diff --git a/htdocs/adherents/subscription.php b/htdocs/adherents/subscription.php index 26a45271801..c51fa86cec6 100644 --- a/htdocs/adherents/subscription.php +++ b/htdocs/adherents/subscription.php @@ -670,7 +670,7 @@ if ($rowid > 0) { print '
'; if ($object->statut > 0) { - print '
'.$langs->trans("AddSubscription")."
"; + print '
'.$langs->trans("AddSubscription")."
"; } else { print '
'.$langs->trans("AddSubscription").'
'; } diff --git a/htdocs/adherents/type.php b/htdocs/adherents/type.php index 6a294b0256a..97307ffe23f 100644 --- a/htdocs/adherents/type.php +++ b/htdocs/adherents/type.php @@ -318,6 +318,19 @@ if (!$rowid && $action != 'create' && $action != 'edit') { print ""; $i++; } + + // If no record found + if ($num == 0) { + /*$colspan = 1; + foreach ($arrayfields as $key => $val) { + if (!empty($val['checked'])) { + $colspan++; + } + }*/ + $colspan = 8; + print ''.$langs->trans("NoRecordFound").''; + } + print ""; print '
'; diff --git a/htdocs/admin/dict.php b/htdocs/admin/dict.php index 9073c9e238c..c51875b43a6 100644 --- a/htdocs/admin/dict.php +++ b/htdocs/admin/dict.php @@ -1175,6 +1175,8 @@ if ($id) { $sql .= natural_search("r.code_region", $search_code); } elseif ($search_code != '' && $id == 7) { $sql .= natural_search("a.code", $search_code); + } elseif ($search_code != '' && $id == 10) { + $sql .= natural_search("t.code", $search_code); } elseif ($search_code != '' && $id != 9) { $sql .= natural_search("code", $search_code); } diff --git a/htdocs/admin/dolistore/class/PSWebServiceLibrary.class.php b/htdocs/admin/dolistore/class/PSWebServiceLibrary.class.php index adaf82d6964..5a23133923e 100644 --- a/htdocs/admin/dolistore/class/PSWebServiceLibrary.class.php +++ b/htdocs/admin/dolistore/class/PSWebServiceLibrary.class.php @@ -232,7 +232,7 @@ class PrestaShopWebservice if ($response != '') { libxml_clear_errors(); libxml_use_internal_errors(true); - $xml = simplexml_load_string($response, 'SimpleXMLElement', LIBXML_NOCDATA); + $xml = simplexml_load_string($response, 'SimpleXMLElement', LIBXML_NOCDATA|LIBXML_NONET); if (libxml_get_errors()) { $msg = var_export(libxml_get_errors(), true); libxml_clear_errors(); diff --git a/htdocs/admin/eventorganization_confbooth_extrafields.php b/htdocs/admin/eventorganization_confbooth_extrafields.php index 6e19bde8268..991ed3f824a 100644 --- a/htdocs/admin/eventorganization_confbooth_extrafields.php +++ b/htdocs/admin/eventorganization_confbooth_extrafields.php @@ -16,7 +16,7 @@ */ /** - * \file htdocs/admin/eventorganization_extrafields.php + * \file htdocs/admin/eventorganization_confbooth_extrafields.php * \ingroup bom * \brief Page to setup extra fields of EventOrganization */ diff --git a/htdocs/admin/eventorganization_confboothattendee_extrafields.php b/htdocs/admin/eventorganization_confboothattendee_extrafields.php index 6b201e6b923..0b50c483d69 100644 --- a/htdocs/admin/eventorganization_confboothattendee_extrafields.php +++ b/htdocs/admin/eventorganization_confboothattendee_extrafields.php @@ -21,7 +21,7 @@ */ /** - * \file admin/conferenceorboothattendee_extrafields.php + * \file htdocs/admin/eventorganization_confboothattendee_extrafields.php * \ingroup eventorganization * \brief Page to setup extra fields of conferenceorboothattendee */ diff --git a/htdocs/admin/expensereport.php b/htdocs/admin/expensereport.php index badbcc784e4..f063c113af5 100644 --- a/htdocs/admin/expensereport.php +++ b/htdocs/admin/expensereport.php @@ -148,7 +148,10 @@ if ($action == 'updateMask') { $dates = GETPOST('EXPENSEREPORT_PREFILL_DATES_WITH_CURRENT_MONTH', 'int'); $res3 = dolibarr_set_const($db, 'EXPENSEREPORT_PREFILL_DATES_WITH_CURRENT_MONTH', intval($dates), 'chaine', 0, '', $conf->entity); - if (!$res1 > 0 || !$res2 > 0 || !$res3 > 0) { + $amounts = GETPOST('EXPENSEREPORT_FORCE_LINE_AMOUNTS_INCLUDING_TAXES_ONLY', 'int'); + $res4 = dolibarr_set_const($db, 'EXPENSEREPORT_FORCE_LINE_AMOUNTS_INCLUDING_TAXES_ONLY', intval($amounts), 'chaine', 0, '', $conf->entity); + + if (!($res1 > 0) || !($res2 > 0) || !($res3 > 0) || !($res4 >0)) { $error++; } @@ -467,6 +470,12 @@ print ''; print $form->selectyesno('EXPENSEREPORT_PREFILL_DATES_WITH_CURRENT_MONTH', empty($conf->global->EXPENSEREPORT_PREFILL_DATES_WITH_CURRENT_MONTH) ? 0 : 1, 1); print ''; +print ''; +print $langs->trans('ForceExpenseReportsLineAmountsIncludingTaxesOnly'); +print ''; +print $form->selectyesno('EXPENSEREPORT_FORCE_LINE_AMOUNTS_INCLUDING_TAXES_ONLY', empty($conf->global->EXPENSEREPORT_FORCE_LINE_AMOUNTS_INCLUDING_TAXES_ONLY) ? 0 : 1, 1); +print ''; + print ''; print $form->buttonsSaveCancel("Save", ''); diff --git a/htdocs/admin/knowledgemanagement.php b/htdocs/admin/knowledgemanagement.php index 10f308b2b2c..8d93c16741a 100644 --- a/htdocs/admin/knowledgemanagement.php +++ b/htdocs/admin/knowledgemanagement.php @@ -17,7 +17,7 @@ */ /** - * \file knowledgemanagement/admin/setup.php + * \file htdocs/admin/knowledgemanagement.php * \ingroup knowledgemanagement * \brief KnowledgeManagement setup page. */ @@ -65,9 +65,7 @@ if (!$user->admin) { * Actions */ -if ((float) DOL_VERSION >= 6) { - include DOL_DOCUMENT_ROOT.'/core/actions_setmoduleoptions.inc.php'; -} +include DOL_DOCUMENT_ROOT.'/core/actions_setmoduleoptions.inc.php'; if ($action == 'updateMask') { $maskconstorder = GETPOST('maskconstorder', 'alpha'); diff --git a/htdocs/admin/menus/edit.php b/htdocs/admin/menus/edit.php index aaadde965a2..65906b83f3c 100644 --- a/htdocs/admin/menus/edit.php +++ b/htdocs/admin/menus/edit.php @@ -281,7 +281,7 @@ if ($action == 'create') { print load_fiche_titre($langs->trans("NewMenu"), '', 'title_setup'); - print '
'; + print ''; print ''; print dol_get_fiche_head(); diff --git a/htdocs/admin/modules.php b/htdocs/admin/modules.php index 1f31dc639c3..9c2b91ec586 100644 --- a/htdocs/admin/modules.php +++ b/htdocs/admin/modules.php @@ -133,7 +133,7 @@ if ($action == 'install') { // $original_file should match format module_modulename-x.y[.z].zip $original_file = basename($_FILES["fileinstall"]["name"]); - $original_file = preg_replace('/\(\d+\)\.zip$/i', '.zip', $original_file); + $original_file = preg_replace('/\s*\(\d+\)\.zip$/i', '.zip', $original_file); $newfile = $conf->admin->dir_temp.'/'.$original_file.'/'.$original_file; if (!$original_file) { diff --git a/htdocs/admin/paymentbybanktransfer.php b/htdocs/admin/paymentbybanktransfer.php index ba7690bb6e3..997c71bb335 100644 --- a/htdocs/admin/paymentbybanktransfer.php +++ b/htdocs/admin/paymentbybanktransfer.php @@ -20,7 +20,7 @@ */ /** - * \file htdocs/admin/credtitransfer.php + * \file htdocs/admin/paymentbybanktransfer.php * \ingroup paymentbybanktransfer * \brief Page to setup payments by credit transfer */ @@ -429,7 +429,7 @@ if (! empty($conf->global->MAIN_MODULE_NOTIFICATION)) } - print ''; + print ''; print ''; print ''; print ''; diff --git a/htdocs/admin/perms.php b/htdocs/admin/perms.php index 8f4c0c6f763..d2f0d79e4f3 100644 --- a/htdocs/admin/perms.php +++ b/htdocs/admin/perms.php @@ -236,7 +236,7 @@ if ($result) { print ''; } else { print '
'; - print ''; + print ''; //print img_edit_add(); print img_picto('', 'switch_off'); print ''; diff --git a/htdocs/admin/prelevement.php b/htdocs/admin/prelevement.php index 90a75626e7c..e09dd13b045 100644 --- a/htdocs/admin/prelevement.php +++ b/htdocs/admin/prelevement.php @@ -443,7 +443,7 @@ if (! empty($conf->global->MAIN_MODULE_NOTIFICATION)) } - print ''; + print ''; print ''; print ''; print ''; diff --git a/htdocs/admin/system/dolibarr.php b/htdocs/admin/system/dolibarr.php index 16e5da99f60..cfc12375050 100644 --- a/htdocs/admin/system/dolibarr.php +++ b/htdocs/admin/system/dolibarr.php @@ -51,7 +51,7 @@ if ($action == 'getlastversion') { $result = getURLContent('https://sourceforge.net/projects/dolibarr/rss'); //var_dump($result['content']); if (function_exists('simplexml_load_string')) { - $sfurl = simplexml_load_string($result['content']); + $sfurl = simplexml_load_string($result['content'], 'SimpleXMLElement', LIBXML_NOCDATA|LIBXML_NONET); } else { setEventMessages($langs->trans("ErrorPHPDoesNotSupport", "xml"), null, 'errors'); } diff --git a/htdocs/admin/system/filecheck.php b/htdocs/admin/system/filecheck.php index 272ac8d8f19..5ca87663c7a 100644 --- a/htdocs/admin/system/filecheck.php +++ b/htdocs/admin/system/filecheck.php @@ -171,7 +171,7 @@ if (GETPOST('target') == 'remote') { if (!$xmlarray['curl_error_no'] && $xmlarray['http_code'] != '400' && $xmlarray['http_code'] != '404') { $xmlfile = $xmlarray['content']; //print "xmlfilestart".$xmlfile."xmlfileend"; - $xml = simplexml_load_string($xmlfile); + $xml = simplexml_load_string($xmlfile, 'SimpleXMLElement', LIBXML_NOCDATA|LIBXML_NONET); } else { $errormsg = $langs->trans('XmlNotFound').': '.$xmlremote.' - '.$xmlarray['http_code'].(($xmlarray['http_code'] == 400 && $xmlarray['content']) ? ' '.$xmlarray['content'] : '').' '.$xmlarray['curl_error_no'].' '.$xmlarray['curl_error_msg']; setEventMessages($errormsg, null, 'errors'); diff --git a/htdocs/admin/system/modules.php b/htdocs/admin/system/modules.php index 150ca10a359..a56ed8c1da3 100644 --- a/htdocs/admin/system/modules.php +++ b/htdocs/admin/system/modules.php @@ -91,6 +91,7 @@ $modules_files = array(); $modules_fullpath = array(); $modulesdir = dolGetModulesDirs(); $rights_ids = array(); +$arrayofpermissions = array(); foreach ($modulesdir as $dir) { $handle = @opendir(dol_osencode($dir)); @@ -155,7 +156,7 @@ foreach ($modules as $key => $module) { if (empty($rights[0])) { continue; } - + $arrayofpermissions[$rights[0]] = array('label'=> 'user->rights->'.$module->rights_class.'->'.$rights[4].(empty($rights[5]) ? '' : '->'.$rights[5])); $permission[] = $rights[0]; array_push($rights_ids, $rights[0]); @@ -336,8 +337,10 @@ foreach ($moduleList as $module) { $idperms = ''; foreach ($module->permission as $permission) { - $idperms .= ($idperms ? ", " : "").$permission; $translationKey = "Permission".$permission; + $labelpermission = $langs->trans($translationKey); + $labelpermission .= ' : '.$arrayofpermissions[$permission]['label']; + $idperms .= ($idperms ? ", " : "").''.$permission.''; if (!empty($conf->global->MAIN_SHOW_PERMISSION)) { if (empty($langs->tab_translate[$translationKey])) { diff --git a/htdocs/admin/system/perf.php b/htdocs/admin/system/perf.php index 758a93a765d..bbfa4b85c41 100644 --- a/htdocs/admin/system/perf.php +++ b/htdocs/admin/system/perf.php @@ -63,7 +63,7 @@ print '
'; print ''.$langs->trans("XDebug").': '; $test = !function_exists('xdebug_is_enabled'); if ($test) { - print img_picto('', 'tick.png').' '.$langs->trans("NotInstalled").' - '.$langs->trans("NotSlowedDownByThis"); + print img_picto('', 'tick.png').' '.$langs->trans("NotInstalled").' '.$langs->trans("NotSlowedDownByThis").''; } else { print img_picto('', 'warning').' '.$langs->trans("ModuleActivated", $langs->transnoentities("XDebug")); print ' - '.$langs->trans("MoreInformation").' XDebug admin page'; diff --git a/htdocs/admin/system/security.php b/htdocs/admin/system/security.php index 818f096c99e..0bf568082b2 100644 --- a/htdocs/admin/system/security.php +++ b/htdocs/admin/system/security.php @@ -442,7 +442,7 @@ print '
'; print 'MAIN_RESTRICTHTML_REMOVE_ALSO_BAD_ATTRIBUTES = '.(empty($conf->global->MAIN_RESTRICTHTML_REMOVE_ALSO_BAD_ATTRIBUTES) ? ''.$langs->trans("Undefined").'   ('.$langs->trans("Recommended").': 1)' : $conf->global->MAIN_RESTRICTHTML_REMOVE_ALSO_BAD_ATTRIBUTES)."
"; print '
'; -print 'MAIN_SECURITY_CSRF_WITH_TOKEN = '.(empty($conf->global->MAIN_SECURITY_CSRF_WITH_TOKEN) ? ''.$langs->trans("Undefined").'   ('.$langs->trans("Recommended").': 1)' : $conf->global->MAIN_SECURITY_CSRF_WITH_TOKEN)."
"; +print 'MAIN_SECURITY_CSRF_WITH_TOKEN = '.(empty($conf->global->MAIN_SECURITY_CSRF_WITH_TOKEN) ? ''.$langs->trans("Undefined").'   ('.$langs->trans("Recommended").': 2)' : $conf->global->MAIN_SECURITY_CSRF_WITH_TOKEN)."
"; print '
'; print 'MAIN_SECURITY_CSRF_TOKEN_RENEWAL_ON_EACH_CALL = '.(empty($conf->global->MAIN_SECURITY_CSRF_TOKEN_RENEWAL_ON_EACH_CALL) ? ''.$langs->trans("Undefined").'   ('.$langs->trans("Recommended").': '.$langs->trans("Undefined").' '.$langs->trans("or").' 0)' : $conf->global->MAIN_SECURITY_CSRF_TOKEN_RENEWAL_ON_EACH_CALL)."
"; diff --git a/htdocs/admin/tools/purge.php b/htdocs/admin/tools/purge.php index f246a9eb0b2..f6ce58a40c0 100644 --- a/htdocs/admin/tools/purge.php +++ b/htdocs/admin/tools/purge.php @@ -110,7 +110,7 @@ if (!empty($conf->syslog->enabled)) { print '

'; +print '>

'; print 'trans('XmlNotFound').': '.$xmlremote.' - '.$xmlarray['http_code'].(($xmlarray['http_code'] == 400 && $xmlarray['content']) ? ' '.$xmlarray['content'] : '').' '.$xmlarray['curl_error_no'].' '.$xmlarray['curl_error_msg']; throw new RestException(500, $errormsg); diff --git a/htdocs/categories/photos.php b/htdocs/categories/photos.php index 06c3caae43c..5c014b6206f 100644 --- a/htdocs/categories/photos.php +++ b/htdocs/categories/photos.php @@ -231,7 +231,7 @@ if ($object->id) { // On propose la generation de la vignette si elle n'existe pas et si la taille est superieure aux limites if (!$obj['photo_vignette'] && preg_match('/(\.bmp|\.gif|\.jpg|\.jpeg|\.png)$/i', $obj['photo']) && ($object->imgWidth > $maxWidth || $object->imgHeight > $maxHeight)) { - print ''.img_picto($langs->trans('GenerateThumb'), 'refresh').'  '; + print ''.img_picto($langs->trans('GenerateThumb'), 'refresh').'  '; } if ($user->rights->categorie->creer) { print ''; diff --git a/htdocs/comm/action/class/actioncomm.class.php b/htdocs/comm/action/class/actioncomm.class.php index a4c06b65d1f..4a7128fa865 100644 --- a/htdocs/comm/action/class/actioncomm.class.php +++ b/htdocs/comm/action/class/actioncomm.class.php @@ -865,6 +865,7 @@ class ActionComm extends CommonObject $this->fetchResources(); } } + $this->db->free($resql); } else { $this->error = $this->db->lasterror(); diff --git a/htdocs/comm/mailing/cibles.php b/htdocs/comm/mailing/cibles.php index 3283957f8a2..e3d151c6bbb 100644 --- a/htdocs/comm/mailing/cibles.php +++ b/htdocs/comm/mailing/cibles.php @@ -378,7 +378,7 @@ if ($object->fetch($id) >= 0) { $var = !$var; if ($allowaddtarget) { - print ''; + print ''; print ''; } else { print '
'; diff --git a/htdocs/compta/bank/bankentries_list.php b/htdocs/compta/bank/bankentries_list.php index f6a03c1d11d..eabe47e54ca 100644 --- a/htdocs/compta/bank/bankentries_list.php +++ b/htdocs/compta/bank/bankentries_list.php @@ -932,10 +932,10 @@ if ($resql) { $newcardbutton = dolGetButtonTitle($langs->trans('AddBankRecord'), '', 'fa fa-plus-circle', DOL_URL_ROOT.'/compta/bank/various_payment/card.php?action=create&accountid='.urlencode($search_account).'&backtopage='.urlencode($_SERVER['PHP_SELF'].'?id='.urlencode($search_account)), '', $user->rights->banque->modifier); } else // If direct entries is not done using miscellaneous payments { - $newcardbutton = dolGetButtonTitle($langs->trans('AddBankRecord'), '', 'fa fa-plus-circle', $_SERVER["PHP_SELF"].'?action=addline&page='.$page.$param, '', $user->rights->banque->modifier); + $newcardbutton = dolGetButtonTitle($langs->trans('AddBankRecord'), '', 'fa fa-plus-circle', $_SERVER["PHP_SELF"].'?action=addline&token='.newToken().'&page='.$page.$param, '', $user->rights->banque->modifier); } } else { - $newcardbutton = dolGetButtonTitle($langs->trans('AddBankRecord'), '', 'fa fa-plus-circle', $_SERVER["PHP_SELF"].'?action=addline&page='.$page.$param, '', -1); + $newcardbutton = dolGetButtonTitle($langs->trans('AddBankRecord'), '', 'fa fa-plus-circle', $_SERVER["PHP_SELF"].'?action=addline&token='.newToken().'&page='.$page.$param, '', -1); } } diff --git a/htdocs/compta/facture/index.php b/htdocs/compta/facture/index.php index d3d3a33acb5..790b9d334c3 100644 --- a/htdocs/compta/facture/index.php +++ b/htdocs/compta/facture/index.php @@ -16,7 +16,7 @@ */ /** - * \file htdocs/compat/facture/index.php + * \file htdocs/compta/facture/index.php * \ingroup facture * \brief Home page of customer invoices area */ diff --git a/htdocs/compta/facture/list.php b/htdocs/compta/facture/list.php index b2074224412..852589dbd1a 100644 --- a/htdocs/compta/facture/list.php +++ b/htdocs/compta/facture/list.php @@ -1846,8 +1846,8 @@ if ($resql) { } // Alias if (!empty($arrayfields['s.name_alias']['checked'])) { - print '
'; if (!$i) { $totalarray['nbfield']++; @@ -1855,8 +1855,8 @@ if ($resql) { } // Town if (!empty($arrayfields['s.town']['checked'])) { - print ''; if (!$i) { $totalarray['nbfield']++; @@ -1865,7 +1865,7 @@ if ($resql) { // Zip if (!empty($arrayfields['s.zip']['checked'])) { print ''; if (!$i) { $totalarray['nbfield']++; @@ -1873,7 +1873,7 @@ if ($resql) { } // State if (!empty($arrayfields['state.nom']['checked'])) { - print "\n"; + print "\n"; if (!$i) { $totalarray['nbfield']++; } @@ -1936,7 +1936,7 @@ if ($resql) { // Module Source if (!empty($arrayfields['f.module_source']['checked'])) { print ''; if (!$i) { $totalarray['nbfield']++; @@ -1946,7 +1946,7 @@ if ($resql) { // POS Terminal if (!empty($arrayfields['f.pos_source']['checked'])) { print ''; if (!$i) { $totalarray['nbfield']++; diff --git a/htdocs/compta/index.php b/htdocs/compta/index.php index ca7cd08a6fe..9cb9bca667b 100644 --- a/htdocs/compta/index.php +++ b/htdocs/compta/index.php @@ -206,6 +206,7 @@ if (!empty($conf->facture->enabled) && !empty($user->rights->facture->lire)) { print ''; - print ''; if (!empty($conf->global->MAIN_SHOW_HT_ON_SUMMARY)) { print ''; } print ''; + print ''; + print ''; + print ''; $total_ttc += $obj->total_ttc; diff --git a/htdocs/core/class/commonobject.class.php b/htdocs/core/class/commonobject.class.php index faf2ab18d2c..6020e0b2723 100644 --- a/htdocs/core/class/commonobject.class.php +++ b/htdocs/core/class/commonobject.class.php @@ -5324,7 +5324,7 @@ abstract class CommonObject $ecmfile->gen_or_uploaded = 'generated'; $ecmfile->description = ''; // indexed content $ecmfile->keywords = ''; // keyword content - $ecmfile->src_object_type = $this->table_element; + $ecmfile->src_object_type = $this->table_element.(empty($this->module) ? '' : '@'.$this->module); $ecmfile->src_object_id = $this->id; $result = $ecmfile->create($user); @@ -8220,7 +8220,7 @@ abstract class CommonObject $return .= '
'; // On propose la generation de la vignette si elle n'existe pas et si la taille est superieure aux limites if ($photo_vignette && (image_format_supported($photo) > 0) && ($this->imgWidth > $maxWidth || $this->imgHeight > $maxHeight)) { - $return .= ''.img_picto($langs->trans('GenerateThumb'), 'refresh').'  '; + $return .= ''.img_picto($langs->trans('GenerateThumb'), 'refresh').'  '; } // Special cas for product if ($modulepart == 'product' && ($user->rights->produit->creer || $user->rights->service->creer)) { @@ -9405,6 +9405,11 @@ abstract class CommonObject */ public function setCategoriesCommon($categories, $type_categ = '', $remove_existing = true) { + // Handle single category + if (!is_array($categories)) { + $categories = array($categories); + } + dol_syslog(get_class($this)."::setCategoriesCommon Oject Id:".$this->id.' type_categ:'.$type_categ.' nb tag add:'.count($categories), LOG_DEBUG); require_once DOL_DOCUMENT_ROOT.'/categories/class/categorie.class.php'; @@ -9414,11 +9419,6 @@ abstract class CommonObject return -1; } - // Handle single category - if (!is_array($categories)) { - $categories = array($categories); - } - // Get current categories $c = new Categorie($this->db); $existing = $c->containing($this->id, $type_categ, 'id'); diff --git a/htdocs/core/class/conf.class.php b/htdocs/core/class/conf.class.php index 8e43a70c3fe..5ec3a4cfbc0 100644 --- a/htdocs/core/class/conf.class.php +++ b/htdocs/core/class/conf.class.php @@ -828,7 +828,10 @@ class Conf // Enable by default the CSRF protection by token. if (!isset($this->global->MAIN_SECURITY_CSRF_WITH_TOKEN)) { - $this->global->MAIN_SECURITY_CSRF_WITH_TOKEN = 1; // Value 2 uses also CSRF check for all GET requests + // Value 1 makes CSRF check for all POST parameters only + // Value 2 makes also CSRF check for GET requests with action = a sensitive requests like action=del, action=remove... + // Value 3 makes also CSRF check for all GET requests with a param action or massaction + $this->global->MAIN_SECURITY_CSRF_WITH_TOKEN = 1; // Note: Set MAIN_SECURITY_CSRF_TOKEN_RENEWAL_ON_EACH_CALL=1 to have a renewal of token at each page call instead of each session (not recommended) } diff --git a/htdocs/core/class/html.formfile.class.php b/htdocs/core/class/html.formfile.class.php index f25a6e0933c..d558571d5b8 100644 --- a/htdocs/core/class/html.formfile.class.php +++ b/htdocs/core/class/html.formfile.class.php @@ -1674,7 +1674,8 @@ class FormFile dol_include_once($hookmanager->resArray['classpath']); if (array_key_exists('classname', $hookmanager->resArray) && !empty($hookmanager->resArray['classname'])) { if (class_exists($hookmanager->resArray['classname'])) { - $object_instance = new ${$hookmanager->resArray['classname']}($this->db); + $tmpclassname = $hookmanager->resArray['classname']; + $object_instance = new $tmpclassname($this->db); } } } @@ -1813,9 +1814,11 @@ class FormFile print ''; // File + // Check if document source has external module part, if it the case use it for module part on document.php + preg_match('/^[^@]*@([^@]*)$/', $modulepart.'@expertisemedical', $modulesuffix); print '\n"; diff --git a/htdocs/core/class/rssparser.class.php b/htdocs/core/class/rssparser.class.php index 6a8a91dbb05..c3c434d1aed 100644 --- a/htdocs/core/class/rssparser.class.php +++ b/htdocs/core/class/rssparser.class.php @@ -240,7 +240,7 @@ class RssParser if (!empty($conf->global->EXTERNALRSS_USE_SIMPLEXML)) { //print 'xx'.LIBXML_NOCDATA; libxml_use_internal_errors(false); - $rss = simplexml_load_string($str, "SimpleXMLElement", LIBXML_NOCDATA); + $rss = simplexml_load_string($str, "SimpleXMLElement", LIBXML_NOCDATA|LIBXML_NOCDATA); } else { if (!function_exists('xml_parser_create')) { $this->error = 'Function xml_parser_create are not supported by your PHP'; diff --git a/htdocs/core/lib/eventorganization.lib.php b/htdocs/core/lib/eventorganization.lib.php index 2f8ea573c1f..51ff1f2a90f 100644 --- a/htdocs/core/lib/eventorganization.lib.php +++ b/htdocs/core/lib/eventorganization.lib.php @@ -16,7 +16,7 @@ */ /** - * \file eventorganization/lib/eventorganization.lib.php + * \file htdocs/core/lib/eventorganization.lib.php * \ingroup eventorganization * \brief Library files with common functions for EventOrganization */ diff --git a/htdocs/core/lib/functions.lib.php b/htdocs/core/lib/functions.lib.php index ef7f320f049..cffd1f752f6 100644 --- a/htdocs/core/lib/functions.lib.php +++ b/htdocs/core/lib/functions.lib.php @@ -3732,7 +3732,7 @@ function img_picto($titlealt, $picto, $moreatt = '', $pictoisfullpath = false, $ 'action'=>'infobox-action', 'account'=>'infobox-bank_account', 'accountline'=>'infobox-bank_account', 'accountancy'=>'infobox-bank_account', 'asset'=>'infobox-bank_account', 'bank_account'=>'bg-infobox-bank_account', 'bill'=>'infobox-commande', 'billa'=>'infobox-commande', 'billr'=>'infobox-commande', 'billd'=>'infobox-commande', - 'conferenceorbooth'=>'infobox-project', + 'margin'=>'infobox-bank_account', 'conferenceorbooth'=>'infobox-project', 'cash-register'=>'infobox-bank_account', 'contract'=>'infobox-contrat', 'check'=>'font-status4', 'collab'=>'infobox-action', 'conversation'=>'infobox-contrat', 'donation'=>'infobox-commande', 'dolly'=>'infobox-commande', 'dollyrevert'=>'flip infobox-order_supplier', 'ecm'=>'infobox-action', 'eventorganization'=>'infobox-project', diff --git a/htdocs/core/modules/product_batch/mod_lot_free.php b/htdocs/core/modules/product_batch/mod_lot_free.php index 0f069143ab1..def14bd37b3 100644 --- a/htdocs/core/modules/product_batch/mod_lot_free.php +++ b/htdocs/core/modules/product_batch/mod_lot_free.php @@ -18,7 +18,7 @@ */ /** - * \file htdocs/core/modules/product/mod_lot_free.php + * \file htdocs/core/modules/product_batch/mod_lot_free.php * \ingroup productbatch * \brief File containing class for numbering model of Lot free */ diff --git a/htdocs/core/modules/product_batch/mod_sn_advanced.php b/htdocs/core/modules/product_batch/mod_sn_advanced.php index 5e8fde199c1..abe094220d2 100644 --- a/htdocs/core/modules/product_batch/mod_sn_advanced.php +++ b/htdocs/core/modules/product_batch/mod_sn_advanced.php @@ -22,7 +22,7 @@ */ /** - * \file htdocs/core/modules/product_batch/mod_batch_advanced.php + * \file htdocs/core/modules/product_batch/mod_sn_advanced.php * \ingroup productbatch * \brief File containing class for numbering model of SN advanced */ diff --git a/htdocs/core/modules/product_batch/mod_sn_free.php b/htdocs/core/modules/product_batch/mod_sn_free.php index 95e1bd20359..67d39ec085a 100644 --- a/htdocs/core/modules/product_batch/mod_sn_free.php +++ b/htdocs/core/modules/product_batch/mod_sn_free.php @@ -18,7 +18,7 @@ */ /** - * \file htdocs/core/modules/product/mod_sn_free.php + * \file htdocs/core/modules/product_batch/mod_sn_free.php * \ingroup productbatch * \brief File containing class for numbering model of SN free */ diff --git a/htdocs/core/tpl/login.tpl.php b/htdocs/core/tpl/login.tpl.php index 7b20e7209f7..7f460587248 100644 --- a/htdocs/core/tpl/login.tpl.php +++ b/htdocs/core/tpl/login.tpl.php @@ -346,7 +346,7 @@ if (!empty($conf->global->MAIN_EASTER_EGG_COMMITSTRIP)) { $resgetcommitstrip = getURLContent("https://www.commitstrip.com/en/feed/"); } if ($resgetcommitstrip && $resgetcommitstrip['http_code'] == '200') { - $xml = simplexml_load_string($resgetcommitstrip['content']); + $xml = simplexml_load_string($resgetcommitstrip['content'], 'SimpleXMLElement', LIBXML_NOCDATA|LIBXML_NONET); $little = $xml->channel->item[0]->children('content', true); print preg_replace('/width="650" height="658"/', '', $little->encoded); } diff --git a/htdocs/core/triggers/interface_90_modSociete_ContactRoles.class.php b/htdocs/core/triggers/interface_90_modSociete_ContactRoles.class.php index c8e27f66189..b1eb321f7f5 100644 --- a/htdocs/core/triggers/interface_90_modSociete_ContactRoles.class.php +++ b/htdocs/core/triggers/interface_90_modSociete_ContactRoles.class.php @@ -78,7 +78,11 @@ class InterfaceContactRoles extends DolibarrTriggers require_once DOL_DOCUMENT_ROOT.'/contact/class/contact.class.php'; $contactdefault = new Contact($this->db); $contactdefault->socid = $socid; - $TContact = $contactdefault->getContactRoles($object->element); + + $TContact = array(); + if (method_exists($contactdefault, 'getContactRoles')) { // For backward compatibility + $TContact = $contactdefault->getContactRoles($object->element); + } if (is_array($TContact) && !empty($TContact)) { $TContactAlreadyLinked = array(); diff --git a/htdocs/ecm/index.php b/htdocs/ecm/index.php index 20d948b4b3b..813ee69b6fb 100644 --- a/htdocs/ecm/index.php +++ b/htdocs/ecm/index.php @@ -42,6 +42,7 @@ if (!$section) { $section = 0; } $section_dir = GETPOST('section_dir', 'alpha'); +$overwritefile = GETPOST('overwritefile', 'int'); $limit = GETPOST('limit', 'int') ? GETPOST('limit', 'int') : $conf->liste_limit; $sortfield = GETPOST("sortfield", 'alpha'); @@ -120,7 +121,6 @@ if (GETPOST("sendit", 'alphanohtml') && !empty($conf->global->MAIN_UPLOAD_DOC)) if (!$error) { $generatethumbs = 0; - $overwritefile = GETPOST('overwritefile', 'int')?GETPOST('overwritefile', 'int'):0; $res = dol_add_file_process($upload_dir, $overwritefile, 1, 'userfile', '', null, '', $generatethumbs); if ($res > 0) { $result = $ecmdir->changeNbOfFiles('+'); diff --git a/htdocs/expensereport/card.php b/htdocs/expensereport/card.php index 1c52265d5e5..cb5c475ed1e 100644 --- a/htdocs/expensereport/card.php +++ b/htdocs/expensereport/card.php @@ -1576,6 +1576,8 @@ if ($action == 'create') { print ''; } else { + $taxlessUnitPriceDisabled = ! empty($conf->global->EXPENSEREPORT_FORCE_LINE_AMOUNTS_INCLUDING_TAXES_ONLY) ? ' disabled' : ''; + print dol_get_fiche_head($head, 'card', $langs->trans("ExpenseReport"), -1, 'trip'); // Clone confirmation @@ -2292,7 +2294,7 @@ if ($action == 'create') { // Unit price print ''; // Unit price with tax @@ -2471,7 +2473,7 @@ if ($action == 'create') { // Unit price net print ''; // Unit price with tax diff --git a/htdocs/fourn/class/fournisseur.product.class.php b/htdocs/fourn/class/fournisseur.product.class.php index b08d9237c63..854f043670f 100644 --- a/htdocs/fourn/class/fournisseur.product.class.php +++ b/htdocs/fourn/class/fournisseur.product.class.php @@ -1183,7 +1183,7 @@ class ProductFournisseur extends Product $label .= $this->displayPriceProductFournisseurLog($logPrices); } - $url = dol_buildpath('/product/fournisseurs.php', 1).'?id='.$this->id.'&action=add_price&socid='.$this->fourn_id.'&rowid='.$this->product_fourn_price_id; + $url = dol_buildpath('/product/fournisseurs.php', 1).'?id='.$this->id.'&action=add_price&token='.newToken().'&socid='.$this->fourn_id.'&rowid='.$this->product_fourn_price_id; if ($option != 'nolink') { // Add param to save lastsearch_values or not diff --git a/htdocs/holiday/define_holiday.php b/htdocs/holiday/define_holiday.php index fdcdb5f88e6..621443fb408 100644 --- a/htdocs/holiday/define_holiday.php +++ b/htdocs/holiday/define_holiday.php @@ -358,7 +358,7 @@ if (count($typeleaves) == 0) { //var_dump($users['rowid'].' - '.$val['rowid']); print ''; -// EMail -//If linked user, then emails are going to be sent to users' email -if (!$object->fk_user_creat) { - print ''; -} - // Receive an email with each vote print ''; // Author print ''; diff --git a/htdocs/opensurvey/wizard/create_survey.php b/htdocs/opensurvey/wizard/create_survey.php index 30e662be7ea..6ed1f2073d2 100644 --- a/htdocs/opensurvey/wizard/create_survey.php +++ b/htdocs/opensurvey/wizard/create_survey.php @@ -170,7 +170,7 @@ if ($_SESSION["mailsonde"]) { $cochemail = "checked"; } -print ' '.$langs->trans("ToReceiveEMailForEachVote").'
'."\n"; +print '
'."\n"; if ($_SESSION['allow_comments']) { $allow_comments = 'checked'; @@ -178,7 +178,7 @@ if ($_SESSION['allow_comments']) { if (GETPOSTISSET('allow_comments')) { $allow_comments = GETPOST('allow_comments') ? 'checked' : ''; } -print ' '.$langs->trans('CanComment').'
'."\n"; +print '
'."\n"; if ($_SESSION['allow_spy']) { $allow_spy = 'checked'; @@ -186,7 +186,7 @@ if ($_SESSION['allow_spy']) { if (GETPOSTISSET('allow_spy')) { $allow_spy = GETPOST('allow_spy') ? 'checked' : ''; } -print ' '.$langs->trans('CanSeeOthersVote').'
'."\n"; +print '
'."\n"; if (GETPOST('choix_sondage')) { if (GETPOST('choix_sondage') == 'date') { diff --git a/htdocs/product/card.php b/htdocs/product/card.php index 80378bd1b2a..b4c951a953f 100644 --- a/htdocs/product/card.php +++ b/htdocs/product/card.php @@ -640,7 +640,7 @@ if (empty($reshook)) { // Fill array 'array_options' with data from add form - $ret = $extrafields->setOptionalsFromPost(null, $object); + $ret = $extrafields->setOptionalsFromPost(null, $object, '@GETPOSTISSET'); if ($ret < 0) { $error++; } diff --git a/htdocs/product/class/product.class.php b/htdocs/product/class/product.class.php index de88ec9f277..1109c93fad9 100644 --- a/htdocs/product/class/product.class.php +++ b/htdocs/product/class/product.class.php @@ -5133,7 +5133,7 @@ class Product extends CommonObject $op[1] = "-".trim($nbpiece); $movementstock = new MouvementStock($this->db); - $movementstock->setOrigin($origin_element, $origin_id); // Set ->origin and ->origin->id + $movementstock->setOrigin($origin_element, $origin_id); // Set ->origin_type and ->origin_id $result = $movementstock->_create($user, $this->id, $id_entrepot, $op[$movement], $movement, $price, $label, $inventorycode, '', '', '', '', false, 0, $disablestockchangeforsubproduct); if ($result >= 0) { @@ -5180,7 +5180,7 @@ class Product extends CommonObject $op[1] = "-".trim($nbpiece); $movementstock = new MouvementStock($this->db); - $movementstock->setOrigin($origin_element, $origin_id); + $movementstock->setOrigin($origin_element, $origin_id); // Set ->origin_type and ->fk_origin $result = $movementstock->_create($user, $this->id, $id_entrepot, $op[$movement], $movement, $price, $label, $inventorycode, '', $dlc, $dluo, $lot, false, 0, $disablestockchangeforsubproduct); if ($result >= 0) { diff --git a/htdocs/product/composition/card.php b/htdocs/product/composition/card.php index 5f783d190e9..2cecfc84bc4 100644 --- a/htdocs/product/composition/card.php +++ b/htdocs/product/composition/card.php @@ -24,7 +24,7 @@ /** * \file htdocs/product/composition/card.php * \ingroup product - * \brief Page de la fiche produit + * \brief Page of product file */ require '../../main.inc.php'; @@ -335,19 +335,28 @@ if ($id > 0 || !empty($ref)) { print ''; print ''; - print '
'; - print $obj->name_alias; + print ''; + print dol_escape_htmltag($obj->name_alias); print ''; - print $obj->town; + print ''; + print dol_escape_htmltag($obj->town); print ''; - print $obj->zip; + print dol_escape_htmltag($obj->zip); print '".$obj->state_name."".dol_escape_htmltag($obj->state_name)."'; - print $obj->module_source; + print dol_escape_htmltag($obj->module_source); print ''; - print $obj->pos_source; + print dol_escape_htmltag($obj->pos_source); print ''; print ''; + print ''; @@ -222,15 +223,19 @@ if (!empty($conf->facture->enabled) && !empty($user->rights->facture->lire)) { print '
'; print $tmpinvoice->getNomUrl(1, ''); print '
'; print '		'; + + print ''; print $thirdpartystatic->getNomUrl(1, 'customer', 44); print ''.price($obj->total_ht).''.price($obj->total_ttc).''.dol_print_date($db->jdate($obj->tms), 'day').''.$tmpinvoice->getLibStatut(3, $obj->am).'
'; //print "XX".$file['name']; //$file['name'] must be utf8 - print 'getDocumentsLink($modulepart, $modulesubdir, $filedir, '^'.preg_quote($file['name'],'/').'$'); - print $this->showPreview($file, $modulepart, $file['relativename']); + print $this->showPreview($file, (empty($modulesuffix) ? $modulepart : $modulesuffix[1]), $file['relativename']); print "'; - print ''; + print ''; print ''; - print ''; + print ''; print ''; if ($canedit) { - print ''; + print ''; } else { print $nbtoshow; } diff --git a/htdocs/imports/import.php b/htdocs/imports/import.php index 5139e12ab7a..2ab7e3976aa 100644 --- a/htdocs/imports/import.php +++ b/htdocs/imports/import.php @@ -1205,7 +1205,7 @@ if ($step == 4 && $datatoimport) { // async: false // });'."\n"; // Now reload page - print 'var newlocation= \''.$_SERVER["PHP_SELF"].'?step=4'.$param.'&action=saveorder&boxorder=\' + boxorder;'."\n"; + print 'var newlocation= \''.$_SERVER["PHP_SELF"].'?step=4'.$param.'&action=saveorder&token='.newToken().'&boxorder=\' + boxorder;'."\n"; //print 'alert(newlocation);'; print 'window.location.href=newlocation;'."\n"; print '}'."\n"; diff --git a/htdocs/index.php b/htdocs/index.php index 880b5577bbb..8c1433c79cb 100644 --- a/htdocs/index.php +++ b/htdocs/index.php @@ -337,6 +337,7 @@ if (empty($conf->global->MAIN_DISABLE_GLOBAL_WORKBOARD)) { ), 'supplier_proposal' => array( + 'lang' => 'supplier_proposal', 'groupName' => 'SupplierProposals', 'globalStatsKey' => 'askprice', 'stats' => @@ -486,6 +487,9 @@ if (empty($conf->global->MAIN_DISABLE_GLOBAL_WORKBOARD)) { } if (!empty($boards)) { + if (!empty($groupElement['lang'])) { + $langs->load($groupElement['lang']); + } $groupName = $langs->trans($groupElement['groupName']); $groupKeyLowerCase = strtolower($groupKey); $nbTotalForGroup = 0; diff --git a/htdocs/install/mysql/data/llx_c_tva.sql b/htdocs/install/mysql/data/llx_c_tva.sql index cae269783e4..12b0b92a13e 100644 --- a/htdocs/install/mysql/data/llx_c_tva.sql +++ b/htdocs/install/mysql/data/llx_c_tva.sql @@ -330,7 +330,7 @@ insert into llx_c_tva(rowid,fk_pays,taux,recuperableonly,note,active) values (10 insert into llx_c_tva(rowid,fk_pays,taux,recuperableonly,note,active) values (105,10, '15','0','VAT 12% Majoré à 25% (15%)',1); insert into llx_c_tva(rowid,fk_pays,taux,recuperableonly,note,active) values (106,10, '22.5','0','VAT 18% Majoré à 25% (22.5%)',1); insert into llx_c_tva(rowid,fk_pays,taux,recuperableonly,note,active) values (107,10, '6','0','VAT 6%', 1); -insert into llx_c_tva(rowid,fk_pays,taux,recuperableonly,note,active,localtax1,localtax1_type,localtax2,localtax2_type) values (107,10,'18.18','0','VAT 18%+FODEC', 1, 1, '4', 0, 0); +insert into llx_c_tva(rowid,fk_pays,taux,recuperableonly,note,active,localtax1,localtax1_type,localtax2,localtax2_type) values (108,10,'18.18','0','VAT 18%+FODEC', 1, 1, '4', 0, 0); -- UKRAINE (id country=226) INSERT INTO llx_c_tva(rowid,fk_pays,taux,recuperableonly,note,active) values (2261,226, '0','0','VAT rate 0',1); @@ -379,10 +379,6 @@ INSERT INTO llx_c_tva(rowid,fk_pays,taux,recuperableonly,note,active) VALUES ( 4 INSERT INTO llx_c_tva(rowid,fk_pays,taux,recuperableonly,note,active) VALUES ( 462, 46, '15','0','VAT 15%',1); INSERT INTO llx_c_tva(rowid,fk_pays,taux,recuperableonly,note,active) VALUES ( 463, 46, '7.5','0','VAT 7.5%',1); --- SOUTH AFRICA (id country=205) -INSERT INTO llx_c_tva(rowid,fk_pays,taux,recuperableonly,note,active) VALUES (2051,205, '0','0','No VAT',1); -INSERT INTO llx_c_tva(rowid,fk_pays,taux,recuperableonly,note,active) VALUES (2052,205, '14','0','VAT 14%',1); - -- VENEZUELA (id country=232) insert into llx_c_tva(rowid,fk_pays,taux,recuperableonly,note,active) values (2321,232, '0','0','No VAT',1); insert into llx_c_tva(rowid,fk_pays,taux,recuperableonly,note,active) values (2322,232, '12','0','VAT 12%',1); diff --git a/htdocs/install/mysql/migration/14.0.0-15.0.0.sql b/htdocs/install/mysql/migration/14.0.0-15.0.0.sql index 912eb7fe0eb..31f503cc098 100644 --- a/htdocs/install/mysql/migration/14.0.0-15.0.0.sql +++ b/htdocs/install/mysql/migration/14.0.0-15.0.0.sql @@ -128,7 +128,7 @@ ALTER TABLE llx_categorie_knowledgemanagement ADD INDEX idx_categorie_knowledgem ALTER TABLE llx_categorie_knowledgemanagement ADD INDEX idx_categorie_knowledgemanagement_fk_knowledgemanagement (fk_knowledgemanagement); ALTER TABLE llx_categorie_knowledgemanagement ADD CONSTRAINT fk_categorie_knowledgemanagement_categorie_rowid FOREIGN KEY (fk_categorie) REFERENCES llx_categorie (rowid); -ALTER TABLE llx_categorie_knowledgemanagement ADD CONSTRAINT fk_categorie_knowledgemanagement_knowledgemanagement_rowid FOREIGN KEY (fk_knowledgemanagement) REFERENCES llx_knowledgemanagement (rowid); +ALTER TABLE llx_categorie_knowledgemanagement ADD CONSTRAINT fk_categorie_knowledgemanagement_knowledgemanagement_rowid FOREIGN KEY (fk_knowledgemanagement) REFERENCES llx_knowledgemanagement_knowledgerecord (rowid); ALTER TABLE llx_product_lot ADD COLUMN barcode varchar(180) DEFAULT NULL; ALTER TABLE llx_product_lot ADD COLUMN fk_barcode_type integer DEFAULT NULL; diff --git a/htdocs/install/mysql/tables/llx_workstation_workstation_user_group.sql b/htdocs/install/mysql/tables/llx_workstation_workstation_usergroup.sql similarity index 100% rename from htdocs/install/mysql/tables/llx_workstation_workstation_user_group.sql rename to htdocs/install/mysql/tables/llx_workstation_workstation_usergroup.sql diff --git a/htdocs/langs/en_US/admin.lang b/htdocs/langs/en_US/admin.lang index f28b2a085e9..d445cf8131a 100644 --- a/htdocs/langs/en_US/admin.lang +++ b/htdocs/langs/en_US/admin.lang @@ -161,7 +161,7 @@ Purge=Purge PurgeAreaDesc=This page allows you to delete all files generated or stored by Dolibarr (temporary files or all files in %s directory). Using this feature is not normally necessary. It is provided as a workaround for users whose Dolibarr is hosted by a provider that does not offer permissions to delete files generated by the web server. PurgeDeleteLogFile=Delete log files, including %s defined for Syslog module (no risk of losing data) PurgeDeleteTemporaryFiles=Delete all log and temporary files (no risk of losing data). Parameter can be 'tempfilesold', 'logfiles' or both 'tempfilesold+logfiles'. Note: Deletion of temporary files is done only if the temp directory was created more than 24 hours ago. -PurgeDeleteTemporaryFilesShort=Delete log and temporary files +PurgeDeleteTemporaryFilesShort=Delete log and temporary files (no risk of losing data) PurgeDeleteAllFilesInDocumentsDir=Delete all files in directory: %s.
This will delete all generated documents related to elements (third parties, invoices etc...), files uploaded into the ECM module, database backup dumps and temporary files. PurgeRunNow=Purge now PurgeNothingToDelete=No directory or files to delete. @@ -518,6 +518,7 @@ ProductDocumentTemplates=Document templates to generate product document FreeLegalTextOnExpenseReports=Free legal text on expense reports WatermarkOnDraftExpenseReports=Watermark on draft expense reports PrefillExpenseReportDatesWithCurrentMonth=Pre-fill start and end dates of new expense report with start and end dates of the current month +ForceExpenseReportsLineAmountsIncludingTaxesOnly=Force the entry of expense report amounts always in amount with taxes AttachMainDocByDefault=Set this to 1 if you want to attach main document to email by default (if applicable) FilesAttachedToEmail=Attach file SendEmailsReminders=Send agenda reminders by emails diff --git a/htdocs/main.inc.php b/htdocs/main.inc.php index 6f6d74c0cda..a26954bbed5 100644 --- a/htdocs/main.inc.php +++ b/htdocs/main.inc.php @@ -465,13 +465,13 @@ if (!defined('NOTOKENRENEWAL') && !defined('NOSESSION')) { if ((!defined('NOCSRFCHECK') && empty($dolibarr_nocsrfcheck) && getDolGlobalInt('MAIN_SECURITY_CSRF_WITH_TOKEN')) || defined('CSRFCHECK_WITH_TOKEN')) { // Array of action code where CSRFCHECK with token will be forced (so token must be provided on url request) $sensitiveget = false; - if ((GETPOSTISSET('massaction') || GETPOST('action', 'aZ09')) && getDolGlobalInt('MAIN_SECURITY_CSRF_WITH_TOKEN') == 2) { + if ((GETPOSTISSET('massaction') || GETPOST('action', 'aZ09')) && getDolGlobalInt('MAIN_SECURITY_CSRF_WITH_TOKEN') >= 3) { // All GET actions and mass actions are processed as sensitive. $sensitiveget = true; - } else { - // Only GET actions coded with a &token into url are processed as sensitive. + } elseif (getDolGlobalInt('MAIN_SECURITY_CSRF_WITH_TOKEN') >= 2) { + // Few GET actions coded with a &token into url are processed as sensitive. $arrayofactiontoforcetokencheck = array( - 'activate', 'add', 'addrights', 'addtimespent', + 'activate', 'doprev', 'donext', 'dvprev', 'dvnext', 'install', 'reopen' @@ -479,7 +479,7 @@ if ((!defined('NOCSRFCHECK') && empty($dolibarr_nocsrfcheck) && getDolGlobalInt( if (in_array(GETPOST('action', 'aZ09'), $arrayofactiontoforcetokencheck)) { $sensitiveget = true; } - if (preg_match('/^(classify|close|confirm|del|disable|enable|remove|set|unset|update)/', GETPOST('action', 'aZ09'))) { + if (preg_match('/^(add|classify|close|confirm|copy|del|disable|enable|remove|set|unset|update|save)/', GETPOST('action', 'aZ09'))) { $sensitiveget = true; } } diff --git a/htdocs/mrp/class/api_mos.class.php b/htdocs/mrp/class/api_mos.class.php index 8fbd25090c7..59b4cbfa16b 100644 --- a/htdocs/mrp/class/api_mos.class.php +++ b/htdocs/mrp/class/api_mos.class.php @@ -22,7 +22,7 @@ require_once DOL_DOCUMENT_ROOT.'/mrp/class/mo.class.php'; /** - * \file mrp/class/api_mo.class.php + * \file htdocs/mrp/class/api_mos.class.php * \ingroup mrp * \brief File for API management of MO. */ diff --git a/htdocs/mrp/mo_production.php b/htdocs/mrp/mo_production.php index 84dab109b91..784b91f6f4c 100644 --- a/htdocs/mrp/mo_production.php +++ b/htdocs/mrp/mo_production.php @@ -704,7 +704,7 @@ if ($object->id > 0 && (empty($action) || ($action != 'edit' && $action != 'crea $newlinetext = ''; if ($object->status != $object::STATUS_PRODUCED && $object->status != $object::STATUS_CANCELED && $action != 'consumeorproduce' && $action != 'consumeandproduceall') { - $newlinetext = ''.$langs->trans("AddNewConsumeLines").''; + $newlinetext = ''.$langs->trans("AddNewConsumeLines").''; } print load_fiche_titre($langs->trans('Consumption'), '', '', 0, '', '', $newlinetext); @@ -996,7 +996,7 @@ if ($object->id > 0 && (empty($action) || ($action != 'edit' && $action != 'crea $newlinetext = ''; if ($object->status != $object::STATUS_PRODUCED && $object->status != $object::STATUS_CANCELED && $action != 'consumeorproduce' && $action != 'consumeandproduceall') { if ($nblinetoproduce == 0 || $object->mrptype == 1) { - $newlinetext = ''.$langs->trans("AddNewProduceLines").''; + $newlinetext = ''.$langs->trans("AddNewProduceLines").''; } } print load_fiche_titre($langs->trans('Production'), '', '', 0, '', '', $newlinetext); diff --git a/htdocs/opensurvey/card.php b/htdocs/opensurvey/card.php index c32b49ff1a1..19aff377c65 100644 --- a/htdocs/opensurvey/card.php +++ b/htdocs/opensurvey/card.php @@ -254,18 +254,6 @@ if ($action == 'edit') { } print '
'.$langs->trans("EMail").''; - if ($action == 'edit') { - print ''; - } else { - print dol_print_email($object->mail_admin, 0, 0, 1, 0, 1, 1); - } - print '
'.$langs->trans('ToReceiveEMailForEachVote').''; if ($action == 'edit') { @@ -323,10 +311,14 @@ print '
'; print $langs->trans("Author").''; -if ($object->fk_user_creat) { +if ($object->fk_user_creat > 0) { print $userstatic->getLoginUrl(1); } else { - print dol_htmlentities($object->nom_admin); + if ($action == 'edit') { + print ''; + } else { + print dol_print_email($object->mail_admin, 0, 0, 1, 0, 1, 1); + } } print '
'; + print '
'; print ''; + // Rank print ''; + // Product ref print ''; + // Product label print ''; + // Min supplier price print ''; + // Min customer price print ''; + // Stock if (!empty($conf->stock->enabled)) { print ''; } + // Qty in kit print ''; + // Stoc inc/dev print ''; + // Move print ''; print ''."\n"; @@ -359,12 +368,16 @@ if ($id > 0 || !empty($ref)) { if ($value['level'] <= 1) { print ''; + // Rank print ''; $notdefined = 0; $nb_of_subproduct = $value['nb']; + // Product ref print ''; + + // Product label print ''; // Best buying price @@ -423,8 +436,9 @@ if ($id > 0 || !empty($ref)) { print ''; } - print ''; + // Move action + print ''; + print ''."\n"; } else { $hide = ''; @@ -436,12 +450,18 @@ if ($id > 0 || !empty($ref)) { //$productstatic->ref=$value['label']; $productstatic->ref = $value['ref']; + + // Rankd print ''; + + // Product ref print ''; + + // Product label print ''; // Best buying price @@ -451,19 +471,36 @@ if ($id > 0 || !empty($ref)) { print ''; print ''; + // Stock if (!empty($conf->stock->enabled)) { print ''; // Real stock } + + // Qty in kit print ''; + + // Inc/dec print ''; + + // Action move print ''; print ''."\n"; } } + + // Total + print ''; + + // Rank + print ''; + + // Product ref print ''; + + // Product label print ''; // Minimum buying price @@ -495,11 +532,16 @@ if ($id > 0 || !empty($ref)) { print ''; } - print ''; + + print ''; + + print ''; + print ''."\n"; } else { $colspan = 8; diff --git a/htdocs/product/fournisseurs.php b/htdocs/product/fournisseurs.php index 285331a091a..a3ae38184e9 100644 --- a/htdocs/product/fournisseurs.php +++ b/htdocs/product/fournisseurs.php @@ -767,11 +767,6 @@ END; // Barcode if (!empty($conf->barcode->enabled)) { - // Option to define a transport cost on supplier price - print ''; - print ''; - print ''; - print ''; $formbarcode = new FormBarCode($db); // Barcode type @@ -781,6 +776,12 @@ END; print $formbarcode->selectBarcodeType(($rowid ? $object->supplier_fk_barcode_type : $conf->global->PRODUIT_DEFAULT_BARCODE_TYPE), 'fk_barcode_type', 1); print ''; print ''; + + // Barcode value + print ''; + print ''; + print ''; + print ''; } // Option to define a transport cost on supplier price @@ -788,7 +789,7 @@ END; if (!empty($conf->margin->enabled)) { print ''; print ''; - print ''; print ''; } @@ -893,7 +894,7 @@ END; $reshook = $hookmanager->executeHooks('addMoreActionsButtons', $parameters, $object, $action); // Note that $action and $object may have been modified by hook if (empty($reshook)) { if ($usercancreate) { - print ''; + print ''; print $langs->trans("AddSupplierPrice").''; } } @@ -933,8 +934,8 @@ END; 'pfp.multicurrency_unitprice'=>array('label'=>$langs->trans("UnitPriceHTCurrency"), 'enabled' => $conf->multicurrency->enabled, 'checked'=>0, 'position'=>10), 'pfp.delivery_time_days'=>array('label'=>$langs->trans("NbDaysToDelivery"), 'checked'=>1, 'position'=>13), 'pfp.supplier_reputation'=>array('label'=>$langs->trans("ReputationForThisProduct"), 'checked'=>1, 'position'=>14), - 'pfp.barcode'=>array('label'=>$langs->trans("BarcodeValue"), 'enabled' => $conf->barcode->enabled, 'checked'=>0, 'position'=>15), - 'pfp.fk_barcode_type'=>array('label'=>$langs->trans("BarcodeType"), 'enabled' => $conf->barcode->enabled, 'checked'=>0, 'position'=>16), + 'pfp.fk_barcode_type'=>array('label'=>$langs->trans("BarcodeType"), 'enabled' => $conf->barcode->enabled, 'checked'=>0, 'position'=>15), + 'pfp.barcode'=>array('label'=>$langs->trans("BarcodeValue"), 'enabled' => $conf->barcode->enabled, 'checked'=>0, 'position'=>16), 'pfp.packaging'=>array('label'=>$langs->trans("PackagingForThisProduct"), 'enabled' => !empty($conf->global->PRODUCT_USE_SUPPLIER_PACKAGING), 'checked'=>0, 'position'=>17), 'pfp.tms'=>array('label'=>$langs->trans("DateModification"), 'enabled' => $conf->barcode->enabled, 'checked'=>1, 'position'=>18), ); @@ -1007,12 +1008,12 @@ END; if (!empty($arrayfields['pfp.supplier_reputation']['checked'])) { print_liste_field_titre("ReputationForThisProduct", $_SERVER["PHP_SELF"], "pfp.supplier_reputation", "", $param, '', $sortfield, $sortorder, 'center '); } - if (!empty($arrayfields['pfp.barcode']['checked'])) { - print_liste_field_titre("BarcodeValue", $_SERVER["PHP_SELF"], "pfp.barcode", "", $param, '', $sortfield, $sortorder, 'center '); - } if (!empty($arrayfields['pfp.fk_barcode_type']['checked'])) { print_liste_field_titre("BarcodeType", $_SERVER["PHP_SELF"], "pfp.fk_barcode_type", "", $param, '', $sortfield, $sortorder, 'center '); } + if (!empty($arrayfields['pfp.barcode']['checked'])) { + print_liste_field_titre("BarcodeValue", $_SERVER["PHP_SELF"], "pfp.barcode", "", $param, '', $sortfield, $sortorder, 'center '); + } if (!empty($arrayfields['pfp.packaging']['checked'])) { print_liste_field_titre("PackagingForThisProduct", $_SERVER["PHP_SELF"], "pfp.packaging", "", $param, 'align="center"', $sortfield, $sortorder); } @@ -1152,13 +1153,6 @@ END; print''; } - // Barcode - if (!empty($arrayfields['pfp.barcode']['checked'])) { - print ''; - } - // Barcode type if (!empty($arrayfields['pfp.fk_barcode_type']['checked'])) { print ''; } + // Barcode + if (!empty($arrayfields['pfp.barcode']['checked'])) { + print ''; + } + // Packaging if (!empty($arrayfields['pfp.packaging']['checked'])) { print ''; if ($caneditperms) { print ''; } print ''; @@ -302,9 +302,9 @@ if ($object->id > 0) { print ''; if ($caneditperms) { print ''; } else { print ''; @@ -353,7 +353,7 @@ if ($object->id > 0) { } else { // Do not own permission if ($caneditperms) { - print ''; diff --git a/htdocs/user/perms.php b/htdocs/user/perms.php index 7c7fe868b2f..d3ba33a5acf 100644 --- a/htdocs/user/perms.php +++ b/htdocs/user/perms.php @@ -420,7 +420,7 @@ if ($result) { } else { // Do not own permission if ($caneditperms) { - print ''; @@ -430,7 +430,7 @@ if ($result) { } else { // Do not own permission if ($caneditperms) { - print ''; diff --git a/htdocs/variants/combinations.php b/htdocs/variants/combinations.php index a3ad036ca9a..d70419060f5 100644 --- a/htdocs/variants/combinations.php +++ b/htdocs/variants/combinations.php @@ -587,7 +587,7 @@ if (!empty($id) || !empty($ref)) { $htmltext = $langs->trans("GoOnMenuToCreateVairants", $langs->transnoentities("Product"), $langs->transnoentities("VariantAttributes")); print $form->textwithpicto('', $htmltext); - /*print '     id).'">'; + /*print '     id).'">'; print $langs->trans("Create"); print '';*/ @@ -605,7 +605,7 @@ if (!empty($id) || !empty($ref)) { $htmltext = $langs->trans("GoOnMenuToCreateVairants", $langs->transnoentities("Product"), $langs->transnoentities("VariantAttributes")); print $form->textwithpicto('', $htmltext); /* - print '     id).'">'; + print '     id).'">'; print $langs->trans("Create"); print ''; */
'.$langs->trans('Rank').''.$langs->trans('ComposedProduct').''.$langs->trans('Label').''.$langs->trans('MinSupplierPrice').''.$langs->trans('MinCustomerPrice').''.$langs->trans('Stock').''.$langs->trans('Qty').''.$langs->trans('ComposedProductIncDecStock').'
'.$object->sousprods[$parent_label][$value['id']][7].''.$productstatic->getNomUrl(1, 'composition').''.$productstatic->label.''.($value['incdec'] == 1 ? 'x' : '').''; - print '
'; for ($i = 0; $i < $value['level']; $i++) { print '     '; // Add indentation } print $productstatic->getNomUrl(1, 'composition').''.$productstatic->label.'  '.$value['nb'].'  
 '; + print ''; if ($user->rights->produit->creer || $user->rights->service->creer) { print ''; } print '
'.$langs->trans('BarcodeValue').''.img_picto('', 'barcode', 'class="pictofixedwidth"').'
'.$langs->trans('BarcodeValue').''.img_picto('', 'barcode', 'class="pictofixedwidth"').'
'.$langs->trans("Charges").''; + print ''; print '
'; - print $productfourn->supplier_barcode; - print ''; @@ -1168,6 +1162,13 @@ END; print ''; + print $productfourn->supplier_barcode; + print ''; diff --git a/htdocs/product/price.php b/htdocs/product/price.php index 49ffd69fd0b..773a097fed8 100644 --- a/htdocs/product/price.php +++ b/htdocs/product/price.php @@ -1161,7 +1161,7 @@ if (!$action || $action == 'delete' || $action == 'showlog_customer_price' || $a if (!empty($conf->global->PRODUIT_CUSTOMER_PRICES)) { if ($user->rights->produit->creer || $user->rights->service->creer) { - print '
id . '">' . $langs->trans("AddCustomerPrice") . '
'; + print '
id . '">' . $langs->trans("AddCustomerPrice") . '
'; } } diff --git a/htdocs/product/stock/class/api_stockmovements.class.php b/htdocs/product/stock/class/api_stockmovements.class.php index 42a03a1836a..19f23edd4f4 100644 --- a/htdocs/product/stock/class/api_stockmovements.class.php +++ b/htdocs/product/stock/class/api_stockmovements.class.php @@ -165,11 +165,13 @@ class StockMovements extends DolibarrApi * @param string $price To update AWP (Average Weighted Price) when you make a stock increase (qty must be higher then 0). {@from body} * @param string $dlc Eat-by date. {@from body} {@type date} * @param string $dluo Sell-by date. {@from body} {@type date} + * @param string $origin_type Origin type (Element of source object, like 'project', 'inventory', ...) + * @param string $origin_id Origin id (Id of source object) * * @return int ID of stock movement * @throws RestException */ - public function post($product_id, $warehouse_id, $qty, $lot = '', $movementcode = '', $movementlabel = '', $price = '', $dlc = '', $dluo = '') + public function post($product_id, $warehouse_id, $qty, $lot = '', $movementcode = '', $movementlabel = '', $price = '', $dlc = '', $dluo = '', $origin_type = '', $origin_id = 0) { if (!DolibarrApiAccess::$user->rights->stock->creer) { throw new RestException(401); @@ -189,6 +191,7 @@ class StockMovements extends DolibarrApi $eatBy = empty($dluo) ? '' : dol_stringtotime($dluo); $sellBy = empty($dlc) ? '' : dol_stringtotime($dlc); + $this->stockmovement->setOrigin($origin_type, $origin_id); if ($this->stockmovement->_create(DolibarrApiAccess::$user, $product_id, $warehouse_id, $qty, $type, $price, $movementlabel, $movementcode, '', $eatBy, $sellBy, $lot) <= 0) { $errormessage = $this->stockmovement->error; if (empty($errormessage)) { diff --git a/htdocs/product/stock/class/mouvementstock.class.php b/htdocs/product/stock/class/mouvementstock.class.php index dd1b2202956..3a43d9ee6bb 100644 --- a/htdocs/product/stock/class/mouvementstock.class.php +++ b/htdocs/product/stock/class/mouvementstock.class.php @@ -54,8 +54,10 @@ class MouvementStock extends CommonObject /** * @var int Type of movement - * 0=input (stock increase by a stock transfer), 1=output (stock decrease after by a stock transfer), - * 2=output (stock decrease), 3=input (stock increase) + * 0=input (stock increase by a manual/direct stock transfer, correction or inventory), + * 1=output (stock decrease after by a manual/direct stock transfer, correction or inventory), + * 2=output (stock decrease after a business event like sale, shipment or manufacturing, ...), + * 3=input (stock increase after a business event like purchase, reception or manufacturing, ...) * Note that qty should be > 0 with 0 or 3, < 0 with 1 or 2. */ public $type; @@ -76,18 +78,32 @@ class MouvementStock extends CommonObject /** * @var int ID + * @deprecated + * @see $origin_id */ public $fk_origin; + /** + * @var int Origin id + */ + public $origin_id; + + /** + * @var string origintype + * @deprecated + * see $origin_type + */ public $origintype; + /** + * @var string Origin type ('project', ...) + */ + public $origin_type; + + public $inventorycode; public $batch; - /** - * @var Object Object set as origin before calling livraison() or reception() - */ - public $origin; public $fields = array( 'rowid' =>array('type'=>'integer', 'label'=>'TechnicalID', 'enabled'=>1, 'visible'=>-1, 'notnull'=>1, 'position'=>10, 'showoncombobox'=>1), @@ -127,7 +143,7 @@ class MouvementStock extends CommonObject /** * Add a movement of stock (in one direction only). * This is the lowest level method to record a stock change. - * $this->origin can be also be set to save the source object of movement. + * $this->origin_type and $this->origin_id can be also be set to save the source object of movement. * * @param User $user User object * @param int $fk_product Id of product @@ -403,25 +419,20 @@ class MouvementStock extends CommonObject } if ($movestock) { // Change stock for current product, change for subproduct is done after - // Set $origintype, fk_origin, fk_project - $fk_project = 0; - if (!empty($this->origin)) { // This is set by caller for tracking reason - $origintype = empty($this->origin->origin_type) ? $this->origin->element : $this->origin->origin_type; - $fk_origin = $this->origin->id; - if ($origintype == 'project') { - $fk_project = $fk_origin; - } else { - $res = $this->origin->fetch($fk_origin); - if ($res > 0) { - if (!empty($this->origin->fk_project)) { - $fk_project = $this->origin->fk_project; - } - } + // Set $origin_type, origin_id and fk_project + $fk_project = $this->fk_project; + if (!empty($this->origin_type)) { // This is set by caller for tracking reason + $origin_type = $this->origin_type; + $origin_id = $this->origin_id; + if (empty($fk_project) && $origin_type == 'project') { + $fk_project = $origin_id; + $origin_type = ''; + $origin_id = 0; } } else { - $origintype = ''; - $fk_origin = 0; $fk_project = 0; + $origin_type = ''; + $origin_id = 0; } $sql = "INSERT INTO ".MAIN_DB_PREFIX."stock_mouvement("; @@ -437,8 +448,8 @@ class MouvementStock extends CommonObject $sql .= " '".$this->db->escape($label)."',"; $sql .= " ".($inventorycode ? "'".$this->db->escape($inventorycode)."'" : "null").","; $sql .= " ".((float) price2num($price)).","; - $sql .= " ".((int) $fk_origin).","; - $sql .= " '".$this->db->escape($origintype)."',"; + $sql .= " ".((int) $origin_id).","; + $sql .= " '".$this->db->escape($origin_type)."',"; $sql .= " ".((int) $fk_project); $sql .= ")"; @@ -626,8 +637,8 @@ class MouvementStock extends CommonObject $sql .= " t.type_mouvement,"; $sql .= " t.fk_user_author,"; $sql .= " t.label,"; - $sql .= " t.fk_origin,"; - $sql .= " t.origintype,"; + $sql .= " t.fk_origin as origin_id,"; + $sql .= " t.origintype as origin_type,"; $sql .= " t.inventorycode,"; $sql .= " t.batch,"; $sql .= " t.eatby,"; @@ -654,8 +665,10 @@ class MouvementStock extends CommonObject $this->price = $obj->price; $this->fk_user_author = $obj->fk_user_author; $this->label = $obj->label; - $this->fk_origin = $obj->fk_origin; - $this->origintype = $obj->origintype; + $this->fk_origin = $obj->origin_id; // For backward compatibility + $this->origintype = $obj->origin_type; // For backward compatibility + $this->origin_id = $obj->origin_id; + $this->origin_type = $obj->origin_type; $this->inventorycode = $obj->inventorycode; $this->batch = $obj->batch; $this->eatby = $this->db->jdate($obj->eatby); @@ -730,6 +743,7 @@ class MouvementStock extends CommonObject foreach ($pids as $key => $value) { if (!$error) { $tmpmove = dol_clone($this, 1); + $result = $tmpmove->_create($user, $pids[$key], $entrepot_id, ($qty * $pqtys[$key]), $type, 0, $label, $inventorycode); // This will also call _createSubProduct making this recursive if ($result < 0) { $this->error = $tmpmove->error; @@ -921,16 +935,16 @@ class MouvementStock extends CommonObject /** * Return Url link of origin object * - * @param int $fk_origin Id origin - * @param int $origintype Type origin + * @param int $origin_id Id origin + * @param int $origin_type Type origin * @return string */ - public function get_origin($fk_origin, $origintype) + public function get_origin($origin_id, $origin_type) { // phpcs:enable $origin = ''; - switch ($origintype) { + switch ($origin_type) { case 'commande': require_once DOL_DOCUMENT_ROOT.'/commande/class/commande.class.php'; $origin = new Commande($this->db); @@ -973,11 +987,11 @@ class MouvementStock extends CommonObject break; default: - if ($origintype) { + if ($origin_type) { // Separate originetype with "@" : left part is class name, right part is module name - $origintype_array = explode('@', $origintype); - $classname = ucfirst($origintype_array[0]); - $modulename = empty($origintype_array[1]) ? $classname : $origintype_array[1]; + $origin_type_array = explode('@', $origin_type); + $classname = ucfirst($origin_type_array[0]); + $modulename = empty($origin_type_array[1]) ? $classname : $origin_type_array[1]; $result = dol_include_once('/'.$modulename.'/class/'.strtolower($classname).'.class.php'); if ($result) { $classname = ucfirst($classname); @@ -991,7 +1005,7 @@ class MouvementStock extends CommonObject return ''; } - if ($origin->fetch($fk_origin) > 0) { + if ($origin->fetch($origin_id) > 0) { return $origin->getNomUrl(1); } @@ -999,29 +1013,20 @@ class MouvementStock extends CommonObject } /** - * Set attribute origin to object + * Set attribute origin_type and fk_origin to object * - * @param string $origin_element type of element - * @param int $origin_id id of element + * @param string $origin_element Type of element + * @param int $origin_id Id of element * * @return void */ public function setOrigin($origin_element, $origin_id) { - if (!empty($origin_element) && $origin_id > 0) { - $origin = ''; - if ($origin_element == 'project') { - if (!class_exists('Project')) { - require_once DOL_DOCUMENT_ROOT.'/projet/class/project.class.php'; - } - $origin = new Project($this->db); - } - - if (!empty($origin)) { - $this->origin = $origin; - $this->origin->id = $origin_id; - } - } + $this->origin_type = $origin_element; + $this->origin_id = $origin_id; + // For backward compatibility + $this->origintype = $origin_element; + $this->fk_origin = $origin_id; } diff --git a/htdocs/public/members/new.php b/htdocs/public/members/new.php index b6498ca4032..c00c1d70367 100644 --- a/htdocs/public/members/new.php +++ b/htdocs/public/members/new.php @@ -381,7 +381,7 @@ if (empty($reshook) && $action == 'add') { $urlback = $conf->global->MEMBER_URL_REDIRECT_SUBSCRIPTION; // TODO Make replacement of __AMOUNT__, etc... } else { - $urlback = $_SERVER["PHP_SELF"]."?action=added"; + $urlback = $_SERVER["PHP_SELF"]."?action=added&token=".newToken(); } if (!empty($conf->global->MEMBER_NEWFORM_PAYONLINE) && $conf->global->MEMBER_NEWFORM_PAYONLINE != '-1') { diff --git a/htdocs/public/project/new.php b/htdocs/public/project/new.php index ca7101a3679..1d673991d3d 100644 --- a/htdocs/public/project/new.php +++ b/htdocs/public/project/new.php @@ -311,7 +311,7 @@ if (empty($reshook) && $action == 'add') { $urlback = $conf->global->PROJECT_URL_REDIRECT_LEAD; // TODO Make replacement of __AMOUNT__, etc... } else { - $urlback = $_SERVER["PHP_SELF"]."?action=added"; + $urlback = $_SERVER["PHP_SELF"]."?action=added&token=".newToken(); } if (!empty($entity)) { diff --git a/htdocs/salaries/paiement_salary.php b/htdocs/salaries/paiement_salary.php index 9f9a1ae7b50..b1e03866d7e 100644 --- a/htdocs/salaries/paiement_salary.php +++ b/htdocs/salaries/paiement_salary.php @@ -18,7 +18,7 @@ */ /** - * \file htdocs/compta/paiement_salary.php + * \file htdocs/salaries/paiement_salary.php * \ingroup salary * \brief Page to add payment of a salary */ diff --git a/htdocs/societe/class/societe.class.php b/htdocs/societe/class/societe.class.php index 23c2976d43a..8c5ef8ca5ca 100644 --- a/htdocs/societe/class/societe.class.php +++ b/htdocs/societe/class/societe.class.php @@ -2575,13 +2575,13 @@ class Societe extends CommonObject $label .= ' '.$this->getLibStatut(5); } - if (!empty($this->name)) { - $label .= '
'.$langs->trans('Name').': '.dol_escape_htmltag($this->name); - if (!empty($this->name_alias)) { - $label .= ' ('.dol_escape_htmltag($this->name_alias).')'; - } + $label .= '
'.$langs->trans('Name').': '.dol_escape_htmltag($this->name); + if (!empty($this->name_alias)) { + $label .= ' ('.dol_escape_htmltag($this->name_alias).')'; + } + if ($this->email) { + $label .= '
'.img_picto('', 'email', 'class="pictofixedwidth"').$this->email; } - $label .= '
'.img_picto('', 'email', 'class="pictofixedwidth"').$this->email; if (!empty($this->phone) || !empty($this->fax)) { $phonelist = array(); if ($this->phone) { diff --git a/htdocs/societe/price.php b/htdocs/societe/price.php index c29717f002d..21dd3b9643b 100644 --- a/htdocs/societe/price.php +++ b/htdocs/societe/price.php @@ -525,7 +525,7 @@ if (!empty($conf->global->PRODUIT_CUSTOMER_PRICES)) { print "\n".'
'."\n"; if ($user->rights->produit->creer || $user->rights->service->creer) { - print '
id.'">'.$langs->trans("AddCustomerPrice").'
'; + print '
id.'">'.$langs->trans("AddCustomerPrice").'
'; } print "\n
\n"; diff --git a/htdocs/takepos/admin/receipt.php b/htdocs/takepos/admin/receipt.php index ec05dd89796..1fe95ff57d8 100644 --- a/htdocs/takepos/admin/receipt.php +++ b/htdocs/takepos/admin/receipt.php @@ -44,8 +44,8 @@ $langs->loadLangs(array("admin", "cashdesk", "commercial")); if (GETPOST('action', 'alpha') == 'set') { $db->begin(); - $res = dolibarr_set_const($db, "TAKEPOS_HEADER", GETPOST('TAKEPOS_HEADER', 'alpha'), 'chaine', 0, '', $conf->entity); - $res = dolibarr_set_const($db, "TAKEPOS_FOOTER", GETPOST('TAKEPOS_FOOTER', 'alpha'), 'chaine', 0, '', $conf->entity); + $res = dolibarr_set_const($db, "TAKEPOS_HEADER", GETPOST('TAKEPOS_HEADER', 'restricthtml'), 'chaine', 0, '', $conf->entity); + $res = dolibarr_set_const($db, "TAKEPOS_FOOTER", GETPOST('TAKEPOS_FOOTER', 'restricthtml'), 'chaine', 0, '', $conf->entity); $res = dolibarr_set_const($db, "TAKEPOS_RECEIPT_NAME", GETPOST('TAKEPOS_RECEIPT_NAME', 'alpha'), 'chaine', 0, '', $conf->entity); $res = dolibarr_set_const($db, "TAKEPOS_SHOW_CUSTOMER", GETPOST('TAKEPOS_SHOW_CUSTOMER', 'alpha'), 'chaine', 0, '', $conf->entity); $res = dolibarr_set_const($db, "TAKEPOS_AUTO_PRINT_TICKETS", GETPOST('TAKEPOS_AUTO_PRINT_TICKETS', 'int'), 'int', 0, '', $conf->entity); diff --git a/htdocs/takepos/floors.php b/htdocs/takepos/floors.php index b3ba955f4e8..64040a24466 100644 --- a/htdocs/takepos/floors.php +++ b/htdocs/takepos/floors.php @@ -212,9 +212,9 @@ $( document ).ready(function() { admin) {?> &place="+place+"&idproduct="+idproduct+"&selectedline="+selectedline, function() { global->TAKEPOS_CUSTOMER_DISPLAY)) echo "CustomerDisplay();";?> }); } diff --git a/htdocs/takepos/invoice.php b/htdocs/takepos/invoice.php index ad5d8f9fbd2..8b2e5ca78b7 100644 --- a/htdocs/takepos/invoice.php +++ b/htdocs/takepos/invoice.php @@ -1056,12 +1056,12 @@ function DolibarrTakeposPrinting(id) { } function CreditNote() { - $("#poslines").load("invoice.php?action=creditnote&invoiceid="+placeid, function() { + $("#poslines").load("invoice.php?action=creditnote&token=&invoiceid="+placeid, function() { }); } function SetNote() { - $("#poslines").load("invoice.php?action=addnote&invoiceid="+placeid+"&idline="+selectedline+"&addnote="+$("#textinput").val(), function() { + $("#poslines").load("invoice.php?action=addnote&token=&invoiceid="+placeid+"&idline="+selectedline+"&addnote="+$("#textinput").val(), function() { }); } diff --git a/htdocs/takepos/phone.php b/htdocs/takepos/phone.php index 7eaa4d9ec68..b655d9f7789 100644 --- a/htdocs/takepos/phone.php +++ b/htdocs/takepos/phone.php @@ -238,10 +238,10 @@ function AddProductConfirm(placeid, productid){ place=placeid; diff --git a/htdocs/takepos/receipt.php b/htdocs/takepos/receipt.php index d978d2ac792..627a6c99565 100644 --- a/htdocs/takepos/receipt.php +++ b/htdocs/takepos/receipt.php @@ -119,7 +119,7 @@ if (!empty($conf->global->TAKEPOS_HEADER) || !empty($conf->global->{$constFreeTe if (!empty($conf->global->{$constFreeText})) { $newfreetext .= make_substitutions($conf->global->{$constFreeText}, $substitutionarray); } - print $newfreetext; + print nl2br($newfreetext); } ?>

diff --git a/htdocs/theme/md/style.css.php b/htdocs/theme/md/style.css.php index d68bfa78ee9..bb1fff44289 100644 --- a/htdocs/theme/md/style.css.php +++ b/htdocs/theme/md/style.css.php @@ -1859,6 +1859,7 @@ body.sidebar-collapse .side-nav, body.sidebar-collapse .login_block div.login_block { /* border-right: none ! important; */ top: inherit !important; + border-right: 1px solid rgba(0,0,0,0.3); } .side-nav { @@ -1914,7 +1915,7 @@ div.login_block { padding-top: 20px; browser->layout, array('phone', 'tablet')) && empty($conf->global->MAIN_OPTIMIZEFORTEXTBROWSER)) { ?> - top: 50px ! important; + top: 66px ! important; top: 60px ! important; @@ -2810,9 +2811,9 @@ img.login, img.printer, img.entity { font-weight: bold; } .userimg.atoplogin img.userphoto, .userimgatoplogin img.userphoto { /* size for user photo in login bar */ - border-radius: 8px; - width: 16px; - height: 16px; + /* border-radius: 8px; */ + width: 20px; + height: 20px; background-size: contain; vertical-align: text-bottom; background-color: #FFF; diff --git a/htdocs/user/group/perms.php b/htdocs/user/group/perms.php index 46506163c1f..478e345f2e3 100644 --- a/htdocs/user/group/perms.php +++ b/htdocs/user/group/perms.php @@ -248,9 +248,9 @@ if ($object->id > 0) { print '		'.$langs->trans("Module").''; - print ''.$langs->trans("All").""; + print ''.$langs->trans("All").""; print '/'; - print ''.$langs->trans("None").""; + print ''.$langs->trans("None").""; print ' '; - print 'module.'&token='.newToken().'">'.$langs->trans("All").""; + print 'module.'&token='.newToken().'">'.$langs->trans("All").""; print '/'; - print 'module.'&token='.newToken().'">'.$langs->trans("None").""; + print 'module.'&token='.newToken().'">'.$langs->trans("None").""; print ' id.'&confirm=yes&token='.newToken().'">'; + print 'id.'&confirm=yes&token='.newToken().'">'; //print img_edit_add($langs->trans("Add")); print img_picto($langs->trans("Add"), 'switch_off'); print 'id.'&confirm=yes&token='.newToken().'">'; + print 'id.'&confirm=yes&token='.newToken().'">'; //print img_edit_add($langs->trans("Add")); print img_picto($langs->trans("Add"), 'switch_off'); print 'id.'&confirm=yes&token='.newToken().'">'; + print 'id.'&confirm=yes&token='.newToken().'">'; //print img_edit_add($langs->trans("Add")); print img_picto($langs->trans("Add"), 'switch_off'); print '