From 7f807986d7b1de8cd5ad7762f190f57444b6465a Mon Sep 17 00:00:00 2001 From: arnaud Date: Wed, 27 Sep 2017 10:53:29 +0200 Subject: [PATCH 01/15] FIX replenish if line test GETPOST on line 0 --- htdocs/product/stock/replenish.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/htdocs/product/stock/replenish.php b/htdocs/product/stock/replenish.php index 55fe5908c7f..28786f0d324 100644 --- a/htdocs/product/stock/replenish.php +++ b/htdocs/product/stock/replenish.php @@ -115,7 +115,7 @@ if ($action == 'order' && isset($_POST['valid'])) $suppliers = array(); for ($i = 0; $i < $linecount; $i++) { - if (GETPOST($i, 'alpha') === 'on' && GETPOST('fourn' . $i, 'int') > 0) + if (GETPOST('choose' . $i, 'alpha') === 'on' && GETPOST('fourn' . $i, 'int') > 0) { //one line $box = $i; @@ -616,7 +616,7 @@ while ($i < ($limit ? min($num, $limit) : $num)) // Select field //print ''; - print ''; + print ''; print ''.$prod->getNomUrl(1, '').''; From 537a551bb5972cd2d413ea3f453a499951c924e6 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Wed, 27 Sep 2017 21:58:42 +0200 Subject: [PATCH 02/15] Fix vat visiblity on pdf --- htdocs/core/lib/functions.lib.php | 4 ++-- htdocs/core/lib/pdf.lib.php | 7 ++++--- htdocs/core/modules/commande/doc/pdf_einstein.modules.php | 6 +++--- htdocs/core/modules/facture/doc/pdf_crabe.modules.php | 6 +++--- htdocs/core/modules/propale/doc/pdf_azur.modules.php | 7 ++++--- 5 files changed, 16 insertions(+), 14 deletions(-) diff --git a/htdocs/core/lib/functions.lib.php b/htdocs/core/lib/functions.lib.php index bfddc4b4921..e87f46ad2bf 100644 --- a/htdocs/core/lib/functions.lib.php +++ b/htdocs/core/lib/functions.lib.php @@ -3684,7 +3684,7 @@ function print_fleche_navigation($page, $file, $options='', $nextpage=0, $betwee * @param string $rate Rate value to format ('19.6', '19,6', '19.6%', '19,6%', '19.6 (CODEX)', ...) * @param boolean $addpercent Add a percent % sign in output * @param int $info_bits Miscellaneous information on vat (0=Default, 1=French NPR vat) - * @param int $usestarfornpr 1=Use '*' for NPR vat rate intead of MAIN_LABEL_MENTION_NPR + * @param int $usestarfornpr -1=Never show, 0 or 1=Use '*' for NPR vat rates * @return string String with formated amounts ('19,6' or '19,6%' or '8.5% (NPR)' or '8.5% *' or '19,6 (CODEX)') */ function vatrate($rate, $addpercent=false, $info_bits=0, $usestarfornpr=0) @@ -3714,7 +3714,7 @@ function vatrate($rate, $addpercent=false, $info_bits=0, $usestarfornpr=0) // TODO Split on / and output with a price2num to have clean numbers without ton of 000. $ret=$rate.($addpercent?'%':''); } - if ($info_bits & 1) $ret.=' *'; + if (($info_bits & 1) && $usestarfornpr >= 0) $ret.=' *'; $ret.=$morelabel; return $ret; } diff --git a/htdocs/core/lib/pdf.lib.php b/htdocs/core/lib/pdf.lib.php index 8a445625022..698ba131ca6 100644 --- a/htdocs/core/lib/pdf.lib.php +++ b/htdocs/core/lib/pdf.lib.php @@ -1491,14 +1491,14 @@ function pdf_getlinevatrate($object,$i,$outputlangs,$hidedetails=0) { $tmpresult=''; - $tmpresult.=vatrate($object->lines[$i]->tva_tx, 1, $object->lines[$i]->info_bits, 1); + $tmpresult.=vatrate($object->lines[$i]->tva_tx, 0, $object->lines[$i]->info_bits, -1); if (empty($conf->global->MAIN_PDF_MAIN_HIDE_SECOND_TAX)) { if ($object->lines[$i]->total_localtax1 != 0) { if (preg_replace('/[\s0%]/','',$tmpresult)) $tmpresult.='/'; else $tmpresult=''; - $tmpresult.=vatrate(abs($object->lines[$i]->localtax1_tx),1); + $tmpresult.=vatrate(abs($object->lines[$i]->localtax1_tx), 0); } } if (empty($conf->global->MAIN_PDF_MAIN_HIDE_THIRD_TAX)) @@ -1507,9 +1507,10 @@ function pdf_getlinevatrate($object,$i,$outputlangs,$hidedetails=0) { if (preg_replace('/[\s0%]/','',$tmpresult)) $tmpresult.='/'; else $tmpresult=''; - $tmpresult.=vatrate(abs($object->lines[$i]->localtax2_tx),1); + $tmpresult.=vatrate(abs($object->lines[$i]->localtax2_tx), 0); } } + $tmpresult.= '%'; $result.=$tmpresult; } diff --git a/htdocs/core/modules/commande/doc/pdf_einstein.modules.php b/htdocs/core/modules/commande/doc/pdf_einstein.modules.php index 74a72b36581..80c6e6680b2 100644 --- a/htdocs/core/modules/commande/doc/pdf_einstein.modules.php +++ b/htdocs/core/modules/commande/doc/pdf_einstein.modules.php @@ -140,7 +140,7 @@ class pdf_einstein extends ModelePDFCommandes } else { - $this->posxtva=112; + $this->posxtva=110; $this->posxup=126; $this->posxqty=145; } @@ -431,8 +431,8 @@ class pdf_einstein extends ModelePDFCommandes if (empty($conf->global->MAIN_GENERATE_DOCUMENTS_WITHOUT_VAT) && empty($conf->global->MAIN_GENERATE_DOCUMENTS_WITHOUT_VAT_COLUMN)) { $vat_rate = pdf_getlinevatrate($object, $i, $outputlangs, $hidedetails); - $pdf->SetXY($this->posxtva, $curY); - $pdf->MultiCell($this->posxup-$this->posxtva-0.8, 3, $vat_rate, 0, 'R'); + $pdf->SetXY($this->posxtva-5, $curY); + $pdf->MultiCell($this->posxup-$this->posxtva+4, 3, $vat_rate, 0, 'R'); } // Unit price before discount diff --git a/htdocs/core/modules/facture/doc/pdf_crabe.modules.php b/htdocs/core/modules/facture/doc/pdf_crabe.modules.php index 338a6019b56..98b2367db32 100644 --- a/htdocs/core/modules/facture/doc/pdf_crabe.modules.php +++ b/htdocs/core/modules/facture/doc/pdf_crabe.modules.php @@ -125,7 +125,7 @@ class pdf_crabe extends ModelePDFFactures } else { - $this->posxtva=112; + $this->posxtva=110; $this->posxup=126; $this->posxqty=145; } @@ -496,8 +496,8 @@ class pdf_crabe extends ModelePDFFactures if (empty($conf->global->MAIN_GENERATE_DOCUMENTS_WITHOUT_VAT) && empty($conf->global->MAIN_GENERATE_DOCUMENTS_WITHOUT_VAT_COLUMN)) { $vat_rate = pdf_getlinevatrate($object, $i, $outputlangs, $hidedetails); - $pdf->SetXY($this->posxtva, $curY); - $pdf->MultiCell($this->posxup-$this->posxtva-0.8, 3, $vat_rate, 0, 'R'); + $pdf->SetXY($this->posxtva-5, $curY); + $pdf->MultiCell($this->posxup-$this->posxtva+4, 3, $vat_rate, 0, 'R'); } // Unit price before discount diff --git a/htdocs/core/modules/propale/doc/pdf_azur.modules.php b/htdocs/core/modules/propale/doc/pdf_azur.modules.php index 8b9929f2880..9105a82b0d4 100644 --- a/htdocs/core/modules/propale/doc/pdf_azur.modules.php +++ b/htdocs/core/modules/propale/doc/pdf_azur.modules.php @@ -114,7 +114,7 @@ class pdf_azur extends ModelePDFPropales } else { - $this->posxtva=112; + $this->posxtva=110; $this->posxup=126; $this->posxqty=145; } @@ -505,8 +505,8 @@ class pdf_azur extends ModelePDFPropales if (empty($conf->global->MAIN_GENERATE_DOCUMENTS_WITHOUT_VAT) && empty($conf->global->MAIN_GENERATE_DOCUMENTS_WITHOUT_VAT_COLUMN)) { $vat_rate = pdf_getlinevatrate($object, $i, $outputlangs, $hidedetails); - $pdf->SetXY($this->posxtva, $curY); - $pdf->MultiCell($this->posxup-$this->posxtva-0.8, 3, $vat_rate, 0, 'R'); + $pdf->SetXY($this->posxtva-5, $curY); + $pdf->MultiCell($this->posxup-$this->posxtva+4, 3, $vat_rate, 0, 'R'); } // Unit price before discount @@ -1310,6 +1310,7 @@ class pdf_azur extends ModelePDFPropales $pdf->line($this->posxtva-1, $tab_top, $this->posxtva-1, $tab_top + $tab_height); if (empty($hidetop)) { + // Not do -3 and +3 instead of -1 -1 to have more space for text 'Sales tax' $pdf->SetXY($this->posxtva-3, $tab_top+1); $pdf->MultiCell($this->posxup-$this->posxtva+3,2, $outputlangs->transnoentities("VAT"),'','C'); } From 93cf135d5e459595bf36ae5bea608c89d34ccb30 Mon Sep 17 00:00:00 2001 From: Juanjo Menent Date: Thu, 28 Sep 2017 12:05:41 +0200 Subject: [PATCH 03/15] FIX: #7510 Bug: extrafield content disappear when generate pdf within intervention --- htdocs/fichinter/card.php | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/htdocs/fichinter/card.php b/htdocs/fichinter/card.php index 4ed3ecb7cef..213e4cc4d2b 100644 --- a/htdocs/fichinter/card.php +++ b/htdocs/fichinter/card.php @@ -2,7 +2,7 @@ /* Copyright (C) 2002-2007 Rodolphe Quiedeville * Copyright (C) 2004-2016 Laurent Destailleur * Copyright (C) 2005-2015 Regis Houssin - * Copyright (C) 2011-2013 Juanjo Menent + * Copyright (C) 2011-2017 Juanjo Menent * Copyright (C) 2013 Florian Henry * Copyright (C) 2014-2015 Ferran Marcet * Copyright (C) 2014-2015 Charlie Benke @@ -785,7 +785,8 @@ if (empty($reshook)) $parameters=array('id'=>$object->id); $reshook=$hookmanager->executeHooks('insertExtraFields',$parameters,$object,$action); // Note that $action and $object may have been modified by some hooks if (empty($reshook)) - { $result=$object->updateExtraField($_POST["attribute"]); + { + $result=$object->insertExtraFields(); if ($result < 0) { $error++; From 7ba2dd8397f638b07ac7d8e4e8b3506c8b9aa538 Mon Sep 17 00:00:00 2001 From: atm-ph Date: Thu, 28 Sep 2017 15:25:51 +0200 Subject: [PATCH 04/15] Fix the pdf_getlineprogress hook isn't use because hookmanager is null --- htdocs/core/lib/pdf.lib.php | 2 ++ 1 file changed, 2 insertions(+) diff --git a/htdocs/core/lib/pdf.lib.php b/htdocs/core/lib/pdf.lib.php index 1b79cc9163d..89c4ceaa137 100644 --- a/htdocs/core/lib/pdf.lib.php +++ b/htdocs/core/lib/pdf.lib.php @@ -1753,6 +1753,8 @@ function pdf_getlineremisepercent($object,$i,$outputlangs,$hidedetails=0) */ function pdf_getlineprogress($object, $i, $outputlangs, $hidedetails = 0, $hookmanager = null) { + if (empty($hookmanager)) global $hookmanager; + $reshook=0; $result=''; //if (is_object($hookmanager) && ( (isset($object->lines[$i]->product_type) && $object->lines[$i]->product_type == 9 && ! empty($object->lines[$i]->special_code)) || ! empty($object->lines[$i]->fk_parent_line) ) ) From 30a9e40f4ed0ebd4c0b8c6eb0b6c2c3674e17f6f Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Thu, 28 Sep 2017 17:29:37 +0200 Subject: [PATCH 05/15] Fix position of fields --- htdocs/api/class/api.class.php | 3 ++ .../comm/propal/class/api_proposals.class.php | 44 ++++++++++++++----- 2 files changed, 35 insertions(+), 12 deletions(-) diff --git a/htdocs/api/class/api.class.php b/htdocs/api/class/api.class.php index dcda8255e7c..10d03acef8e 100644 --- a/htdocs/api/class/api.class.php +++ b/htdocs/api/class/api.class.php @@ -131,6 +131,9 @@ class DolibarrApi unset($object->table_element_line); unset($object->picto); + unset($object->skip_update_total); + unset($object->context); + // Remove the $oldcopy property because it is not supported by the JSON // encoder. The following error is generated when trying to serialize // it: "Error encoding/decoding JSON: Type is not supported" diff --git a/htdocs/comm/propal/class/api_proposals.class.php b/htdocs/comm/propal/class/api_proposals.class.php index 42dbdbf9d2c..46ac4cf0327 100644 --- a/htdocs/comm/propal/class/api_proposals.class.php +++ b/htdocs/comm/propal/class/api_proposals.class.php @@ -278,7 +278,7 @@ class Proposals extends DolibarrApi $request_data->fk_unit, $this->element, $request_data->id, - $request_data->pu_ht_devise, + $request_data->multicurrency_subprice, $request_data->fk_remise_except ); @@ -316,26 +316,27 @@ class Proposals extends DolibarrApi $request_data = (object) $request_data; $updateRes = $this->propal->updateline( $lineid, - $request_data->desc, $request_data->subprice, $request_data->qty, $request_data->remise_percent, $request_data->tva_tx, $request_data->localtax1_tx, $request_data->localtax2_tx, - 'HT', + $request_data->desc, + 'HT', $request_data->info_bits, - $request_data->date_start, - $request_data->date_end, - $request_data->product_type, - $request_data->fk_parent_line, - 0, - $request_data->fk_fournprice, - $request_data->pa_ht, - $request_data->label, $request_data->special_code, + $request_data->fk_parent_line, + 0, + $request_data->fk_fournprice, + $request_data->pa_ht, + $request_data->label, + $request_data->product_type, + $request_data->date_start, + $request_data->date_end, $request_data->array_options, - $request_data->fk_unit + $request_data->fk_unit, + $request_data->multicurrency_subprice ); if ($updateRes > 0) { @@ -508,4 +509,23 @@ class Proposals extends DolibarrApi } return $propal; } + + /** + * Clean sensible object datas + * + * @param object $object Object to clean + * @return array Array of cleaned object properties + */ + function _cleanObjectDatas($object) { + + $object = parent::_cleanObjectDatas($object); + + unset($object->name); + unset($object->lastname); + unset($object->firstname); + unset($object->civility_id); + unset($object->address); + + return $object; + } } From f510f3062bd17552b8d101f0520e23b697674fc7 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Thu, 28 Sep 2017 17:41:18 +0200 Subject: [PATCH 06/15] Clean param type --- htdocs/comm/propal/class/propal.class.php | 1 + 1 file changed, 1 insertion(+) diff --git a/htdocs/comm/propal/class/propal.class.php b/htdocs/comm/propal/class/propal.class.php index f2ecb877a9a..ce56e1386ef 100644 --- a/htdocs/comm/propal/class/propal.class.php +++ b/htdocs/comm/propal/class/propal.class.php @@ -639,6 +639,7 @@ class Propal extends CommonObject $pa_ht=price2num($pa_ht); if (empty($qty) && empty($special_code)) $special_code=3; // Set option tag if (! empty($qty) && $special_code == 3) $special_code=0; // Remove option tag + if (empty($type)) $type=0; if ($this->statut == self::STATUS_DRAFT) { From 4a63e6b6ec256e3ff4bb7ea0c9773a3e8f0d12ee Mon Sep 17 00:00:00 2001 From: Regis Houssin Date: Fri, 29 Sep 2017 19:07:13 +0200 Subject: [PATCH 07/15] Fix: two errors when you create invoice from shipping --- htdocs/compta/facture/class/facture.class.php | 2 +- htdocs/install/mysql/data/llx_c_type_contact.sql | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/htdocs/compta/facture/class/facture.class.php b/htdocs/compta/facture/class/facture.class.php index 6c73746d9af..3c4bfec6a45 100644 --- a/htdocs/compta/facture/class/facture.class.php +++ b/htdocs/compta/facture/class/facture.class.php @@ -486,7 +486,7 @@ class Facture extends CommonInvoice foreach ($exp->linkedObjectsIds['commande'] as $key => $value) { $originforcontact = 'commande'; - $originidforcontact = $value->id; + $originidforcontact = $value; break; // We take first one } } diff --git a/htdocs/install/mysql/data/llx_c_type_contact.sql b/htdocs/install/mysql/data/llx_c_type_contact.sql index a0b36634ce1..ce51eb20ca5 100644 --- a/htdocs/install/mysql/data/llx_c_type_contact.sql +++ b/htdocs/install/mysql/data/llx_c_type_contact.sql @@ -43,6 +43,7 @@ insert into llx_c_type_contact(rowid, element, source, code, libelle, active ) v insert into llx_c_type_contact(rowid, element, source, code, libelle, active ) values (60, 'facture', 'external', 'BILLING', 'Contact client facturation', 1); insert into llx_c_type_contact(rowid, element, source, code, libelle, active ) values (61, 'facture', 'external', 'SHIPPING', 'Contact client livraison', 1); insert into llx_c_type_contact(rowid, element, source, code, libelle, active ) values (62, 'facture', 'external', 'SERVICE', 'Contact client prestation', 1); +insert into llx_c_type_contact(rowid, element, source, code, libelle, active ) values (63, 'facture', 'external', 'CUSTOMER', 'Contact client suivi facturation', 1) insert into llx_c_type_contact(rowid, element, source, code, libelle, active ) values (70, 'invoice_supplier', 'internal', 'SALESREPFOLL', 'Responsable suivi du paiement', 1); insert into llx_c_type_contact(rowid, element, source, code, libelle, active ) values (71, 'invoice_supplier', 'external', 'BILLING', 'Contact fournisseur facturation', 1); From 6a05645295f77f558d00e5191eb1dd216277dda3 Mon Sep 17 00:00:00 2001 From: Alexandre SPANGARO Date: Sat, 30 Sep 2017 06:58:31 +0200 Subject: [PATCH 08/15] Fix : Accountancy export model for Agiris Isacompta --- .../class/accountancyexport.class.php | 21 +++++++------------ 1 file changed, 7 insertions(+), 14 deletions(-) diff --git a/htdocs/accountancy/class/accountancyexport.class.php b/htdocs/accountancy/class/accountancyexport.class.php index e9ad42858aa..ac92dcab195 100644 --- a/htdocs/accountancy/class/accountancyexport.class.php +++ b/htdocs/accountancy/class/accountancyexport.class.php @@ -419,7 +419,7 @@ class AccountancyExport /** - * Export format : Agiris + * Export format : Agiris Isacompta * * @param array $objectLines data * @@ -433,30 +433,23 @@ class AccountancyExport $date = dol_print_date($line->doc_date, '%d%m%Y'); - print $line->id . $this->separator; - print '"'.dol_trunc($line->piece_num,15,'right','UTF-8',1).'"'.$this->separator; + print $line->piece_num . $this->separator; + print $line->label_operation . $this->separator; print $date . $this->separator; - print '"'.dol_trunc($line->piece_num,15,'right','UTF-8',1).'"'.$this->separator; + print $line->label_operation . $this->separator; if (empty($line->subledger_account)) { print length_accountg($line->numero_compte) . $this->separator; } else { - // FIXME Because the subledger_account is already an accounting account, does we really need - // to concat 4011 or 401 to it ? - if (substr($line->numero_compte, 0, 1) == 'C' || substr($line->numero_compte, 0, 1) == '9') { - print '411' . substr(str_replace(" ", "", $line->subledger_account), 0, 5) . $this->separator; - } - if (substr($line->numero_compte, 0, 1) == 'F' || substr($line->numero_compte, 0, 1) == '0') { - print '401' . substr(str_replace(" ", "", $line->subledger_account), 0, 5) . $this->separator; - } + print length_accounta($line->subledger_account) . $this->separator; } - print length_accounta($line->subledger_account) . $this->separator; + print $line->doc_ref . $this->separator; print price($line->debit) . $this->separator; print price($line->credit) . $this->separator; print price($line->montant).$this->separator; print $line->sens.$this->separator; - print $line->code_journal . $this->separator; + print $line->code_journal; print $this->end_line; } } From 884fc5d249ac28a8c3216635ee32071aab5231ce Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 2 Oct 2017 01:25:00 +0200 Subject: [PATCH 09/15] Update facture.class.php --- htdocs/compta/facture/class/facture.class.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/htdocs/compta/facture/class/facture.class.php b/htdocs/compta/facture/class/facture.class.php index 3c4bfec6a45..60970b5b1e2 100644 --- a/htdocs/compta/facture/class/facture.class.php +++ b/htdocs/compta/facture/class/facture.class.php @@ -486,7 +486,8 @@ class Facture extends CommonInvoice foreach ($exp->linkedObjectsIds['commande'] as $key => $value) { $originforcontact = 'commande'; - $originidforcontact = $value; + if (is_object($value)) $originidforcontact = $value->id; + else $originidforcontact = $value; break; // We take first one } } From ec8db116f80f3b9ee0967f028a3d032b7df1a3f7 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 2 Oct 2017 01:25:28 +0200 Subject: [PATCH 10/15] Update llx_c_type_contact.sql --- htdocs/install/mysql/data/llx_c_type_contact.sql | 1 - 1 file changed, 1 deletion(-) diff --git a/htdocs/install/mysql/data/llx_c_type_contact.sql b/htdocs/install/mysql/data/llx_c_type_contact.sql index ce51eb20ca5..a0b36634ce1 100644 --- a/htdocs/install/mysql/data/llx_c_type_contact.sql +++ b/htdocs/install/mysql/data/llx_c_type_contact.sql @@ -43,7 +43,6 @@ insert into llx_c_type_contact(rowid, element, source, code, libelle, active ) v insert into llx_c_type_contact(rowid, element, source, code, libelle, active ) values (60, 'facture', 'external', 'BILLING', 'Contact client facturation', 1); insert into llx_c_type_contact(rowid, element, source, code, libelle, active ) values (61, 'facture', 'external', 'SHIPPING', 'Contact client livraison', 1); insert into llx_c_type_contact(rowid, element, source, code, libelle, active ) values (62, 'facture', 'external', 'SERVICE', 'Contact client prestation', 1); -insert into llx_c_type_contact(rowid, element, source, code, libelle, active ) values (63, 'facture', 'external', 'CUSTOMER', 'Contact client suivi facturation', 1) insert into llx_c_type_contact(rowid, element, source, code, libelle, active ) values (70, 'invoice_supplier', 'internal', 'SALESREPFOLL', 'Responsable suivi du paiement', 1); insert into llx_c_type_contact(rowid, element, source, code, libelle, active ) values (71, 'invoice_supplier', 'external', 'BILLING', 'Contact fournisseur facturation', 1); From 90964d25cea26b4b0e4148dd209538ed7b52a00e Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 2 Oct 2017 17:52:20 +0200 Subject: [PATCH 11/15] Fix css --- htdocs/theme/eldy/style.css.php | 2 +- htdocs/theme/md/style.css.php | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/htdocs/theme/eldy/style.css.php b/htdocs/theme/eldy/style.css.php index 28e4e9e0ca9..96c7c91de2b 100644 --- a/htdocs/theme/eldy/style.css.php +++ b/htdocs/theme/eldy/style.css.php @@ -269,7 +269,7 @@ input.select2-input { .liste_titre input[name=monthvalid], .liste_titre input[name=search_ordermonth], .liste_titre input[name=search_deliverymonth], .liste_titre input[name=search_smonth], .liste_titre input[name=search_month], .liste_titre input[name=search_emonth], .liste_titre input[name=smonth], .liste_titre input[name=month], .liste_titre select[name=month], -.liste_titre input[name=month_lim] { +.liste_titre input[name=month_lim], .liste_titre input[name=month_create] { margin-right: 4px; } input[type=submit] { diff --git a/htdocs/theme/md/style.css.php b/htdocs/theme/md/style.css.php index 66fd3c20925..f4966a105b7 100644 --- a/htdocs/theme/md/style.css.php +++ b/htdocs/theme/md/style.css.php @@ -284,7 +284,7 @@ textarea.cke_source:focus .liste_titre input[name=monthvalid], .liste_titre input[name=search_ordermonth], .liste_titre input[name=search_deliverymonth], .liste_titre input[name=search_smonth], .liste_titre input[name=search_month], .liste_titre input[name=search_emonth], .liste_titre input[name=smonth], .liste_titre input[name=month], -.liste_titre input[name=month_lim] { +.liste_titre input[name=month_lim], .liste_titre input[name=month_create] { margin-right: 4px; } input, input.flat, textarea, textarea.flat, form.flat select, select, select.flat, .dataTables_length label select { From 888e5ed2c5b9f50732679b542f801c1b91748269 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Tue, 3 Oct 2017 09:35:45 +0200 Subject: [PATCH 12/15] Fix sanitize uploaded filename --- htdocs/core/actions_linkedfiles.inc.php | 12 ++++++------ htdocs/core/lib/files.lib.php | 8 +++----- 2 files changed, 9 insertions(+), 11 deletions(-) diff --git a/htdocs/core/actions_linkedfiles.inc.php b/htdocs/core/actions_linkedfiles.inc.php index 981de037c13..1f47a94f6d2 100644 --- a/htdocs/core/actions_linkedfiles.inc.php +++ b/htdocs/core/actions_linkedfiles.inc.php @@ -30,9 +30,9 @@ if (GETPOST('sendit') && ! empty($conf->global->MAIN_UPLOAD_DOC)) if ($object->id) { if (! empty($upload_dirold) && ! empty($conf->global->PRODUCT_USE_OLD_PATH_FOR_PHOTO)) - $result = dol_add_file_process($upload_dirold, 0, 1, 'userfile', GETPOST('savingdocmask')); + $result = dol_add_file_process($upload_dirold, 0, 1, 'userfile', GETPOST('savingdocmask', 'alpha')); else - $result = dol_add_file_process($upload_dir, 0, 1, 'userfile', GETPOST('savingdocmask')); + $result = dol_add_file_process($upload_dir, 0, 1, 'userfile', GETPOST('savingdocmask', 'alpha')); } } elseif (GETPOST('linkit') && ! empty($conf->global->MAIN_UPLOAD_DOC)) @@ -57,7 +57,7 @@ if ($action == 'confirm_deletefile' && $confirm == 'yes') if ($object->id) { $urlfile = GETPOST('urlfile', 'alpha'); // Do not use urldecode here ($_GET and $_REQUEST are already decoded by PHP). - if (GETPOST('section')) $file = $upload_dir . "/" . $urlfile; // For a delete of GED module urlfile contains full path from upload_dir + if (GETPOST('section', 'alpha')) $file = $upload_dir . "/" . $urlfile; // For a delete of GED module urlfile contains full path from upload_dir else // For documents pages, upload_dir contains already path to file from module dir, so we clean path into urlfile. { $urlfile=basename($urlfile); @@ -116,7 +116,7 @@ if ($action == 'confirm_deletefile' && $confirm == 'yes') exit; } } -elseif ($action == 'confirm_updateline' && GETPOST('save') && GETPOST('link', 'alpha')) +elseif ($action == 'confirm_updateline' && GETPOST('save','alpha') && GETPOST('link', 'alpha')) { require_once DOL_DOCUMENT_ROOT . '/core/class/link.class.php'; $langs->load('link'); @@ -150,8 +150,8 @@ elseif ($action == 'renamefile' && GETPOST('renamefilesave')) //var_dump($upload_dir);exit; if (! empty($upload_dir)) { - $filenamefrom=dol_sanitizeFileName(GETPOST('renamefilefrom')); - $filenameto=dol_sanitizeFileName(GETPOST('renamefileto')); + $filenamefrom=dol_sanitizeFileName(GETPOST('renamefilefrom','alpha')); + $filenameto=dol_sanitizeFileName(GETPOST('renamefileto','alpha')); // Security: // Disallow file with some extensions. We rename them. diff --git a/htdocs/core/lib/files.lib.php b/htdocs/core/lib/files.lib.php index b1031153507..38e8f09a3d8 100644 --- a/htdocs/core/lib/files.lib.php +++ b/htdocs/core/lib/files.lib.php @@ -1386,19 +1386,17 @@ function dol_add_file_process($upload_dir, $allowoverwrite=0, $donotupdatesessio $destfull=$upload_dir . "/" . $TFile['name'][$i]; $destfile=$TFile['name'][$i]; - $savingdocmask = dol_sanitizeFileName($savingdocmask); - if ($savingdocmask) { $destfull=$upload_dir . "/" . preg_replace('/__file__/',$TFile['name'][$i],$savingdocmask); $destfile=preg_replace('/__file__/',$TFile['name'][$i],$savingdocmask); } - // lowercase extension + // dol_sanitizeFileName the file name and lowercase extension $info = pathinfo($destfull); - $destfull = $info['dirname'].'/'.$info['filename'].'.'.strtolower($info['extension']); + $destfull = $info['dirname'].'/'.dol_sanitizeFileName($info['filename'].'.'.strtolower($info['extension'])); $info = pathinfo($destfile); - $destfile = $info['filename'].'.'.strtolower($info['extension']); + $destfile = dol_sanitizeFileName($info['filename'].'.'.strtolower($info['extension'])); $resupload = dol_move_uploaded_file($TFile['tmp_name'][$i], $destfull, $allowoverwrite, 0, $TFile['error'][$i], 0, $varfiles); From c4b3dc40c316f5fb85c56ac3fffeae7306186177 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 2 Oct 2017 20:38:15 +0200 Subject: [PATCH 13/15] Allow : into file names --- htdocs/core/lib/functions.lib.php | 2 +- htdocs/holiday/document.php | 24 ++++++++++++------------ 2 files changed, 13 insertions(+), 13 deletions(-) diff --git a/htdocs/core/lib/functions.lib.php b/htdocs/core/lib/functions.lib.php index e87f46ad2bf..288badf6285 100644 --- a/htdocs/core/lib/functions.lib.php +++ b/htdocs/core/lib/functions.lib.php @@ -680,7 +680,7 @@ function dol_size($size,$type='') */ function dol_sanitizeFileName($str,$newstr='_',$unaccent=1) { - $filesystem_forbidden_chars = array('<','>',':','/','\\','?','*','|','"','°'); + $filesystem_forbidden_chars = array('<','>','/','\\','?','*','|','"','°'); return dol_string_nospecial($unaccent?dol_string_unaccent($str):$str, $newstr, $filesystem_forbidden_chars); } diff --git a/htdocs/holiday/document.php b/htdocs/holiday/document.php index 38f68e58937..c468fcd7272 100644 --- a/htdocs/holiday/document.php +++ b/htdocs/holiday/document.php @@ -97,7 +97,7 @@ if ($object->id) $head=holiday_prepare_head($object); - dol_fiche_head($head, 'documents',$langs->trans("CPTitreMenu"),0,'holiday'); + dol_fiche_head($head, 'documents', $langs->trans("CPTitreMenu"), -1,'holiday'); // Construit liste des fichiers @@ -110,16 +110,16 @@ if ($object->id) $linkback=''.$langs->trans("BackToList").''; - + dol_banner_tab($object, 'id', $linkback, 1, 'rowid', 'ref'); - - + + print '
'; //print '
'; print '
'; - + print ''; - + print ''; print ''; print ''; print ''; - + print ''; print '
'.$langs->trans("User").''; @@ -212,16 +212,16 @@ if ($object->id) print '
'.$langs->trans("NbOfAttachedFiles").''.count($filearray).'
'.$langs->trans("TotalSizeOfAttachedFiles").''.$totalsize.' '.$langs->trans("bytes").'
'."\n"; /* print '
'; print '
'; print '
'; - + print '
'; - + // Info workflow print ''."\n"; print ''; @@ -278,11 +278,11 @@ if ($object->id) print ''; print ''; */ print ''; - + print '
'; - + dol_fiche_end(); - + $modulepart = 'holiday'; From 0b808fa2aaa85c28eda9628140eab81a945ae2a1 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Tue, 3 Oct 2017 10:11:03 +0200 Subject: [PATCH 14/15] FIX Bad preview on scroping when special file names --- htdocs/core/photos_resize.php | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/htdocs/core/photos_resize.php b/htdocs/core/photos_resize.php index 5b29d25202e..df734e70235 100644 --- a/htdocs/core/photos_resize.php +++ b/htdocs/core/photos_resize.php @@ -170,7 +170,7 @@ if ($action == 'confirm_resize' && (isset($_POST["file"]) != "") && (isset($_POS { $fullpath=$dir."/".$original_file; $result=dol_imageResizeOrCrop($fullpath,0,$_POST['sizex'],$_POST['sizey']); - + if ($result == $fullpath) { $object->addThumbs($fullpath); @@ -178,7 +178,7 @@ if ($action == 'confirm_resize' && (isset($_POST["file"]) != "") && (isset($_POS // Update/create database for file $fullpath $rel_filename = preg_replace('/^'.preg_quote(DOL_DATA_ROOT,'/').'/', '', $fullpath); $rel_filename = preg_replace('/^[\\/]/','',$rel_filename); - + include_once DOL_DOCUMENT_ROOT.'/ecm/class/ecmfiles.class.php'; $ecmfile=new EcmFiles($db); $result = $ecmfile->fetch(0, '', $rel_filename); @@ -188,7 +188,7 @@ if ($action == 'confirm_resize' && (isset($_POST["file"]) != "") && (isset($_POS $rel_dir = dirname($rel_filename); $rel_dir = preg_replace('/[\\/]$/', '', $rel_dir); $rel_dir = preg_replace('/^[\\/]/', '', $rel_dir); - + $ecmfile->label = md5_file(dol_osencode($fullpath)); $result = $ecmfile->update($user); } @@ -198,7 +198,7 @@ if ($action == 'confirm_resize' && (isset($_POST["file"]) != "") && (isset($_POS $rel_dir = dirname($rel_filename); $rel_dir = preg_replace('/[\\/]$/', '', $rel_dir); $rel_dir = preg_replace('/^[\\/]/', '', $rel_dir); - + $ecmfile->filepath = $rel_dir; $ecmfile->filename = $filename; $ecmfile->label = md5_file(dol_osencode($fullpath)); // $fullpath is a full path to file @@ -213,7 +213,7 @@ if ($action == 'confirm_resize' && (isset($_POST["file"]) != "") && (isset($_POS } $result = $ecmfile->create($user); } - + if ($backtourl) { header("Location: ".$backtourl); @@ -246,7 +246,7 @@ if ($action == 'confirm_crop') // Update/create database for file $fullpath $rel_filename = preg_replace('/^'.preg_quote(DOL_DATA_ROOT,'/').'/', '', $fullpath); $rel_filename = preg_replace('/^[\\/]/','',$rel_filename); - + include_once DOL_DOCUMENT_ROOT.'/ecm/class/ecmfiles.class.php'; $ecmfile=new EcmFiles($db); $result = $ecmfile->fetch(0, '', $rel_filename); @@ -256,7 +256,7 @@ if ($action == 'confirm_crop') $rel_dir = dirname($rel_filename); $rel_dir = preg_replace('/[\\/]$/', '', $rel_dir); $rel_dir = preg_replace('/^[\\/]/', '', $rel_dir); - + $ecmfile->label = md5_file(dol_osencode($fullpath)); $result = $ecmfile->update($user); } @@ -266,7 +266,7 @@ if ($action == 'confirm_crop') $rel_dir = dirname($rel_filename); $rel_dir = preg_replace('/[\\/]$/', '', $rel_dir); $rel_dir = preg_replace('/^[\\/]/', '', $rel_dir); - + $ecmfile->filepath = $rel_dir; $ecmfile->filename = $filename; $ecmfile->label = md5_file(dol_osencode($fullpath)); // $fullpath is a full path to file @@ -281,7 +281,7 @@ if ($action == 'confirm_crop') } $result = $ecmfile->create($user); } - + if ($backtourl) { header("Location: ".$backtourl); @@ -311,7 +311,7 @@ llxHeader($head, $langs->trans("Image"), '', '', 0, 0, array('/includes/jquery/p print load_fiche_titre($langs->trans("ImageEditor")); -$infoarray=dol_getImageSize($dir."/".GETPOST("file")); +$infoarray=dol_getImageSize($dir."/".GETPOST("file",'alpha')); $height=$infoarray['height']; $width=$infoarray['width']; print $langs->trans("CurrentInformationOnImage").': '; @@ -373,7 +373,7 @@ if (! empty($conf->use_javascript_ajax)) print $langs->trans("DefineNewAreaToPick").'...
'; print '
'; print '
'; - print ''; + print ''; print '
'; print '

'; print '
From fef6440ff25cdc60192e951bfa76ca248d40f73b Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Tue, 3 Oct 2017 16:23:30 +0200 Subject: [PATCH 15/15] FIX #7541 --- htdocs/install/mysql/tables/llx_holiday.sql | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/install/mysql/tables/llx_holiday.sql b/htdocs/install/mysql/tables/llx_holiday.sql index 35982525853..f6994810021 100644 --- a/htdocs/install/mysql/tables/llx_holiday.sql +++ b/htdocs/install/mysql/tables/llx_holiday.sql @@ -19,7 +19,7 @@ CREATE TABLE llx_holiday ( rowid integer NOT NULL AUTO_INCREMENT PRIMARY KEY, -ref varchar(30) NOT NULL, -- number +ref varchar(30) NULL, -- number ref_ext varchar(255), entity integer DEFAULT 1 NOT NULL, -- Multi company id fk_user integer NOT NULL,