lainwir3d/dolibarr
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fetched from dolibarr/dolibarr

Browse Source
This commit is contained in:
Gerhard Stephan 2018-02-15 16:02:13 +01:00
parent 520f581481
commit 93965e857b
43 changed files with 926 additions and 192 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
ChangeLog
View File

@ -14,11 +14,13 @@ Following changes may create regressions for some external modules, but were nec
***** ChangeLog for 7.0.0 compared to 6.0.5 *****
For users:
NEW: Add a preview icon after files that can be previewed (pdf + images)
NEW: When payment is registered, PDF of invoices are also regenerated so payments
appears with no need to click on regenerate.
NEW: #5711 Add shipment line deleting and editing for draft shipments.
NEW: Accept substitution key __(ABC)__ replaced with value of translation of key ABC
NEW: Accept substitution key __[ABC]__ replaced with value of const ABC
NEW: Accountancy Add variant on sell account for intracommunity sales & export sales
NEW: Accountancy Add fields for sale accounting account for intracommunity sales & export sales
NEW: Add a button "Activate all services" on contracts
NEW: Add a confirmation for all mass action 'delete'
NEW: Add a group task line for tasks on same level on gantt diagram
@ -583,7 +585,9 @@ Following changes may create regression for some external modules, but were nece
exists, but if an external module need action on it, it must provides itself its trigger file.
* Use $conf->global->MULTICOMPANY_TRANSVERSE_MODE instead $conf->multicompany->transverse_mode. So, if you set var
$multicompany_transverse_mode to 1 into your conf file, you must remove this line and a new key into
the Home - setup - other admin page.
the Home - setup - other admin page.
* If you use Multicompany transverse mode, it will be necessary to check the activation of the modules in the children
entities and to review completely the rights of the groups and the users.
* Use getEntity('xxx') instead getEntity('xxx', 1) and use getEntity('xxx', 0) instead getEntity('xxx')
* Some other change were done in the way we read permission of a user when module multicompany is enabled. You can
retreive the old behavior by adding constant MULTICOMPANY_BACKWARD_COMPATIBILITY to 1.

4
htdocs/adherents/type.php
View File

@ -107,7 +107,7 @@ if ($action == 'add' && $user->rights->adherent->configurer)
$object->subscription = (int) trim($subscription);
$object->note = trim($comment);
$object->mail_valid = trim($mail_valid);
$object->vote = trim($vote);
$object->vote = (boolean) trim($vote);
// Fill array 'array_options' with data from add form
$ret = $extrafields->setOptionalsFromPost($extralabels,$object);
@ -160,7 +160,7 @@ if ($action == 'update' && $user->rights->adherent->configurer)
$object->subscription = (int) trim($subscription);
$object->note = trim($comment);
$object->mail_valid = trim($mail_valid);
$object->vote = trim($vote);
$object->vote = (boolean) trim($vote);
// Fill array 'array_options' with data from add form
$ret = $extrafields->setOptionalsFromPost($extralabels,$object);

10
htdocs/comm/propal/card.php
View File

@ -104,8 +104,11 @@ if ($id > 0 || ! empty($ref)) {
$ret = $object->fetch($id, $ref);
if ($ret > 0)
$ret = $object->fetch_thirdparty();
if ($ret < 0)
dol_print_error('', $object->error);
if ($ret <= 0)
{
setEventMessages($object->error, $object->errors, 'errors');
$action = '';
}
}
// Initialize technical object to manage hooks of page. Note that conf->hooks_modules contains array of hook context
@ -1711,7 +1714,7 @@ if ($action == 'create')
print '</table>';
}
} else {
} elseif ($object->id > 0) {
/*
* Show object in view mode
*/
@ -1818,7 +1821,6 @@ if ($action == 'create')
$linkback = '<a href="' . DOL_URL_ROOT . '/comm/propal/list.php?restore_lastsearch_values=1' . (! empty($socid) ? '&socid=' . $socid : '') . '">' . $langs->trans("BackToList") . '</a>';
$morehtmlref='<div class="refidno">';
// Ref customer
$morehtmlref.=$form->editfieldkey("RefCustomer", 'ref_client', $object->ref_client, $object, $user->rights->propal->creer, 'string', '', 0, 1);

3
htdocs/compta/facture/class/facture.class.php
View File

@ -3004,6 +3004,9 @@ class Facture extends CommonInvoice
$line->total_ttc = $tabprice[2];
$line->total_localtax1 = $tabprice[9];
$line->total_localtax2 = $tabprice[10];
$line->multicurrency_total_ht = $tabprice[16];
$line->multicurrency_total_tva = $tabprice[17];
$line->multicurrency_total_ttc = $tabprice[18];
$line->update($user);
$this->update_price(1);
$this->db->commit();

14
htdocs/compta/sociales/class/chargesociales.class.php
View File

@ -156,6 +156,7 @@ class ChargeSociales extends CommonObject
function create($user)
{
global $conf;
$error=0;
$now=dol_now();
@ -191,8 +192,17 @@ class ChargeSociales extends CommonObject
$this->id=$this->db->last_insert_id(MAIN_DB_PREFIX."chargesociales");
//dol_syslog("ChargesSociales::create this->id=".$this->id);
$this->db->commit();
return $this->id;
$result=$this->call_trigger('PAYMENTSOCIALCONTRIBUTION_CREATE',$user);
if ($result < 0) $error++;
if(empty($error)) {
$this->db->commit();
return $this->id;
}
else {
$this->db->rollback();
return -1*$error;
}
}
else
{

3
htdocs/compta/tva/class/tva.class.php
View File

@ -670,6 +670,9 @@ class Tva extends CommonObject
$linkclose='';
if (empty($notooltip))
{
if (! empty($conf->global->MAIN_OPTIMIZEFORTEXTBROWSER))
{
$label=$langs->trans("ShowMyObject");

16
htdocs/contrat/card.php
View File

@ -1561,7 +1561,7 @@ else
if ($action != 'editline' || GETPOST('rowid') != $objp->rowid)
{
print '<tr '.$bcnd[$var].' valign="top">';
print '<tr '.$bcnd[$var].' class="tdtop">';
// Label
if ($objp->fk_product > 0)
{
@ -1571,12 +1571,10 @@ else
$productstatic->ref=$objp->pref;
$productstatic->entity=$objp->pentity;
$productstatic->label=$objp->plabel;
$text = $productstatic->getNomUrl(1,'',20);
$text = $productstatic->getNomUrl(1,'',32);
if ($objp->plabel)
{
$text .= ' - ';
//$productstatic->ref=$objp->label;
//$text .= $productstatic->getNomUrl(0,'',16);
$text .= $objp->plabel;
}
$description = $objp->description;
@ -1713,8 +1711,8 @@ else
$productstatic->type=$objp->ptype;
$productstatic->ref=$objp->pref;
$productstatic->entity=$objp->pentity;
print $productstatic->getNomUrl(1,'',20);
print $objp->label?' - '.dol_trunc($objp->label,16):'';
print $productstatic->getNomUrl(1,'',32);
print $objp->label?' - '.dol_trunc($objp->label,32):'';
print '<br>';
}
else
@ -1822,7 +1820,7 @@ else
'text' => $langs->trans("ConfirmMoveToAnotherContractQuestion"),
array('type' => 'select', 'name' => 'newcid', 'values' => $arraycontractid));
$form->form_confirm($_SERVER["PHP_SELF"]."?id=".$object->id."&lineid=".GETPOST('rowid'),$langs->trans("MoveToAnotherContract"),$langs->trans("ConfirmMoveToAnotherContract"),"confirm_move",$formquestion);
print $form->formconfirm($_SERVER["PHP_SELF"]."?id=".$object->id."&lineid=".GETPOST('rowid'),$langs->trans("MoveToAnotherContract"),$langs->trans("ConfirmMoveToAnotherContract"),"confirm_move",$formquestion);
print '<table class="notopnoleftnoright" width="100%"><tr class="oddeven" height="6"><td></td></tr></table>';
}
@ -1834,7 +1832,7 @@ else
$dateactstart = dol_mktime(12, 0, 0, GETPOST('remonth'), GETPOST('reday'), GETPOST('reyear'));
$dateactend = dol_mktime(12, 0, 0, GETPOST('endmonth'), GETPOST('endday'), GETPOST('endyear'));
$comment = GETPOST('comment','alpha');
$form->form_confirm($_SERVER["PHP_SELF"]."?id=".$object->id."&ligne=".GETPOST('ligne')."&date=".$dateactstart."&dateend=".$dateactend."&comment=".urlencode($comment),$langs->trans("ActivateService"),$langs->trans("ConfirmActivateService",dol_print_date($dateactstart,"%A %d %B %Y")),"confirm_active", '', 0, 1);
print $form->formconfirm($_SERVER["PHP_SELF"]."?id=".$object->id."&ligne=".GETPOST('ligne')."&date=".$dateactstart."&dateend=".$dateactend."&comment=".urlencode($comment),$langs->trans("ActivateService"),$langs->trans("ConfirmActivateService",dol_print_date($dateactstart,"%A %d %B %Y")),"confirm_active", '', 0, 1);
print '<table class="notopnoleftnoright" width="100%"><tr class="oddeven" height="6"><td></td></tr></table>';
}
@ -1853,7 +1851,7 @@ else
}
else
{
$form->form_confirm($_SERVER["PHP_SELF"]."?id=".$object->id."&ligne=".GETPOST('ligne','int')."&date=".$dateactstart."&dateend=".$dateactend."&comment=".urlencode($comment), $langs->trans("CloseService"), $langs->trans("ConfirmCloseService",dol_print_date($dateactend,"%A %d %B %Y")), "confirm_closeline", '', 0, 1);
print $form->formconfirm($_SERVER["PHP_SELF"]."?id=".$object->id."&ligne=".GETPOST('ligne','int')."&date=".$dateactstart."&dateend=".$dateactend."&comment=".urlencode($comment), $langs->trans("CloseService"), $langs->trans("ConfirmCloseService",dol_print_date($dateactend,"%A %d %B %Y")), "confirm_closeline", '', 0, 1);
}
print '<table class="notopnoleftnoright" width="100%"><tr class="oddeven" height="6"><td></td></tr></table>';
}

3
htdocs/contrat/services_list.php
View File

@ -75,7 +75,7 @@ $opclotureyear=GETPOST('opclotureyear');
$filter_opcloture=GETPOST('filter_opcloture');
// Initialize context for list
$contextpage=GETPOST('contextpage','aZ')?GETPOST('contextpage','aZ'):'servicelist'.$mode;
$contextpage=GETPOST('contextpage','aZ')?GETPOST('contextpage','aZ'):'contractservicelist'.$mode;
// Initialize technical object to manage hooks of page. Note that conf->hooks_modules contains array of hook context
$hookmanager->initHooks(array($contextpage));
@ -483,7 +483,6 @@ if (! empty($arrayfields['cd.date_cloture']['checked']))
print '</td>';
}
// Extra fields
// Extra fields
include DOL_DOCUMENT_ROOT.'/core/tpl/extrafields_list_search_input.tpl.php';
// Fields from hook

17
htdocs/contrat/tpl/linkedobjectblock.tpl.php
View File

@ -1,5 +1,6 @@
<?php
/* Copyright (C) 2010-2011 Regis Houssin <regis.houssin@capnetworks.com>
* Copyright (C) 2018 Juanjo Menent <jmenent@2byte.es>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -50,10 +51,22 @@ foreach($linkedObjectBlock as $key => $objectlink)
<td><?php echo $objectlink->getNomUrl(1); ?></td>
<td></td>
<td align="center"><?php echo dol_print_date($objectlink->date_contrat,'day'); ?></td>
<td align="right"><?php // var_dump($objectlink->total_ttc); ?></td>
<td align="right"><?php
// Price of contract is not shown by default because a contract is a list of service with
// start and end date that change with time andd that may be different that the period of reference for price.
// So price of a contract does often means nothing. Prices is on the different invoices done on same contract.
if ($user->rights->contrat->lire && empty($conf->global->CONTRACT_SHOW_TOTAL_OF_PRODUCT_AS_PRICE))
{
$totalcontrat = 0;
foreach ($objectlink->lines as $linecontrat) {
$totalcontrat = $totalcontrat + $linecontrat->total_ht;
$total = $total + $linecontrat->total_ht;
}
echo price($totalcontrat);
} ?></td>
<td align="right"><?php echo $objectlink->getLibStatut(7); ?></td>
<td align="right"><a href="<?php echo $_SERVER["PHP_SELF"].'?id='.$object->id.'&action=dellink&dellinkid='.$key; ?>"><?php echo img_delete($langs->transnoentitiesnoconv("RemoveLink")); ?></a></td>
</tr>
<?php } ?>
<!-- END PHP TEMPLATE -->
<!-- END PHP TEMPLATE -->

85
htdocs/core/actions_linkedfiles.inc.php
View File

@ -182,37 +182,70 @@ elseif ($action == 'renamefile' && GETPOST('renamefilesave','alpha'))
$filenamefrom=dol_sanitizeFileName(GETPOST('renamefilefrom','alpha'), '_', 0); // Do not remove accents
$filenameto=dol_sanitizeFileName(GETPOST('renamefileto','alpha'), '_', 0); // Do not remove accents
// Security:
// Disallow file with some extensions. We rename them.
// Because if we put the documents directory into a directory inside web root (very bad), this allows to execute on demand arbitrary code.
if (preg_match('/\.htm|\.html|\.php|\.pl|\.cgi$/i',$filenameto) && empty($conf->global->MAIN_DOCUMENT_IS_OUTSIDE_WEBROOT_SO_NOEXE_NOT_REQUIRED))
if ($filenamefrom != $filenameto)
{
$filenameto.= '.noexe';
}
// Security:
// Disallow file with some extensions. We rename them.
// Because if we put the documents directory into a directory inside web root (very bad), this allows to execute on demand arbitrary code.
if (preg_match('/\.htm|\.html|\.php|\.pl|\.cgi$/i',$filenameto) && empty($conf->global->MAIN_DOCUMENT_IS_OUTSIDE_WEBROOT_SO_NOEXE_NOT_REQUIRED))
{
$filenameto.= '.noexe';
}
if ($filenamefrom && $filenameto)
{
$srcpath = $upload_dir.'/'.$filenamefrom;
$destpath = $upload_dir.'/'.$filenameto;
if ($filenamefrom && $filenameto)
{
$srcpath = $upload_dir.'/'.$filenamefrom;
$destpath = $upload_dir.'/'.$filenameto;
$result = dol_move($srcpath, $destpath);
if ($result)
{
if ($object->id)
{
$object->addThumbs($destpath);
}
$result = dol_move($srcpath, $destpath);
if ($result)
{
if ($object->id)
{
$object->addThumbs($destpath);
}
// TODO Add revert function of addThumbs to remove for old name
//$object->delThumbs($srcpath);
// TODO Add revert function of addThumbs to remove for old name
//$object->delThumbs($srcpath);
setEventMessages($langs->trans("FileRenamed"), null);
}
else
{
$langs->load("errors"); // key must be loaded because we can't rely on loading during output, we need var substitution to be done now.
setEventMessages($langs->trans("ErrorFailToRenameFile", $filenamefrom, $filenameto), null, 'errors');
}
setEventMessages($langs->trans("FileRenamed"), null);
}
else
{
$langs->load("errors"); // key must be loaded because we can't rely on loading during output, we need var substitution to be done now.
setEventMessages($langs->trans("ErrorFailToRenameFile", $filenamefrom, $filenameto), null, 'errors');
}
}
}
}
// Update properties in ECM table
if (GETPOST('ecmfileid', 'int') > 0)
{
$shareenabled = GETPOST('shareenabled', 'alpha');
include_once DOL_DOCUMENT_ROOT.'/ecm/class/ecmfiles.class.php';
$ecmfile=new EcmFiles($db);
$result = $ecmfile->fetch(GETPOST('ecmfileid', 'int'));
if ($result > 0)
{
if ($shareenabled)
{
if (empty($ecmfile->share))
{
require_once DOL_DOCUMENT_ROOT.'/core/lib/security2.lib.php';
$ecmfile->share = getRandomPassword(true);
}
}
else
{
$ecmfile->share = '';
}
$result = $ecmfile->update($user);
if ($result < 0)
{
setEventMessages($ecmfile->error, $ecmfile->errors, 'warnings');
}
}
}
}

18
htdocs/core/class/commondocgenerator.class.php
View File

@ -425,7 +425,7 @@ abstract class CommonDocGenerator
{
$object->fetch_projet();
}
$resarray[$array_key.'_project_ref'] = $object->project->ref;
$resarray[$array_key.'_project_title'] = $object->project->title;
$resarray[$array_key.'_project_description'] = $object->project->description;
@ -510,7 +510,7 @@ abstract class CommonDocGenerator
'line_multicurrency_total_tva_locale' => price($line->multicurrency_total_tva, 0, $outputlangs),
'line_multicurrency_total_ttc_locale' => price($line->multicurrency_total_ttc, 0, $outputlangs),
);
// Units
if ($conf->global->PRODUCT_USE_UNITS)
{
@ -527,16 +527,16 @@ abstract class CommonDocGenerator
$line->fetch_optionals($line->rowid,$extralabels);
$resarray = $this->fill_substitutionarray_with_extrafields($line,$resarray,$extrafields,$array_key=$array_key,$outputlangs);
// Load product data optional fields to the line -> enables to use "line_options_{extrafield}"
if (isset($line->product_ref))
if (isset($line->fk_product) && $line->fk_product > 0)
{
$product = new Product($this->db);
$result = $product->fetch(null, $line->product_ref);
foreach($product->array_options as $key=>$label)
$tmpproduct = new Product($this->db);
$result = $tmpproduct->fetch($line->fk_product);
foreach($tmpproduct->array_options as $key=>$label)
$resarray["line_".$key] = $label;
}
}
return $resarray;
}

2
htdocs/core/class/commonobject.class.php
View File

@ -3496,7 +3496,7 @@ abstract class CommonObject
/**
* Return if a country is inside the EEC (European Economic Community)
* @deprecated
* @deprecated Use function isInEEC function instead
*
* @return boolean true = country inside EEC, false = country outside EEC
*/

11
htdocs/core/class/html.form.class.php
View File

@ -646,9 +646,10 @@ class Form
* @param integer $maxlength Max length for labels (0=no limit)
* @param string $morecss More css class
* @param string $usecodeaskey 'code3'=Use code on 3 alpha as key, 'code2"=Use code on 2 alpha as key
* @param int $showempty Show empty choice
* @return string HTML string with select
*/
function select_country($selected='',$htmlname='country_id',$htmloption='',$maxlength=0,$morecss='minwidth300',$usecodeaskey='')
function select_country($selected='', $htmlname='country_id', $htmloption='', $maxlength=0, $morecss='minwidth300', $usecodeaskey='', $showempty=1)
{
global $conf,$langs;
@ -693,20 +694,22 @@ class Form
foreach ($countryArray as $row)
{
if (empty($showempty) && empty($row['rowid'])) continue;
if ($row['favorite'] && $row['code_iso']) $atleastonefavorite++;
if (empty($row['favorite']) && $atleastonefavorite)
{
$atleastonefavorite=0;
$out.= '<option a value="" disabled class="selectoptiondisabledwhite">----------------------</option>';
$out.= '<option value="" disabled class="selectoptiondisabledwhite">----------------------</option>';
}
if ($selected && $selected != '-1' && ($selected == $row['rowid'] || $selected == $row['code_iso'] || $selected == $row['code_iso3'] || $selected == $row['label']) )
{
$foundselected=true;
$out.= '<option b value="'.($usecodeaskey?($usecodeaskey=='code2'?$row['code_iso']:$row['code_iso3']):$row['rowid']).'" selected>';
$out.= '<option value="'.($usecodeaskey?($usecodeaskey=='code2'?$row['code_iso']:$row['code_iso3']):$row['rowid']).'" selected>';
}
else
{
$out.= '<option c value="'.($usecodeaskey?($usecodeaskey=='code2'?$row['code_iso']:$row['code_iso3']):$row['rowid']).'">';
$out.= '<option value="'.($usecodeaskey?($usecodeaskey=='code2'?$row['code_iso']:$row['code_iso3']):$row['rowid']).'">';
}
if ($row['label']) $out.= dol_trunc($row['label'],$maxlength,'middle');
else $out.= '&nbsp;';

61
htdocs/core/class/html.formfile.class.php
View File

@ -938,7 +938,7 @@ class FormFile
* @param string $url Full url to use for click links ('' = autodetect)
* @param int $showrelpart 0=Show only filename (default), 1=Show first level 1 dir
* @param int $permtoeditline Permission to edit document line (You must provide a value, -1 is deprecated and must not be used any more)
* @param string $upload_dir Full path directory so we can know dir relative to MAIN_DATA_ROOT. Fill this if you want to complete file data with database indexes.
* @param string $upload_dir Full path directory so we can know dir relative to MAIN_DATA_ROOT. Fill this to complete file data with database indexes.
* @param string $sortfield Sort field ('name', 'size', 'position', ...)
* @param string $sortorder Sort order ('ASC' or 'DESC')
* @param int $disablemove 1=Disable move button, 0=Position move is possible.
@ -951,6 +951,7 @@ class FormFile
global $user, $conf, $langs, $hookmanager;
global $bc,$bcdd;
global $sortfield, $sortorder, $maxheightmini;
global $dolibarr_main_url_root;
// Define relative path used to store the file
if (empty($relativepath))
@ -1038,6 +1039,7 @@ class FormFile
print '<td></td>';
if (empty($useinecm)) print '<td></td>';
print '<td></td>';
print '<td></td>';
if (! $disablemove) print '<td></td>';
print "</tr>\n";
}
@ -1047,7 +1049,8 @@ class FormFile
print_liste_field_titre('Documents2',$url,"name","",$param,'align="left"',$sortfield,$sortorder);
print_liste_field_titre('Size',$url,"size","",$param,'align="right"',$sortfield,$sortorder);
print_liste_field_titre('Date',$url,"date","",$param,'align="center"',$sortfield,$sortorder);
if (empty($useinecm)) print_liste_field_titre('',$url,"","",$param,'align="center"');
if (empty($useinecm)) print_liste_field_titre('',$url,"","",$param,'align="center"'); // Preview
print_liste_field_titre('');
print_liste_field_titre('');
if (! $disablemove) print_liste_field_titre('');
print "</tr>\n";
@ -1063,7 +1066,6 @@ class FormFile
//var_dump($sortfield);
$filearray=dol_sort_array($filearray, $sortfield, $sortorder);
}
//var_dump($filearray);
}
$nboffiles=count($filearray);
@ -1146,6 +1148,48 @@ class FormFile
else print '&nbsp;';
print '</td>';
}
// Hash of file (only if we are in a mode where a scan of dir were done and we have id of file in ECM table)
print '<td align="center">';
if ($relativedir && $filearray[$key]['rowid'] > 0)
{
if ($editline)
{
print $langs->trans("FileSharedViaALink").' ';
print '<input class="inline-block" type="checkbox" name="shareenabled"'.($file['share']?' checked="checked"':'').' /> ';
}
else
{
if ($file['share'])
{
// Define $urlwithroot
$urlwithouturlroot=preg_replace('/'.preg_quote(DOL_URL_ROOT,'/').'$/i','',trim($dolibarr_main_url_root));
$urlwithroot=$urlwithouturlroot.DOL_URL_ROOT; // This is to use external domain name found into config file
//$urlwithroot=DOL_MAIN_URL_ROOT; // This is to use same domain name than current
//print '<span class="opacitymedium">'.$langs->trans("Hash").' : '.$file['share'].'</span>';
$forcedownload=0;
$paramlink='';
if (! empty($file['share'])) $paramlink.=($paramlink?'&':'').'hashp='.$file['share']; // Hash for public share
if ($forcedownload) $paramlink.=($paramlink?'&':'').'attachment=1';
$fulllink=$urlwithroot.'/document.php'.($paramlink?'?'.$paramlink:'');
//if (! empty($object->ref)) $fulllink.='&hashn='.$object->ref; // Hash of file path
//elseif (! empty($object->label)) $fulllink.='&hashc='.$object->label; // Hash of file content
print img_picto($langs->trans("FileSharedViaALink"),'object_globe.png').' ';
print '<input type="text" class="quatrevingtpercent" id="downloadlink" name="downloadexternallink" value="'.dol_escape_htmltag($fulllink).'">';
//print ' <a href="'.$fulllink.'">'.$langs->trans("Download").'</a>'; // No target here
}
else
{
//print '<span class="opacitymedium">'.$langs->trans("FileNotShared").'</span>';
}
}
}
print '</td>';
// Actions buttons
if (! $editline)
{
// Delete or view link
@ -1215,6 +1259,7 @@ class FormFile
else
{
print '<td class="right">';
print '<input type="hidden" name="ecmfileid" value="'.$filearray[$key]['rowid'].'">';
print '<input type="submit" class="button" name="renamefilesave" value="'.dol_escape_htmltag($langs->trans("Save")).'">';
print '<input type="submit" class="button" name="cancel" value="'.dol_escape_htmltag($langs->trans("Cancel")).'">';
print '</td>';
@ -1227,9 +1272,9 @@ class FormFile
}
if ($nboffiles == 0)
{
$colspan=(empty($useinecm)?'5':'5');
if (empty($disablemove)) $colspan++;
print '<tr '.$bc[false].'><td colspan="'.$colspan.'" class="opacitymedium">';
$colspan=(empty($useinecm)?'6':'6');
if (empty($disablemove)) $colspan++; // 6 columns or 7
print '<tr class="oddeven"><td colspan="'.$colspan.'" class="opacitymedium">';
if (empty($textifempty)) print $langs->trans("NoFileFound");
else print $textifempty;
print '</td></tr>';
@ -1244,6 +1289,8 @@ class FormFile
}
}
print ajax_autoselect('downloadlink');
if (GETPOST('action','aZ09') == 'editfile' && $permtoeditline)
{
print '</form>';
@ -1297,8 +1344,8 @@ class FormFile
if (! empty($addfilterfields))
{
print '<tr class="liste_titre nodrag nodrop">';
print '<td><input type="text" class="maxwidth100onsmartphone" name="search_doc_ref" value="'.dol_escape_htmltag($search_doc_ref).'"></td>';
print '<td></td>';
print '<td><input type="text" class="maxwidth100onsmartphone" name="search_doc_ref" value="'.dol_escape_htmltag($search_doc_ref).'"></td>';
print '<td></td>';
print '<td></td>';
// Action column

2
htdocs/core/class/translate.class.php
View File

@ -129,7 +129,7 @@ class Translate
* Return active language code for current user
* It's an accessor for this->defaultlang
*
* @param int $mode 0=Long language code, 1=Short language code
* @param int $mode 0=Long language code, 1=Short language code (en, fr, es, ...)
* @return string Language code used (en_US, en_AU, fr_FR, ...)
*/
function getDefaultLang($mode=0)

18
htdocs/core/lib/ajax.lib.php
View File

@ -358,24 +358,6 @@ function ajax_dialog($title,$message,$w=350,$h=150)
}
/**
* Make content of an input box selected when we click into input field.
*
* @param string $htmlname Id of html object
* @param string $addlink Add a 'link to' after
*/
function ajax_autoselect($htmlname, $addlink='')
{
global $langs;
$out = '<script type="text/javascript">
jQuery(document).ready(function () {
jQuery("#'.$htmlname.'").click(function() { jQuery(this).select(); } );
});
</script>';
if ($addlink) $out.=' <a href="'.$addlink.'" target="_blank">'.$langs->trans("Link").'</a>';
return $out;
}
/**
* Convert a html select field into an ajax combobox.
* Use ajax_combobox() only for small combo list! If not, use instead ajax_autocompleter().

2
htdocs/core/lib/company.lib.php
View File

@ -573,7 +573,7 @@ function getFormeJuridiqueLabel($code)
}
/**
* Return if a country is inside the EEC (European Economic Community)
* Return if a country of an object is inside the EEC (European Economic Community)
* TODO Add a field into country dictionary.
*
* @param Object $object Object

7
htdocs/core/lib/files.lib.php
View File

@ -225,7 +225,8 @@ function dol_dir_list_in_database($path, $filter="", $excludefilter=null, $sortc
{
global $conf, $db;
$sql=" SELECT rowid, label, entity, filename, filepath, fullpath_orig, keywords, cover, gen_or_uploaded, extraparams, date_c, date_m, fk_user_c, fk_user_m, acl, position";
$sql =" SELECT rowid, label, entity, filename, filepath, fullpath_orig, keywords, cover, gen_or_uploaded, extraparams, date_c, date_m, fk_user_c, fk_user_m,";
$sql.=" acl, position, share";
if ($mode) $sql.=", description";
$sql.=" FROM ".MAIN_DB_PREFIX."ecm_files";
$sql.=" WHERE filepath = '".$db->escape($path)."'";
@ -258,7 +259,8 @@ function dol_dir_list_in_database($path, $filter="", $excludefilter=null, $sortc
"keywords" => $obj->keywords,
"cover" => $obj->cover,
"position" => (int) $obj->position,
"acl" => $obj->acl
"acl" => $obj->acl,
"share" => $obj->share
);
}
$i++;
@ -318,6 +320,7 @@ function completeFileArrayWithDatabaseInfo(&$filearray, $relativedir)
$filearray[$key]['acl']=$filearrayindatabase[$key2]['acl'];
$filearray[$key]['rowid']=$filearrayindatabase[$key2]['rowid'];
$filearray[$key]['label']=$filearrayindatabase[$key2]['label'];
$filearray[$key]['share']=$filearrayindatabase[$key2]['share'];
$found=1;
break;
}

276
htdocs/core/lib/functions.lib.php
View File

@ -2223,13 +2223,263 @@ function dol_print_phone($phone,$countrycode='',$cid=0,$socid=0,$addlink='',$sep
}
}
if (strtoupper($countrycode) == "CA")
elseif (strtoupper($countrycode) == "CA")
{
if (dol_strlen($phone) == 10) {
$newphone=($separ!=''?'(':'').substr($newphone,0,3).($separ!=''?')':'').$separ.substr($newphone,3,3).($separ!=''?'-':'').substr($newphone,6,4);
}
}
elseif (strtoupper($parameters['countrycode']) == "PT" )
{//Portugal
if (dol_strlen($object) == 13)
{//ex: +351_ABC_DEF_GHI
$newphone= substr($newphone,0,4).$separ.substr($newphone,4,3).$separ.substr($newphone,7,3).$separ.substr($newphone,10,3);
}
}
elseif (strtoupper($parameters['countrycode']) == "SR" )
{//Suriname
if (dol_strlen($object) == 10)
{//ex: +597_ABC_DEF
$newphone= substr($newphone,0,4).$separ.substr($newphone,4,3).$separ.substr($newphone,7,3);
}
elseif (dol_strlen($object) == 11)
{//ex: +597_ABC_DEFG
$newphone= substr($newphone,0,4).$separ.substr($newphone,4,3).$separ.substr($newphone,7,4);
}
}
elseif (strtoupper($parameters['countrycode']) == "DE" )
{//Allemagne
if (dol_strlen($object) == 14)
{//ex: +49_ABCD_EFGH_IJK
$newphone= substr($newphone,0,3).$separ.substr($newphone,3,4).$separ.substr($newphone,7,4).$separ.substr($newphone,11,3);
}
elseif (dol_strlen($object) == 13)
{//ex: +49_ABC_DEFG_HIJ
$newphone= substr($newphone,0,3).$separ.substr($newphone,3,3).$separ.substr($newphone,6,4).$separ.substr($newphone,10,3);
}
}
elseif (strtoupper($parameters['countrycode']) == "ES")
{//Espagne
if (dol_strlen($object) == 12)
{//ex: +34_ABC_DEF_GHI
$newphone= substr($newphone,0,3).$separ.substr($newphone,3,3).$separ.substr($newphone,6,3).$separ.substr($newphone,9,3);
}
}
elseif (strtoupper($parameters['countrycode']) == "BF")
{// Burkina Faso
if (dol_strlen($newphone) == 12)
{//ex : +22 A BC_DE_FG_HI
$newphone= substr($newphone,0,3).$separ.substr($newphone,3,1).$separ.substr($newphone,4,2).$separ.substr($newphone,6,2).$separ.substr($newphone,8,2).$separ.substr($newphone,10,2);
}
}
elseif (strtoupper($parameters['countrycode']) == "RO")
{// Roumanie
if (dol_strlen($newphone) == 12)
{//ex : +40 AB_CDE_FG_HI
$newphone= substr($newphone,0,3).$separ.substr($newphone,3,2).$separ.substr($newphone,5,3).$separ.substr($newphone,8,2).$separ.substr($newphone,10,2);
}
}
elseif (strtoupper($parameters['countrycode']) == "TR")
{//Turquie
if (dol_strlen($object) == 13)
{//ex : +90 ABC_DEF_GHIJ
$newphone= substr($newphone,0,3).$separ.substr($newphone,3,3).$separ.substr($newphone,6,3).$separ.substr($newphone,9,4);
}
}
elseif (strtoupper($parameters['countrycode']) == "US")
{//Etat-Unis
if (dol_strlen($newphone) == 12)
{//ex: +1 ABC_DEF_GHIJ
$newphone= substr($newphone,0,2).$separ.substr($newphone,2,3).$separ.substr($newphone,5,3).$separ.substr($newphone,8,4);
}
}
elseif (strtoupper($parameters['countrycode']) == "MX")
{//Mexique
if (dol_strlen($newphone) == 12)
{//ex: +52 ABCD_EFG_HI
$newphone = substr($newphone,0,3).$separ.substr($newphone,3,4).$separ.substr($newphone,7,3).$separ.substr($newphone,10,2);
}
elseif (dol_strlen($newphone) == 11)
{//ex: +52 AB_CD_EF_GH
$newphone = substr($newphone,0,3).$separ.substr($newphone,3,2).$separ.substr($newphone,5,2).$separ.substr($newphone,7,2).$separ.substr($newphone,9,2);
}
elseif (dol_strlen($newphone) == 13)
{//ex: +52 ABC_DEF_GHIJ
$newphone = substr($newphone,0,3).$separ.substr($newphone,3,3).$separ.substr($newphone,6,3).$separ.substr($newphone,9,4);
}
}
elseif (strtoupper($parameters['countrycode']) == "ML")
{//Mali
if(dol_strlen($newphone) == 12)
{//ex: +223 AB_CD_EF_GH
$newphone = substr($newphone,0,4).$separ.substr($newphone,4,2).$separ.substr($newphone,6,2).$separ.substr($newphone,8,2).$separ.substr($newphone,10,2);
}
}
elseif (strtoupper($parameters['countrycode']) == "TH")
{//Thaïlande
if(dol_strlen($newphone) == 11)
{//ex: +66_ABC_DE_FGH
$newphone = substr($newphone,0,3).$separ.substr($newphone,3,3).$separ.substr($newphone,6,2).$separ.substr($newphone,8,3);
}
elseif(dol_strlen($newphone) == 12)
{//ex: +66_A_BCD_EF_GHI
$newphone = substr($newphone,0,3).$separ.substr($newphone,3,1).$separ.substr($newphone,4,3).$separ.substr($newphone,7,2).$separ.substr($newphone,9,3);
}
}
elseif (strtoupper($parameters['countrycode']) == "MU")
{//Maurice
if(dol_strlen($newphone) == 11)
{//ex: +230_ABC_DE_FG
$newphone = substr($newphone,0,4).$separ.substr($newphone,4,3).$separ.substr($newphone,7,2).$separ.substr($newphone,9,2);
}
elseif(dol_strlen($newphone) == 12)
{//ex: +230_ABCD_EF_GH
$newphone = substr($newphone,0,4).$separ.substr($newphone,4,4).$separ.substr($newphone,8,2).$separ.substr($newphone,10,2);
}
}
elseif (strtoupper($parameters['countrycode']) == "ZA")
{//Afrique du sud
if(dol_strlen($newphone) == 12)
{//ex: +27_AB_CDE_FG_HI
$newphone = substr($newphone,0,3).$separ.substr($newphone,3,2).$separ.substr($newphone,5,3).$separ.substr($newphone,8,2).$separ.substr($newphone,10,2);
}
}
elseif (strtoupper($parameters['countrycode']) == "SY")
{//Syrie
if(dol_strlen($newphone) == 12)
{//ex: +963_AB_CD_EF_GH
$newphone = substr($newphone,0,4).$separ.substr($newphone,4,2).$separ.substr($newphone,6,2).$separ.substr($newphone,8,2).$separ.substr($newphone,10,2);
}
elseif(dol_strlen($newphone) == 13)
{//ex: +963_AB_CD_EF_GHI
$newphone = substr($newphone,0,4).$separ.substr($newphone,4,2).$separ.substr($newphone,6,2).$separ.substr($newphone,8,2).$separ.substr($newphone,10,3);
}
}
elseif (strtoupper($parameters['countrycode']) == "AE")
{//Emirats Arabes Unis
if(dol_strlen($newphone) == 12)
{//ex: +971_ABC_DEF_GH
$newphone = substr($newphone,0,4).$separ.substr($newphone,4,3).$separ.substr($newphone,7,3).$separ.substr($newphone,10,2);
}
elseif(dol_strlen($newphone) == 13)
{//ex: +971_ABC_DEF_GHI
$newphone = substr($newphone,0,4).$separ.substr($newphone,4,3).$separ.substr($newphone,7,3).$separ.substr($newphone,10,3);
}
elseif(dol_strlen($newphone) == 14)
{//ex: +971_ABC_DEF_GHIK
$newphone = substr($newphone,0,4).$separ.substr($newphone,4,3).$separ.substr($newphone,7,3).$separ.substr($newphone,10,4);
}
}
elseif (strtoupper($parameters['countrycode']) == "DZ")
{//Algérie
if(dol_strlen($newphone) == 13)
{//ex: +213_ABC_DEF_GHI
$newphone = substr($newphone,0,4).$separ.substr($newphone,4,3).$separ.substr($newphone,7,3).$separ.substr($newphone,10,3);
}
}
elseif (strtoupper($parameters['countrycode']) == "BE")
{//Belgique
if(dol_strlen($newphone) == 11)
{//ex: +32_ABC_DE_FGH
$newphone = substr($newphone,0,3).$separ.substr($newphone,3,3).$separ.substr($newphone,6,2).$separ.substr($newphone,8,3);
}
elseif(dol_strlen($newphone) == 12)
{//ex: +32_ABC_DEF_GHI
$newphone = substr($newphone,0,3).$separ.substr($newphone,3,3).$separ.substr($newphone,6,3).$separ.substr($newphone,9,3);
}
}
elseif (strtoupper($parameters['countrycode']) == "PF")
{//Polynésie française
if(dol_strlen($newphone) == 12)
{//ex: +689_AB_CD_EF_GH
$newphone = substr($newphone,0,4).$separ.substr($newphone,4,2).$separ.substr($newphone,6,2).$separ.substr($newphone,8,2).$separ.substr($newphone,10,2);
}
}
elseif (strtoupper($parameters['countrycode']) == "CO")
{//Colombie
if(dol_strlen($newphone) == 13)
{//ex: +57_ABC_DEF_GH_IJ
$newphone = substr($newphone,0,3).$separ.substr($newphone,3,3).$separ.substr($newphone,6,3).$separ.substr($newphone,9,2).$separ.substr($newphone,11,2);
}
}
elseif (strtoupper($parameters['countrycode']) == "JO")
{//Jordanie
if(dol_strlen($newphone) == 12)
{//ex: +962_A_BCD_EF_GH
$newphone = substr($newphone,0,4).$separ.substr($newphone,4,1).$separ.substr($newphone,5,3).$separ.substr($newphone,7,2).$separ.substr($newphone,9,2);
}
}
elseif (strtoupper($parameters['countrycode']) == "MG")
{//Madagascar
if(dol_strlen($newphone) == 13)
{//ex: +261_AB_CD_EF_GHI
$newphone = substr($newphone,0,4).$separ.substr($newphone,4,2).$separ.substr($newphone,6,2).$separ.substr($newphone,8,2).$separ.substr($newphone,10,3);
}
}
elseif (strtoupper($parameters['countrycode']) == "GB")
{//Royaume uni
if(dol_strlen($newphone) == 13)
{//ex: +44_ABCD_EFG_HIJ
$newphone = substr($newphone,0,3).$separ.substr($newphone,3,4).$separ.substr($newphone,7,3).$separ.substr($newphone,10,3);
}
}
elseif (strtoupper($parameters['countrycode']) == "CH")
{//Suisse
if(dol_strlen($newphone) == 12)
{//ex: +41_AB_CDE_FG_HI
$newphone = substr($newphone,0,3).$separ.substr($newphone,3,2).$separ.substr($newphone,5,3).$separ.substr($newphone,8,2).$separ.substr($newphone,10,2);
}
elseif(dol_strlen($newphone) == 15)
{// +41_AB_CDE_FGH_IJKL
$newphone =$newphone = substr($newphone,0,3).$separ.substr($newphone,3,2).$separ.substr($newphone,5,3).$separ.substr($newphone,8,3).$separ.substr($newphone,11,4);
}
}
elseif (strtoupper($parameters['countrycode']) == "TN")
{//Tunisie
if(dol_strlen($newphone) == 12)
{//ex: +216_AB_CDE_FGH
$newphone = substr($newphone,0,4).$separ.substr($newphone,4,2).$separ.substr($newphone,6,3).$separ.substr($newphone,9,3);
}
}
elseif (strtoupper($parameters['countrycode']) == "GF")
{//Guyane francaise
if(dol_strlen($newphone) == 13)
{//ex: +594_ABC_DE_FG_HI (ABC=594 de nouveau)
$newphone = substr($newphone,0,4).$separ.substr($newphone,4,3).$separ.substr($newphone,7,2).$separ.substr($newphone,9,2).$separ.substr($newphone,11,2);
}
}
elseif (strtoupper($parameters['countrycode']) == "GP")
{//Guadeloupe
if(dol_strlen($newphone) == 13)
{//ex: +590_ABC_DE_FG_HI (ABC=590 de nouveau)
$newphone = substr($newphone,0,4).$separ.substr($newphone,4,3).$separ.substr($newphone,7,2).$separ.substr($newphone,9,2).$separ.substr($newphone,11,2);
}
}
elseif (strtoupper($parameters['countrycode']) == "MQ")
{//Martinique
if(dol_strlen($newphone) == 13)
{//ex: +596_ABC_DE_FG_HI (ABC=596 de nouveau)
$newphone = substr($newphone,0,4).$separ.substr($newphone,4,3).$separ.substr($newphone,7,2).$separ.substr($newphone,9,2).$separ.substr($newphone,11,2);
}
}
elseif (strtoupper($parameters['countrycode']) == "IT")
{//Italie
if(dol_strlen($newphone) == 12)
{//ex: +39_ABC_DEF_GHI
$newphone = substr($newphone,0,3).$separ.substr($newphone,3,3).$separ.substr($newphone,6,3).$separ.substr($newphone,9,3);
}
elseif(dol_strlen($newphone) == 13)
{//ex: +39_ABC_DEF_GH_IJ
$newphone = substr($newphone,0,3).$separ.substr($newphone,3,3).$separ.substr($newphone,6,3).$separ.substr($newphone,9,2).$separ.substr($newphone,11,2);
}
}
elseif(strtoupper($parameters['countrycode']) == "AU")
{//Australie
if(dol_strlen($newphone) == 12)
{//ex: +61_A_BCDE_FGHI
$newphone = substr($newphone,0,3).$separ.substr($newphone,3,1).$separ.substr($newphone,4,4).$separ.substr($newphone,8,4);
}
}
if (! empty($addlink)) // Link on phone number (+ link to add action if conf->global->AGENDA_ADDACTIONFORPHONE set)
{
if (! empty($conf->browser->phone) || (! empty($conf->clicktodial->enabled) && ! empty($conf->global->CLICKTODIAL_USE_TEL_LINK_ON_PHONE_NUMBERS))) // If phone or option for, we use link of phone
@ -6844,7 +7094,7 @@ function getAdvancedPreviewUrl($modulepart, $relativepath, $alldata=0, $param=''
if (empty($conf->use_javascript_ajax)) return '';
$mime_preview = array('bmp', 'jpeg', 'png', 'gif', 'tiff', 'pdf', 'plain', 'css');
$mime_preview = array('bmp', 'jpeg', 'png', 'gif', 'tiff', 'pdf', 'plain', 'css', 'svg+xml');
//$mime_preview[]='vnd.oasis.opendocument.presentation';
//$mime_preview[]='archive';
$num_mime = array_search(dol_mimetype($relativepath, '', 1), $mime_preview);
@ -6861,6 +7111,25 @@ function getAdvancedPreviewUrl($modulepart, $relativepath, $alldata=0, $param=''
}
/**
* Make content of an input box selected when we click into input field.
*
* @param string $htmlname Id of html object
* @param string $addlink Add a 'link to' after
*/
function ajax_autoselect($htmlname, $addlink='')
{
global $langs;
$out = '<script type="text/javascript">
jQuery(document).ready(function () {
jQuery("#'.$htmlname.'").click(function() { jQuery(this).select(); } );
});
</script>';
if ($addlink) $out.=' <a href="'.$addlink.'" target="_blank">'.$langs->trans("Link").'</a>';
return $out;
}
/**
* Return mime type of a file
*
@ -6931,6 +7200,7 @@ function dol_mimetype($file, $default='application/octet-stream', $mode=0)
if (preg_match('/\.gif$/i',$tmpfile)) { $mime='image/gif'; $imgmime='image.png'; $famime='file-image-o'; }
if (preg_match('/\.bmp$/i',$tmpfile)) { $mime='image/bmp'; $imgmime='image.png'; $famime='file-image-o'; }
if (preg_match('/\.(tif|tiff)$/i',$tmpfile)) { $mime='image/tiff'; $imgmime='image.png'; $famime='file-image-o'; }
if (preg_match('/\.svg$/i',$tmpfile)) { $mime='image/svg+xml';$imgmime='image.png'; $famime='file-image-o'; }
// Calendar
if (preg_match('/\.vcs$/i',$tmpfile)) { $mime='text/calendar'; $imgmime='other.png'; $famime='file-text-o'; }
if (preg_match('/\.ics$/i',$tmpfile)) { $mime='text/calendar'; $imgmime='other.png'; $famime='file-text-o'; }

2
htdocs/core/lib/images.lib.php
View File

@ -37,7 +37,7 @@ $quality = 80;
*/
function image_format_supported($file)
{
$regeximgext='\.gif|\.jpg|\.jpeg|\.png|\.bmp|\.xpm|\.xbm'; // See also into product.class.php
$regeximgext='\.gif|\.jpg|\.jpeg|\.png|\.bmp|\.xpm|\.xbm|\.svg'; // See also into product.class.php
// Case filename is not a format image
if (! preg_match('/('.$regeximgext.')$/i',$file,$reg)) return -1;

12
htdocs/core/modules/commande/doc/pdf_einstein.modules.php
View File

@ -1320,7 +1320,17 @@ class pdf_einstein extends ModelePDFCommandes
if ($showaddress)
{
// Sender properties
$carac_emetteur = pdf_build_address($outputlangs, $this->emetteur, $object->thirdparty);
$carac_emetteur='';
// Add internal contact of proposal if defined
$arrayidcontact=$object->getIdContact('internal','SALESREPFOLL');
if (count($arrayidcontact) > 0)
{
$object->fetch_user($arrayidcontact[0]);
$labelbeforecontactname=($outputlangs->transnoentities("FromContactName")!='FromContactName'?$outputlangs->transnoentities("FromContactName"):$outputlangs->transnoentities("Name"));
$carac_emetteur .= ($carac_emetteur ? "\n" : '' ).$labelbeforecontactname." ".$outputlangs->convToOutputCharset($object->user->getFullName($outputlangs))."\n";
}
$carac_emetteur .= pdf_build_address($outputlangs, $this->emetteur, $object->thirdparty);
// Show sender
$posy=42+$top_shift;

4
htdocs/core/modules/modBlockedLog.class.php
View File

@ -172,7 +172,7 @@ class modBlockedLog extends DolibarrModules
// If already used, we add an entry to show we enable module
require_once DOL_DOCUMENT_ROOT.'/blockedlog/class/blockedlog.class.php';
$object=new stdClass;
$object=new stdClass();
$object->id = 1;
$object->element = 'module';
$object->ref = 'systemevent';
@ -215,7 +215,7 @@ class modBlockedLog extends DolibarrModules
// If already used, we add an entry to show we enable module
require_once DOL_DOCUMENT_ROOT.'/blockedlog/class/blockedlog.class.php';
$object=new stdClass;
$object=new stdClass();
$object->id = 1;
$object->element = 'module';
$object->ref = 'systemevent';

2
htdocs/core/modules/modWebsite.class.php
View File

@ -80,7 +80,7 @@ class modWebsite extends DolibarrModules
// New pages on tabs
// -----------------
//$this->tabs[] = array('data'=>'thirdparty:+website:WebSites:website:($conf->societe->enabled && $user->rights->societe->lire):/societe/website.php?mainmenu=home&id=__ID__'); // To add a new tab identified by code tabname1
//$this->tabs[] = array(); // To add a new tab identified by code tabname1
// Boxes
//------

3
htdocs/core/tpl/ajaxrow.tpl.php
View File

@ -71,7 +71,8 @@ $(document).ready(function(){
function() {
console.log("tableDND end of ajax call");
if (reloadpage == 1) {
location.href = '<?php echo dol_escape_htmltag($_SERVER['PHP_SELF']).'?'.dol_escape_htmltag($_SERVER['QUERY_STRING']); ?>';
//console.log('<?php echo dol_escape_js($_SERVER['QUERY_STRING']); ?>');
location.href = '<?php echo dol_escape_js($_SERVER['PHP_SELF']).'?'.dol_escape_js($_SERVER['QUERY_STRING']); ?>';
} else {
$("#<?php echo $tagidfortablednd; ?> .drag").each(
function( intIndex ) {

31
htdocs/document.php
View File

@ -25,9 +25,9 @@
* \file htdocs/document.php
* \brief Wrapper to download data files
* \remarks Call of this wrapper is made with URL:
* document.php?modulepart=repfichierconcerne&file=relativepathoffile
* document.php?modulepart=logs&file=dolibarr.log
* document.php?modulepart=logs&hashp=sharekey
* DOL_URL_ROOT.'/document.php?modulepart=repfichierconcerne&file=relativepathoffile'
* DOL_URL_ROOT.'/document.php?modulepart=logs&file=dolibarr.log'
* DOL_URL_ROOT.'/document.php?hashp=sharekey'
*/
//if (! defined('NOREQUIREUSER')) define('NOREQUIREUSER','1'); // Not disabled cause need to load personalized language
@ -36,9 +36,9 @@
//if (! defined('NOREQUIRETRAN')) define('NOREQUIRETRAN','1');
//if (! defined('NOCSRFCHECK')) define('NOCSRFCHECK','1');
if (! defined('NOTOKENRENEWAL')) define('NOTOKENRENEWAL','1');
//if (! defined('NOREQUIREMENU')) define('NOREQUIREMENU','1');
//if (! defined('NOREQUIREHTML')) define('NOREQUIREHTML','1');
//if (! defined('NOREQUIREAJAX')) define('NOREQUIREAJAX','1');
if (! defined('NOREQUIREMENU')) define('NOREQUIREMENU','1');
if (! defined('NOREQUIREHTML')) define('NOREQUIREHTML','1');
if (! defined('NOREQUIREAJAX')) define('NOREQUIREAJAX','1');
//if (! defined('NOREQUIREHOOK')) define('NOREQUIREHOOK','1'); // Disable "main.inc.php" hooks
// For bittorent link, we don't need to load/check we are into a login session
if (isset($_GET["modulepart"]) && $_GET["modulepart"] == 'bittorrent' && ! defined("NOLOGIN"))
@ -58,9 +58,6 @@ if ((isset($_GET["modulepart"]) && $_GET["modulepart"] == 'medias') && ! defined
define("NOLOGIN",1);
define("NOCSRFCHECK",1); // We accept to go on this page from external web site.
}
if (! defined('NOREQUIREMENU')) define('NOREQUIREMENU','1');
if (! defined('NOREQUIREHTML')) define('NOREQUIREHTML','1');
if (! defined('NOREQUIREAJAX')) define('NOREQUIREAJAX','1');
/**
* Header empty
@ -75,7 +72,6 @@ function llxHeader() { }
*/
function llxFooter() { }
require 'main.inc.php'; // Load $user and permissions
require_once DOL_DOCUMENT_ROOT.'/core/lib/files.lib.php';
@ -103,21 +99,17 @@ if (in_array($modulepart, array('facture_paiement','unpaid')))
/*
* Action
* Actions
*/
// None
/*
* View
*/
// Define mime type
$type = 'application/octet-stream';
if (GETPOST('type','alpha')) $type=GETPOST('type','alpha');
else $type=dol_mimetype($original_file);
// Define attachment (attachment=true to force choice popup 'open'/'save as')
$attachment = true;
if (preg_match('/\.(html|htm)$/i',$original_file)) $attachment = false;
@ -160,6 +152,10 @@ if (! empty($hashp))
}
}
// Define mime type
$type = 'application/octet-stream';
if (GETPOST('type','alpha')) $type=GETPOST('type','alpha');
else $type=dol_mimetype($original_file);
// Security: Delete string ../ into $original_file
$original_file = str_replace("../","/", $original_file);
@ -252,9 +248,6 @@ header('Content-Length: ' . dol_filesize($fullpath_original_file));
header('Cache-Control: Public, must-revalidate');
header('Pragma: public');
//ob_clean();
//flush();
readfile($fullpath_original_file_osencoded);
if (is_object($db)) $db->close();

4
htdocs/ecm/file_card.php
View File

@ -341,13 +341,9 @@ if (! empty($object->share))
{
if ($action != 'edit')
{
$modulepart='ecm';
$forcedownload=0;
$paramlink='';
//if (! empty($modulepart)) $paramlink.=($paramlink?'&':'').'modulepart='.$modulepart; // For sharing with hash (so public files), modulepart is not required.
//if (! empty($object->entity)) $paramlink.='&entity='.$object->entity; // For sharing with hash (so public files), entity is not required.
//$paramlink.=($paramlink?'&':'').'file='.urlencode($filepath); // No need of name of file for public link, we will use the hash
if (! empty($object->share)) $paramlink.=($paramlink?'&':'').'hashp='.$object->share; // Hash for public share
if ($forcedownload) $paramlink.=($paramlink?'&':'').'attachment=1';

33
htdocs/fourn/card.php
View File

@ -117,7 +117,7 @@ if (empty($reshook))
// Fill array 'array_options' with data from update form
$extralabels = $extrafields->fetch_name_optionals_label($object->table_element);
$ret = $extrafields->setOptionalsFromPost($extralabels, $object, GETPOST('attribute'));
if ($ret < 0) $error++;
if (! $error)
{
@ -476,7 +476,7 @@ if ($object->id > 0)
/*
* Last supplier proposal
* Latest supplier proposal
*/
$proposalstatic = new SupplierProposal($db);
@ -485,7 +485,7 @@ if ($object->id > 0)
$sql = "SELECT p.rowid, p.ref, p.date_valid as dc, p.fk_statut, p.total_ht, p.tva as total_tva, p.total as total_ttc";
$sql.= " FROM ".MAIN_DB_PREFIX."supplier_proposal as p ";
$sql.= " WHERE p.fk_soc =".$object->id;
$sql.= " AND p.entity =".$conf->entity;
$sql.= " AND p.entity IN (".getEntity('supplier_proposal').")";
$sql.= " ORDER BY p.date_valid DESC";
$sql.= " ".$db->plimit($MAXLIST);
@ -548,7 +548,7 @@ if ($object->id > 0)
}
/*
* Last supplier orders
* Latest supplier orders
*/
$orderstatic = new CommandeFournisseur($db);
@ -561,6 +561,7 @@ if ($object->id > 0)
$sql2.= ' FROM '.MAIN_DB_PREFIX.'societe as s';
$sql2.= ', '.MAIN_DB_PREFIX.'commande_fournisseur as c';
$sql2.= ' WHERE c.fk_soc = s.rowid';
$sql2.= " AND c.entity IN (".getEntity('commande_fournisseur').")";
$sql2.= ' AND s.rowid = '.$object->id;
// Show orders with status validated, shipping started and delivered (well any order we can bill)
$sql2.= " AND c.fk_statut IN (5)";
@ -578,9 +579,9 @@ if ($object->id > 0)
// TODO move to DAO class
$sql = "SELECT count(p.rowid) as total";
$sql.= " FROM ".MAIN_DB_PREFIX."commande_fournisseur as p ";
$sql.= " FROM ".MAIN_DB_PREFIX."commande_fournisseur as p";
$sql.= " WHERE p.fk_soc =".$object->id;
$sql.= " AND p.entity =".$conf->entity;
$sql.= " AND p.entity IN (".getEntity('commande_fournisseur').")";
$resql=$db->query($sql);
if ($resql)
{
@ -589,9 +590,9 @@ if ($object->id > 0)
}
$sql = "SELECT p.rowid,p.ref, p.date_commande as dc, p.fk_statut, p.total_ht, p.tva as total_tva, p.total_ttc";
$sql.= " FROM ".MAIN_DB_PREFIX."commande_fournisseur as p ";
$sql.= " FROM ".MAIN_DB_PREFIX."commande_fournisseur as p";
$sql.= " WHERE p.fk_soc =".$object->id;
$sql.= " AND p.entity =".$conf->entity;
$sql.= " AND p.entity IN (".getEntity('commande_fournisseur').")";
$sql.= " ORDER BY p.date_commande DESC";
$sql.= " ".$db->plimit($MAXLIST);
$resql=$db->query($sql);
@ -652,7 +653,7 @@ if ($object->id > 0)
}
/*
* Last supplier invoices
* Latest supplier invoices
*/
$langs->load('bills');
@ -666,7 +667,7 @@ if ($object->id > 0)
$sql.= ' FROM '.MAIN_DB_PREFIX.'facture_fourn as f';
$sql.= ' LEFT JOIN '.MAIN_DB_PREFIX.'paiementfourn_facturefourn as pf ON f.rowid=pf.fk_facturefourn';
$sql.= ' WHERE f.fk_soc = '.$object->id;
$sql.= " AND f.entity =".$conf->entity;
$sql.= " AND f.entity IN (".getEntity('facture_fourn').")";
$sql.= ' GROUP BY f.rowid,f.libelle,f.ref,f.ref_supplier,f.fk_statut,f.datef,f.total_ht,f.total_tva,f.total_ttc,f.paye';
$sql.= ' ORDER BY f.datef DESC';
$resql=$db->query($sql);
@ -694,15 +695,15 @@ if ($object->id > 0)
print '<td>';
print '<a href="facture/card.php?facid='.$obj->rowid.'">';
$facturestatic->id=$obj->rowid;
$facturestatic->ref=($obj->ref?$obj->ref:$obj->rowid).($obj->ref_supplier?' - '.$obj->ref_supplier:'');
$facturestatic->ref_supplier = $obj->ref_supplier;
$facturestatic->total_ht = $obj->total_ht;
$facturestatic->ref=($obj->ref?$obj->ref:$obj->rowid);
$facturestatic->ref_supplier = $obj->ref_supplier;
$facturestatic->libelle = $obj->libelle;
$facturestatic->total_ht = $obj->total_ht;
$facturestatic->total_tva = $obj->total_tva;
$facturestatic->total_ttc = $obj->total_ttc;
//$facturestatic->ref_supplier=$obj->ref_supplier;
print $facturestatic->getNomUrl(1);
//print img_object($langs->trans('ShowBill'),'bill').' '.($obj->ref?$obj->ref:$obj->rowid).' - '.$obj->ref_supplier.'</a>';
print ' '.dol_trunc($obj->libelle,14);
print $obj->ref_supplier?' - '.$obj->ref_supplier:'';
print ($obj->libelle?' - ':'').dol_trunc($obj->libelle,14);
print '</td>';
print '<td align="center" class="nowrap">'.dol_print_date($db->jdate($obj->df),'day').'</td>';
print '<td align="right" class="nowrap">'.price($obj->amount).'</td>';

2
htdocs/fourn/class/fournisseur.facture.class.php
View File

@ -1929,6 +1929,8 @@ class FactureFournisseur extends CommonInvoice
$label .= '<br><b>' . $langs->trans('Ref') . ':</b> ' . $this->ref;
if (! empty($this->ref_supplier))
$label.= '<br><b>' . $langs->trans('RefSupplier') . ':</b> ' . $this->ref_supplier;
if (! empty($this->libelle))
$label.= '<br><b>' . $langs->trans('Label') . ':</b> ' . $this->libelle;
if (! empty($this->total_ht))
$label.= '<br><b>' . $langs->trans('AmountHT') . ':</b> ' . price($this->total_ht, 0, $langs, 0, -1, -1, $conf->currency);
if (! empty($this->total_tva))

6
htdocs/install/check.php
View File

@ -35,7 +35,7 @@ $allowinstall = 0;
$allowupgrade = false;
$checksok = 1;
$setuplang=GETPOST("selectlang",'',3)?GETPOST("selectlang",'',3):$langs->getDefaultLang();
$setuplang=GETPOST("selectlang",'az09',3)?GETPOST("selectlang",'az09',3):$langs->getDefaultLang();
$langs->setDefaultLang($setuplang);
$langs->load("install");
@ -345,6 +345,10 @@ else
$conf->db->dolibarr_main_db_cryptkey = $dolibarr_main_db_cryptkey;
$conf->setValues($db);
// Reset forced setup after the setValues
if (defined('SYSLOG_FILE')) $conf->global->SYSLOG_FILE=constant('SYSLOG_FILE');
$conf->global->MAIN_ENABLE_LOG_TO_HTML = 1;
// Current version is $conf->global->MAIN_VERSION_LAST_UPGRADE
// Version to install is DOL_VERSION
$dolibarrlastupgradeversionarray=preg_split('/[\.-]/',isset($conf->global->MAIN_VERSION_LAST_UPGRADE) ? $conf->global->MAIN_VERSION_LAST_UPGRADE : (isset($conf->global->MAIN_VERSION_LAST_INSTALL)?$conf->global->MAIN_VERSION_LAST_INSTALL:''));

64
htdocs/install/repair.php
View File

@ -42,10 +42,8 @@ error_reporting(0);
@set_time_limit(120);
error_reporting($err);
$setuplang=GETPOST("selectlang",'',3)?GETPOST("selectlang",'',3):'auto';
$setuplang=GETPOST("selectlang",'az09',3)?GETPOST("selectlang",'az09',3):'auto';
$langs->setDefaultLang($setuplang);
$versionfrom=GETPOST("versionfrom",'',3)?GETPOST("versionfrom",'',3):(empty($argv[1])?'':$argv[1]);
$versionto=GETPOST("versionto",'',3)?GETPOST("versionto",'',3):(empty($argv[2])?'':$argv[2]);
$langs->loadLangs(array("admin","install","other"));
@ -78,6 +76,7 @@ print 'Option clean_product_stock_batch (0 or \'test\' or \'confirmed\') is '.(G
print 'Option set_empty_time_spent_amount (0 or \'test\' or \'confirmed\') is '.(GETPOST('set_empty_time_spent_amount','alpha')?GETPOST('set_empty_time_spent_amount','alpha'):'0').'<br>'."\n";
print 'Option rebuild_product_thumbs (0 or \'test\' or \'confirmed\') is '.(GETPOST('rebuild_product_thumbs','alpha')?GETPOST('rebuild_product_thumbs','alpha'):'0').'<br>'."\n";
print 'Option force_disable_of_modules_not_found (0 or \'test\' or \'confirmed\') is '.(GETPOST('force_disable_of_modules_not_found','alpha')?GETPOST('force_disable_of_modules_not_found','alpha'):'0').'<br>'."\n";
print 'Option clean_perm_table (0 or \'test\' or \'confirmed\') is '.(GETPOST('clean_perm_table','alpha')?GETPOST('clean_perm_table','alpha'):'0').'<br>'."\n";
print 'Option force_utf8_on_tables, for mysql/mariadb only (0 or \'test\' or \'confirmed\') is '.(GETPOST('force_utf8_on_tables','alpha')?GETPOST('force_utf8_on_tables','alpha'):'0').'<br>'."\n";
print '<br>';
@ -154,13 +153,16 @@ if ($ok)
}
$conf->setValues($db);
// Reset forced setup after the setValues
if (defined('SYSLOG_FILE')) $conf->global->SYSLOG_FILE=constant('SYSLOG_FILE');
$conf->global->MAIN_ENABLE_LOG_TO_HTML = 1;
/* Start action here */
$oneoptionset=0;
$oneoptionset=(GETPOST('standard', 'alpha') || GETPOST('restore_thirdparties_logos','alpha') || GETPOST('clean_linked_elements','alpha') || GETPOST('clean_menus','alpha')
|| GETPOST('clean_orphelin_dir','alpha') || GETPOST('clean_product_stock_batch','alpha') || GETPOST('set_empty_time_spent_amount','alpha') || GETPOST('rebuild_product_thumbs','alpha')
|| GETPOST('clean_perm_table','alpha')
|| GETPOST('force_disable_of_modules_not_found','alpha') || GETPOST('force_utf8_on_tables','alpha'));
if ($ok && $oneoptionset)
@ -586,8 +588,6 @@ if ($ok && GETPOST('clean_menus','alpha'))
// clean_orphelin_dir: Run purge of directory
if ($ok && GETPOST('clean_orphelin_dir','alpha'))
{
$conf->setValues($db);
$listmodulepart=array('company','invoice','invoice_supplier','propal','order','order_supplier','contract','tax');
foreach ($listmodulepart as $modulepart)
{
@ -904,7 +904,7 @@ if ($ok && GETPOST('set_empty_time_spent_amount','alpha'))
// clean_old_module_entries: Clean data into const when files of module were removed without being
if ($ok && GETPOST('force_disable_of_modules_not_found','alpha'))
{
print '<tr><td colspan="2"><br>*** Force modules not found to be disabled</td></tr>';
print '<tr><td colspan="2"><br>*** Force modules not found to be disabled (only modules adding js, css or hooks can be detected as removed)</td></tr>';
$arraylistofkey=array('hooks','js','css');
@ -1020,6 +1020,56 @@ if ($ok && GETPOST('force_disable_of_modules_not_found','alpha'))
}
// clean_old_module_entries: Clean data into const when files of module were removed without being
if ($ok && GETPOST('clean_perm_table','alpha'))
{
print '<tr><td colspan="2"><br>*** Clean table user_rights from lines of external modules no more enabled</td></tr>';
$listofmods='';
foreach($conf->modules as $key => $val)
{
$listofmods.=($listofmods?',':'')."'".$val."'";
}
$sql = 'SELECT id, libelle, module from '.MAIN_DB_PREFIX.'rights_def WHERE module not in ('.$listofmods.') AND id > 100000';
$resql = $db->query($sql);
if ($resql)
{
$num = $db->num_rows($resql);
if ($num)
{
$i = 0;
while ($i < $num)
{
$obj=$db->fetch_object($resql);
if ($obj->id > 0)
{
print '<tr><td>Found line with id '.$obj->id.', label "'.$obj->libelle.'" of module "'.$obj->module.'" to delete';
if (GETPOST('clean_perm_table','alpha') == 'confirmed')
{
$sqldelete = 'DELETE FROM '.MAIN_DB_PREFIX.'rights_def WHERE id = '.$obj->id;
$resqldelete = $db->query($sqldelete);
if (! $resqldelete)
{
dol_print_error($db);
}
print ' - deleted';
}
print '</td></tr>';
}
$i++;
}
}
else
{
print '<tr><td>No lines of a disabled external module (with id > 100000) found into table rights_def</td></tr>';
}
}
else
{
dol_print_error($db);
}
}
// clean_linked_elements: Check and clean linked elements

6
htdocs/install/step5.php
View File

@ -165,6 +165,9 @@ if ($action == "set" || empty($action) || preg_match('/upgrade/i',$action))
if ($db->connected)
{
$conf->setValues($db);
// Reset forced setup after the setValues
if (defined('SYSLOG_FILE')) $conf->global->SYSLOG_FILE=constant('SYSLOG_FILE');
$conf->global->MAIN_ENABLE_LOG_TO_HTML = 1;
// Create admin user
include_once DOL_DOCUMENT_ROOT .'/user/class/user.class.php';
@ -298,6 +301,9 @@ if ($action == "set" || empty($action) || preg_match('/upgrade/i',$action))
if ($db->connected)
{
$conf->setValues($db);
// Reset forced setup after the setValues
if (defined('SYSLOG_FILE')) $conf->global->SYSLOG_FILE=constant('SYSLOG_FILE');
$conf->global->MAIN_ENABLE_LOG_TO_HTML = 1;
// Define if we need to update the MAIN_VERSION_LAST_UPGRADE value in database
$tagdatabase=false;

177
htdocs/install/upgrade2.php
View File

@ -163,7 +163,13 @@ if (! GETPOST('action','aZ09') || preg_match('/upgrade/i',GETPOST('action','aZ09
$conf->db->dolibarr_main_db_cryptkey = $dolibarr_main_db_cryptkey;
// Chargement config
if (! $error) $conf->setValues($db);
if (! $error)
{
$conf->setValues($db);
// Reset forced setup after the setValues
if (defined('SYSLOG_FILE')) $conf->global->SYSLOG_FILE=constant('SYSLOG_FILE');
$conf->global->MAIN_ENABLE_LOG_TO_HTML = 1;
}
/***************************************************************************************
@ -371,7 +377,20 @@ if (! GETPOST('action','aZ09') || preg_match('/upgrade/i',GETPOST('action','aZ09
$beforeversionarray=explode('.','6.0.9');
if (versioncompare($versiontoarray,$afterversionarray) >= 0 && versioncompare($versiontoarray,$beforeversionarray) <= 0)
{
// No particular code
if (! empty($conf->multicompany->enabled))
{
global $multicompany_transverse_mode;
// Only if the transverse mode is not used
if (empty($multicompany_transverse_mode))
{
// Migrate to add entity value into llx_user_rights
migrate_user_rights_entity($db, $langs, $conf);
// Migrate to add entity value into llx_usergroup_rights
migrate_usergroup_rights_entity($db, $langs, $conf);
}
}
}
// Scripts for last version
@ -3940,7 +3959,7 @@ function migrate_reset_blocked_log($db,$langs,$conf)
else
{
// Add set line
$object=new stdClass;
$object=new stdClass();
$object->id = 1;
$object->element = 'module';
$object->ref = 'systemevent';
@ -4182,6 +4201,158 @@ function migrate_remise_except_entity($db,$langs,$conf)
print '</td></tr>';
}
/**
* Migrate to add entity value into llx_user_rights
*
* @param DoliDB $db Database handler
* @param Translate $langs Object langs
* @param Conf $conf Object conf
* @return void
*/
function migrate_user_rights_entity($db,$langs,$conf)
{
print '<tr><td colspan="4">';
print '<b>'.$langs->trans('MigrationUserRightsEntity')."</b><br>\n";
$error = 0;
dolibarr_install_syslog("upgrade2::migrate_user_rights_entity");
$db->begin();
$sqlSelect = "SELECT u.rowid, u.entity";
$sqlSelect.= " FROM ".MAIN_DB_PREFIX."user as u";
$sqlSelect.= " WHERE u.entity > 1";
//print $sqlSelect;
$resql = $db->query($sqlSelect);
if ($resql)
{
$i = 0;
$num = $db->num_rows($resql);
if ($num)
{
while ($i < $num)
{
$obj = $db->fetch_object($resql);
$sqlUpdate = "UPDATE ".MAIN_DB_PREFIX."user_rights SET";
$sqlUpdate.= " entity = " . $obj->entity;
$sqlUpdate.= " WHERE fk_user = " . $obj->rowid;
$result=$db->query($sqlUpdate);
if (! $result)
{
$error++;
dol_print_error($db);
}
print ". ";
$i++;
}
}
else
{
print $langs->trans('AlreadyDone')."<br>\n";
}
if (! $error)
{
$db->commit();
}
else
{
$db->rollback();
}
}
else
{
dol_print_error($db);
$db->rollback();
}
print '</td></tr>';
}
/**
* Migrate to add entity value into llx_usergroup_rights
*
* @param DoliDB $db Database handler
* @param Translate $langs Object langs
* @param Conf $conf Object conf
* @return void
*/
function migrate_usergroup_rights_entity($db,$langs,$conf)
{
print '<tr><td colspan="4">';
print '<b>'.$langs->trans('MigrationUserGroupRightsEntity')."</b><br>\n";
$error = 0;
dolibarr_install_syslog("upgrade2::migrate_usergroup_rights_entity");
$db->begin();
$sqlSelect = "SELECT u.rowid, u.entity";
$sqlSelect.= " FROM ".MAIN_DB_PREFIX."usergroup as u";
$sqlSelect.= " WHERE u.entity > 1";
//print $sqlSelect;
$resql = $db->query($sqlSelect);
if ($resql)
{
$i = 0;
$num = $db->num_rows($resql);
if ($num)
{
while ($i < $num)
{
$obj = $db->fetch_object($resql);
$sqlUpdate = "UPDATE ".MAIN_DB_PREFIX."usergroup_rights SET";
$sqlUpdate.= " entity = " . $obj->entity;
$sqlUpdate.= " WHERE fk_usergroup = " . $obj->rowid;
$result=$db->query($sqlUpdate);
if (! $result)
{
$error++;
dol_print_error($db);
}
print ". ";
$i++;
}
}
else
{
print $langs->trans('AlreadyDone')."<br>\n";
}
if (! $error)
{
$db->commit();
}
else
{
$db->rollback();
}
}
else
{
dol_print_error($db);
$db->rollback();
}
print '</td></tr>';
}
/**
* Migration directory
*

10
htdocs/langs/en_US/companies.lang
View File

@ -75,8 +75,8 @@ Town=City
Web=Web
Poste= Position
DefaultLang=Language by default
VATIsUsed=VAT is used
VATIsNotUsed=VAT is not used
VATIsUsed=Sales tax is used
VATIsNotUsed=Sales tax is not used
CopyAddressFromSoc=Fill address with third party address
ThirdpartyNotCustomerNotSupplierSoNoRef=Thirdparty neither customer nor supplier, no available refering objects
PaymentBankAccount=Payment bank account
@ -239,7 +239,7 @@ ProfId3TN=Prof Id 3 (Douane code)
ProfId4TN=Prof Id 4 (BAN)
ProfId5TN=-
ProfId6TN=-
ProfId1US=Prof Id
ProfId1US=Prof Id (FEIN)
ProfId2US=-
ProfId3US=-
ProfId4US=-
@ -255,8 +255,8 @@ ProfId1DZ=RC
ProfId2DZ=Art.
ProfId3DZ=NIF
ProfId4DZ=NIS
VATIntra=VAT number
VATIntraShort=VAT number
VATIntra=Sales tax ID
VATIntraShort=Tax ID
VATIntraSyntaxIsValid=Syntax is valid
ProspectCustomer=Prospect / Customer
Prospect=Prospect

2
htdocs/langs/en_US/install.lang
View File

@ -196,6 +196,8 @@ MigrationEvents=Migration of events to add event owner into assignement table
MigrationEventsContact=Migration of events to add event contact into assignement table
MigrationRemiseEntity=Update entity field value of llx_societe_remise
MigrationRemiseExceptEntity=Update entity field value of llx_societe_remise_except
MigrationUserRightsEntity=Update entity field value of llx_user_rights
MigrationUserGroupRightsEntity=Update entity field value of llx_usergroup_rights
MigrationReloadModule=Reload module %s
MigrationResetBlockedLog=Reset module BlockedLog for v7 algorithm
ShowNotAvailableOptions=Show not available options

6
htdocs/langs/en_US/website.lang
View File

@ -55,7 +55,7 @@ OrEnterPageInfoManually=Or create empty page from scratch...
FetchAndCreate=Fetch and Create
ExportSite=Export site
IDOfPage=Id of page
Banner=Bandeau
Banner=Banner
BlogPost=Blog post
WebsiteAccount=Web site account
WebsiteAccounts=Web site accounts
@ -65,4 +65,6 @@ DisableSiteFirst=Disable website first
MyContainerTitle=My web site title
AnotherContainer=Another container
WEBSITE_USE_WEBSITE_ACCOUNTS=Enable the web site account table
WEBSITE_USE_WEBSITE_ACCOUNTSTooltip=Enable the table to store web site accounts (login/pass) for each website / thirdparty
WEBSITE_USE_WEBSITE_ACCOUNTSTooltip=Enable the table to store web site accounts (login/pass) for each website / thirdparty
OnlyEditionOfSourceForGrabbedContentFuture=Note: only edition of HTML source will be possible when a page content is intiliazed by grabbing it from an external page (WYSIWYG editor will not be available)
OnlyEditionOfSourceForGrabbedContent=Only edition of HTML source is possible when content was grabber from an external site

40
htdocs/product/class/product.class.php
View File

@ -4095,9 +4095,11 @@ class Product extends CommonObject
* @param int $maxHeight Max height of original image when size='small' (so we can use original even if small requested). If 0, always use 'small' thumb image.
* @param int $maxWidth Max width of original image when size='small'
* @param int $nolink Do not add a href link to view enlarged imaged into a new tab
* @param int $notitle Do not add title tag on image
* @param int $usesharelink Use the public shared link of image (if not available, the 'nophoto' image will be shown instead)
* @return string Html code to show photo. Number of photos shown is saved in this->nbphoto
*/
function show_photos($sdir,$size=0,$nbmax=0,$nbbyrow=5,$showfilename=0,$showaction=0,$maxHeight=120,$maxWidth=160,$nolink=0)
function show_photos($sdir,$size=0,$nbmax=0,$nbbyrow=5,$showfilename=0,$showaction=0,$maxHeight=120,$maxWidth=160,$nolink=0,$notitle=0,$usesharelink=0)
{
global $conf,$user,$langs;
@ -4196,15 +4198,39 @@ class Product extends CommonObject
// Si fichier vignette disponible et image source trop grande, on utilise la vignette, sinon on utilise photo origine
$alt=$langs->transnoentitiesnoconv('File').': '.$relativefile;
$alt.=' - '.$langs->transnoentitiesnoconv('Size').': '.$imgarray['width'].'x'.$imgarray['height'];
if ($notitle) $alt='';
if (empty($maxHeight) || $photo_vignette && $imgarray['height'] > $maxHeight)
if ($usesharelink)
{
$return.= '<!-- Show thumb -->';
$return.= '<img class="photo photowithmargin" border="0" height="'.$maxHeight.'" src="'.DOL_URL_ROOT.'/viewimage.php?modulepart=product&entity='.$this->entity.'&file='.urlencode($pdirthumb.$photo_vignette).'" title="'.dol_escape_htmltag($alt).'">';
if ($val['share'])
{
if (empty($maxHeight) || $photo_vignette && $imgarray['height'] > $maxHeight)
{
$return.= '<!-- Show original file (thumb not yet available with shared links) -->';
$return.= '<img class="photo photowithmargin" border="0" height="'.$maxHeight.'" src="'.DOL_URL_ROOT.'/viewimage.php?hashp='.urlencode($val['share']).'" title="'.dol_escape_htmltag($alt).'">';
}
else {
$return.= '<!-- Show original file -->';
$return.= '<img class="photo photowithmargin" border="0" height="'.$maxHeight.'" src="'.DOL_URL_ROOT.'/viewimage.php?hashp='.urlencode($val['share']).'" title="'.dol_escape_htmltag($alt).'">';
}
}
else
{
$return.= '<!-- Show nophoto file (because file is not shared) -->';
$return.= '<img class="photo photowithmargin" border="0" height="'.$maxHeight.'" src="'.DOL_URL_ROOT.'/public/theme/common/nophoto.png" title="'.dol_escape_htmltag($alt).'">';
}
}
else {
$return.= '<!-- Show original file -->';
$return.= '<img class="photo photowithmargin" border="0" height="'.$maxHeight.'" src="'.DOL_URL_ROOT.'/viewimage.php?modulepart=product&entity='.$this->entity.'&file='.urlencode($pdir.$photo).'" title="'.dol_escape_htmltag($alt).'">';
else
{
if (empty($maxHeight) || $photo_vignette && $imgarray['height'] > $maxHeight)
{
$return.= '<!-- Show thumb -->';
$return.= '<img class="photo photowithmargin" border="0" height="'.$maxHeight.'" src="'.DOL_URL_ROOT.'/viewimage.php?modulepart=product&entity='.$this->entity.'&file='.urlencode($pdirthumb.$photo_vignette).'" title="'.dol_escape_htmltag($alt).'">';
}
else {
$return.= '<!-- Show original file -->';
$return.= '<img class="photo photowithmargin" border="0" height="'.$maxHeight.'" src="'.DOL_URL_ROOT.'/viewimage.php?modulepart=product&entity='.$this->entity.'&file='.urlencode($pdir.$photo).'" title="'.dol_escape_htmltag($alt).'">';
}
}
if (empty($nolink)) $return.= '</a>';

4
htdocs/product/fournisseurs.php
View File

@ -63,7 +63,9 @@ if (! empty($_REQUEST['search_fourn_id']))
$fieldvalue = (! empty($id) ? $id : (! empty($ref) ? $ref : ''));
$fieldtype = (! empty($ref) ? 'ref' : 'rowid');
if ($user->societe_id) $socid=$user->societe_id;
$result=restrictedArea($user,'produit|service&fournisseur',$fieldvalue,'product&product','','',$fieldtype);
$result=restrictedArea($user,'produit|service',$fieldvalue,'product&product','','',$fieldtype);
if (empty($user->rights->fournisseur->lire)) accessforbidden();
$limit = GETPOST('limit','int')?GETPOST('limit','int'):$conf->liste_limit;
$sortfield = GETPOST("sortfield",'alpha');

4
htdocs/product/list.php
View File

@ -716,7 +716,7 @@ else
// Ref
if (! empty($arrayfields['p.ref']['checked']))
{
print '<td class="tdoverflowmax150">';
print '<td class="tdoverflowmax200">';
print $product_static->getNomUrl(1);
print "</td>\n";
if (! $i) $totalarray['nbfield']++;
@ -724,7 +724,7 @@ else
// Ref supplier
if (! empty($arrayfields['pfp.ref_fourn']['checked']))
{
print '<td class="tdoverflowmax150">';
print '<td class="tdoverflowmax200">';
print $product_static->getNomUrl(1);
print "</td>\n";
if (! $i) $totalarray['nbfield']++;

4
htdocs/societe/card.php
View File

@ -1230,7 +1230,7 @@ else
print '<td class="nowrap">';
$s = '<input type="text" class="flat maxwidthonsmartphone" name="tva_intra" id="intra_vat" maxlength="20" value="'.$object->tva_intra.'">';
if (empty($conf->global->MAIN_DISABLEVATCHECK))
if (empty($conf->global->MAIN_DISABLEVATCHECK) && isInEEC($object))
{
$s.=' ';
@ -1849,7 +1849,7 @@ else
print '<td colspan="3">';
$s ='<input type="text" class="flat maxwidthonsmartphone" name="tva_intra" id="intra_vat" maxlength="20" value="'.$object->tva_intra.'">';
if (empty($conf->global->MAIN_DISABLEVATCHECK))
if (empty($conf->global->MAIN_DISABLEVATCHECK) && isInEEC($object))
{
$s.=' &nbsp; ';

112
htdocs/viewimage.php
View File

@ -20,8 +20,10 @@
/**
* \file htdocs/viewimage.php
* \brief Wrapper to show images into Dolibarr screens
* \remarks Call to wrapper is '<img src="'.DOL_URL_ROOT.'/viewimage.php?modulepart=diroffile&file=relativepathofofile&cache=0">'
* \brief Wrapper to show images into Dolibarr screens.
* \remarks Call to wrapper is :
* DOL_URL_ROOT.'/viewimage.php?modulepart=diroffile&file=relativepathofofile&cache=0
* DOL_URL_ROOT.'/viewimage.php?hashp=sharekey
*/
//if (! defined('NOREQUIREUSER')) define('NOREQUIREUSER','1'); // Not disabled cause need to load personalized language
@ -35,7 +37,16 @@ if (! defined('NOREQUIREHTML')) define('NOREQUIREHTML','1');
if (! defined('NOREQUIREAJAX')) define('NOREQUIREAJAX','1');
if (! defined('NOREQUIREHOOK')) define('NOREQUIREHOOK','1'); // Disable "main.inc.php" hooks
// Some value of modulepart can be used to get resources that are public so no login are required.
if ((isset($_GET["modulepart"]) && ($_GET["modulepart"] == 'mycompany' || $_GET["modulepart"] == 'companylogo')) && ! defined("NOLOGIN")) define("NOLOGIN",'1');
if ((isset($_GET["modulepart"]) && ($_GET["modulepart"] == 'mycompany' || $_GET["modulepart"] == 'companylogo')) && ! defined("NOLOGIN"))
{
define("NOLOGIN",'1');
}
// For direct external download link, we don't need to load/check we are into a login session
if (isset($_GET["hashp"]) && ! defined("NOLOGIN"))
{
define("NOLOGIN",1);
}
// Some value of modulepart can be used to get resources that are public so no login are required.
if ((isset($_GET["modulepart"]) && $_GET["modulepart"] == 'medias') && ! defined("NOLOGIN"))
{
define("NOLOGIN",'1');
@ -57,18 +68,20 @@ function llxHeader() { }
*/
function llxFooter() { }
require 'main.inc.php';
require 'main.inc.php'; // Load $user and permissions
require_once DOL_DOCUMENT_ROOT.'/core/lib/files.lib.php';
$action=GETPOST('action','alpha');
$original_file=GETPOST("file",'alpha');
$original_file=GETPOST('file','alpha'); // Do not use urldecode here ($_GET are already decoded by PHP).
$hashp=GETPOST('hashp','aZ09');
$modulepart=GETPOST('modulepart','alpha');
$urlsource=GETPOST("urlsource",'alpha');
$urlsource=GETPOST('urlsource','alpha');
$entity=GETPOST('entity','int')?GETPOST('entity','int'):$conf->entity;
// Security check
if (empty($modulepart)) accessforbidden('Bad value for parameter modulepart');
if (empty($modulepart) && empty($hashp)) accessforbidden('Bad link. Bad value for parameter modulepart',0,0,1);
if (empty($original_file) && empty($hashp)) accessforbidden('Bad link. Missing identification to find file (original_file or hashp)',0,0,1);
if ($modulepart == 'fckeditor') $modulepart='medias'; // For backward compatibility
@ -97,9 +110,45 @@ if (GETPOST("cache",'alpha'))
//print $dolibarr_nocache; exit;
}
// If we have a hash public (hashp), we guess the original_file.
if (! empty($hashp))
{
include_once DOL_DOCUMENT_ROOT.'/ecm/class/ecmfiles.class.php';
$ecmfile=new EcmFiles($db);
$result = $ecmfile->fetch(0, '', '', '', $hashp);
if ($result > 0)
{
$tmp = explode('/', $ecmfile->filepath, 2); // $ecmfile->filepath is relative to document directory
$moduleparttocheck = $tmp[0];
if ($modulepart) // Not required for link using public hashp
{
if ($moduleparttocheck == $modulepart)
{
// We remove first level of directory
$original_file = (($tmp[1]?$tmp[1].'/':'').$ecmfile->filename); // this is relative to module dir
//var_dump($original_file); exit;
}
else
{
accessforbidden('Bad link. File is from another module part.',0,0,1);
}
}
else
{
$modulepart = $moduleparttocheck;
$original_file = (($tmp[1]?$tmp[1].'/':'').$ecmfile->filename); // this is relative to module dir
}
}
else
{
$langs->load("errors");
accessforbidden($langs->trans("ErrorFileNotFoundWithSharedLink"),0,0,1);
}
}
// Define mime type
$type = 'application/octet-stream';
if (! empty($_GET["type"])) $type=$_GET["type"];
if (GETPOST('type','alpha')) $type=GETPOST('type','alpha');
else $type=dol_mimetype($original_file);
// Security: Delete string ../ into $original_file
@ -110,16 +159,49 @@ $refname=basename(dirname($original_file)."/");
// Security check
if (empty($modulepart)) accessforbidden('Bad value for parameter modulepart');
$check_access = dol_check_secure_access_document($modulepart,$original_file,$entity,$refname);
$check_access = dol_check_secure_access_document($modulepart, $original_file, $entity, $refname);
$accessallowed = $check_access['accessallowed'];
$sqlprotectagainstexternals = $check_access['sqlprotectagainstexternals'];
$fullpath_original_file = $check_access['original_file'];
$fullpath_original_file = $check_access['original_file']; // $fullpath_original_file is now a full path name
if (! empty($hashp))
{
$accessallowed = 1; // When using hashp, link is public so we force $accessallowed
$sqlprotectagainstexternals = '';
}
else
{
// Basic protection (against external users only)
if ($user->societe_id > 0)
{
if ($sqlprotectagainstexternals)
{
$resql = $db->query($sqlprotectagainstexternals);
if ($resql)
{
$num=$db->num_rows($resql);
$i=0;
while ($i < $num)
{
$obj = $db->fetch_object($resql);
if ($user->societe_id != $obj->fk_soc)
{
$accessallowed=0;
break;
}
$i++;
}
}
}
}
}
// Security:
// Limit access if permissions are wrong
if (! $accessallowed)
{
accessforbidden();
accessforbidden();
}
// Security:
@ -128,7 +210,7 @@ if (preg_match('/\.\./',$fullpath_original_file) || preg_match('/[<>|]/',$fullpa
{
dol_syslog("Refused to deliver file ".$fullpath_original_file);
print "ErrorFileNameInvalid: ".$original_file;
exit;
exit;
}
@ -174,8 +256,10 @@ else // Open and return file
{
clearstatcache();
$filename = basename($fullpath_original_file);
// Output files on browser
dol_syslog("viewimage.php return file $fullpath_original_file content-type=$type");
dol_syslog("viewimage.php return file $fullpath_original_file filename=$filename content-type=$type");
// This test is to avoid error images when image is not available (for example thumbs).
if (! dol_is_file($fullpath_original_file) && empty($_GET["noalt"]))
@ -186,7 +270,7 @@ else // Open and return file
exit;*/
}
// Les drois sont ok et fichier trouve
// Permissions are ok and file found, so we return it
if ($type)
{
top_httphead($type);

2
htdocs/website/class/websitepage.class.php
View File

@ -59,10 +59,12 @@ class WebsitePage extends CommonObject
public $keywords;
public $htmlheader;
public $content;
public $grabbed_from;
public $status;
public $date_creation;
public $date_modification;
// BEGIN MODULEBUILDER PROPERTIES
/**
* @var array Array with all fields and their property. Do not use it as a static var. It may be modified by constructor.

24
htdocs/website/index.php
View File

@ -1476,6 +1476,12 @@ if (count($object->records) > 0)
//print '<input type="submit" class="button" name="refreshpage" value="'.$langs->trans("Load").'"'.($atleastonepage?'':' disabled="disabled"').'>';
print '<input type="image" class="valignbottom" src="'.img_picto('', 'refresh', '', 0, 1).'" name="refreshpage" value="'.$langs->trans("Load").'"'.($atleastonepage?'':' disabled="disabled"').'>';
$websitepage = new WebSitePage($db);
if ($pageid > 0 && ($action == 'preview' || $action == 'createfromclone' || $action == 'createpagefromclone'))
{
$websitepage->fetch($pageid);
}
if ($action == 'preview' || $action == 'createfromclone' || $action == 'createpagefromclone')
{
$disabled='';
@ -1516,7 +1522,15 @@ if (count($object->records) > 0)
print ' &nbsp; ';
print '<input type="submit" class="button nobordertransp"'.$disabled.' value="'.dol_escape_htmltag($langs->trans("EditPageMeta")).'" name="editmeta">';
print '<input type="submit" class="button nobordertransp"'.$disabled.' value="'.dol_escape_htmltag($langs->trans("EditWithEditor")).'" name="editcontent">';
if ($websitepage->grabbed_from)
{
print '<input type="submit" class="button nobordertransp" disabled="disabled" title="'.dol_escape_htmltag($langs->trans("OnlyEditionOfSourceForGrabbedContent")).'" value="'.dol_escape_htmltag($langs->trans("EditWithEditor")).'" name="editcontent">';
}
else
{
print '<input type="submit" class="button nobordertransp"'.$disabled.' value="'.dol_escape_htmltag($langs->trans("EditWithEditor")).'" name="editcontent">';
}
print '<input type="submit" class="button nobordertransp"'.$disabled.' value="'.dol_escape_htmltag($langs->trans("EditHTMLSource")).'" name="editsource">';
if ($object->fk_default_home > 0 && $pageid == $object->fk_default_home) print '<input type="submit" class="button nobordertransp" disabled="disabled" value="'.dol_escape_htmltag($langs->trans("SetAsHomePage")).'" name="setashome">';
else print '<input type="submit" class="button nobordertransp"'.$disabled.' value="'.dol_escape_htmltag($langs->trans("SetAsHomePage")).'" name="setashome">';
@ -1529,11 +1543,8 @@ if (count($object->records) > 0)
print '<div class="websitetools">';
if ($website && $pageid > 0 && ($action == 'preview' || $action == 'createfromclone' || $action == 'createpagefromclone'))
if ($pageid > 0 && ($action == 'preview' || $action == 'createfromclone' || $action == 'createpagefromclone'))
{
$websitepage = new WebSitePage($db);
$websitepage->fetch($pageid);
$realpage=$urlwithroot.'/public/website/index.php?website='.$website.'&pageref='.$websitepage->pageurl;
$pagealias = $websitepage->pageurl;
@ -1894,8 +1905,9 @@ if ($action == 'editmeta' || $action == 'createcontainer')
print '<tr><td class="titlefield">';
print $langs->trans("URL");
print '</td><td>';
print '<input class="flat minwidth300" type="text" name="externalurl" value="'.dol_escape_htmltag(GETPOST('externalurl','alpha')).'" placeholder="http://externalsite/pagetofetch"> ';
print '<input class="flat minwidth300" type="text" name="externalurl" value="'.dol_escape_htmltag(GETPOST('externalurl','alpha')).'" placeholder="https://externalsite/pagetofetch"> ';
print '<input class="button" type="submit" name="fetchexternalurl" value="'.dol_escape_htmltag($langs->trans("FetchAndCreate")).'">';
print '<br><br>'.info_admin($langs->trans("OnlyEditionOfSourceForGrabbedContentFuture"), 0, 0, '1');
print '</td></tr>';
print '</table>';

4
test/phpunit/CodingPhpTest.php
View File

@ -196,10 +196,10 @@ class CodingPhpTest extends PHPUnit_Framework_TestCase
$ok=true;
$matches=array();
// Check string ='".$this->xxx with xxx that is not 'escape'. It means we forget a db->escape when forging sql request.
preg_match_all('/(...................)\$_SERVER\[\'QUERY_STRING\'\]/', $filecontent, $matches, PREG_SET_ORDER);
preg_match_all('/(..............)\$_SERVER\[\'QUERY_STRING\'\]/', $filecontent, $matches, PREG_SET_ORDER);
foreach($matches as $key => $val)
{
if ($val[1] != 'dol_escape_htmltag(' && $val[1] != 'l_string_nohtmltag(')
if ($val[1] != 'scape_htmltag(' && $val[1] != 'ing_nohtmltag(' && $val[1] != 'dol_escape_js(')
{
$ok=false;
break;