From a451fee68f9f8ddc5e8be3fb7ad67372870475c3 Mon Sep 17 00:00:00 2001 From: Givriz Date: Fri, 23 Apr 2021 18:01:11 +0200 Subject: [PATCH 001/105] Compatibility phpv8 --- htdocs/admin/mails.php | 12 +++++----- htdocs/admin/system/filecheck.php | 6 ++--- htdocs/admin/tools/dolibarr_export.php | 2 +- htdocs/admin/tools/listevents.php | 32 +++++++++++++------------- htdocs/core/lib/admin.lib.php | 2 +- 5 files changed, 27 insertions(+), 27 deletions(-) diff --git a/htdocs/admin/mails.php b/htdocs/admin/mails.php index 0252f149d10..6479306736c 100644 --- a/htdocs/admin/mails.php +++ b/htdocs/admin/mails.php @@ -48,7 +48,7 @@ $substitutionarrayfortest = array( '__DOL_MAIN_URL_ROOT__'=>DOL_MAIN_URL_ROOT, '__ID__' => 'RecipientIdRecord', //'__EMAIL__' => 'RecipientEMail', // Done into actions_sendmails - '__CHECK_READ__' => (is_object($object) && !empty($object->thirdparty) && is_object($object->thirdparty)) ? '' : '', + '__CHECK_READ__' => (!empty($object) && is_object($object) && is_object($object->thirdparty)) ? '' : '', '__USER_SIGNATURE__' => (($user->signature && empty($conf->global->MAIN_MAIL_DO_NOT_USE_SIGN)) ? $usersignature : ''), // Done into actions_sendmails '__LOGIN__' => 'RecipientLogin', '__LASTNAME__' => 'RecipientLastname', @@ -737,14 +737,14 @@ if ($action == 'edit') { print ''.$langs->trans('MAIN_MAIL_DEFAULT_FROMTYPE').''; print ''; - if (!empty($conf->global->MAIN_MAIL_DEFAULT_FROMTYPE) && $conf->global->MAIN_MAIL_DEFAULT_FROMTYPE === 'robot') { + if (getDolGlobalString('MAIN_MAIL_DEFAULT_FROMTYPE') === 'robot') { print $langs->trans('RobotEmail'); - } elseif (!empty($conf->global->MAIN_MAIL_DEFAULT_FROMTYPE) && $conf->global->MAIN_MAIL_DEFAULT_FROMTYPE === 'user') { + } elseif (getDolGlobalString('MAIN_MAIL_DEFAULT_FROMTYPE') === 'user') { print $langs->trans('UserEmail'); - } elseif (!empty($conf->global->MAIN_MAIL_DEFAULT_FROMTYPE) && $conf->global->MAIN_MAIL_DEFAULT_FROMTYPE === 'company') { + } elseif (getDolGlobalString('MAIN_MAIL_DEFAULT_FROMTYPE') === 'company') { print $langs->trans('CompanyEmail').' '.dol_escape_htmltag('<'.$mysoc->email.'>'); } else { - $id = preg_replace('/senderprofile_/', '', !empty($conf->global->MAIN_MAIL_DEFAULT_FROMTYPE) ? $conf->global->MAIN_MAIL_DEFAULT_FROMTYPE : ''); + $id = preg_replace('/senderprofile_/', '', getDolGlobalString('MAIN_MAIL_DEFAULT_FROMTYPE')); if ($id > 0) { include_once DOL_DOCUMENT_ROOT.'/core/class/emailsenderprofile.class.php'; $emailsenderprofile = new EmailSenderProfile($db); @@ -756,7 +756,7 @@ if ($action == 'edit') { // Errors To print ''.$langs->trans("MAIN_MAIL_ERRORS_TO").''; - print ''.(!empty($conf->global->MAIN_MAIL_ERRORS_TO) ? $conf->global->MAIN_MAIL_ERRORS_TO : ''); + print ''.(getDolGlobalString('MAIN_MAIL_ERRORS_TO')); if (!empty($conf->global->MAIN_MAIL_ERRORS_TO) && !isValidEmail($conf->global->MAIN_MAIL_ERRORS_TO)) { print img_warning($langs->trans("ErrorBadEMail")); } diff --git a/htdocs/admin/system/filecheck.php b/htdocs/admin/system/filecheck.php index 0f77b9d9d41..762a9a2ed28 100644 --- a/htdocs/admin/system/filecheck.php +++ b/htdocs/admin/system/filecheck.php @@ -53,8 +53,8 @@ print ''.$langs->trans("FileCheckDesc").'
print '
'; print ''; print ''."\n"; -print ''."\n"; -print ''."\n"; +print ''."\n"; +print ''."\n"; print '
'.$langs->trans("Version").''.$langs->trans("Value").'
'.$langs->trans("VersionLastInstall").''.$conf->global->MAIN_VERSION_LAST_INSTALL.'
'.$langs->trans("VersionLastUpgrade").''.$conf->global->MAIN_VERSION_LAST_UPGRADE.'
'.$langs->trans("VersionLastInstall").''.getDolGlobalString('MAIN_VERSION_LAST_INSTALL').'
'.$langs->trans("VersionLastUpgrade").''.getDolGlobalString('MAIN_VERSION_LAST_UPGRADE').'
'.$langs->trans("VersionProgram").''.DOL_VERSION; // If current version differs from last upgrade if (empty($conf->global->MAIN_VERSION_LAST_UPGRADE)) { @@ -171,7 +171,7 @@ if (GETPOST('target') == 'remote') { } -if (!$error && $xml) { +if (empty($error) && !empty($xml)) { $checksumconcat = array(); $file_list = array(); $out = ''; diff --git a/htdocs/admin/tools/dolibarr_export.php b/htdocs/admin/tools/dolibarr_export.php index 0d4f60f3851..428c80676a2 100644 --- a/htdocs/admin/tools/dolibarr_export.php +++ b/htdocs/admin/tools/dolibarr_export.php @@ -157,7 +157,7 @@ $title = $langs->trans("BackupDumpWizard"); print load_fiche_titre($title); -print ''; +print '
'; print ''; print '
'; print $langs->trans("DatabaseName").' : '.$dolibarr_main_db_name.'
'; diff --git a/htdocs/admin/tools/listevents.php b/htdocs/admin/tools/listevents.php index 935804ada10..76aa4cee121 100644 --- a/htdocs/admin/tools/listevents.php +++ b/htdocs/admin/tools/listevents.php @@ -234,7 +234,7 @@ $nbtotalofrecords = ''; $sql .= $db->plimit($conf->liste_limit + 1, $offset); //print $sql; $result = $db->query($sql); -if ($result) { +if (!empty($result)) { $num = $db->num_rows($result); $i = 0; @@ -245,55 +245,55 @@ if ($result) { if ($limit > 0 && $limit != $conf->liste_limit) { $param .= '&limit='.urlencode($limit); } - if ($optioncss != '') { + if (!empty($optioncss) && $optioncss != '') { $param .= '&optioncss='.urlencode($optioncss); } - if ($search_code) { + if (!empty($search_code)) { $param .= '&search_code='.urlencode($search_code); } - if ($search_ip) { + if (!empty($search_ip)) { $param .= '&search_ip='.urlencode($search_ip); } - if ($search_user) { + if (!empty($search_user)) { $param .= '&search_user='.urlencode($search_user); } - if ($search_desc) { + if (!empty($search_desc)) { $param .= '&search_desc='.urlencode($search_desc); } - if ($search_ua) { + if (!empty($search_ua)) { $param .= '&search_ua='.urlencode($search_ua); } - if ($search_prefix_session) { + if (!empty($search_prefix_session)) { $param .= '&search_prefix_session='.urlencode($search_prefix_session); } - if ($date_startmonth) { + if (!empty($date_startmonth)) { $param .= "&date_startmonth=".urlencode($date_startmonth); } - if ($date_startday) { + if (!empty($date_startday)) { $param .= "&date_startday=".urlencode($date_startday); } - if ($date_startyear) { + if (!empty($date_startyear)) { $param .= "&date_startyear=".urlencode($date_startyear); } - if ($date_endmonth) { + if (!empty($date_endmonth)) { $param .= "&date_endmonth=".urlencode($date_endmonth); } - if ($date_endday) { + if (!empty($date_endday)) { $param .= "&date_endday=".urlencode($date_endday); } - if ($date_endyear) { + if (!empty($date_endyear)) { $param .= "&date_endyear=".urlencode($date_endyear); } $langs->load('withdrawals'); - if ($num) { + if (!empty($num)) { $center = ''.$langs->trans("Purge").''; } print '
'; print ''; - print_barre_liste($langs->trans("ListOfSecurityEvents"), $page, $_SERVER["PHP_SELF"], $param, $sortfield, $sortorder, $center, $num, $nbtotalofrecords, 'setup', 0, '', '', $limit); + print_barre_liste($langs->trans("ListOfSecurityEvents"), $page, $_SERVER["PHP_SELF"], $param, $sortfield, $sortorder, empty($center) ? '' : $center, $num, $nbtotalofrecords, 'setup', 0, '', '', $limit); if ($action == 'purge') { $formquestion = array(); diff --git a/htdocs/core/lib/admin.lib.php b/htdocs/core/lib/admin.lib.php index 05ec254c7d7..4b2f0844241 100644 --- a/htdocs/core/lib/admin.lib.php +++ b/htdocs/core/lib/admin.lib.php @@ -906,7 +906,7 @@ function listOfSessions() if (preg_match('/dol_login/i', $sessValues) && // limit to dolibarr session (preg_match('/dol_entity\|i:'.$conf->entity.';/i', $sessValues) || preg_match('/dol_entity\|s:([0-9]+):"'.$conf->entity.'"/i', $sessValues)) && // limit to current entity - preg_match('/dol_company\|s:([0-9]+):"('.$conf->global->MAIN_INFO_SOCIETE_NOM.')"/i', $sessValues)) { // limit to company name + preg_match('/dol_company\|s:([0-9]+):"('.getDolGlobalString('MAIN_INFO_SOCIETE_NOM').')"/i', $sessValues)) { // limit to company name $tmp = explode('_', $file); $idsess = $tmp[1]; $regs = array(); From 457a96bc343428cf357275e8385e666e571c4a34 Mon Sep 17 00:00:00 2001 From: lmarcouiller Date: Tue, 4 May 2021 15:11:30 +0200 Subject: [PATCH 002/105] Fix #17475 : Add of List-Unsubscribe in mass emailing --- htdocs/comm/mailing/card.php | 5 +++-- htdocs/core/lib/functions.lib.php | 8 ++++++-- 2 files changed, 9 insertions(+), 4 deletions(-) diff --git a/htdocs/comm/mailing/card.php b/htdocs/comm/mailing/card.php index c3ef480d2ae..a520a44e467 100644 --- a/htdocs/comm/mailing/card.php +++ b/htdocs/comm/mailing/card.php @@ -265,9 +265,10 @@ if (empty($reshook)) { } //$substitutionisok=true; + $moreinheader = ''; complete_substitutions_array($substitutionarray, $langs); $newsubject = make_substitutions($subject, $substitutionarray); - $newmessage = make_substitutions($message, $substitutionarray); + $newmessage = make_substitutions($message, $substitutionarray, null, 0, $moreinheader); $arr_file = array(); $arr_mime = array(); @@ -285,7 +286,7 @@ if (empty($reshook)) { // Mail making $trackid = 'emailing-'.$obj->fk_mailing.'-'.$obj->rowid; - $mail = new CMailFile($newsubject, $sendto, $from, $newmessage, $arr_file, $arr_mime, $arr_name, '', '', 0, $msgishtml, $errorsto, $arr_css, $trackid, '', 'emailing'); + $mail = new CMailFile($newsubject, $sendto, $from, $newmessage, $arr_file, $arr_mime, $arr_name, '', '', 0, $msgishtml, $errorsto, $arr_css, $trackid, $moreinheader, 'emailing'); if ($mail->error) { $res = 0; diff --git a/htdocs/core/lib/functions.lib.php b/htdocs/core/lib/functions.lib.php index 5eda236d6f0..b017f9c037b 100644 --- a/htdocs/core/lib/functions.lib.php +++ b/htdocs/core/lib/functions.lib.php @@ -7206,10 +7206,11 @@ function getCommonSubstitutionArray($outputlangs, $onlykey = 0, $exclude = null, * @param Translate $outputlangs Output language * @param int $converttextinhtmlifnecessary 0=Convert only value into HTML if text is already in HTML * 1=Will also convert initial $text into HTML if we try to insert one value that is HTML + * @param string $moreinheader Header for CMailer module * @return string Output string after substitutions * @see complete_substitutions_array(), getCommonSubstitutionArray() */ -function make_substitutions($text, $substitutionarray, $outputlangs = null, $converttextinhtmlifnecessary = 0) +function make_substitutions($text, $substitutionarray, $outputlangs = null, $converttextinhtmlifnecessary = 0, &$moreinheader = null) { global $conf, $langs; @@ -7312,9 +7313,12 @@ function make_substitutions($text, $substitutionarray, $outputlangs = null, $con } else { $value = dol_nl2br("$value"); } - $text = str_replace("$key", "$value", $text); // We must keep the " to work when value is 123.5 for example } + if ($key == '__UNSUBSCRIBE__' && (isset($moreinheader))) { + $tmptext = explode('"', $text); + $moreinheader = "List-Unsubscribe: <".$tmptext[1].">\n"; + } } return $text; From b739e7ba22773e7bf5a706dffc1a49b58e71df57 Mon Sep 17 00:00:00 2001 From: lmarcouiller Date: Wed, 5 May 2021 11:26:15 +0200 Subject: [PATCH 003/105] Fix #17491 : date extrafield filter works well now --- htdocs/core/tpl/extrafields_list_search_sql.tpl.php | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/htdocs/core/tpl/extrafields_list_search_sql.tpl.php b/htdocs/core/tpl/extrafields_list_search_sql.tpl.php index 1e62bd0a9d5..0f12ad52756 100644 --- a/htdocs/core/tpl/extrafields_list_search_sql.tpl.php +++ b/htdocs/core/tpl/extrafields_list_search_sql.tpl.php @@ -23,7 +23,11 @@ if (!empty($extrafieldsobjectkey) && !empty($search_array_options) && is_array($ if ($crit != '' && in_array($typ, array('date', 'datetime', 'timestamp'))) { - $sql .= " AND ".$extrafieldsobjectprefix.$tmpkey." = '".$db->idate($crit)."'"; + if($typ == 'date'){ + $sql .= " AND ".$extrafieldsobjectprefix.$tmpkey." = DATE('".$db->idate($crit)."')"; + }else{ + $sql .= " AND ".$extrafieldsobjectprefix.$tmpkey." = '".$db->idate($crit)."'"; + } } elseif (in_array($typ, array('boolean'))) { if ($crit !== '-1' && $crit !== '') { From 95be7e8a63aff8bfe9de15527f3fafd221bd5e9d Mon Sep 17 00:00:00 2001 From: stickler-ci Date: Wed, 5 May 2021 09:29:52 +0000 Subject: [PATCH 004/105] Fixing style errors. --- htdocs/core/tpl/extrafields_list_search_sql.tpl.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/htdocs/core/tpl/extrafields_list_search_sql.tpl.php b/htdocs/core/tpl/extrafields_list_search_sql.tpl.php index 0f12ad52756..4445d34f63f 100644 --- a/htdocs/core/tpl/extrafields_list_search_sql.tpl.php +++ b/htdocs/core/tpl/extrafields_list_search_sql.tpl.php @@ -23,9 +23,9 @@ if (!empty($extrafieldsobjectkey) && !empty($search_array_options) && is_array($ if ($crit != '' && in_array($typ, array('date', 'datetime', 'timestamp'))) { - if($typ == 'date'){ + if ($typ == 'date'){ $sql .= " AND ".$extrafieldsobjectprefix.$tmpkey." = DATE('".$db->idate($crit)."')"; - }else{ + }else { $sql .= " AND ".$extrafieldsobjectprefix.$tmpkey." = '".$db->idate($crit)."'"; } } elseif (in_array($typ, array('boolean'))) From 0f2ce8687d8a14252e16dc5c240e639f26ecf1fc Mon Sep 17 00:00:00 2001 From: lmarcouiller Date: Fri, 7 May 2021 09:19:44 +0200 Subject: [PATCH 005/105] Fix #17475 : Update of previous fix --- htdocs/comm/mailing/card.php | 10 ++++++++-- htdocs/core/lib/functions.lib.php | 6 +----- scripts/emailings/mailing-send.php | 9 ++++++++- 3 files changed, 17 insertions(+), 8 deletions(-) diff --git a/htdocs/comm/mailing/card.php b/htdocs/comm/mailing/card.php index a520a44e467..7f6f7f88cc3 100644 --- a/htdocs/comm/mailing/card.php +++ b/htdocs/comm/mailing/card.php @@ -265,10 +265,16 @@ if (empty($reshook)) { } //$substitutionisok=true; - $moreinheader = ''; complete_substitutions_array($substitutionarray, $langs); $newsubject = make_substitutions($subject, $substitutionarray); - $newmessage = make_substitutions($message, $substitutionarray, null, 0, $moreinheader); + $newmessage = make_substitutions($message, $substitutionarray, null, 0); + + $moreinheader = ''; + if (preg_match('/__UNSUBSCRIBE__/', $message)) { + $moreinheader = make_substitutions('__UNSUBSCRIBE__', $substitutionarray); + $moreinheader = explode('"', $moreinheader); + $moreinheader = "List-Unsubscribe: <".$moreinheader[1].">\n"; + } $arr_file = array(); $arr_mime = array(); diff --git a/htdocs/core/lib/functions.lib.php b/htdocs/core/lib/functions.lib.php index d058111973a..222dea0ead7 100644 --- a/htdocs/core/lib/functions.lib.php +++ b/htdocs/core/lib/functions.lib.php @@ -7212,7 +7212,7 @@ function getCommonSubstitutionArray($outputlangs, $onlykey = 0, $exclude = null, * @return string Output string after substitutions * @see complete_substitutions_array(), getCommonSubstitutionArray() */ -function make_substitutions($text, $substitutionarray, $outputlangs = null, $converttextinhtmlifnecessary = 0, &$moreinheader = null) +function make_substitutions($text, $substitutionarray, $outputlangs = null, $converttextinhtmlifnecessary = 0) { global $conf, $langs; @@ -7317,10 +7317,6 @@ function make_substitutions($text, $substitutionarray, $outputlangs = null, $con } $text = str_replace("$key", "$value", $text); // We must keep the " to work when value is 123.5 for example } - if ($key == '__UNSUBSCRIBE__' && (isset($moreinheader))) { - $tmptext = explode('"', $text); - $moreinheader = "List-Unsubscribe: <".$tmptext[1].">\n"; - } } return $text; diff --git a/scripts/emailings/mailing-send.php b/scripts/emailings/mailing-send.php index 44b8ade0c62..b0975c93397 100755 --- a/scripts/emailings/mailing-send.php +++ b/scripts/emailings/mailing-send.php @@ -268,6 +268,13 @@ if ($resql) { $substitutionisok = true; + $moreinheader = ''; + if (preg_match('/__UNSUBSCRIBE__/', $message)) { + $moreinheader = make_substitutions('__UNSUBSCRIBE__', $substitutionarray); + $moreinheader = explode('"', $moreinheader); + $moreinheader = "List-Unsubscribe: <".$moreinheader[1].">\n"; + } + $arr_file = array(); $arr_mime = array(); $arr_name = array(); @@ -284,7 +291,7 @@ if ($resql) { } // Fabrication du mail $trackid = 'emailing-'.$obj->fk_mailing.'-'.$obj->rowid; - $mail = new CMailFile($newsubject, $sendto, $from, $newmessage, $arr_file, $arr_mime, $arr_name, '', '', 0, $msgishtml, $errorsto, $arr_css, $trackid, '', 'emailing'); + $mail = new CMailFile($newsubject, $sendto, $from, $newmessage, $arr_file, $arr_mime, $arr_name, '', '', 0, $msgishtml, $errorsto, $arr_css, $trackid, $moreinheader, 'emailing'); if ($mail->error) { $res = 0; From f4291dc985385a4bb40bd1cb2e3695fca5bf0b05 Mon Sep 17 00:00:00 2001 From: lmarcouiller Date: Fri, 7 May 2021 09:20:18 +0200 Subject: [PATCH 006/105] commit missing file --- htdocs/core/lib/functions.lib.php | 1 - 1 file changed, 1 deletion(-) diff --git a/htdocs/core/lib/functions.lib.php b/htdocs/core/lib/functions.lib.php index 222dea0ead7..3004a28dae7 100644 --- a/htdocs/core/lib/functions.lib.php +++ b/htdocs/core/lib/functions.lib.php @@ -7208,7 +7208,6 @@ function getCommonSubstitutionArray($outputlangs, $onlykey = 0, $exclude = null, * @param Translate $outputlangs Output language * @param int $converttextinhtmlifnecessary 0=Convert only value into HTML if text is already in HTML * 1=Will also convert initial $text into HTML if we try to insert one value that is HTML - * @param string $moreinheader Header for CMailer module * @return string Output string after substitutions * @see complete_substitutions_array(), getCommonSubstitutionArray() */ From c39dbd81b34e31e9abc2a8912fd6d785fc94207d Mon Sep 17 00:00:00 2001 From: lmarcouiller Date: Fri, 7 May 2021 09:47:15 +0200 Subject: [PATCH 007/105] Fix #17491 : Update of fix date extrafield filter --- htdocs/core/tpl/extrafields_list_search_sql.tpl.php | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/htdocs/core/tpl/extrafields_list_search_sql.tpl.php b/htdocs/core/tpl/extrafields_list_search_sql.tpl.php index 4445d34f63f..e846390c7c5 100644 --- a/htdocs/core/tpl/extrafields_list_search_sql.tpl.php +++ b/htdocs/core/tpl/extrafields_list_search_sql.tpl.php @@ -23,9 +23,11 @@ if (!empty($extrafieldsobjectkey) && !empty($search_array_options) && is_array($ if ($crit != '' && in_array($typ, array('date', 'datetime', 'timestamp'))) { - if ($typ == 'date'){ - $sql .= " AND ".$extrafieldsobjectprefix.$tmpkey." = DATE('".$db->idate($crit)."')"; - }else { + if($typ == 'date'){ + include_once DOL_DOCUMENT_ROOT.'/core/lib/date.lib.php'; + $crit = dol_get_first_hour($crit); + $sql .= " AND ".$extrafieldsobjectprefix.$tmpkey." = '".$db->idate($crit)."'"; + }else{ $sql .= " AND ".$extrafieldsobjectprefix.$tmpkey." = '".$db->idate($crit)."'"; } } elseif (in_array($typ, array('boolean'))) From d108496c677d106d30a0e8b10bf695e7f8eb5f06 Mon Sep 17 00:00:00 2001 From: stickler-ci Date: Fri, 7 May 2021 07:47:49 +0000 Subject: [PATCH 008/105] Fixing style errors. --- htdocs/core/tpl/extrafields_list_search_sql.tpl.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/htdocs/core/tpl/extrafields_list_search_sql.tpl.php b/htdocs/core/tpl/extrafields_list_search_sql.tpl.php index e846390c7c5..ffd89bbc992 100644 --- a/htdocs/core/tpl/extrafields_list_search_sql.tpl.php +++ b/htdocs/core/tpl/extrafields_list_search_sql.tpl.php @@ -23,11 +23,11 @@ if (!empty($extrafieldsobjectkey) && !empty($search_array_options) && is_array($ if ($crit != '' && in_array($typ, array('date', 'datetime', 'timestamp'))) { - if($typ == 'date'){ + if ($typ == 'date'){ include_once DOL_DOCUMENT_ROOT.'/core/lib/date.lib.php'; $crit = dol_get_first_hour($crit); $sql .= " AND ".$extrafieldsobjectprefix.$tmpkey." = '".$db->idate($crit)."'"; - }else{ + }else { $sql .= " AND ".$extrafieldsobjectprefix.$tmpkey." = '".$db->idate($crit)."'"; } } elseif (in_array($typ, array('boolean'))) From fa73fde312cd7b4fae03882e608cc2afe3f1689d Mon Sep 17 00:00:00 2001 From: Anthony Berton <34568357+bb2a@users.noreply.github.com> Date: Fri, 7 May 2021 15:12:23 +0200 Subject: [PATCH 009/105] phone_head_document --- htdocs/comm/propal/card.php | 1 + htdocs/commande/card.php | 1 + htdocs/compta/facture/card.php | 1 + htdocs/projet/card.php | 1 + 4 files changed, 4 insertions(+) diff --git a/htdocs/comm/propal/card.php b/htdocs/comm/propal/card.php index 229303849f0..8039e3361ec 100644 --- a/htdocs/comm/propal/card.php +++ b/htdocs/comm/propal/card.php @@ -1991,6 +1991,7 @@ if ($action == 'create') { $morehtmlref .= '
'.$langs->trans('ThirdParty').' : '.$object->thirdparty->getNomUrl(1, 'customer'); if (empty($conf->global->MAIN_DISABLE_OTHER_LINK) && $object->thirdparty->id > 0) { $morehtmlref .= ' ('.$langs->trans("OtherProposals").')'; + $morehtmlref .= '
'.$langs->trans("Phone").' : '.dol_print_phone($object->thirdparty->phone, $obj->country_code, 0, $obj->rowid, 'AC_TEL', ' ', 'phone'); } // Project if (!empty($conf->projet->enabled)) { diff --git a/htdocs/commande/card.php b/htdocs/commande/card.php index f63b02c035e..01ad66a0af6 100644 --- a/htdocs/commande/card.php +++ b/htdocs/commande/card.php @@ -2020,6 +2020,7 @@ if ($action == 'create' && $usercancreate) { $morehtmlref .= '
'.$langs->trans('ThirdParty').' : '.$soc->getNomUrl(1); if (empty($conf->global->MAIN_DISABLE_OTHER_LINK) && $object->thirdparty->id > 0) { $morehtmlref .= ' ('.$langs->trans("OtherOrders").')'; + $morehtmlref .= '
'.$langs->trans("Phone").' : '.dol_print_phone($object->thirdparty->phone, $obj->country_code, 0, $obj->rowid, 'AC_TEL', ' ', 'phone'); } // Project if (!empty($conf->projet->enabled)) { diff --git a/htdocs/compta/facture/card.php b/htdocs/compta/facture/card.php index 252b8ac65a2..b4126f1434c 100644 --- a/htdocs/compta/facture/card.php +++ b/htdocs/compta/facture/card.php @@ -4157,6 +4157,7 @@ if ($action == 'create') { $morehtmlref .= '
'.$langs->trans('ThirdParty').' : '.$object->thirdparty->getNomUrl(1, 'customer'); if (empty($conf->global->MAIN_DISABLE_OTHER_LINK) && $object->thirdparty->id > 0) { $morehtmlref .= ' ('.$langs->trans("OtherBills").')'; + $morehtmlref .= '
'.$langs->trans("Phone").' : '.dol_print_phone($object->thirdparty->phone, $obj->country_code, 0, $obj->rowid, 'AC_TEL', ' ', 'phone'); } // Project if (!empty($conf->projet->enabled)) { diff --git a/htdocs/projet/card.php b/htdocs/projet/card.php index 3c2d5b02829..c6fb5d5963b 100644 --- a/htdocs/projet/card.php +++ b/htdocs/projet/card.php @@ -992,6 +992,7 @@ if ($action == 'create' && $user->rights->projet->creer) { $morehtmlref .= '
'.$langs->trans('ThirdParty').' : '; if ($object->thirdparty->id > 0) { $morehtmlref .= $object->thirdparty->getNomUrl(1, 'project'); + $morehtmlref .= '
'.$langs->trans("Phone").' : '.dol_print_phone($object->thirdparty->phone, $obj->country_code, 0, $obj->rowid, 'AC_TEL', ' ', 'phone'); } $morehtmlref .= ''; From 0466704dc73b56c1121d129cf25e8d4aca71a084 Mon Sep 17 00:00:00 2001 From: lmarcouiller Date: Fri, 7 May 2021 15:49:49 +0200 Subject: [PATCH 010/105] Fix #17477 : Sql error in invoices cards --- htdocs/core/class/html.form.class.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/core/class/html.form.class.php b/htdocs/core/class/html.form.class.php index 625e8e23d57..39a7a247e18 100644 --- a/htdocs/core/class/html.form.class.php +++ b/htdocs/core/class/html.form.class.php @@ -7693,7 +7693,7 @@ class Form 'invoice'=>array('enabled'=>$conf->facture->enabled, 'perms'=>1, 'label'=>'LinkToInvoice', 'sql'=>"SELECT s.rowid as socid, s.nom as name, s.client, t.rowid, t.ref, t.ref_client, t.total_ht FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."facture as t WHERE t.fk_soc = s.rowid AND t.fk_soc IN (".$this->db->sanitize($listofidcompanytoscan).') AND t.entity IN ('.getEntity('invoice').')'), 'invoice_template'=>array('enabled'=>$conf->facture->enabled, 'perms'=>1, 'label'=>'LinkToTemplateInvoice', 'sql'=>"SELECT s.rowid as socid, s.nom as name, s.client, t.rowid, t.titre as ref, t.total_ht FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."facture_rec as t WHERE t.fk_soc = s.rowid AND t.fk_soc IN (".$this->db->sanitize($listofidcompanytoscan).') AND t.entity IN ('.getEntity('invoice').')'), 'contrat'=>array('enabled'=>$conf->contrat->enabled, 'perms'=>1, 'label'=>'LinkToContract', - 'sql'=>"SELECT s.rowid as socid, s.nom as name, s.client, t.rowid, t.ref, t.ref_customer as ref_client, t.ref_supplier, SUM(td.total_ht) as total_ht FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."contrat as t, ".MAIN_DB_PREFIX."contratdet as td WHERE t.fk_soc = s.rowid AND td.fk_contrat = t.rowid AND t.fk_soc IN (".$this->db->sanitize($listofidcompanytoscan).') AND t.entity IN ('.getEntity('contract').')'), + 'sql'=>"SELECT s.rowid as socid, s.nom as name, s.client, t.rowid, t.ref, t.ref_customer as ref_client, t.ref_supplier, SUM(td.total_ht) as total_ht FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."contrat as t, ".MAIN_DB_PREFIX."contratdet as td WHERE t.fk_soc = s.rowid AND td.fk_contrat = t.rowid AND t.fk_soc IN (".$this->db->sanitize($listofidcompanytoscan).') AND t.entity IN ('.getEntity('contract').') GROUP BY t.rowid'), 'fichinter'=>array('enabled'=>$conf->ficheinter->enabled, 'perms'=>1, 'label'=>'LinkToIntervention', 'sql'=>"SELECT s.rowid as socid, s.nom as name, s.client, t.rowid, t.ref FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."fichinter as t WHERE t.fk_soc = s.rowid AND t.fk_soc IN (".$this->db->sanitize($listofidcompanytoscan).') AND t.entity IN ('.getEntity('intervention').')'), 'supplier_proposal'=>array('enabled'=>$conf->supplier_proposal->enabled, 'perms'=>1, 'label'=>'LinkToSupplierProposal', 'sql'=>"SELECT s.rowid as socid, s.nom as name, s.client, t.rowid, t.ref, '' as ref_supplier, t.total_ht FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."supplier_proposal as t WHERE t.fk_soc = s.rowid AND t.fk_soc IN (".$this->db->sanitize($listofidcompanytoscan).') AND t.entity IN ('.getEntity('supplier_proposal').')'), 'order_supplier'=>array('enabled'=>$conf->supplier_order->enabled, 'perms'=>1, 'label'=>'LinkToSupplierOrder', 'sql'=>"SELECT s.rowid as socid, s.nom as name, s.client, t.rowid, t.ref, t.ref_supplier, t.total_ht FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."commande_fournisseur as t WHERE t.fk_soc = s.rowid AND t.fk_soc IN (".$this->db->sanitize($listofidcompanytoscan).') AND t.entity IN ('.getEntity('commande_fournisseur').')'), From f05416903634a9fa08c23861a0aa3008bd0fa077 Mon Sep 17 00:00:00 2001 From: lmarcouiller Date: Fri, 7 May 2021 15:56:33 +0200 Subject: [PATCH 011/105] revert of last push error of branch --- htdocs/core/class/html.form.class.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/core/class/html.form.class.php b/htdocs/core/class/html.form.class.php index 39a7a247e18..625e8e23d57 100644 --- a/htdocs/core/class/html.form.class.php +++ b/htdocs/core/class/html.form.class.php @@ -7693,7 +7693,7 @@ class Form 'invoice'=>array('enabled'=>$conf->facture->enabled, 'perms'=>1, 'label'=>'LinkToInvoice', 'sql'=>"SELECT s.rowid as socid, s.nom as name, s.client, t.rowid, t.ref, t.ref_client, t.total_ht FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."facture as t WHERE t.fk_soc = s.rowid AND t.fk_soc IN (".$this->db->sanitize($listofidcompanytoscan).') AND t.entity IN ('.getEntity('invoice').')'), 'invoice_template'=>array('enabled'=>$conf->facture->enabled, 'perms'=>1, 'label'=>'LinkToTemplateInvoice', 'sql'=>"SELECT s.rowid as socid, s.nom as name, s.client, t.rowid, t.titre as ref, t.total_ht FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."facture_rec as t WHERE t.fk_soc = s.rowid AND t.fk_soc IN (".$this->db->sanitize($listofidcompanytoscan).') AND t.entity IN ('.getEntity('invoice').')'), 'contrat'=>array('enabled'=>$conf->contrat->enabled, 'perms'=>1, 'label'=>'LinkToContract', - 'sql'=>"SELECT s.rowid as socid, s.nom as name, s.client, t.rowid, t.ref, t.ref_customer as ref_client, t.ref_supplier, SUM(td.total_ht) as total_ht FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."contrat as t, ".MAIN_DB_PREFIX."contratdet as td WHERE t.fk_soc = s.rowid AND td.fk_contrat = t.rowid AND t.fk_soc IN (".$this->db->sanitize($listofidcompanytoscan).') AND t.entity IN ('.getEntity('contract').') GROUP BY t.rowid'), + 'sql'=>"SELECT s.rowid as socid, s.nom as name, s.client, t.rowid, t.ref, t.ref_customer as ref_client, t.ref_supplier, SUM(td.total_ht) as total_ht FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."contrat as t, ".MAIN_DB_PREFIX."contratdet as td WHERE t.fk_soc = s.rowid AND td.fk_contrat = t.rowid AND t.fk_soc IN (".$this->db->sanitize($listofidcompanytoscan).') AND t.entity IN ('.getEntity('contract').')'), 'fichinter'=>array('enabled'=>$conf->ficheinter->enabled, 'perms'=>1, 'label'=>'LinkToIntervention', 'sql'=>"SELECT s.rowid as socid, s.nom as name, s.client, t.rowid, t.ref FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."fichinter as t WHERE t.fk_soc = s.rowid AND t.fk_soc IN (".$this->db->sanitize($listofidcompanytoscan).') AND t.entity IN ('.getEntity('intervention').')'), 'supplier_proposal'=>array('enabled'=>$conf->supplier_proposal->enabled, 'perms'=>1, 'label'=>'LinkToSupplierProposal', 'sql'=>"SELECT s.rowid as socid, s.nom as name, s.client, t.rowid, t.ref, '' as ref_supplier, t.total_ht FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."supplier_proposal as t WHERE t.fk_soc = s.rowid AND t.fk_soc IN (".$this->db->sanitize($listofidcompanytoscan).') AND t.entity IN ('.getEntity('supplier_proposal').')'), 'order_supplier'=>array('enabled'=>$conf->supplier_order->enabled, 'perms'=>1, 'label'=>'LinkToSupplierOrder', 'sql'=>"SELECT s.rowid as socid, s.nom as name, s.client, t.rowid, t.ref, t.ref_supplier, t.total_ht FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."commande_fournisseur as t WHERE t.fk_soc = s.rowid AND t.fk_soc IN (".$this->db->sanitize($listofidcompanytoscan).') AND t.entity IN ('.getEntity('commande_fournisseur').')'), From 4db618cb6d8ed8673f3a8f680f23165184c95deb Mon Sep 17 00:00:00 2001 From: lmarcouiller Date: Fri, 7 May 2021 15:58:50 +0200 Subject: [PATCH 012/105] Fix Dolibarr#17477 : Sql error in invoices cards --- htdocs/core/class/html.form.class.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/core/class/html.form.class.php b/htdocs/core/class/html.form.class.php index 625e8e23d57..39a7a247e18 100644 --- a/htdocs/core/class/html.form.class.php +++ b/htdocs/core/class/html.form.class.php @@ -7693,7 +7693,7 @@ class Form 'invoice'=>array('enabled'=>$conf->facture->enabled, 'perms'=>1, 'label'=>'LinkToInvoice', 'sql'=>"SELECT s.rowid as socid, s.nom as name, s.client, t.rowid, t.ref, t.ref_client, t.total_ht FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."facture as t WHERE t.fk_soc = s.rowid AND t.fk_soc IN (".$this->db->sanitize($listofidcompanytoscan).') AND t.entity IN ('.getEntity('invoice').')'), 'invoice_template'=>array('enabled'=>$conf->facture->enabled, 'perms'=>1, 'label'=>'LinkToTemplateInvoice', 'sql'=>"SELECT s.rowid as socid, s.nom as name, s.client, t.rowid, t.titre as ref, t.total_ht FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."facture_rec as t WHERE t.fk_soc = s.rowid AND t.fk_soc IN (".$this->db->sanitize($listofidcompanytoscan).') AND t.entity IN ('.getEntity('invoice').')'), 'contrat'=>array('enabled'=>$conf->contrat->enabled, 'perms'=>1, 'label'=>'LinkToContract', - 'sql'=>"SELECT s.rowid as socid, s.nom as name, s.client, t.rowid, t.ref, t.ref_customer as ref_client, t.ref_supplier, SUM(td.total_ht) as total_ht FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."contrat as t, ".MAIN_DB_PREFIX."contratdet as td WHERE t.fk_soc = s.rowid AND td.fk_contrat = t.rowid AND t.fk_soc IN (".$this->db->sanitize($listofidcompanytoscan).') AND t.entity IN ('.getEntity('contract').')'), + 'sql'=>"SELECT s.rowid as socid, s.nom as name, s.client, t.rowid, t.ref, t.ref_customer as ref_client, t.ref_supplier, SUM(td.total_ht) as total_ht FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."contrat as t, ".MAIN_DB_PREFIX."contratdet as td WHERE t.fk_soc = s.rowid AND td.fk_contrat = t.rowid AND t.fk_soc IN (".$this->db->sanitize($listofidcompanytoscan).') AND t.entity IN ('.getEntity('contract').') GROUP BY t.rowid'), 'fichinter'=>array('enabled'=>$conf->ficheinter->enabled, 'perms'=>1, 'label'=>'LinkToIntervention', 'sql'=>"SELECT s.rowid as socid, s.nom as name, s.client, t.rowid, t.ref FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."fichinter as t WHERE t.fk_soc = s.rowid AND t.fk_soc IN (".$this->db->sanitize($listofidcompanytoscan).') AND t.entity IN ('.getEntity('intervention').')'), 'supplier_proposal'=>array('enabled'=>$conf->supplier_proposal->enabled, 'perms'=>1, 'label'=>'LinkToSupplierProposal', 'sql'=>"SELECT s.rowid as socid, s.nom as name, s.client, t.rowid, t.ref, '' as ref_supplier, t.total_ht FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."supplier_proposal as t WHERE t.fk_soc = s.rowid AND t.fk_soc IN (".$this->db->sanitize($listofidcompanytoscan).') AND t.entity IN ('.getEntity('supplier_proposal').')'), 'order_supplier'=>array('enabled'=>$conf->supplier_order->enabled, 'perms'=>1, 'label'=>'LinkToSupplierOrder', 'sql'=>"SELECT s.rowid as socid, s.nom as name, s.client, t.rowid, t.ref, t.ref_supplier, t.total_ht FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."commande_fournisseur as t WHERE t.fk_soc = s.rowid AND t.fk_soc IN (".$this->db->sanitize($listofidcompanytoscan).') AND t.entity IN ('.getEntity('commande_fournisseur').')'), From c068470bca5f41307ebae6c1db42806e7a310b0e Mon Sep 17 00:00:00 2001 From: lmarcouiller Date: Fri, 7 May 2021 16:04:39 +0200 Subject: [PATCH 013/105] Fix Dolibarr#17477 : Sql error in invoices cards 2 --- htdocs/core/class/html.form.class.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/core/class/html.form.class.php b/htdocs/core/class/html.form.class.php index 39a7a247e18..27bb5c5c8e5 100644 --- a/htdocs/core/class/html.form.class.php +++ b/htdocs/core/class/html.form.class.php @@ -7693,7 +7693,7 @@ class Form 'invoice'=>array('enabled'=>$conf->facture->enabled, 'perms'=>1, 'label'=>'LinkToInvoice', 'sql'=>"SELECT s.rowid as socid, s.nom as name, s.client, t.rowid, t.ref, t.ref_client, t.total_ht FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."facture as t WHERE t.fk_soc = s.rowid AND t.fk_soc IN (".$this->db->sanitize($listofidcompanytoscan).') AND t.entity IN ('.getEntity('invoice').')'), 'invoice_template'=>array('enabled'=>$conf->facture->enabled, 'perms'=>1, 'label'=>'LinkToTemplateInvoice', 'sql'=>"SELECT s.rowid as socid, s.nom as name, s.client, t.rowid, t.titre as ref, t.total_ht FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."facture_rec as t WHERE t.fk_soc = s.rowid AND t.fk_soc IN (".$this->db->sanitize($listofidcompanytoscan).') AND t.entity IN ('.getEntity('invoice').')'), 'contrat'=>array('enabled'=>$conf->contrat->enabled, 'perms'=>1, 'label'=>'LinkToContract', - 'sql'=>"SELECT s.rowid as socid, s.nom as name, s.client, t.rowid, t.ref, t.ref_customer as ref_client, t.ref_supplier, SUM(td.total_ht) as total_ht FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."contrat as t, ".MAIN_DB_PREFIX."contratdet as td WHERE t.fk_soc = s.rowid AND td.fk_contrat = t.rowid AND t.fk_soc IN (".$this->db->sanitize($listofidcompanytoscan).') AND t.entity IN ('.getEntity('contract').') GROUP BY t.rowid'), + 'sql'=>"SELECT s.rowid as socid, s.nom as name, s.client, t.rowid, t.ref, t.ref_customer as ref_client, t.ref_supplier, SUM(td.total_ht) as total_ht FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."contrat as t, ".MAIN_DB_PREFIX."contratdet as td WHERE t.fk_soc = s.rowid AND td.fk_contrat = t.rowid AND t.fk_soc IN (".$this->db->sanitize($listofidcompanytoscan).') AND t.entity IN ('.getEntity('contract').') GROUP BY t.rowid'), 'fichinter'=>array('enabled'=>$conf->ficheinter->enabled, 'perms'=>1, 'label'=>'LinkToIntervention', 'sql'=>"SELECT s.rowid as socid, s.nom as name, s.client, t.rowid, t.ref FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."fichinter as t WHERE t.fk_soc = s.rowid AND t.fk_soc IN (".$this->db->sanitize($listofidcompanytoscan).') AND t.entity IN ('.getEntity('intervention').')'), 'supplier_proposal'=>array('enabled'=>$conf->supplier_proposal->enabled, 'perms'=>1, 'label'=>'LinkToSupplierProposal', 'sql'=>"SELECT s.rowid as socid, s.nom as name, s.client, t.rowid, t.ref, '' as ref_supplier, t.total_ht FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."supplier_proposal as t WHERE t.fk_soc = s.rowid AND t.fk_soc IN (".$this->db->sanitize($listofidcompanytoscan).') AND t.entity IN ('.getEntity('supplier_proposal').')'), 'order_supplier'=>array('enabled'=>$conf->supplier_order->enabled, 'perms'=>1, 'label'=>'LinkToSupplierOrder', 'sql'=>"SELECT s.rowid as socid, s.nom as name, s.client, t.rowid, t.ref, t.ref_supplier, t.total_ht FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."commande_fournisseur as t WHERE t.fk_soc = s.rowid AND t.fk_soc IN (".$this->db->sanitize($listofidcompanytoscan).') AND t.entity IN ('.getEntity('commande_fournisseur').')'), From 8a4fd56b23995768d3828e34b4a08429f679bb0d Mon Sep 17 00:00:00 2001 From: Aisuko Hakumei Date: Tue, 11 May 2021 22:54:26 +0200 Subject: [PATCH 014/105] Fix SQL error for Panama Provinces --- .../mysql/data/llx_20_c_departements.sql | 20 +++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/htdocs/install/mysql/data/llx_20_c_departements.sql b/htdocs/install/mysql/data/llx_20_c_departements.sql index 7436c123100..5e739f07b72 100644 --- a/htdocs/install/mysql/data/llx_20_c_departements.sql +++ b/htdocs/install/mysql/data/llx_20_c_departements.sql @@ -765,16 +765,16 @@ INSERT INTO llx_c_departements (fk_region, code_departement, cheflieu, tncc, ncc -- Panama - 10 Provinces (id country=178) -INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom) VALUES (17801, 'PA-1', '', 0, '', 'Bocas del Toro'); -INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom) VALUES (17801, 'PA-2', '', 0, '', 'Coclé'); -INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom) VALUES (17801, 'PA-3', '', 0, '', 'Colón'); -INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom) VALUES (17801, 'PA-4', '', 0, '', 'Chiriquí'); -INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom) VALUES (17801, 'PA-5', '', 0, '', 'Darién'); -INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom) VALUES (17801, 'PA-6', '', 0, '', 'Herrera'); -INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom) VALUES (17801, 'PA-7', '', 0, '', 'Los Santos'); -INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom) VALUES (17801, 'PA-8', '', 0, '', 'Panamá'); -INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom) VALUES (17801, 'PA-9', '', 0, '', 'Veraguas'); -INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom) VALUES (17801, 'PA-13', '', 0, '', 'Panamá Oeste'); +INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom) VALUES ('PA-1', 17801, '', 0, '', 'Bocas del Toro'); +INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom) VALUES ('PA-2', 17801, '', 0, '', 'Coclé'); +INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom) VALUES ('PA-3', 17801, '', 0, '', 'Colón'); +INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom) VALUES ('PA-4', 17801, '', 0, '', 'Chiriquí'); +INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom) VALUES ('PA-5', 17801, '', 0, '', 'Darién'); +INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom) VALUES ('PA-6', 17801, '', 0, '', 'Herrera'); +INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom) VALUES ('PA-7', 17801, '', 0, '', 'Los Santos'); +INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom) VALUES ('PA-8', 17801, '', 0, '', 'Panamá'); +INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom) VALUES ('PA-9', 17801, '', 0, '', 'Veraguas'); +INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom) VALUES ('PA-13', 17801, '', 0, '', 'Panamá Oeste'); -- Provinces Peru (id country=181) From f84817f0f6e1dd382970eac111803e247a2510c2 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Tue, 11 May 2021 23:49:33 +0200 Subject: [PATCH 015/105] FIX rss module on servers with allow_url_fopen=0 --- htdocs/core/class/rssparser.class.php | 350 +++++++++++++------------- 1 file changed, 176 insertions(+), 174 deletions(-) diff --git a/htdocs/core/class/rssparser.class.php b/htdocs/core/class/rssparser.class.php index 578e180edff..5f5676601a0 100644 --- a/htdocs/core/class/rssparser.class.php +++ b/htdocs/core/class/rssparser.class.php @@ -1,19 +1,19 @@ * -* This program is free software; you can redistribute it and/or modify -* it under the terms of the GNU General Public License as published by -* the Free Software Foundation; either version 3 of the License, or -* (at your option) any later version. -* -* This program is distributed in the hope that it will be useful, -* but WITHOUT ANY WARRANTY; without even the implied warranty of -* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -* GNU General Public License for more details. -* -* You should have received a copy of the GNU General Public License -* along with this program. If not, see . -*/ + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 3 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program. If not, see . + */ /** * \file htdocs/core/class/rssparser.class.php @@ -181,7 +181,7 @@ class RssParser * @param string $urlRSS Url to parse * @param int $maxNb Max nb of records to get (0 for no limit) * @param int $cachedelay 0=No cache, nb of seconds we accept cache files (cachedir must also be defined) - * @param string $cachedir Directory where to save cache file + * @param string $cachedir Directory where to save cache file (For example $conf->externalrss->dir_temp) * @return int <0 if KO, >0 if OK */ public function parser($urlRSS, $maxNb = 0, $cachedelay = 60, $cachedir = '') @@ -189,13 +189,13 @@ class RssParser global $conf; include_once DOL_DOCUMENT_ROOT.'/core/lib/files.lib.php'; + include_once DOL_DOCUMENT_ROOT.'/core/lib/geturl.lib.php'; $rss = ''; $str = ''; // This will contain content of feed // Check parameters - if (!dol_is_url($urlRSS)) - { + if (!dol_is_url($urlRSS)) { $this->error = "ErrorBadUrl"; return -1; } @@ -209,11 +209,9 @@ class RssParser // Search into cache $foundintocache = 0; - if ($cachedelay > 0 && $cachedir) - { + if ($cachedelay > 0 && $cachedir) { $filedate = dol_filemtime($newpathofdestfile); - if ($filedate >= ($nowgmt - $cachedelay)) - { + if ($filedate >= ($nowgmt - $cachedelay)) { //dol_syslog("RssParser::parser cache file ".$newpathofdestfile." is not older than now - cachedelay (".$nowgmt." - ".$cachedelay.") so we use it."); $foundintocache = 1; @@ -224,32 +222,22 @@ class RssParser } // Load file into $str - if ($foundintocache) // Cache file found and is not too old - { + if ($foundintocache) { // Cache file found and is not too old $str = file_get_contents($newpathofdestfile); } else { try { - ini_set("user_agent", "Dolibarr ERP-CRM RSS reader"); - ini_set("max_execution_time", $conf->global->MAIN_USE_RESPONSE_TIMEOUT); - ini_set("default_socket_timeout", $conf->global->MAIN_USE_RESPONSE_TIMEOUT); - - $opts = array('http'=>array('method'=>"GET")); - if (!empty($conf->global->MAIN_USE_CONNECT_TIMEOUT)) $opts['http']['timeout'] = $conf->global->MAIN_USE_CONNECT_TIMEOUT; - if (!empty($conf->global->MAIN_PROXY_USE)) $opts['http']['proxy'] = 'tcp://'.$conf->global->MAIN_PROXY_HOST.':'.$conf->global->MAIN_PROXY_PORT; - //var_dump($opts);exit; - $context = stream_context_create($opts); - - $str = file_get_contents($this->_urlRSS, false, $context); + $result = getURLContent($this->_urlRSS, 'GET', '', 1, array(), array('http', 'https'), 0); + if (!empty($result['content'])) { + $str = $result['content']; + } } catch (Exception $e) { print 'Error retrieving URL '.$this->_urlRSS.' - '.$e->getMessage(); } } - if ($str !== false) - { + if ($str !== false) { // Convert $str into xml - if (!empty($conf->global->EXTERNALRSS_USE_SIMPLEXML)) - { + if (!empty($conf->global->EXTERNALRSS_USE_SIMPLEXML)) { //print 'xx'.LIBXML_NOCDATA; libxml_use_internal_errors(false); $rss = simplexml_load_string($str, "SimpleXMLElement", LIBXML_NOCDATA); @@ -276,19 +264,20 @@ class RssParser } // If $rss loaded - if ($rss) - { + if ($rss) { // Save file into cache - if (empty($foundintocache) && $cachedir) - { + if (empty($foundintocache) && $cachedir) { dol_syslog(get_class($this)."::parser cache file ".$newpathofdestfile." is saved onto disk."); - if (!dol_is_dir($cachedir)) dol_mkdir($cachedir); + if (!dol_is_dir($cachedir)) { + dol_mkdir($cachedir); + } $fp = fopen($newpathofdestfile, 'w'); - if ($fp) - { + if ($fp) { fwrite($fp, $str); fclose($fp); - if (!empty($conf->global->MAIN_UMASK)) $newmask = $conf->global->MAIN_UMASK; + if (!empty($conf->global->MAIN_UMASK)) { + $newmask = $conf->global->MAIN_UMASK; + } @chmod($newpathofdestfile, octdec($newmask)); $this->_lastfetchdate = $nowgmt; @@ -299,10 +288,11 @@ class RssParser unset($str); // Free memory - if (empty($rss->_format)) // If format not detected automatically - { + if (empty($rss->_format)) { // If format not detected automatically $rss->_format = 'rss'; - if (empty($rss->channel)) $rss->_format = 'atom'; + if (empty($rss->channel)) { + $rss->_format = 'atom'; + } } $items = array(); @@ -311,46 +301,98 @@ class RssParser if ($rss->_format == 'rss') { //var_dump($rss); if (!empty($conf->global->EXTERNALRSS_USE_SIMPLEXML)) { - if (!empty($rss->channel->language)) $this->_language = (string) $rss->channel->language; - if (!empty($rss->channel->generator)) $this->_generator = (string) $rss->channel->generator; - if (!empty($rss->channel->copyright)) $this->_copyright = (string) $rss->channel->copyright; - if (!empty($rss->channel->lastbuilddate)) $this->_lastbuilddate = (string) $rss->channel->lastbuilddate; - if (!empty($rss->channel->image->url[0])) $this->_imageurl = (string) $rss->channel->image->url[0]; - if (!empty($rss->channel->link)) $this->_link = (string) $rss->channel->link; - if (!empty($rss->channel->title)) $this->_title = (string) $rss->channel->title; - if (!empty($rss->channel->description)) $this->_description = (string) $rss->channel->description; + if (!empty($rss->channel->language)) { + $this->_language = (string) $rss->channel->language; + } + if (!empty($rss->channel->generator)) { + $this->_generator = (string) $rss->channel->generator; + } + if (!empty($rss->channel->copyright)) { + $this->_copyright = (string) $rss->channel->copyright; + } + if (!empty($rss->channel->lastbuilddate)) { + $this->_lastbuilddate = (string) $rss->channel->lastbuilddate; + } + if (!empty($rss->channel->image->url[0])) { + $this->_imageurl = (string) $rss->channel->image->url[0]; + } + if (!empty($rss->channel->link)) { + $this->_link = (string) $rss->channel->link; + } + if (!empty($rss->channel->title)) { + $this->_title = (string) $rss->channel->title; + } + if (!empty($rss->channel->description)) { + $this->_description = (string) $rss->channel->description; + } } else { //var_dump($rss->channel); - if (!empty($rss->channel['language'])) $this->_language = (string) $rss->channel['language']; - if (!empty($rss->channel['generator'])) $this->_generator = (string) $rss->channel['generator']; - if (!empty($rss->channel['copyright'])) $this->_copyright = (string) $rss->channel['copyright']; - if (!empty($rss->channel['lastbuilddate'])) $this->_lastbuilddate = (string) $rss->channel['lastbuilddate']; - if (!empty($rss->image['url'])) $this->_imageurl = (string) $rss->image['url']; - if (!empty($rss->channel['link'])) $this->_link = (string) $rss->channel['link']; - if (!empty($rss->channel['title'])) $this->_title = (string) $rss->channel['title']; - if (!empty($rss->channel['description'])) $this->_description = (string) $rss->channel['description']; + if (!empty($rss->channel['language'])) { + $this->_language = (string) $rss->channel['language']; + } + if (!empty($rss->channel['generator'])) { + $this->_generator = (string) $rss->channel['generator']; + } + if (!empty($rss->channel['copyright'])) { + $this->_copyright = (string) $rss->channel['copyright']; + } + if (!empty($rss->channel['lastbuilddate'])) { + $this->_lastbuilddate = (string) $rss->channel['lastbuilddate']; + } + if (!empty($rss->image['url'])) { + $this->_imageurl = (string) $rss->image['url']; + } + if (!empty($rss->channel['link'])) { + $this->_link = (string) $rss->channel['link']; + } + if (!empty($rss->channel['title'])) { + $this->_title = (string) $rss->channel['title']; + } + if (!empty($rss->channel['description'])) { + $this->_description = (string) $rss->channel['description']; + } } - if (!empty($conf->global->EXTERNALRSS_USE_SIMPLEXML)) $items = $rss->channel->item; // With simplexml - else $items = $rss->items; // With xmlparse + if (!empty($conf->global->EXTERNALRSS_USE_SIMPLEXML)) { + $items = $rss->channel->item; // With simplexml + } else { + $items = $rss->items; // With xmlparse + } //var_dump($items);exit; } elseif ($rss->_format == 'atom') { //var_dump($rss); - if (!empty($conf->global->EXTERNALRSS_USE_SIMPLEXML)) - { - if (!empty($rss->generator)) $this->_generator = (string) $rss->generator; - if (!empty($rss->lastbuilddate)) $this->_lastbuilddate = (string) $rss->modified; - if (!empty($rss->link->href)) $this->_link = (string) $rss->link->href; - if (!empty($rss->title)) $this->_title = (string) $rss->title; - if (!empty($rss->description)) $this->_description = (string) $rss->description; + if (!empty($conf->global->EXTERNALRSS_USE_SIMPLEXML)) { + if (!empty($rss->generator)) { + $this->_generator = (string) $rss->generator; + } + if (!empty($rss->lastbuilddate)) { + $this->_lastbuilddate = (string) $rss->modified; + } + if (!empty($rss->link->href)) { + $this->_link = (string) $rss->link->href; + } + if (!empty($rss->title)) { + $this->_title = (string) $rss->title; + } + if (!empty($rss->description)) { + $this->_description = (string) $rss->description; + } } else { //if (!empty($rss->channel['rss_language'])) $this->_language = (string) $rss->channel['rss_language']; - if (!empty($rss->channel['generator'])) $this->_generator = (string) $rss->channel['generator']; + if (!empty($rss->channel['generator'])) { + $this->_generator = (string) $rss->channel['generator']; + } //if (!empty($rss->channel['rss_copyright'])) $this->_copyright = (string) $rss->channel['rss_copyright']; - if (!empty($rss->channel['modified'])) $this->_lastbuilddate = (string) $rss->channel['modified']; + if (!empty($rss->channel['modified'])) { + $this->_lastbuilddate = (string) $rss->channel['modified']; + } //if (!empty($rss->image['rss_url'])) $this->_imageurl = (string) $rss->image['rss_url']; - if (!empty($rss->channel['link'])) $this->_link = (string) $rss->channel['link']; - if (!empty($rss->channel['title'])) $this->_title = (string) $rss->channel['title']; + if (!empty($rss->channel['link'])) { + $this->_link = (string) $rss->channel['link']; + } + if (!empty($rss->channel['title'])) { + $this->_title = (string) $rss->channel['title']; + } //if (!empty($rss->channel['rss_description'])) $this->_description = (string) $rss->channel['rss_description']; if (!empty($rss->channel)) { @@ -358,9 +400,12 @@ class RssParser } } if (!empty($conf->global->EXTERNALRSS_USE_SIMPLEXML)) { - $tmprss = xml2php($rss); $items = $tmprss['entry']; - } // With simplexml - else $items = $rss->items; // With xmlparse + $tmprss = xml2php($rss); + $items = $tmprss['entry']; + } else { + // With simplexml + $items = $rss->items; // With xmlparse + } //var_dump($items);exit; } @@ -436,7 +481,9 @@ class RssParser $i++; - if ($i > $maxNb) break; // We get all records we want + if ($i > $maxNb) { + break; // We get all records we want + } } } @@ -466,18 +513,15 @@ class RssParser // check for a namespace, and split if found $ns = false; - if (strpos($element, ':')) - { + if (strpos($element, ':')) { list($ns, $el) = explode(':', $element, 2); } - if ($ns and $ns != 'rdf') - { + if ($ns and $ns != 'rdf') { $this->current_namespace = $ns; } // if feed type isn't set, then this is first element of feed identify feed from root element - if (empty($this->_format)) - { + if (empty($this->_format)) { if ($el == 'rdf') { $this->_format = 'rss'; $this->feed_version = '1.0'; @@ -492,75 +536,54 @@ class RssParser return; } - if ($el == 'channel') - { + if ($el == 'channel') { $this->inchannel = true; - } elseif ($el == 'item' or $el == 'entry') - { + } elseif ($el == 'item' or $el == 'entry') { $this->initem = true; if (isset($attrs['rdf:about'])) { $this->current_item['about'] = $attrs['rdf:about']; } - } - - // if we're in the default namespace of an RSS feed, - // record textinput or image fields - elseif ( - $this->_format == 'rss' and - $this->current_namespace == '' and - $el == 'textinput' ) - { - $this->intextinput = true; - } elseif ( - $this->_format == 'rss' and - $this->current_namespace == '' and - $el == 'image' ) - { - $this->inimage = true; - } - - // handle atom content constructs - elseif ($this->_format == 'atom' and in_array($el, $this->_CONTENT_CONSTRUCTS)) - { + } elseif ($this->_format == 'rss' and + $this->current_namespace == '' and + $el == 'textinput') { + // if we're in the default namespace of an RSS feed, + // record textinput or image fields + $this->intextinput = true; + } elseif ($this->_format == 'rss' and + $this->current_namespace == '' and + $el == 'image') { + $this->inimage = true; + } elseif ($this->_format == 'atom' and in_array($el, $this->_CONTENT_CONSTRUCTS)) { + // handle atom content constructs // avoid clashing w/ RSS mod_content if ($el == 'content') { $el = 'atom_content'; } $this->incontent = $el; - } - - // if inside an Atom content construct (e.g. content or summary) field treat tags as text - elseif ($this->_format == 'atom' and $this->incontent) - { + } elseif ($this->_format == 'atom' and $this->incontent) { + // if inside an Atom content construct (e.g. content or summary) field treat tags as text // if tags are inlined, then flatten $attrs_str = join(' ', array_map('map_attrs', array_keys($attrs), array_values($attrs))); $this->append_content("<$element $attrs_str>"); array_unshift($this->stack, $el); - } - - // Atom support many links per containging element. - // Magpie treats link elements of type rel='alternate' - // as being equivalent to RSS's simple link element. - // - elseif ($this->_format == 'atom' and $el == 'link') - { - if (isset($attrs['rel']) && $attrs['rel'] == 'alternate') - { + } elseif ($this->_format == 'atom' and $el == 'link') { + // Atom support many links per containging element. + // Magpie treats link elements of type rel='alternate' + // as being equivalent to RSS's simple link element. + if (isset($attrs['rel']) && $attrs['rel'] == 'alternate') { $link_el = 'link'; - } elseif (!isset($attrs['rel'])) - { + } elseif (!isset($attrs['rel'])) { $link_el = 'link'; } else { $link_el = 'link_'.$attrs['rel']; } $this->append($link_el, $attrs['href']); - } - // set stack[0] to current element - else { + } else { + // set stack[0] to current element array_unshift($this->stack, $el); } } @@ -577,8 +600,7 @@ class RssParser public function feed_cdata($p, $text) { // phpcs:enable - if ($this->_format == 'atom' and $this->incontent) - { + if ($this->_format == 'atom' and $this->incontent) { $this->append_content($text); } else { $current_el = join('_', array_reverse($this->stack)); @@ -599,28 +621,22 @@ class RssParser // phpcs:enable $el = strtolower($el); - if ($el == 'item' or $el == 'entry') - { + if ($el == 'item' or $el == 'entry') { $this->items[] = $this->current_item; $this->current_item = array(); $this->initem = false; - } elseif ($this->_format == 'rss' and $this->current_namespace == '' and $el == 'textinput') - { + } elseif ($this->_format == 'rss' and $this->current_namespace == '' and $el == 'textinput') { $this->intextinput = false; - } elseif ($this->_format == 'rss' and $this->current_namespace == '' and $el == 'image') - { + } elseif ($this->_format == 'rss' and $this->current_namespace == '' and $el == 'image') { $this->inimage = false; - } elseif ($this->_format == 'atom' and in_array($el, $this->_CONTENT_CONSTRUCTS)) - { + } elseif ($this->_format == 'atom' and in_array($el, $this->_CONTENT_CONSTRUCTS)) { $this->incontent = false; - } elseif ($el == 'channel' or $el == 'feed') - { + } elseif ($el == 'channel' or $el == 'feed') { $this->inchannel = false; } elseif ($this->_format == 'atom' and $this->incontent) { // balance tags properly // note: i don't think this is actually neccessary - if ($this->stack[0] == $el) - { + if ($this->stack[0] == $el) { $this->append_content(""); } else { $this->append_content("<$el />"); @@ -679,8 +695,7 @@ class RssParser if (!$el) { return; } - if ($this->current_namespace) - { + if ($this->current_namespace) { if ($this->initem) { $this->concat($this->current_item[$this->current_namespace][$el], $text); } elseif ($this->inchannel) { @@ -714,11 +729,9 @@ class RssParser { $result = ""; - if (isset($item['summary'])) - { + if (isset($item['summary'])) { $result = $item['summary']; - } elseif (isset($item['atom_content'])) - { + } elseif (isset($item['atom_content'])) { $result = $item['atom_content']; } @@ -728,8 +741,7 @@ class RssParser $result = str_replace("\n", "", $result); - if (strlen($result) > $maxlength) - { + if (strlen($result) > $maxlength) { $result = substr($result, 0, $maxlength); $result .= "..."; } @@ -745,28 +757,23 @@ class RssParser */ private function getAtomImageUrl(array $feed) { - if (isset($feed['icon'])) - { + if (isset($feed['icon'])) { return $feed['logo']; } - if (isset($feed['icon'])) - { + if (isset($feed['icon'])) { return $feed['logo']; } - if (isset($feed['webfeeds:logo'])) - { + if (isset($feed['webfeeds:logo'])) { return $feed['webfeeds:logo']; } - if (isset($feed['webfeeds:icon'])) - { + if (isset($feed['webfeeds:icon'])) { return $feed['webfeeds:icon']; } - if (isset($feed['webfeeds:wordmark'])) - { + if (isset($feed['webfeeds:wordmark'])) { return $feed['webfeeds:wordmark']; } @@ -786,27 +793,23 @@ function xml2php($xml) $fils = 0; $tab = false; $array = array(); - foreach ($xml->children() as $key => $value) - { + foreach ($xml->children() as $key => $value) { $child = xml2php($value); //To deal with the attributes - foreach ($value->attributes() as $ak=>$av) - { + foreach ($value->attributes() as $ak => $av) { $child[$ak] = (string) $av; } //Let see if the new child is not in the array - if ($tab === false && in_array($key, array_keys($array))) - { + if ($tab === false && in_array($key, array_keys($array))) { //If this element is already in the array we will create an indexed array $tmp = $array[$key]; $array[$key] = null; $array[$key][] = $tmp; $array[$key][] = $child; $tab = true; - } elseif ($tab === true) - { + } elseif ($tab === true) { //Add an element in an existing array $array[$key][] = $child; } else { @@ -818,8 +821,7 @@ function xml2php($xml) } - if ($fils == 0) - { + if ($fils == 0) { return (string) $xml; } From 06c181793082b0ddad5bd007666a0daa07785ace Mon Sep 17 00:00:00 2001 From: lmarcouiller Date: Wed, 12 May 2021 09:21:28 +0200 Subject: [PATCH 016/105] Update mailing-send script and mailling card --- htdocs/comm/mailing/card.php | 5 ++--- scripts/emailings/mailing-send.php | 5 ++--- 2 files changed, 4 insertions(+), 6 deletions(-) diff --git a/htdocs/comm/mailing/card.php b/htdocs/comm/mailing/card.php index b26bf5812e9..86aff8a36e0 100644 --- a/htdocs/comm/mailing/card.php +++ b/htdocs/comm/mailing/card.php @@ -285,9 +285,8 @@ if (empty($reshook)) { $moreinheader = ''; if (preg_match('/__UNSUBSCRIBE__/', $message)) { - $moreinheader = make_substitutions('__UNSUBSCRIBE__', $substitutionarray); - $moreinheader = explode('"', $moreinheader); - $moreinheader = "List-Unsubscribe: <".$moreinheader[1].">\n"; + $moreinheader = "List-Unsubscribe: <__UNSUBSCRIBE_URL__>\n"; + $moreinheader = make_substitutions($moreinheader, $substitutionarray); } $arr_file = array(); diff --git a/scripts/emailings/mailing-send.php b/scripts/emailings/mailing-send.php index 8d9d98aa3d3..0d59a1b5db5 100755 --- a/scripts/emailings/mailing-send.php +++ b/scripts/emailings/mailing-send.php @@ -271,9 +271,8 @@ if ($resql) { $moreinheader = ''; if (preg_match('/__UNSUBSCRIBE__/', $message)) { - $moreinheader = make_substitutions('__UNSUBSCRIBE__', $substitutionarray); - $moreinheader = explode('"', $moreinheader); - $moreinheader = "List-Unsubscribe: <".$moreinheader[1].">\n"; + $moreinheader = "List-Unsubscribe: <__UNSUBSCRIBE_URL__>\n"; + $moreinheader = make_substitutions($moreinheader, $substitutionarray); } $arr_file = array(); From 394d43543d3a8a163ce8702c2621a383bc9498d1 Mon Sep 17 00:00:00 2001 From: Florian HENRY Date: Wed, 12 May 2021 12:04:50 +0200 Subject: [PATCH 017/105] fix: when only supplier module is ON top menu should be displayed --- htdocs/core/menus/standard/eldy.lib.php | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/htdocs/core/menus/standard/eldy.lib.php b/htdocs/core/menus/standard/eldy.lib.php index e35d9d4490c..14060d894b3 100644 --- a/htdocs/core/menus/standard/eldy.lib.php +++ b/htdocs/core/menus/standard/eldy.lib.php @@ -227,6 +227,7 @@ function print_eldy_menu($db, $atarget, $type_user, &$tabMenu, &$menu, $noout = $tmpentry = array( 'enabled'=>(!empty($conf->propal->enabled) || !empty($conf->commande->enabled) + || !empty($conf->fournisseur->enabled) || !empty($conf->supplier_proposal->enabled) || !empty($conf->supplier_order->enabled) || !empty($conf->contrat->enabled) @@ -234,10 +235,13 @@ function print_eldy_menu($db, $atarget, $type_user, &$tabMenu, &$menu, $noout = ) ? 1 : 0, 'perms'=>(!empty($user->rights->propal->lire) || !empty($user->rights->commande->lire) + || !empty($user->rights->fournisseur->lire) || !empty($user->rights->supplier_proposal->lire) || !empty($user->rights->supplier_order->lire) || !empty($user->rights->contrat->lire) || !empty($user->rights->ficheinter->lire) + || !empty($user->rights->supplier_order->lire) + || !empty($user->rights->fournisseur->commande->lire) ), 'module'=>'propal|commande|supplier_proposal|supplier_order|contrat|ficheinter' ); From f34d6366d96e84463253a6076ffb34822163eb30 Mon Sep 17 00:00:00 2001 From: lmarcouiller Date: Wed, 12 May 2021 13:19:23 +0200 Subject: [PATCH 018/105] Sql error in invoices cards 3 end --- htdocs/core/class/html.form.class.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/core/class/html.form.class.php b/htdocs/core/class/html.form.class.php index 27bb5c5c8e5..acf1dc675ad 100644 --- a/htdocs/core/class/html.form.class.php +++ b/htdocs/core/class/html.form.class.php @@ -7693,7 +7693,7 @@ class Form 'invoice'=>array('enabled'=>$conf->facture->enabled, 'perms'=>1, 'label'=>'LinkToInvoice', 'sql'=>"SELECT s.rowid as socid, s.nom as name, s.client, t.rowid, t.ref, t.ref_client, t.total_ht FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."facture as t WHERE t.fk_soc = s.rowid AND t.fk_soc IN (".$this->db->sanitize($listofidcompanytoscan).') AND t.entity IN ('.getEntity('invoice').')'), 'invoice_template'=>array('enabled'=>$conf->facture->enabled, 'perms'=>1, 'label'=>'LinkToTemplateInvoice', 'sql'=>"SELECT s.rowid as socid, s.nom as name, s.client, t.rowid, t.titre as ref, t.total_ht FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."facture_rec as t WHERE t.fk_soc = s.rowid AND t.fk_soc IN (".$this->db->sanitize($listofidcompanytoscan).') AND t.entity IN ('.getEntity('invoice').')'), 'contrat'=>array('enabled'=>$conf->contrat->enabled, 'perms'=>1, 'label'=>'LinkToContract', - 'sql'=>"SELECT s.rowid as socid, s.nom as name, s.client, t.rowid, t.ref, t.ref_customer as ref_client, t.ref_supplier, SUM(td.total_ht) as total_ht FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."contrat as t, ".MAIN_DB_PREFIX."contratdet as td WHERE t.fk_soc = s.rowid AND td.fk_contrat = t.rowid AND t.fk_soc IN (".$this->db->sanitize($listofidcompanytoscan).') AND t.entity IN ('.getEntity('contract').') GROUP BY t.rowid'), + 'sql'=>"SELECT s.rowid as socid, s.nom as name, s.client, t.rowid, t.ref, t.ref_customer as ref_client, t.ref_supplier, SUM(td.total_ht) as total_ht FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."contrat as t, ".MAIN_DB_PREFIX."contratdet as td WHERE t.fk_soc = s.rowid AND td.fk_contrat = t.rowid AND t.fk_soc IN (".$this->db->sanitize($listofidcompanytoscan).') AND t.entity IN ('.getEntity('contract').') GROUP BY t.rowid,s.rowid,s.nom,s.client,t.ref,t.ref_supplier,t.ref_customer'), 'fichinter'=>array('enabled'=>$conf->ficheinter->enabled, 'perms'=>1, 'label'=>'LinkToIntervention', 'sql'=>"SELECT s.rowid as socid, s.nom as name, s.client, t.rowid, t.ref FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."fichinter as t WHERE t.fk_soc = s.rowid AND t.fk_soc IN (".$this->db->sanitize($listofidcompanytoscan).') AND t.entity IN ('.getEntity('intervention').')'), 'supplier_proposal'=>array('enabled'=>$conf->supplier_proposal->enabled, 'perms'=>1, 'label'=>'LinkToSupplierProposal', 'sql'=>"SELECT s.rowid as socid, s.nom as name, s.client, t.rowid, t.ref, '' as ref_supplier, t.total_ht FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."supplier_proposal as t WHERE t.fk_soc = s.rowid AND t.fk_soc IN (".$this->db->sanitize($listofidcompanytoscan).') AND t.entity IN ('.getEntity('supplier_proposal').')'), 'order_supplier'=>array('enabled'=>$conf->supplier_order->enabled, 'perms'=>1, 'label'=>'LinkToSupplierOrder', 'sql'=>"SELECT s.rowid as socid, s.nom as name, s.client, t.rowid, t.ref, t.ref_supplier, t.total_ht FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."commande_fournisseur as t WHERE t.fk_soc = s.rowid AND t.fk_soc IN (".$this->db->sanitize($listofidcompanytoscan).') AND t.entity IN ('.getEntity('commande_fournisseur').')'), From 9ed041f31a929ce2493f865e524b1aee22d424e9 Mon Sep 17 00:00:00 2001 From: lmarcouiller Date: Wed, 12 May 2021 13:22:31 +0200 Subject: [PATCH 019/105] fixing style errors --- htdocs/core/class/html.form.class.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/htdocs/core/class/html.form.class.php b/htdocs/core/class/html.form.class.php index acf1dc675ad..378a75f7f9c 100644 --- a/htdocs/core/class/html.form.class.php +++ b/htdocs/core/class/html.form.class.php @@ -7693,7 +7693,8 @@ class Form 'invoice'=>array('enabled'=>$conf->facture->enabled, 'perms'=>1, 'label'=>'LinkToInvoice', 'sql'=>"SELECT s.rowid as socid, s.nom as name, s.client, t.rowid, t.ref, t.ref_client, t.total_ht FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."facture as t WHERE t.fk_soc = s.rowid AND t.fk_soc IN (".$this->db->sanitize($listofidcompanytoscan).') AND t.entity IN ('.getEntity('invoice').')'), 'invoice_template'=>array('enabled'=>$conf->facture->enabled, 'perms'=>1, 'label'=>'LinkToTemplateInvoice', 'sql'=>"SELECT s.rowid as socid, s.nom as name, s.client, t.rowid, t.titre as ref, t.total_ht FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."facture_rec as t WHERE t.fk_soc = s.rowid AND t.fk_soc IN (".$this->db->sanitize($listofidcompanytoscan).') AND t.entity IN ('.getEntity('invoice').')'), 'contrat'=>array('enabled'=>$conf->contrat->enabled, 'perms'=>1, 'label'=>'LinkToContract', - 'sql'=>"SELECT s.rowid as socid, s.nom as name, s.client, t.rowid, t.ref, t.ref_customer as ref_client, t.ref_supplier, SUM(td.total_ht) as total_ht FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."contrat as t, ".MAIN_DB_PREFIX."contratdet as td WHERE t.fk_soc = s.rowid AND td.fk_contrat = t.rowid AND t.fk_soc IN (".$this->db->sanitize($listofidcompanytoscan).') AND t.entity IN ('.getEntity('contract').') GROUP BY t.rowid,s.rowid,s.nom,s.client,t.ref,t.ref_supplier,t.ref_customer'), + 'sql'=>"SELECT s.rowid as socid, s.nom as name, s.client, t.rowid, t.ref, t.ref_customer as ref_client, t.ref_supplier, SUM(td.total_ht) as total_ht FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."contrat as t, ".MAIN_DB_PREFIX."contratdet as td WHERE t.fk_soc = s.rowid AND td.fk_contrat = t.rowid AND t.fk_soc IN (".$this->db->sanitize($listofidcompanytoscan).') AND t.entity IN ('.getEntity('contract').') + GROUP BY t.rowid,s.rowid,s.nom,s.client,t.ref,t.ref_supplier,t.ref_customer'), 'fichinter'=>array('enabled'=>$conf->ficheinter->enabled, 'perms'=>1, 'label'=>'LinkToIntervention', 'sql'=>"SELECT s.rowid as socid, s.nom as name, s.client, t.rowid, t.ref FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."fichinter as t WHERE t.fk_soc = s.rowid AND t.fk_soc IN (".$this->db->sanitize($listofidcompanytoscan).') AND t.entity IN ('.getEntity('intervention').')'), 'supplier_proposal'=>array('enabled'=>$conf->supplier_proposal->enabled, 'perms'=>1, 'label'=>'LinkToSupplierProposal', 'sql'=>"SELECT s.rowid as socid, s.nom as name, s.client, t.rowid, t.ref, '' as ref_supplier, t.total_ht FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."supplier_proposal as t WHERE t.fk_soc = s.rowid AND t.fk_soc IN (".$this->db->sanitize($listofidcompanytoscan).') AND t.entity IN ('.getEntity('supplier_proposal').')'), 'order_supplier'=>array('enabled'=>$conf->supplier_order->enabled, 'perms'=>1, 'label'=>'LinkToSupplierOrder', 'sql'=>"SELECT s.rowid as socid, s.nom as name, s.client, t.rowid, t.ref, t.ref_supplier, t.total_ht FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."commande_fournisseur as t WHERE t.fk_soc = s.rowid AND t.fk_soc IN (".$this->db->sanitize($listofidcompanytoscan).') AND t.entity IN ('.getEntity('commande_fournisseur').')'), From 23fe7d1b6302c22b7bd1e1a471cfd445873c0104 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20FRANCE?= Date: Wed, 12 May 2021 18:29:56 +0200 Subject: [PATCH 020/105] add sample completeTabHead --- .../template/class/actions_mymodule.class.php | 51 +++++++++++++++++++ htdocs/theme/eldy/global.inc.php | 6 +-- htdocs/theme/md/style.css.php | 6 +-- 3 files changed, 57 insertions(+), 6 deletions(-) diff --git a/htdocs/modulebuilder/template/class/actions_mymodule.class.php b/htdocs/modulebuilder/template/class/actions_mymodule.class.php index 8559411a3d4..24be0243b8d 100644 --- a/htdocs/modulebuilder/template/class/actions_mymodule.class.php +++ b/htdocs/modulebuilder/template/class/actions_mymodule.class.php @@ -303,5 +303,56 @@ class ActionsMyModule return 0; } + /** + * Execute action completeTabsHead + * + * @param array $parameters Array of parameters + * @param CommonObject $object The object to process (an invoice if you are in invoice module, a propale in propale's module, etc...) + * @param string $action 'add', 'update', 'view' + * @param Hookmanager $hookmanager hookmanager + * @return int <0 if KO, + * =0 if OK but we want to process standard actions too, + * >0 if OK and we want to replace standard actions. + */ + public function completeTabsHead(&$parameters, &$object, &$action, $hookmanager) + { + global $langs, $conf, $user; + + if (!isset($parameters['object']->element)) { + return 0; + } + if ($parameters['mode'] == 'remove') { + // utilisé si on veut faire disparaitre des onglets. + return 0; + } elseif ($parameters['mode'] == 'add') { + $langs->load('mymodule@mymodule'); + // utilisé si on veut ajouter des onglets. + $counter = count($parameters['head']); + $element = $parameters['object']->element; + $id = $parameters['object']->id; + // verifier le type d'onglet comme member_stats où ça ne doit pas apparaitre + // if (in_array($element, ['societe', 'member', 'contrat', 'fichinter', 'project', 'propal', 'commande', 'facture', 'order_supplier', 'invoice_supplier'])) { + if (in_array($element, ['context1', 'context2'])) { + $datacount = 0; + + $parameters['head'][$counter][0] = dol_buildpath('/mymodule/mymodule_tab.php', 1) . '?id=' . $id . '&module='.$element; + $parameters['head'][$counter][1] = $langs->trans('MyModuleTab'); + if ($datacount > 0) { + $parameters['head'][$counter][1] .= '' . $datacount . ''; + } + $parameters['head'][$counter][2] = 'mymoduleemails'; + $counter++; + } + if ($counter > 0 && (int) DOL_VERSION < 14) { + $this->results = $parameters['head']; + // return 1 to replace standard code + return 1; + } else { + // en V14 et + $parameters['head'] est modifiable par référence + return 0; + } + } + } + /* Add here any other hooked methods... */ } diff --git a/htdocs/theme/eldy/global.inc.php b/htdocs/theme/eldy/global.inc.php index 912cf21a1de..3518518a5ef 100644 --- a/htdocs/theme/eldy/global.inc.php +++ b/htdocs/theme/eldy/global.inc.php @@ -6767,9 +6767,9 @@ div.phpdebugbar-widgets-templates a.phpdebugbar-widgets-editor-link:before /* ============================================================================== */ span.clipboardCPValue.hidewithsize { - width: 0 !important; - display: inline-block; - color: transparent; + width: 0 !important; + display: inline-block; + color: transparent; } .clipboardCPShowOnHover .clipboardCPButton { diff --git a/htdocs/theme/md/style.css.php b/htdocs/theme/md/style.css.php index 8152e56e945..4a6c3899d93 100644 --- a/htdocs/theme/md/style.css.php +++ b/htdocs/theme/md/style.css.php @@ -6611,9 +6611,9 @@ div.phpdebugbar-widgets-templates a.phpdebugbar-widgets-editor-link:before /* ============================================================================== */ span.clipboardCPValue.hidewithsize { - width: 0 !important; - display: inline-block; - color: transparent; + width: 0 !important; + display: inline-block; + color: transparent; } .clipboardCPShowOnHover .clipboardCPButton { From 81d899947d9ded81203bccc48b44be500b3c796c Mon Sep 17 00:00:00 2001 From: Givriz Date: Wed, 12 May 2021 18:41:41 +0200 Subject: [PATCH 021/105] Update listevents.php --- htdocs/admin/tools/listevents.php | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/htdocs/admin/tools/listevents.php b/htdocs/admin/tools/listevents.php index 76aa4cee121..1190e156db4 100644 --- a/htdocs/admin/tools/listevents.php +++ b/htdocs/admin/tools/listevents.php @@ -248,22 +248,22 @@ if (!empty($result)) { if (!empty($optioncss) && $optioncss != '') { $param .= '&optioncss='.urlencode($optioncss); } - if (!empty($search_code)) { + if ($search_code) { $param .= '&search_code='.urlencode($search_code); } - if (!empty($search_ip)) { + if ($search_ip) { $param .= '&search_ip='.urlencode($search_ip); } - if (!empty($search_user)) { + if ($search_user) { $param .= '&search_user='.urlencode($search_user); } - if (!empty($search_desc)) { + if ($search_desc) { $param .= '&search_desc='.urlencode($search_desc); } - if (!empty($search_ua)) { + if ($search_ua) { $param .= '&search_ua='.urlencode($search_ua); } - if (!empty($search_prefix_session)) { + if ($search_prefix_session) { $param .= '&search_prefix_session='.urlencode($search_prefix_session); } if (!empty($date_startmonth)) { From 95a5e480a1945d51784530e282840fb2a42751e1 Mon Sep 17 00:00:00 2001 From: UT from dolibit <45215329+dolibit-ut@users.noreply.github.com> Date: Wed, 12 May 2021 21:55:31 +0200 Subject: [PATCH 022/105] Update llx_00_c_country.sql --- htdocs/install/mysql/data/llx_00_c_country.sql | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/htdocs/install/mysql/data/llx_00_c_country.sql b/htdocs/install/mysql/data/llx_00_c_country.sql index fa2b4339983..296b6d0e412 100644 --- a/htdocs/install/mysql/data/llx_00_c_country.sql +++ b/htdocs/install/mysql/data/llx_00_c_country.sql @@ -117,13 +117,13 @@ INSERT INTO llx_c_country (rowid,code,code_iso,label,active,favorite) VALUES (86 INSERT INTO llx_c_country (rowid,code,code_iso,label,active,favorite) VALUES (87,'GQ','GNQ','Guinée Equatoriale',1,0); INSERT INTO llx_c_country (rowid,code,code_iso,label,active,favorite) VALUES (88,'ER','ERI','Erythrée',1,0); INSERT INTO llx_c_country (rowid,code,code_iso,label,active,favorite) VALUES (89,'EE','EST','Estonia',1,0); -INSERT INTO llx_c_country (rowid,code,code_iso,label,active,favorite) VALUES (90,'ET','ETH','Ethiopie',1,0); -INSERT INTO llx_c_country (rowid,code,code_iso,label,active,favorite) VALUES (91,'FK','FLK','Iles Falkland',1,0); -INSERT INTO llx_c_country (rowid,code,code_iso,label,active,favorite) VALUES (92,'FO','FRO','Iles Féroé',1,0); -INSERT INTO llx_c_country (rowid,code,code_iso,label,active,favorite) VALUES (93,'FJ','FJI','Iles Fidji',1,0); -INSERT INTO llx_c_country (rowid,code,code_iso,label,active,favorite) VALUES (94,'FI','FIN','Finlande',1,0); -INSERT INTO llx_c_country (rowid,code,code_iso,label,active,favorite) VALUES (95,'GF','GUF','Guyane française',1,0); -INSERT INTO llx_c_country (rowid,code,code_iso,label,active,favorite) VALUES (96,'PF','PYF','Polynésie française',1,0); +INSERT INTO llx_c_country (rowid,code,code_iso,label,active,favorite) VALUES (90,'ET','ETH','Ethiopia',1,0); +INSERT INTO llx_c_country (rowid,code,code_iso,label,active,favorite) VALUES (91,'FK','FLK','Falkland Islands',1,0); +INSERT INTO llx_c_country (rowid,code,code_iso,label,active,favorite) VALUES (92,'FO','FRO','Faroe Islands',1,0); +INSERT INTO llx_c_country (rowid,code,code_iso,label,active,favorite) VALUES (93,'FJ','FJI','Fidji Islands',1,0); +INSERT INTO llx_c_country (rowid,code,code_iso,label,active,favorite) VALUES (94,'FI','FIN','Finland',1,0); +INSERT INTO llx_c_country (rowid,code,code_iso,label,active,favorite) VALUES (95,'GF','GUF','French Guiana',1,0); +INSERT INTO llx_c_country (rowid,code,code_iso,label,active,favorite) VALUES (96,'PF','PYF','French Polynesia',1,0); INSERT INTO llx_c_country (rowid,code,code_iso,label,active,favorite) VALUES (97,'TF','ATF','Terres australes françaises',1,0); INSERT INTO llx_c_country (rowid,code,code_iso,label,active,favorite) VALUES (98,'GM','GMB','Gambie',1,0); INSERT INTO llx_c_country (rowid,code,code_iso,label,active,favorite) VALUES (99,'GE','GEO','Georgia',1,0); From 12c2838d91465ba753ec1538b790e5be17531165 Mon Sep 17 00:00:00 2001 From: UT from dolibit <45215329+dolibit-ut@users.noreply.github.com> Date: Wed, 12 May 2021 22:18:40 +0200 Subject: [PATCH 023/105] Update countries_iso-3166_en.txt --- dev/resources/iso-normes/countries_iso-3166_en.txt | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/dev/resources/iso-normes/countries_iso-3166_en.txt b/dev/resources/iso-normes/countries_iso-3166_en.txt index b953435d1c9..d6624026963 100644 --- a/dev/resources/iso-normes/countries_iso-3166_en.txt +++ b/dev/resources/iso-normes/countries_iso-3166_en.txt @@ -3,11 +3,12 @@ # The list is updated whenever a change to the official code list in ISO 3166-1 is effected by the ISO 3166/MA. # It lists 240 official short names and code elements. One line of text contains one entry. # A country name and its code element are separated by a semicolon (;). -# http://www.iso.org/iso/fr/iso3166_en_code_lists.txt +# https://www.iso.org/iso-3166-country-codes.html -# ISO-3166: http://en.wikipedia.org/wiki/ISO_3166-1 -# ISO-3166 alpha 2: http://en.wikipedia.org/wiki/ISO_3166-1_alpha-2 -# ISO-3166 alpha 3: http://en.wikipedia.org/wiki/ISO_3166-1_alpha-3 +# https://en.wikipedia.org/wiki/List_of_ISO_3166_country_codes +# ISO-3166: https://en.wikipedia.org/wiki/ISO_3166-1 +# ISO-3166 alpha 2: https://en.wikipedia.org/wiki/ISO_3166-1_alpha-2 +# ISO-3166 alpha 3: https://en.wikipedia.org/wiki/ISO_3166-1_alpha-3 AFGHANISTAN;AF ÅLAND ISLANDS;AX @@ -254,4 +255,4 @@ WALLIS AND FUTUNA;WF WESTERN SAHARA;EH YEMEN;YE ZAMBIA;ZM -ZIMBABWE;ZW \ No newline at end of file +ZIMBABWE;ZW From 0dd999c1f06080c148e532fd7f68a8b050d1b1be Mon Sep 17 00:00:00 2001 From: UT from dolibit <45215329+dolibit-ut@users.noreply.github.com> Date: Wed, 12 May 2021 22:25:08 +0200 Subject: [PATCH 024/105] Update vat_number_names.txt --- dev/resources/iso-normes/vat_number_names.txt | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/dev/resources/iso-normes/vat_number_names.txt b/dev/resources/iso-normes/vat_number_names.txt index 23fce59ed3b..b1e8d469ec8 100644 --- a/dev/resources/iso-normes/vat_number_names.txt +++ b/dev/resources/iso-normes/vat_number_names.txt @@ -1 +1,7 @@ -http://en.wikipedia.org/wiki/VAT_identification_number \ No newline at end of file +https://en.wikipedia.org/wiki/VAT_identification_number + +terms +(en) VAT = Value Added Tax +(fr) TVA = Taxe sur la Valeur Ajouté +(es) NIF / CIF +(de) USt / MwSt From 396f3d0fabdd9d84f54c5f88488b9c405b0ed185 Mon Sep 17 00:00:00 2001 From: UT from dolibit <45215329+dolibit-ut@users.noreply.github.com> Date: Wed, 12 May 2021 22:29:02 +0200 Subject: [PATCH 025/105] Update world_tax_rates.txt delete http://www.taxrates.cc/index.html because now leads to a risky website without appropriate information --- dev/resources/iso-normes/world_tax_rates.txt | 1 + 1 file changed, 1 insertion(+) diff --git a/dev/resources/iso-normes/world_tax_rates.txt b/dev/resources/iso-normes/world_tax_rates.txt index 740062288dc..c007474e5fd 100644 --- a/dev/resources/iso-normes/world_tax_rates.txt +++ b/dev/resources/iso-normes/world_tax_rates.txt @@ -1,4 +1,5 @@ http://www.taxrates.cc/index.html +https://en.wikipedia.org/wiki/List_of_countries_by_tax_rates For India: VAT=IGST/CGST=Localtax1/SGST=Localtax2: https://cleartax.in/s/what-is-sgst-cgst-igst From a11ed88f6f8ea6983d5e10ca31f6f3f8a14a0f21 Mon Sep 17 00:00:00 2001 From: UT from dolibit <45215329+dolibit-ut@users.noreply.github.com> Date: Wed, 12 May 2021 22:34:58 +0200 Subject: [PATCH 026/105] Update code_nace.txt --- dev/resources/iso-normes/code_nace.txt | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/dev/resources/iso-normes/code_nace.txt b/dev/resources/iso-normes/code_nace.txt index 0c490bd4bf1..a07e3a76b31 100644 --- a/dev/resources/iso-normes/code_nace.txt +++ b/dev/resources/iso-normes/code_nace.txt @@ -1 +1,5 @@ -http://ec.europa.eu/eurostat/ramon/nomenclatures/index.cfm?TargetUrl=LST_CLS_DLD&StrNom=NACE_REV2&StrLanguageCode=FR&StrLayoutCode=# \ No newline at end of file +NACE + +https://ec.europa.eu/eurostat/ramon/nomenclatures/index.cfm?TargetUrl=LST_CLS_DLD&StrNom=NACE_REV2&StrLanguageCode=EN&StrLayoutCode= + +https://en.wikipedia.org/wiki/Statistical_Classification_of_Economic_Activities_in_the_European_Community From 850ed5eb252d04a3b9273823c360b5ffb969331a Mon Sep 17 00:00:00 2001 From: UT from dolibit <45215329+dolibit-ut@users.noreply.github.com> Date: Wed, 12 May 2021 22:41:33 +0200 Subject: [PATCH 027/105] Update countries_iso-3166_fr.txt --- dev/resources/iso-normes/countries_iso-3166_fr.txt | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/dev/resources/iso-normes/countries_iso-3166_fr.txt b/dev/resources/iso-normes/countries_iso-3166_fr.txt index 578c0f0effe..532b73ef47e 100644 --- a/dev/resources/iso-normes/countries_iso-3166_fr.txt +++ b/dev/resources/iso-normes/countries_iso-3166_fr.txt @@ -3,11 +3,12 @@ # The list is updated whenever a change to the official code list in ISO 3166-1 is effected by the ISO 3166/MA. # It lists 240 official short names and code elements. One line of text contains one entry. # A country name and its code element are separated by a semicolon (;). -# http://www.iso.org/iso/fr/iso3166_fr_code_lists.txt +# https://www.iso.org/fr/iso-3166-country-codes.html -# ISO-3166: http://en.wikipedia.org/wiki/ISO_3166-1 -# ISO-3166 alpha 2: http://en.wikipedia.org/wiki/ISO_3166-1_alpha-2 -# ISO-3166 alpha 3: http://en.wikipedia.org/wiki/ISO_3166-1_alpha-3 +# https://en.wikipedia.org/wiki/List_of_ISO_3166_country_codes +# ISO-3166: https://fr.wikipedia.org/wiki/ISO_3166-1 +# ISO-3166 alpha 2: https://fr.wikipedia.org/wiki/ISO_3166-1_alpha-2 +# ISO-3166 alpha 3: https://en.wikipedia.org/wiki/ISO_3166-1_alpha-3 AFGHANISTAN;AF AFRIQUE DU SUD;ZA @@ -254,4 +255,4 @@ VIET NAM;VN WALLIS ET FUTUNA;WF YÉMEN;YE ZAMBIE;ZM -ZIMBABWE;ZW \ No newline at end of file +ZIMBABWE;ZW From 65c8eda5c18985ded5f270071ee6bd720464d347 Mon Sep 17 00:00:00 2001 From: UT from dolibit <45215329+dolibit-ut@users.noreply.github.com> Date: Wed, 12 May 2021 22:47:57 +0200 Subject: [PATCH 028/105] Update address_format.txt --- dev/resources/iso-normes/address_format.txt | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/dev/resources/iso-normes/address_format.txt b/dev/resources/iso-normes/address_format.txt index cc3b23285c8..d87e90e79b5 100644 --- a/dev/resources/iso-normes/address_format.txt +++ b/dev/resources/iso-normes/address_format.txt @@ -1 +1,4 @@ -http://bitboost.com/ref/international-address-formats.html#Formats \ No newline at end of file +https://bitboost.com/ref/international-address-formats.html#Formats + +https://www.upu.int/en/Postal-Solutions/Programmes-Services/Addressing-Solutions + From cd28664b2a4d7924ef0b4beb698db322a3251a57 Mon Sep 17 00:00:00 2001 From: UT from dolibit <45215329+dolibit-ut@users.noreply.github.com> Date: Wed, 12 May 2021 22:56:50 +0200 Subject: [PATCH 029/105] Update locales.txt --- dev/resources/iso-normes/locales.txt | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/dev/resources/iso-normes/locales.txt b/dev/resources/iso-normes/locales.txt index cb39e45ec0d..67ea5280342 100644 --- a/dev/resources/iso-normes/locales.txt +++ b/dev/resources/iso-normes/locales.txt @@ -1,9 +1,9 @@ For languages: -http://demo.icu-project.org/icu-bin/locexp?d_=fr +https://icu4c-demos.unicode.org/icu-bin/icudemos - Locale Explorer -> Error 404 For format number: -http://en.wikipedia.org/wiki/Decimal_mark +https://en.wikipedia.org/wiki/Decimal_mark For date format: -http://en.wikipedia.org/wiki/Date_format_by_country \ No newline at end of file +https://en.wikipedia.org/wiki/Date_format_by_country From 8bbd915009e67a21770d9a5234f0e57a794cf436 Mon Sep 17 00:00:00 2001 From: UT from dolibit <45215329+dolibit-ut@users.noreply.github.com> Date: Wed, 12 May 2021 23:03:43 +0200 Subject: [PATCH 030/105] Update text.txt --- dev/resources/sepa/text.txt | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/dev/resources/sepa/text.txt b/dev/resources/sepa/text.txt index dbcfeded5a4..dfa55834e58 100644 --- a/dev/resources/sepa/text.txt +++ b/dev/resources/sepa/text.txt @@ -1,3 +1,7 @@ +https://en.wikipedia.org/wiki/Single_Euro_Payments_Area +https://www.ecb.europa.eu/paym/integration/retail/sepa/html/index.en.html +https://www.europeanpaymentscouncil.eu/about-sepa + Spec for credit transfer: https://docs.oracle.com/cd/E39124_01/doc.91/e60210/fields_sepa_pay_file_appx.htm#EOAEL00515 From 8d035f5ec28cb31fbc7dfb5b87e301df9374d532 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20Bagnol?= Date: Thu, 13 May 2021 00:40:56 +0200 Subject: [PATCH 031/105] Add soc in categories contacts list --- htdocs/categories/viewcat.php | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/htdocs/categories/viewcat.php b/htdocs/categories/viewcat.php index 817c750a571..d1f15d4997c 100644 --- a/htdocs/categories/viewcat.php +++ b/htdocs/categories/viewcat.php @@ -754,6 +754,7 @@ if ($type == Categorie::TYPE_CONTACT) { $num = count($contacts); $nbtotalofrecords = ''; $newcardbutton = ''; + $objsoc = new Societe($db); print_barre_liste($langs->trans("Contact"), $page, $_SERVER["PHP_SELF"], $param, $sortfield, $sortorder, $massactionbutton, $num, $nbtotalofrecords, 'contact', 0, $newcardbutton, '', $limit); print ''."\n"; @@ -767,9 +768,15 @@ if ($type == Categorie::TYPE_CONTACT) { break; } + $objsoc->fetch($contact->socid); + print "\t".''."\n"; print '\n"; // Link to delete from category print ''."\n"; print ''; } From 50d4d28c140f8f92c360c8eb6f8b5cfda8651d60 Mon Sep 17 00:00:00 2001 From: stickler-ci Date: Fri, 14 May 2021 11:54:50 +0000 Subject: [PATCH 039/105] Fixing style errors. --- htdocs/comm/propal/list.php | 12 ++++++------ htdocs/compta/facture/list.php | 12 ++++++------ htdocs/expedition/list.php | 8 ++++---- 3 files changed, 16 insertions(+), 16 deletions(-) diff --git a/htdocs/comm/propal/list.php b/htdocs/comm/propal/list.php index 8060bc94698..8f5e8d9818e 100644 --- a/htdocs/comm/propal/list.php +++ b/htdocs/comm/propal/list.php @@ -504,12 +504,12 @@ if ($resql) if (!empty($contextpage) && $contextpage != $_SERVER["PHP_SELF"]) $param .= '&contextpage='.urlencode($contextpage); if ($limit > 0 && $limit != $conf->liste_limit) $param .= '&limit='.urlencode($limit); if ($sall) $param .= '&sall='.urlencode($sall); - if ($search_date_start) $param .= '&search_date_startday='.urlencode(dol_print_date($search_date_start,'%d')).'&search_date_startmonth='.urlencode(dol_print_date($search_date_start,'%m')).'&search_date_startyear='.urlencode(dol_print_date($search_date_start,'%Y')); - if ($search_date_end) $param .= '&search_date_endday='.urlencode(dol_print_date($search_date_end,'%d')).'&search_date_endmonth='.urlencode(dol_print_date($search_date_end,'%m')).'&search_date_endyear='.urlencode(dol_print_date($search_date_end,'%Y')); - if ($search_dateend_start) $param .= '&search_dateend_startday='.urlencode(dol_print_date($search_dateend_start,'%d')).'&search_dateend_startmonth='.urlencode(dol_print_date($search_dateend_start,'%m')).'&search_dateend_startyear='.urlencode(dol_print_date($search_dateend_start,'%Y')); - if ($search_dateend_end) $param .= '&search_dateend_endday='.urlencode(dol_print_date($search_dateend_end,'%d')).'&search_dateend_endmonth='.urlencode(dol_print_date($search_dateend_end,'%m')).'&search_dateend_endyear='.urlencode(dol_print_date($search_dateend_end,'%Y')); - if ($search_datedelivery_start) $param .= '&search_datedelivery_startday='.urlencode(dol_print_date($search_datedelivery_start,'%d')).'&search_datedelivery_startmonth='.urlencode(dol_print_date($search_datedelivery_start,'%m')).'&search_datedelivery_startyear='.urlencode(dol_print_date($search_datedelivery_start,'%Y')); - if ($search_datedelivery_end) $param .= '&search_datedelivery_endday='.urlencode(dol_print_date($search_datedelivery_end,'%d')).'&search_datedelivery_endmonth='.urlencode(dol_print_date($search_datedelivery_end,'%m')).'&search_datedelivery_endyear='.urlencode(dol_print_date($search_datedelivery_end,'%Y')); + if ($search_date_start) $param .= '&search_date_startday='.urlencode(dol_print_date($search_date_start, '%d')).'&search_date_startmonth='.urlencode(dol_print_date($search_date_start, '%m')).'&search_date_startyear='.urlencode(dol_print_date($search_date_start, '%Y')); + if ($search_date_end) $param .= '&search_date_endday='.urlencode(dol_print_date($search_date_end, '%d')).'&search_date_endmonth='.urlencode(dol_print_date($search_date_end, '%m')).'&search_date_endyear='.urlencode(dol_print_date($search_date_end, '%Y')); + if ($search_dateend_start) $param .= '&search_dateend_startday='.urlencode(dol_print_date($search_dateend_start, '%d')).'&search_dateend_startmonth='.urlencode(dol_print_date($search_dateend_start, '%m')).'&search_dateend_startyear='.urlencode(dol_print_date($search_dateend_start, '%Y')); + if ($search_dateend_end) $param .= '&search_dateend_endday='.urlencode(dol_print_date($search_dateend_end, '%d')).'&search_dateend_endmonth='.urlencode(dol_print_date($search_dateend_end, '%m')).'&search_dateend_endyear='.urlencode(dol_print_date($search_dateend_end, '%Y')); + if ($search_datedelivery_start) $param .= '&search_datedelivery_startday='.urlencode(dol_print_date($search_datedelivery_start, '%d')).'&search_datedelivery_startmonth='.urlencode(dol_print_date($search_datedelivery_start, '%m')).'&search_datedelivery_startyear='.urlencode(dol_print_date($search_datedelivery_start, '%Y')); + if ($search_datedelivery_end) $param .= '&search_datedelivery_endday='.urlencode(dol_print_date($search_datedelivery_end, '%d')).'&search_datedelivery_endmonth='.urlencode(dol_print_date($search_datedelivery_end, '%m')).'&search_datedelivery_endyear='.urlencode(dol_print_date($search_datedelivery_end, '%Y')); if ($search_ref) $param .= '&search_ref='.urlencode($search_ref); if ($search_refcustomer) $param .= '&search_refcustomer='.urlencode($search_refcustomer); if ($search_refproject) $param .= '&search_refproject='.urlencode($search_refproject); diff --git a/htdocs/compta/facture/list.php b/htdocs/compta/facture/list.php index 78cee038107..6d4af64902d 100644 --- a/htdocs/compta/facture/list.php +++ b/htdocs/compta/facture/list.php @@ -616,12 +616,12 @@ if ($resql) if (!empty($contextpage) && $contextpage != $_SERVER["PHP_SELF"]) $param .= '&contextpage='.urlencode($contextpage); if ($limit > 0 && $limit != $conf->liste_limit) $param .= '&limit='.urlencode($limit); if ($sall) $param .= '&sall='.urlencode($sall); - if ($search_date_start) $param .= '&search_date_startday='.urlencode(dol_print_date($search_date_start,'%d')).'&search_date_startmonth='.urlencode(dol_print_date($search_date_start,'%m')).'&search_date_startyear='.urlencode(dol_print_date($search_date_start,'%Y')); - if ($search_date_end) $param .= '&search_date_endday='.urlencode(dol_print_date($search_date_end,'%d')).'&search_date_endmonth='.urlencode(dol_print_date($search_date_end,'%m')).'&search_date_endyear='.urlencode(dol_print_date($search_date_end,'%Y')); - if ($search_date_valid_start) $param .= '&search_date_valid_startday='.urlencode(dol_print_date($search_date_valid_start,'%d')).'&search_date_valid_startmonth='.urlencode(dol_print_date($search_date_valid_start,'%m')).'&search_date_valid_startyear='.urlencode(dol_print_date($search_date_valid_start,'%Y')); - if ($search_date_valid_end) $param .= '&search_date_valid_endday='.urlencode(dol_print_date($search_date_valid_end,'%d')).'&search_date_valid_endmonth='.urlencode(dol_print_date($search_date_valid_end,'%m')).'&search_date_valid_endyear='.urlencode(dol_print_date($search_date_valid_end,'%Y')); - if ($search_datelimit_start) $param .= '&search_datelimit_startday='.urlencode(dol_print_date($search_datelimit_start,'%d')).'&search_datelimit_startmonth='.urlencode(dol_print_date($search_datelimit_start,'%m')).'&search_datelimit_startyear='.urlencode(dol_print_date($search_datelimit_start,'%Y')); - if ($search_datelimit_end) $param .= '&search_datelimit_endday='.urlencode(dol_print_date($search_datelimit_end,'%d')).'&search_datelimit_endmonth='.urlencode(dol_print_date($search_datelimit_end,'%m')).'&search_datelimit_endyear='.urlencode(dol_print_date($search_datelimit_end,'%Y')); + if ($search_date_start) $param .= '&search_date_startday='.urlencode(dol_print_date($search_date_start, '%d')).'&search_date_startmonth='.urlencode(dol_print_date($search_date_start, '%m')).'&search_date_startyear='.urlencode(dol_print_date($search_date_start, '%Y')); + if ($search_date_end) $param .= '&search_date_endday='.urlencode(dol_print_date($search_date_end, '%d')).'&search_date_endmonth='.urlencode(dol_print_date($search_date_end, '%m')).'&search_date_endyear='.urlencode(dol_print_date($search_date_end, '%Y')); + if ($search_date_valid_start) $param .= '&search_date_valid_startday='.urlencode(dol_print_date($search_date_valid_start, '%d')).'&search_date_valid_startmonth='.urlencode(dol_print_date($search_date_valid_start, '%m')).'&search_date_valid_startyear='.urlencode(dol_print_date($search_date_valid_start, '%Y')); + if ($search_date_valid_end) $param .= '&search_date_valid_endday='.urlencode(dol_print_date($search_date_valid_end, '%d')).'&search_date_valid_endmonth='.urlencode(dol_print_date($search_date_valid_end, '%m')).'&search_date_valid_endyear='.urlencode(dol_print_date($search_date_valid_end, '%Y')); + if ($search_datelimit_start) $param .= '&search_datelimit_startday='.urlencode(dol_print_date($search_datelimit_start, '%d')).'&search_datelimit_startmonth='.urlencode(dol_print_date($search_datelimit_start, '%m')).'&search_datelimit_startyear='.urlencode(dol_print_date($search_datelimit_start, '%Y')); + if ($search_datelimit_end) $param .= '&search_datelimit_endday='.urlencode(dol_print_date($search_datelimit_end, '%d')).'&search_datelimit_endmonth='.urlencode(dol_print_date($search_datelimit_end, '%m')).'&search_datelimit_endyear='.urlencode(dol_print_date($search_datelimit_end, '%Y')); if ($search_ref) $param .= '&search_ref='.urlencode($search_ref); if ($search_refcustomer) $param .= '&search_refcustomer='.urlencode($search_refcustomer); if ($search_project_ref) $param .= '&search_project_ref='.urlencode($search_project_ref); diff --git a/htdocs/expedition/list.php b/htdocs/expedition/list.php index 2de5a755b72..c4a3666937e 100644 --- a/htdocs/expedition/list.php +++ b/htdocs/expedition/list.php @@ -340,10 +340,10 @@ if ($resql) if ($search_town) $param .= '&search_town='.urlencode($search_town); if ($search_zip) $param .= '&search_zip='.urlencode($search_zip); - if ($search_datedelivery_start) $param .= '&search_datedelivery_startday='.urlencode(dol_print_date($search_datedelivery_start,'%d')).'&search_datedelivery_startmonth='.urlencode(dol_print_date($search_datedelivery_start,'%m')).'&search_datedelivery_startyear='.urlencode(dol_print_date($search_datedelivery_start,'%Y')); - if ($search_datedelivery_end) $param .= '&search_datedelivery_endday='.urlencode(dol_print_date($search_datedelivery_end,'%d')).'&search_datedelivery_endmonth='.urlencode(dol_print_date($search_datedelivery_end,'%m')).'&search_datedelivery_endyear='.urlencode(dol_print_date($search_datedelivery_end,'%Y')); - if ($search_datereceipt_start) $param .= '&search_datereceipt_startday='.urlencode(dol_print_date($search_datereceipt_start,'%d')).'&search_datereceipt_startmonth='.urlencode(dol_print_date($search_datereceipt_start,'%m')).'&search_datereceipt_startyear='.urlencode(dol_print_date($search_datereceipt_start,'%Y')); - if ($search_datereceipt_end) $param .= '&search_datereceipt_endday='.urlencode(dol_print_date($search_datereceipt_end,'%d')).'&search_datereceipt_endmonth='.urlencode(dol_print_date($search_datereceipt_end,'%m')).'&search_datereceipt_endyear='.urlencode(dol_print_date($search_datereceipt_end,'%Y')); + if ($search_datedelivery_start) $param .= '&search_datedelivery_startday='.urlencode(dol_print_date($search_datedelivery_start, '%d')).'&search_datedelivery_startmonth='.urlencode(dol_print_date($search_datedelivery_start, '%m')).'&search_datedelivery_startyear='.urlencode(dol_print_date($search_datedelivery_start, '%Y')); + if ($search_datedelivery_end) $param .= '&search_datedelivery_endday='.urlencode(dol_print_date($search_datedelivery_end, '%d')).'&search_datedelivery_endmonth='.urlencode(dol_print_date($search_datedelivery_end, '%m')).'&search_datedelivery_endyear='.urlencode(dol_print_date($search_datedelivery_end, '%Y')); + if ($search_datereceipt_start) $param .= '&search_datereceipt_startday='.urlencode(dol_print_date($search_datereceipt_start, '%d')).'&search_datereceipt_startmonth='.urlencode(dol_print_date($search_datereceipt_start, '%m')).'&search_datereceipt_startyear='.urlencode(dol_print_date($search_datereceipt_start, '%Y')); + if ($search_datereceipt_end) $param .= '&search_datereceipt_endday='.urlencode(dol_print_date($search_datereceipt_end, '%d')).'&search_datereceipt_endmonth='.urlencode(dol_print_date($search_datereceipt_end, '%m')).'&search_datereceipt_endyear='.urlencode(dol_print_date($search_datereceipt_end, '%Y')); if ($search_product_category != '') $param .= '&search_product_category='.urlencode($search_product_category); if ($search_categ_cus > 0) $param .= '&search_categ_cus='.urlencode($search_categ_cus); From acadef72c1d8bd734573e3afdadff24271f70818 Mon Sep 17 00:00:00 2001 From: Maxime Kohlhaas Date: Fri, 14 May 2021 18:01:22 +0200 Subject: [PATCH 040/105] Fix use supplier relative discount in replenish order creation --- htdocs/product/stock/replenish.php | 3 +++ 1 file changed, 3 insertions(+) diff --git a/htdocs/product/stock/replenish.php b/htdocs/product/stock/replenish.php index dbf07c92d01..5d8e1f4a790 100644 --- a/htdocs/product/stock/replenish.php +++ b/htdocs/product/stock/replenish.php @@ -211,7 +211,9 @@ if ($action == 'order' && isset($_POST['valid'])) if ($resql && $db->num_rows($resql) > 0) { $obj = $db->fetch_object($resql); $order->fetch($obj->rowid); + $order->fetch_thirdparty(); foreach ($supplier['lines'] as $line) { + if(empty($line->remise_percent)) $line->remise_percent = $order->thirdparty->remise_supplier_percent; $result = $order->addline( $line->desc, $line->subprice, @@ -248,6 +250,7 @@ if ($action == 'order' && isset($_POST['valid'])) //trick to know which orders have been generated this way $order->source = 42; foreach ($supplier['lines'] as $line) { + if(empty($line->remise_percent)) $line->remise_percent = $order->thirdparty->remise_supplier_percent; $order->lines[] = $line; } $order->cond_reglement_id = $order->thirdparty->cond_reglement_supplier_id; From cff0b69ce052258f1bbc3a4870c1ad32ba2f4a51 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20FRANCE?= Date: Fri, 14 May 2021 18:30:56 +0200 Subject: [PATCH 041/105] avoid sql error with sql_mode=only_full_group_by SELECT s.rowid as socid, s.nom as name, s.client, t.rowid, t.ref, t.ref_customer as ref_client, t.ref_supplier, SUM(td.total_ht) as total_ht FROM llx_societe as s, llx_contrat as t, llx_contratdet as td WHERE t.fk_soc = s.rowid AND td.fk_contrat = t.rowid AND t.fk_soc IN (2) AND t.entity IN (1)[DB_ERROR_1140] In aggregated query without GROUP BY, expression #4 of SELECT list contains nonaggregated column 'dolibarrdev.t.rowid'; this is incompatible with sql_mode=only_full_group_by --- htdocs/core/class/html.form.class.php | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/htdocs/core/class/html.form.class.php b/htdocs/core/class/html.form.class.php index 625e8e23d57..a0846b2b3ed 100644 --- a/htdocs/core/class/html.form.class.php +++ b/htdocs/core/class/html.form.class.php @@ -7692,8 +7692,12 @@ class Form 'order'=>array('enabled'=>$conf->commande->enabled, 'perms'=>1, 'label'=>'LinkToOrder', 'sql'=>"SELECT s.rowid as socid, s.nom as name, s.client, t.rowid, t.ref, t.ref_client, t.total_ht FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."commande as t WHERE t.fk_soc = s.rowid AND t.fk_soc IN (".$this->db->sanitize($listofidcompanytoscan).') AND t.entity IN ('.getEntity('commande').')'), 'invoice'=>array('enabled'=>$conf->facture->enabled, 'perms'=>1, 'label'=>'LinkToInvoice', 'sql'=>"SELECT s.rowid as socid, s.nom as name, s.client, t.rowid, t.ref, t.ref_client, t.total_ht FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."facture as t WHERE t.fk_soc = s.rowid AND t.fk_soc IN (".$this->db->sanitize($listofidcompanytoscan).') AND t.entity IN ('.getEntity('invoice').')'), 'invoice_template'=>array('enabled'=>$conf->facture->enabled, 'perms'=>1, 'label'=>'LinkToTemplateInvoice', 'sql'=>"SELECT s.rowid as socid, s.nom as name, s.client, t.rowid, t.titre as ref, t.total_ht FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."facture_rec as t WHERE t.fk_soc = s.rowid AND t.fk_soc IN (".$this->db->sanitize($listofidcompanytoscan).') AND t.entity IN ('.getEntity('invoice').')'), - 'contrat'=>array('enabled'=>$conf->contrat->enabled, 'perms'=>1, 'label'=>'LinkToContract', - 'sql'=>"SELECT s.rowid as socid, s.nom as name, s.client, t.rowid, t.ref, t.ref_customer as ref_client, t.ref_supplier, SUM(td.total_ht) as total_ht FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."contrat as t, ".MAIN_DB_PREFIX."contratdet as td WHERE t.fk_soc = s.rowid AND td.fk_contrat = t.rowid AND t.fk_soc IN (".$this->db->sanitize($listofidcompanytoscan).') AND t.entity IN ('.getEntity('contract').')'), + 'contrat'=>array( + 'enabled'=>$conf->contrat->enabled, + 'perms'=>1, + 'label'=>'LinkToContract', + 'sql'=>"SELECT s.rowid as socid, s.nom as name, s.client, t.rowid, t.ref, t.ref_customer as ref_client, t.ref_supplier, SUM(td.total_ht) as total_ht FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."contrat as t, ".MAIN_DB_PREFIX."contratdet as td WHERE t.fk_soc = s.rowid AND td.fk_contrat = t.rowid AND t.fk_soc IN (".$this->db->sanitize($listofidcompanytoscan).') AND t.entity IN ('.getEntity('contract').') GROUP BY t.rowid' + ), 'fichinter'=>array('enabled'=>$conf->ficheinter->enabled, 'perms'=>1, 'label'=>'LinkToIntervention', 'sql'=>"SELECT s.rowid as socid, s.nom as name, s.client, t.rowid, t.ref FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."fichinter as t WHERE t.fk_soc = s.rowid AND t.fk_soc IN (".$this->db->sanitize($listofidcompanytoscan).') AND t.entity IN ('.getEntity('intervention').')'), 'supplier_proposal'=>array('enabled'=>$conf->supplier_proposal->enabled, 'perms'=>1, 'label'=>'LinkToSupplierProposal', 'sql'=>"SELECT s.rowid as socid, s.nom as name, s.client, t.rowid, t.ref, '' as ref_supplier, t.total_ht FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."supplier_proposal as t WHERE t.fk_soc = s.rowid AND t.fk_soc IN (".$this->db->sanitize($listofidcompanytoscan).') AND t.entity IN ('.getEntity('supplier_proposal').')'), 'order_supplier'=>array('enabled'=>$conf->supplier_order->enabled, 'perms'=>1, 'label'=>'LinkToSupplierOrder', 'sql'=>"SELECT s.rowid as socid, s.nom as name, s.client, t.rowid, t.ref, t.ref_supplier, t.total_ht FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."commande_fournisseur as t WHERE t.fk_soc = s.rowid AND t.fk_soc IN (".$this->db->sanitize($listofidcompanytoscan).') AND t.entity IN ('.getEntity('commande_fournisseur').')'), From 8f49c68aa502835cb621b9535b116c38d5290492 Mon Sep 17 00:00:00 2001 From: Anthony Berton <34568357+bb2a@users.noreply.github.com> Date: Sat, 15 May 2021 01:14:28 +0200 Subject: [PATCH 042/105] Update .gitignore --- .gitignore | 1 + 1 file changed, 1 insertion(+) diff --git a/.gitignore b/.gitignore index 371c8be2f5e..6ccdb28f67d 100644 --- a/.gitignore +++ b/.gitignore @@ -55,3 +55,4 @@ yarn.lock package-lock.json doc/install.lock +desktop.ini From 1d7765ce125eec6ba462d4dd8e468074e98803c3 Mon Sep 17 00:00:00 2001 From: Anthony Berton <34568357+bb2a@users.noreply.github.com> Date: Sat, 15 May 2021 02:29:15 +0200 Subject: [PATCH 043/105] update phone and address in popup --- htdocs/comm/propal/card.php | 1 - htdocs/commande/card.php | 1 - htdocs/compta/facture/card.php | 1 - htdocs/societe/class/societe.class.php | 12 ++++++++++-- 4 files changed, 10 insertions(+), 5 deletions(-) diff --git a/htdocs/comm/propal/card.php b/htdocs/comm/propal/card.php index 8039e3361ec..229303849f0 100644 --- a/htdocs/comm/propal/card.php +++ b/htdocs/comm/propal/card.php @@ -1991,7 +1991,6 @@ if ($action == 'create') { $morehtmlref .= '
'.$langs->trans('ThirdParty').' : '.$object->thirdparty->getNomUrl(1, 'customer'); if (empty($conf->global->MAIN_DISABLE_OTHER_LINK) && $object->thirdparty->id > 0) { $morehtmlref .= ' ('.$langs->trans("OtherProposals").')'; - $morehtmlref .= '
'.$langs->trans("Phone").' : '.dol_print_phone($object->thirdparty->phone, $obj->country_code, 0, $obj->rowid, 'AC_TEL', ' ', 'phone'); } // Project if (!empty($conf->projet->enabled)) { diff --git a/htdocs/commande/card.php b/htdocs/commande/card.php index 01ad66a0af6..f63b02c035e 100644 --- a/htdocs/commande/card.php +++ b/htdocs/commande/card.php @@ -2020,7 +2020,6 @@ if ($action == 'create' && $usercancreate) { $morehtmlref .= '
'.$langs->trans('ThirdParty').' : '.$soc->getNomUrl(1); if (empty($conf->global->MAIN_DISABLE_OTHER_LINK) && $object->thirdparty->id > 0) { $morehtmlref .= ' ('.$langs->trans("OtherOrders").')'; - $morehtmlref .= '
'.$langs->trans("Phone").' : '.dol_print_phone($object->thirdparty->phone, $obj->country_code, 0, $obj->rowid, 'AC_TEL', ' ', 'phone'); } // Project if (!empty($conf->projet->enabled)) { diff --git a/htdocs/compta/facture/card.php b/htdocs/compta/facture/card.php index b4126f1434c..252b8ac65a2 100644 --- a/htdocs/compta/facture/card.php +++ b/htdocs/compta/facture/card.php @@ -4157,7 +4157,6 @@ if ($action == 'create') { $morehtmlref .= '
'.$langs->trans('ThirdParty').' : '.$object->thirdparty->getNomUrl(1, 'customer'); if (empty($conf->global->MAIN_DISABLE_OTHER_LINK) && $object->thirdparty->id > 0) { $morehtmlref .= ' ('.$langs->trans("OtherBills").')'; - $morehtmlref .= '
'.$langs->trans("Phone").' : '.dol_print_phone($object->thirdparty->phone, $obj->country_code, 0, $obj->rowid, 'AC_TEL', ' ', 'phone'); } // Project if (!empty($conf->projet->enabled)) { diff --git a/htdocs/societe/class/societe.class.php b/htdocs/societe/class/societe.class.php index defcc71a3e5..d207c690a69 100644 --- a/htdocs/societe/class/societe.class.php +++ b/htdocs/societe/class/societe.class.php @@ -2560,8 +2560,16 @@ class Societe extends CommonObject } } $label .= '
'.$langs->trans('Email').': '.$this->email; - if (!empty($this->country_code)) { - $label .= '
'.$langs->trans('Country').': '.$this->country_code; + $phonelist = array(); + if ($this->phone) { + $phonelist[] = dol_print_phone($this->phone, $this->country_code, $this->id, 0, '', ' ', 'phone'); + } + if ($this->fax) { + $phonelist[] = dol_print_phone($this->fax, $this->country_code, $this->id, 0, '', ' ', 'fax'); + } + $label .= '
'.$langs->trans('Phone').': '.implode(' ', $phonelist); + if (!empty($this->address)) { + $label .= '
'.$langs->trans("Address").': '.dol_format_address($this, 1, ' ', $langs); } if (!empty($this->tva_intra) || (!empty($conf->global->SOCIETE_SHOW_FIELD_IN_TOOLTIP) && strpos($conf->global->SOCIETE_SHOW_FIELD_IN_TOOLTIP, 'vatnumber') !== false)) { $label .= '
'.$langs->trans('VATIntra').': '.dol_escape_htmltag($this->tva_intra); From 3cccdea20b5b89b2dab8e6d97d4c615ccc0217f3 Mon Sep 17 00:00:00 2001 From: Anthony Berton <34568357+bb2a@users.noreply.github.com> Date: Sat, 15 May 2021 02:31:08 +0200 Subject: [PATCH 044/105] Update .gitignore --- .gitignore | 6 ------ 1 file changed, 6 deletions(-) diff --git a/.gitignore b/.gitignore index 6ccdb28f67d..db04b277351 100644 --- a/.gitignore +++ b/.gitignore @@ -50,9 +50,3 @@ node_modules/ #yarn yarn.lock - -#package-lock -package-lock.json - -doc/install.lock -desktop.ini From 5deff6676a9cc0eede19b840f6c8e7ec98ee85fe Mon Sep 17 00:00:00 2001 From: Anthony Berton <34568357+bb2a@users.noreply.github.com> Date: Sat, 15 May 2021 02:31:33 +0200 Subject: [PATCH 045/105] Update .gitignore --- .gitignore | 3 --- 1 file changed, 3 deletions(-) diff --git a/.gitignore b/.gitignore index db04b277351..7b3fc6cb353 100644 --- a/.gitignore +++ b/.gitignore @@ -47,6 +47,3 @@ htdocs/.well-known/apple-developer-merchantid-domain-association build/yarn-error.log build/node_modules/ node_modules/ - -#yarn -yarn.lock From dc8c746057ad3b2ef62173bab17285a4e6696213 Mon Sep 17 00:00:00 2001 From: Anthony Berton <34568357+bb2a@users.noreply.github.com> Date: Sat, 15 May 2021 02:32:07 +0200 Subject: [PATCH 046/105] Update .gitignore --- .gitignore | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/.gitignore b/.gitignore index 7b3fc6cb353..eab591c9904 100644 --- a/.gitignore +++ b/.gitignore @@ -43,6 +43,13 @@ htdocs/includes/squizlabs/ htdocs/includes/webmozart/ htdocs/.well-known/apple-developer-merchantid-domain-association +#yarn +yarn.lock + +#package-lock +package-lock.json + +doc/install.lock # Node Modules build/yarn-error.log build/node_modules/ From b3358046805a62e2a95410687289e228704db3e9 Mon Sep 17 00:00:00 2001 From: Anthony Berton <34568357+bb2a@users.noreply.github.com> Date: Sat, 15 May 2021 02:32:47 +0200 Subject: [PATCH 047/105] Update .gitignore --- .gitignore | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/.gitignore b/.gitignore index eab591c9904..371c8be2f5e 100644 --- a/.gitignore +++ b/.gitignore @@ -43,6 +43,11 @@ htdocs/includes/squizlabs/ htdocs/includes/webmozart/ htdocs/.well-known/apple-developer-merchantid-domain-association +# Node Modules +build/yarn-error.log +build/node_modules/ +node_modules/ + #yarn yarn.lock @@ -50,7 +55,3 @@ yarn.lock package-lock.json doc/install.lock -# Node Modules -build/yarn-error.log -build/node_modules/ -node_modules/ From 334f37052c4a02984ab922360b2a2c7ad054fd35 Mon Sep 17 00:00:00 2001 From: Anthony Berton <34568357+bb2a@users.noreply.github.com> Date: Sat, 15 May 2021 02:36:56 +0200 Subject: [PATCH 048/105] Update card.php --- htdocs/projet/card.php | 1 - 1 file changed, 1 deletion(-) diff --git a/htdocs/projet/card.php b/htdocs/projet/card.php index c6fb5d5963b..3c2d5b02829 100644 --- a/htdocs/projet/card.php +++ b/htdocs/projet/card.php @@ -992,7 +992,6 @@ if ($action == 'create' && $user->rights->projet->creer) { $morehtmlref .= '
'.$langs->trans('ThirdParty').' : '; if ($object->thirdparty->id > 0) { $morehtmlref .= $object->thirdparty->getNomUrl(1, 'project'); - $morehtmlref .= '
'.$langs->trans("Phone").' : '.dol_print_phone($object->thirdparty->phone, $obj->country_code, 0, $obj->rowid, 'AC_TEL', ' ', 'phone'); } $morehtmlref .= ''; From db32f882e8f03eb833dc59cd6cd45d8e32d88f27 Mon Sep 17 00:00:00 2001 From: Maxime Kohlhaas Date: Sat, 15 May 2021 07:45:04 +0200 Subject: [PATCH 049/105] Fix use of DatePropal instead of Date --- htdocs/comm/propal/card.php | 6 +++--- htdocs/comm/propal/list.php | 2 +- htdocs/core/modules/propale/doc/pdf_azur.modules.php | 2 +- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/htdocs/comm/propal/card.php b/htdocs/comm/propal/card.php index 32994e816de..ada520c293b 100644 --- a/htdocs/comm/propal/card.php +++ b/htdocs/comm/propal/card.php @@ -325,7 +325,7 @@ if (empty($reshook)) $duration = GETPOST('duree_validite', 'int'); if (empty($datep)) { - setEventMessages($langs->trans("ErrorFieldRequired", $langs->transnoentitiesnoconv("Date")), null, 'errors'); + setEventMessages($langs->trans("ErrorFieldRequired", $langs->transnoentitiesnoconv("DatePropal")), null, 'errors'); $action = 'create'; $error++; } @@ -1614,7 +1614,7 @@ if ($action == 'create') } // Date - print ''; @@ -2044,7 +2044,7 @@ if ($action == 'create') print ''; print '
'; print $contact->getNomUrl(1, 'category'); + if ($objsoc->id > 0) { + print ' - '; + print $objsoc->getNomUrl(1, 'contact'); + } print "'; From 79b51baa3de47e9f4dd633dd6a05811d21fd8b5e Mon Sep 17 00:00:00 2001 From: stickler-ci Date: Wed, 12 May 2021 22:46:09 +0000 Subject: [PATCH 032/105] Fixing style errors. --- htdocs/categories/viewcat.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/categories/viewcat.php b/htdocs/categories/viewcat.php index d1f15d4997c..b62bc3bcb0f 100644 --- a/htdocs/categories/viewcat.php +++ b/htdocs/categories/viewcat.php @@ -769,7 +769,7 @@ if ($type == Categorie::TYPE_CONTACT) { } $objsoc->fetch($contact->socid); - + print "\t".'
'; print $contact->getNomUrl(1, 'category'); From d37e66629e61be3487a036633cb80e499d8bbaa9 Mon Sep 17 00:00:00 2001 From: snyk-bot Date: Thu, 13 May 2021 02:23:35 +0000 Subject: [PATCH 033/105] fix: dev/examples/zapier/package.json to reduce vulnerabilities The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JS-LODASH-1018905 - https://snyk.io/vuln/SNYK-JS-LODASH-1040724 --- dev/examples/zapier/package.json | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/dev/examples/zapier/package.json b/dev/examples/zapier/package.json index 4266a6f00b1..cc0768a27ef 100644 --- a/dev/examples/zapier/package.json +++ b/dev/examples/zapier/package.json @@ -15,7 +15,7 @@ "npm": ">=5.6.0" }, "dependencies": { - "zapier-platform-core": "10.1.2" + "zapier-platform-core": "11.0.0" }, "devDependencies": { "mocha": "^5.2.0", From b9336570ff65d161c434302110576520310e9956 Mon Sep 17 00:00:00 2001 From: ptibogxiv Date: Thu, 13 May 2021 10:26:09 +0200 Subject: [PATCH 034/105] NEW report contact/adresses on credit note from invoice keep same contact/adresses from source invoice (ir: usefull for correct notifications) --- htdocs/compta/facture/card.php | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/htdocs/compta/facture/card.php b/htdocs/compta/facture/card.php index 48b7c505264..6dd4d050b8b 100644 --- a/htdocs/compta/facture/card.php +++ b/htdocs/compta/facture/card.php @@ -1093,6 +1093,19 @@ if (empty($reshook)) { } } $id = $object->create($user); + if ($id < 0) { + $error++; + } else { + // copy internal contacts + if ($object->copy_linked_contact($facture_source, 'internal') < 0) { + $error++; + } elseif ($facture_source->socid == $object->socid) { + // copy external contacts if same company + if ($object->copy_linked_contact($facture_source, 'external') < 0) { + $error++; + } + } + } // NOTE: Pb with situation invoice // NOTE: fields total on situation invoice are stored as cumulative values on total of lines (bad) but delta on invoice total From 05ea8761a1156f342afb7743fe48e260cffc384f Mon Sep 17 00:00:00 2001 From: stickler-ci Date: Thu, 13 May 2021 08:28:14 +0000 Subject: [PATCH 035/105] Fixing style errors. --- htdocs/compta/facture/card.php | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/htdocs/compta/facture/card.php b/htdocs/compta/facture/card.php index 6dd4d050b8b..e5b4b2d2398 100644 --- a/htdocs/compta/facture/card.php +++ b/htdocs/compta/facture/card.php @@ -1093,19 +1093,19 @@ if (empty($reshook)) { } } $id = $object->create($user); - if ($id < 0) { - $error++; - } else { - // copy internal contacts - if ($object->copy_linked_contact($facture_source, 'internal') < 0) { - $error++; - } elseif ($facture_source->socid == $object->socid) { - // copy external contacts if same company - if ($object->copy_linked_contact($facture_source, 'external') < 0) { + if ($id < 0) { $error++; + } else { + // copy internal contacts + if ($object->copy_linked_contact($facture_source, 'internal') < 0) { + $error++; + } elseif ($facture_source->socid == $object->socid) { + // copy external contacts if same company + if ($object->copy_linked_contact($facture_source, 'external') < 0) { + $error++; + } + } } - } - } // NOTE: Pb with situation invoice // NOTE: fields total on situation invoice are stored as cumulative values on total of lines (bad) but delta on invoice total From c577d1c51eeb16c3abb33c022502d57b011aae5b Mon Sep 17 00:00:00 2001 From: Ferran Marcet Date: Thu, 13 May 2021 13:35:28 +0200 Subject: [PATCH 036/105] FIX: Impossible to add multiple localtax2 --- htdocs/admin/dict.php | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/htdocs/admin/dict.php b/htdocs/admin/dict.php index b7f65ddf91f..fbe7d924cbc 100644 --- a/htdocs/admin/dict.php +++ b/htdocs/admin/dict.php @@ -9,7 +9,7 @@ * Copyright (C) 2012-2015 Marcos García * Copyright (C) 2012 Christophe Battarel * Copyright (C) 2011-2016 Alexandre Spangaro - * Copyright (C) 2015 Ferran Marcet + * Copyright (C) 2015-2021 Ferran Marcet * Copyright (C) 2016 Raphaël Doursenaud * Copyright (C) 2019 Frédéric France * @@ -777,6 +777,9 @@ if (GETPOST('actionadd') || GETPOST('actionmodify')) elseif (in_array($keycode, array('joinfile', 'private', 'position', 'scale'))) { $sql .= (int) GETPOST($keycode, 'int'); } + elseif ($keycode == 'localtax2') { + $sql .= "'".GETPOST($keycode, 'alpha')."'"; + } else { $sql .= "'".$db->escape(GETPOST($keycode, 'nohtml'))."'"; } @@ -843,6 +846,9 @@ if (GETPOST('actionadd') || GETPOST('actionmodify')) elseif (in_array($keycode, array('private', 'position', 'scale'))) { $sql .= (int) GETPOST($keycode, 'int'); } + elseif ($keycode == 'localtax2') { + $sql .= "'".GETPOST($keycode, 'alpha')."'"; + } else { $sql .= "'".$db->escape(GETPOST($keycode, 'nohtml'))."'"; } From 009588e04d69ddfe8caae2197e4c26b9a656857b Mon Sep 17 00:00:00 2001 From: Francis Appels Date: Fri, 14 May 2021 11:02:55 +0200 Subject: [PATCH 037/105] fix implode on string for formproduct loadwarehouse --- htdocs/product/class/html.formproduct.class.php | 14 +++++--------- htdocs/product/stock/stockatdate.php | 2 +- 2 files changed, 6 insertions(+), 10 deletions(-) diff --git a/htdocs/product/class/html.formproduct.class.php b/htdocs/product/class/html.formproduct.class.php index a5f28c50ee8..69429677c27 100644 --- a/htdocs/product/class/html.formproduct.class.php +++ b/htdocs/product/class/html.formproduct.class.php @@ -66,13 +66,13 @@ class FormProduct * 'warehouseclosed' = select products from closed warehouses, * 'warehouseinternal' = select products from warehouses for internal correct/transfer only * @param boolean $sumStock sum total stock of a warehouse, default true - * @param string $exclude warehouses ids to exclude + * @param array $exclude warehouses ids to exclude * @param bool|int $stockMin [=false] Value of minimum stock to filter or false not not filter by minimum stock * @param string $orderBy [='e.ref'] Order by * @return int Nb of loaded lines, 0 if already loaded, <0 if KO * @throws Exception */ - public function loadWarehouses($fk_product = 0, $batch = '', $status = '', $sumStock = true, $exclude = '', $stockMin = false, $orderBy = 'e.ref') + public function loadWarehouses($fk_product = 0, $batch = '', $status = '', $sumStock = true, $exclude = array(), $stockMin = false, $orderBy = 'e.ref') { global $conf, $langs; @@ -80,10 +80,6 @@ class FormProduct return 0; // Cache already loaded and we do not want a list with information specific to a product } - if (is_array($exclude)) { - $excludeGroups = implode("','", $exclude); - } - $warehouseStatus = array(); if (preg_match('/warehouseclosed/', $status)) { @@ -121,7 +117,7 @@ class FormProduct $sql .= " AND e.statut = 1"; } - if (!empty($exclude)) { + if (is_array($exclude) && !empty($exclude)) { $sql .= ' AND e.rowid NOT IN('.$this->db->sanitize(implode(',', $exclude)).')'; } @@ -220,7 +216,7 @@ class FormProduct * @param int $forcecombo 1=Force combo iso ajax select2 * @param array $events Events to add to select2 * @param string $morecss Add more css classes to HTML select - * @param string $exclude Warehouses ids to exclude + * @param array $exclude Warehouses ids to exclude * @param int $showfullpath 1=Show full path of name (parent ref into label), 0=Show only ref of current warehouse * @param bool|int $stockMin [=false] Value of minimum stock to filter or false not not filter by minimum stock * @param string $orderBy [='e.ref'] Order by @@ -228,7 +224,7 @@ class FormProduct * * @throws Exception */ - public function selectWarehouses($selected = '', $htmlname = 'idwarehouse', $filterstatus = '', $empty = 0, $disabled = 0, $fk_product = 0, $empty_label = '', $showstock = 0, $forcecombo = 0, $events = array(), $morecss = 'minwidth200', $exclude = '', $showfullpath = 1, $stockMin = false, $orderBy = 'e.ref') + public function selectWarehouses($selected = '', $htmlname = 'idwarehouse', $filterstatus = '', $empty = 0, $disabled = 0, $fk_product = 0, $empty_label = '', $showstock = 0, $forcecombo = 0, $events = array(), $morecss = 'minwidth200', $exclude = array(), $showfullpath = 1, $stockMin = false, $orderBy = 'e.ref') { global $conf, $langs, $user, $hookmanager; diff --git a/htdocs/product/stock/stockatdate.php b/htdocs/product/stock/stockatdate.php index 788c75f1141..b36d530d624 100644 --- a/htdocs/product/stock/stockatdate.php +++ b/htdocs/product/stock/stockatdate.php @@ -363,7 +363,7 @@ print $form->select_produits($productid, 'productid', '', 0, 0, -1, 2, '', 0, ar print '   '; print img_picto('', 'stock').' '; print $langs->trans('Warehouse').' '; -print $formproduct->selectWarehouses((GETPOSTISSET('fk_warehouse') ? $fk_warehouse : 'ifone'), 'fk_warehouse', '', 1, 0, 0, '', 0, 0, null, '', '', 1, false, 'e.ref'); +print $formproduct->selectWarehouses((GETPOSTISSET('fk_warehouse') ? $fk_warehouse : 'ifone'), 'fk_warehouse', '', 1, 0, 0, '', 0, 0, null, '', null, 1, false, 'e.ref'); print ''; $parameters = array(); From ce6df0ee4acb165cc685091e37f7419d462b232f Mon Sep 17 00:00:00 2001 From: Ferran Marcet Date: Fri, 14 May 2021 13:50:12 +0200 Subject: [PATCH 038/105] FIX: Filter of the dates in the lists is lost --- htdocs/comm/propal/list.php | 14 +++++++------- htdocs/commande/list.php | 12 +++++------- htdocs/compta/facture/list.php | 14 +++++++------- htdocs/expedition/list.php | 14 +++++++------- 4 files changed, 26 insertions(+), 28 deletions(-) diff --git a/htdocs/comm/propal/list.php b/htdocs/comm/propal/list.php index 5190adb379a..8060bc94698 100644 --- a/htdocs/comm/propal/list.php +++ b/htdocs/comm/propal/list.php @@ -10,7 +10,7 @@ * Copyright (C) 2012 Christophe Battarel * Copyright (C) 2013 Cédric Salvador * Copyright (C) 2015 Jean-François Ferry - * Copyright (C) 2016-2018 Ferran Marcet + * Copyright (C) 2016-2021 Ferran Marcet * Copyright (C) 2017-2018 Charlene Benke * Copyright (C) 2018 Nicolas ZABOURI * Copyright (C) 2019 Alexandre Spangaro @@ -504,12 +504,12 @@ if ($resql) if (!empty($contextpage) && $contextpage != $_SERVER["PHP_SELF"]) $param .= '&contextpage='.urlencode($contextpage); if ($limit > 0 && $limit != $conf->liste_limit) $param .= '&limit='.urlencode($limit); if ($sall) $param .= '&sall='.urlencode($sall); - if ($search_date_start) $param .= '&search_date_start='.urlencode($search_date_start); - if ($search_date_end) $param .= '&search_date_end='.urlencode($search_date_end); - if ($search_dateend_start) $param .= '&search_dateend_start='.urlencode($search_dateend_start); - if ($search_dateend_end) $param .= '&search_dateend_end='.urlencode($search_dateend_end); - if ($search_datedelivery_start) $param .= '&search_datedelivery_start='.urlencode($search_datedelivery_start); - if ($search_datedelivery_end) $param .= '&search_datedelivery_end='.urlencode($search_datedelivery_end); + if ($search_date_start) $param .= '&search_date_startday='.urlencode(dol_print_date($search_date_start,'%d')).'&search_date_startmonth='.urlencode(dol_print_date($search_date_start,'%m')).'&search_date_startyear='.urlencode(dol_print_date($search_date_start,'%Y')); + if ($search_date_end) $param .= '&search_date_endday='.urlencode(dol_print_date($search_date_end,'%d')).'&search_date_endmonth='.urlencode(dol_print_date($search_date_end,'%m')).'&search_date_endyear='.urlencode(dol_print_date($search_date_end,'%Y')); + if ($search_dateend_start) $param .= '&search_dateend_startday='.urlencode(dol_print_date($search_dateend_start,'%d')).'&search_dateend_startmonth='.urlencode(dol_print_date($search_dateend_start,'%m')).'&search_dateend_startyear='.urlencode(dol_print_date($search_dateend_start,'%Y')); + if ($search_dateend_end) $param .= '&search_dateend_endday='.urlencode(dol_print_date($search_dateend_end,'%d')).'&search_dateend_endmonth='.urlencode(dol_print_date($search_dateend_end,'%m')).'&search_dateend_endyear='.urlencode(dol_print_date($search_dateend_end,'%Y')); + if ($search_datedelivery_start) $param .= '&search_datedelivery_startday='.urlencode(dol_print_date($search_datedelivery_start,'%d')).'&search_datedelivery_startmonth='.urlencode(dol_print_date($search_datedelivery_start,'%m')).'&search_datedelivery_startyear='.urlencode(dol_print_date($search_datedelivery_start,'%Y')); + if ($search_datedelivery_end) $param .= '&search_datedelivery_endday='.urlencode(dol_print_date($search_datedelivery_end,'%d')).'&search_datedelivery_endmonth='.urlencode(dol_print_date($search_datedelivery_end,'%m')).'&search_datedelivery_endyear='.urlencode(dol_print_date($search_datedelivery_end,'%Y')); if ($search_ref) $param .= '&search_ref='.urlencode($search_ref); if ($search_refcustomer) $param .= '&search_refcustomer='.urlencode($search_refcustomer); if ($search_refproject) $param .= '&search_refproject='.urlencode($search_refproject); diff --git a/htdocs/commande/list.php b/htdocs/commande/list.php index 3efa8f534a4..9b3e865e459 100644 --- a/htdocs/commande/list.php +++ b/htdocs/commande/list.php @@ -9,7 +9,7 @@ * Copyright (C) 2015-2018 Frédéric France * Copyright (C) 2015 Marcos García * Copyright (C) 2015 Jean-François Ferry - * Copyright (C) 2016 Ferran Marcet + * Copyright (C) 2016-2021 Ferran Marcet * Copyright (C) 2018 Charlene Benke * * This program is free software; you can redistribute it and/or modify @@ -55,10 +55,8 @@ $confirm = GETPOST('confirm', 'alpha'); $toselect = GETPOST('toselect', 'array'); $contextpage = GETPOST('contextpage', 'aZ') ?GETPOST('contextpage', 'aZ') : 'orderlist'; -$search_datecloture_start = GETPOST('search_datecloture_start', 'int'); -if (empty($search_datecloture_start)) $search_datecloture_start = dol_mktime(0, 0, 0, GETPOST('search_datecloture_startmonth', 'int'), GETPOST('search_datecloture_startday', 'int'), GETPOST('search_datecloture_startyear', 'int')); -$search_datecloture_end = GETPOST('search_datecloture_end', 'int'); -if (empty($search_datecloture_end)) $search_datecloture_end = dol_mktime(23, 59, 59, GETPOST('search_datecloture_endmonth', 'int'), GETPOST('search_datecloture_endday', 'int'), GETPOST('search_datecloture_endyear', 'int')); +$search_datecloture_start = dol_mktime(0, 0, 0, GETPOST('search_datecloture_startmonth', 'int'), GETPOST('search_datecloture_startday', 'int'), GETPOST('search_datecloture_startyear', 'int')); +$search_datecloture_end = dol_mktime(23, 59, 59, GETPOST('search_datecloture_endmonth', 'int'), GETPOST('search_datecloture_endday', 'int'), GETPOST('search_datecloture_endyear', 'int')); $search_dateorder_start = dol_mktime(0, 0, 0, GETPOST('search_dateorder_start_month', 'int'), GETPOST('search_dateorder_start_day', 'int'), GETPOST('search_dateorder_start_year', 'int')); $search_dateorder_end = dol_mktime(23, 59, 59, GETPOST('search_dateorder_end_month', 'int'), GETPOST('search_dateorder_end_day', 'int'), GETPOST('search_dateorder_end_year', 'int')); $search_datedelivery_start = dol_mktime(0, 0, 0, GETPOST('search_datedelivery_start_month', 'int'), GETPOST('search_datedelivery_start_day', 'int'), GETPOST('search_datedelivery_start_year', 'int')); @@ -446,8 +444,8 @@ if ($resql) if ($sall) $param .= '&sall='.urlencode($sall); if ($socid > 0) $param .= '&socid='.urlencode($socid); if ($search_status != '') $param .= '&search_status='.urlencode($search_status); - if ($search_datecloture_start) $param .= '&search_datecloture_start='.urlencode($search_datecloture_start); - if ($search_datecloture_end) $param .= '&search_datecloture_end='.urlencode($search_datecloture_end); + if ($search_datecloture_start) $param .= '&search_datecloture_startday='.dol_print_date($search_datecloture_start, '%d').'&search_datecloture_startmonth='.dol_print_date($search_datecloture_start, '%m').'&search_datecloture_startyear='.dol_print_date($search_datecloture_start, '%Y'); + if ($search_datecloture_end) $param .= '&search_datecloture_endday='.dol_print_date($search_datecloture_end, '%d').'&search_datecloture_endmonth='.dol_print_date($search_datecloture_end, '%m').'&search_datecloture_endyear='.dol_print_date($search_datecloture_end, '%Y'); if ($search_dateorder_start) $param .= '&search_dateorder_start_day='.dol_print_date($search_dateorder_start, '%d').'&search_dateorder_start_month='.dol_print_date($search_dateorder_start, '%m').'&search_dateorder_start_year='.dol_print_date($search_dateorder_start, '%Y'); if ($search_dateorder_end) $param .= '&search_dateorder_end_day='.dol_print_date($search_dateorder_end, '%d').'&search_dateorder_end_month='.dol_print_date($search_dateorder_end, '%m').'&search_dateorder_end_year='.dol_print_date($search_dateorder_end, '%Y'); if ($search_datedelivery_start) $param .= '&search_datedelivery_start_day='.dol_print_date($search_datedelivery_start, '%d').'&search_datedelivery_start_month='.dol_print_date($search_datedelivery_start, '%m').'&search_datedelivery_start_year='.dol_print_date($search_datedelivery_start, '%Y'); diff --git a/htdocs/compta/facture/list.php b/htdocs/compta/facture/list.php index f427466c560..78cee038107 100644 --- a/htdocs/compta/facture/list.php +++ b/htdocs/compta/facture/list.php @@ -10,7 +10,7 @@ * Copyright (C) 2013 Florian Henry * Copyright (C) 2013 Cédric Salvador * Copyright (C) 2015 Jean-François Ferry - * Copyright (C) 2015-2016 Ferran Marcet + * Copyright (C) 2015-2021 Ferran Marcet * Copyright (C) 2017 Josep Lluís Amador * Copyright (C) 2018 Charlene Benke * Copyright (C) 2019 Alexandre Spangaro @@ -616,12 +616,12 @@ if ($resql) if (!empty($contextpage) && $contextpage != $_SERVER["PHP_SELF"]) $param .= '&contextpage='.urlencode($contextpage); if ($limit > 0 && $limit != $conf->liste_limit) $param .= '&limit='.urlencode($limit); if ($sall) $param .= '&sall='.urlencode($sall); - if ($search_date_start) $param .= '&search_date_start='.urlencode($search_date_start); - if ($search_date_end) $param .= '&search_date_end='.urlencode($search_date_end); - if ($search_date_valid_start) $param .= '&search_date_valid_start='.urlencode($search_date_valid_start); - if ($search_date_valid_end) $param .= '&search_date_valid_end='.urlencode($search_date_valid_end); - if ($search_datelimit_start) $param .= '&search_datelimit_start='.urlencode($search_datelimit_start); - if ($search_datelimit_end) $param .= '&search_datelimit_end='.urlencode($search_datelimit_end); + if ($search_date_start) $param .= '&search_date_startday='.urlencode(dol_print_date($search_date_start,'%d')).'&search_date_startmonth='.urlencode(dol_print_date($search_date_start,'%m')).'&search_date_startyear='.urlencode(dol_print_date($search_date_start,'%Y')); + if ($search_date_end) $param .= '&search_date_endday='.urlencode(dol_print_date($search_date_end,'%d')).'&search_date_endmonth='.urlencode(dol_print_date($search_date_end,'%m')).'&search_date_endyear='.urlencode(dol_print_date($search_date_end,'%Y')); + if ($search_date_valid_start) $param .= '&search_date_valid_startday='.urlencode(dol_print_date($search_date_valid_start,'%d')).'&search_date_valid_startmonth='.urlencode(dol_print_date($search_date_valid_start,'%m')).'&search_date_valid_startyear='.urlencode(dol_print_date($search_date_valid_start,'%Y')); + if ($search_date_valid_end) $param .= '&search_date_valid_endday='.urlencode(dol_print_date($search_date_valid_end,'%d')).'&search_date_valid_endmonth='.urlencode(dol_print_date($search_date_valid_end,'%m')).'&search_date_valid_endyear='.urlencode(dol_print_date($search_date_valid_end,'%Y')); + if ($search_datelimit_start) $param .= '&search_datelimit_startday='.urlencode(dol_print_date($search_datelimit_start,'%d')).'&search_datelimit_startmonth='.urlencode(dol_print_date($search_datelimit_start,'%m')).'&search_datelimit_startyear='.urlencode(dol_print_date($search_datelimit_start,'%Y')); + if ($search_datelimit_end) $param .= '&search_datelimit_endday='.urlencode(dol_print_date($search_datelimit_end,'%d')).'&search_datelimit_endmonth='.urlencode(dol_print_date($search_datelimit_end,'%m')).'&search_datelimit_endyear='.urlencode(dol_print_date($search_datelimit_end,'%Y')); if ($search_ref) $param .= '&search_ref='.urlencode($search_ref); if ($search_refcustomer) $param .= '&search_refcustomer='.urlencode($search_refcustomer); if ($search_project_ref) $param .= '&search_project_ref='.urlencode($search_project_ref); diff --git a/htdocs/expedition/list.php b/htdocs/expedition/list.php index 20bb6f298cb..2de5a755b72 100644 --- a/htdocs/expedition/list.php +++ b/htdocs/expedition/list.php @@ -2,7 +2,7 @@ /* Copyright (C) 2001-2005 Rodolphe Quiedeville * Copyright (C) 2004-2015 Laurent Destailleur * Copyright (C) 2005-2010 Regis Houssin - * Copyright (C) 2016-2018 Ferran Marcet + * Copyright (C) 2016-2021 Ferran Marcet * Copyright (C) 2019 Nicolas ZABOURI * Copyright (C) 2020 Thibault FOUCART * @@ -340,10 +340,10 @@ if ($resql) if ($search_town) $param .= '&search_town='.urlencode($search_town); if ($search_zip) $param .= '&search_zip='.urlencode($search_zip); - if ($search_datedelivery_start) $param .= '&search_datedelivery_start='.urlencode($search_datedelivery_start); - if ($search_datedelivery_end) $param .= '&search_datedelivery_end='.urlencode($search_datedelivery_end); - if ($search_datereceipt_start) $param .= '&search_datereceipt_start='.urlencode($search_datereceipt_start); - if ($search_datereceipt_end) $param .= '&search_datereceipt_end='.urlencode($search_datereceipt_end); + if ($search_datedelivery_start) $param .= '&search_datedelivery_startday='.urlencode(dol_print_date($search_datedelivery_start,'%d')).'&search_datedelivery_startmonth='.urlencode(dol_print_date($search_datedelivery_start,'%m')).'&search_datedelivery_startyear='.urlencode(dol_print_date($search_datedelivery_start,'%Y')); + if ($search_datedelivery_end) $param .= '&search_datedelivery_endday='.urlencode(dol_print_date($search_datedelivery_end,'%d')).'&search_datedelivery_endmonth='.urlencode(dol_print_date($search_datedelivery_end,'%m')).'&search_datedelivery_endyear='.urlencode(dol_print_date($search_datedelivery_end,'%Y')); + if ($search_datereceipt_start) $param .= '&search_datereceipt_startday='.urlencode(dol_print_date($search_datereceipt_start,'%d')).'&search_datereceipt_startmonth='.urlencode(dol_print_date($search_datereceipt_start,'%m')).'&search_datereceipt_startyear='.urlencode(dol_print_date($search_datereceipt_start,'%Y')); + if ($search_datereceipt_end) $param .= '&search_datereceipt_endday='.urlencode(dol_print_date($search_datereceipt_end,'%d')).'&search_datereceipt_endmonth='.urlencode(dol_print_date($search_datereceipt_end,'%m')).'&search_datereceipt_endyear='.urlencode(dol_print_date($search_datereceipt_end,'%Y')); if ($search_product_category != '') $param .= '&search_product_category='.urlencode($search_product_category); if ($search_categ_cus > 0) $param .= '&search_categ_cus='.urlencode($search_categ_cus); @@ -506,11 +506,11 @@ if ($resql) print ''; print '
'; print $langs->trans('From').' '; - print $form->selectDate($search_delivery_start ? $search_delivery_start : -1, 'search_delivery_start', 0, 0, 1); + print $form->selectDate($search_datedelivery_start ? $search_datedelivery_start : -1, 'search_datedelivery_start', 0, 0, 1); print '
'; print '
'; print $langs->trans('to').' '; - print $form->selectDate($search_delivery_end ? $search_delivery_end : -1, 'search_delivery_end', 0, 0, 1); + print $form->selectDate($search_datedelivery_end ? $search_datedelivery_end : -1, 'search_datedelivery_end', 0, 0, 1); print '
'; print '
'.$langs->trans('Date').''; + print '
'.$langs->trans('DatePropal').''; print $form->selectDate('', '', '', '', '', "addprop", 1, 1); print '
'; print ''; if ($action != 'editdate' && $object->statut == Propal::STATUS_DRAFT && $usercancreate) print ''; diff --git a/htdocs/comm/propal/list.php b/htdocs/comm/propal/list.php index 522e8f5eaa3..f8481997051 100644 --- a/htdocs/comm/propal/list.php +++ b/htdocs/comm/propal/list.php @@ -157,7 +157,7 @@ $arrayfields = array( 'state.nom'=>array('label'=>"StateShort", 'checked'=>0), 'country.code_iso'=>array('label'=>"Country", 'checked'=>0), 'typent.code'=>array('label'=>"ThirdPartyType", 'checked'=>$checkedtypetiers), - 'p.date'=>array('label'=>"Date", 'checked'=>1), + 'p.date'=>array('label'=>"DatePropal", 'checked'=>1), 'p.fin_validite'=>array('label'=>"DateEnd", 'checked'=>1), 'p.date_livraison'=>array('label'=>"DeliveryDate", 'checked'=>0), 'ava.rowid'=>array('label'=>"AvailabilityPeriod", 'checked'=>0), diff --git a/htdocs/core/modules/propale/doc/pdf_azur.modules.php b/htdocs/core/modules/propale/doc/pdf_azur.modules.php index 1235a312006..44192cf6067 100644 --- a/htdocs/core/modules/propale/doc/pdf_azur.modules.php +++ b/htdocs/core/modules/propale/doc/pdf_azur.modules.php @@ -1533,7 +1533,7 @@ class pdf_azur extends ModelePDFPropales $posy += 4; $pdf->SetXY($posx, $posy); $pdf->SetTextColor(0, 0, 60); - $pdf->MultiCell(100, 3, $outputlangs->transnoentities("Date")." : ".dol_print_date($object->date, "day", false, $outputlangs, true), '', 'R'); + $pdf->MultiCell(100, 3, $outputlangs->transnoentities("DatePropal")." : ".dol_print_date($object->date, "day", false, $outputlangs, true), '', 'R'); $posy += 4; $pdf->SetXY($posx, $posy); From 014b34acc69175916d62bf4b4943136b1d052b66 Mon Sep 17 00:00:00 2001 From: piernov Date: Sat, 15 May 2021 16:44:46 +0200 Subject: [PATCH 050/105] Fix default gid 65534 for User in LDAP posixAccount objectclass (intended to be used with the uid/gid/homedir fields) requires a gid. Always set a gid in LDAP for the User class even if the user does not belong to any group. By default 65534 which corresponds to the nobody group on major distributions (incl. Debian). --- htdocs/user/class/user.class.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/htdocs/user/class/user.class.php b/htdocs/user/class/user.class.php index 89995a4584e..6c0645e82b7 100644 --- a/htdocs/user/class/user.class.php +++ b/htdocs/user/class/user.class.php @@ -2678,10 +2678,10 @@ class User extends CommonObject } if (!empty($conf->global->LDAP_FIELD_USERID))$info[$conf->global->LDAP_FIELD_USERID] = $this->id; - if (!empty($info[$conf->global->LDAP_FIELD_GROUPID])) { + if (!empty($conf->global->LDAP_FIELD_GROUPID)) { $usergroup = new UserGroup($this->db); $groupslist = $usergroup->listGroupsForUser($this->id); - $info[$conf->global->LDAP_FIELD_GROUPID] = '1'; + $info[$conf->global->LDAP_FIELD_GROUPID] = '65534'; if (!empty($groupslist)) { foreach ($groupslist as $groupforuser) { $info[$conf->global->LDAP_FIELD_GROUPID] = $groupforuser->id; //Select first group in list From beff175de130c3ff3ac736c8ed89d0346df568a9 Mon Sep 17 00:00:00 2001 From: piernov Date: Sat, 15 May 2021 16:48:43 +0200 Subject: [PATCH 051/105] Fix use login for User homedir in LDAP posixAccount objectclass (intended to be used with the uid/gid/homedir fields) requires a homedir. Always set a homedir in LDAP for the User class even if user does not have a firstname by using the login instead. Additionally on Linux the login is typically used for the home directory rather than the first name. It also avoids having accentuated or other special characters (commonly found in names) in the home directory path. --- htdocs/user/class/user.class.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/user/class/user.class.php b/htdocs/user/class/user.class.php index 6c0645e82b7..2d5a09659db 100644 --- a/htdocs/user/class/user.class.php +++ b/htdocs/user/class/user.class.php @@ -2689,7 +2689,7 @@ class User extends CommonObject } } } - if (!empty($this->firstname) && !empty($conf->global->LDAP_FIELD_HOMEDIRECTORY) && !empty($conf->global->LDAP_FIELD_HOMEDIRECTORYPREFIX)) $info[$conf->global->LDAP_FIELD_HOMEDIRECTORY] = "{$conf->global->LDAP_FIELD_HOMEDIRECTORYPREFIX}/$this->firstname"; + if (!empty($conf->global->LDAP_FIELD_HOMEDIRECTORY) && !empty($conf->global->LDAP_FIELD_HOMEDIRECTORYPREFIX)) $info[$conf->global->LDAP_FIELD_HOMEDIRECTORY] = "{$conf->global->LDAP_FIELD_HOMEDIRECTORYPREFIX}/$this->login"; return $info; } From 1cbe0e3f2d2be8373950fe06daab4d23a1d47abc Mon Sep 17 00:00:00 2001 From: piernov Date: Sat, 15 May 2021 18:01:34 +0200 Subject: [PATCH 052/105] Fix: properly set gid for Group LDAP synchro Even if the gidNumber field was set in the configuration, a gid different from the Dolibarr's one was generated and stored into LDAP. Now the gidNumber is properly set to Dolibarr's gid if gidNumber field is set in the LDAP module configuration. --- .../core/triggers/interface_50_modLdap_Ldapsynchro.class.php | 4 ++-- htdocs/user/class/usergroup.class.php | 2 +- htdocs/user/group/ldap.php | 4 ++-- 3 files changed, 5 insertions(+), 5 deletions(-) diff --git a/htdocs/core/triggers/interface_50_modLdap_Ldapsynchro.class.php b/htdocs/core/triggers/interface_50_modLdap_Ldapsynchro.class.php index ec6d23e2f01..17efdca41c5 100644 --- a/htdocs/core/triggers/interface_50_modLdap_Ldapsynchro.class.php +++ b/htdocs/core/triggers/interface_50_modLdap_Ldapsynchro.class.php @@ -282,8 +282,8 @@ class InterfaceLdapsynchro extends DolibarrTriggers $info=$object->_load_ldap_info(); $dn=$object->_load_ldap_dn($info); - // Get a gid number for objectclass PosixGroup - if (in_array('posixGroup', $info['objectclass'])) { + // Get a gid number for objectclass PosixGroup if none was provided + if (empty($info[$conf->global->LDAP_GROUP_FIELD_GROUPID]) && in_array('posixGroup', $info['objectclass'])) { $info['gidNumber'] = $ldap->getNextGroupGid('LDAP_KEY_GROUPS'); } diff --git a/htdocs/user/class/usergroup.class.php b/htdocs/user/class/usergroup.class.php index aa4a6b3f8b6..e1e003267b0 100644 --- a/htdocs/user/class/usergroup.class.php +++ b/htdocs/user/class/usergroup.class.php @@ -983,7 +983,7 @@ class UserGroup extends CommonObject } $info[$conf->global->LDAP_GROUP_FIELD_GROUPMEMBERS] = (!empty($valueofldapfield)?$valueofldapfield:''); } - if(!empty($info[$conf->global->LDAP_GROUP_FIELD_GROUPID])){ + if(!empty($conf->global->LDAP_GROUP_FIELD_GROUPID)){ $info[$conf->global->LDAP_GROUP_FIELD_GROUPID]=$this->id; } return $info; diff --git a/htdocs/user/group/ldap.php b/htdocs/user/group/ldap.php index eca923f68be..f28ca81c42a 100644 --- a/htdocs/user/group/ldap.php +++ b/htdocs/user/group/ldap.php @@ -69,8 +69,8 @@ if ($action == 'dolibarr2ldap') { $info=$object->_load_ldap_info(); - // Get a gid number for objectclass PosixGroup - if (in_array('posixGroup', $info['objectclass'])) { + // Get a gid number for objectclass PosixGroup if none was provided + if (empty($info[$conf->global->LDAP_GROUP_FIELD_GROUPID]) && in_array('posixGroup', $info['objectclass'])) { $info['gidNumber'] = $ldap->getNextGroupGid('LDAP_KEY_GROUPS'); } From e5e317bae3bfe331d86e21ba4998a892a022ce20 Mon Sep 17 00:00:00 2001 From: Maxime Kohlhaas Date: Sun, 16 May 2021 09:58:34 +0200 Subject: [PATCH 053/105] Fix entity was set to 0 on group creation --- htdocs/user/group/card.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/user/group/card.php b/htdocs/user/group/card.php index 33921544b45..21f53c64c68 100644 --- a/htdocs/user/group/card.php +++ b/htdocs/user/group/card.php @@ -138,7 +138,7 @@ if (empty($reshook)) { if (!empty($conf->multicompany->enabled) && !empty($conf->global->MULTICOMPANY_TRANSVERSE_MODE)) { $object->entity = 0; } else { - $object->entity = GETPOST("entity"); + $object->entity = GETPOSTISSET("entity") ? GETPOST("entity") : $conf->entity; } $db->begin(); From 3859e7f00ee6b90dd864b78443f9033b0841b8df Mon Sep 17 00:00:00 2001 From: Maxime Kohlhaas Date: Sun, 16 May 2021 10:49:00 +0200 Subject: [PATCH 054/105] Fix translations on expensereport list --- htdocs/expensereport/list.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/htdocs/expensereport/list.php b/htdocs/expensereport/list.php index e83899d28d1..ce1dc4e3c09 100644 --- a/htdocs/expensereport/list.php +++ b/htdocs/expensereport/list.php @@ -138,8 +138,8 @@ $search_array_options = $extrafields->getOptionalsFromPost($object->table_elemen $fieldstosearchall = array( 'd.ref'=>'Ref', 'd.note_public'=>"NotePublic", - 'u.lastname'=>'Lastname', - 'u.firstname'=>"Firstname", + 'u.lastname'=>'EmployeeLastname', + 'u.firstname'=>"EmployeeFirstname", 'u.login'=>"Login", ); if (empty($user->socid)) { From baf0dda19cd31911348d28a6acbcbb1b16301e22 Mon Sep 17 00:00:00 2001 From: Maxime Kohlhaas Date: Sun, 16 May 2021 10:52:51 +0200 Subject: [PATCH 055/105] Fix missing load langs for my company info in user block --- htdocs/main.inc.php | 2 ++ 1 file changed, 2 insertions(+) diff --git a/htdocs/main.inc.php b/htdocs/main.inc.php index 0c3679adac5..244ef483db5 100644 --- a/htdocs/main.inc.php +++ b/htdocs/main.inc.php @@ -1964,6 +1964,8 @@ function top_menu_user($hideloginname = 0, $urllogout = '') global $dolibarr_main_authentication, $dolibarr_main_demo; global $menumanager; + $langs->loadLangs(array('companies')); + $userImage = $userDropDownImage = ''; if (!empty($user->photo)) { $userImage = Form::showphoto('userphoto', $user, 0, 0, 0, 'photouserphoto userphoto', 'small', 0, 1); From 3c3613a71a9100e63d02db2832322a0afc76a861 Mon Sep 17 00:00:00 2001 From: Maxime Kohlhaas Date: Sun, 16 May 2021 11:06:49 +0200 Subject: [PATCH 056/105] Fix missing quick create holiday and expense report --- htdocs/main.inc.php | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) diff --git a/htdocs/main.inc.php b/htdocs/main.inc.php index 244ef483db5..09da7fdd80e 100644 --- a/htdocs/main.inc.php +++ b/htdocs/main.inc.php @@ -2354,6 +2354,28 @@ function top_menu_quickadd() '; } + if (!empty($conf->expensereport->enabled) && $user->rights->expensereport->creer) { + $langs->load("trips"); + $dropDownQuickAddHtml .= ' + +
+ + '. img_picto('', 'object_trip') .'
'. $langs->trans("ExpenseReport") .' +
+ '; + } + + if (!empty($conf->holiday->enabled) && $user->rights->holiday->write) { + $langs->load("holiday"); + $dropDownQuickAddHtml .= ' + +
+ + '. img_picto('', 'object_holiday') .'
'. $langs->trans("Holidays") .' +
+ '; + } + // Execute hook printTopRightMenu (hooks should output string like '') $parameters = array(); $result = $hookmanager->executeHooks('printQuickAddBlock', $parameters); // Note that $action and $object may have been modified by some hooks From c8b725165e24199833877dffd7fa534da9409ffe Mon Sep 17 00:00:00 2001 From: Maxime Kohlhaas Date: Sun, 16 May 2021 11:16:07 +0200 Subject: [PATCH 057/105] Fix use img_picto in quick create dropdown --- htdocs/main.inc.php | 44 +++++++++++--------------------------------- 1 file changed, 11 insertions(+), 33 deletions(-) diff --git a/htdocs/main.inc.php b/htdocs/main.inc.php index 09da7fdd80e..3fb1a1aa0da 100644 --- a/htdocs/main.inc.php +++ b/htdocs/main.inc.php @@ -2217,9 +2217,7 @@ function top_menu_quickadd()
-
- '.$langs->trans("ThirdParty").' - + '. img_picto('', 'object_company') .'
'. $langs->trans("ThirdParty") .'
'; } @@ -2230,9 +2228,7 @@ function top_menu_quickadd()
-
- '.$langs->trans("Contact").' - + '. img_picto('', 'object_contact') .'
'. $langs->trans("Contact") .'
'; } @@ -2243,9 +2239,7 @@ function top_menu_quickadd()
-
- '.$langs->trans("Proposal").' - + '. img_picto('', 'object_propal') .'
'. $langs->trans("Proposal") .'
'; } @@ -2256,9 +2250,7 @@ function top_menu_quickadd()
-
- '.$langs->trans("Order").' - + '. img_picto('', 'object_order') .'
'. $langs->trans("Order") .'
'; } @@ -2269,9 +2261,7 @@ function top_menu_quickadd()
-
- '.$langs->trans("Bill").' - + '. img_picto('', 'object_bill') .'
'. $langs->trans("Bill") .'
'; } @@ -2282,9 +2272,7 @@ function top_menu_quickadd()
-
- '.$langs->trans("Contract").' - + '. img_picto('', 'object_contract') .'
'. $langs->trans("Contract") .'
'; } @@ -2295,9 +2283,7 @@ function top_menu_quickadd()
-
- '.$langs->trans("AskPrice").' - + '. img_picto('', 'object_propal') .'
'. $langs->trans("AskPrice") .'
'; } @@ -2308,9 +2294,7 @@ function top_menu_quickadd()
-
- '.$langs->trans("SupplierOrder").' - + '. img_picto('', 'object_order') .'
'. $langs->trans("SupplierOrder") .'
'; } @@ -2321,9 +2305,7 @@ function top_menu_quickadd()
-
- '.$langs->trans("SupplierBill").' - + '. img_picto('', 'object_bill') .'
'. $langs->trans("SupplierBill") .'
'; } @@ -2334,9 +2316,7 @@ function top_menu_quickadd()
-
- '.$langs->trans("Product").' - + '. img_picto('', 'object_product') .'
'. $langs->trans("Product") .'
'; } @@ -2347,9 +2327,7 @@ function top_menu_quickadd()
-
- '.$langs->trans("Service").' - + '. img_picto('', 'object_service') .'
'. $langs->trans("Service") .'
'; } From 7af0bda3a532554cbdb728c72058112a7fce13ab Mon Sep 17 00:00:00 2001 From: Maxime Kohlhaas Date: Sun, 16 May 2021 11:33:07 +0200 Subject: [PATCH 058/105] Update admin_extrafields_view.tpl.php --- htdocs/core/tpl/admin_extrafields_view.tpl.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/core/tpl/admin_extrafields_view.tpl.php b/htdocs/core/tpl/admin_extrafields_view.tpl.php index 96620da28d9..79f852f49a9 100644 --- a/htdocs/core/tpl/admin_extrafields_view.tpl.php +++ b/htdocs/core/tpl/admin_extrafields_view.tpl.php @@ -120,7 +120,7 @@ if (is_array($extrafields->attributes[$elementtype]['type']) && count($extrafiel } else { - $colspan = 13; + $colspan = 14; if (!empty($conf->multicompany->enabled)) $colspan++; print ''; From c820231363a75f0d528d7332b7a103e41f6f3e8f Mon Sep 17 00:00:00 2001 From: Maxime Kohlhaas Date: Sun, 16 May 2021 12:24:27 +0200 Subject: [PATCH 059/105] Fix id of expense report must be before object fetch --- htdocs/expensereport/card.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/expensereport/card.php b/htdocs/expensereport/card.php index a4c565bc1be..cb6dcfc94b8 100644 --- a/htdocs/expensereport/card.php +++ b/htdocs/expensereport/card.php @@ -55,6 +55,7 @@ $action = GETPOST('action', 'aZ09'); $cancel = GETPOST('cancel', 'alpha'); $confirm = GETPOST('confirm', 'alpha'); +$id = GETPOST('id', 'int'); $date_start = dol_mktime(0, 0, 0, GETPOST('date_debutmonth', 'int'), GETPOST('date_debutday', 'int'), GETPOST('date_debutyear', 'int')); $date_end = dol_mktime(0, 0, 0, GETPOST('date_finmonth', 'int'), GETPOST('date_finday', 'int'), GETPOST('date_finyear', 'int')); $date = dol_mktime(0, 0, 0, GETPOST('datemonth', 'int'), GETPOST('dateday', 'int'), GETPOST('dateyear', 'int')); @@ -120,7 +121,6 @@ if ($object->id > 0) { } // Security check -$id = GETPOST("id", 'int'); if ($user->socid) { $socid = $user->socid; } From 240137b768e4993406c2fe0037f1090438d4790d Mon Sep 17 00:00:00 2001 From: Maxime Kohlhaas Date: Sun, 16 May 2021 16:04:19 +0200 Subject: [PATCH 060/105] Fix HRM homepage --- htdocs/hrm/index.php | 60 ++++++++++++++++++++++++++------------------ 1 file changed, 35 insertions(+), 25 deletions(-) diff --git a/htdocs/hrm/index.php b/htdocs/hrm/index.php index 09485357956..af9518d4622 100644 --- a/htdocs/hrm/index.php +++ b/htdocs/hrm/index.php @@ -40,8 +40,13 @@ if ($conf->deplacement->enabled) { if ($conf->expensereport->enabled) { require_once DOL_DOCUMENT_ROOT.'/expensereport/class/expensereport.class.php'; } -require_once DOL_DOCUMENT_ROOT.'/recruitment/class/recruitmentcandidature.class.php'; -require_once DOL_DOCUMENT_ROOT.'/holiday/class/holiday.class.php'; +if ($conf->recruitment->enabled) { + require_once DOL_DOCUMENT_ROOT.'/recruitment/class/recruitmentcandidature.class.php'; + require_once DOL_DOCUMENT_ROOT.'/recruitment/class/recruitmentjobposition.class.php'; +} +if ($conf->holiday->enabled) { + require_once DOL_DOCUMENT_ROOT.'/holiday/class/holiday.class.php'; +} $hookmanager = new HookManager($db); $hookmanager->initHooks('hrmindex'); @@ -60,10 +65,6 @@ if (empty($conf->global->MAIN_INFO_SOCIETE_NOM) || empty($conf->global->MAIN_INF $setupcompanynotcomplete = 1; } -$holiday = new Holiday($db); -$holidaystatic = new Holiday($db); -$staticrecruitmentcandidature = new RecruitmentCandidature($db); - $max = $conf->global->MAIN_SIZE_SHORTLIST_LIMIT; @@ -73,7 +74,8 @@ $max = $conf->global->MAIN_SIZE_SHORTLIST_LIMIT; // Update sold if (!empty($conf->holiday->enabled) && !empty($setupcompanynotcomplete)) { - $result = $holiday->updateBalance(); + $holidaystatic = new Holiday($db); + $result = $holidaystatic->updateBalance(); } @@ -144,6 +146,7 @@ if (!empty($conf->global->MAIN_SEARCH_FORM_ON_HOME_AREAS)) { // This is usel if (!empty($conf->holiday->enabled)) { if (empty($conf->global->HOLIDAY_HIDE_BALANCE)) { + $holidaystatic = new Holiday($db); $user_id = $user->id; print '
'; @@ -154,9 +157,9 @@ if (!empty($conf->holiday->enabled)) { $out = ''; $nb_holiday = 0; - $typeleaves = $holiday->getTypes(1, 1); + $typeleaves = $holidaystatic->getTypes(1, 1); foreach ($typeleaves as $key => $val) { - $nb_type = $holiday->getCPforUser($user->id, $val['rowid']); + $nb_type = $holidaystatic->getCPforUser($user->id, $val['rowid']); $nb_holiday += $nb_type; $out .= ' - '.($langs->trans($val['code']) != $val['code'] ? $langs->trans($val['code']) : $val['label']).': '.($nb_type ? price2num($nb_type) : 0).'
'; } @@ -179,7 +182,7 @@ print '
'; // Latest leave requests if (!empty($conf->holiday->enabled) && $user->rights->holiday->read) { $sql = "SELECT u.rowid as uid, u.lastname, u.firstname, u.login, u.email, u.photo, u.statut as user_status,"; - $sql .= " x.rowid, x.rowid as ref, x.fk_type, x.date_debut as date_start, x.date_fin as date_end, x.halfday, x.tms as dm, x.statut as status"; + $sql .= " x.rowid, x.ref, x.fk_type, x.date_debut as date_start, x.date_fin as date_end, x.halfday, x.tms as dm, x.statut as status"; $sql .= " FROM ".MAIN_DB_PREFIX."holiday as x, ".MAIN_DB_PREFIX."user as u"; $sql .= " WHERE u.rowid = x.fk_user"; $sql .= " AND x.entity = ".$conf->entity; @@ -236,8 +239,8 @@ if (!empty($conf->holiday->enabled) && $user->rights->holiday->read) { $starthalfday = ($obj->halfday == -1 || $obj->halfday == 2) ? 'afternoon' : 'morning'; $endhalfday = ($obj->halfday == 1 || $obj->halfday == 2) ? 'morning' : 'afternoon'; - print '
'; print ''; print ''; @@ -330,20 +333,23 @@ if (!empty($conf->expensereport->enabled) && $user->rights->expensereport->lire) // Last modified job position if (!empty($conf->recruitment->enabled) && $user->rights->recruitment->recruitmentjobposition->read) { - $sql = "SELECT rc.rowid, rc.ref, rc.email, rc.lastname, rc.firstname, rc.date_creation, rc.tms, rc.status"; + $staticrecruitmentcandidature = new RecruitmentCandidature($db); + $staticrecruitmentjobposition = new RecruitmentJobPosition($db); + $sql = "SELECT rc.rowid, rc.ref, rc.email, rc.lastname, rc.firstname, rc.date_creation, rc.tms, rc.status,"; + $sql.= " rp.rowid as jobid, rp.ref as jobref, rp.label"; $sql .= " FROM ".MAIN_DB_PREFIX."recruitment_recruitmentcandidature as rc"; - $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."recruitment_recruitmentjobposition as s ON rc.fk_recruitmentjobposition = s.rowid"; - if (!$user->rights->societe->client->voir && !$socid) { + $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."recruitment_recruitmentjobposition as rp ON rc.fk_recruitmentjobposition = rp.rowid"; + if ($conf->societe->enabled && !$user->rights->societe->client->voir && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } - $sql .= " WHERE rc.entity IN (".getEntity($staticrecruitmentjobposition->element).")"; - if (!$user->rights->societe->client->voir && !$socid) { - $sql .= " AND s.fk_soc = sc.fk_soc AND sc.fk_user = ".$user->id; + $sql .= " WHERE rc.entity IN (".getEntity($staticrecruitmentcandidature->element).")"; + if ($conf->societe->enabled && !$user->rights->societe->client->voir && !$socid) { + $sql .= " AND rp.fk_soc = sc.fk_soc AND sc.fk_user = ".$user->id; } if ($socid) { - $sql .= " AND s.fk_soc = $socid"; + $sql .= " AND rp.fk_soc = $socid"; } - $sql .= " ORDER BY rc.tms DESC"; + $sql .= $db->order("rc.tms", "DESC"); $sql .= $db->plimit($max, 0); $resql = $db->query($sql); @@ -354,8 +360,8 @@ if (!empty($conf->recruitment->enabled) && $user->rights->recruitment->recruitme print '
'; print '
'; - print $langs->trans('Date'); + print $langs->trans('DatePropal'); print 'id.'">'.img_edit($langs->trans('SetDate'), 1).'
'.dol_print_date($db->jdate($obj->date_start), 'day').' '.$langs->trans($listhalfday[$starthalfday]).''; - print ''.dol_print_date($db->jdate($obj->date_end), 'day').' '.$langs->trans($listhalfday[$endhalfday]).''; + print ''.dol_print_date($db->jdate($obj->date_start), 'day').'
'.$langs->trans($listhalfday[$starthalfday]).''; + print '		'.dol_print_date($db->jdate($obj->date_end), 'day').'
'.$langs->trans($listhalfday[$endhalfday]).''; print '		'.dol_print_date($db->jdate($obj->dm), 'day').''.$holidaystatic->LibStatut($obj->status, 3).'
'; print ''; - print ''; print ''; print ''; @@ -370,11 +376,15 @@ if (!empty($conf->recruitment->enabled) && $user->rights->recruitment->recruitme $staticrecruitmentcandidature->firstname = $objp->firstname; $staticrecruitmentcandidature->lastname = $objp->lastname; + $staticrecruitmentjobposition->id = $objp->jobid; + $staticrecruitmentjobposition->ref = $objp->jobref; + $staticrecruitmentjobposition->label = $objp->label; + print ''; print ''; - print '"; - print '"; + print ''; + print ''; + print ''; print '"; From 78633ccb2ba3a09d5b0a4aaa6850824e04b99664 Mon Sep 17 00:00:00 2001 From: Maxime Kohlhaas Date: Sun, 16 May 2021 16:20:46 +0200 Subject: [PATCH 061/105] Fix expensereport and recruitment homepages --- htdocs/expensereport/index.php | 9 --------- htdocs/recruitment/recruitmentindex.php | 12 ++++++------ 2 files changed, 6 insertions(+), 15 deletions(-) diff --git a/htdocs/expensereport/index.php b/htdocs/expensereport/index.php index be8c735edc1..8198883e58f 100644 --- a/htdocs/expensereport/index.php +++ b/htdocs/expensereport/index.php @@ -171,9 +171,6 @@ $langs->load("boxes"); $sql = "SELECT u.rowid as uid, u.lastname, u.firstname, u.login, u.statut as user_status, u.photo, u.email, u.admin,"; $sql .= " d.rowid, d.ref, d.date_debut as dated, d.date_fin as datef, d.date_create as dm, d.total_ht, d.total_ttc, d.fk_statut as status"; $sql .= " FROM ".MAIN_DB_PREFIX."expensereport as d, ".MAIN_DB_PREFIX."user as u"; -if (!$user->rights->societe->client->voir && !$user->socid) { - $sql .= ", ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."societe_commerciaux as sc"; -} $sql .= " WHERE u.rowid = d.fk_user_author"; // RESTRICT RIGHTS if (empty($user->rights->expensereport->readall) && empty($user->rights->expensereport->lire_tous) @@ -183,12 +180,6 @@ if (empty($user->rights->expensereport->readall) && empty($user->rights->expense $sql .= " AND d.fk_user_author IN (".$db->sanitize(join(',', $childids)).")\n"; } $sql .= ' AND d.entity IN ('.getEntity('expensereport').')'; -if (!$user->rights->societe->client->voir && !$user->socid) { - $sql .= " AND d.fk_user_author = s.rowid AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $user->id); -} -if ($socid) { - $sql .= " AND d.fk_user_author = ".$socid; -} $sql .= $db->order($sortfield, $sortorder); $sql .= $db->plimit($max, 0); diff --git a/htdocs/recruitment/recruitmentindex.php b/htdocs/recruitment/recruitmentindex.php index 3b6ff756b3c..7e369fe6bb2 100644 --- a/htdocs/recruitment/recruitmentindex.php +++ b/htdocs/recruitment/recruitmentindex.php @@ -331,18 +331,18 @@ if (!empty($conf->recruitment->enabled) && $user->rights->recruitment->recruitme $sql = "SELECT s.rowid, s.ref, s.label, s.date_creation, s.tms, s.status, COUNT(rc.rowid) as nbapplications"; $sql .= " FROM ".MAIN_DB_PREFIX."recruitment_recruitmentjobposition as s"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."recruitment_recruitmentcandidature as rc ON rc.fk_recruitmentjobposition = s.rowid"; - if (!$user->rights->societe->client->voir && !$socid) { + if ($conf->societe->enabled && !$user->rights->societe->client->voir && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE s.entity IN (".getEntity($staticrecruitmentjobposition->element).")"; - if (!$user->rights->societe->client->voir && !$socid) { + if ($conf->societe->enabled && !$user->rights->societe->client->voir && !$socid) { $sql .= " AND s.fk_soc = sc.fk_soc AND sc.fk_user = ".$user->id; } if ($socid) { $sql .= " AND s.fk_soc = $socid"; } $sql .= " GROUP BY s.rowid, s.ref, s.label, s.date_creation, s.tms, s.status"; - $sql .= " ORDER BY s.tms DESC"; + $sql .= $db->order('s.tms', 'DESC'); $sql .= $db->plimit($max, 0); $resql = $db->query($sql); @@ -402,17 +402,17 @@ if (!empty($conf->recruitment->enabled) && $user->rights->recruitment->recruitme $sql = "SELECT rc.rowid, rc.ref, rc.email, rc.lastname, rc.firstname, rc.date_creation, rc.tms, rc.status"; $sql .= " FROM ".MAIN_DB_PREFIX."recruitment_recruitmentcandidature as rc"; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."recruitment_recruitmentjobposition as s ON rc.fk_recruitmentjobposition = s.rowid"; - if (!$user->rights->societe->client->voir && !$socid) { + if ($conf->societe->enabled && !$user->rights->societe->client->voir && !$socid) { $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; } $sql .= " WHERE rc.entity IN (".getEntity($staticrecruitmentjobposition->element).")"; - if (!$user->rights->societe->client->voir && !$socid) { + if ($conf->societe->enabled && !$user->rights->societe->client->voir && !$socid) { $sql .= " AND s.fk_soc = sc.fk_soc AND sc.fk_user = ".$user->id; } if ($socid) { $sql .= " AND s.fk_soc = $socid"; } - $sql .= " ORDER BY rc.tms DESC"; + $sql .= $db->order('rc.tms', 'DESC'); $sql .= $db->plimit($max, 0); $resql = $db->query($sql); From d4aa0ae4225f37569bf41a241b79d1e0a3cfcb42 Mon Sep 17 00:00:00 2001 From: Maxime Kohlhaas Date: Sun, 16 May 2021 18:26:26 +0200 Subject: [PATCH 062/105] Update box_dolibarr_state_board.php Global stats box is always enabled --- htdocs/core/boxes/box_dolibarr_state_board.php | 7 ------- 1 file changed, 7 deletions(-) diff --git a/htdocs/core/boxes/box_dolibarr_state_board.php b/htdocs/core/boxes/box_dolibarr_state_board.php index d26dd2cb075..348ffeda4cd 100644 --- a/htdocs/core/boxes/box_dolibarr_state_board.php +++ b/htdocs/core/boxes/box_dolibarr_state_board.php @@ -60,13 +60,6 @@ class box_dolibarr_state_board extends ModeleBoxes global $conf, $user; $this->db = $db; - - // disable box for such cases - if (!empty($conf->global->SOCIETE_DISABLE_CUSTOMERS)) { - $this->enabled = 0; // disabled by this option - } - - $this->hidden = !(!empty($user->rights->societe->lire) && empty($user->socid)); } /** From d3ff549b21417c314ced1c2a9d01acd821612e1e Mon Sep 17 00:00:00 2001 From: Maxime Kohlhaas Date: Sun, 16 May 2021 18:48:18 +0200 Subject: [PATCH 063/105] Fix ticket when module societe not enabled --- htdocs/core/class/html.formticket.class.php | 4 +++- htdocs/core/lib/ticket.lib.php | 5 +++-- htdocs/ticket/class/ticket.class.php | 2 +- 3 files changed, 7 insertions(+), 4 deletions(-) diff --git a/htdocs/core/class/html.formticket.class.php b/htdocs/core/class/html.formticket.class.php index 7d012077700..3cec6c19789 100644 --- a/htdocs/core/class/html.formticket.class.php +++ b/htdocs/core/class/html.formticket.class.php @@ -103,11 +103,13 @@ class FormTicket */ public function __construct($db) { + global $conf; + $this->db = $db; $this->action = 'add'; - $this->withcompany = 1; + $this->withcompany = $conf->societe->enabled ? 1 : 0; $this->withfromsocid = 0; $this->withfromcontactid = 0; //$this->withthreadid=0; diff --git a/htdocs/core/lib/ticket.lib.php b/htdocs/core/lib/ticket.lib.php index e2e06487de8..4d9d4bb2fa2 100644 --- a/htdocs/core/lib/ticket.lib.php +++ b/htdocs/core/lib/ticket.lib.php @@ -84,7 +84,7 @@ function ticket_prepare_head($object) $head[$h][2] = 'tabTicket'; $h++; - if (empty($conf->global->MAIN_DISABLE_CONTACTS_TAB) && empty($user->socid)) { + if (empty($conf->global->MAIN_DISABLE_CONTACTS_TAB) && empty($user->socid) && $conf->societe->enabled) { $nbContact = count($object->liste_contact(-1, 'internal')) + count($object->liste_contact(-1, 'external')); $head[$h][0] = DOL_URL_ROOT.'/ticket/contact.php?track_id='.$object->track_id; $head[$h][1] = $langs->trans('ContactsAddresses'); @@ -157,7 +157,8 @@ function showDirectPublicLink($object) $out = ''; if (empty($conf->global->TICKET_ENABLE_PUBLIC_INTERFACE)) { - $out .= ''.$langs->trans("PublicInterfaceNotEnabled").''; + $langs->load('errors'); + $out .= ''.$langs->trans("ErrorPublicInterfaceNotEnabled").''; } else { $out .= img_picto('', 'object_globe.png').' '.$langs->trans("TicketPublicAccess").'
'; if ($url) { diff --git a/htdocs/ticket/class/ticket.class.php b/htdocs/ticket/class/ticket.class.php index 6c883be6b1a..5180abe6140 100644 --- a/htdocs/ticket/class/ticket.class.php +++ b/htdocs/ticket/class/ticket.class.php @@ -2917,7 +2917,7 @@ class Ticket extends CommonObject $sql = "SELECT p.rowid, p.ref, p.datec as datec"; $sql .= " FROM ".MAIN_DB_PREFIX."ticket as p"; - if (!$user->rights->societe->client->voir && !$user->socid) { + if ($conf->societe->enabled && !$user->rights->societe->client->voir && !$user->socid) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON p.fk_soc = sc.fk_soc"; $sql .= " WHERE sc.fk_user = ".$user->id; $clause = " AND"; From 1fbd53993f45901f5fb3d7e5c6bbf9df884e2b06 Mon Sep 17 00:00:00 2001 From: Maxime Kohlhaas Date: Sun, 16 May 2021 19:07:36 +0200 Subject: [PATCH 064/105] Fix missing substitutionarray on ticket presend --- htdocs/ticket/card.php | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/htdocs/ticket/card.php b/htdocs/ticket/card.php index 6d14d29202f..a32ec67a11e 100644 --- a/htdocs/ticket/card.php +++ b/htdocs/ticket/card.php @@ -1297,13 +1297,23 @@ elseif (empty($action) || $action == 'view' || $action == 'addlink' || $action = // add a message if ($action == 'presend' || $action == 'presend_addmessage') { + $outputlangs = $langs; + $newlang = ''; + if ($conf->global->MAIN_MULTILANGS && empty($newlang) && !empty($_REQUEST['lang_id'])) { + $newlang = $_REQUEST['lang_id']; + } + if ($conf->global->MAIN_MULTILANGS && empty($newlang)) { + $newlang = $object->thirdparty->default_lang; + } + $arrayoffamiliestoexclude = array('objectamount'); + $action = 'add_message'; // action to use to post the message $modelmail = 'ticket_send'; // Substitution array $morehtmlright = ''; $help = ""; - $substitutionarray = array(); + $substitutionarray = getCommonSubstitutionArray($outputlangs, 0, $arrayoffamiliestoexclude, $object); if ($object->fk_soc > 0) { $object->fetch_thirdparty(); $substitutionarray['__THIRDPARTY_NAME__'] = $object->thirdparty->name; From 9a8bd2c24b8f67e4dc48e8a1795955b6fc11b384 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 17 May 2021 06:13:26 +0200 Subject: [PATCH 065/105] Add missing field Fix duplicate / in url --- htdocs/core/lib/website.lib.php | 2 +- htdocs/install/mysql/migration/13.0.0-14.0.0.sql | 6 +++++- htdocs/install/mysql/tables/llx_c_ticket_category.sql | 2 +- htdocs/install/mysql/tables/llx_c_ticket_type.sql | 2 +- .../tables/llx_knowledgemanagement_knowledgerecord.sql | 3 ++- htdocs/knowledgemanagement/class/knowledgerecord.class.php | 4 ++-- 6 files changed, 12 insertions(+), 7 deletions(-) diff --git a/htdocs/core/lib/website.lib.php b/htdocs/core/lib/website.lib.php index 4fa0f053236..8f6b484a733 100644 --- a/htdocs/core/lib/website.lib.php +++ b/htdocs/core/lib/website.lib.php @@ -618,7 +618,7 @@ function getStructuredData($type, $data = array()) $pageurl = str_replace('__WEBSITE_KEY__', $website->ref, $pageurl); $title = str_replace('__WEBSITE_KEY__', $website->ref, $title); - $image = '/medias/'.str_replace('__WEBSITE_KEY__', $website->ref, $image); + $image = '/medias'.(preg_match('/^\//', $image) ? '' : '/').str_replace('__WEBSITE_KEY__', $website->ref, $image); $companyname = str_replace('__WEBSITE_KEY__', $website->ref, $companyname); $description = str_replace('__WEBSITE_KEY__', $website->ref, $description); diff --git a/htdocs/install/mysql/migration/13.0.0-14.0.0.sql b/htdocs/install/mysql/migration/13.0.0-14.0.0.sql index da2cd34fa00..cf5da55d719 100644 --- a/htdocs/install/mysql/migration/13.0.0-14.0.0.sql +++ b/htdocs/install/mysql/migration/13.0.0-14.0.0.sql @@ -491,11 +491,15 @@ CREATE TABLE llx_knowledgemanagement_knowledgerecord( import_key varchar(14), model_pdf varchar(255), question text NOT NULL, - answer text, + answer text, + fk_ticket integer, status integer NOT NULL -- END MODULEBUILDER FIELDS ) ENGINE=innodb; +ALTER TABLE llx_knowledgemanagement_knowledgerecord ADD COLUMN fk_ticket integer; + + create table llx_knowledgemanagement_knowledgerecord_extrafields ( rowid integer AUTO_INCREMENT PRIMARY KEY, diff --git a/htdocs/install/mysql/tables/llx_c_ticket_category.sql b/htdocs/install/mysql/tables/llx_c_ticket_category.sql index 10d16331a06..57bd15f2c23 100644 --- a/htdocs/install/mysql/tables/llx_c_ticket_category.sql +++ b/htdocs/install/mysql/tables/llx_c_ticket_category.sql @@ -15,7 +15,7 @@ -- along with this program. If not, see . -- --- Table with the categories of a ticket +-- Table with the custom category tree for the category of a ticket -- create table llx_c_ticket_category diff --git a/htdocs/install/mysql/tables/llx_c_ticket_type.sql b/htdocs/install/mysql/tables/llx_c_ticket_type.sql index d480036d5d5..462d1a71535 100644 --- a/htdocs/install/mysql/tables/llx_c_ticket_type.sql +++ b/htdocs/install/mysql/tables/llx_c_ticket_type.sql @@ -13,7 +13,7 @@ -- You should have received a copy of the GNU General Public License -- along with this program. If not, see . -- --- +-- Type of ticket. For example: COM, ISSUE, REQUEST, PROJECT, OTHER, ... create table llx_c_ticket_type ( diff --git a/htdocs/install/mysql/tables/llx_knowledgemanagement_knowledgerecord.sql b/htdocs/install/mysql/tables/llx_knowledgemanagement_knowledgerecord.sql index 9c2866980ec..5c9e4cf199f 100644 --- a/htdocs/install/mysql/tables/llx_knowledgemanagement_knowledgerecord.sql +++ b/htdocs/install/mysql/tables/llx_knowledgemanagement_knowledgerecord.sql @@ -27,7 +27,8 @@ CREATE TABLE llx_knowledgemanagement_knowledgerecord( import_key varchar(14), model_pdf varchar(255), question text NOT NULL, - answer text, + answer text, + fk_ticket integer, status integer NOT NULL -- END MODULEBUILDER FIELDS ) ENGINE=innodb; diff --git a/htdocs/knowledgemanagement/class/knowledgerecord.class.php b/htdocs/knowledgemanagement/class/knowledgerecord.class.php index 2dba1581d9e..4d46794aaf8 100644 --- a/htdocs/knowledgemanagement/class/knowledgerecord.class.php +++ b/htdocs/knowledgemanagement/class/knowledgerecord.class.php @@ -110,8 +110,8 @@ class KnowledgeRecord extends CommonObject 'fk_user_valid' => array('type'=>'integer:User:user/class/user.class.php', 'label'=>'UserValidation', 'enabled'=>'1', 'position'=>512, 'notnull'=>0, 'visible'=>-2,), 'import_key' => array('type'=>'varchar(14)', 'label'=>'ImportId', 'enabled'=>'1', 'position'=>1000, 'notnull'=>-1, 'visible'=>-2,), 'model_pdf' => array('type'=>'varchar(255)', 'label'=>'Model pdf', 'enabled'=>'1', 'position'=>1010, 'notnull'=>-1, 'visible'=>0,), - 'question' => array('type'=>'text', 'label'=>'Question', 'enabled'=>'1', 'position'=>30, 'notnull'=>1, 'visible'=>1,), - 'answer' => array('type'=>'html', 'label'=>'Solution', 'enabled'=>'1', 'position'=>50, 'notnull'=>0, 'visible'=>-1,), + 'question' => array('type'=>'text', 'label'=>'Question', 'enabled'=>'1', 'position'=>30, 'notnull'=>1, 'visible'=>1, 'csslist'=>'tdoverflow300'), + 'answer' => array('type'=>'html', 'label'=>'Solution', 'enabled'=>'1', 'position'=>50, 'notnull'=>0, 'visible'=>3, 'csslist'=>'tdoverflow300'), 'status' => array('type'=>'integer', 'label'=>'Status', 'enabled'=>'1', 'position'=>1000, 'notnull'=>1, 'visible'=>1, 'default'=>0, 'index'=>1, 'arrayofkeyval'=>array('0'=>'Draft', '1'=>'Valid'),), ); public $rowid; From d1ff2e3590ef59a80f1aff48342cbe59ca9b185b Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 17 May 2021 06:18:47 +0200 Subject: [PATCH 066/105] Add comment --- htdocs/core/lib/website.lib.php | 2 ++ 1 file changed, 2 insertions(+) diff --git a/htdocs/core/lib/website.lib.php b/htdocs/core/lib/website.lib.php index 8f6b484a733..44265e33ea5 100644 --- a/htdocs/core/lib/website.lib.php +++ b/htdocs/core/lib/website.lib.php @@ -666,6 +666,8 @@ function getStructuredData($type, $data = array()) $ret .= '"description": "'.dol_escape_json($description).'"'; $ret .= "\n".'}'."\n"; $ret .= ''."\n"; + } else { + $ret .= ''."\n"; } } elseif ($type == 'product') { $ret = ''."\n"; From 78b38f75a1bf846e0fecb47fa9c84a6f292e2fd0 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 17 May 2021 06:39:18 +0200 Subject: [PATCH 067/105] Minor fixes --- htdocs/core/lib/website.lib.php | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/htdocs/core/lib/website.lib.php b/htdocs/core/lib/website.lib.php index 44265e33ea5..89fd777cd20 100644 --- a/htdocs/core/lib/website.lib.php +++ b/htdocs/core/lib/website.lib.php @@ -502,7 +502,7 @@ function includeContainer($containerref) } $includehtmlcontentopened++; if ($includehtmlcontentopened > $MAXLEVEL) { - print 'ERROR: RECURSIVE CONTENT LEVEL. Depth of recursive call is more than the limit of '.$MAXLEVEL.".\n"; + print 'ERROR: RECURSIVE CONTENT LEVEL. Depth of recursive call is more than the limit of '.((int) $MAXLEVEL).".\n"; return; } @@ -549,20 +549,20 @@ function getStructuredData($type, $data = array()) "@type": "SoftwareApplication", "name": "'.dol_escape_json($data['name']).'", "operatingSystem": "'.dol_escape_json($data['os']).'", - "applicationCategory": "https://schema.org/'.$data['applicationCategory'].'",'; + "applicationCategory": "https://schema.org/'.dol_escape_json($data['applicationCategory']).'",'; if (!empty($data['ratingcount'])) { $ret .= ' "aggregateRating": { "@type": "AggregateRating", - "ratingValue": "'.$data['ratingvalue'].'", - "ratingCount": "'.$data['ratingcount'].'" + "ratingValue": "'.dol_escape_json($data['ratingvalue']).'", + "ratingCount": "'.dol_escape_json($data['ratingcount']).'" },'; } $ret .= ' "offers": { "@type": "Offer", - "price": "'.$data['price'].'", - "priceCurrency": "'.($data['currency'] ? $data['currency'] : $conf->currency).'" + "price": "'.dol_escape_json($data['price']).'", + "priceCurrency": "'.dol_escape_json($data['currency'] ? $data['currency'] : $conf->currency).'" } }'."\n"; $ret .= ''."\n"; @@ -693,8 +693,8 @@ function getStructuredData($type, $data = array()) "offers": { "@type": "Offer", "url": "https://example.com/anvil", - "priceCurrency": "'.($data['currency'] ? $data['currency'] : $conf->currency).'", - "price": "'.$data['price'].'", + "priceCurrency": "'.dol_escape_json($data['currency'] ? $data['currency'] : $conf->currency).'", + "price": "'.dol_escape_json($data['price']).'", "itemCondition": "https://schema.org/UsedCondition", "availability": "https://schema.org/InStock", "seller": { From 90d6f70bce24b23af94e39aae964035114f6680c Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 17 May 2021 06:54:39 +0200 Subject: [PATCH 068/105] Comment --- htdocs/website/index.php | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/htdocs/website/index.php b/htdocs/website/index.php index da1244b567c..7247427363a 100644 --- a/htdocs/website/index.php +++ b/htdocs/website/index.php @@ -2390,6 +2390,18 @@ if ($action == 'generatesitemaps' && $usercanedit) { } } + // Now add sitempas extension for news + // TODO When adding and when not ? + /* + + The Example Times + en + + 2008-12-23 + Companies A, B in Merger Talks + + */ + $root->appendChild($url); $i++; } From ea5d374f233e0162838aeb0df4606e1d8458b8bf Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 17 May 2021 06:57:21 +0200 Subject: [PATCH 069/105] Update index.php --- htdocs/hrm/index.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/htdocs/hrm/index.php b/htdocs/hrm/index.php index af9518d4622..50fd4c3f521 100644 --- a/htdocs/hrm/index.php +++ b/htdocs/hrm/index.php @@ -239,8 +239,8 @@ if (!empty($conf->holiday->enabled) && $user->rights->holiday->read) { $starthalfday = ($obj->halfday == -1 || $obj->halfday == 2) ? 'afternoon' : 'morning'; $endhalfday = ($obj->halfday == 1 || $obj->halfday == 2) ? 'morning' : 'afternoon'; - print ''; print ''; print ''; From 7d0fa95d8134cf44f09bcf78e674d285c1b23d3c Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 17 May 2021 07:08:45 +0200 Subject: [PATCH 070/105] Update card.php --- htdocs/user/group/card.php | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/htdocs/user/group/card.php b/htdocs/user/group/card.php index 21f53c64c68..19b78cf06e9 100644 --- a/htdocs/user/group/card.php +++ b/htdocs/user/group/card.php @@ -138,7 +138,11 @@ if (empty($reshook)) { if (!empty($conf->multicompany->enabled) && !empty($conf->global->MULTICOMPANY_TRANSVERSE_MODE)) { $object->entity = 0; } else { - $object->entity = GETPOSTISSET("entity") ? GETPOST("entity") : $conf->entity; + if ($conf->entity == 1 && $user->admin && !$user->entity) { // Same permissions test than the one used to show the combo of entities into the form + $object->entity = GETPOSTISSET("entity") ? GETPOST("entity") : $conf->entity; + } else { + $object->entity = $conf->entity; + } } $db->begin(); From ad64b43e3080412ec089585b653fa8a8c5276d66 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 17 May 2021 07:11:41 +0200 Subject: [PATCH 071/105] Update html.form.class.php --- htdocs/core/class/html.form.class.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/core/class/html.form.class.php b/htdocs/core/class/html.form.class.php index a0846b2b3ed..9b90ed0b30a 100644 --- a/htdocs/core/class/html.form.class.php +++ b/htdocs/core/class/html.form.class.php @@ -7696,7 +7696,7 @@ class Form 'enabled'=>$conf->contrat->enabled, 'perms'=>1, 'label'=>'LinkToContract', - 'sql'=>"SELECT s.rowid as socid, s.nom as name, s.client, t.rowid, t.ref, t.ref_customer as ref_client, t.ref_supplier, SUM(td.total_ht) as total_ht FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."contrat as t, ".MAIN_DB_PREFIX."contratdet as td WHERE t.fk_soc = s.rowid AND td.fk_contrat = t.rowid AND t.fk_soc IN (".$this->db->sanitize($listofidcompanytoscan).') AND t.entity IN ('.getEntity('contract').') GROUP BY t.rowid' + 'sql'=>"SELECT s.rowid as socid, s.nom as name, s.client, t.rowid, t.ref, t.ref_customer as ref_client, t.ref_supplier, SUM(td.total_ht) as total_ht FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."contrat as t, ".MAIN_DB_PREFIX."contratdet as td WHERE t.fk_soc = s.rowid AND td.fk_contrat = t.rowid AND t.fk_soc IN (".$this->db->sanitize($listofidcompanytoscan).') AND t.entity IN ('.getEntity('contract').') GROUP BY s.rowid, s.nom, s.client, t.rowid, t.ref, t.ref_customer, t.ref_supplier' ), 'fichinter'=>array('enabled'=>$conf->ficheinter->enabled, 'perms'=>1, 'label'=>'LinkToIntervention', 'sql'=>"SELECT s.rowid as socid, s.nom as name, s.client, t.rowid, t.ref FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."fichinter as t WHERE t.fk_soc = s.rowid AND t.fk_soc IN (".$this->db->sanitize($listofidcompanytoscan).') AND t.entity IN ('.getEntity('intervention').')'), 'supplier_proposal'=>array('enabled'=>$conf->supplier_proposal->enabled, 'perms'=>1, 'label'=>'LinkToSupplierProposal', 'sql'=>"SELECT s.rowid as socid, s.nom as name, s.client, t.rowid, t.ref, '' as ref_supplier, t.total_ht FROM ".MAIN_DB_PREFIX."societe as s, ".MAIN_DB_PREFIX."supplier_proposal as t WHERE t.fk_soc = s.rowid AND t.fk_soc IN (".$this->db->sanitize($listofidcompanytoscan).') AND t.entity IN ('.getEntity('supplier_proposal').')'), From 6bf66adff04eb5c8aa431b14c75e3c10dd995ec5 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 17 May 2021 07:27:02 +0200 Subject: [PATCH 072/105] Fix remove some $_REQUEST --- htdocs/admin/security_file.php | 2 +- htdocs/commande/list.php | 1 - htdocs/compta/bank/card.php | 2 +- htdocs/compta/paiement/cheque/card.php | 12 ++++++------ htdocs/core/lib/sendings.lib.php | 4 ++-- htdocs/core/tpl/card_presend.tpl.php | 4 ++-- htdocs/delivery/card.php | 4 ++-- htdocs/expedition/shipment.php | 4 ++-- htdocs/ticket/card.php | 4 ++-- 9 files changed, 18 insertions(+), 19 deletions(-) diff --git a/htdocs/admin/security_file.php b/htdocs/admin/security_file.php index 2b6a4e81fb4..12c90cf3c21 100644 --- a/htdocs/admin/security_file.php +++ b/htdocs/admin/security_file.php @@ -66,7 +66,7 @@ if ($action == 'updateform') { } elseif ($action == 'delete') { // Delete file $langs->load("other"); - $file = $conf->admin->dir_temp.'/'.GETPOST('urlfile', 'alpha'); // Do not use urldecode here ($_GET and $_REQUEST are already decoded by PHP). + $file = $conf->admin->dir_temp.'/'.GETPOST('urlfile', 'alpha'); $ret = dol_delete_file($file); if ($ret) { setEventMessages($langs->trans("FileWasRemoved", GETPOST('urlfile', 'alpha')), null, 'mesgs'); diff --git a/htdocs/commande/list.php b/htdocs/commande/list.php index 3747b2107b2..2c08bb8684a 100644 --- a/htdocs/commande/list.php +++ b/htdocs/commande/list.php @@ -887,7 +887,6 @@ if ($resql) { } if ($massaction == 'createbills') { - //var_dump($_REQUEST); print ''; print '
'; - print $langs->trans("BoxTitleLatestModifiedCandidatures", $max); + print ''; + print $langs->trans("BoxTitleLatestModifiedCandidatures", min($max, $num)); print ''.$langs->trans("FullList").'
'.$staticrecruitmentcandidature->getNomUrl(1, '').''; - print "'.dol_print_date($db->jdate($objp->tms), 'day')."'.$staticrecruitmentcandidature->getFullName($langs).''.$staticrecruitmentjobposition->getNomUrl(1).''.dol_print_date($db->jdate($objp->tms), 'day').''; print $staticrecruitmentcandidature->getLibStatut(3); print "'.dol_print_date($db->jdate($obj->date_start), 'day').'
'.$langs->trans($listhalfday[$starthalfday]).''; - print '		'.dol_print_date($db->jdate($obj->date_end), 'day').'
'.$langs->trans($listhalfday[$endhalfday]).''; + print '		'.dol_print_date($db->jdate($obj->date_start), 'day').' '.$langs->trans($listhalfday[$starthalfday]).''; + print ''.dol_print_date($db->jdate($obj->date_end), 'day').' '.$langs->trans($listhalfday[$endhalfday]).''; print ''.dol_print_date($db->jdate($obj->dm), 'day').''.$holidaystatic->LibStatut($obj->status, 3).'
'; diff --git a/htdocs/compta/bank/card.php b/htdocs/compta/bank/card.php index bf30b1831f9..30aa32a8d58 100644 --- a/htdocs/compta/bank/card.php +++ b/htdocs/compta/bank/card.php @@ -829,7 +829,7 @@ if ($action == 'create') { print ''; print ''; print ''; - print ''."\n\n"; + print ''."\n\n"; print dol_get_fiche_head(array(), 0, '', 0); diff --git a/htdocs/compta/paiement/cheque/card.php b/htdocs/compta/paiement/cheque/card.php index 39b5ded892b..04eee81ced0 100644 --- a/htdocs/compta/paiement/cheque/card.php +++ b/htdocs/compta/paiement/cheque/card.php @@ -126,8 +126,8 @@ if ($action == 'create' && GETPOST("accountid", "int") > 0 && $user->rights->ban // Define output language $outputlangs = $langs; $newlang = ''; - if ($conf->global->MAIN_MULTILANGS && empty($newlang) && !empty($_REQUEST['lang_id'])) { - $newlang = $_REQUEST['lang_id']; + if ($conf->global->MAIN_MULTILANGS && empty($newlang) && GETPOST('lang_id', 'aZ09')) { + $newlang = GETPOST('lang_id', 'aZ09'); } //if ($conf->global->MAIN_MULTILANGS && empty($newlang)) $newlang=$object->client->default_lang; if (!empty($newlang)) { @@ -177,8 +177,8 @@ if ($action == 'confirm_validate' && $confirm == 'yes' && $user->rights->banque- // Define output language $outputlangs = $langs; $newlang = ''; - if ($conf->global->MAIN_MULTILANGS && empty($newlang) && !empty($_REQUEST['lang_id'])) { - $newlang = $_REQUEST['lang_id']; + if ($conf->global->MAIN_MULTILANGS && empty($newlang) && GETPOST('lang_id', 'aZ09')) { + $newlang = GETPOST('lang_id', 'aZ09'); } //if ($conf->global->MAIN_MULTILANGS && empty($newlang)) $newlang=$object->client->default_lang; if (!empty($newlang)) { @@ -219,8 +219,8 @@ if ($action == 'builddoc' && $user->rights->banque->cheque) { $outputlangs = $langs; $newlang = ''; - if ($conf->global->MAIN_MULTILANGS && empty($newlang) && !empty($_REQUEST['lang_id'])) { - $newlang = $_REQUEST['lang_id']; + if ($conf->global->MAIN_MULTILANGS && empty($newlang) && GETPOST('lang_id', 'aZ09')) { + $newlang = GETPOST('lang_id', 'aZ09'); } //if ($conf->global->MAIN_MULTILANGS && empty($newlang)) $newlang=$object->client->default_lang; if (!empty($newlang)) { diff --git a/htdocs/core/lib/sendings.lib.php b/htdocs/core/lib/sendings.lib.php index 15e7286ab08..880019d7b97 100644 --- a/htdocs/core/lib/sendings.lib.php +++ b/htdocs/core/lib/sendings.lib.php @@ -316,8 +316,8 @@ function show_list_sending_receive($origin, $origin_id, $filter = '') $outputlangs = $langs; $newlang = ''; - if (empty($newlang) && !empty($_REQUEST['lang_id'])) { - $newlang = $_REQUEST['lang_id']; + if (empty($newlang) && GETPOST('lang_id', 'aZ09')) { + $newlang = GETPOST('lang_id', 'aZ09'); } if (empty($newlang)) { $newlang = $object->thirdparty->default_lang; diff --git a/htdocs/core/tpl/card_presend.tpl.php b/htdocs/core/tpl/card_presend.tpl.php index bca1386c82e..9c1387d7d58 100644 --- a/htdocs/core/tpl/card_presend.tpl.php +++ b/htdocs/core/tpl/card_presend.tpl.php @@ -58,8 +58,8 @@ if ($action == 'presend') { // Define output language $outputlangs = $langs; $newlang = ''; - if ($conf->global->MAIN_MULTILANGS && empty($newlang) && !empty($_REQUEST['lang_id'])) { - $newlang = $_REQUEST['lang_id']; + if ($conf->global->MAIN_MULTILANGS && empty($newlang) && GETPOST('lang_id', 'aZ09')) { + $newlang = GETPOST('lang_id', 'aZ09'); } if ($conf->global->MAIN_MULTILANGS && empty($newlang)) { $newlang = $object->thirdparty->default_lang; diff --git a/htdocs/delivery/card.php b/htdocs/delivery/card.php index 2c6415f17b7..4855c9c1e49 100644 --- a/htdocs/delivery/card.php +++ b/htdocs/delivery/card.php @@ -542,8 +542,8 @@ if ($action == 'create') { // Create. Seems to no be used if (!empty($conf->global->MAIN_MULTILANGS) && !empty($conf->global->PRODUIT_TEXTS_IN_THIRDPARTY_LANGUAGE)) { $outputlangs = $langs; $newlang = ''; - if (empty($newlang) && !empty($_REQUEST['lang_id'])) { - $newlang = $_REQUEST['lang_id']; + if (empty($newlang) && GETPOST('lang_id', 'aZ09')) { + $newlang = GETPOST('lang_id', 'aZ09'); } if (empty($newlang)) { $newlang = $object->thirdparty->default_lang; diff --git a/htdocs/expedition/shipment.php b/htdocs/expedition/shipment.php index 1231f0b513e..8f5903dd988 100644 --- a/htdocs/expedition/shipment.php +++ b/htdocs/expedition/shipment.php @@ -687,8 +687,8 @@ if ($id > 0 || !empty($ref)) { $outputlangs = $langs; $newlang = ''; - if (empty($newlang) && !empty($_REQUEST['lang_id'])) { - $newlang = $_REQUEST['lang_id']; + if (empty($newlang) && GETPOST('lang_id', 'aZ09')) { + $newlang = GETPOST('lang_id', 'aZ09'); } if (empty($newlang)) { $newlang = $object->thirdparty->default_lang; diff --git a/htdocs/ticket/card.php b/htdocs/ticket/card.php index 4b4b8e594d4..e04e3c51ce3 100644 --- a/htdocs/ticket/card.php +++ b/htdocs/ticket/card.php @@ -1364,8 +1364,8 @@ if ($action == 'create' || $action == 'presend') { // Define output language $outputlangs = $langs; $newlang = ''; - if ($conf->global->MAIN_MULTILANGS && empty($newlang) && !empty($_REQUEST['lang_id'])) { - $newlang = $_REQUEST['lang_id']; + if ($conf->global->MAIN_MULTILANGS && empty($newlang) && GETPOST('lang_id', 'aZ09')) { + $newlang = GETPOST('lang_id', 'aZ09'); } if ($conf->global->MAIN_MULTILANGS && empty($newlang)) { $newlang = $object->default_lang; From c36f231f415eb3d6f6eeda42da629eedcb2de27b Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 17 May 2021 07:34:56 +0200 Subject: [PATCH 073/105] Update card.php --- htdocs/ticket/card.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/htdocs/ticket/card.php b/htdocs/ticket/card.php index a32ec67a11e..cb428712913 100644 --- a/htdocs/ticket/card.php +++ b/htdocs/ticket/card.php @@ -1299,8 +1299,8 @@ elseif (empty($action) || $action == 'view' || $action == 'addlink' || $action = { $outputlangs = $langs; $newlang = ''; - if ($conf->global->MAIN_MULTILANGS && empty($newlang) && !empty($_REQUEST['lang_id'])) { - $newlang = $_REQUEST['lang_id']; + if ($conf->global->MAIN_MULTILANGS && empty($newlang) && GETPOST('lang_id', 'aZ09')) { + $newlang = GETPOST('lang_id', 'aZ09'); } if ($conf->global->MAIN_MULTILANGS && empty($newlang)) { $newlang = $object->thirdparty->default_lang; From dd88f9cd767648860589be45a2a752fdd3e4a910 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 17 May 2021 07:37:01 +0200 Subject: [PATCH 074/105] Update card.php --- htdocs/ticket/card.php | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/htdocs/ticket/card.php b/htdocs/ticket/card.php index cb428712913..857365203f8 100644 --- a/htdocs/ticket/card.php +++ b/htdocs/ticket/card.php @@ -1297,12 +1297,16 @@ elseif (empty($action) || $action == 'view' || $action == 'addlink' || $action = // add a message if ($action == 'presend' || $action == 'presend_addmessage') { + if ($object->fk_soc > 0) { + $object->fetch_thirdparty(); + } + $outputlangs = $langs; $newlang = ''; if ($conf->global->MAIN_MULTILANGS && empty($newlang) && GETPOST('lang_id', 'aZ09')) { $newlang = GETPOST('lang_id', 'aZ09'); } - if ($conf->global->MAIN_MULTILANGS && empty($newlang)) { + if ($conf->global->MAIN_MULTILANGS && empty($newlang) && is_object($object->thirdparty)) { $newlang = $object->thirdparty->default_lang; } $arrayoffamiliestoexclude = array('objectamount'); @@ -1315,7 +1319,6 @@ elseif (empty($action) || $action == 'view' || $action == 'addlink' || $action = $help = ""; $substitutionarray = getCommonSubstitutionArray($outputlangs, 0, $arrayoffamiliestoexclude, $object); if ($object->fk_soc > 0) { - $object->fetch_thirdparty(); $substitutionarray['__THIRDPARTY_NAME__'] = $object->thirdparty->name; } $substitutionarray['__USER_SIGNATURE__'] = $user->signature; From bdf876ead4d36c340c0249c150eecf5f3619d3cb Mon Sep 17 00:00:00 2001 From: stickler-ci Date: Mon, 17 May 2021 05:38:46 +0000 Subject: [PATCH 075/105] Fixing style errors. --- htdocs/ticket/card.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/ticket/card.php b/htdocs/ticket/card.php index 857365203f8..186a4461bd3 100644 --- a/htdocs/ticket/card.php +++ b/htdocs/ticket/card.php @@ -1300,7 +1300,7 @@ elseif (empty($action) || $action == 'view' || $action == 'addlink' || $action = if ($object->fk_soc > 0) { $object->fetch_thirdparty(); } - + $outputlangs = $langs; $newlang = ''; if ($conf->global->MAIN_MULTILANGS && empty($newlang) && GETPOST('lang_id', 'aZ09')) { From d4162f3076a34a26dd9ad1d651d58a0083e00d19 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 17 May 2021 08:00:33 +0200 Subject: [PATCH 076/105] Update card.php --- htdocs/ticket/card.php | 12 +----------- 1 file changed, 1 insertion(+), 11 deletions(-) diff --git a/htdocs/ticket/card.php b/htdocs/ticket/card.php index 186a4461bd3..5ed28094e39 100644 --- a/htdocs/ticket/card.php +++ b/htdocs/ticket/card.php @@ -1317,7 +1317,7 @@ elseif (empty($action) || $action == 'view' || $action == 'addlink' || $action = // Substitution array $morehtmlright = ''; $help = ""; - $substitutionarray = getCommonSubstitutionArray($outputlangs, 0, $arrayoffamiliestoexclude, $object); + $substitutionarray = getCommonSubstitutionArray($newlang, 0, $arrayoffamiliestoexclude, $object); if ($object->fk_soc > 0) { $substitutionarray['__THIRDPARTY_NAME__'] = $object->thirdparty->name; } @@ -1351,16 +1351,6 @@ elseif (empty($action) || $action == 'view' || $action == 'addlink' || $action = print '
'; - // Define output language - $outputlangs = $langs; - $newlang = ''; - if ($conf->global->MAIN_MULTILANGS && empty($newlang) && !empty($_REQUEST['lang_id'])) { - $newlang = $_REQUEST['lang_id']; - } - if ($conf->global->MAIN_MULTILANGS && empty($newlang)) { - $newlang = $object->default_lang; - } - $formticket = new FormTicket($db); $formticket->action = $action; From 6308c17c5fd22898006d6ad56437b5122f1a4294 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 17 May 2021 08:30:12 +0200 Subject: [PATCH 077/105] Update main.inc.php --- htdocs/main.inc.php | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/htdocs/main.inc.php b/htdocs/main.inc.php index 3fb1a1aa0da..6110be38c86 100644 --- a/htdocs/main.inc.php +++ b/htdocs/main.inc.php @@ -1964,8 +1964,6 @@ function top_menu_user($hideloginname = 0, $urllogout = '') global $dolibarr_main_authentication, $dolibarr_main_demo; global $menumanager; - $langs->loadLangs(array('companies')); - $userImage = $userDropDownImage = ''; if (!empty($user->photo)) { $userImage = Form::showphoto('userphoto', $user, 0, 0, 0, 'photouserphoto userphoto', 'small', 0, 1); @@ -2203,6 +2201,7 @@ function top_menu_quickadd() { global $langs, $conf, $db, $hookmanager, $user; global $menumanager; + $html = ''; // Define $dropDownQuickAddHtml $dropDownQuickAddHtml = '
'; From 67fc5bce5f78ec9242ca53c4b235c4f55797f651 Mon Sep 17 00:00:00 2001 From: stickler-ci Date: Mon, 17 May 2021 06:30:30 +0000 Subject: [PATCH 078/105] Fixing style errors. --- htdocs/main.inc.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/main.inc.php b/htdocs/main.inc.php index 6110be38c86..c9a7dd21ccc 100644 --- a/htdocs/main.inc.php +++ b/htdocs/main.inc.php @@ -2201,7 +2201,7 @@ function top_menu_quickadd() { global $langs, $conf, $db, $hookmanager, $user; global $menumanager; - + $html = ''; // Define $dropDownQuickAddHtml $dropDownQuickAddHtml = '
'; From ac95302fa7f470627b87c65a6b324d7b7c628c3a Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 17 May 2021 08:48:02 +0200 Subject: [PATCH 079/105] Clean comment --- .../interface_99_modZapier_ZapierTriggers.class.php | 10 +++------- 1 file changed, 3 insertions(+), 7 deletions(-) diff --git a/htdocs/core/triggers/interface_99_modZapier_ZapierTriggers.class.php b/htdocs/core/triggers/interface_99_modZapier_ZapierTriggers.class.php index f2d77553827..4e808d5bf15 100644 --- a/htdocs/core/triggers/interface_99_modZapier_ZapierTriggers.class.php +++ b/htdocs/core/triggers/interface_99_modZapier_ZapierTriggers.class.php @@ -111,13 +111,9 @@ class InterfaceZapierTriggers extends DolibarrTriggers //case 'USER_NEW_PASSWORD': //case 'USER_ENABLEDISABLE': //case 'USER_DELETE': - //case 'USER_SETINGROUP': - //case 'USER_REMOVEFROMGROUP': - // case 'USER_LOGIN': - // case 'USER_LOGIN_FAILED': - // case 'USER_LOGOUT': - // Warning: To increase performances, this action is triggered only if constant MAIN_ACTIVATE_UPDATESESSIONTRIGGER is set to 1. - // // case 'USER_UPDATE_SESSION': + //case 'USER_LOGIN': + //case 'USER_LOGIN_FAILED': + //case 'USER_LOGOUT': // Actions case 'ACTION_MODIFY': From 8dc6241aee1e3a085eef7b142b20f381e881b9bb Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 17 May 2021 08:49:31 +0200 Subject: [PATCH 080/105] Clean dead code --- .../core/triggers/interface_50_modLdap_Ldapsynchro.class.php | 4 ++-- .../interface_99_modMyModule_MyModuleTriggers.class.php | 2 -- 2 files changed, 2 insertions(+), 4 deletions(-) diff --git a/htdocs/core/triggers/interface_50_modLdap_Ldapsynchro.class.php b/htdocs/core/triggers/interface_50_modLdap_Ldapsynchro.class.php index 37956897cb1..d6209ba1694 100644 --- a/htdocs/core/triggers/interface_50_modLdap_Ldapsynchro.class.php +++ b/htdocs/core/triggers/interface_50_modLdap_Ldapsynchro.class.php @@ -183,7 +183,7 @@ class InterfaceLdapsynchro extends DolibarrTriggers $this->error = "ErrorLDAP ".$ldap->error; } } - } elseif ($action == 'USER_SETINGROUP') { + /*} elseif ($action == 'USER_SETINGROUP') { dol_syslog("Trigger '".$this->name."' for action '$action' launched by ".__FILE__.". id=".$object->id); if (!empty($conf->global->LDAP_SYNCHRO_ACTIVE) && $conf->global->LDAP_SYNCHRO_ACTIVE === 'dolibarr2ldap') { $ldap = new Ldap(); @@ -250,7 +250,7 @@ class InterfaceLdapsynchro extends DolibarrTriggers if ($result < 0) { $this->error = "ErrorLDAP ".$ldap->error; } - } + } */ } elseif ($action == 'USERGROUP_CREATE') { // Groupes dol_syslog("Trigger '".$this->name."' for action '$action' launched by ".__FILE__.". id=".$object->id); diff --git a/htdocs/modulebuilder/template/core/triggers/interface_99_modMyModule_MyModuleTriggers.class.php b/htdocs/modulebuilder/template/core/triggers/interface_99_modMyModule_MyModuleTriggers.class.php index 28868add880..e29057c5423 100644 --- a/htdocs/modulebuilder/template/core/triggers/interface_99_modMyModule_MyModuleTriggers.class.php +++ b/htdocs/modulebuilder/template/core/triggers/interface_99_modMyModule_MyModuleTriggers.class.php @@ -119,8 +119,6 @@ class InterfaceMyModuleTriggers extends DolibarrTriggers //case 'USER_NEW_PASSWORD': //case 'USER_ENABLEDISABLE': //case 'USER_DELETE': - //case 'USER_SETINGROUP': - //case 'USER_REMOVEFROMGROUP': // Actions //case 'ACTION_MODIFY': From 7bb71dd89fa1e6552135e2f875cd00cfa174635e Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 17 May 2021 09:25:18 +0200 Subject: [PATCH 081/105] FIX #17602 --- htdocs/admin/dict.php | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/htdocs/admin/dict.php b/htdocs/admin/dict.php index f00d670d4a1..caa7a9fdc05 100644 --- a/htdocs/admin/dict.php +++ b/htdocs/admin/dict.php @@ -802,8 +802,8 @@ if (GETPOST('actionadd') || GETPOST('actionmodify')) if ($value == 'price' || preg_match('/^amount/i', $value)) { $_POST[$keycode] = price2num(GETPOST($keycode), 'MU'); } - elseif ($value == 'taux' || $value == 'localtax1' || $value == 'localtax2') { - $_POST[$keycode] = price2num(GETPOST($keycode), 8); + elseif ($value == 'taux' || $value == 'localtax1') { + $_POST[$keycode] = price2num(GETPOST($keycode), 8); // Note that localtax2 can be a list of rates separated by coma like X:Y:Z } elseif ($value == 'entity') { $_POST[$keycode] = getEntity($tabname[$id]); @@ -871,8 +871,8 @@ if (GETPOST('actionadd') || GETPOST('actionmodify')) if ($field == 'price' || preg_match('/^amount/i', $field)) { $_POST[$keycode] = price2num(GETPOST($keycode), 'MU'); } - elseif ($field == 'taux' || $field == 'localtax1' || $field == 'localtax2') { - $_POST[$keycode] = price2num(GETPOST($keycode), 8); + elseif ($field == 'taux' || $field == 'localtax1') { + $_POST[$keycode] = price2num(GETPOST($keycode), 8); // Note that localtax2 can be a list of rates separated by coma like X:Y:Z } elseif ($field == 'entity') { $_POST[$keycode] = getEntity($tabname[$id]); From 2f9a504dce7e44e16513a712cab815d58585ffb4 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 17 May 2021 09:30:09 +0200 Subject: [PATCH 082/105] Fix label --- htdocs/admin/dict.php | 10 +++++----- htdocs/langs/en_US/main.lang | 1 + 2 files changed, 6 insertions(+), 5 deletions(-) diff --git a/htdocs/admin/dict.php b/htdocs/admin/dict.php index caa7a9fdc05..4bd556c5ac3 100644 --- a/htdocs/admin/dict.php +++ b/htdocs/admin/dict.php @@ -1076,7 +1076,7 @@ if ($id) $sql = $tabsql[$id]; if (!preg_match('/ WHERE /', $sql)) $sql .= " WHERE 1 = 1"; - if ($search_country_id > 0) $sql .= " AND c.rowid = ".$search_country_id; + if ($search_country_id > 0) $sql .= " AND c.rowid = ".((int) $search_country_id); if ($search_code != '' && $id == 9) $sql .= natural_search("code_iso", $search_code); elseif ($search_code != '' && $id == 28) $sql .= natural_search("h.code", $search_code); elseif ($search_code != '' && $id == 32) $sql .= natural_search("a.code", $search_code); @@ -1150,9 +1150,9 @@ if ($id) $class = 'center'; } if ($fieldlist[$field] == 'localtax1_type') { $valuetoshow = $langs->trans("UseLocalTax")." 2"; $class = "center"; $sortable = 0; } - if ($fieldlist[$field] == 'localtax1') { $valuetoshow = $langs->trans("Rate")." 2"; $class = "center"; } + if ($fieldlist[$field] == 'localtax1') { $valuetoshow = $langs->trans("RateOfTaxN", '2'); $class = "center"; } if ($fieldlist[$field] == 'localtax2_type') { $valuetoshow = $langs->trans("UseLocalTax")." 3"; $class = "center"; $sortable = 0; } - if ($fieldlist[$field] == 'localtax2') { $valuetoshow = $langs->trans("Rate")." 3"; $class = "center"; } + if ($fieldlist[$field] == 'localtax2') { $valuetoshow = $langs->trans("RateOfTaxN", '3'); $class = "center"; } if ($fieldlist[$field] == 'organization') { $valuetoshow = $langs->trans("Organization"); } if ($fieldlist[$field] == 'lang') { $valuetoshow = $langs->trans("Language"); } if ($fieldlist[$field] == 'type') { @@ -1380,9 +1380,9 @@ if ($id) $cssprefix = 'center '; } if ($fieldlist[$field] == 'localtax1_type') { $valuetoshow = $langs->trans("UseLocalTax")." 2"; $cssprefix = "center "; $sortable = 0; } - if ($fieldlist[$field] == 'localtax1') { $valuetoshow = $langs->trans("Rate")." 2"; $cssprefix = "center "; $sortable = 0; } + if ($fieldlist[$field] == 'localtax1') { $valuetoshow = $langs->trans("RateOfTaxN", '2'); $cssprefix = "center "; $sortable = 0; } if ($fieldlist[$field] == 'localtax2_type') { $valuetoshow = $langs->trans("UseLocalTax")." 3"; $cssprefix = "center "; $sortable = 0; } - if ($fieldlist[$field] == 'localtax2') { $valuetoshow = $langs->trans("Rate")." 3"; $cssprefix = "center "; $sortable = 0; } + if ($fieldlist[$field] == 'localtax2') { $valuetoshow = $langs->trans("RateOfTaxN", '3'); $cssprefix = "center "; $sortable = 0; } if ($fieldlist[$field] == 'organization') { $valuetoshow = $langs->trans("Organization"); } if ($fieldlist[$field] == 'lang') { $valuetoshow = $langs->trans("Language"); } if ($fieldlist[$field] == 'type') { $valuetoshow = $langs->trans("Type"); } diff --git a/htdocs/langs/en_US/main.lang b/htdocs/langs/en_US/main.lang index 5594c835ba8..39517ca2e1b 100644 --- a/htdocs/langs/en_US/main.lang +++ b/htdocs/langs/en_US/main.lang @@ -427,6 +427,7 @@ LT1IN=CGST LT2IN=SGST LT1GC=Additionnal cents VATRate=Tax Rate +RateOfTaxN=Rate of tax %s VATCode=Tax Rate code VATNPR=Tax Rate NPR DefaultTaxRate=Default tax rate From f95f0748e3acca203bb92faafc44c8207580f4ca Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 17 May 2021 09:54:04 +0200 Subject: [PATCH 083/105] Update viewcat.php --- htdocs/categories/viewcat.php | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/htdocs/categories/viewcat.php b/htdocs/categories/viewcat.php index b62bc3bcb0f..eeca990ef28 100644 --- a/htdocs/categories/viewcat.php +++ b/htdocs/categories/viewcat.php @@ -768,12 +768,11 @@ if ($type == Categorie::TYPE_CONTACT) { break; } - $objsoc->fetch($contact->socid); - print "\t".'
'."\n"; print '
'; print $contact->getNomUrl(1, 'category'); - if ($objsoc->id > 0) { + if ($contact->socid > 0) { + $objsoc->fetch($contact->socid); print ' - '; print $objsoc->getNomUrl(1, 'contact'); } From 1093e66d26183beee9ddc8e75fee6d9aedfa1f4f Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 17 May 2021 10:14:14 +0200 Subject: [PATCH 084/105] Update societe.class.php --- htdocs/societe/class/societe.class.php | 16 +++++++++------- 1 file changed, 9 insertions(+), 7 deletions(-) diff --git a/htdocs/societe/class/societe.class.php b/htdocs/societe/class/societe.class.php index d207c690a69..91059c7ecc1 100644 --- a/htdocs/societe/class/societe.class.php +++ b/htdocs/societe/class/societe.class.php @@ -2560,14 +2560,16 @@ class Societe extends CommonObject } } $label .= '
'.$langs->trans('Email').': '.$this->email; - $phonelist = array(); - if ($this->phone) { - $phonelist[] = dol_print_phone($this->phone, $this->country_code, $this->id, 0, '', ' ', 'phone'); + if (!empty($this->phone) || !empty($this->fax)) { + $phonelist = array(); + if ($this->phone) { + $phonelist[] = dol_print_phone($this->phone, $this->country_code, $this->id, 0, '', ' ', 'phone'); + } + if ($this->fax) { + $phonelist[] = dol_print_phone($this->fax, $this->country_code, $this->id, 0, '', ' ', 'fax'); + } + $label .= '
'.$langs->trans('Phone').': '.implode(' ', $phonelist); } - if ($this->fax) { - $phonelist[] = dol_print_phone($this->fax, $this->country_code, $this->id, 0, '', ' ', 'fax'); - } - $label .= '
'.$langs->trans('Phone').': '.implode(' ', $phonelist); if (!empty($this->address)) { $label .= '
'.$langs->trans("Address").': '.dol_format_address($this, 1, ' ', $langs); } From 261414cb7f7b64bc062d3ce6f97998774134b0d7 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 17 May 2021 10:16:33 +0200 Subject: [PATCH 085/105] Update societe.class.php --- htdocs/societe/class/societe.class.php | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/htdocs/societe/class/societe.class.php b/htdocs/societe/class/societe.class.php index 91059c7ecc1..66974c7e5e9 100644 --- a/htdocs/societe/class/societe.class.php +++ b/htdocs/societe/class/societe.class.php @@ -2571,7 +2571,9 @@ class Societe extends CommonObject $label .= '
'.$langs->trans('Phone').': '.implode(' ', $phonelist); } if (!empty($this->address)) { - $label .= '
'.$langs->trans("Address").': '.dol_format_address($this, 1, ' ', $langs); + $label .= '
'.$langs->trans("Address").': '.dol_format_address($this, 1, ' ', $langs); // Address + country + } elseif (!empty($this->country_code)) { + $label .= '
'.$langs->trans('Country').': '.$this->country_code; } if (!empty($this->tva_intra) || (!empty($conf->global->SOCIETE_SHOW_FIELD_IN_TOOLTIP) && strpos($conf->global->SOCIETE_SHOW_FIELD_IN_TOOLTIP, 'vatnumber') !== false)) { $label .= '
'.$langs->trans('VATIntra').': '.dol_escape_htmltag($this->tva_intra); From f923c70f380d4145153b20bcbb8037caf7ea7a4c Mon Sep 17 00:00:00 2001 From: Ferran Marcet Date: Mon, 17 May 2021 10:17:54 +0200 Subject: [PATCH 086/105] Fix: Before there was no mistake --- htdocs/admin/dict.php | 10 ++-------- 1 file changed, 2 insertions(+), 8 deletions(-) diff --git a/htdocs/admin/dict.php b/htdocs/admin/dict.php index fbe7d924cbc..648537ec3f8 100644 --- a/htdocs/admin/dict.php +++ b/htdocs/admin/dict.php @@ -9,7 +9,7 @@ * Copyright (C) 2012-2015 Marcos García * Copyright (C) 2012 Christophe Battarel * Copyright (C) 2011-2016 Alexandre Spangaro - * Copyright (C) 2015-2021 Ferran Marcet + * Copyright (C) 2015 Ferran Marcet * Copyright (C) 2016 Raphaël Doursenaud * Copyright (C) 2019 Frédéric France * @@ -777,10 +777,7 @@ if (GETPOST('actionadd') || GETPOST('actionmodify')) elseif (in_array($keycode, array('joinfile', 'private', 'position', 'scale'))) { $sql .= (int) GETPOST($keycode, 'int'); } - elseif ($keycode == 'localtax2') { - $sql .= "'".GETPOST($keycode, 'alpha')."'"; - } - else { + else { $sql .= "'".$db->escape(GETPOST($keycode, 'nohtml'))."'"; } @@ -846,9 +843,6 @@ if (GETPOST('actionadd') || GETPOST('actionmodify')) elseif (in_array($keycode, array('private', 'position', 'scale'))) { $sql .= (int) GETPOST($keycode, 'int'); } - elseif ($keycode == 'localtax2') { - $sql .= "'".GETPOST($keycode, 'alpha')."'"; - } else { $sql .= "'".$db->escape(GETPOST($keycode, 'nohtml'))."'"; } From 082ae2e62761cdd3a775ec6ec5daf39fa3236741 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 17 May 2021 11:11:17 +0200 Subject: [PATCH 087/105] Fix trans --- htdocs/core/class/dolgraph.class.php | 2 +- htdocs/langs/en_US/compta.lang | 10 +++++----- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/htdocs/core/class/dolgraph.class.php b/htdocs/core/class/dolgraph.class.php index 7eecea00ff6..b1819e24ab0 100644 --- a/htdocs/core/class/dolgraph.class.php +++ b/htdocs/core/class/dolgraph.class.php @@ -1259,7 +1259,7 @@ class DolGraph if ($i > 0) { $this->stringtoshow .= ', '; } - $this->stringtoshow .= "'" . dol_escape_js(dol_trunc($val, 22)) . "'"; + $this->stringtoshow .= "'" . dol_escape_js(dol_trunc($val, 25)) . "'"; // Lower than 25 make some important label (that we can't shorten) to be truncated $i++; } diff --git a/htdocs/langs/en_US/compta.lang b/htdocs/langs/en_US/compta.lang index 405689a57e5..8329346c163 100644 --- a/htdocs/langs/en_US/compta.lang +++ b/htdocs/langs/en_US/compta.lang @@ -286,9 +286,9 @@ ReportPurchaseTurnover=Purchase turnover invoiced ReportPurchaseTurnoverCollected=Purchase turnover collected IncludeVarpaysInResults = Include various payments in reports IncludeLoansInResults = Include loans in reports -InvoiceLate30Days = Invoices late 30 days -InvoiceLate15Days = Invoices late 15 days +InvoiceLate30Days = Invoices late > 30 days +InvoiceLate15Days = Invoices late > 15 days InvoiceLateMinus15Days = Invoices late -InvoiceNotLate = To pay < 15 days -InvoiceNotLate15Days = To pay > 15 days -InvoiceNotLate30Days = To pay in > 30 days +InvoiceNotLate = To be collected < 15 days +InvoiceNotLate15Days = To be collected in 15 days +InvoiceNotLate30Days = To be collected in 30 days From 6402ef949650e650eeed24d19fdda773b7126f94 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 17 May 2021 11:26:31 +0200 Subject: [PATCH 088/105] Fix colors --- htdocs/core/lib/invoice.lib.php | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/htdocs/core/lib/invoice.lib.php b/htdocs/core/lib/invoice.lib.php index 6862b6d59e9..16891214ca5 100644 --- a/htdocs/core/lib/invoice.lib.php +++ b/htdocs/core/lib/invoice.lib.php @@ -482,9 +482,9 @@ function getNumberInvoicesPieChart($mode) $sql = "SELECT sum(".$db->ifsql("f.date_lim_reglement < '".date_format($datenowsub30, 'Y-m-d')."'", 1, 0).") as nblate30"; $sql .= ", sum(".$db->ifsql("f.date_lim_reglement < '".date_format($datenowsub15, 'Y-m-d')."'", 1, 0).") as nblate15"; $sql .= ", sum(".$db->ifsql("f.date_lim_reglement < '".date_format($now, 'Y-m-d')."'", 1, 0).") as nblatenow"; - $sql .= ", sum(".$db->ifsql("f.date_lim_reglement > '".date_format($datenowadd30, 'Y-m-d')."'", 1, 0).") as nbnotlate30"; - $sql .= ", sum(".$db->ifsql("f.date_lim_reglement > '".date_format($datenowadd15, 'Y-m-d')."'", 1, 0).") as nbnotlate15"; $sql .= ", sum(".$db->ifsql("f.date_lim_reglement >= '".date_format($now, 'Y-m-d')."'", 1, 0).") as nbnotlatenow"; + $sql .= ", sum(".$db->ifsql("f.date_lim_reglement > '".date_format($datenowadd15, 'Y-m-d')."'", 1, 0).") as nbnotlate15"; + $sql .= ", sum(".$db->ifsql("f.date_lim_reglement > '".date_format($datenowadd30, 'Y-m-d')."'", 1, 0).") as nbnotlate30"; if ($mode == 'customers') { $sql .= " FROM ".MAIN_DB_PREFIX."facture as f"; } elseif ($mode == 'fourn') { @@ -513,7 +513,8 @@ function getNumberInvoicesPieChart($mode) foreach ($dataseries as $key=>$value) { $total+=$value[1]; } - $colorseries = array($badgeStatus8, $badgeStatus1, $badgeStatus3, $badgeStatus2, $badgeStatus4, $badgeStatus11); + + $colorseries = array($badgeStatus8, $badgeStatus1, $badgeStatus3, $badgeStatus4, $badgeStatus11, '-'.$badgeStatus11); if ($conf->use_javascript_ajax) { $result = '
'; $result .= ''; From 1b25c4daa0234109f30f4a0f12defb8bbb571589 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 17 May 2021 11:29:51 +0200 Subject: [PATCH 089/105] Fix phpcs --- htdocs/core/tpl/extrafields_list_search_sql.tpl.php | 2 +- .../triggers/interface_50_modLdap_Ldapsynchro.class.php | 4 ++-- htdocs/user/class/usergroup.class.php | 8 ++++---- htdocs/website/index.php | 8 ++++---- 4 files changed, 11 insertions(+), 11 deletions(-) diff --git a/htdocs/core/tpl/extrafields_list_search_sql.tpl.php b/htdocs/core/tpl/extrafields_list_search_sql.tpl.php index 6fee9958fd1..f1b62676887 100644 --- a/htdocs/core/tpl/extrafields_list_search_sql.tpl.php +++ b/htdocs/core/tpl/extrafields_list_search_sql.tpl.php @@ -26,7 +26,7 @@ if (!empty($extrafieldsobjectkey) && !empty($search_array_options) && is_array($ if ($crit != '' && in_array($typ, array('date', 'datetime', 'timestamp'))) { if (is_numeric($crit)) { - if ($typ == 'date'){ + if ($typ == 'date') { include_once DOL_DOCUMENT_ROOT.'/core/lib/date.lib.php'; $crit = dol_get_first_hour($crit); } diff --git a/htdocs/core/triggers/interface_50_modLdap_Ldapsynchro.class.php b/htdocs/core/triggers/interface_50_modLdap_Ldapsynchro.class.php index d6209ba1694..28565114a21 100644 --- a/htdocs/core/triggers/interface_50_modLdap_Ldapsynchro.class.php +++ b/htdocs/core/triggers/interface_50_modLdap_Ldapsynchro.class.php @@ -183,7 +183,7 @@ class InterfaceLdapsynchro extends DolibarrTriggers $this->error = "ErrorLDAP ".$ldap->error; } } - /*} elseif ($action == 'USER_SETINGROUP') { + /*} elseif ($action == 'USER_SETINGROUP') { dol_syslog("Trigger '".$this->name."' for action '$action' launched by ".__FILE__.". id=".$object->id); if (!empty($conf->global->LDAP_SYNCHRO_ACTIVE) && $conf->global->LDAP_SYNCHRO_ACTIVE === 'dolibarr2ldap') { $ldap = new Ldap(); @@ -217,7 +217,7 @@ class InterfaceLdapsynchro extends DolibarrTriggers $this->error = "ErrorLDAP ".$ldap->error; } } - } elseif ($action == 'USER_REMOVEFROMGROUP') { + } elseif ($action == 'USER_REMOVEFROMGROUP') { dol_syslog("Trigger '".$this->name."' for action '$action' launched by ".__FILE__.". id=".$object->id); if (!empty($conf->global->LDAP_SYNCHRO_ACTIVE) && $conf->global->LDAP_SYNCHRO_ACTIVE === 'dolibarr2ldap') { $ldap = new Ldap(); diff --git a/htdocs/user/class/usergroup.class.php b/htdocs/user/class/usergroup.class.php index b393d8ae261..cacaeb54fc1 100644 --- a/htdocs/user/class/usergroup.class.php +++ b/htdocs/user/class/usergroup.class.php @@ -855,10 +855,10 @@ class UserGroup extends CommonObject $valueofldapfield[] = $muser->_load_ldap_dn($info2); } $info[$conf->global->LDAP_GROUP_FIELD_GROUPMEMBERS] = (!empty($valueofldapfield) ? $valueofldapfield : ''); - } - if (!empty($conf->global->LDAP_GROUP_FIELD_GROUPID)) { - $info[$conf->global->LDAP_GROUP_FIELD_GROUPID] = $this->id; - } + } + if (!empty($conf->global->LDAP_GROUP_FIELD_GROUPID)) { + $info[$conf->global->LDAP_GROUP_FIELD_GROUPID] = $this->id; + } return $info; } diff --git a/htdocs/website/index.php b/htdocs/website/index.php index 7247427363a..69ff8127e6c 100644 --- a/htdocs/website/index.php +++ b/htdocs/website/index.php @@ -2394,12 +2394,12 @@ if ($action == 'generatesitemaps' && $usercanedit) { // TODO When adding and when not ? /* - The Example Times - en + The Example Times + en 2008-12-23 - Companies A, B in Merger Talks - + Companies A, B in Merger Talks + */ $root->appendChild($url); From 547f1dd3703a625b72ee594b238c211a0a684297 Mon Sep 17 00:00:00 2001 From: Dorian Vabre Date: Mon, 17 May 2021 11:54:53 +0200 Subject: [PATCH 090/105] Fix: user rest api rights --- htdocs/user/class/api_users.class.php | 38 +++++++++++++-------------- 1 file changed, 19 insertions(+), 19 deletions(-) diff --git a/htdocs/user/class/api_users.class.php b/htdocs/user/class/api_users.class.php index fa139e2c69f..7c1eef84c2c 100644 --- a/htdocs/user/class/api_users.class.php +++ b/htdocs/user/class/api_users.class.php @@ -71,7 +71,7 @@ class Users extends DolibarrApi $obj_ret = array(); - if (!DolibarrApiAccess::$user->rights->user->user->lire) { + if (!DolibarrApiAccess::$user->rights->user->user->lire && !DolibarrApiAccess::$user->admin) { throw new RestException(401, "You are not allowed to read list of users"); } @@ -142,9 +142,9 @@ class Users extends DolibarrApi */ public function get($id, $includepermissions = 0) { - //if (!DolibarrApiAccess::$user->rights->user->user->lire) { - //throw new RestException(401); - //} + if (!DolibarrApiAccess::$user->rights->user->user->lire && !DolibarrApiAccess::$user->admin) { + throw new RestException(401); + } $result = $this->useraccount->fetch($id); if (!$result) @@ -208,9 +208,9 @@ class Users extends DolibarrApi public function post($request_data = null) { // check user authorization - //if(! DolibarrApiAccess::$user->rights->user->creer) { - // throw new RestException(401, "User creation not allowed"); - //} + if(! DolibarrApiAccess::$user->rights->user->creer && !DolibarrApiAccess::$user->admin) { + throw new RestException(401, "User creation not allowed"); + } // check mandatory fields /*if (!isset($request_data["login"])) throw new RestException(400, "login field missing"); @@ -242,9 +242,9 @@ class Users extends DolibarrApi */ public function put($id, $request_data = null) { - //if (!DolibarrApiAccess::$user->rights->user->user->creer) { - //throw new RestException(401); - //} + if (!DolibarrApiAccess::$user->rights->user->user->creer && !DolibarrApiAccess::$user->admin) { + throw new RestException(401); + } $result = $this->useraccount->fetch($id); if (!$result) @@ -299,7 +299,7 @@ class Users extends DolibarrApi { $obj_ret = array(); - if (!DolibarrApiAccess::$user->rights->user->user->lire) { + if (!DolibarrApiAccess::$user->rights->user->user->lire && !DolibarrApiAccess::$user->admin) { throw new RestException(401); } @@ -334,9 +334,9 @@ class Users extends DolibarrApi global $conf; - //if (!DolibarrApiAccess::$user->rights->user->user->supprimer) { - //throw new RestException(401); - //} + if (!DolibarrApiAccess::$user->rights->user->user->supprimer && !DolibarrApiAccess::$user->admin) { + throw new RestException(401); + } $result = $this->useraccount->fetch($id); if (!$result) { @@ -389,7 +389,7 @@ class Users extends DolibarrApi $obj_ret = array(); - if (!DolibarrApiAccess::$user->rights->user->group_advance->read) { + if (!DolibarrApiAccess::$user->rights->user->group_advance->read && !DolibarrApiAccess::$user->admin) { throw new RestException(401, "You are not allowed to read list of groups"); } @@ -463,7 +463,7 @@ class Users extends DolibarrApi { global $db, $conf; - if (!DolibarrApiAccess::$user->rights->user->group_advance->read) { + if (!DolibarrApiAccess::$user->rights->user->group_advance->read && !DolibarrApiAccess::$user->admin) { throw new RestException(401, "You are not allowed to read groups"); } @@ -486,9 +486,9 @@ class Users extends DolibarrApi */ public function delete($id) { - //if (!DolibarrApiAccess::$user->rights->user->user->supprimer) { - //throw new RestException(401); - //} + if (!DolibarrApiAccess::$user->rights->user->user->supprimer && !DolibarrApiAccess::$user->admin) { + throw new RestException(401); + } $result = $this->useraccount->fetch($id); if (!$result) { From c3bea1b46e89f108fee7175ad47c7efcb61f35f5 Mon Sep 17 00:00:00 2001 From: Francis Appels Date: Mon, 17 May 2021 12:00:56 +0200 Subject: [PATCH 091/105] Fix: Add test to delete supplier order if reception exist --- .../fourn/class/fournisseur.commande.class.php | 12 ++++++++++++ htdocs/fourn/commande/card.php | 18 +++++++++++++++--- htdocs/langs/en_US/receptions.lang | 2 +- 3 files changed, 28 insertions(+), 4 deletions(-) diff --git a/htdocs/fourn/class/fournisseur.commande.class.php b/htdocs/fourn/class/fournisseur.commande.class.php index 331e211e5ac..83251c93499 100644 --- a/htdocs/fourn/class/fournisseur.commande.class.php +++ b/htdocs/fourn/class/fournisseur.commande.class.php @@ -2070,6 +2070,18 @@ class CommandeFournisseur extends CommonOrder // End call triggers } + // Test we can delete + $this->fetchObjectLinked(null, 'order_supplier'); + if (!empty($this->linkedObjects)) { + foreach ($this->linkedObjects['reception'] as $element) { + if ($element->statut >= 0) { + $this->errors[] = $langs->trans('ReceptionExist'); + $error++; + break; + } + } + } + $main = MAIN_DB_PREFIX.'commande_fournisseurdet'; $ef = $main."_extrafields"; $sql = "DELETE FROM $ef WHERE fk_object IN (SELECT rowid FROM $main WHERE fk_commande = ".$this->id.")"; diff --git a/htdocs/fourn/commande/card.php b/htdocs/fourn/commande/card.php index bb0ad661c82..9c201497566 100644 --- a/htdocs/fourn/commande/card.php +++ b/htdocs/fourn/commande/card.php @@ -2325,7 +2325,7 @@ if ($action == 'create') { print dol_get_fiche_end(); /** - * Boutons actions + * Buttons for actions */ if ($user->socid == 0 && $action != 'editline' && $action != 'delete') { @@ -2433,11 +2433,19 @@ if ($action == 'create') { } // Ship - + $hasreception = 0; if (!empty($conf->stock->enabled) && (!empty($conf->global->STOCK_CALCULATE_ON_SUPPLIER_DISPATCH_ORDER) || !empty($conf->global->STOCK_CALCULATE_ON_RECEPTION) || !empty($conf->global->STOCK_CALCULATE_ON_RECEPTION_CLOSE))) { $labelofbutton = $langs->trans('ReceiveProducts'); if ($conf->reception->enabled) { $labelofbutton = $langs->trans("CreateReception"); + if (!empty($object->linkedObjects)) { + foreach ($object->linkedObjects['reception'] as $element) { + if ($element->statut >= 0) { + $hasreception = 1; + break; + } + } + } } if (in_array($object->statut, array(3, 4, 5))) { @@ -2508,7 +2516,11 @@ if ($action == 'create') { // Delete if (!empty($usercandelete) || ($object->statut == CommandeFournisseur::STATUS_DRAFT && !empty($usercancreate))) { - print ''.$langs->trans("Delete").''; + if ($hasreception) { + print ''.$langs->trans("Delete").''; + } else { + print ''.$langs->trans("Delete").''; + } } } diff --git a/htdocs/langs/en_US/receptions.lang b/htdocs/langs/en_US/receptions.lang index 760ff884fa0..338602e722e 100644 --- a/htdocs/langs/en_US/receptions.lang +++ b/htdocs/langs/en_US/receptions.lang @@ -44,4 +44,4 @@ ValidateOrderFirstBeforeReception=You must first validate the order before being ReceptionsNumberingModules=Numbering module for receptions ReceptionsReceiptModel=Document templates for receptions NoMorePredefinedProductToDispatch=No more predefined products to dispatch - +ReceptionExist=A reception exists From a3aba28c95fd41c3db3b390f642b6fd05e873105 Mon Sep 17 00:00:00 2001 From: stickler-ci Date: Mon, 17 May 2021 10:06:41 +0000 Subject: [PATCH 092/105] Fixing style errors. --- htdocs/user/class/api_users.class.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/user/class/api_users.class.php b/htdocs/user/class/api_users.class.php index 7c1eef84c2c..39f3b302599 100644 --- a/htdocs/user/class/api_users.class.php +++ b/htdocs/user/class/api_users.class.php @@ -209,7 +209,7 @@ class Users extends DolibarrApi { // check user authorization if(! DolibarrApiAccess::$user->rights->user->creer && !DolibarrApiAccess::$user->admin) { - throw new RestException(401, "User creation not allowed"); + throw new RestException(401, "User creation not allowed"); } // check mandatory fields /*if (!isset($request_data["login"])) From 7d82a20995421ba53b50c8735bf3bb2dac6a20bd Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 17 May 2021 13:36:27 +0200 Subject: [PATCH 093/105] Add missing property --- htdocs/fourn/commande/list.php | 1 + 1 file changed, 1 insertion(+) diff --git a/htdocs/fourn/commande/list.php b/htdocs/fourn/commande/list.php index d32e466444c..fb1891051e6 100644 --- a/htdocs/fourn/commande/list.php +++ b/htdocs/fourn/commande/list.php @@ -1284,6 +1284,7 @@ if ($resql) { $objectstatic->id = $obj->rowid; $objectstatic->ref = $obj->ref; $objectstatic->ref_supplier = $obj->ref_supplier; + $objectstatic->socid = $obj->socid; $objectstatic->total_ht = $obj->total_ht; $objectstatic->total_tva = $obj->total_tva; $objectstatic->total_ttc = $obj->total_ttc; From 4a488ad60a4c3df824b29ef5f7f62051227afb75 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 17 May 2021 13:47:48 +0200 Subject: [PATCH 094/105] Update eldy.lib.php --- htdocs/core/menus/standard/eldy.lib.php | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/htdocs/core/menus/standard/eldy.lib.php b/htdocs/core/menus/standard/eldy.lib.php index 14060d894b3..74c66e899f4 100644 --- a/htdocs/core/menus/standard/eldy.lib.php +++ b/htdocs/core/menus/standard/eldy.lib.php @@ -235,13 +235,12 @@ function print_eldy_menu($db, $atarget, $type_user, &$tabMenu, &$menu, $noout = ) ? 1 : 0, 'perms'=>(!empty($user->rights->propal->lire) || !empty($user->rights->commande->lire) - || !empty($user->rights->fournisseur->lire) || !empty($user->rights->supplier_proposal->lire) + || !empty($user->rights->fournisseur->lire) + || !empty($user->rights->fournisseur->commande->lire) || !empty($user->rights->supplier_order->lire) || !empty($user->rights->contrat->lire) || !empty($user->rights->ficheinter->lire) - || !empty($user->rights->supplier_order->lire) - || !empty($user->rights->fournisseur->commande->lire) ), 'module'=>'propal|commande|supplier_proposal|supplier_order|contrat|ficheinter' ); From 9bde70feba4a8e82f90e8c53c75967f4ce0d5bab Mon Sep 17 00:00:00 2001 From: Anthony Berton <34568357+bb2a@users.noreply.github.com> Date: Mon, 17 May 2021 16:08:48 +0200 Subject: [PATCH 095/105] Update user.class.php --- htdocs/user/class/user.class.php | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) diff --git a/htdocs/user/class/user.class.php b/htdocs/user/class/user.class.php index 2752ee745a1..acbc89482b5 100644 --- a/htdocs/user/class/user.class.php +++ b/htdocs/user/class/user.class.php @@ -2411,8 +2411,18 @@ class User extends CommonObject $label .= '
'.$langs->trans("Job").': '.dol_string_nohtmltag($this->job); } $label .= '
'.$langs->trans("Email").': '.dol_string_nohtmltag($this->email); - if (!empty($this->phone)) { - $label .= '
'.$langs->trans("Phone").': '.dol_string_nohtmltag($this->phone); + if (!empty($this->office_phone) || !empty($this->office_fax) || !empty($this->fax)) { + $phonelist = array(); + if ($this->office_phone) { + $phonelist[] = dol_print_phone($this->office_phone, $this->country_code, $this->id, 0, '', ' ', 'phone'); + } + if ($this->office_fax) { + $phonelist[] = dol_print_phone($this->office_fax, $this->country_code, $this->id, 0, '', ' ', 'fax'); + } + if ($this->user_mobile) { + $phonelist[] = dol_print_phone($this->user_mobile, $this->country_code, $this->id, 0, '', ' ', 'mobile'); + } + $label .= '
'.$langs->trans('Phone').': '.implode(' ', $phonelist); } if (!empty($this->admin)) { $label .= '
'.$langs->trans("Administrator").': '.yn($this->admin); From c54e010126fb1cc297f644f5bf045a26a0c0b09c Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 17 May 2021 16:16:45 +0200 Subject: [PATCH 096/105] Fix perms on API user --- htdocs/user/class/api_users.class.php | 30 ++++++++++++++++----------- 1 file changed, 18 insertions(+), 12 deletions(-) diff --git a/htdocs/user/class/api_users.class.php b/htdocs/user/class/api_users.class.php index 39f3b302599..9f5ea935372 100644 --- a/htdocs/user/class/api_users.class.php +++ b/htdocs/user/class/api_users.class.php @@ -71,7 +71,7 @@ class Users extends DolibarrApi $obj_ret = array(); - if (!DolibarrApiAccess::$user->rights->user->user->lire && !DolibarrApiAccess::$user->admin) { + if (!DolibarrApiAccess::$user->rights->user->user->lire && empty(DolibarrApiAccess::$user->admin)) { throw new RestException(401, "You are not allowed to read list of users"); } @@ -142,7 +142,7 @@ class Users extends DolibarrApi */ public function get($id, $includepermissions = 0) { - if (!DolibarrApiAccess::$user->rights->user->user->lire && !DolibarrApiAccess::$user->admin) { + if (!DolibarrApiAccess::$user->rights->user->user->lire && empty(DolibarrApiAccess::$user->admin)) { throw new RestException(401); } @@ -177,7 +177,11 @@ class Users extends DolibarrApi */ public function getInfo() { - $apiUser = DolibarrApiAccess::$user; + if (empty(DolibarrApiAccess::$user->rights->user->user->lire) && empty(DolibarrApiAccess::$user->admin)) { + throw new RestException(401, 'Not allowed'); + } + + $apiUser = DolibarrApiAccess::$user; $result = $this->useraccount->fetch($apiUser->id); if (!$result) { @@ -208,7 +212,7 @@ class Users extends DolibarrApi public function post($request_data = null) { // check user authorization - if(! DolibarrApiAccess::$user->rights->user->creer && !DolibarrApiAccess::$user->admin) { + if (empty(DolibarrApiAccess::$user->rights->user->creer) && empty(DolibarrApiAccess::$user->admin)) { throw new RestException(401, "User creation not allowed"); } // check mandatory fields @@ -242,7 +246,7 @@ class Users extends DolibarrApi */ public function put($id, $request_data = null) { - if (!DolibarrApiAccess::$user->rights->user->user->creer && !DolibarrApiAccess::$user->admin) { + if (empty(DolibarrApiAccess::$user->rights->user->user->creer) && empty(DolibarrApiAccess::$user->admin)) { throw new RestException(401); } @@ -299,7 +303,7 @@ class Users extends DolibarrApi { $obj_ret = array(); - if (!DolibarrApiAccess::$user->rights->user->user->lire && !DolibarrApiAccess::$user->admin) { + if (empty(DolibarrApiAccess::$user->rights->user->user->lire) && empty(DolibarrApiAccess::$user->admin)) { throw new RestException(401); } @@ -334,7 +338,7 @@ class Users extends DolibarrApi global $conf; - if (!DolibarrApiAccess::$user->rights->user->user->supprimer && !DolibarrApiAccess::$user->admin) { + if (empty(DolibarrApiAccess::$user->rights->user->user->creer) && empty(DolibarrApiAccess::$user->admin)) { throw new RestException(401); } $result = $this->useraccount->fetch($id); @@ -389,9 +393,10 @@ class Users extends DolibarrApi $obj_ret = array(); - if (!DolibarrApiAccess::$user->rights->user->group_advance->read && !DolibarrApiAccess::$user->admin) { - throw new RestException(401, "You are not allowed to read list of groups"); - } + if ((empty($conf->global->MAIN_USE_ADVANCED_PERMS) && empty(DolibarrApiAccess::$user->rights->user->user->lire) && empty(DolibarrApiAccess::$user->admin)) || + !empty($conf->global->MAIN_USE_ADVANCED_PERMS) && empty(DolibarrApiAccess::$user->rights->user->group_advance->read) && empty(DolibarrApiAccess::$user->admin)) { + throw new RestException(401, "You are not allowed to read groups"); + } // case of external user, $societe param is ignored and replaced by user's socid //$socid = DolibarrApiAccess::$user->socid ? DolibarrApiAccess::$user->socid : $societe; @@ -463,7 +468,8 @@ class Users extends DolibarrApi { global $db, $conf; - if (!DolibarrApiAccess::$user->rights->user->group_advance->read && !DolibarrApiAccess::$user->admin) { + if ((empty($conf->global->MAIN_USE_ADVANCED_PERMS) && empty(DolibarrApiAccess::$user->rights->user->user->lire) && empty(DolibarrApiAccess::$user->admin)) || + !empty($conf->global->MAIN_USE_ADVANCED_PERMS) && empty(DolibarrApiAccess::$user->rights->user->group_advance->read) && empty(DolibarrApiAccess::$user->admin)) { throw new RestException(401, "You are not allowed to read groups"); } @@ -486,7 +492,7 @@ class Users extends DolibarrApi */ public function delete($id) { - if (!DolibarrApiAccess::$user->rights->user->user->supprimer && !DolibarrApiAccess::$user->admin) { + if (empty(DolibarrApiAccess::$user->rights->user->user->supprimer) && empty(DolibarrApiAccess::$user->admin)) { throw new RestException(401); } $result = $this->useraccount->fetch($id); From 3c9d8bc931799f9cbf7e04d6cedcf1a3bff44ab8 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 17 May 2021 16:17:03 +0200 Subject: [PATCH 097/105] Fix perms on API user --- htdocs/user/class/api_users.class.php | 36 +++++++++++++-------------- 1 file changed, 18 insertions(+), 18 deletions(-) diff --git a/htdocs/user/class/api_users.class.php b/htdocs/user/class/api_users.class.php index f5f0b73a70f..6081c3d294f 100644 --- a/htdocs/user/class/api_users.class.php +++ b/htdocs/user/class/api_users.class.php @@ -62,7 +62,7 @@ class Users extends DolibarrApi * @param int $limit Limit for list * @param int $page Page number * @param string $user_ids User ids filter field. Example: '1' or '1,2,3' {@pattern /^[0-9,]*$/i} - * @param int $category Use this param to filter list by category + * @param int $category Use this param to filter list by category * @param string $sqlfilters Other criteria to filter answers separated by a comma. Syntax example "(t.ref:like:'SO-%') and (t.date_creation:<:'20160101')" * @return array Array of User objects */ @@ -70,7 +70,7 @@ class Users extends DolibarrApi { global $db, $conf; - if (!DolibarrApiAccess::$user->rights->user->user->lire) { + if (!DolibarrApiAccess::$user->rights->user->user->lire && empty(DolibarrApiAccess::$user->admin)) { throw new RestException(401, "You are not allowed to read list of users"); } @@ -149,7 +149,7 @@ class Users extends DolibarrApi */ public function get($id, $includepermissions = 0) { - if (empty(DolibarrApiAccess::$user->rights->user->user->lire)) { + if (empty(DolibarrApiAccess::$user->rights->user->user->lire) && empty(DolibarrApiAccess::$user->admin)) { throw new RestException(401, 'Not allowed'); } @@ -187,7 +187,7 @@ class Users extends DolibarrApi */ public function getByLogin($login, $includepermissions = 0) { - if (empty(DolibarrApiAccess::$user->rights->user->user->lire)) { + if (empty(DolibarrApiAccess::$user->rights->user->user->lire) && empty(DolibarrApiAccess::$user->admin)) { throw new RestException(401, 'Not allowed'); } @@ -221,7 +221,7 @@ class Users extends DolibarrApi */ public function getByEmail($email, $includepermissions = 0) { - if (empty(DolibarrApiAccess::$user->rights->user->user->lire)) { + if (empty(DolibarrApiAccess::$user->rights->user->user->lire) && empty(DolibarrApiAccess::$user->admin)) { throw new RestException(401, 'Not allowed'); } @@ -254,7 +254,7 @@ class Users extends DolibarrApi */ public function getInfo($includepermissions = 0) { - if (empty(DolibarrApiAccess::$user->rights->user->user->lire)) { + if (empty(DolibarrApiAccess::$user->rights->user->user->lire) && empty(DolibarrApiAccess::$user->admin)) { throw new RestException(401, 'Not allowed'); } @@ -295,7 +295,7 @@ class Users extends DolibarrApi public function post($request_data = null) { // Check user authorization - if (empty(DolibarrApiAccess::$user->rights->user->user->creer)) { + if (empty(DolibarrApiAccess::$user->rights->user->creer) && empty(DolibarrApiAccess::$user->admin)) { throw new RestException(401, "User creation not allowed for login ".DolibarrApiAccess::$user->login); } @@ -345,7 +345,7 @@ class Users extends DolibarrApi public function put($id, $request_data = null) { // Check user authorization - if (empty(DolibarrApiAccess::$user->rights->user->creer)) { + if (empty(DolibarrApiAccess::$user->rights->user->user->creer) && empty(DolibarrApiAccess::$user->admin)) { throw new RestException(401, "User update not allowed"); } @@ -423,12 +423,12 @@ class Users extends DolibarrApi */ public function getGroups($id) { - if (!DolibarrApiAccess::$user->rights->user->user->lire) { + $obj_ret = array(); + + if (empty(DolibarrApiAccess::$user->rights->user->user->lire) && empty(DolibarrApiAccess::$user->admin)) { throw new RestException(403); } - $obj_ret = array(); - $user = new User($this->db); $result = $user->fetch($id); if (!$result) { @@ -463,7 +463,7 @@ class Users extends DolibarrApi { global $conf; - if (empty(DolibarrApiAccess::$user->rights->user->user->creer)) { + if (empty(DolibarrApiAccess::$user->rights->user->user->creer) && empty(DolibarrApiAccess::$user->admin)) { throw new RestException(401); } @@ -516,9 +516,9 @@ class Users extends DolibarrApi $obj_ret = array(); - if ((empty($conf->global->MAIN_USE_ADVANCED_PERMS) && empty(DolibarrApiAccess::$user->rights->user->user->lire)) || - !empty($conf->global->MAIN_USE_ADVANCED_PERMS) && empty(DolibarrApiAccess::$user->rights->user->group_advance->read)) { - throw new RestException(401, "You are not allowed to read groups"); + if ((empty($conf->global->MAIN_USE_ADVANCED_PERMS) && empty(DolibarrApiAccess::$user->rights->user->user->lire) && empty(DolibarrApiAccess::$user->admin)) || + !empty($conf->global->MAIN_USE_ADVANCED_PERMS) && empty(DolibarrApiAccess::$user->rights->user->group_advance->read) && empty(DolibarrApiAccess::$user->admin)) { + throw new RestException(401, "You are not allowed to read groups"); } // case of external user, $societe param is ignored and replaced by user's socid @@ -590,8 +590,8 @@ class Users extends DolibarrApi { global $db, $conf; - if ((empty($conf->global->MAIN_USE_ADVANCED_PERMS) && empty(DolibarrApiAccess::$user->rights->user->user->lire)) || - !empty($conf->global->MAIN_USE_ADVANCED_PERMS) && empty(DolibarrApiAccess::$user->rights->user->group_advance->read)) { + if ((empty($conf->global->MAIN_USE_ADVANCED_PERMS) && empty(DolibarrApiAccess::$user->rights->user->user->lire) && empty(DolibarrApiAccess::$user->admin)) || + !empty($conf->global->MAIN_USE_ADVANCED_PERMS) && empty(DolibarrApiAccess::$user->rights->user->group_advance->read) && empty(DolibarrApiAccess::$user->admin)) { throw new RestException(401, "You are not allowed to read groups"); } @@ -616,7 +616,7 @@ class Users extends DolibarrApi */ public function delete($id) { - if (empty(DolibarrApiAccess::$user->rights->user->user->supprimer)) { + if (empty(DolibarrApiAccess::$user->rights->user->user->supprimer) && empty(DolibarrApiAccess::$user->admin)) { throw new RestException(401, 'Not allowed'); } $result = $this->useraccount->fetch($id); From 68fe68b8444fcdd009d337aca7cc67f5a9ca5eb2 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 17 May 2021 16:25:25 +0200 Subject: [PATCH 098/105] Update listevents.php --- htdocs/admin/tools/listevents.php | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/htdocs/admin/tools/listevents.php b/htdocs/admin/tools/listevents.php index 1190e156db4..824b287cce9 100644 --- a/htdocs/admin/tools/listevents.php +++ b/htdocs/admin/tools/listevents.php @@ -245,7 +245,7 @@ if (!empty($result)) { if ($limit > 0 && $limit != $conf->liste_limit) { $param .= '&limit='.urlencode($limit); } - if (!empty($optioncss) && $optioncss != '') { + if ($optioncss != '') { $param .= '&optioncss='.urlencode($optioncss); } if ($search_code) { @@ -266,22 +266,22 @@ if (!empty($result)) { if ($search_prefix_session) { $param .= '&search_prefix_session='.urlencode($search_prefix_session); } - if (!empty($date_startmonth)) { + if ($date_startmonth) { $param .= "&date_startmonth=".urlencode($date_startmonth); } - if (!empty($date_startday)) { + if ($date_startday) { $param .= "&date_startday=".urlencode($date_startday); } - if (!empty($date_startyear)) { + if ($date_startyear) { $param .= "&date_startyear=".urlencode($date_startyear); } - if (!empty($date_endmonth)) { + if ($date_endmonth) { $param .= "&date_endmonth=".urlencode($date_endmonth); } - if (!empty($date_endday)) { + if ($date_endday) { $param .= "&date_endday=".urlencode($date_endday); } - if (!empty($date_endyear)) { + if ($date_endyear) { $param .= "&date_endyear=".urlencode($date_endyear); } From c8758c53d282a306aad3509ac10134da3505837d Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 17 May 2021 16:27:14 +0200 Subject: [PATCH 099/105] Update listevents.php --- htdocs/admin/tools/listevents.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/htdocs/admin/tools/listevents.php b/htdocs/admin/tools/listevents.php index 824b287cce9..ec824b380d6 100644 --- a/htdocs/admin/tools/listevents.php +++ b/htdocs/admin/tools/listevents.php @@ -42,7 +42,7 @@ if ($user->socid > 0) { } // Load translation files required by the page -$langs->loadLangs(array("companies", "admin", "users", "other")); +$langs->loadLangs(array("companies", "admin", "users", "other","withdrawals")); // Load variable for pagination $limit = GETPOST('limit', 'int') ?GETPOST('limit', 'int') : $conf->liste_limit; @@ -285,7 +285,7 @@ if (!empty($result)) { $param .= "&date_endyear=".urlencode($date_endyear); } - $langs->load('withdrawals'); + $center = ''; if (!empty($num)) { $center = ''.$langs->trans("Purge").''; } @@ -293,7 +293,7 @@ if (!empty($result)) { print ''; print ''; - print_barre_liste($langs->trans("ListOfSecurityEvents"), $page, $_SERVER["PHP_SELF"], $param, $sortfield, $sortorder, empty($center) ? '' : $center, $num, $nbtotalofrecords, 'setup', 0, '', '', $limit); + print_barre_liste($langs->trans("ListOfSecurityEvents"), $page, $_SERVER["PHP_SELF"], $param, $sortfield, $sortorder, $center, $num, $nbtotalofrecords, 'setup', 0, '', '', $limit); if ($action == 'purge') { $formquestion = array(); From caf1c625a3c489367617b8e12637e479381423b2 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 17 May 2021 16:28:19 +0200 Subject: [PATCH 100/105] Update listevents.php --- htdocs/admin/tools/listevents.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/admin/tools/listevents.php b/htdocs/admin/tools/listevents.php index ec824b380d6..8d147ea1087 100644 --- a/htdocs/admin/tools/listevents.php +++ b/htdocs/admin/tools/listevents.php @@ -286,7 +286,7 @@ if (!empty($result)) { } $center = ''; - if (!empty($num)) { + if ($num) { $center = ''.$langs->trans("Purge").''; } From caea6f8d6ca9f81b985afce2a3bf8c48eed3ac10 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 17 May 2021 16:29:00 +0200 Subject: [PATCH 101/105] Update listevents.php --- htdocs/admin/tools/listevents.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/admin/tools/listevents.php b/htdocs/admin/tools/listevents.php index 8d147ea1087..fbc2412a9df 100644 --- a/htdocs/admin/tools/listevents.php +++ b/htdocs/admin/tools/listevents.php @@ -234,7 +234,7 @@ $nbtotalofrecords = ''; $sql .= $db->plimit($conf->liste_limit + 1, $offset); //print $sql; $result = $db->query($sql); -if (!empty($result)) { +if ($result) { $num = $db->num_rows($result); $i = 0; From a865f49d72049f7ffbb949da11386ab151fdfd16 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 17 May 2021 19:19:26 +0200 Subject: [PATCH 102/105] Fix phpcs --- htdocs/user/class/api_users.class.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/user/class/api_users.class.php b/htdocs/user/class/api_users.class.php index 9f5ea935372..75aedba09bd 100644 --- a/htdocs/user/class/api_users.class.php +++ b/htdocs/user/class/api_users.class.php @@ -180,7 +180,7 @@ class Users extends DolibarrApi if (empty(DolibarrApiAccess::$user->rights->user->user->lire) && empty(DolibarrApiAccess::$user->admin)) { throw new RestException(401, 'Not allowed'); } - + $apiUser = DolibarrApiAccess::$user; $result = $this->useraccount->fetch($apiUser->id); From ba0e95a4ff6ffa6b085628d1477c838e480597b5 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 17 May 2021 23:47:16 +0200 Subject: [PATCH 103/105] FIX huntr CWE-79 --- htdocs/core/lib/functions.lib.php | 22 ++++++---- htdocs/main.inc.php | 29 ++++++++++++- test/phpunit/SecurityTest.php | 68 +++++++++++++++++++++---------- 3 files changed, 86 insertions(+), 33 deletions(-) diff --git a/htdocs/core/lib/functions.lib.php b/htdocs/core/lib/functions.lib.php index 8251c850ddf..a987cf03e4c 100644 --- a/htdocs/core/lib/functions.lib.php +++ b/htdocs/core/lib/functions.lib.php @@ -634,17 +634,17 @@ function GETPOST($paramname, $check = 'alphanohtml', $method = 0, $filter = null $out = checkVal($out, $check, $filter, $options); } - // Sanitizing for special parameters. There is no reason to allow the backtopage, backtolist or backtourl parameter to contains an external URL. + // Sanitizing for special parameters. + // Note: There is no reason to allow the backtopage, backtolist or backtourl parameter to contains an external URL. if ($paramname == 'backtopage' || $paramname == 'backtolist' || $paramname == 'backtourl') { - $out = str_replace('\\', '/', $out); - $out = str_replace(array(':', ';', '@'), '', $out); - + $out = str_replace('\\', '/', $out); // Can be before the loop because only 1 char is replaced. No risk to get it after other replacements. + $out = str_replace(array(':', ';', '@'), '', $out); // Can be before the loop because only 1 char is replaced. No risk to get it after other replacements. do { $oldstringtoclean = $out; $out = str_ireplace(array('javascript', 'vbscript', '&colon', '&#'), '', $out); } while ($oldstringtoclean != $out); - $out = preg_replace(array('/^[a-z]*\/\/+/i'), '', $out); + $out = preg_replace(array('/^[a-z]*\/\/+/i'), '', $out); // We remove schema*// to remove external URL } // Code for search criteria persistence. @@ -684,7 +684,7 @@ function GETPOSTINT($paramname, $method = 0, $filter = null, $options = null, $n } /** - * Return a value after checking on a rule. + * Return a value after checking on a rule. A sanitization may also have been done. * * @param string $out Value to check/clear. * @param string $check Type of check/sanitizing @@ -777,6 +777,11 @@ function checkVal($out = '', $check = 'alphanohtml', $filter = null, $options = case 'restricthtml': // Recommended for most html textarea do { $oldstringtoclean = $out; + + // We replace chars encoded with numeric HTML entities with real char (to avoid to have numeric entities used for obfuscation of injections) + $out = preg_replace_callback('/&#(x?[0-9][0-9a-f]+);/i', 'realCharForNumericEntities', $out); + $out = preg_replace('/&#x?[0-9]+/i', '', $out); // For example if we have javascript with an entities without the ; to hide the 'a' of 'javascript'. + $out = dol_string_onlythesehtmltags($out, 0, 1, 1); // We should also exclude non expected attributes @@ -797,7 +802,6 @@ function checkVal($out = '', $check = 'alphanohtml', $filter = null, $options = } - if (!function_exists('dol_getprefix')) { /** * Return a prefix to use for this Dolibarr instance, for session/cookie names or email id. @@ -9738,8 +9742,8 @@ function dolGetButtonAction($label, $html = '', $actionType = 'default', $url = /** * Add space between dolGetButtonTitle * - * @param string $moreClass more css class label - * @return string html of title separator + * @param string $moreClass more css class label + * @return string html of title separator */ function dolGetButtonTitleSeparator($moreClass = "") { diff --git a/htdocs/main.inc.php b/htdocs/main.inc.php index c9a7dd21ccc..7b40647ebcb 100644 --- a/htdocs/main.inc.php +++ b/htdocs/main.inc.php @@ -50,9 +50,33 @@ if (!empty($_SERVER['MAIN_SHOW_TUNING_INFO'])) { } } + +/** + * Return the real char for a numeric entities. + * This function is required by testSqlAndScriptInject(). + * + * @param string $matches String of numeric entity + * @return string New value + */ +function realCharForNumericEntities($matches) +{ + $newstringnumentity = $matches[1]; + + if (preg_match('/^x/i', $newstringnumentity)) { + $newstringnumentity = hexdec(preg_replace('/^x/i', '', $newstringnumentity)); + } + + // The numeric value we don't want as entities + if (($newstringnumentity >= 65 && $newstringnumentity <= 90) || ($newstringnumentity >= 97 && $newstringnumentity <= 122)) { + return chr((int) $newstringnumentity); + } + + return '&#'.$matches[1]; +} + /** * Security: WAF layer for SQL Injection and XSS Injection (scripts) protection (Filters on GET, POST, PHP_SELF). - * Warning: Such a protection can't be enough. It is not reliable as it will alwyas be possible to bypass this. Good protection can + * Warning: Such a protection can't be enough. It is not reliable as it will always be possible to bypass this. Good protection can * only be guaranted by escaping data during output. * * @param string $val Value brut found int $_GET, $_POST or PHP_SELF @@ -61,7 +85,7 @@ if (!empty($_SERVER['MAIN_SHOW_TUNING_INFO'])) { */ function testSqlAndScriptInject($val, $type) { - // Decode string first bcause a lot of things are obfuscated by encoding or multiple encoding. + // Decode string first because a lot of things are obfuscated by encoding or multiple encoding. // So assertEquals($expectedresult, $result, 'Error on testSqlAndScriptInject expected 0b'); - // Should detect XSS + + // Should detect attack $expectedresult=1; $_SERVER["PHP_SELF"]='/DIR WITH SPACE/htdocs/admin/index.php/'; $result=testSqlAndScriptInject($_SERVER["PHP_SELF"], 2); $this->assertGreaterThanOrEqual($expectedresult, $result, 'Error on testSqlAndScriptInject for PHP_SELF that should detect XSS'); + $test = 'javascript:'; + $result=testSqlAndScriptInject($test, 0); + $this->assertEquals($expectedresult, $result, 'Error on testSqlAndScriptInject for javascript1. Should find an attack and did not.'); + + $test = 'javascript:'; + $result=testSqlAndScriptInject($test, 0); + $this->assertEquals($expectedresult, $result, 'Error on testSqlAndScriptInject for javascript2. Should find an attack and did not.'); + $test = 'javascript&colon;alert(1)'; $result=testSqlAndScriptInject($test, 0); - $this->assertEquals($expectedresult, $result, 'Error on testSqlAndScriptInject expected 1a'); + $this->assertEquals($expectedresult, $result, 'Error on testSqlAndScriptInject for javascript2'); $test=""; $result=testSqlAndScriptInject($test, 0); - $this->assertGreaterThanOrEqual($expectedresult, $result, 'Error on testSqlAndScriptInject aaa'); + $this->assertGreaterThanOrEqual($expectedresult, $result, 'Error on testSqlAndScriptInject aaa1'); $test=""; $result=testSqlAndScriptInject($test, 2); @@ -328,9 +337,12 @@ class SecurityTest extends PHPUnit\Framework\TestCase $_POST["param10"]='is_object($object) ? ($object->id < 10 ? round($object->id / 2, 2) : (2 * $user->id) * (int) substr($mysoc->zip, 1, 2)) : \'objnotdefined\''; $_POST["param11"]=' Name '; $_POST["param12"]='aaa'; + $_POST["param13"]='n n > < " XSS'; + $_POST["param13b"]='n n > < " XSS'; //$_POST["param13"]='javascript%26colon%26%23x3B%3Balert(1)'; //$_POST["param14"]='javascripT&javascript#x3a alert(1)'; + $result=GETPOST('id', 'int'); // Must return nothing print __METHOD__." result=".$result."\n"; $this->assertEquals($result, ''); @@ -343,7 +355,7 @@ class SecurityTest extends PHPUnit\Framework\TestCase print __METHOD__." result=".$result."\n"; $this->assertEquals($result, 333, 'Test on param1 with 3rd param = 2'); - // Test alpha + // Test with alpha $result=GETPOST("param2", 'alpha'); print __METHOD__." result=".$result."\n"; @@ -357,7 +369,7 @@ class SecurityTest extends PHPUnit\Framework\TestCase print __METHOD__." result=".$result."\n"; $this->assertEquals($result, 'dir'); - // Test aZ09 + // Test with aZ09 $result=GETPOST("param1", 'aZ09'); print __METHOD__." result=".$result."\n"; @@ -379,25 +391,22 @@ class SecurityTest extends PHPUnit\Framework\TestCase print __METHOD__." result=".$result."\n"; $this->assertEquals($_GET["param5"], $result); - $result=GETPOST("param6", 'alpha'); - print __METHOD__." result=".$result."\n"; - $this->assertEquals('>', $result); + // Test with nohtml $result=GETPOST("param6", 'nohtml'); print __METHOD__." result=".$result."\n"; $this->assertEquals('">', $result); - $result=GETPOST("param6b"); + // Test with alpha = alphanohtml. We must convert the html entities like n and disable all entities + + $result=GETPOST("param6", 'alphanohtml'); + print __METHOD__." result=".$result."\n"; + $this->assertEquals('>', $result); + + $result=GETPOST("param6b", 'alphanohtml'); print __METHOD__." result=".$result."\n"; $this->assertEquals('abc', $result); - // With restricthtml we must remove html open/close tag and content but not htmlentities like n - - $result=GETPOST("param7", 'restricthtml'); - print __METHOD__." result=".$result."\n"; - $this->assertEquals('"c:\this is a path~1\aaan" abcdef', $result); - - // With alphanohtml, we must convert the html entities like n and disable all entities $result=GETPOST("param8a", 'alphanohtml'); print __METHOD__." result=".$result."\n"; $this->assertEquals("Hackersvg onload='console.log(123)'", $result); @@ -434,24 +443,39 @@ class SecurityTest extends PHPUnit\Framework\TestCase print __METHOD__." result=".$result."\n"; $this->assertEquals("Name", $result, 'Test an email string with alphanohtml'); + $result=GETPOST("param13", 'alphanohtml'); + print __METHOD__." result=".$result."\n"; + $this->assertEquals('n n > < XSS', $result, 'Test that html entities are decoded with alpha'); + + // Test with alphawithlgt + $result=GETPOST("param11", 'alphawithlgt'); print __METHOD__." result=".$result."\n"; $this->assertEquals(trim($_POST["param11"]), $result, 'Test an email string with alphawithlgt'); + // Test with restricthtml we must remove html open/close tag and content but not htmlentities (we can decode html entities for ascii chars like n) + + $result=GETPOST("param6", 'restricthtml'); + print __METHOD__." result=".$result."\n"; + $this->assertEquals('">', $result); + + $result=GETPOST("param7", 'restricthtml'); + print __METHOD__." result=".$result."\n"; + $this->assertEquals('"c:\this is a path~1\aaan" abcdef', $result); + $result=GETPOST("param12", 'restricthtml'); print __METHOD__." result=".$result."\n"; $this->assertEquals(trim($_POST["param12"]), $result, 'Test a string with DOCTYPE and restricthtml'); - /*$result=GETPOST("param13", 'alphanohtml'); + $result=GETPOST("param13", 'restricthtml'); print __METHOD__." result=".$result."\n"; - $this->assertEquals(trim($_POST["param13"]), $result, 'Test a string and alphanohtml'); + $this->assertEquals('n n > < " XSS', $result, 'Test that HTML entities are decoded with restricthtml, but only for common alpha chars'); - $result=GETPOST("param14", 'alphanohtml'); + $result=GETPOST("param13b", 'restricthtml'); print __METHOD__." result=".$result."\n"; - $this->assertEquals(trim($_POST["param14"]), $result, 'Test a string and alphanohtml'); - */ + $this->assertEquals('n n > < " XSS', $result, 'Test that HTML entities are decoded with restricthtml, but only for common alpha chars'); - // Special test for GETPOST of backtopage or backtolist parameter + // Special test for GETPOST of backtopage, backtolist or backtourl parameter $_POST["backtopage"]='//www.google.com'; $result=GETPOST("backtopage"); From b6dbe45242a1b1e9303b6103bf68e53535b85ad5 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Tue, 18 May 2021 01:58:54 +0200 Subject: [PATCH 104/105] Fix permissions on page to move position of file --- htdocs/adherents/document.php | 2 ++ htdocs/asset/document.php | 14 ++++++----- htdocs/bom/bom_document.php | 2 ++ htdocs/comm/action/document.php | 2 ++ htdocs/comm/propal/document.php | 2 ++ htdocs/commande/document.php | 14 ++++++----- htdocs/compta/facture/document.php | 2 ++ htdocs/core/actions_linkedfiles.inc.php | 11 +++++---- htdocs/core/ajax/row.php | 24 +++++++++++++------ htdocs/core/lib/security.lib.php | 2 +- .../template/myobject_document.php | 2 +- htdocs/product/document.php | 4 ++-- htdocs/projet/document.php | 10 ++++---- htdocs/societe/document.php | 1 + htdocs/ticket/agenda.php | 5 +--- htdocs/ticket/card.php | 4 ++-- htdocs/ticket/contact.php | 23 ++++++++++++++---- htdocs/ticket/document.php | 20 ++++++++++++---- htdocs/ticket/messaging.php | 9 +++---- 19 files changed, 98 insertions(+), 55 deletions(-) diff --git a/htdocs/adherents/document.php b/htdocs/adherents/document.php index 5150bea861e..f2a7c6f3f55 100644 --- a/htdocs/adherents/document.php +++ b/htdocs/adherents/document.php @@ -93,6 +93,8 @@ if ($id) { $caneditfieldmember = $user->rights->adherent->creer; } +$permissiontoadd = $canaddmember; + // Security check $result = restrictedArea($user, 'adherent', $object->id, '', '', 'socid', 'rowid', 0); diff --git a/htdocs/asset/document.php b/htdocs/asset/document.php index e6f5ed9b353..91e46269994 100644 --- a/htdocs/asset/document.php +++ b/htdocs/asset/document.php @@ -40,12 +40,6 @@ $socid = GETPOST('socid', 'int'); $action = GETPOST('action', 'aZ09'); $confirm = GETPOST('confirm', 'alpha'); -// Security check -if ($user->socid) { - $socid = $user->socid; -} -$result=restrictedArea($user, 'asset', $id, ''); - // Get parameters $limit = GETPOST('limit', 'int') ? GETPOST('limit', 'int') : $conf->liste_limit; $sortfield = GETPOST("sortfield", 'alpha'); @@ -69,6 +63,14 @@ if ($object->fetch($id)) { $upload_dir = $conf->asset->dir_output."/".dol_sanitizeFileName($object->ref); } +$permissiontoadd = $user->rights->asset->write; // Used by the include of actions_addupdatedelete.inc.php and actions_linkedfiles.inc.php + +// Security check +if ($user->socid) { + $socid = $user->socid; +} +$result=restrictedArea($user, 'asset', $id, ''); + /* * Actions diff --git a/htdocs/bom/bom_document.php b/htdocs/bom/bom_document.php index c0196670cfb..e59b22c45b2 100644 --- a/htdocs/bom/bom_document.php +++ b/htdocs/bom/bom_document.php @@ -85,6 +85,8 @@ if ($id > 0 || !empty($ref)) { $isdraft = (($object->status == $object::STATUS_DRAFT) ? 1 : 0); restrictedArea($user, 'bom', $object->id, 'bom_bom', '', '', 'rowid', $isdraft); +$permissiontoadd = $user->rights->bom->write; // Used by the include of actions_addupdatedelete.inc.php and actions_linkedfiles.inc.php + /* * Actions diff --git a/htdocs/comm/action/document.php b/htdocs/comm/action/document.php index f521fa2ab59..c55d4e114cc 100644 --- a/htdocs/comm/action/document.php +++ b/htdocs/comm/action/document.php @@ -88,6 +88,8 @@ if ($user->socid && $socid) { $result = restrictedArea($user, 'societe', $socid); } +$permissiontoadd = $user->rights->agenda->myactions->read; // Used by the include of actions_addupdatedelete.inc.php and actions_linkedfiles.inc.php + /* * Actions diff --git a/htdocs/comm/propal/document.php b/htdocs/comm/propal/document.php index 4e592c8371e..2b21c545c63 100644 --- a/htdocs/comm/propal/document.php +++ b/htdocs/comm/propal/document.php @@ -80,6 +80,8 @@ if (!$sortfield) { $object = new Propal($db); $object->fetch($id, $ref); +$permissiontoadd = $user->rights->propale->creer; + // Security check if (!empty($user->socid)) { $socid = $user->socid; diff --git a/htdocs/commande/document.php b/htdocs/commande/document.php index b4dddc9a1bf..c289112ee9f 100644 --- a/htdocs/commande/document.php +++ b/htdocs/commande/document.php @@ -44,12 +44,6 @@ $confirm = GETPOST('confirm'); $id = GETPOST('id', 'int'); $ref = GETPOST('ref'); -// Security check -if ($user->socid) { - $socid = $user->socid; -} -$result = restrictedArea($user, 'commande', $id, ''); - // Get parameters $limit = GETPOST('limit', 'int') ? GETPOST('limit', 'int') : $conf->liste_limit; $sortfield = GETPOST("sortfield", 'alpha'); @@ -78,6 +72,14 @@ if (!$sortfield) { $object = new Commande($db); +$permissiontoadd = $user->rights->commande->creer; + +// Security check +if ($user->socid) { + $socid = $user->socid; +} +$result = restrictedArea($user, 'commande', $id, ''); + /* * Actions diff --git a/htdocs/compta/facture/document.php b/htdocs/compta/facture/document.php index 664b84d4444..16cdee4ac53 100644 --- a/htdocs/compta/facture/document.php +++ b/htdocs/compta/facture/document.php @@ -72,6 +72,8 @@ if ($object->fetch($id, $ref)) { $upload_dir = $conf->facture->dir_output."/".dol_sanitizeFileName($object->ref); } +$permissiontoadd = $user->rights->facture->creer; + // Security check if ($user->socid) { $socid = $user->socid; diff --git a/htdocs/core/actions_linkedfiles.inc.php b/htdocs/core/actions_linkedfiles.inc.php index 13814511297..750ed2b2d9a 100644 --- a/htdocs/core/actions_linkedfiles.inc.php +++ b/htdocs/core/actions_linkedfiles.inc.php @@ -21,13 +21,14 @@ // Variable $upload_dir must be defined when entering here. // Variable $upload_dirold may also exists. // Variable $confirm must be defined. +// If variable $permissiontoadd is defined, we check it is true. Note: A test on permission should already have been done into the restrictedArea() method called by parent page. //var_dump($upload_dir); //var_dump($upload_dirold); // Submit file/link -if (GETPOST('sendit', 'alpha') && !empty($conf->global->MAIN_UPLOAD_DOC)) { +if (GETPOST('sendit', 'alpha') && !empty($conf->global->MAIN_UPLOAD_DOC) && (!isset($permissiontoadd) || $permissiontoadd)) { if (!empty($_FILES)) { if (is_array($_FILES['userfile']['tmp_name'])) { $userfiles = $_FILES['userfile']['tmp_name']; @@ -65,7 +66,7 @@ if (GETPOST('sendit', 'alpha') && !empty($conf->global->MAIN_UPLOAD_DOC)) { } } } -} elseif (GETPOST('linkit', 'restricthtml') && !empty($conf->global->MAIN_UPLOAD_DOC)) { +} elseif (GETPOST('linkit', 'restricthtml') && !empty($conf->global->MAIN_UPLOAD_DOC) && (!isset($permissiontoadd) || $permissiontoadd)) { $link = GETPOST('link', 'alpha'); if ($link) { if (substr($link, 0, 7) != 'http://' && substr($link, 0, 8) != 'https://' && substr($link, 0, 7) != 'file://' && substr($link, 0, 7) != 'davs://') { @@ -77,7 +78,7 @@ if (GETPOST('sendit', 'alpha') && !empty($conf->global->MAIN_UPLOAD_DOC)) { // Delete file/link -if ($action == 'confirm_deletefile' && $confirm == 'yes') { +if ($action == 'confirm_deletefile' && $confirm == 'yes' && (!isset($permissiontoadd) || $permissiontoadd)) { $urlfile = GETPOST('urlfile', 'alpha', 0, null, null, 1); // Do not use urldecode here ($_GET and $_REQUEST are already decoded by PHP). if (GETPOST('section', 'alpha')) { // For a delete from the ECM module, upload_dir is ECM root dir and urlfile contains relative path from upload_dir @@ -149,7 +150,7 @@ if ($action == 'confirm_deletefile' && $confirm == 'yes') { exit; } } -} elseif ($action == 'confirm_updateline' && GETPOST('save', 'alpha') && GETPOST('link', 'alpha')) { +} elseif ($action == 'confirm_updateline' && GETPOST('save', 'alpha') && GETPOST('link', 'alpha') && (!isset($permissiontoadd) || $permissiontoadd)) { require_once DOL_DOCUMENT_ROOT.'/core/class/link.class.php'; $langs->load('link'); $link = new Link($db); @@ -167,7 +168,7 @@ if ($action == 'confirm_deletefile' && $confirm == 'yes') { } else { //error fetching } -} elseif ($action == 'renamefile' && GETPOST('renamefilesave', 'alpha')) { +} elseif ($action == 'renamefile' && GETPOST('renamefilesave', 'alpha') && (!isset($permissiontoadd) || $permissiontoadd)) { // For documents pages, upload_dir contains already path to file from module dir, so we clean path into urlfile. if (!empty($upload_dir)) { $filenamefrom = dol_sanitizeFileName(GETPOST('renamefilefrom', 'alpha'), '_', 0); // Do not remove accents diff --git a/htdocs/core/ajax/row.php b/htdocs/core/ajax/row.php index 4662c3a1406..96dc792938f 100644 --- a/htdocs/core/ajax/row.php +++ b/htdocs/core/ajax/row.php @@ -49,6 +49,9 @@ if (!defined('NOREQUIRETRAN')) { require '../../main.inc.php'; require_once DOL_DOCUMENT_ROOT.'/core/class/genericobject.class.php'; +// Security check +// This is done later into view. + /* * View @@ -59,16 +62,16 @@ top_httphead(); print ''."\n"; // Registering the location of boxes -if (GETPOST('roworder', 'alpha', 2) && GETPOST('table_element_line', 'aZ09', 2) - && GETPOST('fk_element', 'aZ09', 2) && GETPOST('element_id', 'int', 2)) { - $roworder = GETPOST('roworder', 'alpha', 2); - $table_element_line = GETPOST('table_element_line', 'aZ09', 2); - $fk_element = GETPOST('fk_element', 'aZ09', 2); - $element_id = GETPOST('element_id', 'int', 2); +if (GETPOST('roworder', 'alpha', 3) && GETPOST('table_element_line', 'aZ09', 3) + && GETPOST('fk_element', 'aZ09', 3) && GETPOST('element_id', 'int', 3)) { + $roworder = GETPOST('roworder', 'alpha', 3); + $table_element_line = GETPOST('table_element_line', 'aZ09', 3); + $fk_element = GETPOST('fk_element', 'aZ09', 3); + $element_id = GETPOST('element_id', 'int', 3); dol_syslog("AjaxRow roworder=".$roworder." table_element_line=".$table_element_line." fk_element=".$fk_element." element_id=".$element_id, LOG_DEBUG); - // Make test on pemrission + // Make test on permission $perm = 0; if ($table_element_line == 'propaldet' && $user->rights->propal->creer) { $perm = 1; @@ -92,6 +95,10 @@ if (GETPOST('roworder', 'alpha', 2) && GETPOST('table_element_line', 'aZ09', 2) $perm = 1; } elseif ($table_element_line == 'facture_fourn_det' && $user->rights->fourn->facture->creer) { $perm = 1; + } elseif ($table_element_line == 'ecm_files' && $fk_element == 'fk_product' && (!empty($user->rights->produit->creer) || !empty($user->rights->service->creer))) { + $perm = 1; + } elseif ($table_element_line == 'ecm_files' && $fk_element == 'fk_ticket' && !empty($user->rights->ticket->write)) { + $perm = 1; } else { $tmparray = explode('_', $table_element_line); $tmpmodule = $tmparray[0]; $tmpobject = preg_replace('/line$/', '', $tmparray[1]); @@ -101,7 +108,10 @@ if (GETPOST('roworder', 'alpha', 2) && GETPOST('table_element_line', 'aZ09', 2) } if (! $perm) { + // We should not be here. If we are not allowed to reorder rows, feature should not be visible on script. + // If we are here, it is a hack attempt, so we report a warning. print 'Bad permission to modify position of lines for object in table '.$table_element_line; + dol_syslog('Bad permission to modify position of lines for object in table '.$table_element_line.', fk_element '.$fk_element, LOG_WARNING); accessforbidden('Bad permission to modify position of lines for object in table '.$table_element_line); } diff --git a/htdocs/core/lib/security.lib.php b/htdocs/core/lib/security.lib.php index 1440a02983f..de4d67b1647 100644 --- a/htdocs/core/lib/security.lib.php +++ b/htdocs/core/lib/security.lib.php @@ -350,7 +350,7 @@ function restrictedArea($user, $features, $objectid = 0, $tableandshare = '', $f // Check write permission from module (we need to know write permission to create but also to delete drafts record or to upload files) $createok = 1; $nbko = 0; - $wemustcheckpermissionforcreate = (GETPOST('sendit', 'alpha') || GETPOST('linkit', 'alpha') || GETPOST('action', 'aZ09') == 'create' || GETPOST('action', 'aZ09') == 'update'); + $wemustcheckpermissionforcreate = (GETPOST('sendit', 'alpha') || GETPOST('linkit', 'alpha') || GETPOST('action', 'aZ09') == 'create' || GETPOST('action', 'aZ09') == 'update') || GETPOST('roworder', 'alpha', 2); $wemustcheckpermissionfordeletedraft = ((GETPOST("action", "aZ09") == 'confirm_delete' && GETPOST("confirm", "aZ09") == 'yes') || GETPOST("action", "aZ09") == 'delete'); if ($wemustcheckpermissionforcreate || $wemustcheckpermissionfordeletedraft) { diff --git a/htdocs/modulebuilder/template/myobject_document.php b/htdocs/modulebuilder/template/myobject_document.php index 8598cc3dd18..e3fa6390e93 100644 --- a/htdocs/modulebuilder/template/myobject_document.php +++ b/htdocs/modulebuilder/template/myobject_document.php @@ -124,7 +124,7 @@ if ($id > 0 || !empty($ref)) { $upload_dir = $conf->mymodule->multidir_output[$object->entity ? $object->entity : $conf->entity]."/myobject/".get_exdir(0, 0, 0, 1, $object); } -$permissiontoadd = $user->rights->mymodule->myobject->write; // Used by the include of actions_addupdatedelete.inc.php +$permissiontoadd = $user->rights->mymodule->myobject->write; // Used by the include of actions_addupdatedelete.inc.php and actions_linkedfiles.inc.php // Security check (enable the most restrictive one) //if ($user->socid > 0) accessforbidden(); diff --git a/htdocs/product/document.php b/htdocs/product/document.php index af44521dc05..372e3c19bdc 100644 --- a/htdocs/product/document.php +++ b/htdocs/product/document.php @@ -113,7 +113,7 @@ if ($reshook < 0) { if (empty($reshook)) { // Delete line if product propal merge is linked to a file if (!empty($conf->global->PRODUIT_PDF_MERGE_PROPAL)) { - if ($action == 'confirm_deletefile' && $confirm == 'yes') { + if ($action == 'confirm_deletefile' && $confirm == 'yes' && $permissiontoadd) { //extract file name $urlfile = GETPOST('urlfile', 'alpha'); $filename = basename($urlfile); @@ -131,7 +131,7 @@ if (empty($reshook)) { include DOL_DOCUMENT_ROOT.'/core/actions_linkedfiles.inc.php'; } -if ($action == 'filemerge') { +if ($action == 'filemerge' && $permissiontoadd) { $is_refresh = GETPOST('refresh'); if (empty($is_refresh)) { $filetomerge_file_array = GETPOST('filetoadd'); diff --git a/htdocs/projet/document.php b/htdocs/projet/document.php index 3f9ec04d437..6bb905d6696 100644 --- a/htdocs/projet/document.php +++ b/htdocs/projet/document.php @@ -40,11 +40,6 @@ $ref = GETPOST('ref', 'alpha'); $mine = (GETPOST('mode', 'alpha') == 'mine' ? 1 : 0); //if (! $user->rights->projet->all->lire) $mine=1; // Special for projects -// Security check -$socid = 0; -//if ($user->socid > 0) $socid = $user->socid; // For external user, no check is done on company because readability is managed by public status of project and assignement. -$result = restrictedArea($user, 'projet', $id, 'projet&project'); - $object = new Project($db); include DOL_DOCUMENT_ROOT.'/core/actions_fetchobject.inc.php'; // Must be include, not include_once @@ -82,6 +77,11 @@ if (!$sortfield) { $sortfield = "name"; } +// Security check +$socid = 0; +//if ($user->socid > 0) $socid = $user->socid; // For external user, no check is done on company because readability is managed by public status of project and assignement. +$result = restrictedArea($user, 'projet', $id, 'projet&project'); + /* diff --git a/htdocs/societe/document.php b/htdocs/societe/document.php index 4ed26f67018..653069882e0 100644 --- a/htdocs/societe/document.php +++ b/htdocs/societe/document.php @@ -76,6 +76,7 @@ if ($id > 0 || !empty($ref)) { // Initialize technical object to manage hooks of page. Note that conf->hooks_modules contains array of hook context $hookmanager->initHooks(array('thirdpartydocument', 'globalcard')); +$permissiontoadd = $user->rights->societe->creer; // Used by the include of actions_addupdatedelete.inc.php and actions_lineupdown.inc.php // Security check if ($user->socid > 0) { diff --git a/htdocs/ticket/agenda.php b/htdocs/ticket/agenda.php index 9bf6cbc13c4..fee91e959aa 100644 --- a/htdocs/ticket/agenda.php +++ b/htdocs/ticket/agenda.php @@ -81,12 +81,9 @@ if (!$action) { // Security check $id = GETPOST("id", 'int'); $socid = 0; -//if ($user->socid > 0) $socid = $user->socid; // For external user, no check is done on company because readability is managed by public status of project and assignement. +if ($user->socid > 0) $socid = $user->socid; $result = restrictedArea($user, 'ticket', $id, ''); -if (!$user->rights->ticket->read) { - accessforbidden(); -} // restrict access for externals users if ($user->socid > 0 && ($object->fk_soc != $user->socid)) { accessforbidden(); diff --git a/htdocs/ticket/card.php b/htdocs/ticket/card.php index c4c637754b4..5e2ef1e804b 100644 --- a/htdocs/ticket/card.php +++ b/htdocs/ticket/card.php @@ -112,8 +112,8 @@ if ($id || $track_id || $ref) { $url_page_current = DOL_URL_ROOT.'/ticket/card.php'; // Security check - Protection if external user -//if ($user->socid > 0) accessforbidden(); -//if ($user->socid > 0) $socid = $user->socid; +$socid = 0; +if ($user->socid > 0) $socid = $user->socid; $result = restrictedArea($user, 'ticket', $object->id); $triggermodname = 'TICKET_MODIFY'; diff --git a/htdocs/ticket/contact.php b/htdocs/ticket/contact.php index 7e04dd12104..8d450ffb44b 100644 --- a/htdocs/ticket/contact.php +++ b/htdocs/ticket/contact.php @@ -50,11 +50,6 @@ $source = GETPOST('source', 'alpha'); $ligne = GETPOST('ligne', 'int'); $lineid = GETPOST('lineid', 'int'); -// Protection if external user -if ($user->socid > 0) { - $socid = $user->socid; - accessforbidden(); -} // Store current page url $url_page_current = dol_buildpath('/ticket/contact.php', 1); @@ -62,6 +57,24 @@ $url_page_current = dol_buildpath('/ticket/contact.php', 1); $object = new Ticket($db); +$permissiontoadd = $user->rights->ticket->write; + +// Security check +$id = GETPOST("id", 'int'); +$socid = 0; +if ($user->socid > 0) $socid = $user->socid; +$result = restrictedArea($user, 'ticket', $object->id, ''); + +// restrict access for externals users +if ($user->socid > 0 && ($object->fk_soc != $user->socid)) { + accessforbidden(); +} +// or for unauthorized internals users +if (!$user->socid && (!empty($conf->global->TICKET_LIMIT_VIEW_ASSIGNED_ONLY) && $object->fk_user_assign != $user->id) && !$user->rights->ticket->manage) { + accessforbidden(); +} + + /* * Actions */ diff --git a/htdocs/ticket/document.php b/htdocs/ticket/document.php index 5e4d80cd8be..8edd2787c44 100644 --- a/htdocs/ticket/document.php +++ b/htdocs/ticket/document.php @@ -43,11 +43,6 @@ $track_id = GETPOST('track_id', 'alpha'); $action = GETPOST('action', 'alpha'); $confirm = GETPOST('confirm', 'alpha'); -// Security check -if (!$user->rights->ticket->read) { - accessforbidden(); -} - // Get parameters $limit = GETPOST('limit', 'int') ? GETPOST('limit', 'int') : $conf->liste_limit; $sortfield = GETPOST("sortfield", 'alpha'); @@ -75,6 +70,21 @@ if ($result < 0) { $upload_dir = $conf->ticket->dir_output."/".dol_sanitizeFileName($object->ref); } +$permissiontoadd = $user->rights->ticket->write; + +// Security check - Protection if external user +$result = restrictedArea($user, 'ticket', $object->id); + +// restrict access for externals users +if ($user->socid > 0 && ($object->fk_soc != $user->socid)) { + accessforbidden(); +} +// or for unauthorized internals users +if (!$user->socid && ($conf->global->TICKET_LIMIT_VIEW_ASSIGNED_ONLY && $object->fk_user_assign != $user->id) && !$user->rights->ticket->manage) { + accessforbidden(); +} + + /* * Actions diff --git a/htdocs/ticket/messaging.php b/htdocs/ticket/messaging.php index c3e70def7da..68615424abf 100644 --- a/htdocs/ticket/messaging.php +++ b/htdocs/ticket/messaging.php @@ -76,16 +76,14 @@ if (!$action) { $action = 'view'; } +$permissiontoadd = $user->rights->ticket->write; // Security check $id = GETPOST("id", 'int'); $socid = 0; -//if ($user->socid > 0) $socid = $user->socid; // For external user, no check is done on company because readability is managed by public status of project and assignement. -$result = restrictedArea($user, 'ticket', $id, ''); +if ($user->socid > 0) $socid = $user->socid; +$result = restrictedArea($user, 'ticket', $object->id, ''); -if (!$user->rights->ticket->read) { - accessforbidden(); -} // restrict access for externals users if ($user->socid > 0 && ($object->fk_soc != $user->socid)) { accessforbidden(); @@ -96,7 +94,6 @@ if (!$user->socid && (!empty($conf->global->TICKET_LIMIT_VIEW_ASSIGNED_ONLY) && } - /* * Actions */ From f51e892a97a70c224fe37061ef46a4921ca660e8 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Tue, 18 May 2021 02:06:35 +0200 Subject: [PATCH 105/105] Fix phpcs --- htdocs/admin/dict.php | 28 +++++++++++++-------------- htdocs/user/class/api_users.class.php | 6 +++--- 2 files changed, 17 insertions(+), 17 deletions(-) diff --git a/htdocs/admin/dict.php b/htdocs/admin/dict.php index 2004ccf86b9..d03574d473b 100644 --- a/htdocs/admin/dict.php +++ b/htdocs/admin/dict.php @@ -869,13 +869,13 @@ if (GETPOST('actionadd') || GETPOST('actionmodify')) { $keycode = $value; } - if ($value == 'price' || preg_match('/^amount/i', $value)) { - $_POST[$keycode] = price2num(GETPOST($keycode), 'MU'); - } elseif ($value == 'taux' || $value == 'localtax1') { - $_POST[$keycode] = price2num(GETPOST($keycode), 8); // Note that localtax2 can be a list of rates separated by coma like X:Y:Z - } elseif ($value == 'entity') { - $_POST[$keycode] = getEntity($tabname[$id]); - } + if ($value == 'price' || preg_match('/^amount/i', $value)) { + $_POST[$keycode] = price2num(GETPOST($keycode), 'MU'); + } elseif ($value == 'taux' || $value == 'localtax1') { + $_POST[$keycode] = price2num(GETPOST($keycode), 8); // Note that localtax2 can be a list of rates separated by coma like X:Y:Z + } elseif ($value == 'entity') { + $_POST[$keycode] = getEntity($tabname[$id]); + } if ($i) { $sql .= ","; @@ -938,13 +938,13 @@ if (GETPOST('actionadd') || GETPOST('actionmodify')) { $keycode = $field; } - if ($field == 'price' || preg_match('/^amount/i', $field)) { - $_POST[$keycode] = price2num(GETPOST($keycode), 'MU'); - } elseif ($field == 'taux' || $field == 'localtax1') { - $_POST[$keycode] = price2num(GETPOST($keycode), 8); // Note that localtax2 can be a list of rates separated by coma like X:Y:Z - } elseif ($field == 'entity') { - $_POST[$keycode] = getEntity($tabname[$id]); - } + if ($field == 'price' || preg_match('/^amount/i', $field)) { + $_POST[$keycode] = price2num(GETPOST($keycode), 'MU'); + } elseif ($field == 'taux' || $field == 'localtax1') { + $_POST[$keycode] = price2num(GETPOST($keycode), 8); // Note that localtax2 can be a list of rates separated by coma like X:Y:Z + } elseif ($field == 'entity') { + $_POST[$keycode] = getEntity($tabname[$id]); + } if ($i) { $sql .= ","; diff --git a/htdocs/user/class/api_users.class.php b/htdocs/user/class/api_users.class.php index a21db2b521b..e760997f3c8 100644 --- a/htdocs/user/class/api_users.class.php +++ b/htdocs/user/class/api_users.class.php @@ -48,7 +48,7 @@ class Users extends DolibarrApi public function __construct() { global $db, $conf; - + $this->db = $db; $this->useraccount = new User($this->db); } @@ -73,8 +73,8 @@ class Users extends DolibarrApi global $conf; if (empty(DolibarrApiAccess::$user->rights->user->user->lire) && empty(DolibarrApiAccess::$user->admin)) { - throw new RestException(401, "You are not allowed to read list of users"); - } + throw new RestException(401, "You are not allowed to read list of users"); + } $obj_ret = array();