ROUNDOFTOTAL_NOT_TOTALOFROUND)) { $forcedroundingmode = $conf->global->MAIN_ROUNDOFTOTAL_NOT_TOTALOFROUND; @@ -3573,7 +3569,7 @@ abstract class CommonObject $multicurrency_tx = !empty($this->multicurrency_tx) ? $this->multicurrency_tx : 1; - // Define constants to find lines to sum + // Define constants to find lines to sum (field name int the table_element_line not into table_element) $fieldtva = 'total_tva'; $fieldlocaltax1 = 'total_localtax1'; $fieldlocaltax2 = 'total_localtax2'; @@ -3609,6 +3605,7 @@ abstract class CommonObject $sql .= ' ORDER by rowid'; // We want to be sure to always use same order of line to not change lines differently when option MAIN_ROUNDOFTOTAL_NOT_TOTALOFROUND is used dol_syslog(get_class($this)."::update_price", LOG_DEBUG); + $resql = $this->db->query($sql); if ($resql) { $this->total_ht = 0; @@ -3637,14 +3634,26 @@ abstract class CommonObject $localtax_array = array($obj->localtax1_type, $obj->localtax1_tx, $obj->localtax2_type, $obj->localtax2_tx); $tmpcal = calcul_price_total($obj->qty, $obj->up, $obj->remise_percent, $obj->vatrate, $obj->localtax1_tx, $obj->localtax2_tx, 0, 'HT', $obj->info_bits, $obj->product_type, $seller, $localtax_array, (isset($obj->situation_percent) ? $obj->situation_percent : 100), $multicurrency_tx); - $diff_when_using_price_ht = price2num($tmpcal[1] - $obj->total_tva, 'MT', 1); // If price was set with tax price adn unit price HT has a low number of digits, then we may have a diff on recalculation from unit price HT. + $diff_when_using_price_ht = price2num($tmpcal[1] - $obj->total_tva, 'MT', 1); // If price was set with tax price and unit price HT has a low number of digits, then we may have a diff on recalculation from unit price HT. $diff_on_current_total = price2num($obj->total_ttc - $obj->total_ht - $obj->total_tva - $obj->total_localtax1 - $obj->total_localtax2, 'MT', 1); - //var_dump($obj->total_ht.' '.$obj->total_tva.' '.$obj->total_localtax1.' '.$obj->total_localtax2.' =? '.$obj->total_ttc); + //var_dump($obj->total_ht.' '.$obj->total_tva.' '.$obj->total_localtax1.' '.$obj->total_localtax2.' => '.$obj->total_ttc); //var_dump($diff_when_using_price_ht.' '.$diff_on_current_total); - if ($diff_when_using_price_ht && $diff_on_current_total) { + if ($diff_on_current_total) { + // This should not happen, we should always have in table: total_ttc = total_ht + total_vat + total_localtax1 + total_localtax2 $sqlfix = "UPDATE ".$this->db->prefix().$this->table_element_line." SET ".$fieldtva." = ".price2num((float) $tmpcal[1]).", total_ttc = ".price2num((float) $tmpcal[2])." WHERE rowid = ".((int) $obj->rowid); - dol_syslog('We found unconsistent data into detailed line (diff_when_using_price_ht = '.$diff_when_using_price_ht.' and diff_on_current_total = '.$diff_on_current_total.') for line rowid = '.$obj->rowid." (total vat of line calculated=".$tmpcal[1].", database=".$obj->total_tva."). We fix the total_vat and total_ttc of line by running sqlfix = ".$sqlfix, LOG_WARNING); + dol_syslog('We found unconsistent data into detailed line (diff_on_current_total = '.$diff_on_current_total.') for line rowid = '.$obj->rowid." (ht=".$obj->total_ht." vat=".$obj->total_tva." tax1=".$obj->total_localtax1." tax2=".$obj->total_localtax2." ttc=".$obj->total_ttc."). We fix the total_vat and total_ttc of line by running sqlfix = ".$sqlfix, LOG_WARNING); + $resqlfix = $this->db->query($sqlfix); + if (!$resqlfix) { + dol_print_error($this->db, 'Failed to update line'); + } + $obj->total_tva = $tmpcal[1]; + $obj->total_ttc = $tmpcal[2]; + } elseif ($diff_when_using_price_ht && $roundingadjust == '0') { + // After calculation from HT, total is consistent but we have found a difference between VAT part in calculation and into database and + // we ask to force the use of rounding on line (like done on calculation) so we force update of line + $sqlfix = "UPDATE ".$this->db->prefix().$this->table_element_line." SET ".$fieldtva." = ".price2num((float) $tmpcal[1]).", total_ttc = ".price2num((float) $tmpcal[2])." WHERE rowid = ".((int) $obj->rowid); + dol_syslog('We found a line with different rounding data into detailed line (diff_when_using_price_ht = '.$diff_when_using_price_ht.' and diff_on_current_total = '.$diff_on_current_total.') for line rowid = '.$obj->rowid." (total vat of line calculated=".$tmpcal[1].", database=".$obj->total_tva."). We fix the total_vat and total_ttc of line by running sqlfix = ".$sqlfix); $resqlfix = $this->db->query($sqlfix); if (!$resqlfix) { dol_print_error($this->db, 'Failed to update line'); @@ -3725,7 +3734,7 @@ abstract class CommonObject $this->db->free($resql); - // Now update global field total_ht, total_ttc, total_tva, total_localtax1, total_localtax2, multicurrency_total_* + // Now update global fields total_ht, total_ttc, total_tva, total_localtax1, total_localtax2, multicurrency_total_* of main object $fieldht = 'total_ht'; $fieldtva = 'tva'; $fieldlocaltax1 = 'localtax1'; @@ -6024,7 +6033,7 @@ abstract class CommonObject // Test fetch_array ! is_int($key) because fetch_array result is a mix table with Key as alpha and Key as int (depend db engine) if ($key != 'rowid' && $key != 'tms' && $key != 'fk_member' && !is_int($key)) { // we can add this attribute to object - if (!empty($extrafields) && in_array($extrafields->attributes[$this->table_element]['type'][$key], array('date', 'datetime'))) { + if (!empty($extrafields->attributes[$this->table_element]) && in_array($extrafields->attributes[$this->table_element]['type'][$key], array('date', 'datetime'))) { //var_dump($extrafields->attributes[$this->table_element]['type'][$key]); $this->array_options["options_".$key] = $this->db->jdate($value); } else { @@ -6037,7 +6046,7 @@ abstract class CommonObject // If field is a computed field, value must become result of compute foreach ($tab as $key => $value) { - if (!empty($extrafields) && !empty($extrafields->attributes[$this->table_element]['computed'][$key])) { + if (!empty($extrafields->attributes[$this->table_element]) && !empty($extrafields->attributes[$this->table_element]['computed'][$key])) { //var_dump($conf->disable_compute); if (empty($conf->disable_compute)) { $this->array_options["options_".$key] = dol_eval($extrafields->attributes[$this->table_element]['computed'][$key], 1, 0, ''); @@ -9954,7 +9963,7 @@ abstract class CommonObject } } - return $error ? -1 * $error : $ok; + return $error ? (-1 * $error) : $ok; } /** diff --git a/htdocs/core/class/html.form.class.php b/htdocs/core/class/html.form.class.php index 82e73186233..17b8c50aff3 100644 --- a/htdocs/core/class/html.form.class.php +++ b/htdocs/core/class/html.form.class.php @@ -5156,8 +5156,9 @@ class Form closeOnEscape: false, buttons: { "'.dol_escape_js($langs->transnoentities($labelbuttonyes)).'": function() { - var options = "&token='.urlencode(newToken()).'"; + var options = "token='.urlencode(newToken()).'"; var inputok = '.json_encode($inputok).'; /* List of fields into form */ + var page = "'.dol_escape_js(!empty($page) ? $page : '').'"; var pageyes = "'.dol_escape_js(!empty($pageyes) ? $pageyes : '').'"; if (inputok.length>0) { $.each(inputok, function(i, inputname) { @@ -5174,13 +5175,19 @@ class Form options += "&" + inputname + "=" + encodeURIComponent(inputvalue); }); } - var urljump = pageyes + (pageyes.indexOf("?") < 0 ? "?" : "") + options; - if (pageyes.length > 0) { location.href = urljump; } + if (pageyes.length > 0) { + var post = $.post( + pageyes, + options, + (data) => {$("body").html(data)} + ); + } $(this).dialog("close"); }, "'.dol_escape_js($langs->transnoentities($labelbuttonno)).'": function() { - var options = "&token='.urlencode(newToken()).'"; + var options = "token='.urlencode(newToken()).'"; var inputko = '.json_encode($inputko).'; /* List of fields into form */ + var page = "'.dol_escape_js(!empty($page) ? $page : '').'"; var pageno="'.dol_escape_js(!empty($pageno) ? $pageno : '').'"; if (inputko.length>0) { $.each(inputko, function(i, inputname) { @@ -5191,9 +5198,13 @@ class Form options += "&" + inputname + "=" + encodeURIComponent(inputvalue); }); } - var urljump=pageno + (pageno.indexOf("?") < 0 ? "?" : "") + options; - //alert(urljump); - if (pageno.length > 0) { location.href = urljump; } + if (pageno.length > 0) { + var post = $.post( + pageno, + options, + (data) => {$("body").html(data)} + ); + } $(this).dialog("close"); } } diff --git a/htdocs/core/class/html.formmail.class.php b/htdocs/core/class/html.formmail.class.php index c23545a34c9..61f62f28a54 100644 --- a/htdocs/core/class/html.formmail.class.php +++ b/htdocs/core/class/html.formmail.class.php @@ -4,7 +4,7 @@ * Copyright (C) 2010-2011 Juanjo Menent * Copyright (C) 2015-2017 Marcos García * Copyright (C) 2015-2017 Nicolas ZABOURI - * Copyright (C) 2018-2021 Frédéric France + * Copyright (C) 2018-2022 Frédéric France * Copyright (C) 2022 Charlene Benke * * This program is free software; you can redistribute it and/or modify @@ -401,7 +401,7 @@ class FormMail extends Form // Define output language $outputlangs = $langs; $newlang = ''; - if (!empty($conf->global->MAIN_MULTILANGS) && empty($newlang)) { + if (!empty($conf->global->MAIN_MULTILANGS) && !empty($this->param['langsmodels'])) { $newlang = $this->param['langsmodels']; } if (!empty($newlang)) { @@ -428,7 +428,7 @@ class FormMail extends Form $keytoavoidconflict = empty($this->trackid) ? '' : '-'.$this->trackid; // this->trackid must be defined if (GETPOST('mode', 'alpha') == 'init' || (GETPOST('modelselected') && GETPOST('modelmailselected', 'alpha') && GETPOST('modelmailselected', 'alpha') != '-1')) { - if (!empty($arraydefaultmessage->joinfiles) && is_array($this->param['fileinit'])) { + if (!empty($arraydefaultmessage->joinfiles) && !empty($this->param['fileinit']) && is_array($this->param['fileinit'])) { foreach ($this->param['fileinit'] as $file) { $this->add_attached_files($file, basename($file), dol_mimetype($file)); } @@ -604,7 +604,7 @@ class FormMail extends Form // Also add robot email if (!empty($this->fromalsorobot)) { - if (!empty($conf->global->MAIN_MAIL_EMAIL_FROM) && $conf->global->MAIN_MAIL_EMAIL_FROM != $conf->global->MAIN_INFO_SOCIETE_MAIL) { + if (!empty($conf->global->MAIN_MAIL_EMAIL_FROM) && getDolGlobalString('MAIN_MAIL_EMAIL_FROM') != getDolGlobalString('MAIN_INFO_SOCIETE_MAIL')) { $liste['robot'] = $conf->global->MAIN_MAIL_EMAIL_FROM; if ($this->frommail) { $liste['robot'] .= ' <'.$conf->global->MAIN_MAIL_EMAIL_FROM.'>'; @@ -1182,7 +1182,7 @@ class FormMail extends Form { global $conf, $langs; //if (! $this->errorstomail) $this->errorstomail=$this->frommail; - $errorstomail = (!empty($conf->global->MAIN_MAIL_ERRORS_TO) ? $conf->global->MAIN_MAIL_ERRORS_TO : $this->errorstomail); + $errorstomail = getDolGlobalString('MAIN_MAIL_ERRORS_TO', (!empty($this->errorstomail) ? $this->errorstomail : '')); if ($this->witherrorstoreadonly) { $out = '
'; // Group @@ -324,12 +324,12 @@ class FormTicket if ($public) { $filter = 'public=1'; } - $this->selectGroupTickets((GETPOST('category_code') ? GETPOST('category_code') : $this->category_code), 'category_code', $filter, 2, 0, 0, 0, 'minwidth200'); + $this->selectGroupTickets((GETPOST('category_code') ? GETPOST('category_code') : $this->category_code), 'category_code', $filter, 2, 1, 0, 0, 'minwidth200'); print ''; // Severity print ''; // Subject @@ -735,6 +735,7 @@ class FormTicket } print '>'; + $value = ' '; if ($format == 0) { $value = ($maxlength ? dol_trunc($arraytypes['label'], $maxlength) : $arraytypes['label']); @@ -746,7 +747,7 @@ class FormTicket $value = $arraytypes['code']; } - print $value; + print $value ? $value : ' '; print ''; } } @@ -841,6 +842,7 @@ class FormTicket print '>'; + $value = ''; if ($format == 0) { $value = ($maxlength ? dol_trunc($label, $maxlength) : $label); } @@ -1174,6 +1176,8 @@ class FormTicket } print '>'; + + $value = ''; if ($format == 0) { $value = ($maxlength ? dol_trunc($arrayseverities['label'], $maxlength) : $arrayseverities['label']); } diff --git a/htdocs/core/class/smtps.class.php b/htdocs/core/class/smtps.class.php index 1f5a48a517d..06ada5c4911 100644 --- a/htdocs/core/class/smtps.class.php +++ b/htdocs/core/class/smtps.class.php @@ -68,6 +68,11 @@ class SMTPs */ private $_smtpsPW = null; + /** + * Token in case we use OAUTH2 + */ + private $_smtpsToken = null; + /** * Who sent the Message * This can be defined via a INI file or via a setter method @@ -565,13 +570,13 @@ class SMTPs } // Default authentication method is LOGIN - if (empty($conf->global->MAIL_SMTP_AUTH_TYPE)) { - $conf->global->MAIL_SMTP_AUTH_TYPE = 'LOGIN'; + if (empty($conf->global->MAIN_MAIL_SMTPS_AUTH_TYPE)) { + $conf->global->MAIN_MAIL_SMTPS_AUTH_TYPE = 'LOGIN'; } // Send Authentication to Server // Check for errors along the way - switch ($conf->global->MAIL_SMTP_AUTH_TYPE) { + switch ($conf->global->MAIN_MAIL_SMTPS_AUTH_TYPE) { case 'NONE': // Do not send the 'AUTH type' message. For test purpose, if you don't need authentication, it is better to not enter login/pass into setup. $_retVal = true; @@ -583,9 +588,10 @@ class SMTPs break; case 'XOAUTH2': // "user=$email\1auth=Bearer $token\1\1" - $token = 'xxx'; - $xxxx = "user=".$this->_smtpsID."\1auth=Bearer ".$token."\1\1"; - $_retVal = $this->socket_send_str('AUTH XOAUTH2 '.base64_encode($xxxx), '235'); + $user = $this->_smtpsID; + $token = $this->_smtpsToken; + $initRes = "user=".$user."\001auth=Bearer ".$token."\001\001"; + $_retVal = $this->socket_send_str('AUTH XOAUTH2 '.base64_encode($initRes), '235'); if (!$_retVal) { $this->_setErr(130, 'Error when asking for AUTH XOAUTH2'); } @@ -631,7 +637,7 @@ class SMTPs // Connect to Server if ($this->socket = $this->_server_connect()) { // If a User ID *and* a password is given, assume Authentication is desired - if (!empty($this->_smtpsID) && !empty($this->_smtpsPW)) { + if (!empty($this->_smtpsID) && (!empty($this->_smtpsPW) || !empty($this->_smtpsToken))) { // Send the RFC2554 specified EHLO. $_retVal = $this->_server_authenticate(); } else { @@ -923,6 +929,27 @@ class SMTPs return $this->_smtpsPW; } + /** + * User token for OAUTH2 + * + * @param string $_strToken User token + * @return void + */ + public function setToken($_strToken) + { + $this->_smtpsToken = $_strToken; + } + + /** + * Retrieves the User token for OAUTH2 + * + * @return string User token for OAUTH2 + */ + public function getToken() + { + return $this->_smtpsToken; + } + /** * Character set used for current message * Character set is defaulted to 'iso-8859-1'; @@ -1866,7 +1893,7 @@ class SMTPs } if (!(substr($server_response, 0, 3) == $response)) { - $this->_setErr(120, "Ran into problems sending Mail.\r\nResponse: $server_response"); + $this->_setErr(120, "Ran into problems sending Mail.\r\nResponse:".$server_response); $_retVal = false; } diff --git a/htdocs/core/class/translate.class.php b/htdocs/core/class/translate.class.php index 255cdb2fb67..29db15e0a0b 100644 --- a/htdocs/core/class/translate.class.php +++ b/htdocs/core/class/translate.class.php @@ -640,6 +640,7 @@ class Translate try { $str = sprintf($str, $param1, $param2, $param3, $param4); // Replace %s and %d except for FormatXXX strings. } catch (Exception $e) { + // No exception managed } } diff --git a/htdocs/core/class/utils_diff.class.php b/htdocs/core/class/utils_diff.class.php index 9abc1d899fe..2925bffc3b6 100644 --- a/htdocs/core/class/utils_diff.class.php +++ b/htdocs/core/class/utils_diff.class.php @@ -247,6 +247,7 @@ class Diff $html = ''; // loop over the lines in the diff + $element = 'unknown'; foreach ($diff as $line) { // extend the HTML with the line switch ($line[1]) { @@ -260,10 +261,7 @@ class Diff $element = 'ins'; break; } - $html .= - '<'.$element.'>' - . htmlspecialchars($line[0]) - . ''; + $html .= '<'.$element.'>'.dol_escape_htmltag($line[0]).''; // extend the HTML with the separator $html .= $separator; @@ -286,6 +284,8 @@ class Diff // initialise the HTML $html = $indentation."
'.$langs->trans("Date").''.$langs->trans("PriceLevel").'
'; if (!empty($conf->accounting->enabled)) { print $formaccounting->select_account($object->account_number, 'account_number', 1, '', 1, 1); diff --git a/htdocs/compta/facture/card.php b/htdocs/compta/facture/card.php index 59345604d1d..0c53be74ef7 100644 --- a/htdocs/compta/facture/card.php +++ b/htdocs/compta/facture/card.php @@ -128,11 +128,11 @@ if ($id > 0 || !empty($ref)) { // Initialize technical object to manage hooks of page. Note that conf->hooks_modules contains array of hook context $hookmanager->initHooks(array('invoicecard', 'globalcard')); -$usercanread = $user->rights->facture->lire; -$usercancreate = $user->rights->facture->creer; -$usercanissuepayment = $user->rights->facture->paiement; -$usercandelete = $user->rights->facture->supprimer; -$usercancreatecontract = $user->rights->contrat->creer; +$usercanread = $user->hasRight("facture", "lire"); +$usercancreate = $user->hasRight("facture", "creer"); +$usercanissuepayment = $user->hasRight("facture", "paiement"); +$usercandelete = $user->hasRight("facture", "supprimer"); +$usercancreatecontract = $user->hasRight("contrat", "creer"); $usercanvalidate = ((empty($conf->global->MAIN_USE_ADVANCED_PERMS) && $usercancreate) || (!empty($conf->global->MAIN_USE_ADVANCED_PERMS) && !empty($user->rights->facture->invoice_advance->validate))); $usercansend = (empty($conf->global->MAIN_USE_ADVANCED_PERMS) || (!empty($conf->global->MAIN_USE_ADVANCED_PERMS) && !empty($user->rights->facture->invoice_advance->send))); $usercanreopen = ((empty($conf->global->MAIN_USE_ADVANCED_PERMS) && $usercancreate) || (!empty($conf->global->MAIN_USE_ADVANCED_PERMS) && !empty($user->rights->facture->invoice_advance->reopen))); @@ -3785,7 +3785,7 @@ if ($action == 'create') { // Calcul contrat->price (HT), contrat->total (TTC), contrat->tva $objectsrc->remise_absolue = $remise_absolue; $objectsrc->remise_percent = $remise_percent; - $objectsrc->update_price(1, - 1, 1); + $objectsrc->update_price(1, 'auto', 1); } print "\n\n"; diff --git a/htdocs/compta/paiement/cheque/card.php b/htdocs/compta/paiement/cheque/card.php index 8c859e6e689..f41ecd820ad 100644 --- a/htdocs/compta/paiement/cheque/card.php +++ b/htdocs/compta/paiement/cheque/card.php @@ -59,8 +59,15 @@ $limit = GETPOST('limit', 'int') ?GETPOST('limit', 'int') : $conf->liste_limit; $offset = $limit * $page; $upload_dir = $conf->bank->multidir_output[$object->entity ? $object->entity : $conf->entity]."/checkdeposits"; - -$filterdate = dol_mktime(0, 0, 0, GETPOST('fdmonth'), GETPOST('fdday'), GETPOST('fdyear')); +// filter by dates from / to +$search_date_start_day = GETPOST('search_date_start_day', 'int'); +$search_date_start_month = GETPOST('search_date_start_month', 'int'); +$search_date_start_year = GETPOST('search_date_start_year', 'int'); +$search_date_end_day = GETPOST('search_date_end_day', 'int'); +$search_date_end_month = GETPOST('search_date_end_month', 'int'); +$search_date_end_year = GETPOST('search_date_end_year', 'int'); +$search_date_start = dol_mktime(0, 0, 0, $search_date_start_month, $search_date_start_day, $search_date_start_year); +$search_date_end = dol_mktime(23, 59, 59, $search_date_end_month, $search_date_end_day, $search_date_end_year); $filteraccountid = GETPOST('accountid', 'int'); // Security check @@ -265,7 +272,15 @@ if ($action == 'builddoc' && $user->rights->banque->cheque) { */ if (GETPOST('removefilter')) { - $filterdate = ''; + // filter by dates from / to + $search_date_start_day = ''; + $search_date_start_month = ''; + $search_date_start_year = ''; + $search_date_end_day = ''; + $search_date_end_month = ''; + $search_date_end_year = ''; + $search_date_start = ''; + $search_date_end = ''; $filteraccountid = 0; } @@ -352,7 +367,13 @@ if ($action == 'new') { //print '
'.$langs->trans('Date').''.dol_print_date($now,'day').'
'.$langs->trans("DateChequeReceived").''; - print $form->selectDate($filterdate, 'fd', 0, 0, 1, '', 1, 1); + // filter by dates from / to + print '
'; + print $form->selectDate($search_date_start, 'search_date_start_', 0, 0, 1, '', 1, 1, 0, '', '', '', '', 1, '', $langs->trans('From')); + print '
'; + print '
'; + print $form->selectDate($search_date_end, 'search_date_end_', 0, 0, 1, '', 1, 1, 0, '', '', '', '', 1, '', $langs->trans('to')); + print '
'; print '
'.$langs->trans("BankAccount").''; $form->select_comptes($filteraccountid, 'accountid', 0, 'courant <> 2', 1); @@ -363,7 +384,7 @@ if ($action == 'new') { print '
'; print ''; - if ($filterdate || $filteraccountid > 0) { + if ($search_date_start || $search_date_end || $filteraccountid > 0) { print '   '; print ''; } @@ -382,8 +403,11 @@ if ($action == 'new') { $sql .= " AND ba.entity IN (".getEntity('bank_account').")"; $sql .= " AND b.fk_bordereau = 0"; $sql .= " AND b.amount > 0"; - if ($filterdate) { - $sql .= " AND b.dateo = '".$db->idate($filterdate)."'"; + if ($search_date_start) { + $sql .= " AND b.dateo >= '".$db->idate($search_date_start)."'"; + } + if ($search_date_end) { + $sql .= " AND b.dateo <= '".$db->idate($search_date_end)."'"; } if ($filteraccountid > 0) { $sql .= " AND ba.rowid = ".((int) $filteraccountid); diff --git a/htdocs/compta/paiement_charge.php b/htdocs/compta/paiement_charge.php index ba62c36b0fa..99940ecffcb 100644 --- a/htdocs/compta/paiement_charge.php +++ b/htdocs/compta/paiement_charge.php @@ -169,13 +169,8 @@ if ($action == 'create') { } print load_fiche_titre($langs->trans("DoPayment")); - print "
\n"; - if ($mesg) { - print "
$mesg
"; - } - - print '
'; + print ''; print ''; print ''; print ''; diff --git a/htdocs/conf/conf.php.example b/htdocs/conf/conf.php.example index 487576ed058..b58ac33707e 100644 --- a/htdocs/conf/conf.php.example +++ b/htdocs/conf/conf.php.example @@ -185,7 +185,7 @@ $dolibarr_main_instance_unique_id='84b5bc91f83b56e458db71e0adac2b62'; // values using a ",". In this case, Dolibarr will check login/pass for each value in // order defined into value. However, note that this can't work with all values. // Examples: -// $dolibarr_main_authentication='dolibarr'; // Use the password defined into application on user record. +// $dolibarr_main_authentication='dolibarr'; // Use the password defined into application on user file (default). // $dolibarr_main_authentication='http'; // Use the HTTP Basic authentication // $dolibarr_main_authentication='ldap'; // Check the password into a LDAP server // $dolibarr_main_authentication='ldap,dolibarr'; // You can set several mode using a comma as a separator. diff --git a/htdocs/contact/perso.php b/htdocs/contact/perso.php index 6030fc1e6bd..aa7ba34d9f0 100644 --- a/htdocs/contact/perso.php +++ b/htdocs/contact/perso.php @@ -60,7 +60,7 @@ if ($action == 'update' && !GETPOST("cancel") && $user->rights->societe->contact $result = $object->update_perso($id, $user); if ($result > 0) { - $object->oldcopy = clone $object; + $object->oldcopy = dol_clone($object); // Logo/Photo save $dir = $conf->societe->dir_output.'/contact/'.get_exdir($object->id, 0, 0, 1, $object, 'contact').'/photos'; diff --git a/htdocs/contrat/class/contrat.class.php b/htdocs/contrat/class/contrat.class.php index 1e8da8a9a81..8dbcde19d0d 100644 --- a/htdocs/contrat/class/contrat.class.php +++ b/htdocs/contrat/class/contrat.class.php @@ -3135,8 +3135,7 @@ class ContratLigne extends CommonObjectLine $this->db->begin(); - $this->oldcopy = new ContratLigne($this->db); - $this->oldcopy->fetch($this->id); + $this->oldcopy = dol_clone($this); // Update request $sql = "UPDATE ".MAIN_DB_PREFIX."contratdet SET"; diff --git a/htdocs/contrat/list.php b/htdocs/contrat/list.php index 4f5d8d00b49..5ceec0a4cb9 100644 --- a/htdocs/contrat/list.php +++ b/htdocs/contrat/list.php @@ -872,8 +872,8 @@ while ($i < min($num, $limit)) { } // Country if (!empty($arrayfields['country.code_iso']['checked'])) { - print '
'; - print $socstatic->country; + print ''; + print dol_escape_htmltag($socstatic->country); print '
'.$langs->trans("MailErrorsTo").''; $out .= ''; diff --git a/htdocs/core/class/html.formticket.class.php b/htdocs/core/class/html.formticket.class.php index 62965413a5d..68cb3d1af84 100644 --- a/htdocs/core/class/html.formticket.class.php +++ b/htdocs/core/class/html.formticket.class.php @@ -315,7 +315,7 @@ class FormTicket // Type print '
'; - $this->selectTypesTickets((GETPOST('type_code', 'alpha') ? GETPOST('type_code', 'alpha') : $this->type_code), 'type_code', '', 2, 0, 0, 0, 'minwidth200'); + $this->selectTypesTickets((GETPOST('type_code', 'alpha') ? GETPOST('type_code', 'alpha') : $this->type_code), 'type_code', '', 2, 1, 0, 0, 'minwidth200'); print '
'; - $this->selectSeveritiesTickets((GETPOST('severity_code') ? GETPOST('severity_code') : $this->severity_code), 'severity_code', '', 2, 0); + $this->selectSeveritiesTickets((GETPOST('severity_code') ? GETPOST('severity_code') : $this->severity_code), 'severity_code', '', 2, 1); print '
\n"; + $rightCell = $leftCell = ''; + // loop over the lines in the diff $index = 0; $nbdiff = count($diff); diff --git a/htdocs/core/filemanagerdol/browser/default/browser.php b/htdocs/core/filemanagerdol/browser/default/browser.php index b5bce100d39..0c1b29d12b2 100644 --- a/htdocs/core/filemanagerdol/browser/default/browser.php +++ b/htdocs/core/filemanagerdol/browser/default/browser.php @@ -21,10 +21,12 @@ //define('NOTOKENRENEWAL',1); // Disables token renewal //require '../../../../main.inc.php'; -require '../../connectors/php/config.php'; // This include the define('NOTOKENRENEWAL',1) and the require main.in.php +require '../../connectors/php/config.inc.php'; // This include the define('NOTOKENRENEWAL',1) and the require main.in.php global $Config; +top_httphead(); + ?> diff --git a/htdocs/core/filemanagerdol/browser/default/frmactualfolder.php b/htdocs/core/filemanagerdol/browser/default/frmactualfolder.php index c66187ee433..949307c0624 100644 --- a/htdocs/core/filemanagerdol/browser/default/frmactualfolder.php +++ b/htdocs/core/filemanagerdol/browser/default/frmactualfolder.php @@ -23,6 +23,8 @@ define('NOTOKENRENEWAL', 1); // Disables token renewal require '../../../../main.inc.php'; +top_httphead(); + ?> '."\n"; print ''; + // Ref print ''; $preselected = (GETPOSTISSET('qty-'.$line->id.'-'.$i) ? GETPOST('qty-'.$line->id.'-'.$i) : max(0, $line->qty - $alreadyconsumed)); if ($action == 'consumeorproduce' && !GETPOSTISSET('qty-'.$line->id.'-'.$i)) { @@ -1044,12 +1048,9 @@ if ($object->id > 0 && (empty($action) || ($action != 'edit' && $action != 'crea $preselected = (GETPOSTISSET('batch-'.$line->id.'-'.$i) ? GETPOST('batch-'.$line->id.'-'.$i) : ''); print ''; print $formproduct->selectLotDataList('batch-'.$line->id.'-'.$i, 0, $line->fk_product, '', ''); - } - print ''; - print ''; } @@ -1094,10 +1095,12 @@ if ($object->id > 0 && (empty($action) || ($action != 'edit' && $action != 'crea $newcardbutton = ''; $url = $_SERVER["PHP_SELF"].'?id='.$object->id.'&action=addproduceline&token='.newToken(); - $permissiontoaddaproductline = $object->status != $object::STATUS_PRODUCED && $object->status != $object::STATUS_CANCELED && $action != 'consumeorproduce' && $action != 'consumeandproduceall'; + $permissiontoaddaproductline = $object->status != $object::STATUS_PRODUCED && $object->status != $object::STATUS_CANCELED; $parameters = array('morecss'=>'reposition'); - if ($nblinetoproduce == 0 || $object->mrptype == 1) { - $newcardbutton = dolGetButtonTitle($langs->trans('AddNewProduceLines'), '', 'fa fa-plus-circle size15x', $url, '', $permissiontoaddaproductline, $parameters); + if ($action != 'consumeorproduce' && $action != 'consumeandproduceall') { + if ($nblinetoproduce == 0 || $object->mrptype == 1) { + $newcardbutton = dolGetButtonTitle($langs->trans('AddNewProduceLines'), '', 'fa fa-plus-circle size15x', $url, '', $permissiontoaddaproductline, $parameters); + } } print load_fiche_titre($langs->trans('Production'), $newcardbutton, '', 0, '', ''); @@ -1196,12 +1199,15 @@ if ($object->id > 0 && (empty($action) || ($action != 'edit' && $action != 'crea print ''; if ($permissiontoupdatecost) { // Defined $manufacturingcost - $manufacturingcost = $bomcost; - if (empty($manufacturingcost)) { - $manufacturingcost = price2num($tmpproduct->cost_price, 'MU'); - } - if (empty($manufacturingcost)) { - $manufacturingcost = price2num($tmpproduct->pmp, 'MU'); + $manufacturingcost = 0; + if ($object->mrptype == 0) { // If MO is a "Manufacture" type (and not "Disassemble" + $manufacturingcost = $bomcost; + if (empty($manufacturingcost)) { + $manufacturingcost = price2num($tmpproduct->cost_price, 'MU'); + } + if (empty($manufacturingcost)) { + $manufacturingcost = price2num($tmpproduct->pmp, 'MU'); + } } print ''; if ($permissiontoupdatecost) { // Defined $manufacturingcost - $manufacturingcost = $bomcost; - if (empty($manufacturingcost)) { - $manufacturingcost = price2num($tmpproduct->cost_price, 'MU'); - } - if (empty($manufacturingcost)) { - $manufacturingcost = price2num($tmpproduct->pmp, 'MU'); + $manufacturingcost = 0; + if ($object->mrptype == 0) { // If MO is a "Manufacture" type (and not "Disassemble" + $manufacturingcost = $bomcost; + if (empty($manufacturingcost)) { + $manufacturingcost = price2num($tmpproduct->cost_price, 'MU'); + } + if (empty($manufacturingcost)) { + $manufacturingcost = price2num($tmpproduct->pmp, 'MU'); + } } if ($tmpproduct->type == Product::TYPE_PRODUCT || !empty($conf->global->STOCK_SUPPORTS_SERVICES)) { - $preselected = (GETPOSTISSET('pricetoproduce-'.$line->id.'-'.$i) ? GETPOST('pricetoproduce-'.$line->id.'-'.$i) : price($manufacturingcost)); + $preselected = (GETPOSTISSET('pricetoproduce-'.$line->id.'-'.$i) ? GETPOST('pricetoproduce-'.$line->id.'-'.$i) : ($manufacturingcost ? price($manufacturingcost) : '')); print ''; } else { - print ''; + print ''; } } print ''; diff --git a/htdocs/mrp/tpl/originproductline.tpl.php b/htdocs/mrp/tpl/originproductline.tpl.php index e641bd142fc..7e0468119bd 100644 --- a/htdocs/mrp/tpl/originproductline.tpl.php +++ b/htdocs/mrp/tpl/originproductline.tpl.php @@ -44,6 +44,7 @@ $res = $tmpbom->fetch($line->fk_bom_child); tpl['strike']) ? '' : ' strikefordisabled').'">'; +// Ref or label print ''; -//print ''; +// Qty print ''; print ''; -if ($tmpbom->id) { +if ($tmpbom->id > 0) { print ''; } else { - print ''; + print ''; } +//print ''; + print ''."\n"; // Select of all the sub-BOM lines diff --git a/htdocs/product/card.php b/htdocs/product/card.php index 1681ef45387..9137a3b7c10 100644 --- a/htdocs/product/card.php +++ b/htdocs/product/card.php @@ -16,7 +16,7 @@ * Copyright (C) 2016-2022 Charlene Benke * Copyright (C) 2016 Meziane Sof * Copyright (C) 2017 Josep Lluís Amador - * Copyright (C) 2019-2021 Frédéric France + * Copyright (C) 2019-2022 Frédéric France * Copyright (C) 2019-2020 Thibault FOUCART * Copyright (C) 2020 Pierre Ardoin * @@ -1973,7 +1973,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { print '"; @@ -1983,7 +1983,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { if (empty($conf->global->PRODUCT_DISABLE_PUBLIC_URL)) { print ''; } diff --git a/htdocs/product/class/api_products.class.php b/htdocs/product/class/api_products.class.php index 2566ca24919..e34b270562e 100644 --- a/htdocs/product/class/api_products.class.php +++ b/htdocs/product/class/api_products.class.php @@ -253,7 +253,7 @@ class Products extends DolibarrApi if (!$ids_only) { $product_static = new Product($this->db); if ($product_static->fetch($obj->rowid)) { - if ($includestockdata && DolibarrApiAccess::$user->rights->stock->lire) { + if (!empty($includestockdata) && DolibarrApiAccess::$user->rights->stock->lire) { $product_static->load_stock(); if (is_array($product_static->stock_warehouse)) { @@ -1644,10 +1644,10 @@ class Products extends DolibarrApi $combinations[$key]->attributes = $prodc2vp->fetchByFkCombination((int) $combination->id); $combinations[$key] = $this->_cleanObjectDatas($combinations[$key]); - if ($includestock==1 && DolibarrApiAccess::$user->rights->stock->lire) { + if (!empty($includestock) && DolibarrApiAccess::$user->rights->stock->lire) { $productModel = new Product($this->db); $productModel->fetch((int) $combination->fk_product_child); - $productModel->load_stock(); + $productModel->load_stock($includestock); $combinations[$key]->stock_warehouse = $this->_cleanObjectDatas($productModel)->stock_warehouse; } } @@ -2040,8 +2040,8 @@ class Products extends DolibarrApi throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login); } - if ($includestockdata && DolibarrApiAccess::$user->rights->stock->lire) { - $this->product->load_stock(); + if (!empty($includestockdata) && DolibarrApiAccess::$user->rights->stock->lire) { + $this->product->load_stock($includestockdata); if (is_array($this->product->stock_warehouse)) { foreach ($this->product->stock_warehouse as $keytmp => $valtmp) { diff --git a/htdocs/product/class/product.class.php b/htdocs/product/class/product.class.php index 6c249e6b3bd..28ddb32624b 100644 --- a/htdocs/product/class/product.class.php +++ b/htdocs/product/class/product.class.php @@ -1051,9 +1051,7 @@ class Product extends CommonObject if ($result >= 0) { if (empty($this->oldcopy)) { - $org = new self($this->db); - $org->fetch($this->id); - $this->oldcopy = $org; + $this->oldcopy = dol_clone($this); } // Test if batch management is activated on existing product @@ -3038,12 +3036,13 @@ class Product extends CommonObject /** * Charge tableau des stats commande fournisseur pour le produit/service * - * @param int $socid Id societe pour filtrer sur une societe - * @param string $filtrestatut Id des statuts pour filtrer sur des statuts - * @param int $forVirtualStock Ignore rights filter for virtual stock calculation. - * @return int Array of stats in $this->stats_commande_fournisseur, <0 if ko or >0 if ok + * @param int $socid Id societe pour filtrer sur une societe + * @param string $filtrestatut Id des statuts pour filtrer sur des statuts + * @param int $forVirtualStock Ignore rights filter for virtual stock calculation. + * @param int $dateofvirtualstock Date of virtual stock + * @return int Array of stats in $this->stats_commande_fournisseur, <0 if ko or >0 if ok */ - public function load_stats_commande_fournisseur($socid = 0, $filtrestatut = '', $forVirtualStock = 0) + public function load_stats_commande_fournisseur($socid = 0, $filtrestatut = '', $forVirtualStock = 0, $dateofvirtualstock = null) { // phpcs:enable global $conf, $user, $hookmanager, $action; @@ -3069,6 +3068,9 @@ class Product extends CommonObject if ($filtrestatut != '') { $sql .= " AND c.fk_statut in (".$this->db->sanitize($filtrestatut).")"; // Peut valoir 0 } + if (!empty($dateofvirtualstock)) { + $sql .= " AND c.date_livraison <= '".$this->db->idate($dateofvirtualstock)."'"; + } $result = $this->db->query($sql); if ($result) { @@ -3181,12 +3183,13 @@ class Product extends CommonObject /** * Charge tableau des stats réception fournisseur pour le produit/service * - * @param int $socid Id societe pour filtrer sur une societe - * @param string $filtrestatut Id statut pour filtrer sur un statut - * @param int $forVirtualStock Ignore rights filter for virtual stock calculation. + * @param int $socid Id societe pour filtrer sur une societe + * @param string $filtrestatut Id statut pour filtrer sur un statut + * @param int $forVirtualStock Ignore rights filter for virtual stock calculation. + * @param int $dateofvirtualstock Date of virtual stock * @return int Array of stats in $this->stats_reception, <0 if ko or >0 if ok */ - public function load_stats_reception($socid = 0, $filtrestatut = '', $forVirtualStock = 0) + public function load_stats_reception($socid = 0, $filtrestatut = '', $forVirtualStock = 0, $dateofvirtualstock = null) { // phpcs:enable global $conf, $user, $hookmanager, $action; @@ -3212,6 +3215,9 @@ class Product extends CommonObject if ($filtrestatut <> '') { $sql .= " AND cf.fk_statut IN (".$this->db->sanitize($filtrestatut).")"; } + if (!empty($dateofvirtualstock)) { + $sql .= " AND fd.datec <= '".$this->db->idate($dateofvirtualstock)."'"; + } $result = $this->db->query($sql); if ($result) { @@ -3238,12 +3244,13 @@ class Product extends CommonObject /** * Charge tableau des stats production pour le produit/service * - * @param int $socid Id societe pour filtrer sur une societe - * @param string $filtrestatut Id statut pour filtrer sur un statut - * @param int $forVirtualStock Ignore rights filter for virtual stock calculation. + * @param int $socid Id societe pour filtrer sur une societe + * @param string $filtrestatut Id statut pour filtrer sur un statut + * @param int $forVirtualStock Ignore rights filter for virtual stock calculation. + * @param int $dateofvirtualstock Date of virtual stock * @return integer Array of stats in $this->stats_mrptoproduce (nb=nb of order, qty=qty ordered), <0 if ko or >0 if ok */ - public function load_stats_inproduction($socid = 0, $filtrestatut = '', $forVirtualStock = 0) + public function load_stats_inproduction($socid = 0, $filtrestatut = '', $forVirtualStock = 0, $dateofvirtualstock = null) { // phpcs:enable global $conf, $user, $hookmanager, $action; @@ -3268,6 +3275,9 @@ class Product extends CommonObject if ($filtrestatut <> '') { $sql .= " AND m.status IN (".$this->db->sanitize($filtrestatut).")"; } + if (!empty($dateofvirtualstock)) { + $sql .= " AND m.date_valid <= '".$this->db->idate($dateofvirtualstock)."'"; // better date to code ? end of production ? + } $sql .= " GROUP BY role"; $this->stats_mrptoconsume['customers'] = 0; @@ -5037,7 +5047,7 @@ class Product extends CommonObject $result .= (img_object(($notooltip ? '' : $label), 'service', ($notooltip ? 'class="paddingright"' : 'class="paddingright classfortooltip"'), 0, 0, $notooltip ? 0 : 1)); } } - $result .= $newref; + $result .= dol_escape_htmltag($newref); $result .= $linkend; if ($withpicto != 2) { $result .= (($add_label && $this->label) ? $sep.dol_trunc($this->label, ($add_label > 1 ? $add_label : 0)) : ''); @@ -5346,10 +5356,11 @@ class Product extends CommonObject * @param string $option '' = Load all stock info, also from closed and internal warehouses, 'nobatch', 'novirtual' * You can also filter on 'warehouseclosed', 'warehouseopen', 'warehouseinternal' * @param int $includedraftpoforvirtual Include draft status of PO for virtual stock calculation + * @param int $dateofvirtualstock Date of virtual stock * @return int < 0 if KO, > 0 if OK * @see load_virtual_stock(), loadBatchInfo() */ - public function load_stock($option = '', $includedraftpoforvirtual = null) + public function load_stock($option = '', $includedraftpoforvirtual = null, $dateofvirtualstock = null) { // phpcs:enable global $conf; @@ -5407,7 +5418,7 @@ class Product extends CommonObject $this->db->free($result); if (!preg_match('/novirtual/', $option)) { - $this->load_virtual_stock($includedraftpoforvirtual); // This also load all arrays stats_xxx... + $this->load_virtual_stock($includedraftpoforvirtual, $dateofvirtualstock); // This also load all arrays stats_xxx... } return 1; @@ -5424,10 +5435,11 @@ class Product extends CommonObject * This function need a lot of load. If you use it on list, use a cache to execute it one for each product id. * * @param int $includedraftpoforvirtual Include draft status and not yet approved Purchase Orders for virtual stock calculation + * @param int $dateofvirtualstock Date of virtual stock * @return int < 0 if KO, > 0 if OK * @see load_stock(), loadBatchInfo() */ - public function load_virtual_stock($includedraftpoforvirtual = null) + public function load_virtual_stock($includedraftpoforvirtual = null, $dateofvirtualstock = null) { // phpcs:enable global $conf, $hookmanager, $action; @@ -5466,7 +5478,7 @@ class Product extends CommonObject if (isset($includedraftpoforvirtual)) { $filterStatus = '0,1,2,'.$filterStatus; // 1,2 may have already been inside $filterStatus but it is better to have twice than missing $filterStatus does not include them } - $result = $this->load_stats_commande_fournisseur(0, $filterStatus, 1); + $result = $this->load_stats_commande_fournisseur(0, $filterStatus, 1, $dateofvirtualstock); if ($result < 0) { dol_print_error($this->db, $this->error); } @@ -5478,7 +5490,7 @@ class Product extends CommonObject if (isset($includedraftpoforvirtual)) { $filterStatus = '0,'.$filterStatus; } - $result = $this->load_stats_reception(0, $filterStatus, 1); + $result = $this->load_stats_reception(0, $filterStatus, 1, $dateofvirtualstock); if ($result < 0) { dol_print_error($this->db, $this->error); } @@ -5490,14 +5502,14 @@ class Product extends CommonObject if (isset($includedraftpoforvirtual)) { $filterStatus = '0,'.$filterStatus; } - $result = $this->load_stats_reception(0, $filterStatus, 1); // Use same tables than when module reception is not used. + $result = $this->load_stats_reception(0, $filterStatus, 1, $dateofvirtualstock); // Use same tables than when module reception is not used. if ($result < 0) { dol_print_error($this->db, $this->error); } $stock_reception_fournisseur = $this->stats_reception['qty']; } if (!empty($conf->mrp->enabled)) { - $result = $this->load_stats_inproduction(0, '1,2', 1); + $result = $this->load_stats_inproduction(0, '1,2', 1, $dateofvirtualstock); if ($result < 0) { dol_print_error($this->db, $this->error); } @@ -6196,8 +6208,6 @@ class Product extends CommonObject } } - - /** * Class to manage products or services. * Do not use 'Service' as class name since it is already used by APIs. diff --git a/htdocs/product/fournisseurs.php b/htdocs/product/fournisseurs.php index 49242eb47e4..9dfc90b86a4 100644 --- a/htdocs/product/fournisseurs.php +++ b/htdocs/product/fournisseurs.php @@ -464,6 +464,9 @@ if ($id > 0 || $ref) { if (($action == 'add_price' || $action == 'update_price') && $usercancreate) { $langs->load("suppliers"); + print "\n"; + print '
'; + if ($rowid) { $object->fetch_product_fournisseur_price($rowid, 1); //Ignore the math expression when getting the price print load_fiche_titre($langs->trans("ChangeSupplierPrice")); @@ -480,7 +483,7 @@ if ($id > 0 || $ref) { print '
'.$langs->trans("ToConsume").''; - if ($tmpproduct->status_batch) { + $type = 'batch'; - print img_picto($langs->trans('AddStockLocationLine'), 'split.png', 'class="splitbutton" onClick="addDispatchLine('.$line->id.', \''.$type.'\', \'qtymissingconsume\')"'); + print ' '.img_picto($langs->trans('AddStockLocationLine'), 'split.png', 'class="splitbutton" onClick="addDispatchLine('.((int) $line->id).', \''.dol_escape_js($type).'\', \'qtymissingconsume\')"'); } print ''.$line->qty.''; @@ -1300,19 +1306,22 @@ if ($object->id > 0 && (empty($action) || ($action != 'edit' && $action != 'crea print ' '; if ($res) { print $tmpproduct->getNomUrl(1); @@ -58,7 +59,7 @@ if ($res) { print $this->tpl['label']; } print ''.$this->tpl['label'].''.$this->tpl['qty'].(($this->tpl['efficiency'] > 0 && $this->tpl['efficiency'] < 1) ? ' / '.$form->textwithpicto($this->tpl['efficiency'], $langs->trans("ValueOfMeansLoss")).' = '.$qtytoconsumeforline : '').''.(empty($this->tpl['stock']) ? 0 : price2num($this->tpl['stock'], 'MS')); if ($this->tpl['seuil_stock_alerte'] != '' && ($this->tpl['stock'] < $this->tpl['seuil_stock_alerte'])) { @@ -78,18 +79,19 @@ $selected = 1; if (!empty($selectedLines) && !in_array($this->tpl['id'], $selectedLines)) { $selected = 0; } -print ''; -//print ''; -print ''; print ''; print ' '; +//print ''; +//print '
'.$langs->trans("Description").''; // We use dolibarr_details as type of DolEditor here, because we must not accept images as description is included into PDF and not accepted by TCPDF. - $doleditor = new DolEditor('desc', $object->description, '', 160, 'dolibarr_details', '', false, true, getDolGlobalInt('FCKEDITOR_ENABLE_PRODUCTDESC'), ROWS_4, '90%'); + $doleditor = new DolEditor('desc', GETPOSTISSET('desc') ? GETPOST('desc', 'restricthtml') : $object->description, '', 160, 'dolibarr_details', '', false, true, getDolGlobalInt('FCKEDITOR_ENABLE_PRODUCTDESC'), ROWS_4, '90%'); $doleditor->Create(); print "
'.$langs->trans("PublicUrl").''; print img_picto('', 'globe', 'class="pictofixedwidth"'); - print ''; + print ''; print '
'; // Supplier - print ''; print ''; diff --git a/htdocs/product/note.php b/htdocs/product/note.php index c54bd3637ae..93d40e296e9 100644 --- a/htdocs/product/note.php +++ b/htdocs/product/note.php @@ -86,21 +86,21 @@ $form = new Form($db); $help_url = ''; if (GETPOST("type") == '0' || ($object->type == Product::TYPE_PRODUCT)) { - $help_url = 'EN:Module_Products|FR:Module_Produits|ES:Módulo_Productos'; + $help_url = 'EN:Module_Products|FR:Module_Produits|ES:Módulo_Productos|DE:Modul_Produkte'; } if (GETPOST("type") == '1' || ($object->type == Product::TYPE_SERVICE)) { - $help_url = 'EN:Module_Services_En|FR:Module_Services|ES:Módulo_Servicios'; + $help_url = 'EN:Module_Services_En|FR:Module_Services|ES:Módulo_Servicios|DE:Modul_Leistungen'; } $title = $langs->trans('ProductServiceCard'); $shortlabel = dol_trunc($object->label, 16); if (GETPOST("type") == '0' || ($object->type == Product::TYPE_PRODUCT)) { $title = $langs->trans('Product')." ".$shortlabel." - ".$langs->trans('Notes'); - $help_url = 'EN:Module_Products|FR:Module_Produits|ES:Módulo_Productos'; + $help_url = 'EN:Module_Products|FR:Module_Produits|ES:Módulo_Productos|DE:Modul_Produkte'; } if (GETPOST("type") == '1' || ($object->type == Product::TYPE_SERVICE)) { $title = $langs->trans('Service')." ".$shortlabel." - ".$langs->trans('Notes'); - $help_url = 'EN:Module_Services_En|FR:Module_Services|ES:Módulo_Servicios'; + $help_url = 'EN:Module_Services_En|FR:Module_Services|ES:Módulo_Servicios|DE:Modul_Leistungen'; } llxHeader('', $title, $help_url); diff --git a/htdocs/product/popuprop.php b/htdocs/product/popuprop.php index b921f16d02e..17716a4b3ed 100644 --- a/htdocs/product/popuprop.php +++ b/htdocs/product/popuprop.php @@ -229,6 +229,7 @@ if ($mode && $mode != '-1') { } } + $tmpproduct->id = $prodid; $tmpproduct->ref = $vals['ref']; $tmpproduct->label = $vals['label']; $tmpproduct->type = $vals['type']; diff --git a/htdocs/product/price.php b/htdocs/product/price.php index 618e5cc6a78..b129a1ff4e5 100644 --- a/htdocs/product/price.php +++ b/htdocs/product/price.php @@ -1391,6 +1391,7 @@ if ($action == 'edit_vat' && ($user->rights->produit->creer || $user->rights->se } if ($action == 'edit_price' && $object->getRights()->creer) { + print '
'; print load_fiche_titre($langs->trans("NewPrice"), ''); if (empty($conf->global->PRODUIT_MULTIPRICES) && empty($conf->global->PRODUIT_CUSTOMER_PRICES_BY_QTY_MULTIPRICES)) { @@ -1915,14 +1916,17 @@ if (!empty($conf->global->PRODUIT_CUSTOMER_PRICES)) { // Form to add a new customer price $maxpricesupplier = $object->min_recommended_price(); - print load_fiche_titre($langs->trans('PriceByCustomer')); + print ''; + print load_fiche_titre($langs->trans('AddCustomerPrice')); print ''; print ''; print ''; print ''; - print '
'.$langs->trans("Supplier").''; + print '
'.$langs->trans("Supplier").''; if ($rowid) { $supplier = new Fournisseur($db); $supplier->fetch($socid); @@ -636,7 +639,7 @@ if ($id > 0 || $ref) { $currencycodetouse = $conf->currency; } print $form->selectMultiCurrency($currencycodetouse, "multicurrency_code", 1); - print '   '.$langs->trans("CurrencyRate").' '; + print '     '.$langs->trans("CurrencyRate").' '; print ''; print '
'; + print '
'; + + print '
'; print ''; print ''; print '
'.$langs->trans('ThirdParty').''; @@ -1976,6 +1980,8 @@ if (!empty($conf->global->PRODUIT_CUSTOMER_PRICES)) { print '
'; + print ''; + print '
'; @@ -1992,6 +1998,7 @@ if (!empty($conf->global->PRODUIT_CUSTOMER_PRICES)) { // Edit mode $maxpricesupplier = $object->min_recommended_price(); + print ''; print load_fiche_titre($langs->trans('PriceByCustomer')); $result = $prodcustprice->fetch(GETPOST('lineid', 'int')); diff --git a/htdocs/product/stock/class/productlot.class.php b/htdocs/product/stock/class/productlot.class.php index 0e0f8883f99..3b169055bfa 100644 --- a/htdocs/product/stock/class/productlot.class.php +++ b/htdocs/product/stock/class/productlot.class.php @@ -388,9 +388,7 @@ class Productlot extends CommonObject // Put here code to add a control on parameters values if (empty($this->oldcopy)) { - $org = new self($this->db); - $org->fetch($this->id); - $this->oldcopy = $org; + $this->oldcopy = dol_clone($this); } // Update request diff --git a/htdocs/product/stock/massstockmove.php b/htdocs/product/stock/massstockmove.php index 31b2aa8e187..4da9156e955 100644 --- a/htdocs/product/stock/massstockmove.php +++ b/htdocs/product/stock/massstockmove.php @@ -336,11 +336,11 @@ if ($action == 'importCSV' && !empty($user->rights->stock->mouvement->creer)) { continue; } //var_dump($data); - $tmp_id_sw = (int) $data[$i][0]['val']; - $tmp_id_tw = (int) $data[$i][1]['val']; - $tmp_id_product = (int) $data[$i][2]['val']; - $tmp_qty = price2num((float) $data[$i][3]['val'], 'MS'); - $tmp_batch = dol_escape_htmltag($data[$i][4]['val']); + $tmp_id_sw = $data[$i][0]['val']; + $tmp_id_tw = $data[$i][1]['val']; + $tmp_id_product = $data[$i][2]['val']; + $tmp_qty = $data[$i][3]['val']; + $tmp_batch = $data[$i][4]['val']; if (!is_numeric($tmp_id_product)) { $result = fetchref($productstatic, $tmp_id_product); @@ -604,11 +604,11 @@ print '
'; print img_picto($langs->trans("LotSerial"), 'lot', 'class="paddingright"'); - print ''; + print ''; print ''; - print $productstatic->getNomUrl(1).' - '.$productstatic->label; + print $productstatic->getNomUrl(1).' - '.dol_escape_htmltag($productstatic->label); print ''; - print $val['batch']; + print dol_escape_htmltag($val['batch']); print ''.$val['qty'].''.price2num((float) $val['qty'], 'MS').''.img_delete($langs->trans("Remove")).'
'.$prod->getNomUrl(1, 'stock').''.$objp->label; + print ''; + print dol_escape_htmltag($objp->label); print ''; // TODO Remove this and make a fetch to get description when creating order instead of a GETPOST print '
'; - print ''; + print ''; print ''; - print ''; + print ''; print ''; - print ''; + print ''; print ''; print ''; @@ -322,7 +322,7 @@ if ($resql) { // Company $href = DOL_URL_ROOT.'/fourn/card.php?socid='.$obj->socid; - print ''.img_object($langs->trans('ShowCompany'), 'company').' '.$obj->name.''.img_object($langs->trans('ShowCompany'), 'company').' '.$obj->name.''.$langs->trans("NumberOfUnit").''; if ($object->element == 'product' || $object->element == 'stock') { - print ''; print ''; print ''; print ''; @@ -134,7 +134,7 @@ if (!empty($conf->productbatch->enabled) && ) { print '
'; - print ''; + print ''; print '
'.$langs->trans('Project').''; print img_picto('', 'project'); - $formproject->select_projects(-1, '', 'projectid', 0, 0, 1, 0, 0, 0, 0, '', 0, 0, 'maxwidth300'); + $formproject->select_projects(-1, '', 'projectid', 0, 0, 1, 0, 0, 0, 0, '', 0, 0, 'maxwidth300 widthcentpercentminusx'); print '
'.$langs->trans("MovementLabel").''; -print ''; +print ''; print ''.$langs->trans("InventoryCode").''; diff --git a/htdocs/product/stock/tpl/stocktransfer.tpl.php b/htdocs/product/stock/tpl/stocktransfer.tpl.php index 53803b0929d..f2ecfa1d73c 100644 --- a/htdocs/product/stock/tpl/stocktransfer.tpl.php +++ b/htdocs/product/stock/tpl/stocktransfer.tpl.php @@ -75,7 +75,7 @@ if ($object->element == 'product') { print img_picto('', 'stock'); $selected = (GETPOST("dwid") ?GETPOST("dwid", 'int') : (GETPOST('id_entrepot') ?GETPOST('id_entrepot', 'int') : ($object->element == 'product' && $object->fk_default_warehouse ? $object->fk_default_warehouse : 'ifone'))); $warehousestatus = 'warehouseopen,warehouseinternal'; - print $formproduct->selectWarehouses($selected, 'id_entrepot', $warehousestatus, 1); + print $formproduct->selectWarehouses($selected, 'id_entrepot', $warehousestatus, 1, 0, 0, '', 0, 0, array(), 'minwidth75 maxwidth300 widthcentpercentminusx'); print ''.$langs->trans("WarehouseTarget").''; -print img_picto('', 'stock').$formproduct->selectWarehouses(GETPOST('id_entrepot_destination'), 'id_entrepot_destination', 'warehouseopen,warehouseinternal', 1); +print img_picto('', 'stock').$formproduct->selectWarehouses(GETPOST('id_entrepot_destination'), 'id_entrepot_destination', 'warehouseopen,warehouseinternal', 1, 0, 0, '', 0, 0, array(), 'minwidth75 maxwidth300 widthcentpercentminusx'); print '
'.$langs->trans("NumberOfUnit").'
'.$langs->trans("MovementLabel").''; -print ''; +print ''; print ''.$langs->trans("InventoryCode").''; diff --git a/htdocs/projet/activity/index.php b/htdocs/projet/activity/index.php index 453a4078978..bbd9442f876 100644 --- a/htdocs/projet/activity/index.php +++ b/htdocs/projet/activity/index.php @@ -66,7 +66,6 @@ $month = $tmp['mon']; $year = $tmp['year']; $projectstatic = new Project($db); -$taskstatic = new Task($db); $projectsListId = $projectstatic->getProjectsAuthorizedForUser($user, 0, 1); // Return all projects I have permission on because I want my tasks and some of my task may be on a public projet that is not my project $taskstatic = new Task($db); $tasktmp = new Task($db); diff --git a/htdocs/public/members/new.php b/htdocs/public/members/new.php index bafed2c54eb..87502734f8e 100644 --- a/htdocs/public/members/new.php +++ b/htdocs/public/members/new.php @@ -257,7 +257,7 @@ if (empty($reshook) && $action == 'add') { $public = GETPOSTISSET('public') ? 1 : 0; if (!$error) { - // email a peu pres correct et le login n'existe pas + // E-mail looks OK and login does not exist $adh = new Adherent($db); $adh->statut = -1; $adh->public = $public; @@ -378,6 +378,16 @@ if (empty($reshook) && $action == 'add') { } } + // Auto-create thirdparty on member creation + if (!empty($conf->global->ADHERENT_DEFAULT_CREATE_THIRDPARTY)) { + $company = new Societe($db); + $result = $company->create_from_member($adh); + if ($result < 0) { + $error++; + $errmsg .= join('
', $company->errors); + } + } + if (!empty($backtopage)) { $urlback = $backtopage; } elseif (!empty($conf->global->MEMBER_URL_REDIRECT_SUBSCRIPTION)) { diff --git a/htdocs/public/payment/paymentok.php b/htdocs/public/payment/paymentok.php index bb5097cb11a..fbeba92516f 100644 --- a/htdocs/public/payment/paymentok.php +++ b/htdocs/public/payment/paymentok.php @@ -373,6 +373,7 @@ if ($ispaymentok) { } if (empty($user->rights->adherent)) { $user->rights->adherent = new stdClass(); + $user->rights->adherent->cotisation = new stdClass(); } $user->rights->societe->creer = 1; $user->rights->facture->creer = 1; diff --git a/htdocs/recruitment/core/modules/recruitment/doc/doc_generic_recruitmentjobposition_odt.modules.php b/htdocs/recruitment/core/modules/recruitment/doc/doc_generic_recruitmentjobposition_odt.modules.php index 8d187807700..ba35cb0ba3f 100644 --- a/htdocs/recruitment/core/modules/recruitment/doc/doc_generic_recruitmentjobposition_odt.modules.php +++ b/htdocs/recruitment/core/modules/recruitment/doc/doc_generic_recruitmentjobposition_odt.modules.php @@ -4,7 +4,7 @@ * Copyright (C) 2014 Marcos García * Copyright (C) 2016 Charlie Benke * Copyright (C) 2018-2021 Philippe Grand - * Copyright (C) 2018 Frédéric France + * Copyright (C) 2018-2022 Frédéric France * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -22,12 +22,12 @@ */ /** - * \file htdocs/core/modules/recruitment/doc/doc_generic_recruitmentjobposition_odt.modules.php + * \file htdocs/recruitment/core/modules/recruitment/doc/doc_generic_recruitmentjobposition_odt.modules.php * \ingroup recruitment * \brief File of class to build ODT documents for recruitmentjobpositions */ -dol_include_once('/recruitment/core/modules/recruitment/modules_recruitmentjobposition.php'); +require_once DOL_DOCUMENT_ROOT.'/recruitment/core/modules/recruitment/modules_recruitmentjobposition.php'; require_once DOL_DOCUMENT_ROOT.'/product/class/product.class.php'; require_once DOL_DOCUMENT_ROOT.'/core/lib/company.lib.php'; require_once DOL_DOCUMENT_ROOT.'/core/lib/functions2.lib.php'; @@ -234,7 +234,7 @@ class doc_generic_recruitmentjobposition_odt extends ModelePDFRecruitmentJobPosi $outputlangs->loadLangs(array("main", "dict", "companies", "bills")); - if ($conf->commande->dir_output) { + if ($conf->recruitment->dir_output) { // If $object is id instead of object if (!is_object($object)) { $id = $object; @@ -246,7 +246,7 @@ class doc_generic_recruitmentjobposition_odt extends ModelePDFRecruitmentJobPosi } } - $dir = $conf->commande->multidir_output[isset($object->entity) ? $object->entity : 1]; + $dir = $conf->recruitment->multidir_output[isset($object->entity) ? $object->entity : 1].'/recruitmentjobposition/'; $objectref = dol_sanitizeFileName($object->ref); if (!preg_match('/specimen/i', $objectref)) { $dir .= "/".$objectref; diff --git a/htdocs/recruitment/core/modules/recruitment/mod_recruitmentcandidature_advanced.php b/htdocs/recruitment/core/modules/recruitment/mod_recruitmentcandidature_advanced.php index 000c045a03f..8772e97bf77 100644 --- a/htdocs/recruitment/core/modules/recruitment/mod_recruitmentcandidature_advanced.php +++ b/htdocs/recruitment/core/modules/recruitment/mod_recruitmentcandidature_advanced.php @@ -104,7 +104,7 @@ class mod_recruitmentcandidature_advanced extends ModeleNumRefRecruitmentCandida $old_code_type = $mysoc->typent_code; $mysoc->code_client = 'CCCCCCCCCC'; $mysoc->typent_code = 'TTTTTTTTTT'; - $numExample = $this->getNextValue($mysoc, ''); + $numExample = $this->getNextValue($mysoc); $mysoc->code_client = $old_code_client; $mysoc->typent_code = $old_code_type; diff --git a/htdocs/recruitment/core/modules/recruitment/mod_recruitmentjobposition_advanced.php b/htdocs/recruitment/core/modules/recruitment/mod_recruitmentjobposition_advanced.php index c7253f182bf..c280153f9c8 100644 --- a/htdocs/recruitment/core/modules/recruitment/mod_recruitmentjobposition_advanced.php +++ b/htdocs/recruitment/core/modules/recruitment/mod_recruitmentjobposition_advanced.php @@ -104,7 +104,7 @@ class mod_recruitmentjobposition_advanced extends ModeleNumRefRecruitmentJobPosi $old_code_type = $mysoc->typent_code; $mysoc->code_client = 'CCCCCCCCCC'; $mysoc->typent_code = 'TTTTTTTTTT'; - $numExample = $this->getNextValue($mysoc, ''); + $numExample = $this->getNextValue($mysoc); $mysoc->code_client = $old_code_client; $mysoc->typent_code = $old_code_type; diff --git a/htdocs/recruitment/recruitmentjobposition_card.php b/htdocs/recruitment/recruitmentjobposition_card.php index ed1b1b54711..996868a791e 100644 --- a/htdocs/recruitment/recruitmentjobposition_card.php +++ b/htdocs/recruitment/recruitmentjobposition_card.php @@ -21,41 +21,21 @@ * \brief Page to create/edit/view recruitmentjobposition */ -//if (! defined('NOREQUIREDB')) define('NOREQUIREDB','1'); // Do not create database handler $db -//if (! defined('NOREQUIREUSER')) define('NOREQUIREUSER','1'); // Do not load object $user -//if (! defined('NOREQUIRESOC')) define('NOREQUIRESOC','1'); // Do not load object $mysoc -//if (! defined('NOREQUIRETRAN')) define('NOREQUIRETRAN','1'); // Do not load object $langs -//if (! defined('NOSCANGETFORINJECTION')) define('NOSCANGETFORINJECTION','1'); // Do not check injection attack on GET parameters -//if (! defined('NOSCANPOSTFORINJECTION')) define('NOSCANPOSTFORINJECTION','1'); // Do not check injection attack on POST parameters -//if (! defined('NOCSRFCHECK')) define('NOCSRFCHECK','1'); // Do not check CSRF attack (test on referer + on token if option MAIN_SECURITY_CSRF_WITH_TOKEN is on). -//if (! defined('NOTOKENRENEWAL')) define('NOTOKENRENEWAL','1'); // Do not roll the Anti CSRF token (used if MAIN_SECURITY_CSRF_WITH_TOKEN is on) -//if (! defined('NOSTYLECHECK')) define('NOSTYLECHECK','1'); // Do not check style html tag into posted data -//if (! defined('NOREQUIREMENU')) define('NOREQUIREMENU','1'); // If there is no need to load and show top and left menu -//if (! defined('NOREQUIREHTML')) define('NOREQUIREHTML','1'); // If we don't need to load the html.form.class.php -//if (! defined('NOREQUIREAJAX')) define('NOREQUIREAJAX','1'); // Do not load ajax.lib.php library -//if (! defined("NOLOGIN")) define("NOLOGIN",'1'); // If this page is public (can be called outside logged session). This include the NOIPCHECK too. -//if (! defined('NOIPCHECK')) define('NOIPCHECK','1'); // Do not check IP defined into conf $dolibarr_main_restrict_ip -//if (! defined("MAIN_LANG_DEFAULT")) define('MAIN_LANG_DEFAULT','auto'); // Force lang to a particular value -//if (! defined("MAIN_AUTHENTICATION_MODE")) define('MAIN_AUTHENTICATION_MODE','aloginmodule'); // Force authentication handler -//if (! defined("NOREDIRECTBYMAINTOLOGIN")) define('NOREDIRECTBYMAINTOLOGIN',1); // The main.inc.php does not make a redirect if not logged, instead show simple error message -//if (! defined("FORCECSP")) define('FORCECSP','none'); // Disable all Content Security Policies - - // Load Dolibarr environment require_once '../main.inc.php'; require_once DOL_DOCUMENT_ROOT.'/core/class/html.formcompany.class.php'; require_once DOL_DOCUMENT_ROOT.'/core/class/html.formfile.class.php'; require_once DOL_DOCUMENT_ROOT.'/core/class/html.formprojet.class.php'; require_once DOL_DOCUMENT_ROOT.'/projet/class/project.class.php'; -dol_include_once('/recruitment/class/recruitmentjobposition.class.php'); -dol_include_once('/recruitment/lib/recruitment_recruitmentjobposition.lib.php'); +require_once DOL_DOCUMENT_ROOT.'/recruitment/class/recruitmentjobposition.class.php'; +require_once DOL_DOCUMENT_ROOT.'/recruitment/lib/recruitment_recruitmentjobposition.lib.php'; // Load translation files required by the page $langs->loadLangs(array("recruitment", "other")); // Get parameters $id = GETPOST('id', 'int'); -$ref = GETPOST('ref', 'alpha'); +$ref = GETPOST('ref', 'alpha'); $action = GETPOST('action', 'aZ09'); $confirm = GETPOST('confirm', 'alpha'); $cancel = GETPOST('cancel', 'aZ09'); diff --git a/htdocs/recruitment/recruitmentjobposition_document.php b/htdocs/recruitment/recruitmentjobposition_document.php index 49a36a736d1..d05ed9ab5d6 100644 --- a/htdocs/recruitment/recruitmentjobposition_document.php +++ b/htdocs/recruitment/recruitmentjobposition_document.php @@ -28,8 +28,8 @@ require_once DOL_DOCUMENT_ROOT.'/core/lib/company.lib.php'; require_once DOL_DOCUMENT_ROOT.'/core/lib/files.lib.php'; require_once DOL_DOCUMENT_ROOT.'/core/lib/images.lib.php'; require_once DOL_DOCUMENT_ROOT.'/core/class/html.formfile.class.php'; -dol_include_once('/recruitment/class/recruitmentjobposition.class.php'); -dol_include_once('/recruitment/lib/recruitment_recruitmentjobposition.lib.php'); +require_once DOL_DOCUMENT_ROOT.'/recruitment/class/recruitmentjobposition.class.php'; +require_once DOL_DOCUMENT_ROOT.'/recruitment/lib/recruitment_recruitmentjobposition.lib.php'; // Load translation files required by the page $langs->loadLangs(array("recruitment", "companies", "other", "mails")); diff --git a/htdocs/resource/class/dolresource.class.php b/htdocs/resource/class/dolresource.class.php index da99b2f2e97..2188d3b0a23 100644 --- a/htdocs/resource/class/dolresource.class.php +++ b/htdocs/resource/class/dolresource.class.php @@ -263,9 +263,7 @@ class Dolresource extends CommonObject } if (empty($this->oldcopy)) { - $org = new self($this->db); - $org->fetch($this->id); - $this->oldcopy = $org; + $this->oldcopy = dol_clone($this); } // Update request diff --git a/htdocs/societe/class/societe.class.php b/htdocs/societe/class/societe.class.php index 105178e3d65..26415a63332 100644 --- a/htdocs/societe/class/societe.class.php +++ b/htdocs/societe/class/societe.class.php @@ -4024,12 +4024,25 @@ class Societe extends CommonObject global $conf, $user, $langs; dol_syslog(get_class($this)."::create_from_member", LOG_DEBUG); + $fullname = $member->getFullName($langs); - $name = $socname ? $socname : $member->societe; - if (empty($name)) { - $name = $member->getFullName($langs); + if ($member->morphy == 'mor') { + if (empty($socname)) { + $socname = $member->company? $member->company : $member->societe; + } + if (!empty($fullname) && empty($socalias)) { + $socalias = $fullname; + } + } elseif (empty($socname) && $member->morphy == 'phy') { + if (empty($socname)) { + $socname = $fullname; + } + if (!empty($member->company) && empty($socalias)) { + $socalias = $member->company; + } } + $name = $socname; $alias = $socalias ? $socalias : ''; // Positionne parametres diff --git a/htdocs/supplier_proposal/card.php b/htdocs/supplier_proposal/card.php index 6253d9b86b2..3ef3e2bd737 100644 --- a/htdocs/supplier_proposal/card.php +++ b/htdocs/supplier_proposal/card.php @@ -1358,7 +1358,7 @@ if ($action == 'create') { // Calcul contrat->price (HT), contrat->total (TTC), contrat->tva $objectsrc->remise_absolue = $remise_absolue; $objectsrc->remise_percent = $remise_percent; - $objectsrc->update_price(1, - 1, 1); + $objectsrc->update_price(1, 'auto', 1); } print "\n"; diff --git a/htdocs/takepos/invoice.php b/htdocs/takepos/invoice.php index 3657ca7f4b6..c3948126b3f 100644 --- a/htdocs/takepos/invoice.php +++ b/htdocs/takepos/invoice.php @@ -564,6 +564,27 @@ if (empty($reshook)) { $line = array('description' => $prod->description, 'price' => $price, 'tva_tx' => $tva_tx, 'locatax1_tx' => $localtax1_tx, 'locatax2_tx' => $localtax2_tx, 'remise_percent' => $customer->remise_percent, 'price_ttc' => $price_ttc, 'array_options' => $array_options); + /* setup of margin calculation */ + if (isset($conf->global->MARGIN_TYPE)) { + if ($conf->global->MARGIN_TYPE == 'pmp' && ! empty($prod->pmp)) { + $line['fk_fournprice'] = null; + $line['pa_ht'] = $prod->pmp; + } elseif ($conf->global->MARGIN_TYPE == 'costprice' && ! empty($prod->cost_price)) { + $line['fk_fournprice'] = null; + $line['pa_ht'] = $prod->cost_price; + } else { + // default is fournprice + require_once DOL_DOCUMENT_ROOT.'/fourn/class/fournisseur.product.class.php'; + $pf = new ProductFournisseur($db); + if ($pf->find_min_price_product_fournisseur($idproduct, $qty) > 0) { + $line['fk_fournprice'] = $pf->product_fourn_price_id; + $line['pa_ht'] = $pf->fourn_unitprice_with_discount; + if ($pf->fourn_charges > 0) + $line['pa_ht'] += $pf->fourn_charges / $pf->fourn_qty; + } + } + } + // complete line by hook $parameters = array('prod' => $prod, 'line' => $line); $reshook=$hookmanager->executeHooks('completeTakePosAddLine', $parameters, $invoice, $action); // Note that $action and $line may have been modified by some hooks @@ -575,7 +596,7 @@ if (empty($reshook)) { $line = $hookmanager->resArray; } - $idoflineadded = $invoice->addline($line['description'], $line['price'], $qty, $line['tva_tx'], $line['localtax1_tx'], $line['localtax2_tx'], $idproduct, $line['remise_percent'], '', 0, 0, 0, '', $price_base_type, $line['price_ttc'], $prod->type, -1, 0, '', 0, (!empty($parent_line)) ? $parent_line : '', null, '', '', $line['array_options'], 100, '', null, 0); + $idoflineadded = $invoice->addline($line['description'], $line['price'], $qty, $line['tva_tx'], $line['localtax1_tx'], $line['localtax2_tx'], $idproduct, $line['remise_percent'], '', 0, 0, 0, '', $price_base_type, $line['price_ttc'], $prod->type, -1, 0, '', 0, (!empty($parent_line)) ? $parent_line : '', $line['fk_fournprice'], $line['pa_ht'], '', $line['array_options'], 100, '', null, 0); } if (!empty($conf->global->TAKEPOS_CUSTOMER_DISPLAY)) { diff --git a/htdocs/takepos/pay.php b/htdocs/takepos/pay.php index f487862e895..af6a4f79d71 100644 --- a/htdocs/takepos/pay.php +++ b/htdocs/takepos/pay.php @@ -130,7 +130,7 @@ if ($invoiceid > 0) { if ($invoice->type != $invoice::TYPE_CREDIT_NOTE) { if (empty($conf->global->$keyforstripeterminalbank)) { ?> const config = {simulated: global->STRIPE_TERMINAL_SIMULATED)) { ?> true false - global->STRIPE_LOCATION)) { ?>, location: 'global->STRIPE_LOCATION; ?>'} + global->STRIPE_LOCATION)) { ?>, location: 'global->STRIPE_LOCATION; ?>'} terminal.discoverReaders(config).then(function(discoverResult) { if (discoverResult.error) { console.log('Failed to discover: ', discoverResult.error); @@ -141,7 +141,7 @@ if ($invoiceid > 0) { // cashier here and let them select which to connect to (see below). selectedReader = discoverResult.discoveredReaders[0]; //console.log('terminal.discoverReaders', selectedReader); // only active for development - + terminal.connectReader(selectedReader).then(function(connectResult) { if (connectResult.error) { document.getElementById("card-present-alert").innerHTML = '
'+connectResult.error.message+'
'; @@ -160,7 +160,7 @@ if ($invoiceid > 0) { terminal.connectReader(getSelectedReader($conf->global->$keyforstripeterminalbank, $stripeacc, $servicestatus)); ?>).then(function(connectResult) { if (connectResult.error) { - document.getElementById("card-present-alert").innerHTML = '
'+connectResult.error.message+'
'; + document.getElementById("card-present-alert").innerHTML = '
'+connectResult.error.message+'
'; console.log('Failed to connect: ', connectResult.error); } else { document.getElementById("card-present-alert").innerHTML = ''; @@ -388,7 +388,7 @@ if ($conf->global->TAKEPOS_NUMPAD == 0) { global->STRIPE_TERMINAL_SIMULATED)) { ?> terminal.setSimulatorConfiguration({testCardNumber: 'global->STRIPE_TERMINAL_SIMULATED; ?>'}); - document.getElementById("card-present-alert").innerHTML = '
trans('PaymentSendToStripeTerminal'); ?>
'; + document.getElementById("card-present-alert").innerHTML = '
trans('PaymentSendToStripeTerminal'); ?>
'; terminal.collectPaymentMethod(client_secret).then(function(result) { if (result.error) { // Placeholder for handling result.error @@ -398,7 +398,7 @@ if ($conf->global->TAKEPOS_NUMPAD == 0) { console.log('terminal.collectPaymentMethod', result.paymentIntent); terminal.processPayment(result.paymentIntent).then(function(result) { if (result.error) { - document.getElementById("card-present-alert").innerHTML = '
'+result.error.message+'
'; + document.getElementById("card-present-alert").innerHTML = '
'+result.error.message+'
'; console.log(result.error) } else if (result.paymentIntent) { paymentIntentId = result.paymentIntent.id; @@ -409,7 +409,7 @@ if ($conf->global->TAKEPOS_NUMPAD == 0) { document.getElementById("card-present-alert").innerHTML = '
'+result.error.message+'
'; console.log("error when capturing paymentIntent", result.error); } else { - document.getElementById("card-present-alert").innerHTML = '
trans('PaymentValidated'); ?>
'; + document.getElementById("card-present-alert").innerHTML = '
trans('PaymentValidated'); ?>
'; console.log("Capture paymentIntent successfull "+paymentIntentId); parent.$("#poslines").load("invoice.php?place=&action=valid&pay=CB&amount="+amountpayed+"&excess="+excess+"&invoiceid="+invoiceid+"&accountid="+accountid, function() { if (amountpayed > || amountpayed == || amountpayed==0 ) { @@ -423,7 +423,7 @@ if ($conf->global->TAKEPOS_NUMPAD == 0) { }); } - }); + }); } }); } @@ -655,6 +655,10 @@ if ($conf->global->TAKEPOS_ENABLE_SUMUP) { } } +$parameters = array(); +$reshook = $hookmanager->executeHooks('addMoreActionsButtons', $parameters, $invoice, $action); // Note that $action and $object may have been modified by hook +if ($reshook < 0) setEventMessages($hookmanager->error, $hookmanager->errors, 'errors'); + $class = ($i == 3) ? "calcbutton3" : "calcbutton2"; foreach ($action_buttons as $button) { $newclass = $class.($button["class"] ? " ".$button["class"] : ""); @@ -665,6 +669,14 @@ if ($conf->global->TAKEPOS_DELAYED_PAYMENT) { print ''; } ?> + +executeHooks('completePayment', $parameters, $invoice); +print $hookmanager->resPrint; +?> + diff --git a/htdocs/ticket/card.php b/htdocs/ticket/card.php index cb7e71f8356..20c5d45dd3b 100755 --- a/htdocs/ticket/card.php +++ b/htdocs/ticket/card.php @@ -172,7 +172,19 @@ if (empty($reshook)) { if (GETPOST('save', 'alpha') && !empty($user->rights->ticket->write)) { $error = 0; - if (!GETPOST("subject", 'alphanohtml')) { + if (!GETPOST("type_code", 'alpha')) { + $error++; + setEventMessages($langs->trans("ErrorFieldRequired", $langs->transnoentities("TicketTypeRequest")), null, 'errors'); + $action = 'create'; + } elseif (!GETPOST("category_code", 'alpha')) { + $error++; + setEventMessages($langs->trans("ErrorFieldRequired", $langs->transnoentities("TicketCategory")), null, 'errors'); + $action = 'create'; + } elseif (!GETPOST("severity_code", 'alpha')) { + $error++; + setEventMessages($langs->trans("ErrorFieldRequired", $langs->transnoentities("TicketSeverity")), null, 'errors'); + $action = 'create'; + } elseif (!GETPOST("subject", 'alphanohtml')) { $error++; setEventMessages($langs->trans("ErrorFieldRequired", $langs->transnoentities("Subject")), null, 'errors'); $action = 'create'; diff --git a/htdocs/ticket/class/api_tickets.class.php b/htdocs/ticket/class/api_tickets.class.php index 3151f75877b..2fd77693984 100644 --- a/htdocs/ticket/class/api_tickets.class.php +++ b/htdocs/ticket/class/api_tickets.class.php @@ -187,10 +187,14 @@ class Tickets extends DolibarrApi if (is_array($this->ticket->cache_logs_ticket) && count($this->ticket->cache_logs_ticket) > 0) { $num = count($this->ticket->cache_logs_ticket); $i = 0; + $user_action = new User($this->db); + while ($i < $num) { + $userstring = ''; if ($this->ticket->cache_logs_ticket[$i]['fk_user_create'] > 0) { - $user_action = new User($this->db); $user_action->fetch($this->ticket->cache_logs_ticket[$i]['fk_user_create']); + + $userstring = dolGetFirstLastname($user_action->firstname, $user_action->lastname); } // Now define messages @@ -198,7 +202,7 @@ class Tickets extends DolibarrApi 'id' => $this->ticket->cache_logs_ticket[$i]['id'], 'fk_user_author' => $this->ticket->cache_msgs_ticket[$i]['fk_user_author'], 'fk_user_action' => $this->ticket->cache_logs_ticket[$i]['fk_user_create'], - 'fk_user_action_string' => dolGetFirstLastname($user_action->firstname, $user_action->lastname), + 'fk_user_action_string' => $userstring, 'message' => $this->ticket->cache_logs_ticket[$i]['message'], 'datec' => $this->ticket->cache_logs_ticket[$i]['datec'], ); @@ -243,6 +247,7 @@ class Tickets extends DolibarrApi } // If the internal user must only see his customers, force searching by him + $search_sale = 0; if (!DolibarrApiAccess::$user->rights->societe->client->voir && !$socid) { $search_sale = DolibarrApiAccess::$user->id; } diff --git a/htdocs/ticket/class/ticket.class.php b/htdocs/ticket/class/ticket.class.php index 82c2142d786..496e6607bf7 100644 --- a/htdocs/ticket/class/ticket.class.php +++ b/htdocs/ticket/class/ticket.class.php @@ -1584,28 +1584,28 @@ class Ticket extends CommonObject // foreach contact send email with notification message if (count($contacts) > 0) { foreach ($contacts as $key => $info_sendto) { - $message = ''; + $tmpmessage = ''; $subject = '['.$conf->global->MAIN_INFO_SOCIETE_NOM.'] '.$langs->transnoentities('TicketNotificationEmailSubject', $this->track_id); - $message .= $langs->transnoentities('TicketNotificationEmailBody', $this->track_id)."\n\n"; - $message .= $langs->transnoentities('Title').' : '.$this->subject."\n"; + $tmpmessage .= $langs->transnoentities('TicketNotificationEmailBody', $this->track_id)."\n\n"; + $tmpmessage .= $langs->transnoentities('Title').' : '.$this->subject."\n"; $recipient_name = dolGetFirstLastname($info_sendto['firstname'], $info_sendto['lastname'], '-1'); $recipient = (!empty($recipient_name) ? $recipient_name : $info_sendto['email']).' ('.strtolower($info_sendto['libelle']).')'; - $message .= $langs->transnoentities('TicketNotificationRecipient').' : '.$recipient."\n"; - $message .= "\n"; - $message .= '* '.$langs->transnoentities('TicketNotificationLogMessage').' *'."\n"; - $message .= dol_html_entity_decode($log_message, ENT_QUOTES | ENT_HTML5)."\n"; + $tmpmessage .= $langs->transnoentities('TicketNotificationRecipient').' : '.$recipient."\n"; + $tmpmessage .= "\n"; + $tmpmessage .= '* '.$langs->transnoentities('TicketNotificationLogMessage').' *'."\n"; + $tmpmessage .= dol_html_entity_decode($message, ENT_QUOTES | ENT_HTML5)."\n"; if ($info_sendto['source'] == 'internal') { $url_internal_ticket = dol_buildpath('/ticket/card.php', 2).'?track_id='.$this->track_id; - $message .= "\n".$langs->transnoentities('TicketNotificationEmailBodyInfosTrackUrlinternal').' : '.$this->track_id.''."\n"; + $tmpmessage .= "\n".$langs->transnoentities('TicketNotificationEmailBodyInfosTrackUrlinternal').' : '.$this->track_id.''."\n"; } else { $url_public_ticket = ($conf->global->TICKET_URL_PUBLIC_INTERFACE ? $conf->global->TICKET_URL_PUBLIC_INTERFACE.'/' : dol_buildpath('/public/ticket/view.php', 2)).'?track_id='.$this->track_id; - $message .= "\n".$langs->transnoentities('TicketNewEmailBodyInfosTrackUrlCustomer').' : '.$this->track_id.''."\n"; + $tmpmessage .= "\n".$langs->transnoentities('TicketNewEmailBodyInfosTrackUrlCustomer').' : '.$this->track_id.''."\n"; } - $message .= "\n"; - $message .= $langs->transnoentities('TicketEmailPleaseDoNotReplyToThisEmail')."\n"; + $tmpmessage .= "\n"; + $tmpmessage .= $langs->transnoentities('TicketEmailPleaseDoNotReplyToThisEmail')."\n"; $from = $conf->global->MAIN_INFO_SOCIETE_NOM.'<'.$conf->global->TICKET_NOTIFICATION_EMAIL_FROM.'>'; $replyto = $from; @@ -1615,7 +1615,7 @@ class Ticket extends CommonObject $filename = array(); $mimetype = array(); - $message = dol_nl2br($message); + $tmpmessage = dol_nl2br($tmpmessage); if (!empty($conf->global->TICKET_DISABLE_MAIL_AUTOCOPY_TO)) { $old_MAIN_MAIL_AUTOCOPY_TO = $conf->global->MAIN_MAIL_AUTOCOPY_TO; @@ -1624,7 +1624,7 @@ class Ticket extends CommonObject include_once DOL_DOCUMENT_ROOT.'/core/class/CMailFile.class.php'; $sendtocc = ''; $deliveryreceipt = 0; - $mailfile = new CMailFile($subject, $info_sendto['email'], $from, $message, $filepath, $mimetype, $filename, $sendtocc, '', $deliveryreceipt, 0); + $mailfile = new CMailFile($subject, $info_sendto['email'], $from, $tmpmessage, $filepath, $mimetype, $filename, $sendtocc, '', $deliveryreceipt, 0); if ($mailfile->error || $mailfile->errors) { setEventMessages($mailfile->error, $mailfile->errors, 'errors'); } else { @@ -2131,12 +2131,13 @@ class Ticket extends CommonObject { $array_contact = array(); - $array_contact = $this->getIdTicketInternalContact($exclude_self); + $array_contact = $this->getIdTicketInternalContact(); - $array_contact = array_merge($array_contact, $this->getIdTicketCustomerContact($exclude_self)); + $array_contact = array_merge($array_contact, $this->getIdTicketCustomerContact()); - $array_contact = array_merge($array_contact, $this->getIdTicketInternalInvolvedContact($exclude_self)); - $array_contact = array_merge($array_contact, $this->getIdTicketCustomerInvolvedContact($exclude_self)); + $array_contact = array_merge($array_contact, $this->getIdTicketInternalInvolvedContact()); + + $array_contact = array_merge($array_contact, $this->getIdTicketCustomerInvolvedContact()); return $array_contact; } @@ -2150,8 +2151,9 @@ class Ticket extends CommonObject { $array_contact = array(); - $array_contact = array_merge($array_contact, $this->getIdTicketCustomerContact($exclude_self)); - $array_contact = array_merge($array_contact, $this->getIdTicketCustomerInvolvedContact($exclude_self)); + $array_contact = array_merge($array_contact, $this->getIdTicketCustomerContact()); + + $array_contact = array_merge($array_contact, $this->getIdTicketCustomerInvolvedContact()); return $array_contact; } @@ -2825,11 +2827,14 @@ class Ticket extends CommonObject $filename = $mimefilename_list; $mimetype = $mimetype_list; - // Envoi du mail + // Send email + + $old_MAIN_MAIL_AUTOCOPY_TO = getDolGlobalString('MAIN_MAIL_AUTOCOPY_TO'); + if (!empty($conf->global->TICKET_DISABLE_MAIL_AUTOCOPY_TO)) { - $old_MAIN_MAIL_AUTOCOPY_TO = $conf->global->MAIN_MAIL_AUTOCOPY_TO; $conf->global->MAIN_MAIL_AUTOCOPY_TO = ''; } + include_once DOL_DOCUMENT_ROOT.'/core/class/CMailFile.class.php'; $trackid = "tic".$this->id; $mailfile = new CMailFile($subject, $receiver, $from, $message, $filepath, $mimetype, $filename, $sendtocc, '', $deliveryreceipt, -1, '', '', $trackid, '', 'ticket'); @@ -2850,6 +2855,7 @@ class Ticket extends CommonObject } } } + if (!empty($conf->global->TICKET_DISABLE_MAIL_AUTOCOPY_TO)) { $conf->global->MAIN_MAIL_AUTOCOPY_TO = $old_MAIN_MAIL_AUTOCOPY_TO; } diff --git a/htdocs/user/bank.php b/htdocs/user/bank.php index 6be5afb3753..edae0a6a89a 100644 --- a/htdocs/user/bank.php +++ b/htdocs/user/bank.php @@ -149,7 +149,7 @@ if ($action == 'update' && !$cancel && $permissiontoaddbankaccount) { { $objectuser->fetch($id); - $objectuser->oldcopy = clone $objectuser; + $objectuser->oldcopy = dol_clone($objectuser); $db->begin(); diff --git a/htdocs/user/card.php b/htdocs/user/card.php index 8e375933a91..988f508550b 100644 --- a/htdocs/user/card.php +++ b/htdocs/user/card.php @@ -1642,6 +1642,7 @@ if ($action == 'create' || $action == 'adduserldap') { //$s=picto_from_langcode($object->default_lang); //print ($s?$s.' ':''); $labellang = ($object->lang ? $langs->trans('Language_'.$object->lang) : ''); + print picto_from_langcode($object->lang, 'class="paddingrightonly saturatemedium opacitylow"'); print $labellang; print '