From e528a820514bd92ffed954dcd9731ee114d821a0 Mon Sep 17 00:00:00 2001 From: Ion Date: Thu, 9 Nov 2017 16:54:31 +0100 Subject: [PATCH 1/6] Remove price dynamic internal var --- htdocs/product/dynamic_price/class/price_parser.class.php | 3 +++ 1 file changed, 3 insertions(+) diff --git a/htdocs/product/dynamic_price/class/price_parser.class.php b/htdocs/product/dynamic_price/class/price_parser.class.php index aba86bfd97e..f2243ba1c09 100644 --- a/htdocs/product/dynamic_price/class/price_parser.class.php +++ b/htdocs/product/dynamic_price/class/price_parser.class.php @@ -178,6 +178,9 @@ class PriceParser $values["global_".$entry->code] = $entry->value; } + //Remove internal variables + unset($values["supplier_id"]); + //Prepare the lib, parameters and values $em = new EvalMath(); $em->suppress_errors = true; //Don't print errors on page From aa0b811f7330ba53d8d7cd826933445dc7bf8b08 Mon Sep 17 00:00:00 2001 From: Ion Agorria Date: Wed, 24 Feb 2016 18:56:59 +0100 Subject: [PATCH 2/6] Undefined variable detection in price parser --- htdocs/langs/en_US/errors.lang | 1 + .../dynamic_price/class/price_parser.class.php | 15 ++++++++++++++- 2 files changed, 15 insertions(+), 1 deletion(-) diff --git a/htdocs/langs/en_US/errors.lang b/htdocs/langs/en_US/errors.lang index 77a4ba76383..c36a3fad5ff 100644 --- a/htdocs/langs/en_US/errors.lang +++ b/htdocs/langs/en_US/errors.lang @@ -155,6 +155,7 @@ ErrorPriceExpression19=Expression not found ErrorPriceExpression20=Empty expression ErrorPriceExpression21=Empty result '%s' ErrorPriceExpression22=Negative result '%s' +ErrorPriceExpression23=Unknown or non set variable '%s' in %s ErrorPriceExpressionInternal=Internal error '%s' ErrorPriceExpressionUnknown=Unknown error '%s' ErrorSrcAndTargetWarehouseMustDiffers=Source and target warehouses must differs diff --git a/htdocs/product/dynamic_price/class/price_parser.class.php b/htdocs/product/dynamic_price/class/price_parser.class.php index f2243ba1c09..e11edfee76c 100644 --- a/htdocs/product/dynamic_price/class/price_parser.class.php +++ b/htdocs/product/dynamic_price/class/price_parser.class.php @@ -85,6 +85,7 @@ class PriceParser -2 Args 6, wrong number of arguments (%s given, %s expected) + 23, unknown or non set variable '%s' after %s -internal errors 7, internal error @@ -187,13 +188,25 @@ class PriceParser $this->error_expr = null; $last_result = null; - //Iterate over each expression splitted by $separator_chr + //Fill each variable in expression from values $expression = str_replace("\n", $this->separator_chr, $expression); foreach ($values as $key => $value) { if ($value === null) $value = "NULL"; $expression = str_replace($this->special_chr.$key.$this->special_chr, strval($value), $expression); } + + //Check if there is unfilled variable + if (strpos($expression, $this->special_chr) !== false) + { + $data = explode($this->special_chr, $expression); + $variable = $this->special_chr.$data[1]; + if (isset($data[2])) $variable.= $this->special_chr; + $this->error_parser = array(23, array($variable, $expression)); + return -6; + } + + //Iterate over each expression splitted by $separator_chr $expressions = explode($this->separator_chr, $expression); $expressions = array_slice($expressions, 0, $this->limit); foreach ($expressions as $expr) { From f642289160d5fb0f04c55bc954b9bad584ccf0b6 Mon Sep 17 00:00:00 2001 From: Ion Date: Fri, 3 Feb 2017 11:53:19 +0100 Subject: [PATCH 3/6] Add missing arg in supplier min price --- htdocs/product/dynamic_price/class/price_parser.class.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/product/dynamic_price/class/price_parser.class.php b/htdocs/product/dynamic_price/class/price_parser.class.php index e11edfee76c..088c15b02aa 100644 --- a/htdocs/product/dynamic_price/class/price_parser.class.php +++ b/htdocs/product/dynamic_price/class/price_parser.class.php @@ -257,7 +257,7 @@ class PriceParser //Get the supplier min $productFournisseur = new ProductFournisseur($this->db); - $supplier_min_price = $productFournisseur->find_min_price_product_fournisseur($product->id); + $supplier_min_price = $productFournisseur->find_min_price_product_fournisseur($product->id, 0, 0); //Accessible values by expressions $extra_values = array_merge($extra_values, array( From fdf260a1da76a60e423a79773d2c2c725624bfa1 Mon Sep 17 00:00:00 2001 From: Ion Date: Wed, 8 Feb 2017 21:33:55 +0100 Subject: [PATCH 4/6] Use __METHOD__ on dynamic prices syslog --- .../class/price_expression.class.php | 16 ++++++------- .../class/price_global_variable.class.php | 14 +++++------ .../price_global_variable_updater.class.php | 23 ++++++++++--------- 3 files changed, 27 insertions(+), 26 deletions(-) diff --git a/htdocs/product/dynamic_price/class/price_expression.class.php b/htdocs/product/dynamic_price/class/price_expression.class.php index cd5c8bb25de..9a22313bc6c 100644 --- a/htdocs/product/dynamic_price/class/price_expression.class.php +++ b/htdocs/product/dynamic_price/class/price_expression.class.php @@ -74,7 +74,7 @@ class PriceExpression $this->db->begin(); - dol_syslog(get_class($this)."::create", LOG_DEBUG); + dol_syslog(__METHOD__, LOG_DEBUG); $resql=$this->db->query($sql); if (! $resql) { $error++; $this->errors[]="Error ".$this->db->lasterror(); } @@ -125,7 +125,7 @@ class PriceExpression $sql.= " FROM ".MAIN_DB_PREFIX.$this->table_element; $sql.= " WHERE rowid = ".$id; - dol_syslog(get_class($this)."::fetch"); + dol_syslog(__METHOD__); $resql=$this->db->query($sql); if ($resql) { @@ -160,7 +160,7 @@ class PriceExpression $sql.= " FROM ".MAIN_DB_PREFIX.$this->table_element; $sql.= " ORDER BY title"; - dol_syslog(get_class($this)."::list_price_expression"); + dol_syslog(__METHOD__, LOG_DEBUG); $resql=$this->db->query($sql); if ($resql) { @@ -198,7 +198,7 @@ class PriceExpression $sql.= " FROM ".MAIN_DB_PREFIX.$this->table_element; $sql.= " WHERE title = '".$this->db->escape($title)."'"; - dol_syslog(get_class($this)."::find_title"); + dol_syslog(__METHOD__, LOG_DEBUG); $resql=$this->db->query($sql); if ($resql) { @@ -243,7 +243,7 @@ class PriceExpression $this->db->begin(); - dol_syslog(get_class($this)."::update"); + dol_syslog(__METHOD__); $resql = $this->db->query($sql); if (! $resql) { $error++; $this->errors[]="Error ".$this->db->lasterror(); } @@ -266,7 +266,7 @@ class PriceExpression { foreach($this->errors as $errmsg) { - dol_syslog(get_class($this)."::update ".$errmsg, LOG_ERR); + dol_syslog(__METHOD__." ".$errmsg, LOG_ERR); $this->error.=($this->error?', '.$errmsg:$errmsg); } $this->db->rollback(); @@ -314,7 +314,7 @@ class PriceExpression $sql = "DELETE FROM ".MAIN_DB_PREFIX.$this->table_element; $sql.= " WHERE rowid = ".$rowid; - dol_syslog(get_class($this)."::delete"); + dol_syslog(__METHOD__); $resql = $this->db->query($sql); if (! $resql) { $error++; $this->errors[]="Error ".$this->db->lasterror(); } } @@ -324,7 +324,7 @@ class PriceExpression { foreach($this->errors as $errmsg) { - dol_syslog(get_class($this)."::delete ".$errmsg, LOG_ERR); + dol_syslog(__METHOD__." ".$errmsg, LOG_ERR); $this->error.=($this->error?', '.$errmsg:$errmsg); } $this->db->rollback(); diff --git a/htdocs/product/dynamic_price/class/price_global_variable.class.php b/htdocs/product/dynamic_price/class/price_global_variable.class.php index c65e694dfb9..97a3ee1f4e6 100644 --- a/htdocs/product/dynamic_price/class/price_global_variable.class.php +++ b/htdocs/product/dynamic_price/class/price_global_variable.class.php @@ -74,7 +74,7 @@ class PriceGlobalVariable $this->db->begin(); - dol_syslog(get_class($this)."::create", LOG_DEBUG); + dol_syslog(__METHOD__); $resql=$this->db->query($sql); if (! $resql) { $error++; $this->errors[]="Error ".$this->db->lasterror(); } @@ -125,7 +125,7 @@ class PriceGlobalVariable $sql.= " FROM ".MAIN_DB_PREFIX.$this->table_element; $sql.= " WHERE rowid = ".$id; - dol_syslog(get_class($this)."::fetch"); + dol_syslog(__METHOD__); $resql=$this->db->query($sql); if ($resql) { @@ -173,7 +173,7 @@ class PriceGlobalVariable $this->db->begin(); - dol_syslog(get_class($this)."::update"); + dol_syslog(__METHOD__); $resql = $this->db->query($sql); if (! $resql) { $error++; $this->errors[]="Error ".$this->db->lasterror(); } @@ -196,7 +196,7 @@ class PriceGlobalVariable { foreach($this->errors as $errmsg) { - dol_syslog(get_class($this)."::update ".$errmsg, LOG_ERR); + dol_syslog(__METHOD__." ".$errmsg, LOG_ERR); $this->error.=($this->error?', '.$errmsg:$errmsg); } $this->db->rollback(); @@ -243,7 +243,7 @@ class PriceGlobalVariable $sql = "DELETE FROM ".MAIN_DB_PREFIX.$this->table_element; $sql.= " WHERE rowid = ".$rowid; - dol_syslog(get_class($this)."::delete"); + dol_syslog(__METHOD__); $resql = $this->db->query($sql); if (! $resql) { $error++; $this->errors[]="Error ".$this->db->lasterror(); } } @@ -253,7 +253,7 @@ class PriceGlobalVariable { foreach($this->errors as $errmsg) { - dol_syslog(get_class($this)."::delete ".$errmsg, LOG_ERR); + dol_syslog(__METHOD__." ".$errmsg, LOG_ERR); $this->error.=($this->error?', '.$errmsg:$errmsg); } $this->db->rollback(); @@ -306,7 +306,7 @@ class PriceGlobalVariable $sql.= " FROM ".MAIN_DB_PREFIX.$this->table_element; $sql.= " ORDER BY code"; - dol_syslog(get_class($this)."::listGlobalVariables"); + dol_syslog(__METHOD__, LOG_DEBUG); $resql=$this->db->query($sql); if ($resql) { diff --git a/htdocs/product/dynamic_price/class/price_global_variable_updater.class.php b/htdocs/product/dynamic_price/class/price_global_variable_updater.class.php index 0948275ce2b..f4595062098 100644 --- a/htdocs/product/dynamic_price/class/price_global_variable_updater.class.php +++ b/htdocs/product/dynamic_price/class/price_global_variable_updater.class.php @@ -84,7 +84,7 @@ class PriceGlobalVariableUpdater $this->db->begin(); - dol_syslog(get_class($this)."::create", LOG_DEBUG); + dol_syslog(__METHOD__, LOG_DEBUG); $resql=$this->db->query($sql); if (! $resql) { $error++; $this->errors[]="Error ".$this->db->lasterror(); } @@ -135,7 +135,7 @@ class PriceGlobalVariableUpdater $sql.= " FROM ".MAIN_DB_PREFIX.$this->table_element; $sql.= " WHERE rowid = ".$id; - dol_syslog(get_class($this)."::fetch"); + dol_syslog(__METHOD__); $resql=$this->db->query($sql); if ($resql) { @@ -191,7 +191,7 @@ class PriceGlobalVariableUpdater $this->db->begin(); - dol_syslog(get_class($this)."::update"); + dol_syslog(__METHOD__); $resql = $this->db->query($sql); if (! $resql) { $error++; $this->errors[]="Error ".$this->db->lasterror(); } @@ -260,7 +260,7 @@ class PriceGlobalVariableUpdater $sql = "DELETE FROM ".MAIN_DB_PREFIX.$this->table_element; $sql.= " WHERE rowid = ".$rowid; - dol_syslog(get_class($this)."::delete"); + dol_syslog(__METHOD__); $resql = $this->db->query($sql); if (! $resql) { $error++; $this->errors[]="Error ".$this->db->lasterror(); } } @@ -270,7 +270,7 @@ class PriceGlobalVariableUpdater { foreach($this->errors as $errmsg) { - dol_syslog(get_class($this)."::delete ".$errmsg, LOG_ERR); + dol_syslog(__METHOD__." ".$errmsg, LOG_ERR); $this->error.=($this->error?', '.$errmsg:$errmsg); } $this->db->rollback(); @@ -346,7 +346,7 @@ class PriceGlobalVariableUpdater $sql = "SELECT rowid, type, description, parameters, fk_variable, update_interval, next_update, last_status"; $sql.= " FROM ".MAIN_DB_PREFIX.$this->table_element; - dol_syslog(get_class($this)."::listUpdaters"); + dol_syslog(__METHOD__, LOG_DEBUG); $resql=$this->db->query($sql); if ($resql) { @@ -388,7 +388,7 @@ class PriceGlobalVariableUpdater $sql.= " FROM ".MAIN_DB_PREFIX.$this->table_element; $sql.= " WHERE next_update < ".dol_now(); - dol_syslog(get_class($this)."::processUpdaters"); + dol_syslog(__METHOD__, LOG_DEBUG); $resql=$this->db->query($sql); if ($resql) { @@ -428,6 +428,7 @@ class PriceGlobalVariableUpdater { global $langs, $user; $langs->load("errors"); + dol_syslog(__METHOD__, LOG_DEBUG); $this->error = null; $this->checkParameters(); @@ -551,7 +552,7 @@ class PriceGlobalVariableUpdater $this->db->begin(); - dol_syslog(get_class($this)."::update_next_update"); + dol_syslog(__METHOD__); $resql = $this->db->query($sql); if (! $resql) { $error++; $this->errors[]="Error ".$this->db->lasterror(); } @@ -560,7 +561,7 @@ class PriceGlobalVariableUpdater { foreach($this->errors as $errmsg) { - dol_syslog(get_class($this)."::update_next_update ".$errmsg, LOG_ERR); + dol_syslog(__METHOD__." ".$errmsg, LOG_ERR); $this->error.=($this->error?', '.$errmsg:$errmsg); } $this->db->rollback(); @@ -595,7 +596,7 @@ class PriceGlobalVariableUpdater $this->db->begin(); - dol_syslog(get_class($this)."::update_status"); + dol_syslog(__METHOD__); $resql = $this->db->query($sql); if (! $resql) { $error++; $this->errors[]="Error ".$this->db->lasterror(); } @@ -604,7 +605,7 @@ class PriceGlobalVariableUpdater { foreach($this->errors as $errmsg) { - dol_syslog(get_class($this)."::update_status ".$errmsg, LOG_ERR); + dol_syslog(__METHOD__." ".$errmsg, LOG_ERR); $this->error.=($this->error?', '.$errmsg:$errmsg); } $this->db->rollback(); From e95ee4b8783bcc833e6edb0c37d0d44d3ec69bf4 Mon Sep 17 00:00:00 2001 From: Ion Date: Thu, 16 Feb 2017 11:45:57 +0100 Subject: [PATCH 5/6] Fix old parseProductSupplier call --- htdocs/fourn/class/fournisseur.product.class.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/fourn/class/fournisseur.product.class.php b/htdocs/fourn/class/fournisseur.product.class.php index 504147adff3..1c6363644f9 100644 --- a/htdocs/fourn/class/fournisseur.product.class.php +++ b/htdocs/fourn/class/fournisseur.product.class.php @@ -432,7 +432,7 @@ class ProductFournisseur extends Product if (empty($ignore_expression) && !empty($this->fk_supplier_price_expression)) { $priceparser = new PriceParser($this->db); - $price_result = $priceparser->parseProductSupplier($this->fk_product, $this->fk_supplier_price_expression, $this->fourn_qty, $this->fourn_tva_tx); + $price_result = $priceparser->parseProductSupplier($this); if ($price_result >= 0) { $this->fourn_price = $price_result; //recalculation of unitprice, as probably the price changed... From cb463d186a814da5c060feb17c33ccdcbf5e6a51 Mon Sep 17 00:00:00 2001 From: Ion Date: Mon, 6 Mar 2017 20:56:40 +0100 Subject: [PATCH 6/6] Error when fetching empty expression --- .../product/dynamic_price/class/price_expression.class.php | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/htdocs/product/dynamic_price/class/price_expression.class.php b/htdocs/product/dynamic_price/class/price_expression.class.php index 9a22313bc6c..5ce3068c144 100644 --- a/htdocs/product/dynamic_price/class/price_expression.class.php +++ b/htdocs/product/dynamic_price/class/price_expression.class.php @@ -121,6 +121,13 @@ class PriceExpression */ function fetch($id) { + // Check parameters + if (empty($id)) + { + $this->error='ErrorWrongParameters'; + return -1; + } + $sql = "SELECT title, expression"; $sql.= " FROM ".MAIN_DB_PREFIX.$this->table_element; $sql.= " WHERE rowid = ".$id;