From 5e2d8eac2b13bbce11fbf4a9d4094cec5a369b87 Mon Sep 17 00:00:00 2001 From: Laurent De Coninck Date: Mon, 20 Sep 2021 22:51:43 +0200 Subject: [PATCH 01/51] Allow to edit the header of receipt by using HTML In the current version the WYSIWYG oesn't allow any HTML by thus fix you can use any button from the wysiwyg and it displays on the receipe. [see: X] --- htdocs/takepos/admin/receipt.php | 4 ++-- htdocs/takepos/receipt.php | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/htdocs/takepos/admin/receipt.php b/htdocs/takepos/admin/receipt.php index 01873d317c4..61fd71bdf29 100644 --- a/htdocs/takepos/admin/receipt.php +++ b/htdocs/takepos/admin/receipt.php @@ -42,8 +42,8 @@ if (GETPOST('action', 'alpha') == 'set') { $db->begin(); - $res = dolibarr_set_const($db, "TAKEPOS_HEADER", GETPOST('TAKEPOS_HEADER', 'alpha'), 'chaine', 0, '', $conf->entity); - $res = dolibarr_set_const($db, "TAKEPOS_FOOTER", GETPOST('TAKEPOS_FOOTER', 'alpha'), 'chaine', 0, '', $conf->entity); + $res = dolibarr_set_const($db, "TAKEPOS_HEADER", GETPOST('TAKEPOS_HEADER', 'none'), 'chaine', 0, '', $conf->entity); + $res = dolibarr_set_const($db, "TAKEPOS_FOOTER", GETPOST('TAKEPOS_FOOTER', 'none'), 'chaine', 0, '', $conf->entity); $res = dolibarr_set_const($db, "TAKEPOS_RECEIPT_NAME", GETPOST('TAKEPOS_RECEIPT_NAME', 'alpha'), 'chaine', 0, '', $conf->entity); $res = dolibarr_set_const($db, "TAKEPOS_SHOW_CUSTOMER", GETPOST('TAKEPOS_SHOW_CUSTOMER', 'alpha'), 'chaine', 0, '', $conf->entity); $res = dolibarr_set_const($db, "TAKEPOS_AUTO_PRINT_TICKETS", GETPOST('TAKEPOS_AUTO_PRINT_TICKETS', 'int'), 'int', 0, '', $conf->entity); diff --git a/htdocs/takepos/receipt.php b/htdocs/takepos/receipt.php index 6a305362839..a37c4a6c880 100644 --- a/htdocs/takepos/receipt.php +++ b/htdocs/takepos/receipt.php @@ -109,7 +109,7 @@ if (!empty($conf->global->TAKEPOS_HEADER) || !empty($conf->global->{$constFreeTe $substitutionarray = getCommonSubstitutionArray($langs); if (!empty($conf->global->TAKEPOS_HEADER)) $newfreetext .= make_substitutions($conf->global->TAKEPOS_HEADER, $substitutionarray); if (!empty($conf->global->{$constFreeText})) $newfreetext .= make_substitutions($conf->global->{$constFreeText}, $substitutionarray); - print $newfreetext; + print nl2br($newfreetext); } ?>

From 70e66627fed60b611adda6d1fab22f4647580914 Mon Sep 17 00:00:00 2001 From: Laurent De Coninck Date: Wed, 22 Sep 2021 20:14:47 +0200 Subject: [PATCH 02/51] restrict the html --- htdocs/takepos/admin/receipt.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/htdocs/takepos/admin/receipt.php b/htdocs/takepos/admin/receipt.php index 61fd71bdf29..3350da50104 100644 --- a/htdocs/takepos/admin/receipt.php +++ b/htdocs/takepos/admin/receipt.php @@ -42,8 +42,8 @@ if (GETPOST('action', 'alpha') == 'set') { $db->begin(); - $res = dolibarr_set_const($db, "TAKEPOS_HEADER", GETPOST('TAKEPOS_HEADER', 'none'), 'chaine', 0, '', $conf->entity); - $res = dolibarr_set_const($db, "TAKEPOS_FOOTER", GETPOST('TAKEPOS_FOOTER', 'none'), 'chaine', 0, '', $conf->entity); + $res = dolibarr_set_const($db, "TAKEPOS_HEADER", GETPOST('TAKEPOS_HEADER', 'restricthtml'), 'chaine', 0, '', $conf->entity); + $res = dolibarr_set_const($db, "TAKEPOS_FOOTER", GETPOST('TAKEPOS_FOOTER', 'restricthtml'), 'chaine', 0, '', $conf->entity); $res = dolibarr_set_const($db, "TAKEPOS_RECEIPT_NAME", GETPOST('TAKEPOS_RECEIPT_NAME', 'alpha'), 'chaine', 0, '', $conf->entity); $res = dolibarr_set_const($db, "TAKEPOS_SHOW_CUSTOMER", GETPOST('TAKEPOS_SHOW_CUSTOMER', 'alpha'), 'chaine', 0, '', $conf->entity); $res = dolibarr_set_const($db, "TAKEPOS_AUTO_PRINT_TICKETS", GETPOST('TAKEPOS_AUTO_PRINT_TICKETS', 'int'), 'int', 0, '', $conf->entity); From 6abe6462e6c1dde1f9e1cba2ba2049e52723e512 Mon Sep 17 00:00:00 2001 From: Marc de Lima Lucio <68746600+marc-dll@users.noreply.github.com> Date: Mon, 27 Sep 2021 14:33:57 +0200 Subject: [PATCH 03/51] FIX: products/services card: hidden extrafields were overridden --- htdocs/product/card.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/product/card.php b/htdocs/product/card.php index d74cab0ada4..542c66dee25 100644 --- a/htdocs/product/card.php +++ b/htdocs/product/card.php @@ -487,7 +487,7 @@ if (empty($reshook)) if ($accountancy_code_buy_export <= 0) { $object->accountancy_code_buy_export = ''; } else { $object->accountancy_code_buy_export = $accountancy_code_buy_export; } // Fill array 'array_options' with data from add form - $ret = $extrafields->setOptionalsFromPost(null, $object); + $ret = $extrafields->setOptionalsFromPost(null, $object, '@GETPOSTISSET'); if ($ret < 0) $error++; if (!$error && $object->check()) From 2472dff67bd84284d36a121c4e5f832b19c51272 Mon Sep 17 00:00:00 2001 From: Indelog Date: Tue, 28 Sep 2021 12:08:45 +0200 Subject: [PATCH 04/51] Fix FormFile::list_of_autoecmfiles object_instance classname after hook FormFile::list_of_autoecmfiles() can instantiate object with parameters resulting of hook `addSectionECMAuto` but for do this, it use `${$hookmanager->resArray['classname']}` which return a `null`. Instead we should do this `$hookmanager->resArray['classname']`. --- htdocs/core/class/html.formfile.class.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/core/class/html.formfile.class.php b/htdocs/core/class/html.formfile.class.php index 60054ecf5ad..71d8c02b5f2 100644 --- a/htdocs/core/class/html.formfile.class.php +++ b/htdocs/core/class/html.formfile.class.php @@ -1672,7 +1672,7 @@ class FormFile dol_include_once($hookmanager->resArray['classpath']); if (array_key_exists('classname', $hookmanager->resArray) && !empty($hookmanager->resArray['classname'])) { if (class_exists($hookmanager->resArray['classname'])) { - $object_instance = new ${$hookmanager->resArray['classname']}($this->db); + $object_instance = new $hookmanager->resArray['classname']($this->db); } } } From 5b8b55cfba0e9459126fcffb6f2923b472cea8ba Mon Sep 17 00:00:00 2001 From: Indelog Date: Tue, 28 Sep 2021 15:26:08 +0200 Subject: [PATCH 05/51] Fix append module suffix on src_object_type when create ecm file Files added to `llx_ecm_files` for externals modules never be removed on object deletion. When `CommonObject::deleteEcmFiles()` is called with `mode=1`, it use this sql filter to find the file related to the object which is removed : ``` $sql .= " WHERE fk_object IN (SELECT rowid FROM ".MAIN_DB_PREFIX."ecm_files WHERE src_object_type = '".$this->db->escape($this->table_element.(empty($this->module) ? '' : '@'.$this->module))."' AND src_object_id = ".((int) $this->id).")"; ``` We see it append `'@'.$this->module` to `$this->table_element` but when file is add to the `llx_ecm_files` by `CommonObject::commonGenerateDocument()` , it added whiteout the `'@'.$this->module` suffix. So the file is never remove from `llx_ecm_files` when object is deleted. This fix it by appending module suffix on `src_object_type` if object has `module` property when add document to the `llx_ecm_files`. --- htdocs/core/class/commonobject.class.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/core/class/commonobject.class.php b/htdocs/core/class/commonobject.class.php index d53b8829686..858d21d5e4d 100644 --- a/htdocs/core/class/commonobject.class.php +++ b/htdocs/core/class/commonobject.class.php @@ -5297,7 +5297,7 @@ abstract class CommonObject $ecmfile->gen_or_uploaded = 'generated'; $ecmfile->description = ''; // indexed content $ecmfile->keywords = ''; // keyword content - $ecmfile->src_object_type = $this->table_element; + $ecmfile->src_object_type = $this->table_element.(empty($this->module) ? '' : '@'.$this->module); $ecmfile->src_object_id = $this->id; $result = $ecmfile->create($user); From fae0337b3e58cc160afdd2bc20343a6563af47c2 Mon Sep 17 00:00:00 2001 From: Indelog Date: Tue, 28 Sep 2021 16:22:28 +0200 Subject: [PATCH 06/51] Fix show for external module in ecm index auto page This set the correct `modulepart` parameter for link generated to `document.php` of ecm auto index page if `src_object_type` for ecm document has a module suffix (`@modulename`). --- htdocs/core/class/html.formfile.class.php | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/htdocs/core/class/html.formfile.class.php b/htdocs/core/class/html.formfile.class.php index 60054ecf5ad..55460c587d8 100644 --- a/htdocs/core/class/html.formfile.class.php +++ b/htdocs/core/class/html.formfile.class.php @@ -1811,9 +1811,11 @@ class FormFile print ''; // File + // Check if document source has external module part, if it the case use it for module part on document.php + preg_match('/^[^@]*@([^@]*)$/', $modulepart.'@expertisemedical', $modulesuffix); print ''; //print "XX".$file['name']; //$file['name'] must be utf8 - print 'getDocumentsLink($modulepart, $modulesubdir, $filedir, '^'.preg_quote($file['name'],'/').'$'); - print $this->showPreview($file, $modulepart, $file['relativename']); + print $this->showPreview($file, (empty($modulesuffix) ? $modulepart : $modulesuffix[1]), $file['relativename']); print "\n"; From 43a47999d7261f60430bcb64a76e3aa8fd575fb6 Mon Sep 17 00:00:00 2001 From: Regis Houssin Date: Tue, 28 Sep 2021 16:35:01 +0200 Subject: [PATCH 07/51] FIX avoid warning if $categories is an id --- htdocs/core/class/commonobject.class.php | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/htdocs/core/class/commonobject.class.php b/htdocs/core/class/commonobject.class.php index d53b8829686..ee1d9b51ede 100644 --- a/htdocs/core/class/commonobject.class.php +++ b/htdocs/core/class/commonobject.class.php @@ -9135,6 +9135,11 @@ abstract class CommonObject */ public function setCategoriesCommon($categories, $type_categ = '', $remove_existing = true) { + // Handle single category + if (!is_array($categories)) { + $categories = array($categories); + } + dol_syslog(get_class($this)."::setCategoriesCommon Oject Id:".$this->id.' type_categ:'.$type_categ.' nb tag add:'.count($categories), LOG_DEBUG); require_once DOL_DOCUMENT_ROOT.'/categories/class/categorie.class.php'; @@ -9144,11 +9149,6 @@ abstract class CommonObject return -1; } - // Handle single category - if (!is_array($categories)) { - $categories = array($categories); - } - // Get current categories $c = new Categorie($this->db); $existing = $c->containing($this->id, $type_categ, 'id'); From 6e08ecde0488c3defd398ab0a25f8970792431a1 Mon Sep 17 00:00:00 2001 From: Regis Houssin Date: Wed, 29 Sep 2021 08:47:22 +0200 Subject: [PATCH 08/51] FIX indentation --- htdocs/core/class/commonobject.class.php | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/htdocs/core/class/commonobject.class.php b/htdocs/core/class/commonobject.class.php index ee1d9b51ede..1eb661471ae 100644 --- a/htdocs/core/class/commonobject.class.php +++ b/htdocs/core/class/commonobject.class.php @@ -9135,10 +9135,10 @@ abstract class CommonObject */ public function setCategoriesCommon($categories, $type_categ = '', $remove_existing = true) { - // Handle single category - if (!is_array($categories)) { - $categories = array($categories); - } + // Handle single category + if (!is_array($categories)) { + $categories = array($categories); + } dol_syslog(get_class($this)."::setCategoriesCommon Oject Id:".$this->id.' type_categ:'.$type_categ.' nb tag add:'.count($categories), LOG_DEBUG); From a395ff5ee394dfa445356fd8b3ac1b7536b31fc5 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Wed, 29 Sep 2021 16:19:47 +0200 Subject: [PATCH 09/51] Css --- htdocs/admin/system/perf.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/admin/system/perf.php b/htdocs/admin/system/perf.php index 758a93a765d..bbfa4b85c41 100644 --- a/htdocs/admin/system/perf.php +++ b/htdocs/admin/system/perf.php @@ -63,7 +63,7 @@ print '
'; print ''.$langs->trans("XDebug").': '; $test = !function_exists('xdebug_is_enabled'); if ($test) { - print img_picto('', 'tick.png').' '.$langs->trans("NotInstalled").' - '.$langs->trans("NotSlowedDownByThis"); + print img_picto('', 'tick.png').' '.$langs->trans("NotInstalled").' '.$langs->trans("NotSlowedDownByThis").''; } else { print img_picto('', 'warning').' '.$langs->trans("ModuleActivated", $langs->transnoentities("XDebug")); print ' - '.$langs->trans("MoreInformation").' XDebug admin page'; From 34dacca77c8241e97b6b0f5559a0b87b7fd04005 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Wed, 29 Sep 2021 16:31:40 +0200 Subject: [PATCH 10/51] Css --- htdocs/core/lib/functions.lib.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/core/lib/functions.lib.php b/htdocs/core/lib/functions.lib.php index f26b18152b9..e0dcc51917b 100644 --- a/htdocs/core/lib/functions.lib.php +++ b/htdocs/core/lib/functions.lib.php @@ -3704,7 +3704,7 @@ function img_picto($titlealt, $picto, $moreatt = '', $pictoisfullpath = false, $ 'action'=>'infobox-action', 'account'=>'infobox-bank_account', 'accountline'=>'infobox-bank_account', 'accountancy'=>'infobox-bank_account', 'asset'=>'infobox-bank_account', 'bank_account'=>'bg-infobox-bank_account', 'bill'=>'infobox-commande', 'billa'=>'infobox-commande', 'billr'=>'infobox-commande', 'billd'=>'infobox-commande', - 'conferenceorbooth'=>'infobox-project', + 'margin'=>'infobox-bank_account', 'conferenceorbooth'=>'infobox-project', 'cash-register'=>'infobox-bank_account', 'contract'=>'infobox-contrat', 'check'=>'font-status4', 'collab'=>'infobox-action', 'conversation'=>'infobox-contrat', 'donation'=>'infobox-commande', 'dolly'=>'infobox-commande', 'dollyrevert'=>'flip infobox-order_supplier', 'ecm'=>'infobox-action', 'eventorganization'=>'infobox-project', From 1d35d8fd2d679c6beccc13fb034de2c4de02fe90 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Wed, 29 Sep 2021 16:42:52 +0200 Subject: [PATCH 11/51] CSS popup company --- htdocs/societe/class/societe.class.php | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/htdocs/societe/class/societe.class.php b/htdocs/societe/class/societe.class.php index e7597b311c2..818d5249a6c 100644 --- a/htdocs/societe/class/societe.class.php +++ b/htdocs/societe/class/societe.class.php @@ -2575,13 +2575,13 @@ class Societe extends CommonObject $label .= ' '.$this->getLibStatut(5); } - if (!empty($this->name)) { - $label .= '
'.$langs->trans('Name').': '.dol_escape_htmltag($this->name); - if (!empty($this->name_alias)) { - $label .= ' ('.dol_escape_htmltag($this->name_alias).')'; - } + $label .= '
'.$langs->trans('Name').': '.dol_escape_htmltag($this->name); + if (!empty($this->name_alias)) { + $label .= ' ('.dol_escape_htmltag($this->name_alias).')'; + } + if ($this->email) { + $label .= '
'.img_picto('', 'email', 'class="pictofixedwidth"').$this->email; } - $label .= '
'.img_picto('', 'email', 'class="pictofixedwidth"').$this->email; if (!empty($this->phone) || !empty($this->fax)) { $phonelist = array(); if ($this->phone) { From 52fb627a64501c9d3f099450403f4bb46f9463c6 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Wed, 29 Sep 2021 16:45:48 +0200 Subject: [PATCH 12/51] Look and feel v14 --- htdocs/adherents/type.php | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/htdocs/adherents/type.php b/htdocs/adherents/type.php index 10560d38648..76099ff7d66 100644 --- a/htdocs/adherents/type.php +++ b/htdocs/adherents/type.php @@ -318,6 +318,19 @@ if (!$rowid && $action != 'create' && $action != 'edit') { print ""; $i++; } + + // If no record found + if ($num == 0) { + /*$colspan = 1; + foreach ($arrayfields as $key => $val) { + if (!empty($val['checked'])) { + $colspan++; + } + }*/ + $colspan = 8; + print ''.$langs->trans("NoRecordFound").''; + } + print ""; print ''; From 2dd55301deb1e41310893bbb292ea17466b3201e Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Wed, 29 Sep 2021 17:06:51 +0200 Subject: [PATCH 13/51] Fix duplicate field and look and feel --- htdocs/opensurvey/card.php | 20 ++++++-------------- htdocs/opensurvey/wizard/create_survey.php | 6 +++--- 2 files changed, 9 insertions(+), 17 deletions(-) diff --git a/htdocs/opensurvey/card.php b/htdocs/opensurvey/card.php index fd9fa3e0456..40e9d14adca 100644 --- a/htdocs/opensurvey/card.php +++ b/htdocs/opensurvey/card.php @@ -251,18 +251,6 @@ if ($action == 'edit') { } print ''; -// EMail -//If linked user, then emails are going to be sent to users' email -if (!$object->fk_user_creat) { - print ''.$langs->trans("EMail").''; - if ($action == 'edit') { - print ''; - } else { - print dol_print_email($object->mail_admin, 0, 0, 1); - } - print ''; -} - // Receive an email with each vote print ''.$langs->trans('ToReceiveEMailForEachVote').''; if ($action == 'edit') { @@ -312,10 +300,14 @@ print ''; // Author print ''; print $langs->trans("Author").''; -if ($object->fk_user_creat) { +if ($object->fk_user_creat > 0) { print $userstatic->getLoginUrl(1); } else { - print dol_htmlentities($object->nom_admin); + if ($action == 'edit') { + print ''; + } else { + print dol_print_email($object->mail_admin, 0, 0, 1); + } } print ''; diff --git a/htdocs/opensurvey/wizard/create_survey.php b/htdocs/opensurvey/wizard/create_survey.php index 30e662be7ea..6ed1f2073d2 100644 --- a/htdocs/opensurvey/wizard/create_survey.php +++ b/htdocs/opensurvey/wizard/create_survey.php @@ -170,7 +170,7 @@ if ($_SESSION["mailsonde"]) { $cochemail = "checked"; } -print ' '.$langs->trans("ToReceiveEMailForEachVote").'
'."\n"; +print '
'."\n"; if ($_SESSION['allow_comments']) { $allow_comments = 'checked'; @@ -178,7 +178,7 @@ if ($_SESSION['allow_comments']) { if (GETPOSTISSET('allow_comments')) { $allow_comments = GETPOST('allow_comments') ? 'checked' : ''; } -print ' '.$langs->trans('CanComment').'
'."\n"; +print '
'."\n"; if ($_SESSION['allow_spy']) { $allow_spy = 'checked'; @@ -186,7 +186,7 @@ if ($_SESSION['allow_spy']) { if (GETPOSTISSET('allow_spy')) { $allow_spy = GETPOST('allow_spy') ? 'checked' : ''; } -print ' '.$langs->trans('CanSeeOthersVote').'
'."\n"; +print '
'."\n"; if (GETPOST('choix_sondage')) { if (GETPOST('choix_sondage') == 'date') { From a495d5e9824458b7620551c508fb0da50026723f Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Wed, 29 Sep 2021 17:14:37 +0200 Subject: [PATCH 14/51] Fix translation --- htdocs/index.php | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/htdocs/index.php b/htdocs/index.php index 0f457b0f40b..c4d3e5e4d78 100644 --- a/htdocs/index.php +++ b/htdocs/index.php @@ -336,6 +336,7 @@ if (empty($conf->global->MAIN_DISABLE_GLOBAL_WORKBOARD)) { ), 'supplier_proposal' => array( + 'lang' => 'supplier_proposal', 'groupName' => 'SupplierProposals', 'globalStatsKey' => 'askprice', 'stats' => @@ -485,6 +486,9 @@ if (empty($conf->global->MAIN_DISABLE_GLOBAL_WORKBOARD)) { } if (!empty($boards)) { + if (!empty($groupElement['lang'])) { + $langs->load($groupElement['lang']); + } $groupName = $langs->trans($groupElement['groupName']); $groupKeyLowerCase = strtolower($groupKey); $nbTotalForGroup = 0; From 11c48a53a5cfac791d4be3c03c4d53eddcd979d3 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Wed, 29 Sep 2021 17:20:59 +0200 Subject: [PATCH 15/51] Fix name of file --- ...n_user_group.sql => llx_workstation_workstation_usergroup.sql} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename htdocs/install/mysql/tables/{llx_workstation_workstation_user_group.sql => llx_workstation_workstation_usergroup.sql} (100%) diff --git a/htdocs/install/mysql/tables/llx_workstation_workstation_user_group.sql b/htdocs/install/mysql/tables/llx_workstation_workstation_usergroup.sql similarity index 100% rename from htdocs/install/mysql/tables/llx_workstation_workstation_user_group.sql rename to htdocs/install/mysql/tables/llx_workstation_workstation_usergroup.sql From 3d239e75288bb8ed97e1aca6cb5c7dd958efc74a Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Wed, 29 Sep 2021 17:28:06 +0200 Subject: [PATCH 16/51] Trans --- htdocs/admin/tools/purge.php | 2 +- htdocs/langs/en_US/admin.lang | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/htdocs/admin/tools/purge.php b/htdocs/admin/tools/purge.php index 09647549c8b..eb274163697 100644 --- a/htdocs/admin/tools/purge.php +++ b/htdocs/admin/tools/purge.php @@ -110,7 +110,7 @@ if (!empty($conf->syslog->enabled)) { print '

'; +print '>

'; print '%s directory). Using this feature is not normally necessary. It is provided as a workaround for users whose Dolibarr is hosted by a provider that does not offer permissions to delete files generated by the web server. PurgeDeleteLogFile=Delete log files, including %s defined for Syslog module (no risk of losing data) PurgeDeleteTemporaryFiles=Delete all log and temporary files (no risk of losing data). Parameter can be 'tempfilesold', 'logfiles' or both 'tempfilesold+logfiles'. Note: Deletion of temporary files is done only if the temp directory was created more than 24 hours ago. -PurgeDeleteTemporaryFilesShort=Delete log and temporary files +PurgeDeleteTemporaryFilesShort=Delete log and temporary files (no risk of losing data) PurgeDeleteAllFilesInDocumentsDir=Delete all files in directory: %s.
This will delete all generated documents related to elements (third parties, invoices etc...), files uploaded into the ECM module, database backup dumps and temporary files. PurgeRunNow=Purge now PurgeNothingToDelete=No directory or files to delete. From fca39d91792ce0cb443704c84d8af3f9f71c0739 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Thu, 30 Sep 2021 01:15:36 +0200 Subject: [PATCH 17/51] css --- htdocs/compta/index.php | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/htdocs/compta/index.php b/htdocs/compta/index.php index ca7cd08a6fe..9cb9bca667b 100644 --- a/htdocs/compta/index.php +++ b/htdocs/compta/index.php @@ -206,6 +206,7 @@ if (!empty($conf->facture->enabled) && !empty($user->rights->facture->lire)) { print ''; print ''; + print ''; @@ -222,15 +223,19 @@ if (!empty($conf->facture->enabled) && !empty($user->rights->facture->lire)) { print '
'; print $tmpinvoice->getNomUrl(1, ''); print '
'; print ''; - print ''; + + print ''; print $thirdpartystatic->getNomUrl(1, 'customer', 44); print ''; if (!empty($conf->global->MAIN_SHOW_HT_ON_SUMMARY)) { print ''.price($obj->total_ht).''; } print ''.price($obj->total_ttc).''; + print ''.dol_print_date($db->jdate($obj->tms), 'day').''; + print ''.$tmpinvoice->getLibStatut(3, $obj->am).''; + print ''; $total_ttc += $obj->total_ttc; From 04fa5ff70b5d3d7d7526a81479e02acc67406472 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Thu, 30 Sep 2021 01:50:11 +0200 Subject: [PATCH 18/51] css --- htdocs/holiday/define_holiday.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/holiday/define_holiday.php b/htdocs/holiday/define_holiday.php index fdcdb5f88e6..621443fb408 100644 --- a/htdocs/holiday/define_holiday.php +++ b/htdocs/holiday/define_holiday.php @@ -358,7 +358,7 @@ if (count($typeleaves) == 0) { //var_dump($users['rowid'].' - '.$val['rowid']); print ''; if ($canedit) { - print ''; + print ''; } else { print $nbtoshow; } From 4e86f872ca3b0634433fbe12a5798c880c86dab7 Mon Sep 17 00:00:00 2001 From: Norbert Penel Date: Tue, 28 Sep 2021 13:46:03 +0200 Subject: [PATCH 19/51] it was impossible to update a task after some investigation i saw those errors but they are maybe some more around here --- htdocs/projet/class/api_tasks.class.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/htdocs/projet/class/api_tasks.class.php b/htdocs/projet/class/api_tasks.class.php index e3d6af2de53..9366422002d 100644 --- a/htdocs/projet/class/api_tasks.class.php +++ b/htdocs/projet/class/api_tasks.class.php @@ -454,7 +454,7 @@ class Tasks extends DolibarrApi throw new RestException(404, 'Task not found'); } - if (!DolibarrApi::_checkAccessToResource('tasks', $this->project->id)) { + if (!DolibarrApi::_checkAccessToResource('task', $this->task->id)) { throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login); } foreach ($request_data as $field => $value) { @@ -488,7 +488,7 @@ class Tasks extends DolibarrApi throw new RestException(404, 'Task not found'); } - if (!DolibarrApi::_checkAccessToResource('tasks', $this->project->id)) { + if (!DolibarrApi::_checkAccessToResource('task', $this->task->id)) { throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login); } From ae9643bbeff659ee7424cafba02eee6bfce616e8 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Thu, 30 Sep 2021 13:38:38 +0200 Subject: [PATCH 20/51] Update html.formfile.class.php --- htdocs/core/class/html.formfile.class.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/htdocs/core/class/html.formfile.class.php b/htdocs/core/class/html.formfile.class.php index 71d8c02b5f2..53c00327746 100644 --- a/htdocs/core/class/html.formfile.class.php +++ b/htdocs/core/class/html.formfile.class.php @@ -1672,7 +1672,8 @@ class FormFile dol_include_once($hookmanager->resArray['classpath']); if (array_key_exists('classname', $hookmanager->resArray) && !empty($hookmanager->resArray['classname'])) { if (class_exists($hookmanager->resArray['classname'])) { - $object_instance = new $hookmanager->resArray['classname']($this->db); + $tmpclassname = $hookmanager->resArray['classname']; + $object_instance = new $tmpclassname($this->db); } } } From 332fa77d902b87338c07904718dde58be55b3b07 Mon Sep 17 00:00:00 2001 From: Florian HENRY Date: Thu, 30 Sep 2021 13:49:02 +0200 Subject: [PATCH 21/51] fix: search code on tva dict --- htdocs/admin/dict.php | 1 + 1 file changed, 1 insertion(+) diff --git a/htdocs/admin/dict.php b/htdocs/admin/dict.php index 5542ad43b2a..5e5793cc361 100644 --- a/htdocs/admin/dict.php +++ b/htdocs/admin/dict.php @@ -1048,6 +1048,7 @@ if ($id) elseif ($search_code != '' && $id == 28) $sql .= natural_search("h.code", $search_code); elseif ($search_code != '' && $id == 32) $sql .= natural_search("a.code", $search_code); elseif ($search_code != '' && $id == 3) $sql .= natural_search("r.code_region", $search_code); + elseif ($search_code != '' && $id == 10) $sql .= natural_search("t.code", $search_code); elseif ($search_code != '' && $id != 9) $sql .= natural_search("code", $search_code); if ($sortfield) From 620d7109b5b243237e6a53181edcc31f63cde198 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Thu, 30 Sep 2021 14:04:56 +0200 Subject: [PATCH 22/51] Update dict.php --- htdocs/admin/dict.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/admin/dict.php b/htdocs/admin/dict.php index 5e5793cc361..32db04c455f 100644 --- a/htdocs/admin/dict.php +++ b/htdocs/admin/dict.php @@ -1048,7 +1048,7 @@ if ($id) elseif ($search_code != '' && $id == 28) $sql .= natural_search("h.code", $search_code); elseif ($search_code != '' && $id == 32) $sql .= natural_search("a.code", $search_code); elseif ($search_code != '' && $id == 3) $sql .= natural_search("r.code_region", $search_code); - elseif ($search_code != '' && $id == 10) $sql .= natural_search("t.code", $search_code); + elseif ($search_code != '' && $id == 10) $sql .= natural_search("t.code", $search_code); elseif ($search_code != '' && $id != 9) $sql .= natural_search("code", $search_code); if ($sortfield) From fc4a16b356a6e720f80ebca24cbc9a74af577e6f Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Thu, 30 Sep 2021 16:18:07 +0200 Subject: [PATCH 23/51] Fix avoid error when trigger run on downgraded version. --- .../triggers/interface_90_modSociete_ContactRoles.class.php | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/htdocs/core/triggers/interface_90_modSociete_ContactRoles.class.php b/htdocs/core/triggers/interface_90_modSociete_ContactRoles.class.php index e2759eb3926..15c84bc41a1 100644 --- a/htdocs/core/triggers/interface_90_modSociete_ContactRoles.class.php +++ b/htdocs/core/triggers/interface_90_modSociete_ContactRoles.class.php @@ -79,7 +79,11 @@ class InterfaceContactRoles extends DolibarrTriggers require_once DOL_DOCUMENT_ROOT.'/contact/class/contact.class.php'; $contactdefault = new Contact($this->db); $contactdefault->socid = $socid; - $TContact = $contactdefault->getContactRoles($object->element); + + $TContact = array(); + if (method_exists($contactdefault, 'getContactRoles')) { // For backward compatibility + $TContact = $contactdefault->getContactRoles($object->element); + } if (is_array($TContact) && !empty($TContact)) { $TContactAlreadyLinked = array(); From d3e90e8f76dd7ce01d93a513ec0e48ddb751c7ad Mon Sep 17 00:00:00 2001 From: Marc de Lima Lucio <68746600+marc-dll@users.noreply.github.com> Date: Thu, 30 Sep 2021 17:24:57 +0200 Subject: [PATCH 24/51] NEW: expense reports: conf to force amounts to be entered only including taxes --- htdocs/admin/expensereport.php | 10 +++++++++- htdocs/expensereport/card.php | 6 ++++-- htdocs/langs/en_US/admin.lang | 1 + 3 files changed, 14 insertions(+), 3 deletions(-) diff --git a/htdocs/admin/expensereport.php b/htdocs/admin/expensereport.php index f7c9a84c5d1..09b7f66473d 100644 --- a/htdocs/admin/expensereport.php +++ b/htdocs/admin/expensereport.php @@ -145,7 +145,10 @@ if ($action == 'updateMask') { $draft = GETPOST('EXPENSEREPORT_DRAFT_WATERMARK', 'alpha'); $res2 = dolibarr_set_const($db, "EXPENSEREPORT_DRAFT_WATERMARK", trim($draft), 'chaine', 0, '', $conf->entity); - if (!$res1 > 0 || !$res2 > 0) { + $amounts = GETPOST('EXPENSEREPORT_FORCE_LINE_AMOUNTS_INCLUDING_TAXES_ONLY', 'int'); + $res3 = dolibarr_set_const($db, 'EXPENSEREPORT_FORCE_LINE_AMOUNTS_INCLUDING_TAXES_ONLY', intval($amounts), 'chaine', 0, '', $conf->entity); + + if (!$res1 > 0 || !$res2 > 0 || !$res3 > 0) { $error++; } @@ -458,6 +461,11 @@ print $form->textwithpicto($langs->trans("WatermarkOnDraftExpenseReports"), $htm print ''; print ''."\n"; +print ''; +print $langs->trans('ForceExpenseReportsLineAmountsIncludingTaxesOnly'); +print ''; +print $form->selectyesno('EXPENSEREPORT_FORCE_LINE_AMOUNTS_INCLUDING_TAXES_ONLY', empty($conf->global->EXPENSEREPORT_FORCE_LINE_AMOUNTS_INCLUDING_TAXES_ONLY) ? 0 : 1, 1); +print ''; print ''; print $form->buttonsSaveCancel("Save", ''); diff --git a/htdocs/expensereport/card.php b/htdocs/expensereport/card.php index f982b046793..9bc2197055d 100644 --- a/htdocs/expensereport/card.php +++ b/htdocs/expensereport/card.php @@ -1565,6 +1565,8 @@ if ($action == 'create') { print ''; } else { + $taxlessUnitPriceDisabled = ! empty($conf->global->EXPENSEREPORT_FORCE_LINE_AMOUNTS_INCLUDING_TAXES_ONLY) ? ' disabled' : ''; + print dol_get_fiche_head($head, 'card', $langs->trans("ExpenseReport"), -1, 'trip'); // Clone confirmation @@ -2281,7 +2283,7 @@ if ($action == 'create') { // Unit price print ''; - print ''; + print ''; print ''; // Unit price with tax @@ -2460,7 +2462,7 @@ if ($action == 'create') { // Unit price net print ''; - print ''; + print ''; print ''; // Unit price with tax diff --git a/htdocs/langs/en_US/admin.lang b/htdocs/langs/en_US/admin.lang index 0e8e39e6600..d33aad11c64 100644 --- a/htdocs/langs/en_US/admin.lang +++ b/htdocs/langs/en_US/admin.lang @@ -517,6 +517,7 @@ Field=Field ProductDocumentTemplates=Document templates to generate product document FreeLegalTextOnExpenseReports=Free legal text on expense reports WatermarkOnDraftExpenseReports=Watermark on draft expense reports +ForceExpenseReportsLineAmountsIncludingTaxesOnly=Force expense report amounts to be input only including taxes AttachMainDocByDefault=Set this to 1 if you want to attach main document to email by default (if applicable) FilesAttachedToEmail=Attach file SendEmailsReminders=Send agenda reminders by emails From 166d3b08d6ec719428ab7566750915e90215995c Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Thu, 30 Sep 2021 20:00:48 +0200 Subject: [PATCH 25/51] Add LIBXML_NONET to simplexml_load_string --- htdocs/admin/dolistore/class/PSWebServiceLibrary.class.php | 2 +- htdocs/admin/system/dolibarr.php | 2 +- htdocs/admin/system/filecheck.php | 2 +- htdocs/admin/tools/update.php | 2 +- htdocs/api/class/api_setup.class.php | 2 +- htdocs/core/class/rssparser.class.php | 2 +- htdocs/core/tpl/login.tpl.php | 2 +- 7 files changed, 7 insertions(+), 7 deletions(-) diff --git a/htdocs/admin/dolistore/class/PSWebServiceLibrary.class.php b/htdocs/admin/dolistore/class/PSWebServiceLibrary.class.php index adaf82d6964..5a23133923e 100644 --- a/htdocs/admin/dolistore/class/PSWebServiceLibrary.class.php +++ b/htdocs/admin/dolistore/class/PSWebServiceLibrary.class.php @@ -232,7 +232,7 @@ class PrestaShopWebservice if ($response != '') { libxml_clear_errors(); libxml_use_internal_errors(true); - $xml = simplexml_load_string($response, 'SimpleXMLElement', LIBXML_NOCDATA); + $xml = simplexml_load_string($response, 'SimpleXMLElement', LIBXML_NOCDATA|LIBXML_NONET); if (libxml_get_errors()) { $msg = var_export(libxml_get_errors(), true); libxml_clear_errors(); diff --git a/htdocs/admin/system/dolibarr.php b/htdocs/admin/system/dolibarr.php index 90e35c8e970..75ca036b92f 100644 --- a/htdocs/admin/system/dolibarr.php +++ b/htdocs/admin/system/dolibarr.php @@ -51,7 +51,7 @@ if ($action == 'getlastversion') { $result = getURLContent('https://sourceforge.net/projects/dolibarr/rss'); //var_dump($result['content']); if (function_exists('simplexml_load_string')) { - $sfurl = simplexml_load_string($result['content']); + $sfurl = simplexml_load_string($result['content'], 'SimpleXMLElement', LIBXML_NOCDATA|LIBXML_NONET); } else { setEventMessages($langs->trans("ErrorPHPDoesNotSupport", "xml"), null, 'errors'); } diff --git a/htdocs/admin/system/filecheck.php b/htdocs/admin/system/filecheck.php index 272ac8d8f19..5ca87663c7a 100644 --- a/htdocs/admin/system/filecheck.php +++ b/htdocs/admin/system/filecheck.php @@ -171,7 +171,7 @@ if (GETPOST('target') == 'remote') { if (!$xmlarray['curl_error_no'] && $xmlarray['http_code'] != '400' && $xmlarray['http_code'] != '404') { $xmlfile = $xmlarray['content']; //print "xmlfilestart".$xmlfile."xmlfileend"; - $xml = simplexml_load_string($xmlfile); + $xml = simplexml_load_string($xmlfile, 'SimpleXMLElement', LIBXML_NOCDATA|LIBXML_NONET); } else { $errormsg = $langs->trans('XmlNotFound').': '.$xmlremote.' - '.$xmlarray['http_code'].(($xmlarray['http_code'] == 400 && $xmlarray['content']) ? ' '.$xmlarray['content'] : '').' '.$xmlarray['curl_error_no'].' '.$xmlarray['curl_error_msg']; setEventMessages($errormsg, null, 'errors'); diff --git a/htdocs/admin/tools/update.php b/htdocs/admin/tools/update.php index 821bcd9e3f3..8de6e32e8a0 100644 --- a/htdocs/admin/tools/update.php +++ b/htdocs/admin/tools/update.php @@ -61,7 +61,7 @@ $version = '0.0'; if ($action == 'getlastversion') { $result = getURLContent('https://sourceforge.net/projects/dolibarr/rss'); //var_dump($result['content']); - $sfurl = simplexml_load_string($result['content']); + $sfurl = simplexml_load_string($result['content'], 'SimpleXMLElement', LIBXML_NOCDATA|LIBXML_NONET); } diff --git a/htdocs/api/class/api_setup.class.php b/htdocs/api/class/api_setup.class.php index f5f301e9c16..9856acfacdc 100644 --- a/htdocs/api/class/api_setup.class.php +++ b/htdocs/api/class/api_setup.class.php @@ -1683,7 +1683,7 @@ class Setup extends DolibarrApi if (!$xmlarray['curl_error_no'] && $xmlarray['http_code'] != '400' && $xmlarray['http_code'] != '404') { $xmlfile = $xmlarray['content']; //print "xmlfilestart".$xmlfile."endxmlfile"; - $xml = simplexml_load_string($xmlfile); + $xml = simplexml_load_string($xmlfile, 'SimpleXMLElement', LIBXML_NOCDATA|LIBXML_NONET); } else { $errormsg = $langs->trans('XmlNotFound').': '.$xmlremote.' - '.$xmlarray['http_code'].(($xmlarray['http_code'] == 400 && $xmlarray['content']) ? ' '.$xmlarray['content'] : '').' '.$xmlarray['curl_error_no'].' '.$xmlarray['curl_error_msg']; throw new RestException(500, $errormsg); diff --git a/htdocs/core/class/rssparser.class.php b/htdocs/core/class/rssparser.class.php index 6a8a91dbb05..c3c434d1aed 100644 --- a/htdocs/core/class/rssparser.class.php +++ b/htdocs/core/class/rssparser.class.php @@ -240,7 +240,7 @@ class RssParser if (!empty($conf->global->EXTERNALRSS_USE_SIMPLEXML)) { //print 'xx'.LIBXML_NOCDATA; libxml_use_internal_errors(false); - $rss = simplexml_load_string($str, "SimpleXMLElement", LIBXML_NOCDATA); + $rss = simplexml_load_string($str, "SimpleXMLElement", LIBXML_NOCDATA|LIBXML_NOCDATA); } else { if (!function_exists('xml_parser_create')) { $this->error = 'Function xml_parser_create are not supported by your PHP'; diff --git a/htdocs/core/tpl/login.tpl.php b/htdocs/core/tpl/login.tpl.php index 7b20e7209f7..7f460587248 100644 --- a/htdocs/core/tpl/login.tpl.php +++ b/htdocs/core/tpl/login.tpl.php @@ -346,7 +346,7 @@ if (!empty($conf->global->MAIN_EASTER_EGG_COMMITSTRIP)) { $resgetcommitstrip = getURLContent("https://www.commitstrip.com/en/feed/"); } if ($resgetcommitstrip && $resgetcommitstrip['http_code'] == '200') { - $xml = simplexml_load_string($resgetcommitstrip['content']); + $xml = simplexml_load_string($resgetcommitstrip['content'], 'SimpleXMLElement', LIBXML_NOCDATA|LIBXML_NONET); $little = $xml->channel->item[0]->children('content', true); print preg_replace('/width="650" height="658"/', '', $little->encoded); } From 7f8d5adb6c6a88422c9b539ecbb6b9437d2d05b3 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Thu, 30 Sep 2021 20:32:52 +0200 Subject: [PATCH 26/51] css --- htdocs/product/composition/card.php | 52 ++++++++++++++++++++++++++--- 1 file changed, 47 insertions(+), 5 deletions(-) diff --git a/htdocs/product/composition/card.php b/htdocs/product/composition/card.php index 5f783d190e9..2cecfc84bc4 100644 --- a/htdocs/product/composition/card.php +++ b/htdocs/product/composition/card.php @@ -24,7 +24,7 @@ /** * \file htdocs/product/composition/card.php * \ingroup product - * \brief Page de la fiche produit + * \brief Page of product file */ require '../../main.inc.php'; @@ -335,19 +335,28 @@ if ($id > 0 || !empty($ref)) { print ''; print ''; - print ''; + print '
'; print ''; + // Rank print ''; + // Product ref print ''; + // Product label print ''; + // Min supplier price print ''; + // Min customer price print ''; + // Stock if (!empty($conf->stock->enabled)) { print ''; } + // Qty in kit print ''; + // Stoc inc/dev print ''; + // Move print ''; print ''."\n"; @@ -359,12 +368,16 @@ if ($id > 0 || !empty($ref)) { if ($value['level'] <= 1) { print ''; + // Rank print ''; $notdefined = 0; $nb_of_subproduct = $value['nb']; + // Product ref print ''; + + // Product label print ''; // Best buying price @@ -423,8 +436,9 @@ if ($id > 0 || !empty($ref)) { print ''; } - print ''; + // Move action + print ''; + print ''."\n"; } else { $hide = ''; @@ -436,12 +450,18 @@ if ($id > 0 || !empty($ref)) { //$productstatic->ref=$value['label']; $productstatic->ref = $value['ref']; + + // Rankd print ''; + + // Product ref print ''; + + // Product label print ''; // Best buying price @@ -451,19 +471,36 @@ if ($id > 0 || !empty($ref)) { print ''; print ''; + // Stock if (!empty($conf->stock->enabled)) { print ''; // Real stock } + + // Qty in kit print ''; + + // Inc/dec print ''; + + // Action move print ''; print ''."\n"; } } + + // Total + print ''; + + // Rank + print ''; + + // Product ref print ''; + + // Product label print ''; // Minimum buying price @@ -495,11 +532,16 @@ if ($id > 0 || !empty($ref)) { print ''; } - print ''; + + print ''; + + print ''; + print ''."\n"; } else { $colspan = 8; From 87cbc2b555590ce4c74b8032cdae16ffd64f24cd Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20FRANCE?= Date: Fri, 1 Oct 2021 08:24:40 +0200 Subject: [PATCH 27/51] Update 14.0.0-15.0.0.sql --- htdocs/install/mysql/migration/14.0.0-15.0.0.sql | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/install/mysql/migration/14.0.0-15.0.0.sql b/htdocs/install/mysql/migration/14.0.0-15.0.0.sql index 912eb7fe0eb..31f503cc098 100644 --- a/htdocs/install/mysql/migration/14.0.0-15.0.0.sql +++ b/htdocs/install/mysql/migration/14.0.0-15.0.0.sql @@ -128,7 +128,7 @@ ALTER TABLE llx_categorie_knowledgemanagement ADD INDEX idx_categorie_knowledgem ALTER TABLE llx_categorie_knowledgemanagement ADD INDEX idx_categorie_knowledgemanagement_fk_knowledgemanagement (fk_knowledgemanagement); ALTER TABLE llx_categorie_knowledgemanagement ADD CONSTRAINT fk_categorie_knowledgemanagement_categorie_rowid FOREIGN KEY (fk_categorie) REFERENCES llx_categorie (rowid); -ALTER TABLE llx_categorie_knowledgemanagement ADD CONSTRAINT fk_categorie_knowledgemanagement_knowledgemanagement_rowid FOREIGN KEY (fk_knowledgemanagement) REFERENCES llx_knowledgemanagement (rowid); +ALTER TABLE llx_categorie_knowledgemanagement ADD CONSTRAINT fk_categorie_knowledgemanagement_knowledgemanagement_rowid FOREIGN KEY (fk_knowledgemanagement) REFERENCES llx_knowledgemanagement_knowledgerecord (rowid); ALTER TABLE llx_product_lot ADD COLUMN barcode varchar(180) DEFAULT NULL; ALTER TABLE llx_product_lot ADD COLUMN fk_barcode_type integer DEFAULT NULL; From c244d7375c640dca724328beb0c6350d71d20255 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Fri, 1 Oct 2021 12:30:24 +0200 Subject: [PATCH 28/51] MAIN_SECURITY_CSRF_WITH_TOKEN now has 3 levels (1, 2, 3) --- htdocs/core/class/conf.class.php | 2 +- htdocs/main.inc.php | 6 +++--- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/htdocs/core/class/conf.class.php b/htdocs/core/class/conf.class.php index 8e43a70c3fe..e4abfc1a748 100644 --- a/htdocs/core/class/conf.class.php +++ b/htdocs/core/class/conf.class.php @@ -828,7 +828,7 @@ class Conf // Enable by default the CSRF protection by token. if (!isset($this->global->MAIN_SECURITY_CSRF_WITH_TOKEN)) { - $this->global->MAIN_SECURITY_CSRF_WITH_TOKEN = 1; // Value 2 uses also CSRF check for all GET requests + $this->global->MAIN_SECURITY_CSRF_WITH_TOKEN = 1; // Value 2 uses also CSRF check for sensitive GET requests and 3 uses CSRF check for all POST and GET requests. // Note: Set MAIN_SECURITY_CSRF_TOKEN_RENEWAL_ON_EACH_CALL=1 to have a renewal of token at each page call instead of each session (not recommended) } diff --git a/htdocs/main.inc.php b/htdocs/main.inc.php index 6f6d74c0cda..d3f30ae47f7 100644 --- a/htdocs/main.inc.php +++ b/htdocs/main.inc.php @@ -465,11 +465,11 @@ if (!defined('NOTOKENRENEWAL') && !defined('NOSESSION')) { if ((!defined('NOCSRFCHECK') && empty($dolibarr_nocsrfcheck) && getDolGlobalInt('MAIN_SECURITY_CSRF_WITH_TOKEN')) || defined('CSRFCHECK_WITH_TOKEN')) { // Array of action code where CSRFCHECK with token will be forced (so token must be provided on url request) $sensitiveget = false; - if ((GETPOSTISSET('massaction') || GETPOST('action', 'aZ09')) && getDolGlobalInt('MAIN_SECURITY_CSRF_WITH_TOKEN') == 2) { + if ((GETPOSTISSET('massaction') || GETPOST('action', 'aZ09')) && getDolGlobalInt('MAIN_SECURITY_CSRF_WITH_TOKEN') == 3) { // All GET actions and mass actions are processed as sensitive. $sensitiveget = true; - } else { - // Only GET actions coded with a &token into url are processed as sensitive. + } elseif (getDolGlobalInt('MAIN_SECURITY_CSRF_WITH_TOKEN') == 2) { + // Few GET actions coded with a &token into url are processed as sensitive. $arrayofactiontoforcetokencheck = array( 'activate', 'add', 'addrights', 'addtimespent', 'doprev', 'donext', 'dvprev', 'dvnext', From c664b78800adf997805b250cfc1776cf6a46f020 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Fri, 1 Oct 2021 12:37:32 +0200 Subject: [PATCH 29/51] MAIN_SECURITY_CSRF_WITH_TOKEN now has 3 levels (1, 2, 3) --- htdocs/core/class/conf.class.php | 5 ++++- htdocs/main.inc.php | 4 ++-- 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/htdocs/core/class/conf.class.php b/htdocs/core/class/conf.class.php index e4abfc1a748..5ec3a4cfbc0 100644 --- a/htdocs/core/class/conf.class.php +++ b/htdocs/core/class/conf.class.php @@ -828,7 +828,10 @@ class Conf // Enable by default the CSRF protection by token. if (!isset($this->global->MAIN_SECURITY_CSRF_WITH_TOKEN)) { - $this->global->MAIN_SECURITY_CSRF_WITH_TOKEN = 1; // Value 2 uses also CSRF check for sensitive GET requests and 3 uses CSRF check for all POST and GET requests. + // Value 1 makes CSRF check for all POST parameters only + // Value 2 makes also CSRF check for GET requests with action = a sensitive requests like action=del, action=remove... + // Value 3 makes also CSRF check for all GET requests with a param action or massaction + $this->global->MAIN_SECURITY_CSRF_WITH_TOKEN = 1; // Note: Set MAIN_SECURITY_CSRF_TOKEN_RENEWAL_ON_EACH_CALL=1 to have a renewal of token at each page call instead of each session (not recommended) } diff --git a/htdocs/main.inc.php b/htdocs/main.inc.php index d3f30ae47f7..a52bb7dcf2b 100644 --- a/htdocs/main.inc.php +++ b/htdocs/main.inc.php @@ -465,10 +465,10 @@ if (!defined('NOTOKENRENEWAL') && !defined('NOSESSION')) { if ((!defined('NOCSRFCHECK') && empty($dolibarr_nocsrfcheck) && getDolGlobalInt('MAIN_SECURITY_CSRF_WITH_TOKEN')) || defined('CSRFCHECK_WITH_TOKEN')) { // Array of action code where CSRFCHECK with token will be forced (so token must be provided on url request) $sensitiveget = false; - if ((GETPOSTISSET('massaction') || GETPOST('action', 'aZ09')) && getDolGlobalInt('MAIN_SECURITY_CSRF_WITH_TOKEN') == 3) { + if ((GETPOSTISSET('massaction') || GETPOST('action', 'aZ09')) && getDolGlobalInt('MAIN_SECURITY_CSRF_WITH_TOKEN') >= 3) { // All GET actions and mass actions are processed as sensitive. $sensitiveget = true; - } elseif (getDolGlobalInt('MAIN_SECURITY_CSRF_WITH_TOKEN') == 2) { + } elseif (getDolGlobalInt('MAIN_SECURITY_CSRF_WITH_TOKEN') >= 2) { // Few GET actions coded with a &token into url are processed as sensitive. $arrayofactiontoforcetokencheck = array( 'activate', 'add', 'addrights', 'addtimespent', From eada0f468f3338eeded6e3c2f3ff0cf5a0c13880 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Fri, 1 Oct 2021 12:39:15 +0200 Subject: [PATCH 30/51] Set MAIN_SECURITY_CSRF_WITH_TOKEN recommended value to 1 --- htdocs/admin/system/security.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/admin/system/security.php b/htdocs/admin/system/security.php index 818f096c99e..0bf568082b2 100644 --- a/htdocs/admin/system/security.php +++ b/htdocs/admin/system/security.php @@ -442,7 +442,7 @@ print '
'; print 'MAIN_RESTRICTHTML_REMOVE_ALSO_BAD_ATTRIBUTES = '.(empty($conf->global->MAIN_RESTRICTHTML_REMOVE_ALSO_BAD_ATTRIBUTES) ? ''.$langs->trans("Undefined").'   ('.$langs->trans("Recommended").': 1)' : $conf->global->MAIN_RESTRICTHTML_REMOVE_ALSO_BAD_ATTRIBUTES)."
"; print '
'; -print 'MAIN_SECURITY_CSRF_WITH_TOKEN = '.(empty($conf->global->MAIN_SECURITY_CSRF_WITH_TOKEN) ? ''.$langs->trans("Undefined").'   ('.$langs->trans("Recommended").': 1)' : $conf->global->MAIN_SECURITY_CSRF_WITH_TOKEN)."
"; +print 'MAIN_SECURITY_CSRF_WITH_TOKEN = '.(empty($conf->global->MAIN_SECURITY_CSRF_WITH_TOKEN) ? ''.$langs->trans("Undefined").'   ('.$langs->trans("Recommended").': 2)' : $conf->global->MAIN_SECURITY_CSRF_WITH_TOKEN)."
"; print '
'; print 'MAIN_SECURITY_CSRF_TOKEN_RENEWAL_ON_EACH_CALL = '.(empty($conf->global->MAIN_SECURITY_CSRF_TOKEN_RENEWAL_ON_EACH_CALL) ? ''.$langs->trans("Undefined").'   ('.$langs->trans("Recommended").': '.$langs->trans("Undefined").' '.$langs->trans("or").' 0)' : $conf->global->MAIN_SECURITY_CSRF_TOKEN_RENEWAL_ON_EACH_CALL)."
"; From d68719226b7aac5cdb43c173427f2d8635b44ad4 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Fri, 1 Oct 2021 14:10:50 +0200 Subject: [PATCH 31/51] Fix can install module with name module_abc-x.y.z (w).zip --- htdocs/admin/modules.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/admin/modules.php b/htdocs/admin/modules.php index 53cbc1aad69..00142deb9e8 100644 --- a/htdocs/admin/modules.php +++ b/htdocs/admin/modules.php @@ -133,7 +133,7 @@ if ($action == 'install') { // $original_file should match format module_modulename-x.y[.z].zip $original_file = basename($_FILES["fileinstall"]["name"]); - $original_file = preg_replace('/\(\d+\)\.zip$/i', '.zip', $original_file); + $original_file = preg_replace('/\s*\(\d+\)\.zip$/i', '.zip', $original_file); $newfile = $conf->admin->dir_temp.'/'.$original_file.'/'.$original_file; if (!$original_file) { From 2671eeb4e58bfe4ddf21a9040429eee70386ed07 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Fri, 1 Oct 2021 18:54:14 +0200 Subject: [PATCH 32/51] Responsive --- htdocs/compta/facture/list.php | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/htdocs/compta/facture/list.php b/htdocs/compta/facture/list.php index b2074224412..852589dbd1a 100644 --- a/htdocs/compta/facture/list.php +++ b/htdocs/compta/facture/list.php @@ -1846,8 +1846,8 @@ if ($resql) { } // Alias if (!empty($arrayfields['s.name_alias']['checked'])) { - print ''; if (!$i) { $totalarray['nbfield']++; @@ -1855,8 +1855,8 @@ if ($resql) { } // Town if (!empty($arrayfields['s.town']['checked'])) { - print ''; if (!$i) { $totalarray['nbfield']++; @@ -1865,7 +1865,7 @@ if ($resql) { // Zip if (!empty($arrayfields['s.zip']['checked'])) { print ''; if (!$i) { $totalarray['nbfield']++; @@ -1873,7 +1873,7 @@ if ($resql) { } // State if (!empty($arrayfields['state.nom']['checked'])) { - print "\n"; + print "\n"; if (!$i) { $totalarray['nbfield']++; } @@ -1936,7 +1936,7 @@ if ($resql) { // Module Source if (!empty($arrayfields['f.module_source']['checked'])) { print ''; if (!$i) { $totalarray['nbfield']++; @@ -1946,7 +1946,7 @@ if ($resql) { // POS Terminal if (!empty($arrayfields['f.pos_source']['checked'])) { print ''; if (!$i) { $totalarray['nbfield']++; From d064ab2b17f2317077856f6db64285c8cf187e3f Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Sat, 2 Oct 2021 12:58:15 +0200 Subject: [PATCH 33/51] Add more action to GET action to check --- htdocs/adherents/subscription.php | 2 +- htdocs/admin/menus/edit.php | 2 +- htdocs/admin/paymentbybanktransfer.php | 2 +- htdocs/admin/perms.php | 2 +- htdocs/admin/prelevement.php | 2 +- htdocs/categories/photos.php | 2 +- htdocs/comm/mailing/cibles.php | 2 +- htdocs/compta/bank/bankentries_list.php | 4 +- htdocs/core/class/commonobject.class.php | 2 +- .../fourn/class/fournisseur.product.class.php | 2 +- htdocs/imports/import.php | 2 +- htdocs/main.inc.php | 4 +- htdocs/mrp/mo_production.php | 4 +- htdocs/product/fournisseurs.php | 39 ++++++++++--------- htdocs/product/price.php | 2 +- htdocs/public/members/new.php | 2 +- htdocs/public/project/new.php | 2 +- htdocs/societe/price.php | 2 +- htdocs/takepos/floors.php | 4 +- htdocs/takepos/index.php | 2 +- htdocs/takepos/invoice.php | 4 +- htdocs/takepos/phone.php | 4 +- htdocs/user/group/perms.php | 10 ++--- htdocs/user/perms.php | 4 +- htdocs/variants/combinations.php | 4 +- 25 files changed, 56 insertions(+), 55 deletions(-) diff --git a/htdocs/adherents/subscription.php b/htdocs/adherents/subscription.php index 26a45271801..c51fa86cec6 100644 --- a/htdocs/adherents/subscription.php +++ b/htdocs/adherents/subscription.php @@ -670,7 +670,7 @@ if ($rowid > 0) { print '
'; if ($object->statut > 0) { - print '
'.$langs->trans("AddSubscription")."
"; + print '
'.$langs->trans("AddSubscription")."
"; } else { print '
'.$langs->trans("AddSubscription").'
'; } diff --git a/htdocs/admin/menus/edit.php b/htdocs/admin/menus/edit.php index aaadde965a2..65906b83f3c 100644 --- a/htdocs/admin/menus/edit.php +++ b/htdocs/admin/menus/edit.php @@ -281,7 +281,7 @@ if ($action == 'create') { print load_fiche_titre($langs->trans("NewMenu"), '', 'title_setup'); - print '
'; + print ''; print ''; print dol_get_fiche_head(); diff --git a/htdocs/admin/paymentbybanktransfer.php b/htdocs/admin/paymentbybanktransfer.php index ba7690bb6e3..50a266a2efe 100644 --- a/htdocs/admin/paymentbybanktransfer.php +++ b/htdocs/admin/paymentbybanktransfer.php @@ -429,7 +429,7 @@ if (! empty($conf->global->MAIN_MODULE_NOTIFICATION)) } - print ''; + print ''; print ''; print '
'.$langs->trans('Rank').''.$langs->trans('ComposedProduct').''.$langs->trans('Label').''.$langs->trans('MinSupplierPrice').''.$langs->trans('MinCustomerPrice').''.$langs->trans('Stock').''.$langs->trans('Qty').''.$langs->trans('ComposedProductIncDecStock').'
'.$object->sousprods[$parent_label][$value['id']][7].''.$productstatic->getNomUrl(1, 'composition').''.$productstatic->label.''.($value['incdec'] == 1 ? 'x' : '').''; - print '
'; for ($i = 0; $i < $value['level']; $i++) { print '     '; // Add indentation } print $productstatic->getNomUrl(1, 'composition').''.$productstatic->label.'  '.$value['nb'].'  
 '; + print ''; if ($user->rights->produit->creer || $user->rights->service->creer) { print ''; } print '
'; - print $obj->name_alias; + print ''; + print dol_escape_htmltag($obj->name_alias); print ''; - print $obj->town; + print ''; + print dol_escape_htmltag($obj->town); print ''; - print $obj->zip; + print dol_escape_htmltag($obj->zip); print '".$obj->state_name."".dol_escape_htmltag($obj->state_name)."'; - print $obj->module_source; + print dol_escape_htmltag($obj->module_source); print ''; - print $obj->pos_source; + print dol_escape_htmltag($obj->pos_source); print '
'; print ''; diff --git a/htdocs/admin/perms.php b/htdocs/admin/perms.php index 8f4c0c6f763..d2f0d79e4f3 100644 --- a/htdocs/admin/perms.php +++ b/htdocs/admin/perms.php @@ -236,7 +236,7 @@ if ($result) { print ''; } else { print '
'; - print ''; + print ''; //print img_edit_add(); print img_picto('', 'switch_off'); print ''; diff --git a/htdocs/admin/prelevement.php b/htdocs/admin/prelevement.php index 90a75626e7c..e09dd13b045 100644 --- a/htdocs/admin/prelevement.php +++ b/htdocs/admin/prelevement.php @@ -443,7 +443,7 @@ if (! empty($conf->global->MAIN_MODULE_NOTIFICATION)) } - print ''; + print ''; print ''; print ''; print ''; diff --git a/htdocs/categories/photos.php b/htdocs/categories/photos.php index 06c3caae43c..5c014b6206f 100644 --- a/htdocs/categories/photos.php +++ b/htdocs/categories/photos.php @@ -231,7 +231,7 @@ if ($object->id) { // On propose la generation de la vignette si elle n'existe pas et si la taille est superieure aux limites if (!$obj['photo_vignette'] && preg_match('/(\.bmp|\.gif|\.jpg|\.jpeg|\.png)$/i', $obj['photo']) && ($object->imgWidth > $maxWidth || $object->imgHeight > $maxHeight)) { - print ''.img_picto($langs->trans('GenerateThumb'), 'refresh').'  '; + print ''.img_picto($langs->trans('GenerateThumb'), 'refresh').'  '; } if ($user->rights->categorie->creer) { print ''; diff --git a/htdocs/comm/mailing/cibles.php b/htdocs/comm/mailing/cibles.php index 3283957f8a2..e3d151c6bbb 100644 --- a/htdocs/comm/mailing/cibles.php +++ b/htdocs/comm/mailing/cibles.php @@ -378,7 +378,7 @@ if ($object->fetch($id) >= 0) { $var = !$var; if ($allowaddtarget) { - print ''; + print ''; print ''; } else { print '
'; diff --git a/htdocs/compta/bank/bankentries_list.php b/htdocs/compta/bank/bankentries_list.php index f6a03c1d11d..eabe47e54ca 100644 --- a/htdocs/compta/bank/bankentries_list.php +++ b/htdocs/compta/bank/bankentries_list.php @@ -932,10 +932,10 @@ if ($resql) { $newcardbutton = dolGetButtonTitle($langs->trans('AddBankRecord'), '', 'fa fa-plus-circle', DOL_URL_ROOT.'/compta/bank/various_payment/card.php?action=create&accountid='.urlencode($search_account).'&backtopage='.urlencode($_SERVER['PHP_SELF'].'?id='.urlencode($search_account)), '', $user->rights->banque->modifier); } else // If direct entries is not done using miscellaneous payments { - $newcardbutton = dolGetButtonTitle($langs->trans('AddBankRecord'), '', 'fa fa-plus-circle', $_SERVER["PHP_SELF"].'?action=addline&page='.$page.$param, '', $user->rights->banque->modifier); + $newcardbutton = dolGetButtonTitle($langs->trans('AddBankRecord'), '', 'fa fa-plus-circle', $_SERVER["PHP_SELF"].'?action=addline&token='.newToken().'&page='.$page.$param, '', $user->rights->banque->modifier); } } else { - $newcardbutton = dolGetButtonTitle($langs->trans('AddBankRecord'), '', 'fa fa-plus-circle', $_SERVER["PHP_SELF"].'?action=addline&page='.$page.$param, '', -1); + $newcardbutton = dolGetButtonTitle($langs->trans('AddBankRecord'), '', 'fa fa-plus-circle', $_SERVER["PHP_SELF"].'?action=addline&token='.newToken().'&page='.$page.$param, '', -1); } } diff --git a/htdocs/core/class/commonobject.class.php b/htdocs/core/class/commonobject.class.php index b1110212293..6020e0b2723 100644 --- a/htdocs/core/class/commonobject.class.php +++ b/htdocs/core/class/commonobject.class.php @@ -8220,7 +8220,7 @@ abstract class CommonObject $return .= '
'; // On propose la generation de la vignette si elle n'existe pas et si la taille est superieure aux limites if ($photo_vignette && (image_format_supported($photo) > 0) && ($this->imgWidth > $maxWidth || $this->imgHeight > $maxHeight)) { - $return .= ''.img_picto($langs->trans('GenerateThumb'), 'refresh').'  '; + $return .= ''.img_picto($langs->trans('GenerateThumb'), 'refresh').'  '; } // Special cas for product if ($modulepart == 'product' && ($user->rights->produit->creer || $user->rights->service->creer)) { diff --git a/htdocs/fourn/class/fournisseur.product.class.php b/htdocs/fourn/class/fournisseur.product.class.php index b08d9237c63..854f043670f 100644 --- a/htdocs/fourn/class/fournisseur.product.class.php +++ b/htdocs/fourn/class/fournisseur.product.class.php @@ -1183,7 +1183,7 @@ class ProductFournisseur extends Product $label .= $this->displayPriceProductFournisseurLog($logPrices); } - $url = dol_buildpath('/product/fournisseurs.php', 1).'?id='.$this->id.'&action=add_price&socid='.$this->fourn_id.'&rowid='.$this->product_fourn_price_id; + $url = dol_buildpath('/product/fournisseurs.php', 1).'?id='.$this->id.'&action=add_price&token='.newToken().'&socid='.$this->fourn_id.'&rowid='.$this->product_fourn_price_id; if ($option != 'nolink') { // Add param to save lastsearch_values or not diff --git a/htdocs/imports/import.php b/htdocs/imports/import.php index 5139e12ab7a..2ab7e3976aa 100644 --- a/htdocs/imports/import.php +++ b/htdocs/imports/import.php @@ -1205,7 +1205,7 @@ if ($step == 4 && $datatoimport) { // async: false // });'."\n"; // Now reload page - print 'var newlocation= \''.$_SERVER["PHP_SELF"].'?step=4'.$param.'&action=saveorder&boxorder=\' + boxorder;'."\n"; + print 'var newlocation= \''.$_SERVER["PHP_SELF"].'?step=4'.$param.'&action=saveorder&token='.newToken().'&boxorder=\' + boxorder;'."\n"; //print 'alert(newlocation);'; print 'window.location.href=newlocation;'."\n"; print '}'."\n"; diff --git a/htdocs/main.inc.php b/htdocs/main.inc.php index a52bb7dcf2b..834cffc4f28 100644 --- a/htdocs/main.inc.php +++ b/htdocs/main.inc.php @@ -471,7 +471,7 @@ if ((!defined('NOCSRFCHECK') && empty($dolibarr_nocsrfcheck) && getDolGlobalInt( } elseif (getDolGlobalInt('MAIN_SECURITY_CSRF_WITH_TOKEN') >= 2) { // Few GET actions coded with a &token into url are processed as sensitive. $arrayofactiontoforcetokencheck = array( - 'activate', 'add', 'addrights', 'addtimespent', + 'activate', 'doprev', 'donext', 'dvprev', 'dvnext', 'install', 'reopen' @@ -479,7 +479,7 @@ if ((!defined('NOCSRFCHECK') && empty($dolibarr_nocsrfcheck) && getDolGlobalInt( if (in_array(GETPOST('action', 'aZ09'), $arrayofactiontoforcetokencheck)) { $sensitiveget = true; } - if (preg_match('/^(classify|close|confirm|del|disable|enable|remove|set|unset|update)/', GETPOST('action', 'aZ09'))) { + if (preg_match('/^(add|classify|close|confirm|copy|del|disable|enable|remove|set|unset|update|save|)/', GETPOST('action', 'aZ09'))) { $sensitiveget = true; } } diff --git a/htdocs/mrp/mo_production.php b/htdocs/mrp/mo_production.php index 84dab109b91..784b91f6f4c 100644 --- a/htdocs/mrp/mo_production.php +++ b/htdocs/mrp/mo_production.php @@ -704,7 +704,7 @@ if ($object->id > 0 && (empty($action) || ($action != 'edit' && $action != 'crea $newlinetext = ''; if ($object->status != $object::STATUS_PRODUCED && $object->status != $object::STATUS_CANCELED && $action != 'consumeorproduce' && $action != 'consumeandproduceall') { - $newlinetext = ''.$langs->trans("AddNewConsumeLines").''; + $newlinetext = ''.$langs->trans("AddNewConsumeLines").''; } print load_fiche_titre($langs->trans('Consumption'), '', '', 0, '', '', $newlinetext); @@ -996,7 +996,7 @@ if ($object->id > 0 && (empty($action) || ($action != 'edit' && $action != 'crea $newlinetext = ''; if ($object->status != $object::STATUS_PRODUCED && $object->status != $object::STATUS_CANCELED && $action != 'consumeorproduce' && $action != 'consumeandproduceall') { if ($nblinetoproduce == 0 || $object->mrptype == 1) { - $newlinetext = ''.$langs->trans("AddNewProduceLines").''; + $newlinetext = ''.$langs->trans("AddNewProduceLines").''; } } print load_fiche_titre($langs->trans('Production'), '', '', 0, '', '', $newlinetext); diff --git a/htdocs/product/fournisseurs.php b/htdocs/product/fournisseurs.php index 285331a091a..a3ae38184e9 100644 --- a/htdocs/product/fournisseurs.php +++ b/htdocs/product/fournisseurs.php @@ -767,11 +767,6 @@ END; // Barcode if (!empty($conf->barcode->enabled)) { - // Option to define a transport cost on supplier price - print '
'; - print ''; - print ''; - print ''; $formbarcode = new FormBarCode($db); // Barcode type @@ -781,6 +776,12 @@ END; print $formbarcode->selectBarcodeType(($rowid ? $object->supplier_fk_barcode_type : $conf->global->PRODUIT_DEFAULT_BARCODE_TYPE), 'fk_barcode_type', 1); print ''; print ''; + + // Barcode value + print ''; + print ''; + print ''; + print ''; } // Option to define a transport cost on supplier price @@ -788,7 +789,7 @@ END; if (!empty($conf->margin->enabled)) { print ''; print ''; - print ''; print ''; } @@ -893,7 +894,7 @@ END; $reshook = $hookmanager->executeHooks('addMoreActionsButtons', $parameters, $object, $action); // Note that $action and $object may have been modified by hook if (empty($reshook)) { if ($usercancreate) { - print ''; + print ''; print $langs->trans("AddSupplierPrice").''; } } @@ -933,8 +934,8 @@ END; 'pfp.multicurrency_unitprice'=>array('label'=>$langs->trans("UnitPriceHTCurrency"), 'enabled' => $conf->multicurrency->enabled, 'checked'=>0, 'position'=>10), 'pfp.delivery_time_days'=>array('label'=>$langs->trans("NbDaysToDelivery"), 'checked'=>1, 'position'=>13), 'pfp.supplier_reputation'=>array('label'=>$langs->trans("ReputationForThisProduct"), 'checked'=>1, 'position'=>14), - 'pfp.barcode'=>array('label'=>$langs->trans("BarcodeValue"), 'enabled' => $conf->barcode->enabled, 'checked'=>0, 'position'=>15), - 'pfp.fk_barcode_type'=>array('label'=>$langs->trans("BarcodeType"), 'enabled' => $conf->barcode->enabled, 'checked'=>0, 'position'=>16), + 'pfp.fk_barcode_type'=>array('label'=>$langs->trans("BarcodeType"), 'enabled' => $conf->barcode->enabled, 'checked'=>0, 'position'=>15), + 'pfp.barcode'=>array('label'=>$langs->trans("BarcodeValue"), 'enabled' => $conf->barcode->enabled, 'checked'=>0, 'position'=>16), 'pfp.packaging'=>array('label'=>$langs->trans("PackagingForThisProduct"), 'enabled' => !empty($conf->global->PRODUCT_USE_SUPPLIER_PACKAGING), 'checked'=>0, 'position'=>17), 'pfp.tms'=>array('label'=>$langs->trans("DateModification"), 'enabled' => $conf->barcode->enabled, 'checked'=>1, 'position'=>18), ); @@ -1007,12 +1008,12 @@ END; if (!empty($arrayfields['pfp.supplier_reputation']['checked'])) { print_liste_field_titre("ReputationForThisProduct", $_SERVER["PHP_SELF"], "pfp.supplier_reputation", "", $param, '', $sortfield, $sortorder, 'center '); } - if (!empty($arrayfields['pfp.barcode']['checked'])) { - print_liste_field_titre("BarcodeValue", $_SERVER["PHP_SELF"], "pfp.barcode", "", $param, '', $sortfield, $sortorder, 'center '); - } if (!empty($arrayfields['pfp.fk_barcode_type']['checked'])) { print_liste_field_titre("BarcodeType", $_SERVER["PHP_SELF"], "pfp.fk_barcode_type", "", $param, '', $sortfield, $sortorder, 'center '); } + if (!empty($arrayfields['pfp.barcode']['checked'])) { + print_liste_field_titre("BarcodeValue", $_SERVER["PHP_SELF"], "pfp.barcode", "", $param, '', $sortfield, $sortorder, 'center '); + } if (!empty($arrayfields['pfp.packaging']['checked'])) { print_liste_field_titre("PackagingForThisProduct", $_SERVER["PHP_SELF"], "pfp.packaging", "", $param, 'align="center"', $sortfield, $sortorder); } @@ -1152,13 +1153,6 @@ END; print''; } - // Barcode - if (!empty($arrayfields['pfp.barcode']['checked'])) { - print ''; - } - // Barcode type if (!empty($arrayfields['pfp.fk_barcode_type']['checked'])) { print ''; } + // Barcode + if (!empty($arrayfields['pfp.barcode']['checked'])) { + print ''; + } + // Packaging if (!empty($arrayfields['pfp.packaging']['checked'])) { print ''; if ($caneditperms) { print ''; } print ''; @@ -302,9 +302,9 @@ if ($object->id > 0) { print ''; if ($caneditperms) { print ''; } else { print ''; @@ -353,7 +353,7 @@ if ($object->id > 0) { } else { // Do not own permission if ($caneditperms) { - print ''; diff --git a/htdocs/user/perms.php b/htdocs/user/perms.php index 7c7fe868b2f..d3ba33a5acf 100644 --- a/htdocs/user/perms.php +++ b/htdocs/user/perms.php @@ -420,7 +420,7 @@ if ($result) { } else { // Do not own permission if ($caneditperms) { - print ''; @@ -430,7 +430,7 @@ if ($result) { } else { // Do not own permission if ($caneditperms) { - print ''; diff --git a/htdocs/variants/combinations.php b/htdocs/variants/combinations.php index a3ad036ca9a..d70419060f5 100644 --- a/htdocs/variants/combinations.php +++ b/htdocs/variants/combinations.php @@ -587,7 +587,7 @@ if (!empty($id) || !empty($ref)) { $htmltext = $langs->trans("GoOnMenuToCreateVairants", $langs->transnoentities("Product"), $langs->transnoentities("VariantAttributes")); print $form->textwithpicto('', $htmltext); - /*print '     id).'">'; + /*print '     id).'">'; print $langs->trans("Create"); print '';*/ @@ -605,7 +605,7 @@ if (!empty($id) || !empty($ref)) { $htmltext = $langs->trans("GoOnMenuToCreateVairants", $langs->transnoentities("Product"), $langs->transnoentities("VariantAttributes")); print $form->textwithpicto('', $htmltext); /* - print '     id).'">'; + print '     id).'">'; print $langs->trans("Create"); print ''; */ From 3102d0725c82c6eb4f40fa60c2f09a6268b372a9 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Sat, 2 Oct 2021 13:04:57 +0200 Subject: [PATCH 34/51] Fix test on action param --- htdocs/main.inc.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/main.inc.php b/htdocs/main.inc.php index 834cffc4f28..a26954bbed5 100644 --- a/htdocs/main.inc.php +++ b/htdocs/main.inc.php @@ -479,7 +479,7 @@ if ((!defined('NOCSRFCHECK') && empty($dolibarr_nocsrfcheck) && getDolGlobalInt( if (in_array(GETPOST('action', 'aZ09'), $arrayofactiontoforcetokencheck)) { $sensitiveget = true; } - if (preg_match('/^(add|classify|close|confirm|copy|del|disable|enable|remove|set|unset|update|save|)/', GETPOST('action', 'aZ09'))) { + if (preg_match('/^(add|classify|close|confirm|copy|del|disable|enable|remove|set|unset|update|save)/', GETPOST('action', 'aZ09'))) { $sensitiveget = true; } } From 254fbb862b45b04af2c5d54f2ce54a2cf75b8422 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20FRANCE?= Date: Sat, 2 Oct 2021 13:27:25 +0200 Subject: [PATCH 35/51] doxygen --- htdocs/admin/eventorganization_confbooth_extrafields.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/admin/eventorganization_confbooth_extrafields.php b/htdocs/admin/eventorganization_confbooth_extrafields.php index 6e19bde8268..991ed3f824a 100644 --- a/htdocs/admin/eventorganization_confbooth_extrafields.php +++ b/htdocs/admin/eventorganization_confbooth_extrafields.php @@ -16,7 +16,7 @@ */ /** - * \file htdocs/admin/eventorganization_extrafields.php + * \file htdocs/admin/eventorganization_confbooth_extrafields.php * \ingroup bom * \brief Page to setup extra fields of EventOrganization */ From c5871ac765bc345a1089f30cdbddc571279bc50f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20FRANCE?= Date: Sat, 2 Oct 2021 13:29:33 +0200 Subject: [PATCH 36/51] doxygen /home/dolibarr/htdocs/admin/eventorganization_confboothattendee_extrafields.php:23: warning: the name 'admin/conferenceorboothattendee_extrafields.php' supplied as the argument in the \file statement is not an input file --- .../admin/eventorganization_confboothattendee_extrafields.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/admin/eventorganization_confboothattendee_extrafields.php b/htdocs/admin/eventorganization_confboothattendee_extrafields.php index 6b201e6b923..0b50c483d69 100644 --- a/htdocs/admin/eventorganization_confboothattendee_extrafields.php +++ b/htdocs/admin/eventorganization_confboothattendee_extrafields.php @@ -21,7 +21,7 @@ */ /** - * \file admin/conferenceorboothattendee_extrafields.php + * \file htdocs/admin/eventorganization_confboothattendee_extrafields.php * \ingroup eventorganization * \brief Page to setup extra fields of conferenceorboothattendee */ From 5d181810daa91e61ef5d8afcd382b766d1f49c10 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20FRANCE?= Date: Sat, 2 Oct 2021 13:31:54 +0200 Subject: [PATCH 37/51] doxygen --- htdocs/admin/knowledgemanagement.php | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/htdocs/admin/knowledgemanagement.php b/htdocs/admin/knowledgemanagement.php index 10f308b2b2c..8d93c16741a 100644 --- a/htdocs/admin/knowledgemanagement.php +++ b/htdocs/admin/knowledgemanagement.php @@ -17,7 +17,7 @@ */ /** - * \file knowledgemanagement/admin/setup.php + * \file htdocs/admin/knowledgemanagement.php * \ingroup knowledgemanagement * \brief KnowledgeManagement setup page. */ @@ -65,9 +65,7 @@ if (!$user->admin) { * Actions */ -if ((float) DOL_VERSION >= 6) { - include DOL_DOCUMENT_ROOT.'/core/actions_setmoduleoptions.inc.php'; -} +include DOL_DOCUMENT_ROOT.'/core/actions_setmoduleoptions.inc.php'; if ($action == 'updateMask') { $maskconstorder = GETPOST('maskconstorder', 'alpha'); From 10aa6106d2383ed9db80a7f6c8ee5c21009ce3c0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20FRANCE?= Date: Sat, 2 Oct 2021 13:34:08 +0200 Subject: [PATCH 38/51] doxygen --- htdocs/admin/paymentbybanktransfer.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/admin/paymentbybanktransfer.php b/htdocs/admin/paymentbybanktransfer.php index 50a266a2efe..997c71bb335 100644 --- a/htdocs/admin/paymentbybanktransfer.php +++ b/htdocs/admin/paymentbybanktransfer.php @@ -20,7 +20,7 @@ */ /** - * \file htdocs/admin/credtitransfer.php + * \file htdocs/admin/paymentbybanktransfer.php * \ingroup paymentbybanktransfer * \brief Page to setup payments by credit transfer */ From 5c4b55fe7fbf2ad5b57499f997b7bc6b5a85ba00 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20FRANCE?= Date: Sat, 2 Oct 2021 13:35:17 +0200 Subject: [PATCH 39/51] doxygen https://doxygen.dolibarr.org/develop/doxygen-warnings.log --- htdocs/compta/facture/index.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/compta/facture/index.php b/htdocs/compta/facture/index.php index d3d3a33acb5..790b9d334c3 100644 --- a/htdocs/compta/facture/index.php +++ b/htdocs/compta/facture/index.php @@ -16,7 +16,7 @@ */ /** - * \file htdocs/compat/facture/index.php + * \file htdocs/compta/facture/index.php * \ingroup facture * \brief Home page of customer invoices area */ From 7bf07395c686a3dab8eba28bb886cc2b26700a36 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20FRANCE?= Date: Sat, 2 Oct 2021 13:37:41 +0200 Subject: [PATCH 40/51] doxygen https://doxygen.dolibarr.org/develop/doxygen-warnings.log --- htdocs/salaries/paiement_salary.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/salaries/paiement_salary.php b/htdocs/salaries/paiement_salary.php index 9f9a1ae7b50..b1e03866d7e 100644 --- a/htdocs/salaries/paiement_salary.php +++ b/htdocs/salaries/paiement_salary.php @@ -18,7 +18,7 @@ */ /** - * \file htdocs/compta/paiement_salary.php + * \file htdocs/salaries/paiement_salary.php * \ingroup salary * \brief Page to add payment of a salary */ From c33d8ac49b3ef28de915aa775912986b7dcd3886 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20FRANCE?= Date: Sat, 2 Oct 2021 13:40:33 +0200 Subject: [PATCH 41/51] doxygen https://doxygen.dolibarr.org/develop/doxygen-warnings.log --- htdocs/core/lib/eventorganization.lib.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/core/lib/eventorganization.lib.php b/htdocs/core/lib/eventorganization.lib.php index 2f8ea573c1f..51ff1f2a90f 100644 --- a/htdocs/core/lib/eventorganization.lib.php +++ b/htdocs/core/lib/eventorganization.lib.php @@ -16,7 +16,7 @@ */ /** - * \file eventorganization/lib/eventorganization.lib.php + * \file htdocs/core/lib/eventorganization.lib.php * \ingroup eventorganization * \brief Library files with common functions for EventOrganization */ From 365f2ba31ea0afd3795bf9cab809bdf3d4621807 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20FRANCE?= Date: Sat, 2 Oct 2021 13:42:19 +0200 Subject: [PATCH 42/51] doxygen https://doxygen.dolibarr.org/develop/doxygen-warnings.log --- htdocs/mrp/class/api_mos.class.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/mrp/class/api_mos.class.php b/htdocs/mrp/class/api_mos.class.php index 8fbd25090c7..59b4cbfa16b 100644 --- a/htdocs/mrp/class/api_mos.class.php +++ b/htdocs/mrp/class/api_mos.class.php @@ -22,7 +22,7 @@ require_once DOL_DOCUMENT_ROOT.'/mrp/class/mo.class.php'; /** - * \file mrp/class/api_mo.class.php + * \file htdocs/mrp/class/api_mos.class.php * \ingroup mrp * \brief File for API management of MO. */ From 1ba0369f01fbd83b5aa63a92ff4d8b291fa0f0a3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20FRANCE?= Date: Sat, 2 Oct 2021 13:47:30 +0200 Subject: [PATCH 43/51] doxygen https://doxygen.dolibarr.org/develop/doxygen-warnings.log --- htdocs/core/modules/product_batch/mod_lot_free.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/core/modules/product_batch/mod_lot_free.php b/htdocs/core/modules/product_batch/mod_lot_free.php index 0f069143ab1..def14bd37b3 100644 --- a/htdocs/core/modules/product_batch/mod_lot_free.php +++ b/htdocs/core/modules/product_batch/mod_lot_free.php @@ -18,7 +18,7 @@ */ /** - * \file htdocs/core/modules/product/mod_lot_free.php + * \file htdocs/core/modules/product_batch/mod_lot_free.php * \ingroup productbatch * \brief File containing class for numbering model of Lot free */ From 0ebe4de80a7cbc60b95c01f77c488ee1a8cd42c9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20FRANCE?= Date: Sat, 2 Oct 2021 13:48:27 +0200 Subject: [PATCH 44/51] doxygen https://doxygen.dolibarr.org/develop/doxygen-warnings.log --- htdocs/core/modules/product_batch/mod_sn_advanced.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/core/modules/product_batch/mod_sn_advanced.php b/htdocs/core/modules/product_batch/mod_sn_advanced.php index 5e8fde199c1..abe094220d2 100644 --- a/htdocs/core/modules/product_batch/mod_sn_advanced.php +++ b/htdocs/core/modules/product_batch/mod_sn_advanced.php @@ -22,7 +22,7 @@ */ /** - * \file htdocs/core/modules/product_batch/mod_batch_advanced.php + * \file htdocs/core/modules/product_batch/mod_sn_advanced.php * \ingroup productbatch * \brief File containing class for numbering model of SN advanced */ From 828c1d41e75fbefa20b47784c5a13969b7a2ab17 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20FRANCE?= Date: Sat, 2 Oct 2021 13:49:33 +0200 Subject: [PATCH 45/51] doxygen https://doxygen.dolibarr.org/develop/doxygen-warnings.log --- htdocs/core/modules/product_batch/mod_sn_free.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/core/modules/product_batch/mod_sn_free.php b/htdocs/core/modules/product_batch/mod_sn_free.php index 95e1bd20359..67d39ec085a 100644 --- a/htdocs/core/modules/product_batch/mod_sn_free.php +++ b/htdocs/core/modules/product_batch/mod_sn_free.php @@ -18,7 +18,7 @@ */ /** - * \file htdocs/core/modules/product/mod_sn_free.php + * \file htdocs/core/modules/product_batch/mod_sn_free.php * \ingroup productbatch * \brief File containing class for numbering model of SN free */ From 04a5dc2794bcd47386839ba0d1d57554a1518bbf Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Sat, 2 Oct 2021 14:53:47 +0200 Subject: [PATCH 46/51] css --- htdocs/theme/md/style.css.php | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/htdocs/theme/md/style.css.php b/htdocs/theme/md/style.css.php index d68bfa78ee9..e66a3c23d7d 100644 --- a/htdocs/theme/md/style.css.php +++ b/htdocs/theme/md/style.css.php @@ -1859,6 +1859,7 @@ body.sidebar-collapse .side-nav, body.sidebar-collapse .login_block div.login_block { /* border-right: none ! important; */ top: inherit !important; + border-right: 1px solid rgba(0,0,0,0.3); } .side-nav { @@ -2810,9 +2811,9 @@ img.login, img.printer, img.entity { font-weight: bold; } .userimg.atoplogin img.userphoto, .userimgatoplogin img.userphoto { /* size for user photo in login bar */ - border-radius: 8px; - width: 16px; - height: 16px; + /* border-radius: 8px; */ + width: 20px; + height: 20px; background-size: contain; vertical-align: text-bottom; background-color: #FFF; From 227adaf5fccacfe68fa9c2b357929702cb53b201 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Sat, 2 Oct 2021 15:26:29 +0200 Subject: [PATCH 47/51] CSS --- htdocs/theme/md/style.css.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/theme/md/style.css.php b/htdocs/theme/md/style.css.php index e66a3c23d7d..bb1fff44289 100644 --- a/htdocs/theme/md/style.css.php +++ b/htdocs/theme/md/style.css.php @@ -1915,7 +1915,7 @@ div.login_block { padding-top: 20px; browser->layout, array('phone', 'tablet')) && empty($conf->global->MAIN_OPTIMIZEFORTEXTBROWSER)) { ?> - top: 50px ! important; + top: 66px ! important; top: 60px ! important; From 7863642daaae1fecf02a123b02900f7d9173246a Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Sat, 2 Oct 2021 19:16:42 +0200 Subject: [PATCH 48/51] FIX #18852 --- htdocs/product/class/product.class.php | 4 +- .../stock/class/api_stockmovements.class.php | 5 +- .../stock/class/mouvementstock.class.php | 115 +++++++++--------- 3 files changed, 66 insertions(+), 58 deletions(-) diff --git a/htdocs/product/class/product.class.php b/htdocs/product/class/product.class.php index de88ec9f277..1109c93fad9 100644 --- a/htdocs/product/class/product.class.php +++ b/htdocs/product/class/product.class.php @@ -5133,7 +5133,7 @@ class Product extends CommonObject $op[1] = "-".trim($nbpiece); $movementstock = new MouvementStock($this->db); - $movementstock->setOrigin($origin_element, $origin_id); // Set ->origin and ->origin->id + $movementstock->setOrigin($origin_element, $origin_id); // Set ->origin_type and ->origin_id $result = $movementstock->_create($user, $this->id, $id_entrepot, $op[$movement], $movement, $price, $label, $inventorycode, '', '', '', '', false, 0, $disablestockchangeforsubproduct); if ($result >= 0) { @@ -5180,7 +5180,7 @@ class Product extends CommonObject $op[1] = "-".trim($nbpiece); $movementstock = new MouvementStock($this->db); - $movementstock->setOrigin($origin_element, $origin_id); + $movementstock->setOrigin($origin_element, $origin_id); // Set ->origin_type and ->fk_origin $result = $movementstock->_create($user, $this->id, $id_entrepot, $op[$movement], $movement, $price, $label, $inventorycode, '', $dlc, $dluo, $lot, false, 0, $disablestockchangeforsubproduct); if ($result >= 0) { diff --git a/htdocs/product/stock/class/api_stockmovements.class.php b/htdocs/product/stock/class/api_stockmovements.class.php index 42a03a1836a..19f23edd4f4 100644 --- a/htdocs/product/stock/class/api_stockmovements.class.php +++ b/htdocs/product/stock/class/api_stockmovements.class.php @@ -165,11 +165,13 @@ class StockMovements extends DolibarrApi * @param string $price To update AWP (Average Weighted Price) when you make a stock increase (qty must be higher then 0). {@from body} * @param string $dlc Eat-by date. {@from body} {@type date} * @param string $dluo Sell-by date. {@from body} {@type date} + * @param string $origin_type Origin type (Element of source object, like 'project', 'inventory', ...) + * @param string $origin_id Origin id (Id of source object) * * @return int ID of stock movement * @throws RestException */ - public function post($product_id, $warehouse_id, $qty, $lot = '', $movementcode = '', $movementlabel = '', $price = '', $dlc = '', $dluo = '') + public function post($product_id, $warehouse_id, $qty, $lot = '', $movementcode = '', $movementlabel = '', $price = '', $dlc = '', $dluo = '', $origin_type = '', $origin_id = 0) { if (!DolibarrApiAccess::$user->rights->stock->creer) { throw new RestException(401); @@ -189,6 +191,7 @@ class StockMovements extends DolibarrApi $eatBy = empty($dluo) ? '' : dol_stringtotime($dluo); $sellBy = empty($dlc) ? '' : dol_stringtotime($dlc); + $this->stockmovement->setOrigin($origin_type, $origin_id); if ($this->stockmovement->_create(DolibarrApiAccess::$user, $product_id, $warehouse_id, $qty, $type, $price, $movementlabel, $movementcode, '', $eatBy, $sellBy, $lot) <= 0) { $errormessage = $this->stockmovement->error; if (empty($errormessage)) { diff --git a/htdocs/product/stock/class/mouvementstock.class.php b/htdocs/product/stock/class/mouvementstock.class.php index dd1b2202956..3a43d9ee6bb 100644 --- a/htdocs/product/stock/class/mouvementstock.class.php +++ b/htdocs/product/stock/class/mouvementstock.class.php @@ -54,8 +54,10 @@ class MouvementStock extends CommonObject /** * @var int Type of movement - * 0=input (stock increase by a stock transfer), 1=output (stock decrease after by a stock transfer), - * 2=output (stock decrease), 3=input (stock increase) + * 0=input (stock increase by a manual/direct stock transfer, correction or inventory), + * 1=output (stock decrease after by a manual/direct stock transfer, correction or inventory), + * 2=output (stock decrease after a business event like sale, shipment or manufacturing, ...), + * 3=input (stock increase after a business event like purchase, reception or manufacturing, ...) * Note that qty should be > 0 with 0 or 3, < 0 with 1 or 2. */ public $type; @@ -76,18 +78,32 @@ class MouvementStock extends CommonObject /** * @var int ID + * @deprecated + * @see $origin_id */ public $fk_origin; + /** + * @var int Origin id + */ + public $origin_id; + + /** + * @var string origintype + * @deprecated + * see $origin_type + */ public $origintype; + /** + * @var string Origin type ('project', ...) + */ + public $origin_type; + + public $inventorycode; public $batch; - /** - * @var Object Object set as origin before calling livraison() or reception() - */ - public $origin; public $fields = array( 'rowid' =>array('type'=>'integer', 'label'=>'TechnicalID', 'enabled'=>1, 'visible'=>-1, 'notnull'=>1, 'position'=>10, 'showoncombobox'=>1), @@ -127,7 +143,7 @@ class MouvementStock extends CommonObject /** * Add a movement of stock (in one direction only). * This is the lowest level method to record a stock change. - * $this->origin can be also be set to save the source object of movement. + * $this->origin_type and $this->origin_id can be also be set to save the source object of movement. * * @param User $user User object * @param int $fk_product Id of product @@ -403,25 +419,20 @@ class MouvementStock extends CommonObject } if ($movestock) { // Change stock for current product, change for subproduct is done after - // Set $origintype, fk_origin, fk_project - $fk_project = 0; - if (!empty($this->origin)) { // This is set by caller for tracking reason - $origintype = empty($this->origin->origin_type) ? $this->origin->element : $this->origin->origin_type; - $fk_origin = $this->origin->id; - if ($origintype == 'project') { - $fk_project = $fk_origin; - } else { - $res = $this->origin->fetch($fk_origin); - if ($res > 0) { - if (!empty($this->origin->fk_project)) { - $fk_project = $this->origin->fk_project; - } - } + // Set $origin_type, origin_id and fk_project + $fk_project = $this->fk_project; + if (!empty($this->origin_type)) { // This is set by caller for tracking reason + $origin_type = $this->origin_type; + $origin_id = $this->origin_id; + if (empty($fk_project) && $origin_type == 'project') { + $fk_project = $origin_id; + $origin_type = ''; + $origin_id = 0; } } else { - $origintype = ''; - $fk_origin = 0; $fk_project = 0; + $origin_type = ''; + $origin_id = 0; } $sql = "INSERT INTO ".MAIN_DB_PREFIX."stock_mouvement("; @@ -437,8 +448,8 @@ class MouvementStock extends CommonObject $sql .= " '".$this->db->escape($label)."',"; $sql .= " ".($inventorycode ? "'".$this->db->escape($inventorycode)."'" : "null").","; $sql .= " ".((float) price2num($price)).","; - $sql .= " ".((int) $fk_origin).","; - $sql .= " '".$this->db->escape($origintype)."',"; + $sql .= " ".((int) $origin_id).","; + $sql .= " '".$this->db->escape($origin_type)."',"; $sql .= " ".((int) $fk_project); $sql .= ")"; @@ -626,8 +637,8 @@ class MouvementStock extends CommonObject $sql .= " t.type_mouvement,"; $sql .= " t.fk_user_author,"; $sql .= " t.label,"; - $sql .= " t.fk_origin,"; - $sql .= " t.origintype,"; + $sql .= " t.fk_origin as origin_id,"; + $sql .= " t.origintype as origin_type,"; $sql .= " t.inventorycode,"; $sql .= " t.batch,"; $sql .= " t.eatby,"; @@ -654,8 +665,10 @@ class MouvementStock extends CommonObject $this->price = $obj->price; $this->fk_user_author = $obj->fk_user_author; $this->label = $obj->label; - $this->fk_origin = $obj->fk_origin; - $this->origintype = $obj->origintype; + $this->fk_origin = $obj->origin_id; // For backward compatibility + $this->origintype = $obj->origin_type; // For backward compatibility + $this->origin_id = $obj->origin_id; + $this->origin_type = $obj->origin_type; $this->inventorycode = $obj->inventorycode; $this->batch = $obj->batch; $this->eatby = $this->db->jdate($obj->eatby); @@ -730,6 +743,7 @@ class MouvementStock extends CommonObject foreach ($pids as $key => $value) { if (!$error) { $tmpmove = dol_clone($this, 1); + $result = $tmpmove->_create($user, $pids[$key], $entrepot_id, ($qty * $pqtys[$key]), $type, 0, $label, $inventorycode); // This will also call _createSubProduct making this recursive if ($result < 0) { $this->error = $tmpmove->error; @@ -921,16 +935,16 @@ class MouvementStock extends CommonObject /** * Return Url link of origin object * - * @param int $fk_origin Id origin - * @param int $origintype Type origin + * @param int $origin_id Id origin + * @param int $origin_type Type origin * @return string */ - public function get_origin($fk_origin, $origintype) + public function get_origin($origin_id, $origin_type) { // phpcs:enable $origin = ''; - switch ($origintype) { + switch ($origin_type) { case 'commande': require_once DOL_DOCUMENT_ROOT.'/commande/class/commande.class.php'; $origin = new Commande($this->db); @@ -973,11 +987,11 @@ class MouvementStock extends CommonObject break; default: - if ($origintype) { + if ($origin_type) { // Separate originetype with "@" : left part is class name, right part is module name - $origintype_array = explode('@', $origintype); - $classname = ucfirst($origintype_array[0]); - $modulename = empty($origintype_array[1]) ? $classname : $origintype_array[1]; + $origin_type_array = explode('@', $origin_type); + $classname = ucfirst($origin_type_array[0]); + $modulename = empty($origin_type_array[1]) ? $classname : $origin_type_array[1]; $result = dol_include_once('/'.$modulename.'/class/'.strtolower($classname).'.class.php'); if ($result) { $classname = ucfirst($classname); @@ -991,7 +1005,7 @@ class MouvementStock extends CommonObject return ''; } - if ($origin->fetch($fk_origin) > 0) { + if ($origin->fetch($origin_id) > 0) { return $origin->getNomUrl(1); } @@ -999,29 +1013,20 @@ class MouvementStock extends CommonObject } /** - * Set attribute origin to object + * Set attribute origin_type and fk_origin to object * - * @param string $origin_element type of element - * @param int $origin_id id of element + * @param string $origin_element Type of element + * @param int $origin_id Id of element * * @return void */ public function setOrigin($origin_element, $origin_id) { - if (!empty($origin_element) && $origin_id > 0) { - $origin = ''; - if ($origin_element == 'project') { - if (!class_exists('Project')) { - require_once DOL_DOCUMENT_ROOT.'/projet/class/project.class.php'; - } - $origin = new Project($this->db); - } - - if (!empty($origin)) { - $this->origin = $origin; - $this->origin->id = $origin_id; - } - } + $this->origin_type = $origin_element; + $this->origin_id = $origin_id; + // For backward compatibility + $this->origintype = $origin_element; + $this->fk_origin = $origin_id; } From 2fe1b548ef9f4f923ddd2f78033c075a12e2b53a Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Sat, 2 Oct 2021 19:45:58 +0200 Subject: [PATCH 49/51] Show label of permission as tooltip on list of modules/app --- htdocs/admin/system/modules.php | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/htdocs/admin/system/modules.php b/htdocs/admin/system/modules.php index 150ca10a359..a56ed8c1da3 100644 --- a/htdocs/admin/system/modules.php +++ b/htdocs/admin/system/modules.php @@ -91,6 +91,7 @@ $modules_files = array(); $modules_fullpath = array(); $modulesdir = dolGetModulesDirs(); $rights_ids = array(); +$arrayofpermissions = array(); foreach ($modulesdir as $dir) { $handle = @opendir(dol_osencode($dir)); @@ -155,7 +156,7 @@ foreach ($modules as $key => $module) { if (empty($rights[0])) { continue; } - + $arrayofpermissions[$rights[0]] = array('label'=> 'user->rights->'.$module->rights_class.'->'.$rights[4].(empty($rights[5]) ? '' : '->'.$rights[5])); $permission[] = $rights[0]; array_push($rights_ids, $rights[0]); @@ -336,8 +337,10 @@ foreach ($moduleList as $module) { $idperms = ''; foreach ($module->permission as $permission) { - $idperms .= ($idperms ? ", " : "").$permission; $translationKey = "Permission".$permission; + $labelpermission = $langs->trans($translationKey); + $labelpermission .= ' : '.$arrayofpermissions[$permission]['label']; + $idperms .= ($idperms ? ", " : "").''.$permission.''; if (!empty($conf->global->MAIN_SHOW_PERMISSION)) { if (empty($langs->tab_translate[$translationKey])) { From d99b3d601a2d020bb17965045909a3d1814acb54 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Sat, 2 Oct 2021 20:07:09 +0200 Subject: [PATCH 50/51] FIX #18854 --- htdocs/ecm/index.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/htdocs/ecm/index.php b/htdocs/ecm/index.php index 3a8d33343c7..813ee69b6fb 100644 --- a/htdocs/ecm/index.php +++ b/htdocs/ecm/index.php @@ -42,6 +42,7 @@ if (!$section) { $section = 0; } $section_dir = GETPOST('section_dir', 'alpha'); +$overwritefile = GETPOST('overwritefile', 'int'); $limit = GETPOST('limit', 'int') ? GETPOST('limit', 'int') : $conf->liste_limit; $sortfield = GETPOST("sortfield", 'alpha'); @@ -120,7 +121,7 @@ if (GETPOST("sendit", 'alphanohtml') && !empty($conf->global->MAIN_UPLOAD_DOC)) if (!$error) { $generatethumbs = 0; - $res = dol_add_file_process($upload_dir, 0, 1, 'userfile', '', null, '', $generatethumbs); + $res = dol_add_file_process($upload_dir, $overwritefile, 1, 'userfile', '', null, '', $generatethumbs); if ($res > 0) { $result = $ecmdir->changeNbOfFiles('+'); } From 55e97784bd19bd5decb5f32434c6d7526b3f7274 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Sat, 2 Oct 2021 20:42:54 +0200 Subject: [PATCH 51/51] FIX #18880 --- htdocs/install/mysql/data/llx_c_tva.sql | 6 +----- 1 file changed, 1 insertion(+), 5 deletions(-) diff --git a/htdocs/install/mysql/data/llx_c_tva.sql b/htdocs/install/mysql/data/llx_c_tva.sql index cae269783e4..12b0b92a13e 100644 --- a/htdocs/install/mysql/data/llx_c_tva.sql +++ b/htdocs/install/mysql/data/llx_c_tva.sql @@ -330,7 +330,7 @@ insert into llx_c_tva(rowid,fk_pays,taux,recuperableonly,note,active) values (10 insert into llx_c_tva(rowid,fk_pays,taux,recuperableonly,note,active) values (105,10, '15','0','VAT 12% Majoré à 25% (15%)',1); insert into llx_c_tva(rowid,fk_pays,taux,recuperableonly,note,active) values (106,10, '22.5','0','VAT 18% Majoré à 25% (22.5%)',1); insert into llx_c_tva(rowid,fk_pays,taux,recuperableonly,note,active) values (107,10, '6','0','VAT 6%', 1); -insert into llx_c_tva(rowid,fk_pays,taux,recuperableonly,note,active,localtax1,localtax1_type,localtax2,localtax2_type) values (107,10,'18.18','0','VAT 18%+FODEC', 1, 1, '4', 0, 0); +insert into llx_c_tva(rowid,fk_pays,taux,recuperableonly,note,active,localtax1,localtax1_type,localtax2,localtax2_type) values (108,10,'18.18','0','VAT 18%+FODEC', 1, 1, '4', 0, 0); -- UKRAINE (id country=226) INSERT INTO llx_c_tva(rowid,fk_pays,taux,recuperableonly,note,active) values (2261,226, '0','0','VAT rate 0',1); @@ -379,10 +379,6 @@ INSERT INTO llx_c_tva(rowid,fk_pays,taux,recuperableonly,note,active) VALUES ( 4 INSERT INTO llx_c_tva(rowid,fk_pays,taux,recuperableonly,note,active) VALUES ( 462, 46, '15','0','VAT 15%',1); INSERT INTO llx_c_tva(rowid,fk_pays,taux,recuperableonly,note,active) VALUES ( 463, 46, '7.5','0','VAT 7.5%',1); --- SOUTH AFRICA (id country=205) -INSERT INTO llx_c_tva(rowid,fk_pays,taux,recuperableonly,note,active) VALUES (2051,205, '0','0','No VAT',1); -INSERT INTO llx_c_tva(rowid,fk_pays,taux,recuperableonly,note,active) VALUES (2052,205, '14','0','VAT 14%',1); - -- VENEZUELA (id country=232) insert into llx_c_tva(rowid,fk_pays,taux,recuperableonly,note,active) values (2321,232, '0','0','No VAT',1); insert into llx_c_tva(rowid,fk_pays,taux,recuperableonly,note,active) values (2322,232, '12','0','VAT 12%',1);
'.$langs->trans('BarcodeValue').''.img_picto('', 'barcode', 'class="pictofixedwidth"').'
'.$langs->trans('BarcodeValue').''.img_picto('', 'barcode', 'class="pictofixedwidth"').'
'.$langs->trans("Charges").''; + print ''; print '
'; - print $productfourn->supplier_barcode; - print ''; @@ -1168,6 +1162,13 @@ END; print ''; + print $productfourn->supplier_barcode; + print ''; diff --git a/htdocs/product/price.php b/htdocs/product/price.php index 49ffd69fd0b..773a097fed8 100644 --- a/htdocs/product/price.php +++ b/htdocs/product/price.php @@ -1161,7 +1161,7 @@ if (!$action || $action == 'delete' || $action == 'showlog_customer_price' || $a if (!empty($conf->global->PRODUIT_CUSTOMER_PRICES)) { if ($user->rights->produit->creer || $user->rights->service->creer) { - print '
id . '">' . $langs->trans("AddCustomerPrice") . '
'; + print '
id . '">' . $langs->trans("AddCustomerPrice") . '
'; } } diff --git a/htdocs/public/members/new.php b/htdocs/public/members/new.php index b6498ca4032..c00c1d70367 100644 --- a/htdocs/public/members/new.php +++ b/htdocs/public/members/new.php @@ -381,7 +381,7 @@ if (empty($reshook) && $action == 'add') { $urlback = $conf->global->MEMBER_URL_REDIRECT_SUBSCRIPTION; // TODO Make replacement of __AMOUNT__, etc... } else { - $urlback = $_SERVER["PHP_SELF"]."?action=added"; + $urlback = $_SERVER["PHP_SELF"]."?action=added&token=".newToken(); } if (!empty($conf->global->MEMBER_NEWFORM_PAYONLINE) && $conf->global->MEMBER_NEWFORM_PAYONLINE != '-1') { diff --git a/htdocs/public/project/new.php b/htdocs/public/project/new.php index ca7101a3679..1d673991d3d 100644 --- a/htdocs/public/project/new.php +++ b/htdocs/public/project/new.php @@ -311,7 +311,7 @@ if (empty($reshook) && $action == 'add') { $urlback = $conf->global->PROJECT_URL_REDIRECT_LEAD; // TODO Make replacement of __AMOUNT__, etc... } else { - $urlback = $_SERVER["PHP_SELF"]."?action=added"; + $urlback = $_SERVER["PHP_SELF"]."?action=added&token=".newToken(); } if (!empty($entity)) { diff --git a/htdocs/societe/price.php b/htdocs/societe/price.php index c29717f002d..21dd3b9643b 100644 --- a/htdocs/societe/price.php +++ b/htdocs/societe/price.php @@ -525,7 +525,7 @@ if (!empty($conf->global->PRODUIT_CUSTOMER_PRICES)) { print "\n".'
'."\n"; if ($user->rights->produit->creer || $user->rights->service->creer) { - print '
id.'">'.$langs->trans("AddCustomerPrice").'
'; + print '
id.'">'.$langs->trans("AddCustomerPrice").'
'; } print "\n
\n"; diff --git a/htdocs/takepos/floors.php b/htdocs/takepos/floors.php index b3ba955f4e8..64040a24466 100644 --- a/htdocs/takepos/floors.php +++ b/htdocs/takepos/floors.php @@ -212,9 +212,9 @@ $( document ).ready(function() { admin) {?> &place="+place+"&idproduct="+idproduct+"&selectedline="+selectedline, function() { global->TAKEPOS_CUSTOMER_DISPLAY)) echo "CustomerDisplay();";?> }); } diff --git a/htdocs/takepos/invoice.php b/htdocs/takepos/invoice.php index ad5d8f9fbd2..8b2e5ca78b7 100644 --- a/htdocs/takepos/invoice.php +++ b/htdocs/takepos/invoice.php @@ -1056,12 +1056,12 @@ function DolibarrTakeposPrinting(id) { } function CreditNote() { - $("#poslines").load("invoice.php?action=creditnote&invoiceid="+placeid, function() { + $("#poslines").load("invoice.php?action=creditnote&token=&invoiceid="+placeid, function() { }); } function SetNote() { - $("#poslines").load("invoice.php?action=addnote&invoiceid="+placeid+"&idline="+selectedline+"&addnote="+$("#textinput").val(), function() { + $("#poslines").load("invoice.php?action=addnote&token=&invoiceid="+placeid+"&idline="+selectedline+"&addnote="+$("#textinput").val(), function() { }); } diff --git a/htdocs/takepos/phone.php b/htdocs/takepos/phone.php index 7eaa4d9ec68..b655d9f7789 100644 --- a/htdocs/takepos/phone.php +++ b/htdocs/takepos/phone.php @@ -238,10 +238,10 @@ function AddProductConfirm(placeid, productid){ place=placeid; diff --git a/htdocs/user/group/perms.php b/htdocs/user/group/perms.php index 46506163c1f..478e345f2e3 100644 --- a/htdocs/user/group/perms.php +++ b/htdocs/user/group/perms.php @@ -248,9 +248,9 @@ if ($object->id > 0) { print '		'.$langs->trans("Module").''; - print ''.$langs->trans("All").""; + print ''.$langs->trans("All").""; print '/'; - print ''.$langs->trans("None").""; + print ''.$langs->trans("None").""; print ' '; - print 'module.'&token='.newToken().'">'.$langs->trans("All").""; + print 'module.'&token='.newToken().'">'.$langs->trans("All").""; print '/'; - print 'module.'&token='.newToken().'">'.$langs->trans("None").""; + print 'module.'&token='.newToken().'">'.$langs->trans("None").""; print ' id.'&confirm=yes&token='.newToken().'">'; + print 'id.'&confirm=yes&token='.newToken().'">'; //print img_edit_add($langs->trans("Add")); print img_picto($langs->trans("Add"), 'switch_off'); print 'id.'&confirm=yes&token='.newToken().'">'; + print 'id.'&confirm=yes&token='.newToken().'">'; //print img_edit_add($langs->trans("Add")); print img_picto($langs->trans("Add"), 'switch_off'); print 'id.'&confirm=yes&token='.newToken().'">'; + print 'id.'&confirm=yes&token='.newToken().'">'; //print img_edit_add($langs->trans("Add")); print img_picto($langs->trans("Add"), 'switch_off'); print '