lainwir3d/dolibarr
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #13 from Dolibarr/develop

Browse Source 
Update
This commit is contained in:
Damien BENOIT 2021-03-29 14:08:38 +02:00 committed by GitHub
commit 7f23df6ab6
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1554 changed files with 10451 additions and 95822 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

53
ChangeLog
View File

@ -7,6 +7,7 @@ English Dolibarr ChangeLog
For users:
----------
NEW: Several security issues after a second private bug bounty campaign.
For developers:
@ -19,12 +20,60 @@ WARNING:
Following changes may create regressions for some external modules, but were necessary to make Dolibarr better:
* The ICS value for direct debit or credit transfer is now store on each bank account instead of into the global setup.
* API /setup/shipment_methods has been replaced with API /setup/shipping_methods
* Field "tva" renamed into "total_tva" in llx_propal, llx_supplier_proposal, llx_commande, llx_commande_fournisseur for better field name consistency
* Field "total" renamed into "total_ttc" in llx_propal, llx_supplier_proposal for better field name consistency
* Field "tva" renamed into "total_tva" for table llx_propal, llx_supplier_proposal, llx_commande, llx_commande_fournisseur for better field name consistency
* Field "total" renamed into "total_ttc" for table lx_propal, llx_supplier_proposal for better field name consistency
* If your database is PostgreSql, you must use version 9.1.0 or more (Dolibarr need the SQL function CONCAT)
* If your database is MySql or MariaDB, you need at least version 5.1
***** ChangeLog for 13.0.2 compared to 13.0.1 *****
FIX: 11.0 - $this->socid injected in query without checking for empty value
FIX: #16096 #16085 Any call of ajax pages must provide the token
FIX: #16296
FIX: #16325
FIX: #16341 : Fetch the Product ExtraFields in Shippment lines
FIX: #16366
FIX: #16393 Do not sanitize <!DOCTYPE html>
FIX: #16420 #16423 #16488 #16477
FIX: #16431
FIX: #16465
FIX: #16480
FIX: #16485
FIX: #16487
FIX: #16503
FIX: #16530
FIX: #16533
FIX: #16629
FIX: #16671 Can not generate zip file of documents in backup tool
FIX: Add "Now" link on social charges creation card
FIX: avoid undefined url and missing token
FIX: Bad project filter in ticket list
FIX: Buttons to disable bindings not working
FIX: class not found when creating recuring invoice from invoice+discount
FIX: File attachment on lots
FIX: handling $heightforinfotot when he's superior to a page height on Supplier Invoice
FIX: hourglass and hide button to pay
FIX: massaction validate invoice do not regenerate pdf
FIX: missing mp4 video mime
FIX: picto on shipment to reset qty to 0. Some quantities were not reset.
FIX: Protection to avoid #16504
FIX: rounding amount on card updating
FIX: Rounding amount on social charges card updating
FIX: select list dependencies now work for ModuleBuilder sellist field
FIX: Status in popup of member in widget
FIX: status on tooltip on widgets
FIX: Timezone management for datetime on list of events
FIX: Timezone management for datetime with modulebuilder and extrafields
FIX: Total_ht not show in contract link element
FIX: use post instead get
FIX: use var "saved_url" instead global var "$url"
FIX: Various payment - Missing fields for check transmitter & bank name
FIX: warning if setup of chart of account is not yet done.
FIX: wrong extension
***** ChangeLog for 13.0.1 compared to 13.0.0 *****
FIX: 10.0 before crediting a withdrawal receipt, check whether it has been credited already.

10
SECURITY.md
View File

@ -12,7 +12,7 @@ This file contains some policies about the security reports on Dolibarr ERP CRM
## Reporting a Vulnerability
To report a vulnerability, please use GitHub security advisory at https://github.com/Dolibarr/dolibarr/security/advisories/new (or alternatively send an email to security@dolibarr.org)
To report a vulnerability, please use GitHub security advisory at https://github.com/Dolibarr/dolibarr/security/advisories/new (if you have permissions) or alternatively send an email to security@dolibarr.org (for everybody)
## Hunting vulnerabilities on Dolibarr
@ -55,7 +55,7 @@ ONLY vulnerabilities discovered, when the following setup on test platform is us
* $dolibarr_nocsrfcheck must be kept to the value 0 into conf.php (this is the default value)
* $dolibarr_main_force_https must be set to something else than 0.
* The constant MAIN_SECURITY_CSRF_WITH_TOKEN must be set to 1 into backoffice menu Home - Setup - Other (this protection should be set to 1 soon by default)
* The module DebugBar and ModuleBuilder must NOT be enabled (by default, this module is not enabled. This is a developer tool)
* The module DebugBar and ModuleBuilder must NOT be enabled (by default, these modules are not enabled. They are developer tools)
* ONLY security reports on modules provided by default and with the "stable" status are valid (troubles into "experimental", "developement" or external modules are not valid vulnerabilities).
* The root of web server must link to htdocs and the documents directory must be outside of the web server root (this is the default when using the default installer but may differs with external installer).
* The web server setup must be done so only the documents directory is in write mode. The root directory called htdocs must be readonly.
@ -65,12 +65,12 @@ ONLY vulnerabilities discovered, when the following setup on test platform is us
Scope is the web application (back office) and the APIs.
## Qualifying vulnerabilities for Bug bounty programs
## Qualifying vulnerabilities for reporting
* Remote code execution (RCE)
* Local files access and manipulation (LFI, RFI, XXE, SSRF, XSPA)
* Code injections (HTML, JS, SQL, PHP, ...)
* Cross-Site Scripting (XSS)
* Cross-Site Scripting (XSS), except from setup page of module "External web site" (allowing any content here, editable by admin user only, is accepted on purpose or into module "Web site" when permission to edit website content is allowed).
* Cross-Site Requests Forgery (CSRF) with real security impact (when using GET URLs, CSRF are qualified only for creating, updating or deleting data from pages restricted to admin users)
* Open redirect
* Broken authentication & session management
@ -82,7 +82,7 @@ Scope is the web application (back office) and the APIs.
* Stack traces or path disclosure (for non admin users only)
## Non-qualifying vulnerabilities for Bug bounty programs, but qualified for reporting
## Non-qualifying vulnerabilities for reporting
* "Self" XSS
* SSL/TLS best practices

2
build/debian/control
View File

@ -33,7 +33,7 @@ Depends: libapache2-mod-php5 | libapache2-mod-php5filter | php5-cgi | php5-fpm |
Recommends: apache2 | lighttpd | httpd,
mariadb-server | virtual-mysql-server,
# Required PHP extensions for debian 9 but we can't add them into a Depends, it does not exists on debian 7 and 8
php-xml, php-mbstring
php-xml, php-mbstring, php-intl
Suggests: www-browser, php5-geoip
Description: Web based software to manage a company or foundation
Dolibarr ERP & CRM is an easy to use open source/free software package for

2
build/doxygen/doxygen_header.html
View File

@ -2,7 +2,7 @@
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<title>$title</title>
<title>Dolibarr source code documentation</title>
<!-- from dolibarr.org -->
<meta http-equiv="Content-Type" content="text/html" charset=utf-8 />
<meta name="verify-v1"

66
dev/examples/zapier/README.md
View File

@ -1,68 +1,6 @@
# HOW TO BUILD
Take a look at the dolibarr wiki page of Zapier module:
## ENABLE MODULE ZAPIER ON DOLIBARR
This should also enable the module API (required for authentication by Zapier service and to execute action in Dolibarr by Zapier).
Create the Dolibarr login that will be used by Zapier to call APIs. Give the login the permissions on the action you plan to automate.
## CREATE A ZAPIER DEVELOPPER ACCOUNT
At first, you need to have a Zapier developper acoount, create it here [Zapier Platform](https://developer.zapier.com/)
## INSTALL ZAPIER COMMAND LINE TOOLS WITH LINK TO ZAPIER ONLINE ACCOUNT
### Install Node.js
An easy option to get set up with Node.js is to visit [https://nodejs.org/en/download/](https://nodejs.org/en/download/) and download the official installer for your OS. If you're installing with a package manager it's even easier.
After installation, confirm that Node.js is ready to use:
`node --version`
### Install the Zapier CLI
Next let's install the Zapier CLI tools. The CLI will allow you to build your app, deploy it to the Zapier platform, do local testing, manage users and testers, view remote logs, collaborate with your team, and more:
`cd dev/examples/zapier`
`npm install -g zapier-platform-cli` to install the CLI globally
`zapier --version` to return version of the CLI
### Run Zapier Login
Let's configure authentication between your dev environment and the Zapier platform. You'll use the email address and password you use to log in to the Zapier application.
`zapier login`
This command will set up a .zapierrc file in your home directory.
### Install the Project
In zapier example directory, run:
`cd dev/examples/zapier`
`npm install`
### Deploying your App
Let's deploy it! When you're ready to try your code out on the Zapier platform use the push command. Only you will be able to see the app until you invite testers.
`zapier register` (the first time, choose name for example "Dolibarr")
`zapier push`
After a push, the Application, with the name you defined during the register step, is available when creating a Zap.
You will find original tutorial here : [https://zapier.com/developer/start/introduction](https://zapier.com/developer/start/introduction)
### Create a Zap
Create a ZAP that use the application you registered.
For authentication, you must enter the login / pass of account used by Zapier to call APIs.
https://wiki.dolibarr.org/index.php?title=Module_Zapier

54
dev/setup/git/hooks/pre-commit
View File

@ -1,13 +1,17 @@
#!/bin/sh
# To install this precommit file: put this file in your local repo in .git/hooks directory and make it executable
# you need to adapt the path to your phpcs install
# if phpcs check fail, then it run phpcbf to fix automaticaly the syntax, and git commit is canceled
# if you have a multiprocessor computer, you can add to the option --parallel=xx
# when running git commit, it first execute this file checking only modified files, so it is faster than running on all files
# To run the fix manually: cd ~/git/dolibarr; phpcbf -s -p -d memory_limit=-1 --extensions=php --colors --tab-width=4 --standard=dev/setup/codesniffer/ruleset.xml --encoding=utf-8 --runtime-set ignore_warnings_on_exit true fileordir
# To install this precommit file: put this file in your local repo in .git/hooks directory and make it executable.
# You may need to set th DIRPHPCS to the path to your phpcs install.
# If phpcs check fail and AUTOFIX is set to 1, then it run phpcbf to fix automaticaly the syntax, and git commit is canceled.
# If you have a multiprocessor computer, you can add to the option --parallel=xx
# When running git commit, it first execute this file checking only modified files, so it is faster than running on all files
# To run the fix manually: cd ~/git/dolibarr; phpcbf -s -p -d memory_limit=-1 --extensions=php --colors --tab-width=4 --standard=dev/setup/codesniffer/ruleset.xml --encoding=utf-8 --runtime-set ignore_warnings_on_exit true "fileordir"
PROJECT=`php -r "echo dirname(dirname(dirname(realpath('$0'))));"`
STAGED_FILES_CMD=`git diff --cached --name-only --diff-filter=ACMR HEAD | grep \\\\.php`
DIRPHPCS=""
AUTOFIX=1
echo "Running precommit hook in .git/hooks/pre-commit" 1>&2;
# Determine if a file list is passed
if [ "$#" -eq 1 ]
@ -20,36 +24,50 @@ then
fi
SFILES=${SFILES:-$STAGED_FILES_CMD}
echo "Checking PHP Lint..."
echo "Checking PHP Lint with php -l ..."
for FILE in $SFILES
do
php -l -d display_errors=0 $PROJECT/$FILE
if [ $? != 0 ]
result1=$?
if [ "x$result1" != "x0" ]
then
echo "Fix the error before commit."
echo "Fix the error before commit." 1>&2;
exit 1
fi
FILES="$FILES $PROJECT/$FILE"
done
if [ "$FILES" != "" ]
then
echo "Running PHPCS Code Sniffer..."
#~/vendor/bin/phpcs --version
#phpcs --standard=PSR2 --encoding=utf-8 -n -p $FILES
# Check Dolibarr standard
~/vendor/bin/phpcs -s -p -d memory_limit=-1 --parallel=2 --extensions=php --colors --tab-width=4 --standard=dev/setup/codesniffer/ruleset.xml --encoding=utf-8 --runtime-set ignore_warnings_on_exit true $FILES
${DIRPHPCS}phpcs -s -p -d memory_limit=-1 --parallel=2 --extensions=php --colors --tab-width=4 --standard=dev/setup/codesniffer/ruleset.xml --encoding=utf-8 --runtime-set ignore_warnings_on_exit true $FILES
# Check your own standard
#~/vendor/bin/phpcs -s -p -d memory_limit=-1 --parallel=2 --extensions=php --colors --tab-width=4 --standard=htdocs/custom/codesniffer/ruleset.xml --encoding=utf-8 --runtime-set ignore_warnings_on_exit true $FILES
#${DIRPHPCS}phpcs -s -p -d memory_limit=-1 --parallel=2 --extensions=php --colors --tab-width=4 --standard=htdocs/custom/codesniffer/ruleset.xml --encoding=utf-8 --runtime-set ignore_warnings_on_exit true $FILES
result2=$?
if [ $? != 0 ]
if [ "x$result2" != "x0" ]
then
# fix standard errors
~/vendor/bin/phpcbf -s -p -d memory_limit=-1 --extensions=php --colors --tab-width=4 --standard=dev/setup/codesniffer/ruleset.xml --encoding=utf-8 --runtime-set ignore_warnings_on_exit true $FILES
#~/vendor/bin/phpcbf -s -p -d memory_limit=-1 --extensions=php --colors --tab-width=4 --standard=htdocs/custom/codesniffer/ruleset.xml --encoding=utf-8 --runtime-set ignore_warnings_on_exit true $FILES
echo "Fix the error before commit."
exit 1
# Fix standard errors
if [ "x$AUTOFIX" != "x0" ]
then
${DIRPHPCS}phpcbf -s -p -d memory_limit=-1 --extensions=php --colors --tab-width=4 --standard=dev/setup/codesniffer/ruleset.xml --encoding=utf-8 --runtime-set ignore_warnings_on_exit true $FILES
#${DIRPHPCS}phpcbf -s -p -d memory_limit=-1 --extensions=php --colors --tab-width=4 --standard=htdocs/custom/codesniffer/ruleset.xml --encoding=utf-8 --runtime-set ignore_warnings_on_exit true $FILES
echo "Found some errors in syntax rules. An automatic fix has been applied. Check it before commit." 1>&2;
exit 1
else
echo "Found some errors in syntax rules. Fix the error(s) before commit." 1>&2;
exit 1
fi
fi
fi
exit $?
exit 0

12
htdocs/accountancy/admin/account.php
View File

@ -529,11 +529,11 @@ if ($resql) {
if (!empty($arrayfields['aa.reconcilable']['checked'])) {
print '<td class="center">';
if (empty($obj->reconcilable)) {
print '<a class="reposition" href="'.$_SERVER["PHP_SELF"].'?id='.$obj->rowid.'&action=enable&mode=1">';
print '<a class="reposition" href="'.$_SERVER["PHP_SELF"].'?id='.$obj->rowid.'&action=enable&mode=1&token='.newToken().'">';
print img_picto($langs->trans("Disabled"), 'switch_off');
print '</a>';
} else {
print '<a class="reposition" href="'.$_SERVER["PHP_SELF"].'?id='.$obj->rowid.'&action=disable&mode=1">';
print '<a class="reposition" href="'.$_SERVER["PHP_SELF"].'?id='.$obj->rowid.'&action=disable&mode=1&token='.newToken().'">';
print img_picto($langs->trans("Activated"), 'switch_on');
print '</a>';
}
@ -548,11 +548,11 @@ if ($resql) {
if (!empty($arrayfields['aa.active']['checked'])) {
print '<td class="center">';
if (empty($obj->active)) {
print '<a class="reposition" href="'.$_SERVER["PHP_SELF"].'?id='.$obj->rowid.'&action=enable&mode=0">';
print '<a class="reposition" href="'.$_SERVER["PHP_SELF"].'?id='.$obj->rowid.'&action=enable&mode=0&token='.newToken().'">';
print img_picto($langs->trans("Disabled"), 'switch_off');
print '</a>';
} else {
print '<a class="reposition" href="'.$_SERVER["PHP_SELF"].'?id='.$obj->rowid.'&action=disable&mode=0">';
print '<a class="reposition" href="'.$_SERVER["PHP_SELF"].'?id='.$obj->rowid.'&action=disable&mode=0&token='.newToken().'">';
print img_picto($langs->trans("Activated"), 'switch_on');
print '</a>';
}
@ -582,6 +582,10 @@ if ($resql) {
$i++;
}
if ($num == 0) {
print '<tr><td colspan="'.$totalarray['nbfield'].'"><span class="opacitymedium">'.$langs->trans("None").'</span></td></tr>';
}
print "</table>";
print "</div>";
print '</form>';

4
htdocs/accountancy/admin/accountmodel.php
View File

@ -180,10 +180,6 @@ if (GETPOST('actionadd', 'alpha') || GETPOST('actionmodify', 'alpha')) {
}
}
// Other checks
if ($tabname[$id] == MAIN_DB_PREFIX."c_actioncomm" && GETPOSTISSET("type") && in_array($_POST["type"], array('system', 'systemauto'))) {
$ok = 0;
setEventMessages($langs->transnoentities('ErrorReservedTypeSystemSystemAuto'), null, 'errors');
}
if (GETPOSTISSET("pcg_version")) {
if (GETPOST("pcg_version") == '0') {
$ok = 0;

6
htdocs/accountancy/admin/card.php
View File

@ -212,8 +212,10 @@ $accountsystem = new AccountancySystem($db);
$accountsystem->fetch($conf->global->CHARTOFACCOUNTS);
$title = $langs->trans('AccountAccounting')." - ".$langs->trans('Card');
$helpurl = '';
llxheader('', $title, $helpurl);
$help_url = 'EN:Category:Accounting';
llxheader('', $title, $help_url);
// Create mode

2
htdocs/accountancy/admin/categories_list.php
View File

@ -185,7 +185,7 @@ if (GETPOST('actionadd', 'alpha') || GETPOST('actionmodify', 'alpha')) {
}
}
if (GETPOSTISSET("code")) {
if ($_POST["code"] == '0') {
if (GETPOST("code") == '0') {
$ok = 0;
setEventMessages($langs->transnoentities('ErrorCodeCantContainZero'), null, 'errors');
}

6
htdocs/accountancy/admin/fiscalyear.php
View File

@ -91,8 +91,10 @@ $form = new Form($db);
$fiscalyearstatic = new Fiscalyear($db);
$title = $langs->trans('AccountingPeriods');
$helpurl = "";
llxHeader('', $title, $helpurl);
$help_url = "EN:Module_Double_Entry_Accounting";
llxHeader('', $title, $help_url);
$sql = "SELECT f.rowid, f.label, f.date_start, f.date_end, f.statut, f.entity";
$sql .= " FROM ".MAIN_DB_PREFIX."accounting_fiscalyear as f";

16
htdocs/accountancy/admin/fiscalyear_card.php
View File

@ -121,8 +121,8 @@ if ($action == 'confirm_delete' && $confirm == "yes") {
if (!GETPOST('cancel', 'alpha')) {
$result = $object->fetch($id);
$object->date_start = empty($_POST["fiscalyear"]) ? '' : $date_start;
$object->date_end = empty($_POST["fiscalyearend"]) ? '' : $date_end;
$object->date_start = GETPOST("fiscalyear") ? $date_start : '';
$object->date_end = GETPOST("fiscalyearend") ? $date_end : '';
$object->label = GETPOST('label', 'alpha');
$object->statut = GETPOST('statut', 'int');
@ -149,8 +149,10 @@ if ($action == 'confirm_delete' && $confirm == "yes") {
$form = new Form($db);
$title = $langs->trans("Fiscalyear")." - ".$langs->trans("Card");
$helpurl = "";
llxHeader("", $title, $helpurl);
$help_url = "EN:Module_Double_Entry_Accounting";
llxHeader('', $title, $help_url);
if ($action == 'create') {
print load_fiche_titre($langs->trans("NewFiscalYear"));
@ -298,10 +300,10 @@ if ($action == 'create') {
print dol_get_fiche_end();
/*
* Action bar
*/
if (!empty($user->rights->accounting->fiscalyear->write)) {
/*
* Barre d'actions
*/
print '<div class="tabsAction">';
print '<a class="butAction" href="'.$_SERVER["PHP_SELF"].'?action=edit&token='.newToken().'&id='.$id.'">'.$langs->trans('Modify').'</a>';

8
htdocs/accountancy/admin/fiscalyear_info.php
View File

@ -39,10 +39,14 @@ if (!$user->rights->accounting->fiscalyear->write) {
$id = GETPOST('id', 'int');
// View
$title = $langs->trans("Fiscalyear")." - ".$langs->trans("Info");
$helpurl = "";
llxHeader("", $title, $helpurl);
$help_url = "EN:Module_Double_Entry_Accounting";
llxHeader('', $title, $help_url);
if ($id) {
$object = new Fiscalyear($db);

13
htdocs/accountancy/admin/index.php
View File

@ -7,6 +7,7 @@
* Copyright (C) 2014 Juanjo Menent <jmenent@2byte.es>
* Copyright (C) 2015 Jean-François Ferry <jfefe@aternatik.fr>
* Copyright (C) 2017 Laurent Destailleur <eldy@destailleur.fr>
* Copyright (C) 2021 Ferran Marcet <fmarcet@2byte.es>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -383,11 +384,11 @@ foreach ($list_binding as $key) {
print '<tr class="oddeven">';
print '<td>'.$langs->trans("ACCOUNTING_DISABLE_BINDING_ON_SALES").'</td>';
if (!empty($conf->global->ACCOUNTING_DISABLE_BINDING_ON_SALES)) {
print '<td class="right"><a class="reposition" href="'.$_SERVER['PHP_SELF'].'?token='.newToken().'&disablebindingonsales&value=0">';
print '<td class="right"><a class="reposition" href="'.$_SERVER['PHP_SELF'].'?token='.newToken().'&action=setdisablebindingonsales&value=0">';
print img_picto($langs->trans("Activated"), 'switch_on');
print '</a></td>';
} else {
print '<td class="right"><a class="reposition" href="'.$_SERVER['PHP_SELF'].'?token='.newToken().'&disablebindingonsales&value=1">';
print '<td class="right"><a class="reposition" href="'.$_SERVER['PHP_SELF'].'?token='.newToken().'&action=setdisablebindingonsales&value=1">';
print img_picto($langs->trans("Disabled"), 'switch_off');
print '</a></td>';
}
@ -396,11 +397,11 @@ print '</tr>';
print '<tr class="oddeven">';
print '<td>'.$langs->trans("ACCOUNTING_DISABLE_BINDING_ON_PURCHASES").'</td>';
if (!empty($conf->global->ACCOUNTING_DISABLE_BINDING_ON_PURCHASES)) {
print '<td class="right"><a class="reposition" href="'.$_SERVER['PHP_SELF'].'?token='.newToken().'&disablebindingonpurchases&value=0">';
print '<td class="right"><a class="reposition" href="'.$_SERVER['PHP_SELF'].'?token='.newToken().'&action=setdisablebindingonpurchases&value=0">';
print img_picto($langs->trans("Activated"), 'switch_on');
print '</a></td>';
} else {
print '<td class="right"><a class="reposition" href="'.$_SERVER['PHP_SELF'].'?token='.newToken().'&disablebindingonpurchases&value=1">';
print '<td class="right"><a class="reposition" href="'.$_SERVER['PHP_SELF'].'?token='.newToken().'&action=setdisablebindingonpurchases&value=1">';
print img_picto($langs->trans("Disabled"), 'switch_off');
print '</a></td>';
}
@ -409,11 +410,11 @@ print '</tr>';
print '<tr class="oddeven">';
print '<td>'.$langs->trans("ACCOUNTING_DISABLE_BINDING_ON_EXPENSEREPORTS").'</td>';
if (!empty($conf->global->ACCOUNTING_DISABLE_BINDING_ON_EXPENSEREPORTS)) {
print '<td class="right"><a class="reposition" href="'.$_SERVER['PHP_SELF'].'?token='.newToken().'&disablebindingonexpensereports&value=0">';
print '<td class="right"><a class="reposition" href="'.$_SERVER['PHP_SELF'].'?token='.newToken().'&action=setdisablebindingonexpensereports&value=0">';
print img_picto($langs->trans("Activated"), 'switch_on');
print '</a></td>';
} else {
print '<td class="right"><a class="reposition" href="'.$_SERVER['PHP_SELF'].'?token='.newToken().'&disablebindingonexpensereports&value=1">';
print '<td class="right"><a class="reposition" href="'.$_SERVER['PHP_SELF'].'?token='.newToken().'&action=setdisablebindingonexpensereports&value=1">';
print img_picto($langs->trans("Disabled"), 'switch_off');
print '</a></td>';
}

4
htdocs/accountancy/admin/subaccount.php
View File

@ -419,11 +419,11 @@ if ($resql) {
if (!empty($arrayfields['reconcilable']['checked'])) {
print '<td class="center">';
if (empty($obj->reconcilable)) {
print '<a class="reposition" href="'.$_SERVER["PHP_SELF"].'?id='.$obj->rowid.'&action=enable&mode=1">';
print '<a class="reposition" href="'.$_SERVER["PHP_SELF"].'?id='.$obj->rowid.'&action=enable&mode=1&token='.newToken().'">';
print img_picto($langs->trans("Disabled"), 'switch_off');
print '</a>';
} else {
print '<a class="reposition" href="'.$_SERVER["PHP_SELF"].'?id='.$obj->rowid.'&action=disable&mode=1">';
print '<a class="reposition" href="'.$_SERVER["PHP_SELF"].'?id='.$obj->rowid.'&action=disable&mode=1&token='.newToken().'">';
print img_picto($langs->trans("Activated"), 'switch_on');
print '</a>';
}

12
htdocs/accountancy/bookkeeping/balance.php
View File

@ -135,6 +135,18 @@ if (!empty($search_accountancy_code_end)) {
$param .= '&amp;search_accountancy_code_end='.$search_accountancy_code_end;
}
if (empty($conf->accounting->enabled)) {
accessforbidden();
}
if ($user->socid > 0) {
accessforbidden();
}
if (empty($user->rights->accounting->mouvements->lire)) {
accessforbidden();
}
/*
* Action
*/

22
htdocs/accountancy/bookkeeping/card.php
View File

@ -44,13 +44,6 @@ $id = GETPOST('id', 'int'); // id of record
$mode = GETPOST('mode', 'aZ09'); // '' or '_tmp'
$piece_num = GETPOST("piece_num", 'int'); // id of transaction (several lines share the same transaction id)
// Security check
if ($user->socid > 0) {
accessforbidden();
}
$mesg = '';
$accountingaccount = new AccountingAccount($db);
$accountingjournal = new AccountingJournal($db);
@ -83,6 +76,17 @@ if (!empty($update)) {
$object = new BookKeeping($db);
// Security check
if (empty($conf->accounting->enabled)) {
accessforbidden();
}
if ($user->socid > 0) {
accessforbidden();
}
if (empty($user->rights->accounting->mouvements->lire)) {
accessforbidden();
}
/*
* Actions
@ -539,11 +543,11 @@ if ($action == 'create') {
print '<td class="titlefield">' . $langs->trans("Status") . '</td>';
print '<td>';
if (empty($object->validated)) {
print '<a class="reposition" href="' . $_SERVER["PHP_SELF"] . '?piece_num=' . $line->id . '&action=enable">';
print '<a class="reposition" href="' . $_SERVER["PHP_SELF"] . '?piece_num=' . $line->id . '&action=enable&token='.newToken().'">';
print img_picto($langs->trans("Disabled"), 'switch_off');
print '</a>';
} else {
print '<a class="reposition" href="' . $_SERVER["PHP_SELF"] . '?piece_num=' . $line->id . '&action=disable">';
print '<a class="reposition" href="' . $_SERVER["PHP_SELF"] . '?piece_num=' . $line->id . '&action=disable&token='.newToken().'">';
print img_picto($langs->trans("Activated"), 'switch_on');
print '</a>';
}

16
htdocs/accountancy/bookkeeping/list.php
View File

@ -3,7 +3,7 @@
* Copyright (C) 2013-2016 Florian Henry <florian.henry@open-concept.pro>
* Copyright (C) 2013-2020 Alexandre Spangaro <aspangaro@open-dsi.fr>
* Copyright (C) 2016-2017 Laurent Destailleur <eldy@users.sourceforge.net>
* Copyright (C) 2018 Frédéric France <frederic.france@netlogic.fr>
* Copyright (C) 2018-2021 Frédéric France <frederic.france@netlogic.fr>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -171,6 +171,16 @@ if (empty($listofformat[$formatexportset])) {
$error = 0;
if (empty($conf->accounting->enabled)) {
accessforbidden();
}
if ($user->socid > 0) {
accessforbidden();
}
if (empty($user->rights->accounting->mouvements->lire)) {
accessforbidden();
}
/*
* Actions
@ -471,7 +481,7 @@ if (count($filter) > 0) {
}
}
$sql .= ' WHERE t.entity IN ('.getEntity('accountancy').')';
if ($conf->global->ACCOUNTING_REEXPORT == 0) {
if (empty($conf->global->ACCOUNTING_REEXPORT)) {
$sql .= " AND t.date_export IS NULL";
}
if (count($sqlwhere) > 0) {
@ -487,7 +497,7 @@ if (!empty($sortfield)) {
// Must be after definition of $sql
if ($action == 'export_fileconfirm' && $user->rights->accounting->mouvements->export) {
// TODO Replace the fetchAll + ->export later that consume too much memory on large export with the query($sql) and loop on each line to export them.
$result = $object->fetchAll($sortorder, $sortfield, 0, 0, $filter, 'AND', $conf->global->ACCOUNTING_REEXPORT);
$result = $object->fetchAll($sortorder, $sortfield, 0, 0, $filter, 'AND', (empty($conf->global->ACCOUNTING_REEXPORT) ? 0 : 1));
if ($result < 0) {
setEventMessages($object->error, $object->errors, 'errors');

10
htdocs/accountancy/bookkeeping/listbyaccount.php
View File

@ -163,6 +163,16 @@ if ($search_date_end && empty($search_date_endyear)) {
$search_date_endday = $tmparray['mday'];
}
if (empty($conf->accounting->enabled)) {
accessforbidden();
}
if ($user->socid > 0) {
accessforbidden();
}
if (empty($user->rights->accounting->mouvements->lire)) {
accessforbidden();
}
/*
* Action

11
htdocs/accountancy/bookkeeping/listbysubaccount.php
View File

@ -163,10 +163,21 @@ if ($search_date_end && empty($search_date_endyear)) {
$search_date_endday = $tmparray['mday'];
}
if (empty($conf->accounting->enabled)) {
accessforbidden();
}
if ($user->socid > 0) {
accessforbidden();
}
if (empty($user->rights->accounting->mouvements->lire)) {
accessforbidden();
}
/*
* Action
*/
if (GETPOST('cancel', 'alpha')) {
$action = 'list'; $massaction = '';
}

12
htdocs/accountancy/bookkeeping/thirdparty_lettering_customer.php
View File

@ -94,6 +94,16 @@ if ($result < 0) {
setEventMessages($object->error, $object->errors, 'errors');
}
if (empty($conf->accounting->enabled)) {
accessforbidden();
}
if ($user->socid > 0) {
accessforbidden();
}
if (empty($user->rights->accounting->mouvements->lire)) {
accessforbidden();
}
/*
* Action
@ -128,7 +138,7 @@ $form = new Form($db);
$formaccounting = new FormAccounting($db);
$title = $object->name." - ".$langs->trans('TabLetteringCustomer');
$help_url = 'EN:Module_Third_Parties|FR:Module_Tiers|ES:Empresas';
$help_url = 'EN:Module_Third_Parties|FR:Module_Tiers|ES:Empresas|DE:Modul_Geschäftspartner';
llxHeader('', $title, $help_url);
$head = societe_prepare_head($object);

13
htdocs/accountancy/bookkeeping/thirdparty_lettering_supplier.php
View File

@ -94,10 +94,21 @@ if ($result < 0) {
setEventMessages($object->error, $object->errors, 'errors');
}
if (empty($conf->accounting->enabled)) {
accessforbidden();
}
if ($user->socid > 0) {
accessforbidden();
}
if (empty($user->rights->accounting->mouvements->lire)) {
accessforbidden();
}
/*
* Action
*/
if ($action == 'lettering') {
$result = $lettering->updateLettering($toselect);
@ -127,7 +138,7 @@ $form = new Form($db);
$formaccounting = new FormAccounting($db);
$title = $object->name." - ".$langs->trans('TabLetteringSupplier');
$help_url = 'EN:Module_Third_Parties|FR:Module_Tiers|ES:Empresas';
$help_url = 'EN:Module_Third_Parties|FR:Module_Tiers|ES:Empresas|DE:Modul_Geschäftspartner';
llxHeader('', $title, $help_url);
$head = societe_prepare_head($object);

8
htdocs/accountancy/class/accountancycategory.class.php
View File

@ -261,7 +261,7 @@ class AccountancyCategory // extends CommonObject
$sql .= " t.active";
$sql .= " FROM ".MAIN_DB_PREFIX."c_accounting_category as t";
if ($id) {
$sql .= " WHERE t.rowid = ".$id;
$sql .= " WHERE t.rowid = ".((int) $id);
} else {
$sql .= " WHERE t.entity IN (".getEntity('c_accounting_category').")"; // Dont't use entity if you use rowid
if ($code) {
@ -354,7 +354,7 @@ class AccountancyCategory // extends CommonObject
$sql .= " position=".(isset($this->position) ? $this->position : "null").",";
$sql .= " fk_country=".(isset($this->fk_country) ? $this->fk_country : "null").",";
$sql .= " active=".(isset($this->active) ? $this->active : "null")."";
$sql .= " WHERE rowid=".$this->id;
$sql .= " WHERE rowid=".((int) $this->id);
$this->db->begin();
@ -392,7 +392,7 @@ class AccountancyCategory // extends CommonObject
$error = 0;
$sql = "DELETE FROM ".MAIN_DB_PREFIX."c_accounting_category";
$sql .= " WHERE rowid=".$this->id;
$sql .= " WHERE rowid=".((int) $this->id);
$this->db->begin();
@ -743,7 +743,7 @@ class AccountancyCategory // extends CommonObject
}
$listofaccount .= "'".$cptcursor."'";
}
$sql .= " AND t.numero_compte IN (".$listofaccount.")";
$sql .= " AND t.numero_compte IN (".$this->db->sanitize($listofaccount).")";
} else {
$sql .= " AND t.numero_compte = '".$this->db->escape($cpt)."'";
}

4
htdocs/accountancy/class/accountingaccount.class.php
View File

@ -414,7 +414,7 @@ class AccountingAccount extends CommonObject
if (!$error) {
$sql = "DELETE FROM ".MAIN_DB_PREFIX."accounting_account";
$sql .= " WHERE rowid=".$this->id;
$sql .= " WHERE rowid=".((int) $this->id);
dol_syslog(get_class($this)."::delete sql=".$sql);
$resql = $this->db->query($sql);
@ -553,7 +553,7 @@ class AccountingAccount extends CommonObject
{
$sql = 'SELECT a.rowid, a.datec, a.fk_user_author, a.fk_user_modif, a.tms';
$sql .= ' FROM '.MAIN_DB_PREFIX.'accounting_account as a';
$sql .= ' WHERE a.rowid = '.$id;
$sql .= ' WHERE a.rowid = '.((int) $id);
dol_syslog(get_class($this).'::info sql='.$sql);
$result = $this->db->query($sql);

6
htdocs/accountancy/class/bookkeeping.class.php
View File

@ -729,7 +729,7 @@ class BookKeeping extends CommonObject
if (null !== $ref) {
$sql .= " AND t.ref = '".$this->db->escape($ref)."'";
} else {
$sql .= ' AND t.rowid = '.$id;
$sql .= ' AND t.rowid = '.((int) $id);
}
$resql = $this->db->query($sql);
@ -1262,7 +1262,7 @@ class BookKeeping extends CommonObject
$sql .= ' code_journal = '.(isset($this->code_journal) ? "'".$this->db->escape($this->code_journal)."'" : "null").',';
$sql .= ' journal_label = '.(isset($this->journal_label) ? "'".$this->db->escape($this->journal_label)."'" : "null").',';
$sql .= ' piece_num = '.(isset($this->piece_num) ? $this->piece_num : "null");
$sql .= ' WHERE rowid='.$this->id;
$sql .= ' WHERE rowid='.((int) $this->id);
$this->db->begin();
@ -1359,7 +1359,7 @@ class BookKeeping extends CommonObject
if (!$error) {
$sql = 'DELETE FROM '.MAIN_DB_PREFIX.$this->table_element.$mode;
$sql .= ' WHERE rowid='.$this->id;
$sql .= ' WHERE rowid='.((int) $this->id);
$resql = $this->db->query($sql);
if (!$resql) {

8
htdocs/accountancy/class/lettering.class.php
View File

@ -126,7 +126,7 @@ class Lettering extends BookKeeping
if (count($ids_fact)) {
$sql = 'SELECT bk.rowid, facf.ref, facf.ref_supplier ';
$sql .= " FROM ".MAIN_DB_PREFIX."facture_fourn facf ";
$sql .= " INNER JOIN ".MAIN_DB_PREFIX."accounting_bookkeeping as bk ON( bk.fk_doc = facf.rowid AND facf.rowid IN (".implode(',', $ids_fact)."))";
$sql .= " INNER JOIN ".MAIN_DB_PREFIX."accounting_bookkeeping as bk ON( bk.fk_doc = facf.rowid AND facf.rowid IN (".$this->db->sanitize(implode(',', $ids_fact))."))";
$sql .= " WHERE bk.code_journal IN (SELECT code FROM ".MAIN_DB_PREFIX."accounting_journal WHERE nature=3 AND entity=".$conf->entity.") ";
$sql .= " AND facf.entity = ".$conf->entity;
$sql .= " AND ( ";
@ -185,7 +185,7 @@ class Lettering extends BookKeeping
if (count($ids_fact)) {
$sql = 'SELECT bk.rowid, fac.ref, fac.ref_supplier ';
$sql .= " FROM ".MAIN_DB_PREFIX."facture fac ";
$sql .= " INNER JOIN ".MAIN_DB_PREFIX."accounting_bookkeeping as bk ON( bk.fk_doc = fac.rowid AND fac.rowid IN (".implode(',', $ids_fact)."))";
$sql .= " INNER JOIN ".MAIN_DB_PREFIX."accounting_bookkeeping as bk ON( bk.fk_doc = fac.rowid AND fac.rowid IN (".$this->db->sanitize(implode(',', $ids_fact))."))";
$sql .= " WHERE code_journal IN (SELECT code FROM ".MAIN_DB_PREFIX."accounting_journal WHERE nature=2 AND entity=".$conf->entity.") ";
$sql .= " AND fac.entity IN (".getEntity('invoice', 0).")"; // We don't share object for accountancy
$sql .= " AND ( ";
@ -255,7 +255,7 @@ class Lettering extends BookKeeping
}
$sql = "SELECT SUM(ABS(debit)) as deb, SUM(ABS(credit)) as cred FROM ".MAIN_DB_PREFIX."accounting_bookkeeping WHERE ";
$sql .= " rowid IN (".implode(',', $ids).") AND date_validated IS NULL";
$sql .= " rowid IN (".$this->db->sanitize(implode(',', $ids)).") AND date_validated IS NULL";
$result = $this->db->query($sql);
if ($result) {
$obj = $this->db->fetch_object($result);
@ -276,7 +276,7 @@ class Lettering extends BookKeeping
$sql = "UPDATE ".MAIN_DB_PREFIX."accounting_bookkeeping SET";
$sql .= " lettering_code='".$this->db->escape($lettre)."'";
$sql .= " , date_lettering = '".$this->db->idate($now)."'"; // todo correct date it's false
$sql .= " WHERE rowid IN (".implode(',', $ids).") AND date_validated IS NULL ";
$sql .= " WHERE rowid IN (".$this->db->sanitize(implode(',', $ids)).") AND date_validated IS NULL ";
$this->db->begin();
dol_syslog(get_class($this)."::update sql=".$sql, LOG_DEBUG);

26
htdocs/accountancy/closure/index.php
View File

@ -35,17 +35,6 @@ $socid = GETPOST('socid', 'int');
$action = GETPOST('action', 'aZ09');
// Security check
if (empty($conf->accounting->enabled)) {
accessforbidden();
}
if ($user->socid > 0) {
accessforbidden();
}
if (!$user->rights->accounting->fiscalyear->write) {
accessforbidden();
}
$object = new BookKeeping($db);
$month_start = ($conf->global->SOCIETE_FISCAL_MONTH_START ? ($conf->global->SOCIETE_FISCAL_MONTH_START) : 1);
@ -67,10 +56,23 @@ $search_date_start = dol_mktime(0, 0, 0, $month_start, 1, $year_start);
$search_date_end = dol_get_last_day($year_end, $month_end);
$year_current = $year_start;
// Security check
if (empty($conf->accounting->enabled)) {
accessforbidden();
}
if ($user->socid > 0) {
accessforbidden();
}
if (!$user->rights->accounting->fiscalyear->write) {
accessforbidden();
}
/*
* Actions
*/
if ($action == 'validate_movements_confirm' && $user->rights->accounting->fiscalyear->write) {
if ($action == 'validate_movements_confirm' && !empty($user->rights->accounting->fiscalyear->write)) {
$result = $object->fetchAll();
if ($result < 0) {

11
htdocs/accountancy/customer/card.php
View File

@ -38,9 +38,16 @@ $codeventil = GETPOST('codeventil', 'int');
$id = GETPOST('id', 'int');
// Security check
if (empty($conf->accounting->enabled)) {
accessforbidden();
}
if ($user->socid > 0) {
accessforbidden();
}
if (empty($user->rights->accounting->mouvements->lire)) {
accessforbidden();
}
/*
@ -55,7 +62,7 @@ if ($action == 'ventil' && $user->rights->accounting->bind->write) {
$sql = " UPDATE ".MAIN_DB_PREFIX."facturedet";
$sql .= " SET fk_code_ventilation = ".$codeventil;
$sql .= " WHERE rowid = ".$id;
$sql .= " WHERE rowid = ".((int) $id);
$resql = $db->query($sql);
if (!$resql) {
@ -99,7 +106,7 @@ if (!empty($id)) {
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."product as p ON p.rowid = l.fk_product";
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."accounting_account as aa ON l.fk_code_ventilation = aa.rowid";
$sql .= " INNER JOIN ".MAIN_DB_PREFIX."facture as f ON f.rowid = l.fk_facture";
$sql .= " WHERE f.fk_statut > 0 AND l.rowid = ".$id;
$sql .= " WHERE f.fk_statut > 0 AND l.rowid = ".((int) $id);
$sql .= " AND f.entity IN (".getEntity('invoice', 0).")"; // We don't share object for accountancy
dol_syslog("/accounting/customer/card.php sql=".$sql, LOG_DEBUG);

16
htdocs/accountancy/customer/lines.php
View File

@ -80,13 +80,17 @@ if (!$sortorder) {
}
// Security check
if (empty($conf->accounting->enabled)) {
accessforbidden();
}
if ($user->socid > 0) {
accessforbidden();
}
if (!$user->rights->accounting->bind->write) {
if (empty($user->rights->accounting->mouvements->lire)) {
accessforbidden();
}
$formaccounting = new FormAccounting($db);
@ -112,7 +116,7 @@ if (GETPOST('button_removefilter_x', 'alpha') || GETPOST('button_removefilter.x'
$search_tvaintra = '';
}
if (is_array($changeaccount) && count($changeaccount) > 0) {
if (is_array($changeaccount) && count($changeaccount) > 0 && $user->rights->accounting->bind->write) {
$error = 0;
if (!(GETPOST('account_parent', 'int') >= 0)) {
@ -125,7 +129,7 @@ if (is_array($changeaccount) && count($changeaccount) > 0) {
$sql1 = "UPDATE ".MAIN_DB_PREFIX."facturedet as l";
$sql1 .= " SET l.fk_code_ventilation=".(GETPOST('account_parent', 'int') > 0 ? GETPOST('account_parent', 'int') : '0');
$sql1 .= ' WHERE l.rowid IN ('.implode(',', $changeaccount).')';
$sql1 .= ' WHERE l.rowid IN ('.$db->sanitize(implode(',', $changeaccount)).')';
dol_syslog('accountancy/customer/lines.php::changeaccount sql= '.$sql1);
$resql1 = $db->query($sql1);
@ -242,11 +246,11 @@ if (strlen(trim($search_country))) {
if ($search_country == 'special_allnotme') {
$sql .= " AND co.code <> '".$db->escape($mysoc->country_code)."'";
} elseif ($search_country == 'special_eec') {
$sql .= " AND co.code IN (".$country_code_in_EEC.")";
$sql .= " AND co.code IN (".$db->sanitize($country_code_in_EEC, 1).")";
} elseif ($search_country == 'special_eecnotme') {
$sql .= " AND co.code IN (".$country_code_in_EEC_without_me.")";
$sql .= " AND co.code IN (".$db->sanitize($country_code_in_EEC_without_me, 1).")";
} elseif ($search_country == 'special_noteec') {
$sql .= " AND co.code NOT IN (".$country_code_in_EEC.")";
$sql .= " AND co.code NOT IN (".$db->sanitize($country_code_in_EEC, 1).")";
} else {
$sql .= natural_search("co.code", $search_country);
}

13
htdocs/accountancy/customer/list.php
View File

@ -88,10 +88,13 @@ if (!$sortorder) {
}
// Security check
if (empty($conf->accounting->enabled)) {
accessforbidden();
}
if ($user->socid > 0) {
accessforbidden();
}
if (!$user->rights->accounting->bind->write) {
if (empty($user->rights->accounting->mouvements->lire)) {
accessforbidden();
}
@ -148,7 +151,7 @@ if (empty($reshook)) {
}
if ($massaction == 'ventil') {
if ($massaction == 'ventil' && $user->rights->accounting->bind->write) {
$msg = '';
//print '<div><span style="color:red">' . $langs->trans("Processing") . '...</span></div>';
@ -280,11 +283,11 @@ if (strlen(trim($search_country))) {
if ($search_country == 'special_allnotme') {
$sql .= " AND co.code <> '".$db->escape($mysoc->country_code)."'";
} elseif ($search_country == 'special_eec') {
$sql .= " AND co.code IN (".$country_code_in_EEC.")";
$sql .= " AND co.code IN (".$db->sanitize($country_code_in_EEC, 1).")";
} elseif ($search_country == 'special_eecnotme') {
$sql .= " AND co.code IN (".$country_code_in_EEC_without_me.")";
$sql .= " AND co.code IN (".$db->sanitize($country_code_in_EEC_without_me, 1).")";
} elseif ($search_country == 'special_noteec') {
$sql .= " AND co.code NOT IN (".$country_code_in_EEC.")";
$sql .= " AND co.code NOT IN (".$db->sanitize($country_code_in_EEC, 1).")";
} else {
$sql .= natural_search("co.code", $search_country);
}

10
htdocs/accountancy/expensereport/card.php
View File

@ -42,9 +42,15 @@ $codeventil = GETPOST('codeventil', 'int');
$id = GETPOST('id', 'int');
// Security check
if (empty($conf->accounting->enabled)) {
accessforbidden();
}
if ($user->socid > 0) {
accessforbidden();
}
if (empty($user->rights->accounting->mouvements->lire)) {
accessforbidden();
}
/*
@ -59,7 +65,7 @@ if ($action == 'ventil' && $user->rights->accounting->bind->write) {
$sql = " UPDATE ".MAIN_DB_PREFIX."expensereport_det";
$sql .= " SET fk_code_ventilation = ".$codeventil;
$sql .= " WHERE rowid = ".$id;
$sql .= " WHERE rowid = ".((int) $id);
$resql = $db->query($sql);
if (!$resql) {
@ -101,7 +107,7 @@ if (!empty($id)) {
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."c_type_fees as f ON f.id = erd.fk_c_type_fees";
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."accounting_account as aa ON erd.fk_code_ventilation = aa.rowid";
$sql .= " INNER JOIN ".MAIN_DB_PREFIX."expensereport as er ON er.rowid = erd.fk_expensereport";
$sql .= " WHERE er.fk_statut > 0 AND erd.rowid = ".$id;
$sql .= " WHERE er.fk_statut > 0 AND erd.rowid = ".((int) $id);
$sql .= " AND er.entity IN (".getEntity('expensereport', 0).")"; // We don't share object for accountancy
dol_syslog("/accounting/expensereport/card.php sql=".$sql, LOG_DEBUG);

23
htdocs/accountancy/expensereport/index.php
View File

@ -32,17 +32,6 @@ require_once DOL_DOCUMENT_ROOT.'/expensereport/class/expensereport.class.php';
// Load translation files required by the page
$langs->loadLangs(array("compta", "bills", "other", "main", "accountancy"));
// Security check
if (empty($conf->accounting->enabled)) {
accessforbidden();
}
if ($user->socid > 0) {
accessforbidden();
}
if (!$user->rights->accounting->bind->write) {
accessforbidden();
}
$month_start = ($conf->global->SOCIETE_FISCAL_MONTH_START ? ($conf->global->SOCIETE_FISCAL_MONTH_START) : 1);
if (GETPOST("year", 'int')) {
$year_start = GETPOST("year", 'int');
@ -65,13 +54,23 @@ $year_current = $year_start;
// Validate History
$action = GETPOST('action', 'aZ09');
// Security check
if (empty($conf->accounting->enabled)) {
accessforbidden();
}
if ($user->socid > 0) {
accessforbidden();
}
if (empty($user->rights->accounting->mouvements->lire)) {
accessforbidden();
}
/*
* Actions
*/
if ($action == 'clean' || $action == 'validatehistory') {
if (($action == 'clean' || $action == 'validatehistory') && $user->rights->accounting->bind->write) {
// Clean database
$db->begin();
$sql1 = "UPDATE ".MAIN_DB_PREFIX."expensereport_det as erd";

10
htdocs/accountancy/expensereport/lines.php
View File

@ -74,13 +74,17 @@ if (!$sortorder) {
}
// Security check
if (empty($conf->accounting->enabled)) {
accessforbidden();
}
if ($user->socid > 0) {
accessforbidden();
}
if (!$user->rights->accounting->bind->write) {
if (empty($user->rights->accounting->mouvements->lire)) {
accessforbidden();
}
$formaccounting = new FormAccounting($db);
@ -102,7 +106,7 @@ if (GETPOST('button_removefilter_x', 'alpha') || GETPOST('button_removefilter.x'
$search_year = '';
}
if (is_array($changeaccount) && count($changeaccount) > 0) {
if (is_array($changeaccount) && count($changeaccount) > 0 && $user->rights->accounting->bind->write) {
$error = 0;
if (!(GETPOST('account_parent', 'int') >= 0)) {
@ -115,7 +119,7 @@ if (is_array($changeaccount) && count($changeaccount) > 0) {
$sql1 = "UPDATE ".MAIN_DB_PREFIX."expensereport_det as erd";
$sql1 .= " SET erd.fk_code_ventilation=".(GETPOST('account_parent', 'int') > 0 ? GETPOST('account_parent', 'int') : '0');
$sql1 .= ' WHERE erd.rowid IN ('.implode(',', $changeaccount).')';
$sql1 .= ' WHERE erd.rowid IN ('.$db->sanitize(implode(',', $changeaccount)).')';
dol_syslog('accountancy/expensereport/lines.php::changeaccount sql= '.$sql1);
$resql1 = $db->query($sql1);

21
htdocs/accountancy/expensereport/list.php
View File

@ -83,19 +83,22 @@ if (!$sortorder) {
}
}
// Security check
if ($user->socid > 0) {
accessforbidden();
}
if (!$user->rights->accounting->bind->write) {
accessforbidden();
}
$formaccounting = new FormAccounting($db);
$accounting = new AccountingAccount($db);
$chartaccountcode = dol_getIdFromCode($db, $conf->global->CHARTOFACCOUNTS, 'accounting_system', 'rowid', 'pcg_version');
// Security check
if (empty($conf->accounting->enabled)) {
accessforbidden();
}
if ($user->socid > 0) {
accessforbidden();
}
if (empty($user->rights->accounting->mouvements->lire)) {
accessforbidden();
}
/*
* Action
@ -130,7 +133,7 @@ $permissiontodelete = $user->rights->expensereport->delete;
$uploaddir = $conf->expensereport->dir_output;
include DOL_DOCUMENT_ROOT.'/core/actions_massactions.inc.php';
if ($massaction == 'ventil') {
if ($massaction == 'ventil' && $user->rights->accounting->bind->write) {
$msg = '';
//print '<div><span style="color:red">' . $langs->trans("Processing") . '...</span></div>';
if (!empty($mesCasesCochees)) {

15
htdocs/accountancy/index.php
View File

@ -1,7 +1,7 @@
<?php
/* Copyright (C) 2016-2020 Laurent Destailleur <eldy@users.sourceforge.net>
* Copyright (C) 2016-2019 Alexandre Spangaro <aspangaro@open-dsi.fr>
* Copyright (C) 2019 Frédéric France <frederic.france@netlogic.fr>
* Copyright (C) 2019-2021 Frédéric France <frederic.france@netlogic.fr>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -31,13 +31,20 @@ require_once DOL_DOCUMENT_ROOT.'/core/class/html.formother.class.php';
// Load translation files required by the page
$langs->loadLangs(array("compta", "bills", "other", "accountancy", "loans", "banks", "admin", "dict"));
// Initialize technical object to manage hooks. Note that conf->hooks_modules contains array of hooks
$hookmanager->initHooks(array('accountancyindex'));
// Security check
if (empty($conf->accounting->enabled)) {
accessforbidden();
}
if ($user->socid > 0) {
accessforbidden();
}
if (empty($user->rights->accounting->mouvements->lire)) {
accessforbidden();
}
// Initialize technical object to manage hooks. Note that conf->hooks_modules contains array of hooks
$hookmanager->initHooks(array('accountancyindex'));
/*
@ -220,7 +227,7 @@ if ($conf->accounting->enabled) {
/*
* Show boxes
*/
$boxlist .= '<div class="twocolumns">';
$boxlist = '<div class="twocolumns">';
$boxlist .= '<div class="firstcolumn fichehalfleft boxhalfleft" id="boxhalfleft">';

19
htdocs/accountancy/journal/bankjournal.php
View File

@ -7,7 +7,7 @@
* Copyright (C) 2013-2019 Alexandre Spangaro <aspangaro@open-dsi.fr>
* Copyright (C) 2013-2014 Florian Henry <florian.henry@open-concept.pro>
* Copyright (C) 2013-2014 Olivier Geffroy <jeff@jeffinfo.com>
* Copyright (C) 2017-2020 Frédéric France <frederic.france@netlogic.fr>
* Copyright (C) 2017-2021 Frédéric France <frederic.france@netlogic.fr>
* Copyright (C) 2018 Ferran Marcet <fmarcet@2byte.es>
* Copyright (C) 2018 Eric Seigne <eric.seigne@cap-rel.fr>
* Copyright (C) 2021 Gauthier VERDOL <gauthier.verdol@atm-consulting.fr>
@ -83,7 +83,13 @@ $now = dol_now();
$action = GETPOST('action', 'aZ09');
// Security check
if ($user->socid > 0 && empty($id_journal)) {
if (empty($conf->accounting->enabled)) {
accessforbidden();
}
if ($user->socid > 0) {
accessforbidden();
}
if (empty($user->rights->accounting->mouvements->lire)) {
accessforbidden();
}
@ -954,13 +960,18 @@ if (empty($action) || $action == 'view') {
$nom = $langs->trans("FinanceJournal").' | '.$accountingjournalstatic->getNomUrl(0, 1, 1, '', 1);
$builddate = dol_now();
//$description = $langs->trans("DescFinanceJournal") . '<br>';
$description .= $langs->trans("DescJournalOnlyBindedVisible").'<br>';
$description = $langs->trans("DescJournalOnlyBindedVisible").'<br>';
$listofchoices = array('notyet'=>$langs->trans("NotYetInGeneralLedger"), 'already'=>$langs->trans("AlreadyInGeneralLedger"));
$listofchoices = array(
'notyet'=>$langs->trans("NotYetInGeneralLedger"),
'already'=>$langs->trans("AlreadyInGeneralLedger")
);
$period = $form->selectDate($date_start ? $date_start : -1, 'date_start', 0, 0, 0, '', 1, 0).' - '.$form->selectDate($date_end ? $date_end : -1, 'date_end', 0, 0, 0, '', 1, 0);
$period .= ' - '.$langs->trans("JournalizationInLedgerStatus").' '.$form->selectarray('in_bookkeeping', $listofchoices, $in_bookkeeping, 1);
$varlink = 'id_journal='.$id_journal;
$periodlink = '';
$exportlink = '';
journalHead($nom, '', $period, $periodlink, $description, $builddate, $exportlink, array('action' => ''), '', $varlink);

8
htdocs/accountancy/journal/expensereportsjournal.php
View File

@ -58,13 +58,21 @@ if ($in_bookkeeping == '') {
$now = dol_now();
// Security check
if (empty($conf->accounting->enabled)) {
accessforbidden();
}
if ($user->socid > 0) {
accessforbidden();
}
if (empty($user->rights->accounting->mouvements->lire)) {
accessforbidden();
}
/*
* Actions
*/
$accountingaccount = new AccountingAccount($db);
// Get informations of journal

12
htdocs/accountancy/journal/purchasesjournal.php
View File

@ -57,17 +57,25 @@ if ($in_bookkeeping == '') {
$now = dol_now();
$hookmanager->initHooks(array('purchasesjournal'));
$parameters = array();
// Security check
if (empty($conf->accounting->enabled)) {
accessforbidden();
}
if ($user->socid > 0) {
accessforbidden();
}
if (empty($user->rights->accounting->mouvements->lire)) {
accessforbidden();
}
$hookmanager->initHooks(array('purchasesjournal'));
$parameters = array();
/*
* Actions
*/
$reshook = $hookmanager->executeHooks('doActions', $parameters, $user, $action); // Note that $action and $object may have been modified by some hooks
$accountingaccount = new AccountingAccount($db);

15
htdocs/accountancy/journal/sellsjournal.php
View File

@ -8,7 +8,7 @@
* Copyright (C) 2013-2016 Florian Henry <florian.henry@open-concept.pro>
* Copyright (C) 2013-2016 Olivier Geffroy <jeff@jeffinfo.com>
* Copyright (C) 2014 Raphaël Doursenaud <rdoursenaud@gpcsolutions.fr>
* Copyright (C) 2018 Frédéric France <frederic.france@netlogic.fr>
* Copyright (C) 2018-2021 Frédéric France <frederic.france@netlogic.fr>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -59,13 +59,20 @@ if ($in_bookkeeping == '') {
$now = dol_now();
$hookmanager->initHooks(array('sellsjournal'));
$parameters = array();
// Security check
if (empty($conf->accounting->enabled)) {
accessforbidden();
}
if ($user->socid > 0) {
accessforbidden();
}
if (empty($user->rights->accounting->mouvements->lire)) {
accessforbidden();
}
$hookmanager->initHooks(array('sellsjournal'));
$parameters = array();
/*
* Actions
@ -656,7 +663,7 @@ if (empty($action) || $action == 'view') {
$periodlink = '';
$exportlink = '';
$builddate = dol_now();
$description .= $langs->trans("DescJournalOnlyBindedVisible").'<br>';
$description = $langs->trans("DescJournalOnlyBindedVisible").'<br>';
if (!empty($conf->global->FACTURE_DEPOSITS_ARE_JUST_PAYMENTS)) {
$description .= $langs->trans("DepositsAreNotIncluded");
} else {

10
htdocs/accountancy/supplier/card.php
View File

@ -42,9 +42,15 @@ $codeventil = GETPOST('codeventil', 'int');
$id = GETPOST('id', 'int');
// Security check
if (empty($conf->accounting->enabled)) {
accessforbidden();
}
if ($user->socid > 0) {
accessforbidden();
}
if (empty($user->rights->accounting->mouvements->lire)) {
accessforbidden();
}
/*
@ -59,7 +65,7 @@ if ($action == 'ventil' && $user->rights->accounting->bind->write) {
$sql = " UPDATE ".MAIN_DB_PREFIX."facture_fourn_det";
$sql .= " SET fk_code_ventilation = ".$codeventil;
$sql .= " WHERE rowid = ".$id;
$sql .= " WHERE rowid = ".((int) $id);
$resql = $db->query($sql);
if (!$resql) {
@ -101,7 +107,7 @@ if (!empty($id)) {
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."product as p ON p.rowid = l.fk_product";
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."accounting_account as aa ON l.fk_code_ventilation = aa.rowid";
$sql .= " INNER JOIN ".MAIN_DB_PREFIX."facture_fourn as f ON f.rowid = l.fk_facture_fourn ";
$sql .= " WHERE f.fk_statut > 0 AND l.rowid = ".$id;
$sql .= " WHERE f.fk_statut > 0 AND l.rowid = ".((int) $id);
$sql .= " AND f.entity IN (".getEntity('facture_fourn', 0).")"; // We don't share object for accountancy
dol_syslog("/accounting/supplier/card.php sql=".$sql, LOG_DEBUG);

13
htdocs/accountancy/supplier/index.php
View File

@ -69,12 +69,23 @@ $action = GETPOST('action', 'aZ09');
$chartaccountcode = dol_getIdFromCode($db, $conf->global->CHARTOFACCOUNTS, 'accounting_system', 'rowid', 'pcg_version');
// Security check
if (empty($conf->accounting->enabled)) {
accessforbidden();
}
if ($user->socid > 0) {
accessforbidden();
}
if (empty($user->rights->accounting->mouvements->lire)) {
accessforbidden();
}
/*
* Actions
*/
if ($action == 'clean' || $action == 'validatehistory') {
if (($action == 'clean' || $action == 'validatehistory') && $user->rights->accounting->bind->write) {
// Clean database
$db->begin();
$sql1 = "UPDATE ".MAIN_DB_PREFIX."facture_fourn_det as fd";

17
htdocs/accountancy/supplier/lines.php
View File

@ -80,16 +80,19 @@ if (!$sortorder) {
}
}
$formaccounting = new FormAccounting($db);
// Security check
if (empty($conf->accounting->enabled)) {
accessforbidden();
}
if ($user->socid > 0) {
accessforbidden();
}
if (!$user->rights->accounting->bind->write) {
if (empty($user->rights->accounting->mouvements->lire)) {
accessforbidden();
}
$formaccounting = new FormAccounting($db);
/*
* Actions
@ -127,7 +130,7 @@ if (is_array($changeaccount) && count($changeaccount) > 0) {
$sql1 = "UPDATE ".MAIN_DB_PREFIX."facture_fourn_det as l";
$sql1 .= " SET l.fk_code_ventilation=".(GETPOST('account_parent', 'int') > 0 ? GETPOST('account_parent', 'int') : '0');
$sql1 .= ' WHERE l.rowid IN ('.implode(',', $changeaccount).')';
$sql1 .= ' WHERE l.rowid IN ('.$db->sanitize(implode(',', $changeaccount)).')';
dol_syslog('accountancy/supplier/lines.php::changeaccount sql= '.$sql1);
$resql1 = $db->query($sql1);
@ -235,11 +238,11 @@ if (strlen(trim($search_country))) {
if ($search_country == 'special_allnotme') {
$sql .= " AND co.code <> '".$db->escape($mysoc->country_code)."'";
} elseif ($search_country == 'special_eec') {
$sql .= " AND co.code IN (".$country_code_in_EEC.")";
$sql .= " AND co.code IN (".$db->sanitize($country_code_in_EEC, 1).")";
} elseif ($search_country == 'special_eecnotme') {
$sql .= " AND co.code IN (".$country_code_in_EEC_without_me.")";
$sql .= " AND co.code IN (".$db->sanitize($country_code_in_EEC_without_me, 1).")";
} elseif ($search_country == 'special_noteec') {
$sql .= " AND co.code NOT IN (".$country_code_in_EEC.")";
$sql .= " AND co.code NOT IN (".$db->sanitize($country_code_in_EEC, 1).")";
} else {
$sql .= natural_search("co.code", $search_country);
}

25
htdocs/accountancy/supplier/list.php
View File

@ -88,14 +88,6 @@ if (!$sortorder) {
}
}
// Security check
if ($user->socid > 0) {
accessforbidden();
}
if (!$user->rights->accounting->bind->write) {
accessforbidden();
}
// Initialize technical object to manage hooks of page. Note that conf->hooks_modules contains array of hook context
$hookmanager->initHooks(array('accountancysupplierlist'));
@ -107,6 +99,17 @@ $aarowid_p = $accounting->fetch('', $conf->global->ACCOUNTING_PRODUCT_BUY_ACCOUN
$chartaccountcode = dol_getIdFromCode($db, $conf->global->CHARTOFACCOUNTS, 'accounting_system', 'rowid', 'pcg_version');
// Security check
if (empty($conf->accounting->enabled)) {
accessforbidden();
}
if ($user->socid > 0) {
accessforbidden();
}
if (empty($user->rights->accounting->mouvements->lire)) {
accessforbidden();
}
/*
* Actions
@ -285,11 +288,11 @@ if (strlen(trim($search_country))) {
if ($search_country == 'special_allnotme') {
$sql .= " AND co.code <> '".$db->escape($mysoc->country_code)."'";
} elseif ($search_country == 'special_eec') {
$sql .= " AND co.code IN (".$country_code_in_EEC.")";
$sql .= " AND co.code IN (".$db->sanitize($country_code_in_EEC, 1).")";
} elseif ($search_country == 'special_eecnotme') {
$sql .= " AND co.code IN (".$country_code_in_EEC_without_me.")";
$sql .= " AND co.code IN (".$db->sanitize($country_code_in_EEC_without_me, 1).")";
} elseif ($search_country == 'special_noteec') {
$sql .= " AND co.code NOT IN (".$country_code_in_EEC.")";
$sql .= " AND co.code NOT IN (".$db->sanitize($country_code_in_EEC, 1).")";
} else {
$sql .= natural_search("co.code", $search_country);
}

7
htdocs/adherents/admin/adherent.php → htdocs/adherents/admin/member.php
View File

@ -8,7 +8,7 @@
* Copyright (C) 2011-2012 Juanjo Menent <jmenent@2byte.es>
* Copyright (C) 2012 J. Fernando Lagrange <fernando@demo-tic.org>
* Copyright (C) 2015 Jean-François Ferry <jfefe@aternatik.fr>
* Copyright (C) 2020 Frédéric France <frederic.france@netlogic.fr>
* Copyright (C) 2020-2021 Frédéric France <frederic.france@netlogic.fr>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -178,7 +178,7 @@ if ($action == 'unset') {
$form = new Form($db);
$help_url = 'EN:Module_Foundations|FR:Module_Adh&eacute;rents|ES:M&oacute;dulo_Miembros';
$help_url = 'EN:Module_Foundations|FR:Module_Adh&eacute;rents|ES:M&oacute;dulo_Miembros|DE:Modul_Mitglieder';
llxHeader('', $langs->trans("MembersSetup"), $help_url);
@ -254,7 +254,8 @@ if ($conf->facture->enabled) {
if (!empty($conf->product->enabled) || !empty($conf->service->enabled)) {
print '<tr class="oddeven"><td>'.$langs->trans("ADHERENT_PRODUCT_ID_FOR_SUBSCRIPTIONS").'</td>';
print '<td>';
$form->select_produits($conf->global->ADHERENT_PRODUCT_ID_FOR_SUBSCRIPTIONS, 'ADHERENT_PRODUCT_ID_FOR_SUBSCRIPTIONS', '', 0);
$selected = (empty($conf->global->ADHERENT_PRODUCT_ID_FOR_SUBSCRIPTIONS) ? '' : $conf->global->ADHERENT_PRODUCT_ID_FOR_SUBSCRIPTIONS);
$form->select_produits($selected, 'ADHERENT_PRODUCT_ID_FOR_SUBSCRIPTIONS', '', 0);
print '</td>';
}
print "</tr>\n";

36
htdocs/adherents/admin/adherent_emails.php → htdocs/adherents/admin/member_emails.php
View File

@ -24,7 +24,7 @@
*/
/**
* \file htdocs/adherents/admin/adherent.php
* \file htdocs/adherents/admin/member_emails.php
* \ingroup member
* \brief Page to setup the module Foundation
*/
@ -55,6 +55,7 @@ $constantes = array(
'ADHERENT_EMAIL_TEMPLATE_MEMBER_VALIDATION' =>'emailtemplate:member', /* old was ADHERENT_MAIL_VALID */
'ADHERENT_EMAIL_TEMPLATE_SUBSCRIPTION' =>'emailtemplate:member', /* old was ADHERENT_MAIL_COTIS */
'ADHERENT_EMAIL_TEMPLATE_CANCELATION' =>'emailtemplate:member', /* old was ADHERENT_MAIL_RESIL */
'ADHERENT_EMAIL_TEMPLATE_EXCLUSION' =>'emailtemplate:member',
'ADHERENT_MAIL_FROM'=>'string',
'ADHERENT_AUTOREGISTER_NOTIF_MAIL_SUBJECT'=>'string',
'ADHERENT_AUTOREGISTER_NOTIF_MAIL'=>'html',
@ -69,9 +70,24 @@ $constantes = array(
//
if ($action == 'updateall') {
$db->begin();
$res1 = $res2 = $res3 = $res4 = $res5 = $res6 = 0;
$res1 = dolibarr_set_const($db, 'XXXX', GETPOST('ADHERENT_LOGIN_NOT_REQUIRED', 'alpha'), 'chaine', 0, '', $conf->entity);
if ($res1 < 0 || $res2 < 0 || $res3 < 0 || $res4 < 0 || $res5 < 0 || $res6 < 0) {
$res = 0;
foreach ($constantes as $constname => $value) {
$constvalue = (GETPOSTISSET('constvalue_'.$constname) ? GETPOST('constvalue_'.$constname, 'alphanohtml') : GETPOST('constvalue'));
$consttype = (GETPOSTISSET('consttype_'.$constname) ? GETPOST('consttype_'.$constname, 'alphanohtml') : GETPOST('consttype'));
$constnote = (GETPOSTISSET('constnote_'.$constname) ? GETPOST('constnote_'.$constname, 'restricthtml') : GETPOST('constnote'));
$typetouse = empty($oldtypetonewone[$consttype]) ? $consttype : $oldtypetonewone[$consttype];
$constvalue = preg_replace('/:member$/', '', $constvalue);
$res = dolibarr_set_const($db, $constname, $constvalue, $consttype, 0, $constnote, $conf->entity);
if ($res <= 0) {
$error++;
$action = 'list';
}
}
if ($error > 0) {
setEventMessages('ErrorFailedToSaveDate', null, 'errors');
$db->rollback();
} else {
@ -126,19 +142,19 @@ $head = member_admin_prepare_head();
print dol_get_fiche_head($head, 'emails', $langs->trans("Members"), -1, 'user');
// TODO Use global form
//print '<form action="'.$_SERVER["PHP_SELF"].'" method="POST">';
//print '<input type="hidden" name="token" value="'.newToken().'">';
//print '<input type="hidden" name="action" value="updateall">';
print '<form action="'.$_SERVER["PHP_SELF"].'" method="POST">';
print '<input type="hidden" name="token" value="'.newToken().'">';
print '<input type="hidden" name="action" value="updateall">';
$helptext = '*'.$langs->trans("FollowingConstantsWillBeSubstituted").'<br>';
$helptext .= '__DOL_MAIN_URL_ROOT__, __ID__, __FIRSTNAME__, __LASTNAME__, __FULLNAME__, __LOGIN__, __PASSWORD__, ';
$helptext .= '__COMPANY__, __ADDRESS__, __ZIP__, __TOWN__, __COUNTRY__, __EMAIL__, __BIRTH__, __PHOTO__, __TYPE__, ';
//$helptext.='__YEAR__, __MONTH__, __DAY__'; // Not supported
form_constantes($constantes, 0, $helptext);
form_constantes($constantes, 3, $helptext);
//print '<div class="center"><input type="submit" class="button" value="'.$langs->trans("Update").'" name="update"></div>';
//print '</form>';
print '<div class="center"><input type="submit" class="button" value="'.$langs->trans("Update").'" name="update"></div>';
print '</form>';
print dol_get_fiche_end();

15
htdocs/adherents/admin/adherent_extrafields.php → htdocs/adherents/admin/member_extrafields.php
View File

@ -19,7 +19,7 @@
*/
/**
* \file htdocs/adherents/admin/adherent_extrafields.php
* \file htdocs/adherents/admin/member_extrafields.php
* \ingroup member
* \brief Page to setup extra fields of members
*/
@ -89,12 +89,7 @@ if ($action != 'create' && $action != 'edit') {
}
/* ************************************************************************** */
/* */
/* Creation of an optional field */
/* */
/* ************************************************************************** */
// Creation of an optional field
if ($action == 'create') {
print '<div name="topofform"></div><br>';
print load_fiche_titre($langs->trans('NewAttribute'));
@ -102,11 +97,7 @@ if ($action == 'create') {
require DOL_DOCUMENT_ROOT.'/core/tpl/admin_extrafields_add.tpl.php';
}
/* ************************************************************************** */
/* */
/* Edition of an optional field */
/* */
/* ************************************************************************** */
// Edition of an optional field
if ($action == 'edit' && !empty($attrname)) {
print '<div name="topofform"></div><br>';
print load_fiche_titre($langs->trans("FieldEdition", $attrname));

15
htdocs/adherents/admin/adherent_type_extrafields.php → htdocs/adherents/admin/member_type_extrafields.php
View File

@ -22,7 +22,7 @@
*/
/**
* \file htdocs/adherents/admin/adherent_type_extrafields.php
* \file htdocs/adherents/admin/member_type_extrafields.php
* \ingroup member
* \brief Page to setup extra fields of members
*/
@ -92,12 +92,7 @@ if ($action != 'create' && $action != 'edit') {
}
/* ************************************************************************** */
/* */
/* Creation of an optional field */
/* */
/* ************************************************************************** */
// Creation of an optional field
if ($action == 'create') {
print "<br>";
print load_fiche_titre($langs->trans('NewAttribute'));
@ -105,11 +100,7 @@ if ($action == 'create') {
require DOL_DOCUMENT_ROOT.'/core/tpl/admin_extrafields_add.tpl.php';
}
/* ************************************************************************** */
/* */
/* Edition of an optional field */
/* */
/* ************************************************************************** */
// Edition of an optional field
if ($action == 'edit' && !empty($attrname)) {
print "<br>";
print load_fiche_titre($langs->trans("FieldEdition", $attrname));

4
htdocs/adherents/admin/website.php
View File

@ -178,7 +178,7 @@ if (!empty($conf->global->MEMBER_ENABLE_PUBLIC)) {
print '</td><td class="right">';
$listofval = array();
$listofval += $adht->liste_array();
$forcetype = $conf->global->MEMBER_NEWFORM_FORCETYPE ?: -1;
$forcetype = empty($conf->global->MEMBER_NEWFORM_FORCETYPE) ? -1 : $conf->global->MEMBER_NEWFORM_FORCETYPE;
print $form->selectarray("MEMBER_NEWFORM_FORCETYPE", $listofval, $forcetype, count($listofval) > 1 ? 1 : 0);
print "</td></tr>\n";
@ -232,7 +232,7 @@ if (!empty($conf->global->MEMBER_ENABLE_PUBLIC)) {
print '<br>';
//print $langs->trans('FollowingLinksArePublic').'<br>';
print img_picto('', 'globe').' '.$langs->trans('BlankSubscriptionForm').':<br>';
if ($conf->multicompany->enabled) {
if (!empty($conf->multicompany->enabled)) {
$entity_qr = '?entity='.$conf->entity;
} else {
$entity_qr = '';

6
htdocs/adherents/agenda.php
View File

@ -122,8 +122,10 @@ if ($object->id > 0) {
$langs->load("companies");
$title = $langs->trans("Member")." - ".$langs->trans("Agenda");
$helpurl = "EN:Module_Foundations|FR:Module_Adh&eacute;rents|ES:M&oacute;dulo_Miembros";
llxHeader("", $title, $helpurl);
$help_url = "EN:Module_Foundations|FR:Module_Adh&eacute;rents|ES:M&oacute;dulo_Miembros|DE:Modul_Mitglieder";
llxHeader("", $title, $help_url);
if (!empty($conf->notification->enabled)) {
$langs->load("mails");

32
htdocs/adherents/canvas/actions_adherentcard_common.class.php
View File

@ -253,23 +253,23 @@ abstract class ActionsAdherentCardCommon
// phpcs:enable
global $langs, $mysoc;
$this->object->old_name = $_POST["old_name"];
$this->object->old_firstname = $_POST["old_firstname"];
$this->object->old_name = GETPOST("old_name");
$this->object->old_firstname = GETPOST("old_firstname");
$this->object->fk_soc = $_POST["fk_soc"];
$this->object->lastname = $_POST["lastname"];
$this->object->firstname = $_POST["firstname"];
$this->object->civility_id = $_POST["civility_id"];
$this->object->address = $_POST["address"];
$this->object->zip = $_POST["zipcode"];
$this->object->town = $_POST["town"];
$this->object->country_id = $_POST["country_id"] ? $_POST["country_id"] : $mysoc->country_id;
$this->object->state_id = $_POST["state_id"];
$this->object->phone_perso = $_POST["phone_perso"];
$this->object->phone_mobile = $_POST["phone_mobile"];
$this->object->email = $_POST["email"];
$this->object->note = $_POST["note"];
$this->object->canvas = $_POST["canvas"];
$this->object->fk_soc = GETPOST("fk_soc");
$this->object->lastname = GETPOST("lastname");
$this->object->firstname = GETPOST("firstname");
$this->object->civility_id = GETPOST("civility_id");
$this->object->address = GETPOST("address");
$this->object->zip = GETPOST("zipcode");
$this->object->town = GETPOST("town");
$this->object->country_id = GETPOST("country_id", 'int') ? GETPOST("country_id", 'int') : $mysoc->country_id;
$this->object->state_id = GETPOST("state_id", 'int');
$this->object->phone_perso = GETPOST("phone_perso");
$this->object->phone_mobile = GETPOST("phone_mobile");
$this->object->email = GETPOST("email", 'alphawithlgt');
$this->object->note = GETPOST("note", 'restricthtml');
$this->object->canvas = GETPOST("canvas");
// We set country_id, and country_code label of the chosen country
if ($this->object->country_id) {

199
htdocs/adherents/card.php
View File

@ -655,7 +655,7 @@ if (empty($reshook)) {
$action = '';
}
if ($user->rights->adherent->supprimer && $action == 'confirm_resign') {
if ($user->rights->adherent->supprimer && $action == 'confirm_resiliate') {
$error = 0;
if ($confirm == 'yes') {
@ -726,6 +726,77 @@ if (empty($reshook)) {
}
}
if ($user->rights->adherent->supprimer && $action == 'confirm_exclude') {
$error = 0;
if ($confirm == 'yes') {
$adht = new AdherentType($db);
$adht->fetch($object->typeid);
$result = $object->exclude($user);
if ($result >= 0 && !count($object->errors)) {
if ($object->email && GETPOST("send_mail")) {
$subject = '';
$msg = '';
// Send subscription email
include_once DOL_DOCUMENT_ROOT.'/core/class/html.formmail.class.php';
$formmail = new FormMail($db);
// Set output language
$outputlangs = new Translate('', $conf);
$outputlangs->setDefaultLang(empty($object->thirdparty->default_lang) ? $mysoc->default_lang : $object->thirdparty->default_lang);
// Load traductions files required by page
$outputlangs->loadLangs(array("main", "members"));
// Get email content from template
$arraydefaultmessage = null;
$labeltouse = $conf->global->ADHERENT_EMAIL_TEMPLATE_EXCLUSION;
if (!empty($labeltouse)) {
$arraydefaultmessage = $formmail->getEMailTemplate($db, 'member', $user, $outputlangs, 0, 1, $labeltouse);
}
if (!empty($labeltouse) && is_object($arraydefaultmessage) && $arraydefaultmessage->id > 0) {
$subject = $arraydefaultmessage->topic;
$msg = $arraydefaultmessage->content;
}
if (empty($labeltouse) || (int) $labeltouse === -1) {
//fallback on the old configuration.
setEventMessages('WarningMandatorySetupNotComplete', null, 'errors');
$error++;
} else {
$substitutionarray = getCommonSubstitutionArray($outputlangs, 0, null, $object);
complete_substitutions_array($substitutionarray, $outputlangs, $object);
$subjecttosend = make_substitutions($subject, $substitutionarray, $outputlangs);
$texttosend = make_substitutions(dol_concatdesc($msg, $adht->getMailOnExclude()), $substitutionarray, $outputlangs);
$moreinheader = 'X-Dolibarr-Info: send_an_email by adherents/card.php'."\r\n";
$result = $object->send_an_email($texttosend, $subjecttosend, array(), array(), array(), "", "", 0, -1, '', $moreinheader);
if ($result < 0) {
$error++;
setEventMessages($object->error, $object->errors, 'errors');
}
}
}
} else {
$error++;
if ($object->error) {
setEventMessages($object->error, $object->errors, 'errors');
} else {
setEventMessages($object->error, $object->errors, 'errors');
}
$action = '';
}
}
if (!empty($backtopage) && !$error) {
header("Location: ".$backtopage);
exit;
}
}
// SPIP Management
if ($user->rights->adherent->supprimer && $action == 'confirm_del_spip' && $confirm == 'yes') {
if (!count($object->errors)) {
@ -769,7 +840,7 @@ $formfile = new FormFile($db);
$formcompany = new FormCompany($db);
$title = $langs->trans("Member")." - ".$langs->trans("Card");
$help_url = 'EN:Module_Foundations|FR:Module_Adh&eacute;rents|ES:M&oacute;dulo_Miembros';
$help_url = 'EN:Module_Foundations|FR:Module_Adh&eacute;rents|ES:M&oacute;dulo_Miembros|DE:Modul_Mitglieder';
llxHeader('', $title, $help_url);
$countrynotdefined = $langs->trans("ErrorSetACountryFirst").' ('.$langs->trans("SeeAbove").')';
@ -1434,8 +1505,8 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) {
print $form->formconfirm("card.php?rowid=".$id, $langs->trans("ValidateMember"), $langs->trans("ConfirmValidateMember"), "confirm_valid", $formquestion, 'yes', 1, 220);
}
// Confirm terminate
if ($action == 'resign') {
// Confirm resiliate
if ($action == 'resiliate') {
$langs->load("mails");
$adht = new AdherentType($db);
@ -1491,7 +1562,67 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) {
if ($backtopage) {
$formquestion[] = array('type' => 'hidden', 'name' => 'backtopage', 'value' => ($backtopage != '1' ? $backtopage : $_SERVER["HTTP_REFERER"]));
}
print $form->formconfirm("card.php?rowid=".$id, $langs->trans("ResiliateMember"), $langs->trans("ConfirmResiliateMember"), "confirm_resign", $formquestion, 'no', 1, 240);
print $form->formconfirm("card.php?rowid=".$id, $langs->trans("ResiliateMember"), $langs->trans("ConfirmResiliateMember"), "confirm_resiliate", $formquestion, 'no', 1, 240);
}
// Confirm exclude
if ($action == 'exclude') {
$langs->load("mails");
$adht = new AdherentType($db);
$adht->fetch($object->typeid);
$subject = '';
$msg = '';
// Send subscription email
include_once DOL_DOCUMENT_ROOT.'/core/class/html.formmail.class.php';
$formmail = new FormMail($db);
// Set output language
$outputlangs = new Translate('', $conf);
$outputlangs->setDefaultLang(empty($object->thirdparty->default_lang) ? $mysoc->default_lang : $object->thirdparty->default_lang);
// Load traductions files required by page
$outputlangs->loadLangs(array("main", "members"));
// Get email content from template
$arraydefaultmessage = null;
$labeltouse = $conf->global->ADHERENT_EMAIL_TEMPLATE_EXCLUSION;
if (!empty($labeltouse)) {
$arraydefaultmessage = $formmail->getEMailTemplate($db, 'member', $user, $outputlangs, 0, 1, $labeltouse);
}
if (!empty($labeltouse) && is_object($arraydefaultmessage) && $arraydefaultmessage->id > 0) {
$subject = $arraydefaultmessage->topic;
$msg = $arraydefaultmessage->content;
}
$substitutionarray = getCommonSubstitutionArray($outputlangs, 0, null, $object);
complete_substitutions_array($substitutionarray, $outputlangs, $object);
$subjecttosend = make_substitutions($subject, $substitutionarray, $outputlangs);
$texttosend = make_substitutions(dol_concatdesc($msg, $adht->getMailOnExclude()), $substitutionarray, $outputlangs);
$tmp = $langs->trans("SendingAnEMailToMember");
$tmp .= '<br>('.$langs->trans("MailFrom").': <b>'.$conf->global->ADHERENT_MAIL_FROM.'</b>, ';
$tmp .= $langs->trans("MailRecipient").': <b>'.$object->email.'</b>)';
$helpcontent = '';
$helpcontent .= '<b>'.$langs->trans("MailFrom").'</b>: '.$conf->global->ADHERENT_MAIL_FROM.'<br>'."\n";
$helpcontent .= '<b>'.$langs->trans("MailRecipient").'</b>: '.$object->email.'<br>'."\n";
$helpcontent .= '<b>'.$langs->trans("Subject").'</b>:<br>'."\n";
$helpcontent .= $subjecttosend."\n";
$helpcontent .= "<br>";
$helpcontent .= '<b>'.$langs->trans("Content").'</b>:<br>';
$helpcontent .= dol_htmlentitiesbr($texttosend)."\n";
$label = $form->textwithpicto($tmp, $helpcontent, 1, 'help');
// Create an array
$formquestion = array();
if ($object->email) {
$formquestion[] = array('type' => 'checkbox', 'name' => 'send_mail', 'label' => $label, 'value' => (!empty($conf->global->ADHERENT_DEFAULT_SENDINFOBYMAIL) ? 'true' : 'false'));
}
if ($backtopage) {
$formquestion[] = array('type' => 'hidden', 'name' => 'backtopage', 'value' => ($backtopage != '1' ? $backtopage : $_SERVER["HTTP_REFERER"]));
}
print $form->formconfirm("card.php?rowid=".$id, $langs->trans("ExcludeMember"), $langs->trans("ConfirmExcludeMember"), "confirm_exclude", $formquestion, 'no', 1, 240);
}
// Confirm remove member
@ -1584,12 +1715,12 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) {
} elseif (!$adht->subscription) {
print $langs->trans("SubscriptionNotRecorded");
if ($object->statut > 0) {
print " ".img_warning($langs->trans("Late")); // displays delay Pictogram only if not a draft and not terminated
print " ".img_warning($langs->trans("Late")); // displays delay Pictogram only if not a draft, not excluded and not resiliated
}
} else {
print $langs->trans("SubscriptionNotReceived");
if ($object->statut > 0) {
print " ".img_warning($langs->trans("Late")); // displays delay Pictogram only if not a draft and not terminated
print " ".img_warning($langs->trans("Late")); // displays delay Pictogram only if not a draft, not excluded and not resiliated
}
}
}
@ -1691,6 +1822,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) {
*/
print '<div class="tabsAction">';
$isinspip = 0;
$parameters = array();
$reshook = $hookmanager->executeHooks('addMoreActionsButtons', $parameters, $object, $action); // Note that $action and $object may have been
if (empty($reshook)) {
@ -1698,7 +1830,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) {
// Send
if (empty($user->socid)) {
if ($object->statut == 1) {
print '<div class="inline-block divButAction"><a class="butAction" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&action=presend&mode=init#formmailbeforetitle">'.$langs->trans('SendMail').'</a></div>';
print '<div class="inline-block divButAction"><a class="butAction" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&action=presend&mode=init#formmailbeforetitle">'.$langs->trans('SendMail').'</a></div>'."\n";
}
}
@ -1724,35 +1856,44 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) {
// Modify
if ($user->rights->adherent->creer) {
print '<div class="inline-block divButAction"><a class="butAction" href="card.php?rowid='.$id.'&action=edit">'.$langs->trans("Modify")."</a></div>";
print '<div class="inline-block divButAction"><a class="butAction" href="card.php?rowid='.$id.'&action=edit">'.$langs->trans("Modify").'</a></div>'."\n";
} else {
print '<div class="inline-block divButAction"><font class="butActionRefused classfortooltip" href="#" title="'.dol_escape_htmltag($langs->trans("NotEnoughPermissions")).'">'.$langs->trans("Modify").'</font></div>';
print '<div class="inline-block divButAction"><font class="butActionRefused classfortooltip" href="#" title="'.dol_escape_htmltag($langs->trans("NotEnoughPermissions")).'">'.$langs->trans("Modify").'</font></div>'."\n";
}
// Validate
if ($object->statut == -1) {
if ($user->rights->adherent->creer) {
print '<div class="inline-block divButAction"><a class="butAction" href="card.php?rowid='.$id.'&action=valid">'.$langs->trans("Validate")."</a></div>\n";
print '<div class="inline-block divButAction"><a class="butAction" href="card.php?rowid='.$id.'&action=valid">'.$langs->trans("Validate").'</a></div>'."\n";
} else {
print '<div class="inline-block divButAction"><font class="butActionRefused classfortooltip" href="#" title="'.dol_escape_htmltag($langs->trans("NotEnoughPermissions")).'">'.$langs->trans("Validate").'</font></div>';
print '<div class="inline-block divButAction"><font class="butActionRefused classfortooltip" href="#" title="'.dol_escape_htmltag($langs->trans("NotEnoughPermissions")).'">'.$langs->trans("Validate").'</font></div>'."\n";
}
}
// Reactivate
if ($object->statut == 0) {
if ($object->statut == 0 || $object->statut == -2) {
if ($user->rights->adherent->creer) {
print '<div class="inline-block divButAction"><a class="butAction" href="card.php?rowid='.$id.'&action=valid">'.$langs->trans("Reenable")."</a></div>\n";
} else {
print '<div class="inline-block divButAction"><font class="butActionRefused classfortooltip" href="#" title="'.dol_escape_htmltag($langs->trans("NotEnoughPermissions")).'">'.$langs->trans("Reenable")."</font></div>";
print '<div class="inline-block divButAction"><font class="butActionRefused classfortooltip" href="#" title="'.dol_escape_htmltag($langs->trans("NotEnoughPermissions")).'">'.$langs->trans("Reenable").'</font></div>'."\n";
}
}
// Terminate
// Resiliate
if ($object->statut >= 1) {
if ($user->rights->adherent->supprimer) {
print '<div class="inline-block divButAction"><a class="butAction" href="card.php?rowid='.$id.'&action=resign">'.$langs->trans("Resiliate")."</a></div>\n";
print '<div class="inline-block divButAction"><a class="butAction" href="card.php?rowid='.$id.'&action=resiliate">'.$langs->trans("Resiliate")."</a></div>\n";
} else {
print '<div class="inline-block divButAction"><font class="butActionRefused classfortooltip" href="#" title="'.dol_escape_htmltag($langs->trans("NotEnoughPermissions")).'">'.$langs->trans("Resiliate")."</font></div>";
print '<div class="inline-block divButAction"><font class="butActionRefused classfortooltip" href="#" title="'.dol_escape_htmltag($langs->trans("NotEnoughPermissions")).'">'.$langs->trans("Resiliate").'</font></div>'."\n";
}
}
// Exclude
if ($object->statut >= 1) {
if ($user->rights->adherent->supprimer) {
print '<div class="inline-block divButAction"><a class="butAction" href="card.php?rowid='.$id.'&action=exclude">'.$langs->trans("Exclude")."</a></div>\n";
} else {
print '<div class="inline-block divButAction"><font class="butActionRefused classfortooltip" href="#" title="'.dol_escape_htmltag($langs->trans("NotEnoughPermissions")).'">'.$langs->trans("Exclude").'</font></div>'."\n";
}
}
@ -1760,12 +1901,12 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) {
if (!empty($conf->societe->enabled) && !$object->socid) {
if ($user->rights->societe->creer) {
if ($object->statut != -1) {
print '<div class="inline-block divButAction"><a class="butAction" href="'.$_SERVER["PHP_SELF"].'?rowid='.$object->id.'&amp;action=create_thirdparty">'.$langs->trans("CreateDolibarrThirdParty").'</a></div>';
print '<div class="inline-block divButAction"><a class="butAction" href="'.$_SERVER["PHP_SELF"].'?rowid='.$object->id.'&amp;action=create_thirdparty">'.$langs->trans("CreateDolibarrThirdParty").'</a></div>'."\n";;
} else {
print '<div class="inline-block divButAction"><a class="butActionRefused classfortooltip" href="#" title="'.dol_escape_htmltag($langs->trans("ValidateBefore")).'">'.$langs->trans("CreateDolibarrThirdParty").'</a></div>';
print '<div class="inline-block divButAction"><a class="butActionRefused classfortooltip" href="#" title="'.dol_escape_htmltag($langs->trans("ValidateBefore")).'">'.$langs->trans("CreateDolibarrThirdParty").'</a></div>'."\n";
}
} else {
print '<div class="inline-block divButAction"><font class="butActionRefused classfortooltip" href="#" title="'.dol_escape_htmltag($langs->trans("NotEnoughPermissions")).'">'.$langs->trans("CreateDolibarrThirdParty")."</font></div>";
print '<div class="inline-block divButAction"><font class="butActionRefused classfortooltip" href="#" title="'.dol_escape_htmltag($langs->trans("NotEnoughPermissions")).'">'.$langs->trans("CreateDolibarrThirdParty").'</font></div>'."\n";
}
}
@ -1773,12 +1914,12 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) {
if (!$user->socid && !$object->user_id) {
if ($user->rights->user->user->creer) {
if ($object->statut != -1) {
print '<div class="inline-block divButAction"><a class="butAction" href="'.$_SERVER["PHP_SELF"].'?rowid='.$object->id.'&amp;action=create_user">'.$langs->trans("CreateDolibarrLogin").'</a></div>';
print '<div class="inline-block divButAction"><a class="butAction" href="'.$_SERVER["PHP_SELF"].'?rowid='.$object->id.'&amp;action=create_user">'.$langs->trans("CreateDolibarrLogin").'</a></div>'."\n";
} else {
print '<div class="inline-block divButAction"><a class="butActionRefused classfortooltip" href="#" title="'.dol_escape_htmltag($langs->trans("ValidateBefore")).'">'.$langs->trans("CreateDolibarrLogin").'</a></div>';
print '<div class="inline-block divButAction"><a class="butActionRefused classfortooltip" href="#" title="'.dol_escape_htmltag($langs->trans("ValidateBefore")).'">'.$langs->trans("CreateDolibarrLogin").'</a></div>'."\n";
}
} else {
print '<div class="inline-block divButAction"><font class="butActionRefused classfortooltip" href="#" title="'.dol_escape_htmltag($langs->trans("NotEnoughPermissions")).'">'.$langs->trans("CreateDolibarrLogin")."</font></div>";
print '<div class="inline-block divButAction"><font class="butActionRefused classfortooltip" href="#" title="'.dol_escape_htmltag($langs->trans("NotEnoughPermissions")).'">'.$langs->trans("CreateDolibarrLogin").'</font></div>'."\n";
}
}
@ -1787,18 +1928,18 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) {
$isinspip = $mailmanspip->is_in_spip($object);
if ($isinspip == 1) {
print '<div class="inline-block divButAction"><a class="butAction" href="card.php?rowid='.$object->id.'&action=del_spip">'.$langs->trans("DeleteIntoSpip")."</a></div>\n";
print '<div class="inline-block divButAction"><a class="butAction" href="card.php?rowid='.$object->id.'&action=del_spip">'.$langs->trans("DeleteIntoSpip").'</a></div>'."\n";
}
if ($isinspip == 0) {
print '<div class="inline-block divButAction"><a class="butAction" href="card.php?rowid='.$object->id.'&action=add_spip">'.$langs->trans("AddIntoSpip")."</a></div>\n";
print '<div class="inline-block divButAction"><a class="butAction" href="card.php?rowid='.$object->id.'&action=add_spip">'.$langs->trans("AddIntoSpip").'</a></div>'."\n";
}
}
// Delete
if ($user->rights->adherent->supprimer) {
print '<div class="inline-block divButAction"><a class="butActionDelete" href="card.php?rowid='.$object->id.'&action=delete&token='.newToken().'">'.$langs->trans("Delete")."</a></div>\n";
print '<div class="inline-block divButAction"><a class="butActionDelete" href="card.php?rowid='.$object->id.'&action=delete&token='.newToken().'">'.$langs->trans("Delete").'</a></div>'."\n";
} else {
print '<div class="inline-block divButAction"><font class="butActionRefused classfortooltip" href="#" title="'.dol_escape_htmltag($langs->trans("NotEnoughPermissions")).'">'.$langs->trans("Delete")."</font></div>";
print '<div class="inline-block divButAction"><font class="butActionRefused classfortooltip" href="#" title="'.dol_escape_htmltag($langs->trans("NotEnoughPermissions")).'">'.$langs->trans("Delete").'</font></div>'."\n";
}
}
}
@ -1818,7 +1959,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) {
print '<div class="fichecenter"><div class="fichehalfleft">';
print '<a name="builddoc"></a>'; // ancre
// Documents generes
// Generated documents
$filename = dol_sanitizeFileName($object->ref);
//$filename = 'tmp_cards.php';
//$filedir = $conf->adherent->dir_output . '/' . get_exdir($object->id, 2, 0, 0, $object, 'member') . dol_sanitizeFileName($object->ref);
@ -1827,7 +1968,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) {
$genallowed = $user->rights->adherent->lire;
$delallowed = $user->rights->adherent->creer;
print $formfile->showdocuments('member', $filename, $filedir, $urlsource, $genallowed, $delallowed, $object->model_pdf, 1, 0, 0, 28, 0, '', '', '', $object->default_lang, '', $object);
print $formfile->showdocuments('member', $filename, $filedir, $urlsource, $genallowed, $delallowed, $object->model_pdf, 1, 0, 0, 28, 0, '', '', '', (empty($object->default_lang) ? '' : $object->default_lang), '', $object);
$somethingshown = $formfile->numoffiles;
// Show links to link elements

15
htdocs/adherents/cartes/carte.php
View File

@ -50,6 +50,9 @@ $extrafields = new ExtraFields($db);
// Fetch optionals attributes and labels
$extrafields->fetch_name_optionals_label($object->table_element);
// Security check
$result = restrictedArea($user, 'adherent');
/*
* Actions
@ -259,7 +262,7 @@ dol_htmloutput_errors($mesg);
print '<br>';
print img_picto('', 'puce').' '.$langs->trans("DocForAllMembersCards", ($conf->global->ADHERENT_CARD_TYPE ? $conf->global->ADHERENT_CARD_TYPE : $langs->transnoentitiesnoconv("None"))).' ';
print img_picto('', 'puce').' '.$langs->trans("DocForAllMembersCards", (!empty($conf->global->ADHERENT_CARD_TYPE) ? $conf->global->ADHERENT_CARD_TYPE : $langs->transnoentitiesnoconv("None"))).' ';
print '<form action="'.$_SERVER["PHP_SELF"].'" method="POST">';
print '<input type="hidden" name="token" value="'.newToken().'">';
print '<input type="hidden" name="foruserid" value="all">';
@ -272,13 +275,13 @@ foreach (array_keys($_Avery_Labels) as $codecards) {
$arrayoflabels[$codecards] = $_Avery_Labels[$codecards]['name'];
}
asort($arrayoflabels);
print $form->selectarray('model', $arrayoflabels, (GETPOST('model') ?GETPOST('model') : $conf->global->ADHERENT_CARD_TYPE), 1, 0, 0, '', 0, 0, 0, '', '', 1);
print $form->selectarray('model', $arrayoflabels, (GETPOST('model') ? GETPOST('model') : (empty($conf->global->ADHERENT_CARD_TYPE) ? '' : $conf->global->ADHERENT_CARD_TYPE)), 1, 0, 0, '', 0, 0, 0, '', '', 1);
print '<br><input class="button" type="submit" value="'.$langs->trans("BuildDoc").'">';
print '</form>';
print '<br><br>';
print img_picto('', 'puce').' '.$langs->trans("DocForOneMemberCards", ($conf->global->ADHERENT_CARD_TYPE ? $conf->global->ADHERENT_CARD_TYPE : $langs->transnoentitiesnoconv("None"))).' ';
print img_picto('', 'puce').' '.$langs->trans("DocForOneMemberCards", (!empty($conf->global->ADHERENT_CARD_TYPE) ? $conf->global->ADHERENT_CARD_TYPE : $langs->transnoentitiesnoconv("None"))).' ';
print '<form action="'.$_SERVER["PHP_SELF"].'" method="POST">';
print '<input type="hidden" name="token" value="'.newToken().'">';
print '<input type="hidden" name="mode" value="cardlogin">';
@ -290,14 +293,14 @@ foreach (array_keys($_Avery_Labels) as $codecards) {
$arrayoflabels[$codecards] = $_Avery_Labels[$codecards]['name'];
}
asort($arrayoflabels);
print $form->selectarray('model', $arrayoflabels, (GETPOST('model') ?GETPOST('model') : $conf->global->ADHERENT_CARD_TYPE), 1, 0, 0, '', 0, 0, 0, '', '', 1);
print $form->selectarray('model', $arrayoflabels, (GETPOST('model') ?GETPOST('model') : (empty($conf->global->ADHERENT_CARD_TYPE) ? '' : $conf->global->ADHERENT_CARD_TYPE)), 1, 0, 0, '', 0, 0, 0, '', '', 1);
print '<br>'.$langs->trans("Login").': <input size="10" type="text" name="foruserlogin" value="'.GETPOST('foruserlogin').'">';
print '<br><input class="button" type="submit" value="'.$langs->trans("BuildDoc").'">';
print '</form>';
print '<br><br>';
print img_picto('', 'puce').' '.$langs->trans("DocForLabels", $conf->global->ADHERENT_ETIQUETTE_TYPE).' ';
print img_picto('', 'puce').' '.$langs->trans("DocForLabels", (empty($conf->global->ADHERENT_ETIQUETTE_TYPE) ? '' : $conf->global->ADHERENT_ETIQUETTE_TYPE)).' ';
print '<form action="'.$_SERVER["PHP_SELF"].'" method="POST">';
print '<input type="hidden" name="token" value="'.newToken().'">';
print '<input type="hidden" name="mode" value="label">';
@ -309,7 +312,7 @@ foreach (array_keys($_Avery_Labels) as $codecards) {
$arrayoflabels[$codecards] = $_Avery_Labels[$codecards]['name'];
}
asort($arrayoflabels);
print $form->selectarray('modellabel', $arrayoflabels, (GETPOST('modellabel') ?GETPOST('modellabel') : $conf->global->ADHERENT_ETIQUETTE_TYPE), 1, 0, 0, '', 0, 0, 0, '', '', 1);
print $form->selectarray('modellabel', $arrayoflabels, (GETPOST('modellabel') ? GETPOST('modellabel') : (empty($conf->global->ADHERENT_ETIQUETTE_TYPE) ? '' : $conf->global->ADHERENT_ETIQUETTE_TYPE)), 1, 0, 0, '', 0, 0, 0, '', '', 1);
print '<br><input class="button" type="submit" value="'.$langs->trans("BuildDoc").'">';
print '</form>';

71
htdocs/adherents/class/adherent.class.php
View File

@ -206,7 +206,7 @@ class Adherent extends CommonObject
public $public;
// -1:brouillon, 0:resilie, >=1:valide,paye
// -2:exclu, -1:brouillon, 0:resilie, >=1:valide,paye
// def in common object
//public $status;
@ -326,7 +326,7 @@ class Adherent extends CommonObject
'fk_user_valid' => array('type' => 'integer:User:user/class/user.class.php', 'label' => 'UserValidation', 'enabled' => 1, 'visible' => -1, 'position' => 190),
'canvas' => array('type' => 'varchar(32)', 'label' => 'Canvas', 'enabled' => 1, 'visible' => -1, 'position' => 195),
'statut' => array('type' => 'smallint(6)', 'label' => 'Statut', 'enabled' => 1, 'visible' => -1, 'notnull' => 1, 'position' => 500,
'arrayofkeyval' => array(0 => 'Draft', 1 => 'Validated', -1 => 'MemberStatusResiliatedShort')),
'arrayofkeyval' => array(0 => 'Draft', 1 => 'Validated', -1 => 'MemberStatusResiliatedShort', -2 => 'MemberStatusExcludedShort')),
'model_pdf' => array('type' => 'varchar(255)', 'label' => 'Model pdf', 'enabled' => 1, 'visible' => 0, 'position' => 800),
'import_key' => array('type' => 'varchar(14)', 'label' => 'ImportId', 'enabled' => 1, 'visible' => -2, 'position' => 805)
);
@ -1141,7 +1141,7 @@ class Adherent extends CommonObject
$this->db->begin();
// If user is linked to this member, remove old link to this member
$sql = "UPDATE ".MAIN_DB_PREFIX."user SET fk_member = NULL WHERE fk_member = ".$this->id;
$sql = "UPDATE ".MAIN_DB_PREFIX."user SET fk_member = NULL WHERE fk_member = ".((int) $this->id);
dol_syslog(get_class($this)."::setUserId", LOG_DEBUG);
$resql = $this->db->query($sql);
if (!$resql) {
@ -1152,7 +1152,7 @@ class Adherent extends CommonObject
// Set link to user
if ($userid > 0) {
$sql = "UPDATE ".MAIN_DB_PREFIX."user SET fk_member = ".$this->id;
$sql = "UPDATE ".MAIN_DB_PREFIX."user SET fk_member = ".((int) $this->id);
$sql .= " WHERE rowid = ".$userid;
dol_syslog(get_class($this)."::setUserId", LOG_DEBUG);
$resql = $this->db->query($sql);
@ -1917,6 +1917,55 @@ class Adherent extends CommonObject
}
}
/**
* Functiun to exlude (set adherent.status to -2) a member
* TODO
* A private note should be added to know why the member has been excluded
* For historical purpose it add an "extra-subscription" type excluded
*
* @param User $user User making change
* @return int <0 if KO, >0 if OK
*/
public function exclude($user)
{
global $langs, $conf;
$error = 0;
// Check parameters
if ($this->statut == 0) {
dol_syslog(get_class($this)."::resiliate statut of member does not allow this", LOG_WARNING);
return 0;
}
$this->db->begin();
$sql = "UPDATE ".MAIN_DB_PREFIX."adherent SET";
$sql .= " statut = -2";
$sql .= ", fk_user_valid=".$user->id;
$sql .= " WHERE rowid = ".$this->id;
$result = $this->db->query($sql);
if ($result) {
$this->statut = 0;
// Call trigger
$result = $this->call_trigger('MEMBER_EXCLUDE', $user);
if ($result < 0) {
$error++;
$this->db->rollback();
return -1;
}
// End call triggers
$this->db->commit();
return 1;
} else {
$this->error = $this->db->error();
$this->db->rollback();
return -1;
}
}
// phpcs:disable PEAR.NamingConventions.ValidFunctionName.ScopeNotCamelCaps
/**
@ -2085,9 +2134,9 @@ class Adherent extends CommonObject
}
$label .= '</div>';
$url = DOL_URL_ROOT.'/adherents/card.php?rowid='.$this->id;
$url = DOL_URL_ROOT.'/adherents/card.php?rowid='.((int) $this->id);
if ($option == 'subscription') {
$url = DOL_URL_ROOT.'/adherents/subscription.php?rowid='.$this->id;
$url = DOL_URL_ROOT.'/adherents/subscription.php?rowid='.((int) $this->id);
}
if ($option != 'nolink') {
@ -2173,7 +2222,7 @@ class Adherent extends CommonObject
}
/**
* Retourne le libelle du statut d'un adherent (brouillon, valide, resilie)
* Retourne le libelle du statut d'un adherent (brouillon, valide, resilie, exclu)
*
* @param int $mode 0=libelle long, 1=libelle court, 2=Picto + Libelle court, 3=Picto, 4=Picto + Libelle long, 5=Libelle court + Picto
* @return string Label
@ -2216,7 +2265,7 @@ class Adherent extends CommonObject
$statusType = 'status1';
$labelStatus = $langs->trans("MemberStatusActive");
$labelStatusShort = $langs->trans("MemberStatusActiveShort");
} elseif ($date_end_subscription < time()) {
} elseif ($date_end_subscription < dol_now()) {
$statusType = 'status3';
$labelStatus = $langs->trans("MemberStatusActiveLate");
$labelStatusShort = $langs->trans("MemberStatusActiveLateShort");
@ -2229,6 +2278,10 @@ class Adherent extends CommonObject
$statusType = 'status6';
$labelStatus = $langs->trans("MemberStatusResiliated");
$labelStatusShort = $langs->trans("MemberStatusResiliatedShort");
} elseif ($status == -2) {
$statusType = 'status10';
$labelStatus = $langs->trans("MemberStatusExcluded");
$labelStatusShort = $langs->trans("MemberStatusExcludedShort");
}
return dolGetStatus($labelStatus, $labelStatusShort, '', $statusType, $mode);
@ -2644,7 +2697,7 @@ class Adherent extends CommonObject
$sql .= ' a.tms as datem,';
$sql .= ' a.fk_user_author, a.fk_user_valid, a.fk_user_mod';
$sql .= ' FROM '.MAIN_DB_PREFIX.'adherent as a';
$sql .= ' WHERE a.rowid = '.$id;
$sql .= ' WHERE a.rowid = '.((int) $id);
dol_syslog(get_class($this)."::info", LOG_DEBUG);
$result = $this->db->query($sql);

29
htdocs/adherents/class/adherent_type.class.php
View File

@ -103,6 +103,9 @@ class AdherentType extends CommonObject
/** @var string Email sent after resiliation */
public $mail_resiliate = '';
/** @var string Email sent after exclude */
public $mail_exclude = '';
/** @var array Array of members */
public $members = array();
@ -173,7 +176,7 @@ class AdherentType extends CommonObject
$sql = "SELECT rowid";
$sql .= " FROM ".MAIN_DB_PREFIX."adherent_type_lang";
$sql .= " WHERE fk_type=".$this->id;
$sql .= " AND lang='".$key."'";
$sql .= " AND lang = '".$this->db->escape($key)."'";
$result = $this->db->query($sql);
@ -199,7 +202,7 @@ class AdherentType extends CommonObject
$sql = "SELECT rowid";
$sql .= " FROM ".MAIN_DB_PREFIX."adherent_type_lang";
$sql .= " WHERE fk_type=".$this->id;
$sql .= " AND lang='".$key."'";
$sql .= " AND lang = '".$this->db->escape($key)."'";
$result = $this->db->query($sql);
@ -479,6 +482,9 @@ class AdherentType extends CommonObject
if (!empty($conf->global->MAIN_MULTILANGS)) {
$this->getMultiLangs();
}
// fetch optionals attributes and labels
$this->fetch_optionals();
}
return 1;
@ -546,7 +552,7 @@ class AdherentType extends CommonObject
$sql = "SELECT a.rowid";
$sql .= " FROM ".MAIN_DB_PREFIX."adherent as a";
$sql .= " WHERE a.entity IN (".getEntity('member').")";
$sql .= " AND a.fk_adherent_type = ".$this->id;
$sql .= " AND a.fk_adherent_type = ".((int) $this->id);
if (!empty($excludefilter)) {
$sql .= ' AND ('.$excludefilter.')';
}
@ -623,7 +629,7 @@ class AdherentType extends CommonObject
$label .= '<br>'.$langs->trans("SubscriptionRequired").': '.yn($this->subscription);
}
$linkstart = '<a href="'.DOL_URL_ROOT.'/adherents/type.php?rowid='.$this->id.'" title="'.dol_escape_htmltag($label, 1).'" class="classfortooltip">';
$linkstart = '<a href="'.DOL_URL_ROOT.'/adherents/type.php?rowid='.((int) $this->id).'" title="'.dol_escape_htmltag($label, 1).'" class="classfortooltip">';
$linkend = '</a>';
$result .= $linkstart;
@ -817,4 +823,19 @@ class AdherentType extends CommonObject
return '';
}
/**
* getMailOnExclude
*
* @return string Return mail model content of type or empty
*/
public function getMailOnExclude()
{
// NOTE mail_exclude not defined so never used
if (!empty($this->mail_exclude) && trim(dol_htmlentitiesbr_decode($this->mail_exclude))) { // Property not yet defined
return $this->mail_exclude;
}
return '';
}
}

7
htdocs/adherents/class/api_members.class.php
View File

@ -329,7 +329,7 @@ class Members extends DolibarrApi
continue;
}
// Process the status separately because it must be updated using
// the validate() and resiliate() methods of the class Adherent.
// the validate(), resiliate() and exclude() methods of the class Adherent.
if ($field == 'statut') {
if ($value == '0') {
$result = $member->resiliate(DolibarrApiAccess::$user);
@ -341,6 +341,11 @@ class Members extends DolibarrApi
if ($result < 0) {
throw new RestException(500, 'Error when validating member: '.$member->error);
}
} elseif ($value == '-2') {
$result = $member->exclude(DolibarrApiAccess::$user);
if ($result < 0) {
throw new RestException(500, 'Error when excluding member: '.$member->error);
}
}
} else {
$member->$field = $value;

2
htdocs/adherents/class/api_memberstypes.class.php
View File

@ -194,7 +194,7 @@ class MembersTypes extends DolibarrApi
continue;
}
// Process the status separately because it must be updated using
// the validate() and resiliate() methods of the class AdherentType.
// the validate(), resiliate() and exclude() methods of the class AdherentType.
$membertype->$field = $value;
}

4
htdocs/adherents/class/subscription.class.php
View File

@ -417,7 +417,7 @@ class Subscription extends CommonObject
$label .= '<br><b>'.$langs->trans('DateEnd').':</b> '.dol_print_date($this->datef, 'day');
}
$url = DOL_URL_ROOT.'/adherents/subscription/card.php?rowid='.$this->id;
$url = DOL_URL_ROOT.'/adherents/subscription/card.php?rowid='.((int) $this->id);
if ($option != 'nolink') {
// Add param to save lastsearch_values or not
@ -483,7 +483,7 @@ class Subscription extends CommonObject
$sql = 'SELECT c.rowid, c.datec,';
$sql .= ' c.tms as datem';
$sql .= ' FROM '.MAIN_DB_PREFIX.'subscription as c';
$sql .= ' WHERE c.rowid = '.$id;
$sql .= ' WHERE c.rowid = '.((int) $id);
$result = $this->db->query($sql);
if ($result) {

6
htdocs/adherents/document.php
View File

@ -89,8 +89,10 @@ include DOL_DOCUMENT_ROOT.'/core/actions_linkedfiles.inc.php';
$form = new Form($db);
$title = $langs->trans("Member")." - ".$langs->trans("Documents");
$helpurl = "EN:Module_Foundations|FR:Module_Adh&eacute;rents|ES:M&oacute;dulo_Miembros";
llxHeader("", $title, $helpurl);
$help_url = "EN:Module_Foundations|FR:Module_Adh&eacute;rents|ES:M&oacute;dulo_Miembros|DE:Modul_Mitglieder";
llxHeader("", $title, $help_url);
if ($id > 0) {
$result = $membert->fetch($object->typeid);

301
htdocs/adherents/index.php
View File

@ -1,8 +1,8 @@
<?php
/* Copyright (C) 2001-2002 Rodolphe Quiedeville <rodolphe@quiedeville.org>
* Copyright (C) 2003 Jean-Louis Bergamo <jlb@j1b.org>
* Copyright (C) 2004-2020 Laurent Destailleur <eldy@users.sourceforge.net>
* Copyright (C) 2005-2012 Regis Houssin <regis.houssin@inodbox.com>
* Copyright (C) 2003 Jean-Louis Bergamo <jlb@j1b.org>
* Copyright (C) 2004-2020 Laurent Destailleur <eldy@users.sourceforge.net>
* Copyright (C) 2005-2012 Regis Houssin <regis.houssin@inodbox.com>
* Copyright (C) 2019 Nicolas ZABOURI <info@inovea-conseil.com>
* Copyright (C) 2021 Frédéric France <frederic.france@netlgic.fr>
*
@ -79,10 +79,11 @@ $subscriptionstatic = new Subscription($db);
print load_fiche_titre($langs->trans("MembersArea"), $resultboxes['selectboxlist'], 'members');
$Adherents = array();
$AdherentsAValider = array();
$MemberUpToDate = array();
$AdherentsResilies = array();
$MembersValidated = array();
$MembersToValidate = array();
$MembersUpToDate = array();
$MembersExcluded = array();
$MembersResiliated = array();
$AdherentType = array();
@ -111,11 +112,14 @@ if ($result) {
$AdherentType[$objp->rowid] = $adhtype;
if ($objp->statut == -1) {
$MemberToValidate[$objp->rowid] = $objp->somme;
$MembersToValidate[$objp->rowid] = $objp->somme;
}
if ($objp->statut == 1) {
$MembersValidated[$objp->rowid] = $objp->somme;
}
if ($objp->statut == -2) {
$MembersExcluded[$objp->rowid] = $objp->somme;
}
if ($objp->statut == 0) {
$MembersResiliated[$objp->rowid] = $objp->somme;
}
@ -144,7 +148,7 @@ if ($result) {
$i = 0;
while ($i < $num) {
$objp = $db->fetch_object($result);
$MemberUpToDate[$objp->fk_adherent_type] = $objp->somme;
$MembersUpToDate[$objp->fk_adherent_type] = $objp->somme;
$i++;
}
$db->free();
@ -193,38 +197,43 @@ if ($conf->use_javascript_ajax) {
$boxgraph .='<tr class="liste_titre"><th colspan="2">'.$langs->trans("Statistics").'</th></tr>';
$boxgraph .='<tr><td class="center" colspan="2">';
$SommeA = 0;
$SommeB = 0;
$SumToValidate = 0;
$SumValidated = 0;
$SumUpToDate = 0;
$SumResiliated = 0;
$SumExcluded = 0;
$SommeC = 0;
$SommeD = 0;
$total = 0;
$dataval = array();
$i = 0;
foreach ($AdherentType as $key => $adhtype) {
$dataval['draft'][] = array($i, isset($MemberToValidate[$key]) ? $MemberToValidate[$key] : 0);
$dataval['notuptodate'][] = array($i, isset($MembersValidated[$key]) ? $MembersValidated[$key] - (isset($MemberUpToDate[$key]) ? $MemberUpToDate[$key] : 0) : 0);
$dataval['uptodate'][] = array($i, isset($MemberUpToDate[$key]) ? $MemberUpToDate[$key] : 0);
$dataval['draft'][] = array($i, isset($MembersToValidate[$key]) ? $MembersToValidate[$key] : 0);
$dataval['notuptodate'][] = array($i, isset($MembersValidated[$key]) ? $MembersValidated[$key] - (isset($MembersUpToDate[$key]) ? $MembersUpToDate[$key] : 0) : 0);
$dataval['uptodate'][] = array($i, isset($MembersUpToDate[$key]) ? $MembersUpToDate[$key] : 0);
$dataval['excluded'][] = array($i, isset($MembersExcluded[$key]) ? $MembersExcluded[$key] : 0);
$dataval['resiliated'][] = array($i, isset($MembersResiliated[$key]) ? $MembersResiliated[$key] : 0);
$SommeA += isset($MemberToValidate[$key]) ? $MemberToValidate[$key] : 0;
$SommeB += isset($MembersValidated[$key]) ? $MembersValidated[$key] - (isset($MemberUpToDate[$key]) ? $MemberUpToDate[$key] : 0) : 0;
$SommeC += isset($MemberUpToDate[$key]) ? $MemberUpToDate[$key] : 0;
$SommeD += isset($MembersResiliated[$key]) ? $MembersResiliated[$key] : 0;
$SumToValidate += isset($MembersToValidate[$key]) ? $MembersToValidate[$key] : 0;
$SumValidated += isset($MembersValidated[$key]) ? $MembersValidated[$key] - (isset($MembersUpToDate[$key]) ? $MembersUpToDate[$key] : 0) : 0;
$SumUpToDate += isset($MembersUpToDate[$key]) ? $MembersUpToDate[$key] : 0;
$SumExcluded += isset($MembersExcluded[$key]) ? $MembersExcluded [$key] : 0;
$SumResiliated += isset($MembersResiliated[$key]) ? $MembersResiliated[$key] : 0;
$i++;
}
$total = $SommeA + $SommeB + $SommeC + $SommeD;
$total = $SumToValidate + $SumValidated + $SumUpToDate + $SumExcluded + $SumResiliated;
$dataseries = array();
$dataseries[] = array($langs->transnoentitiesnoconv("OutOfDate"), round($SommeB));
$dataseries[] = array($langs->transnoentitiesnoconv("UpToDate"), round($SommeC));
$dataseries[] = array($langs->transnoentitiesnoconv("MembersStatusResiliated"), round($SommeD));
$dataseries[] = array($langs->transnoentitiesnoconv("MembersStatusToValid"), round($SommeA));
$dataseries[] = array($langs->transnoentitiesnoconv("OutOfDate"), round($SumValidated));
$dataseries[] = array($langs->transnoentitiesnoconv("UpToDate"), round($SumUpToDate));
$dataseries[] = array($langs->transnoentitiesnoconv("MembersStatusExcluded"), round($SumExcluded));
$dataseries[] = array($langs->transnoentitiesnoconv("MembersStatusResiliated"), round($SumResiliated));
$dataseries[] = array($langs->transnoentitiesnoconv("MembersStatusToValid"), round($SumToValidate));
include DOL_DOCUMENT_ROOT.'/theme/'.$conf->theme.'/theme_vars.inc.php';
include_once DOL_DOCUMENT_ROOT.'/core/class/dolgraph.class.php';
$dolgraph = new DolGraph();
$dolgraph->SetData($dataseries);
$dolgraph->SetDataColor(array($badgeStatus1, $badgeStatus4, $badgeStatus6, '-'.$badgeStatus0));
$dolgraph->SetDataColor(array($badgeStatus1, $badgeStatus4, '-'.$badgeStatus8, $badgeStatus6, '-'.$badgeStatus0));
$dolgraph->setShowLegend(2);
$dolgraph->setShowPercent(1);
$dolgraph->SetType(array('pie'));
@ -234,7 +243,7 @@ if ($conf->use_javascript_ajax) {
$boxgraph .= '</td></tr>';
$boxgraph .= '<tr class="liste_total"><td>'.$langs->trans("Total").'</td><td class="right">';
$boxgraph .= $SommeA + $SommeB + $SommeC + $SommeD;
$boxgraph .= $SumToValidate + $SumValidated + $SumUpToDate + $SumExcluded + $SumResiliated;
$boxgraph .= '</td></tr>';
$boxgraph .= '</table>';
$boxgraph .= '</div>';
@ -251,250 +260,12 @@ print '<div class="firstcolumn fichehalfleft boxhalfleft" id="boxhalfleft">';
print $searchbox;
print $boxgraph;
// List of subscription by year
$Total = array();
$Number = array();
$tot = 0;
$numb = 0;
$sql = "SELECT c.subscription, c.dateadh as dateh";
$sql .= " FROM ".MAIN_DB_PREFIX."adherent as d, ".MAIN_DB_PREFIX."subscription as c";
$sql .= " WHERE d.entity IN (".getEntity('adherent').")";
$sql .= " AND d.rowid = c.fk_adherent";
$result = $db->query($sql);
if ($result) {
$num = $db->num_rows($result);
$i = 0;
while ($i < $num) {
$objp = $db->fetch_object($result);
$year = dol_print_date($db->jdate($objp->dateh), "%Y");
$Total[$year] = (isset($Total[$year]) ? $Total[$year] : 0) + $objp->subscription;
$Number[$year] = (isset($Number[$year]) ? $Number[$year] : 0) + 1;
$tot += $objp->subscription;
$numb += 1;
$i++;
}
}
print '<div class="div-table-responsive-no-min">';
print '<table class="noborder centpercent">';
print '<tr class="liste_titre">';
print '<th>'.$langs->trans("Year").'</th>';
print '<th class="right">'.$langs->trans("Subscriptions").'</th>';
print '<th class="right">'.$langs->trans("AmountTotal").'</th>';
print '<th class="right">'.$langs->trans("AmountAverage").'</th>';
print "</tr>\n";
krsort($Total);
$i = 0;
foreach ($Total as $key=>$value) {
if ($i >= 8) {
print '<tr class="oddeven">';
print "<td>...</td>";
print "<td class=\"right\"></td>";
print "<td class=\"right\"></td>";
print "<td class=\"right\"></td>";
print "</tr>\n";
break;
}
print '<tr class="oddeven">';
print "<td><a href=\"./subscription/list.php?date_select=$key\">$key</a></td>";
print "<td class=\"right\">".$Number[$key]."</td>";
print "<td class=\"right\">".price($value)."</td>";
print "<td class=\"right\">".price(price2num($value / $Number[$key], 'MT'))."</td>";
print "</tr>\n";
$i++;
}
// Total
print '<tr class="liste_total">';
print '<td>'.$langs->trans("Total").'</td>';
print "<td class=\"right\">".$numb."</td>";
print '<td class="right">'.price($tot)."</td>";
print "<td class=\"right\">".price(price2num($numb > 0 ? ($tot / $numb) : 0, 'MT'))."</td>";
print "</tr>\n";
print "</table></div>";
print "<br>\n";
print $resultboxes['boxlista'];
print '</div>'."\n";
print '<div class="secondcolumn fichehalfright boxhalfright" id="boxhalfright">';
/*
* Latest modified members
*/
$max = $conf->global->MAIN_SIZE_SHORTLIST_LIMIT;
$sql = "SELECT a.rowid, a.statut as status, a.lastname, a.firstname, a.societe as company, a.fk_soc,";
$sql .= " a.gender, a.email, a.photo, a.morphy,";
$sql .= " a.tms as datem, a.datefin as date_end_subscription,";
$sql .= " ta.rowid as typeid, ta.libelle as label, ta.subscription as need_subscription";
$sql .= " FROM ".MAIN_DB_PREFIX."adherent as a, ".MAIN_DB_PREFIX."adherent_type as ta";
$sql .= " WHERE a.entity IN (".getEntity('adherent').")";
$sql .= " AND a.fk_adherent_type = ta.rowid";
$sql .= $db->order("a.tms", "DESC");
$sql .= $db->plimit($max, 0);
$resql = $db->query($sql);
if ($resql) {
print '<div class="div-table-responsive-no-min">';
print '<table class="noborder centpercent">';
print '<tr class="liste_titre">';
print '<th colspan="4">'.$langs->trans("LastMembersModified", $max).'</th></tr>';
$num = $db->num_rows($resql);
if ($num) {
$i = 0;
while ($i < $num) {
$obj = $db->fetch_object($resql);
$staticmember->id = $obj->rowid;
$staticmember->ref = $obj->rowid;
$staticmember->lastname = $obj->lastname;
$staticmember->firstname = $obj->firstname;
$staticmember->gender = $obj->gender;
$staticmember->email = $obj->email;
$staticmember->photo = $obj->photo;
$staticmember->morphy = $obj->morphy;
$staticmember->statut = $obj->status;
$staticmember->need_subscription = $obj->need_subscription;
$staticmember->datefin = $db->jdate($obj->date_end_subscription);
if (!empty($obj->fk_soc)) {
$staticmember->fk_soc = $obj->fk_soc;
$staticmember->fetch_thirdparty();
$staticmember->name = $staticmember->thirdparty->name;
} else {
$staticmember->name = $obj->company;
}
$statictype->id = $obj->typeid;
$statictype->label = $obj->label;
$statictype->subscription = $obj->need_subscription;
print '<tr class="oddeven">';
print '<td class="nowraponall">'.$staticmember->getNomUrl(-1, 32).'</td>';
print '<td>'.$statictype->getNomUrl(1, 32).'</td>';
print '<td>'.dol_print_date($db->jdate($obj->datem), 'dayhour').'</td>';
print '<td class="right">'.$staticmember->getLibStatut(3).'</td>';
print '</tr>';
$i++;
}
}
print "</table></div>";
print "<br>";
} else {
dol_print_error($db);
}
/*
* Last modified subscriptions
*/
$max = $conf->global->MAIN_SIZE_SHORTLIST_LIMIT;
$sql = "SELECT a.rowid, a.statut as status, a.lastname, a.firstname, a.societe as company, a.fk_soc,";
$sql .= " a.gender, a.email, a.photo, a.morphy,";
$sql .= " a.datefin as date_end_subscription,";
$sql .= " ta.rowid as typeid, ta.libelle as label, ta.subscription as need_subscription,";
$sql .= " c.rowid as cid, c.tms as datem, c.datec as datec, c.dateadh as date_start, c.datef as date_end, c.subscription";
$sql .= " FROM ".MAIN_DB_PREFIX."adherent as a, ".MAIN_DB_PREFIX."adherent_type as ta, ".MAIN_DB_PREFIX."subscription as c";
$sql .= " WHERE a.entity IN (".getEntity('adherent').")";
$sql .= " AND a.fk_adherent_type = ta.rowid";
$sql .= " AND c.fk_adherent = a.rowid";
$sql .= $db->order("c.tms", "DESC");
$sql .= $db->plimit($max, 0);
$resql = $db->query($sql);
if ($resql) {
print '<div class="div-table-responsive-no-min">';
print '<table class="noborder centpercent">';
print '<tr class="liste_titre">';
print '<th colspan="5">'.$langs->trans("LastSubscriptionsModified", $max).'</th></tr>';
$num = $db->num_rows($resql);
if ($num) {
$i = 0;
while ($i < $num) {
$obj = $db->fetch_object($resql);
$staticmember->id = $obj->rowid;
$staticmember->ref = $obj->rowid;
$staticmember->lastname = $obj->lastname;
$staticmember->firstname = $obj->firstname;
$staticmember->gender = $obj->gender;
$staticmember->email = $obj->email;
$staticmember->photo = $obj->photo;
$staticmember->morphy = $obj->morphy;
$staticmember->statut = $obj->status;
$staticmember->need_subscription = $obj->need_subscription;
$staticmember->datefin = $db->jdate($obj->date_end_subscription);
if (!empty($obj->fk_soc)) {
$staticmember->fk_soc = $obj->fk_soc;
$staticmember->fetch_thirdparty();
$staticmember->name = $staticmember->thirdparty->name;
} else {
$staticmember->name = $obj->company;
}
$subscriptionstatic->id = $obj->cid;
$subscriptionstatic->ref = $obj->cid;
print '<tr class="oddeven">';
print '<td class="nowraponall">'.$subscriptionstatic->getNomUrl(1).'</td>';
print '<td class="nowraponall">'.$staticmember->getNomUrl(-1, 32, 'subscription').'</td>';
print '<td class="nowraponall">'.get_date_range($db->jdate($obj->date_start), $db->jdate($obj->date_end)).'</td>';
print '<td class="right">'.price($obj->subscription).'</td>';
//print '<td class="right">'.$staticmember->LibStatut($obj->statut,($obj->subscription=='yes'?1:0),$db->jdate($obj->date_end_subscription),5).'</td>';
print '<td class="right nowraponall">'.dol_print_date($db->jdate($obj->datem ? $obj->datem : $obj->datec), 'dayhour').'</td>';
print '</tr>';
$i++;
}
}
print "</table></div>";
print "<br>";
} else {
dol_print_error($db);
}
// Summary of members by type
print '<div class="div-table-responsive-no-min">';
print '<table class="noborder centpercent">';
print '<tr class="liste_titre">';
print '<th>'.$langs->trans("MembersTypes").'</th>';
print '<th class=right>'.$langs->trans("MembersStatusToValid").'</th>';
print '<th class=right>'.$langs->trans("OutOfDate").'</th>';
print '<th class=right>'.$langs->trans("UpToDate").'</th>';
print '<th class=right>'.$langs->trans("MembersStatusResiliated").'</th>';
print "</tr>\n";
foreach ($AdherentType as $key => $adhtype) {
print '<tr class="oddeven">';
print '<td>'.$adhtype->getNomUrl(1, dol_size(32)).'</td>';
print '<td class="right">'.(isset($MemberToValidate[$key]) && $MemberToValidate[$key] > 0 ? $MemberToValidate[$key] : '').' '.$staticmember->LibStatut(-1, $adhtype->subscription, 0, 3).'</td>';
print '<td class="right">'.(isset($MembersValidated[$key]) && ($MembersValidated[$key] - (isset($MemberUpToDate[$key]) ? $MemberUpToDate[$key] : 0) > 0) ? $MembersValidated[$key] - (isset($MemberUpToDate[$key]) ? $MemberUpToDate[$key] : 0) : '').' '.$staticmember->LibStatut(1, $adhtype->subscription, 0, 3).'</td>';
print '<td class="right">'.(isset($MemberUpToDate[$key]) && $MemberUpToDate[$key] > 0 ? $MemberUpToDate[$key] : '').' '.$staticmember->LibStatut(1, $adhtype->subscription, $now, 3).'</td>';
print '<td class="right">'.(isset($MembersResiliated[$key]) && $MembersResiliated[$key] > 0 ? $MembersResiliated[$key] : '').' '.$staticmember->LibStatut(0, $adhtype->subscription, 0, 3).'</td>';
print "</tr>\n";
}
print '<tr class="liste_total">';
print '<td class="liste_total">'.$langs->trans("Total").'</td>';
print '<td class="liste_total right">'.$SommeA.' '.$staticmember->LibStatut(-1, $adhtype->subscription, 0, 3).'</td>';
print '<td class="liste_total right">'.$SommeB.' '.$staticmember->LibStatut(1, $adhtype->subscription, 0, 3).'</td>';
print '<td class="liste_total right">'.$SommeC.' '.$staticmember->LibStatut(1, $adhtype->subscription, $now, 3).'</td>';
print '<td class="liste_total right">'.$SommeD.' '.$staticmember->LibStatut(0, $adhtype->subscription, 0, 3).'</td>';
print '</tr>';
print "</table>\n";
print "</div>";
print '<br>';
print $resultboxes['boxlistb'];
print '</div>'."\n";

3
htdocs/adherents/ldap.php
View File

@ -131,9 +131,8 @@ print '</div>';
print dol_get_fiche_end();
/*
* Barre d'actions
* Action bar
*/
print '<div class="tabsAction">';
if (!empty($conf->global->LDAP_MEMBER_ACTIVE) && $conf->global->LDAP_MEMBER_ACTIVE != 'ldap2dolibarr') {

22
htdocs/adherents/list.php
View File

@ -41,9 +41,6 @@ $confirm = GETPOST('confirm', 'alpha');
$toselect = GETPOST('toselect', 'array');
$contextpage = GETPOST('contextpage', 'aZ') ?GETPOST('contextpage', 'aZ') : 'memberslist'; // To manage different context of search
// Security check
$result = restrictedArea($user, 'adherent');
$search = GETPOST("search", 'alpha');
$search_ref = GETPOST("search_ref", 'alpha');
$search_lastname = GETPOST("search_lastname", 'alpha');
@ -79,7 +76,7 @@ if ($statut != '') {
$sall = trim((GETPOST('search_all', 'alphanohtml') != '') ?GETPOST('search_all', 'alphanohtml') : GETPOST('sall', 'alphanohtml'));
if ($search_status < -1) {
if ($search_status < -2) {
$search_status = '';
}
@ -162,6 +159,9 @@ $arrayfields = array(
// Extra fields
include DOL_DOCUMENT_ROOT.'/core/tpl/extrafields_list_array_fields.tpl.php';
// Security check
$result = restrictedArea($user, 'adherent');
/*
* Actions
@ -302,13 +302,13 @@ $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s on (s.rowid = d.fk_soc)";
$sql .= ", ".MAIN_DB_PREFIX."adherent_type as t";
$sql .= " WHERE d.fk_adherent_type = t.rowid ";
if ($catid > 0) {
$sql .= " AND cm.fk_categorie = ".$db->escape($catid);
$sql .= " AND cm.fk_categorie = ".((int) $catid);
}
if ($catid == -2) {
$sql .= " AND cm.fk_categorie IS NULL";
}
if ($search_categ > 0) {
$sql .= " AND cm.fk_categorie = ".$db->escape($search_categ);
$sql .= " AND cm.fk_categorie = ".((int) $search_categ);
}
if ($search_categ == -2) {
$sql .= " AND cm.fk_categorie IS NULL";
@ -379,7 +379,7 @@ if ($search_phone_mobile) {
$sql .= natural_search("d.phone_mobile", $search_phone_mobile);
}
if ($search_country) {
$sql .= " AND d.country IN (".$search_country.')';
$sql .= " AND d.country IN (".$db->sanitize($search_country).')';
}
// Add where from extra fields
@ -452,6 +452,9 @@ if (GETPOSTISSET("search_status")) {
if ($search_status == '0') {
$titre = $langs->trans("MembersListResiliated");
}
if ($search_status == '-2') {
$titre = $langs->trans("MembersListExcluded");
}
} elseif ($action == 'search') {
$titre = $langs->trans("MembersListQualified");
}
@ -750,9 +753,10 @@ if (!empty($arrayfields['d.statut']['checked'])) {
$liststatus = array(
'-1'=>$langs->trans("Draft"),
'1'=>$langs->trans("Validated"),
'0'=>$langs->trans("Resiliated")
'0'=>$langs->trans("Resiliated"),
'-2'=>$langs->trans("Excluded")
);
print $form->selectarray('search_status', $liststatus, $search_status, -2);
print $form->selectarray('search_status', $liststatus, $search_status, -3);
print '</td>';
}
// Action column

7
htdocs/adherents/note.php
View File

@ -57,9 +57,12 @@ include DOL_DOCUMENT_ROOT.'/core/actions_setnotes.inc.php'; // Must be include,
/*
* View
*/
$title = $langs->trans("Member")." - ".$langs->trans("Note");
$helpurl = "EN:Module_Foundations|FR:Module_Adh&eacute;rents|ES:M&oacute;dulo_Miembros";
llxHeader("", $title, $helpurl);
$help_url = "EN:Module_Foundations|FR:Module_Adh&eacute;rents|ES:M&oacute;dulo_Miembros|DE:Modul_Mitglieder";
llxHeader("", $title, $help_url);
$form = new Form($db);

6
htdocs/adherents/stats/byproperties.php
View File

@ -59,7 +59,7 @@ $title = $langs->trans("MembersStatisticsByProperties");
print load_fiche_titre($title, '', $memberstatic->picto);
dol_mkdir($dir);
//dol_mkdir($dir);
$data = array();
@ -134,7 +134,7 @@ if ($resql) {
}
$head = member_stats_prepare_head($adh);
$head = member_stats_prepare_head($memberstatic);
print dol_get_fiche_head($head, 'statsbyproperties', '', -1, '');
@ -169,7 +169,7 @@ if (!$foundmor) {
foreach ($data as $val) {
$nb = $val['nb'];
$nbsubscriptions = $val['nbsubscriptions'];
$nbsubscriptions = isset($val['nbsubscriptions']) ? $val['nbsubscriptions'] : 0;
$nbactive = $val['nbactive'];
print '<tr class="oddeven">';

18
htdocs/adherents/stats/geo.php
View File

@ -78,7 +78,7 @@ llxHeader('', $title, '', '', 0, 0, $arrayjs);
print load_fiche_titre($title, '', $memberstatic->picto);
dol_mkdir($dir);
//dol_mkdir($dir);
if ($mode) {
// Define sql
@ -87,7 +87,7 @@ if ($mode) {
$tab = 'statscountry';
$data = array();
$sql .= "SELECT COUNT(DISTINCT d.rowid) as nb, COUNT(s.rowid) as nbsubscriptions, MAX(d.datevalid) as lastdate, MAX(s.dateadh) as lastsubscriptiondate, c.code, c.label";
$sql = "SELECT COUNT(DISTINCT d.rowid) as nb, COUNT(s.rowid) as nbsubscriptions, MAX(d.datevalid) as lastdate, MAX(s.dateadh) as lastsubscriptiondate, c.code, c.label";
$sql .= " FROM ".MAIN_DB_PREFIX."adherent as d";
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."c_country as c on d.country = c.rowid";
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."subscription as s ON s.fk_adherent = d.rowid";
@ -103,7 +103,7 @@ if ($mode) {
$tab = 'statsstate';
$data = array();
$sql .= "SELECT COUNT(DISTINCT d.rowid) as nb, COUNT(s.rowid) as nbsubscriptions, MAX(d.datevalid) as lastdate, MAX(s.dateadh) as lastsubscriptiondate, co.code, co.label, c.nom as label2"; //
$sql = "SELECT COUNT(DISTINCT d.rowid) as nb, COUNT(s.rowid) as nbsubscriptions, MAX(d.datevalid) as lastdate, MAX(s.dateadh) as lastsubscriptiondate, co.code, co.label, c.nom as label2"; //
$sql .= " FROM ".MAIN_DB_PREFIX."adherent as d";
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."c_departements as c on d.state_id = c.rowid";
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."c_regions as r on c.fk_region = r.code_region";
@ -120,7 +120,7 @@ if ($mode) {
$tab = 'statsregion'; //onglet
$data = array(); //tableau de donnée
$sql .= "SELECT COUNT(DISTINCT d.rowid) as nb, COUNT(s.rowid) as nbsubscriptions, MAX(d.datevalid) as lastdate, MAX(s.dateadh) as lastsubscriptiondate, co.code, co.label, r.nom as label2";
$sql = "SELECT COUNT(DISTINCT d.rowid) as nb, COUNT(s.rowid) as nbsubscriptions, MAX(d.datevalid) as lastdate, MAX(s.dateadh) as lastsubscriptiondate, co.code, co.label, r.nom as label2";
$sql .= " FROM ".MAIN_DB_PREFIX."adherent as d";
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."c_departements as c on d.state_id = c.rowid";
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."c_regions as r on c.fk_region = r.code_region";
@ -137,7 +137,7 @@ if ($mode) {
$tab = 'statstown';
$data = array();
$sql .= "SELECT COUNT(DISTINCT d.rowid) as nb, COUNT(s.rowid) as nbsubscriptions, MAX(d.datevalid) as lastdate, MAX(s.dateadh) as lastsubscriptiondate, c.code, c.label, d.town as label2";
$sql = "SELECT COUNT(DISTINCT d.rowid) as nb, COUNT(s.rowid) as nbsubscriptions, MAX(d.datevalid) as lastdate, MAX(s.dateadh) as lastsubscriptiondate, c.code, c.label, d.town as label2";
$sql .= " FROM ".MAIN_DB_PREFIX."adherent as d";
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."c_country as c on d.country = c.rowid";
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."subscription as s ON s.fk_adherent = d.rowid";
@ -207,7 +207,7 @@ if ($mode) {
}
$head = member_stats_prepare_head($adh);
$head = member_stats_prepare_head($memberstatic);
print dol_get_fiche_head($head, $tab, '', -1, '');
@ -299,7 +299,7 @@ if ($mode) {
print '<table class="liste centpercent">';
print '<tr class="liste_titre">';
print '<td>'.$label.'</td>';
if ($label2) {
if (isset($label2)) {
print '<td class="center">'.$label2.'</td>';
}
print '<td class="right">'.$langs->trans("NbOfMembers").' <span class="opacitymedium">('.$langs->trans("AllTime").')</span></td>';
@ -308,10 +308,10 @@ if ($mode) {
print '</tr>';
foreach ($data as $val) {
$year = $val['year'];
$year = isset($val['year']) ? $val['year'] : '';;
print '<tr class="oddeven">';
print '<td>'.$val['label'].'</td>';
if ($label2) {
if (isset($label2)) {
print '<td class="center">'.$val['label2'].'</td>';
}
print '<td class="right">'.$val['nb'].'</td>';

2
htdocs/adherents/stats/index.php
View File

@ -137,7 +137,7 @@ if (!$mesg) {
}
$head = member_stats_prepare_head($adh);
$head = member_stats_prepare_head($memberstatic);
print dol_get_fiche_head($head, 'statssubscription', '', -1, '');

64
htdocs/adherents/subscription.php
View File

@ -44,6 +44,7 @@ $action = GETPOST('action', 'aZ09');
$confirm = GETPOST('confirm', 'alpha');
$rowid = GETPOST('rowid', 'int') ?GETPOST('rowid', 'int') : GETPOST('id', 'int');
$typeid = GETPOST('typeid', 'int');
$cancel = GETPOST('cancel');
// Load variable for pagination
$limit = GETPOST('limit', 'int') ?GETPOST('limit', 'int') : $conf->liste_limit;
@ -121,6 +122,7 @@ $paymentdate = -1;
* Actions
*/
$parameters = array();
$reshook = $hookmanager->executeHooks('doActions', $parameters, $object, $action);
if ($reshook < 0) {
setEventMessages($hookmanager->error, $hookmanager->errors, 'errors');
@ -147,19 +149,18 @@ if (empty($reshook) && $action == 'confirm_create_thirdparty' && $confirm == 'ye
if (empty($reshook) && $action == 'setuserid' && ($user->rights->user->self->creer || $user->rights->user->user->creer)) {
$error = 0;
if (empty($user->rights->user->user->creer)) { // If can edit only itself user, we can link to itself only
if ($_POST["userid"] != $user->id && $_POST["userid"] != $object->user_id) {
if (GETPOST("userid", 'int') != $user->id && GETPOST("userid", 'int') != $object->user_id) {
$error++;
setEventMessages($langs->trans("ErrorUserPermissionAllowsToLinksToItselfOnly"), null, 'errors');
}
}
if (!$error) {
if ($_POST["userid"] != $object->user_id) { // If link differs from currently in database
$result = $object->setUserId($_POST["userid"]);
if (GETPOST("userid", 'int') != $object->user_id) { // If link differs from currently in database
$result = $object->setUserId(GETPOST("userid", 'int'));
if ($result < 0) {
dol_print_error('', $object->error);
}
$_POST['action'] = '';
$action = '';
}
}
@ -189,14 +190,13 @@ if (empty($reshook) && $action == 'setsocid') {
if ($result < 0) {
dol_print_error('', $object->error);
}
$_POST['action'] = '';
$action = '';
}
}
}
}
if ($user->rights->adherent->cotisation->creer && $action == 'subscription' && !$_POST["cancel"]) {
if ($user->rights->adherent->cotisation->creer && $action == 'subscription' && !$cancel) {
$error = 0;
$langs->load("banks");
@ -208,25 +208,25 @@ if ($user->rights->adherent->cotisation->creer && $action == 'subscription' && !
$datesubscription = 0;
$datesubend = 0;
$paymentdate = 0;
if ($_POST["reyear"] && $_POST["remonth"] && $_POST["reday"]) {
$datesubscription = dol_mktime(0, 0, 0, $_POST["remonth"], $_POST["reday"], $_POST["reyear"]);
if (GETPOST("reyear", "int") && GETPOST("remonth", "int") && GETPOST("reday", "int")) {
$datesubscription = dol_mktime(0, 0, 0, GETPOST("remonth", "int"), GETPOST("reday", "int"), GETPOST("reyear", "int"));
}
if ($_POST["endyear"] && $_POST["endmonth"] && $_POST["endday"]) {
$datesubend = dol_mktime(0, 0, 0, $_POST["endmonth"], $_POST["endday"], $_POST["endyear"]);
if (GETPOST("endyear", 'int') && GETPOST("endmonth", 'int') && GETPOST("endday", 'int')) {
$datesubend = dol_mktime(0, 0, 0, GETPOST("endmonth", 'int'), GETPOST("endday", 'int'), GETPOST("endyear", 'int'));
}
if ($_POST["paymentyear"] && $_POST["paymentmonth"] && $_POST["paymentday"]) {
$paymentdate = dol_mktime(0, 0, 0, $_POST["paymentmonth"], $_POST["paymentday"], $_POST["paymentyear"]);
if (GETPOST("paymentyear", 'int') && GETPOST("paymentmonth", 'int') && GETPOST("paymentday", 'int')) {
$paymentdate = dol_mktime(0, 0, 0, GETPOST("paymentmonth", 'int'), GETPOST("paymentday", 'int'), GETPOST("paymentyear", 'int'));
}
$amount = price2num(GETPOST("subscription", 'alpha')); // Amount of subscription
$label = $_POST["label"];
$label = GETPOST("label");
// Payment informations
$accountid = $_POST["accountid"];
$operation = $_POST["operation"]; // Payment mode
$accountid = GETPOST("accountid", 'int');
$operation = GETPOST("operation", "alphanohtml"); // Payment mode
$num_chq = GETPOST("num_chq", "alphanohtml");
$emetteur_nom = $_POST["chqemetteur"];
$emetteur_banque = $_POST["chqbank"];
$option = $_POST["paymentsave"];
$emetteur_nom = GETPOST("chqemetteur");
$emetteur_banque = GETPOST("chqbank");
$option = GETPOST("paymentsave");
if (empty($option)) {
$option = 'none';
}
@ -266,19 +266,19 @@ if ($user->rights->adherent->cotisation->creer && $action == 'subscription' && !
$error++;
$action = 'addsubscription';
} else {
if (!empty($conf->banque->enabled) && $_POST["paymentsave"] != 'none') {
if ($_POST["subscription"]) {
if (!$_POST["label"]) {
if (!empty($conf->banque->enabled) && GETPOST("paymentsave") != 'none') {
if (GETPOST("subscription")) {
if (!GETPOST("label")) {
$errmsg = $langs->trans("ErrorFieldRequired", $langs->transnoentities("Label"));
}
if ($_POST["paymentsave"] != 'invoiceonly' && !$_POST["operation"]) {
if (GETPOST("paymentsave") != 'invoiceonly' && !GETPOST("operation")) {
$errmsg = $langs->trans("ErrorFieldRequired", $langs->transnoentities("PaymentMode"));
}
if ($_POST["paymentsave"] != 'invoiceonly' && !($_POST["accountid"] > 0)) {
if (GETPOST("paymentsave") != 'invoiceonly' && !(GETPOST("accountid", 'int') > 0)) {
$errmsg = $langs->trans("ErrorFieldRequired", $langs->transnoentities("FinancialAccount"));
}
} else {
if ($_POST["accountid"]) {
if (GETPOST("accountid")) {
$errmsg = $langs->trans("ErrorDoNotProvideAccountsIfNullAmount");
}
}
@ -428,8 +428,10 @@ $form = new Form($db);
$now = dol_now();
$title = $langs->trans("Member")." - ".$langs->trans("Subscriptions");
$helpurl = "EN:Module_Foundations|FR:Module_Adh&eacute;rents|ES:M&oacute;dulo_Miembros";
llxHeader("", $title, $helpurl);
$help_url = "EN:Module_Foundations|FR:Module_Adh&eacute;rents|ES:M&oacute;dulo_Miembros|DE:Modul_Mitglieder";
llxHeader("", $title, $help_url);
$param = '';
@ -450,7 +452,8 @@ if ($optioncss != '') {
if ($rowid > 0) {
$res = $object->fetch($rowid);
if ($res < 0) {
dol_print_error($db, $object->error); exit;
dol_print_error($db, $object->error);
exit;
}
$adht->fetch($object->typeid);
@ -639,10 +642,10 @@ if ($rowid > 0) {
/*
* Action buttons
* Action bar
*/
// Button to create a new subscription if member no draft neither resiliated
// Button to create a new subscription if member no draft (-1) neither resiliated (0) neither excluded (-2)
if ($user->rights->adherent->cotisation->creer) {
if ($action != 'addsubscription' && $action != 'create_thirdparty') {
print '<div class="tabsAction">';
@ -844,7 +847,7 @@ if ($rowid > 0) {
});
';
if (GETPOST('paymentsave')) {
print '$("#'.GETPOST('paymentsave').'").prop("checked",true);';
print '$("#'.GETPOST('paymentsave', 'aZ09').'").prop("checked", true);';
}
print '});';
print '</script>'."\n";
@ -1035,6 +1038,7 @@ if ($rowid > 0) {
// Bank account
print '<tr class="bankswitchclass"><td class="fieldrequired">'.$langs->trans("FinancialAccount").'</td><td>';
print img_picto('', 'bank_account');
$form->select_comptes(GETPOST('accountid'), 'accountid', 0, '', 2);
print "</td></tr>\n";

5
htdocs/adherents/subscription/card.php
View File

@ -349,8 +349,7 @@ if ($rowid && $action != 'edit') {
print dol_get_fiche_end();
/*
* Barre d'actions
*
* Action bar
*/
print '<div class="tabsAction">';
@ -373,7 +372,7 @@ if ($rowid && $action != 'edit') {
print '<div class="fichecenter"><div class="fichehalfleft">';
print '<a name="builddoc"></a>'; // ancre
// Documents generes
// Generated documents
/*
$filename = dol_sanitizeFileName($object->ref);
$filedir = $conf->facture->dir_output . '/' . dol_sanitizeFileName($object->ref);

11
htdocs/adherents/subscription/list.php
View File

@ -191,7 +191,7 @@ if ($search_note) {
$sql .= natural_search('c.note', $search_note);
}
if ($search_account > 0) {
$sql .= " AND b.fk_account = ".urldecode($search_account);
$sql .= " AND b.fk_account = ".((int) $search_account);
}
if ($search_amount) {
$sql .= natural_search('c.subscription', $search_amount, 1);
@ -496,11 +496,14 @@ while ($i < min($num, $limit)) {
$adherent->morphy = $obj->morphy;
$adherent->email = $obj->email;
$adherent->typeid = $obj->type;
$adherent->datefin = $db->jdate($obj->datef);
$typeid = ($obj->fk_type > 0 ? $obj->fk_type : $adherent->typeid);
$adht = new AdherentType($db);
$adht->fetch($typeid);
$adherent->need_subscription = $adht->subscription;
print '<tr class="oddeven">';
// Ref
@ -547,8 +550,8 @@ while ($i < min($num, $limit)) {
// Label
if (!empty($arrayfields['t.libelle']['checked'])) {
print '<td>';
print dol_trunc($obj->note, 128);
print '<td class="tdoverflowmax500" title="'.dol_escape_htmltag($obj->note).'">';
print $obj->note;
print '</td>';
if (!$i) {
$totalarray['nbfield']++;
@ -586,7 +589,7 @@ while ($i < min($num, $limit)) {
}
// Price
if (!empty($arrayfields['d.amount']['checked'])) {
print '<td class="right">'.price($obj->subscription).'</td>';
print '<td class="right amount">'.price($obj->subscription).'</td>';
if (!$i) {
$totalarray['nbfield']++;
}

14
htdocs/adherents/type.php
View File

@ -43,12 +43,13 @@ $cancel = GETPOST('cancel', 'alpha');
$backtopage = GETPOST('backtopage', 'alpha');
$search_lastname = GETPOST('search_lastname', 'alpha');
$search_login = GETPOST('search_login', 'alpha');
$search_email = GETPOST('search_email', 'alpha');
$search_login = GETPOST('search_login', 'alpha');
$search_email = GETPOST('search_email', 'alpha');
$type = GETPOST('type', 'intcomma');
$status = GETPOST('status', 'alpha');
$status = GETPOST('status', 'alpha');
$optioncss = GETPOST('optioncss', 'alpha');
$limit = GETPOST('limit', 'int') ?GETPOST('limit', 'int') : $conf->liste_limit;
$limit = GETPOST('limit', 'int') ? GETPOST('limit', 'int') : $conf->liste_limit;
$sortfield = GETPOST("sortfield", 'alpha');
$sortorder = GETPOST("sortorder", 'alpha');
$page = GETPOSTISSET('pageplusone') ? (GETPOST('pageplusone') - 1) : GETPOST("page", 'int');
@ -213,7 +214,8 @@ if ($action == 'confirm_delete' && $user->rights->adherent->configurer) {
$form = new Form($db);
$formproduct = new FormProduct($db);
$help_url = 'EN:Module_Foundations|FR:Module_Adh&eacute;rents|ES:M&oacute;dulo_Miembros';
$help_url = 'EN:Module_Foundations|FR:Module_Adh&eacute;rents|ES:M&oacute;dulo_Miembros|DE:Modul_Mitglieder';
llxHeader('', $langs->trans("MembersTypeSetup"), $help_url);
// List of members type
@ -564,6 +566,8 @@ if ($rowid > 0) {
$titre = $langs->trans("MembersListNotUpToDate");
} elseif ($status == '0') {
$titre = $langs->trans("MembersListResiliated");
} elseif ($status == '-2') {
$titre = $langs->trans("MembersListExcluded");
}
} elseif ($action == 'search') {
$titre = $langs->trans("MembersListQualified");

18
htdocs/adherents/type_translation.php
View File

@ -142,13 +142,16 @@ $result = $object->fetch($id);
*/
$title = $langs->trans('MemberTypeCard');
$helpurl = '';
$help_url = '';
$shortlabel = dol_trunc($object->label, 16);
$title = $langs->trans('MemberType')." ".$shortlabel." - ".$langs->trans('Translation');
$helpurl = 'EN:Module_Services_En|FR:Module_Services|ES:M&oacute;dulo_Servicios';
llxHeader('', $title, $helpurl);
$help_url = 'EN:Module_Services_En|FR:Module_Services|ES:M&oacute;dulo_Servicios|DE:Modul_Mitglieder';
llxHeader('', $title, $help_url);
$form = new Form($db);
$formadmin = new FormAdmin($db);
@ -175,12 +178,9 @@ print dol_get_fiche_end();
/* ************************************************************************** */
/* */
/* Barre d'action */
/* */
/* ************************************************************************** */
/*
* Action bar
*/
print "\n<div class=\"tabsAction\">\n";
if ($action == '') {

6
htdocs/adherents/vcard.php
View File

@ -3,7 +3,7 @@
* Copyright (C) 2004-2010 Laurent Destailleur <eldy@users.sourceforge.net>
* Copyright (C) 2005-2012 Regis Houssin <regis.houssin@inodbox.com>
* Copyright (C) 2020 Tobias Sekan <tobias.sekan@startmail.com>
* Copyright (C) 2020 Frédéric France <frederic.france@netlogic.fr>
* Copyright (C) 2020-2021 Frédéric France <frederic.france@netlogic.fr>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -20,9 +20,9 @@
*/
/**
* \file htdocs/adherent/vcard.php
* \file htdocs/adherents/vcard.php
* \ingroup societe
* \brief Onglet vcard d'un adherent
* \brief Vcard tab of a member
*/
require '../main.inc.php';

13
htdocs/admin/agenda_extrafields.php
View File

@ -94,12 +94,8 @@ if ($action != 'create' && $action != 'edit') {
}
/* ************************************************************************** */
/* */
/* Creation of an optional field */
/* */
/* ************************************************************************** */
// Creation of an optional field
if ($action == 'create') {
print '<br><div id="newattrib"></div>';
print load_fiche_titre($langs->trans('NewAttribute'));
@ -107,11 +103,8 @@ if ($action == 'create') {
require DOL_DOCUMENT_ROOT.'/core/tpl/admin_extrafields_add.tpl.php';
}
/* ************************************************************************** */
/* */
/* Edition of an optional field */
/* */
/* ************************************************************************** */
// Edition of an optional field
if ($action == 'edit' && !empty($attrname)) {
print "<br>";
print load_fiche_titre($langs->trans("FieldEdition", $attrname));

20
htdocs/admin/agenda_other.php
View File

@ -330,16 +330,6 @@ if (empty($conf->global->AGENDA_USE_EVENT_TYPE)) {
}
print '</td></tr>'."\n";
// AGENDA_DEFAULT_VIEW
print '<tr class="oddeven">'."\n";
$htmltext = $langs->trans("ThisValueCanOverwrittenOnUserLevel", $langs->transnoentitiesnoconv("UserGUISetup"));
print '<td>'.$form->textwithpicto($langs->trans("AGENDA_DEFAULT_VIEW"), $htmltext).'</td>'."\n";
print '<td class="center">&nbsp;</td>'."\n";
print '<td class="right">'."\n";
$tmplist = array(''=>'&nbsp;', 'show_list'=>$langs->trans("ViewList"), 'show_month'=>$langs->trans("ViewCal"), 'show_week'=>$langs->trans("ViewWeek"), 'show_day'=>$langs->trans("ViewDay"), 'show_peruser'=>$langs->trans("ViewPerUser"));
print $form->selectarray('AGENDA_DEFAULT_VIEW', $tmplist, $conf->global->AGENDA_DEFAULT_VIEW);
print '</td></tr>'."\n";
if (!empty($conf->global->AGENDA_USE_EVENT_TYPE)) {
print '<!-- AGENDA_USE_EVENT_TYPE_DEFAULT -->';
print '<tr class="oddeven">'."\n";
@ -350,6 +340,16 @@ if (!empty($conf->global->AGENDA_USE_EVENT_TYPE)) {
print '</td></tr>'."\n";
}
// AGENDA_DEFAULT_VIEW
print '<tr class="oddeven">'."\n";
$htmltext = $langs->trans("ThisValueCanOverwrittenOnUserLevel", $langs->transnoentitiesnoconv("UserGUISetup"));
print '<td>'.$form->textwithpicto($langs->trans("AGENDA_DEFAULT_VIEW"), $htmltext).'</td>'."\n";
print '<td class="center">&nbsp;</td>'."\n";
print '<td class="right">'."\n";
$tmplist = array(''=>'&nbsp;', 'show_list'=>$langs->trans("ViewList"), 'show_month'=>$langs->trans("ViewCal"), 'show_week'=>$langs->trans("ViewWeek"), 'show_day'=>$langs->trans("ViewDay"), 'show_peruser'=>$langs->trans("ViewPerUser"));
print $form->selectarray('AGENDA_DEFAULT_VIEW', $tmplist, $conf->global->AGENDA_DEFAULT_VIEW);
print '</td></tr>'."\n";
// AGENDA_EVENT_DEFAULT_STATUS
print '<tr class="oddeven">'."\n";
print '<td>'.$langs->trans("AGENDA_EVENT_DEFAULT_STATUS").'</td>'."\n";

2
htdocs/admin/barcode.php
View File

@ -121,7 +121,7 @@ if ($action == 'setcoder') {
$form = new Form($db);
$formbarcode = new FormBarCode($db);
$help_url = 'EN:Module_Barcode|FR:Module_Codes_Barre|ES:Módulo Código de barra';
$help_url = 'EN:Module_Barcode|FR:Module_Codes_Barre|ES:Módulo Código de barra|DE:Modul_Barcode';
llxHeader('', $langs->trans("BarcodeSetup"), $help_url);
$linkback = '<a href="'.DOL_URL_ROOT.'/admin/modules.php?restore_lastsearch_values=1">'.$langs->trans("BackToModuleList").'</a>';

4
htdocs/admin/boxes.php
View File

@ -49,8 +49,8 @@ $boxes = array();
*/
if ($action == 'addconst') {
dolibarr_set_const($db, "MAIN_BOXES_MAXLINES", $_POST["MAIN_BOXES_MAXLINES"], '', 0, '', $conf->entity);
dolibarr_set_const($db, "MAIN_ACTIVATE_FILECACHE", $_POST["MAIN_ACTIVATE_FILECACHE"], 'chaine', 0, '', $conf->entity);
dolibarr_set_const($db, "MAIN_BOXES_MAXLINES", GETPOST("MAIN_BOXES_MAXLINES", 'int'), '', 0, '', $conf->entity);
dolibarr_set_const($db, "MAIN_ACTIVATE_FILECACHE", GETPOST("MAIN_ACTIVATE_FILECACHE", 'alpha'), 'chaine', 0, '', $conf->entity);
}
if ($action == 'add') {

48
htdocs/admin/commande.php
View File

@ -9,6 +9,7 @@
* Copyright (C) 2011-2013 Juanjo Menent <jmenent@2byte.es>
* Copyright (C) 2011-2016 Philippe Grand <philippe.grand@atoo-net.com>
* Copyright (C) 2013 Florian Henry <florian.henry@open-concept.pro>
* Copyright (C) 2021 Frédéric France <frederic.france@netlogic.fr>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -642,7 +643,7 @@ print '</form>';
// Shippable Icon in List
/* Kept as hidden feature for the moment, result seems bugged.
Whet is definition of "shippable" according to all different STOCK_CALCULATE_... options ?
Where is definition of "shippable" according to all different STOCK_CALCULATE_... options ?
print '<tr class="oddeven">';
print '<td>'.$langs->trans("ShippableOrderIconInList").'</td>';
@ -657,65 +658,46 @@ if (!empty($conf->global->SHIPPABLE_ORDER_ICON_IN_LIST)) {
}
print '</a></td>';
print '</tr>';
*/
/*
// Seems to be not so used. So kept hidden for the moment to avoid dangerous options inflation.
// Ask for payment bank during order
if ($conf->banque->enabled)
{
if ($conf->banque->enabled) {
print '<tr class="oddeven"><td>';
print $langs->trans("BANK_ASK_PAYMENT_BANK_DURING_ORDER").'</td><td>&nbsp;</td><td class="center">';
if (! empty($conf->use_javascript_ajax))
{
if (! empty($conf->use_javascript_ajax)) {
print ajax_constantonoff('BANK_ASK_PAYMENT_BANK_DURING_ORDER');
}
else
{
if (empty($conf->global->BANK_ASK_PAYMENT_BANK_DURING_ORDER))
{
} else {
if (empty($conf->global->BANK_ASK_PAYMENT_BANK_DURING_ORDER)) {
print '<a href="'.$_SERVER['PHP_SELF'].'?action=set_BANK_ASK_PAYMENT_BANK_DURING_ORDER&amp;token='.newToken().'&amp;value=1">'.img_picto($langs->trans("Disabled"),'switch_off').'</a>';
}
else
{
} else {
print '<a href="'.$_SERVER['PHP_SELF'].'?action=set_BANK_ASK_PAYMENT_BANK_DURING_ORDER&amp;token='.newToken().'&amp;value=0">'.img_picto($langs->trans("Enabled"),'switch_on').'</a>';
}
}
print '</td></tr>';
}
else
{
} else {
print '<tr class="oddeven"><td>';
print $langs->trans("BANK_ASK_PAYMENT_BANK_DURING_ORDER").'</td><td>&nbsp;</td><td class="center">'.$langs->trans('NotAvailable').'</td></tr>';
}
// Ask for warehouse during order
if ($conf->stock->enabled)
{
if ($conf->stock->enabled) {
print '<tr class="oddeven"><td>';
print $langs->trans("WAREHOUSE_ASK_WAREHOUSE_DURING_ORDER").'</td><td>&nbsp;</td><td class="center">';
if (! empty($conf->use_javascript_ajax))
{
if (! empty($conf->use_javascript_ajax)) {
print ajax_constantonoff('WAREHOUSE_ASK_WAREHOUSE_DURING_ORDER');
}
else
{
if (empty($conf->global->WAREHOUSE_ASK_WAREHOUSE_DURING_ORDER))
{
} else {
if (empty($conf->global->WAREHOUSE_ASK_WAREHOUSE_DURING_ORDER)) {
print '<a href="'.$_SERVER['PHP_SELF'].'?action=set_WAREHOUSE_ASK_WAREHOUSE_DURING_ORDER&amp;token='.newToken().'&amp;value=1">'.img_picto($langs->trans("Disabled"),'switch_off').'</a>';
}
else
{
} else {
print '<a href="'.$_SERVER['PHP_SELF'].'?action=set_WAREHOUSE_ASK_WAREHOUSE_DURING_ORDER&amp;token='.newToken().'&amp;value=0">'.img_picto($langs->trans("Enabled"),'switch_on').'</a>';
}
}
print '</td></tr>';
}
else
{
} else {
print '<tr class="oddeven"><td>';
print $langs->trans("WAREHOUSE_ASK_WAREHOUSE_DURING_ORDER").'</td><td>&nbsp;</td><td class="center">'.$langs->trans('NotAvailable').'</td></tr>';
}

13
htdocs/admin/commande_fournisseur_dispatch_extrafields.php
View File

@ -99,12 +99,7 @@ if ($action != 'create' && $action != 'edit') {
}
/* ************************************************************************** */
/* */
/* Creation of an optional field */
/* */
/* ************************************************************************** */
// Creation of an optional field
if ($action == 'create') {
print "<br>";
print load_fiche_titre($langs->trans('NewAttribute'));
@ -112,11 +107,7 @@ if ($action == 'create') {
require DOL_DOCUMENT_ROOT.'/core/tpl/admin_extrafields_add.tpl.php';
}
/* ************************************************************************** */
/* */
/* Edition of an optional field */
/* */
/* ************************************************************************** */
// Edition of an optional field
if ($action == 'edit' && !empty($attrname)) {
print "<br>";
print load_fiche_titre($langs->trans("FieldEdition", $attrname));

4
htdocs/admin/company.php
View File

@ -211,7 +211,7 @@ if (($action == 'update' && !GETPOST("cancel", 'alpha'))
dolibarr_set_const($db, "FACTURE_LOCAL_TAX1_OPTION", $uselocaltax1, 'chaine', 0, '', $conf->entity);
dolibarr_set_const($db, "FACTURE_LOCAL_TAX2_OPTION", $uselocaltax2, 'chaine', 0, '', $conf->entity);
if ($_POST["optionlocaltax1"] == "localtax1on") {
if (GETPOST("optionlocaltax1") == "localtax1on") {
if (!GETPOSTISSET('lt1')) {
dolibarr_set_const($db, "MAIN_INFO_VALUE_LOCALTAX1", 0, 'chaine', 0, '', $conf->entity);
} else {
@ -219,7 +219,7 @@ if (($action == 'update' && !GETPOST("cancel", 'alpha'))
}
dolibarr_set_const($db, "MAIN_INFO_LOCALTAX_CALC1", GETPOST("clt1", 'aZ09'), 'chaine', 0, '', $conf->entity);
}
if ($_POST["optionlocaltax2"] == "localtax2on") {
if (GETPOST("optionlocaltax2") == "localtax2on") {
if (!GETPOSTISSET('lt2')) {
dolibarr_set_const($db, "MAIN_INFO_VALUE_LOCALTAX2", 0, 'chaine', 0, '', $conf->entity);
} else {

8
htdocs/admin/confexped.php
View File

@ -110,11 +110,11 @@ print '<td class="center">';
print $langs->trans("Required");
/*if (empty($conf->global->MAIN_SUBMODULE_EXPEDITION))
{
print '<a href="confexped.php?action=activate_sending">'.img_picto($langs->trans("Disabled"),'switch_off').'</a>';
print '<a href="confexped.php?action=activate_sending&token='.newToken().'">'.img_picto($langs->trans("Disabled"),'switch_off').'</a>';
}
else
{
print '<a href="confexped.php?action=disable_sending">'.img_picto($langs->trans("Enabled"),'switch_on').'</a>';
print '<a href="confexped.php?action=disable_sending&token='.newToken().'">'.img_picto($langs->trans("Enabled"),'switch_on').'</a>';
}*/
print "</td>";
print '</tr>';
@ -130,9 +130,9 @@ print '</td>';
print '<td class="center">';
if (empty($conf->global->MAIN_SUBMODULE_DELIVERY)) {
print '<a href="confexped.php?action=activate_delivery">'.img_picto($langs->trans("Disabled"), 'switch_off').'</a>';
print '<a href="'.$_SERVER["PHP_SELF"].'?action=activate_delivery&token='.newToken().'">'.img_picto($langs->trans("Disabled"), 'switch_off').'</a>';
} else {
print '<a href="confexped.php?action=disable_delivery">'.img_picto($langs->trans("Enabled"), 'switch_on').'</a>';
print '<a href="'.$_SERVER["PHP_SELF"].'?action=disable_delivery&token='.newToken().'">'.img_picto($langs->trans("Enabled"), 'switch_on').'</a>';
}
print "</td>";

2
htdocs/admin/const.php
View File

@ -237,7 +237,7 @@ $sql .= ", note";
$sql .= ", tms";
$sql .= ", entity";
$sql .= " FROM ".MAIN_DB_PREFIX."const";
$sql .= " WHERE entity IN (".$user->entity.",".$conf->entity.")";
$sql .= " WHERE entity IN (".$db->sanitize($user->entity.",".$conf->entity).")";
if ((empty($user->entity) || $user->admin) && $debug) {
} elseif (!GETPOST('visible') || GETPOST('visible') != 'all') {
// to force for superadmin to debug

3
htdocs/admin/dav.php
View File

@ -58,8 +58,9 @@ include DOL_DOCUMENT_ROOT.'/core/actions_setmoduleoptions.inc.php';
* View
*/
$help_url = 'EN:Module_DAV';
llxHeader('', $langs->trans("DAVSetup"), $wikihelp);
llxHeader('', $langs->trans("DAVSetup"), $help_url);
$linkback = '<a href="'.DOL_URL_ROOT.'/admin/modules.php?restore_lastsearch_values=1">'.$langs->trans("BackToModuleList").'</a>';
print load_fiche_titre($langs->trans("DAVSetup"), $linkback, 'title_setup');

2
htdocs/admin/delais.php
View File

@ -181,7 +181,7 @@ if ($action == 'update') {
}
}
dolibarr_set_const($db, "MAIN_DISABLE_METEO", $_POST["MAIN_DISABLE_METEO"], 'chaine', 0, '', $conf->entity);
dolibarr_set_const($db, "MAIN_DISABLE_METEO", GETPOST("MAIN_DISABLE_METEO"), 'chaine', 0, '', $conf->entity);
dolibarr_set_const($db, "MAIN_USE_METEO_WITH_PERCENTAGE", GETPOST("MAIN_USE_METEO_WITH_PERCENTAGE"), 'chaine', 0, '', $conf->entity);
// For update value with percentage

13
htdocs/admin/delivery_extrafields.php
View File

@ -96,12 +96,7 @@ if ($action != 'create' && $action != 'edit') {
}
/* ************************************************************************** */
/* */
/* Creation of an optional field */
/* */
/* ************************************************************************** */
// Creation of an optional field
if ($action == 'create') {
print '<br><div id="newattrib"></div>';
print load_fiche_titre($langs->trans('NewAttribute'));
@ -109,11 +104,7 @@ if ($action == 'create') {
require DOL_DOCUMENT_ROOT.'/core/tpl/admin_extrafields_add.tpl.php';
}
/* ************************************************************************** */
/* */
/* Edition of an optional field */
/* */
/* ************************************************************************** */
// Edition of an optional field
if ($action == 'edit' && !empty($attrname)) {
print "<br>";
print load_fiche_titre($langs->trans("FieldEdition", $attrname));

13
htdocs/admin/deliverydet_extrafields.php
View File

@ -97,12 +97,7 @@ if ($action != 'create' && $action != 'edit') {
}
/* ************************************************************************** */
/* */
/* Creation of an optional field */
/* */
/* ************************************************************************** */
// Creation of an optional field
if ($action == 'create') {
print '<br><div id="newattrib"></div>';
print load_fiche_titre($langs->trans('NewAttribute'));
@ -110,11 +105,7 @@ if ($action == 'create') {
require DOL_DOCUMENT_ROOT.'/core/tpl/admin_extrafields_add.tpl.php';
}
/* ************************************************************************** */
/* */
/* Edition of an optional field */
/* */
/* ************************************************************************** */
// Edition of an optional field
if ($action == 'edit' && !empty($attrname)) {
print "<br>";
print load_fiche_titre($langs->trans("FieldEdition", $attrname));

30
htdocs/admin/dict.php
View File

@ -44,7 +44,7 @@ require_once DOL_DOCUMENT_ROOT.'/core/lib/accounting.lib.php';
require_once DOL_DOCUMENT_ROOT.'/core/class/html.formaccounting.class.php';
// Load translation files required by the page
$langs->loadLangs(array("errors", "admin", "main", "companies", "resource", "holiday", "accountancy", "hrm", "orders", "contracts", "projects", "propal", "bills", "interventions"));
$langs->loadLangs(array("errors", "admin", "main", "companies", "resource", "holiday", "accountancy", "hrm", "orders", "contracts", "projects", "propal", "bills", "interventions", "ticket"));
$action = GETPOST('action', 'alpha') ?GETPOST('action', 'alpha') : 'view';
$confirm = GETPOST('confirm', 'alpha');
@ -788,7 +788,7 @@ if (GETPOST('actionadd') || GETPOST('actionmodify')) {
$msg .= $langs->transnoentities('ErrorFieldFormat', $langs->transnoentities('Code')).'<br>';
}*/
}
if (GETPOSTISSET("country") && ($_POST["country"] == '0') && ($id != 2)) {
if (GETPOSTISSET("country") && (GETPOST("country") == '0') && ($id != 2)) {
if (in_array($tablib[$id], array('DictionaryCompanyType', 'DictionaryHolidayTypes'))) { // Field country is no mandatory for such dictionaries
$_POST["country"] = '';
} else {
@ -796,25 +796,25 @@ if (GETPOST('actionadd') || GETPOST('actionmodify')) {
setEventMessages($langs->transnoentities("ErrorFieldRequired", $langs->transnoentities("Country")), null, 'errors');
}
}
if (($id == 3 || $id == 42) && !is_numeric($_POST["code"])) {
if (($id == 3 || $id == 42) && !is_numeric(GETPOST("code"))) {
$ok = 0;
setEventMessages($langs->transnoentities("ErrorFieldMustBeANumeric", $langs->transnoentities("Code")), null, 'errors');
}
// Clean some parameters
if ((!empty($_POST["localtax1_type"]) || ($_POST['localtax1_type'] == '0')) && empty($_POST["localtax1"])) {
if ((GETPOST("localtax1_type") || (GETPOST('localtax1_type') == '0')) && !GETPOST("localtax1")) {
$_POST["localtax1"] = '0'; // If empty, we force to 0
}
if ((!empty($_POST["localtax2_type"]) || ($_POST['localtax2_type'] == '0')) && empty($_POST["localtax2"])) {
if ((GETPOST("localtax2_type") || (GETPOST('localtax2_type') == '0')) && !GETPOST("localtax2")) {
$_POST["localtax2"] = '0'; // If empty, we force to 0
}
if ($_POST["accountancy_code"] <= 0) {
if (GETPOST("accountancy_code") <= 0) {
$_POST["accountancy_code"] = ''; // If empty, we force to null
}
if ($_POST["accountancy_code_sell"] <= 0) {
if (GETPOST("accountancy_code_sell") <= 0) {
$_POST["accountancy_code_sell"] = ''; // If empty, we force to null
}
if ($_POST["accountancy_code_buy"] <= 0) {
if (GETPOST("accountancy_code_buy") <= 0) {
$_POST["accountancy_code_buy"] = ''; // If empty, we force to null
}
if ($id == 10 && GETPOSTISSET("code")) { // Spaces are not allowed into code for tax dictionary
@ -1139,6 +1139,7 @@ if ($action == 'delete') {
}
//var_dump($elementList);
/*
* Show a dictionary
*/
@ -1397,6 +1398,9 @@ if ($id) {
if ($fieldlist[$field] == 'unit_type') {
$valuetoshow = $langs->trans('TypeOfUnit');
}
if ($fieldlist[$field] == 'public' && $tablib[$id] == 'TicketDictCategory') {
$valuetoshow = $langs->trans('TicketGroupIsPublic'); $class = 'center';
}
if ($id == 2) { // Special case for state page
if ($fieldlist[$field] == 'region_id') {
@ -1738,6 +1742,9 @@ if ($id) {
if ($fieldlist[$field] == 'unit_type') {
$valuetoshow = $langs->trans('TypeOfUnit');
}
if ($fieldlist[$field] == 'public' && $tablib[$id] == 'TicketDictCategory') {
$valuetoshow = $langs->trans('TicketGroupIsPublic'); $cssprefix = 'center ';
}
if ($fieldlist[$field] == 'region_id' || $fieldlist[$field] == 'country_id') {
$showfield = 0;
@ -1984,6 +1991,9 @@ if ($id) {
if ($fieldlist[$field] == 'use_default') {
$class .= ' center';
}
if ($fieldlist[$field] == 'public') {
$class .= ' center';
}
// Show value for field
if ($showfield) {
print '<!-- '.$fieldlist[$field].' --><td class="'.$class.'">'.$valuetoshow.'</td>';
@ -2343,10 +2353,10 @@ function fieldList($fieldlist, $obj = '', $tabname = '', $context = '')
if ($fieldlist[$field] == 'code') {
$class = 'maxwidth100';
}
if (in_array($fieldlist[$field], array('dayrule', 'day', 'month', 'year', 'pos', 'use_default', 'affect', 'delay', 'position', 'sortorder', 'sens', 'category_type'))) {
if (in_array($fieldlist[$field], array('dayrule', 'day', 'month', 'year', 'pos', 'use_default', 'affect', 'delay', 'position', 'public', 'sortorder', 'sens', 'category_type'))) {
$class = 'maxwidth50 center';
}
if (in_array($fieldlist[$field], array('use_default'))) {
if (in_array($fieldlist[$field], array('use_default', 'public'))) {
$classtd = 'center';
}
if (in_array($fieldlist[$field], array('libelle', 'label', 'tracking'))) {

1
htdocs/admin/dolistore/ajax/index.html Normal file
View File

@ -0,0 +1 @@

13
htdocs/admin/ecm_directories_extrafields.php
View File

@ -96,23 +96,14 @@ if ($action != 'create' && $action != 'edit') {
}
/* ************************************************************************** */
/* */
/* Creation of an optional field */
/* */
/* ************************************************************************** */
// Creation of an optional field
if ($action == 'create') {
print '<br><div id="newattrib"></div>';
print load_fiche_titre($langs->trans('NewAttribute'));
require DOL_DOCUMENT_ROOT.'/core/tpl/admin_extrafields_add.tpl.php';
}
/* ************************************************************************** */
/* */
/* Edition of an optional field */
/* */
/* ************************************************************************** */
// Edition of an optional field
if ($action == 'edit' && !empty($attrname)) {
print "<br>";
print load_fiche_titre($langs->trans("FieldEdition", $attrname));

13
htdocs/admin/ecm_files_extrafields.php
View File

@ -96,23 +96,14 @@ if ($action != 'create' && $action != 'edit') {
}
/* ************************************************************************** */
/* */
/* Creation of an optional field */
/* */
/* ************************************************************************** */
// Creation of an optional field
if ($action == 'create') {
print '<br><div id="newattrib"></div>';
print load_fiche_titre($langs->trans('NewAttribute'));
require DOL_DOCUMENT_ROOT.'/core/tpl/admin_extrafields_add.tpl.php';
}
/* ************************************************************************** */
/* */
/* Edition of an optional field */
/* */
/* ************************************************************************** */
// Edition of an optional field
if ($action == 'edit' && !empty($attrname)) {
print "<br>";
print load_fiche_titre($langs->trans("FieldEdition", $attrname));

4
htdocs/admin/eventorganization.php
View File

@ -201,7 +201,7 @@ if ($action == 'edit') {
print '<input type="hidden" name="action" value="update">';
print '<table class="noborder centpercent">';
print '<tr class="liste_titre"><td class="titlefield">'.$langs->trans("Parameter").'</td><td>'.$langs->trans("Value").'</td></tr>';
print '<tr class="liste_titre"><td class="titlefieldcreate">'.$langs->trans("Parameter").'</td><td>'.$langs->trans("Value").'</td></tr>';
foreach ($arrayofparameters as $constname => $val) {
if ($val['enabled']==1) {
@ -266,7 +266,7 @@ if ($action == 'edit') {
} else {
if (!empty($arrayofparameters)) {
print '<table class="noborder centpercent">';
print '<tr class="liste_titre"><td class="titlefield">'.$langs->trans("Parameter").'</td><td>'.$langs->trans("Value").'</td></tr>';
print '<tr class="liste_titre"><td class="titlefieldcreate">'.$langs->trans("Parameter").'</td><td>'.$langs->trans("Value").'</td></tr>';
foreach ($arrayofparameters as $constname => $val) {
if ($val['enabled']==1) {

2
htdocs/admin/eventorganization_confbooth_extrafields.php
View File

@ -60,7 +60,7 @@ require DOL_DOCUMENT_ROOT.'/core/actions_extrafields.inc.php';
*/
llxHeader('', $langs->trans("EventOrganizationSetup"), $help_url);
llxHeader('', $langs->trans("EventOrganizationSetup"));
$linkback = '<a href="'.DOL_URL_ROOT.'/admin/modules.php?restore_lastsearch_values=1">'.$langs->trans("BackToModuleList").'</a>';

14
htdocs/admin/expedition_extrafields.php
View File

@ -95,13 +95,7 @@ if ($action != 'create' && $action != 'edit') {
print "</div>";
}
/* ************************************************************************** */
/* */
/* Creation of an optional field */
/* */
/* ************************************************************************** */
// Creation of an optional field
if ($action == 'create') {
print '<br><div id="newattrib"></div>';
print load_fiche_titre($langs->trans('NewAttribute'));
@ -109,11 +103,7 @@ if ($action == 'create') {
require DOL_DOCUMENT_ROOT.'/core/tpl/admin_extrafields_add.tpl.php';
}
/* ************************************************************************** */
/* */
/* Edition of an optional field */
/* */
/* ************************************************************************** */
// Edition of an optional field
if ($action == 'edit' && !empty($attrname)) {
print "<br>";
print load_fiche_titre($langs->trans("FieldEdition", $attrname));

13
htdocs/admin/expeditiondet_extrafields.php
View File

@ -97,12 +97,7 @@ if ($action != 'create' && $action != 'edit') {
}
/* ************************************************************************** */
/* */
/* Creation of an optional field */
/* */
/* ************************************************************************** */
// Creation of an optional field
if ($action == 'create') {
print '<br><div id="newattrib"></div>';
print load_fiche_titre($langs->trans('NewAttribute'));
@ -110,11 +105,7 @@ if ($action == 'create') {
require DOL_DOCUMENT_ROOT.'/core/tpl/admin_extrafields_add.tpl.php';
}
/* ************************************************************************** */
/* */
/* Edition of an optional field */
/* */
/* ************************************************************************** */
// Edition of an optional field
if ($action == 'edit' && !empty($attrname)) {
print "<br>";
print load_fiche_titre($langs->trans("FieldEdition", $attrname));

12
htdocs/admin/expensereport_extrafields.php
View File

@ -90,12 +90,8 @@ if ($action != 'create' && $action != 'edit') {
}
/* ************************************************************************** */
/* */
/* Creation of an optional field */
/* */
/* ************************************************************************** */
// Creation of an optional field
if ($action == 'create') {
print '<br><div id="newattrib"></div>';
print load_fiche_titre($langs->trans('NewAttribute'));
@ -103,11 +99,7 @@ if ($action == 'create') {
require DOL_DOCUMENT_ROOT.'/core/tpl/admin_extrafields_add.tpl.php';
}
/* ************************************************************************** */
/* */
/* Edition of an optional field */
/* */
/* ************************************************************************** */
// Edition of an optional field
if ($action == 'edit' && !empty($attrname)) {
print "<br>";
print load_fiche_titre($langs->trans("FieldEdition", $attrname));

28
htdocs/admin/external_rss.php
View File

@ -41,7 +41,6 @@ if (!$user->admin) {
accessforbidden();
}
$def = array();
$lastexternalrss = 0;
$action = GETPOST('action', 'aZ09');
@ -56,6 +55,7 @@ $sql .= " WHERE ".$db->decrypt('name')." LIKE 'EXTERNAL_RSS_URLRSS_%'";
//print $sql;
$result = $db->query($sql); // We can't use SELECT MAX() because EXTERNAL_RSS_URLRSS_10 is lower than EXTERNAL_RSS_URLRSS_9
if ($result) {
$reg = array();
while ($obj = $db->fetch_object($result)) {
preg_match('/([0-9]+)$/i', $obj->name, $reg);
if ($reg[1] && $reg[1] > $lastexternalrss) {
@ -70,17 +70,17 @@ if ($action == 'add' || GETPOST("modify")) {
$external_rss_title = "external_rss_title_".GETPOST("norss", 'int');
$external_rss_urlrss = "external_rss_urlrss_".GETPOST("norss", 'int');
if (!empty($_POST[$external_rss_urlrss])) {
if (GETPOST($external_rss_urlrss, 'alpha')) {
$boxlabel = '(ExternalRSSInformations)';
//$external_rss_url = "external_rss_url_" . $_POST["norss"];
//$external_rss_url = "external_rss_url_" . GETPOST("norss");
$db->begin();
if ($_POST["modify"]) {
if (GETPOST("modify")) {
// Supprime boite box_external_rss de definition des boites
/* $sql = "UPDATE ".MAIN_DB_PREFIX."boxes_def";
$sql.= " SET name = '".$db->escape($boxlabel)."'";
$sql.= " WHERE file ='box_external_rss.php' AND note like '".$db->escape($_POST["norss"])." %'";
$sql.= " WHERE file ='box_external_rss.php' AND note like '".$db->escape(GETPOST("norss"))." %'";
$resql=$db->query($sql);
if (! $resql)
@ -95,13 +95,17 @@ if ($action == 'add' || GETPOST("modify")) {
$sql .= " VALUES ('box_external_rss.php','".$db->escape(GETPOST("norss", 'int').' ('.GETPOST($external_rss_title, 'alpha')).")')";
if (!$db->query($sql)) {
dol_print_error($db);
$err++;
$error++;
}
//print $sql;exit;
}
$result1 = dolibarr_set_const($db, "EXTERNAL_RSS_TITLE_".GETPOST("norss", 'int'), GETPOST($external_rss_title, 'alpha'), 'chaine', 0, '', $conf->entity);
if ($result1) {
$result2 = dolibarr_set_const($db, "EXTERNAL_RSS_URLRSS_".GETPOST("norss", 'int'), GETPOST($external_rss_urlrss, 'alpha'), 'chaine', 0, '', $conf->entity);
$consttosave = "EXTERNAL_RSS_URLRSS_".GETPOST("norss", 'int');
$urltosave = GETPOST($external_rss_urlrss, 'alpha');
$result2 = dolibarr_set_const($db, $consttosave, $urltosave, 'chaine', 0, '', $conf->entity);
//var_dump($result2);exit;
}
if ($result1 && $result2) {
@ -115,7 +119,7 @@ if ($action == 'add' || GETPOST("modify")) {
}
}
if ($_POST["delete"]) {
if (GETPOST("delete")) {
if (GETPOST("norss", 'int')) {
$db->begin();
@ -258,14 +262,14 @@ if ($resql) {
print '<tr class="oddeven">';
print "<td width=\"100px\">".$langs->trans("Title")."</td>";
print "<td><input type=\"text\" class=\"flat minwidth300\" name=\"external_rss_title_".$idrss."\" value=\"".dol_escape_htmltag($conf->global->$keyrsstitle)."\"></td>";
print '<td class="titlefield">'.$langs->trans("Title")."</td>";
print '<td><input type="text" class="flat minwidth300" name="external_rss_title_'.$idrss.'" value="'.dol_escape_htmltag($conf->global->$keyrsstitle).'"></td>';
print '</tr>'."\n";
print '<tr class="oddeven">';
print "<td>".$langs->trans("URL")."</td>";
print "<td><input type=\"text\" class=\"flat minwidth300\" name=\"external_rss_urlrss_".$idrss."\" value=\"".dol_escape_htmltag($conf->global->$keyrssurl)."\"></td>";
print '<td><input type="text" class="flat minwidth300" name="external_rss_urlrss_'.$idrss.'" value="'.dol_escape_htmltag($conf->global->$keyrssurl).'"></td>';
print '</tr>'."\n";
@ -307,7 +311,7 @@ if ($resql) {
// Active
$active = _isInBoxList($idrss, $boxlist) ? 'yes' : 'no';
print '<tr class="oddeven">';
print '<td>'.$langs->trans('WidgetEnabled').'</td>';
print '<td>'.$langs->trans('WidgetAvailable').'</td>';
print '<td>'.yn($active).'</td>';
print '</tr>'."\n";

6
htdocs/admin/fckeditor.php
View File

@ -89,7 +89,7 @@ $picto = array(
*/
foreach ($modules as $const => $desc) {
if ($action == 'activate_'.strtolower($const)) {
if ($action == 'enable_'.strtolower($const)) {
dolibarr_set_const($db, "FCKEDITOR_ENABLE_".$const, "1", 'chaine', 0, '', $conf->entity);
// If fckeditor is active in the product/service description, it is activated in the forms
if ($const == 'PRODUCTDESC' && !empty($conf->global->PRODUIT_DESC_IN_FORM)) {
@ -166,9 +166,9 @@ if (empty($conf->use_javascript_ajax)) {
$constante = 'FCKEDITOR_ENABLE_'.$const;
$value = (isset($conf->global->$constante) ? $conf->global->$constante : 0);
if ($value == 0) {
print '<a href="'.$_SERVER['PHP_SELF'].'?action=activate_'.strtolower($const).'">'.img_picto($langs->trans("Disabled"), 'switch_off').'</a>';
print '<a href="'.$_SERVER['PHP_SELF'].'?action=enable_'.strtolower($const).'&token='.newToken().'">'.img_picto($langs->trans("Disabled"), 'switch_off').'</a>';
} elseif ($value == 1) {
print '<a href="'.$_SERVER['PHP_SELF'].'?action=disable_'.strtolower($const).'">'.img_picto($langs->trans("Enabled"), 'switch_on').'</a>';
print '<a href="'.$_SERVER['PHP_SELF'].'?action=disable_'.strtolower($const).'&token='.newToken().'">'.img_picto($langs->trans("Enabled"), 'switch_on').'</a>';
}
print "</td>";

14
htdocs/admin/holiday_extrafields.php
View File

@ -90,12 +90,7 @@ if ($action != 'create' && $action != 'edit') {
}
/* ************************************************************************** */
/* */
/* Creation of an optional field */
/* */
/* ************************************************************************** */
// Creation of an optional field
if ($action == 'create') {
print '<br><div id="newattrib"></div>';
print load_fiche_titre($langs->trans('NewAttribute'));
@ -103,11 +98,8 @@ if ($action == 'create') {
require DOL_DOCUMENT_ROOT.'/core/tpl/admin_extrafields_add.tpl.php';
}
/* ************************************************************************** */
/* */
/* Edition of an optional field */
/* */
/* ************************************************************************** */
// Edition of an optional field
if ($action == 'edit' && !empty($attrname)) {
print "<br>";
print load_fiche_titre($langs->trans("FieldEdition", $attrname));

2
htdocs/admin/ihm.php
View File

@ -96,7 +96,7 @@ if ($action == 'removebackgroundlogin' && !empty($conf->global->MAIN_LOGIN_BACKG
if ($action == 'update') {
dolibarr_set_const($db, "MAIN_LANG_DEFAULT", GETPOST("MAIN_LANG_DEFAULT", 'aZ09'), 'chaine', 0, '', $conf->entity);
dolibarr_set_const($db, "MAIN_IHM_PARAMS_REV", (int) $conf->global->MAIN_IHM_PARAMS_REV + 1, 'chaine', 0, '', $conf->entity);
//dolibarr_set_const($db, "MAIN_MULTILANGS", $_POST["MAIN_MULTILANGS"], 'chaine', 0, '', $conf->entity);
//dolibarr_set_const($db, "MAIN_MULTILANGS", GETPOST("MAIN_MULTILANGS"), 'chaine', 0, '', $conf->entity);
dolibarr_set_const($db, "MAIN_THEME", GETPOST("main_theme", 'aZ09'), 'chaine', 0, '', $conf->entity);

6
htdocs/admin/index.php
View File

@ -81,7 +81,7 @@ print '<br>';
if (empty($conf->global->MAIN_INFO_SOCIETE_NOM) || empty($conf->global->MAIN_INFO_SOCIETE_COUNTRY)) {
$setupcompanynotcomplete = 1;
}
print img_picto('', 'puce').' '.$langs->trans("SetupDescription3", DOL_URL_ROOT.'/admin/company.php?mainmenu=home'.(empty($setupcompanynotcomplete) ? '' : '&action=edit'), $langs->transnoentities("Setup"), $langs->transnoentities("MenuCompanySetup"));
print img_picto('', 'company', 'class="paddingright"').' '.$langs->trans("SetupDescription3", DOL_URL_ROOT.'/admin/company.php?mainmenu=home'.(empty($setupcompanynotcomplete) ? '' : '&action=edit'), $langs->transnoentities("Setup"), $langs->transnoentities("MenuCompanySetup"));
if (!empty($setupcompanynotcomplete)) {
$langs->load("errors");
$warnpicto = img_warning($langs->trans("WarningMandatorySetupNotComplete"), 'style="padding-right: 6px;"');
@ -92,8 +92,8 @@ print '<br>';
print '<br>';
// Show info setup module
print img_picto('', 'puce').' '.$langs->trans("SetupDescription4", DOL_URL_ROOT.'/admin/modules.php?mainmenu=home', $langs->transnoentities("Setup"), $langs->transnoentities("Modules"));
if (count($conf->modules) <= (empty($conf->global->MAIN_MIN_NB_ENABLED_MODULE_FOR_WARNING) ? 1 : $conf->global->MAIN_MIN_NB_ENABLED_MODULE_FOR_WARNING)) { // If only user module enabled
print img_picto('', 'cog', 'class="paddingright"').' '.$langs->trans("SetupDescription4", DOL_URL_ROOT.'/admin/modules.php?mainmenu=home', $langs->transnoentities("Setup"), $langs->transnoentities("Modules"));
if (count($conf->modules) <= (empty($conf->global->MAIN_MIN_NB_ENABLED_MODULE_FOR_WARNING) ? 1 : $conf->global->MAIN_MIN_NB_ENABLED_MODULE_FOR_WARNING)) { // If only minimal initial modules enabled
$langs->load("errors");
$warnpicto = img_warning($langs->trans("WarningEnableYourModulesApplications"), 'style="padding-right: 6px;"');
print '<br><div class="warning"><a href="'.DOL_URL_ROOT.'/admin/modules.php?mainmenu=home">'.$warnpicto.$langs->trans("WarningEnableYourModulesApplications").'</a></div>';

22
htdocs/admin/mailman.php
View File

@ -46,21 +46,27 @@ $action = GETPOST('action', 'aZ09');
$testsubscribeemail = GETPOST("testsubscribeemail");
$testunsubscribeemail = GETPOST("testunsubscribeemail");
$error = 0;
/*
* Actions
*/
// Action updated or added a constant
if ($action == 'update' || $action == 'add') {
foreach ($_POST['constname'] as $key => $val) {
$constname = $_POST["constname"][$key];
$constvalue = $_POST["constvalue"][$key];
$consttype = $_POST["consttype"][$key];
$constnote = $_POST["constnote"][$key];
$res = dolibarr_set_const($db, $constname, $constvalue, $type[$consttype], 0, $constnote, $conf->entity);
$tmparray = GETPOST('constname', 'array');
if (is_array($tmparray)) {
foreach ($tmparray as $key => $val) {
$constname = $tmparray[$key];
$constvalue = $tmparray[$key];
$consttype = $tmparray[$key];
$constnote = $tmparray[$key];
$res = dolibarr_set_const($db, $constname, $constvalue, $type[$consttype], 0, $constnote, $conf->entity);
if (!($res > 0)) {
$error++;
if (!($res > 0)) {
$error++;
}
}
}

12
htdocs/admin/mails.php
View File

@ -562,9 +562,9 @@ if ($action == 'edit') {
if (empty($conf->global->MAIN_DISABLE_ALL_MAILS)) {
// Force e-mail recipient
print '<tr class="oddeven"><td>'.$langs->trans("MAIN_MAIL_FORCE_SENDTO").'</td><td>'.$conf->global->MAIN_MAIL_FORCE_SENDTO;
if (!empty($conf->global->MAIN_MAIL_FORCE_SENDTO)) {
if (!isValidEmail($conf->global->MAIN_MAIL_FORCE_SENDTO)) {
print '<tr class="oddeven"><td>'.$langs->trans("MAIN_MAIL_FORCE_SENDTO").'</td><td>'.getDolGlobalString('MAIN_MAIL_FORCE_SENDTO');
if (!empty(getDolGlobalString('MAIN_MAIL_FORCE_SENDTO'))) {
if (!isValidEmail(getDolGlobalString('MAIN_MAIL_FORCE_SENDTO'))) {
print img_warning($langs->trans("ErrorBadEMail"));
} else {
print img_warning($langs->trans("RecipientEmailsWillBeReplacedWithThisValue"));
@ -677,17 +677,17 @@ if ($action == 'edit') {
// Domain
print '<tr class="oddeven"><td>'.$langs->trans("MAIN_MAIL_EMAIL_DKIM_DOMAIN").'</td>';
print '<td>'.$conf->global->MAIN_MAIL_EMAIL_DKIM_DOMAIN;
print '<td>'.getDolGlobalString('MAIN_MAIL_EMAIL_DKIM_DOMAIN');
print '</td></tr>';
// Selector
print '<tr class="oddeven"><td>'.$langs->trans("MAIN_MAIL_EMAIL_DKIM_SELECTOR").'</td>';
print '<td>'.$conf->global->MAIN_MAIL_EMAIL_DKIM_SELECTOR;
print '<td>'.getDolGlobalString('MAIN_MAIL_EMAIL_DKIM_SELECTOR');
print '</td></tr>';
// PRIVATE KEY
print '<tr class="oddeven"><td>'.$langs->trans("MAIN_MAIL_EMAIL_DKIM_PRIVATE_KEY").'</td>';
print '<td>'.$conf->global->MAIN_MAIL_EMAIL_DKIM_PRIVATE_KEY;
print '<td>'.getDolGlobalString('MAIN_MAIL_EMAIL_DKIM_PRIVATE_KEY');
print '</td></tr>';
}

Some files were not shown because too many files have changed in this diff Show More