From cea35bd208f6a86da65d82fa014b2c3b480fd800 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Tue, 20 Jul 2021 22:14:11 +0200 Subject: [PATCH 01/12] Fix pass was lost on error --- htdocs/install/default.css | 3 +++ htdocs/install/fileconf.php | 10 +++++----- 2 files changed, 8 insertions(+), 5 deletions(-) diff --git a/htdocs/install/default.css b/htdocs/install/default.css index 731ac4131b4..85a2f4703c2 100644 --- a/htdocs/install/default.css +++ b/htdocs/install/default.css @@ -415,3 +415,6 @@ a.button:hover { vertical-align: text-bottom; } +.text-security { + -webkit-text-security: disc; +} diff --git a/htdocs/install/fileconf.php b/htdocs/install/fileconf.php index 42c8d3459fe..6a4ddc4b79a 100644 --- a/htdocs/install/fileconf.php +++ b/htdocs/install/fileconf.php @@ -476,13 +476,13 @@ if (!empty($force_install_noedit)) { - 0 && !empty($force_install_databaserootlogin)) { print ' disabled'; } ?> @@ -556,10 +556,10 @@ if (!empty($force_install_noedit)) { autocomplete="off" id="db_pass_root" name="db_pass_root" - class="needroot" + class="needroot text-security" value=" Date: Tue, 20 Jul 2021 22:42:23 +0200 Subject: [PATCH 02/12] Fix Improper Authorization Check reported by Ahsan Aziz. --- htdocs/user/card.php | 4 ++-- htdocs/user/class/user.class.php | 8 ++++++++ 2 files changed, 10 insertions(+), 2 deletions(-) diff --git a/htdocs/user/card.php b/htdocs/user/card.php index 152c39f79ac..996425c0694 100644 --- a/htdocs/user/card.php +++ b/htdocs/user/card.php @@ -314,8 +314,8 @@ if (empty($reshook)) { $id = $object->create($user); if ($id > 0) { - if (GETPOST('password')) { - $object->setPassword($user, GETPOST('password')); + if (GETPOST('password', 'none')) { + $object->setPassword($user, GETPOST('password','none')); } if (!empty($conf->categorie->enabled)) { // Categories association diff --git a/htdocs/user/class/user.class.php b/htdocs/user/class/user.class.php index 74137537e74..6d8ff911feb 100644 --- a/htdocs/user/class/user.class.php +++ b/htdocs/user/class/user.class.php @@ -1280,6 +1280,10 @@ class User extends CommonObject $langs->load("errors"); $this->error = $langs->trans("ErrorFieldRequired", $langs->transnoentitiesnoconv("Login")); return -1; + } elseif (preg_match('/[,@<>"\']/', $this->login)) { + $langs->load("errors"); + $this->error = $langs->trans("ErrorBadCharIntoLoginName"); + return -1; } $this->datec = dol_now(); @@ -1669,6 +1673,10 @@ class User extends CommonObject $langs->load("errors"); $this->error = $langs->trans("ErrorFieldRequired", 'Login'); return -1; + } elseif (preg_match('/[,@<>"\']/', $this->login)) { + $langs->load("errors"); + $this->error = $langs->trans("ErrorBadCharIntoLoginName"); + return -1; } $this->db->begin(); From e25171b9f545a8044dc462b66306380cc028e0fd Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Tue, 20 Jul 2021 23:03:19 +0200 Subject: [PATCH 03/12] Fix phpcs --- htdocs/install/fileconf.php | 2 +- htdocs/user/card.php | 2 +- htdocs/user/class/user.class.php | 12 ++++++------ 3 files changed, 8 insertions(+), 8 deletions(-) diff --git a/htdocs/install/fileconf.php b/htdocs/install/fileconf.php index 6a4ddc4b79a..369d2b93605 100644 --- a/htdocs/install/fileconf.php +++ b/htdocs/install/fileconf.php @@ -559,7 +559,7 @@ if (!empty($force_install_noedit)) { class="needroot text-security" value="create($user); if ($id > 0) { if (GETPOST('password', 'none')) { - $object->setPassword($user, GETPOST('password','none')); + $object->setPassword($user, GETPOST('password', 'none')); } if (!empty($conf->categorie->enabled)) { // Categories association diff --git a/htdocs/user/class/user.class.php b/htdocs/user/class/user.class.php index 6d8ff911feb..b1bc23463fb 100644 --- a/htdocs/user/class/user.class.php +++ b/htdocs/user/class/user.class.php @@ -1281,9 +1281,9 @@ class User extends CommonObject $this->error = $langs->trans("ErrorFieldRequired", $langs->transnoentitiesnoconv("Login")); return -1; } elseif (preg_match('/[,@<>"\']/', $this->login)) { - $langs->load("errors"); - $this->error = $langs->trans("ErrorBadCharIntoLoginName"); - return -1; + $langs->load("errors"); + $this->error = $langs->trans("ErrorBadCharIntoLoginName"); + return -1; } $this->datec = dol_now(); @@ -1674,9 +1674,9 @@ class User extends CommonObject $this->error = $langs->trans("ErrorFieldRequired", 'Login'); return -1; } elseif (preg_match('/[,@<>"\']/', $this->login)) { - $langs->load("errors"); - $this->error = $langs->trans("ErrorBadCharIntoLoginName"); - return -1; + $langs->load("errors"); + $this->error = $langs->trans("ErrorBadCharIntoLoginName"); + return -1; } $this->db->begin(); From 0e18bd4be1c8debf3482a723b14c70442d564802 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Tue, 20 Jul 2021 23:15:31 +0200 Subject: [PATCH 04/12] Fix #hunter2cd3fc73-65a1-4615-9143-9e7febd81a15 --- htdocs/main.inc.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/main.inc.php b/htdocs/main.inc.php index 99cfe360f9f..4dff3426ac9 100644 --- a/htdocs/main.inc.php +++ b/htdocs/main.inc.php @@ -461,7 +461,7 @@ if ((!defined('NOCSRFCHECK') && empty($dolibarr_nocsrfcheck) && !empty($conf->gl // Array of action code where CSRFCHECK with token will be forced (so token must be provided on url request) $arrayofactiontoforcetokencheck = array( 'activate', 'add', 'addtimespent', 'update', 'install', - 'confirm_create_user', 'confirm_create_thirdparty', 'confirm_purge', 'confirm_reject_check', + 'confirm_create_user', 'confirm_create_thirdparty', 'confirm_purge', 'confirm_reject_check', 'confirm_deletedir', 'delete', 'deletefilter', 'deleteoperation', 'deleteprof', 'deletepayment', 'disable', 'doprev', 'donext', 'dvprev', 'dvnext', 'enable', 'setpricelevel' From dc7ff07517ce9d165afed9e74f876bc684ea4042 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Tue, 20 Jul 2021 23:54:22 +0200 Subject: [PATCH 05/12] Fix #huntr7144bb4b-338f-45f0-a70e-088ef1f4c037 --- htdocs/langs/en_US/main.lang | 3 ++- htdocs/main.inc.php | 14 +++++++++----- htdocs/user/card.php | 4 ++-- htdocs/user/group/perms.php | 12 ++++++------ 4 files changed, 19 insertions(+), 14 deletions(-) diff --git a/htdocs/langs/en_US/main.lang b/htdocs/langs/en_US/main.lang index 94c851bf346..ddd60a9b68e 100644 --- a/htdocs/langs/en_US/main.lang +++ b/htdocs/langs/en_US/main.lang @@ -1137,4 +1137,5 @@ CopiedToClipboard=Copied to clipboard InformationOnLinkToContract=This amount is only the total of all the lines of the contract. No notion of time is taken into consideration. ConfirmCancel=Are you sure you want to cancel EmailMsgID=Email MsgID -Forthcoming=Forthcoming \ No newline at end of file +Forthcoming=Forthcoming +Currently=Currently \ No newline at end of file diff --git a/htdocs/main.inc.php b/htdocs/main.inc.php index 4dff3426ac9..2bd95197a2a 100644 --- a/htdocs/main.inc.php +++ b/htdocs/main.inc.php @@ -460,11 +460,15 @@ if (!defined('NOTOKENRENEWAL')) { if ((!defined('NOCSRFCHECK') && empty($dolibarr_nocsrfcheck) && !empty($conf->global->MAIN_SECURITY_CSRF_WITH_TOKEN)) || defined('CSRFCHECK_WITH_TOKEN')) { // Array of action code where CSRFCHECK with token will be forced (so token must be provided on url request) $arrayofactiontoforcetokencheck = array( - 'activate', 'add', 'addtimespent', 'update', 'install', - 'confirm_create_user', 'confirm_create_thirdparty', 'confirm_purge', 'confirm_reject_check', 'confirm_deletedir', - 'delete', 'deletefilter', 'deleteoperation', 'deleteprof', 'deletepayment', 'disable', - 'doprev', 'donext', 'dvprev', 'dvnext', - 'enable', 'setpricelevel' + 'activate', 'add', 'addrights', 'addtimespent', + 'confirm_create_user', 'confirm_create_thirdparty', 'confirm_purge', 'confirm_reject_check', 'confirm_deletedir', + 'delete', 'deletefilter', 'deleteoperation', 'deleteprof', 'deletepayment', 'delrights', + 'disable', + 'doprev', 'donext', 'dvprev', 'dvnext', + 'enable', + 'install', + 'setpricelevel', + 'update' ); $sensitiveget = false; if (in_array(GETPOST('action', 'aZ09'), $arrayofactiontoforcetokencheck)) { diff --git a/htdocs/user/card.php b/htdocs/user/card.php index c74a6fa729c..cb7aa69949c 100644 --- a/htdocs/user/card.php +++ b/htdocs/user/card.php @@ -1437,7 +1437,7 @@ if ($action == 'create' || $action == 'adduserldap') { } // Employee - print ''.$langs->trans("Employee").''; + print ''.$langs->trans("Employee").''; print 'employee ? ' checked="checked"' : '').'>'; //print yn($object->employee); print ''."\n"; @@ -1803,7 +1803,7 @@ if ($action == 'create' || $action == 'adduserldap') { print dol_print_date($object->datepreviouslogin, "dayhour").' ('.$langs->trans("Previous").'), '; } if ($object->datelastlogin) { - print dol_print_date($object->datelastlogin, "dayhour").' ('.$langs->trans("Current").')'; + print dol_print_date($object->datelastlogin, "dayhour").' ('.$langs->trans("Currently").')'; } print ''; print "\n"; diff --git a/htdocs/user/group/perms.php b/htdocs/user/group/perms.php index 618d705bfcf..9fc4426ecac 100644 --- a/htdocs/user/group/perms.php +++ b/htdocs/user/group/perms.php @@ -235,9 +235,9 @@ if ($object->id > 0) { print ''.$langs->trans("Module").''; if ($caneditperms) { print ''; - print ''.$langs->trans("All").""; + print ''.$langs->trans("All").""; print '/'; - print ''.$langs->trans("None").""; + print ''.$langs->trans("None").""; print ''; } print ' '; @@ -286,9 +286,9 @@ if ($object->id > 0) { print ''; if ($caneditperms) { print ''; - print 'module.'">'.$langs->trans("All").""; + print 'module.'&token='.newToken().'">'.$langs->trans("All").""; print '/'; - print 'module.'">'.$langs->trans("None").""; + print 'module.'&token='.newToken().'">'.$langs->trans("None").""; print ''; } else { print ' '; @@ -326,7 +326,7 @@ if ($object->id > 0) { } else { // Do not own permission if ($caneditperms) { - print 'id.'">'; + print 'id.'&token='.newToken().'">'; //print img_edit_add($langs->trans("Add")); print img_picto($langs->trans("Add"), 'switch_off'); print ''; @@ -336,7 +336,7 @@ if ($object->id > 0) { } else { // Do not own permission if ($caneditperms) { - print 'id.'">'; + print 'id.'&token='.newToken().'">'; //print img_edit_add($langs->trans("Add")); print img_picto($langs->trans("Add"), 'switch_off'); print ''; From c2f1781fae61f105632bd7f0dd0343f8dc95738b Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Wed, 21 Jul 2021 00:14:03 +0200 Subject: [PATCH 06/12] Fix #huntr5bb5a52-3b1c-40ad-9c64-61735f886736 --- htdocs/main.inc.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/main.inc.php b/htdocs/main.inc.php index 2bd95197a2a..d1423009c44 100644 --- a/htdocs/main.inc.php +++ b/htdocs/main.inc.php @@ -461,7 +461,7 @@ if ((!defined('NOCSRFCHECK') && empty($dolibarr_nocsrfcheck) && !empty($conf->gl // Array of action code where CSRFCHECK with token will be forced (so token must be provided on url request) $arrayofactiontoforcetokencheck = array( 'activate', 'add', 'addrights', 'addtimespent', - 'confirm_create_user', 'confirm_create_thirdparty', 'confirm_purge', 'confirm_reject_check', 'confirm_deletedir', + 'confirm_create_user', 'confirm_create_thirdparty', 'confirm_purge', 'confirm_reject_check', 'confirm_deletedir', 'confirm_deletefile', 'delete', 'deletefilter', 'deleteoperation', 'deleteprof', 'deletepayment', 'delrights', 'disable', 'doprev', 'donext', 'dvprev', 'dvnext', From e4bb5ed00877849b24e7d657e7ec4dd05d72be2a Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Wed, 21 Jul 2021 00:35:08 +0200 Subject: [PATCH 07/12] Fix phpcs --- htdocs/install/fileconf.php | 2 +- htdocs/main.inc.php | 18 +++++++++--------- htdocs/user/class/user.class.php | 12 ++++++------ 3 files changed, 16 insertions(+), 16 deletions(-) diff --git a/htdocs/install/fileconf.php b/htdocs/install/fileconf.php index 369d2b93605..42ea5e423af 100644 --- a/htdocs/install/fileconf.php +++ b/htdocs/install/fileconf.php @@ -559,7 +559,7 @@ if (!empty($force_install_noedit)) { class="needroot text-security" value="global->MAIN_SECURITY_CSRF_WITH_TOKEN)) || defined('CSRFCHECK_WITH_TOKEN')) { // Array of action code where CSRFCHECK with token will be forced (so token must be provided on url request) $arrayofactiontoforcetokencheck = array( - 'activate', 'add', 'addrights', 'addtimespent', - 'confirm_create_user', 'confirm_create_thirdparty', 'confirm_purge', 'confirm_reject_check', 'confirm_deletedir', 'confirm_deletefile', - 'delete', 'deletefilter', 'deleteoperation', 'deleteprof', 'deletepayment', 'delrights', - 'disable', - 'doprev', 'donext', 'dvprev', 'dvnext', - 'enable', - 'install', - 'setpricelevel', - 'update' + 'activate', 'add', 'addrights', 'addtimespent', + 'confirm_create_user', 'confirm_create_thirdparty', 'confirm_purge', 'confirm_reject_check', 'confirm_deletedir', 'confirm_deletefile', + 'delete', 'deletefilter', 'deleteoperation', 'deleteprof', 'deletepayment', 'delrights', + 'disable', + 'doprev', 'donext', 'dvprev', 'dvnext', + 'enable', + 'install', + 'setpricelevel', + 'update' ); $sensitiveget = false; if (in_array(GETPOST('action', 'aZ09'), $arrayofactiontoforcetokencheck)) { diff --git a/htdocs/user/class/user.class.php b/htdocs/user/class/user.class.php index b1bc23463fb..816d3dc3e27 100644 --- a/htdocs/user/class/user.class.php +++ b/htdocs/user/class/user.class.php @@ -1281,9 +1281,9 @@ class User extends CommonObject $this->error = $langs->trans("ErrorFieldRequired", $langs->transnoentitiesnoconv("Login")); return -1; } elseif (preg_match('/[,@<>"\']/', $this->login)) { - $langs->load("errors"); - $this->error = $langs->trans("ErrorBadCharIntoLoginName"); - return -1; + $langs->load("errors"); + $this->error = $langs->trans("ErrorBadCharIntoLoginName"); + return -1; } $this->datec = dol_now(); @@ -1674,9 +1674,9 @@ class User extends CommonObject $this->error = $langs->trans("ErrorFieldRequired", 'Login'); return -1; } elseif (preg_match('/[,@<>"\']/', $this->login)) { - $langs->load("errors"); - $this->error = $langs->trans("ErrorBadCharIntoLoginName"); - return -1; + $langs->load("errors"); + $this->error = $langs->trans("ErrorBadCharIntoLoginName"); + return -1; } $this->db->begin(); From dbed6bc0da64d23df249189b27d20e7a63d56ad4 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Wed, 21 Jul 2021 01:18:48 +0200 Subject: [PATCH 08/12] Fix #yogosha6678 --- htdocs/install/check.php | 2 +- htdocs/main.inc.php | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/htdocs/install/check.php b/htdocs/install/check.php index 35efe1f36b2..99e9e38c958 100644 --- a/htdocs/install/check.php +++ b/htdocs/install/check.php @@ -100,7 +100,7 @@ print "
\n"; // Check PHP support for $_GET and $_POST if (!isset($_GET["testget"]) && !isset($_POST["testpost"])) { // We must keep $_GET and $_POST here print 'Warning '.$langs->trans("PHPSupportPOSTGETKo"); - print ' ('.$langs->trans("Recheck").')'; + print ' ('.$langs->trans("Recheck").')'; print "
\n"; $checksok = 0; } else { diff --git a/htdocs/main.inc.php b/htdocs/main.inc.php index a30f02f7fba..cc9ff9e6297 100644 --- a/htdocs/main.inc.php +++ b/htdocs/main.inc.php @@ -80,7 +80,7 @@ function realCharForNumericEntities($matches) * Warning: Such a protection can't be enough. It is not reliable as it will always be possible to bypass this. Good protection can * only be guaranted by escaping data during output. * - * @param string $val Value brut found int $_GET, $_POST or PHP_SELF + * @param string $val Brut value found into $_GET, $_POST or PHP_SELF * @param string $type 0=POST, 1=GET, 2=PHP_SELF, 3=GET without sql reserved keywords (the less tolerant test) * @return int >0 if there is an injection, 0 if none */ From 23f708c0d4e39341cac703e3710330cca3364148 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Wed, 21 Jul 2021 01:27:14 +0200 Subject: [PATCH 09/12] Fix phpcs --- htdocs/main.inc.php | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/htdocs/main.inc.php b/htdocs/main.inc.php index cc9ff9e6297..2ceb2175799 100644 --- a/htdocs/main.inc.php +++ b/htdocs/main.inc.php @@ -460,15 +460,15 @@ if (!defined('NOTOKENRENEWAL')) { if ((!defined('NOCSRFCHECK') && empty($dolibarr_nocsrfcheck) && !empty($conf->global->MAIN_SECURITY_CSRF_WITH_TOKEN)) || defined('CSRFCHECK_WITH_TOKEN')) { // Array of action code where CSRFCHECK with token will be forced (so token must be provided on url request) $arrayofactiontoforcetokencheck = array( - 'activate', 'add', 'addrights', 'addtimespent', - 'confirm_create_user', 'confirm_create_thirdparty', 'confirm_purge', 'confirm_reject_check', 'confirm_deletedir', 'confirm_deletefile', - 'delete', 'deletefilter', 'deleteoperation', 'deleteprof', 'deletepayment', 'delrights', - 'disable', - 'doprev', 'donext', 'dvprev', 'dvnext', - 'enable', - 'install', - 'setpricelevel', - 'update' + 'activate', 'add', 'addrights', 'addtimespent', + 'confirm_create_user', 'confirm_create_thirdparty', 'confirm_purge', 'confirm_reject_check', 'confirm_deletedir', 'confirm_deletefile', + 'delete', 'deletefilter', 'deleteoperation', 'deleteprof', 'deletepayment', 'delrights', + 'disable', + 'doprev', 'donext', 'dvprev', 'dvnext', + 'enable', + 'install', + 'setpricelevel', + 'update' ); $sensitiveget = false; if (in_array(GETPOST('action', 'aZ09'), $arrayofactiontoforcetokencheck)) { From 062c39c40da01cf1a69be2f1c4212df6a459f0b2 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Wed, 21 Jul 2021 01:40:45 +0200 Subject: [PATCH 10/12] Fix html entities when we should not --- htdocs/comm/action/class/actioncomm.class.php | 2 +- htdocs/core/js/lib_notification.js.php | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/htdocs/comm/action/class/actioncomm.class.php b/htdocs/comm/action/class/actioncomm.class.php index 7fd294b89b2..c6c0d277edd 100644 --- a/htdocs/comm/action/class/actioncomm.class.php +++ b/htdocs/comm/action/class/actioncomm.class.php @@ -2340,7 +2340,7 @@ class ActionComm extends CommonObject $sendContent = make_substitutions($langs->trans($arraymessage->content), $substitutionarray); //Topic - $sendTopic = (!empty($arraymessage->topic)) ? $arraymessage->topic : html_entity_decode($langs->trans('EventReminder')); + $sendTopic = (!empty($arraymessage->topic)) ? $arraymessage->topic : html_entity_decode($langs->transnoentities('EventReminder')); // Recipient $recipient = new User($this->db); diff --git a/htdocs/core/js/lib_notification.js.php b/htdocs/core/js/lib_notification.js.php index 616463b944d..ee41555119a 100644 --- a/htdocs/core/js/lib_notification.js.php +++ b/htdocs/core/js/lib_notification.js.php @@ -131,8 +131,8 @@ function check_events() { if (value.type == 'agenda') { - url = '' + value.id_agenda; - title = 'trans('EventReminder')) ?>'; + url = '' + value.id_agenda; + title = 'transnoentities('EventReminder')) ?>'; } var extra = { icon: '', From 4c505619e3b4779ab3f222c308596906638e65eb Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Fri, 23 Jul 2021 00:02:14 +0200 Subject: [PATCH 11/12] FIX look and field v14 --- htdocs/contrat/card.php | 13 ++- htdocs/core/lib/company.lib.php | 17 ++-- .../modules/barcode/modules_barcode.class.php | 2 +- .../product/mod_codeproduct_elephant.php | 2 +- .../modules/product/modules_product.class.php | 3 +- .../modules/societe/modules_societe.class.php | 3 +- htdocs/holiday/class/holiday.class.php | 6 +- htdocs/holiday/list.php | 10 +- .../modulebuilder/template/myobject_list.php | 17 ++-- htdocs/product/admin/product.php | 17 +++- .../class/recruitmentjobposition.class.php | 6 +- .../recruitmentjobposition_list.php | 96 +++++++++++++------ htdocs/ticket/list.php | 2 +- 13 files changed, 122 insertions(+), 72 deletions(-) diff --git a/htdocs/contrat/card.php b/htdocs/contrat/card.php index 32edf9a1558..d5187c6a040 100644 --- a/htdocs/contrat/card.php +++ b/htdocs/contrat/card.php @@ -1003,7 +1003,7 @@ if ($action == 'create') { $soc->fetch($socid); } - if (GETPOST('origin') && GETPOST('originid')) { + if (GETPOST('origin') && GETPOST('originid', 'int')) { // Parse element/subelement (ex: project_task) $regs = array(); $element = $subelement = GETPOST('origin'); @@ -1013,7 +1013,7 @@ if ($action == 'create') { } if ($element == 'project') { - $projectid = GETPOST('originid'); + $projectid = GETPOST('originid', 'int'); } else { // For compatibility if ($element == 'order' || $element == 'commande') { @@ -1094,7 +1094,8 @@ if ($action == 'create') { print ''; } else { print ''; - print $form->select_company('', 'socid', '', 'SelectThirdParty', 1, 0, null, 0, 'minwidth300'); + print img_picto('', 'company', 'class="pictofixedwidth"'); + print $form->select_company('', 'socid', '', 'SelectThirdParty', 1, 0, null, 0, 'minwidth300 widthcentpercentminusxx maxwidth500'); print ' '; print ''; } @@ -1121,11 +1122,13 @@ if ($action == 'create') { // Commercial suivi print ''.$langs->trans("TypeContact_contrat_internal_SALESREPFOLL").''; + print img_picto('', 'user', 'class="pictofixedwidth"'); print $form->select_dolusers(GETPOST("commercial_suivi_id") ?GETPOST("commercial_suivi_id") : $user->id, 'commercial_suivi_id', 1, ''); print ''; // Commercial signature print ''.$langs->trans("TypeContact_contrat_internal_SALESREPSIGN").''; + print img_picto('', 'user', 'class="pictofixedwidth"'); print $form->select_dolusers(GETPOST("commercial_signature_id") ?GETPOST("commercial_signature_id") : $user->id, 'commercial_signature_id', 1, ''); print ''; @@ -1686,7 +1689,7 @@ if ($action == 'create') { $colspan++; } - // Ligne dates prevues + // Line dates planed print ''; print ''; print $langs->trans("DateStartPlanned").' '; @@ -1786,7 +1789,7 @@ if ($action == 'create') { print ''; print ''; - print ''; + print ''; print ''; $texte .= ''; - $texte .= ''; + $texte .= ''; $texte .= ''; diff --git a/htdocs/core/modules/product/modules_product.class.php b/htdocs/core/modules/product/modules_product.class.php index e0141348568..fef12717e3b 100644 --- a/htdocs/core/modules/product/modules_product.class.php +++ b/htdocs/core/modules/product/modules_product.class.php @@ -193,7 +193,8 @@ abstract class ModeleProductCode { global $conf; - $langs->load("admin"); + $langs->loadLangs(array("admin", "companies")); + $strikestart = ''; $strikeend = ''; if (!empty($conf->global->MAIN_COMPANY_CODE_ALWAYS_REQUIRED) && !empty($this->code_null)) { diff --git a/htdocs/core/modules/societe/modules_societe.class.php b/htdocs/core/modules/societe/modules_societe.class.php index 28d0120da72..09f6cb9c29d 100644 --- a/htdocs/core/modules/societe/modules_societe.class.php +++ b/htdocs/core/modules/societe/modules_societe.class.php @@ -198,7 +198,8 @@ abstract class ModeleThirdPartyCode { global $conf; - $langs->load("admin"); + $langs->loadLangs(array("admin", "companies")); + $strikestart = ''; $strikeend = ''; if (!empty($conf->global->MAIN_COMPANY_CODE_ALWAYS_REQUIRED) && !empty($this->code_null)) { diff --git a/htdocs/holiday/class/holiday.class.php b/htdocs/holiday/class/holiday.class.php index 82229198185..1513eb6ea96 100644 --- a/htdocs/holiday/class/holiday.class.php +++ b/htdocs/holiday/class/holiday.class.php @@ -1296,11 +1296,11 @@ class Holiday extends CommonObject * * @param int $selected Id of preselected status * @param string $htmlname Name of HTML select field + * @param string $morecss More CSS on select component * @return string Show select of status */ - public function selectStatutCP($selected = '', $htmlname = 'select_statut') + public function selectStatutCP($selected = '', $htmlname = 'select_statut', $morecss = 'minwidth125') { - global $langs; // Liste des statuts @@ -1308,7 +1308,7 @@ class Holiday extends CommonObject $nb = count($name) + 1; // Select HTML - $out = ''."\n"; $out .= ''."\n"; // Boucle des statuts diff --git a/htdocs/holiday/list.php b/htdocs/holiday/list.php index ab57a497e8e..e7a09abea6e 100644 --- a/htdocs/holiday/list.php +++ b/htdocs/holiday/list.php @@ -636,7 +636,7 @@ if ($resql) { // Create date if (!empty($arrayfields['cp.date_create']['checked'])) { - print ''; @@ -644,7 +644,7 @@ if ($resql) { // Create date if (!empty($arrayfields['cp.tms']['checked'])) { - print ''; @@ -652,8 +652,8 @@ if ($resql) { // Status if (!empty($arrayfields['cp.statut']['checked'])) { - print ''; } @@ -781,7 +781,7 @@ if ($resql) { } } if (!empty($arrayfields['cp.fk_type']['checked'])) { - print ''; diff --git a/htdocs/modulebuilder/template/myobject_list.php b/htdocs/modulebuilder/template/myobject_list.php index 4633a69e6dd..1e319e18ec2 100644 --- a/htdocs/modulebuilder/template/myobject_list.php +++ b/htdocs/modulebuilder/template/myobject_list.php @@ -327,22 +327,21 @@ $reshook = $hookmanager->executeHooks('printFieldListWhere', $parameters, $objec $sql .= $hookmanager->resPrint; /* If a group by is required -$sql.= " GROUP BY "; -foreach($object->fields as $key => $val) -{ - $sql.='t.'.$key.', '; +$sql .= " GROUP BY "; +foreach($object->fields as $key => $val) { + $sql .= 't.'.$key.', '; } // Add fields from extrafields -if (! empty($extrafields->attributes[$object->table_element]['label'])) { +if (!empty($extrafields->attributes[$object->table_element]['label'])) { foreach ($extrafields->attributes[$object->table_element]['label'] as $key => $val) { $sql .= ($extrafields->attributes[$object->table_element]['type'][$key] != 'separate' ? "ef.".$key.', ' : ''); } } // Add where from hooks -$parameters=array(); -$reshook=$hookmanager->executeHooks('printFieldListGroupBy', $parameters, $object); // Note that $action and $object may have been modified by hook -$sql.=$hookmanager->resPrint; -$sql=preg_replace('/,\s*$/','', $sql); +$parameters = array(); +$reshook = $hookmanager->executeHooks('printFieldListGroupBy', $parameters, $object); // Note that $action and $object may have been modified by hook +$sql .= $hookmanager->resPrint; +$sql = preg_replace('/,\s*$/', '', $sql); */ $sql .= $db->order($sortfield, $sortorder); diff --git a/htdocs/product/admin/product.php b/htdocs/product/admin/product.php index 5a83c685e0f..fa75a20277f 100644 --- a/htdocs/product/admin/product.php +++ b/htdocs/product/admin/product.php @@ -295,13 +295,14 @@ $dirmodels = array_merge(array('/'), (array) $conf->modules_parts['models']); print load_fiche_titre($langs->trans("ProductCodeChecker"), '', ''); +print '
'; print '
'.$langs->trans("ServiceStatus").': '.$object->lines[$cursorline - 1]->getLibStatut(4).''.$langs->trans("ServiceStatus").': '.$object->lines[$cursorline - 1]->getLibStatut(4).''; if ($user->socid == 0) { if ($object->statut > 0 && $action != 'activateline' && $action != 'unactivateline') { diff --git a/htdocs/core/lib/company.lib.php b/htdocs/core/lib/company.lib.php index cb710c19875..7d261f2d5ab 100644 --- a/htdocs/core/lib/company.lib.php +++ b/htdocs/core/lib/company.lib.php @@ -1948,7 +1948,9 @@ function show_subsidiaries($conf, $langs, $db, $object) $socstatic = new Societe($db); print load_fiche_titre($langs->trans("Subsidiaries"), '', ''); - print "\n".''."\n"; + + print "\n".'
'."\n"; + print '
'."\n"; print ''; print ''; @@ -1976,17 +1978,17 @@ function show_subsidiaries($conf, $langs, $db, $object) print ''; - print ''; - print ''; - print ''; - print ''; - print ''; + print ''; + print ''; + print ''; + print ''; print ''; @@ -1994,6 +1996,7 @@ function show_subsidiaries($conf, $langs, $db, $object) $i++; } print "\n
'.$langs->trans("Company").''.$langs->trans("Address").''.$langs->trans("Zip").'
'; + print ''; print $socstatic->getNomUrl(1); print ''.$obj->address.''.$obj->zip.''.$obj->town.''.$obj->code_client.''.dol_escape_htmltag($obj->address).''.$obj->zip.''.$obj->town.''.$obj->code_client.''; - print ''; + print ''; print img_edit(); print '
\n"; + print ''."\n"; } print "
\n"; diff --git a/htdocs/core/modules/barcode/modules_barcode.class.php b/htdocs/core/modules/barcode/modules_barcode.class.php index 99fc8ed366d..01a00405452 100644 --- a/htdocs/core/modules/barcode/modules_barcode.class.php +++ b/htdocs/core/modules/barcode/modules_barcode.class.php @@ -138,7 +138,7 @@ abstract class ModeleNumRefBarCode { global $conf; - $langs->load("admin"); + $langs->loadLangs(array("admin", "companies")); $s = ''; $s .= $langs->trans("Name").': '.$this->name.'
'; diff --git a/htdocs/core/modules/product/mod_codeproduct_elephant.php b/htdocs/core/modules/product/mod_codeproduct_elephant.php index 5936476e079..0b03bd9b6a4 100644 --- a/htdocs/core/modules/product/mod_codeproduct_elephant.php +++ b/htdocs/core/modules/product/mod_codeproduct_elephant.php @@ -118,7 +118,7 @@ class mod_codeproduct_elephant extends ModeleProductCode $texte .= '
'.$langs->trans("Mask").' ('.$langs->trans("ProductCodeModel").'):'.$form->textwithpicto('', $tooltip, 1, 1).'   
'; + print ''; print ''; $formother->select_year($search_year_create, 'search_year_create', 1, $min_year, 0); print ''; + print ''; print ''; $formother->select_year($search_year_update, 'search_year_update', 1, $min_year, 0); print ''; - $object->selectStatutCP($search_status, 'search_status'); + print ''; + $object->selectStatutCP($search_status, 'search_status', 'minwidth125'); print ''; + print ''; $labeltypeleavetoshow = ($langs->trans($typeleaves[$obj->fk_type]['code']) != $typeleaves[$obj->fk_type]['code'] ? $langs->trans($typeleaves[$obj->fk_type]['code']) : $typeleaves[$obj->fk_type]['label']); print empty($typeleaves[$obj->fk_type]['label']) ? $langs->trans("TypeWasDisabledOrRemoved", $obj->fk_type) : $labeltypeleavetoshow; print '
'."\n"; print ''."\n"; print ' '; print ' '; print ' '; print ' '; -print ' '; +print ' '; print "\n"; foreach ($dirproduct as $dirroot) { @@ -333,7 +334,7 @@ foreach ($dirproduct as $dirroot) { print ''."\n"; print ''."\n"; print ''."\n"; - print ''."\n"; + print ''."\n"; if (!empty($conf->global->PRODUCT_CODEPRODUCT_ADDON) && $conf->global->PRODUCT_CODEPRODUCT_ADDON == $file) { print '
'.$langs->trans("Name").''.$langs->trans("Description").''.$langs->trans("Example").''.$langs->trans("Status").''.$langs->trans("ShortInfo").'
'.$modCodeProduct->name.''.$modCodeProduct->info($langs).''.$modCodeProduct->getExample($langs).''.$modCodeProduct->getExample($langs).''."\n"; @@ -366,6 +367,7 @@ foreach ($dirproduct as $dirroot) { } } print '
'; +print ''; // Module to build doc $def = array(); @@ -390,13 +392,14 @@ print '
'; print load_fiche_titre($langs->trans("ProductDocumentTemplates"), '', ''); +print '
'; print ''; print ''; print ''; print ''; print '\n"; print '\n"; -print ''; +print ''; print ''; print "\n"; @@ -499,6 +502,8 @@ foreach ($dirmodels as $reldir) { } print '
'.$langs->trans("Name").''.$langs->trans("Description").''.$langs->trans("Status")."'.$langs->trans("Default")."'.$langs->trans("ShortInfo").''.$langs->trans("Preview").'
'; +print '
'; + print "
"; /* @@ -517,6 +522,7 @@ print ''; print load_fiche_titre($langs->trans("ProductOtherConf"), '', ''); +print '
'; print ''; print ''; print ''."\n"; @@ -611,6 +617,7 @@ if ((!empty($conf->fournisseur->enabled) && empty($conf->global->MAIN_USE_NEW_SU } print '
'.$langs->trans("Parameters").'
'; +print '
'; print '
'; print ''; @@ -620,6 +627,7 @@ print '
'; print load_fiche_titre($langs->trans("UserInterface"), '', ''); +print '
'; print ''; print ''; print ''."\n"; @@ -671,7 +679,7 @@ print $form->selectarray( 0, 0, '', - 'maxwidth400', + 'minwidth100imp maxwidth400', 1 ); print ''; @@ -772,6 +780,7 @@ if (!empty($conf->global->PRODUCT_CANVAS_ABILITY)) { } print '
'.$langs->trans("Parameters").'
'; +print '
'; print '
'; print ''; diff --git a/htdocs/recruitment/class/recruitmentjobposition.class.php b/htdocs/recruitment/class/recruitmentjobposition.class.php index 2f180bcc8ec..892ba4121e9 100644 --- a/htdocs/recruitment/class/recruitmentjobposition.class.php +++ b/htdocs/recruitment/class/recruitmentjobposition.class.php @@ -101,13 +101,13 @@ class RecruitmentJobPosition extends CommonObject public $fields = array( 'rowid' => array('type'=>'integer', 'label'=>'TechnicalID', 'enabled'=>'1', 'position'=>1, 'notnull'=>1, 'visible'=>0, 'noteditable'=>'1', 'index'=>1, 'comment'=>"Id"), 'entity' => array('type'=>'integer', 'label'=>'Entity', 'enabled'=>1, 'visible'=>0, 'position'=>5, 'notnull'=>1, 'default'=>'1', 'index'=>1), - 'ref' => array('type'=>'varchar(128)', 'label'=>'Ref', 'enabled'=>'1', 'position'=>10, 'notnull'=>1, 'visible'=>4, 'noteditable'=>'1', 'default'=>'(PROV)', 'index'=>1, 'searchall'=>1, 'showoncombobox'=>'1', 'comment'=>"Reference of object"), + 'ref' => array('type'=>'varchar(128)', 'label'=>'Ref', 'enabled'=>'1', 'position'=>10, 'notnull'=>1, 'visible'=>4, 'noteditable'=>'1', 'default'=>'(PROV)', 'index'=>1, 'searchall'=>1, 'showoncombobox'=>'1', 'comment'=>"Reference of object", 'css'=>'nowraponall'), 'label' => array('type'=>'varchar(255)', 'label'=>'JobLabel', 'enabled'=>'1', 'position'=>30, 'notnull'=>1, 'visible'=>1, 'searchall'=>1, 'css'=>'minwidth500', 'csslist'=>'tdoverflowmax300', 'showoncombobox'=>'2', 'autofocusoncreate'=>1), 'qty' => array('type'=>'integer', 'label'=>'NbOfEmployeesExpected', 'enabled'=>'1', 'position'=>45, 'notnull'=>1, 'visible'=>1, 'default'=>'1', 'isameasure'=>'1', 'css'=>'maxwidth75imp'), 'fk_project' => array('type'=>'integer:Project:projet/class/project.class.php:1', 'label'=>'Project', 'enabled'=>'1', 'position'=>52, 'notnull'=>-1, 'visible'=>-1, 'index'=>1, 'css'=>'maxwidth500', 'picto'=>'project'), - 'fk_user_recruiter' => array('type'=>'integer:User:user/class/user.class.php', 'label'=>'ResponsibleOfRecruitement', 'enabled'=>'1', 'position'=>54, 'notnull'=>1, 'visible'=>1, 'foreignkey'=>'user.rowid', 'csslist'=>'tdoverflowmax150'), + 'fk_user_recruiter' => array('type'=>'integer:User:user/class/user.class.php', 'label'=>'ResponsibleOfRecruitement', 'enabled'=>'1', 'position'=>54, 'notnull'=>1, 'visible'=>1, 'foreignkey'=>'user.rowid', 'css'=>'maxwidth500', 'csslist'=>'tdoverflowmax150', 'picto'=>'user'), 'email_recruiter' => array('type'=>'varchar(255)', 'label'=>'EmailRecruiter', 'enabled'=>'1', 'position'=>54, 'notnull'=>0, 'visible'=>-1, 'help'=>'ToUseAGenericEmail', 'picto'=>'email'), - 'fk_user_supervisor' => array('type'=>'integer:User:user/class/user.class.php', 'label'=>'FutureManager', 'enabled'=>'1', 'position'=>55, 'notnull'=>0, 'visible'=>-1, 'foreignkey'=>'user.rowid',), + 'fk_user_supervisor' => array('type'=>'integer:User:user/class/user.class.php', 'label'=>'FutureManager', 'enabled'=>'1', 'position'=>55, 'notnull'=>0, 'visible'=>-1, 'foreignkey'=>'user.rowid', 'css'=>'maxwidth500', 'csslist'=>'tdoverflowmax150', 'picto'=>'user'), 'fk_establishment' => array('type'=>'integer:Establishment:hrm/class/establishment.class.php', 'label'=>'Establishment', 'enabled'=>'$conf->hrm->enabled', 'position'=>56, 'notnull'=>0, 'visible'=>-1, 'foreignkey'=>'establishment.rowid',), 'fk_soc' => array('type'=>'integer:Societe:societe/class/societe.class.php:1:status=1 AND entity IN (__SHARED_ENTITIES__)', 'label'=>'WorkPlace', 'enabled'=>'1', 'position'=>57, 'notnull'=>-1, 'visible'=>-1, 'css'=>'maxwidth500', 'index'=>1, 'help'=>"IfJobIsLocatedAtAPartner", 'picto'=>'company'), 'date_planned' => array('type'=>'date', 'label'=>'DateExpected', 'enabled'=>'1', 'position'=>60, 'notnull'=>0, 'visible'=>1,), diff --git a/htdocs/recruitment/recruitmentjobposition_list.php b/htdocs/recruitment/recruitmentjobposition_list.php index 7ccad1de16a..3398a47dca3 100644 --- a/htdocs/recruitment/recruitmentjobposition_list.php +++ b/htdocs/recruitment/recruitmentjobposition_list.php @@ -103,8 +103,9 @@ $sortfield = GETPOST('sortfield', 'aZ09comma'); $sortorder = GETPOST('sortorder', 'aZ09comma'); $page = GETPOSTISSET('pageplusone') ? (GETPOST('pageplusone') - 1) : GETPOST("page", 'int'); if (empty($page) || $page < 0 || GETPOST('button_search', 'alpha') || GETPOST('button_removefilter', 'alpha')) { + // If $page is not defined, or '' or -1 or if we click on clear filters $page = 0; -} // If $page is not defined, or '' or -1 or if we click on clear filters +} $offset = $limit * $page; $pageprev = $page - 1; $pagenext = $page + 1; @@ -123,6 +124,7 @@ $search_array_options = $extrafields->getOptionalsFromPost($object->table_elemen // Default sort order (if not yet defined by previous GETPOST) if (!$sortfield) { + reset($object->fields); // Reset is required to avoid key() to return null. $sortfield = "t.".key($object->fields); // Set here default search field. By default 1st field in definition. } if (!$sortorder) { @@ -146,17 +148,18 @@ foreach ($object->fields as $key => $val) { } } -// Definition of fields for list +// Definition of array of fields for columns $arrayfields = array(); foreach ($object->fields as $key => $val) { // If $val['visible']==0, then we never show the field if (!empty($val['visible'])) { - $visible = dol_eval($val['visible'], 1); + $visible = (int) dol_eval($val['visible'], 1); $arrayfields['t.'.$key] = array( 'label'=>$val['label'], 'checked'=>(($visible < 0) ? 0 : 1), 'enabled'=>($visible != 3 && dol_eval($val['enabled'], 1)), - 'position'=>$val['position'] + 'position'=>$val['position'], + 'help'=> isset($val['help']) ? $val['help'] : '' ); } } @@ -164,7 +167,7 @@ foreach ($object->fields as $key => $val) { include DOL_DOCUMENT_ROOT.'/core/tpl/extrafields_list_array_fields.tpl.php'; $object->fields = dol_sort_array($object->fields, 'position'); -$arrayfields['nbapplications'] = array('label'=>'Applications', 'checked'=>1, 'enabled'=>1, 'position'=>90); +$arrayfields['nbapplications'] = array('type'=>'integer', 'label'=>'Applications', 'checked'=>1, 'enabled'=>1, 'position'=>90, 'csslist'=>'right'); $arrayfields = dol_sort_array($arrayfields, 'position'); $permissiontoread = $user->rights->recruitment->recruitmentjobposition->read; @@ -184,7 +187,8 @@ $result = restrictedArea($user, 'recruitment', 0, 'recruitment_recruitmentjobpos */ if (GETPOST('cancel', 'alpha')) { - $action = 'list'; $massaction = ''; + $action = 'list'; + $massaction = ''; } if (!GETPOST('confirmmassaction', 'alpha') && $massaction != 'presend' && $massaction != 'confirm_presend') { $massaction = ''; @@ -238,13 +242,11 @@ $title = $langs->trans('ListOfPositionsToBeFilled'); // Build and execute select // -------------------------------------------------------------------- $sql = 'SELECT '; -foreach ($object->fields as $key => $val) { - $sql .= 't.'.$key.', '; -} +$sql .= $object->getFieldList('t'); // Add fields from extrafields if (!empty($extrafields->attributes[$object->table_element]['label'])) { foreach ($extrafields->attributes[$object->table_element]['label'] as $key => $val) { - $sql .= ($extrafields->attributes[$object->table_element]['type'][$key] != 'separate' ? "ef.".$key.' as options_'.$key.', ' : ''); + $sql .= ($extrafields->attributes[$object->table_element]['type'][$key] != 'separate' ? ", ef.".$key.' as options_'.$key.', ' : ''); } } // Add fields from hooks @@ -258,24 +260,42 @@ $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."recruitment_recruitmentcandidature as rc O if (isset($extrafields->attributes[$object->table_element]['label']) && is_array($extrafields->attributes[$object->table_element]['label']) && count($extrafields->attributes[$object->table_element]['label'])) { $sql .= " LEFT JOIN ".MAIN_DB_PREFIX.$object->table_element."_extrafields as ef on (t.rowid = ef.fk_object)"; } +// Add table from hooks +$parameters = array(); +$reshook = $hookmanager->executeHooks('printFieldListFrom', $parameters, $object); // Note that $action and $object may have been modified by hook +$sql .= $hookmanager->resPrint; if ($object->ismultientitymanaged == 1) { $sql .= " WHERE t.entity IN (".getEntity($object->element).")"; } else { $sql .= " WHERE 1 = 1"; } foreach ($search as $key => $val) { - if ($key == 'status' && $search[$key] == -1) { - continue; - } - $mode_search = (($object->isInt($object->fields[$key]) || $object->isFloat($object->fields[$key])) ? 1 : 0); - if (strpos($object->fields[$key]['type'], 'integer:') === 0) { - if ($search[$key] == '-1') { - $search[$key] = ''; + if (array_key_exists($key, $object->fields)) { + if ($key == 'status' && $search[$key] == -1) { + continue; + } + $mode_search = (($object->isInt($object->fields[$key]) || $object->isFloat($object->fields[$key])) ? 1 : 0); + if ((strpos($object->fields[$key]['type'], 'integer:') === 0) || (strpos($object->fields[$key]['type'], 'sellist:') === 0) || !empty($object->fields[$key]['arrayofkeyval'])) { + if ($search[$key] == '-1' || $search[$key] === '0') { + $search[$key] = ''; + } + $mode_search = 2; + } + if ($search[$key] != '') { + $sql .= natural_search($key, $search[$key], (($key == 'status') ? 2 : $mode_search)); + } + } else { + if (preg_match('/(_dtstart|_dtend)$/', $key) && $search[$key] != '') { + $columnName=preg_replace('/(_dtstart|_dtend)$/', '', $key); + if (preg_match('/^(date|timestamp|datetime)/', $object->fields[$columnName]['type'])) { + if (preg_match('/_dtstart$/', $key)) { + $sql .= " AND t." . $columnName . " >= '" . $db->idate($search[$key]) . "'"; + } + if (preg_match('/_dtend$/', $key)) { + $sql .= " AND t." . $columnName . " <= '" . $db->idate($search[$key]) . "'"; + } + } } - $mode_search = 2; - } - if ($search[$key] != '') { - $sql .= natural_search($key, $search[$key], (($key == 'status') ? 2 : $mode_search)); } } if ($search_all) { @@ -372,6 +392,10 @@ if ($optioncss != '') { } // Add $param from extra fields include DOL_DOCUMENT_ROOT.'/core/tpl/extrafields_list_search_param.tpl.php'; +// Add $param from hooks +$parameters = array(); +$reshook = $hookmanager->executeHooks('printFieldListSearchParam', $parameters, $object); // Note that $action and $object may have been modified by hook +$param .= $hookmanager->resPrint; // List of mass actions available $arrayofmassactions = array( @@ -449,30 +473,38 @@ print ''; foreach ($object->fields as $key => $val) { - $cssforfield = (empty($val['css']) ? '' : $val['css']); + $cssforfield = (empty($val['csslist']) ? (empty($val['css']) ? '' : $val['css']) : $val['csslist']); if ($key == 'status') { $cssforfield .= ($cssforfield ? ' ' : '').'center'; } elseif (in_array($val['type'], array('date', 'datetime', 'timestamp'))) { $cssforfield .= ($cssforfield ? ' ' : '').'center'; } elseif (in_array($val['type'], array('timestamp'))) { $cssforfield .= ($cssforfield ? ' ' : '').'nowrap'; - } elseif (in_array($val['type'], array('double(24,8)', 'double(6,3)', 'integer', 'real', 'price')) && $val['label'] != 'TechnicalID') { + } elseif (in_array($val['type'], array('double(24,8)', 'double(6,3)', 'integer', 'real', 'price')) && $val['label'] != 'TechnicalID' && empty($val['arrayofkeyval'])) { $cssforfield .= ($cssforfield ? ' ' : '').'right'; } if (!empty($arrayfields['t.'.$key]['checked'])) { print ''; } } // Extra fields include DOL_DOCUMENT_ROOT.'/core/tpl/extrafields_list_search_input.tpl.php'; + // Fields from hook $parameters = array('arrayfields'=>$arrayfields); $reshook = $hookmanager->executeHooks('printFieldListOption', $parameters, $object); // Note that $action and $object may have been modified by hook @@ -492,14 +524,14 @@ print ''."\n"; // -------------------------------------------------------------------- print ''; foreach ($object->fields as $key => $val) { - $cssforfield = (empty($val['css']) ? '' : $val['css']); + $cssforfield = (empty($val['csslist']) ? (empty($val['css']) ? '' : $val['css']) : $val['csslist']); if ($key == 'status') { $cssforfield .= ($cssforfield ? ' ' : '').'center'; } elseif (in_array($val['type'], array('date', 'datetime', 'timestamp'))) { $cssforfield .= ($cssforfield ? ' ' : '').'center'; } elseif (in_array($val['type'], array('timestamp'))) { $cssforfield .= ($cssforfield ? ' ' : '').'nowrap'; - } elseif (in_array($val['type'], array('double(24,8)', 'double(6,3)', 'integer', 'real', 'price')) && $val['label'] != 'TechnicalID') { + } elseif (in_array($val['type'], array('double(24,8)', 'double(6,3)', 'integer', 'real', 'price')) && $val['label'] != 'TechnicalID' && empty($val['arrayofkeyval'])) { $cssforfield .= ($cssforfield ? ' ' : '').'right'; } if (!empty($arrayfields['t.'.$key]['checked'])) { @@ -513,7 +545,7 @@ $parameters = array('arrayfields'=>$arrayfields, 'param'=>$param, 'sortfield'=>$ $reshook = $hookmanager->executeHooks('printFieldListTitle', $parameters, $object); // Note that $action and $object may have been modified by hook print $hookmanager->resPrint; if (!empty($arrayfields['nbapplications']['checked'])) { - print ''; + print ''; } // Action column print getTitleFieldOfList($selectedfields, 0, $_SERVER["PHP_SELF"], '', '', '', '', $sortfield, $sortorder, 'center maxwidthsearch ')."\n"; @@ -561,7 +593,7 @@ while ($i < ($limit ? min($num, $limit) : $num)) { $cssforfield .= ($cssforfield ? ' ' : '').'nowrap'; } - if (in_array($val['type'], array('double(24,8)', 'double(6,3)', 'integer', 'real', 'price')) && $key != 'status') { + if (in_array($val['type'], array('double(24,8)', 'double(6,3)', 'integer', 'real', 'price')) && !in_array($key, array('rowid', 'status')) && empty($val['arrayofkeyval'])) { $cssforfield .= ($cssforfield ? ' ' : '').'right'; } //if (in_array($key, array('fk_soc', 'fk_user', 'fk_warehouse'))) $cssforfield = 'tdoverflowmax100'; @@ -570,6 +602,8 @@ while ($i < ($limit ? min($num, $limit) : $num)) { print ''; if ($key == 'status') { print $object->getLibStatut(5); + } elseif ($key == 'rowid') { + print $object->showOutputField($val, $key, $object->id, ''); } else { print $object->showOutputField($val, $key, $object->$key, ''); } @@ -602,7 +636,7 @@ while ($i < ($limit ? min($num, $limit) : $num)) { } // Action column print ''; } elseif ($key == "fk_soc") { print ''; From 505543e18e3d6ca331492c9d862fcdf7decb038a Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 26 Jul 2021 00:37:47 +0200 Subject: [PATCH 12/12] Fix #yogosha6704 --- htdocs/comm/action/list.php | 2 +- htdocs/core/class/html.formactions.class.php | 2 +- htdocs/core/lib/agenda.lib.php | 8 ++++---- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/htdocs/comm/action/list.php b/htdocs/comm/action/list.php index e95cc3366c5..9c587a934e2 100644 --- a/htdocs/comm/action/list.php +++ b/htdocs/comm/action/list.php @@ -47,7 +47,7 @@ $massaction = GETPOST('massaction', 'alpha'); $contextpage = GETPOST('contextpage', 'aZ') ?GETPOST('contextpage', 'aZ') : 'actioncommlist'; // To manage different context of search $resourceid = GETPOST("search_resourceid", "int") ?GETPOST("search_resourceid", "int") : GETPOST("resourceid", "int"); $pid = GETPOST("search_projectid", 'int', 3) ?GETPOST("search_projectid", 'int', 3) : GETPOST("projectid", 'int', 3); -$search_status = (GETPOST("search_status", 'alpha') != '') ?GETPOST("search_status", 'alpha') : GETPOST("status", 'alpha'); +$search_status = (GETPOST("search_status", 'aZ09') != '') ? GETPOST("search_status", 'aZ09') : GETPOST("status", 'aZ09'); $type = GETPOST('search_type', 'alphanohtml') ?GETPOST('search_type', 'alphanohtml') : GETPOST('type', 'alphanohtml'); $optioncss = GETPOST('optioncss', 'alpha'); $year = GETPOST("year", 'int'); diff --git a/htdocs/core/class/html.formactions.class.php b/htdocs/core/class/html.formactions.class.php index 992efb79bbf..09c94485d11 100644 --- a/htdocs/core/class/html.formactions.class.php +++ b/htdocs/core/class/html.formactions.class.php @@ -97,7 +97,7 @@ class FormActions function select_status() { var defaultvalue = $('#select' + htmlname).val(); var percentage = $('input[name=percentage]'); - var selected = '".(isset($selected) ? $selected : '')."'; + var selected = '".(isset($selected) ? dol_escape_js($selected) : '')."'; var value = (selected>0?selected:(defaultvalue>=0?defaultvalue:'')); percentage.val(value); diff --git a/htdocs/core/lib/agenda.lib.php b/htdocs/core/lib/agenda.lib.php index ae96f59d407..9796c49cf59 100644 --- a/htdocs/core/lib/agenda.lib.php +++ b/htdocs/core/lib/agenda.lib.php @@ -61,13 +61,13 @@ function print_actions_filter($form, $canedit, $status, $year, $month, $day, $sh // Filters //print '
'; print ''; - print ''; - print ''; - print ''; + print ''; + print ''; + print ''; if ($massaction != 'predelete' && $massaction != 'preaffecttag') { // When $massaction == 'predelete', action may be already output to 'delete' by the mass action system. print ''; } - print ''; + print ''; if ($canedit) { print '
';
'; if (!empty($val['arrayofkeyval']) && is_array($val['arrayofkeyval'])) { print $form->selectarray('search_'.$key, $val['arrayofkeyval'], (isset($search[$key]) ? $search[$key] : ''), $val['notnull'], 0, 0, '', 1, 0, 0, '', 'maxwidth100', 1); - } elseif (strpos($val['type'], 'integer:') === 0) { - print $object->showInputField($val, $key, (isset($search[$key]) ? $search[$key] : ''), '', '', 'search_', 'maxwidth150', 1); - } elseif (!preg_match('/^(date|timestamp)/', $val['type'])) { + } elseif ((strpos($val['type'], 'integer:') === 0) || (strpos($val['type'], 'sellist:') === 0)) { + print $object->showInputField($val, $key, (isset($search[$key]) ? $search[$key] : ''), '', '', 'search_', 'maxwidth125', 1); + } elseif (!preg_match('/^(date|timestamp|datetime)/', $val['type'])) { print ''; + } elseif (preg_match('/^(date|timestamp|datetime)/', $val['type'])) { + print '
'; + print $form->selectDate($search[$key.'_dtstart'] ? $search[$key.'_dtstart'] : '', "search_".$key."_dtstart", 0, 0, 1, '', 1, 0, 0, '', '', '', '', 1, '', $langs->trans('From')); + print '
'; + print '
'; + print $form->selectDate($search[$key.'_dtend'] ? $search[$key.'_dtend'] : '', "search_".$key."_dtend", 0, 0, 1, '', 1, 0, 0, '', '', '', '', 1, '', $langs->trans('to')); + print '
'; } print '
'.$langs->trans("Applications").''.$langs->trans("Applications").''; - if ($massactionbutton || $massaction) { // If we are in select mode (massactionbutton defined) or if we have already selected and sent an action ($massaction) defined + if ($massactionbutton || $massaction) { // If we are in select mode (massactionbutton defined) or if we have already selected and sent an action ($massaction) defined $selected = 0; if (in_array($object->id, $arrayofselected)) { $selected = 1; diff --git a/htdocs/ticket/list.php b/htdocs/ticket/list.php index 84ea65fef71..6a65efc8bac 100644 --- a/htdocs/ticket/list.php +++ b/htdocs/ticket/list.php @@ -798,7 +798,7 @@ foreach ($object->fields as $key => $val) { if (!empty($search[$key])) { $selectedarray = array_values($search[$key]); } - print Form::multiselectarray('search_fk_statut', $arrayofstatus, $selectedarray, 0, 0, 'minwidth100 maxwidth150', 1, 0, '', '', ''); + print Form::multiselectarray('search_fk_statut', $arrayofstatus, $selectedarray, 0, 0, 'minwidth100imp maxwidth150', 1, 0, '', '', ''); print '