lainwir3d/dolibarr
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge remote-tracking branch 'upstream/develop' into new_branch_16_01_2019

Browse Source
This commit is contained in:
Philippe GRAND 2019-01-16 16:58:36 +01:00
commit 97f22c58bb
11 changed files with 47 additions and 27 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
htdocs/adherents/class/adherent.class.php
View File

@ -325,6 +325,8 @@ class Adherent extends CommonObject
// Substitutions
$substitutionarray=array(
'__ID__'=>$this->id,
'__MEMBER_ID__'=>$this->id,
'__CIVILITY__'=>$this->getCivilityLabel(),
'__FIRSTNAME__'=>$msgishtml?dol_htmlentitiesbr($this->firstname):($this->firstname?$this->firstname:''),
'__LASTNAME__'=>$msgishtml?dol_htmlentitiesbr($this->lastname):($this->lastname?$this->lastname:''),

2
htdocs/adherents/subscription.php
View File

@ -348,7 +348,7 @@ if ($user->rights->adherent->cotisation->creer && $action == 'subscription' && !
if (! $error)
{
// Send confirmation Email
if ($object->email && $sendalsoemail)
if ($object->email && $sendalsoemail) // $object is 'Adherent'
{
$subject = '';
$msg= '';

3
htdocs/admin/company.php
View File

@ -773,10 +773,11 @@ else
print '<tr class="oddeven"><td>'.$langs->trans("CompanyCurrency").'</td><td>';
print currency_name($conf->currency,1);
print currency_name($conf->currency,0);
print ' ('.$conf->currency;
print ($conf->currency != $langs->getCurrencySymbol($conf->currency) ? ' - '.$langs->getCurrencySymbol($conf->currency) : '');
print ')';
print ' - '.$langs->trans("PriceFormatInCurrentLanguage", $langs->defaultlang).' : '.price(price2num('99.333333333','MT'), 1, $langs, 1, -1, -1, $conf->currency);
print '</td></tr>';

22
htdocs/admin/dict.php
View File

@ -793,7 +793,7 @@ if (GETPOST('actionadd') || GETPOST('actionmodify'))
else $sql.="'".$db->escape($_POST[$listfieldvalue[$i]])."'";
$i++;
}
$sql.= " WHERE ".$rowidcol." = '".$rowid."'";
$sql.= " WHERE ".$rowidcol." = '".$db->escape($rowid)."'";
if (in_array('entity', $listfieldmodify)) $sql.= " AND entity = '".getEntity($tabname[$id])."'";
dol_syslog("actionmodify", LOG_DEBUG);
@ -817,7 +817,7 @@ if ($action == 'confirm_delete' && $confirm == 'yes') // delete
if ($tabrowid[$id]) { $rowidcol=$tabrowid[$id]; }
else { $rowidcol="rowid"; }
$sql = "DELETE FROM ".$tabname[$id]." WHERE ".$rowidcol."='".$rowid."'".($entity != '' ? " AND entity = " . (int) $entity : '');
$sql = "DELETE FROM ".$tabname[$id]." WHERE ".$rowidcol."='".$db->escape($rowid)."'".($entity != '' ? " AND entity = " . (int) $entity : '');
dol_syslog("delete", LOG_DEBUG);
$result = $db->query($sql);
@ -841,7 +841,7 @@ if ($action == $acts[0])
else { $rowidcol="rowid"; }
if ($rowid) {
$sql = "UPDATE ".$tabname[$id]." SET active = 1 WHERE ".$rowidcol."='".$rowid."'".($entity != '' ? " AND entity = " . (int) $entity : '');
$sql = "UPDATE ".$tabname[$id]." SET active = 1 WHERE ".$rowidcol."='".$db->escape($rowid)."'".($entity != '' ? " AND entity = " . (int) $entity : '');
}
elseif ($code) {
$sql = "UPDATE ".$tabname[$id]." SET active = 1 WHERE code='".dol_escape_htmltag($code)."'".($entity != '' ? " AND entity = " . (int) $entity : '');
@ -861,7 +861,7 @@ if ($action == $acts[1])
else { $rowidcol="rowid"; }
if ($rowid) {
$sql = "UPDATE ".$tabname[$id]." SET active = 0 WHERE ".$rowidcol."='".$rowid."'".($entity != '' ? " AND entity = " . (int) $entity : '');
$sql = "UPDATE ".$tabname[$id]." SET active = 0 WHERE ".$rowidcol."='".$db->escape($rowid)."'".($entity != '' ? " AND entity = " . (int) $entity : '');
}
elseif ($code) {
$sql = "UPDATE ".$tabname[$id]." SET active = 0 WHERE code='".dol_escape_htmltag($code)."'".($entity != '' ? " AND entity = " . (int) $entity : '');
@ -881,7 +881,7 @@ if ($action == 'activate_favorite')
else { $rowidcol="rowid"; }
if ($rowid) {
$sql = "UPDATE ".$tabname[$id]." SET favorite = 1 WHERE ".$rowidcol."='".$rowid."'".($entity != '' ? " AND entity = " . (int) $entity : '');
$sql = "UPDATE ".$tabname[$id]." SET favorite = 1 WHERE ".$rowidcol."='".$db->escape($rowid)."'".($entity != '' ? " AND entity = " . (int) $entity : '');
}
elseif ($code) {
$sql = "UPDATE ".$tabname[$id]." SET favorite = 1 WHERE code='".dol_escape_htmltag($code)."'".($entity != '' ? " AND entity = " . (int) $entity : '');
@ -901,7 +901,7 @@ if ($action == 'disable_favorite')
else { $rowidcol="rowid"; }
if ($rowid) {
$sql = "UPDATE ".$tabname[$id]." SET favorite = 0 WHERE ".$rowidcol."='".$rowid."'".($entity != '' ? " AND entity = " . (int) $entity : '');
$sql = "UPDATE ".$tabname[$id]." SET favorite = 0 WHERE ".$rowidcol."='".$db->escape($rowid)."'".($entity != '' ? " AND entity = " . (int) $entity : '');
}
elseif ($code) {
$sql = "UPDATE ".$tabname[$id]." SET favorite = 0 WHERE code='".dol_escape_htmltag($code)."'".($entity != '' ? " AND entity = " . (int) $entity : '');
@ -966,7 +966,7 @@ if (GETPOST('from')) $paramwithsearch.= '&from='.urlencode(GETPOST('from','alpha
// Confirmation de la suppression de la ligne
if ($action == 'delete')
{
print $form->formconfirm($_SERVER["PHP_SELF"].'?'.($page?'page='.$page.'&':'').'rowid='.$rowid.'&code='.urlencode($code).$paramwithsearch, $langs->trans('DeleteLine'), $langs->trans('ConfirmDeleteLine'), 'confirm_delete','',0,1);
print $form->formconfirm($_SERVER["PHP_SELF"].'?'.($page?'page='.$page.'&':'').'rowid='.urlencode($rowid).'&code='.urlencode($code).$paramwithsearch, $langs->trans('DeleteLine'), $langs->trans('ConfirmDeleteLine'), 'confirm_delete','',0,1);
}
//var_dump($elementList);
@ -1373,8 +1373,8 @@ if ($id)
print '<td colspan="3" align="center">';
print '<div name="'.(! empty($obj->rowid)?$obj->rowid:$obj->code).'"></div>';
print '<input type="hidden" name="page" value="'.$page.'">';
print '<input type="hidden" name="rowid" value="'.$rowid.'">';
print '<input type="hidden" name="page" value="'.dol_escape_htmltag($page).'">';
print '<input type="hidden" name="rowid" value="'.dol_escape_htmltag($rowid).'">';
if (! is_null($withentity))
print '<input type="hidden" name="entity" value="'.$withentity.'">';
print '<input type="submit" class="button" name="actionmodify" value="'.$langs->trans("Modify").'">';
@ -1628,14 +1628,14 @@ if ($id)
if ($id == 4)
{
print '<td align="center" class="nowrap">';
if ($iserasable) print '<a href="'.$url.'action='.$acts[$obj->favorite].'_favorite">'.$actl[$obj->favorite].'</a>';
if ($iserasable) print '<a class="reposition" href="'.$url.'action='.$acts[$obj->favorite].'_favorite">'.$actl[$obj->favorite].'</a>';
else print $langs->trans("AlwaysActive");
print '</td>';
}
// Active
print '<td align="center" class="nowrap">';
if ($canbedisabled) print '<a href="'.$url.'action='.$acts[$obj->active].'">'.$actl[$obj->active].'</a>';
if ($canbedisabled) print '<a class="reposition" href="'.$url.'action='.$acts[$obj->active].'">'.$actl[$obj->active].'</a>';
else
{
if (in_array($obj->code, array('AC_OTH','AC_OTH_AUTO'))) print $langs->trans("AlwaysActive");

4
htdocs/compta/facture/card.php
View File

@ -1698,7 +1698,7 @@ if (empty($reshook))
setEventMessages($langs->trans('ErrorFieldRequired', $langs->transnoentitiesnoconv('Type')), null, 'errors');
$error++;
}
if ($prod_entry_mode == 'free' && empty($idprod) && (($price_ht < 0 && empty($conf->global->FACTURE_ENABLE_NEGATIVE_LINES)) || $price_ht == '') && $price_ht_devise == '') // Unit price can be 0 but not ''
if (($prod_entry_mode == 'free' && empty($idprod) && (($price_ht < 0 && empty($conf->global->FACTURE_ENABLE_NEGATIVE_LINES)) || $price_ht == '') && $price_ht_devise == '') && $object->type != Facture::TYPE_CREDIT_NOTE) // Unit price can be 0 but not ''
{
if ($price_ht < 0 && empty($conf->global->FACTURE_ENABLE_NEGATIVE_LINES))
{
@ -2160,7 +2160,7 @@ if (empty($reshook))
setEventMessages($langs->trans('ErrorQtyForCustomerInvoiceCantBeNegative'), null, 'errors');
$error++;
}
if (empty($productid) && (($pu_ht < 0 && empty($conf->global->FACTURE_ENABLE_NEGATIVE_LINES)) || $pu_ht == '') && $pu_ht_devise == '') // Unit price can be 0 but not ''
if ((empty($productid) && (($pu_ht < 0 && empty($conf->global->FACTURE_ENABLE_NEGATIVE_LINES)) || $pu_ht == '') && $pu_ht_devise == '') && $object->type != Facture::TYPE_CREDIT_NOTE) // Unit price can be 0 but not ''
{
if ($pu_ht < 0 && empty($conf->global->FACTURE_ENABLE_NEGATIVE_LINES))
{

12
htdocs/core/actions_massactions.inc.php
View File

@ -542,7 +542,9 @@ if ($massaction == 'confirm_createbills')
$objecttmp = new Facture($db);
if (!empty($createbills_onebythird) && !empty($TFactThird[$cmd->socid])) $objecttmp = $TFactThird[$cmd->socid]; // If option "one bill per third" is set, we use already created order.
else {
// Load extrafields of order
$cmd->fetch_optionals();
$objecttmp->socid = $cmd->socid;
$objecttmp->type = Facture::TYPE_STANDARD;
$objecttmp->cond_reglement_id = $cmd->cond_reglement_id;
@ -559,6 +561,8 @@ if ($massaction == 'confirm_createbills')
$objecttmp->origin = 'commande';
$objecttmp->origin_id = $id_order;
$objecttmp->array_options = $cmd->array_options; // Copy extrafields
$res = $objecttmp->create($user);
if($res > 0) $nb_bills_created++;
@ -708,6 +712,7 @@ if ($massaction == 'confirm_createbills')
if (! $error && $validate_invoices)
{
$massaction = $action = 'builddoc';
foreach($TAllFact as &$objecttmp)
{
$result = $objecttmp->validate($user);
@ -725,7 +730,12 @@ if ($massaction == 'confirm_createbills')
$donotredirect = 1;
$upload_dir = $conf->facture->dir_output;
$permissioncreate=$user->rights->facture->creer;
// Call action to build doc
$savobject = $object;
$object = $objecttmp;
include DOL_DOCUMENT_ROOT.'/core/actions_builddoc.inc.php';
$object = $savobject;
}
$massaction = $action = 'confirm_createbills';

14
htdocs/core/lib/functions.lib.php
View File

@ -4312,7 +4312,7 @@ function vatrate($rate, $addpercent=false, $info_bits=0, $usestarfornpr=0)
* @param string $currency_code To add currency symbol (''=add nothing, 'auto'=Use default currency, 'XXX'=add currency symbols for XXX currency)
* @return string Chaine avec montant formate
*
* @see price2num Revert function of price
* @see price2num() Revert function of price
*/
function price($amount, $form=0, $outlangs='', $trunc=1, $rounding=-1, $forcerounding=-1, $currency_code='')
{
@ -4375,7 +4375,11 @@ function price($amount, $form=0, $outlangs='', $trunc=1, $rounding=-1, $forcerou
if ($currency_code == 'auto') $currency_code=$conf->currency;
$listofcurrenciesbefore=array('USD','GBP','AUD','MXN','PEN','CNY');
if (in_array($currency_code,$listofcurrenciesbefore)) $cursymbolbefore.=$outlangs->getCurrencySymbol($currency_code);
$listoflanguagesbefore=array('nl_NL');
if (in_array($currency_code, $listofcurrenciesbefore) || in_array($outlangs->defaultlang, $listoflanguagesbefore))
{
$cursymbolbefore.=$outlangs->getCurrencySymbol($currency_code);
}
else
{
$tmpcur=$outlangs->getCurrencySymbol($currency_code);
@ -5834,7 +5838,7 @@ function getCommonSubstitutionArray($outputlangs, $onlykey=0, $exclude=null, $ob
$substitutionarray['__THIRDPARTY_NAME_ALIAS__'] = '__THIRDPARTY_NAME_ALIAS__';
$substitutionarray['__THIRDPARTY_EMAIL__'] = '__THIRDPARTY_EMAIL__';
if (is_object($object) && $object->element == 'member')
if (! empty($conf->adherent->enabled))
{
$substitutionarray['__MEMBER_ID__'] = '__MEMBER_ID__';
$substitutionarray['__MEMBER_CIVILITY__'] = '__MEMBER_CIVILITY__';
@ -5862,9 +5866,9 @@ function getCommonSubstitutionArray($outputlangs, $onlykey=0, $exclude=null, $ob
$substitutionarray['__DIRECTDOWNLOAD_URL_ORDER__'] = 'Direct download url of an order';
$substitutionarray['__DIRECTDOWNLOAD_URL_INVOICE__'] = 'Direct download url of an invoice';
if (is_object($object) && $object->element == 'shipping')
if (! empty($conf->expedition->enabled))
{
$substitutionarray['__SHIPPINGTRACKNUM__']='Shipping tacking number';
$substitutionarray['__SHIPPINGTRACKNUM__']='Shipping tacking number';
$substitutionarray['__SHIPPINGTRACKNUMURL__']='Shipping tracking url';
}
}

6
htdocs/core/lib/security.lib.php
View File

@ -483,9 +483,9 @@ function checkUserAccessToObject($user, $featuresarray, $objectid=0, $tableandsh
{
$sql.= ",".MAIN_DB_PREFIX."usergroup_user as ug";
$sql.= " WHERE dbt.".$dbt_select." IN (".$objectid.")";
$sql.= " AND (ug.fk_user = dbt.rowid";
$sql.= " AND ug.entity IN (".getEntity('user')."))";
$sql.= " OR dbt.entity = 0"; // Show always superadmin
$sql.= " AND ((ug.fk_user = dbt.rowid";
$sql.= " AND ug.entity IN (".getEntity('usergroup')."))";
$sql.= " OR dbt.entity = 0)"; // Show always superadmin
}
}
else {

2
htdocs/install/inc.php
View File

@ -196,7 +196,7 @@ if (constant('DOL_DATA_ROOT') === null) {
}
if (@file_exists($lockfile))
{
if (! is_object($langs))
if (! isset($langs) || ! is_object($langs))
{
$langs = new Translate('..', $conf);
$langs->setDefaultLang('auto');

4
htdocs/user/card.php
View File

@ -86,9 +86,11 @@ $socid=0;
if ($user->societe_id > 0) $socid = $user->societe_id;
$feature2='user';
if ($user->id == $id) { $feature2=''; $canreaduser=1; } // A user can always read its own card
if (!$canreaduser) {
if (! $canreaduser) {
$result = restrictedArea($user, 'user', $id, 'user&user', $feature2);
}
if ($user->id <> $id && ! $canreaduser) accessforbidden();
// Load translation files required by page

3
htdocs/website/index.php
View File

@ -2517,6 +2517,7 @@ if ($action == 'editmeta' || $action == 'createcontainer')
$type_container = 'page';
$pagedatecreation=dol_now();
$pageauthorid=$user->id;
$pageusermodifid=0;
}
if (GETPOST('WEBSITE_TITLE','alpha')) $pagetitle=GETPOST('WEBSITE_TITLE','alpha');
if (GETPOST('WEBSITE_PAGENAME','alpha')) $pageurl=GETPOST('WEBSITE_PAGENAME','alpha');
@ -2670,7 +2671,7 @@ if ($action == 'editmeta' || $action == 'createcontainer')
print '<tr><td>';
print $langs->trans('DateModification');
print '</td><td>';
print dol_print_date($pagedatemodification, 'dayhour');
print dol_print_date($pagedatemodification, 'dayhour', 'tzuser');
print '</td></tr>';
}