lainwir3d/dolibarr
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge branch 'develop' of git@github.com:Dolibarr/dolibarr.git into develop6

Browse Source
This commit is contained in:
Laurent Destailleur 2016-12-18 02:21:57 +01:00
commit 78bf209119
80 changed files with 1459 additions and 1093 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
build/debian/conf.php.install
View File

@ -221,7 +221,13 @@ $dolibarr_main_prod='0';
# $dolibarr_main_limit_users='0';
# dolibarr_mailing_limit_sendbyweb
# Can set a limit for mailing send by web, can be used for a restricted mode.
# Can set a limit for mailing send by web. This overwrite database value. Can be used to restrict on OS level.
# Default value: 0 (use database value if exist)
# Examples:
# $dolibarr_mailing_limit_sendbyweb='0';
# dolibarr_mailing_limit_sendbycli
# Can set a limit for mailing send by cli. This overwrite database value. Can be used to restrict on OS level.
# Default value: 0 (use database value if exist)
# Examples:
# $dolibarr_mailing_limit_sendbycli='0';

32
htdocs/adherents/card.php
View File

@ -822,7 +822,7 @@ else
// Login
if (empty($conf->global->ADHERENT_LOGIN_NOT_REQUIRED))
{
print '<tr><td><span class="fieldrequired">'.$langs->trans("Login").' / '.$langs->trans("Id").'</span></td><td><input type="text" name="member_login" size="40" value="'.(isset($_POST["member_login"])?$_POST["member_login"]:$object->login).'"></td></tr>';
print '<tr><td><span class="fieldrequired">'.$langs->trans("Login").' / '.$langs->trans("Id").'</span></td><td><input type="text" name="member_login" class="maxwidth200" value="'.(isset($_POST["member_login"])?GETPOST("member_login", 'alpha', 2):$object->login).'"></td></tr>';
}
// Type
@ -1066,7 +1066,7 @@ else
// Login
if (empty($conf->global->ADHERENT_LOGIN_NOT_REQUIRED))
{
print '<tr><td><span class="fieldrequired">'.$langs->trans("Login").' / '.$langs->trans("Id").'</span></td><td colspan="2"><input type="text" name="login" size="30" value="'.(isset($_POST["login"])?$_POST["login"]:$object->login).'"></td></tr>';
print '<tr><td><span class="fieldrequired">'.$langs->trans("Login").' / '.$langs->trans("Id").'</span></td><td colspan="2"><input type="text" name="login" class="maxwidth200" value="'.(isset($_POST["login"])?GETPOST("login",'alpha',2):$object->login).'"></td></tr>';
}
// Morphy
@ -1090,7 +1090,7 @@ else
print "</td></tr>";
// Company
print '<tr><td id="tdcompany">'.$langs->trans("Company").'</td><td><input type="text" name="societe" size="40" value="'.(isset($_POST["societe"])?$_POST["societe"]:$object->societe).'"></td></tr>';
print '<tr><td id="tdcompany">'.$langs->trans("Company").'</td><td><input type="text" name="societe" size="40" value="'.(isset($_POST["societe"])?GETPOST("societe",'',2):$object->societe).'"></td></tr>';
// Civility
print '<tr><td>'.$langs->trans("UserTitle").'</td><td>';
@ -1099,11 +1099,11 @@ else
print '</tr>';
// Lastname
print '<tr><td id="tdlastname">'.$langs->trans("Lastname").'</td><td><input type="text" name="lastname" size="40" value="'.(isset($_POST["lastname"])?$_POST["lastname"]:$object->lastname).'"></td>';
print '<tr><td id="tdlastname">'.$langs->trans("Lastname").'</td><td><input type="text" name="lastname" size="40" value="'.(isset($_POST["lastname"])?GETPOST("lastname",'',2):$object->lastname).'"></td>';
print '</tr>';
// Firstname
print '<tr><td id="tdfirstname">'.$langs->trans("Firstname").'</td><td><input type="text" name="firstname" size="40" value="'.(isset($_POST["firstname"])?$_POST["firstname"]:$object->firstname).'"></td>';
print '<tr><td id="tdfirstname">'.$langs->trans("Firstname").'</td><td><input type="text" name="firstname" size="40" value="'.(isset($_POST["firstname"])?GETPOST("firstname",'',3):$object->firstname).'"></td>';
print '</tr>';
// Photo
@ -1122,24 +1122,24 @@ else
print '</td></tr>';
// EMail
print '<tr><td>'.($conf->global->ADHERENT_MAIL_REQUIRED?'<span class="fieldrequired">':'').$langs->trans("EMail").($conf->global->ADHERENT_MAIL_REQUIRED?'</span>':'').'</td><td><input type="text" name="email" size="40" value="'.(isset($_POST["email"])?$_POST["email"]:$object->email).'"></td></tr>';
print '<tr><td>'.($conf->global->ADHERENT_MAIL_REQUIRED?'<span class="fieldrequired">':'').$langs->trans("EMail").($conf->global->ADHERENT_MAIL_REQUIRED?'</span>':'').'</td><td><input type="text" name="email" size="40" value="'.(isset($_POST["email"])?GETPOST("email",'',2):$object->email).'"></td></tr>';
// Password
if (empty($conf->global->ADHERENT_LOGIN_NOT_REQUIRED))
{
print '<tr><td class="fieldrequired">'.$langs->trans("Password").'</td><td><input type="password" name="pass" size="30" value="'.(isset($_POST["pass"])?$_POST["pass"]:$object->pass).'"></td></tr>';
print '<tr><td class="fieldrequired">'.$langs->trans("Password").'</td><td><input type="password" name="pass" class="maxwdith200" value="'.(isset($_POST["pass"])?GETPOST("pass",'',2):$object->pass).'"></td></tr>';
}
// Address
print '<tr><td>'.$langs->trans("Address").'</td><td>';
print '<textarea name="address" wrap="soft" class="quatrevingtpercent" rows="2">'.(isset($_POST["address"])?$_POST["address"]:$object->address).'</textarea>';
print '<textarea name="address" wrap="soft" class="quatrevingtpercent" rows="2">'.(isset($_POST["address"])?GETPOST("address",'',2):$object->address).'</textarea>';
print '</td></tr>';
// Zip / Town
print '<tr><td>'.$langs->trans("Zip").' / '.$langs->trans("Town").'</td><td>';
print $formcompany->select_ziptown((isset($_POST["zipcode"])?$_POST["zipcode"]:$object->zip),'zipcode',array('town','selectcountry_id','state_id'),6);
print $formcompany->select_ziptown((isset($_POST["zipcode"])?GETPOST("zipcode",'',2):$object->zip),'zipcode',array('town','selectcountry_id','state_id'),6);
print ' ';
print $formcompany->select_ziptown((isset($_POST["town"])?$_POST["town"]:$object->town),'town',array('zipcode','selectcountry_id','state_id'));
print $formcompany->select_ziptown((isset($_POST["town"])?GETPOST("town",'',2):$object->town),'town',array('zipcode','selectcountry_id','state_id'));
print '</td></tr>';
// Country
@ -1153,23 +1153,23 @@ else
if (empty($conf->global->MEMBER_DISABLE_STATE))
{
print '<tr><td>'.$langs->trans('State').'</td><td>';
print $formcompany->select_state($object->state_id,isset($_POST["country_id"])?$_POST["country_id"]:$object->country_id);
print $formcompany->select_state($object->state_id,isset($_POST["country_id"])?GETPOST("country_id"):$object->country_id);
print '</td></tr>';
}
// Pro phone
print '<tr><td>'.$langs->trans("PhonePro").'</td><td><input type="text" name="phone" size="20" value="'.(isset($_POST["phone"])?$_POST["phone"]:$object->phone).'"></td></tr>';
print '<tr><td>'.$langs->trans("PhonePro").'</td><td><input type="text" name="phone" size="20" value="'.(isset($_POST["phone"])?GETPOST("phone"):$object->phone).'"></td></tr>';
// Personal phone
print '<tr><td>'.$langs->trans("PhonePerso").'</td><td><input type="text" name="phone_perso" size="20" value="'.(isset($_POST["phone_perso"])?$_POST["phone_perso"]:$object->phone_perso).'"></td></tr>';
print '<tr><td>'.$langs->trans("PhonePerso").'</td><td><input type="text" name="phone_perso" size="20" value="'.(isset($_POST["phone_perso"])?GETPOST("phone_perso"):$object->phone_perso).'"></td></tr>';
// Mobile phone
print '<tr><td>'.$langs->trans("PhoneMobile").'</td><td><input type="text" name="phone_mobile" size="20" value="'.(isset($_POST["phone_mobile"])?$_POST["phone_mobile"]:$object->phone_mobile).'"></td></tr>';
print '<tr><td>'.$langs->trans("PhoneMobile").'</td><td><input type="text" name="phone_mobile" size="20" value="'.(isset($_POST["phone_mobile"])?GETPOST("hone_mobile"):$object->phone_mobile).'"></td></tr>';
// Skype
if (! empty($conf->skype->enabled))
{
print '<tr><td>'.$langs->trans("Skype").'</td><td><input type="text" name="skype" size="40" value="'.(isset($_POST["skype"])?$_POST["skype"]:$object->skype).'"></td></tr>';
print '<tr><td>'.$langs->trans("Skype").'</td><td><input type="text" name="skype" size="40" value="'.(isset($_POST["skype"])?GETPOST("skype"):$object->skype).'"></td></tr>';
}
// Birthday
@ -1179,7 +1179,7 @@ else
// Public profil
print "<tr><td>".$langs->trans("Public")."</td><td>\n";
print $form->selectyesno("public",(isset($_POST["public"])?$_POST["public"]:$object->public),1);
print $form->selectyesno("public",(isset($_POST["public"])?GETPOST("public",'',2):$object->public),1);
print "</td></tr>\n";
// Categories

28
htdocs/adherents/class/subscription.class.php
View File

@ -32,7 +32,8 @@ class Subscription extends CommonObject
{
public $element='subscription';
public $table_element='subscription';
public $picto='payment';
var $datec; // Date creation
var $datem; // Date modification
var $dateh; // Subscription start date (date subscription)
@ -277,6 +278,31 @@ class Subscription extends CommonObject
}
/**
* Retourne le libelle du statut d'une adhesion
*
* @param int $mode 0=libelle long, 1=libelle court, 2=Picto + Libelle court, 3=Picto, 4=Picto + Libelle long, 5=Libelle court + Picto
* @return string Label
*/
function getLibStatut($mode=0)
{
return '';
}
/**
* Renvoi le libelle d'un statut donne
*
* @param int $statut Id statut
* @param int $mode 0=libelle long, 1=libelle court, 2=Picto + Libelle court, 3=Picto, 4=Picto + Libelle long, 5=Libelle court + Picto
* @return string Label
*/
function LibStatut($statut)
{
global $langs;
$langs->load("members");
return '';
}
/**
* Load information of the subscription object
*

8
htdocs/adherents/subscription.php
View File

@ -792,7 +792,7 @@ if ($rowid > 0)
$sql.= " c.datef,";
$sql.= " c.fk_bank,";
$sql.= " b.rowid as bid,";
$sql.= " ba.rowid as baid, ba.label, ba.bank";
$sql.= " ba.rowid as baid, ba.label, ba.bank, ba.ref, ba.account_number, ba.accountancy_journal, ba.number";
$sql.= " FROM ".MAIN_DB_PREFIX."adherent as d, ".MAIN_DB_PREFIX."subscription as c";
$sql.= " LEFT JOIN ".MAIN_DB_PREFIX."bank as b ON c.fk_bank = b.rowid";
$sql.= " LEFT JOIN ".MAIN_DB_PREFIX."bank_account as ba ON b.fk_account = ba.rowid";
@ -807,7 +807,7 @@ if ($rowid > 0)
$num = $db->num_rows($result);
$i = 0;
print "<table class=\"noborder\" width=\"100%\">\n";
print '<table class="noborder" width="100%">'."\n";
print '<tr class="liste_titre">';
print '<td>'.$langs->trans("Ref").'</td>';
@ -841,6 +841,10 @@ if ($rowid > 0)
{
$accountstatic->label=$objp->label;
$accountstatic->id=$objp->baid;
$accountstatic->number=$objp->number;
$accountstatic->account_number=$objp->account_number;
$accountstatic->accountancy_journal=$objp->accountancy_journal;
$accountstatic->ref=$objp->ref;
print $accountstatic->getNomUrl(1);
}
else

44
htdocs/adherents/subscription/card.php
View File

@ -40,6 +40,7 @@ $action=GETPOST("action",'alpha');
$rowid=GETPOST("rowid","int")?GETPOST("rowid","int"):GETPOST("id","int");
$typeid=GETPOST("typeid","int");
$cancel=GETPOST('cancel');
$confirm=GETPOST('confirm');
if (! $user->rights->adherent->cotisation->lire)
accessforbidden();
@ -62,10 +63,10 @@ include DOL_DOCUMENT_ROOT.'/core/actions_dellink.inc.php'; // Must be include,
//include DOL_DOCUMENT_ROOT.'/core/actions_lineupdown.inc.php'; // Must be include, not include_once
if ($user->rights->adherent->cotisation->creer && $_REQUEST["action"] == 'update' && ! $_POST["cancel"])
if ($user->rights->adherent->cotisation->creer && $action == 'update' && ! $cancel)
{
// Charge objet actuel
$result=$object->fetch($_POST["rowid"]);
$result=$object->fetch($rowid);
if ($result > 0)
{
$db->begin();
@ -138,7 +139,7 @@ if ($user->rights->adherent->cotisation->creer && $_REQUEST["action"] == 'update
}
}
if ($_REQUEST["action"] == 'confirm_delete' && $_REQUEST["confirm"] == 'yes' && $user->rights->adherent->cotisation->creer)
if ($action == 'confirm_delete' && $confirm == 'yes' && $user->rights->adherent->cotisation->creer)
{
$result=$object->fetch($rowid);
$result=$object->delete($user);
@ -189,11 +190,11 @@ if ($user->rights->adherent->cotisation->creer && $action == 'edit')
dol_fiche_head($head, 'general', $langs->trans("Subscription"), 0, 'payment');
print "\n";
print '<table class="border" width="100%">';
$linkback = '<a href="'.DOL_URL_ROOT.'/adherents/subscription/list.php">'.$langs->trans("BackToList").'</a>';
print "\n";
print '<table class="border" width="100%">';
// Ref
print '<tr><td class="titlefieldcreate">'.$langs->trans("Ref").'</td>';
print '<td class="valeur" colspan="3">';
@ -287,49 +288,50 @@ if ($rowid && $action != 'edit')
print '<form action="'.$_SERVER["PHP_SELF"].'" method="post">';
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
print '<table class="border" width="100%">';
$linkback = '<a href="'.DOL_URL_ROOT.'/adherents/subscription/list.php">'.$langs->trans("BackToList").'</a>';
// Ref
print '<tr><td class="titlefield">'.$langs->trans("Ref").'</td>';
print '<td class="valeur" colspan="3">';
print $form->showrefnav($object, 'rowid', $linkback, 1);
print '</td></tr>';
dol_banner_tab($object, 'rowid', $linkback, 1);
print '<div class="fichecenter">';
print '<div class="underbanner clearboth"></div>';
print '<table class="border" width="100%">';
// Member
$adh->ref=$adh->getFullName($langs);
print '<tr>';
print '<td>'.$langs->trans("Member").'</td><td class="valeur" colspan="3">'.$adh->getNomUrl(1,0,'subscription').'</td>';
print '<td class="titlefield">'.$langs->trans("Member").'</td><td class="valeur">'.$adh->getNomUrl(1,0,'subscription').'</td>';
print '</tr>';
// Date record
/*print '<tr>';
print '<td>'.$langs->trans("DateSubscription").'</td><td class="valeur" colspan="3">'.dol_print_date($object->datec,'dayhour').'</td>';
print '<td>'.$langs->trans("DateSubscription").'</td><td class="valeur">'.dol_print_date($object->datec,'dayhour').'</td>';
print '</tr>';*/
// Date subscription
print '<tr>';
print '<td>'.$langs->trans("DateSubscription").'</td><td class="valeur" colspan="3">'.dol_print_date($object->dateh,'day').'</td>';
print '<td>'.$langs->trans("DateSubscription").'</td><td class="valeur">'.dol_print_date($object->dateh,'day').'</td>';
print '</tr>';
// Date end subscription
print '<tr>';
print '<td>'.$langs->trans("DateEndSubscription").'</td><td class="valeur" colspan="3">'.dol_print_date($object->datef,'day').'</td>';
print '<td>'.$langs->trans("DateEndSubscription").'</td><td class="valeur">'.dol_print_date($object->datef,'day').'</td>';
print '</tr>';
// Amount
print '<tr><td>'.$langs->trans("Amount").'</td><td class="valeur" colspan="3">'.price($object->amount).'</td></tr>';
print '<tr><td>'.$langs->trans("Amount").'</td><td class="valeur">'.price($object->amount).'</td></tr>';
// Amount
print '<tr><td>'.$langs->trans("Label").'</td><td class="valeur" colspan="3">'.$object->note.'</td></tr>';
print '<tr><td>'.$langs->trans("Label").'</td><td class="valeur">'.$object->note.'</td></tr>';
// Bank line
if (! empty($conf->banque->enabled))
{
if ($conf->global->ADHERENT_BANK_USE || $object->fk_bank)
{
print '<tr><td>'.$langs->trans("BankTransactionLine").'</td><td class="valeur" colspan="3">';
print '<tr><td>'.$langs->trans("BankTransactionLine").'</td><td class="valeur">';
if ($object->fk_bank)
{
$bankline=new AccountLine($db);
@ -346,6 +348,8 @@ if ($rowid && $action != 'edit')
print "</table>\n";
print '</div>';
print '</form>';
dol_fiche_end();

8
htdocs/admin/dict.php
View File

@ -1786,10 +1786,10 @@ function fieldList($fieldlist, $obj='', $tabname='', $context='')
print '</td>';
}
elseif ($fieldlist[$field] == 'price' || preg_match('/^amount/i',$fieldlist[$field])) {
print '<td><input type="text" class="flat" value="'.price((! empty($obj->{$fieldlist[$field]})?$obj->{$fieldlist[$field]}:'')).'" size="8" name="'.$fieldlist[$field].'"></td>';
print '<td><input type="text" class="flat minwidth75" value="'.price((! empty($obj->{$fieldlist[$field]})?$obj->{$fieldlist[$field]}:'')).'" name="'.$fieldlist[$field].'"></td>';
}
elseif ($fieldlist[$field] == 'code' && isset($obj->{$fieldlist[$field]})) {
print '<td><input type="text" class="flat" value="'.(! empty($obj->{$fieldlist[$field]})?$obj->{$fieldlist[$field]}:'').'" size="10" name="'.$fieldlist[$field].'"></td>';
print '<td><input type="text" class="flat minwidth100" value="'.(! empty($obj->{$fieldlist[$field]})?$obj->{$fieldlist[$field]}:'').'" name="'.$fieldlist[$field].'"></td>';
}
elseif ($fieldlist[$field]=='unit') {
print '<td>';
@ -1829,8 +1829,8 @@ function fieldList($fieldlist, $obj='', $tabname='', $context='')
{
print '<td>';
$size=''; $class='';
if ($fieldlist[$field]=='code') $size='size="8" ';
if ($fieldlist[$field]=='position') $size='size="4" ';
if ($fieldlist[$field]=='code') $class='maxwidth100';
if ($fieldlist[$field]=='position') $class='maxwidth50';
if ($fieldlist[$field]=='libelle') $class='quatrevingtpercent';
if ($fieldlist[$field]=='tracking') $class='quatrevingtpercent';
if ($fieldlist[$field]=='sortorder' || $fieldlist[$field]=='sens' || $fieldlist[$field]=='category_type') $size='size="2" ';

28
htdocs/admin/menus/index.php
View File

@ -71,7 +71,7 @@ if ($action == 'up')
// Get current position
$sql = "SELECT m.rowid, m.position, m.type, m.fk_menu";
$sql.= " FROM ".MAIN_DB_PREFIX."menu as m";
$sql.= " WHERE m.rowid = ".$_GET["menuId"];
$sql.= " WHERE m.rowid = ".GETPOST("menuId","int");
dol_syslog("admin/menus/index.php ".$sql);
$result = $db->query($sql);
$num = $db->num_rows($result);
@ -89,11 +89,11 @@ if ($action == 'up')
// Menu before
$sql = "SELECT m.rowid, m.position";
$sql.= " FROM ".MAIN_DB_PREFIX."menu as m";
$sql.= " WHERE (m.position < ".($current['order'])." OR (m.position = ".($current['order'])." AND rowid < ".$_GET["menuId"]."))";
$sql.= " AND m.menu_handler='".$menu_handler_to_search."'";
$sql.= " WHERE (m.position < ".($current['order'])." OR (m.position = ".($current['order'])." AND rowid < ".GETPOST("menuId","int")."))";
$sql.= " AND m.menu_handler='".$db->escape($menu_handler_to_search)."'";
$sql.= " AND m.entity = ".$conf->entity;
$sql.= " AND m.type = '".$current['type']."'";
$sql.= " AND m.fk_menu = '".$current['fk_menu']."'";
$sql.= " AND m.type = '".$db->escape($current['type'])."'";
$sql.= " AND m.fk_menu = '".$db->escape($current['fk_menu'])."'";
$sql.= " ORDER BY m.position, m.rowid";
dol_syslog("admin/menus/index.php ".$sql);
$result = $db->query($sql);
@ -127,7 +127,7 @@ elseif ($action == 'down')
// Get current position
$sql = "SELECT m.rowid, m.position, m.type, m.fk_menu";
$sql.= " FROM ".MAIN_DB_PREFIX."menu as m";
$sql.= " WHERE m.rowid = ".$_GET["menuId"];
$sql.= " WHERE m.rowid = ".GETPOST("menuId","int");
dol_syslog("admin/menus/index.php ".$sql);
$result = $db->query($sql);
$num = $db->num_rows($result);
@ -145,11 +145,11 @@ elseif ($action == 'down')
// Menu after
$sql = "SELECT m.rowid, m.position";
$sql.= " FROM ".MAIN_DB_PREFIX."menu as m";
$sql.= " WHERE (m.position > ".($current['order'])." OR (m.position = ".($current['order'])." AND rowid > ".$_GET["menuId"]."))";
$sql.= " AND m.menu_handler='".$menu_handler_to_search."'";
$sql.= " WHERE (m.position > ".($current['order'])." OR (m.position = ".($current['order'])." AND rowid > ".GETPOST("menuId","int")."))";
$sql.= " AND m.menu_handler='".$db->escape($menu_handler_to_search)."'";
$sql.= " AND m.entity = ".$conf->entity;
$sql.= " AND m.type = '".$current['type']."'";
$sql.= " AND m.fk_menu = '".$current['fk_menu']."'";
$sql.= " AND m.type = '".$db->escape($current['type'])."'";
$sql.= " AND m.fk_menu = '".$db->escape($current['fk_menu'])."'";
$sql.= " ORDER BY m.position, m.rowid";
dol_syslog("admin/menus/index.php ".$sql);
$result = $db->query($sql);
@ -180,7 +180,7 @@ elseif ($action == 'confirm_delete' && $confirm == 'yes')
$db->begin();
$sql = "DELETE FROM ".MAIN_DB_PREFIX."menu";
$sql.= " WHERE rowid = ".$_GET['menuId'];
$sql.= " WHERE rowid = ".GETPOST('menuId','int');
$resql=$db->query($sql);
if ($resql)
{
@ -245,11 +245,11 @@ if ($action == 'delete')
{
$sql = "SELECT m.titre";
$sql.= " FROM ".MAIN_DB_PREFIX."menu as m";
$sql.= " WHERE m.rowid = ".$_GET['menuId'];
$sql.= " WHERE m.rowid = ".GETPOST('menuId','int');
$result = $db->query($sql);
$obj = $db->fetch_object($result);
print $form->formconfirm("index.php?menu_handler=".$menu_handler."&menuId=".$_GET['menuId'],$langs->trans("DeleteMenu"),$langs->trans("ConfirmDeleteMenu",$obj->titre),"confirm_delete");
print $form->formconfirm("index.php?menu_handler=".$menu_handler."&menuId=".GETPOST('menuId','int'),$langs->trans("DeleteMenu"),$langs->trans("ConfirmDeleteMenu",$obj->titre),"confirm_delete");
}
@ -298,7 +298,7 @@ if ($conf->use_javascript_ajax)
$sql = "SELECT m.rowid, m.titre, m.langs, m.mainmenu, m.leftmenu, m.fk_menu, m.fk_mainmenu, m.fk_leftmenu, m.module";
$sql.= " FROM ".MAIN_DB_PREFIX."menu as m";
$sql.= " WHERE menu_handler = '".$menu_handler_to_search."'";
$sql.= " WHERE menu_handler = '".$db->escape($menu_handler_to_search)."'";
$sql.= " AND entity = ".$conf->entity;
//$sql.= " AND fk_menu >= 0";
$sql.= " ORDER BY m.position, m.rowid"; // Order is position then rowid (because we need a sort criteria when position is same)

4
htdocs/admin/perms.php
View File

@ -44,7 +44,7 @@ if (!$user->admin) accessforbidden();
if ($action == 'add')
{
$sql = "UPDATE ".MAIN_DB_PREFIX."rights_def SET bydefault=1";
$sql.= " WHERE id = ".$_GET["pid"];
$sql.= " WHERE id = ".GETPOST("pid",'int');
$sql.= " AND entity = ".$conf->entity;
$db->query($sql);
}
@ -52,7 +52,7 @@ if ($action == 'add')
if ($action == 'remove')
{
$sql = "UPDATE ".MAIN_DB_PREFIX."rights_def SET bydefault=0";
$sql.= " WHERE id = ".$_GET["pid"];
$sql.= " WHERE id = ".GETPOST('pid','int');
$sql.= " AND entity = ".$conf->entity;
$db->query($sql);
}

3
htdocs/admin/system/constall.php
View File

@ -90,7 +90,8 @@ $configfileparameters=array(
'?dolibarr_font_DOL_DEFAULT_TTF_BOLD',
'separator',
'?dolibarr_mailing_limit_sendbyweb',
'?dolibarr_strict_mode'
'?dolibarr_mailing_limit_sendbycli',
'?dolibarr_strict_mode'
);
$configfilelib=array(
// 'separator',

3
htdocs/admin/system/dolibarr.php
View File

@ -286,7 +286,8 @@ $configfileparameters=array(
'separator4' => '',
'dolibarr_main_prod' => 'Production mode (Hide all error messages)',
'?dolibarr_mailing_limit_sendbyweb' => 'Limit nb of email sent by page',
'?dolibarr_strict_mode' => 'Strict mode is on/off',
'?dolibarr_mailing_limit_sendbycli' => 'Limit nb of email sent by cli',
'?dolibarr_strict_mode' => 'Strict mode is on/off',
'?dolibarr_pdf_force_fpdf' => 'Force fpdf usage to generate PDF'
);

8
htdocs/bookmarks/card.php
View File

@ -69,7 +69,7 @@ if ($action == 'add' || $action == 'addproduct' || $action == 'update')
exit;
}
if ($action == 'update') $bookmark->fetch($_POST["id"]);
if ($action == 'update') $bookmark->fetch(GETPOST("id",'int'));
// Check if null because user not admin can't set an user and send empty value here.
if(!empty($userid))
$bookmark->fk_user=$userid;
@ -217,7 +217,7 @@ if ($id > 0 && ! preg_match('/^add/i',$action))
print '<table class="border" width="100%">';
print '<tr><td width="25%">'.$langs->trans("Ref").'</td><td>'.$bookmark->ref.'</td></tr>';
print '<tr><td class="titlefield">'.$langs->trans("Ref").'</td><td>'.$bookmark->ref.'</td></tr>';
print '<tr><td>';
if ($action == 'edit') {
@ -231,7 +231,7 @@ if ($id > 0 && ! preg_match('/^add/i',$action))
}
print '</td><td>';
if ($action == 'edit') print '<input class="flat" name="title" size="30" value="'.(isset($_POST["title"])?$_POST["title"]:$bookmark->title).'">';
if ($action == 'edit') print '<input class="flat minwidth200" name="title" value="'.(isset($_POST["title"])?GETPOST("title",'',2):$bookmark->title).'">';
else print $bookmark->title;
print '</td></tr>';
@ -301,6 +301,8 @@ if ($id > 0 && ! preg_match('/^add/i',$action))
}
// Buttons
print "<div class=\"tabsAction\">\n";
// Edit

2
htdocs/cashdesk/tpl/validation2.tpl.php
View File

@ -33,7 +33,7 @@ $langs->load("bills");
largeur = 600;
hauteur = 500;
opt = 'width='+largeur+', height='+hauteur+', left='+(screen.width - largeur)/2+', top='+(screen.height-hauteur)/2+'';
window.open('validation_ticket.php?facid=<?php echo $_GET['facid']; ?>', '<?php echo $langs->trans('PrintTicket') ?>', opt);
window.open('validation_ticket.php?facid=<?php echo GETPOST('facid','int'); ?>', '<?php echo $langs->trans('PrintTicket') ?>', opt);
}
popupTicket();

9
htdocs/comm/contact.php
View File

@ -125,6 +125,8 @@ if ($resql)
$title = (! empty($conf->global->SOCIETE_ADDRESSES_MANAGEMENT) ? $langs->trans("ListOfContacts") : $langs->trans("ListOfContactsAddresses"));
print_barre_liste($title.($label?" (".$label.")":""),$page, $_SERVER["PHP_SELF"], $param,$sortfield,$sortorder,"",$num);
print '<form action="'.$_SERVER["PHP_SELF"].'?type='.GETPOST("type", "alpha").'" method="GET">';
print '<table class="liste" width="100%">';
print '<tr class="liste_titre">';
print_liste_field_titre($langs->trans("Lastname"),$_SERVER["PHP_SELF"],"p.name", $begin, $param,"",$sortfield,$sortorder);
@ -134,7 +136,6 @@ if ($resql)
print_liste_field_titre($langs->trans("Phone"));
print "</tr>\n";
print '<form action="'.$_SERVER["PHP_SELF"].'?type='.$_GET["type"].'" method="GET">';
print '<tr class="liste_titre">';
print '<td class="liste_titre"><input class="flat" name="search_lastname" size="12" value="'.$search_lastname.'"></td>';
print '<td class="liste_titre"><input class="flat" name="search_firstname" size="12" value="'.$search_firstname.'"></td>';
@ -142,7 +143,6 @@ if ($resql)
print '<td class="liste_titre">&nbsp;</td>';
print '<td class="liste_titre" align="right"><input type="image" class="liste_titre" src="'.img_picto($langs->trans("Search"),'search.png','','',1).'" value="'.dol_escape_htmltag($langs->trans("Search")).'" title="'.dol_escape_htmltag($langs->trans("Search")).'"></td>';
print "</tr>\n";
print '</form>';
$var=True;
$i = 0;
@ -167,7 +167,10 @@ if ($resql)
print "</tr>\n";
$i++;
}
print "</table></p>";
print "</table>";
print '</form>';
$db->free($resql);
}
else

13
htdocs/comm/mailing/card.php
View File

@ -756,6 +756,7 @@ else
$sendingmode=$conf->global->MAIN_MAIL_SENDMODE;
if (empty($sendingmode)) $sendingmode='mail'; // If not defined, we use php mail function
// Note: MAILING_LIMIT_SENDBYWEB is always defined to something != 0
if (! empty($conf->global->MAILING_NO_USING_PHPMAIL) && $sendingmode == 'mail')
{
// EMailing feature may be a spam problem, so when you host several users/instance, having this option may force each user to use their own SMTP agent.
@ -767,19 +768,21 @@ else
if (! empty($conf->global->MAILING_SMTP_SETUP_EMAILS_FOR_QUESTIONS)) setEventMessages($langs->trans("MailSendSetupIs3", $conf->global->MAILING_SMTP_SETUP_EMAILS_FOR_QUESTIONS), null, 'warnings');
$_GET["action"]='';
}
else if (empty($conf->global->MAILING_LIMIT_SENDBYWEB))
else if ($conf->global->MAILING_LIMIT_SENDBYWEB == '-1')
{
// Pour des raisons de securite, on ne permet pas cette fonction via l'IHM,
// on affiche donc juste un message
// No limit was defined, so the feature is forbidden from GUI, we show just a message.
setEventMessages($langs->trans("MailingNeedCommand"), null, 'warnings');
setEventMessages('<textarea cols="60" rows="'.ROWS_1.'" wrap="soft">php ./scripts/emailings/mailing-send.php '.$object->id.'</textarea>', null, 'warnings');
setEventMessages($langs->trans("MailingNeedCommand2"), null, 'warnings');
if ($conf->file->mailing_limit_sendbyweb != '-1')
{
setEventMessages($langs->trans("MailingNeedCommand2"), null, 'warnings'); // You can send online with constant...
}
$_GET["action"]='';
}
else
{
$text='';
if ($conf->file->mailing_limit_sendbyweb == 0)
if ($conf->global->MAILING_LIMIT_SENDBYCLI >= 0)
{
$text.=$langs->trans("MailingNeedCommand");
$text.='<br><textarea cols="60" rows="'.ROWS_2.'" wrap="soft">php ./scripts/emailings/mailing-send.php '.$object->id.' '.$user->login.'</textarea>';

4
htdocs/comm/remx.php
View File

@ -283,14 +283,14 @@ if ($socid > 0)
print '<div class="underbanner clearboth"></div>';
print '<table class="border" width="100%">';
print '<tr><td class="titlefield fieldrequired">'.$langs->trans("AmountHT").'</td>';
print '<td><input type="text" size="5" name="amount_ht" value="'.$_POST["amount_ht"].'">';
print '<td><input type="text" size="5" name="amount_ht" value="'.price2num(GETPOST("amount_ht")).'">';
print '<span class="hideonsmartphone">&nbsp;'.$langs->trans("Currency".$conf->currency).'</span></td></tr>';
print '<tr><td>'.$langs->trans("VAT").'</td>';
print '<td>';
print $form->load_tva('tva_tx',GETPOST('tva_tx'),$mysoc,$object);
print '</td></tr>';
print '<tr><td class="fieldrequired" >'.$langs->trans("NoteReason").'</td>';
print '<td><input type="text" size="60" name="desc" value="'.GETPOST('desc').'"></td></tr>';
print '<td><input type="text" class="quatrevingtpercent" name="desc" value="'.GETPOST('desc').'"></td></tr>';
print "</table>";
}

45
htdocs/commande/customer.php
View File

@ -44,11 +44,13 @@ accessforbidden();
$langs->load("companies");
$langs->load("orders");
$limit = GETPOST("limit")?GETPOST("limit","int"):$conf->liste_limit;
$sortfield = GETPOST("sortfield",'alpha');
$sortorder = GETPOST("sortorder",'alpha');
$page = GETPOST("page",'int');
if ($page == -1) { $page = 0; }
$offset = $conf->liste_limit * $page;
$offset = $limit * $page;
$pageprev = $page - 1;
$pagenext = $page + 1;
if (! $sortorder) $sortorder="ASC";
@ -77,32 +79,32 @@ $sql.= " AND s.entity IN (".getEntity('societe', 1).")";
if (!$user->rights->societe->client->voir && !$socid) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id;
if (dol_strlen($stcomm))
{
$sql.= " AND s.fk_stcomm=$stcomm";
}
if ($_GET["search_nom"])
{
$sql.= " AND s.nom like '%".$db->escape(strtolower($_GET["search_nom"]))."%'";
}
if ($_GET["search_compta"])
{
$sql.= " AND s.code_compta like '%".$db->escape($_GET["search_compta"])."%'";
}
if ($_GET["search_code_client"])
{
$sql.= " AND s.code_client like '%".$db->escape($_GET["search_code_client"])."%'";
$sql.= " AND s.fk_stcomm=".$stcomm;
}
if (GETPOST("search_nom")) $sql.= natural_search("s.nom", GETPOST("search_nom"));
if (GETPOST("search_compta")) $sql.= natural_search("s.code_compta", GETPOST("search_compta"));
if (GETPOST("search_code_client")) $sql.= natural_search("s.code_client", GETPOST("search_code_client"));
if (dol_strlen($begin))
{
$sql.= " AND s.nom like '".$db->escape($begin)."'";
}
if ($socid)
if ($socid > 0)
{
$sql.= " AND s.rowid = ".$socid;
}
$sql.= " AND c.fk_statut in (1, 2) AND c.facture = 0";
$sql.= " GROUP BY s.nom";
$sql.= " ORDER BY $sortfield $sortorder " . $db->plimit($conf->liste_limit+1, $offset);
$sql.= $db->order($sortfield,$sortorder);
// Count total nb of records
$nbtotalofrecords = -1;
if (empty($conf->global->MAIN_DISABLE_FULL_SCANLIST))
{
$result = $db->query($sql);
$nbtotalofrecords = $db->num_rows($result);
}
$sql.= $db->plimit($limit + 1, $offset);
//print $sql;
$resql = $db->query($sql);
@ -129,26 +131,27 @@ if ($resql)
print '<tr class="liste_titre">';
print '<td align="left" class="liste_titre">';
print '<input class="flat" type="text" name="search_nom" value="'.$_GET["search_nom"].'"></td>';
print '<input class="flat" type="text" name="search_nom" value="'.dol_escape_htmltag(GETPOST("search_nom")).'"></td>';
print '<td class="liste_titre">&nbsp;</td>';
print '<td align="left" class="liste_titre">';
print '<input class="flat" type="text" size="10" name="search_code_client" value="'.$_GET["search_code_client"].'">';
print '<input class="flat" type="text" size="10" name="search_code_client" value="'.dol_escape_htmltag(GETPOST("search_code_client")).'">';
print '</td>';
print '<td align="left" class="liste_titre">';
print '<input class="flat" type="text" size="10" name="search_compta" value="'.$_GET["search_compta"].'">';
print '<input class="flat" type="text" size="10" name="search_compta" value="'.dol_escape_htmltag(GETPOST("search_compta")).'">';
print '</td>';
print '<td align="right" colspan="2" class="liste_titre">';
print '<input type="image" class="liste_titre" src="'.img_picto($langs->trans("Search"),'search.png','','',1).'" name="button_search" value="'.dol_escape_htmltag($langs->trans("Search")).'" title="'.dol_escape_htmltag($langs->trans("Search")).'">';
print '</td>';
print "</tr>\n";
$var=true;
while ($i < min($num,$conf->liste_limit))
while ($i < min($num,$limit))
{
$obj = $db->fetch_object($resql);

6
htdocs/commande/orderstoinvoice.php
View File

@ -46,7 +46,7 @@ $langs->load('companies');
if (! $user->rights->facture->creer)
accessforbidden();
$id = (GETPOST('id')?GETPOST('id','int'):GETPOST("facid")); // For backward compatibility
$id = (GETPOST('id')?GETPOST('id','int'):GETPOST("facid","int")); // For backward compatibility
$ref = GETPOST('ref','alpha');
$action = GETPOST('action','alpha');
$confirm = GETPOST('confirm','alpha');
@ -112,7 +112,7 @@ if (($action == 'create' || $action == 'add') && !$error)
$langs->load('main');
if (isset($_GET['orders_to_invoice']))
{
$orders_id = $_GET['orders_to_invoice'];
$orders_id = GETPOST('orders_to_invoice','',1);
$n = count($orders_id);
$i = 0;
@ -122,7 +122,7 @@ if (($action == 'create' || $action == 'add') && !$error)
}
if (isset($_POST['orders_to_invoice']))
{
$orders_id = $_POST['orders_to_invoice'];
$orders_id = GETPOST('orders_to_invoice','',1);
$nn = count($orders_id);
$ii = 0;

10
htdocs/compta/localtax/clients.php
View File

@ -106,7 +106,7 @@ $fsearch.=' <input type="text" name="min" id="min" value="'.$min.'" size="6">';
$calc=$conf->global->MAIN_INFO_LOCALTAX_CALC.$local;
// Affiche en-tete du rapport
if ($conf->global->$calc==0 || $conf->global->$calc==1) // Calculate on invoice for goods and services
if ($calc==0 || $calc==1) // Calculate on invoice for goods and services
{
$nom=$langs->transcountry($local==1?"LT1ReportByCustomersInInputOutputMode":"LT2ReportByCustomersInInputOutputMode",$mysoc->country_code);
$calcmode=$calc==0?$langs->trans("CalcModeLT".$local):$langs->trans("CalcModeLT".$local."Rec");
@ -124,7 +124,7 @@ if ($conf->global->$calc==0 || $conf->global->$calc==1) // Calculate on invoice
$productsup=$langs->trans("Description");
$amountsup=$langs->trans("AmountHT");
}
if ($conf->global->$calc==2) // Invoice for goods, payment for services
if ($calc==2) // Invoice for goods, payment for services
{
$nom=$langs->transcountry($local==1?"LT1ReportByCustomersInInputOutputMode":"LT2ReportByCustomersInInputOutputMode",$mysoc->country_code);
$calcmode=$langs->trans("CalcModeLT2Debt");
@ -149,7 +149,7 @@ $vatcust=$langs->transcountry($local==1?"LT1":"LT2",$mysoc->country_code);
$vatsup=$langs->transcountry($local==1?"LT1":"LT2",$mysoc->country_code);
// IRPF that the customer has retained me
if($conf->global->$calc ==0 || $conf->global->$calc == 2)
if($calc ==0 || $calc == 2)
{
print "<table class=\"noborder\" width=\"100%\">";
print "<tr class=\"liste_titre\">";
@ -232,7 +232,7 @@ if($conf->global->$calc ==0 || $conf->global->$calc == 2)
}
// IRPF I retained my supplier
if($conf->global->$calc ==0 || $conf->global->$calc == 1){
if($calc ==0 || $calc == 1){
print "<table class=\"noborder\" width=\"100%\">";
print "<tr class=\"liste_titre\">";
print '<td align="left">'.$langs->trans("Num")."</td>";
@ -309,7 +309,7 @@ if($conf->global->$calc ==0 || $conf->global->$calc == 1){
}
}
if($conf->global->$calc ==0){
if($calc ==0){
// Total to pay
print '<br><br>';
print '<table class="noborder" width="100%">';

4
htdocs/compta/localtax/reglement.php
View File

@ -31,7 +31,7 @@ $langs->load("compta");
$socid = isset($_GET["socid"])?$_GET["socid"]:'';
if ($user->societe_id) $socid=$user->societe_id;
$result = restrictedArea($user, 'tax', '', '', 'charges');
$ltt=$_REQUEST["localTaxType"];
$ltt=GETPOST("localTaxType");
/*
* View
@ -45,7 +45,7 @@ print load_fiche_titre($langs->transcountry($ltt==2?"LT2Payments":"LT1Payments",
$sql = "SELECT rowid, amount, label, f.datev as dm";
$sql.= " FROM ".MAIN_DB_PREFIX."localtax as f ";
$sql.= " WHERE f.entity = ".$conf->entity." AND localtaxtype=".$ltt;
$sql.= " WHERE f.entity = ".$conf->entity." AND localtaxtype=".$db->escape($ltt);
$sql.= " ORDER BY dm DESC";
$result = $db->query($sql);

8
htdocs/compta/tva/quadri_detail.php
View File

@ -48,7 +48,7 @@ $langs->load("trips");
$langs->load("other");
// Date range
$year=GETPOST("year");
$year=GETPOST("year","int");
if (empty($year))
{
$year_current = strftime("%Y",dol_now());
@ -57,15 +57,15 @@ if (empty($year))
$year_current = $year;
$year_start = $year;
}
$date_start=dol_mktime(0,0,0,$_REQUEST["date_startmonth"],$_REQUEST["date_startday"],$_REQUEST["date_startyear"]);
$date_end=dol_mktime(23,59,59,$_REQUEST["date_endmonth"],$_REQUEST["date_endday"],$_REQUEST["date_endyear"]);
$date_start=dol_mktime(0,0,0,GETPOST("date_startmonth"),GETPOST("date_startday"),GETPOST("date_startyear"));
$date_end=dol_mktime(23,59,59,GETPOST("date_endmonth"),GETPOST("date_endday"),GETPOST("date_endyear"));
// Quarter
if (empty($date_start) || empty($date_end)) // We define date_start and date_end
{
$q=GETPOST("q");
if (empty($q))
{
if (isset($_REQUEST["month"])) { $date_start=dol_get_first_day($year_start,$_REQUEST["month"],false); $date_end=dol_get_last_day($year_start,$_REQUEST["month"],false); }
if (GETPOST("month")) { $date_start=dol_get_first_day($year_start,GETPOST("month"),false); $date_end=dol_get_last_day($year_start,GETPOST("month"),false); }
else
{
$month_current = strftime("%m",dol_now());

12
htdocs/conf/conf.php.example
View File

@ -273,6 +273,18 @@ $dolibarr_nocsrfcheck='0';
// Examples:
// $dolibarr_main_limit_users='0';
// dolibarr_mailing_limit_sendbyweb
// Can set a limit for mailing send by web. This overwrite database value. Can be used to restrict on OS level.
// Default value: '0' (no overwrite, use database value if exists)
// Examples: '-1' (sending by web is forbidden)
// $dolibarr_mailing_limit_sendbyweb='0';
// dolibarr_mailing_limit_sendbycli
// Can set a limit for mailing send by cli. This overwrite database value. Can be used to restrict on OS level.
// Default value: '0' (no overwrite, use database value if exists)
// Examples: '-1' (sending by cli is forbidden)
// $dolibarr_mailing_limit_sendbycli='0';
// dolibarr_strict_mode
// Set this to 1 to enable the PHP strict mode. For dev environment only.
// Default value: 0 (use database value if exist)

718
htdocs/contrat/services.php
View File

@ -33,17 +33,18 @@ $langs->load("products");
$langs->load("contracts");
$langs->load("companies");
$mode = GETPOST("mode");
$limit = GETPOST("limit")?GETPOST("limit","int"):$conf->liste_limit;
$sortfield = GETPOST("sortfield",'alpha');
$sortorder = GETPOST("sortorder",'alpha');
$page = GETPOST("page",'int');
if ($page == -1) { $page = 0 ; }
$limit = GETPOST('limit')?GETPOST('limit','int'):$conf->liste_limit;
$offset = $limit * $page ;
if ($page == -1) { $page = 0; }
$offset = $limit * $page;
$pageprev = $page - 1;
$pagenext = $page + 1;
if (! $sortfield) $sortfield="c.rowid";
if (! $sortorder) $sortorder="ASC";
$mode = GETPOST("mode");
$filter=GETPOST("filter");
$search_name=GETPOST("search_name");
$search_contract=GETPOST("search_contract");
@ -73,6 +74,17 @@ $opclotureday=GETPOST('opclotureday');
$opclotureyear=GETPOST('opclotureyear');
$filter_opcloture=GETPOST('filter_opcloture');
// Initialize context for list
$contextpage=GETPOST('contextpage','aZ')?GETPOST('contextpage','aZ'):'servicelist'.$mode;
// Initialize technical object to manage hooks of thirdparties. Note that conf->hooks_modules contains array array
$hookmanager->initHooks(array($contextpage));
$extrafields = new ExtraFields($db);
// fetch optionals attributes and labels
$extralabels = $extrafields->fetch_name_optionals_label('contratdet');
$search_array_options=$extrafields->getOptionalsFromPost($extralabels,'','search_');
// Security check
$contratid = GETPOST('id','int');
if (! empty($user->societe_id)) $socid=$user->societe_id;
@ -100,39 +112,74 @@ $staticcontrat=new Contrat($db);
$staticcontratligne=new ContratLigne($db);
$companystatic=new Societe($db);
$arrayfields=array();
$arrayfields=array(
'c.ref'=>array('label'=>$langs->trans("Contract"), 'checked'=>1, 'position'=>80),
'p.description'=>array('label'=>$langs->trans("Service"), 'checked'=>1, 'position'=>80),
's.nom'=>array('label'=>$langs->trans("ThirdParty"), 'checked'=>1, 'position'=>100),
'cd.date_ouverture_prevue'=>array('label'=>$langs->trans("DateStartPlannedShort"), 'checked'=>(($mode == "" || $mode == -1) || $mode == "0")),
'cd.date_ouverture'=>array('label'=>$langs->trans("DateStartRealShort"), 'checked'=>(($mode == "" || $mode == -1) || $mode > 0)),
'cd.date_fin_validite'=>array('label'=>$langs->trans("DateEndPlannedShort"), 'checked'=>(($mode == "" || $mode == -1) || $mode < 5)),
'cd.date_cloture'=>array('label'=>$langs->trans("DateEndRealShort"), 'checked'=>(($mode == "" || $mode == -1) || $mode >= 5)),
'status'=>array('label'=>$langs->trans("Status"), 'checked'=>1),
//'cd.datec'=>array('label'=>$langs->trans("DateCreation"), 'checked'=>0, 'position'=>500),
'cd.tms'=>array('label'=>$langs->trans("DateModificationShort"), 'checked'=>0, 'position'=>500)
);
// Extra fields
if (is_array($extrafields->attribute_label) && count($extrafields->attribute_label))
{
foreach($extrafields->attribute_label as $key => $val)
{
$arrayfields["ef.".$key]=array('label'=>$extrafields->attribute_label[$key], 'checked'=>$extrafields->attribute_list[$key], 'position'=>$extrafields->attribute_pos[$key], 'enabled'=>$extrafields->attribute_perms[$key]);
}
}
/*
* Actions
*/
if (GETPOST("button_removefilter_x") || GETPOST("button_removefilter.x") || GETPOST("button_removefilter")) // All test are required to be compatible with all browsers
if (GETPOST('cancel')) { $action='list'; $massaction=''; }
if (! GETPOST('confirmmassaction') && $massaction != 'presend' && $massaction != 'confirm_presend' && $massaction != 'confirm_createbills') { $massaction=''; }
$parameters=array('socid'=>$socid);
$reshook=$hookmanager->executeHooks('doActions',$parameters,$object,$action); // Note that $action and $object may have been modified by some hooks
if ($reshook < 0) setEventMessages($hookmanager->error, $hookmanager->errors, 'errors');
if (empty($reshook))
{
$search_name="";
$search_contract="";
$search_service="";
$search_status=-1;
$opouvertureprevuemonth="";
$opouvertureprevueday="";
$opouvertureprevueyear="";
$filter_opouvertureprevue="";
$op1month="";
$op1day="";
$op1year="";
$filter_op1="";
$op2month="";
$op2day="";
$op2year="";
$filter_op2="";
$opcloturemonth="";
$opclotureday="";
$opclotureyear="";
$filter_opcloture="";
$mode='';
$filter='';
// Selection of new fields
include DOL_DOCUMENT_ROOT.'/core/actions_changeselectedfields.inc.php';
if (GETPOST("button_removefilter_x") || GETPOST("button_removefilter.x") || GETPOST("button_removefilter")) // All test are required to be compatible with all browsers
{
$search_name="";
$search_contract="";
$search_service="";
$search_status=-1;
$opouvertureprevuemonth="";
$opouvertureprevueday="";
$opouvertureprevueyear="";
$filter_opouvertureprevue="";
$op1month="";
$op1day="";
$op1year="";
$filter_op1="";
$op2month="";
$op2day="";
$op2year="";
$filter_op2="";
$opcloturemonth="";
$opclotureday="";
$opclotureyear="";
$filter_opcloture="";
$mode='';
$filter='';
}
}
/*
* View
*/
@ -141,8 +188,6 @@ $now=dol_now();
$form=new Form($db);
llxHeader();
$sql = "SELECT c.rowid as cid, c.ref, c.statut as cstatut,";
$sql.= " s.rowid as socid, s.nom as name,";
$sql.= " cd.rowid, cd.description, cd.statut,";
@ -151,11 +196,20 @@ if (!$user->rights->societe->client->voir && !$socid) $sql .= " sc.fk_soc, sc.fk
$sql.= " cd.date_ouverture_prevue,";
$sql.= " cd.date_ouverture,";
$sql.= " cd.date_fin_validite,";
$sql.= " cd.date_cloture";
$sql.= " cd.date_cloture,";
//$sql.= " cd.date_c as date_creation,";
$sql.= " cd.tms as date_update";
// Add fields from extrafields
foreach ($extrafields->attribute_label as $key => $val) $sql.=($extrafields->attribute_type[$key] != 'separate' ? ",ef.".$key.' as options_'.$key : '');
// Add fields from hooks
$parameters=array();
$reshook=$hookmanager->executeHooks('printFieldListSelect',$parameters); // Note that $action and $object may have been modified by hook
$sql.=$hookmanager->resPrint;
$sql.= " FROM ".MAIN_DB_PREFIX."contrat as c,";
$sql.= " ".MAIN_DB_PREFIX."societe as s,";
if (!$user->rights->societe->client->voir && !$socid) $sql .= " ".MAIN_DB_PREFIX."societe_commerciaux as sc,";
$sql.= " ".MAIN_DB_PREFIX."contratdet as cd";
if (is_array($extrafields->attribute_label) && count($extrafields->attribute_label)) $sql.= " LEFT JOIN ".MAIN_DB_PREFIX."contratdet_extrafields as ef on (cd.rowid = ef.fk_object)";
$sql.= " LEFT JOIN ".MAIN_DB_PREFIX."product as p ON cd.fk_product = p.rowid";
if ($search_product_category > 0) $sql.= ' LEFT JOIN '.MAIN_DB_PREFIX.'categorie_product as cp ON cp.fk_product=cd.fk_product';
$sql.= " WHERE c.entity = ".$conf->entity;
@ -180,169 +234,263 @@ if (! empty($filter_opouvertureprevue) && $filter_opouvertureprevue != -1 && $fi
if (! empty($filter_op1) && $filter_op1 != -1 && $filter_date1 != '') $sql.= " AND cd.date_ouverture ".$filter_op1." '".$db->idate($filter_date1)."'";
if (! empty($filter_op2) && $filter_op2 != -1 && $filter_date2 != '') $sql.= " AND cd.date_fin_validite ".$filter_op2." '".$db->idate($filter_date2)."'";
if (! empty($filter_opcloture) && $filter_opcloture != -1 && $filter_datecloture != '') $sql.= " AND cd.date_cloture ".$filter_opcloture." '".$db->idate($filter_datecloture)."'";
$totalnboflines=0;
$result=$db->query($sql);
if ($result)
{
$totalnboflines = $db->num_rows($result);
}
$sql .= $db->order($sortfield,$sortorder);
$nbtotalofrecords = -1;
if (empty($conf->global->MAIN_DISABLE_FULL_SCANLIST))
{
$result = $db->query($sql);
$nbtotalofrecords = $db->num_rows($result);
}
$sql .= $db->plimit($limit + 1, $offset);
//print $sql;
dol_syslog("contrat/services.php", LOG_DEBUG);
$resql=$db->query($sql);
if ($resql)
if (! $resql)
{
$num = $db->num_rows($resql);
$i = 0;
dol_print_error($db);
exit;
}
$param='';
if ($search_contract) $param.='&amp;search_contract='.urlencode($search_contract);
if ($search_name) $param.='&amp;search_name='.urlencode($search_name);
if ($search_service) $param.='&amp;search_service='.urlencode($search_service);
if ($mode) $param.='&amp;mode='.$mode;
if ($filter) $param.='&amp;filter='.$filter;
if (! empty($filter_opouvertureprevue) && $filter_opouvertureprevue != -1) $param.='&amp;filter_opouvertureprevue='.urlencode($filter_opouvertureprevue);
if (! empty($filter_op1) && $filter_op1 != -1) $param.='&amp;filter_op1='.urlencode($filter_op1);
if (! empty($filter_op2) && $filter_op2 != -1) $param.='&amp;filter_op2='.urlencode($filter_op2);
if (! empty($filter_opcloture) && $filter_opcloture != -1) $param.='&amp;filter_opcloture='.urlencode($filter_opcloture);
if ($filter_dateouvertureprevue != '') $param.='&amp;opouvertureprevueday='.$opouvertureprevueday.'&amp;opouvertureprevuemonth='.$opouvertureprevuemonth.'&amp;opouvertureprevueyear='.$opouvertureprevueyear;
if ($filter_date1 != '') $param.='&amp;op1day='.$op1day.'&amp;op1month='.$op1month.'&amp;op1year='.$op1year;
if ($filter_date2 != '') $param.='&amp;op2day='.$op2day.'&amp;op2month='.$op2month.'&amp;op2year='.$op2year;
if ($filter_datecloture != '') $param.='&amp;opclotureday='.$op2day.'&amp;opcloturemonth='.$op2month.'&amp;opclotureyear='.$op2year;
// List of mass actions available
$arrayofmassactions = array(
//'presend'=>$langs->trans("SendByMail"),
//'builddoc'=>$langs->trans("PDFMerge"),
);
//if ($user->rights->contrat->supprimer) $arrayofmassactions['delete']=$langs->trans("Delete");
//if ($massaction == 'presend') $arrayofmassactions=array();
$massactionbutton=$form->selectMassAction('', $arrayofmassactions);
print '<form method="POST" action="'. $_SERVER["PHP_SELF"] .'">';
if ($optioncss != '') print '<input type="hidden" name="optioncss" value="'.$optioncss.'">';
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
print '<input type="hidden" name="formfilteraction" id="formfilteraction" value="list">';
print '<input type="hidden" name="action" value="list">';
print '<input type="hidden" name="sortfield" value="'.$sortfield.'">';
print '<input type="hidden" name="sortorder" value="'.$sortorder.'">';
$title=$langs->trans("ListOfServices");
if ($mode == "0") $title=$langs->trans("ListOfInactiveServices"); // Must use == "0"
if ($mode == "4" && $filter != "expired") $title=$langs->trans("ListOfRunningServices");
if ($mode == "4" && $filter == "expired") $title=$langs->trans("ListOfExpiredServices");
if ($mode == "5") $title=$langs->trans("ListOfClosedServices");
print_barre_liste($title, $page, $_SERVER["PHP_SELF"], $param, $sortfield, $sortorder, $massactionbutton, $num, $totalnboflines, 'title_commercial.png', 0, '', '', $limit);
$num = $db->num_rows($resql);
if ($sall)
{
foreach($fieldstosearchall as $key => $val) $fieldstosearchall[$key]=$langs->trans($val);
print $langs->trans("FilterOnInto", $sall) . join(', ',$fieldstosearchall);
}
/*
if ($num == 1 && ! empty($conf->global->MAIN_SEARCH_DIRECT_OPEN_IF_ONLY_ONE) && $search_all)
{
$obj = $db->fetch_object($resql);
$id = $obj->id;
header("Location: ".DOL_URL_ROOT.'/projet/tasks/task.php?id='.$id.'&withprojet=1');
exit;
}*/
$morefilter = '';
// If the user can view categories of products
if ($conf->categorie->enabled && ($user->rights->produit->lire || $user->rights->service->lire))
{
include_once DOL_DOCUMENT_ROOT.'/categories/class/categorie.class.php';
$moreforfilter.='<div class="divsearchfield">';
$moreforfilter.=$langs->trans('IncludingProductWithTag'). ': ';
$cate_arbo = $form->select_all_categories(Categorie::TYPE_PRODUCT, null, 'parent', null, null, 1);
$moreforfilter.=$form->selectarray('search_product_category', $cate_arbo, $search_product_category, 1, 0, 0, '', 0, 0, 0, 0, '', 1);
$moreforfilter.='</div>';
}
$parameters=array();
$reshook=$hookmanager->executeHooks('printFieldPreListTitle',$parameters); // Note that $action and $object may have been modified by hook
if (empty($reshook)) $moreforfilter .= $hookmanager->resPrint;
else $moreforfilter = $hookmanager->resPrint;
if (! empty($moreforfilter))
{
print '<div class="liste_titre liste_titre_bydiv centpercent">';
print $moreforfilter;
print '</div>';
}
$varpage=empty($contextpage)?$_SERVER["PHP_SELF"]:$contextpage;
$selectedfields=$form->multiSelectArrayWithCheckbox('selectedfields', $arrayfields, $varpage); // This also change content of $arrayfields
print '<div class="div-table-responsive">';
print '<table class="tagtable liste'.($moreforfilter?" listwithfilterbefore":"").'">'."\n";
print '<tr class="liste_titre">';
print_liste_field_titre($langs->trans("Contract"),$_SERVER["PHP_SELF"], "c.rowid",$param,"","",$sortfield,$sortorder);
print_liste_field_titre($langs->trans("Service"),$_SERVER["PHP_SELF"], "p.description",$param,"","",$sortfield,$sortorder);
print_liste_field_titre($langs->trans("Company"),$_SERVER["PHP_SELF"], "s.nom",$param,"","",$sortfield,$sortorder);
// Date debut
if (($mode == "" || $mode == -1) || $mode == "0") print_liste_field_titre($langs->trans("DateStartPlannedShort"),$_SERVER["PHP_SELF"], "cd.date_ouverture_prevue",$param,'',' align="center"',$sortfield,$sortorder);
if (($mode == "" || $mode == -1) || $mode > 0) print_liste_field_titre($langs->trans("DateStartRealShort"),$_SERVER["PHP_SELF"], "cd.date_ouverture",$param,'',' align="center"',$sortfield,$sortorder);
// Date fin
if (($mode == "" || $mode == -1) || $mode < 5) print_liste_field_titre($langs->trans("DateEndPlannedShort"),$_SERVER["PHP_SELF"], "cd.date_fin_validite",$param,'',' align="center"',$sortfield,$sortorder);
if (($mode == "" || $mode == -1) || $mode >= 5) print_liste_field_titre($langs->trans("DateEndRealShort"),$_SERVER["PHP_SELF"], "cd.date_cloture",$param,'',' align="center"',$sortfield,$sortorder);
print_liste_field_titre($langs->trans("Status"),$_SERVER["PHP_SELF"], "cd.statut,c.statut",$param,"","align=\"right\"",$sortfield,$sortorder);
print_liste_field_titre('',$_SERVER["PHP_SELF"],"",'','','',$sortfield,$sortorder,'maxwidthsearch ');
print "</tr>\n";
llxHeader(null, $langs->trans("Services"));
print '<tr class="liste_titre">';
$param='';
if (! empty($contextpage) && $contextpage != $_SERVER["PHP_SELF"]) $param.='&contextpage='.$contextpage;
if ($limit > 0 && $limit != $conf->liste_limit) $param.='&limit='.$limit;
if ($search_contract) $param.='&amp;search_contract='.urlencode($search_contract);
if ($search_name) $param.='&amp;search_name='.urlencode($search_name);
if ($search_service) $param.='&amp;search_service='.urlencode($search_service);
if ($mode) $param.='&amp;mode='.urlencode($mode);
if ($filter) $param.='&amp;filter='.urlencode($filter);
if (! empty($filter_opouvertureprevue) && $filter_opouvertureprevue != -1) $param.='&amp;filter_opouvertureprevue='.urlencode($filter_opouvertureprevue);
if (! empty($filter_op1) && $filter_op1 != -1) $param.='&amp;filter_op1='.urlencode($filter_op1);
if (! empty($filter_op2) && $filter_op2 != -1) $param.='&amp;filter_op2='.urlencode($filter_op2);
if (! empty($filter_opcloture) && $filter_opcloture != -1) $param.='&amp;filter_opcloture='.urlencode($filter_opcloture);
if ($filter_dateouvertureprevue != '') $param.='&amp;opouvertureprevueday='.$opouvertureprevueday.'&amp;opouvertureprevuemonth='.$opouvertureprevuemonth.'&amp;opouvertureprevueyear='.$opouvertureprevueyear;
if ($filter_date1 != '') $param.='&amp;op1day='.$op1day.'&amp;op1month='.$op1month.'&amp;op1year='.$op1year;
if ($filter_date2 != '') $param.='&amp;op2day='.$op2day.'&amp;op2month='.$op2month.'&amp;op2year='.$op2year;
if ($filter_datecloture != '') $param.='&amp;opclotureday='.$op2day.'&amp;opcloturemonth='.$op2month.'&amp;opclotureyear='.$op2year;
if ($optioncss != '') $param.='&optioncss='.$optioncss;
// Add $param from extra fields
foreach ($search_array_options as $key => $val)
{
$crit=$val;
$tmpkey=preg_replace('/search_options_/','',$key);
if ($val != '') $param.='&search_options_'.$tmpkey.'='.urlencode($val);
}
// List of mass actions available
$arrayofmassactions = array(
//'presend'=>$langs->trans("SendByMail"),
//'builddoc'=>$langs->trans("PDFMerge"),
);
//if ($user->rights->contrat->supprimer) $arrayofmassactions['delete']=$langs->trans("Delete");
//if ($massaction == 'presend') $arrayofmassactions=array();
$massactionbutton=$form->selectMassAction('', $arrayofmassactions);
print '<form method="POST" action="'. $_SERVER["PHP_SELF"] .'">';
if ($optioncss != '') print '<input type="hidden" name="optioncss" value="'.$optioncss.'">';
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
print '<input type="hidden" name="formfilteraction" id="formfilteraction" value="list">';
print '<input type="hidden" name="action" value="list">';
print '<input type="hidden" name="sortfield" value="'.$sortfield.'">';
print '<input type="hidden" name="sortorder" value="'.$sortorder.'">';
$title=$langs->trans("ListOfServices");
if ($mode == "0") $title=$langs->trans("ListOfInactiveServices"); // Must use == "0"
if ($mode == "4" && $filter != "expired") $title=$langs->trans("ListOfRunningServices");
if ($mode == "4" && $filter == "expired") $title=$langs->trans("ListOfExpiredServices");
if ($mode == "5") $title=$langs->trans("ListOfClosedServices");
print_barre_liste($title, $page, $_SERVER["PHP_SELF"], $param, $sortfield, $sortorder, $massactionbutton, $num, $nbtotalofrecords, 'title_commercial.png', 0, '', '', $limit);
if ($sall)
{
foreach($fieldstosearchall as $key => $val) $fieldstosearchall[$key]=$langs->trans($val);
print $langs->trans("FilterOnInto", $sall) . join(', ',$fieldstosearchall);
}
$morefilter = '';
// If the user can view categories of products
if ($conf->categorie->enabled && ($user->rights->produit->lire || $user->rights->service->lire))
{
include_once DOL_DOCUMENT_ROOT.'/categories/class/categorie.class.php';
$moreforfilter.='<div class="divsearchfield">';
$moreforfilter.=$langs->trans('IncludingProductWithTag'). ': ';
$cate_arbo = $form->select_all_categories(Categorie::TYPE_PRODUCT, null, 'parent', null, null, 1);
$moreforfilter.=$form->selectarray('search_product_category', $cate_arbo, $search_product_category, 1, 0, 0, '', 0, 0, 0, 0, '', 1);
$moreforfilter.='</div>';
}
$parameters=array();
$reshook=$hookmanager->executeHooks('printFieldPreListTitle',$parameters); // Note that $action and $object may have been modified by hook
if (empty($reshook)) $moreforfilter .= $hookmanager->resPrint;
else $moreforfilter = $hookmanager->resPrint;
if (! empty($moreforfilter))
{
print '<div class="liste_titre liste_titre_bydiv centpercent">';
print $moreforfilter;
print '</div>';
}
$varpage=empty($contextpage)?$_SERVER["PHP_SELF"]:$contextpage;
$selectedfields=$form->multiSelectArrayWithCheckbox('selectedfields', $arrayfields, $varpage); // This also change content of $arrayfields
print '<div class="div-table-responsive">';
print '<table class="tagtable liste'.($moreforfilter?" listwithfilterbefore":"").'">'."\n";
print '<tr class="liste_titre">';
if (! empty($arrayfields['c.ref']['checked'])) print_liste_field_titre($arrayfields['c.ref']['label'],$_SERVER["PHP_SELF"],"c.ref","",$param,"",$sortfield,$sortorder);
if (! empty($arrayfields['p.description']['checked'])) print_liste_field_titre($arrayfields['p.description']['label'],$_SERVER["PHP_SELF"],"p.description","",$param,"",$sortfield,$sortorder);
if (! empty($arrayfields['s.nom']['checked'])) print_liste_field_titre($arrayfields['s.nom']['label'],$_SERVER["PHP_SELF"],"s.nom","",$param,"",$sortfield,$sortorder);
if (! empty($arrayfields['cd.date_ouverture_prevue']['checked'])) print_liste_field_titre($arrayfields['cd.date_ouverture_prevue']['label'],$_SERVER["PHP_SELF"],"cd.date_ouverture_prevue","",$param,'align="center"',$sortfield,$sortorder);
if (! empty($arrayfields['cd.date_ouverture']['checked'])) print_liste_field_titre($arrayfields['cd.date_ouverture']['label'],$_SERVER["PHP_SELF"],"cd.date_ouverture","",$param,'align="center"',$sortfield,$sortorder);
if (! empty($arrayfields['cd.date_fin_validite']['checked'])) print_liste_field_titre($arrayfields['cd.date_fin_validite']['label'],$_SERVER["PHP_SELF"],"cd.date_fin_validite","",$param,'align="center"',$sortfield,$sortorder);
if (! empty($arrayfields['cd.date_cloture']['checked'])) print_liste_field_titre($arrayfields['cd.date_cloture']['label'],$_SERVER["PHP_SELF"],"cd.date_cloture","",$param,'align="center"',$sortfield,$sortorder);
// Extra fields
if (is_array($extrafields->attribute_label) && count($extrafields->attribute_label))
{
foreach($extrafields->attribute_label as $key => $val)
{
if (! empty($arrayfields["ef.".$key]['checked']))
{
$align=$extrafields->getAlignFlag($key);
print_liste_field_titre($extralabels[$key],$_SERVER["PHP_SELF"],"ef.".$key,"",$param,($align?'align="'.$align.'"':''),$sortfield,$sortorder);
}
}
}
// Hook fields
$parameters=array('arrayfields'=>$arrayfields);
$reshook=$hookmanager->executeHooks('printFieldListTitle',$parameters); // Note that $action and $object may have been modified by hook
print $hookmanager->resPrint;
if (! empty($arrayfields['cd.datec']['checked'])) print_liste_field_titre($arrayfields['cd.datec']['label'],$_SERVER["PHP_SELF"],"cd.datec","",$param,'align="center" class="nowrap"',$sortfield,$sortorder);
if (! empty($arrayfields['cd.tms']['checked'])) print_liste_field_titre($arrayfields['cd.tms']['label'],$_SERVER["PHP_SELF"],"cd.tms","",$param,'align="center" class="nowrap"',$sortfield,$sortorder);
if (! empty($arrayfields['status']['checked'])) print_liste_field_titre($arrayfields['status']['label'],$_SERVER["PHP_SELF"],"cd.statut,c.statut","",$param,'align="right"',$sortfield,$sortorder);
print_liste_field_titre($selectedfields, $_SERVER["PHP_SELF"],"",'','','align="right"',$sortfield,$sortorder,'maxwidthsearch ');
print "</tr>\n";
print '<tr class="liste_titre">';
if (! empty($arrayfields['c.ref']['checked']))
{
print '<td class="liste_titre">';
print '<input type="hidden" name="filter" value="'.$filter.'">';
print '<input type="hidden" name="mode" value="'.$mode.'">';
print '<input type="text" class="flat" size="3" name="search_contract" value="'.dol_escape_htmltag($search_contract).'">';
print '</td>';
// Service label
print '<td class="liste_titre">';
print '<input type="text" class="flat" size="12" name="search_service" value="'.dol_escape_htmltag($search_service).'">';
}
// Service label
if (! empty($arrayfields['p.description']['checked']))
{
print '<td class="liste_titre">';
print '<input type="text" class="flat maxwidth100" name="search_service" value="'.dol_escape_htmltag($search_service).'">';
print '</td>';
// Third party
print '<td class="liste_titre">';
print '<input type="text" class="flat" size="12" name="search_name" value="'.dol_escape_htmltag($search_name).'">';
}
// Third party
if (! empty($arrayfields['s.nom']['checked']))
{
print '<td class="liste_titre">';
print '<input type="text" class="flat maxwidth100" name="search_name" value="'.dol_escape_htmltag($search_name).'">';
print '</td>';
if (($mode == "" || $mode == -1) || $mode == "0")
{
print '<td class="liste_titre" align="center">';
$arrayofoperators=array('<'=>'<','>'=>'>');
print $form->selectarray('filter_opouvertureprevue',$arrayofoperators,$filter_opouvertureprevue,1);
print ' ';
$filter_dateouvertureprevue=dol_mktime(0,0,0,$opouvertureprevuemonth,$opouvertureprevueday,$opouvertureprevueyear);
print $form->select_date($filter_dateouvertureprevue,'opouvertureprevue',0,0,1,'',1,0,1);
print '</td>';
}
if (($mode == "" || $mode == -1) || $mode > 0)
{
print '<td class="liste_titre" align="center">';
$arrayofoperators=array('<'=>'<','>'=>'>');
print $form->selectarray('filter_op1',$arrayofoperators,$filter_op1,1);
print ' ';
$filter_date1=dol_mktime(0,0,0,$op1month,$op1day,$op1year);
print $form->select_date($filter_date1,'op1',0,0,1,'',1,0,1);
print '</td>';
}
if (($mode == "" || $mode == -1) || $mode < 5)
}
if (! empty($arrayfields['cd.date_ouverture_prevue']['checked']))
{
print '<td class="liste_titre" align="center">';
$arrayofoperators=array('<'=>'<','>'=>'>');
print $form->selectarray('filter_opouvertureprevue',$arrayofoperators,$filter_opouvertureprevue,1);
print ' ';
$filter_dateouvertureprevue=dol_mktime(0,0,0,$opouvertureprevuemonth,$opouvertureprevueday,$opouvertureprevueyear);
print $form->select_date($filter_dateouvertureprevue,'opouvertureprevue',0,0,1,'',1,0,1);
print '</td>';
}
if (! empty($arrayfields['cd.date_ouverture']['checked']))
{
print '<td class="liste_titre" align="center">';
$arrayofoperators=array('<'=>'<','>'=>'>');
print $form->selectarray('filter_op1',$arrayofoperators,$filter_op1,1);
print ' ';
$filter_date1=dol_mktime(0,0,0,$op1month,$op1day,$op1year);
print $form->select_date($filter_date1,'op1',0,0,1,'',1,0,1);
print '</td>';
}
if (! empty($arrayfields['cd.date_fin_validite']['checked']))
{
print '<td class="liste_titre" align="center">';
$arrayofoperators=array('<'=>'<','>'=>'>');
print $form->selectarray('filter_op2',$arrayofoperators,$filter_op2,1);
print ' ';
$filter_date2=dol_mktime(0,0,0,$op2month,$op2day,$op2year);
print $form->select_date($filter_date2,'op2',0,0,1,'',1,0,1);
print '</td>';
}
if (! empty($arrayfields['cd.date_cloture']['checked']))
{
print '<td class="liste_titre" align="center">';
$arrayofoperators=array('<'=>'<','>'=>'>');
print $form->selectarray('filter_opcloture',$arrayofoperators,$filter_opcloture,1);
print ' ';
$filter_date_cloture=dol_mktime(0,0,0,$opcloturemonth,$opclotureday,$opclotureyear);
print $form->select_date($filter_date_cloture,'opcloture',0,0,1,'',1,0,1);
print '</td>';
}
// Extra fields
if (is_array($extrafields->attribute_label) && count($extrafields->attribute_label))
{
foreach($extrafields->attribute_label as $key => $val)
{
print '<td class="liste_titre" align="center">';
$arrayofoperators=array('<'=>'<','>'=>'>');
print $form->selectarray('filter_op2',$arrayofoperators,$filter_op2,1);
print ' ';
$filter_date2=dol_mktime(0,0,0,$op2month,$op2day,$op2year);
print $form->select_date($filter_date2,'op2',0,0,1,'',1,0,1);
print '</td>';
if (! empty($arrayfields["ef.".$key]['checked']))
{
$align=$extrafields->getAlignFlag($key);
$typeofextrafield=$extrafields->attribute_type[$key];
print '<td class="liste_titre'.($align?' '.$align:'').'">';
if (in_array($typeofextrafield, array('varchar', 'int', 'double', 'select')))
{
$crit=$val;
$tmpkey=preg_replace('/search_options_/','',$key);
$searchclass='';
if (in_array($typeofextrafield, array('varchar', 'select'))) $searchclass='searchstring';
if (in_array($typeofextrafield, array('int', 'double'))) $searchclass='searchnum';
print '<input class="flat'.($searchclass?' '.$searchclass:'').'" size="4" type="text" name="search_options_'.$tmpkey.'" value="'.dol_escape_htmltag($search_array_options['search_options_'.$tmpkey]).'">';
}
print '</td>';
}
}
if (($mode == "" || $mode == -1) || $mode >= 5)
{
print '<td class="liste_titre" align="center">';
$arrayofoperators=array('<'=>'<','>'=>'>');
print $form->selectarray('filter_opcloture',$arrayofoperators,$filter_opcloture,1);
print ' ';
$filter_date_cloture=dol_mktime(0,0,0,$opcloturemonth,$opclotureday,$opclotureyear);
print $form->select_date($filter_date_cloture,'opcloture',0,0,1,'',1,0,1);
print '</td>';
}
print '<td align="right">';
}
// Fields from hook
$parameters=array('arrayfields'=>$arrayfields);
$reshook=$hookmanager->executeHooks('printFieldListOption',$parameters); // Note that $action and $object may have been modified by hook
print $hookmanager->resPrint;
if (! empty($arrayfields['cd.datec']['checked']))
{
// Date creation
print '<td class="liste_titre">';
print '</td>';
}
if (! empty($arrayfields['cd.tms']['checked']))
{
// Date modification
print '<td class="liste_titre">';
print '</td>';
}
if (! empty($arrayfields['status']['checked']))
{
// Status
print '<td class="liste_titre" align="right">';
$arrayofstatus=array(
'0'=>$langs->trans("ServiceStatusInitial"),
'4'=>$langs->trans("ServiceStatusRunning"),
@ -350,36 +498,42 @@ if ($resql)
'4&filter=expired'=>$langs->trans("ServiceStatusLate"),
'5'=>$langs->trans("ServiceStatusClosed")
);
print $form->selectarray('search_status',$arrayofstatus,(strstr($search_status, ',')?-1:$search_status),1);
print $form->selectarray('search_status', $arrayofstatus, (strstr($search_status, ',')?-1:$search_status), 1, 0, '', 0, 0, 0, '', 'maxwidth100onsmartphone');
print '</td>';
print '<td class="liste_titre" align="right">';
$searchpitco=$form->showFilterAndCheckAddButtons(0);
print $searchpitco;
print '</td>';
print "</tr>\n";
}
// Action column
print '<td class="liste_titre" align="right">';
$searchpitco=$form->showFilterAndCheckAddButtons(0);
print $searchpitco;
print '</td>';
print "</tr>\n";
$contractstatic=new Contrat($db);
$productstatic=new Product($db);
$contractstatic=new Contrat($db);
$productstatic=new Product($db);
$var=True;
while ($i < min($num,$limit))
{
$obj = $db->fetch_object($resql);
$contractstatic->id=$obj->cid;
$contractstatic->ref=$obj->ref?$obj->ref:$obj->cid;
$var=!$var;
$var=True; $i=0;
while ($i < min($num,$limit))
{
$obj = $db->fetch_object($resql);
$contractstatic->id=$obj->cid;
$contractstatic->ref=$obj->ref?$obj->ref:$obj->cid;
$var=!$var;
print "<tr ".$bc[$var].">";
// Ref
print '<td>';
print "<tr ".$bc[$var].">";
// Ref
if (! empty($arrayfields['c.ref']['checked']))
{
print '<td>';
print $contractstatic->getNomUrl(1,16);
print '</td>';
// Service
print '<td>';
}
// Service
if (! empty($arrayfields['p.description']['checked']))
{
print '<td>';
if ($obj->pid)
{
$productstatic->id=$obj->pid;
@ -396,70 +550,128 @@ if ($resql)
if ($obj->type == 1) print img_object($obj->description,'service').' '.dol_trunc($obj->description,24);
}
print '</td>';
// Third party
print '<td>';
}
// Third party
if (! empty($arrayfields['s.nom']['checked']))
{
print '<td>';
$companystatic->id=$obj->socid;
$companystatic->name=$obj->name;
$companystatic->client=1;
print $companystatic->getNomUrl(1,'customer',28);
print '</td>';
// Start date
if (($mode == "" || $mode == -1) || $mode == "0")
{
print '<td align="center">';
print ($obj->date_ouverture_prevue?dol_print_date($db->jdate($obj->date_ouverture_prevue)):'&nbsp;');
if ($db->jdate($obj->date_ouverture_prevue) && ($db->jdate($obj->date_ouverture_prevue) < ($now - $conf->contrat->services->inactifs->warning_delay)) && $obj->statut == 0)
print ' '.img_picto($langs->trans("Late"),"warning");
else print '&nbsp;&nbsp;&nbsp;&nbsp;';
print '</td>';
}
if (($mode == "" || $mode == -1) || $mode > 0)
{
print '<td align="center">'.($obj->date_ouverture?dol_print_date($db->jdate($obj->date_ouverture)):'&nbsp;').'</td>';
}
// End date
if (($mode == "" || $mode == -1) || $mode < 5)
{
print '<td align="center">'.($obj->date_fin_validite?dol_print_date($db->jdate($obj->date_fin_validite)):'&nbsp;');
if ($obj->date_fin_validite && $db->jdate($obj->date_fin_validite) < ($now - $conf->contrat->services->expires->warning_delay) && $obj->statut < 5)
{
$warning_delay=$conf->contrat->services->expires->warning_delay / 3600 / 24;
$textlate = $langs->trans("Late").' = '.$langs->trans("DateReference").' > '.$langs->trans("DateToday").' '.(ceil($warning_delay) >= 0 ? '+' : '').ceil($warning_delay).' '.$langs->trans("days");
print img_warning($textlate);
}
else print '&nbsp;&nbsp;&nbsp;&nbsp;';
}
if (($mode == "" || $mode == -1) || $mode >= 5) print '<td align="center">'.dol_print_date($db->jdate($obj->date_cloture));
// Icone warning
}
// Start date
if (! empty($arrayfields['cd.date_ouverture_prevue']['checked']))
{
print '<td align="center">';
print ($obj->date_ouverture_prevue?dol_print_date($db->jdate($obj->date_ouverture_prevue)):'&nbsp;');
if ($db->jdate($obj->date_ouverture_prevue) && ($db->jdate($obj->date_ouverture_prevue) < ($now - $conf->contrat->services->inactifs->warning_delay)) && $obj->statut == 0)
print ' '.img_picto($langs->trans("Late"),"warning");
else print '&nbsp;&nbsp;&nbsp;&nbsp;';
print '</td>';
print '<td align="right" class="nowrap">';
if ($obj->cstatut == 0) // If contract is draft, we say line is also draft
{
print $contractstatic->LibStatut(0,5,($obj->date_fin_validite && $db->jdate($obj->date_fin_validite) < $now));
}
else
{
print $staticcontratligne->LibStatut($obj->statut,5,($obj->date_fin_validite && $db->jdate($obj->date_fin_validite) < $now)?1:0);
}
print '</td>';
print '<td></td>';
print "</tr>\n";
$i++;
}
$db->free($resql);
if (! empty($arrayfields['cd.date_ouverture']['checked']))
{
print '<td align="center">'.($obj->date_ouverture?dol_print_date($db->jdate($obj->date_ouverture)):'&nbsp;').'</td>';
}
// End date
if (! empty($arrayfields['cd.date_fin_validite']['checked']))
{
print '<td align="center">'.($obj->date_fin_validite?dol_print_date($db->jdate($obj->date_fin_validite)):'&nbsp;');
if ($obj->date_fin_validite && $db->jdate($obj->date_fin_validite) < ($now - $conf->contrat->services->expires->warning_delay) && $obj->statut < 5)
{
$warning_delay=$conf->contrat->services->expires->warning_delay / 3600 / 24;
$textlate = $langs->trans("Late").' = '.$langs->trans("DateReference").' > '.$langs->trans("DateToday").' '.(ceil($warning_delay) >= 0 ? '+' : '').ceil($warning_delay).' '.$langs->trans("days");
print img_warning($textlate);
}
else print '&nbsp;&nbsp;&nbsp;&nbsp;';
print '</td>';
}
if (! empty($arrayfields['cd.date_cloture']['checked']))
{
print '<td align="center">'.dol_print_date($db->jdate($obj->date_cloture)).'</td>';
}
print '</table>';
print '</div>';
// Extra fields
if (is_array($extrafields->attribute_label) && count($extrafields->attribute_label))
{
foreach($extrafields->attribute_label as $key => $val)
{
if (! empty($arrayfields["ef.".$key]['checked']))
{
print '<td';
$align=$extrafields->getAlignFlag($key);
if ($align) print ' align="'.$align.'"';
print '>';
$tmpkey='options_'.$key;
print $extrafields->showOutputField($key, $obj->$tmpkey, '', 1);
print '</td>';
if (! $i) $totalarray['nbfield']++;
}
}
}
// Fields from hook
$parameters=array('arrayfields'=>$arrayfields, 'obj'=>$obj);
$reshook=$hookmanager->executeHooks('printFieldListValue',$parameters); // Note that $action and $object may have been modified by hook
print $hookmanager->resPrint;
// Date creation
if (! empty($arrayfields['cd.datec']['checked']))
{
print '<td align="center">';
print dol_print_date($db->jdate($obj->date_creation), 'dayhour');
print '</td>';
if (! $i) $totalarray['nbfield']++;
}
// Date modification
if (! empty($arrayfields['cd.tms']['checked']))
{
print '<td align="center">';
print dol_print_date($db->jdate($obj->date_update), 'dayhour');
print '</td>';
if (! $i) $totalarray['nbfield']++;
}
// Status
if (! empty($arrayfields['status']['checked']))
{
print '<td align="right">';
if ($obj->cstatut == 0) // If contract is draft, we say line is also draft
{
print $contractstatic->LibStatut(0,5,($obj->date_fin_validite && $db->jdate($obj->date_fin_validite) < $now));
}
else
{
print $staticcontratligne->LibStatut($obj->statut,5,($obj->date_fin_validite && $db->jdate($obj->date_fin_validite) < $now)?1:0);
}
print '</td>';
}
// Action column
print '<td class="nowrap" align="center">';
if ($massactionbutton || $massaction) // If we are in select mode (massactionbutton defined) or if we have already selected and sent an action ($massaction) defined
{
$selected=0;
if (in_array($obj->rowid, $arrayofselected)) $selected=1;
print '<input id="cb'.$obj->rowid.'" class="flat checkforselect" type="checkbox" name="toselect[]" value="'.$obj->rowid.'"'.($selected?' checked="checked"':'').'>';
}
print '</td>';
if (! $i) $totalarray['nbfield']++;
print '</form>';
print "</tr>\n";
$i++;
}
$db->free($resql);
$parameters=array('sql' => $sql);
$reshook=$hookmanager->executeHooks('printFieldListFooter',$parameters); // Note that $action and $object may have been modified by hook
print $hookmanager->resPrint;
print '</table>';
print '</div>';
print '</form>';
}
else
{
dol_print_error($db);
}
llxFooter();

2
htdocs/core/ajax/ajaxdirpreview.php
View File

@ -138,7 +138,7 @@ if (! dol_is_dir($upload_dir))
exit;*/
}
print '<!-- TYPE='.$type.' -->'."\n";
print '<!-- ajaxdirpreview type='.$type.' -->'."\n";
print '<!-- Page called with mode='.(isset($mode)?$mode:'').' type='.$type.' module='.$module.' url='.$url.' '.$_SERVER["PHP_SELF"].'?'.$_SERVER["QUERY_STRING"].' -->'."\n";
$param=($sortfield?'&sortfield='.$sortfield:'').($sortorder?'&sortorder='.$sortorder:'');

2
htdocs/core/class/CMailFile.class.php
View File

@ -824,7 +824,7 @@ class CMailFile
global $conf;
$out = "";
$host = dol_getprefix();
$host = dol_getprefix('email');
// Sender
//$out.= "Sender: ".getValidAddress($this->addr_from,2)).$this->eol2;

2
htdocs/core/class/extrafields.class.php
View File

@ -771,7 +771,7 @@ class ExtraFields
}
elseif ($type == 'price')
{
$out='<input type="text" class="flat '.$showsize.' maxwidthonsmartphone" name="'.$keysuffix.'options_'.$key.$keyprefix.'" value="'.price($value).'" '.($moreparam?$moreparam:'').'> '.$langs->getCurrencySymbol($conf->currency);
$out='<input type="text" class="flat '.$showsize.' maxwidthonsmartphone" name="'.$keysuffix.'options_'.$key.$keyprefix.'" value="'.price2num($value).'" '.($moreparam?$moreparam:'').'> '.$langs->getCurrencySymbol($conf->currency);
}
elseif ($type == 'double')
{

6
htdocs/core/class/html.formfile.class.php
View File

@ -955,7 +955,7 @@ class FormFile
print '<input type="hidden" name="id" value="'.$object->id.'">';
print '<input type="hidden" name="modulepart" value="'.$modulepart.'">';
}
print '<table width="100%" class="'.($useinecm?'nobordernopadding':'liste').'">'."\n";
print '<table width="100%" class="'.($useinecm?'liste noborderbottom':'liste').'">'."\n";
print '<tr class="liste_titre">';
print_liste_field_titre($langs->trans("Documents2"),$url,"name","",$param,'align="left"',$sortfield,$sortorder);
@ -1138,7 +1138,7 @@ class FormFile
}
if ($nboffiles == 0)
{
print '<tr '.$bc[false].'><td colspan="'.(empty($useinecm)?'5':'4').'" class="opacitymedium">';
print '<tr '.$bc[false].'><td colspan="'.(empty($useinecm)?'5':'5').'" class="opacitymedium">';
if (empty($textifempty)) print $langs->trans("NoFileFound");
else print $textifempty;
print '</td></tr>';
@ -1181,7 +1181,7 @@ class FormFile
// Show list of documents
if (empty($useinecm)) print load_fiche_titre($langs->trans("AttachedFiles"));
if (empty($url)) $url=$_SERVER["PHP_SELF"];
print '<table width="100%" class="nobordernopadding">'."\n";
print '<table width="100%" class="noborder">'."\n";
print '<tr class="liste_titre">';
$sortref="fullname";
if ($modulepart == 'invoice_supplier') $sortref='level1name';

6
htdocs/core/class/html.formsms.class.php
View File

@ -255,7 +255,7 @@ function limitChars(textarea, limit, infodiv)
}
else
{
print "<input size=\"16\" id=\"sendto\" name=\"sendto\" value=\"".(! is_array($this->withto) && $this->withto != '1'? (isset($_REQUEST["sendto"])?$_REQUEST["sendto"]:$this->withto):"+")."\">";
print "<input size=\"16\" id=\"sendto\" name=\"sendto\" value=\"".dol_escape_htmltag(! is_array($this->withto) && $this->withto != '1'? (isset($_REQUEST["sendto"])?GETPOST("sendto"):$this->withto):"+")."\">";
if (! empty($this->withtosocid) && $this->withtosocid > 0)
{
$liste=array();
@ -290,11 +290,11 @@ function limitChars(textarea, limit, infodiv)
if ($this->withbodyreadonly)
{
print nl2br($defaultmessage);
print '<input type="hidden" name="message" value="'.$defaultmessage.'">';
print '<input type="hidden" name="message" value="'.dol_escape_htmltag($defaultmessage).'">';
}
else
{
print '<textarea cols="40" name="message" id="message" rows="4" onkeyup="limitChars(this, 160, \'charlimitinfospan\')">'.$defaultmessage.'</textarea>';
print '<textarea class="quatrevingtpercent" name="message" id="message" rows="'.ROWS_4.'" onkeyup="limitChars(this, 160, \'charlimitinfospan\')">'.$defaultmessage.'</textarea>';
print '<div id="charlimitinfo">'.$langs->trans("SmsInfoCharRemain").': <span id="charlimitinfospan">'.(160-dol_strlen($defaultmessage)).'</span></div></td>';
}
print "</td></tr>\n";

2
htdocs/core/class/smtps.class.php
View File

@ -1195,6 +1195,8 @@ class SMTPs
$host=preg_replace('@tcp://@i','',$host); // Remove prefix
$host=preg_replace('@ssl://@i','',$host); // Remove prefix
$host=dol_getprefix('email').'-'.$host;
//NOTE: Message-ID should probably contain the username of the user who sent the msg
$_header .= 'Subject: ' . $this->getSubject() . "\r\n";
$_header .= 'Date: ' . date("r") . "\r\n";

2
htdocs/core/datepicker.php
View File

@ -108,7 +108,7 @@ if (isset($_GET["m"]) && isset($_GET["y"]))
if ($qualified)
{
//print $_GET["cm"].",".$_GET["sd"].",".$_GET["m"].",".$_GET["y"];exit;
displayBox($_GET["sd"],$_GET["m"],$_GET["y"]);
displayBox(GETPOST("sd",'alpha'),GETPOST("m",'int'),GETPOST("y",'int'));
}
else
{

8
htdocs/core/filemanagerdol/connectors/php/io.php
View File

@ -44,7 +44,7 @@ function GetResourceTypePath($resourceType, $sCommand)
{
global $Config ;
if ( $sCommand == "QuickUpload")
if ($sCommand == "QuickUpload")
return $Config['QuickUploadPath'][$resourceType] ;
else
return $Config['FileTypesPath'][$resourceType] ;
@ -60,7 +60,7 @@ function GetResourceTypePath($resourceType, $sCommand)
function GetResourceTypeDirectory($resourceType, $sCommand)
{
global $Config ;
if ( $sCommand == "QuickUpload")
if ($sCommand == "QuickUpload")
{
if ( strlen($Config['QuickUploadAbsolutePath'][$resourceType]) > 0)
return $Config['QuickUploadAbsolutePath'][$resourceType] ;
@ -299,7 +299,7 @@ function IsAllowedCommand($sCommand)
{
global $Config ;
if ( !in_array($sCommand, $Config['ConfigAllowedCommands']))
if (! in_array($sCommand, $Config['ConfigAllowedCommands']))
return false ;
return true ;
@ -315,7 +315,7 @@ function GetCurrentFolder()
if (!isset($_GET)) {
global $_GET;
}
$sCurrentFolder = isset( $_GET['CurrentFolder'] ) ? $_GET['CurrentFolder'] : '/' ;
$sCurrentFolder = isset( $_GET['CurrentFolder'] ) ? GETPOST('CurrentFolder', '', 1) : '/' ;
// Check the current folder syntax (must begin and start with a slash).
if (!preg_match('|/$|', $sCurrentFolder))

14
htdocs/core/lib/functions.lib.php
View File

@ -321,10 +321,20 @@ function GETPOST($paramname,$check='',$method=0,$filter=NULL,$options=NULL)
* This prefix is unique for instance and avoid conflict between multi-instances,
* even when having two instances with one root dir or two instances in virtual servers
*
* @param string $mode '' or 'email'
* @return string A calculated prefix
*/
function dol_getprefix()
function dol_getprefix($mode='')
{
global $conf;
// If MAIL_PREFIX_FOR_EMAIL_ID is set and prefix is for email
if ($mode == 'email' && ! empty($conf->global->MAIL_PREFIX_FOR_EMAIL_ID))
{
if ($conf->global->MAIL_PREFIX_FOR_EMAIL_ID != 'SERVER_NAME') return $conf->global->MAIL_PREFIX_FOR_EMAIL_ID;
else if (isset($_SERVER["SERVER_NAME"])) return $_SERVER["SERVER_NAME"];
}
if (isset($_SERVER["SERVER_NAME"]) && isset($_SERVER["DOCUMENT_ROOT"]))
{
return dol_hash($_SERVER["SERVER_NAME"].$_SERVER["DOCUMENT_ROOT"].DOL_DOCUMENT_ROOT.DOL_URL_ROOT);
@ -5246,7 +5256,7 @@ function dol_getIdFromCode($db,$key,$tablename,$fieldkey='code',$fieldid='id')
$sql = "SELECT ".$fieldid." as valuetoget";
$sql.= " FROM ".MAIN_DB_PREFIX.$tablename;
$sql.= " WHERE ".$fieldkey." = '".$key."'";
$sql.= " WHERE ".$fieldkey." = '".$db->escape($key)."'";
dol_syslog('dol_getIdFromCode', LOG_DEBUG);
$resql = $db->query($sql);
if ($resql)

179
htdocs/core/modules/import/import_csv.modules.php
View File

@ -54,6 +54,9 @@ class ImportCsv extends ModeleImports
var $cacheconvert=array(); // Array to cache list of value found after a convertion
var $cachefieldtable=array(); // Array to cache list of value found into fields@tables
var $nbinsert = 0; // # of insert done during the import
var $nbupdate = 0; // # of update done during the import
/**
@ -266,9 +269,10 @@ class ImportCsv extends ModeleImports
* @param Object $objimport Object import (contains objimport->array_import_tables, objimport->array_import_fields, objimport->array_import_convertvalue, ...)
* @param int $maxfields Max number of fields to use
* @param string $importid Import key
* @param array $updatekeys Array of keys to use to try to do update
* @return int <0 if KO, >0 if OK
*/
function import_insert($arrayrecord,$array_match_file_to_database,$objimport,$maxfields,$importid)
function import_insert($arrayrecord,$array_match_file_to_database,$objimport,$maxfields,$importid,$updatekeys)
{
global $langs,$conf,$user;
global $thirdparty_static; // Specific to thirdparty import
@ -299,13 +303,15 @@ class ImportCsv extends ModeleImports
else
{
$last_insert_id_array = array(); // store the last inserted auto_increment id for each table, so that dependent tables can be inserted with the appropriate id (eg: extrafields fk_object will be set with the last inserted object's id)
$updatedone = false;
$insertdone = false;
// For each table to insert, me make a separate insert
foreach($objimport->array_import_tables[0] as $alias => $tablename)
{
// Build sql request
$sql='';
$listfields='';
$listvalues='';
$listfields=array();
$listvalues=array();
$i=0;
$errorforthistable=0;
@ -539,36 +545,35 @@ class ImportCsv extends ModeleImports
}
// Define $listfields and $listvalues to build SQL request
if ($listfields) { $listfields.=', '; $listvalues.=', '; }
$listfields.=$fieldname;
$listfields[] = $fieldname;
// Note: arrayrecord (and 'type') is filled with ->import_read_record called by import.php page before calling import_insert
if (empty($newval) && $arrayrecord[($key-1)]['type'] < 0) $listvalues.=($newval=='0'?$newval:"null");
elseif (empty($newval) && $arrayrecord[($key-1)]['type'] == 0) $listvalues.="''";
else $listvalues.="'".$this->db->escape($newval)."'";
if (empty($newval) && $arrayrecord[($key-1)]['type'] < 0) $listvalues[] = ($newval=='0'?$newval:"null");
elseif (empty($newval) && $arrayrecord[($key-1)]['type'] == 0) $listvalues[] = "''";
else $listvalues[] = "'".$this->db->escape($newval)."'";
}
$i++;
}
// We add hidden fields (but only if there is at least one field to add into table)
if ($listfields && is_array($objimport->array_import_fieldshidden[0]))
if (!empty($listfields) && is_array($objimport->array_import_fieldshidden[0]))
{
// Loop on each hidden fields to add them into listfields/listvalues
foreach($objimport->array_import_fieldshidden[0] as $key => $val)
{
if (! preg_match('/^'.preg_quote($alias).'\./', $key)) continue; // Not a field of current table
if ($listfields) { $listfields.=', '; $listvalues.=', '; }
if ($val == 'user->id')
{
$listfields.=preg_replace('/^'.preg_quote($alias).'\./','',$key);
$listvalues.=$user->id;
$listfields[] = preg_replace('/^'.preg_quote($alias).'\./','',$key);
$listvalues[] = $user->id;
}
elseif (preg_match('/^lastrowid-/',$val))
{
$tmp=explode('-',$val);
$lastinsertid=(isset($last_insert_id_array[$tmp[1]]))?$last_insert_id_array[$tmp[1]]:0;
$listfields.=preg_replace('/^'.preg_quote($alias).'\./','',$key);
$listvalues.=$lastinsertid;
$keyfield = preg_replace('/^'.preg_quote($alias).'\./','',$key);
$listfields[] = $keyfield;
$listvalues[] = $lastinsertid;
//print $key."-".$val."-".$listfields."-".$listvalues."<br>";exit;
}
}
@ -578,47 +583,114 @@ class ImportCsv extends ModeleImports
// If no error for this $alias/$tablename, we have a complete $listfields and $listvalues that are defined
if (! $errorforthistable)
{
//print "$alias/$tablename/$listfields/$listvalues<br>";
if ($listfields)
//print "$alias/$tablename/$listfields/$listvalues<br>";
if (!empty($listfields))
{
//var_dump($objimport->array_import_convertvalue); exit;
// Build SQL request
if (empty($tablewithentity_cache[$tablename]))
{
$sql ='INSERT INTO '.$tablename.'('.$listfields.', import_key';
if (! empty($objimport->array_import_tables_creator[0][$alias])) $sql.=', '.$objimport->array_import_tables_creator[0][$alias];
$sql.=') VALUES('.$listvalues.", '".$importid."'";
}
else
{
$sql ='INSERT INTO '.$tablename.'('.$listfields.', import_key, entity';
if (! empty($objimport->array_import_tables_creator[0][$alias])) $sql.=', '.$objimport->array_import_tables_creator[0][$alias];
$sql.=') VALUES('.$listvalues.", '".$importid."', ".$conf->entity ;
}
if (! empty($objimport->array_import_tables_creator[0][$alias])) $sql.=', '.$user->id;
$sql.=')';
dol_syslog("import_csv.modules", LOG_DEBUG);
//print '> '.join(',',$arrayrecord);
//print 'sql='.$sql;
//print '<br>'."\n";
// Run insert request
if ($sql)
{
$resql=$this->db->query($sql);
$last_insert_id_array[$tablename] = $this->db->last_insert_id($tablename); // store the last inserted auto_increment id for each table, so that dependent tables can be inserted with the appropriate id. This must be done just after the INSERT request, else we risk losing the id (because another sql query will be issued somewhere in Dolibarr).
if ($resql)
{
//print '.';
$updatedone = false;
$insertdone = false;
if(!empty($updatekeys)) {
// We do SELECT to get the rowid, if we already have the rowid, it's to be used below for related tables (extrafields)
if(empty($lastinsertid)) {
$sqlSelect = 'SELECT rowid FROM '.$tablename;
$data = array_combine($listfields, $listvalues);
$where = array();
$filters = array();
foreach ($updatekeys as $key) {
$col = $objimport->array_import_updatekeys[0][$key];
$key=preg_replace('/^.*\./i','',$key);
$where[] = $key.' = '.$data[$key];
$filters[] = $col.' = '.$data[$key];
}
$sqlSelect.= ' WHERE '.implode(' AND ', $where);
$resql=$this->db->query($sqlSelect);
if($resql) {
$res = $this->db->fetch_object($resql);
if($resql->num_rows == 1) {
$lastinsertid = $res->rowid;
$last_insert_id_array[$tablename] = $lastinsertid;
} else if($resql->num_rows > 1) {
$this->errors[$error]['lib']=$langs->trans('MultipleRecordFoundWithTheseFilters', implode($filters, ', '));
$this->errors[$error]['type']='SQL';
$error++;
} else {
// No record found with filters, insert will be tried below
}
}
else
{
//print 'E';
$this->errors[$error]['lib']=$this->db->lasterror();
$this->errors[$error]['type']='SQL';
$error++;
}
}
else
if(!empty($lastinsertid)) {
// Build SQL UPDATE request
$sqlstart = 'UPDATE '.$tablename;
$data = array_combine($listfields, $listvalues);
$set = array();
foreach ($data as $key => $val) {
$set[] = $key.' = '.$val;
}
$sqlstart.= ' SET '.implode(', ', $set);
if(empty($keyfield)) $keyfield = 'rowid';
$sqlend = ' WHERE '.$keyfield.' = '.$lastinsertid;
$sql = $sqlstart.$sqlend;
// Run update request
$resql=$this->db->query($sql);
if($resql) {
// No error, update has been done. $this->db->db->affected_rows can be 0 if data hasn't changed
$updatedone = true;
}
else
{
//print 'E';
$this->errors[$error]['lib']=$this->db->lasterror();
$this->errors[$error]['type']='SQL';
$error++;
}
}
}
// Update not done, we do insert
if(!$error && !$updatedone) {
// Build SQL INSERT request
$sqlstart = 'INSERT INTO '.$tablename.'('.implode(', ', $listfields).', import_key';
$sqlend = ') VALUES('.implode(', ', $listvalues).", '".$importid."'";
if (! empty($tablewithentity_cache[$tablename])) {
$sqlstart.= ', entity';
$sqlend.= ', '.$conf->entity;
}
if (! empty($objimport->array_import_tables_creator[0][$alias])) {
$sqlstart.= ', '.$objimport->array_import_tables_creator[0][$alias];
$sqlend.=', '.$user->id;
}
$sql = $sqlstart.$sqlend.')';
dol_syslog("import_csv.modules", LOG_DEBUG);
// Run insert request
if ($sql)
{
//print 'E';
$this->errors[$error]['lib']=$this->db->lasterror();
$this->errors[$error]['type']='SQL';
$error++;
$resql=$this->db->query($sql);
$last_insert_id_array[$tablename] = $this->db->last_insert_id($tablename); // store the last inserted auto_increment id for each table, so that dependent tables can be inserted with the appropriate id. This must be done just after the INSERT request, else we risk losing the id (because another sql query will be issued somewhere in Dolibarr).
if ($resql)
{
$insertdone = true;
}
else
{
//print 'E';
$this->errors[$error]['lib']=$this->db->lasterror();
$this->errors[$error]['type']='SQL';
$error++;
}
}
}
}
@ -630,6 +702,9 @@ class ImportCsv extends ModeleImports
if ($error) break;
}
if($updatedone) $this->nbupdate++;
if($insertdone) $this->nbinsert++;
}
return 1;

2
htdocs/core/modules/modProduct.class.php
View File

@ -248,6 +248,7 @@ class modProduct extends DolibarrModules
$this->import_regex_array[$r]=array('p.ref'=>'[^ ]','p.tosell'=>'^[0|1]$','p.tobuy'=>'^[0|1]$','p.fk_product_type'=>'^[0|1]$','p.datec'=>'^[0-9][0-9][0-9][0-9]-[0-9][0-9]-[0-9][0-9]$','p.recuperableonly'=>'^[0|1]$');
$import_sample=array('p.ref'=>"PREF123456",'p.label'=>"My product",'p.description'=>"This is a description example for record",'p.note'=>"Some note",'p.price'=>"100",'p.price_ttc'=>"110",'p.tva_tx'=>'10','p.tosell'=>"0 or 1",'p.tobuy'=>"0 or 1",'p.fk_product_type'=>"0 for product/1 for service",'p.finished'=>'','p.duration'=>"1y",'p.datec'=>'2008-12-31','p.recuperableonly'=>'0 or 1');
$this->import_examplevalues_array[$r]=array_merge($import_sample,$import_extrafield_sample);
$this->import_updatekeys_array[$r]=array('p.ref'=>'Ref','p.barcode'=>'BarCode');
if (! empty($conf->fournisseur->enabled))
{
@ -276,6 +277,7 @@ class modProduct extends DolibarrModules
'sp.unitprice'=>'50',
'sp.remise_percent'=>'0'
);
$this->import_updatekeys_array[$r]=array('sp.fk_product'=>'ProductOrService','sp.ref_fourn'=>'SupplierRef');
}
if (! empty($conf->global->PRODUIT_MULTIPRICES))

1
htdocs/core/modules/modSociete.class.php
View File

@ -354,6 +354,7 @@ class modSociete extends DolibarrModules
//$this->import_convertvalue_array[$r]=array('s.fk_soc'=>array('rule'=>'lastrowid',table='t');
$this->import_regex_array[$r]=array('s.status'=>'^[0|1]','s.client'=>'^[0|1|2|3]','s.fournisseur'=>'^[0|1]','s.fk_typent'=>'id@'.MAIN_DB_PREFIX.'c_typent','s.datec'=>'^[0-9][0-9][0-9][0-9]-[0-9][0-9]-[0-9][0-9]( [0-9][0-9]:[0-9][0-9]:[0-9][0-9])?$');
$this->import_examplevalues_array[$r]=array('s.nom'=>"MyBigCompany",'s.status'=>"0 (closed) or 1 (active)",'s.client'=>'0 (no customer no prospect)/1 (customer)/2 (prospect)/3 (customer and prospect)','s.fournisseur'=>'0 or 1','s.datec'=>dol_print_date(dol_now(),'%Y-%m-%d'),'s.code_client'=>'CU01-0001 or empty or "auto"','s.code_fournisseur'=>'SU01-0001 or empty or "auto"','s.address'=>"61 jump street",'s.zip'=>"123456",'s.town'=>"Big town",'s.fk_pays'=>'US, FR, DE...','s.phone'=>"0101010101",'s.fax'=>"0101010102",'s.url'=>"http://mycompany.com",'s.email'=>"test@mycompany.com",'s.siret'=>"",'s.siren'=>"",'s.ape'=>"",'s.idprof4'=>"",'s.idprof5'=>"",'s.idprof6'=>"",'s.tva_intra'=>"FR0123456789",'s.capital'=>"10000",'s.note_private'=>"This is an example of private note for record",'s.note_public'=>"This is an example of public note for record",'s.fk_typent'=>"2",'s.fk_effectif'=>"3","s.fk_forme_juridique"=>"1",'s.fk_prospectlevel'=>'PL_MEDIUM','s.fk_stcomm'=>'0','s.default_lang'=>'en_US','s.barcode'=>'123456789','s.datec'=>"2015-01-01 or 2015-01-01 12:30:00");
$this->import_updatekeys_array[$r]=array('s.nom'=>'Name','s.code_client'=>'CustomerCode','s.code_fournisseur'=>'SupplierCode','s.code_compta'=>'CustomerAccountancyCode','s.code_compta_fournisseur'=>'SupplierAccountancyCode');
// Import list of contact and attributes
$r++;

2
htdocs/core/photos_resize.php
View File

@ -34,7 +34,7 @@ $langs->load("other");
$id=GETPOST('id','int');
$action=GETPOST('action','alpha');
$modulepart=GETPOST('modulepart','alpha')?GETPOST('modulepart','alpha'):'produit|service';
$original_file = isset($_REQUEST["file"])?urldecode($_REQUEST["file"]):'';
$original_file = GETPOST("file");
$backtourl=GETPOST('backtourl');
$cancel=GETPOST("cancel");

20
htdocs/core/tpl/objectline_create.tpl.php
View File

@ -153,7 +153,7 @@ else {
}
}
echo $form->select_type_of_lines(isset($_POST["type"])?$_POST["type"]:-1,'type',1,1,$forceall);
echo $form->select_type_of_lines(isset($_POST["type"])?GETPOST("type",'alpha',2):-1,'type',1,1,$forceall);
echo '</span>';
@ -253,25 +253,25 @@ else {
<td class="nobottom linecolvat" align="right"><?php
if ($seller->tva_assuj == "0") echo '<input type="hidden" name="tva_tx" id="tva_tx" value="0">'.vatrate(0, true);
else echo $form->load_tva('tva_tx', (isset($_POST["tva_tx"])?$_POST["tva_tx"]:-1), $seller, $buyer, 0, 0, '', false, 1);
else echo $form->load_tva('tva_tx', (isset($_POST["tva_tx"])?GETPOST("tva_tx",'alpha',2):-1), $seller, $buyer, 0, 0, '', false, 1);
?>
</td>
<td class="nobottom linecoluht" align="right">
<input type="text" size="5" name="price_ht" id="price_ht" class="flat" value="<?php echo (isset($_POST["price_ht"])?$_POST["price_ht"]:''); ?>">
<input type="text" size="5" name="price_ht" id="price_ht" class="flat" value="<?php echo (isset($_POST["price_ht"])?GETPOST("price_ht",'alpha',2):''); ?>">
</td>
<?php if (!empty($conf->multicurrency->enabled)) { $colspan++;?>
<td class="nobottom linecoluht_currency" align="right">
<input type="text" size="5" name="multicurrency_price_ht" id="multicurrency_price_ht" class="flat" value="<?php echo (isset($_POST["multicurrency_price_ht"])?$_POST["multicurrency_price_ht"]:''); ?>">
<input type="text" size="5" name="multicurrency_price_ht" id="multicurrency_price_ht" class="flat" value="<?php echo (isset($_POST["multicurrency_price_ht"])?GETPOST("multicurrency_price_ht",'alpha',2):''); ?>">
</td>
<?php } ?>
<?php if (! empty($inputalsopricewithtax)) { ?>
<td class="nobottom linecoluttc" align="right">
<input type="text" size="5" name="price_ttc" id="price_ttc" class="flat" value="<?php echo (isset($_POST["price_ttc"])?$_POST["price_ttc"]:''); ?>">
<input type="text" size="5" name="price_ttc" id="price_ttc" class="flat" value="<?php echo (isset($_POST["price_ttc"])?GETPOST("price_ttc",'alpha',2):''); ?>">
</td>
<?php } ?>
<td class="nobottom linecolqty" align="right"><input type="text" size="2" name="qty" id="qty" class="flat" value="<?php echo (isset($_POST["qty"])?$_POST["qty"]:1); ?>">
<td class="nobottom linecolqty" align="right"><input type="text" size="2" name="qty" id="qty" class="flat" value="<?php echo (isset($_POST["qty"])?GETPOST("qty",'alpha',2):1); ?>">
</td>
<?php
if($conf->global->PRODUCT_USE_UNITS)
@ -281,7 +281,7 @@ else {
print '</td>';
}
?>
<td class="nobottom nowrap linecoldiscount" align="right"><input type="text" size="1" name="remise_percent" id="remise_percent" class="flat" value="<?php echo (isset($_POST["remise_percent"])?$_POST["remise_percent"]:$buyer->remise_percent); ?>"><span class="hideonsmartphone">%</span></td>
<td class="nobottom nowrap linecoldiscount" align="right"><input type="text" size="1" name="remise_percent" id="remise_percent" class="flat" value="<?php echo (isset($_POST["remise_percent"])?GETPOST("remise_percent",'alpha',2):$buyer->remise_percent); ?>"><span class="hideonsmartphone">%</span></td>
<?php
if ($this->situation_cycle_ref) {
$coldisplay++;
@ -296,7 +296,7 @@ else {
<select id="fournprice_predef" name="fournprice_predef" class="flat" data-role="none" style="display: none;"></select>
<?php } ?>
<!-- For free product -->
<input type="text" size="5" id="buying_price" name="buying_price" class="flat" value="<?php echo (isset($_POST["buying_price"])?$_POST["buying_price"]:''); ?>">
<input type="text" size="5" id="buying_price" name="buying_price" class="flat" value="<?php echo (isset($_POST["buying_price"])?GETPOST("buying_price",'alpha',2):''); ?>">
</td>
<?php
@ -305,12 +305,12 @@ else {
{
if (! empty($conf->global->DISPLAY_MARGIN_RATES))
{
echo '<td align="right" class="nobottom nowrap margininfos"><input type="text" size="2" id="np_marginRate" name="np_marginRate" value="'.(isset($_POST["np_marginRate"])?$_POST["np_marginRate"]:'').'"><span class="np_marginRate hideonsmartphone">%</span></td>';
echo '<td align="right" class="nobottom nowrap margininfos"><input type="text" size="2" id="np_marginRate" name="np_marginRate" value="'.(isset($_POST["np_marginRate"])?GETPOST("np_marginRate",'alpha',2):'').'"><span class="np_marginRate hideonsmartphone">%</span></td>';
$coldisplay++;
}
if (! empty($conf->global->DISPLAY_MARK_RATES))
{
echo '<td align="right" class="nobottom nowrap margininfos"><input type="text" size="2" id="np_markRate" name="np_markRate" value="'.(isset($_POST["np_markRate"])?$_POST["np_markRate"]:'').'"><span class="np_markRate hideonsmartphone">%</span></td>';
echo '<td align="right" class="nobottom nowrap margininfos"><input type="text" size="2" id="np_markRate" name="np_markRate" value="'.(isset($_POST["np_markRate"])?GETPOST("np_markRate",'alpha',2):'').'"><span class="np_markRate hideonsmartphone">%</span></td>';
$coldisplay++;
}
}

4
htdocs/core/tpl/objectline_edit.tpl.php
View File

@ -185,7 +185,7 @@ $coldisplay=-1; // We remove first td
<?php if ($user->rights->margins->creer) {
if (! empty($conf->global->DISPLAY_MARGIN_RATES))
{
$margin_rate = (isset($_POST["np_marginRate"])?$_POST["np_marginRate"]:(($line->pa_ht == 0)?'':price($line->marge_tx)));
$margin_rate = (isset($_POST["np_marginRate"])?GETPOST("np_marginRate","alpha",2):(($line->pa_ht == 0)?'':price($line->marge_tx)));
// if credit note, dont allow to modify margin
if ($line->subprice < 0)
echo '<td align="right" class="nowrap margininfos">'.$margin_rate.'<span class="hideonsmartphone">%</span></td>';
@ -195,7 +195,7 @@ $coldisplay=-1; // We remove first td
}
elseif (! empty($conf->global->DISPLAY_MARK_RATES))
{
$mark_rate = (isset($_POST["np_markRate"])?$_POST["np_markRate"]:price($line->marque_tx));
$mark_rate = (isset($_POST["np_markRate"])?GETPOST("np_markRate",'alpha',2):price($line->marque_tx));
// if credit note, dont allow to modify margin
if ($line->subprice < 0)
echo '<td align="right" class="nowrap margininfos">'.$mark_rate.'<span class="hideonsmartphone">%</span></td>';

7
htdocs/ecm/docdir.php
View File

@ -117,8 +117,7 @@ if ($action == 'add' && $user->rights->ecm->setup)
else
{
$langs->load("errors");
setEventMessages($langs->trans($ecmdir->error), null, 'errors');
setEventMessages($ecmdir->error, $ecmdir->errors, 'errors');
setEventMessages($langs->trans($ecmdir->error), $ecmdir->errors, 'errors');
$action = 'create';
}
}
@ -173,9 +172,7 @@ if ($action == 'create')
print '</textarea>';
print '</td></tr>'."\n";
print '</td></tr>'."\n";
print '</table><br>';
print '</table>';
dol_fiche_end();

3
htdocs/ecm/index.php
View File

@ -494,7 +494,7 @@ if ($action == 'delete_section')
if (empty($action) || $action == 'file_manager' || preg_match('/refresh/i',$action) || $action == 'delete')
{
print '<table width="100%" class="nobordernopadding">'."\n";
print '<table width="100%" class="liste noborderbottom">'."\n";
print '<!-- Title for manual directories -->'."\n";
print '<tr class="liste_titre">'."\n";
@ -721,6 +721,7 @@ if (empty($action) || $action == 'file_manager' || preg_match('/refresh/i',$acti
$mode='noajax';
$url=DOL_URL_ROOT.'/ecm/index.php';
include_once DOL_DOCUMENT_ROOT.'/core/ajax/ajaxdirpreview.php';

2
htdocs/ecm/index_auto.php
View File

@ -480,7 +480,7 @@ if ($action == 'delete_section')
if (empty($action) || $action == 'file_manager' || preg_match('/refresh/i',$action) || $action == 'delete')
{
print '<table width="100%" class="nobordernopadding">'."\n";
print '<table width="100%" class="liste noborderbottom">'."\n";
print '<!-- Title for auto directories -->'."\n";
print '<tr class="liste_titre">'."\n";

19
htdocs/expensereport/card.php
View File

@ -1350,10 +1350,10 @@ else
print '<input type="hidden" name="action" value="update">';
}
print '<table class="border" style="width:100%;">';
$linkback = '<a href="'.DOL_URL_ROOT.'/expensereport/list.php'.(! empty($socid)?'?socid='.$socid:'').'">'.$langs->trans("BackToList").'</a>';
print '<table class="border" style="width:100%;">';
print '<tr>';
print '<td>'.$langs->trans("User").'</td>';
print '<td>';
@ -1564,12 +1564,6 @@ else
print '<table class="border centpercent">';
// Ref
/*
print '<tr><td class="titlefield">'.$langs->trans("Ref").'</td><td colspan="2">';
print $form->showrefnav($object, 'ref', $linkback, 1, 'ref', 'ref', '');
print '</td></tr>';*/
// Author
print '<tr>';
print '<td class="titlefield">'.$langs->trans("User").'</td>';
@ -1586,7 +1580,7 @@ else
print '<tr>';
print '<td class="titlefield">'.$langs->trans("Period").'</td>';
print '<td>';
print get_date_range($object->date_debut,$object->date_fin,'',$langs,0);
print get_date_range($object->date_debut,$object->date_fin,'day',$langs,0);
print '</td>';
print '</tr>';
if (! empty($conf->global->EXPENSEREPORT_ASK_PAYMENTMODE_ON_CREATION))
@ -1596,13 +1590,6 @@ else
print '<td>'.$object->libelle_paiement.'</td>';
print '</tr>';
}
// Status
/*
print '<tr>';
print '<td>'.$langs->trans("Statut").'</td>';
print '<td colspan="2">'.$object->getLibStatut(4).'</td>';
print '</tr>';
*/
// Amount
print '<tr>';

216
htdocs/expensereport/synchro_compta.php
View File

@ -1,216 +0,0 @@
<?php
/* Copyright (C) 2015 Laurent Destailleur <eldy@users.sourceforge.net>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
require '../main.inc.php';
require_once DOL_DOCUMENT_ROOT . '/compta/bank/class/account.class.php';
require_once DOL_DOCUMENT_ROOT . '/expensereport/class/expensereport.class.php';
$langs->load("companies");
$langs->load("users");
$langs->load("trips");
$langs->load("banks");
$idAccount=isset($_GET["account"])?$_GET["account"]:$_POST["account"];
if ($_GET["action"] == 'confirm_ndf_to_account' && $_GET["confirm"] == "yes"):
$idTrip = $_GET['idTrip'];
$expensereport = new ExpenseReport($db);
$expensereport->fetch($idTrip,$user);
$dateop = dol_mktime(12,0,0,$datePaiement[1],$datePaiement[2],$datePaiement[0]);
$operation = $expensereport->code_paiement;
$label = "Règlement ".$expensereport->ref;
$amount = - price2num($expensereport->total_ttc);
$num_chq = '';
$cat1 = '';
$user = new User($db);
$user->fetch($user->id);
$acct=new Account($db,$idAccount);
$insertid = $acct->addline($dateop, $operation, $label, $amount, $num_chq, $cat1, $user);
if ($insertid > 0):
$sql = " UPDATE ".MAIN_DB_PREFIX."expensereport as d";
$sql.= " SET integration_compta = 1, fk_bank_account = $idAccount";
$sql.= " WHERE rowid = $idTrip";
$resql=$db->query($sql);
if($result):
Header("Location: ".$_SERVER["PHP_SELF"]."?account=".$idAccount);
exit;
else:
dol_print_error($db);
endif;
else:
dol_print_error($db,$acct->error);
endif;
endif;
if ($_GET["action"] == 'confirm_account_to_ndf' && $_GET["confirm"] == "yes"):
$idTrip = $_GET['idTrip'];
$expensereport = new ExpenseReport($db);
$expensereport->fetch($idTrip,$user);
$sql = "DELETE FROM ".MAIN_DB_PREFIX."bank";
$sql.= " WHERE label LIKE '%".$expensereport->ref."%'";
$resql=$db->query($sql);
if ($resql > 0):
$sql = " UPDATE ".MAIN_DB_PREFIX."expensereport as d";
$sql.= " SET integration_compta = 0, fk_bank_account = 0";
$sql.= " WHERE rowid = $idTrip";
$resql=$db->query($sql);
if($result):
Header("Location: ".$_SERVER["PHP_SELF"]."?account=".$idAccount);
exit;
else:
dol_print_error($db);
endif;
else:
dol_print_error($db);
endif;
endif;
/*
* Actions
*/
llxHeader();
$html = new Form($db);
$submit = isset($_POST['submit'])?true:false;
$idAccount=isset($_GET["account"])?$_GET["account"]:$_POST["account"];
print load_fiche_titre($langs->trans("TripSynch"));
dol_fiche_head('');
if ($_GET["action"] == 'ndfTOaccount'):
$idTrip = $_GET['idTrip'];
$ret=$html->form_confirm($_SERVER["PHP_SELF"]."?idTrip=".$idTrip."&account=".$idAccount,$langs->trans("ndfToAccount"),$langs->trans("ConfirmNdfToAccount"),"confirm_ndf_to_account","","",1);
if ($ret == 'html') print '<br />';
endif;
if ($_GET["action"] == 'accountTOndf'):
$idTrip = $_GET['idTrip'];
$ret=$html->form_confirm($_SERVER["PHP_SELF"]."?idTrip=".$idTrip."&account=".$idAccount,$langs->trans("AccountToNdf"),$langs->trans("ConfirmAccountToNdf"),"confirm_account_to_ndf","","",1);
if ($ret == 'html') print '<br />';
endif;
if(empty($submit) && empty($idAccount)):
print "<form name='add' method=\"post\" action=\"synchro_compta.php\">";
print 'Choix du compte&nbsp;&nbsp;';
print $html->select_comptes($_POST['account'],'account',0,'',1);
print '&nbsp;<input type="submit" name="submit" class="button" value="'.$langs->trans("ViewAccountSynch").'">';
print "</form>";
else:
print "<form name='add' method=\"post\" action=\"synchro_compta.php\">";
print 'Choix du compte&nbsp;&nbsp;';
print $html->select_comptes($idAccount,'account',0,'',1);
print '&nbsp;<input type="submit" class="button" value="'.$langs->trans("ViewAccountSynch").'">';
print "</form>";
$sql = "SELECT d.fk_bank_account, d.ref, d.rowid, d.date_valid, d.fk_user_author, d.total_ttc, d.integration_compta, d.fk_statut";
$sql.= " ,CONCAT(u.firstname,' ',u.lastname) as declarant_NDF";
$sql.= " FROM ".MAIN_DB_PREFIX."expensereport as d";
$sql.= " INNER JOIN ".MAIN_DB_PREFIX."user as u ON d.fk_user_author = u.rowid";
$sql.= " WHERE d.fk_statut = 6";
$sql.= ' AND d.entity IN ('.getEntity('expensereport', 1).')';
$sql.= " ORDER BY d.date_valid DESC";
$resql=$db->query($sql);
if ($resql):
$num = $db->num_rows($resql); $i = 0;
if($num>0):
$account=new Account($db);
$account->fetch($idAccount);
print '<br>';
print "<table class='noborder' width='80%'>";
print '<tr class="liste_titre">';
print '<td>'.$langs->trans("Ref").'</td>';
print '<td>'.$langs->trans("DateValidation").'</td>';
print '<td>'.$langs->trans("USER_AUTHOR").'</td>';
print '<td align="center">'.$langs->trans("TotalTTC").'</td>';
print '<td align="center">Actions</td>';
print '<td>Compte</td>';
print '<td align="center">Int.</td>';
print '</tr>';
while($i<$num):
$objp = $db->fetch_object($resql);
$var=!$var;
print '<tr'. $bc[$var].'>';
print '<td>'.$objp->ref.'</td>';
print '<td>'.dol_print_date($db->jdate($objp->date_valid),'day').'</td>';
print '<td><a href="'.DOL_URL_ROOT.'/user/card.php?id='.$objp->fk_user_author.'">'.img_object($langs->trans("ShowUser"),"user").' '.$objp->declarant_NDF.'</a></td>';
print '<td align="center">'.$objp->total_ttc.' '.$langs->trans("EURO").'</td>';
if($objp->integration_compta)
{
print '<td align="center"><a href="synchro_compta.php?action=accountTOndf&idTrip='.$objp->rowid.'&account='.$idAccount.'"><img src="'.DOL_URL_ROOT.'/theme/'.$conf->theme.'/img/1leftarrow.png" style="border:0px;" alt="Compte vers NDF" title="Compte vers NDF"/></a></td>';
}
else
{
print '<td align="center"><a href="synchro_compta.php?action=ndfTOaccount&idTrip='.$objp->rowid.'&account='.$idAccount.'"><img src="'.DOL_URL_ROOT.'/theme/'.$conf->theme.'/img/1rightarrow.png" style="border:0px;" alt="NDF vers Compte" title="NDF vers Compte"/></a></td>';
}
print '<td>'.$account->label.'</td>';
if($objp->integration_compta)
{
print '<td align="center"><img src="'.DOL_URL_ROOT.'/theme/'.$conf->theme.'/img/tick.png" style="border:0px;" alt="Intégration OK" /></td>';
}
else
{
print '<td align="center"><img src="'.DOL_URL_ROOT.'/theme/'.$conf->theme.'/img/off.png" style="border:0px;" alt="Intégration Non OK" /></td>';
}
print "</tr>";
$i++;
endwhile;
print "</table>";
else:
print '<div class="error">'.$langs->trans("NoTripToSync").'</div>';
endif;
$db->free($resql);
else:
dol_print_error($db);
endif;
endif;
dol_fiche_end();
llxFooter();
$db->close();

5
htdocs/fichinter/class/fichinterstats.class.php
View File

@ -61,6 +61,7 @@ class FichinterStats extends Stats
$this->userid = $userid;
$this->cachefilesuffix = $mode;
$this->where.= " c.entity = ".$conf->entity;
if ($mode == 'customer')
{
$object=new Fichinter($this->db);
@ -68,10 +69,8 @@ class FichinterStats extends Stats
$this->from_line = MAIN_DB_PREFIX.$object->table_element_line." as tl";
$this->field='0';
$this->field_line='0';
$this->where.= " c.fk_statut > 0"; // Not draft and not cancelled
//$this->where.= " AND c.fk_statut > 0"; // Not draft and not cancelled
}
//$this->where.= " AND c.fk_soc = s.rowid AND c.entity = ".$conf->entity;
$this->where.= " AND c.entity = ".$conf->entity;
if (!$user->rights->societe->client->voir && !$this->socid) $this->where .= " AND c.fk_soc = sc.fk_soc AND sc.fk_user = " .$user->id;
if ($this->socid)
{

10
htdocs/fichinter/stats/index.php
View File

@ -47,6 +47,8 @@ $year = GETPOST('year')>0?GETPOST('year'):$nowyear;
$startyear=$year-1;
$endyear=$year;
$object_status=GETPOST('object_status');
$langs->load('interventions');
$langs->load('companies');
$langs->load('other');
@ -58,6 +60,7 @@ $langs->load('suppliers');
*/
$form=new Form($db);
$objectstatic=new FichInter($db);
if ($mode == 'customer')
{
@ -72,6 +75,7 @@ print load_fiche_titre($title,'','title_commercial.png');
dol_mkdir($dir);
$stats = new FichinterStats($db, $socid, $mode, ($userid>0?$userid:0));
if ($object_status != '' && $object_status > -1) $stats->where .= ' AND c.fk_statut IN ('.$object_status.')';
// Build graphic number of object
$data = $stats->getNbByMonthWithPrevYear($endyear,$startyear);
@ -249,6 +253,12 @@ print '<div class="fichecenter"><div class="fichethirdleft">';
// User
print '<tr><td align="left">'.$langs->trans("CreatedBy").'</td><td align="left">';
print $form->select_dolusers($userid, 'userid', 1, '', 0, '', '', 0, 0, 0, '', 0, '', 'maxwidth300');
// Status
print '<tr><td align="left">'.$langs->trans("Status").'</td><td align="left">';
$liststatus=$objectstatic->statuts_short;
if (empty($conf->global->FICHINTER_CLASSIFY_BILLED)) unset($liststatus[2]); // Option deprecated. In a future, billed must be managed with a dedicated field to 0 or 1
print $form->selectarray('object_status', $liststatus, $object_status, 1, 0, 0, '', 1);
print '</td></tr>';
// Year
print '<tr><td align="left">'.$langs->trans("Year").'</td><td align="left">';
if (! in_array($year,$arrayyears)) $arrayyears[$year]=$year;

1
htdocs/filefunc.inc.php
View File

@ -154,6 +154,7 @@ if (empty($dolibarr_main_db_encryption)) $dolibarr_main_db_encryption=0;
if (empty($dolibarr_main_db_cryptkey)) $dolibarr_main_db_cryptkey='';
if (empty($dolibarr_main_limit_users)) $dolibarr_main_limit_users=0;
if (empty($dolibarr_mailing_limit_sendbyweb)) $dolibarr_mailing_limit_sendbyweb=0;
if (empty($dolibarr_mailing_limit_sendbycli)) $dolibarr_mailing_limit_sendbycli=0;
if (empty($dolibarr_strict_mode)) $dolibarr_strict_mode=0; // For debug in php strict mode
// TODO Multicompany Remove this. Useless.
if (empty($multicompany_transverse_mode)) $multicompany_transverse_mode=0;

50
htdocs/fourn/class/fournisseur.commande.class.php
View File

@ -327,10 +327,10 @@ class CommandeFournisseur extends CommonOrder
$line->product_label = $objp->product_label;
$line->product_desc = $objp->product_desc;
$line->ref = $objp->product_ref;
$line->product_ref = $objp->product_ref;
$line->ref_fourn = $objp->ref_supplier;
$line->ref_supplier = $objp->ref_supplier;
$line->ref = $objp->product_ref; // Ref of product
$line->product_ref = $objp->product_ref; // Ref of product
$line->ref_fourn = $objp->ref_supplier; // The supplier ref of price when product was added. May have change since
$line->ref_supplier = $objp->ref_supplier; // The supplier ref of price when product was added. May have change since
$line->date_start = $this->db->jdate($objp->date_start);
$line->date_end = $this->db->jdate($objp->date_end);
@ -1160,7 +1160,7 @@ class CommandeFournisseur extends CommonOrder
$this->lines[$i]->localtax2_tx,
$this->lines[$i]->fk_product,
0,
$this->lines[$i]->ref_fourn,
$this->lines[$i]->ref_fourn, // $this->lines[$i]->ref_fourn comes from field ref into table of lines. Value may ba a ref that does not exists anymore, so we first try with value of product
$this->lines[$i]->remise_percent,
'HT',
0,
@ -1322,7 +1322,7 @@ class CommandeFournisseur extends CommonOrder
* @param float $txlocaltax2 Localtax2 tax
* @param int $fk_product Id product
* @param int $fk_prod_fourn_price Id supplier price
* @param string $fourn_ref Supplier reference
* @param string $fourn_ref Supplier reference price
* @param float $remise_percent Remise
* @param string $price_base_type HT or TTC
* @param float $pu_ttc Unit price TTC
@ -1369,7 +1369,8 @@ class CommandeFournisseur extends CommonOrder
$pu=$pu_ttc;
}
$desc=trim($desc);
$ref_supplier=''; // Ref of supplier price when we add line
// Check parameters
if ($qty < 1 && ! $fk_product)
{
@ -1391,15 +1392,28 @@ class CommandeFournisseur extends CommonOrder
$prod = new Product($this->db, $fk_product);
if ($prod->fetch($fk_product) > 0)
{
$result=$prod->get_buyprice($fk_prod_fourn_price, $qty, $fk_product, $fourn_ref); // Search on couple $fk_prod_fourn_price/$qty first, then on triplet $qty/$fk_product/$fourn_ref
$product_type = $prod->type;
$label = $prod->libelle;
// We use 'none' instead of $fourn_ref, because fourn_ref may not exists anymore. So we will take the first supplier price ok.
// If we want a dedicated supplier price, we must provide $fk_prod_fourn_price.
$result=$prod->get_buyprice($fk_prod_fourn_price, $qty, $fk_product, 'none', $this->fk_soc); // Search on couple $fk_prod_fourn_price/$qty first, then on triplet $qty/$fk_product/$fourn_ref/$this->fk_soc
if ($result > 0)
{
$label = $prod->libelle;
$pu = $prod->fourn_pu;
$ref_supplier = $prod->ref_supplier;
$product_type = $prod->type;
$pu = $prod->fourn_pu; // Unit price supplier price set by get_buyprice
$ref_supplier = $prod->ref_supplier; // Ref supplier price set by get_buyprice
}
if ($result == 0 || $result == -1)
if ($result == 0) // If result == 0, we failed to found the supplier reference price
{
$langs->load("errors");
$this->error = "Ref " . $prod->ref . " " . $langs->trans("ErrorQtyTooLowForThisSupplier");
$this->db->rollback();
dol_syslog(get_class($this)."::addline we did not found supplier price, so we can't guess unit price");
//$pu = $prod->fourn_pu; // We do not overwrite unit price
//$ref = $prod->ref_fourn; // We do not overwrite ref supplier price
return -1;
}
if ($result == -1)
{
$langs->load("errors");
$this->error = "Ref " . $prod->ref . " " . $langs->trans("ErrorQtyTooLowForThisSupplier");
@ -2899,15 +2913,7 @@ class CommandeFournisseurLigne extends CommonOrderLine
// From llx_product_fournisseur_price
/**
* Supplier ref
* @var string
* @deprecated Use ref_supplier
* @see ref_supplier
*/
public $ref_fourn;
/**
* Supplier reference
* Supplier reference of price when we added the line. May have been changed after line was added.
* @var string
*/
public $ref_supplier;

6
htdocs/fourn/class/fournisseur.facture.class.php
View File

@ -2263,12 +2263,14 @@ class SupplierInvoiceLine extends CommonObjectLine
* @var string
*/
public $product_ref;
/**
* Reference product supplier
* TODO Rename field ref to ref_supplier into table llx_facture_fourn_det and llx_commande_fournisseurdet and update fields it into updateline
* Supplier reference of price when we added the line. May have been changed after line was added.
* TODO Rename field ref to ref_supplier into table llx_facture_fourn_det and llx_commande_fournisseurdet and update fields into updateline
* @var string
*/
public $ref_supplier;
/**
* @deprecated
* @see label

31
htdocs/fourn/commande/orderstoinvoice.php
View File

@ -108,7 +108,7 @@ if (($action == 'create' || $action == 'add') && ! $error) {
$langs->load('products');
$langs->load('main');
if (isset($_GET['orders_to_invoice'])) {
$orders_id = $_GET['orders_to_invoice'];
$orders_id = GETPOST('orders_to_invoice','',1);
$n = count($orders_id);
$i = 0;
@ -116,7 +116,7 @@ if (($action == 'create' || $action == 'add') && ! $error) {
$_GET['originid'] = $orders_id[0];
}
if (isset($_POST['orders_to_invoice'])) {
$orders_id = $_POST['orders_to_invoice'];
$orders_id = GETPOST('orders_to_invoice','',1);
$nn = count($orders_id);
$ii = 0;
@ -149,10 +149,10 @@ if (($action == 'create' || $action == 'add') && ! $error) {
$datefacture = dol_mktime(date("h"), date("M"), 0, date("m"), date("d"), date("Y"));
}
if (! $error) {
$object->ref = $_POST['ref'];
$object->ref_supplier = $_POST['ref_supplier'];
$object->socid = $_POST['socid'];
$object->libelle = $_POST['libelle'];
$object->ref = GETPOST('ref');
$object->ref_supplier = GETPOST('ref_supplier');
$object->socid = GETPOST('socid','int');
$object->libelle = GETPOST('libelle');
$object->date = $datefacture;
$object->date_echeance = $datedue;
$object->note_public = GETPOST('note_public');
@ -178,7 +178,7 @@ if (($action == 'create' || $action == 'add') && ! $error) {
foreach ( $orders_id as $origin => $origin_id ) {
$origin_id = (! empty($origin_id) ? $origin_id : $orders_id[$ii]);
$object->add_object_linked($_POST['origin'], $origin_id);
$object->add_object_linked(GETPOST('origin'), $origin_id);
}
while ( $ii < $nn ) {
@ -321,7 +321,7 @@ if ($action == 'create' && !$error) {
print '<tr><td class="fieldrequired">' . $langs->trans('Ref') . '</td><td colspan="2">' . $langs->trans('Draft') . '</td></tr>';
// Ref supplier
print '<tr><td class="fieldrequired">' . $langs->trans('RefSupplier') . '</td><td><input name="ref_supplier" value="' . (isset($_POST['ref_supplier']) ? $_POST['ref_supplier'] : '') . '" type="text"></td>';
print '<tr><td class="fieldrequired">' . $langs->trans('RefSupplier') . '</td><td><input name="ref_supplier" value="' . dol_escape_htmltag(isset($_POST['ref_supplier']) ? GETPOST('ref_supplier','alpha', 2) : '') . '" type="text"></td>';
print '</tr>';
// Third party
@ -387,7 +387,7 @@ if ($action == 'create' && !$error) {
print '<tr>';
print '<td class="border" valign="top">' . $langs->trans('NotePublic') . '</td>';
print '<td valign="top" colspan="2">';
print '<textarea name="note_public" wrap="soft" cols="70" rows="' . ROWS_3 . '">';
print '<textarea name="note_public" wrap="soft" class="quatrevingtpercent" rows="' . ROWS_3 . '">';
print $langs->trans("Orders") . ": " . implode(', ', $listoforders);
@ -422,7 +422,7 @@ if ($action == 'create' && !$error) {
if (($action != 'create' && $action != 'add') && !$error) {
llxHeader();
?>
<script type="text/javascript">
<script type="text/javascript">
jQuery(document).ready(function() {
jQuery("#checkall").click(function() {
jQuery(".checkformerge").prop('checked', true);
@ -456,10 +456,10 @@ if (($action != 'create' && $action != 'add') && !$error) {
if (! $user->rights->societe->client->voir && ! $socid)
$sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " . $user->id;
if ($sref) {
$sql .= " AND c.ref LIKE '%" . $db->escape($sref) . "%'";
$sql .= natural_search("c.ref", $sref);
}
if ($sall) {
$sql .= " AND (c.ref LIKE '%" . $db->escape($sall) . "%' OR c.note LIKE '%" . $db->escape($sall) . "%')";
$sql .= natural_search(array("c.ref","c.note"), $sall);
}
// Date filter
@ -469,7 +469,7 @@ if (($action != 'create' && $action != 'add') && !$error) {
$sql .= " AND c.date_livraison >= '" . $db->idate($date_starty) . "' AND c.date_livraison <= '" . $db->idate($date_endy) . "'";
if (! empty($sref_client)) {
$sql .= ' AND c.ref_supplier LIKE \'%' . $db->escape($sref_client) . '%\'';
$sql .= natural_search('c.ref_supplier', $sref_client);
}
$sql .= ' ORDER BY ' . $sortfield . ' ' . $sortorder;
dol_syslog('fourn/commande/ordertoinvoice.php sql=' . $sql);
@ -495,7 +495,7 @@ if (($action != 'create' && $action != 'add') && !$error) {
print '<h3>' . $companystatic->getNomUrl(1, 'customer') . '</h3>';
}
print '<form method="get" action="orderstoinvoice.php">';
print '<form name="orders2invoice" method="GET" action="orderstoinvoice.php">';
print '<input type="hidden" name="socid" value="' . $socid . '">';
print '<table class="noborder" width="100%">';
print '<tr class="liste_titre">';
@ -541,7 +541,6 @@ if (($action != 'create' && $action != 'add') && !$error) {
print '</td></tr>';
print '<form name="orders2invoice" action="orderstoinvoice.php" method="GET">';
$var = True;
$generic_commande = new CommandeFournisseur($db);
@ -607,7 +606,9 @@ if (($action != 'create' && $action != 'add') && !$error) {
print '<input type="submit" class="butAction" value="' . $langs->trans("GenerateBill") . '">';
print '</div>';
print '</div>';
print '</form>';
$db->free($resql);
} else {
print dol_print_error($db);

20
htdocs/fourn/facture/card.php
View File

@ -386,13 +386,13 @@ if (empty($reshook))
if (! $error) {
// This is a replacement invoice
$result = $object->fetch($_POST['fac_replacement']);
$result = $object->fetch(GETPOST('fac_replacement'),'int');
$object->fetch_thirdparty();
$object->ref = $_POST['ref'];
$object->ref_supplier = $_POST['ref_supplier'];
$object->socid = $_POST['socid'];
$object->libelle = $_POST['label'];
$object->ref = GETPOST('ref');
$object->ref_supplier = GETPOST('ref_supplier','alpha');
$object->socid = GETPOST('socid','int');
$object->libelle = GETPOST('label');
$object->date = $datefacture;
$object->date_echeance = $datedue;
$object->note_public = GETPOST('note_public');
@ -407,7 +407,7 @@ if (empty($reshook))
$object->multicurrency_tx = GETPOST('originmulticurrency_tx', 'int');
// Proprietes particulieres a facture de remplacement
$object->fk_facture_source = $_POST['fac_replacement'];
$object->fk_facture_source = GETPOST('fac_replacement');
$object->type = FactureFournisseur::TYPE_REPLACEMENT;
$id = $object->createFromCurrent($user);
@ -586,7 +586,7 @@ if (empty($reshook))
if (! $error && $_POST['origin'] && $_POST['originid'])
{
// Parse element/subelement (ex: project_task)
$element = $subelement = $_POST['origin'];
$element = $subelement = GETPOST('origin');
/*if (preg_match('/^([^_]+)_([^_]+)/i',$_POST['origin'],$regs))
{
$element = $regs[1];
@ -610,8 +610,8 @@ if (empty($reshook))
{
$element = 'projet';
}
$object->origin = $_POST['origin'];
$object->origin_id = $_POST['originid'];
$object->origin = GETPOST('origin');
$object->origin_id = GETPOST('originid');
$id = $object->create($user);
@ -623,7 +623,7 @@ if (empty($reshook))
if ($classname == 'Fournisseur.commande') $classname='CommandeFournisseur';
$srcobject = new $classname($db);
$result=$srcobject->fetch($_POST['originid']);
$result=$srcobject->fetch(GETPOST('originid','int'));
if ($result > 0)
{
$lines = $srcobject->lines;

390
htdocs/holiday/card.php
View File

@ -54,7 +54,7 @@ $now=dol_now();
// If create a request
if ($action == 'create')
{
$cp = new Holiday($db);
$object = new Holiday($db);
// If no right to create a request
if (($userid == $user->id && empty($user->rights->holiday->write)) || ($userid != $user->id && empty($user->rights->holiday->write_all)))
@ -115,7 +115,7 @@ if ($action == 'create')
}
// Check if there is already holiday for this period
$verifCP = $cp->verifDateHolidayCP($userID, $date_debut, $date_fin, $halfday);
$verifCP = $object->verifDateHolidayCP($userID, $date_debut, $date_fin, $halfday);
if (! $verifCP)
{
setEventMessages($langs->trans("alreadyCPexist"), null, 'errors');
@ -145,15 +145,15 @@ if ($action == 'create')
if (! $error)
{
$cp->fk_user = $userid;
$cp->description = $description;
$cp->date_debut = $date_debut;
$cp->date_fin = $date_fin;
$cp->fk_validator = $valideur;
$cp->halfday = $halfday;
$cp->fk_type = $type;
$object->fk_user = $userid;
$object->description = $description;
$object->date_debut = $date_debut;
$object->date_fin = $date_fin;
$object->fk_validator = $valideur;
$object->halfday = $halfday;
$object->fk_type = $type;
$result = $cp->create($user);
$result = $object->create($user);
}
// If no SQL error we redirect to the request card
@ -161,7 +161,7 @@ if ($action == 'create')
{
$db->commit();
header('Location: '.$_SERVER["PHP_SELF"].'?id='.$cp->id);
header('Location: '.$_SERVER["PHP_SELF"].'?id='.$object->id);
exit;
}
else
@ -191,13 +191,13 @@ if ($action == 'update')
exit;
}
$cp = new Holiday($db);
$cp->fetch($id);
$object = new Holiday($db);
$object->fetch($id);
$canedit=(($user->id == $cp->fk_user && $user->rights->holiday->write) || ($user->id != $cp->fk_user && $user->rights->holiday->write_all));
$canedit=(($user->id == $object->fk_user && $user->rights->holiday->write) || ($user->id != $object->fk_user && $user->rights->holiday->write_all));
// If under validation
if ($cp->statut == 1)
if ($object->statut == 1)
{
// If this is the requestor or has read/write rights
if ($canedit)
@ -207,25 +207,25 @@ if ($action == 'update')
// If no start date
if (empty($_POST['date_debut_'])) {
header('Location: '.$_SERVER["PHP_SELF"].'?id='.$cp->id.'&action=edit&error=nodatedebut');
header('Location: '.$_SERVER["PHP_SELF"].'?id='.$object->id.'&action=edit&error=nodatedebut');
exit;
}
// If no end date
if (empty($_POST['date_fin_'])) {
header('Location: '.$_SERVER["PHP_SELF"].'?id='.$cp->id.'&action=edit&error=nodatefin');
header('Location: '.$_SERVER["PHP_SELF"].'?id='.$object->id.'&action=edit&error=nodatefin');
exit;
}
// If start date after end date
if ($date_debut > $date_fin) {
header('Location: '.$_SERVER["PHP_SELF"].'?id='.$cp->id.'&action=edit&error=datefin');
header('Location: '.$_SERVER["PHP_SELF"].'?id='.$object->id.'&action=edit&error=datefin');
exit;
}
// If no validator designated
if ($valideur < 1) {
header('Location: '.$_SERVER["PHP_SELF"].'?id='.$cp->id.'&action=edit&error=Valideur');
header('Location: '.$_SERVER["PHP_SELF"].'?id='.$object->id.'&action=edit&error=Valideur');
exit;
}
@ -233,32 +233,32 @@ if ($action == 'update')
$nbopenedday=num_open_day($date_debut_gmt, $date_fin_gmt, 0, 1, $halfday);
if ($nbopenedday < 0.5)
{
header('Location: '.$_SERVER["PHP_SELF"].'?id='.$cp->id.'&action=edit&error=DureeHoliday');
header('Location: '.$_SERVER["PHP_SELF"].'?id='.$object->id.'&action=edit&error=DureeHoliday');
exit;
}
$cp->description = $description;
$cp->date_debut = $date_debut;
$cp->date_fin = $date_fin;
$cp->fk_validator = $valideur;
$cp->halfday = $halfday;
$object->description = $description;
$object->date_debut = $date_debut;
$object->date_fin = $date_fin;
$object->fk_validator = $valideur;
$object->halfday = $halfday;
// Update
$verif = $cp->update($user->id);
$verif = $object->update($user->id);
if ($verif > 0)
{
header('Location: '.$_SERVER["PHP_SELF"].'?id='.$cp->id);
header('Location: '.$_SERVER["PHP_SELF"].'?id='.$object->id);
exit;
}
else
{
// Otherwise we display the request form with the SQL error message
header('Location: '.$_SERVER["PHP_SELF"].'?id='.$cp->id.'&action=edit&error=SQL_Create&msg='.$cp->error);
header('Location: '.$_SERVER["PHP_SELF"].'?id='.$object->id.'&action=edit&error=SQL_Create&msg='.$object->error);
exit;
}
}
} else {
header('Location: '.$_SERVER["PHP_SELF"].'?id='.$cp->id);
header('Location: '.$_SERVER["PHP_SELF"].'?id='.$object->id);
exit;
}
}
@ -270,18 +270,18 @@ if ($action == 'confirm_delete' && GETPOST('confirm') == 'yes' && $user->rights-
$db->begin();
$cp = new Holiday($db);
$cp->fetch($id);
$object = new Holiday($db);
$object->fetch($id);
$canedit=(($user->id == $cp->fk_user && $user->rights->holiday->write) || ($user->id != $cp->fk_user && $user->rights->holiday->write_all));
$canedit=(($user->id == $object->fk_user && $user->rights->holiday->write) || ($user->id != $object->fk_user && $user->rights->holiday->write_all));
// If this is a rough draft
if ($cp->statut == 1 || $cp->statut == 3)
if ($object->statut == 1 || $object->statut == 3)
{
// Si l'utilisateur à le droit de lire cette demande, il peut la supprimer
if ($canedit)
{
$result=$cp->delete($cp->id);
$result=$object->delete($object->id);
}
else
{
@ -304,36 +304,36 @@ if ($action == 'confirm_delete' && GETPOST('confirm') == 'yes' && $user->rights-
// Si envoi de la demande
if ($action == 'confirm_send')
{
$cp = new Holiday($db);
$cp->fetch($id);
$object = new Holiday($db);
$object->fetch($id);
$canedit=(($user->id == $cp->fk_user && $user->rights->holiday->write) || ($user->id != $cp->fk_user && $user->rights->holiday->write_all));
$canedit=(($user->id == $object->fk_user && $user->rights->holiday->write) || ($user->id != $object->fk_user && $user->rights->holiday->write_all));
// Si brouillon et créateur
if($cp->statut == 1 && $canedit)
if($object->statut == 1 && $canedit)
{
$cp->statut = 2;
$object->statut = 2;
$verif = $cp->update($user->id);
$verif = $object->update($user->id);
// Si pas d'erreur SQL on redirige vers la fiche de la demande
if ($verif > 0)
{
// To
$destinataire = new User($db);
$destinataire->fetch($cp->fk_validator);
$destinataire->fetch($object->fk_validator);
$emailTo = $destinataire->email;
if (!$emailTo)
{
dol_syslog("Expected validator has no email, so we redirect directly to finished page without sending email");
header('Location: '.$_SERVER["PHP_SELF"].'?id='.$cp->id);
header('Location: '.$_SERVER["PHP_SELF"].'?id='.$object->id);
exit;
}
// From
$expediteur = new User($db);
$expediteur->fetch($cp->fk_user);
$expediteur->fetch($object->fk_user);
$emailFrom = $expediteur->email;
// Subject
@ -347,26 +347,26 @@ if ($action == 'confirm_send')
$message.= "\n";
$message.= $langs->transnoentities("HolidaysToValidateBody")."\n";
$delayForRequest = $cp->getConfCP('delayForRequest');
$delayForRequest = $object->getConfCP('delayForRequest');
//$delayForRequest = $delayForRequest * (60*60*24);
$nextMonth = dol_time_plus_duree($now, $delayForRequest, 'd');
// Si l'option pour avertir le valideur en cas de délai trop court
if($cp->getConfCP('AlertValidatorDelay'))
if($object->getConfCP('AlertValidatorDelay'))
{
if($cp->date_debut < $nextMonth)
if($object->date_debut < $nextMonth)
{
$message.= "\n";
$message.= $langs->transnoentities("HolidaysToValidateDelay",$cp->getConfCP('delayForRequest'))."\n";
$message.= $langs->transnoentities("HolidaysToValidateDelay",$object->getConfCP('delayForRequest'))."\n";
}
}
// Si l'option pour avertir le valideur en cas de solde inférieur à la demande
if ($cp->getConfCP('AlertValidatorSolde'))
if ($object->getConfCP('AlertValidatorSolde'))
{
$nbopenedday=num_open_day($cp->date_debut_gmt,$cp->date_fin_gmt,0,1,$cp->halfday);
if ($nbopenedday > $cp->getCPforUser($cp->fk_user, $cp->fk_type))
$nbopenedday=num_open_day($object->date_debut_gmt,$object->date_fin_gmt,0,1,$object->halfday);
if ($nbopenedday > $object->getCPforUser($object->fk_user, $object->fk_type))
{
$message.= "\n";
$message.= $langs->transnoentities("HolidaysToValidateAlertSolde")."\n";
@ -375,8 +375,8 @@ if ($action == 'confirm_send')
$message.= "\n";
$message.= "- ".$langs->transnoentitiesnoconv("Name")." : ".dolGetFirstLastname($expediteur->firstname, $expediteur->lastname)."\n";
$message.= "- ".$langs->transnoentitiesnoconv("Period")." : ".dol_print_date($cp->date_debut,'day')." ".$langs->transnoentitiesnoconv("To")." ".dol_print_date($cp->date_fin,'day')."\n";
$message.= "- ".$langs->transnoentitiesnoconv("Link")." : ".$dolibarr_main_url_root."/holiday/card.php?id=".$cp->id."\n\n";
$message.= "- ".$langs->transnoentitiesnoconv("Period")." : ".dol_print_date($object->date_debut,'day')." ".$langs->transnoentitiesnoconv("To")." ".dol_print_date($object->date_fin,'day')."\n";
$message.= "- ".$langs->transnoentitiesnoconv("Link")." : ".$dolibarr_main_url_root."/holiday/card.php?id=".$object->id."\n\n";
$message.= "\n";
$mail = new CMailFile($subject,$emailTo,$emailFrom,$message);
@ -386,16 +386,16 @@ if ($action == 'confirm_send')
if (!$result)
{
header('Location: '.$_SERVER["PHP_SELF"].'?id='.$cp->id.'&error=mail&error_content='.$mail->error);
header('Location: '.$_SERVER["PHP_SELF"].'?id='.$object->id.'&error=mail&error_content='.$mail->error);
exit;
}
header('Location: '.$_SERVER["PHP_SELF"].'?id='.$cp->id);
header('Location: '.$_SERVER["PHP_SELF"].'?id='.$object->id);
exit;
}
else
{
// Sinon on affiche le formulaire de demande avec le message d'erreur SQL
header('Location: '.$_SERVER["PHP_SELF"].'?id='.$cp->id.'&error=SQL_Create&msg='.$cp->error);
header('Location: '.$_SERVER["PHP_SELF"].'?id='.$object->id.'&error=SQL_Create&msg='.$object->error);
exit;
}
}
@ -405,48 +405,48 @@ if ($action == 'confirm_send')
// Si Validation de la demande
if ($action == 'confirm_valid')
{
$cp = new Holiday($db);
$cp->fetch($id);
$object = new Holiday($db);
$object->fetch($id);
// Si statut en attente de validation et valideur = utilisateur
if ($cp->statut == 2 && $user->id == $cp->fk_validator)
if ($object->statut == 2 && $user->id == $object->fk_validator)
{
$cp->date_valid = dol_now();
$cp->fk_user_valid = $user->id;
$cp->statut = 3;
$object->date_valid = dol_now();
$object->fk_user_valid = $user->id;
$object->statut = 3;
$verif = $cp->update($user->id);
$verif = $object->update($user->id);
// Si pas d'erreur SQL on redirige vers la fiche de la demande
if ($verif > 0)
{
// Calculcate number of days consummed
$nbopenedday=num_open_day($cp->date_debut_gmt,$cp->date_fin_gmt,0,1,$cp->halfday);
$nbopenedday=num_open_day($object->date_debut_gmt,$object->date_fin_gmt,0,1,$object->halfday);
$soldeActuel = $cp->getCpforUser($cp->fk_user, $cp->fk_type);
$newSolde = $soldeActuel - ($nbopenedday * $cp->getConfCP('nbHolidayDeducted'));
$soldeActuel = $object->getCpforUser($object->fk_user, $object->fk_type);
$newSolde = $soldeActuel - ($nbopenedday * $object->getConfCP('nbHolidayDeducted'));
// On ajoute la modification dans le LOG
$cp->addLogCP($user->id, $cp->fk_user, $langs->transnoentitiesnoconv("Holidays"), $newSolde, $cp->fk_type);
$object->addLogCP($user->id, $object->fk_user, $langs->transnoentitiesnoconv("Holidays"), $newSolde, $object->fk_type);
// Mise à jour du solde
$cp->updateSoldeCP($cp->fk_user, $newSolde, $cp->fk_type);
$object->updateSoldeCP($object->fk_user, $newSolde, $object->fk_type);
// To
$destinataire = new User($db);
$destinataire->fetch($cp->fk_user);
$destinataire->fetch($object->fk_user);
$emailTo = $destinataire->email;
if (!$emailTo)
{
dol_syslog("User that request leave has no email, so we redirect directly to finished page without sending email");
header('Location: '.$_SERVER["PHP_SELF"].'?id='.$cp->id);
header('Location: '.$_SERVER["PHP_SELF"].'?id='.$object->id);
exit;
}
// From
$expediteur = new User($db);
$expediteur->fetch($cp->fk_validator);
$expediteur->fetch($object->fk_validator);
$emailFrom = $expediteur->email;
// Subject
@ -458,11 +458,11 @@ if ($action == 'confirm_valid')
// Content
$message = $langs->transnoentitiesnoconv("Hello")." ".$destinataire->firstname.",\n";
$message.= "\n";
$message.= $langs->transnoentities("HolidaysValidatedBody", dol_print_date($cp->date_debut,'day'),dol_print_date($cp->date_fin,'day'))."\n";
$message.= $langs->transnoentities("HolidaysValidatedBody", dol_print_date($object->date_debut,'day'),dol_print_date($object->date_fin,'day'))."\n";
$message.= "- ".$langs->transnoentitiesnoconv("ValidatedBy")." : ".dolGetFirstLastname($expediteur->firstname, $expediteur->lastname)."\n";
$message.= "- ".$langs->transnoentitiesnoconv("Link")." : ".$dolibarr_main_url_root."/holiday/card.php?id=".$cp->id."\n\n";
$message.= "- ".$langs->transnoentitiesnoconv("Link")." : ".$dolibarr_main_url_root."/holiday/card.php?id=".$object->id."\n\n";
$message.= "\n";
$mail = new CMailFile($subject,$emailTo,$emailFrom,$message);
@ -471,15 +471,15 @@ if ($action == 'confirm_valid')
$result=$mail->sendfile();
if(!$result) {
header('Location: '.$_SERVER["PHP_SELF"].'?id='.$cp->id.'&error=mail&error_content='.$mail->error);
header('Location: '.$_SERVER["PHP_SELF"].'?id='.$object->id.'&error=mail&error_content='.$mail->error);
exit;
}
header('Location: '.$_SERVER["PHP_SELF"].'?id='.$cp->id);
header('Location: '.$_SERVER["PHP_SELF"].'?id='.$object->id);
exit;
} else {
// Sinon on affiche le formulaire de demande avec le message d'erreur SQL
header('Location: '.$_SERVER["PHP_SELF"].'?id='.$cp->id.'&error=SQL_Create&msg='.$cp->error);
header('Location: '.$_SERVER["PHP_SELF"].'?id='.$object->id.'&error=SQL_Create&msg='.$object->error);
exit;
}
@ -491,36 +491,36 @@ if ($action == 'confirm_refuse')
{
if (! empty($_POST['detail_refuse']))
{
$cp = new Holiday($db);
$cp->fetch($id);
$object = new Holiday($db);
$object->fetch($id);
// Si statut en attente de validation et valideur = utilisateur
if ($cp->statut == 2 && $user->id == $cp->fk_validator)
if ($object->statut == 2 && $user->id == $object->fk_validator)
{
$cp->date_refuse = date('Y-m-d H:i:s', time());
$cp->fk_user_refuse = $user->id;
$cp->statut = 5;
$cp->detail_refuse = $_POST['detail_refuse'];
$object->date_refuse = date('Y-m-d H:i:s', time());
$object->fk_user_refuse = $user->id;
$object->statut = 5;
$object->detail_refuse = $_POST['detail_refuse'];
$verif = $cp->update($user->id);
$verif = $object->update($user->id);
// Si pas d'erreur SQL on redirige vers la fiche de la demande
if ($verif > 0)
{
// To
$destinataire = new User($db);
$destinataire->fetch($cp->fk_user);
$destinataire->fetch($object->fk_user);
$emailTo = $destinataire->email;
if (!$emailTo)
{
header('Location: '.$_SERVER["PHP_SELF"].'?id='.$cp->id);
header('Location: '.$_SERVER["PHP_SELF"].'?id='.$object->id);
exit;
}
// From
$expediteur = new User($db);
$expediteur->fetch($cp->fk_validator);
$expediteur->fetch($object->fk_validator);
$emailFrom = $expediteur->email;
// Subject
@ -532,12 +532,12 @@ if ($action == 'confirm_refuse')
// Content
$message = $langs->transnoentitiesnoconv("Hello")." ".$destinataire->firstname.",\n";
$message.= "\n";
$message.= $langs->transnoentities("HolidaysRefusedBody", dol_print_date($cp->date_debut,'day'), dol_print_date($cp->date_fin,'day'))."\n";
$message.= $langs->transnoentities("HolidaysRefusedBody", dol_print_date($object->date_debut,'day'), dol_print_date($object->date_fin,'day'))."\n";
$message.= GETPOST('detail_refuse','alpha')."\n\n";
$message.= "- ".$langs->transnoentitiesnoconv("ModifiedBy")." : ".dolGetFirstLastname($expediteur->firstname, $expediteur->lastname)."\n";
$message.= "- ".$langs->transnoentitiesnoconv("Link")." : ".$dolibarr_main_url_root."/holiday/card.php?id=".$cp->id."\n\n";
$message.= "- ".$langs->transnoentitiesnoconv("Link")." : ".$dolibarr_main_url_root."/holiday/card.php?id=".$object->id."\n\n";
$message.= "\n";
$mail = new CMailFile($subject,$emailTo,$emailFrom,$message);
@ -546,22 +546,22 @@ if ($action == 'confirm_refuse')
$result=$mail->sendfile();
if(!$result) {
header('Location: '.$_SERVER["PHP_SELF"].'?id='.$cp->id.'&error=mail&error_content='.$mail->error);
header('Location: '.$_SERVER["PHP_SELF"].'?id='.$object->id.'&error=mail&error_content='.$mail->error);
exit;
}
header('Location: '.$_SERVER["PHP_SELF"].'?id='.$cp->id);
header('Location: '.$_SERVER["PHP_SELF"].'?id='.$object->id);
exit;
} else {
// Sinon on affiche le formulaire de demande avec le message d'erreur SQL
header('Location: '.$_SERVER["PHP_SELF"].'?id='.$cp->id.'&error=SQL_Create&msg='.$cp->error);
header('Location: '.$_SERVER["PHP_SELF"].'?id='.$object->id.'&error=SQL_Create&msg='.$object->error);
exit;
}
}
} else {
header('Location: '.$_SERVER["PHP_SELF"].'?id='.$cp->id.'&error=NoMotifRefuse');
header('Location: '.$_SERVER["PHP_SELF"].'?id='.$object->id.'&error=NoMotifRefuse');
exit;
}
}
@ -569,34 +569,34 @@ if ($action == 'confirm_refuse')
// Si Validation de la demande
if ($action == 'confirm_cancel' && GETPOST('confirm') == 'yes')
{
$cp = new Holiday($db);
$cp->fetch($id);
$object = new Holiday($db);
$object->fetch($id);
// Si statut en attente de validation et valideur = utilisateur
if (($cp->statut == 2 || $cp->statut == 3) && ($user->id == $cp->fk_validator || $user->id == $cp->fk_user))
if (($object->statut == 2 || $object->statut == 3) && ($user->id == $object->fk_validator || $user->id == $object->fk_user))
{
$db->begin();
$oldstatus = $cp->statut;
$cp->date_cancel = dol_now();
$cp->fk_user_cancel = $user->id;
$cp->statut = 4;
$oldstatus = $object->statut;
$object->date_cancel = dol_now();
$object->fk_user_cancel = $user->id;
$object->statut = 4;
$result = $cp->update($user->id);
$result = $object->update($user->id);
if ($result >= 0 && $oldstatus == 3) // holiday was already validated, status 3, so we must increase back sold
{
// Calculcate number of days consummed
$nbopenedday=num_open_day($cp->date_debut_gmt,$cp->date_fin_gmt,0,1,$cp->halfday);
$nbopenedday=num_open_day($object->date_debut_gmt,$object->date_fin_gmt,0,1,$object->halfday);
$soldeActuel = $cp->getCpforUser($cp->fk_user, $cp->fk_type);
$newSolde = $soldeActuel + ($nbopenedday * $cp->getConfCP('nbHolidayDeducted'));
$soldeActuel = $object->getCpforUser($object->fk_user, $object->fk_type);
$newSolde = $soldeActuel + ($nbopenedday * $object->getConfCP('nbHolidayDeducted'));
// On ajoute la modification dans le LOG
$result1=$cp->addLogCP($user->id, $cp->fk_user, $langs->transnoentitiesnoconv("HolidaysCancelation"), $newSolde, $cp->fk_type);
$result1=$object->addLogCP($user->id, $object->fk_user, $langs->transnoentitiesnoconv("HolidaysCancelation"), $newSolde, $object->fk_type);
// Mise à jour du solde
$result2=$cp->updateSoldeCP($cp->fk_user, $newSolde, $cp->fk_type);
$result2=$object->updateSoldeCP($object->fk_user, $newSolde, $object->fk_type);
if ($result1 < 0 || $result2 < 0)
{
@ -618,18 +618,18 @@ if ($action == 'confirm_cancel' && GETPOST('confirm') == 'yes')
{
// To
$destinataire = new User($db);
$destinataire->fetch($cp->fk_user);
$destinataire->fetch($object->fk_user);
$emailTo = $destinataire->email;
if (!$emailTo)
{
header('Location: '.$_SERVER["PHP_SELF"].'?id='.$cp->id);
header('Location: '.$_SERVER["PHP_SELF"].'?id='.$object->id);
exit;
}
// From
$expediteur = new User($db);
$expediteur->fetch($cp->fk_user_cancel);
$expediteur->fetch($object->fk_user_cancel);
$emailFrom = $expediteur->email;
// Subject
@ -642,10 +642,10 @@ if ($action == 'confirm_cancel' && GETPOST('confirm') == 'yes')
$message = $langs->transnoentitiesnoconv("Hello")." ".$destinataire->firstname.",\n";
$message.= "\n";
$message.= $langs->transnoentities("HolidaysCanceledBody", dol_print_date($cp->date_debut,'day'), dol_print_date($cp->date_fin,'day'))."\n";
$message.= $langs->transnoentities("HolidaysCanceledBody", dol_print_date($object->date_debut,'day'), dol_print_date($object->date_fin,'day'))."\n";
$message.= "- ".$langs->transnoentitiesnoconv("ModifiedBy")." : ".dolGetFirstLastname($expediteur->firstname, $expediteur->lastname)."\n";
$message.= "- ".$langs->transnoentitiesnoconv("Link")." : ".$dolibarr_main_url_root."/holiday/card.php?id=".$cp->id."\n\n";
$message.= "- ".$langs->transnoentitiesnoconv("Link")." : ".$dolibarr_main_url_root."/holiday/card.php?id=".$object->id."\n\n";
$message.= "\n";
$mail = new CMailFile($subject,$emailTo,$emailFrom,$message);
@ -655,17 +655,17 @@ if ($action == 'confirm_cancel' && GETPOST('confirm') == 'yes')
if(!$result)
{
header('Location: '.$_SERVER["PHP_SELF"].'?id='.$cp->id.'&error=mail&error_content='.$mail->error);
header('Location: '.$_SERVER["PHP_SELF"].'?id='.$object->id.'&error=mail&error_content='.$mail->error);
exit;
}
header('Location: '.$_SERVER["PHP_SELF"].'?id='.$cp->id);
header('Location: '.$_SERVER["PHP_SELF"].'?id='.$object->id);
exit;
}
else
{
// Sinon on affiche le formulaire de demande avec le message d'erreur SQL
header('Location: '.$_SERVER["PHP_SELF"].'?id='.$cp->id.'&error=SQL_Create&msg='.$cp->error);
header('Location: '.$_SERVER["PHP_SELF"].'?id='.$object->id.'&error=SQL_Create&msg='.$object->error);
exit;
}
@ -680,7 +680,7 @@ if ($action == 'confirm_cancel' && GETPOST('confirm') == 'yes')
*/
$form = new Form($db);
$cp = new Holiday($db);
$object = new Holiday($db);
$listhalfday=array('morning'=>$langs->trans("Morning"),"afternoon"=>$langs->trans("Afternoon"));
@ -732,7 +732,7 @@ if (empty($id) || $action == 'add' || $action == 'request' || $action == 'create
}
$delayForRequest = $cp->getConfCP('delayForRequest');
$delayForRequest = $object->getConfCP('delayForRequest');
//$delayForRequest = $delayForRequest * (60*60*24);
$nextMonth = dol_time_plus_duree($now, $delayForRequest, 'd');
@ -774,10 +774,10 @@ if (empty($id) || $action == 'add' || $action == 'request' || $action == 'create
dol_fiche_head();
$out='';
$typeleaves=$cp->getTypes(1,1);
$typeleaves=$object->getTypes(1,1);
foreach($typeleaves as $key => $val)
{
$nb_type = $cp->getCPforUser($user->id, $val['rowid']);
$nb_type = $object->getCPforUser($user->id, $val['rowid']);
$nb_holiday += $nb_type;
$out .= ' - '.$val['label'].': <strong>'.($nb_type?price2num($nb_type):0).'</strong><br>';
}
@ -789,7 +789,7 @@ if (empty($id) || $action == 'add' || $action == 'request' || $action == 'create
dol_fiche_head();
//print '<span>'.$langs->trans('DelayToRequestCP',$cp->getConfCP('delayForRequest')).'</span><br /><br />';
//print '<span>'.$langs->trans('DelayToRequestCP',$object->getConfCP('delayForRequest')).'</span><br /><br />';
print '<table class="border" width="100%">';
print '<tbody>';
@ -811,7 +811,7 @@ if (empty($id) || $action == 'add' || $action == 'request' || $action == 'create
print '<tr>';
print '<td class="fieldrequired">'.$langs->trans("Type").'</td>';
print '<td>';
$typeleaves=$cp->getTypes(1,-1);
$typeleaves=$object->getTypes(1,-1);
$arraytypeleaves=array();
foreach($typeleaves as $key => $val)
{
@ -900,15 +900,15 @@ else
// Affichage de la fiche d'une demande de congés payés
if ($id > 0)
{
$cp->fetch($id);
$object->fetch($id);
$canedit=(($user->id == $cp->fk_user && $user->rights->holiday->write) || ($user->id != $cp->fk_user && $user->rights->holiday->write_all));
$canedit=(($user->id == $object->fk_user && $user->rights->holiday->write) || ($user->id != $object->fk_user && $user->rights->holiday->write_all));
$valideur = new User($db);
$valideur->fetch($cp->fk_validator);
$valideur->fetch($object->fk_validator);
$userRequest = new User($db);
$userRequest->fetch($cp->fk_user);
$userRequest->fetch($object->fk_user);
//print load_fiche_titre($langs->trans('TitreRequestCP'));
@ -956,61 +956,62 @@ else
{
if ($user->rights->holiday->delete)
{
print $form->formconfirm($_SERVER["PHP_SELF"]."?id=".$cp->id,$langs->trans("TitleDeleteCP"),$langs->trans("ConfirmDeleteCP"),"confirm_delete", '', 0, 1);
print $form->formconfirm($_SERVER["PHP_SELF"]."?id=".$object->id,$langs->trans("TitleDeleteCP"),$langs->trans("ConfirmDeleteCP"),"confirm_delete", '', 0, 1);
}
}
// Si envoi en validation
if ($action == 'sendToValidate' && $cp->statut == 1)
if ($action == 'sendToValidate' && $object->statut == 1)
{
print $form->formconfirm($_SERVER["PHP_SELF"]."?id=".$cp->id,$langs->trans("TitleToValidCP"),$langs->trans("ConfirmToValidCP"),"confirm_send", '', 1, 1);
print $form->formconfirm($_SERVER["PHP_SELF"]."?id=".$object->id,$langs->trans("TitleToValidCP"),$langs->trans("ConfirmToValidCP"),"confirm_send", '', 1, 1);
}
// Si validation de la demande
if ($action == 'valid')
{
print $form->formconfirm($_SERVER["PHP_SELF"]."?id=".$cp->id,$langs->trans("TitleValidCP"),$langs->trans("ConfirmValidCP"),"confirm_valid", '', 1, 1);
print $form->formconfirm($_SERVER["PHP_SELF"]."?id=".$object->id,$langs->trans("TitleValidCP"),$langs->trans("ConfirmValidCP"),"confirm_valid", '', 1, 1);
}
// Si refus de la demande
if ($action == 'refuse')
{
$array_input = array(array('type'=>"text",'label'=> $langs->trans('DetailRefusCP'),'name'=>"detail_refuse",'size'=>"50",'value'=>""));
print $form->formconfirm($_SERVER["PHP_SELF"]."?id=".$cp->id."&action=confirm_refuse", $langs->trans("TitleRefuseCP"), $langs->trans('ConfirmRefuseCP'), "confirm_refuse", $array_input, 1, 0);
print $form->formconfirm($_SERVER["PHP_SELF"]."?id=".$object->id."&action=confirm_refuse", $langs->trans("TitleRefuseCP"), $langs->trans('ConfirmRefuseCP'), "confirm_refuse", $array_input, 1, 0);
}
// Si annulation de la demande
if ($action == 'cancel')
{
print $form->formconfirm($_SERVER["PHP_SELF"]."?id=".$cp->id,$langs->trans("TitleCancelCP"),$langs->trans("ConfirmCancelCP"),"confirm_cancel", '', 1, 1);
print $form->formconfirm($_SERVER["PHP_SELF"]."?id=".$object->id,$langs->trans("TitleCancelCP"),$langs->trans("ConfirmCancelCP"),"confirm_cancel", '', 1, 1);
}
$head=holiday_prepare_head($cp);
$head=holiday_prepare_head($object);
if ($action == 'edit' && $cp->statut == 1)
if ($action == 'edit' && $object->statut == 1)
{
$edit = true;
print '<form method="post" action="'.$_SERVER['PHP_SELF'].'?id='.$cp->id.'">'."\n";
print '<form method="post" action="'.$_SERVER['PHP_SELF'].'?id='.$object->id.'">'."\n";
print '<input type="hidden" name="action" value="update"/>'."\n";
print '<input type="hidden" name="id" value="'.$cp->id.'" />'."\n";
print '<input type="hidden" name="id" value="'.$object->id.'" />'."\n";
}
dol_fiche_head($head,'card',$langs->trans("CPTitreMenu"),0,'holiday');
print '<table class="border" width="100%">';
$linkback='<a href="'.DOL_URL_ROOT.'/holiday/list.php">'.$langs->trans("BackToList").'</a>';
dol_banner_tab($object, 'id', $linkback, 1, 'rowid', 'ref');
print '<div class="fichecenter">';
print '<div class="fichehalfleft">';
print '<div class="underbanner clearboth"></div>';
print '<table class="border centpercent">';
print '<tbody>';
$linkback='<a href="'.DOL_URL_ROOT.'/holiday/list.php">'.$langs->trans("BackToList").'</a>';
print '<tr>';
print '<td class="titlefield">'.$langs->trans("Ref").'</td>';
print '<td>';
print $form->showrefnav($cp, 'id', $linkback, 1, 'rowid', 'ref');
print '</td>';
print '</tr>';
print '<td>'.$langs->trans("User").'</td>';
print '<td class="titlefield">'.$langs->trans("User").'</td>';
print '<td>';
print $userRequest->getNomUrl(-1, 'leave');
print '</td></tr>';
@ -1019,19 +1020,19 @@ else
print '<tr>';
print '<td>'.$langs->trans("Type").'</td>';
print '<td>';
$typeleaves=$cp->getTypes(1,-1);
print $typeleaves[$cp->fk_type]['label'];
$typeleaves=$object->getTypes(1,-1);
print empty($typeleaves[$object->fk_type]['label']) ? $langs->trans("TypeWasDisabledOrRemoved",$object->fk_type) : $typeleaves[$object->fk_type]['label'];
print '</td>';
print '</tr>';
$starthalfday=($cp->halfday == -1 || $cp->halfday == 2)?'afternoon':'morning';
$endhalfday=($cp->halfday == 1 || $cp->halfday == 2)?'morning':'afternoon';
$starthalfday=($object->halfday == -1 || $object->halfday == 2)?'afternoon':'morning';
$endhalfday=($object->halfday == 1 || $object->halfday == 2)?'morning':'afternoon';
if(!$edit)
{
print '<tr>';
print '<td>'.$langs->trans('DateDebCP').' ('.$langs->trans("FirstDayOfHoliday").')</td>';
print '<td>'.dol_print_date($cp->date_debut,'day');
print '<td>'.dol_print_date($object->date_debut,'day');
print ' &nbsp; &nbsp; ';
print $langs->trans($listhalfday[$starthalfday]);
print '</td>';
@ -1042,7 +1043,7 @@ else
print '<tr>';
print '<td>'.$langs->trans('DateDebCP').' ('.$langs->trans("FirstDayOfHoliday").')</td>';
print '<td>';
$form->select_date($cp->date_debut,'date_debut_');
$form->select_date($object->date_debut,'date_debut_');
print ' &nbsp; &nbsp; ';
print $form->selectarray('starthalfday', $listhalfday, (GETPOST('starthalfday')?GETPOST('starthalfday'):$starthalfday));
print '</td>';
@ -1053,7 +1054,7 @@ else
{
print '<tr>';
print '<td>'.$langs->trans('DateFinCP').' ('.$langs->trans("LastDayOfHoliday").')</td>';
print '<td>'.dol_print_date($cp->date_fin,'day');
print '<td>'.dol_print_date($object->date_fin,'day');
print ' &nbsp; &nbsp; ';
print $langs->trans($listhalfday[$endhalfday]);
print '</td>';
@ -1064,7 +1065,7 @@ else
print '<tr>';
print '<td>'.$langs->trans('DateFinCP').' ('.$langs->trans("LastDayOfHoliday").')</td>';
print '<td>';
$form->select_date($cp->date_fin,'date_fin_');
$form->select_date($object->date_fin,'date_fin_');
print ' &nbsp; &nbsp; ';
print $form->selectarray('endhalfday', $listhalfday, (GETPOST('endhalfday')?GETPOST('endhalfday'):$endhalfday));
print '</td>';
@ -1072,19 +1073,14 @@ else
}
print '<tr>';
print '<td>'.$langs->trans('NbUseDaysCP').'</td>';
print '<td>'.num_open_day($cp->date_debut_gmt, $cp->date_fin_gmt, 0, 1, $cp->halfday).'</td>';
print '<td>'.num_open_day($object->date_debut_gmt, $object->date_fin_gmt, 0, 1, $object->halfday).'</td>';
print '</tr>';
// Status
print '<tr>';
print '<td>'.$langs->trans('StatutCP').'</td>';
print '<td>'.$cp->getLibStatut(2).'</td>';
print '</tr>';
if ($cp->statut == 5)
if ($object->statut == 5)
{
print '<tr>';
print '<td>'.$langs->trans('DetailRefusCP').'</td>';
print '<td>'.$cp->detail_refuse.'</td>';
print '<td>'.$object->detail_refuse.'</td>';
print '</tr>';
}
@ -1093,84 +1089,92 @@ else
{
print '<tr>';
print '<td>'.$langs->trans('DescCP').'</td>';
print '<td>'.nl2br($cp->description).'</td>';
print '<td>'.nl2br($object->description).'</td>';
print '</tr>';
}
else
{
print '<tr>';
print '<td>'.$langs->trans('DescCP').'</td>';
print '<td><textarea name="description" class="flat" rows="'.ROWS_3.'" cols="70">'.$cp->description.'</textarea></td>';
print '<td><textarea name="description" class="flat" rows="'.ROWS_3.'" cols="70">'.$object->description.'</textarea></td>';
print '</tr>';
}
print '</tbody>';
print '</table>'."\n";
print '<br><br>';
print '</div>';
print '<div class="fichehalfright">';
print '<div class="ficheaddleft">';
print '<div class="underbanner clearboth"></div>';
// Info workflow
print '<table class="border" width="50%">'."\n";
print '<table class="border centpercent">'."\n";
print '<tbody>';
print '<tr class="liste_titre">';
print '<td colspan="2">'.$langs->trans("InfosWorkflowCP").'</td>';
print '</tr>';
if (! empty($cp->fk_user_create))
if (! empty($object->fk_user_create))
{
$userCreate=new User($db);
$userCreate->fetch($cp->fk_user_create);
$userCreate->fetch($object->fk_user_create);
print '<tr>';
print '<td>'.$langs->trans('RequestByCP').'</td>';
print '<td class="titlefield">'.$langs->trans('RequestByCP').'</td>';
print '<td>'.$userCreate->getNomUrl(-1).'</td>';
print '</tr>';
}
if (!$edit) {
print '<tr>';
print '<td width="50%">'.$langs->trans('ReviewedByCP').'</td>';
print '<td class="titlefield">'.$langs->trans('ReviewedByCP').'</td>';
print '<td>'.$valideur->getNomUrl(-1).'</td>';
print '</tr>';
} else {
print '<tr>';
print '<td width="50%">'.$langs->trans('ReviewedByCP').'</td>';
print '<td class="titlefield">'.$langs->trans('ReviewedByCP').'</td>';
print '<td>';
print $form->select_dolusers($cp->fk_user, "valideur", 1, ($user->admin ? '' : array($user->id))); // By default, hierarchical parent
print $form->select_dolusers($object->fk_user, "valideur", 1, ($user->admin ? '' : array($user->id))); // By default, hierarchical parent
print '</td>';
print '</tr>';
}
print '<tr>';
print '<td>'.$langs->trans('DateCreateCP').'</td>';
print '<td>'.dol_print_date($cp->date_create,'dayhour').'</td>';
print '<td>'.dol_print_date($object->date_create,'dayhour').'</td>';
print '</tr>';
if ($cp->statut == 3) {
if ($object->statut == 3) {
print '<tr>';
print '<td>'.$langs->trans('DateValidCP').'</td>';
print '<td>'.dol_print_date($cp->date_valid,'dayhour').'</td>';
print '<td>'.dol_print_date($object->date_valid,'dayhour').'</td>';
print '</tr>';
}
if ($cp->statut == 4) {
if ($object->statut == 4) {
print '<tr>';
print '<td>'.$langs->trans('DateCancelCP').'</td>';
print '<td>'.dol_print_date($cp->date_cancel,'dayhour').'</td>';
print '<td>'.dol_print_date($object->date_cancel,'dayhour').'</td>';
print '</tr>';
}
if ($cp->statut == 5) {
if ($object->statut == 5) {
print '<tr>';
print '<td>'.$langs->trans('DateRefusCP').'</td>';
print '<td>'.dol_print_date($cp->date_refuse,'dayhour').'</td>';
print '<td>'.dol_print_date($object->date_refuse,'dayhour').'</td>';
print '</tr>';
}
print '</tbody>';
print '</table>';
print '</div>';
print '</div>';
print '</div>';
print '<div class="clearboth"></div>';
dol_fiche_end();
if ($action == 'edit' && $cp->statut == 1)
if ($action == 'edit' && $object->statut == 1)
{
print '<div align="center">';
if ($canedit && $cp->statut == 1)
if ($canedit && $object->statut == 1)
{
print '<input type="submit" value="'.$langs->trans("Save").'" class="button">';
}
@ -1185,28 +1189,28 @@ else
print '<div class="tabsAction">';
// Boutons d'actions
if ($canedit && $cp->statut == 1)
if ($canedit && $object->statut == 1)
{
print '<a href="'.$_SERVER["PHP_SELF"].'?id='.$cp->id.'&action=edit" class="butAction">'.$langs->trans("EditCP").'</a>';
print '<a href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&action=edit" class="butAction">'.$langs->trans("EditCP").'</a>';
}
if ($canedit && $cp->statut == 1)
if ($canedit && $object->statut == 1)
{
print '<a href="'.$_SERVER["PHP_SELF"].'?id='.$cp->id.'&action=sendToValidate" class="butAction">'.$langs->trans("Validate").'</a>';
print '<a href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&action=sendToValidate" class="butAction">'.$langs->trans("Validate").'</a>';
}
if ($user->rights->holiday->delete && $cp->statut == 1) // If draft
if ($user->rights->holiday->delete && $object->statut == 1) // If draft
{
print '<a href="'.$_SERVER["PHP_SELF"].'?id='.$cp->id.'&action=delete" class="butActionDelete">'.$langs->trans("DeleteCP").'</a>';
print '<a href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&action=delete" class="butActionDelete">'.$langs->trans("DeleteCP").'</a>';
}
if ($user->id == $cp->fk_validator && $cp->statut == 2)
if ($user->id == $object->fk_validator && $object->statut == 2)
{
print '<a href="'.$_SERVER["PHP_SELF"].'?id='.$cp->id.'&action=valid" class="butAction">'.$langs->trans("Approve").'</a>';
print '<a href="'.$_SERVER["PHP_SELF"].'?id='.$cp->id.'&action=refuse" class="butAction">'.$langs->trans("ActionRefuseCP").'</a>';
print '<a href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&action=valid" class="butAction">'.$langs->trans("Approve").'</a>';
print '<a href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&action=refuse" class="butAction">'.$langs->trans("ActionRefuseCP").'</a>';
}
if (($user->id == $cp->fk_validator || $user->id == $cp->fk_user) && ($cp->statut == 2 || $cp->statut == 3)) // Status validated or approved
if (($user->id == $object->fk_validator || $user->id == $object->fk_user) && ($object->statut == 2 || $object->statut == 3)) // Status validated or approved
{
if (($cp->date_debut > dol_now()) || $user->admin) print '<a href="'.$_SERVER["PHP_SELF"].'?id='.$cp->id.'&action=cancel" class="butAction">'.$langs->trans("ActionCancelCP").'</a>';
if (($object->date_debut > dol_now()) || $user->admin) print '<a href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&action=cancel" class="butAction">'.$langs->trans("ActionCancelCP").'</a>';
else print '<a href="#" class="butActionRefused" title="'.$langs->trans("HolidayStarted").'">'.$langs->trans("ActionCancelCP").'</a>';
}

15
htdocs/holiday/class/holiday.class.php
View File

@ -36,7 +36,8 @@ class Holiday extends CommonObject
public $table_element='holiday';
protected $isnolinkedbythird = 1; // No field fk_soc
protected $ismultientitymanaged = 0; // 0=No test on entity, 1=Test with field entity, 2=Test with link by societe
public $picto = 'holiday';
/**
* @deprecated
* @see id
@ -785,7 +786,17 @@ class Holiday extends CommonObject
if ($statut == 4) return $langs->trans('CancelCP').' '.img_picto($langs->trans('CancelCP'),'statut5');
if ($statut == 5) return $langs->trans('RefuseCP').' '.img_picto($langs->trans('RefuseCP'),'statut5');
}
if ($mode == 6)
{
$pictoapproved='statut6';
if (! empty($startdate) && $startdate > dol_now()) $pictoapproved='statut4';
if ($statut == 1) return $langs->trans('DraftCP').' '.img_picto($langs->trans('DraftCP'),'statut0'); // Draft
if ($statut == 2) return $langs->trans('ToReviewCP').' '.img_picto($langs->trans('ToReviewCP'),'statut1'); // Waiting approval
if ($statut == 3) return $langs->trans('ApprovedCP').' '.img_picto($langs->trans('ApprovedCP'),$pictoapproved);
if ($statut == 4) return $langs->trans('CancelCP').' '.img_picto($langs->trans('CancelCP'),'statut5');
if ($statut == 5) return $langs->trans('RefuseCP').' '.img_picto($langs->trans('RefuseCP'),'statut5');
}
return $statut;
}

180
htdocs/holiday/document.php
View File

@ -108,28 +108,29 @@ if ($object->id)
}
print '<table class="border centpercent">';
$linkback='<a href="'.DOL_URL_ROOT.'/holiday/list.php">'.$langs->trans("BackToList").'</a>';
$linkback='<a href="'.DOL_URL_ROOT.'/holiday/list.php">'.$langs->trans("BackToList").'</a>';
dol_banner_tab($object, 'id', $linkback, 1, 'rowid', 'ref');
print '<div class="fichecenter">';
//print '<div class="fichehalfleft">';
print '<div class="underbanner clearboth"></div>';
print '<table class="border centpercent">';
print '<tr>';
print '<td class="titlefield">'.$langs->trans("Ref").'</td>';
print '<td>';
print $form->showrefnav($object, 'id', $linkback, 1, 'rowid', 'ref');
print '</td>';
print '</tr>';
print '<td>'.$langs->trans("User").'</td>';
print '<td>';
print $userRequest->getNomUrl(-1);
print '</td></tr>';
print '<td class="titlefield">'.$langs->trans("User").'</td>';
print '<td>';
print $userRequest->getNomUrl(-1, 'leave');
print '</td></tr>';
// Type
print '<tr>';
print '<td>'.$langs->trans("Type").'</td>';
print '<td>';
$typeleaves=$object->getTypes(1,-1);
print $typeleaves[$object->fk_type]['label'];
print empty($typeleaves[$object->fk_type]['label']) ? $langs->trans("TypeWasDisabledOrRemoved",$object->fk_type) : $typeleaves[$object->fk_type]['label'];
print '</td>';
print '</tr>';
@ -138,57 +139,52 @@ if ($object->id)
if(!$edit)
{
print '<tr>';
print '<td>'.$langs->trans('DateDebCP').' ('.$langs->trans("FirstDayOfHoliday").')</td>';
print '<td>'.dol_print_date($object->date_debut,'day');
print ' &nbsp; &nbsp; ';
print $langs->trans($listhalfday[$starthalfday]);
print '</td>';
print '</tr>';
print '<tr>';
print '<td>'.$langs->trans('DateDebCP').' ('.$langs->trans("FirstDayOfHoliday").')</td>';
print '<td>'.dol_print_date($object->date_debut,'day');
print ' &nbsp; &nbsp; ';
print $langs->trans($listhalfday[$starthalfday]);
print '</td>';
print '</tr>';
}
else
{
print '<tr>';
print '<td>'.$langs->trans('DateDebCP').' ('.$langs->trans("FirstDayOfHoliday").')</td>';
print '<td>';
$form->select_date($object->date_debut,'date_debut_');
print ' &nbsp; &nbsp; ';
print $form->selectarray('starthalfday', $listhalfday, (GETPOST('starthalfday')?GETPOST('starthalfday'):$starthalfday));
print '</td>';
print '</tr>';
print '<tr>';
print '<td>'.$langs->trans('DateDebCP').' ('.$langs->trans("FirstDayOfHoliday").')</td>';
print '<td>';
$form->select_date($object->date_debut,'date_debut_');
print ' &nbsp; &nbsp; ';
print $form->selectarray('starthalfday', $listhalfday, (GETPOST('starthalfday')?GETPOST('starthalfday'):$starthalfday));
print '</td>';
print '</tr>';
}
if (!$edit)
{
print '<tr>';
print '<td>'.$langs->trans('DateFinCP').' ('.$langs->trans("LastDayOfHoliday").')</td>';
print '<td>'.dol_print_date($object->date_fin,'day');
print ' &nbsp; &nbsp; ';
print $langs->trans($listhalfday[$endhalfday]);
print '</td>';
print '</tr>';
print '<tr>';
print '<td>'.$langs->trans('DateFinCP').' ('.$langs->trans("LastDayOfHoliday").')</td>';
print '<td>'.dol_print_date($object->date_fin,'day');
print ' &nbsp; &nbsp; ';
print $langs->trans($listhalfday[$endhalfday]);
print '</td>';
print '</tr>';
}
else
{
print '<tr>';
print '<td>'.$langs->trans('DateFinCP').' ('.$langs->trans("LastDayOfHoliday").')</td>';
print '<td>';
$form->select_date($object->date_fin,'date_fin_');
print ' &nbsp; &nbsp; ';
print $form->selectarray('endhalfday', $listhalfday, (GETPOST('endhalfday')?GETPOST('endhalfday'):$endhalfday));
print '</td>';
print '</tr>';
print '<tr>';
print '<td>'.$langs->trans('DateFinCP').' ('.$langs->trans("LastDayOfHoliday").')</td>';
print '<td>';
$form->select_date($object->date_fin,'date_fin_');
print ' &nbsp; &nbsp; ';
print $form->selectarray('endhalfday', $listhalfday, (GETPOST('endhalfday')?GETPOST('endhalfday'):$endhalfday));
print '</td>';
print '</tr>';
}
print '<tr>';
print '<td>'.$langs->trans('NbUseDaysCP').'</td>';
print '<td>'.num_open_day($object->date_debut_gmt, $object->date_fin_gmt, 0, 1, $object->halfday).'</td>';
print '</tr>';
// Status
print '<tr>';
print '<td>'.$langs->trans('StatutCP').'</td>';
print '<td>'.$object->getLibStatut(2).'</td>';
print '</tr>';
if ($object->statut == 5)
{
print '<tr>';
@ -200,25 +196,93 @@ if ($object->id)
// Description
if (!$edit)
{
print '<tr>';
print '<td>'.$langs->trans('DescCP').'</td>';
print '<td>'.nl2br($object->description).'</td>';
print '</tr>';
print '<tr>';
print '<td>'.$langs->trans('DescCP').'</td>';
print '<td>'.nl2br($object->description).'</td>';
print '</tr>';
}
else
{
print '<tr>';
print '<td>'.$langs->trans('DescCP').'</td>';
print '<td><textarea name="description" class="flat" rows="'.ROWS_3.'" cols="70">'.$object->description.'</textarea></td>';
print '</tr>';
print '<tr>';
print '<td>'.$langs->trans('DescCP').'</td>';
print '<td><textarea name="description" class="flat" rows="'.ROWS_3.'" cols="70">'.$object->description.'</textarea></td>';
print '</tr>';
}
print '<tr><td>'.$langs->trans("NbOfAttachedFiles").'</td><td colspan="3">'.count($filearray).'</td></tr>';
print '<tr><td>'.$langs->trans("TotalSizeOfAttachedFiles").'</td><td colspan="3">'.$totalsize.' '.$langs->trans("bytes").'</td></tr>';
print '</tbody>';
print '</table>'."\n";
/*
print '</div>';
print '<div class="fichehalfright">';
print '<div class="ficheaddleft">';
print '<div class="underbanner clearboth"></div>';
// Info workflow
print '<table class="border centpercent">'."\n";
print '<tbody>';
if (! empty($object->fk_user_create))
{
$userCreate=new User($db);
$userCreate->fetch($object->fk_user_create);
print '<tr>';
print '<td class="titlefield">'.$langs->trans('RequestByCP').'</td>';
print '<td>'.$userCreate->getNomUrl(-1).'</td>';
print '</tr>';
}
if (!$edit) {
print '<tr>';
print '<td class="titlefield">'.$langs->trans('ReviewedByCP').'</td>';
print '<td>'.$valideur->getNomUrl(-1).'</td>';
print '</tr>';
} else {
print '<tr>';
print '<td class="titlefield">'.$langs->trans('ReviewedByCP').'</td>';
print '<td>';
print $form->select_dolusers($object->fk_user, "valideur", 1, ($user->admin ? '' : array($user->id))); // By default, hierarchical parent
print '</td>';
print '</tr>';
}
print '<tr>';
print '<td>'.$langs->trans('DateCreateCP').'</td>';
print '<td>'.dol_print_date($object->date_create,'dayhour').'</td>';
print '</tr>';
if ($object->statut == 3) {
print '<tr>';
print '<td>'.$langs->trans('DateValidCP').'</td>';
print '<td>'.dol_print_date($object->date_valid,'dayhour').'</td>';
print '</tr>';
}
if ($object->statut == 4) {
print '<tr>';
print '<td>'.$langs->trans('DateCancelCP').'</td>';
print '<td>'.dol_print_date($object->date_cancel,'dayhour').'</td>';
print '</tr>';
}
if ($object->statut == 5) {
print '<tr>';
print '<td>'.$langs->trans('DateRefusCP').'</td>';
print '<td>'.dol_print_date($object->date_refuse,'dayhour').'</td>';
print '</tr>';
}
print '</tbody>';
print '</table>';
print '</div>';
print '</div>'; */
print '</div>';
print '<div class="clearboth"></div>';
dol_fiche_end();
$modulepart = 'holiday';
$permission = $user->rights->holiday->write;

3
htdocs/imports/class/import.class.php
View File

@ -38,6 +38,7 @@ class Import
var $array_import_fieldshidden;
var $array_import_entities;
var $array_import_regex;
var $array_import_updatekeys;
var $array_import_examplevalues;
var $array_import_convertvalue;
var $array_import_run_sql_after;
@ -153,6 +154,8 @@ class Import
$this->array_import_entities[$i]=$module->import_entities_array[$r];
// Tableau des alias a exporter (cle=champ, valeur=alias)
$this->array_import_regex[$i]=$module->import_regex_array[$r];
// Array of columns allowed as UPDATE options
$this->array_import_updatekeys[$i]=$module->import_updatekeys_array[$r];
// Array of examples
$this->array_import_examplevalues[$i]=$module->import_examplevalues_array[$r];
// Tableau des regles de conversion d'une valeur depuis une autre source (cle=champ, valeur=tableau des regles)

42
htdocs/imports/import.php
View File

@ -76,7 +76,8 @@ $import_name = GETPOST('import_name');
$hexa = GETPOST('hexa');
$importmodelid = GETPOST('importmodelid');
$excludefirstline = (GETPOST('excludefirstline') ? GETPOST('excludefirstline') : 1);
$endatlinenb = (GETPOST('endatlinenb') ? GETPOST('endatlinenb') : '');
$endatlinenb = (GETPOST('endatlinenb') ? GETPOST('endatlinenb') : '');
$updatekeys = (GETPOST('updatekeys') ? GETPOST('updatekeys') : array());
$separator = (GETPOST('separator') ? GETPOST('separator') : (! empty($conf->global->IMPORT_CSV_SEPARATOR_TO_USE)?$conf->global->IMPORT_CSV_SEPARATOR_TO_USE:','));
$enclosure = (GETPOST('enclosure') ? GETPOST('enclosure') : '"');
@ -1184,8 +1185,9 @@ if ($step == 5 && $datatoimport)
$param='&leftmenu=import&format='.$format.'&datatoimport='.$datatoimport.'&filetoimport='.urlencode($filetoimport).'&nboflines='.$nboflines.'&separator='.urlencode($separator).'&enclosure='.urlencode($enclosure);
$param2 = $param; // $param2 = $param without excludefirstline and endatlinenb
if ($excludefirstline) $param.='&excludefirstline='.$excludefirstline;
if ($endatlinenb) $param.='&endatlinenb='.$endatlinenb;
if ($excludefirstline) $param.='&excludefirstline='.$excludefirstline;
if ($endatlinenb) $param.='&endatlinenb='.$endatlinenb;
if (!empty($updatekeys)) $param.='&updatekeys[]='.implode('&updatekeys[]=', $updatekeys);
llxHeader('',$langs->trans("NewImport"),'EN:Module_Imports_En|FR:Module_Imports|ES:M&oacute;dulo_Importaciones');
@ -1291,6 +1293,24 @@ if ($step == 5 && $datatoimport)
}
print '</td></tr>';
print '<tr><td>';
print $langs->trans("KeysToUseForUpdates");
print '</td><td>';
if($action=='launchsimu') {
print $form->multiselectarray('updatekeysbis', $objimport->array_import_updatekeys[0], $updatekeys, 0, 0, '', 1, '', 'disabled');
foreach($updatekeys as $val) {
print '<input type="hidden" name="updatekeys[]" value="'.$val.'">';
}
print ' &nbsp; <a href="'.$_SERVER["PHP_SELF"].'?step=5'.$param.'">'.$langs->trans("Modify").'</a>';
} else {
print $form->multiselectarray('updatekeys', $objimport->array_import_updatekeys[0], $updatekeys, 0, 0, '', 1, '80%');
print $form->textwithpicto("", $langs->trans("SelectColumnsOfYourFileForUpdateAttempt"));
}
/*echo '<pre>';
print_r($objimport->array_import_updatekeys);
echo '</pre>';*/
print '</td></tr>';
print '</table>';
print '<br>';
@ -1424,7 +1444,7 @@ if ($step == 5 && $datatoimport)
if ($endatlinenb && ($sourcelinenb > $endatlinenb)) continue;
// Run import
$result=$obj->import_insert($arrayrecord,$array_match_file_to_database,$objimport,count($fieldssource),$importid);
$result=$obj->import_insert($arrayrecord,$array_match_file_to_database,$objimport,count($fieldssource),$importid,$updatekeys);
if (count($obj->errors)) $arrayoferrors[$sourcelinenb]=$obj->errors;
if (count($obj->warnings)) $arrayofwarnings[$sourcelinenb]=$obj->warnings;
@ -1460,9 +1480,13 @@ if ($step == 5 && $datatoimport)
$db->rollback(); // We force rollback because this was just a simulation.
// Show OK
if (! count($arrayoferrors) && ! count($arrayofwarnings)) print '<center>'.img_picto($langs->trans("OK"),'tick').' <b>'.$langs->trans("NoError").'</b></center><br><br>';
if (! count($arrayoferrors) && ! count($arrayofwarnings)) {
print '<center>'.img_picto($langs->trans("OK"),'tick').' <b>'.$langs->trans("NoError").'</b></center><br><br>';
print $langs->trans("NbInsert", $obj->nbinsert).'<br>';
print $langs->trans("NbUpdate", $obj->nbupdate).'<br><br>';
}
else print '<b>'.$langs->trans("NbOfLinesOK",$nbok).'</b><br><br>';
// Show Errors
//var_dump($arrayoferrors);
if (count($arrayoferrors))
@ -1778,7 +1802,7 @@ if ($step == 6 && $datatoimport)
if ($endatlinenb && ($sourcelinenb > $endatlinenb)) continue;
// Run import
$result=$obj->import_insert($arrayrecord,$array_match_file_to_database,$objimport,count($fieldssource),$importid);
$result=$obj->import_insert($arrayrecord,$array_match_file_to_database,$objimport,count($fieldssource),$importid,$updatekeys);
if (count($obj->errors)) $arrayoferrors[$sourcelinenb]=$obj->errors;
if (count($obj->warnings)) $arrayofwarnings[$sourcelinenb]=$obj->warnings;
@ -1824,7 +1848,9 @@ if ($step == 6 && $datatoimport)
// Show result
print '<br>';
print '<div class="center">';
print $langs->trans("NbOfLinesImported",$nbok).'</b><br><br>';
print $langs->trans("NbOfLinesImported",$nbok).'</b><br>';
print $langs->trans("NbInsert", $obj->nbinsert).'<br>';
print $langs->trans("NbUpdate", $obj->nbupdate).'<br><br>';
print $langs->trans("FileWasImported",$importid).'<br>';
print $langs->trans("YouCanUseImportIdToFindRecord",$importid).'<br>';
print '</div>';

57
htdocs/install/default.css
View File

@ -1,5 +1,5 @@
/* Copyright (C) 2004 Rodolphe Quiedeville <rodolphe@quiedeville.org>
* Copyright (C) 2009 Laurent Destailleur <eldy@users.sourceforge.net>
/* Copyright (C) 2004 Rodolphe Quiedeville <rodolphe@quiedeville.org>
* Copyright (C) 2009-2016 Laurent Destailleur <eldy@users.sourceforge.net>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -13,9 +13,50 @@
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*
*/
.minwidth100 { min-width: 100px; }
.minwidth200 { min-width: 200px; }
.minwidth300 { min-width: 300px; }
.minwidth400 { min-width: 400px; }
.minwidth500 { min-width: 500px; }
.minwidth50imp { min-width: 50px !important; }
.minwidth100imp { min-width: 100px !important; }
.minwidth200imp { min-width: 200px !important; }
.minwidth300imp { min-width: 300px !important; }
.minwidth400imp { min-width: 400px !important; }
.minwidth500imp { min-width: 500px !important; }
/* Force values for small screen 570 */
@media only screen and (max-width: 570px)
{
input, input[type=text], input[type=password], select, textarea {
min-width: 20px;
min-height: 1.4em;
line-height: 1.4em;
padding: .4em .1em;
border: 1px solid #BBB;
/* max-width: inherit; why this ? */
}
.hideonsmartphone { display: none; }
.noenlargeonsmartphone { width : 50px !important; display: inline !important; }
.maxwidthonsmartphone { max-width: 100px; }
.maxwidth50onsmartphone { max-width: 40px; }
.maxwidth75onsmartphone { max-width: 50px; }
.maxwidth100onsmartphone { max-width: 70px; }
.maxwidth150onsmartphone { max-width: 120px; }
.maxwidth200onsmartphone { max-width: 200px; }
.maxwidth300onsmartphone { max-width: 300px; }
.maxwidth400onsmartphone { max-width: 400px; }
.minwidth50imp { min-width: 50px !important; }
.minwidth100imp { min-width: 50px !important; }
.minwidth200imp { min-width: 50px !important; }
.minwidth300imp { min-width: 50px !important; }
.minwidth400imp { min-width: 50px !important; }
.minwidth500imp { min-width: 50px !important; }
}
body {
font-size:13px;
font-family: Verdana, Arial, Helvetica, Tahoma, sans-serif;
@ -94,6 +135,11 @@ input:focus, textarea:focus, button:focus, select:focus {
}
input[type=text], input[type=password] {
border: 1px solid #ACBCBB;
padding: 4px;
}
select {
padding: 4px;
background-color: #fff;
}
input[type=text]:focus, input[type=password]:focus, textarea:focus, select:focus {
border: 1px solid #ACBCBB;
@ -244,12 +290,11 @@ td.comment {
padding: 5px 5px 5px 5px;
margin: 0 0 0 0;
text-decoration:none;
font-size: 11px;
font-size: 12px;
border-bottom: 1px solid #CCCCDB;
}
table {
font-size: 12px;
font-size: 13px;
}
.install

8
htdocs/install/fileconf.php
View File

@ -127,7 +127,7 @@ if (! empty($force_install_message))
?>
<td class="label" valign="top">
<input type="text"
size="60"
class="minwidth300"
value="<?php print $dolibarr_main_document_root ?>"
name="main_dir"
<?php if (!empty($force_install_noedit)) {
@ -158,7 +158,7 @@ if (! empty($force_install_message))
?>
<td class="label" valign="top">
<input type="text"
size="60"
class="minwidth300"
value="<?php print $dolibarr_main_data_root ?>"
name="main_data_dir"
<?php if (!empty($force_install_noedit)) {
@ -189,7 +189,7 @@ if (! empty($force_install_message))
</td>
<td valign="top" class="label">
<input type="text"
size="60"
class="minwidth300"
name="main_url"
value="<?php print $dolibarr_main_url_root; ?> "
<?php if (!empty($force_install_noedit)) {
@ -337,7 +337,7 @@ if (! empty($force_install_message))
</tr>
<tr class="hidesqlite">
<td valign="top" class="label"><b> <?php echo $langs->trans("Server"); ?>
<td valign="top" class="label"><b> <?php echo $langs->trans("DatabaseServer"); ?>
</b></td>
<td valign="top" class="label">
<input type="text"

2
htdocs/install/inc.php
View File

@ -417,7 +417,7 @@ function pHeader($subtitle,$next,$action='set',$param='',$forcejqueryurl='')
}
print '</span>'."\n";
print '<form name="forminstall" action="'.$next.'.php'.($param?'?'.$param:'').'" method="POST">'."\n";
print '<form name="forminstall" style="width: 100%" action="'.$next.'.php'.($param?'?'.$param:'').'" method="POST">'."\n";
print '<input type="hidden" name="testpost" value="ok">'."\n";
print '<input type="hidden" name="action" value="'.$action.'">'."\n";

2
htdocs/install/mysql/data/llx_c_payment_term.sql
View File

@ -27,7 +27,7 @@
-- de l'install et tous les sigles '--' sont supprimés.
--
insert into llx_c_payment_term(rowid, code, sortorder, active, libelle, libelle_facture, type_cdr, nbjour) values (1,'RECEP', 1,1, 'A réception de facture','Réception de facture',0,1);
insert into llx_c_payment_term(rowid, code, sortorder, active, libelle, libelle_facture, type_cdr, nbjour) values (1,'RECEP', 1,1, 'Due Upon Receipt','Due Upon Receipt',0,1);
insert into llx_c_payment_term(rowid, code, sortorder, active, libelle, libelle_facture, type_cdr, nbjour) values (2,'30D', 2,1, '30 jours','Réglement à 30 jours',0,30);
insert into llx_c_payment_term(rowid, code, sortorder, active, libelle, libelle_facture, type_cdr, nbjour) values (3,'30DENDMONTH', 3,1, '30 jours fin de mois','Réglement à 30 jours fin de mois',1,30);
insert into llx_c_payment_term(rowid, code, sortorder, active, libelle, libelle_facture, type_cdr, nbjour) values (4,'60D', 4,1, '60 jours','Réglement à 60 jours',0,60);

4
htdocs/install/mysql/migration/4.0.0-5.0.0.sql
View File

@ -8,6 +8,7 @@
-- To rename a column: ALTER TABLE llx_table CHANGE COLUMN oldname newname varchar(60);
-- To drop a column: ALTER TABLE llx_table DROP COLUMN oldname;
-- To change type of field: ALTER TABLE llx_table MODIFY COLUMN name varchar(60);
-- To set a DEFAULT value: ALTER TABLE llx_table ALTER COLUMN name SET DEFAULT (0|NULL|...);
-- To drop a foreign key: ALTER TABLE llx_table DROP FOREIGN KEY fk_name;
-- To drop an index: -- VMYSQL4.0 DROP INDEX nomindex on llx_table
-- To drop an index: -- VPGSQL8.0 DROP INDEX nomindex
@ -19,7 +20,6 @@
-- To set a field as NULL: -- VPGSQL8.2 ALTER TABLE llx_table ALTER COLUMN name DROP NOT NULL;
-- To set a field as NOT NULL: -- VMYSQL4.3 ALTER TABLE llx_table MODIFY COLUMN name varchar(60) NOT NULL;
-- To set a field as NOT NULL: -- VPGSQL8.2 ALTER TABLE llx_table ALTER COLUMN name SET NOT NULL;
-- To set a field as default NULL: -- VPGSQL8.2 ALTER TABLE llx_table ALTER COLUMN name SET DEFAULT NULL;
-- Note: fields with type BLOB/TEXT can't have default value.
-- -- VPGSQL8.2 DELETE FROM llx_usergroup_user WHERE fk_user NOT IN (SELECT rowid from llx_user);
-- -- VMYSQL4.1 DELETE FROM llx_usergroup_user WHERE fk_usergroup NOT IN (SELECT rowid from llx_usergroup);
@ -32,6 +32,8 @@ UPDATE llx_const SET name = __ENCRYPT('THIRDPARTY_DEFAULT_CREATE_CONTACT')__ WHE
ALTER TABLE llx_product_lot MODIFY COLUMN entity integer DEFAULT 1;
UPDATE llx_product_lot SET entity = 1 WHERE entity IS NULL;
ALTER TABLE llx_societe ALTER COLUMN fk_stcomm SET DEFAULT 0;
ALTER TABLE llx_c_actioncomm ADD COLUMN picto varchar(48);
ALTER TABLE llx_facturedet ADD INDEX idx_facturedet_fk_code_ventilation (fk_code_ventilation);

4
htdocs/langs/en_US/bills.lang
View File

@ -333,8 +333,8 @@ DateIsNotEnough=Date not reached yet
InvoiceGeneratedFromTemplate=Invoice %s generated from recurring template invoice %s
# PaymentConditions
Statut=Status
PaymentConditionShortRECEP=Immediate
PaymentConditionRECEP=Immediate
PaymentConditionShortRECEP=Due Upon Receipt
PaymentConditionRECEP=Due Upon Receipt
PaymentConditionShort30D=30 days
PaymentCondition30D=30 days
PaymentConditionShort30DENDMONTH=30 days of month-end

5
htdocs/langs/en_US/exports.lang
View File

@ -120,3 +120,8 @@ SelectFilterFields=If you want to filter on some values, just input values here.
FilteredFields=Filtered fields
FilteredFieldsValues=Value for filter
FormatControlRule=Format control rule
## imports updates
KeysToUseForUpdates=Key to use for updating data
NbInsert=Number of inserted lines: %s
NbUpdate=Number of updated lines: %s
MultipleRecordFoundWithTheseFilters=Multiple records have been found with these filters: %s

1
htdocs/langs/en_US/holiday.lang
View File

@ -78,6 +78,7 @@ ManualUpdate=Manual update
HolidaysCancelation=Leave request cancelation
EmployeeLastname=Employee lastname
EmployeeFirstname=Employee firstname
TypeWasDisabledOrRemoved=Leave type (id %s) was disabled or removed
## Configuration du Module ##
LastUpdateCP=Latest automatic update of leaves allocation

5
htdocs/langs/en_US/mails.lang
View File

@ -88,9 +88,10 @@ MailNoChangePossible=Recipients for validated emailing can't be changed
SearchAMailing=Search mailing
SendMailing=Send emailing
SendMail=Send email
MailingNeedCommand=For security reason, sending an emailing is better when performed from command line. If you have one, ask your server administrator to launch the following command to send the emailing to all recipients:
SentBy=Sent by
MailingNeedCommand=For security reason, sending an emailing must be performed from command line. Ask your server administrator to launch the following command to send the emailing to all recipients:
MailingNeedCommand2=You can however send them online by adding parameter MAILING_LIMIT_SENDBYWEB with value of max number of emails you want to send by session. For this, go on Home - Setup - Other.
ConfirmSendingEmailing=If you can't or prefer sending them with your www browser, please confirm you are sure you want to send emailing now from your browser?
ConfirmSendingEmailing=If you want to send emailing directly from this screen, please confirm you are sure you want to send emailing now from your browser ?
LimitSendingEmailing=Note: Sending of emailings from web interface is done in several times for security and timeout reasons, <b>%s</b> recipients at a time for each sending session.
TargetsReset=Clear list
ToClearAllRecipientsClickHere=Click here to clear the recipient list for this emailing

2
htdocs/langs/en_US/members.lang
View File

@ -45,7 +45,7 @@ MemberStatusDraft=Draft (needs to be validated)
MemberStatusDraftShort=Draft
MemberStatusActive=Validated (waiting subscription)
MemberStatusActiveShort=Validated
MemberStatusActiveLate=subscription expired
MemberStatusActiveLate=Subscription expired
MemberStatusActiveLateShort=Expired
MemberStatusPaid=Subscription up to date
MemberStatusPaidShort=Up to date

12
htdocs/langs/en_US/trips.lang
View File

@ -59,31 +59,23 @@ DATE_REFUS=Deny date
DATE_SAVE=Validation date
DATE_CANCEL=Cancelation date
DATE_PAIEMENT=Payment date
BROUILLONNER=Reopen
ValidateAndSubmit=Validate and submit for approval
ValidatedWaitingApproval=Validated (waiting for approval)
NOT_AUTHOR=You are not the author of this expense report. Operation cancelled.
ConfirmRefuseTrip=Are you sure you want to deny this expense report?
ValideTrip=Approve expense report
ConfirmValideTrip=Are you sure you want to approve this expense report?
PaidTrip=Pay an expense report
ConfirmPaidTrip=Are you sure you want to change status of this expense report to "Paid"?
ConfirmCancelTrip=Are you sure you want to cancel this expense report?
BrouillonnerTrip=Move back expense report to status "Draft"
ConfirmBrouillonnerTrip=Are you sure you want to move this expense report to status "Draft"?
SaveTrip=Validate expense report
ConfirmSaveTrip=Are you sure you want to validate this expense report?
NoTripsToExportCSV=No expense report to export for this period.
ExpenseReportPayment=Expense report payment
ExpenseReportsToApprove=Expense reports to approve
ExpenseReportsToPay=Expense reports to pay
CloneExpenseReport=Clone expese report
ConfirmCloneExpenseReport=Are you sure you want to clone this expense report ?

4
htdocs/main.inc.php
View File

@ -89,7 +89,6 @@ function test_sql_and_script_inject($val, $type)
$sql_inj += preg_match('/union.+select/i', $val);
$sql_inj += preg_match('/into\s+(outfile|dumpfile)/i', $val);
$sql_inj += preg_match('/(\.\.%2f)+/i', $val);
$sql_inj += preg_match('/onerror=/i', $val);
}
// For XSS Injection done by adding javascript with script
// This is all cases a browser consider text is javascript:
@ -98,7 +97,8 @@ function test_sql_and_script_inject($val, $type)
$sql_inj += preg_match('/<script/i', $val);
if (! defined('NOSTYLECHECK')) $sql_inj += preg_match('/<style/i', $val);
$sql_inj += preg_match('/base[\s]+href/si', $val);
$sql_inj += preg_match('/<.*onmouse/si', $val); // onmouseover can be set on img or any html tag like <img title='>' onmouseover=alert(1)>
$sql_inj += preg_match('/<.*onmouse/si', $val); // onmousexxx can be set on img or any html tag like <img title='>' onmouseover=alert(1)>
$sql_inj += preg_match('/onerror\s*=/i', $val); // onerror can be set on img or any html tag like <img title='>' onerror = alert(1)>
if ($type == 1)
{
$sql_inj += preg_match('/javascript:/i', $val);

13
htdocs/master.inc.php
View File

@ -61,6 +61,7 @@ if (defined('TEST_DB_FORCE_TYPE')) $conf->db->type=constant('TEST_DB_FORCE_TYPE'
// Set properties specific to conf file
$conf->file->main_limit_users = $dolibarr_main_limit_users;
$conf->file->mailing_limit_sendbyweb = $dolibarr_mailing_limit_sendbyweb;
$conf->file->mailing_limit_sendbycli = $dolibarr_mailing_limit_sendbycli;
$conf->file->main_authentication = empty($dolibarr_main_authentication)?'':$dolibarr_main_authentication; // Identification mode
$conf->file->main_force_https = empty($dolibarr_main_force_https)?'':$dolibarr_main_force_https; // Force https
$conf->file->strict_mode = empty($dolibarr_strict_mode)?'':$dolibarr_strict_mode; // Force php strict mode (for debug)
@ -188,6 +189,18 @@ if (! empty($conf->file->mailing_limit_sendbyweb))
{
$conf->global->MAILING_LIMIT_SENDBYWEB = $conf->file->mailing_limit_sendbyweb;
}
if (empty($conf->global->MAILING_LIMIT_SENDBYWEB))
{
$conf->global->MAILING_LIMIT_SENDBYWEB = 25;
}
if (! empty($conf->file->mailing_limit_sendbycli))
{
$conf->global->MAILING_LIMIT_SENDBYCLI = $conf->file->mailing_limit_sendbycli;
}
if (empty($conf->global->MAILING_LIMIT_SENDBYCLI))
{
$conf->global->MAILING_LIMIT_SENDBYCLI = 0;
}
// If software has been locked. Only login $conf->global->MAIN_ONLY_LOGIN_ALLOWED is allowed.
if (! empty($conf->global->MAIN_ONLY_LOGIN_ALLOWED))

10
htdocs/product/class/product.class.php
View File

@ -944,7 +944,7 @@ class Product extends CommonObject
// Delete all child tables
if (! $error)
{
$elements = array('product_fournisseur_price','product_price','product_lang','categorie_product','product_stock','product_customer_price','product_lot','product_warehouse_properties');
$elements = array('product_fournisseur_price','product_price','product_lang','categorie_product','product_stock','product_customer_price','product_lot','product_warehouse_properties'); // product_batch is done before
foreach($elements as $table)
{
if (! $error)
@ -1341,10 +1341,11 @@ class Product extends CommonObject
* @param int $prodfournprice Id du tarif = rowid table product_fournisseur_price
* @param double $qty Quantity asked or -1 to get first entry found
* @param int $product_id Filter on a particular product id
* @param string $fourn_ref Filter on a supplier ref. 'none' to exclude ref in search.
* @param string $fourn_ref Filter on a supplier price ref. 'none' to exclude ref in search.
* @param int $fk_soc If of supplier
* @return int <-1 if KO, -1 if qty not enough, 0 if OK but nothing found, id_product if OK and found. May also initialize some properties like (->ref_supplier, buyprice, fourn_pu, vatrate_supplier...)
*/
function get_buyprice($prodfournprice, $qty, $product_id=0, $fourn_ref='')
function get_buyprice($prodfournprice, $qty, $product_id=0, $fourn_ref='', $fk_soc=0)
{
global $conf;
$result = 0;
@ -1390,12 +1391,13 @@ class Product extends CommonObject
}
else // If not found
{
// We do a second search by doing a select again but searching with qty and id product
// We do a second search by doing a select again but searching with less reliable criteria: couple qty/id product, and if set fourn_ref or fk_soc.
$sql = "SELECT pfp.rowid, pfp.price as price, pfp.quantity as quantity, pfp.fk_soc,";
$sql.= " pfp.fk_product, pfp.ref_fourn as ref_supplier, pfp.tva_tx, pfp.fk_supplier_price_expression";
$sql.= " FROM ".MAIN_DB_PREFIX."product_fournisseur_price as pfp";
$sql.= " WHERE pfp.fk_product = ".$product_id;
if ($fourn_ref != 'none') $sql.= " AND pfp.ref_fourn = '".$fourn_ref."'";
if ($fk_soc > 0) $sql.= " AND pfp.fk_soc = ".$fk_soc;
if ($qty > 0) $sql.= " AND pfp.quantity <= ".$qty;
$sql.= " ORDER BY pfp.quantity DESC";
$sql.= " LIMIT 1";

6
htdocs/product/price.php
View File

@ -5,7 +5,7 @@
* Copyright (C) 2005-2015 Regis Houssin <regis.houssin@capnetworks.com>
* Copyright (C) 2006 Andre Cianfarani <acianfa@free.fr>
* Copyright (C) 2014 Florian Henry <florian.henry@open-concept.pro>
* Copyright (C) 2014 Juanjo Menent <jmenent@2byte.es>
* Copyright (C) 2014-2016 Juanjo Menent <jmenent@2byte.es>
* Copyright (C) 2014-2015 Philippe Grand <philippe.grand@atoo-net.com>
* Copyright (C) 2014 Ion agorria <ion@agorria.com>
* Copyright (C) 2015 Alexandre Spangaro <aspangaro.dolibarr@gmail.com>
@ -286,8 +286,8 @@ if (empty($reshook))
{
$obj = $db->fetch_object($resql);
$npr = $obj->recuperableonly;
$localtax1 = $obj->localtax1;
$localtax2 = $obj->localtax2;
$localtax1 = get_localtax($tva_tx,1);
$localtax2 = get_localtax($tva_tx,2);
$localtax1_type = $obj->localtax1_type;
$localtax2_type = $obj->localtax2_type;
}

20
htdocs/projet/activity/perday.php
View File

@ -424,17 +424,17 @@ print '<td align="right">'.$langs->trans("Note").'</td>';
print "</tr>\n";
print '<tr class="liste_titre">';
print '<td class="liste_total"><input type="text" size="4" name="search_task_ref" value="'.dol_escape_htmltag($search_task_ref).'"></td>';
print '<td class="liste_total"><input type="text" size="4" name="search_task_label" value="'.dol_escape_htmltag($search_task_label).'"></td>';
print '<td class="liste_total"><input type="text" size="4" name="search_project_ref" value="'.dol_escape_htmltag($search_project_ref).'"></td>';
print '<td class="liste_titre"><input type="text" size="4" name="search_task_ref" value="'.dol_escape_htmltag($search_task_ref).'"></td>';
print '<td class="liste_titre"><input type="text" size="4" name="search_task_label" value="'.dol_escape_htmltag($search_task_label).'"></td>';
print '<td class="liste_titre"><input type="text" size="4" name="search_project_ref" value="'.dol_escape_htmltag($search_project_ref).'"></td>';
if (! empty($conf->global->PROJECT_LINES_PERDAY_SHOW_THIRDPARTY)) print '<td class="liste_total"><input type="text" size="4" name="search_thirdparty" value="'.dol_escape_htmltag($search_thirdparty).'"></td>';
print '<td class="liste_total"></td>';
print '<td class="liste_total"></td>';
print '<td class="liste_total"></td>';
print '<td class="liste_total"></td>';
print '<td class="liste_total"></td>';
print '<td class="liste_total"></td>';
print '<td class="liste_total"></td>';
print '<td class="liste_titre"></td>';
print '<td class="liste_titre"></td>';
print '<td class="liste_titre"></td>';
print '<td class="liste_titre"></td>';
print '<td class="liste_titre"></td>';
print '<td class="liste_titre"></td>';
print '<td class="liste_titre"></td>';
// Action column
print '<td class="liste_titre nowrap" align="right">';
$searchpitco=$form->showFilterAndCheckAddButtons(0);

18
htdocs/projet/activity/perweek.php
View File

@ -420,21 +420,21 @@ for($i=0;$i<7;$i++)
{
print '<td width="7%" align="center" class="hide'.$i.'">'.dol_print_date($startday + ($i * 3600 * 24), '%a').'<br>'.dol_print_date($startday + ($i * 3600 * 24), 'dayreduceformat').'</td>';
}
print '<td class="liste_total"></td>';
print '<td></td>';
print "</tr>\n";
print '<tr class="liste_titre">';
print '<td class="liste_total"><input type="text" size="4" name="search_task_ref" value="'.dol_escape_htmltag($search_task_ref).'"></td>';
print '<td class="liste_total"><input type="text" size="4" name="search_task_label" value="'.dol_escape_htmltag($search_task_label).'"></td>';
print '<td class="liste_total"><input type="text" size="4" name="search_project_ref" value="'.dol_escape_htmltag($search_project_ref).'"></td>';
print '<td class="liste_titre"><input type="text" size="4" name="search_task_ref" value="'.dol_escape_htmltag($search_task_ref).'"></td>';
print '<td class="liste_titre"><input type="text" size="4" name="search_task_label" value="'.dol_escape_htmltag($search_task_label).'"></td>';
print '<td class="liste_titre"><input type="text" size="4" name="search_project_ref" value="'.dol_escape_htmltag($search_project_ref).'"></td>';
if (! empty($conf->global->PROJECT_LINES_PERWEEK_SHOW_THIRDPARTY)) print '<td class="liste_total"><input type="text" size="4" name="search_thirdparty" value="'.dol_escape_htmltag($search_thirdparty).'"></td>';
print '<td class="liste_total"></td>';
print '<td class="liste_total"></td>';
print '<td class="liste_total"></td>';
print '<td class="liste_total"></td>';
print '<td class="liste_titre"></td>';
print '<td class="liste_titre"></td>';
print '<td class="liste_titre"></td>';
print '<td class="liste_titre"></td>';
for($i=0;$i<7;$i++)
{
print '<td class="liste_total"></td>';
print '<td class="liste_titre"></td>';
}
// Action column
print '<td class="liste_titre nowrap" align="right">';

18
htdocs/projet/tasks/list.php
View File

@ -435,7 +435,7 @@ if (! empty($arrayfields['t.datee']['checked'])) print_liste_field_titre
if (! empty($arrayfields['p.ref']['checked'])) print_liste_field_titre($arrayfields['p.ref']['label'],$_SERVER["PHP_SELF"],"p.ref","",$param,"",$sortfield,$sortorder);
if (! empty($arrayfields['p.title']['checked'])) print_liste_field_titre($arrayfields['p.title']['label'],$_SERVER["PHP_SELF"],"p.title","",$param,"",$sortfield,$sortorder);
if (! empty($arrayfields['s.nom']['checked'])) print_liste_field_titre($arrayfields['s.nom']['label'],$_SERVER["PHP_SELF"],"s.nom","",$param,"",$sortfield,$sortorder);
if (! empty($arrayfields['p.fk_statut']['checked'])) print_liste_field_titre($arrayfields['p.fk_statut']['label'],$_SERVER["PHP_SELF"],"p.fk_statut","",$param,"",$sortfield,$sortorder);
if (! empty($arrayfields['p.fk_statut']['checked'])) print_liste_field_titre($arrayfields['p.fk_statut']['label'],$_SERVER["PHP_SELF"],"p.fk_statut","",$param,'align="center"',$sortfield,$sortorder);
if (! empty($arrayfields['t.planned_workload']['checked'])) print_liste_field_titre($arrayfields['t.planned_workload']['label'],$_SERVER["PHP_SELF"],"t.planned_workload","",$param,'align="center"',$sortfield,$sortorder);
if (! empty($arrayfields['t.duration_effective']['checked'])) print_liste_field_titre($arrayfields['t.duration_effective']['label'],$_SERVER["PHP_SELF"],"t.duration_effective","",$param,'align="center"',$sortfield,$sortorder);
if (! empty($arrayfields['t.progress_calculated']['checked'])) print_liste_field_titre($arrayfields['t.progress_calculated']['label'],$_SERVER["PHP_SELF"],"","",$param,'align="center"');
@ -512,17 +512,17 @@ if (! empty($arrayfields['s.nom']['checked']))
}
if (! empty($arrayfields['p.fk_statut']['checked']))
{
print '<td class="liste_titre">';
print '<td class="liste_titre center">';
$arrayofstatus = array();
foreach($projectstatic->statuts_short as $key => $val) $arrayofstatus[$key]=$langs->trans($val);
$arrayofstatus['99']=$langs->trans("NotClosed").' ('.$langs->trans('Draft').'+'.$langs->trans('Opened').')';
print $form->selectarray('search_projectstatus', $arrayofstatus, $search_projectstatus, 1, 0, 0, '', 0, 0, 0, '', 'maxwidth100');
print '</td>';
}
if (! empty($arrayfields['t.planned_workload']['checked'])) print '<td></td>';
if (! empty($arrayfields['t.duration_effective']['checked'])) print '<td></td>';
if (! empty($arrayfields['t.progress_calculated']['checked'])) print '<td></td>';
if (! empty($arrayfields['t.progress']['checked'])) print '<td></td>';
if (! empty($arrayfields['t.planned_workload']['checked'])) print '<td class="liste_titre"></td>';
if (! empty($arrayfields['t.duration_effective']['checked'])) print '<td class="liste_titre"></td>';
if (! empty($arrayfields['t.progress_calculated']['checked'])) print '<td class="liste_titre"></td>';
if (! empty($arrayfields['t.progress']['checked'])) print '<td class="liste_titre"></td>';
// Extra fields
if (is_array($extrafields->attribute_label) && count($extrafields->attribute_label))
{
@ -567,7 +567,7 @@ print '<td class="liste_titre" align="right">';
$searchpitco=$form->showFilterAndCheckAddButtons(0);
print $searchpitco;
print '</td>';
print '</tr>';
print "</tr>\n";
$plannedworkloadoutputformat='allhourmin';
@ -674,7 +674,7 @@ while ($i < min($num,$limit))
// Project status
if (! empty($arrayfields['p.fk_statut']['checked']))
{
print '<td>';
print '<td align="center">';
print $projectstatic->getLibStatut(1);
print '</td>';
if (! $i) $totalarray['nbfield']++;
@ -725,6 +725,7 @@ while ($i < min($num,$limit))
}
print '</td>';
if (! $i) $totalarray['nbfield']++;
if (! $i) $totalarray['totalprogress_calculated']=$totalarray['nbfield'];
}
// Declared progress
if (! empty($arrayfields['t.progress']['checked']))
@ -815,6 +816,7 @@ if (isset($totalarray['totaldurationeffectivefield']) || isset($totalarray['tota
}
elseif ($totalarray['totalplannedworkloadfield'] == $i) print '<td align="center">'.convertSecondToTime($totalarray['totalplannedworkload'],$plannedworkloadoutputformat).'</td>';
elseif ($totalarray['totaldurationeffectivefield'] == $i) print '<td align="center">'.convertSecondToTime($totalarray['totaldurationeffective'],$timespentoutputformat).'</td>';
elseif ($totalarray['totalprogress_calculated'] == $i) print '<td align="center">'.($totalarray['totaldurationeffective'] > 0 ? round(100 * $totalarray['totaldurationeffective'] / $totalarray['totalplannedworkload'], 2).' %' : '').'</td>';
else print '<td></td>';
}
print '</tr>';

11
htdocs/societe/checkvat/checkVatPopup.php
View File

@ -1,5 +1,5 @@
<?php
/* Copyright (C) 2006-2010 Laurent Destailleur <eldy@users.sourceforge.net>
/* Copyright (C) 2006-2016 Laurent Destailleur <eldy@users.sourceforge.net>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -41,17 +41,18 @@ print '<div>';
print load_fiche_titre($langs->trans("VATIntraCheckableOnEUSite"),'','title_setup');
$vatNumber = GETPOST("vatNumber",'alpha');
if (! $_REQUEST["vatNumber"])
if (! $vatNumber)
{
print '<br>';
print '<font class="error">'.$langs->transnoentities("ErrorFieldRequired",$langs->trans("VATIntraShort")).'</font><br>';
}
else
{
$_REQUEST["vatNumber"] = preg_replace('/\^\w/', '', $_REQUEST["vatNumber"]);
$countryCode=substr($_REQUEST["vatNumber"],0,2);
$vatNumber=substr($_REQUEST["vatNumber"],2);
$vatNumber = preg_replace('/\^\w/', '', $vatNumber);
$countryCode=substr($vatNumber,0,2);
$vatNumber=substr($vatNumber,2);
print '<b>'.$langs->trans("Country").'</b>: '.$countryCode.'<br>';
print '<b>'.$langs->trans("VATIntraShort").'</b>: '.$vatNumber.'<br>';

22
htdocs/societe/rib.php
View File

@ -330,7 +330,7 @@ if ($socid && $action == 'edit' && $user->rights->societe->creer)
print '<form action="rib.php?socid='.$object->id.'" method="post">';
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
print '<input type="hidden" name="action" value="update">';
print '<input type="hidden" name="id" value="'.$_GET["id"].'">';
print '<input type="hidden" name="id" value="'.GETPOST("id","int").'">';
}
if ($socid && $action == 'create' && $user->rights->societe->creer)
{
@ -355,7 +355,6 @@ if ($socid && $action != 'edit' && $action != "create")
dol_banner_tab($object, 'socid', $linkback, ($user->societe_id?0:1), 'rowid', 'nom');
print '<div class="fichecenter">';
print load_fiche_titre($langs->trans("DefaultRIB"), '', '');
@ -425,16 +424,14 @@ if ($socid && $action != 'edit' && $action != "create")
print '</table>';
print "</div>";
dol_fiche_end();
print '<br>';
/*
* List of bank accounts
*/
print load_fiche_titre($langs->trans("AllRIB"));
print load_fiche_titre($langs->trans("AllRIB"), '', '');
$rib_list = $object->get_all_rib();
$var = false;
@ -485,6 +482,14 @@ if ($socid && $action != 'edit' && $action != "create")
$string .= $rib->iban.' ';*/
}
}
if (! empty($rib->label)) {
if (! checkBanForAccount($rib)) {
$string.= ' '.img_picto($langs->trans("ValueIsNotValid"),'warning');
} else {
$string.= ' '.img_picto($langs->trans("ValueIsValid"),'info');
}
}
print $string;
print '</td>';
// IBAN
@ -613,6 +618,9 @@ if ($socid && $action != 'edit' && $action != "create")
dol_print_error($db);
}
dol_fiche_end();
if ($socid && $action != 'edit' && $action != 'create')
{

1
htdocs/theme/eldy/style.css.php
View File

@ -1934,6 +1934,7 @@ img.toolbarbutton {
}
.ecm-in-layout-south {
border-top: 0px !important;
border-left: 0px !important;
border-right: 0px !important;
border-bottom: 0px !important;

1
htdocs/theme/md/style.css.php
View File

@ -1946,6 +1946,7 @@ img.toolbarbutton {
}
.ecm-in-layout-south {
border-top: 0px !important;
border-left: 0px !important;
border-right: 0px !important;
border-bottom: 0px !important;

2
htdocs/user/bank.php
View File

@ -117,7 +117,7 @@ if ($id && $action == 'edit' && $user->rights->user->user->creer)
print '<form action="'.$_SERVER['PHP_SELF'].'?id='.$object->id.'" method="post">';
print '<input type="hidden" name="token" value="'.$_SESSION['newtoken'].'">';
print '<input type="hidden" name="action" value="update">';
print '<input type="hidden" name="id" value="'.$_GET["id"].'">';
print '<input type="hidden" name="id" value="'.GETPOST("id",'int').'">';
}
if ($id && $action == 'create' && $user->rights->user->user->creer)
{

2
htdocs/user/notify/card.php
View File

@ -108,7 +108,7 @@ if ($action == 'add')
// Remove a notification
if ($action == 'delete')
{
$sql = "DELETE FROM ".MAIN_DB_PREFIX."notify_def where rowid=".$_GET["actid"];
$sql = "DELETE FROM ".MAIN_DB_PREFIX."notify_def where rowid=".GETPOST("actid","int");
$db->query($sql);
}

11
scripts/emailings/mailing-send.php
View File

@ -61,6 +61,11 @@ $error=0;
@set_time_limit(0);
print "***** ".$script_file." (".$version.") pid=".dol_getmypid()." *****\n";
if ($conf->global->MAILING_LIMIT_SENDBYCLI == '-1')
{
}
$user = new User($db);
// for signature, we use user send as parameter
if (! empty($login)) $user->fetch('',$login);
@ -108,7 +113,11 @@ if ($resql)
$sql2 = "SELECT mc.rowid, mc.lastname as lastname, mc.firstname as firstname, mc.email, mc.other, mc.source_url, mc.source_id, mc.source_type, mc.tag";
$sql2.= " FROM ".MAIN_DB_PREFIX."mailing_cibles as mc";
$sql2.= " WHERE mc.statut < 1 AND mc.fk_mailing = ".$id;
if ($conf->global->MAILING_LIMIT_SENDBYCLI > 0)
{
$sql2.= " LIMIT ".$conf->global->MAILING_LIMIT_SENDBYCLI;
}
$resql2=$db->query($sql2);
if ($resql2)
{

54
test/phpunit/CoreTest.php
View File

@ -219,7 +219,7 @@ class CoreTest extends PHPUnit_Framework_TestCase
print __METHOD__." DOL_MAIN_URL_ROOT=".DOL_MAIN_URL_ROOT."\n";
print __METHOD__." DOL_URL_ROOT=".DOL_URL_ROOT."\n";
$this->assertEquals(DOL_URL_ROOT,$expectedresult);
$this->assertEquals($expectedresult, DOL_URL_ROOT);
return true;
}
@ -245,7 +245,7 @@ class CoreTest extends PHPUnit_Framework_TestCase
global $dolibarr_main_db_prefix;
// This is code copied from main.inc.php
// This is code copied from main.inc.php !!!!!!!!!!!!!!!
/**
* Security: SQL Injection and XSS Injection (scripts) protection (Filters on GET, POST, PHP_SELF).
@ -258,14 +258,16 @@ class CoreTest extends PHPUnit_Framework_TestCase
{
$sql_inj = 0;
// For SQL Injection (only GET and POST are used to be included into bad escaped SQL requests)
if ($type != 2) {
$sql_inj += preg_match('/delete[\s]+from/i', $val);
$sql_inj += preg_match('/create[\s]+table/i', $val);
$sql_inj += preg_match('/update.+set.+=/i', $val);
$sql_inj += preg_match('/insert[\s]+into/i', $val);
$sql_inj += preg_match('/select.+from/i', $val);
$sql_inj += preg_match('/union.+select/i', $val);
$sql_inj += preg_match('/(\.\.%2f)+/i', $val);
if ($type != 2)
{
$sql_inj += preg_match('/delete\s+from/i', $val);
$sql_inj += preg_match('/create\s+table/i', $val);
$sql_inj += preg_match('/update.+set.+=/i', $val);
$sql_inj += preg_match('/insert\s+into/i', $val);
$sql_inj += preg_match('/select.+from/i', $val);
$sql_inj += preg_match('/union.+select/i', $val);
$sql_inj += preg_match('/into\s+(outfile|dumpfile)/i', $val);
$sql_inj += preg_match('/(\.\.%2f)+/i', $val);
}
// For XSS Injection done by adding javascript with script
// This is all cases a browser consider text is javascript:
@ -273,22 +275,40 @@ class CoreTest extends PHPUnit_Framework_TestCase
// All examples on page: http://ha.ckers.org/xss.html#XSScalc
$sql_inj += preg_match('/<script/i', $val);
if (! defined('NOSTYLECHECK')) $sql_inj += preg_match('/<style/i', $val);
$sql_inj += preg_match('/base[\s]+href/i', $val);
if ($type == 1) {
$sql_inj += preg_match('/base[\s]+href/si', $val);
$sql_inj += preg_match('/<.*onmouse/si', $val); // onmousexxx can be set on img or any html tag like <img title='>' onmouseover=alert(1)>
$sql_inj += preg_match('/onerror\s*=/i', $val); // onerror can be set on img or any html tag like <img title='>' onerror = alert(1)>
if ($type == 1)
{
$sql_inj += preg_match('/javascript:/i', $val);
$sql_inj += preg_match('/vbscript:/i', $val);
}
// For XSS Injection done by adding javascript closing html tags like with onmousemove, etc... (closing a src or href tag with not cleaned param)
if ($type == 1) $sql_inj += preg_match('/"/i', $val); // We refused " in GET parameters value
if ($type == 2) $sql_inj += preg_match('/[\s;"]/', $val); // PHP_SELF is an url and must match url syntax
if ($type == 2) $sql_inj += preg_match('/[;"]/', $val); // PHP_SELF is a file system path. It can contains spaces.
return $sql_inj;
}
//type=2 key=0 value=/DIR WITH SPACE/htdocs/admin/index.php?mainmenu=home&leftmenu=setup&username=weservices
// Run tests
$_SERVER["PHP_SELF"]='/DIR WITH SPACE/htdocs/admin/index.php?mainmenu=home&leftmenu=setup&username=weservices';
$result=test_sql_and_script_inject($_SERVER["PHP_SELF"],2);
$result=test_sql_and_script_inject($_SERVER["PHP_SELF"], 2);
$expectedresult=0;
$this->assertEquals($expectedresult, $result, 'Error on test_sql_and_script_inject 1a');
$_SERVER["PHP_SELF"]='/DIR WITH SPACE/htdocs/admin/index.php?mainmenu=home&leftmenu=setup&username=weservices;badaction';
$result=test_sql_and_script_inject($_SERVER["PHP_SELF"], 2);
$expectedresult=1;
$this->assertEquals($result,$expectedresult);
$this->assertEquals($expectedresult, $result, 'Error on test_sql_and_script_inject 1b');
$_GET['aaa']="<img src='1.jpg' onerror =javascript:alert('XSS')>";
$result=test_sql_and_script_inject($_GET['aaa'], 0);
$expectedresult=1;
$this->assertEquals($expectedresult, $result, 'Error on test_sql_and_script_inject 2');
$_POST['bbb']="<img src='1.jpg' onerror =javascript:alert('XSS')>";
$result=test_sql_and_script_inject($_POST['bbb'], 2);
$expectedresult=1;
$this->assertEquals($expectedresult, $result, 'Error on test_sql_and_script_inject 3');
}
}