From ea8280af9854a81cc9b42bf641a676fd2a574b92 Mon Sep 17 00:00:00 2001
From: Adrien Raze <adrien.raze@atm-consulting.fr>
Date: Wed, 17 Nov 2021 17:32:17 +0100
Subject: [PATCH 1/6] FIX : status filter on supplierOrder stats doesn't work

---
 htdocs/commande/stats/index.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/htdocs/commande/stats/index.php b/htdocs/commande/stats/index.php
index bd92dc084c7..e92cd076928 100644
--- a/htdocs/commande/stats/index.php
+++ b/htdocs/commande/stats/index.php
@@ -95,12 +95,12 @@ dol_mkdir($dir);
 $stats = new CommandeStats($db, $socid, $mode, ($userid > 0 ? $userid : 0), ($typent_id > 0 ? $typent_id : 0), ($categ_id > 0 ? $categ_id : 0));
 if ($mode == 'customer') {
 	if ($object_status != '' && $object_status >= -1) {
-		$stats->where .= ' AND c.fk_statut IN ('.$db->sanitize($object_status).')';
+		$stats->where .= ' AND c.fk_statut IN ('.implode(',',$object_status).')';
 	}
 }
 if ($mode == 'supplier') {
 	if ($object_status != '' && $object_status >= 0) {
-		$stats->where .= ' AND c.fk_statut IN ('.$db->sanitize($object_status).')';
+		$stats->where .= ' AND c.fk_statut IN ('.implode(',',$object_status).')';
 	}
 }
 

From c5f6c617c91dce34eced356c7605f5a4cd5ff2b9 Mon Sep 17 00:00:00 2001
From: stickler-ci <support@stickler-ci.com>
Date: Fri, 19 Nov 2021 08:34:45 +0000
Subject: [PATCH 2/6] Fixing style errors.

---
 htdocs/commande/stats/index.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/htdocs/commande/stats/index.php b/htdocs/commande/stats/index.php
index e92cd076928..4753666b2bc 100644
--- a/htdocs/commande/stats/index.php
+++ b/htdocs/commande/stats/index.php
@@ -95,12 +95,12 @@ dol_mkdir($dir);
 $stats = new CommandeStats($db, $socid, $mode, ($userid > 0 ? $userid : 0), ($typent_id > 0 ? $typent_id : 0), ($categ_id > 0 ? $categ_id : 0));
 if ($mode == 'customer') {
 	if ($object_status != '' && $object_status >= -1) {
-		$stats->where .= ' AND c.fk_statut IN ('.implode(',',$object_status).')';
+		$stats->where .= ' AND c.fk_statut IN ('.implode(',', $object_status).')';
 	}
 }
 if ($mode == 'supplier') {
 	if ($object_status != '' && $object_status >= 0) {
-		$stats->where .= ' AND c.fk_statut IN ('.implode(',',$object_status).')';
+		$stats->where .= ' AND c.fk_statut IN ('.implode(',', $object_status).')';
 	}
 }
 

From dc23c7f6a3a69ae11367d696cde8a46a587d08a7 Mon Sep 17 00:00:00 2001
From: Adrien Raze <adrien.raze@atm-consulting.fr>
Date: Fri, 19 Nov 2021 10:29:27 +0100
Subject: [PATCH 3/6] FIX : Travis

---
 htdocs/commande/stats/index.php | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/htdocs/commande/stats/index.php b/htdocs/commande/stats/index.php
index 4753666b2bc..c93c8888aa9 100644
--- a/htdocs/commande/stats/index.php
+++ b/htdocs/commande/stats/index.php
@@ -95,12 +95,12 @@ dol_mkdir($dir);
 $stats = new CommandeStats($db, $socid, $mode, ($userid > 0 ? $userid : 0), ($typent_id > 0 ? $typent_id : 0), ($categ_id > 0 ? $categ_id : 0));
 if ($mode == 'customer') {
 	if ($object_status != '' && $object_status >= -1) {
-		$stats->where .= ' AND c.fk_statut IN ('.implode(',', $object_status).')';
+		$stats->where .= ' AND c.fk_statut IN ('.$db->escape(implode(',', $object_status)).')';
 	}
 }
 if ($mode == 'supplier') {
 	if ($object_status != '' && $object_status >= 0) {
-		$stats->where .= ' AND c.fk_statut IN ('.implode(',', $object_status).')';
+		$stats->where .= ' AND c.fk_statut IN ('.$db->escape(implode(',', $object_status)).')';
 	}
 }
 

From 4246cd80f9cde7c61601b6e7cd6e0bf571ac9749 Mon Sep 17 00:00:00 2001
From: Adrien Raze <adrien.raze@atm-consulting.fr>
Date: Wed, 24 Nov 2021 16:27:01 +0100
Subject: [PATCH 4/6] FIX : Travis + Update dev

---
 htdocs/commande/stats/index.php | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/htdocs/commande/stats/index.php b/htdocs/commande/stats/index.php
index c93c8888aa9..307588adb32 100644
--- a/htdocs/commande/stats/index.php
+++ b/htdocs/commande/stats/index.php
@@ -46,7 +46,9 @@ if ($mode == 'supplier' && !$user->rights->fournisseur->commande->lire) {
 	accessforbidden();
 }
 
-$object_status = GETPOST('object_status', 'intcomma');
+$object_status = GETPOST('object_status', 'array');
+$object_status = implode(',', $object_status);
+
 $typent_id = GETPOST('typent_id', 'int');
 $categ_id = GETPOST('categ_id', 'categ_id');
 
@@ -95,12 +97,12 @@ dol_mkdir($dir);
 $stats = new CommandeStats($db, $socid, $mode, ($userid > 0 ? $userid : 0), ($typent_id > 0 ? $typent_id : 0), ($categ_id > 0 ? $categ_id : 0));
 if ($mode == 'customer') {
 	if ($object_status != '' && $object_status >= -1) {
-		$stats->where .= ' AND c.fk_statut IN ('.$db->escape(implode(',', $object_status)).')';
+		$stats->where .= ' AND c.fk_statut IN ('.$db->sanitize($object_status).')';
 	}
 }
 if ($mode == 'supplier') {
 	if ($object_status != '' && $object_status >= 0) {
-		$stats->where .= ' AND c.fk_statut IN ('.$db->escape(implode(',', $object_status)).')';
+		$stats->where .= ' AND c.fk_statut IN ('.$db->sanitize($object_status).')';
 	}
 }
 

From 146b432acfed10fd9b57e835de5c48da6e1952af Mon Sep 17 00:00:00 2001
From: Adrien Raze <adrien.raze@atm-consulting.fr>
Date: Thu, 24 Feb 2022 11:07:31 +0100
Subject: [PATCH 5/6] FIX: PR returns

---
 htdocs/commande/stats/index.php | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/htdocs/commande/stats/index.php b/htdocs/commande/stats/index.php
index 307588adb32..19092e49a3c 100644
--- a/htdocs/commande/stats/index.php
+++ b/htdocs/commande/stats/index.php
@@ -45,9 +45,13 @@ if ($mode == 'customer' && !$user->rights->commande->lire) {
 if ($mode == 'supplier' && !$user->rights->fournisseur->commande->lire) {
 	accessforbidden();
 }
+if($mode == 'supplier'){
+	$object_status = GETPOST('object_status', 'array:int');
+	$object_status = implode(',', $object_status);
+} else {
+	$object_status = GETPOST('object_status', 'intcomma');
+}
 
-$object_status = GETPOST('object_status', 'array');
-$object_status = implode(',', $object_status);
 
 $typent_id = GETPOST('typent_id', 'int');
 $categ_id = GETPOST('categ_id', 'categ_id');

From fa4e6bd93a068a52f6123fecb3e9062761f8f8a4 Mon Sep 17 00:00:00 2001
From: stickler-ci <support@stickler-ci.com>
Date: Thu, 24 Feb 2022 10:10:41 +0000
Subject: [PATCH 6/6] Fixing style errors.

---
 htdocs/commande/stats/index.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/htdocs/commande/stats/index.php b/htdocs/commande/stats/index.php
index 19092e49a3c..7d0f9fb5a3a 100644
--- a/htdocs/commande/stats/index.php
+++ b/htdocs/commande/stats/index.php
@@ -45,7 +45,7 @@ if ($mode == 'customer' && !$user->rights->commande->lire) {
 if ($mode == 'supplier' && !$user->rights->fournisseur->commande->lire) {
 	accessforbidden();
 }
-if($mode == 'supplier'){
+if ($mode == 'supplier') {
 	$object_status = GETPOST('object_status', 'array:int');
 	$object_status = implode(',', $object_status);
 } else {