From 2c2f86736aff1e648dab317b93d7f21edcada89a Mon Sep 17 00:00:00 2001 From: TuxGasy Date: Sat, 5 Jan 2019 19:01:54 +0100 Subject: [PATCH 01/15] Fix #10301 mass bill orders and replicate extrafields --- htdocs/core/actions_massactions.inc.php | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/htdocs/core/actions_massactions.inc.php b/htdocs/core/actions_massactions.inc.php index 3bf42f0a538..1760fc067a3 100644 --- a/htdocs/core/actions_massactions.inc.php +++ b/htdocs/core/actions_massactions.inc.php @@ -533,6 +533,10 @@ if ($massaction == 'confirm_createbills') $objecttmp->origin = 'commande'; $objecttmp->origin_id = $id_order; + // Replicate extrafields + $cmd->fetch_optionals($id_order); + $objecttmp->array_options = $cmd->array_options; + $res = $objecttmp->create($user); if($res > 0) $nb_bills_created++; @@ -682,6 +686,7 @@ if ($massaction == 'confirm_createbills') if (! $error && $validate_invoices) { $massaction = $action = 'builddoc'; + $savobject = $object; foreach($TAllFact as &$objecttmp) { $result = $objecttmp->validate($user); @@ -698,10 +703,12 @@ if ($massaction == 'confirm_createbills') $donotredirect = 1; $upload_dir = $conf->facture->dir_output; $permissioncreate=$user->rights->facture->creer; + $object = $objecttmp; include DOL_DOCUMENT_ROOT.'/core/actions_builddoc.inc.php'; } $massaction = $action = 'confirm_createbills'; + $object = $savobject; } if (! $error) From 47448b77f05b673339b46cf4cdbd54f44ff0a409 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Tue, 8 Jan 2019 16:47:30 +0100 Subject: [PATCH 02/15] Update actions_massactions.inc.php --- htdocs/core/actions_massactions.inc.php | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/htdocs/core/actions_massactions.inc.php b/htdocs/core/actions_massactions.inc.php index 1760fc067a3..2ca8a8f86c9 100644 --- a/htdocs/core/actions_massactions.inc.php +++ b/htdocs/core/actions_massactions.inc.php @@ -686,7 +686,7 @@ if ($massaction == 'confirm_createbills') if (! $error && $validate_invoices) { $massaction = $action = 'builddoc'; - $savobject = $object; + foreach($TAllFact as &$objecttmp) { $result = $objecttmp->validate($user); @@ -703,12 +703,15 @@ if ($massaction == 'confirm_createbills') $donotredirect = 1; $upload_dir = $conf->facture->dir_output; $permissioncreate=$user->rights->facture->creer; - $object = $objecttmp; + + // Call action to build doc + $savobject = $object; + $object = $objecttmp; include DOL_DOCUMENT_ROOT.'/core/actions_builddoc.inc.php'; + $object = $savobject; } $massaction = $action = 'confirm_createbills'; - $object = $savobject; } if (! $error) From a1f5ede736442e7f0a643b3496a47daf100f0c76 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Tue, 8 Jan 2019 16:50:27 +0100 Subject: [PATCH 03/15] Update actions_massactions.inc.php --- htdocs/core/actions_massactions.inc.php | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/htdocs/core/actions_massactions.inc.php b/htdocs/core/actions_massactions.inc.php index 2ca8a8f86c9..0a71deed66f 100644 --- a/htdocs/core/actions_massactions.inc.php +++ b/htdocs/core/actions_massactions.inc.php @@ -516,7 +516,9 @@ if ($massaction == 'confirm_createbills') $objecttmp = new Facture($db); if (!empty($createbills_onebythird) && !empty($TFactThird[$cmd->socid])) $objecttmp = $TFactThird[$cmd->socid]; // If option "one bill per third" is set, we use already created order. else { - + // Load extrafields of order + $cmd->fetch_optionals(); + $objecttmp->socid = $cmd->socid; $objecttmp->type = Facture::TYPE_STANDARD; $objecttmp->cond_reglement_id = $cmd->cond_reglement_id; @@ -533,9 +535,7 @@ if ($massaction == 'confirm_createbills') $objecttmp->origin = 'commande'; $objecttmp->origin_id = $id_order; - // Replicate extrafields - $cmd->fetch_optionals($id_order); - $objecttmp->array_options = $cmd->array_options; + $objecttmp->array_options = $cmd->array_options; // Copy extrafields $res = $objecttmp->create($user); From 1aa2b7a164f88f59314d86cbc4f7beca7ec4070a Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Thu, 10 Jan 2019 03:26:34 +0100 Subject: [PATCH 04/15] FIX SQL injection on rowid of dict.php --- htdocs/admin/dict.php | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/htdocs/admin/dict.php b/htdocs/admin/dict.php index a60e0be68c8..e1e0c0d419e 100644 --- a/htdocs/admin/dict.php +++ b/htdocs/admin/dict.php @@ -794,7 +794,7 @@ if (GETPOST('actionadd') || GETPOST('actionmodify')) else $sql.="'".$db->escape($_POST[$listfieldvalue[$i]])."'"; $i++; } - $sql.= " WHERE ".$rowidcol." = '".$rowid."'"; + $sql.= " WHERE ".$rowidcol." = '".$db->escape($rowid)."'"; if (in_array('entity', $listfieldmodify)) $sql.= " AND entity = '".getEntity($tabname[$id])."'"; dol_syslog("actionmodify", LOG_DEBUG); @@ -818,7 +818,7 @@ if ($action == 'confirm_delete' && $confirm == 'yes') // delete if ($tabrowid[$id]) { $rowidcol=$tabrowid[$id]; } else { $rowidcol="rowid"; } - $sql = "DELETE FROM ".$tabname[$id]." WHERE ".$rowidcol."='".$rowid."'".($entity != '' ? " AND entity = " . (int) $entity : ''); + $sql = "DELETE FROM ".$tabname[$id]." WHERE ".$rowidcol."='".$db->escape($rowid)."'".($entity != '' ? " AND entity = " . (int) $entity : ''); dol_syslog("delete", LOG_DEBUG); $result = $db->query($sql); @@ -842,7 +842,7 @@ if ($action == $acts[0]) else { $rowidcol="rowid"; } if ($rowid) { - $sql = "UPDATE ".$tabname[$id]." SET active = 1 WHERE ".$rowidcol."='".$rowid."'".($entity != '' ? " AND entity = " . (int) $entity : ''); + $sql = "UPDATE ".$tabname[$id]." SET active = 1 WHERE ".$rowidcol."='".$db->escape($rowid)."'".($entity != '' ? " AND entity = " . (int) $entity : ''); } elseif ($code) { $sql = "UPDATE ".$tabname[$id]." SET active = 1 WHERE code='".dol_escape_htmltag($code)."'".($entity != '' ? " AND entity = " . (int) $entity : ''); @@ -862,7 +862,7 @@ if ($action == $acts[1]) else { $rowidcol="rowid"; } if ($rowid) { - $sql = "UPDATE ".$tabname[$id]." SET active = 0 WHERE ".$rowidcol."='".$rowid."'".($entity != '' ? " AND entity = " . (int) $entity : ''); + $sql = "UPDATE ".$tabname[$id]." SET active = 0 WHERE ".$rowidcol."='".$db->escape($rowid)."'".($entity != '' ? " AND entity = " . (int) $entity : ''); } elseif ($code) { $sql = "UPDATE ".$tabname[$id]." SET active = 0 WHERE code='".dol_escape_htmltag($code)."'".($entity != '' ? " AND entity = " . (int) $entity : ''); @@ -882,7 +882,7 @@ if ($action == 'activate_favorite') else { $rowidcol="rowid"; } if ($rowid) { - $sql = "UPDATE ".$tabname[$id]." SET favorite = 1 WHERE ".$rowidcol."='".$rowid."'".($entity != '' ? " AND entity = " . (int) $entity : ''); + $sql = "UPDATE ".$tabname[$id]." SET favorite = 1 WHERE ".$rowidcol."='".$db->escape($rowid)."'".($entity != '' ? " AND entity = " . (int) $entity : ''); } elseif ($code) { $sql = "UPDATE ".$tabname[$id]." SET favorite = 1 WHERE code='".dol_escape_htmltag($code)."'".($entity != '' ? " AND entity = " . (int) $entity : ''); @@ -902,7 +902,7 @@ if ($action == 'disable_favorite') else { $rowidcol="rowid"; } if ($rowid) { - $sql = "UPDATE ".$tabname[$id]." SET favorite = 0 WHERE ".$rowidcol."='".$rowid."'".($entity != '' ? " AND entity = " . (int) $entity : ''); + $sql = "UPDATE ".$tabname[$id]." SET favorite = 0 WHERE ".$rowidcol."='".$db->escape($rowid)."'".($entity != '' ? " AND entity = " . (int) $entity : ''); } elseif ($code) { $sql = "UPDATE ".$tabname[$id]." SET favorite = 0 WHERE code='".dol_escape_htmltag($code)."'".($entity != '' ? " AND entity = " . (int) $entity : ''); @@ -967,7 +967,7 @@ if (GETPOST('from')) $paramwithsearch.= '&from='.urlencode(GETPOST('from','alpha // Confirmation de la suppression de la ligne if ($action == 'delete') { - print $form->formconfirm($_SERVER["PHP_SELF"].'?'.($page?'page='.$page.'&':'').'rowid='.$rowid.'&code='.urlencode($code).$paramwithsearch, $langs->trans('DeleteLine'), $langs->trans('ConfirmDeleteLine'), 'confirm_delete','',0,1); + print $form->formconfirm($_SERVER["PHP_SELF"].'?'.($page?'page='.$page.'&':'').'rowid='.urlencode($rowid).'&code='.urlencode($code).$paramwithsearch, $langs->trans('DeleteLine'), $langs->trans('ConfirmDeleteLine'), 'confirm_delete','',0,1); } //var_dump($elementList); @@ -1367,8 +1367,8 @@ if ($id) print ''; print '
'; - print ''; - print ''; + print ''; + print ''; if (! is_null($withentity)) print ''; print ''; @@ -1622,14 +1622,14 @@ if ($id) if ($id == 4) { print ''; - if ($iserasable) print ''.$actl[$obj->favorite].''; + if ($iserasable) print ''.$actl[$obj->favorite].''; else print $langs->trans("AlwaysActive"); print ''; } // Active print ''; - if ($canbedisabled) print ''.$actl[$obj->active].''; + if ($canbedisabled) print ''.$actl[$obj->active].''; else { if (in_array($obj->code, array('AC_OTH','AC_OTH_AUTO'))) print $langs->trans("AlwaysActive"); From 6159703116612a73dfdd0c65e7551aacf7872bbe Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Tue, 15 Jan 2019 11:14:01 +0100 Subject: [PATCH 05/15] Fix warning and date --- htdocs/website/index.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/htdocs/website/index.php b/htdocs/website/index.php index f0e97b22a13..6824ae80360 100644 --- a/htdocs/website/index.php +++ b/htdocs/website/index.php @@ -2516,6 +2516,7 @@ if ($action == 'editmeta' || $action == 'createcontainer') $type_container = 'page'; $pagedatecreation=dol_now(); $pageauthorid=$user->id; + $pageusermodifid=0; } if (GETPOST('WEBSITE_TITLE','alpha')) $pagetitle=GETPOST('WEBSITE_TITLE','alpha'); if (GETPOST('WEBSITE_PAGENAME','alpha')) $pageurl=GETPOST('WEBSITE_PAGENAME','alpha'); @@ -2669,7 +2670,7 @@ if ($action == 'editmeta' || $action == 'createcontainer') print ''; print $langs->trans('DateModification'); print ''; - print dol_print_date($pagedatemodification, 'dayhour'); + print dol_print_date($pagedatemodification, 'dayhour', 'tzuser'); print ''; } From 7c9d85d091ba0d3754bc474e5e9cf47af07e3420 Mon Sep 17 00:00:00 2001 From: Regis Houssin Date: Tue, 15 Jan 2019 12:18:04 +0100 Subject: [PATCH 06/15] FIX problem with multicompany transverse mode Signed-off-by: Regis Houssin --- htdocs/core/lib/security.lib.php | 6 +++--- htdocs/user/card.php | 6 +++--- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/htdocs/core/lib/security.lib.php b/htdocs/core/lib/security.lib.php index d2b768d75d5..d12ee339909 100644 --- a/htdocs/core/lib/security.lib.php +++ b/htdocs/core/lib/security.lib.php @@ -484,9 +484,9 @@ function checkUserAccessToObject($user, $featuresarray, $objectid=0, $tableandsh { $sql.= ",".MAIN_DB_PREFIX."usergroup_user as ug"; $sql.= " WHERE dbt.".$dbt_select." IN (".$objectid.")"; - $sql.= " AND (ug.fk_user = dbt.rowid"; - $sql.= " AND ug.entity IN (".getEntity('user')."))"; - $sql.= " OR dbt.entity = 0"; // Show always superadmin + $sql.= " AND ((ug.fk_user = dbt.rowid"; + $sql.= " AND ug.entity IN (".getEntity('usergroup')."))"; + $sql.= " OR dbt.entity = 0)"; // Show always superadmin } } else { diff --git a/htdocs/user/card.php b/htdocs/user/card.php index f0b3fb819f2..bb3d7e7d8f6 100644 --- a/htdocs/user/card.php +++ b/htdocs/user/card.php @@ -84,9 +84,9 @@ $socid=0; if ($user->societe_id > 0) $socid = $user->societe_id; $feature2='user'; if ($user->id == $id) { $feature2=''; $canreaduser=1; } // A user can always read its own card -if (!$canreaduser) { - $result = restrictedArea($user, 'user', $id, 'user&user', $feature2); -} + +$result = restrictedArea($user, 'user', $id, 'user&user', $feature2); + if ($user->id <> $id && ! $canreaduser) accessforbidden(); // Load translation files required by page From 41a38b3a0aa3308bbc73765ba8b816f1b161bd15 Mon Sep 17 00:00:00 2001 From: Regis Houssin Date: Tue, 15 Jan 2019 15:44:45 +0100 Subject: [PATCH 07/15] FIX avoid php warning Signed-off-by: Regis Houssin --- htdocs/install/inc.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/install/inc.php b/htdocs/install/inc.php index 0a2a6866f26..0b924122ebb 100644 --- a/htdocs/install/inc.php +++ b/htdocs/install/inc.php @@ -196,7 +196,7 @@ if (constant('DOL_DATA_ROOT') === null) { } if (@file_exists($lockfile)) { - if (! is_object($langs)) + if (! isset($langs) || ! is_object($langs)) { $langs = new Translate('..', $conf); $langs->setDefaultLang('auto'); From adc442232398b95825e0559c894b2b0925514aba Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Tue, 15 Jan 2019 17:57:30 +0100 Subject: [PATCH 08/15] Update card.php --- htdocs/user/card.php | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/htdocs/user/card.php b/htdocs/user/card.php index bb3d7e7d8f6..6db383ed515 100644 --- a/htdocs/user/card.php +++ b/htdocs/user/card.php @@ -85,7 +85,9 @@ if ($user->societe_id > 0) $socid = $user->societe_id; $feature2='user'; if ($user->id == $id) { $feature2=''; $canreaduser=1; } // A user can always read its own card -$result = restrictedArea($user, 'user', $id, 'user&user', $feature2); +if (! $canreaduser) { + $result = restrictedArea($user, 'user', $id, 'user&user', $feature2); +} if ($user->id <> $id && ! $canreaduser) accessforbidden(); From 1f87b8bb188bfb90faf8c8ead0fb8545bf4fef8e Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Wed, 16 Jan 2019 01:54:08 +0100 Subject: [PATCH 09/15] FIX Position of price symbol (before) for nl_NL --- htdocs/admin/company.php | 3 ++- htdocs/core/lib/functions.lib.php | 8 ++++++-- 2 files changed, 8 insertions(+), 3 deletions(-) diff --git a/htdocs/admin/company.php b/htdocs/admin/company.php index 96a7b533095..bfbeb5cbb6a 100644 --- a/htdocs/admin/company.php +++ b/htdocs/admin/company.php @@ -773,10 +773,11 @@ else print ''.$langs->trans("CompanyCurrency").''; - print currency_name($conf->currency,1); + print currency_name($conf->currency,0); print ' ('.$conf->currency; print ($conf->currency != $langs->getCurrencySymbol($conf->currency) ? ' - '.$langs->getCurrencySymbol($conf->currency) : ''); print ')'; + print ' - '.$langs->trans("PriceFormatInCurrentLanguage", $langs->defaultlang).' : '.price(price2num('99.333333333','MT'), 1, $langs, 1, -1, -1, $conf->currency); print ''; diff --git a/htdocs/core/lib/functions.lib.php b/htdocs/core/lib/functions.lib.php index 5ce4f370976..984279dd6a0 100644 --- a/htdocs/core/lib/functions.lib.php +++ b/htdocs/core/lib/functions.lib.php @@ -4350,7 +4350,7 @@ function vatrate($rate, $addpercent=false, $info_bits=0, $usestarfornpr=0) * @param string $currency_code To add currency symbol (''=add nothing, 'auto'=Use default currency, 'XXX'=add currency symbols for XXX currency) * @return string Chaine avec montant formate * - * @see price2num Revert function of price + * @see price2num() Revert function of price */ function price($amount, $form=0, $outlangs='', $trunc=1, $rounding=-1, $forcerounding=-1, $currency_code='') { @@ -4413,7 +4413,11 @@ function price($amount, $form=0, $outlangs='', $trunc=1, $rounding=-1, $forcerou if ($currency_code == 'auto') $currency_code=$conf->currency; $listofcurrenciesbefore=array('USD','GBP','AUD','MXN','PEN','CNY'); - if (in_array($currency_code,$listofcurrenciesbefore)) $cursymbolbefore.=$outlangs->getCurrencySymbol($currency_code); + $listoflanguagesbefore=array('nl_NL'); + if (in_array($currency_code, $listofcurrenciesbefore) || in_array($outlangs->defaultlang, $listoflanguagesbefore)) + { + $cursymbolbefore.=$outlangs->getCurrencySymbol($currency_code); + } else { $tmpcur=$outlangs->getCurrencySymbol($currency_code); From 0d384eea008994aea4b7def68ad5f9493fa2a63d Mon Sep 17 00:00:00 2001 From: atm-quentin Date: Wed, 16 Jan 2019 09:30:48 +0100 Subject: [PATCH 10/15] FIX credit note can have negative value --- htdocs/compta/facture/card.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/htdocs/compta/facture/card.php b/htdocs/compta/facture/card.php index 9ad79393499..8541581fb49 100644 --- a/htdocs/compta/facture/card.php +++ b/htdocs/compta/facture/card.php @@ -1695,7 +1695,7 @@ if (empty($reshook)) setEventMessages($langs->trans('ErrorFieldRequired', $langs->transnoentitiesnoconv('Type')), null, 'errors'); $error++; } - if ($prod_entry_mode == 'free' && empty($idprod) && (($price_ht < 0 && empty($conf->global->FACTURE_ENABLE_NEGATIVE_LINES)) || $price_ht == '') && $price_ht_devise == '') // Unit price can be 0 but not '' + if (($prod_entry_mode == 'free' && empty($idprod) && (($price_ht < 0 && empty($conf->global->FACTURE_ENABLE_NEGATIVE_LINES)) || $price_ht == '') && $price_ht_devise == '') && $object->type != Facture::TYPE_CREDIT_NOTE) // Unit price can be 0 but not '' { if ($price_ht < 0 && empty($conf->global->FACTURE_ENABLE_NEGATIVE_LINES)) { @@ -2155,7 +2155,7 @@ if (empty($reshook)) setEventMessages($langs->trans('ErrorQtyForCustomerInvoiceCantBeNegative'), null, 'errors'); $error++; } - if (empty($productid) && (($pu_ht < 0 && empty($conf->global->FACTURE_ENABLE_NEGATIVE_LINES)) || $pu_ht == '') && $pu_ht_devise == '') // Unit price can be 0 but not '' + if ((empty($productid) && (($pu_ht < 0 && empty($conf->global->FACTURE_ENABLE_NEGATIVE_LINES)) || $pu_ht == '') && $pu_ht_devise == '') && $object->type != Facture::TYPE_CREDIT_NOTE) // Unit price can be 0 but not '' { if ($pu_ht < 0 && empty($conf->global->FACTURE_ENABLE_NEGATIVE_LINES)) { From 6b808acfbb803b219523a057b74c49763df3d64c Mon Sep 17 00:00:00 2001 From: Abbes Bahfir Date: Wed, 9 Jan 2019 18:12:06 +0100 Subject: [PATCH 11/15] linl back to list if cancelled on create --- htdocs/modulebuilder/template/myobject_card.php | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/htdocs/modulebuilder/template/myobject_card.php b/htdocs/modulebuilder/template/myobject_card.php index 84a23ab979d..bd47da705ce 100644 --- a/htdocs/modulebuilder/template/myobject_card.php +++ b/htdocs/modulebuilder/template/myobject_card.php @@ -118,8 +118,11 @@ if (empty($reshook)) $error=0; $permissiontoadd = $user->rights->mymodule->write; - $permissiontodelete = $user->rights->mymodule->delete || ($permissiontoadd && $object->status == 0); - if (empty($backtopage)) $backtopage = dol_buildpath('/mymodule/myobject_card.php',1).'?id='.($id > 0 ? $id : '__ID__'); + $permissiontodelete = $user->rights->mymodule->delete; + if (empty($backtopage)) { + if (empty($id)) $backtopage = dol_buildpath('/mymodule/myobject_list.php',1); + else $backtopage = dol_buildpath('/mymodule/myobject_card.php',1).($id > 0 ? $id : '__ID__'); + } $backurlforlist = dol_buildpath('/mymodule/myobject_list.php',1); $triggermodname = 'MYMODULE_MYOBJECT_MODIFY'; // Name of trigger action code to execute when we modify record From 66f17ac4224277025b626b2696165f838ef7c75b Mon Sep 17 00:00:00 2001 From: Bahfir Abbes Date: Wed, 9 Jan 2019 18:47:43 +0100 Subject: [PATCH 12/15] simplification --- htdocs/modulebuilder/template/myobject_card.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/htdocs/modulebuilder/template/myobject_card.php b/htdocs/modulebuilder/template/myobject_card.php index bd47da705ce..60c03ee2326 100644 --- a/htdocs/modulebuilder/template/myobject_card.php +++ b/htdocs/modulebuilder/template/myobject_card.php @@ -119,11 +119,11 @@ if (empty($reshook)) $permissiontoadd = $user->rights->mymodule->write; $permissiontodelete = $user->rights->mymodule->delete; + $backurlforlist = dol_buildpath('/mymodule/myobject_list.php',1); if (empty($backtopage)) { - if (empty($id)) $backtopage = dol_buildpath('/mymodule/myobject_list.php',1); + if (empty($id)) $backtopage = $backurlforlist; else $backtopage = dol_buildpath('/mymodule/myobject_card.php',1).($id > 0 ? $id : '__ID__'); - } - $backurlforlist = dol_buildpath('/mymodule/myobject_list.php',1); + } $triggermodname = 'MYMODULE_MYOBJECT_MODIFY'; // Name of trigger action code to execute when we modify record // Actions cancel, add, update, delete or clone From f4dd8a4e506f1188c14dd15180cf6eddda2443e2 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Wed, 16 Jan 2019 12:46:14 +0100 Subject: [PATCH 13/15] Update myobject_card.php --- htdocs/modulebuilder/template/myobject_card.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/modulebuilder/template/myobject_card.php b/htdocs/modulebuilder/template/myobject_card.php index 60c03ee2326..dc9ac647fe8 100644 --- a/htdocs/modulebuilder/template/myobject_card.php +++ b/htdocs/modulebuilder/template/myobject_card.php @@ -118,7 +118,7 @@ if (empty($reshook)) $error=0; $permissiontoadd = $user->rights->mymodule->write; - $permissiontodelete = $user->rights->mymodule->delete; + $permissiontodelete = $user->rights->mymodule->delete || ($permissiontoadd && $object->status == 0); $backurlforlist = dol_buildpath('/mymodule/myobject_list.php',1); if (empty($backtopage)) { if (empty($id)) $backtopage = $backurlforlist; From 638be67f96dd004b8edf02200b8c9a520d3ed842 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Wed, 16 Jan 2019 13:56:13 +0100 Subject: [PATCH 14/15] Fix tooltip --- htdocs/core/lib/functions.lib.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/htdocs/core/lib/functions.lib.php b/htdocs/core/lib/functions.lib.php index 984279dd6a0..5d1a977d049 100644 --- a/htdocs/core/lib/functions.lib.php +++ b/htdocs/core/lib/functions.lib.php @@ -5867,7 +5867,7 @@ function getCommonSubstitutionArray($outputlangs, $onlykey=0, $exclude=null, $ob $substitutionarray['__THIRDPARTY_NAME_ALIAS__'] = '__THIRDPARTY_NAME_ALIAS__'; $substitutionarray['__THIRDPARTY_EMAIL__'] = '__THIRDPARTY_EMAIL__'; - if (is_object($object) && $object->element == 'member') + if (! empty($conf->adherent->enabled)) { $substitutionarray['__MEMBER_ID__'] = '__MEMBER_ID__'; $substitutionarray['__MEMBER_CIVILITY__'] = '__MEMBER_CIVILITY__'; @@ -5895,9 +5895,9 @@ function getCommonSubstitutionArray($outputlangs, $onlykey=0, $exclude=null, $ob $substitutionarray['__DIRECTDOWNLOAD_URL_ORDER__'] = 'Direct download url of an order'; $substitutionarray['__DIRECTDOWNLOAD_URL_INVOICE__'] = 'Direct download url of an invoice'; - if (is_object($object) && $object->element == 'shipping') + if (! empty($conf->expedition->enabled)) { - $substitutionarray['__SHIPPINGTRACKNUM__']='Shipping tacking number'; + $substitutionarray['__SHIPPINGTRACKNUM__']='Shipping tacking number'; $substitutionarray['__SHIPPINGTRACKNUMURL__']='Shipping tracking url'; } } From 6becdc8af4684dfb2c1400afe19e7a4e254cdda3 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Wed, 16 Jan 2019 16:34:36 +0100 Subject: [PATCH 15/15] Fix missing substitution of ID --- htdocs/adherents/class/adherent.class.php | 4 +++- htdocs/adherents/subscription.php | 2 +- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/htdocs/adherents/class/adherent.class.php b/htdocs/adherents/class/adherent.class.php index 11fb1a1a111..b4cedc98118 100644 --- a/htdocs/adherents/class/adherent.class.php +++ b/htdocs/adherents/class/adherent.class.php @@ -213,7 +213,9 @@ class Adherent extends CommonObject // Substitutions $substitutionarray=array( - '__CIVILITY__'=>$this->getCivilityLabel(), + '__ID__'=>$this->id, + '__MEMBER_ID__'=>$this->id, + '__CIVILITY__'=>$this->getCivilityLabel(), '__FIRSTNAME__'=>$msgishtml?dol_htmlentitiesbr($this->firstname):$this->firstname, '__LASTNAME__'=>$msgishtml?dol_htmlentitiesbr($this->lastname):$this->lastname, '__FULLNAME__'=>$msgishtml?dol_htmlentitiesbr($this->getFullName($langs)):$this->getFullName($langs), diff --git a/htdocs/adherents/subscription.php b/htdocs/adherents/subscription.php index 60969908a44..69e22adf882 100644 --- a/htdocs/adherents/subscription.php +++ b/htdocs/adherents/subscription.php @@ -558,7 +558,7 @@ if ($user->rights->adherent->cotisation->creer && $action == 'subscription' && ! if (! $error) { // Send confirmation Email - if ($object->email && $_POST["sendmail"]) + if ($object->email && $_POST["sendmail"]) // $object is 'Adherent' { $subjecttosend=$object->makeSubstitution($conf->global->ADHERENT_MAIL_COTIS_SUBJECT); $texttosend=$object->makeSubstitution($adht->getMailOnSubscription());