diff --git a/ChangeLog b/ChangeLog index c297c5d8bce..c43fd92f676 100644 --- a/ChangeLog +++ b/ChangeLog @@ -2,6 +2,42 @@ English Dolibarr ChangeLog -------------------------------------------------------------- +***** ChangeLog for 5.0.4 compared to 5.0.3 ***** +FIX: #6880 +FIX: #6925 +FIX: #6926 +FIX: Can set supplier invoice to billed. +FIX: Can't create invoice if PO disapproved +FIX: contratligne update +FIX: CVE-2017-7886 +FIX: default param +FIX: Line of invoices not inserted when using POS module and VAT NPR. +FIX: origin & originid on supplierproposal +FIX: Redirect to payment page from member subscription page failed if a unique security key was defined. +FIX: REST api to get project when user has permission to read all. +FIX: situation_progress param default value must be 100 and not 0 +FIX: SQL injection on user/index.php parameter search_statut. +FIX: Warnings + +***** ChangeLog for 5.0.3 compared to 5.0.2 ***** +FIX: #6677 Expired contracts dashboard box does not show the name of the thirdparty +FIX: #6813 +FIX: 6863 +FIX: #6877 +FIX: #6881 +FIX: Better sanitizing of search all parameter. +FIX: Correction with author and validator user on orders +FIX: dialog window with md theme must not be hidden by left menu part. +FIX: doactions hook missing in invoice model page +FIX: Fullname when member is a moral entity with no name. +FIX: Link to files on bank account tab broken with multicompany FIX: Link to preview on thirdparty broken with multicompany +FIX: New vat code not correctly implemented if "1 price per customer". +FIX: Pagination of invoices +FIX: pagination on resources +FIX: REST API not possible to add agendaevents +FIX: situation invoice broken due to the all percent application form inside addline form +FIX: SQL injection on user/index.php parameter search_statut. +FIX: XSS ***** ChangeLog for 5.0.2 compared to 5.0.1 ***** FIX: #6468 + Fix missing translation @@ -215,7 +251,7 @@ Dolibarr better: - Method commande->set_availability(user, availability_id) removed from commande class, use method commande->availability(availability_id, notrigger). Dolibarr 5.0 was frozen before PHP 7.1 was released. Unit tests are successful on PHP 7.1 but we don't have enough -feedback to confirm all application is compatible. Current officiel supported PHP versions are PHP 5.3 to 7.0. +feedback to confirm whole application is compatible. Current officiel supported PHP versions are PHP 5.3 to 7.0. ***** ChangeLog for 4.0.6 to 4.0.5 ***** diff --git a/build/debian/source/lintian-overrides b/build/debian/source/lintian-overrides index b4c0956e90f..c878035b482 100644 --- a/build/debian/source/lintian-overrides +++ b/build/debian/source/lintian-overrides @@ -4,7 +4,12 @@ dolibarr: source-contains-prebuilt-javascript-object htdocs/includes/jsgantt/* dolibarr: source-contains-prebuilt-javascript-object htdocs/includes/jstz/* # Those are false positives, the files are their own sources since # they are not minified -source-is-missing htdocs/includes/jsgantt/jsgantt.js * -source-is-missing htdocs/includes/jquery/plugins/colorpicker/jquery.colorpicker.js * -source-is-missing htdocs/includes/jquery/plugins/select2/select2.js * -source-is-missing htdocs/includes/jquery/plugins/select2/select2_locale_ar.js * +source-is-missing htdocs/includes/ckeditor/ckeditor/plugins/a11yhelp/dialogs/lang/*.js +source-is-missing htdocs/includes/ckeditor/ckeditor/plugins/specialchar/dialogs/lang/*.js +source-is-missing htdocs/includes/ckeditor/ckeditor/lang/*.js +source-is-missing htdocs/includes/ckeditor/ckeditor/plugins/*/dialogs/*.js +source-is-missing htdocs/includes/ckeditor/ckeditor/plugins/*/filter/*.js +source-is-missing htdocs/includes/ckeditor/ckeditor/plugins/templates/templates/default.js +source-is-missing htdocs/includes/mobiledetect/mobiledetectlib/Mobile_Detect.json +source-is-missing htdocs/includes/restler/framework/Luracast/Restler/explorer/lib/*.js + diff --git a/build/makepack-dolibarr.pl b/build/makepack-dolibarr.pl index 9c8f8ea601e..fdd14fcf5a2 100755 --- a/build/makepack-dolibarr.pl +++ b/build/makepack-dolibarr.pl @@ -14,7 +14,7 @@ #---------------------------------------------------------------------------- use Cwd; - +use Term::ANSIColor; # Change this to defined target for option 98 and 99 $PROJECT="dolibarr"; @@ -313,20 +313,6 @@ foreach my $target (sort keys %CHOOSEDTARGET) { print "\n"; -# Build xml check file -#----------------------- -if ($CHOOSEDTARGET{'-CHKSUM'}) -{ - print 'Create xml check file with md5 checksum with command php '.$SOURCE.'/build/generate_filecheck_xml.php release='.$MAJOR.'.'.$MINOR.'.'.$BUILD."\n"; - $ret=`php $SOURCE/build/generate_filelist_xml.php release=$MAJOR.$MINOR.$BUILD`; - print $ret."\n"; - # Copy to final dir - $NEWDESTI=$DESTI; - print "Copy \"$SOURCE/htdocs/install/filelist-$MAJOR.$MINOR.$BUILD.xml\" to $NEWDESTI/signatures/filelist-$MAJOR.$MINOR.$BUILD.xml\n"; - use File::Copy qw(copy); - copy "$SOURCE/htdocs/install/filelist-$MAJOR.$MINOR.$BUILD.xml", "$NEWDESTI/signatures/filelist-$MAJOR.$MINOR.$BUILD.xml"; -} - #print join(',',sort keys %CHOOSEDTARGET)."\n"; @@ -335,7 +321,10 @@ if ($CHOOSEDTARGET{'-CHKSUM'}) $nboftargetok=0; $nboftargetneedbuildroot=0; $nbofpublishneedtag=0; +$nbofpublishneedchangelog=0; + foreach my $target (sort keys %CHOOSEDTARGET) { + if ($target eq '-CHKSUM') { $nbofpublishneedchangelog++; } if ($CHOOSEDTARGET{$target} < 0) { next; } if ($target ne 'EXE' && $target ne 'EXEDOLIWAMP' && $target ne '-CHKSUM') { @@ -345,34 +334,31 @@ foreach my $target (sort keys %CHOOSEDTARGET) { } foreach my $target (sort keys %CHOOSEDPUBLISH) { if ($CHOOSEDPUBLISH{$target} < 0) { next; } - if ($target eq 'ASSO') { $nbofpublishneedtag++; } - if ($target eq 'SF') { $nbofpublishneedtag++; } + if ($target eq 'ASSO') { $nbofpublishneedchangelog++; $nbofpublishneedtag++; } + if ($target eq 'SF') { $nbofpublishneedchangelog++; $nbofpublishneedtag++; } $nboftargetok++; } + if ($nboftargetok) { - # Update GIT tag if required - #--------------------------- - if ($nbofpublishneedtag) + # Check Changelog + #---------------- + if ($nbofpublishneedchangelog) { - print "Go to directory $SOURCE\n"; - $olddir=getcwd(); - chdir("$SOURCE"); - # Test that the ChangeLog is ok $TMPBUILDTOCHECKCHANGELOG=$BUILD; $TMPBUILDTOCHECKCHANGELOG =~ s/\-rc\d*//; $TMPBUILDTOCHECKCHANGELOG =~ s/\-beta\d*//; - print "Check if ChangeLog is ok for version $MAJOR.$MINOR\.$TMPBUILDTOCHECKCHANGELOG\n"; + print "\nCheck if ChangeLog is ok for version $MAJOR.$MINOR\.$TMPBUILDTOCHECKCHANGELOG\n"; $ret=`grep "ChangeLog for $MAJOR.$MINOR\.$TMPBUILDTOCHECKCHANGELOG" "$SOURCE/ChangeLog" 2>&1`; if (! $ret) { - print "Error: The ChangeLogFile was not updated. Run the following command before building package for $MAJOR.$MINOR.$BUILD:\n"; + print color("yellow"), "Error: The ChangeLogFile was not updated. Run the following command before building package for $MAJOR.$MINOR.$BUILD:\n", color('reset'); } else { - print "ChangeLog for $MAJOR.$MINOR\.$BUILD was found into '$SOURCE/ChangeLog. But you can regenerate it with commande:'\n"; + print "ChangeLog for $MAJOR.$MINOR\.$BUILD was found into '$SOURCE/ChangeLog. But you can regenerate it with command:'\n"; } if (! $BUILD || $BUILD eq '0-rc') # For a major version { @@ -385,9 +371,39 @@ if ($nboftargetok) { print "\n"; if (! $ret) { - exit; + print "\nPress F to force and continue anyway (or other key to stop)... "; + my $WAITKEY=; + chomp($WAITKEY); + if ($WAITKEY ne 'F') + { + print "Canceled.\n"; + exit; + } } - + } + + # Build xml check file + #----------------------- + if ($CHOOSEDTARGET{'-CHKSUM'}) + { + print 'Create xml check file with md5 checksum with command php '.$SOURCE.'/build/generate_filecheck_xml.php release='.$MAJOR.'.'.$MINOR.'.'.$BUILD."\n"; + $ret=`php $SOURCE/build/generate_filelist_xml.php release=$MAJOR.$MINOR.$BUILD`; + print $ret."\n"; + # Copy to final dir + $NEWDESTI=$DESTI; + print "Copy \"$SOURCE/htdocs/install/filelist-$MAJOR.$MINOR.$BUILD.xml\" to $NEWDESTI/signatures/filelist-$MAJOR.$MINOR.$BUILD.xml\n"; + use File::Copy qw(copy); + copy "$SOURCE/htdocs/install/filelist-$MAJOR.$MINOR.$BUILD.xml", "$NEWDESTI/signatures/filelist-$MAJOR.$MINOR.$BUILD.xml"; + } + + # Update GIT tag if required + #--------------------------- + if ($nbofpublishneedtag) + { + print "Go to directory $SOURCE\n"; + $olddir=getcwd(); + chdir("$SOURCE"); + print 'Run git tag -a -m "'.$MAJOR.'.'.$MINOR.'.'.$BUILD.'" "'.$MAJOR.'.'.$MINOR.'.'.$BUILD.'"'."\n"; $ret=`git tag -a -m "$MAJOR.$MINOR.$BUILD" "$MAJOR.$MINOR.$BUILD" 2>&1`; if ($ret =~ /(already exists|existe déjà)/) diff --git a/dev/skeletons/build_class_from_table.php b/dev/skeletons/build_class_from_table.php index 537975365ef..532da3131a6 100755 --- a/dev/skeletons/build_class_from_table.php +++ b/dev/skeletons/build_class_from_table.php @@ -1,6 +1,7 @@ #!/usr/bin/env php + * Copyright (C) 2017 Nicolas ZABOURI * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -649,7 +650,7 @@ foreach ($skeletonfiles as $skeletonfile => $outfile) { if ($prop['field'] != 'rowid' && $prop['field'] != 'id' && ! $prop['istime']) { - $varprop.="print ''.\$langs->trans(\"Field".$prop['field']."\").'\$object->".$prop['field']."';\n"; + $varprop.="print ''.\$langs->trans(\"Field".$prop['field']."\").''.\$object->".$prop['field'].".'';\n"; } } $targetcontent=preg_replace('/LIST_OF_TD_LABEL_FIELDS_VIEW/', $varprop, $targetcontent); diff --git a/dev/skeletons/skeleton_card.php b/dev/skeletons/skeleton_card.php index f0a9dd23c26..8c487dee776 100644 --- a/dev/skeletons/skeleton_card.php +++ b/dev/skeletons/skeleton_card.php @@ -297,9 +297,7 @@ if ($object->id > 0 && (empty($action) || ($action != 'edit' && $action != 'crea { $res = $object->fetch_optionals($object->id, $extralabels); - $head = commande_prepare_head($object); - dol_fiche_head($head, 'order', $langs->trans("CustomerOrder"), 0, 'order'); - + print load_fiche_titre($langs->trans("MyModule")); dol_fiche_head(); diff --git a/dev/skeletons/skeleton_list.php b/dev/skeletons/skeleton_list.php index 4453f2d8302..7053486234f 100644 --- a/dev/skeletons/skeleton_list.php +++ b/dev/skeletons/skeleton_list.php @@ -2,6 +2,7 @@ /* Copyright (C) 2007-2016 Laurent Destailleur * Copyright (C) 2014-2016 Juanjo Menent * Copyright (C) 2016 Jean-François Ferry + * Copyright (C) 2017 Nicolas ZABOURI * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -440,17 +441,14 @@ while ($i < min($num, $limit)) // Show here line of result print ''; // LIST_OF_TD_FIELDS_LIST - /* - if (! empty($arrayfields['t.field1']['checked'])) - { - print ''.$obj->field1.''; - if (! $i) $totalarray['nbfield']++; + foreach ($arrayfields as $key => $value) { + if (!empty($arrayfields[$key]['checked'])) { + $key2 = str_replace('t.', '', $key); + print '' . $obj->$key2 . ''; + if (!$i) + $totalarray['nbfield'] ++; + } } - if (! empty($arrayfields['t.field2']['checked'])) - { - print ''.$obj->field2.''; - if (! $i) $totalarray['nbfield']++; - }*/ // Extra fields if (is_array($extrafields->attribute_label) && count($extrafields->attribute_label)) { diff --git a/htdocs/admin/perms.php b/htdocs/admin/perms.php index 4302222630c..10d72f88bf0 100644 --- a/htdocs/admin/perms.php +++ b/htdocs/admin/perms.php @@ -189,7 +189,7 @@ if ($result) $var=!$var; print ''; - print ''.img_object('',$picto).' '.$objMod->getName(); + print ''.img_object('',$picto,'class="pictoobjectwidth"').' '.$objMod->getName(); print ' '; $perm_libelle=($conf->global->MAIN_USE_ADVANCED_PERMS && ($langs->trans("PermissionAdvanced".$obj->id)!=("PermissionAdvanced".$obj->id))?$langs->trans("PermissionAdvanced".$obj->id):(($langs->trans("Permission".$obj->id)!=("Permission".$obj->id))?$langs->trans("Permission".$obj->id):$obj->libelle)); diff --git a/htdocs/admin/tools/index.php b/htdocs/admin/tools/index.php index 8da041d05da..b8dfad44e8f 100644 --- a/htdocs/admin/tools/index.php +++ b/htdocs/admin/tools/index.php @@ -38,7 +38,7 @@ if (! $user->admin) $form = new Form($db); $title=$langs->trans("SystemToolsArea"); -if (GETPOST('leftmenu') == 'admintools') $title=$langs->trans("ModulesSystemTools"); +if (GETPOST('leftmenu',"aZ09") == 'admintools') $title=$langs->trans("ModulesSystemTools"); llxHeader('', $title); diff --git a/htdocs/barcode/printsheet.php b/htdocs/barcode/printsheet.php index a60ac19d0af..daf366d0739 100644 --- a/htdocs/barcode/printsheet.php +++ b/htdocs/barcode/printsheet.php @@ -1,7 +1,7 @@ * Copyright (C) 2003 Jean-Louis Bergamo - * Copyright (C) 2006-2016 Laurent Destailleur + * Copyright (C) 2006-2017 Laurent Destailleur * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -145,7 +145,7 @@ if ($action == 'builddoc') // Load barcode class for generating barcode image $classname = "mod".ucfirst($generator); $module = new $classname($db); - if ($generator != 'tcpdfbarcode') + if ($generator != 'tcpdfbarcode') { // May be phpbarcode $template = 'standardlabel'; @@ -374,19 +374,25 @@ jQuery(document).ready(function() { print ' '.$langs->trans("FillBarCodeTypeAndValueManually").'   '; print '
'; -print ' '.$langs->trans("FillBarCodeTypeAndValueFromProduct").'   '; -print '
'; -print '
'; -$form->select_produits(GETPOST('productid'), 'productid', ''); -print '   '; -print '
'; +if (! empty($user->rights->produit->lire) || ! empty($user->rights->service->lire)) +{ + print ' '.$langs->trans("FillBarCodeTypeAndValueFromProduct").'   '; + print '
'; + print '
'; + $form->select_produits(GETPOST('productid'), 'productid', ''); + print '   '; + print '
'; +} -print ' '.$langs->trans("FillBarCodeTypeAndValueFromThirdParty").'   '; -print '
'; -print '
'; -print $form->select_company(GETPOST('socid'), 'socid', '', 'SelectThirdParty', 0, 0, array(), 0, 'minwidth300'); -print '   '; -print '
'; +if (! empty($user->rights->societe->lire)) +{ + print ' '.$langs->trans("FillBarCodeTypeAndValueFromThirdParty").'   '; + print '
'; + print '
'; + print $form->select_company(GETPOST('socid'), 'socid', '', 'SelectThirdParty', 0, 0, array(), 0, 'minwidth300'); + print '   '; + print '
'; +} print '
'; diff --git a/htdocs/bookmarks/bookmarks.lib.php b/htdocs/bookmarks/bookmarks.lib.php index 3cee534e797..e6d3125abed 100644 --- a/htdocs/bookmarks/bookmarks.lib.php +++ b/htdocs/bookmarks/bookmarks.lib.php @@ -40,7 +40,7 @@ function printBookmarksList($aDb, $aLangs) $langs->load("bookmarks"); - $url= $_SERVER["PHP_SELF"].(! empty($_SERVER["QUERY_STRING"])?'?'.$_SERVER["QUERY_STRING"]:''); + $url= $_SERVER["PHP_SELF"].(dol_escape_htmltag($_SERVER["QUERY_STRING"])?'?'.dol_escape_htmltag($_SERVER["QUERY_STRING"]):''); $ret = ''; // Menu bookmark diff --git a/htdocs/cashdesk/affContenu.php b/htdocs/cashdesk/affContenu.php index 280f2b81908..bd778f3422e 100644 --- a/htdocs/cashdesk/affContenu.php +++ b/htdocs/cashdesk/affContenu.php @@ -34,8 +34,8 @@ if ( $_GET['id'] == 'NOUV' ) // Recuperation, s'il existe, de l'objet contenant les infos de la vente en cours ... if (isset($_SESSION['serObjFacturation'])) { - $obj_facturation = unserialize($_SESSION['serObjFacturation']); - unset($_SESSION['serObjFacturation']); + $obj_facturation = unserialize($_SESSION['serObjFacturation']); + unset($_SESSION['serObjFacturation']); } else { @@ -43,7 +43,7 @@ else $obj_facturation = new Facturation(); } - +// $obj_facturation contains data for all invoice total + selection of current product $obj_facturation->calculTotaux(); // Redefine prix_total_ttc, prix_total_ht et montant_tva from $_SESSION['poscart'] diff --git a/htdocs/cashdesk/class/Facturation.class.php b/htdocs/cashdesk/class/Facturation.class.php index 240b32e34db..4b0ad0bf101 100644 --- a/htdocs/cashdesk/class/Facturation.class.php +++ b/htdocs/cashdesk/class/Facturation.class.php @@ -99,17 +99,25 @@ class Facturation $product = new Product($db); $product->fetch($this->id); - + $vatrowid = $this->tva(); - + $tmp = getTaxesFromId($vatrowid); - $vat_rate = $tmp['rate']; + $txtva = $tmp['rate'].(empty($tmp['code'])?'':' ('.$tmp['code'].')'); $vat_npr = $tmp['npr']; - + $localtaxarray = getLocalTaxesFromRate($vatrowid, 0, $societe, $mysoc, 1); - + + // Clean vat code + $vat_src_code=''; + if (preg_match('/\((.*)\)/', $txtva, $reg)) + { + $vat_src_code = $reg[1]; + $txtva = preg_replace('/\s*\(.*\)/', '', $txtva); // Remove code into vatrate. + } + // Define part of HT, VAT, TTC - $resultarray=calcul_price_total($this->qte, $this->prix(), $this->remisePercent(), $vat_rate, -1, -1, 0, 'HT', $use_npr, $product->type, $mysoc, $localtaxarray); + $resultarray=calcul_price_total($this->qte, $this->prix(), $this->remisePercent(), $txtva, -1, -1, 0, 'HT', $use_npr, $product->type, $mysoc, $localtaxarray); // Calcul du total ht sans remise $total_ht = $resultarray[0]; @@ -136,7 +144,7 @@ class Facturation $newcartarray[$i]['label']=$product->label; $newcartarray[$i]['price']=$product->price; $newcartarray[$i]['price_ttc']=$product->price_ttc; - + if (! empty($conf->global->PRODUIT_MULTIPRICES)) { if (isset($product->multiprices[$societe->price_level])) @@ -148,7 +156,7 @@ class Facturation $newcartarray[$i]['fk_article']=$this->id; $newcartarray[$i]['qte']=$this->qte(); - $newcartarray[$i]['fk_tva']=$this->tva(); + $newcartarray[$i]['fk_tva']=$this->tva(); // Vat rowid $newcartarray[$i]['remise_percent']=$remise_percent; $newcartarray[$i]['remise']=price2num($montant_remise_ht); $newcartarray[$i]['total_ht']=price2num($total_ht,'MT'); @@ -220,7 +228,7 @@ class Facturation $this->prix_total_vat = $total_vat; $this->prix_total_localtax1 = $total_localtax1; $this->prix_total_localtax2 = $total_localtax2; - + $this->montant_tva = $total_ttc - $total_ht; //print $this->prix_total_ttc.'eeee'; exit; } diff --git a/htdocs/cashdesk/facturation.php b/htdocs/cashdesk/facturation.php index dd722805eb6..f4542ec91f8 100644 --- a/htdocs/cashdesk/facturation.php +++ b/htdocs/cashdesk/facturation.php @@ -35,7 +35,7 @@ $form=new Form($db); // Get list of articles (in warehouse '$conf_fkentrepot' if defined and stock module enabled) -if ( GETPOST('filtre') ) { +if ( GETPOST('filtre','alpha') ) { // Avec filtre $ret=array(); $i=0; @@ -47,22 +47,23 @@ if ( GETPOST('filtre') ) { $sql.= " WHERE p.entity IN (".getEntity('product', 1).")"; $sql.= " AND p.tosell = 1"; if(!$conf->global->CASHDESK_SERVICES) $sql.= " AND p.fk_product_type = 0"; - $sql.= " AND (p.ref LIKE '%".$db->escape(GETPOST('filtre'))."%' OR p.label LIKE '%".$db->escape(GETPOST('filtre'))."%'"; - if (! empty($conf->barcode->enabled)) { - - $filtre = GETPOST('filtre'); + $sql.= " AND ("; + $sql.= "p.ref LIKE '%".$db->escape(GETPOST('filtre'))."%' OR p.label LIKE '%".$db->escape(GETPOST('filtre'))."%'"; + if (! empty($conf->barcode->enabled)) + { + $filtre = GETPOST('filtre','alpha'); //If the barcode looks like an EAN13 format and the last digit is included in it, //then whe look for the 12-digit too //As the twelve-digit string will also hit the 13-digit code, we only look for this one if (strlen($filtre) == 13) { $crit_12digit = substr($filtre, 0, 12); - $sql .= " OR p.barcode LIKE '%".$db->escape($crit_12digit)."%')"; + $sql .= " OR p.barcode LIKE '%".$db->escape($crit_12digit)."%'"; } else { - $sql.= " OR p.barcode LIKE '%".$db->escape($filtre)."%')"; + $sql.= " OR p.barcode LIKE '%".$db->escape($filtre)."%'"; } } - else $sql.= ")"; + $sql.= ")"; $sql.= " ORDER BY label"; dol_syslog("facturation.php", LOG_DEBUG); @@ -154,34 +155,6 @@ global $mysoc; $ret=array(); $i=0; -$sql = "SELECT t.rowid, t.taux"; -$sql.= " FROM ".MAIN_DB_PREFIX."c_tva as t"; -$sql.= ", ".MAIN_DB_PREFIX."c_country as c"; -$sql.= " WHERE t.fk_pays = c.rowid"; -$sql.= " AND t.active = 1"; -$sql.= " AND c.code = '".$mysoc->country_code."'"; -//print $sql; - -$resql = $db->query($sql); -if ($resql) -{ - while ( $tab = $db->fetch_array($resql) ) - { - foreach ( $tab as $cle => $valeur ) - { - $ret[$i][$cle] = $valeur; - } - $i++; - } - $db->free($resql); -} -else -{ - dol_print_error($db); -} -$tab_tva = $ret; - - // Reinitialisation du mode de paiement, en cas de retour aux achats apres validation $obj_facturation->getSetPaymentMode('RESET'); $obj_facturation->montantEncaisse('RESET'); diff --git a/htdocs/cashdesk/facturation_verif.php b/htdocs/cashdesk/facturation_verif.php index 95a129e88a5..ec21de2225d 100644 --- a/htdocs/cashdesk/facturation_verif.php +++ b/htdocs/cashdesk/facturation_verif.php @@ -32,12 +32,12 @@ $obj_facturation = unserialize($_SESSION['serObjFacturation']); unset ($_SESSION['serObjFacturation']); -switch ( $_GET['action'] ) +switch (GETPOST('action','alpha')) { default: if ( $_POST['hdnSource'] != 'NULL' ) { - $sql = "SELECT p.rowid, p.ref, p.price, p.tva_tx, p.recuperableonly"; + $sql = "SELECT p.rowid, p.ref, p.price, p.tva_tx, p.default_vat_code, p.recuperableonly"; if (! empty($conf->stock->enabled) && !empty($conf_fkentrepot)) $sql.= ", ps.reel"; $sql.= " FROM ".MAIN_DB_PREFIX."product as p"; if (! empty($conf->stock->enabled) && !empty($conf_fkentrepot)) $sql.= " LEFT JOIN ".MAIN_DB_PREFIX."product_stock as ps ON p.rowid = ps.fk_product AND ps.fk_entrepot = ".$conf_fkentrepot; @@ -54,7 +54,6 @@ switch ( $_GET['action'] ) } $result = $db->query($sql); - if ($result) { // ... et enregistrement dans l'objet @@ -67,62 +66,90 @@ switch ( $_GET['action'] ) $ret[$key] = $value; } // Here $ret['tva_tx'] is vat rate of product but we want to not use the one into table but found by function - + $productid = $ret['rowid']; $product = new Product($db); $product->fetch($productid); + $prod = $product; $thirdpartyid = $_SESSION['CASHDESK_ID_THIRDPARTY']; $societe = new Societe($db); $societe->fetch($thirdpartyid); - $tva_tx = get_default_tva($mysoc,$societe,$productid); - $tva_npr = get_default_npr($mysoc,$societe,$productid); + // Update if prices fields are defined + $tva_tx = get_default_tva($mysoc, $societe, $product->id); + $tva_npr = get_default_npr($mysoc, $societe, $product->id); if (empty($tva_tx)) $tva_npr=0; - dol_syslog('tva_tx='.$tva_tx.'-tva_npr='.$tva_npr); - + + $pu_ht = $prod->price; + $pu_ttc = $prod->price_ttc; + $price_min = $prod->price_min; + $price_base_type = $prod->price_base_type; + + // multiprix if (! empty($conf->global->PRODUIT_MULTIPRICES) && ! empty($societe->price_level)) { - if(isset($product->multiprices[$societe->price_level])) - { - $ret['price'] = $product->multiprices[$societe->price_level]; - $ret['price_ttc'] = $product->multiprices_ttc[$societe->price_level]; - // $product->multiprices_min[$societe->price_level]; - // $product->multiprices_min_ttc[$societe->price_level]; - // $product->multiprices_base_type[$societe->price_level]; - if (! empty($conf->global->PRODUIT_MULTIPRICES_USE_VAT_PER_LEVEL)) // using this option is a bug. kept for backward compatibility - { - if (isset($prod->multiprices_tva_tx[$societe->price_level])) $tva_tx=$prod->multiprices_tva_tx[$societe->price_level]; - if (isset($prod->multiprices_recuperableonly[$societe->price_level])) $tva_npr=$prod->multiprices_recuperableonly[$societe->price_level]; - if (empty($tva_tx)) $tva_npr=0; - } - } + $pu_ht = $prod->multiprices[$societe->price_level]; + $pu_ttc = $prod->multiprices_ttc[$societe->price_level]; + $price_min = $prod->multiprices_min[$societe->price_level]; + $price_base_type = $prod->multiprices_base_type[$societe->price_level]; + if (! empty($conf->global->PRODUIT_MULTIPRICES_USE_VAT_PER_LEVEL)) // using this option is a bug. kept for backward compatibility + { + if (isset($prod->multiprices_tva_tx[$societe->price_level])) $tva_tx=$prod->multiprices_tva_tx[$societe->price_level]; + if (isset($prod->multiprices_recuperableonly[$societe->price_level])) $tva_npr=$prod->multiprices_recuperableonly[$societe->price_level]; + } + } + elseif (! empty($conf->global->PRODUIT_CUSTOMER_PRICES)) + { + require_once DOL_DOCUMENT_ROOT . '/product/class/productcustomerprice.class.php'; + + $prodcustprice = new Productcustomerprice($db); + + $filter = array('t.fk_product' => $prod->id,'t.fk_soc' => $societe->id); + + $result = $prodcustprice->fetch_all('', '', 0, 0, $filter); + if ($result >= 0) + { + if (count($prodcustprice->lines) > 0) + { + $pu_ht = price($prodcustprice->lines [0]->price); + $pu_ttc = price($prodcustprice->lines [0]->price_ttc); + $price_base_type = $prodcustprice->lines [0]->price_base_type; + $tva_tx = $prodcustprice->lines [0]->tva_tx; + } + } + else + { + setEventMessages($prodcustprice->error, $prodcustprice->errors, 'errors'); + } + } + + $tmpvat = price2num(preg_replace('/\s*\(.*\)/', '', $tva_tx)); + $tmpprodvat = price2num(preg_replace('/\s*\(.*\)/', '', $prod->tva_tx)); + + // if price ht is forced (ie: calculated by margin rate and cost price). TODO Why this ? + if (! empty($price_ht)) { + $pu_ht = price2num($price_ht, 'MU'); + $pu_ttc = price2num($pu_ht * (1 + ($tmpvat / 100)), 'MU'); + } + // On reevalue prix selon taux tva car taux tva transaction peut etre different + // de ceux du produit par defaut (par exemple si pays different entre vendeur et acheteur). + elseif ($tmpvat != $tmpprodvat) { + if ($price_base_type != 'HT') { + $pu_ht = price2num($pu_ttc / (1 + ($tmpvat / 100)), 'MU'); + } else { + $pu_ttc = price2num($pu_ht * (1 + ($tmpvat / 100)), 'MU'); + } } - $ret['tva_tx'] = $tva_tx; - $ret['tva_npr'] = $tva_npr; - //var_dump('tva_tx='.$ret['tva_tx'].'-tva_npr='.$ret['tva_npr'].'-'.$conf->global->PRODUIT_MULTIPRICES_USE_VAT_PER_LEVEL);exit; - $obj_facturation->id($ret['rowid']); $obj_facturation->ref($ret['ref']); $obj_facturation->stock($ret['reel']); $obj_facturation->prix($ret['price']); - - // Use $ret['tva_tx'] / ret['tva_npr'] to find vat id - $vatrowid = null; - $sqlfindvatid = 'SELECT rowid FROM '.MAIN_DB_PREFIX.'c_tva'; - $sqlfindvatid.= ' WHERE taux = '.$ret['tva_tx'].' AND recuperableonly = '.(int) $ret['tva_npr']; - $sqlfindvatid.= ' AND fk_pays = '.$mysoc->country_id; - $resqlfindvatid=$db->query($sqlfindvatid); - if ($resqlfindvatid) - { - $obj = $db->fetch_object($resqlfindvatid); - if ($obj) $vatrowid = $obj->rowid; - } - else dol_print_error($db); - - dol_syslog("save vatrowid=".$vatrowid); - $obj_facturation->tva($vatrowid); // Save vat it for next use + + + $vatrate = $tva_tx; + $obj_facturation->vatrate = $vatrate; // Save vat rate (full text vat with code) // Definition du filtre pour n'afficher que le produit concerne if ( $_POST['hdnSource'] == 'LISTE' ) @@ -168,11 +195,11 @@ switch ( $_GET['action'] ) { dol_syslog("facturation_verif save vat ".$_POST['selTva']); $obj_facturation->qte($_POST['txtQte']); - $obj_facturation->tva($_POST['selTva']); // Save VAT selected so we can use it for next product + $obj_facturation->tva($_POST['selTva']); // id of vat. Saved so we can use it for next product $obj_facturation->remisePercent($_POST['txtRemise']); $obj_facturation->ajoutArticle(); // This add an entry into $_SESSION['poscart'] // We update prixTotalTtc - + } $redirection = DOL_URL_ROOT.'/cashdesk/affIndex.php?menutpl=facturation'; diff --git a/htdocs/cashdesk/tpl/facturation1.tpl.php b/htdocs/cashdesk/tpl/facturation1.tpl.php index 8f74cf98626..fce4df22c7a 100644 --- a/htdocs/cashdesk/tpl/facturation1.tpl.php +++ b/htdocs/cashdesk/tpl/facturation1.tpl.php @@ -125,12 +125,12 @@ $langs->load("cashdesk"); - tva(); // Try to get a previously entered VAT rowid. First time, this will return empty. + vatrate; // To get vat rate we just have selected + $buyer = new Societe($db); if ($_SESSION["CASHDESK_ID_THIRDPARTY"] > 0) $buyer->fetch($_SESSION["CASHDESK_ID_THIRDPARTY"]); - - echo $form->load_tva('selTva', (isset($_POST["selTva"])?GETPOST("selTva",'alpha',2):-1), $mysoc, $buyer, 0, 0, '', false, -1); + echo $form->load_tva('selTva', (isset($_POST["selTva"])?GETPOST("selTva",'alpha',2):$vatrate), $mysoc, $buyer, 0, 0, '', false, -1); ?> diff --git a/htdocs/cashdesk/validation_verif.php b/htdocs/cashdesk/validation_verif.php index afe73820568..48d2d9bd0c7 100644 --- a/htdocs/cashdesk/validation_verif.php +++ b/htdocs/cashdesk/validation_verif.php @@ -165,6 +165,7 @@ switch ($action) $tmp = getTaxesFromId($tab_liste[$i]['fk_tva']); $vat_rate = $tmp['rate']; $vat_npr = $tmp['npr']; + $vat_src_code = $tmp['code']; $invoiceline=new FactureLigne($db); $invoiceline->fk_product=$tab_liste[$i]['fk_article']; @@ -173,15 +174,17 @@ switch ($action) $invoiceline->remise_percent=$tab_liste[$i]['remise_percent']; $invoiceline->price=$tab_liste[$i]['price']; $invoiceline->subprice=$tab_liste[$i]['price']; - + $invoiceline->tva_tx=empty($vat_rate)?0:$vat_rate; // works even if vat_rate is '' $invoiceline->info_bits=empty($vat_npr)?0:$vat_npr; - + $invoiceline->vat_src_code=$vat_src_code; + $invoiceline->total_ht=$tab_liste[$i]['total_ht']; $invoiceline->total_ttc=$tab_liste[$i]['total_ttc']; $invoiceline->total_tva=$tab_liste[$i]['total_vat']; $invoiceline->total_localtax1=$tab_liste[$i]['total_localtax1']; $invoiceline->total_localtax2=$tab_liste[$i]['total_localtax2']; + $invoice->lines[]=$invoiceline; } @@ -205,7 +208,7 @@ switch ($action) { $warehouseidtodecrease=(isset($_SESSION["CASHDESK_ID_WAREHOUSE"])?$_SESSION["CASHDESK_ID_WAREHOUSE"]:0); if (! empty($conf->global->CASHDESK_NO_DECREASE_STOCK)) $warehouseidtodecrease=0; // If a particular stock is defined, we disable choice - + $resultvalid=$invoice->validate($user, $obj_facturation->numInvoice(), 0); if ($warehouseidtodecrease > 0) @@ -245,7 +248,7 @@ switch ($action) { $warehouseidtodecrease=(isset($_SESSION["CASHDESK_ID_WAREHOUSE"])?$_SESSION["CASHDESK_ID_WAREHOUSE"]:0); if (! empty($conf->global->CASHDESK_NO_DECREASE_STOCK)) $warehouseidtodecrease=0; // If a particular stock is defined, we disable choice - + $resultvalid=$invoice->validate($user, $obj_facturation->numInvoice(), 0); if ($warehouseidtodecrease > 0) diff --git a/htdocs/comm/action/card.php b/htdocs/comm/action/card.php index 90596b54197..dcd958f660e 100644 --- a/htdocs/comm/action/card.php +++ b/htdocs/comm/action/card.php @@ -1196,7 +1196,7 @@ if ($id > 0) $out.=img_picto($langs->trans("ViewCal"),'object_calendar','class="hideonsmartphone pictoactionview"'); $out.=''.$langs->trans("ViewCal").''; $out.=img_picto($langs->trans("ViewWeek"),'object_calendarweek','class="hideonsmartphone pictoactionview"'); - $out.=''.$langs->trans("ViewWeek").''; + $out.=''.$langs->trans("ViewWeek").''; $out.=img_picto($langs->trans("ViewDay"),'object_calendarday','class="hideonsmartphone pictoactionview"'); $out.=''.$langs->trans("ViewDay").''; $linkback.=$out; diff --git a/htdocs/comm/propal/class/propal.class.php b/htdocs/comm/propal/class/propal.class.php index fc2cb3c94f0..d18b49b5294 100644 --- a/htdocs/comm/propal/class/propal.class.php +++ b/htdocs/comm/propal/class/propal.class.php @@ -1868,7 +1868,7 @@ class Propal extends CommonObject { $this->oldcopy= clone $this; $this->fk_availability = $id; - $this->availability_id = $availability_id; + $this->availability_id = $id; } if (! $notrigger && empty($error)) diff --git a/htdocs/comm/propal/document.php b/htdocs/comm/propal/document.php index 9b875e434f7..aef0ade7c84 100644 --- a/htdocs/comm/propal/document.php +++ b/htdocs/comm/propal/document.php @@ -1,6 +1,6 @@ - * Copyright (C) 2004-2009 Laurent Destailleur + * Copyright (C) 2004-2017 Laurent Destailleur * Copyright (C) 2005 Marc Barilley / Ocebo * Copyright (C) 2005-2012 Regis Houssin * Copyright (C) 2013 Cédric Salvador @@ -63,17 +63,18 @@ if (! $sortfield) $sortfield="name"; $object = new Propal($db); $object->fetch($id,$ref); -if ($object->id > 0) -{ - $object->fetch_thirdparty(); - $upload_dir = $conf->propal->dir_output.'/'.dol_sanitizeFileName($object->ref); - include_once DOL_DOCUMENT_ROOT . '/core/actions_linkedfiles.inc.php'; -} + /* * Actions */ +if ($object->id > 0) +{ + $object->fetch_thirdparty(); + $upload_dir = $conf->propal->dir_output.'/'.dol_sanitizeFileName($object->ref); + include_once DOL_DOCUMENT_ROOT . '/core/actions_linkedfiles.inc.php'; +} /* @@ -101,10 +102,10 @@ if ($object->id > 0) // Proposal card - + $linkback = '' . $langs->trans("BackToList") . ''; - - + + $morehtmlref='
'; // Ref customer $morehtmlref.=$form->editfieldkey("RefCustomer", 'ref_client', $object->ref_client, $object, 0, 'string', '', 0, 1); @@ -145,24 +146,24 @@ if ($object->id > 0) } } $morehtmlref.='
'; - + dol_banner_tab($object, 'ref', $linkback, 1, 'ref', 'ref', $morehtmlref); - - + + print '
'; print '
'; - + print ''; - + // Files infos print ''; print ''; - + print "
'.$langs->trans("NbOfAttachedFiles").''.count($filearray).'
'.$langs->trans("TotalSizeOfAttachedFiles").''.$totalsize.' '.$langs->trans("bytes").'
\n"; - + print '
'; - - + + dol_fiche_end(); $modulepart = 'propal'; diff --git a/htdocs/comm/propal/list.php b/htdocs/comm/propal/list.php index efb72afb7b7..93c93850652 100644 --- a/htdocs/comm/propal/list.php +++ b/htdocs/comm/propal/list.php @@ -161,7 +161,7 @@ if (is_array($extrafields->attribute_label) && count($extrafields->attribute_lab } } -$object = new Propal($db); // To be passed as parameter of executeHooks that need +$object = new Propal($db); // To be passed as parameter of executeHooks that need /* @@ -273,25 +273,25 @@ if (! $user->rights->societe->client->voir && ! $socid) //restriction $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; } if ($search_town) $sql.= natural_search('s.town', $search_town); -if ($search_zip) $sql.= natural_search("s.zip",$search_zip); -if ($search_state) $sql.= natural_search("state.nom",$search_state); -if ($search_country) $sql .= " AND s.fk_pays IN (".$search_country.')'; -if ($search_type_thirdparty) $sql .= " AND s.fk_typent IN (".$search_type_thirdparty.')'; -if ($search_ref) $sql .= natural_search('p.ref', $search_ref); +if ($search_zip) $sql.= natural_search("s.zip", $search_zip); +if ($search_state) $sql.= natural_search("state.nom", $search_state); +if ($search_country) $sql .= " AND s.fk_pays IN (".$db->escape($search_country).')'; +if ($search_type_thirdparty) $sql .= " AND s.fk_typent IN (".$db->escape($search_type_thirdparty).')'; +if ($search_ref) $sql .= natural_search('p.ref', $search_ref); if ($search_refcustomer) $sql .= natural_search('p.ref_client', $search_refcustomer); -if ($search_societe) $sql .= natural_search('s.nom', $search_societe); -if ($search_login) $sql.= " AND u.login LIKE '%".$db->escape(trim($search_login))."%'"; +if ($search_societe) $sql .= natural_search('s.nom', $search_societe); +if ($search_login) $sql .= natural_search("u.login", $search_login); if ($search_montant_ht != '') $sql.= natural_search("p.total_ht", $search_montant_ht, 1); if ($search_montant_vat != '') $sql.= natural_search("p.tva", $search_montant_vat, 1); if ($search_montant_ttc != '') $sql.= natural_search("p.total", $search_montant_ttc, 1); if ($sall) { $sql .= natural_search(array_keys($fieldstosearchall), $sall); } -if ($search_product_category > 0) $sql.=" AND cp.fk_categorie = ".$search_product_category; +if ($search_product_category > 0) $sql.=" AND cp.fk_categorie = ".$db->escape($search_product_category); if ($socid > 0) $sql.= ' AND s.rowid = '.$socid; if ($viewstatut != '' && $viewstatut != '-1') { - $sql.= ' AND p.fk_statut IN ('.$viewstatut.')'; + $sql.= ' AND p.fk_statut IN ('.$db->escape($viewstatut).')'; } if ($month > 0) { @@ -300,16 +300,16 @@ if ($month > 0) else if ($year > 0 && ! empty($day)) $sql.= " AND p.datep BETWEEN '".$db->idate(dol_mktime(0, 0, 0, $month, $day, $year))."' AND '".$db->idate(dol_mktime(23, 59, 59, $month, $day, $year))."'"; else - $sql.= " AND date_format(p.datep, '%m') = '".$month."'"; + $sql.= " AND date_format(p.datep, '%m') = '".$db->escape($month)."'"; } else if ($year > 0) { $sql.= " AND p.datep BETWEEN '".$db->idate(dol_get_first_day($year,1,false))."' AND '".$db->idate(dol_get_last_day($year,12,false))."'"; } -if ($search_sale > 0) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$search_sale; +if ($search_sale > 0) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$db->escape($search_sale); if ($search_user > 0) { - $sql.= " AND c.fk_c_type_contact = tc.rowid AND tc.element='propal' AND tc.source='internal' AND c.element_id = p.rowid AND c.fk_socpeople = ".$search_user; + $sql.= " AND c.fk_c_type_contact = tc.rowid AND tc.element='propal' AND tc.source='internal' AND c.element_id = p.rowid AND c.fk_socpeople = ".$db->escape($search_user); } // Add where from extra fields foreach ($search_array_options as $key => $val) @@ -357,28 +357,28 @@ if ($resql) else { $title = $langs->trans('ListOfProposals'); - } + } $num = $db->num_rows($resql); - + $arrayofselected=is_array($toselect)?$toselect:array(); - - $param='&viewstatut='.$viewstatut; - if (! empty($contextpage) && $contextpage != $_SERVER["PHP_SELF"]) $param.='&contextpage='.$contextpage; - if ($limit > 0 && $limit != $conf->liste_limit) $param.='&limit='.$limit; - if ($sall) $param.='&sall='.$sall; - if ($month) $param.='&month='.$month; - if ($year) $param.='&year='.$year; - if ($search_ref) $param.='&search_ref=' .$search_ref; - if ($search_refcustomer) $param.='&search_refcustomer=' .$search_refcustomer; - if ($search_societe) $param.='&search_societe=' .$search_societe; - if ($search_user > 0) $param.='&search_user='.$search_user; - if ($search_sale > 0) $param.='&search_sale='.$search_sale; - if ($search_montant_ht) $param.='&search_montant_ht='.$search_montant_ht; - if ($search_login) $param.='&search_login='.$search_login; - if ($search_town) $param.='&search_town='.$search_town; - if ($socid > 0) $param.='&socid='.$socid; - if ($optioncss != '') $param.='&optioncss='.$optioncss; + + $param='&viewstatut='.urlencode($viewstatut); + if (! empty($contextpage) && $contextpage != $_SERVER["PHP_SELF"]) $param.='&contextpage='.urlencode($contextpage); + if ($limit > 0 && $limit != $conf->liste_limit) $param.='&limit='.urlencode($limit); + if ($sall) $param.='&sall='.urlencode($sall); + if ($month) $param.='&month='.urlencode($month); + if ($year) $param.='&year='.urlencode($year); + if ($search_ref) $param.='&search_ref='.urlencode($search_ref); + if ($search_refcustomer) $param.='&search_refcustomer='.urlencode($search_refcustomer); + if ($search_societe) $param.='&search_societe='.urlencode($search_societe); + if ($search_user > 0) $param.='&search_user='.urlencode($search_user); + if ($search_sale > 0) $param.='&search_sale='.urlencode($search_sale); + if ($search_montant_ht) $param.='&search_montant_ht='.urlencode($search_montant_ht); + if ($search_login) $param.='&search_login='.urlencode($search_login); + if ($search_town) $param.='&search_town='.urlencode($search_town); + if ($socid > 0) $param.='&socid='.urlencode($socid); + if ($optioncss != '') $param.='&optioncss='.urlencode($optioncss); // Add $param from extra fields foreach ($search_array_options as $key => $val) { @@ -386,7 +386,7 @@ if ($resql) $tmpkey=preg_replace('/search_options_/','',$key); if ($val != '') $param.='&search_options_'.$tmpkey.'='.urlencode($val); } - + // List of mass actions available $arrayofmassactions = array( 'presend'=>$langs->trans("SendByMail"), @@ -395,7 +395,7 @@ if ($resql) if ($user->rights->propal->supprimer) $arrayofmassactions['delete']=$langs->trans("Delete"); if ($massaction == 'presend') $arrayofmassactions=array(); $massactionbutton=$form->selectMassAction('', $arrayofmassactions); - + // Lignes des champs de filtre print '
'; if ($optioncss != '') print ''; @@ -406,11 +406,11 @@ if ($resql) print ''; print_barre_liste($title, $page, $_SERVER["PHP_SELF"], $param, $sortfield, $sortorder, $massactionbutton, $num, $nbtotalofrecords, 'title_commercial.png', 0, '', '', $limit); - + if ($massaction == 'presend') { $langs->load("mails"); - + if (! GETPOST('cancel')) { $objecttmp=new Propal($db); @@ -429,17 +429,17 @@ if ($resql) } } } - + print ''; - + include_once DOL_DOCUMENT_ROOT.'/core/class/html.formmail.class.php'; $formmail = new FormMail($db); - + dol_fiche_head(null, '', ''); - + $topicmail="SendSupplierProposalRef"; $modelmail="supplier_proposal_send"; - + // Cree l'objet formulaire mail include_once DOL_DOCUMENT_ROOT.'/core/class/html.formmail.class.php'; $formmail = new FormMail($db); @@ -492,25 +492,25 @@ if ($resql) $formmail->substit['__REFCLIENT__']='__REFCLIENT__'; // We want to keep the tag $formmail->substit['__PERSONALIZED__']=''; $formmail->substit['__CONTACTCIVNAME__']=''; - + // Tableau des parametres complementaires du post $formmail->param['action']=$action; $formmail->param['models']=$modelmail; $formmail->param['models_id']=GETPOST('modelmailselected','int'); $formmail->param['id']=join(',',$arrayofselected); //$formmail->param['returnurl']=$_SERVER["PHP_SELF"].'?id='.$object->id; - + print $formmail->get_form(); - + dol_fiche_end(); } - + if ($sall) { foreach($fieldstosearchall as $key => $val) $fieldstosearchall[$key]=$langs->trans($val); print $langs->trans("FilterOnInto", $sall) . join(', ',$fieldstosearchall); } - + $i = 0; $moreforfilter=''; @@ -546,7 +546,7 @@ if ($resql) $reshook=$hookmanager->executeHooks('printFieldPreListTitle',$parameters); // Note that $action and $object may have been modified by hook if (empty($reshook)) $moreforfilter .= $hookmanager->resPrint; else $moreforfilter = $hookmanager->resPrint; - + if (! empty($moreforfilter)) { print '
'; @@ -556,10 +556,10 @@ if ($resql) $varpage=empty($contextpage)?$_SERVER["PHP_SELF"]:$contextpage; $selectedfields=$form->multiSelectArrayWithCheckbox('selectedfields', $arrayfields, $varpage); // This also change content of $arrayfields - + print '
'; print ''."\n"; - + // Fields title print ''; if (! empty($arrayfields['p.ref']['checked'])) print_liste_field_titre($arrayfields['p.ref']['label'],$_SERVER["PHP_SELF"],'p.ref','',$param,'',$sortfield,$sortorder); @@ -579,9 +579,9 @@ if ($resql) // Extra fields if (is_array($extrafields->attribute_label) && count($extrafields->attribute_label)) { - foreach($extrafields->attribute_label as $key => $val) + foreach($extrafields->attribute_label as $key => $val) { - if (! empty($arrayfields["ef.".$key]['checked'])) + if (! empty($arrayfields["ef.".$key]['checked'])) { $align=$extrafields->getAlignFlag($key); print_liste_field_titre($extralabels[$key],$_SERVER["PHP_SELF"],"ef.".$key,"",$param,($align?'align="'.$align.'"':''),$sortfield,$sortorder); @@ -597,9 +597,9 @@ if ($resql) if (! empty($arrayfields['p.fk_statut']['checked'])) print_liste_field_titre($arrayfields['p.fk_statut']['label'],$_SERVER["PHP_SELF"],"p.fk_statut","",$param,'align="right"',$sortfield,$sortorder); print_liste_field_titre($selectedfields, $_SERVER["PHP_SELF"],"",'','','align="right"',$sortfield,$sortorder,'maxwidthsearch '); print ''."\n"; - + print ''; - if (! empty($arrayfields['p.ref']['checked'])) + if (! empty($arrayfields['p.ref']['checked'])) { print ''; } // Date - if (! empty($arrayfields['p.date']['checked'])) + if (! empty($arrayfields['p.date']['checked'])) { print ''; } // Date end - if (! empty($arrayfields['p.fin_validite']['checked'])) + if (! empty($arrayfields['p.fin_validite']['checked'])) { print ''; } @@ -736,7 +736,7 @@ if ($resql) $searchpitco=$form->showFilterAndCheckAddButtons($massactionbutton?1:0, 'checkforselect', 1); print $searchpitco; print ''; - + print "\n"; $now = dol_now(); @@ -747,16 +747,16 @@ if ($resql) { $obj = $db->fetch_object($resql); $var=!$var; - + $objectstatic->id=$obj->rowid; $objectstatic->ref=$obj->ref; - + print ''; - + if (! empty($arrayfields['p.ref']['checked'])) { print '\n"; if (! $i) $totalarray['nbfield']++; } - + if (! empty($arrayfields['p.ref_client']['checked'])) { // Customer ref @@ -798,12 +798,12 @@ if ($resql) print ''; if (! $i) $totalarray['nbfield']++; } - + $companystatic->id=$obj->socid; $companystatic->name=$obj->name; $companystatic->client=$obj->client; $companystatic->code_client=$obj->code_client; - + // Thirdparty if (! empty($arrayfields['s.nom']['checked'])) { @@ -812,7 +812,7 @@ if ($resql) print ''; if (! $i) $totalarray['nbfield']++; } - + // Town if (! empty($arrayfields['s.town']['checked'])) { @@ -853,7 +853,7 @@ if ($resql) print ''; if (! $i) $totalarray['nbfield']++; } - + // Date proposal if (! empty($arrayfields['p.date']['checked'])) { @@ -862,7 +862,7 @@ if ($resql) print "\n"; if (! $i) $totalarray['nbfield']++; } - + // Date end validity if (! empty($arrayfields['p.fin_validite']['checked'])) { @@ -877,7 +877,7 @@ if ($resql) } if (! $i) $totalarray['nbfield']++; } - + // Amount HT if (! empty($arrayfields['p.total_ht']['checked'])) { @@ -902,7 +902,7 @@ if ($resql) if (! $i) $totalarray['totalttcfield']=$totalarray['nbfield']; $totalarray['totalttc'] += $obj->total_ttc; } - + $userstatic->id=$obj->fk_user_author; $userstatic->login=$obj->login; @@ -915,7 +915,7 @@ if ($resql) print "\n"; if (! $i) $totalarray['nbfield']++; } - + // Extra fields if (is_array($extrafields->attribute_label) && count($extrafields->attribute_label)) { @@ -1000,20 +1000,20 @@ if ($resql) else print ''; } print ''; - + } $db->free($resql); - + $parameters=array('arrayfields'=>$arrayfields, 'sql'=>$sql); $reshook=$hookmanager->executeHooks('printFieldListFooter',$parameters); // Note that $action and $object may have been modified by hook print $hookmanager->resPrint; - + print '
'; print ''; @@ -641,7 +641,7 @@ if ($resql) print ''; //print $langs->trans('Month').': '; @@ -653,7 +653,7 @@ if ($resql) print ' 
'; - + print ''; // Picto + Ref print '
'; @@ -785,11 +785,11 @@ if ($resql) $urlsource=$_SERVER['PHP_SELF'].'?id='.$obj->rowid; print $formfile->getDocumentsLink($objectstatic->element, $filename, $filedir); print '
'; - + print "
'."\n"; print '
'."\n"; print ''."\n"; - + if ($massaction == 'builddoc' || $action == 'remove_file' || $show_files) { /* @@ -1021,18 +1021,18 @@ if ($resql) */ $urlsource=$_SERVER['PHP_SELF'].'?sortfield='.$sortfield.'&sortorder='.$sortorder; $urlsource.=str_replace('&','&',$param); - + $filedir=$diroutputmassaction; $genallowed=$user->rights->propal->lire; $delallowed=$user->rights->propal->lire; - + print $formfile->showdocuments('massfilesarea_proposals','',$filedir,$urlsource,0,$delallowed,'',1,1,0,48,1,$param,'',''); } else { print '
'.$langs->trans("ShowTempMassFilesArea").''; } - + } else { diff --git a/htdocs/compta/facture.php b/htdocs/compta/facture.php index d7f6a5c7dfd..2d0208d0c2b 100644 --- a/htdocs/compta/facture.php +++ b/htdocs/compta/facture.php @@ -3327,7 +3327,7 @@ else if ($id > 0 || ! empty($ref)) print $object->situation_counter; print ''; - print ''; + print ''; $prevsits_total_amount = 0; foreach ($prevsits as $situation) { @@ -3335,9 +3335,10 @@ else if ($id > 0 || ! empty($ref)) } $prevsits_total_amount += $object->total_ht; - print price($prevsits_total_amount); - print ''; - print '' . $langs->trans('Currency' . $conf->currency) . ''; + print price($prevsits_total_amount, 0, $langs, 1, -1, -1, (!empty($object->multicurrency_code) ? $object->multicurrency_code : $conf->currency) ); + + print ''; + // Previous situation(s) deduction(s) for ($i = 0; $i < $cprevsits; $i++) { @@ -3348,10 +3349,10 @@ else if ($id > 0 || ! empty($ref)) print $prevsits[$i]->situation_counter; print ''; - print ''; - print '- ' . price($prevsits[$i]->total_ht); - print ''; - print '' . $langs->trans('Currency' . $conf->currency) . ''; + print ''; + print '- ' . price($prevsits[$i]->total_ht, 0, $langs, 1, -1, -1, (!empty($object->multicurrency_code) ? $object->multicurrency_code : $conf->currency) ); + print ''; + } } } @@ -3489,7 +3490,7 @@ else if ($id > 0 || ! empty($ref)) if ($object->type == Facture::TYPE_SITUATION && ! empty($conf->global->INVOICE_USE_SITUATION)) { if (count($object->tab_previous_situation_invoice) > 0 || count($object->tab_next_situation_invoice) > 0) - print ''; + print '
'; if (count($object->tab_previous_situation_invoice) > 0) { // List of previous invoices @@ -3523,7 +3524,7 @@ else if ($id > 0 || ! empty($ref)) } print ''; - print ''; + print ''; print ''; print ''; print ''; @@ -3563,7 +3564,7 @@ else if ($id > 0 || ! empty($ref)) } print ''; - print ''; + print ''; print ''; print ''; print ''; @@ -3938,6 +3939,9 @@ else if ($id > 0 || ! empty($ref)) } } + $discount = new DiscountAbsolute($db); + $result = $discount->fetch(0, $object->id); + // Reopen a standard paid invoice if ((($object->type == Facture::TYPE_STANDARD || $object->type == Facture::TYPE_REPLACEMENT) || ($object->type == Facture::TYPE_CREDIT_NOTE && empty($discount->id)) diff --git a/htdocs/compta/facture/class/facture.class.php b/htdocs/compta/facture/class/facture.class.php index adb9130e085..6c73746d9af 100644 --- a/htdocs/compta/facture/class/facture.class.php +++ b/htdocs/compta/facture/class/facture.class.php @@ -54,7 +54,7 @@ class Facture extends CommonInvoice public $fk_element = 'fk_facture'; protected $ismultientitymanaged = 1; // 0=No test on entity, 1=Test with field entity, 2=Test with link by societe public $picto='bill'; - + /** * {@inheritdoc} */ @@ -243,7 +243,7 @@ class Facture extends CommonInvoice if (! $this->mode_reglement_id) $this->mode_reglement_id = 0; $this->brouillon = 1; if (empty($this->entity)) $this->entity = $conf->entity; - + // Multicurrency (test on $this->multicurrency_tx because we sould take the default rate only if not using origin rate) if (!empty($this->multicurrency_code) && empty($this->multicurrency_tx)) list($this->fk_multicurrency,$this->multicurrency_tx) = MultiCurrency::getIdAndTxFromCode($this->db, $this->multicurrency_code); else $this->fk_multicurrency = MultiCurrency::getIdFromCode($this->db, $this->multicurrency_code); @@ -286,7 +286,7 @@ class Facture extends CommonInvoice $this->socid = $_facrec->socid; // Invoice created on same thirdparty than template $this->entity = $_facrec->entity; // Invoice created in same entity than template - + // Fields coming from GUI (priority on template). TODO Value of template should be used as default value on GUI so we can use here always value from GUI $this->fk_project = GETPOST('projectid','int') > 0 ? GETPOST('projectid','int') : $_facrec->fk_project; $this->note_public = GETPOST('note_public') ? GETPOST('note_public') : $_facrec->note_public; @@ -299,7 +299,7 @@ class Facture extends CommonInvoice // Set here to have this defined for substitution into notes, should be recalculated after adding lines to get same result $this->total_ht = $_facrec->total_ht; $this->total_ttc = $_facrec->total_ttc; - + // Fields always coming from template $this->remise_absolue = $_facrec->remise_absolue; $this->remise_percent = $_facrec->remise_percent; @@ -358,10 +358,10 @@ class Facture extends CommonInvoice '__INVOICE_YEAR__' => dol_print_date($this->date, '%Y'), '__INVOICE_NEXT_YEAR__' => dol_print_date(dol_time_plus_duree($this->date, 1, 'y'), '%Y'), ); - + $substitutionisok=true; complete_substitutions_array($substitutionarray, $outputlangs); - + $this->note_public=make_substitutions($this->note_public,$substitutionarray); $this->note_private=make_substitutions($this->note_private,$substitutionarray); } @@ -470,7 +470,7 @@ class Facture extends CommonInvoice } } } - + if (! $error && $this->id && ! empty($conf->global->MAIN_PROPAGATE_CONTACTS_FROM_ORIGIN) && ! empty($this->origin) && ! empty($this->origin_id)) // Get contact from origin object { $originforcontact = $this->origin; @@ -481,7 +481,7 @@ class Facture extends CommonInvoice $exp = new Expedition($this->db); $exp->fetch($this->origin_id); $exp->fetchObjectLinked(); - if (count($exp->linkedObjectsIds['commande']) > 0) + if (count($exp->linkedObjectsIds['commande']) > 0) { foreach ($exp->linkedObjectsIds['commande'] as $key => $value) { @@ -491,10 +491,10 @@ class Facture extends CommonInvoice } } } - + $sqlcontact = "SELECT ctc.code, ctc.source, ec.fk_socpeople FROM ".MAIN_DB_PREFIX."element_contact as ec, ".MAIN_DB_PREFIX."c_type_contact as ctc"; $sqlcontact.= " WHERE element_id = ".$originidforcontact." AND ec.fk_c_type_contact = ctc.rowid AND ctc.element = '".$originforcontact."'"; - + $resqlcontact = $this->db->query($sqlcontact); if ($resqlcontact) { @@ -519,9 +519,12 @@ class Facture extends CommonInvoice { $newinvoiceline=$this->lines[$i]; $newinvoiceline->fk_facture=$this->id; - $newinvoiceline->origin = $this->element; // TODO This seems not used. Here we but origin 'facture' but after - $newinvoiceline->origin_id = $this->lines[$i]->id; // we put an id of object ! - if ($result >= 0 && ($newinvoiceline->info_bits & 0x01) == 0) // We keep only lines with first bit = 0 + + // TODO This seems not used. Here we put origin 'facture' but after, we put an id of object ! + $newinvoiceline->origin = $this->element; + $newinvoiceline->origin_id = $this->lines[$i]->id; + + if ($result >= 0) { // Reset fk_parent_line for no child products and special product if (($newinvoiceline->product_type != 9 && empty($newinvoiceline->fk_parent_line)) || $newinvoiceline->product_type == 9) { @@ -553,12 +556,12 @@ class Facture extends CommonInvoice foreach ($this->lines as $i => $val) { $line = $this->lines[$i]; - + // Test and convert into object this->lines[$i]. When coming from REST API, we may still have an array //if (! is_object($line)) $line=json_decode(json_encode($line), FALSE); // convert recursively array into object. if (! is_object($line)) $line = (object) $line; - - if (($line->info_bits & 0x01) == 0) // We keep only lines with first bit = 0 + + if ($result >= 0) { // Reset fk_parent_line for no child products and special product if (($line->product_type != 9 && empty($line->fk_parent_line)) || $line->product_type == 9) { @@ -1058,7 +1061,7 @@ class Facture extends CommonInvoice if ($this->type == self::TYPE_CREDIT_NOTE) $picto.='a'; // Credit note if ($this->type == self::TYPE_DEPOSIT) $picto.='d'; // Deposit invoice $label=''; - + if ($user->rights->facture->lire) { $label = '' . $langs->trans("ShowInvoice") . ''; if (! empty($this->ref)) @@ -1077,7 +1080,7 @@ class Facture extends CommonInvoice if ($this->type == self::TYPE_SITUATION) $label=$langs->transnoentitiesnoconv("ShowInvoiceSituation").': '.$this->ref; if ($moretitle) $label.=' - '.$moretitle; } - + $linkclose=''; if (empty($notooltip) && $user->rights->facture->lire) { @@ -1111,7 +1114,7 @@ class Facture extends CommonInvoice $result.=''; } } - + return $result; } @@ -1319,7 +1322,7 @@ class Facture extends CommonInvoice $line->qty = $objp->qty; $line->subprice = $objp->subprice; - $line->vat_src_code = $objp->vat_src_code; + $line->vat_src_code = $objp->vat_src_code; $line->tva_tx = $objp->tva_tx; $line->localtax1_tx = $objp->localtax1_tx; $line->localtax2_tx = $objp->localtax2_tx; @@ -1572,7 +1575,7 @@ class Facture extends CommonInvoice $arraytmp=$formmargin->getMarginInfosArray($srcinvoice, false); $facligne->pa_ht = $arraytmp['pa_total']; } - + $facligne->total_ht = -$remise->amount_ht; $facligne->total_tva = -$remise->amount_tva; $facligne->total_ttc = -$remise->amount_ttc; @@ -1626,7 +1629,7 @@ class Facture extends CommonInvoice function set_ref_client($ref_client, $notrigger=0) { global $user; - + $error=0; $this->db->begin(); @@ -2455,7 +2458,7 @@ class Facture extends CommonInvoice if (! isset($situation_percent) || $situation_percent > 100 || (string) $situation_percent == '') $situation_percent = 100; $localtaxes_type=getLocalTaxesFromRate($txtva, 0, $this->thirdparty, $mysoc); - + // Clean vat code $vat_src_code=''; if (preg_match('/\((.*)\)/', $txtva, $reg)) @@ -2463,7 +2466,7 @@ class Facture extends CommonInvoice $vat_src_code = $reg[1]; $txtva = preg_replace('/\s*\(.*\)/', '', $txtva); // Remove code into vatrate. } - + $remise_percent=price2num($remise_percent); $qty=price2num($qty); $pu_ht=price2num($pu_ht); @@ -2648,7 +2651,7 @@ class Facture extends CommonInvoice * @param double $pu_ht_devise Unit price in currency * @return int < 0 if KO, > 0 if OK */ - function updateline($rowid, $desc, $pu, $qty, $remise_percent, $date_start, $date_end, $txtva, $txlocaltax1=0, $txlocaltax2=0, $price_base_type='HT', $info_bits=0, $type= self::TYPE_STANDARD, $fk_parent_line=0, $skip_update_total=0, $fk_fournprice=null, $pa_ht=0, $label='', $special_code=0, $array_options=0, $situation_percent=0, $fk_unit = null, $pu_ht_devise = 0) + function updateline($rowid, $desc, $pu, $qty, $remise_percent, $date_start, $date_end, $txtva, $txlocaltax1=0, $txlocaltax2=0, $price_base_type='HT', $info_bits=0, $type= self::TYPE_STANDARD, $fk_parent_line=0, $skip_update_total=0, $fk_fournprice=null, $pa_ht=0, $label='', $special_code=0, $array_options=0, $situation_percent=100, $fk_unit = null, $pu_ht_devise = 0) { global $conf,$user; // Deprecation warning @@ -2768,14 +2771,14 @@ class Facture extends CommonInvoice $this->line->label = $label; $this->line->desc = $desc; $this->line->qty = ($this->type==self::TYPE_CREDIT_NOTE?abs($qty):$qty); // For credit note, quantity is always positive and unit price negative - + $this->line->vat_src_code = $vat_src_code; $this->line->tva_tx = $txtva; $this->line->localtax1_tx = $txlocaltax1; $this->line->localtax2_tx = $txlocaltax2; $this->line->localtax1_type = $localtaxes_type[0]; $this->line->localtax2_type = $localtaxes_type[2]; - + $this->line->remise_percent = $remise_percent; $this->line->subprice = ($this->type==2?-abs($pu_ht):$pu_ht); // For credit note, unit price always negative, always positive otherwise $this->line->date_start = $date_start; @@ -2894,7 +2897,7 @@ class Facture extends CommonInvoice function deleteline($rowid) { global $user; - + dol_syslog(get_class($this)."::deleteline rowid=".$rowid, LOG_DEBUG); if (! $this->brouillon) @@ -2920,13 +2923,13 @@ class Facture extends CommonInvoice } $line=new FactureLigne($this->db); - + $line->context = $this->context; // For triggers $result = $line->fetch($rowid); if (! ($result > 0)) dol_print_error($db, $line->error, $line->errors); - + if ($line->delete($user) > 0) { $result=$this->update_price(1); @@ -4340,7 +4343,7 @@ class FactureLigne extends CommonInvoiceLine $this->fk_unit = $objp->fk_unit; $this->fk_user_modif = $objp->fk_user_modif; $this->fk_user_author = $objp->fk_user_author; - + $this->situation_percent = $objp->situation_percent; $this->fk_prev_id = $objp->fk_prev_id; diff --git a/htdocs/compta/prelevement/class/bonprelevement.class.php b/htdocs/compta/prelevement/class/bonprelevement.class.php index d7489b8aca0..af794826f0d 100644 --- a/htdocs/compta/prelevement/class/bonprelevement.class.php +++ b/htdocs/compta/prelevement/class/bonprelevement.class.php @@ -252,7 +252,7 @@ class BonPrelevement extends CommonObject function getErrorString($error) { global $langs; - + $errors = array(); $errors[1027] = $langs->trans("DateInvalid"); @@ -813,7 +813,7 @@ class BonPrelevement extends CommonObject dol_syslog(__METHOD__."::Read invoices error ".$this->db->error(), LOG_ERR); } } - + if (! $error) { require_once DOL_DOCUMENT_ROOT . '/societe/class/companybankaccount.class.php'; @@ -834,7 +834,7 @@ class BonPrelevement extends CommonObject { $bac = new CompanyBankAccount($this->db); $bac->fetch(0,$soc->id); - + if ($bac->verif() >= 1) //if (true) { @@ -867,7 +867,7 @@ class BonPrelevement extends CommonObject } $ok=0; - + // Withdraw invoices in factures_prev array $out=count($factures_prev)." invoices will be withdrawn."; //print $out."\n"; @@ -920,7 +920,7 @@ class BonPrelevement extends CommonObject $dir=$conf->prelevement->dir_output.'/receipts'; if (! is_dir($dir)) dol_mkdir($dir); - + $this->filename = $dir.'/'.$ref.'.xml'; // Create withdraw receipt in database @@ -1028,7 +1028,7 @@ class BonPrelevement extends CommonObject $this->emetteur_bic = $account->bic; $this->emetteur_ics = $conf->global->PRELEVEMENT_ICS; // Ex: PRELEVEMENT_ICS = "FR78ZZZ123456"; - + $this->raison_sociale = $account->proprio; } @@ -1272,16 +1272,6 @@ class BonPrelevement extends CommonObject * section Debiteur (sepa Debiteurs bloc lines) */ - /*$tmp_invoices = array(); - - $sql = "SELECT f.facnumber as fac FROM ".MAIN_DB_PREFIX."prelevement_lignes as pl, ".MAIN_DB_PREFIX."facture as f, ".MAIN_DB_PREFIX."prelevement_facture as pf, ".MAIN_DB_PREFIX."societe as soc, ".MAIN_DB_PREFIX."c_country as p, ".MAIN_DB_PREFIX."societe_rib as rib WHERE pl.fk_prelevement_bons = ".$this->id." AND pl.rowid = pf.fk_prelevement_lignes AND pf.fk_facture = f.rowid AND soc.fk_pays = p.rowid AND soc.rowid = f.fk_soc AND rib.fk_soc = f.fk_soc AND rib.default_rib = 1"; - $resql=$this->db->query($sql); - if ($resql) { - while ($objfac = $this->db->fetch_object($resql)) { - $tmp_invoices[] = $objfac->fac; - } - }*/ - $sql = "SELECT soc.code_client as code, soc.address, soc.zip, soc.town, c.code as country_code,"; $sql.= " pl.client_nom as nom, pl.code_banque as cb, pl.code_guichet as cg, pl.number as cc, pl.amount as somme,"; $sql.= " f.facnumber as fac, pf.fk_facture as idfac, rib.datec, rib.iban_prefix as iban, rib.bic as bic, rib.rowid as drum"; @@ -1365,35 +1355,6 @@ class BonPrelevement extends CommonObject fputs($this->file, ' '.$CrLf); fputs($this->file, ' '.$CrLf); fputs($this->file, ''.$CrLf); - - /*$sql = "SELECT pl.amount"; - $sql.= " FROM"; - $sql.= " ".MAIN_DB_PREFIX."prelevement_lignes as pl,"; - $sql.= " ".MAIN_DB_PREFIX."facture as f,"; - $sql.= " ".MAIN_DB_PREFIX."prelevement_facture as pf"; - $sql.= " WHERE pl.fk_prelevement_bons = ".$this->id; - $sql.= " AND pl.rowid = pf.fk_prelevement_lignes"; - $sql.= " AND pf.fk_facture = f.rowid"; - - //Lines - $i = 0; - $resql=$this->db->query($sql); - if ($resql) - { - $num = $this->db->num_rows($resql); - - while ($i < $num) - { - $obj = $this->db->fetch_object($resql); - $this->total = $this->total + $obj->amount; - $i++; - } - } - else - { - $result = -2; - }*/ - } // Build file for Other Countries with unknow format @@ -1580,11 +1541,11 @@ class BonPrelevement extends CommonObject $XML_DEBITOR .=' '.$CrLf; $XML_DEBITOR .=' '.$CrLf; $XML_DEBITOR .=' '.$CrLf; - $XML_DEBITOR .=' '.strtoupper(dol_string_unaccent($row_nom)).''.$CrLf; + $XML_DEBITOR .=' '.dolEscapeXML(strtoupper(dol_string_unaccent($row_nom))).''.$CrLf; $XML_DEBITOR .=' '.$CrLf; $XML_DEBITOR .=' '.$row_country_code.''.$CrLf; - $XML_DEBITOR .=' '.dol_string_unaccent(strtr($row_address, array(CHR(13) => ", ", CHR(10) => ""))).''.$CrLf; - $XML_DEBITOR .=' '.dol_string_unaccent($row_zip.' '.$row_town).''.$CrLf; + $XML_DEBITOR .=' '.dolEscapeXML(dol_trunc(dol_string_unaccent(strtr($row_address, array(CHR(13) => ", ", CHR(10) => ""))),70,'right','UTF-8',true)).''.$CrLf; + $XML_DEBITOR .=' '.dolEscapeXML(dol_string_unaccent($row_zip.' '.$row_town)).''.$CrLf; $XML_DEBITOR .=' '.$CrLf; $XML_DEBITOR .=' '.$CrLf; $XML_DEBITOR .=' '.$CrLf; @@ -1679,7 +1640,7 @@ class BonPrelevement extends CommonObject * @return string String with SEPA Sender */ function EnregEmetteurSEPA($configuration, $ladate, $nombre, $total, $CrLf='\n') - { + { // SEPA INITIALISATION global $conf; @@ -1698,12 +1659,12 @@ class BonPrelevement extends CommonObject $this->emetteur_number_key = $account->cle_rib; $this->emetteur_iban = $account->iban; $this->emetteur_bic = $account->bic; - + $this->emetteur_ics = $conf->global->PRELEVEMENT_ICS; // Ex: PRELEVEMENT_ICS = "FR78ZZZ123456"; - + $this->raison_sociale = $account->proprio; } - + // Récupération info demandeur $sql = "SELECT rowid, ref"; $sql.= " FROM"; diff --git a/htdocs/contrat/class/contrat.class.php b/htdocs/contrat/class/contrat.class.php index a97391de170..a1696c749f8 100644 --- a/htdocs/contrat/class/contrat.class.php +++ b/htdocs/contrat/class/contrat.class.php @@ -46,7 +46,7 @@ class Contrat extends CommonObject public $fk_element='fk_contrat'; protected $ismultientitymanaged = 1; // 0=No test on entity, 1=Test with field entity, 2=Test with link by societe public $picto='contract'; - + /** * {@inheritdoc} */ @@ -609,7 +609,7 @@ class Contrat extends CommonObject $this->lines=array(); $pos = 0; - + // Selectionne les lignes contrats liees a un produit $sql = "SELECT p.label as product_label, p.description as product_desc, p.ref as product_ref,"; $sql.= " d.rowid, d.fk_contrat, d.statut, d.description, d.price_ht, d.vat_src_code, d.tva_tx, d.localtax1_tx, d.localtax2_tx, d.localtax1_type, d.localtax2_type, d.qty, d.remise_percent, d.subprice, d.fk_product_fournisseur_price as fk_fournprice, d.buy_price_ht as pa_ht,"; @@ -1849,7 +1849,7 @@ class Contrat extends CommonObject $url = DOL_URL_ROOT.'/contrat/card.php?id='.$this->id; $picto = 'contract'; $label = ''; - + if ($user->rights->contrat->lire) { $label = ''.$langs->trans("ShowContract").''; $label .= '
'.$langs->trans('Ref').': '.$this->ref; @@ -1865,7 +1865,7 @@ class Contrat extends CommonObject $label .= '
'.$langs->trans('AmountTTC').': '.price($this->total_ttc, 0, $langs, 0, -1, -1, $conf->currency); } } - + $linkclose=''; if (empty($notooltip) && $user->rights->contrat->lire) { @@ -1881,7 +1881,7 @@ class Contrat extends CommonObject $linkstart = ''; $linkend=''; - + if ($withpicto) $result.=($linkstart.img_object(($notooltip?'':$label), $picto, ($notooltip?'':'class="classfortooltip"'), 0, 0, $notooltip?0:1).$linkend); if ($withpicto && $withpicto != 2) $result.=' '; $result.=$linkstart.$this->ref.$linkend; @@ -2743,6 +2743,8 @@ class ContratLigne extends CommonObjectLine if (empty($this->total_ht)) $this->total_ht = 0; if (empty($this->total_tva)) $this->total_tva = 0; if (empty($this->total_ttc)) $this->total_ttc = 0; + if (empty($this->localtax1_tx)) $this->localtax1_tx = 0; + if (empty($this->localtax2_tx)) $this->localtax2_tx = 0; // Check parameters // Put here code to add control on parameters values @@ -2909,7 +2911,7 @@ class ContratLigne extends CommonObjectLine // Insertion dans la base $sql = "INSERT INTO ".MAIN_DB_PREFIX."contratdet"; - $sql.= " (fk_contrat, label, description, fk_product, qty, tva_tx,"; + $sql.= " (fk_contrat, label, description, fk_product, qty, vat_src_code, tva_tx,"; $sql.= " localtax1_tx, localtax2_tx, localtax1_type, localtax2_type, remise_percent, subprice,"; $sql.= " total_ht, total_tva, total_localtax1, total_localtax2, total_ttc,"; $sql.= " info_bits,"; diff --git a/htdocs/core/actions_linkedfiles.inc.php b/htdocs/core/actions_linkedfiles.inc.php index 672da011a79..fb9f44edcfb 100644 --- a/htdocs/core/actions_linkedfiles.inc.php +++ b/htdocs/core/actions_linkedfiles.inc.php @@ -71,7 +71,7 @@ if ($action == 'confirm_deletefile' && $confirm == 'yes') $ret = dol_delete_file($file, 0, 0, 0, $object); if (! empty($fileold)) dol_delete_file($fileold, 0, 0, 0, $object); // Delete file using old path - + // Si elle existe, on efface la vignette if (preg_match('/(\.jpg|\.jpeg|\.bmp|\.gif|\.png|\.tiff)$/i',$file,$regs)) { @@ -150,19 +150,28 @@ elseif ($action == 'renamefile' && GETPOST('renamefilesave')) { $filenamefrom=dol_sanitizeFileName(GETPOST('renamefilefrom')); $filenameto=dol_sanitizeFileName(GETPOST('renamefileto')); + + // Security: + // Disallow file with some extensions. We rename them. + // Because if we put the documents directory into a directory inside web root (very bad), this allows to execute on demand arbitrary code. + if (preg_match('/\.htm|\.html|\.php|\.pl|\.cgi$/i',$filenameto) && empty($conf->global->MAIN_DOCUMENT_IS_OUTSIDE_WEBROOT_SO_NOEXE_NOT_REQUIRED)) + { + $filenameto.= '.noexe'; + } + if ($filenamefrom && $filenameto) { $srcpath = $upload_dir.'/'.$filenamefrom; $destpath = $upload_dir.'/'.$filenameto; - + $result = dol_move($srcpath, $destpath); - if ($result) + if ($result) { $object->addThumbs($destpath); - + // TODO Add revert function of addThumbs //$object->delThumbs($srcpath); - + setEventMessages($langs->trans("FileRenamed"), null); } else setEventMessages($langs->trans("ErrorFailToRenameFile", $filenamefrom, $filenameto), null, 'errors'); diff --git a/htdocs/core/ajax/ajaxdirpreview.php b/htdocs/core/ajax/ajaxdirpreview.php index 28f78e22ef4..bbc7647c802 100644 --- a/htdocs/core/ajax/ajaxdirpreview.php +++ b/htdocs/core/ajax/ajaxdirpreview.php @@ -139,7 +139,7 @@ if (! dol_is_dir($upload_dir)) } print ''."\n"; -print ''."\n"; +//print ''."\n"; $param=($sortfield?'&sortfield='.$sortfield:'').($sortorder?'&sortorder='.$sortorder:''); diff --git a/htdocs/core/ajax/bankconciliate.php b/htdocs/core/ajax/bankconciliate.php index 3a8a3e30687..76ab3045f93 100644 --- a/htdocs/core/ajax/bankconciliate.php +++ b/htdocs/core/ajax/bankconciliate.php @@ -45,7 +45,7 @@ $action=GETPOST('action'); //top_htmlhead("", "", 1); // Replaced with top_httphead. An ajax page does not need html header. top_httphead(); -//print ''."\n"; +//print ''."\n"; if (($user->rights->banque->modifier || $user->rights->banque->consolidate) && $action == 'dvnext') { diff --git a/htdocs/core/ajax/box.php b/htdocs/core/ajax/box.php index 63f96a0c513..106822f998b 100644 --- a/htdocs/core/ajax/box.php +++ b/htdocs/core/ajax/box.php @@ -50,7 +50,7 @@ $userid=GETPOST('userid','int'); //top_htmlhead("", "", 1); // Replaced with top_httphead. An ajax page does not need html header. top_httphead(); -print ''."\n"; +print ''."\n"; // Add a box if ($boxid > 0 && $zone !='' && $userid > 0) diff --git a/htdocs/core/ajax/constantonoff.php b/htdocs/core/ajax/constantonoff.php index 331a5e87513..f79753260d7 100644 --- a/htdocs/core/ajax/constantonoff.php +++ b/htdocs/core/ajax/constantonoff.php @@ -45,7 +45,7 @@ $name=GETPOST('name','alpha'); //top_htmlhead("", "", 1); // Replaced with top_httphead. An ajax page does not need html header. top_httphead(); -print ''."\n"; +//print ''."\n"; // Registering the location of boxes if (! empty($action) && ! empty($name)) diff --git a/htdocs/core/ajax/contacts.php b/htdocs/core/ajax/contacts.php index c3788a8baeb..1c7c7a56e4b 100644 --- a/htdocs/core/ajax/contacts.php +++ b/htdocs/core/ajax/contacts.php @@ -41,20 +41,20 @@ $showempty = GETPOST('showempty','int'); top_httphead(); -//print ''."\n"; +//print ''."\n"; // Load original field value if (! empty($id) && ! empty($action) && ! empty($htmlname)) { $form = new Form($db); - + $return=array(); if (empty($showempty)) $showempty=0; - + $return['value'] = $form->selectcontacts($id,'',$htmlname,$showempty,'','',0,'',true); $return['num'] = $form->num; $return['error'] = $form->error; - + echo json_encode($return); } diff --git a/htdocs/core/ajax/extraparams.php b/htdocs/core/ajax/extraparams.php index 510ef8a1cf8..f8a636e52a5 100644 --- a/htdocs/core/ajax/extraparams.php +++ b/htdocs/core/ajax/extraparams.php @@ -40,17 +40,17 @@ $type = GETPOST('type', 'alpha'); top_httphead(); -print ''."\n"; +print ''."\n"; if(! empty($id) && ! empty($element) && ! empty($htmlelement) && ! empty($type)) { $value = GETPOST('value','alpha'); $params=array(); - + dol_syslog("AjaxSetExtraParameters id=".$id." element=".$element." htmlelement=".$htmlelement." type=".$type." value=".$value, LOG_DEBUG); - + $classpath = $subelement = $element; - + // For compatibility if ($element == 'order' || $element == 'commande') { $classpath = $subelement = 'commande'; } else if ($element == 'propal') { $classpath = 'comm/propal'; $subelement = 'propal'; } @@ -60,19 +60,19 @@ if(! empty($id) && ! empty($element) && ! empty($htmlelement) && ! empty($type)) else if ($element == 'deplacement') { $classpath = 'compta/deplacement'; $subelement = 'deplacement'; } else if ($element == 'order_supplier') { $classpath = 'fourn'; $subelement = 'fournisseur.commande'; } else if ($element == 'invoice_supplier') { $classpath = 'fourn'; $subelement = 'fournisseur.facture'; } - + dol_include_once('/'.$classpath.'/class/'.$subelement.'.class.php'); - + if ($element == 'order_supplier') { $classname = 'CommandeFournisseur'; } else if ($element == 'invoice_supplier') { $classname = 'FactureFournisseur'; } else $classname = ucfirst($subelement); - + $object = new $classname($db); $object->fetch($id); - + $params[$htmlelement] = array($type => $value); $object->extraparams = array_merge($object->extraparams, $params); - + $result=$object->setExtraParameters(); } diff --git a/htdocs/core/ajax/loadinplace.php b/htdocs/core/ajax/loadinplace.php index de3a4e57d19..7e9e541c768 100644 --- a/htdocs/core/ajax/loadinplace.php +++ b/htdocs/core/ajax/loadinplace.php @@ -41,7 +41,7 @@ $fk_element = GETPOST('fk_element','alpha'); top_httphead(); -//print ''."\n"; +//print ''."\n"; // Load original field value if (! empty($field) && ! empty($element) && ! empty($table_element) && ! empty($fk_element)) diff --git a/htdocs/core/ajax/objectonoff.php b/htdocs/core/ajax/objectonoff.php index 6ac5abd3bbb..37173ed9943 100644 --- a/htdocs/core/ajax/objectonoff.php +++ b/htdocs/core/ajax/objectonoff.php @@ -42,7 +42,7 @@ $object = new GenericObject($db); top_httphead(); -print ''."\n"; +print ''."\n"; // Registering new values if (($action == 'set') && ! empty($id)) diff --git a/htdocs/core/ajax/price.php b/htdocs/core/ajax/price.php index 5c891df14d5..d4a101fb497 100644 --- a/htdocs/core/ajax/price.php +++ b/htdocs/core/ajax/price.php @@ -39,7 +39,7 @@ $tva_tx = str_replace('*','',GETPOST('tva_tx','alpha')); top_httphead(); -//print ''."\n"; +//print ''."\n"; // Load original field value if (! empty($output) && isset($amount) && isset($tva_tx)) diff --git a/htdocs/core/ajax/row.php b/htdocs/core/ajax/row.php index 41d411f01fd..827ee92d525 100644 --- a/htdocs/core/ajax/row.php +++ b/htdocs/core/ajax/row.php @@ -17,8 +17,8 @@ /** * \file htdocs/core/ajax/row.php - * \brief File to return Ajax response on Row move. - * This ajax page is called when doing an up or down drag and drop. + * \brief File to return Ajax response on Row move. + * This ajax page is called when doing an up or down drag and drop. */ if (! defined('NOTOKENRENEWAL')) define('NOTOKENRENEWAL','1'); // Disable token renewal @@ -39,7 +39,7 @@ require_once DOL_DOCUMENT_ROOT.'/core/class/genericobject.class.php'; top_httphead(); -print ''."\n"; +print ''."\n"; // Registering the location of boxes if ((isset($_POST['roworder']) && ! empty($_POST['roworder'])) && (isset($_POST['table_element_line']) && ! empty($_POST['table_element_line'])) diff --git a/htdocs/core/ajax/saveinplace.php b/htdocs/core/ajax/saveinplace.php index 48797dd0432..eb04379a778 100644 --- a/htdocs/core/ajax/saveinplace.php +++ b/htdocs/core/ajax/saveinplace.php @@ -54,7 +54,7 @@ savemethodname: top_httphead(); -//print ''."\n"; +//print ''."\n"; //print_r($_POST); // Load original field value diff --git a/htdocs/core/ajax/security.php b/htdocs/core/ajax/security.php index 28a53a87679..cc7335618d0 100644 --- a/htdocs/core/ajax/security.php +++ b/htdocs/core/ajax/security.php @@ -17,8 +17,8 @@ /** * \file htdocs/core/ajax/security.php - * \brief This ajax component is used to generated has keys for security purposes - * like key to use into URL to protect them. + * \brief This ajax component is used to generated has keys for security purposes + * like key to use into URL to protect them. */ if (! defined('NOTOKENRENEWAL')) define('NOTOKENRENEWAL','1'); // Disables token renewal @@ -38,7 +38,7 @@ require '../../main.inc.php'; //top_htmlhead("", "", 1); // Replaced with top_httphead. An ajax page does not need html header. top_httphead(); -//print ''."\n"; +//print ''."\n"; // Registering the location of boxes if (isset($_GET['action']) && ! empty($_GET['action'])) diff --git a/htdocs/core/ajax/vatrates.php b/htdocs/core/ajax/vatrates.php index fc30a13afec..ac9691bfa25 100644 --- a/htdocs/core/ajax/vatrates.php +++ b/htdocs/core/ajax/vatrates.php @@ -41,7 +41,7 @@ $productid = (GETPOST('productid','int')?GETPOST('productid','int'):0); top_httphead(); -//print ''."\n"; +//print ''."\n"; // Load original field value if (! empty($id) && ! empty($action) && ! empty($htmlname)) diff --git a/htdocs/core/ajax/ziptown.php b/htdocs/core/ajax/ziptown.php index 30e0211ece1..9fa475039d9 100644 --- a/htdocs/core/ajax/ziptown.php +++ b/htdocs/core/ajax/ziptown.php @@ -45,7 +45,7 @@ require_once DOL_DOCUMENT_ROOT.'/core/class/html.formcompany.class.php'; //top_htmlhead("", "", 1); // Replaced with top_httphead. An ajax page does not need html header. top_httphead(); -//print ''."\n"; +//print ''."\n"; dol_syslog("GET is ".join(',',$_GET).', MAIN_USE_ZIPTOWN_DICTIONNARY='.(empty($conf->global->MAIN_USE_ZIPTOWN_DICTIONNARY)?'':$conf->global->MAIN_USE_ZIPTOWN_DICTIONNARY)); //var_dump($_GET); diff --git a/htdocs/core/boxes/box_actions.php b/htdocs/core/boxes/box_actions.php index 973738fec11..096786c0ffa 100644 --- a/htdocs/core/boxes/box_actions.php +++ b/htdocs/core/boxes/box_actions.php @@ -44,6 +44,21 @@ class box_actions extends ModeleBoxes var $info_box_contents = array(); + /** + * Constructor + * + * @param DoliDB $db Database handler + * @param string $param More parameters + */ + function __construct($db,$param='') + { + global $user; + + $this->db = $db; + + $this->hidden = ! ($user->rights->agenda->myactions->read); + } + /** * Load data for box to show them later * @@ -173,8 +188,8 @@ class box_actions extends ModeleBoxes function showBox($head = null, $contents = null, $nooutput=0) { global $langs, $conf; - parent::showBox($this->info_box_head, $this->info_box_contents); - $out=''; + $out = parent::showBox($this->info_box_head, $this->info_box_contents); + if (! empty($conf->global->SHOW_DIALOG_HOMEPAGE)) { $actioncejour=false; diff --git a/htdocs/core/boxes/box_activity.php b/htdocs/core/boxes/box_activity.php index 34666507488..a7d54f3554a 100644 --- a/htdocs/core/boxes/box_activity.php +++ b/htdocs/core/boxes/box_activity.php @@ -51,11 +51,17 @@ class box_activity extends ModeleBoxes */ function __construct($db,$param) { - global $conf; + global $conf, $user; $this->db=$db; + // FIXME: Pb into some status - $this->enabled=$conf->global->MAIN_FEATURES_LEVEL; // Not enabled by default due to bugs (see previous comments) + $this->enabled=($conf->global->MAIN_FEATURES_LEVEL); // Not enabled by default due to bugs (see previous comments) + + $this->hidden= ! ((! empty($conf->facture->enabled) && $user->rights->facture->lire) + || (! empty($conf->commande->enabled) && $user->rights->commande->lire) + || (! empty($conf->propal->enabled) && $user->rights->propale->lire) + ); } /** @@ -352,7 +358,7 @@ class box_activity extends ModeleBoxes } // list the summary of the propals - if (! empty($conf->propal->enabled) && $user->rights->propal->lire) + if (! empty($conf->propal->enabled) && $user->rights->propale->lire) { include_once DOL_DOCUMENT_ROOT.'/comm/propal/class/propal.class.php'; $propalstatic=new Propal($db); @@ -456,10 +462,10 @@ class box_activity extends ModeleBoxes * @param array $head Array with properties of box title * @param array $contents Array with properties of box lines * @param int $nooutput No print, only return string - * @return void + * @return string */ function showBox($head = null, $contents = null, $nooutput=0) { - parent::showBox($this->info_box_head, $this->info_box_contents, $nooutput); + return parent::showBox($this->info_box_head, $this->info_box_contents, $nooutput); } } diff --git a/htdocs/core/boxes/box_bookmarks.php b/htdocs/core/boxes/box_bookmarks.php index e99a0b30387..92a2313d8e4 100644 --- a/htdocs/core/boxes/box_bookmarks.php +++ b/htdocs/core/boxes/box_bookmarks.php @@ -40,6 +40,21 @@ class box_bookmarks extends ModeleBoxes var $info_box_contents = array(); + /** + * Constructor + * + * @param DoliDB $db Database handler + * @param string $param More parameters + */ + function __construct($db,$param) + { + global $user; + + $this->db=$db; + + $this->hidden=! ($user->rights->bookmark->lire); + } + /** * Load data for box to show them later * @@ -136,11 +151,11 @@ class box_bookmarks extends ModeleBoxes * @param array $head Array with properties of box title * @param array $contents Array with properties of box lines * @param int $nooutput No print, only return string - * @return void + * @return string */ function showBox($head = null, $contents = null, $nooutput=0) { - parent::showBox($this->info_box_head, $this->info_box_contents, $nooutput); + return parent::showBox($this->info_box_head, $this->info_box_contents, $nooutput); } } diff --git a/htdocs/core/boxes/box_clients.php b/htdocs/core/boxes/box_clients.php index 307dcc7cbfd..5ef627e1ced 100644 --- a/htdocs/core/boxes/box_clients.php +++ b/htdocs/core/boxes/box_clients.php @@ -58,6 +58,8 @@ class box_clients extends ModeleBoxes // disable box for such cases if (! empty($conf->global->SOCIETE_DISABLE_CUSTOMERS)) $this->enabled=0; // disabled by this option + + $this->hidden = ! ($user->rights->societe->lire && empty($user->socid)); } /** @@ -158,11 +160,11 @@ class box_clients extends ModeleBoxes * @param array $head Array with properties of box title * @param array $contents Array with properties of box lines * @param int $nooutput No print, only return string - * @return void + * @return string */ function showBox($head = null, $contents = null, $nooutput=0) { - parent::showBox($this->info_box_head, $this->info_box_contents, $nooutput); + return parent::showBox($this->info_box_head, $this->info_box_contents, $nooutput); } } diff --git a/htdocs/core/boxes/box_commandes.php b/htdocs/core/boxes/box_commandes.php index 7653206333d..c8b2b30fbad 100644 --- a/htdocs/core/boxes/box_commandes.php +++ b/htdocs/core/boxes/box_commandes.php @@ -44,6 +44,21 @@ class box_commandes extends ModeleBoxes var $info_box_contents = array(); + /** + * Constructor + * + * @param DoliDB $db Database handler + * @param string $param More parameters + */ + function __construct($db,$param) + { + global $user; + + $this->db=$db; + + $this->hidden=! ($user->rights->commande->lire); + } + /** * Load data for box to show them later * @@ -177,11 +192,11 @@ class box_commandes extends ModeleBoxes * @param array $head Array with properties of box title * @param array $contents Array with properties of box lines * @param int $nooutput No print, only return string - * @return void + * @return string */ function showBox($head = null, $contents = null, $nooutput=0) { - parent::showBox($this->info_box_head, $this->info_box_contents, $nooutput); + return parent::showBox($this->info_box_head, $this->info_box_contents, $nooutput); } } diff --git a/htdocs/core/boxes/box_comptes.php b/htdocs/core/boxes/box_comptes.php index a1c3625e78c..245a15e946c 100644 --- a/htdocs/core/boxes/box_comptes.php +++ b/htdocs/core/boxes/box_comptes.php @@ -61,6 +61,8 @@ class box_comptes extends ModeleBoxes // disable module for such cases $listofmodulesforexternal=explode(',',$conf->global->MAIN_MODULES_FOR_EXTERNAL); if (! in_array('banque',$listofmodulesforexternal) && ! empty($user->societe_id)) $this->enabled=0; // disabled for external users + + $this->hidden = ! ($user->rights->banque->lire); } /** @@ -171,11 +173,11 @@ class box_comptes extends ModeleBoxes * @param array $head Array with properties of box title * @param array $contents Array with properties of box lines * @param int $nooutput No print, only return string - * @return void + * @return string */ function showBox($head = null, $contents = null, $nooutput=0) { - parent::showBox($this->info_box_head, $this->info_box_contents, $nooutput); + return parent::showBox($this->info_box_head, $this->info_box_contents, $nooutput); } } diff --git a/htdocs/core/boxes/box_contacts.php b/htdocs/core/boxes/box_contacts.php index 45963af9bb1..068d378ac5e 100644 --- a/htdocs/core/boxes/box_contacts.php +++ b/htdocs/core/boxes/box_contacts.php @@ -45,6 +45,21 @@ class box_contacts extends ModeleBoxes var $info_box_contents = array(); + /** + * Constructor + * + * @param DoliDB $db Database handler + * @param string $param More parameters + */ + function __construct($db,$param) + { + global $user; + + $this->db=$db; + + $this->hidden=! ($user->rights->societe->lire); + } + /** * Load data into info_box_contents array to show array later. * @@ -164,11 +179,11 @@ class box_contacts extends ModeleBoxes * @param array $head Array with properties of box title * @param array $contents Array with properties of box lines * @param int $nooutput No print, only return string - * @return void + * @return string */ function showBox($head = null, $contents = null, $nooutput=0) { - parent::showBox($this->info_box_head, $this->info_box_contents, $nooutput); + return parent::showBox($this->info_box_head, $this->info_box_contents, $nooutput); } } diff --git a/htdocs/core/boxes/box_contracts.php b/htdocs/core/boxes/box_contracts.php index fe864e1df16..747368d6112 100644 --- a/htdocs/core/boxes/box_contracts.php +++ b/htdocs/core/boxes/box_contracts.php @@ -43,6 +43,21 @@ class box_contracts extends ModeleBoxes var $info_box_contents = array(); + /** + * Constructor + * + * @param DoliDB $db Database handler + * @param string $param More parameters + */ + function __construct($db,$param) + { + global $user; + + $this->db=$db; + + $this->hidden=! ($user->rights->contrat->lire); + } + /** * Load data for box to show them later * @@ -160,11 +175,11 @@ class box_contracts extends ModeleBoxes * @param array $head Array with properties of box title * @param array $contents Array with properties of box lines * @param int $nooutput No print, only return string - * @return void + * @return string */ function showBox($head = null, $contents = null, $nooutput=0) { - parent::showBox($this->info_box_head, $this->info_box_contents, $nooutput); + return parent::showBox($this->info_box_head, $this->info_box_contents, $nooutput); } } diff --git a/htdocs/core/boxes/box_external_rss.php b/htdocs/core/boxes/box_external_rss.php index dbe71a6ca41..0e49caf9381 100644 --- a/htdocs/core/boxes/box_external_rss.php +++ b/htdocs/core/boxes/box_external_rss.php @@ -185,11 +185,11 @@ class box_external_rss extends ModeleBoxes * @param array $head Array with properties of box title * @param array $contents Array with properties of box lines * @param int $nooutput No print, only return string - * @return void + * @return string */ function showBox($head = null, $contents = null, $nooutput=0) { - parent::showBox($this->info_box_head, $this->info_box_contents, $nooutput); + return parent::showBox($this->info_box_head, $this->info_box_contents, $nooutput); } } diff --git a/htdocs/core/boxes/box_factures.php b/htdocs/core/boxes/box_factures.php index 22a90929a0b..aadf5ab13ba 100644 --- a/htdocs/core/boxes/box_factures.php +++ b/htdocs/core/boxes/box_factures.php @@ -42,6 +42,21 @@ class box_factures extends ModeleBoxes var $info_box_contents = array(); + /** + * Constructor + * + * @param DoliDB $db Database handler + * @param string $param More parameters + */ + function __construct($db,$param) + { + global $user; + + $this->db=$db; + + $this->hidden=! ($user->rights->facture->lire); + } + /** * Load data into info_box_contents array to show array later. * @@ -181,11 +196,11 @@ class box_factures extends ModeleBoxes * @param array $head Array with properties of box title * @param array $contents Array with properties of box lines * @param int $nooutput No print, only return string - * @return void + * @return string */ function showBox($head = null, $contents = null, $nooutput=0) { - parent::showBox($this->info_box_head, $this->info_box_contents, $nooutput); + return parent::showBox($this->info_box_head, $this->info_box_contents, $nooutput); } } diff --git a/htdocs/core/boxes/box_factures_fourn.php b/htdocs/core/boxes/box_factures_fourn.php index b43d9cfc47b..383a6115b29 100644 --- a/htdocs/core/boxes/box_factures_fourn.php +++ b/htdocs/core/boxes/box_factures_fourn.php @@ -43,6 +43,21 @@ class box_factures_fourn extends ModeleBoxes var $info_box_contents = array(); + /** + * Constructor + * + * @param DoliDB $db Database handler + * @param string $param More parameters + */ + function __construct($db,$param) + { + global $user; + + $this->db=$db; + + $this->hidden=! ($user->rights->fournisseur->facture->lire); + } + /** * Load data into info_box_contents array to show array later. * @@ -190,11 +205,11 @@ class box_factures_fourn extends ModeleBoxes * @param array $head Array with properties of box title * @param array $contents Array with properties of box lines * @param int $nooutput No print, only return string - * @return void + * @return string */ function showBox($head = null, $contents = null, $nooutput=0) { - parent::showBox($this->info_box_head, $this->info_box_contents, $nooutput); + return parent::showBox($this->info_box_head, $this->info_box_contents, $nooutput); } } diff --git a/htdocs/core/boxes/box_factures_fourn_imp.php b/htdocs/core/boxes/box_factures_fourn_imp.php index 0d6bc28f077..4c56fc9cc93 100644 --- a/htdocs/core/boxes/box_factures_fourn_imp.php +++ b/htdocs/core/boxes/box_factures_fourn_imp.php @@ -42,6 +42,21 @@ class box_factures_fourn_imp extends ModeleBoxes var $info_box_contents = array(); + /** + * Constructor + * + * @param DoliDB $db Database handler + * @param string $param More parameters + */ + function __construct($db,$param) + { + global $user; + + $this->db=$db; + + $this->hidden=! ($user->rights->fournisseur->facture->lire); + } + /** * Load data into info_box_contents array to show array later. * @@ -181,11 +196,11 @@ class box_factures_fourn_imp extends ModeleBoxes * @param array $head Array with properties of box title * @param array $contents Array with properties of box lines * @param int $nooutput No print, only return string - * @return void + * @return string */ function showBox($head = null, $contents = null, $nooutput=0) { - parent::showBox($this->info_box_head, $this->info_box_contents, $nooutput); + return parent::showBox($this->info_box_head, $this->info_box_contents, $nooutput); } } diff --git a/htdocs/core/boxes/box_factures_imp.php b/htdocs/core/boxes/box_factures_imp.php index d3336500263..ccb7f5c91eb 100644 --- a/htdocs/core/boxes/box_factures_imp.php +++ b/htdocs/core/boxes/box_factures_imp.php @@ -45,6 +45,21 @@ class box_factures_imp extends ModeleBoxes var $info_box_contents = array(); + /** + * Constructor + * + * @param DoliDB $db Database handler + * @param string $param More parameters + */ + function __construct($db,$param) + { + global $user; + + $this->db=$db; + + $this->hidden=! ($user->rights->facture->lire); + } + /** * Load data into info_box_contents array to show array later. * @@ -184,11 +199,11 @@ class box_factures_imp extends ModeleBoxes * @param array $head Array with properties of box title * @param array $contents Array with properties of box lines * @param int $nooutput No print, only return string - * @return void + * @return string */ function showBox($head = null, $contents = null, $nooutput=0) { - parent::showBox($this->info_box_head, $this->info_box_contents, $nooutput); + return parent::showBox($this->info_box_head, $this->info_box_contents, $nooutput); } } diff --git a/htdocs/core/boxes/box_ficheinter.php b/htdocs/core/boxes/box_ficheinter.php index d57a2a991df..0a68c8173b4 100644 --- a/htdocs/core/boxes/box_ficheinter.php +++ b/htdocs/core/boxes/box_ficheinter.php @@ -43,6 +43,21 @@ class box_ficheinter extends ModeleBoxes var $info_box_contents = array(); + /** + * Constructor + * + * @param DoliDB $db Database handler + * @param string $param More parameters + */ + function __construct($db,$param) + { + global $user; + + $this->db=$db; + + $this->hidden=! ($user->rights->ficheinter->lire); + } + /** * Load data for box to show them later * @@ -145,11 +160,11 @@ class box_ficheinter extends ModeleBoxes * @param array $head Array with properties of box title * @param array $contents Array with properties of box lines * @param int $nooutput No print, only return string - * @return void + * @return string */ function showBox($head = null, $contents = null, $nooutput=0) { - parent::showBox($this->info_box_head, $this->info_box_contents, $nooutput); + return parent::showBox($this->info_box_head, $this->info_box_contents, $nooutput); } } diff --git a/htdocs/core/boxes/box_fournisseurs.php b/htdocs/core/boxes/box_fournisseurs.php index ed3680af455..d9d41fd3d4f 100644 --- a/htdocs/core/boxes/box_fournisseurs.php +++ b/htdocs/core/boxes/box_fournisseurs.php @@ -43,6 +43,21 @@ class box_fournisseurs extends ModeleBoxes var $info_box_contents = array(); + /** + * Constructor + * + * @param DoliDB $db Database handler + * @param string $param More parameters + */ + function __construct($db,$param) + { + global $user; + + $this->db=$db; + + $this->hidden=! ($user->rights->societe->lire && empty($user->socid)); + } + /** * Load data into info_box_contents array to show array later. * @@ -140,11 +155,11 @@ class box_fournisseurs extends ModeleBoxes * @param array $head Array with properties of box title * @param array $contents Array with properties of box lines * @param int $nooutput No print, only return string - * @return void + * @return string */ function showBox($head = null, $contents = null, $nooutput=0) { - parent::showBox($this->info_box_head, $this->info_box_contents, $nooutput); + return parent::showBox($this->info_box_head, $this->info_box_contents, $nooutput); } } diff --git a/htdocs/core/boxes/box_goodcustomers.php b/htdocs/core/boxes/box_goodcustomers.php index 552ed92b8a3..36d99ce7b9a 100644 --- a/htdocs/core/boxes/box_goodcustomers.php +++ b/htdocs/core/boxes/box_goodcustomers.php @@ -59,7 +59,9 @@ class box_goodcustomers extends ModeleBoxes // disable box for such cases if (! empty($conf->global->SOCIETE_DISABLE_CUSTOMERS)) $this->enabled=0; // disabled by this option - if (empty($conf->global->MAIN_BOX_ENABLE_BEST_CUSTOMERS)) $this->enabled=0; // not enabled by default. Very slow on large database + if (empty($conf->global->MAIN_BOX_ENABLE_BEST_CUSTOMERS)) $this->enabled=0; // not enabled by default. Very slow on large database + + $this->hidden = ! ($user->rights->societe->lire); } /** @@ -160,11 +162,11 @@ class box_goodcustomers extends ModeleBoxes * @param array $head Array with properties of box title * @param array $contents Array with properties of box lines * @param int $nooutput No print, only return string - * @return void + * @return string */ function showBox($head = null, $contents = null, $nooutput=0) { - parent::showBox($this->info_box_head, $this->info_box_contents, $nooutput); + return parent::showBox($this->info_box_head, $this->info_box_contents, $nooutput); } } diff --git a/htdocs/core/boxes/box_graph_invoices_permonth.php b/htdocs/core/boxes/box_graph_invoices_permonth.php index e4639070203..49bdc447fa1 100644 --- a/htdocs/core/boxes/box_graph_invoices_permonth.php +++ b/htdocs/core/boxes/box_graph_invoices_permonth.php @@ -47,9 +47,11 @@ class box_graph_invoices_permonth extends ModeleBoxes */ function __construct($db,$param) { - global $conf; + global $user; $this->db=$db; + + $this->hidden = ! ($user->rights->facture->lire); } /** @@ -133,7 +135,7 @@ class box_graph_invoices_permonth extends ModeleBoxes if (! $mesg) { $langs->load("bills"); - + $px1->SetData($data1); unset($data1); $px1->SetPrecisionY(0); @@ -266,11 +268,11 @@ class box_graph_invoices_permonth extends ModeleBoxes * @param array $head Array with properties of box title * @param array $contents Array with properties of box lines * @param int $nooutput No print, only return string - * @return void + * @return string */ function showBox($head = null, $contents = null, $nooutput=0) { - parent::showBox($this->info_box_head, $this->info_box_contents, $nooutput); + return parent::showBox($this->info_box_head, $this->info_box_contents, $nooutput); } } diff --git a/htdocs/core/boxes/box_graph_invoices_supplier_permonth.php b/htdocs/core/boxes/box_graph_invoices_supplier_permonth.php index 254195b42f1..8e822db8baf 100644 --- a/htdocs/core/boxes/box_graph_invoices_supplier_permonth.php +++ b/htdocs/core/boxes/box_graph_invoices_supplier_permonth.php @@ -47,9 +47,11 @@ class box_graph_invoices_supplier_permonth extends ModeleBoxes */ function __construct($db,$param) { - global $conf; + global $user; $this->db=$db; + + $this->hidden = ! ($user->rights->fournisseur->facture->lire); } /** @@ -263,11 +265,11 @@ class box_graph_invoices_supplier_permonth extends ModeleBoxes * @param array $head Array with properties of box title * @param array $contents Array with properties of box lines * @param int $nooutput No print, only return string - * @return void + * @return string */ function showBox($head = null, $contents = null, $nooutput=0) { - parent::showBox($this->info_box_head, $this->info_box_contents, $nooutput); + return parent::showBox($this->info_box_head, $this->info_box_contents, $nooutput); } } diff --git a/htdocs/core/boxes/box_graph_orders_permonth.php b/htdocs/core/boxes/box_graph_orders_permonth.php index 6b023b9c157..ac48ca6313e 100644 --- a/htdocs/core/boxes/box_graph_orders_permonth.php +++ b/htdocs/core/boxes/box_graph_orders_permonth.php @@ -47,9 +47,11 @@ class box_graph_orders_permonth extends ModeleBoxes */ function __construct($db,$param) { - global $conf; + global $user; $this->db=$db; + + $this->hidden = ! ($user->rights->commande->lire); } /** @@ -264,11 +266,11 @@ class box_graph_orders_permonth extends ModeleBoxes * @param array $head Array with properties of box title * @param array $contents Array with properties of box lines * @param int $nooutput No print, only return string - * @return void + * @return string */ function showBox($head = null, $contents = null, $nooutput=0) { - parent::showBox($this->info_box_head, $this->info_box_contents, $nooutput); + return parent::showBox($this->info_box_head, $this->info_box_contents, $nooutput); } } diff --git a/htdocs/core/boxes/box_graph_orders_supplier_permonth.php b/htdocs/core/boxes/box_graph_orders_supplier_permonth.php index 646f28e949c..63868c8dcee 100644 --- a/htdocs/core/boxes/box_graph_orders_supplier_permonth.php +++ b/htdocs/core/boxes/box_graph_orders_supplier_permonth.php @@ -47,9 +47,11 @@ class box_graph_orders_supplier_permonth extends ModeleBoxes */ function __construct($db,$param) { - global $conf; + global $user; $this->db=$db; + + $this->hidden = ! ($user->rights->fournisseur->commande->lire); } /** @@ -263,11 +265,11 @@ class box_graph_orders_supplier_permonth extends ModeleBoxes * @param array $head Array with properties of box title * @param array $contents Array with properties of box lines * @param int $nooutput No print, only return string - * @return void + * @return string */ function showBox($head = null, $contents = null, $nooutput=0) { - parent::showBox($this->info_box_head, $this->info_box_contents, $nooutput); + return parent::showBox($this->info_box_head, $this->info_box_contents, $nooutput); } } diff --git a/htdocs/core/boxes/box_graph_product_distribution.php b/htdocs/core/boxes/box_graph_product_distribution.php index 2b3c69a9e15..0623c9a0466 100644 --- a/htdocs/core/boxes/box_graph_product_distribution.php +++ b/htdocs/core/boxes/box_graph_product_distribution.php @@ -48,9 +48,15 @@ class box_graph_product_distribution extends ModeleBoxes */ function __construct($db,$param) { - global $conf; + global $user, $conf; $this->db=$db; + + $this->hidden = ! ( + (! empty($conf->facture->enabled) && ! empty($user->rights->facture->lire)) + || (! empty($conf->commande->enabled) && ! empty($user->rights->commande->lire)) + || (! empty($conf->propal->enabled) && ! empty($user->rights->propale->lire)) + ); } /** @@ -93,7 +99,7 @@ class box_graph_product_distribution extends ModeleBoxes } if (empty($showinvoicenb) && empty($showpropalnb) && empty($showordernb)) { $showpropalnb=1; $showinvoicenb=1; $showordernb=1; } if (empty($conf->facture->enabled) || empty($user->rights->facture->lire)) $showinvoicenb=0; - if (empty($conf->propal->enabled) || empty($user->rights->propal->lire)) $showpropalnb=0; + if (empty($conf->propal->enabled) || empty($user->rights->propale->lire)) $showpropalnb=0; if (empty($conf->commande->enabled) || empty($user->rights->commande->lire)) $showordernb=0; $nowarray=dol_getdate(dol_now(),true); @@ -188,7 +194,7 @@ class box_graph_product_distribution extends ModeleBoxes } } - if (! empty($conf->propal->enabled) && ! empty($user->rights->propal->lire)) + if (! empty($conf->propal->enabled) && ! empty($user->rights->propale->lire)) { // Build graphic number of object. $data = array(array('Lib',val1,val2,val3),...) if ($showpropalnb) @@ -250,7 +256,7 @@ class box_graph_product_distribution extends ModeleBoxes if (! empty($conf->commande->enabled) && ! empty($user->rights->commande->lire)) { $langs->load("orders"); - + // Build graphic number of object. $data = array(array('Lib',val1,val2,val3),...) if ($showordernb) { @@ -334,7 +340,7 @@ class box_graph_product_distribution extends ModeleBoxes $stringtoshow.=' '.$langs->trans("ForCustomersInvoices"); $stringtoshow.='   '; } - if (! empty($conf->propal->enabled) || ! empty($user->rights->propal->lire)) + if (! empty($conf->propal->enabled) || ! empty($user->rights->propale->lire)) { $stringtoshow.=' '.$langs->trans("ForProposals"); $stringtoshow.=' '; @@ -393,11 +399,11 @@ class box_graph_product_distribution extends ModeleBoxes * @param array $head Array with properties of box title * @param array $contents Array with properties of box lines * @param int $nooutput No print, only return string - * @return void + * @return string */ function showBox($head = null, $contents = null, $nooutput=0) { - parent::showBox($this->info_box_head, $this->info_box_contents, $nooutput); + return parent::showBox($this->info_box_head, $this->info_box_contents, $nooutput); } } diff --git a/htdocs/core/boxes/box_graph_propales_permonth.php b/htdocs/core/boxes/box_graph_propales_permonth.php index 39fe12ed7a3..00bcc0cd1e3 100644 --- a/htdocs/core/boxes/box_graph_propales_permonth.php +++ b/htdocs/core/boxes/box_graph_propales_permonth.php @@ -47,9 +47,11 @@ class box_graph_propales_permonth extends ModeleBoxes */ function __construct($db,$param) { - global $conf; + global $user; $this->db=$db; + + $this->hidden=! ($user->rights->propale->lire); } /** @@ -87,7 +89,7 @@ class box_graph_propales_permonth extends ModeleBoxes if ($user->societe_id) $socid=$user->societe_id; if (! $user->rights->societe->client->voir || $socid) $prefix.='private-'.$user->id.'-'; // If user has no permission to see all, output dir is specific to user - if ($user->rights->propal->lire) + if ($user->rights->propale->lire) { $param_year='DOLUSERCOOKIE_box_'.$this->boxcode.'_year'; $param_shownb='DOLUSERCOOKIE_box_'.$this->boxcode.'_shownb'; @@ -265,11 +267,11 @@ class box_graph_propales_permonth extends ModeleBoxes * @param array $head Array with properties of box title * @param array $contents Array with properties of box lines * @param int $nooutput No print, only return string - * @return void + * @return string */ function showBox($head = null, $contents = null, $nooutput=0) { - parent::showBox($this->info_box_head, $this->info_box_contents, $nooutput); + return parent::showBox($this->info_box_head, $this->info_box_contents, $nooutput); } } diff --git a/htdocs/core/boxes/box_members.php b/htdocs/core/boxes/box_members.php index afcbe8e68a6..b19c35ca8b3 100644 --- a/htdocs/core/boxes/box_members.php +++ b/htdocs/core/boxes/box_members.php @@ -60,6 +60,8 @@ class box_members extends ModeleBoxes // disable module for such cases $listofmodulesforexternal=explode(',',$conf->global->MAIN_MODULES_FOR_EXTERNAL); if (! in_array('adherent',$listofmodulesforexternal) && ! empty($user->societe_id)) $this->enabled=0; // disabled for external users + + $this->hidden=! ($user->rights->adherent->lire); } /** @@ -170,11 +172,11 @@ class box_members extends ModeleBoxes * @param array $head Array with properties of box title * @param array $contents Array with properties of box lines * @param int $nooutput No print, only return string - * @return void + * @return string */ function showBox($head = null, $contents = null, $nooutput=0) { - parent::showBox($this->info_box_head, $this->info_box_contents, $nooutput); + return parent::showBox($this->info_box_head, $this->info_box_contents, $nooutput); } } diff --git a/htdocs/core/boxes/box_produits.php b/htdocs/core/boxes/box_produits.php index 51ee156fbeb..35e44296d93 100644 --- a/htdocs/core/boxes/box_produits.php +++ b/htdocs/core/boxes/box_produits.php @@ -45,6 +45,21 @@ class box_produits extends ModeleBoxes var $info_box_contents = array(); + /** + * Constructor + * + * @param DoliDB $db Database handler + * @param string $param More parameters + */ + function __construct($db,$param) + { + global $user; + + $this->db=$db; + + $this->hidden=! ($user->rights->produit->lire || $user->rights->service->lire); + } + /** * Load data into info_box_contents array to show array later. * @@ -53,7 +68,7 @@ class box_produits extends ModeleBoxes */ function loadBox($max=5) { - global $user, $langs, $db, $conf; + global $user, $langs, $db, $conf, $hookmanager; $this->max=$max; @@ -69,6 +84,13 @@ class box_produits extends ModeleBoxes $sql.= ' WHERE p.entity IN ('.getEntity($productstatic->element, 1).')'; if (empty($user->rights->produit->lire)) $sql.=' AND p.fk_product_type != 0'; if (empty($user->rights->service->lire)) $sql.=' AND p.fk_product_type != 1'; + // Add where from hooks + if (is_object($hookmanager)) + { + $parameters=array('boxproductlist'=>1); + $reshook=$hookmanager->executeHooks('printFieldListWhere',$parameters); // Note that $action and $object may have been modified by hook + $sql.=$hookmanager->resPrint; + } $sql.= $db->order('p.datec', 'DESC'); $sql.= $db->plimit($max, 0); @@ -155,12 +177,14 @@ class box_produits extends ModeleBoxes $this->info_box_contents[$line][] = array( 'td' => 'align="right" width="18"', - 'text' => $productstatic->LibStatut($objp->tosell,3,0), + 'text' => ''.$productstatic->LibStatut($objp->tosell,3,0).'', + 'asis' => 1 ); $this->info_box_contents[$line][] = array( 'td' => 'align="right" width="18"', - 'text' => $productstatic->LibStatut($objp->tobuy,3,1), + 'text' => ''.$productstatic->LibStatut($objp->tobuy,3,1).'', + 'asis' => 1 ); $line++; @@ -193,11 +217,11 @@ class box_produits extends ModeleBoxes * @param array $head Array with properties of box title * @param array $contents Array with properties of box lines * @param int $nooutput No print, only return string - * @return void + * @return string */ function showBox($head = null, $contents = null, $nooutput=0) { - parent::showBox($this->info_box_head, $this->info_box_contents, $nooutput); + return parent::showBox($this->info_box_head, $this->info_box_contents, $nooutput); } } diff --git a/htdocs/core/boxes/box_produits_alerte_stock.php b/htdocs/core/boxes/box_produits_alerte_stock.php index 884cf92b52a..295fd6c6392 100644 --- a/htdocs/core/boxes/box_produits_alerte_stock.php +++ b/htdocs/core/boxes/box_produits_alerte_stock.php @@ -47,6 +47,21 @@ class box_produits_alerte_stock extends ModeleBoxes var $info_box_contents = array(); + /** + * Constructor + * + * @param DoliDB $db Database handler + * @param string $param More parameters + */ + function __construct($db,$param='') + { + global $user; + + $this->db = $db; + + $this->hidden = ! (($user->rights->produit->lire || $user->rights->service->lire) && $user->rights->stock->lire); + } + /** * Load data into info_box_contents array to show array later. * @@ -55,7 +70,7 @@ class box_produits_alerte_stock extends ModeleBoxes */ function loadBox($max=5) { - global $user, $langs, $db, $conf; + global $user, $langs, $db, $conf, $hookmanager; $this->max=$max; @@ -64,7 +79,7 @@ class box_produits_alerte_stock extends ModeleBoxes $this->info_box_head = array('text' => $langs->trans("BoxTitleProductsAlertStock",$max)); - if ($user->rights->produit->lire || $user->rights->service->lire) + if (($user->rights->produit->lire || $user->rights->service->lire) && $user->rights->stock->lire) { $sql = "SELECT p.rowid, p.label, p.price, p.ref, p.price_base_type, p.price_ttc, p.fk_product_type, p.tms, p.tosell, p.tobuy, p.seuil_stock_alerte, p.entity,"; $sql.= " SUM(".$db->ifsql("s.reel IS NULL","0","s.reel").") as total_stock"; @@ -74,7 +89,14 @@ class box_produits_alerte_stock extends ModeleBoxes $sql.= " AND p.tosell = 1 AND p.seuil_stock_alerte > 0"; if (empty($user->rights->produit->lire)) $sql.=' AND p.fk_product_type != 0'; if (empty($user->rights->service->lire)) $sql.=' AND p.fk_product_type != 1'; - $sql.= " GROUP BY p.rowid, p.ref, p.label, p.price, p.price_base_type, p.price_ttc, p.fk_product_type, p.tms, p.tosell, p.tobuy, p.seuil_stock_alerte, p.entity"; + // Add where from hooks + if (is_object($hookmanager)) + { + $parameters=array('boxproductalertstocklist'=>1); + $reshook=$hookmanager->executeHooks('printFieldListWhere',$parameters); // Note that $action and $object may have been modified by hook + $sql.=$hookmanager->resPrint; + } + $sql.= " GROUP BY p.rowid, p.ref, p.label, p.price, p.price_base_type, p.price_ttc, p.fk_product_type, p.tms, p.tosell, p.tobuy, p.seuil_stock_alerte, p.entity"; $sql.= " HAVING SUM(".$db->ifsql("s.reel IS NULL","0","s.reel").") < p.seuil_stock_alerte"; $sql.= $db->order('p.seuil_stock_alerte', 'DESC'); $sql.= $db->plimit($max, 0); @@ -157,15 +179,22 @@ class box_produits_alerte_stock extends ModeleBoxes 'text' => $price_base_type, ); - $this->info_box_contents[$line][] = array('td' => 'align="center"', + $this->info_box_contents[$line][] = array( + 'td' => 'align="center"', 'text' => $objp->total_stock . ' / '.$objp->seuil_stock_alerte, 'text2'=>img_warning($langs->transnoentitiesnoconv("StockLowerThanLimit"))); - $this->info_box_contents[$line][] = array('td' => 'align="right" width="18"', - 'text' => $productstatic->LibStatut($objp->tosell,3,0)); + $this->info_box_contents[$line][] = array( + 'td' => 'align="right" width="18"', + 'text' => ''.$productstatic->LibStatut($objp->tosell,3,0).'', + 'asis' => 1 + ); - $this->info_box_contents[$line][] = array('td' => 'align="right" width="18"', - 'text' => $productstatic->LibStatut($objp->tobuy,3,1)); + $this->info_box_contents[$line][] = array( + 'td' => 'align="right" width="18"', + 'text' => ''.$productstatic->LibStatut($objp->tobuy,3,0).'', + 'asis' => 1 + ); $line++; } @@ -200,11 +229,11 @@ class box_produits_alerte_stock extends ModeleBoxes * @param array $head Array with properties of box title * @param array $contents Array with properties of box lines * @param int $nooutput No print, only return string - * @return void + * @return string */ function showBox($head = null, $contents = null, $nooutput=0) { - parent::showBox($this->info_box_head, $this->info_box_contents, $nooutput); + return parent::showBox($this->info_box_head, $this->info_box_contents, $nooutput); } } diff --git a/htdocs/core/boxes/box_project.php b/htdocs/core/boxes/box_project.php index a47ae3d0cb5..66fd386d226 100644 --- a/htdocs/core/boxes/box_project.php +++ b/htdocs/core/boxes/box_project.php @@ -48,12 +48,14 @@ class box_project extends ModeleBoxes */ function __construct($db,$param='') { - global $langs; + global $user, $langs; $langs->load("boxes"); $langs->load("projects"); $this->db = $db; $this->boxlabel="Projects"; + + $this->hidden=! ($user->rights->projet->lire); } /** @@ -77,16 +79,16 @@ class box_project extends ModeleBoxes // list the summary of the orders if ($user->rights->projet->lire) { - + include_once(DOL_DOCUMENT_ROOT.'/projet/class/project.class.php'); $projectstatic = new Project($this->db); - + $socid=$user->societe_id; - + // Get list of project id allowed to user (in a string list separated by coma) $projectsListId=''; if (! $user->rights->projet->all->lire) $projectsListId = $projectstatic->getProjectsAuthorizedForUser($user,0,1,$socid); - + $sql = "SELECT p.rowid, p.ref, p.title, p.fk_statut, p.public"; $sql.= " FROM ".MAIN_DB_PREFIX."projet as p"; if($user->socid) $sql.= " INNER JOIN ".MAIN_DB_PREFIX."societe as s ON s.rowid=p.fk_soc"; @@ -96,7 +98,7 @@ class box_project extends ModeleBoxes $sql.= " AND p.fk_statut = 1"; // Seulement les projets ouverts if ($socid) $sql.= " AND (p.fk_soc IS NULL OR p.fk_soc = 0 OR p.fk_soc = ".$socid.")"; if (! $user->rights->societe->client->voir && ! $socid) $sql.= " AND ((s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id.") OR (s.rowid IS NULL))"; - + $sql.= " ORDER BY p.datec DESC"; //$sql.= $db->plimit($max, 0); @@ -156,7 +158,7 @@ class box_project extends ModeleBoxes } if ($max < $num) { - $this->info_box_contents[$i][0] = array('td' => 'colspan="5"', 'text' => '...'); + $this->info_box_contents[$i][0] = array('td' => 'colspan="5"', 'text' => '...'); $i++; } } @@ -195,11 +197,11 @@ class box_project extends ModeleBoxes * @param array $head Array with properties of box title * @param array $contents Array with properties of box lines * @param int $nooutput No print, only return string - * @return void + * @return string */ function showBox($head = null, $contents = null, $nooutput=0) { - parent::showBox($this->info_box_head, $this->info_box_contents, $nooutput); + return parent::showBox($this->info_box_head, $this->info_box_contents, $nooutput); } } diff --git a/htdocs/core/boxes/box_propales.php b/htdocs/core/boxes/box_propales.php index b0a1e4a3798..a505fa8e275 100644 --- a/htdocs/core/boxes/box_propales.php +++ b/htdocs/core/boxes/box_propales.php @@ -44,6 +44,21 @@ class box_propales extends ModeleBoxes var $info_box_contents = array(); + /** + * Constructor + * + * @param DoliDB $db Database handler + * @param string $param More parameters + */ + function __construct($db,$param) + { + global $user; + + $this->db=$db; + + $this->hidden=! ($user->rights->propale->lire); + } + /** * Load data into info_box_contents array to show array later. * @@ -167,11 +182,11 @@ class box_propales extends ModeleBoxes * @param array $head Array with properties of box title * @param array $contents Array with properties of box lines * @param int $nooutput No print, only return string - * @return void + * @return string */ function showBox($head = null, $contents = null, $nooutput=0) { - parent::showBox($this->info_box_head, $this->info_box_contents, $nooutput); + return parent::showBox($this->info_box_head, $this->info_box_contents, $nooutput); } } diff --git a/htdocs/core/boxes/box_prospect.php b/htdocs/core/boxes/box_prospect.php index 40adb98b405..d3b24782d83 100644 --- a/htdocs/core/boxes/box_prospect.php +++ b/htdocs/core/boxes/box_prospect.php @@ -60,6 +60,8 @@ class box_prospect extends ModeleBoxes // disable box for such cases if (! empty($conf->global->SOCIETE_DISABLE_PROSPECTS)) $this->enabled=0; // disabled by this option + + $this->hidden=! ($user->rights->societe->lire && empty($user->socid)); } /** @@ -168,11 +170,11 @@ class box_prospect extends ModeleBoxes * @param array $head Array with properties of box title * @param array $contents Array with properties of box lines * @param int $nooutput No print, only return string - * @return void + * @return string */ function showBox($head = null, $contents = null, $nooutput=0) { - parent::showBox($this->info_box_head, $this->info_box_contents, $nooutput); + return parent::showBox($this->info_box_head, $this->info_box_contents, $nooutput); } } diff --git a/htdocs/core/boxes/box_services_contracts.php b/htdocs/core/boxes/box_services_contracts.php index 4d7759ff081..fd8346a3f0c 100644 --- a/htdocs/core/boxes/box_services_contracts.php +++ b/htdocs/core/boxes/box_services_contracts.php @@ -43,6 +43,21 @@ class box_services_contracts extends ModeleBoxes var $info_box_contents = array(); + /** + * Constructor + * + * @param DoliDB $db Database handler + * @param string $param More parameters + */ + function __construct($db,$param) + { + global $user; + + $this->db=$db; + + $this->hidden=! ($user->rights->service->lire && $user->rights->contrat->lire); + } + /** * Load data into info_box_contents array to show array later. * @@ -173,11 +188,11 @@ class box_services_contracts extends ModeleBoxes * @param array $head Array with properties of box title * @param array $contents Array with properties of box lines * @param int $nooutput No print, only return string - * @return void + * @return string */ function showBox($head = null, $contents = null, $nooutput=0) { - parent::showBox($this->info_box_head, $this->info_box_contents, $nooutput); + return parent::showBox($this->info_box_head, $this->info_box_contents, $nooutput); } } diff --git a/htdocs/core/boxes/box_services_expired.php b/htdocs/core/boxes/box_services_expired.php index 90f36ef6d30..42ac3750a11 100644 --- a/htdocs/core/boxes/box_services_expired.php +++ b/htdocs/core/boxes/box_services_expired.php @@ -42,6 +42,21 @@ class box_services_expired extends ModeleBoxes var $info_box_contents = array(); + /** + * Constructor + * + * @param DoliDB $db Database handler + * @param string $param More parameters + */ + function __construct($db,$param) + { + global $user; + + $this->db=$db; + + $this->hidden=! ($user->rights->contrat->lire); + } + /** * Load data for box to show them later * @@ -84,7 +99,7 @@ class box_services_expired extends ModeleBoxes $i = 0; $thirdpartytmp = new Societe($this->db); - + while ($i < $num) { $late=''; @@ -151,11 +166,11 @@ class box_services_expired extends ModeleBoxes * @param array $head Array with properties of box title * @param array $contents Array with properties of box lines * @param int $nooutput No print, only return string - * @return void + * @return string */ function showBox($head = null, $contents = null, $nooutput=0) { - parent::showBox($this->info_box_head, $this->info_box_contents, $nooutput); + return parent::showBox($this->info_box_head, $this->info_box_contents, $nooutput); } } diff --git a/htdocs/core/boxes/box_supplier_orders.php b/htdocs/core/boxes/box_supplier_orders.php index 1f0e1ece2ef..4f28a8ce62c 100644 --- a/htdocs/core/boxes/box_supplier_orders.php +++ b/htdocs/core/boxes/box_supplier_orders.php @@ -43,6 +43,21 @@ class box_supplier_orders extends ModeleBoxes var $info_box_contents = array(); + /** + * Constructor + * + * @param DoliDB $db Database handler + * @param string $param More parameters + */ + function __construct($db,$param) + { + global $user; + + $this->db=$db; + + $this->hidden=! ($user->rights->fournisseur->commande->lire); + } + /** * Load data into info_box_contents array to show array later. * @@ -172,11 +187,11 @@ class box_supplier_orders extends ModeleBoxes * @param array $head Array with properties of box title * @param array $contents Array with properties of box lines * @param int $nooutput No print, only return string - * @return void + * @return string */ function showBox($head = null, $contents = null, $nooutput=0) { - parent::showBox($this->info_box_head, $this->info_box_contents, $nooutput); + return parent::showBox($this->info_box_head, $this->info_box_contents, $nooutput); } } diff --git a/htdocs/core/boxes/box_task.php b/htdocs/core/boxes/box_task.php index 29dd9390597..e6224198ca5 100644 --- a/htdocs/core/boxes/box_task.php +++ b/htdocs/core/boxes/box_task.php @@ -42,6 +42,7 @@ class box_task extends ModeleBoxes var $info_box_head = array(); var $info_box_contents = array(); + /** * Constructor * @@ -50,11 +51,13 @@ class box_task extends ModeleBoxes */ function __construct($db,$param='') { - global $langs; + global $user, $langs; $langs->load("boxes"); $langs->load("projects"); $this->boxlabel="Tasks"; $this->db = $db; + + $this->hidden = ! ($user->rights->projet->lire); } /** @@ -138,10 +141,10 @@ class box_task extends ModeleBoxes * @param array $head Array with properties of box title * @param array $contents Array with properties of box lines * @param int $nooutput No print, only return string - * @return void + * @return string */ function showBox($head = null, $contents = null, $nooutput=0) { - parent::showBox($this->info_box_head, $this->info_box_contents, $nooutput); + return parent::showBox($this->info_box_head, $this->info_box_contents, $nooutput); } } diff --git a/htdocs/core/boxes/modules_boxes.php b/htdocs/core/boxes/modules_boxes.php index 566da25aad3..b1a27f1d77c 100644 --- a/htdocs/core/boxes/modules_boxes.php +++ b/htdocs/core/boxes/modules_boxes.php @@ -49,10 +49,15 @@ class ModeleBoxes // Can't be abtract as it is instantiated to build "empty" public $max = 5; /** - * @var int Status + * @var int Condition to have widget enabled */ public $enabled=1; + /** + * @var int Condition to have widget visible (in most cases, permissions) + */ + public $hidden=0; + /** * @var int Box definition database ID */ @@ -168,29 +173,29 @@ class ModeleBoxes // Can't be abtract as it is instantiated to build "empty" } } - + /** * Standard method to get content of a box * * @param array $head Array with properties of box title * @param array $contents Array with properties of box lines * - * @return string + * @return string */ function outputBox($head = null, $contents = null) { global $langs, $user, $conf; - + // Trick to get result into a var from a function that makes print instead of return // TODO Replace ob_start with param nooutput=1 into showBox ob_start(); $result = $this->showBox($head, $contents); $output = ob_get_contents(); ob_end_clean(); - + return $output; } - + /** * Standard method to show a box (usage by boxes not mandatory, a box can still use its own showBox function) * @@ -203,6 +208,8 @@ class ModeleBoxes // Can't be abtract as it is instantiated to build "empty" { global $langs, $user, $conf; + if (! empty($this->hidden)) return '\n\n'; // Nothing done if hidden (for example when user has no permission) + require_once DOL_DOCUMENT_ROOT .'/core/lib/files.lib.php'; $MAXLENGTHBOX=60; // Mettre 0 pour pas de limite @@ -365,13 +372,13 @@ class ModeleBoxes // Can't be abtract as it is instantiated to build "empty" $out = ""; $out.= dol_readcachefile($cachedir, $filename); } - + if ($nooutput) return $out; else print $out; - + return ''; } - + } diff --git a/htdocs/core/class/commonobject.class.php b/htdocs/core/class/commonobject.class.php index 529bb20a89b..d98625db1cc 100644 --- a/htdocs/core/class/commonobject.class.php +++ b/htdocs/core/class/commonobject.class.php @@ -398,7 +398,7 @@ abstract class CommonObject $lastname=$this->lastname; $firstname=$this->firstname; if (empty($lastname)) $lastname=(isset($this->lastname)?$this->lastname:(isset($this->name)?$this->name:(isset($this->nom)?$this->nom:(isset($this->societe)?$this->societe:(isset($this->company)?$this->company:''))))); - + $ret=''; if ($option && $this->civility_id) { @@ -597,11 +597,11 @@ abstract class CommonObject dol_syslog("CODE_NOT_VALID_FOR_THIS_ELEMENT"); return -3; } - + $datecreate = dol_now(); $this->db->begin(); - + // Insertion dans la base $sql = "INSERT INTO ".MAIN_DB_PREFIX."element_contact"; $sql.= " (element_id, fk_socpeople, datecreate, statut, fk_c_type_contact) "; @@ -1230,19 +1230,19 @@ abstract class CommonObject function setValueFrom($field, $value, $table='', $id=null, $format='', $id_field='', $fuser=null, $trigkey='') { global $user,$langs,$conf; - + if (empty($table)) $table=$this->table_element; if (empty($id)) $id=$this->id; if (empty($format)) $format='text'; if (empty($id_field)) $id_field='rowid'; $error=0; - + $this->db->begin(); // Special case if ($table == 'product' && $field == 'note_private') $field='note'; - + $sql = "UPDATE ".MAIN_DB_PREFIX.$table." SET "; if ($format == 'text') $sql.= $field." = '".$this->db->escape($value)."'"; else if ($format == 'int') $sql.= $field." = ".$this->db->escape($value); @@ -1284,7 +1284,7 @@ abstract class CommonObject /** * Load properties id_previous and id_next * - * @param string $filter Optional filter + * @param string $filter Optional filter. Example: " AND (t.field1 = 'aa' OR t.field2 = 'bb')" * @param int $fieldid Name of field to use for the select MAX and MIN * @param int $nodbprefix Do not include DB prefix to forge table name * @return int <0 if KO, >0 if OK @@ -1310,11 +1310,15 @@ abstract class CommonObject if (empty($this->isnolinkedbythird) && !$user->rights->societe->client->voir) $sql.= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON ".$alias.".rowid = sc.fk_soc"; $sql.= " WHERE te.".$fieldid." < '".$this->db->escape($this->ref)."'"; // ->ref must always be defined (set to id if field does not exists) if (empty($this->isnolinkedbythird) && !$user->rights->societe->client->voir) $sql.= " AND sc.fk_user = " .$user->id; - if (! empty($filter)) $sql.=" AND ".$filter; + if (! empty($filter)) + { + if (! preg_match('/^\s*AND/i', $filter)) $sql.=" AND "; // For backward compatibility + $sql.=$filter; + } if (isset($this->ismultientitymanaged) && $this->ismultientitymanaged == 2 || ($this->element != 'societe' && empty($this->isnolinkedbythird) && !$user->rights->societe->client->voir)) $sql.= ' AND te.fk_soc = s.rowid'; // If we need to link to societe to limit select to entity if (isset($this->ismultientitymanaged) && $this->ismultientitymanaged == 1) $sql.= ' AND te.entity IN ('.getEntity($this->element, 1).')'; - //print $sql."
"; + //print $filter.' '.$sql."
"; $result = $this->db->query($sql); if (! $result) { @@ -1331,7 +1335,11 @@ abstract class CommonObject if (empty($this->isnolinkedbythird) && !$user->rights->societe->client->voir) $sql.= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON ".$alias.".rowid = sc.fk_soc"; $sql.= " WHERE te.".$fieldid." > '".$this->db->escape($this->ref)."'"; // ->ref must always be defined (set to id if field does not exists) if (empty($this->isnolinkedbythird) && !$user->rights->societe->client->voir) $sql.= " AND sc.fk_user = " .$user->id; - if (! empty($filter)) $sql.=" AND ".$filter; + if (! empty($filter)) + { + if (! preg_match('/^\s*AND/i', $filter)) $sql.=" AND "; // For backward compatibility + $sql.=$filter; + } if (isset($this->ismultientitymanaged) && $this->ismultientitymanaged == 2 || ($this->element != 'societe' && empty($this->isnolinkedbythird) && !$user->rights->societe->client->voir)) $sql.= ' AND te.fk_soc = s.rowid'; // If we need to link to societe to limit select to entity if (isset($this->ismultientitymanaged) && $this->ismultientitymanaged == 1) $sql.= ' AND te.entity IN ('.getEntity($this->element, 1).')'; // Rem: Bug in some mysql version: SELECT MIN(rowid) FROM llx_socpeople WHERE rowid > 1 when one row in database with rowid=1, returns 1 instead of null @@ -1518,7 +1526,7 @@ abstract class CommonObject if($mode == 1) { $line->subprice = 0; } - + switch ($this->element) { case 'propal': $this->updateline($line->id, $line->subprice, $line->qty, $line->remise_percent, $line->tva_tx, $line->localtax1_tx, $line->localtax2_tx, $line->desc, 'HT', $line->info_bits, $line->special_code, $line->fk_parent_line, $line->skip_update_total, $line->fk_fournprice, $line->pa_ht, $line->label, $line->product_type, $line->date_start, $line->date_end, $line->array_options, $line->fk_unit, $line->multicurrency_subprice); @@ -2154,7 +2162,7 @@ abstract class CommonObject // Special cas //var_dump($this->table_element);exit; if ($this->table_element == 'product') $suffix=''; - + $sql = 'UPDATE '.MAIN_DB_PREFIX.$this->table_element; $sql.= " SET note".$suffix." = ".(!empty($note)?("'".$this->db->escape($note)."'"):"NULL"); $sql.= " WHERE rowid =". $this->id; @@ -2164,7 +2172,7 @@ abstract class CommonObject { if ($suffix == '_public') $this->note_public = $note; else if ($suffix == '_private') $this->note_private = $note; - else + else { $this->note = $note; // deprecated $this->note_private = $note; @@ -2413,7 +2421,7 @@ abstract class CommonObject // Special case if ($origin == 'order') $origin='commande'; if ($origin == 'invoice') $origin='facture'; - + $this->db->begin(); $sql = "INSERT INTO ".MAIN_DB_PREFIX."element_element ("; @@ -2446,10 +2454,10 @@ abstract class CommonObject * Fetch array of objects linked to current object. Links are loaded into this->linkedObjects array and this->linkedObjectsIds * Possible usage for parameters: * - all parameters empty -> we look all link to current object (current object can be source or target) - * - source id+type -> will get target list linked to source - * - target id+type -> will get source list linked to target - * - source id+type + target type -> will get target list of the type - * - target id+type + target source -> will get source list of the type + * - source id+type -> will get target list linked to source + * - target id+type -> will get source list linked to target + * - source id+type + target type -> will get target list of the type + * - target id+type + target source -> will get source list of the type * * @param int $sourceid Object source id (if not defined, id of object) * @param string $sourcetype Object source type (if not defined, element name of object) @@ -2902,7 +2910,7 @@ abstract class CommonObject function isObjectUsed($id=0) { if (empty($id)) $id=$this->id; - + // Check parameters if (! isset($this->childtables) || ! is_array($this->childtables) || count($this->childtables) == 0) { @@ -3019,12 +3027,12 @@ abstract class CommonObject foreach ($this->lines as $line) { - if (isset($line->qty_asked)) + if (isset($line->qty_asked)) { if (empty($totalOrdered)) $totalOrdered=0; // Avoid warning because $totalOrdered is '' $totalOrdered+=$line->qty_asked; // defined for shipment only } - if (isset($line->qty_shipped)) + if (isset($line->qty_shipped)) { if (empty($totalToShip)) $totalToShip=0; // Avoid warning because $totalToShip is '' $totalToShip+=$line->qty_shipped; // defined for shipment only @@ -3052,7 +3060,7 @@ abstract class CommonObject if (empty($totalWeight)) $totalWeight=0; // Avoid warning because $totalWeight is '' if (empty($totalVolume)) $totalVolume=0; // Avoid warning because $totalVolume is '' - + //var_dump($line->volume_units); if ($weight_units < 50) // >50 means a standard unit (power of 10 of official unit), > 50 means an exotic unit (like inch) { @@ -3369,9 +3377,9 @@ abstract class CommonObject if ($conf->global->MARGIN_TYPE == "1") print ''; else - print ''; + print ''; } - + if (! empty($conf->global->DISPLAY_MARGIN_RATES) && $user->rights->margins->liretous) print ''; if (! empty($conf->global->DISPLAY_MARK_RATES) && $user->rights->margins->liretous) @@ -3906,7 +3914,7 @@ abstract class CommonObject if ($filefound) { global $db; // Required to solve a conception default in commonstickergenerator.class.php making an include of code using $db - + require_once $file; $obj = new $classname($this->db); @@ -3965,7 +3973,7 @@ abstract class CommonObject // output format that does not support UTF8. $sav_charset_output=$outputlangs->charset_output; - if (in_array(get_class($this), array('Adherent'))) + if (in_array(get_class($this), array('Adherent'))) { $arrayofrecords = array(); // The write_file of templates of adherent class need this $resultwritefile = $obj->write_file($this, $outputlangs, $srctemplatepath, 'member', 1, $moreparams); @@ -4226,7 +4234,7 @@ abstract class CommonObject require_once DOL_DOCUMENT_ROOT.'/core/class/extrafields.class.php'; $extrafields = new ExtraFields($this->db); $target_extrafields=$extrafields->fetch_name_optionals_label($this->table_element); - + //Eliminate copied source object extra_fields that do not exist in target object $new_array_options=array(); foreach ($this->array_options as $key => $value) { @@ -4275,7 +4283,7 @@ abstract class CommonObject { if (is_numeric($value)) $res=$object->fetch($value); else $res=$object->fetch('',$value); - + if ($res > 0) $this->array_options[$key]=$object->id; else { diff --git a/htdocs/core/class/hookmanager.class.php b/htdocs/core/class/hookmanager.class.php index 0c78e89fa9e..ea1048fd4d1 100644 --- a/htdocs/core/class/hookmanager.class.php +++ b/htdocs/core/class/hookmanager.class.php @@ -121,7 +121,7 @@ class HookManager * All types can also return some values into an array ->results that will be finaly merged into this->resArray for caller. * $this->error or this->errors are also defined by class called by this function if error. */ - function executeHooks($method, $parameters=false, &$object='', &$action='') + function executeHooks($method, $parameters=array(), &$object='', &$action='') { if (! is_array($this->hooks) || empty($this->hooks)) return ''; @@ -200,9 +200,9 @@ class HookManager // test to avoid running twice a hook, when a module implements several active contexts if (in_array($module,$modulealreadyexecuted)) continue; - + dol_syslog(get_class($this).'::executeHooks a qualified hook was found for method='.$method.' module='.$module." action=".$action." context=".$context); - + $modulealreadyexecuted[$module]=$module; // Use the $currentcontext in method to avoid running twice // Clean class (an error may have been set from a previous call of another method for same module/hook) @@ -229,7 +229,7 @@ class HookManager // Generic hooks that return a string or array (printLeftBlock, formAddObjectLine, formBuilddocOptions, ...) else { - // TODO. this should be done into the method of hook by returning nothing + // TODO. this test should be done into the method of hook by returning nothing if (is_array($parameters) && ! empty($parameters['special_code']) && $parameters['special_code'] > 3 && $parameters['special_code'] != $actionclassinstance->module_number) continue; //dol_syslog("Call method ".$method." of class ".get_class($actionclassinstance).", module=".$module.", hooktype=".$hooktype, LOG_DEBUG); @@ -237,7 +237,7 @@ class HookManager if (! empty($actionclassinstance->results) && is_array($actionclassinstance->results)) $this->resArray =array_merge($this->resArray, $actionclassinstance->results); if (! empty($actionclassinstance->resprints)) $this->resPrint.=$actionclassinstance->resprints; - // TODO dead code to remove (do not enable this, but fix hook instead): result must not be a string. we must use $actionclassinstance->resprints to return a string + // TODO dead code to remove (do not enable this, but fix hook instead): result must not be a string but an int. you must use $actionclassinstance->resprints to return a string if (! is_array($resaction) && ! is_numeric($resaction)) { dol_syslog('Error: Bug into hook '.$method.' of module class '.get_class($actionclassinstance).'. Method must not return a string but an int (0=OK, 1=Replace, -1=KO) and set string into ->resprints', LOG_ERR); diff --git a/htdocs/core/class/html.form.class.php b/htdocs/core/class/html.form.class.php index dedac785362..b440c012f04 100644 --- a/htdocs/core/class/html.form.class.php +++ b/htdocs/core/class/html.form.class.php @@ -5683,7 +5683,7 @@ class Form /** * Return a HTML area with the reference of object and a navigation bar for a business object - * To add a particular filter on select, you must set $object->next_prev_filter to SQL criteria. + * Note: To add a particular filter on select, you can have $object->next_prev_filter set to add SQL criterias. * * @param object $object Object to show. * @param string $paramid Name of parameter to use to name the id into the URL next/previous link. @@ -5701,12 +5701,20 @@ class Form */ function showrefnav($object,$paramid,$morehtml='',$shownav=1,$fieldid='rowid',$fieldref='ref',$morehtmlref='',$moreparam='',$nodbprefix=0,$morehtmlleft='',$morehtmlstatus='',$morehtmlright='') { - global $langs,$conf; + global $langs,$conf,$hookmanager; $ret=''; if (empty($fieldid)) $fieldid='rowid'; if (empty($fieldref)) $fieldref='ref'; + // Add where from hooks + if (is_object($hookmanager)) + { + $parameters=array(); + $reshook=$hookmanager->executeHooks('printFieldListWhere',$parameters, $object); // Note that $action and $object may have been modified by hook + $object->next_prev_filter.=$hookmanager->resPrint; + } + //print "paramid=$paramid,morehtml=$morehtml,shownav=$shownav,$fieldid,$fieldref,$morehtmlref,$moreparam"; $object->load_previous_next_ref((isset($object->next_prev_filter)?$object->next_prev_filter:''),$fieldid,$nodbprefix); diff --git a/htdocs/core/class/html.formother.class.php b/htdocs/core/class/html.formother.class.php index 7e78f7bbe4d..1771b6f7a4c 100644 --- a/htdocs/core/class/html.formother.class.php +++ b/htdocs/core/class/html.formother.class.php @@ -320,7 +320,7 @@ class FormOther { dol_syslog(__METHOD__ . ': using numeric value for parameter type is deprecated. Use string code instead.', LOG_WARNING); } - + // Load list of "categories" $static_categs = new Categorie($this->db); $tab_categs = $static_categs->get_full_arbo($type); @@ -409,7 +409,7 @@ class FormOther $sql_usr.= " WHERE u2.entity IN (0,".$conf->entity.")"; $sql_usr.= " AND u2.rowid = sc.fk_user AND sc.fk_soc=".$user->societe_id; } - $sql_usr.= " ORDER BY u.statut DESC, lastname ASC"; + $sql_usr.= " ORDER BY statut DESC, lastname ASC"; // Do not use 'ORDER BY u.statut' here, not compatible with the UNION. //print $sql_usr;exit; $resql_usr = $this->db->query($sql_usr); @@ -621,12 +621,12 @@ class FormOther $b = hexdec($hexb); } $bright = (max($r, $g, $b) + min($r, $g, $b)) / 510.0; // HSL algorithm - if ($bright > 0.6) $textcolor='000'; + if ($bright > 0.6) $textcolor='000'; } - + include_once DOL_DOCUMENT_ROOT.'/core/lib/functions2.lib.php'; $color = colorArrayToHex(colorStringToArray($color,array()),''); - + if ($color) print ''; else print $textifnotdefined; } @@ -989,7 +989,7 @@ class FormOther * Class 'Form' must be known. * * @param User $user Object User - * @param String $areacode Code of area for pages (0=value for Home page) + * @param string $areacode Code of area for pages ('0'=value for Home page) * @return array array('selectboxlist'=>, 'boxactivated'=>, 'boxlist'=>) */ static function getBoxesArea($user,$areacode) @@ -1002,16 +1002,16 @@ class FormOther // $boxactivated will be array of boxes enabled into global setup // $boxidactivatedforuser will be array of boxes choosed by user - + $selectboxlist=''; - $boxactivated=InfoBox::listBoxes($db,'activated',$areacode,(empty($user->conf->$confuserzone)?null:$user)); // Search boxes of common+user (or common only if user has no specific setup) - + $boxactivated=InfoBox::listBoxes($db, 'activated', $areacode, (empty($user->conf->$confuserzone)?null:$user), array(), 0); // Search boxes of common+user (or common only if user has no specific setup) + $boxidactivatedforuser=array(); foreach($boxactivated as $box) { if (empty($user->conf->$confuserzone) || $box->fk_user == $user->id) $boxidactivatedforuser[$box->id]=$box->id; // We keep only boxes to show for user } - + // Define selectboxlist $arrayboxtoactivatelabel=array(); if (! empty($user->conf->$confuserzone)) @@ -1062,7 +1062,7 @@ class FormOther async: false }); // We force reload to be sure to get all boxes into list - window.location.search=\'mainmenu='.GETPOST("mainmenu").'&leftmenu='.GETPOST('leftmenu').'&action=delbox\'; + window.location.search=\'mainmenu='.GETPOST("mainmenu","aZ09").'&leftmenu='.GETPOST('leftmenu',"aZ09").'&action=delbox\'; } else { @@ -1084,7 +1084,7 @@ class FormOther url: \''.DOL_URL_ROOT.'/core/ajax/box.php?boxorder=\'+boxorder+\'&boxid=\'+boxid+\'&zone='.$areacode.'&userid='.$user->id.'\', async: false }); - window.location.search=\'mainmenu='.GETPOST("mainmenu").'&leftmenu='.GETPOST('leftmenu').'&action=addbox&boxid=\'+boxid; + window.location.search=\'mainmenu='.GETPOST("mainmenu","aZ09").'&leftmenu='.GETPOST('leftmenu',"aZ09").'&action=addbox&boxid=\'+boxid; } });'; if (! count($arrayboxtoactivatelabel)) $selectboxlist.='jQuery("#boxcombo").hide();'; diff --git a/htdocs/core/class/infobox.class.php b/htdocs/core/class/infobox.class.php index cd06eb587b7..41e131bba37 100644 --- a/htdocs/core/class/infobox.class.php +++ b/htdocs/core/class/infobox.class.php @@ -45,9 +45,10 @@ class InfoBox * @param string $zone Name or area (-1 for all, 0 for Homepage, 1 for xxx, ...) * @param User|null $user Object user to filter * @param array $excludelist Array of box id (box.box_id = boxes_def.rowid) to exclude + * @param int $includehidden Include also hidden boxes * @return array Array of boxes */ - static function listBoxes($db, $mode, $zone, $user=null, $excludelist=array()) + static function listBoxes($db, $mode, $zone, $user=null, $excludelist=array(), $includehidden=1) { global $conf; @@ -72,7 +73,7 @@ class InfoBox $sql.= " FROM ".MAIN_DB_PREFIX."boxes_def as d"; $sql.= " WHERE d.entity IN (0,".(! empty($conf->multicompany->enabled) && ! empty($conf->multicompany->transverse_mode)?"1,":"").$conf->entity.")"; } - + dol_syslog(get_class()."::listBoxes get default box list for mode=".$mode." userid=".(is_object($user)?$user->id:'')."", LOG_DEBUG); $resql = $db->query($sql); if ($resql) @@ -155,7 +156,7 @@ class InfoBox //print '=>'.$boxname.'-enabled='.$enabled.'
'; //print 'xx module='.$module.' enabled='.$enabled; - if ($enabled) $boxes[]=$box; + if ($enabled && ($includehidden || empty($box->hidden))) $boxes[]=$box; else unset($box); } else diff --git a/htdocs/core/datepicker.php b/htdocs/core/datepicker.php index eeb20ee265c..6253ead8c82 100644 --- a/htdocs/core/datepicker.php +++ b/htdocs/core/datepicker.php @@ -39,7 +39,7 @@ if (! defined('NOREQUIREHTML')) define('NOREQUIREHTML',1); require_once '../main.inc.php'; require_once DOL_DOCUMENT_ROOT.'/core/lib/date.lib.php'; -if (GETPOST('lang')) $langs->setDefaultLang(GETPOST('lang')); // If language was forced on URL by the main.inc.php +if (GETPOST('lang', 'aZ09')) $langs->setDefaultLang(GETPOST('lang', 'aZ09')); // If language was forced on URL by the main.inc.php $langs->load("main"); $langs->load("agenda"); $right=($langs->trans("DIRECTION")=='rtl'?'left':'right'); diff --git a/htdocs/core/get_menudiv.php b/htdocs/core/get_menudiv.php index 655e10afd67..f8b3a652e08 100644 --- a/htdocs/core/get_menudiv.php +++ b/htdocs/core/get_menudiv.php @@ -35,7 +35,7 @@ if (! defined('NOREQUIREHTML')) define('NOREQUIREHTML',1); require_once '../main.inc.php'; -if (GETPOST('lang')) $langs->setDefaultLang(GETPOST('lang')); // If language was forced on URL by the main.inc.php +if (GETPOST('lang', 'aZ09')) $langs->setDefaultLang(GETPOST('lang', 'aZ09')); // If language was forced on URL by the main.inc.php $langs->load("main"); $right=($langs->trans("DIRECTION")=='rtl'?'left':'right'); $left=($langs->trans("DIRECTION")=='rtl'?'right':'left'); diff --git a/htdocs/core/lib/files.lib.php b/htdocs/core/lib/files.lib.php index 708aee9e498..29706e15341 100644 --- a/htdocs/core/lib/files.lib.php +++ b/htdocs/core/lib/files.lib.php @@ -67,9 +67,14 @@ function dol_dir_list($path, $types="all", $recursive=0, $filter="", $excludefil $path=preg_replace('/([\\/]+)$/i','',$path); $newpath=dol_osencode($path); - if (! $nohook) + $reshook = 0; + $file_list = array(); + + if (is_object($hookmanager) && ! $nohook) { - $hookmanager->initHooks(array('fileslib')); + $hookmanager->resArray=array(); + + $hookmanager->initHooks(array('fileslib')); $parameters=array( 'path' => $newpath, @@ -202,6 +207,10 @@ function dol_dir_list($path, $types="all", $recursive=0, $filter="", $excludefil return array(); } } + + if (is_object($hookmanager) && is_array($hookmanager->resArray)) $file_list = array_merge($file_list, $hookmanager->resArray); + + return $file_list; } @@ -442,7 +451,7 @@ function dolCopyDir($srcfile, $destfile, $newmask, $overwriteifexists) $destexists=dol_is_dir($destfile); if (! $overwriteifexists && $destexists) return 0; - + if (! $destexists) { // We must set mask just before creating dir, becaause it can be set differently by dol_copy @@ -452,7 +461,7 @@ function dolCopyDir($srcfile, $destfile, $newmask, $overwriteifexists) $dirmaskdec |= octdec('0200'); // Set w bit required to be able to create content for recursive subdirs files dol_mkdir($destfile."/".$file, '', decoct($dirmaskdec)); } - + $srcfile=dol_osencode($srcfile); $destfile=dol_osencode($destfile); @@ -625,9 +634,9 @@ function dol_move_uploaded_file($src_file, $dest_file, $allowoverwrite, $disable } } - // Security: - // Disallow file with some extensions. We renamed them. - // Car si on a mis le rep documents dans un rep de la racine web (pas bien), cela permet d'executer du code a la demande. + // Security: + // Disallow file with some extensions. We rename them. + // Because if we put the documents directory into a directory inside web root (very bad), this allows to execute on demand arbitrary code. if (preg_match('/\.htm|\.html|\.php|\.pl|\.cgi$/i',$dest_file) && empty($conf->global->MAIN_DOCUMENT_IS_OUTSIDE_WEBROOT_SO_NOEXE_NOT_REQUIRED)) { $file_name.= '.noexe'; @@ -726,7 +735,7 @@ function dol_delete_file($file,$disableglob=0,$nophperrors=0,$nohook=0,$object=n dol_syslog("Refused to delete file ".$file, LOG_WARNING); return False; } - + if (empty($nohook)) { $hookmanager->initHooks(array('fileslib')); @@ -777,7 +786,7 @@ function dol_delete_file($file,$disableglob=0,$nophperrors=0,$nohook=0,$object=n if ($nophperrors) $ok=@unlink($file_osencoded); else $ok=unlink($file_osencoded); if ($ok) dol_syslog("Removed file ".$file_osencoded, LOG_DEBUG); - else dol_syslog("Failed to remove file ".$file_osencoded, LOG_WARNING); + else dol_syslog("Failed to remove file ".$file_osencoded, LOG_WARNING); } return $ok; @@ -802,7 +811,7 @@ function dol_delete_dir($dir,$nophperrors=0) dol_syslog("Refused to delete dir ".$dir, LOG_WARNING); return False; } - + $dir_osencoded=dol_osencode($dir); return ($nophperrors?@rmdir($dir_osencoded):rmdir($dir_osencoded)); } @@ -1050,17 +1059,17 @@ function dol_add_file_process($upload_dir, $allowoverwrite=0, $donotupdatesessio $val = array($val); } } - + $nbfile = count($TFile['name']); - + for ($i = 0; $i < $nbfile; $i++) { // Define $destpath (path to file including filename) and $destfile (only filename) $destpath=$upload_dir . "/" . $TFile['name'][$i]; $destfile=$TFile['name'][$i]; - + $savingdocmask = dol_sanitizeFileName($savingdocmask); - + if ($savingdocmask) { $destpath=$upload_dir . "/" . preg_replace('/__file__/',$TFile['name'][$i],$savingdocmask); @@ -1072,12 +1081,12 @@ function dol_add_file_process($upload_dir, $allowoverwrite=0, $donotupdatesessio $destpath = $info['dirname'].'/'.$info['filename'].'.'.strtolower($info['extension']); $info = pathinfo($destfile); $destfile = $info['filename'].'.'.strtolower($info['extension']); - + $resupload = dol_move_uploaded_file($TFile['tmp_name'][$i], $destpath, $allowoverwrite, 0, $TFile['error'][$i], 0, $varfiles); if (is_numeric($resupload) && $resupload > 0) { global $maxwidthsmall, $maxheightsmall, $maxwidthmini, $maxheightmini; - + include_once DOL_DOCUMENT_ROOT.'/core/lib/images.lib.php'; if (empty($donotupdatesession)) { @@ -1090,14 +1099,14 @@ function dol_add_file_process($upload_dir, $allowoverwrite=0, $donotupdatesessio { // Create thumbs // We can't use $object->addThumbs here because there is no $object known - + // Used on logon for example $imgThumbSmall = vignette($destpath, $maxwidthsmall, $maxheightsmall, '_small', 50, "thumbs"); // Create mini thumbs for image (Ratio is near 16/9) // Used on menu or for setup page for example $imgThumbMini = vignette($destpath, $maxwidthmini, $maxheightmini, '_mini', 50, "thumbs"); } - + setEventMessages($langs->trans("FileTransferComplete"), null, 'mesgs'); } else @@ -1117,7 +1126,7 @@ function dol_add_file_process($upload_dir, $allowoverwrite=0, $donotupdatesessio } } } - + } } elseif ($link) { require_once DOL_DOCUMENT_ROOT . '/core/class/link.class.php'; @@ -1352,11 +1361,12 @@ function dol_uncompress($inputfile,$outputdir) * @param string $regexfilter Regex filter to restrict list. This regex value must be escaped for '/', since this char is used for preg_match function * @param array $excludefilter Array of Regex for exclude filter (example: array('(\.meta|_preview\.png)$','^\.')). This regex value must be escaped for '/', since this char is used for preg_match function * @param int $nohook Disable all hooks + * @param int $mode 0=Return array minimum keys loaded (faster), 1=Force all keys like date and size to be loaded (slower), 2=Force load of date only, 3=Force load of size only * @return string Full path to most recent file */ -function dol_most_recent_file($dir,$regexfilter='',$excludefilter=array('(\.meta|_preview\.png)$','^\.'),$nohook=false) +function dol_most_recent_file($dir,$regexfilter='',$excludefilter=array('(\.meta|_preview\.png)$','^\.'),$nohook=false,$mode='') { - $tmparray=dol_dir_list($dir,'files',0,$regexfilter,$excludefilter,'date',SORT_DESC,'',$nohook); + $tmparray=dol_dir_list($dir,'files',0,$regexfilter,$excludefilter,'date',SORT_DESC,$mode,$nohook); return $tmparray[0]; } @@ -1374,7 +1384,7 @@ function dol_check_secure_access_document($modulepart,$original_file,$entity,$fu { global $user, $conf, $db; global $dolibarr_main_data_root; - + if (! is_object($fuser)) $fuser=$user; if (empty($modulepart)) return 'ErrorBadParameter'; @@ -1389,7 +1399,7 @@ function dol_check_secure_access_document($modulepart,$original_file,$entity,$fu if (empty($refname)) $refname=basename(dirname($original_file)."/"); $relative_original_file = $original_file; - + // Wrapping for some images if ($modulepart == 'companylogo' && !empty($conf->mycompany->dir_output)) { @@ -1564,7 +1574,7 @@ function dol_check_secure_access_document($modulepart,$original_file,$entity,$fu } $original_file=$conf->user->dir_output.'/'.$original_file; } - + // Wrapping for third parties else if (($modulepart == 'company' || $modulepart == 'societe') && !empty($conf->societe->dir_output)) { @@ -1620,7 +1630,7 @@ function dol_check_secure_access_document($modulepart,$original_file,$entity,$fu } $original_file=$conf->facture->dir_output.'/temp/massgeneration/'.$user->id.'/'.$original_file; } - + // Wrapping for interventions else if (($modulepart == 'fichinter' || $modulepart == 'ficheinter') && !empty($conf->ficheinter->dir_output)) { @@ -1686,7 +1696,7 @@ function dol_check_secure_access_document($modulepart,$original_file,$entity,$fu } // Wrapping pour les commandes fournisseurs - else if (($modulepart == 'commande_fournisseur' || $modulepart == 'order_supplier') && !empty($conf->fournisseur->commande->dir_output)) + else if (($modulepart == 'commande_fournisseur' || $modulepart == 'order_supplier') && !empty($conf->fournisseur->commande->dir_output)) { if ($fuser->rights->fournisseur->commande->lire || preg_match('/^specimen/i',$original_file)) { @@ -1841,14 +1851,14 @@ function dol_check_secure_access_document($modulepart,$original_file,$entity,$fu $accessallowed=1; $original_file=$conf->fckeditor->dir_output.'/'.$original_file; } - + // Wrapping for miscellaneous medias files elseif ($modulepart == 'medias' && !empty($dolibarr_main_data_root)) { $accessallowed=1; $original_file=$dolibarr_main_data_root.'/medias/'.$original_file; } - + // Wrapping for backups else if ($modulepart == 'systemtools' && !empty($conf->admin->dir_output)) { @@ -1896,7 +1906,7 @@ function dol_check_secure_access_document($modulepart,$original_file,$entity,$fu // If modulepart=module Allows any module to open a file if file is in directory called DOL_DATA_ROOT/modulepart else { - if (preg_match('/^specimen/i',$original_file)) $accessallowed=1; // If link to a file called specimen. Test must be done before changing $original_file int full path. + if (preg_match('/^specimen/i',$original_file)) $accessallowed=1; // If link to a file called specimen. Test must be done before changing $original_file int full path. if ($fuser->admin) $accessallowed=1; // If user is admin // Define $accessallowed diff --git a/htdocs/core/lib/functions.lib.php b/htdocs/core/lib/functions.lib.php index c678e0bc7df..f9f9c8557ee 100644 --- a/htdocs/core/lib/functions.lib.php +++ b/htdocs/core/lib/functions.lib.php @@ -102,14 +102,14 @@ function getDoliDBInstance($type, $host, $user, $pass, $name, $port) /** * Get list of entity id to use * - * @param string $element Current element - * 'societe', 'socpeople', 'actioncomm', 'agenda', 'resource', + * @param string $element Current element + * 'societe', 'socpeople', 'actioncomm', 'agenda', 'resource', * 'product', 'productprice', 'stock', * 'propal', 'facture', 'facture_fourn', - * 'categorie', 'bank_account', 'bank_account', 'adherent', 'user', + * 'categorie', 'bank_account', 'bank_account', 'adherent', 'user', * 'commande', 'commande_fournisseur', 'expedition', 'intervention', 'survey', * 'contract', 'tax', 'expensereport', 'holiday', 'multicurrency', 'project', - * 'email_template', 'event', + * 'email_template', 'event', * @param int $shared 0=Return id of entity, 1=Return id entity + shared entities * @return mixed Entity id(s) to use */ @@ -121,7 +121,7 @@ function getEntity($element=false, $shared=0) if ($element == 'actioncomm') $element='agenda'; if ($element == 'fichinter') $element='intervention'; if ($element == 'categorie') $element='category'; - + if (is_object($mc)) { return $mc->getEntity($element, $shared); @@ -203,7 +203,7 @@ function getBrowserInfo($user_agent) elseif (preg_match('/opera(\/|\s)([\d\.]*)/i', $user_agent, $reg)) { $name='opera'; $version=$reg[2]; } elseif (preg_match('/(MSIE\s([0-9]+\.[0-9]))|.*(Trident\/[0-9]+.[0-9];\srv:([0-9]+\.[0-9]+))/i', $user_agent, $reg)) { $name='ie'; $version=end($reg); } // MS products at end elseif (preg_match('/l(i|y)n(x|ks)(\(|\/|\s)*([\d\.]+)/i', $user_agent, $reg)) { $name='lynxlinks'; $version=$reg[4]; } - + if ($tablet) { $layout = 'tablet'; } elseif ($phone) { @@ -268,7 +268,7 @@ function GETPOST($paramname,$check='',$method=0,$filter=NULL,$options=NULL) { $tmp=dol_getdate(dol_now(), true); $out = $tmp['mon']; - } + } elseif ($reg[1] == 'YEAR') { $tmp=dol_getdate(dol_now(), true); @@ -280,7 +280,7 @@ function GETPOST($paramname,$check='',$method=0,$filter=NULL,$options=NULL) $out = $mysoc->country_id; } } - + switch ($check) { case 'int': @@ -337,13 +337,13 @@ function GETPOST($paramname,$check='',$method=0,$filter=NULL,$options=NULL) * This prefix is unique for instance and avoid conflict between multi-instances, * even when having two instances with one root dir or two instances in virtual servers * - * @param string $mode '' or 'email' + * @param string $mode '' or 'email' * @return string A calculated prefix */ function dol_getprefix($mode='') { global $conf; - + // If MAIL_PREFIX_FOR_EMAIL_ID is set and prefix is for email if ($mode == 'email' && ! empty($conf->global->MAIL_PREFIX_FOR_EMAIL_ID)) { @@ -425,15 +425,15 @@ function dol_buildpath($path, $type=0) if ($type == 1) $res = DOL_URL_ROOT.'/'.$path; // Standard value if ($type == 2) $res = DOL_MAIN_URL_ROOT.'/'.$path; // Standard value if ($type == 3) $res = DOL_URL_ROOT.'/'.$path; - + foreach ($conf->file->dol_document_root as $key => $dirroot) // ex: array(["main"]=>"/home/main/htdocs", ["alt0"]=>"/home/dirmod/htdocs", ...) { - if ($key == 'main') + if ($key == 'main') { if ($type == 3) { global $dolibarr_main_url_root; - + // Define $urlwithroot $urlwithouturlroot=preg_replace('/'.preg_quote(DOL_URL_ROOT,'/').'$/i','',trim($dolibarr_main_url_root)); $urlwithroot=$urlwithouturlroot.DOL_URL_ROOT; // This is to use external domain name found into config file @@ -460,12 +460,12 @@ function dol_buildpath($path, $type=0) if ($type == 3) { global $dolibarr_main_url_root; - + // Define $urlwithroot $urlwithouturlroot=preg_replace('/'.preg_quote(DOL_URL_ROOT,'/').'$/i','',trim($dolibarr_main_url_root)); $urlwithroot=$urlwithouturlroot.DOL_URL_ROOT; // This is to use external domain name found into config file //$urlwithroot=DOL_MAIN_URL_ROOT; // This is to use same domain name than current - + $res=(preg_match('/^http/i',$conf->file->dol_url_root[$key])?'':$urlwithroot).$conf->file->dol_url_root[$key].'/'.$path; // Test on start with http is for old conf syntax } break; @@ -611,7 +611,7 @@ function dol_string_unaccent($str) */ function dol_string_nospecial($str,$newstr='_',$badcharstoreplace='') { - $forbidden_chars_to_replace=array(" ","'","/","\\",":","*","?","\"","<",">","|","[","]",",",";","="); + $forbidden_chars_to_replace=array(" ", "'", "/", "\\", ":", "*", "?", "\"", "<", ">", "|", "[", "]", ",", ";", "="); $forbidden_chars_to_remove=array(); if (is_array($badcharstoreplace)) $forbidden_chars_to_replace=$badcharstoreplace; //$forbidden_chars_to_remove=array("(",")"); @@ -732,13 +732,13 @@ function dol_syslog($message, $level = LOG_INFO, $ident = 0, $suffixinfilename=' throw new Exception('Incorrect log level'); } if ($level > $conf->global->SYSLOG_LEVEL) return; - + // If adding log inside HTML page is required if (! empty($_REQUEST['logtohtml']) && (! empty($conf->global->MAIN_ENABLE_LOG_TO_HTML) || ! empty($conf->global->MAIN_LOGTOHTML))) // MAIN_LOGTOHTML kept for backward compatibility { $conf->logbuffer[] = dol_print_date(time(),"%Y-%m-%d %H:%M:%S")." ".$message; } - + //TODO: Remove this. MAIN_ENABLE_LOG_INLINE_HTML should be deprecated and use a log handler dedicated to HTML output // If enable html log tag enabled and url parameter log defined, we show output log on HTML comments if (! empty($conf->global->MAIN_ENABLE_LOG_INLINE_HTML) && ! empty($_GET["log"])) @@ -747,7 +747,7 @@ function dol_syslog($message, $level = LOG_INFO, $ident = 0, $suffixinfilename=' print $message."\n"; print "Log end -->\n"; } - + $data = array( 'message' => $message, 'script' => (isset($_SERVER['PHP_SELF'])? basename($_SERVER['PHP_SELF'],'.php') : false), @@ -755,7 +755,7 @@ function dol_syslog($message, $level = LOG_INFO, $ident = 0, $suffixinfilename=' 'user' => ((is_object($user) && $user->id) ? $user->login : false), 'ip' => false ); - + if (! empty($_SERVER["REMOTE_ADDR"])) $data['ip'] = $_SERVER['REMOTE_ADDR']; // This is when PHP session is ran inside a web server but not inside a client request (example: init code of apache) else if (! empty($_SERVER['SERVER_ADDR'])) $data['ip'] = $_SERVER['SERVER_ADDR']; @@ -814,7 +814,7 @@ function dol_get_fiche_head($links=array(), $active='', $title='', $notab=0, $pi global $conf, $langs, $hookmanager; if ($notab == -1) $notab = 0; // For better compatiblity with modules for 6.0 - + $out="\n".'
'."\n"; // Show title @@ -944,7 +944,7 @@ function dol_get_fiche_head($links=array(), $active='', $title='', $notab=0, $pi { $out = $hookmanager->resPrint; } - + return $out; } @@ -972,7 +972,8 @@ function dol_get_fiche_end($notab=0) } /** - * Show tab footer of a card + * Show tab footer of a card. + * Note: $object->next_prev_filter can be set to restrict select to find next or previous record by $form->showrefnav. * * @param object $object Object to show * @param string $paramid Name of parameter to use to name the id into the URL next/previous link @@ -1003,7 +1004,7 @@ function dol_banner_tab($object, $paramid, $morehtml='', $shownav=1, $fieldid='r if ($object->element == 'member') $modulepart='memberphoto'; if ($object->element == 'user') $modulepart='userphoto'; if ($object->element == 'product') $modulepart='product'; - + if ($object->element == 'product') { $width=80; $cssclass='photoref'; @@ -1011,7 +1012,7 @@ function dol_banner_tab($object, $paramid, $morehtml='', $shownav=1, $fieldid='r $maxvisiblephotos=(isset($conf->global->PRODUCT_MAX_VISIBLE_PHOTO)?$conf->global->PRODUCT_MAX_VISIBLE_PHOTO:5); if ($conf->browser->phone) $maxvisiblephotos=1; if ($showimage) $morehtmlleft.='
'.$object->show_photos($conf->product->multidir_output[$object->entity],'small',$maxvisiblephotos,0,0,0,$width,0).'
'; - else + else { if (!empty($conf->global->PRODUCT_NODISPLAYIFNOPHOTO)) { $nophoto=''; @@ -1023,11 +1024,11 @@ function dol_banner_tab($object, $paramid, $morehtml='', $shownav=1, $fieldid='r } } } - else + else { - if ($showimage) + if ($showimage) { - if ($modulepart != 'unknown') + if ($modulepart != 'unknown') { $phototoshow = $form->showphoto($modulepart,$object,0,0,0,'photoref','small',1,0,$maxvisiblephotos); if ($phototoshow) @@ -1040,7 +1041,7 @@ function dol_banner_tab($object, $paramid, $morehtml='', $shownav=1, $fieldid='r elseif ($conf->browser->layout != 'phone') // Show No photo link (picto of pbject) { $morehtmlleft.='
'; - if ($object->element == 'action') + if ($object->element == 'action') { $cssclass='photorefcenter'; $nophoto=img_picto('', 'title_agenda', '', false, 1); @@ -1061,59 +1062,59 @@ function dol_banner_tab($object, $paramid, $morehtml='', $shownav=1, $fieldid='r if ($showbarcode) $morehtmlleft.='
'.$form->showbarcode($object).'
'; if ($object->element == 'societe' && ! empty($conf->use_javascript_ajax) && $user->rights->societe->creer && ! empty($conf->global->MAIN_DIRECT_STATUS_UPDATE)) { $morehtmlstatus.=ajax_object_onoff($object, 'status', 'status', 'InActivity', 'ActivityCeased'); - } + } elseif ($object->element == 'product') { //$morehtmlstatus.=$langs->trans("Status").' ('.$langs->trans("Sell").') '; if (! empty($conf->use_javascript_ajax) && $user->rights->produit->creer && ! empty($conf->global->MAIN_DIRECT_STATUS_UPDATE)) { $morehtmlstatus.=ajax_object_onoff($object, 'status', 'tosell', 'ProductStatusOnSell', 'ProductStatusNotOnSell'); } else { - $morehtmlstatus.=$object->getLibStatut(5,0); + $morehtmlstatus.=''.$object->getLibStatut(5,0).''; } $morehtmlstatus.='   '; //$morehtmlstatus.=$langs->trans("Status").' ('.$langs->trans("Buy").') '; if (! empty($conf->use_javascript_ajax) && $user->rights->produit->creer && ! empty($conf->global->MAIN_DIRECT_STATUS_UPDATE)) { $morehtmlstatus.=ajax_object_onoff($object, 'status_buy', 'tobuy', 'ProductStatusOnBuy', 'ProductStatusNotOnBuy'); } else { - $morehtmlstatus.=$object->getLibStatut(5,1); + $morehtmlstatus.=''.$object->getLibStatut(5,1).''; } } elseif ($object->element == 'facture' || $object->element == 'invoice' || $object->element == 'invoice_supplier') { $tmptxt=$object->getLibStatut(6, $object->totalpaye); - if (empty($tmptxt) || $tmptxt == $object->getLibStatut(3) || $conf->browser->layout=='phone') $tmptxt=$object->getLibStatut(5, $object->totalpaye); + if (empty($tmptxt) || $tmptxt == $object->getLibStatut(3) || $conf->browser->layout=='phone') $tmptxt=$object->getLibStatut(5, $object->totalpaye); $morehtmlstatus.=$tmptxt; } elseif ($object->element == 'chargesociales') { $tmptxt=$object->getLibStatut(6, $object->totalpaye); - if (empty($tmptxt) || $tmptxt == $object->getLibStatut(3) || $conf->browser->layout=='phone') $tmptxt=$object->getLibStatut(5, $object->totalpaye); + if (empty($tmptxt) || $tmptxt == $object->getLibStatut(3) || $conf->browser->layout=='phone') $tmptxt=$object->getLibStatut(5, $object->totalpaye); $morehtmlstatus.=$tmptxt; } elseif ($object->element == 'loan') { $tmptxt=$object->getLibStatut(6, $object->totalpaye); - if (empty($tmptxt) || $tmptxt == $object->getLibStatut(3) || $conf->browser->layout=='phone') $tmptxt=$object->getLibStatut(5, $object->totalpaye); + if (empty($tmptxt) || $tmptxt == $object->getLibStatut(3) || $conf->browser->layout=='phone') $tmptxt=$object->getLibStatut(5, $object->totalpaye); $morehtmlstatus.=$tmptxt; } - elseif ($object->element == 'contrat') + elseif ($object->element == 'contrat') { if ($object->statut==0) $morehtmlstatus.=$object->getLibStatut(2); else $morehtmlstatus.=$object->getLibStatut(4); } else { // Generic case $tmptxt=$object->getLibStatut(6); - if (empty($tmptxt) || $tmptxt == $object->getLibStatut(3) || $conf->browser->layout=='phone') $tmptxt=$object->getLibStatut(5); + if (empty($tmptxt) || $tmptxt == $object->getLibStatut(3) || $conf->browser->layout=='phone') $tmptxt=$object->getLibStatut(5); $morehtmlstatus.=$tmptxt; } if (! empty($object->name_alias)) $morehtmlref.='
'.$object->name_alias.'
'; // For thirdparty - + if ($object->element == 'product' || $object->element == 'bank_account') { if(! empty($object->label)) $morehtmlref.='
'.$object->label.'
'; } - if ($object->element != 'product' && $object->element != 'bookmark') + if ($object->element != 'product' && $object->element != 'bookmark') { $morehtmlref.='
'; $morehtmlref.=$object->getBannerAddress('refaddress',$object); @@ -1125,7 +1126,7 @@ function dol_banner_tab($object, $paramid, $morehtml='', $shownav=1, $fieldid='r $morehtmlref.=$langs->trans("TechnicalID").': '.$object->id; $morehtmlref.='
'; } - + print '
'; print $form->showrefnav($object, $paramid, $morehtml, $shownav, $fieldid, $fieldref, $morehtmlref, $moreparam, $nodbprefix, $morehtmlleft, $morehtmlstatus, $morehtmlright); print '
'; @@ -1301,9 +1302,9 @@ function dol_print_date($time,$format='',$tzoutput='tzserver',$outputlangs='',$e $reduceformat=(! empty($conf->dol_optimize_smallscreen) && in_array($format,array('day','dayhour')))?1:0; $formatwithoutreduce = preg_replace('/reduceformat/','',$format); if ($formatwithoutreduce != $format) { $format = $formatwithoutreduce; $reduceformat=1; } // so format 'dayreduceformat' is processed like day - + // Change predefined format into computer format. If found translation in lang file we use it, otherwise we use default. - // TODO Add format daysmallyear and dayhoursmallyear + // TODO Add format daysmallyear and dayhoursmallyear if ($format == 'day') $format=($outputlangs->trans("FormatDateShort")!="FormatDateShort"?$outputlangs->trans("FormatDateShort"):$conf->format_date_short); else if ($format == 'hour') $format=($outputlangs->trans("FormatHourShort")!="FormatHourShort"?$outputlangs->trans("FormatHourShort"):$conf->format_hour_short); else if ($format == 'hourduration') $format=($outputlangs->trans("FormatHourShortDuration")!="FormatHourShortDuration"?$outputlangs->trans("FormatHourShortDuration"):$conf->format_hour_short_duration); @@ -1375,7 +1376,8 @@ function dol_print_date($time,$format='',$tzoutput='tzserver',$outputlangs='',$e if (preg_match('/__b__/i',$format)) { // Here ret is string in PHP setup language (strftime was used). Now we convert to $outputlangs. - $month=adodb_strftime('%m',$time+$offsettz+$offsetdst); // TODO Remove this + $month=adodb_strftime('%m',$time+$offsettz+$offsetdst); // TODO Replace this with function Date PHP. We also should not use anymore offsettz and offsetdst but only offsettzstring. + $month=sprintf("%02d", $month); // $month may be return with format '06' on some installation and '6' on other, so we force it to '06'. if ($encodetooutput) { $monthtext=$outputlangs->transnoentities('Month'.$month); @@ -1805,7 +1807,7 @@ function dol_print_phone($phone,$countrycode='',$cid=0,$socid=0,$addlink='',$sep $newphone=($separ!=''?'(':'').substr($newphone,0,3).($separ!=''?')':'').$separ.substr($newphone,3,3).($separ!=''?'-':'').substr($newphone,6,4); } } - + if (! empty($addlink)) // Link on phone number (+ link to add action if conf->global->AGENDA_ADDACTIONFORPHONE set) { if (! empty($conf->browser->phone) || (! empty($conf->clicktodial->enabled) && ! empty($conf->global->CLICKTODIAL_USE_TEL_LINK_ON_PHONE_NUMBERS))) // If phone or option for, we use link of phone @@ -1935,7 +1937,7 @@ function dol_user_country() * @param int $mode thirdparty|contact|member|other * @param int $id Id of object * @param int $noprint No output. Result is the function return - * @param string $charfornl Char to use instead of nl2br. '' means we use a standad nl2br. + * @param string $charfornl Char to use instead of nl2br. '' means we use a standad nl2br. * @return string|void Nothing if noprint is 0, formatted address if noprint is 1 * @see dol_format_address */ @@ -1956,7 +1958,7 @@ function dol_print_address($address, $htmlid, $mode, $id, $noprint=0, $charfornl { if (empty($charfornl)) $out.=nl2br($address); else $out.=preg_replace('/[\r\n]+/', $charfornl, $address); - + $showgmap=$showomap=0; // TODO Add a hook here @@ -2084,7 +2086,7 @@ function dol_print_graph($htmlid,$width,$height,$data,$showlegend=0,$type='pie', print '
'.$langs->trans("NotEnoughDataYet").'
'; return; } - + if (empty($conf->use_javascript_ajax)) return; $jsgraphlib='flot'; $datacolor=array(); @@ -2253,7 +2255,7 @@ function dol_trunc($string,$size=40,$trunc='right',$stringencoding='UTF-8',$nodo global $conf; if ($size==0 || ! empty($conf->global->MAIN_DISABLE_TRUNC)) return $string; - + if (empty($stringencoding)) $stringencoding='UTF-8'; // reduce for small screen if ($conf->dol_optimize_smallscreen==1 && $display==1) $size = round($size/3); @@ -2926,8 +2928,8 @@ function dol_print_error($db='',$error='',$errors=null) $out.="".$langs->trans("Referer").": ".(isset($_SERVER["HTTP_REFERER"])?dol_htmlentities($_SERVER["HTTP_REFERER"],ENT_COMPAT,'UTF-8'):'')."
\n"; $out.="".$langs->trans("MenuManager").": ".(isset($conf->standard_menu)?$conf->standard_menu:'')."
\n"; $out.="
\n"; - $syslog.="url=".$_SERVER["REQUEST_URI"]; - $syslog.=", query_string=".$_SERVER["QUERY_STRING"]; + $syslog.="url=".dol_escape_htmltag($_SERVER["REQUEST_URI"]); + $syslog.=", query_string=".dol_escape_htmltag($_SERVER["QUERY_STRING"]); } else // Mode CLI { @@ -3206,7 +3208,7 @@ function load_fiche_titre($titre, $morehtmlright='', $picto='title_generic.png', * @param string $options More parameters for links ('' by default, does not include sortfield neither sortorder) * @param string $sortfield Field to sort on ('' by default) * @param string $sortorder Order to sort ('' by default) - * @param string $center String in the middle ('' by default). We often find here string $massaction comming from $form->selectMassAction() + * @param string $center String in the middle ('' by default). We often find here string $massaction comming from $form->selectMassAction() * @param int $num Number of records found by select with limit+1 * @param int|string $totalnboflines Total number of records/lines for all pages (if known). Use a negative value of number to not show number. Use '' if unknown. * @param string $picto Icon to use before title (should be a 32x32 transparent png file) @@ -3220,11 +3222,11 @@ function load_fiche_titre($titre, $morehtmlright='', $picto='title_generic.png', function print_barre_liste($titre, $page, $file, $options='', $sortfield='', $sortorder='', $center='', $num=-1, $totalnboflines='', $picto='title_generic.png', $pictoisfullpath=0, $morehtml='', $morecss='', $limit=-1, $hideselectlimit=0) { global $conf,$langs; - + $savlimit = $limit; $savtotalnboflines = $totalnboflines; $totalnboflines=abs($totalnboflines); - + if ($picto == 'setup') $picto='title_setup.png'; if (($conf->browser->name == 'ie') && $picto=='title_generic.png') $picto='title.gif'; if ($limit < 0) $limit = $conf->liste_limit; @@ -3237,7 +3239,7 @@ function print_barre_liste($titre, $page, $file, $options='', $sortfield='', $so $nextpage = 0; } //print 'totalnboflines='.$totalnboflines.'-savlimit='.$savlimit.'-limit='.$limit.'-num='.$num.'-nextpage='.$nextpage; - + print "\n"; print "\n"; print '
' . price($total_prev_ht) . '' . price($total_prev_ttc) . ' 
' . price($total_next_ht) . '' . price($total_next_ttc) . ' '.$langs->trans('BuyingPrice').''.$langs->trans('CostPrice').''.$langs->trans('CostPrice').''.$langs->trans('MarginRate').'
'; @@ -3338,7 +3340,7 @@ function print_fleche_navigation($page, $file, $options='', $nextpage=0, $betwee //$pagesizechoices.=',0:'.$langs->trans("All"); // Not yet supported //$pagesizechoices.=',2:2'; if (! empty($conf->global->MAIN_PAGESIZE_CHOICES)) $pagesizechoices=$conf->global->MAIN_PAGESIZE_CHOICES; - + print ' diff --git a/htdocs/core/tpl/passwordforgotten.tpl.php b/htdocs/core/tpl/passwordforgotten.tpl.php index b641627b789..c05916d55a7 100644 --- a/htdocs/core/tpl/passwordforgotten.tpl.php +++ b/htdocs/core/tpl/passwordforgotten.tpl.php @@ -28,6 +28,9 @@ if (GETPOST('dol_use_jmobile')) $conf->dol_use_jmobile=1; // If we force to use jmobile, then we reenable javascript if (! empty($conf->dol_use_jmobile)) $conf->use_javascript_ajax=1; +$php_self = dol_escape_htmltag($_SERVER['PHP_SELF']); +$php_self.= dol_escape_htmltag($_SERVER["QUERY_STRING"])?'?'.dol_escape_htmltag($_SERVER["QUERY_STRING"]):''; + print top_htmlhead('',$langs->trans('SendNewPassword')); ?> @@ -94,7 +97,7 @@ if (! empty($hookmanager->resArray['options'])) { } ?> -resArray['options'])) {
-
class="button" name="password" value="trans('SendNewPassword'); ?>" tabindex="4" /> +
class="button" name="password" value="trans('SendNewPassword'); ?>" tabindex="4" />
diff --git a/htdocs/don/card.php b/htdocs/don/card.php index 0ace5c88e76..f2e7ade706d 100644 --- a/htdocs/don/card.php +++ b/htdocs/don/card.php @@ -50,7 +50,7 @@ $cancel=GETPOST('cancel'); $amount=GETPOST('amount'); $donation_date=dol_mktime(12, 0, 0, GETPOST('remonth'), GETPOST('reday'), GETPOST('reyear')); $projectid = (GETPOST('projectid') ? GETPOST('projectid', 'int') : 0); - + $object = new Don($db); $extrafields = new ExtraFields($db); @@ -316,17 +316,17 @@ if ($action == 'create') print ''; // Amount - print "
".''; + print "".''; print '\n"; - print "".''; - print "".''; - print "".''; + print "".''; + print "".''; + print "".''; print "".''; + print ''; // Zip / Town print ''; - print "".''; + print "".''; // Public note print ''; @@ -384,9 +384,9 @@ if ($action == 'create') dol_fiche_end(); print '
'; - print ''; + print ''; print '     '; - print ''; + print ''; print '
'; print "\n"; @@ -438,7 +438,7 @@ if (! empty($id) && $action == 'edit') // Amount if ($object->statut == 0) { - print "".''; + print "".''; } else { @@ -453,11 +453,11 @@ if (! empty($id) && $action == 'edit') print "\n"; $langs->load("companies"); - print ''; - print ''; - print ''; + print ''; + print ''; + print ''; print ''; + print ''; // Zip / Town print ''; - print "".''; + print "".''; print "'; } - print '"; - print '"; + print '"; + print ""; print "\n"; $i++; } @@ -419,7 +430,7 @@ function activitytrim($product_type) $i = 0; $var=true; - + while ($i < $num) { $objp = $db->fetch_object($result); diff --git a/htdocs/product/info.php b/htdocs/product/info.php index e29d1a168cb..58e7998ad47 100644 --- a/htdocs/product/info.php +++ b/htdocs/product/info.php @@ -87,7 +87,7 @@ if ($id > 0 || $ref) exit; } - + $head=product_prepare_head($object); $titre=$langs->trans("CardProduct".$object->type); $picto=($object->type== Product::TYPE_SERVICE?'service':'product'); @@ -95,8 +95,11 @@ if ($id > 0 || $ref) $linkback = ''.$langs->trans("BackToList").''; - dol_banner_tab($object, 'ref', $linkback, ($user->societe_id?0:1), 'ref'); - + $shownav = 1; + if ($user->societe_id && ! in_array('product', explode(',',$conf->global->MAIN_MODULES_FOR_EXTERNAL))) $shownav=0; + + dol_banner_tab($object, 'ref', $linkback, $shownav, 'ref'); + $object->info($object->id); print '
'; @@ -104,11 +107,11 @@ if ($id > 0 || $ref) print '
'; print '
'; - + dol_print_object_info($object); print '
'; - + dol_fiche_end(); } diff --git a/htdocs/product/list.php b/htdocs/product/list.php index 1aec109474e..7fd4135bd4a 100644 --- a/htdocs/product/list.php +++ b/htdocs/product/list.php @@ -78,7 +78,7 @@ $contextpage=GETPOST('contextpage','aZ')?GETPOST('contextpage','aZ'):'productser if ((string) $type == '1') { $contextpage='servicelist'; if ($search_type=='') $search_type='1'; } if ((string) $type == '0') { $contextpage='productlist'; if ($search_type=='') $search_type='0'; } -// Initialize technical object to manage hooks of thirdparties. Note that conf->hooks_modules contains array array +// Initialize technical object to manage hooks. Note that conf->hooks_modules contains array of hooks $hookmanager->initHooks(array($contextpage)); $extrafields = new ExtraFields($db); $form=new Form($db); @@ -158,12 +158,12 @@ $arrayfields=array( 'p.datec'=>array('label'=>$langs->trans("DateCreation"), 'checked'=>0, 'position'=>500), 'p.tms'=>array('label'=>$langs->trans("DateModificationShort"), 'checked'=>0, 'position'=>500), 'p.tosell'=>array('label'=>$langs->trans("Status").' ('.$langs->trans("Sell").')', 'checked'=>1, 'position'=>1000), - 'p.tobuy'=>array('label'=>$langs->trans("Status").' ('.$langs->trans("Purchases").')', 'checked'=>1, 'position'=>1000) + 'p.tobuy'=>array('label'=>$langs->trans("Status").' ('.$langs->trans("Buy").')', 'checked'=>1, 'position'=>1000) ); // Extra fields if (is_array($extrafields->attribute_label) && count($extrafields->attribute_label)) { - foreach($extrafields->attribute_label as $key => $val) + foreach($extrafields->attribute_label as $key => $val) { $arrayfields["ef.".$key]=array('label'=>$extrafields->attribute_label[$key], 'checked'=>$extrafields->attribute_list[$key], 'position'=>$extrafields->attribute_pos[$key]); } @@ -284,7 +284,7 @@ else $typ=$extrafields->attribute_type[$tmpkey]; $mode=0; if (in_array($typ, array('int','double'))) $mode=1; // Search on a numeric - if ($val && ( ($crit != '' && ! in_array($typ, array('select'))) || ! empty($crit))) + if ($val && ( ($crit != '' && ! in_array($typ, array('select'))) || ! empty($crit))) { $sql .= natural_search('ef.'.$tmpkey, $crit, $mode); } @@ -369,8 +369,8 @@ else $crit=$val; $tmpkey=preg_replace('/search_options_/','',$key); if ($val != '') $param.='&search_options_'.$tmpkey.'='.urlencode($val); - } - + } + print ''; if ($optioncss != '') print ''; print ''; @@ -416,7 +416,7 @@ else foreach($fieldstosearchall as $key => $val) $fieldstosearchall[$key]=$langs->trans($val); print $langs->trans("FilterOnInto", $sall) . join(', ',$fieldstosearchall); } - + // Filter on categories $moreforfilter=''; if (! empty($conf->categorie->enabled)) @@ -458,9 +458,9 @@ else if (! empty($arrayfields['p.accountancy_code_buy']['checked'])) print_liste_field_titre($arrayfields['p.accountancy_code_buy']['label'], $_SERVER["PHP_SELF"],"p.accountancy_code_buy","",$param,'',$sortfield,$sortorder); if (is_array($extrafields->attribute_label) && count($extrafields->attribute_label)) { - foreach($extrafields->attribute_label as $key => $val) + foreach($extrafields->attribute_label as $key => $val) { - if (! empty($arrayfields["ef.".$key]['checked'])) + if (! empty($arrayfields["ef.".$key]['checked'])) { $align=$extrafields->getAlignFlag($key); print_liste_field_titre($extralabels[$key],$_SERVER["PHP_SELF"],"ef.".$key,"",$param,($align?'align="'.$align.'"':''),$sortfield,$sortorder); @@ -473,8 +473,8 @@ else print $hookmanager->resPrint; if (! empty($arrayfields['p.datec']['checked'])) print_liste_field_titre($arrayfields['p.datec']['label'],$_SERVER["PHP_SELF"],"p.datec","",$param,'align="center" class="nowrap"',$sortfield,$sortorder); if (! empty($arrayfields['p.tms']['checked'])) print_liste_field_titre($arrayfields['p.tms']['label'],$_SERVER["PHP_SELF"],"p.tms","",$param,'align="center" class="nowrap"',$sortfield,$sortorder); - if (! empty($arrayfields['p.tosell']['checked'])) print_liste_field_titre($langs->trans("Status").' ('.$langs->trans("Sell").')',$_SERVER["PHP_SELF"],"p.tosell","",$param,'align="right"',$sortfield,$sortorder); - if (! empty($arrayfields['p.tobuy']['checked'])) print_liste_field_titre($langs->trans("Status").' ('.$langs->trans("Buy").')',$_SERVER["PHP_SELF"],"p.tobuy","",$param,'align="right"',$sortfield,$sortorder); + if (! empty($arrayfields['p.tosell']['checked'])) print_liste_field_titre($arrayfields['p.tosell']['label'],$_SERVER["PHP_SELF"],"p.tosell","",$param,'align="right"',$sortfield,$sortorder); + if (! empty($arrayfields['p.tobuy']['checked'])) print_liste_field_titre($arrayfields['p.tobuy']['label'],$_SERVER["PHP_SELF"],"p.tobuy","",$param,'align="right"',$sortfield,$sortorder); print_liste_field_titre($selectedfields, $_SERVER["PHP_SELF"],"",'','','align="right"',$sortfield,$sortorder,'maxwidthsearch '); print "\n"; @@ -552,7 +552,7 @@ else // Extra fields if (is_array($extrafields->attribute_label) && count($extrafields->attribute_label)) { - foreach($extrafields->attribute_label as $key => $val) + foreach($extrafields->attribute_label as $key => $val) { if (! empty($arrayfields["ef.".$key]['checked'])) print ''; } @@ -627,16 +627,16 @@ else $product_static->status_buy = $objp->tobuy; $product_static->status = $objp->tosell; $product_static->entity = $objp->entity; - - if (! empty($conf->stock->enabled) && $user->rights->stock->lire && $type != 1) // To optimize call of load_stock + + if ((! empty($conf->stock->enabled) && $user->rights->stock->lire && $type != 1) || ! empty($conf->global->STOCK_DISABLE_OPTIM_LOAD)) // To optimize call of load_stock { - if ($objp->fk_product_type != 1) // Not a service + if ($objp->fk_product_type != 1 || ! empty($conf->global->STOCK_SUPPORTS_SERVICES)) // Not a service { $product_static->load_stock('nobatch'); // Load stock_reel + stock_warehouse. This also call load_virtual_stock() } } - - + + $var=!$var; print ''; @@ -659,7 +659,7 @@ else { print ''; } - + // Barcode if (! empty($arrayfields['p.barcode']['checked'])) { @@ -765,7 +765,7 @@ else print ''; - } + } // Accountancy code sell if (! empty($arrayfields['p.accountancy_code_sell']['checked'])) print ''; // Accountancy code sell @@ -773,9 +773,9 @@ else // Extra fields if (is_array($extrafields->attribute_label) && count($extrafields->attribute_label)) { - foreach($extrafields->attribute_label as $key => $val) + foreach($extrafields->attribute_label as $key => $val) { - if (! empty($arrayfields["ef.".$key]['checked'])) + if (! empty($arrayfields["ef.".$key]['checked'])) { print 'getAlignFlag($key); @@ -804,8 +804,8 @@ else print ''; - } - + } + // Status (to sell) if (! empty($arrayfields['p.tosell']['checked'])) { @@ -828,13 +828,13 @@ else } print ''; } - // Action + // Action print ''; print "\n"; $i++; } - + $db->free($resql); print "
'; -echo dol_escape_htmltag($title); +echo dol_escape_htmltag($title); if ($disablenofollow) echo ''; ?>
'.$langs->trans("Amount").' '.$langs->trans("Currency".$conf->currency).'
'.$langs->trans("Amount").' '.$langs->trans("Currency".$conf->currency).'
'.$langs->trans("PublicDonation").""; print $form->selectyesno("public",isset($_POST["public"])?$_POST["public"]:1,1); print "
'.$langs->trans("Company").'
'.$langs->trans("Lastname").'
'.$langs->trans("Firstname").'
'.$langs->trans("Company").'
'.$langs->trans("Lastname").'
'.$langs->trans("Firstname").'
'.$langs->trans("Address").''; - print '
'.$langs->trans("Zip").' / '.$langs->trans("Town").''; @@ -341,7 +341,7 @@ if ($action == 'create') if ($user->admin) print info_admin($langs->trans("YouCanChangeValuesForThisListFromDictionarySetup"),1); print '
'.$langs->trans("EMail").'
'.$langs->trans("EMail").'
'.$langs->trans("Amount").' '.$langs->trans("Currency".$conf->currency).'
'.$langs->trans("Amount").' '.$langs->trans("Currency".$conf->currency).'
'.$langs->trans("Company").'
'.$langs->trans("Lastname").'
'.$langs->trans("Firstname").'
'.$langs->trans("Company").'
'.$langs->trans("Lastname").'
'.$langs->trans("Firstname").'
'.$langs->trans("Address").''; - print '
'.$langs->trans("Zip").' / '.$langs->trans("Town").''; @@ -472,7 +472,7 @@ if (! empty($id) && $action == 'edit') if ($user->admin) print info_admin($langs->trans("YouCanChangeValuesForThisListFromDictionarySetup"),1); print '
'.$langs->trans("EMail").'
'.$langs->trans("EMail").'
".$langs->trans("PaymentMode")."\n"; @@ -544,9 +544,9 @@ if (! empty($id) && $action != 'edit') // Print form confirm print $formconfirm; - + $linkback = ''.$langs->trans("BackToList").''; - + $morehtmlref='
'; // Project if (! empty($conf->projet->enabled)) @@ -581,8 +581,8 @@ if (! empty($id) && $action != 'edit') } } $morehtmlref.='
'; - - + + dol_banner_tab($object, 'rowid', $linkback, 1, 'rowid', 'ref', $morehtmlref); @@ -592,13 +592,6 @@ if (! empty($id) && $action != 'edit') print ''; - // Ref - /* - print ''; - print ''; - */ // Date print ''; print ''; print ''; - /*print ''; - // Zip / Town - print ''; - - // Country - print ''; - - // EMail - print "".''; - */ - // Payment mode print "\n"; - - //print "".''; - - // Project - /* - if (! empty($conf->projet->enabled)) - { - print ''; - print ''; - print ''; - print ''; - }*/ - + // Other attributes $cols = 2; include DOL_DOCUMENT_ROOT . '/core/tpl/extrafields_view.tpl.php'; diff --git a/htdocs/ecm/ajax/ecmdatabase.php b/htdocs/ecm/ajax/ecmdatabase.php index ac3a45d5683..6753a4299b0 100644 --- a/htdocs/ecm/ajax/ecmdatabase.php +++ b/htdocs/ecm/ajax/ecmdatabase.php @@ -39,7 +39,7 @@ $element = GETPOST('element', 'alpha'); top_httphead(); -//print ''."\n"; +//print ''."\n"; // Load original field value if (isset($action) && ! empty($action)) diff --git a/htdocs/expedition/card.php b/htdocs/expedition/card.php index 0077338aae5..a7f4043fcd1 100644 --- a/htdocs/expedition/card.php +++ b/htdocs/expedition/card.php @@ -73,7 +73,12 @@ $ref=GETPOST('ref','alpha'); // Security check $socid=''; if ($user->societe_id) $socid=$user->societe_id; -$result=restrictedArea($user, $origin, $origin_id); + +if ($origin == 'expedition') $result=restrictedArea($user, $origin, $id); +else { + $result=restrictedArea($user, 'expedition'); + if (empty($user->rights->{$origin}->lire) && empty($user->rights->{$origin}->read)) accessforbidden(); +} $action = GETPOST('action','alpha'); $confirm = GETPOST('confirm','alpha'); diff --git a/htdocs/expensereport/ajax/ajaxprojet.php b/htdocs/expensereport/ajax/ajaxprojet.php index 6b9dd7e062f..423677c5da5 100644 --- a/htdocs/expensereport/ajax/ajaxprojet.php +++ b/htdocs/expensereport/ajax/ajaxprojet.php @@ -46,7 +46,7 @@ require '../../main.inc.php'; //top_htmlhead("", "", 1); // Replaced with top_httphead. An ajax page does not need html header. top_httphead(); -//print ''."\n"; +//print ''."\n"; dol_syslog(join(',',$_GET)); diff --git a/htdocs/externalsite/frames.php b/htdocs/externalsite/frames.php index c0b5cf92e7e..6005b8e55b6 100644 --- a/htdocs/externalsite/frames.php +++ b/htdocs/externalsite/frames.php @@ -34,11 +34,11 @@ if (empty($conf->global->EXTERNALSITE_URL)) llxFooter(); } -$mainmenu=GETPOST('mainmenu', 'alpha'); -$leftmenu=GETPOST('leftmenu', 'alpha'); +$mainmenu=GETPOST('mainmenu', "aZ09"); +$leftmenu=GETPOST('leftmenu', "aZ09"); $idmenu=GETPOST('idmenu', 'int'); $theme=GETPOST('theme', 'alpha'); -$codelang=GETPOST('lang', 'alpha'); +$codelang=GETPOST('lang', 'aZ09'); print " diff --git a/htdocs/filefunc.inc.php b/htdocs/filefunc.inc.php index 5eba45e2c57..9e065451001 100644 --- a/htdocs/filefunc.inc.php +++ b/htdocs/filefunc.inc.php @@ -31,7 +31,7 @@ */ if (! defined('DOL_APPLICATION_TITLE')) define('DOL_APPLICATION_TITLE','Dolibarr'); -if (! defined('DOL_VERSION')) define('DOL_VERSION','5.0.3'); // a.b.c-alpha, a.b.c-beta, a.b.c-rcX or a.b.c +if (! defined('DOL_VERSION')) define('DOL_VERSION','5.0.4'); // a.b.c-alpha, a.b.c-beta, a.b.c-rcX or a.b.c if (! defined('EURO')) define('EURO',chr(128)); diff --git a/htdocs/fourn/ajax/getSupplierPrices.php b/htdocs/fourn/ajax/getSupplierPrices.php index af3d728dc78..9a8c24c4eba 100644 --- a/htdocs/fourn/ajax/getSupplierPrices.php +++ b/htdocs/fourn/ajax/getSupplierPrices.php @@ -46,7 +46,7 @@ $langs->load('margins'); top_httphead(); -//print ''."\n"; +//print ''."\n"; if ($idprod > 0) { @@ -55,7 +55,7 @@ if ($idprod > 0) $sorttouse = 's.nom, pfp.quantity, pfp.price'; if (GETPOST('bestpricefirst')) $sorttouse = 'pfp.unitprice, s.nom, pfp.quantity, pfp.price'; - + $productSupplierArray = $producttmp->list_product_fournisseur_price($idprod, $sorttouse); // We list all price per supplier, and then firstly with the lower quantity. So we can choose first one with enough quantity into list. if ( is_array($productSupplierArray)) { @@ -63,15 +63,15 @@ if ($idprod > 0) { $price = $productSupplier->fourn_price * (1 - $productSupplier->fourn_remise_percent / 100); $unitprice = $productSupplier->fourn_unitprice * (1 - $productSupplier->fourn_remise_percent / 100); - + $title = $productSupplier->fourn_name.' - '.$productSupplier->fourn_ref.' - '; - + if ($productSupplier->fourn_qty == 1) { $title.= price($price,0,$langs,0,0,-1,$conf->currency)."/"; } $title.= $productSupplier->fourn_qty.' '.($productSupplier->fourn_qty == 1 ? $langs->trans("Unit") : $langs->trans("Units")); - + if ($productSupplier->fourn_qty > 1) { $title.=" - "; @@ -84,19 +84,19 @@ if ($idprod > 0) $title.= price($productSupplier->fourn_unitcharges,0,$langs,0,0,-1,$conf->currency); $price += $productSupplier->fourn_unitcharges; } - + $label = price($price,0,$langs,0,0,-1,$conf->currency)."/".$langs->trans("Unit"); if ($productSupplier->fourn_ref) $label.=' ('.$productSupplier->fourn_ref.')'; - + $prices[] = array("id" => $productSupplier->product_fourn_price_id, "price" => price2num($price,0,'',0), "label" => $label, "title" => $title); // For price field, we must use price2num(), for label or title, price() } } - + // Add price for costprice $price=$producttmp->cost_price; $prices[] = array("id" => 'costprice', "price" => price2num($price), "label" => $langs->trans("CostPrice").': '.price($price,0,$langs,0,0,-1,$conf->currency), "title" => $langs->trans("PMPValueShort").': '.price($price,0,$langs,0,0,-1,$conf->currency)); // For price field, we must use price2num(), for label or title, price() - if(!empty($conf->stock->enabled)) + if(!empty($conf->stock->enabled)) { // Add price for pmp $price=$producttmp->pmp; diff --git a/htdocs/fourn/commande/card.php b/htdocs/fourn/commande/card.php index 033e9d43382..bc3c0822207 100644 --- a/htdocs/fourn/commande/card.php +++ b/htdocs/fourn/commande/card.php @@ -275,7 +275,7 @@ if (empty($reshook)) if ($action == 'addline' && $user->rights->fournisseur->commande->creer) { $db->begin(); - + $langs->load('errors'); $error = 0; @@ -441,7 +441,7 @@ if (empty($reshook)) $ht = $ttc / (1 + ($tva_tx / 100)); $price_base_type = 'HT'; } - + $pu_ht_devise = price2num($price_ht_devise, 'MU'); $result=$object->addline($desc, $ht, $qty, $tva_tx, $localtax1_tx, $localtax2_tx, 0, 0, '', $remise_percent, $price_base_type, $ttc, $type,'','', $date_start, $date_end, $array_options, $fk_unit, $pu_ht_devise); @@ -451,7 +451,7 @@ if (empty($reshook)) if (! $error && $result > 0) { $db->commit(); - + $ret=$object->fetch($object->id); // Reload to get new records // Define output language @@ -508,7 +508,7 @@ if (empty($reshook)) $db->rollback(); setEventMessages($object->error, $object->errors, 'errors'); } - + $action = ''; } @@ -543,7 +543,7 @@ if (empty($reshook)) $localtax1_tx=get_localtax($tva_tx,1,$mysoc,$object->thirdparty); $localtax2_tx=get_localtax($tva_tx,2,$mysoc,$object->thirdparty); - + $pu_ht_devise = GETPOST('multicurrency_subprice'); // Extrafields Lines @@ -1391,7 +1391,7 @@ if ($action=='create') // If not defined, set default value from constant if (empty($cond_reglement_id) && ! empty($conf->global->SUPPLIER_ORDER_DEFAULT_PAYMENT_TERM_ID)) $cond_reglement_id=$conf->global->SUPPLIER_ORDER_DEFAULT_PAYMENT_TERM_ID; if (empty($mode_reglement_id) && ! empty($conf->global->SUPPLIER_ORDER_DEFAULT_PAYMENT_MODE_ID)) $mode_reglement_id=$conf->global->SUPPLIER_ORDER_DEFAULT_PAYMENT_MODE_ID; - + print ''; print ''; print ''; @@ -1577,7 +1577,7 @@ if ($action=='create') elseif (! empty($object->id)) { $result = $object->fetch($id, $ref); - + $societe = new Fournisseur($db); $result=$societe->fetch($object->socid); if ($result < 0) dol_print_error($db); @@ -1587,7 +1587,7 @@ elseif (! empty($object->id)) $res=$object->fetch_optionals($object->id,$extralabels); - + $head = ordersupplier_prepare_head($object); $title=$langs->trans("SupplierOrder"); @@ -1724,11 +1724,11 @@ elseif (! empty($object->id)) // Print form confirm print $formconfirm; - + // Supplier order card $linkback = ''.$langs->trans("BackToList").''; - + $morehtmlref='
'; // Ref supplier $morehtmlref.=$form->editfieldkey("RefSupplier", 'ref_supplier', $object->ref_supplier, $object, $user->rights->fournisseur->commande->creer, 'string', '', 0, 1); @@ -1768,15 +1768,15 @@ elseif (! empty($object->id)) } } $morehtmlref.='
'; - - - dol_banner_tab($object, 'ref', $linkback, 1, 'ref', 'ref', $morehtmlref); - + + + dol_banner_tab($object, 'ref', $linkback, 1, 'ref', 'ref', $morehtmlref); + print '
'; print '
'; print '
'; - + print '
'.$langs->trans("Ref").''; - print $form->showrefnav($object, 'rowid', $linkback, 1, 'rowid', 'ref', ''); - print '
'.$langs->trans("Date").''; print dol_print_date($object->date,"day"); @@ -615,52 +608,12 @@ if (! empty($id) && $action != 'edit') print '
'.$langs->trans("Company").''.$object->societe.'
'.$langs->trans("Lastname").''.$object->lastname.'
'.$langs->trans("Firstname").''.$object->firstname.'
'.$langs->trans("Address").''.dol_nl2br($object->address).'
'.$langs->trans("Zip").' / '.$langs->trans("Town").''; - print $object->zip.($object->zip && $object->town?' / ':'').$object->town.'
'.$langs->trans('Country').''; - if (! empty($object->country_code)) - { - $img=picto_from_langcode($object->country_code); - print ($img?$img.' ':''); - print $object->country; - } - else - { - print $object->country_olddata; - } - print '
'.$langs->trans("EMail").''.dol_print_email($object->email).'
".$langs->trans("PaymentMode").""; $form->form_modes_reglement(null, $object->modepaymentid,'none'); print "
'.$langs->trans("Status").''.$object->getLibStatut(4).'
'.$langs->trans("Project").''; - $projettmp=new Project($db); - $projettmp->id=$object->fk_projet; - $projettmp->ref=$object->project; - if(! empty($object->fk_projet)) print $projettmp->getNomUrl(1); - print '
'; // Date @@ -1969,12 +1969,12 @@ elseif (! empty($object->id)) include DOL_DOCUMENT_ROOT . '/core/tpl/extrafields_view.tpl.php'; print '
'; - + print ''; print '
'; print '
'; print '
'; - + print ''; if (!empty($conf->multicurrency->enabled)) @@ -1983,18 +1983,18 @@ elseif (! empty($object->id)) print ''; print ''; print ''; - + // Multicurrency Amount VAT print ''; print ''; print ''; - + // Multicurrency Amount TTC print ''; print ''; print ''; } - + // Total print ''; print ''; @@ -2023,19 +2023,19 @@ elseif (! empty($object->id)) print ''; print '
' . fieldLabel('MulticurrencyAmountHT','multicurrency_total_ht') . '' . price($object->multicurrency_total_ht, '', $langs, 0, - 1, - 1, (!empty($object->multicurrency_code) ? $object->multicurrency_code : $conf->currency)) . '
' . fieldLabel('MulticurrencyAmountVAT','multicurrency_total_tva') . '' . price($object->multicurrency_total_tva, '', $langs, 0, - 1, - 1, (!empty($object->multicurrency_code) ? $object->multicurrency_code : $conf->currency)) . '
' . fieldLabel('MulticurrencyAmountTTC','multicurrency_total_ttc') . '' . price($object->multicurrency_total_ttc, '', $langs, 0, - 1, - 1, (!empty($object->multicurrency_code) ? $object->multicurrency_code : $conf->currency)) . '
'.$langs->trans("AmountHT").''.price($object->total_ht,'',$langs,1,-1,-1,$conf->currency).'
'; - + // Margin Infos /*if (! empty($conf->margin->enabled)) { $formmargin->displayMarginInfos($object); }*/ - - + + print '
'; print '
'; print ''; - + print '

'; - + if (! empty($conf->global->MAIN_DISABLE_CONTACTS_TAB)) { $blocname = 'contacts'; @@ -2591,19 +2591,29 @@ elseif (! empty($object->id)) // Create bill if (! empty($conf->facture->enabled)) { - if (! empty($conf->fournisseur->enabled) && ($object->statut >= 2 && $object->billed != 1)) // 2 means accepted + if (! empty($conf->fournisseur->enabled) && ($object->statut >= 2 && $object->statut != 7 && $object->billed != 1)) // statut 2 means approved, 7 means canceled { if ($user->rights->fournisseur->facture->creer) { print ''.$langs->trans("CreateBill").''; } - - if ($user->rights->fournisseur->commande->creer && $object->statut >= 2 && !empty($object->linkedObjectsIds['invoice_supplier'])) - { - print ''.$langs->trans("ClassifyBilled").''; - } } + } + // Classify billed manually (need one invoice if module invoice is on, no condition on invoice if not) + if ($user->rights->fournisseur->commande->creer && $object->statut >= 2 && $object->statut != 7 && $object->billed != 1) // statut 2 means approved + { + if (empty($conf->facture->enabled)) + { + print ''.$langs->trans("ClassifyBilled").''; + } + else if (!empty($object->linkedObjectsIds['invoice_supplier'])) + { + if ($user->rights->fournisseur->facture->creer) + { + print ''.$langs->trans("ClassifyBilled").''; + } + } } // Create a remote order using WebService only if module is activated @@ -2696,7 +2706,7 @@ elseif (! empty($object->id)) print ''; print ''; print load_fiche_titre($langs->trans("Receive"),'',''); - + print ''; //print ''; print ''; // DATE CREATE print ''; @@ -368,13 +368,13 @@ print ''; // DATE DEBUT print ''; // DATE FIN print ''; @@ -409,7 +409,7 @@ if (! empty($holiday->holiday)) $userstatic->login=$infos_CP['user_login']; $userstatic->statut=$infos_CP['user_statut']; $userstatic->photo=$infos_CP['user_photo']; - + // Valideur $approbatorstatic->id=$infos_CP['fk_validator']; $approbatorstatic->lastname=$infos_CP['validator_lastname']; @@ -417,7 +417,7 @@ if (! empty($holiday->holiday)) $approbatorstatic->login=$infos_CP['validator_login']; $approbatorstatic->statut=$infos_CP['validator_statut']; $approbatorstatic->photo=$infos_CP['validator_photo']; - + $date = $infos_CP['date_create']; print ''; diff --git a/htdocs/install/inc.php b/htdocs/install/inc.php index 840fa709ddf..68ad2cb6b2c 100644 --- a/htdocs/install/inc.php +++ b/htdocs/install/inc.php @@ -265,7 +265,7 @@ if (function_exists('get_magic_quotes_gpc')) // magic_quotes_* removed in PHP 5. // Defini objet langs $langs = new Translate('..',$conf); -if (GETPOST('lang')) $langs->setDefaultLang(GETPOST('lang')); +if (GETPOST('lang', 'aZ09')) $langs->setDefaultLang(GETPOST('lang', 'aZ09')); else $langs->setDefaultLang('auto'); $bc[false]=' class="bg1"'; @@ -452,9 +452,9 @@ function pFooter($nonext=0,$setuplang='',$jscheckfunction='', $withpleasewait=0) print '
'; if ($nonext == '2') { - print $langs->trans("ErrorFoundDuringMigration", $_SERVER["REQUEST_URI"].'&ignoreerrors=1').'

'; + print $langs->trans("ErrorFoundDuringMigration", $_SERVER["REQUEST_URI"].'&ignoreerrors=1').'

'; } - + print '"'; if ($jscheckfunction) print ' onClick="return '.$jscheckfunction.'();"'; print '>
'; diff --git a/htdocs/install/mysql/migration/3.5.0-3.6.0.sql b/htdocs/install/mysql/migration/3.5.0-3.6.0.sql index 2dc967e2546..1d7ad10d938 100755 --- a/htdocs/install/mysql/migration/3.5.0-3.6.0.sql +++ b/htdocs/install/mysql/migration/3.5.0-3.6.0.sql @@ -62,6 +62,21 @@ ALTER TABLE llx_societe MODIFY COLUMN fk_currency varchar(3) NULL; ALTER TABLE llx_bookmark ADD COLUMN entity integer DEFAULT 1 NOT NULL; ALTER TABLE llx_bookmark MODIFY COLUMN url varchar(255) NOT NULL; + +ALTER TABLE llx_opensurvey_sondage MODIFY COLUMN tms timestamp DEFAULT '2001-01-01 00:00:00'; + +-- Clean corrupted values for tms +-- VMYSQL4.1 SET sql_mode = 'ALLOW_INVALID_DATES'; +-- VMYSQL4.1 update llx_opensurvey_sondage set tms = date_fin where DATE(STR_TO_DATE(tms, '%Y-%m-%d')) IS NULL; +-- VMYSQL4.1 SET sql_mode = 'NO_ZERO_DATE'; +-- VMYSQL4.1 update llx_opensurvey_sondage set tms = date_fin where DATE(STR_TO_DATE(tms, '%Y-%m-%d')) IS NULL; +-- Remove default not null on date_fin +-- VMYSQL4.3 ALTER TABLE llx_opensurvey_sondage MODIFY COLUMN date_fin DATETIME NULL DEFAULT NULL; +-- VPGSQL8.2 ALTER TABLE llx_opensurvey_sondage ALTER COLUMN date_fin DROP NOT NULL; + +ALTER TABLE llx_opensurvey_sondage MODIFY COLUMN tms timestamp DEFAULT CURRENT_TIMESTAMP; + + ALTER TABLE llx_opensurvey_sondage ADD COLUMN entity integer DEFAULT 1 NOT NULL; ALTER TABLE llx_opensurvey_sondage ADD COLUMN allow_comments tinyint NOT NULL DEFAULT 1; -- ALTER TABLE llx_opensurvey_sondage DROP COLUMN survey_link_visible; diff --git a/htdocs/install/upgrade2.php b/htdocs/install/upgrade2.php index 42c8f50632e..33cfd088ebe 100644 --- a/htdocs/install/upgrade2.php +++ b/htdocs/install/upgrade2.php @@ -413,10 +413,10 @@ if (! GETPOST("action") || preg_match('/upgrade/i',GETPOST('action'))) { // Migrate to add entity value into llx_societe_remise migrate_remise_entity($db,$langs,$conf); - + // Migrate to add entity value into llx_societe_remise_except migrate_remise_except_entity($db,$langs,$conf); - + // Reload modules (this must be always and only into last targeted version) $listofmodule=array( 'MAIN_MODULE_ACCOUNTING'=>'newboxdefonly', @@ -426,11 +426,11 @@ if (! GETPOST("action") || preg_match('/upgrade/i',GETPOST('action'))) 'MAIN_MODULE_PRINTING'=>'newboxdefonly', ); migrate_reload_modules($db,$langs,$conf,$listofmodule); - + // Reload menus (this must be always and only into last targeted version) migrate_reload_menu($db,$langs,$conf,$versionto); } - + // Can force activation of some module during migration with third paramater = MAIN_MODULE_XXX,MAIN_MODULE_YYY,... if ($enablemodules) { @@ -456,8 +456,8 @@ if (! GETPOST("action") || preg_match('/upgrade/i',GETPOST('action'))) // Actions for all versions (not in database) migrate_delete_old_files($db, $langs, $conf); migrate_delete_old_dir($db, $langs, $conf); - - + + dol_mkdir(DOL_DATA_ROOT.'/bank'); migrate_directories($db, $langs, $conf, '/banque/bordereau', '/bank/checkdeposits'); } @@ -3927,10 +3927,13 @@ function migrate_delete_old_files($db,$langs,$conf) DOL_DOCUMENT_ROOT.'/core/modules/mailings/kiwi.modules.php', DOL_DOCUMENT_ROOT.'/core/modules/facture/pdf_crabe.modules.php', DOL_DOCUMENT_ROOT.'/core/modules/facture/pdf_oursin.modules.php', - + DOL_DOCUMENT_ROOT.'/compta/facture/class/api_invoice.class.php', DOL_DOCUMENT_ROOT.'/commande/class/api_commande.class.php', - DOL_DOCUMENT_ROOT.'/user/class/api_user.class.php' + DOL_DOCUMENT_ROOT.'/user/class/api_user.class.php', + DOL_DOCUMENT_ROOT.'/product/class/api_product.class.php', + DOL_DOCUMENT_ROOT.'/societe/class/api_contact.class.php', + DOL_DOCUMENT_ROOT.'/societe/class/api_thirdparty.class.php' ); foreach ($filetodeletearray as $filetodelete) diff --git a/htdocs/main.inc.php b/htdocs/main.inc.php index 9d97770e48a..2806f2d06a0 100644 --- a/htdocs/main.inc.php +++ b/htdocs/main.inc.php @@ -97,8 +97,9 @@ function test_sql_and_script_inject($val, $type) $sql_inj += preg_match('/' . "\n"; } - + // Wrapper to manage dropdown if ($conf->use_javascript_ajax) { @@ -1960,7 +1961,7 @@ if (! function_exists("llxFooter")) console.log("Link has class dropdowncloseonclick, so we close/hide the popup ul"); $(this).parent().parent().hide(); }); - + $(document).bind(\'click\', function (e) { var $clicked = $(e.target); if (!$clicked.parents().hasClass("dropdown")) $(".dropdown dd ul").hide(); @@ -1968,7 +1969,7 @@ if (! function_exists("llxFooter")) }); '; } - + // A div for the address popup print "\n\n"; print ''."\n"; diff --git a/htdocs/master.inc.php b/htdocs/master.inc.php index 80fc5d9a1d4..16c09207102 100644 --- a/htdocs/master.inc.php +++ b/htdocs/master.inc.php @@ -246,7 +246,7 @@ if (! defined('NOREQUIREDB') && ! defined('NOREQUIRESOC')) // Set default language (must be after the setValues setting global $conf->global->MAIN_LANG_DEFAULT. Page main.inc.php will overwrite langs->defaultlang with user value later) if (! defined('NOREQUIRETRAN')) { - $langcode=(GETPOST('lang')?GETPOST('lang','alpha',1):(empty($conf->global->MAIN_LANG_DEFAULT)?'auto':$conf->global->MAIN_LANG_DEFAULT)); + $langcode=(GETPOST('lang', 'aZ09')?GETPOST('lang', 'aZ09', 1):(empty($conf->global->MAIN_LANG_DEFAULT)?'auto':$conf->global->MAIN_LANG_DEFAULT)); $langs->setDefaultLang($langcode); } diff --git a/htdocs/product/ajax/products.php b/htdocs/product/ajax/products.php index 0510299fbd7..8015f6f1172 100644 --- a/htdocs/product/ajax/products.php +++ b/htdocs/product/ajax/products.php @@ -57,7 +57,7 @@ $warehouseStatus = GETPOST('warehousestatus', 'alpha'); * View */ -// print ''."\n"; +// print ''."\n"; dol_syslog(join(',', $_GET)); // print_r($_GET); @@ -160,7 +160,7 @@ if (! empty($action) && $action == 'fetch' && ! empty($id)) } echo json_encode($outjson); -} +} else { require_once DOL_DOCUMENT_ROOT . '/core/class/html.form.class.php'; @@ -171,17 +171,23 @@ else top_httphead(); if (empty($htmlname)) - return; + { + print json_encode(array()); + return; + } $match = preg_grep('/(' . $htmlname . '[0-9]+)/', array_keys($_GET)); sort($match); $idprod = (! empty($match[0]) ? $match[0] : ''); - - if (! GETPOST($htmlname) && ! GETPOST($idprod)) - return; - // When used from jQuery, the search term is added as GET param "term". + if (GETPOST($htmlname) == '' && ! GETPOST($idprod)) + { + print json_encode(array()); + return; + } + + // When used from jQuery, the search term is added as GET param "term". $searchkey = (GETPOST($idprod) ? GETPOST($idprod) : (GETPOST($htmlname) ? GETPOST($htmlname) : '')); $form = new Form($db); diff --git a/htdocs/product/card.php b/htdocs/product/card.php index 380163121e3..31a865132c8 100644 --- a/htdocs/product/card.php +++ b/htdocs/product/card.php @@ -165,7 +165,7 @@ if (empty($reshook)) exit; } } - + // Barcode type if ($action == 'setfk_barcode_type' && $createbarcode) { @@ -221,7 +221,7 @@ if (empty($reshook)) $action = "create"; $error++; } - + if (! $error) { $units = GETPOST('units', 'int'); @@ -289,7 +289,7 @@ if (empty($reshook)) $object->volume_units = GETPOST('volume_units'); $object->finished = GETPOST('finished'); $object->fk_unit = GETPOST('units'); - + $accountancy_code_sell = GETPOST('accountancy_code_sell'); $accountancy_code_buy = GETPOST('accountancy_code_buy'); @@ -413,7 +413,7 @@ if (empty($reshook)) $accountancy_code_sell = GETPOST('accountancy_code_sell'); $accountancy_code_buy = GETPOST('accountancy_code_buy'); - + if ($accountancy_code_sell <= 0) { $object->accountancy_code_sell = ''; } else { $object->accountancy_code_sell = $accountancy_code_sell; } if ($accountancy_code_buy <= 0) { $object->accountancy_code_buy = ''; } else { $object->accountancy_code_buy = $accountancy_code_buy; } @@ -643,7 +643,7 @@ if (empty($reshook)) $tmpvat = price2num(preg_replace('/\s*\(.*\)/', '', $tva_tx)); $tmpprodvat = price2num(preg_replace('/\s*\(.*\)/', '', $prod->tva_tx)); - + // On reevalue prix selon taux tva car taux tva transaction peut etre different // de ceux du produit par defaut (par exemple si pays different entre vendeur et acheteur). if ($tmpvat != $tmpprodvat) { @@ -653,7 +653,7 @@ if (empty($reshook)) $pu_ttc = price2num($pu_ht * (1 + ($tmpvat / 100)), 'MU'); } } - + if (GETPOST('propalid') > 0) { // Define cost price for margin calculation $buyprice=0; @@ -666,7 +666,7 @@ if (empty($reshook)) { $buyprice = $result; } - + $result = $propal->addline( $desc, $pu_ht, @@ -709,7 +709,7 @@ if (empty($reshook)) { $buyprice = $result; } - + $result = $commande->addline( $desc, $pu_ht, @@ -895,7 +895,7 @@ else dol_fiche_head(''); print '
'.$langs->trans("Receive").'
'.$langs->trans("DeliveryDate").''; diff --git a/htdocs/holiday/list.php b/htdocs/holiday/list.php index 1ab8fbd785f..90db40fd2e7 100644 --- a/htdocs/holiday/list.php +++ b/htdocs/holiday/list.php @@ -66,7 +66,7 @@ $year_end = GETPOST('year_end'); $search_employe = GETPOST('search_employe'); $search_valideur = GETPOST('search_valideur'); $search_statut = GETPOST('select_statut'); -$type = GETPOST('type','int'); +$type = GETPOST('type','int'); // List of fields to search into when doing a "search in all" $fieldstosearchall = array( @@ -82,7 +82,7 @@ $fieldstosearchall = array( * Actions */ -if (GETPOST("button_removefilter_x") || GETPOST("button_removefilter.x") || GETPOST("button_removefilter")) // Both test are required to be compatible with all browsers +if (GETPOST("button_removefilter_x") || GETPOST("button_removefilter.x") || GETPOST("button_removefilter")) // All tests are required to be compatible with all browsers { $search_ref=""; $month_create=""; @@ -138,7 +138,7 @@ if($year_start > 0) { } } else { if($month_start > 0) { - $filter.= " AND date_format(cp.date_debut, '%m') = '$month_start'"; + $filter.= " AND date_format(cp.date_debut, '%m') = '".$db->escape($month_start)."'"; } } @@ -153,7 +153,7 @@ if($year_end > 0) { } } else { if($month_end > 0) { - $filter.= " AND date_format(cp.date_fin, '%m') = '$month_end'"; + $filter.= " AND date_format(cp.date_fin, '%m') = '".$db->escape($month_end)."'"; } } @@ -168,7 +168,7 @@ if($year_create > 0) { } } else { if($month_create > 0) { - $filter.= " AND date_format(cp.date_create, '%m') = '$month_create'"; + $filter.= " AND date_format(cp.date_create, '%m') = '".$db->escape($month_create)."'"; } } @@ -313,7 +313,7 @@ print ''; -print ''; +print ''; $formother->select_year($year_create,'year_create',1, $min_year, 0); print ' '; -print ''; +print ''; $formother->select_year($year_start,'year_start',1, $min_year, $max_year); print ''; -print ''; +print ''; $formother->select_year($year_end,'year_end',1, $min_year, $max_year); print '
'; - + print ''; $tmpcode=''; if (! empty($modCodeProduct->code_auto)) $tmpcode=$modCodeProduct->getNextValue($object,$type); @@ -1067,14 +1067,14 @@ else //if (! empty($conf->global->MAIN_DISABLE_NOTES_TAB)) available in create mode //{ print '"; //} - + if($conf->categorie->enabled) { // Categories print ''; - } - else // For external software + } + else // For external software { // Accountancy_code_sell print ''; @@ -1460,15 +1460,18 @@ else $linkback = ''.$langs->trans("BackToList").''; $object->next_prev_filter=" fk_product_type = ".$object->type; - dol_banner_tab($object, 'ref', $linkback, ($user->societe_id?0:1), 'ref'); - - + $shownav = 1; + if ($user->societe_id && ! in_array('product', explode(',',$conf->global->MAIN_MODULES_FOR_EXTERNAL))) $shownav=0; + + dol_banner_tab($object, 'ref', $linkback, $shownav, 'ref'); + + print '
'; print '
'; - + print '
'; print '
'.$langs->trans("NoteNotVisibleOnBill").''; - + // We use dolibarr_details as type of DolEditor here, because we must not accept images as description is included into PDF and not accepted by TCPDF. $doleditor = new DolEditor('note_private', GETPOST('note_private'), '', 140, 'dolibarr_details', '', false, true, $conf->global->FCKEDITOR_ENABLE_PRODUCTDESC, ROWS_8, '90%'); $doleditor->Create(); - + print "
'.$langs->trans("Categories").''; @@ -1119,7 +1119,7 @@ else // Accountancy codes print ''; - + if (! empty($conf->accounting->enabled)) { // Accountancy_code_sell @@ -1133,8 +1133,8 @@ else print ''; - } - else // For external software + } + else // For external software { // Accountancy_code_sell print ''; @@ -1378,7 +1378,7 @@ else } // Tags-Categories - if ($conf->categorie->enabled) + if ($conf->categorie->enabled) { print '"; } - + print '
'; print $formaccountancy->select_account(GETPOST('accountancy_code_buy'), 'accountancy_code_buy', 1, null, 1, 1, ''); print '
'.$langs->trans("ProductAccountancySellCode").'
'.$langs->trans("Categories").''; $cate_arbo = $form->select_all_categories(Categorie::TYPE_PRODUCT, '', 'parent', 64, 0, 1); @@ -1395,13 +1395,13 @@ else if (! empty($conf->global->MAIN_DISABLE_NOTES_TAB)) { print '
'.$langs->trans("NoteNotVisibleOnBill").''; - + $doleditor = new DolEditor('note_private', $object->note_private, '', 140, 'dolibarr_notes', '', false, true, $conf->global->FCKEDITOR_ENABLE_PRODUCTDESC, ROWS_4, '90%'); $doleditor->Create(); - + print "
'; print '
'; @@ -1421,8 +1421,8 @@ else print '		'; print $formaccountancy->select_account($object->accountancy_code_buy, 'accountancy_code_buy', 1, '', 1, 1); print '
'.$langs->trans("ProductAccountancySellCode").'
'; - + // Type if (! empty($conf->produit->enabled) && ! empty($conf->service->enabled)) { @@ -1574,7 +1577,7 @@ else } print ''; */ - + // Batch number management (to batch) if (! empty($conf->productbatch->enabled)) { print '
'.$langs->trans("ManageLotSerial").''; @@ -1597,10 +1600,10 @@ else print '
'; print ''; print '
'; - + print '
'; print ''; - + // Nature if($object->type!= Product::TYPE_SERVICE) { @@ -1722,13 +1725,13 @@ else print ''."\n"; print ' '."\n"; } - + print "
'.$langs->trans("NotePrivate").''.(dol_textishtml($object->note_private)?$object->note_private:dol_nl2br($object->note_private,1,true)).'
\n"; print '
'; - + print '
'; print '
'; - + dol_fiche_end(); } @@ -1795,7 +1798,7 @@ if (empty($reshook)) { if ($action == '' || $action == 'view') { - if (($object->type == Product::TYPE_PRODUCT && $user->rights->produit->creer ) || + if (($object->type == Product::TYPE_PRODUCT && $user->rights->produit->creer ) || ($object->type == Product::TYPE_SERVICE && $user->rights->service->creer)) { if (! isset($object->no_button_edit) || $object->no_button_edit <> 1) print '
id.'">'.$langs->trans("Modify").'
'; @@ -1940,7 +1943,7 @@ if (! empty($conf->global->PRODUCT_ADD_FORM_ADD_TO) && $object->id && ($action = print ''; print load_fiche_titre($langs->trans("AddToDraft"),'',''); - + dol_fiche_head(''); $html .= '
'.$langs->trans("Quantity").' '; @@ -1952,7 +1955,7 @@ if (! empty($conf->global->PRODUCT_ADD_FORM_ADD_TO) && $object->id && ($action = print ''; print $html; print '
'; - + print '
'; print ''; print '
'; @@ -1979,10 +1982,10 @@ if ($action == '' || $action == 'view') $delallowed=$user->rights->produit->supprimer; $var=true; - + print $formfile->showdocuments($modulepart,$object->ref,$filedir,$urlsource,$genallowed,$delallowed,'',0,0,0,28,0,'',0,'',$object->default_lang, '', $object); $somethingshown=$formfile->numoffiles; - + print '
'; print '
'; diff --git a/htdocs/product/class/product.class.php b/htdocs/product/class/product.class.php index 48badb5623e..0f28ffdea30 100644 --- a/htdocs/product/class/product.class.php +++ b/htdocs/product/class/product.class.php @@ -108,7 +108,7 @@ class Product extends CommonObject var $localtax2_tx; var $localtax1_type; var $localtax2_type; - + //! Stock real var $stock_reel; //! Stock virtual @@ -196,7 +196,7 @@ class Product extends CommonObject public $fourn_pu; public $fourn_price_base_type; - + /** * @deprecated * @see ref_supplier @@ -306,7 +306,7 @@ class Product extends CommonObject if (empty($this->localtax2_tx)) $this->localtax2_tx = 0; if (empty($this->localtax1_type)) $this->localtax1_type = '0'; if (empty($this->localtax2_type)) $this->localtax2_type = '0'; - + if (empty($this->price)) $this->price = 0; if (empty($this->price_min)) $this->price_min = 0; @@ -675,7 +675,7 @@ class Product extends CommonObject $org->fetch($this->id); $this->oldcopy=$org; } - + // Test if batch management is activated on existing product // If yes, we create missing entries into product_batch if ($this->hasbatch() && !$this->oldcopy->hasbatch()) @@ -691,7 +691,7 @@ class Product extends CommonObject $qty_batch = 0; foreach ($ObjW->detail_batch as $detail) // Each lines of detail in product_batch of the current $ObjW = product_stock { - if ($detail->batch == $valueforundefinedlot || $detail->batch == 'Undefined') + if ($detail->batch == $valueforundefinedlot || $detail->batch == 'Undefined') { // We discard this line, we will create it later $sqlclean="DELETE FROM ".MAIN_DB_PREFIX."product_batch WHERE batch in('Undefined', '".$valueforundefinedlot."') AND fk_product_stock = ".$ObjW->id; @@ -703,7 +703,7 @@ class Product extends CommonObject } continue; } - + $qty_batch += $detail->qty; } // Quantities in batch details are not same as stock quantity, @@ -711,7 +711,7 @@ class Product extends CommonObject if ($ObjW->real <> $qty_batch) { $ObjBatch = new Productbatch($this->db); - $ObjBatch->batch = $valueforundefinedlot; + $ObjBatch->batch = $valueforundefinedlot; $ObjBatch->qty = ($ObjW->real - $qty_batch); $ObjBatch->fk_product_stock = $ObjW->id; @@ -738,7 +738,7 @@ class Product extends CommonObject $sql.= ", localtax2_tx = " . $this->localtax2_tx; $sql.= ", localtax1_type = " . ($this->localtax1_type!=''?"'".$this->localtax1_type."'":"'0'"); $sql.= ", localtax2_type = " . ($this->localtax2_type!=''?"'".$this->localtax2_type."'":"'0'"); - + $sql.= ", barcode = ". (empty($this->barcode)?"null":"'".$this->db->escape($this->barcode)."'"); $sql.= ", fk_barcode_type = ". (empty($this->barcode_type)?"null":$this->db->escape($this->barcode_type)); @@ -924,8 +924,8 @@ class Product extends CommonObject if ($result < 0) { $error++; } // End call triggers } - - // Delete from product_batch on product delete + + // Delete from product_batch on product delete if (! $error) { $sql = "DELETE FROM ".MAIN_DB_PREFIX.'product_batch'; @@ -940,7 +940,7 @@ class Product extends CommonObject $this->errors[] = $this->db->lasterror(); } } - + // Delete all child tables if (! $error) { @@ -1038,7 +1038,7 @@ class Product extends CommonObject function setMultiLangs($user) { global $conf, $langs; - + $langs_available = $langs->get_available_languages(DOL_DOCUMENT_ROOT, 0, 2); $current_lang = $langs->getDefaultLang(); @@ -1357,7 +1357,7 @@ class Product extends CommonObject $sql.= " WHERE pfp.rowid = ".$prodfournprice; if ($qty > 0) $sql.= " AND pfp.quantity <= ".$qty; $sql.= " ORDER BY pfp.quantity DESC"; - + dol_syslog(get_class($this)."::get_buyprice first search by prodfournprice/qty", LOG_DEBUG); $resql = $this->db->query($sql); if ($resql) @@ -1487,7 +1487,7 @@ class Product extends CommonObject // If multiprices are enabled, then we check if the current product is subject to price autogeneration // Price will be modified ONLY when the first one is the one that is being modified - if (!empty($conf->global->PRODUIT_MULTIPRICES) && !$ignore_autogen && $this->price_autogen && ($level == 1)) + if (!empty($conf->global->PRODUIT_MULTIPRICES) && !$ignore_autogen && $this->price_autogen && ($level == 1)) { return $this->generateMultiprices($user, $newprice, $newpricebase, $newvat, $newnpr, $newpsq); } @@ -1555,7 +1555,7 @@ class Product extends CommonObject } if (empty($localtax1)) $localtax1=0; // If = '' then = 0 if (empty($localtax2)) $localtax2=0; // If = '' then = 0 - + $this->db->begin(); // Ne pas mettre de quote sur les numeriques decimaux. @@ -1601,7 +1601,7 @@ class Product extends CommonObject $this->localtax2_tx = $localtax2; $this->localtax1_type = $localtaxtype1; $this->localtax2_type = $localtaxtype2; - + // Price by quantity $this->price_by_qty = $newpsq; @@ -1702,7 +1702,7 @@ class Product extends CommonObject $this->url = $obj->url; $this->note_private = $obj->note_private; $this->note = $obj->note_private; // deprecated - + $this->type = $obj->fk_product_type; $this->status = $obj->tosell; $this->status_buy = $obj->tobuy; @@ -1726,7 +1726,7 @@ class Product extends CommonObject $this->localtax2_tx = $obj->localtax2_tx; $this->localtax1_type = $obj->localtax1_type; $this->localtax2_type = $obj->localtax2_type; - + $this->finished = $obj->finished; $this->duration = $obj->duration; $this->duration_value = substr($obj->duration,0,dol_strlen($obj->duration)-1); @@ -1773,7 +1773,7 @@ class Product extends CommonObject // multilangs if (! empty($conf->global->MAIN_MULTILANGS)) $this->getMultiLangs(); - + // Load multiprices array if (! empty($conf->global->PRODUIT_MULTIPRICES)) { @@ -2006,29 +2006,29 @@ class Product extends CommonObject $this->stats_commande['rows']=$obj->nb_rows; $this->stats_commande['qty']=$obj->qty?$obj->qty:0; - // if it's a virtual product, maybe it is in order by extension + // if it's a virtual product, maybe it is in order by extension if (! empty($conf->global->ORDER_ADD_ORDERS_WITH_PARENT_PROD_IF_INCDEC)) - { + { $TFather = $this->getFather(); if (is_array($TFather) && !empty($TFather)) { foreach($TFather as &$fatherData) { $pFather = new Product($this->db); - $pFather->id = $fatherData['id']; + $pFather->id = $fatherData['id']; $qtyCoef = $fatherData['qty']; - + if ($fatherData['incdec']) { $pFather->load_stats_commande($socid, $filtrestatut); - + $this->stats_commande['customers']+=$pFather->stats_commande['customers']; $this->stats_commande['nb']+=$pFather->stats_commande['nb']; $this->stats_commande['rows']+=$pFather->stats_commande['rows']; $this->stats_commande['qty']+=$pFather->stats_commande['qty'] * $qtyCoef; - + } } } } - + return 1; } else @@ -2432,7 +2432,7 @@ class Product extends CommonObject $sql = "SELECT sum(d.qty), date_format(p.datep, '%Y%m')"; if ($mode == 'bynumber') $sql.= ", count(DISTINCT p.rowid)"; $sql.= " FROM ".MAIN_DB_PREFIX."propaldet as d, ".MAIN_DB_PREFIX."propal as p, ".MAIN_DB_PREFIX."societe as s"; - if ($filteronproducttype >= 0) $sql.=", ".MAIN_DB_PREFIX."product as prod"; + if ($filteronproducttype >= 0) $sql.=", ".MAIN_DB_PREFIX."product as prod"; if (!$user->rights->societe->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql.= " WHERE p.rowid = d.fk_propal"; if ($this->id > 0) $sql.= " AND d.fk_product =".$this->id; @@ -2464,7 +2464,7 @@ class Product extends CommonObject $sql = "SELECT sum(d.qty), date_format(p.date_valid, '%Y%m')"; if ($mode == 'bynumber') $sql.= ", count(DISTINCT p.rowid)"; $sql.= " FROM ".MAIN_DB_PREFIX."supplier_proposaldet as d, ".MAIN_DB_PREFIX."supplier_proposal as p, ".MAIN_DB_PREFIX."societe as s"; - if ($filteronproducttype >= 0) $sql.=", ".MAIN_DB_PREFIX."product as prod"; + if ($filteronproducttype >= 0) $sql.=", ".MAIN_DB_PREFIX."product as prod"; if (!$user->rights->societe->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql.= " WHERE p.rowid = d.fk_supplier_proposal"; if ($this->id > 0) $sql.= " AND d.fk_product =".$this->id; @@ -2479,7 +2479,7 @@ class Product extends CommonObject return $this->_get_stats($sql,$mode); } - + /** * Return nb of units or orders in which product is included * @@ -2526,7 +2526,7 @@ class Product extends CommonObject $sql = "SELECT sum(d.qty), date_format(c.date_commande, '%Y%m')"; if ($mode == 'bynumber') $sql.= ", count(DISTINCT c.rowid)"; $sql.= " FROM ".MAIN_DB_PREFIX."commande_fournisseurdet as d, ".MAIN_DB_PREFIX."commande_fournisseur as c, ".MAIN_DB_PREFIX."societe as s"; - if ($filteronproducttype >= 0) $sql.=", ".MAIN_DB_PREFIX."product as p"; + if ($filteronproducttype >= 0) $sql.=", ".MAIN_DB_PREFIX."product as p"; if (!$user->rights->societe->client->voir && !$socid) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql.= " WHERE c.rowid = d.fk_commande"; if ($this->id > 0) $sql.= " AND d.fk_product =".$this->id; @@ -2715,7 +2715,7 @@ class Product extends CommonObject $now=dol_now(); dol_syslog(get_class($this)."::add_fournisseur id_fourn = ".$id_fourn." ref_fourn=".$ref_fourn." quantity=".$quantity, LOG_DEBUG); - + if ($ref_fourn) { $sql = "SELECT rowid, fk_product"; @@ -3104,7 +3104,7 @@ class Product extends CommonObject function getChildsArbo($id, $firstlevelonly=0, $level=1) { global $alreadyfound; - + $sql = "SELECT p.rowid, p.label as label, pa.qty as qty, pa.fk_product_fils as id, p.fk_product_type, pa.incdec"; $sql.= " FROM ".MAIN_DB_PREFIX."product as p"; $sql.= ", ".MAIN_DB_PREFIX."product_association as pa"; @@ -3113,18 +3113,18 @@ class Product extends CommonObject $sql.= " AND pa.fk_product_fils != ".$id; // This should not happens, it is to avoid infinite loop if it happens dol_syslog(get_class($this).'::getChildsArbo id='.$id.' level='.$level, LOG_DEBUG); - + if ($level == 1) $alreadyfound=array($id=>1); // We init array of found object to start of tree, so if we found it later (should not happened), we stop immediatly // Protection against infinite loop if ($level > 30) return array(); - + $res = $this->db->query($sql); if ($res) { $prods = array(); while ($rec = $this->db->fetch_array($res)) { - if (! empty($alreadyfound[$rec['rowid']])) + if (! empty($alreadyfound[$rec['rowid']])) { dol_syslog(get_class($this).'::getChildsArbo the product id='.$rec['rowid'].' was already found at a higher level in tree. We discard to avoid infinite loop', LOG_WARNING); continue; @@ -3194,7 +3194,7 @@ class Product extends CommonObject $result=''; $newref=$this->ref; if ($maxlength) $newref=dol_trunc($newref,$maxlength,'middle'); - + if ($this->type == Product::TYPE_PRODUCT) $label = '' . $langs->trans("ShowProduct") . ''; if ($this->type == Product::TYPE_SERVICE) $label = '' . $langs->trans("ShowService") . ''; if (! empty($this->ref)) @@ -3217,13 +3217,13 @@ class Product extends CommonObject { // } - if (! empty($this->entity)) + if (! empty($this->entity)) { $tmpphoto = $this->show_photos($conf->product->multidir_output[$this->entity],1,1,0,0,0,80); - if ($this->nbphoto > 0) $label .= '
' . $tmpphoto; + if ($this->nbphoto > 0) $label .= '
' . $tmpphoto; } - + $linkclose=''; if (empty($notooltip)) { @@ -3235,7 +3235,7 @@ class Product extends CommonObject $linkclose.= ' title="'.dol_escape_htmltag($label, 1, 1).'"'; $linkclose.=' class="classfortooltip"'; - + if (! is_object($hookmanager)) { include_once DOL_DOCUMENT_ROOT.'/core/class/hookmanager.class.php'; @@ -3260,7 +3260,7 @@ class Product extends CommonObject $linkstart = ''; $linkend=''; - + if ($withpicto) { if ($this->type == Product::TYPE_PRODUCT) $result.=($linkstart.img_object(($notooltip?'':$label), 'product', ($notooltip?'':'class="classfortooltip"'), 0, 0, $notooltip?0:1).$linkend.' '); if ($this->type == Product::TYPE_SERVICE) $result.=($linkstart.img_object(($notooltip?'':$label), 'service', ($notooltip?'':'class="classfortooltip"'), 0, 0, $notooltip?0:1).$linkend.' '); @@ -3303,7 +3303,7 @@ class Product extends CommonObject function LibStatut($status,$mode=0,$type=0) { global $conf, $langs; - + $langs->load('products'); if (! empty($conf->productbatch->enabled)) $langs->load("productbatch"); @@ -3473,14 +3473,14 @@ class Product extends CommonObject /** * Load information about stock of a product into stock_reel, stock_warehouse[] (including stock_warehouse[idwarehouse]->detail_batch for batch products) - * This function need a lot of load. If you use it on list, use a cache to execute it one for each product id. + * This function need a lot of load. If you use it on list, use a cache to execute it one for each product id. * If ENTREPOT_EXTRA_STATUS set, filtering on warehouse status possible. * - * @param string $option '' = Load all stock info, also from closed and internal warehouses, - * 'nobatch' = Do not load batch information, + * @param string $option '' = Load all stock info, also from closed and internal warehouses, + * 'nobatch' = Do not load batch information, * 'novirtual' = Do not load virtual stock, * 'warehouseopen' = Load stock from open warehouses, - * 'warehouseclosed' = Load stock from closed warehouses, + * 'warehouseclosed' = Load stock from closed warehouses, * 'warehouseinternal' = Load stock from warehouses for internal correct/transfer only * @return int < 0 if KO, > 0 if OK * @see load_virtual_stock, getBatchInfo @@ -3488,26 +3488,26 @@ class Product extends CommonObject function load_stock($option='') { global $conf; - + $this->stock_reel = 0; $this->stock_warehouse = array(); $this->stock_theorique = 0; $warehouseStatus = array(); - if (preg_match('/warehouseclosed/', $option)) + if (preg_match('/warehouseclosed/', $option)) { $warehouseStatus[] = Entrepot::STATUS_CLOSED; } - if (preg_match('/warehouseopen/', $option)) + if (preg_match('/warehouseopen/', $option)) { $warehouseStatus[] = Entrepot::STATUS_OPEN_ALL; } - if (preg_match('/warehouseinternal/', $option)) + if (preg_match('/warehouseinternal/', $option)) { $warehouseStatus[] = Entrepot::STATUS_OPEN_INTERNAL; } - + $sql = "SELECT ps.rowid, ps.reel, ps.fk_entrepot"; $sql.= " FROM ".MAIN_DB_PREFIX."product_stock as ps"; $sql.= ", ".MAIN_DB_PREFIX."entrepot as w"; @@ -3537,7 +3537,7 @@ class Product extends CommonObject } $this->db->free($result); - if (! preg_match('/novirtual/', $option)) + if (! preg_match('/novirtual/', $option)) { $this->load_virtual_stock(); // This also load stats_commande_fournisseur, ... } @@ -3553,7 +3553,7 @@ class Product extends CommonObject /** * Load value ->stock_theorique of a product. Property this->id must be defined. - * This function need a lot of load. If you use it on list, use a cache to execute it one for each product id. + * This function need a lot of load. If you use it on list, use a cache to execute it one for each product id. * * @return int < 0 if KO, > 0 if OK * @see load_stock, getBatchInfo @@ -3790,7 +3790,7 @@ class Product extends CommonObject // Find name of thumb file $photo_vignette=basename(getImageFileNameForSize($dir.$file, '_small')); if (! dol_is_file($dirthumb.$photo_vignette)) $photo_vignette=''; - + // Get filesize of original file $imgarray=dol_getImageSize($dir.$photo); @@ -3804,9 +3804,9 @@ class Product extends CommonObject else if ($nbbyrow < 0) $return .= '
'; $return.= "\n"; - + $relativefile=preg_replace('/^\//', '', $pdir.$photo); - if (empty($nolink)) + if (empty($nolink)) { $urladvanced=getAdvancedPreviewUrl('product', $relativefile); if ($urladvanced) $return.=''; @@ -3817,7 +3817,7 @@ class Product extends CommonObject // Si fichier vignette disponible et image source trop grande, on utilise la vignette, sinon on utilise photo origine $alt=$langs->transnoentitiesnoconv('File').': '.$relativefile; $alt.=' - '.$langs->transnoentitiesnoconv('Size').': '.$imgarray['width'].'x'.$imgarray['height']; - + if (empty($maxHeight) || $photo_vignette && $imgarray['height'] > $maxHeight) { $return.= ''; @@ -4017,7 +4017,7 @@ class Product extends CommonObject */ function load_state_board() { - global $conf, $user; + global $conf, $user, $hookmanager; $this->nb=array(); @@ -4025,6 +4025,13 @@ class Product extends CommonObject $sql.= " FROM ".MAIN_DB_PREFIX."product as p"; $sql.= ' WHERE p.entity IN ('.getEntity($this->element, 1).')'; $sql.= " AND p.fk_product_type <> 1"; + // Add where from hooks + if (is_object($hookmanager)) + { + $parameters=array(); + $reshook=$hookmanager->executeHooks('printFieldListWhere',$parameters); // Note that $action and $object may have been modified by hook + $sql.=$hookmanager->resPrint; + } $resql=$this->db->query($sql); if ($resql) @@ -4350,7 +4357,7 @@ class Product extends CommonObject return $user->rights->service; } } - + /** * Load information for tab info * diff --git a/htdocs/product/class/service.class.php b/htdocs/product/class/service.class.php index 2cd785527a5..ed78adb5ee5 100644 --- a/htdocs/product/class/service.class.php +++ b/htdocs/product/class/service.class.php @@ -56,7 +56,7 @@ class Service extends CommonObject */ function load_state_board() { - global $conf, $user; + global $conf, $user, $hookmanager; $this->nb=array(); @@ -64,6 +64,13 @@ class Service extends CommonObject $sql.= " FROM ".MAIN_DB_PREFIX."product as p"; $sql.= ' WHERE p.entity IN ('.getEntity('product', 1).')'; $sql.= " AND p.fk_product_type = 1"; + // Add where from hooks + if (is_object($hookmanager)) + { + $parameters=array(); + $reshook=$hookmanager->executeHooks('printFieldListWhere',$parameters); // Note that $action and $object may have been modified by hook + $sql.=$hookmanager->resPrint; + } $resql=$this->db->query($sql); if ($resql) diff --git a/htdocs/product/composition/card.php b/htdocs/product/composition/card.php index 230a3dbee23..5f3aed85cdd 100644 --- a/htdocs/product/composition/card.php +++ b/htdocs/product/composition/card.php @@ -86,8 +86,8 @@ if ($action == 'add_prod' && ($user->rights->produit->creer || $user->rights->se $action = 're-edit'; if ($object->error == "isFatherOfThis") { setEventMessages($langs->trans("ErrorAssociationIsFatherOfThis"), null, 'errors'); - } - else + } + else { setEventMessages($object->error, $object->errors, 'errors'); } @@ -204,15 +204,18 @@ if ($id > 0 || ! empty($ref)) if ($user->rights->produit->lire || $user->rights->service->lire) { $linkback = ''.$langs->trans("BackToList").''; - - dol_banner_tab($object, 'ref', $linkback, ($user->societe_id?0:1), 'ref', '', '', '', 0, '', '', 1); - + + $shownav = 1; + if ($user->societe_id && ! in_array('product', explode(',',$conf->global->MAIN_MODULES_FOR_EXTERNAL))) $shownav=0; + + dol_banner_tab($object, 'ref', $linkback, $shownav, 'ref', '', '', '', 0, '', '', 1); + if ($object->type!=Product::TYPE_SERVICE || empty($conf->global->PRODUIT_MULTIPRICES)) { - print '
'; + print '
'; print ''; } - + // Nature if ($object->type!=Product::TYPE_SERVICE) { @@ -256,11 +259,11 @@ if ($id > 0 || ! empty($ref)) dol_fiche_end(); print '
'; - + $prodsfather = $object->getFather(); // Parent Products $object->get_sousproduits_arbo(); // Load $object->sousprods - $prods_arbo=$object->get_arbo_each_prod(); - + $prods_arbo=$object->get_arbo_each_prod(); + $nbofsubsubproducts=count($prods_arbo); // This include sub sub product into nb $prodschild = $object->getChildsArbo($id,1); $nbofsubproducts=count($prodschild); // This include only first level of childs @@ -369,7 +372,7 @@ if ($id > 0 || ! empty($ref)) $totalline=price2num($value['nb'] * ($product_fourn->fourn_unitprice * (1 - $product_fourn->fourn_remise_percent/100) + $product_fourn->fourn_unitcharges - $product_fourn->fourn_remise), 'MT'); $total+=$totalline; - + print ''; @@ -385,7 +388,7 @@ if ($id > 0 || ! empty($ref)) print ''; - + // Stock if (! empty($conf->stock->enabled)) print ''; // Real stock @@ -424,7 +427,7 @@ if ($id > 0 || ! empty($ref)) // Best selling price print ''; print ''; - + if (! empty($conf->stock->enabled)) print ''; // Real stock print ''; print ''; @@ -456,7 +459,7 @@ if ($id > 0 || ! empty($ref)) if ($atleastonenotdefined) print $langs->trans("Unknown").' ('.$langs->trans("SomeSubProductHaveNoPrices").')'; print ($atleastonenotdefined?'':price($totalsell,'','',0,0,-1,$conf->currency)); print ''; - + // Stock if (! empty($conf->stock->enabled)) print ''; diff --git a/htdocs/product/document.php b/htdocs/product/document.php index 2e241d9c156..0f1c74135b0 100644 --- a/htdocs/product/document.php +++ b/htdocs/product/document.php @@ -72,7 +72,7 @@ if ($id > 0 || ! empty($ref)) if (! empty($conf->product->enabled)) $upload_dir = $conf->product->multidir_output[$object->entity].'/'.get_exdir(0, 0, 0, 0, $object, 'product').dol_sanitizeFileName($object->ref); elseif (! empty($conf->service->enabled)) $upload_dir = $conf->service->multidir_output[$object->entity].'/'.get_exdir(0, 0, 0, 0, $object, 'product').dol_sanitizeFileName($object->ref); - + if (! empty($conf->global->PRODUCT_USE_OLD_PATH_FOR_PHOTO)) // For backward compatiblity, we scan also old dirs { if (! empty($conf->product->enabled)) $upload_dirold = $conf->product->multidir_output[$object->entity].'/'.substr(substr("000".$object->id, -2),1,1).'/'.substr(substr("000".$object->id, -2),0,1).'/'.$object->id."/photos"; @@ -210,11 +210,14 @@ if ($object->id) $linkback = ''.$langs->trans("BackToList").''; - - dol_banner_tab($object, 'ref', $linkback, ($user->societe_id?0:1), 'ref'); - + + $shownav = 1; + if ($user->societe_id && ! in_array('product', explode(',',$conf->global->MAIN_MODULES_FOR_EXTERNAL))) $shownav=0; + + dol_banner_tab($object, 'ref', $linkback, $shownav, 'ref'); + print '
'; - + print '
'; print '
'; print ($notdefined?'':($value['nb']> 1 ? $value['nb'].'x' : '').price($product_fourn->fourn_unitprice,'','',0,0,-1,$conf->currency)); print ''; print ($notdefined?'':($value['nb']> 1 ? $value['nb'].'x' : '').price($pricesell,'','',0,0,-1,$conf->currency)); print ''.$value['stock'].'  '.$value['nb'].'  
'; @@ -224,14 +227,14 @@ if ($object->id) print ''; print '
'; - + dol_fiche_end(); $permission = (($object->type == Product::TYPE_PRODUCT && $user->rights->produit->creer) || ($object->type == Product::TYPE_SERVICE && $user->rights->service->creer)); $param = '&id=' . $object->id; include_once DOL_DOCUMENT_ROOT . '/core/tpl/document_actions_post_headers.tpl.php'; - + // Merge propal PDF document PDF files if (!empty($conf->global->PRODUIT_PDF_MERGE_PROPAL)) { @@ -307,17 +310,17 @@ if ($object->id) $checked = ''; $filename = $filetoadd['name']; - if ($conf->global->MAIN_MULTILANGS) + if ($conf->global->MAIN_MULTILANGS) { - if (array_key_exists($filetoadd['name'] . '_' . $delauft_lang, $filetomerge->lines)) + if (array_key_exists($filetoadd['name'] . '_' . $delauft_lang, $filetomerge->lines)) { $filename = $filetoadd['name'] . ' - ' . $langs->trans('Language_' . $delauft_lang); $checked = ' checked '; } } - else + else { - if (array_key_exists($filetoadd['name'], $filetomerge->lines)) + if (array_key_exists($filetoadd['name'], $filetomerge->lines)) { $checked = ' checked '; } diff --git a/htdocs/product/fournisseurs.php b/htdocs/product/fournisseurs.php index 1d54495b605..5413bee8630 100644 --- a/htdocs/product/fournisseurs.php +++ b/htdocs/product/fournisseurs.php @@ -98,7 +98,7 @@ if (empty($reshook)) if ($id) { $result=$object->fetch($id); - $object->cost_price = price2num($cost_price); + $object->cost_price = price2num($cost_price); $result=$object->update($object->id, $user); if ($result > 0) { @@ -112,7 +112,7 @@ if (empty($reshook)) } } } - + if ($action == 'confirm_remove_pf') { if ($rowid) // id of product supplier price to remove @@ -299,20 +299,23 @@ if ($id > 0 || $ref) $formconfirm = $form->formconfirm($_SERVER["PHP_SELF"] . '?id=' . $id . '&rowid=' . $rowid, $langs->trans('DeleteProductBuyPrice'), $langs->trans('ConfirmDeleteProductBuyPrice'), 'confirm_remove_pf', '', 0, 1); echo $formconfirm; } - + if ($action <> 'edit' && $action <> 're-edit') { $head=product_prepare_head($object); $titre=$langs->trans("CardProduct".$object->type); $picto=($object->type== Product::TYPE_SERVICE?'service':'product'); dol_fiche_head($head, 'suppliers', $titre, 0, $picto); - + $linkback = ''.$langs->trans("BackToList").''; - - dol_banner_tab($object, 'ref', $linkback, ($user->societe_id?0:1), 'ref'); - + + $shownav = 1; + if ($user->societe_id && ! in_array('product', explode(',',$conf->global->MAIN_MODULES_FOR_EXTERNAL))) $shownav=0; + + dol_banner_tab($object, 'ref', $linkback, $shownav, 'ref'); + print '
'; - + print '
'; print '
'; @@ -337,14 +340,14 @@ if ($id > 0 || $ref) print ''; - + print '
'; print $form->editfieldval($text,'cost_price',$object->cost_price,$object,$user->rights->produit->creer||$user->rights->service->creer,'amount:6'); print '
'; print '
'; print '
'; - + dol_fiche_end(); - + // Form to add or update a price if (($action == 'add_price' || $action == 'updateprice' ) && ($user->rights->produit->creer || $user->rights->service->creer)) @@ -364,7 +367,7 @@ if ($id > 0 || $ref) print ''; print ''; print ''; - + dol_fiche_head(); print ''; @@ -449,11 +452,11 @@ if ($id > 0 || $ref) $default_vat=get_default_tva($mysoc2, $mysoc, $object->id, 0); $default_npr=get_default_npr($mysoc2, $mysoc, $object->id, 0); if (empty($default_vat)) $default_npr=$default_vat; - + print ''; print '
'.$langs->trans("VATRateForSupplierProduct").''; //print $form->load_tva('tva_tx',$object->tva_tx,$supplier,$mysoc); // Do not use list here as it may be any vat rates for any country - if (! empty($rowid)) // If we have a supplier, it is an update, we must show the vat of current supplier price + if (! empty($rowid)) // If we have a supplier, it is an update, we must show the vat of current supplier price { $tmpproductsupplier=new ProductFournisseur($db); $tmpproductsupplier->fetch_product_fournisseur_price($rowid, 1); @@ -462,7 +465,7 @@ if ($id > 0 || $ref) } else { - if (empty($default_vat)) + if (empty($default_vat)) { $default_vat=$object->tva_tx; } @@ -588,7 +591,7 @@ if ($id > 0 || $ref) $product_fourn_list = $product_fourn->list_product_fournisseur_price($object->id, $sortfield, $sortorder); $nbtotalofrecords = count($product_fourn_list); print_barre_liste($langs->trans('SupplierPrices'), $page, $_SERVEUR ['PHP_SELF'], $option, $sortfield, $sortorder, '', count($product_fourn_list), $nbtotalofrecords, 'title_accountancy.png'); - + // Suppliers list title print '
'; print ''; @@ -607,7 +610,7 @@ if ($id > 0 || $ref) print_liste_field_titre($langs->trans("DiscountQtyMin"),$_SERVER["PHP_SELF"],'','',$param,'align="right"',$sortfield,$sortorder); print_liste_field_titre($langs->trans("NbDaysToDelivery"),$_SERVER["PHP_SELF"],"pfp.delivery_time_days","",$param,'align="right"',$sortfield,$sortorder); print_liste_field_titre($langs->trans("ReputationForThisProduct"),$_SERVER["PHP_SELF"],"pfp.supplier_reputation","",$param,'align="center"',$sortfield,$sortorder); - + // Charges ???? if ($conf->global->PRODUCT_CHARGES) { @@ -628,7 +631,7 @@ if ($id > 0 || $ref) // Supplier print ''; - + // Supplier print ''; @@ -674,8 +677,8 @@ if ($id > 0 || $ref) // Reputation print ''; // Charges ???? diff --git a/htdocs/product/index.php b/htdocs/product/index.php index 74a974804ff..981ba71e72d 100644 --- a/htdocs/product/index.php +++ b/htdocs/product/index.php @@ -42,6 +42,9 @@ else $result=restrictedArea($user,'produit|service'); $langs->load("products"); $langs->load("stocks"); +// Initialize technical object to manage hooks. Note that conf->hooks_modules contains array of hooks +$hookmanager->initHooks(array('productindex')); + $product_static = new Product($db); @@ -80,7 +83,7 @@ print '
'; /* * Search Area of product/service */ - + // Search contract if ((! empty($conf->product->enabled) || ! empty($conf->service->enabled)) && ($user->rights->produit->lire || $user->rights->service->lire)) { @@ -102,7 +105,7 @@ if (count($listofsearchfields)) print '
'; $i++; } - print '
'.$productfourn->getSocNomUrl(1,'supplier').''.$productfourn->fourn_ref.''; if (!empty($productfourn->supplier_reputation) && !empty($object->reputations[$productfourn->supplier_reputation])) { - print $object->reputations[$productfourn->supplier_reputation]; - } + print $object->reputations[$productfourn->supplier_reputation]; + } print'
'; + print '
'; print ''; print '
'; } @@ -116,6 +119,10 @@ $prodser[0][0]=$prodser[0][1]=$prodser[1][0]=$prodser[1][1]=0; $sql = "SELECT COUNT(p.rowid) as total, p.fk_product_type, p.tosell, p.tobuy"; $sql.= " FROM ".MAIN_DB_PREFIX."product as p"; $sql.= ' WHERE p.entity IN ('.getEntity($product_static->element, 1).')'; +// Add where from hooks +$parameters=array(); +$reshook=$hookmanager->executeHooks('printFieldListWhere',$parameters); // Note that $action and $object may have been modified by hook +$sql.=$hookmanager->resPrint; $sql.= " GROUP BY p.fk_product_type, p.tosell, p.tobuy"; $result = $db->query($sql); while ($objp = $db->fetch_object($result)) @@ -246,6 +253,10 @@ $sql.= " p.tms as datem"; $sql.= " FROM ".MAIN_DB_PREFIX."product as p"; $sql.= " WHERE p.entity IN (".getEntity($product_static->element, 1).")"; if ($type != '') $sql.= " AND p.fk_product_type = ".$type; +// Add where from hooks +$parameters=array(); +$reshook=$hookmanager->executeHooks('printFieldListWhere',$parameters); // Note that $action and $object may have been modified by hook +$sql.=$hookmanager->resPrint; $sql.= $db->order("p.tms","DESC"); $sql.= $db->plimit($max,0); @@ -324,12 +335,12 @@ if ($result) else print price($objp->price).' '.$langs->trans("HT"); print '		'; + print ''; print $product_static->LibStatut($objp->tosell,5,0); - print "'; + print "'; print $product_static->LibStatut($objp->tobuy,5,1); - print "
'.dol_trunc($objp->label,40).''; print yn($objp->tobatch); print ''.$objp->accountancy_code_sell.''; print dol_print_date($objp->date_update, 'dayhour'); print ' 
"; diff --git a/htdocs/product/note.php b/htdocs/product/note.php index 9a914527a83..2d71c2ff1a3 100644 --- a/htdocs/product/note.php +++ b/htdocs/product/note.php @@ -90,21 +90,24 @@ if ($id > 0 || ! empty($ref)) $head = product_prepare_head($object); $titre=$langs->trans("CardProduct".$object->type); $picto=($object->type==Product::TYPE_SERVICE?'service':'product'); - + dol_fiche_head($head, 'note', $titre, 0, $picto); $linkback = ''.$langs->trans("BackToList").''; - dol_banner_tab($object, 'ref', $linkback, ($user->societe_id?0:1), 'ref'); + $shownav = 1; + if ($user->societe_id && ! in_array('product', explode(',',$conf->global->MAIN_MODULES_FOR_EXTERNAL))) $shownav=0; + + dol_banner_tab($object, 'ref', $linkback, $shownav, 'ref'); $cssclass='titlefield'; //if ($action == 'editnote_public') $cssclass='titlefieldcreate'; //if ($action == 'editnote_private') $cssclass='titlefieldcreate'; - + //print '
'; - + print '
'; - + include DOL_DOCUMENT_ROOT.'/core/tpl/notes.tpl.php'; dol_fiche_end(); diff --git a/htdocs/product/price.php b/htdocs/product/price.php index 607d6e07097..cbfe90a5a52 100644 --- a/htdocs/product/price.php +++ b/htdocs/product/price.php @@ -90,9 +90,9 @@ if (empty($reshook)) { if (GETPOST("button_removefilter_x") || GETPOST("button_removefilter.x") || GETPOST("button_removefilter")) // All tests are required to be compatible with all browsers { - $search_soc = ''; + $search_soc = ''; } - + if ($action == 'setlabelsellingprice' && $user->admin) { require_once DOL_DOCUMENT_ROOT . '/core/lib/admin.lib.php'; @@ -100,7 +100,7 @@ if (empty($reshook)) dolibarr_set_const($db, $keyforlabel, GETPOST('labelsellingprice','alpha'), 'chaine', 0, '', $conf->entity); $action = ''; } - + if (($action == 'update_vat') && !$cancel && ($user->rights->produit->creer || $user->rights->service->creer)) { $tva_tx_txt = GETPOST('tva_tx', 'alpha'); // tva_tx can be '8.5' or '8.5*' or '8.5 (XXX)' or '8.5* (XXX)' @@ -149,14 +149,14 @@ if (empty($reshook)) $error++; setEventMessages($object->error, $object->errors, 'errors'); } - + if ($error) { //$localtaxarray=array('0'=>$localtax1_type,'1'=>$localtax1,'2'=>$localtax2_type,'3'=>$localtax2); $localtaxarray=array(); // We do not store localtaxes into product, we will use instead the "vat code" to retreive them. $object->updatePrice(0, $object->price_base_type, $user, $tva_tx, '', 0, $npr, 0, 0, $localtaxarray, $vatratecode); } - + if (! $error) { $db->commit(); @@ -165,10 +165,10 @@ if (empty($reshook)) { $db->rollback(); } - + $action=''; } - + if (($action == 'update_price') && !$cancel && $object->getRights()->creer) { $error = 0; @@ -208,14 +208,14 @@ if (empty($reshook)) //Shall we generate prices using price rules? $object->price_autogen = GETPOST('usePriceRules') == 'on'; - for ($i = 1; $i <= $conf->global->PRODUIT_MULTIPRICES_LIMIT; $i ++) + for ($i = 1; $i <= $conf->global->PRODUIT_MULTIPRICES_LIMIT; $i ++) { if (!isset($newprice[$i])) { continue; } $tva_tx_txt = $newvattx[$i]; - + $vatratecode = ''; $tva_tx = preg_replace('/[^0-9\.].*$/', '', $tva_tx_txt); // keep remove all after the numbers and dot $npr = preg_match('/\*/', $tva_tx_txt) ? 1 : 0; @@ -242,7 +242,7 @@ if (empty($reshook)) $localtax2 = $obj->localtax2; $localtax1_type = $obj->localtax1_type; $localtax2_type = $obj->localtax2_type; - } + } } $pricestoupdate[$i] = array( @@ -469,7 +469,7 @@ if (empty($reshook)) $prodcustprice->price_base_type = GETPOST("price_base_type", 'alpha'); $tva_tx_txt = GETPOST("tva_tx"); - + $vatratecode = ''; // We must define tva_tx, npr and local taxes $tva_tx = preg_replace('/[^0-9\.].*$/', '', $tva_tx_txt); // keep remove all after the numbers and dot @@ -496,8 +496,8 @@ if (empty($reshook)) $localtax1_type = $obj->localtax1_type; $localtax2_type = $obj->localtax2_type; } - } - + } + $prodcustprice->default_vat_code = $vatratecode; $prodcustprice->tva_tx = $tva_tx; $prodcustprice->recuperableonly = $npr; @@ -505,7 +505,7 @@ if (empty($reshook)) $prodcustprice->localtax2_tx = $localtax2; $prodcustprice->localtax1_type = $localtax1_type; $prodcustprice->localtax2_type = $localtax2_type; - + if (! ($prodcustprice->fk_soc > 0)) { $langs->load("errors"); @@ -591,7 +591,7 @@ if (empty($reshook)) $localtax2_type = $obj->localtax2_type; } } - + $prodcustprice->default_vat_code = $vatratecode; $prodcustprice->tva_tx = $tva_tx; $prodcustprice->recuperableonly = $npr; @@ -599,7 +599,7 @@ if (empty($reshook)) $prodcustprice->localtax2_tx = $localtax2; $prodcustprice->localtax1_type = $localtax1_type; $prodcustprice->localtax2_type = $localtax2_type; - + if ($prodcustprice->price_min < $maxpricesupplier && !empty($conf->global->PRODUCT_MINIMUM_RECOMMENDED_PRICE)) { setEventMessages($langs->trans("MinimumPriceLimit",price($maxpricesupplier,0,'',1,-1,-1,'auto')), null, 'errors'); @@ -658,7 +658,10 @@ dol_fiche_head($head, 'price', $titre, 0, $picto); $linkback = ''.$langs->trans("BackToList").''; -dol_banner_tab($object, 'ref', $linkback, ($user->societe_id?0:1), 'ref'); +$shownav = 1; +if ($user->societe_id && ! in_array('product', explode(',',$conf->global->MAIN_MODULES_FOR_EXTERNAL))) $shownav=0; + +dol_banner_tab($object, 'ref', $linkback, $shownav, 'ref'); print '
'; @@ -702,7 +705,7 @@ if (! empty($conf->global->PRODUIT_MULTIPRICES)) print price($object->multiprices_min[$soc->price_level]) . ' ' . $langs->trans(empty($object->multiprices_base_type[$soc->price_level])?'HT':$object->multiprices_base_type[$soc->price_level]); } print ''; - + if (! empty($conf->global->PRODUIT_MULTIPRICES_USE_VAT_PER_LEVEL)) // using this option is a bug. kept for backward compatibility { // TVA @@ -719,7 +722,7 @@ if (! empty($conf->global->PRODUIT_MULTIPRICES)) else print vatrate($object->tva_tx . ($object->tva_npr ? '*' : ''), true); print ''; } - + } else { @@ -742,9 +745,9 @@ if (! empty($conf->global->PRODUIT_MULTIPRICES)) print ''; } print ''; - + print '
'; - + print ''; print ''; $var=True; - + for($i = 1; $i <= $conf->global->PRODUIT_MULTIPRICES_LIMIT; $i++) { $var = ! $var; - + print ''; // Label of price @@ -824,7 +827,7 @@ if (! empty($conf->global->PRODUIT_MULTIPRICES)) print ''; print ''; print ''; - foreach ($object->prices_by_qty_list[$i] as $ii => $prices) + foreach ($object->prices_by_qty_list[$i] as $ii => $prices) { if ($action == 'edit_price_by_qty' && $rowid == $prices['rowid'] && ($user->rights->produit->creer || $user->rights->service->creer)) { print ''; @@ -882,15 +885,15 @@ if (! empty($conf->global->PRODUIT_MULTIPRICES)) } } } -} -else +} +else { // TVA print ''; @@ -1021,18 +1024,18 @@ if (! $action || $action == 'delete' || $action == 'showlog_customer_price' || $ print '
id . '">' . $langs->trans("AddCustomerPrice") . '
'; } } - + if (! empty($conf->global->PRODUIT_MULTIPRICES)) { if ($user->rights->produit->creer || $user->rights->service->creer) { print '
' . $langs->trans("UpdateVAT") . '
'; } - + if ($user->rights->produit->creer || $user->rights->service->creer) { print '
' . $langs->trans("UpdateLevelPrices") . '
'; } } - + print "\n\n"; } @@ -1041,7 +1044,7 @@ if (! $action || $action == 'delete' || $action == 'showlog_customer_price' || $ /* * Edit price area */ - + if ($action == 'edit_vat' && ($user->rights->produit->creer || $user->rights->service->creer)) { print load_fiche_titre($langs->trans("UpdateVAT"), ''); @@ -1052,9 +1055,9 @@ if ($action == 'edit_vat' && ($user->rights->produit->creer || $user->rights->se print ''; dol_fiche_head(''); - + print '
'; print $langs->trans("PriceLevel"); @@ -755,11 +758,11 @@ if (! empty($conf->global->PRODUIT_MULTIPRICES)) print '
' . $langs->trans("Discount") . ' 
' . $langs->trans("VATRate") . ''; if ($object->default_vat_code) { print vatrate($object->tva_tx, true) . ' ('.$object->default_vat_code.')'; - } + } else print vatrate($object->tva_tx, true, $object->tva_npr, true); print '
'; - + // VAT print ''; - + // Price base print '"; $tva_tx = $line->default_vat_code ? $line->tva_tx.' ('.$line->default_vat_code.')' : $line->tva_tx; - + print '"; print '"; print '"; @@ -1756,7 +1763,7 @@ if (! empty($conf->global->PRODUIT_CUSTOMER_PRICES)) { // List of all prices by customers print ''."\n"; - + // Count total nb of records $nbtotalofrecords = ''; if (empty($conf->global->MAIN_DISABLE_FULL_SCANLIST)) { @@ -1802,15 +1809,15 @@ if (! empty($conf->global->PRODUIT_CUSTOMER_PRICES)) print ''; print ''; } - + $var = False; - - + + // Line for default price print ""; print ""; print ""; - + print '"; print '"; print '"; @@ -1834,21 +1841,21 @@ if (! empty($conf->global->PRODUIT_CUSTOMER_PRICES)) } print "\n"; - + if (count($prodcustprice->lines) > 0) { $var = false; foreach ($prodcustprice->lines as $line) { $var = ! $var; - + print ""; // Date $staticsoc = new Societe($db); $staticsoc->fetch($line->fk_soc); $tva_tx = $line->default_vat_code ? $line->tva_tx.' ('.$line->default_vat_code.')' : $line->tva_tx; - + print ""; print ""; diff --git a/htdocs/product/stats/card.php b/htdocs/product/stats/card.php index d0a85756c04..76a4ce02b6e 100644 --- a/htdocs/product/stats/card.php +++ b/htdocs/product/stats/card.php @@ -69,7 +69,7 @@ if (! empty($id) || ! empty($ref) || GETPOST('id') == 'all') { llxHeader("",$langs->trans("ProductStatistics")); - $type = GETPOST('type'); + $type = GETPOST('type', 'intcomma'); $helpurl=''; if ($type == '0') @@ -124,8 +124,11 @@ if (! empty($id) || ! empty($ref) || GETPOST('id') == 'all') dol_fiche_head($head, 'stats', $titre, 0, $picto); $linkback = ''.$langs->trans("BackToList").''; - - dol_banner_tab($object, 'ref', $linkback, ($user->societe_id?0:1), 'ref', '', '', '', 0, '', '', 1); + + $shownav = 1; + if ($user->societe_id && ! in_array('product', explode(',',$conf->global->MAIN_MODULES_FOR_EXTERNAL))) $shownav=0; + + dol_banner_tab($object, 'ref', $linkback, $shownav, 'ref', '', '', '', 0, '', '', 1); dol_fiche_end(); } @@ -323,15 +326,15 @@ if (! empty($id) || ! empty($ref) || GETPOST('id') == 'all') foreach($graphfiles as $key => $val) { if (! $graphfiles[$key]['file']) continue; - + if ($graphfiles == 'propal' && ! $user->rights->propale->lire) continue; if ($graphfiles == 'order' && ! $user->rights->commande->lire) continue; if ($graphfiles == 'invoices' && ! $user->rights->facture->lire) continue; if ($graphfiles == 'proposals_suppliers' && ! $user->rights->supplier_proposal->lire) continue; if ($graphfiles == 'invoices_suppliers' && ! $user->rights->fournisseur->facture->lire) continue; if ($graphfiles == 'orders_suppliers' && ! $user->rights->fournisseur->commande->lire) continue; - - + + if ($i % 2 == 0) { print "\n".'
'."\n"; @@ -340,7 +343,7 @@ if (! empty($id) || ! empty($ref) || GETPOST('id') == 'all') { print "\n".'
'."\n"; } - + // Date generation if ($graphfiles[$key]['output'] && ! $px->isGraphKo()) { @@ -352,7 +355,7 @@ if (! empty($id) || ! empty($ref) || GETPOST('id') == 'all') print $dategenerated=($mesg?''.$mesg.'':$langs->trans("ChartNotGenerated")); } $linktoregenerate='id).((string) $type != ''?'&type='.$type:'').'&action=recalcul&mode='.$mode.'">'.img_picto($langs->trans("ReCalculate").' ('.$dategenerated.')','refresh').''; - + // Show graph print '
' . $langs->trans("VATRate") . ''; print $form->load_tva("tva_tx", $object->default_vat_code ? $object->tva_tx.' ('.$object->default_vat_code.')' : $object->tva_tx, $mysoc, '', $object->id, $object->tva_npr, $object->type, false, 1); @@ -1072,7 +1075,7 @@ if ($action == 'edit_vat' && ($user->rights->produit->creer || $user->rights->se print '

'; } - + if ($action == 'edit_price' && $object->getRights()->creer) { print load_fiche_titre($langs->trans("NewPrice"), ''); @@ -1085,7 +1088,7 @@ if ($action == 'edit_price' && $object->getRights()->creer) print ''; dol_fiche_head(''); - + print ''; // VAT @@ -1168,7 +1171,7 @@ if ($action == 'edit_price' && $object->getRights()->creer) } print ''; print ''; - + print '
'; dol_fiche_end(); @@ -1213,21 +1216,21 @@ if ($action == 'edit_price' && $object->getRights()->creer) print ''; dol_fiche_head(''); - + if (! empty($conf->global->PRODUIT_MULTIPRICES) && ! empty($conf->global->PRODUIT_MULTIPRICES_ALLOW_AUTOCALC_PRICELEVEL)) { print $langs->trans('UseMultipriceRules'). ' price_autogen ? 'checked' : '').'>

'; } print ''; print ''; - + print ''; if (!empty($conf->global->PRODUIT_MULTIPRICES_USE_VAT_PER_LEVEL)) print ''; else print ''; - + print ''; - + print ''; if (!empty($conf->global->PRODUCT_MINIMUM_RECOMMENDED_PRICE)) { @@ -1236,9 +1239,9 @@ if ($action == 'edit_price' && $object->getRights()->creer) print ''; print ''; - + $var = false; - for ($i = 1; $i <= $conf->global->PRODUIT_MULTIPRICES_LIMIT; $i ++) + for ($i = 1; $i <= $conf->global->PRODUIT_MULTIPRICES_LIMIT; $i ++) { $var = !$var; @@ -1291,11 +1294,11 @@ if ($action == 'edit_price' && $object->getRights()->creer) } print ''; - + print '
'.$langs->trans("PriceLevel").''.$langs->trans("VATRate").''.$langs->trans("SellingPrice").''.$langs->trans("MinPrice").'
'; - + dol_fiche_end(); - + print '
'; print ''; print '   '; @@ -1321,48 +1324,50 @@ if ((empty($conf->global->PRODUIT_CUSTOMER_PRICES) || $action=='showlog_default_ if (! empty($socid) && ! empty($conf->global->PRODUIT_MULTIPRICES)) $sql .= " AND p.price_level = " . $soc->price_level; $sql .= " ORDER BY p.date_price DESC, p.rowid DESC, p.price_level ASC"; // $sql .= $db->plimit(); - + $result = $db->query($sql); if ($result) { - $num = $db->num_rows($result); - + print '
'; + + $num = $db->num_rows($result); + if (! $num) { $db->free($result); - + // Il doit au moins y avoir la ligne de prix initial. // On l'ajoute donc pour remettre a niveau (pb vieilles versions) $object->updatePrice($object->price, $object->price_base_type, $user, $newprice_min); - + $result = $db->query($sql); $num = $db->num_rows($result); } - + if ($num > 0) { // Default prices or // Log of previous customer prices $backbutton='' . $langs->trans("Back") . ''; - + if (! empty($conf->global->PRODUIT_CUSTOMER_PRICES)) print_barre_liste($langs->trans("DefaultPrice"), 0, $_SERVER["PHP_SELF"], '', '', '', $backbutton, $num, $num, 'title_accountancy.png'); else print_barre_liste($langs->trans("PriceByCustomerLog"), 0, $_SERVER["PHP_SELF"], '', '', '', '', $num, $num, 'title_accountancy.png'); //if (! empty($conf->global->PRODUIT_CUSTOMER_PRICES)) print_barre_liste($langs->trans("DefaultPrice"),'','','','','',$backbutton, 0, 0, 'title_accountancy.png'); //else print_barre_liste($langs->trans("PriceByCustomerLog"),'','','','','','', 0, 0, 'title_accountancy.png'); - + print '
'; print ''; - + print ''; print ''; - + if (! empty($conf->global->PRODUIT_MULTIPRICES)) { print ''; } if (! empty($conf->global->PRODUIT_CUSTOMER_PRICES_BY_QTY)) { print ''; } - + print ''; print $conf->global->PRODUIT_MULTIPRICES_USE_VAT_PER_LEVEL; if (empty($conf->global->PRODUIT_MULTIPRICES)) print ''; @@ -1377,9 +1382,9 @@ if ((empty($conf->global->PRODUIT_CUSTOMER_PRICES) || $action=='showlog_default_ if ($user->rights->produit->supprimer) print ''; print ''; - + $notfirstlineforlevel=array(); - + $var = True; $i = 0; while ($i < $num) @@ -1389,7 +1394,7 @@ if ((empty($conf->global->PRODUIT_CUSTOMER_PRICES) || $action=='showlog_default_ print ''; // Date print ""; - + // Price level if (! empty($conf->global->PRODUIT_MULTIPRICES)) { print '"; @@ -1400,9 +1405,9 @@ if ((empty($conf->global->PRODUIT_CUSTOMER_PRICES) || $action=='showlog_default_ $type = ($objp->price_by_qty == 1) ? 'PriceByQuantity' : 'Standard'; print '"; } - + print '"; - if (empty($conf->global->PRODUIT_MULTIPRICES)) + if (empty($conf->global->PRODUIT_MULTIPRICES)) { print '"; } - + // Price if (! empty($objp->fk_price_expression) && ! empty($conf->dynamicprices->enabled)) { @@ -1433,23 +1438,23 @@ if ((empty($conf->global->PRODUIT_CUSTOMER_PRICES) || $action=='showlog_default_ } print ''; print ''; - + // User print ''; - + // Action if ($user->rights->produit->supprimer) { $candelete=0; - if (! empty($conf->global->PRODUIT_MULTIPRICES)) + if (! empty($conf->global->PRODUIT_MULTIPRICES)) { if (empty($notfirstlineforlevel[$objp->price_level])) $notfirstlineforlevel[$objp->price_level]=1; else $candelete=1; } elseif ($i > 0) $candelete=1; - + print ''; } - + print "\n"; $i++; } - + $db->free($result); print "
' . $langs->trans("AppliedPricesFrom") . '' . $langs->trans("PriceLevel") . '' . $langs->trans("Type") . '' . $langs->trans("PriceBase") . '' . $langs->trans("VATRate") . ' 
" . dol_print_date($db->jdate($objp->dp), "dayhour") . "' . $objp->price_level . "' . $langs->trans($type) . "' . $langs->trans($objp->price_base_type) . "'; if ($objp->default_vat_code) @@ -1412,7 +1417,7 @@ if ((empty($conf->global->PRODUIT_CUSTOMER_PRICES) || $action=='showlog_default_ else print vatrate($objp->tva_tx, true, $objp->recuperableonly); print "' . ($objp->price_base_type != 'TTC' ? price($objp->price_min) : '') . '' . ($objp->price_base_type == 'TTC' ? price($objp->price_min_ttc) : '') . '' . img_object($langs->trans("ShowUser"), 'user') . ' ' . $objp->login . ''; - if ($candelete) + if ($candelete) { print 'id . '&lineid=' . $objp->rowid . '">'; print img_delete(); @@ -1458,16 +1463,18 @@ if ((empty($conf->global->PRODUIT_CUSTOMER_PRICES) || $action=='showlog_default_ print ' '; // Can not delete last price (it's current price) print '
"; print '
'; print "
"; } + + print '
'; } else { dol_print_error($db); } @@ -1511,9 +1518,9 @@ if (! empty($conf->global->PRODUIT_CUSTOMER_PRICES)) print ''; print ''; print ''; - + dol_fiche_head(); - + print ''; print ''; print ''; @@ -1575,7 +1582,7 @@ if (! empty($conf->global->PRODUIT_CUSTOMER_PRICES)) print '
' . $langs->trans('ThirdParty') . '
'; dol_fiche_end(); - + print '
'; print ''; print '     '; @@ -1612,7 +1619,7 @@ if (! empty($conf->global->PRODUIT_CUSTOMER_PRICES)) print '
' . $langs->trans("VATRate") . ''; print $form->load_tva("tva_tx", $prodcustprice->default_vat_code ? $prodcustprice->tva_tx.' ('.$prodcustprice->default_vat_code.')' : $prodcustprice->tva_tx, $mysoc, '', $object->id, $prodcustprice->recuperableonly, $object->type, false, 1); print '
'; print $langs->trans('PriceBase'); @@ -1689,12 +1696,12 @@ if (! empty($conf->global->PRODUIT_CUSTOMER_PRICES)) $staticsoc = new Societe($db); $staticsoc->fetch(GETPOST('socid', 'int')); - + $title=$langs->trans('PriceByCustomerLog'); $title.=' - '.$staticsoc->getNomUrl(1); $backbutton='' . $langs->trans("Back") . ''; - + print_barre_liste($title, $page, $_SERVEUR['PHP_SELF'], $option, $sortfield, $sortorder, $backbutton, count($prodcustprice->lines), $nbtotalofrecords, 'title_accountancy.png'); if (count($prodcustprice->lines) > 0) @@ -1732,7 +1739,7 @@ if (! empty($conf->global->PRODUIT_CUSTOMER_PRICES)) print "" . dol_print_date($line->datec, "dayhour") . "' . $langs->trans($line->price_base_type) . "' . vatrate($tva_tx, true, $line->recuperableonly) . "' . price($line->price) . "
" . $langs->trans("Default") . "" . "' . $langs->trans($object->price_base_type) . "' . vatrate($object->tva_tx, true, $object->recuperableonly) . "' . price($object->price) . "
" . $staticsoc->getNomUrl(1) . "" . dol_print_date($line->datec, "dayhour") . "
'; // Label @@ -366,7 +369,7 @@ if (! empty($id) || ! empty($ref) || GETPOST('id') == 'all') print $graphfiles[$key]['output']; print ''; print '
'; - + if ($i % 2 == 0) { print "\n".'
'."\n"; @@ -376,7 +379,7 @@ if (! empty($id) || ! empty($ref) || GETPOST('id') == 'all') print "\n".'
'; print '

'."\n"; } - + $i++; } } diff --git a/htdocs/product/stats/commande.php b/htdocs/product/stats/commande.php index 192017af2a5..3792217b20f 100644 --- a/htdocs/product/stats/commande.php +++ b/htdocs/product/stats/commande.php @@ -82,7 +82,7 @@ if ($id > 0 || ! empty($ref)) $result = $product->fetch($id, $ref); $object = $product; - + $parameters=array('id'=>$id); $reshook=$hookmanager->executeHooks('doActions',$parameters,$product,$action); // Note that $action and $object may have been modified by some hooks if ($reshook < 0) setEventMessages($hookmanager->error, $hookmanager->errors, 'errors'); @@ -100,11 +100,14 @@ if ($id > 0 || ! empty($ref)) if ($reshook < 0) setEventMessages($hookmanager->error, $hookmanager->errors, 'errors'); $linkback = ''.$langs->trans("BackToList").''; - - dol_banner_tab($object, 'ref', $linkback, ($user->societe_id?0:1), 'ref'); - + + $shownav = 1; + if ($user->societe_id && ! in_array('product', explode(',',$conf->global->MAIN_MODULES_FOR_EXTERNAL))) $shownav=0; + + dol_banner_tab($object, 'ref', $linkback, $shownav, 'ref'); + print '
'; - + print '
'; print ''; @@ -114,9 +117,9 @@ if ($id > 0 || ! empty($ref)) print ''; print '
'; - + dol_fiche_end(); - + if ($user->rights->commande->lire) { diff --git a/htdocs/product/stats/commande_fournisseur.php b/htdocs/product/stats/commande_fournisseur.php index bed3be1892f..46731f3ab37 100644 --- a/htdocs/product/stats/commande_fournisseur.php +++ b/htdocs/product/stats/commande_fournisseur.php @@ -88,7 +88,7 @@ if ($id > 0 || ! empty($ref)) { $result = $product->fetch($id, $ref); $object = $product; - + $parameters = array ('id' => $id); $reshook = $hookmanager->executeHooks('doActions', $parameters, $product, $action); // Note that $action and $object may have been modified by some hooks if ($reshook < 0) @@ -96,7 +96,7 @@ if ($id > 0 || ! empty($ref)) { llxHeader("", "", $langs->trans("CardProduct" . $product->type)); - if ($result > 0) + if ($result > 0) { $head = product_prepare_head($product); $titre = $langs->trans("CardProduct" . $product->type); @@ -108,11 +108,14 @@ if ($id > 0 || ! empty($ref)) { setEventMessages($hookmanager->error, $hookmanager->errors, 'errors'); $linkback = ''.$langs->trans("BackToList").''; - - dol_banner_tab($object, 'ref', $linkback, ($user->societe_id?0:1), 'ref'); - + + $shownav = 1; + if ($user->societe_id && ! in_array('product', explode(',',$conf->global->MAIN_MODULES_FOR_EXTERNAL))) $shownav=0; + + dol_banner_tab($object, 'ref', $linkback, $shownav, 'ref'); + print '
'; - + print '
'; print '
'; @@ -122,9 +125,9 @@ if ($id > 0 || ! empty($ref)) { print ''; print '
'; - + dol_fiche_end(); - + if ($user->rights->fournisseur->commande->lire) { diff --git a/htdocs/product/stats/contrat.php b/htdocs/product/stats/contrat.php index 8c5f1a3ba86..754c299fbfd 100644 --- a/htdocs/product/stats/contrat.php +++ b/htdocs/product/stats/contrat.php @@ -72,7 +72,7 @@ if ($id > 0 || ! empty($ref)) $result = $product->fetch($id, $ref); $object = $product; - + $parameters=array('id'=>$id); $reshook=$hookmanager->executeHooks('doActions',$parameters,$product,$action); // Note that $action and $object may have been modified by some hooks if ($reshook < 0) setEventMessages($hookmanager->error, $hookmanager->errors, 'errors'); @@ -90,11 +90,14 @@ if ($id > 0 || ! empty($ref)) if ($reshook < 0) setEventMessages($hookmanager->error, $hookmanager->errors, 'errors'); $linkback = ''.$langs->trans("BackToList").''; - - dol_banner_tab($object, 'ref', $linkback, ($user->societe_id?0:1), 'ref'); - + + $shownav = 1; + if ($user->societe_id && ! in_array('product', explode(',',$conf->global->MAIN_MODULES_FOR_EXTERNAL))) $shownav=0; + + dol_banner_tab($object, 'ref', $linkback, $shownav, 'ref'); + print '
'; - + print '
'; print '
'; @@ -104,9 +107,9 @@ if ($id > 0 || ! empty($ref)) print ''; print '
'; - + dol_fiche_end(); - + $now=dol_now(); @@ -141,7 +144,7 @@ if ($id > 0 || ! empty($ref)) $option .= '&search_month=' . $search_month; if (! empty($search_year)) $option .= '&search_year=' . $search_year; - + print '' . "\n"; if (! empty($sortfield)) print ''; @@ -151,7 +154,7 @@ if ($id > 0 || ! empty($ref)) print ''; $option .= '&page=' . $page; } - + print_barre_liste($langs->trans("Contrats"),$page,$_SERVER["PHP_SELF"],"&id=$product->id",$sortfield,$sortorder,'',$num,0,''); $i = 0; @@ -197,7 +200,7 @@ if ($id > 0 || ! empty($ref)) $i++; } } - + print '
'; print '
'; print ''; diff --git a/htdocs/product/stats/facture.php b/htdocs/product/stats/facture.php index 53e5b0ab0a6..1c7b717f6d1 100644 --- a/htdocs/product/stats/facture.php +++ b/htdocs/product/stats/facture.php @@ -83,9 +83,9 @@ if ($id > 0 || ! empty($ref)) { $product = new Product($db); $result = $product->fetch($id, $ref); - + $object = $product; - + $parameters=array('id'=>$id); $reshook=$hookmanager->executeHooks('doActions',$parameters,$product,$action); // Note that $action and $object may have been modified by some hooks if ($reshook < 0) setEventMessages($hookmanager->error, $hookmanager->errors, 'errors'); @@ -117,11 +117,14 @@ if ($id > 0 || ! empty($ref)) if ($reshook < 0) setEventMessages($hookmanager->error, $hookmanager->errors, 'errors'); $linkback = ''.$langs->trans("BackToList").''; - - dol_banner_tab($object, 'ref', $linkback, ($user->societe_id?0:1), 'ref'); - + + $shownav = 1; + if ($user->societe_id && ! in_array('product', explode(',',$conf->global->MAIN_MODULES_FOR_EXTERNAL))) $shownav=0; + + dol_banner_tab($object, 'ref', $linkback, $shownav, 'ref'); + print '
'; - + print '
'; print ''; @@ -131,14 +134,14 @@ if ($id > 0 || ! empty($ref)) print ''; print '
'; - + dol_fiche_end(); if ($showmessage && $nboflines > 1) { print $langs->trans("ClinkOnALinkOfColumn", $langs->transnoentitiesnoconv("Referers")); } - elseif ($user->rights->facture->lire) + elseif ($user->rights->facture->lire) { $sql = "SELECT DISTINCT s.nom as name, s.rowid as socid, s.code_client,"; $sql.= " f.facnumber, f.datef, f.paye, f.fk_statut as statut, f.rowid as facid,"; @@ -164,13 +167,13 @@ if ($id > 0 || ! empty($ref)) $total_ht=0; $total_qty=0; $totalrecords=0; - if (empty($conf->global->MAIN_DISABLE_FULL_SCANLIST)) + if (empty($conf->global->MAIN_DISABLE_FULL_SCANLIST)) { $result = $db->query($sql); - if ($result) + if ($result) { $totalrecords = $db->num_rows($result); - while ($objp = $db->fetch_object($result)) + while ($objp = $db->fetch_object($result)) { $total_ht+=$objp->total_ht; $total_qty+=$objp->qty; diff --git a/htdocs/product/stats/facture_fournisseur.php b/htdocs/product/stats/facture_fournisseur.php index 6fe189c7700..f4da679fd3d 100644 --- a/htdocs/product/stats/facture_fournisseur.php +++ b/htdocs/product/stats/facture_fournisseur.php @@ -84,7 +84,7 @@ if ($id > 0 || ! empty($ref)) $result = $product->fetch($id, $ref); $object = $product; - + $parameters = array('id' => $id); $reshook = $hookmanager->executeHooks('doActions', $parameters, $product, $action); // Note that $action and $object may have been modified by some hooks if ($reshook < 0) setEventMessages($hookmanager->error, $hookmanager->errors, 'errors'); @@ -102,11 +102,14 @@ if ($id > 0 || ! empty($ref)) if ($reshook < 0) setEventMessages($hookmanager->error, $hookmanager->errors, 'errors'); $linkback = ''.$langs->trans("BackToList").''; - - dol_banner_tab($object, 'ref', $linkback, ($user->societe_id?0:1), 'ref'); - + + $shownav = 1; + if ($user->societe_id && ! in_array('product', explode(',',$conf->global->MAIN_MODULES_FOR_EXTERNAL))) $shownav=0; + + dol_banner_tab($object, 'ref', $linkback, $shownav, 'ref'); + print '
'; - + print '
'; print '
'; @@ -116,9 +119,9 @@ if ($id > 0 || ! empty($ref)) print ''; print '
'; - + dol_fiche_end(); - + if ($user->rights->fournisseur->facture->lire) { diff --git a/htdocs/product/stats/propal.php b/htdocs/product/stats/propal.php index 289cf3d3578..04a32e2d94e 100644 --- a/htdocs/product/stats/propal.php +++ b/htdocs/product/stats/propal.php @@ -82,7 +82,7 @@ if ($id > 0 || ! empty($ref)) $result = $product->fetch($id, $ref); $object = $product; - + $parameters = array ('id' => $id); $reshook = $hookmanager->executeHooks('doActions', $parameters, $product, $action); // Note that $action and $object may have been modified by some hooks if ($reshook < 0) setEventMessages($hookmanager->error, $hookmanager->errors, 'errors'); @@ -100,11 +100,14 @@ if ($id > 0 || ! empty($ref)) if ($reshook < 0) setEventMessages($hookmanager->error, $hookmanager->errors, 'errors'); $linkback = ''.$langs->trans("BackToList").''; - - dol_banner_tab($object, 'ref', $linkback, ($user->societe_id?0:1), 'ref'); - + + $shownav = 1; + if ($user->societe_id && ! in_array('product', explode(',',$conf->global->MAIN_MODULES_FOR_EXTERNAL))) $shownav=0; + + dol_banner_tab($object, 'ref', $linkback, $shownav, 'ref'); + print '
'; - + print '
'; print '
'; @@ -114,11 +117,11 @@ if ($id > 0 || ! empty($ref)) print ''; print '
'; - - dol_fiche_end(); - - if ($user->rights->propale->lire) + dol_fiche_end(); + + + if ($user->rights->propale->lire) { $sql = "SELECT DISTINCT s.nom as name, s.rowid as socid, p.rowid as propalid, p.ref, d.total_ht as amount,"; $sql .= " p.ref_client,"; @@ -239,7 +242,7 @@ if ($id > 0 || ! empty($ref)) } } } - + print ''; print ''; print ''; diff --git a/htdocs/product/stock/card.php b/htdocs/product/stock/card.php index eb853539e01..72b5af2f528 100644 --- a/htdocs/product/stock/card.php +++ b/htdocs/product/stock/card.php @@ -100,7 +100,7 @@ if ($action == 'add' && $user->rights->stock->creer) setEventMessages($object->error, $object->errors, 'errors'); } } - else + else { setEventMessages($langs->trans("ErrorWarehouseRefRequired"), null, 'errors'); $action="create"; // Force retour sur page creation @@ -194,7 +194,7 @@ if ($action == 'create') print ''; print ''; - + // Parent entrepot print ''; - + } // Description diff --git a/htdocs/product/stock/info.php b/htdocs/product/stock/info.php index 7f6a9f6031b..a088ac289b8 100644 --- a/htdocs/product/stock/info.php +++ b/htdocs/product/stock/info.php @@ -54,9 +54,12 @@ $morehtmlref='
'; $morehtmlref.=$langs->trans("LocationSummary").' : '.$object->lieu; $morehtmlref.='
'; -dol_banner_tab($object, 'id', $linkback, 1, 'rowid', 'libelle', $morehtmlref); +$shownav = 1; +if ($user->societe_id && ! in_array('stock', explode(',',$conf->global->MAIN_MODULES_FOR_EXTERNAL))) $shownav=0; + +dol_banner_tab($object, 'id', $linkback, $shownav, 'rowid', 'libelle', $morehtmlref); + - print '
'; print '
'; diff --git a/htdocs/product/stock/mouvement.php b/htdocs/product/stock/mouvement.php index de46538a037..8479d6e8bd3 100644 --- a/htdocs/product/stock/mouvement.php +++ b/htdocs/product/stock/mouvement.php @@ -99,7 +99,7 @@ $arrayfields=array( //'m.tms'=>array('label'=>$langs->trans("DateModificationShort"), 'checked'=>0, 'position'=>500) ); -$object = new MouvementStock($db); // To be passed as parameter of executeHooks that need +$object = new MouvementStock($db); // To be passed as parameter of executeHooks that need /* @@ -164,7 +164,7 @@ if ($action == "correct_stock") //$sellby=GETPOST('sellby'); $eatby=dol_mktime(0, 0, 0, GETPOST('eatbymonth'), GETPOST('eatbyday'), GETPOST('eatbyyear')); $sellby=dol_mktime(0, 0, 0, GETPOST('sellbymonth'), GETPOST('sellbyday'), GETPOST('sellbyyear')); - + $result=$product->correct_stock_batch( $user, $id, @@ -210,7 +210,7 @@ if ($action == "transfert_stock" && ! $cancel) { $product = new Product($db); if (! empty($product_id)) $result=$product->fetch($product_id); - + if (! (GETPOST("id_entrepot_destination",'int') > 0)) { setEventMessages($langs->trans("ErrorFieldRequired", $langs->transnoentitiesnoconv("Warehouse")), null, 'errors'); @@ -264,7 +264,7 @@ if ($action == "transfert_stock" && ! $cancel) $pricesrc=0; if (isset($product->pmp)) $pricesrc=$product->pmp; $pricedest=$pricesrc; - + if ($product->hasbatch()) { $pdluo = new Productbatch($db); @@ -488,8 +488,8 @@ if ($resql) $num = $db->num_rows($resql); $arrayofselected=is_array($toselect)?$toselect:array(); - - + + $i = 0; $help_url='EN:Module_Stocks_En|FR:Module_Stock|ES:Módulo_Stocks'; $texte = $langs->trans("ListOfStockMovements"); @@ -505,20 +505,23 @@ if ($resql) dol_fiche_head($head, 'movements', $langs->trans("Warehouse"), 0, 'stock'); - + $linkback = ''.$langs->trans("BackToList").''; - + $morehtmlref='
'; $morehtmlref.=$langs->trans("LocationSummary").' : '.$object->lieu; $morehtmlref.='
'; - - dol_banner_tab($object, 'id', $linkback, 1, 'rowid', 'libelle', $morehtmlref); - - + + $shownav = 1; + if ($user->societe_id && ! in_array('stock', explode(',',$conf->global->MAIN_MODULES_FOR_EXTERNAL))) $shownav=0; + + dol_banner_tab($object, 'id', $linkback, $shownav, 'rowid', 'libelle', $morehtmlref); + + print '
'; print '
'; print '
'; - + print '
' . $langs->trans('Total') . '
'.$langs->trans("Ref").'
'.$langs->trans("LocationSummary").'
'.$langs->trans("AddIn").''; print $formproduct->selectWarehouses('', 'fk_parent', '', 1); @@ -276,7 +276,7 @@ else dol_fiche_head($head, 'card', $langs->trans("Warehouse"), 0, 'stock'); $formconfirm = ''; - + // Confirm delete third party if ($action == 'delete') { @@ -300,7 +300,10 @@ else $morehtmlref.=$langs->trans("LocationSummary").' : '.$object->lieu; $morehtmlref.=''; - dol_banner_tab($object, 'id', $linkback, 1, 'rowid', 'libelle', $morehtmlref); + $shownav = 1; + if ($user->societe_id && ! in_array('stock', explode(',',$conf->global->MAIN_MODULES_FOR_EXTERNAL))) $shownav=0; + + dol_banner_tab($object, 'id', $linkback, $shownav, 'rowid', 'libelle', $morehtmlref); print '
'; print '
'; @@ -315,7 +318,7 @@ else print '
'.$langs->trans("ParentWarehouse").''; print $e->getNomUrl(3); print '
'; // Description @@ -539,14 +542,14 @@ if ($resql) print ""; print '
'; - + print '
'; print '
'; print '
'; print '
'; - + print ''; - + // Value print '
'.$langs->trans("EstimatedStockValueShort").''; print price((empty($calcproducts['qty'])?'0':price2num($calcproducts['qty'],'MT')), 0, $langs, 0, -1, -1, $conf->currency); @@ -583,9 +586,9 @@ if ($resql) print ''; print ''; print ''; - + print '
'; - + dol_fiche_end(); } @@ -628,10 +631,10 @@ if ($resql) { print ''.$langs->trans("StockTransfer").''; } - + print '
'; } - + $param=''; if (! empty($contextpage) && $contextpage != $_SERVER["PHP_SELF"]) $param.='&contextpage='.$contextpage; if ($limit > 0 && $limit != $conf->liste_limit) $param.='&limit='.$limit; @@ -662,7 +665,7 @@ if ($resql) //if ($user->rights->stock->supprimer) $arrayofmassactions['delete']=$langs->trans("Delete"); if ($massaction == 'presend') $arrayofmassactions=array(); $massactionbutton=$form->selectMassAction('', $arrayofmassactions); - + print '
'; if ($optioncss != '') print ''; print ''; @@ -673,23 +676,23 @@ if ($resql) print ''; print ''; if ($id > 0) print ''; - + if ($id > 0) print_barre_liste($texte, $page, $_SERVER["PHP_SELF"], $param, $sortfield, $sortorder,$massactionbutton,$num, $nbtotalofrecords, '', 0, '', '', $limit); else print_barre_liste($texte, $page, $_SERVER["PHP_SELF"], $param, $sortfield, $sortorder,$massactionbutton,$num, $nbtotalofrecords, 'title_generic', 0, '', '', $limit); - + if ($sall) { foreach($fieldstosearchall as $key => $val) $fieldstosearchall[$key]=$langs->trans($val); print $langs->trans("FilterOnInto", $sall) . join(', ',$fieldstosearchall); } - + $moreforfilter=''; - + $parameters=array(); $reshook=$hookmanager->executeHooks('printFieldPreListTitle',$parameters); // Note that $action and $object may have been modified by hook if (empty($reshook)) $moreforfilter .= $hookmanager->resPrint; else $moreforfilter = $hookmanager->resPrint; - + if (! empty($moreforfilter)) { print '
'; @@ -699,10 +702,10 @@ if ($resql) $varpage=empty($contextpage)?$_SERVER["PHP_SELF"]:$contextpage; $selectedfields=$form->multiSelectArrayWithCheckbox('selectedfields', $arrayfields, $varpage); // This also change content of $arrayfields - + print '
'; print ''."\n"; - + print ""; if (! empty($arrayfields['m.rowid']['checked'])) print_liste_field_titre($arrayfields['m.rowid']['label'],$_SERVER["PHP_SELF"],'m.rowid','',$param,'',$sortfield,$sortorder); if (! empty($arrayfields['m.datem']['checked'])) print_liste_field_titre($arrayfields['m.datem']['label'],$_SERVER["PHP_SELF"],'m.datem','',$param,'',$sortfield,$sortorder); @@ -720,9 +723,9 @@ if ($resql) // Extra fields if (is_array($extrafields->attribute_label) && count($extrafields->attribute_label)) { - foreach($extrafields->attribute_label as $key => $val) + foreach($extrafields->attribute_label as $key => $val) { - if (! empty($arrayfields["ef.".$key]['checked'])) + if (! empty($arrayfields["ef.".$key]['checked'])) { $align=$extrafields->getAlignFlag($key); print_liste_field_titre($extralabels[$key],$_SERVER["PHP_SELF"],"ef.".$key,"",$param,($align?'align="'.$align.'"':''),$sortfield,$sortorder); @@ -740,14 +743,14 @@ if ($resql) // Lignes des champs de filtre print ''; - if (! empty($arrayfields['m.rowid']['checked'])) + if (! empty($arrayfields['m.rowid']['checked'])) { // Ref print ''; } - if (! empty($arrayfields['m.datem']['checked'])) + if (! empty($arrayfields['m.datem']['checked'])) { print ''; } - if (! empty($arrayfields['p.ref']['checked'])) + if (! empty($arrayfields['p.ref']['checked'])) { // Product Ref print ''; } - if (! empty($arrayfields['p.label']['checked'])) + if (! empty($arrayfields['p.label']['checked'])) { // Product label print ''; } // Batch - if (! empty($arrayfields['m.batch']['checked'])) + if (! empty($arrayfields['m.batch']['checked'])) { print ''; } if (! empty($arrayfields['pl.eatby']['checked'])) { print ''; + print ''; } if (! empty($arrayfields['pl.sellby']['checked'])) { @@ -788,42 +791,42 @@ if ($resql) print ''; } // Warehouse - if (! empty($arrayfields['e.label']['checked'])) + if (! empty($arrayfields['e.label']['checked'])) { print ''; } - if (! empty($arrayfields['m.fk_user_author']['checked'])) + if (! empty($arrayfields['m.fk_user_author']['checked'])) { // Author print ''; } - if (! empty($arrayfields['m.inventorycode']['checked'])) + if (! empty($arrayfields['m.inventorycode']['checked'])) { // Inventory code print ''; } - if (! empty($arrayfields['m.label']['checked'])) + if (! empty($arrayfields['m.label']['checked'])) { // Label of movement print ''; } - if (! empty($arrayfields['origin']['checked'])) + if (! empty($arrayfields['origin']['checked'])) { // Origin of movement print ''; } - if (! empty($arrayfields['m.value']['checked'])) + if (! empty($arrayfields['m.value']['checked'])) { // Qty print ''; } - // Actions + // Actions print ''; if (! $i) $totalarray['nbfield']++; - + print "\n"; $i++; } @@ -1012,7 +1015,7 @@ if ($resql) if (count($arrayofuniqueproduct) == 1 && is_numeric($year)) { print "
"; - + $productidselected=0; foreach ($arrayofuniqueproduct as $key => $val) { diff --git a/htdocs/product/stock/product.php b/htdocs/product/stock/product.php index 6bcf98e96c1..e3211b157df 100644 --- a/htdocs/product/stock/product.php +++ b/htdocs/product/stock/product.php @@ -106,10 +106,10 @@ $reshook=$hookmanager->executeHooks('doActions',$parameters,$object,$action); if ($reshook < 0) setEventMessages($hookmanager->error, $hookmanager->errors, 'errors'); if($action == 'addlimitstockwarehouse') { - + $seuil_stock_alerte = GETPOST('seuil_stock_alerte'); $desiredstock = GETPOST('desiredstock'); - + $maj_ok = true; if($seuil_stock_alerte == '') { setEventMessages($langs->trans("ErrorFieldRequired", $langs->transnoentitiesnoconv("StockLimit")), null, 'errors'); @@ -119,44 +119,44 @@ if($action == 'addlimitstockwarehouse') { setEventMessages($langs->trans("ErrorFieldRequired", $langs->transnoentitiesnoconv("DesiredStock")), null, 'errors'); $maj_ok = false; } - + if($maj_ok) { - + $pse = new ProductStockEntrepot($db); if($pse->fetch('', GETPOST('id'), GETPOST('fk_entrepot')) > 0) { - + // Update $pse->seuil_stock_alerte = $seuil_stock_alerte; $pse->desiredstock = $desiredstock; if($pse->update($user) > 0) setEventMessage($langs->trans('ProductStockWarehouseUpdated')); - + } else { - + // Create $pse->fk_entrepot = GETPOST('fk_entrepot'); $pse->fk_product = GETPOST('id'); $pse->seuil_stock_alerte = GETPOST('seuil_stock_alerte'); $pse->desiredstock = GETPOST('desiredstock'); if($pse->create($user) > 0) setEventMessage($langs->trans('ProductStockWarehouseCreated')); - + } - + } header("Location: ".$_SERVER["PHP_SELF"]."?id=".GETPOST('id')); exit; - + } if($action == 'delete_productstockwarehouse') { - + $pse = new ProductStockEntrepot($db); $pse->fetch(GETPOST('fk_productstockwarehouse')); if($pse->delete($user) > 0) setEventMessage($langs->trans('ProductStockWarehouseDeleted')); - + $action = ''; - + } // Set stock limit @@ -299,7 +299,7 @@ if ($action == "transfert_stock" && ! $cancel) { $object = new Product($db); $result=$object->fetch($id); - + if ($object->hasbatch() && ! $batchnumber) { setEventMessages($langs->trans("ErrorFieldRequired", $langs->transnoentitiesnoconv("batch_number")), null, 'errors'); @@ -307,7 +307,7 @@ if ($action == "transfert_stock" && ! $cancel) $action='transfert'; } } - + if (! $error) { if ($id) @@ -323,7 +323,7 @@ if ($action == "transfert_stock" && ! $cancel) $pricesrc=0; if (isset($object->pmp)) $pricesrc=$object->pmp; $pricedest=$pricesrc; - + if ($object->hasbatch()) { $pdluo = new Productbatch($db); @@ -496,7 +496,7 @@ if ($id > 0 || $ref) { $object = new Product($db); $result = $object->fetch($id,$ref); - + $object->load_stock(); $title = $langs->trans('ProductServiceCard'); @@ -525,15 +525,18 @@ if ($id > 0 || $ref) dol_htmloutput_events(); $linkback = ''.$langs->trans("BackToList").''; - - dol_banner_tab($object, 'ref', $linkback, ($user->societe_id?0:1), 'ref'); - + + $shownav = 1; + if ($user->societe_id && ! in_array('stock', explode(',',$conf->global->MAIN_MODULES_FOR_EXTERNAL))) $shownav=0; + + dol_banner_tab($object, 'ref', $linkback, $shownav, 'ref'); + print '
'; - + print '
'; print '
'; print ''; print ''; print ''; @@ -758,14 +761,14 @@ if ($resql) //print $formother->selectyear($syear,'year',1, 20, 5); print ''; print ''; print ''; @@ -773,14 +776,14 @@ if ($resql) print ''; - print ''; //print ''; print $formproduct->selectWarehouses($search_warehouse, 'search_warehouse', 'warehouseopen,warehouseinternal', 1, 0, 0, '', 0, 0, null, 'maxwidth200'); print ''; print ''; print ''; print ''; print ''; print ''; print ''; print '  '; print ''; @@ -869,7 +872,7 @@ if ($resql) print ''; print ''; $searchpitco=$form->showFilterAndCheckAddButtons(0); print $searchpitco; @@ -892,11 +895,11 @@ if ($resql) $productlot->batch= $objp->batch; $productlot->eatby= $objp->eatby; $productlot->sellby= $objp->sellby; - + $warehousestatic->id=$objp->entrepot_id; $warehousestatic->libelle=$objp->stock; $warehousestatic->lieu=$objp->lieu; - + $arrayofuniqueproduct[$objp->rowid]=$objp->produit; if(!empty($objp->fk_origin)) { $origin = $movement->get_origin($objp->fk_origin, $objp->origintype); @@ -998,7 +1001,7 @@ if ($resql) } print '
'; - - if ($conf->productbatch->enabled) + + if ($conf->productbatch->enabled) { print ''; - + // Hook formObject $parameters=array('colspan' => 3); $reshook=$hookmanager->executeHooks('formObjectOptions',$parameters,$object,$action); // Note that $action and $object may have been modified by hook - + // Desired stock print ''; $stocktheo = price2num($object->stock_theorique, 'MS'); - + // Calculating a theorical value print ''; print "
'.$langs->trans("ManageLotSerial").''; print $object->getLibStatut(0,2); @@ -595,11 +598,11 @@ if ($id > 0 || $ref) print '
'.$form->editfieldkey("StockLimit",'seuil_stock_alerte',$object->seuil_stock_alerte,$object,$user->rights->produit->creer).''; print $form->editfieldval("StockLimit",'seuil_stock_alerte',$object->seuil_stock_alerte,$object,$user->rights->produit->creer,'string'); print '
'.$form->editfieldkey($form->textwithpicto($langs->trans("DesiredStock"), $langs->trans("DesiredStockDesc"), 1),'desiredstock',$object->desiredstock,$object,$user->rights->produit->creer); print ''; @@ -623,7 +626,7 @@ if ($id > 0 || $ref) print '
'.$langs->trans("VirtualStock").'".(empty($stocktheo)?0:$stocktheo); @@ -705,7 +708,7 @@ if ($id > 0 || $ref) print ''; print '
'; - + dol_fiche_end(); } @@ -744,18 +747,18 @@ if (empty($reshook)) if (empty($action) && $object->id) { print "
\n"; - + if ($user->rights->stock->mouvement->creer) { print ''.$langs->trans("StockCorrection").''; } - + //if (($user->rights->stock->mouvement->creer) && ! $object->hasbatch()) if ($user->rights->stock->mouvement->creer) { print ''.$langs->trans("StockTransfer").''; } - + print '
'; } @@ -907,30 +910,30 @@ print "
"; print '
'; if(!empty($conf->global->STOCK_ALLOW_ADD_LIMIT_STOCK_BY_WAREHOUSE)) { - + print '

'; print_titre($langs->trans('AddNewProductStockWarehouse')); //print '
'; - + print ''; print ''; print ''; print ''; - + print ''; print ''; print ''; print ''; print ''; - + $pse = new ProductStockEntrepot($db); $lines = $pse->fetchAll(GETPOST('id')); - + if(!empty($lines)) { - + $var=false; foreach($lines as $line) { - + $ent = new Entrepot($db); $ent->fetch($line['fk_entrepot']); print ''; @@ -939,15 +942,15 @@ if(!empty($conf->global->STOCK_ALLOW_ADD_LIMIT_STOCK_BY_WAREHOUSE)) { print ''; print ''; $var=!$var; - + } } - + print "
'.$formproduct->selectWarehouses('', 'fk_entrepot').'
'.$ent->getNomUrl(3).''.img_delete().'
"; - + print ''; - + } llxFooter(); diff --git a/htdocs/product/stock/productlot_card.php b/htdocs/product/stock/productlot_card.php index 4d1b82307f8..e26dfdba905 100644 --- a/htdocs/product/stock/productlot_card.php +++ b/htdocs/product/stock/productlot_card.php @@ -112,21 +112,21 @@ if (empty($reshook)) $result = $object->setValueFrom('eatby', $newvalue, '', null, 'date', '', $user, 'PRODUCTLOT_MODIFY'); if ($result < 0) dol_print_error($db, $object->error); } - + if ($action == 'setsellby' && $user->rights->stock->creer) { $newvalue=dol_mktime(12, 0, 0, $_POST['sellbymonth'], $_POST['sellbyday'], $_POST['sellbyyear']); $result = $object->setValueFrom('sellby', $newvalue, '', null, 'date', '', $user, 'PRODUCTLOT_MODIFY'); if ($result < 0) dol_print_error($db, $object->error); } - + if ($action == 'update_extras') { // Fill array 'array_options' with data from update form $extralabels = $extrafields->fetch_name_optionals_label($object->table_element); $ret = $extrafields->setOptionalsFromPost($extralabels, $object, GETPOST('attribute')); if ($ret < 0) $error++; - + if (! $error) { // Actions on extra fields (by external module or standard code) @@ -142,11 +142,11 @@ if (empty($reshook)) } else if ($reshook < 0) $error++; } - + if ($error) $action = 'edit_extras'; } - + // Action to add record if ($action == 'add') { @@ -160,7 +160,7 @@ if (empty($reshook)) $error=0; /* object_prop_getpost_prop */ - + $object->entity=GETPOST('entity','int'); $object->fk_product=GETPOST('fk_product','int'); $object->batch=GETPOST('batch','alpha'); @@ -204,7 +204,7 @@ if (empty($reshook)) if ($action == 'update' && ! GETPOST('cancel')) { $error=0; - + $object->entity=GETPOST('entity','int'); $object->fk_product=GETPOST('fk_product','int'); $object->batch=GETPOST('batch','alpha'); @@ -283,7 +283,7 @@ if ($action == 'create') print ''."\n"; // print ''; - // + // print ''; print ''; print ''; @@ -305,28 +305,31 @@ if ($action == 'create') if ($object->id > 0 && (empty($action) || ($action != 'edit' && $action != 'create'))) { $res = $object->fetch_optionals($object->id, $extralabels); - + //print load_fiche_titre($langs->trans("Batch")); - + $head = productlot_prepare_head($object); dol_fiche_head($head, 'card', $langs->trans("Batch"), 0, 'barcode'); - - + + if ($action == 'delete') { $formconfirm = $form->formconfirm($_SERVER["PHP_SELF"] . '?id=' . $object->id, $langs->trans('DeleteBatch'), $langs->trans('ConfirmDeleteBatch'), 'confirm_delete', '', 0, 1); print $formconfirm; } - - + + $linkback = '' . $langs->trans("BackToList") . ''; - - dol_banner_tab($object, 'id', $linkback, 1, 'rowid', 'batch'); - + + $shownav = 1; + if ($user->societe_id && ! in_array('batch', explode(',',$conf->global->MAIN_MODULES_FOR_EXTERNAL))) $shownav=0; + + dol_banner_tab($object, 'id', $linkback, $shownav, 'rowid', 'batch'); + print '
'; print '
'; print '
'.$langs->trans("Label").'
'.$langs->trans("Fieldentity").'
'.$langs->trans("Fieldfk_product").'
'.$langs->trans("Fieldbatch").'
'."\n"; - + // Product print ''; print ''; - + // Sell by print ''; print ''; - + // Other attributes $cols = 2; include DOL_DOCUMENT_ROOT . '/core/tpl/extrafields_view.tpl.php'; - + print '
'.$langs->trans("Product").''; $producttmp = new Product($db); @@ -341,7 +344,7 @@ if ($object->id > 0 && (empty($action) || ($action != 'edit' && $action != 'crea print $form->editfieldval($langs->trans('Eatby'), 'eatby', $object->eatby, $object, $user->rights->stock->creer, 'datepicker'); print '
'; print $form->editfieldkey($langs->trans('Sellby'), 'sellby', $object->sellby, $object, $user->rights->stock->creer, 'datepicker'); @@ -349,15 +352,15 @@ if ($object->id > 0 && (empty($action) || ($action != 'edit' && $action != 'crea print $form->editfieldval($langs->trans('Sellby'), 'sellby', $object->sellby, $object, $user->rights->stock->creer, 'datepicker'); print '
'; - + print '
'; - + dol_fiche_end(); @@ -381,8 +384,8 @@ if ($object->id > 0 && (empty($action) || ($action != 'edit' && $action != 'crea */ } print ''."\n"; - - + + print ''.$langs->trans("ShowCurrentStockOfLot").'
'; print '
'; print ''.$langs->trans("ShowLogOfMovementIfLot").'
'; diff --git a/htdocs/product/traduction.php b/htdocs/product/traduction.php index e7986fde074..3311e228da3 100644 --- a/htdocs/product/traduction.php +++ b/htdocs/product/traduction.php @@ -202,7 +202,10 @@ dol_fiche_head($head, 'translation', $titre, 0, $picto); $linkback = ''.$langs->trans("BackToList").''; -dol_banner_tab($object, 'ref', $linkback, ($user->societe_id?0:1), 'ref', 'ref', '', '', 0, '', '', 1); +$shownav = 1; +if ($user->societe_id && ! in_array('product', explode(',',$conf->global->MAIN_MODULES_FOR_EXTERNAL))) $shownav=0; + +dol_banner_tab($object, 'ref', $linkback, shownav, 'ref'); dol_fiche_end(); @@ -245,7 +248,7 @@ if ($action == 'edit') { $s=picto_from_langcode($key); print "
".($s?$s.' ':'')." ".$langs->trans('Language_'.$key).": ".''.img_delete('', '')."
"; - + print ''; print ''; print ''; } - + // Date start - end print ''; - + // Budget print '
'.$langs->trans('Label').'
'.$langs->trans('Description').''; @@ -275,7 +278,7 @@ if ($action == 'edit') else if ($action != 'add') { if ($cnt_trans) print '
'; - + if (! empty($object->multilangs)) { foreach ($object->multilangs as $key => $value) diff --git a/htdocs/projet/card.php b/htdocs/projet/card.php index f69b54cffdc..727ef1d7fdd 100644 --- a/htdocs/projet/card.php +++ b/htdocs/projet/card.php @@ -134,7 +134,7 @@ if (empty($reshook)) $error++; setEventMessages($langs->trans("ErrorOppStatusRequiredIfAmount"), null, 'errors'); } - + if (! $error) { $error=0; @@ -308,8 +308,8 @@ if (empty($reshook)) setEventMessages($langs->trans("FailedToCloseProject").':'.$object->error, $object->errors, 'errors'); } } - - + + if ($error) { $db->rollback(); @@ -322,7 +322,7 @@ if (empty($reshook)) if (GETPOST('socid','int') > 0) $object->fetch_thirdparty(GETPOST('socid','int')); else unset($object->thirdparty); } - + } // Build doc @@ -619,7 +619,7 @@ if ($action == 'create' && $user->rights->projet->creer) { print '     '; print ''; - } + } print ''; print ''; @@ -641,12 +641,12 @@ if ($action == 'create' && $user->rights->projet->creer) }); '; } -elseif ($object->id > 0) +elseif ($object->id > 0) { /* * Show or edit */ - + $res=$object->fetch_optionals($object->id,$extralabels); // To verify role of users @@ -828,26 +828,26 @@ elseif ($object->id > 0) else { // Project card - + $linkback = ''.$langs->trans("BackToList").''; - + $morehtmlref='
'; // Title $morehtmlref.=$object->title; // Thirdparty - if ($object->thirdparty->id > 0) + if ($object->thirdparty->id > 0) { $morehtmlref.='
'.$langs->trans('ThirdParty') . ' : ' . $object->thirdparty->getNomUrl(1, 'project'); } $morehtmlref.='
'; - + // Define a complementary filter for search of next/prev ref. if (! $user->rights->projet->all->lire) { $objectsListId = $object->getProjectsAuthorizedForUser($user,0,0); $object->next_prev_filter=" rowid in (".(count($objectsListId)?join(',',array_keys($objectsListId)):'0').")"; } - + dol_banner_tab($object, 'ref', $linkback, 1, 'ref', 'ref', $morehtmlref); @@ -881,18 +881,18 @@ elseif ($object->id > 0) if (strcmp($object->opp_amount,'')) print price($object->opp_amount,0,$langs,1,0,0,$conf->currency); print '
'.$langs->trans("DateStart").' - '.$langs->trans("DateEnd").''; print dol_print_date($object->date_start,'day'); $end=dol_print_date($object->date_end,'day'); - if ($end) + if ($end) { print ' - '.$end; if ($object->hasDelay()) print img_warning($langs->trans('Late')); } print '
'.$langs->trans("Budget").''; if (strcmp($object->budget_amount, '')) print price($object->budget_amount,0,$langs,1,0,0,$conf->currency); @@ -901,16 +901,16 @@ elseif ($object->id > 0) // Other attributes $cols = 2; include DOL_DOCUMENT_ROOT . '/core/tpl/extrafields_view.tpl.php'; - + print '
'; - + print ''; print '
'; print '
'; print '
'; - + print ''; - + // Description print '"; } - + print '
'.$langs->trans("Description").''; print nl2br($object->description); @@ -922,13 +922,13 @@ elseif ($object->id > 0) print $form->showCategories($object->id,'project',1); print "
'; - + print '
'; print '
'; print ''; - + print '
'; } @@ -947,9 +947,10 @@ elseif ($object->id > 0) // Change probability from status if (! empty($conf->use_javascript_ajax) && ! empty($conf->global->PROJECT_USE_OPPORTUNITIES)) { + // Default value to close or not when we set opp to 'WON'. $defaultcheckedwhenoppclose=1; if (empty($conf->global->PROJECT_HIDE_TASKS)) $defaultcheckedwhenoppclose=0; - + print ''; print '