Merge branch 'develop' of git@github.com:Dolibarr/dolibarr.git into develop

2013-10-19 00:34:00 +02:00 · 2013-10-19 00:34:00 +02:00 · 73263d4328
commit 73263d4328
parent af521ec070 16b2741834
35 changed files with 352 additions and 88 deletions
--- a/1
+++ b/1
@ -63,6 +63,7 @@ For users:
 - Fix: [bug #1022] correct margin calculation for credit notes.
 - New: Can choose contact on event (action com) creation, and filtred by thirdparty.
 - New: Add hidden option MAIN_FORCE_DEFAULT_STATE_ID.
+- New: Add page to make mass stock movement.

 For translators:
 - Qual: Normalized sort order of all languages files with english reference files.
--- a/htdocs/core/lib/functions.lib.php
+++ b/htdocs/core/lib/functions.lib.php
@ -2329,7 +2329,7 @@ function print_liste_field_titre($name, $file="", $field="", $begin="", $morepar
 *	Get title line of an array
 *
 *	@param	string	$name        Label of field
- *	@param	int		$thead		 For thead format (0 by default)
+ *	@param	int		$thead		 0=To use with standard table forat, 1=To use inside <thead><tr>, 2=To use with <div> 
 *	@param	string	$file        Url used when we click on sort picto
 *	@param	string	$field       Field to use for new sorting. Empty if this field is not sortable.
 *	@param	string	$begin       ("" by defaut)
@ -2347,10 +2347,13 @@ function getTitleFieldOfList($name, $thead=0, $file="", $field="", $begin="", $m
 	$sortorder=strtoupper($sortorder);
 	$out='';

+	$tag='th';
+	if ($thead==2) $tag='div';
+	
 	// If field is used as sort criteria we use a specific class
 	// Example if (sortfield,field)=("nom","xxx.nom") or (sortfield,field)=("nom","nom")
-	if ($field && ($sortfield == $field || $sortfield == preg_replace("/^[^\.]+\./","",$field))) $out.= '<th class="liste_titre_sel" '. $moreattrib.'>';
-	else $out.= '<th class="liste_titre" '. $moreattrib.'>';
+	if ($field && ($sortfield == $field || $sortfield == preg_replace("/^[^\.]+\./","",$field))) $out.= '<'.$tag.' class="liste_titre_sel" '. $moreattrib.'>';
+	else $out.= '<'.$tag.' class="liste_titre" '. $moreattrib.'>';

 	if (! empty($conf->dol_optimize_smallscreen) && empty($thead) && $field)    // If this is a sort field
 	{
@ -2397,7 +2400,7 @@ function getTitleFieldOfList($name, $thead=0, $file="", $field="", $begin="", $m
 			}
 		}
 	}
-	$out.='</th>';
+	$out.='</'.$tag.'>';

 	return $out;
 }
--- a/htdocs/langs/en_US/stocks.lang
+++ b/htdocs/langs/en_US/stocks.lang
@ -34,8 +34,10 @@ LastMovements=Last movements
 Units=Units
 Unit=Unit
 StockCorrection=Correct stock
+StockTransfer=Stock transfer
 StockMovement=Transfer
 StockMovements=Stock transfers
+LabelMovement=Movement label
 NumberOfUnit=Number of units
 UnitPurchaseValue=Unit purchase price
 TotalStock=Total in stock
@ -106,5 +108,5 @@ Replenishments=Replenishments
 NbOfProductBeforePeriod=Quantity of product %s in stock before selected period (< %s)
 NbOfProductAfterPeriod=Quantity of product %s in stock after selected period (> %s)
 MassStockMovement=Mass stock movement
-SelectProductInAndOutWareHouse=Select a product, a quantity, a source warehouse and a target warehouse, then click "Add". Once this is done for all required movements, click onto "Record Tranferts".
+SelectProductInAndOutWareHouse=Select a product, a quantity, a source warehouse and a target warehouse, then click "%s". Once this is done for all required movements, click onto "%s".
 RecordMovement=Record transfert
--- a/htdocs/langs/fr_FR/stocks.lang
+++ b/htdocs/langs/fr_FR/stocks.lang
@ -34,8 +34,10 @@ LastMovements=Derniers mouvements
 Units=Unités
 Unit=Unité
 StockCorrection=Corriger le stock
+StockTransfer=Transfert de stock
 StockMovement=Transférer
 StockMovements=Mouvements de stock
+LabelMovement=Libellé du mouvement
 NumberOfUnit=Nombre de pièces
 UnitPurchaseValue=Prix d'achat unitaire
 TotalStock=Total en stock
@ -106,5 +108,5 @@ Replenishments=Réapprovisionnement
 NbOfProductBeforePeriod=Quantité du produit <b>%s</b> en stock avant la période sélectionnée (< <b>%s</b>)
 NbOfProductAfterPeriod=Quantité du produit <b>%s</b> en stock après la période sélectionnée (> <b>%s</b>)
 MassStockMovement=Mouvement de stock en masse
-SelectProductInAndOutWareHouse=Sélectionner un produit, une quantité à transférer, un entrepôt source et destination et cliquer sur ajouter. Une fois tous les mouvements enregistrés, cliquer sur "Enregistrer transferts".
+SelectProductInAndOutWareHouse=Sélectionner un produit, une quantité à transférer, un entrepôt source et destination et cliquer sur "%s". Une fois tous les mouvements choisis, cliquer sur "%s".
 RecordMovement=Enregistrer transferts
--- a/htdocs/main.inc.php
+++ b/htdocs/main.inc.php
@ -72,7 +72,7 @@ if (function_exists('get_magic_quotes_gpc'))	// magic_quotes_* removed in PHP6
 *
 * @param		string		$val		Value
 * @param		string		$type		1=GET, 0=POST, 2=PHP_SELF
- * @return		boolean					true if there is an injection
+ * @return		int						>0 if there is an injection
 */
 function test_sql_and_script_inject($val, $type)
 {
@ -102,7 +102,7 @@ function test_sql_and_script_inject($val, $type)
    }
    // For XSS Injection done by adding javascript closing html tags like with onmousemove, etc... (closing a src or href tag with not cleaned param)
    if ($type == 1) $sql_inj += preg_match('/"/i', $val);		// We refused " in GET parameters value
-    if ($type == 2) $sql_inj += preg_match('/[\s;"]/', $val);	// PHP_SELF is an url and must match url syntax
+    if ($type == 2) $sql_inj += preg_match('/[;"]/', $val);		// PHP_SELF is a file system path. It can contains spaces. 
    return $sql_inj;
 }

@ -111,7 +111,7 @@ function test_sql_and_script_inject($val, $type)
 *
 * @param		string		&$var		Variable name
 * @param		string		$type		1=GET, 0=POST, 2=PHP_SELF
- * @return		boolean					true if ther is an injection
+ * @return		boolean					true if there is an injection
 */
 function analyse_sql_and_script(&$var, $type)
 {
--- a/htdocs/product/stock/massstockmove.php
+++ b/htdocs/product/stock/massstockmove.php
@ -103,27 +103,114 @@ if ($action == 'addline')
 	
 	if (! $error)
 	{
-		$id=count($listofdata);
+		if (count(array_keys($listofdata)) > 0) $id=max(array_keys($listofdata)) + 1;
+		else $id=1;
 		$listofdata[$id]=array('id'=>$id, 'id_product'=>$id_product, 'qty'=>$qty, 'id_sw'=>$id_sw, 'id_tw'=>$id_tw);
 		$_SESSION['massstockmove']=dol_json_encode($listofdata);
+		
+		unset($id_product);
+		//unset($id_sw);
+		//unset($id_tw);
+		unset($qty);
 	}
 }

 if ($action == 'delline' && $idline != '')
 {
 	if (! empty($listofdata[$idline])) unset($listofdata[$idline]);
-	var_dump($listofdata);
-	var_dump(dol_json_encode($listofdata)); exit;
 	if (count($listofdata) > 0) $_SESSION['massstockmove']=dol_json_encode($listofdata);
 	else unset($_SESSION['massstockmove']);
 }

-if ($action == 'createmovement' && isset($_POST['valid']))
+if ($action == 'createmovements')
 {
+	$error=0;
+	
+	if (! GETPOST("label"))
+	{
+		$error++;
+		setEventMessage($langs->trans("ErrorFieldRequired"),$langs->transnoentitiesnoconv("LabelMovement"));
+	}
+	
+	$db->begin();
+	
+	if (! $error)
+	{
+		$product = new Product($db);

+		foreach($listofdata as $key => $val)	// Loop on each movement to do
+		{	
+			$id=$val['id'];
+			$id_product=$val['id_product'];
+			$id_sw=$val['id_sw'];
+			$id_tw=$val['id_tw'];
+			$qty=price2num($val['qty']);
+		
+			if (! $error && $id_sw <> $id_tw && is_numeric($qty) && $id_product)
+			{
+				$result=$product->fetch($id_product);

+				$product->load_stock();	// Load array product->stock_warehouse

+				// Define value of products moved
+				$pricesrc=0;
+				if (isset($product->stock_warehouse[$id_sw]->pmp)) $pricesrc=$product->stock_warehouse[$id_sw]->pmp;
+				$pricedest=$pricesrc;

+				//print 'price src='.$pricesrc.', price dest='.$pricedest;exit;
+
+				// Remove stock
+				$result1=$product->correct_stock(
+	    			$user,
+	    			$id_sw,
+	    			$qty,
+	    			1,
+	    			GETPOST("label"),
+	    			$pricesrc
+				);
+				if ($result1 < 0)
+				{
+					$error++;
+					setEventMessage($product->errors,'errors');	
+				}
+				
+				// Add stock
+				$result2=$product->correct_stock(
+	    			$user,
+	    			$id_tw,
+	    			$qty,
+	    			0,
+	    			GETPOST("label"),
+	    			$pricedest
+				);
+				if ($result2 < 0)
+				{
+					$error++;
+					setEventMessage($product->errors,'errors');	
+				}
+			}
+			else
+			{
+				dol_print_error('',"Bad value saved into sessions");
+				$error++;	
+			}
+		}
+	}
+	
+	if (! $error)
+	{
+		unset($_SESSION['massstockmove']);
+		
+		$db->commit();
+		setEventMessage($langs->trans("StockMovementRecorded"),'mesgs');
+		header("Location: ".DOL_URL_ROOT.'/product/stock/index.php');		// Redirect to avoid pb when using back
+		exit;
+	}
+	else
+	{
+		$db->rollback();
+		setEventMessage($langs->trans("Error"),'errors');
+	}
 }


@ -132,6 +219,8 @@ if ($action == 'createmovement' && isset($_POST['valid']))
 * View
 */

+$now=dol_now();
+
 $form=new Form($db);
 $formproduct=new FormProduct($db);
 $productstatic = new Product($db);
@ -144,8 +233,14 @@ llxHeader('', $title, $helpurl, '');

 print_fiche_titre($langs->trans("MassStockMovement")).'<br><br>';

-print $langs->trans("SelectProductInAndOutWareHouse").'<br>'; 
+$titletoadd=$langs->trans("Select");
+$titletoaddnoent=$langs->transnoentitiesnoconv("Select");
+$buttonrecord=$langs->trans("RecordMovement");
+$buttonrecordnoent=$langs->trans("RecordMovement");
+print $langs->trans("SelectProductInAndOutWareHouse",$titletoaddnoent,$buttonrecordnoent).'<br>';
+print '<br>'."\n"; 

+$var=true;

 // Form to add a line
 print '<form action="'.$_SERVER["PHP_SELF"].'" method="POST" name="formulaire">';
@ -153,56 +248,41 @@ print '<input type="hidden" name="token" value="' .$_SESSION['newtoken'] . '">';
 print '<input type="hidden" name="action" value="addline">';

 print '<table class="liste" width="100%">';
+//print '<div class="tagtable centpercent">';

 print '<tr class="liste_titre">';
-print_liste_field_titre($langs->trans('Product'),$_SERVER["PHP_SELF"],'',$param,'','',$sortfield,$sortorder);
-print_liste_field_titre($langs->trans('Qty'),$_SERVER["PHP_SELF"],'',$param,'','align="center"',$sortfield,$sortorder);
-print_liste_field_titre($langs->trans('WarehouseSource'),$_SERVER["PHP_SELF"],'',$param,'','align="center"',$sortfield,$sortorder);
-print_liste_field_titre($langs->trans('WarehouseTarget'),$_SERVER["PHP_SELF"],'',$param,'','align="center"',$sortfield,$sortorder);
-print_liste_field_titre('');
+print getTitleFieldOfList($langs->trans('ProductRef'),0,$_SERVER["PHP_SELF"],'',$param,'','class="tagtd"',$sortfield,$sortorder);
+print getTitleFieldOfList($langs->trans('ProductLabel'),0,$_SERVER["PHP_SELF"],'',$param,'','class="tagtd"',$sortfield,$sortorder);
+print getTitleFieldOfList($langs->trans('WarehouseSource'),0,$_SERVER["PHP_SELF"],'',$param,'','class="tagtd"',$sortfield,$sortorder);
+print getTitleFieldOfList($langs->trans('WarehouseTarget'),0,$_SERVER["PHP_SELF"],'',$param,'','class="tagtd"',$sortfield,$sortorder);
+print getTitleFieldOfList($langs->trans('Qty'),0,$_SERVER["PHP_SELF"],'',$param,'','align="center" class="tagtd"',$sortfield,$sortorder);
+print getTitleFieldOfList('',0);
 print '</tr>';

-print '<tr>';
+
+print '<tr '.$bc[$var].'>';
 // Product
-print '<td>';
+print '<td colspan="2">';
 $filtertype=0;
 if (! empty($conf->global->STOCK_SUPPORTS_SERVICES)) $filtertype='';
 print $form->select_produits($id_product,'productid',$filtertype);
 print '</td>';
-// Qty
-print '<td align="center"><input type="input" size="4" class="flat" name="qty" value="'.$qty.'"></td>';
 // In warehouse
-print '<td align="center">';
+print '<td>';
 print $formproduct->selectWarehouses($id_sw,'id_sw','',1);
 print '</td>';
 // Out warehouse
-print '<td align="center">';
+print '<td>';
 print $formproduct->selectWarehouses($id_tw,'id_tw','',1);
 print '</td>';
+// Qty
+print '<td align="center"><input type="text" size="4" class="flat" name="qty" value="'.$qty.'"></td>';
 // Button to add line
-print '<td align="right"><input type="submit" class="button" name="addline" value="'.dol_escape_htmltag($langs->trans("Add")).'"></td>';
+print '<td align="right"><input type="submit" class="button" name="addline" value="'.dol_escape_htmltag($titletoadd).'"></td>';

 print '</tr>';
-print '</table>';

-print '</form>';

-print '<br>';
-
-// List movement prepared
-print '<table class="liste" width="100%">';
-
-// Lignes des titres
-print '<tr class="liste_titre">';
-print_liste_field_titre($langs->trans('ProductRef'),$_SERVER["PHP_SELF"],'p.ref',$param,'','',$sortfield,$sortorder);
-print_liste_field_titre($langs->trans('ProductLabel'),$_SERVER["PHP_SELF"],'p.label',$param,'','',$sortfield,$sortorder);
-print_liste_field_titre($langs->trans('Qty'),$_SERVER["PHP_SELF"],'',$param,'','align="right"',$sortfield,$sortorder);
-print_liste_field_titre($langs->trans('WarehouseSource'),$_SERVER["PHP_SELF"],'',$param,'','align="right"',$sortfield,$sortorder);
-print_liste_field_titre($langs->trans('WarehouseTarget'),$_SERVER["PHP_SELF"],'',$param,'','align="right"',$sortfield,$sortorder);
-print_liste_field_titre('');
-print '</tr>';
-
-$var=false;
 foreach($listofdata as $key => $val)
 {
 	$var=!$var;
@ -219,24 +299,43 @@ foreach($listofdata as $key => $val)
 	print $productstatic->getNomUrl(1);
 	$productstatic->ref=$oldref;
 	print '</td>';
-	print '<td align="right">'.$val['qty'].'</td>';
-	print '<td align="right">';
+	print '<td>';
 	print $warehousestatics->getNomUrl(1);
 	print '</td>';
-	print '<td align="right">';
+	print '<td>';
 	print $warehousestatict->getNomUrl(1);
 	print '</td>';
+	print '<td align="center">'.$val['qty'].'</td>';
 	print '<td align="right"><a href="'.$_SERVER["PHP_SELF"].'?action=delline&idline='.$val['id'].'">'.img_delete($langs->trans("Remove")).'</a></td>';
 	
 	print '</tr>';
 }

 print '</table>';
-		
-// Generate
-$value=$langs->trans("RecordMovement");
-print '<div class="center"><input class="button" type="submit" name="valid" value="'.$value.'"></div>';

+print '</form>';
+
+
+print '<br>';
+
+
+print '<form action="'.$_SERVER["PHP_SELF"].'" method="POST" name="formulaire2">';
+print '<input type="hidden" name="token" value="' .$_SESSION['newtoken'] . '">';
+print '<input type="hidden" name="action" value="createmovements">';
+
+// Button to record mass movement
+$labelmovement=GETPOST("label")?GETPOST('label'):$langs->trans("MassStockMovement").' '.dol_print_date($now,'%Y-%m-%d %H:%M');
+
+print '<table class="border" width="100%">';
+	print '<tr>';
+	print '<td width="20%">'.$langs->trans("LabelMovement").'</td>';
+	print '<td colspan="5">';
+	print '<input type="text" name="label" size="80" value="'.dol_escape_htmltag($labelmovement).'">';
+	print '</td>';
+	print '</tr>';
+print '</table>';	
+
+print '<div class="center"><input class="button" type="submit" name="valid" value="'.dol_escape_htmltag($buttonrecord).'"></div>';

 print '</form>';

--- a/htdocs/product/stock/mouvement.php
+++ b/htdocs/product/stock/mouvement.php
@ -414,7 +414,7 @@ if ($resql)
    print "<tr class=\"liste_titre\">";
    //print_liste_field_titre($langs->trans("Id"),$_SERVER["PHP_SELF"], "m.rowid","",$param,"",$sortfield,$sortorder);
    print_liste_field_titre($langs->trans("Date"),$_SERVER["PHP_SELF"], "m.datem","",$param,"",$sortfield,$sortorder);
-    print_liste_field_titre($langs->trans("Label"),$_SERVER["PHP_SELF"], "m.label","",$param,"",$sortfield,$sortorder);
+    print_liste_field_titre($langs->trans("LabelMovement"),$_SERVER["PHP_SELF"], "m.label","",$param,"",$sortfield,$sortorder);
    print_liste_field_titre($langs->trans("ProductRef"),$_SERVER["PHP_SELF"], "p.ref","",$param,"",$sortfield,$sortorder);
    print_liste_field_titre($langs->trans("ProductLabel"),$_SERVER["PHP_SELF"], "p.ref","",$param,"",$sortfield,$sortorder);
    print_liste_field_titre($langs->trans("Warehouse"),$_SERVER["PHP_SELF"], "","",$param,"",$sortfield,$sortorder);	// We are on a specific warehouse card, no filter on other should be possible
--- a/htdocs/product/stock/product.php
+++ b/htdocs/product/stock/product.php
@ -429,7 +429,7 @@ if ($id > 0 || $ref)
 	 */
 	if ($action == "transfert")
 	{
-		print_titre($langs->trans("Transfer"));
+		print_titre($langs->trans("StockTransfer"));
 		print '<form action="'.$_SERVER["PHP_SELF"].'?id='.$product->id.'" method="post">'."\n";
 		print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
 		print '<input type="hidden" name="action" value="transfert_stock">';
@ -442,21 +442,21 @@ if ($id > 0 || $ref)
 		print '<td width="20%" class="fieldrequired">'.$langs->trans("WarehouseTarget").'</td><td width="20%">';
 		print $formproduct->selectWarehouses(GETPOST('id_entrepot_destination'),'id_entrepot_destination','',1);
 		print '</td>';
-		print '<td width="20%" class="fieldrequired">'.$langs->trans("NumberOfUnit").'</td><td width="20%"><input name="nbpiece" size="10" value="'.GETPOST("nbpiece").'"></td>';
+		print '<td width="20%" class="fieldrequired">'.$langs->trans("NumberOfUnit").'</td><td width="20%"><input type="text" class="flat" name="nbpiece" size="10" value="'.dol_escape_htmltag(GETPOST("nbpiece")).'"></td>';
 		print '</tr>';

 		// Label
 		print '<tr>';
-		print '<td width="20%">'.$langs->trans("Label").'</td>';
+		print '<td width="20%">'.$langs->trans("LabelMovement").'</td>';
 		print '<td colspan="5">';
-		print '<input type="text" name="label" size="40" value="'.GETPOST("label").'">';
+		print '<input type="text" name="label" size="80" value="'.dol_escape_htmltag(GETPOST("label")).'">';
 		print '</td>';
 		print '</tr>';

 		print '</table>';

-		print '<center><input type="submit" class="button" value="'.$langs->trans('Save').'">&nbsp;';
-		print '<input type="submit" class="button" name="cancel" value="'.$langs->trans("Cancel").'"></center>';
+		print '<center><input type="submit" class="button" value="'.dol_escape_htmltag($langs->trans('Save')).'">&nbsp;';
+		print '<input type="submit" class="button" name="cancel" value="'.dol_escape_htmltag($langs->trans("Cancel")).'"></center>';

 		print '</form>';
 	}
--- a/htdocs/public/test/test_arrays.php
+++ b/htdocs/public/test/test_arrays.php
@ -16,38 +16,41 @@ if (empty($conf->global->MAIN_FEATURES_LEVEL))
 <head>
 <meta name="robots" content="noindex,nofollow" />
 <meta name="author" content="Dolibarr Development Team">
-<link rel="shortcut icon" type="image/x-icon" href="/dolibarrnew/theme/eldy/img/favicon.ico"/>
+<link rel="shortcut icon" type="image/x-icon" href="<?php echo DOL_URL_ROOT ?>/theme/eldy/img/favicon.ico"/>
 <title>Login Dolibarr 3.4.0-alpha</title>
 <!-- Includes for JQuery (Ajax library) -->
-<link rel="stylesheet" type="text/css" href="/dolibarrnew/includes/jquery/css/smoothness/jquery-ui-latest.custom.css" />
-<link rel="stylesheet" type="text/css" href="/dolibarrnew/includes/jquery/plugins/datatables/css/jquery.dataTables.css" />
-<link rel="stylesheet" type="text/css" href="/dolibarrnew/includes/jquery/plugins/mobile/jquery.mobile-latest.min.css" />
-<link rel="stylesheet" type="text/css" title="default" href="/dolibarrnew/theme/eldy/style.css.php?dol_use_jmobile=1" />
+<link rel="stylesheet" type="text/css" href="<?php echo DOL_URL_ROOT ?>/includes/jquery/css/smoothness/jquery-ui-latest.custom.css" />
+<link rel="stylesheet" type="text/css" href="<?php echo DOL_URL_ROOT ?>/includes/jquery/plugins/datatables/css/jquery.dataTables.css" />
+<link rel="stylesheet" type="text/css" href="<?php echo DOL_URL_ROOT ?>/includes/jquery/plugins/mobile/jquery.mobile-latest.min.css" />
+<link rel="stylesheet" type="text/css" title="default" href="<?php echo DOL_URL_ROOT ?>/theme/eldy/style.css.php?dol_use_jmobile=1" />
 <!-- Includes JS for JQuery -->
-<script type="text/javascript" src="/dolibarrnew/includes/jquery/js/jquery-latest.min.js"></script>
-<script type="text/javascript" src="/dolibarrnew/includes/jquery/plugins/datatables/js/jquery.dataTables.js"></script>
-<!--<script type="text/javascript" src="/dolibarrnew/includes/jquery/plugins/mobile/jquery.mobile-latest.min.js"></script>-->
+<script type="text/javascript" src="<?php echo DOL_URL_ROOT ?>/includes/jquery/js/jquery-latest.min.js"></script>
+<script type="text/javascript" src="<?php echo DOL_URL_ROOT ?>/includes/jquery/plugins/datatables/js/jquery.dataTables.js"></script>
+<!--<script type="text/javascript" src="<?php echo DOL_URL_ROOT ?>/includes/jquery/plugins/mobile/jquery.mobile-latest.min.js"></script>-->
 </head>



-<body>
+<body style="margin: 4px;">
 <div data-role="page">
 <br>
 This page is a sample of page using tables. To make test with<br>
 - css (edit page to change)<br>
 - jmobile (edit page to enable/disable)<br>
- dataTables.<br><br>
+- dataTables.<br>
+<br>
+
+

 <br>
-Example 1 : Table using tags: div+form<br>
+Example 1 : Table using tags: div.tagtable+form+div or div.tagtable+div.tagtr+div.tagtd<br>

 <div class="tagtable centpercent" id="abc">
    <form class="liste_titre" method="POST" action="1.php">
        <div>snake<input type="hidden" name="cartitem" value="1"></div>
        <div><label><input type="checkbox" name="hidedetails" value="2"> A checkbox inside a cell</label></div>
        <div><input name="count" value="4"></div>
-        <div><input type="submit" name="count" value="aaa"></div>
+        <div><input type="submit" name="count" class="button noshadow" value="aaa"></div>
    </form>
    <form class="impair" method="POST" action="2.php">
        <div>snagfdgfd  gd fgf ke<input type="hidden" name="cartitem" value="2"></div>
@ -55,12 +58,12 @@ Example 1 : Table using tags: div+form<br>
        <div><input name="count" value="4"></div>
        <div><input type="submit" value="xxx" class="button"></div>
    </form>
-    <form class="pair" method="GET" action="3.php">
+    <div class="pair tagtr" method="GET" action="3.php">
        <div>snagfdgfd  gd fgf ke<input type="hidden" name="cartitem" value="3"></div>
        <div>dfsdf</div>
        <div><input name="count" value="4"></div>
        <div><input type="submit" value="zzz" class="button"></div>
-    </form>
+    </div>
 </div>


@ -69,7 +72,7 @@ Example 1 : Table using tags: div+form<br>



-Example 2 : Table using tags: table/thead/tbdoy/tr/td + dataTable<br>
+Example 2 : Table using tags: table/thead/tbody/tr/td + dataTable<br>

 <script type="text/javascript">
 /*$(document).ready(function(){
@ -123,9 +126,9 @@ $('xxxth').replaceWith(
 <table id="def">
 	<thead>
    <tr>
-        <td>snake</td>
-        <td><label><input type="checkbox" name="hidedetails" value="2"> A checkbox inside a cell</label></td>
-        <td>dddd</td>
+        <th>snake</th>
+        <th><label><input type="checkbox" name="hidedetails" value="2"> A checkbox inside a cell</label></th>
+		<?php print getTitleFieldOfList($langs->trans('zzz'),1,$_SERVER["PHP_SELF"],'','','','align="center" class="tagtd"',$sortfield,$sortorder); ?>
    </tr>
    </thead>
    <tbody>
--- a/htdocs/theme/amarok/img/sort_asc.png
+++ b/htdocs/theme/amarok/img/sort_asc.png
--- a/htdocs/theme/amarok/img/sort_asc_disabled.png
+++ b/htdocs/theme/amarok/img/sort_asc_disabled.png
--- a/htdocs/theme/amarok/img/sort_desc.png
+++ b/htdocs/theme/amarok/img/sort_desc.png
--- a/htdocs/theme/amarok/img/sort_desc_disabled.png
+++ b/htdocs/theme/amarok/img/sort_desc_disabled.png
--- a/htdocs/theme/amarok/style.css.php
+++ b/htdocs/theme/amarok/style.css.php
@ -252,6 +252,7 @@ input:disabled {background:#b6b6b6;}
 input[type=checkbox] { background-color: transparent; border: none; box-shadow: none; }
 input[type=radio]    { background-color: transparent; border: none; box-shadow: none; }
 input[type=image]    { background-color: transparent; border: none; box-shadow: none; }
+input[type=text]     { min-width: 20px; }
 input:-webkit-autofill {
 	background-color: <?php echo empty($dol_use_jmobile)?'#FBFFEA':'#FFFFFF' ?> !important;
 	background-image:none !important;
@ -1247,8 +1248,8 @@ table.liste td {padding:1px 2px 1px 0px;}
 .tagtable, .table-border { display: table; }
 .tagtr, .table-border-row  { display: table-row; }
 .tagtd, .table-border-col, .table-key-border-col, .table-val-border-col { display: table-cell; }
-.tagtable form { display: table-row; }
-.tagtable form div { display: table-cell; }
+.tagtable form, .tagtable div { display: table-row; }
+.tagtable form div, .tagtable div div { display: table-cell; }

 tr.liste_titre, tr.liste_titre_sel, form.liste_titre, form.liste_titre_sel
 {
@ -2087,6 +2088,27 @@ div.jnotify-background {
 }


+/* ============================================================================== */
+/*  Maps                                                                          */
+/* ============================================================================== */
+
+.divmap, #google-visualization-geomap-embed-0, #google-visualization-geomap-embed-1, google-visualization-geomap-embed-2 {
+    -moz-box-shadow: 0px 0px 10px #AAA;
+    -webkit-box-shadow: 0px 0px 10px #AAA;
+    box-shadow: 0px 0px 10px #AAA;
+}
+
+
+/* ============================================================================== */
+/*  Datatable                                                                     */
+/* ============================================================================== */
+
+.sorting_asc  { background: url('<?php echo dol_buildpath('/theme/'.$theme.'/img/sort_asc.png',1); ?>') no-repeat center right;
+.sorting_desc { background: url('<?php echo dol_buildpath('/theme/'.$theme.'/img/sort_desc.png',1); ?>') no-repeat center right;
+.sorting_asc_disabled  { background: url('<?php echo dol_buildpath('/theme/'.$theme.'/img/sort_asc_disabled',1); ?>') no-repeat center right;
+.sorting_desc_disabled { background: url('<?php echo dol_buildpath('/theme/'.$theme.'/img/sort_desc_disabled',1); ?>') no-repeat center right;
+
+
 /* ============================================================================== */
 /*  JMobile                                                                       */
 /* ============================================================================== */
--- a/htdocs/theme/auguria/img/sort_asc.png
+++ b/htdocs/theme/auguria/img/sort_asc.png
--- a/htdocs/theme/auguria/img/sort_asc_disabled.png
+++ b/htdocs/theme/auguria/img/sort_asc_disabled.png
--- a/htdocs/theme/auguria/img/sort_desc.png
+++ b/htdocs/theme/auguria/img/sort_desc.png
--- a/htdocs/theme/auguria/img/sort_desc_disabled.png
+++ b/htdocs/theme/auguria/img/sort_desc_disabled.png
--- a/htdocs/theme/auguria/style.css.php
+++ b/htdocs/theme/auguria/style.css.php
@ -149,6 +149,7 @@ textarea:disabled {
 input[type=checkbox] { background-color: transparent; border: none; box-shadow: none; }
 input[type=radio]    { background-color: transparent; border: none; box-shadow: none; }
 input[type=image]    { background-color: transparent; border: none; box-shadow: none; }
+input[type=text]     { min-width: 20px; }
 input:-webkit-autofill {
 	background-color: <?php echo empty($dol_use_jmobile)?'#FBFFEA':'#FFFFFF' ?> !important;
 	background-image:none !important;
@ -1359,8 +1360,8 @@ table.liste td {
 .tagtable, .table-border { display: table; }
 .tagtr, .table-border-row  { display: table-row; }
 .tagtd, .table-border-col, .table-key-border-col, .table-val-border-col { display: table-cell; }
-.tagtable form { display: table-row; }
-.tagtable form div { display: table-cell; }
+.tagtable form, .tagtable div { display: table-row; }
+.tagtable form div, .tagtable div div { display: table-cell; }

 tr.liste_titre, tr.liste_titre_sel, form.liste_titre, form.liste_titre_sel
 {
@ -2277,6 +2278,16 @@ div.ecmjqft {
 }


+/* ============================================================================== */
+/*  Datatable                                                                     */
+/* ============================================================================== */
+
+.sorting_asc  { background: url('<?php echo dol_buildpath('/theme/'.$theme.'/img/sort_asc.png',1); ?>') no-repeat center right;
+.sorting_desc { background: url('<?php echo dol_buildpath('/theme/'.$theme.'/img/sort_desc.png',1); ?>') no-repeat center right;
+.sorting_asc_disabled  { background: url('<?php echo dol_buildpath('/theme/'.$theme.'/img/sort_asc_disabled',1); ?>') no-repeat center right;
+.sorting_desc_disabled { background: url('<?php echo dol_buildpath('/theme/'.$theme.'/img/sort_desc_disabled',1); ?>') no-repeat center right;
+
+
 /* ============================================================================== */
 /*  JMobile                                                                       */
 /* ============================================================================== */
--- a/htdocs/theme/bureau2crea/img/sort_asc.png
+++ b/htdocs/theme/bureau2crea/img/sort_asc.png
--- a/htdocs/theme/bureau2crea/img/sort_asc_disabled.png
+++ b/htdocs/theme/bureau2crea/img/sort_asc_disabled.png
--- a/htdocs/theme/bureau2crea/img/sort_desc.png
+++ b/htdocs/theme/bureau2crea/img/sort_desc.png
--- a/htdocs/theme/bureau2crea/img/sort_desc_disabled.png
+++ b/htdocs/theme/bureau2crea/img/sort_desc_disabled.png
--- a/htdocs/theme/bureau2crea/style.css.php
+++ b/htdocs/theme/bureau2crea/style.css.php
@ -161,6 +161,7 @@ textarea:disabled {
 input[type=checkbox] { background-color: transparent; border: none; box-shadow: none; }
 input[type=radio]    { background-color: transparent; border: none; box-shadow: none; }
 input[type=image]    { background-color: transparent; border: none; box-shadow: none; }
+input[type=text]     { min-width: 20px; }
 input:-webkit-autofill {
 	background-color: <?php echo empty($dol_use_jmobile)?'#FBFFEA':'#FFFFFF' ?> !important;
 	background-image:none !important;
@ -1469,8 +1470,8 @@ table.noborder {
 .tagtable, .table-border { display: table; }
 .tagtr, .table-border-row  { display: table-row; }
 .tagtd, .table-border-col, .table-key-border-col, .table-val-border-col { display: table-cell; }
-.tagtable form { display: table-row; }
-.tagtable form div { display: table-cell; }
+.tagtable form, .tagtable div { display: table-row; }
+.tagtable form div, .tagtable div div { display: table-cell; }

 tr.liste_titre, form.liste_titre {
    height: 25px;
@ -2443,6 +2444,27 @@ div.ecmjqft {
 }


+/* ============================================================================== */
+/*  Maps                                                                          */
+/* ============================================================================== */
+
+.divmap, #google-visualization-geomap-embed-0, #google-visualization-geomap-embed-1, google-visualization-geomap-embed-2 {
+    -moz-box-shadow: 0px 0px 10px #AAA;
+    -webkit-box-shadow: 0px 0px 10px #AAA;
+    box-shadow: 0px 0px 10px #AAA;
+}
+
+
+/* ============================================================================== */
+/*  Datatable                                                                     */
+/* ============================================================================== */
+
+.sorting_asc  { background: url('<?php echo dol_buildpath('/theme/'.$theme.'/img/sort_asc.png',1); ?>') no-repeat center right;
+.sorting_desc { background: url('<?php echo dol_buildpath('/theme/'.$theme.'/img/sort_desc.png',1); ?>') no-repeat center right;
+.sorting_asc_disabled  { background: url('<?php echo dol_buildpath('/theme/'.$theme.'/img/sort_asc_disabled',1); ?>') no-repeat center right;
+.sorting_desc_disabled { background: url('<?php echo dol_buildpath('/theme/'.$theme.'/img/sort_desc_disabled',1); ?>') no-repeat center right;
+
+
 /* ============================================================================== */
 /*  JMobile                                                                       */
 /* ============================================================================== */
--- a/htdocs/theme/cameleo/img/sort_asc.png
+++ b/htdocs/theme/cameleo/img/sort_asc.png
--- a/htdocs/theme/cameleo/img/sort_asc_disabled.png
+++ b/htdocs/theme/cameleo/img/sort_asc_disabled.png
--- a/htdocs/theme/cameleo/img/sort_desc.png
+++ b/htdocs/theme/cameleo/img/sort_desc.png
--- a/htdocs/theme/cameleo/img/sort_desc_disabled.png
+++ b/htdocs/theme/cameleo/img/sort_desc_disabled.png
--- a/htdocs/theme/cameleo/style.css.php
+++ b/htdocs/theme/cameleo/style.css.php
@ -127,6 +127,7 @@ textarea:disabled {
 input[type=checkbox] { background-color: transparent; border: none; box-shadow: none; }
 input[type=radio]    { background-color: transparent; border: none; box-shadow: none; }
 input[type=image]    { background-color: transparent; border: none; box-shadow: none; }
+input[type=text]     { min-width: 20px; }
 input:-webkit-autofill {
 	background-color: <?php echo empty($dol_use_jmobile)?'#FBFFEA':'#FFFFFF' ?> !important;
 	background-image:none !important;
@ -1496,8 +1497,8 @@ table.liste td {
 .tagtable, .table-border { display: table; }
 .tagtr, .table-border-row  { display: table-row; }
 .tagtd, .table-border-col, .table-key-border-col, .table-val-border-col { display: table-cell; }
-.tagtable form { display: table-row; }
-.tagtable form div { display: table-cell; }
+.tagtable form, .tagtable div { display: table-row; }
+.tagtable form div, .tagtable div div { display: table-cell; }

 tr.liste_titre, tr.liste_titre_sel, form.liste_titre, form.liste_titre_sel
 {
@ -2337,6 +2338,26 @@ div.ecmjqft {
 }


+/* ============================================================================== */
+/*  Maps                                                                          */
+/* ============================================================================== */
+
+.divmap, #google-visualization-geomap-embed-0, #google-visualization-geomap-embed-1, google-visualization-geomap-embed-2 {
+    -moz-box-shadow: 0px 0px 10px #AAA;
+    -webkit-box-shadow: 0px 0px 10px #AAA;
+    box-shadow: 0px 0px 10px #AAA;
+}
+
+
+/* ============================================================================== */
+/*  Datatable                                                                     */
+/* ============================================================================== */
+
+.sorting_asc  { background: url('<?php echo dol_buildpath('/theme/'.$theme.'/img/sort_asc.png',1); ?>') no-repeat center right;
+.sorting_desc { background: url('<?php echo dol_buildpath('/theme/'.$theme.'/img/sort_desc.png',1); ?>') no-repeat center right;
+.sorting_asc_disabled  { background: url('<?php echo dol_buildpath('/theme/'.$theme.'/img/sort_asc_disabled',1); ?>') no-repeat center right;
+.sorting_desc_disabled { background: url('<?php echo dol_buildpath('/theme/'.$theme.'/img/sort_desc_disabled',1); ?>') no-repeat center right;
+

 /* ============================================================================== */
 /*  JMobile                                                                       */
--- a/htdocs/theme/eldy/img/sort_asc.png
+++ b/htdocs/theme/eldy/img/sort_asc.png
--- a/htdocs/theme/eldy/img/sort_asc_disabled.png
+++ b/htdocs/theme/eldy/img/sort_asc_disabled.png
--- a/htdocs/theme/eldy/img/sort_desc.png
+++ b/htdocs/theme/eldy/img/sort_desc.png
--- a/htdocs/theme/eldy/img/sort_desc_disabled.png
+++ b/htdocs/theme/eldy/img/sort_desc_disabled.png
--- a/htdocs/theme/eldy/style.css.php
+++ b/htdocs/theme/eldy/style.css.php
@ -292,6 +292,7 @@ textarea:disabled {
 input[type=checkbox] { background-color: transparent; border: none; box-shadow: none; }
 input[type=radio]    { background-color: transparent; border: none; box-shadow: none; }
 input[type=image]    { background-color: transparent; border: none; box-shadow: none; }
+input[type=text]     { min-width: 20px; }
 input:-webkit-autofill {
 	background-color: <?php echo empty($dol_use_jmobile)?'#FBFFEA':'#FFFFFF' ?> !important;
 	background-image:none !important;
@ -1723,8 +1724,8 @@ table.liste td {
 .tagtable, .table-border { display: table; }
 .tagtr, .table-border-row  { display: table-row; }
 .tagtd, .table-border-col, .table-key-border-col, .table-val-border-col { display: table-cell; }
-.tagtable form { display: table-row; }
-.tagtable form div { display: table-cell; }
+.tagtable form, .tagtable div { display: table-row; }
+.tagtable form div, .tagtable div div { display: table-cell; }

 tr.liste_titre, tr.liste_titre_sel, form.liste_titre, form.liste_titre_sel, table.dataTable.tr
 {
@ -2677,6 +2678,14 @@ div.dolEventError h1, div.dolEventError h2 {
 }


+/* ============================================================================== */
+/*  Datatable                                                                     */
+/* ============================================================================== */
+
+.sorting_asc  { background: url('<?php echo dol_buildpath('/theme/'.$theme.'/img/sort_asc.png',1); ?>') no-repeat center right;
+.sorting_desc { background: url('<?php echo dol_buildpath('/theme/'.$theme.'/img/sort_desc.png',1); ?>') no-repeat center right;
+.sorting_asc_disabled  { background: url('<?php echo dol_buildpath('/theme/'.$theme.'/img/sort_asc_disabled',1); ?>') no-repeat center right;
+.sorting_desc_disabled { background: url('<?php echo dol_buildpath('/theme/'.$theme.'/img/sort_desc_disabled',1); ?>') no-repeat center right;


 /* ============================================================================== */
--- a/test/phpunit/CoreTest.php
+++ b/test/phpunit/CoreTest.php
@ -1,5 +1,5 @@
 <?php
-/* Copyright (C) 2010 Laurent Destailleur  <eldy@users.sourceforge.net>
+/* Copyright (C) 2010-2013 Laurent Destailleur  <eldy@users.sourceforge.net>
 *
 * This program is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
@ -206,10 +206,79 @@ class CoreTest extends PHPUnit_Framework_TestCase

 		print __METHOD__." DOL_MAIN_URL_ROOT=".DOL_MAIN_URL_ROOT."\n";
 		print __METHOD__." DOL_URL_ROOT=".DOL_URL_ROOT."\n";
-		$this->assertEquals(DOL_URL_ROOT,$expectedresult);
+//		$this->assertEquals(DOL_URL_ROOT,$expectedresult);

 		return true;
    }

+
+    /**
+     * testSqlAndScriptInject
+     * 
+     * @return	void
+     */
+    public function testSqlAndScriptInject()
+    {
+    	global $dolibarr_main_prod;
+
+		global $dolibarr_main_url_root;
+		global $dolibarr_main_data_root;
+		global $dolibarr_main_document_root;
+		global $dolibarr_main_data_root_alt;
+		global $dolibarr_main_document_root_alt;
+		global $dolibarr_main_db_host;
+		global $dolibarr_main_db_port;
+		global $dolibarr_main_db_type;
+		global $dolibarr_main_db_prefix;
+		
+				
+		// This is code copied from main.inc.php
+		
+		/**
+		 * Security: SQL Injection and XSS Injection (scripts) protection (Filters on GET, POST, PHP_SELF).
+		 *
+		 * @param		string		$val		Value
+		 * @param		string		$type		1=GET, 0=POST, 2=PHP_SELF
+		 * @return		int						>0 if there is an injection
+		 */
+		function test_sql_and_script_inject($val, $type)
+		{
+		    $sql_inj = 0;
+		    // For SQL Injection (only GET and POST are used to be included into bad escaped SQL requests)
+		    if ($type != 2)
+		    {
+		        $sql_inj += preg_match('/delete[\s]+from/i', $val);
+		        $sql_inj += preg_match('/create[\s]+table/i', $val);
+		        $sql_inj += preg_match('/update.+set.+=/i', $val);
+		        $sql_inj += preg_match('/insert[\s]+into/i', $val);
+		        $sql_inj += preg_match('/select.+from/i', $val);
+		        $sql_inj += preg_match('/union.+select/i', $val);
+		        $sql_inj += preg_match('/(\.\.%2f)+/i', $val);
+		    }
+		    // For XSS Injection done by adding javascript with script
+		    // This is all cases a browser consider text is javascript:
+		    // When it found '<script', 'javascript:', '<style', 'onload\s=' on body tag, '="&' on a tag size with old browsers
+		    // All examples on page: http://ha.ckers.org/xss.html#XSScalc
+		    $sql_inj += preg_match('/<script/i', $val);
+		    if (! defined('NOSTYLECHECK')) $sql_inj += preg_match('/<style/i', $val);
+		    $sql_inj += preg_match('/base[\s]+href/i', $val);
+		    if ($type == 1)
+		    {
+		        $sql_inj += preg_match('/javascript:/i', $val);
+		        $sql_inj += preg_match('/vbscript:/i', $val);
+		    }
+		    // For XSS Injection done by adding javascript closing html tags like with onmousemove, etc... (closing a src or href tag with not cleaned param)
+		    if ($type == 1) $sql_inj += preg_match('/"/i', $val);		// We refused " in GET parameters value
+		    if ($type == 2) $sql_inj += preg_match('/[\s;"]/', $val);	// PHP_SELF is an url and must match url syntax
+		    return $sql_inj;
+		}
+		
+    	//type=2 key=0 value=/DIR WITH SPACE/htdocs/admin/index.php?mainmenu=home&leftmenu=setup&username=weservices
+    	$_SERVER["PHP_SELF"]='/DIR WITH SPACE/htdocs/admin/index.php?mainmenu=home&leftmenu=setup&username=weservices';
+    	$result=test_sql_and_script_inject($_SERVER["PHP_SELF"],2);
+		$expectedresult=1;
+		
+		$this->assertEquals($result,$expectedresult);
+    }
 }
 ?>