lainwir3d/dolibarr
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pull request #1 from Dolibarr/develop

Browse Source 
Get latest changes
This commit is contained in:
Anthimidis Nikos 2021-04-28 23:12:59 +03:00 committed by GitHub
commit 8754b513bd
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
270 changed files with 10581 additions and 21592 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
COPYRIGHT
View File

@ -54,7 +54,7 @@ jQuery TableDnD 0.6 GPL and MIT License Yes
jQuery Timepicker 1.1.0 GPL and MIT License Yes JS library Timepicker addon for Datepicker
jsGanttImproved 2.7.3 BSD License Yes JS library (to build Gantt reports)
JsTimezoneDetect 1.0.6 MIT License Yes JS library to detect user timezone
SwaggerUI 2.0.24 GPL-2+ Yes JS library to offer the REST API explorer
SwaggerUI 2.2.10 GPL-2+ Yes JS library to offer the REST API explorer
Image libraries:
Octicons 8.1 MIT Yes

2
build/rpm/dolibarr_fedora.spec
View File

@ -185,6 +185,7 @@ done >>%{name}.lang
%_datadir/dolibarr/htdocs/don
%_datadir/dolibarr/htdocs/ecm
%_datadir/dolibarr/htdocs/emailcollector
%_datadir/dolibarr/htdocs/eventorganization
%_datadir/dolibarr/htdocs/expedition
%_datadir/dolibarr/htdocs/expensereport
%_datadir/dolibarr/htdocs/exports
@ -206,6 +207,7 @@ done >>%{name}.lang
%_datadir/dolibarr/htdocs/mrp
%_datadir/dolibarr/htdocs/multicurrency
%_datadir/dolibarr/htdocs/opensurvey
%_datadir/dolibarr/htdocs/partnership
%_datadir/dolibarr/htdocs/paybox
%_datadir/dolibarr/htdocs/paypal
%_datadir/dolibarr/htdocs/printing

5
build/rpm/dolibarr_generic.spec
View File

@ -67,7 +67,8 @@ Requires: httpd, php >= 5.3.0, php-cli, php-gd, php-ldap, php-imap, php-mbstring
Requires: mysql-server, mysql
Requires: php-mysqli >= 4.1.0
%endif
%endif
%endif%_datadir/dolibarr/htdocs/eventorganization
%endif
# Set yes to build test package, no for release (this disable need of /usr/bin/php not found by OpenSuse)
@ -265,6 +266,7 @@ done >>%{name}.lang
%_datadir/dolibarr/htdocs/don
%_datadir/dolibarr/htdocs/ecm
%_datadir/dolibarr/htdocs/emailcollector
%_datadir/dolibarr/htdocs/eventorganization
%_datadir/dolibarr/htdocs/expedition
%_datadir/dolibarr/htdocs/expensereport
%_datadir/dolibarr/htdocs/exports
@ -286,6 +288,7 @@ done >>%{name}.lang
%_datadir/dolibarr/htdocs/mrp
%_datadir/dolibarr/htdocs/multicurrency
%_datadir/dolibarr/htdocs/opensurvey
%_datadir/dolibarr/htdocs/partnership
%_datadir/dolibarr/htdocs/paybox
%_datadir/dolibarr/htdocs/paypal
%_datadir/dolibarr/htdocs/printing

2
build/rpm/dolibarr_mandriva.spec
View File

@ -182,6 +182,7 @@ done >>%{name}.lang
%_datadir/dolibarr/htdocs/don
%_datadir/dolibarr/htdocs/ecm
%_datadir/dolibarr/htdocs/emailcollector
%_datadir/dolibarr/htdocs/eventorganization
%_datadir/dolibarr/htdocs/expedition
%_datadir/dolibarr/htdocs/expensereport
%_datadir/dolibarr/htdocs/exports
@ -203,6 +204,7 @@ done >>%{name}.lang
%_datadir/dolibarr/htdocs/mrp
%_datadir/dolibarr/htdocs/multicurrency
%_datadir/dolibarr/htdocs/opensurvey
%_datadir/dolibarr/htdocs/partnership
%_datadir/dolibarr/htdocs/paybox
%_datadir/dolibarr/htdocs/paypal
%_datadir/dolibarr/htdocs/printing

2
build/rpm/dolibarr_opensuse.spec
View File

@ -193,6 +193,7 @@ done >>%{name}.lang
%_datadir/dolibarr/htdocs/don
%_datadir/dolibarr/htdocs/ecm
%_datadir/dolibarr/htdocs/emailcollector
%_datadir/dolibarr/htdocs/eventorganization
%_datadir/dolibarr/htdocs/expedition
%_datadir/dolibarr/htdocs/expensereport
%_datadir/dolibarr/htdocs/exports
@ -214,6 +215,7 @@ done >>%{name}.lang
%_datadir/dolibarr/htdocs/mrp
%_datadir/dolibarr/htdocs/multicurrency
%_datadir/dolibarr/htdocs/opensurvey
%_datadir/dolibarr/htdocs/partnership
%_datadir/dolibarr/htdocs/paybox
%_datadir/dolibarr/htdocs/paypal
%_datadir/dolibarr/htdocs/printing

10
dev/dolibarr_changes.txt
View File

@ -225,9 +225,6 @@ JQUERYFILETREE:
RESTLER:
--------
Change content of file htdocs/includes/restler/framework/Luracast/Restler/explorer/index.html
+With swagger 2:
* Add line into Util.php to complete function
@ -249,6 +246,13 @@ Change content of file htdocs/includes/restler/framework/Luracast/Restler/explor
if (!is_string($haystack)) return false;
+With swagger 2 provided into /explorer:
----------------------------------------
Change content of file htdocs/includes/restler/framework/Luracast/Restler/explorer/index.html
PARSEDOWN
---------

2
dev/setup/codesniffer/ruleset.xml
View File

@ -16,7 +16,7 @@
<exclude-pattern type="relative">htdocs/conf.php</exclude-pattern>
<exclude-pattern type="relative">*/nltechno*</exclude-pattern>
<exclude-pattern type="relative">*/htdocs/includes</exclude-pattern>
<exclude-pattern type="relative">*/htdocs/includes</exclude-pattern>
<exclude-pattern type="relative">source</exclude-pattern>
<exclude-pattern type="relative">.git</exclude-pattern>
<!-- List of all tests -->

12
htdocs/accountancy/admin/productaccount.php
View File

@ -270,8 +270,8 @@ if (empty($pcgvercode)) {
$sql = "SELECT p.rowid, p.ref, p.label, p.description, p.tosell, p.tobuy, p.tva_tx,";
if (!empty($conf->global->MAIN_PRODUCT_PERENTITY_SHARED)) {
$sql .= " pa.accountancy_code_sell, pa.accountancy_code_sell_intra, pa.accountancy_code_sell_export,";
$sql .= " pa.accountancy_code_buy, pa.accountancy_code_buy_intra, pa.accountancy_code_buy_export,";
$sql .= " ppe.accountancy_code_sell, ppe.accountancy_code_sell_intra, ppe.accountancy_code_sell_export,";
$sql .= " ppe.accountancy_code_buy, ppe.accountancy_code_buy_intra, ppe.accountancy_code_buy_export,";
} else {
$sql .= " p.accountancy_code_sell, p.accountancy_code_sell_intra, p.accountancy_code_sell_export,";
$sql .= " p.accountancy_code_buy, p.accountancy_code_buy_intra, p.accountancy_code_buy_export,";
@ -280,14 +280,14 @@ $sql .= " p.tms, p.fk_product_type as product_type,";
$sql .= " aa.rowid as aaid";
$sql .= " FROM ".MAIN_DB_PREFIX."product as p";
if (!empty($conf->global->MAIN_PRODUCT_PERENTITY_SHARED)) {
$sql .= " LEFT JOIN " . MAIN_DB_PREFIX . "product_perentity as pa ON pa.fk_product = p.rowid AND pa.entity = " . ((int) $conf->entity);
$sql .= " LEFT JOIN " . MAIN_DB_PREFIX . "accounting_account as aa ON aa.account_number = pa." . $accountancy_field_name . " AND aa.fk_pcg_version = '" . $db->escape($pcgvercode) . "'";
$sql .= " LEFT JOIN " . MAIN_DB_PREFIX . "product_perentity as ppe ON ppe.fk_product = p.rowid AND ppe.entity = " . ((int) $conf->entity);
$sql .= " LEFT JOIN " . MAIN_DB_PREFIX . "accounting_account as aa ON aa.account_number = ppe." . $accountancy_field_name . " AND aa.fk_pcg_version = '" . $db->escape($pcgvercode) . "'";
} else {
$sql .= " LEFT JOIN " . MAIN_DB_PREFIX . "accounting_account as aa ON aa.account_number = p." . $accountancy_field_name . " AND aa.fk_pcg_version = '" . $db->escape($pcgvercode) . "'";
}
$sql .= ' WHERE p.entity IN ('.getEntity('product').')';
if (strlen(trim($search_current_account))) {
$sql .= natural_search((empty($conf->global->MAIN_PRODUCT_PERENTITY_SHARED) ? "p." : "pa.") . $accountancy_field_name, $search_current_account);
$sql .= natural_search((empty($conf->global->MAIN_PRODUCT_PERENTITY_SHARED) ? "p." : "ppe.") . $accountancy_field_name, $search_current_account);
}
if ($search_current_account_valid == 'withoutvalidaccount') {
$sql .= " AND aa.account_number IS NULL";
@ -466,7 +466,7 @@ if ($result) {
} else {
print_liste_field_titre("OnBuy", $_SERVER["PHP_SELF"], "p.tobuy", "", $param, '', $sortfield, $sortorder, 'center ');
}
print_liste_field_titre("CurrentDedicatedAccountingAccount", $_SERVER["PHP_SELF"], (empty($conf->global->MAIN_PRODUCT_PERENTITY_SHARED) ? "p." : "pa.") . $accountancy_field_name, "", $param, '', $sortfield, $sortorder);
print_liste_field_titre("CurrentDedicatedAccountingAccount", $_SERVER["PHP_SELF"], (empty($conf->global->MAIN_PRODUCT_PERENTITY_SHARED) ? "p." : "ppe.") . $accountancy_field_name, "", $param, '', $sortfield, $sortorder);
print_liste_field_titre("AssignDedicatedAccountingAccount");
$clickpitco = $form->showCheckAddButtons('checkforselect', 1);
print_liste_field_titre($clickpitco, '', '', '', '', '', '', '', 'center ');

2
htdocs/accountancy/class/accountancyexport.class.php
View File

@ -557,7 +557,7 @@ class AccountancyExport
$Tab['signe_montant'] = '+';
// The amount must be in centimes without decimal points.
$Tab['montant'] = str_pad(abs(($data->debit - $abs->credit) * 100), 12, '0', STR_PAD_LEFT);
$Tab['montant'] = str_pad(abs(($data->debit - $data->credit) * 100), 12, '0', STR_PAD_LEFT);
$Tab['contrepartie'] = str_repeat(' ', 8);
// Force date format : %d%m%y

4
htdocs/accountancy/customer/card.php
View File

@ -102,7 +102,7 @@ if (!empty($id)) {
$sql = "SELECT f.ref, f.rowid as facid, l.fk_product, l.description, l.price,";
$sql .= " l.qty, l.rowid, l.tva_tx, l.remise_percent, l.subprice,";
if (!empty($conf->global->MAIN_PRODUCT_PERENTITY_SHARED)) {
$sql .= " pa.accountancy_code_sell as code_sell,";
$sql .= " ppe.accountancy_code_sell as code_sell,";
} else {
$sql .= " p.accountancy_code_sell as code_sell,";
}
@ -110,7 +110,7 @@ if (!empty($id)) {
$sql .= " FROM ".MAIN_DB_PREFIX."facturedet as l";
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."product as p ON p.rowid = l.fk_product";
if (!empty($conf->global->MAIN_PRODUCT_PERENTITY_SHARED)) {
$sql .= " LEFT JOIN " . MAIN_DB_PREFIX . "product_perentity as pa ON pa.fk_product = p.rowid AND pa.entity = " . ((int) $conf->entity);
$sql .= " LEFT JOIN " . MAIN_DB_PREFIX . "product_perentity as ppe ON ppe.fk_product = p.rowid AND ppe.entity = " . ((int) $conf->entity);
}
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."accounting_account as aa ON l.fk_code_ventilation = aa.rowid";
$sql .= " INNER JOIN ".MAIN_DB_PREFIX."facture as f ON f.rowid = l.fk_facture";

12
htdocs/accountancy/customer/index.php
View File

@ -126,15 +126,15 @@ if ($action == 'validatehistory') {
$sql .= " l.rowid, l.fk_product, l.description, l.total_ht, l.fk_code_ventilation, l.product_type as type_l, l.tva_tx as tva_tx_line, l.vat_src_code,";
$sql .= " p.rowid as product_id, p.ref as product_ref, p.label as product_label, p.fk_product_type as type, p.tva_tx as tva_tx_prod,";
if (!empty($conf->global->MAIN_PRODUCT_PERENTITY_SHARED)) {
$sql .= " pa.accountancy_code_sell as code_sell, pa.accountancy_code_sell_intra as code_sell_intra, pa.accountancy_code_sell_export as code_sell_export,";
$sql .= " ppe.accountancy_code_sell as code_sell, ppe.accountancy_code_sell_intra as code_sell_intra, ppe.accountancy_code_sell_export as code_sell_export,";
} else {
$sql .= " p.accountancy_code_sell as code_sell, p.accountancy_code_sell_intra as code_sell_intra, p.accountancy_code_sell_export as code_sell_export,";
}
$sql .= " aa.rowid as aarowid, aa2.rowid as aarowid_intra, aa3.rowid as aarowid_export, aa4.rowid as aarowid_thirdparty,";
$sql .= " co.code as country_code, co.label as country_label,";
$sql .= " s.tva_intra,";
if (!empty($conf->global->ACCOUNTANCY_COMPANY_SHARED)) {
$sql .= " sa.accountancy_code_sell as company_code_sell";
if (!empty($conf->global->MAIN_COMPANY_PERENTITY_SHARED)) {
$sql .= " spe.accountancy_code_sell as company_code_sell";
} else {
$sql .= " s.accountancy_code_sell as company_code_sell";
}
@ -145,10 +145,10 @@ if ($action == 'validatehistory') {
$sql .= " INNER JOIN ".MAIN_DB_PREFIX."facturedet as l ON f.rowid = l.fk_facture";
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."product as p ON p.rowid = l.fk_product";
if (!empty($conf->global->MAIN_PRODUCT_PERENTITY_SHARED)) {
$sql .= " LEFT JOIN " . MAIN_DB_PREFIX . "product_perentity as pa ON pa.fk_product = p.rowid AND pa.entity = " . ((int) $conf->entity);
$sql .= " LEFT JOIN " . MAIN_DB_PREFIX . "product_perentity as ppe ON ppe.fk_product = p.rowid AND ppe.entity = " . ((int) $conf->entity);
}
$alias_societe_perentity = empty($conf->global->ACCOUNTANCY_COMPANY_SHARED) ? "s" : "sa";
$alias_product_perentity = empty($conf->global->MAIN_PRODUCT_PERENTITY_SHARED) ? "p" : "pa";
$alias_societe_perentity = empty($conf->global->MAIN_COMPANY_PERENTITY_SHARED) ? "s" : "spe";
$alias_product_perentity = empty($conf->global->MAIN_PRODUCT_PERENTITY_SHARED) ? "p" : "ppe";
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."accounting_account as aa ON " . $alias_product_perentity . ".accountancy_code_sell = aa.account_number AND aa.active = 1 AND aa.fk_pcg_version = '".$db->escape($chartaccountcode)."' AND aa.entity = ".$conf->entity;
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."accounting_account as aa2 ON " . $alias_product_perentity . ".accountancy_code_sell_intra = aa2.account_number AND aa2.active = 1 AND aa2.fk_pcg_version = '".$db->escape($chartaccountcode)."' AND aa2.entity = ".$conf->entity;
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."accounting_account as aa3 ON " . $alias_product_perentity . ".accountancy_code_sell_export = aa3.account_number AND aa3.active = 1 AND aa3.fk_pcg_version = '".$db->escape($chartaccountcode)."' AND aa3.entity = ".$conf->entity;

6
htdocs/accountancy/customer/lines.php
View File

@ -184,9 +184,9 @@ $sql .= " fd.rowid, fd.description, fd.product_type as line_type, fd.total_ht, f
$sql .= " s.rowid as socid, s.nom as name, s.code_compta, s.code_client,";
$sql .= " p.rowid as product_id, p.fk_product_type as product_type, p.ref as product_ref, p.label as product_label,";
if (!empty($conf->global->MAIN_PRODUCT_PERENTITY_SHARED)) {
$sql .= " pa.accountancy_code_sell,";
$sql .= " ppe.accountancy_code_sell, ppe.accountancy_code_sell_intra, ppe.accountancy_code_sell_export,";
} else {
$sql .= " p.accountancy_code_sell,";
$sql .= " p.accountancy_code_sell, p.accountancy_code_sell_intra, p.accountancy_code_sell_export,";
}
$sql .= " aa.rowid as fk_compte, aa.account_number, aa.label as label_account, aa.labelshort as labelshort_account,";
$sql .= " fd.situation_percent,";
@ -198,7 +198,7 @@ $sql .= $hookmanager->resPrint;
$sql .= " FROM ".MAIN_DB_PREFIX."facturedet as fd";
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."product as p ON p.rowid = fd.fk_product";
if (!empty($conf->global->MAIN_PRODUCT_PERENTITY_SHARED)) {
$sql .= " LEFT JOIN " . MAIN_DB_PREFIX . "product_perentity as pa ON pa.fk_product = p.rowid AND pa.entity = " . ((int) $conf->entity);
$sql .= " LEFT JOIN " . MAIN_DB_PREFIX . "product_perentity as ppe ON ppe.fk_product = p.rowid AND ppe.entity = " . ((int) $conf->entity);
}
$sql .= " INNER JOIN ".MAIN_DB_PREFIX."accounting_account as aa ON aa.rowid = fd.fk_code_ventilation";
$sql .= " INNER JOIN ".MAIN_DB_PREFIX."facture as f ON f.rowid = fd.fk_facture";

16
htdocs/accountancy/customer/list.php
View File

@ -219,8 +219,8 @@ $sql = "SELECT f.rowid as facid, f.ref, f.datef, f.type as ftype,";
$sql .= " l.rowid, l.fk_product, l.description, l.total_ht, l.fk_code_ventilation, l.product_type as type_l, l.tva_tx as tva_tx_line, l.vat_src_code,";
$sql .= " p.rowid as product_id, p.ref as product_ref, p.label as product_label, p.fk_product_type as type, p.tva_tx as tva_tx_prod,";
if (!empty($conf->global->MAIN_PRODUCT_PERENTITY_SHARED)) {
$sql .= " pa.accountancy_code_sell as code_sell, pa.accountancy_code_sell_intra as code_sell_intra, pa.accountancy_code_sell_export as code_sell_export,";
$sql .= " pa.accountancy_code_buy as code_buy, pa.accountancy_code_buy_intra as code_buy_intra, pa.accountancy_code_buy_export as code_buy_export,";
$sql .= " ppe.accountancy_code_sell as code_sell, ppe.accountancy_code_sell_intra as code_sell_intra, ppe.accountancy_code_sell_export as code_sell_export,";
$sql .= " ppe.accountancy_code_buy as code_buy, ppe.accountancy_code_buy_intra as code_buy_intra, ppe.accountancy_code_buy_export as code_buy_export,";
} else {
$sql .= " p.accountancy_code_sell as code_sell, p.accountancy_code_sell_intra as code_sell_intra, p.accountancy_code_sell_export as code_sell_export,";
$sql .= " p.accountancy_code_buy as code_buy, p.accountancy_code_buy_intra as code_buy_intra, p.accountancy_code_buy_export as code_buy_export,";
@ -229,8 +229,8 @@ $sql .= " p.tosell as status, p.tobuy as status_buy,";
$sql .= " aa.rowid as aarowid, aa2.rowid as aarowid_intra, aa3.rowid as aarowid_export, aa4.rowid as aarowid_thirdparty,";
$sql .= " co.code as country_code, co.label as country_label,";
$sql .= " s.rowid as socid, s.nom as name, s.tva_intra, s.email, s.town, s.zip, s.fk_pays, s.client, s.fournisseur, s.code_client, s.code_fournisseur, s.code_compta as code_compta_client, s.code_compta_fournisseur,";
if (!empty($conf->global->MAIN_PRODUCT_PERENTITY_SHARED)) {
$sql .= " sa.accountancy_code_sell as company_code_sell";
if (!empty($conf->global->MAIN_COMPANY_PERENTITY_SHARED)) {
$sql .= " spe.accountancy_code_sell as company_code_sell";
} else {
$sql .= " s.accountancy_code_sell as company_code_sell";
}
@ -240,16 +240,16 @@ $sql .= $hookmanager->resPrint;
$sql .= " FROM ".MAIN_DB_PREFIX."facture as f";
$sql .= " INNER JOIN ".MAIN_DB_PREFIX."societe as s ON s.rowid = f.fk_soc";
if (!empty($conf->global->MAIN_COMPANY_PERENTITY_SHARED)) {
$sql .= " LEFT JOIN " . MAIN_DB_PREFIX . "societe_perentity as sa ON sa.fk_soc = s.rowid AND sa.entity = " . ((int) $conf->entity);
$sql .= " LEFT JOIN " . MAIN_DB_PREFIX . "societe_perentity as spe ON spe.fk_soc = s.rowid AND spe.entity = " . ((int) $conf->entity);
}
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."c_country as co ON co.rowid = s.fk_pays ";
$sql .= " INNER JOIN ".MAIN_DB_PREFIX."facturedet as l ON f.rowid = l.fk_facture";
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."product as p ON p.rowid = l.fk_product";
if (!empty($conf->global->MAIN_PRODUCT_PERENTITY_SHARED)) {
$sql .= " LEFT JOIN " . MAIN_DB_PREFIX . "product_perentity as pa ON pa.fk_product = p.rowid AND pa.entity = " . ((int) $conf->entity);
$sql .= " LEFT JOIN " . MAIN_DB_PREFIX . "product_perentity as ppe ON ppe.fk_product = p.rowid AND ppe.entity = " . ((int) $conf->entity);
}
$alias_societe_perentity = empty($conf->global->MAIN_COMPANY_PERENTITY_SHARED) ? "s" : "sa";
$alias_product_perentity = empty($conf->global->MAIN_PRODUCT_PERENTITY_SHARED) ? "p" : "pa";
$alias_societe_perentity = empty($conf->global->MAIN_COMPANY_PERENTITY_SHARED) ? "s" : "spe";
$alias_product_perentity = empty($conf->global->MAIN_PRODUCT_PERENTITY_SHARED) ? "p" : "ppe";
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."accounting_account as aa ON " . $alias_product_perentity . ".accountancy_code_sell = aa.account_number AND aa.active = 1 AND aa.fk_pcg_version = '".$db->escape($chartaccountcode)."' AND aa.entity = ".$conf->entity;
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."accounting_account as aa2 ON " . $alias_product_perentity . ".accountancy_code_sell_intra = aa2.account_number AND aa2.active = 1 AND aa2.fk_pcg_version = '".$db->escape($chartaccountcode)."' AND aa2.entity = ".$conf->entity;
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."accounting_account as aa3 ON " . $alias_product_perentity . ".accountancy_code_sell_export = aa3.account_number AND aa3.active = 1 AND aa3.fk_pcg_version = '".$db->escape($chartaccountcode)."' AND aa3.entity = ".$conf->entity;

2
htdocs/accountancy/journal/bankjournal.php
View File

@ -130,7 +130,7 @@ $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."bank_url as bu3 ON bu3.fk_bank = b.rowid A
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."bank_url as bu4 ON bu4.fk_bank = b.rowid AND bu4.type='payment_supplier'";
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe as soc on bu1.url_id=soc.rowid";
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."user as u on bu2.url_id=u.rowid";
$sql .= " WHERE ba.fk_accountancy_journal=".$id_journal;
$sql .= " WHERE ba.fk_accountancy_journal=".((int) $id_journal);
$sql .= ' AND b.amount != 0 AND ba.entity IN ('.getEntity('bank_account', 0).')'; // We don't share object for accountancy
if ($date_start && $date_end) {
$sql .= " AND b.dateo >= '".$db->idate($date_start)."' AND b.dateo <= '".$db->idate($date_end)."'";

10
htdocs/accountancy/journal/purchasesjournal.php
View File

@ -106,9 +106,17 @@ if (!GETPOSTISSET('date_startmonth') && (empty($date_start) || empty($date_end))
$sql = "SELECT f.rowid, f.ref as ref, f.type, f.datef as df, f.libelle,f.ref_supplier, f.date_lim_reglement as dlf, f.close_code,";
$sql .= " fd.rowid as fdid, fd.description, fd.product_type, fd.total_ht, fd.tva as total_tva, fd.total_localtax1, fd.total_localtax2, fd.tva_tx, fd.total_ttc, fd.vat_src_code,";
$sql .= " s.rowid as socid, s.nom as name, s.fournisseur, s.code_client, s.code_fournisseur, s.code_compta, s.code_compta_fournisseur,";
$sql .= " p.accountancy_code_buy , aa.rowid as fk_compte, aa.account_number as compte, aa.label as label_compte";
if (!empty($conf->global->MAIN_PRODUCT_PERENTITY_SHARED)) {
$sql .= " ppe.accountancy_code_buy,";
} else {
$sql .= " p.accountancy_code_buy,";
}
$sql .= " aa.rowid as fk_compte, aa.account_number as compte, aa.label as label_compte";
$sql .= " FROM ".MAIN_DB_PREFIX."facture_fourn_det as fd";
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."product as p ON p.rowid = fd.fk_product";
if (!empty($conf->global->MAIN_PRODUCT_PERENTITY_SHARED)) {
$sql .= " LEFT JOIN " . MAIN_DB_PREFIX . "product_perentity as ppe ON ppe.fk_product = p.rowid AND ppe.entity = " . ((int) $conf->entity);
}
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."accounting_account as aa ON aa.rowid = fd.fk_code_ventilation";
$sql .= " JOIN ".MAIN_DB_PREFIX."facture_fourn as f ON f.rowid = fd.fk_facture_fourn";
$sql .= " JOIN ".MAIN_DB_PREFIX."societe as s ON s.rowid = f.fk_soc";

4
htdocs/accountancy/journal/sellsjournal.php
View File

@ -110,14 +110,14 @@ $sql .= " fd.rowid as fdid, fd.description, fd.product_type, fd.total_ht, fd.tot
$sql .= " s.rowid as socid, s.nom as name, s.code_client, s.code_fournisseur, s.code_compta, s.code_compta_fournisseur,";
$sql .= " p.rowid as pid, p.ref as pref, aa.rowid as fk_compte, aa.account_number as compte, aa.label as label_compte,";
if (!empty($conf->global->MAIN_PRODUCT_PERENTITY_SHARED)) {
$sql .= " pa.accountancy_code_sell";
$sql .= " ppe.accountancy_code_sell";
} else {
$sql .= " p.accountancy_code_sell";
}
$sql .= " FROM ".MAIN_DB_PREFIX."facturedet as fd";
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."product as p ON p.rowid = fd.fk_product";
if (!empty($conf->global->MAIN_PRODUCT_PERENTITY_SHARED)) {
$sql .= " LEFT JOIN " . MAIN_DB_PREFIX . "product_perentity as pa ON pa.fk_product = p.rowid AND pa.entity = " . ((int) $conf->entity);
$sql .= " LEFT JOIN " . MAIN_DB_PREFIX . "product_perentity as ppe ON ppe.fk_product = p.rowid AND ppe.entity = " . ((int) $conf->entity);
}
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."accounting_account as aa ON aa.rowid = fd.fk_code_ventilation";
$sql .= " JOIN ".MAIN_DB_PREFIX."facture as f ON f.rowid = fd.fk_facture";

12
htdocs/accountancy/supplier/card.php
View File

@ -101,10 +101,18 @@ $formaccounting = new FormAccounting($db);
if (!empty($id)) {
$sql = "SELECT f.ref as ref, f.rowid as facid, l.fk_product, l.description, l.rowid, l.fk_code_ventilation, ";
$sql .= " p.rowid as product_id, p.ref as product_ref, p.label as product_label";
$sql .= ", aa.account_number, aa.label";
$sql .= " p.rowid as product_id, p.ref as product_ref, p.label as product_label,";
if (!empty($conf->global->MAIN_PRODUCT_PERENTITY_SHARED)) {
$sql .= " ppe.accountancy_code_buy as code_buy,";
} else {
$sql .= " p.accountancy_code_buy as code_buy,";
}
$sql .= " aa.account_number, aa.label";
$sql .= " FROM ".MAIN_DB_PREFIX."facture_fourn_det as l";
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."product as p ON p.rowid = l.fk_product";
if (!empty($conf->global->MAIN_PRODUCT_PERENTITY_SHARED)) {
$sql .= " LEFT JOIN " . MAIN_DB_PREFIX . "product_perentity as ppe ON ppe.fk_product = p.rowid AND ppe.entity = " . ((int) $conf->entity);
}
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."accounting_account as aa ON l.fk_code_ventilation = aa.rowid";
$sql .= " INNER JOIN ".MAIN_DB_PREFIX."facture_fourn as f ON f.rowid = l.fk_facture_fourn ";
$sql .= " WHERE f.fk_statut > 0 AND l.rowid = ".((int) $id);

29
htdocs/accountancy/supplier/index.php
View File

@ -132,20 +132,35 @@ if ($action == 'validatehistory') {
// Supplier Invoice Lines (must be same request than into page list.php for manual binding)
$sql = "SELECT f.rowid as facid, f.ref, f.ref_supplier, f.libelle as invoice_label, f.datef, f.type as ftype,";
$sql .= " l.rowid, l.fk_product, l.description, l.total_ht, l.fk_code_ventilation, l.product_type as type_l, l.tva_tx as tva_tx_line, l.vat_src_code,";
$sql .= " p.rowid as product_id, p.ref as product_ref, p.label as product_label, p.fk_product_type as type,";
$sql .= " p.accountancy_code_buy as code_buy, p.accountancy_code_buy_intra as code_buy_intra, p.accountancy_code_buy_export as code_buy_export, p.tva_tx as tva_tx_prod,";
$sql .= " p.rowid as product_id, p.ref as product_ref, p.label as product_label, p.fk_product_type as type, p.tva_tx as tva_tx_prod,";
if (!empty($conf->global->MAIN_PRODUCT_PERENTITY_SHARED)) {
$sql .= " ppe.accountancy_code_buy as code_buy, ppe.accountancy_code_buy_intra as code_buy_intra, ppe.accountancy_code_buy_export as code_buy_export,";
} else {
$sql .= " p.accountancy_code_buy as code_buy, p.accountancy_code_buy_intra as code_buy_intra, p.accountancy_code_buy_export as code_buy_export,";
}
$sql .= " aa.rowid as aarowid, aa2.rowid as aarowid_intra, aa3.rowid as aarowid_export, aa4.rowid as aarowid_thirdparty,";
$sql .= " co.code as country_code, co.label as country_label,";
$sql .= " s.tva_intra, s.accountancy_code_buy as company_code_buy";
$sql .= " s.tva_intra,";
if (!empty($conf->global->MAIN_COMPANY_PERENTITY_SHARED)) {
$sql .= " spe.accountancy_code_buy as company_code_buy";
} else {
$sql .= " s.accountancy_code_buy as company_code_buy";
}
$sql .= " FROM ".MAIN_DB_PREFIX."facture_fourn as f";
$sql .= " INNER JOIN ".MAIN_DB_PREFIX."societe as s ON s.rowid = f.fk_soc";
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."c_country as co ON co.rowid = s.fk_pays ";
$sql .= " INNER JOIN ".MAIN_DB_PREFIX."facture_fourn_det as l ON f.rowid = l.fk_facture_fourn";
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."product as p ON p.rowid = l.fk_product";
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."accounting_account as aa ON p.accountancy_code_buy = aa.account_number AND aa.active = 1 AND aa.fk_pcg_version = '".$db->escape($chartaccountcode)."' AND aa.entity = ".$conf->entity;
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."accounting_account as aa2 ON p.accountancy_code_buy_intra = aa2.account_number AND aa2.active = 1 AND aa2.fk_pcg_version = '".$db->escape($chartaccountcode)."' AND aa2.entity = ".$conf->entity;
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."accounting_account as aa3 ON p.accountancy_code_buy_export = aa3.account_number AND aa3.active = 1 AND aa3.fk_pcg_version = '".$db->escape($chartaccountcode)."' AND aa3.entity = ".$conf->entity;
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."accounting_account as aa4 ON s.accountancy_code_buy = aa4.account_number AND aa4.active = 1 AND aa4.fk_pcg_version = '".$db->escape($chartaccountcode)."' AND aa4.entity = ".$conf->entity;
if (!empty($conf->global->MAIN_PRODUCT_PERENTITY_SHARED)) {
$sql .= " LEFT JOIN " . MAIN_DB_PREFIX . "product_perentity as ppe ON ppe.fk_product = p.rowid AND ppe.entity = " . ((int) $conf->entity);
}
$alias_societe_perentity = empty($conf->global->MAIN_COMPANY_PERENTITY_SHARED) ? "s" : "spe";
$alias_product_perentity = empty($conf->global->MAIN_PRODUCT_PERENTITY_SHARED) ? "p" : "ppe";
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."accounting_account as aa ON " . $alias_product_perentity . ".accountancy_code_buy = aa.account_number AND aa.active = 1 AND aa.fk_pcg_version = '".$db->escape($chartaccountcode)."' AND aa.entity = ".$conf->entity;
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."accounting_account as aa2 ON " . $alias_product_perentity . ".accountancy_code_buy_intra = aa2.account_number AND aa2.active = 1 AND aa2.fk_pcg_version = '".$db->escape($chartaccountcode)."' AND aa2.entity = ".$conf->entity;
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."accounting_account as aa3 ON " . $alias_product_perentity . ".accountancy_code_buy_export = aa3.account_number AND aa3.active = 1 AND aa3.fk_pcg_version = '".$db->escape($chartaccountcode)."' AND aa3.entity = ".$conf->entity;
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."accounting_account as aa4 ON " . $alias_product_perentity . ".accountancy_code_buy = aa4.account_number AND aa4.active = 1 AND aa4.fk_pcg_version = '".$db->escape($chartaccountcode)."' AND aa4.entity = ".$conf->entity;
$sql .= " WHERE f.fk_statut > 0 AND l.fk_code_ventilation <= 0";
$sql .= " AND l.product_type <= 2";

17
htdocs/accountancy/supplier/lines.php
View File

@ -1,6 +1,6 @@
<?php
/* Copyright (C) 2013-2016 Olivier Geffroy <jeff@jeffinfo.com>
* Copyright (C) 2013-2020 Alexandre Spangaro <aspangaro@open-dsi.fr>
* Copyright (C) 2013-2021 Alexandre Spangaro <aspangaro@open-dsi.fr>
* Copyright (C) 2014-2015 Ari Elbaz (elarifr) <github@accedinfo.com>
* Copyright (C) 2013-2016 Florian Henry <florian.henry@open-concept.pro>
* Copyright (C) 2014 Juanjo Menent <jmenent@2byte.es>
@ -94,6 +94,9 @@ if (empty($user->rights->accounting->mouvements->lire)) {
}
$formaccounting = new FormAccounting($db);
/*
* Actions
*/
@ -116,7 +119,7 @@ if (GETPOST('button_removefilter_x', 'alpha') || GETPOST('button_removefilter.x'
$search_tvaintra = '';
}
if (is_array($changeaccount) && count($changeaccount) > 0) {
if (is_array($changeaccount) && count($changeaccount) > 0 && $user->rights->accounting->bind->write) {
$error = 0;
if (!(GETPOST('account_parent', 'int') >= 0)) {
@ -124,7 +127,6 @@ if (is_array($changeaccount) && count($changeaccount) > 0) {
setEventMessages($langs->trans("ErrorFieldRequired", $langs->transnoentitiesnoconv("Account")), null, 'errors');
}
if (!$error) {
$db->begin();
@ -184,7 +186,11 @@ $sql = "SELECT f.rowid as facid, f.ref as ref, f.ref_supplier, f.libelle as invo
$sql .= " l.rowid, l.fk_product, l.product_type as line_type, l.description, l.total_ht , l.qty, l.tva_tx, l.vat_src_code,";
$sql .= " aa.label, aa.labelshort, aa.account_number,";
$sql .= " p.rowid as product_id, p.fk_product_type as product_type, p.ref as product_ref, p.label as product_label, p.fk_product_type as type, p.tobuy, p.tosell,";
$sql .= " p.accountancy_code_buy, p.accountancy_code_buy_intra, p.accountancy_code_buy_export,";
if (!empty($conf->global->MAIN_PRODUCT_PERENTITY_SHARED)) {
$sql .= " ppe.accountancy_code_buy, ppe.accountancy_code_buy_intra, ppe.accountancy_code_buy_export,";
} else {
$sql .= " p.accountancy_code_buy, p.accountancy_code_buy_intra, p.accountancy_code_buy_export,";
}
$sql .= " co.code as country_code, co.label as country,";
$sql .= " s.rowid as socid, s.nom as name, s.tva_intra, s.email, s.town, s.zip, s.fk_pays, s.client, s.fournisseur, s.code_client, s.code_fournisseur, s.code_compta as code_compta_client, s.code_compta_fournisseur";
$parameters = array();
@ -192,6 +198,9 @@ $reshook = $hookmanager->executeHooks('printFieldListSelect', $parameters); // N
$sql .= $hookmanager->resPrint;
$sql .= " FROM ".MAIN_DB_PREFIX."facture_fourn_det as l";
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."product as p ON p.rowid = l.fk_product";
if (!empty($conf->global->MAIN_PRODUCT_PERENTITY_SHARED)) {
$sql .= " LEFT JOIN " . MAIN_DB_PREFIX . "product_perentity as ppe ON ppe.fk_product = p.rowid AND ppe.entity = " . ((int) $conf->entity);
}
$sql .= " INNER JOIN ".MAIN_DB_PREFIX."accounting_account as aa ON aa.rowid = l.fk_code_ventilation";
$sql .= " INNER JOIN ".MAIN_DB_PREFIX."facture_fourn as f ON f.rowid = l.fk_facture_fourn";
$sql .= " INNER JOIN ".MAIN_DB_PREFIX."societe as s ON s.rowid = f.fk_soc";

14
htdocs/accountancy/supplier/list.php
View File

@ -224,8 +224,8 @@ $sql = "SELECT f.rowid as facid, f.ref, f.ref_supplier, f.libelle as invoice_lab
$sql .= " l.rowid, l.fk_product, l.description, l.total_ht, l.fk_code_ventilation, l.product_type as type_l, l.tva_tx as tva_tx_line, l.vat_src_code,";
$sql .= " p.rowid as product_id, p.ref as product_ref, p.label as product_label, p.fk_product_type as type, p.tva_tx as tva_tx_prod,";
if (!empty($conf->global->MAIN_PRODUCT_PERENTITY_SHARED)) {
$sql .= " pa.accountancy_code_sell as code_sell, pa.accountancy_code_sell_intra as code_sell_intra, pa.accountancy_code_sell_export as code_sell_export,";
$sql .= " pa.accountancy_code_buy as code_buy, pa.accountancy_code_buy_intra as code_buy_intra, pa.accountancy_code_buy_export as code_buy_export,";
$sql .= " ppe.accountancy_code_sell as code_sell, ppe.accountancy_code_sell_intra as code_sell_intra, ppe.accountancy_code_sell_export as code_sell_export,";
$sql .= " ppe.accountancy_code_buy as code_buy, ppe.accountancy_code_buy_intra as code_buy_intra, ppe.accountancy_code_buy_export as code_buy_export,";
} else {
$sql .= " p.accountancy_code_sell as code_sell, p.accountancy_code_sell_intra as code_sell_intra, p.accountancy_code_sell_export as code_sell_export,";
$sql .= " p.accountancy_code_buy as code_buy, p.accountancy_code_buy_intra as code_buy_intra, p.accountancy_code_buy_export as code_buy_export,";
@ -235,7 +235,7 @@ $sql .= " aa.rowid as aarowid, aa2.rowid as aarowid_intra, aa3.rowid as aarowid_
$sql .= " co.code as country_code, co.label as country_label,";
$sql .= " s.rowid as socid, s.nom as name, s.tva_intra, s.email, s.town, s.zip, s.fk_pays, s.client, s.fournisseur, s.code_client, s.code_fournisseur, s.code_compta as code_compta_client, s.code_compta_fournisseur,";
if (!empty($conf->global->MAIN_COMPANY_PERENTITY_SHARED)) {
$sql .= " sa.accountancy_code_buy as company_code_buy";
$sql .= " spe.accountancy_code_buy as company_code_buy";
} else {
$sql .= " s.accountancy_code_buy as company_code_buy";
}
@ -245,16 +245,16 @@ $sql .= $hookmanager->resPrint;
$sql .= " FROM ".MAIN_DB_PREFIX."facture_fourn as f";
$sql .= " INNER JOIN ".MAIN_DB_PREFIX."societe as s ON s.rowid = f.fk_soc";
if (!empty($conf->global->MAIN_COMPANY_PERENTITY_SHARED)) {
$sql .= " LEFT JOIN " . MAIN_DB_PREFIX . "societe_perentity as sa ON sa.fk_soc = s.rowid AND sa.entity = " . ((int) $conf->entity);
$sql .= " LEFT JOIN " . MAIN_DB_PREFIX . "societe_perentity as spe ON spe.fk_soc = s.rowid AND spe.entity = " . ((int) $conf->entity);
}
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."c_country as co ON co.rowid = s.fk_pays ";
$sql .= " INNER JOIN ".MAIN_DB_PREFIX."facture_fourn_det as l ON f.rowid = l.fk_facture_fourn";
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."product as p ON p.rowid = l.fk_product";
if (!empty($conf->global->MAIN_PRODUCT_PERENTITY_SHARED)) {
$sql .= " LEFT JOIN " . MAIN_DB_PREFIX . "product_perentity as pa ON pa.fk_product = p.rowid AND pa.entity = " . ((int) $conf->entity);
$sql .= " LEFT JOIN " . MAIN_DB_PREFIX . "product_perentity as ppe ON ppe.fk_product = p.rowid AND ppe.entity = " . ((int) $conf->entity);
}
$alias_societe_perentity = empty($conf->global->MAIN_COMPANY_PERENTITY_SHARED) ? "s" : "sa";
$alias_product_perentity = empty($conf->global->MAIN_PRODUCT_PERENTITY_SHARED) ? "p" : "pa";
$alias_societe_perentity = empty($conf->global->MAIN_COMPANY_PERENTITY_SHARED) ? "s" : "spe";
$alias_product_perentity = empty($conf->global->MAIN_PRODUCT_PERENTITY_SHARED) ? "p" : "ppe";
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."accounting_account as aa ON " . $alias_product_perentity . ".accountancy_code_buy = aa.account_number AND aa.active = 1 AND aa.fk_pcg_version = '".$db->escape($chartaccountcode)."' AND aa.entity = ".$conf->entity;
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."accounting_account as aa2 ON " . $alias_product_perentity . ".accountancy_code_buy_intra = aa2.account_number AND aa2.active = 1 AND aa2.fk_pcg_version = '".$db->escape($chartaccountcode)."' AND aa2.entity = ".$conf->entity;
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."accounting_account as aa3 ON " . $alias_product_perentity . ".accountancy_code_buy_export = aa3.account_number AND aa3.active = 1 AND aa3.fk_pcg_version = '".$db->escape($chartaccountcode)."' AND aa3.entity = ".$conf->entity;

54
htdocs/adherents/card.php
View File

@ -937,17 +937,14 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) {
document.formsoc.action.value="create";
document.formsoc.submit();
});
function initfieldrequired()
{
function initfieldrequired() {
jQuery("#tdcompany").removeClass("fieldrequired");
jQuery("#tdlastname").removeClass("fieldrequired");
jQuery("#tdfirstname").removeClass("fieldrequired");
if (jQuery("#morphy").val() == \'mor\')
{
if (jQuery("#morphy").val() == \'mor\') {
jQuery("#tdcompany").addClass("fieldrequired");
}
if (jQuery("#morphy").val() == \'phy\')
{
if (jQuery("#morphy").val() == \'phy\') {
jQuery("#tdlastname").addClass("fieldrequired");
jQuery("#tdfirstname").addClass("fieldrequired");
}
@ -1167,17 +1164,14 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) {
document.formsoc.action.value="edit";
document.formsoc.submit();
});
function initfieldrequired()
{
function initfieldrequired() {
jQuery("#tdcompany").removeClass("fieldrequired");
jQuery("#tdlastname").removeClass("fieldrequired");
jQuery("#tdfirstname").removeClass("fieldrequired");
if (jQuery("#morphy").val() == \'mor\')
{
if (jQuery("#morphy").val() == \'mor\') {
jQuery("#tdcompany").addClass("fieldrequired");
}
if (jQuery("#morphy").val() == \'phy\')
{
if (jQuery("#morphy").val() == \'phy\') {
jQuery("#tdlastname").addClass("fieldrequired");
jQuery("#tdfirstname").addClass("fieldrequired");
}
@ -1747,12 +1741,12 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) {
print $langs->trans("SubscriptionNotNeeded");
} elseif (!$adht->subscription) {
print $langs->trans("SubscriptionNotRecorded");
if ($object->statut > 0) {
if (Adherent::STATUS_VALIDATED == $object->statut) {
print " ".img_warning($langs->trans("Late")); // displays delay Pictogram only if not a draft, not excluded and not resiliated
}
} else {
print $langs->trans("SubscriptionNotReceived");
if ($object->statut > 0) {
if (Adherent::STATUS_VALIDATED == $object->statut) {
print " ".img_warning($langs->trans("Late")); // displays delay Pictogram only if not a draft, not excluded and not resiliated
}
}
@ -1862,7 +1856,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) {
if ($action != 'editlogin' && $action != 'editthirdparty') {
// Send
if (empty($user->socid)) {
if ($object->statut == 1) {
if (Adherent::STATUS_VALIDATED == $object->statut) {
print '<div class="inline-block divButAction"><a class="butAction" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&action=presend&mode=init#formmailbeforetitle">'.$langs->trans('SendMail').'</a></div>'."\n";
}
}
@ -1870,20 +1864,14 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) {
// Send card by email
// TODO Remove this to replace with a template
/*
if ($user->rights->adherent->creer)
{
if ($object->statut >= 1)
{
if ($user->rights->adherent->creer) {
if (Adherent::STATUS_VALIDATED == $object->statut) {
if ($object->email) print '<div class="inline-block divButAction"><a class="butAction" href="card.php?rowid='.$object->id.'&action=sendinfo">'.$langs->trans("SendCardByMail")."</a></div>\n";
else print '<div class="inline-block divButAction"><a class="butActionRefused classfortooltip" href="#" title="'.dol_escape_htmltag($langs->trans("NoEMail")).'">'.$langs->trans("SendCardByMail")."</a></div>\n";
}
else
{
} else {
print '<div class="inline-block divButAction"><font class="butActionRefused classfortooltip" href="#" title="'.dol_escape_htmltag($langs->trans("ValidateBefore")).'">'.$langs->trans("SendCardByMail")."</font></div>";
}
}
else
{
} else {
print '<div class="inline-block divButAction"><font class="butActionRefused classfortooltip" href="#" title="'.dol_escape_htmltag($langs->trans("NotEnoughPermissions")).'">'.$langs->trans("SendCardByMail")."</font></div>";
}*/
@ -1895,7 +1883,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) {
}
// Validate
if ($object->statut == -1) {
if (Adherent::STATUS_DRAFT == $object->statut) {
if ($user->rights->adherent->creer) {
print '<div class="inline-block divButAction"><a class="butAction" href="card.php?rowid='.$id.'&action=valid">'.$langs->trans("Validate").'</a></div>'."\n";
} else {
@ -1904,7 +1892,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) {
}
// Reactivate
if ($object->statut == 0 || $object->statut == -2) {
if (Adherent::STATUS_RESILIATED == $object->statut || Adherent::STATUS_EXCLUDED == $Object->statut) {
if ($user->rights->adherent->creer) {
print '<div class="inline-block divButAction"><a class="butAction" href="card.php?rowid='.$id.'&action=valid">'.$langs->trans("Reenable")."</a></div>\n";
} else {
@ -1913,7 +1901,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) {
}
// Resiliate
if ($object->statut >= 1) {
if (Adherent::STATUS_VALIDATED == $object->statut) {
if ($user->rights->adherent->supprimer) {
print '<div class="inline-block divButAction"><a class="butAction" href="card.php?rowid='.$id.'&action=resiliate">'.$langs->trans("Resiliate")."</a></div>\n";
} else {
@ -1922,7 +1910,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) {
}
// Exclude
if ($object->statut >= 1) {
if (Adherent::STATUS_VALIDATED == $object->statut) {
if ($user->rights->adherent->supprimer) {
print '<div class="inline-block divButAction"><a class="butAction" href="card.php?rowid='.$id.'&action=exclude">'.$langs->trans("Exclude")."</a></div>\n";
} else {
@ -1933,7 +1921,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) {
// Create third party
if (!empty($conf->societe->enabled) && !$object->socid) {
if ($user->rights->societe->creer) {
if ($object->statut != -1) {
if (Adherent::STATUS_DRAFT != $object->statut) {
print '<div class="inline-block divButAction"><a class="butAction" href="'.$_SERVER["PHP_SELF"].'?rowid='.$object->id.'&amp;action=create_thirdparty">'.$langs->trans("CreateDolibarrThirdParty").'</a></div>'."\n";;
} else {
print '<div class="inline-block divButAction"><a class="butActionRefused classfortooltip" href="#" title="'.dol_escape_htmltag($langs->trans("ValidateBefore")).'">'.$langs->trans("CreateDolibarrThirdParty").'</a></div>'."\n";
@ -1946,7 +1934,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) {
// Create user
if (!$user->socid && !$object->user_id) {
if ($user->rights->user->user->creer) {
if ($object->statut != -1) {
if (Adherent::STATUS_DRAFT != $object->statut) {
print '<div class="inline-block divButAction"><a class="butAction" href="'.$_SERVER["PHP_SELF"].'?rowid='.$object->id.'&amp;action=create_user">'.$langs->trans("CreateDolibarrLogin").'</a></div>'."\n";
} else {
print '<div class="inline-block divButAction"><a class="butActionRefused classfortooltip" href="#" title="'.dol_escape_htmltag($langs->trans("ValidateBefore")).'">'.$langs->trans("CreateDolibarrLogin").'</a></div>'."\n";
@ -2010,7 +1998,9 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) {
// Show links to link elements
/*$linktoelem = $form->showLinkToObjectBlock($object,array('order'));
if ($linktoelem) print ($somethingshown?'':'<br>').$linktoelem;
if ($linktoelem) {
print ($somethingshown?'':'<br>').$linktoelem;
}
*/
// Show online payment link

74
htdocs/adherents/class/adherent.class.php
View File

@ -44,7 +44,6 @@ require_once DOL_DOCUMENT_ROOT.'/categories/class/categorie.class.php';
*/
class Adherent extends CommonObject
{
/**
* @var string ID to identify managed object
*/
@ -205,12 +204,11 @@ class Adherent extends CommonObject
*/
public $morphy;
/**
* @var int Info can be public
*/
public $public;
// -2:exclu, -1:brouillon, 0:resilie, >=1:valide,paye
// def in common object
//public $status;
/**
* @var string photo of member
*/
@ -327,11 +325,28 @@ class Adherent extends CommonObject
'fk_user_valid' => array('type' => 'integer:User:user/class/user.class.php', 'label' => 'UserValidation', 'enabled' => 1, 'visible' => -1, 'position' => 190),
'canvas' => array('type' => 'varchar(32)', 'label' => 'Canvas', 'enabled' => 1, 'visible' => -1, 'position' => 195),
'statut' => array('type' => 'smallint(6)', 'label' => 'Statut', 'enabled' => 1, 'visible' => -1, 'notnull' => 1, 'position' => 500,
'arrayofkeyval' => array(0 => 'Draft', 1 => 'Validated', -1 => 'MemberStatusResiliatedShort', -2 => 'MemberStatusExcludedShort')),
'arrayofkeyval' => array(-1 => 'Draft', 1 => 'Validated', 0 => 'MemberStatusResiliatedShort', -2 => 'MemberStatusExcludedShort')),
'model_pdf' => array('type' => 'varchar(255)', 'label' => 'Model pdf', 'enabled' => 1, 'visible' => 0, 'position' => 800),
'import_key' => array('type' => 'varchar(14)', 'label' => 'ImportId', 'enabled' => 1, 'visible' => -2, 'position' => 805)
);
/**
* Draft status
*/
const STATUS_DRAFT = -1;
/**
* Validated status
*/
const STATUS_VALIDATED = 1;
/**
* Resiliated
*/
const STATUS_RESILIATED = 0;
/**
* Excluded
*/
const STATUS_EXCLUDED = -2;
/**
* Constructor
@ -341,7 +356,8 @@ class Adherent extends CommonObject
public function __construct($db)
{
$this->db = $db;
$this->statut = -1;
$this->statut = self::STATUS_DRAFT;
$this->status = $this->statut;
// l'adherent n'est pas public par defaut
$this->public = 0;
// les champs optionnels sont vides
@ -1570,9 +1586,11 @@ class Adherent extends CommonObject
* @param string $emetteur_nom Name of cheque writer
* @param string $emetteur_banque Name of bank of cheque
* @param string $autocreatethirdparty Auto create new thirdparty if member not yet linked to a thirdparty and we request an option that generate invoice.
* @param string $ext_payment_id External id of payment (for example Stripe charge id)
* @param string $ext_payment_site Name of external paymentmode (for example 'stripe')
* @return int <0 if KO, >0 if OK
*/
public function subscriptionComplementaryActions($subscriptionid, $option, $accountid, $datesubscription, $paymentdate, $operation, $label, $amount, $num_chq, $emetteur_nom = '', $emetteur_banque = '', $autocreatethirdparty = 0)
public function subscriptionComplementaryActions($subscriptionid, $option, $accountid, $datesubscription, $paymentdate, $operation, $label, $amount, $num_chq, $emetteur_nom = '', $emetteur_banque = '', $autocreatethirdparty = 0, $ext_payment_id = '', $ext_payment_site = '')
{
global $conf, $langs, $user, $mysoc;
@ -1752,6 +1770,8 @@ class Adherent extends CommonObject
$paiement->paiementid = dol_getIdFromCode($this->db, $operation, 'c_paiement', 'code', 'id', 1);
$paiement->num_payment = $num_chq;
$paiement->note_public = $label;
$paiement->ext_payment_id = $ext_payment_id;
$paiement->ext_payment_site = $ext_payment_site;
if (!$error) {
// Create payment line for invoice
@ -1834,7 +1854,7 @@ class Adherent extends CommonObject
$now = dol_now();
// Check parameters
if ($this->statut == 1) {
if ($this->statut == self::STATUS_VALIDATED) {
dol_syslog(get_class($this)."::validate statut of member does not allow this", LOG_WARNING);
return 0;
}
@ -1842,7 +1862,7 @@ class Adherent extends CommonObject
$this->db->begin();
$sql = "UPDATE ".MAIN_DB_PREFIX."adherent SET";
$sql .= " statut = 1";
$sql .= " statut = ".self::STATUS_VALIDATED;
$sql .= ", datevalid = '".$this->db->idate($now)."'";
$sql .= ", fk_user_valid=".$user->id;
$sql .= " WHERE rowid = ".$this->id;
@ -1850,7 +1870,7 @@ class Adherent extends CommonObject
dol_syslog(get_class($this)."::validate", LOG_DEBUG);
$result = $this->db->query($sql);
if ($result) {
$this->statut = 1;
$this->statut = self::STATUS_VALIDATED;
// Call trigger
$result = $this->call_trigger('MEMBER_VALIDATE', $user);
@ -1886,7 +1906,7 @@ class Adherent extends CommonObject
$error = 0;
// Check parameters
if ($this->statut == 0) {
if ($this->statut == self::STATUS_RESILIATED) {
dol_syslog(get_class($this)."::resiliate statut of member does not allow this", LOG_WARNING);
return 0;
}
@ -1894,13 +1914,13 @@ class Adherent extends CommonObject
$this->db->begin();
$sql = "UPDATE ".MAIN_DB_PREFIX."adherent SET";
$sql .= " statut = 0";
$sql .= " statut = ".self::STATUS_RESILIATED;
$sql .= ", fk_user_valid=".$user->id;
$sql .= " WHERE rowid = ".$this->id;
$result = $this->db->query($sql);
if ($result) {
$this->statut = 0;
$this->statut = self::STATUS_RESILIATED;
// Call trigger
$result = $this->call_trigger('MEMBER_RESILIATE', $user);
@ -1936,7 +1956,7 @@ class Adherent extends CommonObject
$error = 0;
// Check parameters
if ($this->statut == 0) {
if ($this->statut == self::STATUS_EXCLUDED) {
dol_syslog(get_class($this)."::resiliate statut of member does not allow this", LOG_WARNING);
return 0;
}
@ -1944,13 +1964,13 @@ class Adherent extends CommonObject
$this->db->begin();
$sql = "UPDATE ".MAIN_DB_PREFIX."adherent SET";
$sql .= " statut = -2";
$sql .= " statut = ".self::STATUS_EXCLUDED;
$sql .= ", fk_user_valid=".$user->id;
$sql .= " WHERE rowid = ".$this->id;
$result = $this->db->query($sql);
if ($result) {
$this->statut = 0;
$this->statut = self::STATUS_EXCLUDED;
// Call trigger
$result = $this->call_trigger('MEMBER_EXCLUDE', $user);
@ -2255,11 +2275,11 @@ class Adherent extends CommonObject
$labelStatus = '';
$labelStatusShort = '';
if ($status == -1) {
if ($status == self::STATUS_DRAFT) {
$statusType = 'status0';
$labelStatus = $langs->trans("MemberStatusDraft");
$labelStatusShort = $langs->trans("MemberStatusDraftShort");
} elseif ($status >= 1) {
} elseif ($status >= self::STATUS_VALIDATED) {
if ($need_subscription == 0) {
$statusType = 'status4';
$labelStatus = $langs->trans("MemberStatusNoSubscription");
@ -2277,11 +2297,11 @@ class Adherent extends CommonObject
$labelStatus = $langs->trans("MemberStatusPaid");
$labelStatusShort = $langs->trans("MemberStatusPaidShort");
}
} elseif ($status == 0) {
} elseif ($status == self::STATUS_RESILIATED) {
$statusType = 'status6';
$labelStatus = $langs->trans("MemberStatusResiliated");
$labelStatusShort = $langs->trans("MemberStatusResiliatedShort");
} elseif ($status == -2) {
} elseif ($status == self::STATUS_EXCLUDED) {
$statusType = 'status10';
$labelStatus = $langs->trans("MemberStatusExcluded");
$labelStatusShort = $langs->trans("MemberStatusExcludedShort");
@ -2347,11 +2367,11 @@ class Adherent extends CommonObject
$sql .= ", ".MAIN_DB_PREFIX."adherent_type as t";
$sql .= " WHERE a.fk_adherent_type = t.rowid";
if ($mode == 'expired') {
$sql .= " AND a.statut = 1";
$sql .= " AND a.statut = ".self::STATUS_VALIDATED;
$sql .= " AND a.entity IN (".getEntity('adherent').")";
$sql .= " AND ((a.datefin IS NULL or a.datefin < '".$this->db->idate($now)."') AND t.subscription = '1')";
} elseif ($mode == 'shift') {
$sql .= " AND a.statut = -1";
$sql .= " AND a.statut = ".self::STATUS_DRAFT;
$sql .= " AND a.entity IN (".getEntity('adherent').")";
}
@ -2368,10 +2388,10 @@ class Adherent extends CommonObject
$warning_delay = $conf->adherent->subscription->warning_delay / 60 / 60 / 24;
$label = $langs->trans("MembersWithSubscriptionToReceive");
$labelShort = $langs->trans("MembersWithSubscriptionToReceiveShort");
$url = DOL_URL_ROOT.'/adherents/list.php?mainmenu=members&amp;statut=1&amp;filter=outofdate';
$url = DOL_URL_ROOT.'/adherents/list.php?mainmenu=members&amp;statut='.self::STATUS_VALIDATED.'&amp;filter=outofdate';
} elseif ($mode == 'shift') {
$warning_delay = $conf->adherent->subscription->warning_delay / 60 / 60 / 24;
$url = DOL_URL_ROOT.'/adherents/list.php?mainmenu=members&amp;statut=-1';
$url = DOL_URL_ROOT.'/adherents/list.php?mainmenu=members&amp;statut='.self::STATUS_DRAFT;
$label = $langs->trans("MembersListToValid");
$labelShort = $langs->trans("ToValidate");
}
@ -2484,7 +2504,7 @@ class Adherent extends CommonObject
$this->birth = $now;
$this->photo = '';
$this->public = 1;
$this->statut = 0;
$this->statut = self::STATUS_DRAFT;
$this->datefin = $now;
$this->datevalid = $now;
@ -2803,7 +2823,7 @@ class Adherent extends CommonObject
global $conf;
//Only valid members
if ($this->statut <= 0) {
if ($this->statut != self::STATUS_VALIDATED) {
return false;
}
if (!$this->datefin) {

8
htdocs/admin/delais.php
View File

@ -359,16 +359,16 @@ if (empty($conf->global->MAIN_DISABLE_METEO) || $conf->global->MAIN_DISABLE_METE
print '<div>';
print '<div class="inline-block" style="padding-right: 20px">';
print img_weather($text, 0, $options);
print ' &lt;= <input type="text" size="2" name="MAIN_METEO_PERCENTAGE_LEVEL0" value="'.$conf->global->MAIN_METEO_PERCENTAGE_LEVEL0.'"/>&nbsp;%</td>';
print ' &lt;= <input type="text" size="2" name="MAIN_METEO_PERCENTAGE_LEVEL0" value="'.getDolGlobalString('MAIN_METEO_PERCENTAGE_LEVEL0').'"/>&nbsp;%</td>';
print '</div><div class="inline-block" style="padding-right: 20px">';
print img_weather($text, 1, $options);
print ' &lt;= <input type="text" size="2" name="MAIN_METEO_PERCENTAGE_LEVEL1" value="'.$conf->global->MAIN_METEO_PERCENTAGE_LEVEL1.'"/>&nbsp;%</td>';
print ' &lt;= <input type="text" size="2" name="MAIN_METEO_PERCENTAGE_LEVEL1" value="'.getDolGlobalString('MAIN_METEO_PERCENTAGE_LEVEL1').'"/>&nbsp;%</td>';
print '</div><div class="inline-block" style="padding-right: 20px">';
print img_weather($text, 2, $options);
print ' &lt;= <input type="text" size="2" name="MAIN_METEO_PERCENTAGE_LEVEL2" value="'.$conf->global->MAIN_METEO_PERCENTAGE_LEVEL2.'"/>&nbsp;%</td>';
print ' &lt;= <input type="text" size="2" name="MAIN_METEO_PERCENTAGE_LEVEL2" value="'.getDolGlobalString('MAIN_METEO_PERCENTAGE_LEVEL2').'"/>&nbsp;%</td>';
print '</div><div class="inline-block" style="padding-right: 20px">';
print img_weather($text, 3, $options);
print ' &lt;= <input type="text" size="2" name="MAIN_METEO_PERCENTAGE_LEVEL3" value="'.$conf->global->MAIN_METEO_PERCENTAGE_LEVEL3.'"/>&nbsp;%</td>';
print ' &lt;= <input type="text" size="2" name="MAIN_METEO_PERCENTAGE_LEVEL3" value="'.getDolGlobalString('MAIN_METEO_PERCENTAGE_LEVEL3').'"/>&nbsp;%</td>';
print '</div>';
print '</div>';

2
htdocs/admin/mails.php
View File

@ -719,7 +719,7 @@ if ($action == 'edit') {
$liste['user'] = $langs->trans('UserEmail');
$liste['company'] = $langs->trans('CompanyEmail').' ('.(empty($conf->global->MAIN_INFO_SOCIETE_MAIL) ? $langs->trans("NotDefined") : $conf->global->MAIN_INFO_SOCIETE_MAIL).')';
$sql = 'SELECT rowid, label, email FROM '.MAIN_DB_PREFIX.'c_email_senderprofile';
$sql .= ' WHERE active = 1 AND (private = 0 OR private = '.$user->id.')';
$sql .= ' WHERE active = 1 AND (private = 0 OR private = '.((int) $user->id).')';
$resql = $db->query($sql);
if ($resql) {
$num = $db->num_rows($resql);

38
htdocs/admin/notification.php
View File

@ -243,7 +243,7 @@ if ($conf->global->MAIN_FEATURES_LEVEL >= 2) {
$elementLabel = $langs->trans('Intervention');
} elseif ($notifiedevent['elementtype'] == 'shipping') {
$elementLabel = $langs->trans('Shipping');
} elseif ($notifiedevent['elementtype'] == 'expensereport') {
} elseif ($notifiedevent['elementtype'] == 'expensereport' || $notifiedevent['elementtype'] == 'expense_report') {
$elementLabel = $langs->trans('ExpenseReport');
}
@ -271,6 +271,8 @@ if ($conf->global->MAIN_FEATURES_LEVEL >= 2) {
$helptext = '';
form_constantes($constantes, 3, $helptext);
print '<div class="center"><input type="submit" class="button button-save" value="'.$langs->trans("Save").'"></div>';
} else {
print '<table class="noborder centpercent">';
print '<tr class="liste_titre">';
@ -300,7 +302,7 @@ if ($conf->global->MAIN_FEATURES_LEVEL >= 2) {
$elementLabel = $langs->trans('Intervention');
} elseif ($notifiedevent['elementtype'] == 'shipping') {
$elementLabel = $langs->trans('Shipping');
} elseif ($notifiedevent['elementtype'] == 'expensereport') {
} elseif ($notifiedevent['elementtype'] == 'expensereport' || $notifiedevent['elementtype'] == 'expense_report') {
$elementLabel = $langs->trans('ExpenseReport');
}
@ -316,7 +318,13 @@ if ($conf->global->MAIN_FEATURES_LEVEL >= 2) {
print '</table>';
}
print '<div class="center"><input type="submit" class="button button-save" value="'.$langs->trans("Save").'"></div>';
print '<div class="opacitymedium">';
print '* '.$langs->trans("GoOntoUserCardToAddMore").'<br>';
if (!empty($conf->societe->enabled)) {
print '** '.$langs->trans("GoOntoContactCardToAddMore").'<br>';
}
print '</div>';
print '</form>';
@ -343,28 +351,38 @@ print "</tr>\n";
foreach ($listofnotifiedevents as $notifiedevent) {
$label = $langs->trans("Notify_".$notifiedevent['code']); //!=$langs->trans("Notify_".$notifiedevent['code'])?$langs->trans("Notify_".$notifiedevent['code']):$notifiedevent['label'];
$elementPicto = $notifiedevent['elementtype'];
$elementLabel = $langs->trans(ucfirst($notifiedevent['elementtype']));
// Special cases
if ($notifiedevent['elementtype'] == 'order_supplier') {
$elementPicto = 'supplier_order';
$elementLabel = $langs->trans('SupplierOrder');
} elseif ($notifiedevent['elementtype'] == 'propal') {
$elementLabel = $langs->trans('Proposal');
} elseif ($notifiedevent['elementtype'] == 'facture') {
$elementPicto = 'bill';
$elementLabel = $langs->trans('Bill');
} elseif ($notifiedevent['elementtype'] == 'commande') {
$elementPicto = 'order';
$elementLabel = $langs->trans('Order');
} elseif ($notifiedevent['elementtype'] == 'ficheinter') {
$elementPicto = 'intervention';
$elementLabel = $langs->trans('Intervention');
} elseif ($notifiedevent['elementtype'] == 'shipping') {
$elementPicto = 'shipment';
$elementLabel = $langs->trans('Shipping');
} elseif ($notifiedevent['elementtype'] == 'expensereport') {
} elseif ($notifiedevent['elementtype'] == 'expensereport' || $notifiedevent['elementtype'] == 'expense_report') {
$elementPicto = 'expensereport';
$elementLabel = $langs->trans('ExpenseReport');
}
print '<tr class="oddeven">';
print '<td>'.$elementLabel.'</td>';
print '<td>';
print img_picto('', $elementPicto, 'class="pictofixedwidth"');
print $elementLabel;
print '</td>';
print '<td>'.$notifiedevent['code'].'</td>';
print '<td>'.$label.'</td>';
print '<td><span class="opacitymedium">'.$label.'</span></td>';
print '<td>';
// Notification with threshold
foreach ($conf->global as $key => $val) {
@ -417,14 +435,6 @@ foreach ($listofnotifiedevents as $notifiedevent) {
}
print '</table>';
print '<div class="opacitymedium">';
print '* '.$langs->trans("GoOntoUserCardToAddMore").'<br>';
if (!empty($conf->societe->enabled)) {
print '** '.$langs->trans("GoOntoContactCardToAddMore").'<br>';
}
print '</div>';
print '<br>';
print '<div class="center"><input type="submit" class="button button-save" value="'.$langs->trans("Save").'"></div>';

2
htdocs/admin/payment.php
View File

@ -189,7 +189,7 @@ foreach ($dirmodels as $reldir) {
if ($conf->global->PAYMENT_ADDON == $file || $conf->global->PAYMENT_ADDON.'.php' == $file) {
print img_picto($langs->trans("Activated"), 'switch_on');
} else {
print '<a class="reposition" href="'.$_SERVER["PHP_SELF"].'?action=setmo&token='.newToken().'&value='.preg_replace('/\.php$/', '', $file).'&scan_dir='.$module->scandir.'&label='.urlencode($module->name).'" alt="'.$langs->trans("Default").'">'.img_picto($langs->trans("Disabled"), 'switch_off').'</a>';
print '<a class="reposition" href="'.$_SERVER["PHP_SELF"].'?action=setmod&token='.newToken().'&value='.preg_replace('/\.php$/', '', $file).'&scan_dir='.$module->scandir.'&label='.urlencode($module->name).'" alt="'.$langs->trans("Default").'">'.img_picto($langs->trans("Disabled"), 'switch_off').'</a>';
}
print '</td>';

15
htdocs/admin/receiptprinter.php
View File

@ -431,7 +431,9 @@ if ($mode == 'template' && $user->admin) {
print '<td>';
print '<textarea name="template" wrap="soft" cols="120" rows="12">'.$printer->listprinterstemplates[$line]['template'].'</textarea>';
print '</td>';
print '<td></td>';
print '<td>';
print '<div class="center"><input type="submit" class="button button-save" value="'.dol_escape_htmltag($langs->trans("Save")).'"></div>';
print '</td>';
} else {
print '<td>'.$printer->listprinterstemplates[$line]['name'].'</td>';
print '<td>'.dol_htmlentitiesbr($printer->listprinterstemplates[$line]['template']).'</td>';
@ -459,18 +461,15 @@ if ($mode == 'template' && $user->admin) {
print '<textarea name="template" wrap="soft" cols="120" rows="12">';
print '</textarea>';
print '</td>';
print '<td></td>';
print '<td>';
print '<input type="hidden" name="templateid" value="'.$printer->listprinterstemplates[$line]['rowid'].'">';
print '<input type="submit" class="button" value="'.dol_escape_htmltag($langs->trans("Add")).'">';
print '</td>';
print '</tr>';
}
print '</table>';
if ($action != 'edittemplate') {
print '<input type="hidden" name="templateid" value="'.$printer->listprinterstemplates[$line]['rowid'].'">';
print '<div class="center"><input type="submit" class="button" value="'.dol_escape_htmltag($langs->trans("Add")).'"></div>';
} else {
print '<div class="center"><input type="submit" class="button button-save" value="'.dol_escape_htmltag($langs->trans("Save")).'"></div>';
}
print '</form>';
print dol_get_fiche_end();

16
htdocs/admin/security.php
View File

@ -394,18 +394,18 @@ print '</tr>';
print '<tr class="oddeven">';
print '<td colspan="3">'.$langs->trans("DoNotStoreClearPassword").'</td>';
print '<td align="center" width="60">';
if (!empty($conf->global->DATABASE_PWD_ENCRYPTED)) {
if (getDolGlobalString('DATABASE_PWD_ENCRYPTED')) {
print img_picto($langs->trans("Active"), 'tick');
}
print '</td>';
if (!$conf->global->DATABASE_PWD_ENCRYPTED) {
if (!getDolGlobalString('DATABASE_PWD_ENCRYPTED')) {
print '<td align="center" width="100">';
print '<a href="security.php?action=activate_encrypt">'.$langs->trans("Activate").'</a>';
print "</td>";
}
// Database conf file encryption
if (!empty($conf->global->DATABASE_PWD_ENCRYPTED)) {
if (getDolGlobalString('DATABASE_PWD_ENCRYPTED')) {
print '<td align="center" width="100">';
if ($allow_disable_encryption) {
//On n'autorise pas l'annulation de l'encryption car les mots de passe ne peuvent pas etre decodes
@ -453,16 +453,16 @@ print '</tr>';
print '<tr class="oddeven">';
print '<td colspan="3">'.$langs->trans("DisableForgetPasswordLinkOnLogonPage").'</td>';
print '<td align="center" width="60">';
if (!empty($conf->global->MAIN_SECURITY_DISABLEFORGETPASSLINK)) {
if (getDolGlobalString('MAIN_SECURITY_DISABLEFORGETPASSLINK')) {
print img_picto($langs->trans("Active"), 'tick');
}
print '</td>';
if (empty($conf->global->MAIN_SECURITY_DISABLEFORGETPASSLINK)) {
if (!getDolGlobalString('MAIN_SECURITY_DISABLEFORGETPASSLINK')) {
print '<td align="center" width="100">';
print '<a href="'.$_SERVER["PHP_SELF"].'?action=activate_MAIN_SECURITY_DISABLEFORGETPASSLINK&token='.newToken().'">'.$langs->trans("Activate").'</a>';
print "</td>";
}
if (!empty($conf->global->MAIN_SECURITY_DISABLEFORGETPASSLINK)) {
if (getDolGlobalString('MAIN_SECURITY_DISABLEFORGETPASSLINK')) {
print '<td align="center" width="100">';
print '<a href="'.$_SERVER["PHP_SELF"].'?action=disable_MAIN_SECURITY_DISABLEFORGETPASSLINK&token='.newToken().'">'.$langs->trans("Disable").'</a>';
print "</td>";
@ -481,8 +481,8 @@ if (GETPOST('info', 'int') > 0) {
} else {
print $langs->trans("Note: The function password_hash does not exists on your PHP")."<br>\n";
}
print 'MAIN_SECURITY_HASH_ALGO = '.$conf->global->MAIN_SECURITY_HASH_ALGO."<br>\n";
print 'MAIN_SECURITY_SALT = '.$conf->global->MAIN_SECURITY_SALT."<br>\n";
print 'MAIN_SECURITY_HASH_ALGO = '.getDolGlobalString('MAIN_SECURITY_HASH_ALGO')."<br>\n";
print 'MAIN_SECURITY_SALT = '.getDolGlobalString('MAIN_SECURITY_SALT')."<br>\n";
}
print '</div>';

4
htdocs/admin/system/dolibarr.php
View File

@ -139,8 +139,8 @@ if (preg_match('/[a-z]+/i', $version)) {
}
print '</td></tr>'."\n";
print '<tr class="oddeven"><td>'.$langs->trans("VersionLastUpgrade").' ('.$langs->trans("Database").')</td><td>'.$conf->global->MAIN_VERSION_LAST_UPGRADE.'</td></tr>'."\n";
print '<tr class="oddeven"><td>'.$langs->trans("VersionLastInstall").'</td><td>'.$conf->global->MAIN_VERSION_LAST_INSTALL.'</td></tr>'."\n";
print '<tr class="oddeven"><td>'.$langs->trans("VersionLastUpgrade").' ('.$langs->trans("Database").')</td><td>'.getDolGlobalString('MAIN_VERSION_LAST_UPGRADE').'</td></tr>'."\n";
print '<tr class="oddeven"><td>'.$langs->trans("VersionLastInstall").'</td><td>'.getDolGlobalString('MAIN_VERSION_LAST_INSTALL').'</td></tr>'."\n";
print '</table>';
print '</div>';
print '<br>';

2
htdocs/admin/system/filecheck.php
View File

@ -124,7 +124,7 @@ if ($enableremotecheck) {
print '<input type="radio" name="target" id="checkboxremote" value="remote"'.(GETPOST('target') == 'remote' ? 'checked="checked"' : '').'> <label for="checkboxremote">'.$langs->trans("RemoteSignature").'</label> = ';
print '<input name="xmlremote" class="flat minwidth400" value="'.dol_escape_htmltag($xmlremote).'"><br>';
} else {
print '<input type="radio" name="target" value="remote" disabled="disabled"> '.$langs->trans("RemoteSignature").' = '.$xmlremote;
print '<input type="radio" name="target" value="remote" disabled="disabled"> '.$langs->trans("RemoteSignature").' = '.dol_escape_htmltag($xmlremote);
if (!GETPOST('xmlremote')) {
print ' <span class="warning">('.$langs->trans("FeatureAvailableOnlyOnStable").')</span>';
}

12
htdocs/admin/system/modules.php
View File

@ -25,7 +25,7 @@
require '../../main.inc.php';
require_once DOL_DOCUMENT_ROOT.'/core/lib/functions2.lib.php';
if (!$user->admin) {
if (empty($user->admin)) {
accessforbidden();
}
@ -164,17 +164,17 @@ foreach ($modules as $key => $module) {
$newModule->permission = $permission;
// pre-filter list
if ($search_name && !stristr($newModule->name, $search_name)) {
if (!empty($search_name) && !stristr($newModule->name, $search_name)) {
continue;
}
if ($search_version && !stristr($newModule->version, $search_version)) {
if (!empty($search_version) && !stristr($newModule->version, $search_version)) {
continue;
}
if ($search_id && !stristr($newModule->id, $search_id)) {
if (!empty($search_id) && !stristr($newModule->id, $search_id)) {
continue;
}
if ($search_permission) {
if (!empty($search_permission)) {
$found = false;
foreach ($newModule->permission as $permission) {
@ -211,7 +211,7 @@ print '<input type="hidden" name="sortfield" value="'.$sortfield.'">';
print '<input type="hidden" name="sortorder" value="'.$sortorder.'">';
print '<input type="hidden" name="contextpage" value="'.$contextpage.'">';
print_barre_liste($langs->trans("AvailableModules"), $page, $_SERVER["PHP_SELF"], '', $sortfield, $sortorder, $massactionbutton, -1, '', 'title_setup', 0, '', '', 0, 1, 1);
print_barre_liste($langs->trans("AvailableModules"), empty($page) ? 0 : $page, $_SERVER["PHP_SELF"], '', $sortfield, $sortorder, '', -1, '', 'title_setup', 0, '', '', 0, 1, 1);
print '<span class="opacitymedium">'.$langs->trans("ToActivateModule").'</span>';
print '<br>';

26
htdocs/api/class/api.class.php
View File

@ -72,23 +72,27 @@ class DolibarrApi
//$this->r->setSupportedFormats('jsonFormat');
}
// phpcs:disable PEAR.NamingConventions.ValidFunctionName.PublicUnderscore
/**
* Executed method when API is called without parameter
* Check and convert a string depending on its type/name.
*
* Display a short message an return a http code 200
*
* @return array
* @param string $field Field name
* @param string $value Value to check/clean
* @param stdClass $object Object
* @return string Value cleaned
*/
/* Disabled, most APIs does not share same signature for method index
function index()
protected function _checkValForAPI($field, $value, $object)
{
return array(
'success' => array(
'code' => 200,
'message' => __class__.' is up and running!'
)
);
}*/
// phpcs:enable
// TODO Use type detected in $object->fields
if (in_array($field, array('note', 'note_private', 'note_public', 'desc', 'description'))) {
return checkVal($value, 'restricthtml');
} else {
return checkVal($value, 'alphanohtml');
}
}
// phpcs:disable PEAR.NamingConventions.ValidFunctionName.PublicUnderscore
/**

7
htdocs/api/class/api_login.class.php
View File

@ -31,8 +31,13 @@ class Login
*/
public function __construct()
{
global $db;
global $conf, $db;
$this->db = $db;
//$conf->global->MAIN_MODULE_API_LOGIN_DISABLED = 1;
if (!empty($conf->global->MAIN_MODULE_API_LOGIN_DISABLED)) {
throw new RestException(403, "Error login APIs are disabled. You must get the token from backoffice to be able to use APIs");
}
}
/**

8
htdocs/api/class/api_setup.class.php
View File

@ -1631,8 +1631,8 @@ class Setup extends DolibarrApi
global $langs, $conf;
if (!DolibarrApiAccess::$user->admin
&& (empty($conf->global->API_LOGIN_ALLOWED_FOR_INTEGRITY_CHECK) || DolibarrApiAccess::$user->login != $conf->global->API_LOGIN_ALLOWED_FOR_INTEGRITY_CHECK)) {
throw new RestException(403, 'Error API open to admin users only or to the users with logins defined into constant API_LOGIN_ALLOWED_FOR_INTEGRITY_CHECK');
&& (empty($conf->global->API_LOGINS_ALLOWED_FOR_INTEGRITY_CHECK) || DolibarrApiAccess::$user->login != $conf->global->API_LOGINS_ALLOWED_FOR_INTEGRITY_CHECK)) {
throw new RestException(403, 'Error API open to admin users only or to the users with logins defined into constant API_LOGINS_ALLOWED_FOR_INTEGRITY_CHECK');
}
require_once DOL_DOCUMENT_ROOT.'/core/lib/files.lib.php';
@ -1937,8 +1937,8 @@ class Setup extends DolibarrApi
global $conf;
if (!DolibarrApiAccess::$user->admin
&& (empty($conf->global->API_LOGIN_ALLOWED_FOR_GET_MODULES) || DolibarrApiAccess::$user->login != $conf->global->API_LOGIN_ALLOWED_FOR_GET_MODULES)) {
throw new RestException(403, 'Error API open to admin users only or to the users with logins defined into constant API_LOGIN_ALLOWED_FOR_GET_MODULES');
&& (empty($conf->global->API_LOGINS_ALLOWED_FOR_GET_MODULES) || DolibarrApiAccess::$user->login != $conf->global->API_LOGINS_ALLOWED_FOR_GET_MODULES)) {
throw new RestException(403, 'Error API open to admin users only or to the users with logins defined into constant API_LOGINS_ALLOWED_FOR_GET_MODULES');
}
sort($conf->modules);

32
htdocs/api/index.php
View File

@ -119,7 +119,7 @@ if (preg_match('/api\/index\.php\/explorer/', $url) && !empty($conf->global->API
// Analyze URLs
// index.php/explorer do a redirect to index.php/explorer/
// index.php/explorer/ called by swagger to build explorer page
// index.php/explorer/ called by swagger to build explorer page index.php/explorer/index.html
// index.php/explorer/.../....png|.css|.js called by swagger for resources to build explorer page
// index.php/explorer/resources.json called by swagger to get list of all services
// index.php/explorer/resources.json/xxx called by swagger to get detail of services xxx
@ -218,6 +218,11 @@ if (!empty($reg[1]) && $reg[1] == 'explorer' && ($reg[2] == '/swagger.json' || $
continue;
}
//$conf->global->MAIN_MODULE_API_LOGIN_DISABLED = 1;
if ($file_searched == 'api_login.class.php' && !empty($conf->global->MAIN_MODULE_API_LOGIN_DISABLED)) {
continue;
}
$regapi = array();
if (is_readable($dir_part.$file_searched) && preg_match("/^api_(.*)\.class\.php$/i", $file_searched, $regapi)) {
$classname = ucwords($regapi[1]);
@ -291,6 +296,29 @@ if (!empty($reg[1]) && ($reg[1] != 'explorer' || ($reg[2] != '/swagger.json' &&
$classname = ucwords($moduleobject);
// Test rules on endpoints. For example:
// $conf->global->API_ENDPOINT_RULES = 'endpoint1:1,endpoint2:1,...'
if (!empty($conf->global->API_ENDPOINT_RULES)) {
$listofendpoints = explode(',', $conf->global->API_ENDPOINT_RULES);
$endpointisallowed = false;
foreach ($listofendpoints as $endpointrule) {
$tmparray = explode(':', $endpointrule);
if ($classfile == $tmparray[0] && $tmparray[1] == 1) {
$endpointisallowed = true;
break;
}
}
if (! $endpointisallowed) {
dol_syslog('The API with endpoint /'.$classfile.' is forbidden by config API_ENDPOINT_RULES', LOG_WARNING);
print 'The API with endpoint /'.$classfile.' is forbidden by config API_ENDPOINT_RULES';
header('HTTP/1.1 501 API is forbidden by API_ENDPOINT_RULES');
//session_destroy();
exit(0);
}
}
dol_syslog('Search api file /'.$moduledirforclass.'/class/api_'.$classfile.'.class.php => dir_part_file='.$dir_part_file.' classname='.$classname);
$res = false;
@ -314,7 +342,7 @@ if (!empty($reg[1]) && ($reg[1] != 'explorer' || ($reg[2] != '/swagger.json' &&
//var_dump($api->r->apiVersionMap);
//exit;
// We do not want that restler output data if we use native compression (default behaviour) but we want to have it returned into a string.
// We do not want that restler outputs data if we use native compression (default behaviour) but we want to have it returned into a string.
Luracast\Restler\Defaults::$returnResponse = (empty($conf->global->API_DISABLE_COMPRESSION) && !empty($_SERVER['HTTP_ACCEPT_ENCODING']));
// Call API (we suppose we found it).

2
htdocs/bom/bom_agenda.php
View File

@ -126,7 +126,7 @@ $form = new Form($db);
if ($object->id > 0) {
$title = $langs->trans("Agenda");
//if (! empty($conf->global->MAIN_HTML_TITLE) && preg_match('/thirdpartynameonly/',$conf->global->MAIN_HTML_TITLE) && $object->name) $title=$object->name." - ".$title;
$help_url = '';
$help_url = 'EN:Module_Agenda_En|FR:Module_Agenda|ES:Módulo_Agenda';
llxHeader('', $title, $help_url);
if (!empty($conf->notification->enabled)) {

4
htdocs/bom/bom_card.php
View File

@ -241,8 +241,8 @@ $formfile = new FormFile($db);
$title = $langs->trans('BOM');
llxHeader('', $title, '');
$help_url ='EN:Module_BOM';
llxHeader('', $title, $help_url);
// Example : Adding jquery code
print '<script type="text/javascript" language="javascript">

5
htdocs/bom/bom_document.php
View File

@ -100,8 +100,9 @@ include DOL_DOCUMENT_ROOT.'/core/actions_linkedfiles.inc.php';
$form = new Form($db);
$title = $langs->trans("BillOfMaterials").' - '.$langs->trans("Files");
$help_url = '';
//$help_url='EN:Module_Third_Parties|FR:Module_Tiers|ES:Empresas';
$help_url = 'EN:Module_BOM';
llxHeader('', $title, $help_url);
if ($object->id) {

8
htdocs/bom/bom_list.php
View File

@ -278,10 +278,12 @@ $form = new Form($db);
$now = dol_now();
//$help_url="EN:Module_BillOfMaterials|FR:Module_BillOfMaterials_FR|ES:Módulo_BillOfMaterials";
$help_url = '';
$help_url = 'EN:Module_BOM';
$title = $langs->trans('ListOfBOMs');
llxHeader('', $title, $help_url);
// Build and execute select
// --------------------------------------------------------------------
@ -393,7 +395,7 @@ if ($num == 1 && !empty($conf->global->MAIN_SEARCH_DIRECT_OPEN_IF_ONLY_ONE) && $
// Output page
// --------------------------------------------------------------------
llxHeader('', $title, $help_url);
// llxHeader('', $title, $help_url);
$arrayofselected = is_array($toselect) ? $toselect : array();

41
htdocs/bookmarks/card.php
View File

@ -46,6 +46,9 @@ $position = GETPOST("position", "int");
$backtopage = GETPOST('backtopage', 'alpha');
$object = new Bookmark($db);
if ($id > 0) {
$object->fetch($id);
}
/*
@ -133,7 +136,7 @@ $form = new Form($db);
$head = array();
$h = 1;
$head[$h][0] = $_SERVER["PHP_SELF"].($object->id ? 'id='.$object->id : '');
$head[$h][0] = $_SERVER["PHP_SELF"].($object->id ? '?id='.$object->id : '');
$head[$h][1] = $langs->trans("Bookmark");
$head[$h][2] = 'card';
$h++;
@ -153,25 +156,25 @@ if ($action == 'create') {
print load_fiche_titre($langs->trans("NewBookmark"));
print dol_get_fiche_head($head, $hselected, $langs->trans("Bookmark"), 0, 'bookmark');
print dol_get_fiche_head($head, $hselected, $langs->trans("Bookmark"), -1, 'bookmark');
print '<table class="border centpercent tableforfieldcreate">';
print '<tr><td class="titlefieldcreate fieldrequired">'.$langs->trans("BookmarkTitle").'</td><td><input id="titlebookmark" class="flat minwidth300" name="title" value="'.dol_escape_htmltag($title).'"></td><td class="hideonsmartphone">'.$langs->trans("SetHereATitleForLink").'</td></tr>';
print '<tr><td class="titlefieldcreate fieldrequired">'.$langs->trans("BookmarkTitle").'</td><td><input id="titlebookmark" class="flat minwidth300" name="title" value="'.dol_escape_htmltag($title).'"></td><td class="hideonsmartphone"><span class="opacitymedium">'.$langs->trans("SetHereATitleForLink").'</span></td></tr>';
dol_set_focus('#titlebookmark');
// Url
print '<tr><td class="fieldrequired">'.$langs->trans("UrlOrLink").'</td><td><input class="flat quatrevingtpercent" name="url" value="'.dol_escape_htmltag($url).'"></td><td class="hideonsmartphone">'.$langs->trans("UseAnExternalHttpLinkOrRelativeDolibarrLink").'</td></tr>';
print '<tr><td class="fieldrequired">'.$langs->trans("UrlOrLink").'</td><td><input class="flat quatrevingtpercent" name="url" value="'.dol_escape_htmltag($url).'"></td><td class="hideonsmartphone"><span class="opacitymedium">'.$langs->trans("UseAnExternalHttpLinkOrRelativeDolibarrLink").'</span></td></tr>';
// Target
print '<tr><td>'.$langs->trans("BehaviourOnClick").'</td><td>';
$liste = array(0=>$langs->trans("ReplaceWindow"), 1=>$langs->trans("OpenANewWindow"));
print $form->selectarray('target', $liste, 1);
print '</td><td class="hideonsmartphone">'.$langs->trans("ChooseIfANewWindowMustBeOpenedOnClickOnBookmark").'</td></tr>';
print '</td><td class="hideonsmartphone"><span class="opacitymedium">'.$langs->trans("ChooseIfANewWindowMustBeOpenedOnClickOnBookmark").'</span></td></tr>';
// Owner
print '<tr><td>'.$langs->trans("Owner").'</td><td>';
print img_picto('', 'user').' '.$form->select_dolusers(GETPOSTISSET('userid') ? GETPOST('userid', 'int') : $user->id, 'userid', 1, '', 0, '', '', 0, 0, 0, '', 0, '', 'maxwidth300');
print '<tr><td>'.$langs->trans("Visibility").'</td><td>';
print img_picto('', 'user').' '.$form->select_dolusers(GETPOSTISSET('userid') ? GETPOST('userid', 'int') : $user->id, 'userid', 0, '', 0, ($user->admin ? '' : array($user->id)), '', 0, 0, 0, '', ($user->admin) ? 1 : 0, '', 'maxwidth300');
print '</td><td class="hideonsmartphone">&nbsp;</td></tr>';
// Position
@ -193,20 +196,6 @@ if ($action == 'create') {
if ($id > 0 && !preg_match('/^add/i', $action)) {
/*
* Fact bookmark mode or visually edition
*/
$object->fetch($id);
$hselected = 'card';
$head = array(
array(
'',
$langs->trans('Card'),
'card'
)
);
if ($action == 'edit') {
print '<form name="edit" method="POST" action="'.$_SERVER["PHP_SELF"].'" enctype="multipart/form-data">';
print '<input type="hidden" name="token" value="'.newToken().'">';
@ -216,7 +205,6 @@ if ($id > 0 && !preg_match('/^add/i', $action)) {
print '<input type="hidden" name="backtopage" value="'.$backtopage.'">';
}
print dol_get_fiche_head($head, $hselected, $langs->trans("Bookmark"), -1, 'bookmark');
$linkback = '<a href="'.DOL_URL_ROOT.'/bookmarks/list.php?restore_lastsearch_values=1">'.$langs->trans("BackToList").'</a>';
@ -259,7 +247,10 @@ if ($id > 0 && !preg_match('/^add/i', $action)) {
if ($action == 'edit') {
print '<input class="flat minwidth500 quatrevingtpercent" name="url" value="'.(GETPOSTISSET("url") ? GETPOST("url") : $object->url).'">';
} else {
print '<a href="'.(preg_match('/^http/i', $object->url) ? $object->url : DOL_URL_ROOT.$object->url).'"'.($object->target ? ' target="_blank"' : '').'>'.$object->url.'</a>';
print '<a href="'.(preg_match('/^http/i', $object->url) ? $object->url : DOL_URL_ROOT.$object->url).'"'.($object->target ? ' target="_blank"' : '').'>';
print img_picto('', 'globe', 'class="paddingright"');
print $object->url;
print '</a>';
}
print '</td></tr>';
@ -277,7 +268,7 @@ if ($id > 0 && !preg_match('/^add/i', $action)) {
}
print '</td></tr>';
print '<tr><td>'.$langs->trans("Owner").'</td><td>';
print '<tr><td>'.$langs->trans("Visibility").'</td><td>';
if ($action == 'edit' && $user->admin) {
print img_picto('', 'user').' '.$form->select_dolusers(GETPOSTISSET('userid') ? GETPOST('userid', 'int') : ($object->fk_user ? $object->fk_user : ''), 'userid', 1, '', 0, '', '', 0, 0, 0, '', 0, '', 'maxwidth300');
} else {
@ -286,7 +277,7 @@ if ($id > 0 && !preg_match('/^add/i', $action)) {
$fuser->fetch($object->fk_user);
print $fuser->getNomUrl(1);
} else {
print $langs->trans("Public");
print '<span class="opacitymedium">'.$langs->trans("Everybody").'</span>';
}
}
print '</td></tr>';

18
htdocs/bookmarks/list.php
View File

@ -181,7 +181,7 @@ print_liste_field_titre("Ref", $_SERVER["PHP_SELF"], "b.rowid", "", $param, 'ali
print_liste_field_titre("Title", $_SERVER["PHP_SELF"], "b.title", "", $param, 'align="left"', $sortfield, $sortorder);
print_liste_field_titre("Link", $_SERVER["PHP_SELF"], "b.url", "", $param, 'align="left"', $sortfield, $sortorder);
print_liste_field_titre("Target", '', '', '', '', 'align="center"');
print_liste_field_titre("Owner", $_SERVER["PHP_SELF"], "u.lastname", "", $param, 'align="center"', $sortfield, $sortorder);
print_liste_field_titre("Visibility", $_SERVER["PHP_SELF"], "u.lastname", "", $param, 'align="center"', $sortfield, $sortorder);
print_liste_field_titre("Date", $_SERVER["PHP_SELF"], "b.dateb", "", $param, 'align="center"', $sortfield, $sortorder);
print_liste_field_titre("Position", $_SERVER["PHP_SELF"], "b.position", "", $param, 'class="right"', $sortfield, $sortorder);
print_liste_field_titre('');
@ -204,8 +204,10 @@ while ($i < min($num, $limit)) {
print '</td>';
$linkintern = 0;
$title = $obj->title;
$link = $obj->url;
$title = $obj->title;
$link = $obj->url;
$canedit = $user->rights->bookmark->supprimer;
$candelete = $user->rights->bookmark->creer;
// Title
print "<td>";
@ -251,7 +253,11 @@ while ($i < min($num, $limit)) {
$tmpuser = $cacheOfUsers[$obj->fk_user];
print $tmpuser->getNomUrl(1);
} else {
print $langs->trans("Public");
print '<span class="opacitymedium">'.$langs->trans("Everybody").'</span>';
if (!$user->admin) {
$candelete = false;
$canedit = false;
}
}
print "</td>\n";
@ -263,10 +269,10 @@ while ($i < min($num, $limit)) {
// Actions
print '<td class="nowrap right">';
if ($user->rights->bookmark->creer) {
if ($canedit) {
print '<a class="editfielda" href="'.DOL_URL_ROOT.'/bookmarks/card.php?action=edit&token='.newToken().'&id='.$obj->rowid.'&backtopage='.urlencode($_SERVER["PHP_SELF"]).'">'.img_edit()."</a>";
}
if ($user->rights->bookmark->supprimer) {
if ($candelete) {
print '<a class="marginleftonly" href="'.$_SERVER["PHP_SELF"].'?action=delete&token='.newToken().'&id='.$obj->rowid.'">'.img_delete().'</a>';
} else {
print "&nbsp;";

6
htdocs/categories/class/categorie.class.php
View File

@ -897,6 +897,8 @@ class Categorie extends CommonObject
$categories = array();
$type = checkVal($type, 'aZ09');
$sub_type = $type;
$subcol_name = "fk_".$type;
if ($type == "customer") {
@ -917,9 +919,9 @@ class Categorie extends CommonObject
$sql .= " FROM ".MAIN_DB_PREFIX."categorie as s";
$sql .= " , ".MAIN_DB_PREFIX."categorie_".$sub_type." as sub ";
$sql .= ' WHERE s.entity IN ('.getEntity('category').')';
$sql .= ' AND s.type='.$idoftype;
$sql .= ' AND s.type='.((int) $idoftype);
$sql .= ' AND s.rowid = sub.fk_categorie';
$sql .= ' AND sub.'.$subcol_name.' = '.$id;
$sql .= ' AND sub.'.$subcol_name.' = '.((int) $id);
$sql .= $this->db->order($sortfield, $sortorder);

2
htdocs/comm/action/card.php
View File

@ -1395,7 +1395,7 @@ if ($id > 0) {
// Confirmation suppression action
if ($action == 'delete') {
print $form->formconfirm("card.php?id=".$id, $langs->trans("DeleteAction"), $langs->trans("ConfirmDeleteAction"), "confirm_delete", '', '', 1);
print $form->formconfirm("card.php?id=".urlencode($id), $langs->trans("DeleteAction"), $langs->trans("ConfirmDeleteAction"), "confirm_delete", '', '', 1);
}
if ($action == 'edit') {

13
htdocs/comm/action/class/api_agendaevents.class.php
View File

@ -217,7 +217,7 @@ class AgendaEvents extends DolibarrApi
$result = $this->_validate($request_data);
foreach ($request_data as $field => $value) {
$this->actioncomm->$field = $value;
$this->actioncomm->$field = $this->_checkValForAPI($field, $value, $this->actioncomm);
}
/*if (isset($request_data["lines"])) {
$lines = array();
@ -226,6 +226,7 @@ class AgendaEvents extends DolibarrApi
}
$this->expensereport->lines = $lines;
}*/
if ($this->actioncomm->create(DolibarrApiAccess::$user) < 0) {
throw new RestException(500, "Error creating event", array_merge(array($this->actioncomm->error), $this->actioncomm->errors));
}
@ -268,7 +269,8 @@ class AgendaEvents extends DolibarrApi
if ($field == 'id') {
continue;
}
$this->actioncomm->$field = $value;
$this->actioncomm->$field = $this->_checkValForAPI($field, $value, $this->actioncomm);
}
if ($this->actioncomm->update(DolibarrApiAccess::$user, 1) > 0) {
@ -299,7 +301,7 @@ class AgendaEvents extends DolibarrApi
}
if (!DolibarrApiAccess::$user->rights->agenda->allactions->delete && DolibarrApiAccess::$user->id != $this->actioncomm->userownerid) {
throw new RestException(401, "Insufficient rights to delete an Agenda Event of owner id ".$request_data['userownerid'].' Your id is '.DolibarrApiAccess::$user->id);
throw new RestException(401, "Insufficient rights to delete an Agenda Event of owner id ".$this->actioncomm->userownerid.' Your id is '.DolibarrApiAccess::$user->id);
}
if (!$result) {
@ -398,9 +400,12 @@ class AgendaEvents extends DolibarrApi
unset($object->civility_id);
unset($object->contact);
unset($object->societe);
unset($object->demand_reason_id);
unset($object->transport_mode_id);
unset($object->region_id);
unset($object->actions);
unset($object->lines);
unset($object->modelpdf);
return $object;
}

6
htdocs/comm/action/index.php
View File

@ -874,10 +874,10 @@ if ($showbirthday) {
$sql .= ' WHERE (priv=0 OR (priv=1 AND fk_user_creat='.$user->id.'))';
$sql .= " AND sp.entity IN (".getEntity('socpeople').")";
if ($action == 'show_day') {
$sql .= ' AND MONTH(birthday) = '.$month;
$sql .= ' AND DAY(birthday) = '.$day;
$sql .= ' AND MONTH(birthday) = '.((int) $month);
$sql .= ' AND DAY(birthday) = '.((int) $day);
} else {
$sql .= ' AND MONTH(birthday) = '.$month;
$sql .= ' AND MONTH(birthday) = '.((int) $month);
}
$sql .= ' ORDER BY birthday';

35
htdocs/comm/index.php
View File

@ -37,6 +37,8 @@ require_once DOL_DOCUMENT_ROOT.'/contrat/class/contrat.class.php';
require_once DOL_DOCUMENT_ROOT.'/fourn/class/fournisseur.commande.class.php';
require_once DOL_DOCUMENT_ROOT.'/societe/class/client.class.php';
require_once DOL_DOCUMENT_ROOT.'/supplier_proposal/class/supplier_proposal.class.php';
require_once DOL_DOCUMENT_ROOT.'/core/lib/propal.lib.php';
require_once DOL_DOCUMENT_ROOT.'/core/lib/order.lib.php';
// Initialize technical object to manage hooks. Note that conf->hooks_modules contains array
$hookmanager = new HookManager($db);
@ -66,6 +68,8 @@ if ($user->socid > 0) {
}
restrictedArea($user, 'societe', $id, '&societe', '', 'fk_soc', 'rowid', 0);
$maxofloop = (empty($conf->global->MAIN_MAXLIST_OVERLOAD) ? 500 : $conf->global->MAIN_MAXLIST_OVERLOAD);
/*
* Actions
@ -100,6 +104,11 @@ print load_fiche_titre($langs->trans("CommercialArea"), '', 'commercial');
print '<div class="fichecenter"><div class="fichethirdleft">';
print getCustomerProposalPieChart($socid);
print '<br>';
print getCustomerOrderPieChart($socid);
print '<br>';
/*
* Draft customer proposals
*/
@ -129,14 +138,14 @@ if (!empty($conf->propal->enabled) && $user->rights->propal->lire) {
if ($resql) {
$total = 0;
$num = $db->num_rows($resql);
$nbofloop = min($num, (empty($conf->global->MAIN_MAXLIST_OVERLOAD) ? 500 : $conf->global->MAIN_MAXLIST_OVERLOAD));
$nbofloop = min($num, $maxofloop);
startSimpleTable("ProposalsDraft", "comm/propal/list.php", "search_status=".Propal::STATUS_DRAFT, 2, $num);
if ($num > 0) {
$i = 0;
$othernb = 0;
while ($i < $num && $i < $conf->liste_limit) {
while ($i < $nbofloop) {
$obj = $db->fetch_object($resql);
if ($i >= $max) {
@ -181,7 +190,7 @@ if (!empty($conf->propal->enabled) && $user->rights->propal->lire) {
if ($othernb) {
print '<tr class="oddeven">';
print '<td class="nowrap" colspan="5">';
print '<span class="opacitymedium">'.$langs->trans("More").'... ('.$othernb.')</span>';
print '<span class="opacitymedium">'.$langs->trans("More").'...'.($othernb < $maxofloop ? ' ('.$othernb.')' : '').'</span>';
print '</td>';
print "</tr>\n";
}
@ -226,14 +235,14 @@ if (!empty($conf->supplier_proposal->enabled) && $user->rights->supplier_proposa
if ($resql) {
$total = 0;
$num = $db->num_rows($resql);
$nbofloop = min($num, (empty($conf->global->MAIN_MAXLIST_OVERLOAD) ? 500 : $conf->global->MAIN_MAXLIST_OVERLOAD));
$nbofloop = min($num, $maxofloop);
startSimpleTable("SupplierProposalsDraft", "supplier_proposal/list.php", "search_status=".SupplierProposal::STATUS_DRAFT, 2, $num);
if ($num > 0) {
$i = 0;
$othernb = 0;
while ($i < $num && $i < $conf->liste_limit) {
while ($i < $nbofloop) {
$obj = $db->fetch_object($resql);
if ($i >= $max) {
@ -277,7 +286,7 @@ if (!empty($conf->supplier_proposal->enabled) && $user->rights->supplier_proposa
if ($othernb) {
print '<tr class="oddeven">';
print '<td class="nowrap" colspan="5">';
print '<span class="opacitymedium">'.$langs->trans("More").'... ('.$othernb.')</span>';
print '<span class="opacitymedium">'.$langs->trans("More").'...'.($othernb < $maxofloop ? ' ('.$othernb.')' : '').'</span>';
print '</td>';
print "</tr>\n";
}
@ -315,21 +324,21 @@ if (!empty($conf->commande->enabled) && $user->rights->commande->lire) {
$sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".$user->id;
}
if ($socid) {
$sql .= " AND c.fk_soc = ".$socid;
$sql .= " AND c.fk_soc = ".((int) $socid);
}
$resql = $db->query($sql);
if ($resql) {
$total = 0;
$num = $db->num_rows($resql);
$nbofloop = min($num, (empty($conf->global->MAIN_MAXLIST_OVERLOAD) ? 500 : $conf->global->MAIN_MAXLIST_OVERLOAD));
$nbofloop = min($num, $maxofloop);
startSimpleTable("DraftOrders", "commande/list.php", "search_status=".Commande::STATUS_DRAFT, 2, $num);
if ($num > 0) {
$i = 0;
$othernb = 0;
while ($i < $num && $i < $conf->liste_limit) {
while ($i < $nbofloop) {
$obj = $db->fetch_object($resql);
if ($i >= $max) {
@ -374,7 +383,7 @@ if (!empty($conf->commande->enabled) && $user->rights->commande->lire) {
if ($othernb) {
print '<tr class="oddeven">';
print '<td class="nowrap" colspan="5">';
print '<span class="opacitymedium">'.$langs->trans("More").'... ('.$othernb.')</span>';
print '<span class="opacitymedium">'.$langs->trans("More").'...'.($othernb < $maxofloop ? ' ('.$othernb.')' : '').'</span>';
print '</td>';
print "</tr>\n";
}
@ -419,14 +428,14 @@ if ((!empty($conf->fournisseur->enabled) && empty($conf->global->MAIN_USE_NEW_SU
if ($resql) {
$total = 0;
$num = $db->num_rows($resql);
$nbofloop = min($num, (empty($conf->global->MAIN_MAXLIST_OVERLOAD) ? 500 : $conf->global->MAIN_MAXLIST_OVERLOAD));
$nbofloop = min($num, $maxofloop);
startSimpleTable("DraftSuppliersOrders", "fourn/commande/list.php", "search_status=".CommandeFournisseur::STATUS_DRAFT, 2, $num);
if ($num > 0) {
$i = 0;
$othernb = 0;
while ($i < $num && $i < $conf->liste_limit) {
while ($i < $nbofloop) {
$obj = $db->fetch_object($resql);
if ($i >= $max) {
@ -471,7 +480,7 @@ if ((!empty($conf->fournisseur->enabled) && empty($conf->global->MAIN_USE_NEW_SU
if ($othernb) {
print '<tr class="oddeven">';
print '<td class="nowrap" colspan="5">';
print '<span class="opacitymedium">'.$langs->trans("More").'... ('.$othernb.')</span>';
print '<span class="opacitymedium">'.$langs->trans("More").'...'.($othernb < $maxofloop ? ' ('.$othernb.')' : '').'</span>';
print '</td>';
print "</tr>\n";
}

4
htdocs/comm/mailing/card.php
View File

@ -308,7 +308,7 @@ if (empty($reshook)) {
dol_syslog("comm/mailing/card.php: ok for #".$i.($mail->error ? ' - '.$mail->error : ''), LOG_DEBUG);
$sql = "UPDATE ".MAIN_DB_PREFIX."mailing_cibles";
$sql .= " SET statut=1, date_envoi='".$db->idate($now)."' WHERE rowid=".$obj->rowid;
$sql .= " SET statut=1, date_envoi = '".$db->idate($now)."' WHERE rowid=".((int) $obj->rowid);
$resql2 = $db->query($sql);
if (!$resql2) {
dol_print_error($db);
@ -378,7 +378,7 @@ if (empty($reshook)) {
}
}
$sql = "UPDATE ".MAIN_DB_PREFIX."mailing SET statut=".$statut." WHERE rowid=".$object->id;
$sql = "UPDATE ".MAIN_DB_PREFIX."mailing SET statut=".((int) $statut)." WHERE rowid = ".((int) $object->id);
dol_syslog("comm/mailing/card.php: update global status", LOG_DEBUG);
$resql2 = $db->query($sql);
if (!$resql2) {

2
htdocs/comm/mailing/cibles.php
View File

@ -104,8 +104,6 @@ if ($action == 'add') {
}
if ($result > 0) {
setEventMessages($langs->trans("XTargetsAdded", $result), null, 'mesgs');
//header("Location: ".$_SERVER['PHP_SELF']."?id=".$id);
//exit;
$action = '';
}
if ($result == 0) {

5
htdocs/comm/mailing/class/advtargetemailing.class.php
View File

@ -616,6 +616,10 @@ class AdvanceTargetingMailing extends CommonObject
if ($arrayquery['options_'.$key] != '') {
$sqlwhere[] = " (te.".$key." = ".((int) $arrayquery['options_'.$key]).")";
}
} elseif ($extrafields->attributes[$elementtype]['type'][$key] == 'link') {
if ($arrayquery['options_'.$key] > 0) {
$sqlwhere[]= " (te.".$key." = ".((int) $arrayquery['options_'.$key]).")";
}
} else {
if (is_array($arrayquery['options_'.$key])) {
$sqlwhere[] = " (te.".$key." IN (".$this->db->sanitize("'".implode("','", $arrayquery['options_'.$key])."'", 1)."))";
@ -642,7 +646,6 @@ class AdvanceTargetingMailing extends CommonObject
if ($num) {
while ($i < $num) {
$obj = $this->db->fetch_object($resql);
$this->thirdparty_lines[$i] = $obj->rowid;
$i++;

4
htdocs/comm/propal/card.php
View File

@ -1248,7 +1248,7 @@ if (empty($reshook)) {
if (empty($user->rights->margins->creer)) {
foreach ($object->lines as &$line) {
if ($line->id == GETPOST('lineid')) {
if ($line->id == GETPOST('lineid', 'int')) {
$fournprice = $line->fk_fournprice;
$buyingprice = $line->pa_ht;
break;
@ -2433,7 +2433,7 @@ if ($action == 'create') {
// Show object lines
$result = $object->getLinesArray();
print ' <form name="addproduct" id="addproduct" action="'.$_SERVER["PHP_SELF"].'?id='.$object->id.(($action != 'editline') ? '#addline' : '#line_'.GETPOST('lineid')).'" method="POST">
print ' <form name="addproduct" id="addproduct" action="'.$_SERVER["PHP_SELF"].'?id='.$object->id.(($action != 'editline') ? '#addline' : '#line_'.GETPOST('lineid', 'int')).'" method="POST">
<input type="hidden" name="token" value="' . newToken().'">
<input type="hidden" name="action" value="' . (($action != 'editline') ? 'addline' : 'updateline').'">
<input type="hidden" name="mode" value="">

12
htdocs/comm/propal/class/api_proposals.class.php
View File

@ -328,6 +328,9 @@ class Proposals extends DolibarrApi
$request_data = (object) $request_data;
$request_data->desc = checkVal($request_data->desc, 'restricthtml');
$request_data->label = checkVal($request_data->label);
$updateRes = $this->propal->addline(
$request_data->desc,
$request_data->subprice,
@ -337,8 +340,8 @@ class Proposals extends DolibarrApi
$request_data->localtax2_tx,
$request_data->fk_product,
$request_data->remise_percent,
'HT',
0,
$request_data->price_base_type ? $request_data->price_base_type : 'HT',
$request_data->subprice,
$request_data->info_bits,
$request_data->product_type,
$request_data->rang,
@ -392,6 +395,9 @@ class Proposals extends DolibarrApi
$request_data = (object) $request_data;
$request_data->desc = checkVal($request_data->desc, 'restricthtml');
$request_data->label = checkVal($request_data->label);
$propalline = new PropaleLigne($this->db);
$result = $propalline->fetch($lineid);
if ($result <= 0) {
@ -407,7 +413,7 @@ class Proposals extends DolibarrApi
isset($request_data->localtax1_tx) ? $request_data->localtax1_tx : $propalline->localtax1_tx,
isset($request_data->localtax2_tx) ? $request_data->localtax2_tx : $propalline->localtax2_tx,
isset($request_data->desc) ? $request_data->desc : $propalline->desc,
'HT',
isset($request_data->price_base_type) ? $request_data->price_base_type : 'HT',
isset($request_data->info_bits) ? $request_data->info_bits : $propalline->info_bits,
isset($request_data->special_code) ? $request_data->special_code : $propalline->special_code,
isset($request_data->fk_parent_line) ? $request_data->fk_parent_line : $propalline->fk_parent_line,

122
htdocs/comm/propal/index.php
View File

@ -28,6 +28,7 @@
require '../../main.inc.php';
require_once DOL_DOCUMENT_ROOT.'/core/class/html.formfile.class.php';
require_once DOL_DOCUMENT_ROOT.'/comm/propal/class/propal.class.php';
require_once DOL_DOCUMENT_ROOT.'/core/lib/propal.lib.php';
// Initialize technical object to manage hooks. Note that conf->hooks_modules contains array
$hookmanager = new HookManager($db);
@ -45,6 +46,7 @@ if (isset($user->socid) && $user->socid > 0) {
$action = '';
$socid = $user->socid;
}
restrictedArea($user, 'propal');
@ -65,124 +67,8 @@ print load_fiche_titre($langs->trans("ProspectionArea"), '', 'propal');
print '<div class="fichecenter">';
print '<div class="fichethirdleft">';
/*
* Statistics
*/
$listofstatus = array(Propal::STATUS_DRAFT, Propal::STATUS_VALIDATED, Propal::STATUS_SIGNED, Propal::STATUS_NOTSIGNED, Propal::STATUS_BILLED);
$sql = "SELECT count(p.rowid) as nb, p.fk_statut as status";
$sql .= " FROM ".MAIN_DB_PREFIX."societe as s";
$sql .= ", ".MAIN_DB_PREFIX."propal as p";
if (!$user->rights->societe->client->voir && !$socid) {
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
}
$sql .= " WHERE p.entity IN (".getEntity($propalstatic->element).")";
$sql .= " AND p.fk_soc = s.rowid";
if ($user->socid) {
$sql .= ' AND p.fk_soc = '.$user->socid;
}
if (!$user->rights->societe->client->voir && !$socid) {
$sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".$user->id;
}
$sql .= " AND p.fk_statut IN (".$db->sanitize(implode(" ,", $listofstatus)).")";
$sql .= " GROUP BY p.fk_statut";
$resql = $db->query($sql);
if ($resql) {
$num = $db->num_rows($resql);
$i = 0;
$total = 0;
$totalinprocess = 0;
$dataseries = array();
$colorseries = array();
$vals = array();
while ($i < $num) {
$obj = $db->fetch_object($resql);
if ($obj) {
$vals[$obj->status] = $obj->nb;
$totalinprocess += $obj->nb;
$total += $obj->nb;
}
$i++;
}
$db->free($resql);
include DOL_DOCUMENT_ROOT.'/theme/'.$conf->theme.'/theme_vars.inc.php';
print '<div class="div-table-responsive-no-min">';
print '<table class="noborder nohover centpercent">';
print '<tr class="liste_titre">';
print '<td colspan="2">'.$langs->trans("Statistics").' - '.$langs->trans("Proposals").'</td>';
print '</tr>';
foreach ($listofstatus as $status) {
$dataseries[] = array($propalstatic->LibStatut($status, 1), (isset($vals[$status]) ? (int) $vals[$status] : 0));
if ($status == Propal::STATUS_DRAFT) {
$colorseries[$status] = '-'.$badgeStatus0;
}
if ($status == Propal::STATUS_VALIDATED) {
$colorseries[$status] = $badgeStatus1;
}
if ($status == Propal::STATUS_SIGNED) {
$colorseries[$status] = $badgeStatus4;
}
if ($status == Propal::STATUS_NOTSIGNED) {
$colorseries[$status] = $badgeStatus9;
}
if ($status == Propal::STATUS_BILLED) {
$colorseries[$status] = $badgeStatus6;
}
if (empty($conf->use_javascript_ajax)) {
print '<tr class="oddeven">';
print '<td>'.$propalstatic->LibStatut($status, 0).'</td>';
print '<td class="right"><a href="list.php?statut='.$status.'">'.(isset($vals[$status]) ? $vals[$status] : 0).'</a></td>';
print "</tr>\n";
}
}
if ($conf->use_javascript_ajax) {
print '<tr>';
print '<td align="center" colspan="2">';
include_once DOL_DOCUMENT_ROOT.'/core/class/dolgraph.class.php';
$dolgraph = new DolGraph();
$dolgraph->SetData($dataseries);
$dolgraph->SetDataColor(array_values($colorseries));
$dolgraph->setShowLegend(2);
$dolgraph->setShowPercent(1);
$dolgraph->SetType(array('pie'));
$dolgraph->setHeight('200');
$dolgraph->draw('idgraphthirdparties');
print $dolgraph->show($total ? 0 : 1);
print '</td>';
print '</tr>';
}
//if ($totalinprocess != $total)
//{
// print '<tr class="liste_total">';
// print '<td>'.$langs->trans("Total").' ('.$langs->trans("CustomersOrdersRunning").')</td>';
// print '<td class="right">'.$totalinprocess.'</td>';
// print '</tr>';
//}
print '<tr class="liste_total">';
print '<td>'.$langs->trans("Total").'</td>';
print '<td class="right">'.$total.'</td>';
print '</tr>';
print '</table>';
print '</div>';
print '<br>';
} else {
dol_print_error($db);
}
print getCustomerProposalPieChart($socid);
print '<br>';
/*
* Draft proposals

22
htdocs/commande/card.php
View File

@ -1052,7 +1052,7 @@ if (empty($reshook)) {
if (!$error) {
if (empty($user->rights->margins->creer)) {
foreach ($object->lines as &$line) {
if ($line->id == GETPOST('lineid')) {
if ($line->id == GETPOST('lineid', 'int')) {
$fournprice = $line->fk_fournprice;
$buyingprice = $line->pa_ht;
break;
@ -2416,7 +2416,7 @@ if ($action == 'create' && $usercancreate) {
*/
$result = $object->getLinesArray();
print '<form name="addproduct" id="addproduct" action="'.$_SERVER["PHP_SELF"].'?id='.$object->id.(($action != 'editline') ? '#addline' : '#line_'.GETPOST('lineid')).'" method="POST">
print '<form name="addproduct" id="addproduct" action="'.$_SERVER["PHP_SELF"].'?id='.$object->id.(($action != 'editline') ? '#addline' : '#line_'.GETPOST('lineid', 'int')).'" method="POST">
<input type="hidden" name="token" value="' . newToken().'">
<input type="hidden" name="action" value="' . (($action != 'editline') ? 'addline' : 'updateline').'">
<input type="hidden" name="mode" value="">
@ -2468,7 +2468,7 @@ if ($action == 'create' && $usercancreate) {
if (empty($reshook)) {
// Reopen a closed order
if (($object->statut == Commande::STATUS_CLOSED || $object->statut == Commande::STATUS_CANCELED) && $usercancreate) {
print '<div class="inline-block divButAction"><a class="butAction" href="'.$_SERVER['PHP_SELF'].'?id='.$object->id.'&amp;action=reopen">'.$langs->trans('ReOpen').'</a></div>';
print '<a class="butAction" href="'.$_SERVER['PHP_SELF'].'?id='.$object->id.'&amp;action=reopen">'.$langs->trans('ReOpen').'</a>';
}
// Send
@ -2551,39 +2551,39 @@ if ($action == 'create' && $usercancreate) {
// Set to shipped
if (($object->statut == Commande::STATUS_VALIDATED || $object->statut == Commande::STATUS_SHIPMENTONPROCESS) && $usercanclose) {
print '<div class="inline-block divButAction"><a class="butAction" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&amp;action=shipped">'.$langs->trans('ClassifyShipped').'</a></div>';
print '<a class="butAction" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&amp;action=shipped">'.$langs->trans('ClassifyShipped').'</a>';
}
// Create bill and Classify billed
// Note: Even if module invoice is not enabled, we should be able to use button "Classified billed"
if ($object->statut > Commande::STATUS_DRAFT && !$object->billed && $object->total_ttc >= 0) {
if (!empty($conf->facture->enabled) && $user->rights->facture->creer && empty($conf->global->WORKFLOW_DISABLE_CREATE_INVOICE_FROM_ORDER)) {
print '<div class="inline-block divButAction"><a class="butAction" href="'.DOL_URL_ROOT.'/compta/facture/card.php?action=create&amp;origin='.$object->element.'&amp;originid='.$object->id.'&amp;socid='.$object->socid.'">'.$langs->trans("CreateBill").'</a></div>';
print '<a class="butAction" href="'.DOL_URL_ROOT.'/compta/facture/card.php?action=create&amp;origin='.$object->element.'&amp;originid='.$object->id.'&amp;socid='.$object->socid.'">'.$langs->trans("CreateBill").'</a>';
}
if ($usercancreate && $object->statut >= Commande::STATUS_VALIDATED && empty($conf->global->WORKFLOW_DISABLE_CLASSIFY_BILLED_FROM_ORDER) && empty($conf->global->WORKFLOW_BILL_ON_SHIPMENT)) {
print '<div class="inline-block divButAction"><a class="butAction" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&amp;action=classifybilled">'.$langs->trans("ClassifyBilled").'</a></div>';
print '<a class="butAction" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&amp;action=classifybilled">'.$langs->trans("ClassifyBilled").'</a>';
}
}
if ($object->statut > Commande::STATUS_DRAFT && $object->billed) {
if ($usercancreate && $object->statut >= Commande::STATUS_VALIDATED && empty($conf->global->WORKFLOW_DISABLE_CLASSIFY_BILLED_FROM_ORDER) && empty($conf->global->WORKFLOW_BILL_ON_SHIPMENT)) {
print '<div class="inline-block divButAction"><a class="butAction" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&amp;action=classifyunbilled">'.$langs->trans("ClassifyUnBilled").'</a></div>';
print '<a class="butAction" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&amp;action=classifyunbilled">'.$langs->trans("ClassifyUnBilled").'</a>';
}
}
// Clone
if ($usercancreate) {
print '<div class="inline-block divButAction"><a class="butAction" href="'.$_SERVER['PHP_SELF'].'?id='.$object->id.'&amp;socid='.$object->socid.'&amp;action=clone&amp;object=order">'.$langs->trans("ToClone").'</a></div>';
print '<a class="butAction" href="'.$_SERVER['PHP_SELF'].'?id='.$object->id.'&amp;socid='.$object->socid.'&amp;action=clone&amp;object=order">'.$langs->trans("ToClone").'</a>';
}
// Cancel order
if ($object->statut == Commande::STATUS_VALIDATED && (!empty($usercanclose) || !empty($usercancancel))) {
print '<div class="inline-block divButAction"><a class="butActionDelete" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&amp;action=cancel">'.$langs->trans("Cancel").'</a></div>';
print '<a class="butActionDelete" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&amp;action=cancel">'.$langs->trans("Cancel").'</a>';
}
// Delete order
if ($usercandelete) {
if ($numshipping == 0) {
print '<div class="inline-block divButAction"><a class="butActionDelete" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&amp;action=delete&amp;token='.newToken().'">'.$langs->trans('Delete').'</a></div>';
print '<a class="butActionDelete" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&amp;action=delete&amp;token='.newToken().'">'.$langs->trans('Delete').'</a>';
} else {
print '<div class="inline-block divButAction"><a class="butActionRefused classfortooltip" href="#" title="'.$langs->trans("ShippingExist").'">'.$langs->trans("Delete").'</a></div>';
print '<a class="butActionRefused classfortooltip" href="#" title="'.$langs->trans("ShippingExist").'">'.$langs->trans("Delete").'</a>';
}
}
}

16
htdocs/commande/class/api_orders.class.php
View File

@ -331,7 +331,12 @@ class Orders extends DolibarrApi
if (!DolibarrApi::_checkAccessToResource('commande', $this->commande->id)) {
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
}
$request_data = (object) $request_data;
$request_data->desc = checkVal($request_data->desc, 'restricthtml');
$request_data->label = checkVal($request_data->label);
$updateRes = $this->commande->addline(
$request_data->desc,
$request_data->subprice,
@ -343,8 +348,8 @@ class Orders extends DolibarrApi
$request_data->remise_percent,
$request_data->info_bits,
$request_data->fk_remise_except,
'HT',
0,
$request_data->price_base_type ? $request_data->price_base_type : 'HT',
$request_data->subprice,
$request_data->date_start,
$request_data->date_end,
$request_data->product_type,
@ -394,7 +399,12 @@ class Orders extends DolibarrApi
if (!DolibarrApi::_checkAccessToResource('commande', $this->commande->id)) {
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
}
$request_data = (object) $request_data;
$request_data->desc = checkVal($request_data->desc, 'restricthtml');
$request_data->label = checkVal($request_data->label);
$updateRes = $this->commande->updateline(
$lineid,
$request_data->desc,
@ -404,7 +414,7 @@ class Orders extends DolibarrApi
$request_data->tva_tx,
$request_data->localtax1_tx,
$request_data->localtax2_tx,
'HT',
$request_data->price_base_type ? $request_data->price_base_type : 'HT',
$request_data->info_bits,
$request_data->date_start,
$request_data->date_end,

16
htdocs/commande/class/commande.class.php
View File

@ -2397,9 +2397,9 @@ class Commande extends CommonOrder
}
/**
* Applique une remise relative
* Set a percentage discount
*
* @param User $user User qui positionne la remise
* @param User $user User setting the discount
* @param float $remise Discount (percent)
* @param int $notrigger 1=Does not execute triggers, 0= execute triggers
* @return int <0 if KO, >0 if OK
@ -2458,7 +2458,7 @@ class Commande extends CommonOrder
// phpcs:disable PEAR.NamingConventions.ValidFunctionName.ScopeNotCamelCaps
/**
* Applique une remise absolue
* Set a fixed amount discount
*
* @param User $user User qui positionne la remise
* @param float $remise Discount
@ -3156,7 +3156,9 @@ class Commande extends CommonOrder
$langs->load("errors");
$this->error = $langs->trans('ErrorStockIsNotEnoughToAddProductOnOrder', $product->ref);
$this->errors[] = $this->error;
dol_syslog(get_class($this)."::addline error=Product ".$product->ref.": ".$this->error, LOG_ERR);
$this->db->rollback();
return self::STOCK_NOT_ENOUGH_FOR_ORDER;
}
@ -4206,11 +4208,15 @@ class OrderLine extends CommonOrderLine
$error = 0;
if (empty($this->id) && !empty($this->rowid)) { // For backward compatibility
$this->id = $this->rowid;
}
// check if order line is not in a shipment line before deleting
$sqlCheckShipmentLine = "SELECT";
$sqlCheckShipmentLine .= " ed.rowid";
$sqlCheckShipmentLine .= " FROM ".MAIN_DB_PREFIX."expeditiondet ed";
$sqlCheckShipmentLine .= " WHERE ed.fk_origin_line = ".$this->rowid;
$sqlCheckShipmentLine .= " WHERE ed.fk_origin_line = ".((int) $this->id);
$resqlCheckShipmentLine = $this->db->query($sqlCheckShipmentLine);
if (!$resqlCheckShipmentLine) {
@ -4235,7 +4241,7 @@ class OrderLine extends CommonOrderLine
$this->db->begin();
$sql = 'DELETE FROM '.MAIN_DB_PREFIX."commandedet WHERE rowid=".$this->rowid;
$sql = 'DELETE FROM '.MAIN_DB_PREFIX."commandedet WHERE rowid = ".((int) $this->id);
dol_syslog("OrderLine::delete", LOG_DEBUG);
$resql = $this->db->query($sql);

110
htdocs/commande/index.php
View File

@ -30,6 +30,7 @@ require_once DOL_DOCUMENT_ROOT.'/core/class/html.formfile.class.php';
require_once DOL_DOCUMENT_ROOT.'/core/class/notify.class.php';
require_once DOL_DOCUMENT_ROOT.'/societe/class/client.class.php';
require_once DOL_DOCUMENT_ROOT.'/commande/class/commande.class.php';
require_once DOL_DOCUMENT_ROOT.'/core/lib/order.lib.php';
if (!$user->rights->commande->lire) {
accessforbidden();
@ -76,113 +77,8 @@ print load_fiche_titre($langs->trans("OrdersArea"), '', 'order');
print '<div class="fichecenter"><div class="fichethirdleft">';
/*
* Statistics
*/
$sql = "SELECT count(c.rowid) as nb, c.fk_statut as status";
$sql .= " FROM ".MAIN_DB_PREFIX."societe as s";
$sql .= ", ".MAIN_DB_PREFIX."commande as c";
if (!$user->rights->societe->client->voir && !$socid) {
$sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc";
}
$sql .= " WHERE c.fk_soc = s.rowid";
$sql .= " AND c.entity IN (".getEntity('societe').")";
if ($user->socid) {
$sql .= ' AND c.fk_soc = '.$user->socid;
}
if (!$user->rights->societe->client->voir && !$socid) {
$sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".$user->id;
}
$sql .= " GROUP BY c.fk_statut";
$resql = $db->query($sql);
if ($resql) {
$num = $db->num_rows($resql);
$i = 0;
$total = 0;
$totalinprocess = 0;
$dataseries = array();
$colorseries = array();
$vals = array();
// -1=Canceled, 0=Draft, 1=Validated, 2=Accepted/On process, 3=Closed (Sent/Received, billed or not)
while ($i < $num) {
$row = $db->fetch_row($resql);
if ($row) {
//if ($row[1]!=-1 && ($row[1]!=3 || $row[2]!=1))
{
if (!isset($vals[$row[1]])) {
$vals[$row[1]] = 0;
}
$vals[$row[1]] += $row[0];
$totalinprocess += $row[0];
}
$total += $row[0];
}
$i++;
}
$db->free($resql);
include DOL_DOCUMENT_ROOT.'/theme/'.$conf->theme.'/theme_vars.inc.php';
print '<div class="div-table-responsive-no-min">';
print '<table class="noborder nohover centpercent">';
print '<tr class="liste_titre"><th colspan="2">'.$langs->trans("Statistics").' - '.$langs->trans("CustomersOrders").'</th></tr>'."\n";
$listofstatus = array(0, 1, 2, 3, -1);
foreach ($listofstatus as $status) {
$dataseries[] = array($commandestatic->LibStatut($status, 0, 1, 1), (isset($vals[$status]) ? (int) $vals[$status] : 0));
if ($status == Commande::STATUS_DRAFT) {
$colorseries[$status] = '-'.$badgeStatus0;
}
if ($status == Commande::STATUS_VALIDATED) {
$colorseries[$status] = $badgeStatus1;
}
if ($status == Commande::STATUS_SHIPMENTONPROCESS) {
$colorseries[$status] = $badgeStatus4;
}
if ($status == Commande::STATUS_CLOSED && empty($conf->global->WORKFLOW_BILL_ON_SHIPMENT)) {
$colorseries[$status] = $badgeStatus6;
}
if ($status == Commande::STATUS_CLOSED && (!empty($conf->global->WORKFLOW_BILL_ON_SHIPMENT))) {
$colorseries[$status] = $badgeStatus6;
}
if ($status == Commande::STATUS_CANCELED) {
$colorseries[$status] = $badgeStatus9;
}
if (empty($conf->use_javascript_ajax)) {
print '<tr class="oddeven">';
print '<td>'.$commandestatic->LibStatut($status, 0, 0, 1).'</td>';
print '<td class="right"><a href="list.php?statut='.$status.'">'.(isset($vals[$status]) ? $vals[$status] : 0).' ';
print $commandestatic->LibStatut($status, 0, 3, 1);
print '</a></td>';
print "</tr>\n";
}
}
if ($conf->use_javascript_ajax) {
print '<tr class="impair"><td align="center" colspan="2">';
include_once DOL_DOCUMENT_ROOT.'/core/class/dolgraph.class.php';
$dolgraph = new DolGraph();
$dolgraph->SetData($dataseries);
$dolgraph->SetDataColor(array_values($colorseries));
$dolgraph->setShowLegend(2);
$dolgraph->setShowPercent(1);
$dolgraph->SetType(array('pie'));
$dolgraph->setHeight('200');
$dolgraph->draw('idgraphstatus');
print $dolgraph->show($total ? 0 : 1);
print '</td></tr>';
}
//if ($totalinprocess != $total)
print '<tr class="liste_total"><td>'.$langs->trans("Total").'</td><td class="right">'.$total.'</td></tr>';
print "</table></div><br>";
} else {
dol_print_error($db);
}
print getCustomerOrderPieChart($socid);
print '<br>';
/*

158
htdocs/commande/list.php
View File

@ -11,6 +11,7 @@
* Copyright (C) 2015 Jean-François Ferry <jfefe@aternatik.fr>
* Copyright (C) 2016 Ferran Marcet <fmarcet@2byte.es>
* Copyright (C) 2018 Charlene Benke <charlie@patas-monkey.com>
* Copyright (C) 2021 Anthony Berton <anthony.berton@bb2a.fr>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -274,12 +275,123 @@ if (empty($reshook)) {
$objectclass = 'Commande';
$objectlabel = 'Orders';
$permissiontoread = $user->rights->commande->lire;
$permissiontoadd = $user->rights->commande->creer;
$permissiontodelete = $user->rights->commande->supprimer;
if (!empty($conf->global->MAIN_USE_ADVANCED_PERMS)) {
$permissiontovalidate = $user->rights->commande->order_advance->validate;
$permissiontoclose = $user->rights->commande->order_advance->close;
$permissiontocancel = $user->rights->commande->order_advance->annuler;
$permissiontosendbymail = $user->rights->commande->order_advance->send;
} else {
$permissiontovalidate = $user->rights->commande->creer;
$permissiontoclose = $user->rights->commande->creer;
$permissiontocancel = $user->rights->commande->creer;
$permissiontosendbymail = $user->rights->commande->creer;
}
$uploaddir = $conf->commande->multidir_output[$conf->entity];
$triggersendname = 'ORDER_SENTBYMAIL';
include DOL_DOCUMENT_ROOT.'/core/actions_massactions.inc.php';
}
if ($action == 'validate' && $permissiontoadd) {
if (GETPOST('confirm') == 'yes') {
$objecttmp = new $objectclass($db);
$db->begin();
$error = 0;
foreach ($toselect as $checked) {
if ($objecttmp->fetch($checked)) {
if ($objecttmp->statut == 0) {
if (!empty($objecttmp->fk_warehouse)) {
$idwarehouse = $objecttmp->fk_warehouse;
} else {
$idwarehouse = 0;
}
if ($objecttmp->valid($user, $idwarehouse)) {
setEventMessage($objecttmp->ref." ".$langs->trans('PassedInOpenStatus'), 'mesgs');
} else {
setEventMessage($langs->trans('CantBeValidated'), 'errors');
$error++;
}
} else {
setEventMessage($objecttmp->ref." ".$langs->trans('IsNotADraft'), 'errors');
$error++;
}
} else {
dol_print_error($db);
$error++;
}
}
if ($error) {
$db->rollback();
} else {
$db->commit();
}
}
}
if ($action == 'shipped' && $permissiontoadd) {
if (GETPOST('confirm') == 'yes') {
$objecttmp = new $objectclass($db);
$db->begin();
$error = 0;
foreach ($toselect as $checked) {
if ($objecttmp->fetch($checked)) {
if ($objecttmp->statut == 1) {
if ($objecttmp->cloture($user)) {
setEventMessage($objecttmp->ref." ".$langs->trans('PassedInOpenStatus'), 'mesgs');
} else {
setEventMessage($langs->trans('CantBeValidated'), 'errors');
$error++;
}
} else {
setEventMessage($objecttmp->ref." ".$langs->trans('IsNotADraft'), 'errors');
$error++;
}
} else {
dol_print_error($db);
$error++;
}
}
if ($error) {
$db->rollback();
} else {
$db->commit();
}
}
}
// Closed records
if (!$error && $massaction === 'setbilled' && $permissiontoclose) {
$db->begin();
$objecttmp = new $objectclass($db);
$nbok = 0;
foreach ($toselect as $toselectid) {
$result = $objecttmp->fetch($toselectid);
if ($result > 0) {
$result = $objecttmp->classifyBilled($user, 0);
if ($result <= 0) {
setEventMessages($objecttmp->error, $objecttmp->errors, 'errors');
$error++;
break;
} else {
$nbok++;
}
} else {
setEventMessages($objecttmp->error, $objecttmp->errors, 'errors');
$error++;
break;
}
}
if (!$error) {
if ($nbok > 1) {
setEventMessages($langs->trans("RecordsModified", $nbok), null, 'mesgs');
} else {
setEventMessages($langs->trans("RecordsModified", $nbok), null, 'mesgs');
}
$db->commit();
} else {
$db->rollback();
}
}
/*
* View
@ -359,7 +471,7 @@ if ($search_product_category > 0) {
$sql .= " AND cp.fk_categorie = ".$search_product_category;
}
if ($socid > 0) {
$sql .= ' AND s.rowid = '.$socid;
$sql .= ' AND s.rowid = '.((int) $socid);
}
if (!$user->rights->societe->client->voir && !$socid) {
$sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".$user->id;
@ -374,7 +486,7 @@ if ($sall) {
$sql .= natural_search(array_keys($fieldstosearchall), $sall);
}
if ($search_billed != '' && $search_billed >= 0) {
$sql .= ' AND c.facture = '.$search_billed;
$sql .= ' AND c.facture = '.((int) $search_billed);
}
if ($search_status <> '') {
if ($search_status < 4 && $search_status > -3) {
@ -700,16 +812,29 @@ if ($resql) {
// List of mass actions available
$arrayofmassactions = array(
'generate_doc'=>$langs->trans("ReGeneratePDF"),
'builddoc'=>$langs->trans("PDFMerge"),
'cancelorders'=>$langs->trans("Cancel"),
'presend'=>$langs->trans("SendByMail"),
'generate_doc'=>img_picto('', 'pdf', 'class="pictofixedwidth"').$langs->trans("ReGeneratePDF"),
'builddoc'=>img_picto('', 'pdf', 'class="pictofixedwidth"').$langs->trans("PDFMerge"),
);
if ($user->rights->facture->creer) {
$arrayofmassactions['createbills'] = $langs->trans("CreateInvoiceForThisCustomer");
if ($permissiontovalidate) {
$arrayofmassactions['prevalidate'] = img_picto('', 'check', 'class="pictofixedwidth"').$langs->trans("Validate");
}
if ($user->rights->commande->supprimer) {
$arrayofmassactions['predelete'] = '<span class="fa fa-trash paddingrightonly"></span>'.$langs->trans("Delete");
if ($permissiontosendbymail) {
$arrayofmassactions['presend'] = img_picto('', 'email', 'class="pictofixedwidth"').$langs->trans("SendByMail");
}
if ($permissiontoclose) {
$arrayofmassactions['preshipped'] = img_picto('', 'dollyrevert', 'class="pictofixedwidth"').$langs->trans("ClassifyShipped");
}
if ($permissiontocancel) {
$arrayofmassactions['cancelorders'] = img_picto('', 'close_title', 'class="pictofixedwidth"').$langs->trans("Cancel");
}
if ($user->rights->facture->creer) {
$arrayofmassactions['createbills'] = img_picto('', 'bill', 'class="pictofixedwidth"').$langs->trans("CreateInvoiceForThisCustomer");
}
if ($permissiontoclose) {
$arrayofmassactions['setbilled'] = img_picto('', 'bill', 'class="pictofixedwidth"').$langs->trans("ClassifyBilled");
}
if ($permissiontodelete) {
$arrayofmassactions['predelete'] = img_picto('', 'delete', 'class="pictofixedwidth"').$langs->trans("Delete");
}
if (in_array($massaction, array('presend', 'predelete', 'createbills'))) {
$arrayofmassactions = array();
@ -720,7 +845,7 @@ if ($resql) {
if (!empty($socid)) {
$url .= '&socid='.$socid;
}
$newcardbutton = dolGetButtonTitle($langs->trans('NewOrder'), '', 'fa fa-plus-circle', $url, '', $contextpage == 'orderlist' && $user->rights->commande->creer);
$newcardbutton = dolGetButtonTitle($langs->trans('NewOrder'), '', 'fa fa-plus-circle', $url, '', $contextpage == 'orderlist' && $permissiontoadd);
// Lines of title fields
print '<form method="POST" id="searchFormList" action="'.$_SERVER["PHP_SELF"].'">';
@ -744,6 +869,13 @@ if ($resql) {
$trackid = 'ord'.$object->id;
include DOL_DOCUMENT_ROOT.'/core/tpl/massactions_pre.tpl.php';
if ($massaction == 'prevalidate') {
print $form->formconfirm($_SERVER["PHP_SELF"], $langs->trans("ConfirmMassValidation"), $langs->trans("ConfirmMassValidationQuestion"), "validate", null, '', 0, 200, 500, 1);
}
if ($massaction == 'preshipped') {
print $form->formconfirm($_SERVER["PHP_SELF"], $langs->trans("CloseOrder"), $langs->trans("ConfirmCloseOrder"), "shipped", null, '', 0, 200, 500, 1);
}
if ($massaction == 'createbills') {
//var_dump($_REQUEST);
print '<input type="hidden" name="massaction" value="confirm_createbills">';
@ -1740,8 +1872,8 @@ if ($resql) {
$urlsource .= str_replace('&amp;', '&', $param);
$filedir = $diroutputmassaction;
$genallowed = $user->rights->commande->lire;
$delallowed = $user->rights->commande->creer;
$genallowed = $permissiontoread;
$delallowed = $permissiontoadd;
print $formfile->showdocuments('massfilesarea_orders', '', $filedir, $urlsource, 0, $delallowed, '', 1, 1, 0, 48, 1, $param, $title, '', '', '', null, $hidegeneratedfilelistifempty);
} else {

2
htdocs/compta/bank/account_statement_document.php
View File

@ -129,7 +129,7 @@ if (!empty($numref)) {
$object->fetch_thirdparty();
$upload_dir = $conf->bank->dir_output."/".$id."/statement/".dol_sanitizeFileName($numref);
}
$backtopage = $_SERVER['PHP_SELF']."?account=".$id."&num=".$numref;
$backtopage = $_SERVER['PHP_SELF']."?account=".urlencode($id)."&num=".urlencode($numref);
include DOL_DOCUMENT_ROOT.'/core/actions_linkedfiles.inc.php';

7
htdocs/compta/bank/bankentries_list.php
View File

@ -1606,7 +1606,8 @@ if ($resql) {
$totalarray['nbfield']++;
}
}
// Balance
// Balance after
if (!empty($arrayfields['balance']['checked'])) {
if ($mode_balance_ok) {
if ($balance >= 0) {
@ -1627,7 +1628,7 @@ if ($resql) {
// Transaction reconciliated or edit link
if ($bankaccount->canBeConciliated() > 0) {
if ($objp->num_releve) {
print '<a href="releve.php?num='.$objp->num_releve.'&account='.$objp->bankid.'&save_lastsearch_values=1">'.$objp->num_releve.'</a>';
print '<a href="releve.php?num='.urlencode($objp->num_releve).'&account='.urlencode($objp->bankid).'&save_lastsearch_values=1">'.dol_escape_htmltag($objp->num_releve).'</a>';
}
if (!$objp->conciliated && $action == 'reconcile') {
if ($objp->num_releve) {
@ -1645,7 +1646,7 @@ if ($resql) {
if (!empty($arrayfields['b.conciliated']['checked'])) {
print '<td class="nowraponall" align="center">';
print $objp->conciliated ? $langs->trans("Yes") : $langs->trans("No");
print yn($objp->conciliated);
print '</td>';
if (!$i) {
$totalarray['nbfield']++;

19
htdocs/compta/bank/class/api_bankaccounts.class.php
View File

@ -29,7 +29,6 @@ require_once DOL_DOCUMENT_ROOT.'/compta/bank/class/account.class.php';
*/
class BankAccounts extends DolibarrApi
{
/**
* array $FIELDS Mandatory fields, checked when creating an object
*/
@ -158,7 +157,7 @@ class BankAccounts extends DolibarrApi
$account = new Account($this->db);
foreach ($request_data as $field => $value) {
$account->$field = $value;
$account->$field = $this->_checkValForAPI($field, $value, $account);
}
// Date of the initial balance (required to create an account).
$account->date_solde = time();
@ -333,7 +332,7 @@ class BankAccounts extends DolibarrApi
if ($field == 'id') {
continue;
}
$account->$field = $value;
$account->$field = $this->_checkValForAPI($field, $value, $account);
}
if ($account->update(DolibarrApiAccess::$user) > 0) {
@ -481,7 +480,7 @@ class BankAccounts extends DolibarrApi
* @param string $accountancycode Accountancy code {@from body}
* @param int $datev Payment date value (timestamp) {@from body} {@type timestamp}
* @param string $num_releve Bank statement numero {@from body}
* @return int ID of line
* @return int ID of line
*
* @url POST {id}/lines
*/
@ -497,6 +496,14 @@ class BankAccounts extends DolibarrApi
throw new RestException(404, 'account not found');
}
$type = checkVal($type);
$label = checkVal($label);
$cheque_number = checkVal($cheque_number);
$cheque_writer = checkVal($cheque_writer);
$cheque_bank = checkVal($cheque_bank);
$accountancycode = checkVal($accountancycode);
$num_releve = checkVal($num_releve);
$result = $account->addline(
$date,
$type,
@ -548,6 +555,10 @@ class BankAccounts extends DolibarrApi
throw new RestException(404, 'account line not found');
}
$url = checkVal($url);
$label = checkVal($label);
$type = checkVal($type);
$result = $account->add_url_line($line_id, $url_id, $url, $label, $type);
if ($result < 0) {
throw new RestException(503, 'Error when adding link to account line: '.$account->error);

15
htdocs/compta/bank/line.php
View File

@ -291,7 +291,7 @@ if ($result) {
// Confirmations
if ($action == 'delete_categ') {
print $form->formconfirm($_SERVER['PHP_SELF']."?rowid=".$rowid."&cat1=".GETPOST("fk_categ")."&orig_account=".$orig_account, $langs->trans("RemoveFromRubrique"), $langs->trans("RemoveFromRubriqueConfirm"), "confirm_delete_categ", '', 'yes', 1);
print $form->formconfirm($_SERVER['PHP_SELF']."?rowid=".urlencode($rowid)."&cat1=".urlencode(GETPOST("fk_categ", 'int'))."&orig_account=".urlencode($orig_account), $langs->trans("RemoveFromRubrique"), $langs->trans("RemoveFromRubriqueConfirm"), "confirm_delete_categ", '', 'yes', 1);
}
print '<form name="update" method="POST" action="'.$_SERVER['PHP_SELF'].'?rowid='.$rowid.'">';
@ -452,7 +452,7 @@ if ($result) {
}
print '</td>';
} else {
print '<td>'.$objp->fk_type.' '.$objp->num_chq.'</td>';
print '<td>'.$objp->fk_type.' '.dol_escape_htmltag($objp->num_chq).'</td>';
}
print "</tr>";
@ -462,7 +462,7 @@ if ($result) {
print "</td>";
if ($user->rights->banque->modifier || $user->rights->banque->consolidate) {
print '<td>';
print '<input type="text" class="flat minwidth200" name="emetteur" value="'.(empty($objp->emetteur) ? '' : stripslashes($objp->emetteur)).'">';
print '<input type="text" class="flat minwidth200" name="emetteur" value="'.(empty($objp->emetteur) ? '' : dol_escape_htmltag($objp->emetteur)).'">';
print '</td>';
} else {
print '<td>'.$objp->emetteur.'</td>';
@ -475,10 +475,10 @@ if ($result) {
print "</td>";
if ($user->rights->banque->modifier || $user->rights->banque->consolidate) {
print '<td>';
print '<input type="text" class="flat minwidth200" name="banque" value="'.(empty($objp->banque) ? '' : $objp->banque).'">';
print '<input type="text" class="flat minwidth200" name="banque" value="'.(empty($objp->banque) ? '' : dol_escape_htmltag($objp->banque)).'">';
print '</td>';
} else {
print '<td>'.$objp->banque.'</td>';
print '<td>'.dol_escape_htmltag($objp->banque).'</td>';
}
print "</tr>";
@ -523,6 +523,7 @@ if ($result) {
print "</tr>";
// Description
$reg = array();
print "<tr><td>".$langs->trans("Label")."</td>";
if ($user->rights->banque->modifier || $user->rights->banque->consolidate) {
print '<td>';
@ -531,7 +532,7 @@ if ($result) {
// Label generique car entre parentheses. On l'affiche en le traduisant
print $langs->trans($reg[1]);
} else {
print $objp->label;
print dol_escape_htmltag($objp->label);
}
print '">';
print '</td>';
@ -541,7 +542,7 @@ if ($result) {
// Label generique car entre parentheses. On l'affiche en le traduisant
print $langs->trans($reg[1]);
} else {
print $objp->label;
print dol_escape_htmltag($objp->label);
}
print '</td>';
}

2
htdocs/compta/bank/various_payment/list.php
View File

@ -226,7 +226,7 @@ $sql .= " WHERE v.entity IN (".getEntity('payment_various').")";
// Search criteria
if ($search_ref) {
$sql .= " AND v.rowid=".$db->escape($search_ref);
$sql .= " AND v.rowid = ".((int) $search_ref);
}
if ($search_label) {
$sql .= natural_search(array('v.label'), $search_label);

2
htdocs/compta/deplacement/card.php
View File

@ -366,7 +366,7 @@ if ($action == 'create') {
* Confirm delete trip
*/
if ($action == 'delete') {
print $form->formconfirm($_SERVER["PHP_SELF"]."?id=".$id, $langs->trans("DeleteTrip"), $langs->trans("ConfirmDeleteTrip"), "confirm_delete");
print $form->formconfirm($_SERVER["PHP_SELF"]."?id=".urlencode($id), $langs->trans("DeleteTrip"), $langs->trans("ConfirmDeleteTrip"), "confirm_delete");
}
$soc = new Societe($db);

6
htdocs/compta/facture/card-rec.php
View File

@ -770,7 +770,7 @@ if (empty($reshook)) {
}
/*$line = new FactureLigne($db);
$line->fetch(GETPOST('lineid'));
$line->fetch(GETPOST('lineid', 'int'));
$percent = $line->get_prev_progress($object->id);
if (GETPOST('progress') < $percent)
@ -823,7 +823,7 @@ if (empty($reshook)) {
// Update line
if (!$error) {
$result = $object->updateline(
GETPOST('lineid'),
GETPOST('lineid', 'int'),
$description,
$pu_ht,
$qty,
@ -1597,7 +1597,7 @@ if ($action == 'create') {
// Lines
print ' <form name="addproduct" id="addproduct" action="'.$_SERVER["PHP_SELF"].'?id='.$object->id.(($action != 'editline') ? '#add' : '#line_'.GETPOST('lineid')).'" method="POST">
print ' <form name="addproduct" id="addproduct" action="'.$_SERVER["PHP_SELF"].'?id='.$object->id.(($action != 'editline') ? '#add' : '#line_'.GETPOST('lineid', 'int')).'" method="POST">
<input type="hidden" name="token" value="' . newToken().'">
<input type="hidden" name="action" value="' . (($action != 'editline') ? 'addline' : 'updateline').'">
<input type="hidden" name="mode" value="">

20
htdocs/compta/facture/card.php
View File

@ -124,8 +124,11 @@ $usercancreate = $user->rights->facture->creer;
$usercanissuepayment = $user->rights->facture->paiement;
$usercandelete = $user->rights->facture->supprimer;
$usercanvalidate = ((empty($conf->global->MAIN_USE_ADVANCED_PERMS) && $usercancreate) || (!empty($conf->global->MAIN_USE_ADVANCED_PERMS) && !empty($user->rights->facture->invoice_advance->validate)));
$usercansend = (empty($conf->global->MAIN_USE_ADVANCED_PERMS) || $user->rights->facture->invoice_advance->send);
$usercanreopen = (empty($conf->global->MAIN_USE_ADVANCED_PERMS) || $user->rights->facture->invoice_advance->reopen);
$usercansend = (empty($conf->global->MAIN_USE_ADVANCED_PERMS) || (!empty($conf->global->MAIN_USE_ADVANCED_PERMS) && !empty($user->rights->facture->invoice_advance->send)));
$usercanreopen = ((empty($conf->global->MAIN_USE_ADVANCED_PERMS) && $usercancreate) || (!empty($conf->global->MAIN_USE_ADVANCED_PERMS) && !empty($user->rights->facture->invoice_advance->reopen)));
if (!empty($conf->global->INVOICE_DISALLOW_REOPEN)) {
$usercanreopen = false;
}
$usercanunvalidate = ((empty($conf->global->MAIN_USE_ADVANCED_PERMS) && !empty($usercancreate)) || (!empty($conf->global->MAIN_USE_ADVANCED_PERMS) && !empty($user->rights->facture->invoice_advance->unvalidate)));
$usercanproductignorepricemin = ((!empty($conf->global->MAIN_USE_ADVANCED_PERMS) && empty($user->rights->produit->ignore_price_min_advance)) || empty($conf->global->MAIN_USE_ADVANCED_PERMS));
@ -193,8 +196,7 @@ if (empty($reshook)) {
setEventMessages($object->error, $object->errors, 'errors');
$action = '';
}
} elseif ($action == 'reopen' && $usercancreate) {
// Change status of invoice
} elseif ($action == 'reopen' && $usercanreopen) {
$result = $object->fetch($id);
if ($object->statut == Facture::STATUS_CLOSED || ($object->statut == Facture::STATUS_ABANDONED && ($object->close_code != 'replaced' || $object->getIdReplacingInvoice() == 0)) || ($object->statut == Facture::STATUS_VALIDATED && $object->paye == 1)) { // ($object->statut == 1 && $object->paye == 1) should not happened but can be found when data are corrupted
@ -238,13 +240,13 @@ if (empty($reshook)) {
$object->fetch($id);
$object->fetch_thirdparty();
$result = $object->deleteline(GETPOST('lineid'));
$result = $object->deleteline(GETPOST('lineid', 'int'));
if ($result > 0) {
// Define output language
$outputlangs = $langs;
$newlang = '';
if ($conf->global->MAIN_MULTILANGS && empty($newlang) && !empty($_REQUEST['lang_id'])) {
$newlang = $_REQUEST['lang_id'];
if ($conf->global->MAIN_MULTILANGS && empty($newlang) && GETPOST('lang_id')) {
$newlang = GETPOST('lang_id');
}
if ($conf->global->MAIN_MULTILANGS && empty($newlang)) {
$newlang = $object->thirdparty->default_lang;
@ -2416,7 +2418,7 @@ if (empty($reshook)) {
if (!$error) {
if (empty($usercancreatemargin)) {
foreach ($object->lines as &$line) {
if ($line->id == GETPOST('lineid')) {
if ($line->id == GETPOST('lineid', 'int')) {
$fournprice = $line->fk_fournprice;
$buyingprice = $line->pa_ht;
break;
@ -5168,7 +5170,7 @@ if ($action == 'create') {
}
}
print ' <form name="addproduct" id="addproduct" action="'.$_SERVER["PHP_SELF"].'?id='.$object->id.(($action != 'editline') ? '#addline' : '#line_'.GETPOST('lineid')).'" method="POST">
print ' <form name="addproduct" id="addproduct" action="'.$_SERVER["PHP_SELF"].'?id='.$object->id.(($action != 'editline') ? '#addline' : '#line_'.GETPOST('lineid', 'int')).'" method="POST">
<input type="hidden" name="token" value="' . newToken().'">
<input type="hidden" name="action" value="' . (($action != 'editline') ? 'addline' : 'updateline').'">
<input type="hidden" name="mode" value="">

14
htdocs/compta/facture/class/api_invoices.class.php
View File

@ -407,7 +407,12 @@ class Invoices extends DolibarrApi
if (!DolibarrApi::_checkAccessToResource('facture', $this->invoice->id)) {
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
}
$request_data = (object) $request_data;
$request_data->desc = checkVal($request_data->desc, 'restricthtml');
$request_data->label = checkVal($request_data->label);
$updateRes = $this->invoice->updateline(
$lineid,
$request_data->desc,
@ -419,7 +424,7 @@ class Invoices extends DolibarrApi
$request_data->tva_tx,
$request_data->localtax1_tx,
$request_data->localtax2_tx,
'HT',
$request_data->price_base_type ? $request_data->price_base_type : 'HT',
$request_data->info_bits,
$request_data->product_type,
$request_data->fk_parent_line,
@ -694,6 +699,9 @@ class Invoices extends DolibarrApi
$request_data = (object) $request_data;
$request_data->desc = checkVal($request_data->desc, 'restricthtml');
$request_data->label = checkVal($request_data->label);
// Reset fk_parent_line for no child products and special product
if (($request_data->product_type != 9 && empty($request_data->fk_parent_line)) || $request_data->product_type == 9) {
$request_data->fk_parent_line = 0;
@ -717,8 +725,8 @@ class Invoices extends DolibarrApi
$request_data->fk_code_ventilation,
$request_data->info_bits,
$request_data->fk_remise_except,
'HT',
0,
$request_data->price_base_type ? $request_data->price_base_type : 'HT',
$request_data->subprice,
$request_data->product_type,
$request_data->rang,
$request_data->special_code,

18
htdocs/compta/facture/class/facture-rec.class.php
View File

@ -765,7 +765,7 @@ class FactureRec extends CommonInvoice
{
$rowid = $this->id;
dol_syslog(get_class($this)."::delete rowid=".$rowid, LOG_DEBUG);
dol_syslog(get_class($this)."::delete rowid=".((int) $rowid), LOG_DEBUG);
$error = 0;
$this->db->begin();
@ -1153,14 +1153,14 @@ class FactureRec extends CommonInvoice
$sql .= ", date_end_fill=".((int) $date_end_fill);
$sql .= ", fk_product_fournisseur_price=".($fk_fournprice > 0 ? $fk_fournprice : 'null');
$sql .= ", buy_price_ht=".($pa_ht ? price2num($pa_ht) : 0);
$sql .= ", info_bits=".$info_bits;
$sql .= ", rang=".$rang;
$sql .= ", special_code=".$special_code;
$sql .= ", info_bits=".((int) $info_bits);
$sql .= ", rang=".((int) $rang);
$sql .= ", special_code=".((int) $special_code);
$sql .= ", fk_unit=".($fk_unit ? "'".$this->db->escape($fk_unit)."'" : "null");
$sql .= ', multicurrency_subprice = '.$pu_ht_devise;
$sql .= ', multicurrency_total_ht = '.$multicurrency_total_ht;
$sql .= ', multicurrency_total_tva = '.$multicurrency_total_tva;
$sql .= ', multicurrency_total_ttc = '.$multicurrency_total_ttc;
$sql .= ', multicurrency_subprice = '.price2num($pu_ht_devise);
$sql .= ', multicurrency_total_ht = '.price2num($multicurrency_total_ht);
$sql .= ', multicurrency_total_tva = '.price2num($multicurrency_total_tva);
$sql .= ', multicurrency_total_ttc = '.price2num($multicurrency_total_ttc);
$sql .= " WHERE rowid = ".((int) $rowid);
dol_syslog(get_class($this)."::updateline", LOG_DEBUG);
@ -1248,7 +1248,7 @@ class FactureRec extends CommonInvoice
$sql .= ' AND suspended = 0';
$sql .= ' AND entity = '.$conf->entity; // MUST STAY = $conf->entity here
if ($restrictioninvoiceid > 0) {
$sql .= ' AND rowid = '.$restrictioninvoiceid;
$sql .= ' AND rowid = '.((int) $restrictioninvoiceid);
}
$sql .= $this->db->order('entity', 'ASC');
//print $sql;exit;

20
htdocs/compta/facture/class/facture.class.php
View File

@ -3657,7 +3657,7 @@ class Facture extends CommonInvoice
{
global $user;
dol_syslog(get_class($this)."::deleteline rowid=".$rowid, LOG_DEBUG);
dol_syslog(get_class($this)."::deleteline rowid=".((int) $rowid), LOG_DEBUG);
if ($this->statut != self::STATUS_DRAFT) {
$this->error = 'ErrorDeleteLineNotAllowedByObjectStatus';
@ -4902,7 +4902,7 @@ class Facture extends CommonInvoice
* @param int|string $template Name (or id) of email template (Must be a template of type 'facture_send')
* @return int 0 if OK, <>0 if KO (this function is used also by cron so only 0 is OK)
*/
public function sendEmailsReminderOnDueDate($nbdays = 0, $paymentmode = 'all', $template = '')
public function sendEmailsRemindersOnInvoiceDueDate($nbdays = 0, $paymentmode = 'all', $template = '')
{
global $conf, $langs, $user;
@ -4914,12 +4914,12 @@ class Facture extends CommonInvoice
if (empty($conf->facture->enabled)) { // Should not happen. If module disabled, cron job should not be visible.
$langs->load("bills");
$this->output = $langs->trans('ModuleNotEnabled', $langs->transnoentitiesnoconv("Facture"));
$this->output .= $langs->trans('ModuleNotEnabled', $langs->transnoentitiesnoconv("Facture"));
return 0;
}
/*if (empty($conf->global->FACTURE_REMINDER_EMAIL)) {
$langs->load("bills");
$this->output = $langs->trans('EventRemindersByEmailNotEnabled', $langs->transnoentitiesnoconv("Facture"));
$this->output .= $langs->trans('EventRemindersByEmailNotEnabled', $langs->transnoentitiesnoconv("Facture"));
return 0;
}
*/
@ -4941,7 +4941,7 @@ class Facture extends CommonInvoice
$sql .= ", ".MAIN_DB_PREFIX."c_paiement as cp";
}
$sql .= " WHERE f.paye = 0";
$sql .= " AND f.date_lim_reglement = '".$this->db->idate(dol_get_first_hour(dol_time_plus_duree(dol_now(), -1 * $nbdays, 'd'), 'gmt'), 'gmt')."'";
$sql .= " AND f.date_lim_reglement = '".$this->db->idate(dol_get_first_hour(dol_time_plus_duree($now, -1 * $nbdays, 'd'), 'gmt'), 'gmt')."'";
$sql .= " AND f.entity IN (".getEntity('facture').")";
if (!empty($paymentmode) && $paymentmode != 'all') {
$sql .= " AND f.fk_mode_reglement = cp.id AND cp.code = '".$this->db->escape($paymentmode)."'";
@ -4949,6 +4949,8 @@ class Facture extends CommonInvoice
// TODO Add filter to check there is no payment started
$sql .= $this->db->order("date_lim_reglement", "ASC");
$resql = $this->db->query($sql);
$tmpidate=$this->db->idate(dol_get_first_hour(dol_time_plus_duree($now, -1 * $nbdays, 'd'), 'gmt'), 'gmt');
$this->output .= 'Search unpaid invoices with due date = '.$tmpidate.'<br>';
if ($resql) {
while ($obj = $this->db->fetch_object($resql)) {
@ -4969,7 +4971,7 @@ class Facture extends CommonInvoice
$arraymessage = $formmail->getEMailTemplate($this->db, 'facture_send', $user, $outputlangs, (is_numeric($template) ? $template : 0), 1, (is_numeric($template) ? '' : $template));
if (is_numeric($arraymessage) && $arraymessage <= 0) {
$langs->load("bills");
$this->output = $langs->trans('FailedToFindEmailTemplate', $template);
$this->output .= $langs->trans('FailedToFindEmailTemplate', $template);
return 0;
}
@ -5040,7 +5042,7 @@ class Facture extends CommonInvoice
}
if (!$error) {
$this->output = 'Nb of emails sent : '.$nbMailSend;
$this->output .= 'Nb of emails sent : '.$nbMailSend;
$this->db->commit();
return 0;
} else {
@ -5739,8 +5741,8 @@ class FactureLigne extends CommonInvoiceLine
if ($include_credit_note) {
$sql = 'SELECT fd.situation_percent FROM '.MAIN_DB_PREFIX.'facturedet fd';
$sql .= ' JOIN '.MAIN_DB_PREFIX.'facture f ON (f.rowid = fd.fk_facture) ';
$sql .= ' WHERE fd.fk_prev_id ='.$this->fk_prev_id;
$sql .= ' AND f.situation_cycle_ref = '.$invoicecache[$invoiceid]->situation_cycle_ref; // Prevent cycle outed
$sql .= ' WHERE fd.fk_prev_id = '.((int) $this->fk_prev_id);
$sql .= ' AND f.situation_cycle_ref = '.((int) $invoicecache[$invoiceid]->situation_cycle_ref); // Prevent cycle outed
$sql .= ' AND f.type = '.Facture::TYPE_CREDIT_NOTE;
$res = $this->db->query($sql);

2
htdocs/compta/facture/list.php
View File

@ -550,7 +550,7 @@ if ($search_product_category > 0) {
$sql .= " AND cp.fk_categorie = ".$db->escape($search_product_category);
}
if ($socid > 0) {
$sql .= ' AND s.rowid = '.$socid;
$sql .= ' AND s.rowid = '.((int) $socid);
}
if ($userid) {
if ($userid == -1) {

3
htdocs/compta/index.php
View File

@ -75,6 +75,9 @@ $maxOpenCount = empty($conf->global->MAIN_MAXLIST_OVERLOAD) ? 500 : $conf->globa
$hookmanager->initHooks(array('invoiceindex'));
$maxofloop = (empty($conf->global->MAIN_MAXLIST_OVERLOAD) ? 500 : $conf->global->MAIN_MAXLIST_OVERLOAD);
/*
* Actions
*/

4
htdocs/compta/journal/sellsjournal.php
View File

@ -113,7 +113,7 @@ $sql .= " fd.product_type, fd.total_ht, fd.total_tva, fd.tva_tx, fd.total_ttc, f
$sql .= " s.rowid as socid, s.nom as name, s.code_compta, s.client,";
$sql .= " p.rowid as pid, p.ref as pref,";
if (!empty($conf->global->MAIN_PRODUCT_PERENTITY_SHARED)) {
$sql .= " pa.accountancy_code_sell,";
$sql .= " ppe.accountancy_code_sell,";
} else {
$sql .= " p.accountancy_code_sell,";
}
@ -121,7 +121,7 @@ $sql .= " ct.accountancy_code_sell as account_tva, ct.recuperableonly";
$sql .= " FROM ".MAIN_DB_PREFIX."facturedet as fd";
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."product as p ON p.rowid = fd.fk_product";
if (!empty($conf->global->MAIN_PRODUCT_PERENTITY_SHARED)) {
$sql .= " LEFT JOIN " . MAIN_DB_PREFIX . "product_perentity as pa ON pa.fk_product = p.rowid AND pa.entity = " . ((int) $conf->entity);
$sql .= " LEFT JOIN " . MAIN_DB_PREFIX . "product_perentity as ppe ON ppe.fk_product = p.rowid AND ppe.entity = " . ((int) $conf->entity);
}
$sql .= " JOIN ".MAIN_DB_PREFIX."facture as f ON f.rowid = fd.fk_facture";
$sql .= " JOIN ".MAIN_DB_PREFIX."societe as s ON s.rowid = f.fk_soc";

2
htdocs/compta/paiement.php
View File

@ -873,7 +873,7 @@ if (!GETPOST('action', 'aZ09')) {
$sql .= ' WHERE p.fk_facture = f.rowid';
$sql .= ' AND f.entity IN ('.getEntity('invoice').')';
if ($socid) {
$sql .= ' AND f.fk_soc = '.$socid;
$sql .= ' AND f.fk_soc = '.((int) $socid);
}
$sql .= ' ORDER BY '.$sortfield.' '.$sortorder;

63
htdocs/compta/paiement/card.php
View File

@ -110,27 +110,66 @@ if ($action == 'confirm_validate' && $confirm == 'yes' && $user->rights->facture
$db->commit();
// Loop on each invoice linked to this payment to rebuild PDF
$factures = array();
foreach ($factures as $id) {
$fac = new Facture($db);
$fac->fetch($id);
if (empty($conf->global->MAIN_DISABLE_PDF_AUTOUPDATE)) {
$outputlangs = $langs;
if (!empty($_REQUEST['lang_id'])) {
if (GETPOST('lang_id', 'aZ09')) {
$outputlangs = new Translate("", $conf);
$outputlangs->setDefaultLang($_REQUEST['lang_id']);
$outputlangs->setDefaultLang(GETPOST('lang_id', 'aZ09'));
}
if (empty($conf->global->MAIN_DISABLE_PDF_AUTOUPDATE)) {
$fac->generateDocument($fac->model_pdf, $outputlangs);
$hidedetails = ! empty($conf->global->MAIN_GENERATE_DOCUMENTS_HIDE_DETAILS) ? 1 : 0;
$hidedesc = ! empty($conf->global->MAIN_GENERATE_DOCUMENTS_HIDE_DESC) ? 1 : 0;
$hideref = !empty($conf->global->MAIN_GENERATE_DOCUMENTS_HIDE_REF) ? 1 : 0;
$sql = 'SELECT f.rowid as facid';
$sql .= ' FROM '.MAIN_DB_PREFIX.'paiement_facture as pf,'.MAIN_DB_PREFIX.'facture as f,'.MAIN_DB_PREFIX.'societe as s';
$sql .= ' WHERE pf.fk_facture = f.rowid';
$sql .= ' AND f.fk_soc = s.rowid';
$sql .= ' AND f.entity IN ('.getEntity('invoice').')';
$sql .= ' AND pf.fk_paiement = '.$object->id;
$resql = $db->query($sql);
if ($resql) {
$i = 0;
$num = $db->num_rows($resql);
if ($num > 0) {
while ($i < $num) {
$objp = $db->fetch_object($resql);
$invoice = new Facture($db);
if ($invoice->fetch($objp->facid) <= 0) {
$errors++;
setEventMessages($invoice->error, $invoice->errors, 'errors');
break;
}
if ($invoice->generateDocument($invoice->model_pdf, $outputlangs, $hidedetails, $hidedesc, $hideref) < 0) {
$errors++;
setEventMessages($invoice->error, $invoice->errors, 'errors');
break;
}
$i++;
}
}
$db->free($resql);
} else {
$errors++;
setEventMessages($db->error, $db->errors, 'errors');
}
}
header('Location: '.$_SERVER['PHP_SELF'].'?id='.$object->id);
exit;
if (! $errors) {
header('Location: '.$_SERVER['PHP_SELF'].'?id='.$object->id);
exit;
}
} else {
$db->rollback();
$langs->load("errors");
setEventMessages($object->error, $object->errors, 'errors');
$db->rollback();
}
}

9
htdocs/compta/paiement/class/paiement.class.php
View File

@ -413,8 +413,15 @@ class Paiement extends CommonObject
$outputlangs = new Translate("", $conf);
$outputlangs->setDefaultLang($newlang);
}
$hidedetails = ! empty($conf->global->MAIN_GENERATE_DOCUMENTS_HIDE_DETAILS) ? 1 : 0;
$hidedesc = ! empty($conf->global->MAIN_GENERATE_DOCUMENTS_HIDE_DESC) ? 1 : 0;
$hideref = !empty($conf->global->MAIN_GENERATE_DOCUMENTS_HIDE_REF) ? 1 : 0;
$ret = $invoice->fetch($facid); // Reload to get new records
$result = $invoice->generateDocument($invoice->model_pdf, $outputlangs);
$result = $invoice->generateDocument($invoice->model_pdf, $outputlangs, $hidedetails, $hidedesc, $hideref);
if ($result < 0) {
setEventMessages($invoice->error, $invoice->errors, 'errors');
$error++;

2
htdocs/compta/prelevement/card.php
View File

@ -380,7 +380,7 @@ if ($id > 0 || $ref) {
$num = $db->num_rows($result);
$i = 0;
$urladd = "&amp;id=".$id;
$urladd = "&id=".urlencode($id);
print '<form method="get" action="'.$_SERVER ['PHP_SELF'].'" name="search_form">'."\n";
print '<input type="hidden" name="id" value="'.$id.'"/>';

2
htdocs/compta/prelevement/factures.php
View File

@ -220,7 +220,7 @@ if ($resql) {
$num = $db->num_rows($resql);
$i = 0;
$param = "&id=".$id;
$param = "&id=".urlencode($id);
// Lines of title fields
print '<form method="POST" id="searchFormList" action="'.$_SERVER["PHP_SELF"].'">';

2
htdocs/compta/prelevement/line.php
View File

@ -275,7 +275,7 @@ if ($id) {
$num = $db->num_rows($result);
$i = 0;
$urladd = "&amp;id=".$id;
$urladd = "&id=".urlencode($id);
print_barre_liste($langs->trans("Bills"), $page, "factures.php", $urladd, $sortfield, $sortorder, '', $num, 0, '');

19
htdocs/compta/sociales/card.php
View File

@ -134,12 +134,17 @@ if ($action == 'setbankaccount' && $user->rights->tax->charges->creer) {
// Delete social contribution
if ($action == 'confirm_delete' && $confirm == 'yes') {
$object->fetch($id);
$result = $object->delete($user);
if ($result > 0) {
header("Location: list.php");
exit;
$totalpaye = $object->getSommePaiement();
if (empty($totalpaye)) {
$result = $object->delete($user);
if ($result > 0) {
header("Location: list.php");
exit;
} else {
setEventMessages($object->error, $object->errors, 'errors');
}
} else {
setEventMessages($object->error, $object->errors, 'errors');
setEventMessages($langs->trans('DisabledBecausePayments'), null, 'errors');
}
}
@ -771,8 +776,10 @@ if ($id > 0) {
}
// Delete
if ($user->rights->tax->charges->supprimer) {
if ($user->rights->tax->charges->supprimer && empty($totalpaye)) {
print '<div class="inline-block divButAction"><a class="butActionDelete" href="'.DOL_URL_ROOT.'/compta/sociales/card.php?id='.$object->id.'&amp;action=delete&amp;token='.newToken().'">'.$langs->trans("Delete").'</a></div>';
} else {
print '<div class="inline-block divButAction"><a class="butActionRefused classfortooltip" href="#" title="'.(dol_escape_htmltag($langs->trans("DisabledBecausePayments"))).'">'.$langs->trans("Delete").'</a></div>';
}
print "</div>";

2
htdocs/compta/stats/supplier_turnover_by_thirdparty.php
View File

@ -296,7 +296,7 @@ if (!empty($search_town)) {
$sql .= natural_search('s.town', $search_town);
}
if ($search_country > 0) {
$sql .= ' AND s.fk_pays = '.$search_country.'';
$sql .= ' AND s.fk_pays = '.((int) $search_country);
}
$sql .= " AND f.entity IN (".getEntity('supplier_invoice').")";
if ($socid) {

2
htdocs/compta/tva/class/tva.class.php
View File

@ -144,7 +144,7 @@ class Tva extends CommonObject
$sql .= " '".$this->db->escape($this->note)."',";
$sql .= " '".$this->db->escape($this->fk_account)."',";
$sql .= " '".$this->db->escape($this->type_payment)."',";
$sql .= " '".$this->db->escape($this->fk_user_creat)."',";
$sql .= " '".($this->fk_user_creat > 0 ? (int) $this->fk_user_creat : (int) $user->id)."',";
$sql .= " '".$this->db->escape($this->fk_user_modif)."'";
$sql .= ")";

1
htdocs/conf/conf.php.example
View File

@ -341,7 +341,6 @@ $dolibarr_cron_allow_cli='0';
//$dolibarr_js_CKEDITOR='/javascript/ckeditor';
//$dolibarr_js_JQUERY='/javascript/jquery';
//$dolibarr_js_JQUERY_UI='/javascript/jquery-ui';
//$dolibarr_js_JQUERY_FLOT='/javascript/flot';
// Value to overwrite some path to use font instead of embedded one
//$dolibarr_font_DOL_DEFAULT_TTF="/usr/share/fonts/truetype/ttf-dejavu/DejaVuSans.ttf";
//$dolibarr_font_DOL_DEFAULT_TTF_BOLD="/usr/share/fonts/truetype/ttf-dejavu/DejaVuSans-Bold.ttf";

3
htdocs/contact/list.php
View File

@ -722,7 +722,8 @@ if (!empty($conf->categorie->enabled) && $user->rights->categorie->lire) {
$moreforfilter .= $formother->select_categories(Categorie::TYPE_CUSTOMER, $search_categ_thirdparty, 'search_categ_thirdparty', 1, $tmptitle);
$moreforfilter .= '</div>';
}
if (empty($type) || $type == 'f') {
if (!empty($conf->fournisseur->enabled) && (empty($type) || $type == 'f')) {
$moreforfilter .= '<div class="divsearchfield">';
$tmptitle = $langs->trans('SuppliersCategoriesShort');
$moreforfilter .= img_picto($tmptitle, 'category', 'class="pictofixedwidth"');

4
htdocs/contrat/card.php
View File

@ -711,7 +711,7 @@ if (empty($reshook)) {
$db->rollback();
}
} elseif ($action == 'confirm_deleteline' && $confirm == 'yes' && $user->rights->contrat->creer) {
$result = $object->deleteline(GETPOST('lineid'), $user);
$result = $object->deleteline(GETPOST('lineid', 'int'), $user);
if ($result >= 0) {
header("Location: ".$_SERVER['PHP_SELF']."?id=".$object->id);
@ -1963,7 +1963,7 @@ if ($action == 'create') {
$dateSelector = 1;
print "\n";
print ' <form name="addproduct" id="addproduct" action="'.$_SERVER["PHP_SELF"].'?id='.$object->id.(($action != 'editline') ? '#add' : '#line_'.GETPOST('lineid')).'" method="POST">
print ' <form name="addproduct" id="addproduct" action="'.$_SERVER["PHP_SELF"].'?id='.$object->id.(($action != 'editline') ? '#add' : '#line_'.GETPOST('lineid', 'int')).'" method="POST">
<input type="hidden" name="token" value="'.newToken().'">
<input type="hidden" name="action" value="'.(($action != 'editline') ? 'addline' : 'updateline').'">
<input type="hidden" name="mode" value="">

14
htdocs/contrat/class/api_contracts.class.php
View File

@ -274,7 +274,12 @@ class Contracts extends DolibarrApi
if (!DolibarrApi::_checkAccessToResource('contrat', $this->contract->id)) {
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
}
$request_data = (object) $request_data;
$request_data->desc = checkVal($request_data->desc, 'restricthtml');
$request_data->price_base_type = checkVal($request_data->price_base_type);
$updateRes = $this->contract->addline(
$request_data->desc,
$request_data->subprice,
@ -286,7 +291,7 @@ class Contracts extends DolibarrApi
$request_data->remise_percent,
$request_data->date_start, // date_start = date planned start, date ouverture = date_start_real
$request_data->date_end, // date_end = date planned end, date_cloture = date_end_real
$request_data->HT,
$request_data->price_base_type ? $request_data->price_base_type : 'HT',
$request_data->subprice_excl_tax,
$request_data->info_bits,
$request_data->fk_fournprice,
@ -330,6 +335,9 @@ class Contracts extends DolibarrApi
$request_data = (object) $request_data;
$request_data->desc = checkVal($request_data->desc, 'restricthtml');
$request_data->price_base_type = checkVal($request_data->price_base_type);
$updateRes = $this->contract->updateline(
$lineid,
$request_data->desc,
@ -343,7 +351,7 @@ class Contracts extends DolibarrApi
$request_data->localtax2_tx,
$request_data->date_ouverture,
$request_data->date_cloture,
'HT',
$request_data->price_base_type ? $request_data->price_base_type : 'HT',
$request_data->info_bits,
$request_data->fk_fourn_price,
$request_data->pa_ht,
@ -426,8 +434,6 @@ class Contracts extends DolibarrApi
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
}
// $request_data = (object) $request_data;
$updateRes = $this->contract->close_line(DolibarrApiAccess::$user, $lineid, $datestart, $comment);
if ($updateRes > 0) {

2
htdocs/contrat/class/contrat.class.php
View File

@ -1832,7 +1832,7 @@ class Contrat extends CommonObject
$this->db->begin();
$sql = "DELETE FROM ".MAIN_DB_PREFIX.$this->table_element_line;
$sql .= " WHERE rowid=".$idline;
$sql .= " WHERE rowid = ".((int) $idline);
dol_syslog(get_class($this)."::deleteline", LOG_DEBUG);
$resql = $this->db->query($sql);

2
htdocs/contrat/note.php
View File

@ -180,7 +180,7 @@ if ($id > 0 || !empty($ref)) {
//print '<br>';
$cssclass='fieldtitle';
$cssclass='titlefield';
include DOL_DOCUMENT_ROOT.'/core/tpl/notes.tpl.php';
print dol_get_fiche_end();

2
htdocs/core/boxes/box_birthdays_members.php
View File

@ -88,7 +88,7 @@ class box_birthdays_members extends ModeleBoxes
$sql = "SELECT u.rowid, u.firstname, u.lastname, u.birth";
$sql .= " FROM ".MAIN_DB_PREFIX."adherent as u";
$sql .= " WHERE u.entity IN (".getEntity('adherent').")";
$sql .= " AND u.statut = 1";
$sql .= " AND u.statut = ".Adherent::STATUS_VALIDATED;
$sql .= dolSqlDateFilter('u.birth', 0, $tmparray['mon'], 0);
$sql .= " ORDER BY DAY(u.birth) ASC";
$sql .= $this->db->plimit($max, 0);

13
htdocs/core/boxes/box_graph_product_distribution.php
View File

@ -149,8 +149,8 @@ class box_graph_product_distribution extends ModeleBoxes
$socid = empty($user->socid) ? 0 : $user->socid;
$userid = 0; // No filter on user creation
$WIDTH = ($nbofgraph >= 2 || !empty($conf->dol_optimize_smallscreen)) ? '160' : '320';
$HEIGHT = '192';
$WIDTH = ($nbofgraph >= 2 || !empty($conf->dol_optimize_smallscreen)) ? '300' : '320';
$HEIGHT = '120';
if (!empty($conf->propal->enabled) && !empty($user->rights->propale->lire)) {
// Build graphic number of object. $data = array(array('Lib',val1,val2,val3),...)
@ -177,6 +177,7 @@ class box_graph_product_distribution extends ModeleBoxes
$i = 0;
$legend = array();
// Truncate length of legend
foreach ($data2 as $key => $val) {
$data2[$key][0] = dol_trunc($data2[$key][0], 32);
$legend[] = $data2[$key][0];
@ -194,7 +195,7 @@ class box_graph_product_distribution extends ModeleBoxes
$px2->setShowPointValue($showpointvalue);
$px2->setShowPercent(0);
$px2->SetMaxValue($px2->GetCeilMaxValue());
//$px2->SetWidth($WIDTH);
$px2->SetWidth($WIDTH);
$px2->SetHeight($HEIGHT);
//$px2->SetYLabel($langs->trans("AmountOfBillsHT"));
$px2->SetShading(3);
@ -236,6 +237,7 @@ class box_graph_product_distribution extends ModeleBoxes
$i = 0;
$legend = array();
// Truncate length of legend
foreach ($data3 as $key => $val) {
$data3[$key][0] = dol_trunc($data3[$key][0], 32);
$legend[] = $data3[$key][0];
@ -253,7 +255,7 @@ class box_graph_product_distribution extends ModeleBoxes
$px3->setShowPointValue($showpointvalue);
$px3->setShowPercent(0);
$px3->SetMaxValue($px3->GetCeilMaxValue());
//$px3->SetWidth($WIDTH);
$px3->SetWidth($WIDTH);
$px3->SetHeight($HEIGHT);
//$px3->SetYLabel($langs->trans("AmountOfBillsHT"));
$px3->SetShading(3);
@ -296,6 +298,7 @@ class box_graph_product_distribution extends ModeleBoxes
$i = 0;
$legend = array();
// Truncate length of legend
foreach ($data1 as $key => $val) {
$data1[$key][0] = dol_trunc($data1[$key][0], 32);
$legend[] = $data1[$key][0];
@ -313,7 +316,7 @@ class box_graph_product_distribution extends ModeleBoxes
$px1->setShowPointValue($showpointvalue);
$px1->setShowPercent(0);
$px1->SetMaxValue($px1->GetCeilMaxValue());
//$px1->SetWidth($WIDTH);
$px1->SetWidth($WIDTH);
$px1->SetHeight($HEIGHT);
//$px1->SetYLabel($langs->trans("NumberOfBills"));
$px1->SetShading(3);

28
htdocs/core/boxes/box_members_by_type.php
View File

@ -129,16 +129,16 @@ class box_members_by_type extends ModeleBoxes
$adhtype->label = $objp->label;
$AdherentType[$objp->rowid] = $adhtype;
if ($objp->statut == -1) {
if ($objp->statut == Adherent::STATUS_DRAFT) {
$MembersToValidate[$objp->rowid] = $objp->somme;
}
if ($objp->statut == 1) {
if ($objp->statut == Adherent::STATUS_VALIDATED) {
$MembersValidated[$objp->rowid] = $objp->somme;
}
if ($objp->statut == -2) {
if ($objp->statut == Adherent::STATUS_EXCLUDED) {
$MembersExcluded[$objp->rowid] = $objp->somme;
}
if ($objp->statut == 0) {
if ($objp->statut == Adherent::STATUS_RESILIATED) {
$MembersResiliated[$objp->rowid] = $objp->somme;
}
@ -210,27 +210,27 @@ class box_members_by_type extends ModeleBoxes
);
$this->info_box_contents[$line][] = array(
'td' => 'class="right"',
'text' => (isset($MembersToValidate[$key]) && $MembersToValidate[$key] > 0 ? $MembersToValidate[$key] : '') . ' ' . $staticmember->LibStatut(-1, 1, 0, 3),
'text' => (isset($MembersToValidate[$key]) && $MembersToValidate[$key] > 0 ? $MembersToValidate[$key] : '') . ' ' . $staticmember->LibStatut(Adherent::STATUS_DRAFT, 1, 0, 3),
'asis' => 1,
);
$this->info_box_contents[$line][] = array(
'td' => 'class="right"',
'text' => (isset($MembersValidated[$key]) && ($MembersValidated[$key] - (isset($MembersUpToDate[$key]) ? $MembersUpToDate[$key] : 0) > 0) ? $MembersValidated[$key] - (isset($MembersUpToDate[$key]) ? $MembersUpToDate[$key] : 0) : '') . ' ' . $staticmember->LibStatut(1, 1, 0, 3),
'text' => (isset($MembersValidated[$key]) && ($MembersValidated[$key] - (isset($MembersUpToDate[$key]) ? $MembersUpToDate[$key] : 0) > 0) ? $MembersValidated[$key] - (isset($MembersUpToDate[$key]) ? $MembersUpToDate[$key] : 0) : '') . ' ' . $staticmember->LibStatut(Adherent::STATUS_VALIDATED, 1, 0, 3),
'asis' => 1,
);
$this->info_box_contents[$line][] = array(
'td' => 'class="right"',
'text' => (isset($MembersUpToDate[$key]) && $MembersUpToDate[$key] > 0 ? $MembersUpToDate[$key] : '') . ' ' . $staticmember->LibStatut(1, 1, $now, 3),
'text' => (isset($MembersUpToDate[$key]) && $MembersUpToDate[$key] > 0 ? $MembersUpToDate[$key] : '') . ' ' . $staticmember->LibStatut(Adherent::STATUS_VALIDATED, 1, $now, 3),
'asis' => 1,
);
$this->info_box_contents[$line][] = array(
'td' => 'class="right"',
'text' => (isset($MembersExcluded[$key]) && $MembersExcluded[$key] > 0 ? $MembersExcluded[$key] : '') . ' ' . $staticmember->LibStatut(-2, 1, $now, 3),
'text' => (isset($MembersExcluded[$key]) && $MembersExcluded[$key] > 0 ? $MembersExcluded[$key] : '') . ' ' . $staticmember->LibStatut(Adherent::STATUS_EXCLUDED, 1, $now, 3),
'asis' => 1,
);
$this->info_box_contents[$line][] = array(
'td' => 'class="right"',
'text' => (isset($MembersResiliated[$key]) && $MembersResiliated[$key] > 0 ? $MembersResiliated[$key] : '') . ' ' . $staticmember->LibStatut(0, 1, 0, 3),
'text' => (isset($MembersResiliated[$key]) && $MembersResiliated[$key] > 0 ? $MembersResiliated[$key] : '') . ' ' . $staticmember->LibStatut(Adherent::STATUS_RESILIATED, 1, 0, 3),
'asis' => 1,
);
@ -249,27 +249,27 @@ class box_members_by_type extends ModeleBoxes
);
$this->info_box_contents[$line][] = array(
'td' => 'class="liste_total right"',
'text' => $SumToValidate.' '.$staticmember->LibStatut(-1, 1, 0, 3),
'text' => $SumToValidate.' '.$staticmember->LibStatut(Adherent::STATUS_DRAFT, 1, 0, 3),
'asis' => 1
);
$this->info_box_contents[$line][] = array(
'td' => 'class="liste_total right"',
'text' => $SumValidated.' '.$staticmember->LibStatut(1, 1, 0, 3),
'text' => $SumValidated.' '.$staticmember->LibStatut(Adherent::STATUS_VALIDATED, 1, 0, 3),
'asis' => 1
);
$this->info_box_contents[$line][] = array(
'td' => 'class="liste_total right"',
'text' => $SumUpToDate.' '.$staticmember->LibStatut(1, 1, $now, 3),
'text' => $SumUpToDate.' '.$staticmember->LibStatut(Adherent::STATUS_VALIDATED, 1, $now, 3),
'asis' => 1
);
$this->info_box_contents[$line][] = array(
'td' => 'class="liste_total right"',
'text' => $SumExcluded.' '.$staticmember->LibStatut(-2, 1, 0, 3),
'text' => $SumExcluded.' '.$staticmember->LibStatut(Adherent::STATUS_EXCLUDED, 1, 0, 3),
'asis' => 1
);
$this->info_box_contents[$line][] = array(
'td' => 'class="liste_total right"',
'text' => $SumResiliated.' '.$staticmember->LibStatut(0, 1, 0, 3),
'text' => $SumResiliated.' '.$staticmember->LibStatut(Adherent::STATUS_RESILIATED, 1, 0, 3),
'asis' => 1
);
}

9
htdocs/core/class/commonobject.class.php
View File

@ -3117,7 +3117,7 @@ abstract class CommonObject
public function getRangOfLine($rowid)
{
$sql = 'SELECT rang FROM '.MAIN_DB_PREFIX.$this->table_element_line;
$sql .= ' WHERE rowid ='.$rowid;
$sql .= ' WHERE rowid ='.((int) $rowid);
dol_syslog(get_class($this)."::getRangOfLine", LOG_DEBUG);
$resql = $this->db->query($sql);
@ -3137,7 +3137,7 @@ abstract class CommonObject
{
$sql = 'SELECT rowid FROM '.MAIN_DB_PREFIX.$this->table_element_line;
$sql .= ' WHERE '.$this->fk_element.' = '.$this->id;
$sql .= ' AND rang = '.$rang;
$sql .= ' AND rang = '.((int) $rang);
$resql = $this->db->query($sql);
if ($resql) {
$row = $this->db->fetch_row($resql);
@ -5238,6 +5238,9 @@ abstract class CommonObject
if ($this->element == 'contrat' && !empty($conf->global->CONTRACT_ALLOW_EXTERNAL_DOWNLOAD)) {
$setsharekey = true;
}
if ($this->element == 'supplier_proposal' && !empty($conf->global->SUPPLIER_PROPOSAL_ALLOW_EXTERNAL_DOWNLOAD)) {
$setsharekey = true;
}
if ($setsharekey) {
if (empty($ecmfile->share)) { // Because object not found or share not set yet
@ -8893,7 +8896,7 @@ abstract class CommonObject
$this->db->begin();
$sql = "DELETE FROM ".MAIN_DB_PREFIX.$this->table_element_line;
$sql .= " WHERE rowid=".$idline;
$sql .= " WHERE rowid = ".((int) $idline);
dol_syslog(get_class($this)."::deleteLineCommon", LOG_DEBUG);
$resql = $this->db->query($sql);

2
htdocs/core/class/discount.class.php
View File

@ -141,7 +141,7 @@ class DiscountAbsolute
$sql .= " fsup.ref as ref_invoice_supplier_source, fsup.type as type_invoice_supplier_source";
$sql .= " FROM ".MAIN_DB_PREFIX."societe_remise_except as sr";
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."facture as f ON sr.fk_facture_source = f.rowid";
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."facture as fsup ON sr.fk_invoice_supplier_source = fsup.rowid";
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."facture_fourn as fsup ON sr.fk_invoice_supplier_source = fsup.rowid";
$sql .= " WHERE sr.entity IN (".getEntity('invoice').")";
if ($rowid) {
$sql .= " AND sr.rowid=".((int) $rowid);

8
htdocs/core/class/doleditor.class.php
View File

@ -1,5 +1,6 @@
<?php
/* Copyright (C) 2006-2008 Laurent Destailleur <eldy@users.sourceforge.net>
* Copyright (C) 2021 Gaëtan MAISON <gm@ilad.org>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -154,6 +155,11 @@ class DolEditor
} else {
$skin = 'moono-lisa'; // default with ckeditor 4.6 : moono-lisa
}
if (!empty($conf->global->FCKEDITOR_ENABLE_SCAYT_AUTOSTARTUP)) {
$scaytautostartup = 'scayt_autoStartup: true,';
} else {
$scaytautostartup = '/*scayt is disable*/'; // Disable by default
}
$htmlencode_force = preg_match('/_encoded$/', $this->toolbarname) ? 'true' : 'false';
@ -178,6 +184,8 @@ class DolEditor
width: '.($this->width ? '\''.$this->width.'\'' : '\'\'').',
height: '.$this->height.',
skin: \''.$skin.'\',
'.$scaytautostartup.'
scayt_sLang: \''.$langs->getDefaultLang().'\',
language: \''.$langs->defaultlang.'\',
textDirection: \''.$langs->trans("DIRECTION").'\',
on :

25
htdocs/core/class/dolgraph.class.php
View File

@ -1165,9 +1165,32 @@ class DolGraph
if (!empty($legendMaxLines)) {
$this->stringtoshow .= ', maxLines: ' . $legendMaxLines . '';
}
/* This has no effect on chartjs version with dol v14
$this->stringtoshow .= ', labels: {
color: \'rgb(255, 0, 0)\',
// This more specific font property overrides the global property
font: {
size: 24
}
}';
*/
$this->stringtoshow .= ' }, ' . "\n";
}
/* This has no effect on chartjs version with dol v14
$this->stringtoshow .= 'plugins: {
legend: {
display: true,
labels: {
color: \'rgb(255, 0, 0)\',
// This more specific font property overrides the global property
font: {
size: 24
}
}
}
},'."\n"; */
if ($this->type[$firstlot] == 'piesemicircle') {
$this->stringtoshow .= 'circumference: Math.PI,' . "\n";
$this->stringtoshow .= 'rotation: -Math.PI,' . "\n";
@ -1236,7 +1259,7 @@ class DolGraph
if ($i > 0) {
$this->stringtoshow .= ', ';
}
$this->stringtoshow .= "'" . dol_escape_js(dol_trunc($val, 32)) . "'";
$this->stringtoshow .= "'" . dol_escape_js(dol_trunc($val, 22)) . "'";
$i++;
}

11
htdocs/core/class/html.formcompany.class.php
View File

@ -312,9 +312,9 @@ class FormCompany extends Form
$out .= '<option value="0">&nbsp;</option>';
} else {
if (!$country || $country != $obj->country) {
// Affiche la rupture si on est en mode liste multipays
// Show break if we are in list with multiple countries
if (!$country_codeid && $obj->country_code) {
$out .= '<option value="-1" disabled>----- '.$obj->country." -----</option>\n";
$out .= '<option value="-1" disabled data-html="----- '.$obj->country.' -----">----- '.$obj->country." -----</option>\n";
$country = $obj->country;
}
}
@ -1007,6 +1007,9 @@ class FormCompany extends Form
{
global $conf, $langs;
if (!empty($conf->global->SOCIETE_DISABLE_PROSPECTS) && !empty($conf->global->SOCIETE_DISABLE_CUSTOMERS) && empty($conf->fournisseur->enabled)) {
return '' ;
}
$out = '<select class="flat '.$morecss.'" name="'.$htmlname.'" id="'.$htmlidname.'">';
if ($typeinput == 'form') {
@ -1031,7 +1034,9 @@ class FormCompany extends Form
if (empty($conf->global->SOCIETE_DISABLE_CUSTOMERS)) {
$out .= '<option value="1,3"'.($selected == '1,3' ? ' selected' : '').'>'.$langs->trans('Customer').'</option>';
}
$out .= '<option value="4"'.($selected == '4' ? ' selected' : '').'>'.$langs->trans('Supplier').'</option>';
if (!empty($conf->fournisseur->enabled)) {
$out .= '<option value="4"'.($selected == '4' ? ' selected' : '').'>'.$langs->trans('Supplier').'</option>';
}
$out .= '<option value="0"'.($selected == '0' ? ' selected' : '').'>'.$langs->trans('Other').'</option>';
} elseif ($typeinput == 'admin') {
if (empty($conf->global->SOCIETE_DISABLE_PROSPECTS) && empty($conf->global->SOCIETE_DISABLE_CUSTOMERS) && empty($conf->global->SOCIETE_DISABLE_PROSPECTSCUSTOMERS)) {

2
htdocs/core/class/html.formfile.class.php
View File

@ -297,7 +297,7 @@ class FormFile
$out .= "\n</div><!-- End form link new url -->\n";
}
$parameters = array('socid'=>(isset($GLOBALS['socid']) ? $GLOBALS['socid'] : ''), 'id'=>(isset($GLOBALS['id']) ? $GLOBALS['id'] : ''), 'url'=>$url, 'perm'=>$perm);
$parameters = array('socid'=>(isset($GLOBALS['socid']) ? $GLOBALS['socid'] : ''), 'id'=>(isset($GLOBALS['id']) ? $GLOBALS['id'] : ''), 'url'=>$url, 'perm'=>$perm, 'options'=>$options);
$res = $hookmanager->executeHooks('formattachOptions', $parameters, $object);
if (empty($res)) {
print '<div class="'.($usewithoutform ? 'inline-block valignmiddle' : 'attacharea attacharea'.$htmlname).'">';

14
htdocs/core/class/html.formticket.class.php
View File

@ -169,13 +169,15 @@ class FormTicket
if ($this->withref) {
// Ref
$defaultref = $ticketstat->getDefaultRef();
print '<tr><td class="titlefieldcreate"><span class="fieldrequired">'.$langs->trans("Ref").'</span></td><td><input size="18" type="text" name="ref" value="'.(GETPOST("ref", 'alpha') ? GETPOST("ref", 'alpha') : $defaultref).'"></td></tr>';
print '<tr><td class="titlefieldcreate"><span class="fieldrequired">'.$langs->trans("Ref").'</span></td><td>';
print '<input type="text" name="ref" value="'.dol_escape_htmltag(GETPOST("ref", 'alpha') ? GETPOST("ref", 'alpha') : $defaultref).'">';
print '</td></tr>';
}
// TITLE
if ($this->withemail) {
print '<tr><td class="titlefield"><label for="email"><span class="fieldrequired">'.$langs->trans("Email").'</span></label></td><td>';
print '<input class="text minwidth200" id="email" name="email" value="'.(GETPOST('email', 'alpha') ? GETPOST('email', 'alpha') : $subject).'" />';
print '<input class="text minwidth200" id="email" name="email" value="'.(GETPOST('email', 'alpha') ? GETPOST('email', 'alpha') : $subject).'" autofocus>';
print '</td></tr>';
}
@ -313,7 +315,7 @@ class FormTicket
if ($this->withfile == 2) { // Can add other files
$out .= '<input type="file" class="flat" id="addedfile" name="addedfile" value="'.$langs->trans("Upload").'" />';
$out .= ' ';
$out .= '<input type="submit" class="button smallpaddingimp" id="addfile" name="addfile" value="'.$langs->trans("MailingAddFile").'" />';
$out .= '<input type="submit" class="button smallpaddingimp reposition" id="addfile" name="addfile" value="'.$langs->trans("MailingAddFile").'" />';
}
$out .= "</td></tr>\n";
@ -453,6 +455,8 @@ class FormTicket
}
print '</div>';
print '<input type="hidden" name="page_y">'."\n";
print "</form>\n";
print "<!-- End form TICKET -->\n";
}
@ -1083,7 +1087,7 @@ class FormTicket
if ($this->withfile == 2) { // Can add other files
$out .= '<input type="file" class="flat" id="addedfile" name="addedfile" value="'.$langs->trans("Upload").'" />';
$out .= ' ';
$out .= '<input type="submit" class="button smallpaddingimp" id="'.$addfileaction.'" name="'.$addfileaction.'" value="'.$langs->trans("MailingAddFile").'" />';
$out .= '<input type="submit" class="button smallpaddingimp reposition" id="'.$addfileaction.'" name="'.$addfileaction.'" value="'.$langs->trans("MailingAddFile").'" />';
}
$out .= "</td></tr>\n";
@ -1100,6 +1104,8 @@ class FormTicket
}
print "</center>\n";
print '<input type="hidden" name="page_y">'."\n";
print "</form>\n";
print "<!-- End form TICKET -->\n";
}

6
htdocs/core/lib/ajax.lib.php
View File

@ -454,8 +454,10 @@ function ajax_combobox($htmlname, $events = array(), $minLengthToAutocomplete =
templateResult: function (data, container) { /* Format visible output into combo list */
/* Code to add class of origin OPTION propagated to the new select2 <li> tag */
if (data.element) { $(container).addClass($(data.element).attr("class")); }
//console.log(data.html);
if (data.id == -1) return \'&nbsp;\';
console.log($(data.element).attr("data-html"));
if (data.id == -1 && $(data.element).attr("data-html") == undefined) {
return \'&nbsp;\';
}
if ($(data.element).attr("data-html") != undefined) return htmlEntityDecodeJs($(data.element).attr("data-html")); // If property html set, we decode html entities and use this
return data.text;
},

2
htdocs/core/lib/company.lib.php
View File

@ -571,7 +571,7 @@ function getState($id, $withcode = '', $dbtouse = 0, $withregion = 0, $outputlan
$sql = "SELECT d.rowid as id, d.code_departement as code, d.nom as name, d.active, c.label as country, c.code as country_code, r.code_region as region_code, r.nom as region_name FROM";
$sql .= " ".MAIN_DB_PREFIX."c_departements as d, ".MAIN_DB_PREFIX."c_regions as r,".MAIN_DB_PREFIX."c_country as c";
$sql .= " WHERE d.fk_region=r.code_region and r.fk_pays=c.rowid and d.rowid=".$id;
$sql .= " WHERE d.fk_region=r.code_region and r.fk_pays=c.rowid and d.rowid=".((int) $id);
$sql .= " AND d.active = 1 AND r.active = 1 AND c.active = 1";
$sql .= " ORDER BY c.code, d.code_departement";

32
htdocs/core/lib/functions.lib.php
View File

@ -2197,8 +2197,8 @@ function dol_print_date($time, $format = '', $tzoutput = 'auto', $outputlangs =
if ($tzoutput == 'tzserver') {
$to_gmt = false;
$offsettzstring = @date_default_timezone_get(); // Example 'Europe/Berlin' or 'Indian/Reunion'
$offsettz = 0;
$offsetdst = 0;
$offsettz = 0; // Timezone offset with server timezone, so 0
$offsetdst = 0; // Dst offset with server timezone, so 0
} elseif ($tzoutput == 'tzuser' || $tzoutput == 'tzuserrel') {
$to_gmt = true;
$offsettzstring = (empty($_SESSION['dol_tz_string']) ? 'UTC' : $_SESSION['dol_tz_string']); // Example 'Europe/Berlin' or 'Indian/Reunion'
@ -2308,7 +2308,7 @@ function dol_print_date($time, $format = '', $tzoutput = 'auto', $outputlangs =
if ($time < 100000000000) { // Protection against bad date values
$timetouse = $time + $offsettz + $offsetdst; // TODO Replace this with function Date PHP. We also should not use anymore offsettz and offsetdst but only offsettzstring.
$ret = adodb_strftime($format, $timetouse, $to_gmt);
$ret = adodb_strftime($format, $timetouse, $to_gmt); // If to_gmt = false then adodb_strftime use TZ of server
} else {
$ret = 'Bad value '.$time.' for date';
}
@ -2318,7 +2318,7 @@ function dol_print_date($time, $format = '', $tzoutput = 'auto', $outputlangs =
$timetouse = $time + $offsettz + $offsetdst; // TODO Replace this with function Date PHP. We also should not use anymore offsettz and offsetdst but only offsettzstring.
// Here ret is string in PHP setup language (strftime was used). Now we convert to $outputlangs.
$month = adodb_strftime('%m', $timetouse, true);
$month = adodb_strftime('%m', $timetouse, $to_gmt); // If to_gmt = false then adodb_strftime use TZ of server
$month = sprintf("%02d", $month); // $month may be return with format '06' on some installation and '6' on other, so we force it to '06'.
if ($encodetooutput) {
$monthtext = $outputlangs->transnoentities('Month'.$month);
@ -2334,9 +2334,10 @@ function dol_print_date($time, $format = '', $tzoutput = 'auto', $outputlangs =
//return $ret;
}
if (preg_match('/__a__/i', $format)) {
//print "time=$time offsettz=$offsettz offsetdst=$offsetdst offsettzstring=$offsettzstring";
$timetouse = $time + $offsettz + $offsetdst; // TODO Replace this with function Date PHP. We also should not use anymore offsettz and offsetdst but only offsettzstring.
$w = adodb_strftime('%w', $timetouse, true); // TODO Replace this with function Date PHP. We also should not use anymore offsettz and offsetdst but only offsettzstring.
$w = adodb_strftime('%w', $timetouse, $to_gmt); // If to_gmt = false then adodb_strftime use TZ of server
$dayweek = $outputlangs->transnoentitiesnoconv('Day'.$w);
$ret = str_replace('__A__', $dayweek, $ret);
$ret = str_replace('__a__', dol_substr($dayweek, 0, 3), $ret);
@ -3510,7 +3511,7 @@ function img_picto($titlealt, $picto, $moreatt = '', $pictoisfullpath = false, $
'accountancy', 'account', 'accountline', 'action', 'add', 'address', 'angle-double-down', 'angle-double-up', 'asset',
'bank_account', 'barcode', 'bank', 'bill', 'billa', 'billr', 'billd', 'bookmark', 'bom', 'building',
'cash-register', 'category', 'chart', 'check', 'clock', 'close_title', 'cog', 'collab', 'company', 'contact', 'country', 'contract', 'cron', 'cubes',
'delete', 'dolly', 'dollyrevert', 'donation', 'download', 'edit', 'ellipsis-h', 'email', 'eraser', 'establishment', 'external-link-alt', 'external-link-square-alt',
'delete', 'dolly', 'dollyrevert', 'donation', 'download', 'edit', 'ellipsis-h', 'email', 'eraser', 'establishment', 'expensereport', 'external-link-alt', 'external-link-square-alt',
'filter', 'file-code', 'file-export', 'file-import', 'file-upload', 'autofill', 'folder', 'folder-open', 'folder-plus',
'globe', 'globe-americas', 'graph', 'grip', 'grip_title', 'group',
'help', 'holiday',
@ -3542,7 +3543,7 @@ function img_picto($titlealt, $picto, $moreatt = '', $pictoisfullpath = false, $
'recruitmentcandidature', 'recruitmentjobposition', 'resource',
'shapes', 'supplier_proposal', 'supplier_order', 'supplier_invoice',
'timespent', 'title_setup', 'title_accountancy', 'title_bank', 'title_hrm', 'title_agenda',
'user-cog', 'website', 'workstation',
'uncheck', 'user-cog', 'website', 'workstation',
'conferenceorbooth', 'eventorganization'
))) {
$pictowithouttext = str_replace('object_', '', $pictowithouttext);
@ -3572,7 +3573,7 @@ function img_picto($titlealt, $picto, $moreatt = '', $pictoisfullpath = false, $
'generic'=>'file', 'holiday'=>'umbrella-beach',
'info'=>'info-circle', 'inventory'=>'boxes', 'intracommreport'=>'globe-europe', 'label'=>'layer-group', 'loan'=>'money-bill-alt',
'member'=>'user-alt', 'meeting'=>'chalkboard-teacher', 'mrp'=>'cubes', 'next'=>'arrow-alt-circle-right',
'trip'=>'wallet', 'group'=>'users', 'movement'=>'people-carry',
'trip'=>'wallet', 'expensereport'=>'wallet', 'group'=>'users', 'movement'=>'people-carry',
'sign-out'=>'sign-out-alt',
'switch_off'=>'toggle-off', 'switch_on'=>'toggle-on', 'check'=>'check', 'bookmark'=>'star', 'bookmark'=>'star',
'bank'=>'university', 'close_title'=>'times', 'delete'=>'trash', 'edit'=>'pencil-alt', 'filter'=>'filter',
@ -3588,7 +3589,7 @@ function img_picto($titlealt, $picto, $moreatt = '', $pictoisfullpath = false, $
'salary'=>'wallet', 'shipment'=>'dolly', 'stock'=>'box-open', 'stats' => 'chart-bar', 'split'=>'code-branch', 'stripe'=>'stripe-s', 'supplier_invoice'=>'file-invoice-dollar', 'technic'=>'cogs', 'ticket'=>'ticket-alt',
'timespent'=>'clock', 'title_setup'=>'tools', 'title_accountancy'=>'money-check-alt', 'title_bank'=>'university', 'title_hrm'=>'umbrella-beach',
'title_agenda'=>'calendar-alt',
'uparrow'=>'share', 'vcard'=>'address-card',
'uncheck'=>'times', 'uparrow'=>'share', 'vcard'=>'address-card',
'jabber'=>'comment-o',
'website'=>'globe-americas', 'workstation'=>'pallet',
'conferenceorbooth'=>'chalkboard-teacher', 'eventorganization'=>'project-diagram'
@ -3662,7 +3663,7 @@ function img_picto($titlealt, $picto, $moreatt = '', $pictoisfullpath = false, $
'resource'=>'infobox-action',
'salary'=>'infobox-bank_account', 'supplier_invoice'=>'infobox-order_supplier', 'supplier_invoicea'=>'infobox-order_supplier', 'supplier_invoiced'=>'infobox-order_supplier',
'supplier_order'=>'infobox-order_supplier', 'supplier_proposal'=>'infobox-supplier_proposal',
'ticket'=>'infobox-contrat', 'title_accountancy'=>'infobox-bank_account', 'title_hrm'=>'infobox-holiday', 'trip'=>'infobox-expensereport', 'title_agenda'=>'infobox-action',
'ticket'=>'infobox-contrat', 'title_accountancy'=>'infobox-bank_account', 'title_hrm'=>'infobox-holiday', 'expensereport'=>'infobox-expensereport', 'trip'=>'infobox-expensereport', 'title_agenda'=>'infobox-action',
//'title_setup'=>'infobox-action', 'tools'=>'infobox-action',
'list-alt'=>'imgforviewmode', 'calendar'=>'imgforviewmode', 'calendarweek'=>'imgforviewmode', 'calendarmonth'=>'imgforviewmode', 'calendarday'=>'imgforviewmode', 'calendarperuser'=>'imgforviewmode'
);
@ -3680,7 +3681,8 @@ function img_picto($titlealt, $picto, $moreatt = '', $pictoisfullpath = false, $
'map-marker-alt'=>'#aaa', 'mrp'=>'#a69944', 'product'=>'#a69944', 'service'=>'#a69944', 'inventory'=>'#a69944', 'stock'=>'#a69944', 'movement'=>'#a69944',
'other'=>'#ddd',
'playdisabled'=>'#ccc', 'printer'=>'#444', 'projectpub'=>'#986c6a', 'reception'=>'#a69944', 'resize'=>'#444', 'rss'=>'#cba',
'shipment'=>'#a69944', 'stats'=>'#444', 'switch_off'=>'#999', 'technic'=>'#999', 'timespent'=>'#555', 'uparrow'=>'#555', 'user-cog'=>'#999', 'country'=>'#aaa', 'globe-americas'=>'#aaa',
'shipment'=>'#a69944', 'stats'=>'#444', 'switch_off'=>'#999', 'technic'=>'#999', 'timespent'=>'#555',
'uncheck'=>'#800', 'uparrow'=>'#555', 'user-cog'=>'#999', 'country'=>'#aaa', 'globe-americas'=>'#aaa',
'website'=>'#304', 'workstation'=>'#a69944'
);
if (isset($arrayconvpictotocolor[$pictowithouttext])) {
@ -7102,6 +7104,11 @@ function getCommonSubstitutionArray($outputlangs, $onlykey = 0, $exclude = null,
} else {
$substitutionarray['__DIRECTDOWNLOAD_URL_CONTRACT__'] = '';
}
if (!empty($conf->global->SUPPLIER_PROPOSAL_ALLOW_EXTERNAL_DOWNLOAD) && is_object($object) && $object->element == 'supplier_proposal') {
$substitutionarray['__DIRECTDOWNLOAD_URL_SUPPLIER_PROPOSAL__'] = $object->getLastMainDocLink($object->element);
} else {
$substitutionarray['__DIRECTDOWNLOAD_URL_SUPPLIER_PROPOSAL__'] = '';
}
if (is_object($object) && $object->element == 'propal') {
$substitutionarray['__URL_PROPOSAL__'] = DOL_MAIN_URL_ROOT."/comm/propal/card.php?id=".$object->id;
@ -7115,6 +7122,9 @@ function getCommonSubstitutionArray($outputlangs, $onlykey = 0, $exclude = null,
if (is_object($object) && $object->element == 'contrat') {
$substitutionarray['__URL_CONTRACT__'] = DOL_MAIN_URL_ROOT."/contrat/card.php?id=".$object->id;
}
if (is_object($object) && $object->element == 'supplier_proposal') {
$substitutionarray['__URL_SUPPLIER_PROPOSAL__'] = DOL_MAIN_URL_ROOT."/supplier_proposal/card.php?id=".$object->id;
}
}
if (is_object($object) && $object->element == 'action') {

8
htdocs/core/lib/geturl.lib.php
View File

@ -155,7 +155,7 @@ function getURLContent($url, $postorget = 'GET', $param = '', $followlocation =
// Deny some reserved host names
if (in_array($hosttocheck, array('metadata.google.internal'))) {
$info['http_code'] = 400;
$info['content'] = 'Error bad hostname (Used by Google metadata). This value for hostname is not allowed.';
$info['content'] = 'Error bad hostname '.$hosttocheck.' (Used by Google metadata). This value for hostname is not allowed.';
break;
}
@ -197,10 +197,11 @@ function getURLContent($url, $postorget = 'GET', $param = '', $followlocation =
$info['content'] = 'Error bad hostname IP (IP is a local IP defined into MAIN_SECURITY_SERVER_IP). Must be an external URL.';
break;
}
} else { // Only local url allowed (dangerous, may allow to get metadata on server or make internal port scanning)
}
if ($localurl == 1) { // Only local url allowed (dangerous, may allow to get metadata on server or make internal port scanning)
if (filter_var($iptocheck, FILTER_VALIDATE_IP, FILTER_FLAG_NO_PRIV_RANGE | FILTER_FLAG_NO_RES_RANGE)) {
$info['http_code'] = 400;
$info['content'] = 'Error bad hostname. Must be a local URL.';
$info['content'] = 'Error bad hostname '.$iptocheck.'. Must be a local URL.';
break;
}
if (!empty($conf->global->MAIN_SECURITY_ANTI_SSRF_SERVER_IP) && !in_array($iptocheck, explode(',', '127.0.0.1,::1,'.$conf->global->MAIN_SECURITY_ANTI_SSRF_SERVER_IP))) {
@ -209,6 +210,7 @@ function getURLContent($url, $postorget = 'GET', $param = '', $followlocation =
break;
}
}
// Common check (local and external)
if (in_array($iptocheck, array('100.100.100.200'))) {
$info['http_code'] = 400;

Some files were not shown because too many files have changed in this diff Show More