lainwir3d/dolibarr
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge branch 'develop' of github.com:OPEN-DSI/dolibarr into new-propal-signature-date-and-user

Browse Source
This commit is contained in:
lvessiller 2021-03-30 08:19:54 +02:00
commit 85fff685db
257 changed files with 3338 additions and 1694 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
ChangeLog
View File

@ -7,6 +7,7 @@ English Dolibarr ChangeLog
For users:
----------
NEW: Several security issues after a second private bug bounty campaign.
For developers:

2
htdocs/accountancy/admin/index.php
View File

@ -81,7 +81,7 @@ if ($action == 'update') {
$constvalue = GETPOST($constname, 'alpha');
if ($constname == 'ACCOUNTING_DATE_START_BINDING') {
$constvalue = dol_mktime(12, 0, 0, GETPOST($constname.'month', 'int'), GETPOST($constname.'day', 'int'), GETPOST($constname.'year', 'int'));
$constvalue = dol_mktime(0, 0, 0, GETPOST($constname.'month', 'int'), GETPOST($constname.'day', 'int'), GETPOST($constname.'year', 'int'));
}
if (!dolibarr_set_const($db, $constname, $constvalue, 'chaine', 0, '', $conf->entity)) {

140
htdocs/accountancy/admin/productaccount.php
View File

@ -1,6 +1,6 @@
<?php
/* Copyright (C) 2013-2014 Olivier Geffroy <jeff@jeffinfo.com>
* Copyright (C) 2013-2020 Alexandre Spangaro <aspangaro@open-dsi.fr>
* Copyright (C) 2013-2021 Alexandre Spangaro <aspangaro@open-dsi.fr>
* Copyright (C) 2014 Florian Henry <florian.henry@open-concept.pro>
* Copyright (C) 2014 Juanjo Menent <jmenent@2byte.es>
* Copyright (C) 2015 Ari Elbaz (elarifr) <github@accedinfo.com>
@ -98,6 +98,28 @@ if (empty($action)) {
$arrayfields = array();
$accounting_product_modes = array(
'ACCOUNTANCY_SELL',
'ACCOUNTANCY_SELL_INTRA',
'ACCOUNTANCY_SELL_EXPORT',
'ACCOUNTANCY_BUY',
'ACCOUNTANCY_BUY_INTRA',
'ACCOUNTANCY_BUY_EXPORT'
);
if ($accounting_product_mode == 'ACCOUNTANCY_BUY') {
$accountancy_field_name = "accountancy_code_buy";
} elseif ($accounting_product_mode == 'ACCOUNTANCY_BUY_INTRA') {
$accountancy_field_name = "accountancy_code_buy_intra";
} elseif ($accounting_product_mode == 'ACCOUNTANCY_BUY_EXPORT') {
$accountancy_field_name = "accountancy_code_buy_export";
} elseif ($accounting_product_mode == 'ACCOUNTANCY_SELL') {
$accountancy_field_name = "accountancy_code_sell";
} elseif ($accounting_product_mode == 'ACCOUNTANCY_SELL_INTRA') {
$accountancy_field_name = "accountancy_code_sell_intra";
} else { // $accounting_product_mode == 'ACCOUNTANCY_SELL_EXPORT'
$accountancy_field_name = "accountancy_code_sell_export";
}
/*
* Actions
@ -133,15 +155,6 @@ if ($action == 'update') {
if (!empty($btn_changetype)) {
$error = 0;
$accounting_product_modes = array(
'ACCOUNTANCY_SELL',
'ACCOUNTANCY_SELL_INTRA',
'ACCOUNTANCY_SELL_EXPORT',
'ACCOUNTANCY_BUY',
'ACCOUNTANCY_BUY_INTRA',
'ACCOUNTANCY_BUY_EXPORT'
);
if (in_array($accounting_product_mode, $accounting_product_modes)) {
if (!dolibarr_set_const($db, 'ACCOUNTING_PRODUCT_MODE', $accounting_product_mode, 'chaine', 0, '', $conf->entity)) {
$error++;
@ -153,7 +166,7 @@ if ($action == 'update') {
if (!empty($btn_changeaccount)) {
//$msg = '<div><span class="accountingprocessing">' . $langs->trans("Processing") . '...</span></div>';
if (!empty($chk_prod)) {
if (!empty($chk_prod) && in_array($accounting_product_mode, $accounting_product_modes)) {
$accounting = new AccountingAccount($db);
//$msg .= '<div><span class="accountingprocessing">' . count($chk_prod) . ' ' . $langs->trans("SelectedLines") . '</span></div>';
@ -175,26 +188,15 @@ if ($action == 'update') {
} else {
$db->begin();
$sql = " UPDATE ".MAIN_DB_PREFIX."product";
if ($accounting_product_mode == 'ACCOUNTANCY_BUY') {
$sql .= " SET accountancy_code_buy = ".$accounting->account_number;
if (!empty($conf->global->MAIN_PRODUCT_PERENTITY_SHARED)) {
$sql = "INSERT INTO ".MAIN_DB_PREFIX."product_perentity (fk_product, entity, '".$db->escape($accountancy_field_name)."')";
$sql .= " VALUES (".((int) $productid).", ".((int) $conf->entity).", '".$db->escape($accounting->account_number)."')";
$sql .= " ON DUPLICATE KEY UPDATE ".$accountancy_field_name." = '".$db->escape($accounting->account_number)."'";
} else {
$sql = " UPDATE ".MAIN_DB_PREFIX."product";
$sql .= " SET ".$accountancy_field_name." = '".$db->escape($accounting->account_number)."'";
$sql .= " WHERE rowid = ".((int) $productid);
}
if ($accounting_product_mode == 'ACCOUNTANCY_BUY_INTRA') {
$sql .= " SET accountancy_code_buy_intra = ".$accounting->account_number;
}
if ($accounting_product_mode == 'ACCOUNTANCY_BUY_EXPORT') {
$sql .= " SET accountancy_code_buy_export = ".$accounting->account_number;
}
if ($accounting_product_mode == 'ACCOUNTANCY_SELL') {
$sql .= " SET accountancy_code_sell = ".$accounting->account_number;
}
if ($accounting_product_mode == 'ACCOUNTANCY_SELL_INTRA') {
$sql .= " SET accountancy_code_sell_intra = ".$accounting->account_number;
}
if ($accounting_product_mode == 'ACCOUNTANCY_SELL_EXPORT') {
$sql .= " SET accountancy_code_sell_export = ".$accounting->account_number;
}
$sql .= " WHERE rowid = ".((int) $productid);
dol_syslog("/accountancy/admin/productaccount.php sql=".$sql, LOG_DEBUG);
if ($db->query($sql)) {
@ -267,50 +269,25 @@ if (empty($pcgvercode)) {
}
$sql = "SELECT p.rowid, p.ref, p.label, p.description, p.tosell, p.tobuy, p.tva_tx,";
$sql .= " p.accountancy_code_sell, p.accountancy_code_sell_intra, p.accountancy_code_sell_export,";
$sql .= " p.accountancy_code_buy, p.accountancy_code_buy_intra, p.accountancy_code_buy_export,";
if (!empty($conf->global->MAIN_PRODUCT_PERENTITY_SHARED)) {
$sql .= " pa.accountancy_code_sell, pa.accountancy_code_sell_intra, pa.accountancy_code_sell_export,";
$sql .= " pa.accountancy_code_buy, pa.accountancy_code_buy_intra, pa.accountancy_code_buy_export,";
} else {
$sql .= " p.accountancy_code_sell, p.accountancy_code_sell_intra, p.accountancy_code_sell_export,";
$sql .= " p.accountancy_code_buy, p.accountancy_code_buy_intra, p.accountancy_code_buy_export,";
}
$sql .= " p.tms, p.fk_product_type as product_type,";
$sql .= " aa.rowid as aaid";
$sql .= " FROM ".MAIN_DB_PREFIX."product as p";
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."accounting_account as aa ON";
if ($accounting_product_mode == 'ACCOUNTANCY_BUY') {
$sql .= " p.accountancy_code_buy = aa.account_number AND aa.fk_pcg_version = '".$db->escape($pcgvercode)."'";
} elseif ($accounting_product_mode == 'ACCOUNTANCY_BUY_INTRA') {
$sql .= " p.accountancy_code_buy_intra = aa.account_number AND aa.fk_pcg_version = '".$db->escape($pcgvercode)."'";
} elseif ($accounting_product_mode == 'ACCOUNTANCY_BUY_EXPORT') {
$sql .= " p.accountancy_code_buy_export = aa.account_number AND aa.fk_pcg_version = '".$db->escape($pcgvercode)."'";
} elseif ($accounting_product_mode == 'ACCOUNTANCY_SELL') {
$sql .= " p.accountancy_code_sell = aa.account_number AND aa.fk_pcg_version = '".$db->escape($pcgvercode)."'";
} elseif ($accounting_product_mode == 'ACCOUNTANCY_SELL_INTRA') {
$sql .= " p.accountancy_code_sell_intra = aa.account_number AND aa.fk_pcg_version = '".$db->escape($pcgvercode)."'";
if (!empty($conf->global->MAIN_PRODUCT_PERENTITY_SHARED)) {
$sql .= " LEFT JOIN " . MAIN_DB_PREFIX . "product_accounting as pa ON pa.fk_product = p.rowid AND pa.entity = " . ((int) $conf->entity);
$sql .= " LEFT JOIN " . MAIN_DB_PREFIX . "accounting_account as aa ON aa.account_number = pa." . $accountancy_field_name . " AND aa.fk_pcg_version = '" . $db->escape($pcgvercode) . "'";
} else {
$sql .= " p.accountancy_code_sell_export = aa.account_number AND aa.fk_pcg_version = '".$db->escape($pcgvercode)."'";
$sql .= " LEFT JOIN " . MAIN_DB_PREFIX . "accounting_account as aa ON aa.account_number = p." . $accountancy_field_name . " AND aa.fk_pcg_version = '" . $db->escape($pcgvercode) . "'";
}
$sql .= ' WHERE p.entity IN ('.getEntity('product').')';
if ($accounting_product_mode == 'ACCOUNTANCY_BUY') {
if (strlen(trim($search_current_account))) {
$sql .= natural_search("p.accountancy_code_buy", $search_current_account);
}
} elseif ($accounting_product_mode == 'ACCOUNTANCY_BUY_INTRA') {
if (strlen(trim($search_current_account))) {
$sql .= natural_search("p.accountancy_code_buy_intra", $search_current_account);
}
} elseif ($accounting_product_mode == 'ACCOUNTANCY_BUY_EXPORT') {
if (strlen(trim($search_current_account))) {
$sql .= natural_search("p.accountancy_code_buy_export", $search_current_account);
}
} elseif ($accounting_product_mode == 'ACCOUNTANCY_SELL') {
if (strlen(trim($search_current_account))) {
$sql .= natural_search("p.accountancy_code_sell", $search_current_account);
}
} elseif ($accounting_product_mode == 'ACCOUNTANCY_SELL_INTRA') {
if (strlen(trim($search_current_account))) {
$sql .= natural_search("p.accountancy_code_sell_intra", $search_current_account);
}
} else {
if (strlen(trim($search_current_account))) {
$sql .= natural_search("p.accountancy_code_sell_export", $search_current_account);
}
if (strlen(trim($search_current_account))) {
$sql .= natural_search((!empty($conf->global->MAIN_PRODUCT_PERENTITY_SHARED) ? "pa." : "p.") . $accountancy_field_name, $search_current_account);
}
if ($search_current_account_valid == 'withoutvalidaccount') {
$sql .= " AND aa.account_number IS NULL";
@ -459,7 +436,7 @@ if ($result) {
// On sell
if ($accounting_product_mode == 'ACCOUNTANCY_SELL' || $accounting_product_mode == 'ACCOUNTANCY_SELL_INTRA' || $accounting_product_mode == 'ACCOUNTANCY_SELL_EXPORT') {
print '<td class="liste_titre center">'.$form->selectyesno('search_onsell', $search_onsell, 1, false, 1).'</td>';
} elseif ($accounting_product_mode == 'ACCOUNTANCY_BUY' || $accounting_product_mode == 'ACCOUNTANCY_BUY_INTRA' || $accounting_product_mode == 'ACCOUNTANCY_BUY_EXPORT') {
} else {
// On buy
print '<td class="liste_titre center">'.$form->selectyesno('search_onpurchase', $search_onpurchase, 1, false, 1).'</td>';
}
@ -484,26 +461,12 @@ if ($result) {
}
print_liste_field_titre("VATRate", $_SERVER["PHP_SELF"], "p.tva_tx", "", $param, '', $sortfield, $sortorder, 'right ');
// On sell / On purchase
if ($accounting_product_mode == 'ACCOUNTANCY_SELL') {
if ($accounting_product_mode == 'ACCOUNTANCY_SELL' || $accounting_product_mode == 'ACCOUNTANCY_SELL_INTRA' || $accounting_product_mode == 'ACCOUNTANCY_SELL_EXPORT') {
print_liste_field_titre("OnSell", $_SERVER["PHP_SELF"], "p.tosell", "", $param, '', $sortfield, $sortorder, 'center ');
$fieldtosortaccount = "p.accountancy_code_sell";
} elseif ($accounting_product_mode == 'ACCOUNTANCY_SELL_INTRA') {
print_liste_field_titre("OnSell", $_SERVER["PHP_SELF"], "p.tosell", "", $param, '', $sortfield, $sortorder, 'center ');
$fieldtosortaccount = "p.accountancy_code_sell_intra";
} elseif ($accounting_product_mode == 'ACCOUNTANCY_SELL_EXPORT') {
print_liste_field_titre("OnSell", $_SERVER["PHP_SELF"], "p.tosell", "", $param, '', $sortfield, $sortorder, 'center ');
$fieldtosortaccount = "p.accountancy_code_sell_export";
} elseif ($accounting_product_mode == 'ACCOUNTANCY_BUY') {
} else {
print_liste_field_titre("OnBuy", $_SERVER["PHP_SELF"], "p.tobuy", "", $param, '', $sortfield, $sortorder, 'center ');
$fieldtosortaccount = "p.accountancy_code_buy";
} elseif ($accounting_product_mode == 'ACCOUNTANCY_BUY_INTRA') {
print_liste_field_titre("OnBuy", $_SERVER["PHP_SELF"], "p.tobuy", "", $param, '', $sortfield, $sortorder, 'center ');
$fieldtosortaccount = "p.accountancy_code_buy_intra";
} elseif ($accounting_product_mode == 'ACCOUNTANCY_BUY_EXPORT') {
print_liste_field_titre("OnBuy", $_SERVER["PHP_SELF"], "p.tobuy", "", $param, '', $sortfield, $sortorder, 'center ');
$fieldtosortaccount = "p.accountancy_code_buy_export";
}
print_liste_field_titre("CurrentDedicatedAccountingAccount", $_SERVER["PHP_SELF"], $fieldtosortaccount, "", $param, '', $sortfield, $sortorder);
print_liste_field_titre("CurrentDedicatedAccountingAccount", $_SERVER["PHP_SELF"], (empty($conf->global->MAIN_PRODUCT_PERENTITY_SHARED) ? "pa." : "p.") . $accountancy_field_name, "", $param, '', $sortfield, $sortorder);
print_liste_field_titre("AssignDedicatedAccountingAccount");
$clickpitco = $form->showCheckAddButtons('checkforselect', 1);
print_liste_field_titre($clickpitco, '', '', '', '', '', '', '', 'center ');
@ -607,11 +570,10 @@ if ($result) {
print vatrate($obj->tva_tx);
print '</td>';
// On sell / On purchase
if ($accounting_product_mode == 'ACCOUNTANCY_SELL' || $accounting_product_mode == 'ACCOUNTANCY_SELL_INTRA' || $accounting_product_mode == 'ACCOUNTANCY_SELL_EXPORT') {
print '<td class="center">'.$product_static->getLibStatut(3, 0).'</td>';
}
if ($accounting_product_mode == 'ACCOUNTANCY_BUY' || $accounting_product_mode == 'ACCOUNTANCY_BUY_INTRA' || $accounting_product_mode == 'ACCOUNTANCY_BUY_EXPORT') {
} else {
print '<td class="center">'.$product_static->getLibStatut(3, 1).'</td>';
}

8
htdocs/accountancy/bookkeeping/list.php
View File

@ -45,14 +45,14 @@ $search_mvt_num = GETPOST('search_mvt_num', 'int');
$search_doc_type = GETPOST("search_doc_type", 'alpha');
$search_doc_ref = GETPOST("search_doc_ref", 'alpha');
$search_date_start = dol_mktime(0, 0, 0, GETPOST('search_date_startmonth', 'int'), GETPOST('search_date_startday', 'int'), GETPOST('search_date_startyear', 'int'));
$search_date_end = dol_mktime(0, 0, 0, GETPOST('search_date_endmonth', 'int'), GETPOST('search_date_endday', 'int'), GETPOST('search_date_endyear', 'int'));
$search_date_end = dol_mktime(23, 59, 59, GETPOST('search_date_endmonth', 'int'), GETPOST('search_date_endday', 'int'), GETPOST('search_date_endyear', 'int'));
$search_doc_date = dol_mktime(0, 0, 0, GETPOST('doc_datemonth', 'int'), GETPOST('doc_dateday', 'int'), GETPOST('doc_dateyear', 'int'));
$search_date_creation_start = dol_mktime(0, 0, 0, GETPOST('date_creation_startmonth', 'int'), GETPOST('date_creation_startday', 'int'), GETPOST('date_creation_startyear', 'int'));
$search_date_creation_end = dol_mktime(0, 0, 0, GETPOST('date_creation_endmonth', 'int'), GETPOST('date_creation_endday', 'int'), GETPOST('date_creation_endyear', 'int'));
$search_date_creation_end = dol_mktime(23, 59, 59, GETPOST('date_creation_endmonth', 'int'), GETPOST('date_creation_endday', 'int'), GETPOST('date_creation_endyear', 'int'));
$search_date_modification_start = dol_mktime(0, 0, 0, GETPOST('date_modification_startmonth', 'int'), GETPOST('date_modification_startday', 'int'), GETPOST('date_modification_startyear', 'int'));
$search_date_modification_end = dol_mktime(0, 0, 0, GETPOST('date_modification_endmonth', 'int'), GETPOST('date_modification_endday', 'int'), GETPOST('date_modification_endyear', 'int'));
$search_date_modification_end = dol_mktime(23, 59, 59, GETPOST('date_modification_endmonth', 'int'), GETPOST('date_modification_endday', 'int'), GETPOST('date_modification_endyear', 'int'));
$search_date_export_start = dol_mktime(0, 0, 0, GETPOST('date_export_startmonth', 'int'), GETPOST('date_export_startday', 'int'), GETPOST('date_export_startyear', 'int'));
$search_date_export_end = dol_mktime(0, 0, 0, GETPOST('date_export_endmonth', 'int'), GETPOST('date_export_endday', 'int'), GETPOST('date_export_endyear', 'int'));
$search_date_export_end = dol_mktime(23, 59, 59, GETPOST('date_export_endmonth', 'int'), GETPOST('date_export_endday', 'int'), GETPOST('date_export_endyear', 'int'));
//var_dump($search_date_start);exit;
if (GETPOST("button_delmvt_x") || GETPOST("button_delmvt.x") || GETPOST("button_delmvt")) {

2
htdocs/accountancy/bookkeeping/listbyaccount.php
View File

@ -46,7 +46,7 @@ $search_date_endyear = GETPOST('search_date_endyear', 'int');
$search_date_endmonth = GETPOST('search_date_endmonth', 'int');
$search_date_endday = GETPOST('search_date_endday', 'int');
$search_date_start = dol_mktime(0, 0, 0, $search_date_startmonth, $search_date_startday, $search_date_startyear);
$search_date_end = dol_mktime(0, 0, 0, $search_date_endmonth, $search_date_endday, $search_date_endyear);
$search_date_end = dol_mktime(23, 59, 59, $search_date_endmonth, $search_date_endday, $search_date_endyear);
$search_doc_date = dol_mktime(0, 0, 0, GETPOST('doc_datemonth', 'int'), GETPOST('doc_dateday', 'int'), GETPOST('doc_dateyear', 'int'));
$search_date_export_startyear = GETPOST('search_date_export_startyear', 'int');
$search_date_export_startmonth = GETPOST('search_date_export_startmonth', 'int');

14
htdocs/accountancy/customer/card.php
View File

@ -1,7 +1,7 @@
<?php
/* Copyright (C) 2013-2014 Olivier Geffroy <jeff@jeffinfo.com>
* Copyright (C) 2013-2014 Florian Henry <florian.henry@open-concept.pro>
* Copyright (C) 2013-2017 Alexandre Spangaro <aspangaro@open-dsi.fr>
* Copyright (C) 2013-2021 Alexandre Spangaro <aspangaro@open-dsi.fr>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -61,7 +61,7 @@ if ($action == 'ventil' && $user->rights->accounting->bind->write) {
}
$sql = " UPDATE ".MAIN_DB_PREFIX."facturedet";
$sql .= " SET fk_code_ventilation = ".$codeventil;
$sql .= " SET fk_code_ventilation = ".((int) $codeventil);
$sql .= " WHERE rowid = ".((int) $id);
$resql = $db->query($sql);
@ -100,10 +100,18 @@ $formaccounting = new FormAccounting($db);
if (!empty($id)) {
$sql = "SELECT f.ref, f.rowid as facid, l.fk_product, l.description, l.price,";
$sql .= " l.qty, l.rowid, l.tva_tx, l.remise_percent, l.subprice, p.accountancy_code_sell as code_sell,";
$sql .= " l.qty, l.rowid, l.tva_tx, l.remise_percent, l.subprice,";
if (!empty($conf->global->MAIN_PRODUCT_PERENTITY_SHARED)) {
$sql .= " pa.accountancy_code_sell as code_sell,";
} else {
$sql .= " p.accountancy_code_sell as code_sell,";
}
$sql .= " l.fk_code_ventilation, aa.account_number, aa.label";
$sql .= " FROM ".MAIN_DB_PREFIX."facturedet as l";
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."product as p ON p.rowid = l.fk_product";
if (!empty($conf->global->MAIN_PRODUCT_PERENTITY_SHARED)) {
$sql .= " LEFT JOIN " . MAIN_DB_PREFIX . "product_accounting as pa ON pa.fk_product = p.rowid AND pa.entity = " . ((int) $conf->entity);
}
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."accounting_account as aa ON l.fk_code_ventilation = aa.rowid";
$sql .= " INNER JOIN ".MAIN_DB_PREFIX."facture as f ON f.rowid = l.fk_facture";
$sql .= " WHERE f.fk_statut > 0 AND l.rowid = ".((int) $id);

31
htdocs/accountancy/customer/index.php
View File

@ -1,7 +1,7 @@
<?php
/* Copyright (C) 2013 Olivier Geffroy <jeff@jeffinfo.com>
* Copyright (C) 2013-2014 Florian Henry <florian.henry@open-concept.pro>
* Copyright (C) 2013-2020 Alexandre Spangaro <aspangaro@open-dsi.fr>
* Copyright (C) 2013-2021 Alexandre Spangaro <aspangaro@open-dsi.fr>
* Copyright (C) 2014 Juanjo Menent <jmenent@2byte.es>
* Copyright (C) 2015 Jean-François Ferry <jfefe@aternatik.fr>
*
@ -125,19 +125,34 @@ if ($action == 'validatehistory') {
$sql = "SELECT f.rowid as facid, f.ref as ref, f.datef, f.type as ftype,";
$sql .= " l.rowid, l.fk_product, l.description, l.total_ht, l.fk_code_ventilation, l.product_type as type_l, l.tva_tx as tva_tx_line, l.vat_src_code,";
$sql .= " p.rowid as product_id, p.ref as product_ref, p.label as product_label, p.fk_product_type as type, p.tva_tx as tva_tx_prod,";
$sql .= " p.accountancy_code_sell as code_sell, p.accountancy_code_sell_intra as code_sell_intra, p.accountancy_code_sell_export as code_sell_export,";
if (!empty($conf->global->MAIN_PRODUCT_PERENTITY_SHARED)) {
$sql .= " pa.accountancy_code_sell as code_sell, pa.accountancy_code_sell_intra as code_sell_intra, pa.accountancy_code_sell_export as code_sell_export,";
} else {
$sql .= " p.accountancy_code_sell as code_sell, p.accountancy_code_sell_intra as code_sell_intra, p.accountancy_code_sell_export as code_sell_export,";
}
$sql .= " aa.rowid as aarowid, aa2.rowid as aarowid_intra, aa3.rowid as aarowid_export, aa4.rowid as aarowid_thirdparty,";
$sql .= " co.code as country_code, co.label as country_label,";
$sql .= " s.tva_intra, s.accountancy_code_sell as company_code_sell";
$sql .= " s.tva_intra,";
if (!empty($conf->global->ACCOUNTANCY_COMPANY_SHARED)) {
$sql .= " sa.accountancy_code_sell as company_code_sell";
} else {
$sql .= " s.accountancy_code_sell as company_code_sell";
}
$sql .= " FROM ".MAIN_DB_PREFIX."facture as f";
$sql .= " INNER JOIN ".MAIN_DB_PREFIX."societe as s ON s.rowid = f.fk_soc";
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."c_country as co ON co.rowid = s.fk_pays ";
$sql .= " INNER JOIN ".MAIN_DB_PREFIX."facturedet as l ON f.rowid = l.fk_facture";
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."product as p ON p.rowid = l.fk_product";
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."accounting_account as aa ON p.accountancy_code_sell = aa.account_number AND aa.active = 1 AND aa.fk_pcg_version = '".$db->escape($chartaccountcode)."' AND aa.entity = ".$conf->entity;
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."accounting_account as aa2 ON p.accountancy_code_sell_intra = aa2.account_number AND aa2.active = 1 AND aa2.fk_pcg_version = '".$db->escape($chartaccountcode)."' AND aa2.entity = ".$conf->entity;
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."accounting_account as aa3 ON p.accountancy_code_sell_export = aa3.account_number AND aa3.active = 1 AND aa3.fk_pcg_version = '".$db->escape($chartaccountcode)."' AND aa3.entity = ".$conf->entity;
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."accounting_account as aa4 ON s.accountancy_code_sell = aa4.account_number AND aa4.active = 1 AND aa4.fk_pcg_version = '".$db->escape($chartaccountcode)."' AND aa4.entity = ".$conf->entity;
if (!empty($conf->global->MAIN_PRODUCT_PERENTITY_SHARED)) {
$sql .= " LEFT JOIN " . MAIN_DB_PREFIX . "product_perentity as pa ON pa.fk_product = p.rowid AND pa.entity = " . ((int) $conf->entity);
}
$alias_company_accounting = !empty($conf->global->ACCOUNTANCY_COMPANY_SHARED) ? "sa" : "s";
$alias_product_accounting = !empty($conf->global->MAIN_PRODUCT_PERENTITY_SHARED) ? "pa" : "p";
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."accounting_account as aa ON " . $alias_product_accounting . ".accountancy_code_sell = aa.account_number AND aa.active = 1 AND aa.fk_pcg_version = '".$db->escape($chartaccountcode)."' AND aa.entity = ".$conf->entity;
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."accounting_account as aa2 ON " . $alias_product_accounting . ".accountancy_code_sell_intra = aa2.account_number AND aa2.active = 1 AND aa2.fk_pcg_version = '".$db->escape($chartaccountcode)."' AND aa2.entity = ".$conf->entity;
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."accounting_account as aa3 ON " . $alias_product_accounting . ".accountancy_code_sell_export = aa3.account_number AND aa3.active = 1 AND aa3.fk_pcg_version = '".$db->escape($chartaccountcode)."' AND aa3.entity = ".$conf->entity;
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."accounting_account as aa4 ON " . $alias_company_accounting . ".accountancy_code_sell = aa4.account_number AND aa4.active = 1 AND aa4.fk_pcg_version = '".$db->escape($chartaccountcode)."' AND aa4.entity = ".$conf->entity;
$sql .= " WHERE f.fk_statut > 0 AND l.fk_code_ventilation <= 0";
$sql .= " AND l.product_type <= 2";
@ -192,7 +207,7 @@ if ($action == 'validatehistory') {
if ($objp->aarowid_suggest > 0) {
$sqlupdate = "UPDATE ".MAIN_DB_PREFIX."facturedet";
$sqlupdate .= " SET fk_code_ventilation = ".$objp->aarowid_suggest;
$sqlupdate .= " SET fk_code_ventilation = ".((int) $objp->aarowid_suggest);
$sqlupdate .= " WHERE fk_code_ventilation <= 0 AND product_type <= 2 AND rowid = ".$objp->rowid;
$resqlupdate = $db->query($sqlupdate);

15
htdocs/accountancy/customer/lines.php
View File

@ -1,6 +1,6 @@
<?php
/* Copyright (C) 2013-2016 Olivier Geffroy <jeff@jeffinfo.com>
* Copyright (C) 2013-2020 Alexandre Spangaro <aspangaro@open-dsi.fr>
* Copyright (C) 2013-2021 Alexandre Spangaro <aspangaro@open-dsi.fr>
* Copyright (C) 2014-2015 Ari Elbaz (elarifr) <github@accedinfo.com>
* Copyright (C) 2014-2016 Florian Henry <florian.henry@open-concept.pro>
* Copyright (C) 2014 Juanjo Menent <jmenent@2byte.es>
@ -182,9 +182,13 @@ print '<script type="text/javascript">
$sql = "SELECT f.rowid as facid, f.ref as ref, f.type, f.datef, f.ref_client,";
$sql .= " fd.rowid, fd.description, fd.product_type as line_type, fd.total_ht, fd.total_tva, fd.tva_tx, fd.vat_src_code, fd.total_ttc,";
$sql .= " s.rowid as socid, s.nom as name, s.code_compta, s.code_client,";
$sql .= " p.rowid as product_id, p.fk_product_type as product_type, p.ref as product_ref, p.label as product_label, p.tobuy, p.tosell,";
$sql .= " p.accountancy_code_sell, p.accountancy_code_sell_intra, p.accountancy_code_sell_export,";
$sql .= " aa.rowid as fk_compte, aa.account_number, aa.label, aa.labelshort,";
$sql .= " p.rowid as product_id, p.fk_product_type as product_type, p.ref as product_ref, p.label as product_label,";
if (empty($conf->global->MAIN_PRODUCT_PERENTITY_SHARED)) {
$sql .= " pa.accountancy_code_sell,";
} else {
$sql .= " p.accountancy_code_sell,";
}
$sql .= " aa.rowid as fk_compte, aa.account_number, aa.label as label_account, aa.labelshort as labelshort_account,";
$sql .= " fd.situation_percent,";
$sql .= " co.code as country_code, co.label as country,";
$sql .= " s.rowid as socid, s.nom as name, s.tva_intra, s.email, s.town, s.zip, s.fk_pays, s.client, s.fournisseur, s.code_client, s.code_fournisseur, s.code_compta as code_compta_client, s.code_compta_fournisseur";
@ -193,6 +197,9 @@ $reshook = $hookmanager->executeHooks('printFieldListSelect', $parameters); // N
$sql .= $hookmanager->resPrint;
$sql .= " FROM ".MAIN_DB_PREFIX."facturedet as fd";
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."product as p ON p.rowid = fd.fk_product";
if (!empty($conf->global->MAIN_PRODUCT_PERENTITY_SHARED)) {
$sql .= " LEFT JOIN " . MAIN_DB_PREFIX . "product_accounting as pa ON pa.fk_product = p.rowid AND pa.entity = " . ((int) $conf->entity);
}
$sql .= " INNER JOIN ".MAIN_DB_PREFIX."accounting_account as aa ON aa.rowid = fd.fk_code_ventilation";
$sql .= " INNER JOIN ".MAIN_DB_PREFIX."facture as f ON f.rowid = fd.fk_facture";
$sql .= " INNER JOIN ".MAIN_DB_PREFIX."societe as s ON s.rowid = f.fk_soc";

33
htdocs/accountancy/customer/list.php
View File

@ -218,24 +218,43 @@ if (empty($chartaccountcode)) {
$sql = "SELECT f.rowid as facid, f.ref as ref, f.datef, f.type as ftype,";
$sql .= " l.rowid, l.fk_product, l.description, l.total_ht, l.fk_code_ventilation, l.product_type as type_l, l.tva_tx as tva_tx_line, l.vat_src_code,";
$sql .= " p.rowid as product_id, p.ref as product_ref, p.label as product_label, p.fk_product_type as type, p.tva_tx as tva_tx_prod,";
$sql .= " p.accountancy_code_sell as code_sell, p.accountancy_code_sell_intra as code_sell_intra, p.accountancy_code_sell_export as code_sell_export,";
$sql .= " p.accountancy_code_buy as code_buy, p.accountancy_code_buy_intra as code_buy_intra, p.accountancy_code_buy_export as code_buy_export,";
if (empty($conf->global->MAIN_PRODUCT_PERENTITY_SHARED)) {
$sql .= " pa.accountancy_code_sell as code_sell, pa.accountancy_code_sell_intra as code_sell_intra, pa.accountancy_code_sell_export as code_sell_export,";
$sql .= " pa.accountancy_code_buy as code_buy, pa.accountancy_code_buy_intra as code_buy_intra, pa.accountancy_code_buy_export as code_buy_export,";
} else {
$sql .= " p.accountancy_code_sell as code_sell, p.accountancy_code_sell_intra as code_sell_intra, p.accountancy_code_sell_export as code_sell_export,";
$sql .= " p.accountancy_code_buy as code_buy, p.accountancy_code_buy_intra as code_buy_intra, p.accountancy_code_buy_export as code_buy_export,";
}
$sql .= " p.tosell as status, p.tobuy as status_buy,";
$sql .= " aa.rowid as aarowid, aa2.rowid as aarowid_intra, aa3.rowid as aarowid_export, aa4.rowid as aarowid_thirdparty,";
$sql .= " co.code as country_code, co.label as country_label,";
$sql .= " s.rowid as socid, s.nom as name, s.tva_intra, s.email, s.town, s.zip, s.fk_pays, s.client, s.fournisseur, s.code_client, s.code_fournisseur, s.code_compta as code_compta_client, s.code_compta_fournisseur, s.accountancy_code_sell as company_code_sell";
$sql .= " s.rowid as socid, s.nom as name, s.tva_intra, s.email, s.town, s.zip, s.fk_pays, s.client, s.fournisseur, s.code_client, s.code_fournisseur, s.code_compta as code_compta_client, s.code_compta_fournisseur,";
if (!empty($conf->global->MAIN_PRODUCT_PERENTITY_SHARED)) {
$sql .= " sa.accountancy_code_sell as company_code_sell";
} else {
$sql .= " s.accountancy_code_sell as company_code_sell";
}
$parameters = array();
$reshook = $hookmanager->executeHooks('printFieldListSelect', $parameters); // Note that $action and $object may have been modified by hook
$sql .= $hookmanager->resPrint;
$sql .= " FROM ".MAIN_DB_PREFIX."facture as f";
$sql .= " INNER JOIN ".MAIN_DB_PREFIX."societe as s ON s.rowid = f.fk_soc";
if (!empty($conf->global->ACCOUNTANCY_COMPANY_SHARED)) {
$sql .= " LEFT JOIN " . MAIN_DB_PREFIX . "societe_accounting as sa ON sa.fk_soc = s.rowid AND sa.entity = " . ((int) $conf->entity);
}
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."c_country as co ON co.rowid = s.fk_pays ";
$sql .= " INNER JOIN ".MAIN_DB_PREFIX."facturedet as l ON f.rowid = l.fk_facture";
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."product as p ON p.rowid = l.fk_product";
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."accounting_account as aa ON p.accountancy_code_sell = aa.account_number AND aa.active = 1 AND aa.fk_pcg_version = '".$db->escape($chartaccountcode)."' AND aa.entity = ".$conf->entity;
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."accounting_account as aa2 ON p.accountancy_code_sell_intra = aa2.account_number AND aa2.active = 1 AND aa2.fk_pcg_version = '".$db->escape($chartaccountcode)."' AND aa2.entity = ".$conf->entity;
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."accounting_account as aa3 ON p.accountancy_code_sell_export = aa3.account_number AND aa3.active = 1 AND aa3.fk_pcg_version = '".$db->escape($chartaccountcode)."' AND aa3.entity = ".$conf->entity;
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."accounting_account as aa4 ON s.accountancy_code_sell = aa4.account_number AND aa4.active = 1 AND aa4.fk_pcg_version = '".$db->escape($chartaccountcode)."' AND aa4.entity = ".$conf->entity;
if (!empty($conf->global->MAIN_PRODUCT_PERENTITY_SHARED)) {
$sql .= " LEFT JOIN " . MAIN_DB_PREFIX . "product_accounting as pa ON pa.fk_product = p.rowid AND pa.entity = " . ((int) $conf->entity);
}
$alias_company_accounting = empty($conf->global->MAIN_COMPANY_PERENTITY_SHARED) ? "s" : "sa";
$alias_product_accounting = empty($conf->global->MAIN_PRODUCT_PERENTITY_SHARED) ? "p" : "pa";
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."accounting_account as aa ON " . $alias_product_accounting . ".accountancy_code_sell = aa.account_number AND aa.active = 1 AND aa.fk_pcg_version = '".$db->escape($chartaccountcode)."' AND aa.entity = ".$conf->entity;
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."accounting_account as aa2 ON " . $alias_product_accounting . ".accountancy_code_sell_intra = aa2.account_number AND aa2.active = 1 AND aa2.fk_pcg_version = '".$db->escape($chartaccountcode)."' AND aa2.entity = ".$conf->entity;
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."accounting_account as aa3 ON " . $alias_product_accounting . ".accountancy_code_sell_export = aa3.account_number AND aa3.active = 1 AND aa3.fk_pcg_version = '".$db->escape($chartaccountcode)."' AND aa3.entity = ".$conf->entity;
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."accounting_account as aa4 ON " . $alias_company_accounting . ".accountancy_code_sell = aa4.account_number AND aa4.active = 1 AND aa4.fk_pcg_version = '".$db->escape($chartaccountcode)."' AND aa4.entity = ".$conf->entity;
$sql .= " WHERE f.fk_statut > 0 AND l.fk_code_ventilation <= 0";
$sql .= " AND l.product_type <= 2";
// Define begin binding date

2
htdocs/accountancy/expensereport/card.php
View File

@ -64,7 +64,7 @@ if ($action == 'ventil' && $user->rights->accounting->bind->write) {
}
$sql = " UPDATE ".MAIN_DB_PREFIX."expensereport_det";
$sql .= " SET fk_code_ventilation = ".$codeventil;
$sql .= " SET fk_code_ventilation = ".((int) $codeventil);
$sql .= " WHERE rowid = ".((int) $id);
$resql = $db->query($sql);

2
htdocs/accountancy/expensereport/list.php
View File

@ -153,7 +153,7 @@ if ($massaction == 'ventil' && $user->rights->accounting->bind->write) {
$ko++;
} else {
$sql = " UPDATE ".MAIN_DB_PREFIX."expensereport_det";
$sql .= " SET fk_code_ventilation = ".$monCompte;
$sql .= " SET fk_code_ventilation = ".((int) $monCompte);
$sql .= " WHERE rowid = ".$monId;
$accountventilated = new AccountingAccount($db);

13
htdocs/accountancy/journal/sellsjournal.php
View File

@ -4,7 +4,7 @@
* Copyright (C) 2011 Juanjo Menent <jmenent@2byte.es>
* Copyright (C) 2012 Regis Houssin <regis.houssin@inodbox.com>
* Copyright (C) 2013 Christophe Battarel <christophe.battarel@altairis.fr>
* Copyright (C) 2013-2018 Alexandre Spangaro <aspangaro@open-dsi.fr>
* Copyright (C) 2013-2021 Alexandre Spangaro <aspangaro@open-dsi.fr>
* Copyright (C) 2013-2016 Florian Henry <florian.henry@open-concept.pro>
* Copyright (C) 2013-2016 Olivier Geffroy <jeff@jeffinfo.com>
* Copyright (C) 2014 Raphaël Doursenaud <rdoursenaud@gpcsolutions.fr>
@ -108,9 +108,16 @@ if (!GETPOSTISSET('date_startmonth') && (empty($date_start) || empty($date_end))
$sql = "SELECT f.rowid, f.ref, f.type, f.datef as df, f.ref_client, f.date_lim_reglement as dlr, f.close_code,";
$sql .= " fd.rowid as fdid, fd.description, fd.product_type, fd.total_ht, fd.total_tva, fd.total_localtax1, fd.total_localtax2, fd.tva_tx, fd.total_ttc, fd.situation_percent, fd.vat_src_code,";
$sql .= " s.rowid as socid, s.nom as name, s.code_client, s.code_fournisseur, s.code_compta, s.code_compta_fournisseur,";
$sql .= " p.rowid as pid, p.ref as pref, p.accountancy_code_sell, aa.rowid as fk_compte, aa.account_number as compte, aa.label as label_compte";
$sql .= " p.rowid as pid, p.ref as pref, aa.rowid as fk_compte, aa.account_number as compte, aa.label as label_compte,";
if (!empty($conf->global->MAIN_PRODUCT_PERENTITY_SHARED)) {
$sql .= " pa.accountancy_code_sell";
} else {
$sql .= " p.accountancy_code_sell";
}
$sql .= " FROM ".MAIN_DB_PREFIX."facturedet as fd";
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."product as p ON p.rowid = fd.fk_product";
if (!empty($conf->global->MAIN_PRODUCT_PERENTITY_SHARED)) {
$sql .= " LEFT JOIN " . MAIN_DB_PREFIX . "product_accounting as pa ON pa.fk_product = p.rowid AND pa.entity = " . ((int) $conf->entity);
}
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."accounting_account as aa ON aa.rowid = fd.fk_code_ventilation";
$sql .= " JOIN ".MAIN_DB_PREFIX."facture as f ON f.rowid = fd.fk_facture";
$sql .= " JOIN ".MAIN_DB_PREFIX."societe as s ON s.rowid = f.fk_soc";

2
htdocs/accountancy/supplier/card.php
View File

@ -64,7 +64,7 @@ if ($action == 'ventil' && $user->rights->accounting->bind->write) {
}
$sql = " UPDATE ".MAIN_DB_PREFIX."facture_fourn_det";
$sql .= " SET fk_code_ventilation = ".$codeventil;
$sql .= " SET fk_code_ventilation = ".((int) $codeventil);
$sql .= " WHERE rowid = ".((int) $id);
$resql = $db->query($sql);

2
htdocs/accountancy/supplier/index.php
View File

@ -193,7 +193,7 @@ if ($action == 'validatehistory') {
if ($objp->aarowid_suggest > 0) {
$sqlupdate = "UPDATE ".MAIN_DB_PREFIX."facture_fourn_det";
$sqlupdate .= " SET fk_code_ventilation = ".$objp->aarowid_suggest;
$sqlupdate .= " SET fk_code_ventilation = ".((int) $objp->aarowid_suggest);
$sqlupdate .= " WHERE fk_code_ventilation <= 0 AND product_type <= 2 AND rowid = ".$objp->rowid;
$resqlupdate = $db->query($sqlupdate);

35
htdocs/accountancy/supplier/list.php
View File

@ -177,7 +177,7 @@ if ($massaction == 'ventil') {
$ko++;
} else {
$sql = " UPDATE ".MAIN_DB_PREFIX."facture_fourn_det";
$sql .= " SET fk_code_ventilation = ".$monCompte;
$sql .= " SET fk_code_ventilation = ".((int) $monCompte);
$sql .= " WHERE rowid = ".$monId;
$accountventilated = new AccountingAccount($db);
@ -223,24 +223,41 @@ if (empty($chartaccountcode)) {
$sql = "SELECT f.rowid as facid, f.ref, f.ref_supplier, f.libelle as invoice_label, f.datef, f.type as ftype,";
$sql .= " l.rowid, l.fk_product, l.description, l.total_ht, l.fk_code_ventilation, l.product_type as type_l, l.tva_tx as tva_tx_line, l.vat_src_code,";
$sql .= " p.rowid as product_id, p.ref as product_ref, p.label as product_label, p.fk_product_type as type, p.tva_tx as tva_tx_prod,";
$sql .= " p.accountancy_code_sell as code_sell, p.accountancy_code_sell_intra as code_sell_intra, p.accountancy_code_sell_export as code_sell_export,";
$sql .= " p.accountancy_code_buy as code_buy, p.accountancy_code_buy_intra as code_buy_intra, p.accountancy_code_buy_export as code_buy_export,";
if (!empty($conf->global->MAIN_PRODUCT_PERENTITY_SHARED)) {
$sql .= " pa.accountancy_code_sell as code_sell, pa.accountancy_code_sell_intra as code_sell_intra, pa.accountancy_code_sell_export as code_sell_export,";
$sql .= " pa.accountancy_code_buy as code_buy, pa.accountancy_code_buy_intra as code_buy_intra, pa.accountancy_code_buy_export as code_buy_export,";
} else {
$sql .= " p.accountancy_code_sell as code_sell, p.accountancy_code_sell_intra as code_sell_intra, p.accountancy_code_sell_export as code_sell_export,";
$sql .= " p.accountancy_code_buy as code_buy, p.accountancy_code_buy_intra as code_buy_intra, p.accountancy_code_buy_export as code_buy_export,";
}
$sql .= " p.tosell as status, p.tobuy as status_buy,";
$sql .= " aa.rowid as aarowid, aa2.rowid as aarowid_intra, aa3.rowid as aarowid_export, aa4.rowid as aarowid_thirdparty,";
$sql .= " co.code as country_code, co.label as country_label,";
$sql .= " s.rowid as socid, s.nom as name, s.tva_intra, s.email, s.town, s.zip, s.fk_pays, s.client, s.fournisseur, s.code_client, s.code_fournisseur, s.code_compta as code_compta_client, s.code_compta_fournisseur, s.accountancy_code_buy as company_code_buy";
$sql .= " s.rowid as socid, s.nom as name, s.tva_intra, s.email, s.town, s.zip, s.fk_pays, s.client, s.fournisseur, s.code_client, s.code_fournisseur, s.code_compta as code_compta_client, s.code_compta_fournisseur,";
if (!empty($conf->global->MAIN_COMPANY_PERENTITY_SHARED)) {
$sql .= " sa.accountancy_code_buy as company_code_buy";
} else {
$sql .= " s.accountancy_code_buy as company_code_buy";
}
$parameters = array();
$reshook = $hookmanager->executeHooks('printFieldListSelect', $parameters); // Note that $action and $object may have been modified by hook
$sql .= $hookmanager->resPrint;
$sql .= " FROM ".MAIN_DB_PREFIX."facture_fourn as f";
$sql .= " INNER JOIN ".MAIN_DB_PREFIX."societe as s ON s.rowid = f.fk_soc";
if (!empty($conf->global->MAIN_COMPANY_PERENTITY_SHARED)) {
$sql .= " LEFT JOIN " . MAIN_DB_PREFIX . "societe_accounting as sa ON sa.fk_soc = s.rowid AND sa.entity = " . ((int) $conf->entity);
}
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."c_country as co ON co.rowid = s.fk_pays ";
$sql .= " INNER JOIN ".MAIN_DB_PREFIX."facture_fourn_det as l ON f.rowid = l.fk_facture_fourn";
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."product as p ON p.rowid = l.fk_product";
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."accounting_account as aa ON p.accountancy_code_buy = aa.account_number AND aa.active = 1 AND aa.fk_pcg_version = '".$db->escape($chartaccountcode)."' AND aa.entity = ".$conf->entity;
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."accounting_account as aa2 ON p.accountancy_code_buy_intra = aa2.account_number AND aa2.active = 1 AND aa2.fk_pcg_version = '".$db->escape($chartaccountcode)."' AND aa2.entity = ".$conf->entity;
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."accounting_account as aa3 ON p.accountancy_code_buy_export = aa3.account_number AND aa3.active = 1 AND aa3.fk_pcg_version = '".$db->escape($chartaccountcode)."' AND aa3.entity = ".$conf->entity;
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."accounting_account as aa4 ON s.accountancy_code_buy = aa4.account_number AND aa4.active = 1 AND aa4.fk_pcg_version = '".$db->escape($chartaccountcode)."' AND aa4.entity = ".$conf->entity;
if (!empty($conf->global->MAIN_PRODUCT_PERENTITY_SHARED)) {
$sql .= " LEFT JOIN " . MAIN_DB_PREFIX . "product_accounting as pa ON pa.fk_product = p.rowid AND pa.entity = " . ((int) $conf->entity);
}
$alias_company_accounting = !empty($conf->global->MAIN_COMPANY_PERENTITY_SHARED) ? "sa" : "s";
$alias_product_accounting = !empty($conf->global->MAIN_PRODUCT_PERENTITY_SHARED) ? "pa" : "p";
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."accounting_account as aa ON " . $alias_product_accounting . ".accountancy_code_buy = aa.account_number AND aa.active = 1 AND aa.fk_pcg_version = '".$db->escape($chartaccountcode)."' AND aa.entity = ".$conf->entity;
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."accounting_account as aa2 ON " . $alias_product_accounting . ".accountancy_code_buy_intra = aa2.account_number AND aa2.active = 1 AND aa2.fk_pcg_version = '".$db->escape($chartaccountcode)."' AND aa2.entity = ".$conf->entity;
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."accounting_account as aa3 ON " . $alias_product_accounting . ".accountancy_code_buy_export = aa3.account_number AND aa3.active = 1 AND aa3.fk_pcg_version = '".$db->escape($chartaccountcode)."' AND aa3.entity = ".$conf->entity;
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."accounting_account as aa4 ON " . $alias_company_accounting . ".accountancy_code_buy = aa4.account_number AND aa4.active = 1 AND aa4.fk_pcg_version = '".$db->escape($chartaccountcode)."' AND aa4.entity = ".$conf->entity;
$sql .= " WHERE f.fk_statut > 0 AND l.fk_code_ventilation <= 0";
$sql .= " AND l.product_type <= 2";
// Define begin binding date

147
htdocs/adherents/card.php
View File

@ -7,6 +7,7 @@
* Copyright (C) 2012-2020 Philippe Grand <philippe.grand@atoo-net.com>
* Copyright (C) 2015-2018 Alexandre Spangaro <aspangaro@open-dsi.fr>
* Copyright (C) 2018-2020 Frédéric France <frederic.france@netlogic.fr>
* Copyright (C) 2021 Waël Almoman <info@almoman.com>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -84,12 +85,10 @@ if (!empty($canvas)) {
// Initialize technical object to manage hooks of page. Note that conf->hooks_modules contains array of hook context
$hookmanager->initHooks(array('membercard', 'globalcard'));
// Security check
$result = restrictedArea($user, 'adherent', $id, '', '', 'socid', 'rowid', 0);
if ($id > 0) {
// Fetch object
if ($id > 0 || !empty($ref)) {
// Load member
$result = $object->fetch($id);
$result = $object->fetch($id, $ref);
// Define variables to know what current user can do on users
$canadduser = ($user->admin || $user->rights->user->user->creer);
@ -97,9 +96,9 @@ if ($id > 0) {
if ($object->user_id) {
// $User is the user who edits, $object->user_id is the id of the related user in the edited member
$caneditfielduser = ((($user->id == $object->user_id) && $user->rights->user->self->creer)
|| (($user->id != $object->user_id) && $user->rights->user->user->creer));
|| (($user->id != $object->user_id) && $user->rights->user->user->creer));
$caneditpassworduser = ((($user->id == $object->user_id) && $user->rights->user->self->password)
|| (($user->id != $object->user_id) && $user->rights->user->user->password));
|| (($user->id != $object->user_id) && $user->rights->user->user->password));
}
}
@ -110,6 +109,8 @@ if ($id) {
$caneditfieldmember = $user->rights->adherent->creer;
}
// Security check
$result = restrictedArea($user, 'adherent', $object->id, '', '', 'socid', 'rowid', 0);
/*
@ -331,62 +332,66 @@ if (empty($reshook)) {
}
}
$result = $object->update($user, 0, $nosyncuser, $nosyncuserpass);
if (!$error) {
$result = $object->update($user, 0, $nosyncuser, $nosyncuserpass);
if ($result >= 0 && !count($object->errors)) {
$categories = GETPOST('memcats', 'array');
$object->setCategories($categories);
if ($result >= 0 && !count($object->errors)) {
$categories = GETPOST('memcats', 'array');
$object->setCategories($categories);
// Logo/Photo save
$dir = $conf->adherent->dir_output.'/'.get_exdir(0, 0, 0, 1, $object, 'member').'/photos';
$file_OK = is_uploaded_file($_FILES['photo']['tmp_name']);
if ($file_OK) {
if (GETPOST('deletephoto')) {
require_once DOL_DOCUMENT_ROOT.'/core/lib/files.lib.php';
$fileimg = $conf->adherent->dir_output.'/'.get_exdir(0, 0, 0, 1, $object, 'member').'/photos/'.$object->photo;
$dirthumbs = $conf->adherent->dir_output.'/'.get_exdir(0, 0, 0, 1, $object, 'member').'/photos/thumbs';
dol_delete_file($fileimg);
dol_delete_dir_recursive($dirthumbs);
}
// Logo/Photo save
$dir = $conf->adherent->dir_output.'/'.get_exdir(0, 0, 0, 1, $object, 'member').'/photos';
$file_OK = is_uploaded_file($_FILES['photo']['tmp_name']);
if ($file_OK) {
if (GETPOST('deletephoto')) {
require_once DOL_DOCUMENT_ROOT.'/core/lib/files.lib.php';
$fileimg = $conf->adherent->dir_output.'/'.get_exdir(0, 0, 0, 1, $object, 'member').'/photos/'.$object->photo;
$dirthumbs = $conf->adherent->dir_output.'/'.get_exdir(0, 0, 0, 1, $object, 'member').'/photos/thumbs';
dol_delete_file($fileimg);
dol_delete_dir_recursive($dirthumbs);
}
if (image_format_supported($_FILES['photo']['name']) > 0) {
dol_mkdir($dir);
if (image_format_supported($_FILES['photo']['name']) > 0) {
dol_mkdir($dir);
if (@is_dir($dir)) {
$newfile = $dir.'/'.dol_sanitizeFileName($_FILES['photo']['name']);
if (!dol_move_uploaded_file($_FILES['photo']['tmp_name'], $newfile, 1, 0, $_FILES['photo']['error']) > 0) {
setEventMessages($langs->trans("ErrorFailedToSaveFile"), null, 'errors');
} else {
// Create thumbs
$object->addThumbs($newfile);
if (@is_dir($dir)) {
$newfile = $dir.'/'.dol_sanitizeFileName($_FILES['photo']['name']);
if (!dol_move_uploaded_file($_FILES['photo']['tmp_name'], $newfile, 1, 0, $_FILES['photo']['error']) > 0) {
setEventMessages($langs->trans("ErrorFailedToSaveFile"), null, 'errors');
} else {
// Create thumbs
$object->addThumbs($newfile);
}
}
} else {
setEventMessages("ErrorBadImageFormat", null, 'errors');
}
} else {
setEventMessages("ErrorBadImageFormat", null, 'errors');
switch ($_FILES['photo']['error']) {
case 1: //uploaded file exceeds the upload_max_filesize directive in php.ini
case 2: //uploaded file exceeds the MAX_FILE_SIZE directive that was specified in the html form
$errors[] = "ErrorFileSizeTooLarge";
break;
case 3: //uploaded file was only partially uploaded
$errors[] = "ErrorFilePartiallyUploaded";
break;
}
}
$rowid = $object->id;
$id = $object->id;
$action = '';
if (!empty($backtopage)) {
header("Location: ".$backtopage);
exit;
}
} else {
switch ($_FILES['photo']['error']) {
case 1: //uploaded file exceeds the upload_max_filesize directive in php.ini
case 2: //uploaded file exceeds the MAX_FILE_SIZE directive that was specified in the html form
$errors[] = "ErrorFileSizeTooLarge";
break;
case 3: //uploaded file was only partially uploaded
$errors[] = "ErrorFilePartiallyUploaded";
break;
}
}
$rowid = $object->id;
$id = $object->id;
$action = '';
if (!empty($backtopage)) {
header("Location: ".$backtopage);
exit;
setEventMessages($object->error, $object->errors, 'errors');
$action = '';
}
} else {
setEventMessages($object->error, $object->errors, 'errors');
$action = '';
$action = 'edit';
}
} else {
$action = 'edit';
@ -550,7 +555,6 @@ if (empty($reshook)) {
$db->commit();
$rowid = $object->id;
$id = $object->id;
$action = '';
} else {
$db->rollback();
@ -559,12 +563,41 @@ if (empty($reshook)) {
} else {
setEventMessages($object->error, $object->errors, 'errors');
}
$action = 'create';
}
} else {
$action = 'create';
// Auto-create thirdparty on member creation
if (!empty($conf->global->ADHERENT_DEFAULT_CREATE_THIRDPARTY)) {
if ($result > 0) {
// User creation
$company = new Societe($db);
$companyalias = '';
$fullname = $object->getFullName($langs);
if ($object->morphy == 'mor') {
$companyname = $object->company;
if (!empty($fullname)) {
$companyalias = $fullname;
}
} else {
$companyname = $fullname;
if (!empty($object->company)) {
$companyalias = $object->company;
}
}
$result = $company->create_from_member($object, $companyname, $companyalias);
if ($result < 0) {
$langs->load("errors");
setEventMessages($langs->trans($company->error), null, 'errors');
setEventMessages($company->error, $company->errors, 'errors');
}
} else {
setEventMessages($object->error, $object->errors, 'errors');
}
}
}
$action = ($result < 0 || !$error) ? '' : 'create';
}
if ($user->rights->adherent->supprimer && $action == 'confirm_delete' && $confirm == 'yes') {

1
htdocs/adherents/class/adherent.class.php
View File

@ -13,6 +13,7 @@
* Copyright (C) 2018-2019 Thibault FOUCART <support@ptibogxiv.net>
* Copyright (C) 2019 Nicolas ZABOURI <info@inovea-conseil.com>
* Copyright (C) 2020 Josep Lluís Amador <joseplluis@lliuretic.cat>
* Copyright (C) 2021 Waël Almoman <info@almoman.com>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by

1
htdocs/adherents/class/adherent_type.class.php
View File

@ -4,6 +4,7 @@
* Copyright (C) 2009-2017 Regis Houssin <regis.houssin@inodbox.com>
* Copyright (C) 2016 Charlie Benke <charlie@patas-monkey.com>
* Copyright (C) 2018-2019 Thibault Foucart <support@ptibogxiv.net>
* Copyright (C) 2021 Waël Almoman <info@almoman.com>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by

32
htdocs/adherents/document.php
View File

@ -42,9 +42,6 @@ $ref = GETPOST('ref', 'alphanohtml');
$action = GETPOST('action', 'aZ09');
$confirm = GETPOST('confirm', 'alpha');
// Security check
$result = restrictedArea($user, 'adherent', $id);
// Get parameters
$limit = GETPOST('limit', 'int') ? GETPOST('limit', 'int') : $conf->liste_limit;
$sortfield = GETPOST("sortfield", 'alpha');
@ -63,8 +60,6 @@ if (!$sortfield) {
$sortfield = "name";
}
$form = new Form($db);
$object = new Adherent($db);
$membert = new AdherentType($db);
$result = $object->fetch($id, $ref);
@ -74,6 +69,33 @@ if ($result < 0) {
}
$upload_dir = $conf->adherent->dir_output."/".get_exdir(0, 0, 0, 1, $object, 'member');
// Fetch object
if ($id > 0 || !empty($ref)) {
// Load member
$result = $object->fetch($id, $ref);
// Define variables to know what current user can do on users
$canadduser = ($user->admin || $user->rights->user->user->creer);
// Define variables to know what current user can do on properties of user linked to edited member
if ($object->user_id) {
// $User is the user who edits, $object->user_id is the id of the related user in the edited member
$caneditfielduser = ((($user->id == $object->user_id) && $user->rights->user->self->creer)
|| (($user->id != $object->user_id) && $user->rights->user->user->creer));
$caneditpassworduser = ((($user->id == $object->user_id) && $user->rights->user->self->password)
|| (($user->id != $object->user_id) && $user->rights->user->user->password));
}
}
// Define variables to determine what the current user can do on the members
$canaddmember = $user->rights->adherent->creer;
// Define variables to determine what the current user can do on the properties of a member
if ($id) {
$caneditfieldmember = $user->rights->adherent->creer;
}
// Security check
$result = restrictedArea($user, 'adherent', $object->id, '', '', 'socid', 'rowid', 0);
/*
* Actions

21
htdocs/adherents/htpasswd.php
View File

@ -26,7 +26,16 @@
require '../main.inc.php';
require_once DOL_DOCUMENT_ROOT.'/core/lib/security2.lib.php';
$status = GETPOST('status', 'int');
$cotis = GETPOST('cotis', 'int');
$sortfield = GETPOST('sortfield', 'alphanohtml');
$sortorder = GETPOST('sortorder', 'aZ09');
// Security check
if (empty($conf->adherent->enabled)) {
accessforbidden();
}
if (!$user->rights->adherent->export) {
accessforbidden();
}
@ -46,19 +55,10 @@ if (empty($sortorder)) {
if (empty($sortfield)) {
$sortfield = "d.login";
}
if (!isset($statut)) {
$statut = 1;
}
if (!isset($cotis)) {
// by default, members must be up to date of subscription
$cotis = 1;
}
$sql = "SELECT d.login, d.pass, d.datefin";
$sql .= " FROM ".MAIN_DB_PREFIX."adherent as d ";
$sql .= " WHERE d.statut = ".$statut;
$sql .= " WHERE d.statut = ".((int) $status);
if ($cotis == 1) {
$sql .= " AND datefin > '".$db->idate($now)."'";
}
@ -70,6 +70,7 @@ if ($resql) {
$num = $db->num_rows($resql);
$i = 0;
$param = '';
print_barre_liste($langs->trans("HTPasswordExport"), $page, $_SERVER["PHP_SELF"], $param, $sortfield, $sortorder, '', 0);
print "<hr>\n";

1
htdocs/adherents/index.php
View File

@ -5,6 +5,7 @@
* Copyright (C) 2005-2012 Regis Houssin <regis.houssin@inodbox.com>
* Copyright (C) 2019 Nicolas ZABOURI <info@inovea-conseil.com>
* Copyright (C) 2021 Frédéric France <frederic.france@netlgic.fr>
* Copyright (C) 2021 Waël Almoman <info@almoman.com>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by

33
htdocs/adherents/ldap.php
View File

@ -32,7 +32,8 @@ require_once DOL_DOCUMENT_ROOT.'/adherents/class/adherent_type.class.php';
// Load translation files required by the page
$langs->loadLangs(array("companies", "members", "ldap", "admin"));
$rowid = GETPOST('id', 'int');
$id = GETPOST('id', 'int');
$ref = GETPOST('ref', 'alphanohtml');
$action = GETPOST('action', 'aZ09');
// Protection
@ -42,12 +43,34 @@ if ($user->socid > 0) {
}
$object = new Adherent($db);
$result = $object->fetch($rowid);
if (!$result) {
dol_print_error($db, "Failed to get adherent: ".$object->error);
exit;
// Fetch object
if ($id > 0 || !empty($ref)) {
// Load member
$result = $object->fetch($id, $ref);
// Define variables to know what current user can do on users
$canadduser = ($user->admin || $user->rights->user->user->creer);
// Define variables to know what current user can do on properties of user linked to edited member
if ($object->user_id) {
// $User is the user who edits, $object->user_id is the id of the related user in the edited member
$caneditfielduser = ((($user->id == $object->user_id) && $user->rights->user->self->creer)
|| (($user->id != $object->user_id) && $user->rights->user->user->creer));
$caneditpassworduser = ((($user->id == $object->user_id) && $user->rights->user->self->password)
|| (($user->id != $object->user_id) && $user->rights->user->user->password));
}
}
// Define variables to determine what the current user can do on the members
$canaddmember = $user->rights->adherent->creer;
// Define variables to determine what the current user can do on the properties of a member
if ($id) {
$caneditfieldmember = $user->rights->adherent->creer;
}
// Security check
$result = restrictedArea($user, 'adherent', $object->id, '', '', 'socid', 'rowid', 0);
/*
* Actions

34
htdocs/adherents/note.php
View File

@ -33,9 +33,7 @@ $langs->loadLangs(array("companies", "members", "bills"));
$action = GETPOST('action', 'aZ09');
$id = GETPOST('id', 'int');
// Security check
$result = restrictedArea($user, 'adherent', $id);
$ref = GETPOST('ref', 'alphanohtml');
$object = new Adherent($db);
$result = $object->fetch($id);
@ -46,6 +44,34 @@ if ($result > 0) {
$permissionnote = $user->rights->adherent->creer; // Used by the include of actions_setnotes.inc.php
// Fetch object
if ($id > 0 || !empty($ref)) {
// Load member
$result = $object->fetch($id, $ref);
// Define variables to know what current user can do on users
$canadduser = ($user->admin || $user->rights->user->user->creer);
// Define variables to know what current user can do on properties of user linked to edited member
if ($object->user_id) {
// $User is the user who edits, $object->user_id is the id of the related user in the edited member
$caneditfielduser = ((($user->id == $object->user_id) && $user->rights->user->self->creer)
|| (($user->id != $object->user_id) && $user->rights->user->user->creer));
$caneditpassworduser = ((($user->id == $object->user_id) && $user->rights->user->self->password)
|| (($user->id != $object->user_id) && $user->rights->user->user->password));
}
}
// Define variables to determine what the current user can do on the members
$canaddmember = $user->rights->adherent->creer;
// Define variables to determine what the current user can do on the properties of a member
if ($id) {
$caneditfieldmember = $user->rights->adherent->creer;
}
// Security check
$result = restrictedArea($user, 'adherent', $object->id, '', '', 'socid', 'rowid', 0);
/*
* Actions
*/
@ -71,7 +97,7 @@ if ($id) {
print dol_get_fiche_head($head, 'note', $langs->trans("Member"), -1, 'user');
print "<form method=\"post\" action=\"".$_SERVER['PHP_SELF']."\">";
print '<form method="POST" action="'.$_SERVER['PHP_SELF'].'">';
print '<input type="hidden" name="token" value="'.newToken().'">';
$linkback = '<a href="'.DOL_URL_ROOT.'/adherents/list.php?restore_lastsearch_values=1">'.$langs->trans("BackToList").'</a>';

58
htdocs/adherents/subscription.php
View File

@ -42,7 +42,9 @@ $langs->loadLangs(array("companies", "bills", "members", "users", "mails", 'othe
$action = GETPOST('action', 'aZ09');
$confirm = GETPOST('confirm', 'alpha');
$rowid = GETPOST('rowid', 'int') ?GETPOST('rowid', 'int') : GETPOST('id', 'int');
$id = GETPOST('rowid', 'int') ?GETPOST('rowid', 'int') : GETPOST('id', 'int');
$rowid = $id;
$ref = GETPOST('ref', 'alphanohtml');
$typeid = GETPOST('typeid', 'int');
$cancel = GETPOST('cancel');
@ -66,10 +68,6 @@ if (!$sortorder) {
$sortorder = "DESC";
}
// Security check
$result = restrictedArea($user, 'adherent', $rowid, '', 'cotisation');
$object = new Adherent($db);
$extrafields = new ExtraFields($db);
$adht = new AdherentType($db);
@ -82,29 +80,6 @@ $errmsg = '';
$defaultdelay = 1;
$defaultdelayunit = 'y';
if ($rowid) {
// Load member
$result = $object->fetch($rowid);
// Define variables to know what current user can do on users
$canadduser = ($user->admin || $user->rights->user->user->creer);
// Define variables to know what current user can do on properties of user linked to edited member
if ($object->user_id) {
// $user is the user editing, $object->user_id is the user's id linked to the edited member
$caneditfielduser = ((($user->id == $object->user_id) && $user->rights->user->self->creer)
|| (($user->id != $object->user_id) && $user->rights->user->user->creer));
$caneditpassworduser = ((($user->id == $object->user_id) && $user->rights->user->self->password)
|| (($user->id != $object->user_id) && $user->rights->user->user->password));
}
}
// Define variables to know what current user can do on members
$canaddmember = $user->rights->adherent->creer;
// Define variables to know what current user can do on properties of a member
if ($rowid) {
$caneditfieldmember = $user->rights->adherent->creer;
}
// Initialize technical object to manage hooks of page. Note that conf->hooks_modules contains array of hook context
$hookmanager->initHooks(array('subscription'));
@ -117,6 +92,33 @@ $datefrom = 0;
$dateto = 0;
$paymentdate = -1;
// Fetch object
if ($id > 0 || !empty($ref)) {
// Load member
$result = $object->fetch($id, $ref);
// Define variables to know what current user can do on users
$canadduser = ($user->admin || $user->rights->user->user->creer);
// Define variables to know what current user can do on properties of user linked to edited member
if ($object->user_id) {
// $User is the user who edits, $object->user_id is the id of the related user in the edited member
$caneditfielduser = ((($user->id == $object->user_id) && $user->rights->user->self->creer)
|| (($user->id != $object->user_id) && $user->rights->user->user->creer));
$caneditpassworduser = ((($user->id == $object->user_id) && $user->rights->user->self->password)
|| (($user->id != $object->user_id) && $user->rights->user->user->password));
}
}
// Define variables to determine what the current user can do on the members
$canaddmember = $user->rights->adherent->creer;
// Define variables to determine what the current user can do on the properties of a member
if ($id) {
$caneditfieldmember = $user->rights->adherent->creer;
}
// Security check
$result = restrictedArea($user, 'adherent', $object->id, '', '', 'socid', 'rowid', 0);
/*
* Actions

99
htdocs/adherents/vcard.php
View File

@ -30,71 +30,100 @@ require_once DOL_DOCUMENT_ROOT.'/adherents/class/adherent.class.php';
require_once DOL_DOCUMENT_ROOT.'/societe/class/societe.class.php';
require_once DOL_DOCUMENT_ROOT.'/core/class/vcard.class.php';
$adherent = new adherent($db);
$id = GETPOST('id', 'int');
$ref = GETPOST('ref', 'alphanohtml');
$object = new adherent($db);
// Fetch object
if ($id > 0 || !empty($ref)) {
// Load member
$result = $object->fetch($id, $ref);
// Define variables to know what current user can do on users
$canadduser = ($user->admin || $user->rights->user->user->creer);
// Define variables to know what current user can do on properties of user linked to edited member
if ($object->user_id) {
// $User is the user who edits, $object->user_id is the id of the related user in the edited member
$caneditfielduser = ((($user->id == $object->user_id) && $user->rights->user->self->creer)
|| (($user->id != $object->user_id) && $user->rights->user->user->creer));
$caneditpassworduser = ((($user->id == $object->user_id) && $user->rights->user->self->password)
|| (($user->id != $object->user_id) && $user->rights->user->user->password));
}
}
// Define variables to determine what the current user can do on the members
$canaddmember = $user->rights->adherent->creer;
// Define variables to determine what the current user can do on the properties of a member
if ($id) {
$caneditfieldmember = $user->rights->adherent->creer;
}
// Security check
$result = restrictedArea($user, 'adherent', $id, '', '', 'socid', 'rowid', $objcanvas);
$result = restrictedArea($user, 'adherent', $object->id, '', '', 'socid', 'rowid', 0);
$result = $adherent->fetch($id);
if ($result <= 0) {
dol_print_error($adherent->error);
exit;
}
/*
* Actions
*/
$physicalperson = 1;
// None
/*
* View
*/
$company = new Societe($db);
if ($adherent->socid) {
$result = $company->fetch($adherent->socid);
if ($object->socid) {
$result = $company->fetch($object->socid);
}
// We create VCard
$v = new vCard();
$v->setProdId('Dolibarr '.DOL_VERSION);
$v->setUid('DOLIBARR-ADHERENTID-'.$adherent->id);
$v->setName($adherent->lastname, $adherent->firstname, "", $adherent->civility, "");
$v->setFormattedName($adherent->getFullName($langs, 1));
$v->setUid('DOLIBARR-ADHERENTID-'.$object->id);
$v->setName($object->lastname, $object->firstname, "", $object->civility, "");
$v->setFormattedName($object->getFullName($langs, 1));
$v->setPhoneNumber($adherent->phone_pro, "TYPE=WORK;VOICE");
//$v->setPhoneNumber($adherent->phone_perso,"TYPE=HOME;VOICE");
$v->setPhoneNumber($adherent->phone_mobile, "TYPE=CELL;VOICE");
$v->setPhoneNumber($adherent->fax, "TYPE=WORK;FAX");
$v->setPhoneNumber($object->phone_pro, "TYPE=WORK;VOICE");
//$v->setPhoneNumber($object->phone_perso,"TYPE=HOME;VOICE");
$v->setPhoneNumber($object->phone_mobile, "TYPE=CELL;VOICE");
$v->setPhoneNumber($object->fax, "TYPE=WORK;FAX");
$country = $adherent->country_code ? $adherent->country : '';
$country = $object->country_code ? $object->country : '';
$v->setAddress("", "", $adherent->address, $adherent->town, $adherent->state, $adherent->zip, $country, "TYPE=WORK;POSTAL");
$v->setLabel("", "", $adherent->address, $adherent->town, $adherent->state, $adherent->zip, $country, "TYPE=WORK");
$v->setAddress("", "", $object->address, $object->town, $object->state, $object->zip, $country, "TYPE=WORK;POSTAL");
$v->setLabel("", "", $object->address, $object->town, $object->state, $object->zip, $country, "TYPE=WORK");
$v->setEmail($adherent->email);
$v->setNote($adherent->note_public);
$v->setTitle($adherent->poste);
$v->setEmail($object->email);
$v->setNote($object->note_public);
$v->setTitle($object->poste);
// Data from linked company
if ($company->id) {
$v->setURL($company->url, "TYPE=WORK");
if (!$adherent->phone_pro) {
if (!$object->phone_pro) {
$v->setPhoneNumber($company->phone, "TYPE=WORK;VOICE");
}
if (!$adherent->fax) {
if (!$object->fax) {
$v->setPhoneNumber($company->fax, "TYPE=WORK;FAX");
}
if (!$adherent->zip) {
if (!$object->zip) {
$v->setAddress("", "", $company->address, $company->town, $company->state, $company->zip, $company->country, "TYPE=WORK;POSTAL");
}
// when company e-mail is empty, use only adherent e-mail
if (empty(trim($company->email))) {
// was set before, don't set twice
} elseif (empty(trim($adherent->email))) {
} elseif (empty(trim($object->email))) {
// when adherent e-mail is empty, use only company e-mail
$v->setEmail($company->email);
} elseif (strtolower(end(explode("@", $adherent->email))) == strtolower(end(explode("@", $company->email)))) {
} elseif (strtolower(end(explode("@", $object->email))) == strtolower(end(explode("@", $company->email)))) {
// when e-mail domain of adherent and company are the same, use adherent e-mail at first (and company e-mail at second)
$v->setEmail($adherent->email);
$v->setEmail($object->email);
// support by Microsoft Outlook (2019 and possible earlier)
$v->setEmail($company->email, 'INTERNET');
@ -103,7 +132,7 @@ if ($company->id) {
$v->setEmail($company->email);
// support by Microsoft Outlook (2019 and possible earlier)
$v->setEmail($adherent->email, 'INTERNET');
$v->setEmail($object->email, 'INTERNET');
}
// Si adherent lie a un tiers non de type "particulier"
@ -113,9 +142,9 @@ if ($company->id) {
}
// Personal informations
$v->setPhoneNumber($adherent->phone_perso, "TYPE=HOME;VOICE");
if ($adherent->birth) {
$v->setBirthday($adherent->birth);
$v->setPhoneNumber($object->phone_perso, "TYPE=HOME;VOICE");
if ($object->birth) {
$v->setBirthday($object->birth);
}
$db->close();

4
htdocs/admin/dict.php
View File

@ -1915,10 +1915,10 @@ if ($id) {
$showfield = 0;
} elseif ($fieldlist[$field] == 'unicode') {
$valuetoshow = $langs->getCurrencySymbol($obj->code, 1);
} elseif ($fieldlist[$field] == 'label' && $tabname[$_GET["id"]] == MAIN_DB_PREFIX.'c_units') {
} elseif ($fieldlist[$field] == 'label' && $tabname[GETPOST("id", 'int')] == MAIN_DB_PREFIX.'c_units') {
$langs->load("products");
$valuetoshow = $langs->trans($obj->{$fieldlist[$field]});
} elseif ($fieldlist[$field] == 'short_label' && $tabname[$_GET["id"]] == MAIN_DB_PREFIX.'c_units') {
} elseif ($fieldlist[$field] == 'short_label' && $tabname[GETPOST("id", 'int')] == MAIN_DB_PREFIX.'c_units') {
$langs->load("products");
$valuetoshow = $langs->trans($obj->{$fieldlist[$field]});
} elseif (($fieldlist[$field] == 'unit') && ($tabname[$id] == MAIN_DB_PREFIX.'c_paper_format')) {

8
htdocs/admin/menus/index.php
View File

@ -111,13 +111,13 @@ if ($action == 'up') {
}
$sql = "UPDATE ".MAIN_DB_PREFIX."menu as m";
$sql .= " SET m.position = ".$previous['order'];
$sql .= " WHERE m.rowid = ".$current['rowid']; // Up the selected entry
$sql .= " SET m.position = ".((int) $previous['order']);
$sql .= " WHERE m.rowid = ".((int) $current['rowid']); // Up the selected entry
dol_syslog("admin/menus/index.php ".$sql);
$db->query($sql);
$sql = "UPDATE ".MAIN_DB_PREFIX."menu as m";
$sql .= " SET m.position = ".($current['order'] != $previous['order'] ? $current['order'] : $current['order'] + 1);
$sql .= " WHERE m.rowid = ".$previous['rowid']; // Descend celui du dessus
$sql .= " SET m.position = ".((int) ($current['order'] != $previous['order'] ? $current['order'] : $current['order'] + 1));
$sql .= " WHERE m.rowid = ".((int) $previous['rowid']); // Descend celui du dessus
dol_syslog("admin/menus/index.php ".$sql);
$db->query($sql);
} elseif ($action == 'down') {

4
htdocs/admin/perms.php
View File

@ -159,8 +159,8 @@ if ($result) {
// TODO Define familyposition
$family = (!empty($modules[$obj->module]->family_position) ? $modules[$obj->module]->family_position : '');
$familyposition = 0;
$sqlupdate = 'UPDATE '.MAIN_DB_PREFIX."rights_def SET module_position = ".$modules[$obj->module]->module_position.",";
$sqlupdate .= " family_position = ".$familyposition;
$sqlupdate = 'UPDATE '.MAIN_DB_PREFIX."rights_def SET module_position = ".((int) $modules[$obj->module]->module_position).",";
$sqlupdate .= " family_position = ".((int) $familyposition);
$sqlupdate .= " WHERE module_position = 0 AND module = '".$db->escape($obj->module)."'";
$db->query($sqlupdate);
}

15
htdocs/asterisk/wrapper.php
View File

@ -75,6 +75,7 @@ function llxFooter()
print "\n".'</html>'."\n";
}
require_once '../main.inc.php';
require_once DOL_DOCUMENT_ROOT.'/core/lib/functions.lib.php';
require_once DOL_DOCUMENT_ROOT.'/core/lib/functions2.lib.php';
@ -117,10 +118,10 @@ if (!isset($conf->global->ASTERISK_MAX_RETRY)) {
}
$login = GETPOST('login');
$password = GETPOST('password');
$caller = GETPOST('caller');
$called = GETPOST('called');
$login = GETPOST('login', 'alphanohtml');
$password = GETPOST('password', 'none');
$caller = GETPOST('caller', 'alphanohtml');
$called = GETPOST('called', 'alphanohtml');
// IP address of Asterisk server
$strHost = $conf->global->ASTERISK_HOST;
@ -163,7 +164,7 @@ if ($resql) {
if ($obj) {
$found = $obj->name;
} else {
$found = $notfound;
$found = 'Not found';
}
$db->free($resql);
} else {
@ -177,7 +178,7 @@ if (!empty($number)) {
if ($pos === false) {
$errno = 0;
$errstr = 0;
$strCallerId = "Dolibarr call $found <".strtolower($number).">";
$strCallerId = "Dolibarr caller $found <".strtolower($number).">";
$oSocket = @fsockopen($strHost, $port, $errno, $errstr, 10);
if (!$oSocket) {
print '<body>'."\n";
@ -211,7 +212,7 @@ if (!empty($number)) {
}
}
} else {
print 'Bad parameters in URL. Must be '.$_SERVER['PHP_SELF'].'?caller=99999&called=99999&login=xxxxx&password=xxxxx';
print 'Bad parameters in URL. Must be '.dol_escape_htmltag($_SERVER['PHP_SELF']).'?caller=99999&called=99999&login=xxxxx&password=xxxxx';
}
// End of page

4
htdocs/bom/bom_note.php
View File

@ -79,8 +79,8 @@ include DOL_DOCUMENT_ROOT.'/core/actions_setnotes.inc.php'; // Must be include,
$form = new Form($db);
//$help_url='EN:Customers_Orders|FR:Commandes_Clients|ES:Pedidos de clientes';
$help_url = '';
$help_url = 'EN:Module_BOM';
llxHeader('', $langs->trans('BillOfMaterials'), $help_url);
if ($id > 0 || !empty($ref)) {

1
htdocs/bom/tpl/index.html Normal file
View File

@ -0,0 +1 @@

2
htdocs/cashdesk/affContenu.php
View File

@ -26,7 +26,7 @@
require_once 'class/Facturation.class.php';
// Si nouvelle vente, reinitialisation des donnees (destruction de l'objet et vidage de la table contenant la liste des articles)
if ($_GET['id'] == 'NOUV') {
if (GETPOST('id', 'int') == 'NOUV') {
unset($_SESSION['serObjFacturation']);
unset($_SESSION['poscart']);
}

2
htdocs/categories/class/categorie.class.php
View File

@ -604,7 +604,7 @@ class Categorie extends CommonObject
/* FIX #1317 : Check for child category and move up 1 level*/
if (!$error) {
$sql = "UPDATE ".MAIN_DB_PREFIX."categorie";
$sql .= " SET fk_parent = ".$this->fk_parent;
$sql .= " SET fk_parent = ".((int) $this->fk_parent);
$sql .= " WHERE fk_parent = ".$this->id;
if (!$this->db->query($sql)) {

11
htdocs/comm/action/card.php
View File

@ -80,16 +80,12 @@ $id = GETPOST('id', 'int');
if ($user->socid) {
$socid = $user->socid;
}
$result = restrictedArea($user, 'agenda', $id, 'actioncomm&societe', 'myactions|allactions', 'fk_soc', 'id');
if ($user->socid && $socid) {
$result = restrictedArea($user, 'societe', $socid);
}
$error = GETPOST("error");
$donotclearsession = GETPOST('donotclearsession') ?GETPOST('donotclearsession') : 0;
$cactioncomm = new CActionComm($db);
$object = new ActionComm($db);
$cactioncomm = new CActionComm($db);
$contact = new Contact($db);
$extrafields = new ExtraFields($db);
$formfile = new FormFile($db);
@ -132,6 +128,11 @@ if (!empty($conf->global->AGENDA_REMINDER_EMAIL)) {
$TDurationTypes = array('y'=>$langs->trans('Years'), 'm'=>$langs->trans('Month'), 'w'=>$langs->trans('Weeks'), 'd'=>$langs->trans('Days'), 'h'=>$langs->trans('Hours'), 'i'=>$langs->trans('Minutes'));
$result = restrictedArea($user, 'agenda', $object->id, 'actioncomm&societe', 'myactions|allactions', 'fk_soc', 'id');
if ($user->socid && $socid) {
$result = restrictedArea($user, 'societe', $socid);
}
/*
* Actions

8
htdocs/comm/action/document.php
View File

@ -54,7 +54,6 @@ if ($user->socid > 0) {
unset($_GET["action"]);
$action = '';
}
$result = restrictedArea($user, 'agenda', $id, 'actioncomm&societe', 'myactions|allactions', 'fk_soc', 'id');
$object = new ActionComm($db);
@ -84,10 +83,16 @@ if (!$sortfield) {
$upload_dir = $conf->agenda->dir_output.'/'.dol_sanitizeFileName($object->ref);
$modulepart = 'actions';
$result = restrictedArea($user, 'agenda', $id, 'actioncomm&societe', 'myactions|allactions', 'fk_soc', 'id');
if ($user->socid && $socid) {
$result = restrictedArea($user, 'societe', $socid);
}
/*
* Actions
*/
include DOL_DOCUMENT_ROOT.'/core/actions_linkedfiles.inc.php';
@ -98,6 +103,7 @@ include DOL_DOCUMENT_ROOT.'/core/actions_linkedfiles.inc.php';
$form = new Form($db);
$help_url = 'EN:Module_Agenda_En|FR:Module_Agenda|ES:M&omodulodulo_Agenda';
llxHeader('', $langs->trans("Agenda"), $help_url);

6
htdocs/comm/action/index.php
View File

@ -79,7 +79,6 @@ $socid = GETPOST("search_socid", "int") ?GETPOST("search_socid", "int") : GETPOS
if ($user->socid) {
$socid = $user->socid;
}
$result = restrictedArea($user, 'agenda', 0, '', 'myactions');
if ($socid < 0) {
$socid = '';
}
@ -155,6 +154,11 @@ $langs->loadLangs(array('agenda', 'other', 'commercial'));
// Initialize technical object to manage hooks of page. Note that conf->hooks_modules contains array of hook context
$hookmanager->initHooks(array('agenda'));
$result = restrictedArea($user, 'agenda', 0, 'actioncomm&societe', 'myactions|allactions', 'fk_soc', 'id');
if ($user->socid && $socid) {
$result = restrictedArea($user, 'societe', $socid);
}
/*
* Actions

3
htdocs/comm/action/info.php
View File

@ -45,6 +45,9 @@ if ($user->socid > 0) {
}
$result = restrictedArea($user, 'agenda', $id, 'actioncomm&societe', 'myactions|allactions', 'fk_soc', 'id');
if ($user->socid && $socid) {
$result = restrictedArea($user, 'societe', $socid);
}
/*

7
htdocs/comm/action/list.php
View File

@ -128,7 +128,6 @@ $socid = GETPOST("search_socid", 'int') ?GETPOST("search_socid", 'int') : GETPOS
if ($user->socid) {
$socid = $user->socid;
}
$result = restrictedArea($user, 'agenda', 0, '', 'myactions');
if ($socid < 0) {
$socid = '';
}
@ -165,7 +164,11 @@ include DOL_DOCUMENT_ROOT.'/core/tpl/extrafields_list_array_fields.tpl.php';
$object->fields = dol_sort_array($object->fields, 'position');
$arrayfields = dol_sort_array($arrayfields, 'position');
//var_dump($_POST);exit;
$result = restrictedArea($user, 'agenda', 0, '', 'myactions');
if ($user->socid && $socid) {
$result = restrictedArea($user, 'societe', $socid);
}
/*
* Actions

6
htdocs/comm/action/pertype.php
View File

@ -75,7 +75,6 @@ $socid = GETPOST("search_socid", "int") ?GETPOST("search_socid", "int") : GETPOS
if ($user->socid) {
$socid = $user->socid;
}
$result = restrictedArea($user, 'agenda', 0, '', 'myactions');
if ($socid < 0) {
$socid = '';
}
@ -170,6 +169,11 @@ $langs->loadLangs(array('users', 'agenda', 'other', 'commercial'));
// Initialize technical object to manage hooks of page. Note that conf->hooks_modules contains array of hook context
$hookmanager->initHooks(array('agenda'));
$result = restrictedArea($user, 'agenda', 0, '', 'myactions');
if ($user->socid && $socid) {
$result = restrictedArea($user, 'societe', $socid);
}
/*
* Actions

7
htdocs/comm/action/peruser.php
View File

@ -71,12 +71,10 @@ if (!$sortfield) {
$sortfield = "a.datec";
}
// Security check
$socid = GETPOST("search_socid", "int") ?GETPOST("search_socid", "int") : GETPOST("socid", "int");
if ($user->socid) {
$socid = $user->socid;
}
$result = restrictedArea($user, 'agenda', 0, '', 'myactions');
if ($socid < 0) {
$socid = '';
}
@ -177,6 +175,11 @@ $langs->loadLangs(array('users', 'agenda', 'other', 'commercial'));
// Initialize technical object to manage hooks of page. Note that conf->hooks_modules contains array of hook context
$hookmanager->initHooks(array('agenda'));
$result = restrictedArea($user, 'agenda', 0, '', 'myactions');
if ($user->socid && $socid) {
$result = restrictedArea($user, 'societe', $socid);
}
/*
* Actions

5
htdocs/comm/action/rapport/index.php
View File

@ -59,7 +59,10 @@ $socid = GETPOST('socid', 'int');
if ($user->socid) {
$socid = $user->socid;
}
$result = restrictedArea($user, 'agenda', $socid, '', 'myactions');
$result = restrictedArea($user, 'agenda', 0, '', 'myactions');
if ($user->socid && $socid) {
$result = restrictedArea($user, 'societe', $socid);
}
/*

5
htdocs/comm/admin/propaldet_extrafields.php
View File

@ -31,11 +31,6 @@ require '../../main.inc.php';
require_once DOL_DOCUMENT_ROOT.'/core/lib/propal.lib.php';
require_once DOL_DOCUMENT_ROOT.'/core/class/extrafields.class.php';
if (!$user->admin) {
accessforbidden();
}
// Load translation files required by the page
$langs->loadlangs(array('admin', 'other', 'propal'));

29
htdocs/comm/card.php
View File

@ -88,15 +88,10 @@ if (!empty($conf->notification->enabled)) {
$langs->load("mails");
}
// Security check
$id = (GETPOST('socid', 'int') ? GETPOST('socid', 'int') : GETPOST('id', 'int'));
if ($user->socid > 0) {
$id = $user->socid;
}
$result = restrictedArea($user, 'societe', $id, '&societe');
$action = GETPOST('action', 'aZ09');
$id = (GETPOST('socid', 'int') ? GETPOST('socid', 'int') : GETPOST('id', 'int'));
$limit = GETPOST('limit', 'int') ? GETPOST('limit', 'int') : $conf->liste_limit;
$sortfield = GETPOST("sortfield", 'alpha');
$sortorder = GETPOST("sortorder", 'alpha');
@ -124,15 +119,6 @@ $extrafields->fetch_name_optionals_label($object->table_element);
// Initialize technical object to manage hooks of page. Note that conf->hooks_modules contains array of hook context
$hookmanager->initHooks(array('thirdpartycomm', 'globalcard'));
// Security check
$result = restrictedArea($user, 'societe', $id, '&societe', '', 'fk_soc', 'rowid', 0);
if ($object->id > 0) {
if (!($object->client > 0) || empty($user->rights->societe->lire)) {
accessforbidden();
}
}
$now = dol_now();
if ($id > 0 && empty($object->id)) {
@ -142,6 +128,17 @@ if ($id > 0 && empty($object->id)) {
dol_print_error($db, $object->error, $object->errors);
}
}
if ($object->id > 0) {
if (!($object->client > 0) || empty($user->rights->societe->lire)) {
accessforbidden();
}
}
// Security check
if ($user->socid > 0) {
$id = $user->socid;
}
$result = restrictedArea($user, 'societe', $object->id, '&societe', '', 'fk_soc', 'rowid', 0);
/*

1
htdocs/comm/contact.php
View File

@ -54,6 +54,7 @@ $begin = GETPOST('begin', 'alpha');
// Security check
$socid = GETPOST('socid', 'int');
if ($user->socid) {
$action = '';
$socid = $user->socid;
}
$result = restrictedArea($user, 'societe', $socid, '');

15
htdocs/comm/index.php
View File

@ -29,10 +29,6 @@
require '../main.inc.php';
if (!$user->rights->societe->lire) {
accessforbidden();
}
require_once DOL_DOCUMENT_ROOT.'/core/class/html.formfile.class.php';
require_once DOL_DOCUMENT_ROOT.'/core/lib/agenda.lib.php';
require_once DOL_DOCUMENT_ROOT.'/comm/action/class/actioncomm.class.php';
@ -63,10 +59,21 @@ if (isset($user->socid) && $user->socid > 0) {
$max = $conf->global->MAIN_SIZE_SHORTLIST_LIMIT;
$now = dol_now();
// Security check
$socid = GETPOST("socid", 'int');
if ($user->socid > 0) {
$action = '';
$id = $user->socid;
}
restrictedArea($user, 'societe', $id, '&societe', '', 'fk_soc', 'rowid', 0);
/*
* Actions
*/
// None
/*
* View

11
htdocs/comm/mailing/advtargetemailing.php
View File

@ -42,11 +42,6 @@ if (!empty($conf->categorie->enabled)) {
$langs->load("categories");
}
// Security check
if (!$user->rights->mailing->lire || $user->socid > 0) {
accessforbidden();
}
// Load variable for pagination
$limit = GETPOST('limit', 'int') ?GETPOST('limit', 'int') : $conf->liste_limit;
$sortfield = GETPOST('sortfield', 'aZ09comma');
@ -99,6 +94,12 @@ if ($result < 0) {
}
}
// Security check
if (!$user->rights->mailing->lire || (empty($conf->global->EXTERNAL_USERS_ARE_AUTHORIZED) && $user->socid > 0)) {
accessforbidden();
}
//$result = restrictedArea($user, 'mailing');
/*
* Actions

8
htdocs/comm/mailing/card.php
View File

@ -40,10 +40,6 @@ require_once DOL_DOCUMENT_ROOT.'/core/class/extrafields.class.php';
// Load translation files required by the page
$langs->load("mails");
if (!$user->rights->mailing->lire || (empty($conf->global->EXTERNAL_USERS_ARE_AUTHORIZED) && $user->socid > 0)) {
accessforbidden();
}
$id = (GETPOST('mailid', 'int') ? GETPOST('mailid', 'int') : GETPOST('id', 'int'));
$action = GETPOST('action', 'aZ09');
$cancel = GETPOST('cancel');
@ -80,6 +76,10 @@ $listofmethods = array();
$listofmethods['mail'] = 'PHP mail function';
$listofmethods['smtps'] = 'SMTP/SMTPS socket library';
// Security check
if (!$user->rights->mailing->lire || (empty($conf->global->EXTERNAL_USERS_ARE_AUTHORIZED) && $user->socid > 0)) {
accessforbidden();
}
/*

13
htdocs/comm/mailing/cibles.php
View File

@ -35,12 +35,6 @@ require_once DOL_DOCUMENT_ROOT.'/core/lib/functions2.lib.php';
// Load translation files required by the page
$langs->load("mails");
// Security check
if (!$user->rights->mailing->lire || $user->socid > 0) {
accessforbidden();
}
// Load variable for pagination
$limit = GETPOST('limit', 'int') ?GETPOST('limit', 'int') : $conf->liste_limit;
$sortfield = GETPOST('sortfield', 'aZ09comma');
@ -75,6 +69,13 @@ $object = new Mailing($db);
$result = $object->fetch($id);
// Security check
if (!$user->rights->mailing->lire || (empty($conf->global->EXTERNAL_USERS_ARE_AUTHORIZED) && $user->socid > 0)) {
accessforbidden();
}
//$result = restrictedArea($user, 'mailing');
/*
* Actions
*/

3
htdocs/comm/mailing/info.php
View File

@ -33,9 +33,10 @@ $id = GETPOST('id', 'int');
$langs->load("mails");
// Security check
if (!$user->rights->mailing->lire || $user->socid > 0) {
if (!$user->rights->mailing->lire || (empty($conf->global->EXTERNAL_USERS_ARE_AUTHORIZED) && $user->socid > 0)) {
accessforbidden();
}
//$result = restrictedArea($user, 'mailing');

8
htdocs/comm/mailing/list.php
View File

@ -28,9 +28,6 @@ require_once DOL_DOCUMENT_ROOT.'/comm/mailing/class/mailing.class.php';
// Load translation files required by the page
$langs->load("mails");
// Security check
$result = restrictedArea($user, 'mailing');
$sortfield = GETPOST("sortfield", 'alpha');
$sortorder = GETPOST("sortorder", 'alpha');
$limit = GETPOST('limit', 'int') ?GETPOST('limit', 'int') : $conf->liste_limit;
@ -69,6 +66,11 @@ $fieldstosearchall = array(
'm.titre'=>'Ref',
);
// Security check
if (!$user->rights->mailing->lire || (empty($conf->global->EXTERNAL_USERS_ARE_AUTHORIZED) && $user->socid > 0)) {
accessforbidden();
}
//$result = restrictedArea($user, 'mailing');

8
htdocs/comm/multiprix.php
View File

@ -40,6 +40,14 @@ if ($user->socid > 0) {
$_socid = $user->socid;
}
// Security check
$socid = GETPOST("socid", 'int');
if ($user->socid > 0) {
$action = '';
$id = $user->socid;
}
$result = restrictedArea($user, 'societe', $id, '&societe', '', 'fk_soc', 'rowid', 0);
/*
* Actions

20
htdocs/comm/propal/card.php
View File

@ -89,12 +89,6 @@ $hideref = (GETPOST('hideref', 'int') ? GETPOST('hideref', 'int') : (!empty($con
// Nombre de ligne pour choix de produit/service predefinis
$NBLINES = 4;
// Security check
if (!empty($user->socid)) {
$socid = $user->socid;
}
$result = restrictedArea($user, 'propal', $id);
$object = new Propal($db);
$extrafields = new ExtraFields($db);
@ -134,6 +128,14 @@ $permissionnote = $usercancreate; // Used by the include of actions_setnotes.inc
$permissiondellink = $usercancreate; // Used by the include of actions_dellink.inc.php
$permissiontoedit = $usercancreate; // Used by the include of actions_lineupdown.inc.php
// Security check
if (!empty($user->socid)) {
$socid = $user->socid;
$object->id = $user->socid;
}
restrictedArea($user, 'propal', $object->id);
/*
* Actions
*/
@ -1324,9 +1326,9 @@ if (empty($reshook)) {
// Terms of payment
$result = $object->setPaymentTerms(GETPOST('cond_reglement_id', 'int'));
} elseif ($action == 'setremisepercent' && $usercancreate) {
$result = $object->set_remise_percent($user, $_POST['remise_percent']);
$result = $object->set_remise_percent($user, price2num(GETPOST('remise_percent')));
} elseif ($action == 'setremiseabsolue' && $usercancreate) {
$result = $object->set_remise_absolue($user, $_POST['remise_absolue']);
$result = $object->set_remise_absolue($user, price2num(GETPOST('remise_absolue')));
} elseif ($action == 'setmode' && $usercancreate) {
// Payment choice
$result = $object->setPaymentMethods(GETPOST('mode_reglement_id', 'int'));
@ -1387,7 +1389,7 @@ if (empty($reshook)) {
} elseif ($action == 'swapstatut') {
// Toggle the status of a contact
if ($object->fetch($id) > 0) {
$result = $object->swapContactStatus(GETPOST('ligne'));
$result = $object->swapContactStatus(GETPOST('ligne', 'int'));
} else {
dol_print_error($db);
}

34
htdocs/comm/propal/class/propal.class.php
View File

@ -1242,7 +1242,7 @@ class Propal extends CommonObject
/*if (! $error && $this->fk_delivery_address)
{
$sql = "UPDATE ".MAIN_DB_PREFIX."propal";
$sql.= " SET fk_delivery_address = ".$this->fk_delivery_address;
$sql.= " SET fk_delivery_address = ".((int) $this->fk_delivery_address);
$sql.= " WHERE ref = '".$this->db->escape($this->ref)."'";
$sql.= " AND entity = ".setEntity($this);
@ -2213,7 +2213,7 @@ class Propal extends CommonObject
$this->db->begin();
$sql = "UPDATE ".MAIN_DB_PREFIX."propal ";
$sql .= " SET fk_input_reason = ".$id;
$sql .= " SET fk_input_reason = ".((int) $id);
$sql .= " WHERE rowid = ".$this->id;
dol_syslog(__METHOD__, LOG_DEBUG);
@ -2332,13 +2332,13 @@ class Propal extends CommonObject
$remise = trim($remise) ?trim($remise) : 0;
if (!empty($user->rights->propal->creer)) {
$remise = price2num($remise);
$remise = price2num($remise, 2);
$error = 0;
$this->db->begin();
$sql = "UPDATE ".MAIN_DB_PREFIX."propal SET remise_percent = ".$remise;
$sql = "UPDATE ".MAIN_DB_PREFIX."propal SET remise_percent = ".((float) $remise);
$sql .= " WHERE rowid = ".$this->id." AND fk_statut = ".self::STATUS_DRAFT;
dol_syslog(__METHOD__, LOG_DEBUG);
@ -2390,17 +2390,18 @@ class Propal extends CommonObject
public function set_remise_absolue($user, $remise, $notrigger = 0)
{
// phpcs:enable
$remise = trim($remise) ?trim($remise) : 0;
if (empty($remise)) {
$remise = 0;
}
$remise = price2num($remise);
if (!empty($user->rights->propal->creer)) {
$remise = price2num($remise);
$error = 0;
$this->db->begin();
$sql = "UPDATE ".MAIN_DB_PREFIX."propal ";
$sql .= " SET remise_absolue = ".$remise;
$sql = "UPDATE ".MAIN_DB_PREFIX."propal";
$sql .= " SET remise_absolue = ".((float) $remise);
$sql .= " WHERE rowid = ".$this->id." AND fk_statut = ".self::STATUS_DRAFT;
dol_syslog(__METHOD__, LOG_DEBUG);
@ -2445,19 +2446,17 @@ class Propal extends CommonObject
* Reopen the commercial proposal
*
* @param User $user Object user that close
* @param int $statut Statut
* @param int $status Status
* @param string $note Comment
* @param int $notrigger 1=Does not execute triggers, 0= execute triggers
* @return int <0 if KO, >0 if OK
*/
public function reopen($user, $statut, $note = '', $notrigger = 0)
public function reopen($user, $status, $note = '', $notrigger = 0)
{
$this->statut = $statut;
$error = 0;
$sql = "UPDATE ".MAIN_DB_PREFIX."propal";
$sql .= " SET fk_statut = ".$this->statut.",";
$sql .= " SET fk_statut = ".$status.",";
if (!empty($note)) {
$sql .= " note_private = '".$this->db->escape($note)."',";
}
@ -2494,6 +2493,9 @@ class Propal extends CommonObject
$this->db->rollback();
return -1 * $error;
} else {
$this->statut = $status;
$this->status = $status;
$this->db->commit();
return 1;
}
@ -2612,7 +2614,7 @@ class Propal extends CommonObject
$newprivatenote = dol_concatdesc($this->note_private, $note);
$sql = "UPDATE ".MAIN_DB_PREFIX."propal";
$sql .= " SET fk_statut = ".$status.", note_private = '".$this->db->escape($newprivatenote)."', date_cloture='".$this->db->idate($now)."', fk_user_cloture=".$user->id;
$sql .= " SET fk_statut = ".((int) $status).", note_private = '".$this->db->escape($newprivatenote)."', date_cloture='".$this->db->idate($now)."', fk_user_cloture=".$user->id;
$sql .= " WHERE rowid = ".$this->id;
$resql = $this->db->query($sql);
@ -3951,7 +3953,7 @@ class PropaleLigne extends CommonObjectLine
$sql .= ' pd.date_start, pd.date_end, pd.product_type';
$sql .= ' FROM '.MAIN_DB_PREFIX.'propaldet as pd';
$sql .= ' LEFT JOIN '.MAIN_DB_PREFIX.'product as p ON pd.fk_product = p.rowid';
$sql .= ' WHERE pd.rowid = '.$rowid;
$sql .= ' WHERE pd.rowid = '.((int) $rowid);
$result = $this->db->query($sql);
if ($result) {

15
htdocs/comm/propal/contact.php
View File

@ -40,12 +40,6 @@ $ref = GETPOST('ref', 'alpha');
$lineid = GETPOST('lineid', 'int');
$action = GETPOST('action', 'aZ09');
// Security check
if ($user->socid) {
$socid = $user->socid;
}
$result = restrictedArea($user, 'propal', $id);
$object = new Propal($db);
// Load object
@ -67,6 +61,13 @@ if (!$error) {
exit;
}
// Security check
if (!empty($user->socid)) {
$socid = $user->socid;
$object->id = $user->socid;
}
restrictedArea($user, 'propal', $object->id);
/*
* Add a new contact
@ -93,7 +94,7 @@ if ($action == 'addcontact' && $user->rights->propale->creer) {
} elseif ($action == 'swapstatut' && $user->rights->propale->creer) {
// Toggle the status of a contact
if ($object->id > 0) {
$result = $object->swapContactStatus(GETPOST('ligne'));
$result = $object->swapContactStatus(GETPOST('ligne', 'int'));
}
} elseif ($action == 'deletecontact' && $user->rights->propale->creer) {
// Deletes a contact

7
htdocs/comm/propal/document.php
View File

@ -80,6 +80,13 @@ if (!$sortfield) {
$object = new Propal($db);
$object->fetch($id, $ref);
// Security check
if (!empty($user->socid)) {
$socid = $user->socid;
$object->id = $user->socid;
}
restrictedArea($user, 'propal', $object->id);
/*
* Actions

19
htdocs/comm/propal/index.php
View File

@ -26,15 +26,6 @@
*/
require '../../main.inc.php';
// Security check
$socid = GETPOST('socid', 'int');
if (isset($user->socid) && $user->socid > 0) {
$action = '';
$socid = $user->socid;
}
restrictedArea($user, 'propal');
require_once DOL_DOCUMENT_ROOT.'/core/class/html.formfile.class.php';
require_once DOL_DOCUMENT_ROOT.'/comm/propal/class/propal.class.php';
@ -48,9 +39,19 @@ $langs->loadLangs(array('propal', 'companies'));
$now = dol_now();
$max = 5;
// Security check
$socid = GETPOST('socid', 'int');
if (isset($user->socid) && $user->socid > 0) {
$action = '';
$socid = $user->socid;
}
restrictedArea($user, 'propal');
/*
* View
*/
$propalstatic = new Propal($db);
$companystatic = new Societe($db);
$form = new Form($db);

12
htdocs/comm/propal/info.php
View File

@ -39,18 +39,18 @@ $id = GETPOST('id', 'int');
$ref = GETPOST('ref', 'alpha');
$socid = GETPOST('socid', 'int');
// Security check
if (!empty($user->socid)) {
$socid = $user->socid;
}
$result = restrictedArea($user, 'propal', $id);
$object = new Propal($db);
if (!$object->fetch($id, $ref) > 0) {
dol_print_error($db);
exit;
}
// Security check
if (!empty($user->socid)) {
$socid = $user->socid;
$object->id = $user->socid;
}
restrictedArea($user, 'propal', $object->id);
/*

16
htdocs/comm/propal/list.php
View File

@ -843,31 +843,31 @@ if ($resql) {
if ($user->rights->societe->client->voir || $socid) {
$langs->load("commercial");
$moreforfilter .= '<div class="divsearchfield">';
$moreforfilter .= $langs->trans('ThirdPartiesOfSaleRepresentative').': ';
$moreforfilter .= $formother->select_salesrepresentatives($search_sale, 'search_sale', $user, 0, 1, 'maxwidth200');
$tmptitle = $langs->trans('ThirdPartiesOfSaleRepresentative');
$moreforfilter .= img_picto($tmptitle, 'user', 'class="pictofixedwidth"').$formother->select_salesrepresentatives($search_sale, 'search_sale', $user, 0, $tmptitle, 'maxwidth250');
$moreforfilter .= '</div>';
}
// If the user can view prospects other than his'
if ($user->rights->societe->client->voir || $socid) {
$moreforfilter .= '<div class="divsearchfield">';
$moreforfilter .= $langs->trans('LinkedToSpecificUsers').': ';
$moreforfilter .= $form->select_dolusers($search_user, 'search_user', 1, '', 0, '', '', 0, 0, 0, '', 0, '', 'maxwidth200');
$tmptitle = $langs->trans('LinkedToSpecificUsers');
$moreforfilter .= img_picto($tmptitle, 'user', 'class="pictofixedwidth"').$form->select_dolusers($search_user, 'search_user', $tmptitle, '', 0, '', '', 0, 0, 0, '', 0, '', 'maxwidth250');
$moreforfilter .= '</div>';
}
// If the user can view products
if (!empty($conf->categorie->enabled) && $user->rights->categorie->lire && ($user->rights->produit->lire || $user->rights->service->lire)) {
include_once DOL_DOCUMENT_ROOT.'/categories/class/categorie.class.php';
$moreforfilter .= '<div class="divsearchfield">';
$moreforfilter .= $langs->trans('IncludingProductWithTag').': ';
$tmptitle = $langs->trans('IncludingProductWithTag');
$cate_arbo = $form->select_all_categories(Categorie::TYPE_PRODUCT, null, 'parent', null, null, 1);
$moreforfilter .= $form->selectarray('search_product_category', $cate_arbo, $search_product_category, 1, 0, 0, '', 0, 0, 0, 0, 'maxwidth300', 1);
$moreforfilter .= img_picto($tmptitle, 'category', 'class="pictofixedwidth"').$form->selectarray('search_product_category', $cate_arbo, $search_product_category, $tmptitle, 0, 0, '', 0, 0, 0, 0, 'maxwidth300', 1);
$moreforfilter .= '</div>';
}
if (!empty($conf->categorie->enabled) && $user->rights->categorie->lire) {
require_once DOL_DOCUMENT_ROOT.'/categories/class/categorie.class.php';
$moreforfilter .= '<div class="divsearchfield">';
$moreforfilter .= $langs->trans('CustomersProspectsCategoriesShort').': ';
$moreforfilter .= $formother->select_categories('customer', $search_categ_cus, 'search_categ_cus', 1);
$tmptitle = $langs->trans('CustomersProspectsCategoriesShort');
$moreforfilter .= img_picto($tmptitle, 'category', 'class="pictofixedwidth"').$formother->select_categories('customer', $search_categ_cus, 'search_categ_cus', 1, $tmptitle);
$moreforfilter .= '</div>';
}
$parameters = array();

140
htdocs/comm/propal/note.php
View File

@ -40,13 +40,19 @@ $id = GETPOST('id', 'int');
$ref = GETPOST('ref', 'alpha');
$action = GETPOST('action', 'aZ09');
// Security check
if ($user->socid) {
$socid = $user->socid;
}
$result = restrictedArea($user, 'propale', $id, 'propal');
$now = dol_now();
$object = new Propal($db);
if ($id > 0 || !empty($ref)) {
$object->fetch($id, $ref);
}
// Security check
if ($user->socid > 0) {
$socid = $user->socid;
$object->id = $user->socid;
}
restrictedArea($user, 'propal', $object->id, 'propal');
/*
@ -63,86 +69,78 @@ include DOL_DOCUMENT_ROOT.'/core/actions_setnotes.inc.php'; // Must be include,
* View
*/
$form = new Form($db);
$help_url = 'EN:Commercial_Proposals|FR:Proposition_commerciale|ES:Presupuestos';
llxHeader('', $langs->trans('Proposal'), $help_url);
$form = new Form($db);
if ($object->id > 0) {
if ($object->fetch_thirdparty() > 0) {
$head = propal_prepare_head($object);
print dol_get_fiche_head($head, 'note', $langs->trans('Proposal'), -1, 'propal');
if ($id > 0 || !empty($ref)) {
if ($mesg) {
print $mesg;
}
$now = dol_now();
if ($object->fetch($id, $ref) > 0) {
if ($object->fetch_thirdparty() > 0) {
$head = propal_prepare_head($object);
print dol_get_fiche_head($head, 'note', $langs->trans('Proposal'), -1, 'propal');
$cssclass = 'titlefield';
//if ($action == 'editnote_public') $cssclass='titlefieldcreate';
//if ($action == 'editnote_private') $cssclass='titlefieldcreate';
$cssclass = 'titlefield';
//if ($action == 'editnote_public') $cssclass='titlefieldcreate';
//if ($action == 'editnote_private') $cssclass='titlefieldcreate';
// Proposal card
// Proposal card
$linkback = '<a href="'.DOL_URL_ROOT.'/comm/propal/list.php?restore_lastsearch_values=1'.(!empty($socid) ? '&socid='.$socid : '').'">'.$langs->trans("BackToList").'</a>';
$linkback = '<a href="'.DOL_URL_ROOT.'/comm/propal/list.php?restore_lastsearch_values=1'.(!empty($socid) ? '&socid='.$socid : '').'">'.$langs->trans("BackToList").'</a>';
$morehtmlref = '<div class="refidno">';
// Ref customer
$morehtmlref .= $form->editfieldkey("RefCustomer", 'ref_client', $object->ref_client, $object, 0, 'string', '', 0, 1);
$morehtmlref .= $form->editfieldval("RefCustomer", 'ref_client', $object->ref_client, $object, 0, 'string', '', null, null, '', 1);
// Thirdparty
$morehtmlref .= '<br>'.$langs->trans('ThirdParty').' : '.$object->thirdparty->getNomUrl(1);
// Project
if (!empty($conf->projet->enabled)) {
$langs->load("projects");
$morehtmlref .= '<br>'.$langs->trans('Project').' ';
if ($user->rights->propal->creer) {
if ($action != 'classify') {
//$morehtmlref.='<a class="editfielda" href="' . $_SERVER['PHP_SELF'] . '?action=classify&amp;id=' . $object->id . '">' . img_edit($langs->transnoentitiesnoconv('SetProject')) . '</a>';
$morehtmlref .= ' : ';
}
if ($action == 'classify') {
//$morehtmlref.=$form->form_project($_SERVER['PHP_SELF'] . '?id=' . $object->id, $object->socid, $object->fk_project, 'projectid', 0, 0, 1, 1);
$morehtmlref .= '<form method="post" action="'.$_SERVER['PHP_SELF'].'?id='.$object->id.'">';
$morehtmlref .= '<input type="hidden" name="action" value="classin">';
$morehtmlref .= '<input type="hidden" name="token" value="'.newToken().'">';
$morehtmlref .= $formproject->select_projects($object->socid, $object->fk_project, 'projectid', $maxlength, 0, 1, 0, 1, 0, 0, '', 1);
$morehtmlref .= '<input type="submit" class="button valignmiddle" value="'.$langs->trans("Modify").'">';
$morehtmlref .= '</form>';
} else {
$morehtmlref .= $form->form_project($_SERVER['PHP_SELF'].'?id='.$object->id, $object->socid, $object->fk_project, 'none', 0, 0, 0, 1);
}
$morehtmlref = '<div class="refidno">';
// Ref customer
$morehtmlref .= $form->editfieldkey("RefCustomer", 'ref_client', $object->ref_client, $object, 0, 'string', '', 0, 1);
$morehtmlref .= $form->editfieldval("RefCustomer", 'ref_client', $object->ref_client, $object, 0, 'string', '', null, null, '', 1);
// Thirdparty
$morehtmlref .= '<br>'.$langs->trans('ThirdParty').' : '.$object->thirdparty->getNomUrl(1);
// Project
if (!empty($conf->projet->enabled)) {
$langs->load("projects");
$morehtmlref .= '<br>'.$langs->trans('Project').' ';
if ($user->rights->propal->creer) {
if ($action != 'classify') {
//$morehtmlref.='<a class="editfielda" href="' . $_SERVER['PHP_SELF'] . '?action=classify&amp;id=' . $object->id . '">' . img_edit($langs->transnoentitiesnoconv('SetProject')) . '</a>';
$morehtmlref .= ' : ';
}
if ($action == 'classify') {
//$morehtmlref.=$form->form_project($_SERVER['PHP_SELF'] . '?id=' . $object->id, $object->socid, $object->fk_project, 'projectid', 0, 0, 1, 1);
$morehtmlref .= '<form method="post" action="'.$_SERVER['PHP_SELF'].'?id='.$object->id.'">';
$morehtmlref .= '<input type="hidden" name="action" value="classin">';
$morehtmlref .= '<input type="hidden" name="token" value="'.newToken().'">';
$morehtmlref .= $formproject->select_projects($object->socid, $object->fk_project, 'projectid', $maxlength, 0, 1, 0, 1, 0, 0, '', 1);
$morehtmlref .= '<input type="submit" class="button valignmiddle" value="'.$langs->trans("Modify").'">';
$morehtmlref .= '</form>';
} else {
if (!empty($object->fk_project)) {
$proj = new Project($db);
$proj->fetch($object->fk_project);
$morehtmlref .= '<a href="'.DOL_URL_ROOT.'/projet/card.php?id='.$object->fk_project.'" title="'.$langs->trans('ShowProject').'">';
$morehtmlref .= $proj->ref;
$morehtmlref .= '</a>';
} else {
$morehtmlref .= '';
}
$morehtmlref .= $form->form_project($_SERVER['PHP_SELF'].'?id='.$object->id, $object->socid, $object->fk_project, 'none', 0, 0, 0, 1);
}
} else {
if (!empty($object->fk_project)) {
$proj = new Project($db);
$proj->fetch($object->fk_project);
$morehtmlref .= '<a href="'.DOL_URL_ROOT.'/projet/card.php?id='.$object->fk_project.'" title="'.$langs->trans('ShowProject').'">';
$morehtmlref .= $proj->ref;
$morehtmlref .= '</a>';
} else {
$morehtmlref .= '';
}
}
$morehtmlref .= '</div>';
dol_banner_tab($object, 'ref', $linkback, 1, 'ref', 'ref', $morehtmlref);
print '<div class="fichecenter">';
print '<div class="underbanner clearboth"></div>';
$cssclass = "titlefield";
include DOL_DOCUMENT_ROOT.'/core/tpl/notes.tpl.php';
print '</div>';
print dol_get_fiche_end();
}
$morehtmlref .= '</div>';
dol_banner_tab($object, 'ref', $linkback, 1, 'ref', 'ref', $morehtmlref);
print '<div class="fichecenter">';
print '<div class="underbanner clearboth"></div>';
$cssclass = "titlefield";
include DOL_DOCUMENT_ROOT.'/core/tpl/notes.tpl.php';
print '</div>';
print dol_get_fiche_end();
}
}

13
htdocs/comm/propal/stats/index.php
View File

@ -38,12 +38,6 @@ $WIDTH = DolGraph::getDefaultGraphSizeForStats('width');
$HEIGHT = DolGraph::getDefaultGraphSizeForStats('height');
$mode = GETPOSTISSET("mode") ? GETPOST("mode", 'aZ09') : 'customer';
if ($mode == 'customer' && !$user->rights->propale->lire) {
accessforbidden();
}
if ($mode == 'supplier' && !$user->rights->supplier_proposal->lire) {
accessforbidden();
}
$object_status = GETPOST('object_status', 'intcomma');
$typent_id = GETPOST('typent_id', 'int');
@ -66,6 +60,13 @@ $endyear = $year;
// Load translation files required by the page
$langs->loadLangs(array('orders', 'companies', 'other', 'suppliers', 'supplier_proposal'));
if ($mode == 'customer' && !$user->rights->propale->lire) {
accessforbidden();
}
if ($mode == 'supplier' && !$user->rights->supplier_proposal->lire) {
accessforbidden();
}
/*
* View

10
htdocs/comm/prospect/index.php
View File

@ -30,11 +30,19 @@ require_once DOL_DOCUMENT_ROOT.'/core/lib/agenda.lib.php';
// Load translation files required by the page
$langs->load("propal");
if ($user->socid > 0) {
$socid = $user->socid;
}
// Security check
$socid = GETPOST('socid', 'int');
if ($user->socid) {
$action = '';
$socid = $user->socid;
}
$result = restrictedArea($user, 'propal', $socid, '');
/*
* View

90
htdocs/comm/prospect/recap-prospect.php
View File

@ -1,90 +0,0 @@
<?php
/* Copyright (C) 2001-2004 Rodolphe Quiedeville <rodolphe@quiedeville.org>
* Copyright (C) 2004-2010 Laurent Destailleur <eldy@users.sourceforge.net>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <https://www.gnu.org/licenses/>.
*/
/**
* \file htdocs/comm/prospect/recap-prospect.php
* \ingroup societe
* \brief Page with prospect summary
*/
require '../../main.inc.php';
require_once DOL_DOCUMENT_ROOT.'/core/lib/company.lib.php';
require_once DOL_DOCUMENT_ROOT.'/compta/facture/class/facture.class.php';
// Load translation files required by the page
$langs->loadLangs(array('companies', 'other'));
if (!empty($conf->facture->enabled)) {
$langs->load("bills");
}
// Security check
$socid = $_GET["socid"];
if ($user->socid > 0) {
$action = '';
$socid = $user->socid;
}
/*
* View
*/
llxHeader();
if ($socid > 0) {
$societe = new Societe($db);
$societe->fetch($socid);
/*
* Affichage onglets
*/
$head = societe_prepare_head($societe);
print dol_get_fiche_head($head, 'prospect', $langs->trans("ThirdParty"), 0, 'company');
print "<table width=\"100%\">\n";
print '<tr><td valign="top" width="50%">';
print '<table class="border centpercent">';
// Name
print '<tr><td width="20%">'.$langs->trans("Thirdpary").'</td><td width="80%" colspan="3">'.$societe->getNomUrl(1).'</td></tr>';
// Prefix
if (!empty($conf->global->SOCIETE_USEPREFIX)) { // Old not used prefix field
print '<tr><td>'.$langs->trans("Prefix").'</td><td colspan="3">';
print ($societe->prefix_comm ? $societe->prefix_comm : '&nbsp;');
print '</td></tr>';
}
print "</table>";
print "</td></tr></table>\n";
print '</div>';
print $langs->trans("FeatureNotYetAvailable");
} else {
dol_print_error($db);
}
// End of page
llxFooter();
$db->close();

6
htdocs/comm/recap-client.php
View File

@ -33,12 +33,12 @@ if (!empty($conf->facture->enabled)) {
}
// Security check
$socid = $_GET["socid"];
$socid = GETPOST("socid", 'int');
if ($user->socid > 0) {
$action = '';
$socid = $user->socid;
$id = $user->socid;
}
$result = restrictedArea($user, 'societe', $id, '&societe', '', 'fk_soc', 'rowid', 0);
/*

9
htdocs/comm/remise.php
View File

@ -66,7 +66,7 @@ if (GETPOST('action', 'aZ09') == 'setremise') {
header("Location: ".$backtopage);
exit;
} else {
header("Location: remise.php?id=".$_GET["id"]);
header("Location: remise.php?id=".GETPOST("id", 'int'));
exit;
}
} else {
@ -74,6 +74,12 @@ if (GETPOST('action', 'aZ09') == 'setremise') {
}
}
// Security check
if ($user->socid > 0) {
$id = $user->socid;
}
$result = restrictedArea($user, 'societe', $id, '&societe', '', 'fk_soc', 'rowid', 0);
/*
* View
@ -83,7 +89,6 @@ $form = new Form($db);
llxHeader();
/*********************************************************************************
*
* Mode fiche

8
htdocs/comm/remx.php
View File

@ -24,6 +24,8 @@
* \brief Page to edit absolute discounts for a customer
*/
if (! defined('CSRFCHECK_WITH_TOKEN')) define('CSRFCHECK_WITH_TOKEN', '1'); // Force use of CSRF protection with tokens even for GET
require '../main.inc.php';
require_once DOL_DOCUMENT_ROOT.'/core/lib/company.lib.php';
require_once DOL_DOCUMENT_ROOT.'/compta/facture/class/facture.class.php';
@ -44,6 +46,12 @@ if ($user->socid > 0) {
$socid = $user->socid;
}
// Security check
if ($user->socid > 0) {
$id = $user->socid;
}
$result = restrictedArea($user, 'societe', $id, '&societe', '', 'fk_soc', 'rowid', 0);
/*
* Actions

6
htdocs/commande/card.php
View File

@ -501,7 +501,7 @@ if (empty($reshook)) {
setEventMessages($object->error, $object->errors, 'errors');
}
} elseif ($action == 'setremise' && $usercancreate) {
$result = $object->setDiscount($user, GETPOST('remise'));
$result = $object->setDiscount($user, price2num(GETPOST('remise'), 2));
if ($result < 0) {
setEventMessages($object->error, $object->errors, 'errors');
}
@ -515,7 +515,7 @@ if (empty($reshook)) {
}
} elseif ($action == 'setdate' && $usercancreate) {
// print "x ".$_POST['liv_month'].", ".$_POST['liv_day'].", ".$_POST['liv_year'];
$date = dol_mktime(0, 0, 0, GETPOST('order_month'), GETPOST('order_day'), GETPOST('order_year'));
$date = dol_mktime(0, 0, 0, GETPOST('order_month', 'int'), GETPOST('order_day', 'int'), GETPOST('order_year', 'int'));
$result = $object->set_date($user, $date);
if ($result < 0) {
@ -1370,7 +1370,7 @@ if (empty($reshook)) {
} elseif ($action == 'swapstatut') {
// bascule du statut d'un contact
if ($object->id > 0) {
$result = $object->swapContactStatus(GETPOST('ligne'));
$result = $object->swapContactStatus(GETPOST('ligne', 'int'));
} else {
dol_print_error($db);
}

20
htdocs/commande/class/commande.class.php
View File

@ -2413,10 +2413,10 @@ class Commande extends CommonOrder
$this->db->begin();
$remise = price2num($remise);
$remise = price2num($remise, 2);
$sql = 'UPDATE '.MAIN_DB_PREFIX.'commande';
$sql .= ' SET remise_percent = '.$remise;
$sql .= ' SET remise_percent = '.((float) $remise);
$sql .= ' WHERE rowid = '.$this->id.' AND fk_statut = '.self::STATUS_DRAFT.' ;';
dol_syslog(__METHOD__, LOG_DEBUG);
@ -2468,18 +2468,20 @@ class Commande extends CommonOrder
public function set_remise_absolue($user, $remise, $notrigger = 0)
{
// phpcs:enable
$remise = trim($remise) ?trim($remise) : 0;
if (empty($remise)) {
$remise = 0;
}
$remise = price2num($remise);
if ($user->rights->commande->creer) {
$error = 0;
$this->db->begin();
$remise = price2num($remise);
$sql = 'UPDATE '.MAIN_DB_PREFIX.'commande';
$sql .= ' SET remise_absolue = '.$remise;
$sql .= ' WHERE rowid = '.$this->id.' AND fk_statut = '.self::STATUS_DRAFT.' ;';
$sql .= ' SET remise_absolue = '.((float) $remise);
$sql .= ' WHERE rowid = '.$this->id.' AND fk_statut = '.self::STATUS_DRAFT;
dol_syslog(__METHOD__, LOG_DEBUG);
$resql = $this->db->query($sql);
@ -2867,7 +2869,7 @@ class Commande extends CommonOrder
$this->db->begin();
$sql = 'UPDATE '.MAIN_DB_PREFIX.'commande SET';
$sql .= ' ref_client = '.(empty($ref_client) ? 'NULL' : '\''.$this->db->escape($ref_client).'\'');
$sql .= ' ref_client = '.(empty($ref_client) ? 'NULL' : "'".$this->db->escape($ref_client)."'");
$sql .= ' WHERE rowid = '.$this->id;
dol_syslog(__METHOD__.' this->id='.$this->id.', ref_client='.$ref_client, LOG_DEBUG);
@ -4126,7 +4128,7 @@ class OrderLine extends CommonOrderLine
$sql .= ' cd.date_start, cd.date_end';
$sql .= ' FROM '.MAIN_DB_PREFIX.'commandedet as cd';
$sql .= ' LEFT JOIN '.MAIN_DB_PREFIX.'product as p ON cd.fk_product = p.rowid';
$sql .= ' WHERE cd.rowid = '.$rowid;
$sql .= ' WHERE cd.rowid = '.((int) $rowid);
$result = $this->db->query($sql);
if ($result) {
$objp = $this->db->fetch_object($result);

4
htdocs/commande/contact.php
View File

@ -75,14 +75,14 @@ if ($action == 'addcontact' && $user->rights->commande->creer) {
} elseif ($action == 'swapstatut' && $user->rights->commande->creer) {
// bascule du statut d'un contact
if ($object->fetch($id)) {
$result = $object->swapContactStatus(GETPOST('ligne'));
$result = $object->swapContactStatus(GETPOST('ligne', 'int'));
} else {
dol_print_error($db);
}
} elseif ($action == 'deletecontact' && $user->rights->commande->creer) {
// Efface un contact
$object->fetch($id);
$result = $object->delete_contact($_GET["lineid"]);
$result = $object->delete_contact(GETPOST("lineid", 'int'));
if ($result >= 0) {
header("Location: ".$_SERVER['PHP_SELF']."?id=".$object->id);

20
htdocs/commande/list.php
View File

@ -806,39 +806,39 @@ if ($resql) {
if ($user->rights->societe->client->voir || $socid) {
$langs->load("commercial");
$moreforfilter .= '<div class="divsearchfield">';
$moreforfilter .= $langs->trans('ThirdPartiesOfSaleRepresentative').': ';
$moreforfilter .= $formother->select_salesrepresentatives($search_sale, 'search_sale', $user, 0, 1, 'maxwidth200');
$tmptitle = $langs->trans('ThirdPartiesOfSaleRepresentative');
$moreforfilter .= img_picto($tmptitle, 'user', 'class="pictofixedwidth"').$formother->select_salesrepresentatives($search_sale, 'search_sale', $user, 0, $tmptitle, 'maxwidth250');
$moreforfilter .= '</div>';
}
// If the user can view other users
if ($user->rights->user->user->lire) {
$moreforfilter .= '<div class="divsearchfield">';
$moreforfilter .= $langs->trans('LinkedToSpecificUsers').': ';
$moreforfilter .= $form->select_dolusers($search_user, 'search_user', 1, '', 0, '', '', 0, 0, 0, '', 0, '', 'maxwidth200');
$tmptitle = $langs->trans('LinkedToSpecificUsers');
$moreforfilter .= img_picto($tmptitle, 'user', 'class="pictofixedwidth"').$form->select_dolusers($search_user, 'search_user', $tmptitle, '', 0, '', '', 0, 0, 0, '', 0, '', 'maxwidth250');
$moreforfilter .= '</div>';
}
// If the user can view prospects other than his'
if (!empty($conf->categorie->enabled) && $user->rights->categorie->lire && ($user->rights->produit->lire || $user->rights->service->lire)) {
include_once DOL_DOCUMENT_ROOT.'/categories/class/categorie.class.php';
$moreforfilter .= '<div class="divsearchfield">';
$moreforfilter .= $langs->trans('IncludingProductWithTag').': ';
$tmptitle = $langs->trans('IncludingProductWithTag');
$cate_arbo = $form->select_all_categories(Categorie::TYPE_PRODUCT, null, 'parent', null, null, 1);
$moreforfilter .= $form->selectarray('search_product_category', $cate_arbo, $search_product_category, 1, 0, 0, '', 0, 0, 0, 0, 'maxwidth300', 1);
$moreforfilter .= img_picto($tmptitle, 'category', 'class="pictofixedwidth"').$form->selectarray('search_product_category', $cate_arbo, $search_product_category, $tmptitle, 0, 0, '', 0, 0, 0, 0, 'maxwidth300', 1);
$moreforfilter .= '</div>';
}
if (!empty($conf->categorie->enabled) && $user->rights->categorie->lire) {
require_once DOL_DOCUMENT_ROOT.'/categories/class/categorie.class.php';
$moreforfilter .= '<div class="divsearchfield">';
$moreforfilter .= $langs->trans('CustomersProspectsCategoriesShort').': ';
$moreforfilter .= $formother->select_categories('customer', $search_categ_cus, 'search_categ_cus', 1);
$tmptitle = $langs->trans('CustomersProspectsCategoriesShort');
$moreforfilter .= img_picto($tmptitle, 'category', 'class="pictofixedwidth"').$formother->select_categories('customer', $search_categ_cus, 'search_categ_cus', 1, $tmptitle);
$moreforfilter .= '</div>';
}
if (!empty($conf->expedition->enabled) && !empty($conf->global->WAREHOUSE_ASK_WAREHOUSE_DURING_ORDER)) {
require_once DOL_DOCUMENT_ROOT.'/product/class/html.formproduct.class.php';
$formproduct = new FormProduct($db);
$moreforfilter .= '<div class="divsearchfield">';
$moreforfilter .= $langs->trans('Warehouse').': ';
$moreforfilter .= $formproduct->selectWarehouses($search_warehouse, 'search_warehouse', '', 1);
$tmptitle = $langs->trans('Warehouse');
$moreforfilter .= img_picto($tmptitle, 'warehouse', 'class="pictofixedwidth"').$formproduct->selectWarehouses($search_warehouse, 'search_warehouse', '', $tmptitle);
$moreforfilter .= '</div>';
}
$parameters = array();

3
htdocs/compta/bank/annuel.php
View File

@ -138,10 +138,11 @@ $head = bank_prepare_head($object);
print dol_get_fiche_head($head, 'annual', $langs->trans("FinancialAccount"), 0, 'account');
$title = $langs->trans("FinancialAccount")." : ".$object->label;
$link = ($year_start ? "<a href='".$_SERVER["PHP_SELF"]."?account=".$object->id."&year_start=".($year_start - 1)."'>".img_previous('', 'class="valignbottom"')."</a> ".$langs->trans("Year")." <a href='".$_SERVER["PHP_SELF"]."?account=".$object->id."&year_start=".($year_start + 1)."'>".img_next('', 'class="valignbottom"')."</a>" : "");
$link = ($year_start ? '<a href="'.$_SERVER["PHP_SELF"].'?account='.$object->id.'&year_start='.($year_start - 1).'">'.img_previous('', 'class="valignbottom"')."</a> ".$langs->trans("Year").' <a href="'.$_SERVER["PHP_SELF"].'?account='.$object->id.'&year_start='.($year_start + 1).'">'.img_next('', 'class="valignbottom"').'</a>' : '');
$linkback = '<a href="'.DOL_URL_ROOT.'/compta/bank/list.php?restore_lastsearch_values=1">'.$langs->trans("BackToList").'</a>';
$morehtmlref = '';
if (!empty($id)) {
if (!preg_match('/,/', $id)) {

17
htdocs/compta/bank/bankentries_list.php
View File

@ -211,7 +211,6 @@ if (GETPOST('button_removefilter_x', 'alpha') || GETPOST('button_removefilter.x'
$search_thirdparty_user = '';
$search_num_releve = '';
$search_conciliated = '';
$thirdparty = '';
$search_account = "";
if ($id > 0 || !empty($ref)) {
@ -992,9 +991,9 @@ if ($resql) {
// Bank line
$moreforfilter .= '<div class="divsearchfield">';
$moreforfilter .= $langs->trans('RubriquesTransactions').' : ';
$tmptitle = $langs->trans('RubriquesTransactions');
$cate_arbo = $form->select_all_categories(Categorie::TYPE_BANK_LINE, $search_bid, 'parent', null, null, 1);
$moreforfilter .= $form->selectarray('search_bid', $cate_arbo, $search_bid, 1, 0, 0, '', 0, 0, 0, '', '', 1);
$moreforfilter .= img_picto($tmptitle, 'category', 'class="pictofixedwidth"').$form->selectarray('search_bid', $cate_arbo, $search_bid, $tmptitle, 0, 0, '', 0, 0, 0, '', '', 1);
$moreforfilter .= '</div>';
}
}
@ -1561,12 +1560,12 @@ if ($resql) {
// Debit
if (!empty($arrayfields['b.debit']['checked'])) {
print '<td class="nowrap right">';
print '<td class="nowrap right"><span class="amount">';
if ($objp->amount < 0) {
print price($objp->amount * -1);
$totalarray['totaldeb'] += $objp->amount;
}
print "</td>\n";
print "</span></td>\n";
if (!$i) {
$totalarray['nbfield']++;
}
@ -1577,12 +1576,12 @@ if ($resql) {
// Credit
if (!empty($arrayfields['b.credit']['checked'])) {
print '<td class="nowrap right">';
print '<td class="nowrap right"><span class="amount">';
if ($objp->amount > 0) {
print price($objp->amount);
$totalarray['totalcred'] += $objp->amount;
}
print "</td>\n";
print "</span></td>\n";
if (!$i) {
$totalarray['nbfield']++;
}
@ -1717,9 +1716,9 @@ if ($resql) {
print '<td class="left tdoverflowmax50" title="'.$langs->trans("Totalforthispage").'">'.$langs->trans("Totalforthispage").'</td>';
}
} elseif ($totalarray['totaldebfield'] == $i) {
print '<td class="right">'.price(-1 * $totalarray['totaldeb']).'</td>';
print '<td class="right"><span class="amount">'.price(-1 * $totalarray['totaldeb']).'</span></td>';
} elseif ($totalarray['totalcredfield'] == $i) {
print '<td class="right">'.price($totalarray['totalcred']).'</td>';
print '<td class="right"><span class="amount">'.price($totalarray['totalcred']).'</span></td>';
} elseif ($i == $posconciliatecol) {
print '<td class="center">';
if ($user->rights->banque->consolidate && $action == 'reconcile') {

4
htdocs/compta/bank/budget.php
View File

@ -82,8 +82,8 @@ if ($result) {
print '<tr class="oddeven">';
print "<td><a href=\"".DOL_URL_ROOT."/compta/bank/bankentries_list.php?bid=$objp->rowid\">$objp->label</a></td>";
print '<td class="right">'.$objp->nombre.'</td>';
print '<td class="right">'.price(abs($objp->somme))."</td>";
print '<td class="right">'.price(abs(price2num($objp->somme / $objp->nombre, 'MT')))."</td>";
print '<td class="right"><span class="amount">'.price(abs($objp->somme))."</span></td>";
print '<td class="right"><span class="amount">'.price(abs(price2num($objp->somme / $objp->nombre, 'MT')))."</span></td>";
print "</tr>";
$i++;
$total += abs($objp->somme);

10
htdocs/compta/bank/card.php
View File

@ -570,13 +570,13 @@ if ($action == 'create') {
/* */
/* ************************************************************************** */
if (($_GET["id"] || $_GET["ref"]) && $action != 'edit') {
if ((GETPOST("id", 'int') || GETPOST("ref")) && $action != 'edit') {
$object = new Account($db);
if ($_GET["id"]) {
$object->fetch($_GET["id"]);
if (GETPOST("id", 'int')) {
$object->fetch(GETPOST("id", 'int'));
}
if ($_GET["ref"]) {
$object->fetch(0, $_GET["ref"]);
if (GETPOST("ref")) {
$object->fetch(0, GETPOST("ref"));
$_GET["id"] = $object->id;
}

4
htdocs/compta/bank/releve.php
View File

@ -346,7 +346,7 @@ if (empty($numref)) {
$balancestart[$objp->numr] = $obj->amount;
$db->free($resql);
}
print '<td class="right">'.price($balancestart[$objp->numr], '', $langs, 1, -1, -1, $conf->currency).'</td>';
print '<td class="right"><span class="amount">'.price($balancestart[$objp->numr], '', $langs, 1, -1, -1, $conf->currency).'</span></td>';
// Calculate end amount
$sql = "SELECT sum(b.amount) as amount";
@ -359,7 +359,7 @@ if (empty($numref)) {
$content[$objp->numr] = $obj->amount;
$db->free($resql);
}
print '<td class="right">'.price(($balancestart[$objp->numr] + $content[$objp->numr]), '', $langs, 1, -1, -1, $conf->currency).'</td>';
print '<td class="right"><span class="amount">'.price(($balancestart[$objp->numr] + $content[$objp->numr]), '', $langs, 1, -1, -1, $conf->currency).'</span></td>';
print '<td class="center">';
if ($user->rights->banque->consolidate && $action != 'editbankreceipt') {

4
htdocs/compta/bank/various_payment/list.php
View File

@ -671,7 +671,7 @@ if ($result) {
if ($arrayfields['debit']['checked']) {
print '<td class="nowrap right">';
if ($obj->sens == 0) {
print price($obj->amount);
print '<span class="amount">'.price($obj->amount).'</span>';
$totalarray['val']['total_deb'] += $obj->amount;
}
if (!$i) {
@ -687,7 +687,7 @@ if ($result) {
if ($arrayfields['credit']['checked']) {
print '<td class="nowrap right">';
if ($obj->sens == 1) {
print price($obj->amount);
print '<span class="amount">'.price($obj->amount).'</span>';
$totalarray['val']['total_cred'] += $obj->amount;
}
if (!$i) {

172
htdocs/compta/cashcontrol/cashcontrol_list.php
View File

@ -31,14 +31,17 @@
//if (! defined('NOCSRFCHECK')) define('NOCSRFCHECK','1'); // Do not check CSRF attack (test on referer + on token if option MAIN_SECURITY_CSRF_WITH_TOKEN is on).
//if (! defined('NOTOKENRENEWAL')) define('NOTOKENRENEWAL','1'); // Do not roll the Anti CSRF token (used if MAIN_SECURITY_CSRF_WITH_TOKEN is on)
//if (! defined('NOSTYLECHECK')) define('NOSTYLECHECK','1'); // Do not check style html tag into posted data
//if (! defined('NOIPCHECK')) define('NOIPCHECK','1'); // Do not check IP defined into conf $dolibarr_main_restrict_ip
//if (! defined('NOREQUIREMENU')) define('NOREQUIREMENU','1'); // If there is no need to load and show top and left menu
//if (! defined('NOREQUIREHTML')) define('NOREQUIREHTML','1'); // If we don't need to load the html.form.class.php
//if (! defined('NOREQUIREAJAX')) define('NOREQUIREAJAX','1'); // Do not load ajax.lib.php library
//if (! defined("NOLOGIN")) define("NOLOGIN",'1'); // If this page is public (can be called outside logged session)
//if (! defined("NOLOGIN")) define("NOLOGIN", '1'); // If this page is public (can be called outside logged session). This include the NOIPCHECK too.
//if (! defined('NOIPCHECK')) define('NOIPCHECK', '1'); // Do not check IP defined into conf $dolibarr_main_restrict_ip
//if (! defined("MAIN_LANG_DEFAULT")) define('MAIN_LANG_DEFAULT','auto'); // Force lang to a particular value
//if (! defined("MAIN_AUTHENTICATION_MODE")) define('MAIN_AUTHENTICATION_MODE','aloginmodule'); // Force authentication handler
//if (! defined("NOREDIRECTBYMAINTOLOGIN")) define('NOREDIRECTBYMAINTOLOGIN',1); // The main.inc.php does not make a redirect if not logged, instead show simple error message
//if (! defined("FORCECSP")) define('FORCECSP', 'none'); // Disable all Content Security Policies
//if (! defined('CSRFCHECK_WITH_TOKEN')) define('CSRFCHECK_WITH_TOKEN', '1'); // Force use of CSRF protection with tokens even for GET
//if (! defined('NOBROWSERNOTIF')) define('NOBROWSERNOTIF', '1'); // Disable browser notification
require '../../main.inc.php';
require_once DOL_DOCUMENT_ROOT.'/compta/cashcontrol/class/cashcontrol.class.php';
@ -66,7 +69,7 @@ $limit = GETPOST('limit', 'int') ?GETPOST('limit', 'int') : $conf->liste_limit;
$sortfield = GETPOST('sortfield', 'aZ09comma');
$sortorder = GETPOST('sortorder', 'aZ09comma');
$page = GETPOSTISSET('pageplusone') ? (GETPOST('pageplusone') - 1) : GETPOST("page", 'int');
if (empty($page) || $page == -1 || GETPOST('button_search', 'alpha') || GETPOST('button_removefilter', 'alpha') || (empty($toselect) && $massaction === '0')) {
if (empty($page) || $page < 0 || GETPOST('button_search', 'alpha') || GETPOST('button_removefilter', 'alpha') || (empty($toselect) && $massaction === '0')) {
$page = 0;
} // If $page is not defined, or '' or -1 or if we click on clear filters or if we select empty mass action
$offset = $limit * $page;
@ -83,11 +86,13 @@ $hookmanager->initHooks(array('cashcontrol')); // Note that conf->hooks_modules
// Fetch optionals attributes and labels
$extrafields->fetch_name_optionals_label($object->table_element);
//$extrafields->fetch_name_optionals_label($object->table_element_line);
$search_array_options = $extrafields->getOptionalsFromPost($object->table_element, '', 'search_');
// Default sort order (if not yet defined by previous GETPOST)
if (!$sortfield) {
reset($object->fields); // Reset is required to avoid key() to return null.
$sortfield = "t.".key($object->fields); // Set here default search field. By default 1st field in definition.
}
if (!$sortorder) {
@ -95,12 +100,16 @@ if (!$sortorder) {
}
// Initialize array of search criterias
$search_all = GETPOST("search_all", 'alpha');
$search_all = GETPOST('search_all', 'alphanohtml') ? GETPOST('search_all', 'alphanohtml') : GETPOST('sall', 'alphanohtml');
$search = array();
foreach ($object->fields as $key => $val) {
if (GETPOST('search_'.$key, 'alpha')) {
if (GETPOST('search_'.$key, 'alpha') !== '') {
$search[$key] = GETPOST('search_'.$key, 'alpha');
}
if (preg_match('/^(date|timestamp|datetime)/', $val['type'])) {
$search[$key.'_dtstart'] = dol_mktime(0, 0, 0, GETPOST('search_'.$key.'_dtstartmonth', 'int'), GETPOST('search_'.$key.'_dtstartday', 'int'), GETPOST('search_'.$key.'_dtstartyear', 'int'));
$search[$key.'_dtend'] = dol_mktime(23, 59, 59, GETPOST('search_'.$key.'_dtendmonth', 'int'), GETPOST('search_'.$key.'_dtendday', 'int'), GETPOST('search_'.$key.'_dtendyear', 'int'));
}
}
// List of fields to search into when doing a "search in all"
@ -161,6 +170,10 @@ if (empty($reshook)) {
if (GETPOST('button_removefilter_x', 'alpha') || GETPOST('button_removefilter.x', 'alpha') || GETPOST('button_removefilter', 'alpha')) { // All tests are required to be compatible with all browsers
foreach ($object->fields as $key => $val) {
$search[$key] = '';
if (preg_match('/^(date|timestamp|datetime)/', $val['type'])) {
$search[$key.'_dtstart'] = '';
$search[$key.'_dtend'] = '';
}
}
$toselect = '';
$search_array_options = array();
@ -198,9 +211,7 @@ $title = $langs->trans('CashControl');
// Build and execute select
// --------------------------------------------------------------------
$sql = 'SELECT ';
foreach ($object->fields as $key => $val) {
$sql .= 't.'.$key.', ';
}
$sql .= $object->getFieldList('t');
// Add fields from extrafields
if (!empty($extrafields->attributes[$object->table_element]['label'])) {
foreach ($extrafields->attributes[$object->table_element]['label'] as $key => $val) {
@ -210,24 +221,48 @@ if (!empty($extrafields->attributes[$object->table_element]['label'])) {
// Add fields from hooks
$parameters = array();
$reshook = $hookmanager->executeHooks('printFieldListSelect', $parameters, $object); // Note that $action and $object may have been modified by hook
$sql .= $hookmanager->resPrint;
$sql = preg_replace('/, $/', '', $sql);
$sql .= preg_replace('/^,/', '', $hookmanager->resPrint);
$sql = preg_replace('/,\s*$/', '', $sql);
$sql .= " FROM ".MAIN_DB_PREFIX.$object->table_element." as t";
if (is_array($extrafields->attributes[$object->table_element]['label']) && count($extrafields->attributes[$object->table_element]['label'])) {
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX.$object->table_element."_extrafields as ef on (t.rowid = ef.fk_object)";
}
// Add table from hooks
$parameters = array();
$reshook = $hookmanager->executeHooks('printFieldListFrom', $parameters, $object); // Note that $action and $object may have been modified by hook
$sql .= $hookmanager->resPrint;
if ($object->ismultientitymanaged == 1) {
$sql .= " WHERE t.entity IN (".getEntity($object->element).")";
} else {
$sql .= " WHERE 1 = 1";
}
foreach ($search as $key => $val) {
if ($key == 'status' && $search[$key] == -1) {
continue;
}
$mode_search = (($object->isInt($object->fields[$key]) || $object->isFloat($object->fields[$key])) ? 1 : 0);
if ($search[$key] != '') {
$sql .= natural_search($key, $search[$key], (($key == 'status') ? 2 : $mode_search));
if (array_key_exists($key, $object->fields)) {
if ($key == 'status' && $search[$key] == -1) {
continue;
}
$mode_search = (($object->isInt($object->fields[$key]) || $object->isFloat($object->fields[$key])) ? 1 : 0);
if ((strpos($object->fields[$key]['type'], 'integer:') === 0) || (strpos($object->fields[$key]['type'], 'sellist:') === 0)) {
if ($search[$key] == '-1' || $search[$key] === '0') {
$search[$key] = '';
}
$mode_search = 2;
}
if ($search[$key] != '') {
$sql .= natural_search($key, $search[$key], (($key == 'status') ? 2 : $mode_search));
}
} else {
if (preg_match('/(_dtstart|_dtend)$/', $key) && $search[$key] != '') {
$columnName=preg_replace('/(_dtstart|_dtend)$/', '', $key);
if (preg_match('/^(date|timestamp|datetime)/', $object->fields[$columnName]['type'])) {
if (preg_match('/_dtstart$/', $key)) {
$sql .= " AND t." . $columnName . " >= '" . $db->idate($search[$key]) . "'";
}
if (preg_match('/_dtend$/', $key)) {
$sql .= " AND t." . $columnName . " <= '" . $db->idate($search[$key]) . "'";
}
}
}
}
}
if ($search_all) {
@ -241,20 +276,20 @@ $reshook = $hookmanager->executeHooks('printFieldListWhere', $parameters, $objec
$sql .= $hookmanager->resPrint;
/* If a group by is required
$sql.= " GROUP BY "
foreach($object->fields as $key => $val)
{
$sql.='t.'.$key.', ';
}
// Add fields from extrafields
if (! empty($extrafields->attributes[$object->table_element]['label'])) {
foreach ($extrafields->attributes[$object->table_element]['label'] as $key => $val) $sql.=($extrafields->attributes[$object->table_element]['type'][$key] != 'separate' ? "ef.".$key.', ' : '');
// Add where from hooks
$parameters=array();
$reshook=$hookmanager->executeHooks('printFieldListGroupBy',$parameters); // Note that $action and $object may have been modified by hook
$sql.=$hookmanager->resPrint;
$sql=preg_replace('/, $/','', $sql);
*/
$sql.= " GROUP BY ";
foreach($object->fields as $key => $val) {
$sql.='t.'.$key.', ';
}
// Add fields from extrafields
if (! empty($extrafields->attributes[$object->table_element]['label'])) {
foreach ($extrafields->attributes[$object->table_element]['label'] as $key => $val) $sql.=($extrafields->attributes[$object->table_element]['type'][$key] != 'separate' ? "ef.".$key.', ' : '');
}
// Add where from hooks
$parameters=array();
$reshook=$hookmanager->executeHooks('printFieldListGroupBy',$parameters, $object); // Note that $action and $object may have been modified by hook
$sql.=$hookmanager->resPrint;
$sql=preg_replace('/,\s*$/','', $sql);
*/
$sql .= $db->order($sortfield, $sortorder);
@ -269,10 +304,12 @@ if (empty($conf->global->MAIN_DISABLE_FULL_SCANLIST)) {
}
}
// if total of record found is smaller than limit, no need to do paging and to restart another select with limits set.
if (is_numeric($nbtotalofrecords) && $limit > $nbtotalofrecords) {
if (is_numeric($nbtotalofrecords) && ($limit > $nbtotalofrecords || empty($limit))) {
$num = $nbtotalofrecords;
} else {
$sql .= $db->plimit($limit + 1, $offset);
if ($limit) {
$sql .= $db->plimit($limit + 1, $offset);
}
$resql = $db->query($sql);
if (!$resql) {
@ -284,10 +321,10 @@ if (is_numeric($nbtotalofrecords) && $limit > $nbtotalofrecords) {
}
// Direct jump if only one record found
if ($num == 1 && !empty($conf->global->MAIN_SEARCH_DIRECT_OPEN_IF_ONLY_ONE) && $search_all) {
if ($num == 1 && !empty($conf->global->MAIN_SEARCH_DIRECT_OPEN_IF_ONLY_ONE) && $search_all && !$page) {
$obj = $db->fetch_object($resql);
$id = $obj->rowid;
header("Location: ".dol_buildpath('/compta/cashcontrol/cashcontrol_card.php', 1).'?id='.$id);
header("Location: ".DOL_URL_ROOT.'/compta/cashcontrol/cashcontrol_card.php?id='.$id);
exit;
}
@ -295,7 +332,7 @@ if ($num == 1 && !empty($conf->global->MAIN_SEARCH_DIRECT_OPEN_IF_ONLY_ONE) && $
// Output page
// --------------------------------------------------------------------
llxHeader('', $title, $help_url);
llxHeader('', $title, $help_url, '', 0, 0, $morejs, $morecss, '', 'classforhorizontalscrolloftabs');
// Example : Adding jquery code
print '<script type="text/javascript" language="javascript">
@ -322,13 +359,23 @@ if ($limit > 0 && $limit != $conf->liste_limit) {
$param .= '&limit='.urlencode($limit);
}
foreach ($search as $key => $val) {
$param .= '&search_'.$key.'='.urlencode($search[$key]);
if (is_array($search[$key]) && count($search[$key])) {
foreach ($search[$key] as $skey) {
$param .= '&search_'.$key.'[]='.urlencode($skey);
}
} else {
$param .= '&search_'.$key.'='.urlencode($search[$key]);
}
}
if ($optioncss != '') {
$param .= '&optioncss='.urlencode($optioncss);
}
// Add $param from extra fields
include DOL_DOCUMENT_ROOT.'/core/tpl/extrafields_list_search_param.tpl.php';
// Add $param from hooks
$parameters = array();
$reshook = $hookmanager->executeHooks('printFieldListSearchParam', $parameters, $object); // Note that $action and $object may have been modified by hook
$param .= $hookmanager->resPrint;
// List of mass actions available
$arrayofmassactions = array(
@ -341,7 +388,7 @@ if (GETPOST('nomassaction', 'int') || in_array($massaction, array('presend', 'pr
}
$massactionbutton = $form->selectMassAction('', $arrayofmassactions);
print '<form method="POST" id="searchFormList" action="'.$_SERVER["PHP_SELF"].'">';
print '<form method="POST" id="searchFormList" action="'.$_SERVER["PHP_SELF"].'">'."\n";
if ($optioncss != '') {
print '<input type="hidden" name="optioncss" value="'.$optioncss.'">';
}
@ -365,11 +412,11 @@ $objecttmp = new CashControl($db);
$trackid = 'cashfence'.$object->id;
include DOL_DOCUMENT_ROOT.'/core/tpl/massactions_pre.tpl.php';
if ($sall) {
if ($search_all) {
foreach ($fieldstosearchall as $key => $val) {
$fieldstosearchall[$key] = $langs->trans($val);
}
print '<div class="divsearchfieldfilter">'.$langs->trans("FilterOnInto", $sall).join(', ', $fieldstosearchall).'</div>';
print '<div class="divsearchfieldfilter">'.$langs->trans("FilterOnInto", $search_all).join(', ', $fieldstosearchall).'</div>';
}
$moreforfilter = '';
@ -396,7 +443,7 @@ $selectedfields = $form->multiSelectArrayWithCheckbox('selectedfields', $arrayfi
$selectedfields .= (count($arrayofmassactions) ? $form->showCheckAddButtons('checkforselect', 1) : '');
print '<div class="div-table-responsive">'; // You can use div-table-responsive-no-min if you dont need reserved height for your table
print '<table class="tagtable liste'.($moreforfilter ? " listwithfilterbefore" : "").'">'."\n";
print '<table class="tagtable nobottomiftotal liste'.($moreforfilter ? " listwithfilterbefore" : "").'">'."\n";
// Fields title search
@ -417,8 +464,17 @@ foreach ($object->fields as $key => $val) {
print '<td class="liste_titre'.($cssforfield ? ' '.$cssforfield : '').'">';
if (!empty($val['arrayofkeyval']) && is_array($val['arrayofkeyval'])) {
print $form->selectarray('search_'.$key, $val['arrayofkeyval'], $search[$key], $val['notnull'], 0, 0, '', 1, 0, 0, '', 'maxwidth100', 1);
} else {
} elseif ((strpos($val['type'], 'integer:') === 0) || (strpos($val['type'], 'sellist:')=== 0)) {
print $object->showInputField($val, $key, $search[$key], '', '', 'search_', 'maxwidth125', 1);
} elseif (!preg_match('/^(date|timestamp|datetime)/', $val['type'])) {
print '<input type="text" class="flat maxwidth75" name="search_'.$key.'" value="'.dol_escape_htmltag($search[$key]).'">';
} elseif (preg_match('/^(date|timestamp|datetime)/', $val['type'])) {
print '<div class="nowrap">';
print $form->selectDate($search[$key.'_dtstart'] ? $search[$key.'_dtstart'] : '', "search_".$key."_dtstart", 0, 0, 1, '', 1, 0, 0, '', '', '', '', 1, '', $langs->trans('From'));
print '</div>';
print '<div class="nowrap">';
print $form->selectDate($search[$key.'_dtend'] ? $search[$key.'_dtend'] : '', "search_".$key."_dtend", 0, 0, 1, '', 1, 0, 0, '', '', '', '', 1, '', $langs->trans('to'));
print '</div>';
}
print '</td>';
}
@ -442,7 +498,7 @@ print '</tr>'."\n";
// --------------------------------------------------------------------
print '<tr class="liste_titre">';
foreach ($object->fields as $key => $val) {
$cssforfield = (empty($val['css']) ? '' : $val['css']);
$cssforfield = (empty($val['csslist']) ? (empty($val['css']) ? '' : $val['css']) : $val['csslist']);
if ($key == 'status') {
$cssforfield .= ($cssforfield ? ' ' : '').'center';
} elseif (in_array($val['type'], array('date', 'datetime', 'timestamp'))) {
@ -462,6 +518,7 @@ include DOL_DOCUMENT_ROOT.'/core/tpl/extrafields_list_search_title.tpl.php';
$parameters = array('arrayfields'=>$arrayfields, 'param'=>$param, 'sortfield'=>$sortfield, 'sortorder'=>$sortorder);
$reshook = $hookmanager->executeHooks('printFieldListTitle', $parameters, $object); // Note that $action and $object may have been modified by hook
print $hookmanager->resPrint;
// Action column
print getTitleFieldOfList($selectedfields, 0, $_SERVER["PHP_SELF"], '', '', '', 'align="center"', $sortfield, $sortorder, 'maxwidthsearch ')."\n";
print '</tr>'."\n";
@ -481,24 +538,19 @@ if (is_array($extrafields->attributes[$object->table_element]['computed']) && co
// --------------------------------------------------------------------
$i = 0;
$totalarray = array();
while ($i < min($num, $limit)) {
while ($i < ($limit ? min($num, $limit) : $num)) {
$obj = $db->fetch_object($resql);
if (empty($obj)) {
break; // Should not happen
}
// Store properties in $object
$object->id = $obj->rowid;
foreach ($object->fields as $key => $val) {
if (property_exists($obj, $key)) {
$object->$key = $obj->$key;
}
}
$object->setVarsFromFetchObj($obj);
// Show here line of result
print '<tr class="oddeven">';
foreach ($object->fields as $key => $val) {
$cssforfield = (empty($val['css']) ? '' : $val['css']);
$cssforfield = (empty($val['csslist']) ? (empty($val['css']) ? '' : $val['css']) : $val['csslist']);
if (in_array($val['type'], array('date', 'datetime', 'timestamp'))) {
$cssforfield .= ($cssforfield ? ' ' : '').'center';
} elseif ($key == 'status') {
@ -511,7 +563,7 @@ while ($i < min($num, $limit)) {
$cssforfield .= ($cssforfield ? ' ' : '').'nowrap';
}
if (in_array($val['type'], array('double(24,8)', 'double(6,3)', 'integer', 'real', 'price')) && $key != 'status') {
if (in_array($val['type'], array('double(24,8)', 'double(6,3)', 'integer', 'real', 'price')) && !in_array($key, array('rowid', 'status'))) {
$cssforfield .= ($cssforfield ? ' ' : '').'right';
}
@ -519,10 +571,8 @@ while ($i < min($num, $limit)) {
print '<td'.($cssforfield ? ' class="'.$cssforfield.'"' : '').'>';
if ($key == 'status') {
print $object->getLibStatut(5);
} elseif (in_array($val['type'], array('date', 'datetime', 'timestamp'))) {
print $object->showOutputField($val, $key, $db->jdate($obj->$key), '');
} else {
print $object->showOutputField($val, $key, $obj->$key, '');
print $object->showOutputField($val, $key, $object->$key, '');
}
print '</td>';
if (!$i) {
@ -532,21 +582,21 @@ while ($i < min($num, $limit)) {
if (!$i) {
$totalarray['pos'][$totalarray['nbfield']] = 't.'.$key;
}
$totalarray['val']['t.'.$key] += $obj->$key;
$totalarray['val']['t.'.$key] += $object->$key;
}
}
}
// Extra fields
include DOL_DOCUMENT_ROOT.'/core/tpl/extrafields_list_print_fields.tpl.php';
// Fields from hook
$parameters = array('arrayfields'=>$arrayfields, 'obj'=>$obj, 'i'=>$i, 'totalarray'=>&$totalarray);
$parameters = array('arrayfields'=>$arrayfields, 'object'=>$object, 'obj'=>$obj, 'i'=>$i, 'totalarray'=>&$totalarray);
$reshook = $hookmanager->executeHooks('printFieldListValue', $parameters, $object); // Note that $action and $object may have been modified by hook
print $hookmanager->resPrint;
// Action column
print '<td class="nowrap" align="center">';
print '<td class="nowrap center">';
if ($massactionbutton || $massaction) { // If we are in select mode (massactionbutton defined) or if we have already selected and sent an action ($massaction) defined
$selected = 0;
if (in_array($obj->rowid, $arrayofselected)) {
if (in_array($object->id, $arrayofselected)) {
$selected = 1;
}
print '<input id="cb'.$obj->rowid.'" class="flat checkforselect" type="checkbox" name="toselect[]" value="'.$obj->rowid.'"'.($selected ? ' checked="checked"' : '').'>';
@ -587,6 +637,7 @@ print '</div>'."\n";
print '</form>'."\n";
/*
if (in_array('builddoc', $arrayofmassactions) && ($nbtotalofrecords === '' || $nbtotalofrecords)) {
$hidegeneratedfilelistifempty = 1;
if ($massaction == 'builddoc' || $action == 'remove_file' || $show_files) {
@ -601,11 +652,12 @@ if (in_array('builddoc', $arrayofmassactions) && ($nbtotalofrecords === '' || $n
$urlsource .= str_replace('&amp;', '&', $param);
$filedir = $diroutputmassaction;
$genallowed = $user->rights->monmodule->read;
$delallowed = $user->rights->monmodule->create;
$genallowed = $permissiontoread;
$delallowed = $permissiontoadd;
print $formfile->showdocuments('massfilesarea_monmodule', '', $filedir, $urlsource, 0, $delallowed, '', 1, 1, 0, 48, 1, $param, $title, '', '', '', null, $hidegeneratedfilelistifempty);
}
*/
// End of page
llxFooter();

34
htdocs/compta/cashcontrol/class/cashcontrol.class.php
View File

@ -54,7 +54,31 @@ class CashControl extends CommonObject
*/
public $picto = 'cash-register';
/**
* 'type' field format ('integer', 'integer:ObjectClass:PathToClass[:AddCreateButtonOrNot[:Filter]]', 'sellist:TableName:LabelFieldName[:KeyFieldName[:KeyFieldParent[:Filter]]]', 'varchar(x)', 'double(24,8)', 'real', 'price', 'text', 'text:none', 'html', 'date', 'datetime', 'timestamp', 'duration', 'mail', 'phone', 'url', 'password')
* Note: Filter can be a string like "(t.ref:like:'SO-%') or (t.date_creation:<:'20160101') or (t.nature:is:NULL)"
* 'label' the translation key.
* 'picto' is code of a picto to show before value in forms
* 'enabled' is a condition when the field must be managed (Example: 1 or '$conf->global->MY_SETUP_PARAM)
* 'position' is the sort order of field.
* 'notnull' is set to 1 if not null in database. Set to -1 if we must set data to null if empty ('' or 0).
* 'visible' says if field is visible in list (Examples: 0=Not visible, 1=Visible on list and create/update/view forms, 2=Visible on list only, 3=Visible on create/update/view form only (not list), 4=Visible on list and update/view form only (not create). 5=Visible on list and view only (not create/not update). Using a negative value means field is not shown by default on list but can be selected for viewing)
* 'noteditable' says if field is not editable (1 or 0)
* 'default' is a default value for creation (can still be overwrote by the Setup of Default Values if field is editable in creation form). Note: If default is set to '(PROV)' and field is 'ref', the default value will be set to '(PROVid)' where id is rowid when a new record is created.
* 'index' if we want an index in database.
* 'foreignkey'=>'tablename.field' if the field is a foreign key (it is recommanded to name the field fk_...).
* 'searchall' is 1 if we want to search in this field when making a search from the quick search button.
* 'isameasure' must be set to 1 if you want to have a total on list for this field. Field type must be summable like integer or double(24,8).
* 'css' and 'cssview' and 'csslist' is the CSS style to use on field. 'css' is used in creation and update. 'cssview' is used in view mode. 'csslist' is used for columns in lists. For example: 'maxwidth200', 'wordbreak', 'tdoverflowmax200'
* 'help' is a 'TranslationString' to use to show a tooltip on field. You can also use 'TranslationString:keyfortooltiponlick' for a tooltip on click.
* 'showoncombobox' if value of the field must be visible into the label of the combobox that list record
* 'disabled' is 1 if we want to have the field locked by a 'disabled' attribute. In most cases, this is never set into the definition of $fields into class, but is set dynamically by some part of code.
* 'arraykeyval' to set list of value if type is a list of predefined values. For example: array("0"=>"Draft","1"=>"Active","-1"=>"Cancel")
* 'autofocusoncreate' to have field having the focus on a create form. Only 1 field should have this property set to 1.
* 'comment' is not used. You can store here any text of your choice. It is not used by application.
*
* Note: To have value dynamic, you can set value to 0 in definition and edit the value on the fly into the constructor.
*/
public $fields = array(
'rowid' =>array('type'=>'integer', 'label'=>'ID', 'enabled'=>1, 'visible'=>-2, 'notnull'=>1, 'position'=>10),
'entity' =>array('type'=>'integer', 'label'=>'Entity', 'enabled'=>1, 'visible'=>0, 'notnull'=>1, 'position'=>15),
@ -62,10 +86,10 @@ class CashControl extends CommonObject
'posmodule' =>array('type'=>'varchar(30)', 'label'=>'Module', 'enabled'=>1, 'visible'=>1, 'notnull'=>1, 'position'=>19),
'posnumber' =>array('type'=>'varchar(30)', 'label'=>'Terminal', 'enabled'=>1, 'visible'=>1, 'notnull'=>1, 'position'=>20, 'css'=>'center'),
'label' =>array('type'=>'varchar(255)', 'label'=>'Label', 'enabled'=>1, 'visible'=>0, 'position'=>24),
'opening' =>array('type'=>'price', 'label'=>'Opening', 'enabled'=>1, 'visible'=>1, 'position'=>25),
'cash' =>array('type'=>'price', 'label'=>'Cash', 'enabled'=>1, 'visible'=>1, 'position'=>30),
'cheque' =>array('type'=>'price', 'label'=>'Cheque', 'enabled'=>1, 'visible'=>1, 'position'=>33),
'card' =>array('type'=>'price', 'label'=>'CreditCard', 'enabled'=>1, 'visible'=>1, 'position'=>36),
'opening' =>array('type'=>'price', 'label'=>'Opening', 'enabled'=>1, 'visible'=>1, 'position'=>25, 'csslist'=>'amount'),
'cash' =>array('type'=>'price', 'label'=>'Cash', 'enabled'=>1, 'visible'=>1, 'position'=>30, 'csslist'=>'amount'),
'cheque' =>array('type'=>'price', 'label'=>'Cheque', 'enabled'=>1, 'visible'=>1, 'position'=>33, 'csslist'=>'amount'),
'card' =>array('type'=>'price', 'label'=>'CreditCard', 'enabled'=>1, 'visible'=>1, 'position'=>36, 'csslist'=>'amount'),
'year_close' =>array('type'=>'integer', 'label'=>'Year close', 'enabled'=>1, 'visible'=>1, 'notnull'=>1, 'position'=>50, 'css'=>'center'),
'month_close' =>array('type'=>'integer', 'label'=>'Month close', 'enabled'=>1, 'visible'=>1, 'position'=>55, 'css'=>'center'),
'day_close' =>array('type'=>'integer', 'label'=>'Day close', 'enabled'=>1, 'visible'=>1, 'position'=>60, 'css'=>'center'),

2
htdocs/compta/cashcontrol/report.php
View File

@ -204,7 +204,7 @@ if ($resql) {
{
print '<tr class="oddeven">';
print '<td>'.$langs->trans("InitialBankBalance").' - '.$langs->trans("Cash").'</td>';
print '<td></td><td></td><td></td><td class="right">'.price($cashcontrol->opening).'</td>';
print '<td></td><td></td><td></td><td class="right"><span class="amount">'.price($cashcontrol->opening).'</span></td>';
print '</tr>';
$first = "no";
}*/

10
htdocs/compta/charges/index.php
View File

@ -206,7 +206,7 @@ if (!empty($conf->tax->enabled) && $user->rights->tax->charges->lire) {
// Type
print '<td><a href="../sociales/list.php?filtre=cs.fk_type:'.$obj->type.'">'.$obj->label.'</a></td>';
// Expected to pay
print '<td class="right">'.price($obj->total).'</td>';
print '<td class="right"><span class="amount">'.price($obj->total).'</span></td>';
// Ref payment
$payment_sc_static->id = $obj->pid;
$payment_sc_static->ref = $obj->pid;
@ -323,7 +323,7 @@ if (!empty($conf->tax->enabled) && $user->rights->tax->charges->lire) {
$tva_static->ref = $obj->label;
print "<td>".$tva_static->getNomUrl(1)."</td>\n";
print '<td class="right">'.price($obj->amount_tva)."</td>";
print '<td class="right"><span class="amount">'.price($obj->amount_tva)."</span></td>";
// Ref payment
$ptva_static->id = $obj->rowid;
@ -359,7 +359,7 @@ if (!empty($conf->tax->enabled) && $user->rights->tax->charges->lire) {
}
// Paid
print '<td class="right">'.price($obj->amount)."</td>";
print '<td class="right"><span class="amount">'.price($obj->amount)."</span></td>";
print "</tr>\n";
$i++;
@ -442,7 +442,7 @@ while ($j < $numlt) {
print "<td>".$obj->label."</td>\n";
print '<td class="right">'.price($obj->amount)."</td>";
print '<td class="right"><span class="amount">'.price($obj->amount)."</span></td>";
// Ref payment
$ptva_static->id = $obj->rowid;
@ -450,7 +450,7 @@ while ($j < $numlt) {
print '<td class="left">'.$ptva_static->getNomUrl(1)."</td>\n";
print '<td class="center">'.dol_print_date($db->jdate($obj->dp), 'day')."</td>\n";
print '<td class="right">'.price($obj->amount)."</td>";
print '<td class="right"><span class="amount">'.price($obj->amount)."</span></td>";
print "</tr>\n";
$i++;

6
htdocs/compta/deplacement/class/deplacement.class.php
View File

@ -239,12 +239,12 @@ class Deplacement extends CommonObject
$this->db->begin();
$sql = "UPDATE ".MAIN_DB_PREFIX."deplacement ";
$sql .= " SET km = ".$this->km; // This is a distance or amount
$sql .= " SET km = ".((float) $this->km); // This is a distance or amount
$sql .= " , dated = '".$this->db->idate($this->date)."'";
$sql .= " , type = '".$this->db->escape($this->type)."'";
$sql .= " , fk_statut = '".$this->db->escape($this->statut)."'";
$sql .= " , fk_user = ".$this->fk_user;
$sql .= " , fk_user_modif = ".$user->id;
$sql .= " , fk_user = ".((int) $this->fk_user);
$sql .= " , fk_user_modif = ".((int) $user->id);
$sql .= " , fk_soc = ".($this->socid > 0 ? $this->socid : 'null');
$sql .= " , note_private = ".($this->note_private ? "'".$this->db->escape($this->note_private)."'" : "null");
$sql .= " , note_public = ".($this->note_public ? "'".$this->db->escape($this->note_public)."'" : "null");

8
htdocs/compta/deplacement/stats/index.php
View File

@ -268,7 +268,7 @@ print '<br><br>';
print '<div class="div-table-responsive-no-min">';
print '<table class="border centpercent">';
print '<tr height="24">';
print '<tr>';
print '<td class="center">'.$langs->trans("Year").'</td>';
print '<td class="center">'.$langs->trans("Number").'</td>';
print '<td class="center">'.$langs->trans("AmountTotal").'</td>';
@ -280,14 +280,16 @@ foreach ($data as $val) {
$year = $val['year'];
while ($year && $oldyear > $year + 1) { // If we have empty year
$oldyear--;
print '<tr height="24">';
print '<tr>';
print '<td align="center"><a href="'.$_SERVER["PHP_SELF"].'?year='.$oldyear.'&amp;mode='.$mode.'">'.$oldyear.'</a></td>';
print '<td class="right">0</td>';
print '<td class="right">0</td>';
print '<td class="right">0</td>';
print '</tr>';
}
print '<tr height="24">';
// Total
print '<tr>';
print '<td align="center"><a href="'.$_SERVER["PHP_SELF"].'?year='.$year.'&amp;mode='.$mode.'">'.$year.'</a></td>';
print '<td class="right">'.$val['nb'].'</td>';
print '<td class="right">'.price(price2num($val['total'], 'MT'), 1).'</td>';

34
htdocs/compta/facture/card.php
View File

@ -1778,7 +1778,7 @@ if (empty($reshook)) {
$product->fetch(GETPOST('idprod'.$i, 'int'));
$startday = dol_mktime(12, 0, 0, GETPOST('date_start'.$i.'month'), GETPOST('date_start'.$i.'day'), GETPOST('date_start'.$i.'year'));
$endday = dol_mktime(12, 0, 0, GETPOST('date_end'.$i.'month'), GETPOST('date_end'.$i.'day'), GETPOST('date_end'.$i.'year'));
$result = $object->addline($product->description, $product->price, price2num(GETPOST('qty'.$i), 'MS'), $product->tva_tx, $product->localtax1_tx, $product->localtax2_tx, $_POST['idprod'.$i], $_POST['remise_percent'.$i], $startday, $endday, 0, 0, '', $product->price_base_type, $product->price_ttc, $product->type, -1, 0, '', 0, 0, null, 0, '', 0, 100, '', $product->fk_unit);
$result = $object->addline($product->description, $product->price, price2num(GETPOST('qty'.$i), 'MS'), $product->tva_tx, $product->localtax1_tx, $product->localtax2_tx, GETPOST('idprod'.$i, 'int'), price2num(GETPOST('remise_percent'.$i)), $startday, $endday, 0, 0, '', $product->price_base_type, $product->price_ttc, $product->type, -1, 0, '', 0, 0, null, 0, '', 0, 100, '', $product->fk_unit);
}
}
}
@ -2773,7 +2773,7 @@ if (empty($reshook)) {
} elseif ($action == 'swapstatut') {
// bascule du statut d'un contact
if ($object->fetch($id)) {
$result = $object->swapContactStatus(GETPOST('ligne'));
$result = $object->swapContactStatus(GETPOST('ligne', 'int'));
} else {
dol_print_error($db);
}
@ -4733,8 +4733,8 @@ if ($action == 'create') {
if (!empty($conf->banque->enabled)) {
print '<td class="right"></td>';
}
print '<td class="right">'.price($prev_invoice->total_ht).'</td>';
print '<td class="right">'.price($prev_invoice->total_ttc).'</td>';
print '<td class="right"><span class="amount">'.price($prev_invoice->total_ht).'</span></td>';
print '<td class="right"><span class="amount">'.price($prev_invoice->total_ttc).'</span></td>';
print '<td class="right">'.$prev_invoice->getLibStatut(3, $tmptotalpaidforthisinvoice).'</td>';
print '</tr>';
}
@ -4753,8 +4753,8 @@ if ($action == 'create') {
if (!empty($conf->banque->enabled)) {
print '<td class="right"></td>';
}
print '<td class="right">'.price($object->total_ht).'</td>';
print '<td class="right">'.price($object->total_ttc).'</td>';
print '<td class="right"><span class="amount">'.price($object->total_ht).'</span></td>';
print '<td class="right"><span class="amount">'.price($object->total_ttc).'</span></td>';
print '<td class="right">'.$object->getLibStatut(3, $object->getSommePaiement()).'</td>';
print '</tr>';
@ -4808,8 +4808,8 @@ if ($action == 'create') {
if (!empty($conf->banque->enabled)) {
print '<td class="right"></td>';
}
print '<td class="right">'.price($next_invoice->total_ht).'</td>';
print '<td class="right">'.price($next_invoice->total_ttc).'</td>';
print '<td class="right"><span class="amount">'.price($next_invoice->total_ht).'</span></td>';
print '<td class="right"><span class="amount">'.price($next_invoice->total_ttc).'</span></td>';
print '<td class="right">'.$next_invoice->getLibStatut(3, $totalpaye).'</td>';
print '</tr>';
}
@ -4914,7 +4914,7 @@ if ($action == 'create') {
}
print '</td>';
}
print '<td class="right">'.price($sign * $objp->amount).'</td>';
print '<td class="right"><span class="amount">'.price($sign * $objp->amount).'</span></td>';
print '<td class="center">';
if ($object->statut == Facture::STATUS_VALIDATED && $object->paye == 0 && $user->socid == 0) {
print '<a href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&action=deletepayment&token='.newToken().'&paiement_id='.$objp->rowid.'">';
@ -4972,7 +4972,7 @@ if ($action == 'create') {
print $invoice->getNomUrl(0);
print '</span>';
print '</td>';
print '<td class="right">'.price($obj->amount_ttc).'</td>';
print '<td class="right"><span class="amount">'.price($obj->amount_ttc).'</span></td>';
print '<td class="right">';
print '<a href="'.$_SERVER["PHP_SELF"].'?facid='.$object->id.'&action=unlinkdiscount&discountid='.$obj->rowid.'">'.img_delete().'</a>';
print '</td></tr>';
@ -4994,7 +4994,7 @@ if ($action == 'create') {
print '<span class="opacitymedium">';
print $form->textwithpicto($langs->trans("Discount"), $langs->trans("HelpEscompte"), - 1);
print '</span>';
print '</td><td class="right">'.price(price2num($object->total_ttc - $creditnoteamount - $depositamount - $totalpaye, 'MT')).'</td><td>&nbsp;</td></tr>';
print '</td><td class="right"><span class="amount">'.price(price2num($object->total_ttc - $creditnoteamount - $depositamount - $totalpaye, 'MT')).'</span></td><td>&nbsp;</td></tr>';
$resteapayeraffiche = 0;
$cssforamountpaymentcomplete = 'amountpaymentneutral';
}
@ -5014,7 +5014,7 @@ if ($action == 'create') {
print '<span class="opacitymedium">';
print $form->textwithpicto($langs->trans("ProductReturned"), $langs->trans("HelpAbandonProductReturned"), - 1);
print '</span>';
print '</td><td class="right">'.price(price2num($object->total_ttc - $creditnoteamount - $depositamount - $totalpaye, 'MT')).'</td><td>&nbsp;</td></tr>';
print '</td><td class="right"><span class="amount">'.price(price2num($object->total_ttc - $creditnoteamount - $depositamount - $totalpaye, 'MT')).'</span></td><td>&nbsp;</td></tr>';
$resteapayeraffiche = 0;
$cssforamountpaymentcomplete = 'amountpaymentneutral';
}
@ -5028,7 +5028,7 @@ if ($action == 'create') {
print '<span class="opacitymedium">';
print $form->textwithpicto($langs->trans("Abandoned"), $text, - 1);
print '</span>';
print '</td><td class="right">'.price(price2num($object->total_ttc - $creditnoteamount - $depositamount - $totalpaye, 'MT')).'</td><td>&nbsp;</td></tr>';
print '</td><td class="right"><span class="amount">'.price(price2num($object->total_ttc - $creditnoteamount - $depositamount - $totalpaye, 'MT')).'</span></td><td>&nbsp;</td></tr>';
$resteapayeraffiche = 0;
$cssforamountpaymentcomplete = 'amountpaymentneutral';
}
@ -5037,7 +5037,7 @@ if ($action == 'create') {
print '<tr><td colspan="'.$nbcols.'" class="right">';
print '<span class="opacitymedium">';
print $langs->trans("Billed");
print '</td><td class="right">'.price($object->total_ttc).'</td><td>&nbsp;</td></tr>';
print '</td><td class="right"><span class="amount">'.price($object->total_ttc).'</span></td><td>&nbsp;</td></tr>';
// Remainder to pay
print '<tr><td colspan="'.$nbcols.'" class="right">';
print '<span class="opacitymedium">';
@ -5047,7 +5047,7 @@ if ($action == 'create') {
}
print '</span>';
print '</td>';
print '<td class="right'.($resteapayeraffiche ? ' amountremaintopay' : (' '.$cssforamountpaymentcomplete)).'">'.price($resteapayeraffiche).'</td>';
print '<td class="right'.($resteapayeraffiche ? ' amountremaintopay' : (' '.$cssforamountpaymentcomplete)).'"><span class="amount">'.price($resteapayeraffiche).'</span></td>';
print '<td class="nowrap">&nbsp;</td></tr>';
// Retained warranty : usualy use on construction industry
@ -5076,10 +5076,10 @@ if ($action == 'create') {
// Total already paid back
print '<tr><td colspan="'.$nbcols.'" class="right">';
print $langs->trans('AlreadyPaidBack');
print ' :</td><td class="right">'.price($sign * $totalpaye).'</td><td>&nbsp;</td></tr>';
print ' :</td><td class="right"><span class="amount">'.price($sign * $totalpaye).'</span></td><td>&nbsp;</td></tr>';
// Billed
print '<tr><td colspan="'.$nbcols.'" class="right">'.$langs->trans("Billed").' :</td><td class="right">'.price($sign * $object->total_ttc).'</td><td>&nbsp;</td></tr>';
print '<tr><td colspan="'.$nbcols.'" class="right">'.$langs->trans("Billed").' :</td><td class="right"><span class="amount">'.price($sign * $object->total_ttc).'</span></td><td>&nbsp;</td></tr>';
// Remainder to pay back
print '<tr><td colspan="'.$nbcols.'" class="right">';

2
htdocs/compta/facture/class/facture-rec.class.php
View File

@ -2007,7 +2007,7 @@ class FactureLigneRec extends CommonInvoiceLine
$sql .= ' p.ref as product_ref, p.fk_product_type as fk_product_type, p.label as product_label, p.description as product_desc';
$sql .= ' FROM '.MAIN_DB_PREFIX.'facturedet_rec as l';
$sql .= ' LEFT JOIN '.MAIN_DB_PREFIX.'product as p ON l.fk_product = p.rowid';
$sql .= ' WHERE l.rowid = '.$rowid;
$sql .= ' WHERE l.rowid = '.((int) $rowid);
$sql .= ' ORDER BY l.rang';
dol_syslog('FactureRec::fetch', LOG_DEBUG);

10
htdocs/compta/facture/class/facture.class.php
View File

@ -2289,7 +2289,7 @@ class Facture extends CommonInvoice
dol_syslog(get_class($this)."::delete", LOG_DEBUG);
if ($this->db->query($sqlef) && $this->db->query($sql) && $this->delete_linked_contact()) {
$sql = 'DELETE FROM '.MAIN_DB_PREFIX.'facture WHERE rowid = '.$rowid;
$sql = 'DELETE FROM '.MAIN_DB_PREFIX.'facture WHERE rowid = '.((int) $rowid);
dol_syslog(get_class($this)."::delete", LOG_DEBUG);
@ -3735,14 +3735,14 @@ class Facture extends CommonInvoice
}
if ($user->rights->facture->creer) {
$remise = price2num($remise);
$remise = price2num($remise, 2);
$error = 0;
$this->db->begin();
$sql = 'UPDATE '.MAIN_DB_PREFIX.'facture';
$sql .= ' SET remise_percent = '.$remise;
$sql .= ' SET remise_percent = '.((float) $remise);
$sql .= ' WHERE rowid = '.$this->id;
$sql .= ' AND fk_statut = '.self::STATUS_DRAFT;
@ -3804,7 +3804,7 @@ class Facture extends CommonInvoice
$remise = price2num($remise);
$sql = 'UPDATE '.MAIN_DB_PREFIX.'facture';
$sql .= ' SET remise_absolue = '.$remise;
$sql .= ' SET remise_absolue = '.((float) $remise);
$sql .= ' WHERE rowid = '.$this->id;
$sql .= ' AND fk_statut = '.self::STATUS_DRAFT;
@ -4982,7 +4982,7 @@ class FactureLigne extends CommonInvoiceLine
$sql .= ' p.ref as product_ref, p.label as product_label, p.description as product_desc';
$sql .= ' FROM '.MAIN_DB_PREFIX.'facturedet as fd';
$sql .= ' LEFT JOIN '.MAIN_DB_PREFIX.'product as p ON fd.fk_product = p.rowid';
$sql .= ' WHERE fd.rowid = '.$rowid;
$sql .= ' WHERE fd.rowid = '.((int) $rowid);
$result = $this->db->query($sql);
if ($result) {

2
htdocs/compta/facture/contact.php
View File

@ -82,7 +82,7 @@ if ($action == 'addcontact' && $user->rights->facture->creer) {
}
} elseif ($action == 'swapstatut' && $user->rights->facture->creer) {
// Toggle the status of a contact
$result = $object->swapContactStatus(GETPOST('ligne'));
$result = $object->swapContactStatus(GETPOST('ligne', 'int'));
} elseif ($action == 'deletecontact' && $user->rights->facture->creer) {
// Deletes a contact
$result = $object->delete_contact($lineid);

6
htdocs/compta/facture/index.php
View File

@ -285,7 +285,7 @@ function getDraftTable($maxCount = 500, $socid = 0)
$result .= '<tr class="oddeven">';
$result .= '<td class="nowrap">'.$objectstatic->getNomUrl(1).'</td>';
$result .= '<td>'.$companystatic->getNomUrl(1, 'customer', 24).'</td>';
$result .= '<td class="right">'.price($obj->total_ttc).'</td>';
$result .= '<td class="right"><span class="amount">'.price($obj->total_ttc).'</span></td>';
$result .= '</tr>';
$i++;
@ -299,7 +299,7 @@ function getDraftTable($maxCount = 500, $socid = 0)
} elseif ($total > 0) {
$result .= '<tr class="liste_total">';
$result .= '<td colspan="2" class="right">'.$langs->trans("Total").'</td>';
$result .= '<td class="right">'.price($total).'</td>';
$result .= '<td class="right"><span class="amount">'.price($total).'</span></td>';
$result .= '</tr>';
}
@ -508,7 +508,7 @@ function getOpenTable($maxCount = 500, $socid = 0)
$result .= '<td class="left">'.$companystatic->getNomUrl(1, 'customer', 44).'</td>';
$result .= '<td class="right">'.dol_print_date($db->jdate($obj->df), 'day').'</td>';
$result .= '<td class="right">'.price($obj->total_ttc).'</td>';
$result .= '<td class="right"><span class="amount">'.price($obj->total_ttc).'</span></td>';
$result .= '</tr>';

4
htdocs/compta/facture/stats/index.php
View File

@ -384,9 +384,9 @@ foreach ($data as $val) {
print '<td align="center"><a href="'.$_SERVER["PHP_SELF"].'?year='.$year.'&amp;mode='.$mode.($socid > 0 ? '&socid='.$socid : '').($userid > 0 ? '&userid='.$userid : '').'">'.$year.'</a></td>';
print '<td class="right">'.$val['nb'].'</td>';
print '<td class="right" style="'.(($val['nb_diff'] >= 0) ? 'color: green;' : 'color: red;').'">'.round($val['nb_diff']).'</td>';
print '<td class="right">'.price(price2num($val['total'], 'MT'), 1).'</td>';
print '<td class="right"><span class="amount">'.price(price2num($val['total'], 'MT'), 1).'</span></td>';
print '<td class="right" style="'.(($val['total_diff'] >= 0) ? 'color: green;' : 'color: red;').'">'.round($val['total_diff']).'</td>';
print '<td class="right">'.price(price2num($val['avg'], 'MT'), 1).'</td>';
print '<td class="right"><span class="amount">'.price(price2num($val['avg'], 'MT'), 1).'</span></td>';
print '<td class="right" style="'.(($val['avg_diff'] >= 0) ? 'color: green;' : 'color: red;').'">'.round($val['avg_diff']).'</td>';
print '</tr>';
$oldyear = $year;

30
htdocs/compta/index.php
View File

@ -351,7 +351,7 @@ if ((!empty($conf->fournisseur->enabled) && empty($conf->global->MAIN_USE_NEW_SU
print '<td class="nowrap tdoverflowmax100">';
print $companystatic->getNomUrl(1, 'supplier');
print '</td>';
print '<td class="right">'.price($obj->total_ttc).'</td>';
print '<td class="right"><span class="amount">'.price($obj->total_ttc).'</span></td>';
print '</tr>';
$tot_ttc += $obj->total_ttc;
$i++;
@ -620,7 +620,7 @@ if ((!empty($conf->fournisseur->enabled) && empty($conf->global->MAIN_USE_NEW_SU
print $thirdpartystatic->getNomUrl(1, 'supplier');
print '</td>';
if (!empty($conf->global->MAIN_SHOW_HT_ON_SUMMARY)) {
print '<td class="right">'.price($obj->total_ht).'</td>';
print '<td class="right"><span class="amount">'.price($obj->total_ht).'</span></td>';
}
print '<td class="nowrap right">'.price($obj->total_ttc).'</td>';
print '<td class="right">'.dol_print_date($db->jdate($obj->tms), 'day').'</td>';
@ -951,7 +951,7 @@ if (!empty($conf->facture->enabled) && !empty($conf->commande->enabled) && $user
print $societestatic->getNomUrl(1, 'customer');
print '</td>';
if (!empty($conf->global->MAIN_SHOW_HT_ON_SUMMARY)) {
print '<td class="right">'.price($obj->total_ht).'</td>';
print '<td class="right"><span class="amount">'.price($obj->total_ht).'</span></td>';
}
print '<td class="nowrap right">'.price($obj->total_ttc).'</td>';
print '<td class="nowrap right">'.price($obj->total_ttc - $obj->tot_fttc).'</td>';
@ -974,10 +974,10 @@ if (!empty($conf->facture->enabled) && !empty($conf->commande->enabled) && $user
print '<tr class="liste_total"><td colspan="2">'.$langs->trans("Total").' &nbsp; <font style="font-weight: normal">('.$langs->trans("RemainderToBill").': '.price($tot_tobill).')</font> </td>';
if (!empty($conf->global->MAIN_SHOW_HT_ON_SUMMARY)) {
print '<td class="right">'.price($tot_ht).'</td>';
print '<td class="right"><span class="amount">'.price($tot_ht).'</span></td>';
}
print '<td class="nowrap right">'.price($tot_ttc).'</td>';
print '<td class="nowrap right">'.price($tot_tobill).'</td>';
print '<td class="nowrap right"><span class="amount">'.price($tot_ttc).'</span></td>';
print '<td class="nowrap right"><span class="amount">'.price($tot_tobill).'</span></td>';
print '<td>&nbsp;</td>';
print '</tr>';
print '</table></div><br>';
@ -1110,10 +1110,10 @@ if (!empty($conf->facture->enabled) && $user->rights->facture->lire) {
print '</td>';
print '<td class="right">'.dol_print_date($db->jdate($obj->datelimite), 'day').'</td>';
if (!empty($conf->global->MAIN_SHOW_HT_ON_SUMMARY)) {
print '<td class="right">'.price($obj->total_ht).'</td>';
print '<td class="right"><span class="amount">'.price($obj->total_ht).'</span></td>';
}
print '<td class="nowrap right">'.price($obj->total_ttc).'</td>';
print '<td class="nowrap right">'.price($obj->am).'</td>';
print '<td class="nowrap right"><span class="amount">'.price($obj->total_ttc).'</span></td>';
print '<td class="nowrap right"><span class="amount">'.price($obj->am).'</span></td>';
print '<td>'.$tmpinvoice->getLibStatut(3, $obj->am).'</td>';
print '</tr>';
@ -1139,10 +1139,10 @@ if (!empty($conf->facture->enabled) && $user->rights->facture->lire) {
print '<tr class="liste_total"><td colspan="2">'.$langs->trans("Total").' &nbsp; <font style="font-weight: normal">('.$langs->trans("RemainderToTake").': '.price($total_ttc - $totalam).')</font> </td>';
print '<td>&nbsp;</td>';
if (!empty($conf->global->MAIN_SHOW_HT_ON_SUMMARY)) {
print '<td class="right">'.price($total).'</td>';
print '<td class="right"><span class="amount">'.price($total).'</span></td>';
}
print '<td class="nowrap right">'.price($total_ttc).'</td>';
print '<td class="nowrap right">'.price($totalam).'</td>';
print '<td class="nowrap right"><span class="amount">'.price($total_ttc).'</span></td>';
print '<td class="nowrap right"><span class="amount">'.price($totalam).'</span></td>';
print '<td>&nbsp;</td>';
print '</tr>';
} else {
@ -1260,10 +1260,10 @@ if ((!empty($conf->fournisseur->enabled) && empty($conf->global->MAIN_USE_NEW_SU
print '<td class="nowrap tdoverflowmax100">'.$societestatic->getNomUrl(1, 'supplier').'</td>';
print '<td class="right">'.dol_print_date($db->jdate($obj->date_lim_reglement), 'day').'</td>';
if (!empty($conf->global->MAIN_SHOW_HT_ON_SUMMARY)) {
print '<td class="right">'.price($obj->total_ht).'</td>';
print '<td class="right"><span class="amount">'.price($obj->total_ht).'</span></td>';
}
print '<td class="nowrap right">'.price($obj->total_ttc).'</td>';
print '<td class="nowrap right">'.price($obj->am).'</td>';
print '<td class="nowrap right"><span class="amount">'.price($obj->total_ttc).'</span></td>';
print '<td class="nowrap right"><span class="amount">'.price($obj->am).'</span></td>';
print '<td>'.$facstatic->getLibStatut(3, $obj->am).'</td>';
print '</tr>';
$total += $obj->total_ht;

10
htdocs/compta/journal/sellsjournal.php
View File

@ -111,10 +111,18 @@ $idpays = $p[0];
$sql = "SELECT f.rowid, f.ref, f.type, f.datef, f.ref_client,";
$sql .= " fd.product_type, fd.total_ht, fd.total_tva, fd.tva_tx, fd.total_ttc, fd.localtax1_tx, fd.localtax2_tx, fd.total_localtax1, fd.total_localtax2, fd.rowid as id, fd.situation_percent,";
$sql .= " s.rowid as socid, s.nom as name, s.code_compta, s.client,";
$sql .= " p.rowid as pid, p.ref as pref, p.accountancy_code_sell,";
$sql .= " p.rowid as pid, p.ref as pref,";
if (!empty($conf->global->MAIN_PRODUCT_PERENTITY_SHARED)) {
$sql .= " pa.accountancy_code_sell,";
} else {
$sql .= " p.accountancy_code_sell,";
}
$sql .= " ct.accountancy_code_sell as account_tva, ct.recuperableonly";
$sql .= " FROM ".MAIN_DB_PREFIX."facturedet as fd";
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."product as p ON p.rowid = fd.fk_product";
if (!empty($conf->global->MAIN_PRODUCT_PERENTITY_SHARED)) {
$sql .= " LEFT JOIN " . MAIN_DB_PREFIX . "product_accounting as pa ON pa.fk_product = p.rowid AND pa.entity = " . ((int) $conf->entity);
}
$sql .= " JOIN ".MAIN_DB_PREFIX."facture as f ON f.rowid = fd.fk_facture";
$sql .= " JOIN ".MAIN_DB_PREFIX."societe as s ON s.rowid = f.fk_soc";
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."c_tva ct ON fd.tva_tx = ct.taux AND fd.info_bits = ct.recuperableonly AND ct.fk_pays = ".((int) $idpays);

2
htdocs/compta/localtax/list.php
View File

@ -91,7 +91,7 @@ if ($result) {
$i++;
}
print '<tr class="liste_total"><td colspan="4">'.$langs->trans("Total").'</td>';
print '<td class="right">'.price($total).'</td></tr>';
print '<td class="right"><span class="amount">'.price($total).'</span></td></tr>';
print "</table>";
$db->free($result);

16
htdocs/compta/localtax/quadri_detail.php
View File

@ -492,8 +492,8 @@ if (!is_array($x_coll) || !is_array($x_paye)) {
print '<td class="nowrap right">&nbsp;</td>';
print '<td class="right">&nbsp;</td>';
}
print '<td class="right">'.price(price2num($subtot_coll_total_ht, 'MT')).'</td>';
print '<td class="nowrap right">'.price(price2num($subtot_coll_vat, 'MT')).'</td>';
print '<td class="right"><span class="amount">'.price(price2num($subtot_coll_total_ht, 'MT')).'</span></td>';
print '<td class="nowrap right"><span class="amount">'.price(price2num($subtot_coll_vat, 'MT')).'</span></td>';
print '</tr>';
}
@ -505,8 +505,8 @@ if (!is_array($x_coll) || !is_array($x_paye)) {
print '<td class="nowrap right">&nbsp;</td>';
print '<td class="right">&nbsp;</td>';
}
print '<td class="right">'.price(price2num(0, 'MT')).'</td>';
print '<td class="nowrap right">'.price(price2num(0, 'MT')).'</td>';
print '<td class="right"><span class="amount">'.price(price2num(0, 'MT')).'</span></td>';
print '<td class="nowrap right"><span class="amount">'.price(price2num(0, 'MT')).'</span></td>';
print '</tr>';
}
@ -643,8 +643,8 @@ if (!is_array($x_coll) || !is_array($x_paye)) {
print '<td class="nowrap right">&nbsp;</td>';
print '<td class="right">&nbsp;</td>';
}
print '<td class="right">'.price(price2num($subtot_paye_total_ht, 'MT')).'</td>';
print '<td class="nowrap right">'.price(price2num($subtot_paye_vat, 'MT')).'</td>';
print '<td class="right"><span class="amount">'.price(price2num($subtot_paye_total_ht, 'MT')).'</span></td>';
print '<td class="nowrap right"><span class="amount">'.price(price2num($subtot_paye_vat, 'MT')).'</span></td>';
print '</tr>';
}
@ -656,8 +656,8 @@ if (!is_array($x_coll) || !is_array($x_paye)) {
print '<td class="nowrap right">&nbsp;</td>';
print '<td class="right">&nbsp;</td>';
}
print '<td class="right">'.price(price2num(0, 'MT')).'</td>';
print '<td class="nowrap right">'.price(price2num(0, 'MT')).'</td>';
print '<td class="right"><span class="amount">'.price(price2num(0, 'MT')).'</span></td>';
print '<td class="nowrap right"><span class="amount">'.price(price2num(0, 'MT')).'</span></td>';
print '</tr>';
}

8
htdocs/compta/paiement.php
View File

@ -713,17 +713,17 @@ if ($action == 'create' || $action == 'confirm_paiement' || $action == 'add_paie
}
// Price
print '<td class="right">'.price($sign * $objp->total_ttc).'</td>';
print '<td class="right"><span class="amount">'.price($sign * $objp->total_ttc).'</span></td>';
// Received + already paid
print '<td class="right">'.price($sign * $paiement);
print '<td class="right"><span class="amount">'.price($sign * $paiement);
if ($creditnotes) {
print '<span class="opacitymedium">+'.price($creditnotes).'</span>';
}
if ($deposits) {
print '<span class="opacitymedium">+'.price($deposits).'</span>';
}
print '</td>';
print '</span></td>';
// Remain to take or to pay back
print '<td class="right">'.price($sign * $remaintopay).'</td>';
@ -901,7 +901,7 @@ if (!GETPOST('action', 'aZ09')) {
print '<td><a href="'.DOL_URL_ROOT.'/compta/facture/card.php?facid='.$objp->facid.'">'.$objp->ref."</a></td>\n";
print '<td>'.dol_print_date($db->jdate($objp->dp))."</td>\n";
print '<td>'.$objp->paiement_type.' '.$objp->num_payment."</td>\n";
print '<td class="right">'.price($objp->amount).'</td>';
print '<td class="right"><span class="amount">'.price($objp->amount).'</span></td>';
print '<td>&nbsp;</td>';
print '</tr>';

6
htdocs/compta/paiement/card.php
View File

@ -365,13 +365,13 @@ if ($resql) {
print '</td>';
}
// Expected to pay
print '<td class="right">'.price($objp->total_ttc).'</td>';
print '<td class="right"><span class="amount">'.price($objp->total_ttc).'</span></td>';
// Amount payed
print '<td class="right">'.price($objp->amount).'</td>';
print '<td class="right"><span class="amount">'.price($objp->amount).'</span></td>';
// Remain to pay
print '<td class="right">'.price($remaintopay).'</td>';
print '<td class="right"><span class="amount">'.price($remaintopay).'</span></td>';
// Status
print '<td class="right">'.$invoice->getLibStatut(5, $alreadypayed).'</td>';

4
htdocs/compta/paiement/cheque/card.php
View File

@ -462,7 +462,7 @@ if ($action == 'new') {
print '<td>'.$value["numero"]."</td>\n";
print '<td>'.$value["emetteur"]."</td>\n";
print '<td>'.$value["banque"]."</td>\n";
print '<td class="right">'.price($value["amount"], 0, $langs, 1, -1, -1, $conf->currency).'</td>';
print '<td class="right"><span class="amount">'.price($value["amount"], 0, $langs, 1, -1, -1, $conf->currency).'</span></td>';
// Link to payment
print '<td class="center">';
@ -639,7 +639,7 @@ if ($action == 'new') {
print '<td class="center">'.($objp->num_chq ? $objp->num_chq : '&nbsp;').'</td>';
print '<td>'.dol_trunc($objp->emetteur, 24).'</td>';
print '<td>'.dol_trunc($objp->banque, 24).'</td>';
print '<td class="right">'.price($objp->amount).'</td>';
print '<td class="right"><span class="amount">'.price($objp->amount).'</span></td>';
// Link to payment
print '<td class="center">';
$paymentstatic->id = $objp->pid;

4
htdocs/compta/paiement/cheque/class/remisecheque.class.php
View File

@ -236,8 +236,8 @@ class RemiseCheque extends CommonObject
if ($checkremise) {
$sql = "UPDATE ".MAIN_DB_PREFIX."bank";
$sql .= " SET fk_bordereau = ".$this->id;
$sql .= " WHERE rowid = ".$lineid;
$sql .= " SET fk_bordereau = ".((int) $this->id);
$sql .= " WHERE rowid = ".((int) $lineid);
$resql = $this->db->query($sql);
if (!$resql) {

2
htdocs/compta/paiement/cheque/index.php
View File

@ -131,7 +131,7 @@ if ($resql) {
print '<td>'.dol_print_date($db->jdate($objp->db), 'day').'</td>';
print '<td class="nowraponall">'.$accountstatic->getNomUrl(1).'</td>';
print '<td class="right">'.$objp->nbcheque.'</td>';
print '<td class="right">'.price($objp->amount).'</td>';
print '<td class="right"><span class="amount">'.price($objp->amount).'</span></td>';
print '<td class="right">'.$checkdepositstatic->LibStatut($objp->statut, 3).'</td>';
print '</tr>';

2
htdocs/compta/paiement/cheque/list.php
View File

@ -228,7 +228,7 @@ if ($resql) {
print '<td class="right">'.$objp->nbcheque.'</td>';
// Amount
print '<td class="right">'.price($objp->amount).'</td>';
print '<td class="right"><span class="amount">'.price($objp->amount).'</span></td>';
// Statut
print '<td class="right">';

2
htdocs/compta/paiement/list.php
View File

@ -547,7 +547,7 @@ while ($i < min($num, $limit)) {
// Amount
if (!empty($arrayfields['p.amount']['checked'])) {
print '<td class="right">'.price($objp->amount).'</td>';
print '<td class="right"><span class="amount">'.price($objp->amount).'</span></td>';
if (!$i) {
$totalarray['nbfield']++;
}

2
htdocs/compta/paiement/tovalidate.php
View File

@ -120,7 +120,7 @@ if ($resql) {
print '<td><a href="'.DOL_URL_ROOT.'/compta/paiement/card.php?id='.$objp->rowid.'">'.img_object($langs->trans("ShowPayment"), "payment").' '.$objp->rowid.'</a></td>';
print '<td width="80" align="center">'.dol_print_date($db->jdate($objp->dp), 'day')."</td>\n";
print "<td>$objp->paiement_type $objp->num_payment</td>\n";
print '<td class="right">'.price($objp->amount).'</td>';
print '<td class="right"><span class="amount">'.price($objp->amount).'</span></td>';
print '<td class="center">';
if ($objp->statut == 0) {

6
htdocs/compta/paiement_charge.php
View File

@ -266,11 +266,11 @@ if ($action == 'create') {
print "<td align=\"center\"><b>!!!</b></td>\n";
}
print '<td class="right">'.price($objp->amount)."</td>";
print '<td class="right"><span class="amount">'.price($objp->amount)."</span></td>";
print '<td class="right">'.price($sumpaid)."</td>";
print '<td class="right"><span class="amount">'.price($sumpaid)."</span></td>";
print '<td class="right">'.price($objp->amount - $sumpaid)."</td>";
print '<td class="right"><span class="amount">'.price($objp->amount - $sumpaid)."</span></td>";
print '<td class="center">';
if ($sumpaid < $objp->amount) {

Some files were not shown because too many files have changed in this diff Show More