lainwir3d/dolibarr
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge branch 'develop' into patch-445

Browse Source
This commit is contained in:
Laurent Destailleur 2021-09-30 13:40:23 +02:00 committed by GitHub
commit 95e1ec87dc
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
208 changed files with 1269 additions and 778 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
ChangeLog
View File

@ -2,6 +2,21 @@
English Dolibarr ChangeLog
--------------------------------------------------------------
***** ChangeLog for 15.0.0 compared to 14.0.0 *****
For developers:
---------------
WARNING:
Following changes may create regressions for some external modules, but were necessary to make Dolibarr better:
* Update hook 'printOriginObjectLine', removed check on product type and special code. Need now reshook.
* Old deprecated module "SimplePOS" has been completely removed. Use module "TakePOS" is you need a Point Of Sale.
* The method static ActionComm::getActions($db, ...) is no more static. Use $actioncomm->getActions(...) instead (without $db param).
***** ChangeLog for 14.0.2 compared to 14.0.1 *****
FIX: #18353 Invoice list translation issue
@ -86,19 +101,6 @@ FIX: using Tulip, deposit mask was not saved
FIX: #yogosha6907
***** ChangeLog for 15.0.0 compared to 14.0.0 *****
For developers:
---------------
WARNING:
Following changes may create regressions for some external modules, but were necessary to make Dolibarr better:
* Update hook 'printOriginObjectLine', removed check on product type and special code. Need now reshook.
* Old deprecated module "SimplePOS" has been completely removed. Use module "TakePOS" is you need a Point Of Sale.
***** ChangeLog for 14.0.0 compared to 13.0.0 *****
For users:

3
dev/initdemo/initdemopassword.sh
View File

@ -171,7 +171,10 @@ if [ $res -ne 0 ]; then
fi
if [ -s "$mydir/initdemopostsql.sql" ]; then
echo A file initdemopostsql.sql was found, we execute it.
mysql -P$port $base < "$mydir/initdemopostsql.sql"
else
echo No file initdemopostsql.sql found, we extra sql action done.
fi

2
htdocs/accountancy/admin/categories_list.php
View File

@ -811,7 +811,7 @@ if ($resql) {
// Modify link
if ($canbemodified) {
print '<td class="center"><a class="reposition editfielda" href="'.$url.'action=edit">'.img_edit().'</a></td>';
print '<td class="center"><a class="reposition editfielda" href="'.$url.'action=edit&token='.newToken().'">'.img_edit().'</a></td>';
} else {
print '<td>&nbsp;</td>';
}

6
htdocs/accountancy/admin/subaccount.php
View File

@ -439,13 +439,13 @@ if ($resql) {
$e = '';
// Customer
if ($obj->type == 1) {
$e .= '<a class="editfielda" title="'.$langs->trans("Customer").'" href="'.DOL_URL_ROOT.'/societe/card.php?action=edit&socid='.$obj->rowid.'&backtopage='.urlencode($_SERVER["PHP_SELF"]).'">'.img_edit().'</a>';
$e .= '<a class="editfielda" title="'.$langs->trans("Customer").'" href="'.DOL_URL_ROOT.'/societe/card.php?action=edit&token='.newToken().'&socid='.$obj->rowid.'&backtopage='.urlencode($_SERVER["PHP_SELF"]).'">'.img_edit().'</a>';
} elseif ($obj->type == 2) {
// Supplier
$e .= '<a class="editfielda" title="'.$langs->trans("Supplier").'" href="'.DOL_URL_ROOT.'/societe/card.php?action=edit&socid='.$obj->rowid.'&backtopage='.urlencode($_SERVER["PHP_SELF"]).'">'.img_edit().'</a>';
$e .= '<a class="editfielda" title="'.$langs->trans("Supplier").'" href="'.DOL_URL_ROOT.'/societe/card.php?action=edit&token='.newToken().'&socid='.$obj->rowid.'&backtopage='.urlencode($_SERVER["PHP_SELF"]).'">'.img_edit().'</a>';
} elseif ($obj->type == 3) {
// User
$e .= '<a class="editfielda" title="'.$langs->trans("Employee").'" href="'.DOL_URL_ROOT.'/user/card.php?action=edit&id='.$obj->rowid.'&backtopage='.urlencode($_SERVER["PHP_SELF"]).'">'.img_edit().'</a>';
$e .= '<a class="editfielda" title="'.$langs->trans("Employee").'" href="'.DOL_URL_ROOT.'/user/card.php?action=edit&token='.newToken().'&id='.$obj->rowid.'&backtopage='.urlencode($_SERVER["PHP_SELF"]).'">'.img_edit().'</a>';
}
print $e;
print '</td>'."\n";

6
htdocs/accountancy/bookkeeping/card.php
View File

@ -433,7 +433,7 @@ if ($action == 'create') {
print $langs->trans('Docdate');
print '</td>';
if ($action != 'editdate') {
print '<td class="right"><a class="editfielda reposition" href="'.$_SERVER["PHP_SELF"].'?action=editdate&amp;piece_num='.$object->piece_num.'&amp;mode='.$mode.'">'.img_edit($langs->transnoentitiesnoconv('SetDate'), 1).'</a></td>';
print '<td class="right"><a class="editfielda reposition" href="'.$_SERVER["PHP_SELF"].'?action=editdate&token='.newToken().'&piece_num='.urlencode($object->piece_num).'&mode='.urlencode($mode).'">'.img_edit($langs->transnoentitiesnoconv('SetDate'), 1).'</a></td>';
}
print '</tr></table>';
print '</td><td colspan="3">';
@ -460,7 +460,7 @@ if ($action == 'create') {
print $langs->trans('Codejournal');
print '</td>';
if ($action != 'editjournal') {
print '<td class="right"><a class="editfielda reposition" href="'.$_SERVER["PHP_SELF"].'?action=editjournal&amp;piece_num='.$object->piece_num.'&amp;mode='.$mode.'">'.img_edit($langs->transnoentitiesnoconv('Edit'), 1).'</a></td>';
print '<td class="right"><a class="editfielda reposition" href="'.$_SERVER["PHP_SELF"].'?action=editjournal&token='.newToken().'&piece_num='.urlencode($object->piece_num).'&mode='.urlencode($mode).'">'.img_edit($langs->transnoentitiesnoconv('Edit'), 1).'</a></td>';
}
print '</tr></table>';
print '</td><td>';
@ -487,7 +487,7 @@ if ($action == 'create') {
print $langs->trans('Piece');
print '</td>';
if ($action != 'editdocref') {
print '<td class="right"><a class="editfielda reposition" href="'.$_SERVER["PHP_SELF"].'?action=editdocref&amp;piece_num='.$object->piece_num.'&amp;mode='.$mode.'">'.img_edit($langs->transnoentitiesnoconv('Edit'), 1).'</a></td>';
print '<td class="right"><a class="editfielda reposition" href="'.$_SERVER["PHP_SELF"].'?action=editdocref&token='.newToken().'&piece_num='.urlencode($object->piece_num).'&mode='.urlencode($mode).'">'.img_edit($langs->transnoentitiesnoconv('Edit'), 1).'</a></td>';
}
print '</tr></table>';
print '</td><td>';

11
htdocs/accountancy/bookkeeping/list.php
View File

@ -591,7 +591,7 @@ if ($action == 'export_fileconfirm' && $user->rights->accounting->mouvements->ex
if (!empty($accountancyexport->errors)) {
setEventMessages('', $accountancyexport->errors, 'errors');
} elseif (!$notifiedexportdate || !$notifiedvalidationdate) {
} elseif (!empty($notifiedexportdate) || !empty($notifiedvalidationdate)) {
// Specify as export : update field date_export or date_validated
$error = 0;
$db->begin();
@ -602,17 +602,18 @@ if ($action == 'export_fileconfirm' && $user->rights->accounting->mouvements->ex
$sql = " UPDATE ".MAIN_DB_PREFIX."accounting_bookkeeping";
$sql .= " SET";
if (!$notifiedexportdate && !$notifiedvalidationdate) {
if (!empty($notifiedexportdate) && !empty($notifiedvalidationdate)) {
$sql .= " date_export = '".$db->idate($now)."'";
$sql .= ", date_validated = '".$db->idate($now)."'";
} elseif (!$notifiedexportdate) {
} elseif (!empty($notifiedexportdate)) {
$sql .= " date_export = '".$db->idate($now)."'";
} elseif (!$notifiedvalidationdate) {
} elseif (!empty($notifiedvalidationdate)) {
$sql .= " date_validated = '".$db->idate($now)."'";
}
$sql .= " WHERE rowid = ".((int) $movement->id);
dol_syslog("/accountancy/bookeeping/list.php Function export_file Specify movements as exported", LOG_DEBUG);
dol_syslog("/accountancy/bookkeeping/list.php Function export_file Specify movements as exported", LOG_DEBUG);
$result = $db->query($sql);
if (!$result) {
$error++;

8
htdocs/accountancy/tpl/export_journal.tpl.php
View File

@ -38,10 +38,12 @@ header('Content-Type: text/csv');
include_once DOL_DOCUMENT_ROOT.'/accountancy/class/accountancyexport.class.php';
$accountancyexport = new AccountancyExport($db);
if ($accountancyexport->getFormatCode($formatexportset) == $accountancyexport::$EXPORT_TYPE_FEC && $type_export == "general_ledger") { // Specific filename for FEC model export into the general ledger
// Specific filename for FEC model export into the general ledger
if (($accountancyexport->getFormatCode($formatexportset) == 'fec' || $accountancyexport->getFormatCode($formatexportset) == 'fec2')
&& $type_export == "general_ledger") {
// FEC format is defined here: https://www.legifrance.gouv.fr/affichCodeArticle.do?idArticle=LEGIARTI000027804775&cidTexte=LEGITEXT000006069583&dateTexte=20130802&oldAction=rechCodeArticle
if (empty($search_date_end)) {
// TODO Get the max date into bookeeping table
// TODO Get the max date into bookkeeping table
$search_date_end = dol_now();
}
$datetouseforfilename = $search_date_end;
@ -58,7 +60,7 @@ if ($accountancyexport->getFormatCode($formatexportset) == $accountancyexport::$
$endaccountingperiod = dol_print_date(dol_get_last_day($tmparray['year'], $tmparray['mon']), 'dayxcard');
$completefilename = $siren."FEC".$endaccountingperiod.".txt";
} elseif ($accountancyexport->getFormatCode($formatexportset) == $accountancyexport::$EXPORT_TYPE_CIEL && $type_export == "general_ledger" && !empty($conf->global->ACCOUNTING_EXPORT_XIMPORT_FORCE_FILENAME)) {
} elseif ($accountancyexport->getFormatCode($formatexportset) == 'ciel' && $type_export == "general_ledger" && !empty($conf->global->ACCOUNTING_EXPORT_XIMPORT_FORCE_FILENAME)) {
$completefilename = "XIMPORT.TXT";
} else {
$completefilename = ($code ? $code."_" : "").($prefix ? $prefix."_" : "").$filename.($nodateexport ? "" : $date_export).".".$format;

2
htdocs/adherents/card.php
View File

@ -1907,7 +1907,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) {
// Modify
if (!empty($user->rights->adherent->creer)) {
print '<a class="butAction" href="card.php?rowid='.$id.'&action=edit">'.$langs->trans("Modify").'</a>'."\n";
print '<a class="butAction" href="card.php?rowid='.$id.'&action=edit&token='.newToken().'">'.$langs->trans("Modify").'</a>'."\n";
} else {
print '<span class="butActionRefused classfortooltip" title="'.dol_escape_htmltag($langs->trans("NotEnoughPermissions")).'">'.$langs->trans("Modify").'</span>'."\n";
}

4
htdocs/adherents/subscription.php
View File

@ -587,7 +587,7 @@ if ($rowid > 0) {
print $langs->trans("LinkedToDolibarrThirdParty");
print '</td>';
if ($action != 'editthirdparty' && $user->rights->adherent->creer) {
print '<td class="right"><a class="editfielda" href="'.$_SERVER["PHP_SELF"].'?action=editthirdparty&amp;rowid='.$object->id.'">'.img_edit($langs->trans('SetLinkToThirdParty'), 1).'</a></td>';
print '<td class="right"><a class="editfielda" href="'.$_SERVER["PHP_SELF"].'?action=editthirdparty&token='.newToken().'&rowid='.$object->id.'">'.img_edit($langs->trans('SetLinkToThirdParty'), 1).'</a></td>';
}
print '</tr></table>';
print '</td><td colspan="2" class="valeur">';
@ -631,7 +631,7 @@ if ($rowid > 0) {
if ($action != 'editlogin' && $user->rights->adherent->creer) {
print '<td class="right">';
if ($user->rights->user->user->creer) {
print '<a class="editfielda" href="'.$_SERVER["PHP_SELF"].'?action=editlogin&amp;rowid='.$object->id.'">'.img_edit($langs->trans('SetLinkToUser'), 1).'</a>';
print '<a class="editfielda" href="'.$_SERVER["PHP_SELF"].'?action=editlogin&token='.newToken().'&rowid='.$object->id.'">'.img_edit($langs->trans('SetLinkToUser'), 1).'</a>';
}
print '</td>';
}

8
htdocs/adherents/type.php
View File

@ -481,12 +481,12 @@ if ($rowid > 0) {
// Edit
if ($user->rights->adherent->configurer) {
print '<div class="inline-block divButAction"><a class="butAction" href="'.$_SERVER['PHP_SELF'].'?action=edit&amp;rowid='.$object->id.'">'.$langs->trans("Modify").'</a></div>';
print '<div class="inline-block divButAction"><a class="butAction" href="'.$_SERVER['PHP_SELF'].'?action=edit&token='.newToken().'&rowid='.$object->id.'">'.$langs->trans("Modify").'</a></div>';
}
// Add
if ($user->rights->adherent->configurer && !empty($object->status)) {
print '<div class="inline-block divButAction"><a class="butAction" href="card.php?action=create&typeid='.$object->id.'&backtopage='.urlencode($_SERVER["PHP_SELF"].'?rowid='.$object->id).'">'.$langs->trans("AddMember").'</a></div>';
print '<div class="inline-block divButAction"><a class="butAction" href="card.php?action=create&token='.newToken().'&typeid='.$object->id.'&backtopage='.urlencode($_SERVER["PHP_SELF"].'?rowid='.$object->id).'">'.$langs->trans("AddMember").'</a></div>';
} else {
print '<div class="inline-block divButAction"><a class="butActionRefused classfortooltip" href="#" title="'.dol_escape_htmltag($langs->trans("NoAddMember")).'">'.$langs->trans("AddMember").'</a></div>';
}
@ -728,10 +728,10 @@ if ($rowid > 0) {
// Actions
print '<td class="center">';
if ($user->rights->adherent->creer) {
print '<a class="editfielda marginleftonly" href="card.php?rowid='.$objp->rowid.'&action=edit&backtopage='.urlencode($_SERVER["PHP_SELF"].'?rowid='.$object->id).'">'.img_edit().'</a>';
print '<a class="editfielda marginleftonly" href="card.php?rowid='.$objp->rowid.'&action=edit&token='.newToken().'&backtopage='.urlencode($_SERVER["PHP_SELF"].'?rowid='.$object->id).'">'.img_edit().'</a>';
}
if ($user->rights->adherent->supprimer) {
print '<a class="marginleftonly" href="card.php?rowid='.$objp->rowid.'&action=resign">'.img_picto($langs->trans("Resiliate"), 'disable.png').'</a>';
print '<a class="marginleftonly" href="card.php?rowid='.$objp->rowid.'&action=resign&token='.newToken().'">'.img_picto($langs->trans("Resiliate"), 'disable.png').'</a>';
}
print "</td>";

4
htdocs/adherents/type_translation.php
View File

@ -185,9 +185,9 @@ print "\n<div class=\"tabsAction\">\n";
if ($action == '') {
if ($user->rights->produit->creer || $user->rights->service->creer) {
print '<a class="butAction" href="'.DOL_URL_ROOT.'/adherents/type_translation.php?action=create&rowid='.$object->id.'">'.$langs->trans("Add").'</a>';
print '<a class="butAction" href="'.DOL_URL_ROOT.'/adherents/type_translation.php?action=create&token='.newToken().'&rowid='.$object->id.'">'.$langs->trans("Add").'</a>';
if ($cnt_trans > 0) {
print '<a class="butAction" href="'.DOL_URL_ROOT.'/adherents/type_translation.php?action=edit&rowid='.$object->id.'">'.$langs->trans("Update").'</a>';
print '<a class="butAction" href="'.DOL_URL_ROOT.'/adherents/type_translation.php?action=edit&token='.newToken().'&rowid='.$object->id.'">'.$langs->trans("Update").'</a>';
}
}
}

2
htdocs/admin/barcode.php
View File

@ -373,7 +373,7 @@ if ($conf->product->enabled) {
print '</td>';
print '<td class="nowrap">'.$modBarCode->getExample($langs)."</td>\n";
if ($conf->global->BARCODE_PRODUCT_ADDON_NUM == "$file") {
if (!empty($conf->global->BARCODE_PRODUCT_ADDON_NUM) && $conf->global->BARCODE_PRODUCT_ADDON_NUM == "$file") {
print '<td class="center"><a class="reposition" href="'.$_SERVER['PHP_SELF'].'?action=setbarcodeproductoff&token='.newToken().'&amp;value='.urlencode($file).'">';
print img_picto($langs->trans("Activated"), 'switch_on');
print '</a></td>';

2
htdocs/admin/dav.php
View File

@ -145,7 +145,7 @@ if ($action == 'edit') {
print '</table>';
print '<div class="tabsAction">';
print '<a class="butAction" href="'.$_SERVER["PHP_SELF"].'?action=edit">'.$langs->trans("Modify").'</a>';
print '<a class="butAction" href="'.$_SERVER["PHP_SELF"].'?action=edit&token='.newToken().'">'.$langs->trans("Modify").'</a>';
print '</div>';
}

2
htdocs/admin/delais.php
View File

@ -452,7 +452,7 @@ if ($action == 'edit') {
print '</form>';
} else {
print '<br><div class="tabsAction">';
print '<a class="butAction" href="delais.php?action=edit">'.$langs->trans("Modify").'</a></div>';
print '<a class="butAction" href="delais.php?action=edit&token='.newToken().'">'.$langs->trans("Modify").'</a></div>';
}
// End of page

8
htdocs/admin/emailcollector_card.php
View File

@ -656,7 +656,7 @@ if ($object->id > 0 && (empty($action) || ($action != 'edit' && $action != 'crea
print '</td>';
// Delete
print '<td class="right nowraponall">';
print '<a class="editfielda marginrightonly" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&action=editoperation&operationid='.$ruleaction['id'].'">'.img_edit().'</a>';
print '<a class="editfielda marginrightonly" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&action=editoperation&token='.newToken().'&operationid='.$ruleaction['id'].'">'.img_edit().'</a>';
print ' <a href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&action=deleteoperation&token='.newToken().'&operationid='.$ruleaction['id'].'">'.img_delete().'</a>';
print '</td>';
print '</tr>';
@ -693,14 +693,14 @@ if ($object->id > 0 && (empty($action) || ($action != 'edit' && $action != 'crea
if (empty($reshook)) {
// Edit
print '<div class="inline-block divButAction"><a class="butAction" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&amp;action=edit">'.$langs->trans("Edit").'</a></div>';
print '<div class="inline-block divButAction"><a class="butAction" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&action=edit&token='.newToken().'">'.$langs->trans("Edit").'</a></div>';
// Clone
print '<div class="inline-block divButAction"><a class="butAction" href="'.$_SERVER['PHP_SELF'].'?id='.$object->id.'&amp;socid='.$object->socid.'&amp;action=clone&amp;object=order">'.$langs->trans("ToClone").'</a></div>';
print '<div class="inline-block divButAction"><a class="butAction" href="'.$_SERVER['PHP_SELF'].'?id='.$object->id.'&socid='.$object->socid.'&action=clone&token='.newToken().'&object=order">'.$langs->trans("ToClone").'</a></div>';
// Collect now
if (count($object->actions) > 0) {
print '<div class="inline-block divButAction"><a class="butAction" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&amp;action=collect">'.$langs->trans("CollectNow").'</a></div>';
print '<div class="inline-block divButAction"><a class="butAction" href="'.$_SERVER["PHP_SELF"].'?id='.$object->id.'&action=collect&token='.newToken().'">'.$langs->trans("CollectNow").'</a></div>';
} else {
print '<div class="inline-block divButAction"><a class="butActionRefused" href="#" title="'.dol_escape_htmltag($langs->trans("NoOperations")).'">'.$langs->trans("CollectNow").'</a></div>';
}

2
htdocs/admin/eventorganization.php
View File

@ -376,7 +376,7 @@ if ($action == 'edit') {
print '</table>';
print '<div class="tabsAction">';
print '<a class="butAction" href="'.$_SERVER["PHP_SELF"].'?action=edit">'.$langs->trans("Modify").'</a>';
print '<a class="butAction" href="'.$_SERVER["PHP_SELF"].'?action=edit&token='.newToken().'">'.$langs->trans("Modify").'</a>';
print '</div>';
} else {
print '<br>'.$langs->trans("NothingToSetup");

28
htdocs/admin/expensereport_ik.php
View File

@ -33,10 +33,6 @@ require_once DOL_DOCUMENT_ROOT.'/expensereport/class/expensereport_ik.class.php'
// Load translation files required by the page
$langs->loadLangs(array("admin", "trips", "errors", "other", "dict"));
if (!$user->admin) {
accessforbidden();
}
$error = 0;
$action = GETPOST('action', 'aZ09');
@ -45,10 +41,20 @@ $ikoffset = GETPOST('ikoffset', 'int');
$coef = GETPOST('coef', 'int');
$fk_c_exp_tax_cat = GETPOST('fk_c_exp_tax_cat');
$fk_range = GETPOST('fk_range');
$fk_range = GETPOST('fk_range', 'int');
$expIk = new ExpenseReportIk($db);
if (!$user->admin) {
accessforbidden();
}
/*
* Actions
*/
if ($action == 'updateik') {
$expIk = new ExpenseReportIk($db);
if ($id > 0) {
$result = $expIk->fetch($id);
if ($result < 0) {
@ -61,13 +67,13 @@ if ($action == 'updateik') {
if ($result > 0) {
setEventMessages('SetupSaved', null, 'mesgs');
header('Location: '.$_SERVER['PHP_SELF']);
exit;
} else {
setEventMessages($expIk->error, $expIk->errors, 'errors');
}
} elseif ($action == 'delete') { // TODO add confirm
$expIk = new ExpenseReportIk($db);
if ($id > 0) {
$result = $expIk->fetch($id);
if ($result < 0) {
@ -77,12 +83,11 @@ if ($action == 'updateik') {
$expIk->delete($user);
}
header('Location: '.$_SERVER['PHP_SELF']);
exit;
}
$rangesbycateg = ExpenseReportIk::getAllRanges();
$rangesbycateg = $expIk->getAllRanges();
/*
@ -102,7 +107,8 @@ print dol_get_fiche_head($head, 'expenseik', $langs->trans("ExpenseReportsIk"),
echo '<span class="opacitymedium">'.$langs->trans('ExpenseReportIkDesc').'</span>';
print '<br><br>';
echo '<form action="'.$_SERVER['PHP_SELF'].'" method="post">';
echo '<form action="'.$_SERVER['PHP_SELF'].'" method="POST">';
echo '<input type="hidden" name="token" value="'.newToken().'" />';
if ($action == 'edit') {
echo '<input type="hidden" name="id" value="'.$id.'" />';
@ -111,8 +117,6 @@ if ($action == 'edit') {
echo '<input type="hidden" name="action" value="updateik" />';
}
echo '<input type="hidden" name="token" value="'.newToken().'" />';
echo '<table class="noborder centpercent">';
foreach ($rangesbycateg as $fk_c_exp_tax_cat => $Tab) {

3
htdocs/admin/expensereport_rules.php
View File

@ -54,7 +54,6 @@ $code_expense_rules_type = GETPOST('code_expense_rules_type');
$dates = dol_mktime(12, 0, 0, GETPOST('startmonth'), GETPOST('startday'), GETPOST('startyear'));
$datee = dol_mktime(12, 0, 0, GETPOST('endmonth'), GETPOST('endday'), GETPOST('endyear'));
$amount = GETPOST('amount');
$restrictive = GETPOST('restrictive');
$object = new ExpenseReportRule($db);
if (!empty($id)) {
@ -138,7 +137,7 @@ if ($action == 'save') {
exit;
}
$rules = ExpenseReportRule::getAllRule();
$rules = $object->getAllRule();
$tab_apply = array(
'A' => $langs->trans('All'),

16
htdocs/admin/holiday.php
View File

@ -466,9 +466,9 @@ if ($conf->use_javascript_ajax) {
print ajax_constantonoff('MAIN_NON_WORKING_DAYS_INCLUDE_MONDAY', array(), null, 0);
} else {
if (!empty($conf->global->MAIN_NON_WORKING_DAYS_INCLUDE_MONDAY)) {
print '<a href="'.$_SERVER['PHP_SELF'].'?action=set_other&token='.newtoken().'&MAIN_NON_WORKING_DAYS_INCLUDE_MONDAY=1">'.img_picto($langs->trans("Enabled"), 'on').'</a>';
print '<a href="'.$_SERVER['PHP_SELF'].'?action=set_other&token='.newToken().'&MAIN_NON_WORKING_DAYS_INCLUDE_MONDAY=1">'.img_picto($langs->trans("Enabled"), 'on').'</a>';
} else {
print '<a href="'.$_SERVER['PHP_SELF'].'?action=set_other&token='.newtoken().'&MAIN_NON_WORKING_DAYS_INCLUDE_MONDAY=0">'.img_picto($langs->trans("Disabled"), 'off').'</a>';
print '<a href="'.$_SERVER['PHP_SELF'].'?action=set_other&token='.newToken().'&MAIN_NON_WORKING_DAYS_INCLUDE_MONDAY=0">'.img_picto($langs->trans("Disabled"), 'off').'</a>';
}
}
print "</td>";
@ -482,9 +482,9 @@ if ($conf->use_javascript_ajax) {
print ajax_constantonoff('MAIN_NON_WORKING_DAYS_INCLUDE_FRIDAY', array(), null, 0);
} else {
if (!empty($conf->global->MAIN_NON_WORKING_DAYS_INCLUDE_FRIDAY)) {
print '<a href="'.$_SERVER['PHP_SELF'].'?action=set_other&token='.newtoken().'&MAIN_NON_WORKING_DAYS_INCLUDE_FRIDAY=1">'.img_picto($langs->trans("Enabled"), 'on').'</a>';
print '<a href="'.$_SERVER['PHP_SELF'].'?action=set_other&token='.newToken().'&MAIN_NON_WORKING_DAYS_INCLUDE_FRIDAY=1">'.img_picto($langs->trans("Enabled"), 'on').'</a>';
} else {
print '<a href="'.$_SERVER['PHP_SELF'].'?action=set_other&token='.newtoken().'&MAIN_NON_WORKING_DAYS_INCLUDE_FRIDAY=0">'.img_picto($langs->trans("Disabled"), 'off').'</a>';
print '<a href="'.$_SERVER['PHP_SELF'].'?action=set_other&token='.newToken().'&MAIN_NON_WORKING_DAYS_INCLUDE_FRIDAY=0">'.img_picto($langs->trans("Disabled"), 'off').'</a>';
}
}
print "</td>";
@ -498,9 +498,9 @@ if ($conf->use_javascript_ajax) {
print ajax_constantonoff('MAIN_NON_WORKING_DAYS_INCLUDE_SATURDAY', array(), null, 0, 0, 0, 2, 0, 1);
} else {
if (!empty($conf->global->MAIN_NON_WORKING_DAYS_INCLUDE_SATURDAY)) {
print '<a href="'.$_SERVER['PHP_SELF'].'?action=set_other&token='.newtoken().'&MAIN_NON_WORKING_DAYS_INCLUDE_SATURDAY=1">'.img_picto($langs->trans("Enabled"), 'on').'</a>';
print '<a href="'.$_SERVER['PHP_SELF'].'?action=set_other&token='.newToken().'&MAIN_NON_WORKING_DAYS_INCLUDE_SATURDAY=1">'.img_picto($langs->trans("Enabled"), 'on').'</a>';
} else {
print '<a href="'.$_SERVER['PHP_SELF'].'?action=set_other&token='.newtoken().'&MAIN_NON_WORKING_DAYS_INCLUDE_SATURDAY=0">'.img_picto($langs->trans("Disabled"), 'off').'</a>';
print '<a href="'.$_SERVER['PHP_SELF'].'?action=set_other&token='.newToken().'&MAIN_NON_WORKING_DAYS_INCLUDE_SATURDAY=0">'.img_picto($langs->trans("Disabled"), 'off').'</a>';
}
}
print "</td>";
@ -514,9 +514,9 @@ if ($conf->use_javascript_ajax) {
print ajax_constantonoff('MAIN_NON_WORKING_DAYS_INCLUDE_SUNDAY', array(), null, 0, 0, 0, 2, 0, 1);
} else {
if (!empty($conf->global->MAIN_NON_WORKING_DAYS_INCLUDE_SUNDAY)) {
print '<a href="'.$_SERVER['PHP_SELF'].'?action=set_other&token='.newtoken().'&MAIN_NON_WORKING_DAYS_INCLUDE_SUNDAY=1">'.img_picto($langs->trans("Enabled"), 'on').'</a>';
print '<a href="'.$_SERVER['PHP_SELF'].'?action=set_other&token='.newToken().'&MAIN_NON_WORKING_DAYS_INCLUDE_SUNDAY=1">'.img_picto($langs->trans("Enabled"), 'on').'</a>';
} else {
print '<a href="'.$_SERVER['PHP_SELF'].'?action=set_other&token='.newtoken().'&MAIN_NON_WORKING_DAYS_INCLUDE_SUNDAY=0">'.img_picto($langs->trans("Disabled"), 'off').'</a>';
print '<a href="'.$_SERVER['PHP_SELF'].'?action=set_other&token='.newToken().'&MAIN_NON_WORKING_DAYS_INCLUDE_SUNDAY=0">'.img_picto($langs->trans("Disabled"), 'off').'</a>';
}
}
print "</td>";

2
htdocs/admin/index.php
View File

@ -82,7 +82,7 @@ print '<br><br>';
if (empty($conf->global->MAIN_INFO_SOCIETE_NOM) || empty($conf->global->MAIN_INFO_SOCIETE_COUNTRY)) {
$setupcompanynotcomplete = 1;
}
print img_picto('', 'company', 'class="paddingright valignmiddle double"').' '.$langs->trans("SetupDescriptionLink", DOL_URL_ROOT.'/admin/company.php?mainmenu=home'.(empty($setupcompanynotcomplete) ? '' : '&action=edit'), $langs->transnoentities("Setup"), $langs->transnoentities("MenuCompanySetup"));
print img_picto('', 'company', 'class="paddingright valignmiddle double"').' '.$langs->trans("SetupDescriptionLink", DOL_URL_ROOT.'/admin/company.php?mainmenu=home'.(empty($setupcompanynotcomplete) ? '' : '&action=edit&token='.newToken()), $langs->transnoentities("Setup"), $langs->transnoentities("MenuCompanySetup"));
print '<br><br>'.$langs->trans("SetupDescription3b");
if (!empty($setupcompanynotcomplete)) {
$langs->load("errors");

2
htdocs/admin/knowledgemanagement.php
View File

@ -324,7 +324,7 @@ if ($action == 'edit') {
print '</table>';
print '<div class="tabsAction">';
print '<a class="butAction" href="'.$_SERVER["PHP_SELF"].'?action=edit">'.$langs->trans("Modify").'</a>';
print '<a class="butAction" href="'.$_SERVER["PHP_SELF"].'?action=edit&token='.newToken().'">'.$langs->trans("Modify").'</a>';
print '</div>';
} else {
//print '<br>'.$langs->trans("NothingToSetup");

2
htdocs/admin/ldap.php
View File

@ -131,7 +131,7 @@ if (!function_exists("ldap_connect")) {
$form = new Form($db);
print '<form method="post" action="'.$_SERVER["PHP_SELF"].'?action=setvalue&token='.newtoken().'">';
print '<form method="post" action="'.$_SERVER["PHP_SELF"].'?action=setvalue&token='.newToken().'">';
print '<input type="hidden" name="token" value="'.newToken().'">';
print dol_get_fiche_head($head, 'ldap', $langs->trans("LDAPSetup"), -1);

2
htdocs/admin/ldap_contacts.php
View File

@ -145,7 +145,7 @@ print dol_get_fiche_head($head, 'contacts', $langs->trans("LDAPSetup"), -1);
print $langs->trans("LDAPDescContact").'<br>';
print '<br>';
print '<form method="post" action="'.$_SERVER["PHP_SELF"].'?action=setvalue&token='.newtoken().'">';
print '<form method="post" action="'.$_SERVER["PHP_SELF"].'?action=setvalue&token='.newToken().'">';
print '<input type="hidden" name="token" value="'.newToken().'">';
print '<table class="noborder centpercent">';

2
htdocs/admin/ldap_groups.php
View File

@ -120,7 +120,7 @@ print $langs->trans("LDAPDescGroups").'<br>';
print '<br>';
print '<form method="post" action="'.$_SERVER["PHP_SELF"].'?action=setvalue&token='.newtoken().'">';
print '<form method="post" action="'.$_SERVER["PHP_SELF"].'?action=setvalue&token='.newToken().'">';
print '<input type="hidden" name="token" value="'.newToken().'">';
print '<table class="noborder centpercent">';

2
htdocs/admin/ldap_members.php
View File

@ -184,7 +184,7 @@ if (!function_exists("ldap_connect")) {
setEventMessages($langs->trans("LDAPFunctionsNotAvailableOnPHP"), null, 'errors');
}
print '<form method="post" action="'.$_SERVER["PHP_SELF"].'?action=setvalue&token='.newtoken().'">';
print '<form method="post" action="'.$_SERVER["PHP_SELF"].'?action=setvalue&token='.newToken().'">';
print '<input type="hidden" name="token" value="'.newToken().'">';
print dol_get_fiche_head($head, 'members', $langs->trans("LDAPSetup"), -1);

2
htdocs/admin/ldap_members_types.php
View File

@ -112,7 +112,7 @@ print $langs->trans("LDAPDescMembersTypes").'<br>';
print '<br>';
print '<form method="POST" action="'.$_SERVER["PHP_SELF"].'?action=setvalue&token='.newtoken().'">';
print '<form method="POST" action="'.$_SERVER["PHP_SELF"].'?action=setvalue&token='.newToken().'">';
print '<input type="hidden" name="token" value="'.newToken().'">';
$form = new Form($db);

2
htdocs/admin/ldap_users.php
View File

@ -173,7 +173,7 @@ if (!function_exists("ldap_connect")) {
}
print '<form method="post" action="'.$_SERVER["PHP_SELF"].'?action=setvalue&token='.newtoken().'">';
print '<form method="post" action="'.$_SERVER["PHP_SELF"].'?action=setvalue&token='.newToken().'">';
print '<input type="hidden" name="token" value="'.newToken().'">';

2
htdocs/admin/limits.php
View File

@ -190,7 +190,7 @@ if ($action == 'edit') {
print '</div>';
print '<div class="tabsAction">';
print '<a class="butAction" href="'.$_SERVER["PHP_SELF"].'?action=edit'.(!empty($currencycode) ? '&currencycode='.$currencycode : '').'">'.$langs->trans("Modify").'</a>';
print '<a class="butAction" href="'.$_SERVER["PHP_SELF"].'?action=edit&token='.newToken().''.(!empty($currencycode) ? '&currencycode='.$currencycode : '').'">'.$langs->trans("Modify").'</a>';
print '</div>';
}

2
htdocs/admin/mails.php
View File

@ -784,7 +784,7 @@ if ($action == 'edit') {
// Actions button
print '<div class="tabsAction">';
print '<a class="butAction" href="'.$_SERVER["PHP_SELF"].'?action=edit">'.$langs->trans("Modify").'</a>';
print '<a class="butAction" href="'.$_SERVER["PHP_SELF"].'?action=edit&token='.newToken().'">'.$langs->trans("Modify").'</a>';
if (empty($conf->global->MAIN_DISABLE_ALL_MAILS)) {
if ($conf->global->MAIN_MAIL_SENDMODE != 'mail' || !$linuxlike) {

2
htdocs/admin/mails_emailing.php
View File

@ -515,7 +515,7 @@ if ($action == 'edit') {
print '<div class="tabsAction">';
print '<a class="butAction" href="'.$_SERVER["PHP_SELF"].'?action=edit">'.$langs->trans("Modify").'</a>';
print '<a class="butAction" href="'.$_SERVER["PHP_SELF"].'?action=edit&token='.newToken().'">'.$langs->trans("Modify").'</a>';
if (!empty($conf->global->MAIN_MAIL_SENDMODE_EMAILING) && $conf->global->MAIN_MAIL_SENDMODE_EMAILING != 'default') {
if ($conf->global->MAIN_MAIL_SENDMODE_EMAILING != 'mail' || !$linuxlike) {

2
htdocs/admin/mails_senderprofile_list.php
View File

@ -632,7 +632,7 @@ while ($i < ($limit ? min($num, $limit) : $num)) {
if ($sortorder) {
$url .= '&page='.urlencode($sortorder);
}
print '<a class="editfielda reposition marginrightonly marginleftonly" href="'.$url.'&action=edit&rowid='.$obj->rowid.'">'.img_edit().'</a>';
print '<a class="editfielda reposition marginrightonly marginleftonly" href="'.$url.'&action=edit&token='.newToken().'&rowid='.$obj->rowid.'">'.img_edit().'</a>';
//print ' &nbsp; ';
print '<a class=" marginrightonly marginleftonly" href="'.$url.'&action=delete&token='.newToken().'">'.img_delete().'</a> &nbsp; ';
if ($massactionbutton || $massaction) { // If we are in select mode (massactionbutton defined) or if we have already selected and sent an action ($massaction) defined

9
htdocs/admin/mails_templates.php
View File

@ -160,6 +160,7 @@ if (empty($conf->global->MAIN_EMAIL_TEMPLATES_FOR_OBJECT_LINES)) {
$tabhelp = array();
$tabhelp[25] = array(
'label'=>$langs->trans('EnterAnyCode'),
'topic'=>'<span class="small">'.$helpsubstit.'</span>',
'joinfiles'=>$langs->trans('AttachMainDocByDefault'),
'content'=>'<span class="small">'.$helpsubstit.'</span>',
@ -683,8 +684,8 @@ if ($action == 'view') {
$tmpaction = 'create';
$parameters = array(
'fieldlist' => $fieldlist,
'tabname' => $tabname[$id]
'fieldlist' => $fieldlist,
'tabname' => $tabname[$id]
);
$reshook = $hookmanager->executeHooks('createEmailTemplateFieldlist', $parameters, $obj, $tmpaction); // Note that $action and $object may have been modified by some hooks
$error = $hookmanager->error;
@ -822,7 +823,7 @@ if ($resql) {
print '</td>';
} elseif ($value == 'fk_user') {
print '<td class="liste_titre">';
print $form->select_dolusers($search_fk_user, 'search_fk_user', 1, null, 0, ($user->admin ? '' : 'hierarchyme'), null, 0, 0, 1, '', 0, '', 'maxwidth150');
print $form->select_dolusers($search_fk_user, 'search_fk_user', 1, null, 0, ($user->admin ? '' : 'hierarchyme'), null, 0, 0, 0, '', 0, '', 'maxwidth150');
print '</td>';
} elseif ($value == 'topic') {
print '<td class="liste_titre"><input type="text" name="search_topic" value="'.dol_escape_htmltag($search_topic).'"></td>';
@ -1187,7 +1188,7 @@ function fieldList($fieldlist, $obj = '', $tabname = '', $context = '')
if ($value == 'fk_user') {
print '<td>';
if ($user->admin) {
print $form->select_dolusers(empty($obj->{$value}) ? '' : $obj->{$value}, 'fk_user', 1, null, 0, ($user->admin ? '' : 'hierarchyme'), null, 0, 0, 1, '', 0, '', 'maxwidth200');
print $form->select_dolusers(empty($obj->{$value}) ? '' : $obj->{$value}, 'fk_user', 1, null, 0, ($user->admin ? '' : 'hierarchyme'), null, 0, 0, 0, '', 0, '', 'minwidth150 maxwidth300');
} else {
if ($context == 'add') { // I am not admin and we show the add form
print $user->getNomUrl(1); // Me

2
htdocs/admin/mails_ticket.php
View File

@ -479,7 +479,7 @@ if ($action == 'edit') {
print '<div class="tabsAction">';
print '<a class="butAction" href="'.$_SERVER["PHP_SELF"].'?action=edit">'.$langs->trans("Modify").'</a>';
print '<a class="butAction" href="'.$_SERVER["PHP_SELF"].'?action=edit&token='.newToken().'">'.$langs->trans("Modify").'</a>';
if (!empty($conf->global->MAIN_MAIL_SENDMODE_TICKET) && $conf->global->MAIN_MAIL_SENDMODE_TICKET != 'default') {
if ($conf->global->MAIN_MAIL_SENDMODE_TICKET != 'mail' || !$linuxlike) {

2
htdocs/admin/modules.php
View File

@ -878,7 +878,7 @@ if ($mode == 'common' || $mode == 'commonkanban') {
}
}
$codeenabledisable .= '<!-- Message to show: '.$warningmessage.' -->'."\n";
$codeenabledisable .= '<a class="reposition" href="'.$_SERVER["PHP_SELF"].'?id='.$objMod->numero.'&token='.newToken().'&module_position='.$module_position.'&action=set&token='.newtoken().'&value='.$modName.'&mode='.$mode.$param.'"';
$codeenabledisable .= '<a class="reposition" href="'.$_SERVER["PHP_SELF"].'?id='.$objMod->numero.'&token='.newToken().'&module_position='.$module_position.'&action=set&token='.newToken().'&value='.$modName.'&mode='.$mode.$param.'"';
if ($warningmessage) {
$codeenabledisable .= ' onclick="return confirm(\''.dol_escape_js($warningmessage).'\');"';
}

7
htdocs/admin/system/security.php
View File

@ -98,7 +98,7 @@ if (!ini_get('session.cookie_samesite') || ini_get('session.cookie_samesite') ==
print ' &nbsp; '.img_warning().' <span class="opacitymedium">'.$langs->trans("WarningPaypalPaymentNotCompatibleWithStrict")."</span>";
}
print "<br>\n";
print "<strong>PHP open_basedir</strong> = ".(ini_get('open_basedir') ? ini_get('open_basedir') : yn(0).' &nbsp; <span class="opacitymedium">('.$langs->trans("RecommendedValueIs", $langs->transnoentitiesnoconv("ARestrictedPath").', '.$langs->transnoentitiesnoconv("Example").' '.$_SERVER["DOCUMENT_ROOT"]).')</span>')."<br>\n";
print "<strong>PHP open_basedir</strong> = ".(ini_get('open_basedir') ? ini_get('open_basedir') : yn(0).' &nbsp; <span class="opacitymedium">('.$langs->trans("RecommendedValueIs", $langs->transnoentitiesnoconv("ARestrictedPath").', '.$langs->transnoentitiesnoconv("Example").': '.$_SERVER["DOCUMENT_ROOT"].','.DOL_DATA_ROOT).')</span>')."<br>\n";
print "<strong>PHP allow_url_fopen</strong> = ".(ini_get('allow_url_fopen') ? img_picto($langs->trans("YouShouldSetThisToOff"), 'warning').' '.ini_get('allow_url_fopen') : yn(0)).' &nbsp; <span class="opacitymedium">('.$langs->trans("RecommendedValueIs", $langs->transnoentitiesnoconv("No")).")</span><br>\n";
print "<strong>PHP allow_url_include</strong> = ".(ini_get('allow_url_include') ? img_picto($langs->trans("YouShouldSetThisToOff"), 'warning').' '.ini_get('allow_url_include') : yn(0)).' &nbsp; <span class="opacitymedium">('.$langs->trans("RecommendedValueIs", $langs->transnoentitiesnoconv("No")).")</span><br>\n";
//print "<strong>PHP safe_mode</strong> = ".(ini_get('safe_mode') ? ini_get('safe_mode') : yn(0)).' &nbsp; <span class="opacitymedium">'.$langs->trans("Deprecated")." (removed in PHP 5.4)</span><br>\n";
@ -391,7 +391,7 @@ if (empty($conf->api->enabled) && empty($conf->webservices->enabled)) {
print '<br>';
}
if (!empty($conf->api->enabled)) {
print '<strong>API_ENDPOINT_RULES</strong> = '.(empty($conf->global->API_ENDPOINT_RULES) ? '<span class="opacitymedium">'.$langs->trans("Undefined").' &nbsp; ('.$langs->trans("Example").': endpoint1:1,endpoint2:1,...)</span>' : $conf->global->API_ENDPOINT_RULES)."<br>\n";
print '<strong>API_ENDPOINT_RULES</strong> = '.(empty($conf->global->API_ENDPOINT_RULES) ? '<span class="opacitymedium">'.$langs->trans("Undefined").' &nbsp; ('.$langs->trans("Example").': login:0,users:0,setup:1,status:1,tickets:1,...)</span>' : $conf->global->API_ENDPOINT_RULES)."<br>\n";
print '<br>';
}
}
@ -445,6 +445,9 @@ print '<br>';
print '<strong>MAIN_SECURITY_CSRF_WITH_TOKEN</strong> = '.(empty($conf->global->MAIN_SECURITY_CSRF_WITH_TOKEN) ? '<span class="opacitymedium">'.$langs->trans("Undefined").' &nbsp; ('.$langs->trans("Recommended").': 1)</span>' : $conf->global->MAIN_SECURITY_CSRF_WITH_TOKEN)."<br>";
print '<br>';
print '<strong>MAIN_SECURITY_CSRF_TOKEN_RENEWAL_ON_EACH_CALL</strong> = '.(empty($conf->global->MAIN_SECURITY_CSRF_TOKEN_RENEWAL_ON_EACH_CALL) ? '<span class="opacitymedium">'.$langs->trans("Undefined").' &nbsp; ('.$langs->trans("Recommended").': '.$langs->trans("Undefined").' '.$langs->trans("or").' 0)</span>' : $conf->global->MAIN_SECURITY_CSRF_TOKEN_RENEWAL_ON_EACH_CALL)."<br>";
print '<br>';
print '<strong>MAIN_EXEC_USE_POPEN</strong> = ';
if (empty($conf->global->MAIN_EXEC_USE_POPEN)) {

32
htdocs/admin/translation.php
View File

@ -37,6 +37,7 @@ if (!$user->admin) {
$id = GETPOST('rowid', 'int');
$action = GETPOST('action', 'aZ09');
$optioncss = GETPOST('optionscss', 'aZ09');
$contextpage = GETPOST('contextpage', 'aZ09');
$langcode = GETPOST('langcode', 'alphanohtml');
$transkey = GETPOST('transkey', 'alphanohtml');
@ -357,7 +358,7 @@ if ($mode == 'overwrite') {
print ' &nbsp; ';
print '<input type="submit" class="button buttongen button-cancel" name="cancel" value="'.dol_escape_htmltag($langs->trans("Cancel")).'">';
} else {
print '<a class="reposition editfielda paddingrightonly" href="'.$_SERVER['PHP_SELF'].'?rowid='.$obj->rowid.'&entity='.$obj->entity.'&mode='.urlencode($mode).'&action=edit'.((empty($user->entity) && $debug) ? '&debug=1' : '').'">'.img_edit().'</a>';
print '<a class="reposition editfielda paddingrightonly" href="'.$_SERVER['PHP_SELF'].'?rowid='.$obj->rowid.'&entity='.$obj->entity.'&mode='.urlencode($mode).'&action=edit&token='.newToken().''.((empty($user->entity) && $debug) ? '&debug=1' : '').'">'.img_edit().'</a>';
print ' &nbsp; ';
print '<a class="reposition" href="'.$_SERVER['PHP_SELF'].'?rowid='.$obj->rowid.'&entity='.$obj->entity.'&mode='.urlencode($mode).'&action=delete&token='.newToken().((empty($user->entity) && $debug) ? '&debug=1' : '').'">'.img_delete().'</a>';
}
@ -470,18 +471,8 @@ if ($mode == 'searchkey') {
print '<div class="div-table-responsive-no-min">';
print '<table class="noborder centpercent">';
print '<tr class="liste_titre">';
print_liste_field_titre("Language_en_US_es_MX_etc", $_SERVER["PHP_SELF"], 'lang,transkey', '', $param, '', $sortfield, $sortorder);
print_liste_field_titre("Key", $_SERVER["PHP_SELF"], 'transkey', '', $param, '', $sortfield, $sortorder);
print_liste_field_titre("CurrentTranslationString", $_SERVER["PHP_SELF"], 'transvalue', '', $param, '', $sortfield, $sortorder);
//if (! empty($conf->multicompany->enabled) && !$user->entity) print_liste_field_titre("Entity", $_SERVER["PHP_SELF"], 'entity,transkey', '', $param, '', $sortfield, $sortorder);
print '<td align="center"></td>';
print "</tr>\n";
// Line to search new record
print "\n";
print '<tr class="oddeven"><td>';
print '<tr class="liste_titre_filter"><td>';
//print $formadmin->select_language($langcode,'langcode',0,null,$langs->trans("All"),0,0,'',1);
print $formadmin->select_language($langcode, 'langcode', 0, null, 0, 0, 0, 'maxwidth250', 1);
print '</td>'."\n";
@ -507,6 +498,15 @@ if ($mode == 'searchkey') {
print '</td>';
print '</tr>';
print '<tr class="liste_titre">';
print_liste_field_titre("Language_en_US_es_MX_etc", $_SERVER["PHP_SELF"], 'lang,transkey', '', $param, '', $sortfield, $sortorder);
print_liste_field_titre("Key", $_SERVER["PHP_SELF"], 'transkey', '', $param, '', $sortfield, $sortorder);
print_liste_field_titre("CurrentTranslationString", $_SERVER["PHP_SELF"], 'transvalue', '', $param, '', $sortfield, $sortorder);
//if (! empty($conf->multicompany->enabled) && !$user->entity) print_liste_field_titre("Entity", $_SERVER["PHP_SELF"], 'entity,transkey', '', $param, '', $sortfield, $sortorder);
print '<td align="center"></td>';
print "</tr>\n";
if ($sortfield == 'transkey' && strtolower($sortorder) == 'asc') {
ksort($recordtoshow);
}
@ -545,9 +545,9 @@ if ($mode == 'searchkey') {
if ($result) {
$obj = $db->fetch_object($result);
}
print '<a class="editfielda reposition marginrightonly" href="'.$_SERVER['PHP_SELF'].'?rowid='.$obj->rowid.'&entity='.$conf->entity.'&mode=overwrite&action=edit">'.img_edit().'</a>';
print '<a class="editfielda reposition marginrightonly" href="'.$_SERVER['PHP_SELF'].'?rowid='.$obj->rowid.'&entity='.$conf->entity.'&mode=overwrite&action=edit&token='.newToken().'">'.img_edit().'</a>';
print ' ';
print '<a class="marginleftonly marginrightonly" href="'.$_SERVER['PHP_SELF'].'?rowid='.$obj->rowid.'&entity='.$conf->entity.'&mode='.urlencode($mode).'&action=delete&mode='.urlencode($mode).'&token='.newToken().'">'.img_delete().'</a>';
print '<a class="marginleftonly marginrightonly" href="'.$_SERVER['PHP_SELF'].'?rowid='.$obj->rowid.'&entity='.$conf->entity.'&mode='.urlencode($mode).'&action=delete&token='.newToken().'&mode='.urlencode($mode).'">'.img_delete().'</a>';
print '&nbsp;&nbsp;';
$htmltext = $langs->trans("OriginalValueWas", '<i>'.$newlangfileonly->tab_translate[$key].'</i>');
print $form->textwithpicto('', $htmltext, 1, 'info');
@ -574,9 +574,9 @@ if ($mode == 'searchkey') {
if ($result) {
$obj = $db->fetch_object($result);
}
print '<a class="editfielda reposition marginrightonly" href="'.$_SERVER['PHP_SELF'].'?rowid='.$obj->rowid.'&entity='.$conf->entity.'&mode=overwrite&action=edit">'.img_edit().'</a>';
print '<a class="editfielda reposition marginrightonly" href="'.$_SERVER['PHP_SELF'].'?rowid='.$obj->rowid.'&entity='.$conf->entity.'&mode=overwrite&action=edit&token='.newToken().'">'.img_edit().'</a>';
print ' ';
print '<a class="marginleftonly marginrightonly" href="'.$_SERVER['PHP_SELF'].'?rowid='.$obj->rowid.'&entity='.$conf->entity.'&mode='.urlencode($mode).'&action=delete&mode='.urlencode($mode).'&token='.newToken().'">'.img_delete().'</a>';
print '<a class="marginleftonly marginrightonly" href="'.$_SERVER['PHP_SELF'].'?rowid='.$obj->rowid.'&entity='.$conf->entity.'&mode='.urlencode($mode).'&action=delete&token='.newToken().'&mode='.urlencode($mode).'">'.img_delete().'</a>';
print '&nbsp;&nbsp;';
$htmltext = $langs->trans("TransKeyWithoutOriginalValue", $key);

2
htdocs/admin/website_options.php
View File

@ -136,7 +136,7 @@ if ($action == 'edit') {
print '</table>';
print '<div class="tabsAction">';
print '<a class="butAction" href="'.$_SERVER["PHP_SELF"].'?action=edit">'.$langs->trans("Modify").'</a>';
print '<a class="butAction" href="'.$_SERVER["PHP_SELF"].'?action=edit&token='.newToken().'">'.$langs->trans("Modify").'</a>';
print '</div>';
}

2
htdocs/admin/workstation.php
View File

@ -214,7 +214,7 @@ if ($action == 'edit') {
print '</table>';
print '<div class="tabsAction">';
print '<a class="butAction" href="'.$_SERVER["PHP_SELF"].'?action=edit">'.$langs->trans("Modify").'</a>';
print '<a class="butAction" href="'.$_SERVER["PHP_SELF"].'?action=edit&token='.newToken().'">'.$langs->trans("Modify").'</a>';
print '</div>';
}/* else {
print '<br>'.$langs->trans("NothingToSetup");

28
htdocs/api/class/api_setup.class.php
View File

@ -1341,20 +1341,20 @@ class Setup extends DolibarrApi
}
/**
* Get the list of staff.
*
* @param string $sortfield Sort field
* @param string $sortorder Sort order
* @param int $limit Number of items per page
* @param int $page Page number (starting from zero)
* @param int $active Staff is active or not {@min 0} {@max 1}
* @param string $sqlfilters Other criteria to filter answers separated by a comma. Syntax example "(t.code:like:'A%') and (t.active:>=:0)"
* @return array List of staff
*
* @url GET dictionary/staff
*
* @throws RestException
*/
* Get the list of staff.
*
* @param string $sortfield Sort field
* @param string $sortorder Sort order
* @param int $limit Number of items per page
* @param int $page Page number (starting from zero)
* @param int $active Staff is active or not {@min 0} {@max 1}
* @param string $sqlfilters Other criteria to filter answers separated by a comma. Syntax example "(t.code:like:'A%') and (t.active:>=:0)"
* @return array List of staff
*
* @url GET dictionary/staff
*
* @throws RestException
*/
public function getListOfStaff($sortfield = "id", $sortorder = 'ASC', $limit = 100, $page = 0, $active = 1, $sqlfilters = '')
{
$list = array();

2
htdocs/asset/admin/setup.php
View File

@ -98,7 +98,7 @@ if ($action == 'edit') {
print '</table>';
print '<div class="tabsAction">';
print '<a class="butAction" href="'.$_SERVER["PHP_SELF"].'?action=edit">'.$langs->trans("Modify").'</a>';
print '<a class="butAction" href="'.$_SERVER["PHP_SELF"].'?action=edit&token='.newToken().'">'.$langs->trans("Modify").'</a>';
print '</div>';
}

4
htdocs/asset/type.php
View File

@ -298,7 +298,7 @@ if (!$rowid && $action != 'create' && $action != 'edit') {
print '</td>';
if ($user->rights->asset->write) {
print '<td class="right"><a class="editfielda" href="'.$_SERVER["PHP_SELF"].'?action=edit&rowid='.$objp->rowid.'">'.img_edit().'</a></td>';
print '<td class="right"><a class="editfielda" href="'.$_SERVER["PHP_SELF"].'?action=edit&token='.newToken().'&rowid='.$objp->rowid.'">'.img_edit().'</a></td>';
} else {
print '<td class="right">&nbsp;</td>';
}
@ -503,7 +503,7 @@ if ($rowid > 0) {
// Edit
if ($user->rights->asset->write) {
print '<div class="inline-block divButAction"><a class="butAction" href="'.$_SERVER['PHP_SELF'].'?action=edit&amp;rowid='.((int) $object->id).'">'.$langs->trans("Modify").'</a></div>';
print '<div class="inline-block divButAction"><a class="butAction" href="'.$_SERVER['PHP_SELF'].'?action=edit&token='.newToken().'&rowid='.((int) $object->id).'">'.$langs->trans("Modify").'</a></div>';
}
// Delete

6
htdocs/bom/bom_card.php
View File

@ -75,6 +75,7 @@ if ($object->id > 0) {
$object->calculateCosts();
}
// Security check - Protection if external user
//if ($user->socid > 0) accessforbidden();
//if ($user->socid > 0) $socid = $user->socid;
@ -115,8 +116,13 @@ if (empty($reshook)) {
$triggermodname = 'BOM_MODIFY'; // Name of trigger action code to execute when we modify record
// Actions cancel, add, update, delete or clone
include DOL_DOCUMENT_ROOT.'/core/actions_addupdatedelete.inc.php';
// The fetch/fetch_lines was redone into the inc.php so we must recall the calculateCosts()
if ($action == 'confirm_validate' && $object->id > 0) {
$object->calculateCosts();
}
// Actions when linking object each other
include DOL_DOCUMENT_ROOT.'/core/actions_dellink.inc.php';

2
htdocs/bom/tpl/objectline_view.tpl.php
View File

@ -121,7 +121,7 @@ if ($this->status == 0 && ($object_rights->write) && $action != 'selectlines') {
$coldisplay++;
if (($line->info_bits & 2) == 2 || !empty($disableedit)) {
} else {
print '<a class="editfielda reposition" href="'.$_SERVER["PHP_SELF"].'?id='.$this->id.'&amp;action=editline&amp;lineid='.$line->id.'">'.img_edit().'</a>';
print '<a class="editfielda reposition" href="'.$_SERVER["PHP_SELF"].'?id='.$this->id.'&action=editline&token='.newToken().'&lineid='.$line->id.'">'.img_edit().'</a>';
}
print '</td>';

4
htdocs/categories/traduction.php
View File

@ -231,9 +231,9 @@ print "\n<div class=\"tabsAction\">\n";
if ($action == '') {
if ($user->rights->produit->creer || $user->rights->service->creer) {
print '<a class="butAction" href="'.$_SERVER['PHP_SELF'].'?action=add&id='.$object->id.'&type='.$type.'">'.$langs->trans('Add').'</a>';
print '<a class="butAction" href="'.$_SERVER['PHP_SELF'].'?action=add&token='.newToken().'&id='.$object->id.'&type='.$type.'">'.$langs->trans('Add').'</a>';
if ($cnt_trans > 0) {
print '<a class="butAction" href="'.$_SERVER['PHP_SELF'].'?action=edit&id='.$object->id.'&type='.$type.'">'.$langs->trans('Update').'</a>';
print '<a class="butAction" href="'.$_SERVER['PHP_SELF'].'?action=edit&token='.newToken().'&id='.$object->id.'&type='.$type.'">'.$langs->trans('Update').'</a>';
}
}
}

4
htdocs/comm/action/card.php
View File

@ -1688,7 +1688,7 @@ if ($id > 0) {
print img_picto('', 'project', 'class="paddingrightonly"');
$numprojet = $formproject->select_projects(($object->socid > 0 ? $object->socid : -1), $object->fk_project, 'projectid', 0, 0, 1, 0, 0, 0, 0, '', 0, 0, 'maxwidth500');
if ($numprojet == 0) {
print ' &nbsp; <a href="'.DOL_URL_ROOT.'/projet/card.php?socid='.$object->socid.'&action=create&backtopage='.urlencode($_SERVER["PHP_SELF"].'?id='.$object->id.'&action=edit').'"><span class="fa fa-plus-circle valignmiddle paddingleft" title="'.$langs->trans("AddProject").'"></span></a>';
print ' &nbsp; <a href="'.DOL_URL_ROOT.'/projet/card.php?socid='.$object->socid.'&action=create&token='.newToken().'&backtopage='.urlencode($_SERVER["PHP_SELF"].'?id='.$object->id.'&action=edit').'"><span class="fa fa-plus-circle valignmiddle paddingleft" title="'.$langs->trans("AddProject").'"></span></a>';
}
print '</td></tr>';
}
@ -2168,7 +2168,7 @@ if ($id > 0) {
if ($action != 'edit') {
if ($user->rights->agenda->allactions->create ||
(($object->authorid == $user->id || $object->userownerid == $user->id) && $user->rights->agenda->myactions->create)) {
print '<div class="inline-block divButAction"><a class="butAction" href="card.php?action=edit&id='.$object->id.'">'.$langs->trans("Modify").'</a></div>';
print '<div class="inline-block divButAction"><a class="butAction" href="card.php?action=edit&token='.newToken().'&id='.$object->id.'">'.$langs->trans("Modify").'</a></div>';
} else {
print '<div class="inline-block divButAction"><a class="butActionRefused classfortooltip" href="#" title="'.$langs->trans("NotAllowed").'">'.$langs->trans("Modify").'</a></div>';
}

21
htdocs/comm/action/class/actioncomm.class.php
View File

@ -1245,7 +1245,6 @@ class ActionComm extends CommonObject
* Load all objects with filters.
* @todo WARNING: This make a fetch on all records instead of making one request with a join.
*
* @param DoliDb $db Not used
* @param int $socid Filter by thirdparty
* @param int $fk_element Id of element action is linked to
* @param string $elementtype Type of element action is linked to
@ -1255,7 +1254,7 @@ class ActionComm extends CommonObject
* @param string $limit Limit number of answers
* @return array|string Error string if KO, array with actions if OK
*/
public static function getActions($db, $socid = 0, $fk_element = 0, $elementtype = '', $filter = '', $sortfield = 'a.datep', $sortorder = 'DESC', $limit = 0)
public function getActions($socid = 0, $fk_element = 0, $elementtype = '', $filter = '', $sortfield = 'a.datep', $sortorder = 'DESC', $limit = 0)
{
global $conf, $langs;
@ -1277,33 +1276,33 @@ class ActionComm extends CommonObject
$sql .= " (SELECT fk_actioncomm FROM ".MAIN_DB_PREFIX."actioncomm_resources WHERE";
$sql .= " element_type = 'socpeople' AND fk_element = ".((int) $fk_element).')';
} else {
$sql .= " AND a.fk_element = ".((int) $fk_element)." AND a.elementtype = '".$db->escape($elementtype)."'";
$sql .= " AND a.fk_element = ".((int) $fk_element)." AND a.elementtype = '".$this->db->escape($elementtype)."'";
}
}
if (!empty($filter)) {
$sql .= $filter;
}
if ($sortorder && $sortfield) {
$sql .= $db->order($sortfield, $sortorder);
$sql .= $this->db->order($sortfield, $sortorder);
}
$sql .= $db->plimit($limit, 0);
$sql .= $this->db->plimit($limit, 0);
$resql = $db->query($sql);
$resql = $this->db->query($sql);
if ($resql) {
$num = $db->num_rows($resql);
$num = $this->db->num_rows($resql);
if ($num) {
for ($i = 0; $i < $num; $i++) {
$obj = $db->fetch_object($resql);
$actioncommstatic = new ActionComm($db);
$obj = $this->db->fetch_object($resql);
$actioncommstatic = new ActionComm($this->db);
$actioncommstatic->fetch($obj->id);
$resarray[$i] = $actioncommstatic;
}
}
$db->free($resql);
$this->db->free($resql);
return $resarray;
} else {
return $db->lasterror();
return $this->db->lasterror();
}
}

12
htdocs/comm/card.php
View File

@ -406,7 +406,7 @@ if ($object->id > 0) {
print $langs->trans('PaymentConditions');
print '<td>';
if (($action != 'editconditions') && $user->rights->societe->creer) {
print '<td class="right"><a class="editfielda" href="'.$_SERVER["PHP_SELF"].'?action=editconditions&amp;socid='.$object->id.'">'.img_edit($langs->trans('SetConditions'), 1).'</a></td>';
print '<td class="right"><a class="editfielda" href="'.$_SERVER["PHP_SELF"].'?action=editconditions&token='.newToken().'&socid='.$object->id.'">'.img_edit($langs->trans('SetConditions'), 1).'</a></td>';
}
print '</tr></table>';
print '</td><td>';
@ -424,7 +424,7 @@ if ($object->id > 0) {
print $langs->trans('PaymentMode');
print '<td>';
if (($action != 'editmode') && $user->rights->societe->creer) {
print '<td class="right"><a class="editfielda" href="'.$_SERVER["PHP_SELF"].'?action=editmode&amp;socid='.$object->id.'">'.img_edit($langs->trans('SetMode'), 1).'</a></td>';
print '<td class="right"><a class="editfielda" href="'.$_SERVER["PHP_SELF"].'?action=editmode&token='.newToken().'&socid='.$object->id.'">'.img_edit($langs->trans('SetMode'), 1).'</a></td>';
}
print '</tr></table>';
print '</td><td>';
@ -443,7 +443,7 @@ if ($object->id > 0) {
print $langs->trans('PaymentBankAccount');
print '<td>';
if (($action != 'editbankaccount') && $user->rights->societe->creer) {
print '<td class="right"><a class="editfielda" href="'.$_SERVER["PHP_SELF"].'?action=editbankaccount&amp;socid='.$object->id.'">'.img_edit($langs->trans('SetBankAccount'), 1).'</a></td>';
print '<td class="right"><a class="editfielda" href="'.$_SERVER["PHP_SELF"].'?action=editbankaccount&token='.newToken().'&socid='.$object->id.'">'.img_edit($langs->trans('SetBankAccount'), 1).'</a></td>';
}
print '</tr></table>';
print '</td><td>';
@ -569,7 +569,7 @@ if ($object->id > 0) {
print $langs->trans('SendingMethod');
print '<td>';
if (($action != 'editshipping') && $user->rights->societe->creer) {
print '<td class="right"><a class="editfielda" href="'.$_SERVER["PHP_SELF"].'?action=editshipping&amp;socid='.$object->id.'">'.img_edit($langs->trans('SetMode'), 1).'</a></td>';
print '<td class="right"><a class="editfielda" href="'.$_SERVER["PHP_SELF"].'?action=editshipping&token='.newToken().'&socid='.$object->id.'">'.img_edit($langs->trans('SetMode'), 1).'</a></td>';
}
print '</tr></table>';
print '</td><td>';
@ -589,7 +589,7 @@ if ($object->id > 0) {
print $langs->trans('IntracommReportTransportMode');
print '<td>';
if (($action != 'edittransportmode') && $user->rights->societe->creer) {
print '<td class="right"><a class="editfielda" href="'.$_SERVER["PHP_SELF"].'?action=edittransportmode&amp;socid='.$object->id.'">'.img_edit($langs->trans('SetMode'), 1).'</a></td>';
print '<td class="right"><a class="editfielda" href="'.$_SERVER["PHP_SELF"].'?action=edittransportmode&token='.newToken().'&socid='.$object->id.'">'.img_edit($langs->trans('SetMode'), 1).'</a></td>';
}
print '</tr></table>';
print '</td><td>';
@ -652,7 +652,7 @@ if ($object->id > 0) {
print $langs->trans('ProspectLevel');
print '<td>';
if ($action != 'editlevel' && $user->rights->societe->creer) {
print '<td class="right"><a class="editfielda reposition" href="'.$_SERVER["PHP_SELF"].'?action=editlevel&amp;socid='.$object->id.'">'.img_edit($langs->trans('Modify'), 1).'</a></td>';
print '<td class="right"><a class="editfielda reposition" href="'.$_SERVER["PHP_SELF"].'?action=editlevel&token='.newToken().'&socid='.$object->id.'">'.img_edit($langs->trans('Modify'), 1).'</a></td>';
}
print '</tr></table>';
print '</td><td>';

22
htdocs/comm/propal/card.php
View File

@ -2093,7 +2093,7 @@ if ($action == 'create') {
print $langs->trans('DatePropal');
print '</td>';
if ($action != 'editdate' && $object->statut == Propal::STATUS_DRAFT && $usercancreate) {
print '<td class="right"><a class="editfielda" href="'.$_SERVER["PHP_SELF"].'?action=editdate&amp;id='.$object->id.'">'.img_edit($langs->trans('SetDate'), 1).'</a></td>';
print '<td class="right"><a class="editfielda" href="'.$_SERVER["PHP_SELF"].'?action=editdate&token='.newToken().'&id='.$object->id.'">'.img_edit($langs->trans('SetDate'), 1).'</a></td>';
}
print '</tr></table>';
print '</td><td class="valuefield">';
@ -2120,7 +2120,7 @@ if ($action == 'create') {
print $langs->trans('DateEndPropal');
print '</td>';
if ($action != 'editecheance' && $object->statut == Propal::STATUS_DRAFT && $usercancreate) {
print '<td class="right"><a class="editfielda" href="'.$_SERVER["PHP_SELF"].'?action=editecheance&amp;id='.$object->id.'">'.img_edit($langs->trans('SetConditions'), 1).'</a></td>';
print '<td class="right"><a class="editfielda" href="'.$_SERVER["PHP_SELF"].'?action=editecheance&token='.newToken().'&id='.$object->id.'">'.img_edit($langs->trans('SetConditions'), 1).'</a></td>';
}
print '</tr></table>';
print '</td><td class="valuefield">';
@ -2150,7 +2150,7 @@ if ($action == 'create') {
print $langs->trans('PaymentConditionsShort');
print '</td>';
if ($action != 'editconditions' && $object->statut == Propal::STATUS_DRAFT && $usercancreate) {
print '<td class="right"><a class="editfielda" href="'.$_SERVER["PHP_SELF"].'?action=editconditions&amp;id='.$object->id.'">'.img_edit($langs->transnoentitiesnoconv('SetConditions'), 1).'</a></td>';
print '<td class="right"><a class="editfielda" href="'.$_SERVER["PHP_SELF"].'?action=editconditions&token='.newToken().'&id='.$object->id.'">'.img_edit($langs->transnoentitiesnoconv('SetConditions'), 1).'</a></td>';
}
print '</tr></table>';
print '</td><td class="valuefield">';
@ -2169,7 +2169,7 @@ if ($action == 'create') {
print $langs->trans('PaymentMode');
print '</td>';
if ($action != 'editmode' && $object->statut == Propal::STATUS_DRAFT && $usercancreate) {
print '<td class="right"><a class="editfielda" href="'.$_SERVER["PHP_SELF"].'?action=editmode&amp;id='.$object->id.'">'.img_edit($langs->transnoentitiesnoconv('SetMode'), 1).'</a></td>';
print '<td class="right"><a class="editfielda" href="'.$_SERVER["PHP_SELF"].'?action=editmode&token='.newToken().'&id='.$object->id.'">'.img_edit($langs->transnoentitiesnoconv('SetMode'), 1).'</a></td>';
}
print '</tr></table>';
print '</td><td class="valuefieldcreate">';
@ -2198,7 +2198,7 @@ if ($action == 'create') {
}
print '</td>';
if ($action != 'editavailability' && $object->statut == Propal::STATUS_DRAFT && $usercancreate) {
print '<td class="right"><a class="editfielda" href="'.$_SERVER["PHP_SELF"].'?action=editavailability&amp;id='.$object->id.'">'.img_edit($langs->transnoentitiesnoconv('SetAvailability'), 1).'</a></td>';
print '<td class="right"><a class="editfielda" href="'.$_SERVER["PHP_SELF"].'?action=editavailability&token='.newToken().'&id='.$object->id.'">'.img_edit($langs->transnoentitiesnoconv('SetAvailability'), 1).'</a></td>';
}
print '</tr></table>';
print '</td><td class="valuefield">';
@ -2218,7 +2218,7 @@ if ($action == 'create') {
print $langs->trans('SendingMethod');
print '</td>';
if ($action != 'editshippingmethod' && $usercancreate) {
print '<td class="right"><a class="editfielda" href="'.$_SERVER["PHP_SELF"].'?action=editshippingmethod&amp;id='.$object->id.'">'.img_edit($langs->trans('SetShippingMode'), 1).'</a></td>';
print '<td class="right"><a class="editfielda" href="'.$_SERVER["PHP_SELF"].'?action=editshippingmethod&token='.newToken().'&id='.$object->id.'">'.img_edit($langs->trans('SetShippingMode'), 1).'</a></td>';
}
print '</tr></table>';
print '</td><td class="valuefield">';
@ -2255,7 +2255,7 @@ if ($action == 'create') {
print $langs->trans('Source');
print '</td>';
if ($action != 'editdemandreason' && $object->statut == Propal::STATUS_DRAFT && $usercancreate) {
print '<td class="right"><a class="editfielda" href="'.$_SERVER["PHP_SELF"].'?action=editdemandreason&amp;id='.$object->id.'">'.img_edit($langs->transnoentitiesnoconv('SetDemandReason'), 1).'</a></td>';
print '<td class="right"><a class="editfielda" href="'.$_SERVER["PHP_SELF"].'?action=editdemandreason&token='.newToken().'&id='.$object->id.'">'.img_edit($langs->transnoentitiesnoconv('SetDemandReason'), 1).'</a></td>';
}
print '</tr></table>';
print '</td><td class="valuefield">';
@ -2276,7 +2276,7 @@ if ($action == 'create') {
print $form->editfieldkey('Currency', 'multicurrency_code', '', $object, 0);
print '</td>';
if ($action != 'editmulticurrencycode' && $object->statut == $object::STATUS_DRAFT && $usercancreate) {
print '<td class="right"><a class="editfielda" href="'.$_SERVER["PHP_SELF"].'?action=editmulticurrencycode&amp;id='.$object->id.'">'.img_edit($langs->transnoentitiesnoconv('SetMultiCurrencyCode'), 1).'</a></td>';
print '<td class="right"><a class="editfielda" href="'.$_SERVER["PHP_SELF"].'?action=editmulticurrencycode&token='.newToken().'&id='.$object->id.'">'.img_edit($langs->transnoentitiesnoconv('SetMultiCurrencyCode'), 1).'</a></td>';
}
print '</tr></table>';
print '</td><td class="valuefield">';
@ -2296,7 +2296,7 @@ if ($action == 'create') {
print $form->editfieldkey('CurrencyRate', 'multicurrency_tx', '', $object, 0);
print '</td>';
if ($action != 'editmulticurrencyrate' && $object->statut == $object::STATUS_DRAFT && $object->multicurrency_code && $object->multicurrency_code != $conf->currency && $usercancreate) {
print '<td class="right"><a class="editfielda" href="'.$_SERVER["PHP_SELF"].'?action=editmulticurrencyrate&amp;id='.$object->id.'">'.img_edit($langs->transnoentitiesnoconv('SetMultiCurrencyCode'), 1).'</a></td>';
print '<td class="right"><a class="editfielda" href="'.$_SERVER["PHP_SELF"].'?action=editmulticurrencyrate&token='.newToken().'&id='.$object->id.'">'.img_edit($langs->transnoentitiesnoconv('SetMultiCurrencyCode'), 1).'</a></td>';
}
print '</tr></table>';
print '</td><td class="valuefield">';
@ -2337,7 +2337,7 @@ if ($action == 'create') {
print $langs->trans('BankAccount');
print '</td>';
if ($action != 'editbankaccount' && $usercancreate) {
print '<td class="right"><a class="editfielda" href="'.$_SERVER["PHP_SELF"].'?action=editbankaccount&amp;id='.$object->id.'">'.img_edit($langs->trans('SetBankAccount'), 1).'</a></td>';
print '<td class="right"><a class="editfielda" href="'.$_SERVER["PHP_SELF"].'?action=editbankaccount&token='.newToken().'&id='.$object->id.'">'.img_edit($langs->trans('SetBankAccount'), 1).'</a></td>';
}
print '</tr></table>';
print '</td><td class="valuefield">';
@ -2373,7 +2373,7 @@ if ($action == 'create') {
print $langs->trans('IncotermLabel');
print '<td><td class="right">';
if ($usercancreate) {
print '<a class="editfielda" href="'.DOL_URL_ROOT.'/comm/propal/card.php?id='.$object->id.'&action=editincoterm">'.img_edit().'</a>';
print '<a class="editfielda" href="'.DOL_URL_ROOT.'/comm/propal/card.php?id='.$object->id.'&action=editincoterm&token='.newToken().'">'.img_edit().'</a>';
} else {
print '&nbsp;';
}

155
htdocs/comm/propal/list.php
View File

@ -13,9 +13,9 @@
* Copyright (C) 2016-2021 Ferran Marcet <fmarcet@2byte.es>
* Copyright (C) 2017-2018 Charlene Benke <charlie@patas-monkey.com>
* Copyright (C) 2018 Nicolas ZABOURI <info@inovea-conseil.com>
* Copyright (C) 2019 Alexandre Spangaro <aspangaro@open-dsi.fr>
* Copyright (C) 2019-2021 Alexandre Spangaro <aspangaro@open-dsi.fr>
* Copyright (C) 2021 Anthony Berton <anthony.berton@bb2a.fr>
* Copyright (C) 2021 Frédéric France <frederic.france@netlogic.fr>
* Copyright (C) 2021 Frédéric France <frederic.france@netlogic.fr>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -88,12 +88,30 @@ $search_zip = GETPOST('search_zip', 'alpha');
$search_state = GETPOST("search_state");
$search_country = GETPOST("search_country", 'int');
$search_type_thirdparty = GETPOST("search_type_thirdparty", 'int');
$search_date_start = dol_mktime(0, 0, 0, GETPOST('search_date_startmonth', 'int'), GETPOST('search_date_startday', 'int'), GETPOST('search_date_startyear', 'int'));
$search_date_end = dol_mktime(23, 59, 59, GETPOST('search_date_endmonth', 'int'), GETPOST('search_date_endday', 'int'), GETPOST('search_date_endyear', 'int'));
$search_dateend_start = dol_mktime(0, 0, 0, GETPOST('search_dateend_startmonth', 'int'), GETPOST('search_dateend_startday', 'int'), GETPOST('search_dateend_startyear', 'int'));
$search_dateend_end = dol_mktime(23, 59, 59, GETPOST('search_dateend_endmonth', 'int'), GETPOST('search_dateend_endday', 'int'), GETPOST('search_dateend_endyear', 'int'));
$search_datedelivery_start = dol_mktime(0, 0, 0, GETPOST('search_datedelivery_startmonth', 'int'), GETPOST('search_datedelivery_startday', 'int'), GETPOST('search_datedelivery_startyear', 'int'));
$search_datedelivery_end = dol_mktime(23, 59, 59, GETPOST('search_datedelivery_endmonth', 'int'), GETPOST('search_datedelivery_endday', 'int'), GETPOST('search_datedelivery_endyear', 'int'));
$search_date_startday = GETPOST('search_date_startday', 'int');
$search_date_startmonth = GETPOST('search_date_startmonth', 'int');
$search_date_startyear = GETPOST('search_date_startyear', 'int');
$search_date_endday = GETPOST('search_date_endday', 'int');
$search_date_endmonth = GETPOST('search_date_endmonth', 'int');
$search_date_endyear = GETPOST('search_date_endyear', 'int');
$search_date_start = dol_mktime(0, 0, 0, $search_date_startmonth, $search_date_startday, $search_date_startyear); // Use tzserver
$search_date_end = dol_mktime(23, 59, 59, $search_date_endmonth, $search_date_endday, $search_date_endyear);
$search_date_end_startday = GETPOST('search_date_end_startday', 'int');
$search_date_end_startmonth = GETPOST('search_date_end_startmonth', 'int');
$search_date_end_startyear = GETPOST('search_date_end_startyear', 'int');
$search_date_end_endday = GETPOST('search_date_end_endday', 'int');
$search_date_end_endmonth = GETPOST('search_date_end_endmonth', 'int');
$search_date_end_endyear = GETPOST('search_date_end_endyear', 'int');
$search_date_end_start = dol_mktime(0, 0, 0, $search_date_end_startmonth, $search_date_end_startday, $search_date_end_startyear); // Use tzserver
$search_date_end_end = dol_mktime(23, 59, 59, $search_date_end_endmonth, $search_date_end_endday, $search_date_end_endyear);
$search_date_delivery_startday = GETPOST('search_date_delivery_startday', 'int');
$search_date_delivery_startmonth = GETPOST('search_date_delivery_startmonth', 'int');
$search_date_delivery_startyear = GETPOST('search_date_delivery_startyear', 'int');
$search_date_delivery_endday = GETPOST('search_date_delivery_endday', 'int');
$search_date_delivery_endmonth = GETPOST('search_date_delivery_endmonth', 'int');
$search_date_delivery_endyear = GETPOST('search_date_delivery_endyear', 'int');
$search_date_delivery_start = dol_mktime(0, 0, 0, $search_date_delivery_startmonth, $search_date_delivery_startday, $search_date_delivery_startyear);
$search_date_delivery_end = dol_mktime(23, 59, 59, $search_date_delivery_endmonth, $search_date_delivery_endday, $search_date_delivery_endyear);
$search_availability = GETPOST('search_availability', 'int');
$search_categ_cus = GETPOST("search_categ_cus", 'int');
$search_fk_cond_reglement = GETPOST("search_fk_cond_reglement", 'int');
@ -278,12 +296,30 @@ if (GETPOST('button_removefilter_x', 'alpha') || GETPOST('button_removefilter.x'
$search_type = '';
$search_country = '';
$search_type_thirdparty = '';
$search_date_startday = '';
$search_date_startmonth = '';
$search_date_startyear = '';
$search_date_endday = '';
$search_date_endmonth = '';
$search_date_endyear = '';
$search_date_start = '';
$search_date_end = '';
$search_dateend_start = '';
$search_dateend_end = '';
$search_datedelivery_start = '';
$search_datedelivery_end = '';
$search_date_end_startday = '';
$search_date_end_startmonth = '';
$search_date_end_startyear = '';
$search_date_end_endday = '';
$search_date_end_endmonth = '';
$search_date_end_endyear = '';
$search_date_end_start = '';
$search_date_end_end = '';
$search_date_delivery_startday = '';
$search_date_delivery_startmonth = '';
$search_date_delivery_startyear = '';
$search_date_delivery_endday = '';
$search_date_delivery_endmonth = '';
$search_date_delivery_endyear = '';
$search_date_delivery_start = '';
$search_date_delivery_end = '';
$search_availability = '';
$search_status = '';
$object_statut = '';
@ -472,11 +508,11 @@ $sql .= ' p.datec as date_creation, p.tms as date_update, p.date_cloture as date
$sql .= ' p.note_public, p.note_private,';
$sql .= ' p.fk_cond_reglement,p.fk_mode_reglement,p.fk_shipping_method,p.fk_input_reason,';
$sql .= " pr.rowid as project_id, pr.ref as project_ref, pr.title as project_label,";
$sql .= ' u.login, u.lastname, u.firstname, u.email, u.statut, u.entity as user_entity, u.photo, u.office_phone, u.office_fax, u.user_mobile, u.job, u.gender';
$sql .= ' u.login, u.lastname, u.firstname, u.email as user_email, u.statut as user_statut, u.entity as user_entity, u.photo, u.office_phone, u.office_fax, u.user_mobile, u.job, u.gender';
if (!$user->rights->societe->client->voir && !$socid) {
$sql .= ", sc.fk_soc, sc.fk_user";
}
if ($search_categ_cus) {
if (!empty($search_categ_cus) && $search_categ_cus != '-1') {
$sql .= ", cc.fk_categorie, cc.fk_soc";
}
// Add fields from extrafields
@ -494,7 +530,7 @@ $sql .= ' FROM '.MAIN_DB_PREFIX.'societe as s';
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."c_country as country on (country.rowid = s.fk_pays)";
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."c_typent as typent on (typent.id = s.fk_typent)";
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."c_departements as state on (state.rowid = s.fk_departement)";
if (!empty($search_categ_cus)) {
if (!empty($search_categ_cus) && $search_categ_cus != '-1') {
$sql .= ' LEFT JOIN '.MAIN_DB_PREFIX."categorie_societe as cc ON s.rowid = cc.fk_soc"; // We'll need this table joined to the select in order to filter by categ
}
$sql .= ', '.MAIN_DB_PREFIX.'propal as p';
@ -599,6 +635,7 @@ if ($search_multicurrency_montant_ttc != '') {
if ($sall) {
$sql .= natural_search(array_keys($fieldstosearchall), $sall);
}
if ($search_categ_cus > 0) {
$sql .= " AND cc.fk_categorie = ".((int) $search_categ_cus);
}
@ -634,17 +671,17 @@ if ($search_date_start) {
if ($search_date_end) {
$sql .= " AND p.datep <= '".$db->idate($search_date_end)."'";
}
if ($search_dateend_start) {
$sql .= " AND p.fin_validite >= '".$db->idate($search_dateend_start)."'";
if ($search_date_end_start) {
$sql .= " AND p.fin_validite >= '".$db->idate($search_date_end_start)."'";
}
if ($search_dateend_end) {
$sql .= " AND p.fin_validite <= '".$db->idate($search_dateend_end)."'";
if ($search_date_end_end) {
$sql .= " AND p.fin_validite <= '".$db->idate($search_date_end_end)."'";
}
if ($search_datedelivery_start) {
$sql .= " AND p.date_livraison >= '".$db->idate($search_datedelivery_start)."'";
if ($search_date_delivery_start) {
$sql .= " AND p.date_livraison >= '".$db->idate($search_date_delivery_start)."'";
}
if ($search_datedelivery_end) {
$sql .= " AND p.date_livraison <= '".$db->idate($search_datedelivery_end)."'";
if ($search_date_delivery_end) {
$sql .= " AND p.date_livraison <= '".$db->idate($search_date_delivery_end)."'";
}
if ($search_sale > 0) {
$sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".((int) $search_sale);
@ -719,12 +756,60 @@ if ($resql) {
if ($sall) {
$param .= '&sall='.urlencode($sall);
}
if ($search_date_start) $param .= '&search_date_startday='.urlencode(dol_print_date($search_date_start, '%d')).'&search_date_startmonth='.urlencode(dol_print_date($search_date_start, '%m')).'&search_date_startyear='.urlencode(dol_print_date($search_date_start, '%Y'));
if ($search_date_end) $param .= '&search_date_endday='.urlencode(dol_print_date($search_date_end, '%d')).'&search_date_endmonth='.urlencode(dol_print_date($search_date_end, '%m')).'&search_date_endyear='.urlencode(dol_print_date($search_date_end, '%Y'));
if ($search_dateend_start) $param .= '&search_dateend_startday='.urlencode(dol_print_date($search_dateend_start, '%d')).'&search_dateend_startmonth='.urlencode(dol_print_date($search_dateend_start, '%m')).'&search_dateend_startyear='.urlencode(dol_print_date($search_dateend_start, '%Y'));
if ($search_dateend_end) $param .= '&search_dateend_endday='.urlencode(dol_print_date($search_dateend_end, '%d')).'&search_dateend_endmonth='.urlencode(dol_print_date($search_dateend_end, '%m')).'&search_dateend_endyear='.urlencode(dol_print_date($search_dateend_end, '%Y'));
if ($search_datedelivery_start) $param .= '&search_datedelivery_startday='.urlencode(dol_print_date($search_datedelivery_start, '%d')).'&search_datedelivery_startmonth='.urlencode(dol_print_date($search_datedelivery_start, '%m')).'&search_datedelivery_startyear='.urlencode(dol_print_date($search_datedelivery_start, '%Y'));
if ($search_datedelivery_end) $param .= '&search_datedelivery_endday='.urlencode(dol_print_date($search_datedelivery_end, '%d')).'&search_datedelivery_endmonth='.urlencode(dol_print_date($search_datedelivery_end, '%m')).'&search_datedelivery_endyear='.urlencode(dol_print_date($search_datedelivery_end, '%Y'));
if ($search_date_startday) {
$param .= '&search_date_startday='.urlencode($search_date_startday);
}
if ($search_date_startmonth) {
$param .= '&search_date_startmonth='.urlencode($search_date_startmonth);
}
if ($search_date_startyear) {
$param .= '&search_date_startyear='.urlencode($search_date_startyear);
}
if ($search_date_endday) {
$param .= '&search_date_endday='.urlencode($search_date_endday);
}
if ($search_date_endmonth) {
$param .= '&search_date_endmonth='.urlencode($search_date_endmonth);
}
if ($search_date_endyear) {
$param .= '&search_date_endyear='.urlencode($search_date_endyear);
}
if ($search_date_end_startday) {
$param .= '&search_date_end_startday='.urlencode($search_date_end_startday);
}
if ($search_date_end_startmonth) {
$param .= '&search_date_end_startmonth='.urlencode($search_date_end_startmonth);
}
if ($search_date_end_startyear) {
$param .= '&search_date_end_startyear='.urlencode($search_date_end_startyear);
}
if ($search_date_end_endday) {
$param .= '&search_date_end_endday='.urlencode($search_date_end_endday);
}
if ($search_date_end_endmonth) {
$param .= '&search_date_end_endmonth='.urlencode($search_date_end_endmonth);
}
if ($search_date_end_endyear) {
$param .= '&search_date_end_endyear='.urlencode($search_date_end_endyear);
}
if ($search_date_delivery_startday) {
$param .= '&search_date_delivery_startday='.urlencode($search_date_delivery_startday);
}
if ($search_date_delivery_startmonth) {
$param .= '&search_date_delivery_startmonth='.urlencode($search_date_delivery_startmonth);
}
if ($search_date_delivery_startyear) {
$param .= '&search_date_delivery_startyear='.urlencode($search_date_delivery_startyear);
}
if ($search_date_delivery_endday) {
$param .= '&search_date_delivery_endday='.urlencode($search_date_delivery_endday);
}
if ($search_date_delivery_endmonth) {
$param .= '&search_date_delivery_endmonth='.urlencode($search_date_delivery_endmonth);
}
if ($search_date_delivery_endyear) {
$param .= '&search_date_delivery_endyear='.urlencode($search_date_delivery_endyear);
}
if ($search_ref) {
$param .= '&search_ref='.urlencode($search_ref);
}
@ -1024,10 +1109,10 @@ if ($resql) {
if (!empty($arrayfields['p.fin_validite']['checked'])) {
print '<td class="liste_titre center">';
print '<div class="nowrap">';
print $form->selectDate($search_dateend_start ? $search_dateend_start : -1, 'search_dateend_start', 0, 0, 1, '', 1, 0, 0, '', '', '', '', 1, '', $langs->trans('From'));
print $form->selectDate($search_date_end_start ? $search_date_end_start : -1, 'search_date_end_start', 0, 0, 1, '', 1, 0, 0, '', '', '', '', 1, '', $langs->trans('From'));
print '</div>';
print '<div class="nowrap">';
print $form->selectDate($search_dateend_end ? $search_dateend_end : -1, 'search_dateend_end', 0, 0, 1, '', 1, 0, 0, '', '', '', '', 1, '', $langs->trans('to'));
print $form->selectDate($search_date_end_end ? $search_date_end_end : -1, 'search_date_end_end', 0, 0, 1, '', 1, 0, 0, '', '', '', '', 1, '', $langs->trans('to'));
print '</div>';
print '</td>';
}
@ -1035,10 +1120,10 @@ if ($resql) {
if (!empty($arrayfields['p.date_livraison']['checked'])) {
print '<td class="liste_titre center">';
print '<div class="nowrap">';
print $form->selectDate($search_datedelivery_start ? $search_datedelivery_start : -1, 'search_datedelivery_start', 0, 0, 1, '', 1, 0, 0, '', '', '', '', 1, '', $langs->trans('From'));
print $form->selectDate($search_date_delivery_start ? $search_date_delivery_start : -1, 'search_date_delivery_start', 0, 0, 1, '', 1, 0, 0, '', '', '', '', 1, '', $langs->trans('From'));
print '</div>';
print '<div class="nowrap">';
print $form->selectDate($search_datedelivery_end ? $search_datedelivery_end : -1, 'search_datedelivery_end', 0, 0, 1, '', 1, 0, 0, '', '', '', '', 1, '', $langs->trans('From'));
print $form->selectDate($search_date_delivery_end ? $search_date_delivery_end : -1, 'search_date_delivery_end', 0, 0, 1, '', 1, 0, 0, '', '', '', '', 1, '', $langs->trans('From'));
print '</div>';
print '</td>';
}
@ -1715,8 +1800,8 @@ if ($resql) {
$userstatic->login = $obj->login;
$userstatic->lastname = $obj->lastname;
$userstatic->firstname = $obj->firstname;
$userstatic->email = $obj->email;
$userstatic->statut = $obj->statut;
$userstatic->email = $obj->user_email;
$userstatic->statut = $obj->user_statut;
$userstatic->entity = $obj->user_entity;
$userstatic->photo = $obj->photo;
$userstatic->office_phone = $obj->office_phone;

12
htdocs/commande/class/commande.class.php
View File

@ -299,13 +299,9 @@ class Commande extends CommonOrder
'ref_client' =>array('type'=>'varchar(255)', 'label'=>'RefCustomer', 'enabled'=>1, 'visible'=>-1, 'position'=>28),
'fk_soc' =>array('type'=>'integer:Societe:societe/class/societe.class.php', 'label'=>'ThirdParty', 'enabled'=>1, 'visible'=>-1, 'notnull'=>1, 'position'=>20),
'fk_projet' =>array('type'=>'integer:Project:projet/class/project.class.php:1:fk_statut=1', 'label'=>'Project', 'enabled'=>1, 'visible'=>-1, 'position'=>25),
'date_creation' =>array('type'=>'datetime', 'label'=>'DateCreation', 'enabled'=>1, 'visible'=>-1, 'position'=>55),
'tms' =>array('type'=>'timestamp', 'label'=>'DateModification', 'enabled'=>1, 'visible'=>-1, 'notnull'=>1, 'position'=>56),
'date_valid' =>array('type'=>'datetime', 'label'=>'DateValidation', 'enabled'=>1, 'visible'=>-1, 'position'=>60),
'date_commande' =>array('type'=>'date', 'label'=>'Date', 'enabled'=>1, 'visible'=>1, 'position'=>60),
'date_valid' =>array('type'=>'datetime', 'label'=>'DateValidation', 'enabled'=>1, 'visible'=>-1, 'position'=>62),
'date_cloture' =>array('type'=>'datetime', 'label'=>'DateClosing', 'enabled'=>1, 'visible'=>-1, 'position'=>65),
'date_commande' =>array('type'=>'date', 'label'=>'Date', 'enabled'=>1, 'visible'=>-1, 'position'=>70),
'fk_user_author' =>array('type'=>'integer:User:user/class/user.class.php', 'label'=>'UserAuthor', 'enabled'=>1, 'visible'=>-1, 'position'=>75),
'fk_user_modif' =>array('type'=>'integer:User:user/class/user.class.php', 'label'=>'UserModif', 'enabled'=>1, 'visible'=>-2, 'notnull'=>-1, 'position'=>80),
'fk_user_valid' =>array('type'=>'integer:User:user/class/user.class.php', 'label'=>'UserValidation', 'enabled'=>1, 'visible'=>-1, 'position'=>85),
'fk_user_cloture' =>array('type'=>'integer:User:user/class/user.class.php', 'label'=>'UserClosing', 'enabled'=>1, 'visible'=>-1, 'position'=>90),
'source' =>array('type'=>'smallint(6)', 'label'=>'Source', 'enabled'=>1, 'visible'=>-1, 'position'=>95),
@ -344,6 +340,10 @@ class Commande extends CommonOrder
'last_main_doc' =>array('type'=>'varchar(255)', 'label'=>'LastMainDoc', 'enabled'=>1, 'visible'=>-1, 'position'=>270),
'module_source' =>array('type'=>'varchar(32)', 'label'=>'POSModule', 'enabled'=>1, 'visible'=>-1, 'position'=>275),
'pos_source' =>array('type'=>'varchar(32)', 'label'=>'POSTerminal', 'enabled'=>1, 'visible'=>-1, 'position'=>280),
'fk_user_author' =>array('type'=>'integer:User:user/class/user.class.php', 'label'=>'UserAuthor', 'enabled'=>1, 'visible'=>-1, 'position'=>300),
'fk_user_modif' =>array('type'=>'integer:User:user/class/user.class.php', 'label'=>'UserModif', 'enabled'=>1, 'visible'=>-2, 'notnull'=>-1, 'position'=>302),
'date_creation' =>array('type'=>'datetime', 'label'=>'DateCreation', 'enabled'=>1, 'visible'=>-1, 'position'=>304),
'tms' =>array('type'=>'timestamp', 'label'=>'DateModification', 'enabled'=>1, 'visible'=>-1, 'notnull'=>1, 'position'=>306),
'import_key' =>array('type'=>'varchar(14)', 'label'=>'ImportId', 'enabled'=>1, 'visible'=>-2, 'position'=>400),
'fk_statut' =>array('type'=>'smallint(6)', 'label'=>'Status', 'enabled'=>1, 'visible'=>-1, 'position'=>500),
);

10
htdocs/commande/list.php
View File

@ -428,7 +428,7 @@ $sql .= ' c.fk_multicurrency, c.multicurrency_code, c.multicurrency_tx, c.multic
$sql .= ' c.date_valid, c.date_commande, c.note_public, c.note_private, c.date_livraison as date_delivery, c.fk_statut, c.facture as billed,';
$sql .= ' c.date_creation as date_creation, c.tms as date_update, c.date_cloture as date_cloture,';
$sql .= ' p.rowid as project_id, p.ref as project_ref, p.title as project_label,';
$sql .= ' u.login, u.lastname, u.firstname, u.email, u.statut, u.entity, u.photo, u.office_phone, u.office_fax, u.user_mobile, u.job, u.gender,';
$sql .= ' u.login, u.lastname, u.firstname, u.email as user_email, u.statut as user_statut, u.entity, u.photo, u.office_phone, u.office_fax, u.user_mobile, u.job, u.gender,';
$sql .= ' c.fk_cond_reglement,c.fk_mode_reglement,c.fk_shipping_method,';
$sql .= ' c.fk_input_reason';
if (($search_categ_cus > 0) || ($search_categ_cus == -2)) {
@ -553,7 +553,7 @@ if ($search_state) {
if ($search_country) {
$sql .= " AND s.fk_pays IN (".$db->sanitize($search_country).')';
}
if ($search_type_thirdparty) {
if ($search_type_thirdparty && $search_type_thirdparty != '-1') {
$sql .= " AND s.fk_typent IN (".$db->sanitize($search_type_thirdparty).')';
}
if ($search_company) {
@ -795,7 +795,7 @@ if ($resql) {
if ($search_country != '') {
$param .= '&search_country='.urlencode($search_country);
}
if ($search_type_thirdparty != '' && $search_type_thirdparty > 0) {
if ($search_type_thirdparty && $search_type_thirdparty != '-1') {
$param .= '&search_type_thirdparty='.urlencode($search_type_thirdparty);
}
if ($search_product_category != '') {
@ -1697,8 +1697,8 @@ if ($resql) {
$userstatic->login = $obj->login;
$userstatic->lastname = $obj->lastname;
$userstatic->firstname = $obj->firstname;
$userstatic->email = $obj->email;
$userstatic->statut = $obj->statut;
$userstatic->email = $obj->user_email;
$userstatic->statut = $obj->user_statut;
$userstatic->entity = $obj->entity;
$userstatic->photo = $obj->photo;
$userstatic->office_phone = $obj->office_phone;

18
htdocs/compta/bank/class/account.class.php
View File

@ -1503,7 +1503,7 @@ class Account extends CommonObject
{
$country_code = $this->getCountryCode();
if (in_array($country_code, array('FR', 'ES', 'GA', 'IT', 'NC'))) {
if (in_array($country_code, array('AD', 'FR', 'ES', 'GA', 'IT', 'NC'))) {
return 1; // France, Spain, Gabon, ... - Not valid for CH
}
if (in_array($country_code, array('AU', 'BE', 'CA', 'DE', 'DK', 'GR', 'GB', 'ID', 'IE', 'IR', 'KR', 'NL', 'NZ', 'UK', 'US'))) {
@ -1696,21 +1696,21 @@ class Account extends CommonObject
/**
* Function used to replace a thirdparty id with another one.
*
* @param DoliDB $db Database handler
* @param DoliDB $dbs Database handler
* @param int $origin_id Old thirdparty id
* @param int $dest_id New thirdparty id
* @return bool
* @return bool True=SQL success, False=SQL error
*/
public static function replaceThirdparty($db, $origin_id, $dest_id)
public static function replaceThirdparty($dbs, $origin_id, $dest_id)
{
$sql = "UPDATE ".MAIN_DB_PREFIX."bank_url SET url_id = ".((int) $dest_id)." WHERE url_id = ".((int) $origin_id)." AND type='company'";
if (!$db->query($sql)) {
//if ($ignoreerrors) return true; // TODO Not enough. If there is A-B on kept thirdarty and B-C on old one, we must get A-B-C after merge. Not A-B.
//$this->errors = $db->lasterror();
return false;
} else {
if ($dbs->query($sql)) {
return true;
} else {
//if ($ignoreerrors) return true; // TODO Not enough. If there is A-B on kept thirdarty and B-C on old one, we must get A-B-C after merge. Not A-B.
//$this->errors = $dbs->lasterror();
return false;
}
}
}

2
htdocs/compta/bank/releve.php
View File

@ -364,7 +364,7 @@ if (empty($numref)) {
print '<td class="center">';
if ($user->rights->banque->consolidate && $action != 'editbankreceipt') {
print '<a href="'.$_SERVER["PHP_SELF"].'?account='.$object->id.($page > 0 ? '&page='.$page : '').'&action=editbankreceipt&brref='.$objp->numr.'">'.img_edit().'</a>';
print '<a href="'.$_SERVER["PHP_SELF"].'?account='.$object->id.($page > 0 ? '&page='.$page : '').'&action=editbankreceipt&token='.newToken().'&brref='.urlencode($objp->numr).'">'.img_edit().'</a>';
}
print '</td>';

2
htdocs/compta/deplacement/card.php
View File

@ -469,7 +469,7 @@ if ($action == 'create') {
if ($object->statut < Deplacement::STATUS_REFUNDED) { // if not refunded
if ($user->rights->deplacement->creer) {
print '<a class="butAction" href="'.$_SERVER["PHP_SELF"].'?action=edit&id='.$id.'">'.$langs->trans('Modify').'</a>';
print '<a class="butAction" href="'.$_SERVER["PHP_SELF"].'?action=edit&token='.newToken().'&id='.$id.'">'.$langs->trans('Modify').'</a>';
} else {
print '<a class="butActionRefused classfortooltip" href="#" title="'.dol_escape_htmltag($langs->trans("NotAllowed")).'">'.$langs->trans('Modify').'</a>';
}

14
htdocs/compta/facture/card-rec.php
View File

@ -1269,7 +1269,7 @@ if ($action == 'create') {
print $langs->trans('PaymentConditionsShort');
print '</td>';
if ($action != 'editconditions' && $user->rights->facture->creer) {
print '<td class="right"><a class="editfielda" href="'.$_SERVER["PHP_SELF"].'?action=editconditions&amp;facid='.$object->id.'">'.img_edit($langs->trans('SetConditions'), 1).'</a></td>';
print '<td class="right"><a class="editfielda" href="'.$_SERVER["PHP_SELF"].'?action=editconditions&token='.newToken().'&facid='.$object->id.'">'.img_edit($langs->trans('SetConditions'), 1).'</a></td>';
}
print '</tr></table>';
print '</td><td>';
@ -1290,7 +1290,7 @@ if ($action == 'create') {
print $langs->trans('PaymentMode');
print '</td>';
if ($action != 'editmode' && $user->rights->facture->creer) {
print '<td class="right"><a class="editfielda" href="'.$_SERVER["PHP_SELF"].'?action=editmode&amp;facid='.$object->id.'">'.img_edit($langs->trans('SetMode'), 1).'</a></td>';
print '<td class="right"><a class="editfielda" href="'.$_SERVER["PHP_SELF"].'?action=editmode&token='.newToken().'&facid='.$object->id.'">'.img_edit($langs->trans('SetMode'), 1).'</a></td>';
}
print '</tr></table>';
print '</td><td>';
@ -1310,7 +1310,7 @@ if ($action == 'create') {
print $form->editfieldkey('Currency', 'multicurrency_code', '', $object, 0);
print '</td>';
if ($usercancreate && $action != 'editmulticurrencycode' && !empty($object->brouillon)) {
print '<td class="right"><a class="editfielda" href="'.$_SERVER["PHP_SELF"].'?action=editmulticurrencycode&amp;id='.$object->id.'">'.img_edit($langs->transnoentitiesnoconv('SetMultiCurrencyCode'), 1).'</a></td>';
print '<td class="right"><a class="editfielda" href="'.$_SERVER["PHP_SELF"].'?action=editmulticurrencycode&token='.newToken().'&id='.$object->id.'">'.img_edit($langs->transnoentitiesnoconv('SetMultiCurrencyCode'), 1).'</a></td>';
}
print '</tr></table>';
print '</td><td>';
@ -1326,7 +1326,7 @@ if ($action == 'create') {
print $form->editfieldkey('CurrencyRate', 'multicurrency_tx', '', $object, 0);
print '</td>';
if ($usercancreate && $action != 'editmulticurrencyrate' && !empty($object->brouillon) && $object->multicurrency_code && $object->multicurrency_code != $conf->currency) {
print '<td class="right"><a class="editfielda" href="'.$_SERVER["PHP_SELF"].'?action=editmulticurrencyrate&amp;id='.$object->id.'">'.img_edit($langs->transnoentitiesnoconv('SetMultiCurrencyCode'), 1).'</a></td>';
print '<td class="right"><a class="editfielda" href="'.$_SERVER["PHP_SELF"].'?action=editmulticurrencyrate&token='.newToken().'&id='.$object->id.'">'.img_edit($langs->transnoentitiesnoconv('SetMultiCurrencyCode'), 1).'</a></td>';
}
print '</tr></table>';
print '</td><td>';
@ -1398,7 +1398,7 @@ if ($action == 'create') {
print $langs->trans('BankAccount');
print '<td>';
if (($action != 'editbankaccount') && $user->rights->facture->creer && $object->statut == FactureRec::STATUS_DRAFT) {
print '<td class="right"><a class="editfielda" href="'.$_SERVER["PHP_SELF"].'?action=editbankaccount&amp;id='.$object->id.'">'.img_edit($langs->trans('SetBankAccount'), 1).'</a></td>';
print '<td class="right"><a class="editfielda" href="'.$_SERVER["PHP_SELF"].'?action=editbankaccount&token='.newToken().'&id='.$object->id.'">'.img_edit($langs->trans('SetBankAccount'), 1).'</a></td>';
}
print '</tr></table>';
print '</td><td>';
@ -1416,7 +1416,7 @@ if ($action == 'create') {
print $langs->trans('Model');
print '<td>';
if (($action != 'editmodelpdf') && $user->rights->facture->creer && $object->statut == FactureRec::STATUS_DRAFT) {
print '<td class="right"><a class="editfielda" href="'.$_SERVER["PHP_SELF"].'?action=editmodelpdf&amp;id='.$object->id.'">'.img_edit($langs->trans('SetModel'), 1).'</a></td>';
print '<td class="right"><a class="editfielda" href="'.$_SERVER["PHP_SELF"].'?action=editmodelpdf&token='.newToken().'&id='.$object->id.'">'.img_edit($langs->trans('SetModel'), 1).'</a></td>';
}
print '</tr></table>';
print '</td><td>';
@ -1463,7 +1463,7 @@ if ($action == 'create') {
print $langs->trans('Frequency');
print '</td>';
if ($action != 'editfrequency' && $user->rights->facture->creer) {
print '<td class="right"><a class="editfielda" href="'.$_SERVER["PHP_SELF"].'?action=editfrequency&amp;facid='.$object->id.'">'.img_edit($langs->trans('Edit'), 1).'</a></td>';
print '<td class="right"><a class="editfielda" href="'.$_SERVER["PHP_SELF"].'?action=editfrequency&token='.newToken().'&facid='.$object->id.'">'.img_edit($langs->trans('Edit'), 1).'</a></td>';
}
print '</tr></table>';
print '</td><td>';

26
htdocs/compta/facture/card.php
View File

@ -4336,7 +4336,7 @@ if ($action == 'create') {
print $langs->trans('DateInvoice');
print '</td>';
if ($action != 'editinvoicedate' && !empty($object->brouillon) && $usercancreate && empty($conf->global->FAC_FORCE_DATE_VALIDATION)) {
print '<td class="right"><a class="editfielda" href="'.$_SERVER["PHP_SELF"].'?action=editinvoicedate&amp;facid='.$object->id.'">'.img_edit($langs->trans('SetDate'), 1).'</a></td>';
print '<td class="right"><a class="editfielda" href="'.$_SERVER["PHP_SELF"].'?action=editinvoicedate&token='.newToken().'&facid='.$object->id.'">'.img_edit($langs->trans('SetDate'), 1).'</a></td>';
}
print '</tr></table>';
print '</td><td>';
@ -4356,7 +4356,7 @@ if ($action == 'create') {
print '<table class="nobordernopadding" width="100%"><tr><td>';
print $langs->trans('DatePointOfTax');
print '</td>';
print '<td class="right"><a class="editfielda" href="'.$_SERVER["PHP_SELF"].'?action=editdate_pointoftax&amp;facid='.$object->id.'">'.img_edit($langs->trans('SetDate'), 1).'</a></td>';
print '<td class="right"><a class="editfielda" href="'.$_SERVER["PHP_SELF"].'?action=editdate_pointoftax&token='.newToken().'&facid='.$object->id.'">'.img_edit($langs->trans('SetDate'), 1).'</a></td>';
print '</tr></table>';
print '</td><td>';
if ($action == 'editdate_pointoftax') {
@ -4373,7 +4373,7 @@ if ($action == 'create') {
print $langs->trans('PaymentConditionsShort');
print '</td>';
if ($object->type != Facture::TYPE_CREDIT_NOTE && $action != 'editconditions' && $usercancreate) {
print '<td class="right"><a class="editfielda" href="'.$_SERVER["PHP_SELF"].'?action=editconditions&amp;facid='.$object->id.'">'.img_edit($langs->trans('SetConditions'), 1).'</a></td>';
print '<td class="right"><a class="editfielda" href="'.$_SERVER["PHP_SELF"].'?action=editconditions&token='.newToken().'&facid='.$object->id.'">'.img_edit($langs->trans('SetConditions'), 1).'</a></td>';
}
print '</tr></table>';
print '</td><td>';
@ -4394,7 +4394,7 @@ if ($action == 'create') {
print $langs->trans('DateMaxPayment');
print '</td>';
if ($object->type != Facture::TYPE_CREDIT_NOTE && $action != 'editpaymentterm' && $usercancreate) {
print '<td class="right"><a class="editfielda" href="'.$_SERVER["PHP_SELF"].'?action=editpaymentterm&amp;facid='.$object->id.'">'.img_edit($langs->trans('SetDate'), 1).'</a></td>';
print '<td class="right"><a class="editfielda" href="'.$_SERVER["PHP_SELF"].'?action=editpaymentterm&token='.newToken().'&facid='.$object->id.'">'.img_edit($langs->trans('SetDate'), 1).'</a></td>';
}
print '</tr></table>';
print '</td><td>';
@ -4418,7 +4418,7 @@ if ($action == 'create') {
print $langs->trans('PaymentMode');
print '</td>';
if ($action != 'editmode' && $usercancreate) {
print '<td class="right"><a class="editfielda" href="'.$_SERVER["PHP_SELF"].'?action=editmode&amp;facid='.$object->id.'">'.img_edit($langs->trans('SetMode'), 1).'</a></td>';
print '<td class="right"><a class="editfielda" href="'.$_SERVER["PHP_SELF"].'?action=editmode&token='.newToken().'&facid='.$object->id.'">'.img_edit($langs->trans('SetMode'), 1).'</a></td>';
}
print '</tr></table>';
print '</td><td>';
@ -4438,7 +4438,7 @@ if ($action == 'create') {
print $form->editfieldkey('Currency', 'multicurrency_code', '', $object, 0);
print '</td>';
if ($usercancreate && $action != 'editmulticurrencycode' && !empty($object->brouillon)) {
print '<td class="right"><a class="editfielda" href="'.$_SERVER["PHP_SELF"].'?action=editmulticurrencycode&amp;id='.$object->id.'">'.img_edit($langs->transnoentitiesnoconv('SetMultiCurrencyCode'), 1).'</a></td>';
print '<td class="right"><a class="editfielda" href="'.$_SERVER["PHP_SELF"].'?action=editmulticurrencycode&token='.newToken().'&id='.$object->id.'">'.img_edit($langs->transnoentitiesnoconv('SetMultiCurrencyCode'), 1).'</a></td>';
}
print '</tr></table>';
print '</td><td>';
@ -4454,7 +4454,7 @@ if ($action == 'create') {
print $form->editfieldkey('CurrencyRate', 'multicurrency_tx', '', $object, 0);
print '</td>';
if ($usercancreate && $action != 'editmulticurrencyrate' && !empty($object->brouillon) && $object->multicurrency_code && $object->multicurrency_code != $conf->currency) {
print '<td class="right"><a class="editfielda" href="'.$_SERVER["PHP_SELF"].'?action=editmulticurrencyrate&amp;id='.$object->id.'">'.img_edit($langs->transnoentitiesnoconv('SetMultiCurrencyCode'), 1).'</a></td>';
print '<td class="right"><a class="editfielda" href="'.$_SERVER["PHP_SELF"].'?action=editmulticurrencyrate&token='.newToken().'&id='.$object->id.'">'.img_edit($langs->transnoentitiesnoconv('SetMultiCurrencyCode'), 1).'</a></td>';
}
print '</tr></table>';
print '</td><td>';
@ -4482,7 +4482,7 @@ if ($action == 'create') {
print $langs->trans('BankAccount');
print '<td>';
if (($action != 'editbankaccount') && $usercancreate) {
print '<td class="right"><a class="editfielda" href="'.$_SERVER["PHP_SELF"].'?action=editbankaccount&amp;id='.$object->id.'">'.img_edit($langs->trans('SetBankAccount'), 1).'</a></td>';
print '<td class="right"><a class="editfielda" href="'.$_SERVER["PHP_SELF"].'?action=editbankaccount&token='.newToken().'&id='.$object->id.'">'.img_edit($langs->trans('SetBankAccount'), 1).'</a></td>';
}
print '</tr></table>';
print '</td><td>';
@ -4502,7 +4502,7 @@ if ($action == 'create') {
print $langs->trans('IncotermLabel');
print '<td><td class="right">';
if ($usercancreate) {
print '<a class="editfielda" href="'.DOL_URL_ROOT.'/compta/facture/card.php?facid='.$object->id.'&action=editincoterm">'.img_edit().'</a>';
print '<a class="editfielda" href="'.DOL_URL_ROOT.'/compta/facture/card.php?facid='.$object->id.'&action=editincoterm&token='.newToken().'">'.img_edit().'</a>';
} else {
print '&nbsp;';
}
@ -4532,7 +4532,7 @@ if ($action == 'create') {
print $langs->trans('RetainedWarranty');
print '</td>';
if ($action != 'editretainedwarranty' && $user->rights->facture->creer) {
print '<td align="right"><a class="editfielda" href="'.$_SERVER["PHP_SELF"].'?action=editretainedwarranty&amp;facid='.$object->id.'">'.img_edit($langs->trans('setretainedwarranty'), 1).'</a></td>';
print '<td align="right"><a class="editfielda" href="'.$_SERVER["PHP_SELF"].'?action=editretainedwarranty&token='.newToken().'&facid='.$object->id.'">'.img_edit($langs->trans('setretainedwarranty'), 1).'</a></td>';
}
print '</tr></table>';
@ -4555,7 +4555,7 @@ if ($action == 'create') {
print $langs->trans('PaymentConditionsShortRetainedWarranty');
print '</td>';
if ($action != 'editretainedwarrantypaymentterms' && $user->rights->facture->creer) {
print '<td align="right"><a class="editfielda" href="'.$_SERVER["PHP_SELF"].'?action=editretainedwarrantypaymentterms&amp;facid='.$object->id.'">'.img_edit($langs->trans('setPaymentConditionsShortRetainedWarranty'), 1).'</a></td>';
print '<td align="right"><a class="editfielda" href="'.$_SERVER["PHP_SELF"].'?action=editretainedwarrantypaymentterms&token='.newToken().'&facid='.$object->id.'">'.img_edit($langs->trans('setPaymentConditionsShortRetainedWarranty'), 1).'</a></td>';
}
print '</tr></table>';
@ -4590,7 +4590,7 @@ if ($action == 'create') {
print $langs->trans('RetainedWarrantyDateLimit');
print '</td>';
if ($action != 'editretainedwarrantydatelimit' && $user->rights->facture->creer) {
print '<td align="right"><a class="editfielda" href="'.$_SERVER["PHP_SELF"].'?action=editretainedwarrantydatelimit&amp;facid='.$object->id.'">'.img_edit($langs->trans('setretainedwarrantyDateLimit'), 1).'</a></td>';
print '<td align="right"><a class="editfielda" href="'.$_SERVER["PHP_SELF"].'?action=editretainedwarrantydatelimit&token='.newToken().'&facid='.$object->id.'">'.img_edit($langs->trans('setretainedwarrantyDateLimit'), 1).'</a></td>';
}
print '</tr></table>';
@ -4676,7 +4676,7 @@ if ($action == 'create') {
print $langs->trans('RevenueStamp');
print '</td>';
if ($action != 'editrevenuestamp' && !empty($object->brouillon) && $usercancreate) {
print '<td class="right"><a class="editfielda" href="'.$_SERVER["PHP_SELF"].'?action=editrevenuestamp&amp;facid='.$object->id.'">'.img_edit($langs->trans('SetRevenuStamp'), 1).'</a></td>';
print '<td class="right"><a class="editfielda" href="'.$_SERVER["PHP_SELF"].'?action=editrevenuestamp&token='.newToken().'&facid='.$object->id.'">'.img_edit($langs->trans('SetRevenuStamp'), 1).'</a></td>';
}
print '</tr></table>';
print '</td><td>';

8
htdocs/compta/facture/list.php
View File

@ -549,7 +549,7 @@ $sql .= ' typent.code as typent_code,';
$sql .= ' state.code_departement as state_code, state.nom as state_name,';
$sql .= ' country.code as country_code,';
$sql .= ' p.rowid as project_id, p.ref as project_ref, p.title as project_label,';
$sql .= ' u.login, u.lastname, u.firstname, u.email, u.statut, u.entity, u.photo, u.office_phone, u.office_fax, u.user_mobile, u.job, u.gender';
$sql .= ' u.login, u.lastname, u.firstname, u.email as user_email, u.statut as user_statut, u.entity, u.photo, u.office_phone, u.office_fax, u.user_mobile, u.job, u.gender';
// We need dynamount_payed to be able to sort on status (value is surely wrong because we can count several lines several times due to other left join or link with contacts. But what we need is just 0 or > 0)
// TODO Better solution to be able to sort on already payed or remain to pay is to store amount_payed in a denormalized field.
if (!$sall) {
@ -572,7 +572,7 @@ $sql .= ' FROM '.MAIN_DB_PREFIX.'societe as s';
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."c_country as country on (country.rowid = s.fk_pays)";
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."c_typent as typent on (typent.id = s.fk_typent)";
$sql .= " LEFT JOIN ".MAIN_DB_PREFIX."c_departements as state on (state.rowid = s.fk_departement)";
if (!empty($search_categ_cus) && $search_categ_cus!=-1) {
if (!empty($search_categ_cus) && $search_categ_cus != '-1') {
$sql .= ' LEFT JOIN '.MAIN_DB_PREFIX."categorie_societe as cc ON s.rowid = cc.fk_soc"; // We'll need this table joined to the select in order to filter by categ
}
@ -2013,8 +2013,8 @@ if ($resql) {
$userstatic->login = $obj->login;
$userstatic->lastname = $obj->lastname;
$userstatic->firstname = $obj->firstname;
$userstatic->email = $obj->email;
$userstatic->statut = $obj->statut;
$userstatic->email = $obj->user_email;
$userstatic->statut = $obj->user_statut;
$userstatic->entity = $obj->entity;
$userstatic->photo = $obj->photo;
$userstatic->office_phone = $obj->office_phone;

12
htdocs/compta/facture/prelevement.php
View File

@ -363,7 +363,7 @@ if ($object->id > 0) {
print $langs->trans('DateInvoice');
print '</td>';
if ($object->type != $object::TYPE_CREDIT_NOTE && $action != 'editinvoicedate' && !empty($object->brouillon) && $user->rights->facture->creer) {
print '<td class="right"><a class="editfielda" href="'.$_SERVER["PHP_SELF"].'?action=editinvoicedate&amp;id='.$object->id.'">'.img_edit($langs->trans('SetDate'), 1).'</a></td>';
print '<td class="right"><a class="editfielda" href="'.$_SERVER["PHP_SELF"].'?action=editinvoicedate&token='.newToken().'&id='.$object->id.'">'.img_edit($langs->trans('SetDate'), 1).'</a></td>';
}
print '</tr></table>';
print '</td><td colspan="3">';
@ -386,7 +386,7 @@ if ($object->id > 0) {
print $langs->trans('PaymentConditionsShort');
print '</td>';
if ($object->type != $object::TYPE_CREDIT_NOTE && $action != 'editconditions' && !empty($object->brouillon) && $user->rights->facture->creer) {
print '<td class="right"><a class="editfielda" href="'.$_SERVER["PHP_SELF"].'?action=editconditions&amp;id='.$object->id.'">'.img_edit($langs->trans('SetConditions'), 1).'</a></td>';
print '<td class="right"><a class="editfielda" href="'.$_SERVER["PHP_SELF"].'?action=editconditions&token='.newToken().'&id='.$object->id.'">'.img_edit($langs->trans('SetConditions'), 1).'</a></td>';
}
print '</tr></table>';
print '</td><td colspan="3">';
@ -407,7 +407,7 @@ if ($object->id > 0) {
print $langs->trans('DateMaxPayment');
print '</td>';
if ($object->type != $object::TYPE_CREDIT_NOTE && $action != 'editpaymentterm' && !empty($object->brouillon) && $user->rights->facture->creer) {
print '<td class="right"><a class="editfielda" href="'.$_SERVER["PHP_SELF"].'?action=editpaymentterm&amp;id='.$object->id.'">'.img_edit($langs->trans('SetDate'), 1).'</a></td>';
print '<td class="right"><a class="editfielda" href="'.$_SERVER["PHP_SELF"].'?action=editpaymentterm&token='.newToken().'&id='.$object->id.'">'.img_edit($langs->trans('SetDate'), 1).'</a></td>';
}
print '</tr></table>';
print '</td><td colspan="3">';
@ -436,7 +436,7 @@ if ($object->id > 0) {
print $langs->trans('PaymentMode');
print '</td>';
if ($action != 'editmode' && !empty($object->brouillon) && $user->rights->facture->creer) {
print '<td class="right"><a class="editfielda" href="'.$_SERVER["PHP_SELF"].'?action=editmode&amp;id='.$object->id.'">'.img_edit($langs->trans('SetMode'), 1).'</a></td>';
print '<td class="right"><a class="editfielda" href="'.$_SERVER["PHP_SELF"].'?action=editmode&token='.newToken().'&id='.$object->id.'">'.img_edit($langs->trans('SetMode'), 1).'</a></td>';
}
print '</tr></table>';
print '</td><td colspan="3">';
@ -453,7 +453,7 @@ if ($object->id > 0) {
print $langs->trans('BankAccount');
print '<td>';
if (($action != 'editbankaccount') && $user->rights->commande->creer && !empty($object->brouillon)) {
print '<td class="right"><a class="editfielda" href="'.$_SERVER["PHP_SELF"].'?action=editbankaccount&amp;id='.$object->id.'">'.img_edit($langs->trans('SetBankAccount'), 1).'</a></td>';
print '<td class="right"><a class="editfielda" href="'.$_SERVER["PHP_SELF"].'?action=editbankaccount&token='.newToken().'&id='.$object->id.'">'.img_edit($langs->trans('SetBankAccount'), 1).'</a></td>';
}
print '</tr></table>';
print '</td><td colspan="3">';
@ -537,7 +537,7 @@ if ($object->id > 0) {
print $langs->trans('RevenueStamp');
print '</td>';
if ($action != 'editrevenuestamp' && !empty($object->brouillon) && $user->rights->facture->creer) {
print '<td class="right"><a class="editfielda" href="'.$_SERVER["PHP_SELF"].'?action=editrevenuestamp&amp;facid='.$object->id.'">'.img_edit($langs->trans('SetRevenuStamp'), 1).'</a></td>';
print '<td class="right"><a class="editfielda" href="'.$_SERVER["PHP_SELF"].'?action=editrevenuestamp&token='.newToken().'&facid='.$object->id.'">'.img_edit($langs->trans('SetRevenuStamp'), 1).'</a></td>';
}
print '</tr></table>';
print '</td><td>';

4
htdocs/compta/paiement/cheque/card.php
View File

@ -529,7 +529,7 @@ if ($action == 'new') {
print $langs->trans('Date');
print '</td>';
if ($action != 'editdate') {
print '<td class="right"><a class="editfielda" href="'.$_SERVER["PHP_SELF"].'?action=editdate&amp;id='.$object->id.'">'.img_edit($langs->trans('SetDate'), 1).'</a></td>';
print '<td class="right"><a class="editfielda" href="'.$_SERVER["PHP_SELF"].'?action=editdate&token='.newToken().'&id='.$object->id.'">'.img_edit($langs->trans('SetDate'), 1).'</a></td>';
}
print '</tr></table>';
print '</td><td colspan="2">';
@ -554,7 +554,7 @@ if ($action == 'new') {
print '<table class="nobordernopadding" width="100%"><tr><td>';
print $langs->trans('RefExt');
print '</td>';
if ($action != 'editrefext') print '<td class="right"><a class="editfielda" href="'.$_SERVER["PHP_SELF"].'?action=editrefext&amp;id='.$object->id.'">'.img_edit($langs->trans('SetRefExt'),1).'</a></td>';
if ($action != 'editrefext') print '<td class="right"><a class="editfielda" href="'.$_SERVER["PHP_SELF"].'?action=editrefext&token='.newToken().'&id='.$object->id.'">'.img_edit($langs->trans('SetRefExt'),1).'</a></td>';
print '</tr></table>';
print '</td><td colspan="2">';
if ($action == 'editrefext')

12
htdocs/compta/prelevement/card.php
View File

@ -198,8 +198,7 @@ if ($id > 0 || $ref) {
print '<div class="underbanner clearboth"></div>';
print '<table class="border centpercent tableforfield">';
//print '<tr><td class="titlefield">'.$langs->trans("Ref").'</td><td>'.$object->getNomUrl(1).'</td></tr>';
print '<tr><td class="titlefield">'.$langs->trans("Date").'</td><td>'.dol_print_date($object->datec, 'day').'</td></tr>';
print '<tr><td class="titlefieldcreate">'.$langs->trans("Date").'</td><td>'.dol_print_date($object->datec, 'day').'</td></tr>';
print '<tr><td>'.$langs->trans("Amount").'</td><td><span class="amount">'.price($object->amount).'</span></td></tr>';
@ -237,7 +236,7 @@ if ($id > 0 || $ref) {
$acc = new Account($db);
$result = $acc->fetch(($object->type == 'bank-transfer' ? $conf->global->PAYMENTBYBANKTRANSFER_ID_BANKACCOUNT : $conf->global->PRELEVEMENT_ID_BANKACCOUNT));
print '<tr><td class="titlefield">';
print '<tr><td class="titlefieldcreate">';
$labelofbankfield = "BankToReceiveWithdraw";
if ($object->type == 'bank-transfer') {
$labelofbankfield = 'BankToPayCreditTransfer';
@ -251,7 +250,7 @@ if ($id > 0 || $ref) {
print '</td>';
print '</tr>';
print '<tr><td class="titlefield">';
print '<tr><td class="titlefieldcreate">';
$labelfororderfield = 'WithdrawalFile';
if ($object->type == 'bank-transfer') {
$labelfororderfield = 'CreditTransferFile';
@ -412,10 +411,9 @@ if ($id > 0 || $ref) {
// Status of line
print "<td>";
print '<a class="valignmiddle" href="'.DOL_URL_ROOT.'/compta/prelevement/line.php?id='.$obj->rowid.'&type='.$object->type.'&token='.newToken().'">';
print $ligne->LibStatut($obj->statut, 2);
print "&nbsp;";
print '<a href="'.DOL_URL_ROOT.'/compta/prelevement/line.php?id='.$obj->rowid.'&type='.$object->type.'&token='.newToken().'">';
print sprintf("%06s", $obj->rowid);
print '<span class="paddingleft">'.$obj->rowid.'</span>';
print '</a></td>';
$thirdparty = new Societe($db);

20
htdocs/compta/prelevement/class/ligneprelevement.class.php
View File

@ -137,29 +137,31 @@ class LignePrelevement
return $langs->trans($this->statuts[$status]);
} elseif ($mode == 1) {
if ($status == 0) {
return img_picto($langs->trans($this->statuts[$status]), 'statut1').' '.$langs->trans($this->statuts[$status]); // Waiting
return img_picto($langs->trans($this->statuts[$status]), 'statut1', 'class="valignmiddle"').' '.$langs->trans($this->statuts[$status]); // Waiting
} elseif ($status == 2) {
return img_picto($langs->trans($this->statuts[$status]), 'statut6').' '.$langs->trans($this->statuts[$status]); // Credited
return img_picto($langs->trans($this->statuts[$status]), 'statut6', 'class="valignmiddle"').' '.$langs->trans($this->statuts[$status]); // Credited
} elseif ($status == 3) {
return img_picto($langs->trans($this->statuts[$status]), 'statut8').' '.$langs->trans($this->statuts[$status]); // Refused
return img_picto($langs->trans($this->statuts[$status]), 'statut8', 'class="valignmiddle"').' '.$langs->trans($this->statuts[$status]); // Refused
}
} elseif ($mode == 2) {
if ($status == 0) {
return img_picto($langs->trans($this->statuts[$status]), 'statut1');
return img_picto($langs->trans($this->statuts[$status]), 'statut1', 'class="valignmiddle"');
} elseif ($status == 2) {
return img_picto($langs->trans($this->statuts[$status]), 'statut6');
return img_picto($langs->trans($this->statuts[$status]), 'statut6', 'class="valignmiddle"');
} elseif ($status == 3) {
return img_picto($langs->trans($this->statuts[$status]), 'statut8');
return img_picto($langs->trans($this->statuts[$status]), 'statut8', 'class="valignmiddle"');
}
} elseif ($mode == 3) {
if ($status == 0) {
return $langs->trans($this->statuts[$status]).' '.img_picto($langs->trans($this->statuts[$status]), 'statut1');
return $langs->trans($this->statuts[$status]).' '.img_picto($langs->trans($this->statuts[$status]), 'statut1', 'class="valignmiddle"');
} elseif ($status == 2) {
return $langs->trans($this->statuts[$status]).' '.img_picto($langs->trans($this->statuts[$status]), 'statut6');
return $langs->trans($this->statuts[$status]).' '.img_picto($langs->trans($this->statuts[$status]), 'statut6', 'class="valignmiddle"');
} elseif ($status == 3) {
return $langs->trans($this->statuts[$status]).' '.img_picto($langs->trans($this->statuts[$status]), 'statut8');
return $langs->trans($this->statuts[$status]).' '.img_picto($langs->trans($this->statuts[$status]), 'statut8', 'class="valignmiddle"');
}
}
//return dolGetStatus($this->labelStatus[$status], $this->labelStatusShort[$status], '', $statusType, $mode);
}
/**

8
htdocs/compta/prelevement/factures.php
View File

@ -100,8 +100,8 @@ if ($id > 0 || $ref) {
print '<div class="underbanner clearboth"></div>';
print '<table class="border centpercent tableforfield">'."\n";
//print '<tr><td class="titlefield">'.$langs->trans("Ref").'</td><td>'.$object->getNomUrl(1).'</td></tr>';
print '<tr><td class="titlefield">'.$langs->trans("Date").'</td><td>'.dol_print_date($object->datec, 'day').'</td></tr>';
//print '<tr><td class="titlefieldcreate">'.$langs->trans("Ref").'</td><td>'.$object->getNomUrl(1).'</td></tr>';
print '<tr><td class="titlefieldcreate">'.$langs->trans("Date").'</td><td>'.dol_print_date($object->datec, 'day').'</td></tr>';
print '<tr><td>'.$langs->trans("Amount").'</td><td>'.price($object->amount).'</td></tr>';
if ($object->date_trans <> 0) {
@ -131,7 +131,7 @@ if ($id > 0 || $ref) {
$acc = new Account($db);
$result = $acc->fetch($conf->global->PRELEVEMENT_ID_BANKACCOUNT);
print '<tr><td class="titlefield">';
print '<tr><td class="titlefieldcreate">';
$labelofbankfield = "BankToReceiveWithdraw";
if ($object->type == 'bank-transfer') {
$labelofbankfield = 'BankToPayCreditTransfer';
@ -145,7 +145,7 @@ if ($id > 0 || $ref) {
print '</td>';
print '</tr>';
print '<tr><td class="titlefield">';
print '<tr><td class="titlefieldcreate">';
$labelfororderfield = 'WithdrawalFile';
if ($object->type == 'bank-transfer') {
$labelfororderfield = 'CreditTransferFile';

8
htdocs/compta/prelevement/fiche-rejet.php
View File

@ -90,8 +90,8 @@ if ($prev_id > 0 || $ref) {
print '<div class="underbanner clearboth"></div>';
print '<table class="border centpercent tableforfield">'."\n";
//print '<tr><td class="titlefield">'.$langs->trans("Ref").'</td><td>'.$object->getNomUrl(1).'</td></tr>';
print '<tr><td class="titlefield">'.$langs->trans("Date").'</td><td>'.dol_print_date($object->datec, 'day').'</td></tr>';
//print '<tr><td class="titlefieldcreate">'.$langs->trans("Ref").'</td><td>'.$object->getNomUrl(1).'</td></tr>';
print '<tr><td class="titlefieldcreate">'.$langs->trans("Date").'</td><td>'.dol_print_date($object->datec, 'day').'</td></tr>';
print '<tr><td>'.$langs->trans("Amount").'</td><td>'.price($object->amount).'</td></tr>';
if ($object->date_trans <> 0) {
@ -121,7 +121,7 @@ if ($prev_id > 0 || $ref) {
$acc = new Account($db);
$result = $acc->fetch($conf->global->PRELEVEMENT_ID_BANKACCOUNT);
print '<tr><td class="titlefield">';
print '<tr><td class="titlefieldcreate">';
$labelofbankfield = "BankToReceiveWithdraw";
if ($object->type == 'bank-transfer') {
$labelofbankfield = 'BankToPayCreditTransfer';
@ -135,7 +135,7 @@ if ($prev_id > 0 || $ref) {
print '</td>';
print '</tr>';
print '<tr><td class="titlefield">';
print '<tr><td class="titlefieldcreate">';
$labelfororderfield = 'WithdrawalFile';
if ($object->type == 'bank-transfer') {
$labelfororderfield = 'CreditTransferFile';

6
htdocs/compta/prelevement/fiche-stat.php
View File

@ -89,8 +89,8 @@ if ($prev_id > 0 || $ref) {
print '<div class="underbanner clearboth"></div>';
print '<table class="border centpercent tableforfield">'."\n";
//print '<tr><td class="titlefield">'.$langs->trans("Ref").'</td><td>'.$object->getNomUrl(1).'</td></tr>';
print '<tr><td class="titlefield">'.$langs->trans("Date").'</td><td>'.dol_print_date($object->datec, 'day').'</td></tr>';
//print '<tr><td class="titlefieldcreate">'.$langs->trans("Ref").'</td><td>'.$object->getNomUrl(1).'</td></tr>';
print '<tr><td class="titlefieldcreate">'.$langs->trans("Date").'</td><td>'.dol_print_date($object->datec, 'day').'</td></tr>';
print '<tr><td>'.$langs->trans("Amount").'</td><td>'.price($object->amount).'</td></tr>';
if ($object->date_trans <> 0) {
@ -120,7 +120,7 @@ if ($prev_id > 0 || $ref) {
$acc = new Account($db);
$result = $acc->fetch($conf->global->PRELEVEMENT_ID_BANKACCOUNT);
print '<tr><td class="titlefield">';
print '<tr><td class="titlefieldcreate">';
$labelofbankfield = "BankToReceiveWithdraw";
if ($object->type == 'bank-transfer') {
$labelofbankfield = 'BankToPayCreditTransfer';

12
htdocs/compta/prelevement/line.php
View File

@ -151,7 +151,9 @@ if ($id) {
print $bon->getNomUrl(1).'</td></tr>';
print '<tr><td>'.$langs->trans("Date").'</td><td>'.dol_print_date($bon->datec, 'day').'</td></tr>';
print '<tr><td>'.$langs->trans("Amount").'</td><td>'.price($lipre->amount).'</td></tr>';
print '<tr><td>'.$langs->trans("Amount").'</td><td><span class="amount">'.price($lipre->amount).'</span></td></tr>';
print '<tr><td>'.$langs->trans("Status").'</td><td>'.$lipre->LibStatut($lipre->statut, 1).'</td></tr>';
if ($lipre->statut == 3) {
@ -159,6 +161,7 @@ if ($id) {
$resf = $rej->fetch($lipre->id);
if ($resf == 0) {
print '<tr><td>'.$langs->trans("RefusedReason").'</td><td>'.$rej->motif.'</td></tr>';
print '<tr><td>'.$langs->trans("RefusedData").'</td><td>';
if ($rej->date_rejet == 0) {
/* Historique pour certaines install */
@ -167,6 +170,7 @@ if ($id) {
print dol_print_date($rej->date_rejet, 'day');
}
print '</td></tr>';
print '<tr><td>'.$langs->trans("RefusedInvoicing").'</td><td>'.$rej->invoicing.'</td></tr>';
} else {
print '<tr><td>'.$resf.'</td></tr>';
@ -229,7 +233,7 @@ if ($id) {
/*
* Action bar
*/
print "<div class=\"tabsAction\">";
print '<div class="tabsAction">';
if ($action == '') {
if ($bon->statut == BonPrelevement::STATUS_CREDITED) {
@ -245,7 +249,7 @@ if ($id) {
}
}
print "</div>";
print '</div>';
/*
* List of invoices
@ -267,7 +271,7 @@ if ($id) {
if ($socid) {
$sql .= " AND s.rowid = ".((int) $socid);
}
$sql .= " ORDER BY $sortfield $sortorder ";
$sql .= $db->order($sortfield, $sortorder);
$sql .= $db->plimit($conf->liste_limit + 1, $offset);
$result = $db->query($sql);

4
htdocs/compta/sociales/card.php
View File

@ -577,7 +577,7 @@ if ($id > 0) {
print $langs->trans('DefaultPaymentMode');
print '</td>';
if ($action != 'editmode') {
print '<td class="right"><a class="editfielda" href="'.$_SERVER["PHP_SELF"].'?action=editmode&amp;id='.$object->id.'">'.img_edit($langs->trans('SetMode'), 1).'</a></td>';
print '<td class="right"><a class="editfielda" href="'.$_SERVER["PHP_SELF"].'?action=editmode&token='.newToken().'&id='.$object->id.'">'.img_edit($langs->trans('SetMode'), 1).'</a></td>';
}
print '</tr></table>';
print '</td><td>';
@ -595,7 +595,7 @@ if ($id > 0) {
print $langs->trans('DefaultBankAccount');
print '<td>';
if ($action != 'editbankaccount' && $user->rights->tax->charges->creer) {
print '<td class="right"><a class="editfielda" href="'.$_SERVER["PHP_SELF"].'?action=editbankaccount&amp;id='.$object->id.'">'.img_edit($langs->trans('SetBankAccount'), 1).'</a></td>';
print '<td class="right"><a class="editfielda" href="'.$_SERVER["PHP_SELF"].'?action=editbankaccount&token='.newToken().'&id='.$object->id.'">'.img_edit($langs->trans('SetBankAccount'), 1).'</a></td>';
}
print '</tr></table>';
print '</td><td>';

4
htdocs/compta/tva/card.php
View File

@ -573,7 +573,7 @@ if ($id) {
print $langs->trans('PaymentMode');
print '</td>';
if ($action != 'editmode') {
print '<td class="right"><a class="editfielda" href="'.$_SERVER["PHP_SELF"].'?action=editmode&amp;id='.$object->id.'">'.img_edit($langs->trans('SetMode'), 1).'</a></td>';
print '<td class="right"><a class="editfielda" href="'.$_SERVER["PHP_SELF"].'?action=editmode&token='.newToken().'&id='.$object->id.'">'.img_edit($langs->trans('SetMode'), 1).'</a></td>';
}
print '</tr></table>';
print '</td><td>';
@ -591,7 +591,7 @@ if ($id) {
print $langs->trans('BankAccount');
print '<td>';
if ($action != 'editbankaccount' && $user->rights->tax->charges->creer) {
print '<td class="right"><a class="editfielda" href="'.$_SERVER["PHP_SELF"].'?action=editbankaccount&amp;id='.$object->id.'">'.img_edit($langs->trans('SetBankAccount'), 1).'</a></td>';
print '<td class="right"><a class="editfielda" href="'.$_SERVER["PHP_SELF"].'?action=editbankaccount&token='.newToken().'&id='.$object->id.'">'.img_edit($langs->trans('SetBankAccount'), 1).'</a></td>';
}
print '</tr></table>';
print '</td><td>';

4
htdocs/contact/canvas/default/tpl/contactcard_view.tpl.php
View File

@ -139,11 +139,11 @@ if (!empty($this->control->tpl['action_delete'])) {
if (empty($user->socid)) {
print '<div class="tabsAction">';
if ($user->rights->societe->contact->creer) {
print '<a class="butAction" href="'.$_SERVER["PHP_SELF"].'?id='.$this->control->tpl['id'].'&action=edit&canvas='.$canvas.'">'.$langs->trans('Modify').'</a>';
print '<a class="butAction" href="'.$_SERVER["PHP_SELF"].'?id='.$this->control->tpl['id'].'&action=edit&token='.newToken().'&canvas='.$canvas.'">'.$langs->trans('Modify').'</a>';
}
if (!$this->control->tpl['user_id'] && $user->rights->user->user->creer) {
print '<a class="butAction" href="'.$_SERVER["PHP_SELF"].'?id='.$this->control->tpl['id'].'&action=create_user&canvas='.$canvas.'">'.$langs->trans("CreateDolibarrLogin").'</a>';
print '<a class="butAction" href="'.$_SERVER["PHP_SELF"].'?id='.$this->control->tpl['id'].'&action=create_user&token='.newToken().'&canvas='.$canvas.'">'.$langs->trans("CreateDolibarrLogin").'</a>';
}
if ($user->rights->societe->contact->supprimer) {

6
htdocs/contact/card.php
View File

@ -1348,7 +1348,7 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) {
print $langs->trans('ProspectLevel');
print '<td>';
if ($action != 'editlevel' && $user->rights->societe->contact->creer) {
print '<td align="right"><a href="'.$_SERVER["PHP_SELF"].'?action=editlevel&amp;id='.$object->id.'">'.img_edit($langs->trans('Modify'), 1).'</a></td>';
print '<td align="right"><a href="'.$_SERVER["PHP_SELF"].'?action=editlevel&token='.newToken().'&id='.$object->id.'">'.img_edit($langs->trans('Modify'), 1).'</a></td>';
}
print '</tr></table>';
print '</td><td>';
@ -1486,11 +1486,11 @@ if (is_object($objcanvas) && $objcanvas->displayCanvasExists($action)) {
}
if ($user->rights->societe->contact->creer) {
print '<a class="butAction" href="'.$_SERVER['PHP_SELF'].'?id='.$object->id.'&action=edit">'.$langs->trans('Modify').'</a>';
print '<a class="butAction" href="'.$_SERVER['PHP_SELF'].'?id='.$object->id.'&action=edit&token='.newToken().'">'.$langs->trans('Modify').'</a>';
}
if (!$object->user_id && $user->rights->user->user->creer) {
print '<a class="butAction" href="'.$_SERVER['PHP_SELF'].'?id='.$object->id.'&action=create_user">'.$langs->trans("CreateDolibarrLogin").'</a>';
print '<a class="butAction" href="'.$_SERVER['PHP_SELF'].'?id='.$object->id.'&action=create_user&token='.newToken().'">'.$langs->trans("CreateDolibarrLogin").'</a>';
}
// Activer

6
htdocs/contact/list.php
View File

@ -575,13 +575,13 @@ if ($limit > 0 && $limit != $conf->liste_limit) {
}
$param .= '&amp;begin='.urlencode($begin).'&amp;userid='.urlencode($userid).'&amp;contactname='.urlencode($sall);
$param .= '&amp;type='.urlencode($type).'&amp;view='.urlencode($view);
if (!empty($search_categ)) {
if (!empty($search_categ) && $search_categ != '-1') {
$param .= '&amp;search_categ='.urlencode($search_categ);
}
if (!empty($search_categ_thirdparty)) {
if (!empty($search_categ_thirdparty) && $search_categ_thirdparty != '-1') {
$param .= '&amp;search_categ_thirdparty='.urlencode($search_categ_thirdparty);
}
if (!empty($search_categ_supplier)) {
if (!empty($search_categ_supplier) && $search_categ_supplier != '-1') {
$param .= '&amp;search_categ_supplier='.urlencode($search_categ_supplier);
}
if ($sall != '') {

2
htdocs/contact/perso.php
View File

@ -311,7 +311,7 @@ if ($action != 'edit') {
print '<div class="tabsAction">';
if ($user->rights->societe->contact->creer) {
print '<a class="butAction" href="'.$_SERVER['PHP_SELF'].'?id='.$object->id.'&amp;action=edit">'.$langs->trans('Modify').'</a>';
print '<a class="butAction" href="'.$_SERVER['PHP_SELF'].'?id='.$object->id.'&action=edit&token='.newToken().'">'.$langs->trans('Modify').'</a>';
}
print "</div>";

4
htdocs/contrat/card.php
View File

@ -1541,12 +1541,12 @@ if ($action == 'create') {
print '<td class="nowrap right">';
if ($user->rights->contrat->creer && count($arrayothercontracts) && ($object->statut >= 0)) {
print '<!-- link to move service line into another contract -->';
print '<a class="reposition marginrightonly" style="padding-left: 5px;" href="'.$_SERVER['PHP_SELF'].'?id='.$object->id.'&amp;action=move&amp;rowid='.$objp->rowid.'">';
print '<a class="reposition marginrightonly" style="padding-left: 5px;" href="'.$_SERVER['PHP_SELF'].'?id='.$object->id.'&action=move&token='.newToken().'&rowid='.$objp->rowid.'">';
print img_picto($langs->trans("MoveToAnotherContract"), 'uparrow');
print '</a>';
}
if ($user->rights->contrat->creer && ($object->statut >= 0)) {
print '<a class="reposition marginrightonly editfielda" href="'.$_SERVER['PHP_SELF'].'?id='.$object->id.'&action=editline&rowid='.$objp->rowid.'">';
print '<a class="reposition marginrightonly editfielda" href="'.$_SERVER['PHP_SELF'].'?id='.$object->id.'&action=editline&token='.newToken().'&rowid='.$objp->rowid.'">';
print img_edit();
print '</a>';
}

24
htdocs/contrat/list.php
View File

@ -431,40 +431,40 @@ if ($search_ref_supplier != '') {
if ($search_op2df != '') {
$param .= '&search_op2df='.urlencode($search_op2df);
}
if ($search_date_startday) {
if ($search_date_startday > 0) {
$param .= '&search_date_startday='.urlencode($search_date_startday);
}
if ($search_date_startmonth) {
if ($search_date_startmonth > 0) {
$param .= '&search_date_startmonth='.urlencode($search_date_startmonth);
}
if ($search_date_startyear) {
if ($search_date_startyear > 0) {
$param .= '&search_date_startyear='.urlencode($search_date_startyear);
}
if ($search_date_endday) {
if ($search_date_endday > 0) {
$param .= '&search_date_endday='.urlencode($search_date_endday);
}
if ($search_date_endmonth) {
if ($search_date_endmonth > 0) {
$param .= '&search_date_endmonth='.urlencode($search_date_endmonth);
}
if ($search_date_endyear) {
if ($search_date_endyear > 0) {
$param .= '&search_date_endyear='.urlencode($search_date_endyear);
}
if ($search_dfyear != '') {
if ($search_dfyear > 0) {
$param .= '&search_dfyear='.urlencode($search_dfyear);
}
if ($search_dfmonth != '') {
if ($search_dfmonth > 0) {
$param .= '&search_dfmonth='.urlencode($search_dfmonth);
}
if ($search_sale != '') {
if ($search_sale > 0) {
$param .= '&search_sale='.urlencode($search_sale);
}
if ($search_user != '') {
if ($search_user > 0) {
$param .= '&search_user='.urlencode($search_user);
}
if ($search_type_thirdparty != '' && $search_type_thirdparty > 0) {
if ($search_type_thirdparty > 0) {
$param .= '&search_type_thirdparty='.urlencode($search_type_thirdparty);
}
if ($search_product_category != '') {
if ($search_product_category > 0) {
$param .= '&search_product_category='.urlencode($search_product_category);
}
if ($show_files) {

1
htdocs/core/actions_addupdatedelete.inc.php
View File

@ -129,6 +129,7 @@ if ($action == 'add' && !empty($permissiontoadd)) {
if (!$error) {
$result = $object->create($user);
var_dump($object);exit;
if ($result > 0) {
// Creation OK
if ($conf->categorie->enabled && method_exists($object, 'setCategories')) {

2
htdocs/core/boxes/box_members_by_type.php
View File

@ -68,7 +68,7 @@ class box_members_by_type extends ModeleBoxes
$this->enabled = 0; // disabled for external users
}
$this->hidden = !($user->rights->adherent->lire);
$this->hidden = !(!empty($conf->adherent->enabled) && $user->rights->adherent->lire);
}
/**

2
htdocs/core/boxes/box_members_last_modified.php
View File

@ -67,7 +67,7 @@ class box_members_last_modified extends ModeleBoxes
$this->enabled = 0; // disabled for external users
}
$this->hidden = !($user->rights->adherent->lire);
$this->hidden = !(!empty($conf->adherent->enabled) && $user->rights->adherent->lire);
}
/**

2
htdocs/core/boxes/box_members_last_subscriptions.php
View File

@ -67,7 +67,7 @@ class box_members_last_subscriptions extends ModeleBoxes
$this->enabled = 0; // disabled for external users
}
$this->hidden = !($user->rights->adherent->lire);
$this->hidden = !(!empty($conf->adherent->enabled) && $user->rights->adherent->lire);
}
/**

2
htdocs/core/boxes/box_members_subscriptions_by_year.php
View File

@ -67,7 +67,7 @@ class box_members_subscriptions_by_year extends ModeleBoxes
$this->enabled = 0; // disabled for external users
}
$this->hidden = !($user->rights->adherent->lire);
$this->hidden = !(!empty($conf->adherent->enabled) && $user->rights->adherent->lire);
}
/**

7
htdocs/core/class/conf.class.php
View File

@ -826,9 +826,10 @@ class Conf
$this->global->MAIN_MODULE_DOLISTORE_API_KEY = 'dolistorecatalogpublickey1234567';
}
// If we are in develop mode, we activate the option MAIN_SECURITY_CSRF_WITH_TOKEN to 1 if not already defined.
if (!isset($this->global->MAIN_SECURITY_CSRF_WITH_TOKEN) && $this->global->MAIN_FEATURES_LEVEL >= 2) {
$this->global->MAIN_SECURITY_CSRF_WITH_TOKEN = 1;
// Enable by default the CSRF protection by token.
if (!isset($this->global->MAIN_SECURITY_CSRF_WITH_TOKEN)) {
$this->global->MAIN_SECURITY_CSRF_WITH_TOKEN = 1; // Value 2 uses also CSRF check for all GET requests
// Note: Set MAIN_SECURITY_CSRF_TOKEN_RENEWAL_ON_EACH_CALL=1 to have a renewal of token at each page call instead of each session (not recommended)
}
if (defined('MAIN_ANTIVIRUS_COMMAND')) {

4
htdocs/core/class/extrafields.class.php
View File

@ -2047,9 +2047,9 @@ class ExtraFields
*
* @param array $extralabels Deprecated (old $array of extrafields, now set this to null)
* @param object $object Object
* @param string $onlykey Only some keys are filled:$this
* @param string $onlykey Only some keys are filled:
* 'string' => When we make update of only one extrafield ($action = 'update_extras'), calling page can set this to avoid to have other extrafields being reset.
* '@GETPOSTISSET' => When we make update of extrafields ($action = 'update'), calling page can set this to avoid to have fields not into POST being reset.
* '@GETPOSTISSET' => When we make update of several extrafields ($action = 'update'), calling page can set this to avoid to have fields not into POST being reset.
* @return int 1 if array_options set, 0 if no value, -1 if error (field required missing for example)
*/
public function setOptionalsFromPost($extralabels, &$object, $onlykey = '')

2
htdocs/core/class/html.form.class.php
View File

@ -165,7 +165,7 @@ class Form
$ret .= '<td class="right">';
}
if ($htmlname && GETPOST('action', 'aZ09') != 'edit'.$htmlname && $perm) {
$ret .= '<a class="editfielda" href="'.$_SERVER["PHP_SELF"].'?action=edit'.$htmlname.'&amp;'.$paramid.'='.$object->id.$moreparam.'">'.img_edit($langs->trans('Edit'), ($notabletag ? 0 : 1)).'</a>';
$ret .= '<a class="editfielda" href="'.$_SERVER["PHP_SELF"].'?action=edit'.$htmlname.'&token='.newToken().'&'.$paramid.'='.$object->id.$moreparam.'">'.img_edit($langs->trans('Edit'), ($notabletag ? 0 : 1)).'</a>';
}
if (!empty($notabletag) && $notabletag == 1) {
$ret .= ' : ';

3
htdocs/core/class/html.formactions.class.php
View File

@ -178,7 +178,8 @@ class FormActions
$sortfield = 'a.datep,a.id';
$sortorder = 'DESC,DESC';
$listofactions = ActionComm::getActions($this->db, $socid, $object->id, $typeelement, '', $sortfield, $sortorder, ($max ? ($max + 1) : 0));
$actioncomm = new ActionComm($this->db);
$listofactions = $actioncomm->getActions($socid, $object->id, $typeelement, '', $sortfield, $sortorder, ($max ? ($max + 1) : 0));
if (!is_array($listofactions)) {
dol_print_error($this->db, 'FailedToGetActions');
}

10
htdocs/core/class/html.formfile.class.php
View File

@ -136,6 +136,7 @@ class FormFile
$out .= '<input type="hidden" id="'.$htmlname.'_section_id" name="section_id" value="'.$sectionid.'">'."\n";
$out .= '<input type="hidden" name="sortfield" value="'.GETPOST('sortfield', 'aZ09comma').'">'."\n";
$out .= '<input type="hidden" name="sortorder" value="'.GETPOST('sortorder', 'aZ09comma').'">'."\n";
$out .= '<input type="hidden" name="page_y" value="">'."\n";
}
$out .= '<table class="nobordernopadding centpercent">';
@ -215,13 +216,13 @@ class FormFile
$langs->load('link');
$out .= '<span class="nowraponsmartphone"><input style="margin-right: 2px;" type="checkbox" id="overwritefile" name="overwritefile" value="1"><label for="overwritefile">'.$langs->trans("OverwriteIfExists").'</label></span>';
}
$out .= '<input type="submit" class="button reposition" name="sendit" value="'.$langs->trans("Upload").'"';
$out .= '<input type="submit" class="button small reposition" name="sendit" value="'.$langs->trans("Upload").'"';
$out .= (empty($conf->global->MAIN_UPLOAD_DOC) || empty($perm) ? ' disabled' : '');
$out .= '>';
if ($addcancel) {
$out .= ' &nbsp; ';
$out .= '<input type="submit" class="button button-cancel" name="cancel" value="'.$langs->trans("Cancel").'">';
$out .= '<input type="submit" class="button small button-cancel" name="cancel" value="'.$langs->trans("Cancel").'">';
}
if (!empty($conf->global->MAIN_UPLOAD_DOC)) {
@ -275,6 +276,7 @@ class FormFile
$out .= '<input type="hidden" name="token" value="'.newToken().'">'."\n";
$out .= '<input type="hidden" id="'.$htmlname.'_link_section_dir" name="link_section_dir" value="">'."\n";
$out .= '<input type="hidden" id="'.$htmlname.'_link_section_id" name="link_section_id" value="'.$sectionid.'">'."\n";
$out .= '<input type="hidden" name="page_y" value="">'."\n";
}
$out .= '<div class="valignmiddle">';
@ -293,7 +295,7 @@ class FormFile
$out .= '<input type="hidden" name="objectid" value="'.$object->id.'">';
$out .= '</div>';
$out .= '<div class="inline-block" style="padding-right: 10px;">';
$out .= '<input type="submit" class="button" name="linkit" value="'.$langs->trans("ToLink").'"';
$out .= '<input type="submit" class="button small reposition" name="linkit" value="'.$langs->trans("ToLink").'"';
$out .= (empty($conf->global->MAIN_UPLOAD_DOC) || empty($perm) ? ' disabled' : '');
$out .= '>';
$out .= '</div>';
@ -1454,7 +1456,7 @@ class FormFile
if ($permtoeditline) {
$paramsectiondir = (in_array($modulepart, array('medias', 'ecm')) ? '&section_dir='.urlencode($relativepath) : '');
print '<a class="editfielda reposition editfilelink" href="'.(($useinecm == 1 || $useinecm == 5) ? '#' : ($url.'?action=editfile&urlfile='.urlencode($filepath).$paramsectiondir.$param)).'" rel="'.$filepath.'">'.img_edit('default', 0, 'class="paddingrightonly"').'</a>';
print '<a class="editfielda reposition editfilelink" href="'.(($useinecm == 1 || $useinecm == 5) ? '#' : ($url.'?action=editfile&token='.newToken().'&urlfile='.urlencode($filepath).$paramsectiondir.$param)).'" rel="'.$filepath.'">'.img_edit('default', 0, 'class="paddingrightonly"').'</a>';
}
}
if ($permonobject) {

2
htdocs/core/class/html.formticket.class.php
View File

@ -762,7 +762,7 @@ class FormTicket
$arraycodenotparent[] = "";
$stringtoprint = '<span class="supportemailfield bold">'.$langs->trans("GroupOfTicket").'</span> ';
$stringtoprint .= '<select id ="'.$htmlname.'" class="maxwidth500 minwidth400" child_id="0">';
$stringtoprint .= '<select id ="'.$htmlname.'" class="minwidth500" child_id="0">';
$stringtoprint .= '<option value="">&nbsp;</option>';
$sql = "SELECT ctc.rowid, ctc.code, ctc.label, ctc.fk_parent, ctc.public, ";

40
htdocs/core/class/infobox.class.php
View File

@ -83,7 +83,7 @@ class InfoBox
/**
* Return array of boxes qualified for area and user
*
* @param DoliDB $db Database handler
* @param DoliDB $dbs Database handler
* @param string $mode 'available' or 'activated'
* @param int $zone Name or area (-1 for all, 0 for Homepage, 1 for Accountancy, 2 for xxx, ...)
* @param User|null $user Object user to filter
@ -91,7 +91,7 @@ class InfoBox
* @param int $includehidden Include also hidden boxes
* @return array Array of boxes
*/
public static function listBoxes($db, $mode, $zone, $user = null, $excludelist = array(), $includehidden = 1)
public static function listBoxes($dbs, $mode, $zone, $user = null, $excludelist = array(), $includehidden = 1)
{
global $conf;
@ -119,12 +119,12 @@ class InfoBox
}
dol_syslog(get_class()."::listBoxes get default box list for mode=".$mode." userid=".(is_object($user) ? $user->id : '')."", LOG_DEBUG);
$resql = $db->query($sql);
$resql = $dbs->query($sql);
if ($resql) {
$num = $db->num_rows($resql);
$num = $dbs->num_rows($resql);
$j = 0;
while ($j < $num) {
$obj = $db->fetch_object($resql);
$obj = $dbs->fetch_object($resql);
if (!in_array($obj->box_id, $excludelist)) {
$regs = array();
@ -144,7 +144,7 @@ class InfoBox
// Goal is to avoid making a "new" done for each boxes returned by select.
dol_include_once($relsourcefile);
if (class_exists($boxname)) {
$box = new $boxname($db, $obj->note); // Constructor may set properties like box->enabled. obj->note is note into box def, not user params.
$box = new $boxname($dbs, $obj->note); // Constructor may set properties like box->enabled. obj->note is note into box def, not user params.
//$box=new stdClass();
// box properties
@ -204,8 +204,8 @@ class InfoBox
$j++;
}
} else {
dol_syslog($db->lasterror(), LOG_ERR);
return array('error'=>$db->lasterror());
dol_syslog($dbs->lasterror(), LOG_ERR);
return array('error'=>$dbs->lasterror());
}
return $boxes;
@ -215,13 +215,13 @@ class InfoBox
/**
* Save order of boxes for area and user
*
* @param DoliDB $db Database handler
* @param DoliDB $dbs Database handler
* @param int $zone Name of area (0 for Homepage, ...)
* @param string $boxorder List of boxes with correct order 'A:123,456,...-B:789,321...'
* @param int $userid Id of user
* @return int <0 if KO, 0=Nothing done, > 0 if OK
*/
public static function saveboxorder($db, $zone, $boxorder, $userid = 0)
public static function saveboxorder($dbs, $zone, $boxorder, $userid = 0)
{
global $conf;
@ -235,18 +235,18 @@ class InfoBox
return 0;
}
$user = new User($db);
$user = new User($dbs);
$user->id = $userid;
$db->begin();
$dbs->begin();
// Save parameters to say user has a dedicated setup
$tab = array();
$confuserzone = 'MAIN_BOXES_'.$zone;
$tab[$confuserzone] = 1;
if (dol_set_user_param($db, $conf, $user, $tab) < 0) {
$error = $db->lasterror();
$db->rollback();
if (dol_set_user_param($dbs, $conf, $user, $tab) < 0) {
$error = $dbs->lasterror();
$dbs->rollback();
return -3;
}
@ -257,7 +257,7 @@ class InfoBox
$sql .= " AND position = ".((int) $zone);
dol_syslog(get_class()."::saveboxorder", LOG_DEBUG);
$result = $db->query($sql);
$result = $dbs->query($sql);
if ($result) {
$colonnes = explode('-', $boxorder);
foreach ($colonnes as $collist) {
@ -279,12 +279,12 @@ class InfoBox
$sql .= " values (";
$sql .= " ".((int) $id).",";
$sql .= " ".((int) $zone).",";
$sql .= " '".$db->escape($colonne.$ii)."',";
$sql .= " '".$dbs->escape($colonne.$ii)."',";
$sql .= " ".((int) $userid).",";
$sql .= " ".((int) $conf->entity);
$sql .= ")";
$result = $db->query($sql);
$result = $dbs->query($sql);
if ($result < 0) {
$error++;
break;
@ -297,10 +297,10 @@ class InfoBox
}
if ($error) {
$db->rollback();
$dbs->rollback();
return -2;
} else {
$db->commit();
$dbs->commit();
return 1;
}
}

10
htdocs/core/class/link.class.php
View File

@ -274,24 +274,24 @@ class Link extends CommonObject
/**
* Return nb of links
*
* @param DoliDb $db Database handler
* @param DoliDb $dbs Database handler
* @param string $objecttype Type of the associated object in dolibarr
* @param int $objectid Id of the associated object in dolibarr
* @return int Nb of links, -1 if error
**/
public static function count($db, $objecttype, $objectid)
public static function count($dbs, $objecttype, $objectid)
{
global $conf;
$sql = "SELECT COUNT(rowid) as nb FROM ".MAIN_DB_PREFIX."links";
$sql .= " WHERE objecttype = '".$db->escape($objecttype)."' AND objectid = ".((int) $objectid);
$sql .= " WHERE objecttype = '".$dbs->escape($objecttype)."' AND objectid = ".((int) $objectid);
if ($conf->entity != 0) {
$sql .= " AND entity = ".$conf->entity;
}
$resql = $db->query($sql);
$resql = $dbs->query($sql);
if ($resql) {
$obj = $db->fetch_object($resql);
$obj = $dbs->fetch_object($resql);
if ($obj) {
return $obj->nb;
}

8
htdocs/core/db/Database.interface.php
View File

@ -177,6 +177,14 @@ interface Database
*/
public function escape($stringtoencode);
/**
* Escape a string to insert data
*
* @param string $stringtoencode String to escape
* @return string String escaped
*/
public function escapeunderscore($stringtoencode);
/**
* Sanitize a string for SQL forging
*

11
htdocs/core/db/mysqli.class.php
View File

@ -440,6 +440,17 @@ class DoliDBMysqli extends DoliDB
return $this->db->real_escape_string($stringtoencode);
}
/**
* Escape a string to insert data
*
* @param string $stringtoencode String to escape
* @return string String escaped
*/
public function escapeunderscore($stringtoencode)
{
return str_replace('_', '\_', $stringtoencode);
}
/**
* Return generic error code of last operation.
*

11
htdocs/core/db/pgsql.class.php
View File

@ -713,6 +713,17 @@ class DoliDBPgsql extends DoliDB
return pg_escape_string($stringtoencode);
}
/**
* Escape a string to insert data
*
* @param string $stringtoencode String to escape
* @return string String escaped
*/
public function escapeunderscore($stringtoencode)
{
return str_replace('_', '\_', $stringtoencode);
}
/**
* Format a SQL IF
*

11
htdocs/core/db/sqlite3.class.php
View File

@ -645,6 +645,17 @@ class DoliDBSqlite3 extends DoliDB
return Sqlite3::escapeString($stringtoencode);
}
/**
* Escape a string to insert data
*
* @param string $stringtoencode String to escape
* @return string String escaped
*/
public function escapeunderscore($stringtoencode)
{
return str_replace('_', '\_', $stringtoencode);
}
/**
* Renvoie le code erreur generique de l'operation precedente.
*

5
htdocs/core/lib/barcode.lib.php
View File

@ -59,7 +59,10 @@ if (empty($font_loc)) {
if (defined('PHP-BARCODE_PATH_COMMAND')) {
$genbarcode_loc = constant('PHP-BARCODE_PATH_COMMAND');
} else {
$genbarcode_loc = $conf->global->GENBARCODE_LOCATION;
$genbarcode_loc = '';
if (!empty($conf->global->GENBARCODE_LOCATION)) {
$genbarcode_loc = $conf->global->GENBARCODE_LOCATION;
}
}

4
htdocs/core/lib/company.lib.php
View File

@ -1295,7 +1295,7 @@ function show_contacts($conf, $langs, $db, $object, $backtopage = '')
// Edit
if ($user->rights->societe->contact->creer) {
print '<a class="editfielda paddingleft" href="'.DOL_URL_ROOT.'/contact/card.php?action=edit&id='.$obj->rowid.'&backtopage='.urlencode($backtopage).'">';
print '<a class="editfielda paddingleft" href="'.DOL_URL_ROOT.'/contact/card.php?action=edit&token='.newToken().'&id='.$obj->rowid.'&backtopage='.urlencode($backtopage).'">';
print img_edit();
print '</a>';
}
@ -2003,7 +2003,7 @@ function show_subsidiaries($conf, $langs, $db, $object)
print '<td class="tdoverflowmax200" title="'.dol_escape_htmltag($obj->code_client).'">'.$obj->code_client.'</td>';
print '<td class="center">';
print '<a class="editfielda" href="'.DOL_URL_ROOT.'/societe/card.php?socid='.((int) $obj->rowid).'&action=edit">';
print '<a class="editfielda" href="'.DOL_URL_ROOT.'/societe/card.php?socid='.((int) $obj->rowid).'&action=edit&token='.newToken().'">';
print img_edit();
print '</a></td>';

4
htdocs/core/lib/functions.lib.php
View File

@ -4386,7 +4386,7 @@ function img_mime($file, $titlealt = '', $morecss = '')
}
//return img_picto_common($titlealt, 'mime/'.$mimeimg, 'class="'.$morecss.'"');
return '<i class="fa fa-'.$mimefa.' paddingright"'.($titlealt ? ' title="'.$titlealt.'"' : '').'></i>';
return '<i class="fa fa-'.$mimefa.' paddingright'.($morecss ? ' '.$morecss : '').'"'.($titlealt ? ' title="'.$titlealt.'"' : '').'></i>';
}
@ -6977,7 +6977,7 @@ function getCommonSubstitutionArray($outputlangs, $onlykey = 0, $exclude = null,
$substitutionarray['__SECUREKEYPAYMENT_MEMBER__'] = 'Security key for payment on a member subscription (one key per member)';
$substitutionarray['__SECUREKEYPAYMENT_ORDER__'] = 'Security key for payment on an order';
$substitutionarray['__SECUREKEYPAYMENT_INVOICE__'] = 'Security key for payment on an invoice';
$substitutionarray['__SECUREKEYPAYMENT_CONTRACTLINE__'] = 'Security key for payment on a a service';
$substitutionarray['__SECUREKEYPAYMENT_CONTRACTLINE__'] = 'Security key for payment on a service of a contract';
$substitutionarray['__DIRECTDOWNLOAD_URL_PROPOSAL__'] = 'Direct download url of a proposal';
$substitutionarray['__DIRECTDOWNLOAD_URL_ORDER__'] = 'Direct download url of an order';

2
htdocs/core/lib/ticket.lib.php
View File

@ -699,7 +699,7 @@ function show_ticket_messaging($conf, $langs, $db, $filterobj, $objcon = '', $no
if ($user->rights->agenda->allactions->create ||
(($actionstatic->authorid == $user->id || $actionstatic->userownerid == $user->id) && $user->rights->agenda->myactions->create)) {
$out .= '<a class="timeline-btn" href="'.DOL_MAIN_URL_ROOT.'/comm/action/card.php?action=edit&id='.$actionstatic->id.'"><i class="fa fa-pencil" title="'.$langs->trans("Modify").'" ></i></a>';
$out .= '<a class="timeline-btn" href="'.DOL_MAIN_URL_ROOT.'/comm/action/card.php?action=edit&token='.newToken().'&id='.$actionstatic->id.'"><i class="fa fa-pencil" title="'.$langs->trans("Modify").'" ></i></a>';
}
$out .= '</span>';

2
htdocs/core/lib/treeview.lib.php
View File

@ -190,7 +190,7 @@ function tree_recur($tab, $pere, $rang, $iddivjstree = 'iddivjstree', $donoreset
print "\n".'<li '.(!empty($tab[$x]['statut']) ? ' class="liuseractive"' : 'class="liuserdisabled"').'>';
if ($showfk) {
print '<table class="nobordernopadding centpercent"><tr><td>';
print '<strong> &nbsp; <a href="edit.php?menu_handler='.$menu_handler_to_search.'&action=edit&menuId='.$tab[$x]['rowid'].$moreparam.'">';
print '<strong> &nbsp; <a href="edit.php?menu_handler='.$menu_handler_to_search.'&action=edit&token='.newToken().'&menuId='.$tab[$x]['rowid'].$moreparam.'">';
print $tab[$x]['title'];
print '</a></strong>';
print '&nbsp; (mainmenu='.$tab[$x]['mainmenu'].' leftmenu='.$tab[$x]['leftmenu'].' - fk_mainmenu='.$tab[$x]['fk_mainmenu'].' fk_leftmenu='.$tab[$x]['fk_leftmenu'].')';

2
htdocs/core/lib/usergroups.lib.php
View File

@ -400,7 +400,7 @@ function showSkins($fuser, $edit = 0, $foruserprofile = false)
if (!file_exists($file)) {
$url = DOL_URL_ROOT.'/public/theme/common/nophoto.png';
}
print '<a href="'.$_SERVER["PHP_SELF"].($edit ? '?action=edit&theme=' : '?theme=').$subdir.(GETPOST('optioncss', 'alpha', 1) ? '&optioncss='.GETPOST('optioncss', 'alpha', 1) : '').($fuser ? '&id='.$fuser->id : '').'" style="font-weight: normal;" alt="'.$langs->trans("Preview").'">';
print '<a href="'.$_SERVER["PHP_SELF"].($edit ? '?action=edit&token='.newToken().'&theme=' : '?theme=').$subdir.(GETPOST('optioncss', 'alpha', 1) ? '&optioncss='.GETPOST('optioncss', 'alpha', 1) : '').($fuser ? '&id='.$fuser->id : '').'" style="font-weight: normal;" alt="'.$langs->trans("Preview").'">';
if ($subdir == $conf->global->MAIN_THEME) {
$title = $langs->trans("ThemeCurrentlyActive");
} else {

7
htdocs/core/lib/website.lib.php
View File

@ -866,11 +866,11 @@ function getPagesFromSearchCriterias($type, $algo, $searchstring, $max = 25, $so
$sql .= " AND (";
$searchalgo = '';
if (preg_match('/meta/', $algo)) {
$searchalgo .= ($searchalgo ? ' OR ' : '')."wp.title LIKE '%".$db->escape($searchstring)."%' OR wp.description LIKE '%".$db->escape($searchstring)."%'";
$searchalgo .= ($searchalgo ? ' OR ' : '')."wp.keywords LIKE '".$db->escape($searchstring).",%' OR wp.keywords LIKE '% ".$db->escape($searchstring)."%'"; // TODO Use a better way to scan keywords
$searchalgo .= ($searchalgo ? ' OR ' : '')."wp.title LIKE '%".$db->escapeunderscore($db->escape($searchstring))."%' OR wp.description LIKE '%".$db->escapeunderscore($db->escape($searchstring))."%'";
$searchalgo .= ($searchalgo ? ' OR ' : '')."wp.keywords LIKE '".$db->escapeunderscore($db->escape($searchstring)).",%' OR wp.keywords LIKE '% ".$db->escapeunderscore($db->escape($searchstring))."%'"; // TODO Use a better way to scan keywords
}
if (preg_match('/content/', $algo)) {
$searchalgo .= ($searchalgo ? ' OR ' : '')."wp.content LIKE '%".$db->escape($searchstring)."%'";
$searchalgo .= ($searchalgo ? ' OR ' : '')."wp.content LIKE '%".$db->escapeunderscore($db->escape($searchstring))."%'";
}
$sql .= $searchalgo;
if (is_array($otherfilters) && !empty($otherfilters['category'])) {
@ -879,6 +879,7 @@ function getPagesFromSearchCriterias($type, $algo, $searchstring, $max = 25, $so
$sql .= ")";
$sql .= $db->order($sortfield, $sortorder);
$sql .= $db->plimit($max);
//print $sql;
$resql = $db->query($sql);
if ($resql) {

5
htdocs/core/modules/modMultiCurrency.class.php
View File

@ -300,10 +300,11 @@ class modMultiCurrency extends DolibarrModules
{
global $conf, $user, $langs;
if (!MultiCurrency::checkCodeAlreadyExists($conf->currency)) {
$multicurrency = new MultiCurrency($this->db);
if (! $multicurrency->checkCodeAlreadyExists($conf->currency)) {
$langs->loadCacheCurrencies('');
$multicurrency = new MultiCurrency($this->db);
$multicurrency->code = $conf->currency;
$multicurrency->name = $langs->cache_currencies[$conf->currency]['label'].' ('.$langs->getCurrencySymbol($conf->currency).')';
$r = $multicurrency->create($user);

13
htdocs/core/modules/modSociete.class.php
View File

@ -281,6 +281,9 @@ class modSociete extends DolibarrModules
if (!empty($conf->global->PRODUIT_MULTIPRICES)) {
$this->export_fields_array[$r]['s.price_level'] = 'PriceLevel';
}
if (!empty($conf->global->ACCOUNTANCY_USE_PRODUCT_ACCOUNT_ON_THIRDPARTY)) {
$this->export_fields_array[$r] += array('s.accountancy_code_sell'=>'ProductAccountancySellCode', 's.accountancy_code_buy'=>'ProductAccountancyBuyCode');
}
// Add multicompany field
if (!empty($conf->global->MULTICOMPANY_ENTITY_IN_EXPORT_IF_SHARED)) {
$nbofallowedentities = count(explode(',', getEntity('societe'))); // If project are shared, nb will be > 1
@ -317,7 +320,8 @@ class modSociete extends DolibarrModules
'payterm.libelle'=>'Text', 'paymode.libelle'=>'Text',
's.outstanding_limit'=>'Numeric', 'pbacc.ref'=>'Text', 'incoterm.code'=>'Text',
'u.login'=>'Text', 'u.firstname'=>'Text', 'u.lastname'=>'Text',
's.entity'=>'Numeric', 's.price_level'=>'Numeric'
's.entity'=>'Numeric', 's.price_level'=>'Numeric',
's.accountancy_code_sell'=>'Text', 's.accountancy_code_buy'=>'Text'
);
$this->export_entities_array[$r] = array('u.login'=>'user', 'u.firstname'=>'user', 'u.lastname'=>'user'); // We define here only fields that use another picto
@ -488,6 +492,9 @@ class modSociete extends DolibarrModules
if (!empty($conf->global->PRODUIT_MULTIPRICES)) {
$this->import_fields_array[$r]['s.price_level'] = 'PriceLevel';
}
if (!empty($conf->global->ACCOUNTANCY_USE_PRODUCT_ACCOUNT_ON_THIRDPARTY)) {
$this->import_fields_array[$r] += array('s.accountancy_code_sell'=>'ProductAccountancySellCode', 's.accountancy_code_buy'=>'ProductAccountancyBuyCode');
}
// Add extra fields
$sql = "SELECT name, label, fieldrequired FROM ".MAIN_DB_PREFIX."extrafields WHERE elementtype = 'societe' AND entity IN (0, ".$conf->entity.")";
$resql = $this->db->query($sql);
@ -621,7 +628,9 @@ class modSociete extends DolibarrModules
's.canvas' => "empty / a custom canvas form layout url e.g. mycanvas@mymodule",
's.datec' => 'formatted as '.dol_print_date(dol_now(), '%Y-%m-%d'),
's.fk_multicurrency' => '0 (use system default currency) / 1 (use local currency)',
's.multicurrency_code' => 'GBP/USD etc... matches field "code_iso" in table "'.MAIN_DB_PREFIX.'c_currencies"'
's.multicurrency_code' => 'GBP/USD etc... matches field "code_iso" in table "'.MAIN_DB_PREFIX.'c_currencies"',
's.accountancy_code_sell' => '707',
's.accountancy_code_buy' => '607',
);
$this->import_updatekeys_array[$r] = array(
's.nom' => 'Name',

2
htdocs/core/tpl/ajaxrow.tpl.php
View File

@ -66,7 +66,7 @@ $(document).ready(function(){
var fk_element = "<?php echo $fk_element; ?>";
var element_id = "<?php echo $id; ?>";
var filepath = "<?php echo urlencode($filepath); ?>";
var token = "<?php echo $_SESSION["token"]; ?>"; // We use old 'token' and not 'newtoken' for Ajax call because the ajax page has the NOTOKENRENEWAL constant set.
var token = "<?php echo currentToken(); ?>"; // We use old 'token' and not 'newtoken' for Ajax call because the ajax page has the NOTOKENRENEWAL constant set.
$.post("<?php echo DOL_URL_ROOT; ?>/core/ajax/row.php",
{
roworder: roworder,

Some files were not shown because too many files have changed in this diff Show More