diff --git a/ChangeLog b/ChangeLog index ec201fa378e..95a4a7a3ae6 100644 --- a/ChangeLog +++ b/ChangeLog @@ -15,8 +15,7 @@ NEW: Add a performance center page with all information and advices related to t NEW: A lot of fix into english text after a small proofreading campaign (still not perfect, but really better) NEW: All main menu entries are using the picto of the module NEW: Add a copy to clipboard button on some fields -NEW: Add an example of scheduled job to send email reminder for unpayed invoices -NEW: Can make massive stock transfers from a CSV file. +NEW: Add an example of scheduled job to send email reminder for unpaid invoices NEW: Accountancy - Add FEC import NEW: Accountancy - Add a confirmation form with options on export NEW: Accountancy - Add select date from/to in already bind customer and supplier list @@ -32,58 +31,39 @@ NEW: Add the column "Office phone" and "User mobile" in user list NEW: Add the column "Price level"in thirdparty list NEW: Add some company information in the dropdown login menu NEW: Add constant MAIN_BUGTRACK_URL to set a custom url to redirect to when clicking on link "declare a bug" -NEW: Add contact tag and bulk email status on the thirparty+contact create form -NEW: Add db fields note_public and note_private for ECM module -NEW: Manage deposit on supplier invoice (& somes ajustments) +NEW: Add contact tag and bulk email status on the thirdparty + contact create form +NEW: Support down payment on supplier invoice (& somes ajustments) NEW: Add edit/delete action icons on categories list pages NEW: Add hidden option to auto load input line extrafield into new lines NEW: Add import profile to import BOM -NEW: Add last date of modification for website pages in the list of pages NEW: Add link picto to the stock movement on the detail of production NEW: Add mass action "Set tag" for product/service, user, thirdparty, warehouse, project, bank account, members NEW: Add bulk action Validate and Set to billed on order list. -NEW: add bulk action to set a commercial proposal to status "Refused" -NEW: Add option CONTRACT_ALLOW_EXTERNAL_DOWNLOAD and SUPPLIER_PROPOSAL_ALLOW_EXTERNAL_DOWNLOAD to make generated doc automatically shared. -NEW: Add option MAIN_SECURITY_ANTI_SSRF_SERVER_IP to define list of IPs that are local IPs -NEW: Add option SOCIETE_DISABLE_WORKFORCE to hide staff field -NEW: Add a new permission "Export website" NEW: Add possibility to exports userGroups fields on user exports NEW: Add price min and price min including tax into product export NEW: Can search on lots or serials into the quick search bar NEW: Add support for Friday as a non working day NEW: Add a total in page of margin by user NEW: Add the total of margin in invoice list -NEW: Can set a Warehouse on a Thirparty NEW: auto notification with module Notification can use templated emails NEW: Bank Entries : display user linked to a salary or a taxes -NEW: Can set a warehouse in a proposal -NEW: Can clone a cron job. +NEW: Can clone a cron job NEW: Can create a lot from the list view (Look and feel standardization). -NEW: Can filter files in GED on status Shared/Not shared NEW: Can filter on extrafields date on lists -NEW: Can filter on rowid in list of blocked logs. -NEW: Can hide columns "time consumed" on timesheet per week. +NEW: Can filter on rowid in list of blocked logs +NEW: Can hide columns "time consumed" on timesheet per week NEW: Can set an employee on each social contribution NEW: Can set a percentage when creating an invoice from another object -NEW: Can set if a ticket group is visible on public interface or not. NEW: Can set order of execution of hooks -NEW: Can show the leave dates/holidays on the agenda view. -NEW: Can show the project ref into PDF documents +NEW: Can show the leave dates/holidays on the agenda view NEW: Can toggle FCKeditor on public/private notes -NEW: Can use captcha on public page to create a ticket NEW: Check update availability for externals modules using a button on module page NEW: Choose lines to use while creating intervention card from origin -NEW: Column shippement method, payment mode, payment term in proposal and order list -NEW: Conf for default actiomm status +NEW: Columns shipment method, payment mode, payment term in proposal and order list +NEW: Conf for default actioncomm status NEW: customer ref for product customer prices -NEW: date and user signature on proposal (Issue 16062) +NEW: date and user signature on proposal (Issue 16062) #16980 NEW: Dictionary for availability - Add a column position -NEW: TAKEPOS delayed payment in TakePOS -NEW: TAKEPOS display date range if exist in TakePOS -NEW: TAKEPOS display resiliate status in TakePOS for member -NEW: TAKEPOS Edit sales lines rights in TakePOS -NEW: TAKEPOS Option for Takepos to show the total price without tax -NEW: TAKEPOS More permission in TakePOS (Can edit added line, can modify once order sent to kitchen) NEW: Can set a user related to a social contribution NEW: ICS Direct debit can be set with a different value for each bank account NEW: LDAP: usergroup search can be filtered @@ -94,37 +74,83 @@ NEW: Add bulk actions for Bank Transfer NEW: Enhance the multicurrency rate editor NEW: Multiselect ledger account code filter on book keeping list NEW: Normalyse Type company field with ajax combobox -NEW: option to automatically close an open project when all its tasks are done (=progress 100%) -NEW: option to select membership type on the online payment page for membership subscription or renewal NEW: preload product description on selection for customer propal/order/invoice NEW: Add a ref in product customer price -NEW: Save old page with .old extension on disk when editing a website page NEW: Search usergroups & resources NEW: Set status of all variants when changing status of parent NEW: Setup Page for module creation with module builder enhancement #FoundationFunding NEW: Show picto of module into the list of dictionaries NEW: Show the total of payment on the payment confirmation page -NEW: Stock movement list - Add more complete date field NEW: Support color for types of event NEW: The global setup for Mandatory fields can now be done on combo list too. NEW: translate in "en_US" to complete PR 16980 NEW: Update the list of taxes available by default for France -NEW: Add captcha on public page to create a ticket NEW: Salary payment request and Salary payment are 2 different steps in workflow on Salary payment recording NEW: VAT payment request and VAT payment are now 2 different steps in workflow on VAT payment recording NEW: VAT report - Optimisation & collapse by rate -NEW: When we add contacts/users to a project, ask to also affect them on tasks. NEW: When a doc file is shared, link is visible from the main page of doc. -NEW: Add option in Workflow module to set a shipment as closed. -NEW: Option to automatically create a login/user when a new subscription of a member is done online NEW: #16378 More E-Mail Contact substitution Values for better salutation NEW: option to keep the "Automatically create a total payment" checkbox empty on the tax creation page -NEW: #17113 Can upload a favicon in website module + + ECM/GED +NEW: Add db fields note_public and note_private for ECM module +NEW: Can filter files in GED on status Shared/Not shared + + Members NEW: #17292 default subscription amount by adherent type +NEW: Option to automatically create a login/user when a new subscription of a member is done online +NEW: option to select membership type on the online payment page for membership subscription or renewal + + Projects/Tasks +NEW: option to automatically close an open project when all its tasks are done (=progress 100%) +NEW: can show the project ref into PDF documents +NEW: when we add contacts/users to a project, ask to also affect them on tasks + + Proposals +NEW: add bulk action to set a commercial proposal to status "Refused" +NEW: can set a warehouse in a proposal + + Shipment +NEW: add option in Workflow module to set a shipment as closed + + TakePOS +NEW: delayed payment in TakePOS #14456? +NEW: display date range if exist in TakePOS +NEW: display resiliate status in TakePOS for member +NEW: edit sales lines rights in TakePOS +NEW: option for TakePOS to show the total price without tax +NEW: more permissions in TakePOS (can edit added line, can modify once order sent to kitchen) + + Third-Parties +NEW: Can set a Warehouse on a Thirdparty + + Tickets +NEW: can use captcha on public page to create a ticket #16347 +NEW: can set if a ticket group is visible on public interface or not + + Warehouse +NEW: Can make massive stock transfers from a CSV file +NEW: Stock movement list - Add more complete date field +NEW: Can set a Warehouse on a Thirdparty +NEW: can set a warehouse in a proposal + + Website Module +NEW: #17113 Can upload a favicon in website module +NEW: add a new permission "Export website" +NEW: add last date of modification for website pages in the list of pages +NEW: Save old page with .old extension on disk when editing a website page + + new Modules NEW: start new experimental module Event Organization Management NEW: start new experimental module Partnership Management NEW: start new experimental module Knowledge Management -NEW: start new experimental module Workstations management +NEW: start new experimental module Workstations Management + + new Options +NEW: Add option CONTRACT_ALLOW_EXTERNAL_DOWNLOAD to make generated doc automatically shared +NEW: Add option SUPPLIER_PROPOSAL_ALLOW_EXTERNAL_DOWNLOAD to make generated doc automatically shared +NEW: Add option MAIN_SECURITY_ANTI_SSRF_SERVER_IP to define list of IPs that are local IPs +NEW: Add option SOCIETE_DISABLE_WORKFORCE to hide staff field For developers: @@ -146,8 +172,6 @@ NEW: Support sepa_debit in stripe paymentmethods list NEW: Update doleditor.class.php for easily activate SCAYT NEW: Add triggers in the function add_object_linked(), updateObjectLinked() and deleteObjectLinked() NEW: Add triggers OBJECT_LINK_INSERT, OBJECT_LINK_UPDATE et OBJECT_LINK_DELETE in the function add_object_linked(), updateObjectLinked() and deleteObjectLinked() -NEW: API Add option $includeifobjectisused to get a product -NEW: API Get the list of product ids only NEW: Can set a target image in dolcropresize function. NEW: Can set a label as placeholder for combo lists. NEW: Add pagination on Get Products response API @@ -156,19 +180,24 @@ NEW: Extrafields of documents lines are inside the lines, not any more on separa NEW: unit selection on object edit line NEW: #13739 #17390 Product API route added to get product stock and product with or without variants + APIs +NEW: API Add option $includeifobjectisused to get a product +NEW: API Get the list of product ids only + WARNING: Following changes may create regressions for some external modules, but were necessary to make Dolibarr better: * Module SimplePOS is deprecated. If you need a POS module, please use the module TakePOS. -* The ICS value for direct debit or credit transfer is now store on each bank account instead of into the global setup. +* The ICS value for direct debit or credit transfer is now stored on each bank account instead of into the global setup. * API /setup/shipment_methods has been replaced with API /setup/shipping_methods -* Field "total" renamed into to "total_ht" for table llx_facture, llx_facture_rec for better field name consistency -* Field "tva" renamed into "total_tva" for table llx_propal, llx_supplier_proposal, llx_commande, llx_commande_fournisseur for better field name consistency -* Field "total" renamed into "total_ttc" for table lx_propal, llx_supplier_proposal for better field name consistency -* If your database is PostgreSql, you must use version 9.1.0 or more (Dolibarr need the SQL function CONCAT) -* If your database is MySql or MariaDB, you need at least version 5.1 +* Field "total" renamed into "total_ht" for table llx_facture, llx_facture_rec for better field name consistency +* Field "tva" renamed into "total_tva" for table llx_propal, llx_supplier_proposal, llx_commande, llx_commande_fournisseur for better field name consistency +* Field "total" renamed into "total_ttc" for table llx_propal, llx_supplier_proposal for better field name consistency +* If your database is PostgreSQL, you must use version 9.1.0 or more (Dolibarr need the SQL function CONCAT) +* If your database is MySQL or MariaDB, you need at least version 5.1 * Function set_price_level() has been renamed into setPriceLevel() to follow camelcase rules +* removed deprecated subtituion key __REFCLIENT__ (replaced with __REF_CLIENT__) ***** ChangeLog for 13.0.3 compared to 13.0.2 ***** @@ -193,7 +222,7 @@ FIX: create sociales : keep values error form FIX: dol_print_date for %a and %b with some timezone FIX: email is not case sensitive FIX: error for duplicate thirdparty found correctly returned by ws -FIX: Espadon PDF shippment model with long public note now wroking +FIX: Espadon PDF shippment model with long public note now working FIX: esupplier order: error 500 when using packaging with product where it is not defined FIX: Filter on debit/credit FIX: Filter on supplier payment list diff --git a/README-FR.md b/README-FR.md index 77bb5a3e27a..81fdff13047 100644 --- a/README-FR.md +++ b/README-FR.md @@ -8,10 +8,12 @@ Il est simple d'utilisation et modulaire, vous permettant de n'activez que les f ![ScreenShot](https://www.dolibarr.org/medias/dolibarr_screenshot1_1920x1080.jpg) + ## LICENCE Dolibarr est distribué sous les termes de la licence GNU General Public License v3+ ou supérieure. + ## INSTALLER DOLIBARR ### Configuration simple @@ -52,6 +54,7 @@ Vous pouvez aussi utiliser un serveur Web et une base de données prise en charg - Suivez les instructions de l'installateur + ## METTRE A JOUR DOLIBARR Pour mettre à jour Dolibarr depuis une vieille version vers celle ci: @@ -64,9 +67,11 @@ Pour mettre à jour Dolibarr depuis une vieille version vers celle ci: *Note: Le processus de migration peut être lancé manuellement et plusieurs fois, sans risque, en appelant la page /install/* + ## CE QUI EST NOUVEAU -Voir fichier ChangeLog. +See the [ChangeLog](https://github.com/Dolibarr/dolibarr/blob/develop/ChangeLog) file. + ## CE QUE DOLIBARR PEUT FAIRE @@ -82,15 +87,17 @@ Voir fichier ChangeLog. - Calendrier/Agenda partagé (avec export ical, vcal) - Suivi des opportunités et/ou projets (suivi de rentabilité incluant les factures, notes de frais, temps consommé valorisé, ...) - Gestion de contrats de services -- Gestion de stock +- Gestion de stock et inventaires - Gestion des expéditions - Gestion des demandes de congès - Gestion des notes de frais +- Gestion de recrutement - GED (Gestion Electronique de Documents) - EMailings de masse - Réalisation de sondages +- Gestion d'adhérents - Point de vente/Caisse enregistreuse -- … +- … (près de 100 modules disponibles en standard, près de 1000 autre sur la place de marché d'extensions) ### Autres modules @@ -135,31 +142,36 @@ Voir fichier ChangeLog. Dolibarr peut aussi être étendu à volonté avec l'ajout de module/applications externes développées par des développeus tiers, disponible sur [DoliStore](https://www.dolistore.com). + ## CE QUE DOLIBARR NE PEUT PAS (ENCORE) FAIRE Voici un liste de fonctionnalités pas encore gérées par Dolibarr: -- Dolibarr ne contient pas de module de Gestion de la paie. +- Dolibarr ne contient pas de module de génération de feuille de paie. - Les tâches du module de gestion de projets n'ont pas de dépendances entre elle. - Dolibarr n'embarque pas de Webmail intégré nativement. - Dolibarr ne fait pas le café (pas encore). + ## DOCUMENTATION La documentation utilisateur, développeur et traducteur est disponible sous forme de ressources de la communauté via le site [Wiki](https://wiki.dolibarr.org). + ## CONTRIBUER Ce projet existe grâce à ses nombreux contributeurs [[Contribuer](https://github.com/Dolibarr/dolibarr/blob/develop/.github/CONTRIBUTING.md)]. + ## CREDITS Dolibarr est le résultat du travail de nombreux contributeurs depuis des années et utilise des librairies d'autres contributeurs. Voir le fichier [COPYRIGHT](https://github.com/Dolibarr/dolibarr/blob/develop/COPYRIGHT) + ## ACTUALITES ET RESEAUX SOCIAUX Suivez le projet Dolibarr project sur les réseaux francophones diff --git a/README.md b/README.md index 0a3aeecb9f4..ad349f713c1 100644 --- a/README.md +++ b/README.md @@ -13,7 +13,7 @@ You can freely use, study, modify or distribute it according to its licence. You can use it as a standalone application or as a web application to access it from the Internet or a LAN. -Dolibarr has a large community ready to help you, free forums and [officially preferred partners ready to offer commercial support should you need it](https://partners.dolibarr.org) +Dolibarr has a large community ready to help you, free forums and [preferred partners ready to offer commercial support should you need it](https://partners.dolibarr.org) ![ScreenShot](https://www.dolibarr.org/medias/dolibarr_screenshot1_1920x1080.jpg) @@ -97,48 +97,80 @@ See the [ChangeLog](https://github.com/Dolibarr/dolibarr/blob/develop/ChangeLog) ### Main application/modules (all optional) -- Customers, Prospects (Leads) and/or Suppliers directory + Contacts -- Members/Membership management -- Products and/or Services catalog -- Commercial proposals management -- Customer & Supplier Orders management -- Invoices and payment management -- Shipping management -- Warehouse/Stock management -- Manufacturing Orders -- Bank accounts management -- Direct debit orders management (European SEPA) -- Accounting management -- Shared calendar/agenda (with ical and vcal export for third party tools integration) -- Opportunities or Leads management -- Projects & Tasks management -- Ticket System -- Contracts management -- Interventions management -- Employee's leave requests management -- Expense reports -- Timesheets -- Electronic Document Management (EDM) -- Foundations members management -- Point of Sale (POS) -- … +- Third-Parties Management: Customers, Prospects (Leads) and/or Suppliers + Contacts +- Members/Membership/Foundation management + + Product Management +- Products and/or Services catalog +- Stock / Warehouse management + Inventory +- Barcodes +- Batches / Lots / Serials +- Product Variants +- Bill of Materials (BOM) +- Manufacturing Orders + + Customer/Sales Management +- Customers/Prospects + Contacts management +- Opportunities or Leads management +- Commercial proposals management +- Customer Orders management +- Contracts/Subscription management +- Interventions management +- Ticket System +- Shipping management +- Customer Invoices/Credit notes and payment management +- Point of Sale (POS) + + Supplier/Purchase Management +- Suppliers/Vendors + Contacts +- Supplier (price) requests +- Purchase Orders management +- Delivery/Receiption +- Supplier Invoices/credit notes and payment management +- INCOTERMS + + Finance / Accounting +- Invoices / Payments +- Bank accounts management +- Direct debit orders management (European SEPA) +- Accounting management +- Donations management +- Loan management +- Margins +- Reports + + Collaboration +- Shared calendar/agenda (with ical and vcal export for third party tools integration) +- Projects & Tasks management +- Ticket System +- Surveys + + HR +- Employee's leave requests management +- Expense reports +- Recruitment management +- Timesheets + ### Other application/modules +- Electronic Document Management (EDM) - Bookmarks management -- Donations management - Reporting -- Surveys - Data export/import -- Barcodes support +- Barcodes - Margin calculations - LDAP connectivity - ClickToDial integration - Mass emailing - RSS integration - Skype integration +- Social platforms linking - Payment platforms integration (PayPal, Stripe, Paybox...) -- … +- Email-Collector + +(around 100 modules available by default, 1000+ on the addon market place) + ### Other general features diff --git a/dev/examples/zapier/creates/contact.js b/dev/examples/zapier/creates/contact.js new file mode 100644 index 00000000000..bcb849ad63d --- /dev/null +++ b/dev/examples/zapier/creates/contact.js @@ -0,0 +1,74 @@ +/*jshint esversion: 6 */ +// create a particular contact by name +const createContact = async (z, bundle) => { + const apiurl = bundle.authData.url + '/api/index.php/contacts'; + + const response = await z.request({ + method: 'POST', + url: apiurl, + body: { + name: bundle.inputData.name, + name_alias: bundle.inputData.name_alias, + ref_ext: bundle.inputData.ref_ext, + ref_int: bundle.inputData.ref_int, + address: bundle.inputData.address, + zip: bundle.inputData.zip, + town: bundle.inputData.town, + country_code: bundle.inputData.country_code, + country_id: bundle.inputData.country_id, + country: bundle.inputData.country, + phone: bundle.inputData.phone, + email: bundle.inputData.email, + sens: 'fromzapier' + } + }); + const result = z.JSON.parse(response.content); + // api returns an integer when ok, a json when ko + return result.response || {id: response}; +}; + +module.exports = { + key: 'contact', + noun: 'Contact', + + display: { + label: 'Create Contact', + description: 'Creates a contact.' + }, + + operation: { + inputFields: [ + {key: 'name', required: true}, + {key: 'name_alias', required: false}, + {key: 'address', required: false}, + {key: 'zip', required: false}, + {key: 'town', required: false}, + {key: 'email', required: false} + ], + perform: createContact, + + sample: { + id: 1, + name: 'DUPOND', + name_alias: 'DUPOND Ltd', + address: 'Rue des Canaries', + zip: '34090', + town: 'MONTPELLIER', + phone: '0123456789', + fax: '2345678901', + email: 'robot@domain.com' + }, + + outputFields: [ + {key: 'id', type: "integer", label: 'ID'}, + {key: 'name', label: 'Name'}, + {key: 'name_alias', label: 'Name alias'}, + {key: 'address', label: 'Address'}, + {key: 'zip', label: 'Zip'}, + {key: 'town', label: 'Town'}, + {key: 'phone', label: 'Phone'}, + {key: 'fax', label: 'Fax'}, + {key: 'email', label: 'Email'} + ] + } +}; diff --git a/dev/examples/zapier/creates/member.js b/dev/examples/zapier/creates/member.js new file mode 100644 index 00000000000..152f1129e79 --- /dev/null +++ b/dev/examples/zapier/creates/member.js @@ -0,0 +1,74 @@ +/*jshint esversion: 6 */ +// create a particular member by name +const createMember = async (z, bundle) => { + const apiurl = bundle.authData.url + '/api/index.php/members'; + + const response = await z.request({ + method: 'POST', + url: apiurl, + body: { + name: bundle.inputData.name, + name_alias: bundle.inputData.name_alias, + ref_ext: bundle.inputData.ref_ext, + ref_int: bundle.inputData.ref_int, + address: bundle.inputData.address, + zip: bundle.inputData.zip, + town: bundle.inputData.town, + country_code: bundle.inputData.country_code, + country_id: bundle.inputData.country_id, + country: bundle.inputData.country, + phone: bundle.inputData.phone, + email: bundle.inputData.email, + sens: 'fromzapier' + } + }); + const result = z.JSON.parse(response.content); + // api returns an integer when ok, a json when ko + return result.response || {id: response}; +}; + +module.exports = { + key: 'member', + noun: 'Member', + + display: { + label: 'Create Member', + description: 'Creates a member.' + }, + + operation: { + inputFields: [ + {key: 'name', required: true}, + {key: 'name_alias', required: false}, + {key: 'address', required: false}, + {key: 'zip', required: false}, + {key: 'town', required: false}, + {key: 'email', required: false} + ], + perform: createMember, + + sample: { + id: 1, + name: 'DUPOND', + name_alias: 'DUPOND Ltd', + address: 'Rue des Canaries', + zip: '34090', + town: 'MONTPELLIER', + phone: '0123456789', + fax: '2345678901', + email: 'robot@domain.com' + }, + + outputFields: [ + {key: 'id', type: "integer", label: 'ID'}, + {key: 'name', label: 'Name'}, + {key: 'name_alias', label: 'Name alias'}, + {key: 'address', label: 'Address'}, + {key: 'zip', label: 'Zip'}, + {key: 'town', label: 'Town'}, + {key: 'phone', label: 'Phone'}, + {key: 'fax', label: 'Fax'}, + {key: 'email', label: 'Email'} + ] + } +}; diff --git a/dev/examples/zapier/creates/thirdparty.js b/dev/examples/zapier/creates/thirdparty.js index 3e20fd10e41..2abeef6ae4c 100644 --- a/dev/examples/zapier/creates/thirdparty.js +++ b/dev/examples/zapier/creates/thirdparty.js @@ -6,7 +6,7 @@ const createThirdparty = async (z, bundle) => { const response = await z.request({ method: 'POST', url: apiurl, - body: JSON.stringify({ + body: { name: bundle.inputData.name, name_alias: bundle.inputData.name_alias, ref_ext: bundle.inputData.ref_ext, @@ -24,7 +24,7 @@ const createThirdparty = async (z, bundle) => { code_client: bundle.inputData.code_client, code_fournisseur: bundle.inputData.code_fournisseur, sens: 'fromzapier' - }) + } }); const result = z.JSON.parse(response.content); // api returns an integer when ok, a json when ko diff --git a/dev/examples/zapier/index.js b/dev/examples/zapier/index.js index d1897673b39..fdd1ed29a53 100644 --- a/dev/examples/zapier/index.js +++ b/dev/examples/zapier/index.js @@ -2,12 +2,18 @@ const triggerAction = require('./triggers/action'); const triggerOrder = require('./triggers/order'); const triggerThirdparty = require('./triggers/thirdparty'); +const triggerContact = require('./triggers/contact'); const triggerTicket = require('./triggers/ticket'); const triggerUser = require('./triggers/user'); +const triggerMember = require('./triggers/member'); const searchThirdparty = require('./searches/thirdparty'); +const searchContact = require('./searches/contact'); +const searchMember = require('./searches/member'); const createThirdparty = require('./creates/thirdparty'); +const createContact = require('./creates/contact'); +const createMember = require('./creates/member'); const { config: authentication, @@ -62,18 +68,24 @@ const App = { [triggerAction.key]: triggerAction, [triggerOrder.key]: triggerOrder, [triggerThirdparty.key]: triggerThirdparty, + [triggerContact.key]: triggerContact, [triggerTicket.key]: triggerTicket, [triggerUser.key]: triggerUser, + [triggerMember.key]: triggerMember, }, // If you want your searches to show up, you better include it here! searches: { [searchThirdparty.key]: searchThirdparty, + [searchContact.key]: searchContact, + [searchMember.key]: searchMember, }, // If you want your creates to show up, you better include it here! creates: { [createThirdparty.key]: createThirdparty, + [createContact.key]: createContact, + [createMember.key]: createMember, } }; diff --git a/dev/examples/zapier/package.json b/dev/examples/zapier/package.json index cc0768a27ef..a9d519dec69 100644 --- a/dev/examples/zapier/package.json +++ b/dev/examples/zapier/package.json @@ -1,6 +1,6 @@ { "name": "dolibarr", - "version": "1.13.0", + "version": "1.14.0", "description": "An app for connecting Dolibarr to the Zapier platform.", "repository": "Dolibarr/dolibarr", "homepage": "https://www.dolibarr.org/", @@ -11,11 +11,11 @@ "test": "mocha --recursive" }, "engines": { - "node": "8.10.0", + "node": "14.0.0", "npm": ">=5.6.0" }, "dependencies": { - "zapier-platform-core": "11.0.0" + "zapier-platform-core": "11.0.1" }, "devDependencies": { "mocha": "^5.2.0", diff --git a/dev/examples/zapier/searches/contact.js b/dev/examples/zapier/searches/contact.js new file mode 100644 index 00000000000..b52b8d3e367 --- /dev/null +++ b/dev/examples/zapier/searches/contact.js @@ -0,0 +1,95 @@ +module.exports = { + key: 'contact', + + // You'll want to provide some helpful display labels and descriptions + // for users. Zapier will put them into the UX. + noun: 'Contact', + display: { + label: 'Find a Contact', + description: 'Search for contact.' + }, + + // `operation` is where we make the call to your API to do the search + operation: { + // This search only has one search field. Your searches might have just one, or many + // search fields. + inputFields: [ + { + key: 'lastname', + type: 'string', + label: 'Lastname', + helpText: 'Lastname to limit to the search to (i.e. The company or %company%).' + }, + { + key: 'email', + type: 'string', + label: 'Email', + helpText: 'Email to limit to the search to.' + } + ], + + perform: async (z, bundle) => { + const url = bundle.authData.url + '/api/index.php/contacts/'; + + // Put the search value in a query param. The details of how to build + // a search URL will depend on how your API works. + let filter = ''; + if (bundle.inputData.lastname) { + filter = "t.lastname like \'%"+bundle.inputData.name+"%\'"; + } + if (bundle.inputData.email) { + if (bundle.inputData.lastname) { + filter += " and "; + } + filter += "t.email like \'"+bundle.inputData.email+"\'"; + } + const response = await z.request({ + url: url, + // this parameter avoid throwing errors and let us manage them + skipThrowForStatus: true, + params: { + sqlfilters: filter + } + }); + //z.console.log(response); + if (response.status != 200) { + return []; + } + return response.json; + }, + + // In cases where Zapier needs to show an example record to the user, but we are unable to get a live example + // from the API, Zapier will fallback to this hard-coded sample. It should reflect the data structure of + // returned records, and have obviously dummy values that we can show to any user. + sample: { + id: 1, + createdAt: 1472069465, + name: 'DOE', + firstname: 'John', + authorId: 1, + directions: '1. Boil Noodles\n2.Serve with sauce', + style: 'italian' + }, + + // If the resource can have fields that are custom on a per-user basis, define a function to fetch the custom + // field definitions. The result will be used to augment the sample. + // outputFields: () => { return []; } + // Alternatively, a static field definition should be provided, to specify labels for the fields + outputFields: [ + { + key: 'id', + type: "integer", + label: 'ID' + }, + {key: 'createdAt', type: "integer", label: 'Created At'}, + {key: 'name', label: 'Name'}, + {key: 'firstname', label: 'Firstname'}, + {key: 'directions', label: 'Directions'}, + {key: 'authorId', type: "integer", label: 'Author ID'}, + { + key: 'style', + label: 'Style' + } + ] + } +}; diff --git a/dev/examples/zapier/searches/member.js b/dev/examples/zapier/searches/member.js new file mode 100644 index 00000000000..f1a84061146 --- /dev/null +++ b/dev/examples/zapier/searches/member.js @@ -0,0 +1,88 @@ +module.exports = { + key: 'member', + + // You'll want to provide some helpful display labels and descriptions + // for users. Zapier will put them into the UX. + noun: 'Member', + display: { + label: 'Find a Member', + description: 'Search for member.' + }, + + // `operation` is where we make the call to your API to do the search + operation: { + // This search only has one search field. Your searches might have just one, or many + // search fields. + inputFields: [ + { + key: 'lastname', + type: 'string', + label: 'Lastname', + helpText: 'Lastname to limit to the search to (i.e. The company or %company%).' + }, + { + key: 'email', + type: 'string', + label: 'Email', + helpText: 'Email to limit to the search to.' + } + ], + + perform: async (z, bundle) => { + const url = bundle.authData.url + '/api/index.php/members/'; + + // Put the search value in a query param. The details of how to build + // a search URL will depend on how your API works. + let filter = ''; + if (bundle.inputData.lastname) { + filter = "t.lastname like \'%" + bundle.inputData.name + "%\'"; + } + if (bundle.inputData.email) { + if (bundle.inputData.lastname) { + filter += " and "; + } + filter += "t.email like \'" + bundle.inputData.email + "\'"; + } + const response = await z.request({ + url: url, + // this parameter avoid throwing errors and let us manage them + skipThrowForStatus: true, + params: { + sqlfilters: filter + } + }); + //z.console.log(response); + if (response.status != 200) { + return []; + } + return response.json; + }, + + // In cases where Zapier needs to show an example record to the user, but we are unable to get a live example + // from the API, Zapier will fallback to this hard-coded sample. It should reflect the data structure of + // returned records, and have obviously dummy values that we can show to any user. + sample: { + id: 1, + createdAt: 1472069465, + name: 'DOE', + firstname: 'John', + authorId: 1, + }, + + // If the resource can have fields that are custom on a per-user basis, define a function to fetch the custom + // field definitions. The result will be used to augment the sample. + // outputFields: () => { return []; } + // Alternatively, a static field definition should be provided, to specify labels for the fields + outputFields: [ + { + key: 'id', + type: "integer", + label: 'ID' + }, + { key: 'createdAt', type: "integer", label: 'Created At' }, + { key: 'name', label: 'Name' }, + { key: 'firstname', label: 'Firstname' }, + { key: 'authorId', type: "integer", label: 'Author ID' }, + ] + } +}; diff --git a/dev/examples/zapier/searches/thirdparty.js b/dev/examples/zapier/searches/thirdparty.js index 8f72b9270e5..e1e6878f5b3 100644 --- a/dev/examples/zapier/searches/thirdparty.js +++ b/dev/examples/zapier/searches/thirdparty.js @@ -19,21 +19,43 @@ module.exports = { type: 'string', label: 'Name', helpText: 'Name to limit to the search to (i.e. The company or %company%).' + }, + { + key: 'email', + type: 'string', + label: 'Email', + helpText: 'Email to limit to the search to.' } ], - perform: (z, bundle) => { + perform: async (z, bundle) => { const url = bundle.authData.url + '/api/index.php/thirdparties/'; // Put the search value in a query param. The details of how to build // a search URL will depend on how your API works. - const options = { - params: { - sqlfilters: "t.nom like \'%"+bundle.inputData.name+"%\'" + let filter = ''; + if (bundle.inputData.name) { + filter = "t.nom like \'%"+bundle.inputData.name+"%\'"; + } + if (bundle.inputData.email) { + if (bundle.inputData.name) { + filter += " and "; } - }; - - return z.request(url, options).then(response => JSON.parse(response.content)); + filter += "t.email like \'"+bundle.inputData.email+"\'"; + } + const response = await z.request({ + url: url, + // this parameter avoid throwing errors and let us manage them + skipThrowForStatus: true, + params: { + sqlfilters: filter + } + }); + //z.console.log(response); + if (response.status != 200) { + return []; + } + return response.json; }, // In cases where Zapier needs to show an example record to the user, but we are unable to get a live example diff --git a/dev/examples/zapier/triggers/contact.js b/dev/examples/zapier/triggers/contact.js new file mode 100644 index 00000000000..2ba3bd226f8 --- /dev/null +++ b/dev/examples/zapier/triggers/contact.js @@ -0,0 +1,171 @@ +const subscribeHook = (z, bundle) => { + // `z.console.log()` is similar to `console.log()`. + z.console.log('suscribing hook!'); + + // bundle.targetUrl has the Hook URL this app should call when an action is created. + const data = { + url: bundle.targetUrl, + event: bundle.event, + module: 'contact', + action: bundle.inputData.action + }; + + const url = bundle.authData.url + '/api/index.php/zapierapi/hook'; + + // You can build requests and our client will helpfully inject all the variables + // you need to complete. You can also register middleware to control this. + const options = { + url: url, + method: 'POST', + body: data, + }; + + // You may return a promise or a normal data structure from any perform method. + return z.request(options).then((response) => JSON.parse(response.content)); +}; + +const unsubscribeHook = (z, bundle) => { + // bundle.subscribeData contains the parsed response JSON from the subscribe + // request made initially. + z.console.log('unsuscribing hook!'); + + // You can build requests and our client will helpfully inject all the variables + // you need to complete. You can also register middleware to control this. + const options = { + url: bundle.authData.url + '/api/index.php/zapierapi/hook/' + bundle.subscribeData.id, + method: 'DELETE', + }; + + // You may return a promise or a normal data structure from any perform method. + return z.request(options).then((response) => JSON.parse(response.content)); +}; + +const getContact = (z, bundle) => { + // bundle.cleanedRequest will include the parsed JSON object (if it's not a + // test poll) and also a .querystring property with the URL's query string. + const contact = { + id: bundle.cleanedRequest.id, + name: bundle.cleanedRequest.name, + name_alias: bundle.cleanedRequest.name_alias, + firstname: bundle.cleanedRequest.firstname, + address: bundle.cleanedRequest.address, + zip: bundle.cleanedRequest.zip, + town: bundle.cleanedRequest.town, + email: bundle.cleanedRequest.email, + phone_pro: bundle.cleanedRequest.phone_pro, + phone_perso: bundle.cleanedRequest.phone_perso, + phone_mobile: bundle.cleanedRequest.phone_mobile, + authorId: bundle.cleanedRequest.authorId, + createdAt: bundle.cleanedRequest.createdAt, + action: bundle.cleanedRequest.action + }; + + return [contact]; +}; + +const getFallbackRealContact = (z, bundle) => { + // For the test poll, you should get some real data, to aid the setup process. + const module = bundle.inputData.module; + const options = { + url: bundle.authData.url + '/api/index.php/contacts/0', + }; + + return z.request(options).then((response) => [JSON.parse(response.content)]); +}; + +// const getModulesChoices = (z/*, bundle*/) => { +// // For the test poll, you should get some real data, to aid the setup process. +// const options = { +// url: bundle.authData.url + '/api/index.php/zapierapi/getmoduleschoices', +// }; + +// return z.request(options).then((response) => JSON.parse(response.content)); +// }; +// const getModulesChoices = () => { +// return { +// orders: "Order", +// invoices: "Invoice", +// contacts: "Contact", +// contacts: "Contacts" +// }; +// }; + +// const getActionsChoices = (z, bundle) => { +// // For the test poll, you should get some real data, to aid the setup process. +// const module = bundle.inputData.module; +// const options = { +// url: url: bundle.authData.url + '/api/index.php/zapierapi/getactionschoices/thirparty`, +// }; + +// return z.request(options).then((response) => JSON.parse(response.content)); +// }; + +// We recommend writing your triggers separate like this and rolling them +// into the App definition at the end. +module.exports = { + key: 'contact', + + // You'll want to provide some helpful display labels and descriptions + // for users. Zapier will put them into the UX. + noun: 'Contact', + display: { + label: 'New Contact', + description: 'Triggers when a new contact action is done in Dolibarr.' + }, + + // `operation` is where the business logic goes. + operation: { + + // `inputFields` can define the fields a user could provide, + // we'll pass them in as `bundle.inputData` later. + inputFields: [ + { + key: 'action', + required: true, + type: 'string', + helpText: 'Which action of contact this should trigger on.', + choices: { + create: "Create", + modify: "Modify", + validate: "Validate", + } + } + ], + + type: 'hook', + + performSubscribe: subscribeHook, + performUnsubscribe: unsubscribeHook, + + perform: getContact, + performList: getFallbackRealContact, + + // In cases where Zapier needs to show an example record to the user, but we are unable to get a live example + // from the API, Zapier will fallback to this hard-coded sample. It should reflect the data structure of + // returned records, and have obviously dummy values that we can show to any user. + sample: { + id: 1, + createdAt: 1472069465, + lastname: 'DOE', + firstname: 'John', + authorId: 1, + action: 'create' + }, + + // If the resource can have fields that are custom on a per-user basis, define a function to fetch the custom + // field definitions. The result will be used to augment the sample. + // outputFields: () => { return []; } + // Alternatively, a static field definition should be provided, to specify labels for the fields + outputFields: [ + {key: 'id', type: "integer", label: 'ID'}, + {key: 'createdAt', label: 'Created At'}, + {key: 'lastname', label: 'Lastname'}, + {key: 'firstname', label: 'Firstname'}, + {key: 'phone', label: 'Phone pro'}, + {key: 'phone_perso', label: 'Phone perso'}, + {key: 'phone_mobile', label: 'Phone mobile'}, + {key: 'authorId', type: "integer", label: 'Author ID'}, + {key: 'action', label: 'Action'} + ] + } +}; diff --git a/dev/examples/zapier/triggers/member.js b/dev/examples/zapier/triggers/member.js new file mode 100644 index 00000000000..3385cdca625 --- /dev/null +++ b/dev/examples/zapier/triggers/member.js @@ -0,0 +1,171 @@ +const subscribeHook = (z, bundle) => { + // `z.console.log()` is similar to `console.log()`. + z.console.log('suscribing hook!'); + + // bundle.targetUrl has the Hook URL this app should call when an action is created. + const data = { + url: bundle.targetUrl, + event: bundle.event, + module: 'member', + action: bundle.inputData.action + }; + + const url = bundle.authData.url + '/api/index.php/zapierapi/hook'; + + // You can build requests and our client will helpfully inject all the variables + // you need to complete. You can also register middleware to control this. + const options = { + url: url, + method: 'POST', + body: data, + }; + + // You may return a promise or a normal data structure from any perform method. + return z.request(options).then((response) => JSON.parse(response.content)); +}; + +const unsubscribeHook = (z, bundle) => { + // bundle.subscribeData contains the parsed response JSON from the subscribe + // request made initially. + z.console.log('unsuscribing hook!'); + + // You can build requests and our client will helpfully inject all the variables + // you need to complete. You can also register middleware to control this. + const options = { + url: bundle.authData.url + '/api/index.php/zapierapi/hook/' + bundle.subscribeData.id, + method: 'DELETE', + }; + + // You may return a promise or a normal data structure from any perform method. + return z.request(options).then((response) => JSON.parse(response.content)); +}; + +const getMember = (z, bundle) => { + // bundle.cleanedRequest will include the parsed JSON object (if it's not a + // test poll) and also a .querystring property with the URL's query string. + const member = { + id: bundle.cleanedRequest.id, + name: bundle.cleanedRequest.name, + name_alias: bundle.cleanedRequest.name_alias, + firstname: bundle.cleanedRequest.firstname, + address: bundle.cleanedRequest.address, + zip: bundle.cleanedRequest.zip, + town: bundle.cleanedRequest.town, + email: bundle.cleanedRequest.email, + phone_pro: bundle.cleanedRequest.phone_pro, + phone_perso: bundle.cleanedRequest.phone_perso, + phone_mobile: bundle.cleanedRequest.phone_mobile, + authorId: bundle.cleanedRequest.authorId, + createdAt: bundle.cleanedRequest.createdAt, + action: bundle.cleanedRequest.action + }; + + return [member]; +}; + +const getFallbackRealMember = (z, bundle) => { + // For the test poll, you should get some real data, to aid the setup process. + const module = bundle.inputData.module; + const options = { + url: bundle.authData.url + '/api/index.php/members/0', + }; + + return z.request(options).then((response) => [JSON.parse(response.content)]); +}; + +// const getModulesChoices = (z/*, bundle*/) => { +// // For the test poll, you should get some real data, to aid the setup process. +// const options = { +// url: bundle.authData.url + '/api/index.php/zapierapi/getmoduleschoices', +// }; + +// return z.request(options).then((response) => JSON.parse(response.content)); +// }; +// const getModulesChoices = () => { +// return { +// orders: "Order", +// invoices: "Invoice", +// members: "Member", +// members: "Members" +// }; +// }; + +// const getActionsChoices = (z, bundle) => { +// // For the test poll, you should get some real data, to aid the setup process. +// const module = bundle.inputData.module; +// const options = { +// url: url: bundle.authData.url + '/api/index.php/zapierapi/getactionschoices/thirparty`, +// }; + +// return z.request(options).then((response) => JSON.parse(response.content)); +// }; + +// We recommend writing your triggers separate like this and rolling them +// into the App definition at the end. +module.exports = { + key: 'member', + + // You'll want to provide some helpful display labels and descriptions + // for users. Zapier will put them into the UX. + noun: 'Member', + display: { + label: 'New Member', + description: 'Triggers when a new member action is done in Dolibarr.' + }, + + // `operation` is where the business logic goes. + operation: { + + // `inputFields` can define the fields a user could provide, + // we'll pass them in as `bundle.inputData` later. + inputFields: [ + { + key: 'action', + required: true, + type: 'string', + helpText: 'Which action of member this should trigger on.', + choices: { + create: "Create", + modify: "Modify", + validate: "Validate", + } + } + ], + + type: 'hook', + + performSubscribe: subscribeHook, + performUnsubscribe: unsubscribeHook, + + perform: getMember, + performList: getFallbackRealMember, + + // In cases where Zapier needs to show an example record to the user, but we are unable to get a live example + // from the API, Zapier will fallback to this hard-coded sample. It should reflect the data structure of + // returned records, and have obviously dummy values that we can show to any user. + sample: { + id: 1, + createdAt: 1472069465, + lastname: 'DOE', + firstname: 'John', + authorId: 1, + action: 'create' + }, + + // If the resource can have fields that are custom on a per-user basis, define a function to fetch the custom + // field definitions. The result will be used to augment the sample. + // outputFields: () => { return []; } + // Alternatively, a static field definition should be provided, to specify labels for the fields + outputFields: [ + {key: 'id', type: "integer", label: 'ID'}, + {key: 'createdAt', label: 'Created At'}, + {key: 'lastname', label: 'Lastname'}, + {key: 'firstname', label: 'Firstname'}, + {key: 'phone', label: 'Phone pro'}, + {key: 'phone_perso', label: 'Phone perso'}, + {key: 'phone_mobile', label: 'Phone mobile'}, + {key: 'authorId', type: "integer", label: 'Author ID'}, + {key: 'action', label: 'Action'} + ] + } +}; diff --git a/dev/examples/zapier/triggers/thirdparty.js b/dev/examples/zapier/triggers/thirdparty.js index 4656f836e74..76194acbc9a 100644 --- a/dev/examples/zapier/triggers/thirdparty.js +++ b/dev/examples/zapier/triggers/thirdparty.js @@ -56,6 +56,12 @@ const getThirdparty = (z, bundle) => { fournisseur: bundle.cleanedRequest.fournisseur, code_client: bundle.cleanedRequest.code_client, code_fournisseur: bundle.cleanedRequest.code_fournisseur, + idprof1: bundle.cleanedRequest.idprof1, + idprof2: bundle.cleanedRequest.idprof2, + idprof3: bundle.cleanedRequest.idprof3, + idprof4: bundle.cleanedRequest.idprof4, + idprof5: bundle.cleanedRequest.idprof5, + idprof6: bundle.cleanedRequest.idprof6, authorId: bundle.cleanedRequest.authorId, createdAt: bundle.cleanedRequest.createdAt, action: bundle.cleanedRequest.action @@ -112,7 +118,7 @@ module.exports = { noun: 'Thirdparty', display: { label: 'New Thirdparty', - description: 'Triggers when a new thirdpaty action is done in Dolibarr.' + description: 'Triggers when a new thirdparty action is done in Dolibarr.' }, // `operation` is where the business logic goes. @@ -170,7 +176,13 @@ module.exports = { {key: 'client', label: 'Customer/Prospect 0/1/2/3'}, {key: 'fournisseur', label: 'Supplier 0/1'}, {key: 'code_client', label: 'Customer code'}, - {key: 'code_fournisseur', label: 'Supplier code'} + {key: 'code_fournisseur', label: 'Supplier code'}, + {key: 'idprof1', label: 'Id Prof 1'}, + {key: 'idprof2', label: 'Id Prof 2'}, + {key: 'idprof3', label: 'Id Prof 3'}, + {key: 'idprof4', label: 'Id Prof 4'}, + {key: 'idprof5', label: 'Id Prof 5'}, + {key: 'idprof6', label: 'Id Prof 6'} ] } }; diff --git a/dev/initdemo/mysqldump_dolibarr_3.5.0.sql b/dev/initdemo/mysqldump_dolibarr_3.5.0.sql index 46053d1a187..252643afb59 100644 --- a/dev/initdemo/mysqldump_dolibarr_3.5.0.sql +++ b/dev/initdemo/mysqldump_dolibarr_3.5.0.sql @@ -5503,7 +5503,7 @@ CREATE TABLE `llx_product` ( LOCK TABLES `llx_product` WRITE; /*!40000 ALTER TABLE `llx_product` DISABLE KEYS */; -INSERT INTO `llx_product` VALUES (1,'2010-07-08 14:33:17','2013-03-12 09:30:24',0,0,'PIDRESS',1,NULL,'Pink dress','A beatifull pink dress','',NULL,NULL,100.00000000,112.50000000,90.00000000,101.25000000,'HT',12.500,0,0.000,0.000,1,1,1,0,'',20,NULL,0,'','',NULL,100,0,NULL,0,NULL,0,NULL,0,2,0.00000000,NULL,1,0,NULL,0),(2,'2010-07-09 00:30:01','2013-01-19 17:31:58',0,0,'Product_P1',1,NULL,'Product P1','','','',32,0.00000000,0.00000000,0.00000000,0.00000000,'HT',12.500,0,0.000,0.000,1,1,1,0,'',NULL,NULL,0,'','',NULL,NULL,0,NULL,0,NULL,0,NULL,0,998,0.00000000,NULL,0,0,NULL,0),(3,'2010-07-09 00:30:25','2012-12-08 13:11:14',0,0,'Service_S1',1,NULL,'Service S1','','',NULL,NULL,0.00000000,0.00000000,0.00000000,0.00000000,'HT',12.500,0,0.000,0.000,1,1,1,1,'1m',NULL,NULL,0,'','',NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,0.00000000,NULL,0,0,NULL,0),(4,'2010-07-10 14:44:06','2013-01-19 17:22:48',0,0,'DECAP',1,NULL,'Decapsuleur','','',NULL,NULL,5.00000000,5.62500000,0.00000000,0.00000000,'HT',12.500,0,0.000,0.000,1,1,1,0,'',NULL,NULL,0,'','',NULL,2,-3,NULL,0,NULL,0,NULL,0,1001,10.00000000,NULL,1,0,NULL,0),(5,'2011-07-20 23:11:38','2011-07-27 17:02:59',0,0,'aaaa',1,NULL,'aaaa','cccc','bbbb','',NULL,10.00000000,11.96000000,0.00000000,0.00000000,'HT',19.600,0,0.000,0.000,1,1,1,0,'',NULL,NULL,0,'','',NULL,NULL,0,NULL,0,NULL,0,NULL,0,NULL,0.00000000,'',1,0,NULL,0),(6,'2011-07-29 22:16:44','2011-07-29 20:16:44',0,0,'Copy_of_aaaa',1,NULL,'aaaa','cccc','bbbb','',NULL,10.00000000,11.96000000,0.00000000,0.00000000,'HT',19.600,0,0.000,0.000,1,0,1,0,'',NULL,NULL,0,'','',NULL,NULL,0,NULL,0,NULL,0,NULL,0,NULL,0.00000000,'',1,0,NULL,0),(7,'2011-07-29 22:31:21','2011-07-29 20:31:21',0,0,'Copy_of_Copy_of_aaaa',1,NULL,'aaaa','cccc','bbbb','',NULL,10.00000000,11.96000000,0.00000000,0.00000000,'HT',19.600,0,0.000,0.000,1,0,0,0,'',NULL,NULL,0,'','',NULL,NULL,0,NULL,0,NULL,0,NULL,0,NULL,0.00000000,'',1,0,NULL,0),(8,'2011-07-29 22:46:54','2011-07-29 20:46:54',0,0,'Copy_of_Copy_of_Copy_of_aaaa',1,NULL,'aaaa','cccc','bbbb','',NULL,10.00000000,11.96000000,0.00000000,0.00000000,'HT',19.600,0,0.000,0.000,1,0,0,0,'',NULL,NULL,0,'','',NULL,NULL,0,NULL,0,NULL,0,NULL,0,NULL,0.00000000,'',1,0,NULL,0),(10,'2008-12-31 00:00:00','2012-12-08 13:11:14',0,0,'PR123456',1,NULL,'My product','This is a description example for record','Some note',NULL,NULL,100.00000000,110.00000000,0.00000000,0.00000000,'HT',10.000,0,0.000,0.000,NULL,0,0,0,'1y',0,NULL,0,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,0.00000000,NULL,NULL,0,'20110729232310',0),(11,'2013-01-13 20:24:42','2013-01-19 17:22:48',0,0,'gh',1,NULL,'hfghf','','','',NULL,0.00000000,0.00000000,0.00000000,0.00000000,'HT',0.000,0,0.000,0.000,1,1,1,0,'',NULL,NULL,0,'','',NULL,NULL,0,NULL,0,NULL,0,NULL,0,-1,0.00000000,'',1,0,NULL,0); +INSERT INTO `llx_product` VALUES (1,'2010-07-08 14:33:17','2013-03-12 09:30:24',0,0,'PINKDRESS',1,NULL,'Pink dress','A beatifull pink dress','',NULL,NULL,100.00000000,112.50000000,90.00000000,101.25000000,'HT',12.500,0,0.000,0.000,1,1,1,0,'',20,NULL,0,'','',NULL,100,0,NULL,0,NULL,0,NULL,0,2,0.00000000,NULL,1,0,NULL,0),(2,'2010-07-09 00:30:01','2013-01-19 17:31:58',0,0,'Product_P1',1,NULL,'Product P1','','','',32,0.00000000,0.00000000,0.00000000,0.00000000,'HT',12.500,0,0.000,0.000,1,1,1,0,'',NULL,NULL,0,'','',NULL,NULL,0,NULL,0,NULL,0,NULL,0,998,0.00000000,NULL,0,0,NULL,0),(3,'2010-07-09 00:30:25','2012-12-08 13:11:14',0,0,'Service_S1',1,NULL,'Service S1','','',NULL,NULL,0.00000000,0.00000000,0.00000000,0.00000000,'HT',12.500,0,0.000,0.000,1,1,1,1,'1m',NULL,NULL,0,'','',NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,0.00000000,NULL,0,0,NULL,0),(4,'2010-07-10 14:44:06','2013-01-19 17:22:48',0,0,'DECAP',1,NULL,'Decapsuleur','','',NULL,NULL,5.00000000,5.62500000,0.00000000,0.00000000,'HT',12.500,0,0.000,0.000,1,1,1,0,'',NULL,NULL,0,'','',NULL,2,-3,NULL,0,NULL,0,NULL,0,1001,10.00000000,NULL,1,0,NULL,0),(5,'2011-07-20 23:11:38','2011-07-27 17:02:59',0,0,'aaaa',1,NULL,'aaaa','cccc','bbbb','',NULL,10.00000000,11.96000000,0.00000000,0.00000000,'HT',19.600,0,0.000,0.000,1,1,1,0,'',NULL,NULL,0,'','',NULL,NULL,0,NULL,0,NULL,0,NULL,0,NULL,0.00000000,'',1,0,NULL,0),(6,'2011-07-29 22:16:44','2011-07-29 20:16:44',0,0,'Copy_of_aaaa',1,NULL,'aaaa','cccc','bbbb','',NULL,10.00000000,11.96000000,0.00000000,0.00000000,'HT',19.600,0,0.000,0.000,1,0,1,0,'',NULL,NULL,0,'','',NULL,NULL,0,NULL,0,NULL,0,NULL,0,NULL,0.00000000,'',1,0,NULL,0),(7,'2011-07-29 22:31:21','2011-07-29 20:31:21',0,0,'Copy_of_Copy_of_aaaa',1,NULL,'aaaa','cccc','bbbb','',NULL,10.00000000,11.96000000,0.00000000,0.00000000,'HT',19.600,0,0.000,0.000,1,0,0,0,'',NULL,NULL,0,'','',NULL,NULL,0,NULL,0,NULL,0,NULL,0,NULL,0.00000000,'',1,0,NULL,0),(8,'2011-07-29 22:46:54','2011-07-29 20:46:54',0,0,'Copy_of_Copy_of_Copy_of_aaaa',1,NULL,'aaaa','cccc','bbbb','',NULL,10.00000000,11.96000000,0.00000000,0.00000000,'HT',19.600,0,0.000,0.000,1,0,0,0,'',NULL,NULL,0,'','',NULL,NULL,0,NULL,0,NULL,0,NULL,0,NULL,0.00000000,'',1,0,NULL,0),(10,'2008-12-31 00:00:00','2012-12-08 13:11:14',0,0,'PR123456',1,NULL,'My product','This is a description example for record','Some note',NULL,NULL,100.00000000,110.00000000,0.00000000,0.00000000,'HT',10.000,0,0.000,0.000,NULL,0,0,0,'1y',0,NULL,0,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,0.00000000,NULL,NULL,0,'20110729232310',0),(11,'2013-01-13 20:24:42','2013-01-19 17:22:48',0,0,'gh',1,NULL,'hfghf','','','',NULL,0.00000000,0.00000000,0.00000000,0.00000000,'HT',0.000,0,0.000,0.000,1,1,1,0,'',NULL,NULL,0,'','',NULL,NULL,0,NULL,0,NULL,0,NULL,0,-1,0.00000000,'',1,0,NULL,0); /*!40000 ALTER TABLE `llx_product` ENABLE KEYS */; UNLOCK TABLES; diff --git a/htdocs/accountancy/admin/accountmodel.php b/htdocs/accountancy/admin/accountmodel.php index f0fd9702009..0f4d538cfac 100644 --- a/htdocs/accountancy/admin/accountmodel.php +++ b/htdocs/accountancy/admin/accountmodel.php @@ -609,10 +609,12 @@ if ($id) { print ''; if ($num) { + $i = 0; // Lines with values while ($i < $num) { $obj = $db->fetch_object($resql); //print_r($obj); + print ''; if ($action == 'edit' && ($rowid == (!empty($obj->rowid) ? $obj->rowid : $obj->code))) { print '
'; @@ -708,6 +710,7 @@ if ($id) { print "\n"; } + $i++; } } diff --git a/htdocs/accountancy/admin/categories_list.php b/htdocs/accountancy/admin/categories_list.php index c5091ef4207..9a8a84893fe 100644 --- a/htdocs/accountancy/admin/categories_list.php +++ b/htdocs/accountancy/admin/categories_list.php @@ -444,7 +444,7 @@ if ($search_country_id > 0) { } else { $sql .= " WHERE "; } - $sql .= " (a.fk_country = ".$search_country_id." OR a.fk_country = 0)"; + $sql .= " (a.fk_country = ".((int) $search_country_id)." OR a.fk_country = 0)"; } // If sort order is "country", we use country_code instead diff --git a/htdocs/accountancy/bookkeeping/balance.php b/htdocs/accountancy/bookkeeping/balance.php index 75283667fcb..7d6d71d49a8 100644 --- a/htdocs/accountancy/bookkeeping/balance.php +++ b/htdocs/accountancy/bookkeeping/balance.php @@ -68,7 +68,9 @@ if ($search_accountancy_code_end == - 1) { $search_accountancy_code_end = ''; } +// Initialize technical object to manage hooks of page. Note that conf->hooks_modules contains array of hook context $object = new BookKeeping($db); +$hookmanager->initHooks(array('balancelist')); // Note that conf->hooks_modules contains array $formaccounting = new FormAccounting($db); $formother = new FormOther($db); @@ -155,16 +157,23 @@ if (empty($user->rights->accounting->mouvements->lire)) { * Action */ -if (GETPOST('button_removefilter_x', 'alpha') || GETPOST('button_removefilter.x', 'alpha') || GETPOST('button_removefilter', 'alpha')) { // All tests are required to be compatible with all browsers - $show_subgroup = ''; - $search_date_start = ''; - $search_date_end = ''; - $search_accountancy_code_start = ''; - $search_accountancy_code_end = ''; - $search_ledger_code = array(); - $filter = array(); +$parameters = array('socid'=>$socid); +$reshook = $hookmanager->executeHooks('doActions', $parameters, $object, $action); // Note that $action and $object may have been modified by some hooks +if ($reshook < 0) { + setEventMessages($hookmanager->error, $hookmanager->errors, 'errors'); } +if (empty($reshook)) { + if (GETPOST('button_removefilter_x', 'alpha') || GETPOST('button_removefilter.x', 'alpha') || GETPOST('button_removefilter', 'alpha')) { // All tests are required to be compatible with all browsers + $show_subgroup = ''; + $search_date_start = ''; + $search_date_end = ''; + $search_accountancy_code_start = ''; + $search_accountancy_code_end = ''; + $search_ledger_code = array(); + $filter = array(); + } +} /* * View @@ -183,11 +192,11 @@ if ($action == 'export_csv') { } foreach ($object->lines as $line) { - print length_accountg($line->numero_compte).$sep; - print $object->get_compte_desc($line->numero_compte).$sep; - print price($line->debit).$sep; - print price($line->credit).$sep; - print price($line->debit - $line->credit).$sep; + print '"'.length_accountg($line->numero_compte).'"'.$sep; + print '"'.$object->get_compte_desc($line->numero_compte).'"'.$sep; + print '"'.price($line->debit).'"'.$sep; + print '"'.price($line->credit).'"'.$sep; + print '"'.price($line->debit - $line->credit).'"'.$sep; print "\n"; } @@ -226,22 +235,28 @@ if ($action != 'export_csv') { print ''; print ''; - $button = 'global->ACCOUNTING_EXPORT_FORMAT.')" />'; + $parameters = array(); + $reshook = $hookmanager->executeHooks('addMoreActionsButtons', $parameters, $object, $action); // Note that $action and $object may have been modified by hook + if (empty($reshook)) { + $button = 'global->ACCOUNTING_EXPORT_FORMAT.')" />'; - print ''; + '; + } print_barre_liste($title_page, $page, $_SERVER["PHP_SELF"], $param, $sortfield, $sortorder, $button, $result, $nbtotalofrecords, 'title_accountancy', 0, '', '', $limit); + $selectedfields = ''; + $moreforfilter = ''; $moreforfilter .= '
'; @@ -283,12 +298,18 @@ if ($action != 'export_csv') { print ' '; print $formaccounting->select_account($search_accountancy_code_end, 'search_accountancy_code_end', $langs->trans('to'), array(), 1, 1, '', 'accounts'); print ''; - print ''; + + // Fields from hook + $parameters = array('arrayfields'=>$arrayfields); + $reshook = $hookmanager->executeHooks('printFieldListOption', $parameters, $object); // Note that $action and $object may have been modified by hook + print $hookmanager->resPrint; + + // Action column + print ''; $searchpicto = $form->showFilterButtons(); print $searchpicto; print ''; - - print ''; + print ''."\n"; print ''; print_liste_field_titre("AccountAccounting", $_SERVER['PHP_SELF'], "t.numero_compte", "", $param, "", $sortfield, $sortorder); @@ -298,8 +319,14 @@ if ($action != 'export_csv') { print_liste_field_titre("Debit", $_SERVER['PHP_SELF'], "t.debit", "", $param, 'class="right"', $sortfield, $sortorder); print_liste_field_titre("Credit", $_SERVER['PHP_SELF'], "t.credit", "", $param, 'class="right"', $sortfield, $sortorder); print_liste_field_titre("Balance", $_SERVER["PHP_SELF"], "", $param, "", 'class="right"', $sortfield, $sortorder); - print_liste_field_titre('', $_SERVER["PHP_SELF"], "", $param, "", 'width="60" class="center"', $sortfield, $sortorder); - print "\n"; + + // Hook fields + $parameters = array('arrayfields'=>$arrayfields, 'param'=>$param, 'sortfield'=>$sortfield, 'sortorder'=>$sortorder); + $reshook = $hookmanager->executeHooks('printFieldListTitle', $parameters, $object); // Note that $action and $object may have been modified by hook + print $hookmanager->resPrint; + // Action column + print getTitleFieldOfList($selectedfields, 0, $_SERVER["PHP_SELF"], '', '', '', '', $sortfield, $sortorder, 'center maxwidthsearch ')."\n"; + print ''."\n"; $total_debit = 0; $total_credit = 0; @@ -374,14 +401,14 @@ if ($action != 'export_csv') { print ''; print ''.$langs->trans("SubTotal").':'; if (!empty($conf->global->ACCOUNTANCY_SHOW_OPENING_BALANCE)) { - print ''.price($sous_total_opening_balance).''; + print ''.price($sous_total_opening_balance).''; } - print ''.price($sous_total_debit).''; - print ''.price($sous_total_credit).''; + print ''.price($sous_total_debit).''; + print ''.price($sous_total_credit).''; if (!empty($conf->global->ACCOUNTANCY_SHOW_OPENING_BALANCE)) { - print ''.price(price2num($sous_total_opening_balance + $sous_total_debit - $sous_total_credit)).''; + print ''.price(price2num($sous_total_opening_balance + $sous_total_debit - $sous_total_credit)).''; } else { - print ''.price(price2num($sous_total_debit - $sous_total_credit)).''; + print ''.price(price2num($sous_total_debit - $sous_total_credit)).''; } print "\n"; print ''; @@ -416,14 +443,14 @@ if ($action != 'export_csv') { } } // Debit - print ''.price($line->debit).''; + print ''.price($line->debit).''; // Credit - print ''.price($line->credit).''; + print ''.price($line->credit).''; if (!empty($conf->global->ACCOUNTANCY_SHOW_OPENING_BALANCE)) { - print ''.price(price2num($opening_balance + $line->debit - $line->credit, 'MT')).''; + print ''.price(price2num($opening_balance + $line->debit - $line->credit, 'MT')).''; } else { - print ''.price(price2num($line->debit - $line->credit, 'MT')).''; + print ''.price(price2num($line->debit - $line->credit, 'MT')).''; } print ''; print $link; @@ -441,12 +468,12 @@ if ($action != 'export_csv') { if (!empty($conf->global->ACCOUNTANCY_SHOW_OPENING_BALANCE)) { print ''.price($sous_total_opening_balance).''; } - print ''.price($sous_total_debit).''; - print ''.price($sous_total_credit).''; + print ''.price($sous_total_debit).''; + print ''.price($sous_total_credit).''; if (!empty($conf->global->ACCOUNTANCY_SHOW_OPENING_BALANCE)) { - print '' . price(price2num($sous_total_opening_balance + $sous_total_debit - $sous_total_credit, 'MT')) . ''; + print '' . price(price2num($sous_total_opening_balance + $sous_total_debit - $sous_total_credit, 'MT')) . ''; } else { - print '' . price(price2num($sous_total_debit - $sous_total_credit, 'MT')) . ''; + print '' . price(price2num($sous_total_debit - $sous_total_credit, 'MT')) . ''; } print "\n"; print ''; @@ -456,8 +483,8 @@ if ($action != 'export_csv') { if (!empty($conf->global->ACCOUNTANCY_SHOW_OPENING_BALANCE)) { print ''.price($total_opening_balance).''; } - print ''.price($total_debit).''; - print ''.price($total_credit).''; + print ''.price($total_debit).''; + print ''.price($total_credit).''; if (!empty($conf->global->ACCOUNTANCY_SHOW_OPENING_BALANCE)) { print '' . price(price2num($total_opening_balance + $total_debit - $total_credit, 'MT')) . ''; } else { diff --git a/htdocs/accountancy/bookkeeping/card.php b/htdocs/accountancy/bookkeeping/card.php index f91b1821df4..4c7194b2255 100644 --- a/htdocs/accountancy/bookkeeping/card.php +++ b/htdocs/accountancy/bookkeeping/card.php @@ -1,7 +1,7 @@ * Copyright (C) 2013-2017 Florian Henry - * Copyright (C) 2013-2018 Alexandre Spangaro + * Copyright (C) 2013-2021 Alexandre Spangaro * Copyright (C) 2017 Laurent Destailleur * Copyright (C) 2018-2020 Frédéric France * @@ -537,6 +537,22 @@ if ($action == 'create') { print ''; print ''; + // Date document creation + print ''; + print ''.$langs->trans("DateExport").''; + print ''; + print $object->date_export ? dol_print_date($object->date_export, 'dayhour') : ' '; + print ''; + print ''; + + // Date document creation + print ''; + print ''.$langs->trans("DateValidation").''; + print ''; + print $object->date_validation ? dol_print_date($object->date_validation, 'dayhour') : ' '; + print ''; + print ''; + // Validate /* print ''; @@ -619,7 +635,9 @@ if ($action == 'create') { print_liste_field_titre("LabelOperation"); print_liste_field_titre("Debit", "", "", "", "", 'class="right"'); print_liste_field_titre("Credit", "", "", "", "", 'class="right"'); - print_liste_field_titre("Action", "", "", "", "", 'width="60" class="center"'); + if (empty($object->date_validation)) { + print_liste_field_titre("Action", "", "", "", "", 'width="60" class="center"'); + } print "\n"; @@ -662,21 +680,25 @@ if ($action == 'create') { } print ''; print ''.$line->label_operation.''; - print ''.price($line->debit).''; - print ''.price($line->credit).''; + print ''.price($line->debit).''; + print ''.price($line->credit).''; - print ''; - print 'id.'&piece_num='.urlencode($line->piece_num).'&mode='.urlencode($mode).'&token='.urlencode(newToken()).'">'; - print img_edit('', 0, 'class="marginrightonly"'); - print '  '; - - $actiontodelete = 'delete'; - if ($mode == '_tmp' || $action != 'delmouv') { - $actiontodelete = 'confirm_delete'; + if (empty($line->date_export) || empty($line->date_validation)) { + print ''; + print 'id . '&piece_num=' . urlencode($line->piece_num) . '&mode=' . urlencode($mode) . '&token=' . urlencode(newToken()) . '">'; + print img_edit('', 0, 'class="marginrightonly"'); + print '  '; } - print ''; - print img_delete(); + if (empty($line->date_validation)) { + $actiontodelete = 'delete'; + if ($mode == '_tmp' || $action != 'delmouv') { + $actiontodelete = 'confirm_delete'; + } + + print ''; + print img_delete(); + } print ''; print ''; @@ -691,32 +713,33 @@ if ($action == 'create') { setEventMessages(null, array($langs->trans('MvtNotCorrectlyBalanced', $total_debit, $total_credit)), 'warnings'); } - if ($action == "" || $action == 'add') { - print ''; - print ''; - print ''; - print $formaccounting->select_account('', 'accountingaccount_number', 1, array(), 1, 1, ''); - print ''; - print ''; - // TODO For the moment we keep a free input text instead of a combo. The select_auxaccount has problem because: - // It does not use the setup of "key pressed" to select a thirdparty and this hang browser on large databases. - // Also, it is not possible to use a value that is not in the list. - // Also, the label is not automatically filled when a value is selected. - if (!empty($conf->global->ACCOUNTANCY_COMBO_FOR_AUX)) { - print $formaccounting->select_auxaccount('', 'subledger_account', 1); - } else { - print ''; + if (empty($object->date_export) || empty($object->date_validation)) { + if ($action == "" || $action == 'add') { + print ''; + print ''; + print ''; + print $formaccounting->select_account('', 'accountingaccount_number', 1, array(), 1, 1, ''); + print ''; + print ''; + // TODO For the moment we keep a free input text instead of a combo. The select_auxaccount has problem because: + // It does not use the setup of "key pressed" to select a thirdparty and this hang browser on large databases. + // Also, it is not possible to use a value that is not in the list. + // Also, the label is not automatically filled when a value is selected. + if (!empty($conf->global->ACCOUNTANCY_COMBO_FOR_AUX)) { + print $formaccounting->select_auxaccount('', 'subledger_account', 1); + } else { + print ''; + } + print '
'; + print ''; + print ''; + print ''; + print ''; + print ''; + print ''; } - print '
'; - print ''; - print ''; - print ''; - print ''; - print ''; - print ''; + print ''; } - print ''; - if ($mode == '_tmp' && $action == '') { print '
'; diff --git a/htdocs/accountancy/bookkeeping/list.php b/htdocs/accountancy/bookkeeping/list.php index a8a24e67d9d..a70bb710937 100644 --- a/htdocs/accountancy/bookkeeping/list.php +++ b/htdocs/accountancy/bookkeeping/list.php @@ -1,7 +1,7 @@ * Copyright (C) 2013-2016 Florian Henry - * Copyright (C) 2013-2020 Alexandre Spangaro + * Copyright (C) 2013-2021 Alexandre Spangaro * Copyright (C) 2016-2017 Laurent Destailleur * Copyright (C) 2018-2021 Frédéric France * @@ -44,15 +44,47 @@ $action = GETPOST('action', 'aZ09'); $search_mvt_num = GETPOST('search_mvt_num', 'int'); $search_doc_type = GETPOST("search_doc_type", 'alpha'); $search_doc_ref = GETPOST("search_doc_ref", 'alpha'); -$search_date_start = dol_mktime(0, 0, 0, GETPOST('search_date_startmonth', 'int'), GETPOST('search_date_startday', 'int'), GETPOST('search_date_startyear', 'int')); -$search_date_end = dol_mktime(23, 59, 59, GETPOST('search_date_endmonth', 'int'), GETPOST('search_date_endday', 'int'), GETPOST('search_date_endyear', 'int')); +$search_date_startyear = GETPOST('search_date_startyear', 'int'); +$search_date_startmonth = GETPOST('search_date_startmonth', 'int'); +$search_date_startday = GETPOST('search_date_startday', 'int'); +$search_date_endyear = GETPOST('search_date_endyear', 'int'); +$search_date_endmonth = GETPOST('search_date_endmonth', 'int'); +$search_date_endday = GETPOST('search_date_endday', 'int'); +$search_date_start = dol_mktime(0, 0, 0, $search_date_startmonth, $search_date_startday, $search_date_startyear); +$search_date_end = dol_mktime(23, 59, 59, $search_date_endmonth, $search_date_endday, $search_date_endyear); $search_doc_date = dol_mktime(0, 0, 0, GETPOST('doc_datemonth', 'int'), GETPOST('doc_dateday', 'int'), GETPOST('doc_dateyear', 'int')); -$search_date_creation_start = dol_mktime(0, 0, 0, GETPOST('date_creation_startmonth', 'int'), GETPOST('date_creation_startday', 'int'), GETPOST('date_creation_startyear', 'int')); -$search_date_creation_end = dol_mktime(23, 59, 59, GETPOST('date_creation_endmonth', 'int'), GETPOST('date_creation_endday', 'int'), GETPOST('date_creation_endyear', 'int')); -$search_date_modification_start = dol_mktime(0, 0, 0, GETPOST('date_modification_startmonth', 'int'), GETPOST('date_modification_startday', 'int'), GETPOST('date_modification_startyear', 'int')); -$search_date_modification_end = dol_mktime(23, 59, 59, GETPOST('date_modification_endmonth', 'int'), GETPOST('date_modification_endday', 'int'), GETPOST('date_modification_endyear', 'int')); -$search_date_export_start = dol_mktime(0, 0, 0, GETPOST('date_export_startmonth', 'int'), GETPOST('date_export_startday', 'int'), GETPOST('date_export_startyear', 'int')); -$search_date_export_end = dol_mktime(23, 59, 59, GETPOST('date_export_endmonth', 'int'), GETPOST('date_export_endday', 'int'), GETPOST('date_export_endyear', 'int')); +$search_date_creation_startyear = GETPOST('search_date_creation_startyear', 'int'); +$search_date_creation_startmonth = GETPOST('search_date_creation_startmonth', 'int'); +$search_date_creation_startday = GETPOST('search_date_creation_startday', 'int'); +$search_date_creation_endyear = GETPOST('search_date_creation_endyear', 'int'); +$search_date_creation_endmonth = GETPOST('search_date_creation_endmonth', 'int'); +$search_date_creation_endday = GETPOST('search_date_creation_endday', 'int'); +$search_date_creation_start = dol_mktime(0, 0, 0, $search_date_creation_startmonth, $search_date_creation_startday, $search_date_creation_startyear); +$search_date_creation_end = dol_mktime(23, 59, 59, $search_date_creation_endmonth, $search_date_creation_endday, $search_date_creation_endyear); +$search_date_modification_startyear = GETPOST('search_date_modification_startyear', 'int'); +$search_date_modification_startmonth = GETPOST('search_date_modification_startmonth', 'int'); +$search_date_modification_startday = GETPOST('search_date_modification_startday', 'int'); +$search_date_modification_endyear = GETPOST('search_date_modification_endyear', 'int'); +$search_date_modification_endmonth = GETPOST('search_date_modification_endmonth', 'int'); +$search_date_modification_endday = GETPOST('search_date_modification_endday', 'int'); +$search_date_modification_start = dol_mktime(0, 0, 0, $search_date_modification_startmonth, $search_date_modification_startday, $search_date_modification_startyear); +$search_date_modification_end = dol_mktime(23, 59, 59, $search_date_modification_endmonth, $search_date_modification_endday, $search_date_modification_endyear); +$search_date_export_startyear = GETPOST('search_date_export_startyear', 'int'); +$search_date_export_startmonth = GETPOST('search_date_export_startmonth', 'int'); +$search_date_export_startday = GETPOST('search_date_export_startday', 'int'); +$search_date_export_endyear = GETPOST('search_date_export_endyear', 'int'); +$search_date_export_endmonth = GETPOST('search_date_export_endmonth', 'int'); +$search_date_export_endday = GETPOST('search_date_export_endday', 'int'); +$search_date_export_start = dol_mktime(0, 0, 0, $search_date_export_startmonth, $search_date_export_startday, $search_date_export_startyear); +$search_date_export_end = dol_mktime(23, 59, 59, $search_date_export_endmonth, $search_date_export_endday, $search_date_export_endyear); +$search_date_validation_startyear = GETPOST('search_date_validation_startyear', 'int'); +$search_date_validation_startmonth = GETPOST('search_date_validation_startmonth', 'int'); +$search_date_validation_startday = GETPOST('search_date_validation_startday', 'int'); +$search_date_validation_endyear = GETPOST('search_date_validation_endyear', 'int'); +$search_date_validation_endmonth = GETPOST('search_date_validation_endmonth', 'int'); +$search_date_validation_endday = GETPOST('search_date_validation_endday', 'int'); +$search_date_validation_start = dol_mktime(0, 0, 0, $search_date_validation_startmonth, $search_date_validation_startday, $search_date_validation_startyear); +$search_date_validation_end = dol_mktime(23, 59, 59, $search_date_validation_endmonth, $search_date_validation_endday, $search_date_validation_endyear); //var_dump($search_date_start);exit; if (GETPOST("button_delmvt_x") || GETPOST("button_delmvt.x") || GETPOST("button_delmvt")) { @@ -157,6 +189,7 @@ $arrayfields = array( 't.date_creation'=>array('label'=>$langs->trans("DateCreation"), 'checked'=>0), 't.tms'=>array('label'=>$langs->trans("DateModification"), 'checked'=>0), 't.date_export'=>array('label'=>$langs->trans("DateExport"), 'checked'=>1), + 't.date_validated'=>array('label'=>$langs->trans("DateValidation"), 'checked'=>1), ); if (empty($conf->global->ACCOUNTING_ENABLE_LETTERING)) { @@ -216,14 +249,46 @@ if (empty($reshook)) { $search_mvt_label = ''; $search_direction = ''; $search_ledger_code = array(); + $search_date_startyear = ''; + $search_date_startmonth = ''; + $search_date_startday = ''; + $search_date_endyear = ''; + $search_date_endmonth = ''; + $search_date_endday = ''; $search_date_start = ''; $search_date_end = ''; + $search_date_creation_startyear = ''; + $search_date_creation_startmonth = ''; + $search_date_creation_startday = ''; + $search_date_creation_endyear = ''; + $search_date_creation_endmonth = ''; + $search_date_creation_endday = ''; $search_date_creation_start = ''; $search_date_creation_end = ''; + $search_date_modification_startyear = ''; + $search_date_modification_startmonth = ''; + $search_date_modification_startday = ''; + $search_date_modification_endyear = ''; + $search_date_modification_endmonth = ''; + $search_date_modification_endday = ''; $search_date_modification_start = ''; $search_date_modification_end = ''; + $search_date_export_startyear = ''; + $search_date_export_startmonth = ''; + $search_date_export_startday = ''; + $search_date_export_endyear = ''; + $search_date_export_endmonth = ''; + $search_date_export_endday = ''; $search_date_export_start = ''; $search_date_export_end = ''; + $search_date_validation_startyear = ''; + $search_date_validation_startmonth = ''; + $search_date_validation_startday = ''; + $search_date_validation_endyear = ''; + $search_date_validation_endmonth = ''; + $search_date_validation_endday = ''; + $search_date_validation_start = ''; + $search_date_validation_end = ''; $search_debit = ''; $search_credit = ''; $search_lettering_code = ''; @@ -328,6 +393,16 @@ if (empty($reshook)) { $tmp = dol_getdate($search_date_export_end); $param .= '&date_export_endmonth='.urlencode($tmp['mon']).'&date_export_endday='.urlencode($tmp['mday']).'&date_export_endyear='.urlencode($tmp['year']); } + if (!empty($search_date_validation_start)) { + $filter['t.date_validated>='] = $search_date_validation_start; + $tmp = dol_getdate($search_date_validation_start); + $param .= '&date_validation_startmonth='.urlencode($tmp['mon']).'&date_validation_startday='.urlencode($tmp['mday']).'&date_validation_startyear='.urlencode($tmp['year']); + } + if (!empty($search_date_validation_end)) { + $filter['t.date_validated<='] = $search_date_validation_end; + $tmp = dol_getdate($search_date_validation_end); + $param .= '&date_validation_endmonth='.urlencode($tmp['mon']).'&date_validation_endday='.urlencode($tmp['mday']).'&date_validation_endyear='.urlencode($tmp['year']); + } if (!empty($search_debit)) { $filter['t.debit'] = $search_debit; $param .= '&search_debit='.urlencode($search_debit); @@ -447,7 +522,8 @@ $sql .= " t.journal_label,"; $sql .= " t.piece_num,"; $sql .= " t.date_creation,"; $sql .= " t.tms as date_modification,"; -$sql .= " t.date_export"; +$sql .= " t.date_export,"; +$sql .= " t.date_validated as date_validation"; $sql .= ' FROM '.MAIN_DB_PREFIX.$object->table_element.' as t'; // Manage filter $sqlwhere = array(); @@ -471,6 +547,8 @@ if (count($filter) > 0) { $sqlwhere[] = $key.'\''.$db->idate($value).'\''; } elseif ($key == 't.date_export>=' || $key == 't.date_export<=') { $sqlwhere[] = $key.'\''.$db->idate($value).'\''; + } elseif ($key == 't.date_validated>=' || $key == 't.date_validated<=') { + $sqlwhere[] = $key.'\''.$db->idate($value).'\''; } elseif ($key == 't.credit' || $key == 't.debit') { $sqlwhere[] = natural_search($key, $value, 1, 1); } elseif ($key == 't.reconciled_option') { @@ -508,10 +586,13 @@ if ($action == 'export_fileconfirm' && $user->rights->accounting->mouvements->ex $accountancyexport = new AccountancyExport($db); $accountancyexport->export($object->lines, $formatexportset); + $notifiedexportdate = GETPOST('notifiedexportdate', 'alpha'); + $notifiedvalidationdate = GETPOST('notifiedvalidationdate', 'alpha'); + if (!empty($accountancyexport->errors)) { setEventMessages('', $accountancyexport->errors, 'errors'); - } else { - // Specify as export : update field date_export + } elseif (!$notifiedexportdate || !$notifiedvalidationdate) { + // Specify as export : update field date_export or date_validated $error = 0; $db->begin(); @@ -520,8 +601,15 @@ if ($action == 'export_fileconfirm' && $user->rights->accounting->mouvements->ex $now = dol_now(); $sql = " UPDATE ".MAIN_DB_PREFIX."accounting_bookkeeping"; - $sql .= " SET date_export = '".$db->idate($now)."'"; - $sql .= " , date_validated = '".$db->idate($now)."'"; + $sql .= " SET"; + if (!$notifiedexportdate && !$notifiedvalidationdate) { + $sql .= " date_export = '".$db->idate($now)."'"; + $sql .= ", date_validated = '".$db->idate($now)."'"; + } elseif (!$notifiedexportdate) { + $sql .= " date_export = '".$db->idate($now)."'"; + } elseif (!$notifiedvalidationdate) { + $sql .= " date_validated = '".$db->idate($now)."'"; + } $sql .= " WHERE rowid = ".((int) $movement->id); dol_syslog("/accountancy/bookeeping/list.php Function export_file Specify movements as exported sql=".$sql, LOG_DEBUG); @@ -535,11 +623,11 @@ if ($action == 'export_fileconfirm' && $user->rights->accounting->mouvements->ex if (!$error) { $db->commit(); - // setEventMessages($langs->trans("AllExportedMovementsWereRecordedAsExported"), null, 'mesgs'); + // setEventMessages($langs->trans("AllExportedMovementsWereRecordedAsExportedOrValidated"), null, 'mesgs'); } else { $error++; $db->rollback(); - setEventMessages($langs->trans("NotAllExportedMovementsCouldBeRecordedAsExported"), null, 'errors'); + setEventMessages($langs->trans("NotAllExportedMovementsCouldBeRecordedAsExportedOrValidated"), null, 'errors'); } } exit; @@ -587,6 +675,8 @@ if (is_numeric($nbtotalofrecords) && $limit > $nbtotalofrecords) { llxHeader('', $title_page); +$formconfirm = ''; + if ($action == 'export_file') { $form_question = array(); @@ -598,17 +688,15 @@ if ($action == 'export_file') { ); $form_question['notifiedvalidationdate'] = array( 'name' => 'notifiedvalidationdate', - 'type' => 'checkbox', // We don't use select here, the journal_array is already a select html component + 'type' => 'checkbox', 'label' => $langs->trans('NotifiedValidationDate'), 'value' => (!empty($conf->global->ACCOUNTING_DEFAULT_NOT_NOTIFIED_VALIDATION_DATE) ? 'false' : 'true'), ); - $formconfirm = $form->formconfirm($_SERVER["PHP_SELF"].'?'.$param, $langs->trans("ExportFilteredList").' ('.$listofformat[$formatexportset].')', $langs->trans('ConfirmExportFile'), 'export_fileconfirm', $form_question, '', 1, 300); - print $formconfirm; + $formconfirm = $form->formconfirm($_SERVER["PHP_SELF"].'?'.$param, $langs->trans("ExportFilteredList").' ('.$listofformat[$formatexportset].')', $langs->trans('ConfirmExportFile'), 'export_fileconfirm', $form_question, '', 1, 300, 600); } if ($action == 'delmouv') { $formconfirm = $form->formconfirm($_SERVER["PHP_SELF"].'?mvt_num='.GETPOST('mvt_num').$param, $langs->trans('DeleteMvt'), $langs->trans('ConfirmDeleteMvtPartial'), 'delmouvconfirm', '', 0, 1); - print $formconfirm; } if ($action == 'delbookkeepingyear') { $form_question = array(); @@ -648,9 +736,11 @@ if ($action == 'delbookkeepingyear') { ); $formconfirm = $form->formconfirm($_SERVER["PHP_SELF"].'?'.$param, $langs->trans('DeleteMvt'), $langs->trans('ConfirmDeleteMvt', $langs->transnoentitiesnoconv("RegistrationInAccounting")), 'delbookkeepingyearconfirm', $form_question, '', 1, 300); - print $formconfirm; } +// Print form confirm +print $formconfirm; + //$param=''; param started before if (!empty($contextpage) && $contextpage != $_SERVER["PHP_SELF"]) { $param .= '&contextpage='.urlencode($contextpage); @@ -669,6 +759,8 @@ print ''; print ''; +$massactionbutton = ''; + if (count($filter)) { $buttonLabel = $langs->trans("ExportFilteredList"); } else { @@ -701,7 +793,7 @@ if (empty($reshook)) { $newcardbutton .= dolGetButtonTitle($langs->trans('NewAccountingMvt'), '', 'fa fa-plus-circle paddingleft', $url, '', $user->rights->accounting->mouvements->creer); } -print_barre_liste($title_page, $page, $_SERVER["PHP_SELF"], $param, $sortfield, $sortorder, '', $num, $nbtotalofrecords, 'title_accountancy', 0, $newcardbutton, '', $limit, 0, 0, 1); +print_barre_liste($title_page, $page, $_SERVER["PHP_SELF"], $param, $sortfield, $sortorder, $massactionbutton, $num, $nbtotalofrecords, 'title_accountancy', 0, $newcardbutton, '', $limit, 0, 0, 1); $varpage = empty($contextpage) ? $_SERVER["PHP_SELF"] : $contextpage; $selectedfields = $form->multiSelectArrayWithCheckbox('selectedfields', $arrayfields, $varpage); // This also change content of $arrayfields @@ -841,6 +933,17 @@ if (!empty($arrayfields['t.date_export']['checked'])) { print '
'; print ''; } +// Date validation +if (!empty($arrayfields['t.date_validated']['checked'])) { + print ''; + print '
'; + print $form->selectDate($search_date_validation_start, 'date_validation_start', 0, 0, 1, '', 1, 0, 0, '', '', '', '', 1, '', $langs->trans("From")); + print '
'; + print '
'; + print $form->selectDate($search_date_validation_end, 'date_validation_end', 0, 0, 1, '', 1, 0, 0, '', '', '', '', 1, '', $langs->trans("to")); + print '
'; + print ''; +} // Action column print ''; $searchpicto = $form->showFilterButtons(); @@ -892,6 +995,9 @@ if (!empty($arrayfields['t.tms']['checked'])) { if (!empty($arrayfields['t.date_export']['checked'])) { print_liste_field_titre($arrayfields['t.date_export']['label'], $_SERVER['PHP_SELF'], "t.date_export", "", $param, '', $sortfield, $sortorder, 'center '); } +if (!empty($arrayfields['t.date_validated']['checked'])) { + print_liste_field_titre($arrayfields['t.date_validated']['label'], $_SERVER['PHP_SELF'], "t.date_validated", "", $param, '', $sortfield, $sortorder, 'center '); +} print_liste_field_titre($selectedfields, $_SERVER["PHP_SELF"], "", '', '', '', $sortfield, $sortorder, 'center maxwidthsearch '); print "\n"; @@ -934,6 +1040,7 @@ while ($i < min($num, $limit)) { $line->date_creation = $db->jdate($obj->date_creation); $line->date_modification = $db->jdate($obj->date_modification); $line->date_export = $db->jdate($obj->date_export); + $line->date_validation = $db->jdate($obj->date_validation); $total_debit += $line->debit; $total_credit += $line->credit; @@ -1067,7 +1174,7 @@ while ($i < min($num, $limit)) { // Amount debit if (!empty($arrayfields['t.debit']['checked'])) { - print ''.($line->debit != 0 ? price($line->debit) : '').''; + print ''.($line->debit != 0 ? price($line->debit) : '').''; if (!$i) { $totalarray['nbfield']++; } @@ -1079,7 +1186,7 @@ while ($i < min($num, $limit)) { // Amount credit if (!empty($arrayfields['t.credit']['checked'])) { - print ''.($line->credit != 0 ? price($line->credit) : '').''; + print ''.($line->credit != 0 ? price($line->credit) : '').''; if (!$i) { $totalarray['nbfield']++; } @@ -1126,12 +1233,22 @@ while ($i < min($num, $limit)) { } } + // Validated operation date + if (!empty($arrayfields['t.date_validated']['checked'])) { + print ''.dol_print_date($line->date_validation, 'dayhour').''; + if (!$i) { + $totalarray['nbfield']++; + } + } + // Action column print ''; - if (empty($line->date_export)) { + if (empty($line->date_export) || empty($line->date_validation)) { if ($user->rights->accounting->mouvements->creer) { - print ''.img_edit().''; + print '' . img_edit() . ''; } + } + if (empty($line->date_validation)) { if ($user->rights->accounting->mouvements->supprimer) { print ''.img_delete().''; } diff --git a/htdocs/accountancy/bookkeeping/listbyaccount.php b/htdocs/accountancy/bookkeeping/listbyaccount.php index 406664938cc..98c3f14191b 100644 --- a/htdocs/accountancy/bookkeeping/listbyaccount.php +++ b/htdocs/accountancy/bookkeeping/listbyaccount.php @@ -55,7 +55,7 @@ $search_date_export_endyear = GETPOST('search_date_export_endyear', 'int'); $search_date_export_endmonth = GETPOST('search_date_export_endmonth', 'int'); $search_date_export_endday = GETPOST('search_date_export_endday', 'int'); $search_date_export_start = dol_mktime(0, 0, 0, $search_date_export_startmonth, $search_date_export_startday, $search_date_export_startyear); -$search_date_export_end = dol_mktime(0, 0, 0, $search_date_export_endmonth, $search_date_export_endday, $search_date_export_endyear); +$search_date_export_end = dol_mktime(23, 59, 59, $search_date_export_endmonth, $search_date_export_endday, $search_date_export_endyear); $search_accountancy_code = GETPOST("search_accountancy_code"); $search_accountancy_code_start = GETPOST('search_accountancy_code_start', 'alpha'); @@ -807,7 +807,7 @@ while ($i < min($num, $limit)) { // Amount debit if (!empty($arrayfields['t.debit']['checked'])) { - print ''.($line->debit ? price($line->debit) : '').''; + print ''.($line->debit ? price($line->debit) : '').''; if (!$i) { $totalarray['nbfield']++; } @@ -819,7 +819,7 @@ while ($i < min($num, $limit)) { // Amount credit if (!empty($arrayfields['t.credit']['checked'])) { - print ''.($line->credit ? price($line->credit) : '').''; + print ''.($line->credit ? price($line->credit) : '').''; if (!$i) { $totalarray['nbfield']++; } diff --git a/htdocs/accountancy/bookkeeping/listbysubaccount.php b/htdocs/accountancy/bookkeeping/listbysubaccount.php index 129e695de3c..20899c693c6 100644 --- a/htdocs/accountancy/bookkeeping/listbysubaccount.php +++ b/htdocs/accountancy/bookkeeping/listbysubaccount.php @@ -682,7 +682,7 @@ while ($i < min($num, $limit)) { print ""; print ''; if ($line->subledger_account != "" && $line->subledger_account != '-1') { - print $object->get_compte_desc($line->numero_compte).' : '.length_accounta($line->subledger_account); + print $line->subledger_label.' : '.length_accounta($line->subledger_account); } else { // Should not happen: subledger account must be null or a non empty value print ''.$langs->trans("Unknown"); @@ -821,7 +821,7 @@ while ($i < min($num, $limit)) { // Amount debit if (!empty($arrayfields['t.debit']['checked'])) { - print ''.($line->debit ? price($line->debit) : '').''; + print ''.($line->debit ? price($line->debit) : '').''; if (!$i) { $totalarray['nbfield']++; } @@ -833,7 +833,7 @@ while ($i < min($num, $limit)) { // Amount credit if (!empty($arrayfields['t.credit']['checked'])) { - print ''.($line->credit ? price($line->credit) : '').''; + print ''.($line->credit ? price($line->credit) : '').''; if (!$i) { $totalarray['nbfield']++; } diff --git a/htdocs/accountancy/bookkeeping/thirdparty_lettering_customer.php b/htdocs/accountancy/bookkeeping/thirdparty_lettering_customer.php index 8669cae7c2f..29a0171fe08 100644 --- a/htdocs/accountancy/bookkeeping/thirdparty_lettering_customer.php +++ b/htdocs/accountancy/bookkeeping/thirdparty_lettering_customer.php @@ -296,15 +296,15 @@ if ($resql) { print ''; print ''.$langs->trans("Total").':'."\n"; - print ''.price($debit).''; - print ''.price($credit).''; + print ''.price($debit).''; + print ''.price($credit).''; print ''; print "\n"; print ''; print ''.$langs->trans("Balancing").':'."\n"; print ' '; - print ''.price($credit - $debit).''; + print ''.price($credit - $debit).''; print ''; print "\n"; diff --git a/htdocs/accountancy/bookkeeping/thirdparty_lettering_supplier.php b/htdocs/accountancy/bookkeeping/thirdparty_lettering_supplier.php index a73f711e15a..d62a1e9fc25 100644 --- a/htdocs/accountancy/bookkeeping/thirdparty_lettering_supplier.php +++ b/htdocs/accountancy/bookkeeping/thirdparty_lettering_supplier.php @@ -293,15 +293,15 @@ if ($resql) { print ''; print ''.$langs->trans("Total").':'."\n"; - print ''.price($debit).''; - print ''.price($credit).''; + print ''.price($debit).''; + print ''.price($credit).''; print ''; print "\n"; print ''; print ''.$langs->trans("Balancing").':'."\n"; print ' '; - print ''.price($credit - $debit).''; + print ''.price($credit - $debit).''; print ''; print "\n"; diff --git a/htdocs/accountancy/class/accountancycategory.class.php b/htdocs/accountancy/class/accountancycategory.class.php index d8e1598d1ac..77d10516daa 100644 --- a/htdocs/accountancy/class/accountancycategory.class.php +++ b/htdocs/accountancy/class/accountancycategory.class.php @@ -201,7 +201,7 @@ class AccountancyCategory // extends CommonObject $sql .= "entity"; $sql .= ") VALUES ("; if ($this->rowid > 0) { - $sql .= " ".$this->rowid.","; + $sql .= " ".((int) $this->rowid).","; } $sql .= " ".(!isset($this->code) ? 'NULL' : "'".$this->db->escape($this->code)."'").","; $sql .= " ".(!isset($this->label) ? 'NULL' : "'".$this->db->escape($this->label)."'").","; @@ -209,9 +209,9 @@ class AccountancyCategory // extends CommonObject $sql .= " ".(!isset($this->sens) ? 'NULL' : "'".$this->db->escape($this->sens)."'").","; $sql .= " ".(!isset($this->category_type) ? 'NULL' : "'".$this->db->escape($this->category_type)."'").","; $sql .= " ".(!isset($this->formula) ? 'NULL' : "'".$this->db->escape($this->formula)."'").","; - $sql .= " ".(!isset($this->position) ? 'NULL' : $this->db->escape($this->position)).","; - $sql .= " ".(!isset($this->fk_country) ? 'NULL' : $this->db->escape($this->fk_country)).","; - $sql .= " ".(!isset($this->active) ? 'NULL' : $this->db->escape($this->active)); + $sql .= " ".(!isset($this->position) ? 'NULL' : ((int) $this->position)).","; + $sql .= " ".(!isset($this->fk_country) ? 'NULL' : ((int) $this->fk_country)).","; + $sql .= " ".(!isset($this->active) ? 'NULL' : ((int) $this->active)); $sql .= ", ".$conf->entity; $sql .= ")"; @@ -263,7 +263,7 @@ class AccountancyCategory // extends CommonObject if ($id) { $sql .= " WHERE t.rowid = ".((int) $id); } else { - $sql .= " WHERE t.entity IN (".getEntity('c_accounting_category').")"; // Dont't use entity if you use rowid + $sql .= " WHERE t.entity IN (".getEntity('c_accounting_category').")"; // Don't use entity if you use rowid if ($code) { $sql .= " AND t.code = '".$this->db->escape($code)."'"; } elseif ($label) { @@ -675,7 +675,7 @@ class AccountancyCategory // extends CommonObject $sql .= " FROM ".MAIN_DB_PREFIX."c_accounting_category as c"; $sql .= " WHERE c.active = 1"; $sql .= " AND c.entity = ".$conf->entity; - $sql .= " AND (c.fk_country = ".$mysoc->country_id." OR c.fk_country = 0)"; + $sql .= " AND (c.fk_country = ".((int) $mysoc->country_id)." OR c.fk_country = 0)"; $sql .= " AND cat.rowid = t.fk_accounting_category"; $sql .= " AND t.entity = ".$conf->entity; $sql .= " ORDER BY cat.position ASC"; @@ -806,7 +806,7 @@ class AccountancyCategory // extends CommonObject if ($categorytype >= 0) { $sql .= " AND c.category_type = 1"; } - $sql .= " AND (c.fk_country = ".$mysoc->country_id." OR c.fk_country = 0)"; + $sql .= " AND (c.fk_country = ".((int) $mysoc->country_id)." OR c.fk_country = 0)"; $sql .= " ORDER BY c.position ASC"; $resql = $this->db->query($sql); diff --git a/htdocs/accountancy/class/accountancyexport.class.php b/htdocs/accountancy/class/accountancyexport.class.php index f1815386624..f007208cf57 100644 --- a/htdocs/accountancy/class/accountancyexport.class.php +++ b/htdocs/accountancy/class/accountancyexport.class.php @@ -561,9 +561,9 @@ class AccountancyExport $Tab['contrepartie'] = str_repeat(' ', 8); // Force date format : %d%m%y - if (!empty($data->date_echeance)) { - //$Tab['date_echeance'] = dol_print_date($data->date_echeance, $conf->global->ACCOUNTING_EXPORT_DATE); - $Tab['date_echeance'] = dol_print_date($data->date_echeance, '%d%m%y'); // Format must be ddmmyy + if (!empty($data->date_lim_reglement)) { + //$Tab['date_echeance'] = dol_print_date($data->date_lim_reglement, $conf->global->ACCOUNTING_EXPORT_DATE); + $Tab['date_echeance'] = dol_print_date($data->date_lim_reglement, '%d%m%y'); // Format must be ddmmyy } else { $Tab['date_echeance'] = '000000'; } @@ -660,9 +660,9 @@ class AccountancyExport $Tab['code_stat'] = str_repeat(' ', 4); - if (!empty($data->date_echeance)) { - //$Tab['date_echeance'] = dol_print_date($data->date_echeance, $conf->global->ACCOUNTING_EXPORT_DATE); - $Tab['date_echeance'] = dol_print_date($data->date_echeance, '%d%m%Y'); + if (!empty($data->date_lim_reglement)) { + //$Tab['date_echeance'] = dol_print_date($data->date_lim_reglement, $conf->global->ACCOUNTING_EXPORT_DATE); + $Tab['date_echeance'] = dol_print_date($data->date_lim_reglement, '%d%m%Y'); } else { $Tab['date_echeance'] = dol_print_date($data->doc_date, '%d%m%Y'); } diff --git a/htdocs/accountancy/class/accountingaccount.class.php b/htdocs/accountancy/class/accountingaccount.class.php index 28601380ac1..99a0dc0dc48 100644 --- a/htdocs/accountancy/class/accountingaccount.class.php +++ b/htdocs/accountancy/class/accountingaccount.class.php @@ -602,7 +602,7 @@ class AccountingAccount extends CommonObject $sql = "UPDATE ".MAIN_DB_PREFIX."accounting_account "; $sql .= "SET ".$fieldtouse." = '0'"; - $sql .= " WHERE rowid = ".$this->db->escape($id); + $sql .= " WHERE rowid = ".((int) $id); dol_syslog(get_class($this)."::accountDeactivate ".$fieldtouse." sql=".$sql, LOG_DEBUG); $result = $this->db->query($sql); @@ -640,7 +640,7 @@ class AccountingAccount extends CommonObject $sql = "UPDATE ".MAIN_DB_PREFIX."accounting_account"; $sql .= " SET ".$fieldtouse." = '1'"; - $sql .= " WHERE rowid = ".$this->db->escape($id); + $sql .= " WHERE rowid = ".((int) $id); dol_syslog(get_class($this)."::account_activate ".$fieldtouse." sql=".$sql, LOG_DEBUG); $result = $this->db->query($sql); diff --git a/htdocs/accountancy/class/bookkeeping.class.php b/htdocs/accountancy/class/bookkeeping.class.php index 3594bb26fc8..59d74783d04 100644 --- a/htdocs/accountancy/class/bookkeeping.class.php +++ b/htdocs/accountancy/class/bookkeeping.class.php @@ -294,7 +294,7 @@ class BookKeeping extends CommonObject $sql = "SELECT count(*) as nb"; $sql .= " FROM ".MAIN_DB_PREFIX.$this->table_element; $sql .= " WHERE doc_type = '".$this->db->escape($this->doc_type)."'"; - $sql .= " AND fk_doc = ".$this->fk_doc; + $sql .= " AND fk_doc = ".((int) $this->fk_doc); if (!empty($conf->global->ACCOUNTANCY_ENABLE_FKDOCDET)) { // DO NOT USE THIS IN PRODUCTION. This will generate a lot of trouble into reports and will corrupt database (by generating duplicate entries. $sql .= " AND fk_docdet = " . $this->fk_docdet; // This field can be 0 if record is for several lines @@ -312,7 +312,7 @@ class BookKeeping extends CommonObject $sqlnum = "SELECT piece_num"; $sqlnum .= " FROM ".MAIN_DB_PREFIX.$this->table_element; $sqlnum .= " WHERE doc_type = '".$this->db->escape($this->doc_type)."'"; // For example doc_type = 'bank' - $sqlnum .= " AND fk_doc = ".$this->fk_doc; + $sqlnum .= " AND fk_doc = ".((int) $this->fk_doc); if (!empty($conf->global->ACCOUNTANCY_ENABLE_FKDOCDET)) { // fk_docdet is rowid into llx_bank or llx_facturedet or llx_facturefourndet, or ... $sqlnum .= " AND fk_docdet = ".((int) $this->fk_docdet); @@ -728,7 +728,9 @@ class BookKeeping extends CommonObject $sql .= " t.code_journal,"; $sql .= " t.journal_label,"; $sql .= " t.piece_num,"; - $sql .= " t.date_creation"; + $sql .= " t.date_creation,"; + $sql .= " t.date_export,"; + $sql .= " t.date_validated as date_validation"; $sql .= ' FROM '.MAIN_DB_PREFIX.$this->table_element.$mode.' as t'; $sql .= ' WHERE 1 = 1'; $sql .= " AND entity IN (".getEntity('accountancy').")"; @@ -769,6 +771,9 @@ class BookKeeping extends CommonObject $this->journal_label = $obj->journal_label; $this->piece_num = $obj->piece_num; $this->date_creation = $this->db->jdate($obj->date_creation); + $this->date_export = $this->db->jdate($obj->date_export); + $this->date_validation = $this->db->jdate($obj->date_validated); + $this->date_validation = $this->db->jdate($obj->date_validation); } $this->db->free($resql); @@ -834,7 +839,8 @@ class BookKeeping extends CommonObject $sql .= " t.journal_label,"; $sql .= " t.piece_num,"; $sql .= " t.date_creation,"; - $sql .= " t.date_export"; + $sql .= " t.date_export,"; + $sql .= " t.date_validated as date_validation"; // Manage filter $sqlwhere = array(); if (count($filter) > 0) { @@ -853,6 +859,8 @@ class BookKeeping extends CommonObject $sqlwhere[] = $key.'\''.$this->db->idate($value).'\''; } elseif ($key == 't.date_export>=' || $key == 't.date_export<=') { $sqlwhere[] = $key.'\''.$this->db->idate($value).'\''; + } elseif ($key == 't.date_validated>=' || $key == 't.date_validated<=') { + $sqlwhere[] = $key.'\''.$this->db->idate($value).'\''; } elseif ($key == 't.credit' || $key == 't.debit') { $sqlwhere[] = natural_search($key, $value, 1, 1); } elseif ($key == 't.reconciled_option') { @@ -926,6 +934,8 @@ class BookKeeping extends CommonObject $line->piece_num = $obj->piece_num; $line->date_creation = $this->db->jdate($obj->date_creation); $line->date_export = $this->db->jdate($obj->date_export); + $line->date_validation = $this->db->jdate($obj->date_validated); + $line->date_validation = $this->db->jdate($obj->date_validation); $this->lines[] = $line; @@ -987,7 +997,8 @@ class BookKeeping extends CommonObject $sql .= " t.date_creation,"; $sql .= " t.date_lim_reglement,"; $sql .= " t.tms as date_modification,"; - $sql .= " t.date_export"; + $sql .= " t.date_export,"; + $sql .= " t.date_validated as date_validation"; $sql .= ' FROM '.MAIN_DB_PREFIX.$this->table_element.' as t'; // Manage filter $sqlwhere = array(); @@ -1009,6 +1020,8 @@ class BookKeeping extends CommonObject $sqlwhere[] = $key.'\''.$this->db->idate($value).'\''; } elseif ($key == 't.date_export>=' || $key == 't.date_export<=') { $sqlwhere[] = $key.'\''.$this->db->idate($value).'\''; + } elseif ($key == 't.date_validated>=' || $key == 't.date_validated<=') { + $sqlwhere[] = $key.'\''.$this->db->idate($value).'\''; } elseif ($key == 't.credit' || $key == 't.debit') { $sqlwhere[] = natural_search($key, $value, 1, 1); } else { @@ -1068,6 +1081,8 @@ class BookKeeping extends CommonObject $line->date_lim_reglement = $this->db->jdate($obj->date_lim_reglement); $line->date_modification = $this->db->jdate($obj->date_modification); $line->date_export = $this->db->jdate($obj->date_export); + $line->date_validation = $this->db->jdate($obj->date_validated); + $line->date_validation = $this->db->jdate($obj->date_validation); $this->lines[] = $line; @@ -1454,6 +1469,8 @@ class BookKeeping extends CommonObject $sql .= " AND code_journal = '".$this->db->escape($journal)."'"; } $sql .= " AND entity IN (".getEntity('accountancy').")"; + // Exclusion of validated entries at the time of deletion + $sql .= " AND date_validated IS NULL"; // TODO: In a future we must forbid deletion if record is inside a closed fiscal period. @@ -1603,7 +1620,8 @@ class BookKeeping extends CommonObject { global $conf; - $sql = "SELECT piece_num,doc_date,code_journal,journal_label,doc_ref,doc_type,date_creation"; + $sql = "SELECT piece_num, doc_date,code_journal, journal_label, doc_ref, doc_type,"; + $sql .= " date_creation, tms as date_modification, date_export, date_validated as date_validation"; $sql .= " FROM ".MAIN_DB_PREFIX.$this->table_element.$mode; $sql .= " WHERE piece_num = ".$piecenum; $sql .= " AND entity IN (".getEntity('accountancy').")"; @@ -1620,6 +1638,10 @@ class BookKeeping extends CommonObject $this->doc_ref = $obj->doc_ref; $this->doc_type = $obj->doc_type; $this->date_creation = $obj->date_creation; + $this->date_modification = $obj->date_modification; + $this->date_export = $obj->date_export; + $this->date_validation = $obj->date_validated; + $this->date_validation = $obj->date_validation; } else { $this->error = "Error ".$this->db->lasterror(); dol_syslog(__METHOD__.$this->error, LOG_ERR); @@ -1675,7 +1697,8 @@ class BookKeeping extends CommonObject $sql = "SELECT rowid, doc_date, doc_type,"; $sql .= " doc_ref, fk_doc, fk_docdet, thirdparty_code, subledger_account, subledger_label,"; $sql .= " numero_compte, label_compte, label_operation, debit, credit,"; - $sql .= " montant as amount, sens, fk_user_author, import_key, code_journal, journal_label, piece_num, date_creation"; + $sql .= " montant as amount, sens, fk_user_author, import_key, code_journal, journal_label, piece_num,"; + $sql .= " date_creation, tms as date_modification, date_export, date_validated as date_validation"; $sql .= " FROM ".MAIN_DB_PREFIX.$this->table_element.$mode; $sql .= " WHERE piece_num = ".$piecenum; $sql .= " AND entity IN (".getEntity('accountancy').")"; @@ -1708,6 +1731,10 @@ class BookKeeping extends CommonObject $line->journal_label = $obj->journal_label; $line->piece_num = $obj->piece_num; $line->date_creation = $obj->date_creation; + $line->date_modification = $obj->date_modification; + $line->date_export = $obj->date_export; + $line->date_validation = $obj->date_validated; + $line->date_validation = $obj->date_validation; $this->linesmvt[] = $line; } @@ -1735,7 +1762,8 @@ class BookKeeping extends CommonObject $sql = "SELECT rowid, doc_date, doc_type,"; $sql .= " doc_ref, fk_doc, fk_docdet, thirdparty_code, subledger_account, subledger_label,"; $sql .= " numero_compte, label_compte, label_operation, debit, credit,"; - $sql .= " montant as amount, sens, fk_user_author, import_key, code_journal, piece_num"; + $sql .= " montant as amount, sens, fk_user_author, import_key, code_journal, piece_num,"; + $sql .= " date_validated as date_validation"; $sql .= " FROM ".MAIN_DB_PREFIX.$this->table_element; $sql .= " WHERE entity IN (".getEntity('accountancy').")"; @@ -1770,6 +1798,8 @@ class BookKeeping extends CommonObject $line->sens = $obj->sens; $line->code_journal = $obj->code_journal; $line->piece_num = $obj->piece_num; + $line->date_validation = $obj->date_validated; + $line->date_validation = $obj->date_validation; $this->linesexport[] = $line; } @@ -2103,4 +2133,9 @@ class BookKeepingLine * @var integer|string $date_export; */ public $date_export; + + /** + * @var integer|string $date_validation; + */ + public $date_validation; } diff --git a/htdocs/accountancy/closure/index.php b/htdocs/accountancy/closure/index.php index 390c288b606..bcb3d7901f5 100644 --- a/htdocs/accountancy/closure/index.php +++ b/htdocs/accountancy/closure/index.php @@ -29,7 +29,7 @@ require_once DOL_DOCUMENT_ROOT.'/core/class/html.formaccounting.class.php'; require_once DOL_DOCUMENT_ROOT.'/accountancy/class/bookkeeping.class.php'; // Load translation files required by the page -$langs->loadLangs(array("compta", "bills", "other", "main", "accountancy")); +$langs->loadLangs(array("compta", "bills", "other", "accountancy")); $socid = GETPOST('socid', 'int'); diff --git a/htdocs/accountancy/customer/index.php b/htdocs/accountancy/customer/index.php index d33f5e12312..16dea74108e 100644 --- a/htdocs/accountancy/customer/index.php +++ b/htdocs/accountancy/customer/index.php @@ -33,7 +33,7 @@ require_once DOL_DOCUMENT_ROOT.'/core/lib/company.lib.php'; require_once DOL_DOCUMENT_ROOT.'/compta/facture/class/facture.class.php'; // Load translation files required by the page -$langs->loadLangs(array("compta", "bills", "other", "main", "accountancy")); +$langs->loadLangs(array("compta", "bills", "other", "accountancy")); // Security check if (empty($conf->accounting->enabled)) { @@ -319,10 +319,10 @@ if ($resql) { } print ''; for ($i = 2; $i <= 12; $i++) { - print ''.price($row[$i]).''; + print ''.price($row[$i]).''; } - print ''.price($row[13]).''; - print ''.price($row[14]).''; + print ''.price($row[13]).''; + print ''.price($row[14]).''; print ''; } $db->free($resql); @@ -405,10 +405,10 @@ if ($resql) { print ''; for ($i = 2; $i <= 12; $i++) { - print ''.price($row[$i]).''; + print ''.price($row[$i]).''; } - print ''.price($row[13]).''; - print ''.price($row[14]).''; + print ''.price($row[13]).''; + print ''.price($row[14]).''; print ''; } $db->free($resql); @@ -472,9 +472,9 @@ if ($conf->global->MAIN_FEATURES_LEVEL > 0) { // This part of code looks strange while ($row = $db->fetch_row($resql)) { print ''.$row[0].''; for ($i = 1; $i <= 12; $i++) { - print ''.price($row[$i]).''; + print ''.price($row[$i]).''; } - print ''.price($row[13]).''; + print ''.price($row[13]).''; print ''; } $db->free($resql); @@ -533,9 +533,9 @@ if ($conf->global->MAIN_FEATURES_LEVEL > 0) { // This part of code looks strange while ($row = $db->fetch_row($resql)) { print ''.$row[0].''; for ($i = 1; $i <= 12; $i++) { - print ''.price(price2num($row[$i])).''; + print ''.price(price2num($row[$i])).''; } - print ''.price(price2num($row[13])).''; + print ''.price(price2num($row[13])).''; print ''; } $db->free($resql); diff --git a/htdocs/accountancy/customer/lines.php b/htdocs/accountancy/customer/lines.php index 1e6fb660c62..884de9dd232 100644 --- a/htdocs/accountancy/customer/lines.php +++ b/htdocs/accountancy/customer/lines.php @@ -492,7 +492,7 @@ if ($result) { print $form->textwithtooltip(dol_trunc($text, $trunclength), $objp->description); print ''; - print ''.price($objp->total_ht).''; + print ''.price($objp->total_ht).''; print ''.vatrate($objp->tva_tx.($objp->vat_src_code ? ' ('.$objp->vat_src_code.')' : '')).''; diff --git a/htdocs/accountancy/customer/list.php b/htdocs/accountancy/customer/list.php index 4df8d6b9b15..347f5b8c4c2 100644 --- a/htdocs/accountancy/customer/list.php +++ b/htdocs/accountancy/customer/list.php @@ -687,7 +687,7 @@ if ($result) { print $form->textwithtooltip(dol_trunc($text, $trunclength), $objp->description); print ''; - print ''; + print ''; print price($objp->total_ht); print ''; diff --git a/htdocs/accountancy/expensereport/index.php b/htdocs/accountancy/expensereport/index.php index b4e85fd517a..f06dd5f8d6f 100644 --- a/htdocs/accountancy/expensereport/index.php +++ b/htdocs/accountancy/expensereport/index.php @@ -30,7 +30,7 @@ require_once DOL_DOCUMENT_ROOT.'/core/lib/accounting.lib.php'; require_once DOL_DOCUMENT_ROOT.'/expensereport/class/expensereport.class.php'; // Load translation files required by the page -$langs->loadLangs(array("compta", "bills", "other", "main", "accountancy")); +$langs->loadLangs(array("compta", "bills", "other", "accountancy")); $month_start = ($conf->global->SOCIETE_FISCAL_MONTH_START ? ($conf->global->SOCIETE_FISCAL_MONTH_START) : 1); if (GETPOST("year", 'int')) { @@ -210,10 +210,10 @@ if ($resql) { } print ''; for ($i = 2; $i <= 12; $i++) { - print ''.price($row[$i]).''; + print ''.price($row[$i]).''; } - print ''.price($row[13]).''; - print ''.price($row[14]).''; + print ''.price($row[13]).''; + print ''.price($row[14]).''; print ''; } $db->free($resql); @@ -290,10 +290,10 @@ if ($resql) { } print ''; for ($i = 2; $i <= 12; $i++) { - print ''.price($row[$i]).''; + print ''.price($row[$i]).''; } - print ''.price($row[13]).''; - print ''.price($row[14]).''; + print ''.price($row[13]).''; + print ''.price($row[14]).''; print ''; } $db->free($resql); @@ -352,9 +352,9 @@ if ($conf->global->MAIN_FEATURES_LEVEL > 0) { // This part of code looks strange while ($row = $db->fetch_row($resql)) { print ''.$row[0].''; for ($i = 1; $i <= 12; $i++) { - print ''.price($row[$i]).''; + print ''.price($row[$i]).''; } - print ''.price($row[13]).''; + print ''.price($row[13]).''; print ''; } diff --git a/htdocs/accountancy/expensereport/lines.php b/htdocs/accountancy/expensereport/lines.php index df50eaaff87..b262f85367a 100644 --- a/htdocs/accountancy/expensereport/lines.php +++ b/htdocs/accountancy/expensereport/lines.php @@ -388,7 +388,7 @@ if ($result) { print ''; // Amount without taxes - print ''.price($objp->total_ht).''; + print ''.price($objp->total_ht).''; // Vat rate print ''.vatrate($objp->tva_tx.($objp->vat_src_code ? ' ('.$objp->vat_src_code.')' : '')).''; diff --git a/htdocs/accountancy/expensereport/list.php b/htdocs/accountancy/expensereport/list.php index 810f65c68df..d69e78fead2 100644 --- a/htdocs/accountancy/expensereport/list.php +++ b/htdocs/accountancy/expensereport/list.php @@ -434,7 +434,7 @@ if ($result) { print ''; // Amount without taxes - print ''; + print ''; print price($objp->price); print ''; diff --git a/htdocs/accountancy/index.php b/htdocs/accountancy/index.php index d073139a533..6e13a662948 100644 --- a/htdocs/accountancy/index.php +++ b/htdocs/accountancy/index.php @@ -61,7 +61,7 @@ if (empty($user->rights->compta->resultat->lire) && empty($user->rights->account if (GETPOST('addbox')) { // Add box (when submit is done from a form when ajax disabled) require_once DOL_DOCUMENT_ROOT.'/core/class/infobox.class.php'; - $zone = GETPOST('areacode', 'aZ09'); + $zone = GETPOST('areacode', 'int'); $userid = GETPOST('userid', 'int'); $boxorder = GETPOST('boxorder', 'aZ09'); $boxorder .= GETPOST('boxcombo', 'aZ09'); diff --git a/htdocs/accountancy/journal/bankjournal.php b/htdocs/accountancy/journal/bankjournal.php index 76984d55fba..34e533974fc 100644 --- a/htdocs/accountancy/journal/bankjournal.php +++ b/htdocs/accountancy/journal/bankjournal.php @@ -1108,8 +1108,8 @@ if (empty($action) || $action == 'view') { print $reflabel; print ""; print ''.$val["type_payment"].""; - print ''.($mt >= 0 ? price($mt) : '').""; - print ''.($mt < 0 ? price(-$mt) : '').""; + print ''.($mt >= 0 ? price($mt) : '').""; + print ''.($mt < 0 ? price(-$mt) : '').""; print ""; } } @@ -1222,8 +1222,8 @@ if (empty($action) || $action == 'view') { print ""; print "".$reflabel.""; print ''.$val["type_payment"].""; - print ''.($mt < 0 ? price(-$mt) : '').""; - print ''.($mt >= 0 ? price($mt) : '').""; + print ''.($mt < 0 ? price(-$mt) : '').""; + print ''.($mt >= 0 ? price($mt) : '').""; print ""; } } @@ -1259,8 +1259,8 @@ if (empty($action) || $action == 'view') { print ""; print "".$reflabel.""; print ''.$val["type_payment"].""; - print ''.($mt < 0 ? price(-$mt) : '').""; - print ''.($mt >= 0 ? price($mt) : '').""; + print ''.($mt < 0 ? price(-$mt) : '').""; + print ''.($mt >= 0 ? price($mt) : '').""; print ""; } } @@ -1320,7 +1320,7 @@ function getSourceDocRef($val, $typerecord) if ($typerecord == 'payment') { $sqlmid = 'SELECT payfac.fk_facture as id, f.ref as ref'; $sqlmid .= " FROM ".MAIN_DB_PREFIX."paiement_facture as payfac, ".MAIN_DB_PREFIX."facture as f"; - $sqlmid .= " WHERE payfac.fk_facture = f.rowid AND payfac.fk_paiement=".$val["paymentid"]; + $sqlmid .= " WHERE payfac.fk_facture = f.rowid AND payfac.fk_paiement=".((int) $val["paymentid"]); $ref = $langs->transnoentitiesnoconv("Invoice"); } elseif ($typerecord == 'payment_supplier') { $sqlmid = 'SELECT payfac.fk_facturefourn as id, f.ref'; diff --git a/htdocs/accountancy/journal/expensereportsjournal.php b/htdocs/accountancy/journal/expensereportsjournal.php index 0273690ae81..c1a62847b32 100644 --- a/htdocs/accountancy/journal/expensereportsjournal.php +++ b/htdocs/accountancy/journal/expensereportsjournal.php @@ -610,8 +610,8 @@ if (empty($action) || $action == 'view') { $userstatic->id = $tabuser[$key]['id']; $userstatic->name = $tabuser[$key]['name']; print "".$userstatic->getNomUrl(0, 'user', 16).' - '.$accountingaccount->label.""; - print ''.($mt >= 0 ? price($mt) : '').""; - print ''.($mt < 0 ? price(-$mt) : '').""; + print ''.($mt >= 0 ? price($mt) : '').""; + print ''.($mt < 0 ? price(-$mt) : '').""; print ""; } } @@ -644,8 +644,8 @@ if (empty($action) || $action == 'view') { } print ''; print "".$userstatic->getNomUrl(0, 'user', 16).' - '.$langs->trans("SubledgerAccount").""; - print ''.($mt < 0 ? price(-$mt) : '').""; - print ''.($mt >= 0 ? price($mt) : '').""; + print ''.($mt < 0 ? price(-$mt) : '').""; + print ''.($mt >= 0 ? price($mt) : '').""; print ""; } @@ -680,8 +680,8 @@ if (empty($action) || $action == 'view') { print ''; print "".$userstatic->getNomUrl(0, 'user', 16).' - '.$langs->trans("VAT").' '.join(', ', $def_tva[$key][$k]).' %'.($numtax ? ' - Localtax '.$numtax : ''); print ""; - print ''.($mt >= 0 ? price($mt) : '').""; - print ''.($mt < 0 ? price(-$mt) : '').""; + print ''.($mt >= 0 ? price($mt) : '').""; + print ''.($mt < 0 ? price(-$mt) : '').""; print ""; } } diff --git a/htdocs/accountancy/journal/purchasesjournal.php b/htdocs/accountancy/journal/purchasesjournal.php index 2677f8569f2..9b979da37d6 100644 --- a/htdocs/accountancy/journal/purchasesjournal.php +++ b/htdocs/accountancy/journal/purchasesjournal.php @@ -911,8 +911,8 @@ if (empty($action) || $action == 'view') { } print ''; print "".$companystatic->getNomUrl(0, 'supplier', 16).' - '.$invoicestatic->ref_supplier.' - '.$langs->trans("SubledgerAccount").""; - print ''.($mt < 0 ? price(-$mt) : '').""; - print ''.($mt >= 0 ? price($mt) : '').""; + print ''.($mt < 0 ? price(-$mt) : '').""; + print ''.($mt >= 0 ? price($mt) : '').""; print ""; } @@ -940,8 +940,8 @@ if (empty($action) || $action == 'view') { $companystatic->id = $tabcompany[$key]['id']; $companystatic->name = $tabcompany[$key]['name']; print "".$companystatic->getNomUrl(0, 'supplier', 16).' - '.$invoicestatic->ref_supplier.' - '.$accountingaccount->label.""; - print ''.($mt >= 0 ? price($mt) : '').""; - print ''.($mt < 0 ? price(-$mt) : '').""; + print ''.($mt >= 0 ? price($mt) : '').""; + print ''.($mt < 0 ? price(-$mt) : '').""; print ""; } @@ -977,8 +977,8 @@ if (empty($action) || $action == 'view') { print ""; print $companystatic->getNomUrl(0, 'supplier', 16).' - '.$invoicestatic->ref_supplier.' - '.$langs->trans("VAT").' '.join(', ', $def_tva[$key][$k]).' %'.($numtax ? ' - Localtax '.$numtax : ''); print ""; - print ''.($mt >= 0 ? price($mt) : '').""; - print ''.($mt < 0 ? price(-$mt) : '').""; + print ''.($mt >= 0 ? price($mt) : '').""; + print ''.($mt < 0 ? price(-$mt) : '').""; print ""; } } @@ -1005,8 +1005,8 @@ if (empty($action) || $action == 'view') { print ""; print ''; print "".$companystatic->getNomUrl(0, 'supplier', 16).' - '.$invoicestatic->ref_supplier.' - '.$langs->trans("VAT")." NPR (counterpart)"; - print ''.($mt < 0 ? price(-$mt) : '').""; - print ''.($mt >= 0 ? price($mt) : '').""; + print ''.($mt < 0 ? price(-$mt) : '').""; + print ''.($mt >= 0 ? price($mt) : '').""; print ""; } } diff --git a/htdocs/accountancy/journal/sellsjournal.php b/htdocs/accountancy/journal/sellsjournal.php index d147186a8d8..93be8e8b1b9 100644 --- a/htdocs/accountancy/journal/sellsjournal.php +++ b/htdocs/accountancy/journal/sellsjournal.php @@ -851,8 +851,8 @@ if (empty($action) || $action == 'view') { } print ''; print "".$companystatic->getNomUrl(0, 'customer', 16).' - '.$invoicestatic->ref.' - '.$langs->trans("SubledgerAccount").""; - print ''.($mt >= 0 ? price($mt) : '').""; - print ''.($mt < 0 ? price(-$mt) : '').""; + print ''.($mt >= 0 ? price($mt) : '').""; + print ''.($mt < 0 ? price(-$mt) : '').""; print ""; } @@ -880,8 +880,8 @@ if (empty($action) || $action == 'view') { $companystatic->id = $tabcompany[$key]['id']; $companystatic->name = $tabcompany[$key]['name']; print "".$companystatic->getNomUrl(0, 'customer', 16).' - '.$invoicestatic->ref.' - '.$accountingaccount->label.""; - print ''.($mt < 0 ? price(-$mt) : '').""; - print ''.($mt >= 0 ? price($mt) : '').""; + print ''.($mt < 0 ? price(-$mt) : '').""; + print ''.($mt >= 0 ? price($mt) : '').""; print ""; } @@ -916,8 +916,8 @@ if (empty($action) || $action == 'view') { print ''; print "".$companystatic->getNomUrl(0, 'customer', 16).' - '.$invoicestatic->ref.' - '.$langs->trans("VAT").' '.join(', ', $def_tva[$key][$k]).' %'.($numtax ? ' - Localtax '.$numtax : ''); print ""; - print ''.($mt < 0 ? price(-$mt) : '').""; - print ''.($mt >= 0 ? price($mt) : '').""; + print ''.($mt < 0 ? price(-$mt) : '').""; + print ''.($mt >= 0 ? price($mt) : '').""; print ""; } } diff --git a/htdocs/accountancy/supplier/index.php b/htdocs/accountancy/supplier/index.php index a69debeb0c0..343eb506408 100644 --- a/htdocs/accountancy/supplier/index.php +++ b/htdocs/accountancy/supplier/index.php @@ -31,7 +31,7 @@ require_once DOL_DOCUMENT_ROOT.'/core/lib/company.lib.php'; require_once DOL_DOCUMENT_ROOT.'/fourn/class/fournisseur.facture.class.php'; // Load translation files required by the page -$langs->loadLangs(array("compta", "bills", "other", "main", "accountancy")); +$langs->loadLangs(array("compta", "bills", "other", "accountancy")); // Security check if (empty($conf->accounting->enabled)) { @@ -314,10 +314,10 @@ if ($resql) { } print ''; for ($i = 2; $i <= 12; $i++) { - print ''.price($row[$i]).''; + print ''.price($row[$i]).''; } - print ''.price($row[13]).''; - print ''.price($row[14]).''; + print ''.price($row[13]).''; + print ''.price($row[14]).''; print ''; } $db->free($resql); @@ -393,10 +393,10 @@ if ($resql) { } print ''; for ($i = 2; $i <= 12; $i++) { - print ''.price($row[$i]).''; + print ''.price($row[$i]).''; } - print ''.price($row[13]).''; - print ''.price($row[14]).''; + print ''.price($row[13]).''; + print ''.price($row[14]).''; print ''; } $db->free($resql); @@ -456,9 +456,9 @@ if ($conf->global->MAIN_FEATURES_LEVEL > 0) { // This part of code looks strange while ($row = $db->fetch_row($resql)) { print ''.$row[0].''; for ($i = 1; $i <= 12; $i++) { - print ''.price($row[$i]).''; + print ''.price($row[$i]).''; } - print ''.price($row[13]).''; + print ''.price($row[13]).''; print ''; } $db->free($resql); diff --git a/htdocs/accountancy/supplier/lines.php b/htdocs/accountancy/supplier/lines.php index 90e7213c8f9..4a3b8cd53ac 100644 --- a/htdocs/accountancy/supplier/lines.php +++ b/htdocs/accountancy/supplier/lines.php @@ -497,7 +497,7 @@ if ($result) { print $form->textwithtooltip(dol_trunc($text, $trunclength), $objp->description); print ''; - print ''.price($objp->total_ht).''; + print ''.price($objp->total_ht).''; print ''.vatrate($objp->tva_tx.($objp->vat_src_code ? ' ('.$objp->vat_src_code.')' : '')).''; diff --git a/htdocs/accountancy/supplier/list.php b/htdocs/accountancy/supplier/list.php index 63dd996a546..793ba453105 100644 --- a/htdocs/accountancy/supplier/list.php +++ b/htdocs/accountancy/supplier/list.php @@ -671,7 +671,7 @@ if ($result) { print $form->textwithtooltip(dol_trunc($text, $trunclength), $objp->description); print ''; - print ''; + print ''; print price($objp->total_ht); print ''; diff --git a/htdocs/adherents/admin/member.php b/htdocs/adherents/admin/member.php index 925f2c9094d..621873afc94 100644 --- a/htdocs/adherents/admin/member.php +++ b/htdocs/adherents/admin/member.php @@ -197,6 +197,8 @@ print ''; print ''; print load_fiche_titre($langs->trans("MemberMainOptions"), '', ''); + +print '
'; print ''; print ''; print ''; @@ -268,6 +270,7 @@ if ($conf->facture->enabled) { } print '
'.$langs->trans("Description").'
'; +print '
'; print '
'; print ''; @@ -338,6 +341,7 @@ if ($resql) { print load_fiche_titre($langs->trans("MembersDocModules"), '', ''); +print '
'; print ''; print ''; print ''; @@ -446,6 +450,8 @@ foreach ($dirmodels as $reldir) { } print '
'.$langs->trans("Name").'
'; +print '
'; + print "
"; print dol_get_fiche_end(); diff --git a/htdocs/adherents/admin/website.php b/htdocs/adherents/admin/website.php index 06796ef193c..bb320e9f48a 100644 --- a/htdocs/adherents/admin/website.php +++ b/htdocs/adherents/admin/website.php @@ -172,6 +172,7 @@ print '
'; if (!empty($conf->global->MEMBER_ENABLE_PUBLIC)) { print '
'; + print '
'; print ''; print ''; @@ -234,6 +235,7 @@ if (!empty($conf->global->MEMBER_ENABLE_PUBLIC)) { print "\n"; print '
'; + print '
'; print '
'; print ''; @@ -262,7 +264,7 @@ if (!empty($conf->global->MEMBER_ENABLE_PUBLIC)) { //$urlwithroot=DOL_MAIN_URL_ROOT; // This is to use same domain name than current print '
'; - print ''; + print ''; print ''.img_picto('', 'globe', 'class="paddingleft"').''; print '
'; print ajax_autoselect('publicurlmember'); diff --git a/htdocs/adherents/canvas/default/tpl/adherentcard_create.tpl.php b/htdocs/adherents/canvas/default/tpl/adherentcard_create.tpl.php index b6c0b542d27..87b8a6874c4 100644 --- a/htdocs/adherents/canvas/default/tpl/adherentcard_create.tpl.php +++ b/htdocs/adherents/canvas/default/tpl/adherentcard_create.tpl.php @@ -68,7 +68,7 @@ echo $this->control->tpl['ajax_selectcountry']; ?> trans("Morphy"); ?> - + @@ -105,7 +105,7 @@ echo $this->control->tpl['ajax_selectcountry']; ?> trans("Email"); ?> - + diff --git a/htdocs/adherents/canvas/default/tpl/adherentcard_edit.tpl.php b/htdocs/adherents/canvas/default/tpl/adherentcard_edit.tpl.php index 3259df07b8d..9056ff201e4 100644 --- a/htdocs/adherents/canvas/default/tpl/adherentcard_edit.tpl.php +++ b/htdocs/adherents/canvas/default/tpl/adherentcard_edit.tpl.php @@ -77,7 +77,7 @@ echo $this->control->tpl['ajax_selectcountry']; trans("Morphy"); ?> - + @@ -114,7 +114,7 @@ echo $this->control->tpl['ajax_selectcountry']; trans("Email"); ?> - + diff --git a/htdocs/adherents/card.php b/htdocs/adherents/card.php index 49a3cc74182..d20318090e0 100644 --- a/htdocs/adherents/card.php +++ b/htdocs/adherents/card.php @@ -6,7 +6,7 @@ * Copyright (C) 2012 Marcos García * Copyright (C) 2012-2020 Philippe Grand * Copyright (C) 2015-2018 Alexandre Spangaro - * Copyright (C) 2018-2020 Frédéric France + * Copyright (C) 2018-2021 Frédéric France * Copyright (C) 2021 Waël Almoman * * This program is free software; you can redistribute it and/or modify @@ -1088,7 +1088,8 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { if (!$value['active']) { break; } - print ''.$langs->trans($value['label']).''; + $val = (GETPOSTISSET('member_'.$key) ? GETPOST('member_'.$key, 'alpha') : (empty($object->socialnetworks[$key]) ? '' : $object->socialnetworks[$key])); + print ''.$langs->trans($value['label']).''; } } @@ -1907,7 +1908,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { } // Reactivate - if (Adherent::STATUS_RESILIATED == $object->statut || Adherent::STATUS_EXCLUDED == $Object->statut) { + if (Adherent::STATUS_RESILIATED == $object->statut || Adherent::STATUS_EXCLUDED == $object->statut) { if ($user->rights->adherent->creer) { print ''.$langs->trans("Reenable")."\n"; } else { diff --git a/htdocs/adherents/class/adherent.class.php b/htdocs/adherents/class/adherent.class.php index a663cea85d2..2d5eae90938 100644 --- a/htdocs/adherents/class/adherent.class.php +++ b/htdocs/adherents/class/adherent.class.php @@ -260,9 +260,9 @@ class Adherent extends CommonObject public $datefin; - // From member table - // Fields loaded by fetch_subscriptions() + // Fields loaded by fetch_subscriptions() from member table + public $first_subscription_date; public $first_subscription_amount; @@ -277,6 +277,12 @@ class Adherent extends CommonObject public $subscriptions = array(); + + // Fields loaded by fetchPartnerships() from partnership table + + public $partnerships = array(); + + /** * @var Adherent To contains a clone of this when we need to save old properties of object */ @@ -296,15 +302,15 @@ class Adherent extends CommonObject 'entity' => array('type' => 'integer', 'label' => 'Entity', 'default' => 1, 'enabled' => 1, 'visible' => -2, 'notnull' => 1, 'position' => 15, 'index' => 1), 'ref_ext' => array('type' => 'varchar(128)', 'label' => 'Ref ext', 'enabled' => 1, 'visible' => 0, 'position' => 20), 'civility' => array('type' => 'varchar(6)', 'label' => 'Civility', 'enabled' => 1, 'visible' => -1, 'position' => 25), - 'lastname' => array('type' => 'varchar(50)', 'label' => 'Lastname', 'enabled' => 1, 'visible' => -1, 'position' => 30), - 'firstname' => array('type' => 'varchar(50)', 'label' => 'Firstname', 'enabled' => 1, 'visible' => -1, 'position' => 35), + 'lastname' => array('type' => 'varchar(50)', 'label' => 'Lastname', 'enabled' => 1, 'visible' => -1, 'position' => 30, 'showoncombobox'=>1), + 'firstname' => array('type' => 'varchar(50)', 'label' => 'Firstname', 'enabled' => 1, 'visible' => -1, 'position' => 35, 'showoncombobox'=>1), 'login' => array('type' => 'varchar(50)', 'label' => 'Login', 'enabled' => 1, 'visible' => -1, 'position' => 40), 'gender' => array('type' => 'varchar(10)', 'label' => 'Gender', 'enabled' => 1, 'visible' => -1, 'position' => 250), 'pass' => array('type' => 'varchar(50)', 'label' => 'Pass', 'enabled' => 1, 'visible' => -1, 'position' => 45), 'pass_crypted' => array('type' => 'varchar(128)', 'label' => 'Pass crypted', 'enabled' => 1, 'visible' => -1, 'position' => 50), 'fk_adherent_type' => array('type' => 'integer', 'label' => 'Fk adherent type', 'enabled' => 1, 'visible' => -1, 'notnull' => 1, 'position' => 55), 'morphy' => array('type' => 'varchar(3)', 'label' => 'MorPhy', 'enabled' => 1, 'visible' => -1, 'notnull' => 1, 'position' => 60), - 'societe' => array('type' => 'varchar(128)', 'label' => 'Societe', 'enabled' => 1, 'visible' => -1, 'position' => 65), + 'societe' => array('type' => 'varchar(128)', 'label' => 'Societe', 'enabled' => 1, 'visible' => -1, 'position' => 65, 'showoncombobox'=>2), 'fk_soc' => array('type' => 'integer:Societe:societe/class/societe.class.php', 'label' => 'ThirdParty', 'enabled' => 1, 'visible' => -1, 'position' => 70), 'address' => array('type' => 'text', 'label' => 'Address', 'enabled' => 1, 'visible' => -1, 'position' => 75), 'zip' => array('type' => 'varchar(10)', 'label' => 'Zip', 'enabled' => 1, 'visible' => -1, 'position' => 80), @@ -592,8 +598,8 @@ class Adherent extends CommonObject if ($this->user_id) { // Add link to user $sql = "UPDATE ".MAIN_DB_PREFIX."user SET"; - $sql .= " fk_member = ".$this->id; - $sql .= " WHERE rowid = ".$this->user_id; + $sql .= " fk_member = ".((int) $this->id); + $sql .= " WHERE rowid = ".((int) $this->user_id); dol_syslog(get_class($this)."::create", LOG_DEBUG); $resql = $this->db->query($sql); if (!$resql) { @@ -722,7 +728,7 @@ class Adherent extends CommonObject if (!empty($this->oldcopy) && $this->typeid != $this->oldcopy->typeid) { $sql2 = "SELECT libelle as label"; $sql2 .= " FROM ".MAIN_DB_PREFIX."adherent_type"; - $sql2 .= " WHERE rowid = ".$this->typeid; + $sql2 .= " WHERE rowid = ".((int) $this->typeid); $resql2 = $this->db->query($sql2); if ($resql2) { while ($obj = $this->db->fetch_object($resql2)) { @@ -1439,11 +1445,12 @@ class Adherent extends CommonObject // phpcs:disable PEAR.NamingConventions.ValidFunctionName.ScopeNotCamelCaps /** - * Function to get member subscriptions data - * first_subscription_date, first_subscription_date_start, first_subscription_date_end, first_subscription_amount - * last_subscription_date, last_subscription_date_start, last_subscription_date_end, last_subscription_amount + * Function to get member subscriptions data: + * subscriptions, + * first_subscription_date, first_subscription_date_start, first_subscription_date_end, first_subscription_amount + * last_subscription_date, last_subscription_date_start, last_subscription_date_end, last_subscription_amount * - * @return int <0 si KO, >0 si OK + * @return int <0 if KO, >0 if OK */ public function fetch_subscriptions() { @@ -1475,7 +1482,7 @@ class Adherent extends CommonObject $this->first_subscription_amount = $obj->subscription; } $this->last_subscription_date = $this->db->jdate($obj->datec); - $this->last_subscription_date_start = $this->db->jdate($obj->datef); + $this->last_subscription_date_start = $this->db->jdate($obj->dateh); $this->last_subscription_date_end = $this->db->jdate($obj->datef); $this->last_subscription_amount = $obj->subscription; @@ -1503,6 +1510,25 @@ class Adherent extends CommonObject } + /** + * Function to get partnerships array + * + * @param string $mode 'member' or 'thirdparty' + * @return int <0 if KO, >0 if OK + */ + public function fetchPartnerships($mode) + { + global $langs; + + require_once DOL_DOCUMENT_ROOT.'/parntership/class/partnership.class.php'; + + + $this->partnerships[] = array(); + + return 1; + } + + /** * Insert subscription into database and eventually add links to banks, mailman, etc... * @@ -1712,7 +1738,8 @@ class Adherent extends CommonObject } } $invoice->socid = $this->fk_soc; - $invoice->date = $datesubscription; + //$invoice->date = $datesubscription; + $invoice->date = dol_now(); // Possibility to add external linked objects with hooks $invoice->linked_objects['subscription'] = $subscriptionid; diff --git a/htdocs/adherents/class/adherent_type.class.php b/htdocs/adherents/class/adherent_type.class.php index 0104f8f36e8..1cb9fcdb12c 100644 --- a/htdocs/adherents/class/adherent_type.class.php +++ b/htdocs/adherents/class/adherent_type.class.php @@ -362,7 +362,7 @@ class AdherentType extends CommonObject $sql = "UPDATE ".MAIN_DB_PREFIX."adherent_type "; $sql .= "SET "; - $sql .= "statut = ".$this->status.","; + $sql .= "statut = ".((int) $this->status).","; $sql .= "libelle = '".$this->db->escape($this->label)."',"; $sql .= "morphy = '".$this->db->escape($this->morphy)."',"; $sql .= "subscription = '".$this->db->escape($this->subscription)."',"; diff --git a/htdocs/adherents/class/api_members.class.php b/htdocs/adherents/class/api_members.class.php index 5573961456f..d57a01510d4 100644 --- a/htdocs/adherents/class/api_members.class.php +++ b/htdocs/adherents/class/api_members.class.php @@ -228,12 +228,12 @@ class Members extends DolibarrApi } $sql .= ' WHERE t.entity IN ('.getEntity('adherent').')'; if (!empty($typeid)) { - $sql .= ' AND t.fk_adherent_type='.$typeid; + $sql .= ' AND t.fk_adherent_type='.((int) $typeid); } // Select members of given category if ($category > 0) { - $sql .= " AND c.fk_categorie = ".$this->db->escape($category); - $sql .= " AND c.fk_member = t.rowid "; + $sql .= " AND c.fk_categorie = ".((int) $category); + $sql .= " AND c.fk_member = t.rowid"; } // Add sql filters if ($sqlfilters) { diff --git a/htdocs/adherents/class/subscription.class.php b/htdocs/adherents/class/subscription.class.php index 1285b12b2d0..fff9d925cd9 100644 --- a/htdocs/adherents/class/subscription.class.php +++ b/htdocs/adherents/class/subscription.class.php @@ -168,7 +168,7 @@ class Subscription extends CommonObject $sql .= " VALUES (".((int) $this->fk_adherent).", '".$this->db->escape($type)."', '".$this->db->idate($now)."',"; $sql .= " '".$this->db->idate($this->dateh)."',"; $sql .= " '".$this->db->idate($this->datef)."',"; - $sql .= " ".$this->amount.","; + $sql .= " ".((float) $this->amount).","; $sql .= " '".$this->db->escape($this->note_public ? $this->note_public : $this->note)."')"; $resql = $this->db->query($sql); @@ -267,14 +267,14 @@ class Subscription extends CommonObject } $sql = "UPDATE ".MAIN_DB_PREFIX."subscription SET "; - $sql .= " fk_type = ".$this->fk_type.","; - $sql .= " fk_adherent = ".$this->fk_adherent.","; + $sql .= " fk_type = ".((int) $this->fk_type).","; + $sql .= " fk_adherent = ".((int) $this->fk_adherent).","; $sql .= " note=".($this->note ? "'".$this->db->escape($this->note)."'" : 'null').","; $sql .= " subscription = ".price2num($this->amount).","; $sql .= " dateadh='".$this->db->idate($this->dateh)."',"; $sql .= " datef='".$this->db->idate($this->datef)."',"; $sql .= " datec='".$this->db->idate($this->datec)."',"; - $sql .= " fk_bank = ".($this->fk_bank ? $this->fk_bank : 'null'); + $sql .= " fk_bank = ".($this->fk_bank ? ((int) $this->fk_bank) : 'null'); $sql .= " WHERE rowid = ".$this->id; dol_syslog(get_class($this)."::update", LOG_DEBUG); @@ -341,7 +341,7 @@ class Subscription extends CommonObject } if (!$error) { - $sql = "DELETE FROM ".MAIN_DB_PREFIX."subscription WHERE rowid = ".$this->id; + $sql = "DELETE FROM ".MAIN_DB_PREFIX."subscription WHERE rowid = ".((int) $this->id); dol_syslog(get_class($this)."::delete", LOG_DEBUG); $resql = $this->db->query($sql); if ($resql) { diff --git a/htdocs/adherents/document.php b/htdocs/adherents/document.php index f2a7c6f3f55..98c0e026139 100644 --- a/htdocs/adherents/document.php +++ b/htdocs/adherents/document.php @@ -182,7 +182,7 @@ if ($id > 0) { print dol_get_fiche_end(); $modulepart = 'member'; - $permission = $user->rights->adherent->creer; + $permissiontoadd = $user->rights->adherent->creer; $permtoedit = $user->rights->adherent->creer; $param = '&id='.$object->id; include DOL_DOCUMENT_ROOT.'/core/tpl/document_actions_post_headers.tpl.php'; diff --git a/htdocs/adherents/index.php b/htdocs/adherents/index.php index 998736e137f..8b59c0d3ca4 100644 --- a/htdocs/adherents/index.php +++ b/htdocs/adherents/index.php @@ -52,7 +52,7 @@ $result = restrictedArea($user, 'adherent'); if (GETPOST('addbox')) { // Add box (when submit is done from a form when ajax disabled) require_once DOL_DOCUMENT_ROOT.'/core/class/infobox.class.php'; - $zone = GETPOST('areacode', 'aZ09'); + $zone = GETPOST('areacode', 'int'); $userid = GETPOST('userid', 'int'); $boxorder = GETPOST('boxorder', 'aZ09'); $boxorder .= GETPOST('boxcombo', 'aZ09'); diff --git a/htdocs/adherents/list.php b/htdocs/adherents/list.php index 1ec9d498b9d..7a4a7d5bc1f 100644 --- a/htdocs/adherents/list.php +++ b/htdocs/adherents/list.php @@ -5,6 +5,7 @@ * Copyright (C) 2013-2015 Raphaël Doursenaud * Copyright (C) 2014-2016 Juanjo Menent * Copyright (C) 2018 Alexandre Spangaro + * Copyright (C) 2021 Frédéric France * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -305,7 +306,12 @@ $memberstatic = new Adherent($db); $now = dol_now(); -$sql = "SELECT d.rowid, d.ref, d.login, d.lastname, d.firstname, d.gender, d.societe as company, d.fk_soc,"; +if (!empty($search_categ) || !empty($catid)) { + $sql = "SELECT DISTINCT"; +} else { + $sql = "SELECT"; +} +$sql .= " d.rowid, d.ref, d.login, d.lastname, d.firstname, d.gender, d.societe as company, d.fk_soc,"; $sql .= " d.civility, d.datefin, d.address, d.zip, d.town, d.state_id, d.country,"; $sql .= " d.email, d.phone, d.phone_perso, d.phone_mobile, d.skype, d.birth, d.public, d.photo,"; $sql .= " d.fk_adherent_type as type_id, d.morphy, d.statut, d.datec as date_creation, d.tms as date_update,"; @@ -325,7 +331,7 @@ $reshook = $hookmanager->executeHooks('printFieldListSelect', $parameters); // N $sql .= preg_replace('/^,/', '', $hookmanager->resPrint); $sql = preg_replace('/,\s*$/', '', $sql); $sql .= " FROM ".MAIN_DB_PREFIX."adherent as d"; -if (is_array($extrafields->attributes[$object->table_element]['label']) && count($extrafields->attributes[$object->table_element]['label'])) { +if (!empty($extrafields->attributes[$object->table_element]['label']) && count($extrafields->attributes[$object->table_element]['label'])) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX.$object->table_element."_extrafields as ef on (d.rowid = ef.fk_object)"; } if (!empty($search_categ) || !empty($catid)) { @@ -336,7 +342,7 @@ $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."c_country as country on (country.rowid = d $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."c_departements as state on (state.rowid = d.state_id)"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s on (s.rowid = d.fk_soc)"; $sql .= ", ".MAIN_DB_PREFIX."adherent_type as t"; -$sql .= " WHERE d.fk_adherent_type = t.rowid "; +$sql .= " WHERE d.fk_adherent_type = t.rowid"; if ($catid > 0) { $sql .= " AND cm.fk_categorie = ".((int) $catid); } @@ -467,28 +473,28 @@ llxHeader('', $langs->trans("Member"), 'EN:Module_Foundations|FR:Module_Adh&eacu $titre = $langs->trans("MembersList"); if (GETPOSTISSET("search_status")) { - if ($search_status == '-1,1') { + if ($search_status == '-1,1') { // TODO : check this test as -1 == Adherent::STATUS_DRAFT and -2 == Adherent::STATUS_EXLCUDED $titre = $langs->trans("MembersListQualified"); } - if ($search_status == '-1') { + if ($search_status == Adherent::STATUS_DRAFT) { $titre = $langs->trans("MembersListToValid"); } - if ($search_status == '1' && $filter == '') { + if ($search_status == Adherent::STATUS_VALIDATED && $filter == '') { $titre = $langs->trans("MembersValidated"); } - if ($search_status == '1' && $filter == 'withoutsubscription') { + if ($search_status == Adherent::STATUS_VALIDATED && $filter == 'withoutsubscription') { $titre = $langs->trans("MembersWithSubscriptionToReceive"); } - if ($search_status == '1' && $filter == 'uptodate') { + if ($search_status == Adherent::STATUS_VALIDATED && $filter == 'uptodate') { $titre = $langs->trans("MembersListUpToDate"); } - if ($search_status == '1' && $filter == 'outofdate') { + if ($search_status == Adherent::STATUS_VALIDATED && $filter == 'outofdate') { $titre = $langs->trans("MembersListNotUpToDate"); } - if ($search_status == '0') { + if ($search_status == Adherent::STATUS_RESILIATED) { $titre = $langs->trans("MembersListResiliated"); } - if ($search_status == '-2') { + if ($search_status == Adherent::STATUS_EXCLUDED) { $titre = $langs->trans("MembersListExcluded"); } } elseif ($action == 'search') { @@ -565,7 +571,7 @@ if ($search_phone_mobile != '') { if ($search_filter && $search_filter != '-1') { $param .= "&search_filter=".urlencode($search_filter); } -if ($search_status != "" && $search_status != '-1') { +if ($search_status != "" && $search_status != Adherent::STATUS_DRAFT) { $param .= "&search_status=".urlencode($search_status); } if ($search_type > 0) { @@ -708,7 +714,7 @@ if (!empty($arrayfields['d.morphy']['checked'])) { if (!empty($arrayfields['t.libelle']['checked'])) { print ''; $listetype = $membertypestatic->liste_array(); - print $form->selectarray("search_type", $listetype, $type, 1, 0, 0, '', 0, 32); + print $form->selectarray("search_type", $listetype, $search_type, 1, 0, 0, '', 0, 32); print ''; } @@ -790,10 +796,10 @@ if (!empty($arrayfields['d.tms']['checked'])) { if (!empty($arrayfields['d.statut']['checked'])) { print ''; $liststatus = array( - '-1'=>$langs->trans("Draft"), - '1'=>$langs->trans("Validated"), - '0'=>$langs->trans("Resiliated"), - '-2'=>$langs->trans("Excluded") + Adherent::STATUS_DRAFT => $langs->trans("Draft"), + Adherent::STATUS_VALIDATED => $langs->trans("Validated"), + Adherent::STATUS_RESILIATED => $langs->trans("MemberStatusResiliatedShort"), + Adherent::STATUS_EXCLUDED =>$langs->trans("MemberStatusExcludedShort") ); print $form->selectarray('search_status', $liststatus, $search_status, -3); print ''; @@ -891,6 +897,7 @@ print "\n"; $i = 0; $totalarray = array(); +$totalarray['nbfield'] = 0; while ($i < min($num, $limit)) { $obj = $db->fetch_object($resql); @@ -947,7 +954,7 @@ while ($i < min($num, $limit)) { } // Firstname if (!empty($arrayfields['d.firstname']['checked'])) { - print ""; + print ''; print $obj->firstname; print "\n"; if (!$i) { @@ -956,7 +963,7 @@ while ($i < min($num, $limit)) { } // Lastname if (!empty($arrayfields['d.lastname']['checked'])) { - print ""; + print ''; print $obj->lastname; print "\n"; if (!$i) { @@ -976,13 +983,13 @@ while ($i < min($num, $limit)) { } // Company if (!empty($arrayfields['d.company']['checked'])) { - print ""; + print ''; print $companyname; print "\n"; } // Login if (!empty($arrayfields['d.login']['checked'])) { - print "".$obj->login."\n"; + print ''.$obj->login."\n"; if (!$i) { $totalarray['nbfield']++; } @@ -1007,7 +1014,7 @@ while ($i < min($num, $limit)) { if (!empty($arrayfields['t.libelle']['checked'])) { $membertypestatic->id = $obj->type_id; $membertypestatic->label = $obj->type; - print ''; + print ''; print $membertypestatic->getNomUrl(1, 32); print ''; if (!$i) { @@ -1016,7 +1023,7 @@ while ($i < min($num, $limit)) { } // Address if (!empty($arrayfields['d.address']['checked'])) { - print ''; + print ''; print $obj->address; print ''; if (!$i) { @@ -1096,7 +1103,7 @@ while ($i < min($num, $limit)) { print ''; print dol_print_date($datefin, 'day'); if ($memberstatic->hasDelay()) { - $textlate .= ' ('.$langs->trans("DateReference").' > '.$langs->trans("DateToday").' '.(ceil($conf->adherent->subscription->warning_delay / 60 / 60 / 24) >= 0 ? '+' : '').ceil($conf->adherent->subscription->warning_delay / 60 / 60 / 24).' '.$langs->trans("days").')'; + $textlate = ' ('.$langs->trans("DateReference").' > '.$langs->trans("DateToday").' '.(ceil($conf->adherent->subscription->warning_delay / 60 / 60 / 24) >= 0 ? '+' : '').ceil($conf->adherent->subscription->warning_delay / 60 / 60 / 24).' '.$langs->trans("days").')'; print " ".img_warning($langs->trans("SubscriptionLate").$textlate); } print ''; diff --git a/htdocs/adherents/partnership.php b/htdocs/adherents/partnership.php index 3cd70de3228..cf0e11d70e0 100644 --- a/htdocs/adherents/partnership.php +++ b/htdocs/adherents/partnership.php @@ -44,50 +44,20 @@ //if (! defined('NOBROWSERNOTIF')) define('NOBROWSERNOTIF', '1'); // Disable browser notification // Load Dolibarr environment -$res = 0; -// Try main.inc.php into web root known defined into CONTEXT_DOCUMENT_ROOT (not always defined) -if (!$res && !empty($_SERVER["CONTEXT_DOCUMENT_ROOT"])) { - $res = @include $_SERVER["CONTEXT_DOCUMENT_ROOT"]."/main.inc.php"; -} -// Try main.inc.php into web root detected using web root calculated from SCRIPT_FILENAME -$tmp = empty($_SERVER['SCRIPT_FILENAME']) ? '' : $_SERVER['SCRIPT_FILENAME']; $tmp2 = realpath(__FILE__); $i = strlen($tmp) - 1; $j = strlen($tmp2) - 1; -while ($i > 0 && $j > 0 && isset($tmp[$i]) && isset($tmp2[$j]) && $tmp[$i] == $tmp2[$j]) { - $i--; $j--; -} -if (!$res && $i > 0 && file_exists(substr($tmp, 0, ($i + 1))."/main.inc.php")) { - $res = @include substr($tmp, 0, ($i + 1))."/main.inc.php"; -} -if (!$res && $i > 0 && file_exists(dirname(substr($tmp, 0, ($i + 1)))."/main.inc.php")) { - $res = @include dirname(substr($tmp, 0, ($i + 1)))."/main.inc.php"; -} -// Try main.inc.php using relative path -if (!$res && file_exists("../main.inc.php")) { - $res = @include "../main.inc.php"; -} -if (!$res && file_exists("../../main.inc.php")) { - $res = @include "../../main.inc.php"; -} -if (!$res && file_exists("../../../main.inc.php")) { - $res = @include "../../../main.inc.php"; -} -if (!$res) { - die("Include of main fails"); -} - +require '../main.inc.php'; require_once DOL_DOCUMENT_ROOT.'/core/class/html.formfile.class.php'; require_once DOL_DOCUMENT_ROOT.'/core/class/html.formprojet.class.php'; require_once DOL_DOCUMENT_ROOT.'/core/lib/member.lib.php'; require_once DOL_DOCUMENT_ROOT.'/adherents/class/adherent.class.php'; require_once DOL_DOCUMENT_ROOT.'/adherents/class/adherent_type.class.php'; -dol_include_once('/partnership/class/partnership.class.php'); -dol_include_once('/partnership/lib/partnership.lib.php'); +require_once DOL_DOCUMENT_ROOT.'/partnership/class/partnership.class.php'; +require_once DOL_DOCUMENT_ROOT.'/partnership/lib/partnership.lib.php'; // Load translation files required by the page $langs->loadLangs(array("companies","members","partnership", "other")); // Get parameters -$id = GETPOST('id', 'int'); -$memberid = GETPOST('rowid', 'int'); +$id = GETPOST('rowid', 'int') ? GETPOST('rowid', 'int') : GETPOST('id', 'int'); $ref = GETPOST('ref', 'alpha'); $action = GETPOST('action', 'aZ09'); $confirm = GETPOST('confirm', 'alpha'); @@ -97,9 +67,9 @@ $backtopage = GETPOST('backtopage', 'alpha'); $backtopageforcancel = GETPOST('backtopageforcancel', 'alpha'); //$lineid = GETPOST('lineid', 'int'); -$member = new Adherent($db); -if ($memberid > 0) { - $member->fetch($memberid); +$object = new Adherent($db); +if ($id > 0) { + $object->fetch($id); } // Initialize technical objects @@ -141,15 +111,15 @@ if (empty($conf->partnership->enabled)) accessforbidden(); if (empty($permissiontoread)) accessforbidden(); if ($action == 'edit' && empty($permissiontoadd)) accessforbidden(); -$partnershipid = $object->fetch(0, "", $memberid); -if (empty($action) && empty($partnershipid)) { - $action = 'create'; +if (($action == 'update' || $action == 'edit') && $object->status != $object::STATUS_DRAFT) { + accessforbidden(); } -if (($action == 'update' || $action == 'edit') && $object->status != $object::STATUS_DRAFT) accessforbidden(); -if (empty($memberid) && $object) { - $memberid = $object->fk_member; -} + +// Security check +$result = restrictedArea($user, 'adherent', $id, '', '', 'socid', 'rowid', 0); + + /* * Actions */ @@ -166,102 +136,7 @@ $date_end = dol_mktime(0, 0, 0, GETPOST('date_partnership_endmonth', 'int'), GET if (empty($reshook)) { $error = 0; - $backtopage = dol_buildpath('/partnership/partnership.php', 1).'?rowid='.($memberid > 0 ? $memberid : '__ID__'); - - $triggermodname = 'PARTNERSHIP_MODIFY'; // Name of trigger action code to execute when we modify record - - if ($action == 'add' && $permissiontoread) { - $error = 0; - - $db->begin(); - - $now = dol_now(); - - if (!$error) { - $old_start_date = $object->date_partnership_start; - - $object->fk_member = $memberid; - $object->date_partnership_start = (!GETPOST('date_partnership_start')) ? '' : $date_start; - $object->date_partnership_end = (!GETPOST('date_partnership_end')) ? '' : $date_end; - $object->note_public = GETPOST('note_public', 'restricthtml'); - $object->date_creation = $now; - $object->fk_user_creat = $user->id; - $object->entity = $conf->entity; - - // Fill array 'array_options' with data from add form - $ret = $extrafields->setOptionalsFromPost(null, $object); - if ($ret < 0) { - $error++; - } - } - - if (!$error) { - $result = $object->create($user); - if ($result < 0) { - $error++; - if ($result == -4) { - setEventMessages($langs->trans("ErrorRefAlreadyExists"), null, 'errors'); - } else { - setEventMessages($object->error, $object->errors, 'errors'); - } - } - } - - if ($error) { - $db->rollback(); - $action = 'create'; - } else { - $db->commit(); - } - } elseif ($action == 'update' && $permissiontoread) { - $error = 0; - - $db->begin(); - - $now = dol_now(); - - if (!$error) { - $object->oldcopy = clone $object; - - $old_start_date = $object->date_partnership_start; - - $object->date_partnership_start = (!GETPOST('date_partnership_start')) ? '' : $date_start; - $object->date_partnership_end = (!GETPOST('date_partnership_end')) ? '' : $date_end; - $object->note_public = GETPOST('note_public', 'restricthtml'); - $object->fk_user_creat = $user->id; - $object->fk_user_modif = $user->id; - - // Fill array 'array_options' with data from add form - $ret = $extrafields->setOptionalsFromPost(null, $object); - if ($ret < 0) { - $error++; - } - } - - if (!$error) { - $result = $object->update($user); - if ($result < 0) { - $error++; - if ($result == -4) { - setEventMessages($langs->trans("ErrorRefAlreadyExists"), null, 'errors'); - } else { - setEventMessages($object->error, $object->errors, 'errors'); - } - } - } - - if ($error) { - $db->rollback(); - $action = 'edit'; - } else { - $db->commit(); - } - } elseif ($action == 'confirm_close' || $action == 'update_extras') { - include DOL_DOCUMENT_ROOT.'/core/actions_addupdatedelete.inc.php'; - - header("Location: ".$_SERVER['PHP_SELF']."?rowid=".$memberid); - exit; - } + $backtopage = dol_buildpath('/partnership/partnership.php', 1).'?rowid='.($id > 0 ? $id : '__ID__'); // Actions when linking object each other include DOL_DOCUMENT_ROOT.'/core/actions_dellink.inc.php'; @@ -271,10 +146,9 @@ $object->fields['fk_member']['visible'] = 0; if ($object->id > 0 && $object->status == $object::STATUS_REFUSED && empty($action)) $object->fields['reason_decline_or_cancel']['visible'] = 1; $object->fields['note_public']['visible'] = 1; + /* * View - * - * Put here all code to build page */ $form = new Form($db); @@ -285,11 +159,11 @@ llxHeader('', $title); $form = new Form($db); -if ($memberid) { +if ($id > 0) { $langs->load("members"); - $member = new Adherent($db); - $result = $member->fetch($memberid); + $object = new Adherent($db); + $result = $object->fetch($id); if (!empty($conf->notification->enabled)) { $langs->load("mails"); @@ -297,13 +171,13 @@ if ($memberid) { $adht->fetch($object->typeid); - $head = member_prepare_head($member); + $head = member_prepare_head($object); print dol_get_fiche_head($head, 'partnership', $langs->trans("ThirdParty"), -1, 'user'); $linkback = ''.$langs->trans("BackToList").''; - dol_banner_tab($member, 'rowid', $linkback); + dol_banner_tab($object, 'rowid', $linkback); print '
'; @@ -312,21 +186,21 @@ if ($memberid) { // Login if (empty($conf->global->ADHERENT_LOGIN_NOT_REQUIRED)) { - print ''.$langs->trans("Login").' / '.$langs->trans("Id").''.$member->login.' '; + print ''.$langs->trans("Login").' / '.$langs->trans("Id").''.$object->login.' '; } // Type print ''.$langs->trans("Type").''.$adht->getNomUrl(1)."\n"; // Morphy - print ''.$langs->trans("MemberNature").''.$member->getmorphylib().''; + print ''.$langs->trans("MemberNature").''.$object->getmorphylib().''; print ''; // Company - print ''.$langs->trans("Company").''.$member->company.''; + print ''.$langs->trans("Company").''.$object->company.''; // Civility - print ''.$langs->trans("UserTitle").''.$member->getCivilityLabel().' '; + print ''.$langs->trans("UserTitle").''.$object->getCivilityLabel().' '; print ''; print ''; @@ -334,194 +208,13 @@ if ($memberid) { print '
'; print dol_get_fiche_end(); - - $params = ''; - - print '
'; } else { dol_print_error('', 'Parameter rowid not defined'); } -// Part to create -if ($action == 'create') { - print load_fiche_titre($langs->trans("NewObject", $langs->transnoentitiesnoconv("Partnership")), '', ''); - - $backtopageforcancel = DOL_URL_ROOT.'/partnership/partnership.php?rowid='.$memberid; - - print ''; - print ''; - print ''; - print ''; - print ''; - - if ($backtopage) { - print ''; - } - if ($backtopageforcancel) { - print ''; - } - - print dol_get_fiche_head(array(), ''); - - print ''."\n"; - - // Common attributes - include DOL_DOCUMENT_ROOT.'/core/tpl/commonfields_add.tpl.php'; - - // Other attributes - include DOL_DOCUMENT_ROOT.'/core/tpl/extrafields_add.tpl.php'; - - print '
'."\n"; - - print dol_get_fiche_end(); - - print '
'; - print ''; - print '  '; - // print ''; // Cancel for create does not post form if we don't know the backtopage - print '
'; - - print ''; -} - -// Part to edit record -if (($partnershipid || $ref) && $action == 'edit') { - print load_fiche_titre($langs->trans("Partnership"), '', ''); - - $backtopageforcancel = DOL_URL_ROOT.'/partnership/partnership.php?rowid='.$memberid; - - print '
'; - print ''; - print ''; - print ''; - print ''; - if ($backtopage) { - print ''; - } - if ($backtopageforcancel) { - print ''; - } - - print dol_get_fiche_head(); - - print ''."\n"; - - // Common attributes - include DOL_DOCUMENT_ROOT.'/core/tpl/commonfields_edit.tpl.php'; - - // Other attributes - include DOL_DOCUMENT_ROOT.'/core/tpl/extrafields_edit.tpl.php'; - - print '
'; - - print dol_get_fiche_end(); - - print '
'; - print '   '; - print '
'; - - print '
'; -} // Part to show record if ($object->id > 0 && (empty($action) || ($action != 'edit' && $action != 'create'))) { - print load_fiche_titre($langs->trans("PartnershipDedicatedToThisMember", $langs->transnoentitiesnoconv("Partnership")), '', ''); - - $res = $object->fetch_optionals(); - - // $head = partnershipPrepareHead($object); - // print dol_get_fiche_head($head, 'card', $langs->trans("Partnership"), -1, $object->picto); - - $linkback = ''; - dol_banner_tab($object, 'id', $linkback, 0, 'rowid', 'ref'); - - $formconfirm = ''; - - // Close confirmation - if ($action == 'close') { - // Create an array for form - $formquestion = array(); - $formconfirm = $form->formconfirm($_SERVER["PHP_SELF"].'?id='.$object->id, $langs->trans('ToClose'), $langs->trans('ConfirmClosePartnershipAsk', $object->ref), 'confirm_close', $formquestion, 'yes', 1); - } - // Reopon confirmation - if ($action == 'reopen') { - // Create an array for form - $formquestion = array(); - $formconfirm = $form->formconfirm($_SERVER["PHP_SELF"].'?id='.$object->id, $langs->trans('ToReopon'), $langs->trans('ConfirmReoponAsk', $object->ref), 'confirm_reopen', $formquestion, 'yes', 1); - } - - // Refuse confirmatio - if ($action == 'refuse') { - //Form to close proposal (signed or not) - $formquestion = array( - array('type' => 'text', 'name' => 'reason_decline_or_cancel', 'label' => $langs->trans("Note"), 'morecss' => 'reason_decline_or_cancel', 'value' => '') // Field to complete private note (not replace) - ); - - $formconfirm = $form->formconfirm($_SERVER["PHP_SELF"].'?id='.$object->id, $langs->trans('ReasonDecline'), $text, 'confirm_refuse', $formquestion, '', 1, 250); - } - - // Call Hook formConfirm - $parameters = array('formConfirm' => $formconfirm, 'lineid' => $lineid); - $reshook = $hookmanager->executeHooks('formConfirm', $parameters, $object, $action); // Note that $action and $object may have been modified by hook - if (empty($reshook)) { - $formconfirm .= $hookmanager->resPrint; - } elseif ($reshook > 0) { - $formconfirm = $hookmanager->resPrint; - } - - // Print form confirm - print $formconfirm; - - - // Object card - // ------------------------------------------------------------ - $linkback = ''.$langs->trans("BackToList").''; - - print '
'; - print '
'; - print '
'; - print ''."\n"; - - // Common attributes - //$keyforbreak='fieldkeytoswitchonsecondcolumn'; // We change column just before this field - //unset($object->fields['fk_project']); // Hide field already shown in banner - //unset($object->fields['fk_member']); // Hide field already shown in banner - include DOL_DOCUMENT_ROOT.'/core/tpl/commonfields_view.tpl.php'; - - // End of subscription date - $fadherent = new Adherent($db); - $fadherent->fetch($object->fk_member); - print ''; - - // Other attributes. Fields from hook formObjectOptions and Extrafields. - include DOL_DOCUMENT_ROOT.'/core/tpl/extrafields_view.tpl.php'; - - print '
'.$langs->trans("SubscriptionEndDate").''; - if ($fadherent->datefin) { - print dol_print_date($fadherent->datefin, 'day'); - if ($fadherent->hasDelay()) { - print " ".img_warning($langs->trans("Late")); - } - } else { - if (!$adht->subscription) { - print $langs->trans("SubscriptionNotRecorded"); - if ($fadherent->statut > 0) { - print " ".img_warning($langs->trans("Late")); // Display a delay picto only if it is not a draft and is not canceled - } - } else { - print $langs->trans("SubscriptionNotReceived"); - if ($fadherent->statut > 0) { - print " ".img_warning($langs->trans("Late")); // Display a delay picto only if it is not a draft and is not canceled - } - } - } - print '
'; - print '
'; - - print '
'; - - print dol_get_fiche_end(); - // Buttons for actions if ($action != 'presend') { @@ -533,24 +226,67 @@ if ($object->id > 0 && (empty($action) || ($action != 'edit' && $action != 'crea } if (empty($reshook)) { - if ($object->status == $object::STATUS_DRAFT) { - print dolGetButtonAction($langs->trans('Modify'), '', 'default', $_SERVER["PHP_SELF"].'?rowid='.$memberid.'&action=edit', '', $permissiontoadd); - } - // Show if ($permissiontoadd) { - print dolGetButtonAction($langs->trans('ShowPartnership'), '', 'default', dol_buildpath('/partnership/partnership_card.php', 1).'?id='.$object->id, '', $permissiontoadd); - } - - // Cancel - if ($permissiontoadd) { - if ($object->status == $object::STATUS_ACCEPTED) { - print dolGetButtonAction($langs->trans('Cancel'), '', 'default', $_SERVER["PHP_SELF"].'?id='.$object->id.'&action=close&token='.newToken(), '', $permissiontoadd); - } + print dolGetButtonAction($langs->trans('AddPartnership'), '', 'default', DOL_URL_ROOT.'/partnership/partnership_card.php?action=create&fk_member='.$object->id.'&backtopage='.urlencode(DOL_URL_ROOT.'/adherents/partnership.php?id='.$object->id), '', $permissiontoadd); } } print '
'."\n"; } + + + //$morehtmlright = 'partnership/partnership_card.php?action=create&backtopage=%2Fdolibarr%2Fhtdocs%2Fpartnership%2Fpartnership_list.php'; + $morehtmlright = ''; + + print load_fiche_titre($langs->trans("PartnershipDedicatedToThisMember", $langs->transnoentitiesnoconv("Partnership")), $morehtmlright, ''); + + $memberid = $object->id; + + + // TODO Replace this card with the list of all partnerships. + + $object = new Partnership($db); + $partnershipid = $object->fetch(0, "", $memberid); + + if ($partnershipid > 0) { + print '
'; + print '
'; + print '
'; + print ''."\n"; + + // Common attributes + //$keyforbreak='fieldkeytoswitchonsecondcolumn'; // We change column just before this field + //unset($object->fields['fk_project']); // Hide field already shown in banner + //unset($object->fields['fk_member']); // Hide field already shown in banner + include DOL_DOCUMENT_ROOT.'/core/tpl/commonfields_view.tpl.php'; + + // End of subscription date + $fadherent = new Adherent($db); + $fadherent->fetch($object->fk_member); + print ''; + + print '
'.$langs->trans("SubscriptionEndDate").''; + if ($fadherent->datefin) { + print dol_print_date($fadherent->datefin, 'day'); + if ($fadherent->hasDelay()) { + print " ".img_warning($langs->trans("Late")); + } + } else { + if (!$adht->subscription) { + print $langs->trans("SubscriptionNotRecorded"); + if ($fadherent->statut > 0) { + print " ".img_warning($langs->trans("Late")); // Display a delay picto only if it is not a draft and is not canceled + } + } else { + print $langs->trans("SubscriptionNotReceived"); + if ($fadherent->statut > 0) { + print " ".img_warning($langs->trans("Late")); // Display a delay picto only if it is not a draft and is not canceled + } + } + } + print '
'; + print '
'; + } } // End of page diff --git a/htdocs/adherents/stats/byproperties.php b/htdocs/adherents/stats/byproperties.php index 1238fd0fe15..63deec867ef 100644 --- a/htdocs/adherents/stats/byproperties.php +++ b/htdocs/adherents/stats/byproperties.php @@ -29,7 +29,7 @@ $graphwidth = 700; $mapratio = 0.5; $graphheight = round($graphwidth * $mapratio); -$mode = GETPOST('mode') ?GETPOST('mode') : ''; +$mode = GETPOST('mode') ? GETPOST('mode') : ''; // Security check @@ -40,7 +40,7 @@ if ($user->socid > 0) { $result = restrictedArea($user, 'adherent', '', '', 'cotisation'); $year = strftime("%Y", time()); -$startyear = $year - 2; +$startyear = $year - (empty($conf->global->MAIN_STATS_GRAPHS_SHOW_N_YEARS) ? 2 : max(1, min(10, $conf->global->MAIN_STATS_GRAPHS_SHOW_N_YEARS))); $endyear = $year; // Load translation files required by the page @@ -69,7 +69,7 @@ $sql .= " d.morphy as code"; $sql .= " FROM ".MAIN_DB_PREFIX."adherent as d"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."subscription as s ON s.fk_adherent = d.rowid"; $sql .= " WHERE d.entity IN (".getEntity('adherent').")"; -$sql .= " AND d.statut != -1"; // Not draft +$sql .= " AND d.statut <> ".Adherent::STATUS_DRAFT; $sql .= " GROUP BY d.morphy"; $foundphy = $foundmor = 0; @@ -104,7 +104,7 @@ $sql .= " d.morphy as code"; $sql .= " FROM ".MAIN_DB_PREFIX."adherent as d"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."subscription as s ON s.fk_adherent = d.rowid"; $sql .= " WHERE d.entity IN (".getEntity('adherent').")"; -$sql .= " AND d.statut >= 1"; // Active (not draft=-1, not resiliated=0) +$sql .= " AND d.statut >= 1"; // Active (not excluded=-2, not draft=-1, not resiliated=0) $sql .= " GROUP BY d.morphy"; $foundphy = $foundmor = 0; diff --git a/htdocs/adherents/stats/geo.php b/htdocs/adherents/stats/geo.php index 74a5c9b014e..16dfc3ccff6 100644 --- a/htdocs/adherents/stats/geo.php +++ b/htdocs/adherents/stats/geo.php @@ -42,7 +42,7 @@ if ($user->socid > 0) { $result = restrictedArea($user, 'adherent', '', '', 'cotisation'); $year = strftime("%Y", time()); -$startyear = $year - 2; +$startyear = $year - (empty($conf->global->MAIN_STATS_GRAPHS_SHOW_N_YEARS) ? 2 : max(1, min(10, $conf->global->MAIN_STATS_GRAPHS_SHOW_N_YEARS))); $endyear = $year; // Load translation files required by the page @@ -92,7 +92,7 @@ if ($mode) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."c_country as c on d.country = c.rowid"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."subscription as s ON s.fk_adherent = d.rowid"; $sql .= " WHERE d.entity IN (".getEntity('adherent').")"; - $sql .= " AND d.statut != -1"; + $sql .= " AND d.statut <> ".Adherent::STATUS_DRAFT; $sql .= " GROUP BY c.label, c.code"; //print $sql; } @@ -110,7 +110,7 @@ if ($mode) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."c_country as co on d.country = co.rowid"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."subscription as s ON s.fk_adherent = d.rowid"; $sql .= " WHERE d.entity IN (".getEntity('adherent').")"; - $sql .= " AND d.statut != -1"; + $sql .= " AND d.statut <> ".Adherent::STATUS_DRAFT; $sql .= " GROUP BY co.label, co.code, c.nom"; //print $sql; } @@ -127,7 +127,7 @@ if ($mode) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."c_country as co on d.country = co.rowid"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."subscription as s ON s.fk_adherent = d.rowid"; $sql .= " WHERE d.entity IN (".getEntity('adherent').")"; - $sql .= " AND d.statut != -1"; + $sql .= " AND d.statut <> ".Adherent::STATUS_DRAFT; $sql .= " GROUP BY co.label, co.code, r.nom"; //+ //print $sql; } @@ -142,7 +142,7 @@ if ($mode) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."c_country as c on d.country = c.rowid"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."subscription as s ON s.fk_adherent = d.rowid"; $sql .= " WHERE d.entity IN (".getEntity('adherent').")"; - $sql .= " AND d.statut != -1"; + $sql .= " AND d.statut <> ".Adherent::STATUS_DRAFT; $sql .= " GROUP BY c.label, c.code, d.town"; //print $sql; } diff --git a/htdocs/adherents/stats/index.php b/htdocs/adherents/stats/index.php index e820d0a0d23..ed79978552f 100644 --- a/htdocs/adherents/stats/index.php +++ b/htdocs/adherents/stats/index.php @@ -47,7 +47,7 @@ if ($user->socid > 0) { $result = restrictedArea($user, 'adherent', '', '', 'cotisation'); $year = strftime("%Y", time()); -$startyear = $year - 2; +$startyear = $year - (empty($conf->global->MAIN_STATS_GRAPHS_SHOW_N_YEARS) ? 2 : max(1, min(10, $conf->global->MAIN_STATS_GRAPHS_SHOW_N_YEARS))); $endyear = $year; // Load translation files required by the page @@ -151,12 +151,14 @@ print ''; print ''; print ''; print ''; print ''; -print ''; +print ''; print '
'.$langs->trans("Filter").'
'.$langs->trans("Member").''; +print img_picto('', 'company', 'class="pictofixedwidth"'); print $form->select_company($id,'memberid','',1); print '
'.$langs->trans("User").''; -print $form->select_dolusers($userid, 'userid', 1, '', 0, '', '', 0, 0, 0, '', 0, '', 'maxwidth300'); +print img_picto('', 'user', 'class="pictofixedwidth"'); +print $form->select_dolusers($userid, 'userid', 1, '', 0, '', '', 0, 0, 0, '', 0, '', 'widthcentpercentminusx maxwidth300'); print '
'; print ''; print '

'; @@ -187,8 +189,8 @@ foreach ($data as $val) { //print ''; print ''; print '0'; - print '0'; - print '0'; + print '0'; + print '0'; print ''; } print ''; @@ -198,8 +200,8 @@ foreach ($data as $val) { //print ''; print ''; print ''.$val['nb'].''; - print ''.price(price2num($val['total'], 'MT'), 1).''; - print ''.price(price2num($val['avg'], 'MT'), 1).''; + print ''.price(price2num($val['total'], 'MT'), 1).''; + print ''.price(price2num($val['avg'], 'MT'), 1).''; print ''; $oldyear = $year; } diff --git a/htdocs/adherents/subscription/list.php b/htdocs/adherents/subscription/list.php index 55cafade309..d3d84cb3624 100644 --- a/htdocs/adherents/subscription/list.php +++ b/htdocs/adherents/subscription/list.php @@ -477,6 +477,7 @@ print "\n"; $totalarray = array(); +$totalarray['nbfield'] = 0; while ($i < min($num, $limit)) { $obj = $db->fetch_object($result); @@ -527,7 +528,7 @@ while ($i < min($num, $limit)) { // Lastname if (!empty($arrayfields['d.lastname']['checked'])) { - print ''.$adherent->getNomUrl(-1, 0, 'card', 'lastname').''; + print ''.$adherent->getNomUrl(-1, 0, 'card', 'lastname').''; if (!$i) { $totalarray['nbfield']++; } @@ -550,7 +551,7 @@ while ($i < min($num, $limit)) { // Label if (!empty($arrayfields['t.libelle']['checked'])) { - print ''; + print ''; print $obj->note; print ''; if (!$i) { diff --git a/htdocs/admin/bom.php b/htdocs/admin/bom.php index 528f2f6b29f..c401c6cabf1 100644 --- a/htdocs/admin/bom.php +++ b/htdocs/admin/bom.php @@ -179,6 +179,7 @@ print dol_get_fiche_head($head, 'settings', $langs->trans("BOMs"), -1, 'bom'); print load_fiche_titre($langs->trans("BOMsNumberingModules"), '', ''); +print '
'; print ''; print ''; print ''; @@ -272,7 +273,9 @@ foreach ($dirmodels as $reldir) { } } } -print "
'.$langs->trans("Name").'

\n"; +print ""; +print "
"; +print "
\n"; /* @@ -301,6 +304,7 @@ if ($resql) { } +print '
'; print "\n"; print "\n"; print ''; @@ -414,6 +418,7 @@ foreach ($dirmodels as $reldir) { } print '
'.$langs->trans("Name").'
'; +print '
'; print "
"; /* @@ -421,6 +426,8 @@ print "
"; */ print load_fiche_titre($langs->trans("OtherOptions"), '', ''); + +print '
'; print ''; print ''; print ''; @@ -469,6 +476,7 @@ print "\n"; print ''; print '
'.$langs->trans("Parameter").'
'; +print '
'; print '
'; diff --git a/htdocs/admin/boxes.php b/htdocs/admin/boxes.php index 44629525a26..ae33ef3b6fa 100644 --- a/htdocs/admin/boxes.php +++ b/htdocs/admin/boxes.php @@ -115,7 +115,7 @@ if ($action == 'add') { $sql = "INSERT INTO ".MAIN_DB_PREFIX."boxes ("; $sql .= "box_id, position, box_order, fk_user, entity"; $sql .= ") VALUES ("; - $sql .= $boxid['value'].", ".((int) $pos).", '".(($nbboxonleft > $nbboxonright) ? 'B01' : 'A01')."', ".$fk_user.", ".$conf->entity; + $sql .= ((int) $boxid['value']).", ".((int) $pos).", '".(($nbboxonleft > $nbboxonright) ? 'B01' : 'A01')."', ".((int) $fk_user).", ".$conf->entity; $sql .= ")"; dol_syslog("boxes.php activate box", LOG_DEBUG); @@ -149,11 +149,6 @@ if ($action == 'delete') { if (!empty($obj->box_id)) { $db->begin(); - // Remove all personalized setup when a box is activated or disabled (why removing all ? We removed only removed boxes) - // $sql = "DELETE FROM ".MAIN_DB_PREFIX."user_param"; - // $sql.= " WHERE param LIKE 'MAIN_BOXES_%'"; - // $resql = $db->query($sql); - $sql = "DELETE FROM ".MAIN_DB_PREFIX."boxes"; $sql .= " WHERE entity = ".$conf->entity; $sql .= " AND box_id=".((int) $obj->box_id); @@ -184,6 +179,7 @@ if ($action == 'switch') { $newsecondnum = preg_replace('/[a-zA-Z]+/', '', $newsecond); $newsecond = sprintf("%s%02d", $newsecondchar ? $newsecondchar : 'A', $newsecondnum + 1); } + $sql = "UPDATE ".MAIN_DB_PREFIX."boxes SET box_order='".$db->escape($newfirst)."' WHERE rowid=".((int) $objfrom->rowid); dol_syslog($sql); $resultupdatefrom = $db->query($sql); @@ -427,11 +423,11 @@ foreach ($boxactivated as $key => $box) { $hasprevious = ($key != 0); print ''.($key + 1).''; print ''; - print ($hasnext ? ''.img_down().' ' : ''); - print ($hasprevious ? ''.img_up().'' : ''); + print ($hasnext ? ''.img_down().' ' : ''); + print ($hasprevious ? ''.img_up().'' : ''); print ''; print ''; - print ''.img_delete().''; + print ''.img_delete().''; print ''; print ''."\n"; diff --git a/htdocs/admin/commande.php b/htdocs/admin/commande.php index 89363a9027b..7407961649c 100644 --- a/htdocs/admin/commande.php +++ b/htdocs/admin/commande.php @@ -367,8 +367,8 @@ if ($resql) { print '
'; -print "\n"; -print "\n"; +print '
'."\n"; +print ''."\n"; print ''; print ''; print '\n"; @@ -498,6 +498,7 @@ print load_fiche_titre($langs->trans("SuggestedPaymentModesIfNotDefinedInOrder") print ''; print ''; +print '
'; print '
'.$langs->trans("Name").''.$langs->trans("Description").''.$langs->trans("Status")."
'; print ''; @@ -584,6 +585,8 @@ if (empty($conf->facture->enabled)) { } print ""; print "
"; +print '
'; + print ""; @@ -594,6 +597,8 @@ print '
'; */ print load_fiche_titre($langs->trans("OtherOptions"), '', ''); + +print '
'; print ''; print ''; print ''; @@ -704,6 +709,8 @@ if ($conf->stock->enabled) { */ print '
'.$langs->trans("Parameter").'
'; +print '
'; + print '
'; @@ -712,6 +719,8 @@ print '
'; */ print load_fiche_titre($langs->trans("Notifications"), '', ''); + +print '
'; print ''; print ''; print ''; @@ -725,6 +734,7 @@ print '\n"; print '
'.$langs->trans("Parameter").''; print "
'; +print '
'; // End of page llxFooter(); diff --git a/htdocs/admin/contract.php b/htdocs/admin/contract.php index 30b77f6db8b..c10a6ed04b4 100644 --- a/htdocs/admin/contract.php +++ b/htdocs/admin/contract.php @@ -456,7 +456,7 @@ print ''."\n"; print ''; print $form->textwithpicto($langs->trans("WatermarkOnDraftContractCards"), $htmltext, 1, 'help', '', 0, 2, 'watermarktooltip').'
'; print ''; -print ''; +print ''; print ''."\n"; print ''; diff --git a/htdocs/admin/dict.php b/htdocs/admin/dict.php index d03574d473b..35e20b96570 100644 --- a/htdocs/admin/dict.php +++ b/htdocs/admin/dict.php @@ -100,7 +100,7 @@ $hookmanager->initHooks(array('admin')); // Put here declaration of dictionaries properties // Sort order to show dictionary (0 is space). All other dictionaries (added by modules) will be at end of this. -$taborder = array(9, 0, 4, 3, 2, 0, 1, 8, 19, 16, 39, 27, 40, 38, 0, 5, 11, 0, 6, 0, 29, 0, 33, 34, 32, 24, 28, 17, 35, 36, 0, 10, 23, 12, 13, 7, 0, 14, 0, 22, 20, 18, 21, 41, 0, 15, 30, 0, 37, 42, 0, 25, 0, 43, 0); +$taborder = array(9, 0, 4, 3, 2, 0, 1, 8, 19, 16, 39, 27, 40, 38, 0, 5, 11, 0, 6, 0, 29, 0, 33, 34, 32, 24, 28, 17, 35, 36, 0, 10, 23, 12, 13, 7, 0, 14, 0, 22, 20, 18, 21, 41, 0, 15, 30, 0, 37, 42, 0, 43, 0, 25, 0); // Name of SQL tables of dictionaries $tabname = array(); @@ -608,7 +608,7 @@ $tabcomplete = array( 'c_prospectcontactlevel'=>array('picto'=>'company'), 'c_stcommcontact'=>array('picto'=>'company'), 'c_product_nature'=>array('picto'=>'product'), - 'c_productbatch_qcstatus'=>array('picto'=>'batch'), + 'c_productbatch_qcstatus'=>array('picto'=>'lot'), ); @@ -970,7 +970,7 @@ if (GETPOST('actionadd') || GETPOST('actionmodify')) { $sql .= " WHERE ".$rowidcol." = ".((int) $rowid); } if (in_array('entity', $listfieldmodify)) { - $sql .= " AND entity = '".getEntity($tabname[$id])."'"; + $sql .= " AND entity = ".((int) getEntity($tabname[$id], 0)); } dol_syslog("actionmodify", LOG_DEBUG); @@ -2391,10 +2391,10 @@ function fieldList($fieldlist, $obj = '', $tabname = '', $context = '') $transkey = ''; if (in_array($fieldlist[$field], array('label', 'libelle'))) { // For label // Special case for labels - if ($tabname == MAIN_DB_PREFIX.'c_civility') { + if ($tabname == MAIN_DB_PREFIX.'c_civility' && !empty($obj->code)) { $transkey = "Civility".strtoupper($obj->code); } - if ($tabname == MAIN_DB_PREFIX.'c_payment_term') { + if ($tabname == MAIN_DB_PREFIX.'c_payment_term' && !empty($obj->code)) { $langs->load("bills"); $transkey = "PaymentConditionShort".strtoupper($obj->code); } diff --git a/htdocs/admin/emailcollector_list.php b/htdocs/admin/emailcollector_list.php index 2c6739e96dd..55b2052936c 100644 --- a/htdocs/admin/emailcollector_list.php +++ b/htdocs/admin/emailcollector_list.php @@ -99,7 +99,7 @@ foreach ($object->fields as $key => $val) { // List of fields to search into when doing a "search in all" $fieldstosearchall = array(); foreach ($object->fields as $key => $val) { - if ($val['searchall']) { + if (!empty($val['searchall'])) { $fieldstosearchall['t.'.$key] = $val['label']; } } @@ -549,6 +549,12 @@ while ($i < ($limit ? min($num, $limit) : $num)) { if (!$i) { $totalarray['pos'][$totalarray['nbfield']] = 't.'.$key; } + if (!isset($totalarray['val'])) { + $totalarray['val'] = array(); + } + if (!isset($totalarray['val']['t.'.$key])) { + $totalarray['val']['t.'.$key] = 0; + } $totalarray['val']['t.'.$key] += $object->$key; } } diff --git a/htdocs/admin/expedition.php b/htdocs/admin/expedition.php index 8be9aeee0bc..8916adef471 100644 --- a/htdocs/admin/expedition.php +++ b/htdocs/admin/expedition.php @@ -449,7 +449,7 @@ print "\n"; print ''; print $form->textwithpicto($langs->trans("WatermarkOnDraftContractCards"), $htmltext, 1, 'help', '', 0, 2, 'watermarktooltip').'
'; -print ''; +print ''; print "\n"; print ''; diff --git a/htdocs/admin/expensereport.php b/htdocs/admin/expensereport.php index ad04e09ffd1..7ff30242336 100644 --- a/htdocs/admin/expensereport.php +++ b/htdocs/admin/expensereport.php @@ -455,7 +455,7 @@ print ''."\n"; print ''; print $form->textwithpicto($langs->trans("WatermarkOnDraftExpenseReports"), $htmltext, 1, 'help', '', 0, 2, 'watermarktooltip').'
'; -print ''; +print ''; print ''."\n"; print ''; diff --git a/htdocs/admin/facture.php b/htdocs/admin/facture.php index a16df0d7fc4..bd4b6f5404f 100644 --- a/htdocs/admin/facture.php +++ b/htdocs/admin/facture.php @@ -249,6 +249,7 @@ print dol_get_fiche_head($head, 'general', $langs->trans("Invoices"), -1, 'invoi print load_fiche_titre($langs->trans("BillsNumberingModule"), '', ''); +print '
'; print ''; print ''; print ''; @@ -411,6 +412,7 @@ foreach ($dirmodels as $reldir) { } print '
'.$langs->trans("Name").'
'; +print '
'; /* @@ -439,6 +441,7 @@ if ($resql) { dol_print_error($db); } +print '
'; print ''; print ''; print ''; @@ -558,6 +561,7 @@ foreach ($dirmodels as $reldir) { } } print '
'.$langs->trans("Name").'
'; +print '
'; if (!empty($conf->global->INVOICE_USE_DEFAULT_DOCUMENT)) { // Hidden conf /* @@ -565,9 +569,12 @@ if (!empty($conf->global->INVOICE_USE_DEFAULT_DOCUMENT)) { // Hidden conf */ print '
'; print load_fiche_titre($langs->trans("BillsPDFModulesAccordindToInvoiceType"), '', ''); + print '
'; print ''; print ''; + + print '
'; print ''; print ''; print ''; @@ -595,6 +602,8 @@ if (!empty($conf->global->INVOICE_USE_DEFAULT_DOCUMENT)) { // Hidden conf } print '
'.$langs->trans("Type").'
'; + print '
'; + print "
"; } @@ -607,6 +616,7 @@ print load_fiche_titre($langs->trans("SuggestedPaymentModesIfNotDefinedInInvoice print '
'; print ''; +print '
'; print ''; print ''; @@ -681,12 +691,15 @@ if ($resql) { print ""; print ""; print "
"; +print '
'; + print "
"; print "
"; print load_fiche_titre($langs->trans("OtherOptions"), '', ''); +print '
'; print ''; print ''; print ''; @@ -740,14 +753,14 @@ print ' print ''; -print '\n"; print ''; print '
'.$langs->trans("Parameter").'
'; print $form->textwithpicto($langs->trans("WatermarkOnDraftBill"), $htmltext, 1, 'help', '', 0, 2, 'watermarktooltip').'
'; print '		'; +print ''; print ''; print ''; print "
'; - +print '
'; /* * Repertoire diff --git a/htdocs/admin/fichinter.php b/htdocs/admin/fichinter.php index b0dcf2f39c4..cdfa1f91753 100644 --- a/htdocs/admin/fichinter.php +++ b/htdocs/admin/fichinter.php @@ -236,6 +236,7 @@ print dol_get_fiche_head($head, 'ficheinter', $langs->trans("Interventions"), -1 print load_fiche_titre($langs->trans("FicheinterNumberingModules"), '', ''); +print '
'; print ''; print ''; print ''; @@ -328,7 +329,10 @@ foreach ($dirmodels as $reldir) { } } -print '
'.$langs->trans("Name").'

'; +print ''; +print '
'; + +print '
'; /* @@ -358,6 +362,7 @@ if ($resql) { } +print '
'; print ''; print ''; print ''; @@ -468,6 +473,7 @@ foreach ($dirmodels as $reldir) { } print '
'.$langs->trans("Name").'
'; +print '
'; print "
"; /* @@ -475,6 +481,8 @@ print "
"; */ print load_fiche_titre($langs->trans("OtherOptions"), '', ''); + +print '
'; print ''; print ''; print ''; @@ -515,7 +523,7 @@ print "\n"; @@ -585,6 +593,7 @@ print ''; print ''; print '
'.$langs->trans("Parameter").''; print $form->textwithpicto($langs->trans("WatermarkOnDraftInterventionCards"), $htmltext, 1, 'help', '', 0, 2, 'watermarktooltip').'
'; print '		'; -print ''; +print ''; print ''; print ''; print "
'; +print '
'; print '
'; diff --git a/htdocs/admin/geoipmaxmind.php b/htdocs/admin/geoipmaxmind.php index 109bd6b388d..40819b697e3 100644 --- a/htdocs/admin/geoipmaxmind.php +++ b/htdocs/admin/geoipmaxmind.php @@ -132,7 +132,7 @@ print ''; if ($conf->global->GEOIP_VERSION == 'php') { print 'Using geoip PHP internal functions. Value must be '.geoip_db_filename(GEOIP_COUNTRY_EDITION).' or '.geoip_db_filename(GEOIP_CITY_EDITION_REV1).' or /pathtodatafile/GeoLite2-Country.mmdb
'; } -print ''; +print ''; print ''; print ''; diff --git a/htdocs/admin/holiday.php b/htdocs/admin/holiday.php index 28fbeba9063..f6ac529466e 100644 --- a/htdocs/admin/holiday.php +++ b/htdocs/admin/holiday.php @@ -472,7 +472,7 @@ print ''."\n"; print ''; print $form->textwithpicto($langs->trans("WatermarkOnDraftHolidayCards"), $htmltext, 1, 'help', '', 0, 2, 'watermarktooltip').'
'; print ''; -print ''; +print ''; print ''."\n"; print ''; diff --git a/htdocs/admin/knowledgemanagement.php b/htdocs/admin/knowledgemanagement.php index 5bc994bb086..b8434773f67 100644 --- a/htdocs/admin/knowledgemanagement.php +++ b/htdocs/admin/knowledgemanagement.php @@ -23,32 +23,8 @@ */ // Load Dolibarr environment -$res = 0; -// Try main.inc.php into web root known defined into CONTEXT_DOCUMENT_ROOT (not always defined) -if (!$res && !empty($_SERVER["CONTEXT_DOCUMENT_ROOT"])) { - $res = @include $_SERVER["CONTEXT_DOCUMENT_ROOT"]."/main.inc.php"; -} -// Try main.inc.php into web root detected using web root calculated from SCRIPT_FILENAME -$tmp = empty($_SERVER['SCRIPT_FILENAME']) ? '' : $_SERVER['SCRIPT_FILENAME']; $tmp2 = realpath(__FILE__); $i = strlen($tmp) - 1; $j = strlen($tmp2) - 1; -while ($i > 0 && $j > 0 && isset($tmp[$i]) && isset($tmp2[$j]) && $tmp[$i] == $tmp2[$j]) { - $i--; $j--; -} -if (!$res && $i > 0 && file_exists(substr($tmp, 0, ($i + 1))."/main.inc.php")) { - $res = @include substr($tmp, 0, ($i + 1))."/main.inc.php"; -} -if (!$res && $i > 0 && file_exists(dirname(substr($tmp, 0, ($i + 1)))."/main.inc.php")) { - $res = @include dirname(substr($tmp, 0, ($i + 1)))."/main.inc.php"; -} -// Try main.inc.php using relative path -if (!$res && file_exists("../main.inc.php")) { - $res = @include "../main.inc.php"; -} -if (!$res && file_exists("../../main.inc.php")) { - $res = @include "../../main.inc.php"; -} -if (!$res) { - die("Include of main fails"); -} +require '../main.inc.php'; + global $langs, $user; // Libraries diff --git a/htdocs/admin/knowledgerecord_extrafields.php b/htdocs/admin/knowledgerecord_extrafields.php index 823366e1fbe..d6c94e4ceeb 100644 --- a/htdocs/admin/knowledgerecord_extrafields.php +++ b/htdocs/admin/knowledgerecord_extrafields.php @@ -27,32 +27,7 @@ */ // Load Dolibarr environment -$res = 0; -// Try main.inc.php into web root known defined into CONTEXT_DOCUMENT_ROOT (not always defined) -if (!$res && !empty($_SERVER["CONTEXT_DOCUMENT_ROOT"])) { - $res = @include $_SERVER["CONTEXT_DOCUMENT_ROOT"]."/main.inc.php"; -} -// Try main.inc.php into web root detected using web root calculated from SCRIPT_FILENAME -$tmp = empty($_SERVER['SCRIPT_FILENAME']) ? '' : $_SERVER['SCRIPT_FILENAME']; $tmp2 = realpath(__FILE__); $i = strlen($tmp) - 1; $j = strlen($tmp2) - 1; -while ($i > 0 && $j > 0 && isset($tmp[$i]) && isset($tmp2[$j]) && $tmp[$i] == $tmp2[$j]) { - $i--; $j--; -} -if (!$res && $i > 0 && file_exists(substr($tmp, 0, ($i + 1))."/main.inc.php")) { - $res = @include substr($tmp, 0, ($i + 1))."/main.inc.php"; -} -if (!$res && $i > 0 && file_exists(dirname(substr($tmp, 0, ($i + 1)))."/main.inc.php")) { - $res = @include dirname(substr($tmp, 0, ($i + 1)))."/main.inc.php"; -} -// Try main.inc.php using relative path -if (!$res && file_exists("../main.inc.php")) { - $res = @include "../main.inc.php"; -} -if (!$res && file_exists("../../main.inc.php")) { - $res = @include "../../main.inc.php"; -} -if (!$res) { - die("Include of main fails"); -} +require '../main.inc.php'; require_once DOL_DOCUMENT_ROOT.'/core/class/extrafields.class.php'; require_once DOL_DOCUMENT_ROOT.'/knowledgemanagement/lib/knowledgemanagement.lib.php'; diff --git a/htdocs/admin/mails.php b/htdocs/admin/mails.php index 2d3133c9fce..e86c78763ee 100644 --- a/htdocs/admin/mails.php +++ b/htdocs/admin/mails.php @@ -302,7 +302,7 @@ if ($action == 'edit') { // Disable print ''.$langs->trans("MAIN_DISABLE_ALL_MAILS").''; - print $form->selectyesno('MAIN_DISABLE_ALL_MAILS', $conf->global->MAIN_DISABLE_ALL_MAILS, 1); + print $form->selectyesno('MAIN_DISABLE_ALL_MAILS', getDolGlobalString('MAIN_DISABLE_ALL_MAILS'), 1); print ''; // Force e-mail recipient @@ -514,7 +514,7 @@ if ($action == 'edit') { $liste['company'] = $langs->trans('CompanyEmail').' ('.(empty($conf->global->MAIN_INFO_SOCIETE_MAIL) ? $langs->trans("NotDefined") : $conf->global->MAIN_INFO_SOCIETE_MAIL).')'; print ''.$langs->trans('MAIN_MAIL_DEFAULT_FROMTYPE').''; - print $form->selectarray('MAIN_MAIL_DEFAULT_FROMTYPE', $liste, $conf->global->MAIN_MAIL_DEFAULT_FROMTYPE, 0); + print $form->selectarray('MAIN_MAIL_DEFAULT_FROMTYPE', $liste, getDolGlobalString('MAIN_MAIL_DEFAULT_FROMTYPE'), 0); print ''; // From @@ -529,7 +529,7 @@ if ($action == 'edit') { // Add user to select destinaries list print ''.$langs->trans("MAIN_MAIL_ENABLED_USER_DEST_SELECT").''; - print $form->selectyesno('MAIN_MAIL_ENABLED_USER_DEST_SELECT', $conf->global->MAIN_MAIL_ENABLED_USER_DEST_SELECT, 1); + print $form->selectyesno('MAIN_MAIL_ENABLED_USER_DEST_SELECT', getDolGlobalString('MAIN_MAIL_ENABLED_USER_DEST_SELECT'), 1); print ''; print ''; diff --git a/htdocs/admin/mails_senderprofile_list.php b/htdocs/admin/mails_senderprofile_list.php index 44982fc3ece..e27c48b0416 100644 --- a/htdocs/admin/mails_senderprofile_list.php +++ b/htdocs/admin/mails_senderprofile_list.php @@ -609,6 +609,12 @@ while ($i < ($limit ? min($num, $limit) : $num)) { if (!$i) { $totalarray['pos'][$totalarray['nbfield']] = 't.'.$key; } + if (!isset($totalarray['val'])) { + $totalarray['val'] = array(); + } + if (!isset($totalarray['val']['t.'.$key])) { + $totalarray['val']['t.'.$key] = 0; + } $totalarray['val']['t.'.$key] += $object->$key; } } diff --git a/htdocs/admin/modules.php b/htdocs/admin/modules.php index 1a6d99261bd..589cf9fcb1a 100644 --- a/htdocs/admin/modules.php +++ b/htdocs/admin/modules.php @@ -8,6 +8,7 @@ * Copyright (C) 2015 Jean-François Ferry * Copyright (C) 2015 Raphaël Doursenaud * Copyright (C) 2018 Nicolas ZABOURI + * Copyright (C) 2021 Frédéric France * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -246,6 +247,7 @@ if ($action == 'install') { if ($action == 'set' && $user->admin) { $resarray = activateModule($value); + dolibarr_set_const($db, "MAIN_IHM_PARAMS_REV", (int) $conf->global->MAIN_IHM_PARAMS_REV + 1, 'chaine', 0, '', $conf->entity); if (!empty($resarray['errors'])) { setEventMessages('', $resarray['errors'], 'errors'); } else { @@ -269,6 +271,7 @@ if ($action == 'set' && $user->admin) { exit; } elseif ($action == 'reset' && $user->admin && GETPOST('confirm') == 'yes') { $result = unActivateModule($value); + dolibarr_set_const($db, "MAIN_IHM_PARAMS_REV", (int) $conf->global->MAIN_IHM_PARAMS_REV + 1, 'chaine', 0, '', $conf->entity); if ($result) { setEventMessages($result, null, 'errors'); } @@ -532,7 +535,7 @@ if ($mode == 'common' || $mode == 'commonkanban') { $moreforfilter .= '
'; $moreforfilter .= '
'; - $moreforfilter .= img_picto($langs->trans("Filter"), 'filter', 'class="paddingright opacityhigh"').''; + $moreforfilter .= img_picto($langs->trans("Filter"), 'filter', 'class="paddingright opacityhigh hideonsmartphone"').''; $moreforfilter .= '
'; $moreforfilter .= '
'; $moreforfilter .= $form->selectarray('search_nature', $arrayofnatures, dol_escape_htmltag($search_nature), $langs->trans('Origin'), 0, 0, '', 0, 0, 0, '', 'maxwidth200', 1); @@ -823,8 +826,7 @@ if ($mode == 'common' || $mode == 'commonkanban') { } else { $codetoconfig .= img_picto($langs->trans("NothingToSetup"), "setup", 'class="opacitytransp" style="padding-right: 6px"', false, 0, 0, '', 'fa-15'); } - } else // Module not yet activated - { + } else { // Module not yet activated // Set $codeenabledisable if (!empty($objMod->always_enabled)) { // Should never happened @@ -881,11 +883,11 @@ if ($mode == 'common' || $mode == 'commonkanban') { } else { print ''."\n"; if (!empty($conf->global->MAIN_MODULES_SHOW_LINENUMBERS)) { - print ''.$linenum.''; + print ''.$linenum.''; } // Picto + Name of module - print ' '; + print ' '; $alttext = ''; //if (is_array($objMod->need_dolibarr_version)) $alttext.=($alttext?' - ':'').'Dolibarr >= '.join('.',$objMod->need_dolibarr_version); //if (is_array($objMod->phpmin)) $alttext.=($alttext?' - ':'').'PHP >= '.join('.',$objMod->phpmin); @@ -1012,7 +1014,7 @@ if ($mode == 'marketplace') {
-
+
diff --git a/htdocs/admin/pdf_other.php b/htdocs/admin/pdf_other.php index acf1dfe707e..03c27fd3721 100644 --- a/htdocs/admin/pdf_other.php +++ b/htdocs/admin/pdf_other.php @@ -91,7 +91,9 @@ print '
'; print ''; print ''; -print ''; - print ''; + print ''; $ret = $printer->selectTypePrinter(); print ''; $ret = $printer->selectProfilePrinter(); @@ -334,7 +334,7 @@ if ($mode == 'config' && $user->admin) { print ''; if ($action == 'editprinter' && $printer->listprinters[$line]['rowid'] == $printerid) { print ''; - print ''; + print ''; $ret = $printer->selectTypePrinter($printer->listprinters[$line]['fk_type']); print ''; $ret = $printer->selectProfilePrinter($printer->listprinters[$line]['fk_profile']); @@ -427,7 +427,7 @@ if ($mode == 'template' && $user->admin) { print ''; if ($action == 'edittemplate' && $printer->listprinterstemplates[$line]['rowid'] == $templateid) { print ''; - print ''; + print ''; print ''; @@ -456,7 +456,7 @@ if ($mode == 'template' && $user->admin) { if ($action != 'edittemplate') { print ''; - print ''; + print ''; print '
'.$langs->trans("Parameter").''.$langs->trans("Value").'
'.$langs->trans("MAIN_GENERATE_PROPOSALS_WITH_PICTURE").''; +print '
'.$langs->trans("MAIN_GENERATE_PROPOSALS_WITH_PICTURE"); +print ' ('.$langs->trans("RandomlySelectedIfSeveral").')'; +print ''; if ($conf->use_javascript_ajax) { print ajax_constantonoff('MAIN_GENERATE_PROPOSALS_WITH_PICTURE'); } else { diff --git a/htdocs/admin/receiptprinter.php b/htdocs/admin/receiptprinter.php index f1b74146c5e..883a6ff6f03 100644 --- a/htdocs/admin/receiptprinter.php +++ b/htdocs/admin/receiptprinter.php @@ -313,7 +313,7 @@ if ($mode == 'config' && $user->admin) { if ($action != 'editprinter') { print '
'.$printer->resprint.'
'.$printer->resprint.'
'; print ''; print '
'; print ''; diff --git a/htdocs/admin/reception_setup.php b/htdocs/admin/reception_setup.php index 6ea6d195040..e9a4a724871 100644 --- a/htdocs/admin/reception_setup.php +++ b/htdocs/admin/reception_setup.php @@ -178,6 +178,7 @@ print dol_get_fiche_head($head, 'reception', $langs->trans("Receptions"), -1, 'r print load_fiche_titre($langs->trans("ReceptionsNumberingModules")); +print '
'; print ''; print ''; print ''; @@ -272,8 +273,10 @@ foreach ($dirmodels as $reldir) { } } -print '
'.$langs->trans("Name").'

'; +print '
'; +print '
'; +print '
'; /* * Documents models for Receptions Receipt @@ -302,6 +305,7 @@ if ($resql) { dol_print_error($db); } +print '
'; print ''; print ''; print ''; @@ -417,6 +421,8 @@ foreach ($dirmodels as $reldir) { } print '
'.$langs->trans("Name").'
'; +print '
'; + print '
'; @@ -459,7 +465,7 @@ print "\n"; print ''; print $form->textwithpicto($langs->trans("WatermarkOnDraftContractCards"), $htmltext).'
'; -print ''; +print ''; print "\n"; */ print ''; diff --git a/htdocs/admin/resource.php b/htdocs/admin/resource.php index b8bb566c79b..06ae59d64a3 100644 --- a/htdocs/admin/resource.php +++ b/htdocs/admin/resource.php @@ -74,6 +74,7 @@ print '
'; print ''; print ''; +print '
'; print ''; print ''; print ''."\n"; @@ -132,6 +133,7 @@ print ''; print ''; print '
'.$langs->trans("Parameters").'
'; +print '
'; print '
'; diff --git a/htdocs/admin/stock.php b/htdocs/admin/stock.php index 55d6a518250..a4a9e91e3ff 100644 --- a/htdocs/admin/stock.php +++ b/htdocs/admin/stock.php @@ -743,6 +743,23 @@ if ($conf->use_javascript_ajax) { } print "\n"; print "\n"; + +/* Disabled. Would be better to be managed with a user cookie +if (!empty($conf->productbatch->enabled)) { + print ''; + print '' . $langs->trans("ShowAllBatchByDefault") . ''; + print ''; + if ($conf->use_javascript_ajax) { + print ajax_constantonoff('STOCK_SHOW_ALL_BATCH_BY_DEFAULT'); + } else { + $arrval = array('0' => $langs->trans("No"), '1' => $langs->trans("Yes")); + print $form->selectarray("STOCK_SHOW_ALL_BATCH_BY_DEFAULT", $arrval, $conf->global->STOCK_SHOW_ALL_BATCH_BY_DEFAULT); + } + print "\n"; + print "\n"; +} +*/ + print ''; print ''; diff --git a/htdocs/admin/supplier_proposal.php b/htdocs/admin/supplier_proposal.php index d74c4d5dbf7..68066a2aebc 100644 --- a/htdocs/admin/supplier_proposal.php +++ b/htdocs/admin/supplier_proposal.php @@ -490,7 +490,7 @@ print "'; print $form->textwithpicto($langs->trans("WatermarkOnDraftProposal"), $htmltext, 1, 'help', '', 0, 2, 'watermarktooltip').'
'; print ''; -print ''; +print ''; print ''; print ''; print "\n"; diff --git a/htdocs/admin/system/filecheck.php b/htdocs/admin/system/filecheck.php index 50b27b30964..212fcc6228a 100644 --- a/htdocs/admin/system/filecheck.php +++ b/htdocs/admin/system/filecheck.php @@ -122,7 +122,7 @@ if (dol_is_file($xmlfile)) { print ''."\n"; if ($enableremotecheck) { print ' = '; - print '
'; + print '
'; } else { print ' '.$langs->trans("RemoteSignature").' = '.dol_escape_htmltag($xmlremote); if (!GETPOST('xmlremote')) { diff --git a/htdocs/admin/system/modules.php b/htdocs/admin/system/modules.php index f3892e105bb..150ca10a359 100644 --- a/htdocs/admin/system/modules.php +++ b/htdocs/admin/system/modules.php @@ -65,6 +65,7 @@ $arrayfields = array( ); $arrayfields = dol_sort_array($arrayfields, 'position'); +$param = ''; /* diff --git a/htdocs/admin/system/perf.php b/htdocs/admin/system/perf.php index b1014cc98c7..2a8dfa975cd 100644 --- a/htdocs/admin/system/perf.php +++ b/htdocs/admin/system/perf.php @@ -75,7 +75,7 @@ print '
'; print ''.$langs->trans("Syslog").': '; $test = empty($conf->syslog->enabled); if ($test) { - print img_picto('', 'tick.png').' '.$langs->trans("NotInstalled").' - '.$langs->trans("NotSlowedDownByThis"); + print img_picto('', 'tick.png').' '.$langs->trans("NotInstalled").' '.$langs->trans("NotSlowedDownByThis").''; } else { if ($conf->global->SYSLOG_LEVEL > LOG_NOTICE) { print img_picto('', 'warning').' '.$langs->trans("ModuleActivatedWithTooHighLogLevel", $langs->transnoentities("Syslog")); @@ -91,7 +91,7 @@ print '
'; print ''.$langs->trans("DebugBar").': '; $test = empty($conf->debugbar->enabled); if ($test) { - print img_picto('', 'tick.png').' '.$langs->trans("NotInstalled").' - '.$langs->trans("NotSlowedDownByThis"); + print img_picto('', 'tick.png').' '.$langs->trans("NotInstalled").' '.$langs->trans("NotSlowedDownByThis").''; } else { print img_picto('', 'warning').' '.$langs->trans("ModuleActivated", $langs->transnoentities("DebugBar")); //print ' '.$langs->trans("MoreInformation").' XDebug admin page'; @@ -111,7 +111,7 @@ if ($test) { print ' Memcached module admin page'; } } else { - print img_picto('', 'warning').' '.$langs->trans("MemcachedNotAvailable"); + print $langs->trans("MemcachedNotAvailable"); } print '
'; @@ -464,11 +464,99 @@ if ($conf->db->type == 'mysql' || $conf->db->type == 'mysqli') { print '
'; } -// Product search +print '
'; +print ''.$langs->trans("ComboListOptim").': '; +print '
'; +// Product combo list +$sql = "SELECT COUNT(*) as nb"; +$sql .= " FROM ".MAIN_DB_PREFIX."product as p"; +$resql = $db->query($sql); +if ($resql) { + $limitforoptim = 5000; + $num = $db->num_rows($resql); + $obj = $db->fetch_object($resql); + $nb = $obj->nb; + if ($nb > $limitforoptim) { + if (empty($conf->global->PRODUIT_USE_SEARCH_TO_SELECT)) { + print img_picto('', 'warning.png').' '.$langs->trans("YouHaveXObjectUseComboOptim", $nb, $langs->transnoentitiesnoconv("ProductsOrServices"), 'PRODUIT_USE_SEARCH_TO_SELECT'); + } else { + print img_picto('', 'tick.png').' '.$langs->trans("YouHaveXObjectAndSearchOptimOn", $nb, $langs->transnoentitiesnoconv("ProductsOrServices"), 'PRODUIT_USE_SEARCH_TO_SELECT', $conf->global->PRODUIT_USE_SEARCH_TO_SELECT); + } + } else { + print img_picto('', 'tick.png').' '.$langs->trans("NbOfObjectIsLowerThanNoPb", $nb, $langs->transnoentitiesnoconv("ProductsOrServices")); + } + print '
'; + $db->free($resql); +} +// Thirdparty combo list +$sql = "SELECT COUNT(*) as nb"; +$sql .= " FROM ".MAIN_DB_PREFIX."societe as s"; +$resql = $db->query($sql); +if ($resql) { + $limitforoptim = 5000; + $num = $db->num_rows($resql); + $obj = $db->fetch_object($resql); + $nb = $obj->nb; + if ($nb > $limitforoptim) { + if (empty($conf->global->COMPANY_USE_SEARCH_TO_SELECT)) { + print img_picto('', 'warning.png').' '.$langs->trans("YouHaveXObjectUseComboOptim", $nb, $langs->transnoentitiesnoconv("ThirdParties"), 'COMPANY_USE_SEARCH_TO_SELECT'); + } else { + print img_picto('', 'tick.png').' '.$langs->trans("YouHaveXObjectAndSearchOptimOn", $nb, $langs->transnoentitiesnoconv("ThirdParties"), 'COMPANY_USE_SEARCH_TO_SELECT', $conf->global->COMPANY_USE_SEARCH_TO_SELECT); + } + } else { + print img_picto('', 'tick.png').' '.$langs->trans("NbOfObjectIsLowerThanNoPb", $nb, $langs->transnoentitiesnoconv("ThirdParties")); + } + print '
'; + $db->free($resql); +} +// Contact combo list +$sql = "SELECT COUNT(*) as nb"; +$sql .= " FROM ".MAIN_DB_PREFIX."socpeople as s"; +$resql = $db->query($sql); +if ($resql) { + $limitforoptim = 5000; + $num = $db->num_rows($resql); + $obj = $db->fetch_object($resql); + $nb = $obj->nb; + if ($nb > $limitforoptim) { + if (empty($conf->global->CONTACT_USE_SEARCH_TO_SELECT)) { + print img_picto('', 'warning.png').' '.$langs->trans("YouHaveXObjectUseComboOptim", $nb, $langs->transnoentitiesnoconv("Contacts"), 'CONTACT_USE_SEARCH_TO_SELECT'); + } else { + print img_picto('', 'tick.png').' '.$langs->trans("YouHaveXObjectAndSearchOptimOn", $nb, $langs->transnoentitiesnoconv("Contacts"), 'CONTACT_USE_SEARCH_TO_SELECT', $conf->global->CONTACT_USE_SEARCH_TO_SELECT); + } + } else { + print img_picto('', 'tick.png').' '.$langs->trans("NbOfObjectIsLowerThanNoPb", $nb, $langs->transnoentitiesnoconv("Contacts")); + } + print '
'; + $db->free($resql); +} +// Contact combo list +$sql = "SELECT COUNT(*) as nb"; +$sql .= " FROM ".MAIN_DB_PREFIX."projet as s"; +$resql = $db->query($sql); +if ($resql) { + $limitforoptim = 5000; + $num = $db->num_rows($resql); + $obj = $db->fetch_object($resql); + $nb = $obj->nb; + if ($nb > $limitforoptim) { + if (empty($conf->global->PROJECT_USE_SEARCH_TO_SELECT)) { + print img_picto('', 'warning.png').' '.$langs->trans("YouHaveXObjectUseComboOptim", $nb, $langs->transnoentitiesnoconv("Projects"), 'PROJECT_USE_SEARCH_TO_SELECT'); + } else { + print img_picto('', 'tick.png').' '.$langs->trans("YouHaveXObjectAndSearchOptimOn", $nb, $langs->transnoentitiesnoconv("Projects"), 'PROJECT_USE_SEARCH_TO_SELECT', $conf->global->PROJECT_USE_SEARCH_TO_SELECT); + } + } else { + print img_picto('', 'tick.png').' '.$langs->trans("NbOfObjectIsLowerThanNoPb", $nb, $langs->transnoentitiesnoconv("Projects")); + } + print '
'; + $db->free($resql); +} + + print '
'; print ''.$langs->trans("SearchOptim").': '; print '
'; -$tab = array(); +// Product search $sql = "SELECT COUNT(*) as nb"; $sql .= " FROM ".MAIN_DB_PREFIX."product as p"; $resql = $db->query($sql); @@ -480,8 +568,9 @@ if ($resql) { if ($nb > $limitforoptim) { if (empty($conf->global->PRODUCT_DONOTSEARCH_ANYWHERE)) { print img_picto('', 'warning.png').' '.$langs->trans("YouHaveXObjectUseSearchOptim", $nb, $langs->transnoentitiesnoconv("ProductsOrServices"), 'PRODUCT_DONOTSEARCH_ANYWHERE'); + print $langs->trans("YouHaveXObjectUseSearchOptimDesc"); } else { - print img_picto('', 'tick.png').' '.$langs->trans("YouHaveXObjectAndSearchOptimOn", $nb, $langs->transnoentitiesnoconv("ProductsOrServices")); + print img_picto('', 'tick.png').' '.$langs->trans("YouHaveXObjectAndSearchOptimOn", $nb, $langs->transnoentitiesnoconv("ProductsOrServices"), 'PRODUCT_DONOTSEARCH_ANYWHERE', $conf->global->PRODUCT_DONOTSEARCH_ANYWHERE); } } else { print img_picto('', 'tick.png').' '.$langs->trans("NbOfObjectIsLowerThanNoPb", $nb, $langs->transnoentitiesnoconv("ProductsOrServices")); @@ -491,20 +580,20 @@ if ($resql) { } // Thirdparty search -$tab = array(); $sql = "SELECT COUNT(*) as nb"; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s"; $resql = $db->query($sql); if ($resql) { - $limitforoptim = 10000; + $limitforoptim = 100000; $num = $db->num_rows($resql); $obj = $db->fetch_object($resql); $nb = $obj->nb; if ($nb > $limitforoptim) { if (empty($conf->global->COMPANY_DONOTSEARCH_ANYWHERE)) { print img_picto('', 'warning.png').' '.$langs->trans("YouHaveXObjectUseSearchOptim", $nb, $langs->transnoentitiesnoconv("ThirdParties"), 'COMPANY_DONOTSEARCH_ANYWHERE'); + print $langs->trans("YouHaveXObjectUseSearchOptimDesc"); } else { - print img_picto('', 'tick.png').' '.$langs->trans("YouHaveXObjectAndSearchOptimOn", $nb, $langs->transnoentitiesnoconv("ThirdParties")); + print img_picto('', 'tick.png').' '.$langs->trans("YouHaveXObjectAndSearchOptimOn", $nb, $langs->transnoentitiesnoconv("ThirdParties"), 'COMPANY_DONOTSEARCH_ANYWHERE', $conf->global->COMPANY_DONOTSEARCH_ANYWHERE); } } else { print img_picto('', 'tick.png').' '.$langs->trans("NbOfObjectIsLowerThanNoPb", $nb, $langs->transnoentitiesnoconv("ThirdParties")); diff --git a/htdocs/admin/system/security.php b/htdocs/admin/system/security.php index a4060634ff9..3e01a99cb61 100644 --- a/htdocs/admin/system/security.php +++ b/htdocs/admin/system/security.php @@ -65,12 +65,31 @@ if (function_exists('php_ini_loaded_file')) { } print "
\n"; -// Get versionof web server -print "
Web server - ".$langs->trans("Version").": ".$_SERVER["SERVER_SOFTWARE"]."
\n"; +// Get version of web server +print "
Web server - ".$langs->trans("Version").": ".$_SERVER["SERVER_SOFTWARE"]."
\n"; +print ''.$langs->trans("DataRootServer").": ".DOL_DATA_ROOT."
\n"; +// Web user group by default +$labeluser = dol_getwebuser('user'); +$labelgroup = dol_getwebuser('group'); +if ($labeluser && $labelgroup) { + print ''.$langs->trans("WebUserGroup")." (env vars) : ".$labeluser.':'.$labelgroup; + if (function_exists('posix_geteuid') && function_exists('posix_getpwuid')) { + $arrayofinfoofuser = posix_getpwuid(posix_geteuid()); + print ' (POSIX '.$arrayofinfoofuser['name'].':'.$arrayofinfoofuser['gecos'].':'.$arrayofinfoofuser['dir'].':'.$arrayofinfoofuser['shell'].')
'."\n"; + } +} +// Web user group real (detected by 'id' external command) +if (function_exists('exec')) { + $arrayout = array(); $varout = 0; + exec('id', $arrayout, $varout); + if (empty($varout)) { // Test command is ok. Work only on Linux OS. + print ''.$langs->trans("WebUserGroup")." (real, 'id' command) : ".join(',', $arrayout)."
\n"; + } +} print '
'; print "PHP safe_mode = ".(ini_get('safe_mode') ? ini_get('safe_mode') : yn(0)).'   '.$langs->trans("Deprecated")." (removed in PHP 5.4)
\n"; -print "PHP open_basedir = ".(ini_get('open_basedir') ? ini_get('open_basedir') : yn(0).'   ('.$langs->trans("RecommendedValueIs", $langs->transnoentitiesnoconv("ARestrictedPath")).')')."
\n"; +print "PHP open_basedir = ".(ini_get('open_basedir') ? ini_get('open_basedir') : yn(0).'   ('.$langs->trans("RecommendedValueIs", $langs->transnoentitiesnoconv("ARestrictedPath").', '.$langs->transnoentitiesnoconv("Example").' '.$_SERVER["DOCUMENT_ROOT"]).')')."
\n"; print "PHP allow_url_fopen = ".(ini_get('allow_url_fopen') ? img_picto($langs->trans("YouShouldSetThisToOff"), 'warning').' '.ini_get('allow_url_fopen') : yn(0)).'   ('.$langs->trans("RecommendedValueIs", $langs->transnoentitiesnoconv("No")).")
\n"; print "PHP allow_url_include = ".(ini_get('allow_url_include') ? img_picto($langs->trans("YouShouldSetThisToOff"), 'warning').' '.ini_get('allow_url_include') : yn(0)).'   ('.$langs->trans("RecommendedValueIs", $langs->transnoentitiesnoconv("No")).")
\n"; print "PHP disable_functions = "; @@ -156,7 +175,7 @@ $arrayoffilesinroot = dol_dir_list(DOL_DOCUMENT_ROOT, 'all', 1, '', array('\/cus $fileswithwritepermission = array(); foreach ($arrayoffilesinroot as $fileinroot) { // Test if there is at least one write permission file. If yes, add the entry into array $fileswithwritepermission - if ($fileinroot['perm'] & 0222) { + if (isset($fileinroot['perm']) && ($fileinroot['perm'] & 0222)) { $fileswithwritepermission[] = $fileinroot['relativename']; } } @@ -209,7 +228,7 @@ print '
'; print '
'; print load_fiche_titre($langs->trans("ConfigurationFile").' ('.$conffile.')', '', 'folder'); -print '$dolibarr_main_prod: '.$dolibarr_main_prod; +print '$dolibarr_main_prod: '.($dolibarr_main_prod ? $dolibarr_main_prod : '0'); if (empty($dolibarr_main_prod)) { print '   '.img_picto('', 'warning').' '.$langs->trans("IfYouAreOnAProductionSetThis", 1); } @@ -217,7 +236,7 @@ print '
'; print '$dolibarr_nocsrfcheck: '.$dolibarr_nocsrfcheck; if (!empty($dolibarr_nocsrfcheck)) { - print img_picto('', 'warning').'   '.$langs->trans("IfYouAreOnAProductionSetThis", 0); + print '   '.img_picto('', 'warning').' '.$langs->trans("IfYouAreOnAProductionSetThis", 0); } print '
'; @@ -226,24 +245,40 @@ if (empty($dolibarr_main_restrict_ip)) { print ''.$langs->trans("None").''; //print ' ('.$langs->trans("RecommendedValueIs", $langs->transnoentitiesnoconv("IPsOfUsers")).')'; } + print '
'; +if (empty($conf->global->SECURITY_DISABLE_TEST_ON_OBFUSCATED_CONF)) { + print '$dolibarr_main_db_pass: '; + if (!empty($dolibarr_main_db_pass) && empty($dolibarr_main_db_encrypted_pass)) { + print img_picto('', 'warning').' '.$langs->trans("DatabasePasswordNotObfuscated").'   ('.$langs->trans("Recommanded").': '.$langs->trans("SetOptionTo", $langs->transnoentitiesnoconv("MainDbPasswordFileConfEncrypted"), yn(1)).')'; + //print ' ('.$langs->trans("RecommendedValueIs", $langs->transnoentitiesnoconv("IPsOfUsers")).')'; + } else { + print img_picto('', 'tick').' '.$langs->trans("DatabasePasswordObfuscated"); + } + + print '
'; +} + + // Menu security print '
'; print '
'; print '
'; -print load_fiche_titre($langs->trans("Menu").' '.$langs->trans("SecuritySetup"), '', 'folder'); +print load_fiche_titre($langs->trans("Menu").' '.$langs->trans("SecuritySetup").' + '.$langs->trans("OtherSetup"), '', 'folder'); //print ''.$langs->trans("PasswordEncryption").': '; print 'MAIN_SECURITY_HASH_ALGO = '.(empty($conf->global->MAIN_SECURITY_HASH_ALGO) ? ''.$langs->trans("Undefined").'' : $conf->global->MAIN_SECURITY_HASH_ALGO)."   "; if (empty($conf->global->MAIN_SECURITY_HASH_ALGO)) { print '     If unset: \'md5\''; } -print '
'; if ($conf->global->MAIN_SECURITY_HASH_ALGO != 'password_hash') { - print 'MAIN_SECURITY_SALT = '.(empty($conf->global->MAIN_SECURITY_SALT) ? ''.$langs->trans("Undefined").'' : $conf->global->MAIN_SECURITY_SALT).'
'; + print '
MAIN_SECURITY_SALT = '.(empty($conf->global->MAIN_SECURITY_SALT) ? ''.$langs->trans("Undefined").'' : $conf->global->MAIN_SECURITY_SALT).'
'; +} else { + print '('.$langs->trans("Recommanded").': password_hash)'; + print '
'; } if ($conf->global->MAIN_SECURITY_HASH_ALGO != 'password_hash') { print '
The recommanded value for MAIN_SECURITY_HASH_ALGO is now \'password_hash\' but setting it now will make ALL existing passwords of all users not valid, so update is not possible.
'; @@ -256,21 +291,23 @@ if ($conf->global->MAIN_SECURITY_HASH_ALGO != 'password_hash') { print '
'; -print 'MAIN_SECURITY_ANTI_SSRF_SERVER_IP = '.(empty($conf->global->MAIN_SECURITY_ANTI_SSRF_SERVER_IP) ? ''.$langs->trans("Undefined").'' : $conf->global->MAIN_SECURITY_ANTI_SSRF_SERVER_IP)."
"; +print 'MAIN_SECURITY_ANTI_SSRF_SERVER_IP = '.(empty($conf->global->MAIN_SECURITY_ANTI_SSRF_SERVER_IP) ? ''.$langs->trans("Undefined").'   ('.$langs->trans("Example").': static-ips-of-server - '.$langs->trans("Note").': common loopback ip like 127.*.*.*, [::1] are already added)' : $conf->global->MAIN_SECURITY_ANTI_SSRF_SERVER_IP)."
"; print '
'; +print 'MAIN_ALLOW_SVG_FILES_AS_IMAGES = '.(empty($conf->global->MAIN_ALLOW_SVG_FILES_AS_IMAGES) ? '0   ('.$langs->trans("Recommanded").': 0)' : $conf->global->MAIN_ALLOW_SVG_FILES_AS_IMAGES)."
"; +print '
'; print 'MAIN_EXEC_USE_POPEN = '; if (empty($conf->global->MAIN_EXEC_USE_POPEN)) { - print ''.$langs->trans("Undefined").'   '; + print ''.$langs->trans("Undefined").''; } else { - print $conf->global->MAIN_EXEC_USE_POPEN.'   '; + print $conf->global->MAIN_EXEC_USE_POPEN; } if ($execmethod == 1) { - print ' --> "exec" PHP method will be used for shell commands.'; + print '   ("exec" PHP method will be used for shell commands)'; } if ($execmethod == 2) { - print ' --> "popen" PHP method will be used for shell commands.'; + print '   ("popen" PHP method will be used for shell commands)'; } print "
"; print '
'; @@ -278,7 +315,7 @@ print '
'; print ''.$langs->trans("AntivirusEnabledOnUpload").': '; print empty($conf->global->MAIN_ANTIVIRUS_COMMAND) ? '' : img_picto('', 'tick').' '; -print yn($conf->global->MAIN_ANTIVIRUS_COMMAND ? 1 : 0); +print yn(empty($conf->global->MAIN_ANTIVIRUS_COMMAND) ? 0 : 1); if (!empty($conf->global->MAIN_ANTIVIRUS_COMMAND)) { print '   - '.$conf->global->MAIN_ANTIVIRUS_COMMAND; if (defined('MAIN_ANTIVIRUS_COMMAND')) { diff --git a/htdocs/admin/tools/listevents.php b/htdocs/admin/tools/listevents.php index b76836a8dde..d09551a5478 100644 --- a/htdocs/admin/tools/listevents.php +++ b/htdocs/admin/tools/listevents.php @@ -68,6 +68,7 @@ $search_user = GETPOST("search_user", "alpha"); $search_desc = GETPOST("search_desc", "alpha"); $search_ua = GETPOST("search_ua", "restricthtml"); $search_prefix_session = GETPOST("search_prefix_session", "restricthtml"); +$optioncss = GETPOST("optioncss", "aZ"); // Option for the css output (always '' except when 'print') $now = dol_now(); $nowarray = dol_getdate($now); diff --git a/htdocs/admin/translation.php b/htdocs/admin/translation.php index 2ede168b601..362b29c0163 100644 --- a/htdocs/admin/translation.php +++ b/htdocs/admin/translation.php @@ -188,7 +188,7 @@ if ($action == 'delete') { $form = new Form($db); $formadmin = new FormAdmin($db); -$wikihelp = 'EN:Setup Translation|FR:Paramétrage traduction|ES:Configuración'; +$wikihelp = 'EN:Setup_Translation|FR:Paramétrage_Traduction|ES:Configuración_Traducción'; llxHeader('', $langs->trans("Setup"), $wikihelp); $param = '&mode='.urlencode($mode); @@ -563,6 +563,21 @@ if ($mode == 'searchkey') { print '   '.img_picto($langs->trans('FixOnTransifex'), 'globe').''; } } else { + // retrieve rowid + $sql = "SELECT rowid"; + $sql .= " FROM ".MAIN_DB_PREFIX."overwrite_trans"; + $sql .= " WHERE entity IN (".getEntity('overwrite_trans').")"; + $sql .= " AND transkey = '".$db->escape($key)."'"; + dol_syslog("translation::select from table", LOG_DEBUG); + $result = $db->query($sql); + if ($result) { + $obj = $db->fetch_object($result); + } + print ''.img_edit().''; + print ' '; + print ''.img_delete().''; + print '  '; + $htmltext = $langs->trans("TransKeyWithoutOriginalValue", $key); print $form->textwithpicto('', $htmltext, 1, 'warning'); } diff --git a/htdocs/admin/user.php b/htdocs/admin/user.php index 0dccf65e5e7..83649d46a28 100644 --- a/htdocs/admin/user.php +++ b/htdocs/admin/user.php @@ -126,6 +126,7 @@ $head = user_admin_prepare_head(); print dol_get_fiche_head($head, 'card', $langs->trans("MenuUsersAndGroups"), -1, 'user'); +print '
'; print ''; print ''; print ''; @@ -171,6 +172,7 @@ if ($conf->use_javascript_ajax) { print ''; print '
'.$langs->trans("Parameter").'
'; +print '
'; print '
'; @@ -197,6 +199,7 @@ if ($resql) { print load_fiche_titre($langs->trans("UsersDocModules"), '', ''); +print '
'; print ''; print ''; print ''; @@ -306,7 +309,9 @@ foreach ($dirmodels as $reldir) { } print '
'.$langs->trans("Name").'
'; -print "
"; +print '
'; + +print '
'; print dol_get_fiche_end(); diff --git a/htdocs/api/class/api_setup.class.php b/htdocs/api/class/api_setup.class.php index 15d31140874..1f59762c865 100644 --- a/htdocs/api/class/api_setup.class.php +++ b/htdocs/api/class/api_setup.class.php @@ -200,7 +200,7 @@ class Setup extends DolibarrApi $sql = "SELECT id, code, type, libelle as label, module"; $sql .= " FROM ".MAIN_DB_PREFIX."c_paiement as t"; $sql .= " WHERE t.entity IN (".getEntity('c_paiement').")"; - $sql .= " AND t.active = ".$active; + $sql .= " AND t.active = ".((int) $active); // Add sql filters if ($sqlfilters) { if (!DolibarrApi::_checkFilters($sqlfilters)) { @@ -1055,7 +1055,7 @@ class Setup extends DolibarrApi $sql = "SELECT rowid AS id, zip, town, fk_county, fk_pays AS fk_country"; $sql .= " FROM ".MAIN_DB_PREFIX."c_ziptown as t"; - $sql .= " AND t.active = ".$active; + $sql .= " AND t.active = ".((int) $active); if ($zipcode) { $sql .= " AND t.zip LIKE '%".$this->db->escape($zipcode)."%'"; } @@ -1125,7 +1125,7 @@ class Setup extends DolibarrApi $sql = "SELECT rowid as id, code, sortorder, libelle as label, libelle_facture as descr, type_cdr, nbjour, decalage, module"; $sql .= " FROM ".MAIN_DB_PREFIX."c_payment_term as t"; $sql .= " WHERE t.entity IN (".getEntity('c_payment_term').")"; - $sql .= " AND t.active = ".$active; + $sql .= " AND t.active = ".((int) $active); // Add sql filters if ($sqlfilters) { if (!DolibarrApi::_checkFilters($sqlfilters)) { @@ -1183,7 +1183,7 @@ class Setup extends DolibarrApi $sql = "SELECT rowid as id, code, libelle as label, description, tracking, module"; $sql .= " FROM ".MAIN_DB_PREFIX."c_shipment_mode as t"; $sql .= " WHERE t.entity IN (".getEntity('c_shipment_mode').")"; - $sql .= " AND t.active = ".$active; + $sql .= " AND t.active = ".((int) $active); // Add sql filters if ($sqlfilters) { if (!DolibarrApi::_checkFilters($sqlfilters)) { @@ -1307,7 +1307,7 @@ class Setup extends DolibarrApi $sql = "SELECT t.rowid, t.entity, t.code, t.label, t.url, t.icon, t.active"; $sql .= " FROM ".MAIN_DB_PREFIX."c_socialnetworks as t"; $sql .= " WHERE t.entity IN (".getEntity('c_socialnetworks').")"; - $sql .= " AND t.active = ".$active; + $sql .= " AND t.active = ".((int) $active); // Add sql filters if ($sqlfilters) { if (!DolibarrApi::_checkFilters($sqlfilters)) { diff --git a/htdocs/asset/class/asset_type.class.php b/htdocs/asset/class/asset_type.class.php index 36c654c28ba..335cd63115a 100644 --- a/htdocs/asset/class/asset_type.class.php +++ b/htdocs/asset/class/asset_type.class.php @@ -332,7 +332,7 @@ class AssetType extends CommonObject /** * Return array of Asset objects for asset type this->id (or all if this->id not defined) * - * @param string $excludefilter Filter to exclude. This parameter must not be provided by input of users + * @param string $excludefilter Filter string to exclude. This parameter must not be provided by input of users * @param int $mode 0=Return array of asset instance * 1=Return array of asset instance without extra data * 2=Return array of asset id only @@ -347,7 +347,7 @@ class AssetType extends CommonObject $sql = "SELECT a.rowid"; $sql .= " FROM ".MAIN_DB_PREFIX."asset as a"; $sql .= " WHERE a.entity IN (".getEntity('asset').")"; - $sql .= " AND a.fk_asset_type = ".$this->id; + $sql .= " AND a.fk_asset_type = ".((int) $this->id); if (!empty($excludefilter)) { $sql .= ' AND ('.$excludefilter.')'; } diff --git a/htdocs/asset/document.php b/htdocs/asset/document.php index 91e46269994..b4ee3a0a175 100644 --- a/htdocs/asset/document.php +++ b/htdocs/asset/document.php @@ -128,7 +128,7 @@ if ($id > 0 || !empty($ref)) { print dol_get_fiche_end(); $modulepart = 'asset'; - $permission = $user->rights->asset->write; + $permissiontoadd = $user->rights->asset->write; $permtoedit = $user->rights->asset->write; $param = '&id='.$object->id; include DOL_DOCUMENT_ROOT.'/core/tpl/document_actions_post_headers.tpl.php'; diff --git a/htdocs/asset/list.php b/htdocs/asset/list.php index 1e906677e7d..056a73328dc 100644 --- a/htdocs/asset/list.php +++ b/htdocs/asset/list.php @@ -103,7 +103,7 @@ foreach ($object->fields as $key => $val) { // List of fields to search into when doing a "search in all" $fieldstosearchall = array(); foreach ($object->fields as $key => $val) { - if ($val['searchall']) { + if (!empty($val['searchall'])) { $fieldstosearchall['t.'.$key] = $val['label']; } } @@ -542,6 +542,12 @@ while ($i < ($limit ? min($num, $limit) : $num)) { if (!$i) { $totalarray['pos'][$totalarray['nbfield']] = 't.'.$key; } + if (!isset($totalarray['val'])) { + $totalarray['val'] = array(); + } + if (!isset($totalarray['val']['t.'.$key])) { + $totalarray['val']['t.'.$key] = 0; + } $totalarray['val']['t.'.$key] += $object->$key; } } diff --git a/htdocs/blockedlog/class/authority.class.php b/htdocs/blockedlog/class/authority.class.php index 4ec3fc6d07e..7240aaf0151 100644 --- a/htdocs/blockedlog/class/authority.class.php +++ b/htdocs/blockedlog/class/authority.class.php @@ -71,7 +71,7 @@ class BlockedLogAuthority $this->blockchain = ''; - if (is_array($bocks)) { + if (is_array($blocks)) { foreach ($blocks as &$b) { $this->blockchain .= $b->signature; } @@ -299,16 +299,18 @@ class BlockedLogAuthority $signature = $block_static->getSignature(); - foreach ($blocks as &$block) { - $url = $conf->global->BLOCKEDLOG_AUTHORITY_URL.'/blockedlog/ajax/authority.php?s='.$signature.'&b='.$block->signature; + if (is_array($blocks)) { + foreach ($blocks as &$block) { + $url = $conf->global->BLOCKEDLOG_AUTHORITY_URL.'/blockedlog/ajax/authority.php?s='.$signature.'&b='.$block->signature; - $res = file_get_contents($url); - echo $block->signature.' '.$url.' '.$res.'
'; - if ($res === 'blockalreadyadded' || $res === 'blockadded') { - $block->setCertified(); - } else { - $this->error = $langs->trans('ImpossibleToContactAuthority ', $url); - return -1; + $res = getURLContent($url); + echo $block->signature.' '.$url.' '.$res.'
'; + if ($res === 'blockalreadyadded' || $res === 'blockadded') { + $block->setCertified(); + } else { + $this->error = $langs->trans('ImpossibleToContactAuthority ', $url); + return -1; + } } } diff --git a/htdocs/bom/bom_agenda.php b/htdocs/bom/bom_agenda.php index 0f18c39d2af..bf65f40fe13 100644 --- a/htdocs/bom/bom_agenda.php +++ b/htdocs/bom/bom_agenda.php @@ -126,7 +126,7 @@ $form = new Form($db); if ($object->id > 0) { $title = $langs->trans("Agenda"); //if (! empty($conf->global->MAIN_HTML_TITLE) && preg_match('/thirdpartynameonly/',$conf->global->MAIN_HTML_TITLE) && $object->name) $title=$object->name." - ".$title; - $help_url = 'EN:Module_Agenda_En|FR:Module_Agenda|ES:Módulo_Agenda'; + $help_url = 'EN:Module_Agenda_En|FR:Module_Agenda|ES:Módulo_Agenda|DE:Modul_Agenda'; llxHeader('', $title, $help_url); if (!empty($conf->notification->enabled)) { diff --git a/htdocs/bom/bom_document.php b/htdocs/bom/bom_document.php index e59b22c45b2..dd0227e4305 100644 --- a/htdocs/bom/bom_document.php +++ b/htdocs/bom/bom_document.php @@ -76,7 +76,7 @@ $extrafields->fetch_name_optionals_label($object->table_element); include DOL_DOCUMENT_ROOT.'/core/actions_fetchobject.inc.php'; // Must be include, not include_once // Must be include, not include_once. Include fetch and fetch_thirdparty but not fetch_optionals if ($id > 0 || !empty($ref)) { - $upload_dir = $conf->bom->multidir_output[$object->entity ? $object->entity : 1]."/bom/".get_exdir(0, 0, 0, 1, $object); + $upload_dir = $conf->bom->multidir_output[$object->entity ? $object->entity : 1]."/".get_exdir(0, 0, 0, 1, $object); } // Security check - Protection if external user @@ -147,12 +147,12 @@ if ($object->id) { print dol_get_fiche_end(); $modulepart = 'bom'; - $permission = $user->rights->bom->write; + $permissiontoadd = $user->rights->bom->write; $permtoedit = $user->rights->bom->write; $param = '&id='.$object->id; //$relativepathwithnofile='bom/' . dol_sanitizeFileName($object->id).'/'; - $relativepathwithnofile = 'bom/'.dol_sanitizeFileName($object->ref).'/'; + $relativepathwithnofile = dol_sanitizeFileName($object->ref).'/'; include DOL_DOCUMENT_ROOT.'/core/tpl/document_actions_post_headers.tpl.php'; } else { diff --git a/htdocs/bom/bom_list.php b/htdocs/bom/bom_list.php index 2fa59d8d6ef..e8511ab6e5c 100644 --- a/htdocs/bom/bom_list.php +++ b/htdocs/bom/bom_list.php @@ -88,7 +88,7 @@ foreach ($object->fields as $key => $val) { // List of fields to search into when doing a "search in all" $fieldstosearchall = array(); foreach ($object->fields as $key => $val) { - if ($val['searchall']) { + if (!empty($val['searchall'])) { $fieldstosearchall['t.'.$key] = $val['label']; } } @@ -623,6 +623,12 @@ while ($i < ($limit ? min($num, $limit) : $num)) { if (!$i) { $totalarray['pos'][$totalarray['nbfield']] = 't.'.$key; } + if (!isset($totalarray['val'])) { + $totalarray['val'] = array(); + } + if (!isset($totalarray['val']['t.'.$key])) { + $totalarray['val']['t.'.$key] = 0; + } $totalarray['val']['t.'.$key] += $object->$key; } } diff --git a/htdocs/bom/bom_note.php b/htdocs/bom/bom_note.php index 1110bb4b0d4..539eb654751 100644 --- a/htdocs/bom/bom_note.php +++ b/htdocs/bom/bom_note.php @@ -97,45 +97,7 @@ if ($id > 0 || !empty($ref)) { $linkback = ''.$langs->trans("BackToList").''; $morehtmlref = '
'; - /* - // Ref customer - $morehtmlref.=$form->editfieldkey("RefCustomer", 'ref_client', $object->ref_client, $object, 0, 'string', '', 0, 1); - $morehtmlref.=$form->editfieldval("RefCustomer", 'ref_client', $object->ref_client, $object, 0, 'string', '', null, null, '', 1); - // Thirdparty - $morehtmlref.='
'.$langs->trans('ThirdParty') . ' : ' . $object->thirdparty->getNomUrl(1); - // Project - if (! empty($conf->projet->enabled)) - { - $langs->load("projects"); - $morehtmlref.='
'.$langs->trans('Project') . ' '; - if ($user->rights->bom->creer) - { - if ($action != 'classify') - //$morehtmlref.='' . img_edit($langs->transnoentitiesnoconv('SetProject')) . ' : '; - $morehtmlref.=' : '; - if ($action == 'classify') { - //$morehtmlref.=$form->form_project($_SERVER['PHP_SELF'] . '?id=' . $object->id, $object->socid, $object->fk_project, 'projectid', 0, 0, 1, 1); - $morehtmlref.='
'; - $morehtmlref.=''; - $morehtmlref.=''; - $morehtmlref.=$formproject->select_projects($object->socid, $object->fk_project, 'projectid', $maxlength, 0, 1, 0, 1, 0, 0, '', 1); - $morehtmlref.=''; - $morehtmlref.='
'; - } else { - $morehtmlref.=$form->form_project($_SERVER['PHP_SELF'] . '?id=' . $object->id, $object->socid, $object->fk_project, 'none', 0, 0, 0, 1); - } - } else { - if (! empty($object->fk_project)) { - $proj = new Project($db); - $proj->fetch($object->fk_project); - $morehtmlref.=''; - $morehtmlref.=$proj->ref; - $morehtmlref.=''; - } else { - $morehtmlref.=''; - } - } - }*/ + $morehtmlref .= '
'; diff --git a/htdocs/bom/class/bom.class.php b/htdocs/bom/class/bom.class.php index 9fe0543c4cf..728bdef6cf6 100644 --- a/htdocs/bom/class/bom.class.php +++ b/htdocs/bom/class/bom.class.php @@ -96,7 +96,7 @@ class BOM extends CommonObject 'rowid' => array('type'=>'integer', 'label'=>'TechnicalID', 'enabled'=>1, 'visible'=>-1, 'position'=>1, 'notnull'=>1, 'index'=>1, 'comment'=>"Id",), 'entity' => array('type'=>'integer', 'label'=>'Entity', 'enabled'=>1, 'visible'=>0, 'notnull'=> 1, 'default'=>1, 'index'=>1, 'position'=>5), 'ref' => array('type'=>'varchar(128)', 'label'=>'Ref', 'enabled'=>1, 'noteditable'=>1, 'visible'=>4, 'position'=>10, 'notnull'=>1, 'default'=>'(PROV)', 'index'=>1, 'searchall'=>1, 'comment'=>"Reference of BOM", 'showoncombobox'=>'1',), - 'label' => array('type'=>'varchar(255)', 'label'=>'Label', 'enabled'=>1, 'visible'=>1, 'position'=>30, 'notnull'=>1, 'searchall'=>1, 'showoncombobox'=>'1', 'autofocusoncreate'=>1), + 'label' => array('type'=>'varchar(255)', 'label'=>'Label', 'enabled'=>1, 'visible'=>1, 'position'=>30, 'notnull'=>1, 'searchall'=>1, 'showoncombobox'=>'2', 'autofocusoncreate'=>1), 'bomtype' => array('type'=>'integer', 'label'=>'Type', 'enabled'=>1, 'visible'=>1, 'position'=>33, 'notnull'=>1, 'default'=>'0', 'arrayofkeyval'=>array(0=>'Manufacturing', 1=>'Disassemble'), 'css'=>'minwidth150', 'csslist'=>'minwidth150 center'), //'bomtype' => array('type'=>'integer', 'label'=>'Type', 'enabled'=>1, 'visible'=>-1, 'position'=>32, 'notnull'=>1, 'default'=>'0', 'arrayofkeyval'=>array(0=>'Manufacturing')), 'fk_product' => array('type'=>'integer:Product:product/class/product.class.php:1:(finished IS NULL or finished <> 0)', 'label'=>'Product', 'picto'=>'product', 'enabled'=>1, 'visible'=>1, 'position'=>35, 'notnull'=>1, 'index'=>1, 'help'=>'ProductBOMHelp', 'css'=>'maxwidth500'), @@ -614,8 +614,8 @@ class BOM extends CommonObject $sql .= " SET ref = '".$this->db->escape($num)."',"; $sql .= " status = ".self::STATUS_VALIDATED.","; $sql .= " date_valid='".$this->db->idate($now)."',"; - $sql .= " fk_user_valid = ".$user->id; - $sql .= " WHERE rowid = ".$this->id; + $sql .= " fk_user_valid = ".((int) $user->id); + $sql .= " WHERE rowid = ".((int) $this->id); dol_syslog(get_class($this)."::validate()", LOG_DEBUG); $resql = $this->db->query($sql); diff --git a/htdocs/bookmarks/bookmarks.lib.php b/htdocs/bookmarks/bookmarks.lib.php index 199944165b4..4c52182cff7 100644 --- a/htdocs/bookmarks/bookmarks.lib.php +++ b/htdocs/bookmarks/bookmarks.lib.php @@ -45,10 +45,10 @@ function printDropdownBookmarksList() $tmpurl = ''; // No urlencode, all param $url will be urlencoded later if ($sortfield) { - $tmpurl .= ($tmpurl ? '&' : '').'sortfield='.$sortfield; + $tmpurl .= ($tmpurl ? '&' : '').'sortfield='.urlencode($sortfield); } if ($sortorder) { - $tmpurl .= ($tmpurl ? '&' : '').'sortorder='.$sortorder; + $tmpurl .= ($tmpurl ? '&' : '').'sortorder='.urlencode($sortorder); } if (is_array($_POST)) { foreach ($_POST as $key => $val) { @@ -80,7 +80,7 @@ function printDropdownBookmarksList() // Menu with list of bookmarks $sql = "SELECT rowid, title, url, target FROM ".MAIN_DB_PREFIX."bookmark"; - $sql .= " WHERE (fk_user = ".$user->id." OR fk_user is NULL OR fk_user = 0)"; + $sql .= " WHERE (fk_user = ".((int) $user->id)." OR fk_user is NULL OR fk_user = 0)"; $sql .= " AND entity IN (".getEntity('bookmarks').")"; $sql .= " ORDER BY position"; if ($resql = $db->query($sql)) { diff --git a/htdocs/bookmarks/list.php b/htdocs/bookmarks/list.php index 7d644d3a103..17be6be9cef 100644 --- a/htdocs/bookmarks/list.php +++ b/htdocs/bookmarks/list.php @@ -98,7 +98,7 @@ $sql .= " FROM ".MAIN_DB_PREFIX."bookmark as b LEFT JOIN ".MAIN_DB_PREFIX."user $sql .= " WHERE 1=1"; $sql .= " AND b.entity IN (".getEntity('bookmark').")"; if (!$user->admin) { - $sql .= " AND (b.fk_user = ".$user->id." OR b.fk_user is NULL OR b.fk_user = 0)"; + $sql .= " AND (b.fk_user = ".((int) $user->id)." OR b.fk_user is NULL OR b.fk_user = 0)"; } $sql .= $db->order($sortfield.", position", $sortorder); diff --git a/htdocs/cashdesk/index_verif.php b/htdocs/cashdesk/index_verif.php index 47a1d90b76c..94e0e7009cf 100644 --- a/htdocs/cashdesk/index_verif.php +++ b/htdocs/cashdesk/index_verif.php @@ -31,7 +31,7 @@ require_once DOL_DOCUMENT_ROOT.'/cashdesk/include/environnement.php'; require_once DOL_DOCUMENT_ROOT.'/cashdesk/class/Auth.class.php'; // Load translation files required by the page -$langs->loadLangs(array("main", "admin", "cashdesk")); +$langs->loadLangs(array("admin", "cashdesk")); $username = GETPOST("txtUsername"); $password = GETPOST("pwdPassword"); diff --git a/htdocs/categories/class/categorie.class.php b/htdocs/categories/class/categorie.class.php index 5f30a96c9c1..b98cff5b3a5 100644 --- a/htdocs/categories/class/categorie.class.php +++ b/htdocs/categories/class/categorie.class.php @@ -774,7 +774,7 @@ class Categorie extends CommonObject $sql = "DELETE FROM ".MAIN_DB_PREFIX."categorie_".(empty($this->MAP_CAT_TABLE[$type]) ? $type : $this->MAP_CAT_TABLE[$type]); $sql .= " WHERE fk_categorie = ".$this->id; - $sql .= " AND fk_".(empty($this->MAP_CAT_FK[$type]) ? $type : $this->MAP_CAT_FK[$type])." = ".$obj->id; + $sql .= " AND fk_".(empty($this->MAP_CAT_FK[$type]) ? $type : $this->MAP_CAT_FK[$type])." = ".((int) $obj->id); dol_syslog(get_class($this).'::del_type', LOG_DEBUG); if ($this->db->query($sql)) { @@ -1303,7 +1303,7 @@ class Categorie extends CommonObject $sql .= " FROM ".MAIN_DB_PREFIX."categorie as c "; $sql .= " WHERE c.entity IN (".getEntity('category').")"; $sql .= " AND c.type = ".((int) $type); - $sql .= " AND c.fk_parent = ".$this->fk_parent; + $sql .= " AND c.fk_parent = ".((int) $this->fk_parent); $sql .= " AND c.label = '".$this->db->escape($this->label)."'"; dol_syslog(get_class($this)."::already_exists", LOG_DEBUG); @@ -1552,7 +1552,7 @@ class Categorie extends CommonObject // Generation requete recherche $sql = "SELECT rowid FROM ".MAIN_DB_PREFIX."categorie"; - $sql .= " WHERE type = ".$this->MAP_ID[$type]; + $sql .= " WHERE type = ".((int) $this->MAP_ID[$type]); $sql .= " AND entity IN (".getEntity('category').")"; if ($nom) { if (!$exact) { diff --git a/htdocs/comm/action/card.php b/htdocs/comm/action/card.php index 793518ed150..245f90edf72 100644 --- a/htdocs/comm/action/card.php +++ b/htdocs/comm/action/card.php @@ -1986,7 +1986,7 @@ if ($id > 0) { print ' '; // Done by - if ($conf->global->AGENDA_ENABLE_DONEBY) { + if (!empty($conf->global->AGENDA_ENABLE_DONEBY)) { print ''.$langs->trans("ActionDoneBy").''; if ($object->userdoneid > 0) { $tmpuser = new User($db); @@ -2080,10 +2080,10 @@ if ($id > 0) { include DOL_DOCUMENT_ROOT.'/core/tpl/extrafields_view.tpl.php'; // Reminders - if ($conf->global->AGENDA_REMINDER_EMAIL || $conf->global->AGENDA_REMINDER_BROWSER) { - $filtreuserid = $user->id; + if (!empty($conf->global->AGENDA_REMINDER_EMAIL) || !empty($conf->global->AGENDA_REMINDER_BROWSER)) { + $filteruserid = $user->id; if ($user->rights->agenda->allactions->read) { - $filtreuserid = 0; + $filteruserid = 0; } $object->loadReminders('', $filteruserid, false); diff --git a/htdocs/comm/action/class/actioncomm.class.php b/htdocs/comm/action/class/actioncomm.class.php index d8bcd0efb1b..38acaac0fc9 100644 --- a/htdocs/comm/action/class/actioncomm.class.php +++ b/htdocs/comm/action/class/actioncomm.class.php @@ -1896,11 +1896,17 @@ class ActionComm extends CommonObject $userforfilter = new User($this->db); $result = $userforfilter->fetch('', $logint); if ($result > 0) { - $sql .= " AND ar.fk_element = ".$userforfilter->id; + $sql .= " AND ar.fk_element = ".((int) $userforfilter->id); } elseif ($result < 0 || $condition == '=') { $sql .= " AND ar.fk_element = 0"; } } + if ($key == 'module') { + $sql .= " AND c.module LIKE '%".$this->db->escape($value)."'"; + } + if ($key == 'status') { + $sql .= " AND a.status =".((int) $value); + } } $sql .= " AND a.datep IS NOT NULL"; // To exclude corrupted events and avoid errors in lightning/sunbird import @@ -1938,6 +1944,7 @@ class ActionComm extends CommonObject $duration = ($datestart && $dateend) ? ($dateend - $datestart) : 0; $event['summary'] = $obj->label.($obj->socname ? " (".$obj->socname.")" : ""); + $event['desc'] = $obj->note; $event['startdate'] = $datestart; $event['enddate'] = $dateend; // Not required with type 'journal' @@ -2403,7 +2410,7 @@ class ActionComm extends CommonObject // Delete also very old past events (we do not keep more than 1 month record in past) $sql = "DELETE FROM ".MAIN_DB_PREFIX."actioncomm_reminder"; $sql .= " WHERE dateremind < '".$this->db->idate($now - (3600 * 24 * 32))."'"; - $sql .= " AND status = ".$actionCommReminder::STATUS_DONE; + $sql .= " AND status = ".((int) $actionCommReminder::STATUS_DONE); $resql = $this->db->query($sql); if (!$resql) { diff --git a/htdocs/comm/action/document.php b/htdocs/comm/action/document.php index 7465e613611..eb1ac59cfe0 100644 --- a/htdocs/comm/action/document.php +++ b/htdocs/comm/action/document.php @@ -287,7 +287,7 @@ if ($object->id > 0) { $modulepart = 'actions'; - $permission = $user->rights->agenda->myactions->create || $user->rights->agenda->allactions->create; + $permissiontoadd = $user->rights->agenda->myactions->create || $user->rights->agenda->allactions->create; $param = '&id='.$object->id; include DOL_DOCUMENT_ROOT.'/core/tpl/document_actions_post_headers.tpl.php'; } else { diff --git a/htdocs/comm/action/index.php b/htdocs/comm/action/index.php index 459ede423b1..465f1be8701 100644 --- a/htdocs/comm/action/index.php +++ b/htdocs/comm/action/index.php @@ -741,10 +741,10 @@ if ($status == 'todo') { if ($filtert > 0 || $usergroup > 0) { $sql .= " AND ("; if ($filtert > 0) { - $sql .= "ar.fk_element = ".$filtert; + $sql .= "ar.fk_element = ".((int) $filtert); } if ($usergroup > 0) { - $sql .= ($filtert > 0 ? " OR " : "")." ugu.fk_usergroup = ".$usergroup; + $sql .= ($filtert > 0 ? " OR " : "")." ugu.fk_usergroup = ".((int) $usergroup); } $sql .= ")"; } diff --git a/htdocs/comm/action/list.php b/htdocs/comm/action/list.php index e3cc54f5a35..8bf35df622d 100644 --- a/htdocs/comm/action/list.php +++ b/htdocs/comm/action/list.php @@ -106,7 +106,8 @@ $limit = GETPOST('limit', 'int') ?GETPOST('limit', 'int') : $conf->liste_limit; $sortfield = GETPOST("sortfield", 'alpha'); $sortorder = GETPOST("sortorder", 'alpha'); $page = GETPOSTISSET('pageplusone') ? (GETPOST('pageplusone') - 1) : GETPOST("page", 'int'); -if ($page == -1 || $page == null) { +if (empty($page) || $page < 0 || GETPOST('button_search', 'alpha') || GETPOST('button_removefilter', 'alpha')) { + // If $page is not defined, or '' or -1 or if we click on clear filters $page = 0; } $offset = $limit * $page; @@ -320,7 +321,7 @@ if ($search_title != '') { $param .= '&search_title='.urlencode($search_title); } if ($search_note != '') { - $param .= '&search_note='.$search_note; + $param .= '&search_note='.urlencode($search_note); } if (GETPOST('datestartday', 'int')) { $param .= '&datestartday='.GETPOST('datestartday', 'int'); @@ -520,6 +521,7 @@ $sql .= $db->order($sortfield, $sortorder); $nbtotalofrecords = ''; if (empty($conf->global->MAIN_DISABLE_FULL_SCANLIST)) { + // TODO Set and use an optimized request in $sqlforcount with no fields and no useless join to caluclate nb of records $result = $db->query($sql); $nbtotalofrecords = $db->num_rows($result); if (($page * $limit) > $nbtotalofrecords) { // if total resultset is smaller then paging size (filtering), goto and load page 0 @@ -829,7 +831,11 @@ if ($resql) { $actionstatic->location = $obj->location; $actionstatic->note_private = dol_htmlentitiesbr($obj->note); - $actionstatic->fetchResources(); + // Initialize $this->userassigned && this->socpeopleassigned array && this->userownerid + // but only if we need it + if (!empty($arrayfields['a.fk_contact']['checked'])) { + $actionstatic->fetchResources(); + } print ''; @@ -1006,7 +1012,7 @@ if ($resql) { } if (!empty($arrayfields['a.percent']['checked'])) { // Status/Percent - $datep = $db->jdate($obj->datep); + $datep = $db->jdate($obj->dp); print ''.$actionstatic->LibStatut($obj->percent, 5, 0, $datep).''; } // Action column diff --git a/htdocs/comm/action/pertype.php b/htdocs/comm/action/pertype.php index 32eaccdcce1..b39d6c3141d 100644 --- a/htdocs/comm/action/pertype.php +++ b/htdocs/comm/action/pertype.php @@ -616,7 +616,7 @@ if ($filtert > 0 || $usergroup > 0) { $sql .= "ar.fk_element = ".$filtert; } if ($usergroup > 0) { - $sql .= ($filtert > 0 ? " OR " : "")." ugu.fk_usergroup = ".$usergroup; + $sql .= ($filtert > 0 ? " OR " : "")." ugu.fk_usergroup = ".((int) $usergroup); } $sql .= ")"; } diff --git a/htdocs/comm/action/peruser.php b/htdocs/comm/action/peruser.php index 76330d39453..10d9871c4c9 100644 --- a/htdocs/comm/action/peruser.php +++ b/htdocs/comm/action/peruser.php @@ -637,7 +637,7 @@ if ($filtert > 0 || $usergroup > 0) { $sql .= "ar.fk_element = ".$filtert; } if ($usergroup > 0) { - $sql .= ($filtert > 0 ? " OR " : "")." ugu.fk_usergroup = ".$usergroup; + $sql .= ($filtert > 0 ? " OR " : "")." ugu.fk_usergroup = ".((int) $usergroup); } $sql .= ")"; } @@ -899,7 +899,7 @@ while ($currentdaytoshow < $lastdaytoshow) { } $sql .= " WHERE u.statut = 1 AND u.entity IN (".getEntity('user').")"; if ($usergroup > 0) { - $sql .= " AND ug.fk_usergroup = ".$usergroup; + $sql .= " AND ug.fk_usergroup = ".((int) $usergroup); } //print $sql; $resql = $db->query($sql); diff --git a/htdocs/comm/action/rapport/index.php b/htdocs/comm/action/rapport/index.php index a90bc1cf5a3..9b6238ca0de 100644 --- a/htdocs/comm/action/rapport/index.php +++ b/htdocs/comm/action/rapport/index.php @@ -43,7 +43,8 @@ $limit = GETPOST('limit', 'int') ?GETPOST('limit', 'int') : $conf->liste_limit; $sortfield = GETPOST("sortfield", 'alpha'); $sortorder = GETPOST("sortorder", 'alpha'); $page = GETPOSTISSET('pageplusone') ? (GETPOST('pageplusone') - 1) : GETPOST("page", 'int'); -if ($page == -1 || $page == null) { +if (empty($page) || $page < 0 || GETPOST('button_search', 'alpha') || GETPOST('button_removefilter', 'alpha')) { + // If $page is not defined, or '' or -1 or if we click on clear filters $page = 0; } $offset = $limit * $page; diff --git a/htdocs/comm/card.php b/htdocs/comm/card.php index 589559ea426..fab7cfa6fa9 100644 --- a/htdocs/comm/card.php +++ b/htdocs/comm/card.php @@ -184,6 +184,15 @@ if (empty($reshook)) { } } + // transport mode + if ($action == 'settransportmode' && $user->rights->societe->creer) { + $object->fetch($id); + $result = $object->setTransportMode(GETPOST('transport_mode_id', 'alpha')); + if ($result < 0) { + setEventMessages($object->error, $object->errors, 'errors'); + } + } + // Bank account if ($action == 'setbankaccount' && $user->rights->societe->creer) { $object->fetch($id); @@ -580,9 +589,9 @@ if ($object->id > 0) { print ''; print ''; if ($action == 'edittransportmode') { - $form->formSelectTransportMode($_SERVER['PHP_SELF'].'?socid='.$object->id, $object->fk_transport_mode, 'fk_transport_mode', 1); + $form->formSelectTransportMode($_SERVER['PHP_SELF'].'?socid='.$object->id, (!empty($object->transport_mode_id) ? $object->transport_mode_id : ''), 'transport_mode_id', 1); } else { - $form->formSelectTransportMode($_SERVER['PHP_SELF'].'?socid='.$object->id, $object->fk_transport_mode, 'none'); + $form->formSelectTransportMode($_SERVER['PHP_SELF'].'?socid='.$object->id, (!empty($object->transport_mode_id) ? $object->transport_mode_id : ''), 'none'); } print ""; print ''; @@ -874,6 +883,7 @@ if ($object->id > 0) { $sql .= ", c.total_ttc"; $sql .= ", c.ref, c.ref_client, c.fk_statut, c.facture"; $sql .= ", c.date_commande as dc"; + $sql .= ", c.facture as billed"; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."commande as c"; $sql .= " WHERE c.fk_soc = s.rowid "; $sql .= " AND s.rowid = ".$object->id; diff --git a/htdocs/comm/contact.php b/htdocs/comm/contact.php index 9945ca0e186..1d74cba61cd 100644 --- a/htdocs/comm/contact.php +++ b/htdocs/comm/contact.php @@ -104,23 +104,15 @@ if ($type == "f") { if ($socid) { $sql .= " AND s.rowid = ".((int) $socid); } - -if (dol_strlen($stcomm)) { - $sql .= " AND s.fk_stcomm=".$db->escape($stcomm); -} - if (!empty($search_lastname)) { $sql .= " AND p.name LIKE '%".$db->escape($search_lastname)."%'"; } - if (!empty($search_firstname)) { $sql .= " AND p.firstname LIKE '%".$db->escape($search_firstname)."%'"; } - if (!empty($search_company)) { $sql .= " AND s.nom LIKE '%".$db->escape($search_company)."%'"; } - if (!empty($contactname)) { // acces a partir du module de recherche $sql .= " AND (p.name LIKE '%".$db->escape($contactname)."%' OR lower(p.firstname) LIKE '%".$db->escape($contactname)."%') "; $sortfield = "p.name"; diff --git a/htdocs/comm/mailing/card.php b/htdocs/comm/mailing/card.php index 86aff8a36e0..d801b4429c7 100644 --- a/htdocs/comm/mailing/card.php +++ b/htdocs/comm/mailing/card.php @@ -48,6 +48,7 @@ $confirm = GETPOST('confirm', 'alpha'); $urlfrom = GETPOST('urlfrom'); $object = new Mailing($db); + $result = $object->fetch($id); $extrafields = new ExtraFields($db); @@ -78,7 +79,7 @@ $listofmethods['mail'] = 'PHP mail function'; $listofmethods['smtps'] = 'SMTP/SMTPS socket library'; // Security check -if (!$user->rights->mailing->lire || (empty($conf->global->EXTERNAL_USERS_ARE_AUTHORIZED) && $user->socid > 0)) { +if (empty($user->rights->mailing->lire) || (empty($conf->global->EXTERNAL_USERS_ARE_AUTHORIZED) && $user->socid > 0)) { accessforbidden(); } @@ -408,7 +409,7 @@ if (empty($reshook)) { dol_syslog($db->error()); dol_print_error($db); } - + $object->fetch($id); $action = ''; } } diff --git a/htdocs/comm/mailing/cibles.php b/htdocs/comm/mailing/cibles.php index afd6273d6c0..08e223ed89f 100644 --- a/htdocs/comm/mailing/cibles.php +++ b/htdocs/comm/mailing/cibles.php @@ -68,6 +68,8 @@ $modulesdir = dolGetModulesDirs('/mailings'); $object = new Mailing($db); $result = $object->fetch($id); +// Initialize technical object to manage hooks of page. Note that conf->hooks_modules contains array of hook context +$hookmanager->initHooks(array('ciblescard', 'globalcard')); // Security check if (!$user->rights->mailing->lire || (empty($conf->global->EXTERNAL_USERS_ARE_AUTHORIZED) && $user->socid > 0)) { @@ -438,6 +440,10 @@ if ($object->fetch($id) >= 0) { } } // End foreach dir + $parameters = array(); + $reshook = $hookmanager->executeHooks('formObjectOptions', $parameters, $object, $action); // Note that $action and $object may have been modified by hook + print $hookmanager->resPrint; + print '
'; print '

'; diff --git a/htdocs/comm/propal/card.php b/htdocs/comm/propal/card.php index b5bd94f0c2e..8b5f757ad0e 100644 --- a/htdocs/comm/propal/card.php +++ b/htdocs/comm/propal/card.php @@ -2294,6 +2294,7 @@ if ($action == 'create') { print $langs->trans('OutstandingBill'); print ''; $arrayoutstandingbills = $soc->getOutstandingBills(); + print ($arrayoutstandingbills['opened'] > $soc->outstanding_limit ? img_warning() : ''); print price($arrayoutstandingbills['opened']).' / '; print price($soc->outstanding_limit, 0, $langs, 1, - 1, - 1, $conf->currency); print ''; diff --git a/htdocs/comm/propal/class/propal.class.php b/htdocs/comm/propal/class/propal.class.php index c544f5f7fe9..6c670c82364 100644 --- a/htdocs/comm/propal/class/propal.class.php +++ b/htdocs/comm/propal/class/propal.class.php @@ -2463,12 +2463,12 @@ class Propal extends CommonObject $error = 0; $sql = "UPDATE ".MAIN_DB_PREFIX."propal"; - $sql .= " SET fk_statut = ".$status.","; + $sql .= " SET fk_statut = ".((int) $status).","; if (!empty($note)) { $sql .= " note_private = '".$this->db->escape($note)."',"; } $sql .= " date_cloture=NULL, fk_user_cloture=NULL"; - $sql .= " WHERE rowid = ".$this->id; + $sql .= " WHERE rowid = ".((int) $this->id); $this->db->begin(); @@ -4305,7 +4305,7 @@ class PropaleLigne extends CommonObjectLine } $sql .= ", fk_parent_line=".($this->fk_parent_line > 0 ? $this->fk_parent_line : "null"); if (!empty($this->rang)) { - $sql .= ", rang=".$this->rang; + $sql .= ", rang=".((int) $this->rang); } $sql .= ", date_start=".(!empty($this->date_start) ? "'".$this->db->idate($this->date_start)."'" : "null"); $sql .= ", date_end=".(!empty($this->date_end) ? "'".$this->db->idate($this->date_end)."'" : "null"); @@ -4317,7 +4317,7 @@ class PropaleLigne extends CommonObjectLine $sql .= ", multicurrency_total_tva=".price2num($this->multicurrency_total_tva).""; $sql .= ", multicurrency_total_ttc=".price2num($this->multicurrency_total_ttc).""; - $sql .= " WHERE rowid = ".$this->id; + $sql .= " WHERE rowid = ".((int) $this->id); dol_syslog(get_class($this)."::update", LOG_DEBUG); $resql = $this->db->query($sql); @@ -4365,7 +4365,7 @@ class PropaleLigne extends CommonObjectLine $sql .= " total_ht=".price2num($this->total_ht, 'MT').""; $sql .= ",total_tva=".price2num($this->total_tva, 'MT').""; $sql .= ",total_ttc=".price2num($this->total_ttc, 'MT').""; - $sql .= " WHERE rowid = ".$this->rowid; + $sql .= " WHERE rowid = ".((int) $this->rowid); dol_syslog("PropaleLigne::update_total", LOG_DEBUG); diff --git a/htdocs/comm/propal/document.php b/htdocs/comm/propal/document.php index 2b21c545c63..a60f892274c 100644 --- a/htdocs/comm/propal/document.php +++ b/htdocs/comm/propal/document.php @@ -189,7 +189,7 @@ if ($object->id > 0) { print dol_get_fiche_end(); $modulepart = 'propal'; - $permission = $user->rights->propal->creer; + $permissiontoadd = $user->rights->propal->creer; $permtoedit = $user->rights->propal->creer; $param = '&id='.$object->id; include DOL_DOCUMENT_ROOT.'/core/tpl/document_actions_post_headers.tpl.php'; diff --git a/htdocs/comm/propal/index.php b/htdocs/comm/propal/index.php index 359084ddabe..7ff3e405499 100644 --- a/htdocs/comm/propal/index.php +++ b/htdocs/comm/propal/index.php @@ -88,7 +88,7 @@ if (!empty($conf->propal->enabled)) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".$user->id; } if ($socid) { - $sql .= " AND p.fk_soc = ".$socid; + $sql .= " AND p.fk_soc = ".((int) $socid); } $resql = $db->query($sql); @@ -150,7 +150,7 @@ print '
'; */ $sql = "SELECT c.rowid, c.entity, c.ref, c.fk_statut, date_cloture as datec"; -$sql .= ", s.nom as socname, s.rowid as socid, s.canvas, s.client"; +$sql .= ", s.nom as socname, s.rowid as socid, s.canvas, s.client, s.email, s.code_compta"; $sql .= " FROM ".MAIN_DB_PREFIX."propal as c"; $sql .= ", ".MAIN_DB_PREFIX."societe as s"; if (!$user->rights->societe->client->voir && !$socid) { @@ -160,7 +160,7 @@ $sql .= " WHERE c.entity IN (".getEntity($propalstatic->element).")"; $sql .= " AND c.fk_soc = s.rowid"; //$sql.= " AND c.fk_statut > 2"; if ($socid) { - $sql .= " AND c.fk_soc = ".$socid; + $sql .= " AND c.fk_soc = ".((int) $socid); } if (!$user->rights->societe->client->voir && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".$user->id; @@ -185,6 +185,8 @@ if ($resql) { $companystatic->name = $obj->socname; $companystatic->client = $obj->client; $companystatic->canvas = $obj->canvas; + $companystatic->email = $obj->email; + $companystatic->code_compta = $obj->code_compta; $filename = dol_sanitizeFileName($obj->ref); $filedir = $conf->propal->multidir_output[$obj->entity].'/'.dol_sanitizeFileName($obj->ref); @@ -223,7 +225,7 @@ if ($resql) { * Open (validated) proposals */ if (!empty($conf->propal->enabled) && $user->rights->propale->lire) { - $sql = "SELECT s.nom as socname, s.rowid as socid, s.canvas, s.client"; + $sql = "SELECT s.nom as socname, s.rowid as socid, s.canvas, s.client, s.email, s.code_compta"; $sql .= ", p.rowid as propalid, p.entity, p.total_ttc, p.total_ht, p.ref, p.fk_statut, p.datep as dp, p.fin_validite as dfv"; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s"; $sql .= ", ".MAIN_DB_PREFIX."propal as p"; @@ -260,6 +262,8 @@ if (!empty($conf->propal->enabled) && $user->rights->propale->lire) { $companystatic->name = $obj->socname; $companystatic->client = $obj->client; $companystatic->canvas = $obj->canvas; + $companystatic->email = $obj->email; + $companystatic->code_compta = $obj->code_compta; $filename = dol_sanitizeFileName($obj->ref); $filedir = $conf->propal->multidir_output[$obj->entity].'/'.dol_sanitizeFileName($obj->ref); @@ -314,7 +318,7 @@ if (! empty($conf->propal->enabled)) $sql.= " WHERE c.fk_soc = s.rowid"; $sql.= " AND c.entity = ".$conf->entity; $sql.= " AND c.fk_statut = 1"; - if ($socid) $sql.= " AND c.fk_soc = ".$socid; + if ($socid) $sql.= " AND c.fk_soc = ".((int) $socid); if (!$user->rights->societe->client->voir && !$socid) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; $sql.= " ORDER BY c.rowid DESC"; @@ -389,7 +393,7 @@ if (! empty($conf->propal->enabled)) $sql.= " WHERE c.fk_soc = s.rowid"; $sql.= " AND c.entity = ".$conf->entity; $sql.= " AND c.fk_statut = 2 "; - if ($socid) $sql.= " AND c.fk_soc = ".$socid; + if ($socid) $sql.= " AND c.fk_soc = ".((int) $socid); if (!$user->rights->societe->client->voir && !$socid) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; $sql.= " ORDER BY c.rowid DESC"; diff --git a/htdocs/comm/propal/list.php b/htdocs/comm/propal/list.php index 48ad9783367..95d461eac39 100644 --- a/htdocs/comm/propal/list.php +++ b/htdocs/comm/propal/list.php @@ -593,27 +593,27 @@ if ($sall) { $sql .= natural_search(array_keys($fieldstosearchall), $sall); } if ($search_categ_cus > 0) { - $sql .= " AND cc.fk_categorie = ".$db->escape($search_categ_cus); + $sql .= " AND cc.fk_categorie = ".((int) $search_categ_cus); } if ($search_categ_cus == -2) { $sql .= " AND cc.fk_categorie IS NULL"; } if ($search_fk_cond_reglement > 0) { - $sql .= " AND p.fk_cond_reglement = ".$db->escape($search_fk_cond_reglement); + $sql .= " AND p.fk_cond_reglement = ".((int) $search_fk_cond_reglement); } if ($search_fk_shipping_method > 0) { - $sql .= " AND p.fk_shipping_method = ".$db->escape($search_fk_shipping_method); + $sql .= " AND p.fk_shipping_method = ".((int) $search_fk_shipping_method); } if ($search_fk_input_reason > 0) { - $sql .= " AND p.fk_input_reason = ".$db->escape($search_fk_input_reason); + $sql .= " AND p.fk_input_reason = ".((int) $search_fk_input_reason); } if ($search_fk_mode_reglement > 0) { - $sql .= " AND p.fk_mode_reglement = ".$db->escape($search_fk_mode_reglement); + $sql .= " AND p.fk_mode_reglement = ".((int) $search_fk_mode_reglement); } if ($search_product_category > 0) { - $sql .= " AND cp.fk_categorie = ".$db->escape($search_product_category); + $sql .= " AND cp.fk_categorie = ".((int) $search_product_category); } if ($socid > 0) { $sql .= ' AND s.rowid = '.((int) $socid); @@ -1419,7 +1419,7 @@ if ($resql) { if (!empty($arrayfields['pr.ref']['checked'])) { // Project ref - print ''; + print ''; if ($obj->project_id > 0) { print $projectstatic->getNomUrl(1); } diff --git a/htdocs/comm/propal/stats/index.php b/htdocs/comm/propal/stats/index.php index c0d92908aab..c1975e309f5 100644 --- a/htdocs/comm/propal/stats/index.php +++ b/htdocs/comm/propal/stats/index.php @@ -53,8 +53,7 @@ if ($user->socid > 0) { $nowyear = strftime("%Y", dol_now()); $year = GETPOST('year') > 0 ? GETPOST('year', 'int') : $nowyear; -//$startyear=$year-2; -$startyear = $year - 1; +$startyear = $year - (empty($conf->global->MAIN_STATS_GRAPHS_SHOW_N_YEARS) ? 2 : max(1, min(10, $conf->global->MAIN_STATS_GRAPHS_SHOW_N_YEARS))); $endyear = $year; // Load translation files required by the page @@ -254,56 +253,56 @@ print dol_get_fiche_head($head, 'byyear', $langs->trans("Statistics"), -1); print '
'; -//if (empty($socid)) -//{ - // Show filter box - print '
'; - print ''; - print ''; +// Show filter box +print ''; +print ''; +print ''; - print ''; - print ''; - // Company - print ''; - // ThirdParty Type - print ''; +print ''; +print '
'.$langs->trans("Filter").'
'.$langs->trans("ThirdParty").''; - $filter = 's.client IN (1,2,3)'; - print $form->select_company($socid, 'socid', $filter, 1, 0, 0, array(), 0, '', 'style="width: 95%"'); - print '
'.$langs->trans("ThirdPartyType").''; - $sortparam_typent = (empty($conf->global->SOCIETE_SORT_ON_TYPEENT) ? 'ASC' : $conf->global->SOCIETE_SORT_ON_TYPEENT); // NONE means we keep sort of original array, so we sort on position. ASC, means next function will sort on label. - print $form->selectarray("typent_id", $formcompany->typent_array(0), $typent_id, 1, 0, 0, '', 0, 0, 0, $sortparam_typent, '', 1); +print ''; +print ''; +// Company +print ''; +// ThirdParty Type +print ''; - // Category - print ''; - // User - print ''; - // Status - print ''; - // Year - print ''; +// Category +print ''; +// User +print ''; +// Status +print ''; +// Year +print ''; - print ''; - print '
'.$langs->trans("Filter").'
'.$langs->trans("ThirdParty").''; +$filter = 's.client IN (1,2,3)'; +print img_picto('', 'company', 'class="pictofixedwidth"'); +print $form->select_company($socid, 'socid', $filter, 1, 0, 0, array(), 0, 'widthcentpercentminusx maxwidth300', ''); +print '
'.$langs->trans("ThirdPartyType").''; +$sortparam_typent = (empty($conf->global->SOCIETE_SORT_ON_TYPEENT) ? 'ASC' : $conf->global->SOCIETE_SORT_ON_TYPEENT); // NONE means we keep sort of original array, so we sort on position. ASC, means next function will sort on label. +print $form->selectarray("typent_id", $formcompany->typent_array(0), $typent_id, 1, 0, 0, '', 0, 0, 0, $sortparam_typent, '', 1); if ($user->admin) { print ' '.info_admin($langs->trans("YouCanChangeValuesForThisListFromDictionarySetup"), 1); } - print '
'.$cat_label.''; - print $formother->select_categories($cat_type, $categ_id, 'categ_id', true); - print '
'.$langs->trans("CreatedBy").''; - print $form->select_dolusers($userid, 'userid', 1, '', 0, '', '', 0, 0, 0, '', 0, '', 'maxwidth300'); - print '
'.$langs->trans("Status").''; - $formpropal->selectProposalStatus(($object_status != '' ? $object_status : -1), 0, 0, 1, $mode, 'object_status'); - print '
'.$langs->trans("Year").''; +print '
'.$cat_label.''; +print img_picto('', 'category', 'class="pictofixedwidth"'); +print $formother->select_categories($cat_type, $categ_id, 'categ_id', 0, 1, 'widthcentpercentminusx maxwidth300'); +print '
'.$langs->trans("CreatedBy").''; +print img_picto('', 'user', 'class="pictofixedwidth"'); +print $form->select_dolusers($userid, 'userid', 1, '', 0, '', '', 0, 0, 0, '', 0, '', 'widthcentpercentminusx maxwidth300'); +print '
'.$langs->trans("Status").''; +$formpropal->selectProposalStatus(($object_status != '' ? $object_status : -1), 0, 0, 1, $mode, 'object_status'); +print '
'.$langs->trans("Year").''; if (!in_array($year, $arrayyears)) { $arrayyears[$year] = $year; } if (!in_array($nowyear, $arrayyears)) { $arrayyears[$nowyear] = $nowyear; } - arsort($arrayyears); - print $form->selectarray('year', $arrayyears, $year, 0); - print '
'; - print ''; - print '

'; -//} +arsort($arrayyears); +print $form->selectarray('year', $arrayyears, $year, 0); +print '
'; +print ''; +print '

'; print '
'; print ''; @@ -336,11 +335,11 @@ foreach ($data as $val) { print ''; print ''; print ''; - print ''; + print ''; print ''; - print ''; + print ''; print ''; - print ''; + print ''; print ''; $oldyear = $year; } diff --git a/htdocs/comm/prospect/index.php b/htdocs/comm/prospect/index.php index 8883e0af6f3..d2f60c36212 100644 --- a/htdocs/comm/prospect/index.php +++ b/htdocs/comm/prospect/index.php @@ -87,7 +87,7 @@ $sql .= " WHERE s.fk_stcomm = st.id"; $sql .= " AND s.client IN (2, 3)"; $sql .= " AND s.entity IN (".getEntity($companystatic->element).")"; if (!$user->rights->societe->client->voir && !$socid) { - $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".$user->id; + $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } $sql .= " GROUP BY st.id"; $sql .= " ORDER BY st.id"; @@ -129,7 +129,7 @@ if (!empty($conf->propal->enabled) && $user->rights->propale->lire) { $sql .= " AND p.fk_soc = s.rowid"; $sql .= " AND p.entity IN (".getEntity('propal').")"; if (!$user->rights->societe->client->voir && !$socid) { - $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".$user->id; + $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } $resql = $db->query($sql); @@ -191,7 +191,7 @@ if (!empty($conf->propal->enabled) && $user->rights->propale->lire) { $sql .= " AND p.fk_statut = 1"; $sql .= " AND p.entity IN (".getEntity('propal').")"; if (!$user->rights->societe->client->voir && !$socid) { - $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".$user->id; + $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid) { $sql .= " AND s.rowid = ".((int) $socid); @@ -250,7 +250,7 @@ if (!$user->rights->societe->client->voir && !$socid) { $sql .= " WHERE s.fk_stcomm = 1"; $sql .= " AND s.entity IN (".getEntity($companystatic->element).")"; if (!$user->rights->societe->client->voir && !$socid) { - $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".$user->id; + $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } $sql .= " ORDER BY s.tms ASC"; $sql .= $db->plimit(15, 0); diff --git a/htdocs/commande/class/commande.class.php b/htdocs/commande/class/commande.class.php index c0851dfee1d..c19cc6c379f 100644 --- a/htdocs/commande/class/commande.class.php +++ b/htdocs/commande/class/commande.class.php @@ -2539,7 +2539,7 @@ class Commande extends CommonOrder $sql = "UPDATE ".MAIN_DB_PREFIX."commande"; $sql .= " SET date_commande = ".($date ? "'".$this->db->idate($date)."'" : 'null'); - $sql .= " WHERE rowid = ".$this->id." AND fk_statut = ".self::STATUS_DRAFT; + $sql .= " WHERE rowid = ".$this->id." AND fk_statut = ".((int) self::STATUS_DRAFT); dol_syslog(__METHOD__, LOG_DEBUG); $resql = $this->db->query($sql); @@ -4559,14 +4559,14 @@ class OrderLine extends CommonOrderLine } $sql .= " , fk_product_fournisseur_price=".(!empty($this->fk_fournprice) ? $this->fk_fournprice : "null"); $sql .= " , buy_price_ht='".price2num($this->pa_ht)."'"; - $sql .= " , info_bits=".$this->info_bits; - $sql .= " , special_code=".$this->special_code; + $sql .= " , info_bits=".((int) $this->info_bits); + $sql .= " , special_code=".((int) $this->special_code); $sql .= " , date_start=".(!empty($this->date_start) ? "'".$this->db->idate($this->date_start)."'" : "null"); $sql .= " , date_end=".(!empty($this->date_end) ? "'".$this->db->idate($this->date_end)."'" : "null"); $sql .= " , product_type=".$this->product_type; $sql .= " , fk_parent_line=".(!empty($this->fk_parent_line) ? $this->fk_parent_line : "null"); if (!empty($this->rang)) { - $sql .= ", rang=".$this->rang; + $sql .= ", rang=".((int) $this->rang); } $sql .= " , fk_unit=".(!$this->fk_unit ? 'NULL' : $this->fk_unit); @@ -4576,7 +4576,7 @@ class OrderLine extends CommonOrderLine $sql .= " , multicurrency_total_tva=".price2num($this->multicurrency_total_tva).""; $sql .= " , multicurrency_total_ttc=".price2num($this->multicurrency_total_ttc).""; - $sql .= " WHERE rowid = ".$this->rowid; + $sql .= " WHERE rowid = ".((int) $this->rowid); dol_syslog(get_class($this)."::update", LOG_DEBUG); $resql = $this->db->query($sql); diff --git a/htdocs/commande/class/commandestats.class.php b/htdocs/commande/class/commandestats.class.php index 85036543e18..6bd6067dcf7 100644 --- a/htdocs/commande/class/commandestats.class.php +++ b/htdocs/commande/class/commandestats.class.php @@ -44,7 +44,10 @@ class CommandeStats extends Stats public $userid; public $from; + public $from_line; public $field; + public $field_line; + public $categ_link; public $where; public $join; @@ -77,6 +80,7 @@ class CommandeStats extends Stats $this->field = 'total_ht'; $this->field_line = 'total_ht'; //$this->where .= " c.fk_statut > 0"; // Not draft and not cancelled + $this->categ_link = MAIN_DB_PREFIX.'categorie_societe'; } elseif ($mode == 'supplier') { $object = new CommandeFournisseur($this->db); $this->from = MAIN_DB_PREFIX.$object->table_element." as c"; @@ -84,6 +88,7 @@ class CommandeStats extends Stats $this->field = 'total_ht'; $this->field_line = 'total_ht'; //$this->where .= " c.fk_statut > 2"; // Only approved & ordered + $this->categ_link = MAIN_DB_PREFIX.'categorie_fournisseur'; } //$this->where.= " AND c.fk_soc = s.rowid AND c.entity = ".$conf->entity; $this->where .= ($this->where ? ' AND ' : '').'c.entity IN ('.getEntity('commande').')'; @@ -104,7 +109,7 @@ class CommandeStats extends Stats } if ($categid) { - $this->join .= ' LEFT JOIN '.MAIN_DB_PREFIX.'categorie_societe as cats ON cats.fk_soc = c.fk_soc'; + $this->join .= ' LEFT JOIN '.$this->categ_link.' as cats ON cats.fk_soc = c.fk_soc'; $this->join .= ' LEFT JOIN '.MAIN_DB_PREFIX.'categorie as cat ON cat.rowid = cats.fk_categorie'; $this->where .= ' AND cat.rowid = '.((int) $categid); } diff --git a/htdocs/commande/customer.php b/htdocs/commande/customer.php index 6dfa898a024..62f8c4772f6 100644 --- a/htdocs/commande/customer.php +++ b/htdocs/commande/customer.php @@ -89,9 +89,6 @@ $sql .= " AND s.entity IN (".getEntity('societe').")"; if (!$user->rights->societe->client->voir && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".$user->id; } -if (dol_strlen($stcomm)) { - $sql .= " AND s.fk_stcomm=".$stcomm; -} if (GETPOST("search_nom")) { $sql .= natural_search("s.nom", GETPOST("search_nom")); } diff --git a/htdocs/commande/document.php b/htdocs/commande/document.php index c289112ee9f..f8cc503e0ec 100644 --- a/htdocs/commande/document.php +++ b/htdocs/commande/document.php @@ -184,7 +184,7 @@ if ($id > 0 || !empty($ref)) { print dol_get_fiche_end(); $modulepart = 'commande'; - $permission = $user->rights->commande->creer; + $permissiontoadd = $user->rights->commande->creer; $permtoedit = $user->rights->commande->creer; $param = '&id='.$object->id.'&entity='.(!empty($object->entity) ? $object->entity : $conf->entity); include DOL_DOCUMENT_ROOT.'/core/tpl/document_actions_post_headers.tpl.php'; diff --git a/htdocs/commande/index.php b/htdocs/commande/index.php index 48f1f600126..73f40668cea 100644 --- a/htdocs/commande/index.php +++ b/htdocs/commande/index.php @@ -166,7 +166,7 @@ $sql .= " WHERE c.fk_soc = s.rowid"; $sql .= " AND c.entity IN (".getEntity('commande').")"; //$sql.= " AND c.fk_statut > 2"; if ($socid) { - $sql .= " AND c.fk_soc = ".$socid; + $sql .= " AND c.fk_soc = ".((int) $socid); } if (!$user->rights->societe->client->voir && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".$user->id; @@ -250,7 +250,7 @@ if (!empty($conf->commande->enabled)) { $sql .= " AND c.entity IN (".getEntity('commande').")"; $sql .= " AND c.fk_statut = ".Commande::STATUS_VALIDATED; if ($socid) { - $sql .= " AND c.fk_soc = ".$socid; + $sql .= " AND c.fk_soc = ".((int) $socid); } if (!$user->rights->societe->client->voir && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".$user->id; @@ -337,9 +337,9 @@ if (!empty($conf->commande->enabled)) { } $sql .= " WHERE c.fk_soc = s.rowid"; $sql .= " AND c.entity IN (".getEntity('commande').")"; - $sql .= " AND c.fk_statut = ".Commande::STATUS_ACCEPTED; + $sql .= " AND c.fk_statut = ".((int) Commande::STATUS_ACCEPTED); if ($socid) { - $sql .= " AND c.fk_soc = ".$socid; + $sql .= " AND c.fk_soc = ".((int) $socid); } if (!$user->rights->societe->client->voir && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".$user->id; diff --git a/htdocs/commande/list.php b/htdocs/commande/list.php index f42b7c08de9..98bbd00b351 100644 --- a/htdocs/commande/list.php +++ b/htdocs/commande/list.php @@ -473,7 +473,7 @@ if ($search_user > 0) { $sql .= ' WHERE c.fk_soc = s.rowid'; $sql .= ' AND c.entity IN ('.getEntity('commande').')'; if ($search_product_category > 0) { - $sql .= " AND cp.fk_categorie = ".$search_product_category; + $sql .= " AND cp.fk_categorie = ".((int) $search_product_category); } if ($socid > 0) { $sql .= ' AND s.rowid = '.((int) $socid); diff --git a/htdocs/commande/stats/index.php b/htdocs/commande/stats/index.php index 090d07baf81..bd92dc084c7 100644 --- a/htdocs/commande/stats/index.php +++ b/htdocs/commande/stats/index.php @@ -60,8 +60,7 @@ if ($user->socid > 0) { $nowyear = strftime("%Y", dol_now()); $year = GETPOST('year') > 0 ?GETPOST('year') : $nowyear; -//$startyear=$year-2; -$startyear = $year - 1; +$startyear = $year - (empty($conf->global->MAIN_STATS_GRAPHS_SHOW_N_YEARS) ? 2 : max(1, min(10, $conf->global->MAIN_STATS_GRAPHS_SHOW_N_YEARS))); $endyear = $year; // Load translation files required by the page @@ -295,7 +294,8 @@ if ($mode == 'customer') { if ($mode == 'supplier') { $filter = 's.fournisseur = 1'; } -print $form->select_company($socid, 'socid', $filter, 1, 0, 0, array(), 0, '', 'style="width: 95%"'); +print img_picto('', 'company', 'class="pictofixedwidth"'); +print $form->select_company($socid, 'socid', $filter, 1, 0, 0, array(), 0, 'widthcentpercentminusx maxwidth300'); print ''; // ThirdParty Type print ''; // User -print ''; -print ''; +print ''; print '
0 ? '&userid='.$userid : '').'">'.$year.''.$val['nb'].''.round($val['nb_diff']).''.round($val['nb_diff']).'%'.price(price2num($val['total'], 'MT'), 1).''.round($val['total_diff']).''.round($val['total_diff']).'%'.price(price2num($val['avg'], 'MT'), 1).''.round($val['avg_diff']).''.round($val['avg_diff']).'%
'.$langs->trans("ThirdPartyType").''; @@ -315,13 +315,15 @@ if ($mode == 'supplier') { $cat_label = $langs->trans("Category").' '.lcfirst($langs->trans("Supplier")); } print '
'.$cat_label.''; -print $formother->select_categories($cat_type, $categ_id, 'categ_id', true); +print img_picto('', 'category', 'class="pictofixedwidth"'); +print $formother->select_categories($cat_type, $categ_id, 'categ_id', 0, 1, 'widthcentpercentminusx maxwidth300'); print '
'.$langs->trans("CreatedBy").''; -print $form->select_dolusers($userid, 'userid', 1, '', 0, '', '', 0, 0, 0, '', 0, '', 'maxwidth300'); +print '
'.$langs->trans("CreatedBy").''; +print img_picto('', 'user', 'class="pictofixedwidth"'); +print $form->select_dolusers($userid, 'userid', 1, '', 0, '', '', 0, 0, 0, '', 0, '', 'widthcentpercentminusx maxwidth300'); // Status -print '
'.$langs->trans("Status").''; +print '
'.$langs->trans("Status").''; if ($mode == 'customer') { $liststatus = array( Commande::STATUS_DRAFT=>$langs->trans("StatusOrderDraft"), @@ -347,7 +349,7 @@ if (!in_array($nowyear, $arrayyears)) { arsort($arrayyears); print $form->selectarray('year', $arrayyears, $year, 0); print '
'; print ''; print '

'; @@ -386,11 +388,11 @@ foreach ($data as $val) { print ''; print ' 0 ? '&userid='.$userid : '').'">'.$year.''; print ''.$val['nb'].''; - print ''.round($val['nb_diff']).''; + print ''.round($val['nb_diff']).'%'; print ''.price(price2num($val['total'], 'MT'), 1).''; - print ''.round($val['total_diff']).''; + print ''.round($val['total_diff']).'%'; print ''.price(price2num($val['avg'], 'MT'), 1).''; - print ''.round($val['avg_diff']).''; + print ''.round($val['avg_diff']).'%'; print ''; $oldyear = $year; } diff --git a/htdocs/compta/bank/account_statement_document.php b/htdocs/compta/bank/account_statement_document.php index 4f317c1a9ed..03209ad7673 100644 --- a/htdocs/compta/bank/account_statement_document.php +++ b/htdocs/compta/bank/account_statement_document.php @@ -183,7 +183,7 @@ if ($id > 0 || !empty($ref)) { $modulepart = 'bank'; - $permission = $user->rights->banque->modifier; + $permissiontoadd = $user->rights->banque->modifier; $permtoedit = $user->rights->banque->modifier; $param = '&id='.$object->id.'&num='.urlencode($numref); $moreparam = '&num='.urlencode($numref); diff --git a/htdocs/compta/bank/bankentries_list.php b/htdocs/compta/bank/bankentries_list.php index 0a9784fce75..666621cbdd6 100644 --- a/htdocs/compta/bank/bankentries_list.php +++ b/htdocs/compta/bank/bankentries_list.php @@ -1181,7 +1181,7 @@ if ($resql) { $sqlforbalance .= " ".MAIN_DB_PREFIX."bank as b"; $sqlforbalance .= " WHERE b.fk_account = ba.rowid"; $sqlforbalance .= " AND ba.entity IN (".getEntity('bank_account').")"; - $sqlforbalance .= " AND b.fk_account = ".$search_account; + $sqlforbalance .= " AND b.fk_account = ".((int) $search_account); $sqlforbalance .= " AND (b.datev < '".$db->idate($db->jdate($objp->dv))."' OR (b.datev = '".$db->idate($db->jdate($objp->dv))."' AND (b.dateo < '".$db->idate($db->jdate($objp->do))."' OR (b.dateo = '".$db->idate($db->jdate($objp->do))."' AND b.rowid < ".$objp->rowid."))))"; $resqlforbalance = $db->query($sqlforbalance); //print $sqlforbalance; diff --git a/htdocs/compta/bank/card.php b/htdocs/compta/bank/card.php index 3b658f0c793..7f1c830d45b 100644 --- a/htdocs/compta/bank/card.php +++ b/htdocs/compta/bank/card.php @@ -73,223 +73,228 @@ $result = restrictedArea($user, 'banque', $id, 'bank_account&bank_account', '', * Actions */ -if ($cancel) { - $action = ''; -} +$parameters = array(); +$reshook = $hookmanager->executeHooks('doActions', $parameters, $object, $action); // Note that $action and $object may have been modified by some hooks +if ($reshook < 0) setEventMessages($hookmanager->error, $hookmanager->errors, 'errors'); -if ($action == 'add') { - $error = 0; - - $db->begin(); - - // Create account - $object = new Account($db); - - $object->ref = dol_string_nospecial(trim(GETPOST('ref', 'alpha'))); - $object->label = trim(GETPOST("label", 'alphanohtml')); - $object->courant = GETPOST("type"); - $object->clos = GETPOST("clos"); - $object->rappro = (GETPOST("norappro", 'alpha') ? 0 : 1); - $object->url = trim(GETPOST("url", 'alpha')); - - $object->bank = trim(GETPOST("bank")); - $object->code_banque = trim(GETPOST("code_banque")); - $object->code_guichet = trim(GETPOST("code_guichet")); - $object->number = trim(GETPOST("number")); - $object->cle_rib = trim(GETPOST("cle_rib")); - $object->bic = trim(GETPOST("bic")); - $object->iban = trim(GETPOST("iban")); - $object->domiciliation = trim(GETPOST("domiciliation", "nohtml")); - - $object->proprio = trim(GETPOST("proprio", 'alphanohtml')); - $object->owner_address = trim(GETPOST("owner_address", 'nohtml')); - - $object->ics = trim(GETPOST("ics", 'alpha')); - $object->ics_transfer = trim(GETPOST("ics_transfer", 'alpha')); - - $account_number = GETPOST('account_number', 'alphanohtml'); - if (empty($account_number) || $account_number == '-1') { - $object->account_number = ''; - } else { - $object->account_number = $account_number; - } - $fk_accountancy_journal = GETPOST('fk_accountancy_journal', 'int'); - if ($fk_accountancy_journal <= 0) { - $object->fk_accountancy_journal = ''; - } else { - $object->fk_accountancy_journal = $fk_accountancy_journal; - } - - $object->solde = price2num(GETPOST("solde")); - $object->date_solde = dol_mktime(12, 0, 0, GETPOST("remonth", 'int'), GETPOST('reday', 'int'), GETPOST("reyear", 'int')); - - $object->currency_code = trim(GETPOST("account_currency_code")); - - $object->state_id = GETPOST("account_state_id", 'int'); - $object->country_id = GETPOST("account_country_id", 'int'); - - $object->min_allowed = GETPOST("account_min_allowed", 'int'); - $object->min_desired = GETPOST("account_min_desired", 'int'); - $object->comment = trim(GETPOST("account_comment", 'restricthtml')); - - $object->fk_user_author = $user->id; - - if ($conf->global->MAIN_BANK_ACCOUNTANCY_CODE_ALWAYS_REQUIRED && empty($object->account_number)) { - setEventMessages($langs->transnoentitiesnoconv("ErrorFieldRequired", $langs->transnoentitiesnoconv("AccountancyCode")), null, 'errors'); - $action = 'create'; // Force chargement page en mode creation - $error++; - } - if (empty($object->ref)) { - setEventMessages($langs->transnoentitiesnoconv("ErrorFieldRequired", $langs->transnoentitiesnoconv("Ref")), null, 'errors'); - $action = 'create'; // Force chargement page en mode creation - $error++; - } - if (empty($object->label)) { - setEventMessages($langs->transnoentitiesnoconv("ErrorFieldRequired", $langs->transnoentitiesnoconv("LabelBankCashAccount")), null, 'errors'); - $action = 'create'; // Force chargement page en mode creation - $error++; - } - - // Fill array 'array_options' with data from add form - $ret = $extrafields->setOptionalsFromPost(null, $object); - - if (!$error) { - $id = $object->create($user); - if ($id > 0) { - // Category association - $categories = GETPOST('categories', 'array'); - $object->setCategories($categories); - - $_GET["id"] = $id; // Force chargement page en mode visu - - $action = ''; - } else { - $error++; - setEventMessages($object->error, $object->errors, 'errors'); - - $action = 'create'; // Force chargement page en mode creation - } - } - - if (!$error) { - $db->commit(); - } else { - $db->rollback(); - } -} - -if ($action == 'update') { - $error = 0; - - // Update account - $object = new Account($db); - $object->fetch(GETPOST("id", 'int')); - - $object->ref = dol_string_nospecial(trim(GETPOST('ref', 'alpha'))); - $object->label = trim(GETPOST("label", 'alphanohtml')); - $object->courant = GETPOST("type"); - $object->clos = GETPOST("clos"); - $object->rappro = (GETPOST("norappro", 'alpha') ? 0 : 1); - $object->url = trim(GETPOST("url", 'alpha')); - - $object->bank = trim(GETPOST("bank")); - $object->code_banque = trim(GETPOST("code_banque")); - $object->code_guichet = trim(GETPOST("code_guichet")); - $object->number = trim(GETPOST("number")); - $object->cle_rib = trim(GETPOST("cle_rib")); - $object->bic = trim(GETPOST("bic")); - $object->iban = trim(GETPOST("iban")); - $object->domiciliation = trim(GETPOST("domiciliation", "nohtml")); - - $object->proprio = trim(GETPOST("proprio", 'alphanohtml')); - $object->owner_address = trim(GETPOST("owner_address", 'nohtml')); - - $object->ics = trim(GETPOST("ics", 'alpha')); - $object->ics_transfer = trim(GETPOST("ics_transfer", 'alpha')); - - $account_number = GETPOST('account_number', 'alpha'); - if (empty($account_number) || $account_number == '-1') { - $object->account_number = ''; - } else { - $object->account_number = $account_number; - } - $fk_accountancy_journal = GETPOST('fk_accountancy_journal', 'int'); - if ($fk_accountancy_journal <= 0) { - $object->fk_accountancy_journal = ''; - } else { - $object->fk_accountancy_journal = $fk_accountancy_journal; - } - - $object->currency_code = trim(GETPOST("account_currency_code")); - - $object->state_id = GETPOST("account_state_id", 'int'); - $object->country_id = GETPOST("account_country_id", 'int'); - - $object->min_allowed = GETPOST("account_min_allowed", 'int'); - $object->min_desired = GETPOST("account_min_desired", 'int'); - $object->comment = trim(GETPOST("account_comment", 'restricthtml')); - - if ($conf->global->MAIN_BANK_ACCOUNTANCY_CODE_ALWAYS_REQUIRED && empty($object->account_number)) { - setEventMessages($langs->transnoentitiesnoconv("ErrorFieldRequired", $langs->transnoentitiesnoconv("AccountancyCode")), null, 'errors'); - $action = 'edit'; // Force chargement page en mode creation - $error++; - } - if (empty($object->ref)) { - setEventMessages($langs->transnoentitiesnoconv("ErrorFieldRequired", $langs->transnoentitiesnoconv("Ref")), null, 'errors'); - $action = 'edit'; // Force chargement page en mode creation - $error++; - } - if (empty($object->label)) { - setEventMessages($langs->transnoentitiesnoconv("ErrorFieldRequired", $langs->transnoentitiesnoconv("LabelBankCashAccount")), null, 'errors'); - $action = 'edit'; // Force chargement page en mode creation - $error++; - } - - $db->begin(); - - if (!$error) { - // Fill array 'array_options' with data from add form - $ret = $extrafields->setOptionalsFromPost(null, $object); - } - - if (!$error) { - $result = $object->update($user); - if ($result >= 0) { - // Category association - $categories = GETPOST('categories', 'array'); - $object->setCategories($categories); - - $_GET["id"] = $_POST["id"]; // Force chargement page en mode visu - } else { - $error++; - setEventMessages($object->error, $object->errors, 'errors'); - $action = 'edit'; // Force chargement page edition - } - } - - if (!$error) { - $db->commit(); - } else { - $db->rollback(); - } -} - -if ($action == 'confirm_delete' && GETPOST("confirm") == "yes" && $user->rights->banque->configurer) { - // Delete - $object = new Account($db); - $object->fetch(GETPOST("id", "int")); - $result = $object->delete($user); - - if ($result > 0) { - setEventMessages($langs->trans("RecordDeleted"), null, 'mesgs'); - header("Location: ".DOL_URL_ROOT."/compta/bank/list.php"); - exit; - } else { - setEventMessages($object->error, $object->errors, 'errors'); +if (empty($reshook)) { + if ($cancel) { $action = ''; } -} + if ($action == 'add') { + $error = 0; + + $db->begin(); + + // Create account + $object = new Account($db); + + $object->ref = dol_string_nospecial(trim(GETPOST('ref', 'alpha'))); + $object->label = trim(GETPOST("label", 'alphanohtml')); + $object->courant = GETPOST("type"); + $object->clos = GETPOST("clos"); + $object->rappro = (GETPOST("norappro", 'alpha') ? 0 : 1); + $object->url = trim(GETPOST("url", 'alpha')); + + $object->bank = trim(GETPOST("bank")); + $object->code_banque = trim(GETPOST("code_banque")); + $object->code_guichet = trim(GETPOST("code_guichet")); + $object->number = trim(GETPOST("number")); + $object->cle_rib = trim(GETPOST("cle_rib")); + $object->bic = trim(GETPOST("bic")); + $object->iban = trim(GETPOST("iban")); + $object->domiciliation = trim(GETPOST("domiciliation", "nohtml")); + + $object->proprio = trim(GETPOST("proprio", 'alphanohtml')); + $object->owner_address = trim(GETPOST("owner_address", 'nohtml')); + + $object->ics = trim(GETPOST("ics", 'alpha')); + $object->ics_transfer = trim(GETPOST("ics_transfer", 'alpha')); + + $account_number = GETPOST('account_number', 'alphanohtml'); + if (empty($account_number) || $account_number == '-1') { + $object->account_number = ''; + } else { + $object->account_number = $account_number; + } + $fk_accountancy_journal = GETPOST('fk_accountancy_journal', 'int'); + if ($fk_accountancy_journal <= 0) { + $object->fk_accountancy_journal = ''; + } else { + $object->fk_accountancy_journal = $fk_accountancy_journal; + } + + $object->solde = price2num(GETPOST("solde")); + $object->date_solde = dol_mktime(12, 0, 0, GETPOST("remonth", 'int'), GETPOST('reday', 'int'), GETPOST("reyear", 'int')); + + $object->currency_code = trim(GETPOST("account_currency_code")); + + $object->state_id = GETPOST("account_state_id", 'int'); + $object->country_id = GETPOST("account_country_id", 'int'); + + $object->min_allowed = GETPOST("account_min_allowed", 'int'); + $object->min_desired = GETPOST("account_min_desired", 'int'); + $object->comment = trim(GETPOST("account_comment", 'restricthtml')); + + $object->fk_user_author = $user->id; + + if ($conf->global->MAIN_BANK_ACCOUNTANCY_CODE_ALWAYS_REQUIRED && empty($object->account_number)) { + setEventMessages($langs->transnoentitiesnoconv("ErrorFieldRequired", $langs->transnoentitiesnoconv("AccountancyCode")), null, 'errors'); + $action = 'create'; // Force chargement page en mode creation + $error++; + } + if (empty($object->ref)) { + setEventMessages($langs->transnoentitiesnoconv("ErrorFieldRequired", $langs->transnoentitiesnoconv("Ref")), null, 'errors'); + $action = 'create'; // Force chargement page en mode creation + $error++; + } + if (empty($object->label)) { + setEventMessages($langs->transnoentitiesnoconv("ErrorFieldRequired", $langs->transnoentitiesnoconv("LabelBankCashAccount")), null, 'errors'); + $action = 'create'; // Force chargement page en mode creation + $error++; + } + + // Fill array 'array_options' with data from add form + $ret = $extrafields->setOptionalsFromPost(null, $object); + + if (!$error) { + $id = $object->create($user); + if ($id > 0) { + // Category association + $categories = GETPOST('categories', 'array'); + $object->setCategories($categories); + + $_GET["id"] = $id; // Force chargement page en mode visu + + $action = ''; + } else { + $error++; + setEventMessages($object->error, $object->errors, 'errors'); + + $action = 'create'; // Force chargement page en mode creation + } + } + + if (!$error) { + $db->commit(); + } else { + $db->rollback(); + } + } + + if ($action == 'update') { + $error = 0; + + // Update account + $object = new Account($db); + $object->fetch(GETPOST("id", 'int')); + + $object->ref = dol_string_nospecial(trim(GETPOST('ref', 'alpha'))); + $object->label = trim(GETPOST("label", 'alphanohtml')); + $object->courant = GETPOST("type"); + $object->clos = GETPOST("clos"); + $object->rappro = (GETPOST("norappro", 'alpha') ? 0 : 1); + $object->url = trim(GETPOST("url", 'alpha')); + + $object->bank = trim(GETPOST("bank")); + $object->code_banque = trim(GETPOST("code_banque")); + $object->code_guichet = trim(GETPOST("code_guichet")); + $object->number = trim(GETPOST("number")); + $object->cle_rib = trim(GETPOST("cle_rib")); + $object->bic = trim(GETPOST("bic")); + $object->iban = trim(GETPOST("iban")); + $object->domiciliation = trim(GETPOST("domiciliation", "nohtml")); + + $object->proprio = trim(GETPOST("proprio", 'alphanohtml')); + $object->owner_address = trim(GETPOST("owner_address", 'nohtml')); + + $object->ics = trim(GETPOST("ics", 'alpha')); + $object->ics_transfer = trim(GETPOST("ics_transfer", 'alpha')); + + $account_number = GETPOST('account_number', 'alpha'); + if (empty($account_number) || $account_number == '-1') { + $object->account_number = ''; + } else { + $object->account_number = $account_number; + } + $fk_accountancy_journal = GETPOST('fk_accountancy_journal', 'int'); + if ($fk_accountancy_journal <= 0) { + $object->fk_accountancy_journal = ''; + } else { + $object->fk_accountancy_journal = $fk_accountancy_journal; + } + + $object->currency_code = trim(GETPOST("account_currency_code")); + + $object->state_id = GETPOST("account_state_id", 'int'); + $object->country_id = GETPOST("account_country_id", 'int'); + + $object->min_allowed = GETPOST("account_min_allowed", 'int'); + $object->min_desired = GETPOST("account_min_desired", 'int'); + $object->comment = trim(GETPOST("account_comment", 'restricthtml')); + + if ($conf->global->MAIN_BANK_ACCOUNTANCY_CODE_ALWAYS_REQUIRED && empty($object->account_number)) { + setEventMessages($langs->transnoentitiesnoconv("ErrorFieldRequired", $langs->transnoentitiesnoconv("AccountancyCode")), null, 'errors'); + $action = 'edit'; // Force chargement page en mode creation + $error++; + } + if (empty($object->ref)) { + setEventMessages($langs->transnoentitiesnoconv("ErrorFieldRequired", $langs->transnoentitiesnoconv("Ref")), null, 'errors'); + $action = 'edit'; // Force chargement page en mode creation + $error++; + } + if (empty($object->label)) { + setEventMessages($langs->transnoentitiesnoconv("ErrorFieldRequired", $langs->transnoentitiesnoconv("LabelBankCashAccount")), null, 'errors'); + $action = 'edit'; // Force chargement page en mode creation + $error++; + } + + $db->begin(); + + if (!$error) { + // Fill array 'array_options' with data from add form + $ret = $extrafields->setOptionalsFromPost(null, $object); + } + + if (!$error) { + $result = $object->update($user); + if ($result >= 0) { + // Category association + $categories = GETPOST('categories', 'array'); + $object->setCategories($categories); + + $_GET["id"] = $_POST["id"]; // Force chargement page en mode visu + } else { + $error++; + setEventMessages($object->error, $object->errors, 'errors'); + $action = 'edit'; // Force chargement page edition + } + } + + if (!$error) { + $db->commit(); + } else { + $db->rollback(); + } + } + + if ($action == 'confirm_delete' && GETPOST("confirm") == "yes" && $user->rights->banque->configurer) { + // Delete + $object = new Account($db); + $object->fetch(GETPOST("id", "int")); + $result = $object->delete($user); + + if ($result > 0) { + setEventMessages($langs->trans("RecordDeleted"), null, 'mesgs'); + header("Location: " . DOL_URL_ROOT . "/compta/bank/list.php"); + exit; + } else { + setEventMessages($object->error, $object->errors, 'errors'); + $action = ''; + } + } +} /* * View diff --git a/htdocs/compta/bank/class/account.class.php b/htdocs/compta/bank/class/account.class.php index 8c29a9ffc36..46d1bb93684 100644 --- a/htdocs/compta/bank/class/account.class.php +++ b/htdocs/compta/bank/class/account.class.php @@ -177,6 +177,10 @@ class Account extends CommonObject * @var int ID */ public $fk_accountancy_journal; + /** + * @var string Label of journal + */ + public $accountancy_journal; /** * Currency code @@ -281,6 +285,7 @@ class Account extends CommonObject 'rappro' =>array('type'=>'smallint(6)', 'label'=>'Rappro', 'enabled'=>1, 'visible'=>-1, 'position'=>120), 'url' =>array('type'=>'varchar(128)', 'label'=>'Url', 'enabled'=>1, 'visible'=>-1, 'position'=>125), 'account_number' =>array('type'=>'varchar(32)', 'label'=>'Account number', 'enabled'=>1, 'visible'=>-1, 'position'=>130), + 'fk_accountancy_journal' =>array('type'=>'integer', 'label'=>'Accountancy journal ID', 'enabled'=>1, 'visible'=>-1, 'position'=>132), 'accountancy_journal' =>array('type'=>'varchar(20)', 'label'=>'Accountancy journal', 'enabled'=>1, 'visible'=>-1, 'position'=>135), 'currency_code' =>array('type'=>'varchar(3)', 'label'=>'Currency code', 'enabled'=>1, 'visible'=>-1, 'notnull'=>1, 'position'=>140), 'min_allowed' =>array('type'=>'integer', 'label'=>'Min allowed', 'enabled'=>1, 'visible'=>-1, 'position'=>145), @@ -294,7 +299,6 @@ class Account extends CommonObject 'model_pdf' =>array('type'=>'varchar(255)', 'label'=>'Model pdf', 'enabled'=>1, 'visible'=>0, 'position'=>175), 'import_key' =>array('type'=>'varchar(14)', 'label'=>'ImportId', 'enabled'=>1, 'visible'=>-2, 'position'=>180), 'extraparams' =>array('type'=>'varchar(255)', 'label'=>'Extraparams', 'enabled'=>1, 'visible'=>-1, 'position'=>185), - 'fk_accountancy_journal' =>array('type'=>'integer', 'label'=>'Fk accountancy journal', 'enabled'=>1, 'visible'=>-1, 'position'=>190), ); // END MODULEBUILDER PROPERTIES @@ -311,9 +315,11 @@ class Account extends CommonObject */ const TYPE_SAVINGS = 0; + const STATUS_OPEN = 0; const STATUS_CLOSED = 1; + /** * Constructor * @@ -699,8 +705,8 @@ class Account extends CommonObject $sql .= ", ".price2num($this->min_allowed); $sql .= ", ".price2num($this->min_desired); $sql .= ", '".$this->db->escape($this->comment)."'"; - $sql .= ", ".($this->state_id > 0 ? $this->state_id : "null"); - $sql .= ", ".($this->country_id > 0 ? $this->country_id : "null"); + $sql .= ", ".($this->state_id > 0 ? ((int) $this->state_id) : "null"); + $sql .= ", ".($this->country_id > 0 ? ((int) $this->country_id) : "null"); $sql .= ", '".$this->db->escape($this->ics)."'"; $sql .= ", '".$this->db->escape($this->ics_transfer)."'"; $sql .= ")"; @@ -1064,7 +1070,7 @@ class Account extends CommonObject if (!$error) { $sql = "DELETE FROM ".MAIN_DB_PREFIX."bank_account"; - $sql .= " WHERE rowid = ".$this->rowid; + $sql .= " WHERE rowid = ".((int) $this->rowid); dol_syslog(get_class($this)."::delete", LOG_DEBUG); $result = $this->db->query($sql); @@ -2084,7 +2090,7 @@ class AccountLine extends CommonObject $sql .= " amount = ".price2num($this->amount).","; $sql .= " datev='".$this->db->idate($this->datev)."',"; $sql .= " dateo='".$this->db->idate($this->dateo)."'"; - $sql .= " WHERE rowid = ".$this->rowid; + $sql .= " WHERE rowid = ".((int) $this->rowid); dol_syslog(get_class($this)."::update", LOG_DEBUG); $resql = $this->db->query($sql); diff --git a/htdocs/compta/bank/class/api_bankaccounts.class.php b/htdocs/compta/bank/class/api_bankaccounts.class.php index 10357155295..fd7ed1838f2 100644 --- a/htdocs/compta/bank/class/api_bankaccounts.class.php +++ b/htdocs/compta/bank/class/api_bankaccounts.class.php @@ -77,7 +77,7 @@ class BankAccounts extends DolibarrApi $sql .= ' WHERE t.entity IN ('.getEntity('bank_account').')'; // Select accounts of given category if ($category > 0) { - $sql .= " AND c.fk_categorie = ".$this->db->escape($category)." AND c.fk_account = t.rowid "; + $sql .= " AND c.fk_categorie = ".((int) $category)." AND c.fk_account = t.rowid"; } // Add sql filters if ($sqlfilters) { diff --git a/htdocs/compta/bank/document.php b/htdocs/compta/bank/document.php index f97dbca114b..ec46002b031 100644 --- a/htdocs/compta/bank/document.php +++ b/htdocs/compta/bank/document.php @@ -136,7 +136,7 @@ if ($id > 0 || !empty($ref)) { $modulepart = 'bank'; - $permission = $user->rights->banque->modifier; + $permissiontoadd = $user->rights->banque->modifier; $permtoedit = $user->rights->banque->modifier; $param = '&id='.$object->id; include DOL_DOCUMENT_ROOT.'/core/tpl/document_actions_post_headers.tpl.php'; diff --git a/htdocs/compta/bank/line.php b/htdocs/compta/bank/line.php index c84f52ffee1..2c33085aa6d 100644 --- a/htdocs/compta/bank/line.php +++ b/htdocs/compta/bank/line.php @@ -173,7 +173,7 @@ if ($user->rights->banque->modifier && $action == "update") { $sql .= " datev = '".$db->idate($dateval)."',"; } } - $sql .= " fk_account = ".$actarget->id; + $sql .= " fk_account = ".((int) $actarget->id); $sql .= " WHERE rowid = ".((int) $acline->id); $result = $db->query($sql); diff --git a/htdocs/compta/bank/releve.php b/htdocs/compta/bank/releve.php index f45d2a64af4..167c809a8b1 100644 --- a/htdocs/compta/bank/releve.php +++ b/htdocs/compta/bank/releve.php @@ -606,7 +606,7 @@ if (empty($numref)) { $sql .= ", ".MAIN_DB_PREFIX."bank_class as cl"; $sql .= " WHERE ct.rowid = cl.fk_categ"; $sql .= " AND ct.entity = ".$conf->entity; - $sql .= " AND cl.lineid = ".$objp->rowid; + $sql .= " AND cl.lineid = ".((int) $objp->rowid); $resc = $db->query($sql); if ($resc) { diff --git a/htdocs/compta/bank/various_payment/document.php b/htdocs/compta/bank/various_payment/document.php index ce793f7e6ee..1b5fd5fd383 100644 --- a/htdocs/compta/bank/various_payment/document.php +++ b/htdocs/compta/bank/various_payment/document.php @@ -150,7 +150,7 @@ if ($object->id) { print dol_get_fiche_end(); $modulepart = 'banque'; - $permission = $user->rights->banque->modifier; + $permissiontoadd = $user->rights->banque->modifier; $param = '&id='.$object->id; include DOL_DOCUMENT_ROOT.'/core/tpl/document_actions_post_headers.tpl.php'; } else { diff --git a/htdocs/compta/bank/various_payment/list.php b/htdocs/compta/bank/various_payment/list.php index f78e004f571..dda68a096a1 100644 --- a/htdocs/compta/bank/various_payment/list.php +++ b/htdocs/compta/bank/various_payment/list.php @@ -250,19 +250,19 @@ if ($search_amount_cred) { $sql .= natural_search("v.amount", $search_amount_cred, 1); } if ($search_bank_account > 0) { - $sql .= " AND b.fk_account=".$db->escape($search_bank_account); + $sql .= " AND b.fk_account = ".((int) $search_bank_account); } if ($search_bank_entry > 0) { - $sql .= " AND b.fk_account=".$db->escape($search_bank_account); + $sql .= " AND b.fk_account = ".((int) $search_bank_account); } if ($search_accountancy_account > 0) { - $sql .= " AND v.accountancy_code=".$db->escape($search_accountancy_account); + $sql .= " AND v.accountancy_code = ".((int) $search_accountancy_account); } if ($search_accountancy_subledger > 0) { - $sql .= " AND v.subledger_account=".$db->escape($search_accountancy_subledger); + $sql .= " AND v.subledger_account = ".((int) $search_accountancy_subledger); } if ($typeid > 0) { - $sql .= " AND v.fk_typepayment=".$typeid; + $sql .= " AND v.fk_typepayment=".((int) $typeid); } if ($search_all) { $sql .= natural_search(array_keys($fieldstosearchall), $search_all); diff --git a/htdocs/compta/cashcontrol/cashcontrol_list.php b/htdocs/compta/cashcontrol/cashcontrol_list.php index 34264649ead..876fd6703d3 100644 --- a/htdocs/compta/cashcontrol/cashcontrol_list.php +++ b/htdocs/compta/cashcontrol/cashcontrol_list.php @@ -115,7 +115,7 @@ foreach ($object->fields as $key => $val) { // List of fields to search into when doing a "search in all" $fieldstosearchall = array(); foreach ($object->fields as $key => $val) { - if ($val['searchall']) { + if (!empty($val['searchall'])) { $fieldstosearchall['t.'.$key] = $val['label']; } } @@ -582,6 +582,12 @@ while ($i < ($limit ? min($num, $limit) : $num)) { if (!$i) { $totalarray['pos'][$totalarray['nbfield']] = 't.'.$key; } + if (!isset($totalarray['val'])) { + $totalarray['val'] = array(); + } + if (!isset($totalarray['val']['t.'.$key])) { + $totalarray['val']['t.'.$key] = 0; + } $totalarray['val']['t.'.$key] += $object->$key; } } diff --git a/htdocs/compta/cashcontrol/class/cashcontrol.class.php b/htdocs/compta/cashcontrol/class/cashcontrol.class.php index a59816eebd7..59580cb7c46 100644 --- a/htdocs/compta/cashcontrol/class/cashcontrol.class.php +++ b/htdocs/compta/cashcontrol/class/cashcontrol.class.php @@ -93,10 +93,12 @@ class CashControl extends CommonObject 'year_close' =>array('type'=>'integer', 'label'=>'Year close', 'enabled'=>1, 'visible'=>1, 'notnull'=>1, 'position'=>50, 'css'=>'center'), 'month_close' =>array('type'=>'integer', 'label'=>'Month close', 'enabled'=>1, 'visible'=>1, 'position'=>55, 'css'=>'center'), 'day_close' =>array('type'=>'integer', 'label'=>'Day close', 'enabled'=>1, 'visible'=>1, 'position'=>60, 'css'=>'center'), - 'date_valid' =>array('type'=>'datetime', 'label'=>'DateValidation', 'enabled'=>1, 'visible'=>-1, 'notnull'=>1, 'position'=>490), 'date_creation' =>array('type'=>'datetime', 'label'=>'DateCreation', 'enabled'=>1, 'visible'=>-1, 'notnull'=>1, 'position'=>500), + 'date_valid' =>array('type'=>'datetime', 'label'=>'DateValidation', 'enabled'=>1, 'visible'=>-1, 'notnull'=>1, 'position'=>502), 'tms' =>array('type'=>'timestamp', 'label'=>'Tms', 'enabled'=>1, 'visible'=>0, 'notnull'=>1, 'position'=>505), - 'import_key' =>array('type'=>'varchar(14)', 'label'=>'Import key', 'enabled'=>1, 'visible'=>0, 'position'=>510), + 'fk_user_creat' =>array('type'=>'integer:User', 'label'=>'userCreation', 'enabled'=>1, 'visible'=>-1, 'notnull'=>1, 'position'=>600), + 'fk_user_valid' =>array('type'=>'integer:User', 'label'=>'UserValidation', 'enabled'=>1, 'visible'=>-1, 'notnull'=>1, 'position'=>602), + 'import_key' =>array('type'=>'varchar(14)', 'label'=>'Import key', 'enabled'=>1, 'visible'=>0, 'position'=>700), 'status' => array('type'=>'integer', 'label'=>'Status', 'enabled'=>1, 'visible'=>1, 'position'=>1000, 'notnull'=>1, 'index'=>1, 'arrayofkeyval'=>array('0'=>'Brouillon', '1'=>'Validated')), ); @@ -115,21 +117,24 @@ class CashControl extends CommonObject public $cheque; public $card; - /** - * @var integer|string $date_valid - */ - public $date_valid; - /** * @var integer|string date_creation */ public $date_creation; + public $fk_user_creat; /** * @var integer|string $date_modification */ public $date_modification; + /** + * @var integer|string $date_valid + */ + public $date_valid; + public $fk_user_valid; + + const STATUS_DRAFT = 0; const STATUS_VALIDATED = 1; const STATUS_CLOSED = 1; // For the moment CLOSED = VALIDATED diff --git a/htdocs/compta/cashcontrol/report.php b/htdocs/compta/cashcontrol/report.php index 653161ca3bc..de597a608dc 100644 --- a/htdocs/compta/cashcontrol/report.php +++ b/htdocs/compta/cashcontrol/report.php @@ -26,7 +26,7 @@ /** * \file htdocs/compta/cashcontrol/report.php * \ingroup cashdesk|takepos - * \brief List of bank transactions + * \brief List of sales from POS */ if (!defined('NOREQUIREMENU')) { @@ -36,6 +36,8 @@ if (!defined('NOBROWSERNOTIF')) { define('NOBROWSERNOTIF', '1'); // Disable browser notification } +$_GET['optioncss'] = "print"; + require '../../main.inc.php'; require_once DOL_DOCUMENT_ROOT.'/compta/cashcontrol/class/cashcontrol.class.php'; require_once DOL_DOCUMENT_ROOT.'/compta/bank/class/account.class.php'; @@ -48,10 +50,8 @@ $langs->loadLangs(array("bills", "banks")); $id = GETPOST('id', 'int'); -$_GET['optioncss'] = "print"; - -$cashcontrol = new CashControl($db); -$cashcontrol->fetch($id); +$object = new CashControl($db); +$object->fetch($id); //$limit = GETPOST('limit')?GETPOST('limit', 'int'):$conf->liste_limit; $sortorder = 'ASC'; @@ -67,19 +67,19 @@ $arrayfields = array( 'b.credit'=>array('label'=>$langs->trans("Credit"), 'checked'=>1, 'position'=>605), ); -$syear = $cashcontrol->year_close; -$smonth = $cashcontrol->month_close; -$sday = $cashcontrol->day_close; +$syear = $object->year_close; +$smonth = $object->month_close; +$sday = $object->day_close; -$posmodule = $cashcontrol->posmodule; -$terminalid = $cashcontrol->posnumber; +$posmodule = $object->posmodule; +$terminalid = $object->posnumber; // Security check if ($user->socid > 0) { // Protection if external user //$socid = $user->socid; accessforbidden(); } -if (!$user->rights->cashdesk->run && !$user->rights->takepos->run) { +if (empty($user->rights->cashdesk->run) && empty($user->rights->takepos->run)) { accessforbidden(); } @@ -106,8 +106,8 @@ $sql.= " LEFT JOIN ".MAIN_DB_PREFIX."bank_url as bu ON bu.fk_bank = b.rowid AND $sql.= " LEFT JOIN ".MAIN_DB_PREFIX."facture as f ON bu.url_id = f.rowid"; $sql.= " WHERE b.fk_account = ba.rowid"; // Define filter on invoice -$sql.= " AND f.module_source = '".$db->escape($cashcontrol->posmodule)."'"; -$sql.= " AND f.pos_source = '".$db->escape($cashcontrol->posnumber)."'"; +$sql.= " AND f.module_source = '".$db->escape($object->posmodule)."'"; +$sql.= " AND f.pos_source = '".$db->escape($object->posnumber)."'"; $sql.= " AND f.entity IN (".getEntity('facture').")"; // Define filter on data if ($syear && ! $smonth) $sql.= " AND dateo BETWEEN '".$db->idate(dol_get_first_day($syear, 1))."' AND '".$db->idate(dol_get_last_day($syear, 12))."'"; @@ -151,19 +151,33 @@ if ($resql) { $i = 0; print "\n"; - print "

"; - if ($cashcontrol->status != $cashcontrol::STATUS_DRAFT) { - print $langs->trans("CashControl")." ".$cashcontrol->id; + print '
'; + print '

'; + if ($object->status != $object::STATUS_DRAFT) { + print $langs->trans("CashControl")." ".$object->id; } else { print $langs->trans("CashControl")." - ".$langs->trans("Draft"); } - print "
".$langs->trans("DateCreationShort").": ".dol_print_date($cashcontrol->date_creation, 'dayhour'); - print "

"; + print "

"; + print $mysoc->name; + print '
'.$langs->trans("DateCreationShort").": ".dol_print_date($object->date_creation, 'dayhour'); + $userauthor = $object->fk_user_valid; + if (empty($userauthor)) { + $userauthor = $object->fk_user_creat; + } + + $uservalid = new User($db); + if ($userauthor > 0) { + $uservalid->fetch($userauthor); + print '
'.$langs->trans("Author").': '.$uservalid->getFullName($langs); + } + print '
'.$langs->trans("Period").': '.$object->year_close.($object->month_close ? '-'.$object->month_close : '').($object->day_close ? '-'.$object->day_close : ''); + print '
'; $invoicetmp = new Facture($db); print "

"; - print $langs->trans("InitialBankBalance").' - '.$langs->trans("Cash")." : ".price($cashcontrol->opening); + print $langs->trans("InitialBankBalance").' - '.$langs->trans("Cash").' : '.price($object->opening).''; print "

"; print '
'; @@ -182,15 +196,20 @@ if ($resql) { print "\n"; // Loop on each record - $sign = 1; $cash = $bank = $cheque = $other = 0; - $totalarray = array(); + $totalqty = 0; + $totalvat = 0; $cachebankaccount = array(); + $cacheinvoiceid = array(); + $transactionspertype = array(); $amountpertype = array(); + + $totalarray = array(); while ($i < $num) { $objp = $db->fetch_object($resql); + // Load bankaccount if (empty($cachebankaccount[$objp->bankid])) { $bankaccounttmp = new Account($db); $bankaccounttmp->fetch($objp->bankid); @@ -202,14 +221,13 @@ if ($resql) { $invoicetmp->fetch($objp->facid); - /*if ($first == "yes") - { - print ''; - print ''.$langs->trans("InitialBankBalance").' - '.$langs->trans("Cash").''; - print ''.price($cashcontrol->opening).''; - print ''; - $first = "no"; - }*/ + if (empty($cacheinvoiceid[$objp->facid])) { + $cacheinvoiceid[$objp->facid] = $objp->facid; // First time this invoice is found into list of invoice x payments + foreach ($invoicetmp->lines as $line) { + $totalqty += $line->qty; + $totalvat += $line->total_tva; + } + } print ''; @@ -229,25 +247,42 @@ if ($resql) { $totalarray['nbfield']++; } - // Bank account - print ''; - print $bankaccount->getNomUrl(1); - if ($cashcontrol->posmodule == "takepos") { - $var1 = 'CASHDESK_ID_BANKACCOUNT_CASH'.$cashcontrol->posnumber; + if ($object->posmodule == "takepos") { + $var1 = 'CASHDESK_ID_BANKACCOUNT_CASH'.$object->posnumber; } else { $var1 = 'CASHDESK_ID_BANKACCOUNT_CASH'; } + + // Bank account + print ''; + print $bankaccount->getNomUrl(1); if ($objp->code == 'CHQ') { $cheque += $objp->amount; + if (empty($transactionspertype[$objp->code])) { + $transactionspertype[$objp->code] = 0; + } + $transactionspertype[$objp->code] += 1; } elseif ($objp->code == 'CB') { $bank += $objp->amount; + if (empty($transactionspertype[$objp->code])) { + $transactionspertype[$objp->code] = 0; + } + $transactionspertype[$objp->code] += 1; } else { if ($conf->global->$var1 == $bankaccount->id) { $cash += $objp->amount; // } elseif ($conf->global->$var2 == $bankaccount->id) $bank+=$objp->amount; //elseif ($conf->global->$var3 == $bankaccount->id) $cheque+=$objp->amount; + if (empty($transactionspertype['CASH'])) { + $transactionspertype['CASH'] = 0; + } + $transactionspertype['CASH'] += 1; } else { $other += $objp->amount; + if (empty($transactionspertype['OTHER'])) { + $transactionspertype['OTHER'] = 0; + } + $transactionspertype['OTHER'] += 1; } } print "\n"; @@ -305,48 +340,46 @@ if ($resql) { include DOL_DOCUMENT_ROOT.'/core/tpl/list_print_total.tpl.php'; print ""; + print "
"; - //$cash = $amountpertype['LIQ'] + $cashcontrol->opening; - $cash = price2num($cash + $cashcontrol->opening, 'MT'); + //$cash = $amountpertype['LIQ'] + $object->opening; + $cash = price2num($cash + $object->opening, 'MT'); - print '

'; - print $langs->trans("Cash").": ".price($cash); - if ($cashcontrol->status == $cashcontrol::STATUS_VALIDATED && $cash != $cashcontrol->cash) { - print ' <> '.$langs->trans("Declared").': '.price($cashcontrol->cash).''; + print '
'; + print '

'; + + print $langs->trans("Cash").' '.($transactionspertype['CASH']?'('.$transactionspertype['CASH'].')':'').': '.price($cash).''; + if ($object->status == $object::STATUS_VALIDATED && $cash != $object->cash) { + print ' <> '.$langs->trans("Declared").': '.price($object->cash).''; } - print "

"; + print "
"; //print '
'; - print $langs->trans("PaymentTypeCHQ").": ".price($cheque); - if ($cashcontrol->status == $cashcontrol::STATUS_VALIDATED && $cheque != $cashcontrol->cheque) { - print ' <> '.$langs->trans("Declared").': '.price($cashcontrol->cheque).''; + print $langs->trans("PaymentTypeCHQ").' '.($transactionspertype['CHQ']?'('.$transactionspertype['CHQ'].')':'').': '.price($cheque).''; + if ($object->status == $object::STATUS_VALIDATED && $cheque != $object->cheque) { + print ' <> '.$langs->trans("Declared").': '.price($object->cheque).''; } - print "

"; + print "
"; //print '
'; - print $langs->trans("PaymentTypeCB").": ".price($bank); - if ($cashcontrol->status == $cashcontrol::STATUS_VALIDATED && $bank != $cashcontrol->card) { - print ' <> '.$langs->trans("Declared").': '.price($cashcontrol->card).''; + print $langs->trans("PaymentTypeCB").' '.($transactionspertype['CB']?'('.$transactionspertype['CB'].')':'').': '.price($bank).''; + if ($object->status == $object::STATUS_VALIDATED && $bank != $object->card) { + print ' <> '.$langs->trans("Declared").': '.price($object->card).''; } - print "

"; + print "
"; // print '
'; if ($other) { - print '
'.$langs->trans("Other").": ".price($other)."

"; + print ''.$langs->trans("Other").' '.($transactionspertype['OTHER']?'('.$transactionspertype['OTHER'].')':'').': '.price($other).""; + print '
'; } - print "

"; - //save totals to DB - /* - $sql = "UPDATE ".MAIN_DB_PREFIX."pos_cash_fence "; - $sql .= "SET"; - $sql .= " cash='".$db->escape($cash)."'"; - $sql .= ", card='".$db->escape($bank)."'"; - $sql .= " where rowid = ".((int) $id); - $db->query($sql); - */ + print $langs->trans("Total").' ('.$totalqty.' '.$langs->trans("Articles").') : '.price($cash + $cheque + $bank + $other).''; + print '
'.$langs->trans("TotalVAT").' : '.price($totalvat).''; + // TODO Add total localtaxes. - print "

"; + print ''; + print '
'; print ''; diff --git a/htdocs/compta/charges/index.php b/htdocs/compta/charges/index.php index f171546f6c1..be7c88c0a1a 100644 --- a/htdocs/compta/charges/index.php +++ b/htdocs/compta/charges/index.php @@ -227,9 +227,10 @@ if (!empty($conf->tax->enabled) && $user->rights->tax->charges->lire) { $accountstatic->id = $obj->bid; $accountstatic->ref = $obj->bref; $accountstatic->number = $obj->bnumber; - $accountstatic->accountancy_number = $obj->account_number; - $accountstatic->accountancy_journal = $obj->accountancy_journal; + $accountstatic->account_number = $obj->account_number; + $accountstatic->fk_accountancy_journal = $obj->fk_accountancy_journal; $accountstatic->label = $obj->blabel; + print $accountstatic->getNomUrl(1); } else { print ' '; @@ -348,9 +349,10 @@ if (!empty($conf->tax->enabled) && $user->rights->tax->charges->lire) { $accountstatic->id = $obj->bid; $accountstatic->ref = $obj->bref; $accountstatic->number = $obj->bnumber; - $accountstatic->accountancy_number = $obj->account_number; - $accountstatic->accountancy_journal = $obj->accountancy_journal; + $accountstatic->account_number = $obj->account_number; + $accountstatic->fk_accountancy_journal = $obj->fk_accountancy_journal; $accountstatic->label = $obj->blabel; + print $accountstatic->getNomUrl(1); } else { print ' '; diff --git a/htdocs/compta/clients.php b/htdocs/compta/clients.php index 60924dae644..b0a4716b7e1 100644 --- a/htdocs/compta/clients.php +++ b/htdocs/compta/clients.php @@ -71,7 +71,7 @@ llxHeader(); $thirdpartystatic = new Societe($db); if ($action == 'note') { - $sql = "UPDATE ".MAIN_DB_PREFIX."societe SET note='".$db->escape($note)."' WHERE rowid=".$socid; + $sql = "UPDATE ".MAIN_DB_PREFIX."societe SET note='".$db->escape($note)."' WHERE rowid=".((int) $socid); $result = $db->query($sql); } @@ -107,29 +107,21 @@ if (!$user->rights->societe->client->voir && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".$user->id; } if (dol_strlen($stcomm)) { - $sql .= " AND s.fk_stcomm=".$stcomm; + $sql .= " AND s.fk_stcomm=".((int) $stcomm); } -if ($socname) { - $sql .= natural_search("s.nom", $socname); - $sortfield = "s.nom"; - $sortorder = "ASC"; -} -if ($_GET["search_nom"]) { +if (GETPOST("search_nom")) { $sql .= natural_search("s.nom", GETPOST("search_nom")); } -if ($_GET["search_compta"]) { +if (GETPOST("search_compta")) { $sql .= natural_search("s.code_compta", GETPOST("search_compta")); } -if ($_GET["search_code_client"]) { +if (GETPOST("search_code_client")) { $sql .= natural_search("s.code_client", GETPOST("search_code_client")); } -if (dol_strlen($begin)) { - $sql .= natural_search("s.nom", $begin); -} if ($socid) { $sql .= " AND s.rowid = ".((int) $socid); } -$sql .= " ORDER BY $sortfield $sortorder "; +$sql .= " ORDER BY $sortfield $sortorder"; $sql .= $db->plimit($conf->liste_limit + 1, $offset); //print $sql; diff --git a/htdocs/compta/deplacement/document.php b/htdocs/compta/deplacement/document.php index bd4437715d8..cdb4b5f0f0f 100644 --- a/htdocs/compta/deplacement/document.php +++ b/htdocs/compta/deplacement/document.php @@ -126,7 +126,7 @@ if ($object->id) { print '
'; $modulepart = 'deplacement'; - $permission = $user->rights->deplacement->creer; + $permissiontoadd = $user->rights->deplacement->creer; $param = '&id='.$object->id; include DOL_DOCUMENT_ROOT.'/core/tpl/document_actions_post_headers.tpl.php'; } else { diff --git a/htdocs/compta/deplacement/stats/index.php b/htdocs/compta/deplacement/stats/index.php index 673cd7c1972..edc590119ef 100644 --- a/htdocs/compta/deplacement/stats/index.php +++ b/htdocs/compta/deplacement/stats/index.php @@ -63,8 +63,7 @@ if ($userid > 0) { $nowyear = strftime("%Y", dol_now()); $year = GETPOST('year') > 0 ?GETPOST('year') : $nowyear; -//$startyear=$year-2; -$startyear = $year - 1; +$startyear = $year - (empty($conf->global->MAIN_STATS_GRAPHS_SHOW_N_YEARS) ? 2 : max(1, min(10, $conf->global->MAIN_STATS_GRAPHS_SHOW_N_YEARS))); $endyear = $year; $mode = GETPOST("mode") ?GETPOST("mode") : 'customer'; @@ -243,7 +242,8 @@ print ''.$langs->tra // Company print ''.$langs->trans("ThirdParty").''; $filter = ''; -print $form->select_company($socid, 'socid', $filter, 1, 1, 0, array(), 0, '', 'style="width: 95%"'); +print img_picto('', 'company', 'class="pictofixedwidth"'); +print $form->select_company($socid, 'socid', $filter, 1, 1, 0, array(), 0, 'widthcentpercentminusx maxwidth300', ''); print ''; // User print ''.$langs->trans("User").''; @@ -251,7 +251,8 @@ $include = ''; if (empty($user->rights->deplacement->readall) && empty($user->rights->deplacement->lire_tous)) { $include = 'hierarchy'; } -print $form->select_dolusers($userid, 'userid', 1, '', 0, $include, '', 0, 0, 0, '', 0, '', 'maxwidth300'); +print img_picto('', 'user', 'class="pictofixedwidth"'); +print $form->select_dolusers($userid, 'userid', 1, '', 0, $include, '', 0, 0, 0, '', 0, '', 'widthcentpercentminusx maxwidth300'); print ''; // Year print ''.$langs->trans("Year").''; @@ -261,7 +262,7 @@ if (!in_array($year, $arrayyears)) { arsort($arrayyears); print $form->selectarray('year', $arrayyears, $year, 0); print ''; -print ''; +print ''; print ''; print ''; print '

'; diff --git a/htdocs/compta/facture/card.php b/htdocs/compta/facture/card.php index a088d94a01c..5eaed91db56 100644 --- a/htdocs/compta/facture/card.php +++ b/htdocs/compta/facture/card.php @@ -2232,6 +2232,14 @@ if (empty($reshook)) { $mesg = $langs->trans("CantBeLessThanMinPrice", price(price2num($price_min, 'MU'), 0, $langs, 0, 0, - 1, $conf->currency)); setEventMessages($mesg, null, 'errors'); } else { + // Add batchinfo if the detail_batch array is defined + if (!empty($conf->productbatch->enabled) && !empty($lines[$i]->detail_batch) && is_array($lines[$i]->detail_batch) && !empty($conf->global->INVOICE_INCUDE_DETAILS_OF_LOTS_SERIALS)) { + $langs->load('productbatch'); + foreach ($lines[$i]->detail_batch as $batchline) { + $desc .= ' '.$langs->trans('Batch').' '.$batchline->batch.' '.$langs->trans('printQty', $batchline->qty).' '; + } + } + // Insert line $result = $object->addline($desc, $pu_ht, $qty, $tva_tx, $localtax1_tx, $localtax2_tx, $idprod, $remise_percent, $date_start, $date_end, 0, $info_bits, '', $price_base_type, $pu_ttc, $type, - 1, $special_code, '', 0, GETPOST('fk_parent_line'), $fournprice, $buyingprice, $label, $array_options, $_POST['progress'], '', $fk_unit, $pu_ht_devise); @@ -3275,7 +3283,7 @@ if ($action == 'create') { // Type de facture $facids = $facturestatic->list_replacable_invoices($soc->id); if ($facids < 0) { - dol_print_error($db, $facturestatic); + dol_print_error($db, $facturestatic->error, $facturestatic->errors); exit(); } $options = ""; @@ -3358,7 +3366,7 @@ if ($action == 'create') { // Show link for credit note $facids = $facturestatic->list_qualified_avoir_invoices($soc->id); if ($facids < 0) { - dol_print_error($db, $facturestatic); + dol_print_error($db, $facturestatic->error, $facturestatic->errors); exit; } $optionsav = ""; @@ -3800,7 +3808,7 @@ if ($action == 'create') { $result = $object->fetch($id, $ref); if ($result <= 0) { - dol_print_error($db, $object->error); + dol_print_error($db, $object->error, $object->errors); exit(); } diff --git a/htdocs/compta/facture/class/api_invoices.class.php b/htdocs/compta/facture/class/api_invoices.class.php index 84b4df207a5..3dfa5f70603 100644 --- a/htdocs/compta/facture/class/api_invoices.class.php +++ b/htdocs/compta/facture/class/api_invoices.class.php @@ -217,7 +217,7 @@ class Invoices extends DolibarrApi } // Insert sale filter if ($search_sale > 0) { - $sql .= " AND sc.fk_user = ".$search_sale; + $sql .= " AND sc.fk_user = ".((int) $search_sale); } // Add sql filters if ($sqlfilters) { diff --git a/htdocs/compta/facture/class/facture-rec.class.php b/htdocs/compta/facture/class/facture-rec.class.php index 286b5a1ccea..7d2ffe9e022 100644 --- a/htdocs/compta/facture/class/facture-rec.class.php +++ b/htdocs/compta/facture/class/facture-rec.class.php @@ -470,9 +470,9 @@ class FactureRec extends CommonInvoice $error = 0; $sql = "UPDATE ".MAIN_DB_PREFIX."facture_rec SET"; - $sql .= " fk_soc = ".$this->fk_soc; + $sql .= " fk_soc = ".((int) $this->fk_soc); // TODO Add missing fields - $sql .= " WHERE rowid = ".$this->id; + $sql .= " WHERE rowid = ".((int) $this->id); dol_syslog(get_class($this)."::update", LOG_DEBUG); $resql = $this->db->query($sql); @@ -1136,12 +1136,12 @@ class FactureRec extends CommonInvoice $sql .= ", qty=".price2num($qty); $sql .= ", tva_tx=".price2num($txtva); $sql .= ", vat_src_code='".$this->db->escape($vat_src_code)."'"; - $sql .= ", localtax1_tx=".$txlocaltax1; + $sql .= ", localtax1_tx=".((float) $txlocaltax1); $sql .= ", localtax1_type='".$this->db->escape($localtaxes_type[0])."'"; - $sql .= ", localtax2_tx=".$txlocaltax2; + $sql .= ", localtax2_tx=".((float) $txlocaltax2); $sql .= ", localtax2_type='".$this->db->escape($localtaxes_type[2])."'"; $sql .= ", fk_product=".(!empty($fk_product) ? "'".$this->db->escape($fk_product)."'" : "null"); - $sql .= ", product_type=".$product_type; + $sql .= ", product_type=".((int) $product_type); $sql .= ", remise_percent='".price2num($remise_percent)."'"; $sql .= ", subprice='".price2num($pu_ht)."'"; $sql .= ", total_ht='".price2num($total_ht)."'"; @@ -2124,11 +2124,11 @@ class FactureLigneRec extends CommonInvoiceLine $sql .= ", total_localtax2=".price2num($this->total_localtax2); $sql .= ", total_ttc=".price2num($this->total_ttc); } - $sql .= ", rang=".$this->rang; - $sql .= ", special_code=".$this->special_code; + $sql .= ", rang=".((int) $this->rang); + $sql .= ", special_code=".((int) $this->special_code); $sql .= ", fk_unit=".($this->fk_unit ? "'".$this->db->escape($this->fk_unit)."'" : "null"); $sql .= ", fk_contract_line=".($this->fk_contract_line ? $this->fk_contract_line : "null"); - $sql .= " WHERE rowid = ".$this->id; + $sql .= " WHERE rowid = ".((int) $this->id); $this->db->begin(); diff --git a/htdocs/compta/facture/class/facture.class.php b/htdocs/compta/facture/class/facture.class.php index bb25da4e604..1ee946e8a00 100644 --- a/htdocs/compta/facture/class/facture.class.php +++ b/htdocs/compta/facture/class/facture.class.php @@ -352,7 +352,7 @@ class Facture extends CommonInvoice 'datec' =>array('type'=>'datetime', 'label'=>'DateCreation', 'enabled'=>1, 'visible'=>-1, 'position'=>500), 'tms' =>array('type'=>'timestamp', 'label'=>'DateModificationShort', 'enabled'=>1, 'visible'=>-1, 'notnull'=>1, 'position'=>500), 'import_key' =>array('type'=>'varchar(14)', 'label'=>'ImportId', 'enabled'=>1, 'visible'=>-2, 'position'=>900), - 'fk_statut' =>array('type'=>'smallint(6)', 'label'=>'Status', 'enabled'=>1, 'visible'=>-1, 'notnull'=>1, 'position'=>1000, 'arrayofkeyval'=>array(0=>'Draft', 1=>'Validated', 2=>'Paid', 3=>'Abandonned')), + 'fk_statut' =>array('type'=>'smallint(6)', 'label'=>'Status', 'enabled'=>1, 'visible'=>1, 'notnull'=>1, 'position'=>1000, 'arrayofkeyval'=>array(0=>'Draft', 1=>'Validated', 2=>'Paid', 3=>'Abandonned')), ); // END MODULEBUILDER PROPERTIES @@ -4105,7 +4105,7 @@ class Facture extends CommonInvoice $sql .= " AND pf.fk_paiement IS NULL"; // Aucun paiement deja fait $sql .= " AND ff.fk_statut IS NULL"; // Renvoi vrai si pas facture de remplacement if ($socid > 0) { - $sql .= " AND f.fk_soc = ".$socid; + $sql .= " AND f.fk_soc = ".((int) $socid); } $sql .= " ORDER BY f.ref"; @@ -4153,20 +4153,23 @@ class Facture extends CommonInvoice // $sql.= " AND (f.paye = 1"; // Classee payee completement // $sql.= " OR f.close_code IS NOT NULL)"; // Classee payee partiellement $sql .= " AND ff.type IS NULL"; // Renvoi vrai si pas facture de remplacement - $sql .= " AND f.type != ".self::TYPE_CREDIT_NOTE; // Type non 2 si facture non avoir + $sql .= " AND f.type <> ".self::TYPE_CREDIT_NOTE; // Exclude credit note invoices from selection if (!empty($conf->global->INVOICE_USE_SITUATION_CREDIT_NOTE)) { - // Select the last situation invoice - $sqlSit = 'SELECT MAX(fs.rowid)'; - $sqlSit .= " FROM ".MAIN_DB_PREFIX."facture as fs"; - $sqlSit .= " WHERE fs.entity IN (".getEntity('invoice').")"; - $sqlSit .= " AND fs.type = ".self::TYPE_SITUATION; - $sqlSit .= " AND fs.fk_statut in (".self::STATUS_VALIDATED.",".self::STATUS_CLOSED.")"; - $sqlSit .= " GROUP BY fs.situation_cycle_ref"; - $sqlSit .= " ORDER BY fs.situation_counter"; - $sql .= " AND ( f.type != ".self::TYPE_SITUATION." OR f.rowid IN (".$this->db->sanitize($sqlSit).") )"; // Type non 5 si facture non avoir + // Keep invoices that are not situation invoices or that are the last in serie if it is a situation invoice + $sql .= " AND (f.type <> ".self::TYPE_SITUATION." OR f.rowid IN "; + $sql .= '(SELECT MAX(fs.rowid)'; // This select returns several ID becasue of the group by later + $sql .= " FROM ".MAIN_DB_PREFIX."facture as fs"; + $sql .= " WHERE fs.entity IN (".getEntity('invoice').")"; + $sql .= " AND fs.type = ".self::TYPE_SITUATION; + $sql .= " AND fs.fk_statut IN (".self::STATUS_VALIDATED.",".self::STATUS_CLOSED.")"; + if ($socid > 0) { + $sql .= " AND fs.fk_soc = ".((int) $socid); + } + $sql .= " GROUP BY fs.situation_cycle_ref)"; // For each situation_cycle_ref, we take the higher rowid + $sql .= ")"; } else { - $sql .= " AND f.type != ".self::TYPE_SITUATION; // Type non 5 si facture non avoir + $sql .= " AND f.type <> ".self::TYPE_SITUATION; // Keep invoices that are not situation invoices } if ($socid > 0) { @@ -4247,7 +4250,7 @@ class Facture extends CommonInvoice $generic_facture->statut = $obj->fk_statut; $response->nbtodo++; - $response->total += $obj->total; + $response->total += $obj->total_ht; if ($generic_facture->hasDelay()) { $response->nbtodolate++; @@ -5594,7 +5597,7 @@ class FactureLigne extends CommonInvoiceLine $sql .= ", buy_price_ht=".(($this->pa_ht || $this->pa_ht === 0 || $this->pa_ht === '0') ? price2num($this->pa_ht) : "null"); // $this->pa_ht should always be defined (set to 0 or to sell price depending on option) $sql .= ", fk_parent_line=".($this->fk_parent_line > 0 ? $this->fk_parent_line : "null"); if (!empty($this->rang)) { - $sql .= ", rang=".$this->rang; + $sql .= ", rang=".((int) $this->rang); } $sql .= ", situation_percent=".$this->situation_percent; $sql .= ", fk_unit=".(!$this->fk_unit ? 'NULL' : $this->fk_unit); @@ -5606,7 +5609,7 @@ class FactureLigne extends CommonInvoiceLine $sql .= ", multicurrency_total_tva=".price2num($this->multicurrency_total_tva).""; $sql .= ", multicurrency_total_ttc=".price2num($this->multicurrency_total_ttc).""; - $sql .= " WHERE rowid = ".$this->rowid; + $sql .= " WHERE rowid = ".((int) $this->rowid); dol_syslog(get_class($this)."::update", LOG_DEBUG); $resql = $this->db->query($sql); diff --git a/htdocs/compta/facture/document.php b/htdocs/compta/facture/document.php index 16cdee4ac53..5196216c57c 100644 --- a/htdocs/compta/facture/document.php +++ b/htdocs/compta/facture/document.php @@ -181,7 +181,7 @@ if ($id > 0 || !empty($ref)) { print dol_get_fiche_end(); $modulepart = 'facture'; - $permission = $user->rights->facture->creer; + $permissiontoadd = $user->rights->facture->creer; $permtoedit = $user->rights->facture->creer; $param = '&id='.$object->id; include DOL_DOCUMENT_ROOT.'/core/tpl/document_actions_post_headers.tpl.php'; diff --git a/htdocs/compta/facture/index.php b/htdocs/compta/facture/index.php index 0b2f4538636..66a2fccaf08 100644 --- a/htdocs/compta/facture/index.php +++ b/htdocs/compta/facture/index.php @@ -59,8 +59,8 @@ print load_fiche_titre($langs->trans("CustomersInvoicesArea"), '', 'bill'); print '
'; print '
'; - -print getCustomerInvoicePieChart($socid); +print getNumberInvoicesPieChart('customers'); +//print getCustomerInvoicePieChart($socid); print '
'; print getCustomerInvoiceDraftTable($max, $socid); diff --git a/htdocs/compta/facture/invoicetemplate_list.php b/htdocs/compta/facture/invoicetemplate_list.php index 52dac1c462a..c60690ce96b 100644 --- a/htdocs/compta/facture/invoicetemplate_list.php +++ b/htdocs/compta/facture/invoicetemplate_list.php @@ -50,8 +50,7 @@ $confirm = GETPOST('confirm', 'alpha'); $cancel = GETPOST('cancel', 'alpha'); $toselect = GETPOST('toselect', 'array'); $contextpage = GETPOST('contextpage', 'aZ') ?GETPOST('contextpage', 'aZ') : 'invoicetemplatelist'; // To manage different context of search - -$socid = GETPOST('socid', 'int'); +$optioncss = GETPOST('optioncss', 'alpha'); $socid = GETPOST('socid', 'int'); @@ -138,9 +137,11 @@ $arrayfields = array( 'f.nb_gen_done'=>array('label'=>"NbOfGenerationDoneShort", 'checked'=>1), 'f.date_last_gen'=>array('label'=>"DateLastGenerationShort", 'checked'=>1), 'f.date_when'=>array('label'=>"NextDateToExecutionShort", 'checked'=>1), - 'status'=>array('label'=>"Status", 'checked'=>1, 'position'=>100), - 'f.datec'=>array('label'=>"DateCreation", 'checked'=>0, 'position'=>500), - 'f.tms'=>array('label'=>"DateModificationShort", 'checked'=>0, 'position'=>500), + 'f.fk_user_author'=>array('label'=>"UserCreation", 'checked'=>0, 'position'=>500), + 'f.fk_user_modif'=>array('label'=>"UserModification", 'checked'=>0, 'position'=>505), + 'f.datec'=>array('label'=>"DateCreation", 'checked'=>0, 'position'=>520), + 'f.tms'=>array('label'=>"DateModificationShort", 'checked'=>0, 'position'=>525), + 'status'=>array('label'=>"Status", 'checked'=>1, 'position'=>1000), ); // Extra fields include DOL_DOCUMENT_ROOT.'/core/tpl/extrafields_list_array_fields.tpl.php'; @@ -241,6 +242,7 @@ if (!empty($conf->projet->enabled)) { } $companystatic = new Societe($db); $invoicerectmp = new FactureRec($db); +$tmpuser = new User($db); $now = dol_now(); $tmparray = dol_getdate($now); @@ -253,7 +255,7 @@ $today = dol_mktime(23, 59, 59, $tmparray['mon'], $tmparray['mday'], $tmparray[' $sql = "SELECT s.nom as name, s.rowid as socid, f.rowid as facid, f.titre as title, f.total_ht, f.total_tva, f.total_ttc, f.frequency, f.unit_frequency,"; $sql .= " f.nb_gen_done, f.nb_gen_max, f.date_last_gen, f.date_when, f.suspended,"; -$sql .= " f.datec, f.tms,"; +$sql .= " f.datec, f.fk_user_author, f.tms, f.fk_user_modif,"; $sql .= " f.fk_cond_reglement, f.fk_mode_reglement"; // Add fields from extrafields if (!empty($extrafields->attributes[$object->table_element]['label'])) { @@ -275,7 +277,7 @@ if (!$user->rights->societe->client->voir && !$socid) { $sql .= " WHERE f.fk_soc = s.rowid"; $sql .= ' AND f.entity IN ('.getEntity('invoice').')'; if (!$user->rights->societe->client->voir && !$socid) { - $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".$user->id; + $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($search_ref) { $sql .= natural_search('f.titre', $search_ref); @@ -394,7 +396,7 @@ if ($resql) { if ($search_payment_term != '') { $param .= '&search_payment_term='.urlencode($search_payment_term); } - if ($search_recurring != '' && $search_recurrning != '-1') { + if ($search_recurring != '' && $search_recurring != '-1') { $param .= '&search_recurring='.urlencode($search_recurring); } if ($search_frequency > 0) { @@ -535,6 +537,16 @@ if ($resql) { $parameters = array('arrayfields'=>$arrayfields); $reshook = $hookmanager->executeHooks('printFieldListOption', $parameters); // Note that $action and $object may have been modified by hook print $hookmanager->resPrint; + // User creation + if (!empty($arrayfields['f.fk_user_author']['checked'])) { + print ''; + print ''; + } + // User modification + if (!empty($arrayfields['f.fk_user_modif']['checked'])) { + print ''; + print ''; + } // Date creation if (!empty($arrayfields['f.datec']['checked'])) { print ''; @@ -570,7 +582,7 @@ if ($resql) { if (!empty($arrayfields['s.nom']['checked'])) { print_liste_field_titre($arrayfields['s.nom']['label'], $_SERVER['PHP_SELF'], "s.nom", "", $param, "", $sortfield, $sortorder); } - if (!empty($arrayfields['f.total_total']['checked'])) { + if (!empty($arrayfields['f.total_ht']['checked'])) { print_liste_field_titre($arrayfields['f.total_ht']['label'], $_SERVER['PHP_SELF'], "f.total_ht", "", $param, 'class="right"', $sortfield, $sortorder); } if (!empty($arrayfields['f.total_tva']['checked'])) { @@ -603,6 +615,12 @@ if ($resql) { if (!empty($arrayfields['f.date_when']['checked'])) { print_liste_field_titre($arrayfields['f.date_when']['label'], $_SERVER['PHP_SELF'], "f.date_when", "", $param, 'align="center"', $sortfield, $sortorder); } + if (!empty($arrayfields['f.fk_user_author']['checked'])) { + print_liste_field_titre($arrayfields['f.fk_user_author']['label'], $_SERVER['PHP_SELF'], "f.fk_user_author", "", $param, 'align="center"', $sortfield, $sortorder); + } + if (!empty($arrayfields['f.fk_user_modif']['checked'])) { + print_liste_field_titre($arrayfields['f.fk_user_modif']['label'], $_SERVER['PHP_SELF'], "f.fk_user_modif", "", $param, 'align="center"', $sortfield, $sortorder); + } if (!empty($arrayfields['f.datec']['checked'])) { print_liste_field_titre($arrayfields['f.datec']['label'], $_SERVER['PHP_SELF'], "f.datec", "", $param, 'align="center"', $sortfield, $sortorder); } @@ -636,6 +654,9 @@ if ($resql) { $invoicerectmp->nb_gen_max = $objp->nb_gen_max; $invoicerectmp->nb_gen_done = $objp->nb_gen_done; $invoicerectmp->ref = $objp->title; + $invoicerectmp->total_ht = $objp->total_ht; + $invoicerectmp->total_tva = $objp->total_tva; + $invoicerectmp->total_ttc = $objp->total_ttc; print ''; @@ -655,7 +676,7 @@ if ($resql) { } } if (!empty($arrayfields['f.total_ht']['checked'])) { - print ''.price($objp->total).''."\n"; + print ''.price($objp->total_ht).''."\n"; if (!$i) { $totalarray['nbfield']++; } @@ -665,7 +686,7 @@ if ($resql) { $totalarray['val']['f.total_ht'] += $objp->total_ht; } if (!empty($arrayfields['f.total_tva']['checked'])) { - print ''.price($objp->total_vat).''."\n"; + print ''.price($objp->total_tva).''."\n"; if (!$i) { $totalarray['nbfield']++; } @@ -755,6 +776,28 @@ if ($resql) { $totalarray['nbfield']++; } } + if (!empty($arrayfields['f.fk_user_author']['checked'])) { + print ''; + if ($objp->fk_user_author > 0) { + $tmpuser->fetch($objp->fk_user_author); + print $tmpuser->getNomUrl(1); + } + print ''; + if (!$i) { + $totalarray['nbfield']++; + } + } + if (!empty($arrayfields['f.fk_user_modif']['checked'])) { + print ''; + if ($objp->fk_user_author > 0) { + $tmpuser->fetch($objp->fk_user_author); + print $tmpuser->getNomUrl(1); + } + print ''; + if (!$i) { + $totalarray['nbfield']++; + } + } if (!empty($arrayfields['f.datec']['checked'])) { print ''; print dol_print_date($db->jdate($objp->datec), 'dayhour'); @@ -789,12 +832,13 @@ if ($resql) { } } // Action column - print ''; + print ''; if ($user->rights->facture->creer && empty($invoicerectmp->suspended)) { if ($invoicerectmp->isMaxNbGenReached()) { print $langs->trans("MaxNumberOfGenerationReached"); } elseif (empty($objp->frequency) || $db->jdate($objp->date_when) <= $today) { print ''; + print img_picto($langs->trans("CreateBill"), 'add', 'class="paddingrightonly"'); print $langs->trans("CreateBill").''; } else { print $form->textwithpicto('', $langs->trans("DateIsNotEnough")); diff --git a/htdocs/compta/facture/list.php b/htdocs/compta/facture/list.php index 42e10477a3a..cc52984d6d4 100644 --- a/htdocs/compta/facture/list.php +++ b/htdocs/compta/facture/list.php @@ -126,12 +126,18 @@ $search_date_valid_endmonth = GETPOST('search_date_valid_endmonth', 'int'); $search_date_valid_endyear = GETPOST('search_date_valid_endyear', 'int'); $search_date_valid_start = dol_mktime(0, 0, 0, $search_date_valid_startmonth, $search_date_valid_startday, $search_date_valid_startyear); // Use tzserver $search_date_valid_end = dol_mktime(23, 59, 59, $search_date_valid_endmonth, $search_date_valid_endday, $search_date_valid_endyear); -$search_datelimit_start = dol_mktime(0, 0, 0, GETPOST('search_datelimit_startmonth', 'int'), GETPOST('search_datelimit_startday', 'int'), GETPOST('search_datelimit_startyear', 'int')); -$search_datelimit_end = dol_mktime(23, 59, 59, GETPOST('search_datelimit_endmonth', 'int'), GETPOST('search_datelimit_endday', 'int'), GETPOST('search_datelimit_endyear', 'int')); +$search_datelimit_startday = GETPOST('search_datelimit_startday', 'int'); +$search_datelimit_startmonth = GETPOST('search_datelimit_startmonth', 'int'); +$search_datelimit_startyear = GETPOST('search_datelimit_startyear', 'int'); +$search_datelimit_endday = GETPOST('search_datelimit_endday', 'int'); +$search_datelimit_endmonth = GETPOST('search_datelimit_endmonth', 'int'); +$search_datelimit_endyear = GETPOST('search_datelimit_endyear', 'int'); +$search_datelimit_start = dol_mktime(0, 0, 0, $search_datelimit_startmonth, $search_datelimit_startday, $search_datelimit_startyear); +$search_datelimit_end = dol_mktime(23, 59, 59, $search_datelimit_endmonth, $search_datelimit_endday, $search_datelimit_endyear); $search_categ_cus = GETPOST("search_categ_cus", 'int'); $search_btn = GETPOST('button_search', 'alpha'); $search_remove_btn = GETPOST('button_removefilter', 'alpha'); - +$optioncss = GETPOST('optioncss', 'alpha'); $option = GETPOST('search_option'); @@ -240,7 +246,7 @@ $arrayfields = array( 'total_margin_rate' => array('label' => 'MarginRate', 'checked' => 0, 'position' => 302, 'enabled' => (empty($conf->margin->enabled) || !$user->rights->margins->liretous || empty($conf->global->DISPLAY_MARGIN_RATES) ? 0 : 1)), 'total_mark_rate' => array('label' => 'MarkRate', 'checked' => 0, 'position' => 303, 'enabled' => (empty($conf->margin->enabled) || !$user->rights->margins->liretous || empty($conf->global->DISPLAY_MARK_RATES) ? 0 : 1)), 'f.datec'=>array('label'=>"DateCreation", 'checked'=>0, 'position'=>500), - 'f.tms'=>array('label'=>"DateModificationShort", 'checked'=>0, 'position'=>500), + 'f.tms'=>array('label'=>"DateModificationShort", 'checked'=>0, 'position'=>502), 'f.note_public'=>array('label'=>'NotePublic', 'checked'=>0, 'position'=>510, 'enabled'=>(empty($conf->global->MAIN_LIST_ALLOW_PUBLIC_NOTES))), 'f.note_private'=>array('label'=>'NotePrivate', 'checked'=>0, 'position'=>511, 'enabled'=>(empty($conf->global->MAIN_LIST_ALLOW_PRIVATE_NOTES))), 'f.fk_statut'=>array('label'=>"Status", 'checked'=>1, 'position'=>1000), @@ -262,7 +268,7 @@ foreach ($object->fields as $key => $val) { 'checked'=>(($visible < 0) ? 0 : 1), 'enabled'=>($visible != 3 && dol_eval($val['enabled'], 1)), 'position'=>$val['position'], - 'help'=>$val['help'] + 'help' => empty($val['help']) ? '' : $val['help'], ); } } @@ -344,6 +350,12 @@ if (GETPOST('button_removefilter_x', 'alpha') || GETPOST('button_removefilter', $search_date_valid_endyear = ''; $search_date_valid_start = ''; $search_date_valid_end = ''; + $search_datelimit_startday = ''; + $search_datelimit_startmonth = ''; + $search_datelimit_startyear = ''; + $search_datelimit_endday = ''; + $search_datelimit_endmonth = ''; + $search_datelimit_endyear = ''; $search_datelimit_start = ''; $search_datelimit_end = ''; $option = ''; @@ -390,17 +402,16 @@ if ($massaction == 'makepayment_confirm') { $totalcreditnotes = $objecttmp->getSumCreditNotesUsed(); $totaldeposits = $objecttmp->getSumDepositsUsed(); $objecttmp->resteapayer = price2num($objecttmp->total_ttc - $totalpaye - $totalcreditnotes - $totaldeposits, 'MT'); - if ($objecttmp->paye || $objecttmp->resteapayer == 0) { + if ($objecttmp->statut == Facture::STATUS_DRAFT) { + $error++; + setEventMessages($objecttmp->ref.' '.$langs->trans("Draft"), $objecttmp->errors, 'errors'); + } elseif ($objecttmp->paye || $objecttmp->resteapayer == 0) { $error++; setEventMessages($objecttmp->ref.' '.$langs->trans("AlreadyPaid"), $objecttmp->errors, 'errors'); } elseif ($objecttmp->resteapayer < 0) { $error++; setEventMessages($objecttmp->ref.' '.$langs->trans("AmountMustBePositive"), $objecttmp->errors, 'errors'); } - if (!($objecttmp->statut > Facture::STATUS_DRAFT)) { - $error++; - setEventMessages($objecttmp->ref.' '.$langs->trans("Draft"), $objecttmp->errors, 'errors'); - } $rsql = "SELECT pfd.rowid, pfd.traite, pfd.date_demande as date_demande"; $rsql .= " , pfd.date_traite as date_traite"; @@ -473,7 +484,7 @@ $sql = 'SELECT'; if ($sall || $search_product_category > 0 || $search_user > 0) { $sql = 'SELECT DISTINCT'; } -$sql .= ' f.rowid as id, f.ref, f.ref_client, f.type, f.note_private, f.note_public, f.increment, f.fk_mode_reglement, f.fk_cond_reglement, f.total_ht, f.total_tva, f.total_ttc,'; +$sql .= ' f.rowid as id, f.ref, f.ref_client, f.fk_soc, f.type, f.note_private, f.note_public, f.increment, f.fk_mode_reglement, f.fk_cond_reglement, f.total_ht, f.total_tva, f.total_ttc,'; $sql .= ' f.localtax1 as total_localtax1, f.localtax2 as total_localtax2,'; $sql .= ' f.fk_user_author,'; $sql .= ' f.fk_multicurrency, f.multicurrency_code, f.multicurrency_tx, f.multicurrency_total_ht, f.multicurrency_total_tva as multicurrency_total_vat, f.multicurrency_total_ttc,'; @@ -547,7 +558,7 @@ if (!$user->rights->societe->client->voir && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".$user->id; } if ($search_product_category > 0) { - $sql .= " AND cp.fk_categorie = ".$db->escape($search_product_category); + $sql .= " AND cp.fk_categorie = ".((int) $search_product_category); } if ($socid > 0) { $sql .= ' AND s.rowid = '.((int) $socid); @@ -635,7 +646,7 @@ if ($search_login) { $sql .= natural_search(array('u.login', 'u.firstname', 'u.lastname'), $search_login); } if ($search_categ_cus > 0) { - $sql .= " AND cc.fk_categorie = ".$db->escape($search_categ_cus); + $sql .= " AND cc.fk_categorie = ".((int) $search_categ_cus); } if ($search_categ_cus == -2) { $sql .= " AND cc.fk_categorie IS NULL"; @@ -660,10 +671,10 @@ if ($search_status != '-1' && $search_status != '') { } if ($search_paymentmode > 0) { - $sql .= " AND f.fk_mode_reglement = ".$db->escape($search_paymentmode); + $sql .= " AND f.fk_mode_reglement = ".((int) $search_paymentmode); } if ($search_paymentterms > 0) { - $sql .= " AND f.fk_cond_reglement = ".$db->escape($search_paymentterms); + $sql .= " AND f.fk_cond_reglement = ".((int) $search_paymentterms); } if ($search_module_source) { $sql .= natural_search("f.module_source", $search_module_source); @@ -693,10 +704,10 @@ if ($option == 'late') { $sql .= " AND f.date_lim_reglement < '".$db->idate(dol_now() - $conf->facture->client->warning_delay)."'"; } if ($search_sale > 0) { - $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".(int) $search_sale; + $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $search_sale); } if ($search_user > 0) { - $sql .= " AND ec.fk_c_type_contact = tc.rowid AND tc.element='facture' AND tc.source='internal' AND ec.element_id = f.rowid AND ec.fk_socpeople = ".$search_user; + $sql .= " AND ec.fk_c_type_contact = tc.rowid AND tc.element='facture' AND tc.source='internal' AND ec.element_id = f.rowid AND ec.fk_socpeople = ".((int) $search_user); } // Add where from extra fields include DOL_DOCUMENT_ROOT.'/core/tpl/extrafields_list_search_sql.tpl.php'; @@ -706,7 +717,7 @@ $reshook = $hookmanager->executeHooks('printFieldListWhere', $parameters); // No $sql .= $hookmanager->resPrint; if (!$sall) { - $sql .= ' GROUP BY f.rowid, f.ref, ref_client, f.type, f.note_private, f.note_public, f.increment, f.fk_mode_reglement, f.fk_cond_reglement, f.total_ht, f.total_tva, f.total_ttc,'; + $sql .= ' GROUP BY f.rowid, f.ref, ref_client, f.fk_soc, f.type, f.note_private, f.note_public, f.increment, f.fk_mode_reglement, f.fk_cond_reglement, f.total_ht, f.total_tva, f.total_ttc,'; $sql .= ' f.localtax1, f.localtax2,'; $sql .= ' f.datef, f.date_valid, f.date_lim_reglement, f.module_source, f.pos_source,'; $sql .= ' f.paye, f.fk_statut, f.close_code,'; @@ -833,11 +844,23 @@ if ($resql) { if ($search_date_valid_endyear) { $param .= '&search_date_valid_endyear='.urlencode($search_date_valid_endyear); } - if ($search_datelimit_start) { - $param .= '&search_datelimit_start='.urlencode($search_datelimit_start); + if ($search_datelimit_startday) { + $param .= '&search_datelimit_startday='.urlencode($search_datelimit_startday); } - if ($search_datelimit_end) { - $param .= '&search_datelimit_end='.urlencode($search_datelimit_end); + if ($search_datelimit_startmonth) { + $param .= '&search_datelimit_startmonth='.urlencode($search_datelimit_startmonth); + } + if ($search_datelimit_startyear) { + $param .= '&search_datelimit_startyear='.urlencode($search_datelimit_startyear); + } + if ($search_datelimit_endday) { + $param .= '&search_datelimit_endday='.urlencode($search_datelimit_endday); + } + if ($search_datelimit_endmonth) { + $param .= '&search_datelimit_endmonth='.urlencode($search_datelimit_endmonth); + } + if ($search_datelimit_endyear) { + $param .= '&search_datelimit_endyear='.urlencode($search_datelimit_endyear); } if ($search_ref) { $param .= '&search_ref='.urlencode($search_ref); @@ -952,7 +975,7 @@ if ($resql) { ); if ($conf->prelevement->enabled && !empty($user->rights->prelevement->bons->creer)) { $langs->load("withdrawals"); - $arrayofmassactions['withdrawrequest'] = $langs->trans("MakeWithdrawRequest"); + $arrayofmassactions['withdrawrequest'] = img_picto('', 'payment', 'class="pictofixedwidth"').$langs->trans("MakeWithdrawRequest"); } if ($user->rights->facture->supprimer) { if (!empty($conf->global->INVOICE_CAN_REMOVE_DRAFT_ONLY)) { @@ -1026,7 +1049,7 @@ if ($resql) { $moreforfilter .= '
'; $tmptitle = $langs->trans('IncludingProductWithTag'); $cate_arbo = $form->select_all_categories(Categorie::TYPE_PRODUCT, null, 'parent', null, null, 1); - $moreforfilter .= img_picto($tmptitle, 'category', 'class="pictofixedwidth"').$form->selectarray('search_product_category', $cate_arbo, $search_product_category, $tmptitle, 0, 0, '', 0, 0, 0, 0, 'maxwidth300', 1); + $moreforfilter .= img_picto($tmptitle, 'category', 'class="pictofixedwidth"').$form->selectarray('search_product_category', $cate_arbo, $search_product_category, $tmptitle, 0, 0, '', 0, 0, 0, 0, 'maxwidth250', 1); $moreforfilter .= '
'; } if (!empty($conf->categorie->enabled) && $user->rights->categorie->lire) { @@ -1502,6 +1525,10 @@ if ($resql) { if ($num > 0) { $i = 0; $totalarray = array(); + $totalarray['nbfield'] = 0; + $totalarray['val'] = array(); + $totalarray['val']['f.total_ht'] = 0; + $totalarray['val']['f.total_ttc'] = 0; while ($i < min($num, $limit)) { $obj = $db->fetch_object($resql); diff --git a/htdocs/compta/facture/stats/index.php b/htdocs/compta/facture/stats/index.php index 9fcfff783b3..9b9630a5d5f 100644 --- a/htdocs/compta/facture/stats/index.php +++ b/htdocs/compta/facture/stats/index.php @@ -65,11 +65,7 @@ if ($user->socid > 0) { $nowyear = strftime("%Y", dol_now()); $year = GETPOST('year') > 0 ? GETPOST('year', 'int') : $nowyear; -if (!empty($conf->global->INVOICE_STATS_GRAPHS_SHOW_2_YEARS)) { - $startyear = $year - 2; -} else { - $startyear = $year - 1; -} +$startyear = $year - (empty($conf->global->MAIN_STATS_GRAPHS_SHOW_N_YEARS) ? 2 : max(1, min(10, $conf->global->MAIN_STATS_GRAPHS_SHOW_N_YEARS))); $endyear = $year; @@ -291,7 +287,8 @@ if ($mode == 'customer') { if ($mode == 'supplier') { $filter = 's.fournisseur = 1'; } -print $form->selectarray('socid', $companies, $socid, 1, 0, 0, 'style="width: 95%"', 0, 0, 0, '', '', 1); +print img_picto('', 'company', 'class="pictofixedwidth"'); +print $form->selectarray('socid', $companies, $socid, 1, 0, 0, '', 0, 0, 0, '', 'widthcentpercentminusx maxwidth300', 1); print ''; // ThirdParty Type @@ -315,17 +312,19 @@ if (!empty($conf->category->enabled)) { } print ''.$cat_label.''; $cate_arbo = $form->select_all_categories(Categorie::TYPE_CUSTOMER, null, 'parent', null, null, 1); - print $form->multiselectarray('custcats', $cate_arbo, GETPOST('custcats', 'array'), null, null, null, null, "90%"); + print img_picto('', 'category', 'class="pictofixedwidth"'); + print $form->multiselectarray('custcats', $cate_arbo, GETPOST('custcats', 'array'), 0, 0, 'widthcentpercentminusx maxwidth300'); //print $formother->select_categories($cat_type, $categ_id, 'categ_id', true); print ''; } // User print ''.$langs->trans("CreatedBy").''; -print $form->select_dolusers($userid, 'userid', 1, '', 0, '', '', 0, 0, 0, '', 0, '', 'maxwidth300'); +print img_picto('', 'user', 'class="pictofixedwidth"'); +print $form->select_dolusers($userid, 'userid', 1, '', 0, '', '', 0, 0, 0, '', 0, '', 'widthcentpercentminusx maxwidth300'); print ''; // Status -print ''.$langs->trans("Status").''; +print ''.$langs->trans("Status").''; if ($mode == 'customer') { $liststatus = array('0'=>$langs->trans("BillStatusDraft"), '1'=>$langs->trans("BillStatusNotPaid"), '2'=>$langs->trans("BillStatusPaid"), '1,2'=>$langs->trans("BillStatusNotPaid").' / '.$langs->trans("BillStatusPaid"), '3'=>$langs->trans("BillStatusCanceled")); print $form->selectarray('object_status', $liststatus, $object_status, 1); @@ -346,7 +345,7 @@ if (!in_array($nowyear, $arrayyears)) { arsort($arrayyears); print $form->selectarray('year', $arrayyears, $year, 0); print ''; -print ''; +print ''; print ''; print ''; print '

'; @@ -383,11 +382,11 @@ foreach ($data as $val) { print ''; print ' 0 ? '&userid='.$userid : '').'">'.$year.''; print ''.$val['nb'].''; - print ''.round($val['nb_diff']).''; + print ''.($val['nb_diff'] < 0 ? '' : '+').round($val['nb_diff']).'%'; print ''.price(price2num($val['total'], 'MT'), 1).''; - print ''.round($val['total_diff']).''; + print ''.($val['total_diff'] < 0 ? '' : '+').round($val['total_diff']).'%'; print ''.price(price2num($val['avg'], 'MT'), 1).''; - print ''.round($val['avg_diff']).''; + print ''.($val['avg_diff'] < 0 ? '' : '+').round($val['avg_diff']).'%'; print ''; $oldyear = $year; } diff --git a/htdocs/compta/index.php b/htdocs/compta/index.php index e33ddc35610..8db217747ef 100644 --- a/htdocs/compta/index.php +++ b/htdocs/compta/index.php @@ -138,7 +138,7 @@ if (!empty($conf->facture->enabled) && !empty($user->rights->facture->lire)) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".$user->id; } if ($socid) { - $sql .= " AND f.fk_soc = ".$socid; + $sql .= " AND f.fk_soc = ".((int) $socid); } // Add where from hooks $parameters = array(); @@ -267,7 +267,7 @@ if ((!empty($conf->fournisseur->enabled) && empty($conf->global->MAIN_USE_NEW_SU $langs->load("boxes"); $facstatic = new FactureFournisseur($db); - $sql = "SELECT ff.rowid, ff.ref, ff.fk_statut as status, ff.libelle, ff.total_ht, ff.total_tva, ff.total_ttc, ff.tms, ff.paye"; + $sql = "SELECT ff.rowid, ff.ref, ff.fk_statut as status, ff.type, ff.libelle, ff.total_ht, ff.total_tva, ff.total_ttc, ff.tms, ff.paye, ff.ref_supplier"; $sql .= ", s.nom as name"; $sql .= ", s.rowid as socid"; $sql .= ", s.code_fournisseur, s.code_compta_fournisseur, s.email"; @@ -283,14 +283,14 @@ if ((!empty($conf->fournisseur->enabled) && empty($conf->global->MAIN_USE_NEW_SU $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".$user->id; } if ($socid) { - $sql .= " AND ff.fk_soc = ".$socid; + $sql .= " AND ff.fk_soc = ".((int) $socid); } // Add where from hooks $parameters = array(); $reshook = $hookmanager->executeHooks('printFieldListWhereSupplierLastModified', $parameters); $sql .= $hookmanager->resPrint; - $sql .= " GROUP BY ff.rowid, ff.ref, ff.fk_statut, ff.libelle, ff.total_ht, ff.tva, ff.total_tva, ff.total_ttc, ff.tms, ff.paye,"; + $sql .= " GROUP BY ff.rowid, ff.ref, ff.fk_statut, ff.type, ff.libelle, ff.total_ht, ff.tva, ff.total_tva, ff.total_ttc, ff.tms, ff.paye, ff.ref_supplier,"; $sql .= " s.nom, s.rowid, s.code_fournisseur, s.code_compta_fournisseur, s.email"; $sql .= " ORDER BY ff.tms DESC "; $sql .= $db->plimit($max, 0); @@ -332,6 +332,8 @@ if ((!empty($conf->fournisseur->enabled) && empty($conf->global->MAIN_USE_NEW_SU $facstatic->total_ttc = $obj->total_ttc; $facstatic->statut = $obj->status; $facstatic->paye = $obj->paye; + $facstatic->type = $obj->type; + $facstatic->ref_supplier = $obj->ref_supplier; $thirdpartystatic->id = $obj->socid; $thirdpartystatic->name = $obj->name; @@ -593,7 +595,7 @@ if (!empty($conf->facture->enabled) && !empty($conf->commande->enabled) && $user $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".$user->id; } if ($socid) { - $sql .= " AND c.fk_soc = ".$socid; + $sql .= " AND c.fk_soc = ".((int) $socid); } $sql .= " AND c.fk_statut = ".Commande::STATUS_CLOSED; $sql .= " AND c.facture = 0"; diff --git a/htdocs/compta/localtax/class/localtax.class.php b/htdocs/compta/localtax/class/localtax.class.php index dc133977202..63b4f982316 100644 --- a/htdocs/compta/localtax/class/localtax.class.php +++ b/htdocs/compta/localtax/class/localtax.class.php @@ -110,7 +110,7 @@ class Localtax extends CommonObject $sql .= "fk_user_creat,"; $sql .= "fk_user_modif"; $sql .= ") VALUES ("; - $sql .= " ".$this->ltt.","; + $sql .= " ".((int) $this->ltt).","; $sql .= " '".$this->db->idate($this->tms)."',"; $sql .= " '".$this->db->idate($this->datep)."',"; $sql .= " '".$this->db->idate($this->datev)."',"; @@ -170,7 +170,7 @@ class Localtax extends CommonObject // Update request $sql = "UPDATE ".MAIN_DB_PREFIX."localtax SET"; - $sql .= " localtaxtype=".$this->ltt.","; + $sql .= " localtaxtype=".((int) $this->ltt).","; $sql .= " tms='".$this->db->idate($this->tms)."',"; $sql .= " datep='".$this->db->idate($this->datep)."',"; $sql .= " datev='".$this->db->idate($this->datev)."',"; diff --git a/htdocs/compta/localtax/index.php b/htdocs/compta/localtax/index.php index 86fa3fe52f0..f9ea0ac02d9 100644 --- a/htdocs/compta/localtax/index.php +++ b/htdocs/compta/localtax/index.php @@ -584,7 +584,7 @@ $sql .= "SELECT SUM(amount) as mm, date_format(f.datev,'%Y-%m') as dm, 'claimed' $sql .= " FROM ".MAIN_DB_PREFIX."localtax as f"; $sql .= " WHERE f.entity = ".$conf->entity; $sql .= " AND (f.datev >= '".$db->idate($date_start)."' AND f.datev <= '".$db->idate($date_end)."')"; -$sql .= " AND localtaxtype=".$localTaxType; +$sql .= " AND localtaxtype=".((int) $localTaxType); $sql .= " GROUP BY dm"; $sql .= " UNION "; @@ -593,7 +593,7 @@ $sql .= "SELECT SUM(amount) as mm, date_format(f.datep,'%Y-%m') as dm, 'paid' as $sql .= " FROM ".MAIN_DB_PREFIX."localtax as f"; $sql .= " WHERE f.entity = ".$conf->entity; $sql .= " AND (f.datep >= '".$db->idate($date_start)."' AND f.datep <= '".$db->idate($date_end)."')"; -$sql .= " AND localtaxtype=".$localTaxType; +$sql .= " AND localtaxtype=".((int) $localTaxType); $sql .= " GROUP BY dm"; $sql .= " ORDER BY dm ASC, mode ASC"; diff --git a/htdocs/compta/paiement.php b/htdocs/compta/paiement.php index 12a6eb97d13..03acd9d88eb 100644 --- a/htdocs/compta/paiement.php +++ b/htdocs/compta/paiement.php @@ -8,7 +8,7 @@ * Copyright (C) 2014 Raphaël Doursenaud * Copyright (C) 2014 Teddy Andreotti <125155@supinfo.com> * Copyright (C) 2015 Juanjo Menent - * Copyright (C) 2018-2019 Frédéric France + * Copyright (C) 2018-2021 Frédéric France * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -465,7 +465,7 @@ if ($action == 'create' || $action == 'confirm_paiement' || $action == 'add_paie // Date payment print ''.$langs->trans('Date').''; - $datepayment = dol_mktime(12, 0, 0, $_POST['remonth'], $_POST['reday'], $_POST['reyear']); + $datepayment = dol_mktime(12, 0, 0, GETPOST('remonth', 'int'), GETPOST('reday', 'int'), GETPOST('reyear', 'int')); $datepayment = ($datepayment == '' ? (empty($conf->global->MAIN_AUTOFILL_DATE) ?-1 : '') : $datepayment); print $form->selectDate($datepayment, '', '', '', 0, "add_paiement", 1, 1, 0, '', '', $facture->date); print ''; @@ -598,7 +598,7 @@ if ($action == 'create' || $action == 'confirm_paiement' || $action == 'add_paie print ' '; print "\n"; - $total = 0; + $total_ttc = 0; $totalrecu = 0; $totalrecucreditnote = 0; $totalrecudeposits = 0; @@ -754,15 +754,14 @@ if ($action == 'create' || $action == 'confirm_paiement' || $action == 'add_paie // Warning print ''; //print "xx".$amounts[$invoice->id]."-".$amountsresttopay[$invoice->id]."
"; - if ($amounts[$invoice->id] && (abs($amounts[$invoice->id]) > abs($amountsresttopay[$invoice->id])) - || $multicurrency_amounts[$invoice->id] && (abs($multicurrency_amounts[$invoice->id]) > abs($multicurrency_amountsresttopay[$invoice->id]))) { + if (!empty($amounts[$invoice->id]) && (abs($amounts[$invoice->id]) > abs($amountsresttopay[$invoice->id])) + || !empty($multicurrency_amounts[$invoice->id]) && (abs($multicurrency_amounts[$invoice->id]) > abs($multicurrency_amountsresttopay[$invoice->id]))) { print ' '.img_warning($langs->trans("PaymentHigherThanReminderToPay")); } print ''; print "\n"; - $total += $objp->total; $total_ttc += $objp->total_ttc; $totalrecu += $paiement; $totalrecucreditnote += $creditnotes; diff --git a/htdocs/compta/paiement/cheque/card.php b/htdocs/compta/paiement/cheque/card.php index 04eee81ced0..32f81532ecf 100644 --- a/htdocs/compta/paiement/cheque/card.php +++ b/htdocs/compta/paiement/cheque/card.php @@ -606,7 +606,7 @@ if ($action == 'new') { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."paiement as p ON p.fk_bank = b.rowid"; $sql .= " WHERE ba.entity IN (".getEntity('bank_account').")"; $sql .= " AND b.fk_type= 'CHQ'"; - $sql .= " AND b.fk_bordereau = ".$object->id; + $sql .= " AND b.fk_bordereau = ".((int) $object->id); $sql .= $db->order($sortfield, $sortorder); $resql = $db->query($sql); diff --git a/htdocs/compta/paiement/cheque/list.php b/htdocs/compta/paiement/cheque/list.php index 0c4a6d9c478..f4d6c9e2686 100644 --- a/htdocs/compta/paiement/cheque/list.php +++ b/htdocs/compta/paiement/cheque/list.php @@ -104,7 +104,7 @@ if ($search_ref) { $sql .= natural_search("bc.ref", $search_ref); } if ($search_account > 0) { - $sql .= " AND bc.fk_bank_account=".$search_account; + $sql .= " AND bc.fk_bank_account = ".((int) $search_account); } if ($search_amount) { $sql .= natural_search("bc.amount", price2num($search_amount)); diff --git a/htdocs/compta/paiement/class/paiement.class.php b/htdocs/compta/paiement/class/paiement.class.php index 138891ea31d..f31d66a2f6d 100644 --- a/htdocs/compta/paiement/class/paiement.class.php +++ b/htdocs/compta/paiement/class/paiement.class.php @@ -2,14 +2,15 @@ /* Copyright (C) 2002-2004 Rodolphe Quiedeville * Copyright (C) 2004-2010 Laurent Destailleur * Copyright (C) 2005 Marc Barilley / Ocebo - * Copyright (C) 2012 Cédric Salvador - * Copyright (C) 2014 Raphaël Doursenaud - * Copyright (C) 2014 Marcos García - * Copyright (C) 2015 Juanjo Menent - * Copyright (C) 2018 Ferran Marcet - * Copyright (C) 2018 Thibault FOUCART + * Copyright (C) 2012 Cédric Salvador + * Copyright (C) 2014 Raphaël Doursenaud + * Copyright (C) 2014 Marcos García + * Copyright (C) 2015 Juanjo Menent + * Copyright (C) 2018 Ferran Marcet + * Copyright (C) 2018 Thibault FOUCART * Copyright (C) 2018 Frédéric France - * Copyright (C) 2020 Andreu Bisquerra Gaya + * Copyright (C) 2020 Andreu Bisquerra Gaya + * Copyright (C) 2021 OpenDsi * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -705,6 +706,17 @@ class Paiement extends CommonObject ); } + // Add link 'InvoiceRefused' in bank_url + if (! $error && $label == '(InvoiceRefused)') { + $result=$acc->add_url_line( + $bank_line_id, + $this->id_prelevement, + DOL_URL_ROOT.'/compta/prelevement/card.php?id=', + $this->num_prelevement, + 'withdraw' + ); + } + if (!$error && !$notrigger) { // Appel des triggers $result = $this->call_trigger('PAYMENT_ADD_TO_BANK', $user); diff --git a/htdocs/compta/paiement/tovalidate.php b/htdocs/compta/paiement/tovalidate.php index 4e464243df6..6b811bc2d13 100644 --- a/htdocs/compta/paiement/tovalidate.php +++ b/htdocs/compta/paiement/tovalidate.php @@ -78,7 +78,7 @@ if ($socid) { } $sql .= " WHERE p.entity IN (".getEntity('invoice').')'; if ($socid) { - $sql .= " AND f.fk_soc = ".$socid; + $sql .= " AND f.fk_soc = ".((int) $socid); } $sql .= " AND p.statut = 0"; diff --git a/htdocs/compta/prelevement/class/bonprelevement.class.php b/htdocs/compta/prelevement/class/bonprelevement.class.php index dbf2d67778a..f69c7b476a2 100644 --- a/htdocs/compta/prelevement/class/bonprelevement.class.php +++ b/htdocs/compta/prelevement/class/bonprelevement.class.php @@ -203,7 +203,7 @@ class BonPrelevement extends CommonObject $sql = "SELECT rowid"; $sql .= " FROM ".MAIN_DB_PREFIX."prelevement_lignes"; $sql .= " WHERE fk_prelevement_bons = ".$this->id; - $sql .= " AND fk_soc =".$client_id; + $sql .= " AND fk_soc =".((int) $client_id); $sql .= " AND code_banque = '".$this->db->escape($code_banque)."'"; $sql .= " AND code_guichet = '".$this->db->escape($code_guichet)."'"; $sql .= " AND number = '".$this->db->escape($number)."'"; diff --git a/htdocs/compta/prelevement/class/rejetprelevement.class.php b/htdocs/compta/prelevement/class/rejetprelevement.class.php index 0faea8a159c..db92da8ce90 100644 --- a/htdocs/compta/prelevement/class/rejetprelevement.class.php +++ b/htdocs/compta/prelevement/class/rejetprelevement.class.php @@ -1,7 +1,8 @@ - * Copyright (C) 2005-2009 Regis Houssin - * Copyright (C) 2010-2013 Juanjo Menent +/* Copyright (C) 2005 Rodolphe Quiedeville + * Copyright (C) 2005-2009 Regis Houssin + * Copyright (C) 2010-2013 Juanjo Menent + * Copyright (C) 2021 OpenDsi * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -98,6 +99,10 @@ class RejetPrelevement $bankaccount = ($this->type == 'bank-transfer' ? $conf->global->PAYMENTBYBANKTRANSFER_ID_BANKACCOUNT : $conf->global->PRELEVEMENT_ID_BANKACCOUNT); $facs = $this->getListInvoices(1); + require_once DOL_DOCUMENT_ROOT.'/compta/prelevement/class/ligneprelevement.class.php'; + $lipre = new LignePrelevement($this->db, $user); + $lipre->fetch($id); + $this->db->begin(); // Insert refused line into database @@ -160,7 +165,10 @@ class RejetPrelevement $pai->amounts[$facs[$i][0]] = price2num($facs[$i][1] * ($this->type == 'bank-transfer' ? 1 : -1)); $pai->datepaye = $date_rejet; $pai->paiementid = 3; // type of payment: withdrawal + $pai->num_paiement = $fac->ref; $pai->num_payment = $fac->ref; + $pai->id_prelevement = $this->bon_id; + $pai->num_prelevement = $lipre->bon_ref; if ($pai->create($this->user) < 0) { // we call with no_commit @@ -329,7 +337,7 @@ class RejetPrelevement $sql = "SELECT pr.date_rejet as dr, motif, afacturer"; $sql .= " FROM ".MAIN_DB_PREFIX."prelevement_rejet as pr"; - $sql .= " WHERE pr.fk_prelevement_lignes =".$rowid; + $sql .= " WHERE pr.fk_prelevement_lignes =".((int) $rowid); $resql = $this->db->query($sql); if ($resql) { @@ -345,11 +353,11 @@ class RejetPrelevement return 0; } else { - dol_syslog("RejetPrelevement::Fetch Erreur rowid=$rowid numrows=0"); + dol_syslog("RejetPrelevement::Fetch Erreur rowid=".$rowid." numrows=0"); return -1; } } else { - dol_syslog("RejetPrelevement::Fetch Erreur rowid=$rowid"); + dol_syslog("RejetPrelevement::Fetch Erreur rowid=".$rowid); return -2; } } diff --git a/htdocs/compta/prelevement/fiche-rejet.php b/htdocs/compta/prelevement/fiche-rejet.php index 928be9c4245..8711f663d55 100644 --- a/htdocs/compta/prelevement/fiche-rejet.php +++ b/htdocs/compta/prelevement/fiche-rejet.php @@ -170,15 +170,15 @@ $sql .= " FROM ".MAIN_DB_PREFIX."prelevement_bons as p"; $sql .= " , ".MAIN_DB_PREFIX."prelevement_lignes as pl"; $sql .= " , ".MAIN_DB_PREFIX."societe as s"; $sql .= " , ".MAIN_DB_PREFIX."prelevement_rejet as pr"; -$sql .= " WHERE p.rowid=".$object->id; +$sql .= " WHERE p.rowid=".((int) $object->id); $sql .= " AND pl.fk_prelevement_bons = p.rowid"; $sql .= " AND p.entity = ".$conf->entity; $sql .= " AND pl.fk_soc = s.rowid"; $sql .= " AND pl.statut = 3 "; $sql .= " AND pr.fk_prelevement_lignes = pl.rowid"; -if ($socid) { +/*if ($socid) { $sql .= " AND s.rowid = ".((int) $socid); -} +}*/ $sql .= " ORDER BY pl.amount DESC"; // Count total nb of records diff --git a/htdocs/compta/prelevement/line.php b/htdocs/compta/prelevement/line.php index bc3a06c2e6d..5aa7344eea5 100644 --- a/htdocs/compta/prelevement/line.php +++ b/htdocs/compta/prelevement/line.php @@ -51,7 +51,8 @@ $limit = GETPOST('limit', 'int') ? GETPOST('limit', 'int') : $conf->liste_limit; $sortorder = GETPOST('sortorder', 'aZ09comma'); $sortfield = GETPOST('sortfield', 'aZ09comma'); $page = GETPOSTISSET('pageplusone') ? (GETPOST('pageplusone') - 1) : GETPOST("page", 'int'); -if ($page == -1 || $page == null) { +if (empty($page) || $page < 0 || GETPOST('button_search', 'alpha') || GETPOST('button_removefilter', 'alpha')) { + // If $page is not defined, or '' or -1 or if we click on clear filters $page = 0; } $offset = $limit * $page; diff --git a/htdocs/compta/recap-compta.php b/htdocs/compta/recap-compta.php index 3abdf04ae1b..d98a6aab251 100644 --- a/htdocs/compta/recap-compta.php +++ b/htdocs/compta/recap-compta.php @@ -189,7 +189,7 @@ if ($id > 0) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."user as u ON p.fk_user_creat = u.rowid"; $sql .= " WHERE pf.fk_paiement = p.rowid"; $sql .= " AND p.entity = ".$conf->entity; - $sql .= " AND pf.fk_facture = ".$fac->id; + $sql .= " AND pf.fk_facture = ".((int) $fac->id); $sql .= " ORDER BY p.datep ASC, p.rowid ASC"; $resqlp = $db->query($sql); diff --git a/htdocs/compta/resultat/clientfourn.php b/htdocs/compta/resultat/clientfourn.php index bd871fd3ea3..5aca25466a3 100644 --- a/htdocs/compta/resultat/clientfourn.php +++ b/htdocs/compta/resultat/clientfourn.php @@ -403,7 +403,7 @@ if ($modecompta == 'BOOKKEEPING') { } $sql .= " AND f.entity IN (".getEntity('invoice').")"; if ($socid) { - $sql .= " AND f.fk_soc = ".$socid; + $sql .= " AND f.fk_soc = ".((int) $socid); } $sql .= " GROUP BY name, socid"; $sql .= $db->order($sortfield, $sortorder); diff --git a/htdocs/compta/sociales/class/paymentsocialcontribution.class.php b/htdocs/compta/sociales/class/paymentsocialcontribution.class.php index 434078959b9..48ba4b06d30 100644 --- a/htdocs/compta/sociales/class/paymentsocialcontribution.class.php +++ b/htdocs/compta/sociales/class/paymentsocialcontribution.class.php @@ -181,8 +181,8 @@ class PaymentSocialContribution extends CommonObject $sql .= " fk_typepaiement, num_paiement, note, fk_user_creat, fk_bank)"; $sql .= " VALUES ($this->chid, '".$this->db->idate($now)."',"; $sql .= " '".$this->db->idate($this->datepaye)."',"; - $sql .= " ".$totalamount.","; - $sql .= " ".$this->paiementtype.", '".$this->db->escape($this->num_payment)."', '".$this->db->escape($this->note)."', ".$user->id.","; + $sql .= " ".((float) $totalamount).","; + $sql .= " ".((int) $this->paiementtype).", '".$this->db->escape($this->num_payment)."', '".$this->db->escape($this->note)."', ".$user->id.","; $sql .= " 0)"; $resql = $this->db->query($sql); diff --git a/htdocs/compta/sociales/document.php b/htdocs/compta/sociales/document.php index 3335174d86f..1fbfdfa296a 100644 --- a/htdocs/compta/sociales/document.php +++ b/htdocs/compta/sociales/document.php @@ -164,7 +164,7 @@ if ($object->id) { print dol_get_fiche_end(); $modulepart = 'tax'; - $permission = $user->rights->tax->charges->creer; + $permissiontoadd = $user->rights->tax->charges->creer; $permtoedit = $user->rights->tax->charges->creer; $param = '&id='.$object->id; include DOL_DOCUMENT_ROOT.'/core/tpl/document_actions_post_headers.tpl.php'; diff --git a/htdocs/compta/sociales/list.php b/htdocs/compta/sociales/list.php index db754390e5e..a4deec56715 100644 --- a/htdocs/compta/sociales/list.php +++ b/htdocs/compta/sociales/list.php @@ -218,7 +218,7 @@ if ($search_amount) { $sql .= natural_search("cs.amount", $search_amount, 1); } if ($search_status != '' && $search_status >= 0) { - $sql .= " AND cs.paye = ".$db->escape($search_status); + $sql .= " AND cs.paye = ".((int) $search_status); } $sql .= dolSqlDateFilter("cs.periode", $search_day_lim, $search_month_lim, $search_year_lim); //$sql.= dolSqlDateFilter("cs.periode", 0, 0, $year); @@ -230,8 +230,8 @@ if ($year > 0) { $sql .= "OR (cs.periode IS NULL AND date_format(cs.date_ech, '%Y') = '".$db->escape($year)."')"; $sql .= ")"; } -if ($search_typeid) { - $sql .= " AND cs.fk_type=".$db->escape($search_typeid); +if ($search_typeid > 0) { + $sql .= " AND cs.fk_type = ".((int) $search_typeid); } $sql .= " GROUP BY cs.rowid, cs.fk_type, cs.fk_user, cs.amount, cs.date_ech, cs.libelle, cs.paye, cs.periode, c.libelle, cs.fk_account, ba.label, ba.ref, ba.number, ba.account_number, ba.iban_prefix, ba.bic, ba.currency_code, ba.clos, pay.code, u.lastname"; if (!empty($conf->projet->enabled)) { diff --git a/htdocs/compta/stats/cabyprodserv.php b/htdocs/compta/stats/cabyprodserv.php index d48a931ca2c..021bffe40b4 100644 --- a/htdocs/compta/stats/cabyprodserv.php +++ b/htdocs/compta/stats/cabyprodserv.php @@ -295,8 +295,6 @@ if ($modecompta == 'CREANCES-DETTES') { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."product as p ON l.fk_product = p.rowid"; if ($selected_cat === -2) { // Without any category $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."categorie_product as cp ON p.rowid = cp.fk_product"; - } elseif ($selected_cat) { // Into a specific category - $sql .= ", ".MAIN_DB_PREFIX."categorie as c, ".MAIN_DB_PREFIX."categorie_product as cp"; } $parameters = array(); @@ -391,7 +389,8 @@ if ($modecompta == 'CREANCES-DETTES') { // Category filter print ''; print ''; - print $langs->trans("Category").': '.$formother->select_categories(Categorie::TYPE_PRODUCT, $selected_cat, 'search_categ', true); + print img_picto('', 'category', 'class="paddingrightonly"'); + print $formother->select_categories(Categorie::TYPE_PRODUCT, $selected_cat, 'search_categ', 0, $langs->trans("Category")); print ' '; print $langs->trans("SubCats").'? '; print ''; - print $langs->trans("ThirdParty").': '.$form->select_thirdparty_list($selected_soc, 'search_soc', '', 1); + print img_picto('', 'company', 'class="paddingrightonly"'); + print $form->select_thirdparty_list($selected_soc, 'search_soc', '', $langs->trans("ThirdParty")); print ''; print ''; diff --git a/htdocs/compta/stats/cabyuser.php b/htdocs/compta/stats/cabyuser.php index 63798baf62f..8e3169f1e8c 100644 --- a/htdocs/compta/stats/cabyuser.php +++ b/htdocs/compta/stats/cabyuser.php @@ -262,7 +262,7 @@ if ($modecompta == 'CREANCES-DETTES') { } $sql .= " AND f.entity IN (".getEntity('invoice').")"; if ($socid) { - $sql .= " AND f.fk_soc = ".$socid; + $sql .= " AND f.fk_soc = ".((int) $socid); } $sql .= " GROUP BY u.rowid, u.lastname, u.firstname"; $sql .= " ORDER BY u.rowid"; diff --git a/htdocs/compta/stats/casoc.php b/htdocs/compta/stats/casoc.php index af3f2bc8a53..10f7956c6b7 100644 --- a/htdocs/compta/stats/casoc.php +++ b/htdocs/compta/stats/casoc.php @@ -405,7 +405,8 @@ print ''; print ''; print ''; print ''; print ''; print ''; print ''; print '\n"; $totalarray = array(); +$totalarray['nbfield'] = 0; $typenArray = array(); $cacheCountryIDCode = array(); diff --git a/htdocs/contrat/services_list.php b/htdocs/contrat/services_list.php index a0ecc6b4be8..8368bffbab2 100644 --- a/htdocs/contrat/services_list.php +++ b/htdocs/contrat/services_list.php @@ -257,7 +257,7 @@ if ($search_product_category > 0) { $sql .= " WHERE c.entity = ".$conf->entity; $sql .= " AND c.rowid = cd.fk_contrat"; if ($search_product_category > 0) { - $sql .= " AND cp.fk_categorie = ".$search_product_category; + $sql .= " AND cp.fk_categorie = ".((int) $search_product_category); } $sql .= " AND c.fk_soc = s.rowid"; if (!$user->rights->societe->client->voir && !$socid) { diff --git a/htdocs/core/actions_extrafields.inc.php b/htdocs/core/actions_extrafields.inc.php index b03c2c3d192..1ca04a00c8b 100644 --- a/htdocs/core/actions_extrafields.inc.php +++ b/htdocs/core/actions_extrafields.inc.php @@ -137,7 +137,7 @@ if ($action == 'add') { // Check reserved keyword with more than 3 characters if (!$error) { - if (in_array(GETPOST('attrname', 'aZ09'), array('and', 'keyword', 'table', 'index', 'integer', 'float', 'double', 'position'))) { + if (in_array(GETPOST('attrname', 'aZ09'), array('and', 'keyword', 'table', 'index', 'int', 'integer', 'float', 'double', 'real', 'position'))) { $error++; $langs->load("errors"); $mesg[] = $langs->trans("ErrorReservedKeyword", GETPOST('attrname', 'aZ09')); diff --git a/htdocs/core/actions_massactions.inc.php b/htdocs/core/actions_massactions.inc.php index 72279faf16b..fdd4d1a69fd 100644 --- a/htdocs/core/actions_massactions.inc.php +++ b/htdocs/core/actions_massactions.inc.php @@ -1,6 +1,6 @@ - * Copyright (C) 2018 Nicolas ZABOURI + * Copyright (C) 2018-2021 Nicolas ZABOURI * Copyright (C) 2018 Juanjo Menent * Copyright (C) 2019 Ferran Marcet * Copyright (C) 2019-2021 Frédéric France @@ -712,7 +712,7 @@ if ($massaction == 'confirm_createbills') { // Create bills from orders. for ($i = 0; $i < $num; $i++) { $desc = ($lines[$i]->desc ? $lines[$i]->desc : ''); - // If we build one invoice for several order, we must put the invoice of order on the line + // If we build one invoice for several orders, we must put the ref of order on the invoice line if (!empty($createbills_onebythird)) { $desc = dol_concatdesc($desc, $langs->trans("Order").' '.$cmd->ref.' - '.dol_print_date($cmd->date, 'day')); } @@ -772,6 +772,8 @@ if ($massaction == 'confirm_createbills') { // Create bills from orders. $array_options = $lines[$i]->array_options; } + $objecttmp->context['createfromclone']; + $result = $objecttmp->addline( $desc, $lines[$i]->subprice, @@ -1267,7 +1269,7 @@ if (!$error && $massaction == 'validate' && $permissiontoadd) { if ($nbok > 1) { setEventMessages($langs->trans("RecordsModified", $nbok), null, 'mesgs'); } else { - setEventMessages($langs->trans("RecordsModified", $nbok), null, 'mesgs'); + setEventMessages($langs->trans("RecordModifiedSuccessfully"), null, 'mesgs'); } $db->commit(); } else { @@ -1330,7 +1332,7 @@ if (!$error && ($massaction == 'delete' || ($action == 'delete' && $confirm == ' if ($nbok > 1) { setEventMessages($langs->trans("RecordsDeleted", $nbok), null, 'mesgs'); } else { - setEventMessages($langs->trans("RecordDeleted", $nbok), null, 'mesgs'); + setEventMessages($langs->trans("RecordDeleted"), null, 'mesgs'); } $db->commit(); } else { diff --git a/htdocs/core/actions_sendmails.inc.php b/htdocs/core/actions_sendmails.inc.php index b4e583387c9..83a823edeb2 100644 --- a/htdocs/core/actions_sendmails.inc.php +++ b/htdocs/core/actions_sendmails.inc.php @@ -345,7 +345,7 @@ if (($action == 'send' || $action == 'relance') && !$_POST['addfile'] && !$_POST $subject = make_substitutions($subject, $substitutionarray); $message = make_substitutions($message, $substitutionarray); - if (method_exists($object, 'makeSubstitution')) { + if (is_object($object) && method_exists($object, 'makeSubstitution')) { $subject = $object->makeSubstitution($subject); $message = $object->makeSubstitution($message); } diff --git a/htdocs/core/boxes/box_accountancy_last_manual_entries.php b/htdocs/core/boxes/box_accountancy_last_manual_entries.php index 123f9894e1e..b1e4a637046 100644 --- a/htdocs/core/boxes/box_accountancy_last_manual_entries.php +++ b/htdocs/core/boxes/box_accountancy_last_manual_entries.php @@ -116,7 +116,7 @@ class box_accountancy_last_manual_entries extends ModeleBoxes ); $this->info_box_contents[$line][] = array( - 'td' => 'class="right"', + 'td' => 'class="center nowraponall"', 'text' => dol_print_date($date, 'day'), 'asis' => 1, ); diff --git a/htdocs/core/boxes/box_actions.php b/htdocs/core/boxes/box_actions.php index e14fdfcb457..45c9d580ad2 100644 --- a/htdocs/core/boxes/box_actions.php +++ b/htdocs/core/boxes/box_actions.php @@ -161,8 +161,8 @@ class box_actions extends ModeleBoxes ); $this->info_box_contents[$line][2] = array( - 'td' => 'class="nowrap left"', - 'text' => dol_print_date($datelimite, "dayhour"), + 'td' => 'class="center nowraponall"', + 'text' => dol_print_date($datelimite, "dayhour", 'tzuserrel'), 'asis' => 1 ); diff --git a/htdocs/core/boxes/box_birthdays.php b/htdocs/core/boxes/box_birthdays.php index d6e6296a3cc..62cfaa590ab 100644 --- a/htdocs/core/boxes/box_birthdays.php +++ b/htdocs/core/boxes/box_birthdays.php @@ -118,8 +118,8 @@ class box_birthdays extends ModeleBoxes ); $this->info_box_contents[$line][] = array( - 'td' => 'class="right"', - 'text' => dol_print_date($dateb, "day").' - '.$age.' '.$langs->trans('DurationYears') + 'td' => 'class="center nowraponall"', + 'text' => dol_print_date($dateb, "day", 'gmt').' - '.$age.' '.$langs->trans('DurationYears') ); /*$this->info_box_contents[$line][] = array( diff --git a/htdocs/core/boxes/box_birthdays_members.php b/htdocs/core/boxes/box_birthdays_members.php index 4d367a223e2..5e772ff3593 100644 --- a/htdocs/core/boxes/box_birthdays_members.php +++ b/htdocs/core/boxes/box_birthdays_members.php @@ -115,8 +115,8 @@ class box_birthdays_members extends ModeleBoxes ); $this->info_box_contents[$line][] = array( - 'td' => 'class="right"', - 'text' => dol_print_date($dateb, "day").' - '.$age.' '.$langs->trans('DurationYears') + 'td' => 'class="center nowraponall"', + 'text' => dol_print_date($dateb, "day", 'gmt').' - '.$age.' '.$langs->trans('DurationYears') ); /*$this->info_box_contents[$line][] = array( diff --git a/htdocs/core/boxes/box_boms.php b/htdocs/core/boxes/box_boms.php index d0a169321d0..ee248d0a083 100644 --- a/htdocs/core/boxes/box_boms.php +++ b/htdocs/core/boxes/box_boms.php @@ -97,7 +97,7 @@ class box_boms extends ModeleBoxes $sql .= " WHERE c.fk_product = p.rowid"; $sql .= " AND c.entity = ".$conf->entity; $sql .= " ORDER BY c.tms DESC, c.ref DESC"; - $sql .= " ".$this->db->plimit($max, 0); + $sql .= $this->db->plimit($max, 0); $result = $this->db->query($sql); if ($result) { @@ -143,7 +143,7 @@ class box_boms extends ModeleBoxes $this->info_box_contents[$line][] = array( 'td' => 'class="right"', - 'text' => dol_print_date($datem, 'day'), + 'text' => dol_print_date($datem, 'day', 'tzuserrel'), ); $this->info_box_contents[$line][] = array( diff --git a/htdocs/core/boxes/box_clients.php b/htdocs/core/boxes/box_clients.php index 56b8fa089a3..df56b510823 100644 --- a/htdocs/core/boxes/box_clients.php +++ b/htdocs/core/boxes/box_clients.php @@ -134,8 +134,8 @@ class box_clients extends ModeleBoxes ); $this->info_box_contents[$line][] = array( - 'td' => 'class="right"', - 'text' => dol_print_date($datem, "day") + 'td' => 'class="center nowraponall"', + 'text' => dol_print_date($datem, "day", 'tzuserrel') ); $this->info_box_contents[$line][] = array( diff --git a/htdocs/core/boxes/box_commandes.php b/htdocs/core/boxes/box_commandes.php index eac431918b2..6583673f8ca 100644 --- a/htdocs/core/boxes/box_commandes.php +++ b/htdocs/core/boxes/box_commandes.php @@ -180,7 +180,7 @@ class box_commandes extends ModeleBoxes $this->info_box_contents[$line][] = array( 'td' => 'class="right"', - 'text' => dol_print_date($date, 'day'), + 'text' => dol_print_date($date, 'day', 'tzuserrel'), ); $this->info_box_contents[$line][] = array( diff --git a/htdocs/core/boxes/box_contacts.php b/htdocs/core/boxes/box_contacts.php index bd69ddc0108..fada6a93bfd 100644 --- a/htdocs/core/boxes/box_contacts.php +++ b/htdocs/core/boxes/box_contacts.php @@ -161,7 +161,7 @@ class box_contacts extends ModeleBoxes $this->info_box_contents[$line][] = array( 'td' => 'class="right"', - 'text' => dol_print_date($datem, "day"), + 'text' => dol_print_date($datem, "day", 'tzuserrel'), ); $this->info_box_contents[$line][] = array( diff --git a/htdocs/core/boxes/box_contracts.php b/htdocs/core/boxes/box_contracts.php index ad19184691c..9d7b625db91 100644 --- a/htdocs/core/boxes/box_contracts.php +++ b/htdocs/core/boxes/box_contracts.php @@ -156,7 +156,7 @@ class box_contracts extends ModeleBoxes $this->info_box_contents[$line][] = array( 'td' => 'class="right"', - 'text' => dol_print_date($datec, 'day'), + 'text' => dol_print_date($datec, 'day', 'tzuserrel'), ); $this->info_box_contents[$line][] = array( diff --git a/htdocs/core/boxes/box_dolibarr_state_board.php b/htdocs/core/boxes/box_dolibarr_state_board.php index 348ffeda4cd..21bf58b859f 100644 --- a/htdocs/core/boxes/box_dolibarr_state_board.php +++ b/htdocs/core/boxes/box_dolibarr_state_board.php @@ -266,7 +266,7 @@ class box_dolibarr_state_board extends ModeleBoxes $boxstatItem .= ''; $boxstatItem .= '
'; $boxstatItem .= '' . $text . '
'; - $boxstatItem .= '' . img_object("", $board->picto, 'class="inline-block"') . ' ' . ($board->nb[$val] ? $board->nb[$val] : 0) . ''; + $boxstatItem .= '' . img_object("", $board->picto, 'class="inline-block"') . ' ' . (!empty($board->nb[$val]) ? $board->nb[$val] : 0) . ''; $boxstatItem .= '
'; $boxstatItem .= ''; diff --git a/htdocs/core/boxes/box_external_rss.php b/htdocs/core/boxes/box_external_rss.php index 7bf8a69ed03..aff48328edb 100644 --- a/htdocs/core/boxes/box_external_rss.php +++ b/htdocs/core/boxes/box_external_rss.php @@ -150,7 +150,7 @@ class box_external_rss extends ModeleBoxes //$item['atom_content'] } if (is_numeric($date)) { - $date = dol_print_date($date, "dayhour"); + $date = dol_print_date($date, "dayhour", 'tzuserrel'); } $isutf8 = utf8_check($title); diff --git a/htdocs/core/boxes/box_factures.php b/htdocs/core/boxes/box_factures.php index 9ef12a9b8f6..2a97d738cd8 100644 --- a/htdocs/core/boxes/box_factures.php +++ b/htdocs/core/boxes/box_factures.php @@ -163,7 +163,7 @@ class box_factures extends ModeleBoxes $late = ''; if ($facturestatic->hasDelay()) { - $late = img_warning(sprintf($l_due_date, dol_print_date($datelimite, 'day'))); + $late = img_warning(sprintf($l_due_date, dol_print_date($datelimite, 'day', 'tzuserrel'))); } $this->info_box_contents[$line][] = array( @@ -186,7 +186,7 @@ class box_factures extends ModeleBoxes $this->info_box_contents[$line][] = array( 'td' => 'class="right"', - 'text' => dol_print_date($date, 'day'), + 'text' => dol_print_date($date, 'day', 'tzuserrel'), ); $this->info_box_contents[$line][] = array( diff --git a/htdocs/core/boxes/box_factures_fourn.php b/htdocs/core/boxes/box_factures_fourn.php index a2ce199faee..a5d63c7b9c3 100644 --- a/htdocs/core/boxes/box_factures_fourn.php +++ b/htdocs/core/boxes/box_factures_fourn.php @@ -159,7 +159,7 @@ class box_factures_fourn extends ModeleBoxes $late = ''; if ($facturestatic->hasDelay()) { - $late = img_warning(sprintf($l_due_date, dol_print_date($datelimite, 'day'))); + $late = img_warning(sprintf($l_due_date, dol_print_date($datelimite, 'day', 'tzuserrel'))); } $this->info_box_contents[$line][] = array( @@ -189,7 +189,7 @@ class box_factures_fourn extends ModeleBoxes $this->info_box_contents[$line][] = array( 'td' => 'class="right"', - 'text' => dol_print_date($date, 'day'), + 'text' => dol_print_date($date, 'day', 'tzuserrel'), ); $this->info_box_contents[$line][] = array( diff --git a/htdocs/core/boxes/box_factures_fourn_imp.php b/htdocs/core/boxes/box_factures_fourn_imp.php index aea07802fdf..9c35055011d 100644 --- a/htdocs/core/boxes/box_factures_fourn_imp.php +++ b/htdocs/core/boxes/box_factures_fourn_imp.php @@ -150,7 +150,7 @@ class box_factures_fourn_imp extends ModeleBoxes $late = ''; if ($facturestatic->hasDelay()) { - $late = img_warning(sprintf($l_due_date, dol_print_date($datelimite, 'day'))); + $late = img_warning(sprintf($l_due_date, dol_print_date($datelimite, 'day', 'tzuserrel'))); } $tooltip = $langs->trans('SupplierInvoice').': '.($objp->ref ? $objp->ref : $objp->facid).'
'.$langs->trans('RefSupplier').': '.$objp->ref_supplier; @@ -175,7 +175,7 @@ class box_factures_fourn_imp extends ModeleBoxes $this->info_box_contents[$line][] = array( 'td' => 'class="right"', - 'text' => dol_print_date($datelimite, 'day'), + 'text' => dol_print_date($datelimite, 'day', 'tzuserrel'), ); $this->info_box_contents[$line][] = array( diff --git a/htdocs/core/boxes/box_factures_imp.php b/htdocs/core/boxes/box_factures_imp.php index 1830dcd5c7a..391fc2e7cd0 100644 --- a/htdocs/core/boxes/box_factures_imp.php +++ b/htdocs/core/boxes/box_factures_imp.php @@ -165,7 +165,7 @@ class box_factures_imp extends ModeleBoxes $late = ''; if ($facturestatic->hasDelay()) { - $late = img_warning(sprintf($l_due_date, dol_print_date($datelimite, 'day'))); + $late = img_warning(sprintf($l_due_date, dol_print_date($datelimite, 'day', 'tzuserrel'))); } $this->info_box_contents[$line][] = array( @@ -188,7 +188,7 @@ class box_factures_imp extends ModeleBoxes $this->info_box_contents[$line][] = array( 'td' => 'class="right"', - 'text' => dol_print_date($datelimite, 'day'), + 'text' => dol_print_date($datelimite, 'day', 'tzuserrel'), ); $this->info_box_contents[$line][] = array( diff --git a/htdocs/core/boxes/box_ficheinter.php b/htdocs/core/boxes/box_ficheinter.php index 94d081483e2..edf4daa5191 100644 --- a/htdocs/core/boxes/box_ficheinter.php +++ b/htdocs/core/boxes/box_ficheinter.php @@ -145,7 +145,7 @@ class box_ficheinter extends ModeleBoxes $this->info_box_contents[$i][] = array( 'td' => 'class="right"', - 'text' => dol_print_date($datec, 'day'), + 'text' => dol_print_date($datec, 'day', 'tzuserrel'), ); $this->info_box_contents[$i][] = array( diff --git a/htdocs/core/boxes/box_fournisseurs.php b/htdocs/core/boxes/box_fournisseurs.php index d8b7f30c103..b0d5a0774fc 100644 --- a/htdocs/core/boxes/box_fournisseurs.php +++ b/htdocs/core/boxes/box_fournisseurs.php @@ -128,8 +128,8 @@ class box_fournisseurs extends ModeleBoxes ); $this->info_box_contents[$line][] = array( - 'td' => 'class="right"', - 'text' => dol_print_date($datem, "day"), + 'td' => 'class="center nowraponall"', + 'text' => dol_print_date($datem, "day", 'tzuserrel'), ); $this->info_box_contents[$line][] = array( diff --git a/htdocs/core/boxes/box_goodcustomers.php b/htdocs/core/boxes/box_goodcustomers.php index 3a4f7e63103..aef7cdc9f3d 100644 --- a/htdocs/core/boxes/box_goodcustomers.php +++ b/htdocs/core/boxes/box_goodcustomers.php @@ -126,8 +126,8 @@ class box_goodcustomers extends ModeleBoxes ); $this->info_box_contents[$line][] = array( - 'td' => 'class="right"', - 'text' => dol_print_date($datem, "day") + 'td' => 'class="center nowraponall"', + 'text' => dol_print_date($datem, "day", 'tzuserrel') ); $this->info_box_contents[$line][] = array( diff --git a/htdocs/core/boxes/box_graph_nb_ticket_last_x_days.php b/htdocs/core/boxes/box_graph_nb_ticket_last_x_days.php index 18ce00d0af3..baa822dcf29 100644 --- a/htdocs/core/boxes/box_graph_nb_ticket_last_x_days.php +++ b/htdocs/core/boxes/box_graph_nb_ticket_last_x_days.php @@ -168,8 +168,9 @@ class box_graph_nb_ticket_last_x_days extends ModeleBoxes $totalnb += $value['data']; } $px1->SetData($data); - $px1->setShowLegend(2); - $px1->SetType(array('bar')); + //$px1->setShowLegend(2); + $px1->setShowLegend(0); + $px1->SetType(array('bars')); $px1->SetLegend(array($langs->trans('BoxNumberOfTicketByDay'))); $px1->SetMaxValue($px1->GetCeilMaxValue()); $px1->SetHeight(192); diff --git a/htdocs/core/boxes/box_graph_nb_tickets_type.php b/htdocs/core/boxes/box_graph_nb_tickets_type.php index aee3e68ee5d..712c28df851 100644 --- a/htdocs/core/boxes/box_graph_nb_tickets_type.php +++ b/htdocs/core/boxes/box_graph_nb_tickets_type.php @@ -66,6 +66,10 @@ class box_graph_nb_tickets_type extends ModeleBoxes public function loadBox($max = 5) { global $conf, $user, $langs; + global $theme_datacolor, $badgeStatus8; + + require_once DOL_DOCUMENT_ROOT."/core/lib/functions2.lib.php"; + $badgeStatus0 = '#cbd3d3'; // draft $badgeStatus1 = '#bc9526'; // validated @@ -98,29 +102,22 @@ class box_graph_nb_tickets_type extends ModeleBoxes if ($resql) { $num = $this->db->num_rows($resql); $i = 0; + $newcolorkey = 0; + $colorused = array(); while ($i < $num) { $objp = $this->db->fetch_object($resql); $listofoppcode[$objp->rowid] = $objp->code; $listofopplabel[$objp->rowid] = $objp->label; - switch ($objp->code) { - case 'COM': - $colorseriesstat[$objp->rowid] = $badgeStatus1; - break; - case 'HELP': - $colorseriesstat[$objp->rowid] = $badgeStatus2; - break; - case 'ISSUE': - $colorseriesstat[$objp->rowid] = $badgeStatus3; - break; - case 'REQUEST': - $colorseriesstat[$objp->rowid] = $badgeStatus4; - break; - case 'OTHER': - $colorseriesstat[$objp->rowid] = $badgeStatus5; - break; - default: - break; + if (empty($colorused[$objp->code])) { + if ($objp->code == 'ISSUE') { + $colorused[$objp->code] = $badgeStatus8; + } else { + $colorused[$objp->code] = colorArrayToHex($theme_datacolor[$newcolorkey]); + $newcolorkey++; + } } + $colorseriesstat[$objp->rowid] = $colorused[$objp->code]; + $i++; } } else { diff --git a/htdocs/core/boxes/box_graph_new_vs_close_ticket.php b/htdocs/core/boxes/box_graph_new_vs_close_ticket.php index bd835d6cc07..5b17c335f3f 100644 --- a/htdocs/core/boxes/box_graph_new_vs_close_ticket.php +++ b/htdocs/core/boxes/box_graph_new_vs_close_ticket.php @@ -149,7 +149,7 @@ class box_graph_new_vs_close_ticket extends ModeleBoxes } $stringtoprint .= ''; $this->info_box_contents[][]=array( - 'td' => 'center', + 'td' => 'class="center"', 'text' => $stringtoprint ); } else { diff --git a/htdocs/core/boxes/box_graph_ticket_by_severity.php b/htdocs/core/boxes/box_graph_ticket_by_severity.php index ce769da4752..787e9cebb33 100644 --- a/htdocs/core/boxes/box_graph_ticket_by_severity.php +++ b/htdocs/core/boxes/box_graph_ticket_by_severity.php @@ -30,7 +30,6 @@ require_once DOL_DOCUMENT_ROOT."/core/boxes/modules_boxes.php"; */ class box_graph_ticket_by_severity extends ModeleBoxes { - public $boxcode = "box_ticket_by_severity"; public $boximg = "ticket"; public $boxlabel; @@ -168,16 +167,18 @@ class box_graph_ticket_by_severity extends ModeleBoxes $mesg = $px1->isGraphKo(); $totalnb = 0; if (!$mesg) { - $px1->SetDataColor(array_values($colorseriesstat)); + //$px1->SetDataColor(array_values($colorseriesstat)); $data = array(); $legend = array(); foreach ($dataseries as $value) { $data[] = array($value['label'], $value['data']); $totalnb += $value['data']; } + $px1->SetData($data); - $px1->setShowLegend(2); - $px1->SetType(array('pie')); + //$px1->setShowLegend(2); + $px1->setShowLegend(0); + $px1->SetType(array('bars')); $px1->SetLegend($legend); $px1->SetMaxValue($px1->GetCeilMaxValue()); //$px1->SetHeight($HEIGHT); diff --git a/htdocs/core/boxes/box_last_modified_ticket.php b/htdocs/core/boxes/box_last_modified_ticket.php index 320a23f745b..4d5097e23ba 100644 --- a/htdocs/core/boxes/box_last_modified_ticket.php +++ b/htdocs/core/boxes/box_last_modified_ticket.php @@ -162,7 +162,7 @@ class box_last_modified_ticket extends ModeleBoxes // Date creation $this->info_box_contents[$i][$r] = array( 'td' => 'class="right"', - 'text' => dol_print_date($datec, 'dayhour') + 'text' => dol_print_date($datec, 'dayhour', 'tzuserrel') ); $r++; diff --git a/htdocs/core/boxes/box_last_ticket.php b/htdocs/core/boxes/box_last_ticket.php index 8a0e3822448..e08a54f1c87 100644 --- a/htdocs/core/boxes/box_last_ticket.php +++ b/htdocs/core/boxes/box_last_ticket.php @@ -166,7 +166,7 @@ class box_last_ticket extends ModeleBoxes // Date creation $this->info_box_contents[$i][$r] = array( 'td' => 'class="right"', - 'text' => dol_print_date($datec, 'dayhour'), + 'text' => dol_print_date($datec, 'dayhour', 'tzuserrel'), ); $r++; diff --git a/htdocs/core/boxes/box_lastlogin.php b/htdocs/core/boxes/box_lastlogin.php index a487ec5bc72..e5e11d9ba8f 100644 --- a/htdocs/core/boxes/box_lastlogin.php +++ b/htdocs/core/boxes/box_lastlogin.php @@ -93,7 +93,7 @@ class box_lastlogin extends ModeleBoxes 'text' => $langs->trans("PreviousConnexion"), ); if ($user->datepreviouslogin) { - $tmp = dol_print_date($user->datepreviouslogin, "dayhour", 'tzuser'); + $tmp = dol_print_date($user->datepreviouslogin, "dayhour", 'tzuserrel'); } else { $tmp = $langs->trans("Unknown"); } diff --git a/htdocs/core/boxes/box_members.php b/htdocs/core/boxes/box_members.php index acd3773d2f0..5865cba2530 100644 --- a/htdocs/core/boxes/box_members.php +++ b/htdocs/core/boxes/box_members.php @@ -145,8 +145,8 @@ class box_members extends ModeleBoxes ); $this->info_box_contents[$line][] = array( - 'td' => 'class="right"', - 'text' => dol_print_date($datem, "day"), + 'td' => 'class="center nowraponall"', + 'text' => dol_print_date($datem, "day", 'tzuserrel'), ); $this->info_box_contents[$line][] = array( diff --git a/htdocs/core/boxes/box_members_last_modified.php b/htdocs/core/boxes/box_members_last_modified.php index 1315ac9895b..9de6a3af12f 100644 --- a/htdocs/core/boxes/box_members_last_modified.php +++ b/htdocs/core/boxes/box_members_last_modified.php @@ -147,8 +147,8 @@ class box_members_last_modified extends ModeleBoxes ); $this->info_box_contents[$line][] = array( - 'td' => 'class="right"', - 'text' => dol_print_date($datem, "day"), + 'td' => 'class="center nowraponall"', + 'text' => dol_print_date($datem, "day", 'tzuserrel'), ); $this->info_box_contents[$line][] = array( diff --git a/htdocs/core/boxes/box_members_last_subscriptions.php b/htdocs/core/boxes/box_members_last_subscriptions.php index e08bc1073b6..3cea44c2dc3 100644 --- a/htdocs/core/boxes/box_members_last_subscriptions.php +++ b/htdocs/core/boxes/box_members_last_subscriptions.php @@ -158,7 +158,7 @@ class box_members_last_subscriptions extends ModeleBoxes $this->info_box_contents[$line][] = array( 'td' => 'class="right tdoverflowmax150 maxwidth150onsmartphone"', - 'text' => dol_print_date($this->db->jdate($obj->datem ? $obj->datem : $obj->datec), 'dayhour'), + 'text' => dol_print_date($this->db->jdate($obj->datem ? $obj->datem : $obj->datec), 'dayhour', 'tzuserrel'), ); $line++; diff --git a/htdocs/core/boxes/box_members_subscriptions_by_year.php b/htdocs/core/boxes/box_members_subscriptions_by_year.php index b6c146312bc..be835511c6b 100644 --- a/htdocs/core/boxes/box_members_subscriptions_by_year.php +++ b/htdocs/core/boxes/box_members_subscriptions_by_year.php @@ -111,7 +111,7 @@ class box_members_subscriptions_by_year extends ModeleBoxes $i = 0; while ($i < $num) { $objp = $this->db->fetch_object($result); - $year = dol_print_date($this->db->jdate($objp->dateh), "%Y"); + $year = dol_print_date($this->db->jdate($objp->dateh), "%Y", 'gmt'); $Total[$year] = (isset($Total[$year]) ? $Total[$year] : 0) + $objp->subscription; $Number[$year] = (isset($Number[$year]) ? $Number[$year] : 0) + 1; $tot += $objp->subscription; diff --git a/htdocs/core/boxes/box_mos.php b/htdocs/core/boxes/box_mos.php index b12506147bf..18a19da93dc 100644 --- a/htdocs/core/boxes/box_mos.php +++ b/htdocs/core/boxes/box_mos.php @@ -97,7 +97,7 @@ class box_mos extends ModeleBoxes $sql .= " WHERE c.fk_product = p.rowid"; $sql .= " AND c.entity = ".$conf->entity; $sql .= " ORDER BY c.tms DESC, c.ref DESC"; - $sql .= " ".$this->db->plimit($max, 0); + $sql .= $this->db->plimit($max, 0); $result = $this->db->query($sql); if ($result) { @@ -138,8 +138,8 @@ class box_mos extends ModeleBoxes } $this->info_box_contents[$line][] = array( - 'td' => 'class="right"', - 'text' => dol_print_date($datem, 'day'), + 'td' => 'class="center nowraponall"', + 'text' => dol_print_date($datem, 'day', 'tzuserrel'), ); $this->info_box_contents[$line][] = array( diff --git a/htdocs/core/boxes/box_produits.php b/htdocs/core/boxes/box_produits.php index 44333683000..dde3b685d25 100644 --- a/htdocs/core/boxes/box_produits.php +++ b/htdocs/core/boxes/box_produits.php @@ -190,8 +190,8 @@ class box_produits extends ModeleBoxes ); $this->info_box_contents[$line][] = array( - 'td' => 'class="right"', - 'text' => dol_print_date($datem, 'day'), + 'td' => 'class="center nowraponall"', + 'text' => dol_print_date($datem, 'day', 'tzuserrel'), ); $this->info_box_contents[$line][] = array( diff --git a/htdocs/core/boxes/box_propales.php b/htdocs/core/boxes/box_propales.php index d876dad67d0..9c6376351e7 100644 --- a/htdocs/core/boxes/box_propales.php +++ b/htdocs/core/boxes/box_propales.php @@ -165,8 +165,8 @@ class box_propales extends ModeleBoxes ); $this->info_box_contents[$line][] = array( - 'td' => 'class="right"', - 'text' => dol_print_date($date, 'day'), + 'td' => 'class="center nowraponall"', + 'text' => dol_print_date($date, 'day', 'tzuserrel'), ); $this->info_box_contents[$line][] = array( diff --git a/htdocs/core/boxes/box_prospect.php b/htdocs/core/boxes/box_prospect.php index ea550b9d856..a8959202082 100644 --- a/htdocs/core/boxes/box_prospect.php +++ b/htdocs/core/boxes/box_prospect.php @@ -135,8 +135,8 @@ class box_prospect extends ModeleBoxes ); $this->info_box_contents[$line][] = array( - 'td' => 'class="right"', - 'text' => dol_print_date($datem, "day"), + 'td' => 'class="center nowraponall"', + 'text' => dol_print_date($datem, "day", 'tzuserrel'), ); $this->info_box_contents[$line][] = array( diff --git a/htdocs/core/boxes/box_scheduled_jobs.php b/htdocs/core/boxes/box_scheduled_jobs.php index 04ba2944c75..793b0cc8c79 100644 --- a/htdocs/core/boxes/box_scheduled_jobs.php +++ b/htdocs/core/boxes/box_scheduled_jobs.php @@ -156,7 +156,7 @@ class box_scheduled_jobs extends ModeleBoxes ); $this->info_box_contents[$line][] = array( 'td' => 'class="right"', - 'textnoformat' => (empty($resultarray[$line][2]) ? '' : $form->textwithpicto(dol_print_date($resultarray[$line][2], "dayhoursec"), $langs->trans("CurrentTimeZone"))) + 'textnoformat' => (empty($resultarray[$line][2]) ? '' : $form->textwithpicto(dol_print_date($resultarray[$line][2], "dayhoursec", 'tzserver'), $langs->trans("CurrentTimeZone"))) ); $this->info_box_contents[$line][] = array( 'td' => 'class="center" ', diff --git a/htdocs/core/boxes/box_services_contracts.php b/htdocs/core/boxes/box_services_contracts.php index b6eb51826cc..98e2b82bb37 100644 --- a/htdocs/core/boxes/box_services_contracts.php +++ b/htdocs/core/boxes/box_services_contracts.php @@ -200,8 +200,8 @@ class box_services_contracts extends ModeleBoxes ); $this->info_box_contents[$i][] = array( - 'td' => '', - 'text' => dol_print_date($datem, 'day'), + 'td' => 'class="center nowraponall"', + 'text' => dol_print_date($datem, 'day', 'tzuserrel'), 'text2'=> $late, ); diff --git a/htdocs/core/boxes/box_services_expired.php b/htdocs/core/boxes/box_services_expired.php index 724eb9baebf..75cc1cde413 100644 --- a/htdocs/core/boxes/box_services_expired.php +++ b/htdocs/core/boxes/box_services_expired.php @@ -152,7 +152,7 @@ class box_services_expired extends ModeleBoxes $this->info_box_contents[$i][] = array( 'td' => 'class="center nowraponall"', - 'text' => dol_print_date($dateline, 'day'), + 'text' => dol_print_date($dateline, 'day', 'tzuserrel'), 'text2'=> $late, ); diff --git a/htdocs/core/boxes/box_supplier_orders.php b/htdocs/core/boxes/box_supplier_orders.php index 235e7a8e72a..0c2b97ce6b5 100644 --- a/htdocs/core/boxes/box_supplier_orders.php +++ b/htdocs/core/boxes/box_supplier_orders.php @@ -153,7 +153,7 @@ class box_supplier_orders extends ModeleBoxes $this->info_box_contents[$line][] = array( 'td' => 'class="right"', - 'text' => dol_print_date($date, 'day'), + 'text' => dol_print_date($date, 'day', 'tzuserrel'), ); $this->info_box_contents[$line][] = array( diff --git a/htdocs/core/boxes/box_supplier_orders_awaiting_reception.php b/htdocs/core/boxes/box_supplier_orders_awaiting_reception.php index 1a8cec07155..04dabbd0ff3 100644 --- a/htdocs/core/boxes/box_supplier_orders_awaiting_reception.php +++ b/htdocs/core/boxes/box_supplier_orders_awaiting_reception.php @@ -161,7 +161,7 @@ class box_supplier_orders_awaiting_reception extends ModeleBoxes $this->info_box_contents[$line][] = array( 'td' => 'class="right"', - 'text' => $delayIcon.' '.dol_print_date($delivery_date, 'day').'', + 'text' => $delayIcon.' '.dol_print_date($delivery_date, 'day', 'tzuserrel').'', 'asis' => 1 ); diff --git a/htdocs/core/class/CSMSFile.class.php b/htdocs/core/class/CSMSFile.class.php index ca221a366ed..8d5bcf7dc50 100644 --- a/htdocs/core/class/CSMSFile.class.php +++ b/htdocs/core/class/CSMSFile.class.php @@ -83,7 +83,7 @@ class CSMSFile return -1; } - dol_syslog("CSMSFile::CSMSFile: MAIN_SMS_SENDMODE=".$conf->global->MAIN_SMS_SENDMODE." charset=".$conf->file->character_set_client." from=".$from.", to=".$to.", msg length=".count($msg), LOG_DEBUG); + dol_syslog("CSMSFile::CSMSFile: MAIN_SMS_SENDMODE=".$conf->global->MAIN_SMS_SENDMODE." charset=".$conf->file->character_set_client." from=".$from.", to=".$to.", msg length=".strlen($msg), LOG_DEBUG); dol_syslog("CSMSFile::CSMSFile: deferred=".$deferred." priority=".$priority." class=".$class, LOG_DEBUG); // Action according to choosed sending method diff --git a/htdocs/core/class/commondocgenerator.class.php b/htdocs/core/class/commondocgenerator.class.php index 30ea40fbbb2..6e91d9d175b 100644 --- a/htdocs/core/class/commondocgenerator.class.php +++ b/htdocs/core/class/commondocgenerator.class.php @@ -321,7 +321,6 @@ abstract class CommonDocGenerator $array_key.'_statut' => $object->statut, $array_key.'_code' => $object->code, $array_key.'_email' => $object->email, - $array_key.'_jabberid' => $object->jabberid, // deprecated $array_key.'_phone_pro' => $object->phone_pro, $array_key.'_phone_perso' => $object->phone_perso, $array_key.'_phone_mobile' => $object->phone_mobile, diff --git a/htdocs/core/class/commonobject.class.php b/htdocs/core/class/commonobject.class.php index 3f4b2dd9ee6..c927b833c71 100644 --- a/htdocs/core/class/commonobject.class.php +++ b/htdocs/core/class/commonobject.class.php @@ -505,8 +505,8 @@ abstract class CommonObject /** * @var array List of child tables. To know object to delete on cascade. - * If name matches '@ClassNAme:FilePathClass;ParentFkFieldName' it will - * call method deleteByParentField(parentId, ParentFkFieldName) to fetch and delete child object + * If name is like '@ClassName:FilePathClass:ParentFkFieldName', it will + * call method deleteByParentField(parentId, ParentFkFieldName) to fetch and delete child object. */ protected $childtablesoncascade = array(); @@ -531,7 +531,7 @@ abstract class CommonObject $sql .= " WHERE entity IN (".getEntity($element).")"; if ($id > 0) { - $sql .= " AND rowid = ".$db->escape($id); + $sql .= " AND rowid = ".((int) $id); } elseif ($ref) { $sql .= " AND ref = '".$db->escape($ref)."'"; } elseif ($ref_ext) { @@ -542,7 +542,7 @@ abstract class CommonObject return -1; } if ($ref || $ref_ext) { - $sql .= " AND entity = ".$conf->entity; + $sql .= " AND entity = ".((int) $conf->entity); } dol_syslog(get_class()."::isExistingObject", LOG_DEBUG); @@ -1278,7 +1278,7 @@ abstract class CommonObject } $sql .= " AND tc.active=1"; if ($status >= 0) { - $sql .= " AND ec.statut = ".$status; + $sql .= " AND ec.statut = ".((int) $status); } $sql .= " ORDER BY t.lastname ASC"; @@ -1926,7 +1926,7 @@ abstract class CommonObject if ($format == 'text') { $sql .= $field." = '".$this->db->escape($value)."'"; } elseif ($format == 'int') { - $sql .= $field." = ".$this->db->escape($value); + $sql .= $field." = ".((int) $value); } elseif ($format == 'date') { $sql .= $field." = ".($value ? "'".$this->db->idate($value)."'" : "null"); } @@ -2566,7 +2566,7 @@ abstract class CommonObject /** * Change the transport mode methods * - * @param int $id Id of new payment method + * @param int $id Id of transport mode * @return int >0 if OK, <0 if KO */ public function setTransportMode($id) @@ -3541,17 +3541,16 @@ abstract class CommonObject if (empty($nodatabaseupdate)) { $sql = 'UPDATE '.MAIN_DB_PREFIX.$this->table_element.' SET'; - $sql .= " ".$fieldht."='".price2num($this->total_ht)."',"; - $sql .= " ".$fieldtva."='".price2num($this->total_tva)."',"; - $sql .= " ".$fieldlocaltax1."='".price2num($this->total_localtax1)."',"; - $sql .= " ".$fieldlocaltax2."='".price2num($this->total_localtax2)."',"; - $sql .= " ".$fieldttc."='".price2num($this->total_ttc)."'"; - $sql .= ", multicurrency_total_ht='".price2num($this->multicurrency_total_ht, 'MT', 1)."'"; - $sql .= ", multicurrency_total_tva='".price2num($this->multicurrency_total_tva, 'MT', 1)."'"; - $sql .= ", multicurrency_total_ttc='".price2num($this->multicurrency_total_ttc, 'MT', 1)."'"; + $sql .= " ".$fieldht." = ".price2num($this->total_ht).","; + $sql .= " ".$fieldtva." = ".price2num($this->total_tva).","; + $sql .= " ".$fieldlocaltax1." = ".price2num($this->total_localtax1).","; + $sql .= " ".$fieldlocaltax2." = ".price2num($this->total_localtax2).","; + $sql .= " ".$fieldttc." = ".price2num($this->total_ttc); + $sql .= ", multicurrency_total_ht = ".price2num($this->multicurrency_total_ht, 'MT', 1); + $sql .= ", multicurrency_total_tva = ".price2num($this->multicurrency_total_tva, 'MT', 1); + $sql .= ", multicurrency_total_ttc = ".price2num($this->multicurrency_total_ttc, 'MT', 1); $sql .= ' WHERE rowid = '.$this->id; - dol_syslog(get_class($this)."::update_price", LOG_DEBUG); $resql = $this->db->query($sql); if (!$resql) { @@ -3709,19 +3708,19 @@ abstract class CommonObject $sql .= " WHERE "; if ($justsource || $justtarget) { if ($justsource) { - $sql .= "fk_source = ".$sourceid." AND sourcetype = '".$this->db->escape($sourcetype)."'"; + $sql .= "fk_source = ".((int) $sourceid)." AND sourcetype = '".$this->db->escape($sourcetype)."'"; if ($withtargettype) { $sql .= " AND targettype = '".$this->db->escape($targettype)."'"; } } elseif ($justtarget) { - $sql .= "fk_target = ".$targetid." AND targettype = '".$this->db->escape($targettype)."'"; + $sql .= "fk_target = ".((int) $targetid)." AND targettype = '".$this->db->escape($targettype)."'"; if ($withsourcetype) { $sql .= " AND sourcetype = '".$this->db->escape($sourcetype)."'"; } } } else { - $sql .= "(fk_source = ".$sourceid." AND sourcetype = '".$this->db->escape($sourcetype)."')"; - $sql .= " ".$clause." (fk_target = ".$targetid." AND targettype = '".$this->db->escape($targettype)."')"; + $sql .= "(fk_source = ".((int) $sourceid)." AND sourcetype = '".$this->db->escape($sourcetype)."')"; + $sql .= " ".$clause." (fk_target = ".((int) $targetid)." AND targettype = '".$this->db->escape($targettype)."')"; } $sql .= ' ORDER BY '.$orderby; @@ -4106,12 +4105,12 @@ abstract class CommonObject } $sql = "UPDATE ".MAIN_DB_PREFIX.$elementTable; - $sql .= " SET ".$fieldstatus." = ".$status; + $sql .= " SET ".$fieldstatus." = ".((int) $status); // If status = 1 = validated, update also fk_user_valid if ($status == 1 && $elementTable == 'expensereport') { $sql .= ", fk_user_valid = ".$user->id; } - $sql .= " WHERE rowid=".$elementId; + $sql .= " WHERE rowid=".((int) $elementId); dol_syslog(get_class($this)."::setStatut", LOG_DEBUG); if ($this->db->query($sql)) { @@ -6397,7 +6396,7 @@ abstract class CommonObject $param = array(); $param['options'] = array(); $reg = array(); - $size = $this->fields[$key]['size']; + $size = !empty($this->fields[$key]['size']) ? $this->fields[$key]['size'] : 0; // Because we work on extrafields if (preg_match('/^(integer|link):(.*):(.*):(.*):(.*)/i', $val['type'], $reg)) { $param['options'] = array($reg[2].':'.$reg[3].':'.$reg[4].':'.$reg[5] => 'N'); @@ -6430,21 +6429,21 @@ abstract class CommonObject } // Special case that force options and type ($type can be integer, varchar, ...) - if (is_array($this->fields[$key]['arrayofkeyval'])) { + if (!empty($this->fields[$key]['arrayofkeyval']) && is_array($this->fields[$key]['arrayofkeyval'])) { $param['options'] = $this->fields[$key]['arrayofkeyval']; $type = 'select'; } $label = $this->fields[$key]['label']; //$elementtype=$this->fields[$key]['elementtype']; // Seems not used - $default = $this->fields[$key]['default']; - $computed = $this->fields[$key]['computed']; - $unique = $this->fields[$key]['unique']; - $required = $this->fields[$key]['required']; - $autofocusoncreate = $this->fields[$key]['autofocusoncreate']; + $default = (!empty($this->fields[$key]['default']) ? $this->fields[$key]['default'] : ''); + $computed = (!empty($this->fields[$key]['computed']) ? $this->fields[$key]['computed'] : ''); + $unique = (!empty($this->fields[$key]['unique']) ? $this->fields[$key]['unique'] : 0); + $required = (!empty($this->fields[$key]['required']) ? $this->fields[$key]['required'] : 0); + $autofocusoncreate = (!empty($this->fields[$key]['autofocusoncreate']) ? $this->fields[$key]['autofocusoncreate'] : 0); - $langfile = $this->fields[$key]['langfile']; - $list = $this->fields[$key]['list']; + $langfile = (!empty($this->fields[$key]['langfile']) ? $this->fields[$key]['langfile'] : ''); + $list = (!empty($this->fields[$key]['list']) ? $this->fields[$key]['list'] : 0); $hidden = (in_array(abs($this->fields[$key]['visible']), array(0, 2)) ? 1 : 0); $objectid = $this->id; @@ -6625,6 +6624,7 @@ abstract class CommonObject } else { $InfoFieldList[4] = str_replace('$ID$', '0', $InfoFieldList[4]); } + //We have to join on extrafield table if (strpos($InfoFieldList[4], 'extra') !== false) { $sql .= ' as main, '.MAIN_DB_PREFIX.$InfoFieldList[0].'_extrafields as extra'; @@ -6972,10 +6972,11 @@ abstract class CommonObject $form = new Form($this->db); } - $objectid = $this->id; - $label = $val['label']; - $type = $val['type']; - $size = $val['css']; + $objectid = $this->id; // Not used ??? + + $label = empty($val['label']) ? '' : $val['label']; + $type = empty($val['type']) ? '' : $val['type']; + $size = empty($val['css']) ? '' : $val['css']; $reg = array(); // Convert var to be able to share same code than showOutputField of extrafields @@ -6992,10 +6993,10 @@ abstract class CommonObject $type = 'link'; } - $default = $val['default']; - $computed = $val['computed']; - $unique = $val['unique']; - $required = $val['required']; + $default = empty($val['default']) ? '' : $val['default']; + $computed = empty($val['computed']) ? '' : $val['computed']; + $unique = empty($val['unique']) ? '' : $val['unique']; + $required = empty($val['required']) ? '' : $val['required']; $param = array(); $param['options'] = array(); @@ -7016,9 +7017,9 @@ abstract class CommonObject $type = 'sellist'; } - $langfile = $val['langfile']; - $list = $val['list']; - $help = $val['help']; + $langfile = empty($val['langfile']) ? '' : $val['langfile']; + $list = (empty($val['list']) ? '' : $val['list']); + $help = (empty($val['help']) ? '' : $val['help']); $hidden = (($val['visible'] == 0) ? 1 : 0); // If zero, we are sure it is hidden, otherwise we show. If it depends on mode (view/create/edit form or list, this must be filtered by caller) if ($hidden) { @@ -7044,9 +7045,9 @@ abstract class CommonObject } elseif ($type == 'boolean') { $morecss = ''; } else { - if (round($size) < 12) { + if (is_numeric($size) && round($size) < 12) { $morecss = 'minwidth100'; - } elseif (round($size) <= 48) { + } elseif (is_numeric($size) && round($size) <= 48) { $morecss = 'minwidth200'; } else { $morecss = 'minwidth400'; @@ -7122,11 +7123,11 @@ abstract class CommonObject $sql .= ' as main'; } if ($selectkey == 'rowid' && empty($value)) { - $sql .= " WHERE ".$selectkey."=0"; + $sql .= " WHERE ".$selectkey." = 0"; } elseif ($selectkey == 'rowid') { - $sql .= " WHERE ".$selectkey."=".$this->db->escape($value); + $sql .= " WHERE ".$selectkey." = ".((int) $value); } else { - $sql .= " WHERE ".$selectkey."='".$this->db->escape($value)."'"; + $sql .= " WHERE ".$selectkey." = '".$this->db->escape($value)."'"; } //$sql.= ' AND entity = '.$conf->entity; diff --git a/htdocs/core/class/conf.class.php b/htdocs/core/class/conf.class.php index 632cfc0311f..8766d68c25b 100644 --- a/htdocs/core/class/conf.class.php +++ b/htdocs/core/class/conf.class.php @@ -533,6 +533,10 @@ class Conf } } + if (!isset($this->global->STOCK_SHOW_ALL_BATCH_BY_DEFAULT)) { + $this->global->STOCK_SHOW_ALL_BATCH_BY_DEFAULT = 1; + } + // conf->currency if (empty($this->global->MAIN_MONNAIE)) { $this->global->MAIN_MONNAIE = 'EUR'; diff --git a/htdocs/core/class/discount.class.php b/htdocs/core/class/discount.class.php index 32d7faa1557..2aa829f4090 100644 --- a/htdocs/core/class/discount.class.php +++ b/htdocs/core/class/discount.class.php @@ -257,11 +257,11 @@ class DiscountAbsolute $sql .= " multicurrency_amount_ht, multicurrency_amount_tva, multicurrency_amount_ttc,"; $sql .= " fk_facture_source, fk_invoice_supplier_source"; $sql .= ")"; - $sql .= " VALUES (".$conf->entity.", '".$this->db->idate($this->datec != '' ? $this->datec : dol_now())."', ".$this->fk_soc.", ".(empty($this->discount_type) ? 0 : intval($this->discount_type)).", ".$userid.", '".$this->db->escape($this->description)."',"; - $sql .= " ".$this->amount_ht.", ".$this->amount_tva.", ".$this->amount_ttc.", ".$this->tva_tx.", '".$this->db->escape($this->vat_src_code)."',"; - $sql .= " ".$this->multicurrency_amount_ht.", ".$this->multicurrency_amount_tva.", ".$this->multicurrency_amount_ttc.", "; - $sql .= " ".($this->fk_facture_source ? "'".$this->db->escape($this->fk_facture_source)."'" : "null").","; - $sql .= " ".($this->fk_invoice_supplier_source ? "'".$this->db->escape($this->fk_invoice_supplier_source)."'" : "null"); + $sql .= " VALUES (".$conf->entity.", '".$this->db->idate($this->datec != '' ? $this->datec : dol_now())."', ".((int) $this->fk_soc).", ".(empty($this->discount_type) ? 0 : intval($this->discount_type)).", ".((int) $userid).", '".$this->db->escape($this->description)."',"; + $sql .= " ".price2num($this->amount_ht).", ".price2num($this->amount_tva).", ".price2num($this->amount_ttc).", ".price2num($this->tva_tx).", '".$this->db->escape($this->vat_src_code)."',"; + $sql .= " ".price2num($this->multicurrency_amount_ht).", ".price2num($this->multicurrency_amount_tva).", ".price2num($this->multicurrency_amount_ttc).", "; + $sql .= " ".($this->fk_facture_source ? ((int) $this->fk_facture_source) : "null").","; + $sql .= " ".($this->fk_invoice_supplier_source ? ((int) $this->fk_invoice_supplier_source) : "null"); $sql .= ")"; dol_syslog(get_class($this)."::create", LOG_DEBUG); @@ -292,7 +292,7 @@ class DiscountAbsolute $sql .= " FROM ".MAIN_DB_PREFIX."societe_remise_except"; $sql .= " WHERE (fk_facture_line IS NOT NULL"; // Not used as absolute simple discount $sql .= " OR fk_facture IS NOT NULL)"; // Not used as credit note and not used as deposit - $sql .= " AND fk_facture_source = ".$this->fk_facture_source; + $sql .= " AND fk_facture_source = ".((int) $this->fk_facture_source); //$sql.=" AND rowid != ".$this->id; dol_syslog(get_class($this)."::delete Check if we can remove discount", LOG_DEBUG); @@ -531,7 +531,7 @@ class DiscountAbsolute //$obj = $this->db->fetch_object($resql); //} if ($multicurrency) { - return $obj->amount_multicurrency; + return $obj->multicurrency_amount; } return $obj->amount; diff --git a/htdocs/core/class/events.class.php b/htdocs/core/class/events.class.php index 1771f0d18f0..c8799ebbd5e 100644 --- a/htdocs/core/class/events.class.php +++ b/htdocs/core/class/events.class.php @@ -163,7 +163,7 @@ class Events // extends CommonObject $sql .= "prefix_session"; $sql .= ") VALUES ("; $sql .= " '".$this->db->escape($this->type)."',"; - $sql .= " ".$conf->entity.","; + $sql .= " ".((int) $conf->entity).","; $sql .= " '".$this->db->escape(getUserRemoteIP())."',"; $sql .= " ".($this->user_agent ? "'".$this->db->escape(dol_trunc($this->user_agent, 250))."'" : 'NULL').","; $sql .= " '".$this->db->idate($this->dateevent)."',"; diff --git a/htdocs/core/class/extrafields.class.php b/htdocs/core/class/extrafields.class.php index dc3726f2634..16d58f51eb3 100644 --- a/htdocs/core/class/extrafields.class.php +++ b/htdocs/core/class/extrafields.class.php @@ -472,14 +472,14 @@ class ExtraFields $sql .= " VALUES('".$this->db->escape($attrname)."',"; $sql .= " '".$this->db->escape($label)."',"; $sql .= " '".$this->db->escape($type)."',"; - $sql .= " ".$pos.","; + $sql .= " ".((int) $pos).","; $sql .= " '".$this->db->escape($size)."',"; $sql .= " ".($entity === '' ? $conf->entity : $entity).","; $sql .= " '".$this->db->escape($elementtype)."',"; - $sql .= " ".$unique.","; - $sql .= " ".$required.","; + $sql .= " ".((int) $unique).","; + $sql .= " ".((int) $required).","; $sql .= " '".$this->db->escape($params)."',"; - $sql .= " ".$alwayseditable.","; + $sql .= " ".((int) $alwayseditable).","; $sql .= " ".($perms ? "'".$this->db->escape($perms)."'" : "null").","; $sql .= " ".($langfile ? "'".$this->db->escape($langfile)."'" : "null").","; $sql .= " '".$this->db->escape($list)."',"; @@ -1722,11 +1722,11 @@ class ExtraFields $sql .= ' as main'; } if ($selectkey == 'rowid' && empty($value)) { - $sql .= " WHERE ".$selectkey."=0"; + $sql .= " WHERE ".$selectkey." = 0"; } elseif ($selectkey == 'rowid') { - $sql .= " WHERE ".$selectkey."=".$this->db->escape($value); + $sql .= " WHERE ".$selectkey." = ".((int) $value); } else { - $sql .= " WHERE ".$selectkey."='".$this->db->escape($value)."'"; + $sql .= " WHERE ".$selectkey." = '".$this->db->escape($value)."'"; } //$sql.= ' AND entity = '.$conf->entity; @@ -2215,7 +2215,11 @@ class ExtraFields continue; // Value was not provided, we should not set it. } $value_arr = GETPOST($keysuffix."options_".$key.$keyprefix); - $value_key = price2num($value_arr); + if ($keysuffix != 'search_') { // If value is for a search, we must keep complex string like '>100 <=150' + $value_key = price2num($value_arr); + } else { + $value_key = $value_arr; + } } else { if (!GETPOSTISSET($keysuffix."options_".$key.$keyprefix)) { continue; // Value was not provided, we should not set it. diff --git a/htdocs/core/class/html.form.class.php b/htdocs/core/class/html.form.class.php index 57bbbe3a029..ebda2face9e 100644 --- a/htdocs/core/class/html.form.class.php +++ b/htdocs/core/class/html.form.class.php @@ -1849,7 +1849,7 @@ class Form * @param string $force_entity '0' or Ids of environment to force * @param int $maxlength Maximum length of string into list (0=no limit) * @param int $showstatus 0=show user status only if status is disabled, 1=always show user status into label, -1=never show user status - * @param string $morefilter Add more filters into sql request (Example: 'employee = 1') + * @param string $morefilter Add more filters into sql request (Example: 'employee = 1'). This value must not come from user input. * @param integer $show_every 0=default list, 1=add also a value "Everybody" at beginning of list * @param string $enableonlytext If option $enableonlytext is set, we use this text to explain into label why record is disabled. Not used if enableonly is empty. * @param string $morecss More css @@ -1903,9 +1903,9 @@ class Form } $sql .= " FROM ".MAIN_DB_PREFIX."user as u"; if (!empty($conf->multicompany->enabled) && $conf->entity == 1 && $user->admin && !$user->entity) { - $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."entity as e ON e.rowid=u.entity"; + $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."entity as e ON e.rowid = u.entity"; if ($force_entity) { - $sql .= " WHERE u.entity IN (0, ".$force_entity.")"; + $sql .= " WHERE u.entity IN (0, ".$this->db->sanitize($force_entity).")"; } else { $sql .= " WHERE u.entity IS NOT NULL"; } @@ -1919,7 +1919,7 @@ class Form } } if (!empty($user->socid)) { - $sql .= " AND u.fk_soc = ".$user->socid; + $sql .= " AND u.fk_soc = ".((int) $user->socid); } if (is_array($exclude) && $excludeUsers) { $sql .= " AND u.rowid NOT IN (".$this->db->sanitize($excludeUsers).")"; @@ -2497,18 +2497,18 @@ class Form } if ($finished == 0) { - $sql .= " AND p.finished = ".$finished; + $sql .= " AND p.finished = ".((int) $finished); } elseif ($finished == 1) { - $sql .= " AND p.finished = ".$finished; + $sql .= " AND p.finished = ".((int) $finished); if ($status >= 0) { - $sql .= " AND p.tosell = ".$status; + $sql .= " AND p.tosell = ".((int) $status); } } elseif ($status >= 0) { - $sql .= " AND p.tosell = ".$status; + $sql .= " AND p.tosell = ".((int) $status); } // Filter by product type if (strval($filtertype) != '') { - $sql .= " AND p.fk_product_type = ".$filtertype; + $sql .= " AND p.fk_product_type = ".((int) $filtertype); } elseif (empty($conf->product->enabled)) { // when product module is disabled, show services only $sql .= " AND p.fk_product_type = 1"; } elseif (empty($conf->service->enabled)) { // when service module is disabled, show products only @@ -3025,6 +3025,10 @@ class Form global $langs, $conf; global $price_level, $status, $finished; + if (!isset($status)) { + $status = 1; + } + $selected_input_value = ''; if (!empty($conf->use_javascript_ajax) && !empty($conf->global->PRODUIT_USE_SEARCH_TO_SELECT)) { if ($selected > 0) { @@ -3040,7 +3044,7 @@ class Form print ajax_autocompleter($selected, $htmlname, DOL_URL_ROOT.'/product/ajax/products.php', $urloption, $conf->global->PRODUIT_USE_SEARCH_TO_SELECT, 0, $ajaxoptions); print ($hidelabel ? '' : $langs->trans("RefOrLabel").' : ').''; } else { - print $this->select_produits_fournisseurs_list($socid, $selected, $htmlname, $filtertype, $filtre, '', -1, 0, 0, $alsoproductwithnosupplierprice, $morecss, 0, $placeholder); + print $this->select_produits_fournisseurs_list($socid, $selected, $htmlname, $filtertype, $filtre, '', $status, 0, 0, $alsoproductwithnosupplierprice, $morecss, 0, $placeholder); } } @@ -3048,20 +3052,20 @@ class Form /** * Return list of suppliers products * - * @param int $socid Id societe fournisseur (0 pour aucun filtre) - * @param int $selected Product price pre-selected (must be 'id' in product_fournisseur_price or 'idprod_IDPROD') - * @param string $htmlname Nom de la zone select - * @param string $filtertype Filter on product type (''=nofilter, 0=product, 1=service) - * @param string $filtre Pour filtre sql - * @param string $filterkey Filtre des produits - * @param int $statut -1=Return all products, 0=Products not on sell, 1=Products on sell (not used here, a filter on tobuy is already hard coded in request) - * @param int $outputmode 0=HTML select string, 1=Array - * @param int $limit Limit of line number + * @param int $socid Id of supplier thirdparty (0 = no filter) + * @param int $selected Product price pre-selected (must be 'id' in product_fournisseur_price or 'idprod_IDPROD') + * @param string $htmlname Name of HTML select + * @param string $filtertype Filter on product type (''=nofilter, 0=product, 1=service) + * @param string $filtre Generic filter. Data must not come from user input. + * @param string $filterkey Filter of produdts + * @param int $statut -1=Return all products, 0=Products not on buy, 1=Products on buy + * @param int $outputmode 0=HTML select string, 1=Array + * @param int $limit Limit of line number * @param int $alsoproductwithnosupplierprice 1=Add also product without supplier prices - * @param string $morecss Add more CSS + * @param string $morecss Add more CSS * @param int $showstockinlist Show stock information (slower). - * @param string $placeholder Placeholder - * @return array Array of keys for json + * @param string $placeholder Placeholder + * @return array Array of keys for json */ public function select_produits_fournisseurs_list($socid, $selected = '', $htmlname = 'productid', $filtertype = '', $filtre = '', $filterkey = '', $statut = -1, $outputmode = 0, $limit = 100, $alsoproductwithnosupplierprice = 0, $morecss = '', $showstockinlist = 0, $placeholder = '') { @@ -3098,8 +3102,8 @@ class Form } $sql .= " FROM ".MAIN_DB_PREFIX."product as p"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."product_fournisseur_price as pfp ON ( p.rowid = pfp.fk_product AND pfp.entity IN (".getEntity('product').") )"; - if ($socid) { - $sql .= " AND pfp.fk_soc = ".$socid; + if ($socid > 0) { + $sql .= " AND pfp.fk_soc = ".((int) $socid); } $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON pfp.fk_soc = s.rowid"; // Units @@ -3107,9 +3111,11 @@ class Form $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."c_units u ON u.rowid = p.fk_unit"; } $sql .= " WHERE p.entity IN (".getEntity('product').")"; - $sql .= " AND p.tobuy = 1"; + if ($statut != -1) { + $sql .= " AND p.tobuy = ".((int) $statut); + } if (strval($filtertype) != '') { - $sql .= " AND p.fk_product_type=".$this->db->escape($filtertype); + $sql .= " AND p.fk_product_type = ".((int) $filtertype); } if (!empty($filtre)) { $sql .= " ".$filtre; @@ -3822,7 +3828,6 @@ class Form $sql = "SELECT id, code, libelle as label, type, active"; $sql .= " FROM ".MAIN_DB_PREFIX."c_paiement"; $sql .= " WHERE entity IN (".getEntity('c_paiement').")"; - //if ($active >= 0) $sql.= " AND active = ".$active; $resql = $this->db->query($sql); if ($resql) { @@ -4055,7 +4060,6 @@ class Form $sql = "SELECT rowid, code, label, active"; $sql .= " FROM ".MAIN_DB_PREFIX."c_transport_mode"; $sql .= " WHERE entity IN (".getEntity('c_transport_mode').")"; - //if ($active >= 0) $sql.= " AND active = ".$active; $resql = $this->db->query($sql); if ($resql) { @@ -4889,7 +4893,7 @@ class Form var more = ""; var inputvalue; if ($("input[name=\'" + inputname + "\']").attr("type") == "radio") { - inputvalue = $("input[name=\'" + inputname + "\']").val(); + inputvalue = $("input[name=\'" + inputname + "\']:checked").val(); } else { if ($("#" + inputname).attr("type") == "checkbox") { more = ":checked"; } inputvalue = $("#" + inputname + more).val(); @@ -5283,9 +5287,9 @@ class Form global $langs; if ($htmlname != "none") { print '
'; - print ''; + print ''; print ''; - $this->selectTransportMode($selected, $htmlname, 2, $addempty, 0, 0, $active); + $this->selectTransportMode($selected, $htmlname, 0, $addempty, 0, 0, $active); print ''; print ''; } else { @@ -6834,9 +6838,12 @@ class Form $obj = $this->db->fetch_object($resql); $label = ''; $tmparray = explode(',', $fieldstoshow); + $oldvalueforshowoncombobox = 0; foreach ($tmparray as $key => $val) { $val = preg_replace('/t\./', '', $val); - $label .= (($label && $obj->$val) ? ' - ' : '').$obj->$val; + $label .= (($label && $obj->$val) ? ($oldvalueforshowoncombobox != $objecttmp->fields[$val]['showoncombobox'] ? ' - ' : ' ') : ''); + $label .= $obj->$val; + $oldvalueforshowoncombobox = $objecttmp->fields[$val]['showoncombobox']; } if (empty($outputmode)) { if ($preselectedvalue > 0 && $preselectedvalue == $obj->rowid) { @@ -6924,7 +6931,7 @@ class Form if ($addjscombo && $jsbeautify) { // Enhance with select2 include_once DOL_DOCUMENT_ROOT.'/core/lib/ajax.lib.php'; - $out .= ajax_combobox($htmlname); + $out .= ajax_combobox($htmlname, array(), 0, 0, 'resolve', $show_empty < 0 ? (string) $show_empty : '-1'); } $out .= ''; + $listoffieldsforselection .= '
    • '; $listcheckedstring .= (empty($val['checked']) ? '' : $key.','); } } @@ -7435,7 +7447,7 @@ class Form
      - '.$lis.' + '.$listoffieldsforselection.'
    @@ -8193,41 +8205,47 @@ class Form if ($modulepart == 'societe') { $dir = $conf->societe->multidir_output[$entity]; if (!empty($object->logo)) { - if ((string) $imagesize == 'mini') { - $file = get_exdir(0, 0, 0, 0, $object, 'thirdparty').'logos/'.getImageFileNameForSize($object->logo, '_mini'); // getImageFileNameForSize include the thumbs - } elseif ((string) $imagesize == 'small') { - $file = get_exdir(0, 0, 0, 0, $object, 'thirdparty').'logos/'.getImageFileNameForSize($object->logo, '_small'); - } else { - $file = get_exdir(0, 0, 0, 0, $object, 'thirdparty').'logos/'.$object->logo; + if (dolIsAllowedForPreview($object->logo)) { + if ((string) $imagesize == 'mini') { + $file = get_exdir(0, 0, 0, 0, $object, 'thirdparty').'logos/'.getImageFileNameForSize($object->logo, '_mini'); // getImageFileNameForSize include the thumbs + } elseif ((string) $imagesize == 'small') { + $file = get_exdir(0, 0, 0, 0, $object, 'thirdparty').'logos/'.getImageFileNameForSize($object->logo, '_small'); + } else { + $file = get_exdir(0, 0, 0, 0, $object, 'thirdparty').'logos/'.$object->logo; + } + $originalfile = get_exdir(0, 0, 0, 0, $object, 'thirdparty').'logos/'.$object->logo; } - $originalfile = get_exdir(0, 0, 0, 0, $object, 'thirdparty').'logos/'.$object->logo; } $email = $object->email; } elseif ($modulepart == 'contact') { $dir = $conf->societe->multidir_output[$entity].'/contact'; if (!empty($object->photo)) { - if ((string) $imagesize == 'mini') { - $file = get_exdir(0, 0, 0, 0, $object, 'contact').'photos/'.getImageFileNameForSize($object->photo, '_mini'); - } elseif ((string) $imagesize == 'small') { - $file = get_exdir(0, 0, 0, 0, $object, 'contact').'photos/'.getImageFileNameForSize($object->photo, '_small'); - } else { - $file = get_exdir(0, 0, 0, 0, $object, 'contact').'photos/'.$object->photo; + if (dolIsAllowedForPreview($object->photo)) { + if ((string) $imagesize == 'mini') { + $file = get_exdir(0, 0, 0, 0, $object, 'contact').'photos/'.getImageFileNameForSize($object->photo, '_mini'); + } elseif ((string) $imagesize == 'small') { + $file = get_exdir(0, 0, 0, 0, $object, 'contact').'photos/'.getImageFileNameForSize($object->photo, '_small'); + } else { + $file = get_exdir(0, 0, 0, 0, $object, 'contact').'photos/'.$object->photo; + } + $originalfile = get_exdir(0, 0, 0, 0, $object, 'contact').'photos/'.$object->photo; } - $originalfile = get_exdir(0, 0, 0, 0, $object, 'contact').'photos/'.$object->photo; } $email = $object->email; $capture = 'user'; } elseif ($modulepart == 'userphoto') { $dir = $conf->user->dir_output; if (!empty($object->photo)) { - if ((string) $imagesize == 'mini') { - $file = get_exdir(0, 0, 0, 0, $object, 'user').getImageFileNameForSize($object->photo, '_mini'); - } elseif ((string) $imagesize == 'small') { - $file = get_exdir(0, 0, 0, 0, $object, 'user').getImageFileNameForSize($object->photo, '_small'); - } else { - $file = get_exdir(0, 0, 0, 0, $object, 'user').$object->photo; + if (dolIsAllowedForPreview($object->photo)) { + if ((string) $imagesize == 'mini') { + $file = get_exdir(0, 0, 0, 0, $object, 'user').getImageFileNameForSize($object->photo, '_mini'); + } elseif ((string) $imagesize == 'small') { + $file = get_exdir(0, 0, 0, 0, $object, 'user').getImageFileNameForSize($object->photo, '_small'); + } else { + $file = get_exdir(0, 0, 0, 0, $object, 'user').$object->photo; + } + $originalfile = get_exdir(0, 0, 0, 0, $object, 'user').$object->photo; } - $originalfile = get_exdir(0, 0, 0, 0, $object, 'user').$object->photo; } if (!empty($conf->global->MAIN_OLD_IMAGE_LINKS)) { $altfile = $object->id.".jpg"; // For backward compatibility @@ -8237,14 +8255,16 @@ class Form } elseif ($modulepart == 'memberphoto') { $dir = $conf->adherent->dir_output; if (!empty($object->photo)) { - if ((string) $imagesize == 'mini') { - $file = get_exdir(0, 0, 0, 0, $object, 'member').'photos/'.getImageFileNameForSize($object->photo, '_mini'); - } elseif ((string) $imagesize == 'small') { - $file = get_exdir(0, 0, 0, 0, $object, 'member').'photos/'.getImageFileNameForSize($object->photo, '_small'); - } else { - $file = get_exdir(0, 0, 0, 0, $object, 'member').'photos/'.$object->photo; + if (dolIsAllowedForPreview($object->photo)) { + if ((string) $imagesize == 'mini') { + $file = get_exdir(0, 0, 0, 0, $object, 'member').'photos/'.getImageFileNameForSize($object->photo, '_mini'); + } elseif ((string) $imagesize == 'small') { + $file = get_exdir(0, 0, 0, 0, $object, 'member').'photos/'.getImageFileNameForSize($object->photo, '_small'); + } else { + $file = get_exdir(0, 0, 0, 0, $object, 'member').'photos/'.$object->photo; + } + $originalfile = get_exdir(0, 0, 0, 0, $object, 'member').'photos/'.$object->photo; } - $originalfile = get_exdir(0, 0, 0, 0, $object, 'member').'photos/'.$object->photo; } if (!empty($conf->global->MAIN_OLD_IMAGE_LINKS)) { $altfile = $object->id.".jpg"; // For backward compatibility @@ -8255,14 +8275,16 @@ class Form // Generic case to show photos $dir = $conf->$modulepart->dir_output; if (!empty($object->photo)) { - if ((string) $imagesize == 'mini') { - $file = get_exdir($id, 2, 0, 0, $object, $modulepart).'photos/'.getImageFileNameForSize($object->photo, '_mini'); - } elseif ((string) $imagesize == 'small') { - $file = get_exdir($id, 2, 0, 0, $object, $modulepart).'photos/'.getImageFileNameForSize($object->photo, '_small'); - } else { - $file = get_exdir($id, 2, 0, 0, $object, $modulepart).'photos/'.$object->photo; + if (dolIsAllowedForPreview($object->photo)) { + if ((string) $imagesize == 'mini') { + $file = get_exdir($id, 2, 0, 0, $object, $modulepart).'photos/'.getImageFileNameForSize($object->photo, '_mini'); + } elseif ((string) $imagesize == 'small') { + $file = get_exdir($id, 2, 0, 0, $object, $modulepart).'photos/'.getImageFileNameForSize($object->photo, '_small'); + } else { + $file = get_exdir($id, 2, 0, 0, $object, $modulepart).'photos/'.$object->photo; + } + $originalfile = get_exdir($id, 2, 0, 0, $object, $modulepart).'photos/'.$object->photo; } - $originalfile = get_exdir($id, 2, 0, 0, $object, $modulepart).'photos/'.$object->photo; } if (!empty($conf->global->MAIN_OLD_IMAGE_LINKS)) { $altfile = $object->id.".jpg"; // For backward compatibility @@ -8309,10 +8331,10 @@ class Form $nophoto = 'company'; } else { $nophoto = '/public/theme/common/user_anonymous.png'; - if ($object->gender == 'man') { + if (!empty($object->gender) && $object->gender == 'man') { $nophoto = '/public/theme/common/user_man.png'; } - if ($object->gender == 'woman') { + if (!empty($object->gender) && $object->gender == 'woman') { $nophoto = '/public/theme/common/user_woman.png'; } } diff --git a/htdocs/core/class/html.formaccounting.class.php b/htdocs/core/class/html.formaccounting.class.php index a57e39f1779..fbfde88198b 100644 --- a/htdocs/core/class/html.formaccounting.class.php +++ b/htdocs/core/class/html.formaccounting.class.php @@ -242,7 +242,7 @@ class FormAccounting extends Form $sql .= " WHERE c.active = 1"; $sql .= " AND c.category_type = 0"; if (empty($allcountries)) { - $sql .= " AND c.fk_country = ".$mysoc->country_id; + $sql .= " AND c.fk_country = ".((int) $mysoc->country_id); } $sql .= " ORDER BY c.label ASC"; } else { diff --git a/htdocs/core/class/html.formcompany.class.php b/htdocs/core/class/html.formcompany.class.php index 4fa2f87f636..bb99b2a32e9 100644 --- a/htdocs/core/class/html.formcompany.class.php +++ b/htdocs/core/class/html.formcompany.class.php @@ -45,7 +45,7 @@ class FormCompany extends Form * Return list of labels (translated) of third parties type * * @param int $mode 0=Return id+label, 1=Return code+label - * @param string $filter Add a SQL filter to select + * @param string $filter Add a SQL filter to select. Data must not come from user input. * @return array Array of types */ public function typent_array($mode = 0, $filter = '') @@ -96,7 +96,7 @@ class FormCompany extends Form * Renvoie la liste des types d'effectifs possibles (pas de traduction car nombre) * * @param int $mode 0=renvoi id+libelle, 1=renvoi code+libelle - * @param string $filter Add a SQL filter to select + * @param string $filter Add a SQL filter to select. Data must not come from user input. * @return array Array of types d'effectifs */ public function effectif_array($mode = 0, $filter = '') @@ -509,7 +509,7 @@ class FormCompany extends Form * * @param string $selected Preselected code of juridical type * @param int $country_codeid 0=list for all countries, otherwise list only country requested - * @param string $filter Add a SQL filter on list + * @param string $filter Add a SQL filter on list. Data must not come from user input. * @param string $htmlname HTML name of select * @param string $morecss More CSS * @return string String with HTML select diff --git a/htdocs/core/class/html.formfile.class.php b/htdocs/core/class/html.formfile.class.php index 45429512046..47506d5cbfa 100644 --- a/htdocs/core/class/html.formfile.class.php +++ b/htdocs/core/class/html.formfile.class.php @@ -726,7 +726,7 @@ class FormFile } // Language code (if multilang) - if (($allowgenifempty || (is_array($modellist) && count($modellist) > 0)) && $conf->global->MAIN_MULTILANGS && !$forcenomultilang && (!empty($modellist) || $showempty)) { + if (($allowgenifempty || (is_array($modellist) && count($modellist) > 0)) && !empty($conf->global->MAIN_MULTILANGS) && !$forcenomultilang && (!empty($modellist) || $showempty)) { include_once DOL_DOCUMENT_ROOT.'/core/class/html.formadmin.class.php'; $formadmin = new FormAdmin($this->db); $defaultlang = $codelang ? $codelang : $langs->getDefaultLang(); @@ -812,7 +812,7 @@ class FormFile completeFileArrayWithDatabaseInfo($file_list, $relativedir); //var_dump($sortfield.' - '.$sortorder); - if ($sortfield && $sortorder) { // If $sortfield is for example 'position_name', we will sort on the property 'position_name' (that is concat of position+name) + if (!empty($sortfield) && !empty($sortorder)) { // If $sortfield is for example 'position_name', we will sort on the property 'position_name' (that is concat of position+name) $file_list = dol_sort_array($file_list, $sortfield, $sortorder); } } @@ -1774,11 +1774,16 @@ class FormFile continue; // We do not show orphelins files } - print ''."\n"; + print ''."\n"; print '    '; print ''; - if (!empty($conf->global->MAIN_SECURITY_ENABLECAPTCHA)) { + if ($public && !empty($conf->global->MAIN_SECURITY_ENABLECAPTCHA)) { require_once DOL_DOCUMENT_ROOT.'/core/lib/security2.lib.php'; print ''; } + $uselocalbrowser = false; + // Intro // External users can't send message email if ($user->rights->ticket->write && !$user->socid) { @@ -1005,15 +1111,15 @@ class FormTicket print ''; } // MESSAGE + $defaultmessage = ""; if (is_object($arraydefaultmessage) && $arraydefaultmessage->content) { $defaultmessage = $arraydefaultmessage->content; @@ -1043,7 +1149,7 @@ class FormTicket //$toolbarname = 'dolibarr_details'; $toolbarname = 'dolibarr_notes'; include_once DOL_DOCUMENT_ROOT.'/core/class/doleditor.class.php'; - $doleditor = new DolEditor('message', $defaultmessage, '100%', 200, $toolbarname, '', false, true, $conf->global->FCKEDITOR_ENABLE_SOCIETE, ROWS_5, 70); + $doleditor = new DolEditor('message', $defaultmessage, '100%', 200, $toolbarname, '', false, $uselocalbrowser, $conf->global->FCKEDITOR_ENABLE_SOCIETE, ROWS_5, 70); $doleditor->Create(); print ''; @@ -1055,7 +1161,7 @@ class FormTicket print $form->textwithpicto('', $langs->trans("TicketMessageMailSignatureHelp"), 1, 'help'); print ''; } diff --git a/htdocs/core/class/infobox.class.php b/htdocs/core/class/infobox.class.php index 076dace54f0..fb59e2b7c42 100644 --- a/htdocs/core/class/infobox.class.php +++ b/htdocs/core/class/infobox.class.php @@ -85,7 +85,7 @@ class InfoBox * * @param DoliDB $db Database handler * @param string $mode 'available' or 'activated' - * @param string $zone Name or area (-1 for all, 0 for Homepage, 1 for Accountancy, 2 for xxx, ...) + * @param int $zone Name or area (-1 for all, 0 for Homepage, 1 for Accountancy, 2 for xxx, ...) * @param User|null $user Object user to filter * @param array $excludelist Array of box id (box.box_id = boxes_def.rowid) to exclude * @param int $includehidden Include also hidden boxes @@ -97,7 +97,6 @@ class InfoBox $boxes = array(); - $confuserzone = 'MAIN_BOXES_'.$zone; if ($mode == 'activated') { // activated $sql = "SELECT b.rowid, b.position, b.box_order, b.fk_user,"; $sql .= " d.rowid as box_id, d.file, d.note, d.tms"; @@ -105,7 +104,7 @@ class InfoBox $sql .= " WHERE b.box_id = d.rowid"; $sql .= " AND b.entity IN (0,".$conf->entity.")"; if ($zone >= 0) { - $sql .= " AND b.position = ".$zone; + $sql .= " AND b.position = ".((int) $zone); } if (is_object($user)) { $sql .= " AND b.fk_user IN (0,".$user->id.")"; @@ -116,7 +115,7 @@ class InfoBox } else { // available $sql = "SELECT d.rowid as box_id, d.file, d.note, d.tms"; $sql .= " FROM ".MAIN_DB_PREFIX."boxes_def as d"; - $sql .= " WHERE d.entity IN (0,".$conf->entity.")"; + $sql .= " WHERE d.entity IN (0, ".$conf->entity.")"; } dol_syslog(get_class()."::listBoxes get default box list for mode=".$mode." userid=".(is_object($user) ? $user->id : '')."", LOG_DEBUG); @@ -217,7 +216,7 @@ class InfoBox * Save order of boxes for area and user * * @param DoliDB $db Database handler - * @param string $zone Name of area (0 for Homepage, ...) + * @param int $zone Name of area (0 for Homepage, ...) * @param string $boxorder List of boxes with correct order 'A:123,456,...-B:789,321...' * @param int $userid Id of user * @return int <0 if KO, 0=Nothing done, > 0 if OK @@ -254,8 +253,8 @@ class InfoBox // Delete all lines $sql = "DELETE FROM ".MAIN_DB_PREFIX."boxes"; $sql .= " WHERE entity = ".$conf->entity; - $sql .= " AND fk_user = ".$userid; - $sql .= " AND position = ".$zone; + $sql .= " AND fk_user = ".((int) $userid); + $sql .= " AND position = ".((int) $zone); dol_syslog(get_class()."::saveboxorder", LOG_DEBUG); $result = $db->query($sql); @@ -278,14 +277,13 @@ class InfoBox $sql = "INSERT INTO ".MAIN_DB_PREFIX."boxes"; $sql .= "(box_id, position, box_order, fk_user, entity)"; $sql .= " values ("; - $sql .= " ".$id.","; - $sql .= " ".$zone.","; + $sql .= " ".((int) $id).","; + $sql .= " ".((int) $zone).","; $sql .= " '".$db->escape($colonne.$ii)."',"; - $sql .= " ".$userid.","; - $sql .= " ".$conf->entity; + $sql .= " ".((int) $userid).","; + $sql .= " ".((int) $conf->entity); $sql .= ")"; - dol_syslog(get_class()."::saveboxorder", LOG_DEBUG); $result = $db->query($sql); if ($result < 0) { $error++; diff --git a/htdocs/core/class/ldap.class.php b/htdocs/core/class/ldap.class.php index 0f97ed878cf..a578f08f3c1 100644 --- a/htdocs/core/class/ldap.class.php +++ b/htdocs/core/class/ldap.class.php @@ -932,7 +932,7 @@ class Ldap * Returns an array containing a details or list of LDAP record(s) * ldapsearch -LLLx -hlocalhost -Dcn=admin,dc=parinux,dc=org -w password -b "ou=adherents,ou=people,dc=parinux,dc=org" userPassword * - * @param string $search Value of fiel to search, '*' for all. Not used if $activefilter is set. + * @param string $search Value of field to search, '*' for all. Not used if $activefilter is set. * @param string $userDn DN (Ex: ou=adherents,ou=people,dc=parinux,dc=org) * @param string $useridentifier Name of key field (Ex: uid) * @param array $attributeArray Array of fields required. Note this array must also contains field $useridentifier (Ex: sn,userPassword) diff --git a/htdocs/core/class/menubase.class.php b/htdocs/core/class/menubase.class.php index 65fdaff9645..6f024c91b0b 100644 --- a/htdocs/core/class/menubase.class.php +++ b/htdocs/core/class/menubase.class.php @@ -352,10 +352,10 @@ class Menubase $sql .= " type='".$this->db->escape($this->type)."',"; $sql .= " mainmenu='".$this->db->escape($this->mainmenu)."',"; $sql .= " leftmenu='".$this->db->escape($this->leftmenu)."',"; - $sql .= " fk_menu=".$this->fk_menu.","; + $sql .= " fk_menu=".((int) $this->fk_menu).","; $sql .= " fk_mainmenu=".($this->fk_mainmenu ? "'".$this->db->escape($this->fk_mainmenu)."'" : "null").","; $sql .= " fk_leftmenu=".($this->fk_leftmenu ? "'".$this->db->escape($this->fk_leftmenu)."'" : "null").","; - $sql .= " position=".($this->position > 0 ? $this->position : 0).","; + $sql .= " position=".($this->position > 0 ? ((int) $this->position) : 0).","; $sql .= " url='".$this->db->escape($this->url)."',"; $sql .= " target='".$this->db->escape($this->target)."',"; $sql .= " titre='".$this->db->escape($this->title)."',"; diff --git a/htdocs/core/class/notify.class.php b/htdocs/core/class/notify.class.php index 345ec5b38e3..6b32799bc89 100644 --- a/htdocs/core/class/notify.class.php +++ b/htdocs/core/class/notify.class.php @@ -176,7 +176,7 @@ class Notify $sqlnotifcode = ''; if ($notifcode) { if (is_numeric($notifcode)) { - $sqlnotifcode = " AND n.fk_action = ".$notifcode; // Old usage + $sqlnotifcode = " AND n.fk_action = ".((int) $notifcode); // Old usage } else { $sqlnotifcode = " AND a.code = '".$this->db->escape($notifcode)."'"; // New usage } @@ -195,7 +195,7 @@ class Notify $sql .= $sqlnotifcode; $sql .= " AND s.entity IN (".getEntity('societe').")"; if ($socid > 0) { - $sql .= " AND s.rowid = ".$socid; + $sql .= " AND s.rowid = ".((int) $socid); } dol_syslog(__METHOD__." ".$notifcode.", ".$socid."", LOG_DEBUG); @@ -233,7 +233,7 @@ class Notify $sql .= $sqlnotifcode; $sql .= " AND c.entity IN (".getEntity('user').")"; if ($userid > 0) { - $sql .= " AND c.rowid = ".$userid; + $sql .= " AND c.rowid = ".((int) $userid); } dol_syslog(__METHOD__." ".$notifcode.", ".$socid."", LOG_DEBUG); @@ -380,11 +380,11 @@ class Notify $sql .= " AND n.fk_soc = s.rowid"; $sql .= " AND c.statut = 1"; if (is_numeric($notifcode)) { - $sql .= " AND n.fk_action = ".$notifcode; // Old usage + $sql .= " AND n.fk_action = ".((int) $notifcode); // Old usage } else { $sql .= " AND a.code = '".$this->db->escape($notifcode)."'"; // New usage } - $sql .= " AND s.rowid = ".$object->socid; + $sql .= " AND s.rowid = ".((int) $object->socid); $sql .= "\nUNION\n"; } diff --git a/htdocs/core/class/utils.class.php b/htdocs/core/class/utils.class.php index d2987e8fc63..bdd6cc2b83a 100644 --- a/htdocs/core/class/utils.class.php +++ b/htdocs/core/class/utils.class.php @@ -319,9 +319,9 @@ class Utils } if ($dolibarr_main_db_character_set == 'utf8mb4') { // We save output into utf8mb4 charset - $param .= " --default-character-set=utf8mb4"; + $param .= " --default-character-set=utf8mb4 --no-tablespaces"; } else { - $param .= " --default-character-set=utf8"; // We always save output into utf8 charset + $param .= " --default-character-set=utf8 --no-tablespaces"; // We always save output into utf8 charset } $paramcrypted = $param; $paramclear = $param; @@ -594,7 +594,7 @@ class Utils * Execute a CLI command. * * @param string $command Command line to execute. - * @param string $outputfile Output file (used only when method is 2). For exemple $conf->admin->dir_temp.'/out.tmp'; + * @param string $outputfile A path for an output file (used only when method is 2). For example: $conf->admin->dir_temp.'/out.tmp'; * @param int $execmethod 0=Use default method (that is 1 by default), 1=Use the PHP 'exec', 2=Use the 'popen' method * @return array array('result'=>...,'output'=>...,'error'=>...). result = 0 means OK. */ diff --git a/htdocs/core/db/DoliDB.class.php b/htdocs/core/db/DoliDB.class.php index 2ed93a9b5f4..b93a3f40cea 100644 --- a/htdocs/core/db/DoliDB.class.php +++ b/htdocs/core/db/DoliDB.class.php @@ -108,7 +108,7 @@ abstract class DoliDB implements Database * Sanitize a string for SQL forging * * @param string $stringtosanitize String to escape - * @param int $allowsimplequote Allow simple quote + * @param int $allowsimplequote 1=Allow simple quotes in string. When string is used as a list of SQL string ('aa', 'bb', ...) * @return string String escaped */ public function sanitize($stringtosanitize, $allowsimplequote = 0) diff --git a/htdocs/core/lib/admin.lib.php b/htdocs/core/lib/admin.lib.php index 303382f285b..ae260171a0b 100644 --- a/htdocs/core/lib/admin.lib.php +++ b/htdocs/core/lib/admin.lib.php @@ -1545,6 +1545,7 @@ function form_constantes($tableau, $strictw3c = 0, $helptext = '') print ''; } + print '
    '; print '
    '; -print $langs->trans("Category").': '.$formother->select_categories(Categorie::TYPE_CUSTOMER, $selected_cat, 'search_categ', true); +print img_picto('', 'category', 'class="paddingrightonly"'); +print $formother->select_categories(Categorie::TYPE_CUSTOMER, $selected_cat, 'search_categ', 0, $langs->trans("Category")); print ' '; print $langs->trans("SubCats").'? '; print ''; print '
    '; -print ''; +print ''; print ''; -print ''; +print ''; print ''; -print ''; +print ''; print ''; print $form->select_country($search_country, 'search_country'); diff --git a/htdocs/compta/stats/index.php b/htdocs/compta/stats/index.php index b93d3c507b3..e7ec8c61db7 100644 --- a/htdocs/compta/stats/index.php +++ b/htdocs/compta/stats/index.php @@ -149,9 +149,11 @@ if ($modecompta == "CREANCES-DETTES") { $name = $langs->trans("Turnover"); $calcmode = $langs->trans("CalcModeDebt"); //$calcmode.='
    ('.$langs->trans("SeeReportInInputOutputMode",'','').')'; - $calcmode .= '
    ('.$langs->trans("SeeReportInBookkeepingMode", '{link1}', '{link2}').')'; - $calcmode = str_replace('{link1}', '', $calcmode); - $calcmode = str_replace('{link2}', '', $calcmode); + if (!empty($conf->accounting->enabled)) { + $calcmode .= '
    ('.$langs->trans("SeeReportInBookkeepingMode", '{link1}', '{link2}').')'; + $calcmode = str_replace('{link1}', '', $calcmode); + $calcmode = str_replace('{link2}', '', $calcmode); + } $periodlink = ($year_start ? "".img_previous()." ".img_next()."" : ""); $description = $langs->trans("RulesCADue"); if (!empty($conf->global->FACTURE_DEPOSITS_ARE_JUST_PAYMENTS)) { @@ -164,8 +166,10 @@ if ($modecompta == "CREANCES-DETTES") { } elseif ($modecompta == "RECETTES-DEPENSES") { $name = $langs->trans("TurnoverCollected"); $calcmode = $langs->trans("CalcModeEngagement"); - //$calcmode.='
    ('.$langs->trans("SeeReportInDueDebtMode",'','').')'; + //$calcmode .= '
    ('.$langs->trans("SeeReportInDueDebtMode",'','').')'; + //if (!empty($conf->accounting->enabled)) { //$calcmode.='
    ('.$langs->trans("SeeReportInBookkeepingMode",'','').')'; + //} $periodlink = ($year_start ? "".img_previous()." ".img_next()."" : ""); $description = $langs->trans("RulesCAIn"); $description .= $langs->trans("DepositsAreIncluded"); @@ -677,7 +681,7 @@ print ''; AND p.facture =0"; if ($socid) { - $sql .= " AND f.fk_soc = ".$socid; + $sql .= " AND f.fk_soc = ".((int) $socid); } $sql .= " GROUP BY p.rowid"; diff --git a/htdocs/compta/stats/supplier_turnover.php b/htdocs/compta/stats/supplier_turnover.php index bb341c6a3a5..7273e8ed529 100644 --- a/htdocs/compta/stats/supplier_turnover.php +++ b/htdocs/compta/stats/supplier_turnover.php @@ -128,23 +128,31 @@ llxHeader(); $form = new Form($db); +// TODO Report from bookkeeping not yet available, so we switch on report on business events +if ($modecompta == "BOOKKEEPING") { + $modecompta = "CREANCES-DETTES"; +} +if ($modecompta == "BOOKKEEPINGCOLLECTED") { + $modecompta = "RECETTES-DEPENSES"; +} + // Affiche en-tete du rapport if ($modecompta == "CREANCES-DETTES") { $name = $langs->trans("PurchaseTurnover"); $calcmode = $langs->trans("CalcModeDebt"); - $calcmode .= '
    ('.$langs->trans("SeeReportInBookkeepingMode", '{link1}', '{link2}').')'; - $calcmode = str_replace('{link1}', '', $calcmode); - $calcmode = str_replace('{link2}', '', $calcmode); + if (!empty($conf->accounting->enabled)) { + $calcmode .= '
    ('.$langs->trans("SeeReportInBookkeepingMode", '{link1}', '{link2}').')'; + $calcmode = str_replace('{link1}', '', $calcmode); + $calcmode = str_replace('{link2}', '', $calcmode); + } $periodlink = ($year_start ? "".img_previous()." ".img_next()."" : ""); $description = $langs->trans("RulesPurchaseTurnoverDue"); - $builddate = dol_now(); //$exportlink=$langs->trans("NotYetAvailable"); } elseif ($modecompta == "RECETTES-DEPENSES") { $name = $langs->trans("PurchaseTurnoverCollected"); $calcmode = $langs->trans("CalcModeEngagement"); $periodlink = ($year_start ? "".img_previous()." ".img_next()."" : ""); $description = $langs->trans("RulesPurchaseTurnoverIn"); - $builddate = dol_now(); //$exportlink=$langs->trans("NotYetAvailable"); } elseif ($modecompta == "BOOKKEEPING") { $name = $langs->trans("PurchaseTurnover"); @@ -154,9 +162,19 @@ if ($modecompta == "CREANCES-DETTES") { $calcmode = str_replace('{link2}', '', $calcmode); $periodlink = ($year_start ? "".img_previous()." ".img_next()."" : ""); $description = $langs->trans("RulesPurchaseTurnoverOfExpenseAccounts"); - $builddate = dol_now(); + //$exportlink=$langs->trans("NotYetAvailable"); +} elseif ($modecompta == "BOOKKEEPINGCOLLECTED") { + $name = $langs->trans("PurchaseTurnoverCollected"); + $calcmode = $langs->trans("CalcModeBookkeeping"); + $calcmode .= '
    ('.$langs->trans("SeeReportInDueDebtMode", '{link1}', '{link2}').')'; + $calcmode = str_replace('{link1}', '', $calcmode); + $calcmode = str_replace('{link2}', '', $calcmode); + $periodlink = ($year_start ? "".img_previous()." ".img_next()."" : ""); + $description = $langs->trans("RulesPurchaseTurnoverCollectedOfExpenseAccounts"); //$exportlink=$langs->trans("NotYetAvailable"); } + +$builddate = dol_now(); $period = $form->selectDate($date_start, 'date_start', 0, 0, 0, '', 1, 0, 0, '', '', '', '', 1, '', '', 'tzserver'); $period .= ' - '; $period .= $form->selectDate($date_end, 'date_end', 0, 0, 0, '', 1, 0, 0, '', '', '', '', 1, '', '', 'tzserver'); @@ -179,7 +197,7 @@ if ($modecompta == 'CREANCES-DETTES') { $sql .= " AND f.type IN (0,2)"; $sql .= " AND f.entity IN (".getEntity('supplier_invoice').")"; if ($socid) { - $sql .= " AND f.fk_soc = ".$socid; + $sql .= " AND f.fk_soc = ".((int) $socid); } } elseif ($modecompta == "RECETTES-DEPENSES") { $sql = "SELECT date_format(p.datep,'%Y-%m') as dm, sum(pf.amount) as amount_ttc"; @@ -190,7 +208,7 @@ if ($modecompta == 'CREANCES-DETTES') { $sql .= " AND pf.fk_facturefourn = f.rowid"; $sql .= " AND f.entity IN (".getEntity('supplier_invoice').")"; if ($socid) { - $sql .= " AND f.fk_soc = ".$socid; + $sql .= " AND f.fk_soc = ".((int) $socid); } } elseif ($modecompta == "BOOKKEEPING") { $pcgverid = $conf->global->CHARTOFACCOUNTS; diff --git a/htdocs/compta/stats/supplier_turnover_by_prodserv.php b/htdocs/compta/stats/supplier_turnover_by_prodserv.php index 1af51249433..4e92325a323 100644 --- a/htdocs/compta/stats/supplier_turnover_by_prodserv.php +++ b/htdocs/compta/stats/supplier_turnover_by_prodserv.php @@ -345,7 +345,8 @@ if ($modecompta == 'CREANCES-DETTES') { // Category filter print '
    '; - print $langs->trans("Category").': '.$formother->select_categories(Categorie::TYPE_PRODUCT, $selected_cat, 'search_categ', true); + print img_picto('', 'category', 'class="paddingrightonly"'); + print $formother->select_categories(Categorie::TYPE_PRODUCT, $selected_cat, 'search_categ', 0, $langs->trans("Category")); print ' '; print $langs->trans("SubCats").'? '; print ''; - print $langs->trans("ThirdParty").': '.$form->select_thirdparty_list($selected_soc, 'search_soc', '', 1); + print img_picto('', 'company', 'class="paddingrightonly"'); + print $form->select_thirdparty_list($selected_soc, 'search_soc', '', $langs->trans("ThirdParty")); print ''; diff --git a/htdocs/compta/stats/supplier_turnover_by_thirdparty.php b/htdocs/compta/stats/supplier_turnover_by_thirdparty.php index b1b1f219f53..0ea8418381d 100644 --- a/htdocs/compta/stats/supplier_turnover_by_thirdparty.php +++ b/htdocs/compta/stats/supplier_turnover_by_thirdparty.php @@ -200,18 +200,19 @@ if ($modecompta == "CREANCES-DETTES") { $calcmode = $langs->trans("CalcModeDebt"); //$calcmode.='
    ('.$langs->trans("SeeReportInInputOutputMode",'','').')'; $description = $langs->trans("RulesPurchaseTurnoverDue"); - $builddate = dol_now(); //$exportlink=$langs->trans("NotYetAvailable"); } elseif ($modecompta == "RECETTES-DEPENSES") { $name = $langs->trans("PurchaseTurnoverCollected").', '.$langs->trans("ByThirdParties"); $calcmode = $langs->trans("CalcModeEngagement"); //$calcmode.='
    ('.$langs->trans("SeeReportInDueDebtMode",'','').')'; $description = $langs->trans("RulesPurchaseTurnoverIn"); - $builddate = dol_now(); //$exportlink=$langs->trans("NotYetAvailable"); } elseif ($modecompta == "BOOKKEEPING") { + // TODO } elseif ($modecompta == "BOOKKEEPINGCOLLECTED") { + // TODO } +$builddate = dol_now(); $period = $form->selectDate($date_start, 'date_start', 0, 0, 0, '', 1, 0, 0, '', '', '', '', 1, '', '', 'tzserver'); $period .= ' - '; $period .= $form->selectDate($date_end, 'date_end', 0, 0, 0, '', 1, 0, 0, '', '', '', '', 1, '', '', 'tzserver'); @@ -300,7 +301,7 @@ if ($search_country > 0) { } $sql .= " AND f.entity IN (".getEntity('supplier_invoice').")"; if ($socid) { - $sql .= " AND f.fk_soc = ".$socid; + $sql .= " AND f.fk_soc = ".((int) $socid); } $sql .= " GROUP BY s.rowid, s.nom, s.zip, s.town, s.fk_pays"; $sql .= " ORDER BY s.rowid"; @@ -344,7 +345,8 @@ print ''; print ''; print ''; print ''; print ''; print ' - + @@ -106,12 +106,7 @@ echo $this->control->tpl['ajax_selectcountry']; ?> - - - - - - + diff --git a/htdocs/contact/canvas/default/tpl/contactcard_edit.tpl.php b/htdocs/contact/canvas/default/tpl/contactcard_edit.tpl.php index 41fbdb5def9..5c06b1d1549 100644 --- a/htdocs/contact/canvas/default/tpl/contactcard_edit.tpl.php +++ b/htdocs/contact/canvas/default/tpl/contactcard_edit.tpl.php @@ -76,7 +76,7 @@ echo $this->control->tpl['ajax_selectcountry']; - + @@ -115,7 +115,7 @@ echo $this->control->tpl['ajax_selectcountry']; - + control->tpl['nb_emailing']) { ?> diff --git a/htdocs/contact/card.php b/htdocs/contact/card.php index b337f0980e6..d185815b51a 100644 --- a/htdocs/contact/card.php +++ b/htdocs/contact/card.php @@ -77,12 +77,6 @@ if (!empty($canvas)) { $objcanvas->getCanvas('contact', 'contactcard', $canvas); } -// Security check -if ($user->socid) { - $socid = $user->socid; -} -$result = restrictedArea($user, 'contact', $id, 'socpeople&societe', '', '', 'rowid', 0); // If we create a contact with no company (shared contacts), no check on write permission - // Initialize technical object to manage hooks of page. Note that conf->hooks_modules contains array of hook context $hookmanager->initHooks(array('contactcard', 'globalcard')); @@ -96,6 +90,16 @@ if (!($object->id > 0) && $action == 'view') { exit; } +$triggermodname = 'CONTACT_MODIFY'; +$permissiontoadd = $user->rights->societe->contact->creer; + +// Security check +if ($user->socid) { + $socid = $user->socid; +} +$result = restrictedArea($user, 'contact', $id, 'socpeople&societe', '', '', 'rowid', 0); // If we create a contact with no company (shared contacts), no check on write permission + + /* * Actions */ @@ -144,7 +148,7 @@ if (empty($reshook)) { // Confirmation desactivation - if ($action == 'disable') { + if ($action == 'disable' && !empty($permissiontoadd)) { $object->fetch($id); if ($object->setstatus(0) < 0) { setEventMessages($object->error, $object->errors, 'errors'); @@ -155,7 +159,7 @@ if (empty($reshook)) { } // Confirmation activation - if ($action == 'enable') { + if ($action == 'enable' && !empty($permissiontoadd)) { $object->fetch($id); if ($object->setstatus(1) < 0) { setEventMessages($object->error, $object->errors, 'errors'); @@ -166,7 +170,7 @@ if (empty($reshook)) { } // Add contact - if ($action == 'add' && $user->rights->societe->contact->creer) { + if ($action == 'add' && !empty($permissiontoadd)) { $db->begin(); if ($canvas) { @@ -293,7 +297,7 @@ if (empty($reshook)) { $object->old_lastname = (string) GETPOST("old_lastname", 'alpha'); $object->old_firstname = (string) GETPOST("old_firstname", 'alpha'); - $result = $object->delete(); + $result = $object->delete(); // TODO Add $user as first param if ($result > 0) { if ($backtopage) { header("Location: ".$backtopage); @@ -307,7 +311,7 @@ if (empty($reshook)) { } } - if ($action == 'update' && empty($cancel) && $user->rights->societe->contact->creer) { + if ($action == 'update' && empty($cancel) && !empty($permissiontoadd)) { if (!GETPOST("lastname", 'alpha')) { $error++; $errors = array($langs->trans("ErrorFieldRequired", $langs->transnoentities("Name").' / '.$langs->transnoentities("Label"))); $action = 'edit'; @@ -439,8 +443,6 @@ if (empty($reshook)) { } } - $object->old_lastname = ''; - $object->old_firstname = ''; $action = 'view'; } else { setEventMessages($object->error, $object->errors, 'errors'); @@ -457,7 +459,7 @@ if (empty($reshook)) { } } - if ($action == 'setprospectcontactlevel' && $user->rights->societe->contact->creer) { + if ($action == 'setprospectcontactlevel' && !empty($permissiontoadd)) { $object->fetch($id); $object->fk_prospectlevel = GETPOST('prospect_contact_level_id', 'alpha'); $result = $object->update($object->id, $user); @@ -467,7 +469,7 @@ if (empty($reshook)) { } // set communication status - if ($action == 'setstcomm') { + if ($action == 'setstcomm' && !empty($permissiontoadd)) { $object->fetch($id); $object->stcomm_id = dol_getIdFromCode($db, GETPOST('stcomm', 'alpha'), 'c_stcommcontact'); $result = $object->update($object->id, $user); @@ -476,6 +478,31 @@ if (empty($reshook)) { } } + // Update extrafields + if ($action == "update_extras" && !empty($permissiontoadd)) { + $object->fetch(GETPOST('id', 'int')); + + $attributekey = GETPOST('attribute', 'alpha'); + $attributekeylong = 'options_'.$attributekey; + + if (GETPOSTISSET($attributekeylong.'day') && GETPOSTISSET($attributekeylong.'month') && GETPOSTISSET($attributekeylong.'year')) { + // This is properties of a date + $object->array_options['options_'.$attributekey] = dol_mktime(GETPOST($attributekeylong.'hour', 'int'), GETPOST($attributekeylong.'min', 'int'), GETPOST($attributekeylong.'sec', 'int'), GETPOST($attributekeylong.'month', 'int'), GETPOST($attributekeylong.'day', 'int'), GETPOST($attributekeylong.'year', 'int')); + //var_dump(dol_print_date($object->array_options['options_'.$attributekey]));exit; + } else { + $object->array_options['options_'.$attributekey] = GETPOST($attributekeylong, 'alpha'); + } + + $result = $object->insertExtraFields(empty($triggermodname) ? '' : $triggermodname, $user); + if ($result > 0) { + setEventMessages($langs->trans('RecordSaved'), null, 'mesgs'); + $action = 'view'; + } else { + setEventMessages($object->error, $object->errors, 'errors'); + $action = 'edit_extras'; + } + } + // Actions to send emails $triggersendname = 'CONTACT_SENTBYMAIL'; $paramname = 'id'; @@ -821,11 +848,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { // Other attributes $parameters = array('socid' => $socid, 'objsoc' => $objsoc, 'colspan' => ' colspan="3"', 'cols' => 3); - $reshook = $hookmanager->executeHooks('formObjectOptions', $parameters, $object, $action); // Note that $action and $object may have been modified by hook - print $hookmanager->resPrint; - if (empty($reshook)) { - print $object->showOptionals($extrafields, 'edit', $parameters); - } + include DOL_DOCUMENT_ROOT.'/core/tpl/extrafields_add.tpl.php'; print "
    '; -print $langs->trans("Category").': '.$formother->select_categories(Categorie::TYPE_SUPPLIER, $selected_cat, 'search_categ', true); +print img_picto('', 'category', 'class="paddingrightonly"'); +print $formother->select_categories(Categorie::TYPE_SUPPLIER, $selected_cat, 'search_categ', 0, $langs->trans("Category")); print ' '; print $langs->trans("SubCats").'? '; print ''; print '
    '; -print ''; +print ''; print ''; -print ''; +print ''; print ''; -print ''; +print ''; print ''; print $form->select_country($search_country, 'search_country'); diff --git a/htdocs/compta/tva/class/paymentvat.class.php b/htdocs/compta/tva/class/paymentvat.class.php index f8a397bdb9a..bc234b4516e 100644 --- a/htdocs/compta/tva/class/paymentvat.class.php +++ b/htdocs/compta/tva/class/paymentvat.class.php @@ -180,8 +180,8 @@ class PaymentVAT extends CommonObject $sql .= " fk_typepaiement, num_paiement, note, fk_user_creat, fk_bank)"; $sql .= " VALUES ($this->chid, '".$this->db->idate($now)."',"; $sql .= " '".$this->db->idate($this->datepaye)."',"; - $sql .= " ".$totalamount.","; - $sql .= " ".$this->paiementtype.", '".$this->db->escape($this->num_payment)."', '".$this->db->escape($this->note)."', ".$user->id.","; + $sql .= " ".((float) $totalamount).","; + $sql .= " ".((int) $this->paiementtype).", '".$this->db->escape($this->num_payment)."', '".$this->db->escape($this->note)."', ".$user->id.","; $sql .= " 0)"; $resql = $this->db->query($sql); diff --git a/htdocs/compta/tva/class/tva.class.php b/htdocs/compta/tva/class/tva.class.php index daed5b19f5e..45d3d2e74b4 100644 --- a/htdocs/compta/tva/class/tva.class.php +++ b/htdocs/compta/tva/class/tva.class.php @@ -207,7 +207,7 @@ class Tva extends CommonObject $sql .= " amount=".price2num($this->amount).","; $sql .= " label='".$this->db->escape($this->label)."',"; $sql .= " note='".$this->db->escape($this->note)."',"; - $sql .= " fk_user_creat=".$this->fk_user_creat.","; + $sql .= " fk_user_creat=".((int) $this->fk_user_creat).","; $sql .= " fk_user_modif=".($this->fk_user_modif > 0 ? $this->fk_user_modif : $user->id).""; $sql .= " WHERE rowid=".((int) $this->id); diff --git a/htdocs/compta/tva/document.php b/htdocs/compta/tva/document.php index eee1abcd2f5..e2f0dcec96d 100644 --- a/htdocs/compta/tva/document.php +++ b/htdocs/compta/tva/document.php @@ -150,7 +150,7 @@ if ($object->id) { print dol_get_fiche_end(); - $permission = $user->rights->tax->charges->creer; + $permissiontoadd = $user->rights->tax->charges->creer; $permtoedit = $user->rights->tax->charges->creer; $param = '&id='.$object->id; include DOL_DOCUMENT_ROOT.'/core/tpl/document_actions_post_headers.tpl.php'; diff --git a/htdocs/compta/tva/list.php b/htdocs/compta/tva/list.php index 17237732cea..69ce8ae8ae5 100644 --- a/htdocs/compta/tva/list.php +++ b/htdocs/compta/tva/list.php @@ -171,16 +171,16 @@ if (!empty($search_datepayment_end)) { $sql .= ' AND t.datep <= "'.$db->idate($search_datepayment_end).'"'; } if (!empty($search_type) && $search_type > 0) { - $sql .= ' AND t.fk_typepayment='.$search_type; + $sql .= ' AND t.fk_typepayment = '.((int) $search_type); } if (!empty($search_account) && $search_account > 0) { - $sql .= ' AND t.fk_account='.$search_account; + $sql .= ' AND t.fk_account = '.((int) $search_account); } if (!empty($search_amount)) { $sql .= natural_search('t.amount', price2num(trim($search_amount)), 1); } if ($search_status != '' && $search_status >= 0) { - $sql .= " AND t.paye = ".$db->escape($search_status); + $sql .= " AND t.paye = ".((int) $search_status); } $sql .= " GROUP BY t.rowid, t.amount, t.label, t.datev, t.datep, t.paye, t.fk_typepayment, t.fk_account, ba.label, ba.ref, ba.number, ba.account_number, ba.iban_prefix, ba.bic, ba.currency_code, ba.clos, t.num_payment, pst.code"; diff --git a/htdocs/contact/agenda.php b/htdocs/contact/agenda.php index ca496540a47..293c4f11aa3 100644 --- a/htdocs/contact/agenda.php +++ b/htdocs/contact/agenda.php @@ -143,7 +143,7 @@ $title = (!empty($conf->global->SOCIETE_ADDRESSES_MANAGEMENT) ? $langs->trans("C if (!empty($conf->global->MAIN_HTML_TITLE) && preg_match('/contactnameonly/', $conf->global->MAIN_HTML_TITLE) && $object->lastname) { $title = $object->lastname; } -$help_url = 'EN:Module_Third_Parties|FR:Module_Tiers|ES:Empresas'; +$help_url = 'EN:Module_Third_Parties|FR:Module_Tiers|ES:Empresas|DE:Modul_Partner'; llxHeader('', $title, $help_url); diff --git a/htdocs/contact/canvas/actions_contactcard_common.class.php b/htdocs/contact/canvas/actions_contactcard_common.class.php index 0e80df07676..f63f25b2a18 100644 --- a/htdocs/contact/canvas/actions_contactcard_common.class.php +++ b/htdocs/contact/canvas/actions_contactcard_common.class.php @@ -283,10 +283,7 @@ abstract class ActionsContactCardCommon // phpcs:enable global $langs, $mysoc; - $this->object->old_name = GETPOST("old_name"); - $this->object->old_firstname = GETPOST("old_firstname"); - - $this->object->socid = GETPOST("socid"); + $this->object->socid = GETPOST("socid", 'int'); $this->object->lastname = GETPOST("name"); $this->object->firstname = GETPOST("firstname"); $this->object->civility_id = GETPOST("civility_id"); @@ -301,7 +298,6 @@ abstract class ActionsContactCardCommon $this->object->phone_mobile = GETPOST("phone_mobile"); $this->object->fax = GETPOST("fax"); $this->object->email = GETPOST("email"); - $this->object->jabberid = GETPOST("jabberid"); $this->object->priv = GETPOST("priv"); $this->object->note = GETPOST("note", "restricthtml"); $this->object->canvas = GETPOST("canvas"); diff --git a/htdocs/contact/canvas/default/tpl/contactcard_create.tpl.php b/htdocs/contact/canvas/default/tpl/contactcard_create.tpl.php index bd5cf24e195..edb2a78818c 100644 --- a/htdocs/contact/canvas/default/tpl/contactcard_create.tpl.php +++ b/htdocs/contact/canvas/default/tpl/contactcard_create.tpl.php @@ -67,7 +67,7 @@ echo $this->control->tpl['ajax_selectcountry']; ?>
    trans("PostOrFunction"); ?>
    trans("Email"); ?>
    trans("IM"); ?>
    trans("PostOrFunction"); ?>
    trans("Email"); ?> trans("NbOfEMailingsReceived"); ?> control->tpl['nb_emailing']; ?>

    "; @@ -1133,11 +1156,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { // Other attributes $parameters = array('colspan' => ' colspan="3"', 'cols'=> '3'); - $reshook = $hookmanager->executeHooks('formObjectOptions', $parameters, $object, $action); // Note that $action and $object may have been modified by hook - print $hookmanager->resPrint; - if (empty($reshook)) { - print $object->showOptionals($extrafields, 'edit', $parameters); - } + include DOL_DOCUMENT_ROOT.'/core/tpl/extrafields_edit.tpl.php'; $object->load_ref_elements(); diff --git a/htdocs/contact/class/contact.class.php b/htdocs/contact/class/contact.class.php index 78e4ffae99b..7ca69871238 100644 --- a/htdocs/contact/class/contact.class.php +++ b/htdocs/contact/class/contact.class.php @@ -455,18 +455,18 @@ class Contact extends CommonObject $sql .= ") VALUES ("; $sql .= "'".$this->db->idate($now)."',"; if ($this->socid > 0) { - $sql .= " ".$this->db->escape($this->socid).","; + $sql .= " ".((int) $this->socid).","; } else { $sql .= "null,"; } $sql .= "'".$this->db->escape($this->lastname)."',"; $sql .= "'".$this->db->escape($this->firstname)."',"; - $sql .= " ".($user->id > 0 ? "'".$this->db->escape($user->id)."'" : "null").","; - $sql .= " ".$this->db->escape($this->priv).","; + $sql .= " ".($user->id > 0 ? ((int) $user->id) : "null").","; + $sql .= " ".((int) $this->priv).","; $sql .= " 0,"; - $sql .= " ".$this->db->escape($this->statut).","; + $sql .= " ".((int) $this->statut).","; $sql .= " ".(!empty($this->canvas) ? "'".$this->db->escape($this->canvas)."'" : "null").","; - $sql .= " ".$this->db->escape($this->entity).","; + $sql .= " ".((int) $this->entity).","; $sql .= "'".$this->db->escape($this->ref_ext)."',"; $sql .= " ".(!empty($this->import_key) ? "'".$this->db->escape($this->import_key)."'" : "null"); $sql .= ")"; @@ -545,8 +545,6 @@ class Contact extends CommonObject $this->phone_pro = trim($this->phone_pro); $this->phone_perso = trim($this->phone_perso); $this->phone_mobile = trim($this->phone_mobile); - $this->jabberid = trim($this->jabberid); - $this->skype = trim($this->skype); $this->photo = trim($this->photo); $this->fax = trim($this->fax); $this->zip = (empty($this->zip) ? '' : trim($this->zip)); @@ -591,11 +589,11 @@ class Contact extends CommonObject if (isset($this->stcomm_id)) { $sql .= ", fk_stcommcontact = ".($this->stcomm_id > 0 || $this->stcomm_id == -1 ? $this->stcomm_id : "0"); } - $sql .= ", statut = ".$this->db->escape($this->statut); + $sql .= ", statut = ".((int) $this->statut); $sql .= ", fk_user_modif=".($user->id > 0 ? "'".$this->db->escape($user->id)."'" : "NULL"); $sql .= ", default_lang=".($this->default_lang ? "'".$this->db->escape($this->default_lang)."'" : "NULL"); - $sql .= ", entity = ".$this->db->escape($this->entity); - $sql .= " WHERE rowid=".$this->db->escape($id); + $sql .= ", entity = ".((int) $this->entity); + $sql .= " WHERE rowid=".((int) $id); dol_syslog(get_class($this)."::update", LOG_DEBUG); $result = $this->db->query($sql); @@ -1190,10 +1188,11 @@ class Contact extends CommonObject } /** - * Efface le contact de la base + * Delete a contact from database + * // TODO Add $user as first param * - * @param int $notrigger Disable all trigger - * @return int <0 if KO, >0 if OK + * @param int $notrigger Disable all trigger + * @return int <0 if KO, >0 if OK */ public function delete($notrigger = 0) { @@ -1221,7 +1220,7 @@ class Contact extends CommonObject $obj = $this->db->fetch_object($resql); $sqldel = "DELETE FROM ".MAIN_DB_PREFIX."element_contact"; - $sqldel .= " WHERE rowid = ".$obj->rowid; + $sqldel .= " WHERE rowid = ".((int) $obj->rowid); dol_syslog(__METHOD__, LOG_DEBUG); $result = $this->db->query($sqldel); if (!$result) { @@ -1324,7 +1323,7 @@ class Contact extends CommonObject $sql = "SELECT c.rowid, c.datec as datec, c.fk_user_creat,"; $sql .= " c.tms as tms, c.fk_user_modif"; $sql .= " FROM ".MAIN_DB_PREFIX."socpeople as c"; - $sql .= " WHERE c.rowid = ".$this->db->escape($id); + $sql .= " WHERE c.rowid = ".((int) $id); $resql = $this->db->query($sql); if ($resql) { @@ -1770,10 +1769,10 @@ class Contact extends CommonObject $sql = "SELECT sc.fk_socpeople as id, sc.fk_c_type_contact"; $sql .= " FROM ".MAIN_DB_PREFIX."c_type_contact tc"; $sql .= ", ".MAIN_DB_PREFIX."societe_contacts sc"; - $sql .= " WHERE sc.fk_soc =".$this->socid; + $sql .= " WHERE sc.fk_soc =".((int) $this->socid); $sql .= " AND sc.fk_c_type_contact=tc.rowid"; - $sql .= " AND tc.element='".$this->db->escape($element)."'"; - $sql .= " AND tc.active=1"; + $sql .= " AND tc.element = '".$this->db->escape($element)."'"; + $sql .= " AND tc.active = 1"; dol_syslog(__METHOD__, LOG_DEBUG); $resql = $this->db->query($sql); diff --git a/htdocs/contact/document.php b/htdocs/contact/document.php index e980b0ee94c..3005c6b7827 100644 --- a/htdocs/contact/document.php +++ b/htdocs/contact/document.php @@ -182,7 +182,7 @@ if ($object->id) { print dol_get_fiche_end(); $modulepart = 'contact'; - $permission = $user->rights->societe->contact->creer; + $permissiontoadd = $user->rights->societe->contact->creer; $permtoedit = $user->rights->societe->contact->creer; $param = '&id='.$object->id; include DOL_DOCUMENT_ROOT.'/core/tpl/document_actions_post_headers.tpl.php'; diff --git a/htdocs/contact/list.php b/htdocs/contact/list.php index 74e3c704739..5ef0a10deb5 100644 --- a/htdocs/contact/list.php +++ b/htdocs/contact/list.php @@ -392,7 +392,7 @@ if (!$user->rights->societe->client->voir && !$socid) { //restriction $sql .= " AND (sc.fk_user = ".$user->id." OR p.fk_soc IS NULL)"; } if (!empty($userid)) { // propre au commercial - $sql .= " AND p.fk_user_creat=".$db->escape($userid); + $sql .= " AND p.fk_user_creat=".((int) $userid); } if ($search_level) { $sql .= natural_search("p.fk_prospectcontactlevel", join(',', $search_level), 3); @@ -414,19 +414,19 @@ if ($search_priv != '0' && $search_priv != '1') { } if ($search_categ > 0) { - $sql .= " AND cc.fk_categorie = ".$db->escape($search_categ); + $sql .= " AND cc.fk_categorie = ".((int) $search_categ); } if ($search_categ == -2) { $sql .= " AND cc.fk_categorie IS NULL"; } if ($search_categ_thirdparty > 0) { - $sql .= " AND cs.fk_categorie = ".$db->escape($search_categ_thirdparty); + $sql .= " AND cs.fk_categorie = ".((int) $search_categ_thirdparty); } if ($search_categ_thirdparty == -2) { $sql .= " AND cs.fk_categorie IS NULL"; } if ($search_categ_supplier > 0) { - $sql .= " AND cs2.fk_categorie = ".$db->escape($search_categ_supplier); + $sql .= " AND cs2.fk_categorie = ".((int) $search_categ_supplier); } if ($search_categ_supplier == -2) { $sql .= " AND cs2.fk_categorie IS NULL"; @@ -495,10 +495,10 @@ if (count($search_roles) > 0) { $sql .= " AND p.rowid IN (SELECT sc.fk_socpeople FROM ".MAIN_DB_PREFIX."societe_contacts as sc WHERE sc.fk_c_type_contact IN (".$db->sanitize(implode(',', $search_roles))."))"; } if ($search_no_email != '' && $search_no_email >= 0) { - $sql .= " AND p.no_email = ".$db->escape($search_no_email); + $sql .= " AND p.no_email = ".((int) $search_no_email); } if ($search_status != '' && $search_status >= 0) { - $sql .= " AND p.statut = ".$db->escape($search_status); + $sql .= " AND p.statut = ".((int) $search_status); } if ($search_import_key) { $sql .= natural_search("p.import_key", $search_import_key); diff --git a/htdocs/contact/perso.php b/htdocs/contact/perso.php index 628c73b0afc..261ffebf29c 100644 --- a/htdocs/contact/perso.php +++ b/htdocs/contact/perso.php @@ -60,8 +60,8 @@ if ($action == 'update' && !GETPOST("cancel") && $user->rights->societe->contact $result = $object->update_perso($id, $user); if ($result > 0) { - $object->old_name = ''; - $object->old_firstname = ''; + $object->oldcopy = clone $object; + // Logo/Photo save $dir = $conf->societe->dir_output.'/contact/'.get_exdir($object->id, 0, 0, 1, $object, 'contact').'/photos'; diff --git a/htdocs/contrat/class/contrat.class.php b/htdocs/contrat/class/contrat.class.php index 186e4ee5761..5436c55faeb 100644 --- a/htdocs/contrat/class/contrat.class.php +++ b/htdocs/contrat/class/contrat.class.php @@ -1546,11 +1546,11 @@ class Contrat extends CommonObject $sql .= ") VALUES ("; $sql .= $this->id.", '', '".$this->db->escape($desc)."',"; $sql .= ($fk_product > 0 ? $fk_product : "null").","; - $sql .= " ".$qty.","; - $sql .= " ".$txtva.","; + $sql .= " ".((float) $qty).","; + $sql .= " ".((float) $txtva).","; $sql .= " ".($vat_src_code ? "'".$this->db->escape($vat_src_code)."'" : "null").","; - $sql .= " ".$txlocaltax1.","; - $sql .= " ".$txlocaltax2.","; + $sql .= " ".((float) $txlocaltax1).","; + $sql .= " ".((float) $txlocaltax2).","; $sql .= " '".$this->db->escape($localtax1_type)."',"; $sql .= " '".$this->db->escape($localtax2_type)."',"; $sql .= " ".price2num($remise_percent).","; @@ -1559,7 +1559,7 @@ class Contrat extends CommonObject $sql .= " '".$this->db->escape($info_bits)."',"; $sql .= " ".price2num($price).",".price2num($remise).","; if (isset($fk_fournprice)) { - $sql .= ' '.$fk_fournprice.','; + $sql .= ' '.((int) $fk_fournprice).','; } else { $sql .= ' null,'; } @@ -3066,9 +3066,9 @@ class ContratLigne extends CommonObjectLine // Update request $sql = "UPDATE ".MAIN_DB_PREFIX."contratdet SET"; - $sql .= " fk_contrat=".$this->fk_contrat.","; + $sql .= " fk_contrat=".((int) $this->fk_contrat).","; $sql .= " fk_product=".($this->fk_product ? "'".$this->db->escape($this->fk_product)."'" : 'null').","; - $sql .= " statut=".$this->statut.","; + $sql .= " statut=".((int) $this->statut).","; $sql .= " label='".$this->db->escape($this->label)."',"; $sql .= " description='".$this->db->escape($this->description)."',"; $sql .= " date_commande=".($this->date_commande != '' ? "'".$this->db->idate($this->date_commande)."'" : "null").","; @@ -3373,11 +3373,11 @@ class ContratLigne extends CommonObjectLine $this->db->begin(); - $sql = "UPDATE ".MAIN_DB_PREFIX."contratdet SET statut = ".ContratLigne::STATUS_CLOSED.","; + $sql = "UPDATE ".MAIN_DB_PREFIX."contratdet SET statut = ".((int) ContratLigne::STATUS_CLOSED).","; $sql .= " date_cloture = '".$this->db->idate($date_end)."',"; $sql .= " fk_user_cloture = ".$user->id.","; $sql .= " commentaire = '".$this->db->escape($comment)."'"; - $sql .= " WHERE rowid = ".$this->id." AND statut = ".ContratLigne::STATUS_OPEN; + $sql .= " WHERE rowid = ".$this->id." AND statut = ".((int) ContratLigne::STATUS_OPEN); $resql = $this->db->query($sql); if ($resql) { diff --git a/htdocs/contrat/document.php b/htdocs/contrat/document.php index 1dd87fd75e3..0d66204f81d 100644 --- a/htdocs/contrat/document.php +++ b/htdocs/contrat/document.php @@ -192,7 +192,7 @@ if ($object->id) { print dol_get_fiche_end(); $modulepart = 'contract'; - $permission = $user->rights->contrat->creer; + $permissiontoadd = $user->rights->contrat->creer; $permtoedit = $user->rights->contrat->creer; $param = '&id='.$object->id; include DOL_DOCUMENT_ROOT.'/core/tpl/document_actions_post_headers.tpl.php'; diff --git a/htdocs/contrat/index.php b/htdocs/contrat/index.php index aed4cba2fe1..a5e3da943b7 100644 --- a/htdocs/contrat/index.php +++ b/htdocs/contrat/index.php @@ -250,7 +250,7 @@ if (!empty($conf->contrat->enabled) && $user->rights->contrat->lire) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".$user->id; } if ($socid) { - $sql .= " AND c.fk_soc = ".$socid; + $sql .= " AND c.fk_soc = ".((int) $socid); } $resql = $db->query($sql); diff --git a/htdocs/contrat/list.php b/htdocs/contrat/list.php index e44c0411bea..ccb36830844 100644 --- a/htdocs/contrat/list.php +++ b/htdocs/contrat/list.php @@ -265,10 +265,10 @@ if ($search_type_thirdparty != '' && $search_type_thirdparty > 0) { $sql .= " AND s.fk_typent IN (".$db->sanitize($db->escape($search_type_thirdparty)).')'; } if ($search_product_category > 0) { - $sql .= " AND cp.fk_categorie = ".$search_product_category; + $sql .= " AND cp.fk_categorie = ".((int) $search_product_category); } if ($socid) { - $sql .= " AND s.rowid = ".$db->escape($socid); + $sql .= " AND s.rowid = ".((int) $socid); } if (!$user->rights->societe->client->voir && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".$user->id; @@ -289,14 +289,20 @@ if (!empty($search_ref_customer)) { if (!empty($search_ref_supplier)) { $sql .= natural_search(array('c.ref_supplier'), $search_ref_supplier); } +if ($search_zip) { + $sql .= natural_search(array('s.zip'), $search_zip); +} +if ($search_town) { + $sql .= natural_search(array('s.town'), $search_town); +} if ($search_sale > 0) { - $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".$search_sale; + $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $search_sale); } if ($sall) { $sql .= natural_search(array_keys($fieldstosearchall), $sall); } if ($search_user > 0) { - $sql .= " AND ec.fk_c_type_contact = tc.rowid AND tc.element='contrat' AND tc.source='internal' AND ec.element_id = c.rowid AND ec.fk_socpeople = ".$search_user; + $sql .= " AND ec.fk_c_type_contact = tc.rowid AND tc.element='contrat' AND tc.source='internal' AND ec.element_id = c.rowid AND ec.fk_socpeople = ".((int) $search_user); } // Add where from extra fields include DOL_DOCUMENT_ROOT.'/core/tpl/extrafields_list_search_sql.tpl.php'; @@ -488,24 +494,24 @@ $moreforfilter = ''; if ($user->rights->societe->client->voir || $socid) { $langs->load("commercial"); $moreforfilter .= '
    '; - $tmpttile = $langs->trans('ThirdPartiesOfSaleRepresentative'); - $moreforfilter .= img_picto($tmptitle, 'user', 'class="pictofixedwidth"').$formother->select_salesrepresentatives($search_sale, 'search_sale', $user, 0, $tmpttile, 'maxwidth250'); + $tmptitle = $langs->trans('ThirdPartiesOfSaleRepresentative'); + $moreforfilter .= img_picto($tmptitle, 'user', 'class="pictofixedwidth"').$formother->select_salesrepresentatives($search_sale, 'search_sale', $user, 0, $tmptitle, 'maxwidth250'); $moreforfilter .= '
    '; } // If the user can view other users if ($user->rights->user->user->lire) { $moreforfilter .= '
    '; - $tmpttile = $langs->trans('LinkedToSpecificUsers'); - $moreforfilter .= img_picto($tmptitle, 'user', 'class="pictofixedwidth"').$form->select_dolusers($search_user, 'search_user', $tmpttile, '', 0, '', '', 0, 0, 0, '', 0, '', 'maxwidth250'); + $tmptitle = $langs->trans('LinkedToSpecificUsers'); + $moreforfilter .= img_picto($tmptitle, 'user', 'class="pictofixedwidth"').$form->select_dolusers($search_user, 'search_user', $tmptitle, '', 0, '', '', 0, 0, 0, '', 0, '', 'maxwidth250'); $moreforfilter .= '
    '; } // If the user can view categories of products if (!empty($conf->categorie->enabled) && $user->rights->categorie->lire && ($user->rights->produit->lire || $user->rights->service->lire)) { include_once DOL_DOCUMENT_ROOT.'/categories/class/categorie.class.php'; $moreforfilter .= '
    '; - $tmpttile = $langs->trans('IncludingProductWithTag'); + $tmptitle = $langs->trans('IncludingProductWithTag'); $cate_arbo = $form->select_all_categories(Categorie::TYPE_PRODUCT, null, 'parent', null, null, 1); - $moreforfilter .= img_picto($tmptitle, 'category', 'class="pictofixedwidth"').$form->selectarray('search_product_category', $cate_arbo, $search_product_category, $tmpttile, 0, 0, '', 0, 0, 0, 0, 'maxwidth300', 1); + $moreforfilter .= img_picto($tmptitle, 'category', 'class="pictofixedwidth"').$form->selectarray('search_product_category', $cate_arbo, $search_product_category, $tmptitle, 0, 0, '', 0, 0, 0, 0, 'maxwidth300', 1); $moreforfilter .= '
    '; } @@ -700,6 +706,7 @@ print_liste_field_titre($selectedfields, $_SERVER["PHP_SELF"], "", '', '', '', $ print "
    '; if ($found > 0 && is_object($this->cache_objects[$modulepart.'_'.$id.'_'.$ref])) { - print $this->cache_objects[$modulepart.'_'.$id.'_'.$ref]->getNomUrl(1, 'document'); + $tmpobject = $this->cache_objects[$modulepart.'_'.$id.'_'.$ref]; + //if (! in_array($tmpobject->element, array('expensereport'))) { + print $tmpobject->getNomUrl(1, 'document'); + //} else { + // print $tmpobject->getNomUrl(1); + //} } else { print $langs->trans("ObjectDeleted", ($id ? $id : $ref)); } diff --git a/htdocs/core/class/html.formintervention.class.php b/htdocs/core/class/html.formintervention.class.php index aa0259ba288..7058e80b1d7 100644 --- a/htdocs/core/class/html.formintervention.class.php +++ b/htdocs/core/class/html.formintervention.class.php @@ -77,14 +77,14 @@ class FormIntervention if ($socid == '0') { $sql .= " AND (f.fk_soc = 0 OR f.fk_soc IS NULL)"; } else { - $sql .= " AND f.fk_soc = ".$socid; + $sql .= " AND f.fk_soc = ".((int) $socid); } } dol_syslog(get_class($this)."::select_intervention", LOG_DEBUG); $resql = $this->db->query($sql); if ($resql) { - $out .= ''; if ($showempty) { $out .= ''; } diff --git a/htdocs/core/class/html.formmail.class.php b/htdocs/core/class/html.formmail.class.php index a9da488907d..06b6a18b870 100644 --- a/htdocs/core/class/html.formmail.class.php +++ b/htdocs/core/class/html.formmail.class.php @@ -4,7 +4,7 @@ * Copyright (C) 2010-2011 Juanjo Menent * Copyright (C) 2015-2017 Marcos García * Copyright (C) 2015-2017 Nicolas ZABOURI - * Copyright (C) 2018-2019 Frédéric France + * Copyright (C) 2018-2021 Frédéric France * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -584,7 +584,10 @@ class FormMail extends Form $liste['company'] = $conf->global->MAIN_INFO_SOCIETE_NOM.' <'.$conf->global->MAIN_INFO_SOCIETE_MAIL.'>'; // Add also email aliases if there is some - $listaliases = array('user_aliases'=>$user->email_aliases, 'global_aliases'=>$conf->global->MAIN_INFO_SOCIETE_MAIL_ALIASES); + $listaliases = array( + 'user_aliases' => (empty($user->email_aliases) ? '' : $user->email_aliases), + 'global_aliases' => getDolGlobalString('MAIN_INFO_SOCIETE_MAIL_ALIASES'), + ); // Also add robot email if (!empty($this->fromalsorobot)) { @@ -1275,10 +1278,10 @@ class FormMail extends Form $sql .= " AND entity IN (".getEntity('c_email_templates').")"; $sql .= " AND (private = 0 OR fk_user = ".$user->id.")"; // Get all public or private owned if ($active >= 0) { - $sql .= " AND active = ".$active; + $sql .= " AND active = ".((int) $active); } if ($label) { - $sql .= " AND label ='".$db->escape($label)."'"; + $sql .= " AND label = '".$db->escape($label)."'"; } if (!($id > 0) && $languagetosearch) { $sql .= " AND (lang = '".$db->escape($languagetosearch)."'".($languagetosearchmain ? " OR lang = '".$db->escape($languagetosearchmain)."'" : "")." OR lang IS NULL OR lang = '')"; @@ -1434,7 +1437,7 @@ class FormMail extends Form $sql .= " AND entity IN (".getEntity('c_email_templates').")"; $sql .= " AND (private = 0 OR fk_user = ".$user->id.")"; // See all public templates or templates I own. if ($active >= 0) { - $sql .= " AND active = ".$active; + $sql .= " AND active = ".((int) $active); } //if (is_object($outputlangs)) $sql.= " AND (lang = '".$this->db->escape($outputlangs->defaultlang)."' OR lang IS NULL OR lang = '')"; // Return all languages $sql .= $this->db->order("position,lang,label", "ASC"); diff --git a/htdocs/core/class/html.formsocialcontrib.class.php b/htdocs/core/class/html.formsocialcontrib.class.php index 8a40eed9da8..3455b572888 100644 --- a/htdocs/core/class/html.formsocialcontrib.class.php +++ b/htdocs/core/class/html.formsocialcontrib.class.php @@ -76,7 +76,7 @@ class FormSocialContrib $sql = "SELECT c.id, c.libelle as type"; $sql .= " FROM ".MAIN_DB_PREFIX."c_chargesociales as c"; $sql .= " WHERE c.active = 1"; - $sql .= " AND c.fk_pays = ".$mysoc->country_id; + $sql .= " AND c.fk_pays = ".((int) $mysoc->country_id); $sql .= " ORDER BY c.libelle ASC"; } else { $sql = "SELECT c.id, c.libelle as type"; diff --git a/htdocs/core/class/html.formticket.class.php b/htdocs/core/class/html.formticket.class.php index 3cec6c19789..f4e076640c4 100644 --- a/htdocs/core/class/html.formticket.class.php +++ b/htdocs/core/class/html.formticket.class.php @@ -259,7 +259,7 @@ class FormTicket $doleditor->Create(); print '
    '; print ''; @@ -569,90 +569,194 @@ class FormTicket * @param int $noadmininfo 0=Add admin info, 1=Disable admin info * @param int $maxlength Max length of label * @param string $morecss More CSS + * @param int $use_multilevel if != 0 create a multilevel select ( Do not use any of the other params) * @return void */ - public function selectGroupTickets($selected = '', $htmlname = 'ticketcategory', $filtertype = '', $format = 0, $empty = 0, $noadmininfo = 0, $maxlength = 0, $morecss = '') + public function selectGroupTickets($selected = '', $htmlname = 'ticketcategory', $filtertype = '', $format = 0, $empty = 0, $noadmininfo = 0, $maxlength = 0, $morecss = '', $use_multilevel = 0) { global $langs, $user; - $ticketstat = new Ticket($this->db); + if ($use_multilevel == 0) { + $ticketstat = new Ticket($this->db); - dol_syslog(get_class($this)."::selectCategoryTickets ".$selected.", ".$htmlname.", ".$filtertype.", ".$format, LOG_DEBUG); + dol_syslog(get_class($this)."::selectCategoryTickets ".$selected.", ".$htmlname.", ".$filtertype.", ".$format, LOG_DEBUG); - $ticketstat->loadCacheCategoriesTickets(); + $ticketstat->loadCacheCategoriesTickets(); - print ''; + if ($empty) { + print ''; + } - if (is_array($ticketstat->cache_category_tickets) && count($ticketstat->cache_category_tickets)) { - foreach ($ticketstat->cache_category_tickets as $id => $arraycategories) { - // Exclude some record - if ($filtertype == 'public=1') { - if (empty($arraycategories['public'])) { + if (is_array($ticketstat->cache_category_tickets) && count($ticketstat->cache_category_tickets)) { + foreach ($ticketstat->cache_category_tickets as $id => $arraycategories) { + // Exclude some record + if ($filtertype == 'public=1') { + if (empty($arraycategories['public'])) { + continue; + } + } + + // We discard empty line if showempty is on because an empty line has already been output. + if ($empty && empty($arraycategories['code'])) { continue; } + + if ($format == 0) { + print ''; } - - // We discard empty line if showempty is on because an empty line has already been output. - if ($empty && empty($arraycategories['code'])) { - continue; - } - - if ($format == 0) { - print ''; } - } - print ''; - if ($user->admin && !$noadmininfo) { - print info_admin($langs->trans("YouCanChangeValuesForThisListFromDictionarySetup"), 1); - } + print ''; + if ($user->admin && !$noadmininfo) { + print info_admin($langs->trans("YouCanChangeValuesForThisListFromDictionarySetup"), 1); + } - print ajax_combobox('select'.$htmlname); + print ajax_combobox('select'.$htmlname); + } else { + $groupticket=GETPOST('groupticket', 'aZ09'); + $groupticketchild=GETPOST('groupticket_child', 'aZ09'); + $arraycodenotparent[] = ""; + $stringtoprint = ''.$langs->trans("GroupOfTicket").' '; + $stringtoprint .= ''; + } + $stringtoprint .= ' '; + + $stringtoprint .= ''; + + $stringtoprint .=''; + return $stringtoprint; + } } /** @@ -995,6 +1099,8 @@ class FormTicket print '
    '; include_once DOL_DOCUMENT_ROOT.'/core/class/doleditor.class.php'; - $uselocalbrowser = true; - $doleditor = new DolEditor('mail_intro', $mail_intro, '100%', 90, 'dolibarr_details', '', false, true, $conf->global->FCKEDITOR_ENABLE_SOCIETE, ROWS_2, 70); + $doleditor = new DolEditor('mail_intro', $mail_intro, '100%', 90, 'dolibarr_details', '', false, $uselocalbrowser, $conf->global->FCKEDITOR_ENABLE_SOCIETE, ROWS_2, 70); $doleditor->Create(); print '
    '; include_once DOL_DOCUMENT_ROOT.'/core/class/doleditor.class.php'; - $doleditor = new DolEditor('mail_signature', $mail_signature, '100%', 150, 'dolibarr_details', '', false, true, $conf->global->FCKEDITOR_ENABLE_SOCIETE, ROWS_2, 70); + $doleditor = new DolEditor('mail_signature', $mail_signature, '100%', 150, 'dolibarr_details', '', false, $uselocalbrowser, $conf->global->FCKEDITOR_ENABLE_SOCIETE, ROWS_2, 70); $doleditor->Create(); print '
    '; print ''; print ''; @@ -1715,6 +1716,7 @@ function form_constantes($tableau, $strictw3c = 0, $helptext = '') } } print '
    '.$langs->trans("Description").'
    '; + print '
    '; if (!empty($strictw3c) && $strictw3c == 1) { print '
    '; diff --git a/htdocs/core/lib/agenda.lib.php b/htdocs/core/lib/agenda.lib.php index 939e6514c13..ef635b259ff 100644 --- a/htdocs/core/lib/agenda.lib.php +++ b/htdocs/core/lib/agenda.lib.php @@ -168,7 +168,7 @@ function show_array_actions_to_do($max = 5) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".$user->id; } if ($socid) { - $sql .= " AND s.rowid = ".$socid; + $sql .= " AND s.rowid = ".((int) $socid); } $sql .= " ORDER BY a.datep DESC, a.id DESC"; $sql .= $db->plimit($max, 0); @@ -284,7 +284,7 @@ function show_array_last_actions_done($max = 5) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".$user->id; } if ($socid) { - $sql .= " AND s.rowid = ".$socid; + $sql .= " AND s.rowid = ".((int) $socid); } $sql .= " ORDER BY a.datep2 DESC"; $sql .= $db->plimit($max, 0); diff --git a/htdocs/core/lib/ajax.lib.php b/htdocs/core/lib/ajax.lib.php index bd69b812200..99cf4e4f8d1 100644 --- a/htdocs/core/lib/ajax.lib.php +++ b/htdocs/core/lib/ajax.lib.php @@ -411,10 +411,11 @@ function ajax_dialog($title, $message, $w = 350, $h = 150) * @param int $minLengthToAutocomplete Minimum length of input string to start autocomplete * @param int $forcefocus Force focus on field * @param string $widthTypeOfAutocomplete 'resolve' or 'off' + * @param string $idforemptyvalue '-1' * @return string Return html string to convert a select field into a combo, or '' if feature has been disabled for some reason. * @see selectArrayAjax() of html.form.class */ -function ajax_combobox($htmlname, $events = array(), $minLengthToAutocomplete = 0, $forcefocus = 0, $widthTypeOfAutocomplete = 'resolve') +function ajax_combobox($htmlname, $events = array(), $minLengthToAutocomplete = 0, $forcefocus = 0, $widthTypeOfAutocomplete = 'resolve', $idforemptyvalue = '-1') { global $conf; @@ -455,14 +456,14 @@ function ajax_combobox($htmlname, $events = array(), $minLengthToAutocomplete = /* Code to add class of origin OPTION propagated to the new select2
  • tag */ if (data.element) { $(container).addClass($(data.element).attr("class")); } //console.log($(data.element).attr("data-html")); - if (data.id == -1 && $(data.element).attr("data-html") == undefined) { + if (data.id == '.((int) $idforemptyvalue).' && $(data.element).attr("data-html") == undefined) { return \' \'; } if ($(data.element).attr("data-html") != undefined) return htmlEntityDecodeJs($(data.element).attr("data-html")); // If property html set, we decode html entities and use this return data.text; }, templateSelection: function (selection) { /* Format visible output of selected value */ - if (selection.id == -1) return \'\'+selection.text+\'\'; + if (selection.id == '.((int) $idforemptyvalue).') return \'\'+selection.text+\'\'; return selection.text; }, escapeMarkup: function(markup) { diff --git a/htdocs/core/lib/company.lib.php b/htdocs/core/lib/company.lib.php index 99bcd2c3921..5abc6bfc2ac 100644 --- a/htdocs/core/lib/company.lib.php +++ b/htdocs/core/lib/company.lib.php @@ -227,7 +227,7 @@ function societe_prepare_head(Societe $object) if (empty($conf->stripe->enabled)) { $sql .= " AND n.stripe_card_ref IS NULL"; } else { - $sql .= " AND (n.stripe_card_ref IS NULL OR (n.stripe_card_ref IS NOT NULL AND n.status = ".$servicestatus."))"; + $sql .= " AND (n.stripe_card_ref IS NULL OR (n.stripe_card_ref IS NOT NULL AND n.status = ".((int) $servicestatus)."))"; } $resql = $db->query($sql); @@ -963,9 +963,9 @@ function show_contacts($conf, $langs, $db, $object, $backtopage = '') $contactstatic->fields = array( 'name' =>array('type'=>'varchar(128)', 'label'=>'Name', 'enabled'=>1, 'visible'=>1, 'notnull'=>1, 'showoncombobox'=>1, 'index'=>1, 'position'=>10, 'searchall'=>1), - 'poste' =>array('type'=>'varchar(128)', 'label'=>'PostOrFunction', 'enabled'=>1, 'visible'=>1, 'notnull'=>1, 'showoncombobox'=>1, 'index'=>1, 'position'=>20), - 'address' =>array('type'=>'varchar(128)', 'label'=>'Address', 'enabled'=>1, 'visible'=>1, 'notnull'=>1, 'showoncombobox'=>1, 'index'=>1, 'position'=>30), - 'role' =>array('type'=>'checkbox', 'label'=>'Role', 'enabled'=>1, 'visible'=>1, 'notnull'=>1, 'showoncombobox'=>1, 'index'=>1, 'position'=>40), + 'poste' =>array('type'=>'varchar(128)', 'label'=>'PostOrFunction', 'enabled'=>1, 'visible'=>1, 'notnull'=>1, 'showoncombobox'=>2, 'index'=>1, 'position'=>20), + 'address' =>array('type'=>'varchar(128)', 'label'=>'Address', 'enabled'=>1, 'visible'=>1, 'notnull'=>1, 'showoncombobox'=>3, 'index'=>1, 'position'=>30), + 'role' =>array('type'=>'checkbox', 'label'=>'Role', 'enabled'=>1, 'visible'=>1, 'notnull'=>1, 'showoncombobox'=>4, 'index'=>1, 'position'=>40), 'statut' =>array('type'=>'integer', 'label'=>'Status', 'enabled'=>1, 'visible'=>1, 'notnull'=>1, 'default'=>0, 'index'=>1, 'position'=>50, 'arrayofkeyval'=>array(0=>$contactstatic->LibStatut(0, 1), 1=>$contactstatic->LibStatut(1, 1))), ); @@ -1448,7 +1448,7 @@ function show_actions_done($conf, $langs, $db, $filterobj, $objcon = '', $noprin if (is_object($objcon) && $objcon->id > 0) { $force_filter_contact = true; $sql .= " INNER JOIN ".MAIN_DB_PREFIX."actioncomm_resources as r ON a.id = r.fk_actioncomm"; - $sql .= " AND r.element_type = '".$db->escape($objcon->table_element)."' AND r.fk_element = ".$objcon->id; + $sql .= " AND r.element_type = '".$db->escape($objcon->table_element)."' AND r.fk_element = ".((int) $objcon->id); } if (is_object($filterobj) && in_array(get_class($filterobj), array('Societe', 'Client', 'Fournisseur'))) { @@ -1457,7 +1457,7 @@ function show_actions_done($conf, $langs, $db, $filterobj, $objcon = '', $noprin $sql .= " INNER JOIN ".MAIN_DB_PREFIX."element_resources as er"; $sql .= " ON er.resource_type = 'dolresource'"; $sql .= " AND er.element_id = a.id"; - $sql .= " AND er.resource_id = ".$filterobj->id; + $sql .= " AND er.resource_id = ".((int) $filterobj->id); } elseif (is_object($filterobj) && get_class($filterobj) == 'Project') { /* Nothing */ } elseif (is_object($filterobj) && get_class($filterobj) == 'Adherent') { @@ -1940,7 +1940,7 @@ function show_subsidiaries($conf, $langs, $db, $object) $sql = "SELECT s.rowid, s.client, s.fournisseur, s.nom as name, s.name_alias, s.email, s.address, s.zip, s.town, s.code_client, s.code_fournisseur, s.code_compta, s.code_compta_fournisseur, s.canvas"; $sql .= " FROM ".MAIN_DB_PREFIX."societe as s"; - $sql .= " WHERE s.parent = ".$object->id; + $sql .= " WHERE s.parent = ".((int) $object->id); $sql .= " AND s.entity IN (".getEntity('societe').")"; $sql .= " ORDER BY s.nom"; diff --git a/htdocs/core/lib/files.lib.php b/htdocs/core/lib/files.lib.php index ce5e7129bcf..7e34eec5ecd 100644 --- a/htdocs/core/lib/files.lib.php +++ b/htdocs/core/lib/files.lib.php @@ -2232,7 +2232,8 @@ function dol_most_recent_file($dir, $regexfilter = '', $excludefilter = array('( } /** - * Security check when accessing to a document (used by document.php, viewimage.php and webservices) + * Security check when accessing to a document (used by document.php, viewimage.php and webservices to get documents). + * TODO Replace code that set $accesallowed by a call to restrictedArea() * * @param string $modulepart Module of document ('module', 'module_user_temp', 'module_user' or 'module_temp') * @param string $original_file Relative path with filename, relative to modulepart. @@ -2446,6 +2447,16 @@ function dol_check_secure_access_document($modulepart, $original_file, $entity, // Wrapping for events if ($fuser->rights->agenda->myactions->{$read}) { $accessallowed = 1; + // If we known $id of project, call checkUserAccessToObject to check permission on the given agenda event on properties and assigned users + if ($refname && !preg_match('/^specimen/i', $original_file)) { + include_once DOL_DOCUMENT_ROOT.'/comm/action/class/actioncomm.class.php'; + $tmpobject = new ActionComm($db); + $tmpobject->fetch((int) $refname); + $accessallowed = checkUserAccessToObject($user, array('agenda'), $tmpobject->id, 'actioncomm&societe', 'myactions|allactions', 'fk_soc', 'id', ''); + if ($user->socid && $tmpobject->socid) { + $accessallowed = checkUserAccessToObject($user, array('societe'), $tmpobject->socid); + } + } } $original_file = $conf->agenda->dir_output.'/'.$original_file; } elseif ($modulepart == 'category' && !empty($conf->categorie->multidir_output[$entity])) { @@ -2612,12 +2623,26 @@ function dol_check_secure_access_document($modulepart, $original_file, $entity, // Wrapping pour les projets if ($fuser->rights->projet->{$lire} || preg_match('/^specimen/i', $original_file)) { $accessallowed = 1; + // If we known $id of project, call checkUserAccessToObject to check permission on properties and contact of project + if ($refname && !preg_match('/^specimen/i', $original_file)) { + include_once DOL_DOCUMENT_ROOT.'/projet/class/project.class.php'; + $tmpproject = new Project($db); + $tmpproject->fetch('', $refname); + $accessallowed = checkUserAccessToObject($user, array('projet'), $tmpproject->id, 'projet&project', '', '', 'rowid', ''); + } } $original_file = $conf->projet->dir_output.'/'.$original_file; $sqlprotectagainstexternals = "SELECT fk_soc as fk_soc FROM ".MAIN_DB_PREFIX."projet WHERE ref='".$db->escape($refname)."' AND entity IN (".getEntity('project').")"; } elseif ($modulepart == 'project_task' && !empty($conf->projet->dir_output)) { if ($fuser->rights->projet->{$lire} || preg_match('/^specimen/i', $original_file)) { $accessallowed = 1; + // If we known $id of project, call checkUserAccessToObject to check permission on properties and contact of project + if ($refname && !preg_match('/^specimen/i', $original_file)) { + include_once DOL_DOCUMENT_ROOT.'/projet/class/task.class.php'; + $tmptask = new Task($db); + $tmptask->fetch('', $refname); + $accessallowed = checkUserAccessToObject($user, array('projet_task'), $tmptask->id, 'projet&project', '', '', 'rowid', ''); + } } $original_file = $conf->projet->dir_output.'/'.$original_file; $sqlprotectagainstexternals = "SELECT fk_soc as fk_soc FROM ".MAIN_DB_PREFIX."projet WHERE ref='".$db->escape($refname)."' AND entity IN (".getEntity('project').")"; diff --git a/htdocs/core/lib/fourn.lib.php b/htdocs/core/lib/fourn.lib.php index 68910357269..efc9f60147c 100644 --- a/htdocs/core/lib/fourn.lib.php +++ b/htdocs/core/lib/fourn.lib.php @@ -59,7 +59,7 @@ function facturefourn_prepare_head($object) $nbStandingOrders = 0; $sql = "SELECT COUNT(pfd.rowid) as nb"; $sql .= " FROM ".MAIN_DB_PREFIX."prelevement_facture_demande as pfd"; - $sql .= " WHERE pfd.fk_facture_fourn = ".$object->id; + $sql .= " WHERE pfd.fk_facture_fourn = ".((int) $object->id); $sql .= " AND pfd.ext_payment_id IS NULL"; $resql = $db->query($sql); if ($resql) { diff --git a/htdocs/core/lib/functions.lib.php b/htdocs/core/lib/functions.lib.php index 48237bbc826..16b28814f64 100644 --- a/htdocs/core/lib/functions.lib.php +++ b/htdocs/core/lib/functions.lib.php @@ -3499,7 +3499,8 @@ function img_picto($titlealt, $picto, $moreatt = '', $pictoisfullpath = false, $ 'accountancy', 'account', 'accountline', 'action', 'add', 'address', 'angle-double-down', 'angle-double-up', 'asset', 'bank_account', 'barcode', 'bank', 'bill', 'billa', 'billr', 'billd', 'bookmark', 'bom', 'bug', 'building', 'calendar', 'calendarmonth', 'calendarweek', 'calendarday', 'calendarperuser', 'calendarpertype', - 'cash-register', 'category', 'chart', 'check', 'clock', 'close_title', 'cog', 'collab', 'company', 'contact', 'country', 'contract', 'cron', 'cubes', 'multicurrency', + 'cash-register', 'category', 'chart', 'check', 'clock', 'close_title', 'cog', 'collab', 'company', 'contact', 'country', 'contract', 'conversation', 'cron', 'cubes', + 'multicurrency', 'delete', 'dolly', 'dollyrevert', 'donation', 'download', 'dynamicprice', 'edit', 'ellipsis-h', 'email', 'eraser', 'establishment', 'expensereport', 'external-link-alt', 'external-link-square-alt', 'filter', 'file-code', 'file-export', 'file-import', 'file-upload', 'autofill', 'folder', 'folder-open', 'folder-plus', @@ -3514,7 +3515,9 @@ function img_picto($titlealt, $picto, $moreatt = '', $pictoisfullpath = false, $ 'github', 'jabber', 'skype', 'twitter', 'facebook', 'linkedin', 'instagram', 'snapchat', 'youtube', 'google-plus-g', 'whatsapp', 'chevron-left', 'chevron-right', 'chevron-down', 'chevron-top', 'commercial', 'companies', 'generic', 'home', 'hrm', 'members', 'products', 'invoicing', - 'partnership', 'payment', 'pencil-ruler', 'preview', 'project', 'projectpub', 'projecttask', 'question', 'refresh', 'salary', 'shipment', 'supplier_invoice', 'technic', 'ticket', + 'partnership', 'payment', 'pencil-ruler', 'preview', 'project', 'projectpub', 'projecttask', 'question', 'refresh', 'salary', 'shipment', + 'supplier_invoice', 'supplier_invoicea', 'supplier_invoicer', 'supplier_invoiced', + 'technic', 'ticket', 'error', 'warning', 'recent', 'reception', 'recruitmentcandidature', 'recruitmentjobposition', 'resource', 'shapes', 'supplier', 'supplier_proposal', 'supplier_order', 'supplier_invoice', @@ -3535,7 +3538,9 @@ function img_picto($titlealt, $picto, $moreatt = '', $pictoisfullpath = false, $ $arrayconvpictotofa = array( 'account'=>'university', 'accountline'=>'receipt', 'accountancy'=>'search-dollar', 'action'=>'calendar-alt', 'add'=>'plus-circle', 'address'=> 'address-book', 'asset'=>'money-check-alt', 'autofill'=>'fill', - 'bank_account'=>'university', 'bill'=>'file-invoice-dollar', 'billa'=>'file-excel', 'billr'=>'file-invoice-dollar', 'supplier_invoicea'=>'file-excel', 'billd'=>'file-medical', 'supplier_invoiced'=>'file-medical', + 'bank_account'=>'university', + 'bill'=>'file-invoice-dollar', 'billa'=>'file-excel', 'billr'=>'file-invoice-dollar', 'billd'=>'file-medical', + 'supplier_invoice'=>'file-invoice-dollar', 'supplier_invoicea'=>'file-excel', 'supplier_invoicer'=>'file-invoice-dollar', 'supplier_invoiced'=>'file-medical', 'bom'=>'shapes', 'chart'=>'chart-line', 'company'=>'building', 'contact'=>'address-book', 'contract'=>'suitcase', 'collab'=>'people-arrows', 'conversation'=>'comments', 'country'=>'globe-americas', 'cron'=>'business-time', 'donation'=>'file-alt', 'dynamicprice'=>'hand-holding-usd', @@ -5185,7 +5190,7 @@ function price($amount, $form = 0, $outlangs = '', $trunc = 1, $rounding = -1, $ * @param int $option Put 1 if you know that content is already universal format number (so no correction on decimal will be done) * Put 2 if you know that number is a user input (so we know we don't have to fix decimal separator). * @return string Amount with universal numeric format (Example: '99.99999'). - * If conversion fails, it return text unchanged if $rounding = '' or '0' if $rounding is defined. + * If conversion fails, it return text unchanged if ($rounding = '' and $option = 1) or '0' if ($rounding is defined and $option = 1). * If amount is null or '', it returns '' if $rounding = '' or '0' if $rounding is defined.. * * @see price() Opposite function of price2num @@ -6879,8 +6884,6 @@ function getCommonSubstitutionArray($outputlangs, $onlykey = 0, $exclude = null, // For backward compatibility $substitutionarray['__REFCLIENT__'] = (isset($object->ref_client) ? $object->ref_client : (isset($object->ref_customer) ? $object->ref_customer : null)); $substitutionarray['__REFSUPPLIER__'] = (isset($object->ref_supplier) ? $object->ref_supplier : null); - $substitutionarray['__REFCLIENT__'] = (isset($object->ref_client) ? $object->ref_client : (isset($object->ref_customer) ? $object->ref_customer : null)); - $substitutionarray['__REFSUPPLIER__'] = (isset($object->ref_supplier) ? $object->ref_supplier : null); $substitutionarray['__SUPPLIER_ORDER_DATE_DELIVERY__'] = (isset($object->date_livraison) ? dol_print_date($object->date_livraison, 'day', 0, $outputlangs) : ''); $substitutionarray['__SUPPLIER_ORDER_DELAY_DELIVERY__'] = (isset($object->availability_code) ? ($outputlangs->transnoentities("AvailabilityType".$object->availability_code) != ('AvailabilityType'.$object->availability_code) ? $outputlangs->transnoentities("AvailabilityType".$object->availability_code) : $outputlangs->convToOutputCharset(isset($object->availability) ? $object->availability : '')) : ''); @@ -7136,14 +7139,14 @@ function getCommonSubstitutionArray($outputlangs, $onlykey = 0, $exclude = null, $substitutionarray['__AMOUNT_TAX3__'] = is_object($object) ? $object->total_localtax2 : ''; } - $substitutionarray['__AMOUNT_FORMATED__'] = is_object($object) ? ($object->total_ttc ? price($object->total_ttc, 0, $outputlangs, 0, 0, -1, $conf->currency) : null) : ''; - $substitutionarray['__AMOUNT_EXCL_TAX_FORMATED__'] = is_object($object) ? ($object->total_ht ? price($object->total_ht, 0, $outputlangs, 0, 0, -1, $conf->currency) : null) : ''; - $substitutionarray['__AMOUNT_VAT_FORMATED__'] = is_object($object) ? (isset($object->total_vat) ? price($object->total_vat, 0, $outputlangs, 0, 0, -1, $conf->currency) : ($object->total_tva ? price($object->total_tva, 0, $outputlangs, 0, 0, -1, $conf->currency) : null)) : ''; + $substitutionarray['__AMOUNT_FORMATED__'] = is_object($object) ? ($object->total_ttc ? price($object->total_ttc, 0, $outputlangs, 0, -1, -1, $conf->currency) : null) : ''; + $substitutionarray['__AMOUNT_EXCL_TAX_FORMATED__'] = is_object($object) ? ($object->total_ht ? price($object->total_ht, 0, $outputlangs, 0, -1, -1, $conf->currency) : null) : ''; + $substitutionarray['__AMOUNT_VAT_FORMATED__'] = is_object($object) ? (isset($object->total_vat) ? price($object->total_vat, 0, $outputlangs, 0, -1, -1, $conf->currency) : ($object->total_tva ? price($object->total_tva, 0, $outputlangs, 0, -1, -1, $conf->currency) : null)) : ''; if ($onlykey != 2 || $mysoc->useLocalTax(1)) { - $substitutionarray['__AMOUNT_TAX2_FORMATED__'] = is_object($object) ? ($object->total_localtax1 ? price($object->total_localtax1, 0, $outputlangs, 0, 0, -1, $conf->currency) : null) : ''; + $substitutionarray['__AMOUNT_TAX2_FORMATED__'] = is_object($object) ? ($object->total_localtax1 ? price($object->total_localtax1, 0, $outputlangs, 0, -1, -1, $conf->currency) : null) : ''; } if ($onlykey != 2 || $mysoc->useLocalTax(2)) { - $substitutionarray['__AMOUNT_TAX3_FORMATED__'] = is_object($object) ? ($object->total_localtax2 ? price($object->total_localtax2, 0, $outputlangs, 0, 0, -1, $conf->currency) : null) : ''; + $substitutionarray['__AMOUNT_TAX3_FORMATED__'] = is_object($object) ? ($object->total_localtax2 ? price($object->total_localtax2, 0, $outputlangs, 0, -1, -1, $conf->currency) : null) : ''; } $substitutionarray['__AMOUNT_MULTICURRENCY__'] = (is_object($object) && isset($object->multicurrency_total_ttc)) ? $object->multicurrency_total_ttc : ''; @@ -7996,6 +7999,29 @@ function dol_eval($s, $returnvalue = 0, $hideerrors = 1) global $obj; // To get $obj used into list when dol_eval is used for computed fields and $obj is not yet $object global $soc; // For backward compatibility + // Replace dangerous char (used for RCE), we allow only PHP variable testing. + if (strpos($s, '`') !== false) { + return 'Bad string syntax to evaluate: '.$s; + } + + // We block using of php exec or php file functions + $forbiddenphpstrings = array("exec(", "passthru(", "shell_exec(", "system(", "proc_open(", "popen(", "eval(", "dol_eval(", "executeCLI("); + $forbiddenphpstrings = array_merge($forbiddenphpstrings, array("fopen(", "file_put_contents(", "fputs(", "fputscsv(", "fwrite(", "fpassthru(", "unlink(", "mkdir(", "rmdir(", "symlink(", "touch(", "umask(")); + $forbiddenphpstrings = array_merge($forbiddenphpstrings, array('function(', '$$', 'call_user_func(')); + $forbiddenphpstrings = array_merge($forbiddenphpstrings, array('_ENV', '_SESSION', '_COOKIE', '_GET', '_POST', '_REQUEST')); + $forbiddenphpregex = 'global\s+\$'; + do { + $oldstringtoclean = $s; + $s = str_ireplace($forbiddenphpstrings, '__forbiddenstring__', $s); + $s = preg_replace('/'.$forbiddenphpregex.'/', '__forbiddenstring__', $s); + //$s = preg_replace('/\$[a-zA-Z0-9_\->\$]+\(/i', '', $s); // Remove $function( call and $mycall->mymethod( + } while ($oldstringtoclean != $s); + + if (strpos($s, '__forbiddenstring__') !== false) { + dol_syslog('Bad string syntax to evaluate: '.$s, LOG_WARNING); + return 'Bad string syntax to evaluate: '.$s; + } + //print $s."
    \n"; if ($returnvalue) { if ($hideerrors) { @@ -8070,7 +8096,7 @@ function picto_from_langcode($codelang, $moreatt = '') * Return default language from country code. * Return null if not found. * - * @param string $countrycode Country code like 'US', 'FR', 'CA', ... + * @param string $countrycode Country code like 'US', 'FR', 'CA', 'ES', 'MX', ... * @return string Value of locale like 'en_US', 'fr_FR', ... */ function getLanguageCodeFromCountryCode($countrycode) @@ -8094,6 +8120,9 @@ function getLanguageCodeFromCountryCode($countrycode) if ($mysoc->country_code == 'DE') { return 'de_CH'; } + if ($mysoc->country_code == 'IT') { + return 'it_CH'; + } } // Locale list taken from: @@ -8234,6 +8263,7 @@ function getLanguageCodeFromCountryCode($countrycode) 'pt-BR', 'pt-PT', 'rm-CH', + 'ro-MD', 'ro-RO', 'ru-RU', 'rw-RW', @@ -9669,7 +9699,7 @@ function dolGetStatus($statusLabel = '', $statusLabelShort = '', $html = '', $st /** * Function dolGetButtonAction * - * @param string $label label of button no html : use in alt attribute for accessibility $html is not empty + * @param string $label label of button without HTML : use in alt attribute for accessibility $html is not empty * @param string $html optional : content with html * @param string $actionType default, delete, danger * @param string $url the url for link @@ -9687,8 +9717,9 @@ function dolGetButtonAction($label, $html = '', $actionType = 'default', $url = } $attr = array( - 'class' => $class - ,'href' => empty($url) ? '' : $url + 'class' => $class, + 'href' => empty($url) ? '' : $url, + 'title' => $label ); if (empty($html)) { diff --git a/htdocs/core/lib/functions2.lib.php b/htdocs/core/lib/functions2.lib.php index e279ced2a3d..6f5d2ccb891 100644 --- a/htdocs/core/lib/functions2.lib.php +++ b/htdocs/core/lib/functions2.lib.php @@ -1043,7 +1043,7 @@ function get_next_value($db, $mask, $table, $field, $where = '', $objsoc = '', $ $regType = array(); if (preg_match('/\{(t+)\}/i', $mask, $regType)) { $masktype = $regType[1]; - $masktype_value = substr(preg_replace('/^TE_/', '', $objsoc->typent_code), 0, dol_strlen($regType[1])); // get n first characters of thirdpaty typent_code (where n is length in mask) + $masktype_value = substr(preg_replace('/^TE_/', '', $objsoc->typent_code), 0, dol_strlen($regType[1])); // get n first characters of thirdparty typent_code (where n is length in mask) $masktype_value = str_pad($masktype_value, dol_strlen($regType[1]), "#", STR_PAD_RIGHT); // we fill on right with # to have same number of char than into mask } else { $masktype = ''; @@ -2679,57 +2679,6 @@ if (!function_exists('dolEscapeXML')) { } -/** - * Return automatic or manual in current language - * - * @param string $automaticmanual Value to test (1, 'automatic', 'true' or 0, 'manual', 'false') - * @param integer $case 1=Yes/No, 0=yes/no, 2=Disabled checkbox, 3=Disabled checkbox + Automatic/Manual - * @param int $color 0=texte only, 1=Text is formated with a color font style ('ok' or 'error'), 2=Text is formated with 'ok' color. - * @return string HTML string - */ -function autoOrManual($automaticmanual, $case = 1, $color = 0) -{ - global $langs; - $result = 'unknown'; - $classname = ''; - if ($automaticmanual == 1 || strtolower($automaticmanual) == 'automatic' || strtolower($automaticmanual) == 'true') { // A mettre avant test sur no a cause du == 0 - $result = $langs->trans('automatic'); - if ($case == 1 || $case == 3) { - $result = $langs->trans("Automatic"); - } - if ($case == 2) { - $result = ''; - } - if ($case == 3) { - $result = ' '.$result; - } - - $classname = 'ok'; - } elseif ($automaticmanual == 0 || strtolower($automaticmanual) == 'manual' || strtolower($automaticmanual) == 'false') { - $result = $langs->trans("manual"); - if ($case == 1 || $case == 3) { - $result = $langs->trans("Manual"); - } - if ($case == 2) { - $result = ''; - } - if ($case == 3) { - $result = ' '.$result; - } - - if ($color == 2) { - $classname = 'ok'; - } else { - $classname = 'error'; - } - } - if ($color) { - return ''.$result.''; - } - return $result; -} - - /** * Convert links to local wrapper to medias files into a string into a public external URL readable on internet * diff --git a/htdocs/core/lib/geturl.lib.php b/htdocs/core/lib/geturl.lib.php index 9feddb6f7f5..f87e7b7b4cd 100644 --- a/htdocs/core/lib/geturl.lib.php +++ b/htdocs/core/lib/geturl.lib.php @@ -24,7 +24,9 @@ /** * Function to get a content from an URL (use proxy if proxy defined). * Support Dolibarr setup for timeout and proxy. - * Enhancement of CURL to add an anti SSRF protection. + * Enhancement of CURL to add an anti SSRF protection: + * - you can set MAIN_SECURITY_ANTI_SSRF_SERVER_IP to set static ip of server + * - common local lookup ips like 127.*.*.* are automatically added * * @param string $url URL to call. * @param string $postorget 'POST', 'GET', 'HEAD', 'PUT', 'PUTALREADYFORMATED', 'POSTALREADYFORMATED', 'DELETE' @@ -199,12 +201,13 @@ function getURLContent($url, $postorget = 'GET', $param = '', $followlocation = } } if ($localurl == 1) { // Only local url allowed (dangerous, may allow to get metadata on server or make internal port scanning) + // Deny ips NOT like 10.0.0.0/8, 172.16.0.0/12, 192.168.0.0/16, 0.0.0.0/8, 169.254.0.0/16, 127.0.0.0/8 et 240.0.0.0/4, ::1/128, ::/128, ::ffff:0:0/96, fe80::/10... if (filter_var($iptocheck, FILTER_VALIDATE_IP, FILTER_FLAG_NO_PRIV_RANGE | FILTER_FLAG_NO_RES_RANGE)) { $info['http_code'] = 400; $info['content'] = 'Error bad hostname '.$iptocheck.'. Must be a local URL.'; break; } - if (!empty($conf->global->MAIN_SECURITY_ANTI_SSRF_SERVER_IP) && !in_array($iptocheck, explode(',', '127.0.0.1,::1,'.$conf->global->MAIN_SECURITY_ANTI_SSRF_SERVER_IP))) { + if (!empty($conf->global->MAIN_SECURITY_ANTI_SSRF_SERVER_IP) && !in_array($iptocheck, explode(',', $conf->global->MAIN_SECURITY_ANTI_SSRF_SERVER_IP))) { $info['http_code'] = 400; $info['content'] = 'Error bad hostname IP (IP is not a local IP defined into list MAIN_SECURITY_SERVER_IP). Must be a local URL in allowed list.'; break; diff --git a/htdocs/core/lib/images.lib.php b/htdocs/core/lib/images.lib.php index 0a0ebe3ce02..0ccb6a415fc 100644 --- a/htdocs/core/lib/images.lib.php +++ b/htdocs/core/lib/images.lib.php @@ -590,7 +590,7 @@ function vignette($file, $maxWidth = 160, $maxHeight = 120, $extName = '_small', break; } - if (!is_resource($img)) { + if (!is_resource($img) && !($img instanceof \GdImage)) { dol_syslog('Failed to detect type of image. We found infoImg[2]='.$infoImg[2], LOG_WARNING); return 0; } diff --git a/htdocs/core/lib/invoice.lib.php b/htdocs/core/lib/invoice.lib.php index 16891214ca5..c328d659b93 100644 --- a/htdocs/core/lib/invoice.lib.php +++ b/htdocs/core/lib/invoice.lib.php @@ -458,8 +458,9 @@ function getPurchaseInvoicePieChart($socid = 0) /** * Return an HTML table that contains a pie chart of the number of customers or supplier invoices - * @param string $mode Can be customer or fourn - * @return string A HTML table that contains a pie chart of customers or supplier invoices + * + * @param string $mode Can be 'customers' or 'suppliers' + * @return string A HTML table that contains a pie chart of customers or supplier invoices */ function getNumberInvoicesPieChart($mode) { @@ -487,19 +488,24 @@ function getNumberInvoicesPieChart($mode) $sql .= ", sum(".$db->ifsql("f.date_lim_reglement > '".date_format($datenowadd30, 'Y-m-d')."'", 1, 0).") as nbnotlate30"; if ($mode == 'customers') { $sql .= " FROM ".MAIN_DB_PREFIX."facture as f"; - } elseif ($mode == 'fourn') { + } elseif ($mode == 'fourn' || $mode == 'suppliers') { $sql .= " FROM ".MAIN_DB_PREFIX."facture_fourn as f"; } else { return ''; } $sql .= " WHERE f.type <> 2"; $sql .= " AND f.fk_statut = 1"; + if (isset($user->socid) && $user->socid > 0) { + $sql .= " AND f.fk_soc = ".((int) $user->socid); + } + $resql = $db->query($sql); if ($resql) { $num = $db->num_rows($resql); $i = 0; $total = 0; $dataseries = array(); + while ($i < $num) { $obj = $db->fetch_object($resql); $dataseries = array(array($langs->trans('InvoiceLate30Days'),$obj->nblate30) @@ -515,20 +521,22 @@ function getNumberInvoicesPieChart($mode) } $colorseries = array($badgeStatus8, $badgeStatus1, $badgeStatus3, $badgeStatus4, $badgeStatus11, '-'.$badgeStatus11); - if ($conf->use_javascript_ajax) { - $result = '
    '; - $result .= ''; - $result .= ''; - $result .= ''; - } elseif ($mode == 'fourn') { - $result .= $langs->trans("SupplierInvoice").''; - } else { - return ''; - } - $result .= ''; + $result = '
    '; + $result .= '
    '.$langs->trans("Statistics").' - '; - if ($mode == 'customers') { - $result .= $langs->trans("CustomerInvoice").'
    '; + $result .= ''; + $result .= ''; + $result .= ''; + + if ($conf->use_javascript_ajax) { $dolgraph = new DolGraph(); $dolgraph->SetData($dataseries); $dolgraph->SetDataColor(array_values($colorseries)); @@ -539,17 +547,21 @@ function getNumberInvoicesPieChart($mode) $dolgraph->setWidth('300'); if ($mode == 'customers') { $dolgraph->draw('idgraphcustomerinvoices'); - } elseif ($mode == 'fourn') { + } elseif ($mode == 'fourn' || $mode == 'suppliers') { $dolgraph->draw('idgraphfourninvoices'); } else { return ''; } $result .= ''; - $result .= ''; + $result .= ''; $result .= ''; - $result .= '
    '.$langs->trans("Statistics").' - '; + if ($mode == 'customers') { + $result .= $langs->trans("CustomerInvoice"); + } elseif ($mode == 'fourn' || $mode == 'suppliers') { + $result .= $langs->trans("SupplierInvoice"); + } else { + return ''; + } + $result .= '
    '.$dolgraph->show($total ? 0 : 1).''.$dolgraph->show($total ? 0 : $langs->trans("NoOpenInvoice")).'
    '; - $result .= '
    '; + } else { + // Print text lines } + + $result .= ''; + $result .= '
    • '; + return $result; } else { dol_print_error($db); @@ -734,7 +746,7 @@ function getDraftSupplierTable($maxCount = 500, $socid = 0) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".$user->id; } if ($socid) { - $sql .= " AND f.fk_soc = ".$socid; + $sql .= " AND f.fk_soc = ".((int) $socid); } // Add where from hooks $parameters = array(); @@ -842,8 +854,8 @@ function getCustomerInvoiceLatestEditTable($maxCount = 5, $socid = 0) { global $conf, $db, $langs, $user; - $sql = "SELECT f.rowid, f.entity, f.ref, f.fk_statut as status, f.paye, s.nom as socname, s.rowid as socid, s.canvas, s.client,"; - $sql .= " f.datec"; + $sql = "SELECT f.rowid, f.entity, f.ref, f.fk_statut as status, f.paye, f.type, f.total_ht, f.total_tva, f.total_ttc, f.datec,"; + $sql .= " s.nom as socname, s.rowid as socid, s.canvas, s.client"; $sql .= " FROM ".MAIN_DB_PREFIX."facture as f"; $sql .= ", ".MAIN_DB_PREFIX."societe as s"; if (!$user->rights->societe->client->voir && !$socid) { @@ -892,6 +904,10 @@ function getCustomerInvoiceLatestEditTable($maxCount = 5, $socid = 0) $objectstatic->ref = $obj->ref; $objectstatic->paye = $obj->paye; $objectstatic->statut = $obj->status; + $objectstatic->total_ht = $obj->total_ht; + $objectstatic->total_tva = $obj->total_tva; + $objectstatic->total_ttc = $obj->total_ttc; + $objectstatic->type = $obj->type; $companystatic->id = $obj->socid; $companystatic->name = $obj->socname; @@ -940,8 +956,8 @@ function getPurchaseInvoiceLatestEditTable($maxCount = 5, $socid = 0) { global $conf, $db, $langs, $user; - $sql = "SELECT f.rowid, f.entity, f.ref, f.fk_statut as status, f.paye, s.nom as socname, s.rowid as socid, s.canvas, s.client,"; - $sql .= " f.datec"; + $sql = "SELECT f.rowid, f.entity, f.ref, f.fk_statut as status, f.paye, f.total_ht, f.total_tva, f.total_ttc, f.type, f.ref_supplier, f.datec,"; + $sql .= " s.nom as socname, s.rowid as socid, s.canvas, s.client"; $sql .= " FROM ".MAIN_DB_PREFIX."facture_fourn as f"; $sql .= ", ".MAIN_DB_PREFIX."societe as s"; if (!$user->rights->societe->client->voir && !$socid) { @@ -950,7 +966,7 @@ function getPurchaseInvoiceLatestEditTable($maxCount = 5, $socid = 0) $sql .= " WHERE f.fk_soc = s.rowid"; $sql .= " AND f.entity IN (".getEntity('facture_fourn').")"; if ($socid) { - $sql .= " AND f.fk_soc = ".$socid; + $sql .= " AND f.fk_soc = ".((int) $socid); } if (!$user->rights->societe->client->voir && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".$user->id; @@ -990,6 +1006,10 @@ function getPurchaseInvoiceLatestEditTable($maxCount = 5, $socid = 0) $objectstatic->ref = $obj->ref; $objectstatic->paye = $obj->paye; $objectstatic->statut = $obj->status; + $objectstatic->total_ht = $obj->total_ht; + $objectstatic->total_tva = $obj->total_tva; + $objectstatic->total_ttc = $obj->total_ttc; + $objectstatic->type = $obj->type; $companystatic->id = $obj->socid; $companystatic->name = $obj->socname; @@ -1062,7 +1082,7 @@ function getCustomerInvoiceUnpaidOpenTable($maxCount = 500, $socid = 0) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".$user->id; } if ($socid) { - $sql .= " AND f.fk_soc = ".$socid; + $sql .= " AND f.fk_soc = ".((int) $socid); } // Add where from hooks $parameters = array(); @@ -1250,7 +1270,7 @@ function getPurchaseInvoiceUnpaidOpenTable($maxCount = 500, $socid = 0) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".$user->id; } if ($socid) { - $sql .= " AND ff.fk_soc = ".$socid; + $sql .= " AND ff.fk_soc = ".((int) $socid); } // Add where from hooks $parameters = array(); diff --git a/htdocs/core/lib/member.lib.php b/htdocs/core/lib/member.lib.php index 484f34c265c..fc274e0d624 100644 --- a/htdocs/core/lib/member.lib.php +++ b/htdocs/core/lib/member.lib.php @@ -63,6 +63,33 @@ function member_prepare_head(Adherent $object) $h++; } + $tabtoadd = (!empty(getDolGlobalString('PARTNERSHIP_IS_MANAGED_FOR')) && getDolGlobalString('PARTNERSHIP_IS_MANAGED_FOR') == 'member') ? 'member' : 'thirdparty'; + + if ($tabtoadd == 'member') { + if (!empty($user->rights->partnership->read)) { + $nbPartnership = is_array($object->partnerships) ? count($object->partnerships) : 0; + $head[$h][0] = DOL_URL_ROOT.'/adherents/partnership.php?rowid='.$object->id; + $head[$h][1] = $langs->trans("Partnership"); + $head[$h][2] = 'partnership'; + if ($nbPartnership > 0) { + $head[$h][1] .= ''.$nbPartnership.''; + } + $h++; + } + } else { + if (!empty($user->rights->partnership->read)) { + $nbPartnership = is_array($object->partnerships) ? count($object->partnerships) : 0; + $head[$h][0] = DOL_URL_ROOT.'/societe/partnership.php?socid='.$object->id; + $head[$h][1] = $langs->trans("Partnership"); + $head[$h][2] = 'partnership'; + if ($nbPartnership > 0) { + $head[$h][1] .= ''.$nbPartnership.''; + } + $h++; + } + } + + // Show more tabs from modules // Entries must be declared in modules descriptor with line // $this->tabs = array('entity:+tabname:Title:@mymodule:/mymodule/mypage.php?id=__ID__'); to add new tab @@ -70,9 +97,6 @@ function member_prepare_head(Adherent $object) complete_head_from_modules($conf, $langs, $object, $head, $h, 'member'); $nbNote = 0; - if (!empty($object->note)) { - $nbNote++; - } if (!empty($object->note_private)) { $nbNote++; } diff --git a/htdocs/core/lib/payments.lib.php b/htdocs/core/lib/payments.lib.php index 59d9eb4aa4c..4621e22d122 100644 --- a/htdocs/core/lib/payments.lib.php +++ b/htdocs/core/lib/payments.lib.php @@ -158,7 +158,7 @@ function getValidOnlinePaymentMethods($paymentmethod = '') /** * Return string with full online payment Url * - * @param string $type Type of URL ('free', 'order', 'invoice', 'contractline', 'membersubscription' ...) + * @param string $type Type of URL ('free', 'order', 'invoice', 'contractline', 'member' ...) * @param string $ref Ref of object * @return string Url string */ @@ -182,7 +182,7 @@ function showOnlinePaymentUrl($type, $ref) /** * Return string with HTML link for online payment * - * @param string $type Type of URL ('free', 'order', 'invoice', 'contractline', 'membersubscription' ...) + * @param string $type Type of URL ('free', 'order', 'invoice', 'contractline', 'member' ...) * @param string $ref Ref of object * @param string $label Text or HTML tag to display, if empty it display the URL * @return string Url string @@ -199,7 +199,7 @@ function getHtmlOnlinePaymentLink($type, $ref, $label = '') * Return string with full Url * * @param int $mode 0=True url, 1=Url formated with colors - * @param string $type Type of URL ('free', 'order', 'invoice', 'contractline', 'membersubscription' ...) + * @param string $type Type of URL ('free', 'order', 'invoice', 'contractline', 'member' ...) * @param string $ref Ref of object * @param int $amount Amount (required for $type='free' only) * @param string $freetag Free tag @@ -304,7 +304,7 @@ function getOnlinePaymentUrl($mode, $type, $ref = '', $amount = '9.99', $freetag } } elseif ($type == 'member' || $type == 'membersubscription') { $newtype = 'member'; - $out = $urltouse.'/public/payment/newpayment.php?source=membersubscription&ref='.($mode ? '' : ''); + $out = $urltouse.'/public/payment/newpayment.php?source=member&ref='.($mode ? '' : ''); if ($mode == 1) { $out .= 'member_ref'; } diff --git a/htdocs/core/lib/pdf.lib.php b/htdocs/core/lib/pdf.lib.php index d1c793c621c..4821bfde2b9 100644 --- a/htdocs/core/lib/pdf.lib.php +++ b/htdocs/core/lib/pdf.lib.php @@ -705,8 +705,8 @@ function pdf_pagehead(&$pdf, $outputlangs, $page_height) { global $conf; - // Add a background image on document - if (!empty($conf->global->MAIN_USE_BACKGROUND_ON_PDF)) { // Warning, this option make TCPDF generation being crazy and some content disappeared behind the image + // Add a background image on document only if good setup of const + if (!empty($conf->global->MAIN_USE_BACKGROUND_ON_PDF) && ($conf->global->MAIN_USE_BACKGROUND_ON_PDF != '-1')) { // Warning, this option make TCPDF generation being crazy and some content disappeared behind the image $pdf->SetAutoPageBreak(0, 0); // Disable auto pagebreak before adding image $pdf->Image($conf->mycompany->dir_output.'/logos/'.$conf->global->MAIN_USE_BACKGROUND_ON_PDF, (isset($conf->global->MAIN_USE_BACKGROUND_ON_PDF_X) ? $conf->global->MAIN_USE_BACKGROUND_ON_PDF_X : 0), (isset($conf->global->MAIN_USE_BACKGROUND_ON_PDF_Y) ? $conf->global->MAIN_USE_BACKGROUND_ON_PDF_Y : 0), 0, $page_height); $pdf->SetAutoPageBreak(1, 0); // Restore pagebreak @@ -1325,38 +1325,36 @@ function pdf_getlinedesc($object, $i, $outputlangs, $hideref = 0, $hidedesc = 0, $translatealsoifmodified = (!empty($conf->global->MAIN_MULTILANG_TRANSLATE_EVEN_IF_MODIFIED)); // By default if value was modified manually, we keep it (no translation because we don't have it) // TODO Instead of making a compare to see if param was modified, check that content contains reference translation. If yes, add the added part to the new translation - // ($textwasmodified is replaced with $textwasmodifiedorcompleted and we add completion). + // ($textwasnotmodified is replaced with $textwasmodifiedorcompleted and we add completion). // Set label - // If we want another language, and if label is same than default language (we did force it to a specific value), we can use translation. + // If we want another language, and if label is same than default language (we did not force it to a specific value), we can use translation. //var_dump($outputlangs->defaultlang.' - '.$langs->defaultlang.' - '.$label.' - '.$prodser->label);exit; - $textwasmodified = ($label == $prodser->label); - if (!empty($prodser->multilangs[$outputlangs->defaultlang]["label"]) && ($textwasmodified || $translatealsoifmodified)) { + $textwasnotmodified = ($label == $prodser->label); + if (!empty($prodser->multilangs[$outputlangs->defaultlang]["label"]) && ($textwasnotmodified || $translatealsoifmodified)) { $label = $prodser->multilangs[$outputlangs->defaultlang]["label"]; } // Set desc // Manage HTML entities description test because $prodser->description is store with htmlentities but $desc no - $textwasmodified = false; + $textwasnotmodified = false; if (!empty($desc) && dol_textishtml($desc) && !empty($prodser->description) && dol_textishtml($prodser->description)) { - $textwasmodified = (strpos(dol_html_entity_decode($desc, ENT_QUOTES | ENT_HTML5), dol_html_entity_decode($prodser->description, ENT_QUOTES | ENT_HTML5)) !== false); + $textwasnotmodified = (strpos(dol_html_entity_decode($desc, ENT_QUOTES | ENT_HTML5), dol_html_entity_decode($prodser->description, ENT_QUOTES | ENT_HTML5)) !== false); } else { - $textwasmodified = ($desc == $prodser->description); + $textwasnotmodified = ($desc == $prodser->description); } - if (!empty($prodser->multilangs[$outputlangs->defaultlang]["description"]) && ($textwasmodified || $translatealsoifmodified)) { + if (!empty($prodser->multilangs[$outputlangs->defaultlang]["description"]) && ($textwasnotmodified || $translatealsoifmodified)) { $desc = $prodser->multilangs[$outputlangs->defaultlang]["description"]; } // Set note - $textwasmodified = ($note == $prodser->note); - if (!empty($prodser->multilangs[$outputlangs->defaultlang]["note"]) && ($textwasmodified || $translatealsoifmodified)) { - $note = $prodser->multilangs[$outputlangs->defaultlang]["note"]; + $textwasnotmodified = ($note == $prodser->note_public); + if (!empty($prodser->multilangs[$outputlangs->defaultlang]["other"]) && ($textwasnotmodified || $translatealsoifmodified)) { + $note = $prodser->multilangs[$outputlangs->defaultlang]["other"]; } } } elseif ($object->element == 'facture' || $object->element == 'facturefourn') { - if ($object->type == $object::TYPE_DEPOSIT) { - $desc = str_replace('(DEPOSIT)', $outputlangs->trans('Deposit'), $desc); - } + $desc = str_replace('(DEPOSIT)', $outputlangs->trans('Deposit'), $desc); } // Description short of product line diff --git a/htdocs/core/lib/product.lib.php b/htdocs/core/lib/product.lib.php index 9825b2dac2c..64cc72a8879 100644 --- a/htdocs/core/lib/product.lib.php +++ b/htdocs/core/lib/product.lib.php @@ -360,7 +360,8 @@ function product_lot_admin_prepare_head() */ function show_stats_for_company($product, $socid) { - global $conf, $langs, $user, $db; + global $conf, $langs, $user, $db, $hookmanager; + $form = new Form($db); $nblines = 0; @@ -558,6 +559,12 @@ function show_stats_for_company($product, $socid) print ''; print ''; } + $parameters = array('socid'=>$socid); + $reshook = $hookmanager->executeHooks('addMoreProductStat', $parameters, $product, $nblines); // Note that $action and $object may have been modified by some hooks + if ($reshook < 0) setEventMessages($hookmanager->error, $hookmanager->errors, 'errors'); + + print $hookmanager->resPrint; + return $nblines++; } diff --git a/htdocs/core/lib/project.lib.php b/htdocs/core/lib/project.lib.php index ffa06ebd508..9c33744ceb0 100644 --- a/htdocs/core/lib/project.lib.php +++ b/htdocs/core/lib/project.lib.php @@ -2693,6 +2693,7 @@ function getTaskProgressView($task, $label = true, $progressNumber = true, $hide // define progress color according to time spend vs workload $progressBarClass = 'progress-bar-info'; + $progressCalculated = 0; if ($task->planned_workload) { $progressCalculated = round(100 * floatval($task->duration_effective) / floatval($task->planned_workload), 2); diff --git a/htdocs/core/lib/security.lib.php b/htdocs/core/lib/security.lib.php index de4d67b1647..598802ea574 100644 --- a/htdocs/core/lib/security.lib.php +++ b/htdocs/core/lib/security.lib.php @@ -173,17 +173,21 @@ function dol_verifyHash($chain, $hash, $type = '0') * This method check permission on module then call checkUserAccessToObject() for permission on object (according to entity and socid of user). * * @param User $user User to check - * @param string $features Features to check (it must be module $object->element. Examples: 'societe', 'contact', 'produit&service', 'produit|service', ...) + * @param string $features Features to check (it must be module $object->element. Can be a 'or' check with 'levela|levelb'. + * Examples: 'societe', 'contact', 'produit&service', 'produit|service', ...) + * This is used to check permission $user->rights->features->... * @param int $objectid Object ID if we want to check a particular record (optional) is linked to a owned thirdparty (optional). * @param string $tableandshare 'TableName&SharedElement' with Tablename is table where object is stored. SharedElement is an optional key to define where to check entity for multicompany module. Param not used if objectid is null (optional). * @param string $feature2 Feature to check, second level of permission (optional). Can be a 'or' check with 'sublevela|sublevelb'. + * This is used to check permission $user->rights->features->feature2... * @param string $dbt_keyfield Field name for socid foreign key if not fk_soc. Not used if objectid is null (optional) * @param string $dbt_select Field name for select if not rowid. Not used if objectid is null (optional) * @param int $isdraft 1=The object with id=$objectid is a draft - * @return int Always 1, die process if not allowed + * @param int $mode Mode (0=default, 1=return with not die) + * @return int If mode = 0 (default): Always 1, die process if not allowed. If mode = 1: Return 0 if access not allowed. * @see dol_check_secure_access_document(), checkUserAccessToObject() */ -function restrictedArea($user, $features, $objectid = 0, $tableandshare = '', $feature2 = '', $dbt_keyfield = 'fk_soc', $dbt_select = 'rowid', $isdraft = 0) +function restrictedArea($user, $features, $objectid = 0, $tableandshare = '', $feature2 = '', $dbt_keyfield = 'fk_soc', $dbt_select = 'rowid', $isdraft = 0, $mode = 0) { global $db, $conf; global $hookmanager; @@ -228,7 +232,11 @@ function restrictedArea($user, $features, $objectid = 0, $tableandshare = '', $f if (isset($hookmanager->resArray['result'])) { if ($hookmanager->resArray['result'] == 0) { - accessforbidden(); // Module returns 0, so access forbidden + if ($mode) { + return 0; + } else { + accessforbidden(); // Module returns 0, so access forbidden + } } } if ($reshook > 0) { // No other test done. @@ -343,7 +351,11 @@ function restrictedArea($user, $features, $objectid = 0, $tableandshare = '', $f } if (!$readok) { - accessforbidden(); + if ($mode) { + return 0; + } else { + accessforbidden(); + } } //print "Read access is ok"; @@ -432,7 +444,11 @@ function restrictedArea($user, $features, $objectid = 0, $tableandshare = '', $f } if ($wemustcheckpermissionforcreate && !$createok) { - accessforbidden(); + if ($mode) { + return 0; + } else { + accessforbidden(); + } } //print "Write access is ok"; } @@ -445,7 +461,11 @@ function restrictedArea($user, $features, $objectid = 0, $tableandshare = '', $f } if (!$createuserok) { - accessforbidden(); + if ($mode) { + return 0; + } else { + accessforbidden(); + } } //print "Create user access is ok"; } @@ -520,26 +540,34 @@ function restrictedArea($user, $features, $objectid = 0, $tableandshare = '', $f } if (!$deleteok && !($isdraft && $createok)) { - accessforbidden(); + if ($mode) { + return 0; + } else { + accessforbidden(); + } } //print "Delete access is ok"; } - // If we have a particular object to check permissions on, we check this object - // is linked to a company allowed to $user. + // If we have a particular object to check permissions on, we check if $user has permission + // for this given object (link to company, is contact for project, ...) if (!empty($objectid) && $objectid > 0) { $ok = checkUserAccessToObject($user, $featuresarray, $objectid, $tableandshare, $feature2, $dbt_keyfield, $dbt_select, $parentfortableentity); $params = array('objectid' => $objectid, 'features' => join(',', $featuresarray), 'features2' => $feature2); //print 'checkUserAccessToObject ok='.$ok; - return $ok ? 1 : accessforbidden('', 1, 1, 0, $params); + if ($mode) { + return $ok ? 1 : 0; + } else { + return $ok ? 1 : accessforbidden('', 1, 1, 0, $params); + } } return 1; } /** - * Check access by user to object. - * This function is also called by restrictedArea that check before if module is enabled and permissions of user compared to $action. + * Check access by user to object is ok. + * This function is also called by restrictedArea that check before if module is enabled and if permission of user for $action is ok. * * @param User $user User to check * @param array $featuresarray Features/modules to check. Example: ('user','service','member','project','task',...) @@ -552,7 +580,7 @@ function restrictedArea($user, $features, $objectid = 0, $tableandshare = '', $f * @return bool True if user has access, False otherwise * @see restrictedArea() */ -function checkUserAccessToObject($user, $featuresarray, $objectid = 0, $tableandshare = '', $feature2 = '', $dbt_keyfield = '', $dbt_select = 'rowid', $parenttableforentity = '') +function checkUserAccessToObject($user, array $featuresarray, $objectid = 0, $tableandshare = '', $feature2 = '', $dbt_keyfield = '', $dbt_select = 'rowid', $parenttableforentity = '') { global $db, $conf; @@ -686,6 +714,7 @@ function checkUserAccessToObject($user, $featuresarray, $objectid = 0, $tableand include_once DOL_DOCUMENT_ROOT.'/projet/class/project.class.php'; $projectstatic = new Project($db); $tmps = $projectstatic->getProjectsAuthorizedForUser($user, 0, 1, 0); + $tmparray = explode(',', $tmps); if (!in_array($objectid, $tmparray)) { return false; diff --git a/htdocs/core/lib/sendings.lib.php b/htdocs/core/lib/sendings.lib.php index 880019d7b97..0814c0f4825 100644 --- a/htdocs/core/lib/sendings.lib.php +++ b/htdocs/core/lib/sendings.lib.php @@ -246,7 +246,7 @@ function show_list_sending_receive($origin, $origin_id, $filter = '') $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."product as p ON obj.fk_product = p.rowid"; //TODO Add link to expeditiondet_batch $sql .= " WHERE e.entity IN (".getEntity('expedition').")"; - $sql .= " AND obj.fk_".$origin." = ".$origin_id; + $sql .= " AND obj.fk_".$origin." = ".((int) $origin_id); $sql .= " AND obj.rowid = ed.fk_origin_line"; $sql .= " AND ed.fk_expedition = e.rowid"; if ($filter) { diff --git a/htdocs/core/lib/ticket.lib.php b/htdocs/core/lib/ticket.lib.php index 4d9d4bb2fa2..0ba7f56c615 100644 --- a/htdocs/core/lib/ticket.lib.php +++ b/htdocs/core/lib/ticket.lib.php @@ -336,7 +336,7 @@ function show_ticket_messaging($conf, $langs, $db, $filterobj, $objcon = '', $no if (is_object($objcon) && $objcon->id > 0) { $force_filter_contact = true; $sql .= " INNER JOIN ".MAIN_DB_PREFIX."actioncomm_resources as r ON a.id = r.fk_actioncomm"; - $sql .= " AND r.element_type = '".$db->escape($objcon->table_element)."' AND r.fk_element = ".$objcon->id; + $sql .= " AND r.element_type = '".$db->escape($objcon->table_element)."' AND r.fk_element = ".((int) $objcon->id); } if (is_object($filterobj) && get_class($filterobj) == 'Societe') { diff --git a/htdocs/core/lib/usergroups.lib.php b/htdocs/core/lib/usergroups.lib.php index 6d01fcfee0a..cd9ae5ad297 100644 --- a/htdocs/core/lib/usergroups.lib.php +++ b/htdocs/core/lib/usergroups.lib.php @@ -110,7 +110,7 @@ function user_prepare_head($object) $nbNote = 0; $sql = "SELECT COUNT(n.rowid) as nb"; $sql .= " FROM ".MAIN_DB_PREFIX."notify_def as n"; - $sql .= " WHERE fk_user = ".$object->id; + $sql .= " WHERE fk_user = ".((int) $object->id); $resql = $db->query($sql); if ($resql) { $num = $db->num_rows($resql); diff --git a/htdocs/core/menus/init_menu_auguria.sql b/htdocs/core/menus/init_menu_auguria.sql index d9c2cad7c9f..9eb6a43f9b0 100644 --- a/htdocs/core/menus/init_menu_auguria.sql +++ b/htdocs/core/menus/init_menu_auguria.sql @@ -167,7 +167,7 @@ insert into llx_menu (module, enabled, menu_handler, type, rowid, mainmenu, left insert into llx_menu (module, enabled, menu_handler, type, rowid, mainmenu, leftmenu, fk_menu, url, titre, level, langs, perms, target, usertype, position, entity) values ('', '$conf->supplier_proposal->enabled', __HANDLER__, 'left', 1653__+MAX_llx_menu__, 'commercial', '', 1650__+MAX_llx_menu__, '/comm/propal/stats/index.php?leftmenu=supplier_proposals&mode=supplier', 'Statistics', 1, 'supplier_proposal', '$user->rights->supplier_proposal->lire', '', 2, 2, __ENTITY__); -- Commercial - Supplier's orders insert into llx_menu (module, enabled, menu_handler, type, rowid, mainmenu, leftmenu, fk_menu, url, titre, level, langs, perms, target, usertype, position, entity) values ('', '$conf->supplier_order->enabled', __HANDLER__, 'left', 5100__+MAX_llx_menu__, 'commercial', 'orders_suppliers', 5__+MAX_llx_menu__, '/fourn/commande/index.php?mainmenu=commercial&leftmenu=orders_suppliers', 'SuppliersOrders', 0, 'orders', '($user->rights->fournisseur->commande->lire || $user->rights->supplier_order->lire)', '', 2, 6, __ENTITY__); -insert into llx_menu (module, enabled, menu_handler, type, rowid, mainmenu, leftmenu, fk_menu, url, titre, level, langs, perms, target, usertype, position, entity) values ('', '$conf->supplier_order->enabled', __HANDLER__, 'left', 5101__+MAX_llx_menu__, 'commercial', '', 5100__+MAX_llx_menu__, '/fourn/commande/card.php?mainmenu=commercial&action=create&leftmenu=orders_suppliers', 'NewOrder', 1, 'orders', '($user->rights->fournisseur->commande->creer || $user->rights->supplier_order->creer)', '', 2, 0, __ENTITY__); +insert into llx_menu (module, enabled, menu_handler, type, rowid, mainmenu, leftmenu, fk_menu, url, titre, level, langs, perms, target, usertype, position, entity) values ('', '$conf->supplier_order->enabled', __HANDLER__, 'left', 5101__+MAX_llx_menu__, 'commercial', '', 5100__+MAX_llx_menu__, '/fourn/commande/card.php?mainmenu=commercial&action=create&leftmenu=orders_suppliers', 'NewSupplierOrderShort', 1, 'orders', '($user->rights->fournisseur->commande->creer || $user->rights->supplier_order->creer)', '', 2, 0, __ENTITY__); insert into llx_menu (module, enabled, menu_handler, type, rowid, mainmenu, leftmenu, fk_menu, url, titre, level, langs, perms, target, usertype, position, entity) values ('', '$conf->supplier_order->enabled', __HANDLER__, 'left', 5102__+MAX_llx_menu__, 'commercial', '', 5100__+MAX_llx_menu__, '/fourn/commande/list.php?mainmenu=commercial&leftmenu=orders_suppliers', 'List', 1, 'orders', '($user->rights->fournisseur->commande->lire || $user->rights->supplier_order->lire)', '', 2, 1, __ENTITY__); insert into llx_menu (module, enabled, menu_handler, type, rowid, mainmenu, leftmenu, fk_menu, url, titre, level, langs, perms, target, usertype, position, entity) values ('', '$conf->supplier_order->enabled && $leftmenu=="orders_suppliers"', __HANDLER__, 'left', 5103__+MAX_llx_menu__, 'commercial', '', 5102__+MAX_llx_menu__, '/fourn/commande/list.php?mainmenu=commercial&leftmenu=orders_suppliers&statut=0', 'StatusOrderDraftShort', 1, 'orders', '($user->rights->fournisseur->commande->lire || $user->rights->supplier_order->lire)', '', 2, 2, __ENTITY__); insert into llx_menu (module, enabled, menu_handler, type, rowid, mainmenu, leftmenu, fk_menu, url, titre, level, langs, perms, target, usertype, position, entity) values ('', '$conf->supplier_order->enabled && $leftmenu=="orders_suppliers"', __HANDLER__, 'left', 5104__+MAX_llx_menu__, 'commercial', '', 5102__+MAX_llx_menu__, '/fourn/commande/list.php?mainmenu=commercial&leftmenu=orders_suppliers&statut=1', 'StatusOrderValidated', 1, 'orders', '($user->rights->fournisseur->commande->lire || $user->rights->supplier_order->lire)', '', 2, 3, __ENTITY__); diff --git a/htdocs/core/menus/standard/eldy.lib.php b/htdocs/core/menus/standard/eldy.lib.php index 74c66e899f4..80ea1d5ea7b 100644 --- a/htdocs/core/menus/standard/eldy.lib.php +++ b/htdocs/core/menus/standard/eldy.lib.php @@ -959,7 +959,7 @@ function print_left_eldy_menu($db, $menu_array_before, $menu_array_after, &$tabM if (!empty($conf->supplier_order->enabled)) { $langs->load("orders"); $newmenu->add("/fourn/commande/index.php?leftmenu=orders_suppliers", $langs->trans("SuppliersOrders"), 0, $user->rights->fournisseur->commande->lire, '', $mainmenu, 'orders_suppliers', 400, '', '', '', img_picto('', 'supplier_order', 'class="paddingright pictofixedwidth"')); - $newmenu->add("/fourn/commande/card.php?action=create&leftmenu=orders_suppliers", $langs->trans("NewOrder"), 1, $user->rights->fournisseur->commande->creer); + $newmenu->add("/fourn/commande/card.php?action=create&leftmenu=orders_suppliers", $langs->trans("NewSupplierOrderShort"), 1, $user->rights->fournisseur->commande->creer); $newmenu->add("/fourn/commande/list.php?leftmenu=orders_suppliers", $langs->trans("List"), 1, $user->rights->fournisseur->commande->lire); if ($usemenuhider || empty($leftmenu) || $leftmenu == "orders_suppliers") { @@ -1373,7 +1373,7 @@ function print_left_eldy_menu($db, $menu_array_before, $menu_array_after, &$tabM $modecompta = 'CREANCES-DETTES'; if (!empty($conf->accounting->enabled) && !empty($user->rights->accounting->comptarapport->lire) && $mainmenu == 'accountancy') { - $modecompta = 'BOOKKEEPING'; // Not yet implemented. Should be BOOKKEEPINGCOLLECTED + $modecompta = 'BOOKKEEPING'; // Not yet implemented. } if ($modecompta && ((!empty($conf->fournisseur->enabled) && empty($conf->global->MAIN_USE_NEW_SUPPLIERMOD)) || !empty($conf->supplier_invoice->enabled))) { if ($usemenuhider || empty($leftmenu) || preg_match('/accountancy_report/', $leftmenu)) { @@ -1384,7 +1384,9 @@ function print_left_eldy_menu($db, $menu_array_before, $menu_array_after, &$tabM } $modecompta = 'RECETTES-DEPENSES'; - //if (! empty($conf->accounting->enabled) && ! empty($user->rights->accounting->comptarapport->lire) && $mainmenu == 'accountancy') $modecompta=''; // Not yet implemented. Should be BOOKKEEPINGCOLLECTED + if (!empty($conf->accounting->enabled) && !empty($user->rights->accounting->comptarapport->lire) && $mainmenu == 'accountancy') { + $modecompta = 'BOOKKEEPINGCOLLECTED'; // Not yet implemented. + } if ($modecompta && ((!empty($conf->fournisseur->enabled) && empty($conf->global->MAIN_USE_NEW_SUPPLIERMOD)) || !empty($conf->supplier_invoice->enabled))) { if ($usemenuhider || empty($leftmenu) || preg_match('/accountancy_report/', $leftmenu)) { $newmenu->add("/compta/stats/supplier_turnover.php?leftmenu=accountancy_report&modecompta=".$modecompta, $langs->trans("ReportPurchaseTurnoverCollected"), 2, $user->rights->accounting->comptarapport->lire); @@ -1410,7 +1412,6 @@ function print_left_eldy_menu($db, $menu_array_before, $menu_array_after, &$tabM $newmenu->add("/compta/resultat/compteres.php?leftmenu=report","Compte de resultat",2,$user->rights->compta->resultat->lire); $newmenu->add("/compta/resultat/bilan.php?leftmenu=report","Bilan",2,$user->rights->compta->resultat->lire); */ - $newmenu->add("/compta/stats/index.php?leftmenu=report", $langs->trans("ReportTurnover"), 1, $user->rights->compta->resultat->lire); /* $newmenu->add("/compta/stats/cumul.php?leftmenu=report","Cumule",2,$user->rights->compta->resultat->lire); @@ -1419,14 +1420,32 @@ function print_left_eldy_menu($db, $menu_array_before, $menu_array_after, &$tabM $newmenu->add("/compta/stats/comp.php?leftmenu=report","Transforme",2,$user->rights->compta->resultat->lire); } */ - $newmenu->add("/compta/stats/casoc.php?leftmenu=report", $langs->trans("ByCompanies"), 2, $user->rights->compta->resultat->lire); - $newmenu->add("/compta/stats/cabyuser.php?leftmenu=report", $langs->trans("ByUsers"), 2, $user->rights->compta->resultat->lire); - $newmenu->add("/compta/stats/cabyprodserv.php?leftmenu=report", $langs->trans("ByProductsAndServices"), 2, $user->rights->compta->resultat->lire); - $newmenu->add("/compta/stats/byratecountry.php?leftmenu=report", $langs->trans("ByVatRate"), 2, $user->rights->compta->resultat->lire); + + $modecompta = 'CREANCES-DETTES'; + $newmenu->add("/compta/stats/index.php?leftmenu=report&modecompta=".$modecompta, $langs->trans("ReportTurnover"), 1, $user->rights->compta->resultat->lire); + $newmenu->add("/compta/stats/casoc.php?leftmenu=report&modecompta=".$modecompta, $langs->trans("ByCompanies"), 2, $user->rights->compta->resultat->lire); + $newmenu->add("/compta/stats/cabyuser.php?leftmenu=report&modecompta=".$modecompta, $langs->trans("ByUsers"), 2, $user->rights->compta->resultat->lire); + $newmenu->add("/compta/stats/cabyprodserv.php?leftmenu=report&modecompta=".$modecompta, $langs->trans("ByProductsAndServices"), 2, $user->rights->compta->resultat->lire); + $newmenu->add("/compta/stats/byratecountry.php?leftmenu=report&modecompta=".$modecompta, $langs->trans("ByVatRate"), 2, $user->rights->compta->resultat->lire); + + $modecompta = 'RECETTES-DEPENSES'; + $newmenu->add("/compta/stats/index.php?leftmenu=accountancy_report&modecompta=".$modecompta, $langs->trans("ReportTurnoverCollected"), 1, $user->rights->compta->resultat->lire); + $newmenu->add("/compta/stats/casoc.php?leftmenu=accountancy_report&modecompta=".$modecompta, $langs->trans("ByCompanies"), 2, $user->rights->compta->resultat->lire); + $newmenu->add("/compta/stats/cabyuser.php?leftmenu=accountancy_report&modecompta=".$modecompta, $langs->trans("ByUsers"), 2, $user->rights->compta->resultat->lire); + //Achats - $newmenu->add("/compta/stats/supplier_turnover.php?leftmenu=accountancy_report", $langs->trans("ReportPurchaseTurnover"), 1, $user->rights->compta->resultat->lire); - $newmenu->add("/compta/stats/supplier_turnover_by_thirdparty.php?leftmenu=accountancy_report", $langs->trans("ByCompanies"), 2, $user->rights->compta->resultat->lire); - $newmenu->add("/compta/stats/supplier_turnover_by_prodserv.php?leftmenu=accountancy_report", $langs->trans("ByProductsAndServices"), 2, $user->rights->compta->resultat->lire); + $modecompta = 'CREANCES-DETTES'; + $newmenu->add("/compta/stats/supplier_turnover.php?leftmenu=accountancy_report&modecompta=".$modecompta, $langs->trans("ReportPurchaseTurnover"), 1, $user->rights->compta->resultat->lire); + $newmenu->add("/compta/stats/supplier_turnover_by_thirdparty.php?leftmenu=accountancy_report&modecompta=".$modecompta, $langs->trans("ByCompanies"), 2, $user->rights->compta->resultat->lire); + $newmenu->add("/compta/stats/supplier_turnover_by_prodserv.php?leftmenu=accountancy_report&modecompta=".$modecompta, $langs->trans("ByProductsAndServices"), 2, $user->rights->compta->resultat->lire); + + /* + $modecompta = 'RECETTES-DEPENSES'; + $newmenu->add("/compta/stats/index.php?leftmenu=accountancy_report&modecompta=".$modecompta, $langs->trans("ReportPurchaseTurnoverCollected"), 1, $user->rights->compta->resultat->lire); + $newmenu->add("/compta/stats/casoc.php?leftmenu=accountancy_report&modecompta=".$modecompta, $langs->trans("ByCompanies"), 2, $user->rights->compta->resultat->lire); + $newmenu->add("/compta/stats/cabyuser.php?leftmenu=accountancy_report&modecompta=".$modecompta, $langs->trans("ByUsers"), 2, $user->rights->compta->resultat->lire); + */ + // Journals $newmenu->add("/compta/journal/sellsjournal.php?leftmenu=report", $langs->trans("SellsJournal"), 1, $user->rights->compta->resultat->lire, '', '', '', 50); $newmenu->add("/compta/journal/purchasesjournal.php?leftmenu=report", $langs->trans("PurchasesJournal"), 1, $user->rights->compta->resultat->lire, '', '', '', 51); @@ -1598,21 +1617,19 @@ function print_left_eldy_menu($db, $menu_array_before, $menu_array_after, &$tabM } // Inventory - if ($conf->global->MAIN_FEATURES_LEVEL >= 2) { - if (!empty($conf->stock->enabled)) { - $langs->load("stocks"); - if (empty($conf->global->MAIN_USE_ADVANCED_PERMS)) { - $newmenu->add("/product/inventory/list.php?leftmenu=stock_inventories", $langs->trans("Inventories"), 0, $user->rights->stock->lire, '', $mainmenu, 'stock', 0, '', '', '', img_picto('', 'inventory', 'class="pictofixedwidth"')); - if ($usemenuhider || empty($leftmenu) || $leftmenu == "stock_inventories") { - $newmenu->add("/product/inventory/card.php?action=create&leftmenu=stock_inventories", $langs->trans("NewInventory"), 1, $user->rights->stock->creer); - $newmenu->add("/product/inventory/list.php?leftmenu=stock_inventories", $langs->trans("List"), 1, $user->rights->stock->lire); - } - } else { - $newmenu->add("/product/inventory/list.php?leftmenu=stock_inventories", $langs->trans("Inventories"), 0, $user->rights->stock->inventory_advance->read, '', $mainmenu, 'stock', 0, '', '', '', img_picto('', 'inventory', 'class="pictofixedwidth"')); - if ($usemenuhider || empty($leftmenu) || $leftmenu == "stock_inventories") { - $newmenu->add("/product/inventory/card.php?action=create&leftmenu=stock_inventories", $langs->trans("NewInventory"), 1, $user->rights->stock->inventory_advance->write); - $newmenu->add("/product/inventory/list.php?leftmenu=stock_inventories", $langs->trans("List"), 1, $user->rights->stock->inventory_advance->read); - } + if (!empty($conf->stock->enabled)) { + $langs->load("stocks"); + if (empty($conf->global->MAIN_USE_ADVANCED_PERMS)) { + $newmenu->add("/product/inventory/list.php?leftmenu=stock_inventories", $langs->trans("Inventories"), 0, $user->rights->stock->lire, '', $mainmenu, 'stock', 0, '', '', '', img_picto('', 'inventory', 'class="pictofixedwidth"')); + if ($usemenuhider || empty($leftmenu) || $leftmenu == "stock_inventories") { + $newmenu->add("/product/inventory/card.php?action=create&leftmenu=stock_inventories", $langs->trans("NewInventory"), 1, $user->rights->stock->creer); + $newmenu->add("/product/inventory/list.php?leftmenu=stock_inventories", $langs->trans("List"), 1, $user->rights->stock->lire); + } + } else { + $newmenu->add("/product/inventory/list.php?leftmenu=stock_inventories", $langs->trans("Inventories"), 0, $user->rights->stock->inventory_advance->read, '', $mainmenu, 'stock', 0, '', '', '', img_picto('', 'inventory', 'class="pictofixedwidth"')); + if ($usemenuhider || empty($leftmenu) || $leftmenu == "stock_inventories") { + $newmenu->add("/product/inventory/card.php?action=create&leftmenu=stock_inventories", $langs->trans("NewInventory"), 1, $user->rights->stock->inventory_advance->write); + $newmenu->add("/product/inventory/list.php?leftmenu=stock_inventories", $langs->trans("List"), 1, $user->rights->stock->inventory_advance->read); } } } diff --git a/htdocs/core/modules/DolibarrModules.class.php b/htdocs/core/modules/DolibarrModules.class.php index 5fbfc05a9fb..3b7cc0d1184 100644 --- a/htdocs/core/modules/DolibarrModules.class.php +++ b/htdocs/core/modules/DolibarrModules.class.php @@ -1371,7 +1371,7 @@ class DolibarrModules // Can not be abstract, because we need to instantiate it if ($command) { $sql .= " AND command = '".$this->db->escape($command)."'"; } - $sql .= " AND entity = ".$entity; // Must be exact entity + $sql .= " AND entity = ".((int) $entity); // Must be exact entity $now = dol_now(); @@ -1612,7 +1612,7 @@ class DolibarrModules // Can not be abstract, because we need to instantiate it $sql = "SELECT count(*)"; $sql .= " FROM ".MAIN_DB_PREFIX."const"; $sql .= " WHERE ".$this->db->decrypt('name')." = '".$this->db->escape($name)."'"; - $sql .= " AND entity = ".$entity; + $sql .= " AND entity = ".((int) $entity); $result = $this->db->query($sql); if ($result) { @@ -2197,7 +2197,7 @@ class DolibarrModules // Can not be abstract, because we need to instantiate it $sql = "DELETE FROM ".MAIN_DB_PREFIX."const"; $sql .= " WHERE ".$this->db->decrypt('name')." LIKE '".$this->db->escape($this->const_name)."_".strtoupper($key)."'"; - $sql .= " AND entity = ".$entity; + $sql .= " AND entity = ".((int) $entity); dol_syslog(get_class($this)."::delete_const_".$key."", LOG_DEBUG); if (!$this->db->query($sql)) { diff --git a/htdocs/core/modules/barcode/mod_barcode_product_standard.php b/htdocs/core/modules/barcode/mod_barcode_product_standard.php index 7bbedd0aa67..0d1bee3c28a 100644 --- a/htdocs/core/modules/barcode/mod_barcode_product_standard.php +++ b/htdocs/core/modules/barcode/mod_barcode_product_standard.php @@ -107,7 +107,7 @@ class mod_barcode_product_standard extends ModeleNumRefBarCode // Mask parameter //$texte.= ''.$langs->trans("Mask").' ('.$langs->trans("BarCodeModel").'):'; $texte .= ''.$langs->trans("Mask").':'; - $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; + $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; $texte .= '  '; $texte .= ''; diff --git a/htdocs/core/modules/bom/doc/doc_generic_bom_odt.modules.php b/htdocs/core/modules/bom/doc/doc_generic_bom_odt.modules.php index 20ce1373b66..30d93aedfa0 100644 --- a/htdocs/core/modules/bom/doc/doc_generic_bom_odt.modules.php +++ b/htdocs/core/modules/bom/doc/doc_generic_bom_odt.modules.php @@ -151,7 +151,7 @@ class doc_generic_bom_odt extends ModelePDFBom $texte .= $conf->global->BOM_ADDON_PDF_ODT_PATH; $texte .= ''; $texte .= '
    '; - $texte .= ''; + $texte .= ''; $texte .= '
    '; // Scan directories diff --git a/htdocs/core/modules/bom/mod_bom_advanced.php b/htdocs/core/modules/bom/mod_bom_advanced.php index 71bd2788c82..d590c3ff70c 100644 --- a/htdocs/core/modules/bom/mod_bom_advanced.php +++ b/htdocs/core/modules/bom/mod_bom_advanced.php @@ -79,7 +79,7 @@ class mod_bom_advanced extends ModeleNumRefboms // Parametrage du prefix $texte .= ''.$langs->trans("Mask").':'; - $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; + $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; $texte .= '  '; diff --git a/htdocs/core/modules/cheque/mod_chequereceipt_thyme.php b/htdocs/core/modules/cheque/mod_chequereceipt_thyme.php index 36a2b30e6e0..16e0f666774 100644 --- a/htdocs/core/modules/cheque/mod_chequereceipt_thyme.php +++ b/htdocs/core/modules/cheque/mod_chequereceipt_thyme.php @@ -73,7 +73,7 @@ class mod_chequereceipt_thyme extends ModeleNumRefChequeReceipts // Parametrage du prefix $texte .= ''.$langs->trans("Mask").':'; - $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; + $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; $texte .= ' '; diff --git a/htdocs/core/modules/commande/doc/doc_generic_order_odt.modules.php b/htdocs/core/modules/commande/doc/doc_generic_order_odt.modules.php index 33b31135caf..603394b9797 100644 --- a/htdocs/core/modules/commande/doc/doc_generic_order_odt.modules.php +++ b/htdocs/core/modules/commande/doc/doc_generic_order_odt.modules.php @@ -158,7 +158,7 @@ class doc_generic_order_odt extends ModelePDFCommandes $texte .= $conf->global->COMMANDE_ADDON_PDF_ODT_PATH; $texte .= ''; $texte .= '
    '; - $texte .= ''; + $texte .= ''; $texte .= '
    '; // Scan directories @@ -182,7 +182,7 @@ class doc_generic_order_odt extends ModelePDFCommandes // Add input to upload a new template file. $texte .= '
    '.$langs->trans("UploadNewTemplate").' '; $texte .= ''; - $texte .= ''; + $texte .= ''; $texte .= '
    '; $texte .= ''; diff --git a/htdocs/core/modules/commande/mod_commande_saphir.php b/htdocs/core/modules/commande/mod_commande_saphir.php index 4099686c1b6..8b4ccdfaba7 100644 --- a/htdocs/core/modules/commande/mod_commande_saphir.php +++ b/htdocs/core/modules/commande/mod_commande_saphir.php @@ -79,7 +79,7 @@ class mod_commande_saphir extends ModeleNumRefCommandes // Parametrage du prefix $texte .= ''.$langs->trans("Mask").':'; - $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; + $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; $texte .= '  '; diff --git a/htdocs/core/modules/contract/doc/doc_generic_contract_odt.modules.php b/htdocs/core/modules/contract/doc/doc_generic_contract_odt.modules.php index 7b451287ae1..2b3e2905907 100644 --- a/htdocs/core/modules/contract/doc/doc_generic_contract_odt.modules.php +++ b/htdocs/core/modules/contract/doc/doc_generic_contract_odt.modules.php @@ -157,7 +157,7 @@ class doc_generic_contract_odt extends ModelePDFContract $texte .= $conf->global->CONTRACT_ADDON_PDF_ODT_PATH; $texte .= ''; $texte .= '
    '; - $texte .= ''; + $texte .= ''; $texte .= '
    '; // Scan directories @@ -168,7 +168,7 @@ class doc_generic_contract_odt extends ModelePDFContract // Add input to upload a new template file. $texte .= '
    '.$langs->trans("UploadNewTemplate").' '; $texte .= ''; - $texte .= ''; + $texte .= ''; $texte .= '
    '; $texte .= ''; diff --git a/htdocs/core/modules/contract/mod_contract_magre.php b/htdocs/core/modules/contract/mod_contract_magre.php index d696ac06fdd..dcaee5eadbc 100644 --- a/htdocs/core/modules/contract/mod_contract_magre.php +++ b/htdocs/core/modules/contract/mod_contract_magre.php @@ -85,7 +85,7 @@ class mod_contract_magre extends ModelNumRefContracts $tooltip .= $langs->trans("GenericMaskCodes5"); $texte .= ''.$langs->trans("Mask").':'; - $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; + $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; $texte .= '  '; $texte .= ''; $texte .= ''; diff --git a/htdocs/core/modules/delivery/mod_delivery_saphir.php b/htdocs/core/modules/delivery/mod_delivery_saphir.php index af1900803c8..d5ac288b52a 100644 --- a/htdocs/core/modules/delivery/mod_delivery_saphir.php +++ b/htdocs/core/modules/delivery/mod_delivery_saphir.php @@ -83,7 +83,7 @@ class mod_delivery_saphir extends ModeleNumRefDeliveryOrder // Parametrage du prefix $texte .= ''.$langs->trans("Mask").':'; - $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; + $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; $texte .= '  '; diff --git a/htdocs/core/modules/expedition/doc/doc_generic_shipment_odt.modules.php b/htdocs/core/modules/expedition/doc/doc_generic_shipment_odt.modules.php index 797530a6c13..163392ead88 100644 --- a/htdocs/core/modules/expedition/doc/doc_generic_shipment_odt.modules.php +++ b/htdocs/core/modules/expedition/doc/doc_generic_shipment_odt.modules.php @@ -182,7 +182,7 @@ class doc_generic_shipment_odt extends ModelePdfExpedition // Add input to upload a new template file. $texte .= '
    '.$langs->trans("UploadNewTemplate").' '; $texte .= ''; - $texte .= ''; + $texte .= ''; $texte .= '
    '; $texte .= ''; diff --git a/htdocs/core/modules/expedition/mod_expedition_ribera.php b/htdocs/core/modules/expedition/mod_expedition_ribera.php index 0303dfde3dc..79bbcbdb481 100644 --- a/htdocs/core/modules/expedition/mod_expedition_ribera.php +++ b/htdocs/core/modules/expedition/mod_expedition_ribera.php @@ -80,7 +80,7 @@ class mod_expedition_ribera extends ModelNumRefExpedition $tooltip .= $langs->trans("GenericMaskCodes5"); $texte .= ''.$langs->trans("Mask").':'; - $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; + $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; $texte .= '  '; $texte .= ''; $texte .= ''; diff --git a/htdocs/core/modules/expensereport/mod_expensereport_sand.php b/htdocs/core/modules/expensereport/mod_expensereport_sand.php index 195667692f1..482b8c06431 100644 --- a/htdocs/core/modules/expensereport/mod_expensereport_sand.php +++ b/htdocs/core/modules/expensereport/mod_expensereport_sand.php @@ -82,7 +82,7 @@ class mod_expensereport_sand extends ModeleNumRefExpenseReport // Parametrage du prefix $texte .= ''.$langs->trans("Mask").':'; - $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; + $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; $texte .= '  '; diff --git a/htdocs/core/modules/facture/doc/doc_generic_invoice_odt.modules.php b/htdocs/core/modules/facture/doc/doc_generic_invoice_odt.modules.php index eb48373a443..ffba0717332 100644 --- a/htdocs/core/modules/facture/doc/doc_generic_invoice_odt.modules.php +++ b/htdocs/core/modules/facture/doc/doc_generic_invoice_odt.modules.php @@ -158,7 +158,7 @@ class doc_generic_invoice_odt extends ModelePDFFactures $texte .= $conf->global->FACTURE_ADDON_PDF_ODT_PATH; $texte .= ''; $texte .= '
    '; - $texte .= ''; + $texte .= ''; $texte .= '
    '; // Scan directories @@ -181,7 +181,7 @@ class doc_generic_invoice_odt extends ModelePDFFactures // Add input to upload a new template file. $texte .= '
    '.$langs->trans("UploadNewTemplate").' '; $texte .= ''; - $texte .= ''; + $texte .= ''; $texte .= '
    '; $texte .= ''; diff --git a/htdocs/core/modules/facture/mod_facture_mercure.php b/htdocs/core/modules/facture/mod_facture_mercure.php index 70fde36f549..32e06f285a9 100644 --- a/htdocs/core/modules/facture/mod_facture_mercure.php +++ b/htdocs/core/modules/facture/mod_facture_mercure.php @@ -76,7 +76,7 @@ class mod_facture_mercure extends ModeleNumRefFactures // Setting the prefix $texte .= ''.$langs->trans("Mask").' ('.$langs->trans("InvoiceStandard").'):'; - $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; + $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; $texte .= '  '; @@ -84,17 +84,17 @@ class mod_facture_mercure extends ModeleNumRefFactures // Prefix setting of replacement invoices $texte .= ''.$langs->trans("Mask").' ('.$langs->trans("InvoiceReplacement").'):'; - $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; + $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; $texte .= ''; // Prefix setting of credit note $texte .= ''.$langs->trans("Mask").' ('.$langs->trans("InvoiceAvoir").'):'; - $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; + $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; $texte .= ''; // Prefix setting of deposit $texte .= ''.$langs->trans("Mask").' ('.$langs->trans("InvoiceDeposit").'):'; - $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; + $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; $texte .= ''; $texte .= ''; diff --git a/htdocs/core/modules/fichinter/mod_arctic.php b/htdocs/core/modules/fichinter/mod_arctic.php index fa5dd49f0fa..91025817a9d 100644 --- a/htdocs/core/modules/fichinter/mod_arctic.php +++ b/htdocs/core/modules/fichinter/mod_arctic.php @@ -84,7 +84,7 @@ class mod_arctic extends ModeleNumRefFicheinter // Setting the prefix $texte .= ''.$langs->trans("Mask").':'; - $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; + $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; $texte .= '  '; diff --git a/htdocs/core/modules/holiday/mod_holiday_immaculate.php b/htdocs/core/modules/holiday/mod_holiday_immaculate.php index b8cb33f550e..000c7881561 100644 --- a/htdocs/core/modules/holiday/mod_holiday_immaculate.php +++ b/htdocs/core/modules/holiday/mod_holiday_immaculate.php @@ -85,7 +85,7 @@ class mod_holiday_immaculate extends ModelNumRefHolidays $tooltip .= $langs->trans("GenericMaskCodes5"); $texte .= ''.$langs->trans("Mask").':'; - $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; + $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; $texte .= '  '; $texte .= ''; $texte .= ''; diff --git a/htdocs/core/modules/mailings/pomme.modules.php b/htdocs/core/modules/mailings/pomme.modules.php index 03334e62322..a2a54c02c55 100644 --- a/htdocs/core/modules/mailings/pomme.modules.php +++ b/htdocs/core/modules/mailings/pomme.modules.php @@ -171,7 +171,7 @@ class mailing_pomme extends MailingTargets $sql .= " FROM ".MAIN_DB_PREFIX."user as u"; $sql .= " WHERE u.email <> ''"; // u.email IS NOT NULL est implicite dans ce test $sql .= " AND u.entity IN (0,".$conf->entity.")"; - $sql .= " AND u.email NOT IN (SELECT email FROM ".MAIN_DB_PREFIX."mailing_cibles WHERE fk_mailing=".$mailing_id.")"; + $sql .= " AND u.email NOT IN (SELECT email FROM ".MAIN_DB_PREFIX."mailing_cibles WHERE fk_mailing=".((int) $mailing_id).")"; if (GETPOSTISSET("filter") && GETPOST("filter") == '1') { $sql .= " AND u.statut=1"; } diff --git a/htdocs/core/modules/mailings/thirdparties.modules.php b/htdocs/core/modules/mailings/thirdparties.modules.php index b3b88224df6..f764c3f5f71 100644 --- a/htdocs/core/modules/mailings/thirdparties.modules.php +++ b/htdocs/core/modules/mailings/thirdparties.modules.php @@ -77,7 +77,7 @@ class mailing_thirdparties extends MailingTargets $sql .= " FROM ".MAIN_DB_PREFIX."societe as s"; $sql .= " WHERE s.email <> ''"; $sql .= " AND s.entity IN (".getEntity('societe').")"; - $sql .= " AND s.email NOT IN (SELECT email FROM ".MAIN_DB_PREFIX."mailing_cibles WHERE fk_mailing=".$mailing_id.")"; + $sql .= " AND s.email NOT IN (SELECT email FROM ".MAIN_DB_PREFIX."mailing_cibles WHERE fk_mailing=".((int) $mailing_id).")"; } else { $addFilter = ""; if (GETPOSTISSET("filter_client") && GETPOST("filter_client") <> '-1') { @@ -112,7 +112,7 @@ class mailing_thirdparties extends MailingTargets $sql .= " FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."categorie_societe as cs, ".MAIN_DB_PREFIX."categorie as c"; $sql .= " WHERE s.email <> ''"; $sql .= " AND s.entity IN (".getEntity('societe').")"; - $sql .= " AND s.email NOT IN (SELECT email FROM ".MAIN_DB_PREFIX."mailing_cibles WHERE fk_mailing=".$mailing_id.")"; + $sql .= " AND s.email NOT IN (SELECT email FROM ".MAIN_DB_PREFIX."mailing_cibles WHERE fk_mailing=".((int) $mailing_id).")"; $sql .= " AND cs.fk_soc = s.rowid"; $sql .= " AND c.rowid = cs.fk_categorie"; $sql .= " AND c.rowid=".((int) GETPOST('filter', 'int')); @@ -122,7 +122,7 @@ class mailing_thirdparties extends MailingTargets $sql .= " FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."categorie_fournisseur as cs, ".MAIN_DB_PREFIX."categorie as c"; $sql .= " WHERE s.email <> ''"; $sql .= " AND s.entity IN (".getEntity('societe').")"; - $sql .= " AND s.email NOT IN (SELECT email FROM ".MAIN_DB_PREFIX."mailing_cibles WHERE fk_mailing=".$mailing_id.")"; + $sql .= " AND s.email NOT IN (SELECT email FROM ".MAIN_DB_PREFIX."mailing_cibles WHERE fk_mailing=".((int) $mailing_id).")"; $sql .= " AND cs.fk_soc = s.rowid"; $sql .= " AND c.rowid = cs.fk_categorie"; $sql .= " AND c.rowid=".((int) GETPOST('filter', 'int')); diff --git a/htdocs/core/modules/mailings/thirdparties_services_expired.modules.php b/htdocs/core/modules/mailings/thirdparties_services_expired.modules.php index 7b5d4f38737..4c848b69ac0 100644 --- a/htdocs/core/modules/mailings/thirdparties_services_expired.modules.php +++ b/htdocs/core/modules/mailings/thirdparties_services_expired.modules.php @@ -110,7 +110,7 @@ class mailing_thirdparties_services_expired extends MailingTargets $sql .= " FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."contrat as c"; $sql .= ", ".MAIN_DB_PREFIX."contratdet as cd, ".MAIN_DB_PREFIX."product as p"; $sql .= " WHERE s.entity IN (".getEntity('societe').")"; - $sql .= " AND s.email NOT IN (SELECT email FROM ".MAIN_DB_PREFIX."mailing_cibles WHERE fk_mailing=".$mailing_id.")"; + $sql .= " AND s.email NOT IN (SELECT email FROM ".MAIN_DB_PREFIX."mailing_cibles WHERE fk_mailing=".((int) $mailing_id).")"; $sql .= " AND s.rowid = c.fk_soc AND cd.fk_contrat = c.rowid AND s.email != ''"; $sql .= " AND cd.statut= 4 AND cd.fk_product=p.rowid AND p.ref = '".$this->db->escape($product)."'"; $sql .= " AND cd.date_fin_validite < '".$this->db->idate($now)."'"; diff --git a/htdocs/core/modules/member/doc/doc_generic_member_odt.class.php b/htdocs/core/modules/member/doc/doc_generic_member_odt.class.php index 5ff5a1f767a..9a14e96bc28 100644 --- a/htdocs/core/modules/member/doc/doc_generic_member_odt.class.php +++ b/htdocs/core/modules/member/doc/doc_generic_member_odt.class.php @@ -154,7 +154,7 @@ class doc_generic_member_odt extends ModelePDFMember $texte .= $conf->global->MEMBER_ADDON_PDF_ODT_PATH; $texte .= ''; $texte .= '
    '; - $texte .= ''; + $texte .= ''; $texte .= '
    '; // Scan directories @@ -171,7 +171,7 @@ class doc_generic_member_odt extends ModelePDFMember // Add input to upload a new template file. $texte .= '
    '.$langs->trans("UploadNewTemplate").' '; $texte .= ''; - $texte .= ''; + $texte .= ''; $texte .= '
    '; $texte .= ''; diff --git a/htdocs/core/modules/member/modules_cards.php b/htdocs/core/modules/member/modules_cards.php index 0e041a17559..937e8a06870 100644 --- a/htdocs/core/modules/member/modules_cards.php +++ b/htdocs/core/modules/member/modules_cards.php @@ -48,7 +48,7 @@ class ModelePDFCards * @param integer $maxfilenamelength Max length of value to show * @return array List of templates */ - public function liste_modeles($db, $maxfilenamelength = 0) + public static function liste_modeles($db, $maxfilenamelength = 0) { // phpcs:enable global $conf; diff --git a/htdocs/core/modules/modFacture.class.php b/htdocs/core/modules/modFacture.class.php index b296fa3b32c..a9765f45ada 100644 --- a/htdocs/core/modules/modFacture.class.php +++ b/htdocs/core/modules/modFacture.class.php @@ -120,8 +120,36 @@ class modFacture extends DolibarrModules $arraydate = dol_getdate(dol_now()); $datestart = dol_mktime(23, 0, 0, $arraydate['mon'], $arraydate['mday'], $arraydate['year']); $this->cronjobs = array( - 0=>array('label'=>'RecurringInvoices', 'jobtype'=>'method', 'class'=>'compta/facture/class/facture-rec.class.php', 'objectname'=>'FactureRec', 'method'=>'createRecurringInvoices', 'parameters'=>'', 'comment'=>'Generate recurring invoices', 'frequency'=>1, 'unitfrequency'=>3600 * 24, 'priority'=>50, 'status'=>1, 'test'=>'$conf->facture->enabled', 'datestart'=>$datestart), - 1=>array('label'=>'SendEmailsRemindersOnInvoiceDueDate', 'jobtype'=>'method', 'class'=>'compta/facture/class/facture.class.php', 'objectname'=>'Facture', 'method'=>'sendEmailsRemindersOnInvoiceDueDate', 'parameters'=>"10,all,EmailTemplateCode", 'comment'=>'Send an emails when the unpaid invoices reach a due date + n days = today. First param is the offset n of days, second parameter is "all" or a payment mode code, last paramater is the code of email template to use (an email template with EmailTemplateCode must exists. the version in the language of the thirdparty will be used in priority).', 'frequency'=>1, 'unitfrequency'=>3600 * 24, 'priority'=>50, 'status'=>0, 'test'=>'$conf->facture->enabled', 'datestart'=>$datestart), + 0 => array( + 'label'=>'RecurringInvoices', + 'jobtype'=>'method', + 'class'=>'compta/facture/class/facture-rec.class.php', + 'objectname'=>'FactureRec', + 'method'=>'createRecurringInvoices', + 'parameters'=>'', + 'comment'=>'Generate recurring invoices', + 'frequency'=>1, + 'unitfrequency'=>3600 * 24, + 'priority'=>50, + 'status'=>1, + 'test'=>'$conf->facture->enabled', + 'datestart'=>$datestart + ), + 1 => array( + 'label'=>'SendEmailsRemindersOnInvoiceDueDate', + 'jobtype'=>'method', + 'class'=>'compta/facture/class/facture.class.php', + 'objectname'=>'Facture', + 'method'=>'sendEmailsRemindersOnInvoiceDueDate', + 'parameters'=>"10,all,EmailTemplateCode", + 'comment'=>'Send an emails when the unpaid invoices reach a due date + n days = today. First param is the offset n of days, second parameter is "all" or a payment mode code, last paramater is the code of email template to use (an email template with EmailTemplateCode must exists. the version in the language of the thirdparty will be used in priority).', + 'frequency'=>1, + 'unitfrequency'=>3600 * 24, + 'priority'=>50, + 'status'=>0, + 'test'=>'$conf->facture->enabled', + 'datestart'=>$datestart + ), ); // Permissions diff --git a/htdocs/core/modules/modFournisseur.class.php b/htdocs/core/modules/modFournisseur.class.php index 71f101014ad..fae1cfc0eb8 100644 --- a/htdocs/core/modules/modFournisseur.class.php +++ b/htdocs/core/modules/modFournisseur.class.php @@ -488,7 +488,8 @@ class modFournisseur extends DolibarrModules $tmp = ''; $tmpparam = unserialize($obj->param); // $tmp ay be array 'options' => array 'c_currencies:code_iso:code_iso' => null if ($tmpparam['options'] && is_array($tmpparam['options'])) { - $tmp = array_shift(array_keys($tmpparam['options'])); + $array_keys = array_keys($tmpparam['options']); + $tmp = array_shift($array_keys); } if (preg_match('/[a-z0-9_]+:[a-z0-9_]+:[a-z0-9_]+/', $tmp)) { $typeFilter = "List:".$tmp; diff --git a/htdocs/core/modules/modPartnership.class.php b/htdocs/core/modules/modPartnership.class.php index d12cd610238..d7041eca754 100644 --- a/htdocs/core/modules/modPartnership.class.php +++ b/htdocs/core/modules/modPartnership.class.php @@ -180,10 +180,8 @@ class modPartnership extends DolibarrModules $tabtoadd = (!empty(getDolGlobalString('PARTNERSHIP_IS_MANAGED_FOR')) && getDolGlobalString('PARTNERSHIP_IS_MANAGED_FOR') == 'member') ? 'member' : 'thirdparty'; if ($tabtoadd == 'member') { - $this->tabs[] = array('data'=>'member:+partnership:Partnership:partnership@partnership:$user->rights->partnership->read:/adherents/partnership.php?rowid=__ID__'); $fk_mainmenu = "members"; } else { - $this->tabs[] = array('data'=>'thirdparty:+partnership:Partnership:partnership@partnership:$user->rights->partnership->read:/societe/partnership.php?socid=__ID__'); $fk_mainmenu = "companies"; } @@ -214,30 +212,27 @@ class modPartnership extends DolibarrModules // 'user' to add a tab in user view // Dictionaries - $this->dictionaries = array(); - /* Example: $this->dictionaries=array( 'langs'=>'partnership@partnership', // List of tables we want to see into dictonnary editor - 'tabname'=>array(MAIN_DB_PREFIX."table1", MAIN_DB_PREFIX."table2", MAIN_DB_PREFIX."table3"), + 'tabname'=>array(MAIN_DB_PREFIX."c_partnership_type"), // Label of tables - 'tablib'=>array("Table1", "Table2", "Table3"), + 'tablib'=>array("PartnershipType"), // Request to select fields - 'tabsql'=>array('SELECT f.rowid as rowid, f.code, f.label, f.active FROM '.MAIN_DB_PREFIX.'table1 as f', 'SELECT f.rowid as rowid, f.code, f.label, f.active FROM '.MAIN_DB_PREFIX.'table2 as f', 'SELECT f.rowid as rowid, f.code, f.label, f.active FROM '.MAIN_DB_PREFIX.'table3 as f'), + 'tabsql'=>array('SELECT f.rowid as rowid, f.code, f.label, f.active FROM '.MAIN_DB_PREFIX.'c_partnership_type as f WHERE f.entity = '.$conf->entity), // Sort order - 'tabsqlsort'=>array("label ASC", "label ASC", "label ASC"), + 'tabsqlsort'=>array("label ASC"), // List of fields (result of select to show dictionary) - 'tabfield'=>array("code,label", "code,label", "code,label"), + 'tabfield'=>array("code,label"), // List of fields (list of fields to edit a record) - 'tabfieldvalue'=>array("code,label", "code,label", "code,label"), + 'tabfieldvalue'=>array("code,label"), // List of fields (list of fields for insert) - 'tabfieldinsert'=>array("code,label", "code,label", "code,label"), + 'tabfieldinsert'=>array("code,label"), // Name of columns with primary key (try to always name it 'rowid') - 'tabrowid'=>array("rowid", "rowid", "rowid"), + 'tabrowid'=>array("rowid"), // Condition to show each dictionary - 'tabcond'=>array($conf->partnership->enabled, $conf->partnership->enabled, $conf->partnership->enabled) + 'tabcond'=>array($conf->partnership->enabled) ); - */ // Boxes/Widgets // Add here list of php file(s) stored in partnership/core/boxes that contains a class to show a widget. @@ -258,7 +253,7 @@ class modPartnership extends DolibarrModules $this->cronjobs = array( 0 => array('priority'=>60, 'label'=>'CancelPartnershipForExpiredMembers', 'jobtype'=>'method', 'class'=>'/partnership/class/partnershiputils.class.php', 'objectname'=>'PartnershipUtils', 'method'=>'doCancelStatusOfMemberPartnership', 'parameters'=>'', 'comment'=>'Cancel status of partnership when subscription is expired + x days.', 'frequency'=>1, 'unitfrequency'=>86400, 'status'=>1, 'test'=>'$conf->partnership->enabled', 'datestart'=>$datestart), - 1 => array('priority'=>61, 'label'=>'CheckDolibarrBacklink', 'jobtype'=>'method', 'class'=>'/partnership/class/partnershiputils.class.php', 'objectname'=>'PartnershipUtils', 'method'=>'doWarningOfPartnershipIfDolibarrBacklinkNotfound', 'parameters'=>'', 'comment'=>'Warning of partnership if Dolibarr backlink not found on partner website.', 'frequency'=>1, 'unitfrequency'=>86400, 'status'=>0, 'test'=>'$conf->partnership->enabled', 'datestart'=>$datestart), + 1 => array('priority'=>61, 'label'=>'PartnershipCheckBacklink', 'jobtype'=>'method', 'class'=>'/partnership/class/partnershiputils.class.php', 'objectname'=>'PartnershipUtils', 'method'=>'doWarningOfPartnershipIfDolibarrBacklinkNotfound', 'parameters'=>'', 'comment'=>'Warning of partnership if Dolibarr backlink not found on partner website.', 'frequency'=>1, 'unitfrequency'=>86400, 'status'=>0, 'test'=>'$conf->partnership->enabled', 'datestart'=>$datestart), ); // Permissions provided by this module diff --git a/htdocs/core/modules/modWorkstation.class.php b/htdocs/core/modules/modWorkstation.class.php index b0fae39bb52..8e2d676bf27 100755 --- a/htdocs/core/modules/modWorkstation.class.php +++ b/htdocs/core/modules/modWorkstation.class.php @@ -263,73 +263,12 @@ class modWorkstation extends DolibarrModules $this->menu = array(); $r = 0; // Add here entries to declare new menus - /* BEGIN MODULEBUILDER TOPMENU */ - /*$this->menu[$r++] = array( - 'fk_menu'=>'', // '' if this is a top menu. For left menu, use 'fk_mainmenu=xxx' or 'fk_mainmenu=xxx,fk_leftmenu=yyy' where xxx is mainmenucode and yyy is a leftmenucode - 'type'=>'top', // This is a Top menu entry - 'titre'=>$langs->trans('GPAO'), - 'mainmenu'=>'gpao', - 'leftmenu'=>'', - 'url'=>'/workstation/workstationindex.php', - 'langs'=>'workstation@workstation', // Lang file to use (without .lang) by module. File must be in langs/code_CODE/ directory. - 'position'=>1000 + $r, - 'enabled'=>'$conf->workstation->enabled', // Define condition to show or hide menu entry. Use '$conf->workstation->enabled' if entry must be visible if module is enabled. - 'perms'=>'1', // Use 'perms'=>'$user->rights->workstation->workstation->read' if you want your menu with a permission rules - 'target'=>'', - 'user'=>2, // 0=Menu for internal users, 1=external users, 2=both - );*/ - /* END MODULEBUILDER TOPMENU */ - /* BEGIN MODULEBUILDER LEFTMENU WORKSTATION - $this->menu[$r++]=array( - 'fk_menu'=>'fk_mainmenu=workstation', // '' if this is a top menu. For left menu, use 'fk_mainmenu=xxx' or 'fk_mainmenu=xxx,fk_leftmenu=yyy' where xxx is mainmenucode and yyy is a leftmenucode - 'type'=>'left', // This is a Top menu entry - 'titre'=>'Workstation', - 'mainmenu'=>'workstation', - 'leftmenu'=>'workstation', - 'url'=>'/workstation/workstationindex.php', - 'langs'=>'workstation@workstation', // Lang file to use (without .lang) by module. File must be in langs/code_CODE/ directory. - 'position'=>1000+$r, - 'enabled'=>'$conf->workstation->enabled', // Define condition to show or hide menu entry. Use '$conf->workstation->enabled' if entry must be visible if module is enabled. - 'perms'=>'$user->rights->workstation->workstation->read', // Use 'perms'=>'$user->rights->workstation->level1->level2' if you want your menu with a permission rules - 'target'=>'', - 'user'=>2, // 0=Menu for internal users, 1=external users, 2=both - ); - $this->menu[$r++]=array( - 'fk_menu'=>'fk_mainmenu=workstation,fk_leftmenu=workstation', // '' if this is a top menu. For left menu, use 'fk_mainmenu=xxx' or 'fk_mainmenu=xxx,fk_leftmenu=yyy' where xxx is mainmenucode and yyy is a leftmenucode - 'type'=>'left', // This is a Left menu entry - 'titre'=>'List_Workstation', - 'mainmenu'=>'workstation', - 'leftmenu'=>'workstation_workstation_list', - 'url'=>'/workstation/workstation_list.php', - 'langs'=>'workstation@workstation', // Lang file to use (without .lang) by module. File must be in langs/code_CODE/ directory. - 'position'=>1000+$r, - 'enabled'=>'$conf->workstation->enabled', // Define condition to show or hide menu entry. Use '$conf->workstation->enabled' if entry must be visible if module is enabled. Use '$leftmenu==\'system\'' to show if leftmenu system is selected. - 'perms'=>'$user->rights->workstation->workstation->read', // Use 'perms'=>'$user->rights->workstation->level1->level2' if you want your menu with a permission rules - 'target'=>'', - 'user'=>2, // 0=Menu for internal users, 1=external users, 2=both - ); - $this->menu[$r++]=array( - 'fk_menu'=>'fk_mainmenu=workstation,fk_leftmenu=workstation', // '' if this is a top menu. For left menu, use 'fk_mainmenu=xxx' or 'fk_mainmenu=xxx,fk_leftmenu=yyy' where xxx is mainmenucode and yyy is a leftmenucode - 'type'=>'left', // This is a Left menu entry - 'titre'=>'New_Workstation', - 'mainmenu'=>'workstation', - 'leftmenu'=>'workstation_workstation_new', - 'url'=>'/workstation/workstation_card.php?action=create', - 'langs'=>'workstation@workstation', // Lang file to use (without .lang) by module. File must be in langs/code_CODE/ directory. - 'position'=>1000+$r, - 'enabled'=>'$conf->workstation->enabled', // Define condition to show or hide menu entry. Use '$conf->workstation->enabled' if entry must be visible if module is enabled. Use '$leftmenu==\'system\'' to show if leftmenu system is selected. - 'perms'=>'$user->rights->workstation->workstation->write', // Use 'perms'=>'$user->rights->workstation->level1->level2' if you want your menu with a permission rules - 'target'=>'', - 'user'=>2, // 0=Menu for internal users, 1=external users, 2=both - ); - */ - $this->menu[$r++]=array( // '' if this is a top menu. For left menu, use 'fk_mainmenu=xxx' or 'fk_mainmenu=xxx,fk_leftmenu=yyy' where xxx is mainmenucode and yyy is a leftmenucode 'fk_menu'=>'fk_mainmenu=mrp', // This is a Left menu entry 'type'=>'left', - 'titre'=>$langs->trans('Workstations'), + 'titre'=>'Workstations', 'prefix' => img_picto('', $this->picto, 'class="paddingright pictofixedwidth"'), 'mainmenu'=>'mrp', 'leftmenu'=>'workstation_workstation', @@ -350,7 +289,7 @@ class modWorkstation extends DolibarrModules 'fk_menu'=>'fk_mainmenu=mrp,fk_leftmenu=workstation_workstation', // This is a Left menu entry 'type'=>'left', - 'titre'=>$langs->trans('WorkstationCreate'), + 'titre'=>'WorkstationCreate', 'mainmenu'=>'mrp', 'leftmenu'=>'workstation_workstation_left_create', 'url'=>'/workstation/workstation_card.php?action=create', @@ -370,7 +309,7 @@ class modWorkstation extends DolibarrModules 'fk_menu'=>'fk_mainmenu=mrp,fk_leftmenu=workstation_workstation', // This is a Left menu entry 'type'=>'left', - 'titre'=>$langs->trans('List'), + 'titre'=>'List', 'mainmenu'=>'mrp', 'leftmenu'=>'workstation_workstation_left_list', 'url'=>'/workstation/workstation_list.php', diff --git a/htdocs/core/modules/movement/doc/pdf_standard.modules.php b/htdocs/core/modules/movement/doc/pdf_standard.modules.php index 82d930a1aac..872890958ff 100644 --- a/htdocs/core/modules/movement/doc/pdf_standard.modules.php +++ b/htdocs/core/modules/movement/doc/pdf_standard.modules.php @@ -529,8 +529,8 @@ class pdf_stdandard extends ModelePDFMovement if (!empty($conf->global->MAIN_MULTILANGS)) { // si l'option est active $sql = "SELECT label"; $sql .= " FROM ".MAIN_DB_PREFIX."product_lang"; - $sql .= " WHERE fk_product=".$objp->rowid; - $sql .= " AND lang='".$this->db->escape($langs->getDefaultLang())."'"; + $sql .= " WHERE fk_product = ".((int) $objp->rowid); + $sql .= " AND lang = '".$this->db->escape($langs->getDefaultLang())."'"; $sql .= " LIMIT 1"; $result = $this->db->query($sql); diff --git a/htdocs/core/modules/mrp/doc/doc_generic_mo_odt.modules.php b/htdocs/core/modules/mrp/doc/doc_generic_mo_odt.modules.php index 374ae5b4337..860e07d7d36 100644 --- a/htdocs/core/modules/mrp/doc/doc_generic_mo_odt.modules.php +++ b/htdocs/core/modules/mrp/doc/doc_generic_mo_odt.modules.php @@ -158,7 +158,7 @@ class doc_generic_mo_odt extends ModelePDFMo $texte .= $conf->global->MRP_MO_ADDON_PDF_ODT_PATH; $texte .= ''; $texte .= '
    '; - $texte .= ''; + $texte .= ''; $texte .= '
    '; // Scan directories diff --git a/htdocs/core/modules/mrp/mod_mo_advanced.php b/htdocs/core/modules/mrp/mod_mo_advanced.php index 3d70ded1ba2..14292f7f896 100644 --- a/htdocs/core/modules/mrp/mod_mo_advanced.php +++ b/htdocs/core/modules/mrp/mod_mo_advanced.php @@ -80,7 +80,7 @@ class mod_mo_advanced extends ModeleNumRefMos // Parametrage du prefix $texte .= ''.$langs->trans("Mask").':'; - $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; + $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; $texte .= '  '; diff --git a/htdocs/core/modules/payment/mod_payment_ant.php b/htdocs/core/modules/payment/mod_payment_ant.php index 10926805721..dca32b26505 100644 --- a/htdocs/core/modules/payment/mod_payment_ant.php +++ b/htdocs/core/modules/payment/mod_payment_ant.php @@ -82,7 +82,7 @@ class mod_payment_ant extends ModeleNumRefPayments // Parametrage du prefix $texte .= ''.$langs->trans("Mask").':'; - $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; + $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; $texte .= '  '; diff --git a/htdocs/core/modules/product/doc/doc_generic_product_odt.modules.php b/htdocs/core/modules/product/doc/doc_generic_product_odt.modules.php index 19a752d5be7..d038acd7ee5 100644 --- a/htdocs/core/modules/product/doc/doc_generic_product_odt.modules.php +++ b/htdocs/core/modules/product/doc/doc_generic_product_odt.modules.php @@ -161,7 +161,7 @@ class doc_generic_product_odt extends ModelePDFProduct $texte .= $conf->global->PRODUCT_ADDON_PDF_ODT_PATH; $texte .= ''; $texte .= '
    '; - $texte .= ''; + $texte .= ''; $texte .= '
    '; // Scan directories diff --git a/htdocs/core/modules/product/mod_codeproduct_elephant.php b/htdocs/core/modules/product/mod_codeproduct_elephant.php index 0a302c0fb6b..5936476e079 100644 --- a/htdocs/core/modules/product/mod_codeproduct_elephant.php +++ b/htdocs/core/modules/product/mod_codeproduct_elephant.php @@ -116,7 +116,7 @@ class mod_codeproduct_elephant extends ModeleProductCode // Parametrage du prefix customers $texte .= ''.$langs->trans("Mask").' ('.$langs->trans("ProductCodeModel").'):'; - $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; + $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; $texte .= '  '; @@ -124,7 +124,7 @@ class mod_codeproduct_elephant extends ModeleProductCode // Parametrage du prefix suppliers $texte .= ''.$langs->trans("Mask").' ('.$langs->trans("ServiceCodeModel").'):'; - $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; + $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; $texte .= ''; $texte .= ''; diff --git a/htdocs/core/modules/product_batch/mod_lot_advanced.php b/htdocs/core/modules/product_batch/mod_lot_advanced.php index c580d8915c9..0bbb124d14b 100644 --- a/htdocs/core/modules/product_batch/mod_lot_advanced.php +++ b/htdocs/core/modules/product_batch/mod_lot_advanced.php @@ -80,7 +80,7 @@ class mod_lot_advanced extends ModeleNumRefBatch // Parametrage du prefix $texte .= ''.$langs->trans("Mask").':'; - $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; + $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; $texte .= '  '; diff --git a/htdocs/core/modules/product_batch/mod_sn_advanced.php b/htdocs/core/modules/product_batch/mod_sn_advanced.php index 74f36a55fe6..8117b9e6c6e 100644 --- a/htdocs/core/modules/product_batch/mod_sn_advanced.php +++ b/htdocs/core/modules/product_batch/mod_sn_advanced.php @@ -80,7 +80,7 @@ class mod_sn_advanced extends ModeleNumRefBatch // Parametrage du prefix $texte .= ''.$langs->trans("Mask").':'; - $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; + $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; $texte .= '  '; diff --git a/htdocs/core/modules/project/doc/doc_generic_project_odt.modules.php b/htdocs/core/modules/project/doc/doc_generic_project_odt.modules.php index d007b421fd7..c085f1eeaac 100644 --- a/htdocs/core/modules/project/doc/doc_generic_project_odt.modules.php +++ b/htdocs/core/modules/project/doc/doc_generic_project_odt.modules.php @@ -449,7 +449,7 @@ class doc_generic_project_odt extends ModelePDFProjects $texte .= $conf->global->PROJECT_ADDON_PDF_ODT_PATH; $texte .= ''; $texte .= '
    '; - $texte .= ''; + $texte .= ''; $texte .= '
    '; // Scan directories @@ -742,7 +742,7 @@ class doc_generic_project_odt extends ModelePDFProjects $sql .= ", u.lastname, u.firstname, t.thm"; $sql .= " FROM ".MAIN_DB_PREFIX."projet_task_time as t"; $sql .= " , ".MAIN_DB_PREFIX."user as u"; - $sql .= " WHERE t.fk_task =".$task->id; + $sql .= " WHERE t.fk_task =".((int) $task->id); $sql .= " AND t.fk_user = u.rowid"; $sql .= " ORDER BY t.task_date DESC"; diff --git a/htdocs/core/modules/project/mod_project_universal.php b/htdocs/core/modules/project/mod_project_universal.php index 3ab4079c1b7..480d19396c3 100644 --- a/htdocs/core/modules/project/mod_project_universal.php +++ b/htdocs/core/modules/project/mod_project_universal.php @@ -83,7 +83,7 @@ class mod_project_universal extends ModeleNumRefProjects // Parametrage du prefix $texte .= ''.$langs->trans("Mask").':'; - $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; + $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; $texte .= '  '; diff --git a/htdocs/core/modules/project/task/doc/doc_generic_task_odt.modules.php b/htdocs/core/modules/project/task/doc/doc_generic_task_odt.modules.php index 2d263aae6c0..a04e2e9c14a 100644 --- a/htdocs/core/modules/project/task/doc/doc_generic_task_odt.modules.php +++ b/htdocs/core/modules/project/task/doc/doc_generic_task_odt.modules.php @@ -416,7 +416,7 @@ class doc_generic_task_odt extends ModelePDFTask $texte .= $conf->global->PROJECT_TASK_ADDON_PDF_ODT_PATH; $texte .= ''; $texte .= '
    '; - $texte .= ''; + $texte .= ''; $texte .= '
    '; // Scan directories @@ -657,7 +657,7 @@ class doc_generic_task_odt extends ModelePDFTask $sql .= ", u.lastname, u.firstname"; $sql .= " FROM ".MAIN_DB_PREFIX."projet_task_time as t"; $sql .= " , ".MAIN_DB_PREFIX."user as u"; - $sql .= " WHERE t.fk_task =".$object->id; + $sql .= " WHERE t.fk_task =".((int) $object->id); $sql .= " AND t.fk_user = u.rowid"; $sql .= " ORDER BY t.task_date DESC"; diff --git a/htdocs/core/modules/project/task/mod_task_universal.php b/htdocs/core/modules/project/task/mod_task_universal.php index 011ac381254..3a6ef89f3fb 100644 --- a/htdocs/core/modules/project/task/mod_task_universal.php +++ b/htdocs/core/modules/project/task/mod_task_universal.php @@ -83,7 +83,7 @@ class mod_task_universal extends ModeleNumRefTask // Parametrage du prefix $texte .= ''.$langs->trans("Mask").':'; - $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; + $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; $texte .= '  '; diff --git a/htdocs/core/modules/propale/doc/doc_generic_proposal_odt.modules.php b/htdocs/core/modules/propale/doc/doc_generic_proposal_odt.modules.php index 4a292d4a97b..e7eade5de02 100644 --- a/htdocs/core/modules/propale/doc/doc_generic_proposal_odt.modules.php +++ b/htdocs/core/modules/propale/doc/doc_generic_proposal_odt.modules.php @@ -160,7 +160,7 @@ class doc_generic_proposal_odt extends ModelePDFPropales $texte .= $conf->global->PROPALE_ADDON_PDF_ODT_PATH; $texte .= ''; $texte .= '
    '; - $texte .= ''; + $texte .= ''; $texte .= '
    '; // Scan directories @@ -209,7 +209,7 @@ class doc_generic_proposal_odt extends ModelePDFPropales // Add input to upload a new template file. $texte .= '
    '.$langs->trans("UploadNewTemplate").' '; $texte .= ''; - $texte .= ''; + $texte .= ''; $texte .= '
    '; $texte .= ''; diff --git a/htdocs/core/modules/propale/doc/pdf_cyan.modules.php b/htdocs/core/modules/propale/doc/pdf_cyan.modules.php index 0aed96df0e5..f75f5ecab56 100644 --- a/htdocs/core/modules/propale/doc/pdf_cyan.modules.php +++ b/htdocs/core/modules/propale/doc/pdf_cyan.modules.php @@ -434,13 +434,12 @@ class pdf_cyan extends ModelePDFPropales if (!empty($conf->global->MAIN_ADD_CREATOR_IN_NOTE) && $object->user_author_id > 0) { $tmpuser = new User($this->db); $tmpuser->fetch($object->user_author_id); - $notetoshow .= $langs->trans("CaseFollowedBy").' '.$tmpuser->getFullName($langs); - if ($tmpuser->email) { - $notetoshow .= ', Mail: '.$tmpuser->email; - } - if ($tmpuser->office_phone) { - $notetoshow .= ', Tel: '.$tmpuser->office_phone; - } + + $creator_info = $langs->trans("CaseFollowedBy").' '.$tmpuser->getFullName($langs); + if ($tmpuser->email) $creator_info .= ', '.$langs->trans("EMail").': '.$tmpuser->email; + if ($tmpuser->office_phone) $creator_info .= ', '.$langs->trans("Phone").': '.$tmpuser->office_phone; + + $notetoshow = dol_concatdesc($notetoshow, $creator_info); } $tab_height = $this->page_hauteur - $tab_top_newpage - $heightforinfotot - $heightforfreetext - $heightforsignature - $heightforfooter; diff --git a/htdocs/core/modules/propale/mod_propale_saphir.php b/htdocs/core/modules/propale/mod_propale_saphir.php index 5fb7eeaa6fb..ce78f341319 100644 --- a/htdocs/core/modules/propale/mod_propale_saphir.php +++ b/htdocs/core/modules/propale/mod_propale_saphir.php @@ -85,7 +85,7 @@ class mod_propale_saphir extends ModeleNumRefPropales // Parametrage du prefix $texte .= ''.$langs->trans("Mask").':'; - $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; + $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; $texte .= '  '; diff --git a/htdocs/core/modules/rapport/pdf_paiement.class.php b/htdocs/core/modules/rapport/pdf_paiement.class.php index b69ebdeb828..9f85aca1aff 100644 --- a/htdocs/core/modules/rapport/pdf_paiement.class.php +++ b/htdocs/core/modules/rapport/pdf_paiement.class.php @@ -209,7 +209,7 @@ class pdf_paiement $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".$user->id; } if (!empty($socid)) { - $sql .= " AND s.rowid = ".$socid; + $sql .= " AND s.rowid = ".((int) $socid); } // If global param PAYMENTS_REPORT_GROUP_BY_MOD is set, payement are ordered by paiement_code if (!empty($conf->global->PAYMENTS_REPORT_GROUP_BY_MOD)) { diff --git a/htdocs/core/modules/reception/doc/doc_generic_reception_odt.modules.php b/htdocs/core/modules/reception/doc/doc_generic_reception_odt.modules.php index 13a05b3378d..d70ecca00ad 100644 --- a/htdocs/core/modules/reception/doc/doc_generic_reception_odt.modules.php +++ b/htdocs/core/modules/reception/doc/doc_generic_reception_odt.modules.php @@ -153,7 +153,7 @@ class doc_generic_reception_odt extends ModelePdfReception $texte .= $conf->global->RECEPTION_ADDON_PDF_ODT_PATH; $texte .= ''; $texte .= '
    '; - $texte .= ''; + $texte .= ''; $texte .= '
    '; // Scan directories diff --git a/htdocs/core/modules/reception/mod_reception_moonstone.php b/htdocs/core/modules/reception/mod_reception_moonstone.php index bcab451ab9e..0d0ced20eb4 100644 --- a/htdocs/core/modules/reception/mod_reception_moonstone.php +++ b/htdocs/core/modules/reception/mod_reception_moonstone.php @@ -61,7 +61,7 @@ class mod_reception_moonstone extends ModelNumRefReception $tooltip .= $langs->trans("GenericMaskCodes5"); $texte .= ''.$langs->trans("Mask").':'; - $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; + $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; $texte .= '  '; $texte .= ''; $texte .= ''; diff --git a/htdocs/core/modules/societe/doc/doc_generic_odt.modules.php b/htdocs/core/modules/societe/doc/doc_generic_odt.modules.php index 1822a5b8c95..9045ed0b281 100644 --- a/htdocs/core/modules/societe/doc/doc_generic_odt.modules.php +++ b/htdocs/core/modules/societe/doc/doc_generic_odt.modules.php @@ -141,7 +141,7 @@ class doc_generic_odt extends ModeleThirdPartyDoc $texte .= ''; $texte .= ''; $texte .= '  '; - $texte .= ''; + $texte .= ''; $texte .= ''; $texte .= ''; $texte .= ''; @@ -167,7 +167,7 @@ class doc_generic_odt extends ModeleThirdPartyDoc // Add input to upload a new template file. $texte .= '
    '.$langs->trans("UploadNewTemplate").' '; $texte .= ''; - $texte .= ''; + $texte .= ''; $texte .= '
    '; $texte .= ''; diff --git a/htdocs/core/modules/societe/mod_codeclient_elephant.php b/htdocs/core/modules/societe/mod_codeclient_elephant.php index 9ddf77abe44..705564e7e8e 100644 --- a/htdocs/core/modules/societe/mod_codeclient_elephant.php +++ b/htdocs/core/modules/societe/mod_codeclient_elephant.php @@ -132,7 +132,7 @@ class mod_codeclient_elephant extends ModeleThirdPartyCode // Parametrage du prefix customers $texte .= ''.$langs->trans("Mask").' ('.$langs->trans("CustomerCodeModel").'):'; - $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; + $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; $texte .= '  '; @@ -140,7 +140,7 @@ class mod_codeclient_elephant extends ModeleThirdPartyCode // Parametrage du prefix suppliers $texte .= ''.$langs->trans("Mask").' ('.$langs->trans("SupplierCodeModel").'):'; - $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; + $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; $texte .= ''; $texte .= ''; diff --git a/htdocs/core/modules/stock/doc/doc_generic_stock_odt.modules.php b/htdocs/core/modules/stock/doc/doc_generic_stock_odt.modules.php index 2819adea021..e2d474d2dd2 100644 --- a/htdocs/core/modules/stock/doc/doc_generic_stock_odt.modules.php +++ b/htdocs/core/modules/stock/doc/doc_generic_stock_odt.modules.php @@ -155,7 +155,7 @@ class doc_generic_stock_odt extends ModelePDFStock $texte .= $conf->global->STOCK_ADDON_PDF_ODT_PATH; $texte .= ''; $texte .= '
    '; - $texte .= ''; + $texte .= ''; $texte .= '
    '; // Scan directories @@ -179,7 +179,7 @@ class doc_generic_stock_odt extends ModelePDFStock // Add input to upload a new template file. $texte .= '
    '.$langs->trans("UploadNewTemplate").' '; $texte .= ''; - $texte .= ''; + $texte .= ''; $texte .= '
    '; $texte .= ''; diff --git a/htdocs/core/modules/stock/doc/pdf_standard.modules.php b/htdocs/core/modules/stock/doc/pdf_standard.modules.php index a57b996086b..b0cc07dcb62 100644 --- a/htdocs/core/modules/stock/doc/pdf_standard.modules.php +++ b/htdocs/core/modules/stock/doc/pdf_standard.modules.php @@ -315,7 +315,7 @@ class pdf_standard extends ModelePDFStock $sql .= " FROM ".MAIN_DB_PREFIX."product_stock as ps, ".MAIN_DB_PREFIX."product as p"; $sql .= " WHERE ps.fk_product = p.rowid"; $sql .= " AND ps.reel <> 0"; // We do not show if stock is 0 (no product in this warehouse) - $sql .= " AND ps.fk_entrepot = ".$object->id; + $sql .= " AND ps.fk_entrepot = ".((int) $object->id); $sql .= $this->db->order($sortfield, $sortorder); //dol_syslog('List products', LOG_DEBUG); diff --git a/htdocs/core/modules/supplier_invoice/doc/pdf_canelle.modules.php b/htdocs/core/modules/supplier_invoice/doc/pdf_canelle.modules.php index 8f6d12df1d0..08345647b0f 100644 --- a/htdocs/core/modules/supplier_invoice/doc/pdf_canelle.modules.php +++ b/htdocs/core/modules/supplier_invoice/doc/pdf_canelle.modules.php @@ -2,7 +2,7 @@ /* Copyright (C) 2010-2011 Juanjo Menent * Copyright (C) 2010-2014 Laurent Destailleur * Copyright (C) 2015 Marcos García - * Copyright (C) 2018 Frédéric France + * Copyright (C) 2018-2021 Frédéric France * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -376,7 +376,7 @@ class pdf_canelle extends ModelePDFSuppliersInvoices $notetoshow = convertBackOfficeMediasLinksToPublicLinks($notetoshow); $pdf->SetFont('', '', $default_font_size - 1); - $pdf->writeHTMLCell(190, 3, $this->posxdesc - 1, $tab_top - 1, dol_htmlentitiesbr($object->note_public), 0, 1); + $pdf->writeHTMLCell(190, 3, $this->posxdesc - 1, $tab_top - 1, dol_htmlentitiesbr($notetoshow), 0, 1); $nexY = $pdf->GetY(); $height_note = $nexY - $tab_top; @@ -1062,7 +1062,7 @@ class pdf_canelle extends ModelePDFSuppliersInvoices * @param FactureFournisseur $object Object to show * @param int $showaddress 0=no, 1=yes * @param Translate $outputlangs Object lang for output - * @return void + * @return int */ protected function _pagehead(&$pdf, $object, $showaddress, $outputlangs) { diff --git a/htdocs/core/modules/supplier_invoice/mod_facture_fournisseur_tulip.php b/htdocs/core/modules/supplier_invoice/mod_facture_fournisseur_tulip.php index 3cf0a4a209e..57d5798c29e 100644 --- a/htdocs/core/modules/supplier_invoice/mod_facture_fournisseur_tulip.php +++ b/htdocs/core/modules/supplier_invoice/mod_facture_fournisseur_tulip.php @@ -93,7 +93,7 @@ class mod_facture_fournisseur_tulip extends ModeleNumRefSuppliersInvoices // Setting the prefix $texte .= ''.$langs->trans("Mask").' ('.$langs->trans("InvoiceStandard").')'; $texte .= ':'; - $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; + $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; $texte .= '  '; @@ -101,19 +101,19 @@ class mod_facture_fournisseur_tulip extends ModeleNumRefSuppliersInvoices // Prefix setting of credit note $texte .= ''.$langs->trans("Mask").' ('.$langs->trans("InvoiceAvoir").'):'; - $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; + $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; $texte .= ''; if ($conf->global->MAIN_FEATURE_LEVEL >= 2) { // Parametrage du prefix des replacement $texte .= ''.$langs->trans("Mask").' ('.$langs->trans("InvoiceReplacement").'):'; - $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; + $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; $texte .= ''; } // Prefix setting of deposit $texte .= ''.$langs->trans("Mask").' ('.$langs->trans("InvoiceDeposit").'):'; - $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; + $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; $texte .= ''; $texte .= ''; diff --git a/htdocs/core/modules/supplier_order/doc/doc_generic_supplier_order_odt.modules.php b/htdocs/core/modules/supplier_order/doc/doc_generic_supplier_order_odt.modules.php index 9e9799f44c6..b7fd399edef 100644 --- a/htdocs/core/modules/supplier_order/doc/doc_generic_supplier_order_odt.modules.php +++ b/htdocs/core/modules/supplier_order/doc/doc_generic_supplier_order_odt.modules.php @@ -159,7 +159,7 @@ class doc_generic_supplier_order_odt extends ModelePDFSuppliersOrders $texte .= $conf->global->SUPPLIER_ORDER_ADDON_PDF_ODT_PATH; $texte .= ''; $texte .= '
    '; - $texte .= ''; + $texte .= ''; $texte .= '
    '; // Scan directories diff --git a/htdocs/core/modules/supplier_order/doc/pdf_cornas.modules.php b/htdocs/core/modules/supplier_order/doc/pdf_cornas.modules.php index c60f82e9c4a..245897e1956 100644 --- a/htdocs/core/modules/supplier_order/doc/pdf_cornas.modules.php +++ b/htdocs/core/modules/supplier_order/doc/pdf_cornas.modules.php @@ -240,8 +240,15 @@ class pdf_cornas extends ModelePDFSuppliersOrders $realpath = ''; foreach ($objphoto->liste_photos($dir, 1) as $key => $obj) { - $filename = $obj['photo']; - //if ($obj['photo_vignette']) $filename='thumbs/'.$obj['photo_vignette']; + if (empty($conf->global->CAT_HIGH_QUALITY_IMAGES)) { // If CAT_HIGH_QUALITY_IMAGES not defined, we use thumb if defined and then original photo + if ($obj['photo_vignette']) { + $filename = $obj['photo_vignette']; + } else { + $filename = $obj['photo']; + } + } else { + $filename = $obj['photo']; + } $realpath = $dir.$filename; break; } diff --git a/htdocs/core/modules/supplier_order/doc/pdf_muscadet.modules.php b/htdocs/core/modules/supplier_order/doc/pdf_muscadet.modules.php index c6d9cf8da14..bb12b19c829 100644 --- a/htdocs/core/modules/supplier_order/doc/pdf_muscadet.modules.php +++ b/htdocs/core/modules/supplier_order/doc/pdf_muscadet.modules.php @@ -254,8 +254,15 @@ class pdf_muscadet extends ModelePDFSuppliersOrders } $realpath = ''; foreach ($objphoto->liste_photos($dir, 1) as $key => $obj) { - $filename = $obj['photo']; - //if ($obj['photo_vignette']) $filename='thumbs/'.$obj['photo_vignette']; + if (empty($conf->global->CAT_HIGH_QUALITY_IMAGES)) { // If CAT_HIGH_QUALITY_IMAGES not defined, we use thumb if defined and then original photo + if ($obj['photo_vignette']) { + $filename = $obj['photo_vignette']; + } else { + $filename = $obj['photo']; + } + } else { + $filename = $obj['photo']; + } $realpath = $dir.$filename; break; } diff --git a/htdocs/core/modules/supplier_order/mod_commande_fournisseur_orchidee.php b/htdocs/core/modules/supplier_order/mod_commande_fournisseur_orchidee.php index a609eeade08..c691b1448ef 100644 --- a/htdocs/core/modules/supplier_order/mod_commande_fournisseur_orchidee.php +++ b/htdocs/core/modules/supplier_order/mod_commande_fournisseur_orchidee.php @@ -85,7 +85,7 @@ class mod_commande_fournisseur_orchidee extends ModeleNumRefSuppliersOrders // Parametrage du prefix $texte .= ''.$langs->trans("Mask").':'; - $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; + $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; $texte .= '  '; diff --git a/htdocs/core/modules/supplier_payment/mod_supplier_payment_brodator.php b/htdocs/core/modules/supplier_payment/mod_supplier_payment_brodator.php index 8f3b7ad36df..19e632a6264 100644 --- a/htdocs/core/modules/supplier_payment/mod_supplier_payment_brodator.php +++ b/htdocs/core/modules/supplier_payment/mod_supplier_payment_brodator.php @@ -82,7 +82,7 @@ class mod_supplier_payment_brodator extends ModeleNumRefSupplierPayments // Parametrage du prefix $texte .= ''.$langs->trans("Mask").':'; - $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; + $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; $texte .= '  '; diff --git a/htdocs/core/modules/supplier_proposal/doc/doc_generic_supplier_proposal_odt.modules.php b/htdocs/core/modules/supplier_proposal/doc/doc_generic_supplier_proposal_odt.modules.php index 4b761f8099b..7e300c68643 100644 --- a/htdocs/core/modules/supplier_proposal/doc/doc_generic_supplier_proposal_odt.modules.php +++ b/htdocs/core/modules/supplier_proposal/doc/doc_generic_supplier_proposal_odt.modules.php @@ -162,7 +162,7 @@ class doc_generic_supplier_proposal_odt extends ModelePDFSupplierProposal $texte .= $conf->global->SUPPLIER_PROPOSAL_ADDON_PDF_ODT_PATH; $texte .= ''; $texte .= '
    '; - $texte .= ''; + $texte .= ''; $texte .= '
    '; // Scan directories diff --git a/htdocs/core/modules/supplier_proposal/doc/pdf_aurore.modules.php b/htdocs/core/modules/supplier_proposal/doc/pdf_aurore.modules.php index c6cc6e8d1b1..cbcec7cfdd9 100644 --- a/htdocs/core/modules/supplier_proposal/doc/pdf_aurore.modules.php +++ b/htdocs/core/modules/supplier_proposal/doc/pdf_aurore.modules.php @@ -245,14 +245,21 @@ class pdf_aurore extends ModelePDFSupplierProposal $pdir = get_exdir($object->lines[$i]->fk_product, 2, 0, 0, $objphoto, 'product').$object->lines[$i]->fk_product."/photos/"; $dir = $conf->product->dir_output.'/'.$pdir; } else { - $pdir = get_exdir(0, 2, 0, 0, $objphoto, 'product').dol_sanitizeFileName($objphoto->ref).'/'; + $pdir = get_exdir(0, 0, 0, 0, $objphoto, 'product'); $dir = $conf->product->dir_output.'/'.$pdir; } $realpath = ''; foreach ($objphoto->liste_photos($dir, 1) as $key => $obj) { - $filename = $obj['photo']; - //if ($obj['photo_vignette']) $filename='thumbs/'.$obj['photo_vignette']; + if (empty($conf->global->CAT_HIGH_QUALITY_IMAGES)) { // If CAT_HIGH_QUALITY_IMAGES not defined, we use thumb if defined and then original photo + if ($obj['photo_vignette']) { + $filename = $obj['photo_vignette']; + } else { + $filename = $obj['photo']; + } + } else { + $filename = $obj['photo']; + } $realpath = $dir.$filename; break; } diff --git a/htdocs/core/modules/supplier_proposal/mod_supplier_proposal_saphir.php b/htdocs/core/modules/supplier_proposal/mod_supplier_proposal_saphir.php index adf53aed4e6..3b8754d9928 100644 --- a/htdocs/core/modules/supplier_proposal/mod_supplier_proposal_saphir.php +++ b/htdocs/core/modules/supplier_proposal/mod_supplier_proposal_saphir.php @@ -85,7 +85,7 @@ class mod_supplier_proposal_saphir extends ModeleNumRefSupplierProposal // Parametrage du prefix $texte .= ''.$langs->trans("Mask").':'; - $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; + $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; $texte .= '  '; diff --git a/htdocs/core/modules/takepos/mod_takepos_ref_universal.php b/htdocs/core/modules/takepos/mod_takepos_ref_universal.php index e6487db6ed1..d103dbe3b0b 100644 --- a/htdocs/core/modules/takepos/mod_takepos_ref_universal.php +++ b/htdocs/core/modules/takepos/mod_takepos_ref_universal.php @@ -79,7 +79,7 @@ class mod_takepos_ref_universal extends ModeleNumRefTakepos // Parametrage du prefix $texte .= ''.$langs->trans("Mask").':'; - $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; + $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; $texte .= '  '; diff --git a/htdocs/core/modules/ticket/doc/doc_generic_ticket_odt.modules.php b/htdocs/core/modules/ticket/doc/doc_generic_ticket_odt.modules.php index eb90baef7e5..d1d3763fb2e 100644 --- a/htdocs/core/modules/ticket/doc/doc_generic_ticket_odt.modules.php +++ b/htdocs/core/modules/ticket/doc/doc_generic_ticket_odt.modules.php @@ -150,7 +150,7 @@ class doc_generic_ticket_odt extends ModelePDFTicket $texte .= $conf->global->TICKET_ADDON_PDF_ODT_PATH; $texte .= ''; $texte .= '
    '; - $texte .= ''; + $texte .= ''; $texte .= '
    '; // Scan directories @@ -167,7 +167,7 @@ class doc_generic_ticket_odt extends ModelePDFTicket // Add input to upload a new template file. $texte .= '
    '.$langs->trans("UploadNewTemplate").' '; $texte .= ''; - $texte .= ''; + $texte .= ''; $texte .= '
    '; $texte .= ''; diff --git a/htdocs/core/modules/ticket/mod_ticket_universal.php b/htdocs/core/modules/ticket/mod_ticket_universal.php index 1a528359221..f60b1f16481 100644 --- a/htdocs/core/modules/ticket/mod_ticket_universal.php +++ b/htdocs/core/modules/ticket/mod_ticket_universal.php @@ -81,7 +81,7 @@ class mod_ticket_universal extends ModeleNumRefTicket // Parametrage du prefix $texte .= ''.$langs->trans("Mask").':'; - $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; + $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; $texte .= '  '; diff --git a/htdocs/core/modules/user/doc/doc_generic_user_odt.modules.php b/htdocs/core/modules/user/doc/doc_generic_user_odt.modules.php index fb24e2782c9..035a99fe744 100644 --- a/htdocs/core/modules/user/doc/doc_generic_user_odt.modules.php +++ b/htdocs/core/modules/user/doc/doc_generic_user_odt.modules.php @@ -159,7 +159,7 @@ class doc_generic_user_odt extends ModelePDFUser $texte .= $conf->global->USER_ADDON_PDF_ODT_PATH; $texte .= ''; $texte .= '
    '; - $texte .= ''; + $texte .= ''; $texte .= '
    '; // Scan directories @@ -199,7 +199,7 @@ class doc_generic_user_odt extends ModelePDFUser // Add input to upload a new template file. $texte .= '
    '.$langs->trans("UploadNewTemplate").' '; $texte .= ''; - $texte .= ''; + $texte .= ''; $texte .= '
    '; $texte .= ''; diff --git a/htdocs/core/modules/usergroup/doc/doc_generic_usergroup_odt.modules.php b/htdocs/core/modules/usergroup/doc/doc_generic_usergroup_odt.modules.php index 45a9469753e..04d9957458b 100644 --- a/htdocs/core/modules/usergroup/doc/doc_generic_usergroup_odt.modules.php +++ b/htdocs/core/modules/usergroup/doc/doc_generic_usergroup_odt.modules.php @@ -162,7 +162,7 @@ class doc_generic_usergroup_odt extends ModelePDFUserGroup $texte .= $conf->global->USERGROUP_ADDON_PDF_ODT_PATH; $texte .= ''; $texte .= '
    '; - $texte .= ''; + $texte .= ''; $texte .= '
    '; // Scan directories diff --git a/htdocs/core/modules/workstation/mod_workstation_advanced.php b/htdocs/core/modules/workstation/mod_workstation_advanced.php index 4e23219581c..bf783542c75 100755 --- a/htdocs/core/modules/workstation/mod_workstation_advanced.php +++ b/htdocs/core/modules/workstation/mod_workstation_advanced.php @@ -80,7 +80,7 @@ class mod_workstation_advanced extends ModeleNumRefWorkstation // Parametrage du prefix $texte .= ''.$langs->trans("Mask").':'; - $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; + $texte .= ''.$form->textwithpicto('', $tooltip, 1, 1).''; $texte .= '  '; diff --git a/htdocs/core/tpl/card_presend.tpl.php b/htdocs/core/tpl/card_presend.tpl.php index 9c1387d7d58..c741fb213c2 100644 --- a/htdocs/core/tpl/card_presend.tpl.php +++ b/htdocs/core/tpl/card_presend.tpl.php @@ -76,7 +76,7 @@ if ($action == 'presend') { if (empty($object->ref_client)) { $topicmail = $outputlangs->trans($defaulttopic, '__REF__'); } elseif (!empty($object->ref_client)) { - $topicmail = $outputlangs->trans($defaulttopic, '__REF__ (__REFCLIENT__)'); + $topicmail = $outputlangs->trans($defaulttopic, '__REF__ (__REF_CLIENT__)'); } // Build document if it not exists @@ -194,7 +194,7 @@ if ($action == 'presend') { $formmail->withto = $liste; $formmail->withtofree = (GETPOSTISSET('sendto') ? (GETPOST('sendto', 'alphawithlgt') ? GETPOST('sendto', 'alphawithlgt') : '1') : '1'); $formmail->withtocc = $liste; - $formmail->withtoccc = $conf->global->MAIN_EMAIL_USECCC; + $formmail->withtoccc = getDolGlobalString('MAIN_EMAIL_USECCC'); $formmail->withtopic = $topicmail; $formmail->withfile = 2; $formmail->withbody = 1; diff --git a/htdocs/core/tpl/commonfields_add.tpl.php b/htdocs/core/tpl/commonfields_add.tpl.php index 639be537dba..3a43f04c149 100644 --- a/htdocs/core/tpl/commonfields_add.tpl.php +++ b/htdocs/core/tpl/commonfields_add.tpl.php @@ -82,7 +82,7 @@ foreach ($object->fields as $key => $val) { } else { $value = GETPOST($key, 'alphanohtml'); } - if ($val['noteditable']) { + if (!empty($val['noteditable'])) { print $object->showOutputField($val, $key, $value, '', '', '', 0); } else { print $object->showInputField($val, $key, $value, '', '', '', 0); diff --git a/htdocs/core/tpl/commonfields_view.tpl.php b/htdocs/core/tpl/commonfields_view.tpl.php index 4b7821c2dad..f9da77c5894 100644 --- a/htdocs/core/tpl/commonfields_view.tpl.php +++ b/htdocs/core/tpl/commonfields_view.tpl.php @@ -74,7 +74,7 @@ foreach ($object->fields as $key => $val) { if ($val['type'] == 'text') { print ' wordbreak'; } - if ($val['cssview']) { + if (!empty($val['cssview'])) { print ' '.$val['cssview']; } print '">'; diff --git a/htdocs/core/tpl/document_actions_post_headers.tpl.php b/htdocs/core/tpl/document_actions_post_headers.tpl.php index 4a43da6d6cc..45090824248 100644 --- a/htdocs/core/tpl/document_actions_post_headers.tpl.php +++ b/htdocs/core/tpl/document_actions_post_headers.tpl.php @@ -112,7 +112,7 @@ if (!isset($savingdocmask) || !empty($conf->global->MAIN_DISABLE_SUGGEST_REF_AS_ } } -if (!is_object($formfile)) { +if (empty($formfile) || !is_object($formfile)) { $formfile = new FormFile($db); } diff --git a/htdocs/core/tpl/extrafields_list_array_fields.tpl.php b/htdocs/core/tpl/extrafields_list_array_fields.tpl.php index ebab4e8608a..f7c9fc201f4 100644 --- a/htdocs/core/tpl/extrafields_list_array_fields.tpl.php +++ b/htdocs/core/tpl/extrafields_list_array_fields.tpl.php @@ -23,6 +23,7 @@ if (!empty($extrafieldsobjectkey)) { // $extrafieldsobject is the $object->table if (!empty($extrafields->attributes[$extrafieldsobjectkey]['list'][$key])) { $arrayfields[$extrafieldsobjectprefix.$key] = array( 'label' => $extrafields->attributes[$extrafieldsobjectkey]['label'][$key], + 'type' => $extrafields->attributes[$extrafieldsobjectkey]['type'][$key], 'checked' => (($extrafields->attributes[$extrafieldsobjectkey]['list'][$key] < 0) ? 0 : 1), 'position' => $extrafields->attributes[$extrafieldsobjectkey]['pos'][$key], 'enabled' => (abs((int) $extrafields->attributes[$extrafieldsobjectkey]['list'][$key]) != 3 && $extrafields->attributes[$extrafieldsobjectkey]['perms'][$key]), diff --git a/htdocs/core/tpl/extrafields_list_print_fields.tpl.php b/htdocs/core/tpl/extrafields_list_print_fields.tpl.php index 021ff42a9d3..7d547d52dea 100644 --- a/htdocs/core/tpl/extrafields_list_print_fields.tpl.php +++ b/htdocs/core/tpl/extrafields_list_print_fields.tpl.php @@ -11,7 +11,7 @@ if (empty($extrafieldsobjectkey) && is_object($object)) { } // Loop to show all columns of extrafields from $obj, $extrafields and $db -if (!empty($extrafieldsobjectkey)) { // $extrafieldsobject is the $object->table_element like 'societe', 'socpeople', ... +if (!empty($extrafieldsobjectkey) && !empty($extrafields->attributes[$extrafieldsobjectkey])) { // $extrafieldsobject is the $object->table_element like 'societe', 'socpeople', ... if (key_exists('label', $extrafields->attributes[$extrafieldsobjectkey]) && is_array($extrafields->attributes[$extrafieldsobjectkey]['label']) && count($extrafields->attributes[$extrafieldsobjectkey]['label'])) { if (empty($extrafieldsobjectprefix)) { $extrafieldsobjectprefix = 'ef.'; @@ -66,6 +66,12 @@ if (!empty($extrafieldsobjectkey)) { // $extrafieldsobject is the $object->table if (!$i) { $totalarray['pos'][$totalarray['nbfield']] = $extrafieldsobjectprefix.$tmpkey; } + if (!isset($totalarray['val'])) { + $totalarray['val'] = array(); + } + if (!isset($totalarray['val'][$extrafieldsobjectprefix.$tmpkey])) { + $totalarray['val'][$extrafieldsobjectprefix.$tmpkey] = 0; + } $totalarray['val'][$extrafieldsobjectprefix.$tmpkey] += $obj->$tmpkey; } } diff --git a/htdocs/core/tpl/login.tpl.php b/htdocs/core/tpl/login.tpl.php index b5dc9b90be0..9af5bc7d7b4 100644 --- a/htdocs/core/tpl/login.tpl.php +++ b/htdocs/core/tpl/login.tpl.php @@ -180,7 +180,7 @@ if ($disablenofollow) { } ?> -" name="username" class="flat input-icon-user minwidth150" value="" tabindex="1" autofocus="autofocus" /> +" name="username" class="flat input-icon-user minwidth150" value="" tabindex="1" autofocus="autofocus" /> @@ -192,7 +192,7 @@ if ($disablenofollow) { } ?> -" name="password" class="flat input-icon-password minwidth150" type="password" value="" tabindex="2" autocomplete="global->MAIN_LOGIN_ENABLE_PASSWORD_AUTOCOMPLETE) ? 'off' : 'on'; ?>" /> +" name="password" class="flat input-icon-password minwidth150" value="" tabindex="2" autocomplete="global->MAIN_LOGIN_ENABLE_PASSWORD_AUTOCOMPLETE) ? 'off' : 'on'; ?>" /> withtofree = empty($liste) ? 1 : 0; $formmail->withtocc = 1; $formmail->withtoccc = $conf->global->MAIN_EMAIL_USECCC; - $formmail->withtopic = $langs->transnoentities($topicmail, '__REF__', '__REFCLIENT__'); + $formmail->withtopic = $langs->transnoentities($topicmail, '__REF__', '__REF_CLIENT__'); $formmail->withfile = 1; // $formmail->withfile = 2; Not yet supported in mass action $formmail->withmaindocfile = 1; // Add a checkbox "Attach also main document" diff --git a/htdocs/core/tpl/passwordforgotten.tpl.php b/htdocs/core/tpl/passwordforgotten.tpl.php index 3e2fb78bdb0..6e890f06e80 100644 --- a/htdocs/core/tpl/passwordforgotten.tpl.php +++ b/htdocs/core/tpl/passwordforgotten.tpl.php @@ -129,7 +129,7 @@ if (!empty($disablenofollow)) {
    -" id="username" name="username" class="flat input-icon-user minwidth150" value="" tabindex="1" /> +" id="username" name="username" class="flat input-icon-user minwidth150" value="" tabindex="1" />
    diff --git a/htdocs/core/triggers/interface_50_modAgenda_ActionsAuto.class.php b/htdocs/core/triggers/interface_50_modAgenda_ActionsAuto.class.php index 8e98030b484..8e23c258d88 100644 --- a/htdocs/core/triggers/interface_50_modAgenda_ActionsAuto.class.php +++ b/htdocs/core/triggers/interface_50_modAgenda_ActionsAuto.class.php @@ -544,13 +544,18 @@ class InterfaceActionsAuto extends DolibarrTriggers $object->sendtoid = 0; } elseif ($action == 'ORDER_SUPPLIER_REFUSE') { // Load translation files required by the page - $langs->loadLangs(array("agenda", "other", "orders")); + $langs->loadLangs(array("agenda", "other", "orders", "main")); if (empty($object->actionmsg2)) { $object->actionmsg2 = $langs->transnoentities("OrderRefusedInDolibarr", $object->ref); } $object->actionmsg = $langs->transnoentities("OrderRefusedInDolibarr", $object->ref); + if (!empty($object->refuse_note)) { + $object->actionmsg .= '
    '; + $object->actionmsg .= $langs->trans("Reason") . ': '.$object->refuse_note; + } + $object->sendtoid = 0; } elseif ($action == 'ORDER_SUPPLIER_SUBMIT') { // Load translation files required by the page diff --git a/htdocs/core/triggers/interface_50_modLdap_Ldapsynchro.class.php b/htdocs/core/triggers/interface_50_modLdap_Ldapsynchro.class.php index 28565114a21..d4db5ebccfc 100644 --- a/htdocs/core/triggers/interface_50_modLdap_Ldapsynchro.class.php +++ b/htdocs/core/triggers/interface_50_modLdap_Ldapsynchro.class.php @@ -125,6 +125,50 @@ class InterfaceLdapsynchro extends DolibarrTriggers $newparent = $object->_load_ldap_dn($info, 1); $result = $ldap->update($dn, $info, $user, $olddn, $newrdn, $newparent); + + if ($result > 0 && !empty($object->context['newgroupid'])) { // We are in context of adding a new group to user + $usergroup = new Usergroup($this->db); + + $usergroup->fetch($object->context['newgroupid']); + + $oldinfo = $usergroup->_load_ldap_info(); + $olddn = $usergroup->_load_ldap_dn($oldinfo); + + // Verify if entry exist + $container = $usergroup->_load_ldap_dn($oldinfo, 1); + $search = "(".$usergroup->_load_ldap_dn($oldinfo, 2).")"; + $records = $ldap->search($container, $search); + if (count($records) && $records['count'] == 0) { + $olddn = ''; + } + + $info = $usergroup->_load_ldap_info(); // Contains all members, included the new one (insert already done before trigger call) + $dn = $usergroup->_load_ldap_dn($info); + + $result = $ldap->update($dn, $info, $user, $olddn); + } + + if ($result > 0 && !empty($object->context['oldgroupid'])) { // We are in context of removing a group from user + $usergroup = new Usergroup($this->db); + + $usergroup->fetch($object->context['oldgroupid']); + + $oldinfo = $usergroup->_load_ldap_info(); + $olddn = $usergroup->_load_ldap_dn($oldinfo); + + // Verify if an entry exists + $container = $usergroup->_load_ldap_dn($oldinfo, 1); + $search = "(".$usergroup->_load_ldap_dn($oldinfo, 2).")"; + $records = $ldap->search($container, $search); + if (count($records) && $records['count'] == 0) { + $olddn = ''; + } + + $info = $usergroup->_load_ldap_info(); // Contains all members, except the old one (remove already done before trigger call) + $dn = $usergroup->_load_ldap_dn($info); + + $result = $ldap->update($dn, $info, $user, $olddn); + } } if ($result < 0) { diff --git a/htdocs/core/triggers/interface_90_modSociete_ContactRoles.class.php b/htdocs/core/triggers/interface_90_modSociete_ContactRoles.class.php index 26e1c35449c..c8e27f66189 100644 --- a/htdocs/core/triggers/interface_90_modSociete_ContactRoles.class.php +++ b/htdocs/core/triggers/interface_90_modSociete_ContactRoles.class.php @@ -82,12 +82,9 @@ class InterfaceContactRoles extends DolibarrTriggers if (is_array($TContact) && !empty($TContact)) { $TContactAlreadyLinked = array(); - if ($object->id > 0) { - $cloneFrom = dol_clone($object, 1); - if (!empty($cloneFrom->id)) { - $TContactAlreadyLinked = array_merge($cloneFrom->liste_contact(-1, 'external'), $cloneFrom->liste_contact(-1, 'internal')); - } + if ($object->id > 0) { + $TContactAlreadyLinked = array_merge($object->liste_contact(-1, 'external'), $object->liste_contact(-1, 'internal')); } foreach ($TContact as $i => $infos) { diff --git a/htdocs/core/triggers/interface_99_modZapier_ZapierTriggers.class.php b/htdocs/core/triggers/interface_99_modZapier_ZapierTriggers.class.php index 4e808d5bf15..8025f0c0293 100644 --- a/htdocs/core/triggers/interface_99_modZapier_ZapierTriggers.class.php +++ b/htdocs/core/triggers/interface_99_modZapier_ZapierTriggers.class.php @@ -174,8 +174,27 @@ class InterfaceZapierTriggers extends DolibarrTriggers // Contacts case 'CONTACT_CREATE': + $resql = $this->db->query($sql); + while ($resql && $obj = $this->db->fetch_array($resql)) { + $cleaned = cleanObjectDatas(dol_clone($object)); + $json = json_encode($cleaned); + // call the zapierPostWebhook() function + zapierPostWebhook($obj['url'], $json); + } + $logtriggeraction = true; + break; case 'CONTACT_MODIFY': + $resql = $this->db->query($sql); + while ($resql && $obj = $this->db->fetch_array($resql)) { + $cleaned = cleanObjectDatas(dol_clone($object)); + $json = json_encode($cleaned); + // call the zapierPostWebhook() function + zapierPostWebhook($obj['url'], $json); + } + $logtriggeraction = true; + break; case 'CONTACT_DELETE': + break; case 'CONTACT_ENABLEDISABLE': break; // Products @@ -320,10 +339,28 @@ class InterfaceZapierTriggers extends DolibarrTriggers // case 'LINEFICHINTER_DELETE': // Members - // case 'MEMBER_CREATE': + case 'MEMBER_CREATE': + $resql = $this->db->query($sql); + while ($resql && $obj = $this->db->fetch_array($resql)) { + $cleaned = cleanObjectDatas(dol_clone($object)); + $json = json_encode($cleaned); + // call the zapierPostWebhook() function + zapierPostWebhook($obj['url'], $json); + } + $logtriggeraction = true; + break; + case 'MEMBER_MODIFY': + $resql = $this->db->query($sql); + while ($resql && $obj = $this->db->fetch_array($resql)) { + $cleaned = cleanObjectDatas(dol_clone($object)); + $json = json_encode($cleaned); + // call the zapierPostWebhook() function + zapierPostWebhook($obj['url'], $json); + } + $logtriggeraction = true; + break; // case 'MEMBER_VALIDATE': // case 'MEMBER_SUBSCRIPTION': - // case 'MEMBER_MODIFY': // case 'MEMBER_NEW_PASSWORD': // case 'MEMBER_RESILIATE': // case 'MEMBER_DELETE': diff --git a/htdocs/cron/list.php b/htdocs/cron/list.php index 2132cbc141b..4d829258b2b 100644 --- a/htdocs/cron/list.php +++ b/htdocs/cron/list.php @@ -1,7 +1,7 @@ - * Copyright (C) 2013-2019 Laurent Destailleur + * Copyright (C) 2013-2021 Laurent Destailleur * Copyright (C) 2019 Frédéric France * * This program is free software; you can redistribute it and/or modify @@ -24,7 +24,6 @@ * \brief Lists Jobs */ - require '../main.inc.php'; require_once DOL_DOCUMENT_ROOT.'/core/lib/admin.lib.php'; require_once DOL_DOCUMENT_ROOT.'/cron/class/cronjob.class.php'; @@ -202,7 +201,7 @@ if (empty($reshook)) { $permissiontodelete = $user->rights->cron->delete; $uploaddir = $conf->cron->dir_output; include DOL_DOCUMENT_ROOT.'/core/actions_massactions.inc.php'; - if ($permissiontoadd) { + if ($massaction && $permissiontoadd) { $tmpcron = new Cronjob($db); foreach ($toselect as $id) { $result = $tmpcron->fetch($id); @@ -600,7 +599,7 @@ if ($num > 0) { print ''; // Output of last run - print ''; + print ''; if (!empty($obj->lastoutput)) { print dol_trunc(nl2br($obj->lastoutput), 50); } diff --git a/htdocs/datapolicy/class/actions_datapolicy.class.php b/htdocs/datapolicy/class/actions_datapolicy.class.php index cbcaceec743..e54086149fe 100644 --- a/htdocs/datapolicy/class/actions_datapolicy.class.php +++ b/htdocs/datapolicy/class/actions_datapolicy.class.php @@ -121,7 +121,7 @@ class ActionsDatapolicy if ($object->update($object->id, $user, 0)) { // On supprime les contacts associé - $sql = "DELETE FROM ".MAIN_DB_PREFIX."socpeople WHERE fk_soc = ".$object->id; + $sql = "DELETE FROM ".MAIN_DB_PREFIX."socpeople WHERE fk_soc = ".((int) $object->id); $this->db->query($sql); setEventMessages($langs->trans('ANONYMISER_SUCCESS'), array()); @@ -196,7 +196,6 @@ class ActionsDatapolicy echo $object->phone_pro.';'; echo $object->phone_perso.';'; echo $object->phone_mobile.';'; - echo $object->jabberid.';'; echo dol_print_date($object->birth).';'; exit; } elseif ($parameters['currentcontext'] == 'contactcard' && $action == 'send_datapolicy') { diff --git a/htdocs/don/class/api_donations.class.php b/htdocs/don/class/api_donations.class.php index b960a2fdb8f..cfd9e8ccd8b 100644 --- a/htdocs/don/class/api_donations.class.php +++ b/htdocs/don/class/api_donations.class.php @@ -16,9 +16,9 @@ * along with this program. If not, see . */ - use Luracast\Restler\RestException; +use Luracast\Restler\RestException; - require_once DOL_DOCUMENT_ROOT.'/don/class/don.class.php'; +require_once DOL_DOCUMENT_ROOT.'/don/class/don.class.php'; /** * API class for donations @@ -33,7 +33,7 @@ class Donations extends DolibarrApi * @var array $FIELDS Mandatory fields, checked when create and update object */ public static $FIELDS = array( - 'socid' + 'amount' ); /** @@ -123,7 +123,7 @@ class Donations extends DolibarrApi $sql .= " AND t.fk_soc = sc.fk_soc"; } if ($thirdparty_ids) { - $sql .= " AND t.fk_soc = ".$thirdparty_ids." "; + $sql .= " AND t.fk_soc = ".((int) $thirdparty_ids)." "; } // Add sql filters @@ -199,7 +199,7 @@ class Donations extends DolibarrApi }*/ if ($this->don->create(DolibarrApiAccess::$user) < 0) { - throw new RestException(500, "Error creating order", array_merge(array($this->don->error), $this->don->errors)); + throw new RestException(500, "Error creating donation", array_merge(array($this->don->error), $this->don->errors)); } return $this->don->id; @@ -311,7 +311,7 @@ class Donations extends DolibarrApi throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login); } - $result = $this->don->valid(DolibarrApiAccess::$user, $idwarehouse, $notrigger); + $result = $this->don->valid_promesse($id, DolibarrApiAccess::$user->id, $notrigger); if ($result == 0) { throw new RestException(304, 'Error nothing done. May be object is already validated'); } @@ -364,7 +364,7 @@ class Donations extends DolibarrApi private function _validate($data) { $don = array(); - foreach (Orders::$FIELDS as $field) { + foreach (Donations::$FIELDS as $field) { if (!isset($data[$field])) { throw new RestException(400, $field." field missing"); } diff --git a/htdocs/don/class/don.class.php b/htdocs/don/class/don.class.php index 0376ade3f31..181b3fc0ca3 100644 --- a/htdocs/don/class/don.class.php +++ b/htdocs/don/class/don.class.php @@ -380,7 +380,7 @@ class Don extends CommonObject $sql .= ", phone"; $sql .= ", phone_mobile"; $sql .= ") VALUES ("; - $sql .= "'".$this->db->idate($now)."'"; + $sql .= "'".$this->db->idate($this->date ? $this->date : $now)."'"; $sql .= ", ".$conf->entity; $sql .= ", ".price2num($this->amount); $sql .= ", ".($this->modepaymentid ? $this->modepaymentid : "null"); @@ -476,8 +476,8 @@ class Don extends CommonObject $sql .= ",address='".$this->db->escape($this->address)."'"; $sql .= ",zip='".$this->db->escape($this->zip)."'"; $sql .= ",town='".$this->db->escape($this->town)."'"; - $sql .= ",fk_country = ".($this->country_id > 0 ? $this->country_id : '0'); - $sql .= ",public=".$this->public; + $sql .= ",fk_country = ".($this->country_id > 0 ? ((int) $this->country_id) : '0'); + $sql .= ",public=".((int) $this->public); $sql .= ",fk_projet=".($this->fk_project > 0 ? $this->fk_project : 'null'); $sql .= ",note_private=".(!empty($this->note_private) ? ("'".$this->db->escape($this->note_private)."'") : "NULL"); $sql .= ",note_public=".(!empty($this->note_public) ? ("'".$this->db->escape($this->note_public)."'") : "NULL"); @@ -486,8 +486,8 @@ class Don extends CommonObject $sql .= ",email='".$this->db->escape(trim($this->email))."'"; $sql .= ",phone='".$this->db->escape(trim($this->phone))."'"; $sql .= ",phone_mobile='".$this->db->escape(trim($this->phone_mobile))."'"; - $sql .= ",fk_statut=".$this->statut; - $sql .= " WHERE rowid = ".$this->id; + $sql .= ",fk_statut=".((int) $this->statut); + $sql .= " WHERE rowid = ".((int) $this->id); dol_syslog(get_class($this)."::Update", LOG_DEBUG); $resql = $this->db->query($sql); diff --git a/htdocs/don/class/paymentdonation.class.php b/htdocs/don/class/paymentdonation.class.php index 82c3ddde7fa..b5775ce18ac 100644 --- a/htdocs/don/class/paymentdonation.class.php +++ b/htdocs/don/class/paymentdonation.class.php @@ -189,8 +189,8 @@ class PaymentDonation extends CommonObject $sql .= " fk_user_creat, fk_bank)"; $sql .= " VALUES ($this->chid, '".$this->db->idate($now)."',"; $sql .= " '".$this->db->idate($this->datepaid)."',"; - $sql .= " ".$totalamount.","; - $sql .= " ".$this->paymenttype.", '".$this->db->escape($this->num_payment)."', '".$this->db->escape($this->note_public)."', "; + $sql .= " ".price2num($totalamount).","; + $sql .= " ".((int) $this->paymenttype).", '".$this->db->escape($this->num_payment)."', '".$this->db->escape($this->note_public)."', "; $sql .= " ".($this->ext_payment_id ? "'".$this->db->escape($this->ext_payment_id)."'" : "null").", ".($this->ext_payment_site ? "'".$this->db->escape($this->ext_payment_site)."'" : "null").","; $sql .= " ".$user->id.", 0)"; diff --git a/htdocs/don/document.php b/htdocs/don/document.php index 0bd4edbc77b..374306bc7b0 100644 --- a/htdocs/don/document.php +++ b/htdocs/don/document.php @@ -188,7 +188,7 @@ if ($object->id) { print dol_get_fiche_end(); $modulepart = 'don'; - $permission = $user->rights->don->creer; + $permissiontoadd = $user->rights->don->creer; $permtoedit = $user->rights->don->creer; $param = '&id='.$object->id; include DOL_DOCUMENT_ROOT.'/core/tpl/document_actions_post_headers.tpl.php'; diff --git a/htdocs/don/stats/index.php b/htdocs/don/stats/index.php index 917e30edb50..23e6c0a46c0 100644 --- a/htdocs/don/stats/index.php +++ b/htdocs/don/stats/index.php @@ -42,8 +42,7 @@ if ($user->socid > 0) { $nowyear = strftime("%Y", dol_now()); $year = GETPOST('year') > 0 ?GETPOST('year') : $nowyear; -//$startyear=$year-2; -$startyear = $year - 1; +$startyear = $year - (empty($conf->global->MAIN_STATS_GRAPHS_SHOW_N_YEARS) ? 2 : max(1, min(10, $conf->global->MAIN_STATS_GRAPHS_SHOW_N_YEARS))); $endyear = $year; // Load translation files required by the page @@ -209,38 +208,37 @@ print dol_get_fiche_head($head, 'byyear', $langs->trans("Statistics"), -1); print '
    '; -//if (empty($socid)) -//{ - // Show filter box - print '
    '; - print ''; +// Show filter box +print ''; +print ''; - print ''; - print ''; - // Company - print ''; - // User - print ''; - // Year - print ''; +print ''; +print '
    '.$langs->trans("Filter").'
    '.$langs->trans("ThirdParty").''; - print $form->select_company($socid, 'socid', '', 1, 0, 0, array(), 0, '', 'style="width: 95%"'); - print '
    '.$langs->trans("CreatedBy").''; - print $form->select_dolusers($userid, 'userid', 1, '', 0, '', '', 0, 0, 0, '', 0, '', 'maxwidth300'); - print '
    '.$langs->trans("Year").''; +print ''; +print ''; +// Company +print ''; +// User +print ''; +// Year +print ''; - print ''; - print '
    '.$langs->trans("Filter").'
    '.$langs->trans("ThirdParty").''; +print img_picto('', 'company', 'class="pictofixedwidth"'); +print $form->select_company($socid, 'socid', '', 1, 0, 0, array(), 0, 'widthcentpercentminusx maxwidth300', ''); +print '
    '.$langs->trans("CreatedBy").''; +print img_picto('', 'user', 'class="pictofixedwidth"'); +print $form->select_dolusers($userid, 'userid', 1, '', 0, '', '', 0, 0, 0, '', 0, '', 'widthcentpercentminusx maxwidth300'); +print '
    '.$langs->trans("Year").''; if (!in_array($year, $arrayyears)) { $arrayyears[$year] = $year; } if (!in_array($nowyear, $arrayyears)) { $arrayyears[$nowyear] = $nowyear; } - arsort($arrayyears); - print $form->selectarray('year', $arrayyears, $year, 0); - print '
    '; - print ''; - print '

    '; -//} +arsort($arrayyears); +print $form->selectarray('year', $arrayyears, $year, 0); +print '
    '; +print ''; +print '

    '; print '
    '; print ''; diff --git a/htdocs/ecm/class/ecmdirectory.class.php b/htdocs/ecm/class/ecmdirectory.class.php index 52897e84b1a..c2961794bbc 100644 --- a/htdocs/ecm/class/ecmdirectory.class.php +++ b/htdocs/ecm/class/ecmdirectory.class.php @@ -196,7 +196,7 @@ class EcmDirectory extends CommonObject $sql .= " '".$this->db->escape($conf->entity)."',"; $sql .= " '".$this->db->escape($this->fk_parent)."',"; $sql .= " '".$this->db->escape($this->description)."',"; - $sql .= " ".$this->cachenbofdoc.","; + $sql .= " ".((int) $this->cachenbofdoc).","; $sql .= " '".$this->db->idate($this->date_c)."',"; $sql .= " '".$this->db->escape($this->fk_user_c)."'"; $sql .= ")"; diff --git a/htdocs/ecm/class/ecmfiles.class.php b/htdocs/ecm/class/ecmfiles.class.php index b292dd33429..035a7aee9c6 100644 --- a/htdocs/ecm/class/ecmfiles.class.php +++ b/htdocs/ecm/class/ecmfiles.class.php @@ -425,7 +425,7 @@ class EcmFiles extends CommonObject //$sql .= " AND t.entity = ".$conf->entity; // hashforshare already unique } elseif ($src_object_type && $src_object_id) { // Warning: May return several record, and only first one is returned ! - $sql .= " AND t.src_object_type ='".$this->db->escape($src_object_type)."' AND t.src_object_id = ".$this->db->escape($src_object_id); + $sql .= " AND t.src_object_type = '".$this->db->escape($src_object_type)."' AND t.src_object_id = ".((int) $src_object_id); $sql .= " AND t.entity = ".$conf->entity; } else { $sql .= ' AND t.rowid = '.((int) $id); // rowid already unique diff --git a/htdocs/ecm/dir_add_card.php b/htdocs/ecm/dir_add_card.php index 4cf557acde6..1416983e3a3 100644 --- a/htdocs/ecm/dir_add_card.php +++ b/htdocs/ecm/dir_add_card.php @@ -188,7 +188,7 @@ if ($action == 'add' && $permtoadd) { exit; } } -} elseif ($action == 'confirm_deletesection' && $confirm == 'yes') { +} elseif ($action == 'confirm_deletesection' && $confirm == 'yes' && $permtoadd) { // Deleting file $result = $ecmdir->delete($user); setEventMessages($langs->trans("ECMSectionWasRemoved", $ecmdir->label), null, 'mesgs'); diff --git a/htdocs/ecm/dir_card.php b/htdocs/ecm/dir_card.php index 4c93e005266..d84a7330e69 100644 --- a/htdocs/ecm/dir_card.php +++ b/htdocs/ecm/dir_card.php @@ -88,17 +88,23 @@ if ($module == 'ecm') { } // Permissions +$permtoread = 0; $permtoadd = 0; $permtoupload = 0; if ($module == 'ecm') { + $permtoread = $user->rights->ecm->read; $permtoadd = $user->rights->ecm->setup; $permtoupload = $user->rights->ecm->upload; } if ($module == 'medias') { + $permtoread = ($user->rights->mailing->lire || $user->rights->website->read); $permtoadd = ($user->rights->mailing->creer || $user->rights->website->write); $permtoupload = ($user->rights->mailing->creer || $user->rights->website->write); } +if (!$permtoread) { + accessforbidden(); +} /* @@ -106,7 +112,7 @@ if ($module == 'medias') { */ // Upload file -if (GETPOST("sendit") && !empty($conf->global->MAIN_UPLOAD_DOC)) { +if (GETPOST("sendit") && !empty($conf->global->MAIN_UPLOAD_DOC) && $permtoupload) { if (dol_mkdir($upload_dir) >= 0) { $resupload = dol_move_uploaded_file($_FILES['userfile']['tmp_name'], $upload_dir."/".dol_unescapefile($_FILES['userfile']['name']), 0, 0, $_FILES['userfile']['error']); if (is_numeric($resupload) && $resupload > 0) { @@ -131,7 +137,7 @@ if (GETPOST("sendit") && !empty($conf->global->MAIN_UPLOAD_DOC)) { } // Remove file -if ($action == 'confirm_deletefile' && $confirm == 'yes') { +if ($action == 'confirm_deletefile' && $confirm == 'yes' && $permtoupload) { $langs->load("other"); $file = $upload_dir."/".GETPOST('urlfile'); // Do not use urldecode here ($_GET and $_REQUEST are already decoded by PHP). $ret = dol_delete_file($file); @@ -145,7 +151,7 @@ if ($action == 'confirm_deletefile' && $confirm == 'yes') { } // Remove dir -if ($action == 'confirm_deletedir' && $confirm == 'yes') { +if ($action == 'confirm_deletedir' && $confirm == 'yes' && $permtoupload) { $backtourl = DOL_URL_ROOT."/ecm/index.php"; if ($module == 'medias') { $backtourl = DOL_URL_ROOT."/website/index.php?file_manager=1"; @@ -181,7 +187,7 @@ if ($action == 'confirm_deletedir' && $confirm == 'yes') { } // Update dirname or description -if ($action == 'update' && !GETPOST('cancel', 'alpha')) { +if ($action == 'update' && !GETPOST('cancel', 'alpha') && $permtoadd) { $error = 0; if ($module == 'ecm') { diff --git a/htdocs/ecm/file_card.php b/htdocs/ecm/file_card.php index 93885c2843a..14bc7e377f0 100644 --- a/htdocs/ecm/file_card.php +++ b/htdocs/ecm/file_card.php @@ -36,10 +36,6 @@ $action = GETPOST('action', 'aZ09'); $cancel = GETPOST('cancel', 'alpha'); $backtopage = GETPOST('backtopage', 'alpha'); -if (!$user->rights->ecm->setup) { - accessforbidden(); -} - // Get parameters $socid = GETPOST("socid", "int"); @@ -105,6 +101,14 @@ if ($result < 0) { exit; } +// Permissions +$permtoread = $user->rights->ecm->read; +$permtoadd = $user->rights->ecm->setup; +$permtoupload = $user->rights->ecm->upload; + +if (!$permtoread) { + accessforbidden(); +} /* @@ -123,7 +127,7 @@ if ($cancel) { } // Rename file -if ($action == 'update') { +if ($action == 'update' && $permtoadd) { $error = 0; $oldlabel = GETPOST('urlfile', 'alpha'); diff --git a/htdocs/ecm/file_note.php b/htdocs/ecm/file_note.php index d2f3f7b4792..505e432f982 100644 --- a/htdocs/ecm/file_note.php +++ b/htdocs/ecm/file_note.php @@ -22,7 +22,7 @@ /** * \file htdocs/ecm/file_note.php * \ingroup ecm - * \brief Fiche de notes sur une ecm file + * \brief Tab for notes on an ECM file */ require '../main.inc.php'; @@ -39,10 +39,6 @@ $ref = GETPOST('ref', 'alpha'); $socid = GETPOST('socid', 'int'); $action = GETPOST('action', 'aZ09'); -if (!$user->rights->ecm->setup) { - accessforbidden(); -} - // Get parameters $socid = GETPOST("socid", "int"); // Security check @@ -109,6 +105,13 @@ if ($result < 0) { $permissionnote = $user->rights->ecm->setup; // Used by the include of actions_setnotes.inc.php +$permtoread = $user->rights->ecm->read; + +if (!$permtoread) { + accessforbidden(); +} + + /* * Actions */ diff --git a/htdocs/ecm/index.php b/htdocs/ecm/index.php index 26bf242b0f2..3a8d33343c7 100644 --- a/htdocs/ecm/index.php +++ b/htdocs/ecm/index.php @@ -34,12 +34,6 @@ require_once DOL_DOCUMENT_ROOT.'/ecm/class/ecmdirectory.class.php'; // Load translation files required by the page $langs->loadLangs(array("ecm", "companies", "other", "users", "orders", "propal", "bills", "contracts")); -// Security check -if ($user->socid) { - $socid = $user->socid; -} -$result = restrictedArea($user, 'ecm', 0); - // Get parameters $socid = GETPOST('socid', 'int'); $action = GETPOST('action', 'aZ09'); @@ -81,6 +75,12 @@ $userstatic = new User($db); $error = 0; +// Security check +if ($user->socid) { + $socid = $user->socid; +} +$result = restrictedArea($user, 'ecm', 0); + /* * Actions diff --git a/htdocs/ecm/index_auto.php b/htdocs/ecm/index_auto.php index bcfff8aa2da..d54dcf14d1e 100644 --- a/htdocs/ecm/index_auto.php +++ b/htdocs/ecm/index_auto.php @@ -440,15 +440,13 @@ if (empty($action) || $action == 'file_manager' || preg_match('/refresh/i', $act continue; // If condition to show is ok } - $var = false; - print '"; @@ -447,6 +457,7 @@ if ($projectid > 0) { // -------------------------------------------------------------------- $sql = 'SELECT '; $sql .= $object->getFieldList('t'); + // Add fields from extrafields if (!empty($extrafields->attributes[$object->table_element]['label'])) { foreach ($extrafields->attributes[$object->table_element]['label'] as $key => $val) { @@ -791,6 +802,12 @@ while ($i < ($limit ? min($num, $limit) : $num)) { if (!$i) { $totalarray['pos'][$totalarray['nbfield']] = 't.'.$key; } + if (!isset($totalarray['val'])) { + $totalarray['val'] = array(); + } + if (!isset($totalarray['val']['t.'.$key])) { + $totalarray['val']['t.'.$key] = 0; + } $totalarray['val']['t.'.$key] += $object->$key; } } diff --git a/htdocs/eventorganization/conferenceorboothattendee_list.php b/htdocs/eventorganization/conferenceorboothattendee_list.php index e282da6a4d9..97748640f17 100644 --- a/htdocs/eventorganization/conferenceorboothattendee_list.php +++ b/htdocs/eventorganization/conferenceorboothattendee_list.php @@ -112,7 +112,7 @@ foreach ($object->fields as $key => $val) { // List of fields to search into when doing a "search in all" $fieldstosearchall = array(); foreach ($object->fields as $key => $val) { - if ($val['searchall']) { + if (!empty($val['searchall'])) { $fieldstosearchall['t.'.$key] = $val['label']; } } @@ -234,7 +234,7 @@ $reshook = $hookmanager->executeHooks('printFieldListSelect', $parameters, $obje $sql .= preg_replace('/^,/', '', $hookmanager->resPrint); $sql = preg_replace('/,\s*$/', '', $sql); $sql .= " FROM ".MAIN_DB_PREFIX.$object->table_element." as t"; -$sql .= " INNER JOIN ".MAIN_DB_PREFIX."actioncomm as a on a.id=t.fk_actioncomm AND a.id=".$confOrBooth->id; +$sql .= " INNER JOIN ".MAIN_DB_PREFIX."actioncomm as a on a.id=t.fk_actioncomm AND a.id=".((int) $confOrBooth->id); if (is_array($extrafields->attributes[$object->table_element]['label']) && count($extrafields->attributes[$object->table_element]['label'])) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX.$object->table_element."_extrafields as ef on (t.rowid = ef.fk_object)"; } @@ -788,6 +788,12 @@ while ($i < ($limit ? min($num, $limit) : $num)) { if (!$i) { $totalarray['pos'][$totalarray['nbfield']] = 't.'.$key; } + if (!isset($totalarray['val'])) { + $totalarray['val'] = array(); + } + if (!isset($totalarray['val']['t.'.$key])) { + $totalarray['val']['t.'.$key] = 0; + } $totalarray['val']['t.'.$key] += $object->$key; } } diff --git a/htdocs/expedition/card.php b/htdocs/expedition/card.php index cc441d9f50f..02ac007d30f 100644 --- a/htdocs/expedition/card.php +++ b/htdocs/expedition/card.php @@ -1982,7 +1982,7 @@ if ($action == 'create') { //if ($conf->delivery_note->enabled) $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."delivery as l ON l.fk_expedition = e.rowid LEFT JOIN ".MAIN_DB_PREFIX."deliverydet as ld ON ld.fk_delivery = l.rowid AND obj.rowid = ld.fk_origin_line"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."product as p ON obj.fk_product = p.rowid"; $sql .= " WHERE e.entity IN (".getEntity('expedition').")"; - $sql .= " AND obj.fk_".$origin." = ".$origin_id; + $sql .= " AND obj.fk_".$origin." = ".((int) $origin_id); $sql .= " AND obj.rowid = ed.fk_origin_line"; $sql .= " AND ed.fk_expedition = e.rowid"; //if ($filter) $sql.= $filter; @@ -2138,7 +2138,8 @@ if ($action == 'create') { // only show lot numbers from src warehouse when shipping from multiple warehouses $line->fetch($detail_batch->fk_expeditiondet); } - print ''; + $entrepot_id = !empty($detail_batch->entrepot_id)?$detail_batch->entrepot_id:$lines[$i]->entrepot_id; + print ''; print ''; } // add a 0 qty lot row to be able to add a lot diff --git a/htdocs/expedition/class/api_shipments.class.php b/htdocs/expedition/class/api_shipments.class.php index dcd619da76e..2a4b6765b4e 100644 --- a/htdocs/expedition/class/api_shipments.class.php +++ b/htdocs/expedition/class/api_shipments.class.php @@ -140,7 +140,7 @@ class Shipments extends DolibarrApi } // Insert sale filter if ($search_sale > 0) { - $sql .= " AND sc.fk_user = ".$search_sale; + $sql .= " AND sc.fk_user = ".((int) $search_sale); } // Add sql filters if ($sqlfilters) { diff --git a/htdocs/expedition/class/expedition.class.php b/htdocs/expedition/class/expedition.class.php index f7c5a1d32a8..ee7324a22c4 100644 --- a/htdocs/expedition/class/expedition.class.php +++ b/htdocs/expedition/class/expedition.class.php @@ -468,11 +468,11 @@ class Expedition extends CommonObject // phpcs:disable PEAR.NamingConventions.ValidFunctionName.ScopeNotCamelCaps /** - * Create the detail (eat-by date) of the expedition line + * Create the detail of the expedition line. Create 1 record into expeditiondet for each warehouse and n record for each lot in this warehouse into expeditiondet_batch. * - * @param object $line_ext full line informations + * @param object $line_ext Objet with full information of line. $line_ext->detail_batch must be an array of ExpeditionLineBatch * @param array $array_options extrafields array - * @return int <0 if KO, >0 if OK + * @return int <0 if KO, >0 if OK */ public function create_line_batch($line_ext, $array_options = 0) { @@ -496,7 +496,7 @@ class Expedition extends CommonObject // create shipment batch lines for stockLocation foreach ($tab as $detbatch) { if ($detbatch->entrepot_id == $stockLocation) { - if (!($detbatch->create($line_id) > 0)) { // Create an expeditionlinebatch + if (!($detbatch->create($line_id) > 0)) { // Create an ExpeditionLineBatch $error++; } } @@ -2125,7 +2125,7 @@ class Expedition extends CommonObject if (!empty($this->shipping_method_id)) { $sql = "SELECT em.code, em.tracking"; $sql .= " FROM ".MAIN_DB_PREFIX."c_shipment_mode as em"; - $sql .= " WHERE em.rowid = ".$this->shipping_method_id; + $sql .= " WHERE em.rowid = ".((int) $this->shipping_method_id); $resql = $this->db->query($sql); if ($resql) { @@ -2981,8 +2981,8 @@ class ExpeditionLigne extends CommonObjectLine // update line $sql = "UPDATE ".MAIN_DB_PREFIX.$this->table_element." SET"; $sql .= " fk_entrepot = ".($this->entrepot_id > 0 ? $this->entrepot_id : 'null'); - $sql .= " , qty = ".$qty; - $sql .= " WHERE rowid = ".$this->id; + $sql .= " , qty = ".((float) price2num($qty, 'MS')); + $sql .= " WHERE rowid = ".((int) $this->id); if (!$this->db->query($sql)) { $this->errors[] = $this->db->lasterror()." - sql=$sql"; diff --git a/htdocs/expedition/class/expeditionbatch.class.php b/htdocs/expedition/class/expeditionbatch.class.php index 736cfba6e42..03066869450 100644 --- a/htdocs/expedition/class/expeditionbatch.class.php +++ b/htdocs/expedition/class/expeditionbatch.class.php @@ -186,7 +186,7 @@ class ExpeditionLineBatch extends CommonObject } $sql .= " FROM ".MAIN_DB_PREFIX.self::$_table_element." as eb"; if ($fk_product > 0) { - $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."product_lot as pl ON pl.batch = eb.batch AND pl.fk_product = ".$fk_product; + $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."product_lot as pl ON pl.batch = eb.batch AND pl.fk_product = ".((int) $fk_product); } $sql .= " WHERE fk_expeditiondet=".(int) $id_line_expdet; diff --git a/htdocs/expedition/document.php b/htdocs/expedition/document.php index c392187d607..200a4b67aac 100644 --- a/htdocs/expedition/document.php +++ b/htdocs/expedition/document.php @@ -177,7 +177,7 @@ if ($id > 0 || !empty($ref)) { print dol_get_fiche_end(); $modulepart = 'expedition'; - $permission = $user->rights->expedition->creer; + $permissiontoadd = $user->rights->expedition->creer; $permtoedit = $user->rights->expedition->creer; $param = '&id='.$object->id; include DOL_DOCUMENT_ROOT.'/core/tpl/document_actions_post_headers.tpl.php'; diff --git a/htdocs/expedition/list.php b/htdocs/expedition/list.php index a1070d02ef1..5a110d33f2a 100644 --- a/htdocs/expedition/list.php +++ b/htdocs/expedition/list.php @@ -282,7 +282,7 @@ if ($search_user > 0) { } $sql .= " WHERE e.entity IN (".getEntity('expedition').")"; if ($search_product_category > 0) { - $sql .= " AND cp.fk_categorie = ".$search_product_category; + $sql .= " AND cp.fk_categorie = ".((int) $search_product_category); } if ($socid > 0) { $sql .= ' AND s.rowid = '.$socid; @@ -292,7 +292,7 @@ if (!$user->rights->societe->client->voir && !$socid) { // Internal user with no $sql .= " AND sc.fk_user = ".$user->id; } if ($socid) { - $sql .= " AND e.fk_soc = ".$socid; + $sql .= " AND e.fk_soc = ".((int) $socid); } if ($search_status <> '' && $search_status >= 0) { $sql .= " AND e.fk_statut = ".((int) $search_status); @@ -322,7 +322,7 @@ if ($search_type_thirdparty != '' && $search_type_thirdparty > 0) { $sql .= " AND s.fk_typent IN (".$db->sanitize($search_type_thirdparty).')'; } if ($search_sale > 0) { - $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".$search_sale; + $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $search_sale); } if ($search_user > 0) { // The contact on a shipment is also the contact of the order. @@ -353,7 +353,7 @@ if ($sall) { $sql .= natural_search(array_keys($fieldstosearchall), $sall); } if ($search_categ_cus > 0) { - $sql .= " AND cc.fk_categorie = ".$db->escape($search_categ_cus); + $sql .= " AND cc.fk_categorie = ".((int) $search_categ_cus); } if ($search_categ_cus == -2) { $sql .= " AND cc.fk_categorie IS NULL"; diff --git a/htdocs/expedition/shipment.php b/htdocs/expedition/shipment.php index 8f5903dd988..42b8630bd3c 100644 --- a/htdocs/expedition/shipment.php +++ b/htdocs/expedition/shipment.php @@ -626,7 +626,7 @@ if ($id > 0 || !empty($ref)) { $sql .= ' p.surface, p.surface_units, p.volume, p.volume_units'; $sql .= " FROM ".MAIN_DB_PREFIX."commandedet as cd"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."product as p ON cd.fk_product = p.rowid"; - $sql .= " WHERE cd.fk_commande = ".$object->id; + $sql .= " WHERE cd.fk_commande = ".((int) $object->id); $sql .= " ORDER BY cd.rang, cd.rowid"; //print $sql; diff --git a/htdocs/expedition/stats/index.php b/htdocs/expedition/stats/index.php index 6bdc495472c..42cac2d3c92 100644 --- a/htdocs/expedition/stats/index.php +++ b/htdocs/expedition/stats/index.php @@ -41,8 +41,7 @@ if ($user->socid > 0) { $nowyear = dol_print_date(dol_now(), "%Y"); $year = GETPOST('year') > 0 ?GETPOST('year') : $nowyear; -//$startyear=$year-2; -$startyear = $year - 1; +$startyear = $year - (empty($conf->global->MAIN_STATS_GRAPHS_SHOW_N_YEARS) ? 2 : max(1, min(10, $conf->global->MAIN_STATS_GRAPHS_SHOW_N_YEARS))); $endyear = $year; // Load translation files required by the page @@ -214,38 +213,37 @@ print dol_get_fiche_head($head, 'byyear', $langs->trans("Statistics"), -1); print '
    '; -//if (empty($socid)) -//{ - // Show filter box - print '
    '; - print ''; +// Show filter box +print ''; +print ''; - print '
    '.$langs->trans("EventOrganizationICSLink").''; - print ''; + // Define $urlwithroot + $urlwithouturlroot = preg_replace('/'.preg_quote(DOL_URL_ROOT, '/').'$/i', '', trim($dolibarr_main_url_root)); + $urlwithroot = $urlwithouturlroot.DOL_URL_ROOT; + + // Show message + $message = 'global->MAIN_AGENDA_XCAL_EXPORTKEY ?urlencode($conf->global->MAIN_AGENDA_XCAL_EXPORTKEY) : '...'); + $message .= "&project=".$projectid.'&module='.urlencode('@eventorganization').'&status='.ConferenceOrBooth::STATUS_CONFIRMED.'">'.$langs->trans('DownloadICSLink').''; + $message .= ''; + $message .= '
    '; + print $message; print "
    '.$formproduct->selectLotStock($detail_batch->fk_origin_stock, 'batchl'.$detail_batch->fk_expeditiondet.'_'.$detail_batch->fk_origin_stock, '', 1, 0, $lines[$i]->fk_product, $line->entrepot_id).''.$formproduct->selectLotStock($detail_batch->fk_origin_stock, 'batchl'.$detail_batch->fk_expeditiondet.'_'.$detail_batch->fk_origin_stock, '', 1, 0, $lines[$i]->fk_product, $entrepot_id).'
    '; - print ''; - // Company - print ''; - // User - print ''; - // Year - print ''; +print ''; +print '
    '.$langs->trans("Filter").'
    '.$langs->trans("ThirdParty").''; - print $form->select_company($socid, 'socid', '', 1, 0, 0, array(), 0, '', 'style="width: 95%"'); - print '
    '.$langs->trans("CreatedBy").''; - print $form->select_dolusers($userid, 'userid', 1, '', 0, '', '', 0, 0, 0, '', 0, '', 'maxwidth300'); - print '
    '.$langs->trans("Year").''; +print ''; +print ''; +// Company +print ''; +// User +print ''; +// Year +print ''; - print ''; - print '
    '.$langs->trans("Filter").'
    '.$langs->trans("ThirdParty").''; +print img_picto('', 'company', 'class="pictofixedwidth"'); +print $form->select_company($socid, 'socid', '', 1, 0, 0, array(), 0, 'widthcentpercentminusx maxwidth300', ''); +print '
    '.$langs->trans("CreatedBy").''; +print img_picto('', 'user', 'class="pictofixedwidth"'); +print $form->select_dolusers($userid, 'userid', 1, '', 0, '', '', 0, 0, 0, '', 0, '', 'widthcentpercentminusx maxwidth300'); +print '
    '.$langs->trans("Year").''; if (!in_array($year, $arrayyears)) { $arrayyears[$year] = $year; } if (!in_array($nowyear, $arrayyears)) { $arrayyears[$nowyear] = $nowyear; } - arsort($arrayyears); - print $form->selectarray('year', $arrayyears, $year, 0); - print '
    '; - print ''; - print '

    '; -//} +arsort($arrayyears); +print $form->selectarray('year', $arrayyears, $year, 0); +print '
    '; +print ''; +print '

    '; print '
    '; diff --git a/htdocs/expensereport/class/expensereport.class.php b/htdocs/expensereport/class/expensereport.class.php index be09b670d84..9592f9548af 100644 --- a/htdocs/expensereport/class/expensereport.class.php +++ b/htdocs/expensereport/class/expensereport.class.php @@ -3,7 +3,7 @@ * Copyright (C) 2015 Laurent Destailleur * Copyright (C) 2015 Alexandre Spangaro * Copyright (C) 2018 Nicolas ZABOURI - * Copyright (c) 2018 Frédéric France + * Copyright (c) 2018-2021 Frédéric France * Copyright (C) 2016-2020 Ferran Marcet * * This program is free software; you can redistribute it and/or modify @@ -990,9 +990,9 @@ class ExpenseReport extends CommonObject $total_ttc = $total_ht + $total_tva; $sql = "UPDATE ".MAIN_DB_PREFIX.$this->table_element." SET"; - $sql .= " total_ht = ".$total_ht; - $sql .= " , total_ttc = ".$total_ttc; - $sql .= " , total_tva = ".$total_tva; + $sql .= " total_ht = ".price2num($total_ht, 'MT'); + $sql .= " , total_ttc = ".price2num($total_ttc, 'MT'); + $sql .= " , total_tva = ".price2num($total_tva, 'MT'); $sql .= " WHERE rowid = ".((int) $id); $result = $this->db->query($sql); if ($result) : @@ -1645,6 +1645,7 @@ class ExpenseReport extends CommonObject * Return clicable name (with picto eventually) * * @param int $withpicto 0=No picto, 1=Include picto into link, 2=Only picto + * @param string $option Where point the link ('', 'document', ..) * @param int $max Max length of shown ref * @param int $short 1=Return just URL * @param string $moretitle Add more text to title tooltip @@ -1652,7 +1653,7 @@ class ExpenseReport extends CommonObject * @param int $save_lastsearch_value -1=Auto, 0=No save of lastsearch_values when clicking, 1=Save lastsearch_values whenclicking * @return string String with URL */ - public function getNomUrl($withpicto = 0, $max = 0, $short = 0, $moretitle = '', $notooltip = 0, $save_lastsearch_value = -1) + public function getNomUrl($withpicto = 0, $option = '', $max = 0, $short = 0, $moretitle = '', $notooltip = 0, $save_lastsearch_value = -1) { global $langs, $conf; @@ -1684,17 +1685,16 @@ class ExpenseReport extends CommonObject $label .= ' - '.$moretitle; } - //if ($option != 'nolink') - //{ - // Add param to save lastsearch_values or not + if ($option != 'nolink') { + // Add param to save lastsearch_values or not $add_save_lastsearch_values = ($save_lastsearch_value == 1 ? 1 : 0); - if ($save_lastsearch_value == -1 && preg_match('/list\.php/', $_SERVER["PHP_SELF"])) { - $add_save_lastsearch_values = 1; + if ($save_lastsearch_value == -1 && preg_match('/list\.php/', $_SERVER["PHP_SELF"])) { + $add_save_lastsearch_values = 1; + } + if ($add_save_lastsearch_values) { + $url .= '&save_lastsearch_values=1'; + } } - if ($add_save_lastsearch_values) { - $url .= '&save_lastsearch_values=1'; - } - //} $ref = $this->ref; if (empty($ref)) { @@ -1720,7 +1720,7 @@ class ExpenseReport extends CommonObject $result .= img_object(($notooltip ? '' : $label), $this->picto, ($notooltip ? (($withpicto != 2) ? 'class="paddingright"' : '') : 'class="'.(($withpicto != 2) ? 'paddingright ' : '').'classfortooltip"'), 0, 0, $notooltip ? 0 : 1); } if ($withpicto != 2) { - $result .= ($max ?dol_trunc($ref, $max) : $ref); + $result .= ($max ? dol_trunc($ref, $max) : $ref); } $result .= $linkend; @@ -2478,9 +2478,9 @@ class ExpenseReport extends CommonObject $now = dol_now(); if ($option == 'toapprove') { - return ($this->datevalid ? $this->datevalid : $this->date_valid) < ($now - $conf->expensereport->approve->warning_delay); + return (!empty($this->datevalid) ? $this->datevalid : $this->date_valid) < ($now - $conf->expensereport->approve->warning_delay); } else { - return ($this->datevalid ? $this->datevalid : $this->date_valid) < ($now - $conf->expensereport->payment->warning_delay); + return (!empty($this->datevalid) ? $this->datevalid : $this->date_valid) < ($now - $conf->expensereport->payment->warning_delay); } } @@ -2697,20 +2697,20 @@ class ExpenseReportLine $sql .= ' (fk_expensereport, fk_c_type_fees, fk_projet,'; $sql .= ' tva_tx, vat_src_code, comments, qty, value_unit, total_ht, total_tva, total_ttc, date, rule_warning_message, fk_c_exp_tax_cat, fk_ecm_files)'; $sql .= " VALUES (".$this->db->escape($this->fk_expensereport).","; - $sql .= " ".$this->db->escape($this->fk_c_type_fees).","; - $sql .= " ".$this->db->escape((!empty($this->fk_project) && $this->fk_project > 0) ? $this->fk_project : ((!empty($this->fk_projet) && $this->fk_projet > 0) ? $this->fk_projet : 'null')).","; - $sql .= " ".$this->db->escape($this->vatrate).","; + $sql .= " ".((int) $this->fk_c_type_fees).","; + $sql .= " ".((int) (!empty($this->fk_project) && $this->fk_project > 0) ? $this->fk_project : ((!empty($this->fk_projet) && $this->fk_projet > 0) ? $this->fk_projet : 'null')).","; + $sql .= " ".((float) $this->vatrate).","; $sql .= " '".$this->db->escape(empty($this->vat_src_code) ? '' : $this->vat_src_code)."',"; $sql .= " '".$this->db->escape($this->comments)."',"; - $sql .= " ".$this->db->escape($this->qty).","; - $sql .= " ".$this->db->escape($this->value_unit).","; - $sql .= " ".$this->db->escape($this->total_ht).","; - $sql .= " ".$this->db->escape($this->total_tva).","; - $sql .= " ".$this->db->escape($this->total_ttc).","; + $sql .= " ".((float) $this->qty).","; + $sql .= " ".((int) $this->value_unit).","; + $sql .= " ".price2num($this->total_ht).","; + $sql .= " ".price2num($this->total_tva).","; + $sql .= " ".price2num($this->total_ttc).","; $sql .= " '".$this->db->idate($this->date)."',"; $sql .= " ".(empty($this->rule_warning_message) ? 'null' : "'".$this->db->escape($this->rule_warning_message)."'").","; - $sql .= " ".$this->db->escape($this->fk_c_exp_tax_cat).","; - $sql .= " ".($this->fk_ecm_files > 0 ? $this->fk_ecm_files : 'null'); + $sql .= " ".((int) $this->fk_c_exp_tax_cat).","; + $sql .= " ".($this->fk_ecm_files > 0 ? ((int) $this->fk_ecm_files) : 'null'); $sql .= ")"; $resql = $this->db->query($sql); @@ -2811,30 +2811,30 @@ class ExpenseReportLine // Update line in database $sql = "UPDATE ".MAIN_DB_PREFIX."expensereport_det SET"; $sql .= " comments='".$this->db->escape($this->comments)."'"; - $sql .= ",value_unit=".$this->db->escape($this->value_unit); - $sql .= ",qty=".$this->db->escape($this->qty); + $sql .= ",value_unit = ".((float) $this->value_unit); + $sql .= ",qty=".((float) $this->qty); $sql .= ",date='".$this->db->idate($this->date)."'"; - $sql .= ",total_ht=".$this->db->escape($this->total_ht).""; - $sql .= ",total_tva=".$this->db->escape($this->total_tva).""; - $sql .= ",total_ttc=".$this->db->escape($this->total_ttc).""; - $sql .= ",tva_tx=".$this->db->escape($this->vatrate); + $sql .= ",total_ht=".((float) price2num($this->total_ht, 'MT')).""; + $sql .= ",total_tva=".((float) price2num($this->total_tva, 'MT')).""; + $sql .= ",total_ttc=".((float) price2num($this->total_ttc, 'MT')).""; + $sql .= ",tva_tx=".((float) $this->vatrate); $sql .= ",vat_src_code='".$this->db->escape($this->vat_src_code)."'"; $sql .= ",rule_warning_message='".$this->db->escape($this->rule_warning_message)."'"; $sql .= ",fk_c_exp_tax_cat=".$this->db->escape($this->fk_c_exp_tax_cat); - $sql .= ",fk_ecm_files=".($this->fk_ecm_files > 0 ? $this->fk_ecm_files : 'null'); + $sql .= ",fk_ecm_files=".($this->fk_ecm_files > 0 ? ((int) $this->fk_ecm_files) : 'null'); if ($this->fk_c_type_fees) { - $sql .= ",fk_c_type_fees=".$this->db->escape($this->fk_c_type_fees); + $sql .= ",fk_c_type_fees = ".((int) $this->fk_c_type_fees); } else { $sql .= ",fk_c_type_fees=null"; } if ($this->fk_project > 0) { - $sql .= ",fk_projet=".$this->db->escape($this->fk_project); + $sql .= ",fk_projet=".((int) $this->fk_project); } else { $sql .= ",fk_projet=null"; } - $sql .= " WHERE rowid = ".$this->db->escape($this->rowid ? $this->rowid : $this->id); + $sql .= " WHERE rowid = ".((int) ($this->rowid ? $this->rowid : $this->id)); - dol_syslog("ExpenseReportLine::update sql=".$sql); + dol_syslog("ExpenseReportLine::update"); $resql = $this->db->query($sql); if ($resql) { diff --git a/htdocs/expensereport/class/paymentexpensereport.class.php b/htdocs/expensereport/class/paymentexpensereport.class.php index c673316d491..a453b810e6a 100644 --- a/htdocs/expensereport/class/paymentexpensereport.class.php +++ b/htdocs/expensereport/class/paymentexpensereport.class.php @@ -168,7 +168,7 @@ class PaymentExpenseReport extends CommonObject $sql .= " fk_typepayment, num_payment, note, fk_user_creat, fk_bank)"; $sql .= " VALUES ($this->fk_expensereport, '".$this->db->idate($now)."',"; $sql .= " '".$this->db->idate($this->datepaid)."',"; - $sql .= " ".$totalamount.","; + $sql .= " ".price2num($totalamount).","; $sql .= " ".$this->fk_typepayment.", '".$this->db->escape($this->num_payment)."', '".$this->db->escape($this->note_public)."', ".$user->id.","; $sql .= " 0)"; diff --git a/htdocs/expensereport/document.php b/htdocs/expensereport/document.php index 147f0842e4c..d7ecea8fcc9 100644 --- a/htdocs/expensereport/document.php +++ b/htdocs/expensereport/document.php @@ -154,7 +154,7 @@ if ($object->id) { $modulepart = 'expensereport'; - $permission = $user->rights->expensereport->creer; + $permissiontoadd = $user->rights->expensereport->creer; $permtoedit = $user->rights->expensereport->creer; $param = '&id='.$object->id; include DOL_DOCUMENT_ROOT.'/core/tpl/document_actions_post_headers.tpl.php'; diff --git a/htdocs/expensereport/stats/index.php b/htdocs/expensereport/stats/index.php index 87bac2dde1a..5f8a9f628b5 100644 --- a/htdocs/expensereport/stats/index.php +++ b/htdocs/expensereport/stats/index.php @@ -55,8 +55,7 @@ $result = restrictedArea($user, 'expensereport', $id, ''); $nowyear = strftime("%Y", dol_now()); $year = GETPOST('year') > 0 ? GETPOST('year', 'int') : $nowyear; -//$startyear=$year-2; -$startyear = $year - 1; +$startyear = $year - (empty($conf->global->MAIN_STATS_GRAPHS_SHOW_N_YEARS) ? 2 : max(1, min(10, $conf->global->MAIN_STATS_GRAPHS_SHOW_N_YEARS))); $endyear = $year; @@ -225,7 +224,7 @@ print ''.$langs->tra // Company /* print ''.$langs->trans("ThirdParty").''; -print $form->select_company($socid,'socid','',1,1,0,array(),0,'','style="width: 95%"'); +print $form->select_company($socid,'socid','',1,1,0,array(),0,'widthcentpercentminusx maxwidth300',''); print ''; */ // User @@ -234,7 +233,8 @@ $include = ''; if (empty($user->rights->expensereport->readall) && empty($user->rights->expensereport->lire_tous)) { $include = 'hierarchy'; } -print $form->select_dolusers($userid, 'userid', 1, '', 0, $include, '', 0, 0, 0, '', 0, '', 'maxwidth300'); +print img_picto('', 'user', 'class="pictofixedwidth"'); +print $form->select_dolusers($userid, 'userid', 1, '', 0, $include, '', 0, 0, 0, '', 0, '', 'widthcentpercentminusx maxwidth300'); print ''; // Status print ''.$langs->trans("Status").''; @@ -251,7 +251,7 @@ if (!in_array($year, $arrayyears)) { arsort($arrayyears); print $form->selectarray('year', $arrayyears, $year, 0); print ''; -print ''; +print ''; print ''; print ''; print '

    '; @@ -274,8 +274,8 @@ foreach ($data as $val) { print ''; print ''.$oldyear.''; print '0'; - print '0'; - print '0'; + print '0'; + print '0'; print ''; } @@ -283,8 +283,8 @@ foreach ($data as $val) { print ''; print ''.$year.''; print ''.$val['nb'].''; - print ''.price(price2num($val['total'], 'MT'), 1).''; - print ''.price(price2num($val['avg'], 'MT'), 1).''; + print ''.price(price2num($val['total'], 'MT'), 1).''; + print ''.price(price2num($val['avg'], 'MT'), 1).''; print ''; $oldyear = $year; } diff --git a/htdocs/fichinter/card-rec.php b/htdocs/fichinter/card-rec.php index fb031d81583..44ff46b233c 100644 --- a/htdocs/fichinter/card-rec.php +++ b/htdocs/fichinter/card-rec.php @@ -388,7 +388,7 @@ if ($action == 'create') { $sql = 'SELECT l.rowid, l.description, l.duree'; $sql .= " FROM ".MAIN_DB_PREFIX."fichinterdet as l"; - $sql .= " WHERE l.fk_fichinter= ".$object->id; + $sql .= " WHERE l.fk_fichinter= ".((int) $object->id); //$sql.= " AND l.fk_product is null "; $sql .= " ORDER BY l.rang"; diff --git a/htdocs/fichinter/card.php b/htdocs/fichinter/card.php index 88c5a1cefc0..e138c8ed6fe 100644 --- a/htdocs/fichinter/card.php +++ b/htdocs/fichinter/card.php @@ -1546,8 +1546,9 @@ if ($action == 'create') { // Validate if ($object->statut == Fichinter::STATUS_DRAFT && (count($object->lines) > 0 || !empty($conf->global->FICHINTER_DISABLE_DETAILS))) { if ((empty($conf->global->MAIN_USE_ADVANCED_PERMS) && $user->rights->ficheinter->creer) || (!empty($conf->global->MAIN_USE_ADVANCED_PERMS) && $user->rights->ficheinter->ficheinter_advance->validate)) { - print '
    '.$langs->trans("Validate").'
    '; + print '
    '.$langs->trans("Validate").'
    '; + } else { + print '
    '.$langs->trans("Validate").'
    '; } } @@ -1582,7 +1583,7 @@ if ($action == 'create') { } } - // create intervention model + // Create intervention model if ($conf->global->MAIN_FEATURES_LEVEL >= 1 && $object->statut == Fichinter::STATUS_DRAFT && $user->rights->ficheinter->creer && (count($object->lines) > 0)) { print '
    '; print ''.$langs->trans("ChangeIntoRepeatableIntervention").''; diff --git a/htdocs/fichinter/class/fichinter.class.php b/htdocs/fichinter/class/fichinter.class.php index 1c1c1ab37be..0bb5d2522ab 100644 --- a/htdocs/fichinter/class/fichinter.class.php +++ b/htdocs/fichinter/class/fichinter.class.php @@ -57,7 +57,7 @@ class Fichinter extends CommonObject 'datee' =>array('type'=>'date', 'label'=>'Datee', 'enabled'=>1, 'visible'=>-1, 'position'=>90), 'datet' =>array('type'=>'date', 'label'=>'Datet', 'enabled'=>1, 'visible'=>-1, 'position'=>95), 'duree' =>array('type'=>'double', 'label'=>'Duree', 'enabled'=>1, 'visible'=>-1, 'position'=>100), - 'description' =>array('type'=>'text', 'label'=>'Description', 'enabled'=>1, 'visible'=>-1, 'position'=>105, 'showoncombobox'=>1), + 'description' =>array('type'=>'text', 'label'=>'Description', 'enabled'=>1, 'visible'=>-1, 'position'=>105, 'showoncombobox'=>2), 'note_private' =>array('type'=>'text', 'label'=>'NotePrivate', 'enabled'=>1, 'visible'=>0, 'position'=>110), 'note_public' =>array('type'=>'text', 'label'=>'NotePublic', 'enabled'=>1, 'visible'=>0, 'position'=>115), 'model_pdf' =>array('type'=>'varchar(255)', 'label'=>'Model pdf', 'enabled'=>1, 'visible'=>0, 'position'=>120), @@ -379,8 +379,8 @@ class Fichinter extends CommonObject $sql = "UPDATE ".MAIN_DB_PREFIX."fichinter SET "; $sql .= "description = '".$this->db->escape($this->description)."'"; - $sql .= ", duree = ".$this->duration; - $sql .= ", fk_projet = ".$this->fk_project; + $sql .= ", duree = ".((int) $this->duration); + $sql .= ", fk_projet = ".((int) $this->fk_project); $sql .= ", note_private = ".($this->note_private ? "'".$this->db->escape($this->note_private)."'" : "null"); $sql .= ", note_public = ".($this->note_public ? "'".$this->db->escape($this->note_public)."'" : "null"); $sql .= ", fk_user_modif = ".$user->id; @@ -1499,8 +1499,8 @@ class FichinterLigne extends CommonObjectLine $sql .= " VALUES (".$this->fk_fichinter.","; $sql .= " '".$this->db->escape($this->desc)."',"; $sql .= " '".$this->db->idate($this->datei)."',"; - $sql .= " ".$this->duration.","; - $sql .= ' '.$rangToUse; + $sql .= " ".((int) $this->duration).","; + $sql .= ' '.((int) $rangToUse); $sql .= ')'; dol_syslog("FichinterLigne::insert", LOG_DEBUG); diff --git a/htdocs/fichinter/document.php b/htdocs/fichinter/document.php index 576e6be0e5e..71f52212978 100644 --- a/htdocs/fichinter/document.php +++ b/htdocs/fichinter/document.php @@ -170,7 +170,7 @@ if ($object->id) { print dol_get_fiche_end(); $modulepart = 'ficheinter'; - $permission = $user->rights->ficheinter->creer; + $permissiontoadd = $user->rights->ficheinter->creer; $permtoedit = $user->rights->ficheinter->creer; $param = '&id='.$object->id; include DOL_DOCUMENT_ROOT.'/core/tpl/document_actions_post_headers.tpl.php'; diff --git a/htdocs/fichinter/list.php b/htdocs/fichinter/list.php index 8ddba32a661..f96b9e62f88 100644 --- a/htdocs/fichinter/list.php +++ b/htdocs/fichinter/list.php @@ -244,21 +244,21 @@ if (!empty($conf->projet->enabled)) { if (!empty($conf->contrat->enabled)) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."contrat as c on f.fk_contrat = c.rowid"; } - if (is_array($extrafields->attributes[$object->table_element]['label']) && count($extrafields->attributes[$object->table_element]['label'])) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX.$object->table_element."_extrafields as ef on (f.rowid = ef.fk_object)"; } if (empty($conf->global->FICHINTER_DISABLE_DETAILS) && $atleastonefieldinlines) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."fichinterdet as fd ON fd.fk_fichinter = f.rowid"; } + // Add table from hooks $parameters = array(); $reshook = $hookmanager->executeHooks('printFieldListFrom', $parameters, $object); // Note that $action and $object may have been modified by hook $sql .= $hookmanager->resPrint; + if (!$user->rights->societe->client->voir && empty($socid)) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } - $sql .= ", ".MAIN_DB_PREFIX."societe as s"; $sql .= " WHERE f.entity IN (".getEntity('intervention').")"; $sql .= " AND f.fk_soc = s.rowid"; @@ -572,6 +572,7 @@ if ($resql) { $total = 0; $i = 0; $totalarray = array(); + $totalarray['nbfield'] = 0; while ($i < min($num, $limit)) { $obj = $db->fetch_object($resql); diff --git a/htdocs/fichinter/stats/index.php b/htdocs/fichinter/stats/index.php index 29a5f9976b0..7a7adb639b3 100644 --- a/htdocs/fichinter/stats/index.php +++ b/htdocs/fichinter/stats/index.php @@ -44,8 +44,7 @@ if ($user->socid > 0) { $nowyear = strftime("%Y", dol_now()); $year = GETPOST('year') > 0 ? GETPOST('year', 'int') : $nowyear; -//$startyear=$year-2; -$startyear = $year - 1; +$startyear = $year - (empty($conf->global->MAIN_STATS_GRAPHS_SHOW_N_YEARS) ? 2 : max(1, min(10, $conf->global->MAIN_STATS_GRAPHS_SHOW_N_YEARS))); $endyear = $year; $object_status = GETPOST('object_status', 'intcomma'); @@ -211,48 +210,47 @@ print dol_get_fiche_head($head, 'byyear', $langs->trans("Statistics"), -1); print '
    '; -//if (empty($socid)) -//{ - // Show filter box - print '
    '; - print ''; - print ''; +// Show filter box +print ''; +print ''; +print ''; - print ''; - print ''; - // Company - print ''; - // User - print ''; +print ''; +print '
    '.$langs->trans("Filter").'
    '.$langs->trans("ThirdParty").''; - $filter = 's.client IN (1,2,3)'; - print $form->select_company($socid, 'socid', $filter, 1, 0, 0, array(), 0, '', 'style="width: 95%"'); - print '
    '.$langs->trans("CreatedBy").''; - print $form->select_dolusers($userid, 'userid', 1, '', 0, '', '', 0, 0, 0, '', 0, '', 'maxwidth300'); - // Status - print '
    '.$langs->trans("Status").''; - $tmp = $objectstatic->LibStatut(0); // To load $this->statuts_short - $liststatus = $objectstatic->statuts_short; +print ''; +print ''; +// Company +print ''; +// User +print ''; - // Year - print ''; +// Year +print ''; - print ''; - print '
    '.$langs->trans("Filter").'
    '.$langs->trans("ThirdParty").''; +$filter = 's.client IN (1,2,3)'; +print img_picto('', 'company', 'class="pictofixedwidth"'); +print $form->select_company($socid, 'socid', $filter, 1, 0, 0, array(), 0, 'widthcentpercentminusx maxwidth300', ''); +print '
    '.$langs->trans("CreatedBy").''; +print img_picto('', 'user', 'class="pictofixedwidth"'); +print $form->select_dolusers($userid, 'userid', 1, '', 0, '', '', 0, 0, 0, '', 0, '', 'widthcentpercentminusx maxwidth300'); +// Status +print '
    '.$langs->trans("Status").''; +$tmp = $objectstatic->LibStatut(0); // To force load of $this->statuts_short +$liststatus = $objectstatic->statuts_short; if (empty($conf->global->FICHINTER_CLASSIFY_BILLED)) { unset($liststatus[2]); // Option deprecated. In a future, billed must be managed with a dedicated field to 0 or 1 } - print $form->selectarray('object_status', $liststatus, $object_status, 1, 0, 0, '', 1); - print '
    '.$langs->trans("Year").''; +print $form->selectarray('object_status', $liststatus, $object_status, 1, 0, 0, '', 1); +print '
    '.$langs->trans("Year").''; if (!in_array($year, $arrayyears)) { $arrayyears[$year] = $year; } if (!in_array($nowyear, $arrayyears)) { $arrayyears[$nowyear] = $nowyear; } - arsort($arrayyears); - print $form->selectarray('year', $arrayyears, $year, 0); - print '
    '; - print ''; - print '

    '; -//} +arsort($arrayyears); +print $form->selectarray('year', $arrayyears, $year, 0); +print '
    '; +print ''; +print '

    '; print '
    '; print ''; diff --git a/htdocs/filefunc.inc.php b/htdocs/filefunc.inc.php index 2c7795b9ac8..777fde21885 100644 --- a/htdocs/filefunc.inc.php +++ b/htdocs/filefunc.inc.php @@ -349,7 +349,7 @@ if ((!empty($dolibarr_main_db_pass) && preg_match('/crypted:/i', $dolibarr_main_ if (!empty($dolibarr_main_db_pass) && preg_match('/crypted:/i', $dolibarr_main_db_pass)) { $dolibarr_main_db_pass = preg_replace('/crypted:/i', '', $dolibarr_main_db_pass); $dolibarr_main_db_pass = dol_decode($dolibarr_main_db_pass); - $dolibarr_main_db_encrypted_pass = $dolibarr_main_db_pass; // We need to set this as it is used to know the password was initially crypted + $dolibarr_main_db_encrypted_pass = $dolibarr_main_db_pass; // We need to set this so we can use it later to know the password was initially crypted } else { $dolibarr_main_db_pass = dol_decode($dolibarr_main_db_encrypted_pass); } diff --git a/htdocs/fourn/card.php b/htdocs/fourn/card.php index 90934062910..866fd31318e 100644 --- a/htdocs/fourn/card.php +++ b/htdocs/fourn/card.php @@ -592,7 +592,7 @@ if ($object->id > 0) { $sql .= " WHERE p.fk_soc =".$object->id; $sql .= " AND p.entity IN (".getEntity('supplier_proposal').")"; $sql .= " ORDER BY p.date_valid DESC"; - $sql .= " ".$db->plimit($MAXLIST); + $sql .= $db->plimit($MAXLIST); $resql = $db->query($sql); if ($resql) { @@ -694,7 +694,8 @@ if ($object->id > 0) { $sql .= " WHERE p.fk_soc =".$object->id; $sql .= " AND p.entity IN (".getEntity('commande_fournisseur').")"; $sql .= " ORDER BY p.date_commande DESC"; - $sql .= " ".$db->plimit($MAXLIST); + $sql .= $db->plimit($MAXLIST); + $resql = $db->query($sql); if ($resql) { $i = 0; @@ -842,9 +843,9 @@ if ($object->id > 0) { if ($user->rights->fournisseur->commande->creer || $user->rights->supplier_order->creer) { $langs->load("orders"); if ($object->status == 1) { - print ''.$langs->trans("AddOrder").''; + print ''.$langs->trans("AddSupplierOrderShort").''; } else { - print ''.$langs->trans("AddOrder").''; + print ''.$langs->trans("AddSupplierOrderShort").''; } } diff --git a/htdocs/fourn/class/api_supplier_invoices.class.php b/htdocs/fourn/class/api_supplier_invoices.class.php index 34939bb599a..df1bf36b723 100644 --- a/htdocs/fourn/class/api_supplier_invoices.class.php +++ b/htdocs/fourn/class/api_supplier_invoices.class.php @@ -155,7 +155,7 @@ class SupplierInvoices extends DolibarrApi } // Insert sale filter if ($search_sale > 0) { - $sql .= " AND sc.fk_user = ".$search_sale; + $sql .= " AND sc.fk_user = ".((int) $search_sale); } // Add sql filters if ($sqlfilters) { diff --git a/htdocs/fourn/class/api_supplier_orders.class.php b/htdocs/fourn/class/api_supplier_orders.class.php index 09c9209629f..d4eedcd0fd9 100644 --- a/htdocs/fourn/class/api_supplier_orders.class.php +++ b/htdocs/fourn/class/api_supplier_orders.class.php @@ -171,7 +171,7 @@ class SupplierOrders extends DolibarrApi } // Insert sale filter if ($search_sale > 0) { - $sql .= " AND sc.fk_user = ".$search_sale; + $sql .= " AND sc.fk_user = ".((int) $search_sale); } // Add sql filters if ($sqlfilters) { diff --git a/htdocs/fourn/class/fournisseur.commande.class.php b/htdocs/fourn/class/fournisseur.commande.class.php index d094916ef38..daa943ffee9 100644 --- a/htdocs/fourn/class/fournisseur.commande.class.php +++ b/htdocs/fourn/class/fournisseur.commande.class.php @@ -156,6 +156,8 @@ class CommandeFournisseur extends CommonOrder public $user_approve_id; public $user_approve_id2; // Used when SUPPLIER_ORDER_3_STEPS_TO_BE_APPROVED is set + public $refuse_note; + public $extraparams = array(); /** @@ -695,7 +697,7 @@ class CommandeFournisseur extends CommonOrder public function LibStatut($status, $mode = 0, $billed = 0) { // phpcs:enable - global $conf, $langs; + global $conf, $langs, $hookmanager; if (empty($this->statuts) || empty($this->statutshort)) { $langs->load('orders'); @@ -754,6 +756,11 @@ class CommandeFournisseur extends CommonOrder $statusLong = $langs->transnoentitiesnoconv($this->statuts[$status]).$billedtext; $statusShort = $langs->transnoentitiesnoconv($this->statutshort[$status]); + $parameters = array('status' => $status, 'mode' => $mode, 'billed' => $billed); + $reshook = $hookmanager->executeHooks('LibStatut', $parameters, $this); // Note that $action and $object may have been modified by hook + if ($reshook > 0) { + return $hookmanager->resPrint; + } return dolGetStatus($statusLong, $statusShort, '', $statusClass, $mode); } @@ -3051,7 +3058,7 @@ class CommandeFournisseur extends CommonOrder if ($this->methode_commande_id > 0) { $sql = "SELECT rowid, code, libelle as label"; $sql .= " FROM ".MAIN_DB_PREFIX.'c_input_method'; - $sql .= " WHERE active=1 AND rowid = ".$this->db->escape($this->methode_commande_id); + $sql .= " WHERE active=1 AND rowid = ".((int) $this->methode_commande_id); $resql = $this->db->query($sql); if ($resql) { @@ -3674,19 +3681,19 @@ class CommandeFournisseurLigne extends CommonOrderLine $sql .= "'".$this->db->escape($this->rang)."',"; $sql .= "'".$this->db->escape($this->qty)."', "; $sql .= " ".(empty($this->vat_src_code) ? "''" : "'".$this->db->escape($this->vat_src_code)."'").","; - $sql .= " ".$this->tva_tx.", "; - $sql .= " ".$this->localtax1_tx.","; - $sql .= " ".$this->localtax2_tx.","; + $sql .= " ".price2num($this->tva_tx).", "; + $sql .= " ".price2num($this->localtax1_tx).","; + $sql .= " ".price2num($this->localtax2_tx).","; $sql .= " '".$this->db->escape($this->localtax1_type)."',"; $sql .= " '".$this->db->escape($this->localtax2_type)."',"; - $sql .= " ".$this->remise_percent.", ".price2num($this->subprice, 'MU').", '".$this->db->escape($this->ref_supplier)."',"; + $sql .= " ".((float) $this->remise_percent).", ".price2num($this->subprice, 'MU').", '".$this->db->escape($this->ref_supplier)."',"; $sql .= " ".price2num($this->total_ht).","; $sql .= " ".price2num($this->total_tva).","; $sql .= " ".price2num($this->total_localtax1).","; $sql .= " ".price2num($this->total_localtax2).","; $sql .= " ".price2num($this->total_ttc).","; $sql .= ($this->fk_unit ? "'".$this->db->escape($this->fk_unit)."'" : "null"); - $sql .= ", ".($this->fk_multicurrency ? $this->fk_multicurrency : "null"); + $sql .= ", ".($this->fk_multicurrency ? ((int) $this->fk_multicurrency) : "null"); $sql .= ", '".$this->db->escape($this->multicurrency_code)."'"; $sql .= ", ".($this->multicurrency_subprice ? price2num($this->multicurrency_subprice) : '0'); $sql .= ", ".($this->multicurrency_total_ht ? price2num($this->multicurrency_total_ht) : '0'); diff --git a/htdocs/fourn/class/fournisseur.commande.dispatch.class.php b/htdocs/fourn/class/fournisseur.commande.dispatch.class.php index 0f8b8341a3d..5457a9ee376 100644 --- a/htdocs/fourn/class/fournisseur.commande.dispatch.class.php +++ b/htdocs/fourn/class/fournisseur.commande.dispatch.class.php @@ -333,7 +333,6 @@ class CommandeFournisseurDispatch extends CommonObject */ public function update($user, $notrigger = 0) { - global $conf, $langs; $error = 0; // Clean parameters @@ -411,12 +410,12 @@ class CommandeFournisseurDispatch extends CommonObject } if (!$notrigger) { - // Uncomment this and change MYOBJECT to your own tag if you + // Call triggers $result = $this->call_trigger('LINERECEPTION_UPDATE', $user); if ($result < 0) { $error++; } - //// End call triggers + // End call triggers } } @@ -444,24 +443,22 @@ class CommandeFournisseurDispatch extends CommonObject */ public function delete($user, $notrigger = 0) { - global $conf, $langs; $error = 0; $this->db->begin(); if (!$error) { if (!$notrigger) { - // Uncomment this and change MYOBJECT to your own tag if you - // want this action calls a trigger. - - //// Call triggers - //$result=$this->call_trigger('MYOBJECT_DELETE',$user); - //if ($result < 0) { $error++; //Do also what you must do to rollback action if trigger fail} - //// End call triggers + // Call triggers + $result = $this->call_trigger('LINERECEPTION_DELETE', $user); + if ($result < 0) { + $error++; + } + // End call triggers } } - // Remove extrafields + // Remove extrafields if (!$error) { $result = $this->deleteExtraFields(); if ($result < 0) { @@ -496,7 +493,6 @@ class CommandeFournisseurDispatch extends CommonObject } - /** * Load an object from its id and create a new one in database * diff --git a/htdocs/fourn/class/fournisseur.facture.class.php b/htdocs/fourn/class/fournisseur.facture.class.php index 8586e0fc623..f5840712807 100644 --- a/htdocs/fourn/class/fournisseur.facture.class.php +++ b/htdocs/fourn/class/fournisseur.facture.class.php @@ -214,6 +214,11 @@ class FactureFournisseur extends CommonInvoice public $mode_reglement_id; public $mode_reglement_code; + /** + * @var int transport mode id + */ + public $transport_mode_id; + public $extraparams = array(); /** @@ -670,6 +675,7 @@ class FactureFournisseur extends CommonInvoice $sql .= ' s.nom as socnom, s.rowid as socid,'; $sql .= ' t.fk_incoterms, t.location_incoterms,'; $sql .= " i.libelle as label_incoterms,"; + $sql .= ' t.fk_transport_mode,'; $sql .= ' t.fk_multicurrency, t.multicurrency_code, t.multicurrency_tx, t.multicurrency_total_ht, t.multicurrency_total_tva, t.multicurrency_total_ttc'; $sql .= ' FROM '.MAIN_DB_PREFIX.'facture_fourn as t'; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON (t.fk_soc = s.rowid)"; @@ -742,14 +748,15 @@ class FactureFournisseur extends CommonInvoice $this->fk_incoterms = $obj->fk_incoterms; $this->location_incoterms = $obj->location_incoterms; $this->label_incoterms = $obj->label_incoterms; + $this->transport_mode_id = $obj->fk_transport_mode; // Multicurrency - $this->fk_multicurrency = $obj->fk_multicurrency; + $this->fk_multicurrency = $obj->fk_multicurrency; $this->multicurrency_code = $obj->multicurrency_code; - $this->multicurrency_tx = $obj->multicurrency_tx; + $this->multicurrency_tx = $obj->multicurrency_tx; $this->multicurrency_total_ht = $obj->multicurrency_total_ht; - $this->multicurrency_total_tva = $obj->multicurrency_total_tva; - $this->multicurrency_total_ttc = $obj->multicurrency_total_ttc; + $this->multicurrency_total_tva = $obj->multicurrency_total_tva; + $this->multicurrency_total_ttc = $obj->multicurrency_total_ttc; $this->extraparams = (array) json_decode($obj->extraparams, true); @@ -1361,7 +1368,7 @@ class FactureFournisseur extends CommonInvoice } $sql .= ', fk_user_closing = '.$user->id; $sql .= ", date_closing = '".$this->db->idate($now)."'"; - $sql .= ' WHERE rowid = '.$this->id; + $sql .= ' WHERE rowid = '.((int) $this->id); $resql = $this->db->query($sql); if ($resql) { @@ -1417,18 +1424,17 @@ class FactureFournisseur extends CommonInvoice */ public function setUnpaid($user) { - global $conf, $langs; $error = 0; $this->db->begin(); $sql = 'UPDATE '.MAIN_DB_PREFIX.'facture_fourn'; - $sql .= ' SET paye=0, fk_statut='.self::STATUS_VALIDATED.', close_code=null, close_note=null'; + $sql .= ' SET paye=0, fk_statut='.self::STATUS_VALIDATED.', close_code=null, close_note=null,'; $sql .= ' date_closing=null,'; $sql .= ' fk_user_closing=null'; - $sql .= ' WHERE rowid = '.$this->id; + $sql .= ' WHERE rowid = '.((int) $this->id); - dol_syslog("FactureFournisseur::set_unpaid", LOG_DEBUG); + dol_syslog(get_class($this)."::set_unpaid", LOG_DEBUG); $resql = $this->db->query($sql); if ($resql) { // Call trigger @@ -3395,7 +3401,7 @@ class SupplierInvoiceLine extends CommonObjectLine $sql .= ", pu_ttc = ".price2num($this->pu_ttc); $sql .= ", qty = ".price2num($this->qty); $sql .= ", remise_percent = ".price2num($this->remise_percent); - if ($this->fk_remise_except) $sql.= ", fk_remise_except=".$this->fk_remise_except; + if ($this->fk_remise_except) $sql.= ", fk_remise_except=".((int) $this->fk_remise_except); else $sql.= ", fk_remise_except=null"; $sql .= ", vat_src_code = '".$this->db->escape(empty($this->vat_src_code) ? '' : $this->vat_src_code)."'"; $sql .= ", tva_tx = ".price2num($this->tva_tx); @@ -3408,10 +3414,10 @@ class SupplierInvoiceLine extends CommonObjectLine $sql .= ", total_localtax1= ".price2num($this->total_localtax1); $sql .= ", total_localtax2= ".price2num($this->total_localtax2); $sql .= ", total_ttc = ".price2num($this->total_ttc); - $sql .= ", fk_product = ".$fk_product; - $sql .= ", product_type = ".$this->product_type; - $sql .= ", info_bits = ".$this->info_bits; - $sql .= ", fk_unit = ".$fk_unit; + $sql .= ", fk_product = ".((int) $fk_product); + $sql .= ", product_type = ".((int) $this->product_type); + $sql .= ", info_bits = ".((int) $this->info_bits); + $sql .= ", fk_unit = ".($fk_unit > 0 ? (int) $fk_unit : 'null'); // Multicurrency $sql .= " , multicurrency_subprice=".price2num($this->multicurrency_subprice).""; @@ -3419,7 +3425,7 @@ class SupplierInvoiceLine extends CommonObjectLine $sql .= " , multicurrency_total_tva=".price2num($this->multicurrency_total_tva).""; $sql .= " , multicurrency_total_ttc=".price2num($this->multicurrency_total_ttc).""; - $sql .= " WHERE rowid = ".$this->id; + $sql .= " WHERE rowid = ".((int) $this->id); dol_syslog(get_class($this)."::update", LOG_DEBUG); $resql = $this->db->query($sql); @@ -3578,17 +3584,17 @@ class SupplierInvoiceLine extends CommonObjectLine $sql .= " '".$this->db->escape($this->localtax1_type)."',"; $sql .= " '".$this->db->escape($this->localtax2_type)."',"; $sql .= ' '.(!empty($this->fk_product) ? $this->fk_product : "null").','; - $sql .= " ".$this->product_type.","; + $sql .= " ".((int) $this->product_type).","; $sql .= " ".price2num($this->remise_percent).","; - $sql .= ' '.(! empty($this->fk_remise_except)?$this->fk_remise_except:"null").','; + $sql .= ' '.(! empty($this->fk_remise_except) ? ((int) $this->fk_remise_except) : "null").','; $sql .= " ".price2num($this->subprice).","; $sql .= " ".(!empty($this->qty) ?price2num($this->total_ttc / $this->qty) : price2num($this->total_ttc)).","; $sql .= " ".(!empty($this->date_start) ? "'".$this->db->idate($this->date_start)."'" : "null").","; $sql .= " ".(!empty($this->date_end) ? "'".$this->db->idate($this->date_end)."'" : "null").","; $sql .= ' '.(!empty($this->fk_code_ventilation) ? $this->fk_code_ventilation : 0).','; - $sql .= ' '.$this->rang.','; - $sql .= ' '.$this->special_code.','; - $sql .= " '".$this->db->escape($this->info_bits)."',"; + $sql .= ' '.((int) $this->rang).','; + $sql .= ' '.((int) $this->special_code).','; + $sql .= " ".((int) $this->info_bits)."',"; $sql .= " ".price2num($this->total_ht).","; $sql .= " ".price2num($this->total_tva).","; $sql .= " ".price2num($this->total_ttc).","; diff --git a/htdocs/fourn/class/fournisseur.product.class.php b/htdocs/fourn/class/fournisseur.product.class.php index 21b4ec377a2..3eaed8d27b8 100644 --- a/htdocs/fourn/class/fournisseur.product.class.php +++ b/htdocs/fourn/class/fournisseur.product.class.php @@ -455,28 +455,28 @@ class ProductFournisseur extends Product $sql .= (isset($fk_multicurrency) ? "'".$this->db->escape($fk_multicurrency)."'" : 'null').","; $sql .= (isset($multicurrency_code) ? "'".$this->db->escape($multicurrency_code)."'" : 'null').","; $sql .= " '".$this->db->idate($now)."',"; - $sql .= " ".$this->id.","; - $sql .= " ".$fourn->id.","; + $sql .= " ".((int) $this->id).","; + $sql .= " ".((int) $fourn->id).","; $sql .= " '".$this->db->escape($ref_fourn)."',"; $sql .= " '".$this->db->escape($desc_fourn)."',"; $sql .= " ".$user->id.","; - $sql .= " ".$buyprice.","; - $sql .= " ".$qty.","; - $sql .= " ".$remise_percent.","; - $sql .= " ".$remise.","; - $sql .= " ".$unitBuyPrice.","; - $sql .= " ".$tva_tx.","; - $sql .= " ".$charges.","; - $sql .= " ".$availability.","; + $sql .= " ".price2num($buyprice).","; + $sql .= " ".((float) $qty).","; + $sql .= " ".((float) $remise_percent).","; + $sql .= " ".((float) $remise).","; + $sql .= " ".price2num($unitBuyPrice).","; + $sql .= " ".price2num($tva_tx).","; + $sql .= " ".price2num($charges).","; + $sql .= " ".((int) $availability).","; $sql .= " ".($newdefaultvatcode ? "'".$this->db->escape($newdefaultvatcode)."'" : "null").","; - $sql .= " ".$newnpr.","; + $sql .= " ".((int) $newnpr).","; $sql .= $conf->entity.","; - $sql .= ($delivery_time_days != '' ? $delivery_time_days : 'null').","; + $sql .= ($delivery_time_days != '' ? ((int) $delivery_time_days) : 'null').","; $sql .= (empty($supplier_reputation) ? 'NULL' : "'".$this->db->escape($supplier_reputation)."'").","; $sql .= (empty($barcode) ? 'NULL' : "'".$this->db->escape($barcode)."'").","; $sql .= (empty($fk_barcode_type) ? 'NULL' : "'".$this->db->escape($fk_barcode_type)."'"); if (!empty($conf->global->PRODUCT_USE_SUPPLIER_PACKAGING)) { - $sql .= ", ".(empty($this->packaging) ? 1 : $this->db->escape($this->packaging)); + $sql .= ", ".(empty($this->packaging) ? '1' : "'".$this->db->escape($this->packaging)."'"); } $sql .= ")"; @@ -789,14 +789,14 @@ class ProductFournisseur extends Product $sql .= " FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."product_fournisseur_price as pfp"; $sql .= " WHERE s.entity IN (".getEntity('societe').")"; $sql .= " AND pfp.entity = ".$conf->entity; // only current entity - $sql .= " AND pfp.fk_product = ".$prodid; + $sql .= " AND pfp.fk_product = ".((int) $prodid); $sql .= " AND pfp.fk_soc = s.rowid"; $sql .= " AND s.status = 1"; // only enabled society if ($qty > 0) { - $sql .= " AND pfp.quantity <= ".$qty; + $sql .= " AND pfp.quantity <= ".((float) $qty); } if ($socid > 0) { - $sql .= ' AND pfp.fk_soc = '.$socid; + $sql .= ' AND pfp.fk_soc = '.((int) $socid); } dol_syslog(get_class($this)."::find_min_price_product_fournisseur", LOG_DEBUG); @@ -1001,7 +1001,7 @@ class ProductFournisseur extends Product $sql .= " WHERE pfp.entity IN (".getEntity('productprice').")"; $sql .= " AND pfpl.fk_user = u.rowid"; $sql .= " AND pfp.rowid = pfpl.fk_product_fournisseur"; - $sql .= " AND pfpl.fk_product_fournisseur = ".$product_fourn_price_id; + $sql .= " AND pfpl.fk_product_fournisseur = ".((int) $product_fourn_price_id); if (empty($sortfield)) { $sql .= " ORDER BY pfpl.datec"; } else { @@ -1253,10 +1253,10 @@ class ProductFournisseur extends Product $sql .= (isset($fk_multicurrency) ? "'".$this->db->escape($fk_multicurrency)."'" : 'null').","; $sql .= (isset($multicurrency_code) ? "'".$this->db->escape($multicurrency_code)."'" : 'null').","; $sql .= "'".$this->db->idate($datec)."',"; - $sql .= " ".$this->product_fourn_price_id.","; + $sql .= " ".((int) $this->product_fourn_price_id).","; $sql .= " ".$user->id.","; $sql .= " ".price2num($buyprice).","; - $sql .= " ".$qty; + $sql .= " ".price2num($qty); $sql .= ")"; $resql = $this->db->query($sql); diff --git a/htdocs/fourn/commande/card.php b/htdocs/fourn/commande/card.php index 9c201497566..44a712969c1 100644 --- a/htdocs/fourn/commande/card.php +++ b/htdocs/fourn/commande/card.php @@ -70,8 +70,6 @@ $socid = GETPOST('socid', 'int'); $projectid = GETPOST('projectid', 'int'); $cancel = GETPOST('cancel', 'alpha'); $lineid = GETPOST('lineid', 'int'); - -$lineid = GETPOST('lineid', 'int'); $origin = GETPOST('origin', 'alpha'); $originid = (GETPOST('originid', 'int') ? GETPOST('originid', 'int') : GETPOST('origin_id', 'int')); // For backward compatibility @@ -960,6 +958,9 @@ if (empty($reshook)) { } if ($action == 'confirm_refuse' && $confirm == 'yes' && $usercanapprove) { + if (GETPOST('refuse_note')) { + $object->refuse_note = GETPOST('refuse_note'); + } $result = $object->refuse($user); if ($result > 0) { header("Location: ".$_SERVER["PHP_SELF"]."?id=".$object->id); @@ -1256,6 +1257,8 @@ if (empty($reshook)) { $tva_tx = get_default_tva($soc, $mysoc, $lines[$i]->fk_product, $product_fourn_price_id); } + $object->special_code = $lines[$i]->special_code; + $result = $object->addline( $desc, $lines[$i]->subprice, @@ -1873,7 +1876,16 @@ if ($action == 'create') { // Confirmation de la desapprobation if ($action == 'refuse') { - $formconfirm = $form->formconfirm($_SERVER['PHP_SELF']."?id=$object->id", $langs->trans("DenyingThisOrder"), $langs->trans("ConfirmDenyingThisOrder", $object->ref), "confirm_refuse", '', 0, 1); + $formquestion = array( + array( + 'type' => 'text', + 'name' => 'refuse_note', + 'label' => $langs->trans("MotifCP"), + 'value' => '', + 'morecss' => 'minwidth300' + ) + ); + $formconfirm = $form->formconfirm($_SERVER['PHP_SELF']."?id=$object->id", $langs->trans("DenyingThisOrder"), $langs->trans("ConfirmDenyingThisOrder", $object->ref), "confirm_refuse", $formquestion, 0, 1); } // Confirmation de l'annulation diff --git a/htdocs/fourn/commande/dispatch.php b/htdocs/fourn/commande/dispatch.php index 4b8812cf22e..2c847b9a421 100644 --- a/htdocs/fourn/commande/dispatch.php +++ b/htdocs/fourn/commande/dispatch.php @@ -443,7 +443,7 @@ if ($action == 'updateline' && $user->rights->fournisseur->commande->receptionne $product = $supplierorderdispatch->fk_product; $price = price2num(GETPOST('price'), '', 2); $comment = $supplierorderdispatch->comment; - $eatby = $supplierorderdispatch->fk_product; + $eatby = $supplierorderdispatch->eatby; $sellby = $supplierorderdispatch->sellby; $batch = $supplierorderdispatch->batch; diff --git a/htdocs/fourn/commande/document.php b/htdocs/fourn/commande/document.php index 5bb8baf4879..c38751fc138 100644 --- a/htdocs/fourn/commande/document.php +++ b/htdocs/fourn/commande/document.php @@ -178,7 +178,7 @@ if ($object->id > 0) { $modulepart = 'commande_fournisseur'; - $permission = ($user->rights->fournisseur->commande->creer || $user->rights->supplier_order->creer); + $permissiontoadd = ($user->rights->fournisseur->commande->creer || $user->rights->supplier_order->creer); $permtoedit = ($user->rights->fournisseur->commande->creer || $user->rights->supplier_order->creer); $param = '&id='.$object->id; include DOL_DOCUMENT_ROOT.'/core/tpl/document_actions_post_headers.tpl.php'; diff --git a/htdocs/fourn/commande/index.php b/htdocs/fourn/commande/index.php index eef851c6d73..1ea5db20b59 100644 --- a/htdocs/fourn/commande/index.php +++ b/htdocs/fourn/commande/index.php @@ -183,7 +183,7 @@ if ((!empty($conf->fournisseur->enabled) && empty($conf->global->MAIN_USE_NEW_SU $sql .= " AND c.entity IN (".getEntity("supplier_order").")"; // Thirdparty sharing is mandatory with supplier order sharing $sql .= " AND c.fk_statut = 0"; if (!empty($socid)) { - $sql .= " AND c.fk_soc = ".$socid; + $sql .= " AND c.fk_soc = ".((int) $socid); } if (!$user->rights->societe->client->voir && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".$user->id; @@ -290,7 +290,7 @@ $sql .= " WHERE c.fk_soc = s.rowid"; $sql .= " AND c.entity = ".$conf->entity; //$sql.= " AND c.fk_statut > 2"; if (!empty($socid)) { - $sql .= " AND c.fk_soc = ".$socid; + $sql .= " AND c.fk_soc = ".((int) $socid); } if (!$user->rights->societe->client->voir && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".$user->id; @@ -359,7 +359,7 @@ if (!$user->rights->societe->client->voir && !$socid) $sql.= ", ".MAIN_DB_PREFIX $sql.= " WHERE c.fk_soc = s.rowid"; $sql.= " AND c.entity = ".$conf->entity; $sql.= " AND c.fk_statut = 1"; -if ($socid) $sql.= " AND c.fk_soc = ".$socid; +if ($socid) $sql.= " AND c.fk_soc = ".((int) $socid); if (!$user->rights->societe->client->voir && !$socid) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; $sql.= " ORDER BY c.rowid DESC"; diff --git a/htdocs/fourn/commande/list.php b/htdocs/fourn/commande/list.php index fb1891051e6..25f71f85eb4 100644 --- a/htdocs/fourn/commande/list.php +++ b/htdocs/fourn/commande/list.php @@ -6,7 +6,7 @@ * Copyright (C) 2014 Marcos García * Copyright (C) 2014 Juanjo Menent * Copyright (C) 2016 Ferran Marcet - * Copyright (C) 2018 Frédéric France + * Copyright (C) 2018-2021 Frédéric France * Copyright (C) 2018-2020 Charlene Benke * Copyright (C) 2019 Nicolas ZABOURI * @@ -651,7 +651,7 @@ $sql .= $hookmanager->resPrint; $sql .= ' WHERE cf.fk_soc = s.rowid'; $sql .= ' AND cf.entity IN ('.getEntity('supplier_order').')'; if ($socid > 0) { - $sql .= " AND s.rowid = ".$socid; + $sql .= " AND s.rowid = ".((int) $socid); } if (!$user->rights->societe->client->voir && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".$user->id; @@ -672,10 +672,10 @@ if ($search_request_author) { $sql .= natural_search(array('u.lastname', 'u.firstname', 'u.login'), $search_request_author); } if ($search_billed != '' && $search_billed >= 0) { - $sql .= " AND cf.billed = ".$db->escape($search_billed); + $sql .= " AND cf.billed = ".((int) $search_billed); } if ($search_product_category > 0) { - $sql .= " AND cp.fk_categorie = ".$search_product_category; + $sql .= " AND cp.fk_categorie = ".((int) $search_product_category); } //Required triple check because statut=0 means draft filter if (GETPOST('statut', 'intcomma') !== '') { @@ -705,7 +705,7 @@ if ($search_company) { $sql .= natural_search('s.nom', $search_company); } if ($search_sale > 0) { - $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".$db->escape($search_sale); + $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $search_sale); } if ($search_user > 0) { $sql .= " AND ec.fk_c_type_contact = tc.rowid AND tc.element='supplier_order' AND tc.source='internal' AND ec.element_id = cf.rowid AND ec.fk_socpeople = ".$db->escape($search_user); @@ -881,10 +881,10 @@ if ($resql) { 'presend'=>img_picto('', 'email', 'class="pictofixedwidth"').$langs->trans("SendByMail"), ); if ($user->rights->fournisseur->facture->creer || $user->rights->supplier_invoice->creer) { - $arrayofmassactions['createbills'] = $langs->trans("CreateInvoiceForThisSupplier"); + $arrayofmassactions['createbills'] = img_picto('', 'bill', 'class="pictofixedwidth"').$langs->trans("CreateInvoiceForThisSupplier"); } if ($user->rights->fournisseur->commande->supprimer) { - $arrayofmassactions['predelete'] = img_picto('', 'delete').$langs->trans("Delete"); + $arrayofmassactions['predelete'] = img_picto('', 'delete', 'class="pictofixedwidth"').$langs->trans("Delete"); } if (in_array($massaction, array('presend', 'predelete', 'createbills'))) { $arrayofmassactions = array(); @@ -895,7 +895,7 @@ if ($resql) { if (!empty($socid)) { $url .= '&socid='.$socid; } - $newcardbutton = dolGetButtonTitle($langs->trans('NewOrder'), '', 'fa fa-plus-circle', $url, '', ($user->rights->fournisseur->commande->creer || $user->rights->supplier_order->creer)); + $newcardbutton = dolGetButtonTitle($langs->trans('NewSupplierOrderShort'), '', 'fa fa-plus-circle', $url, '', ($user->rights->fournisseur->commande->creer || $user->rights->supplier_order->creer)); // Lines of title fields print '
    '; @@ -1272,6 +1272,10 @@ if ($resql) { $i = 0; $totalarray = array(); + $totalarray['nbfield'] = 0; + $totalarray['val'] = array(); + $totalarray['val']['cf.total_ht'] = 0; + $totalarray['val']['cf.total_ttc'] = 0; while ($i < min($num, $limit)) { $obj = $db->fetch_object($resql); @@ -1283,6 +1287,7 @@ if ($resql) { $objectstatic->id = $obj->rowid; $objectstatic->ref = $obj->ref; + $objectstatic->socid = $obj->socid; $objectstatic->ref_supplier = $obj->ref_supplier; $objectstatic->socid = $obj->socid; $objectstatic->total_ht = $obj->total_ht; diff --git a/htdocs/fourn/contact.php b/htdocs/fourn/contact.php index 82c8df6ac66..3196ffed7ac 100644 --- a/htdocs/fourn/contact.php +++ b/htdocs/fourn/contact.php @@ -94,7 +94,7 @@ if ($contactname) { } if ($socid) { - $sql .= " AND s.rowid = ".$socid; + $sql .= " AND s.rowid = ".((int) $socid); } $sql .= " ORDER BY $sortfield $sortorder "; diff --git a/htdocs/fourn/facture/card.php b/htdocs/fourn/facture/card.php index 0bc26ea8f2b..a28b8c13331 100644 --- a/htdocs/fourn/facture/card.php +++ b/htdocs/fourn/facture/card.php @@ -1791,8 +1791,8 @@ if (!empty($conf->projet->enabled)) { $now = dol_now(); $title = $langs->trans('SupplierInvoice')." - ".$langs->trans('Card'); -$helpurl = "EN:Module_Suppliers_Invoices|FR:Module_Fournisseurs_Factures|ES:Módulo_Facturas_de_proveedores"; -llxHeader('', $title, $helpurl); +$help_url = 'EN:Module_Suppliers_Invoices|FR:Module_Fournisseurs_Factures|ES:Módulo_Facturas_de_proveedores|DE:Modul_Lieferantenrechnungen'; +llxHeader('', $title, $help_url); // Mode creation if ($action == 'create') { @@ -1875,10 +1875,10 @@ if ($action == 'create') { $objectsrc->fetch_optionals(); $object->array_options = $objectsrc->array_options; } else { - $cond_reglement_id = $societe->cond_reglement_supplier_id; - $mode_reglement_id = $societe->mode_reglement_supplier_id; + $cond_reglement_id = $societe->cond_reglement_supplier_id; + $mode_reglement_id = $societe->mode_reglement_supplier_id; $transport_mode_id = $societe->transport_mode_supplier_id; - $fk_account = $societe->fk_account; + $fk_account = $societe->fk_account; $datetmp = dol_mktime(12, 0, 0, GETPOST('remonth', 'int'), GETPOST('reday', 'int'), GETPOST('reyear', 'int')); $dateinvoice = ($datetmp == '' ? (empty($conf->global->MAIN_AUTOFILL_DATE) ?-1 : '') : $datetmp); $datetmp = dol_mktime(12, 0, 0, $_POST['echmonth'], $_POST['echday'], $_POST['echyear']); @@ -1930,7 +1930,7 @@ if ($action == 'create') { print $societe->getNomUrl(1); print ''; } else { - print img_picto('', 'company').$form->select_company($societe->id, 'socid', 's.fournisseur=1', 'SelectThirdParty', 0, 0, null, 0, 'minwidth300'); + print img_picto('', 'company').$form->select_company($societe->id, 'socid', 's.fournisseur=1', 'SelectThirdParty', 0, 0, null, 0, 'minwidth300 widthcentpercentminusxx'); // reload page to retrieve supplier informations if (!empty($conf->global->RELOAD_PAGE_ON_SUPPLIER_CHANGE)) { print ''; - - // Part to create if ($action == 'create') { print load_fiche_titre($langs->trans("NewObject", $langs->transnoentitiesnoconv("Partnership")), '', 'object_'.$object->picto); @@ -435,22 +357,6 @@ if ($object->id > 0 && (empty($action) || ($action != 'edit' && $action != 'crea $formconfirm = $form->formconfirm($_SERVER["PHP_SELF"].'?id='.$object->id, $langs->trans('ToRefuse'), $text, 'confirm_refuse', $formquestion, '', 1, 250); } - // Confirmation of action xxxx - if ($action == 'xxx') { - $formquestion = array(); - /* - $forcecombo=0; - if ($conf->browser->name == 'ie') $forcecombo = 1; // There is a bug in IE10 that make combo inside popup crazy - $formquestion = array( - // 'text' => $langs->trans("ConfirmClone"), - // array('type' => 'checkbox', 'name' => 'clone_content', 'label' => $langs->trans("CloneMainAttributes"), 'value' => 1), - // array('type' => 'checkbox', 'name' => 'update_prices', 'label' => $langs->trans("PuttingPricesUpToDate"), 'value' => 1), - // array('type' => 'other', 'name' => 'idwarehouse', 'label' => $langs->trans("SelectWarehouseForStockDecrease"), 'value' => $formproduct->selectWarehouses(GETPOST('idwarehouse')?GETPOST('idwarehouse'):'ifone', 'idwarehouse', '', 1, 0, 0, '', 0, $forcecombo)) - ); - */ - $formconfirm = $form->formconfirm($_SERVER["PHP_SELF"].'?id='.$object->id, $langs->trans('XXX'), $text, 'confirm_xxx', $formquestion, 0, 1, 220); - } - // Call Hook formConfirm $parameters = array('formConfirm' => $formconfirm, 'lineid' => $lineid); $reshook = $hookmanager->executeHooks('formConfirm', $parameters, $object, $action); // Note that $action and $object may have been modified by hook @@ -623,24 +529,23 @@ if ($object->id > 0 && (empty($action) || ($action != 'edit' && $action != 'crea if (empty($reshook)) { // Send if (empty($user->socid)) { - print dolGetButtonAction($langs->trans('SendMail'), '', 'default', $_SERVER["PHP_SELF"].'?id='.$object->id.'&action=presend&mode=init#formmailbeforetitle'); + print dolGetButtonAction($langs->trans('SendMail'), '', 'default', $_SERVER["PHP_SELF"].'?id='.$object->id.'&action=presend&mode=init&token='.newToken().'#formmailbeforetitle'); } // Back to draft if ($object->status != $object::STATUS_DRAFT) { - print dolGetButtonAction($langs->trans('SetToDraft'), '', 'default', $_SERVER["PHP_SELF"].'?id='.$object->id.'&action=confirm_setdraft&confirm=yes', '', $permissiontoadd); + print dolGetButtonAction($langs->trans('SetToDraft'), '', 'default', $_SERVER["PHP_SELF"].'?id='.$object->id.'&action=confirm_setdraft&confirm=yes&token='.newToken(), '', $permissiontoadd); } - print dolGetButtonAction($langs->trans('Modify'), '', 'default', $_SERVER["PHP_SELF"].'?id='.$object->id.'&action=edit', '', $permissiontoadd); + print dolGetButtonAction($langs->trans('Modify'), '', 'default', $_SERVER["PHP_SELF"].'?id='.$object->id.'&action=edit&token='.newToken(), '', $permissiontoadd); // Accept if ($object->status == $object::STATUS_DRAFT) { if (empty($object->table_element_line) || (is_array($object->lines) && count($object->lines) > 0)) { - print dolGetButtonAction($langs->trans('Validate'), '', 'default', $_SERVER['PHP_SELF'].'?id='.$object->id.'&action=confirm_accept&confirm=yes', '', $permissiontoadd); + print dolGetButtonAction($langs->trans('Validate'), '', 'default', $_SERVER['PHP_SELF'].'?id='.$object->id.'&action=confirm_accept&confirm=yes&token='.newToken(), '', $permissiontoadd); } else { $langs->load("errors"); - //print dolGetButtonAction($langs->trans('Accept'), '', 'default', $_SERVER['PHP_SELF'].'?id='.$object->id.'&action=confirm_accept&confirm=yes', '', 0); - print ''.$langs->trans("Validate").''; + print dolGetButtonAction($langs->trans("ErrorAddAtLeastOneLineFirst"), $langs->trans("Validate"), 'default', '#', '', 0); } } @@ -656,8 +561,8 @@ if ($object->id > 0 && (empty($action) || ($action != 'edit' && $action != 'crea // Refuse if ($permissiontoadd) { - if ($object->status != $object::STATUS_CANCELED && $object->status != $object::STATUS_REFUSED) { - print ''.$langs->trans("Refuse").''."\n"; + if ($object->status != $object::STATUS_ACCEPTED && $object->status != $object::STATUS_CANCELED && $object->status != $object::STATUS_REFUSED) { + print dolGetButtonAction($langs->trans('Refuse'), '', 'default', $_SERVER['PHP_SELF'].'?id='.$object->id.'&action=refuse&token='.newToken(), '', $permissiontoadd); } } diff --git a/htdocs/partnership/partnership_contact.php b/htdocs/partnership/partnership_contact.php index 632047acf25..1c416cf690c 100644 --- a/htdocs/partnership/partnership_contact.php +++ b/htdocs/partnership/partnership_contact.php @@ -22,41 +22,14 @@ * \brief Tab for contacts linked to Partnership */ + // Load Dolibarr environment -$res = 0; -// Try main.inc.php into web root known defined into CONTEXT_DOCUMENT_ROOT (not always defined) -if (!$res && !empty($_SERVER["CONTEXT_DOCUMENT_ROOT"])) { - $res = @include $_SERVER["CONTEXT_DOCUMENT_ROOT"]."/main.inc.php"; -} -// Try main.inc.php into web root detected using web root calculated from SCRIPT_FILENAME -$tmp = empty($_SERVER['SCRIPT_FILENAME']) ? '' : $_SERVER['SCRIPT_FILENAME']; $tmp2 = realpath(__FILE__); $i = strlen($tmp) - 1; $j = strlen($tmp2) - 1; -while ($i > 0 && $j > 0 && isset($tmp[$i]) && isset($tmp2[$j]) && $tmp[$i] == $tmp2[$j]) { - $i--; $j--; -} -if (!$res && $i > 0 && file_exists(substr($tmp, 0, ($i + 1))."/main.inc.php")) { - $res = @include substr($tmp, 0, ($i + 1))."/main.inc.php"; -} -if (!$res && $i > 0 && file_exists(dirname(substr($tmp, 0, ($i + 1)))."/main.inc.php")) { - $res = @include dirname(substr($tmp, 0, ($i + 1)))."/main.inc.php"; -} -// Try main.inc.php using relative path -if (!$res && file_exists("../main.inc.php")) { - $res = @include "../main.inc.php"; -} -if (!$res && file_exists("../../main.inc.php")) { - $res = @include "../../main.inc.php"; -} -if (!$res && file_exists("../../../main.inc.php")) { - $res = @include "../../../main.inc.php"; -} -if (!$res) { - die("Include of main fails"); -} +require '../main.inc.php'; require_once DOL_DOCUMENT_ROOT.'/contact/class/contact.class.php'; require_once DOL_DOCUMENT_ROOT.'/core/class/html.formcompany.class.php'; -dol_include_once('/partnership/class/partnership.class.php'); -dol_include_once('/partnership/lib/partnership.lib.php'); +require_once DOL_DOCUMENT_ROOT.'/partnership/class/partnership.class.php'; +require_once DOL_DOCUMENT_ROOT.'/partnership/lib/partnership.lib.php'; // Load translation files required by the page $langs->loadLangs(array("partnership", "companies", "other", "mails")); diff --git a/htdocs/partnership/partnership_document.php b/htdocs/partnership/partnership_document.php index d6f89c07d00..e7fae7ee7ff 100644 --- a/htdocs/partnership/partnership_document.php +++ b/htdocs/partnership/partnership_document.php @@ -22,64 +22,15 @@ * \brief Tab for documents linked to Partnership */ -//if (! defined('NOREQUIREDB')) define('NOREQUIREDB', '1'); // Do not create database handler $db -//if (! defined('NOREQUIREUSER')) define('NOREQUIREUSER', '1'); // Do not load object $user -//if (! defined('NOREQUIRESOC')) define('NOREQUIRESOC', '1'); // Do not load object $mysoc -//if (! defined('NOREQUIRETRAN')) define('NOREQUIRETRAN', '1'); // Do not load object $langs -//if (! defined('NOSCANGETFORINJECTION')) define('NOSCANGETFORINJECTION', '1'); // Do not check injection attack on GET parameters -//if (! defined('NOSCANPOSTFORINJECTION')) define('NOSCANPOSTFORINJECTION', '1'); // Do not check injection attack on POST parameters -//if (! defined('NOCSRFCHECK')) define('NOCSRFCHECK', '1'); // Do not check CSRF attack (test on referer + on token if option MAIN_SECURITY_CSRF_WITH_TOKEN is on). -//if (! defined('NOTOKENRENEWAL')) define('NOTOKENRENEWAL', '1'); // Do not roll the Anti CSRF token (used if MAIN_SECURITY_CSRF_WITH_TOKEN is on) -//if (! defined('NOSTYLECHECK')) define('NOSTYLECHECK', '1'); // Do not check style html tag into posted data -//if (! defined('NOREQUIREMENU')) define('NOREQUIREMENU', '1'); // If there is no need to load and show top and left menu -//if (! defined('NOREQUIREHTML')) define('NOREQUIREHTML', '1'); // If we don't need to load the html.form.class.php -//if (! defined('NOREQUIREAJAX')) define('NOREQUIREAJAX', '1'); // Do not load ajax.lib.php library -//if (! defined("NOLOGIN")) define("NOLOGIN", '1'); // If this page is public (can be called outside logged session). This include the NOIPCHECK too. -//if (! defined('NOIPCHECK')) define('NOIPCHECK', '1'); // Do not check IP defined into conf $dolibarr_main_restrict_ip -//if (! defined("MAIN_LANG_DEFAULT")) define('MAIN_LANG_DEFAULT', 'auto'); // Force lang to a particular value -//if (! defined("MAIN_AUTHENTICATION_MODE")) define('MAIN_AUTHENTICATION_MODE', 'aloginmodule'); // Force authentication handler -//if (! defined("NOREDIRECTBYMAINTOLOGIN")) define('NOREDIRECTBYMAINTOLOGIN', 1); // The main.inc.php does not make a redirect if not logged, instead show simple error message -//if (! defined("FORCECSP")) define('FORCECSP', 'none'); // Disable all Content Security Policies -//if (! defined('CSRFCHECK_WITH_TOKEN')) define('CSRFCHECK_WITH_TOKEN', '1'); // Force use of CSRF protection with tokens even for GET -//if (! defined('NOBROWSERNOTIF')) define('NOBROWSERNOTIF', '1'); // Disable browser notification - // Load Dolibarr environment -$res = 0; -// Try main.inc.php into web root known defined into CONTEXT_DOCUMENT_ROOT (not always defined) -if (!$res && !empty($_SERVER["CONTEXT_DOCUMENT_ROOT"])) { - $res = @include $_SERVER["CONTEXT_DOCUMENT_ROOT"]."/main.inc.php"; -} -// Try main.inc.php into web root detected using web root calculated from SCRIPT_FILENAME -$tmp = empty($_SERVER['SCRIPT_FILENAME']) ? '' : $_SERVER['SCRIPT_FILENAME']; $tmp2 = realpath(__FILE__); $i = strlen($tmp) - 1; $j = strlen($tmp2) - 1; -while ($i > 0 && $j > 0 && isset($tmp[$i]) && isset($tmp2[$j]) && $tmp[$i] == $tmp2[$j]) { - $i--; $j--; -} -if (!$res && $i > 0 && file_exists(substr($tmp, 0, ($i + 1))."/main.inc.php")) { - $res = @include substr($tmp, 0, ($i + 1))."/main.inc.php"; -} -if (!$res && $i > 0 && file_exists(dirname(substr($tmp, 0, ($i + 1)))."/main.inc.php")) { - $res = @include dirname(substr($tmp, 0, ($i + 1)))."/main.inc.php"; -} -// Try main.inc.php using relative path -if (!$res && file_exists("../main.inc.php")) { - $res = @include "../main.inc.php"; -} -if (!$res && file_exists("../../main.inc.php")) { - $res = @include "../../main.inc.php"; -} -if (!$res && file_exists("../../../main.inc.php")) { - $res = @include "../../../main.inc.php"; -} -if (!$res) { - die("Include of main fails"); -} +require '../main.inc.php'; require_once DOL_DOCUMENT_ROOT.'/core/lib/company.lib.php'; require_once DOL_DOCUMENT_ROOT.'/core/lib/files.lib.php'; require_once DOL_DOCUMENT_ROOT.'/core/lib/images.lib.php'; require_once DOL_DOCUMENT_ROOT.'/core/class/html.formfile.class.php'; -dol_include_once('/partnership/class/partnership.class.php'); -dol_include_once('/partnership/lib/partnership.lib.php'); +require_once DOL_DOCUMENT_ROOT.'/partnership/class/partnership.class.php'; +require_once DOL_DOCUMENT_ROOT.'/partnership/lib/partnership.lib.php'; // Load translation files required by the page $langs->loadLangs(array("partnership", "companies", "other", "mails")); diff --git a/htdocs/partnership/partnership_list.php b/htdocs/partnership/partnership_list.php index 1ae90d0d4cf..c8bb93ccb7d 100644 --- a/htdocs/partnership/partnership_list.php +++ b/htdocs/partnership/partnership_list.php @@ -22,57 +22,8 @@ * \brief List page for partnership */ -//if (! defined('NOREQUIREDB')) define('NOREQUIREDB', '1'); // Do not create database handler $db -//if (! defined('NOREQUIREUSER')) define('NOREQUIREUSER', '1'); // Do not load object $user -//if (! defined('NOREQUIRESOC')) define('NOREQUIRESOC', '1'); // Do not load object $mysoc -//if (! defined('NOREQUIRETRAN')) define('NOREQUIRETRAN', '1'); // Do not load object $langs -//if (! defined('NOSCANGETFORINJECTION')) define('NOSCANGETFORINJECTION', '1'); // Do not check injection attack on GET parameters -//if (! defined('NOSCANPOSTFORINJECTION')) define('NOSCANPOSTFORINJECTION', '1'); // Do not check injection attack on POST parameters -//if (! defined('NOCSRFCHECK')) define('NOCSRFCHECK', '1'); // Do not check CSRF attack (test on referer + on token if option MAIN_SECURITY_CSRF_WITH_TOKEN is on). -//if (! defined('NOTOKENRENEWAL')) define('NOTOKENRENEWAL', '1'); // Do not roll the Anti CSRF token (used if MAIN_SECURITY_CSRF_WITH_TOKEN is on) -//if (! defined('NOSTYLECHECK')) define('NOSTYLECHECK', '1'); // Do not check style html tag into posted data -//if (! defined('NOREQUIREMENU')) define('NOREQUIREMENU', '1'); // If there is no need to load and show top and left menu -//if (! defined('NOREQUIREHTML')) define('NOREQUIREHTML', '1'); // If we don't need to load the html.form.class.php -//if (! defined('NOREQUIREAJAX')) define('NOREQUIREAJAX', '1'); // Do not load ajax.lib.php library -//if (! defined("NOLOGIN")) define("NOLOGIN", '1'); // If this page is public (can be called outside logged session). This include the NOIPCHECK too. -//if (! defined('NOIPCHECK')) define('NOIPCHECK', '1'); // Do not check IP defined into conf $dolibarr_main_restrict_ip -//if (! defined("MAIN_LANG_DEFAULT")) define('MAIN_LANG_DEFAULT', 'auto'); // Force lang to a particular value -//if (! defined("MAIN_AUTHENTICATION_MODE")) define('MAIN_AUTHENTICATION_MODE', 'aloginmodule'); // Force authentication handler -//if (! defined("NOREDIRECTBYMAINTOLOGIN")) define('NOREDIRECTBYMAINTOLOGIN', 1); // The main.inc.php does not make a redirect if not logged, instead show simple error message -//if (! defined("FORCECSP")) define('FORCECSP', 'none'); // Disable all Content Security Policies -//if (! defined('CSRFCHECK_WITH_TOKEN')) define('CSRFCHECK_WITH_TOKEN', '1'); // Force use of CSRF protection with tokens even for GET -//if (! defined('NOBROWSERNOTIF')) define('NOBROWSERNOTIF', '1'); // Disable browser notification - // Load Dolibarr environment -$res = 0; -// Try main.inc.php into web root known defined into CONTEXT_DOCUMENT_ROOT (not always defined) -if (!$res && !empty($_SERVER["CONTEXT_DOCUMENT_ROOT"])) { - $res = @include $_SERVER["CONTEXT_DOCUMENT_ROOT"]."/main.inc.php"; -} -// Try main.inc.php into web root detected using web root calculated from SCRIPT_FILENAME -$tmp = empty($_SERVER['SCRIPT_FILENAME']) ? '' : $_SERVER['SCRIPT_FILENAME']; $tmp2 = realpath(__FILE__); $i = strlen($tmp) - 1; $j = strlen($tmp2) - 1; -while ($i > 0 && $j > 0 && isset($tmp[$i]) && isset($tmp2[$j]) && $tmp[$i] == $tmp2[$j]) { - $i--; $j--; -} -if (!$res && $i > 0 && file_exists(substr($tmp, 0, ($i + 1))."/main.inc.php")) { - $res = @include substr($tmp, 0, ($i + 1))."/main.inc.php"; -} -if (!$res && $i > 0 && file_exists(dirname(substr($tmp, 0, ($i + 1)))."/main.inc.php")) { - $res = @include dirname(substr($tmp, 0, ($i + 1)))."/main.inc.php"; -} -// Try main.inc.php using relative path -if (!$res && file_exists("../main.inc.php")) { - $res = @include "../main.inc.php"; -} -if (!$res && file_exists("../../main.inc.php")) { - $res = @include "../../main.inc.php"; -} -if (!$res && file_exists("../../../main.inc.php")) { - $res = @include "../../../main.inc.php"; -} -if (!$res) { - die("Include of main fails"); -} +require '../main.inc.php'; require_once DOL_DOCUMENT_ROOT.'/core/class/html.formcompany.class.php'; require_once DOL_DOCUMENT_ROOT.'/core/lib/date.lib.php'; @@ -80,7 +31,7 @@ require_once DOL_DOCUMENT_ROOT.'/core/lib/company.lib.php'; require_once DOL_DOCUMENT_ROOT.'/adherents/class/adherent.class.php'; // load partnership libraries -require_once __DIR__.'/class/partnership.class.php'; +require_once DOL_DOCUMENT_ROOT.'/partnership/class/partnership.class.php'; // for other modules //dol_include_once('/othermodule/class/otherobject.class.php'); @@ -88,12 +39,12 @@ require_once __DIR__.'/class/partnership.class.php'; // Load translation files required by the page $langs->loadLangs(array("partnership", "members", "other")); -$action = GETPOST('action', 'aZ09') ?GETPOST('action', 'aZ09') : 'view'; // The action 'add', 'create', 'edit', 'update', 'view', ... +$action = GETPOST('action', 'aZ09') ?GETPOST('action', 'aZ09') : 'view'; // The action 'add', 'create', 'edit', 'update', 'view', ... $massaction = GETPOST('massaction', 'alpha'); // The bulk action (combo box choice into lists) $show_files = GETPOST('show_files', 'int'); // Show files area generated by bulk actions ? -$confirm = GETPOST('confirm', 'alpha'); // Result of a confirmation -$cancel = GETPOST('cancel', 'alpha'); // We click on a Cancel button -$toselect = GETPOST('toselect', 'array'); // Array of ids of elements selected into a list +$confirm = GETPOST('confirm', 'alpha'); // Result of a confirmation +$cancel = GETPOST('cancel', 'alpha'); // We click on a Cancel button +$toselect = GETPOST('toselect', 'array'); // Array of ids of elements selected into a list $contextpage = GETPOST('contextpage', 'aZ') ? GETPOST('contextpage', 'aZ') : 'partnershiplist'; // To manage different context of search $backtopage = GETPOST('backtopage', 'alpha'); // Go back to a dedicated page $optioncss = GETPOST('optioncss', 'aZ'); // Option for the css output (always '' except when 'print') @@ -113,9 +64,9 @@ $pageprev = $page - 1; $pagenext = $page + 1; // Initialize technical objects -$object = new Partnership($db); -$extrafields = new ExtraFields($db); -$adherent = new Adherent($db); +$object = new Partnership($db); +$extrafields = new ExtraFields($db); +$adherent = new Adherent($db); $diroutputmassaction = $conf->partnership->dir_output.'/temp/massgeneration/'.$user->id; $hookmanager->initHooks(array('partnershiplist')); // Note that conf->hooks_modules contains array @@ -159,7 +110,7 @@ if ($filter) { // List of fields to search into when doing a "search in all" $fieldstosearchall = array(); foreach ($object->fields as $key => $val) { - if ($val['searchall']) { + if (!empty($val['searchall'])) { $fieldstosearchall['t.'.$key] = $val['label']; } } @@ -719,6 +670,12 @@ while ($i < ($limit ? min($num, $limit) : $num)) { if (!$i) { $totalarray['pos'][$totalarray['nbfield']] = 't.'.$key; } + if (!isset($totalarray['val'])) { + $totalarray['val'] = array(); + } + if (!isset($totalarray['val']['t.'.$key])) { + $totalarray['val']['t.'.$key] = 0; + } $totalarray['val']['t.'.$key] += $object->$key; } } diff --git a/htdocs/partnership/partnership_note.php b/htdocs/partnership/partnership_note.php index 29a59f67ef4..b9607e5aeb6 100644 --- a/htdocs/partnership/partnership_note.php +++ b/htdocs/partnership/partnership_note.php @@ -22,69 +22,20 @@ * \brief Tab for notes on Partnership */ -//if (! defined('NOREQUIREDB')) define('NOREQUIREDB', '1'); // Do not create database handler $db -//if (! defined('NOREQUIREUSER')) define('NOREQUIREUSER', '1'); // Do not load object $user -//if (! defined('NOREQUIRESOC')) define('NOREQUIRESOC', '1'); // Do not load object $mysoc -//if (! defined('NOREQUIRETRAN')) define('NOREQUIRETRAN', '1'); // Do not load object $langs -//if (! defined('NOSCANGETFORINJECTION')) define('NOSCANGETFORINJECTION', '1'); // Do not check injection attack on GET parameters -//if (! defined('NOSCANPOSTFORINJECTION')) define('NOSCANPOSTFORINJECTION', '1'); // Do not check injection attack on POST parameters -//if (! defined('NOCSRFCHECK')) define('NOCSRFCHECK', '1'); // Do not check CSRF attack (test on referer + on token if option MAIN_SECURITY_CSRF_WITH_TOKEN is on). -//if (! defined('NOTOKENRENEWAL')) define('NOTOKENRENEWAL', '1'); // Do not roll the Anti CSRF token (used if MAIN_SECURITY_CSRF_WITH_TOKEN is on) -//if (! defined('NOSTYLECHECK')) define('NOSTYLECHECK', '1'); // Do not check style html tag into posted data -//if (! defined('NOREQUIREMENU')) define('NOREQUIREMENU', '1'); // If there is no need to load and show top and left menu -//if (! defined('NOREQUIREHTML')) define('NOREQUIREHTML', '1'); // If we don't need to load the html.form.class.php -//if (! defined('NOREQUIREAJAX')) define('NOREQUIREAJAX', '1'); // Do not load ajax.lib.php library -//if (! defined("NOLOGIN")) define("NOLOGIN", '1'); // If this page is public (can be called outside logged session). This include the NOIPCHECK too. -//if (! defined('NOIPCHECK')) define('NOIPCHECK', '1'); // Do not check IP defined into conf $dolibarr_main_restrict_ip -//if (! defined("MAIN_LANG_DEFAULT")) define('MAIN_LANG_DEFAULT', 'auto'); // Force lang to a particular value -//if (! defined("MAIN_AUTHENTICATION_MODE")) define('MAIN_AUTHENTICATION_MODE', 'aloginmodule'); // Force authentication handler -//if (! defined("NOREDIRECTBYMAINTOLOGIN")) define('NOREDIRECTBYMAINTOLOGIN', 1); // The main.inc.php does not make a redirect if not logged, instead show simple error message -//if (! defined("FORCECSP")) define('FORCECSP', 'none'); // Disable all Content Security Policies -//if (! defined('CSRFCHECK_WITH_TOKEN')) define('CSRFCHECK_WITH_TOKEN', '1'); // Force use of CSRF protection with tokens even for GET -//if (! defined('NOBROWSERNOTIF')) define('NOBROWSERNOTIF', '1'); // Disable browser notification - // Load Dolibarr environment -$res = 0; -// Try main.inc.php into web root known defined into CONTEXT_DOCUMENT_ROOT (not always defined) -if (!$res && !empty($_SERVER["CONTEXT_DOCUMENT_ROOT"])) { - $res = @include $_SERVER["CONTEXT_DOCUMENT_ROOT"]."/main.inc.php"; -} -// Try main.inc.php into web root detected using web root calculated from SCRIPT_FILENAME -$tmp = empty($_SERVER['SCRIPT_FILENAME']) ? '' : $_SERVER['SCRIPT_FILENAME']; $tmp2 = realpath(__FILE__); $i = strlen($tmp) - 1; $j = strlen($tmp2) - 1; -while ($i > 0 && $j > 0 && isset($tmp[$i]) && isset($tmp2[$j]) && $tmp[$i] == $tmp2[$j]) { - $i--; $j--; -} -if (!$res && $i > 0 && file_exists(substr($tmp, 0, ($i + 1))."/main.inc.php")) { - $res = @include substr($tmp, 0, ($i + 1))."/main.inc.php"; -} -if (!$res && $i > 0 && file_exists(dirname(substr($tmp, 0, ($i + 1)))."/main.inc.php")) { - $res = @include dirname(substr($tmp, 0, ($i + 1)))."/main.inc.php"; -} -// Try main.inc.php using relative path -if (!$res && file_exists("../main.inc.php")) { - $res = @include "../main.inc.php"; -} -if (!$res && file_exists("../../main.inc.php")) { - $res = @include "../../main.inc.php"; -} -if (!$res && file_exists("../../../main.inc.php")) { - $res = @include "../../../main.inc.php"; -} -if (!$res) { - die("Include of main fails"); -} +require '../main.inc.php'; -dol_include_once('/partnership/class/partnership.class.php'); -dol_include_once('/partnership/lib/partnership.lib.php'); +require_once DOL_DOCUMENT_ROOT.'/partnership/class/partnership.class.php'; +require_once DOL_DOCUMENT_ROOT.'/partnership/lib/partnership.lib.php'; // Load translation files required by the page $langs->loadLangs(array("partnership", "companies")); // Get parameters $id = GETPOST('id', 'int'); -$ref = GETPOST('ref', 'alpha'); +$ref = GETPOST('ref', 'alpha'); $action = GETPOST('action', 'aZ09'); -$cancel = GETPOST('cancel', 'aZ09'); +$cancel = GETPOST('cancel', 'aZ09'); $backtopage = GETPOST('backtopage', 'alpha'); // Initialize technical objects diff --git a/htdocs/partnership/partnershipindex.php b/htdocs/partnership/partnershipindex.php index 8076f105dbb..264134c67d9 100644 --- a/htdocs/partnership/partnershipindex.php +++ b/htdocs/partnership/partnershipindex.php @@ -25,35 +25,7 @@ */ // Load Dolibarr environment -$res = 0; -// Try main.inc.php into web root known defined into CONTEXT_DOCUMENT_ROOT (not always defined) -if (!$res && !empty($_SERVER["CONTEXT_DOCUMENT_ROOT"])) { - $res = @include $_SERVER["CONTEXT_DOCUMENT_ROOT"]."/main.inc.php"; -} -// Try main.inc.php into web root detected using web root calculated from SCRIPT_FILENAME -$tmp = empty($_SERVER['SCRIPT_FILENAME']) ? '' : $_SERVER['SCRIPT_FILENAME']; $tmp2 = realpath(__FILE__); $i = strlen($tmp) - 1; $j = strlen($tmp2) - 1; -while ($i > 0 && $j > 0 && isset($tmp[$i]) && isset($tmp2[$j]) && $tmp[$i] == $tmp2[$j]) { - $i--; $j--; -} -if (!$res && $i > 0 && file_exists(substr($tmp, 0, ($i + 1))."/main.inc.php")) { - $res = @include substr($tmp, 0, ($i + 1))."/main.inc.php"; -} -if (!$res && $i > 0 && file_exists(dirname(substr($tmp, 0, ($i + 1)))."/main.inc.php")) { - $res = @include dirname(substr($tmp, 0, ($i + 1)))."/main.inc.php"; -} -// Try main.inc.php using relative path -if (!$res && file_exists("../main.inc.php")) { - $res = @include "../main.inc.php"; -} -if (!$res && file_exists("../../main.inc.php")) { - $res = @include "../../main.inc.php"; -} -if (!$res && file_exists("../../../main.inc.php")) { - $res = @include "../../../main.inc.php"; -} -if (!$res) { - die("Include of main fails"); -} +require '../main.inc.php'; require_once DOL_DOCUMENT_ROOT.'/core/class/html.formfile.class.php'; @@ -100,8 +72,7 @@ print '
    '; /* BEGIN MODULEBUILDER DRAFT MYOBJECT // Draft MyObject -if (! empty($conf->partnership->enabled) && $user->rights->partnership->read) -{ +if (! empty($conf->partnership->enabled) && $user->rights->partnership->read) { $langs->load("orders"); $sql = "SELECT c.rowid, c.ref, c.ref_client, c.total_ht, c.tva as total_tva, c.total_ttc, s.rowid as socid, s.nom as name, s.client, s.canvas"; @@ -113,11 +84,10 @@ if (! empty($conf->partnership->enabled) && $user->rights->partnership->read) $sql.= " AND c.fk_statut = 0"; $sql.= " AND c.entity IN (".getEntity('commande').")"; if (! $user->rights->societe->client->voir && ! $socid) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; - if ($socid) $sql.= " AND c.fk_soc = ".$socid; + if ($socid) $sql.= " AND c.fk_soc = ".((int) $socid); $resql = $db->query($sql); - if ($resql) - { + if ($resql) { $total = 0; $num = $db->num_rows($resql); @@ -126,12 +96,9 @@ if (! empty($conf->partnership->enabled) && $user->rights->partnership->read) print '
    '; $var = true; - if ($num > 0) - { + if ($num > 0) { $i = 0; - while ($i < $num) - { - + while ($i < $num) { $obj = $db->fetch_object($resql); print '"; } - } - else - { - + } else { print ''; } print "
    '.$langs->trans("DraftMyObjects").($num?''.$num.'':'').'
    '; @@ -150,23 +117,16 @@ if (! empty($conf->partnership->enabled) && $user->rights->partnership->read) $i++; $total += $obj->total_ttc; } - if ($total>0) - { - + if ($total>0) { print '
    '.$langs->trans("Total").''.price($total)."
    '.$langs->trans("NoOrder").'

    "; $db->free($resql); - } - else - { + } else { dol_print_error($db); } } @@ -181,8 +141,7 @@ $max = $conf->global->MAIN_SIZE_SHORTLIST_LIMIT; /* BEGIN MODULEBUILDER LASTMODIFIED MYOBJECT // Last modified myobject -if (! empty($conf->partnership->enabled) && $user->rights->partnership->read) -{ +if (! empty($conf->partnership->enabled) && $user->rights->partnership->read) { $sql = "SELECT s.rowid, s.ref, s.label, s.date_creation, s.tms"; $sql.= " FROM ".MAIN_DB_PREFIX."partnership_myobject as s"; //if (! $user->rights->societe->client->voir && ! $socid) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; @@ -193,8 +152,7 @@ if (! empty($conf->partnership->enabled) && $user->rights->partnership->read) $sql .= $db->plimit($max, 0); $resql = $db->query($sql); - if ($resql) - { + if ($resql) { $num = $db->num_rows($resql); $i = 0; @@ -205,10 +163,8 @@ if (! empty($conf->partnership->enabled) && $user->rights->partnership->read) print ''; print ''.$langs->trans("DateModificationShort").''; print ''; - if ($num) - { - while ($i < $num) - { + if ($num) { + while ($i < $num) { $objp = $db->fetch_object($resql); $myobjectstatic->id=$objp->rowid; diff --git a/htdocs/paybox/admin/paybox.php b/htdocs/paybox/admin/paybox.php index 41ad839cb94..a14729f30ef 100644 --- a/htdocs/paybox/admin/paybox.php +++ b/htdocs/paybox/admin/paybox.php @@ -74,19 +74,19 @@ if ($action == 'setvalue' && $user->admin) { if (!$result > 0) { $error++; } - $result = dolibarr_set_const($db, "ONLINE_PAYMENT_MESSAGE_FORM", GETPOST('ONLINE_PAYMENT_MESSAGE_FORM', 'alpha'), 'chaine', 0, '', $conf->entity); + $result = dolibarr_set_const($db, "ONLINE_PAYMENT_MESSAGE_FORM", GETPOST('ONLINE_PAYMENT_MESSAGE_FORM', 'restricthtml'), 'chaine', 0, '', $conf->entity); if (!$result > 0) { $error++; } - $result = dolibarr_set_const($db, "ONLINE_PAYMENT_MESSAGE_OK", GETPOST('ONLINE_PAYMENT_MESSAGE_OK', 'alpha'), 'chaine', 0, '', $conf->entity); + $result = dolibarr_set_const($db, "ONLINE_PAYMENT_MESSAGE_OK", GETPOST('ONLINE_PAYMENT_MESSAGE_OK', 'restricthtml'), 'chaine', 0, '', $conf->entity); if (!$result > 0) { $error++; } - $result = dolibarr_set_const($db, "ONLINE_PAYMENT_MESSAGE_KO", GETPOST('ONLINE_PAYMENT_MESSAGE_KO', 'alpha'), 'chaine', 0, '', $conf->entity); + $result = dolibarr_set_const($db, "ONLINE_PAYMENT_MESSAGE_KO", GETPOST('ONLINE_PAYMENT_MESSAGE_KO', 'restricthtml'), 'chaine', 0, '', $conf->entity); if (!$result > 0) { $error++; } - $result = dolibarr_set_const($db, "ONLINE_PAYMENT_SENDEMAIL", GETPOST('ONLINE_PAYMENT_SENDEMAIL'), 'chaine', 0, '', $conf->entity); + $result = dolibarr_set_const($db, "ONLINE_PAYMENT_SENDEMAIL", GETPOST('ONLINE_PAYMENT_SENDEMAIL', 'alpha'), 'chaine', 0, '', $conf->entity); if (!$result > 0) { $error++; } diff --git a/htdocs/paypal/admin/paypal.php b/htdocs/paypal/admin/paypal.php index cfa7628297d..a192fdaf629 100644 --- a/htdocs/paypal/admin/paypal.php +++ b/htdocs/paypal/admin/paypal.php @@ -80,19 +80,19 @@ if ($action == 'setvalue' && $user->admin) { if (!$result > 0) { $error++; } - $result = dolibarr_set_const($db, "ONLINE_PAYMENT_MESSAGE_FORM", GETPOST('ONLINE_PAYMENT_MESSAGE_FORM'), 'chaine', 0, '', $conf->entity); + $result = dolibarr_set_const($db, "ONLINE_PAYMENT_MESSAGE_FORM", GETPOST('ONLINE_PAYMENT_MESSAGE_FORM', 'restricthtml'), 'chaine', 0, '', $conf->entity); if (!$result > 0) { $error++; } - $result = dolibarr_set_const($db, "ONLINE_PAYMENT_MESSAGE_OK", GETPOST('ONLINE_PAYMENT_MESSAGE_OK'), 'chaine', 0, '', $conf->entity); + $result = dolibarr_set_const($db, "ONLINE_PAYMENT_MESSAGE_OK", GETPOST('ONLINE_PAYMENT_MESSAGE_OK', 'restricthtml'), 'chaine', 0, '', $conf->entity); if (!$result > 0) { $error++; } - $result = dolibarr_set_const($db, "ONLINE_PAYMENT_MESSAGE_KO", GETPOST('ONLINE_PAYMENT_MESSAGE_KO'), 'chaine', 0, '', $conf->entity); + $result = dolibarr_set_const($db, "ONLINE_PAYMENT_MESSAGE_KO", GETPOST('ONLINE_PAYMENT_MESSAGE_KO', 'restricthtml'), 'chaine', 0, '', $conf->entity); if (!$result > 0) { $error++; } - $result = dolibarr_set_const($db, "ONLINE_PAYMENT_SENDEMAIL", GETPOST('ONLINE_PAYMENT_SENDEMAIL'), 'chaine', 0, '', $conf->entity); + $result = dolibarr_set_const($db, "ONLINE_PAYMENT_SENDEMAIL", GETPOST('ONLINE_PAYMENT_SENDEMAIL', 'alpha'), 'chaine', 0, '', $conf->entity); if (!$result > 0) { $error++; } diff --git a/htdocs/product/admin/dynamic_prices.php b/htdocs/product/admin/dynamic_prices.php index fdd42bd34d7..d90ea7090f7 100644 --- a/htdocs/product/admin/dynamic_prices.php +++ b/htdocs/product/admin/dynamic_prices.php @@ -213,17 +213,17 @@ if ($action == 'create_variable' || $action == 'edit_variable') { //Code print ''; print ''.$langs->trans("Variable").''; - print ''; + print ''; print ''; //Description print ''; print ''.$langs->trans("Description").''; - print ''; + print ''; print ''; //Value print ''; print ''.$langs->trans("Value").''; - print ''; + print ''; print ''; print ''; @@ -310,7 +310,7 @@ if ($action == 'create_updater' || $action == 'edit_updater') { //Description print ''; print ''.$langs->trans("Description").''; - print ''; + print ''; print ''; //Type print ''; diff --git a/htdocs/product/agenda.php b/htdocs/product/agenda.php index ea32e47c8a5..815014e259f 100644 --- a/htdocs/product/agenda.php +++ b/htdocs/product/agenda.php @@ -73,7 +73,21 @@ if (!$sortorder) { // Initialize technical object to manage hooks of page. Note that conf->hooks_modules contains array of hook context $hookmanager->initHooks(array('agendathirdparty')); -$result = restrictedArea($user, 'produit|service', $id, 'product&product'); +$object = new Product($db); +if ($id > 0 || !empty($ref)) { + $object->fetch($id, $ref); +} + +if ($object->id > 0) { + if ($object->type == $object::TYPE_PRODUCT) { + restrictedArea($user, 'produit', $object->id, 'product&product', '', ''); + } + if ($object->type == $object::TYPE_SERVICE) { + restrictedArea($user, 'service', $object->id, 'product&product', '', ''); + } +} else { + restrictedArea($user, 'produit|service', 0, 'product&product', '', ''); +} /* diff --git a/htdocs/product/ajax/products.php b/htdocs/product/ajax/products.php index 901e2b387e3..ac2e70e3287 100644 --- a/htdocs/product/ajax/products.php +++ b/htdocs/product/ajax/products.php @@ -122,8 +122,8 @@ if (!empty($action) && $action == 'fetch' && !empty($id)) { // Price by qty if (!empty($price_by_qty_rowid) && $price_by_qty_rowid >= 1 && (!empty($conf->global->PRODUIT_CUSTOMER_PRICES_BY_QTY) || !empty($conf->global->PRODUIT_CUSTOMER_PRICES_BY_QTY_MULTIPRICES))) { // If we need a particular price related to qty $sql = "SELECT price, unitprice, quantity, remise_percent"; - $sql .= " FROM ".MAIN_DB_PREFIX."product_price_by_qty "; - $sql .= " WHERE rowid=".$price_by_qty_rowid.""; + $sql .= " FROM ".MAIN_DB_PREFIX."product_price_by_qty"; + $sql .= " WHERE rowid = ".((int) $price_by_qty_rowid); $result = $db->query($sql); if ($result) { diff --git a/htdocs/product/canvas/product/actions_card_product.class.php b/htdocs/product/canvas/product/actions_card_product.class.php index 3bda877af62..d155abdc2c2 100644 --- a/htdocs/product/canvas/product/actions_card_product.class.php +++ b/htdocs/product/canvas/product/actions_card_product.class.php @@ -349,11 +349,11 @@ class ActionsCardProduct } } - if (isset($_GET["tosell"]) && dol_strlen($_GET["tosell"]) > 0) { - $sql .= " AND p.tosell = ".$this->db->escape($_GET["tosell"]); + if (GETPOSTISSET("tosell")) { + $sql .= " AND p.tosell = ".((int) GETPOST("tosell", "int")); } - if (isset($_GET["canvas"]) && dol_strlen($_GET["canvas"]) > 0) { - $sql .= " AND p.canvas = '".$this->db->escape($_GET["canvas"])."'"; + if (GETPOSTISSET("canvas")) { + $sql .= " AND p.canvas = '".$this->db->escape(GETPOST("canvas"))."'"; } $sql .= $this->db->order($sortfield, $sortorder); $sql .= $this->db->plimit($limit + 1, $offset); diff --git a/htdocs/product/canvas/service/actions_card_service.class.php b/htdocs/product/canvas/service/actions_card_service.class.php index 53e0df73212..c4296dc63a8 100644 --- a/htdocs/product/canvas/service/actions_card_service.class.php +++ b/htdocs/product/canvas/service/actions_card_service.class.php @@ -298,29 +298,29 @@ class ActionsCardService $sql .= " AND (p.ref LIKE '%".$this->db->escape($sall)."%' OR p.label LIKE '%".$this->db->escape($sall)."%' OR p.description LIKE '%".$this->db->escape($sall)."%' OR p.note LIKE '%".$this->db->escape($sall)."%')"; } if ($sref) { - $sql .= " AND p.ref LIKE '%".$sref."%'"; + $sql .= " AND p.ref LIKE '%".$this->db->escape($sref)."%'"; } if ($search_barcode) { - $sql .= " AND p.barcode LIKE '%".$search_barcode."%'"; + $sql .= " AND p.barcode LIKE '%".$this->db->escape($search_barcode)."%'"; } if ($snom) { $sql .= " AND p.label LIKE '%".$this->db->escape($snom)."%'"; } - if (isset($_GET["tosell"]) && dol_strlen($_GET["tosell"]) > 0) { - $sql .= " AND p.tosell = ".$this->db->escape($_GET["tosell"]); + if (GETPOSTISSET("tosell")) { + $sql .= " AND p.tosell = ".((int) GETPOST("tosell", 'int')); } - if (isset($_GET["canvas"]) && dol_strlen($_GET["canvas"]) > 0) { - $sql .= " AND p.canvas = '".$this->db->escape($_GET["canvas"])."'"; + if (GETPOSTISSET("canvas")) { + $sql .= " AND p.canvas = '".$this->db->escape(GETPOST("canvas"))."'"; } if ($catid) { - $sql .= " AND cp.fk_categorie = ".$catid; + $sql .= " AND cp.fk_categorie = ".((int) $catid); } if ($fourn_id > 0) { - $sql .= " AND p.rowid = pfp.fk_product AND pfp.fk_soc = ".$fourn_id; + $sql .= " AND p.rowid = pfp.fk_product AND pfp.fk_soc = ".((int) $fourn_id); } // Insert categ filter if ($search_categ) { - $sql .= " AND cp.fk_categorie = ".$this->db->escape($search_categ); + $sql .= " AND cp.fk_categorie = ".((int) $search_categ); } $sql .= $this->db->order($sortfield, $sortorder); $sql .= $this->db->plimit($limit + 1, $offset); diff --git a/htdocs/product/card.php b/htdocs/product/card.php index c92f847a1e9..170853b9c2b 100644 --- a/htdocs/product/card.php +++ b/htdocs/product/card.php @@ -152,7 +152,17 @@ if (!empty($canvas)) { // Security check $fieldvalue = (!empty($id) ? $id : (!empty($ref) ? $ref : '')); $fieldtype = (!empty($id) ? 'rowid' : 'ref'); -$result = restrictedArea($user, 'produit|service', $fieldvalue, 'product&product', '', '', $fieldtype); + +if ($object->id > 0) { + if ($object->type == $object::TYPE_PRODUCT) { + restrictedArea($user, 'produit', $object->id, 'product&product', '', ''); + } + if ($object->type == $object::TYPE_SERVICE) { + restrictedArea($user, 'service', $object->id, 'product&product', '', ''); + } +} else { + restrictedArea($user, 'produit|service', $fieldvalue, 'product&product', '', '', $fieldtype); +} // Initialize technical object to manage hooks of page. Note that conf->hooks_modules contains array of hook context $hookmanager->initHooks(array('productcard', 'globalcard')); @@ -1066,23 +1076,23 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { if (!empty($modCodeProduct->code_auto)) { $tmpcode = $modCodeProduct->getNextValue($object, $type); } - print ''.$langs->trans("Ref").''; + print ''.$langs->trans("Ref").''; if ($refalreadyexists) { print $langs->trans("RefAlreadyExists"); } print ''; // Label - print ''.$langs->trans("Label").''; + print ''.$langs->trans("Label").''; // On sell - print ''.$langs->trans("Status").' ('.$langs->trans("Sell").')'; + print ''.$langs->trans("Status").' ('.$langs->trans("Sell").')'; $statutarray = array('1' => $langs->trans("OnSell"), '0' => $langs->trans("NotOnSell")); print $form->selectarray('statut', $statutarray, GETPOST('statut')); print ''; // To buy - print ''.$langs->trans("Status").' ('.$langs->trans("Buy").')'; + print ''.$langs->trans("Status").' ('.$langs->trans("Buy").')'; $statutarray = array('1' => $langs->trans("ProductStatusOnBuy"), '0' => $langs->trans("ProductStatusNotOnBuy")); print $form->selectarray('statut_buy', $statutarray, GETPOST('statut_buy')); print ''; @@ -1092,7 +1102,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { print ''.$langs->trans("ManageLotSerial").''; $statutarray = array('0' => $langs->trans("ProductStatusNotOnBatch"), '1' => $langs->trans("ProductStatusOnBatch"), '2' => $langs->trans("ProductStatusOnSerial")); print $form->selectarray('status_batch', $statutarray, GETPOST('status_batch')); - print ''; + print ''; // Product specific batch number management $status_batch = GETPOST('status_batch'); if ($status_batch !== '0') { @@ -1101,38 +1111,45 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { $tooltip .= $langs->trans("GenericMaskCodes3"); $tooltip .= $langs->trans("GenericMaskCodes4a", $langs->transnoentities("Batch"), $langs->transnoentities("Batch")); $tooltip .= $langs->trans("GenericMaskCodes5"); - print ''.$langs->trans("ManageLotMask").''; - if (($conf->global->PRODUCTBATCH_LOT_USE_PRODUCT_MASKS && $conf->global->PRODUCTBATCH_LOT_ADDON == 'mod_lot_advanced') || ($conf->global->PRODUCTBATCH_SN_USE_PRODUCT_MASKS && $conf->global->PRODUCTBATCH_SN_ADDON == 'mod_sn_advanced')) { + if (($conf->global->PRODUCTBATCH_LOT_USE_PRODUCT_MASKS && $conf->global->PRODUCTBATCH_LOT_ADDON == 'mod_lot_advanced') + || ($conf->global->PRODUCTBATCH_SN_USE_PRODUCT_MASKS && $conf->global->PRODUCTBATCH_SN_ADDON == 'mod_sn_advanced')) { + print ''.$langs->trans("ManageLotMask").''; $inherited_mask_lot = $conf->global->LOT_ADVANCED_MASK; $inherited_mask_sn = $conf->global->SN_ADVANCED_MASK; print ''; - print $form->textwithpicto('', $tooltip, 1, 1); - print ''; + print $form->textwithpicto('', $tooltip, 1, 1); print ''; - } else { - print ''; + print ''; } - } else { - print ''; } - print ''; } $showbarcode = empty($conf->barcode->enabled) ? 0 : 1; @@ -1153,9 +1170,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { $formbarcode = new FormBarCode($db); print $formbarcode->selectBarcodeType($fk_barcode_type, 'fk_barcode_type', 1); print ''; - if ($conf->browser->layout == 'phone') { - print ''; - } + print ''; print ''.$langs->trans("BarcodeValue").''; $tmpcode = GETPOSTISSET('barcode') ? GETPOST('barcode') : $object->barcode; if (empty($tmpcode) && !empty($modBarCodeProduct->code_auto)) { @@ -1166,7 +1181,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { } // Description (used in invoice, propal...) - print ''.$langs->trans("Description").''; + print ''.$langs->trans("Description").''; $doleditor = new DolEditor('desc', GETPOST('desc', 'restricthtml'), '', 160, 'dolibarr_details', '', false, true, $conf->global->FCKEDITOR_ENABLE_PRODUCTDESC, ROWS_4, '90%'); $doleditor->Create(); @@ -1174,7 +1189,8 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { print ""; // Public URL - print ''.$langs->trans("PublicUrl").''; + print ''.$langs->trans("PublicUrl").''; + print img_picto('', 'globe', 'class="pictofixedwidth"'); print ''; print ''; @@ -1182,7 +1198,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { // Default warehouse print ''.$langs->trans("DefaultWarehouse").''; print img_picto($langs->trans("DefaultWarehouse"), 'stock', 'class="pictofixedwidth"'); - print $formproduct->selectWarehouses(GETPOST('fk_default_warehouse'), 'fk_default_warehouse', 'warehouseopen', 1); + print $formproduct->selectWarehouses(GETPOST('fk_default_warehouse', 'int'), 'fk_default_warehouse', 'warehouseopen', 1, 0, 0, '', 0, 0, array(), 'minwidth300 widthcentpercentminusxx maxwidth500'); print ' '; print ''; print ''; @@ -1193,11 +1209,11 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { print ''.$form->textwithpicto($langs->trans("StockLimit"), $langs->trans("StockLimitDesc"), 1).''; print ''; print ''; - if ($conf->browser->layout == 'phone') { - print ''; - } + + print ''; + // Stock desired level - print ''.$form->textwithpicto($langs->trans("DesiredStock"), $langs->trans("DesiredStockDesc"), 1).''; + print ''.$form->textwithpicto($langs->trans("DesiredStock"), $langs->trans("DesiredStockDesc"), 1).''; print ''; print ''; } else { @@ -1207,7 +1223,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { // Duration if ($type == 1) { - print ''.$langs->trans("Duration").''; + print ''.$langs->trans("Duration").''; print ''; print $formproduct->selectMeasuringUnits("duration_unit", "time", GETPOST('duration_value', 'alpha'), 0, 1); print ''; @@ -1215,20 +1231,20 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { if ($type != 1) { // Nature, Weight and volume only applies to products and not to services // Nature - print ''.$form->textwithpicto($langs->trans("NatureOfProductShort"), $langs->trans("NatureOfProductDesc")).''; + print ''.$form->textwithpicto($langs->trans("NatureOfProductShort"), $langs->trans("NatureOfProductDesc")).''; $statutarray = array('1' => $langs->trans("Finished"), '0' => $langs->trans("RowMaterial")); print $form->selectarray('finished', $statutarray, GETPOST('finished', 'alpha'), 1); print ''; // Brut Weight - print ''.$langs->trans("Weight").''; + print ''.$langs->trans("Weight").''; print ''; print $formproduct->selectMeasuringUnits("weight_units", "weight", GETPOSTISSET('weight_units') ?GETPOST('weight_units', 'alpha') : (empty($conf->global->MAIN_WEIGHT_DEFAULT_UNIT) ? 0 : $conf->global->MAIN_WEIGHT_DEFAULT_UNIT), 0, 2); print ''; // Brut Length if (empty($conf->global->PRODUCT_DISABLE_SIZE)) { - print ''.$langs->trans("Length").' x '.$langs->trans("Width").' x '.$langs->trans("Height").''; + print ''.$langs->trans("Length").' x '.$langs->trans("Width").' x '.$langs->trans("Height").''; print ' x '; print ' x '; print ''; @@ -1237,14 +1253,14 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { } if (empty($conf->global->PRODUCT_DISABLE_SURFACE)) { // Brut Surface - print ''.$langs->trans("Surface").''; + print ''.$langs->trans("Surface").''; print ''; print $formproduct->selectMeasuringUnits("surface_units", "surface", GETPOSTISSET('surface_units') ?GETPOST('surface_units', 'alpha') : '0', 0, 2); print ''; } if (empty($conf->global->PRODUCT_DISABLE_VOLUME)) { // Brut Volume - print ''.$langs->trans("Volume").''; + print ''.$langs->trans("Volume").''; print ''; print $formproduct->selectMeasuringUnits("volume_units", "volume", GETPOSTISSET('volume_units') ?GETPOST('volume_units', 'alpha') : '0', 0, 2); print ''; @@ -1252,7 +1268,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { if (!empty($conf->global->PRODUCT_ADD_NET_MEASURE)) { // Net Measure - print ''.$langs->trans("NetMeasure").''; + print ''.$langs->trans("NetMeasure").''; print ''; print $formproduct->selectMeasuringUnits("net_measure_units", '', GETPOSTISSET('net_measure_units') ?GETPOST('net_measure_units', 'alpha') : (empty($conf->global->MAIN_WEIGHT_DEFAULT_UNIT) ? 0 : $conf->global->MAIN_WEIGHT_DEFAULT_UNIT), 0, 0); print ''; @@ -1262,41 +1278,37 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { // Units if (!empty($conf->global->PRODUCT_USE_UNITS)) { print ''.$langs->trans('DefaultUnitToShow').''; - print ''; + print ''; print $form->selectUnits(empty($line->fk_unit) ? $conf->global->PRODUCT_USE_UNITS : $line->fk_unit, 'units'); print ''; } // Custom code if (empty($conf->global->PRODUCT_DISABLE_CUSTOM_INFO) && empty($type)) { - print ''.$langs->trans("CustomCode").''; + print ''.$langs->trans("CustomCode").''; // Origin country - print ''.$langs->trans("CountryOrigin").''; + print ''.$langs->trans("CountryOrigin").''; print ''; print img_picto('', 'globe-americas', 'class="paddingrightonly"'); print $form->select_country((GETPOSTISSET('country_id') ? GETPOST('country_id') : $object->country_id), 'country_id', '', 0, 'minwidth300 widthcentpercentminusx'); if ($user->admin) { print info_admin($langs->trans("YouCanChangeValuesForThisListFromDictionarySetup"), 1); } - print ''; + print ''; // State if (empty($conf->global->PRODUCT_DISABLE_STATE)) { - if ($conf->browser->layout == 'phone') { - print ''; - } + print ''; if (!empty($conf->global->MAIN_SHOW_REGION_IN_STATE_SELECT) && ($conf->global->MAIN_SHOW_REGION_IN_STATE_SELECT == 1 || $conf->global->MAIN_SHOW_REGION_IN_STATE_SELECT == 2)) { - print ''.$form->editfieldkey('RegionStateOrigin', 'state_id', '', $object, 0).''; + print ''.$form->editfieldkey('RegionStateOrigin', 'state_id', '', $object, 0).''; } else { - print ''.$form->editfieldkey('StateOrigin', 'state_id', '', $object, 0).''; + print ''.$form->editfieldkey('StateOrigin', 'state_id', '', $object, 0).''; } print $formcompany->select_state($object->state_id, $object->country_code); print ''; } - - print ''; } // Quality control @@ -1306,7 +1318,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { } // Other attributes - $parameters = array('colspan' => 3, 'cols' => '3'); + $parameters = array('colspan' => ' colspan="2"', 'cols'=>2); $reshook = $hookmanager->executeHooks('formObjectOptions', $parameters, $object, $action); // Note that $action and $object may have been modified by hook print $hookmanager->resPrint; if (empty($reshook)) { @@ -1316,7 +1328,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { // Note (private, no output on invoices, propales...) //if (! empty($conf->global->MAIN_DISABLE_NOTES_TAB)) available in create mode //{ - print ''.$langs->trans("NoteNotVisibleOnBill").''; + print ''.$langs->trans("NoteNotVisibleOnBill").''; // We use dolibarr_details as type of DolEditor here, because we must not accept images as description is included into PDF and not accepted by TCPDF. $doleditor = new DolEditor('note_private', GETPOST('note_private', 'restricthtml'), '', 140, 'dolibarr_details', '', false, true, $conf->global->FCKEDITOR_ENABLE_PRODUCTDESC, ROWS_8, '90%'); @@ -1327,7 +1339,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { if ($conf->categorie->enabled) { // Categories - print ''.$langs->trans("Categories").''; + print ''.$langs->trans("Categories").''; $cate_arbo = $form->select_all_categories(Categorie::TYPE_PRODUCT, '', 'parent', 64, 0, 1); print img_picto('', 'category').$form->multiselectarray('categories', $cate_arbo, GETPOST('categories', 'array'), '', 0, 'quatrevingtpercent widthcentpercentminusx', 0, 0); print ""; @@ -1375,6 +1387,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { } // Accountancy codes + print ''."\n"; print ''; if (!empty($conf->accounting->enabled)) { @@ -1386,7 +1399,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { } else { $accountancy_code_sell = (GETPOSTISSET('accountancy_code_sell') ? GETPOST('accountancy_code_sell', 'alpha') : $conf->global->ACCOUNTING_SERVICE_SOLD_ACCOUNT); } - print $formaccounting->select_account($accountancy_code_sell, 'accountancy_code_sell', 1, null, 1, 1, 'minwidth100 maxwidth300 maxwidthonsmartphone', 1); + print $formaccounting->select_account($accountancy_code_sell, 'accountancy_code_sell', 1, null, 1, 1, 'minwidth150 maxwidth300', 1); print ''; // Accountancy_code_sell_intra @@ -1398,7 +1411,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { } else { $accountancy_code_sell_intra = (GETPOSTISSET('accountancy_code_sell_intra') ? GETPOST('accountancy_code_sell_intra', 'alpha') : $conf->global->ACCOUNTING_SERVICE_SOLD_INTRA_ACCOUNT); } - print $formaccounting->select_account($accountancy_code_sell_intra, 'accountancy_code_sell_intra', 1, null, 1, 1, 'minwidth100 maxwidth300 maxwidthonsmartphone', 1); + print $formaccounting->select_account($accountancy_code_sell_intra, 'accountancy_code_sell_intra', 1, null, 1, 1, 'minwidth150 maxwidth300', 1); print ''; } @@ -1410,7 +1423,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { } else { $accountancy_code_sell_export = (GETPOST('accountancy_code_sell_export') ? GETPOST('accountancy_code_sell_export', 'alpha') : $conf->global->ACCOUNTING_SERVICE_SOLD_EXPORT_ACCOUNT); } - print $formaccounting->select_account($accountancy_code_sell_export, 'accountancy_code_sell_export', 1, null, 1, 1, 'minwidth100 maxwidth300 maxwidthonsmartphone', 1); + print $formaccounting->select_account($accountancy_code_sell_export, 'accountancy_code_sell_export', 1, null, 1, 1, 'minwidth150 maxwidth300', 1); print ''; // Accountancy_code_buy @@ -1421,7 +1434,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { } else { $accountancy_code_buy = (GETPOST('accountancy_code_buy', 'alpha') ? (GETPOST('accountancy_code_buy', 'alpha')) : $conf->global->ACCOUNTING_SERVICE_BUY_ACCOUNT); } - print $formaccounting->select_account($accountancy_code_buy, 'accountancy_code_buy', 1, null, 1, 1, 'minwidth100 maxwidth300 maxwidthonsmartphone', 1); + print $formaccounting->select_account($accountancy_code_buy, 'accountancy_code_buy', 1, null, 1, 1, 'minwidth150 maxwidth300', 1); print ''; // Accountancy_code_buy_intra @@ -1433,7 +1446,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { } else { $accountancy_code_buy_intra = (GETPOSTISSET('accountancy_code_buy_intra') ? GETPOST('accountancy_code_buy_intra', 'alpha') : $conf->global->ACCOUNTING_SERVICE_BUY_INTRA_ACCOUNT); } - print $formaccounting->select_account($accountancy_code_buy_intra, 'accountancy_code_buy_intra', 1, null, 1, 1, 'minwidth100 maxwidth300 maxwidthonsmartphone', 1); + print $formaccounting->select_account($accountancy_code_buy_intra, 'accountancy_code_buy_intra', 1, null, 1, 1, 'minwidth150 maxwidth300', 1); print ''; } @@ -1445,10 +1458,9 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { } else { $accountancy_code_buy_export = (GETPOST('accountancy_code_buy_export') ? GETPOST('accountancy_code_buy_export', 'alpha') : $conf->global->ACCOUNTING_SERVICE_BUY_EXPORT_ACCOUNT); } - print $formaccounting->select_account($accountancy_code_buy_export, 'accountancy_code_buy_export', 1, null, 1, 1, 'minwidth100 maxwidth300 maxwidthonsmartphone', 1); + print $formaccounting->select_account($accountancy_code_buy_export, 'accountancy_code_buy_export', 1, null, 1, 1, 'minwidth150 maxwidth300', 1); print ''; - } else // For external software - { + } else {// For external software if (!empty($accountancy_code_sell)) { $object->accountancy_code_sell = $accountancy_code_sell; } @@ -1470,36 +1482,36 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { // Accountancy_code_sell print ''; - print ''; // Accountancy_code_sell_intra if ($mysoc->isInEEC()) { print ''; - print ''; } // Accountancy_code_sell_export print ''; - print ''; // Accountancy_code_buy print ''; - print ''; // Accountancy_code_buy_intra if ($mysoc->isInEEC()) { print ''; - print ''; } // Accountancy_code_buy_export print ''; - print ''; } print '
    '.$langs->trans("ProductAccountancySellCode").''; + print ''; print '
    '.$langs->trans("ProductAccountancySellIntraCode").''; + print ''; print '
    '.$langs->trans("ProductAccountancySellExportCode").''; + print ''; print '
    '.$langs->trans("ProductAccountancyBuyCode").''; + print ''; print '
    '.$langs->trans("ProductAccountancyBuyIntraCode").''; + print ''; print '
    '.$langs->trans("ProductAccountancyBuyExportCode").''; + print ''; print '
    '; @@ -1599,14 +1611,14 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { print ''.$langs->trans("ManageLotSerial").''; $statutarray = array('0' => $langs->trans("ProductStatusNotOnBatch"), '1' => $langs->trans("ProductStatusOnBatch"), '2' => $langs->trans("ProductStatusOnSerial")); print $form->selectarray('status_batch', $statutarray, $object->status_batch); - print ''; + print ''; if ($object->status_batch !== '0') { $tooltip = $langs->trans("GenericMaskCodes", $langs->transnoentities("Batch"), $langs->transnoentities("Batch")); $tooltip .= $langs->trans("GenericMaskCodes2"); $tooltip .= $langs->trans("GenericMaskCodes3"); $tooltip .= $langs->trans("GenericMaskCodes4a", $langs->transnoentities("Batch"), $langs->transnoentities("Batch")); $tooltip .= $langs->trans("GenericMaskCodes5"); - print ''.$langs->trans("ManageLotMask").''; + print ''.$langs->trans("ManageLotMask").''; if ($object->status_batch == '1' && $conf->global->PRODUCTBATCH_LOT_USE_PRODUCT_MASKS && $conf->global->PRODUCTBATCH_LOT_ADDON == 'mod_lot_advanced') { $mask = ! empty($object->batch_mask) ? $object->batch_mask : $conf->global->LOT_ADVANCED_MASK; } @@ -1616,8 +1628,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { $inherited_mask_lot = $conf->global->LOT_ADVANCED_MASK; $inherited_mask_sn = $conf->global->SN_ADVANCED_MASK; print ''; - print $form->textwithpicto('', $tooltip, 1, 1); - print ''; + print $form->textwithpicto('', $tooltip, 1, 1); print ''; - } else { - print ''; + print ''; } - print ''; } } @@ -1667,17 +1687,18 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { require_once DOL_DOCUMENT_ROOT.'/core/class/html.formbarcode.class.php'; $formbarcode = new FormBarCode($db); print $formbarcode->selectBarcodeType($fk_barcode_type, 'fk_barcode_type', 1); - print ''.$langs->trans("BarcodeValue").''; + print ''; + print ''.$langs->trans("BarcodeValue").''; $tmpcode = GETPOSTISSET('barcode') ? GETPOST('barcode') : $object->barcode; if (empty($tmpcode) && !empty($modBarCodeProduct->code_auto)) { $tmpcode = $modBarCodeProduct->getNextValue($object, $fk_barcode_type); } - print ''; + print ''; print ''; } // Description (used in invoice, propal...) - print ''.$langs->trans("Description").''; + print ''.$langs->trans("Description").''; // We use dolibarr_details as type of DolEditor here, because we must not accept images as description is included into PDF and not accepted by TCPDF. $doleditor = new DolEditor('desc', $object->description, '', 160, 'dolibarr_details', '', false, true, $conf->global->FCKEDITOR_ENABLE_PRODUCTDESC, ROWS_4, '90%'); @@ -1687,7 +1708,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { print "\n"; // Public Url - print ''.$langs->trans("PublicUrl").''; + print ''.$langs->trans("PublicUrl").''; print ''; print ''; @@ -1697,7 +1718,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { print ''.$langs->trans("DefaultWarehouse").''; print $formproduct->selectWarehouses($object->fk_default_warehouse, 'fk_default_warehouse', 'warehouseopen', 1); print ' '; - print ''; + print ''; /* print "".''.$langs->trans("StockLimit").''; print ''; @@ -1717,25 +1738,25 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { if ($object->isService()) { // Duration - print ''.$langs->trans("Duration").''; + print ''.$langs->trans("Duration").''; print ' '; print $formproduct->selectMeasuringUnits("duration_unit", "time", $object->duration_unit, 0, 1); print ''; } else { // Nature - print ''.$form->textwithpicto($langs->trans("NatureOfProductShort"), $langs->trans("NatureOfProductDesc")).''; + print ''.$form->textwithpicto($langs->trans("NatureOfProductShort"), $langs->trans("NatureOfProductDesc")).''; print $formproduct->selectProductNature('finished', $object->finished); print ''; // Brut Weight - print ''.$langs->trans("Weight").''; + print ''.$langs->trans("Weight").''; print ' '; print $formproduct->selectMeasuringUnits("weight_units", "weight", $object->weight_units, 0, 2); print ''; if (empty($conf->global->PRODUCT_DISABLE_SIZE)) { // Brut Length - print ''.$langs->trans("Length").' x '.$langs->trans("Width").' x '.$langs->trans("Height").''; + print ''.$langs->trans("Length").' x '.$langs->trans("Width").' x '.$langs->trans("Height").''; print 'x'; print 'x'; print ' '; @@ -1744,14 +1765,14 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { } if (empty($conf->global->PRODUCT_DISABLE_SURFACE)) { // Brut Surface - print ''.$langs->trans("Surface").''; + print ''.$langs->trans("Surface").''; print ' '; print $formproduct->selectMeasuringUnits("surface_units", "surface", $object->surface_units, 0, 2); print ''; } if (empty($conf->global->PRODUCT_DISABLE_VOLUME)) { // Brut Volume - print ''.$langs->trans("Volume").''; + print ''.$langs->trans("Volume").''; print ' '; print $formproduct->selectMeasuringUnits("volume_units", "volume", $object->volume_units, 0, 2); print ''; @@ -1759,7 +1780,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { if (!empty($conf->global->PRODUCT_ADD_NET_MEASURE)) { // Net Measure - print ''.$langs->trans("NetMeasure").''; + print ''.$langs->trans("NetMeasure").''; print ' '; print $formproduct->selectMeasuringUnits("net_measure_units", "", $object->net_measure_units, 0, 0); print ''; @@ -1768,38 +1789,36 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { // Units if (!empty($conf->global->PRODUCT_USE_UNITS)) { print ''.$langs->trans('DefaultUnitToShow').''; - print ''; + print ''; print $form->selectUnits($object->fk_unit, 'units'); print ''; } // Custom code if (!$object->isService() && empty($conf->global->PRODUCT_DISABLE_CUSTOM_INFO)) { - print ''.$langs->trans("CustomCode").''; + print ''.$langs->trans("CustomCode").''; // Origin country - print ''.$langs->trans("CountryOrigin").''; + print ''.$langs->trans("CountryOrigin").''; print ''; print img_picto('', 'globe-americas', 'class="paddingrightonly"'); print $form->select_country($object->country_id, 'country_id', '', 0, 'minwidth100 maxwidthonsmartphone'); if ($user->admin) { print info_admin($langs->trans("YouCanChangeValuesForThisListFromDictionarySetup"), 1); } - print ''; + print ''; // State if (empty($conf->global->PRODUCT_DISABLE_STATE)) { - if ($conf->browser->layout == 'phone') { - print ''; - } + print ''; if (!empty($conf->global->MAIN_SHOW_REGION_IN_STATE_SELECT) && ($conf->global->MAIN_SHOW_REGION_IN_STATE_SELECT == 1 || $conf->global->MAIN_SHOW_REGION_IN_STATE_SELECT == 2)) { - print ''.$form->editfieldkey('RegionStateOrigin', 'state_id', '', $object, 0).''; + print ''.$form->editfieldkey('RegionStateOrigin', 'state_id', '', $object, 0).''; } else { - print ''.$form->editfieldkey('StateOrigin', 'state_id', '', $object, 0).''; + print ''.$form->editfieldkey('StateOrigin', 'state_id', '', $object, 0).''; } print $formcompany->select_state($object->state_id, $object->country_code); print ''; + print ''; } - print ''; } // Quality control @@ -1809,7 +1828,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { } // Other attributes - $parameters = array('colspan' => ' colspan="3"', 'cols' => 3); + $parameters = array('colspan' => ' colspan="2"', 'cols' => 2); $reshook = $hookmanager->executeHooks('formObjectOptions', $parameters, $object, $action); // Note that $action and $object may have been modified by hook print $hookmanager->resPrint; if (empty($reshook)) { @@ -1818,7 +1837,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { // Tags-Categories if ($conf->categorie->enabled) { - print ''.$langs->trans("Categories").''; + print ''.$langs->trans("Categories").''; $cate_arbo = $form->select_all_categories(Categorie::TYPE_PRODUCT, '', 'parent', 64, 0, 1); $c = new Categorie($db); $cats = $c->containing($object->id, Categorie::TYPE_PRODUCT); @@ -1834,7 +1853,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { // Note private if (!empty($conf->global->MAIN_DISABLE_NOTES_TAB)) { - print ''.$langs->trans("NoteNotVisibleOnBill").''; + print ''.$langs->trans("NoteNotVisibleOnBill").''; $doleditor = new DolEditor('note_private', $object->note_private, '', 140, 'dolibarr_notes', '', false, true, $conf->global->FCKEDITOR_ENABLE_PRODUCTDESC, ROWS_4, '90%'); $doleditor->Create(); @@ -1852,41 +1871,41 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { // Accountancy_code_sell print ''.$langs->trans("ProductAccountancySellCode").''; print ''; - print $formaccounting->select_account($object->accountancy_code_sell, 'accountancy_code_sell', 1, '', 1, 1); + print $formaccounting->select_account($object->accountancy_code_sell, 'accountancy_code_sell', 1, '', 1, 1, 'minwidth150 maxwidth300'); print ''; // Accountancy_code_sell_intra if ($mysoc->isInEEC()) { print ''.$langs->trans("ProductAccountancySellIntraCode").''; print ''; - print $formaccounting->select_account($object->accountancy_code_sell_intra, 'accountancy_code_sell_intra', 1, '', 1, 1); + print $formaccounting->select_account($object->accountancy_code_sell_intra, 'accountancy_code_sell_intra', 1, '', 1, 1, 'minwidth150 maxwidth300'); print ''; } // Accountancy_code_sell_export print ''.$langs->trans("ProductAccountancySellExportCode").''; print ''; - print $formaccounting->select_account($object->accountancy_code_sell_export, 'accountancy_code_sell_export', 1, '', 1, 1); + print $formaccounting->select_account($object->accountancy_code_sell_export, 'accountancy_code_sell_export', 1, '', 1, 1, 'minwidth150 maxwidth300'); print ''; // Accountancy_code_buy print ''.$langs->trans("ProductAccountancyBuyCode").''; print ''; - print $formaccounting->select_account($object->accountancy_code_buy, 'accountancy_code_buy', 1, '', 1, 1); + print $formaccounting->select_account($object->accountancy_code_buy, 'accountancy_code_buy', 1, '', 1, 1, 'minwidth150 maxwidth300'); print ''; // Accountancy_code_buy_intra if ($mysoc->isInEEC()) { print ''.$langs->trans("ProductAccountancyBuyIntraCode").''; print ''; - print $formaccounting->select_account($object->accountancy_code_buy_intra, 'accountancy_code_buy_intra', 1, '', 1, 1); + print $formaccounting->select_account($object->accountancy_code_buy_intra, 'accountancy_code_buy_intra', 1, '', 1, 1, 'minwidth150 maxwidth300'); print ''; } // Accountancy_code_buy_export print ''.$langs->trans("ProductAccountancyBuyExportCode").''; print ''; - print $formaccounting->select_account($object->accountancy_code_buy_export, 'accountancy_code_buy_export', 1, '', 1, 1); + print $formaccounting->select_account($object->accountancy_code_buy_export, 'accountancy_code_buy_export', 1, '', 1, 1, 'minwidth150 maxwidth300'); print ''; } else { // For external software @@ -1964,14 +1983,14 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { print '
    '; print '
    '; - print ''; + print '
    '; // Type if (!empty($conf->product->enabled) && !empty($conf->service->enabled)) { $typeformat = 'select;0:'.$langs->trans("Product").',1:'.$langs->trans("Service"); print ''; } @@ -1986,7 +2005,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { print ''; } print '
    '; print (empty($conf->global->PRODUCT_DENY_CHANGE_PRODUCT_TYPE)) ? $form->editfieldkey("Type", 'fk_product_type', $object->type, $object, $usercancreate, $typeformat) : $langs->trans('Type'); - print ''; + print ''; print $form->editfieldval("Type", 'fk_product_type', $object->type, $object, $usercancreate, $typeformat); print '
    id.'">'.img_edit($langs->trans('Edit'), 1).'
    '; - print ''; + print ''; if ($action == 'editbarcodetype' || $action == 'editbarcode') { require_once DOL_DOCUMENT_ROOT.'/core/class/html.formbarcode.class.php'; $formbarcode = new FormBarCode($db); @@ -2012,7 +2031,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { print 'id.'">'.img_edit($langs->trans('Edit'), 1).''; } print ''; - print ''; + print ''; if ($action == 'editbarcode') { $tmpcode = GETPOSTISSET('barcode') ? GETPOST('barcode') : $object->barcode; if (empty($tmpcode) && !empty($modBarCodeProduct->code_auto)) { @@ -2032,10 +2051,25 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { print ''."\n"; } + // Batch number management (to batch) + if (!empty($conf->productbatch->enabled)) { + if ($object->isProduct() || !empty($conf->global->STOCK_SUPPORTS_SERVICES)) { + print ''.$langs->trans("ManageLotSerial").''; + print $object->getLibStatut(0, 2); + print ''; + if ((($object->status_batch == '1' &&$conf->global->PRODUCTBATCH_LOT_USE_PRODUCT_MASKS && $conf->global->PRODUCTBATCH_LOT_ADDON == 'mod_lot_advanced') + || ($object->status_batch == '2' && $conf->global->PRODUCTBATCH_SN_ADDON == 'mod_sn_advanced' && $conf->global->PRODUCTBATCH_SN_USE_PRODUCT_MASKS))) { + print ''.$langs->trans("ManageLotMask").''; + print $object->batch_mask; + print ''; + } + } + } + // Accountancy sell code print ''; print $langs->trans("ProductAccountancySellCode"); - print ''; + print ''; if (!empty($conf->accounting->enabled)) { if (!empty($object->accountancy_code_sell)) { $accountingaccount = new AccountingAccount($db); @@ -2052,7 +2086,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { if ($mysoc->isInEEC()) { print ''; print $langs->trans("ProductAccountancySellIntraCode"); - print ''; + print ''; if (!empty($conf->accounting->enabled)) { if (!empty($object->accountancy_code_sell_intra)) { $accountingaccount2 = new AccountingAccount($db); @@ -2069,7 +2103,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { // Accountancy sell code export print ''; print $langs->trans("ProductAccountancySellExportCode"); - print ''; + print ''; if (!empty($conf->accounting->enabled)) { if (!empty($object->accountancy_code_sell_export)) { $accountingaccount3 = new AccountingAccount($db); @@ -2085,7 +2119,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { // Accountancy buy code print ''; print $langs->trans("ProductAccountancyBuyCode"); - print ''; + print ''; if (!empty($conf->accounting->enabled)) { if (!empty($object->accountancy_code_buy)) { $accountingaccount4 = new AccountingAccount($db); @@ -2102,7 +2136,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { if ($mysoc->isInEEC()) { print ''; print $langs->trans("ProductAccountancyBuyIntraCode"); - print ''; + print ''; if (!empty($conf->accounting->enabled)) { if (!empty($object->accountancy_code_buy_intra)) { $accountingaccount5 = new AccountingAccount($db); @@ -2119,7 +2153,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { // Accountancy buy code export print ''; print $langs->trans("ProductAccountancyBuyExportCode"); - print ''; + print ''; if (!empty($conf->accounting->enabled)) { if (!empty($object->accountancy_code_buy_export)) { $accountingaccount6 = new AccountingAccount($db); @@ -2132,26 +2166,11 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { } print ''; - // Batch number management (to batch) - if (!empty($conf->productbatch->enabled)) { - if ($object->isProduct() || !empty($conf->global->STOCK_SUPPORTS_SERVICES)) { - print ''.$langs->trans("ManageLotSerial").''; - print $object->getLibStatut(0, 2); - print ''; - if ((($object->status_batch == '1' &&$conf->global->PRODUCTBATCH_LOT_USE_PRODUCT_MASKS && $conf->global->PRODUCTBATCH_LOT_ADDON == 'mod_lot_advanced') - || ($object->status_batch == '2' && $conf->global->PRODUCTBATCH_SN_ADDON == 'mod_sn_advanced' && $conf->global->PRODUCTBATCH_SN_USE_PRODUCT_MASKS))) { - print ''.$langs->trans("ManageLotMask").''; - print $object->batch_mask; - print ''; - } - } - } - // Description - print ''.$langs->trans("Description").''.(dol_textishtml($object->description) ? $object->description : dol_nl2br($object->description, 1, true)).''; + print ''.$langs->trans("Description").''.(dol_textishtml($object->description) ? $object->description : dol_nl2br($object->description, 1, true)).''; // Public URL - print ''.$langs->trans("PublicUrl").''; + print ''.$langs->trans("PublicUrl").''; print dol_print_url($object->url); print ''; @@ -2174,7 +2193,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { $prodstatic->fetch($combination->fk_product_parent); // Parent product - print ''.$langs->trans("ParentProduct").''; + print ''.$langs->trans("ParentProduct").''; print $prodstatic->getNomUrl(1); print ''; } @@ -2185,11 +2204,11 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { print '
    '; print '
    '; - print ''; + print '
    '; if ($object->isService()) { // Duration - print ''; } else { // Nature - print ''; // Brut Weight - print ''; } } @@ -2275,10 +2295,10 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { // Custom code if (!$object->isService() && empty($conf->global->PRODUCT_DISABLE_CUSTOM_INFO)) { - print ''; + print ''; // Origin country code - print ''; - print ''; + print ''.$object->lifetime.''; + print ''; } // Other attributes - $parameters = array('colspan' => ' colspan="'.(2 + (($showphoto || $showbarcode) ? 1 : 0)).'"', 'cols' => (2 + (($showphoto || $showbarcode) ? 1 : 0))); + $parameters = array(); include DOL_DOCUMENT_ROOT.'/core/tpl/extrafields_view.tpl.php'; // Categories if ($conf->categorie->enabled) { - print '"; } @@ -2305,7 +2325,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { // Note private if (!empty($conf->global->MAIN_DISABLE_NOTES_TAB)) { print ' '."\n"; - print ''."\n"; + print ''."\n"; print ' '."\n"; } diff --git a/htdocs/product/class/api_products.class.php b/htdocs/product/class/api_products.class.php index b4e860a1069..2e0d21b0456 100644 --- a/htdocs/product/class/api_products.class.php +++ b/htdocs/product/class/api_products.class.php @@ -206,8 +206,8 @@ class Products extends DolibarrApi // Select products of given category if ($category > 0) { - $sql .= " AND c.fk_categorie = ".$this->db->escape($category); - $sql .= " AND c.fk_product = t.rowid "; + $sql .= " AND c.fk_categorie = ".((int) $category); + $sql .= " AND c.fk_product = t.rowid"; } if ($mode == 1) { // Show only products diff --git a/htdocs/product/class/html.formproduct.class.php b/htdocs/product/class/html.formproduct.class.php index 69429677c27..637e186a3f3 100644 --- a/htdocs/product/class/html.formproduct.class.php +++ b/htdocs/product/class/html.formproduct.class.php @@ -382,11 +382,13 @@ class FormProduct * @param string $default Preselected value * @param int|string $adddefault 1=Add empty unit called "Default", ''=Add empty value * @param int $mode 1=Use short label as value, 0=Use rowid, 2=Use scale (power) + * @param string $morecss More CSS * @return string */ - public function selectMeasuringUnits($name = 'measuring_units', $measuring_style = '', $default = '0', $adddefault = 0, $mode = 0) + public function selectMeasuringUnits($name = 'measuring_units', $measuring_style = '', $default = '0', $adddefault = 0, $mode = 0, $morecss = 'maxwidth125') { global $langs, $conf, $mysoc, $db; + $langs->load("other"); $return = ''; @@ -412,7 +414,7 @@ class FormProduct dol_print_error($db); return -1; } else { - $return .= ''; if ($adddefault || $adddefault === '') { $return .= ''; } diff --git a/htdocs/product/class/product.class.php b/htdocs/product/class/product.class.php index 511331e6008..8d53db4c0b7 100644 --- a/htdocs/product/class/product.class.php +++ b/htdocs/product/class/product.class.php @@ -426,6 +426,31 @@ class Product extends CommonObject public $is_object_used; + /** + * 'type' if the field format ('integer', 'integer:ObjectClass:PathToClass[:AddCreateButtonOrNot[:Filter]]', 'varchar(x)', 'double(24,8)', 'real', 'price', 'text', 'html', 'date', 'datetime', 'timestamp', 'duration', 'mail', 'phone', 'url', 'password') + * Note: Filter can be a string like "(t.ref:like:'SO-%') or (t.date_creation:<:'20160101') or (t.nature:is:NULL)" + * 'label' the translation key. + * 'enabled' is a condition when the field must be managed (Example: 1 or '$conf->global->MY_SETUP_PARAM) + * 'position' is the sort order of field. + * 'notnull' is set to 1 if not null in database. Set to -1 if we must set data to null if empty ('' or 0). + * 'visible' says if field is visible in list (Examples: 0=Not visible, 1=Visible on list and create/update/view forms, 2=Visible on list only, 3=Visible on create/update/view form only (not list), 4=Visible on list and update/view form only (not create). 5=Visible on list and view only (not create/not update). Using a negative value means field is not shown by default on list but can be selected for viewing) + * 'noteditable' says if field is not editable (1 or 0) + * 'default' is a default value for creation (can still be overwrote by the Setup of Default Values if field is editable in creation form). Note: If default is set to '(PROV)' and field is 'ref', the default value will be set to '(PROVid)' where id is rowid when a new record is created. + * 'index' if we want an index in database. + * 'foreignkey'=>'tablename.field' if the field is a foreign key (it is recommanded to name the field fk_...). + * 'searchall' is 1 if we want to search in this field when making a search from the quick search button. + * 'isameasure' must be set to 1 if you want to have a total on list for this field. Field type must be summable like integer or double(24,8). + * 'css' is the CSS style to use on field. For example: 'maxwidth200' + * 'help' is a string visible as a tooltip on field + * 'showoncombobox' if value of the field must be visible into the label of the combobox that list record + * 'disabled' is 1 if we want to have the field locked by a 'disabled' attribute. In most cases, this is never set into the definition of $fields into class, but is set dynamically by some part of code. + * 'arrayofkeyval' to set list of value if type is a list of predefined values. For example: array("0"=>"Draft","1"=>"Active","-1"=>"Cancel") + * 'autofocusoncreate' to have field having the focus on a create form. Only 1 field should have this property set to 1. + * 'comment' is not used. You can store here any text of your choice. It is not used by application. + * + * Note: To have value dynamic, you can set value to 0 in definition and edit the value on the fly into the constructor. + */ + /** * @var array fields of object product */ @@ -433,8 +458,8 @@ class Product extends CommonObject 'rowid' => array('type'=>'integer', 'label'=>'TechnicalID', 'enabled'=>1, 'visible'=>-2, 'notnull'=>1, 'index'=>1, 'position'=>1, 'comment'=>'Id'), 'ref' =>array('type'=>'varchar(128)', 'label'=>'Ref', 'enabled'=>1, 'visible'=>1, 'notnull'=>1, 'showoncombobox'=>1, 'index'=>1, 'position'=>10, 'searchall'=>1, 'comment'=>'Reference of object'), 'entity' =>array('type'=>'integer', 'label'=>'Entity', 'enabled'=>1, 'visible'=>0, 'default'=>1, 'notnull'=>1, 'index'=>1, 'position'=>5), - 'label' =>array('type'=>'varchar(255)', 'label'=>'Label', 'enabled'=>1, 'visible'=>1, 'notnull'=>1, 'showoncombobox'=>1, 'position'=>15), - 'barcode' =>array('type'=>'varchar(255)', 'label'=>'Barcode', 'enabled'=>'!empty($conf->barcode->enabled)', 'position'=>20, 'visible'=>-1, 'showoncombobox'=>1), + 'label' =>array('type'=>'varchar(255)', 'label'=>'Label', 'enabled'=>1, 'visible'=>1, 'notnull'=>1, 'showoncombobox'=>2, 'position'=>15), + 'barcode' =>array('type'=>'varchar(255)', 'label'=>'Barcode', 'enabled'=>'!empty($conf->barcode->enabled)', 'position'=>20, 'visible'=>-1, 'showoncombobox'=>3), 'fk_barcode_type' => array('type'=>'integer', 'label'=>'BarcodeType', 'enabled'=>'1', 'position'=>21, 'notnull'=>0, 'visible'=>-1,), 'note_public' =>array('type'=>'html', 'label'=>'NotePublic', 'enabled'=>1, 'visible'=>0, 'position'=>61), 'note' =>array('type'=>'html', 'label'=>'NotePrivate', 'enabled'=>1, 'visible'=>0, 'position'=>62), @@ -1055,16 +1080,16 @@ class Product extends CommonObject $sql .= " SET label = '".$this->db->escape($this->label)."'"; if ($updatetype && ($this->isProduct() || $this->isService())) { - $sql .= ", fk_product_type = ".$this->type; + $sql .= ", fk_product_type = ".((int) $this->type); } $sql .= ", ref = '".$this->db->escape($this->ref)."'"; $sql .= ", ref_ext = ".(!empty($this->ref_ext) ? "'".$this->db->escape($this->ref_ext)."'" : "null"); $sql .= ", default_vat_code = ".($this->default_vat_code ? "'".$this->db->escape($this->default_vat_code)."'" : "null"); - $sql .= ", tva_tx = ".$this->tva_tx; - $sql .= ", recuperableonly = ".$this->tva_npr; - $sql .= ", localtax1_tx = ".$this->localtax1_tx; - $sql .= ", localtax2_tx = ".$this->localtax2_tx; + $sql .= ", tva_tx = ".((float) $this->tva_tx); + $sql .= ", recuperableonly = ".((int) $this->tva_npr); + $sql .= ", localtax1_tx = ".((float) $this->localtax1_tx); + $sql .= ", localtax2_tx = ".((float) $this->localtax2_tx); $sql .= ", localtax1_type = ".($this->localtax1_type != '' ? "'".$this->db->escape($this->localtax1_type)."'" : "'0'"); $sql .= ", localtax2_type = ".($this->localtax2_type != '' ? "'".$this->db->escape($this->localtax2_type)."'" : "'0'"); @@ -1689,8 +1714,8 @@ class Product extends CommonObject // Add new price $sql = "INSERT INTO ".MAIN_DB_PREFIX."product_price(price_level,date_price, fk_product, fk_user_author, price, price_ttc, price_base_type,tosell, tva_tx, default_vat_code, recuperableonly,"; $sql .= " localtax1_tx, localtax2_tx, localtax1_type, localtax2_type, price_min,price_min_ttc,price_by_qty,entity,fk_price_expression) "; - $sql .= " VALUES(".($level ? $level : 1).", '".$this->db->idate($now)."',".$this->id.",".$user->id.",".$this->price.",".$this->price_ttc.",'".$this->db->escape($this->price_base_type)."',".$this->status.",".$this->tva_tx.", ".($this->default_vat_code ? ("'".$this->db->escape($this->default_vat_code)."'") : "null").",".$this->tva_npr.","; - $sql .= " ".$this->localtax1_tx.", ".$this->localtax2_tx.", '".$this->db->escape($this->localtax1_type)."', '".$this->db->escape($this->localtax2_type)."', ".$this->price_min.",".$this->price_min_ttc.",".$this->price_by_qty.",".$conf->entity.",".($this->fk_price_expression > 0 ? $this->fk_price_expression : 'null'); + $sql .= " VALUES(".($level ? $level : 1).", '".$this->db->idate($now)."', ".$this->id.", ".$user->id.", ".price2num($this->price).", ".price2num($this->price_ttc).",'".$this->db->escape($this->price_base_type)."',".((int) $this->status).", ".price2num($this->tva_tx).", ".($this->default_vat_code ? ("'".$this->db->escape($this->default_vat_code)."'") : "null").", ".((int) $this->tva_npr).","; + $sql .= " ".price2num($this->localtax1_tx).", ".price2num($this->localtax2_tx).", '".$this->db->escape($this->localtax1_type)."', '".$this->db->escape($this->localtax2_type)."', ".price2num($this->price_min).", ".price2num($this->price_min_ttc).", ".price2num($this->price_by_qty).", ".$conf->entity.",".($this->fk_price_expression > 0 ? ((int) $this->fk_price_expression) : 'null'); $sql .= ")"; dol_syslog(get_class($this)."::_log_price", LOG_DEBUG); @@ -2391,8 +2416,8 @@ class Product extends CommonObject $sql .= " price_base_type, tva_tx, default_vat_code, tosell, price_by_qty, rowid, recuperableonly"; $sql .= " FROM ".MAIN_DB_PREFIX."product_price"; $sql .= " WHERE entity IN (".getEntity('productprice').")"; - $sql .= " AND price_level=".$i; - $sql .= " AND fk_product = ".$this->id; + $sql .= " AND price_level=".((int) $i); + $sql .= " AND fk_product = ".((int) $this->id); $sql .= " ORDER BY date_price DESC, rowid DESC"; $sql .= " LIMIT 1"; $resql = $this->db->query($sql); @@ -2501,7 +2526,7 @@ class Product extends CommonObject $sql .= " price_base_type, tva_tx, default_vat_code, tosell, price_by_qty, rowid, recuperableonly"; $sql .= " FROM ".MAIN_DB_PREFIX."product_price"; $sql .= " WHERE entity IN (".getEntity('productprice').")"; - $sql .= " AND price_level=".$i; + $sql .= " AND price_level=".((int) $i); $sql .= " AND fk_product = ".$this->id; $sql .= " ORDER BY date_price DESC, rowid DESC"; $sql .= " LIMIT 1"; @@ -2613,7 +2638,7 @@ class Product extends CommonObject $sql .= " AND mp.fk_product =".$this->id; $sql .= " AND mp.role ='".$this->db->escape($role)."'"; if ($socid > 0) { - $sql .= " AND c.fk_soc = ".$socid; + $sql .= " AND c.fk_soc = ".((int) $socid); } $result = $this->db->query($sql); @@ -2666,14 +2691,14 @@ class Product extends CommonObject $sql .= " INNER JOIN ".MAIN_DB_PREFIX."bom_bomline as bl ON bl.fk_bom=b.rowid"; $sql .= " WHERE "; $sql .= " b.entity IN (".getEntity('bom').")"; - $sql .= " AND b.fk_product =".$this->id; + $sql .= " AND b.fk_product =".((int) $this->id); $sql .= " GROUP BY b.rowid"; $result = $this->db->query($sql); if ($result) { $obj = $this->db->fetch_object($result); - $this->stats_bom['nb_toproduce'] = $obj->nb_toproduce ? $obj->nb_toproduce : 0; - $this->stats_bom['qty_toproduce'] = $obj->qty_toproduce ? price2num($obj->qty_toproduce) : 0; + $this->stats_bom['nb_toproduce'] = !empty($obj->nb_toproduce) ? $obj->nb_toproduce : 0; + $this->stats_bom['qty_toproduce'] = !empty($obj->qty_toproduce) ? price2num($obj->qty_toproduce) : 0; } else { $this->error = $this->db->error(); $error++; @@ -2685,13 +2710,13 @@ class Product extends CommonObject $sql .= " INNER JOIN ".MAIN_DB_PREFIX."bom_bomline as bl ON bl.fk_bom=b.rowid"; $sql .= " WHERE "; $sql .= " b.entity IN (".getEntity('bom').")"; - $sql .= " AND bl.fk_product =".$this->id; + $sql .= " AND bl.fk_product =".((int) $this->id); $result = $this->db->query($sql); if ($result) { $obj = $this->db->fetch_object($result); - $this->stats_bom['nb_toconsume'] = $obj->nb_toconsume ? $obj->nb_toconsume : 0; - $this->stats_bom['qty_toconsume'] = $obj->qty_toconsume ? price2num($obj->qty_toconsume) : 0; + $this->stats_bom['nb_toconsume'] = !empty($obj->nb_toconsume) ? $obj->nb_toconsume : 0; + $this->stats_bom['qty_toconsume'] = !empty($obj->qty_toconsume) ? price2num($obj->qty_toconsume) : 0; } else { $this->error = $this->db->error(); $error++; @@ -2739,7 +2764,7 @@ class Product extends CommonObject } //$sql.= " AND pr.fk_statut != 0"; if ($socid > 0) { - $sql .= " AND p.fk_soc = ".$socid; + $sql .= " AND p.fk_soc = ".((int) $socid); } $result = $this->db->query($sql); @@ -2814,7 +2839,7 @@ class Product extends CommonObject } //$sql.= " AND pr.fk_statut != 0"; if ($socid > 0) { - $sql .= " AND p.fk_soc = ".$socid; + $sql .= " AND p.fk_soc = ".((int) $socid); } $result = $this->db->query($sql); @@ -2869,7 +2894,7 @@ class Product extends CommonObject $sql .= " AND c.fk_soc = sc.fk_soc AND sc.fk_user = ".$user->id; } if ($socid > 0) { - $sql .= " AND c.fk_soc = ".$socid; + $sql .= " AND c.fk_soc = ".((int) $socid); } if ($filtrestatut <> '') { $sql .= " AND c.fk_statut in (".$this->db->sanitize($filtrestatut).")"; @@ -2971,7 +2996,7 @@ class Product extends CommonObject $sql .= " AND c.fk_soc = sc.fk_soc AND sc.fk_user = ".$user->id; } if ($socid > 0) { - $sql .= " AND c.fk_soc = ".$socid; + $sql .= " AND c.fk_soc = ".((int) $socid); } if ($filtrestatut != '') { $sql .= " AND c.fk_statut in (".$this->db->sanitize($filtrestatut).")"; // Peut valoir 0 @@ -3033,7 +3058,7 @@ class Product extends CommonObject $sql .= " AND e.fk_soc = sc.fk_soc AND sc.fk_user = ".$user->id; } if ($socid > 0) { - $sql .= " AND e.fk_soc = ".$socid; + $sql .= " AND e.fk_soc = ".((int) $socid); } if ($filtrestatut <> '') { $sql .= " AND c.fk_statut IN (".$this->db->sanitize($filtrestatut).")"; @@ -3114,7 +3139,7 @@ class Product extends CommonObject $sql .= " AND cf.fk_soc = sc.fk_soc AND sc.fk_user = ".$user->id; } if ($socid > 0) { - $sql .= " AND cf.fk_soc = ".$socid; + $sql .= " AND cf.fk_soc = ".((int) $socid); } if ($filtrestatut <> '') { $sql .= " AND cf.fk_statut IN (".$this->db->sanitize($filtrestatut).")"; @@ -3170,7 +3195,7 @@ class Product extends CommonObject $sql .= " AND m.fk_soc = sc.fk_soc AND sc.fk_user = ".$user->id; } if ($socid > 0) { - $sql .= " AND m.fk_soc = ".$socid; + $sql .= " AND m.fk_soc = ".((int) $socid); } if ($filtrestatut <> '') { $sql .= " AND m.status IN (".$this->db->sanitize($filtrestatut).")"; @@ -3265,7 +3290,7 @@ class Product extends CommonObject } //$sql.= " AND c.statut != 0"; if ($socid > 0) { - $sql .= " AND c.fk_soc = ".$socid; + $sql .= " AND c.fk_soc = ".((int) $socid); } $result = $this->db->query($sql); @@ -3339,7 +3364,7 @@ class Product extends CommonObject } //$sql.= " AND f.fk_statut != 0"; if ($socid > 0) { - $sql .= " AND f.fk_soc = ".$socid; + $sql .= " AND f.fk_soc = ".((int) $socid); } $result = $this->db->query($sql); @@ -3413,7 +3438,7 @@ class Product extends CommonObject } //$sql.= " AND f.fk_statut != 0"; if ($socid > 0) { - $sql .= " AND f.fk_soc = ".$socid; + $sql .= " AND f.fk_soc = ".((int) $socid); } $result = $this->db->query($sql); @@ -3655,7 +3680,7 @@ class Product extends CommonObject $sql .= " AND p.fk_soc = sc.fk_soc AND sc.fk_user = ".$user->id; } if ($socid > 0) { - $sql .= " AND p.fk_soc = ".$socid; + $sql .= " AND p.fk_soc = ".((int) $socid); } $sql .= $morefilter; $sql .= " GROUP BY date_format(p.datep,'%Y%m')"; @@ -3758,7 +3783,7 @@ class Product extends CommonObject $sql .= " AND c.fk_soc = sc.fk_soc AND sc.fk_user = ".$user->id; } if ($socid > 0) { - $sql .= " AND c.fk_soc = ".$socid; + $sql .= " AND c.fk_soc = ".((int) $socid); } $sql .= $morefilter; $sql .= " GROUP BY date_format(c.date_commande,'%Y%m')"; @@ -3809,7 +3834,7 @@ class Product extends CommonObject $sql .= " AND c.fk_soc = sc.fk_soc AND sc.fk_user = ".$user->id; } if ($socid > 0) { - $sql .= " AND c.fk_soc = ".$socid; + $sql .= " AND c.fk_soc = ".((int) $socid); } $sql .= $morefilter; $sql .= " GROUP BY date_format(c.date_commande,'%Y%m')"; @@ -3863,7 +3888,7 @@ class Product extends CommonObject $sql .= " AND c.fk_soc = sc.fk_soc AND sc.fk_user = ".$user->id; } if ($socid > 0) { - $sql .= " AND c.fk_soc = ".$socid; + $sql .= " AND c.fk_soc = ".((int) $socid); } $sql .= $morefilter; $sql .= " GROUP BY date_format(c.date_contrat,'%Y%m')"; @@ -3916,7 +3941,7 @@ class Product extends CommonObject $sql .= " AND d.fk_soc = sc.fk_soc AND sc.fk_user = ".$user->id; } if ($socid > 0) { - $sql .= " AND d.fk_soc = ".$socid; + $sql .= " AND d.fk_soc = ".((int) $socid); } $sql .= $morefilter; $sql .= " GROUP BY date_format(d.date_valid,'%Y%m')"; @@ -5184,7 +5209,7 @@ class Product extends CommonObject * Load value ->stock_theorique of a product. Property this->id must be defined. * This function need a lot of load. If you use it on list, use a cache to execute it one for each product id. * - * @param int $includedraftpoforvirtual Include draft status of PO for virtual stock calculation + * @param int $includedraftpoforvirtual Include draft status and not yet approved Purchase Orders for virtual stock calculation * @return int < 0 if KO, > 0 if OK * @see load_stock(), loadBatchInfo() */ @@ -5223,9 +5248,9 @@ class Product extends CommonObject $stock_sending_client = $this->stats_expedition['qty']; } if ((!empty($conf->fournisseur->enabled) && empty($conf->global->MAIN_USE_NEW_SUPPLIERMOD)) || !empty($conf->supplier_order->enabled)) { - $filterStatus = '1,2,3,4'; + $filterStatus = empty($conf->global->SUPPLIER_ORDER_STATUS_FOR_VIRTUAL_STOCK) ? '2,3,4' : $conf->global->SUPPLIER_ORDER_STATUS_FOR_VIRTUAL_STOCK; if (isset($includedraftpoforvirtual)) { - $filterStatus = '0,'.$filterStatus; + $filterStatus = '0,1,2,'.$filterStatus; // 1,2 may have already been inside $filterStatus but it is better to have twice than missing $filterStatus does not include them } $result = $this->load_stats_commande_fournisseur(0, $filterStatus, 1); if ($result < 0) { @@ -5422,11 +5447,11 @@ class Product extends CommonObject // phpcs:disable PEAR.NamingConventions.ValidFunctionName.ScopeNotCamelCaps /** - * Retourne tableau de toutes les photos du produit + * Return an array with all photos of product found on disk. There is no sorting criteria. * - * @param string $dir Repertoire a scanner - * @param int $nbmax Nombre maximum de photos (0=pas de max) - * @return array Tableau de photos + * @param string $dir Directory to scan + * @param int $nbmax Number maxium of photos (0=no maximum) + * @return array Array of photos */ public function liste_photos($dir, $nbmax = 0) { @@ -5447,9 +5472,10 @@ class Product extends CommonObject if (dol_is_file($dir.$file) && image_format_supported($file) >= 0) { $nbphoto++; - // On determine nom du fichier vignette + // We forge name of thumb. $photo = $file; $photo_vignette = ''; + $regs = array(); if (preg_match('/('.$this->regeximgext.')$/i', $photo, $regs)) { $photo_vignette = preg_replace('/'.$regs[0].'/i', '', $photo).'_small'.$regs[0]; } @@ -5467,7 +5493,7 @@ class Product extends CommonObject $tabobj[$nbphoto - 1] = $obj; - // On continue ou on arrete de boucler ? + // Do we have to continue with next photo ? if ($nbmax && $nbphoto >= $nbmax) { break; } @@ -5482,9 +5508,9 @@ class Product extends CommonObject // phpcs:disable PEAR.NamingConventions.ValidFunctionName.ScopeNotCamelCaps /** - * Efface la photo du produit et sa vignette + * Delete a photo and its thumbs * - * @param string $file Chemin de l'image + * @param string $file Path to image file * @return void */ public function delete_photo($file) diff --git a/htdocs/product/class/productbatch.class.php b/htdocs/product/class/productbatch.class.php index 10704f2f53e..529284af464 100644 --- a/htdocs/product/class/productbatch.class.php +++ b/htdocs/product/class/productbatch.class.php @@ -384,7 +384,7 @@ class Productbatch extends CommonObject $sql .= " t.qty,"; $sql .= " t.import_key"; $sql .= " FROM ".MAIN_DB_PREFIX.self::$_table_element." as t"; - $sql .= " WHERE fk_product_stock=".$fk_product_stock; + $sql .= " WHERE fk_product_stock=".((int) $fk_product_stock); if (!empty($eatby)) { array_push($where, " eatby = '".$this->db->idate($eatby)."'"); // deprecated @@ -454,10 +454,10 @@ class Productbatch extends CommonObject } $sql .= " FROM ".MAIN_DB_PREFIX."product_batch as t"; if ($fk_product > 0) { - $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."product_lot as pl ON pl.fk_product = ".$fk_product." AND pl.batch = t.batch"; + $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."product_lot as pl ON pl.fk_product = ".((int) $fk_product)." AND pl.batch = t.batch"; // TODO May add extrafields to ? } - $sql .= " WHERE fk_product_stock=".$fk_product_stock; + $sql .= " WHERE fk_product_stock=".((int) $fk_product_stock); if ($with_qty) { $sql .= " AND t.qty <> 0"; } diff --git a/htdocs/product/class/productcustomerprice.class.php b/htdocs/product/class/productcustomerprice.class.php index 9b0d29b4cdd..0683732d6cb 100644 --- a/htdocs/product/class/productcustomerprice.class.php +++ b/htdocs/product/class/productcustomerprice.class.php @@ -209,7 +209,7 @@ class Productcustomerprice extends CommonObject $sql .= "fk_user,"; $sql .= "import_key"; $sql .= ") VALUES ("; - $sql .= " ".$conf->entity.","; + $sql .= " ".((int) $conf->entity).","; $sql .= " '".$this->db->idate(dol_now())."',"; $sql .= " ".(!isset($this->fk_product) ? 'NULL' : "'".$this->db->escape($this->fk_product)."'").","; $sql .= " ".(!isset($this->fk_soc) ? 'NULL' : "'".$this->db->escape($this->fk_soc)."'").","; @@ -226,7 +226,7 @@ class Productcustomerprice extends CommonObject $sql .= " ".(!isset($this->localtax1_tx) ? 'NULL' : (empty($this->localtax1_tx) ? 0 : $this->localtax1_tx)).","; $sql .= " ".(empty($this->localtax2_type) ? "'0'" : "'".$this->db->escape($this->localtax2_type)."'").","; $sql .= " ".(!isset($this->localtax2_tx) ? 'NULL' : (empty($this->localtax2_tx) ? 0 : $this->localtax2_tx)).","; - $sql .= " ".$user->id.","; + $sql .= " ".((int) $user->id).","; $sql .= " ".(!isset($this->import_key) ? 'NULL' : "'".$this->db->escape($this->import_key)."'").""; $sql .= ")"; diff --git a/htdocs/product/class/propalmergepdfproduct.class.php b/htdocs/product/class/propalmergepdfproduct.class.php index a1d92cc492a..67c24ac37c8 100644 --- a/htdocs/product/class/propalmergepdfproduct.class.php +++ b/htdocs/product/class/propalmergepdfproduct.class.php @@ -105,7 +105,6 @@ class Propalmergepdfproduct extends CommonObject // Insert request $sql = "INSERT INTO ".MAIN_DB_PREFIX."propal_merge_pdf_product("; - $sql .= "fk_product,"; $sql .= "file_name,"; if ($conf->global->MAIN_MULTILANGS) { @@ -114,25 +113,19 @@ class Propalmergepdfproduct extends CommonObject $sql .= "fk_user_author,"; $sql .= "fk_user_mod,"; $sql .= "datec"; - - $sql .= ") VALUES ("; - - $sql .= " ".(!isset($this->fk_product) ? 'NULL' : "'".$this->db->escape($this->fk_product)."'").","; + $sql .= " ".(!isset($this->fk_product) ? 'NULL' : ((int) $this->fk_product)).","; $sql .= " ".(!isset($this->file_name) ? 'NULL' : "'".$this->db->escape($this->file_name)."'").","; if ($conf->global->MAIN_MULTILANGS) { $sql .= " ".(!isset($this->lang) ? 'NULL' : "'".$this->db->escape($this->lang)."'").","; } - $sql .= " ".$user->id.","; - $sql .= " ".$user->id.","; + $sql .= " ".((int) $user->id).","; + $sql .= " ".((int) $user->id).","; $sql .= " '".$this->db->idate(dol_now())."'"; - - $sql .= ")"; $this->db->begin(); - dol_syslog(__METHOD__, LOG_DEBUG); $resql = $this->db->query($sql); if (!$resql) { $error++; $this->errors[] = "Error ".$this->db->lasterror(); @@ -408,10 +401,10 @@ class Propalmergepdfproduct extends CommonObject if (!$error) { $sql = "DELETE FROM ".MAIN_DB_PREFIX."propal_merge_pdf_product"; - $sql .= " WHERE fk_product=".$product_id; + $sql .= " WHERE fk_product = ".((int) $product_id); if ($conf->global->MAIN_MULTILANGS && !empty($lang_id)) { - $sql .= " AND lang='".$this->db->escape($lang_id)."'"; + $sql .= " AND lang = '".$this->db->escape($lang_id)."'"; } dol_syslog(__METHOD__, LOG_DEBUG); diff --git a/htdocs/product/composition/card.php b/htdocs/product/composition/card.php index 442232686d3..e1250f10cb3 100644 --- a/htdocs/product/composition/card.php +++ b/htdocs/product/composition/card.php @@ -50,7 +50,6 @@ if (!empty($user->socid)) { } $fieldvalue = (!empty($id) ? $id : (!empty($ref) ? $ref : '')); $fieldtype = (!empty($ref) ? 'ref' : 'rowid'); -$result = restrictedArea($user, 'produit|service', $fieldvalue, 'product&product', '', '', $fieldtype); $object = new Product($db); $objectid = 0; @@ -60,6 +59,19 @@ if ($id > 0 || !empty($ref)) { $id = $object->id; } +$result = restrictedArea($user, 'produit|service', $fieldvalue, 'product&product', '', '', $fieldtype); + +if ($object->id > 0) { + if ($object->type == $object::TYPE_PRODUCT) { + restrictedArea($user, 'produit', $object->id, 'product&product', '', ''); + } + if ($object->type == $object::TYPE_SERVICE) { + restrictedArea($user, 'service', $object->id, 'product&product', '', ''); + } +} else { + restrictedArea($user, 'produit|service', $fieldvalue, 'product&product', '', '', $fieldtype); +} + /* * Actions @@ -188,7 +200,7 @@ print dol_get_fiche_head($head, 'subproduct', $titre, -1, $picto); if ($id > 0 || !empty($ref)) { /* - * Fiche en mode edition + * Product card */ if ($user->rights->produit->lire || $user->rights->service->lire) { $linkback = ''.$langs->trans("BackToList").''; @@ -206,6 +218,16 @@ if ($id > 0 || !empty($ref)) { print '
    '.$langs->trans("Duration").''.$object->duration_value.' '; + print '
    '.$langs->trans("Duration").''.$object->duration_value.' '; if ($object->duration_value > 1) { $dur = array("i"=>$langs->trans("Minute"), "h"=>$langs->trans("Hours"), "d"=>$langs->trans("Days"), "w"=>$langs->trans("Weeks"), "m"=>$langs->trans("Months"), "y"=>$langs->trans("Years")); } elseif ($object->duration_value > 0) { @@ -2200,12 +2219,12 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { print '
    '.$form->textwithpicto($langs->trans("NatureOfProductShort"), $langs->trans("NatureOfProductDesc")).''; + print '
    '.$form->textwithpicto($langs->trans("NatureOfProductShort"), $langs->trans("NatureOfProductDesc")).''; print $object->getLibFinished(); print '
    '.$langs->trans("Weight").''; + print '
    '.$langs->trans("Weight").''; if ($object->weight != '') { print $object->weight." ".measuringUnitString(0, "weight", $object->weight_units); } else { @@ -2215,7 +2234,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { if (empty($conf->global->PRODUCT_DISABLE_SIZE)) { // Brut Length - print '
    '.$langs->trans("Length").' x '.$langs->trans("Width").' x '.$langs->trans("Height").''; + print '
    '.$langs->trans("Length").' x '.$langs->trans("Width").' x '.$langs->trans("Height").''; if ($object->length != '' || $object->width != '' || $object->height != '') { print $object->length; if ($object->width) { @@ -2232,7 +2251,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { } if (empty($conf->global->PRODUCT_DISABLE_SURFACE)) { // Brut Surface - print '
    '.$langs->trans("Surface").''; + print '
    '.$langs->trans("Surface").''; if ($object->surface != '') { print $object->surface." ".measuringUnitString(0, "surface", $object->surface_units); } else { @@ -2242,7 +2261,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { } if (empty($conf->global->PRODUCT_DISABLE_VOLUME)) { // Brut Volume - print '
    '.$langs->trans("Volume").''; + print '
    '.$langs->trans("Volume").''; if ($object->volume != '') { print $object->volume." ".measuringUnitString(0, "volume", $object->volume_units); } else { @@ -2253,12 +2272,13 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { if (!empty($conf->global->PRODUCT_ADD_NET_MEASURE)) { // Net Measure - print '
    '.$langs->trans("NetMeasure").''; + print '
    '.$langs->trans("NetMeasure").''; if ($object->net_measure != '') { print $object->net_measure." ".measuringUnitString($object->net_measure_units); } else { print ' '; } + print '
    '.$langs->trans("CustomCode").''.$object->customcode.'
    '.$langs->trans("CustomCode").''.$object->customcode.'
    '.$langs->trans("Origin").''.getCountry($object->country_id, 0, $db); + print '
    '.$langs->trans("Origin").''.getCountry($object->country_id, 0, $db); if (!empty($object->state_id)) { print ' - '.getState($object->state_id, 0, $db); } @@ -2287,17 +2307,17 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) { // Quality Control if (!empty($conf->global->PRODUCT_LOT_ENABLE_QUALITY_CONTROL)) { - print '
    '.$langs->trans("LifeTime").''.$object->lifetime.'
    '.$langs->trans("QCFrequency").''.$object->qc_frequency.'
    '.$langs->trans("LifeTime").'
    '.$langs->trans("QCFrequency").''.$object->qc_frequency.'
    '.$langs->trans("Categories").''; + print '
    '.$langs->trans("Categories").''; print $form->showCategories($object->id, Categorie::TYPE_PRODUCT, 1); print "
    '.$langs->trans("NotePrivate").''.(dol_textishtml($object->note_private) ? $object->note_private : dol_nl2br($object->note_private, 1, true)).'
    '.$langs->trans("NotePrivate").''.(dol_textishtml($object->note_private) ? $object->note_private : dol_nl2br($object->note_private, 1, true)).'
    '; + // Type + if (!empty($conf->product->enabled) && !empty($conf->service->enabled)) { + $typeformat = 'select;0:'.$langs->trans("Product").',1:'.$langs->trans("Service"); + print ''; + } + // Nature if ($object->type != Product::TYPE_SERVICE) { print ''; + print ''; } // Supplier ref if ($usercancreate) { // change required right here - print ''; + print ''; } else { - print ''; + print ''; } // Availability diff --git a/htdocs/product/index.php b/htdocs/product/index.php index 0e709f54f99..4aaaf3a0fa7 100644 --- a/htdocs/product/index.php +++ b/htdocs/product/index.php @@ -287,7 +287,7 @@ if ((!empty($conf->product->enabled) || !empty($conf->service->enabled)) && ($us $sql .= " FROM ".MAIN_DB_PREFIX."product as p"; $sql .= " WHERE p.entity IN (".getEntity($product_static->element, 1).")"; if ($type != '') { - $sql .= " AND p.fk_product_type = ".$type; + $sql .= " AND p.fk_product_type = ".((int) $type); } // Add where from hooks $parameters = array(); @@ -445,8 +445,8 @@ function activitytrim($product_type) $sql .= " WHERE f.entity IN (".getEntity('invoice').")"; $sql .= " AND f.rowid = fd.fk_facture"; $sql .= " AND pf.fk_facture = f.rowid"; - $sql .= " AND pf.fk_paiement= p.rowid"; - $sql .= " AND fd.product_type=".$product_type; + $sql .= " AND pf.fk_paiement = p.rowid"; + $sql .= " AND fd.product_type = ".((int) $product_type); $sql .= " AND p.datep >= '".$db->idate(dol_get_first_day($yearofbegindate), 1)."'"; $sql .= " GROUP BY annee, mois "; $sql .= " ORDER BY annee, mois "; diff --git a/htdocs/product/inventory/inventory.php b/htdocs/product/inventory/inventory.php index 2abc830eb7c..89394e56e29 100644 --- a/htdocs/product/inventory/inventory.php +++ b/htdocs/product/inventory/inventory.php @@ -160,7 +160,7 @@ if ($action == 'update' && !empty($user->rights->stock->mouvement->creer)) { if (! $error) { $db->commit(); } else { - $db->rollbak(); + $db->rollback(); } } @@ -185,8 +185,11 @@ if ($action =='updateinventorylines' && $permissiontoadd) { if (GETPOST("id_".$lineid, 'alpha') != '') { // If a value was set ('0' or something else) $qtytoupdate = price2num(GETPOST("id_".$lineid, 'alpha'), 'MS'); - $result = $inventoryline->fetch($lineid); + if ($qtytoupdate < 0) { + $result = -1; + setEventMessages($langs->trans("FieldCannotBeNegative", $langs->transnoentitiesnoconv("RealQty")), null, 'errors'); + } if ($result > 0) { $inventoryline->qty_view = $qtytoupdate; $resultupdate = $inventoryline->update($user); @@ -251,7 +254,10 @@ if (empty($reshook)) { $error++; setEventMessages($langs->trans("ErrorFieldRequired", $langs->transnoentitiesnoconv("Product")), null, 'errors'); } - + if (price2num(GETPOST('qtytoadd'), 'MS') < 0) { + $error++; + setEventMessages($langs->trans("FieldCannotBeNegative", $langs->transnoentitiesnoconv("RealQty")), null, 'errors'); + } if (!$error && !empty($conf->productbatch->enabled)) { $tmpproduct = new Product($db); $result = $tmpproduct->fetch($fk_product); @@ -654,7 +660,7 @@ if ($object->id > 0) { // Real quantity print ''; diff --git a/htdocs/product/inventory/list.php b/htdocs/product/inventory/list.php index 1c1e09e3162..84f9bc137b6 100644 --- a/htdocs/product/inventory/list.php +++ b/htdocs/product/inventory/list.php @@ -96,7 +96,7 @@ foreach ($object->fields as $key => $val) { // List of fields to search into when doing a "search in all" $fieldstosearchall = array(); foreach ($object->fields as $key => $val) { - if ($val['searchall']) { + if (!empty($val['searchall'])) { $fieldstosearchall['t.'.$key] = $val['label']; } } @@ -522,6 +522,12 @@ while ($i < ($limit ? min($num, $limit) : $num)) { if (!$i) { $totalarray['pos'][$totalarray['nbfield']] = 't.'.$key; } + if (!isset($totalarray['val'])) { + $totalarray['val'] = array(); + } + if (!isset($totalarray['val']['t.'.$key])) { + $totalarray['val']['t.'.$key] = 0; + } $totalarray['val']['t.'.$key] += $object->$key; } } diff --git a/htdocs/product/list.php b/htdocs/product/list.php index eb3fc71d53a..4ec2fcbadb1 100644 --- a/htdocs/product/list.php +++ b/htdocs/product/list.php @@ -58,6 +58,7 @@ $confirm = GETPOST('confirm', 'alpha'); $toselect = GETPOST('toselect', 'array'); $sall = trim((GETPOST('search_all', 'alphanohtml') != '') ?GETPOST('search_all', 'alphanohtml') : GETPOST('sall', 'alphanohtml')); +$search_id = GETPOST("search_id", 'alpha'); $search_ref = GETPOST("search_ref", 'alpha'); $search_ref_supplier = GETPOST("search_ref_supplier", 'alpha'); $search_barcode = GETPOST("search_barcode", 'alpha'); @@ -193,9 +194,10 @@ $isInEEC = isInEEC($mysoc); $alias_product_perentity = empty($conf->global->MAIN_PRODUCT_PERENTITY_SHARED) ? "p" : "ppe"; -// Definition of fields for lists +// Definition of array of fields for columns $arrayfields = array( - 'p.ref'=>array('label'=>"Ref", 'checked'=>1), + 'p.rowid'=>array('type'=>'integer', 'label'=>'TechnicalID', 'enabled'=>1, 'visible'=>-2, 'noteditable'=>1, 'notnull'=> 1, 'index'=>1, 'position'=>1, 'comment'=>'Id', 'css'=>'left'), + 'p.ref'=>array('label'=>"Ref", 'checked'=>1, 'position'=>10), //'pfp.ref_fourn'=>array('label'=>$langs->trans("RefSupplier"), 'checked'=>1, 'enabled'=>(! empty($conf->barcode->enabled))), 'p.label'=>array('label'=>"Label", 'checked'=>1, 'position'=>10), 'p.fk_product_type'=>array('label'=>"Type", 'checked'=>0, 'enabled'=>(!empty($conf->product->enabled) && !empty($conf->service->enabled)), 'position'=>11), @@ -239,6 +241,19 @@ $arrayfields = array( 'p.tosell'=>array('label'=>$langs->transnoentitiesnoconv("Status").' ('.$langs->transnoentitiesnoconv("Sell").')', 'checked'=>1, 'position'=>1000), 'p.tobuy'=>array('label'=>$langs->transnoentitiesnoconv("Status").' ('.$langs->transnoentitiesnoconv("Buy").')', 'checked'=>1, 'position'=>1000) ); +/*foreach ($object->fields as $key => $val) { + // If $val['visible']==0, then we never show the field + if (!empty($val['visible'])) { + $visible = dol_eval($val['visible'], 1); + $arrayfields['p.'.$key] = array( + 'label'=>$val['label'], + 'checked'=>(($visible < 0) ? 0 : 1), + 'enabled'=>($visible != 3 && dol_eval($val['enabled'], 1)), + 'position'=>$val['position'] + ); + } +}*/ + // MultiPrices if ($conf->global->PRODUIT_MULTIPRICES) { @@ -300,6 +315,7 @@ if (empty($reshook)) { // Purge search criteria if (GETPOST('button_removefilter_x', 'alpha') || GETPOST('button_removefilter.x', 'alpha') || GETPOST('button_removefilter', 'alpha')) { // All tests are required to be compatible with all browsers $sall = ""; + $search_id = ''; $search_ref = ""; $search_ref_supplier = ""; $search_label = ""; @@ -426,6 +442,9 @@ if (!empty($conf->variants->enabled) && (!empty($conf->global->PRODUIT_ATTRIBUTE $sql .= " AND pac.rowid IS NULL"; } +if ($search_id) { + $sql .= natural_search('p.rowid', $search_id, 1); +} if ($search_ref) { $sql .= natural_search('p.ref', $search_ref); } @@ -451,7 +470,7 @@ if (dol_strlen($canvas) > 0) { $sql .= " AND p.canvas = '".$db->escape($canvas)."'"; } if ($catid > 0) { - $sql .= " AND cp.fk_categorie = ".$catid; + $sql .= " AND cp.fk_categorie = ".((int) $catid); } if ($catid == -2) { $sql .= " AND cp.fk_categorie IS NULL"; @@ -801,6 +820,7 @@ if ($resql) { } $varpage = empty($contextpage) ? $_SERVER["PHP_SELF"] : $contextpage; + $selectedfields = $form->multiSelectArrayWithCheckbox('selectedfields', $arrayfields, $varpage); // This also change content of $arrayfields if ($massactionbutton) { $selectedfields .= $form->showCheckAddButtons('checkforselect', 1); @@ -811,6 +831,11 @@ if ($resql) { // Lines with input filters print ''; + if (!empty($arrayfields['p.rowid']['checked'])) { + print ''; + } if (!empty($arrayfields['p.ref']['checked'])) { print ''; print ''; + if (!empty($arrayfields['p.rowid']['checked'])) { + print_liste_field_titre($arrayfields['p.rowid']['label'], $_SERVER["PHP_SELF"], "p.rowid", "", $param, "", $sortfield, $sortorder); + } if (!empty($arrayfields['p.ref']['checked'])) { print_liste_field_titre($arrayfields['p.ref']['label'], $_SERVER["PHP_SELF"], "p.ref", "", $param, "", $sortfield, $sortorder); } @@ -1236,8 +1264,8 @@ if ($resql) { $product_static->id = $obj->rowid; $product_static->ref = $obj->ref; - $product_static->ref_fourn = $obj->ref_supplier; // deprecated - $product_static->ref_supplier = $obj->ref_supplier; + $product_static->ref_fourn = empty($obj->ref_supplier) ? '' : $obj->ref_supplier; // deprecated + $product_static->ref_supplier = empty($obj->ref_supplier) ? '' : $obj->ref_supplier; $product_static->label = $obj->label; $product_static->finished = $obj->finished; $product_static->type = $obj->fk_product_type; @@ -1281,6 +1309,16 @@ if ($resql) { print ''; + // Ref + if (!empty($arrayfields['p.rowid']['checked'])) { + print '\n"; + if (!$i) { + $totalarray['nbfield']++; + } + } + // Ref if (!empty($arrayfields['p.ref']['checked'])) { print ''; } @@ -207,7 +208,7 @@ if ($result || empty($id)) { print $form->selectarray('search_year', $arrayyears, $search_year, 1, 0, 0, '', 0, 0, 0, '', 'width75'); print ''; print '
    '; + print (empty($conf->global->PRODUCT_DENY_CHANGE_PRODUCT_TYPE)) ? $form->editfieldkey("Type", 'fk_product_type', $object->type, $object, $usercancreate, $typeformat) : $langs->trans('Type'); + print ''; + print $form->editfieldval("Type", 'fk_product_type', $object->type, $object, $usercancreate, $typeformat); + print '
    '.$langs->trans("Nature").''; diff --git a/htdocs/product/document.php b/htdocs/product/document.php index 372e3c19bdc..0b15ad7a85c 100644 --- a/htdocs/product/document.php +++ b/htdocs/product/document.php @@ -95,9 +95,19 @@ if ($id > 0 || !empty($ref)) { } $modulepart = 'produit'; + $permissiontoadd = (($object->type == Product::TYPE_PRODUCT && $user->rights->produit->creer) || ($object->type == Product::TYPE_SERVICE && $user->rights->service->creer)); -$result = restrictedArea($user, 'produit|service', $fieldvalue, 'product&product', '', '', $fieldtype); +if ($object->id > 0) { + if ($object->type == $object::TYPE_PRODUCT) { + restrictedArea($user, 'produit', $object->id, 'product&product', '', ''); + } + if ($object->type == $object::TYPE_SERVICE) { + restrictedArea($user, 'service', $object->id, 'product&product', '', ''); + } +} else { + restrictedArea($user, 'produit|service', $fieldvalue, 'product&product', '', '', $fieldtype); +} /* diff --git a/htdocs/product/dynamic_price/class/price_global_variable.class.php b/htdocs/product/dynamic_price/class/price_global_variable.class.php index 5286b932ca7..87cb8dea2c5 100644 --- a/htdocs/product/dynamic_price/class/price_global_variable.class.php +++ b/htdocs/product/dynamic_price/class/price_global_variable.class.php @@ -93,7 +93,7 @@ class PriceGlobalVariable $sql .= ") VALUES ("; $sql .= " ".(isset($this->code) ? "'".$this->db->escape($this->code)."'" : "''").","; $sql .= " ".(isset($this->description) ? "'".$this->db->escape($this->description)."'" : "''").","; - $sql .= " ".$this->value; + $sql .= " ".((float) $this->value); $sql .= ")"; $this->db->begin(); @@ -182,7 +182,7 @@ class PriceGlobalVariable $sql = "UPDATE ".MAIN_DB_PREFIX.$this->table_element." SET"; $sql .= " code = ".(isset($this->code) ? "'".$this->db->escape($this->code)."'" : "''").","; $sql .= " description = ".(isset($this->description) ? "'".$this->db->escape($this->description)."'" : "''").","; - $sql .= " value = ".$this->value; + $sql .= " value = ".((float) $this->value); $sql .= " WHERE rowid = ".$this->id; $this->db->begin(); diff --git a/htdocs/product/dynamic_price/class/price_global_variable_updater.class.php b/htdocs/product/dynamic_price/class/price_global_variable_updater.class.php index 172c004a2d7..331a65971b6 100644 --- a/htdocs/product/dynamic_price/class/price_global_variable_updater.class.php +++ b/htdocs/product/dynamic_price/class/price_global_variable_updater.class.php @@ -103,12 +103,12 @@ class PriceGlobalVariableUpdater $sql = "INSERT INTO ".MAIN_DB_PREFIX.$this->table_element." ("; $sql .= "type, description, parameters, fk_variable, update_interval, next_update, last_status"; $sql .= ") VALUES ("; - $sql .= " ".$this->type.","; + $sql .= " ".((int) $this->type).","; $sql .= " ".(isset($this->description) ? "'".$this->db->escape($this->description)."'" : "''").","; $sql .= " ".(isset($this->parameters) ? "'".$this->db->escape($this->parameters)."'" : "''").","; - $sql .= " ".$this->fk_variable.","; - $sql .= " ".$this->update_interval.","; - $sql .= " ".$this->next_update.","; + $sql .= " ".((int) $this->fk_variable).","; + $sql .= " ".((int) $this->update_interval).","; + $sql .= " ".((int) $this->next_update).","; $sql .= " ".(isset($this->last_status) ? "'".$this->db->escape($this->last_status)."'" : "''"); $sql .= ")"; @@ -200,12 +200,12 @@ class PriceGlobalVariableUpdater // Update request $sql = "UPDATE ".MAIN_DB_PREFIX.$this->table_element." SET"; - $sql .= " type = ".$this->type.","; + $sql .= " type = ".((int) $this->type).","; $sql .= " description = ".(isset($this->description) ? "'".$this->db->escape($this->description)."'" : "''").","; $sql .= " parameters = ".(isset($this->parameters) ? "'".$this->db->escape($this->parameters)."'" : "''").","; - $sql .= " fk_variable = ".$this->fk_variable.","; - $sql .= " update_interval = ".$this->update_interval.","; - $sql .= " next_update = ".$this->next_update.","; + $sql .= " fk_variable = ".((int) $this->fk_variable).","; + $sql .= " update_interval = ".((int) $this->update_interval).","; + $sql .= " next_update = ".((int) $this->next_update).","; $sql .= " last_status = ".(isset($this->last_status) ? "'".$this->db->escape($this->last_status)."'" : "''"); $sql .= " WHERE rowid = ".$this->id; diff --git a/htdocs/product/fournisseurs.php b/htdocs/product/fournisseurs.php index 0d5ea9647f5..1234deef497 100644 --- a/htdocs/product/fournisseurs.php +++ b/htdocs/product/fournisseurs.php @@ -103,17 +103,16 @@ if ($id > 0 || $ref) { $object->fetch($id, $ref); } -$sortfield = GETPOST("sortfield", 'alpha'); -$sortorder = GETPOST("sortorder", 'alpha'); - -if (!$sortfield) { - $sortfield = "s.nom"; +if ($object->id > 0) { + if ($object->type == $object::TYPE_PRODUCT) { + restrictedArea($user, 'produit', $object->id, 'product&product', '', ''); + } + if ($object->type == $object::TYPE_SERVICE) { + restrictedArea($user, 'service', $object->id, 'product&product', '', ''); + } +} else { + restrictedArea($user, 'produit|service', $fieldvalue, 'product&product', '', '', $fieldtype); } -if (!$sortorder) { - $sortorder = "ASC"; -} - -$result = restrictedArea($user, 'produit|service', $fieldvalue, 'product&product', '', '', $fieldtype); /* @@ -383,7 +382,7 @@ if ($id > 0 || $ref) { echo $formconfirm; } - if ($action <> 'edit' && $action <> 're-edit') { + if ($action != 'edit' && $action != 're-edit') { $head = product_prepare_head($object); $titre = $langs->trans("CardProduct".$object->type); $picto = ($object->type == Product::TYPE_SERVICE ? 'service' : 'product'); @@ -836,12 +835,13 @@ END; print ''; print ''; - print ''; + print ''."\n"; } + // Actions buttons - print "\n
    \n"; + print '
    '."\n"; if ($action != 'add_price' && $action != 'update_price') { $parameters = array(); @@ -854,8 +854,7 @@ END; } } - print "\n
    \n"; - print '
    '; + print "
    \n"; if ($user->rights->fournisseur->lire) { // Duplicate ? this check is already in the head of this file $param = ''; @@ -1017,14 +1016,14 @@ END; // Supplier if (!empty($arrayfields['s.nom']['checked'])) { - print '    		'.$productfourn->getSocNomUrl(1, 'supplier').''.$productfourn->getSocNomUrl(1, 'supplier').''.$productfourn->getNomUrl().''.$productfourn->getNomUrl().''.$productfourn->fourn_ref.''.$productfourn->fourn_ref.''; if ($object->status == $object::STATUS_VALIDATED) { - $qty_view = GETPOST("id_".$obj->rowid) ? GETPOST("id_".$obj->rowid) : $obj->qty_view; + $qty_view = GETPOST("id_".$obj->rowid) && price2num(GETPOST("id_".$obj->rowid), 'MS') >= 0 ? GETPOST("id_".$obj->rowid) : $obj->qty_view; $totalfound += price2num($qty_view, 'MS'); print ''; print '
    '; + print ''; + print ''; print ''; @@ -1058,6 +1083,9 @@ if ($resql) { print '
    '; + print $product_static->id; + print "'; diff --git a/htdocs/product/note.php b/htdocs/product/note.php index add915181a2..fad4df3500b 100644 --- a/htdocs/product/note.php +++ b/htdocs/product/note.php @@ -51,7 +51,16 @@ if ($id > 0 || !empty($ref)) { $permissionnote = $user->rights->produit->creer; // Used by the include of actions_setnotes.inc.php -$result = restrictedArea($user, 'produit|service', $fieldvalue, 'product&product', '', '', $fieldtype); +if ($object->id > 0) { + if ($object->type == $object::TYPE_PRODUCT) { + restrictedArea($user, 'produit', $object->id, 'product&product', '', ''); + } + if ($object->type == $object::TYPE_SERVICE) { + restrictedArea($user, 'service', $object->id, 'product&product', '', ''); + } +} else { + restrictedArea($user, 'produit|service', $fieldvalue, 'product&product', '', '', $fieldtype); +} /* diff --git a/htdocs/product/popuprop.php b/htdocs/product/popuprop.php index f23b6eae92d..8ffae0bee8c 100644 --- a/htdocs/product/popuprop.php +++ b/htdocs/product/popuprop.php @@ -60,9 +60,7 @@ $offset = $limit * $page; $pageprev = $page - 1; $pagenext = $page + 1; -$staticproduct = new Product($db); - -$result = restrictedArea($user, 'produit|service', 0, 'product&product'); +restrictedArea($user, 'produit|service', 0, 'product&product', '', ''); /* @@ -213,7 +211,7 @@ if ($mode && $mode != '-1') { if (!empty($conf->global->MAIN_MULTILANGS)) { // si l'option est active $sql = "SELECT label"; $sql .= " FROM ".MAIN_DB_PREFIX."product_lang"; - $sql .= " WHERE fk_product=".$prodid; + $sql .= " WHERE fk_product = ".((int) $prodid); $sql .= " AND lang='".$db->escape($langs->getDefaultLang())."'"; $sql .= " LIMIT 1"; diff --git a/htdocs/product/price.php b/htdocs/product/price.php index 9548643166a..6cb782f00dd 100644 --- a/htdocs/product/price.php +++ b/htdocs/product/price.php @@ -82,7 +82,16 @@ if ((!empty($conf->global->PRODUIT_MULTIPRICES) || !empty($conf->global->PRODUIT // Initialize technical object to manage hooks of page. Note that conf->hooks_modules contains array of hook context $hookmanager->initHooks(array('productpricecard', 'globalcard')); -$result = restrictedArea($user, 'produit|service', $fieldvalue, 'product&product', '', '', $fieldtype); +if ($object->id > 0) { + if ($object->type == $object::TYPE_PRODUCT) { + restrictedArea($user, 'produit', $object->id, 'product&product', '', ''); + } + if ($object->type == $object::TYPE_SERVICE) { + restrictedArea($user, 'service', $object->id, 'product&product', '', ''); + } +} else { + restrictedArea($user, 'produit|service', $fieldvalue, 'product&product', '', '', $fieldtype); +} /* @@ -337,6 +346,7 @@ if (empty($reshook)) { $newprice = price2num($newprice, 'MU'); $newprice_min = price2num($val['price_min'], 'MU'); + $newvattx = price2num($val['vat_tx']); if (!empty($conf->global->PRODUCT_MINIMUM_RECOMMENDED_PRICE) && $newprice_min < $maxpricesupplier) { setEventMessages($langs->trans("MinimumPriceLimit", price($maxpricesupplier, 0, '', 1, - 1, - 1, 'auto')), null, 'errors'); @@ -344,13 +354,12 @@ if (empty($reshook)) { break; } - if ($object->multiprices[$key] != $newprice || $object->multiprices_min[$key] != $newprice_min || $object->multiprices_base_type[$key] != $val['price_base_type']) { + if ($object->multiprices[$key] != $newprice || $object->multiprices_min[$key] != $newprice_min || $object->multiprices_base_type[$key] != $val['price_base_type'] || $object->multiprices_tva_tx[$key] != $newvattx) { $res = $object->updatePrice($newprice, $val['price_base_type'], $user, $val['vat_tx'], $newprice_min, $key, $val['npr'], $psq, 0, $val['localtaxes_array'], $val['default_vat_code']); } else { $res = 0; } - if ($res < 0) { $error++; setEventMessages($object->error, $object->errors, 'errors'); diff --git a/htdocs/product/reassort.php b/htdocs/product/reassort.php index 342acb49b6e..f8db6915409 100644 --- a/htdocs/product/reassort.php +++ b/htdocs/product/reassort.php @@ -190,7 +190,7 @@ if ($fourn_id > 0) { } // Insert categ filter if ($search_categ) { - $sql .= " AND cp.fk_categorie = ".$db->escape($search_categ); + $sql .= " AND cp.fk_categorie = ".((int) $search_categ); } $sql .= " GROUP BY p.rowid, p.ref, p.label, p.barcode, p.price, p.price_ttc, p.price_base_type, p.entity,"; $sql .= " p.fk_product_type, p.tms, p.duration, p.tosell, p.tobuy, p.seuil_stock_alerte, p.desiredstock"; diff --git a/htdocs/product/reassortlot.php b/htdocs/product/reassortlot.php index 38b16cea44a..ea9901a3794 100644 --- a/htdocs/product/reassortlot.php +++ b/htdocs/product/reassortlot.php @@ -179,7 +179,7 @@ if ($fourn_id > 0) { } // Insert categ filter if ($search_categ) { - $sql .= " AND cp.fk_categorie = ".$db->escape($search_categ); + $sql .= " AND cp.fk_categorie = ".((int) $search_categ); } if ($search_warehouse) { $sql .= natural_search("e.ref", $search_warehouse); diff --git a/htdocs/product/stats/bom.php b/htdocs/product/stats/bom.php index 053d9d6b1a8..52eec409185 100644 --- a/htdocs/product/stats/bom.php +++ b/htdocs/product/stats/bom.php @@ -41,10 +41,9 @@ $fieldtype = (!empty($ref) ? 'ref' : 'rowid'); if ($user->socid) { $socid = $user->socid; } -$result = restrictedArea($user, 'produit|service', $fieldvalue, 'product&product', '', '', $fieldtype); // Initialize technical object to manage hooks of page. Note that conf->hooks_modules contains array of hook context -$hookmanager->initHooks(array('productstatscontract')); +$hookmanager->initHooks(array('productstatsbom')); $mesg = ''; $option = ''; @@ -67,6 +66,8 @@ if (!$sortfield) { $sortfield = "b.date_valid"; } +$result = restrictedArea($user, 'produit|service', $fieldvalue, 'product&product', '', '', $fieldtype); + /* * View @@ -137,7 +138,7 @@ if ($id > 0 || !empty($ref)) { $sql .= " FROM ".MAIN_DB_PREFIX."bom_bom as b"; $sql .= " WHERE "; $sql .= " b.entity IN (".getEntity('bom').")"; - $sql .= " AND b.fk_product =".$product->id; + $sql .= " AND b.fk_product = ".((int) $product->id); $sql .= $db->order($sortfield, $sortorder); // Count total nb of records @@ -183,9 +184,8 @@ if ($id > 0 || !empty($ref)) { $sql .= " SUM(bl.qty) as qty_toconsume"; $sql .= " FROM ".MAIN_DB_PREFIX."bom_bom as b"; $sql .= " INNER JOIN ".MAIN_DB_PREFIX."bom_bomline as bl ON bl.fk_bom=b.rowid"; - $sql .= " WHERE "; - $sql .= " b.entity IN (".getEntity('bom').")"; - $sql .= " AND bl.fk_product=".$product->id; + $sql .= " WHERE b.entity IN (".getEntity('bom').")"; + $sql .= " AND bl.fk_product = ".((int) $product->id); $sql .= " GROUP BY b.rowid, b.ref, b.date_valid, b.status"; $sql .= $db->order($sortfield, $sortorder); diff --git a/htdocs/product/stats/card.php b/htdocs/product/stats/card.php index 2dae292884e..6929c70a5ff 100644 --- a/htdocs/product/stats/card.php +++ b/htdocs/product/stats/card.php @@ -58,7 +58,6 @@ if (!empty($user->socid)) { // Security check $fieldvalue = (!empty($id) ? $id : $ref); $fieldtype = (!empty($ref) ? 'ref' : 'rowid'); -$result = restrictedArea($user, 'produit|service', $fieldvalue, 'product&product', '', '', $fieldtype); $tmp = dol_getdate(dol_now()); $currentyear = $tmp['year']; @@ -66,6 +65,8 @@ if (empty($search_year)) { $search_year = $currentyear; } +$result = restrictedArea($user, 'produit|service', $fieldvalue, 'product&product', '', '', $fieldtype); + /* * Actions @@ -184,8 +185,8 @@ if ($result || empty($id)) { // Tag if ($conf->categorie->enabled) { print '
    '.$langs->trans("Categories").''; - $moreforfilter .= img_picto($langs->trans("Categories"), 'category', 'paddingright'); - $moreforfilter .= $htmlother->select_categories(Categorie::TYPE_PRODUCT, $search_categ, 'search_categ', 1); + $moreforfilter .= img_picto($langs->trans("Categories"), 'category', 'class="pictofixedwidth"'); + $moreforfilter .= $htmlother->select_categories(Categorie::TYPE_PRODUCT, $search_categ, 'search_categ', 1, 1, 'widthcentpercentminusx maxwidth300'); print $moreforfilter; print '
    '; - print '
    '; + print '
    '; print '
    '; print '
    '; diff --git a/htdocs/product/stats/commande.php b/htdocs/product/stats/commande.php index fe8016f362a..623306536b7 100644 --- a/htdocs/product/stats/commande.php +++ b/htdocs/product/stats/commande.php @@ -43,13 +43,10 @@ $socid = ''; if (!empty($user->socid)) { $socid = $user->socid; } -$result = restrictedArea($user, 'produit|service', $fieldvalue, 'product&product', '', '', $fieldtype); // Initialize technical object to manage hooks of page. Note that conf->hooks_modules contains array of hook context $hookmanager->initHooks(array('productstatsorder')); -$mesg = ''; - // Load variable for pagination $limit = GETPOST('limit', 'int') ?GETPOST('limit', 'int') : $conf->liste_limit; $sortfield = GETPOST("sortfield", 'alpha'); @@ -75,6 +72,9 @@ if (GETPOST('button_removefilter_x', 'alpha') || GETPOST('button_removefilter', $search_year = ''; } +$result = restrictedArea($user, 'produit|service', $fieldvalue, 'product&product', '', '', $fieldtype); + + /* * View */ @@ -151,7 +151,7 @@ if ($id > 0 || !empty($ref)) { $sql .= " WHERE c.fk_soc = s.rowid"; $sql .= " AND c.entity IN (".getEntity('commande').")"; $sql .= " AND d.fk_commande = c.rowid"; - $sql .= " AND d.fk_product =".$product->id; + $sql .= " AND d.fk_product = ".((int) $product->id); if (!empty($search_month)) { $sql .= ' AND MONTH(c.date_commande) IN ('.$db->sanitize($search_month).')'; } @@ -159,7 +159,7 @@ if ($id > 0 || !empty($ref)) { $sql .= ' AND YEAR(c.date_commande) IN ('.$db->sanitize($search_year).')'; } if (!$user->rights->societe->client->voir && !$socid) { - $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".$user->id; + $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid) { $sql .= " AND c.fk_soc = ".((int) $socid); diff --git a/htdocs/product/stats/commande_fournisseur.php b/htdocs/product/stats/commande_fournisseur.php index bc8346e39b1..fd64a1c0572 100644 --- a/htdocs/product/stats/commande_fournisseur.php +++ b/htdocs/product/stats/commande_fournisseur.php @@ -42,10 +42,9 @@ $socid = ''; if (!empty($user->socid)) { $socid = $user->socid; } -$result = restrictedArea($user, 'produit|service', $fieldvalue, 'product&product', '', '', $fieldtype); // Initialize technical object to manage hooks of page. Note that conf->hooks_modules contains array of hook context -$hookmanager->initHooks(array('productstatssupplyorder')); +$hookmanager->initHooks(array('productstatssupplierorder')); $mesg = ''; @@ -74,6 +73,8 @@ if (GETPOST('button_removefilter_x', 'alpha') || GETPOST('button_removefilter', $search_year = ''; } +$result = restrictedArea($user, 'produit|service', $fieldvalue, 'product&product', '', '', $fieldtype); + /* * View @@ -151,7 +152,7 @@ if ($id > 0 || !empty($ref)) { $sql .= " WHERE c.fk_soc = s.rowid"; $sql .= " AND c.entity = ".$conf->entity; $sql .= " AND d.fk_commande = c.rowid"; - $sql .= " AND d.fk_product =".$product->id; + $sql .= " AND d.fk_product = ".((int) $product->id); if (!empty($search_month)) { $sql .= ' AND MONTH(c.date_commande) IN ('.$db->sanitize($search_month).')'; } @@ -159,7 +160,7 @@ if ($id > 0 || !empty($ref)) { $sql .= ' AND YEAR(c.date_commande) IN ('.$db->sanitize($search_year).')'; } if (!$user->rights->societe->client->voir && !$socid) { - $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".$user->id; + $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); } if ($socid) { $sql .= " AND c.fk_soc = ".((int) $socid); diff --git a/htdocs/product/stats/contrat.php b/htdocs/product/stats/contrat.php index e419593208c..f71c907a430 100644 --- a/htdocs/product/stats/contrat.php +++ b/htdocs/product/stats/contrat.php @@ -40,13 +40,10 @@ $fieldtype = (!empty($ref) ? 'ref' : 'rowid'); if ($user->socid) { $socid = $user->socid; } -$result = restrictedArea($user, 'produit|service', $fieldvalue, 'product&product', '', '', $fieldtype); // Initialize technical object to manage hooks of page. Note that conf->hooks_modules contains array of hook context $hookmanager->initHooks(array('productstatscontract')); -$mesg = ''; - // Load variable for pagination $limit = GETPOST('limit', 'int') ?GETPOST('limit', 'int') : $conf->liste_limit; $sortfield = GETPOST("sortfield", 'alpha'); @@ -65,6 +62,8 @@ if (!$sortfield) { $sortfield = "c.date_contrat"; } +$result = restrictedArea($user, 'produit|service', $fieldvalue, 'product&product', '', '', $fieldtype); + /* * View @@ -143,7 +142,7 @@ if ($id > 0 || !empty($ref)) { $sql .= " WHERE c.rowid = cd.fk_contrat"; $sql .= " AND c.fk_soc = s.rowid"; $sql .= " AND c.entity IN (".getEntity('contract').")"; - $sql .= " AND cd.fk_product =".$product->id; + $sql .= " AND cd.fk_product = ".((int) $product->id); if (!$user->rights->societe->client->voir && !$socid) { $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".$user->id; } diff --git a/htdocs/product/stats/facture.php b/htdocs/product/stats/facture.php index fa7d4fae24f..b8a83e847c2 100644 --- a/htdocs/product/stats/facture.php +++ b/htdocs/product/stats/facture.php @@ -44,7 +44,6 @@ $socid = ''; if (!empty($user->socid)) { $socid = $user->socid; } -$result = restrictedArea($user, 'produit|service', $fieldvalue, 'product&product', '', '', $fieldtype); // Initialize technical object to manage hooks of page. Note that conf->hooks_modules contains array of hook context $hookmanager->initHooks(array('productstatsinvoice')); @@ -77,6 +76,7 @@ if (GETPOST('button_removefilter_x', 'alpha') || GETPOST('button_removefilter', $search_year = ''; } +$result = restrictedArea($user, 'produit|service', $fieldvalue, 'product&product', '', '', $fieldtype); /* @@ -168,7 +168,7 @@ if ($id > 0 || !empty($ref)) { $sql .= " WHERE f.fk_soc = s.rowid"; $sql .= " AND f.entity IN (".getEntity('invoice').")"; $sql .= " AND d.fk_facture = f.rowid"; - $sql .= " AND d.fk_product =".$product->id; + $sql .= " AND d.fk_product = ".((int) $product->id); if (!empty($search_month)) { $sql .= ' AND MONTH(f.datef) IN ('.$db->sanitize($search_month).')'; } diff --git a/htdocs/product/stats/facture_fournisseur.php b/htdocs/product/stats/facture_fournisseur.php index 018f1c28f02..6eaf5a33e22 100644 --- a/htdocs/product/stats/facture_fournisseur.php +++ b/htdocs/product/stats/facture_fournisseur.php @@ -44,12 +44,9 @@ $socid = ''; if (!empty($user->socid)) { $socid = $user->socid; } -$result = restrictedArea($user, 'produit|service', $fieldvalue, 'product&product', '', '', $fieldtype); // Initialize technical object to manage hooks of page. Note that conf->hooks_modules contains array of hook context -$hookmanager->initHooks(array('productstatssupplyinvoice')); - -$mesg = ''; +$hookmanager->initHooks(array('productstatssupplierinvoice')); // Load variable for pagination $limit = GETPOST('limit', 'int') ?GETPOST('limit', 'int') : $conf->liste_limit; @@ -76,6 +73,9 @@ if (GETPOST('button_removefilter_x', 'alpha') || GETPOST('button_removefilter', $search_year = ''; } +$result = restrictedArea($user, 'produit|service', $fieldvalue, 'product&product', '', '', $fieldtype); + + /* * View */ @@ -151,7 +151,7 @@ if ($id > 0 || !empty($ref)) { $sql .= " WHERE f.fk_soc = s.rowid"; $sql .= " AND f.entity IN (".getEntity('facture_fourn').")"; $sql .= " AND d.fk_facture_fourn = f.rowid"; - $sql .= " AND d.fk_product =".$product->id; + $sql .= " AND d.fk_product = ".((int) $product->id); if (!empty($search_month)) { $sql .= ' AND MONTH(f.datef) IN ('.$db->sanitize($search_month).')'; } diff --git a/htdocs/product/stats/mo.php b/htdocs/product/stats/mo.php index 1cabfd9ef85..3781d23699a 100644 --- a/htdocs/product/stats/mo.php +++ b/htdocs/product/stats/mo.php @@ -40,12 +40,9 @@ $fieldtype = (!empty($ref) ? 'ref' : 'rowid'); if ($user->socid) { $socid = $user->socid; } -$result = restrictedArea($user, 'produit|service', $fieldvalue, 'product&product', '', '', $fieldtype); // Initialize technical object to manage hooks of page. Note that conf->hooks_modules contains array of hook context -$hookmanager->initHooks(array('productstatscontract')); - -$mesg = ''; +$hookmanager->initHooks(array('productstatsmo')); // Load variable for pagination $limit = GETPOST('limit', 'int') ?GETPOST('limit', 'int') : $conf->liste_limit; @@ -65,6 +62,8 @@ if (!$sortfield) { $sortfield = "c.date_valid"; } +$result = restrictedArea($user, 'produit|service', $fieldvalue, 'product&product', '', '', $fieldtype); + /* * View @@ -138,7 +137,7 @@ if ($id > 0 || !empty($ref)) { $sql .= ", ".MAIN_DB_PREFIX."mrp_production as cd"; $sql .= " WHERE c.rowid = cd.fk_mo"; $sql .= " AND c.entity IN (".getEntity('mo').")"; - $sql .= " AND cd.fk_product =".$product->id; + $sql .= " AND cd.fk_product = ".((int) $product->id); if ($socid) { $sql .= " AND s.rowid = ".((int) $socid); } diff --git a/htdocs/product/stats/propal.php b/htdocs/product/stats/propal.php index 7dfc8b6d1db..f2a26d4af73 100644 --- a/htdocs/product/stats/propal.php +++ b/htdocs/product/stats/propal.php @@ -48,8 +48,6 @@ $result = restrictedArea($user, 'produit|service', $fieldvalue, 'product&product // Initialize technical object to manage hooks of page. Note that conf->hooks_modules contains array of hook context $hookmanager->initHooks(array('productstatspropal')); -$mesg = ''; - // Load variable for pagination $limit = GETPOST('limit', 'int') ?GETPOST('limit', 'int') : $conf->liste_limit; $sortfield = GETPOST('sortfield', 'aZ09comma'); @@ -76,6 +74,9 @@ if (GETPOST('button_removefilter_x', 'alpha') || GETPOST('button_removefilter', $search_year = ''; } +$result = restrictedArea($user, 'produit|service', $fieldvalue, 'product&product', '', '', $fieldtype); + + /* * View */ @@ -152,7 +153,7 @@ if ($id > 0 || !empty($ref)) { $sql .= " WHERE p.fk_soc = s.rowid"; $sql .= " AND p.entity IN (".getEntity('propal').")"; $sql .= " AND d.fk_propal = p.rowid"; - $sql .= " AND d.fk_product =".$product->id; + $sql .= " AND d.fk_product = ".((int) $product->id); if (!empty($search_month)) { $sql .= ' AND MONTH(p.datep) IN ('.$db->sanitize($search_month).')'; } diff --git a/htdocs/product/stats/supplier_proposal.php b/htdocs/product/stats/supplier_proposal.php index 86689786b2d..b30983bbda5 100644 --- a/htdocs/product/stats/supplier_proposal.php +++ b/htdocs/product/stats/supplier_proposal.php @@ -43,12 +43,9 @@ $socid = ''; if (!empty($user->socid)) { $socid = $user->socid; } -$result = restrictedArea($user, 'produit|service', $fieldvalue, 'product&product', '', '', $fieldtype); // Initialize technical object to manage hooks of page. Note that conf->hooks_modules contains array of hook context -$hookmanager->initHooks(array('productstatspropal')); - -$mesg = ''; +$hookmanager->initHooks(array('productstatssupplierpropal')); // Load variable for pagination $limit = GETPOST('limit', 'int') ?GETPOST('limit', 'int') : $conf->liste_limit; @@ -76,6 +73,9 @@ if (GETPOST('button_removefilter_x', 'alpha') || GETPOST('button_removefilter', $search_year = ''; } +$result = restrictedArea($user, 'produit|service', $fieldvalue, 'product&product', '', '', $fieldtype); + + /* * View */ @@ -152,7 +152,7 @@ if ($id > 0 || !empty($ref)) { $sql .= " WHERE p.fk_soc = s.rowid"; $sql .= " AND p.entity IN (".getEntity('supplier_proposal').")"; $sql .= " AND d.fk_supplier_proposal = p.rowid"; - $sql .= " AND d.fk_product =".$product->id; + $sql .= " AND d.fk_product = ".((int) $product->id); if (!empty($search_month)) { $sql .= ' AND MONTH(p.datep) IN ('.$db->sanitize($search_month).')'; } diff --git a/htdocs/product/stock/card.php b/htdocs/product/stock/card.php index 91284944397..55ab129edee 100644 --- a/htdocs/product/stock/card.php +++ b/htdocs/product/stock/card.php @@ -645,7 +645,7 @@ if ($action == 'create') { $sql .= " WHERE ps.fk_product = p.rowid"; $sql .= " AND ps.reel <> 0"; // We do not show if stock is 0 (no product in this warehouse) - $sql .= " AND ps.fk_entrepot = ".$object->id; + $sql .= " AND ps.fk_entrepot = ".((int) $object->id); if ($separatedPMP) { $sql .= " AND pa.fk_product = p.rowid AND pa.entity = ". (int) $conf->entity; diff --git a/htdocs/product/stock/class/api_stockmovements.class.php b/htdocs/product/stock/class/api_stockmovements.class.php index 9b022a840fc..42a03a1836a 100644 --- a/htdocs/product/stock/class/api_stockmovements.class.php +++ b/htdocs/product/stock/class/api_stockmovements.class.php @@ -95,7 +95,7 @@ class StockMovements extends DolibarrApi */ public function index($sortfield = "t.rowid", $sortorder = 'ASC', $limit = 100, $page = 0, $sqlfilters = '') { - global $db, $conf; + global $conf; $obj_ret = array(); @@ -176,7 +176,7 @@ class StockMovements extends DolibarrApi } if ($qty == 0) { - throw new RestException(503, "Making a stock movement with a quentity of 0 is not possible"); + throw new RestException(503, "Making a stock movement with a quantity of 0 is not possible"); } // Type increase or decrease diff --git a/htdocs/product/stock/class/entrepot.class.php b/htdocs/product/stock/class/entrepot.class.php index dc15e092155..c7516066e7f 100644 --- a/htdocs/product/stock/class/entrepot.class.php +++ b/htdocs/product/stock/class/entrepot.class.php @@ -127,7 +127,7 @@ class Entrepot extends CommonObject 'ref' =>array('type'=>'varchar(255)', 'label'=>'Ref', 'enabled'=>1, 'visible'=>1, 'showoncombobox'=>1, 'position'=>25, 'searchall'=>1), 'entity' =>array('type'=>'integer', 'label'=>'Entity', 'enabled'=>1, 'visible'=>0, 'notnull'=>1, 'position'=>30), 'description' =>array('type'=>'text', 'label'=>'Description', 'enabled'=>1, 'visible'=>-2, 'position'=>35, 'searchall'=>1), - 'lieu' =>array('type'=>'varchar(64)', 'label'=>'LocationSummary', 'enabled'=>1, 'visible'=>1, 'position'=>40, 'showoncombobox'=>1, 'searchall'=>1), + 'lieu' =>array('type'=>'varchar(64)', 'label'=>'LocationSummary', 'enabled'=>1, 'visible'=>1, 'position'=>40, 'showoncombobox'=>2, 'searchall'=>1), 'fk_parent' =>array('type'=>'integer:Entrepot:product/stock/class/entrepot.class.php:1:statut=1 AND entity IN (__SHARED_ENTITIES__)', 'label'=>'ParentWarehouse', 'enabled'=>1, 'visible'=>-2, 'position'=>41), 'fk_project' =>array('type'=>'integer:Project:projet/class/project.class.php:1:fk_statut=1', 'label'=>'Project', 'enabled'=>1, 'visible'=>-1, 'position'=>25), 'address' =>array('type'=>'varchar(255)', 'label'=>'Address', 'enabled'=>1, 'visible'=>-2, 'position'=>45, 'searchall'=>1), @@ -293,17 +293,17 @@ class Entrepot extends CommonObject $this->town = trim($this->town); $this->country_id = ($this->country_id > 0 ? $this->country_id : 0); - $sql = "UPDATE ".MAIN_DB_PREFIX."entrepot "; + $sql = "UPDATE ".MAIN_DB_PREFIX."entrepot"; $sql .= " SET ref = '".$this->db->escape($this->label)."'"; $sql .= ", fk_parent = ".(($this->fk_parent > 0) ? $this->fk_parent : "NULL"); $sql .= ", fk_project = ".(($this->fk_project > 0) ? $this->fk_project : "NULL"); $sql .= ", description = '".$this->db->escape($this->description)."'"; - $sql .= ", statut = ".$this->statut; + $sql .= ", statut = ".((int) $this->statut); $sql .= ", lieu = '".$this->db->escape($this->lieu)."'"; $sql .= ", address = '".$this->db->escape($this->address)."'"; $sql .= ", zip = '".$this->db->escape($this->zip)."'"; $sql .= ", town = '".$this->db->escape($this->town)."'"; - $sql .= ", fk_pays = ".$this->country_id; + $sql .= ", fk_pays = ".((int) $this->country_id); $sql .= ", phone = '".$this->db->escape($this->phone)."'"; $sql .= ", fax = '".$this->db->escape($this->fax)."'"; $sql .= " WHERE rowid = ".((int) $id); diff --git a/htdocs/product/stock/class/mouvementstock.class.php b/htdocs/product/stock/class/mouvementstock.class.php index 4877bb861ab..f0c7d51c86b 100644 --- a/htdocs/product/stock/class/mouvementstock.class.php +++ b/htdocs/product/stock/class/mouvementstock.class.php @@ -126,27 +126,28 @@ class MouvementStock extends CommonObject // phpcs:disable PEAR.NamingConventions.ValidFunctionName.PublicUnderscore /** * Add a movement of stock (in one direction only). + * This is the lowest level method to record a stock change. * $this->origin can be also be set to save the source object of movement. * - * @param User $user User object - * @param int $fk_product Id of product - * @param int $entrepot_id Id of warehouse - * @param int $qty Qty of movement (can be <0 or >0 depending on parameter type) - * @param int $type Direction of movement: - * 0=input (stock increase by a stock transfer), 1=output (stock decrease by a stock transfer), - * 2=output (stock decrease), 3=input (stock increase) - * Note that qty should be > 0 with 0 or 3, < 0 with 1 or 2. - * @param int $price Unit price HT of product, used to calculate average weighted price (AWP or PMP in french). If 0, average weighted price is not changed. - * @param string $label Label of stock movement - * @param string $inventorycode Inventory code - * @param string $datem Force date of movement + * @param User $user User object + * @param int $fk_product Id of product + * @param int $entrepot_id Id of warehouse + * @param int $qty Qty of movement (can be <0 or >0 depending on parameter type) + * @param int $type Direction of movement: + * 0=input (stock increase by a stock transfer), 1=output (stock decrease by a stock transfer), + * 2=output (stock decrease), 3=input (stock increase) + * Note that qty should be > 0 with 0 or 3, < 0 with 1 or 2. + * @param int $price Unit price HT of product, used to calculate average weighted price (AWP or PMP in french). If 0, average weighted price is not changed. + * @param string $label Label of stock movement + * @param string $inventorycode Inventory code + * @param string $datem Force date of movement * @param integer|string $eatby eat-by date. Will be used if lot does not exists yet and will be created. * @param integer|string $sellby sell-by date. Will be used if lot does not exists yet and will be created. - * @param string $batch batch number - * @param boolean $skip_batch If set to true, stock movement is done without impacting batch record - * @param int $id_product_batch Id product_batch (when skip_batch is false and we already know which record of product_batch to use) - * @param int $disablestockchangeforsubproduct Disable stock change for sub-products of kit (usefull only if product is a subproduct) - * @return int <0 if KO, 0 if fk_product is null or product id does not exists, >0 if OK + * @param string $batch batch number + * @param boolean $skip_batch If set to true, stock movement is done without impacting batch record + * @param int $id_product_batch Id product_batch (when skip_batch is false and we already know which record of product_batch to use) + * @param int $disablestockchangeforsubproduct Disable stock change for sub-products of kit (usefull only if product is a subproduct) + * @return int <0 if KO, 0 if fk_product is null or product id does not exists, >0 if OK */ public function _create($user, $fk_product, $entrepot_id, $qty, $type, $price = 0, $label = '', $inventorycode = '', $datem = '', $eatby = '', $sellby = '', $batch = '', $skip_batch = false, $id_product_batch = 0, $disablestockchangeforsubproduct = 0) { @@ -159,10 +160,10 @@ class MouvementStock extends CommonObject $error = 0; dol_syslog(get_class($this)."::_create start userid=$user->id, fk_product=$fk_product, warehouse_id=$entrepot_id, qty=$qty, type=$type, price=$price, label=$label, inventorycode=$inventorycode, datem=".$datem.", eatby=".$eatby.", sellby=".$sellby.", batch=".$batch.", skip_batch=".$skip_batch); - // start hook at beginning + // Call hook at beginning global $action, $hookmanager; $hookmanager->initHooks(array('mouvementstock')); - // Hook of thirdparty module + if (is_object($hookmanager)) { $parameters = array( 'currentcontext' => 'mouvementstock', @@ -181,11 +182,12 @@ class MouvementStock extends CommonObject 'skip_batch' => &$skip_batch, 'id_product_batch' => &$id_product_batch ); - $reshook = $hookmanager->executeHooks('stockMovementCreate', $parameters, $this, $action); // Note that $action and $object may have been modified by some hooks + $reshook = $hookmanager->executeHooks('stockMovementCreate', $parameters, $this, $action); // Note that $action and $object may have been modified by some hooks if ($reshook < 0) { - if (!empty($hookmanager->resPrint)) + if (!empty($hookmanager->resPrint)) { dol_print_error('', $hookmanager->resPrint); + } return $reshook; } elseif ($reshook > 0) { return $hookmanager->resPrint; @@ -199,7 +201,8 @@ class MouvementStock extends CommonObject $now = (!empty($datem) ? $datem : dol_now()); // Check parameters - if (empty($fk_product)) return 0; + if (!($fk_product > 0)) return 0; + if (!($entrepot_id > 0)) return 0; if (is_numeric($eatby) && $eatby < 0) { dol_syslog(get_class($this)."::_create start ErrorBadValueForParameterEatBy eatby = ".$eatby); @@ -235,15 +238,23 @@ class MouvementStock extends CommonObject dol_print_error('', "Failed to fetch product"); return -1; } - if ($product->id <= 0) { // Can happen if database is corrupted + if ($product->id <= 0) { // Can happen if database is corrupted (a product id exist in stock with product that has been removed) return 0; } + // Define if we must make the stock change (If product type is a service or if stock is used also for services) + // Only record into stock tables wil be disabled by this (the rest like writing into lot table or movement of subproucts are done) + $movestock = 0; + if ($product->type != Product::TYPE_SERVICE || !empty($conf->global->STOCK_SUPPORTS_SERVICES)) $movestock = 1; + $this->db->begin(); - $product->load_stock('novirtual'); + // Set value $product->stock_reel and detail per warehouse into $product->stock_warehouse array + if ($movestock) { + $product->load_stock('novirtual'); + } - // Test if product require batch data. If yes, and there is not, we throw an error. + // Test if product require batch data. If yes, and there is not or values are not correct, we throw an error. if (!empty($conf->productbatch->enabled) && $product->hasbatch() && !$skip_batch) { if (empty($batch)) { $langs->load("errors"); @@ -261,7 +272,7 @@ class MouvementStock extends CommonObject // If found and eatby/sellby not defined into table and not provided, we do nothing // If not found, we add record $sql = "SELECT pb.rowid, pb.batch, pb.eatby, pb.sellby FROM ".MAIN_DB_PREFIX."product_lot as pb"; - $sql .= " WHERE pb.fk_product = ".$fk_product." AND pb.batch = '".$this->db->escape($batch)."'"; + $sql .= " WHERE pb.fk_product = ".((int) $fk_product)." AND pb.batch = '".$this->db->escape($batch)."'"; dol_syslog(get_class($this)."::_create scan serial for this product to check if eatby and sellby match", LOG_DEBUG); $resql = $this->db->query($sql); if ($resql) { @@ -353,18 +364,18 @@ class MouvementStock extends CommonObject } } - // Define if we must make the stock change (If product type is a service or if stock is used also for services) - $movestock = 0; - if ($product->type != Product::TYPE_SERVICE || !empty($conf->global->STOCK_SUPPORTS_SERVICES)) $movestock = 1; - // Check if stock is enough when qty is < 0 // Note that qty should be > 0 with type 0 or 3, < 0 with type 1 or 2. if ($movestock && $qty < 0 && empty($conf->global->STOCK_ALLOW_NEGATIVE_TRANSFER)) { if (!empty($conf->productbatch->enabled) && $product->hasbatch() && !$skip_batch) { $foundforbatch = 0; $qtyisnotenough = 0; + foreach ($product->stock_warehouse[$entrepot_id]->detail_batch as $batchcursor => $prodbatch) { - if ($batch != $batchcursor) continue; + if ((string) $batch != (string) $batchcursor) { // Lot '59' must be different than lot '59c' + continue; + } + $foundforbatch = 1; if ($prodbatch->qty < abs($qty)) $qtyisnotenough = $prodbatch->qty; break; @@ -391,7 +402,7 @@ class MouvementStock extends CommonObject } } - if ($movestock && $entrepot_id > 0) { // Change stock for current product, change for subproduct is done after + if ($movestock) { // Change stock for current product, change for subproduct is done after // Set $origintype, fk_origin, fk_project $fk_project = 0; if (!empty($this->origin)) { // This is set by caller for tracking reason @@ -421,14 +432,14 @@ class MouvementStock extends CommonObject $sql .= " ".($batch ? "'".$this->db->escape($batch)."'" : "null").", "; $sql .= " ".($eatby ? "'".$this->db->idate($eatby)."'" : "null").", "; $sql .= " ".($sellby ? "'".$this->db->idate($sellby)."'" : "null").", "; - $sql .= " ".$this->entrepot_id.", ".$this->qty.", ".((int) $this->type).","; - $sql .= " ".$user->id.","; + $sql .= " ".((int) $this->entrepot_id).", ".((float) $this->qty).", ".((int) $this->type).","; + $sql .= " ".((int) $user->id).","; $sql .= " '".$this->db->escape($label)."',"; $sql .= " ".($inventorycode ? "'".$this->db->escape($inventorycode)."'" : "null").","; $sql .= " ".price2num($price).","; - $sql .= " ".$fk_origin.","; + $sql .= " ".((int) $fk_origin).","; $sql .= " '".$this->db->escape($origintype)."',"; - $sql .= " ".$fk_project; + $sql .= " ".((int) $fk_project); $sql .= ")"; dol_syslog(get_class($this)."::_create insert record into stock_mouvement", LOG_DEBUG); @@ -520,27 +531,16 @@ class MouvementStock extends CommonObject } } - // Update detail stock for batch product + // Update detail of stock for the lot. if (!$error && !empty($conf->productbatch->enabled) && $product->hasbatch() && !$skip_batch) { - // check unicity for serial numbered equipments ( different for lots managed products) - if ( $product->status_batch == 2 && $qty > 0 ) { - if ( $this->getBatchCount($fk_product, $batch) > 0 ) { - $error++; - $this->errors[] = $langs->trans("SerialNumberAlreadyInUse", $batch, $product->ref); - } elseif ( $qty > 1 ) { - $error++; - $this->errors[] = $langs->trans("TooManyQtyForSerialNumber", $product->ref, $batch); - } + if ($id_product_batch > 0) { + $result = $this->createBatch($id_product_batch, $qty); + } else { + $param_batch = array('fk_product_stock' =>$fk_product_stock, 'batchnumber'=>$batch); + $result = $this->createBatch($param_batch, $qty); } - - if ( ! $error ) { - if ($id_product_batch > 0) { - $result = $this->createBatch($id_product_batch, $qty); - } else { - $param_batch = array('fk_product_stock' =>$fk_product_stock, 'batchnumber'=>$batch); - $result = $this->createBatch($param_batch, $qty); - } - if ($result < 0) $error++; + if ($result < 0) { + $error++; } } @@ -580,6 +580,16 @@ class MouvementStock extends CommonObject $result = $this->call_trigger('STOCK_MOVEMENT', $user); if ($result < 0) $error++; // End call triggers + + // Check unicity for serial numbered equipments once all movement were done. + if (!$error && !empty($conf->productbatch->enabled) && $product->hasbatch() && !$skip_batch) { + if ($product->status_batch == 2 && $qty > 0) { // We check only if we increased qty + if ($this->getBatchCount($fk_product, $batch) > 1) { + $error++; + $this->errors[] = $langs->trans("TooManyQtyForSerialNumber", $batch, $product->ref); + } + } + } } if (!$error) { @@ -1199,16 +1209,14 @@ class MouvementStock extends CommonObject } /** - * Retrieve number of equipments for a product batch + * Retrieve number of equipments for a product lot/serial * - * @param int $fk_product Product id - * @param varchar $batch batch number - * @return int <0 if KO, number of equipments if OK + * @param int $fk_product Product id + * @param string $batch batch number + * @return int <0 if KO, number of equipments found if OK */ private function getBatchCount($fk_product, $batch) { - global $conf; - $cpt = 0; $sql = "SELECT sum(pb.qty) as cpt"; diff --git a/htdocs/product/stock/list.php b/htdocs/product/stock/list.php index ae8b13c776f..1d54244d4f0 100644 --- a/htdocs/product/stock/list.php +++ b/htdocs/product/stock/list.php @@ -106,7 +106,7 @@ foreach ($object->fields as $key => $val) { // List of fields to search into when doing a "search in all" $fieldstosearchall = array(); foreach ($object->fields as $key => $val) { - if ($val['searchall']) { + if (!empty($val['searchall'])) { $fieldstosearchall['t.'.$key] = $val['label']; } } @@ -628,6 +628,12 @@ if ($num) { if (!$i) { $totalarray['pos'][$totalarray['nbfield']] = 't.'.$key; } + if (!isset($totalarray['val'])) { + $totalarray['val'] = array(); + } + if (!isset($totalarray['val']['t.'.$key])) { + $totalarray['val']['t.'.$key] = 0; + } $totalarray['val']['t.'.$key] += $warehouse->$key; } } diff --git a/htdocs/product/stock/movement_list.php b/htdocs/product/stock/movement_list.php index 0f2cec28ec9..44e9e7ecea9 100644 --- a/htdocs/product/stock/movement_list.php +++ b/htdocs/product/stock/movement_list.php @@ -86,6 +86,7 @@ $search_user = trim(GETPOST("search_user")); $search_batch = trim(GETPOST("search_batch")); $search_qty = trim(GETPOST("search_qty")); $search_type_mouvement = GETPOST('search_type_mouvement', 'int'); +$search_fk_projet=GETPOST("search_fk_projet", 'int'); $limit = GETPOST('limit', 'int') ?GETPOST('limit', 'int') : $conf->liste_limit; $page = GETPOSTISSET('pageplusone') ? (GETPOST('pageplusone') - 1) : GETPOST("page", 'int'); @@ -198,6 +199,7 @@ if (empty($reshook)) { $search_user = ""; $search_batch = ""; $search_qty = ''; + $search_fk_projet=0; $sall = ""; $toselect = ''; $search_array_options = array(); @@ -549,6 +551,9 @@ if (!empty($search_batch)) { if (!empty($product_id)) { $sql .= natural_search('p.rowid', $product_id); } +if (!empty($search_fk_projet) && $search_fk_projet != '-1') { + $sql .= natural_search('m.fk_projet', $search_fk_projet); +} if ($search_qty != '') { $sql .= natural_search('m.value', $search_qty, 1); } @@ -889,7 +894,7 @@ if ($resql) { $moreforfilter = ''; - $parameters = array(); + $parameters = array('arrayfields'=>&$arrayfields); $reshook = $hookmanager->executeHooks('printFieldPreListTitle', $parameters); // Note that $action and $object may have been modified by hook if (empty($reshook)) { $moreforfilter .= $hookmanager->resPrint; @@ -1255,6 +1260,14 @@ if ($resql) { } print ''; } + + // Extra fields + include DOL_DOCUMENT_ROOT.'/core/tpl/extrafields_list_print_fields.tpl.php'; + // Fields from hook + $parameters = array('arrayfields'=>$arrayfields, 'objp'=>$objp, 'i'=>$i, 'totalarray'=>&$totalarray); + $reshook = $hookmanager->executeHooks('printFieldListValue', $parameters); // Note that $action and $object may have been modified by hook + print $hookmanager->resPrint; + // Action column print ''; if ($massactionbutton || $massaction) { // If we are in select mode (massactionbutton defined) or if we have already selected and sent an action ($massaction) defined diff --git a/htdocs/product/stock/product.php b/htdocs/product/stock/product.php index b97e9b6c2d2..ef1393dfb63 100644 --- a/htdocs/product/stock/product.php +++ b/htdocs/product/stock/product.php @@ -9,6 +9,7 @@ * Copyright (C) 2014-2015 Cédric Gross * Copyright (C) 2015 Marcos García * Copyright (C) 2018-2019 Frédéric France + * Copyright (C) 2021 Gauthier VERDOL * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -81,8 +82,6 @@ if (!empty($batchnumber)) { if ($user->socid) { $socid = $user->socid; } -$result = restrictedArea($user, 'produit&stock', $id, 'product&product', '', '', $fieldid); - $object = new Product($db); $extrafields = new ExtraFields($db); @@ -114,6 +113,17 @@ $hookmanager->initHooks(array('stockproductcard', 'globalcard')); $error = 0; +if ($object->id > 0) { + if ($object->type == $object::TYPE_PRODUCT) { + restrictedArea($user, 'produit', $object->id, 'product&product', '', ''); + } + if ($object->type == $object::TYPE_SERVICE) { + restrictedArea($user, 'service', $object->id, 'product&product', '', ''); + } +} else { + restrictedArea($user, 'produit|service', $id, 'product&product', '', '', $fieldid); +} + /* * Actions @@ -521,6 +531,45 @@ if ($id > 0 || $ref) { llxHeader('', $title, $helpurl); + if (!empty($conf->use_javascript_ajax)) { + ?> + + 0) { $head = product_prepare_head($object); $titre = $langs->trans("CardProduct".$object->type); @@ -547,8 +596,18 @@ if ($id > 0 || $ref) { print ''; + // Type + if (!empty($conf->product->enabled) && !empty($conf->service->enabled)) { + $typeformat = 'select;0:'.$langs->trans("Product").',1:'.$langs->trans("Service"); + print ''; + } + if ($conf->productbatch->enabled) { - print ''; } @@ -859,15 +918,21 @@ if (!$variants) { print ''; if ((!empty($conf->productbatch->enabled)) && $object->hasbatch()) { $colspan = 3; - print ''; + print ''; print ''; if (empty($conf->global->PRODUCT_DISABLE_EATBY)) { $colspan--; - print ''; + print ''; } if (empty($conf->global->PRODUCT_DISABLE_SELLBY)) { $colspan--; - print ''; + print ''; } print ''; print ''; @@ -886,7 +951,7 @@ if (!$variants) { $sql .= " WHERE ps.reel != 0"; $sql .= " AND ps.fk_entrepot = e.rowid"; $sql .= " AND e.entity IN (".getEntity('stock').")"; - $sql .= " AND ps.fk_product = ".$object->id; + $sql .= " AND ps.fk_product = ".((int) $object->id); $sql .= " ORDER BY e.ref"; $entrepotstatic = new Entrepot($db); @@ -914,7 +979,14 @@ if (!$variants) { $stock_real = price2num($obj->reel, 'MS'); print ''; - print ''; + print ''; print ''; // PMP print ''; @@ -984,7 +1056,7 @@ if (!$variants) { print ''; print ''; } else { - print "\n".''; print ''; print ''; - if (!empty($conf->global->PROJECT_USE_OPPORTUNITIES)) { - print ''; - print ''; - print ''; - } print ''; + if (!empty($conf->global->PROJECT_USE_OPPORTUNITIES)) { + print ''; + print ''; + print ''; + } print ''; } @@ -338,9 +338,9 @@ foreach ($data_all_year as $val) { print ''; print ''; if (!empty($conf->global->PROJECT_USE_OPPORTUNITIES)) { - print ''; - print ''; - print ''; + print ''; + print ''; + print ''; } print ''; $oldyear = $year; diff --git a/htdocs/projet/tasks/document.php b/htdocs/projet/tasks/document.php index 575f949bb75..d9c49001dfc 100644 --- a/htdocs/projet/tasks/document.php +++ b/htdocs/projet/tasks/document.php @@ -324,7 +324,7 @@ if ($object->id > 0) { $param .= '&withproject=1'; } $modulepart = 'project_task'; - $permission = $user->rights->projet->creer; + $permissiontoadd = $user->rights->projet->creer; $permtoedit = $user->rights->projet->creer; $relativepathwithnofile = dol_sanitizeFileName($projectstatic->ref).'/'.dol_sanitizeFileName($object->ref).'/'; include DOL_DOCUMENT_ROOT.'/core/tpl/document_actions_post_headers.tpl.php'; diff --git a/htdocs/projet/tasks/list.php b/htdocs/projet/tasks/list.php index e842b409eae..bbb7b1e51f9 100644 --- a/htdocs/projet/tasks/list.php +++ b/htdocs/projet/tasks/list.php @@ -39,6 +39,7 @@ $massaction = GETPOST('massaction', 'alpha'); $show_files = GETPOST('show_files', 'int'); $confirm = GETPOST('confirm', 'alpha'); $toselect = GETPOST('toselect', 'array'); +$optioncss = GETPOST('optioncss', 'aZ09'); $id = GETPOST('id', 'int'); @@ -382,12 +383,9 @@ if ($search_projectstatus >= 0) { if ($search_projectstatus == 99) { $sql .= " AND p.fk_statut <> 2"; } else { - $sql .= " AND p.fk_statut = ".$db->escape($search_projectstatus); + $sql .= " AND p.fk_statut = ".((int) $search_projectstatus); } } -if ($search_public != '') { - $sql .= " AND p.public = ".$db->escape($search_public); -} if ($search_project_user > 0) { $sql .= " AND ecp.fk_c_type_contact IN (".$db->sanitize(join(',', array_keys($listofprojectcontacttype))).") AND ecp.element_id = p.rowid AND ecp.fk_socpeople = ".$search_project_user; } @@ -512,9 +510,6 @@ if ($search_projectstatus != '') { if ((is_numeric($search_opp_status) && $search_opp_status >= 0) || in_array($search_opp_status, array('all', 'none'))) { $param .= '&search_opp_status='.urlencode($search_opp_status); } -if ($search_public != '') { - $param .= '&search_public='.urlencode($search_public); -} if ($search_project_user != '') { $param .= '&search_project_user='.urlencode($search_project_user); } diff --git a/htdocs/projet/tasks/stats/index.php b/htdocs/projet/tasks/stats/index.php index 531b9eb7b3a..76c74ba343c 100644 --- a/htdocs/projet/tasks/stats/index.php +++ b/htdocs/projet/tasks/stats/index.php @@ -45,8 +45,7 @@ if ($user->socid > 0) { } $nowyear = strftime("%Y", dol_now()); $year = GETPOST('year') > 0 ?GETPOST('year') : $nowyear; -//$startyear=$year-2; -$startyear = $year - 1; +$startyear = $year - (empty($conf->global->MAIN_STATS_GRAPHS_SHOW_N_YEARS) ? 2 : max(1, min(10, $conf->global->MAIN_STATS_GRAPHS_SHOW_N_YEARS))); $endyear = $year; // Load translation files required by the page @@ -171,7 +170,7 @@ if (!in_array($nowyear, $arrayyears)) { arsort($arrayyears); print $form->selectarray('year', $arrayyears, $year, 0); print ''; -print ''; +print ''; print '
    '; + print (empty($conf->global->PRODUCT_DENY_CHANGE_PRODUCT_TYPE)) ? $form->editfieldkey("Type", 'fk_product_type', $object->type, $object, $usercancreate, $typeformat) : $langs->trans('Type'); + print ''; + print $form->editfieldval("Type", 'fk_product_type', $object->type, $object, $usercancreate, $typeformat); + print '
    '.$langs->trans("ManageLotSerial").''; + print '
    '.$langs->trans("ManageLotSerial").''; print $object->getLibStatut(0, 2); print '
    '; + if (!empty($conf->use_javascript_ajax)) { + print ''.img_picto('', 'folder-open', 'class="paddingright"').$langs->trans("ExpandAll").'   '; + print ''.img_picto('', 'folder', 'class="paddingright"').$langs->trans("UndoExpandAll").''; + //print ' '.$form->textwithpicto('', $langs->trans('CollapseBatchDetailHelp'), 1, 'help', ''); + } + print ''.$langs->trans("batch_number").''.$langs->trans("EatByDate").''.$langs->trans("EatByDate").''.$langs->trans("SellByDate").''.$langs->trans("SellByDate").'
    '.$entrepotstatic->getNomUrl(1).''; + print $entrepotstatic->getNomUrl(1); + if (!empty($conf->use_javascript_ajax) && !empty($conf->productbatch->enabled) && $object->hasbatch()) { + print ''; + print (empty($conf->global->STOCK_SHOW_ALL_BATCH_BY_DEFAULT) ? '(+)' : '(-)'); + print ''; + } + print ''.$stock_real.($stock_real < 0 ? ' '.img_warning() : '').''.(price2num($object->pmp) ? price2num($object->pmp, 'MU') : '').'
    '; + print "\n".'
    '; print ''; print $product_lot_static->getNomUrl(1); diff --git a/htdocs/product/stock/productlot_document.php b/htdocs/product/stock/productlot_document.php index 5b19288deff..08b565c90a0 100644 --- a/htdocs/product/stock/productlot_document.php +++ b/htdocs/product/stock/productlot_document.php @@ -94,7 +94,9 @@ $usercanread = $user->rights->produit->lire; $usercancreate = $user->rights->produit->creer; $usercandelete = $user->rights->produit->supprimer; -$upload_dir = $conf->productbatch->multidir_output[$conf->entity]; +if (empty($upload_dir)) { + $upload_dir = $conf->productbatch->multidir_output[$conf->entity]; +} $permissiontoread = $usercanread; $permissiontoadd = $usercancreate; @@ -191,7 +193,6 @@ if ($object->id) { print dol_get_fiche_end(); - $permission = ($user->rights->produit->creer); $param = '&id='.$object->id; include DOL_DOCUMENT_ROOT.'/core/tpl/document_actions_post_headers.tpl.php'; } else { diff --git a/htdocs/product/stock/productlot_list.php b/htdocs/product/stock/productlot_list.php index 00c8c186c66..58e5bd055f1 100644 --- a/htdocs/product/stock/productlot_list.php +++ b/htdocs/product/stock/productlot_list.php @@ -93,7 +93,7 @@ foreach ($object->fields as $key => $val) { // List of fields to search into when doing a "search in all" $fieldstosearchall = array(); foreach ($object->fields as $key => $val) { - if ($val['searchall']) { + if (!empty($val['searchall'])) { $fieldstosearchall['t.'.$key] = $val['label']; } } @@ -113,19 +113,8 @@ foreach ($object->fields as $key => $val) { } } // Extra fields -if (is_array($extrafields->attributes[$object->table_element]['label']) && count($extrafields->attributes[$object->table_element]['label']) > 0) { - foreach ($extrafields->attributes[$object->table_element]['label'] as $key => $val) { - if (!empty($extrafields->attributes[$object->table_element]['list'][$key])) { - $arrayfields["ef.".$key] = array( - 'label'=>$extrafields->attributes[$object->table_element]['label'][$key], - 'checked'=>(($extrafields->attributes[$object->table_element]['list'][$key] < 0) ? 0 : 1), - 'position'=>$extrafields->attributes[$object->table_element]['pos'][$key], - 'enabled'=>(abs($extrafields->attributes[$object->table_element]['list'][$key]) != 3 && $extrafields->attributes[$object->table_element]['perms'][$key]), - 'langfile'=>$extrafields->attributes[$object->table_element]['langfile'][$key] - ); - } - } -} +include DOL_DOCUMENT_ROOT.'/core/tpl/extrafields_list_array_fields.tpl.php'; + $object->fields = dol_sort_array($object->fields, 'position'); $arrayfields = dol_sort_array($arrayfields, 'position'); @@ -552,6 +541,12 @@ while ($i < ($limit ? min($num, $limit) : $num)) { if (!$i) { $totalarray['pos'][$totalarray['nbfield']] = 't.'.$key; } + if (!isset($totalarray['val'])) { + $totalarray['val'] = array(); + } + if (!isset($totalarray['val']['t.'.$key])) { + $totalarray['val']['t.'.$key] = 0; + } $totalarray['val']['t.'.$key] += $object->$key; } } diff --git a/htdocs/product/stock/stockatdate.php b/htdocs/product/stock/stockatdate.php index b36d530d624..77923d9e7c9 100644 --- a/htdocs/product/stock/stockatdate.php +++ b/htdocs/product/stock/stockatdate.php @@ -45,7 +45,7 @@ if ($user->socid) { $result = restrictedArea($user, 'produit|service'); // Initialize technical object to manage hooks of page. Note that conf->hooks_modules contains array of hook context -$hookmanager->initHooks(array('stockreplenishlist')); +$hookmanager->initHooks(array('stockatdate')); //checks if a product has been ordered @@ -136,10 +136,10 @@ if ($date && $dateIsValid) { // Avoid heavy sql if mandatory date is not defined $sql .= " AND w.statut IN (".$db->sanitize(implode(',', $warehouseStatus)).")"; } if ($productid > 0) { - $sql .= " AND ps.fk_product = ".$productid; + $sql .= " AND ps.fk_product = ".((int) $productid); } if ($fk_warehouse > 0) { - $sql .= " AND ps.fk_entrepot = ".$fk_warehouse; + $sql .= " AND ps.fk_entrepot = ".((int) $fk_warehouse); } $sql .= " GROUP BY fk_product, fk_entrepot"; //print $sql; diff --git a/htdocs/product/traduction.php b/htdocs/product/traduction.php index 45b45136410..b2c3b0d0b2f 100644 --- a/htdocs/product/traduction.php +++ b/htdocs/product/traduction.php @@ -45,7 +45,22 @@ $fieldtype = (!empty($ref) ? 'ref' : 'rowid'); if ($user->socid) { $socid = $user->socid; } -$result = restrictedArea($user, 'produit|service', $fieldvalue, 'product&product', '', '', $fieldtype); + +if ($id > 0 || !empty($ref)) { + $object = new Product($db); + $object->fetch($id, $ref); +} + +if ($object->id > 0) { + if ($object->type == $object::TYPE_PRODUCT) { + restrictedArea($user, 'produit', $object->id, 'product&product', '', ''); + } + if ($object->type == $object::TYPE_SERVICE) { + restrictedArea($user, 'service', $object->id, 'product&product', '', ''); + } +} else { + restrictedArea($user, 'produit|service', $fieldvalue, 'product&product', '', '', $fieldtype); +} /* diff --git a/htdocs/projet/activity/index.php b/htdocs/projet/activity/index.php index 0191cc74ef8..60484eb4f17 100644 --- a/htdocs/projet/activity/index.php +++ b/htdocs/projet/activity/index.php @@ -425,7 +425,7 @@ if (empty($conf->global->PROJECT_HIDE_TASKS) && !empty($conf->global->PROJECT_SH $sql .= " AND ect.fk_c_type_contact IN (".$db->sanitize(join(',', array_keys($listoftaskcontacttype))).") AND ect.element_id = t.rowid AND ect.fk_socpeople = ".$user->id; } if ($socid) { - $sql .= " AND (p.fk_soc IS NULL OR p.fk_soc = 0 OR p.fk_soc = ".$socid.")"; + $sql .= " AND (p.fk_soc IS NULL OR p.fk_soc = 0 OR p.fk_soc = ".((int) $socid).")"; } $sql .= " AND p.fk_statut=1"; $sql .= " GROUP BY p.ref, p.title, p.rowid, p.fk_statut, p.fk_opp_status, p.public, t.label, t.rowid, t.planned_workload, t.duration_effective, t.progress, t.dateo, t.datee"; diff --git a/htdocs/projet/activity/perday.php b/htdocs/projet/activity/perday.php index b93b5158ad7..8897f9550a3 100644 --- a/htdocs/projet/activity/perday.php +++ b/htdocs/projet/activity/perday.php @@ -204,7 +204,7 @@ if ($action == 'addtime' && $user->rights->projet->lire && GETPOST('assigntask') if ($result >= 0 || $result == -2) { // Contact add ok or already contact of task // Test if we are already contact of the project (should be rare but sometimes we can add as task contact without being contact of project, like when admin user has been removed from contact of project) $sql = 'SELECT ec.rowid FROM '.MAIN_DB_PREFIX.'element_contact as ec, '.MAIN_DB_PREFIX.'c_type_contact as tc WHERE tc.rowid = ec.fk_c_type_contact'; - $sql .= ' AND ec.fk_socpeople = '.((int) $idfortaskuser)." AND ec.element_id = '.$object->fk_project.' AND tc.element = 'project' AND source = 'internal'"; + $sql .= ' AND ec.fk_socpeople = '.((int) $idfortaskuser)." AND ec.element_id = ".((int) $object->fk_project)." AND tc.element = 'project' AND source = 'internal'"; $resql = $db->query($sql); if ($resql) { $obj = $db->fetch_object($resql); diff --git a/htdocs/projet/activity/permonth.php b/htdocs/projet/activity/permonth.php index 0491b9c04e5..6e474ea8568 100644 --- a/htdocs/projet/activity/permonth.php +++ b/htdocs/projet/activity/permonth.php @@ -156,7 +156,7 @@ if ($action == 'addtime' && $user->rights->projet->lire && GETPOST('assigntask') if ($result >= 0 || $result == -2) { // Contact add ok or already contact of task // Test if we are already contact of the project (should be rare but sometimes we can add as task contact without being contact of project, like when admin user has been removed from contact of project) $sql = 'SELECT ec.rowid FROM '.MAIN_DB_PREFIX.'element_contact as ec, '.MAIN_DB_PREFIX.'c_type_contact as tc WHERE tc.rowid = ec.fk_c_type_contact'; - $sql .= ' AND ec.fk_socpeople = '.((int) $idfortaskuser)." AND ec.element_id = '.$object->fk_project.' AND tc.element = 'project' AND source = 'internal'"; + $sql .= ' AND ec.fk_socpeople = '.((int) $idfortaskuser)." AND ec.element_id = ".((int) $object->fk_project)." AND tc.element = 'project' AND source = 'internal'"; $resql = $db->query($sql); if ($resql) { $obj = $db->fetch_object($resql); diff --git a/htdocs/projet/activity/perweek.php b/htdocs/projet/activity/perweek.php index 6da7138e6d7..ecb2a0bdaf5 100644 --- a/htdocs/projet/activity/perweek.php +++ b/htdocs/projet/activity/perweek.php @@ -214,7 +214,7 @@ if ($action == 'addtime' && $user->rights->projet->lire && GETPOST('assigntask') if ($result >= 0 || $result == -2) { // Contact add ok or already contact of task // Test if we are already contact of the project (should be rare but sometimes we can add as task contact without being contact of project, like when admin user has been removed from contact of project) $sql = 'SELECT ec.rowid FROM '.MAIN_DB_PREFIX.'element_contact as ec, '.MAIN_DB_PREFIX.'c_type_contact as tc WHERE tc.rowid = ec.fk_c_type_contact'; - $sql .= ' AND ec.fk_socpeople = '.((int) $idfortaskuser)." AND ec.element_id = '.$object->fk_project.' AND tc.element = 'project' AND source = 'internal'"; + $sql .= ' AND ec.fk_socpeople = '.((int) $idfortaskuser)." AND ec.element_id = ".((int) $object->fk_project)." AND tc.element = 'project' AND source = 'internal'"; $resql = $db->query($sql); if ($resql) { $obj = $db->fetch_object($resql); diff --git a/htdocs/projet/class/api_projects.class.php b/htdocs/projet/class/api_projects.class.php index b0b94264fb0..38f525626ba 100644 --- a/htdocs/projet/class/api_projects.class.php +++ b/htdocs/projet/class/api_projects.class.php @@ -146,7 +146,7 @@ class Projects extends DolibarrApi } // Select projects of given category if ($category > 0) { - $sql .= " AND c.fk_categorie = ".$this->db->escape($category)." AND c.fk_project = t.rowid "; + $sql .= " AND c.fk_categorie = ".((int) $category)." AND c.fk_project = t.rowid "; } // Add sql filters if ($sqlfilters) { diff --git a/htdocs/projet/class/project.class.php b/htdocs/projet/class/project.class.php index ca42e8a3fd1..e381aaabfb3 100644 --- a/htdocs/projet/class/project.class.php +++ b/htdocs/projet/class/project.class.php @@ -224,7 +224,7 @@ class Project extends CommonObject public $fields = array( 'rowid' =>array('type'=>'integer', 'label'=>'ID', 'enabled'=>1, 'visible'=>-1, 'notnull'=>1, 'position'=>10), 'ref' =>array('type'=>'varchar(50)', 'label'=>'Ref', 'enabled'=>1, 'visible'=>1, 'showoncombobox'=>1, 'position'=>15, 'searchall'=>1), - 'title' =>array('type'=>'varchar(255)', 'label'=>'ProjectLabel', 'enabled'=>1, 'visible'=>1, 'notnull'=>1, 'position'=>17, 'showoncombobox'=>1, 'searchall'=>1), + 'title' =>array('type'=>'varchar(255)', 'label'=>'ProjectLabel', 'enabled'=>1, 'visible'=>1, 'notnull'=>1, 'position'=>17, 'showoncombobox'=>2, 'searchall'=>1), 'entity' =>array('type'=>'integer', 'label'=>'Entity', 'default'=>1, 'enabled'=>1, 'visible'=>3, 'notnull'=>1, 'position'=>19), 'fk_soc' =>array('type'=>'integer', 'label'=>'Thirdparty', 'enabled'=>1, 'visible'=>0, 'position'=>20), 'dateo' =>array('type'=>'date', 'label'=>'DateStart', 'enabled'=>1, 'visible'=>1, 'position'=>30), @@ -486,7 +486,7 @@ class Project extends CommonObject $sql .= ", title = '".$this->db->escape($this->title)."'"; $sql .= ", description = '".$this->db->escape($this->description)."'"; $sql .= ", fk_soc = ".($this->socid > 0 ? $this->socid : "null"); - $sql .= ", fk_statut = ".$this->statut; + $sql .= ", fk_statut = ".((int) $this->statut); $sql .= ", fk_opp_status = ".((is_numeric($this->opp_status) && $this->opp_status > 0) ? $this->opp_status : 'null'); $sql .= ", opp_percent = ".((is_numeric($this->opp_percent) && $this->opp_percent != '') ? $this->opp_percent : 'null'); $sql .= ", public = ".($this->public ? 1 : 0); @@ -1777,13 +1777,13 @@ class Project extends CommonObject if ($tableName == "actioncomm") { $sql .= " SET fk_project=".$this->id; - $sql .= " WHERE id=".$elementSelectId; + $sql .= " WHERE id=".((int) $elementSelectId); } elseif ($tableName == "entrepot") { $sql .= " SET fk_project=".$this->id; - $sql .= " WHERE rowid=".$elementSelectId; + $sql .= " WHERE rowid=".((int) $elementSelectId); } else { $sql .= " SET fk_projet=".$this->id; - $sql .= " WHERE rowid=".$elementSelectId; + $sql .= " WHERE rowid=".((int) $elementSelectId); } dol_syslog(get_class($this)."::update_element", LOG_DEBUG); @@ -1813,10 +1813,10 @@ class Project extends CommonObject if ($tableName == "actioncomm") { $sql .= " SET fk_project=NULL"; - $sql .= " WHERE id=".$elementSelectId; + $sql .= " WHERE id=".((int) $elementSelectId); } else { $sql .= " SET ".$projectfield."=NULL"; - $sql .= " WHERE rowid=".$elementSelectId; + $sql .= " WHERE rowid=".((int) $elementSelectId); } dol_syslog(get_class($this)."::remove_element", LOG_DEBUG); @@ -1888,10 +1888,10 @@ class Project extends CommonObject $sql .= " AND (ptt.task_date >= '".$this->db->idate($datestart)."' "; $sql .= " AND ptt.task_date <= '".$this->db->idate(dol_time_plus_duree($datestart, 1, 'w') - 1)."')"; if ($taskid) { - $sql .= " AND ptt.fk_task=".$taskid; + $sql .= " AND ptt.fk_task=".((int) $taskid); } if (is_numeric($userid)) { - $sql .= " AND ptt.fk_user=".$userid; + $sql .= " AND ptt.fk_user=".((int) $userid); } //print $sql; @@ -1951,10 +1951,10 @@ class Project extends CommonObject $sql .= " AND (ptt.task_date >= '".$this->db->idate($datestart)."' "; $sql .= " AND ptt.task_date <= '".$this->db->idate(dol_time_plus_duree($datestart, 1, 'm') - 1)."')"; if ($task_id) { - $sql .= " AND ptt.fk_task=".$taskid; + $sql .= " AND ptt.fk_task=".((int) $taskid); } if (is_numeric($userid)) { - $sql .= " AND ptt.fk_user=".$userid; + $sql .= " AND ptt.fk_user=".((int) $userid); } //print $sql; diff --git a/htdocs/projet/class/projectstats.class.php b/htdocs/projet/class/projectstats.class.php index 42c5ae2135f..1845e303704 100644 --- a/htdocs/projet/class/projectstats.class.php +++ b/htdocs/projet/class/projectstats.class.php @@ -68,7 +68,7 @@ class ProjectStats extends Stats $sql .= ", ".MAIN_DB_PREFIX."c_lead_status as cls"; $sql .= $this->buildWhere(); // For external user, no check is done on company permission because readability is managed by public status of project and assignement. - //if ($socid > 0) $sql.= " AND t.fk_soc = ".$socid; + //if ($socid > 0) $sql.= " AND t.fk_soc = ".((int) $socid); // No check is done on company permission because readability is managed by public status of project and assignement. //if (! $user->rights->societe->client->voir && ! $socid) $sql.= " AND ((s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id.") OR (s.rowid IS NULL))"; $sql .= " AND t.fk_opp_status = cls.rowid"; @@ -133,7 +133,7 @@ class ProjectStats extends Stats // $sql .= " INNER JOIN " . MAIN_DB_PREFIX . "societe_commerciaux as sc ON sc.fk_soc=t.fk_soc AND sc.fk_user=" . $user->id; $sql .= $this->buildWhere(); // For external user, no check is done on company permission because readability is managed by public status of project and assignement. - //if ($socid > 0) $sql.= " AND t.fk_soc = ".$socid; + //if ($socid > 0) $sql.= " AND t.fk_soc = ".((int) $socid); // No check is done on company permission because readability is managed by public status of project and assignement. //if (! $user->rights->societe->client->voir && ! $socid) $sql.= " AND ((s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id.") OR (s.rowid IS NULL))"; $sql .= " GROUP BY year"; diff --git a/htdocs/projet/class/task.class.php b/htdocs/projet/class/task.class.php index 0b8e21f5afd..bd25398776e 100644 --- a/htdocs/projet/class/task.class.php +++ b/htdocs/projet/class/task.class.php @@ -274,7 +274,8 @@ class Task extends CommonObject } $sql .= " WHERE "; if (!empty($ref)) { - $sql .= "t.ref = '".$this->db->escape($ref)."'"; + $sql .= "entity IN (".getEntity('project').")"; + $sql .= " AND t.ref = '".$this->db->escape($ref)."'"; } else { $sql .= "t.rowid = ".((int) $id); } @@ -853,7 +854,7 @@ class Task extends CommonObject $sql .= " AND p.rowid = ec.element_id"; $sql .= " AND ctc.rowid = ec.fk_c_type_contact"; $sql .= " AND ctc.element = 'project'"; - $sql .= " AND ec.fk_socpeople = ".$filteronprojuser; + $sql .= " AND ec.fk_socpeople = ".((int) $filteronprojuser); $sql .= " AND ec.statut = 4"; $sql .= " AND ctc.source = 'internal'"; } @@ -862,12 +863,12 @@ class Task extends CommonObject $sql .= " AND p.rowid = ec2.element_id"; $sql .= " AND ctc2.rowid = ec2.fk_c_type_contact"; $sql .= " AND ctc2.element = 'project_task'"; - $sql .= " AND ec2.fk_socpeople = ".$filterontaskuser; + $sql .= " AND ec2.fk_socpeople = ".((int) $filterontaskuser); $sql .= " AND ec2.statut = 4"; $sql .= " AND ctc2.source = 'internal'"; } if ($socid) { - $sql .= " AND p.fk_soc = ".$socid; + $sql .= " AND p.fk_soc = ".((int) $socid); } if ($projectid) { $sql .= " AND p.rowid IN (".$this->db->sanitize($projectid).")"; @@ -1524,10 +1525,10 @@ class Task extends CommonObject $sql .= " task_date = '".$this->db->idate($this->timespent_date)."',"; $sql .= " task_datehour = '".$this->db->idate($this->timespent_datehour)."',"; $sql .= " task_date_withhour = ".(empty($this->timespent_withhour) ? 0 : 1).","; - $sql .= " task_duration = ".$this->timespent_duration.","; - $sql .= " fk_user = ".$this->timespent_fk_user.","; + $sql .= " task_duration = ".((int) $this->timespent_duration).","; + $sql .= " fk_user = ".((int) $this->timespent_fk_user).","; $sql .= " note = ".(isset($this->timespent_note) ? "'".$this->db->escape($this->timespent_note)."'" : "null"); - $sql .= " WHERE rowid = ".$this->timespent_id; + $sql .= " WHERE rowid = ".((int) $this->timespent_id); dol_syslog(get_class($this)."::updateTimeSpent", LOG_DEBUG); if ($this->db->query($sql)) { @@ -1986,7 +1987,8 @@ class Task extends CommonObject global $conf, $langs; // For external user, no check is done on company because readability is managed by public status of project and assignement. - //$socid=$user->socid; + //$socid = $user->socid; + $socid = 0; $projectstatic = new Project($this->db); $projectsListId = $projectstatic->getProjectsAuthorizedForUser($user, 0, 1, $socid); @@ -2007,10 +2009,7 @@ class Task extends CommonObject $sql .= " AND p.rowid IN (".$this->db->sanitize($projectsListId).")"; } // No need to check company, as filtering of projects must be done by getProjectsAuthorizedForUser - //if ($socid || ! $user->rights->societe->client->voir) $sql.= " AND (p.fk_soc IS NULL OR p.fk_soc = 0 OR p.fk_soc = ".$socid.")"; - if ($socid) { - $sql .= " AND (p.fk_soc IS NULL OR p.fk_soc = 0 OR p.fk_soc = ".((int) $socid).")"; - } + //if ($socid || ! $user->rights->societe->client->voir) $sql.= " AND (p.fk_soc IS NULL OR p.fk_soc = 0 OR p.fk_soc = ".((int) $socid).")"; // No need to check company, as filtering of projects must be done by getProjectsAuthorizedForUser // if (! $user->rights->societe->client->voir && ! $socid) $sql.= " AND ((s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id.") OR (s.rowid IS NULL))"; @@ -2083,7 +2082,7 @@ class Task extends CommonObject // No need to check company, as filtering of projects must be done by getProjectsAuthorizedForUser //if ($socid || ! $user->rights->societe->client->voir) $sql.= " AND (p.fk_soc IS NULL OR p.fk_soc = 0 OR p.fk_soc = ".$socid.")"; if ($socid) { - $sql .= " AND (p.fk_soc IS NULL OR p.fk_soc = 0 OR p.fk_soc = ".$socid.")"; + $sql .= " AND (p.fk_soc IS NULL OR p.fk_soc = 0 OR p.fk_soc = ".((int) $socid).")"; } if (!$user->rights->societe->client->voir && !$socid) { $sql .= " AND ((s.rowid = sc.fk_soc AND sc.fk_user = ".$user->id.") OR (s.rowid IS NULL))"; diff --git a/htdocs/projet/document.php b/htdocs/projet/document.php index 6bb905d6696..df31724d07c 100644 --- a/htdocs/projet/document.php +++ b/htdocs/projet/document.php @@ -164,8 +164,8 @@ if ($object->id > 0) { print dol_get_fiche_end(); - $modulepart = 'project'; - $permission = ($userWrite > 0); + $modulepart = 'projet'; + $permissiontoadd = ($userWrite > 0); $permtoedit = ($userWrite > 0); include DOL_DOCUMENT_ROOT.'/core/tpl/document_actions_post_headers.tpl.php'; } else { diff --git a/htdocs/projet/index.php b/htdocs/projet/index.php index d8c875d2933..aa9d9a8a437 100644 --- a/htdocs/projet/index.php +++ b/htdocs/projet/index.php @@ -213,7 +213,7 @@ if ($mine || empty($user->rights->projet->all->lire)) { $sql .= " AND p.rowid IN (".$db->sanitize($projectsListId).")"; // If we have this test true, it also means projectset is not 2 } if ($socid) { - $sql .= " AND (p.fk_soc IS NULL OR p.fk_soc = 0 OR p.fk_soc = ".$socid.")"; + $sql .= " AND (p.fk_soc IS NULL OR p.fk_soc = 0 OR p.fk_soc = ".((int) $socid).")"; } $sql .= " ORDER BY p.tms DESC"; $sql .= $db->plimit($max, 0); diff --git a/htdocs/projet/list.php b/htdocs/projet/list.php index aa1229ccb42..c95ae10e79a 100644 --- a/htdocs/projet/list.php +++ b/htdocs/projet/list.php @@ -402,12 +402,12 @@ if ($search_status >= 0) { if ($search_status == 99) { $sql .= " AND p.fk_statut <> 2"; } else { - $sql .= " AND p.fk_statut = ".$db->escape($search_status); + $sql .= " AND p.fk_statut = ".((int) $search_status); } } if ($search_opp_status) { if (is_numeric($search_opp_status) && $search_opp_status > 0) { - $sql .= " AND p.fk_opp_status = ".$db->escape($search_opp_status); + $sql .= " AND p.fk_opp_status = ".((int) $search_opp_status); } if ($search_opp_status == 'all') { $sql .= " AND (p.fk_opp_status IS NOT NULL AND p.fk_opp_status <> -1)"; @@ -423,7 +423,7 @@ if ($search_opp_status) { } } if ($search_public != '') { - $sql .= " AND p.public = ".$db->escape($search_public); + $sql .= " AND p.public = ".((int) $search_public); } // For external user, no check is done on company permission because readability is managed by public status of project and assignement. //if ($socid > 0) $sql.= " AND s.rowid = ".((int) $socid); diff --git a/htdocs/projet/stats/index.php b/htdocs/projet/stats/index.php index 6b1b0eac4c1..afd86f3ed07 100644 --- a/htdocs/projet/stats/index.php +++ b/htdocs/projet/stats/index.php @@ -1,6 +1,6 @@ - * Copyright (C) 2015 Laurent Destailleur + * Copyright (C) 2015-2021 Laurent Destailleur * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -45,8 +45,7 @@ if ($user->socid > 0) { } $nowyear = strftime("%Y", dol_now()); $year = GETPOST('year') > 0 ?GETPOST('year') : $nowyear; -//$startyear=$year-2; -$startyear = $year - 1; +$startyear = $year - (empty($conf->global->MAIN_STATS_GRAPHS_SHOW_N_YEARS) ? 2 : max(1, min(10, $conf->global->MAIN_STATS_GRAPHS_SHOW_N_YEARS))); $endyear = $year; // Load translation files required by the page @@ -283,7 +282,8 @@ print ''; print ''; // Company print ''; // User /*print ''; -print ''; +print ''; print '
    '.$langs->trans("Filter").'
    '.$langs->trans("ThirdParty").''; -print $form->select_company($socid, 'socid', '', 1, 0, 0, array(), 0, '', 'style="width: 95%"'); +print img_picto('', 'company', 'class="pictofixedwidth"'); +print $form->select_company($socid, 'socid', '', 1, 0, 0, array(), 0, 'widthcentpercentminusx maxwidth300', ''); print '
    '.$langs->trans("ProjectCommercial").''; @@ -300,7 +300,7 @@ if (!in_array($nowyear, $arrayyears)) { arsort($arrayyears); print $form->selectarray('year', $arrayyears, $year, 0); print '
    '; print ''; print '

    '; @@ -325,12 +325,12 @@ foreach ($data_all_year as $val) { print '
    0 ? '&userid='.$userid : '').'">'.$oldyear.'0000000
    0 ? '&userid='.$userid : '').'">'.$year.''.$val['nb'].''.($val['total'] ? price(price2num($val['total'], 'MT'), 1) : '0').''.($val['avg'] ? price(price2num($val['avg'], 'MT'), 1) : '0').''.(isset($val['weighted']) ? price(price2num($val['weighted'], 'MT'), 1) : '0').''.($val['total'] ? price(price2num($val['total'], 'MT'), 1) : '0').''.($val['avg'] ? price(price2num($val['avg'], 'MT'), 1) : '0').''.(isset($val['weighted']) ? price(price2num($val['weighted'], 'MT'), 1) : '0').'
    '; print ''; print '

    '; diff --git a/htdocs/projet/tasks/time.php b/htdocs/projet/tasks/time.php index 01622a41945..a9316bcedcd 100644 --- a/htdocs/projet/tasks/time.php +++ b/htdocs/projet/tasks/time.php @@ -1043,7 +1043,7 @@ if (($id > 0 || !empty($ref)) || $projectidforalltimes > 0) { $sql .= " ".MAIN_DB_PREFIX."projet_task as pt, ".MAIN_DB_PREFIX."user as u"; $sql .= " WHERE t.fk_user = u.rowid AND t.fk_task = pt.rowid"; if (empty($projectidforalltimes)) { - $sql .= " AND t.fk_task =".$object->id; + $sql .= " AND t.fk_task =".((int) $object->id); } else { $sql .= " AND pt.fk_projet IN (".$db->sanitize($projectidforalltimes).")"; } diff --git a/htdocs/public/agenda/agendaexport.php b/htdocs/public/agenda/agendaexport.php index 2aaeb12de23..a0e7ea817a7 100644 --- a/htdocs/public/agenda/agendaexport.php +++ b/htdocs/public/agenda/agendaexport.php @@ -135,7 +135,12 @@ if (GETPOST("notolderthan", 'int')) { } else { $filters['notolderthan'] = $conf->global->MAIN_AGENDA_EXPORT_PAST_DELAY; } - +if (GETPOST("module", 'alpha')) { + $filters['module'] = GETPOST("module", 'alpha'); +} +if (GETPOST("status", 'int')) { + $filters['status'] = GETPOST("status", 'int'); +} // Check config if (empty($conf->global->MAIN_AGENDA_XCAL_EXPORTKEY)) { $user->getrights(); @@ -201,6 +206,15 @@ foreach ($filters as $key => $value) { if ($key == 'notactiontype') { $filename .= '-notactiontype'.$value; } + if ($key == 'actiontype') { + $filename .= '-actiontype'.$value; + } + if ($key == 'module') { + $filename .= '-module'.$value; + } + if ($key == 'status') { + $filename .= '-status'.$value; + } } // Add extension if ($format == 'vcal') { @@ -212,9 +226,7 @@ if ($format == 'ical') { if ($format == 'rss') { $shortfilename .= '.rss'; $filename .= '.rss'; } - if ($shortfilename == 'dolibarrcalendar') { - $langs->load("main"); $langs->load("errors"); llxHeaderVierge(); print '
    '.$langs->trans("ErrorWrongValueForParameterX", 'format').'
    '; diff --git a/htdocs/public/demo/index.php b/htdocs/public/demo/index.php index e39a332d3fb..bbb4a85aadf 100644 --- a/htdocs/public/demo/index.php +++ b/htdocs/public/demo/index.php @@ -118,7 +118,7 @@ if (empty($reshook)) { 'mailmanspip', 'notification', 'oauth', 'syslog', 'user', 'webservices', 'workflow', // Extended modules 'memcached', 'numberwords', 'zipautofillfr'); - $alwayshiddenuncheckedmodules = array('collab', 'dav', 'debugbar', 'emailcollector', 'ftp', 'hrm', 'modulebuilder', 'printing', 'webservicesclient', 'zappier', + $alwayshiddenuncheckedmodules = array('cashdesk', 'collab', 'dav', 'debugbar', 'emailcollector', 'ftp', 'hrm', 'modulebuilder', 'printing', 'webservicesclient', 'zappier', // Extended modules 'awstats', 'bittorrent', 'bootstrap', 'cabinetmed', 'cmcic', 'concatpdf', 'customfield', 'datapolicy', 'deplacement', 'dolicloud', 'filemanager', 'lightbox', 'mantis', 'monitoring', 'moretemplates', 'multicompany', 'nltechno', 'numberingpack', 'openstreetmap', 'ovh', 'phenix', 'phpsysinfo', 'pibarcode', 'postnuke', 'dynamicprices', 'receiptprinter', 'selectbank', 'skincoloreditor', 'submiteverywhere', 'survey', 'thomsonphonebook', 'topten', 'tvacerfa', 'voyage', 'webcalendar', 'webmail'); @@ -352,13 +352,13 @@ foreach ($demoprofiles as $profilearray) { if (empty($profilearray['url'])) { print '