diff --git a/htdocs/compta/facture/list.php b/htdocs/compta/facture/list.php
index 94d3ead3998..ccf3c2f3f0c 100644
--- a/htdocs/compta/facture/list.php
+++ b/htdocs/compta/facture/list.php
@@ -1632,7 +1632,7 @@ if ($resql) {
print '| ';
if ($contextpage == 'poslist') {
- print $obj->ref;
+ print dol_escape_htmltag($obj->ref);
} else {
print $facturestatic->getNomUrl(1, '', 200, 0, '', 0, 1);
}
@@ -1654,7 +1654,7 @@ if ($resql) {
// Customer ref
if (!empty($arrayfields['f.ref_client']['checked'])) {
print ' | ';
- print $obj->ref_client;
+ print dol_escape_htmltag($obj->ref_client);
print ' | ';
if (!$i) {
$totalarray['nbfield']++;
@@ -1719,7 +1719,7 @@ if ($resql) {
if (!empty($arrayfields['p.title']['checked'])) {
print '';
if ($obj->project_id > 0) {
- print $projectstatic->title;
+ print dol_escape_htmltag($projectstatic->title);
}
print ' | ';
if (!$i) {
@@ -1731,9 +1731,9 @@ if ($resql) {
if (!empty($arrayfields['s.nom']['checked'])) {
print '';
if ($contextpage == 'poslist') {
- print $companystatic->name;
+ print dol_escape_htmltag($companystatic->name);
} else {
- print $companystatic->getNomUrl(1, 'customer');
+ print $companystatic->getNomUrl(1, 'customer', 0, 0, -1, empty($arrayfields['s.name_alias']['checked']) ? 0 : 1);
}
print ' | ';
if (!$i) {
@@ -1742,8 +1742,8 @@ if ($resql) {
}
// Alias
if (!empty($arrayfields['s.name_alias']['checked'])) {
- print '';
- print $obj->name_alias;
+ print ' | ';
+ print dol_escape_htmltag($companystatic->name_alias);
print ' | ';
if (!$i) {
$totalarray['nbfield']++;
@@ -1752,7 +1752,7 @@ if ($resql) {
// Town
if (!empty($arrayfields['s.town']['checked'])) {
print '';
- print $obj->town;
+ print dol_escape_htmltag($obj->town);
print ' | ';
if (!$i) {
$totalarray['nbfield']++;
@@ -1761,7 +1761,7 @@ if ($resql) {
// Zip
if (!empty($arrayfields['s.zip']['checked'])) {
print '';
- print $obj->zip;
+ print dol_escape_htmltag($obj->zip);
print ' | ';
if (!$i) {
$totalarray['nbfield']++;
@@ -1799,10 +1799,10 @@ if ($resql) {
// Staff
if (!empty($arrayfields['staff.code']['checked'])) {
print '';
- if (!is_array($staffArray) || count($staffArray) == 0) {
- $staffArray = $formcompany->effectif_array(1);
+ if (!is_array($conf->cache['staff']) || count($conf->cache['staff']) == 0) {
+ $conf->cache['staff'] = $formcompany->effectif_array(1);
}
- print $staffArray[$obj->staff_code];
+ print $conf->cache['staff'][$obj->staff_code];
print ' | ';
if (!$i) {
$totalarray['nbfield']++;
@@ -1832,7 +1832,7 @@ if ($resql) {
// Module Source
if (!empty($arrayfields['f.module_source']['checked'])) {
print '';
- print $obj->module_source;
+ print dol_escape_htmltag($obj->module_source);
print ' | ';
if (!$i) {
$totalarray['nbfield']++;
@@ -1842,7 +1842,7 @@ if ($resql) {
// POS Terminal
if (!empty($arrayfields['f.pos_source']['checked'])) {
print '';
- print $obj->pos_source;
+ print dol_escape_htmltag($obj->pos_source);
print ' | ';
if (!$i) {
$totalarray['nbfield']++;
@@ -1851,7 +1851,7 @@ if ($resql) {
// Amount HT
if (!empty($arrayfields['f.total_ht']['checked'])) {
- print ''.price($obj->total_ht)." | \n";
+ print ''.price($obj->total_ht)." | \n";
if (!$i) {
$totalarray['nbfield']++;
}
@@ -1934,11 +1934,11 @@ if ($resql) {
}
if (!empty($arrayfields['f.retained_warranty']['checked'])) {
- print ''.(!empty($obj->retained_warranty) ?price($obj->retained_warranty).'%' : ' ').' | ';
+ print ''.(!empty($obj->retained_warranty) ? price($obj->retained_warranty).'%' : ' ').' | ';
}
if (!empty($arrayfields['dynamount_payed']['checked'])) {
- print ''.(!empty($totalpay) ?price($totalpay, 0, $langs) : ' ').' | '; // TODO Use a denormalized field
+ print ''.(!empty($totalpay) ? price($totalpay, 0, $langs) : ' ').' | '; // TODO Use a denormalized field
if (!$i) {
$totalarray['nbfield']++;
}
@@ -1965,7 +1965,7 @@ if ($resql) {
// Currency
if (!empty($arrayfields['f.multicurrency_code']['checked'])) {
- print ''.$obj->multicurrency_code.' - '.$langs->trans('Currency'.$obj->multicurrency_code)." | \n";
+ print ''.dol_escape_htmltag($obj->multicurrency_code).' - '.$langs->trans('Currency'.$obj->multicurrency_code)." | \n";
if (!$i) {
$totalarray['nbfield']++;
}
@@ -2059,7 +2059,7 @@ if ($resql) {
print $hookmanager->resPrint;
// Date creation
if (!empty($arrayfields['f.datec']['checked'])) {
- print '';
+ print ' | ';
print dol_print_date($db->jdate($obj->date_creation), 'dayhour', 'tzuser');
print ' | ';
if (!$i) {
@@ -2068,7 +2068,7 @@ if ($resql) {
}
// Date modification
if (!empty($arrayfields['f.tms']['checked'])) {
- print '';
+ print ' | ';
print dol_print_date($db->jdate($obj->date_update), 'dayhour', 'tzuser');
print ' | ';
if (!$i) {
@@ -2077,7 +2077,7 @@ if ($resql) {
}
// Date closing
if (!empty($arrayfields['f.date_closing']['checked'])) {
- print '';
+ print ' | ';
print dol_print_date($db->jdate($obj->date_closing), 'dayhour', 'tzuser');
print ' | ';
if (!$i) {
diff --git a/htdocs/societe/class/societe.class.php b/htdocs/societe/class/societe.class.php
index 818d5249a6c..c8b381280b1 100644
--- a/htdocs/societe/class/societe.class.php
+++ b/htdocs/societe/class/societe.class.php
@@ -2481,9 +2481,10 @@ class Societe extends CommonObject
* @param int $maxlen Max length of name
* @param int $notooltip 1=Disable tooltip
* @param int $save_lastsearch_value -1=Auto, 0=No save of lastsearch_values when clicking, 1=Save lastsearch_values whenclicking
+ * @param int $noaliasinname 1=Do not add alias into the link ref
* @return string String with URL
*/
- public function getNomUrl($withpicto = 0, $option = '', $maxlen = 0, $notooltip = 0, $save_lastsearch_value = -1)
+ public function getNomUrl($withpicto = 0, $option = '', $maxlen = 0, $notooltip = 0, $save_lastsearch_value = -1, $noaliasinname = 0)
{
global $conf, $langs, $hookmanager;
@@ -2521,7 +2522,7 @@ class Societe extends CommonObject
}
}
- if (!empty($this->name_alias)) {
+ if (!empty($this->name_alias) && empty($noaliasinname)) {
$name .= ' ('.$this->name_alias.')';
}