lainwir3d/dolibarr
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge branch 'develop' into NEW_deposit_payment_terms

Browse Source
This commit is contained in:
Laurent Destailleur 2021-10-04 19:06:42 +02:00 committed by GitHub
commit 950fccc186
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
181 changed files with 2314 additions and 907 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
README.md
View File

@ -154,18 +154,18 @@ See the [ChangeLog](https://github.com/Dolibarr/dolibarr/blob/develop/ChangeLog)
### Other application/modules
- Electronic Document Management (EDM)
- Electronic Document Management (EDM)
- Bookmarks management
- Reporting
- Data export/import
- Barcodes
- Barcodes
- Margin calculations
- LDAP connectivity
- ClickToDial integration
- Mass emailing
- RSS integration
- Skype integration
- Social platforms linking
- Social platforms linking
- Payment platforms integration (PayPal, Stripe, Paybox...)
- Email-Collector
@ -179,14 +179,11 @@ See the [ChangeLog](https://github.com/Dolibarr/dolibarr/blob/develop/ChangeLog)
- Multi-Users and groups with finely grained rights
- Multi-Currency
- Multi-Company (by adding of an external module)
- Very user friendly and easy to use
- customizable Dashboard
- Highly customizable: enable only the modules you need, add user personalized fields, choose your skin, several menu managers (can be used by internal users as a back-office with a particular menu, or by external users as a front-office with another one)
- APIs (REST, SOAP)
- Code that is easy to understand, maintain and develop (PHP with no heavy framework; trigger and hook architecture)
- Support a lot of country specific features:
- Spanish Tax RE and ISPF
- French NPR VAT rate (VAT called "Non Perçue Récupérable" for DOM-TOM)
@ -197,7 +194,7 @@ See the [ChangeLog](https://github.com/Dolibarr/dolibarr/blob/develop/ChangeLog)
- Compatible with European GDPR rules
- ...
- Flexible PDF & ODT generation for invoices, proposals, orders...
-
- ...
### System Environment / Requirements

4
SECURITY.md
View File

@ -54,12 +54,12 @@ ONLY vulnerabilities discovered, when the following setup on test platform is us
* $dolibarr_main_prod must be set to 1 into conf.php
* $dolibarr_nocsrfcheck must be kept to the value 0 into conf.php (this is the default value)
* $dolibarr_main_force_https must be set to something else than 0.
* The constant MAIN_SECURITY_CSRF_WITH_TOKEN must be set to 2 into backoffice menu Home - Setup - Other (this protection should be set to 2 soon by default)
* The constant MAIN_SECURITY_CSRF_WITH_TOKEN must be set to 3 into backoffice menu Home - Setup - Other (this protection should be set to 3 soon by default)
* The module DebugBar and ModuleBuilder must NOT be enabled (by default, these modules are not enabled. They are developer tools)
* ONLY security reports on modules provided by default and with the "stable" status are valid (troubles into "experimental", "developement" or external modules are not valid vulnerabilities).
* The root of web server must link to htdocs and the documents directory must be outside of the web server root (this is the default when using the default installer but may differs with external installer).
* The web server setup must be done so only the documents directory is in write mode. The root directory called htdocs must be readonly.
* CSRF attacks are accepted when using a POST URL, but when using GET URL, they are validated only for creating, updating or deleting data resctricted from pages restricted to admin users.
* CSRF attacks are accepted but double check that you have set MAIN_SECURITY_CSRF_WITH_TOKEN to value 3.
* Ability for a high level user to edit web site pages into the CMS by including HTML or Javascript is an expected feature. Vulnerabilities into the website module are validated only if HTML or Javascript injection can be done by a non allowed user.
Scope is the web application (back office) and the APIs.

2
htdocs/accountancy/admin/account.php
View File

@ -195,7 +195,7 @@ if (empty($reshook)) {
} elseif ($action == 'enable' && $permissiontoadd) {
if ($accounting->fetch($id)) {
$mode = GETPOST('mode', 'int');
$result = $accounting->account_activate($id, $mode);
$result = $accounting->accountActivate($id, $mode);
}
$action = 'update';
if ($result < 0) {

6
htdocs/accountancy/admin/card.php
View File

@ -75,7 +75,7 @@ if ($action == 'add' && $user->rights->accounting->chartofaccount) {
setEventMessages($langs->trans("ErrorFieldRequired", $langs->transnoentities("Label")), null, 'errors');
$action = 'create';
} else {
$sql = 'SELECT pcg_version FROM ' . MAIN_DB_PREFIX . 'accounting_system WHERE rowid='.((int) $conf->global->CHARTOFACCOUNTS);
$sql = "SELECT pcg_version FROM " . MAIN_DB_PREFIX . "accounting_system WHERE rowid = ".((int) $conf->global->CHARTOFACCOUNTS);
dol_syslog('accountancy/admin/card.php:: $sql=' . $sql);
$result = $db->query($sql);
@ -138,7 +138,7 @@ if ($action == 'add' && $user->rights->accounting->chartofaccount) {
} else {
$result = $object->fetch($id);
$sql = 'SELECT pcg_version FROM '.MAIN_DB_PREFIX.'accounting_system WHERE rowid='.((int) $conf->global->CHARTOFACCOUNTS);
$sql = "SELECT pcg_version FROM ".MAIN_DB_PREFIX."accounting_system WHERE rowid=".((int) $conf->global->CHARTOFACCOUNTS);
dol_syslog('accountancy/admin/card.php:: $sql=' . $sql);
$result2 = $db->query($sql);
@ -260,7 +260,7 @@ if ($action == 'create') {
print '<input type="text" name="pcg_type" list="pcg_type_datalist" value="'.dol_escape_htmltag(GETPOSTISSET('pcg_type') ? GETPOST('pcg_type', 'alpha') : $object->pcg_type).'">';
// autosuggest from existing account types if found
print '<datalist id="pcg_type_datalist">';
$sql = 'SELECT DISTINCT pcg_type FROM ' . MAIN_DB_PREFIX . 'accounting_account';
$sql = "SELECT DISTINCT pcg_type FROM " . MAIN_DB_PREFIX . "accounting_account";
$sql .= " WHERE fk_pcg_version = '" . $db->escape($accountsystem->ref) . "'";
$sql .= ' AND entity in ('.getEntity('accounting_account', 0).')'; // Always limit to current entity. No sharing in accountancy.
$sql .= ' LIMIT 50000'; // just as a sanity check

29
htdocs/accountancy/admin/productaccount.php
View File

@ -186,12 +186,28 @@ if ($action == 'update') {
$msg .= '<div><span style="color:red">'.$langs->trans("ErrorDB").' : '.$langs->trans("Product").' '.$productid.' '.$langs->trans("NotVentilatedinAccount").' : id='.$accounting_account_id.'<br> <pre>'.$sql.'</pre></span></div>';
$ko++;
} else {
$db->begin();
$sql = '';
if (!empty($conf->global->MAIN_PRODUCT_PERENTITY_SHARED)) {
$sql = "INSERT INTO ".MAIN_DB_PREFIX."product_perentity (fk_product, entity, '".$db->escape($accountancy_field_name)."')";
$sql .= " VALUES (".((int) $productid).", ".((int) $conf->entity).", '".$db->escape($accounting->account_number)."')";
$sql .= " ON DUPLICATE KEY UPDATE ".$accountancy_field_name." = '".$db->escape($accounting->account_number)."'";
$sql_exists = "SELECT rowid FROM " . MAIN_DB_PREFIX . "product_perentity";
$sql_exists .= " WHERE fk_product = " . ((int) $productid) . " AND entity = " . ((int) $conf->entity);
$resql_exists = $db->query($sql_exists);
if (!$resql_exists) {
$msg .= '<div><span style="color:red">'.$langs->trans("ErrorDB").' : '.$langs->trans("Product").' '.$productid.' '.$langs->trans("NotVentilatedinAccount").' : id='.$accounting_account_id.'<br> <pre>'.$resql_exists.'</pre></span></div>';
$ko++;
} else {
$nb_exists = $db->num_rows($resql_exists);
if ($nb_exists <= 0) {
// insert
$sql = "INSERT INTO " . MAIN_DB_PREFIX . "product_perentity (fk_product, entity, '" . $db->escape($accountancy_field_name) . "')";
$sql .= " VALUES (" . ((int) $productid) . ", " . ((int) $conf->entity) . ", '" . $db->escape($accounting->account_number) . "')";
} else {
$obj_exists = $db->fetch_object($resql_exists);
// update
$sql = "UPDATE " . MAIN_DB_PREFIX . "product_perentity";
$sql .= " SET " . $accountancy_field_name . " = '" . $db->escape($accounting->account_number) . "'";
$sql .= " WHERE rowid = " . ((int) $obj_exists->rowid);
}
}
} else {
$sql = " UPDATE ".MAIN_DB_PREFIX."product";
$sql .= " SET ".$accountancy_field_name." = '".$db->escape($accounting->account_number)."'";
@ -199,6 +215,9 @@ if ($action == 'update') {
}
dol_syslog("/accountancy/admin/productaccount.php", LOG_DEBUG);
$db->begin();
if ($db->query($sql)) {
$ok++;
$db->commit();

310
htdocs/accountancy/class/accountingaccount.class.php
View File

@ -26,6 +26,9 @@
* \brief File of class to manage accounting accounts
*/
require_once DOL_DOCUMENT_ROOT.'/product/class/product.class.php';
require_once DOL_DOCUMENT_ROOT.'/societe/class/societe.class.php';
require_once DOL_DOCUMENT_ROOT.'/compta/facture/class/facture.class.php';
/**
* Class to manage accounting accounts
*/
@ -140,6 +143,11 @@ class AccountingAccount extends CommonObject
*/
public $reconcilable;
/**
* @var array cache array
*/
private $accountingaccount_codetotid_cache = array();
/**
* Constructor
*
@ -225,8 +233,8 @@ class AccountingAccount extends CommonObject
/**
* Insert new accounting account in chart of accounts
*
* @param User $user User making action
* @param int $notrigger Disable triggers
* @param User $user User making action
* @param int $notrigger Disable triggers
* @return int <0 if KO, >0 if OK
*/
public function create($user, $notrigger = 0)
@ -259,7 +267,7 @@ class AccountingAccount extends CommonObject
// Put here code to add control on parameters values
// Insert request
$sql = "INSERT INTO ".MAIN_DB_PREFIX."accounting_account(";
$sql = "INSERT INTO " . MAIN_DB_PREFIX . "accounting_account(";
$sql .= "datec";
$sql .= ", entity";
$sql .= ", fk_pcg_version";
@ -293,11 +301,11 @@ class AccountingAccount extends CommonObject
$resql = $this->db->query($sql);
if (!$resql) {
$error++;
$this->errors[] = "Error ".$this->db->lasterror();
$this->errors[] = "Error " . $this->db->lasterror();
}
if (!$error) {
$this->id = $this->db->last_insert_id(MAIN_DB_PREFIX."accounting_account");
$this->id = $this->db->last_insert_id(MAIN_DB_PREFIX . "accounting_account");
// Uncomment this and change MYOBJECT to your own tag if you
// want this action to call a trigger.
@ -313,8 +321,8 @@ class AccountingAccount extends CommonObject
// Commit or rollback
if ($error) {
foreach ($this->errors as $errmsg) {
dol_syslog(get_class($this)."::create ".$errmsg, LOG_ERR);
$this->error .= ($this->error ? ', '.$errmsg : $errmsg);
dol_syslog(get_class($this) . "::create " . $errmsg, LOG_ERR);
$this->error .= ($this->error ? ', ' . $errmsg : $errmsg);
}
$this->db->rollback();
return -1 * $error;
@ -327,7 +335,7 @@ class AccountingAccount extends CommonObject
/**
* Update record
*
* @param User $user Use making update
* @param User $user Use making update
* @return int <0 if KO, >0 if OK
*/
public function update($user)
@ -339,18 +347,18 @@ class AccountingAccount extends CommonObject
$this->db->begin();
$sql = "UPDATE ".MAIN_DB_PREFIX."accounting_account ";
$sql .= " SET fk_pcg_version = ".($this->fk_pcg_version ? "'".$this->db->escape($this->fk_pcg_version)."'" : "null");
$sql .= " , pcg_type = ".($this->pcg_type ? "'".$this->db->escape($this->pcg_type)."'" : "null");
$sql .= " , account_number = '".$this->db->escape($this->account_number)."'";
$sql .= " , account_parent = ".(int) $this->account_parent;
$sql .= " , label = ".($this->label ? "'".$this->db->escape($this->label)."'" : "''");
$sql .= " , labelshort = ".($this->labelshort ? "'".$this->db->escape($this->labelshort)."'" : "''");
$sql .= " , fk_accounting_category = ".(empty($this->account_category) ? 0 : (int) $this->account_category);
$sql .= " , fk_user_modif = ".((int) $user->id);
$sql .= " , active = ".(int) $this->active;
$sql .= " , reconcilable = ".(int) $this->reconcilable;
$sql .= " WHERE rowid = ".((int) $this->id);
$sql = "UPDATE " . MAIN_DB_PREFIX . "accounting_account ";
$sql .= " SET fk_pcg_version = " . ($this->fk_pcg_version ? "'" . $this->db->escape($this->fk_pcg_version) . "'" : "null");
$sql .= " , pcg_type = " . ($this->pcg_type ? "'" . $this->db->escape($this->pcg_type) . "'" : "null");
$sql .= " , account_number = '" . $this->db->escape($this->account_number) . "'";
$sql .= " , account_parent = " . (int) $this->account_parent;
$sql .= " , label = " . ($this->label ? "'" . $this->db->escape($this->label) . "'" : "''");
$sql .= " , labelshort = " . ($this->labelshort ? "'" . $this->db->escape($this->labelshort) . "'" : "''");
$sql .= " , fk_accounting_category = " . (empty($this->account_category) ? 0 : (int) $this->account_category);
$sql .= " , fk_user_modif = " . ((int) $user->id);
$sql .= " , active = " . (int) $this->active;
$sql .= " , reconcilable = " . (int) $this->reconcilable;
$sql .= " WHERE rowid = " . ((int) $this->id);
dol_syslog(get_class($this)."::update", LOG_DEBUG);
$result = $this->db->query($sql);
@ -413,22 +421,22 @@ class AccountingAccount extends CommonObject
$this->db->begin();
if (!$error) {
$sql = "DELETE FROM ".MAIN_DB_PREFIX."accounting_account";
$sql .= " WHERE rowid=".((int) $this->id);
$sql = "DELETE FROM " . MAIN_DB_PREFIX . "accounting_account";
$sql .= " WHERE rowid=" . ((int) $this->id);
dol_syslog(get_class($this)."::delete sql=".$sql);
dol_syslog(get_class($this) . "::delete sql=" . $sql);
$resql = $this->db->query($sql);
if (!$resql) {
$error++;
$this->errors[] = "Error ".$this->db->lasterror();
$this->errors[] = "Error " . $this->db->lasterror();
}
}
// Commit or rollback
if ($error) {
foreach ($this->errors as $errmsg) {
dol_syslog(get_class($this)."::delete ".$errmsg, LOG_ERR);
$this->error .= ($this->error ? ', '.$errmsg : $errmsg);
dol_syslog(get_class($this) . "::delete " . $errmsg, LOG_ERR);
$this->error .= ($this->error ? ', ' . $errmsg : $errmsg);
}
$this->db->rollback();
return -1 * $error;
@ -444,20 +452,20 @@ class AccountingAccount extends CommonObject
/**
* Return clicable name (with picto eventually)
*
* @param int $withpicto 0=No picto, 1=Include picto into link, 2=Only picto
* @param int $withlabel 0=No label, 1=Include label of account
* @param int $nourl 1=Disable url
* @param string $moretitle Add more text to title tooltip
* @param int $notooltip 1=Disable tooltip
* @param int $save_lastsearch_value -1=Auto, 0=No save of lastsearch_values when clicking, 1=Save lastsearch_values whenclicking
* @param int $withcompletelabel 0=Short label (field short label), 1=Complete label (field label)
* @param string $option 'ledger', 'journals', 'accountcard'
* @return string String with URL
* @param int $withpicto 0=No picto, 1=Include picto into link, 2=Only picto
* @param int $withlabel 0=No label, 1=Include label of account
* @param int $nourl 1=Disable url
* @param string $moretitle Add more text to title tooltip
* @param int $notooltip 1=Disable tooltip
* @param int $save_lastsearch_value -1=Auto, 0=No save of lastsearch_values when clicking, 1=Save lastsearch_values whenclicking
* @param int $withcompletelabel 0=Short label (field short label), 1=Complete label (field label)
* @param string $option 'ledger', 'journals', 'accountcard'
* @return string String with URL
*/
public function getNomUrl($withpicto = 0, $withlabel = 0, $nourl = 0, $moretitle = '', $notooltip = 0, $save_lastsearch_value = -1, $withcompletelabel = 0, $option = '')
{
global $langs, $conf;
require_once DOL_DOCUMENT_ROOT.'/core/lib/accounting.lib.php';
require_once DOL_DOCUMENT_ROOT . '/core/lib/accounting.lib.php';
if (!empty($conf->dol_no_mouse_hover)) {
$notooltip = 1; // Force disable tooltips
@ -465,15 +473,16 @@ class AccountingAccount extends CommonObject
$result = '';
$url = ''; $labelurl = '';
$url = '';
$labelurl = '';
if (empty($option) || $option == 'ledger') {
$url = DOL_URL_ROOT.'/accountancy/bookkeeping/listbyaccount.php?search_accountancy_code_start='.urlencode($this->account_number).'&search_accountancy_code_end='.urlencode($this->account_number);
$url = DOL_URL_ROOT . '/accountancy/bookkeeping/listbyaccount.php?search_accountancy_code_start=' . urlencode($this->account_number) . '&search_accountancy_code_end=' . urlencode($this->account_number);
$labelurl = $langs->trans("ShowAccountingAccountInLedger");
} elseif ($option == 'journals') {
$url = DOL_URL_ROOT.'/accountancy/bookkeeping/list.php?search_accountancy_code_start='.urlencode($this->account_number).'&search_accountancy_code_end='.urlencode($this->account_number);
$url = DOL_URL_ROOT . '/accountancy/bookkeeping/list.php?search_accountancy_code_start=' . urlencode($this->account_number) . '&search_accountancy_code_end=' . urlencode($this->account_number);
$labelurl = $langs->trans("ShowAccountingAccountInJournals");
} elseif ($option == 'accountcard') {
$url = DOL_URL_ROOT.'/accountancy/admin/card.php?id='.urlencode($this->id);
$url = DOL_URL_ROOT . '/accountancy/admin/card.php?id=' . urlencode($this->id);
$labelurl = $langs->trans("ShowAccountingAccount");
}
@ -495,29 +504,29 @@ class AccountingAccount extends CommonObject
$labeltoshow = $this->labelshort;
}
$label = '<u>'.$labelurl.'</u>';
$label = '<u>' . $labelurl . '</u>';
if (!empty($this->account_number)) {
$label .= '<br><b>'.$langs->trans('AccountAccounting').':</b> '.length_accountg($this->account_number);
$label .= '<br><b>' . $langs->trans('AccountAccounting') . ':</b> ' . length_accountg($this->account_number);
}
if (!empty($labeltoshow)) {
$label .= '<br><b>'.$langs->trans('Label').':</b> '.$labeltoshow;
$label .= '<br><b>' . $langs->trans('Label') . ':</b> ' . $labeltoshow;
}
if ($moretitle) {
$label .= ' - '.$moretitle;
$label .= ' - ' . $moretitle;
}
$linkclose = '';
if (empty($notooltip)) {
if (!empty($conf->global->MAIN_OPTIMIZEFORTEXTBROWSER)) {
$label = $labelurl;
$linkclose .= ' alt="'.dol_escape_htmltag($label, 1).'"';
$linkclose .= ' alt="' . dol_escape_htmltag($label, 1) . '"';
}
$linkclose .= ' title="'.dol_escape_htmltag($label, 1).'"';
$linkclose .= ' title="' . dol_escape_htmltag($label, 1) . '"';
$linkclose .= ' class="classfortooltip"';
}
$linkstart = '<a href="'.$url.'"';
$linkstart .= $linkclose.'>';
$linkstart = '<a href="' . $url . '"';
$linkstart .= $linkclose . '>';
$linkend = '</a>';
if ($nourl) {
@ -528,17 +537,17 @@ class AccountingAccount extends CommonObject
$label_link = length_accountg($this->account_number);
if ($withlabel) {
$label_link .= ' - '.($nourl ? '<span class="opacitymedium">' : '').$labeltoshow.($nourl ? '</span>' : '');
$label_link .= ' - ' . ($nourl ? '<span class="opacitymedium">' : '') . $labeltoshow . ($nourl ? '</span>' : '');
}
if ($withpicto) {
$result .= ($linkstart.img_object(($notooltip ? '' : $label), $picto, ($notooltip ? '' : 'class="classfortooltip"'), 0, 0, $notooltip ? 0 : 1).$linkend);
$result .= ($linkstart . img_object(($notooltip ? '' : $label), $picto, ($notooltip ? '' : 'class="classfortooltip"'), 0, 0, $notooltip ? 0 : 1) . $linkend);
}
if ($withpicto && $withpicto != 2) {
$result .= ' ';
}
if ($withpicto != 2) {
$result .= $linkstart.$label_link.$linkend;
$result .= $linkstart . $label_link . $linkend;
}
return $result;
}
@ -552,10 +561,10 @@ class AccountingAccount extends CommonObject
public function info($id)
{
$sql = 'SELECT a.rowid, a.datec, a.fk_user_author, a.fk_user_modif, a.tms';
$sql .= ' FROM '.MAIN_DB_PREFIX.'accounting_account as a';
$sql .= ' WHERE a.rowid = '.((int) $id);
$sql .= ' FROM ' . MAIN_DB_PREFIX . 'accounting_account as a';
$sql .= ' WHERE a.rowid = ' . ((int) $id);
dol_syslog(get_class($this).'::info sql='.$sql);
dol_syslog(get_class($this) . '::info sql=' . $sql);
$result = $this->db->query($sql);
if ($result) {
@ -584,8 +593,8 @@ class AccountingAccount extends CommonObject
/**
* Deactivate an account (for status active or status reconcilable)
*
* @param int $id Id
* @param int $mode 0=field active, 1=field reconcilable
* @param int $id Id
* @param int $mode 0=field active, 1=field reconcilable
* @return int <0 if KO, >0 if OK
*/
public function accountDeactivate($id, $mode = 0)
@ -620,15 +629,15 @@ class AccountingAccount extends CommonObject
}
}
// phpcs:disable PEAR.NamingConventions.ValidFunctionName.ScopeNotCamelCaps
/**
* Account activated
*
* @param int $id Id
* @param int $mode 0=field active, 1=field reconcilable
* @param int $id Id
* @param int $mode 0=field active, 1=field reconcilable
* @return int <0 if KO, >0 if OK
*/
public function account_activate($id, $mode = 0)
public function accountActivate($id, $mode = 0)
{
// phpcs:enable
$this->db->begin();
@ -654,12 +663,11 @@ class AccountingAccount extends CommonObject
}
}
/**
* Retourne le libelle du statut d'un user (actif, inactif)
*
* @param int $mode 0=libelle long, 1=libelle court, 2=Picto + Libelle court, 3=Picto, 4=Picto + Libelle long, 5=Libelle court + Picto
* @return string Label of status
* @param int $mode 0=libelle long, 1=libelle court, 2=Picto + Libelle court, 3=Picto, 4=Picto + Libelle long, 5=Libelle court + Picto
* @return string Label of status
*/
public function getLibStatut($mode = 0)
{
@ -670,9 +678,9 @@ class AccountingAccount extends CommonObject
/**
* Renvoi le libelle d'un statut donne
*
* @param int $status Id status
* @param int $mode 0=libelle long, 1=libelle court, 2=Picto + Libelle court, 3=Picto, 4=Picto + Libelle long, 5=Libelle court + Picto
* @return string Label of status
* @param int $status Id status
* @param int $mode 0=libelle long, 1=libelle court, 2=Picto + Libelle court, 3=Picto, 4=Picto + Libelle long, 5=Libelle court + Picto
* @return string Label of status
*/
public function LibStatut($status, $mode = 0)
{
@ -694,9 +702,9 @@ class AccountingAccount extends CommonObject
}
} elseif ($mode == 2) {
if ($status == 1) {
return img_picto($langs->trans('Enabled'), 'statut4').' '.$langs->trans('Enabled');
return img_picto($langs->trans('Enabled'), 'statut4') . ' ' . $langs->trans('Enabled');
} elseif ($status == 0) {
return img_picto($langs->trans('Disabled'), 'statut5').' '.$langs->trans('Disabled');
return img_picto($langs->trans('Disabled'), 'statut5') . ' ' . $langs->trans('Disabled');
}
} elseif ($mode == 3) {
if ($status == 1) {
@ -706,15 +714,173 @@ class AccountingAccount extends CommonObject
}
} elseif ($mode == 4) {
if ($status == 1) {
return img_picto($langs->trans('Enabled'), 'statut4').' '.$langs->trans('Enabled');
return img_picto($langs->trans('Enabled'), 'statut4') . ' ' . $langs->trans('Enabled');
} elseif ($status == 0) {
return img_picto($langs->trans('Disabled'), 'statut5').' '.$langs->trans('Disabled');
return img_picto($langs->trans('Disabled'), 'statut5') . ' ' . $langs->trans('Disabled');
}
} elseif ($mode == 5) {
if ($status == 1) {
return $langs->trans('Enabled').' '.img_picto($langs->trans('Enabled'), 'statut4');
return $langs->trans('Enabled') . ' ' . img_picto($langs->trans('Enabled'), 'statut4');
} elseif ($status == 0) {
return $langs->trans('Disabled').' '.img_picto($langs->trans('Disabled'), 'statut5');
return $langs->trans('Disabled') . ' ' . img_picto($langs->trans('Disabled'), 'statut5');
}
}
}
// phpcs:disable PEAR.NamingConventions.ValidFunctionName.ScopeNotCamelCaps
/**
* Return Suggest accounting accounts to bind
*
* @param Societe $buyer Societe Object Buyers
* @param $seller Company Object seller
* @param Product $product Product object sell or buy
* @param Facture $facture Facture
* @param FactureLigne $factureDet Facture Det
* @param array $accountingAccount array of Account account
*
* @return array Accounting accounts suggested
*/
public function getAccountingCodeToBind(Societe $buyer, $seller, Product $product, Facture $facture, FactureLigne $factureDet, $accountingAccount = array())
{
global $conf;
global $hookmanager;
// Instantiate hooks for external modules
$hookmanager->initHooks(array('accoutancyBindingCalculation'));
// Execute hook accoutancyBindingCalculation
$parameters = array('buyer' => $buyer, 'seller' => $seller, 'product' => $product, 'facture' => $facture, 'factureDet' => $factureDet ,'accountingAccount'=>$accountingAccount);
$reshook = $hookmanager->executeHooks('accoutancyBindingCalculation', $parameters); // Note that $action and $object may have been modified by some hooks
if (empty($reshook)) {
require_once DOL_DOCUMENT_ROOT . '/core/lib/company.lib.php';
$isBuyerInEEC = isInEEC($buyer);
$isSellerInEEC = isInEEC($seller);
$code_sell_l = '';
$code_sell_p = '';
$code_sell_t = '';
$suggestedid = '';
// Level 1: Search suggested default account for product/service
$suggestedaccountingaccountbydefaultfor = '';
if ($factureDet->product_type == 1) {
if ($buyer->country_code == $seller->country_code || empty($buyer->country_code)) { // If buyer in same country than seller (if not defined, we assume it is same country)
$code_sell_l = (!empty($conf->global->ACCOUNTING_SERVICE_SOLD_ACCOUNT) ? $conf->global->ACCOUNTING_SERVICE_SOLD_ACCOUNT : '');
$suggestedaccountingaccountbydefaultfor = '';
} else {
if ($isSellerInEEC && $isBuyerInEEC && $factureDet->tva_tx != 0) { // European intravat sale, but with a VAT
$code_sell_l = (!empty($conf->global->ACCOUNTING_SERVICE_SOLD_ACCOUNT) ? $conf->global->ACCOUNTING_SERVICE_SOLD_ACCOUNT : '');
$suggestedaccountingaccountbydefaultfor = 'eecwithvat';
} elseif ($isSellerInEEC && $isBuyerInEEC && empty($buyer->tva_intra)) { // European intravat sale, without VAT intra community number
$code_sell_l = (!empty($conf->global->ACCOUNTING_SERVICE_SOLD_ACCOUNT) ? $conf->global->ACCOUNTING_SERVICE_SOLD_ACCOUNT : '');
$suggestedaccountingaccountbydefaultfor = 'eecwithoutvatnumber';
} elseif ($isSellerInEEC && $isBuyerInEEC) { // European intravat sale
$code_sell_l = (!empty($conf->global->ACCOUNTING_SERVICE_SOLD_INTRA_ACCOUNT) ? $conf->global->ACCOUNTING_SERVICE_SOLD_INTRA_ACCOUNT : '');
$suggestedaccountingaccountbydefaultfor = 'eec';
} else { // Foreign sale
$code_sell_l = (!empty($conf->global->ACCOUNTING_SERVICE_SOLD_EXPORT_ACCOUNT) ? $conf->global->ACCOUNTING_SERVICE_SOLD_EXPORT_ACCOUNT : '');
$suggestedaccountingaccountbydefaultfor = 'export';
}
}
} elseif ($factureDet->product_type == 0) {
if ($buyer->country_code == $seller->country_code || empty($buyer->country_code)) { // If buyer in same country than seller (if not defined, we assume it is same country)
$code_sell_l = (!empty($conf->global->ACCOUNTING_PRODUCT_SOLD_ACCOUNT) ? $conf->global->ACCOUNTING_PRODUCT_SOLD_ACCOUNT : '');
$suggestedaccountingaccountbydefaultfor = '';
} else {
if ($isSellerInEEC && $isBuyerInEEC && $factureDet->tva_tx != 0) { // European intravat sale, but with a VAT
$code_sell_l = (!empty($conf->global->ACCOUNTING_PRODUCT_SOLD_ACCOUNT) ? $conf->global->ACCOUNTING_PRODUCT_SOLD_ACCOUNT : '');
$suggestedaccountingaccountbydefaultfor = 'eecwithvat';
} elseif ($isSellerInEEC && $isBuyerInEEC && empty($buyer->tva_intra)) { // European intravat sale, without VAT intra community number
$code_sell_l = (!empty($conf->global->ACCOUNTING_PRODUCT_SOLD_ACCOUNT) ? $conf->global->ACCOUNTING_PRODUCT_SOLD_ACCOUNT : '');
$suggestedaccountingaccountbydefaultfor = 'eecwithoutvatnumber';
} elseif ($isSellerInEEC && $isBuyerInEEC) { // European intravat sale
$code_sell_l = (!empty($conf->global->ACCOUNTING_PRODUCT_SOLD_INTRA_ACCOUNT) ? $conf->global->ACCOUNTING_PRODUCT_SOLD_INTRA_ACCOUNT : '');
$suggestedaccountingaccountbydefaultfor = 'eec';
} else {
$code_sell_l = (!empty($conf->global->ACCOUNTING_PRODUCT_SOLD_EXPORT_ACCOUNT) ? $conf->global->ACCOUNTING_PRODUCT_SOLD_EXPORT_ACCOUNT : '');
$suggestedaccountingaccountbydefaultfor = 'export';
}
}
}
if ($code_sell_l == -1) {
$code_sell_l = '';
}
// Level 2: Search suggested account for product/service (similar code exists in page index.php to make automatic binding)
$suggestedaccountingaccountfor = '';
if ((($buyer->country_code == $seller->country_code) || empty($buyer->country_code)) && !empty($product->accountancy_code_sell)) { // If buyer in same country than seller (if not defined, we assume it is same country)
$code_sell_p = $product->accountancy_code_sell;
$suggestedid = $accountingAccount['dom'];
$suggestedaccountingaccountfor = 'prodserv';
} else {
if ($isSellerInEEC && $isBuyerInEEC && $factureDet->tva_tx != 0 && !empty($product->accountancy_code_sell)) { // European intravat sale, but with VAT
$code_sell_p = $product->accountancy_code_sell;
$suggestedid = $accountingAccount['dom'];
$suggestedaccountingaccountfor = 'eecwithvat';
} elseif ($isSellerInEEC && $isBuyerInEEC && empty($buyer->tva_intra) && !empty($product->accountancy_code_sell)) { // European intravat sale, without VAT intra community number
$code_sell_p = $product->accountancy_code_sell;
$suggestedid = $accountingAccount['dom']; // There is a doubt for this case. Is it an error on vat or we just forgot to fill vat number ?
$suggestedaccountingaccountfor = 'eecwithoutvatnumber';
} elseif ($isSellerInEEC && $isBuyerInEEC && !empty($product->accountancy_code_sell_intra)) { // European intravat sale
$code_sell_p = $product->accountancy_code_sell_intra;
$suggestedid = $accountingAccount['intra'];
$suggestedaccountingaccountfor = 'eec';
} elseif (!empty($product->accountancy_code_sell_export)) { // Foreign sale
$code_sell_p = $product->accountancy_code_sell_export;
$suggestedid = $accountingAccount['export'];
$suggestedaccountingaccountfor = 'export';
}
}
// Level 3: Search suggested account for this thirdparty (similar code exists in page index.php to make automatic binding)
if (!empty($conf->global->ACCOUNTANCY_USE_PRODUCT_ACCOUNT_ON_THIRDPARTY)) {
if (!empty($buyer->code_compta)) {
$code_sell_t = $buyer->code_compta;
$suggestedid = $accountingAccount['thirdparty'];
$suggestedaccountingaccountfor = 'thridparty';
}
}
// Manage Deposit
if ($factureDet->desc == "(DEPOSIT)") {
$accountdeposittoventilated = new self($this->db);
$result = $accountdeposittoventilated->fetch('', $conf->global->ACCOUNTING_ACCOUNT_CUSTOMER_DEPOSIT, 1);
if ($result < 0) {
return -1;
}
$code_sell_l = $accountdeposittoventilated->ref;
$suggestedid = $accountdeposittoventilated->rowid;
$suggestedaccountingaccountfor = 'deposit';
}
if (empty($suggestedid) && empty($code_sell_p) && !empty($code_sell_l) && empty($conf->global->ACCOUNTANCY_DO_NOT_AUTOFILL_ACCOUNT_WITH_GENERIC)) {
if (empty($this->accountingaccount_codetotid_cache[$code_sell_l])) {
$tmpaccount = new self($this->db);
$result = $tmpaccount->fetch(0, $code_sell_l, 1);
if ($result < 0) {
return -1;
}
if ($tmpaccount->id > 0) {
$suggestedid = $tmpaccount->id;
}
$this->accountingaccount_codetotid_cache[$code_sell_l] = $tmpaccount->id;
} else {
$suggestedid = $this->accountingaccount_codetotid_cache[$code_sell_l];
}
}
return array(
'suggestedaccountingaccountbydefaultfor' => $suggestedaccountingaccountbydefaultfor,
'suggestedaccountingaccountfor' => $suggestedaccountingaccountfor,
'suggestedid' => $suggestedid,
'code_sell_l' => $code_sell_l,
'code_sell_p' => $code_sell_p,
'code_sell_t' => $code_sell_t,
);
} else {
if (is_array($hookmanager->resArray) && !empty($hookmanager->resArray)) {
return $hookmanager->resArray;
}
}
}

92
htdocs/accountancy/customer/index.php
View File

@ -31,6 +31,7 @@ require_once DOL_DOCUMENT_ROOT.'/core/lib/date.lib.php';
require_once DOL_DOCUMENT_ROOT.'/core/lib/accounting.lib.php';
require_once DOL_DOCUMENT_ROOT.'/core/lib/company.lib.php';
require_once DOL_DOCUMENT_ROOT.'/compta/facture/class/facture.class.php';
require_once DOL_DOCUMENT_ROOT.'/accountancy/class/accountingaccount.class.php';
// Load translation files required by the page
$langs->loadLangs(array("compta", "bills", "other", "accountancy"));
@ -46,6 +47,7 @@ if (!$user->rights->accounting->bind->write) {
accessforbidden();
}
$accountingAccount = new AccountingAccount($db);
$month_start = ($conf->global->SOCIETE_FISCAL_MONTH_START ? ($conf->global->SOCIETE_FISCAL_MONTH_START) : 1);
if (GETPOST("year", 'int')) {
@ -172,35 +174,75 @@ if ($action == 'validatehistory') {
$isSellerInEEC = isInEEC($mysoc);
$thirdpartystatic = new Societe($db);
$facture_static = new Facture($db);
$facture_static_det = new FactureLigne($db);
$product_static = new Product($db);
$i = 0;
while ($i < min($num_lines, 10000)) { // No more than 10000 at once
$objp = $db->fetch_object($result);
$isBuyerInEEC = isInEEC($objp); // This make a database request but there is a cache into $conf->cache['country_code_in_EEC']
$thirdpartystatic->id = $objp->socid;
$thirdpartystatic->name = $objp->name;
$thirdpartystatic->client = $objp->client;
$thirdpartystatic->fournisseur = $objp->fournisseur;
$thirdpartystatic->code_client = $objp->code_client;
$thirdpartystatic->code_compta_client = $objp->code_compta_client;
$thirdpartystatic->code_fournisseur = $objp->code_fournisseur;
$thirdpartystatic->code_compta_fournisseur = $objp->code_compta_fournisseur;
$thirdpartystatic->email = $objp->email;
$thirdpartystatic->country_code = $objp->country_code;
$thirdpartystatic->tva_intra = $objp->tva_intra;
$thirdpartystatic->code_compta = $objp->company_code_sell;
// Level 2: Search suggested account for product/service (similar code exists in page list.php to make manual binding)
$suggestedaccountingaccountfor = '';
if (($objp->country_code == $mysoc->country_code) || empty($objp->country_code)) { // If buyer in same country than seller (if not defined, we assume it is same country)
$objp->code_sell_p = $objp->code_sell;
$objp->aarowid_suggest = $objp->aarowid;
$suggestedaccountingaccountfor = '';
$product_static->ref = $objp->product_ref;
$product_static->id = $objp->product_id;
$product_static->type = $objp->type;
$product_static->label = $objp->product_label;
$product_static->status = $objp->status;
$product_static->status_buy = $objp->status_buy;
$product_static->accountancy_code_sell = $objp->code_sell;
$product_static->accountancy_code_sell_intra = $objp->code_sell_intra;
$product_static->accountancy_code_sell_export = $objp->code_sell_export;
$product_static->accountancy_code_buy = $objp->code_buy;
$product_static->accountancy_code_buy_intra = $objp->code_buy_intra;
$product_static->accountancy_code_buy_export = $objp->code_buy_export;
$product_static->tva_tx = $objp->tva_tx_prod;
$product_static->tva_tx = $objp->tva_tx_prod;
$facture_static->ref = $objp->ref;
$facture_static->id = $objp->facid;
$facture_static->type = $objp->ftype;
$facture_static->datef = $objp->datef;
$facture_static_det->id = $objp->rowid;
$facture_static_det->total_ht = $objp->total_ht;
$facture_static_det->tva_tx = $objp->tva_tx_line;
$facture_static_det->vat_src_code = $objp->vat_src_code;
$facture_static_det->product_type = $objp->type_l;
$facture_static_det->desc = $objp->description;
$accoutinAccountArray = array(
'dom'=>$objp->aarowid,
'intra'=>$objp->aarowid_intra,
'export'=>$objp->aarowid_export,
'thirdparty' =>$objp->aarowid_thirdparty);
$code_sell_p_notset = '';
$code_sell_t_notset = '';
$return=$accountingAccount->getAccountingCodeToBind($thirdpartystatic, $mysoc, $product_static, $facture_static, $facture_static_det, $accoutinAccountArray);
if (!is_array($return) && $return<0) {
setEventMessage($accountingAccount->error, 'errors');
} else {
if ($isSellerInEEC && $isBuyerInEEC && $objp->tva_tx_line != 0) { // European intravat sale, but with VAT
$objp->code_sell_p = $objp->code_sell;
$objp->aarowid_suggest = $objp->aarowid;
$suggestedaccountingaccountfor = 'eecwithvat';
} elseif ($isSellerInEEC && $isBuyerInEEC && empty($objp->tva_intra)) { // European intravat sale, without VAT intra community number
$objp->code_sell_p = $objp->code_sell;
$objp->aarowid_suggest = 0; // There is a doubt, no automatic binding
$suggestedaccountingaccountfor = 'eecwithoutvatnumber';
} elseif ($isSellerInEEC && $isBuyerInEEC) { // European intravat sale
$objp->code_sell_p = $objp->code_sell_intra;
$objp->aarowid_suggest = $objp->aarowid_intra;
$suggestedaccountingaccountfor = 'eec';
} else { // Foreign sale
$objp->code_sell_p = $objp->code_sell_export;
$objp->aarowid_suggest = $objp->aarowid_export;
$suggestedaccountingaccountfor = 'export';
$suggestedid=$return['suggestedid'];
$suggestedaccountingaccountfor=$return['suggestedaccountingaccountfor'];
if (!empty($suggestedid) && $suggestedaccountingaccountfor<>'') {
$suggestedid=$return['suggestedid'];
} else {
$suggestedid=0;
}
}
@ -215,8 +257,8 @@ if ($action == 'validatehistory') {
if ($objp->aarowid_suggest > 0) {
$sqlupdate = "UPDATE ".MAIN_DB_PREFIX."facturedet";
$sqlupdate .= " SET fk_code_ventilation = ".((int) $objp->aarowid_suggest);
$sqlupdate .= " WHERE fk_code_ventilation <= 0 AND product_type <= 2 AND rowid = ".((int) $objp->rowid);
$sqlupdate .= " SET fk_code_ventilation = ".((int) $suggestedid);
$sqlupdate .= " WHERE fk_code_ventilation <= 0 AND product_type <= 2 AND rowid = ".((int) $facture_static_det->id);
$resqlupdate = $db->query($sqlupdate);
if (!$resqlupdate) {

187
htdocs/accountancy/customer/list.php
View File

@ -45,6 +45,7 @@ $massaction = GETPOST('massaction', 'alpha');
$show_files = GETPOST('show_files', 'int');
$confirm = GETPOST('confirm', 'alpha');
$toselect = GETPOST('toselect', 'array');
$optioncss = GETPOST('optioncss', 'alpha');
// Select Box
$mesCasesCochees = GETPOST('toselect', 'array');
@ -96,6 +97,7 @@ if (!$sortorder) {
$hookmanager->initHooks(array('accountancycustomerlist'));
$formaccounting = new FormAccounting($db);
$accountingAccount = new AccountingAccount($db);
$chartaccountcode = dol_getIdFromCode($db, $conf->global->CHARTOFACCOUNTS, 'accounting_system', 'rowid', 'pcg_version');
@ -510,17 +512,17 @@ if ($result) {
$thirdpartystatic = new Societe($db);
$facture_static = new Facture($db);
$facture_static_det = new FactureLigne($db);
$product_static = new Product($db);
$isSellerInEEC = isInEEC($mysoc);
$accountingaccount_codetotid_cache = array();
while ($i < min($num_lines, $limit)) {
$objp = $db->fetch_object($result);
$objp->code_sell_l = '';
$objp->code_sell_p = '';
$code_sell_l = '';
$code_sell_p = '';
$thirdpartystatic->id = $objp->socid;
$thirdpartystatic->name = $objp->name;
@ -532,6 +534,8 @@ if ($result) {
$thirdpartystatic->code_compta_fournisseur = $objp->code_compta_fournisseur;
$thirdpartystatic->email = $objp->email;
$thirdpartystatic->country_code = $objp->country_code;
$thirdpartystatic->tva_intra = $objp->tva_intra;
$thirdpartystatic->code_compta = $objp->company_code_sell;
$product_static->ref = $objp->product_ref;
$product_static->id = $objp->product_id;
@ -545,146 +549,84 @@ if ($result) {
$product_static->accountancy_code_buy = $objp->code_buy;
$product_static->accountancy_code_buy_intra = $objp->code_buy_intra;
$product_static->accountancy_code_buy_export = $objp->code_buy_export;
$product_static->tva_tx = $objp->tva_tx_prod;
$product_static->tva_tx = $objp->tva_tx_prod;
$facture_static->ref = $objp->ref;
$facture_static->id = $objp->facid;
$facture_static->type = $objp->ftype;
$facture_static->datef = $objp->datef;
$facture_static_det->id = $objp->rowid;
$facture_static_det->total_ht = $objp->total_ht;
$facture_static_det->tva_tx = $objp->tva_tx_line;
$facture_static_det->vat_src_code = $objp->vat_src_code;
$facture_static_det->product_type = $objp->type_l;
$facture_static_det->desc = $objp->description;
$accoutinAccountArray = array(
'dom'=>$objp->aarowid,
'intra'=>$objp->aarowid_intra,
'export'=>$objp->aarowid_export,
'thirdparty' =>$objp->aarowid_thirdparty);
$code_sell_p_notset = '';
$code_sell_t_notset = '';
$objp->aarowid_suggest = ''; // Will be set later
$isBuyerInEEC = isInEEC($objp);
// Level 1: Search suggested default account for product/service
$suggestedaccountingaccountbydefaultfor = '';
if ($objp->type_l == 1) {
if ($objp->country_code == $mysoc->country_code || empty($objp->country_code)) { // If buyer in same country than seller (if not defined, we assume it is same country)
$objp->code_sell_l = (!empty($conf->global->ACCOUNTING_SERVICE_SOLD_ACCOUNT) ? $conf->global->ACCOUNTING_SERVICE_SOLD_ACCOUNT : '');
$suggestedaccountingaccountbydefaultfor = '';
} else {
if ($isSellerInEEC && $isBuyerInEEC && $objp->tva_tx_line != 0) { // European intravat sale, but with a VAT
$objp->code_sell_l = (!empty($conf->global->ACCOUNTING_SERVICE_SOLD_ACCOUNT) ? $conf->global->ACCOUNTING_SERVICE_SOLD_ACCOUNT : '');
$suggestedaccountingaccountbydefaultfor = 'eecwithvat';
} elseif ($isSellerInEEC && $isBuyerInEEC && empty($objp->tva_intra)) { // European intravat sale, without VAT intra community number
$objp->code_sell_l = (!empty($conf->global->ACCOUNTING_SERVICE_SOLD_ACCOUNT) ? $conf->global->ACCOUNTING_SERVICE_SOLD_ACCOUNT : '');
$suggestedaccountingaccountbydefaultfor = 'eecwithoutvatnumber';
} elseif ($isSellerInEEC && $isBuyerInEEC) { // European intravat sale
$objp->code_sell_l = (!empty($conf->global->ACCOUNTING_SERVICE_SOLD_INTRA_ACCOUNT) ? $conf->global->ACCOUNTING_SERVICE_SOLD_INTRA_ACCOUNT : '');
$suggestedaccountingaccountbydefaultfor = 'eec';
} else { // Foreign sale
$objp->code_sell_l = (!empty($conf->global->ACCOUNTING_SERVICE_SOLD_EXPORT_ACCOUNT) ? $conf->global->ACCOUNTING_SERVICE_SOLD_EXPORT_ACCOUNT : '');
$suggestedaccountingaccountbydefaultfor = 'export';
}
}
} elseif ($objp->type_l == 0) {
if ($objp->country_code == $mysoc->country_code || empty($objp->country_code)) { // If buyer in same country than seller (if not defined, we assume it is same country)
$objp->code_sell_l = (!empty($conf->global->ACCOUNTING_PRODUCT_SOLD_ACCOUNT) ? $conf->global->ACCOUNTING_PRODUCT_SOLD_ACCOUNT : '');
$suggestedaccountingaccountbydefaultfor = '';
} else {
if ($isSellerInEEC && $isBuyerInEEC && $objp->tva_tx_line != 0) { // European intravat sale, but with a VAT
$objp->code_sell_l = (!empty($conf->global->ACCOUNTING_PRODUCT_SOLD_ACCOUNT) ? $conf->global->ACCOUNTING_PRODUCT_SOLD_ACCOUNT : '');
$suggestedaccountingaccountbydefaultfor = 'eecwithvat';
} elseif ($isSellerInEEC && $isBuyerInEEC && empty($objp->tva_intra)) { // European intravat sale, without VAT intra community number
$objp->code_sell_l = (!empty($conf->global->ACCOUNTING_PRODUCT_SOLD_ACCOUNT) ? $conf->global->ACCOUNTING_PRODUCT_SOLD_ACCOUNT : '');
$suggestedaccountingaccountbydefaultfor = 'eecwithoutvatnumber';
} elseif ($isSellerInEEC && $isBuyerInEEC) { // European intravat sale
$objp->code_sell_l = (!empty($conf->global->ACCOUNTING_PRODUCT_SOLD_INTRA_ACCOUNT) ? $conf->global->ACCOUNTING_PRODUCT_SOLD_INTRA_ACCOUNT : '');
$suggestedaccountingaccountbydefaultfor = 'eec';
} else {
$objp->code_sell_l = (!empty($conf->global->ACCOUNTING_PRODUCT_SOLD_EXPORT_ACCOUNT) ? $conf->global->ACCOUNTING_PRODUCT_SOLD_EXPORT_ACCOUNT : '');
$suggestedaccountingaccountbydefaultfor = 'export';
}
}
}
if ($objp->code_sell_l == -1) {
$objp->code_sell_l = '';
}
// Level 2: Search suggested account for product/service (similar code exists in page index.php to make automatic binding)
$suggestedaccountingaccountfor = '';
if (($objp->country_code == $mysoc->country_code) || empty($objp->country_code)) { // If buyer in same country than seller (if not defined, we assume it is same country)
$objp->code_sell_p = $objp->code_sell;
$objp->aarowid_suggest = $objp->aarowid;
$suggestedaccountingaccountfor = '';
$return=$accountingAccount->getAccountingCodeToBind($thirdpartystatic, $mysoc, $product_static, $facture_static, $facture_static_det, $accoutinAccountArray);
if (!is_array($return) && $return<0) {
setEventMessage($accountingAccount->error, 'errors');
} else {
if ($isSellerInEEC && $isBuyerInEEC && $objp->tva_tx_line != 0) { // European intravat sale, but with VAT
$objp->code_sell_p = $objp->code_sell;
$objp->aarowid_suggest = $objp->aarowid;
$suggestedaccountingaccountfor = 'eecwithvat';
} elseif ($isSellerInEEC && $isBuyerInEEC && empty($objp->tva_intra)) { // European intravat sale, without VAT intra community number
$objp->code_sell_p = $objp->code_sell;
$objp->aarowid_suggest = $objp->aarowid; // There is a doubt for this case. Is it an error on vat or we just forgot to fill vat number ?
$suggestedaccountingaccountfor = 'eecwithoutvatnumber';
} elseif ($isSellerInEEC && $isBuyerInEEC) { // European intravat sale
$objp->code_sell_p = $objp->code_sell_intra;
$objp->aarowid_suggest = $objp->aarowid_intra;
$suggestedaccountingaccountfor = 'eec';
} else { // Foreign sale
$objp->code_sell_p = $objp->code_sell_export;
$objp->aarowid_suggest = $objp->aarowid_export;
$suggestedaccountingaccountfor = 'export';
}
$suggestedid=$return['suggestedid'];
$suggestedaccountingaccountfor=$return['suggestedaccountingaccountfor'];
$suggestedaccountingaccountbydefaultfor=$return['suggestedaccountingaccountbydefaultfor'];
$code_sell_l=$return['code_sell_l'];
$code_sell_p=$return['code_sell_p'];
$code_sell_t=$return['code_sell_t'];
}
//var_dump($return);
// Level 3: Search suggested account for this thirdparty (similar code exists in page index.php to make automatic binding)
if (!empty($conf->global->ACCOUNTANCY_USE_PRODUCT_ACCOUNT_ON_THIRDPARTY)) {
if (!empty($objp->company_code_sell)) {
$objp->code_sell_t = $objp->company_code_sell;
$objp->aarowid_suggest = $objp->aarowid_thirdparty;
$suggestedaccountingaccountfor = '';
}
}
// Manage Deposit
if ($objp->description == "(DEPOSIT)") {
$accountdeposittoventilated = new AccountingAccount($db);
$accountdeposittoventilated->fetch('', $conf->global->ACCOUNTING_ACCOUNT_CUSTOMER_DEPOSIT, 1);
$objp->code_sell_l = $accountdeposittoventilated->ref;
$objp->aarowid_suggest = $accountdeposittoventilated->rowid;
}
if (!empty($objp->code_sell_p)) {
if (!empty($code_sell_p)) {
// Value was defined previously
} else {
$code_sell_p_notset = 'color:orange';
}
if (empty($objp->code_sell_l) && empty($objp->code_sell_p)) {
if (empty($code_sell_l) && empty($code_sell_p)) {
$code_sell_p_notset = 'color:red';
}
if ($suggestedaccountingaccountfor == 'eecwithoutvatnumber' && empty($code_sell_p_notset)) {
$code_sell_p_notset = 'color:orange';
}
// $objp->code_sell_l is now default code of product/service
// $objp->code_sell_p is now code of product/service
// $objp->code_sell_t is now code of thirdparty
// $code_sell_l is now default code of product/service
// $code_sell_p is now code of product/service
// $code_sell_t is now code of thirdparty
print '<tr class="oddeven">';
// Line id
print '<td>'.$objp->rowid.'</td>';
print '<td>'.$facture_static_det->id.'</td>';
// Ref Invoice
print '<td class="nowraponall">'.$facture_static->getNomUrl(1).'</td>';
print '<td class="center">'.dol_print_date($db->jdate($objp->datef), 'day').'</td>';
print '<td class="center">'.dol_print_date($db->jdate($facture_static->datef), 'day').'</td>';
// Ref Product
print '<td class="tdoverflowmax150">';
if ($product_static->id > 0) {
print $product_static->getNomUrl(1);
}
if ($objp->product_label) {
print '<br><span class="opacitymedium small">'.$objp->product_label.'</span>';
if ($product_static->label) {
print '<br><span class="opacitymedium small">'.$product_static->label.'</span>';
}
print '</td>';
// Description
print '<td class="tdoverflowonsmartphone small">';
$text = dolGetFirstLineOfText(dol_string_nohtmltag($objp->description));
$text = dolGetFirstLineOfText(dol_string_nohtmltag($facture_static_det->desc));
$trunclength = empty($conf->global->ACCOUNTING_LENGTH_DESCRIPTION) ? 32 : $conf->global->ACCOUNTING_LENGTH_DESCRIPTION;
print $form->textwithtooltip(dol_trunc($text, $trunclength), $objp->description);
print $form->textwithtooltip(dol_trunc($text, $trunclength), $facture_static_det->desc);
print '</td>';
print '<td class="right nowraponall amount">';
@ -692,11 +634,12 @@ if ($result) {
print '</td>';
// Vat rate
if ($objp->vat_tx_l != $objp->vat_tx_p) {
$code_vat_differ='';
if ($product_static->tva_tx !== $facture_static_det->tva_tx) {
$code_vat_differ = 'font-weight:bold; text-decoration:blink; color:red';
}
print '<td style="'.$code_vat_differ.'" class="right">';
print vatrate($objp->tva_tx_line.($objp->vat_src_code ? ' ('.$objp->vat_src_code.')' : ''));
print vatrate($facture_static_det->tva_tx.($facture_static_det->vat_src_code ? ' ('.$facture_static_det->vat_src_code.')' : ''));
print '</td>';
// Thirdparty
@ -713,18 +656,18 @@ if ($result) {
// Found accounts
print '<td class="small">';
$s = '1. '.(($objp->type_l == 1) ? $langs->trans("DefaultForService") : $langs->trans("DefaultForProduct")).': ';
$s = '1. '.(($facture_static_det->product_type == 1) ? $langs->trans("DefaultForService") : $langs->trans("DefaultForProduct")).': ';
$shelp = '';
if ($suggestedaccountingaccountbydefaultfor == 'eec') {
$shelp .= $langs->trans("SaleEEC");
} elseif ($suggestedaccountingaccountbydefaultfor == 'export') {
$shelp .= $langs->trans("SaleExport");
}
$s .= ($objp->code_sell_l > 0 ? length_accountg($objp->code_sell_l) : '<span style="'.$code_sell_p_notset.'">'.$langs->trans("NotDefined").'</span>');
$s .= ($code_sell_l > 0 ? length_accountg($code_sell_l) : '<span style="'.$code_sell_p_notset.'">'.$langs->trans("NotDefined").'</span>');
print $form->textwithpicto($s, $shelp, 1, 'help', '', 0, 2, '', 1);
if ($objp->product_id > 0) {
if ($product_static->id > 0) {
print '<br>';
$s = '2. '.(($objp->type_l == 1) ? $langs->trans("ThisService") : $langs->trans("ThisProduct")).': ';
$s = '2. '.(($facture_static_det->product_type == 1) ? $langs->trans("ThisService") : $langs->trans("ThisProduct")).': ';
$shelp = ''; $ttype = 'help';
if ($suggestedaccountingaccountfor == 'eec') {
$shelp = $langs->trans("SaleEEC");
@ -736,7 +679,7 @@ if ($result) {
} elseif ($suggestedaccountingaccountfor == 'export') {
$shelp = $langs->trans("SaleExport");
}
$s .= (empty($objp->code_sell_p) ? '<span style="'.$code_sell_p_notset.'">'.$langs->trans("NotDefined").'</span>' : length_accountg($objp->code_sell_p));
$s .= (empty($code_sell_p) ? '<span style="'.$code_sell_p_notset.'">'.$langs->trans("NotDefined").'</span>' : length_accountg($code_sell_p));
print $form->textwithpicto($s, $shelp, 1, $ttype, '', 0, 2, '', 1);
} else {
print '<br>';
@ -747,38 +690,26 @@ if ($result) {
}
if (!empty($conf->global->ACCOUNTANCY_USE_PRODUCT_ACCOUNT_ON_THIRDPARTY)) {
print '<br>';
$s = '3. '.(($objp->type_l == 1) ? $langs->trans("ServiceForThisThirdparty") : $langs->trans("ProductForThisThirdparty")).': ';
$s = '3. '.(($facture_static_det->product_type == 1) ? $langs->trans("ServiceForThisThirdparty") : $langs->trans("ProductForThisThirdparty")).': ';
$shelp = '';
$s .= ($objp->code_sell_t > 0 ? length_accountg($objp->code_sell_t) : '<span style="'.$code_sell_t_notset.'">'.$langs->trans("NotDefined").'</span>');
$s .= ($code_sell_t > 0 ? length_accountg($code_sell_t) : '<span style="'.$code_sell_t_notset.'">'.$langs->trans("NotDefined").'</span>');
print $form->textwithpicto($s, $shelp, 1, 'help', '', 0, 2, '', 1);
}
print '</td>';
// Suggested accounting account
print '<td>';
$suggestedid = $objp->aarowid_suggest;
if (empty($suggestedid) && empty($objp->code_sell_p) && !empty($objp->code_sell_l) && empty($conf->global->ACCOUNTANCY_DO_NOT_AUTOFILL_ACCOUNT_WITH_GENERIC)) {
if (empty($accountingaccount_codetotid_cache[$objp->code_sell_l])) {
$tmpaccount = new AccountingAccount($db);
$tmpaccount->fetch(0, $objp->code_sell_l, 1);
if ($tmpaccount->id > 0) {
$suggestedid = $tmpaccount->id;
}
$accountingaccount_codetotid_cache[$objp->code_sell_l] = $tmpaccount->id;
} else {
$suggestedid = $accountingaccount_codetotid_cache[$objp->code_sell_l];
}
}
print $formaccounting->select_account($suggestedid, 'codeventil'.$objp->rowid, 1, array(), 0, 0, 'codeventil maxwidth200 maxwidthonsmartphone', 'cachewithshowemptyone');
print $formaccounting->select_account($suggestedid, 'codeventil'.$facture_static_det->id, 1, array(), 0, 0, 'codeventil maxwidth200 maxwidthonsmartphone', 'cachewithshowemptyone');
print '</td>';
// Column with checkbox
print '<td class="center">';
$ischecked = $objp->aarowid_suggest;
if ($suggestedaccountingaccountfor == 'eecwithoutvatnumber') {
if (!empty($suggestedid) && $suggestedaccountingaccountfor<>'') {
$ischecked=1;
} elseif ($suggestedaccountingaccountfor == 'eecwithoutvatnumber') {
$ischecked = 0;
}
print '<input type="checkbox" class="flat checkforselect checkforselect'.$objp->rowid.'" name="toselect[]" value="'.$objp->rowid."_".$i.'"'.($ischecked ? "checked" : "").'/>';
print '<input type="checkbox" class="flat checkforselect checkforselect'.$facture_static_det->id.'" name="toselect[]" value="'.$facture_static_det->id."_".$i.'"'.($ischecked ? "checked" : "").'/>';
print '</td>';
print '</tr>';

4
htdocs/accountancy/journal/bankjournal.php
View File

@ -362,7 +362,7 @@ if ($result) {
// Retrieve the accounting code of the social contribution of the payment from link of payment.
// Note: We have the social contribution id, it can be faster to get accounting code from social contribution id.
$sqlmid = 'SELECT cchgsoc.accountancy_code';
$sqlmid = "SELECT cchgsoc.accountancy_code";
$sqlmid .= " FROM ".MAIN_DB_PREFIX."c_chargesociales cchgsoc";
$sqlmid .= " INNER JOIN ".MAIN_DB_PREFIX."chargesociales as chgsoc ON chgsoc.fk_type = cchgsoc.id";
$sqlmid .= " INNER JOIN ".MAIN_DB_PREFIX."paiementcharge as paycharg ON paycharg.fk_charge = chgsoc.rowid";
@ -1019,7 +1019,7 @@ if (empty($action) || $action == 'view') {
// Test that setup is complete (we are in accounting, so test on entity is always on $conf->entity only, no sharing allowed)
$sql = 'SELECT COUNT(rowid) as nb FROM '.MAIN_DB_PREFIX.'bank_account WHERE entity = '.$conf->entity.' AND fk_accountancy_journal IS NULL AND clos=0';
$sql = "SELECT COUNT(rowid) as nb FROM ".MAIN_DB_PREFIX."bank_account WHERE entity = ".((int) $conf->entity)." AND fk_accountancy_journal IS NULL AND clos=0";
$resql = $db->query($sql);
if ($resql) {
$obj = $db->fetch_object($resql);

2
htdocs/adherents/subscription.php
View File

@ -670,7 +670,7 @@ if ($rowid > 0) {
print '<div class="tabsAction">';
if ($object->statut > 0) {
print '<div class="inline-block divButAction"><a class="butAction" href="'.$_SERVER["PHP_SELF"].'?rowid='.$rowid.'&action=addsubscription">'.$langs->trans("AddSubscription")."</a></div>";
print '<div class="inline-block divButAction"><a class="butAction" href="'.$_SERVER["PHP_SELF"].'?rowid='.$rowid.'&action=addsubscription&token='.newToken().'">'.$langs->trans("AddSubscription")."</a></div>";
} else {
print '<div class="inline-block divButAction"><a class="butActionRefused classfortooltip" href="#" title="'.dol_escape_htmltag($langs->trans("ValidateBefore")).'">'.$langs->trans("AddSubscription").'</a></div>';
}

13
htdocs/adherents/type.php
View File

@ -318,6 +318,19 @@ if (!$rowid && $action != 'create' && $action != 'edit') {
print "</tr>";
$i++;
}
// If no record found
if ($num == 0) {
/*$colspan = 1;
foreach ($arrayfields as $key => $val) {
if (!empty($val['checked'])) {
$colspan++;
}
}*/
$colspan = 8;
print '<tr><td colspan="'.$colspan.'" class="opacitymedium">'.$langs->trans("NoRecordFound").'</td></tr>';
}
print "</table>";
print '</div>';

2
htdocs/admin/boxes.php
View File

@ -360,7 +360,7 @@ foreach ($boxtoadd as $box) {
print '</tr>'."\n";
}
if (!count($boxtoadd) && count($boxactivated)) {
print '<tr><td class="opacitymedium" colspan="4">'.$langs->trans("AllWidgetsWereEnabled").'</td></tr>';
print '<tr><td colspan="4"><span class="opacitymedium">'.$langs->trans("AllWidgetsWereEnabled").'</span></td></tr>';
}
print '</table>'."\n";
print '</div>';

2
htdocs/admin/dict.php
View File

@ -1178,6 +1178,8 @@ if ($id) {
$sql .= natural_search("r.code_region", $search_code);
} elseif ($search_code != '' && $id == 7) {
$sql .= natural_search("a.code", $search_code);
} elseif ($search_code != '' && $id == 10) {
$sql .= natural_search("t.code", $search_code);
} elseif ($search_code != '' && $id != 9) {
$sql .= natural_search("code", $search_code);
}

2
htdocs/admin/dolistore/class/PSWebServiceLibrary.class.php
View File

@ -232,7 +232,7 @@ class PrestaShopWebservice
if ($response != '') {
libxml_clear_errors();
libxml_use_internal_errors(true);
$xml = simplexml_load_string($response, 'SimpleXMLElement', LIBXML_NOCDATA);
$xml = simplexml_load_string($response, 'SimpleXMLElement', LIBXML_NOCDATA|LIBXML_NONET);
if (libxml_get_errors()) {
$msg = var_export(libxml_get_errors(), true);
libxml_clear_errors();

2
htdocs/admin/eventorganization_confbooth_extrafields.php
View File

@ -16,7 +16,7 @@
*/
/**
* \file htdocs/admin/eventorganization_extrafields.php
* \file htdocs/admin/eventorganization_confbooth_extrafields.php
* \ingroup bom
* \brief Page to setup extra fields of EventOrganization
*/

2
htdocs/admin/eventorganization_confboothattendee_extrafields.php
View File

@ -21,7 +21,7 @@
*/
/**
* \file admin/conferenceorboothattendee_extrafields.php
* \file htdocs/admin/eventorganization_confboothattendee_extrafields.php
* \ingroup eventorganization
* \brief Page to setup extra fields of conferenceorboothattendee
*/

20
htdocs/admin/expensereport.php
View File

@ -145,7 +145,13 @@ if ($action == 'updateMask') {
$draft = GETPOST('EXPENSEREPORT_DRAFT_WATERMARK', 'alpha');
$res2 = dolibarr_set_const($db, "EXPENSEREPORT_DRAFT_WATERMARK", trim($draft), 'chaine', 0, '', $conf->entity);
if (!$res1 > 0 || !$res2 > 0) {
$dates = GETPOST('EXPENSEREPORT_PREFILL_DATES_WITH_CURRENT_MONTH', 'int');
$res3 = dolibarr_set_const($db, 'EXPENSEREPORT_PREFILL_DATES_WITH_CURRENT_MONTH', intval($dates), 'chaine', 0, '', $conf->entity);
$amounts = GETPOST('EXPENSEREPORT_FORCE_LINE_AMOUNTS_INCLUDING_TAXES_ONLY', 'int');
$res4 = dolibarr_set_const($db, 'EXPENSEREPORT_FORCE_LINE_AMOUNTS_INCLUDING_TAXES_ONLY', intval($amounts), 'chaine', 0, '', $conf->entity);
if (!($res1 > 0) || !($res2 > 0) || !($res3 > 0) || !($res4 >0)) {
$error++;
}
@ -458,6 +464,18 @@ print $form->textwithpicto($langs->trans("WatermarkOnDraftExpenseReports"), $htm
print '<input class="flat minwidth200" type="text" name="EXPENSEREPORT_DRAFT_WATERMARK" value="'.$conf->global->EXPENSEREPORT_DRAFT_WATERMARK.'">';
print '</td></tr>'."\n";
print '<tr class="oddeven"><td>';
print $langs->trans('PrefillExpenseReportDatesWithCurrentMonth');
print '</td><td class="right">';
print $form->selectyesno('EXPENSEREPORT_PREFILL_DATES_WITH_CURRENT_MONTH', empty($conf->global->EXPENSEREPORT_PREFILL_DATES_WITH_CURRENT_MONTH) ? 0 : 1, 1);
print '</td></tr>';
print '<tr class="oddeven"><td>';
print $langs->trans('ForceExpenseReportsLineAmountsIncludingTaxesOnly');
print '</td><td class="right">';
print $form->selectyesno('EXPENSEREPORT_FORCE_LINE_AMOUNTS_INCLUDING_TAXES_ONLY', empty($conf->global->EXPENSEREPORT_FORCE_LINE_AMOUNTS_INCLUDING_TAXES_ONLY) ? 0 : 1, 1);
print '</td></tr>';
print '</table>';
print $form->buttonsSaveCancel("Save", '');

6
htdocs/admin/knowledgemanagement.php
View File

@ -17,7 +17,7 @@
*/
/**
* \file knowledgemanagement/admin/setup.php
* \file htdocs/admin/knowledgemanagement.php
* \ingroup knowledgemanagement
* \brief KnowledgeManagement setup page.
*/
@ -65,9 +65,7 @@ if (!$user->admin) {
* Actions
*/
if ((float) DOL_VERSION >= 6) {
include DOL_DOCUMENT_ROOT.'/core/actions_setmoduleoptions.inc.php';
}
include DOL_DOCUMENT_ROOT.'/core/actions_setmoduleoptions.inc.php';
if ($action == 'updateMask') {
$maskconstorder = GETPOST('maskconstorder', 'alpha');

2
htdocs/admin/menus/edit.php
View File

@ -281,7 +281,7 @@ if ($action == 'create') {
print load_fiche_titre($langs->trans("NewMenu"), '', 'title_setup');
print '<form action="./edit.php?action=add&menuId='.GETPOST('menuId', 'int').'" method="post" name="formmenucreate">';
print '<form action="'.DOL_URL_ROOT.'/admin/menus/edit.php?action=add&token='.newToken().'&menuId='.GETPOST('menuId', 'int').'" method="post" name="formmenucreate">';
print '<input type="hidden" name="token" value="'.newToken().'">';
print dol_get_fiche_head();

2
htdocs/admin/modules.php
View File

@ -133,7 +133,7 @@ if ($action == 'install') {
// $original_file should match format module_modulename-x.y[.z].zip
$original_file = basename($_FILES["fileinstall"]["name"]);
$original_file = preg_replace('/\(\d+\)\.zip$/i', '.zip', $original_file);
$original_file = preg_replace('/\s*\(\d+\)\.zip$/i', '.zip', $original_file);
$newfile = $conf->admin->dir_temp.'/'.$original_file.'/'.$original_file;
if (!$original_file) {

2
htdocs/admin/multicurrency.php
View File

@ -138,7 +138,7 @@ if ($action == 'add_currency') {
$TCurrency = array();
$sql = 'SELECT rowid FROM '.MAIN_DB_PREFIX.'multicurrency WHERE entity = '.$conf->entity;
$sql = "SELECT rowid FROM ".MAIN_DB_PREFIX."multicurrency WHERE entity = ".((int) $conf->entity);
$resql = $db->query($sql);
if ($resql) {
while ($obj = $db->fetch_object($resql)) {

4
htdocs/admin/paymentbybanktransfer.php
View File

@ -20,7 +20,7 @@
*/
/**
* \file htdocs/admin/credtitransfer.php
* \file htdocs/admin/paymentbybanktransfer.php
* \ingroup paymentbybanktransfer
* \brief Page to setup payments by credit transfer
*/
@ -429,7 +429,7 @@ if (! empty($conf->global->MAIN_MODULE_NOTIFICATION))
}
print '<form method="post" action="'.$_SERVER["PHP_SELF"].'?action=addnotif">';
print '<form method="post" action="'.$_SERVER["PHP_SELF"].'?action=addnotif&token='.newToken().'">';
print '<input type="hidden" name="token" value="'.newToken().'">';
print '<table class="noborder centpercent">';
print '<tr class="liste_titre">';

2
htdocs/admin/perms.php
View File

@ -236,7 +236,7 @@ if ($result) {
print '</td>';
} else {
print '<td class="center">';
print '<a class="reposition" href="perms.php?pid='.$obj->id.'&amp;action=add">';
print '<a class="reposition" href="perms.php?pid='.$obj->id.'&action=add&token='.newToken().'">';
//print img_edit_add();
print img_picto('', 'switch_off');
print '</a>';

2
htdocs/admin/prelevement.php
View File

@ -443,7 +443,7 @@ if (! empty($conf->global->MAIN_MODULE_NOTIFICATION))
}
print '<form method="post" action="'.$_SERVER["PHP_SELF"].'?action=addnotif">';
print '<form method="post" action="'.$_SERVER["PHP_SELF"].'?action=addnotif&token='.newToken().'">';
print '<input type="hidden" name="token" value="'.newToken().'">';
print '<table class="noborder centpercent">';
print '<tr class="liste_titre">';

2
htdocs/admin/system/dolibarr.php
View File

@ -51,7 +51,7 @@ if ($action == 'getlastversion') {
$result = getURLContent('https://sourceforge.net/projects/dolibarr/rss');
//var_dump($result['content']);
if (function_exists('simplexml_load_string')) {
$sfurl = simplexml_load_string($result['content']);
$sfurl = simplexml_load_string($result['content'], 'SimpleXMLElement', LIBXML_NOCDATA|LIBXML_NONET);
} else {
setEventMessages($langs->trans("ErrorPHPDoesNotSupport", "xml"), null, 'errors');
}

2
htdocs/admin/system/filecheck.php
View File

@ -171,7 +171,7 @@ if (GETPOST('target') == 'remote') {
if (!$xmlarray['curl_error_no'] && $xmlarray['http_code'] != '400' && $xmlarray['http_code'] != '404') {
$xmlfile = $xmlarray['content'];
//print "xmlfilestart".$xmlfile."xmlfileend";
$xml = simplexml_load_string($xmlfile);
$xml = simplexml_load_string($xmlfile, 'SimpleXMLElement', LIBXML_NOCDATA|LIBXML_NONET);
} else {
$errormsg = $langs->trans('XmlNotFound').': '.$xmlremote.' - '.$xmlarray['http_code'].(($xmlarray['http_code'] == 400 && $xmlarray['content']) ? ' '.$xmlarray['content'] : '').' '.$xmlarray['curl_error_no'].' '.$xmlarray['curl_error_msg'];
setEventMessages($errormsg, null, 'errors');

7
htdocs/admin/system/modules.php
View File

@ -91,6 +91,7 @@ $modules_files = array();
$modules_fullpath = array();
$modulesdir = dolGetModulesDirs();
$rights_ids = array();
$arrayofpermissions = array();
foreach ($modulesdir as $dir) {
$handle = @opendir(dol_osencode($dir));
@ -155,7 +156,7 @@ foreach ($modules as $key => $module) {
if (empty($rights[0])) {
continue;
}
$arrayofpermissions[$rights[0]] = array('label'=> 'user->rights->'.$module->rights_class.'->'.$rights[4].(empty($rights[5]) ? '' : '->'.$rights[5]));
$permission[] = $rights[0];
array_push($rights_ids, $rights[0]);
@ -336,8 +337,10 @@ foreach ($moduleList as $module) {
$idperms = '';
foreach ($module->permission as $permission) {
$idperms .= ($idperms ? ", " : "").$permission;
$translationKey = "Permission".$permission;
$labelpermission = $langs->trans($translationKey);
$labelpermission .= ' : '.$arrayofpermissions[$permission]['label'];
$idperms .= ($idperms ? ", " : "").'<span title="'.$labelpermission.'">'.$permission.'</a>';
if (!empty($conf->global->MAIN_SHOW_PERMISSION)) {
if (empty($langs->tab_translate[$translationKey])) {

2
htdocs/admin/system/perf.php
View File

@ -63,7 +63,7 @@ print '<br>';
print '<strong>'.$langs->trans("XDebug").'</strong>: ';
$test = !function_exists('xdebug_is_enabled');
if ($test) {
print img_picto('', 'tick.png').' '.$langs->trans("NotInstalled").' - '.$langs->trans("NotSlowedDownByThis");
print img_picto('', 'tick.png').' '.$langs->trans("NotInstalled").' <span class="opacitymedium">'.$langs->trans("NotSlowedDownByThis").'</span>';
} else {
print img_picto('', 'warning').' '.$langs->trans("ModuleActivated", $langs->transnoentities("XDebug"));
print ' - '.$langs->trans("MoreInformation").' <a href="'.DOL_URL_ROOT.'/admin/system/xdebug.php">XDebug admin page</a>';

4
htdocs/admin/system/security.php
View File

@ -258,6 +258,8 @@ print '<br>';
print '<strong>$dolibarr_nocsrfcheck</strong>: '.(empty($dolibarr_nocsrfcheck) ? '0' : $dolibarr_nocsrfcheck);
if (!empty($dolibarr_nocsrfcheck)) {
print ' &nbsp; '.img_picto('', 'warning').' '.$langs->trans("IfYouAreOnAProductionSetThis", 0);
} else {
print ' &nbsp; <span class="opacitymedium">('.$langs->trans("Recommended").': 0)</span>';
}
print '<br>';
@ -442,7 +444,7 @@ print '<br>';
print '<strong>MAIN_RESTRICTHTML_REMOVE_ALSO_BAD_ATTRIBUTES</strong> = '.(empty($conf->global->MAIN_RESTRICTHTML_REMOVE_ALSO_BAD_ATTRIBUTES) ? '<span class="opacitymedium">'.$langs->trans("Undefined").' &nbsp; ('.$langs->trans("Recommended").': 1)</span>' : $conf->global->MAIN_RESTRICTHTML_REMOVE_ALSO_BAD_ATTRIBUTES)."<br>";
print '<br>';
print '<strong>MAIN_SECURITY_CSRF_WITH_TOKEN</strong> = '.(empty($conf->global->MAIN_SECURITY_CSRF_WITH_TOKEN) ? '<span class="opacitymedium">'.$langs->trans("Undefined").' &nbsp; ('.$langs->trans("Recommended").': 1)</span>' : $conf->global->MAIN_SECURITY_CSRF_WITH_TOKEN)."<br>";
print '<strong>MAIN_SECURITY_CSRF_WITH_TOKEN</strong> = '.(empty($conf->global->MAIN_SECURITY_CSRF_WITH_TOKEN) ? '<span class="opacitymedium">'.$langs->trans("Undefined").' &nbsp; ('.$langs->trans("Recommended").': 2)</span>' : $conf->global->MAIN_SECURITY_CSRF_WITH_TOKEN)."<br>";
print '<br>';
print '<strong>MAIN_SECURITY_CSRF_TOKEN_RENEWAL_ON_EACH_CALL</strong> = '.(empty($conf->global->MAIN_SECURITY_CSRF_TOKEN_RENEWAL_ON_EACH_CALL) ? '<span class="opacitymedium">'.$langs->trans("Undefined").' &nbsp; ('.$langs->trans("Recommended").': '.$langs->trans("Undefined").' '.$langs->trans("or").' 0)</span>' : $conf->global->MAIN_SECURITY_CSRF_TOKEN_RENEWAL_ON_EACH_CALL)."<br>";

2
htdocs/admin/tools/purge.php
View File

@ -110,7 +110,7 @@ if (!empty($conf->syslog->enabled)) {
print '<input type="radio" name="choice" id="choicetempfiles" value="tempfiles"';
print (!$choice || $choice == 'tempfiles' || $choice == 'allfiles') ? ' checked' : '';
print '> <label for="choicetempfiles">'.$langs->trans("PurgeDeleteTemporaryFiles").'</label><br><br>';
print '> <label for="choicetempfiles">'.$langs->trans("PurgeDeleteTemporaryFilesShort").'</label><br><br>';
print '<input type="radio" name="choice" id="choiceallfiles" value="confirm_allfiles"';
print ($choice && $choice == 'confirm_allfiles') ? ' checked' : '';

2
htdocs/admin/tools/update.php
View File

@ -61,7 +61,7 @@ $version = '0.0';
if ($action == 'getlastversion') {
$result = getURLContent('https://sourceforge.net/projects/dolibarr/rss');
//var_dump($result['content']);
$sfurl = simplexml_load_string($result['content']);
$sfurl = simplexml_load_string($result['content'], 'SimpleXMLElement', LIBXML_NOCDATA|LIBXML_NONET);
}

62
htdocs/api/class/api_setup.class.php
View File

@ -4,7 +4,7 @@
* Copyright (C) 2017 Regis Houssin <regis.houssin@inodbox.com>
* Copyright (C) 2017 Neil Orley <neil.orley@oeris.fr>
* Copyright (C) 2018-2021 Frédéric France <frederic.france@netlogic.fr>
* Copyright (C) 2018-2020 Thibault FOUCART <support@ptibogxiv.net>
* Copyright (C) 2018-2021 Thibault FOUCART <support@ptibogxiv.net>
*
*
* This program is free software; you can redistribute it and/or modify
@ -1340,6 +1340,64 @@ class Setup extends DolibarrApi
return $list;
}
/**
* Get the list of staff.
*
* @param string $sortfield Sort field
* @param string $sortorder Sort order
* @param int $limit Number of items per page
* @param int $page Page number (starting from zero)
* @param int $active Staff is active or not {@min 0} {@max 1}
* @param string $sqlfilters Other criteria to filter answers separated by a comma. Syntax example "(t.code:like:'A%') and (t.active:>=:0)"
* @return array List of staff
*
* @url GET dictionary/staff
*
* @throws RestException
*/
public function getListOfStaff($sortfield = "id", $sortorder = 'ASC', $limit = 100, $page = 0, $active = 1, $sqlfilters = '')
{
$list = array();
$sql = "SELECT t.id, t.code, t.libelle, t.active, t.module";
$sql .= " FROM ".MAIN_DB_PREFIX."c_effectif as t";
$sql .= " WHERE t.active = ".((int) $active);
// Add sql filters
if ($sqlfilters) {
if (!DolibarrApi::_checkFilters($sqlfilters)) {
throw new RestException(503, 'Error when validating parameter sqlfilters '.$sqlfilters);
}
$regexstring = '\(([^:\'\(\)]+:[^:\'\(\)]+:[^\(\)]+)\)';
$sql .= " AND (".preg_replace_callback('/'.$regexstring.'/', 'DolibarrApi::_forge_criteria_callback', $sqlfilters).")";
}
$sql .= $this->db->order($sortfield, $sortorder);
if ($limit) {
if ($page < 0) {
$page = 0;
}
$offset = $limit * $page;
$sql .= $this->db->plimit($limit, $offset);
}
$result = $this->db->query($sql);
if ($result) {
$num = $this->db->num_rows($result);
$min = min($num, ($limit <= 0 ? $num : $limit));
for ($i = 0; $i < $min; $i++) {
$list[] = $this->db->fetch_object($result);
}
} else {
throw new RestException(503, 'Error when retrieving list of staff: '.$this->db->lasterror());
}
return $list;
}
/**
* Get the list of social networks.
*
@ -1744,7 +1802,7 @@ class Setup extends DolibarrApi
if (!$xmlarray['curl_error_no'] && $xmlarray['http_code'] != '400' && $xmlarray['http_code'] != '404') {
$xmlfile = $xmlarray['content'];
//print "xmlfilestart".$xmlfile."endxmlfile";
$xml = simplexml_load_string($xmlfile);
$xml = simplexml_load_string($xmlfile, 'SimpleXMLElement', LIBXML_NOCDATA|LIBXML_NONET);
} else {
$errormsg = $langs->trans('XmlNotFound').': '.$xmlremote.' - '.$xmlarray['http_code'].(($xmlarray['http_code'] == 400 && $xmlarray['content']) ? ' '.$xmlarray['content'] : '').' '.$xmlarray['curl_error_no'].' '.$xmlarray['curl_error_msg'];
throw new RestException(500, $errormsg);

2
htdocs/categories/photos.php
View File

@ -231,7 +231,7 @@ if ($object->id) {
// On propose la generation de la vignette si elle n'existe pas et si la taille est superieure aux limites
if (!$obj['photo_vignette'] && preg_match('/(\.bmp|\.gif|\.jpg|\.jpeg|\.png)$/i', $obj['photo']) && ($object->imgWidth > $maxWidth || $object->imgHeight > $maxHeight)) {
print '<a href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&amp;action=addthumb&amp;type='.$type.'&amp;file='.urlencode($pdir.$viewfilename).'">'.img_picto($langs->trans('GenerateThumb'), 'refresh').'&nbsp;&nbsp;</a>';
print '<a href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&token='.newToken().'&action=addthumb&type='.$type.'&file='.urlencode($pdir.$viewfilename).'">'.img_picto($langs->trans('GenerateThumb'), 'refresh').'&nbsp;&nbsp;</a>';
}
if ($user->rights->categorie->creer) {
print '<a href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&action=delete&token='.newToken().'&type='.$type.'&file='.urlencode($pdir.$viewfilename).'">';

1
htdocs/comm/action/class/actioncomm.class.php
View File

@ -865,6 +865,7 @@ class ActionComm extends CommonObject
$this->fetchResources();
}
}
$this->db->free($resql);
} else {
$this->error = $this->db->lasterror();

2
htdocs/comm/mailing/cibles.php
View File

@ -378,7 +378,7 @@ if ($object->fetch($id) >= 0) {
$var = !$var;
if ($allowaddtarget) {
print '<form '.$bctag[$var].' name="'.$modulename.'" action="'.$_SERVER['PHP_SELF'].'?action=add&id='.$object->id.'&module='.$modulename.'" method="POST" enctype="multipart/form-data">';
print '<form '.$bctag[$var].' name="'.$modulename.'" action="'.$_SERVER['PHP_SELF'].'?action=add&token='.newToken().'&id='.$object->id.'&module='.$modulename.'" method="POST" enctype="multipart/form-data">';
print '<input type="hidden" name="token" value="'.newToken().'">';
} else {
print '<div '.$bctag[$var].'>';

2
htdocs/comm/mailing/index.php
View File

@ -184,7 +184,7 @@ if ($result) {
$i++;
}
} else {
print '<tr><td class="opacitymedium">'.$langs->trans("None").'</td></tr>';
print '<tr><td><span class="opacitymedium">'.$langs->trans("None").'</span></td></tr>';
}
print "</table></div><br>";
$db->free($result);

4
htdocs/compta/bank/bankentries_list.php
View File

@ -932,10 +932,10 @@ if ($resql) {
$newcardbutton = dolGetButtonTitle($langs->trans('AddBankRecord'), '', 'fa fa-plus-circle', DOL_URL_ROOT.'/compta/bank/various_payment/card.php?action=create&accountid='.urlencode($search_account).'&backtopage='.urlencode($_SERVER['PHP_SELF'].'?id='.urlencode($search_account)), '', $user->rights->banque->modifier);
} else // If direct entries is not done using miscellaneous payments
{
$newcardbutton = dolGetButtonTitle($langs->trans('AddBankRecord'), '', 'fa fa-plus-circle', $_SERVER["PHP_SELF"].'?action=addline&page='.$page.$param, '', $user->rights->banque->modifier);
$newcardbutton = dolGetButtonTitle($langs->trans('AddBankRecord'), '', 'fa fa-plus-circle', $_SERVER["PHP_SELF"].'?action=addline&token='.newToken().'&page='.$page.$param, '', $user->rights->banque->modifier);
}
} else {
$newcardbutton = dolGetButtonTitle($langs->trans('AddBankRecord'), '', 'fa fa-plus-circle', $_SERVER["PHP_SELF"].'?action=addline&page='.$page.$param, '', -1);
$newcardbutton = dolGetButtonTitle($langs->trans('AddBankRecord'), '', 'fa fa-plus-circle', $_SERVER["PHP_SELF"].'?action=addline&token='.newToken().'&page='.$page.$param, '', -1);
}
}

2
htdocs/compta/bank/class/account.class.php
View File

@ -1503,7 +1503,7 @@ class Account extends CommonObject
{
$country_code = $this->getCountryCode();
if (in_array($country_code, array('FR', 'ES', 'GA', 'IT', 'NC'))) {
if (in_array($country_code, array('AD', 'FR', 'ES', 'GA', 'IT', 'NC'))) {
return 1; // France, Spain, Gabon, ... - Not valid for CH
}
if (in_array($country_code, array('AU', 'BE', 'CA', 'DE', 'DK', 'GR', 'GB', 'ID', 'IE', 'IR', 'KR', 'NL', 'NZ', 'UK', 'US'))) {

8
htdocs/compta/facture/class/facture.class.php
View File

@ -6051,7 +6051,7 @@ class FactureLigne extends CommonInvoiceLine
return 0;
}
$sql = 'SELECT situation_percent FROM '.MAIN_DB_PREFIX.'facturedet WHERE rowid='.((int) $this->fk_prev_id);
$sql = "SELECT situation_percent FROM ".MAIN_DB_PREFIX."facturedet WHERE rowid = ".((int) $this->fk_prev_id);
$resql = $this->db->query($sql);
if ($resql && $resql->num_rows > 0) {
$res = $this->db->fetch_array($resql);
@ -6061,9 +6061,9 @@ class FactureLigne extends CommonInvoiceLine
if ($include_credit_note) {
$sql = 'SELECT fd.situation_percent FROM '.MAIN_DB_PREFIX.'facturedet fd';
$sql .= ' JOIN '.MAIN_DB_PREFIX.'facture f ON (f.rowid = fd.fk_facture) ';
$sql .= ' WHERE fd.fk_prev_id = '.((int) $this->fk_prev_id);
$sql .= ' AND f.situation_cycle_ref = '.((int) $invoicecache[$invoiceid]->situation_cycle_ref); // Prevent cycle outed
$sql .= ' AND f.type = '.Facture::TYPE_CREDIT_NOTE;
$sql .= " WHERE fd.fk_prev_id = ".((int) $this->fk_prev_id);
$sql .= " AND f.situation_cycle_ref = ".((int) $invoicecache[$invoiceid]->situation_cycle_ref); // Prevent cycle outed
$sql .= " AND f.type = ".Facture::TYPE_CREDIT_NOTE;
$res = $this->db->query($sql);
if ($res) {

2
htdocs/compta/facture/index.php
View File

@ -16,7 +16,7 @@
*/
/**
* \file htdocs/compat/facture/index.php
* \file htdocs/compta/facture/index.php
* \ingroup facture
* \brief Home page of customer invoices area
*/

16
htdocs/compta/facture/list.php
View File

@ -1846,8 +1846,8 @@ if ($resql) {
}
// Alias
if (!empty($arrayfields['s.name_alias']['checked'])) {
print '<td class="tdoverflowmax150" title="'.$obj->name_alias.'">';
print $obj->name_alias;
print '<td class="tdoverflowmax150" title="'.dol_escape_htmltag($obj->name_alias).'">';
print dol_escape_htmltag($obj->name_alias);
print '</td>';
if (!$i) {
$totalarray['nbfield']++;
@ -1855,8 +1855,8 @@ if ($resql) {
}
// Town
if (!empty($arrayfields['s.town']['checked'])) {
print '<td>';
print $obj->town;
print '<td class="tdoverflowmax100" title="'.dol_escape_htmltag($obj->town).'">';
print dol_escape_htmltag($obj->town);
print '</td>';
if (!$i) {
$totalarray['nbfield']++;
@ -1865,7 +1865,7 @@ if ($resql) {
// Zip
if (!empty($arrayfields['s.zip']['checked'])) {
print '<td class="nowraponall">';
print $obj->zip;
print dol_escape_htmltag($obj->zip);
print '</td>';
if (!$i) {
$totalarray['nbfield']++;
@ -1873,7 +1873,7 @@ if ($resql) {
}
// State
if (!empty($arrayfields['state.nom']['checked'])) {
print "<td>".$obj->state_name."</td>\n";
print "<td>".dol_escape_htmltag($obj->state_name)."</td>\n";
if (!$i) {
$totalarray['nbfield']++;
}
@ -1936,7 +1936,7 @@ if ($resql) {
// Module Source
if (!empty($arrayfields['f.module_source']['checked'])) {
print '<td>';
print $obj->module_source;
print dol_escape_htmltag($obj->module_source);
print '</td>';
if (!$i) {
$totalarray['nbfield']++;
@ -1946,7 +1946,7 @@ if ($resql) {
// POS Terminal
if (!empty($arrayfields['f.pos_source']['checked'])) {
print '<td>';
print $obj->pos_source;
print dol_escape_htmltag($obj->pos_source);
print '</td>';
if (!$i) {
$totalarray['nbfield']++;

7
htdocs/compta/index.php
View File

@ -206,6 +206,7 @@ if (!empty($conf->facture->enabled) && !empty($user->rights->facture->lire)) {
print '<td class="nowrap">';
print '<table class="nobordernopadding"><tr class="nocellnopadd">';
print '<td class="nobordernopadding nowraponall">';
print $tmpinvoice->getNomUrl(1, '');
print '</td>';
@ -222,15 +223,19 @@ if (!empty($conf->facture->enabled) && !empty($user->rights->facture->lire)) {
print '</td></tr></table>';
print '</td>';
print '<td class="left">';
print '<td class="tdoverflowmax150">';
print $thirdpartystatic->getNomUrl(1, 'customer', 44);
print '</td>';
if (!empty($conf->global->MAIN_SHOW_HT_ON_SUMMARY)) {
print '<td class="nowrap right"><span class="amount">'.price($obj->total_ht).'</span></td>';
}
print '<td class="nowrap right"><span class="amount">'.price($obj->total_ttc).'</span></td>';
print '<td class="right">'.dol_print_date($db->jdate($obj->tms), 'day').'</td>';
print '<td>'.$tmpinvoice->getLibStatut(3, $obj->am).'</td>';
print '</tr>';
$total_ttc += $obj->total_ttc;

4
htdocs/compta/paiement/class/paiement.class.php
View File

@ -304,8 +304,8 @@ class Paiement extends CommonObject
$facid = $key;
if (is_numeric($amount) && $amount <> 0) {
$amount = price2num($amount);
$sql = 'INSERT INTO '.MAIN_DB_PREFIX.'paiement_facture (fk_facture, fk_paiement, amount, multicurrency_amount)';
$sql .= ' VALUES ('.((int) $facid).', '.((int) $this->id).", ".((float) $amount).", ".((float) $this->multicurrency_amounts[$key]).')';
$sql = "INSERT INTO ".MAIN_DB_PREFIX."paiement_facture (fk_facture, fk_paiement, amount, multicurrency_amount)";
$sql .= " VALUES (".((int) $facid).", ".((int) $this->id).", ".((float) $amount).", ".((float) $this->multicurrency_amounts[$key]).")";
dol_syslog(get_class($this).'::create Amount line '.$key.' insert paiement_facture', LOG_DEBUG);
$resql = $this->db->query($sql);

6
htdocs/compta/paymentbybanktransfer/index.php
View File

@ -48,7 +48,7 @@ $result = restrictedArea($user, 'paymentbybanktransfer', '', '');
* Actions
*/
// None
/*
@ -166,7 +166,7 @@ if ($resql) {
$i++;
}
} else {
print '<tr class="oddeven"><td colspan="5" class="opacitymedium">'.$langs->trans("NoSupplierInvoiceToWithdraw", $langs->transnoentitiesnoconv("BankTransfer")).'</td></tr>';
print '<tr class="oddeven"><td colspan="5"><span class="opacitymedium">'.$langs->trans("NoSupplierInvoiceToWithdraw", $langs->transnoentitiesnoconv("BankTransfer")).'</span></td></tr>';
}
print "</table></div><br>";
} else {
@ -223,7 +223,7 @@ if ($result) {
$i++;
}
} else {
print '<tr><td class="opacitymedium" colspan="4">'.$langs->trans("None").'</td></tr>';
print '<tr><td colspan="4"><span class="opacitymedium">'.$langs->trans("None").'</span></td></tr>';
}
print "</table></div><br>";

15
htdocs/compta/prelevement/card.php
View File

@ -33,11 +33,6 @@ require_once DOL_DOCUMENT_ROOT.'/compta/bank/class/account.class.php';
// Load translation files required by the page
$langs->loadLangs(array('banks', 'categories', 'bills', 'companies', 'withdrawals'));
// Security check
if ($user->socid > 0) {
accessforbidden();
}
// Get supervariables
$action = GETPOST('action', 'aZ09');
$id = GETPOST('id', 'int');
@ -71,11 +66,11 @@ include DOL_DOCUMENT_ROOT.'/core/actions_fetchobject.inc.php'; // Must be includ
$hookmanager->initHooks(array('directdebitprevcard', 'globalcard', 'directdebitprevlist'));
if (!$user->rights->prelevement->bons->lire && $object->type != 'bank-transfer') {
accessforbidden();
}
if (!$user->rights->paymentbybanktransfer->read && $object->type == 'bank-transfer') {
accessforbidden();
$type = $object->type;
if ($type == 'bank-transfer') {
$result = restrictedArea($user, 'paymentbybanktransfer', '', '', '');
} else {
$result = restrictedArea($user, 'prelevement', '', '', 'bons');
}

22
htdocs/compta/prelevement/create.php
View File

@ -39,12 +39,6 @@ require_once DOL_DOCUMENT_ROOT.'/compta/bank/class/account.class.php';
// Load translation files required by the page
$langs->loadLangs(array('banks', 'categories', 'withdrawals', 'companies', 'bills'));
// Security check
if ($user->socid) {
$socid = $user->socid;
}
$result = restrictedArea($user, 'prelevement', '', '', 'bons');
$type = GETPOST('type', 'aZ09');
// Get supervariables
@ -63,6 +57,16 @@ $offset = $limit * $page;
$hookmanager->initHooks(array('directdebitcreatecard', 'globalcard'));
// Security check
if ($user->socid) {
$socid = $user->socid;
}
if ($type == 'bank-transfer') {
$result = restrictedArea($user, 'paymentbybanktransfer', '', '', '');
} else {
$result = restrictedArea($user, 'prelevement', '', '', 'bons');
}
/*
* Actions
@ -141,7 +145,11 @@ if (empty($reshook)) {
}
}
$objectclass = "BonPrelevement";
$uploaddir = $conf->prelevement->dir_output;
if ($type == 'bank-transfer') {
$uploaddir = $conf->paymentbybanktransfer->dir_output;
} else {
$uploaddir = $conf->prelevement->dir_output;
}
include DOL_DOCUMENT_ROOT.'/core/actions_massactions.inc.php';
}

13
htdocs/compta/prelevement/demandes.php
View File

@ -37,10 +37,6 @@ $langs->loadLangs(array('banks', 'categories', 'withdrawals', 'companies'));
// Security check
$socid = GETPOST('socid', 'int');
$status = GETPOST('status', 'int');
if ($user->socid) {
$socid = $user->socid;
}
$result = restrictedArea($user, 'prelevement', '', '', 'bons');
$contextpage = GETPOST('contextpage', 'aZ') ?GETPOST('contextpage', 'aZ') : 'directdebitcredittransferlist'; // To manage different context of search
$backtopage = GETPOST('backtopage', 'alpha'); // Go back to a dedicated page
@ -73,6 +69,15 @@ $massactionbutton = '';
$hookmanager->initHooks(array('withdrawalstodolist'));
if ($user->socid) {
$socid = $user->socid;
}
if ($type == 'bank-transfer') {
$result = restrictedArea($user, 'paymentbybanktransfer', '', '', '');
} else {
$result = restrictedArea($user, 'prelevement', '', '', 'bons');
}
/*
* Actions

16
htdocs/compta/prelevement/factures.php
View File

@ -34,11 +34,6 @@ require_once DOL_DOCUMENT_ROOT.'/compta/bank/class/account.class.php';
// Load translation files required by the page
$langs->loadLangs(array('banks', 'categories', 'bills', 'companies', 'withdrawals'));
// Securite acces client
if ($user->socid > 0) {
accessforbidden();
}
// Get supervariables
$id = GETPOST('id', 'int');
$ref = GETPOST('ref', 'alpha');
@ -70,11 +65,16 @@ include DOL_DOCUMENT_ROOT.'/core/actions_fetchobject.inc.php'; // Must be includ
$hookmanager->initHooks(array('directdebitprevcard', 'globalcard', 'directdebitprevlist'));
if (!$user->rights->prelevement->bons->lire && $object->type != 'bank-transfer') {
// Security check
if ($user->socid > 0) {
accessforbidden();
}
if (!$user->rights->paymentbybanktransfer->read && $object->type == 'bank-transfer') {
accessforbidden();
$type = $object->type;
if ($type == 'bank-transfer') {
$result = restrictedArea($user, 'paymentbybanktransfer', '', '', '');
} else {
$result = restrictedArea($user, 'prelevement', '', '', 'bons');
}

11
htdocs/compta/prelevement/fiche-rejet.php
View File

@ -62,11 +62,16 @@ $object = new BonPrelevement($db);
// Load object
include DOL_DOCUMENT_ROOT.'/core/actions_fetchobject.inc.php'; // Must be include, not include_once // Must be include, not include_once. Include fetch and fetch_thirdparty but not fetch_optionals
if (!$user->rights->prelevement->bons->lire && $object->type != 'bank-transfer') {
// Security check
if ($user->socid > 0) {
accessforbidden();
}
if (!$user->rights->paymentbybanktransfer->read && $object->type == 'bank-transfer') {
accessforbidden();
$type = $object->type;
if ($type == 'bank-transfer') {
$result = restrictedArea($user, 'paymentbybanktransfer', '', '', '');
} else {
$result = restrictedArea($user, 'prelevement', '', '', 'bons');
}

16
htdocs/compta/prelevement/fiche-stat.php
View File

@ -32,11 +32,6 @@ require_once DOL_DOCUMENT_ROOT.'/compta/bank/class/account.class.php';
// Load translation files required by the page
$langs->loadLangs(array("banks", "categories", 'withdrawals', 'bills'));
// Security check
if ($user->socid > 0) {
accessforbidden();
}
// Get supervariables
$prev_id = GETPOST('id', 'int');
$ref = GETPOST('ref', 'alpha');
@ -61,11 +56,16 @@ $object = new BonPrelevement($db);
// Load object
include DOL_DOCUMENT_ROOT.'/core/actions_fetchobject.inc.php'; // Must be include, not include_once // Must be include, not include_once. Include fetch and fetch_thirdparty but not fetch_optionals
if (!$user->rights->prelevement->bons->lire && $object->type != 'bank-transfer') {
// Security check
if ($user->socid > 0) {
accessforbidden();
}
if (!$user->rights->paymentbybanktransfer->read && $object->type == 'bank-transfer') {
accessforbidden();
$type = $object->type;
if ($type == 'bank-transfer') {
$result = restrictedArea($user, 'paymentbybanktransfer', '', '', '');
} else {
$result = restrictedArea($user, 'prelevement', '', '', 'bons');
}

6
htdocs/compta/prelevement/index.php
View File

@ -41,14 +41,14 @@ $socid = GETPOST('socid', 'int');
if ($user->socid) {
$socid = $user->socid;
}
$result = restrictedArea($user, 'prelevement', '', '');
$result = restrictedArea($user, 'prelevement', '', 'bons');
/*
* Actions
*/
// None
/*
@ -225,7 +225,7 @@ if ($result) {
$i++;
}
} else {
print '<tr><td class="opacitymedium" colspan="4">'.$langs->trans("None").'</td></tr>';
print '<tr><td colspan="4"><span class="opacitymedium">'.$langs->trans("None").'</span></td></tr>';
}
print "</table></div><br>";

12
htdocs/compta/prelevement/line.php
View File

@ -35,11 +35,6 @@ require_once DOL_DOCUMENT_ROOT.'/compta/bank/class/account.class.php';
// Load translation files required by the page
$langs->loadlangs(array('banks', 'categories', 'bills', 'withdrawals'));
// Security check
if ($user->socid > 0) {
accessforbidden();
}
// Get supervariables
$action = GETPOST('action', 'aZ09');
$id = GETPOST('id', 'int');
@ -66,6 +61,13 @@ if ($sortfield == "") {
$sortfield = "pl.fk_soc";
}
$type = $object->type;
if ($type == 'bank-transfer') {
$result = restrictedArea($user, 'paymentbybanktransfer', '', '', '');
} else {
$result = restrictedArea($user, 'prelevement', '', '', 'bons');
}
/*
* Actions

20
htdocs/compta/prelevement/list.php
View File

@ -42,13 +42,6 @@ $contextpage = GETPOST('contextpage', 'aZ') ? GETPOST('contextpage', 'aZ') : 'di
$backtopage = GETPOST('backtopage', 'alpha'); // Go back to a dedicated page
$optioncss = GETPOST('optioncss', 'aZ'); // Option for the css output (always '' except when 'print')
// Security check
$socid = GETPOST('socid', 'int');
if ($user->socid) {
$socid = $user->socid;
}
$result = restrictedArea($user, 'prelevement', '', '', 'bons');
$type = GETPOST('type', 'aZ09');
$limit = GETPOST('limit', 'int') ?GETPOST('limit', 'int') : $conf->liste_limit;
@ -80,6 +73,17 @@ $company = new Societe($db);
$hookmanager->initHooks(array('withdrawalsreceiptslineslist'));
// Security check
$socid = GETPOST('socid', 'int');
if ($user->socid) {
$socid = $user->socid;
}
if ($type == 'bank-transfer') {
$result = restrictedArea($user, 'paymentbybanktransfer', '', '', '');
} else {
$result = restrictedArea($user, 'prelevement', '', '', 'bons');
}
/*
* Actions
@ -274,7 +278,7 @@ if ($result) {
$i++;
}
} else {
print '<tr><td class="opacitymedium" colspan="8">'.$langs->trans("None").'</td></tr>';
print '<tr><td colspan="8"><span class="opacitymedium">'.$langs->trans("None").'</span></td></tr>';
}
print "</table>";
print '</div>';

24
htdocs/compta/prelevement/orders_list.php
View File

@ -33,13 +33,6 @@ $langs->loadLangs(array('banks', 'categories', 'withdrawals'));
$contextpage = GETPOST('contextpage', 'aZ') ? GETPOST('contextpage', 'aZ') : 'directdebitcredittransferlist'; // To manage different context of search
// Security check
$socid = GETPOST('socid', 'int');
if ($user->socid) {
$socid = $user->socid;
}
$result = restrictedArea($user, 'prelevement', '', '', 'bons');
$type = GETPOST('type', 'aZ09');
$limit = GETPOST('limit', 'int') ? GETPOST('limit', 'int') : $conf->liste_limit;
@ -72,6 +65,17 @@ if ($type == 'bank-transfer') {
$usercancreate = $user->rights->paymentbybanktransfer->create;
}
// Security check
$socid = GETPOST('socid', 'int');
if ($user->socid) {
$socid = $user->socid;
}
if ($type == 'bank-transfer') {
$result = restrictedArea($user, 'paymentbybanktransfer', '', '', '');
} else {
$result = restrictedArea($user, 'prelevement', '', '', 'bons');
}
/*
* Actions
@ -137,15 +141,15 @@ if ($result) {
$newcardbutton = '';
if ($usercancreate) {
$newcardbutton .= dolGetButtonTitle($langs->trans('NewStandingOrder'), '', 'fa fa-plus-circle', DOL_URL_ROOT.'/compta/prelevement/create.php');
$newcardbutton .= dolGetButtonTitle($langs->trans('NewStandingOrder'), '', 'fa fa-plus-circle', DOL_URL_ROOT.'/compta/prelevement/create.php?type='.urlencode($type));
}
// Lines of title fields
print '<form method="POST" id="searchFormList" action="'.$_SERVER["PHP_SELF"].'">';
print '<input type="hidden" name="token" value="'.newToken().'">';
if ($optioncss != '') {
print '<input type="hidden" name="optioncss" value="'.$optioncss.'">';
}
print '<input type="hidden" name="token" value="'.newToken().'">';
print '<input type="hidden" name="formfilteraction" id="formfilteraction" value="list">';
print '<input type="hidden" name="action" value="list">';
print '<input type="hidden" name="sortfield" value="'.$sortfield.'">';
@ -217,7 +221,7 @@ if ($result) {
$i++;
}
} else {
print '<tr><td class="opacitymedium" colspan="5">'.$langs->trans("None").'</td></tr>';
print '<tr><td colspan="5"><span class="opacitymedium">'.$langs->trans("None").'</span></td></tr>';
}
print "</table>";

20
htdocs/compta/prelevement/rejets.php
View File

@ -33,13 +33,6 @@ require_once DOL_DOCUMENT_ROOT.'/compta/bank/class/account.class.php';
// Load translation files required by the page
$langs->loadLangs(array('banks', 'categories', 'withdrawals', 'companies'));
// Security check
$socid = GETPOST('socid', 'int');
if ($user->socid) {
$socid = $user->socid;
}
$result = restrictedArea($user, 'prelevement', '', '', 'bons');
$type = GETPOST('type', 'aZ09');
// Get supervariables
@ -54,6 +47,17 @@ $offset = $limit * $page;
$pageprev = $page - 1;
$pagenext = $page + 1;
// Security check
$socid = GETPOST('socid', 'int');
if ($user->socid) {
$socid = $user->socid;
}
if ($type == 'bank-transfer') {
$result = restrictedArea($user, 'paymentbybanktransfer', '', '', '');
} else {
$result = restrictedArea($user, 'prelevement', '', '', 'bons');
}
/*
* View
@ -140,7 +144,7 @@ if ($result) {
$i++;
}
} else {
print '<tr><td class="opacitymedium" colspan="3">'.$langs->trans("None").'</td></tr>';
print '<tr><td colspan="3"><span class="opacitymedium">'.$langs->trans("None").'</span></td></tr>';
}
print "</table>";

10
htdocs/compta/prelevement/stats.php
View File

@ -31,14 +31,18 @@ require_once DOL_DOCUMENT_ROOT.'/compta/bank/class/account.class.php';
// Load translation files required by the page
$langs->loadLangs(array('banks', 'categories', 'withdrawals', 'companies'));
$type = GETPOST('type', 'aZ09');
// Security check
$socid = GETPOST('socid', 'int');
if ($user->socid) {
$socid = $user->socid;
}
$result = restrictedArea($user, 'prelevement', '', '', 'bons');
$type = GETPOST('type', 'aZ09');
if ($type == 'bank-transfer') {
$result = restrictedArea($user, 'paymentbybanktransfer', '', '', '');
} else {
$result = restrictedArea($user, 'prelevement', '', '', 'bons');
}
/*

4
htdocs/contact/consumption.php
View File

@ -645,7 +645,7 @@ if ($sql_select) {
print_liste_field_titre('Quantity', $_SERVER['PHP_SELF'], 'prod_qty', '', $param, '', $sortfield, $sortorder, 'right ');
print "</tr>\n";
print '<tr class="oddeven"><td class="opacitymedium" colspan="5">'.$langs->trans("SelectElementAndClick", $langs->transnoentitiesnoconv("Search")).'</td></tr>';
print '<tr class="oddeven"><td colspan="5"><span class="opacitymedium">'.$langs->trans("SelectElementAndClick", $langs->transnoentitiesnoconv("Search")).'</span></td></tr>';
print "</table>";
} else {
@ -653,7 +653,7 @@ if ($sql_select) {
print '<table class="liste centpercent">'."\n";
print '<tr class="oddeven"><td class="opacitymedium" colspan="5">'.$langs->trans("FeatureNotYetAvailable").'</td></tr>';
print '<tr class="oddeven"><td colspan="5"><span class="opacitymedium">'.$langs->trans("FeatureNotYetAvailable").'</span></td></tr>';
print "</table>";
}

24
htdocs/contrat/list.php
View File

@ -431,40 +431,40 @@ if ($search_ref_supplier != '') {
if ($search_op2df != '') {
$param .= '&search_op2df='.urlencode($search_op2df);
}
if ($search_date_startday) {
if ($search_date_startday > 0) {
$param .= '&search_date_startday='.urlencode($search_date_startday);
}
if ($search_date_startmonth) {
if ($search_date_startmonth > 0) {
$param .= '&search_date_startmonth='.urlencode($search_date_startmonth);
}
if ($search_date_startyear) {
if ($search_date_startyear > 0) {
$param .= '&search_date_startyear='.urlencode($search_date_startyear);
}
if ($search_date_endday) {
if ($search_date_endday > 0) {
$param .= '&search_date_endday='.urlencode($search_date_endday);
}
if ($search_date_endmonth) {
if ($search_date_endmonth > 0) {
$param .= '&search_date_endmonth='.urlencode($search_date_endmonth);
}
if ($search_date_endyear) {
if ($search_date_endyear > 0) {
$param .= '&search_date_endyear='.urlencode($search_date_endyear);
}
if ($search_dfyear != '') {
if ($search_dfyear > 0) {
$param .= '&search_dfyear='.urlencode($search_dfyear);
}
if ($search_dfmonth != '') {
if ($search_dfmonth > 0) {
$param .= '&search_dfmonth='.urlencode($search_dfmonth);
}
if ($search_sale != '') {
if ($search_sale > 0) {
$param .= '&search_sale='.urlencode($search_sale);
}
if ($search_user != '') {
if ($search_user > 0) {
$param .= '&search_user='.urlencode($search_user);
}
if ($search_type_thirdparty != '' && $search_type_thirdparty > 0) {
if ($search_type_thirdparty > 0) {
$param .= '&search_type_thirdparty='.urlencode($search_type_thirdparty);
}
if ($search_product_category != '') {
if ($search_product_category > 0) {
$param .= '&search_product_category='.urlencode($search_product_category);
}
if ($show_files) {

2
htdocs/core/actions_massactions.inc.php
View File

@ -357,7 +357,7 @@ if (!$error && $massaction == 'confirm_presend') {
$tmp = explode(',', $conf->global->MAIN_INFO_SOCIETE_MAIL_ALIASES);
$from = trim($tmp[($reg[1] - 1)]);
} elseif (preg_match('/senderprofile_(\d+)_(\d+)/', $fromtype, $reg)) {
$sql = 'SELECT rowid, label, email FROM '.MAIN_DB_PREFIX.'c_email_senderprofile WHERE rowid = '.(int) $reg[1];
$sql = "SELECT rowid, label, email FROM ".MAIN_DB_PREFIX."c_email_senderprofile WHERE rowid = ".(int) $reg[1];
$resql = $db->query($sql);
$obj = $db->fetch_object($resql);
if ($obj) {

2
htdocs/core/ajax/row.php
View File

@ -99,6 +99,8 @@ if (GETPOST('roworder', 'alpha', 3) && GETPOST('table_element_line', 'aZ09', 3)
$perm = 1;
} elseif ($table_element_line == 'ecm_files' && $fk_element == 'fk_ticket' && !empty($user->rights->ticket->write)) {
$perm = 1;
} elseif ($table_element_line == 'product_association' && $fk_element == 'fk_product' && !empty($user->rights->produit->creer)) {
$perm = 1;
} elseif ($table_element_line == 'projet_task' && $fk_element == 'fk_projet' && $user->rights->projet->creer) {
$perm = 1;
} else {

2
htdocs/core/boxes/box_validated_projects.php
View File

@ -157,7 +157,7 @@ class box_validated_projects extends ModeleBoxes
);
if ($objp->fk_soc > 0) {
$sql = 'SELECT rowid, nom as name FROM '.MAIN_DB_PREFIX.'societe WHERE rowid = '.((int) $objp->fk_soc);
$sql = "SELECT rowid, nom as name FROM ".MAIN_DB_PREFIX."societe WHERE rowid = ".((int) $objp->fk_soc);
$resql = $this->db->query($sql);
//$socstatic = new Societe($this->db);
$obj2 = $this->db->fetch_object($resql);

8
htdocs/core/class/commonincoterm.class.php
View File

@ -60,7 +60,7 @@ trait CommonIncoterm
$this->label_incoterms = '';
if (!empty($this->fk_incoterms)) {
$sql = 'SELECT code FROM '.MAIN_DB_PREFIX.'c_incoterms WHERE rowid = '.(int) $this->fk_incoterms;
$sql = "SELECT code FROM ".MAIN_DB_PREFIX."c_incoterms WHERE rowid = ".(int) $this->fk_incoterms;
$result = $this->db->query($sql);
if ($result) {
$res = $this->db->fetch_object($result);
@ -80,7 +80,7 @@ trait CommonIncoterm
*/
public function getIncotermsForPDF()
{
$sql = 'SELECT code FROM '.MAIN_DB_PREFIX.'c_incoterms WHERE rowid = '.(int) $this->fk_incoterms;
$sql = "SELECT code FROM ".MAIN_DB_PREFIX."c_incoterms WHERE rowid = ".(int) $this->fk_incoterms;
$resql = $this->db->query($sql);
if ($resql) {
$num = $this->db->num_rows($resql);
@ -107,7 +107,7 @@ trait CommonIncoterm
{
if ($this->id && $this->table_element) {
$sql = "UPDATE ".MAIN_DB_PREFIX.$this->table_element;
$sql .= " SET fk_incoterms = ".($id_incoterm > 0 ? $id_incoterm : "null");
$sql .= " SET fk_incoterms = ".($id_incoterm > 0 ? ((int) $id_incoterm) : "null");
$sql .= ", location_incoterms = ".($id_incoterm > 0 ? "'".$this->db->escape($location)."'" : "null");
$sql .= " WHERE rowid = ".((int) $this->id);
dol_syslog(get_class($this).'::setIncoterms', LOG_DEBUG);
@ -116,7 +116,7 @@ trait CommonIncoterm
$this->fk_incoterms = $id_incoterm;
$this->location_incoterms = $location;
$sql = 'SELECT libelle as label_incotermsFROM '.MAIN_DB_PREFIX.'c_incoterms WHERE rowid = '.(int) $this->fk_incoterms;
$sql = "SELECT libelle as label_incoterms FROM ".MAIN_DB_PREFIX."c_incoterms WHERE rowid = ".(int) $this->fk_incoterms;
$res = $this->db->query($sql);
if ($res) {
$obj = $this->db->fetch_object($res);

18
htdocs/core/class/commoninvoice.class.php
View File

@ -226,8 +226,8 @@ abstract class CommonInvoice extends CommonObject
$idarray = array();
$sql = 'SELECT rowid';
$sql .= ' FROM '.MAIN_DB_PREFIX.$this->table_element;
$sql .= ' WHERE fk_facture_source = '.((int) $this->id);
$sql .= " FROM ".MAIN_DB_PREFIX.$this->table_element;
$sql .= " WHERE fk_facture_source = ".((int) $this->id);
$sql .= ' AND type = 2';
$resql = $this->db->query($sql);
if ($resql) {
@ -253,8 +253,8 @@ abstract class CommonInvoice extends CommonObject
public function getIdReplacingInvoice($option = '')
{
$sql = 'SELECT rowid';
$sql .= ' FROM '.MAIN_DB_PREFIX.$this->table_element;
$sql .= ' WHERE fk_facture_source = '.((int) $this->id);
$sql .= " FROM ".MAIN_DB_PREFIX.$this->table_element;
$sql .= " WHERE fk_facture_source = ".((int) $this->id);
$sql .= ' AND type < 2';
if ($option == 'validated') {
$sql .= ' AND fk_statut = 1';
@ -306,8 +306,8 @@ abstract class CommonInvoice extends CommonObject
$sharedentity = 'facture_fourn';
}
$sql = 'SELECT p.ref, pf.amount, pf.multicurrency_amount, p.fk_paiement, p.datep, p.num_paiement as num, t.code'.$field3;
$sql .= ' FROM '.MAIN_DB_PREFIX.$table.' as pf, '.MAIN_DB_PREFIX.$table2.' as p, '.MAIN_DB_PREFIX.'c_paiement as t';
$sql = "SELECT p.ref, pf.amount, pf.multicurrency_amount, p.fk_paiement, p.datep, p.num_paiement as num, t.code".$field3;
$sql .= " FROM ".MAIN_DB_PREFIX.$table." as pf, ".MAIN_DB_PREFIX.$table2." as p, ".MAIN_DB_PREFIX."c_paiement as t";
$sql .= " WHERE pf.".$field." = ".((int) $this->id);
$sql .= " AND pf.".$field2." = p.rowid";
$sql .= ' AND p.fk_paiement = t.id';
@ -335,12 +335,12 @@ abstract class CommonInvoice extends CommonObject
//look for credit notes and discounts and deposits
$sql = '';
if ($this->element == 'facture' || $this->element == 'invoice') {
$sql = 'SELECT rc.amount_ttc as amount, rc.multicurrency_amount_ttc as multicurrency_amount, rc.datec as date, f.ref as ref, rc.description as type';
$sql = "SELECT rc.amount_ttc as amount, rc.multicurrency_amount_ttc as multicurrency_amount, rc.datec as date, f.ref as ref, rc.description as type";
$sql .= ' FROM '.MAIN_DB_PREFIX.'societe_remise_except as rc, '.MAIN_DB_PREFIX.'facture as f';
$sql .= ' WHERE rc.fk_facture_source=f.rowid AND rc.fk_facture = '.((int) $this->id);
$sql .= ' AND (f.type = 2 OR f.type = 0 OR f.type = 3)'; // Find discount coming from credit note or excess received or deposits (payments from deposits are always null except if FACTURE_DEPOSITS_ARE_JUST_PAYMENTS is set)
} elseif ($this->element == 'facture_fourn' || $this->element == 'invoice_supplier') {
$sql = 'SELECT rc.amount_ttc as amount, rc.multicurrency_amount_ttc as multicurrency_amount, rc.datec as date, f.ref as ref, rc.description as type';
$sql = "SELECT rc.amount_ttc as amount, rc.multicurrency_amount_ttc as multicurrency_amount, rc.datec as date, f.ref as ref, rc.description as type";
$sql .= ' FROM '.MAIN_DB_PREFIX.'societe_remise_except as rc, '.MAIN_DB_PREFIX.'facture_fourn as f';
$sql .= ' WHERE rc.fk_invoice_supplier_source=f.rowid AND rc.fk_invoice_supplier = '.((int) $this->id);
$sql .= ' AND (f.type = 2 OR f.type = 0 OR f.type = 3)'; // Find discount coming from credit note or excess received or deposits (payments from deposits are always null except if FACTURE_DEPOSITS_ARE_JUST_PAYMENTS is set)
@ -734,7 +734,7 @@ abstract class CommonInvoice extends CommonObject
$sql .= 'fk_facture, ';
}
$sql .= ' amount, date_demande, fk_user_demande, code_banque, code_guichet, number, cle_rib, sourcetype, entity)';
$sql .= ' VALUES ('.((int) $this->id);
$sql .= " VALUES (".((int) $this->id);
$sql .= ", ".((float) price2num($amount));
$sql .= ", '".$this->db->idate($now)."'";
$sql .= ", ".((int) $fuser->id);

71
htdocs/core/class/commonobject.class.php
View File

@ -1671,7 +1671,7 @@ abstract class CommonObject
return 0;
}
$sql = 'SELECT rowid FROM '.MAIN_DB_PREFIX.$this->table_element.' WHERE '.$this->table_ref_field.' LIKE "'.$this->db->escape($ref).'" LIMIT 1';
$sql = "SELECT rowid FROM ".MAIN_DB_PREFIX.$this->table_element." WHERE ".$this->table_ref_field." LIKE '".$this->db->escape($ref)."' LIMIT 1";
$query = $this->db->query($sql);
@ -2911,7 +2911,7 @@ abstract class CommonObject
// Count number of lines to reorder (according to choice $renum)
$nl = 0;
$sql = 'SELECT count(rowid) FROM '.MAIN_DB_PREFIX.$this->table_element_line;
$sql = "SELECT count(rowid) FROM ".MAIN_DB_PREFIX.$this->table_element_line;
$sql .= " WHERE ".$this->fk_element." = ".((int) $this->id);
if (!$renum) {
$sql .= ' AND rang = 0';
@ -2933,7 +2933,7 @@ abstract class CommonObject
$rows = array();
// We first search all lines that are parent lines (for multilevel details lines)
$sql = 'SELECT rowid FROM '.MAIN_DB_PREFIX.$this->table_element_line;
$sql = "SELECT rowid FROM ".MAIN_DB_PREFIX.$this->table_element_line;
$sql .= " WHERE ".$this->fk_element." = ".((int) $this->id);
if ($fk_parent_line) {
$sql .= ' AND fk_parent_line IS NULL';
@ -2981,7 +2981,7 @@ abstract class CommonObject
{
$rows = array();
$sql = 'SELECT rowid FROM '.MAIN_DB_PREFIX.$this->table_element_line;
$sql = "SELECT rowid FROM ".MAIN_DB_PREFIX.$this->table_element_line;
$sql .= " WHERE ".$this->fk_element." = ".((int) $this->id);
$sql .= ' AND fk_parent_line = '.((int) $id);
$sql .= ' ORDER BY rang ASC';
@ -3049,7 +3049,7 @@ abstract class CommonObject
*
* @param int $rowid Id of line
* @param int $rang Position
* @return void
* @return int <0 if KO, >0 if OK
*/
public function updateRangOfLine($rowid, $rang)
{
@ -3065,10 +3065,13 @@ abstract class CommonObject
dol_syslog(get_class($this)."::updateRangOfLine", LOG_DEBUG);
if (!$this->db->query($sql)) {
dol_print_error($this->db);
return -1;
} else {
$parameters=array('rowid'=>$rowid, 'rang'=>$rang, 'fieldposition' => $fieldposition);
$action='';
$reshook = $hookmanager->executeHooks('afterRankOfLineUpdate', $parameters, $this, $action);
return 1;
}
$parameters=array('rowid'=>$rowid, 'rang'=>$rang, 'fieldposition' => $fieldposition);
$action='';
$reshook = $hookmanager->executeHooks('afterRankOfLineUpdate', $parameters, $this, $action);
}
// phpcs:disable PEAR.NamingConventions.ValidFunctionName.ScopeNotCamelCaps
@ -3156,8 +3159,8 @@ abstract class CommonObject
*/
public function getRangOfLine($rowid)
{
$sql = 'SELECT rang FROM '.MAIN_DB_PREFIX.$this->table_element_line;
$sql .= ' WHERE rowid ='.((int) $rowid);
$sql = "SELECT rang FROM ".MAIN_DB_PREFIX.$this->table_element_line;
$sql .= " WHERE rowid = ".((int) $rowid);
dol_syslog(get_class($this)."::getRangOfLine", LOG_DEBUG);
$resql = $this->db->query($sql);
@ -3175,9 +3178,9 @@ abstract class CommonObject
*/
public function getIdOfLine($rang)
{
$sql = 'SELECT rowid FROM '.MAIN_DB_PREFIX.$this->table_element_line;
$sql = "SELECT rowid FROM ".MAIN_DB_PREFIX.$this->table_element_line;
$sql .= " WHERE ".$this->fk_element." = ".((int) $this->id);
$sql .= ' AND rang = '.((int) $rang);
$sql .= " AND rang = ".((int) $rang);
$resql = $this->db->query($sql);
if ($resql) {
$row = $this->db->fetch_row($resql);
@ -3204,7 +3207,7 @@ abstract class CommonObject
if ($fk_parent_line) {
$sql = "SELECT max(".$positionfield.") FROM ".MAIN_DB_PREFIX.$this->table_element_line;
$sql .= " WHERE ".$this->fk_element." = ".((int) $this->id);
$sql .= ' AND fk_parent_line = '.((int) $fk_parent_line);
$sql .= " AND fk_parent_line = ".((int) $fk_parent_line);
dol_syslog(get_class($this)."::line_max", LOG_DEBUG);
$resql = $this->db->query($sql);
@ -3420,7 +3423,7 @@ abstract class CommonObject
$sql .= ', situation_percent';
}
$sql .= ', multicurrency_total_ht, multicurrency_total_tva, multicurrency_total_ttc';
$sql .= ' FROM '.MAIN_DB_PREFIX.$this->table_element_line;
$sql .= " FROM ".MAIN_DB_PREFIX.$this->table_element_line;
$sql .= " WHERE ".$this->fk_element." = ".((int) $this->id);
if ($exclspec) {
$product_field = 'product_type';
@ -3580,7 +3583,7 @@ abstract class CommonObject
}
if (empty($nodatabaseupdate)) {
$sql = 'UPDATE '.MAIN_DB_PREFIX.$this->table_element.' SET';
$sql = "UPDATE ".MAIN_DB_PREFIX.$this->table_element.' SET';
$sql .= " ".$fieldht." = ".((float) price2num($this->total_ht)).",";
$sql .= " ".$fieldtva." = ".((float) price2num($this->total_tva)).",";
$sql .= " ".$fieldlocaltax1." = ".((float) price2num($this->total_localtax1)).",";
@ -4275,8 +4278,8 @@ abstract class CommonObject
*/
public function getSpecialCode($lineid)
{
$sql = 'SELECT special_code FROM '.MAIN_DB_PREFIX.$this->table_element_line;
$sql .= ' WHERE rowid = '.((int) $lineid);
$sql = "SELECT special_code FROM ".MAIN_DB_PREFIX.$this->table_element_line;
$sql .= " WHERE rowid = ".((int) $lineid);
$resql = $this->db->query($sql);
if ($resql) {
$row = $this->db->fetch_row($resql);
@ -5332,7 +5335,7 @@ abstract class CommonObject
$ecmfile->gen_or_uploaded = 'generated';
$ecmfile->description = ''; // indexed content
$ecmfile->keywords = ''; // keyword content
$ecmfile->src_object_type = $this->table_element;
$ecmfile->src_object_type = $this->table_element.(empty($this->module) ? '' : '@'.$this->module);
$ecmfile->src_object_id = $this->id;
$result = $ecmfile->create($user);
@ -6695,8 +6698,8 @@ abstract class CommonObject
}
$sqlwhere = '';
$sql = 'SELECT '.$keyList;
$sql .= ' FROM '.MAIN_DB_PREFIX.$InfoFieldList[0];
$sql = "SELECT ".$keyList;
$sql .= " FROM ".MAIN_DB_PREFIX.$InfoFieldList[0];
if (!empty($InfoFieldList[4])) {
// can use SELECT request
if (strpos($InfoFieldList[4], '$SEL$') !== false) {
@ -6847,7 +6850,7 @@ abstract class CommonObject
}
$sqlwhere = '';
$sql = 'SELECT '.$keyList;
$sql = "SELECT ".$keyList;
$sql .= ' FROM '.MAIN_DB_PREFIX.$InfoFieldList[0];
if (!empty($InfoFieldList[4])) {
// can use SELECT request
@ -7208,7 +7211,7 @@ abstract class CommonObject
$keyList .= implode(', ', $fields_label);
}
$sql = 'SELECT '.$keyList;
$sql = "SELECT ".$keyList;
$sql .= ' FROM '.MAIN_DB_PREFIX.$InfoFieldList[0];
if (strpos($InfoFieldList[4], 'extra') !== false) {
$sql .= ' as main';
@ -7291,7 +7294,7 @@ abstract class CommonObject
$keyList .= implode(', ', $fields_label);
}
$sql = 'SELECT '.$keyList;
$sql = "SELECT ".$keyList;
$sql .= ' FROM '.MAIN_DB_PREFIX.$InfoFieldList[0];
if (strpos($InfoFieldList[4], 'extra') !== false) {
$sql .= ' as main';
@ -8228,7 +8231,7 @@ abstract class CommonObject
$return .= '<br>';
// On propose la generation de la vignette si elle n'existe pas et si la taille est superieure aux limites
if ($photo_vignette && (image_format_supported($photo) > 0) && ($this->imgWidth > $maxWidth || $this->imgHeight > $maxHeight)) {
$return .= '<a href="'.$_SERVER["PHP_SELF"].'?id='.$this->id.'&amp;action=addthumb&amp;file='.urlencode($pdir.$viewfilename).'">'.img_picto($langs->trans('GenerateThumb'), 'refresh').'&nbsp;&nbsp;</a>';
$return .= '<a href="'.$_SERVER["PHP_SELF"].'?id='.$this->id.'&action=addthumb&token='.newToken().'&file='.urlencode($pdir.$viewfilename).'">'.img_picto($langs->trans('GenerateThumb'), 'refresh').'&nbsp;&nbsp;</a>';
}
// Special cas for product
if ($modulepart == 'product' && ($user->rights->produit->creer || $user->rights->service->creer)) {
@ -8690,7 +8693,7 @@ abstract class CommonObject
// If field is an implicit foreign key field
if (preg_match('/^integer:/i', $this->fields[$key]['type']) && empty($values[$key])) {
if (isset($this->fields[$key]['default'])) {
$values[$key] = $this->fields[$key]['default'];
$values[$key] = ((int) $this->fields[$key]['default']);
} else {
$values[$key] = 'null';
}
@ -8707,9 +8710,9 @@ abstract class CommonObject
$this->db->begin();
if (!$error) {
$sql = 'INSERT INTO '.MAIN_DB_PREFIX.$this->table_element;
$sql .= ' ('.implode(", ", $keys).')';
$sql .= ' VALUES ('.implode(", ", $values).')';
$sql = "INSERT INTO ".MAIN_DB_PREFIX.$this->table_element;
$sql .= " (".implode(", ", $keys).')';
$sql .= " VALUES (".implode(", ", $values).")"; // $values can contains 'abc' or 123
$res = $this->db->query($sql);
if ($res === false) {
@ -8725,7 +8728,7 @@ abstract class CommonObject
// If we have a field ref with a default value of (PROV)
if (!$error) {
if (key_exists('ref', $this->fields) && $this->fields['ref']['notnull'] > 0 && key_exists('default', $this->fields['ref']) && $this->fields['ref']['default'] == '(PROV)') {
$sql = "UPDATE ".MAIN_DB_PREFIX.$this->table_element." SET ref = '(PROV".$this->id.")' WHERE (ref = '(PROV)' OR ref = '') AND rowid = ".((int) $this->id);
$sql = "UPDATE ".MAIN_DB_PREFIX.$this->table_element." SET ref = '(PROV".((int) $this->id).")' WHERE (ref = '(PROV)' OR ref = '') AND rowid = ".((int) $this->id);
$resqlupdate = $this->db->query($sql);
if ($resqlupdate === false) {
@ -9413,6 +9416,11 @@ abstract class CommonObject
*/
public function setCategoriesCommon($categories, $type_categ = '', $remove_existing = true)
{
// Handle single category
if (!is_array($categories)) {
$categories = array($categories);
}
dol_syslog(get_class($this)."::setCategoriesCommon Oject Id:".$this->id.' type_categ:'.$type_categ.' nb tag add:'.count($categories), LOG_DEBUG);
require_once DOL_DOCUMENT_ROOT.'/categories/class/categorie.class.php';
@ -9422,11 +9430,6 @@ abstract class CommonObject
return -1;
}
// Handle single category
if (!is_array($categories)) {
$categories = array($categories);
}
// Get current categories
$c = new Categorie($this->db);
$existing = $c->containing($this->id, $type_categ, 'id');

8
htdocs/core/class/conf.class.php
View File

@ -826,9 +826,13 @@ class Conf
$this->global->MAIN_MODULE_DOLISTORE_API_KEY = 'dolistorecatalogpublickey1234567';
}
// If we are in develop mode, we activate the option MAIN_SECURITY_CSRF_WITH_TOKEN to 1 if not already defined.
if (!isset($this->global->MAIN_SECURITY_CSRF_WITH_TOKEN) && $this->global->MAIN_FEATURES_LEVEL >= 2) {
// Enable by default the CSRF protection by token.
if (!isset($this->global->MAIN_SECURITY_CSRF_WITH_TOKEN)) {
// Value 1 makes CSRF check for all POST parameters only
// Value 2 makes also CSRF check for GET requests with action = a sensitive requests like action=del, action=remove...
// Value 3 makes also CSRF check for all GET requests with a param action or massaction
$this->global->MAIN_SECURITY_CSRF_WITH_TOKEN = 1;
// Note: Set MAIN_SECURITY_CSRF_TOKEN_RENEWAL_ON_EACH_CALL=1 to have a renewal of token at each page call instead of each session (not recommended)
}
if (defined('MAIN_ANTIVIRUS_COMMAND')) {

6
htdocs/core/class/dolgraph.class.php
View File

@ -741,7 +741,7 @@ class DolGraph
/**
* Build a graph using JFlot library. Input when calling this method should be:
* $this->data = array(array(0=>'labelxA',1=>yA), array('labelxB',yB));
* $this->data = array(array(0=>'labelxA',1=>yA1,...,n=>yAn), array('labelxB',yB1,...yBn)); // or when there is n series to show for each x
* $this->data = array(array(0=>'labelxA',1=>yA1,...,n=>yAn), array('labelxB',yB1,...yBn)); // when there is n series to show for each x
* $this->data = array(array('label'=>'labelxA','data'=>yA), array('labelxB',yB)); // Syntax deprecated
* $this->legend= array("Val1",...,"Valn"); // list of n series name
* $this->type = array('bars',...'lines','linesnopoint'); or array('pie') or array('polar')
@ -1028,7 +1028,7 @@ class DolGraph
/**
* Build a graph using Chart library. Input when calling this method should be:
* $this->data = array(array(0=>'labelxA',1=>yA), array('labelxB',yB));
* $this->data = array(array(0=>'labelxA',1=>yA1,...,n=>yAn), array('labelxB',yB1,...yBn)); // or when there is n series to show for each x
* $this->data = array(array(0=>'labelxA',1=>yA1,...,n=>yAn), array('labelxB',yB1,...yBn)); // when there is n series to show for each x
* $this->data = array(array('label'=>'labelxA','data'=>yA), array('labelxB',yB)); // Syntax deprecated
* $this->legend= array("Val1",...,"Valn"); // list of n series name
* $this->type = array('bars',...'lines', 'linesnopoint'); or array('pie') or array('polar') or array('piesemicircle');
@ -1303,6 +1303,8 @@ class DolGraph
$this->stringtoshow .= 'var options = { maintainAspectRatio: false, aspectRatio: 2.5, ';
if (empty($showlegend)) {
$this->stringtoshow .= 'legend: { display: false }, ';
} else {
$this->stringtoshow .= 'legend: { position: \'' . ($showlegend == 2 ? 'right' : 'top') . '\' },';
}
$this->stringtoshow .= 'scales: { xAxes: [{ ';
if ($this->hideXValues) {

10
htdocs/core/class/extrafields.class.php
View File

@ -1252,7 +1252,7 @@ class ExtraFields
}
$sqlwhere = '';
$sql = 'SELECT '.$keyList;
$sql = "SELECT ".$keyList;
$sql .= ' FROM '.MAIN_DB_PREFIX.$InfoFieldList[0];
if (!empty($InfoFieldList[4])) {
// can use curent entity filter
@ -1420,7 +1420,7 @@ class ExtraFields
}
$sqlwhere = '';
$sql = 'SELECT '.$keyList;
$sql = "SELECT ".$keyList;
$sql .= ' FROM '.MAIN_DB_PREFIX.$InfoFieldList[0];
if (!empty($InfoFieldList[4])) {
// can use SELECT request
@ -1716,7 +1716,7 @@ class ExtraFields
}
}
$sql = 'SELECT '.$keyList;
$sql = "SELECT ".$keyList;
$sql .= ' FROM '.MAIN_DB_PREFIX.$InfoFieldList[0];
if (!empty($InfoFieldList[4]) && strpos($InfoFieldList[4], 'extra') !== false) {
$sql .= ' as main';
@ -1820,8 +1820,8 @@ class ExtraFields
}
}
$sql = 'SELECT '.$keyList;
$sql .= ' FROM '.MAIN_DB_PREFIX.$InfoFieldList[0];
$sql = "SELECT ".$keyList;
$sql .= " FROM ".MAIN_DB_PREFIX.$InfoFieldList[0];
if (strpos($InfoFieldList[4], 'extra') !== false) {
$sql .= ' as main';
}

16
htdocs/core/class/html.form.class.php
View File

@ -791,7 +791,7 @@ class Form
// Warning: if you set submit button to disabled, post using 'Enter' will no more work if there is no another input submit. So we add a hidden button
$ret .= '<input type="submit" name="confirmmassactioninvisible" style="display: none" tabindex="-1">'; // Hidden button BEFORE so it is the one used when we submit with ENTER.
$ret .= '<input type="submit" disabled name="confirmmassaction"'.(empty($conf->use_javascript_ajax) ? '' : ' style="display: none"').' class="button'.(empty($conf->use_javascript_ajax) ? '' : ' hideobject').' '.$name.' '.$name.'confirmed" value="'.dol_escape_htmltag($langs->trans("Confirm")).'">';
$ret .= '<input type="submit" disabled name="confirmmassaction"'.(empty($conf->use_javascript_ajax) ? '' : ' style="display: none"').' class="button small'.(empty($conf->use_javascript_ajax) ? '' : ' hideobject').' '.$name.' '.$name.'confirmed" value="'.dol_escape_htmltag($langs->trans("Confirm")).'">';
$ret .= '</div>';
if (!empty($conf->use_javascript_ajax)) {
@ -1680,11 +1680,6 @@ class Form
if ($resql) {
$num = $this->db->num_rows($resql);
if ($conf->use_javascript_ajax && !$forcecombo && !$options_only) {
include_once DOL_DOCUMENT_ROOT.'/core/lib/ajax.lib.php';
$out .= ajax_combobox($htmlid, $events, getDolGlobalString("CONTACT_USE_SEARCH_TO_SELECT"));
}
if ($htmlname != 'none' && !$options_only) {
$out .= '<select class="flat'.($moreclass ? ' '.$moreclass : '').'" id="'.$htmlid.'" name="'.$htmlname.(($num || empty($disableifempty)) ? '' : ' disabled').($multiple ? '[]' : '').'" '.($multiple ? 'multiple' : '').' '.(!empty($moreparam) ? $moreparam : '').'>';
}
@ -1815,6 +1810,11 @@ class Form
$out .= '</select>';
}
if ($conf->use_javascript_ajax && !$forcecombo && !$options_only) {
include_once DOL_DOCUMENT_ROOT.'/core/lib/ajax.lib.php';
$out .= ajax_combobox($htmlid, $events, getDolGlobalString("CONTACT_USE_SEARCH_TO_SELECT"));
}
$this->num = $num;
return $out;
} else {
@ -8833,8 +8833,8 @@ class Form
public function showFilterButtons()
{
$out = '<div class="nowraponall">';
$out .= '<button type="submit" class="liste_titre button_search" name="button_search_x" value="x"><span class="fa fa-search"></span></button>';
$out .= '<button type="submit" class="liste_titre button_removefilter" name="button_removefilter_x" value="x"><span class="fa fa-remove"></span></button>';
$out .= '<button type="submit" class="liste_titre button_search reposition" name="button_search_x" value="x"><span class="fa fa-search"></span></button>';
$out .= '<button type="submit" class="liste_titre button_removefilter reposition" name="button_removefilter_x" value="x"><span class="fa fa-remove"></span></button>';
$out .= '</div>';
return $out;

17
htdocs/core/class/html.formfile.class.php
View File

@ -136,6 +136,7 @@ class FormFile
$out .= '<input type="hidden" id="'.$htmlname.'_section_id" name="section_id" value="'.$sectionid.'">'."\n";
$out .= '<input type="hidden" name="sortfield" value="'.GETPOST('sortfield', 'aZ09comma').'">'."\n";
$out .= '<input type="hidden" name="sortorder" value="'.GETPOST('sortorder', 'aZ09comma').'">'."\n";
$out .= '<input type="hidden" name="page_y" value="">'."\n";
}
$out .= '<table class="nobordernopadding centpercent">';
@ -215,13 +216,13 @@ class FormFile
$langs->load('link');
$out .= '<span class="nowraponsmartphone"><input style="margin-right: 2px;" type="checkbox" id="overwritefile" name="overwritefile" value="1"><label for="overwritefile">'.$langs->trans("OverwriteIfExists").'</label></span>';
}
$out .= '<input type="submit" class="button reposition" name="sendit" value="'.$langs->trans("Upload").'"';
$out .= '<input type="submit" class="button small reposition" name="sendit" value="'.$langs->trans("Upload").'"';
$out .= (empty($conf->global->MAIN_UPLOAD_DOC) || empty($perm) ? ' disabled' : '');
$out .= '>';
if ($addcancel) {
$out .= ' &nbsp; ';
$out .= '<input type="submit" class="button button-cancel" name="cancel" value="'.$langs->trans("Cancel").'">';
$out .= '<input type="submit" class="button small button-cancel" name="cancel" value="'.$langs->trans("Cancel").'">';
}
if (!empty($conf->global->MAIN_UPLOAD_DOC)) {
@ -275,6 +276,7 @@ class FormFile
$out .= '<input type="hidden" name="token" value="'.newToken().'">'."\n";
$out .= '<input type="hidden" id="'.$htmlname.'_link_section_dir" name="link_section_dir" value="">'."\n";
$out .= '<input type="hidden" id="'.$htmlname.'_link_section_id" name="link_section_id" value="'.$sectionid.'">'."\n";
$out .= '<input type="hidden" name="page_y" value="">'."\n";
}
$out .= '<div class="valignmiddle">';
@ -293,7 +295,7 @@ class FormFile
$out .= '<input type="hidden" name="objectid" value="'.$object->id.'">';
$out .= '</div>';
$out .= '<div class="inline-block" style="padding-right: 10px;">';
$out .= '<input type="submit" class="button" name="linkit" value="'.$langs->trans("ToLink").'"';
$out .= '<input type="submit" class="button small reposition" name="linkit" value="'.$langs->trans("ToLink").'"';
$out .= (empty($conf->global->MAIN_UPLOAD_DOC) || empty($perm) ? ' disabled' : '');
$out .= '>';
$out .= '</div>';
@ -1672,7 +1674,8 @@ class FormFile
dol_include_once($hookmanager->resArray['classpath']);
if (array_key_exists('classname', $hookmanager->resArray) && !empty($hookmanager->resArray['classname'])) {
if (class_exists($hookmanager->resArray['classname'])) {
$object_instance = new ${$hookmanager->resArray['classname']}($this->db);
$tmpclassname = $hookmanager->resArray['classname'];
$object_instance = new $tmpclassname($this->db);
}
}
}
@ -1811,9 +1814,11 @@ class FormFile
print '</td>';
// File
// Check if document source has external module part, if it the case use it for module part on document.php
preg_match('/^[^@]*@([^@]*)$/', $modulepart.'@expertisemedical', $modulesuffix);
print '<td>';
//print "XX".$file['name']; //$file['name'] must be utf8
print '<a href="'.DOL_URL_ROOT.'/document.php?modulepart='.$modulepart;
print '<a href="'.DOL_URL_ROOT.'/document.php?modulepart='.(empty($modulesuffix) ? $modulepart : $modulesuffix[1]);
if ($forcedownload) {
print '&attachment=1';
}
@ -1824,7 +1829,7 @@ class FormFile
//print $this->getDocumentsLink($modulepart, $modulesubdir, $filedir, '^'.preg_quote($file['name'],'/').'$');
print $this->showPreview($file, $modulepart, $file['relativename']);
print $this->showPreview($file, (empty($modulesuffix) ? $modulepart : $modulesuffix[1]), $file['relativename']);
print "</td>\n";

4
htdocs/core/class/html.formother.class.php
View File

@ -863,9 +863,9 @@ class FormOther
}
},
function(color, context) { console.log("close"); },
function(color, context) { var hex = color.val(\'hex\'); console.log("new color selected in jpicker "+hex);';
function(color, context) { var hex = color.val(\'hex\'); console.log("new color selected in jpicker "+hex+" setpropertyonselect='.dol_escape_js($setpropertyonselect).'");';
if ($setpropertyonselect) {
$out .= ' if (hex != null) document.documentElement.style.setProperty(\'--'.$setpropertyonselect.'\', \'#\'+hex);';
$out .= ' if (hex != null) document.documentElement.style.setProperty(\'--'.dol_escape_js($setpropertyonselect).'\', \'#\'+hex);';
}
$out .= '},
function(color, context) { console.log("cancel"); }

2
htdocs/core/class/html.formticket.class.php
View File

@ -762,7 +762,7 @@ class FormTicket
$arraycodenotparent[] = "";
$stringtoprint = '<span class="supportemailfield bold">'.$langs->trans("GroupOfTicket").'</span> ';
$stringtoprint .= '<select id ="'.$htmlname.'" class="maxwidth500 minwidth400" child_id="0">';
$stringtoprint .= '<select id ="'.$htmlname.'" class="minwidth500" child_id="0">';
$stringtoprint .= '<option value="">&nbsp;</option>';
$sql = "SELECT ctc.rowid, ctc.code, ctc.label, ctc.fk_parent, ctc.public, ";

2
htdocs/core/class/rssparser.class.php
View File

@ -240,7 +240,7 @@ class RssParser
if (!empty($conf->global->EXTERNALRSS_USE_SIMPLEXML)) {
//print 'xx'.LIBXML_NOCDATA;
libxml_use_internal_errors(false);
$rss = simplexml_load_string($str, "SimpleXMLElement", LIBXML_NOCDATA);
$rss = simplexml_load_string($str, "SimpleXMLElement", LIBXML_NOCDATA|LIBXML_NOCDATA);
} else {
if (!function_exists('xml_parser_create')) {
$this->error = 'Function xml_parser_create are not supported by your PHP';

2
htdocs/core/lib/company.lib.php
View File

@ -724,7 +724,7 @@ function getFormeJuridiqueLabel($code)
function getCountriesInEEC()
{
// List of all country codes that are in europe for european vat rules
// List found on http://ec.europa.eu/taxation_customs/common/faq/faq_1179_en.htm#9
// List found on https://ec.europa.eu/taxation_customs/territorial-status-eu-countries-and-certain-territories_en
global $conf, $db;
$country_code_in_EEC = array();

2
htdocs/core/lib/eventorganization.lib.php
View File

@ -16,7 +16,7 @@
*/
/**
* \file eventorganization/lib/eventorganization.lib.php
* \file htdocs/core/lib/eventorganization.lib.php
* \ingroup eventorganization
* \brief Library files with common functions for EventOrganization
*/

4
htdocs/core/lib/functions.lib.php
View File

@ -3732,7 +3732,7 @@ function img_picto($titlealt, $picto, $moreatt = '', $pictoisfullpath = false, $
'action'=>'infobox-action', 'account'=>'infobox-bank_account', 'accountline'=>'infobox-bank_account', 'accountancy'=>'infobox-bank_account', 'asset'=>'infobox-bank_account',
'bank_account'=>'bg-infobox-bank_account',
'bill'=>'infobox-commande', 'billa'=>'infobox-commande', 'billr'=>'infobox-commande', 'billd'=>'infobox-commande',
'conferenceorbooth'=>'infobox-project',
'margin'=>'infobox-bank_account', 'conferenceorbooth'=>'infobox-project',
'cash-register'=>'infobox-bank_account', 'contract'=>'infobox-contrat', 'check'=>'font-status4', 'collab'=>'infobox-action', 'conversation'=>'infobox-contrat',
'donation'=>'infobox-commande', 'dolly'=>'infobox-commande', 'dollyrevert'=>'flip infobox-order_supplier',
'ecm'=>'infobox-action', 'eventorganization'=>'infobox-project',
@ -4386,7 +4386,7 @@ function img_mime($file, $titlealt = '', $morecss = '')
}
//return img_picto_common($titlealt, 'mime/'.$mimeimg, 'class="'.$morecss.'"');
return '<i class="fa fa-'.$mimefa.' paddingright"'.($titlealt ? ' title="'.$titlealt.'"' : '').'></i>';
return '<i class="fa fa-'.$mimefa.' paddingright'.($morecss ? ' '.$morecss : '').'"'.($titlealt ? ' title="'.$titlealt.'"' : '').'></i>';
}

22
htdocs/core/lib/invoice.lib.php
View File

@ -480,7 +480,8 @@ function getNumberInvoicesPieChart($mode)
date_add($datenowadd30, $interval30days);
date_add($datenowadd15, $interval15days);
$sql = "SELECT sum(".$db->ifsql("f.date_lim_reglement < '".date_format($datenowsub30, 'Y-m-d')."'", 1, 0).") as nblate30";
$sql = "SELECT";
$sql .= " sum(".$db->ifsql("f.date_lim_reglement < '".date_format($datenowsub30, 'Y-m-d')."'", 1, 0).") as nblate30";
$sql .= ", sum(".$db->ifsql("f.date_lim_reglement < '".date_format($datenowsub15, 'Y-m-d')."'", 1, 0).") as nblate15";
$sql .= ", sum(".$db->ifsql("f.date_lim_reglement < '".date_format($now, 'Y-m-d')."'", 1, 0).") as nblatenow";
$sql .= ", sum(".$db->ifsql("f.date_lim_reglement >= '".date_format($now, 'Y-m-d')."'", 1, 0).") as nbnotlatenow";
@ -508,24 +509,26 @@ function getNumberInvoicesPieChart($mode)
while ($i < $num) {
$obj = $db->fetch_object($resql);
$dataseries = array(array($langs->trans('InvoiceLate30Days'), $obj->nblate30)
/*$dataseries = array(array($langs->trans('InvoiceLate30Days'), $obj->nblate30)
,array($langs->trans('InvoiceLate15Days'), $obj->nblate15 - $obj->nblate30)
,array($langs->trans('InvoiceLateMinus15Days'), $obj->nblatenow - $obj->nblate15)
,array($langs->trans('InvoiceNotLate'), $obj->nbnotlatenow - $obj->nbnotlate15)
,array($langs->trans('InvoiceNotLate15Days'), $obj->nbnotlate15 - $obj->nbnotlate30)
,array($langs->trans('InvoiceNotLate30Days'), $obj->nbnotlate30));
,array($langs->trans('InvoiceNotLate30Days'), $obj->nbnotlate30));*/
$dataseries[0]=array($langs->trans('NbOfOpenInvoices'), $obj->nblate30, $obj->nblate15 - $obj->nblate30, $obj->nblatenow - $obj->nblate15, $obj->nbnotlatenow - $obj->nbnotlate15, $obj->nbnotlate15 - $obj->nbnotlate30, $obj->nbnotlate30);
$i++;
}
foreach ($dataseries as $key=>$value) {
$total += $value[1];
}
$legend = array($langs->trans('InvoiceLate30Days'), $langs->trans('InvoiceLate15Days'), $langs->trans('InvoiceLateMinus15Days'), $langs->trans('InvoiceNotLate'), $langs->trans('InvoiceNotLate15Days'), $langs->trans('InvoiceNotLate30Days'));
$colorseries = array($badgeStatus8, $badgeStatus1, $badgeStatus3, $badgeStatus4, $badgeStatus11, '-'.$badgeStatus11);
$result = '<div class="div-table-responsive-no-min">';
$result .= '<table class="noborder nohover centpercent">';
$result .= '<tr class="liste_titre">';
$result .= '<td>'.$langs->trans("Statistics").' - ';
$result .= '<td>'.$langs->trans("NbOfOpenInvoices").' - ';
if ($mode == 'customers') {
$result .= $langs->trans("CustomerInvoice");
} elseif ($mode == 'fourn' || $mode == 'suppliers') {
@ -537,14 +540,19 @@ function getNumberInvoicesPieChart($mode)
$result .= '</tr>';
if ($conf->use_javascript_ajax) {
//var_dump($dataseries);
$dolgraph = new DolGraph();
$dolgraph->SetData($dataseries);
$dolgraph->setLegend($legend);
$dolgraph->SetDataColor(array_values($colorseries));
$dolgraph->setShowLegend(2);
$dolgraph->setShowPercent(1);
$dolgraph->SetType(['pie']);
$dolgraph->setHeight('150');
$dolgraph->setWidth('300');
$dolgraph->SetType(array('bars', 'bars', 'bars', 'bars', 'bars', 'bars'));
$dolgraph->setHeight('160');
$dolgraph->setWidth('400');
$dolgraph->setHideXValues(true);
if ($mode == 'customers') {
$dolgraph->draw('idgraphcustomerinvoices');
} elseif ($mode == 'fourn' || $mode == 'suppliers') {

4
htdocs/core/lib/usergroups.lib.php
View File

@ -339,7 +339,7 @@ function showSkins($fuser, $edit = 0, $foruserprofile = false)
$thumbsbyrow = 6;
print '<div class="div-table-responsive-no-min">';
print '<table class="noborder centpercent'.($edit ? ' editmode' : '').'">';
print '<table class="noborder centpercent'.($edit ? ' editmodeforshowskin' : '').'">';
// Title
if ($foruserprofile) {
@ -400,7 +400,7 @@ function showSkins($fuser, $edit = 0, $foruserprofile = false)
if (!file_exists($file)) {
$url = DOL_URL_ROOT.'/public/theme/common/nophoto.png';
}
print '<a href="'.$_SERVER["PHP_SELF"].($edit ? '?action=edit&token='.newToken().'&theme=' : '?theme=').$subdir.(GETPOST('optioncss', 'alpha', 1) ? '&optioncss='.GETPOST('optioncss', 'alpha', 1) : '').($fuser ? '&id='.$fuser->id : '').'" style="font-weight: normal;" alt="'.$langs->trans("Preview").'">';
print '<a href="'.$_SERVER["PHP_SELF"].($edit ? '?action=edit&token='.newToken().'&mode=template&theme=' : '?theme=').$subdir.(GETPOST('optioncss', 'alpha', 1) ? '&optioncss='.GETPOST('optioncss', 'alpha', 1) : '').($fuser ? '&id='.$fuser->id : '').'" style="font-weight: normal;" alt="'.$langs->trans("Preview").'">';
if ($subdir == $conf->global->MAIN_THEME) {
$title = $langs->trans("ThemeCurrentlyActive");
} else {

2
htdocs/core/modules/product_batch/mod_lot_free.php
View File

@ -18,7 +18,7 @@
*/
/**
* \file htdocs/core/modules/product/mod_lot_free.php
* \file htdocs/core/modules/product_batch/mod_lot_free.php
* \ingroup productbatch
* \brief File containing class for numbering model of Lot free
*/

2
htdocs/core/modules/product_batch/mod_sn_advanced.php
View File

@ -22,7 +22,7 @@
*/
/**
* \file htdocs/core/modules/product_batch/mod_batch_advanced.php
* \file htdocs/core/modules/product_batch/mod_sn_advanced.php
* \ingroup productbatch
* \brief File containing class for numbering model of SN advanced
*/

2
htdocs/core/modules/product_batch/mod_sn_free.php
View File

@ -18,7 +18,7 @@
*/
/**
* \file htdocs/core/modules/product/mod_sn_free.php
* \file htdocs/core/modules/product_batch/mod_sn_free.php
* \ingroup productbatch
* \brief File containing class for numbering model of SN free
*/

4
htdocs/core/tpl/admin_extrafields_view.tpl.php
View File

@ -141,9 +141,9 @@ if (isset($extrafields->attributes[$elementtype]['type']) && is_array($extrafiel
}
print '<tr class="oddeven">';
print '<td class="opacitymedium" colspan="'.$colspan.'">';
print '<td colspan="'.$colspan.'"><span class="opacitymedium">';
print $langs->trans("None");
print '</td>';
print '</span></td>';
print '</tr>';
}

1
htdocs/core/tpl/ajaxrow.tpl.php
View File

@ -61,6 +61,7 @@ $(document).ready(function(){
console.log("tableDND onDrop");
console.log(decodeURI($("#<?php echo $tagidfortablednd; ?>").tableDnDSerialize()));
$('#<?php echo $tagidfortablednd; ?> tr[data-element=extrafield]').attr('id', ''); // Set extrafields id to empty value in order to ignore them in tableDnDSerialize function
$('#<?php echo $tagidfortablednd; ?> tr[data-ignoreidfordnd=1]').attr('id', ''); // Set id to empty value in order to ignore them in tableDnDSerialize function
var roworder = cleanSerialize(decodeURI($("#<?php echo $tagidfortablednd; ?>").tableDnDSerialize()));
var table_element_line = "<?php echo $table_element_line; ?>";
var fk_element = "<?php echo $fk_element; ?>";

10
htdocs/core/tpl/contacts.tpl.php
View File

@ -135,19 +135,19 @@ if ($permission) {
<input type="hidden" name="id" value="<?php echo $object->id; ?>" />
<input type="hidden" name="action" value="addcontact" />
<input type="hidden" name="source" value="external" />
<input type="hidden" name="page_y" value="" />
<?php if (!empty($withproject)) {
print '<input type="hidden" name="withproject" value="'.$withproject.'">';
} ?>
<div class="tagtd nowrap maxwidthonsmartphone noborderbottom">
<div class="tagtd nowrap noborderbottom">
<?php
$selectedCompany = GETPOSTISSET("newcompany") ? GETPOST("newcompany", 'int') : (empty($object->socid) ? 0 : $object->socid);
$selectedCompany = $formcompany->selectCompaniesForNewContact($object, 'id', $selectedCompany, 'newcompany', '', 0, '', 'minwidth300imp'); ?>
</div>
<!-- <div class="tagtd nowrap noborderbottom"><?php echo img_object('', 'contact').' '.$langs->trans("ThirdPartyContacts"); ?></div>-->
<div class="tagtd maxwidthonsmartphone noborderbottom">
<div class="tagtd noborderbottom minwidth500imp">
<?php
print img_object('', 'contact', 'class="pictofixedwidth"').$form->selectcontacts(($selectedCompany > 0 ? $selectedCompany : -1), '', 'contactid', 3, '', '', 1, 'minwidth100imp');
print img_object('', 'contact', 'class="pictofixedwidth"').$form->selectcontacts(($selectedCompany > 0 ? $selectedCompany : -1), '', 'contactid', 3, '', '', 1, 'minwidth100imp widthcentpercentminusxx maxwidth400');
$nbofcontacts = $form->num;
$newcardbutton = '';
@ -157,7 +157,7 @@ if ($permission) {
print $newcardbutton;
?>
</div>
<div class="tagtd maxwidthonsmartphone noborderbottom">
<div class="tagtd noborderbottom">
<?php
$tmpobject = $object;
if (($object->element == 'shipping' || $object->element == 'reception') && is_object($objectsrc)) {

2
htdocs/core/tpl/login.tpl.php
View File

@ -346,7 +346,7 @@ if (!empty($conf->global->MAIN_EASTER_EGG_COMMITSTRIP)) {
$resgetcommitstrip = getURLContent("https://www.commitstrip.com/en/feed/");
}
if ($resgetcommitstrip && $resgetcommitstrip['http_code'] == '200') {
$xml = simplexml_load_string($resgetcommitstrip['content']);
$xml = simplexml_load_string($resgetcommitstrip['content'], 'SimpleXMLElement', LIBXML_NOCDATA|LIBXML_NONET);
$little = $xml->channel->item[0]->children('content', true);
print preg_replace('/width="650" height="658"/', '', $little->encoded);
}

6
htdocs/core/triggers/interface_90_modSociete_ContactRoles.class.php
View File

@ -78,7 +78,11 @@ class InterfaceContactRoles extends DolibarrTriggers
require_once DOL_DOCUMENT_ROOT.'/contact/class/contact.class.php';
$contactdefault = new Contact($this->db);
$contactdefault->socid = $socid;
$TContact = $contactdefault->getContactRoles($object->element);
$TContact = array();
if (method_exists($contactdefault, 'getContactRoles')) { // For backward compatibility
$TContact = $contactdefault->getContactRoles($object->element);
}
if (is_array($TContact) && !empty($TContact)) {
$TContactAlreadyLinked = array();

2
htdocs/don/class/don.class.php
View File

@ -1116,7 +1116,7 @@ class Don extends CommonObject
return -1;
}
$sql = 'SELECT SUM(amount) as sum_amount FROM '.MAIN_DB_PREFIX.'payment_donation WHERE fk_donation = '.((int) $this->id);
$sql = "SELECT SUM(amount) as sum_amount FROM ".MAIN_DB_PREFIX."payment_donation WHERE fk_donation = ".((int) $this->id);
$resql = $this->db->query($sql);
if (!$resql) {
dol_print_error($this->db);

2
htdocs/ecm/index.php
View File

@ -42,6 +42,7 @@ if (!$section) {
$section = 0;
}
$section_dir = GETPOST('section_dir', 'alpha');
$overwritefile = GETPOST('overwritefile', 'int');
$limit = GETPOST('limit', 'int') ? GETPOST('limit', 'int') : $conf->liste_limit;
$sortfield = GETPOST("sortfield", 'alpha');
@ -120,7 +121,6 @@ if (GETPOST("sendit", 'alphanohtml') && !empty($conf->global->MAIN_UPLOAD_DOC))
if (!$error) {
$generatethumbs = 0;
$overwritefile = GETPOST('overwritefile', 'int')?GETPOST('overwritefile', 'int'):0;
$res = dol_add_file_process($upload_dir, $overwritefile, 1, 'userfile', '', null, '', $generatethumbs);
if ($res > 0) {
$result = $ecmdir->changeNbOfFiles('+');

1
htdocs/eventorganization/conferenceorbooth_list.php
View File

@ -643,6 +643,7 @@ print '<input type="hidden" name="action" value="list">';
print '<input type="hidden" name="sortfield" value="'.$sortfield.'">';
print '<input type="hidden" name="sortorder" value="'.$sortorder.'">';
print '<input type="hidden" name="contextpage" value="'.$contextpage.'">';
print '<input type="hidden" name="page_y" value="">';
$title = $langs->trans("ListOfConferencesOrBooths");

1
htdocs/eventorganization/conferenceorboothattendee_list.php
View File

@ -697,6 +697,7 @@ print '<input type="hidden" name="sortorder" value="'.$sortorder.'">';
print '<input type="hidden" name="contextpage" value="'.$contextpage.'">';
print '<input type="hidden" name="withproject" value="'.$withproject.'">';
print '<input type="hidden" name="fk_project" value="'.$fk_project.'">';
print '<input type="hidden" name="page_y" value="">';
$newcardbutton = dolGetButtonTitle($langs->trans('New'), '', 'fa fa-plus-circle', DOL_URL_ROOT.'/eventorganization/conferenceorboothattendee_card.php?action=create'.(!empty($confOrBooth->id)?'&conforboothid='.$confOrBooth->id:'').(!empty($projectstatic->id)?'&fk_project='.$projectstatic->id:'').$withProjectUrl.'&backtopage='.urlencode($_SERVER['PHP_SELF'].'?projectid='.$projectstatic->id.(empty($confOrBooth->id) ? '' : '&conforboothid='.$confOrBooth->id).$withProjectUrl), '', $permissiontoadd);

2
htdocs/eventorganization/core/actions_massactions_mail.inc.php
View File

@ -173,7 +173,7 @@ if (!$error && $massaction == 'confirm_presend_attendees') {
$tmp = explode(',', $conf->global->MAIN_INFO_SOCIETE_MAIL_ALIASES);
$from = trim($tmp[($reg[1] - 1)]);
} elseif (preg_match('/senderprofile_(\d+)_(\d+)/', $fromtype, $reg)) {
$sql = 'SELECT rowid, label, email FROM ' . MAIN_DB_PREFIX . 'c_email_senderprofile WHERE rowid = ' . (int) $reg[1];
$sql = "SELECT rowid, label, email FROM " . MAIN_DB_PREFIX . "c_email_senderprofile WHERE rowid = " . (int) $reg[1];
$resql = $db->query($sql);
$obj = $db->fetch_object($resql);
if ($obj) {

29
htdocs/expensereport/card.php
View File

@ -68,6 +68,17 @@ $socid = GETPOST('socid', 'int') ?GETPOST('socid', 'int') : GETPOST('socid_id',
$childids = $user->getAllChildIds(1);
if (! empty($conf->global->EXPENSEREPORT_PREFILL_DATES_WITH_CURRENT_MONTH)) {
if (empty($date_start)) {
$date_start = dol_mktime(0, 0, 0, (int) dol_print_date(dol_now(), '%m'), 1, (int) dol_print_date(dol_now(), '%Y'));
}
if (empty($date_end)) {
// date('t') => number of days in the month, so last day of the month too
$date_end = dol_mktime(0, 0, 0, (int) dol_print_date(dol_now(), '%m'), (int) date('t'), (int) dol_print_date(dol_now(), '%Y'));
}
}
// Hack to use expensereport dir
$rootfordata = DOL_DATA_ROOT;
$rootforuser = DOL_DATA_ROOT;
@ -266,10 +277,14 @@ if (empty($reshook)) {
}
}
if (!$error && empty($conf->global->EXPENSEREPORT_ALLOW_OVERLAPPING_PERIODS) && $object->periode_existe($fuser, $object->date_debut, $object->date_fin)) {
$error++;
setEventMessages($langs->trans("ErrorDoubleDeclaration"), null, 'errors');
$action = 'create';
if (!$error && empty($conf->global->EXPENSEREPORT_ALLOW_OVERLAPPING_PERIODS)) {
$overlappingExpenseReportID = $object->periode_existe($fuser, $object->date_debut, $object->date_fin, true);
if ($overlappingExpenseReportID > 0) {
$error++;
setEventMessages($langs->trans("ErrorDoubleDeclaration").' <a href="'.$_SERVER['PHP_SELF'].'?id='.$overlappingExpenseReportID.'">'. $langs->trans('ShowTrip').'</a>', null, 'errors');
$action = 'create';
}
}
if (!$error) {
@ -1565,6 +1580,8 @@ if ($action == 'create') {
print '</form>';
} else {
$taxlessUnitPriceDisabled = ! empty($conf->global->EXPENSEREPORT_FORCE_LINE_AMOUNTS_INCLUDING_TAXES_ONLY) ? ' disabled' : '';
print dol_get_fiche_head($head, 'card', $langs->trans("ExpenseReport"), -1, 'trip');
// Clone confirmation
@ -2281,7 +2298,7 @@ if ($action == 'create') {
// Unit price
print '<td class="right">';
print '<input type="text" min="0" class="right maxwidth50" id="value_unit_ht" name="value_unit_ht" value="'.dol_escape_htmltag(price2num($line->value_unit_ht)).'" />';
print '<input type="text" min="0" class="right maxwidth50" id="value_unit_ht" name="value_unit_ht" value="'.dol_escape_htmltag(price2num($line->value_unit_ht)).'"'.$taxlessUnitPriceDisabled.' />';
print '</td>';
// Unit price with tax
@ -2460,7 +2477,7 @@ if ($action == 'create') {
// Unit price net
print '<td class="right">';
print '<input type="text" class="right maxwidth50" id="value_unit_ht" name="value_unit_ht" value="'.dol_escape_htmltag($value_unit_ht).'">';
print '<input type="text" class="right maxwidth50" id="value_unit_ht" name="value_unit_ht" value="'.dol_escape_htmltag($value_unit_ht).'"'.$taxlessUnitPriceDisabled.' />';
print '</td>';
// Unit price with tax

10
htdocs/expensereport/class/expensereport.class.php
View File

@ -2213,8 +2213,6 @@ class ExpenseReport extends CommonObject
$date_d_form = $date_debut;
$date_f_form = $date_fin;
$existe = false;
while ($i < $num_rows) {
$objp = $this->db->fetch_object($result);
@ -2222,17 +2220,13 @@ class ExpenseReport extends CommonObject
$date_f_req = $this->db->jdate($objp->date_fin); // 4
if (!($date_f_form < $date_d_req || $date_d_form > $date_f_req)) {
$existe = true;
return $objp->rowid;
}
$i++;
}
if ($existe) {
return 1;
} else {
return 0;
}
return 0;
} else {
return 0;
}

4
htdocs/fourn/class/fournisseur.product.class.php
View File

@ -846,7 +846,7 @@ class ProductFournisseur extends Product
$this->fourn_qty = $record["quantity"];
$this->fourn_remise_percent = $record["remise_percent"];
$this->fourn_remise = $record["remise"];
$this->fourn_unitprice = $record["unitprice"];
$this->fourn_unitprice = $fourn_unitprice;
$this->fourn_charges = $record["charges"]; // deprecated
$this->fourn_tva_tx = $record["tva_tx"];
$this->fourn_id = $record["fourn_id"];
@ -1183,7 +1183,7 @@ class ProductFournisseur extends Product
$label .= $this->displayPriceProductFournisseurLog($logPrices);
}
$url = dol_buildpath('/product/fournisseurs.php', 1).'?id='.$this->id.'&action=add_price&socid='.$this->fourn_id.'&rowid='.$this->product_fourn_price_id;
$url = dol_buildpath('/product/fournisseurs.php', 1).'?id='.$this->id.'&action=add_price&token='.newToken().'&socid='.$this->fourn_id.'&rowid='.$this->product_fourn_price_id;
if ($option != 'nolink') {
// Add param to save lastsearch_values or not

2
htdocs/holiday/define_holiday.php
View File

@ -358,7 +358,7 @@ if (count($typeleaves) == 0) {
//var_dump($users['rowid'].' - '.$val['rowid']);
print '<td style="text-align:center">';
if ($canedit) {
print '<input type="text"'.($canedit ? '' : ' disabled="disabled"').' value="'.$nbtoshow.'" name="nb_holiday_'.$val['rowid'].'['.$users['rowid'].']" size="5" style="text-align: center;"/>';
print '<input type="text"'.($canedit ? '' : ' disabled="disabled"').' value="'.$nbtoshow.'" name="nb_holiday_'.$val['rowid'].'['.$users['rowid'].']" class="width75 center" />';
} else {
print $nbtoshow;
}

2
htdocs/imports/import.php
View File

@ -1205,7 +1205,7 @@ if ($step == 4 && $datatoimport) {
// async: false
// });'."\n";
// Now reload page
print 'var newlocation= \''.$_SERVER["PHP_SELF"].'?step=4'.$param.'&action=saveorder&boxorder=\' + boxorder;'."\n";
print 'var newlocation= \''.$_SERVER["PHP_SELF"].'?step=4'.$param.'&action=saveorder&token='.newToken().'&boxorder=\' + boxorder;'."\n";
//print 'alert(newlocation);';
print 'window.location.href=newlocation;'."\n";
print '}'."\n";

4
htdocs/index.php
View File

@ -337,6 +337,7 @@ if (empty($conf->global->MAIN_DISABLE_GLOBAL_WORKBOARD)) {
),
'supplier_proposal' =>
array(
'lang' => 'supplier_proposal',
'groupName' => 'SupplierProposals',
'globalStatsKey' => 'askprice',
'stats' =>
@ -486,6 +487,9 @@ if (empty($conf->global->MAIN_DISABLE_GLOBAL_WORKBOARD)) {
}
if (!empty($boards)) {
if (!empty($groupElement['lang'])) {
$langs->load($groupElement['lang']);
}
$groupName = $langs->trans($groupElement['groupName']);
$groupKeyLowerCase = strtolower($groupKey);
$nbTotalForGroup = 0;

10
htdocs/install/lib/repair.lib.php
View File

@ -32,8 +32,8 @@ function checkElementExist($id, $table)
{
global $db;
$sql = 'SELECT rowid FROM '.MAIN_DB_PREFIX.$table;
$sql .= ' WHERE rowid = '.((int) $id);
$sql = "SELECT rowid FROM ".MAIN_DB_PREFIX.$table;
$sql .= " WHERE rowid = ".((int) $id);
$resql = $db->query($sql);
if ($resql) {
$num = $db->num_rows($resql);
@ -87,8 +87,8 @@ function checkLinkedElements($sourcetype, $targettype)
$out = $langs->trans('SourceType').': '.$sourcetype.' => '.$langs->trans('TargetType').': '.$targettype.' ';
$sql = 'SELECT rowid, fk_source, fk_target FROM '.MAIN_DB_PREFIX.'element_element';
$sql .= " WHERE sourcetype='".$db->escape($sourcetype)."' AND targettype='".$db->escape($targettype)."'";
$sql = "SELECT rowid, fk_source, fk_target FROM ".MAIN_DB_PREFIX."element_element";
$sql .= " WHERE sourcetype = '".$db->escape($sourcetype)."' AND targettype = '".$db->escape($targettype)."'";
$resql = $db->query($sql);
if ($resql) {
$num = $db->num_rows($resql);
@ -106,7 +106,7 @@ function checkLinkedElements($sourcetype, $targettype)
foreach ($elements as $key => $element) {
if (!checkElementExist($element[$sourcetype], $sourcetable) || !checkElementExist($element[$targettype], $targettable)) {
$sql = 'DELETE FROM '.MAIN_DB_PREFIX.'element_element';
$sql .= ' WHERE rowid = '.((int) $key);
$sql .= " WHERE rowid = ".((int) $key);
$resql = $db->query($sql);
$deleted++;
}

2
htdocs/install/mysql/data/llx_00_c_country.sql
View File

@ -279,5 +279,5 @@ INSERT INTO llx_c_country (rowid,code,code_iso,label,active,favorite) VALUES (24
-- Set field eec
UPDATE llx_c_country SET eec = 1 WHERE code IN ('AT','BE','BG','CY','CZ','DE','DK','EE','ES','FI','FR','GR','HR','NL','HU','IE','IM','IT','LT','LU','LV','MC','MT','PL','PT','RO','SE','SK','SI');
UPDATE llx_c_country SET eec = 1 WHERE code IN ('AT','BE','BG','CY','CZ','DE','DK','EE','ES','FI','FR','GR','HR','NL','HU','IE','IT','LT','LU','LV','MC','MT','PL','PT','RO','SE','SK','SI');

6
htdocs/install/mysql/data/llx_c_tva.sql
View File

@ -330,7 +330,7 @@ insert into llx_c_tva(rowid,fk_pays,taux,recuperableonly,note,active) values (10
insert into llx_c_tva(rowid,fk_pays,taux,recuperableonly,note,active) values (105,10, '15','0','VAT 12% Majoré à 25% (15%)',1);
insert into llx_c_tva(rowid,fk_pays,taux,recuperableonly,note,active) values (106,10, '22.5','0','VAT 18% Majoré à 25% (22.5%)',1);
insert into llx_c_tva(rowid,fk_pays,taux,recuperableonly,note,active) values (107,10, '6','0','VAT 6%', 1);
insert into llx_c_tva(rowid,fk_pays,taux,recuperableonly,note,active,localtax1,localtax1_type,localtax2,localtax2_type) values (107,10,'18.18','0','VAT 18%+FODEC', 1, 1, '4', 0, 0);
insert into llx_c_tva(rowid,fk_pays,taux,recuperableonly,note,active,localtax1,localtax1_type,localtax2,localtax2_type) values (108,10,'18.18','0','VAT 18%+FODEC', 1, 1, '4', 0, 0);
-- UKRAINE (id country=226)
INSERT INTO llx_c_tva(rowid,fk_pays,taux,recuperableonly,note,active) values (2261,226, '0','0','VAT rate 0',1);
@ -379,10 +379,6 @@ INSERT INTO llx_c_tva(rowid,fk_pays,taux,recuperableonly,note,active) VALUES ( 4
INSERT INTO llx_c_tva(rowid,fk_pays,taux,recuperableonly,note,active) VALUES ( 462, 46, '15','0','VAT 15%',1);
INSERT INTO llx_c_tva(rowid,fk_pays,taux,recuperableonly,note,active) VALUES ( 463, 46, '7.5','0','VAT 7.5%',1);
-- SOUTH AFRICA (id country=205)
INSERT INTO llx_c_tva(rowid,fk_pays,taux,recuperableonly,note,active) VALUES (2051,205, '0','0','No VAT',1);
INSERT INTO llx_c_tva(rowid,fk_pays,taux,recuperableonly,note,active) VALUES (2052,205, '14','0','VAT 14%',1);
-- VENEZUELA (id country=232)
insert into llx_c_tva(rowid,fk_pays,taux,recuperableonly,note,active) values (2321,232, '0','0','No VAT',1);
insert into llx_c_tva(rowid,fk_pays,taux,recuperableonly,note,active) values (2322,232, '12','0','VAT 12%',1);

223
htdocs/install/mysql/migration/14.0.0-15.0.0.sql
View File

@ -103,6 +103,7 @@ ALTER TABLE llx_categorie_ticket ADD CONSTRAINT fk_categorie_ticket_categorie_ro
ALTER TABLE llx_categorie_ticket ADD CONSTRAINT fk_categorie_ticket_ticket_rowid FOREIGN KEY (fk_ticket) REFERENCES llx_ticket (rowid);
ALTER TABLE llx_product_fournisseur_price MODIFY COLUMN ref_fourn varchar(128);
ALTER TABLE llx_product_customer_price MODIFY COLUMN ref_customer varchar(128);
ALTER TABLE llx_product_association ADD COLUMN rang integer DEFAULT 0;
-- -- add action trigger
INSERT INTO llx_c_action_trigger (code,label,description,elementtype,rang) VALUES ('ORDER_SUPPLIER_CANCEL','Supplier order request canceled','Executed when a supplier order is canceled','order_supplier',13);
@ -127,7 +128,7 @@ ALTER TABLE llx_categorie_knowledgemanagement ADD INDEX idx_categorie_knowledgem
ALTER TABLE llx_categorie_knowledgemanagement ADD INDEX idx_categorie_knowledgemanagement_fk_knowledgemanagement (fk_knowledgemanagement);
ALTER TABLE llx_categorie_knowledgemanagement ADD CONSTRAINT fk_categorie_knowledgemanagement_categorie_rowid FOREIGN KEY (fk_categorie) REFERENCES llx_categorie (rowid);
ALTER TABLE llx_categorie_knowledgemanagement ADD CONSTRAINT fk_categorie_knowledgemanagement_knowledgemanagement_rowid FOREIGN KEY (fk_knowledgemanagement) REFERENCES llx_knowledgemanagement (rowid);
ALTER TABLE llx_categorie_knowledgemanagement ADD CONSTRAINT fk_categorie_knowledgemanagement_knowledgemanagement_rowid FOREIGN KEY (fk_knowledgemanagement) REFERENCES llx_knowledgemanagement_knowledgerecord (rowid);
ALTER TABLE llx_product_lot ADD COLUMN barcode varchar(180) DEFAULT NULL;
ALTER TABLE llx_product_lot ADD COLUMN fk_barcode_type integer DEFAULT NULL;
@ -154,3 +155,223 @@ ALTER TABLE llx_c_payment_term ADD COLUMN deposit_percent real DEFAULT NULL AFTE
ALTER TABLE llx_societe ADD COLUMN deposit_percent real DEFAULT NULL AFTER cond_reglement;
ALTER TABLE llx_propal ADD COLUMN deposit_percent real DEFAULT NULL AFTER fk_cond_reglement;
ALTER TABLE llx_commande ADD COLUMN deposit_percent real DEFAULT NULL AFTER fk_cond_reglement;
-- START GRH/HRM MODULE
CREATE TABLE llx_hrm_evaluation(
-- BEGIN MODULEBUILDER FIELDS
rowid integer AUTO_INCREMENT PRIMARY KEY NOT NULL,
ref varchar(128) DEFAULT '(PROV)' NOT NULL,
label varchar(255),
description text,
note_public text,
note_private text,
date_creation datetime NOT NULL,
tms timestamp,
fk_user_creat integer NOT NULL,
fk_user_modif integer,
import_key varchar(14),
status smallint NOT NULL,
date_eval date,
fk_user integer NOT NULL,
fk_job integer NOT NULL
-- END MODULEBUILDER FIELDS
) ENGINE=innodb;
ALTER TABLE llx_hrm_evaluation ADD INDEX idx_hrm_evaluation_rowid (rowid);
ALTER TABLE llx_hrm_evaluation ADD INDEX idx_hrm_evaluation_ref (ref);
ALTER TABLE llx_hrm_evaluation ADD CONSTRAINT llx_hrm_evaluation_fk_user_creat FOREIGN KEY (fk_user_creat) REFERENCES llx_user(rowid);
ALTER TABLE llx_hrm_evaluation ADD INDEX idx_hrm_evaluation_status (status);
create table llx_hrm_evaluation_extrafields
(
rowid integer AUTO_INCREMENT PRIMARY KEY,
tms timestamp,
fk_object integer NOT NULL,
import_key varchar(14) -- import key
) ENGINE=innodb;
ALTER TABLE llx_hrm_evaluation_extrafields ADD INDEX idx_evaluation_fk_object(fk_object);
CREATE TABLE llx_hrm_evaluationdet(
-- BEGIN MODULEBUILDER FIELDS
rowid integer AUTO_INCREMENT PRIMARY KEY NOT NULL,
date_creation datetime NOT NULL,
tms timestamp,
fk_user_creat integer NOT NULL,
fk_user_modif integer,
fk_skill integer NOT NULL,
fk_evaluation integer NOT NULL,
rank integer NOT NULL,
required_rank integer NOT NULL,
import_key varchar(14)
-- END MODULEBUILDER FIELDS
) ENGINE=innodb;
ALTER TABLE llx_hrm_evaluationdet ADD INDEX idx_hrm_evaluationdet_rowid (rowid);
ALTER TABLE llx_hrm_evaluationdet ADD CONSTRAINT llx_hrm_evaluationdet_fk_user_creat FOREIGN KEY (fk_user_creat) REFERENCES llx_user(rowid);
ALTER TABLE llx_hrm_evaluationdet ADD INDEX idx_hrm_evaluationdet_fk_skill (fk_skill);
ALTER TABLE llx_hrm_evaluationdet ADD INDEX idx_hrm_evaluationdet_fk_evaluation (fk_evaluation);
create table llx_hrm_evaluationdet_extrafields
(
rowid integer AUTO_INCREMENT PRIMARY KEY,
tms timestamp,
fk_object integer NOT NULL,
import_key varchar(14) -- import key
) ENGINE=innodb;
ALTER TABLE llx_hrm_evaluationdet_extrafields ADD INDEX idx_evaluationdet_fk_object(fk_object);
CREATE TABLE llx_hrm_job(
rowid integer AUTO_INCREMENT PRIMARY KEY NOT NULL,
label varchar(255) NOT NULL,
description text,
date_creation datetime NOT NULL,
tms timestamp,
deplacement varchar(255),
note_public text,
note_private text,
fk_user_creat integer,
fk_user_modif integer
) ENGINE=innodb;
ALTER TABLE llx_hrm_job ADD INDEX idx_hrm_job_rowid (rowid);
ALTER TABLE llx_hrm_job ADD INDEX idx_hrm_job_label (label);
create table llx_hrm_job_extrafields
(
rowid integer AUTO_INCREMENT PRIMARY KEY,
tms timestamp,
fk_object integer NOT NULL,
import_key varchar(14) -- import key
) ENGINE=innodb;
ALTER TABLE llx_hrm_job_extrafields ADD INDEX idx_job_fk_object(fk_object);
CREATE TABLE llx_hrm_job_user(
-- BEGIN MODULEBUILDER FIELDS
rowid integer AUTO_INCREMENT PRIMARY KEY NOT NULL,
-- ref varchar(128) NOT NULL,
description text,
date_creation datetime NOT NULL,
tms timestamp,
fk_contrat integer,
fk_user integer NOT NULL,
fk_job integer NOT NULL,
date_start date,
date_end date,
commentaire_abandon varchar(255),
note_public text,
note_private text,
fk_user_creat integer,
fk_user_modif integer
-- END MODULEBUILDER FIELDS
) ENGINE=innodb;
ALTER TABLE llx_hrm_job_user ADD INDEX idx_hrm_job_user_rowid (rowid);
-- ALTER TABLE llx_hrm_job_user ADD INDEX idx_hrm_job_user_ref (ref);
create table llx_hrm_job_user_extrafields
(
rowid integer AUTO_INCREMENT PRIMARY KEY,
tms timestamp,
fk_object integer NOT NULL,
import_key varchar(14) -- import key
) ENGINE=innodb;
ALTER TABLE llx_hrm_job_user_extrafields ADD INDEX idx_position_fk_object(fk_object);
CREATE TABLE llx_hrm_skill(
-- BEGIN MODULEBUILDER FIELDS
rowid integer AUTO_INCREMENT PRIMARY KEY NOT NULL,
label varchar(255),
description text,
date_creation datetime NOT NULL,
tms timestamp,
fk_user_creat integer NOT NULL,
fk_user_modif integer,
required_level integer NOT NULL,
date_validite integer NOT NULL,
temps_theorique double(24,8) NOT NULL,
skill_type integer NOT NULL,
note_public text,
note_private text
-- END MODULEBUILDER FIELDS
) ENGINE=innodb;
ALTER TABLE llx_hrm_skill ADD INDEX idx_hrm_skill_rowid (rowid);
ALTER TABLE llx_hrm_skill ADD CONSTRAINT llx_hrm_skill_fk_user_creat FOREIGN KEY (fk_user_creat) REFERENCES llx_user(rowid);
ALTER TABLE llx_hrm_skill ADD INDEX idx_hrm_skill_skill_type (skill_type);
create table llx_hrm_skill_extrafields
(
rowid integer AUTO_INCREMENT PRIMARY KEY,
tms timestamp,
fk_object integer NOT NULL,
import_key varchar(14) -- import key
) ENGINE=innodb;
ALTER TABLE llx_hrm_skill_extrafields ADD INDEX idx_skill_fk_object(fk_object);
CREATE TABLE llx_hrm_skilldet(
-- BEGIN MODULEBUILDER FIELDS
rowid integer AUTO_INCREMENT PRIMARY KEY NOT NULL,
description text,
fk_user_creat integer NOT NULL,
fk_user_modif integer,
fk_skill integer NOT NULL,
rank integer
-- END MODULEBUILDER FIELDS
) ENGINE=innodb;
ALTER TABLE llx_hrm_skilldet ADD INDEX idx_hrm_skilldet_rowid (rowid);
ALTER TABLE llx_hrm_skilldet ADD CONSTRAINT llx_hrm_skilldet_fk_user_creat FOREIGN KEY (fk_user_creat) REFERENCES llx_user(rowid);
create table llx_hrm_skilldet_extrafields
(
rowid integer AUTO_INCREMENT PRIMARY KEY,
tms timestamp,
fk_object integer NOT NULL,
import_key varchar(14) -- import key
) ENGINE=innodb;
ALTER TABLE llx_hrm_skilldet_extrafields ADD INDEX idx_skilldet_fk_object(fk_object);
CREATE TABLE llx_hrm_skillrank(
-- BEGIN MODULEBUILDER FIELDS
rowid integer AUTO_INCREMENT PRIMARY KEY NOT NULL,
fk_skill integer NOT NULL,
rank integer NOT NULL,
fk_object integer NOT NULL,
date_creation datetime NOT NULL,
tms timestamp DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
fk_user_creat integer NOT NULL,
fk_user_modif integer,
objecttype varchar(128) NOT NULL
-- END MODULEBUILDER FIELDS
) ENGINE=innodb;
ALTER TABLE llx_hrm_skillrank ADD INDEX idx_hrm_skillrank_rowid (rowid);
ALTER TABLE llx_hrm_skillrank ADD INDEX idx_hrm_skillrank_fk_skill (fk_skill);
ALTER TABLE llx_hrm_skillrank ADD CONSTRAINT llx_hrm_skillrank_fk_user_creat FOREIGN KEY (fk_user_creat) REFERENCES llx_user(rowid);
--END GRH/HRM MODULE

Some files were not shown because too many files have changed in this diff Show More