From 8bcd2e581f7cc9f72c170afeb0a3d59198ca3eac Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Wed, 29 Jun 2016 11:20:48 +0200 Subject: [PATCH 1/6] Fix of bugs reported by scrutinizer --- htdocs/accountancy/journal/purchasesjournal.php | 7 +++---- htdocs/accountancy/journal/sellsjournal.php | 2 +- htdocs/adherents/class/adherent.class.php | 3 ++- htdocs/adherents/class/cotisation.class.php | 2 +- htdocs/categories/categorie.php | 3 ++- htdocs/compta/facture/class/facture-rec.class.php | 4 ++-- 6 files changed, 11 insertions(+), 10 deletions(-) diff --git a/htdocs/accountancy/journal/purchasesjournal.php b/htdocs/accountancy/journal/purchasesjournal.php index 5ca1197b3e2..2fbf056b0b9 100644 --- a/htdocs/accountancy/journal/purchasesjournal.php +++ b/htdocs/accountancy/journal/purchasesjournal.php @@ -166,14 +166,13 @@ if ($action == 'writebookkeeping') { $now = dol_now(); $error = 0; - foreach ( $tabfac as $key => $val ) { - + foreach ($tabfac as $key => $val) + { $companystatic = new Societe($db); $invoicestatic = new FactureFournisseur($db); $invoicestatic->id = $key; - $invoicestatic->ref = $val["ref"]; - $invoicestatic->ref = $val["refsologest"]; + $invoicestatic->ref = (string) $val["refsologest"]; $invoicestatic->refsupplier = $val["refsuppliersologest"]; $invoicestatic->type = $val["type"]; $invoicestatic->description = html_entity_decode(dol_trunc($val["description"], 32)); diff --git a/htdocs/accountancy/journal/sellsjournal.php b/htdocs/accountancy/journal/sellsjournal.php index 5da210ca09a..c462f036a9f 100644 --- a/htdocs/accountancy/journal/sellsjournal.php +++ b/htdocs/accountancy/journal/sellsjournal.php @@ -207,7 +207,7 @@ if ($action == 'writebookkeeping') { $companystatic->client = $tabcompany[$key]['code_client']; $invoicestatic->id = $key; - $invoicestatic->ref = $val["ref"]; + $invoicestatic->ref = (string) $val["ref"]; foreach ( $tabttc[$key] as $k => $mt ) { $bookkeeping = new BookKeeping($db); diff --git a/htdocs/adherents/class/adherent.class.php b/htdocs/adherents/class/adherent.class.php index 33e4d0bec0d..e12c49732dd 100644 --- a/htdocs/adherents/class/adherent.class.php +++ b/htdocs/adherents/class/adherent.class.php @@ -316,7 +316,7 @@ class Adherent extends CommonObject if ($id > 0) { $this->id=$id; - $this->ref=$id; + $this->ref=(string) $id; // Update minor fields $result=$this->update($user,1,1,0,0,'add'); // nosync is 1 to avoid update data of user @@ -1578,6 +1578,7 @@ class Adherent extends CommonObject $label.= '
' . $langs->trans('Name') . ': ' . $this->getFullName($langs); $linkclose = '" title="'.dol_escape_htmltag($label, 1).'" class="classfortooltip">'; + $link=''; $linkend=''; if ($option == 'card') { $link = 'trans("SuppliersCategoriesShort"); if ($typeid == Categorie::TYPE_CUSTOMER) $title = $langs->trans("CustomersProspectsCategoriesShort"); diff --git a/htdocs/compta/facture/class/facture-rec.class.php b/htdocs/compta/facture/class/facture-rec.class.php index 357835fbb77..1d75be61f6c 100644 --- a/htdocs/compta/facture/class/facture-rec.class.php +++ b/htdocs/compta/facture/class/facture-rec.class.php @@ -509,7 +509,7 @@ class FactureRec extends CommonInvoice $facid=$this->id; - dol_syslog(get_class($this)."::addline facid=$facid,desc=$desc,pu_ht=$pu_ht,qty=$qty,txtva=$txtva,fk_product=$fk_product,remise_percent=$remise_percent,date_start=$date_start,date_end=$date_end,ventil=$ventil,info_bits=$info_bits,fk_remise_except=$fk_remise_except,price_base_type=$price_base_type,pu_ttc=$pu_ttc,type=$type,fk_unit=$fk_unit", LOG_DEBUG); + dol_syslog(get_class($this)."::addline facid=$facid,desc=$desc,pu_ht=$pu_ht,qty=$qty,txtva=$txtva,fk_product=$fk_product,remise_percent=$remise_percent,info_bits=$info_bits,fk_remise_except=$fk_remise_except,price_base_type=$price_base_type,pu_ttc=$pu_ttc,type=$type,fk_unit=$fk_unit", LOG_DEBUG); include_once DOL_DOCUMENT_ROOT.'/core/lib/price.lib.php'; // Check parameters @@ -631,7 +631,7 @@ class FactureRec extends CommonInvoice $facid=$this->id; - dol_syslog(get_class($this)."::updateline facid=".$facid." rowid=$rowid,desc=$desc,pu_ht=$pu_ht,qty=$qty,txtva=$txtva,fk_product=$fk_product,remise_percent=$remise_percent,date_start=$date_start,date_end=$date_end,ventil=$ventil,info_bits=$info_bits,fk_remise_except=$fk_remise_except,price_base_type=$price_base_type,pu_ttc=$pu_ttc,type=$type,fk_unit=$fk_unit", LOG_DEBUG); + dol_syslog(get_class($this)."::updateline facid=".$facid." rowid=$rowid,desc=$desc,pu_ht=$pu_ht,qty=$qty,txtva=$txtva,fk_product=$fk_product,remise_percent=$remise_percent,info_bits=$info_bits,fk_remise_except=$fk_remise_except,price_base_type=$price_base_type,pu_ttc=$pu_ttc,type=$type,fk_unit=$fk_unit", LOG_DEBUG); include_once DOL_DOCUMENT_ROOT.'/core/lib/price.lib.php'; // Check parameters From 1e9cee1b07bc97a52a1b21edf77b990b314baf32 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Wed, 29 Jun 2016 11:48:28 +0200 Subject: [PATCH 2/6] Fix bug reported by scrutinizer --- htdocs/comm/action/class/ical.class.php | 2 +- scripts/product/migrate_picture_path.php | 7 +++---- 2 files changed, 4 insertions(+), 5 deletions(-) diff --git a/htdocs/comm/action/class/ical.class.php b/htdocs/comm/action/class/ical.class.php index 54f97fa2117..8254a5de1ba 100644 --- a/htdocs/comm/action/class/ical.class.php +++ b/htdocs/comm/action/class/ical.class.php @@ -208,7 +208,7 @@ class ICal //print 'type='.$type.' key='.$key.' value='.$value.'
'."\n"; - if ($key == false) + if (empty($key)) { $key = $this->last_key; switch ($type) diff --git a/scripts/product/migrate_picture_path.php b/scripts/product/migrate_picture_path.php index 9d3cba8452f..f8624ebc040 100755 --- a/scripts/product/migrate_picture_path.php +++ b/scripts/product/migrate_picture_path.php @@ -1,6 +1,6 @@ #!/usr/bin/env php +/* Copyright (C) 2007-2016 Laurent Destailleur * Copyright (C) 2015 Jean Heimburger * * This program is free software; you can redistribute it and/or modify @@ -21,7 +21,6 @@ * \file scripts/product/migrate_picture_path.php * \ingroup scripts * \brief Migrate pictures from old system prior to 3.7 to new path for 3.7+ - * */ $sapi_type = php_sapi_name(); @@ -119,7 +118,7 @@ function migrate_product_photospath($product) $handle=opendir($origin_osencoded); if (is_resource($handle)) { - while (($file = readdir($handle)) != false) + while (($file = readdir($handle)) !== false) { if ($file != '.' && $file != '..' && is_dir($origin_osencoded.'/'.$file)) { @@ -127,7 +126,7 @@ function migrate_product_photospath($product) if (is_resource($thumbs)) { dol_mkdir($destin.'/'.$file); - while (($thumb = readdir($thumbs)) != false) + while (($thumb = readdir($thumbs)) !== false) { dol_move($origin.'/'.$file.'/'.$thumb, $destin.'/'.$file.'/'.$thumb); } From dcfc3856454888c2cba0b86f7e5dac00aa538ae1 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Wed, 29 Jun 2016 12:26:01 +0200 Subject: [PATCH 3/6] Fix to avoid blocking error in auto upgrade process --- htdocs/core/class/extrafields.class.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/htdocs/core/class/extrafields.class.php b/htdocs/core/class/extrafields.class.php index 283d189377c..32f0790fd89 100644 --- a/htdocs/core/class/extrafields.class.php +++ b/htdocs/core/class/extrafields.class.php @@ -633,7 +633,8 @@ class ExtraFields } else { - print dol_print_error($this->db); + $this->error=$this->db->lasterror(); + dol_syslog(get_class($this)."::fetch_name_optionals_label ".$this->error, LOG_ERR); } return $array_name_label; From 933ec6c11862059543e45dcc7dfef4286da18040 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Wed, 29 Jun 2016 13:14:53 +0200 Subject: [PATCH 4/6] FIX detection of HTML content when only p tag is present. --- htdocs/core/lib/functions.lib.php | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/htdocs/core/lib/functions.lib.php b/htdocs/core/lib/functions.lib.php index 495d7ce1c3c..136e31bd23a 100644 --- a/htdocs/core/lib/functions.lib.php +++ b/htdocs/core/lib/functions.lib.php @@ -4548,9 +4548,9 @@ function dol_textishtml($msg,$option=0) if (preg_match('//i',$msg)) return true; - elseif (preg_match('/<(br|div|font|li|span|strong|table)>/i',$msg)) return true; - elseif (preg_match('/<(br|div|font|li|span|strong|table)\s+[^<>\/]*>/i',$msg)) return true; - elseif (preg_match('/<(br|div|font|li|span|strong|table)\s+[^<>\/]*\/>/i',$msg)) return true; + elseif (preg_match('/<(br|div|font|li|p|span|strong|table)>/i',$msg)) return true; + elseif (preg_match('/<(br|div|font|li|p|span|strong|table)\s+[^<>\/]*>/i',$msg)) return true; + elseif (preg_match('/<(br|div|font|li|p|span|strong|table)\s+[^<>\/]*\/>/i',$msg)) return true; elseif (preg_match('/]*src[^<>]*>/i',$msg)) return true; // must accept elseif (preg_match('/]*href[^<>]*>/i',$msg)) return true; // must accept elseif (preg_match('//i',$msg)) return true; From ab444af8c2742f267127e59b3cabdea9743a5df8 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Wed, 29 Jun 2016 13:38:19 +0200 Subject: [PATCH 5/6] Fix bad css --- htdocs/admin/menus/index.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/admin/menus/index.php b/htdocs/admin/menus/index.php index cba8d45c8f3..c8b7b469bd2 100644 --- a/htdocs/admin/menus/index.php +++ b/htdocs/admin/menus/index.php @@ -361,7 +361,7 @@ if ($conf->use_javascript_ajax) if (count($remainingdata)) { - print ''; + print '
'; print ''; print ''; From 5f5328c3d87c41f8834e137b591d76cc014defec Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Wed, 29 Jun 2016 14:09:18 +0200 Subject: [PATCH 6/6] FIX Link in menu when using left menu editor was wrong. FIX Updating an entry with menu editor did not save fk_leftmenu. --- htdocs/admin/menus/edit.php | 41 +++++++++++++++++++--- htdocs/core/menus/standard/auguria.lib.php | 2 +- htdocs/core/menus/standard/eldy.lib.php | 24 +++++++++---- 3 files changed, 54 insertions(+), 13 deletions(-) diff --git a/htdocs/admin/menus/edit.php b/htdocs/admin/menus/edit.php index 9209542a9c0..b299a1f18fe 100644 --- a/htdocs/admin/menus/edit.php +++ b/htdocs/admin/menus/edit.php @@ -62,6 +62,23 @@ if ($action == 'update') { if (! $_POST['cancel']) { + $leftmenu=''; $mainmenu=''; + if (! empty($_POST['menuIdParent']) && ! is_numeric($_POST['menuIdParent'])) + { + $tmp=explode('&',$_POST['menuIdParent']); + foreach($tmp as $s) + { + if (preg_match('/fk_mainmenu=/',$s)) + { + $mainmenu=preg_replace('/fk_mainmenu=/','',$s); + } + if (preg_match('/fk_leftmenu=/',$s)) + { + $leftmenu=preg_replace('/fk_leftmenu=/','',$s); + } + } + } + $menu = new Menubase($db); $result=$menu->fetch($_POST['menuId']); if ($result > 0) @@ -75,7 +92,18 @@ if ($action == 'update') $menu->perms=$_POST['perms']; $menu->target=$_POST['target']; $menu->user=$_POST['user']; - $menu->fk_menu=$_POST['fk_menu']; + if (is_numeric($_POST['menuIdParent'])) + { + $menu->fk_menu=$_POST['menuIdParent']; + } + else + { + if ($_POST['type'] == 'top') $menu->fk_menu=0; + else $menu->fk_menu=-1; + $menu->fk_mainmenu=$mainmenu; + $menu->fk_leftmenu=$leftmenu; + } + $result=$menu->update($user); if ($result > 0) { @@ -342,7 +370,7 @@ if ($action == 'create') } else { - print ''; + print ''; } print ''; // MenuId Parent - print ''; + print ''; $valtouse=$menu->fk_menu; if ($menu->fk_mainmenu) $valtouse='fk_mainmenu='.$menu->fk_mainmenu; if ($menu->fk_leftmenu) $valtouse.='&fk_leftmenu='.$menu->fk_leftmenu; - print ''; - print ''; + print ''; + print ''; // Niveau //print ''; diff --git a/htdocs/core/menus/standard/auguria.lib.php b/htdocs/core/menus/standard/auguria.lib.php index 05b3bbf054d..2df0bf6fdef 100644 --- a/htdocs/core/menus/standard/auguria.lib.php +++ b/htdocs/core/menus/standard/auguria.lib.php @@ -78,7 +78,7 @@ function print_auguria_menu($db,$atarget,$type_user,&$tabMenu,&$menu,$noout=0,$m if (! preg_match("/^(http:\/\/|https:\/\/)/i",$newTabMenu[$i]['url'])) { - $tmp=explode('?',$newTabMenu[$i]['url'],2); + $tmp=explode('?',$newTabMenu[$i]['url'],2); $url = $shorturl = $tmp[0]; $param = (isset($tmp[1])?$tmp[1]:''); diff --git a/htdocs/core/menus/standard/eldy.lib.php b/htdocs/core/menus/standard/eldy.lib.php index e812d9919fd..9c9880c8ed1 100644 --- a/htdocs/core/menus/standard/eldy.lib.php +++ b/htdocs/core/menus/standard/eldy.lib.php @@ -1453,15 +1453,25 @@ function print_left_eldy_menu($db,$menu_array_before,$menu_array_after,&$tabMenu } } - // For external modules - $tmp=explode('?',$menu_array[$i]['url'],2); - $url = $tmp[0]; - $param = (isset($tmp[1])?$tmp[1]:''); - $url = dol_buildpath($url,1).($param?'?'.$param:''); - + $url = $shorturl = $menu_array[$i]['url']; + + if (! preg_match("/^(http:\/\/|https:\/\/)/i",$menu_array[$i]['url'])) + { + $tmp=explode('?',$menu_array[$i]['url'],2); + $url = $shorturl = $tmp[0]; + $param = (isset($tmp[1])?$tmp[1]:''); + + if (! preg_match('/mainmenu/i',$param) || ! preg_match('/leftmenu/i',$param)) $param.=($param?'&':'').'mainmenu='.$newTabMenu[$i]['mainmenu'].'&leftmenu='; + //$url.="idmenu=".$menu_array[$i]['rowid']; // Already done by menuLoad + $url = dol_buildpath($url,1).($param?'?'.$param:''); + $shorturl = $shorturl.($param?'?'.$param:''); + } + $url=preg_replace('/__LOGIN__/',$user->login,$url); + $shorturl=preg_replace('/__LOGIN__/',$user->login,$shorturl); $url=preg_replace('/__USERID__/',$user->id,$url); - + $shorturl=preg_replace('/__USERID__/',$user->id,$shorturl); + print ''."\n"; // Menu niveau 0
'.$langs->trans("NotTopTreeMenuPersonalized").''.$langs->trans('DetailMenuIdParent'); print ', '.$langs->trans("Example").': fk_mainmenu=abc&fk_leftmenu=def'; @@ -425,12 +453,15 @@ elseif ($action == 'edit') print '
'.$langs->trans('Type').''.$langs->trans(ucfirst($menu->type)).''.$langs->trans('DetailType').'
'.$langs->trans('MenuIdParent').'
'.$langs->trans('MenuIdParent'); + print ''.$langs->trans('DetailMenuIdParent').'
'.$langs->trans('DetailMenuIdParent'); + print ', '.$langs->trans("Example").': fk_mainmenu=abc&fk_leftmenu=def'; + print '
'.$langs->trans('Level').''.$menu->level.''.$langs->trans('DetailLevel').'