From c66695bd56e86f506fa78de2e18cd1f9021e4daf Mon Sep 17 00:00:00 2001 From: gauthier Date: Tue, 30 May 2017 15:35:51 +0200 Subject: [PATCH 01/75] FIX : origin & originid on supplierproposal --- .../class/supplier_proposal.class.php | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/htdocs/supplier_proposal/class/supplier_proposal.class.php b/htdocs/supplier_proposal/class/supplier_proposal.class.php index 572735384e4..aa845169475 100644 --- a/htdocs/supplier_proposal/class/supplier_proposal.class.php +++ b/htdocs/supplier_proposal/class/supplier_proposal.class.php @@ -356,11 +356,13 @@ class SupplierProposal extends CommonObject * @param array $array_option extrafields array * @param string $ref_fourn Supplier price reference * @param int $fk_unit Id of the unit to use. + * @param string $origin 'order', 'supplier_proposal', ... + * @param int $origin_id Id of origin line * @return int >0 if OK, <0 if KO * * @see add_product */ - function addline($desc, $pu_ht, $qty, $txtva, $txlocaltax1=0, $txlocaltax2=0, $fk_product=0, $remise_percent=0, $price_base_type='HT', $pu_ttc=0, $info_bits=0, $type=0, $rang=-1, $special_code=0, $fk_parent_line=0, $fk_fournprice=0, $pa_ht=0, $label='',$array_option=0, $ref_fourn='', $fk_unit='') + function addline($desc, $pu_ht, $qty, $txtva, $txlocaltax1=0, $txlocaltax2=0, $fk_product=0, $remise_percent=0, $price_base_type='HT', $pu_ttc=0, $info_bits=0, $type=0, $rang=-1, $special_code=0, $fk_parent_line=0, $fk_fournprice=0, $pa_ht=0, $label='',$array_option=0, $ref_fourn='', $fk_unit='', $origin, $origin_id) { global $mysoc; @@ -462,7 +464,8 @@ class SupplierProposal extends CommonObject $this->line->special_code=$special_code; $this->line->fk_parent_line=$fk_parent_line; $this->line->fk_unit=$fk_unit; - + $this->line->origin=$origin; + $this->line->origin_id=$origin_id; $this->line->ref_fourn = $this->db->escape($ref_fourn); // infos marge @@ -880,7 +883,10 @@ class SupplierProposal extends CommonObject $this->lines[$i]->pa_ht, $this->lines[$i]->label, $this->lines[$i]->array_options, - $this->lines[$i]->ref_fourn + $this->lines[$i]->ref_fourn, + $this->lines[$i]->fk_unit, + 'supplier_proposal', + $this->lines[$i]->rowid ); if ($result < 0) From 6b7c4cbbe198063ee403792e542cbeb6182da0a5 Mon Sep 17 00:00:00 2001 From: gauthier Date: Tue, 30 May 2017 16:00:21 +0200 Subject: [PATCH 02/75] FIX : default param --- htdocs/supplier_proposal/class/supplier_proposal.class.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/supplier_proposal/class/supplier_proposal.class.php b/htdocs/supplier_proposal/class/supplier_proposal.class.php index aa845169475..23c8257a4f5 100644 --- a/htdocs/supplier_proposal/class/supplier_proposal.class.php +++ b/htdocs/supplier_proposal/class/supplier_proposal.class.php @@ -362,7 +362,7 @@ class SupplierProposal extends CommonObject * * @see add_product */ - function addline($desc, $pu_ht, $qty, $txtva, $txlocaltax1=0, $txlocaltax2=0, $fk_product=0, $remise_percent=0, $price_base_type='HT', $pu_ttc=0, $info_bits=0, $type=0, $rang=-1, $special_code=0, $fk_parent_line=0, $fk_fournprice=0, $pa_ht=0, $label='',$array_option=0, $ref_fourn='', $fk_unit='', $origin, $origin_id) + function addline($desc, $pu_ht, $qty, $txtva, $txlocaltax1=0, $txlocaltax2=0, $fk_product=0, $remise_percent=0, $price_base_type='HT', $pu_ttc=0, $info_bits=0, $type=0, $rang=-1, $special_code=0, $fk_parent_line=0, $fk_fournprice=0, $pa_ht=0, $label='',$array_option=0, $ref_fourn='', $fk_unit='', $origin='', $origin_id=0) { global $mysoc; From 200f4010d89deb5487364b5ff74c2e396d6e1a55 Mon Sep 17 00:00:00 2001 From: Maxime Kohlhaas Date: Tue, 30 May 2017 16:00:39 +0200 Subject: [PATCH 03/75] Fix special char and size limit in SEPA XML --- htdocs/compta/prelevement/class/bonprelevement.class.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/htdocs/compta/prelevement/class/bonprelevement.class.php b/htdocs/compta/prelevement/class/bonprelevement.class.php index f007fa41d21..814bece5bd1 100644 --- a/htdocs/compta/prelevement/class/bonprelevement.class.php +++ b/htdocs/compta/prelevement/class/bonprelevement.class.php @@ -1574,10 +1574,10 @@ class BonPrelevement extends CommonObject $XML_DEBITOR .=' '.$CrLf; $XML_DEBITOR .=' '.$CrLf; $XML_DEBITOR .=' '.$CrLf; - $XML_DEBITOR .=' '.strtoupper(dol_string_unaccent($row_nom)).''.$CrLf; + $XML_DEBITOR .=' '.strtoupper(dol_string_unaccent(dolEscapeXML($row_nom))).''.$CrLf; $XML_DEBITOR .=' '.$CrLf; $XML_DEBITOR .=' '.$row_country_code.''.$CrLf; - $XML_DEBITOR .=' '.dol_string_unaccent(strtr($row_address, array(CHR(13) => ", ", CHR(10) => ""))).''.$CrLf; + $XML_DEBITOR .=' '.dol_trunc(dol_string_unaccent(strtr($row_address, array(CHR(13) => ", ", CHR(10) => ""))),70,'right','UTF-8',true).''.$CrLf; $XML_DEBITOR .=' '.dol_string_unaccent($row_zip.' '.$row_town).''.$CrLf; $XML_DEBITOR .=' '.$CrLf; $XML_DEBITOR .=' '.$CrLf; From 510b1aedcf12d2ce16780bb0fd185bbdbb9cdd68 Mon Sep 17 00:00:00 2001 From: Maxime Kohlhaas Date: Tue, 30 May 2017 16:13:49 +0200 Subject: [PATCH 04/75] Fix xml SEPA $ListOfFactures not used and was listing all invoices in each XML line --- .../prelevement/class/bonprelevement.class.php | 14 +------------- 1 file changed, 1 insertion(+), 13 deletions(-) diff --git a/htdocs/compta/prelevement/class/bonprelevement.class.php b/htdocs/compta/prelevement/class/bonprelevement.class.php index 814bece5bd1..2bfed9b0696 100644 --- a/htdocs/compta/prelevement/class/bonprelevement.class.php +++ b/htdocs/compta/prelevement/class/bonprelevement.class.php @@ -1265,18 +1265,6 @@ class BonPrelevement extends CommonObject * section Debiteur (sepa Debiteurs bloc lines) */ - $tmp_invoices = array(); - - $sql = "SELECT f.facnumber as fac FROM ".MAIN_DB_PREFIX."prelevement_lignes as pl, ".MAIN_DB_PREFIX."facture as f, ".MAIN_DB_PREFIX."prelevement_facture as pf, ".MAIN_DB_PREFIX."societe as soc, ".MAIN_DB_PREFIX."c_country as p, ".MAIN_DB_PREFIX."societe_rib as rib WHERE pl.fk_prelevement_bons = ".$this->id." AND pl.rowid = pf.fk_prelevement_lignes AND pf.fk_facture = f.rowid AND soc.fk_pays = p.rowid AND soc.rowid = f.fk_soc AND rib.fk_soc = f.fk_soc AND rib.default_rib = 1"; - $resql=$this->db->query($sql); - if ($resql) { - while ($objfac = $this->db->fetch_object($resql)) { - $tmp_invoices[] = $objfac->fac; - } - } - - $ListOfFactures = implode($tmp_invoices); - $sql = "SELECT soc.code_client as code, soc.address, soc.zip, soc.town, c.code as country_code,"; $sql.= " pl.client_nom as nom, pl.code_banque as cb, pl.code_guichet as cg, pl.number as cc, pl.amount as somme,"; $sql.= " f.facnumber as fac, pf.fk_facture as idfac, rib.datec, rib.iban_prefix as iban, rib.bic as bic, rib.rowid as drum"; @@ -1303,7 +1291,7 @@ class BonPrelevement extends CommonObject while ($i < $num) { $obj = $this->db->fetch_object($resql); - $fileDebiteurSection .= $this->EnregDestinataireSEPA($obj->code, $obj->nom, $obj->address, $obj->zip, $obj->town, $obj->country_code, $obj->cb, $obj->cg, $obj->cc, $obj->somme, $ListOfFactures, $obj->idfac, $obj->iban, $obj->bic, $this->db->jdate($obj->datec), $obj->drum); + $fileDebiteurSection .= $this->EnregDestinataireSEPA($obj->code, $obj->nom, $obj->address, $obj->zip, $obj->town, $obj->country_code, $obj->cb, $obj->cg, $obj->cc, $obj->somme, $obj->fac, $obj->idfac, $obj->iban, $obj->bic, $this->db->jdate($obj->datec), $obj->drum); $this->total = $this->total + $obj->somme; $i++; } From b2779e2c08e176e639aab478c92e1a2a84016634 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Wed, 31 May 2017 12:05:53 +0200 Subject: [PATCH 05/75] Typo --- ChangeLog | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ChangeLog b/ChangeLog index c297c5d8bce..57824562787 100644 --- a/ChangeLog +++ b/ChangeLog @@ -215,7 +215,7 @@ Dolibarr better: - Method commande->set_availability(user, availability_id) removed from commande class, use method commande->availability(availability_id, notrigger). Dolibarr 5.0 was frozen before PHP 7.1 was released. Unit tests are successful on PHP 7.1 but we don't have enough -feedback to confirm all application is compatible. Current officiel supported PHP versions are PHP 5.3 to 7.0. +feedback to confirm whole application is compatible. Current officiel supported PHP versions are PHP 5.3 to 7.0. ***** ChangeLog for 4.0.6 to 4.0.5 ***** From e41541ab79150449ba1db6f52497beb7ac13db88 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Wed, 31 May 2017 12:47:21 +0200 Subject: [PATCH 06/75] Enhance detection of changelog not updated --- build/makepack-dolibarr.pl | 74 +++++++++++++++++++++++--------------- 1 file changed, 45 insertions(+), 29 deletions(-) diff --git a/build/makepack-dolibarr.pl b/build/makepack-dolibarr.pl index 9c8f8ea601e..fdd14fcf5a2 100755 --- a/build/makepack-dolibarr.pl +++ b/build/makepack-dolibarr.pl @@ -14,7 +14,7 @@ #---------------------------------------------------------------------------- use Cwd; - +use Term::ANSIColor; # Change this to defined target for option 98 and 99 $PROJECT="dolibarr"; @@ -313,20 +313,6 @@ foreach my $target (sort keys %CHOOSEDTARGET) { print "\n"; -# Build xml check file -#----------------------- -if ($CHOOSEDTARGET{'-CHKSUM'}) -{ - print 'Create xml check file with md5 checksum with command php '.$SOURCE.'/build/generate_filecheck_xml.php release='.$MAJOR.'.'.$MINOR.'.'.$BUILD."\n"; - $ret=`php $SOURCE/build/generate_filelist_xml.php release=$MAJOR.$MINOR.$BUILD`; - print $ret."\n"; - # Copy to final dir - $NEWDESTI=$DESTI; - print "Copy \"$SOURCE/htdocs/install/filelist-$MAJOR.$MINOR.$BUILD.xml\" to $NEWDESTI/signatures/filelist-$MAJOR.$MINOR.$BUILD.xml\n"; - use File::Copy qw(copy); - copy "$SOURCE/htdocs/install/filelist-$MAJOR.$MINOR.$BUILD.xml", "$NEWDESTI/signatures/filelist-$MAJOR.$MINOR.$BUILD.xml"; -} - #print join(',',sort keys %CHOOSEDTARGET)."\n"; @@ -335,7 +321,10 @@ if ($CHOOSEDTARGET{'-CHKSUM'}) $nboftargetok=0; $nboftargetneedbuildroot=0; $nbofpublishneedtag=0; +$nbofpublishneedchangelog=0; + foreach my $target (sort keys %CHOOSEDTARGET) { + if ($target eq '-CHKSUM') { $nbofpublishneedchangelog++; } if ($CHOOSEDTARGET{$target} < 0) { next; } if ($target ne 'EXE' && $target ne 'EXEDOLIWAMP' && $target ne '-CHKSUM') { @@ -345,34 +334,31 @@ foreach my $target (sort keys %CHOOSEDTARGET) { } foreach my $target (sort keys %CHOOSEDPUBLISH) { if ($CHOOSEDPUBLISH{$target} < 0) { next; } - if ($target eq 'ASSO') { $nbofpublishneedtag++; } - if ($target eq 'SF') { $nbofpublishneedtag++; } + if ($target eq 'ASSO') { $nbofpublishneedchangelog++; $nbofpublishneedtag++; } + if ($target eq 'SF') { $nbofpublishneedchangelog++; $nbofpublishneedtag++; } $nboftargetok++; } + if ($nboftargetok) { - # Update GIT tag if required - #--------------------------- - if ($nbofpublishneedtag) + # Check Changelog + #---------------- + if ($nbofpublishneedchangelog) { - print "Go to directory $SOURCE\n"; - $olddir=getcwd(); - chdir("$SOURCE"); - # Test that the ChangeLog is ok $TMPBUILDTOCHECKCHANGELOG=$BUILD; $TMPBUILDTOCHECKCHANGELOG =~ s/\-rc\d*//; $TMPBUILDTOCHECKCHANGELOG =~ s/\-beta\d*//; - print "Check if ChangeLog is ok for version $MAJOR.$MINOR\.$TMPBUILDTOCHECKCHANGELOG\n"; + print "\nCheck if ChangeLog is ok for version $MAJOR.$MINOR\.$TMPBUILDTOCHECKCHANGELOG\n"; $ret=`grep "ChangeLog for $MAJOR.$MINOR\.$TMPBUILDTOCHECKCHANGELOG" "$SOURCE/ChangeLog" 2>&1`; if (! $ret) { - print "Error: The ChangeLogFile was not updated. Run the following command before building package for $MAJOR.$MINOR.$BUILD:\n"; + print color("yellow"), "Error: The ChangeLogFile was not updated. Run the following command before building package for $MAJOR.$MINOR.$BUILD:\n", color('reset'); } else { - print "ChangeLog for $MAJOR.$MINOR\.$BUILD was found into '$SOURCE/ChangeLog. But you can regenerate it with commande:'\n"; + print "ChangeLog for $MAJOR.$MINOR\.$BUILD was found into '$SOURCE/ChangeLog. But you can regenerate it with command:'\n"; } if (! $BUILD || $BUILD eq '0-rc') # For a major version { @@ -385,9 +371,39 @@ if ($nboftargetok) { print "\n"; if (! $ret) { - exit; + print "\nPress F to force and continue anyway (or other key to stop)... "; + my $WAITKEY=; + chomp($WAITKEY); + if ($WAITKEY ne 'F') + { + print "Canceled.\n"; + exit; + } } - + } + + # Build xml check file + #----------------------- + if ($CHOOSEDTARGET{'-CHKSUM'}) + { + print 'Create xml check file with md5 checksum with command php '.$SOURCE.'/build/generate_filecheck_xml.php release='.$MAJOR.'.'.$MINOR.'.'.$BUILD."\n"; + $ret=`php $SOURCE/build/generate_filelist_xml.php release=$MAJOR.$MINOR.$BUILD`; + print $ret."\n"; + # Copy to final dir + $NEWDESTI=$DESTI; + print "Copy \"$SOURCE/htdocs/install/filelist-$MAJOR.$MINOR.$BUILD.xml\" to $NEWDESTI/signatures/filelist-$MAJOR.$MINOR.$BUILD.xml\n"; + use File::Copy qw(copy); + copy "$SOURCE/htdocs/install/filelist-$MAJOR.$MINOR.$BUILD.xml", "$NEWDESTI/signatures/filelist-$MAJOR.$MINOR.$BUILD.xml"; + } + + # Update GIT tag if required + #--------------------------- + if ($nbofpublishneedtag) + { + print "Go to directory $SOURCE\n"; + $olddir=getcwd(); + chdir("$SOURCE"); + print 'Run git tag -a -m "'.$MAJOR.'.'.$MINOR.'.'.$BUILD.'" "'.$MAJOR.'.'.$MINOR.'.'.$BUILD.'"'."\n"; $ret=`git tag -a -m "$MAJOR.$MINOR.$BUILD" "$MAJOR.$MINOR.$BUILD" 2>&1`; if ($ret =~ /(already exists|existe déjà)/) From 7139a2dd9d420c9f4dec6179edd40e045f190276 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Wed, 31 May 2017 13:09:25 +0200 Subject: [PATCH 07/75] Update debian package --- build/debian/source/lintian-overrides | 13 +++++++++---- 1 file changed, 9 insertions(+), 4 deletions(-) diff --git a/build/debian/source/lintian-overrides b/build/debian/source/lintian-overrides index b4c0956e90f..c878035b482 100644 --- a/build/debian/source/lintian-overrides +++ b/build/debian/source/lintian-overrides @@ -4,7 +4,12 @@ dolibarr: source-contains-prebuilt-javascript-object htdocs/includes/jsgantt/* dolibarr: source-contains-prebuilt-javascript-object htdocs/includes/jstz/* # Those are false positives, the files are their own sources since # they are not minified -source-is-missing htdocs/includes/jsgantt/jsgantt.js * -source-is-missing htdocs/includes/jquery/plugins/colorpicker/jquery.colorpicker.js * -source-is-missing htdocs/includes/jquery/plugins/select2/select2.js * -source-is-missing htdocs/includes/jquery/plugins/select2/select2_locale_ar.js * +source-is-missing htdocs/includes/ckeditor/ckeditor/plugins/a11yhelp/dialogs/lang/*.js +source-is-missing htdocs/includes/ckeditor/ckeditor/plugins/specialchar/dialogs/lang/*.js +source-is-missing htdocs/includes/ckeditor/ckeditor/lang/*.js +source-is-missing htdocs/includes/ckeditor/ckeditor/plugins/*/dialogs/*.js +source-is-missing htdocs/includes/ckeditor/ckeditor/plugins/*/filter/*.js +source-is-missing htdocs/includes/ckeditor/ckeditor/plugins/templates/templates/default.js +source-is-missing htdocs/includes/mobiledetect/mobiledetectlib/Mobile_Detect.json +source-is-missing htdocs/includes/restler/framework/Luracast/Restler/explorer/lib/*.js + From 82ddf293b622c543e4e9740b775a23358008ab93 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Wed, 31 May 2017 13:29:31 +0200 Subject: [PATCH 08/75] Prepare 5.0.3 --- ChangeLog | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/ChangeLog b/ChangeLog index 57824562787..78793b9d419 100644 --- a/ChangeLog +++ b/ChangeLog @@ -3,6 +3,26 @@ English Dolibarr ChangeLog -------------------------------------------------------------- +***** ChangeLog for 5.0.3 compared to 5.0.2 ***** +FIX: #6677 Expired contracts dashboard box does not show the name of the thirdparty +FIX: #6813 +FIX: 6863 +FIX: #6877 +FIX: #6881 +FIX: Better sanitizing of search all parameter. +FIX: Correction with author and validator user on orders +FIX: dialog window with md theme must not be hidden by left menu part. +FIX: doactions hook missing in invoice model page +FIX: Fullname when member is a moral entity with no name. +FIX: Link to files on bank account tab broken with multicompany FIX: Link to preview on thirdparty broken with multicompany +FIX: New vat code not correctly implemented if "1 price per customer". +FIX: Pagination of invoices +FIX: pagination on resources +FIX: REST API not possible to add agendaevents +FIX: situation invoice broken due to the all percent application form inside addline form +FIX: SQL injection on user/index.php parameter search_statut. +FIX: XSS + ***** ChangeLog for 5.0.2 compared to 5.0.1 ***** FIX: #6468 + Fix missing translation FIX: #6517 #6525 Autocompletion of thirdparty after n chars not implemented From 7c29e286f82f2ca3d3a77a6b67d0534067bad6b0 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Wed, 31 May 2017 13:31:17 +0200 Subject: [PATCH 09/75] Prepare 4.0.7 --- htdocs/filefunc.inc.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/filefunc.inc.php b/htdocs/filefunc.inc.php index d2ca04278ff..13349d3c1da 100644 --- a/htdocs/filefunc.inc.php +++ b/htdocs/filefunc.inc.php @@ -31,7 +31,7 @@ */ if (! defined('DOL_APPLICATION_TITLE')) define('DOL_APPLICATION_TITLE','Dolibarr'); -if (! defined('DOL_VERSION')) define('DOL_VERSION','4.0.6'); +if (! defined('DOL_VERSION')) define('DOL_VERSION','4.0.7'); if (! defined('EURO')) define('EURO',chr(128)); From d70c14a411f520714656f2d5ca8c0a64d300742c Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Wed, 31 May 2017 19:07:39 +0200 Subject: [PATCH 10/75] Update bonprelevement.class.php --- htdocs/compta/prelevement/class/bonprelevement.class.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/htdocs/compta/prelevement/class/bonprelevement.class.php b/htdocs/compta/prelevement/class/bonprelevement.class.php index 2bfed9b0696..dd6b773af9f 100644 --- a/htdocs/compta/prelevement/class/bonprelevement.class.php +++ b/htdocs/compta/prelevement/class/bonprelevement.class.php @@ -1562,11 +1562,11 @@ class BonPrelevement extends CommonObject $XML_DEBITOR .=' '.$CrLf; $XML_DEBITOR .=' '.$CrLf; $XML_DEBITOR .=' '.$CrLf; - $XML_DEBITOR .=' '.strtoupper(dol_string_unaccent(dolEscapeXML($row_nom))).''.$CrLf; + $XML_DEBITOR .=' '.strtoupper(dolEscapeXML(dol_string_unaccent($row_nom))).''.$CrLf; $XML_DEBITOR .=' '.$CrLf; $XML_DEBITOR .=' '.$row_country_code.''.$CrLf; $XML_DEBITOR .=' '.dol_trunc(dol_string_unaccent(strtr($row_address, array(CHR(13) => ", ", CHR(10) => ""))),70,'right','UTF-8',true).''.$CrLf; - $XML_DEBITOR .=' '.dol_string_unaccent($row_zip.' '.$row_town).''.$CrLf; + $XML_DEBITOR .=' '.dolEscapeXML(dol_string_unaccent($row_zip.' '.$row_town)).''.$CrLf; $XML_DEBITOR .=' '.$CrLf; $XML_DEBITOR .=' '.$CrLf; $XML_DEBITOR .=' '.$CrLf; From ab99c178e1a587f301ecad0e34b8bdb57e552469 Mon Sep 17 00:00:00 2001 From: Inovea Conseil Date: Thu, 1 Jun 2017 09:04:20 +0200 Subject: [PATCH 11/75] Print the value of fields Add a loop for printing the value of fields --- dev/skeletons/skeleton_list.php | 18 ++++++++---------- 1 file changed, 8 insertions(+), 10 deletions(-) diff --git a/dev/skeletons/skeleton_list.php b/dev/skeletons/skeleton_list.php index 4453f2d8302..7053486234f 100644 --- a/dev/skeletons/skeleton_list.php +++ b/dev/skeletons/skeleton_list.php @@ -2,6 +2,7 @@ /* Copyright (C) 2007-2016 Laurent Destailleur * Copyright (C) 2014-2016 Juanjo Menent * Copyright (C) 2016 Jean-François Ferry + * Copyright (C) 2017 Nicolas ZABOURI * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -440,17 +441,14 @@ while ($i < min($num, $limit)) // Show here line of result print ''; // LIST_OF_TD_FIELDS_LIST - /* - if (! empty($arrayfields['t.field1']['checked'])) - { - print ''.$obj->field1.''; - if (! $i) $totalarray['nbfield']++; + foreach ($arrayfields as $key => $value) { + if (!empty($arrayfields[$key]['checked'])) { + $key2 = str_replace('t.', '', $key); + print '' . $obj->$key2 . ''; + if (!$i) + $totalarray['nbfield'] ++; + } } - if (! empty($arrayfields['t.field2']['checked'])) - { - print ''.$obj->field2.''; - if (! $i) $totalarray['nbfield']++; - }*/ // Extra fields if (is_array($extrafields->attribute_label) && count($extrafields->attribute_label)) { From fa3cd267f48f98cd4312e90c5779849fd1bbe60a Mon Sep 17 00:00:00 2001 From: Inovea Conseil Date: Thu, 1 Jun 2017 10:51:30 +0200 Subject: [PATCH 12/75] Fix bug of prepare_head of card Delete the call of commande_prepare_head function because do not use in skeleton --- dev/skeletons/skeleton_card.php | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/dev/skeletons/skeleton_card.php b/dev/skeletons/skeleton_card.php index f0a9dd23c26..8c487dee776 100644 --- a/dev/skeletons/skeleton_card.php +++ b/dev/skeletons/skeleton_card.php @@ -297,9 +297,7 @@ if ($object->id > 0 && (empty($action) || ($action != 'edit' && $action != 'crea { $res = $object->fetch_optionals($object->id, $extralabels); - $head = commande_prepare_head($object); - dol_fiche_head($head, 'order', $langs->trans("CustomerOrder"), 0, 'order'); - + print load_fiche_titre($langs->trans("MyModule")); dol_fiche_head(); From 40dd6fc61c0a08118d2d5b1914a2a17c8a44a0d5 Mon Sep 17 00:00:00 2001 From: Inovea Conseil Date: Thu, 1 Jun 2017 11:22:08 +0200 Subject: [PATCH 13/75] Fix bug to display value Fix bug to display the values in the future card.php --- dev/skeletons/build_class_from_table.php | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/dev/skeletons/build_class_from_table.php b/dev/skeletons/build_class_from_table.php index 537975365ef..532da3131a6 100755 --- a/dev/skeletons/build_class_from_table.php +++ b/dev/skeletons/build_class_from_table.php @@ -1,6 +1,7 @@ #!/usr/bin/env php + * Copyright (C) 2017 Nicolas ZABOURI * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -649,7 +650,7 @@ foreach ($skeletonfiles as $skeletonfile => $outfile) { if ($prop['field'] != 'rowid' && $prop['field'] != 'id' && ! $prop['istime']) { - $varprop.="print ''.\$langs->trans(\"Field".$prop['field']."\").'\$object->".$prop['field']."';\n"; + $varprop.="print ''.\$langs->trans(\"Field".$prop['field']."\").''.\$object->".$prop['field'].".'';\n"; } } $targetcontent=preg_replace('/LIST_OF_TD_LABEL_FIELDS_VIEW/', $varprop, $targetcontent); From 0e175ba3737f1120b0ef6d5ce84c483f15ffa594 Mon Sep 17 00:00:00 2001 From: Maxime Kohlhaas Date: Thu, 1 Jun 2017 11:48:14 +0200 Subject: [PATCH 14/75] Fix : SEPA XML address should also have dolEscapeXML --- htdocs/compta/prelevement/class/bonprelevement.class.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/compta/prelevement/class/bonprelevement.class.php b/htdocs/compta/prelevement/class/bonprelevement.class.php index dd6b773af9f..134e125b067 100644 --- a/htdocs/compta/prelevement/class/bonprelevement.class.php +++ b/htdocs/compta/prelevement/class/bonprelevement.class.php @@ -1565,7 +1565,7 @@ class BonPrelevement extends CommonObject $XML_DEBITOR .=' '.strtoupper(dolEscapeXML(dol_string_unaccent($row_nom))).''.$CrLf; $XML_DEBITOR .=' '.$CrLf; $XML_DEBITOR .=' '.$row_country_code.''.$CrLf; - $XML_DEBITOR .=' '.dol_trunc(dol_string_unaccent(strtr($row_address, array(CHR(13) => ", ", CHR(10) => ""))),70,'right','UTF-8',true).''.$CrLf; + $XML_DEBITOR .=' '.dol_trunc(dolEscapeXML(dol_string_unaccent(strtr($row_address, array(CHR(13) => ", ", CHR(10) => "")))),70,'right','UTF-8',true).''.$CrLf; $XML_DEBITOR .=' '.dolEscapeXML(dol_string_unaccent($row_zip.' '.$row_town)).''.$CrLf; $XML_DEBITOR .=' '.$CrLf; $XML_DEBITOR .=' '.$CrLf; From 07a6bb56642f06d32840e2bb2681a84e8b828296 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Thu, 1 Jun 2017 12:26:17 +0200 Subject: [PATCH 15/75] More files to delete in migration --- htdocs/install/upgrade2.php | 19 +++++++++++-------- 1 file changed, 11 insertions(+), 8 deletions(-) diff --git a/htdocs/install/upgrade2.php b/htdocs/install/upgrade2.php index 42c8f50632e..33cfd088ebe 100644 --- a/htdocs/install/upgrade2.php +++ b/htdocs/install/upgrade2.php @@ -413,10 +413,10 @@ if (! GETPOST("action") || preg_match('/upgrade/i',GETPOST('action'))) { // Migrate to add entity value into llx_societe_remise migrate_remise_entity($db,$langs,$conf); - + // Migrate to add entity value into llx_societe_remise_except migrate_remise_except_entity($db,$langs,$conf); - + // Reload modules (this must be always and only into last targeted version) $listofmodule=array( 'MAIN_MODULE_ACCOUNTING'=>'newboxdefonly', @@ -426,11 +426,11 @@ if (! GETPOST("action") || preg_match('/upgrade/i',GETPOST('action'))) 'MAIN_MODULE_PRINTING'=>'newboxdefonly', ); migrate_reload_modules($db,$langs,$conf,$listofmodule); - + // Reload menus (this must be always and only into last targeted version) migrate_reload_menu($db,$langs,$conf,$versionto); } - + // Can force activation of some module during migration with third paramater = MAIN_MODULE_XXX,MAIN_MODULE_YYY,... if ($enablemodules) { @@ -456,8 +456,8 @@ if (! GETPOST("action") || preg_match('/upgrade/i',GETPOST('action'))) // Actions for all versions (not in database) migrate_delete_old_files($db, $langs, $conf); migrate_delete_old_dir($db, $langs, $conf); - - + + dol_mkdir(DOL_DATA_ROOT.'/bank'); migrate_directories($db, $langs, $conf, '/banque/bordereau', '/bank/checkdeposits'); } @@ -3927,10 +3927,13 @@ function migrate_delete_old_files($db,$langs,$conf) DOL_DOCUMENT_ROOT.'/core/modules/mailings/kiwi.modules.php', DOL_DOCUMENT_ROOT.'/core/modules/facture/pdf_crabe.modules.php', DOL_DOCUMENT_ROOT.'/core/modules/facture/pdf_oursin.modules.php', - + DOL_DOCUMENT_ROOT.'/compta/facture/class/api_invoice.class.php', DOL_DOCUMENT_ROOT.'/commande/class/api_commande.class.php', - DOL_DOCUMENT_ROOT.'/user/class/api_user.class.php' + DOL_DOCUMENT_ROOT.'/user/class/api_user.class.php', + DOL_DOCUMENT_ROOT.'/product/class/api_product.class.php', + DOL_DOCUMENT_ROOT.'/societe/class/api_contact.class.php', + DOL_DOCUMENT_ROOT.'/societe/class/api_thirdparty.class.php' ); foreach ($filetodeletearray as $filetodelete) From f4cdb6b25475ece60ec0bcf8bfcc82bc739d3e5e Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Thu, 1 Jun 2017 15:33:23 +0200 Subject: [PATCH 16/75] Fix month on 2 chars. Some setup return on 1 char only. More phpunit assert. --- htdocs/core/lib/functions.lib.php | 173 +++++++++++++++--------------- test/phpunit/DateLibTest.php | 39 ++++--- 2 files changed, 109 insertions(+), 103 deletions(-) diff --git a/htdocs/core/lib/functions.lib.php b/htdocs/core/lib/functions.lib.php index c678e0bc7df..0943bc1a7af 100644 --- a/htdocs/core/lib/functions.lib.php +++ b/htdocs/core/lib/functions.lib.php @@ -102,14 +102,14 @@ function getDoliDBInstance($type, $host, $user, $pass, $name, $port) /** * Get list of entity id to use * - * @param string $element Current element - * 'societe', 'socpeople', 'actioncomm', 'agenda', 'resource', + * @param string $element Current element + * 'societe', 'socpeople', 'actioncomm', 'agenda', 'resource', * 'product', 'productprice', 'stock', * 'propal', 'facture', 'facture_fourn', - * 'categorie', 'bank_account', 'bank_account', 'adherent', 'user', + * 'categorie', 'bank_account', 'bank_account', 'adherent', 'user', * 'commande', 'commande_fournisseur', 'expedition', 'intervention', 'survey', * 'contract', 'tax', 'expensereport', 'holiday', 'multicurrency', 'project', - * 'email_template', 'event', + * 'email_template', 'event', * @param int $shared 0=Return id of entity, 1=Return id entity + shared entities * @return mixed Entity id(s) to use */ @@ -121,7 +121,7 @@ function getEntity($element=false, $shared=0) if ($element == 'actioncomm') $element='agenda'; if ($element == 'fichinter') $element='intervention'; if ($element == 'categorie') $element='category'; - + if (is_object($mc)) { return $mc->getEntity($element, $shared); @@ -203,7 +203,7 @@ function getBrowserInfo($user_agent) elseif (preg_match('/opera(\/|\s)([\d\.]*)/i', $user_agent, $reg)) { $name='opera'; $version=$reg[2]; } elseif (preg_match('/(MSIE\s([0-9]+\.[0-9]))|.*(Trident\/[0-9]+.[0-9];\srv:([0-9]+\.[0-9]+))/i', $user_agent, $reg)) { $name='ie'; $version=end($reg); } // MS products at end elseif (preg_match('/l(i|y)n(x|ks)(\(|\/|\s)*([\d\.]+)/i', $user_agent, $reg)) { $name='lynxlinks'; $version=$reg[4]; } - + if ($tablet) { $layout = 'tablet'; } elseif ($phone) { @@ -268,7 +268,7 @@ function GETPOST($paramname,$check='',$method=0,$filter=NULL,$options=NULL) { $tmp=dol_getdate(dol_now(), true); $out = $tmp['mon']; - } + } elseif ($reg[1] == 'YEAR') { $tmp=dol_getdate(dol_now(), true); @@ -280,7 +280,7 @@ function GETPOST($paramname,$check='',$method=0,$filter=NULL,$options=NULL) $out = $mysoc->country_id; } } - + switch ($check) { case 'int': @@ -337,13 +337,13 @@ function GETPOST($paramname,$check='',$method=0,$filter=NULL,$options=NULL) * This prefix is unique for instance and avoid conflict between multi-instances, * even when having two instances with one root dir or two instances in virtual servers * - * @param string $mode '' or 'email' + * @param string $mode '' or 'email' * @return string A calculated prefix */ function dol_getprefix($mode='') { global $conf; - + // If MAIL_PREFIX_FOR_EMAIL_ID is set and prefix is for email if ($mode == 'email' && ! empty($conf->global->MAIL_PREFIX_FOR_EMAIL_ID)) { @@ -425,15 +425,15 @@ function dol_buildpath($path, $type=0) if ($type == 1) $res = DOL_URL_ROOT.'/'.$path; // Standard value if ($type == 2) $res = DOL_MAIN_URL_ROOT.'/'.$path; // Standard value if ($type == 3) $res = DOL_URL_ROOT.'/'.$path; - + foreach ($conf->file->dol_document_root as $key => $dirroot) // ex: array(["main"]=>"/home/main/htdocs", ["alt0"]=>"/home/dirmod/htdocs", ...) { - if ($key == 'main') + if ($key == 'main') { if ($type == 3) { global $dolibarr_main_url_root; - + // Define $urlwithroot $urlwithouturlroot=preg_replace('/'.preg_quote(DOL_URL_ROOT,'/').'$/i','',trim($dolibarr_main_url_root)); $urlwithroot=$urlwithouturlroot.DOL_URL_ROOT; // This is to use external domain name found into config file @@ -460,12 +460,12 @@ function dol_buildpath($path, $type=0) if ($type == 3) { global $dolibarr_main_url_root; - + // Define $urlwithroot $urlwithouturlroot=preg_replace('/'.preg_quote(DOL_URL_ROOT,'/').'$/i','',trim($dolibarr_main_url_root)); $urlwithroot=$urlwithouturlroot.DOL_URL_ROOT; // This is to use external domain name found into config file //$urlwithroot=DOL_MAIN_URL_ROOT; // This is to use same domain name than current - + $res=(preg_match('/^http/i',$conf->file->dol_url_root[$key])?'':$urlwithroot).$conf->file->dol_url_root[$key].'/'.$path; // Test on start with http is for old conf syntax } break; @@ -732,13 +732,13 @@ function dol_syslog($message, $level = LOG_INFO, $ident = 0, $suffixinfilename=' throw new Exception('Incorrect log level'); } if ($level > $conf->global->SYSLOG_LEVEL) return; - + // If adding log inside HTML page is required if (! empty($_REQUEST['logtohtml']) && (! empty($conf->global->MAIN_ENABLE_LOG_TO_HTML) || ! empty($conf->global->MAIN_LOGTOHTML))) // MAIN_LOGTOHTML kept for backward compatibility { $conf->logbuffer[] = dol_print_date(time(),"%Y-%m-%d %H:%M:%S")." ".$message; } - + //TODO: Remove this. MAIN_ENABLE_LOG_INLINE_HTML should be deprecated and use a log handler dedicated to HTML output // If enable html log tag enabled and url parameter log defined, we show output log on HTML comments if (! empty($conf->global->MAIN_ENABLE_LOG_INLINE_HTML) && ! empty($_GET["log"])) @@ -747,7 +747,7 @@ function dol_syslog($message, $level = LOG_INFO, $ident = 0, $suffixinfilename=' print $message."\n"; print "Log end -->\n"; } - + $data = array( 'message' => $message, 'script' => (isset($_SERVER['PHP_SELF'])? basename($_SERVER['PHP_SELF'],'.php') : false), @@ -755,7 +755,7 @@ function dol_syslog($message, $level = LOG_INFO, $ident = 0, $suffixinfilename=' 'user' => ((is_object($user) && $user->id) ? $user->login : false), 'ip' => false ); - + if (! empty($_SERVER["REMOTE_ADDR"])) $data['ip'] = $_SERVER['REMOTE_ADDR']; // This is when PHP session is ran inside a web server but not inside a client request (example: init code of apache) else if (! empty($_SERVER['SERVER_ADDR'])) $data['ip'] = $_SERVER['SERVER_ADDR']; @@ -814,7 +814,7 @@ function dol_get_fiche_head($links=array(), $active='', $title='', $notab=0, $pi global $conf, $langs, $hookmanager; if ($notab == -1) $notab = 0; // For better compatiblity with modules for 6.0 - + $out="\n".'
'."\n"; // Show title @@ -944,7 +944,7 @@ function dol_get_fiche_head($links=array(), $active='', $title='', $notab=0, $pi { $out = $hookmanager->resPrint; } - + return $out; } @@ -1003,7 +1003,7 @@ function dol_banner_tab($object, $paramid, $morehtml='', $shownav=1, $fieldid='r if ($object->element == 'member') $modulepart='memberphoto'; if ($object->element == 'user') $modulepart='userphoto'; if ($object->element == 'product') $modulepart='product'; - + if ($object->element == 'product') { $width=80; $cssclass='photoref'; @@ -1011,7 +1011,7 @@ function dol_banner_tab($object, $paramid, $morehtml='', $shownav=1, $fieldid='r $maxvisiblephotos=(isset($conf->global->PRODUCT_MAX_VISIBLE_PHOTO)?$conf->global->PRODUCT_MAX_VISIBLE_PHOTO:5); if ($conf->browser->phone) $maxvisiblephotos=1; if ($showimage) $morehtmlleft.='
'.$object->show_photos($conf->product->multidir_output[$object->entity],'small',$maxvisiblephotos,0,0,0,$width,0).'
'; - else + else { if (!empty($conf->global->PRODUCT_NODISPLAYIFNOPHOTO)) { $nophoto=''; @@ -1023,11 +1023,11 @@ function dol_banner_tab($object, $paramid, $morehtml='', $shownav=1, $fieldid='r } } } - else + else { - if ($showimage) + if ($showimage) { - if ($modulepart != 'unknown') + if ($modulepart != 'unknown') { $phototoshow = $form->showphoto($modulepart,$object,0,0,0,'photoref','small',1,0,$maxvisiblephotos); if ($phototoshow) @@ -1040,7 +1040,7 @@ function dol_banner_tab($object, $paramid, $morehtml='', $shownav=1, $fieldid='r elseif ($conf->browser->layout != 'phone') // Show No photo link (picto of pbject) { $morehtmlleft.='
'; - if ($object->element == 'action') + if ($object->element == 'action') { $cssclass='photorefcenter'; $nophoto=img_picto('', 'title_agenda', '', false, 1); @@ -1061,7 +1061,7 @@ function dol_banner_tab($object, $paramid, $morehtml='', $shownav=1, $fieldid='r if ($showbarcode) $morehtmlleft.='
'.$form->showbarcode($object).'
'; if ($object->element == 'societe' && ! empty($conf->use_javascript_ajax) && $user->rights->societe->creer && ! empty($conf->global->MAIN_DIRECT_STATUS_UPDATE)) { $morehtmlstatus.=ajax_object_onoff($object, 'status', 'status', 'InActivity', 'ActivityCeased'); - } + } elseif ($object->element == 'product') { //$morehtmlstatus.=$langs->trans("Status").' ('.$langs->trans("Sell").') '; @@ -1081,39 +1081,39 @@ function dol_banner_tab($object, $paramid, $morehtml='', $shownav=1, $fieldid='r elseif ($object->element == 'facture' || $object->element == 'invoice' || $object->element == 'invoice_supplier') { $tmptxt=$object->getLibStatut(6, $object->totalpaye); - if (empty($tmptxt) || $tmptxt == $object->getLibStatut(3) || $conf->browser->layout=='phone') $tmptxt=$object->getLibStatut(5, $object->totalpaye); + if (empty($tmptxt) || $tmptxt == $object->getLibStatut(3) || $conf->browser->layout=='phone') $tmptxt=$object->getLibStatut(5, $object->totalpaye); $morehtmlstatus.=$tmptxt; } elseif ($object->element == 'chargesociales') { $tmptxt=$object->getLibStatut(6, $object->totalpaye); - if (empty($tmptxt) || $tmptxt == $object->getLibStatut(3) || $conf->browser->layout=='phone') $tmptxt=$object->getLibStatut(5, $object->totalpaye); + if (empty($tmptxt) || $tmptxt == $object->getLibStatut(3) || $conf->browser->layout=='phone') $tmptxt=$object->getLibStatut(5, $object->totalpaye); $morehtmlstatus.=$tmptxt; } elseif ($object->element == 'loan') { $tmptxt=$object->getLibStatut(6, $object->totalpaye); - if (empty($tmptxt) || $tmptxt == $object->getLibStatut(3) || $conf->browser->layout=='phone') $tmptxt=$object->getLibStatut(5, $object->totalpaye); + if (empty($tmptxt) || $tmptxt == $object->getLibStatut(3) || $conf->browser->layout=='phone') $tmptxt=$object->getLibStatut(5, $object->totalpaye); $morehtmlstatus.=$tmptxt; } - elseif ($object->element == 'contrat') + elseif ($object->element == 'contrat') { if ($object->statut==0) $morehtmlstatus.=$object->getLibStatut(2); else $morehtmlstatus.=$object->getLibStatut(4); } else { // Generic case $tmptxt=$object->getLibStatut(6); - if (empty($tmptxt) || $tmptxt == $object->getLibStatut(3) || $conf->browser->layout=='phone') $tmptxt=$object->getLibStatut(5); + if (empty($tmptxt) || $tmptxt == $object->getLibStatut(3) || $conf->browser->layout=='phone') $tmptxt=$object->getLibStatut(5); $morehtmlstatus.=$tmptxt; } if (! empty($object->name_alias)) $morehtmlref.='
'.$object->name_alias.'
'; // For thirdparty - + if ($object->element == 'product' || $object->element == 'bank_account') { if(! empty($object->label)) $morehtmlref.='
'.$object->label.'
'; } - if ($object->element != 'product' && $object->element != 'bookmark') + if ($object->element != 'product' && $object->element != 'bookmark') { $morehtmlref.='
'; $morehtmlref.=$object->getBannerAddress('refaddress',$object); @@ -1125,7 +1125,7 @@ function dol_banner_tab($object, $paramid, $morehtml='', $shownav=1, $fieldid='r $morehtmlref.=$langs->trans("TechnicalID").': '.$object->id; $morehtmlref.='
'; } - + print '
'; print $form->showrefnav($object, $paramid, $morehtml, $shownav, $fieldid, $fieldref, $morehtmlref, $moreparam, $nodbprefix, $morehtmlleft, $morehtmlstatus, $morehtmlright); print '
'; @@ -1301,9 +1301,9 @@ function dol_print_date($time,$format='',$tzoutput='tzserver',$outputlangs='',$e $reduceformat=(! empty($conf->dol_optimize_smallscreen) && in_array($format,array('day','dayhour')))?1:0; $formatwithoutreduce = preg_replace('/reduceformat/','',$format); if ($formatwithoutreduce != $format) { $format = $formatwithoutreduce; $reduceformat=1; } // so format 'dayreduceformat' is processed like day - + // Change predefined format into computer format. If found translation in lang file we use it, otherwise we use default. - // TODO Add format daysmallyear and dayhoursmallyear + // TODO Add format daysmallyear and dayhoursmallyear if ($format == 'day') $format=($outputlangs->trans("FormatDateShort")!="FormatDateShort"?$outputlangs->trans("FormatDateShort"):$conf->format_date_short); else if ($format == 'hour') $format=($outputlangs->trans("FormatHourShort")!="FormatHourShort"?$outputlangs->trans("FormatHourShort"):$conf->format_hour_short); else if ($format == 'hourduration') $format=($outputlangs->trans("FormatHourShortDuration")!="FormatHourShortDuration"?$outputlangs->trans("FormatHourShortDuration"):$conf->format_hour_short_duration); @@ -1375,7 +1375,8 @@ function dol_print_date($time,$format='',$tzoutput='tzserver',$outputlangs='',$e if (preg_match('/__b__/i',$format)) { // Here ret is string in PHP setup language (strftime was used). Now we convert to $outputlangs. - $month=adodb_strftime('%m',$time+$offsettz+$offsetdst); // TODO Remove this + $month=adodb_strftime('%m',$time+$offsettz+$offsetdst); // TODO Replace this with function Date PHP. We also should not use anymore offsettz and offsetdst but only offsettzstring. + $month=sprintf("%02d", $month); // $month may be return with format '06' on some installation and '6' on other, so we force it to '06'. if ($encodetooutput) { $monthtext=$outputlangs->transnoentities('Month'.$month); @@ -1805,7 +1806,7 @@ function dol_print_phone($phone,$countrycode='',$cid=0,$socid=0,$addlink='',$sep $newphone=($separ!=''?'(':'').substr($newphone,0,3).($separ!=''?')':'').$separ.substr($newphone,3,3).($separ!=''?'-':'').substr($newphone,6,4); } } - + if (! empty($addlink)) // Link on phone number (+ link to add action if conf->global->AGENDA_ADDACTIONFORPHONE set) { if (! empty($conf->browser->phone) || (! empty($conf->clicktodial->enabled) && ! empty($conf->global->CLICKTODIAL_USE_TEL_LINK_ON_PHONE_NUMBERS))) // If phone or option for, we use link of phone @@ -1935,7 +1936,7 @@ function dol_user_country() * @param int $mode thirdparty|contact|member|other * @param int $id Id of object * @param int $noprint No output. Result is the function return - * @param string $charfornl Char to use instead of nl2br. '' means we use a standad nl2br. + * @param string $charfornl Char to use instead of nl2br. '' means we use a standad nl2br. * @return string|void Nothing if noprint is 0, formatted address if noprint is 1 * @see dol_format_address */ @@ -1956,7 +1957,7 @@ function dol_print_address($address, $htmlid, $mode, $id, $noprint=0, $charfornl { if (empty($charfornl)) $out.=nl2br($address); else $out.=preg_replace('/[\r\n]+/', $charfornl, $address); - + $showgmap=$showomap=0; // TODO Add a hook here @@ -2084,7 +2085,7 @@ function dol_print_graph($htmlid,$width,$height,$data,$showlegend=0,$type='pie', print '
'.$langs->trans("NotEnoughDataYet").'
'; return; } - + if (empty($conf->use_javascript_ajax)) return; $jsgraphlib='flot'; $datacolor=array(); @@ -2253,7 +2254,7 @@ function dol_trunc($string,$size=40,$trunc='right',$stringencoding='UTF-8',$nodo global $conf; if ($size==0 || ! empty($conf->global->MAIN_DISABLE_TRUNC)) return $string; - + if (empty($stringencoding)) $stringencoding='UTF-8'; // reduce for small screen if ($conf->dol_optimize_smallscreen==1 && $display==1) $size = round($size/3); @@ -3206,7 +3207,7 @@ function load_fiche_titre($titre, $morehtmlright='', $picto='title_generic.png', * @param string $options More parameters for links ('' by default, does not include sortfield neither sortorder) * @param string $sortfield Field to sort on ('' by default) * @param string $sortorder Order to sort ('' by default) - * @param string $center String in the middle ('' by default). We often find here string $massaction comming from $form->selectMassAction() + * @param string $center String in the middle ('' by default). We often find here string $massaction comming from $form->selectMassAction() * @param int $num Number of records found by select with limit+1 * @param int|string $totalnboflines Total number of records/lines for all pages (if known). Use a negative value of number to not show number. Use '' if unknown. * @param string $picto Icon to use before title (should be a 32x32 transparent png file) @@ -3220,11 +3221,11 @@ function load_fiche_titre($titre, $morehtmlright='', $picto='title_generic.png', function print_barre_liste($titre, $page, $file, $options='', $sortfield='', $sortorder='', $center='', $num=-1, $totalnboflines='', $picto='title_generic.png', $pictoisfullpath=0, $morehtml='', $morecss='', $limit=-1, $hideselectlimit=0) { global $conf,$langs; - + $savlimit = $limit; $savtotalnboflines = $totalnboflines; $totalnboflines=abs($totalnboflines); - + if ($picto == 'setup') $picto='title_setup.png'; if (($conf->browser->name == 'ie') && $picto=='title_generic.png') $picto='title.gif'; if ($limit < 0) $limit = $conf->liste_limit; @@ -3237,7 +3238,7 @@ function print_barre_liste($titre, $page, $file, $options='', $sortfield='', $so $nextpage = 0; } //print 'totalnboflines='.$totalnboflines.'-savlimit='.$savlimit.'-limit='.$limit.'-num='.$num.'-nextpage='.$nextpage; - + print "\n"; print "\n"; print ''; @@ -3338,7 +3339,7 @@ function print_fleche_navigation($page, $file, $options='', $nextpage=0, $betwee //$pagesizechoices.=',0:'.$langs->trans("All"); // Not yet supported //$pagesizechoices.=',2:2'; if (! empty($conf->global->MAIN_PAGESIZE_CHOICES)) $pagesizechoices=$conf->global->MAIN_PAGESIZE_CHOICES; - + print ''; } - + // Date start - end print ''; - + // Budget print '
'.$langs->trans("DateStart").' - '.$langs->trans("DateEnd").''; print dol_print_date($object->date_start,'day'); $end=dol_print_date($object->date_end,'day'); - if ($end) + if ($end) { print ' - '.$end; if ($object->hasDelay()) print img_warning($langs->trans('Late')); } print '
'.$langs->trans("Budget").''; if (strcmp($object->budget_amount, '')) print price($object->budget_amount,0,$langs,1,0,0,$conf->currency); @@ -901,16 +901,16 @@ elseif ($object->id > 0) // Other attributes $cols = 2; include DOL_DOCUMENT_ROOT . '/core/tpl/extrafields_view.tpl.php'; - + print '
'; - + print '
'; print '
'; print '
'; print '
'; - + print ''; - + // Description print '"; } - + print '
'.$langs->trans("Description").''; print nl2br($object->description); @@ -922,13 +922,13 @@ elseif ($object->id > 0) print $form->showCategories($object->id,'project',1); print "
'; - + print '
'; print '
'; print '
'; - + print '
'; } @@ -947,9 +947,10 @@ elseif ($object->id > 0) // Change probability from status if (! empty($conf->use_javascript_ajax) && ! empty($conf->global->PROJECT_USE_OPPORTUNITIES)) { + // Default value to close or not when we set opp to 'WON'. $defaultcheckedwhenoppclose=1; if (empty($conf->global->PROJECT_HIDE_TASKS)) $defaultcheckedwhenoppclose=0; - + print ''; print '' . "\n"; } - + // Wrapper to manage dropdown if ($conf->use_javascript_ajax) { @@ -1960,7 +1960,7 @@ if (! function_exists("llxFooter")) console.log("Link has class dropdowncloseonclick, so we close/hide the popup ul"); $(this).parent().parent().hide(); }); - + $(document).bind(\'click\', function (e) { var $clicked = $(e.target); if (!$clicked.parents().hasClass("dropdown")) $(".dropdown dd ul").hide(); @@ -1968,7 +1968,7 @@ if (! function_exists("llxFooter")) }); '; } - + // A div for the address popup print "\n\n"; print ''."\n"; From 0d24df9ffcd0762bc732da77bd80badf81f8af80 Mon Sep 17 00:00:00 2001 From: atm-ph Date: Sat, 10 Jun 2017 14:40:17 +0200 Subject: [PATCH 40/75] Fix 6939 new path for pictures is not used --- .../supplier_proposal/doc/pdf_aurore.modules.php | 14 +++++++++++--- 1 file changed, 11 insertions(+), 3 deletions(-) diff --git a/htdocs/core/modules/supplier_proposal/doc/pdf_aurore.modules.php b/htdocs/core/modules/supplier_proposal/doc/pdf_aurore.modules.php index 3b2812c7b90..c546aad91ad 100644 --- a/htdocs/core/modules/supplier_proposal/doc/pdf_aurore.modules.php +++ b/htdocs/core/modules/supplier_proposal/doc/pdf_aurore.modules.php @@ -167,9 +167,17 @@ class pdf_aurore extends ModelePDFSupplierProposal $objphoto = new Product($this->db); $objphoto->fetch($object->lines[$i]->fk_product); - $pdir = get_exdir($object->lines[$i]->fk_product,2,0,0,$objphoto,'product') . $object->lines[$i]->fk_product ."/photos/"; - $dir = $conf->product->dir_output.'/'.$pdir; - + if (! empty($conf->global->PRODUCT_USE_OLD_PATH_FOR_PHOTO)) + { + $pdir = get_exdir($object->lines[$i]->fk_product,2,0,0,$objphoto,'product') . $object->lines[$i]->fk_product ."/photos/"; + $dir = $conf->product->dir_output.'/'.$pdir; + } + else + { + $pdir = get_exdir(0,2,0,0,$objphoto,'product') . dol_sanitizeFileName($objphoto->ref).'/'; + $dir = $conf->product->dir_output.'/'.$pdir; + } + $realpath=''; foreach ($objphoto->liste_photos($dir,1) as $key => $obj) { From d037515e37938161982583d866c598fc03061c9d Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 29 May 2017 09:57:05 +0200 Subject: [PATCH 41/75] FIX SQL injection on user/index.php parameter search_statut. Conflicts: htdocs/user/index.php --- htdocs/core/lib/functions.lib.php | 3 ++ htdocs/user/index.php | 58 +++++++++++++++---------------- 2 files changed, 32 insertions(+), 29 deletions(-) diff --git a/htdocs/core/lib/functions.lib.php b/htdocs/core/lib/functions.lib.php index 3ced09db552..a212b82c18f 100644 --- a/htdocs/core/lib/functions.lib.php +++ b/htdocs/core/lib/functions.lib.php @@ -250,6 +250,9 @@ function GETPOST($paramname,$check='',$method=0,$filter=NULL,$options=NULL) case 'int': if (! is_numeric($out)) { $out=''; } break; + case 'intcomma': + if (preg_match('/[^0-9,]+/i',$out)) $out=''; + break; case 'alpha': $out=trim($out); // '"' is dangerous because param in url can close the href= or src= and add javascript functions. diff --git a/htdocs/user/index.php b/htdocs/user/index.php index 5d8f02e1c32..669152cb145 100644 --- a/htdocs/user/index.php +++ b/htdocs/user/index.php @@ -100,7 +100,7 @@ $arrayfields=array( // Extra fields if (is_array($extrafields->attribute_label) && count($extrafields->attribute_label)) { - foreach($extrafields->attribute_label as $key => $val) + foreach($extrafields->attribute_label as $key => $val) { $arrayfields["ef.".$key]=array('label'=>$extrafields->attribute_label[$key], 'checked'=>$extrafields->attribute_list[$key], 'position'=>$extrafields->attribute_pos[$key], 'enabled'=>$extrafields->attribute_perms[$key]); } @@ -116,9 +116,9 @@ $search_gender=GETPOST('search_gender','alpha'); $search_employee=GETPOST('search_employee','alpha'); $search_accountancy_code=GETPOST('search_accountancy_code','alpha'); $search_email=GETPOST('search_email','alpha'); -$search_statut=GETPOST('search_statut','alpha'); +$search_statut=GETPOST('search_statut','intcomma'); $search_thirdparty=GETPOST('search_thirdparty','alpha'); -$search_supervisor=GETPOST('search_supervisor','alpha'); +$search_supervisor=GETPOST('search_supervisor','intcomma'); $search_previousconn=GETPOST('search_previousconn','alpha'); $optioncss = GETPOST('optioncss','alpha'); @@ -131,7 +131,7 @@ if ($mode == 'employee') $search_employee=1; /* * Actions */ - + $parameters=array(); $reshook=$hookmanager->executeHooks('doActions',$parameters); // Note that $action and $object may have been modified by some hooks if ($reshook < 0) setEventMessages($hookmanager->error, $hookmanager->errors, 'errors'); @@ -196,8 +196,8 @@ else } if ($socid > 0) $sql.= " AND u.fk_soc = ".$socid; //if ($search_user != '') $sql.=natural_search(array('u.login', 'u.lastname', 'u.firstname'), $search_user); -if ($search_supervisor > 0) $sql.= " AND u.fk_user = ".$search_supervisor; -if ($search_thirdparty != '') $sql.=natural_search(array('s.nom'), $search_thirdparty); +if ($search_supervisor > 0) $sql.= " AND u.fk_user = ".$db->escape($search_supervisor); +if ($search_thirdparty != '') $sql.= natural_search(array('s.nom'), $search_thirdparty); if ($search_login != '') $sql.= natural_search("u.login", $search_login); if ($search_lastname != '') $sql.= natural_search("u.lastname", $search_lastname); if ($search_firstname != '') $sql.= natural_search("u.firstname", $search_firstname); @@ -206,9 +206,9 @@ if (is_numeric($search_employee) && $search_employee >= 0) { $sql .= ' AND u.employee = '.(int) $search_employee; } if ($search_accountancy_code != '') $sql.= natural_search("u.accountancy_code", $search_accountancy_code); -if ($search_email != '') $sql.= natural_search("u.email", $search_email); -if ($search_statut != '' && $search_statut >= 0) $sql.= " AND (u.statut=".$search_statut.")"; -if ($sall) $sql.= natural_search(array_keys($fieldstosearchall), $sall); +if ($search_email != '') $sql.= natural_search("u.email", $search_email); +if ($search_statut != '' && $search_statut >= 0) $sql.= " AND u.statut IN (".$db->escape($search_statut).")"; +if ($sall) $sql.= natural_search(array_keys($fieldstosearchall), $sall); // Add where from extra fields foreach ($search_array_options as $key => $val) { @@ -217,7 +217,7 @@ foreach ($search_array_options as $key => $val) $typ=$extrafields->attribute_type[$tmpkey]; $mode=0; if (in_array($typ, array('int','double'))) $mode=1; // Search on a numeric - if ($val && ( ($crit != '' && ! in_array($typ, array('select'))) || ! empty($crit))) + if ($val && ( ($crit != '' && ! in_array($typ, array('select'))) || ! empty($crit))) { $sql .= natural_search('ef.'.$tmpkey, $crit, $mode); } @@ -265,27 +265,27 @@ if ($result) $crit=$val; $tmpkey=preg_replace('/search_options_/','',$key); if ($val != '') $param.='&search_options_'.$tmpkey.'='.urlencode($val); - } - - + } + + print '
'."\n"; if ($optioncss != '') print ''; print ''; print ''; print ''; print ''; - + if ($sall) { foreach($fieldstosearchall as $key => $val) $fieldstosearchall[$key]=$langs->trans($val); print $langs->trans("FilterOnInto", $sall) . join(', ',$fieldstosearchall); } - + $moreforfilter=''; - + $varpage=empty($contextpage)?$_SERVER["PHP_SELF"]:$contextpage; $selectedfields=$form->multiSelectArrayWithCheckbox('selectedfields', $arrayfields, $varpage); // This also change content of $arrayfields - + print ''; print ''; if (! empty($arrayfields['u.login']['checked'])) print_liste_field_titre($langs->trans("Login"),$_SERVER['PHP_SELF'],"u.login",$param,"","",$sortfield,$sortorder); @@ -303,9 +303,9 @@ if ($result) // Extra fields if (is_array($extrafields->attribute_label) && count($extrafields->attribute_label)) { - foreach($extrafields->attribute_label as $key => $val) + foreach($extrafields->attribute_label as $key => $val) { - if (! empty($arrayfields["ef.".$key]['checked'])) + if (! empty($arrayfields["ef.".$key]['checked'])) { $align=$extrafields->getAlignFlag($key); print_liste_field_titre($extralabels[$key],$_SERVER["PHP_SELF"],"ef.".$key,"",$param,($align?'align="'.$align.'"':''),$sortfield,$sortorder); @@ -340,7 +340,7 @@ if ($result) { print ''; } if (! empty($arrayfields['u.employee']['checked'])) @@ -380,9 +380,9 @@ if ($result) // Extra fields if (is_array($extrafields->attribute_label) && count($extrafields->attribute_label)) { - foreach($extrafields->attribute_label as $key => $val) + foreach($extrafields->attribute_label as $key => $val) { - if (! empty($arrayfields["ef.".$key]['checked'])) + if (! empty($arrayfields["ef.".$key]['checked'])) { $align=$extrafields->getAlignFlag($key); $typeofextrafield=$extrafields->attribute_type[$key]; @@ -428,7 +428,7 @@ if ($result) $searchpitco=$form->showFilterAndCheckAddButtons(0); print $searchpitco; print ''; - + print "\n"; $user2=new User($db); @@ -451,7 +451,7 @@ if ($result) $userstatic->lastname=$obj->lastname; $userstatic->employee=$obj->employee; $userstatic->photo=$obj->photo; - + $li=$userstatic->getNomUrl(-1,'',0,0,24,1,'login'); print ""; @@ -564,8 +564,8 @@ if ($result) } } print ''; - } - + } + // Date last login if (! empty($arrayfields['u.datelastlogin']['checked'])) { @@ -576,13 +576,13 @@ if ($result) { print ''; } - + // Extra fields if (is_array($extrafields->attribute_label) && count($extrafields->attribute_label)) { - foreach($extrafields->attribute_label as $key => $val) + foreach($extrafields->attribute_label as $key => $val) { - if (! empty($arrayfields["ef.".$key]['checked'])) + if (! empty($arrayfields["ef.".$key]['checked'])) { print 'getAlignFlag($key); From 9c482b9f2a021604e29b7321e2e18eed60d08932 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Sat, 10 Jun 2017 21:37:27 +0200 Subject: [PATCH 42/75] FIX CVE-2017-7886 --- htdocs/core/datepicker.php | 2 +- htdocs/core/get_menudiv.php | 2 +- htdocs/core/lib/functions.lib.php | 106 +++++++++++++++--------------- htdocs/core/search_page.php | 8 +-- htdocs/externalsite/frames.php | 2 +- htdocs/install/inc.php | 6 +- htdocs/main.inc.php | 4 +- htdocs/master.inc.php | 2 +- htdocs/support/inc.php | 2 +- htdocs/theme/eldy/style.css.php | 12 ++-- htdocs/theme/md/style.css.php | 52 +++++++-------- 11 files changed, 99 insertions(+), 99 deletions(-) diff --git a/htdocs/core/datepicker.php b/htdocs/core/datepicker.php index 63b765fbadb..99bf9b15a80 100644 --- a/htdocs/core/datepicker.php +++ b/htdocs/core/datepicker.php @@ -39,7 +39,7 @@ if (! defined('NOREQUIREHTML')) define('NOREQUIREHTML',1); require_once '../main.inc.php'; require_once DOL_DOCUMENT_ROOT.'/core/lib/date.lib.php'; -if (GETPOST('lang')) $langs->setDefaultLang(GETPOST('lang')); // If language was forced on URL by the main.inc.php +if (GETPOST('lang', 'aZ09')) $langs->setDefaultLang(GETPOST('lang', 'aZ09')); // If language was forced on URL by the main.inc.php $langs->load("main"); $langs->load("agenda"); $right=($langs->trans("DIRECTION")=='rtl'?'left':'right'); diff --git a/htdocs/core/get_menudiv.php b/htdocs/core/get_menudiv.php index 655e10afd67..f8b3a652e08 100644 --- a/htdocs/core/get_menudiv.php +++ b/htdocs/core/get_menudiv.php @@ -35,7 +35,7 @@ if (! defined('NOREQUIREHTML')) define('NOREQUIREHTML',1); require_once '../main.inc.php'; -if (GETPOST('lang')) $langs->setDefaultLang(GETPOST('lang')); // If language was forced on URL by the main.inc.php +if (GETPOST('lang', 'aZ09')) $langs->setDefaultLang(GETPOST('lang', 'aZ09')); // If language was forced on URL by the main.inc.php $langs->load("main"); $right=($langs->trans("DIRECTION")=='rtl'?'left':'right'); $left=($langs->trans("DIRECTION")=='rtl'?'right':'left'); diff --git a/htdocs/core/lib/functions.lib.php b/htdocs/core/lib/functions.lib.php index a212b82c18f..c4674fbe5a0 100644 --- a/htdocs/core/lib/functions.lib.php +++ b/htdocs/core/lib/functions.lib.php @@ -191,7 +191,7 @@ function getBrowserInfo($user_agent) elseif (preg_match('/opera(\/|\s)([\d\.]*)/i', $user_agent, $reg)) { $name='opera'; $version=$reg[2]; } elseif (preg_match('/(MSIE\s([0-9]+\.[0-9]))|.*(Trident\/[0-9]+.[0-9];\srv:([0-9]+\.[0-9]+))/i', $user_agent, $reg)) { $name='ie'; $version=end($reg); } // MS products at end elseif (preg_match('/l(i|y)n(x|ks)(\(|\/|\s)*([\d\.]+)/i', $user_agent, $reg)) { $name='lynxlinks'; $version=$reg[4]; } - + if ($tablet) { $layout = 'tablet'; } elseif ($phone) { @@ -269,7 +269,7 @@ function GETPOST($paramname,$check='',$method=0,$filter=NULL,$options=NULL) break; case 'aZ09': $out=trim($out); - if (preg_match('/[^a-z0-9]+/i',$out)) $out=''; + if (preg_match('/[^a-z0-9_\-]+/i',$out)) $out=''; break; case 'array': if (! is_array($out) || empty($out)) $out=array(); @@ -290,13 +290,13 @@ function GETPOST($paramname,$check='',$method=0,$filter=NULL,$options=NULL) * This prefix is unique for instance and avoid conflict between multi-instances, * even when having two instances with one root dir or two instances in virtual servers * - * @param string $mode '' or 'email' + * @param string $mode '' or 'email' * @return string A calculated prefix */ function dol_getprefix($mode='') { global $conf; - + // If MAIL_PREFIX_FOR_EMAIL_ID is set and prefix is for email if ($mode == 'email' && ! empty($conf->global->MAIL_PREFIX_FOR_EMAIL_ID)) { @@ -378,15 +378,15 @@ function dol_buildpath($path, $type=0) if ($type == 1) $res = DOL_URL_ROOT.'/'.$path; // Standard value if ($type == 2) $res = DOL_MAIN_URL_ROOT.'/'.$path; // Standard value if ($type == 3) $res = DOL_URL_ROOT.'/'.$path; - + foreach ($conf->file->dol_document_root as $key => $dirroot) // ex: array(["main"]=>"/home/main/htdocs", ["alt0"]=>"/home/dirmod/htdocs", ...) { - if ($key == 'main') + if ($key == 'main') { if ($type == 3) { global $dolibarr_main_url_root; - + // Define $urlwithroot $urlwithouturlroot=preg_replace('/'.preg_quote(DOL_URL_ROOT,'/').'$/i','',trim($dolibarr_main_url_root)); $urlwithroot=$urlwithouturlroot.DOL_URL_ROOT; // This is to use external domain name found into config file @@ -413,12 +413,12 @@ function dol_buildpath($path, $type=0) if ($type == 3) { global $dolibarr_main_url_root; - + // Define $urlwithroot $urlwithouturlroot=preg_replace('/'.preg_quote(DOL_URL_ROOT,'/').'$/i','',trim($dolibarr_main_url_root)); $urlwithroot=$urlwithouturlroot.DOL_URL_ROOT; // This is to use external domain name found into config file //$urlwithroot=DOL_MAIN_URL_ROOT; // This is to use same domain name than current - + $res=(preg_match('/^http/i',$conf->file->dol_url_root[$key])?'':$urlwithroot).$conf->file->dol_url_root[$key].'/'.$path; // Test on start with http is for old conf syntax } break; @@ -957,7 +957,7 @@ function dol_banner_tab($object, $paramid, $morehtml='', $shownav=1, $fieldid='r $maxvisiblephotos=(isset($conf->global->PRODUCT_MAX_VISIBLE_PHOTO)?$conf->global->PRODUCT_MAX_VISIBLE_PHOTO:5); if ($conf->browser->phone) $maxvisiblephotos=1; if ($showimage) $morehtmlleft.='
'.$object->show_photos($conf->product->multidir_output[$object->entity],'small',$maxvisiblephotos,0,0,0,$width,0).'
'; - else + else { if (!empty($conf->global->PRODUCT_NODISPLAYIFNOPHOTO)) { $nophoto=''; @@ -967,17 +967,17 @@ function dol_banner_tab($object, $paramid, $morehtml='', $shownav=1, $fieldid='r $nophoto='/public/theme/common/nophoto.png'; $morehtmlleft.='
No photo
'; } - + } } - else + else { if ($showimage) $morehtmlleft.='
'.$form->showphoto($modulepart,$object,0,0,0,'photoref','small',1,0,$maxvisiblephotos).'
'; } if ($showbarcode) $morehtmlleft.='
'.$form->showbarcode($object).'
'; if ($object->element == 'societe' && ! empty($conf->use_javascript_ajax) && $user->rights->societe->creer && ! empty($conf->global->MAIN_DIRECT_STATUS_UPDATE)) { $morehtmlright.=ajax_object_onoff($object, 'status', 'status', 'InActivity', 'ActivityCeased'); - } + } elseif ($object->element == 'product') { //$morehtmlright.=$langs->trans("Status").' ('.$langs->trans("Sell").') '; @@ -999,7 +999,7 @@ function dol_banner_tab($object, $paramid, $morehtml='', $shownav=1, $fieldid='r } if (! empty($object->name_alias)) $morehtmlref.='
'.$object->name_alias.'
'; // For thirdparty if (! empty($object->label)) $morehtmlref.='
'.$object->label.'
'; // For product - if ($object->element != 'product') + if ($object->element != 'product') { $morehtmlref.='
'; $morehtmlref.=$object->getBannerAddress('refaddress',$object); @@ -1184,9 +1184,9 @@ function dol_print_date($time,$format='',$tzoutput='tzserver',$outputlangs='',$e $reduceformat=(! empty($conf->dol_optimize_smallscreen) && in_array($format,array('day','dayhour')))?1:0; $formatwithoutreduce = preg_replace('/reduceformat/','',$format); if ($formatwithoutreduce != $format) { $format = $formatwithoutreduce; $reduceformat=1; } // so format 'dayreduceformat' is processed like day - + // Change predefined format into computer format. If found translation in lang file we use it, otherwise we use default. - // TODO Add format daysmallyear and dayhoursmallyear + // TODO Add format daysmallyear and dayhoursmallyear if ($format == 'day') $format=($outputlangs->trans("FormatDateShort")!="FormatDateShort"?$outputlangs->trans("FormatDateShort"):$conf->format_date_short); else if ($format == 'hour') $format=($outputlangs->trans("FormatHourShort")!="FormatHourShort"?$outputlangs->trans("FormatHourShort"):$conf->format_hour_short); else if ($format == 'hourduration') $format=($outputlangs->trans("FormatHourShortDuration")!="FormatHourShortDuration"?$outputlangs->trans("FormatHourShortDuration"):$conf->format_hour_short_duration); @@ -1957,7 +1957,7 @@ function dol_print_graph($htmlid,$width,$height,$data,$showlegend=0,$type='pie', print '
'.$langs->trans("NotEnoughDataYet").'
'; return; } - + if (empty($conf->use_javascript_ajax)) return; $jsgraphlib='flot'; $datacolor=array(); @@ -2126,7 +2126,7 @@ function dol_trunc($string,$size=40,$trunc='right',$stringencoding='UTF-8',$nodo global $conf; if ($size==0 || ! empty($conf->global->MAIN_DISABLE_TRUNC)) return $string; - + if (empty($stringencoding)) $stringencoding='UTF-8'; // reduce for small screen if ($conf->dol_optimize_smallscreen==1 && $display==1) $size = round($size/3); @@ -3076,7 +3076,7 @@ function load_fiche_titre($titre, $mesg='', $picto='title_generic.png', $pictois * @param string $options parametres complementaires lien ('' par defaut) * @param string $sortfield champ de tri ('' par defaut) * @param string $sortorder ordre de tri ('' par defaut) - * @param string $center chaine du centre ('' par defaut). We often find here string $massaction comming from $form->selectMassAction() + * @param string $center chaine du centre ('' par defaut). We often find here string $massaction comming from $form->selectMassAction() * @param int $num number of records found by select with limit+1 * @param int $totalnboflines Total number of records/lines for all pages (if known). Use a negative value to no show number. * @param string $picto Icon to use before title (should be a 32x32 transparent png file) @@ -3090,11 +3090,11 @@ function load_fiche_titre($titre, $mesg='', $picto='title_generic.png', $pictois function print_barre_liste($titre, $page, $file, $options='', $sortfield='', $sortorder='', $center='', $num=-1, $totalnboflines=0, $picto='title_generic.png', $pictoisfullpath=0, $morehtml='', $morecss='', $limit=-1, $hideselectlimit=0) { global $conf,$langs; - + $savlimit = $limit; $savtotalnboflines = $totalnboflines; $totalnboflines=abs($totalnboflines); - + if ($picto == 'setup') $picto='title_setup.png'; if (($conf->browser->name == 'ie') && $picto=='title_generic.png') $picto='title.gif'; if ($limit < 0) $limit = $conf->liste_limit; @@ -3107,7 +3107,7 @@ function print_barre_liste($titre, $page, $file, $options='', $sortfield='', $so $nextpage = 0; } //print 'totalnboflines='.$totalnboflines.'-savlimit='.$savlimit.'-limit='.$limit.'-num='.$num.'-nextpage='.$nextpage; - + print "\n"; print "\n"; print '
'; $arraygender=array('man'=>$langs->trans("Genderman"),'woman'=>$langs->trans("Genderwoman")); - print $form->selectarray('search_gender', $arraygender, $search_gender, 1); + print $form->selectarray('search_gender', $arraygender, $search_gender, 1); print '
'.dol_print_date($db->jdate($obj->datepreviouslogin),"dayhour").'
'; @@ -3206,7 +3206,7 @@ function print_fleche_navigation($page, $file, $options='', $nextpage=0, $betwee //$pagesizechoices.=',0:'.$langs->trans("All"); // Not yet supported //$pagesizechoices.=',2:2'; if (! empty($conf->global->MAIN_PAGESIZE_CHOICES)) $pagesizechoices=$conf->global->MAIN_PAGESIZE_CHOICES; - + print '"; - print '"; + print '"; + print ""; print "\n"; $i++; } From cd0869064650d17d514a7b78c8ee11061d475de4 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 12 Jun 2017 12:42:06 +0200 Subject: [PATCH 47/75] Fix ajax search product that return bad json response --- htdocs/product/ajax/products.php | 18 ++++++++++++------ 1 file changed, 12 insertions(+), 6 deletions(-) diff --git a/htdocs/product/ajax/products.php b/htdocs/product/ajax/products.php index 0510299fbd7..15541016963 100644 --- a/htdocs/product/ajax/products.php +++ b/htdocs/product/ajax/products.php @@ -160,7 +160,7 @@ if (! empty($action) && $action == 'fetch' && ! empty($id)) } echo json_encode($outjson); -} +} else { require_once DOL_DOCUMENT_ROOT . '/core/class/html.form.class.php'; @@ -171,17 +171,23 @@ else top_httphead(); if (empty($htmlname)) - return; + { + print json_encode(array()); + return; + } $match = preg_grep('/(' . $htmlname . '[0-9]+)/', array_keys($_GET)); sort($match); $idprod = (! empty($match[0]) ? $match[0] : ''); - - if (! GETPOST($htmlname) && ! GETPOST($idprod)) - return; - // When used from jQuery, the search term is added as GET param "term". + if (GETPOST($htmlname) == '' && ! GETPOST($idprod)) + { + print json_encode(array()); + return; + } + + // When used from jQuery, the search term is added as GET param "term". $searchkey = (GETPOST($idprod) ? GETPOST($idprod) : (GETPOST($htmlname) ? GETPOST($htmlname) : '')); $form = new Form($db); From ec24f223b5f137c30ea1f1672f64c60ce75bf9a2 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 12 Jun 2017 12:55:57 +0200 Subject: [PATCH 48/75] Fix permission on widget --- htdocs/core/boxes/box_produits_alerte_stock.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/core/boxes/box_produits_alerte_stock.php b/htdocs/core/boxes/box_produits_alerte_stock.php index 8a6044583d5..50a4abd320a 100644 --- a/htdocs/core/boxes/box_produits_alerte_stock.php +++ b/htdocs/core/boxes/box_produits_alerte_stock.php @@ -64,7 +64,7 @@ class box_produits_alerte_stock extends ModeleBoxes $this->info_box_head = array('text' => $langs->trans("BoxTitleProductsAlertStock",$max)); - if ($user->rights->produit->lire || $user->rights->service->lire) + if (($user->rights->produit->lire || $user->rights->service->lire) && $user->rights->stock->lire) { $sql = "SELECT p.rowid, p.label, p.price, p.ref, p.price_base_type, p.price_ttc, p.fk_product_type, p.tms, p.tosell, p.tobuy, p.seuil_stock_alerte, p.entity,"; $sql.= " SUM(".$db->ifsql("s.reel IS NULL","0","s.reel").") as total_stock"; From bf41056c68d879aac5f6196f7ca85e9099d7c274 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 12 Jun 2017 14:09:00 +0200 Subject: [PATCH 49/75] Fix test on permission for widgets --- htdocs/core/boxes/box_actions.php | 19 ++++++++++++-- htdocs/core/boxes/box_activity.php | 16 ++++++++---- htdocs/core/boxes/box_bookmarks.php | 19 ++++++++++++-- htdocs/core/boxes/box_clients.php | 6 +++-- htdocs/core/boxes/box_commandes.php | 19 ++++++++++++-- htdocs/core/boxes/box_comptes.php | 6 +++-- htdocs/core/boxes/box_contacts.php | 19 ++++++++++++-- htdocs/core/boxes/box_contracts.php | 19 ++++++++++++-- htdocs/core/boxes/box_external_rss.php | 4 +-- htdocs/core/boxes/box_factures.php | 19 ++++++++++++-- htdocs/core/boxes/box_factures_fourn.php | 19 ++++++++++++-- htdocs/core/boxes/box_factures_fourn_imp.php | 19 ++++++++++++-- htdocs/core/boxes/box_factures_imp.php | 19 ++++++++++++-- htdocs/core/boxes/box_ficheinter.php | 19 ++++++++++++-- htdocs/core/boxes/box_fournisseurs.php | 19 ++++++++++++-- htdocs/core/boxes/box_goodcustomers.php | 8 +++--- .../boxes/box_graph_invoices_permonth.php | 10 +++++--- .../box_graph_invoices_supplier_permonth.php | 8 +++--- .../core/boxes/box_graph_orders_permonth.php | 8 +++--- .../box_graph_orders_supplier_permonth.php | 8 +++--- .../boxes/box_graph_product_distribution.php | 20 +++++++++------ .../boxes/box_graph_propales_permonth.php | 10 +++++--- htdocs/core/boxes/box_members.php | 6 +++-- htdocs/core/boxes/box_produits.php | 19 ++++++++++++-- .../core/boxes/box_produits_alerte_stock.php | 19 ++++++++++++-- htdocs/core/boxes/box_project.php | 20 ++++++++------- htdocs/core/boxes/box_propales.php | 19 ++++++++++++-- htdocs/core/boxes/box_prospect.php | 6 +++-- htdocs/core/boxes/box_services_contracts.php | 19 ++++++++++++-- htdocs/core/boxes/box_services_expired.php | 21 +++++++++++++--- htdocs/core/boxes/box_supplier_orders.php | 19 ++++++++++++-- htdocs/core/boxes/box_task.php | 9 ++++--- htdocs/core/boxes/modules_boxes.php | 25 ++++++++++++------- htdocs/core/class/html.formother.class.php | 18 ++++++------- htdocs/core/class/infobox.class.php | 7 +++--- 35 files changed, 410 insertions(+), 110 deletions(-) diff --git a/htdocs/core/boxes/box_actions.php b/htdocs/core/boxes/box_actions.php index 973738fec11..096786c0ffa 100644 --- a/htdocs/core/boxes/box_actions.php +++ b/htdocs/core/boxes/box_actions.php @@ -44,6 +44,21 @@ class box_actions extends ModeleBoxes var $info_box_contents = array(); + /** + * Constructor + * + * @param DoliDB $db Database handler + * @param string $param More parameters + */ + function __construct($db,$param='') + { + global $user; + + $this->db = $db; + + $this->hidden = ! ($user->rights->agenda->myactions->read); + } + /** * Load data for box to show them later * @@ -173,8 +188,8 @@ class box_actions extends ModeleBoxes function showBox($head = null, $contents = null, $nooutput=0) { global $langs, $conf; - parent::showBox($this->info_box_head, $this->info_box_contents); - $out=''; + $out = parent::showBox($this->info_box_head, $this->info_box_contents); + if (! empty($conf->global->SHOW_DIALOG_HOMEPAGE)) { $actioncejour=false; diff --git a/htdocs/core/boxes/box_activity.php b/htdocs/core/boxes/box_activity.php index 34666507488..a7d54f3554a 100644 --- a/htdocs/core/boxes/box_activity.php +++ b/htdocs/core/boxes/box_activity.php @@ -51,11 +51,17 @@ class box_activity extends ModeleBoxes */ function __construct($db,$param) { - global $conf; + global $conf, $user; $this->db=$db; + // FIXME: Pb into some status - $this->enabled=$conf->global->MAIN_FEATURES_LEVEL; // Not enabled by default due to bugs (see previous comments) + $this->enabled=($conf->global->MAIN_FEATURES_LEVEL); // Not enabled by default due to bugs (see previous comments) + + $this->hidden= ! ((! empty($conf->facture->enabled) && $user->rights->facture->lire) + || (! empty($conf->commande->enabled) && $user->rights->commande->lire) + || (! empty($conf->propal->enabled) && $user->rights->propale->lire) + ); } /** @@ -352,7 +358,7 @@ class box_activity extends ModeleBoxes } // list the summary of the propals - if (! empty($conf->propal->enabled) && $user->rights->propal->lire) + if (! empty($conf->propal->enabled) && $user->rights->propale->lire) { include_once DOL_DOCUMENT_ROOT.'/comm/propal/class/propal.class.php'; $propalstatic=new Propal($db); @@ -456,10 +462,10 @@ class box_activity extends ModeleBoxes * @param array $head Array with properties of box title * @param array $contents Array with properties of box lines * @param int $nooutput No print, only return string - * @return void + * @return string */ function showBox($head = null, $contents = null, $nooutput=0) { - parent::showBox($this->info_box_head, $this->info_box_contents, $nooutput); + return parent::showBox($this->info_box_head, $this->info_box_contents, $nooutput); } } diff --git a/htdocs/core/boxes/box_bookmarks.php b/htdocs/core/boxes/box_bookmarks.php index e99a0b30387..92a2313d8e4 100644 --- a/htdocs/core/boxes/box_bookmarks.php +++ b/htdocs/core/boxes/box_bookmarks.php @@ -40,6 +40,21 @@ class box_bookmarks extends ModeleBoxes var $info_box_contents = array(); + /** + * Constructor + * + * @param DoliDB $db Database handler + * @param string $param More parameters + */ + function __construct($db,$param) + { + global $user; + + $this->db=$db; + + $this->hidden=! ($user->rights->bookmark->lire); + } + /** * Load data for box to show them later * @@ -136,11 +151,11 @@ class box_bookmarks extends ModeleBoxes * @param array $head Array with properties of box title * @param array $contents Array with properties of box lines * @param int $nooutput No print, only return string - * @return void + * @return string */ function showBox($head = null, $contents = null, $nooutput=0) { - parent::showBox($this->info_box_head, $this->info_box_contents, $nooutput); + return parent::showBox($this->info_box_head, $this->info_box_contents, $nooutput); } } diff --git a/htdocs/core/boxes/box_clients.php b/htdocs/core/boxes/box_clients.php index 307dcc7cbfd..e6cd2ede39e 100644 --- a/htdocs/core/boxes/box_clients.php +++ b/htdocs/core/boxes/box_clients.php @@ -58,6 +58,8 @@ class box_clients extends ModeleBoxes // disable box for such cases if (! empty($conf->global->SOCIETE_DISABLE_CUSTOMERS)) $this->enabled=0; // disabled by this option + + $this->hidden = ! ($user->rights->societe->lire); } /** @@ -158,11 +160,11 @@ class box_clients extends ModeleBoxes * @param array $head Array with properties of box title * @param array $contents Array with properties of box lines * @param int $nooutput No print, only return string - * @return void + * @return string */ function showBox($head = null, $contents = null, $nooutput=0) { - parent::showBox($this->info_box_head, $this->info_box_contents, $nooutput); + return parent::showBox($this->info_box_head, $this->info_box_contents, $nooutput); } } diff --git a/htdocs/core/boxes/box_commandes.php b/htdocs/core/boxes/box_commandes.php index 7653206333d..c8b2b30fbad 100644 --- a/htdocs/core/boxes/box_commandes.php +++ b/htdocs/core/boxes/box_commandes.php @@ -44,6 +44,21 @@ class box_commandes extends ModeleBoxes var $info_box_contents = array(); + /** + * Constructor + * + * @param DoliDB $db Database handler + * @param string $param More parameters + */ + function __construct($db,$param) + { + global $user; + + $this->db=$db; + + $this->hidden=! ($user->rights->commande->lire); + } + /** * Load data for box to show them later * @@ -177,11 +192,11 @@ class box_commandes extends ModeleBoxes * @param array $head Array with properties of box title * @param array $contents Array with properties of box lines * @param int $nooutput No print, only return string - * @return void + * @return string */ function showBox($head = null, $contents = null, $nooutput=0) { - parent::showBox($this->info_box_head, $this->info_box_contents, $nooutput); + return parent::showBox($this->info_box_head, $this->info_box_contents, $nooutput); } } diff --git a/htdocs/core/boxes/box_comptes.php b/htdocs/core/boxes/box_comptes.php index a1c3625e78c..245a15e946c 100644 --- a/htdocs/core/boxes/box_comptes.php +++ b/htdocs/core/boxes/box_comptes.php @@ -61,6 +61,8 @@ class box_comptes extends ModeleBoxes // disable module for such cases $listofmodulesforexternal=explode(',',$conf->global->MAIN_MODULES_FOR_EXTERNAL); if (! in_array('banque',$listofmodulesforexternal) && ! empty($user->societe_id)) $this->enabled=0; // disabled for external users + + $this->hidden = ! ($user->rights->banque->lire); } /** @@ -171,11 +173,11 @@ class box_comptes extends ModeleBoxes * @param array $head Array with properties of box title * @param array $contents Array with properties of box lines * @param int $nooutput No print, only return string - * @return void + * @return string */ function showBox($head = null, $contents = null, $nooutput=0) { - parent::showBox($this->info_box_head, $this->info_box_contents, $nooutput); + return parent::showBox($this->info_box_head, $this->info_box_contents, $nooutput); } } diff --git a/htdocs/core/boxes/box_contacts.php b/htdocs/core/boxes/box_contacts.php index 45963af9bb1..068d378ac5e 100644 --- a/htdocs/core/boxes/box_contacts.php +++ b/htdocs/core/boxes/box_contacts.php @@ -45,6 +45,21 @@ class box_contacts extends ModeleBoxes var $info_box_contents = array(); + /** + * Constructor + * + * @param DoliDB $db Database handler + * @param string $param More parameters + */ + function __construct($db,$param) + { + global $user; + + $this->db=$db; + + $this->hidden=! ($user->rights->societe->lire); + } + /** * Load data into info_box_contents array to show array later. * @@ -164,11 +179,11 @@ class box_contacts extends ModeleBoxes * @param array $head Array with properties of box title * @param array $contents Array with properties of box lines * @param int $nooutput No print, only return string - * @return void + * @return string */ function showBox($head = null, $contents = null, $nooutput=0) { - parent::showBox($this->info_box_head, $this->info_box_contents, $nooutput); + return parent::showBox($this->info_box_head, $this->info_box_contents, $nooutput); } } diff --git a/htdocs/core/boxes/box_contracts.php b/htdocs/core/boxes/box_contracts.php index fe864e1df16..747368d6112 100644 --- a/htdocs/core/boxes/box_contracts.php +++ b/htdocs/core/boxes/box_contracts.php @@ -43,6 +43,21 @@ class box_contracts extends ModeleBoxes var $info_box_contents = array(); + /** + * Constructor + * + * @param DoliDB $db Database handler + * @param string $param More parameters + */ + function __construct($db,$param) + { + global $user; + + $this->db=$db; + + $this->hidden=! ($user->rights->contrat->lire); + } + /** * Load data for box to show them later * @@ -160,11 +175,11 @@ class box_contracts extends ModeleBoxes * @param array $head Array with properties of box title * @param array $contents Array with properties of box lines * @param int $nooutput No print, only return string - * @return void + * @return string */ function showBox($head = null, $contents = null, $nooutput=0) { - parent::showBox($this->info_box_head, $this->info_box_contents, $nooutput); + return parent::showBox($this->info_box_head, $this->info_box_contents, $nooutput); } } diff --git a/htdocs/core/boxes/box_external_rss.php b/htdocs/core/boxes/box_external_rss.php index dbe71a6ca41..0e49caf9381 100644 --- a/htdocs/core/boxes/box_external_rss.php +++ b/htdocs/core/boxes/box_external_rss.php @@ -185,11 +185,11 @@ class box_external_rss extends ModeleBoxes * @param array $head Array with properties of box title * @param array $contents Array with properties of box lines * @param int $nooutput No print, only return string - * @return void + * @return string */ function showBox($head = null, $contents = null, $nooutput=0) { - parent::showBox($this->info_box_head, $this->info_box_contents, $nooutput); + return parent::showBox($this->info_box_head, $this->info_box_contents, $nooutput); } } diff --git a/htdocs/core/boxes/box_factures.php b/htdocs/core/boxes/box_factures.php index 22a90929a0b..aadf5ab13ba 100644 --- a/htdocs/core/boxes/box_factures.php +++ b/htdocs/core/boxes/box_factures.php @@ -42,6 +42,21 @@ class box_factures extends ModeleBoxes var $info_box_contents = array(); + /** + * Constructor + * + * @param DoliDB $db Database handler + * @param string $param More parameters + */ + function __construct($db,$param) + { + global $user; + + $this->db=$db; + + $this->hidden=! ($user->rights->facture->lire); + } + /** * Load data into info_box_contents array to show array later. * @@ -181,11 +196,11 @@ class box_factures extends ModeleBoxes * @param array $head Array with properties of box title * @param array $contents Array with properties of box lines * @param int $nooutput No print, only return string - * @return void + * @return string */ function showBox($head = null, $contents = null, $nooutput=0) { - parent::showBox($this->info_box_head, $this->info_box_contents, $nooutput); + return parent::showBox($this->info_box_head, $this->info_box_contents, $nooutput); } } diff --git a/htdocs/core/boxes/box_factures_fourn.php b/htdocs/core/boxes/box_factures_fourn.php index b43d9cfc47b..383a6115b29 100644 --- a/htdocs/core/boxes/box_factures_fourn.php +++ b/htdocs/core/boxes/box_factures_fourn.php @@ -43,6 +43,21 @@ class box_factures_fourn extends ModeleBoxes var $info_box_contents = array(); + /** + * Constructor + * + * @param DoliDB $db Database handler + * @param string $param More parameters + */ + function __construct($db,$param) + { + global $user; + + $this->db=$db; + + $this->hidden=! ($user->rights->fournisseur->facture->lire); + } + /** * Load data into info_box_contents array to show array later. * @@ -190,11 +205,11 @@ class box_factures_fourn extends ModeleBoxes * @param array $head Array with properties of box title * @param array $contents Array with properties of box lines * @param int $nooutput No print, only return string - * @return void + * @return string */ function showBox($head = null, $contents = null, $nooutput=0) { - parent::showBox($this->info_box_head, $this->info_box_contents, $nooutput); + return parent::showBox($this->info_box_head, $this->info_box_contents, $nooutput); } } diff --git a/htdocs/core/boxes/box_factures_fourn_imp.php b/htdocs/core/boxes/box_factures_fourn_imp.php index 0d6bc28f077..4c56fc9cc93 100644 --- a/htdocs/core/boxes/box_factures_fourn_imp.php +++ b/htdocs/core/boxes/box_factures_fourn_imp.php @@ -42,6 +42,21 @@ class box_factures_fourn_imp extends ModeleBoxes var $info_box_contents = array(); + /** + * Constructor + * + * @param DoliDB $db Database handler + * @param string $param More parameters + */ + function __construct($db,$param) + { + global $user; + + $this->db=$db; + + $this->hidden=! ($user->rights->fournisseur->facture->lire); + } + /** * Load data into info_box_contents array to show array later. * @@ -181,11 +196,11 @@ class box_factures_fourn_imp extends ModeleBoxes * @param array $head Array with properties of box title * @param array $contents Array with properties of box lines * @param int $nooutput No print, only return string - * @return void + * @return string */ function showBox($head = null, $contents = null, $nooutput=0) { - parent::showBox($this->info_box_head, $this->info_box_contents, $nooutput); + return parent::showBox($this->info_box_head, $this->info_box_contents, $nooutput); } } diff --git a/htdocs/core/boxes/box_factures_imp.php b/htdocs/core/boxes/box_factures_imp.php index d3336500263..ccb7f5c91eb 100644 --- a/htdocs/core/boxes/box_factures_imp.php +++ b/htdocs/core/boxes/box_factures_imp.php @@ -45,6 +45,21 @@ class box_factures_imp extends ModeleBoxes var $info_box_contents = array(); + /** + * Constructor + * + * @param DoliDB $db Database handler + * @param string $param More parameters + */ + function __construct($db,$param) + { + global $user; + + $this->db=$db; + + $this->hidden=! ($user->rights->facture->lire); + } + /** * Load data into info_box_contents array to show array later. * @@ -184,11 +199,11 @@ class box_factures_imp extends ModeleBoxes * @param array $head Array with properties of box title * @param array $contents Array with properties of box lines * @param int $nooutput No print, only return string - * @return void + * @return string */ function showBox($head = null, $contents = null, $nooutput=0) { - parent::showBox($this->info_box_head, $this->info_box_contents, $nooutput); + return parent::showBox($this->info_box_head, $this->info_box_contents, $nooutput); } } diff --git a/htdocs/core/boxes/box_ficheinter.php b/htdocs/core/boxes/box_ficheinter.php index d57a2a991df..0a68c8173b4 100644 --- a/htdocs/core/boxes/box_ficheinter.php +++ b/htdocs/core/boxes/box_ficheinter.php @@ -43,6 +43,21 @@ class box_ficheinter extends ModeleBoxes var $info_box_contents = array(); + /** + * Constructor + * + * @param DoliDB $db Database handler + * @param string $param More parameters + */ + function __construct($db,$param) + { + global $user; + + $this->db=$db; + + $this->hidden=! ($user->rights->ficheinter->lire); + } + /** * Load data for box to show them later * @@ -145,11 +160,11 @@ class box_ficheinter extends ModeleBoxes * @param array $head Array with properties of box title * @param array $contents Array with properties of box lines * @param int $nooutput No print, only return string - * @return void + * @return string */ function showBox($head = null, $contents = null, $nooutput=0) { - parent::showBox($this->info_box_head, $this->info_box_contents, $nooutput); + return parent::showBox($this->info_box_head, $this->info_box_contents, $nooutput); } } diff --git a/htdocs/core/boxes/box_fournisseurs.php b/htdocs/core/boxes/box_fournisseurs.php index ed3680af455..bac582a4534 100644 --- a/htdocs/core/boxes/box_fournisseurs.php +++ b/htdocs/core/boxes/box_fournisseurs.php @@ -43,6 +43,21 @@ class box_fournisseurs extends ModeleBoxes var $info_box_contents = array(); + /** + * Constructor + * + * @param DoliDB $db Database handler + * @param string $param More parameters + */ + function __construct($db,$param) + { + global $user; + + $this->db=$db; + + $this->hidden=! ($user->rights->societe->lire); + } + /** * Load data into info_box_contents array to show array later. * @@ -140,11 +155,11 @@ class box_fournisseurs extends ModeleBoxes * @param array $head Array with properties of box title * @param array $contents Array with properties of box lines * @param int $nooutput No print, only return string - * @return void + * @return string */ function showBox($head = null, $contents = null, $nooutput=0) { - parent::showBox($this->info_box_head, $this->info_box_contents, $nooutput); + return parent::showBox($this->info_box_head, $this->info_box_contents, $nooutput); } } diff --git a/htdocs/core/boxes/box_goodcustomers.php b/htdocs/core/boxes/box_goodcustomers.php index 552ed92b8a3..36d99ce7b9a 100644 --- a/htdocs/core/boxes/box_goodcustomers.php +++ b/htdocs/core/boxes/box_goodcustomers.php @@ -59,7 +59,9 @@ class box_goodcustomers extends ModeleBoxes // disable box for such cases if (! empty($conf->global->SOCIETE_DISABLE_CUSTOMERS)) $this->enabled=0; // disabled by this option - if (empty($conf->global->MAIN_BOX_ENABLE_BEST_CUSTOMERS)) $this->enabled=0; // not enabled by default. Very slow on large database + if (empty($conf->global->MAIN_BOX_ENABLE_BEST_CUSTOMERS)) $this->enabled=0; // not enabled by default. Very slow on large database + + $this->hidden = ! ($user->rights->societe->lire); } /** @@ -160,11 +162,11 @@ class box_goodcustomers extends ModeleBoxes * @param array $head Array with properties of box title * @param array $contents Array with properties of box lines * @param int $nooutput No print, only return string - * @return void + * @return string */ function showBox($head = null, $contents = null, $nooutput=0) { - parent::showBox($this->info_box_head, $this->info_box_contents, $nooutput); + return parent::showBox($this->info_box_head, $this->info_box_contents, $nooutput); } } diff --git a/htdocs/core/boxes/box_graph_invoices_permonth.php b/htdocs/core/boxes/box_graph_invoices_permonth.php index e4639070203..49bdc447fa1 100644 --- a/htdocs/core/boxes/box_graph_invoices_permonth.php +++ b/htdocs/core/boxes/box_graph_invoices_permonth.php @@ -47,9 +47,11 @@ class box_graph_invoices_permonth extends ModeleBoxes */ function __construct($db,$param) { - global $conf; + global $user; $this->db=$db; + + $this->hidden = ! ($user->rights->facture->lire); } /** @@ -133,7 +135,7 @@ class box_graph_invoices_permonth extends ModeleBoxes if (! $mesg) { $langs->load("bills"); - + $px1->SetData($data1); unset($data1); $px1->SetPrecisionY(0); @@ -266,11 +268,11 @@ class box_graph_invoices_permonth extends ModeleBoxes * @param array $head Array with properties of box title * @param array $contents Array with properties of box lines * @param int $nooutput No print, only return string - * @return void + * @return string */ function showBox($head = null, $contents = null, $nooutput=0) { - parent::showBox($this->info_box_head, $this->info_box_contents, $nooutput); + return parent::showBox($this->info_box_head, $this->info_box_contents, $nooutput); } } diff --git a/htdocs/core/boxes/box_graph_invoices_supplier_permonth.php b/htdocs/core/boxes/box_graph_invoices_supplier_permonth.php index 254195b42f1..8e822db8baf 100644 --- a/htdocs/core/boxes/box_graph_invoices_supplier_permonth.php +++ b/htdocs/core/boxes/box_graph_invoices_supplier_permonth.php @@ -47,9 +47,11 @@ class box_graph_invoices_supplier_permonth extends ModeleBoxes */ function __construct($db,$param) { - global $conf; + global $user; $this->db=$db; + + $this->hidden = ! ($user->rights->fournisseur->facture->lire); } /** @@ -263,11 +265,11 @@ class box_graph_invoices_supplier_permonth extends ModeleBoxes * @param array $head Array with properties of box title * @param array $contents Array with properties of box lines * @param int $nooutput No print, only return string - * @return void + * @return string */ function showBox($head = null, $contents = null, $nooutput=0) { - parent::showBox($this->info_box_head, $this->info_box_contents, $nooutput); + return parent::showBox($this->info_box_head, $this->info_box_contents, $nooutput); } } diff --git a/htdocs/core/boxes/box_graph_orders_permonth.php b/htdocs/core/boxes/box_graph_orders_permonth.php index 6b023b9c157..ac48ca6313e 100644 --- a/htdocs/core/boxes/box_graph_orders_permonth.php +++ b/htdocs/core/boxes/box_graph_orders_permonth.php @@ -47,9 +47,11 @@ class box_graph_orders_permonth extends ModeleBoxes */ function __construct($db,$param) { - global $conf; + global $user; $this->db=$db; + + $this->hidden = ! ($user->rights->commande->lire); } /** @@ -264,11 +266,11 @@ class box_graph_orders_permonth extends ModeleBoxes * @param array $head Array with properties of box title * @param array $contents Array with properties of box lines * @param int $nooutput No print, only return string - * @return void + * @return string */ function showBox($head = null, $contents = null, $nooutput=0) { - parent::showBox($this->info_box_head, $this->info_box_contents, $nooutput); + return parent::showBox($this->info_box_head, $this->info_box_contents, $nooutput); } } diff --git a/htdocs/core/boxes/box_graph_orders_supplier_permonth.php b/htdocs/core/boxes/box_graph_orders_supplier_permonth.php index 646f28e949c..63868c8dcee 100644 --- a/htdocs/core/boxes/box_graph_orders_supplier_permonth.php +++ b/htdocs/core/boxes/box_graph_orders_supplier_permonth.php @@ -47,9 +47,11 @@ class box_graph_orders_supplier_permonth extends ModeleBoxes */ function __construct($db,$param) { - global $conf; + global $user; $this->db=$db; + + $this->hidden = ! ($user->rights->fournisseur->commande->lire); } /** @@ -263,11 +265,11 @@ class box_graph_orders_supplier_permonth extends ModeleBoxes * @param array $head Array with properties of box title * @param array $contents Array with properties of box lines * @param int $nooutput No print, only return string - * @return void + * @return string */ function showBox($head = null, $contents = null, $nooutput=0) { - parent::showBox($this->info_box_head, $this->info_box_contents, $nooutput); + return parent::showBox($this->info_box_head, $this->info_box_contents, $nooutput); } } diff --git a/htdocs/core/boxes/box_graph_product_distribution.php b/htdocs/core/boxes/box_graph_product_distribution.php index 2b3c69a9e15..0623c9a0466 100644 --- a/htdocs/core/boxes/box_graph_product_distribution.php +++ b/htdocs/core/boxes/box_graph_product_distribution.php @@ -48,9 +48,15 @@ class box_graph_product_distribution extends ModeleBoxes */ function __construct($db,$param) { - global $conf; + global $user, $conf; $this->db=$db; + + $this->hidden = ! ( + (! empty($conf->facture->enabled) && ! empty($user->rights->facture->lire)) + || (! empty($conf->commande->enabled) && ! empty($user->rights->commande->lire)) + || (! empty($conf->propal->enabled) && ! empty($user->rights->propale->lire)) + ); } /** @@ -93,7 +99,7 @@ class box_graph_product_distribution extends ModeleBoxes } if (empty($showinvoicenb) && empty($showpropalnb) && empty($showordernb)) { $showpropalnb=1; $showinvoicenb=1; $showordernb=1; } if (empty($conf->facture->enabled) || empty($user->rights->facture->lire)) $showinvoicenb=0; - if (empty($conf->propal->enabled) || empty($user->rights->propal->lire)) $showpropalnb=0; + if (empty($conf->propal->enabled) || empty($user->rights->propale->lire)) $showpropalnb=0; if (empty($conf->commande->enabled) || empty($user->rights->commande->lire)) $showordernb=0; $nowarray=dol_getdate(dol_now(),true); @@ -188,7 +194,7 @@ class box_graph_product_distribution extends ModeleBoxes } } - if (! empty($conf->propal->enabled) && ! empty($user->rights->propal->lire)) + if (! empty($conf->propal->enabled) && ! empty($user->rights->propale->lire)) { // Build graphic number of object. $data = array(array('Lib',val1,val2,val3),...) if ($showpropalnb) @@ -250,7 +256,7 @@ class box_graph_product_distribution extends ModeleBoxes if (! empty($conf->commande->enabled) && ! empty($user->rights->commande->lire)) { $langs->load("orders"); - + // Build graphic number of object. $data = array(array('Lib',val1,val2,val3),...) if ($showordernb) { @@ -334,7 +340,7 @@ class box_graph_product_distribution extends ModeleBoxes $stringtoshow.=' '.$langs->trans("ForCustomersInvoices"); $stringtoshow.='   '; } - if (! empty($conf->propal->enabled) || ! empty($user->rights->propal->lire)) + if (! empty($conf->propal->enabled) || ! empty($user->rights->propale->lire)) { $stringtoshow.=' '.$langs->trans("ForProposals"); $stringtoshow.=' '; @@ -393,11 +399,11 @@ class box_graph_product_distribution extends ModeleBoxes * @param array $head Array with properties of box title * @param array $contents Array with properties of box lines * @param int $nooutput No print, only return string - * @return void + * @return string */ function showBox($head = null, $contents = null, $nooutput=0) { - parent::showBox($this->info_box_head, $this->info_box_contents, $nooutput); + return parent::showBox($this->info_box_head, $this->info_box_contents, $nooutput); } } diff --git a/htdocs/core/boxes/box_graph_propales_permonth.php b/htdocs/core/boxes/box_graph_propales_permonth.php index 39fe12ed7a3..00bcc0cd1e3 100644 --- a/htdocs/core/boxes/box_graph_propales_permonth.php +++ b/htdocs/core/boxes/box_graph_propales_permonth.php @@ -47,9 +47,11 @@ class box_graph_propales_permonth extends ModeleBoxes */ function __construct($db,$param) { - global $conf; + global $user; $this->db=$db; + + $this->hidden=! ($user->rights->propale->lire); } /** @@ -87,7 +89,7 @@ class box_graph_propales_permonth extends ModeleBoxes if ($user->societe_id) $socid=$user->societe_id; if (! $user->rights->societe->client->voir || $socid) $prefix.='private-'.$user->id.'-'; // If user has no permission to see all, output dir is specific to user - if ($user->rights->propal->lire) + if ($user->rights->propale->lire) { $param_year='DOLUSERCOOKIE_box_'.$this->boxcode.'_year'; $param_shownb='DOLUSERCOOKIE_box_'.$this->boxcode.'_shownb'; @@ -265,11 +267,11 @@ class box_graph_propales_permonth extends ModeleBoxes * @param array $head Array with properties of box title * @param array $contents Array with properties of box lines * @param int $nooutput No print, only return string - * @return void + * @return string */ function showBox($head = null, $contents = null, $nooutput=0) { - parent::showBox($this->info_box_head, $this->info_box_contents, $nooutput); + return parent::showBox($this->info_box_head, $this->info_box_contents, $nooutput); } } diff --git a/htdocs/core/boxes/box_members.php b/htdocs/core/boxes/box_members.php index afcbe8e68a6..b19c35ca8b3 100644 --- a/htdocs/core/boxes/box_members.php +++ b/htdocs/core/boxes/box_members.php @@ -60,6 +60,8 @@ class box_members extends ModeleBoxes // disable module for such cases $listofmodulesforexternal=explode(',',$conf->global->MAIN_MODULES_FOR_EXTERNAL); if (! in_array('adherent',$listofmodulesforexternal) && ! empty($user->societe_id)) $this->enabled=0; // disabled for external users + + $this->hidden=! ($user->rights->adherent->lire); } /** @@ -170,11 +172,11 @@ class box_members extends ModeleBoxes * @param array $head Array with properties of box title * @param array $contents Array with properties of box lines * @param int $nooutput No print, only return string - * @return void + * @return string */ function showBox($head = null, $contents = null, $nooutput=0) { - parent::showBox($this->info_box_head, $this->info_box_contents, $nooutput); + return parent::showBox($this->info_box_head, $this->info_box_contents, $nooutput); } } diff --git a/htdocs/core/boxes/box_produits.php b/htdocs/core/boxes/box_produits.php index 7ea5b8aec58..f1307e496f5 100644 --- a/htdocs/core/boxes/box_produits.php +++ b/htdocs/core/boxes/box_produits.php @@ -45,6 +45,21 @@ class box_produits extends ModeleBoxes var $info_box_contents = array(); + /** + * Constructor + * + * @param DoliDB $db Database handler + * @param string $param More parameters + */ + function __construct($db,$param) + { + global $user; + + $this->db=$db; + + $this->hidden=! ($user->rights->produit->lire || $user->rights->service->lire); + } + /** * Load data into info_box_contents array to show array later. * @@ -202,11 +217,11 @@ class box_produits extends ModeleBoxes * @param array $head Array with properties of box title * @param array $contents Array with properties of box lines * @param int $nooutput No print, only return string - * @return void + * @return string */ function showBox($head = null, $contents = null, $nooutput=0) { - parent::showBox($this->info_box_head, $this->info_box_contents, $nooutput); + return parent::showBox($this->info_box_head, $this->info_box_contents, $nooutput); } } diff --git a/htdocs/core/boxes/box_produits_alerte_stock.php b/htdocs/core/boxes/box_produits_alerte_stock.php index 50a4abd320a..2fb58372db4 100644 --- a/htdocs/core/boxes/box_produits_alerte_stock.php +++ b/htdocs/core/boxes/box_produits_alerte_stock.php @@ -47,6 +47,21 @@ class box_produits_alerte_stock extends ModeleBoxes var $info_box_contents = array(); + /** + * Constructor + * + * @param DoliDB $db Database handler + * @param string $param More parameters + */ + function __construct($db,$param='') + { + global $user; + + $this->db = $db; + + $this->hidden = ! (($user->rights->produit->lire || $user->rights->service->lire) && $user->rights->stock->lire); + } + /** * Load data into info_box_contents array to show array later. * @@ -214,11 +229,11 @@ class box_produits_alerte_stock extends ModeleBoxes * @param array $head Array with properties of box title * @param array $contents Array with properties of box lines * @param int $nooutput No print, only return string - * @return void + * @return string */ function showBox($head = null, $contents = null, $nooutput=0) { - parent::showBox($this->info_box_head, $this->info_box_contents, $nooutput); + return parent::showBox($this->info_box_head, $this->info_box_contents, $nooutput); } } diff --git a/htdocs/core/boxes/box_project.php b/htdocs/core/boxes/box_project.php index a47ae3d0cb5..66fd386d226 100644 --- a/htdocs/core/boxes/box_project.php +++ b/htdocs/core/boxes/box_project.php @@ -48,12 +48,14 @@ class box_project extends ModeleBoxes */ function __construct($db,$param='') { - global $langs; + global $user, $langs; $langs->load("boxes"); $langs->load("projects"); $this->db = $db; $this->boxlabel="Projects"; + + $this->hidden=! ($user->rights->projet->lire); } /** @@ -77,16 +79,16 @@ class box_project extends ModeleBoxes // list the summary of the orders if ($user->rights->projet->lire) { - + include_once(DOL_DOCUMENT_ROOT.'/projet/class/project.class.php'); $projectstatic = new Project($this->db); - + $socid=$user->societe_id; - + // Get list of project id allowed to user (in a string list separated by coma) $projectsListId=''; if (! $user->rights->projet->all->lire) $projectsListId = $projectstatic->getProjectsAuthorizedForUser($user,0,1,$socid); - + $sql = "SELECT p.rowid, p.ref, p.title, p.fk_statut, p.public"; $sql.= " FROM ".MAIN_DB_PREFIX."projet as p"; if($user->socid) $sql.= " INNER JOIN ".MAIN_DB_PREFIX."societe as s ON s.rowid=p.fk_soc"; @@ -96,7 +98,7 @@ class box_project extends ModeleBoxes $sql.= " AND p.fk_statut = 1"; // Seulement les projets ouverts if ($socid) $sql.= " AND (p.fk_soc IS NULL OR p.fk_soc = 0 OR p.fk_soc = ".$socid.")"; if (! $user->rights->societe->client->voir && ! $socid) $sql.= " AND ((s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id.") OR (s.rowid IS NULL))"; - + $sql.= " ORDER BY p.datec DESC"; //$sql.= $db->plimit($max, 0); @@ -156,7 +158,7 @@ class box_project extends ModeleBoxes } if ($max < $num) { - $this->info_box_contents[$i][0] = array('td' => 'colspan="5"', 'text' => '...'); + $this->info_box_contents[$i][0] = array('td' => 'colspan="5"', 'text' => '...'); $i++; } } @@ -195,11 +197,11 @@ class box_project extends ModeleBoxes * @param array $head Array with properties of box title * @param array $contents Array with properties of box lines * @param int $nooutput No print, only return string - * @return void + * @return string */ function showBox($head = null, $contents = null, $nooutput=0) { - parent::showBox($this->info_box_head, $this->info_box_contents, $nooutput); + return parent::showBox($this->info_box_head, $this->info_box_contents, $nooutput); } } diff --git a/htdocs/core/boxes/box_propales.php b/htdocs/core/boxes/box_propales.php index b0a1e4a3798..a505fa8e275 100644 --- a/htdocs/core/boxes/box_propales.php +++ b/htdocs/core/boxes/box_propales.php @@ -44,6 +44,21 @@ class box_propales extends ModeleBoxes var $info_box_contents = array(); + /** + * Constructor + * + * @param DoliDB $db Database handler + * @param string $param More parameters + */ + function __construct($db,$param) + { + global $user; + + $this->db=$db; + + $this->hidden=! ($user->rights->propale->lire); + } + /** * Load data into info_box_contents array to show array later. * @@ -167,11 +182,11 @@ class box_propales extends ModeleBoxes * @param array $head Array with properties of box title * @param array $contents Array with properties of box lines * @param int $nooutput No print, only return string - * @return void + * @return string */ function showBox($head = null, $contents = null, $nooutput=0) { - parent::showBox($this->info_box_head, $this->info_box_contents, $nooutput); + return parent::showBox($this->info_box_head, $this->info_box_contents, $nooutput); } } diff --git a/htdocs/core/boxes/box_prospect.php b/htdocs/core/boxes/box_prospect.php index 40adb98b405..098ea813e44 100644 --- a/htdocs/core/boxes/box_prospect.php +++ b/htdocs/core/boxes/box_prospect.php @@ -60,6 +60,8 @@ class box_prospect extends ModeleBoxes // disable box for such cases if (! empty($conf->global->SOCIETE_DISABLE_PROSPECTS)) $this->enabled=0; // disabled by this option + + $this->hidden=! ($user->rights->societe->lire); } /** @@ -168,11 +170,11 @@ class box_prospect extends ModeleBoxes * @param array $head Array with properties of box title * @param array $contents Array with properties of box lines * @param int $nooutput No print, only return string - * @return void + * @return string */ function showBox($head = null, $contents = null, $nooutput=0) { - parent::showBox($this->info_box_head, $this->info_box_contents, $nooutput); + return parent::showBox($this->info_box_head, $this->info_box_contents, $nooutput); } } diff --git a/htdocs/core/boxes/box_services_contracts.php b/htdocs/core/boxes/box_services_contracts.php index 4d7759ff081..fd8346a3f0c 100644 --- a/htdocs/core/boxes/box_services_contracts.php +++ b/htdocs/core/boxes/box_services_contracts.php @@ -43,6 +43,21 @@ class box_services_contracts extends ModeleBoxes var $info_box_contents = array(); + /** + * Constructor + * + * @param DoliDB $db Database handler + * @param string $param More parameters + */ + function __construct($db,$param) + { + global $user; + + $this->db=$db; + + $this->hidden=! ($user->rights->service->lire && $user->rights->contrat->lire); + } + /** * Load data into info_box_contents array to show array later. * @@ -173,11 +188,11 @@ class box_services_contracts extends ModeleBoxes * @param array $head Array with properties of box title * @param array $contents Array with properties of box lines * @param int $nooutput No print, only return string - * @return void + * @return string */ function showBox($head = null, $contents = null, $nooutput=0) { - parent::showBox($this->info_box_head, $this->info_box_contents, $nooutput); + return parent::showBox($this->info_box_head, $this->info_box_contents, $nooutput); } } diff --git a/htdocs/core/boxes/box_services_expired.php b/htdocs/core/boxes/box_services_expired.php index 90f36ef6d30..42ac3750a11 100644 --- a/htdocs/core/boxes/box_services_expired.php +++ b/htdocs/core/boxes/box_services_expired.php @@ -42,6 +42,21 @@ class box_services_expired extends ModeleBoxes var $info_box_contents = array(); + /** + * Constructor + * + * @param DoliDB $db Database handler + * @param string $param More parameters + */ + function __construct($db,$param) + { + global $user; + + $this->db=$db; + + $this->hidden=! ($user->rights->contrat->lire); + } + /** * Load data for box to show them later * @@ -84,7 +99,7 @@ class box_services_expired extends ModeleBoxes $i = 0; $thirdpartytmp = new Societe($this->db); - + while ($i < $num) { $late=''; @@ -151,11 +166,11 @@ class box_services_expired extends ModeleBoxes * @param array $head Array with properties of box title * @param array $contents Array with properties of box lines * @param int $nooutput No print, only return string - * @return void + * @return string */ function showBox($head = null, $contents = null, $nooutput=0) { - parent::showBox($this->info_box_head, $this->info_box_contents, $nooutput); + return parent::showBox($this->info_box_head, $this->info_box_contents, $nooutput); } } diff --git a/htdocs/core/boxes/box_supplier_orders.php b/htdocs/core/boxes/box_supplier_orders.php index 1f0e1ece2ef..4f28a8ce62c 100644 --- a/htdocs/core/boxes/box_supplier_orders.php +++ b/htdocs/core/boxes/box_supplier_orders.php @@ -43,6 +43,21 @@ class box_supplier_orders extends ModeleBoxes var $info_box_contents = array(); + /** + * Constructor + * + * @param DoliDB $db Database handler + * @param string $param More parameters + */ + function __construct($db,$param) + { + global $user; + + $this->db=$db; + + $this->hidden=! ($user->rights->fournisseur->commande->lire); + } + /** * Load data into info_box_contents array to show array later. * @@ -172,11 +187,11 @@ class box_supplier_orders extends ModeleBoxes * @param array $head Array with properties of box title * @param array $contents Array with properties of box lines * @param int $nooutput No print, only return string - * @return void + * @return string */ function showBox($head = null, $contents = null, $nooutput=0) { - parent::showBox($this->info_box_head, $this->info_box_contents, $nooutput); + return parent::showBox($this->info_box_head, $this->info_box_contents, $nooutput); } } diff --git a/htdocs/core/boxes/box_task.php b/htdocs/core/boxes/box_task.php index 29dd9390597..e6224198ca5 100644 --- a/htdocs/core/boxes/box_task.php +++ b/htdocs/core/boxes/box_task.php @@ -42,6 +42,7 @@ class box_task extends ModeleBoxes var $info_box_head = array(); var $info_box_contents = array(); + /** * Constructor * @@ -50,11 +51,13 @@ class box_task extends ModeleBoxes */ function __construct($db,$param='') { - global $langs; + global $user, $langs; $langs->load("boxes"); $langs->load("projects"); $this->boxlabel="Tasks"; $this->db = $db; + + $this->hidden = ! ($user->rights->projet->lire); } /** @@ -138,10 +141,10 @@ class box_task extends ModeleBoxes * @param array $head Array with properties of box title * @param array $contents Array with properties of box lines * @param int $nooutput No print, only return string - * @return void + * @return string */ function showBox($head = null, $contents = null, $nooutput=0) { - parent::showBox($this->info_box_head, $this->info_box_contents, $nooutput); + return parent::showBox($this->info_box_head, $this->info_box_contents, $nooutput); } } diff --git a/htdocs/core/boxes/modules_boxes.php b/htdocs/core/boxes/modules_boxes.php index 566da25aad3..b1a27f1d77c 100644 --- a/htdocs/core/boxes/modules_boxes.php +++ b/htdocs/core/boxes/modules_boxes.php @@ -49,10 +49,15 @@ class ModeleBoxes // Can't be abtract as it is instantiated to build "empty" public $max = 5; /** - * @var int Status + * @var int Condition to have widget enabled */ public $enabled=1; + /** + * @var int Condition to have widget visible (in most cases, permissions) + */ + public $hidden=0; + /** * @var int Box definition database ID */ @@ -168,29 +173,29 @@ class ModeleBoxes // Can't be abtract as it is instantiated to build "empty" } } - + /** * Standard method to get content of a box * * @param array $head Array with properties of box title * @param array $contents Array with properties of box lines * - * @return string + * @return string */ function outputBox($head = null, $contents = null) { global $langs, $user, $conf; - + // Trick to get result into a var from a function that makes print instead of return // TODO Replace ob_start with param nooutput=1 into showBox ob_start(); $result = $this->showBox($head, $contents); $output = ob_get_contents(); ob_end_clean(); - + return $output; } - + /** * Standard method to show a box (usage by boxes not mandatory, a box can still use its own showBox function) * @@ -203,6 +208,8 @@ class ModeleBoxes // Can't be abtract as it is instantiated to build "empty" { global $langs, $user, $conf; + if (! empty($this->hidden)) return '\n\n'; // Nothing done if hidden (for example when user has no permission) + require_once DOL_DOCUMENT_ROOT .'/core/lib/files.lib.php'; $MAXLENGTHBOX=60; // Mettre 0 pour pas de limite @@ -365,13 +372,13 @@ class ModeleBoxes // Can't be abtract as it is instantiated to build "empty" $out = ""; $out.= dol_readcachefile($cachedir, $filename); } - + if ($nooutput) return $out; else print $out; - + return ''; } - + } diff --git a/htdocs/core/class/html.formother.class.php b/htdocs/core/class/html.formother.class.php index 7e78f7bbe4d..cdf6dc79155 100644 --- a/htdocs/core/class/html.formother.class.php +++ b/htdocs/core/class/html.formother.class.php @@ -320,7 +320,7 @@ class FormOther { dol_syslog(__METHOD__ . ': using numeric value for parameter type is deprecated. Use string code instead.', LOG_WARNING); } - + // Load list of "categories" $static_categs = new Categorie($this->db); $tab_categs = $static_categs->get_full_arbo($type); @@ -621,12 +621,12 @@ class FormOther $b = hexdec($hexb); } $bright = (max($r, $g, $b) + min($r, $g, $b)) / 510.0; // HSL algorithm - if ($bright > 0.6) $textcolor='000'; + if ($bright > 0.6) $textcolor='000'; } - + include_once DOL_DOCUMENT_ROOT.'/core/lib/functions2.lib.php'; $color = colorArrayToHex(colorStringToArray($color,array()),''); - + if ($color) print ''; else print $textifnotdefined; } @@ -989,7 +989,7 @@ class FormOther * Class 'Form' must be known. * * @param User $user Object User - * @param String $areacode Code of area for pages (0=value for Home page) + * @param string $areacode Code of area for pages ('0'=value for Home page) * @return array array('selectboxlist'=>, 'boxactivated'=>, 'boxlist'=>) */ static function getBoxesArea($user,$areacode) @@ -1002,16 +1002,16 @@ class FormOther // $boxactivated will be array of boxes enabled into global setup // $boxidactivatedforuser will be array of boxes choosed by user - + $selectboxlist=''; - $boxactivated=InfoBox::listBoxes($db,'activated',$areacode,(empty($user->conf->$confuserzone)?null:$user)); // Search boxes of common+user (or common only if user has no specific setup) - + $boxactivated=InfoBox::listBoxes($db, 'activated', $areacode, (empty($user->conf->$confuserzone)?null:$user), array(), 0); // Search boxes of common+user (or common only if user has no specific setup) + $boxidactivatedforuser=array(); foreach($boxactivated as $box) { if (empty($user->conf->$confuserzone) || $box->fk_user == $user->id) $boxidactivatedforuser[$box->id]=$box->id; // We keep only boxes to show for user } - + // Define selectboxlist $arrayboxtoactivatelabel=array(); if (! empty($user->conf->$confuserzone)) diff --git a/htdocs/core/class/infobox.class.php b/htdocs/core/class/infobox.class.php index cd06eb587b7..41e131bba37 100644 --- a/htdocs/core/class/infobox.class.php +++ b/htdocs/core/class/infobox.class.php @@ -45,9 +45,10 @@ class InfoBox * @param string $zone Name or area (-1 for all, 0 for Homepage, 1 for xxx, ...) * @param User|null $user Object user to filter * @param array $excludelist Array of box id (box.box_id = boxes_def.rowid) to exclude + * @param int $includehidden Include also hidden boxes * @return array Array of boxes */ - static function listBoxes($db, $mode, $zone, $user=null, $excludelist=array()) + static function listBoxes($db, $mode, $zone, $user=null, $excludelist=array(), $includehidden=1) { global $conf; @@ -72,7 +73,7 @@ class InfoBox $sql.= " FROM ".MAIN_DB_PREFIX."boxes_def as d"; $sql.= " WHERE d.entity IN (0,".(! empty($conf->multicompany->enabled) && ! empty($conf->multicompany->transverse_mode)?"1,":"").$conf->entity.")"; } - + dol_syslog(get_class()."::listBoxes get default box list for mode=".$mode." userid=".(is_object($user)?$user->id:'')."", LOG_DEBUG); $resql = $db->query($sql); if ($resql) @@ -155,7 +156,7 @@ class InfoBox //print '=>'.$boxname.'-enabled='.$enabled.'
'; //print 'xx module='.$module.' enabled='.$enabled; - if ($enabled) $boxes[]=$box; + if ($enabled && ($includehidden || empty($box->hidden))) $boxes[]=$box; else unset($box); } else From d7cbb598c12283d1d937a17089349510258eff4f Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 12 Jun 2017 14:30:00 +0200 Subject: [PATCH 50/75] Fix permission for external users --- htdocs/core/boxes/box_clients.php | 2 +- htdocs/core/boxes/box_fournisseurs.php | 2 +- htdocs/core/boxes/box_prospect.php | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/htdocs/core/boxes/box_clients.php b/htdocs/core/boxes/box_clients.php index e6cd2ede39e..5ef627e1ced 100644 --- a/htdocs/core/boxes/box_clients.php +++ b/htdocs/core/boxes/box_clients.php @@ -59,7 +59,7 @@ class box_clients extends ModeleBoxes // disable box for such cases if (! empty($conf->global->SOCIETE_DISABLE_CUSTOMERS)) $this->enabled=0; // disabled by this option - $this->hidden = ! ($user->rights->societe->lire); + $this->hidden = ! ($user->rights->societe->lire && empty($user->socid)); } /** diff --git a/htdocs/core/boxes/box_fournisseurs.php b/htdocs/core/boxes/box_fournisseurs.php index bac582a4534..d9d41fd3d4f 100644 --- a/htdocs/core/boxes/box_fournisseurs.php +++ b/htdocs/core/boxes/box_fournisseurs.php @@ -55,7 +55,7 @@ class box_fournisseurs extends ModeleBoxes $this->db=$db; - $this->hidden=! ($user->rights->societe->lire); + $this->hidden=! ($user->rights->societe->lire && empty($user->socid)); } /** diff --git a/htdocs/core/boxes/box_prospect.php b/htdocs/core/boxes/box_prospect.php index 098ea813e44..d3b24782d83 100644 --- a/htdocs/core/boxes/box_prospect.php +++ b/htdocs/core/boxes/box_prospect.php @@ -61,7 +61,7 @@ class box_prospect extends ModeleBoxes // disable box for such cases if (! empty($conf->global->SOCIETE_DISABLE_PROSPECTS)) $this->enabled=0; // disabled by this option - $this->hidden=! ($user->rights->societe->lire); + $this->hidden=! ($user->rights->societe->lire && empty($user->socid)); } /** From 279e6ab30468429e5a46964000e76680c42fae16 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 12 Jun 2017 14:54:03 +0200 Subject: [PATCH 51/75] Fix missing parameters --- htdocs/core/boxes/box_produits.php | 2 +- htdocs/core/boxes/box_produits_alerte_stock.php | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/htdocs/core/boxes/box_produits.php b/htdocs/core/boxes/box_produits.php index f1307e496f5..35e44296d93 100644 --- a/htdocs/core/boxes/box_produits.php +++ b/htdocs/core/boxes/box_produits.php @@ -87,7 +87,7 @@ class box_produits extends ModeleBoxes // Add where from hooks if (is_object($hookmanager)) { - $parameters=array(); + $parameters=array('boxproductlist'=>1); $reshook=$hookmanager->executeHooks('printFieldListWhere',$parameters); // Note that $action and $object may have been modified by hook $sql.=$hookmanager->resPrint; } diff --git a/htdocs/core/boxes/box_produits_alerte_stock.php b/htdocs/core/boxes/box_produits_alerte_stock.php index 2fb58372db4..295fd6c6392 100644 --- a/htdocs/core/boxes/box_produits_alerte_stock.php +++ b/htdocs/core/boxes/box_produits_alerte_stock.php @@ -92,7 +92,7 @@ class box_produits_alerte_stock extends ModeleBoxes // Add where from hooks if (is_object($hookmanager)) { - $parameters=array(); + $parameters=array('boxproductalertstocklist'=>1); $reshook=$hookmanager->executeHooks('printFieldListWhere',$parameters); // Note that $action and $object may have been modified by hook $sql.=$hookmanager->resPrint; } From 2916444f6c7919cc80b8c316ac881994e25d8dc8 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 12 Jun 2017 15:30:00 +0200 Subject: [PATCH 52/75] Fix check on module product for external user --- htdocs/core/lib/security.lib.php | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/htdocs/core/lib/security.lib.php b/htdocs/core/lib/security.lib.php index 45dbb32b7f0..f55f60c7f69 100644 --- a/htdocs/core/lib/security.lib.php +++ b/htdocs/core/lib/security.lib.php @@ -146,7 +146,9 @@ function restrictedArea($user, $features, $objectid=0, $tableandshare='', $featu $readok=1; $nbko=0; foreach ($featuresarray as $feature) // first we check nb of test ko { - if (! empty($user->societe_id) && ! empty($conf->global->MAIN_MODULES_FOR_EXTERNAL) && ! in_array($feature,$listofmodules)) // If limits on modules for external users, module must be into list of modules for external users + $featureforlistofmodule=$feature; + if ($featureforlistofmodule == 'produit') $featureforlistofmodule='product'; + if (! empty($user->societe_id) && ! empty($conf->global->MAIN_MODULES_FOR_EXTERNAL) && ! in_array($featureforlistofmodule,$listofmodules)) // If limits on modules for external users, module must be into list of modules for external users { $readok=0; $nbko++; continue; From 5d9a84dedb4bea9283c30b257b4add9385ab383d Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 12 Jun 2017 15:35:50 +0200 Subject: [PATCH 53/75] Fix sql syntax error --- htdocs/core/class/html.formother.class.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/core/class/html.formother.class.php b/htdocs/core/class/html.formother.class.php index cdf6dc79155..98720d335b9 100644 --- a/htdocs/core/class/html.formother.class.php +++ b/htdocs/core/class/html.formother.class.php @@ -409,7 +409,7 @@ class FormOther $sql_usr.= " WHERE u2.entity IN (0,".$conf->entity.")"; $sql_usr.= " AND u2.rowid = sc.fk_user AND sc.fk_soc=".$user->societe_id; } - $sql_usr.= " ORDER BY u.statut DESC, lastname ASC"; + $sql_usr.= " ORDER BY statut DESC, lastname ASC"; // Do not use 'ORDER BY u.statut' here, not compatible with the UNION. //print $sql_usr;exit; $resql_usr = $this->db->query($sql_usr); From 64a6ff9687d8fec5462117066fd335f62591e849 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 12 Jun 2017 16:26:25 +0200 Subject: [PATCH 54/75] Fix test for navigation disabling for external users --- htdocs/product/card.php | 77 ++++---- htdocs/product/composition/card.php | 31 ++-- htdocs/product/document.php | 25 +-- htdocs/product/fournisseurs.php | 43 ++--- htdocs/product/info.php | 13 +- htdocs/product/note.php | 13 +- htdocs/product/price.php | 169 +++++++++--------- htdocs/product/stats/card.php | 21 ++- htdocs/product/stats/commande.php | 17 +- htdocs/product/stats/commande_fournisseur.php | 19 +- htdocs/product/stats/contrat.php | 23 +-- htdocs/product/stats/facture.php | 25 +-- htdocs/product/stats/facture_fournisseur.php | 17 +- htdocs/product/stats/propal.php | 23 +-- htdocs/product/stock/card.php | 13 +- htdocs/product/stock/info.php | 7 +- htdocs/product/stock/mouvement.php | 97 +++++----- htdocs/product/stock/product.php | 85 ++++----- htdocs/product/stock/productlot_card.php | 53 +++--- htdocs/product/traduction.php | 9 +- 20 files changed, 420 insertions(+), 360 deletions(-) diff --git a/htdocs/product/card.php b/htdocs/product/card.php index 380163121e3..31a865132c8 100644 --- a/htdocs/product/card.php +++ b/htdocs/product/card.php @@ -165,7 +165,7 @@ if (empty($reshook)) exit; } } - + // Barcode type if ($action == 'setfk_barcode_type' && $createbarcode) { @@ -221,7 +221,7 @@ if (empty($reshook)) $action = "create"; $error++; } - + if (! $error) { $units = GETPOST('units', 'int'); @@ -289,7 +289,7 @@ if (empty($reshook)) $object->volume_units = GETPOST('volume_units'); $object->finished = GETPOST('finished'); $object->fk_unit = GETPOST('units'); - + $accountancy_code_sell = GETPOST('accountancy_code_sell'); $accountancy_code_buy = GETPOST('accountancy_code_buy'); @@ -413,7 +413,7 @@ if (empty($reshook)) $accountancy_code_sell = GETPOST('accountancy_code_sell'); $accountancy_code_buy = GETPOST('accountancy_code_buy'); - + if ($accountancy_code_sell <= 0) { $object->accountancy_code_sell = ''; } else { $object->accountancy_code_sell = $accountancy_code_sell; } if ($accountancy_code_buy <= 0) { $object->accountancy_code_buy = ''; } else { $object->accountancy_code_buy = $accountancy_code_buy; } @@ -643,7 +643,7 @@ if (empty($reshook)) $tmpvat = price2num(preg_replace('/\s*\(.*\)/', '', $tva_tx)); $tmpprodvat = price2num(preg_replace('/\s*\(.*\)/', '', $prod->tva_tx)); - + // On reevalue prix selon taux tva car taux tva transaction peut etre different // de ceux du produit par defaut (par exemple si pays different entre vendeur et acheteur). if ($tmpvat != $tmpprodvat) { @@ -653,7 +653,7 @@ if (empty($reshook)) $pu_ttc = price2num($pu_ht * (1 + ($tmpvat / 100)), 'MU'); } } - + if (GETPOST('propalid') > 0) { // Define cost price for margin calculation $buyprice=0; @@ -666,7 +666,7 @@ if (empty($reshook)) { $buyprice = $result; } - + $result = $propal->addline( $desc, $pu_ht, @@ -709,7 +709,7 @@ if (empty($reshook)) { $buyprice = $result; } - + $result = $commande->addline( $desc, $pu_ht, @@ -895,7 +895,7 @@ else dol_fiche_head(''); print '
'; + print ''; print $product_static->LibStatut($objp->tosell,5,0); - print "'; + print "'; print $product_static->LibStatut($objp->tobuy,5,1); - print "
'; - + print ''; $tmpcode=''; if (! empty($modCodeProduct->code_auto)) $tmpcode=$modCodeProduct->getNextValue($object,$type); @@ -1067,14 +1067,14 @@ else //if (! empty($conf->global->MAIN_DISABLE_NOTES_TAB)) available in create mode //{ print '"; //} - + if($conf->categorie->enabled) { // Categories print ''; - } - else // For external software + } + else // For external software { // Accountancy_code_sell print ''; @@ -1460,15 +1460,18 @@ else $linkback = ''.$langs->trans("BackToList").''; $object->next_prev_filter=" fk_product_type = ".$object->type; - dol_banner_tab($object, 'ref', $linkback, ($user->societe_id?0:1), 'ref'); - - + $shownav = 1; + if ($user->societe_id && ! in_array('product', explode(',',$conf->global->MAIN_MODULES_FOR_EXTERNAL))) $shownav=0; + + dol_banner_tab($object, 'ref', $linkback, $shownav, 'ref'); + + print '
'; print '
'; - + print '
'; print '
'.$langs->trans("NoteNotVisibleOnBill").''; - + // We use dolibarr_details as type of DolEditor here, because we must not accept images as description is included into PDF and not accepted by TCPDF. $doleditor = new DolEditor('note_private', GETPOST('note_private'), '', 140, 'dolibarr_details', '', false, true, $conf->global->FCKEDITOR_ENABLE_PRODUCTDESC, ROWS_8, '90%'); $doleditor->Create(); - + print "
'.$langs->trans("Categories").''; @@ -1119,7 +1119,7 @@ else // Accountancy codes print ''; - + if (! empty($conf->accounting->enabled)) { // Accountancy_code_sell @@ -1133,8 +1133,8 @@ else print ''; - } - else // For external software + } + else // For external software { // Accountancy_code_sell print ''; @@ -1378,7 +1378,7 @@ else } // Tags-Categories - if ($conf->categorie->enabled) + if ($conf->categorie->enabled) { print '"; } - + print '
'; print $formaccountancy->select_account(GETPOST('accountancy_code_buy'), 'accountancy_code_buy', 1, null, 1, 1, ''); print '
'.$langs->trans("ProductAccountancySellCode").'
'.$langs->trans("Categories").''; $cate_arbo = $form->select_all_categories(Categorie::TYPE_PRODUCT, '', 'parent', 64, 0, 1); @@ -1395,13 +1395,13 @@ else if (! empty($conf->global->MAIN_DISABLE_NOTES_TAB)) { print '
'.$langs->trans("NoteNotVisibleOnBill").''; - + $doleditor = new DolEditor('note_private', $object->note_private, '', 140, 'dolibarr_notes', '', false, true, $conf->global->FCKEDITOR_ENABLE_PRODUCTDESC, ROWS_4, '90%'); $doleditor->Create(); - + print "
'; print '
'; @@ -1421,8 +1421,8 @@ else print '		'; print $formaccountancy->select_account($object->accountancy_code_buy, 'accountancy_code_buy', 1, '', 1, 1); print '
'.$langs->trans("ProductAccountancySellCode").'
'; - + // Type if (! empty($conf->produit->enabled) && ! empty($conf->service->enabled)) { @@ -1574,7 +1577,7 @@ else } print ''; */ - + // Batch number management (to batch) if (! empty($conf->productbatch->enabled)) { print '
'.$langs->trans("ManageLotSerial").''; @@ -1597,10 +1600,10 @@ else print '
'; print ''; print '
'; - + print '
'; print ''; - + // Nature if($object->type!= Product::TYPE_SERVICE) { @@ -1722,13 +1725,13 @@ else print ''."\n"; print ' '."\n"; } - + print "
'.$langs->trans("NotePrivate").''.(dol_textishtml($object->note_private)?$object->note_private:dol_nl2br($object->note_private,1,true)).'
\n"; print '
'; - + print '
'; print '
'; - + dol_fiche_end(); } @@ -1795,7 +1798,7 @@ if (empty($reshook)) { if ($action == '' || $action == 'view') { - if (($object->type == Product::TYPE_PRODUCT && $user->rights->produit->creer ) || + if (($object->type == Product::TYPE_PRODUCT && $user->rights->produit->creer ) || ($object->type == Product::TYPE_SERVICE && $user->rights->service->creer)) { if (! isset($object->no_button_edit) || $object->no_button_edit <> 1) print '
id.'">'.$langs->trans("Modify").'
'; @@ -1940,7 +1943,7 @@ if (! empty($conf->global->PRODUCT_ADD_FORM_ADD_TO) && $object->id && ($action = print ''; print load_fiche_titre($langs->trans("AddToDraft"),'',''); - + dol_fiche_head(''); $html .= ''.$langs->trans("Quantity").' '; @@ -1952,7 +1955,7 @@ if (! empty($conf->global->PRODUCT_ADD_FORM_ADD_TO) && $object->id && ($action = print ''; print $html; print '
'; - + print '
'; print ''; print '
'; @@ -1979,10 +1982,10 @@ if ($action == '' || $action == 'view') $delallowed=$user->rights->produit->supprimer; $var=true; - + print $formfile->showdocuments($modulepart,$object->ref,$filedir,$urlsource,$genallowed,$delallowed,'',0,0,0,28,0,'',0,'',$object->default_lang, '', $object); $somethingshown=$formfile->numoffiles; - + print '
'; print '
'; diff --git a/htdocs/product/composition/card.php b/htdocs/product/composition/card.php index 230a3dbee23..5f3aed85cdd 100644 --- a/htdocs/product/composition/card.php +++ b/htdocs/product/composition/card.php @@ -86,8 +86,8 @@ if ($action == 'add_prod' && ($user->rights->produit->creer || $user->rights->se $action = 're-edit'; if ($object->error == "isFatherOfThis") { setEventMessages($langs->trans("ErrorAssociationIsFatherOfThis"), null, 'errors'); - } - else + } + else { setEventMessages($object->error, $object->errors, 'errors'); } @@ -204,15 +204,18 @@ if ($id > 0 || ! empty($ref)) if ($user->rights->produit->lire || $user->rights->service->lire) { $linkback = ''.$langs->trans("BackToList").''; - - dol_banner_tab($object, 'ref', $linkback, ($user->societe_id?0:1), 'ref', '', '', '', 0, '', '', 1); - + + $shownav = 1; + if ($user->societe_id && ! in_array('product', explode(',',$conf->global->MAIN_MODULES_FOR_EXTERNAL))) $shownav=0; + + dol_banner_tab($object, 'ref', $linkback, $shownav, 'ref', '', '', '', 0, '', '', 1); + if ($object->type!=Product::TYPE_SERVICE || empty($conf->global->PRODUIT_MULTIPRICES)) { - print '
'; + print '
'; print ''; } - + // Nature if ($object->type!=Product::TYPE_SERVICE) { @@ -256,11 +259,11 @@ if ($id > 0 || ! empty($ref)) dol_fiche_end(); print '
'; - + $prodsfather = $object->getFather(); // Parent Products $object->get_sousproduits_arbo(); // Load $object->sousprods - $prods_arbo=$object->get_arbo_each_prod(); - + $prods_arbo=$object->get_arbo_each_prod(); + $nbofsubsubproducts=count($prods_arbo); // This include sub sub product into nb $prodschild = $object->getChildsArbo($id,1); $nbofsubproducts=count($prodschild); // This include only first level of childs @@ -369,7 +372,7 @@ if ($id > 0 || ! empty($ref)) $totalline=price2num($value['nb'] * ($product_fourn->fourn_unitprice * (1 - $product_fourn->fourn_remise_percent/100) + $product_fourn->fourn_unitcharges - $product_fourn->fourn_remise), 'MT'); $total+=$totalline; - + print ''; @@ -385,7 +388,7 @@ if ($id > 0 || ! empty($ref)) print ''; - + // Stock if (! empty($conf->stock->enabled)) print ''; // Real stock @@ -424,7 +427,7 @@ if ($id > 0 || ! empty($ref)) // Best selling price print ''; print ''; - + if (! empty($conf->stock->enabled)) print ''; // Real stock print ''; print ''; @@ -456,7 +459,7 @@ if ($id > 0 || ! empty($ref)) if ($atleastonenotdefined) print $langs->trans("Unknown").' ('.$langs->trans("SomeSubProductHaveNoPrices").')'; print ($atleastonenotdefined?'':price($totalsell,'','',0,0,-1,$conf->currency)); print ''; - + // Stock if (! empty($conf->stock->enabled)) print ''; diff --git a/htdocs/product/document.php b/htdocs/product/document.php index 2e241d9c156..0f1c74135b0 100644 --- a/htdocs/product/document.php +++ b/htdocs/product/document.php @@ -72,7 +72,7 @@ if ($id > 0 || ! empty($ref)) if (! empty($conf->product->enabled)) $upload_dir = $conf->product->multidir_output[$object->entity].'/'.get_exdir(0, 0, 0, 0, $object, 'product').dol_sanitizeFileName($object->ref); elseif (! empty($conf->service->enabled)) $upload_dir = $conf->service->multidir_output[$object->entity].'/'.get_exdir(0, 0, 0, 0, $object, 'product').dol_sanitizeFileName($object->ref); - + if (! empty($conf->global->PRODUCT_USE_OLD_PATH_FOR_PHOTO)) // For backward compatiblity, we scan also old dirs { if (! empty($conf->product->enabled)) $upload_dirold = $conf->product->multidir_output[$object->entity].'/'.substr(substr("000".$object->id, -2),1,1).'/'.substr(substr("000".$object->id, -2),0,1).'/'.$object->id."/photos"; @@ -210,11 +210,14 @@ if ($object->id) $linkback = ''.$langs->trans("BackToList").''; - - dol_banner_tab($object, 'ref', $linkback, ($user->societe_id?0:1), 'ref'); - + + $shownav = 1; + if ($user->societe_id && ! in_array('product', explode(',',$conf->global->MAIN_MODULES_FOR_EXTERNAL))) $shownav=0; + + dol_banner_tab($object, 'ref', $linkback, $shownav, 'ref'); + print '
'; - + print '
'; print '
'; print ($notdefined?'':($value['nb']> 1 ? $value['nb'].'x' : '').price($product_fourn->fourn_unitprice,'','',0,0,-1,$conf->currency)); print ''; print ($notdefined?'':($value['nb']> 1 ? $value['nb'].'x' : '').price($pricesell,'','',0,0,-1,$conf->currency)); print ''.$value['stock'].'  '.$value['nb'].'  
'; @@ -224,14 +227,14 @@ if ($object->id) print ''; print '
'; - + dol_fiche_end(); $permission = (($object->type == Product::TYPE_PRODUCT && $user->rights->produit->creer) || ($object->type == Product::TYPE_SERVICE && $user->rights->service->creer)); $param = '&id=' . $object->id; include_once DOL_DOCUMENT_ROOT . '/core/tpl/document_actions_post_headers.tpl.php'; - + // Merge propal PDF document PDF files if (!empty($conf->global->PRODUIT_PDF_MERGE_PROPAL)) { @@ -307,17 +310,17 @@ if ($object->id) $checked = ''; $filename = $filetoadd['name']; - if ($conf->global->MAIN_MULTILANGS) + if ($conf->global->MAIN_MULTILANGS) { - if (array_key_exists($filetoadd['name'] . '_' . $delauft_lang, $filetomerge->lines)) + if (array_key_exists($filetoadd['name'] . '_' . $delauft_lang, $filetomerge->lines)) { $filename = $filetoadd['name'] . ' - ' . $langs->trans('Language_' . $delauft_lang); $checked = ' checked '; } } - else + else { - if (array_key_exists($filetoadd['name'], $filetomerge->lines)) + if (array_key_exists($filetoadd['name'], $filetomerge->lines)) { $checked = ' checked '; } diff --git a/htdocs/product/fournisseurs.php b/htdocs/product/fournisseurs.php index 1d54495b605..5413bee8630 100644 --- a/htdocs/product/fournisseurs.php +++ b/htdocs/product/fournisseurs.php @@ -98,7 +98,7 @@ if (empty($reshook)) if ($id) { $result=$object->fetch($id); - $object->cost_price = price2num($cost_price); + $object->cost_price = price2num($cost_price); $result=$object->update($object->id, $user); if ($result > 0) { @@ -112,7 +112,7 @@ if (empty($reshook)) } } } - + if ($action == 'confirm_remove_pf') { if ($rowid) // id of product supplier price to remove @@ -299,20 +299,23 @@ if ($id > 0 || $ref) $formconfirm = $form->formconfirm($_SERVER["PHP_SELF"] . '?id=' . $id . '&rowid=' . $rowid, $langs->trans('DeleteProductBuyPrice'), $langs->trans('ConfirmDeleteProductBuyPrice'), 'confirm_remove_pf', '', 0, 1); echo $formconfirm; } - + if ($action <> 'edit' && $action <> 're-edit') { $head=product_prepare_head($object); $titre=$langs->trans("CardProduct".$object->type); $picto=($object->type== Product::TYPE_SERVICE?'service':'product'); dol_fiche_head($head, 'suppliers', $titre, 0, $picto); - + $linkback = ''.$langs->trans("BackToList").''; - - dol_banner_tab($object, 'ref', $linkback, ($user->societe_id?0:1), 'ref'); - + + $shownav = 1; + if ($user->societe_id && ! in_array('product', explode(',',$conf->global->MAIN_MODULES_FOR_EXTERNAL))) $shownav=0; + + dol_banner_tab($object, 'ref', $linkback, $shownav, 'ref'); + print '
'; - + print '
'; print '
'; @@ -337,14 +340,14 @@ if ($id > 0 || $ref) print ''; - + print '
'; print $form->editfieldval($text,'cost_price',$object->cost_price,$object,$user->rights->produit->creer||$user->rights->service->creer,'amount:6'); print '
'; print ''; print '
'; - + dol_fiche_end(); - + // Form to add or update a price if (($action == 'add_price' || $action == 'updateprice' ) && ($user->rights->produit->creer || $user->rights->service->creer)) @@ -364,7 +367,7 @@ if ($id > 0 || $ref) print ''; print ''; print ''; - + dol_fiche_head(); print ''; @@ -449,11 +452,11 @@ if ($id > 0 || $ref) $default_vat=get_default_tva($mysoc2, $mysoc, $object->id, 0); $default_npr=get_default_npr($mysoc2, $mysoc, $object->id, 0); if (empty($default_vat)) $default_npr=$default_vat; - + print ''; print '
'.$langs->trans("VATRateForSupplierProduct").''; //print $form->load_tva('tva_tx',$object->tva_tx,$supplier,$mysoc); // Do not use list here as it may be any vat rates for any country - if (! empty($rowid)) // If we have a supplier, it is an update, we must show the vat of current supplier price + if (! empty($rowid)) // If we have a supplier, it is an update, we must show the vat of current supplier price { $tmpproductsupplier=new ProductFournisseur($db); $tmpproductsupplier->fetch_product_fournisseur_price($rowid, 1); @@ -462,7 +465,7 @@ if ($id > 0 || $ref) } else { - if (empty($default_vat)) + if (empty($default_vat)) { $default_vat=$object->tva_tx; } @@ -588,7 +591,7 @@ if ($id > 0 || $ref) $product_fourn_list = $product_fourn->list_product_fournisseur_price($object->id, $sortfield, $sortorder); $nbtotalofrecords = count($product_fourn_list); print_barre_liste($langs->trans('SupplierPrices'), $page, $_SERVEUR ['PHP_SELF'], $option, $sortfield, $sortorder, '', count($product_fourn_list), $nbtotalofrecords, 'title_accountancy.png'); - + // Suppliers list title print '
'; print ''; @@ -607,7 +610,7 @@ if ($id > 0 || $ref) print_liste_field_titre($langs->trans("DiscountQtyMin"),$_SERVER["PHP_SELF"],'','',$param,'align="right"',$sortfield,$sortorder); print_liste_field_titre($langs->trans("NbDaysToDelivery"),$_SERVER["PHP_SELF"],"pfp.delivery_time_days","",$param,'align="right"',$sortfield,$sortorder); print_liste_field_titre($langs->trans("ReputationForThisProduct"),$_SERVER["PHP_SELF"],"pfp.supplier_reputation","",$param,'align="center"',$sortfield,$sortorder); - + // Charges ???? if ($conf->global->PRODUCT_CHARGES) { @@ -628,7 +631,7 @@ if ($id > 0 || $ref) // Supplier print ''; - + // Supplier print ''; @@ -674,8 +677,8 @@ if ($id > 0 || $ref) // Reputation print ''; // Charges ???? diff --git a/htdocs/product/info.php b/htdocs/product/info.php index e29d1a168cb..58e7998ad47 100644 --- a/htdocs/product/info.php +++ b/htdocs/product/info.php @@ -87,7 +87,7 @@ if ($id > 0 || $ref) exit; } - + $head=product_prepare_head($object); $titre=$langs->trans("CardProduct".$object->type); $picto=($object->type== Product::TYPE_SERVICE?'service':'product'); @@ -95,8 +95,11 @@ if ($id > 0 || $ref) $linkback = ''.$langs->trans("BackToList").''; - dol_banner_tab($object, 'ref', $linkback, ($user->societe_id?0:1), 'ref'); - + $shownav = 1; + if ($user->societe_id && ! in_array('product', explode(',',$conf->global->MAIN_MODULES_FOR_EXTERNAL))) $shownav=0; + + dol_banner_tab($object, 'ref', $linkback, $shownav, 'ref'); + $object->info($object->id); print '
'; @@ -104,11 +107,11 @@ if ($id > 0 || $ref) print '
'; print '
'; - + dol_print_object_info($object); print '
'; - + dol_fiche_end(); } diff --git a/htdocs/product/note.php b/htdocs/product/note.php index 9a914527a83..2d71c2ff1a3 100644 --- a/htdocs/product/note.php +++ b/htdocs/product/note.php @@ -90,21 +90,24 @@ if ($id > 0 || ! empty($ref)) $head = product_prepare_head($object); $titre=$langs->trans("CardProduct".$object->type); $picto=($object->type==Product::TYPE_SERVICE?'service':'product'); - + dol_fiche_head($head, 'note', $titre, 0, $picto); $linkback = ''.$langs->trans("BackToList").''; - dol_banner_tab($object, 'ref', $linkback, ($user->societe_id?0:1), 'ref'); + $shownav = 1; + if ($user->societe_id && ! in_array('product', explode(',',$conf->global->MAIN_MODULES_FOR_EXTERNAL))) $shownav=0; + + dol_banner_tab($object, 'ref', $linkback, $shownav, 'ref'); $cssclass='titlefield'; //if ($action == 'editnote_public') $cssclass='titlefieldcreate'; //if ($action == 'editnote_private') $cssclass='titlefieldcreate'; - + //print '
'; - + print '
'; - + include DOL_DOCUMENT_ROOT.'/core/tpl/notes.tpl.php'; dol_fiche_end(); diff --git a/htdocs/product/price.php b/htdocs/product/price.php index 607d6e07097..b18c3b8828a 100644 --- a/htdocs/product/price.php +++ b/htdocs/product/price.php @@ -90,9 +90,9 @@ if (empty($reshook)) { if (GETPOST("button_removefilter_x") || GETPOST("button_removefilter.x") || GETPOST("button_removefilter")) // All tests are required to be compatible with all browsers { - $search_soc = ''; + $search_soc = ''; } - + if ($action == 'setlabelsellingprice' && $user->admin) { require_once DOL_DOCUMENT_ROOT . '/core/lib/admin.lib.php'; @@ -100,7 +100,7 @@ if (empty($reshook)) dolibarr_set_const($db, $keyforlabel, GETPOST('labelsellingprice','alpha'), 'chaine', 0, '', $conf->entity); $action = ''; } - + if (($action == 'update_vat') && !$cancel && ($user->rights->produit->creer || $user->rights->service->creer)) { $tva_tx_txt = GETPOST('tva_tx', 'alpha'); // tva_tx can be '8.5' or '8.5*' or '8.5 (XXX)' or '8.5* (XXX)' @@ -149,14 +149,14 @@ if (empty($reshook)) $error++; setEventMessages($object->error, $object->errors, 'errors'); } - + if ($error) { //$localtaxarray=array('0'=>$localtax1_type,'1'=>$localtax1,'2'=>$localtax2_type,'3'=>$localtax2); $localtaxarray=array(); // We do not store localtaxes into product, we will use instead the "vat code" to retreive them. $object->updatePrice(0, $object->price_base_type, $user, $tva_tx, '', 0, $npr, 0, 0, $localtaxarray, $vatratecode); } - + if (! $error) { $db->commit(); @@ -165,10 +165,10 @@ if (empty($reshook)) { $db->rollback(); } - + $action=''; } - + if (($action == 'update_price') && !$cancel && $object->getRights()->creer) { $error = 0; @@ -208,14 +208,14 @@ if (empty($reshook)) //Shall we generate prices using price rules? $object->price_autogen = GETPOST('usePriceRules') == 'on'; - for ($i = 1; $i <= $conf->global->PRODUIT_MULTIPRICES_LIMIT; $i ++) + for ($i = 1; $i <= $conf->global->PRODUIT_MULTIPRICES_LIMIT; $i ++) { if (!isset($newprice[$i])) { continue; } $tva_tx_txt = $newvattx[$i]; - + $vatratecode = ''; $tva_tx = preg_replace('/[^0-9\.].*$/', '', $tva_tx_txt); // keep remove all after the numbers and dot $npr = preg_match('/\*/', $tva_tx_txt) ? 1 : 0; @@ -242,7 +242,7 @@ if (empty($reshook)) $localtax2 = $obj->localtax2; $localtax1_type = $obj->localtax1_type; $localtax2_type = $obj->localtax2_type; - } + } } $pricestoupdate[$i] = array( @@ -469,7 +469,7 @@ if (empty($reshook)) $prodcustprice->price_base_type = GETPOST("price_base_type", 'alpha'); $tva_tx_txt = GETPOST("tva_tx"); - + $vatratecode = ''; // We must define tva_tx, npr and local taxes $tva_tx = preg_replace('/[^0-9\.].*$/', '', $tva_tx_txt); // keep remove all after the numbers and dot @@ -496,8 +496,8 @@ if (empty($reshook)) $localtax1_type = $obj->localtax1_type; $localtax2_type = $obj->localtax2_type; } - } - + } + $prodcustprice->default_vat_code = $vatratecode; $prodcustprice->tva_tx = $tva_tx; $prodcustprice->recuperableonly = $npr; @@ -505,7 +505,7 @@ if (empty($reshook)) $prodcustprice->localtax2_tx = $localtax2; $prodcustprice->localtax1_type = $localtax1_type; $prodcustprice->localtax2_type = $localtax2_type; - + if (! ($prodcustprice->fk_soc > 0)) { $langs->load("errors"); @@ -591,7 +591,7 @@ if (empty($reshook)) $localtax2_type = $obj->localtax2_type; } } - + $prodcustprice->default_vat_code = $vatratecode; $prodcustprice->tva_tx = $tva_tx; $prodcustprice->recuperableonly = $npr; @@ -599,7 +599,7 @@ if (empty($reshook)) $prodcustprice->localtax2_tx = $localtax2; $prodcustprice->localtax1_type = $localtax1_type; $prodcustprice->localtax2_type = $localtax2_type; - + if ($prodcustprice->price_min < $maxpricesupplier && !empty($conf->global->PRODUCT_MINIMUM_RECOMMENDED_PRICE)) { setEventMessages($langs->trans("MinimumPriceLimit",price($maxpricesupplier,0,'',1,-1,-1,'auto')), null, 'errors'); @@ -658,7 +658,10 @@ dol_fiche_head($head, 'price', $titre, 0, $picto); $linkback = ''.$langs->trans("BackToList").''; -dol_banner_tab($object, 'ref', $linkback, ($user->societe_id?0:1), 'ref'); +$shownav = 1; +if ($user->societe_id && ! in_array('product', explode(',',$conf->global->MAIN_MODULES_FOR_EXTERNAL))) $shownav=0; + +dol_banner_tab($object, 'ref', $linkback, $shownav, 'ref'); print '
'; @@ -702,7 +705,7 @@ if (! empty($conf->global->PRODUIT_MULTIPRICES)) print price($object->multiprices_min[$soc->price_level]) . ' ' . $langs->trans(empty($object->multiprices_base_type[$soc->price_level])?'HT':$object->multiprices_base_type[$soc->price_level]); } print '
'; - + if (! empty($conf->global->PRODUIT_MULTIPRICES_USE_VAT_PER_LEVEL)) // using this option is a bug. kept for backward compatibility { // TVA @@ -719,7 +722,7 @@ if (! empty($conf->global->PRODUIT_MULTIPRICES)) else print vatrate($object->tva_tx . ($object->tva_npr ? '*' : ''), true); print ''; } - + } else { @@ -742,9 +745,9 @@ if (! empty($conf->global->PRODUIT_MULTIPRICES)) print ''; } print '
'.$productfourn->getSocNomUrl(1,'supplier').''.$productfourn->fourn_ref.''; if (!empty($productfourn->supplier_reputation) && !empty($object->reputations[$productfourn->supplier_reputation])) { - print $object->reputations[$productfourn->supplier_reputation]; - } + print $object->reputations[$productfourn->supplier_reputation]; + } print'
'; - + print '
'; - + print ''; print ''; $var=True; - + for($i = 1; $i <= $conf->global->PRODUIT_MULTIPRICES_LIMIT; $i++) { $var = ! $var; - + print ''; // Label of price @@ -824,7 +827,7 @@ if (! empty($conf->global->PRODUIT_MULTIPRICES)) print ''; print ''; print ''; - foreach ($object->prices_by_qty_list[$i] as $ii => $prices) + foreach ($object->prices_by_qty_list[$i] as $ii => $prices) { if ($action == 'edit_price_by_qty' && $rowid == $prices['rowid'] && ($user->rights->produit->creer || $user->rights->service->creer)) { print ''; @@ -882,15 +885,15 @@ if (! empty($conf->global->PRODUIT_MULTIPRICES)) } } } -} -else +} +else { // TVA print ''; @@ -1021,18 +1024,18 @@ if (! $action || $action == 'delete' || $action == 'showlog_customer_price' || $ print '
id . '">' . $langs->trans("AddCustomerPrice") . '
'; } } - + if (! empty($conf->global->PRODUIT_MULTIPRICES)) { if ($user->rights->produit->creer || $user->rights->service->creer) { print '
' . $langs->trans("UpdateVAT") . '
'; } - + if ($user->rights->produit->creer || $user->rights->service->creer) { print '
' . $langs->trans("UpdateLevelPrices") . '
'; } } - + print "\n\n"; } @@ -1041,7 +1044,7 @@ if (! $action || $action == 'delete' || $action == 'showlog_customer_price' || $ /* * Edit price area */ - + if ($action == 'edit_vat' && ($user->rights->produit->creer || $user->rights->service->creer)) { print load_fiche_titre($langs->trans("UpdateVAT"), ''); @@ -1052,9 +1055,9 @@ if ($action == 'edit_vat' && ($user->rights->produit->creer || $user->rights->se print ''; dol_fiche_head(''); - + print '
'; print $langs->trans("PriceLevel"); @@ -755,11 +758,11 @@ if (! empty($conf->global->PRODUIT_MULTIPRICES)) print '
' . $langs->trans("Discount") . ' 
' . $langs->trans("VATRate") . ''; if ($object->default_vat_code) { print vatrate($object->tva_tx, true) . ' ('.$object->default_vat_code.')'; - } + } else print vatrate($object->tva_tx, true, $object->tva_npr, true); print '
'; - + // VAT print ''; - + // Price base print '"; $tva_tx = $line->default_vat_code ? $line->tva_tx.' ('.$line->default_vat_code.')' : $line->tva_tx; - + print '"; print '"; print '"; @@ -1756,7 +1759,7 @@ if (! empty($conf->global->PRODUIT_CUSTOMER_PRICES)) { // List of all prices by customers print ''."\n"; - + // Count total nb of records $nbtotalofrecords = ''; if (empty($conf->global->MAIN_DISABLE_FULL_SCANLIST)) { @@ -1802,15 +1805,15 @@ if (! empty($conf->global->PRODUIT_CUSTOMER_PRICES)) print ''; print ''; } - + $var = False; - - + + // Line for default price print ""; print ""; print ""; - + print '"; print '"; print '"; @@ -1834,21 +1837,21 @@ if (! empty($conf->global->PRODUIT_CUSTOMER_PRICES)) } print "\n"; - + if (count($prodcustprice->lines) > 0) { $var = false; foreach ($prodcustprice->lines as $line) { $var = ! $var; - + print ""; // Date $staticsoc = new Societe($db); $staticsoc->fetch($line->fk_soc); $tva_tx = $line->default_vat_code ? $line->tva_tx.' ('.$line->default_vat_code.')' : $line->tva_tx; - + print ""; print ""; diff --git a/htdocs/product/stats/card.php b/htdocs/product/stats/card.php index d0a85756c04..7272524f9e3 100644 --- a/htdocs/product/stats/card.php +++ b/htdocs/product/stats/card.php @@ -124,8 +124,11 @@ if (! empty($id) || ! empty($ref) || GETPOST('id') == 'all') dol_fiche_head($head, 'stats', $titre, 0, $picto); $linkback = ''.$langs->trans("BackToList").''; - - dol_banner_tab($object, 'ref', $linkback, ($user->societe_id?0:1), 'ref', '', '', '', 0, '', '', 1); + + $shownav = 1; + if ($user->societe_id && ! in_array('product', explode(',',$conf->global->MAIN_MODULES_FOR_EXTERNAL))) $shownav=0; + + dol_banner_tab($object, 'ref', $linkback, $shownav, 'ref', '', '', '', 0, '', '', 1); dol_fiche_end(); } @@ -323,15 +326,15 @@ if (! empty($id) || ! empty($ref) || GETPOST('id') == 'all') foreach($graphfiles as $key => $val) { if (! $graphfiles[$key]['file']) continue; - + if ($graphfiles == 'propal' && ! $user->rights->propale->lire) continue; if ($graphfiles == 'order' && ! $user->rights->commande->lire) continue; if ($graphfiles == 'invoices' && ! $user->rights->facture->lire) continue; if ($graphfiles == 'proposals_suppliers' && ! $user->rights->supplier_proposal->lire) continue; if ($graphfiles == 'invoices_suppliers' && ! $user->rights->fournisseur->facture->lire) continue; if ($graphfiles == 'orders_suppliers' && ! $user->rights->fournisseur->commande->lire) continue; - - + + if ($i % 2 == 0) { print "\n".'
'."\n"; @@ -340,7 +343,7 @@ if (! empty($id) || ! empty($ref) || GETPOST('id') == 'all') { print "\n".'
'."\n"; } - + // Date generation if ($graphfiles[$key]['output'] && ! $px->isGraphKo()) { @@ -352,7 +355,7 @@ if (! empty($id) || ! empty($ref) || GETPOST('id') == 'all') print $dategenerated=($mesg?''.$mesg.'':$langs->trans("ChartNotGenerated")); } $linktoregenerate='id).((string) $type != ''?'&type='.$type:'').'&action=recalcul&mode='.$mode.'">'.img_picto($langs->trans("ReCalculate").' ('.$dategenerated.')','refresh').''; - + // Show graph print '
' . $langs->trans("VATRate") . ''; print $form->load_tva("tva_tx", $object->default_vat_code ? $object->tva_tx.' ('.$object->default_vat_code.')' : $object->tva_tx, $mysoc, '', $object->id, $object->tva_npr, $object->type, false, 1); @@ -1072,7 +1075,7 @@ if ($action == 'edit_vat' && ($user->rights->produit->creer || $user->rights->se print '

'; } - + if ($action == 'edit_price' && $object->getRights()->creer) { print load_fiche_titre($langs->trans("NewPrice"), ''); @@ -1085,7 +1088,7 @@ if ($action == 'edit_price' && $object->getRights()->creer) print ''; dol_fiche_head(''); - + print ''; // VAT @@ -1168,7 +1171,7 @@ if ($action == 'edit_price' && $object->getRights()->creer) } print ''; print ''; - + print '
'; dol_fiche_end(); @@ -1213,21 +1216,21 @@ if ($action == 'edit_price' && $object->getRights()->creer) print ''; dol_fiche_head(''); - + if (! empty($conf->global->PRODUIT_MULTIPRICES) && ! empty($conf->global->PRODUIT_MULTIPRICES_ALLOW_AUTOCALC_PRICELEVEL)) { print $langs->trans('UseMultipriceRules'). ' price_autogen ? 'checked' : '').'>

'; } print ''; print ''; - + print ''; if (!empty($conf->global->PRODUIT_MULTIPRICES_USE_VAT_PER_LEVEL)) print ''; else print ''; - + print ''; - + print ''; if (!empty($conf->global->PRODUCT_MINIMUM_RECOMMENDED_PRICE)) { @@ -1236,9 +1239,9 @@ if ($action == 'edit_price' && $object->getRights()->creer) print ''; print ''; - + $var = false; - for ($i = 1; $i <= $conf->global->PRODUIT_MULTIPRICES_LIMIT; $i ++) + for ($i = 1; $i <= $conf->global->PRODUIT_MULTIPRICES_LIMIT; $i ++) { $var = !$var; @@ -1291,11 +1294,11 @@ if ($action == 'edit_price' && $object->getRights()->creer) } print ''; - + print '
'.$langs->trans("PriceLevel").''.$langs->trans("VATRate").''.$langs->trans("SellingPrice").''.$langs->trans("MinPrice").'
'; - + dol_fiche_end(); - + print '
'; print ''; print '   '; @@ -1321,48 +1324,48 @@ if ((empty($conf->global->PRODUIT_CUSTOMER_PRICES) || $action=='showlog_default_ if (! empty($socid) && ! empty($conf->global->PRODUIT_MULTIPRICES)) $sql .= " AND p.price_level = " . $soc->price_level; $sql .= " ORDER BY p.date_price DESC, p.rowid DESC, p.price_level ASC"; // $sql .= $db->plimit(); - + $result = $db->query($sql); if ($result) { $num = $db->num_rows($result); - + if (! $num) { $db->free($result); - + // Il doit au moins y avoir la ligne de prix initial. // On l'ajoute donc pour remettre a niveau (pb vieilles versions) $object->updatePrice($object->price, $object->price_base_type, $user, $newprice_min); - + $result = $db->query($sql); $num = $db->num_rows($result); } - + if ($num > 0) { // Default prices or // Log of previous customer prices $backbutton='' . $langs->trans("Back") . ''; - + if (! empty($conf->global->PRODUIT_CUSTOMER_PRICES)) print_barre_liste($langs->trans("DefaultPrice"), 0, $_SERVER["PHP_SELF"], '', '', '', $backbutton, $num, $num, 'title_accountancy.png'); else print_barre_liste($langs->trans("PriceByCustomerLog"), 0, $_SERVER["PHP_SELF"], '', '', '', '', $num, $num, 'title_accountancy.png'); //if (! empty($conf->global->PRODUIT_CUSTOMER_PRICES)) print_barre_liste($langs->trans("DefaultPrice"),'','','','','',$backbutton, 0, 0, 'title_accountancy.png'); //else print_barre_liste($langs->trans("PriceByCustomerLog"),'','','','','','', 0, 0, 'title_accountancy.png'); - + print '
'; print ''; - + print ''; print ''; - + if (! empty($conf->global->PRODUIT_MULTIPRICES)) { print ''; } if (! empty($conf->global->PRODUIT_CUSTOMER_PRICES_BY_QTY)) { print ''; } - + print ''; print $conf->global->PRODUIT_MULTIPRICES_USE_VAT_PER_LEVEL; if (empty($conf->global->PRODUIT_MULTIPRICES)) print ''; @@ -1377,9 +1380,9 @@ if ((empty($conf->global->PRODUIT_CUSTOMER_PRICES) || $action=='showlog_default_ if ($user->rights->produit->supprimer) print ''; print ''; - + $notfirstlineforlevel=array(); - + $var = True; $i = 0; while ($i < $num) @@ -1389,7 +1392,7 @@ if ((empty($conf->global->PRODUIT_CUSTOMER_PRICES) || $action=='showlog_default_ print ''; // Date print ""; - + // Price level if (! empty($conf->global->PRODUIT_MULTIPRICES)) { print '"; @@ -1400,9 +1403,9 @@ if ((empty($conf->global->PRODUIT_CUSTOMER_PRICES) || $action=='showlog_default_ $type = ($objp->price_by_qty == 1) ? 'PriceByQuantity' : 'Standard'; print '"; } - + print '"; - if (empty($conf->global->PRODUIT_MULTIPRICES)) + if (empty($conf->global->PRODUIT_MULTIPRICES)) { print '"; } - + // Price if (! empty($objp->fk_price_expression) && ! empty($conf->dynamicprices->enabled)) { @@ -1433,23 +1436,23 @@ if ((empty($conf->global->PRODUIT_CUSTOMER_PRICES) || $action=='showlog_default_ } print ''; print ''; - + // User print ''; - + // Action if ($user->rights->produit->supprimer) { $candelete=0; - if (! empty($conf->global->PRODUIT_MULTIPRICES)) + if (! empty($conf->global->PRODUIT_MULTIPRICES)) { if (empty($notfirstlineforlevel[$objp->price_level])) $notfirstlineforlevel[$objp->price_level]=1; else $candelete=1; } elseif ($i > 0) $candelete=1; - + print ''; } - + print "\n"; $i++; } - + $db->free($result); print "
' . $langs->trans("AppliedPricesFrom") . '' . $langs->trans("PriceLevel") . '' . $langs->trans("Type") . '' . $langs->trans("PriceBase") . '' . $langs->trans("VATRate") . ' 
" . dol_print_date($db->jdate($objp->dp), "dayhour") . "' . $objp->price_level . "' . $langs->trans($type) . "' . $langs->trans($objp->price_base_type) . "'; if ($objp->default_vat_code) @@ -1412,7 +1415,7 @@ if ((empty($conf->global->PRODUIT_CUSTOMER_PRICES) || $action=='showlog_default_ else print vatrate($objp->tva_tx, true, $objp->recuperableonly); print "' . ($objp->price_base_type != 'TTC' ? price($objp->price_min) : '') . '' . ($objp->price_base_type == 'TTC' ? price($objp->price_min_ttc) : '') . '' . img_object($langs->trans("ShowUser"), 'user') . ' ' . $objp->login . ''; - if ($candelete) + if ($candelete) { print 'id . '&lineid=' . $objp->rowid . '">'; print img_delete(); @@ -1458,11 +1461,11 @@ if ((empty($conf->global->PRODUIT_CUSTOMER_PRICES) || $action=='showlog_default_ print ' '; // Can not delete last price (it's current price) print '
"; print '
'; @@ -1511,9 +1514,9 @@ if (! empty($conf->global->PRODUIT_CUSTOMER_PRICES)) print ''; print ''; print ''; - + dol_fiche_head(); - + print ''; print ''; print ''; @@ -1575,7 +1578,7 @@ if (! empty($conf->global->PRODUIT_CUSTOMER_PRICES)) print '
' . $langs->trans('ThirdParty') . '
'; dol_fiche_end(); - + print '
'; print ''; print '     '; @@ -1612,7 +1615,7 @@ if (! empty($conf->global->PRODUIT_CUSTOMER_PRICES)) print '
' . $langs->trans("VATRate") . ''; print $form->load_tva("tva_tx", $prodcustprice->default_vat_code ? $prodcustprice->tva_tx.' ('.$prodcustprice->default_vat_code.')' : $prodcustprice->tva_tx, $mysoc, '', $object->id, $prodcustprice->recuperableonly, $object->type, false, 1); print '
'; print $langs->trans('PriceBase'); @@ -1689,12 +1692,12 @@ if (! empty($conf->global->PRODUIT_CUSTOMER_PRICES)) $staticsoc = new Societe($db); $staticsoc->fetch(GETPOST('socid', 'int')); - + $title=$langs->trans('PriceByCustomerLog'); $title.=' - '.$staticsoc->getNomUrl(1); $backbutton='' . $langs->trans("Back") . ''; - + print_barre_liste($title, $page, $_SERVEUR['PHP_SELF'], $option, $sortfield, $sortorder, $backbutton, count($prodcustprice->lines), $nbtotalofrecords, 'title_accountancy.png'); if (count($prodcustprice->lines) > 0) @@ -1732,7 +1735,7 @@ if (! empty($conf->global->PRODUIT_CUSTOMER_PRICES)) print "" . dol_print_date($line->datec, "dayhour") . "' . $langs->trans($line->price_base_type) . "' . vatrate($tva_tx, true, $line->recuperableonly) . "' . price($line->price) . "
" . $langs->trans("Default") . "" . "' . $langs->trans($object->price_base_type) . "' . vatrate($object->tva_tx, true, $object->recuperableonly) . "' . price($object->price) . "
" . $staticsoc->getNomUrl(1) . "" . dol_print_date($line->datec, "dayhour") . "
'; // Label @@ -366,7 +369,7 @@ if (! empty($id) || ! empty($ref) || GETPOST('id') == 'all') print $graphfiles[$key]['output']; print ''; print '
'; - + if ($i % 2 == 0) { print "\n".'
'."\n"; @@ -376,7 +379,7 @@ if (! empty($id) || ! empty($ref) || GETPOST('id') == 'all') print "\n".''; print '

'."\n"; } - + $i++; } } diff --git a/htdocs/product/stats/commande.php b/htdocs/product/stats/commande.php index 192017af2a5..3792217b20f 100644 --- a/htdocs/product/stats/commande.php +++ b/htdocs/product/stats/commande.php @@ -82,7 +82,7 @@ if ($id > 0 || ! empty($ref)) $result = $product->fetch($id, $ref); $object = $product; - + $parameters=array('id'=>$id); $reshook=$hookmanager->executeHooks('doActions',$parameters,$product,$action); // Note that $action and $object may have been modified by some hooks if ($reshook < 0) setEventMessages($hookmanager->error, $hookmanager->errors, 'errors'); @@ -100,11 +100,14 @@ if ($id > 0 || ! empty($ref)) if ($reshook < 0) setEventMessages($hookmanager->error, $hookmanager->errors, 'errors'); $linkback = ''.$langs->trans("BackToList").''; - - dol_banner_tab($object, 'ref', $linkback, ($user->societe_id?0:1), 'ref'); - + + $shownav = 1; + if ($user->societe_id && ! in_array('product', explode(',',$conf->global->MAIN_MODULES_FOR_EXTERNAL))) $shownav=0; + + dol_banner_tab($object, 'ref', $linkback, $shownav, 'ref'); + print '
'; - + print '
'; print ''; @@ -114,9 +117,9 @@ if ($id > 0 || ! empty($ref)) print ''; print '
'; - + dol_fiche_end(); - + if ($user->rights->commande->lire) { diff --git a/htdocs/product/stats/commande_fournisseur.php b/htdocs/product/stats/commande_fournisseur.php index bed3be1892f..46731f3ab37 100644 --- a/htdocs/product/stats/commande_fournisseur.php +++ b/htdocs/product/stats/commande_fournisseur.php @@ -88,7 +88,7 @@ if ($id > 0 || ! empty($ref)) { $result = $product->fetch($id, $ref); $object = $product; - + $parameters = array ('id' => $id); $reshook = $hookmanager->executeHooks('doActions', $parameters, $product, $action); // Note that $action and $object may have been modified by some hooks if ($reshook < 0) @@ -96,7 +96,7 @@ if ($id > 0 || ! empty($ref)) { llxHeader("", "", $langs->trans("CardProduct" . $product->type)); - if ($result > 0) + if ($result > 0) { $head = product_prepare_head($product); $titre = $langs->trans("CardProduct" . $product->type); @@ -108,11 +108,14 @@ if ($id > 0 || ! empty($ref)) { setEventMessages($hookmanager->error, $hookmanager->errors, 'errors'); $linkback = ''.$langs->trans("BackToList").''; - - dol_banner_tab($object, 'ref', $linkback, ($user->societe_id?0:1), 'ref'); - + + $shownav = 1; + if ($user->societe_id && ! in_array('product', explode(',',$conf->global->MAIN_MODULES_FOR_EXTERNAL))) $shownav=0; + + dol_banner_tab($object, 'ref', $linkback, $shownav, 'ref'); + print '
'; - + print '
'; print '
'; @@ -122,9 +125,9 @@ if ($id > 0 || ! empty($ref)) { print ''; print '
'; - + dol_fiche_end(); - + if ($user->rights->fournisseur->commande->lire) { diff --git a/htdocs/product/stats/contrat.php b/htdocs/product/stats/contrat.php index 8c5f1a3ba86..754c299fbfd 100644 --- a/htdocs/product/stats/contrat.php +++ b/htdocs/product/stats/contrat.php @@ -72,7 +72,7 @@ if ($id > 0 || ! empty($ref)) $result = $product->fetch($id, $ref); $object = $product; - + $parameters=array('id'=>$id); $reshook=$hookmanager->executeHooks('doActions',$parameters,$product,$action); // Note that $action and $object may have been modified by some hooks if ($reshook < 0) setEventMessages($hookmanager->error, $hookmanager->errors, 'errors'); @@ -90,11 +90,14 @@ if ($id > 0 || ! empty($ref)) if ($reshook < 0) setEventMessages($hookmanager->error, $hookmanager->errors, 'errors'); $linkback = ''.$langs->trans("BackToList").''; - - dol_banner_tab($object, 'ref', $linkback, ($user->societe_id?0:1), 'ref'); - + + $shownav = 1; + if ($user->societe_id && ! in_array('product', explode(',',$conf->global->MAIN_MODULES_FOR_EXTERNAL))) $shownav=0; + + dol_banner_tab($object, 'ref', $linkback, $shownav, 'ref'); + print '
'; - + print '
'; print '
'; @@ -104,9 +107,9 @@ if ($id > 0 || ! empty($ref)) print ''; print '
'; - + dol_fiche_end(); - + $now=dol_now(); @@ -141,7 +144,7 @@ if ($id > 0 || ! empty($ref)) $option .= '&search_month=' . $search_month; if (! empty($search_year)) $option .= '&search_year=' . $search_year; - + print '' . "\n"; if (! empty($sortfield)) print ''; @@ -151,7 +154,7 @@ if ($id > 0 || ! empty($ref)) print ''; $option .= '&page=' . $page; } - + print_barre_liste($langs->trans("Contrats"),$page,$_SERVER["PHP_SELF"],"&id=$product->id",$sortfield,$sortorder,'',$num,0,''); $i = 0; @@ -197,7 +200,7 @@ if ($id > 0 || ! empty($ref)) $i++; } } - + print '
'; print '
'; print ''; diff --git a/htdocs/product/stats/facture.php b/htdocs/product/stats/facture.php index 53e5b0ab0a6..1c7b717f6d1 100644 --- a/htdocs/product/stats/facture.php +++ b/htdocs/product/stats/facture.php @@ -83,9 +83,9 @@ if ($id > 0 || ! empty($ref)) { $product = new Product($db); $result = $product->fetch($id, $ref); - + $object = $product; - + $parameters=array('id'=>$id); $reshook=$hookmanager->executeHooks('doActions',$parameters,$product,$action); // Note that $action and $object may have been modified by some hooks if ($reshook < 0) setEventMessages($hookmanager->error, $hookmanager->errors, 'errors'); @@ -117,11 +117,14 @@ if ($id > 0 || ! empty($ref)) if ($reshook < 0) setEventMessages($hookmanager->error, $hookmanager->errors, 'errors'); $linkback = ''.$langs->trans("BackToList").''; - - dol_banner_tab($object, 'ref', $linkback, ($user->societe_id?0:1), 'ref'); - + + $shownav = 1; + if ($user->societe_id && ! in_array('product', explode(',',$conf->global->MAIN_MODULES_FOR_EXTERNAL))) $shownav=0; + + dol_banner_tab($object, 'ref', $linkback, $shownav, 'ref'); + print '
'; - + print '
'; print ''; @@ -131,14 +134,14 @@ if ($id > 0 || ! empty($ref)) print ''; print '
'; - + dol_fiche_end(); if ($showmessage && $nboflines > 1) { print $langs->trans("ClinkOnALinkOfColumn", $langs->transnoentitiesnoconv("Referers")); } - elseif ($user->rights->facture->lire) + elseif ($user->rights->facture->lire) { $sql = "SELECT DISTINCT s.nom as name, s.rowid as socid, s.code_client,"; $sql.= " f.facnumber, f.datef, f.paye, f.fk_statut as statut, f.rowid as facid,"; @@ -164,13 +167,13 @@ if ($id > 0 || ! empty($ref)) $total_ht=0; $total_qty=0; $totalrecords=0; - if (empty($conf->global->MAIN_DISABLE_FULL_SCANLIST)) + if (empty($conf->global->MAIN_DISABLE_FULL_SCANLIST)) { $result = $db->query($sql); - if ($result) + if ($result) { $totalrecords = $db->num_rows($result); - while ($objp = $db->fetch_object($result)) + while ($objp = $db->fetch_object($result)) { $total_ht+=$objp->total_ht; $total_qty+=$objp->qty; diff --git a/htdocs/product/stats/facture_fournisseur.php b/htdocs/product/stats/facture_fournisseur.php index 6fe189c7700..f4da679fd3d 100644 --- a/htdocs/product/stats/facture_fournisseur.php +++ b/htdocs/product/stats/facture_fournisseur.php @@ -84,7 +84,7 @@ if ($id > 0 || ! empty($ref)) $result = $product->fetch($id, $ref); $object = $product; - + $parameters = array('id' => $id); $reshook = $hookmanager->executeHooks('doActions', $parameters, $product, $action); // Note that $action and $object may have been modified by some hooks if ($reshook < 0) setEventMessages($hookmanager->error, $hookmanager->errors, 'errors'); @@ -102,11 +102,14 @@ if ($id > 0 || ! empty($ref)) if ($reshook < 0) setEventMessages($hookmanager->error, $hookmanager->errors, 'errors'); $linkback = ''.$langs->trans("BackToList").''; - - dol_banner_tab($object, 'ref', $linkback, ($user->societe_id?0:1), 'ref'); - + + $shownav = 1; + if ($user->societe_id && ! in_array('product', explode(',',$conf->global->MAIN_MODULES_FOR_EXTERNAL))) $shownav=0; + + dol_banner_tab($object, 'ref', $linkback, $shownav, 'ref'); + print '
'; - + print '
'; print '
'; @@ -116,9 +119,9 @@ if ($id > 0 || ! empty($ref)) print ''; print '
'; - + dol_fiche_end(); - + if ($user->rights->fournisseur->facture->lire) { diff --git a/htdocs/product/stats/propal.php b/htdocs/product/stats/propal.php index 289cf3d3578..04a32e2d94e 100644 --- a/htdocs/product/stats/propal.php +++ b/htdocs/product/stats/propal.php @@ -82,7 +82,7 @@ if ($id > 0 || ! empty($ref)) $result = $product->fetch($id, $ref); $object = $product; - + $parameters = array ('id' => $id); $reshook = $hookmanager->executeHooks('doActions', $parameters, $product, $action); // Note that $action and $object may have been modified by some hooks if ($reshook < 0) setEventMessages($hookmanager->error, $hookmanager->errors, 'errors'); @@ -100,11 +100,14 @@ if ($id > 0 || ! empty($ref)) if ($reshook < 0) setEventMessages($hookmanager->error, $hookmanager->errors, 'errors'); $linkback = ''.$langs->trans("BackToList").''; - - dol_banner_tab($object, 'ref', $linkback, ($user->societe_id?0:1), 'ref'); - + + $shownav = 1; + if ($user->societe_id && ! in_array('product', explode(',',$conf->global->MAIN_MODULES_FOR_EXTERNAL))) $shownav=0; + + dol_banner_tab($object, 'ref', $linkback, $shownav, 'ref'); + print '
'; - + print '
'; print '
'; @@ -114,11 +117,11 @@ if ($id > 0 || ! empty($ref)) print ''; print '
'; - - dol_fiche_end(); - - if ($user->rights->propale->lire) + dol_fiche_end(); + + + if ($user->rights->propale->lire) { $sql = "SELECT DISTINCT s.nom as name, s.rowid as socid, p.rowid as propalid, p.ref, d.total_ht as amount,"; $sql .= " p.ref_client,"; @@ -239,7 +242,7 @@ if ($id > 0 || ! empty($ref)) } } } - + print ''; print ''; print ''; diff --git a/htdocs/product/stock/card.php b/htdocs/product/stock/card.php index eb853539e01..72b5af2f528 100644 --- a/htdocs/product/stock/card.php +++ b/htdocs/product/stock/card.php @@ -100,7 +100,7 @@ if ($action == 'add' && $user->rights->stock->creer) setEventMessages($object->error, $object->errors, 'errors'); } } - else + else { setEventMessages($langs->trans("ErrorWarehouseRefRequired"), null, 'errors'); $action="create"; // Force retour sur page creation @@ -194,7 +194,7 @@ if ($action == 'create') print ''; print ''; - + // Parent entrepot print ''; - + } // Description diff --git a/htdocs/product/stock/info.php b/htdocs/product/stock/info.php index 7f6a9f6031b..a088ac289b8 100644 --- a/htdocs/product/stock/info.php +++ b/htdocs/product/stock/info.php @@ -54,9 +54,12 @@ $morehtmlref='
'; $morehtmlref.=$langs->trans("LocationSummary").' : '.$object->lieu; $morehtmlref.='
'; -dol_banner_tab($object, 'id', $linkback, 1, 'rowid', 'libelle', $morehtmlref); +$shownav = 1; +if ($user->societe_id && ! in_array('stock', explode(',',$conf->global->MAIN_MODULES_FOR_EXTERNAL))) $shownav=0; + +dol_banner_tab($object, 'id', $linkback, $shownav, 'rowid', 'libelle', $morehtmlref); + - print '
'; print '
'; diff --git a/htdocs/product/stock/mouvement.php b/htdocs/product/stock/mouvement.php index de46538a037..8479d6e8bd3 100644 --- a/htdocs/product/stock/mouvement.php +++ b/htdocs/product/stock/mouvement.php @@ -99,7 +99,7 @@ $arrayfields=array( //'m.tms'=>array('label'=>$langs->trans("DateModificationShort"), 'checked'=>0, 'position'=>500) ); -$object = new MouvementStock($db); // To be passed as parameter of executeHooks that need +$object = new MouvementStock($db); // To be passed as parameter of executeHooks that need /* @@ -164,7 +164,7 @@ if ($action == "correct_stock") //$sellby=GETPOST('sellby'); $eatby=dol_mktime(0, 0, 0, GETPOST('eatbymonth'), GETPOST('eatbyday'), GETPOST('eatbyyear')); $sellby=dol_mktime(0, 0, 0, GETPOST('sellbymonth'), GETPOST('sellbyday'), GETPOST('sellbyyear')); - + $result=$product->correct_stock_batch( $user, $id, @@ -210,7 +210,7 @@ if ($action == "transfert_stock" && ! $cancel) { $product = new Product($db); if (! empty($product_id)) $result=$product->fetch($product_id); - + if (! (GETPOST("id_entrepot_destination",'int') > 0)) { setEventMessages($langs->trans("ErrorFieldRequired", $langs->transnoentitiesnoconv("Warehouse")), null, 'errors'); @@ -264,7 +264,7 @@ if ($action == "transfert_stock" && ! $cancel) $pricesrc=0; if (isset($product->pmp)) $pricesrc=$product->pmp; $pricedest=$pricesrc; - + if ($product->hasbatch()) { $pdluo = new Productbatch($db); @@ -488,8 +488,8 @@ if ($resql) $num = $db->num_rows($resql); $arrayofselected=is_array($toselect)?$toselect:array(); - - + + $i = 0; $help_url='EN:Module_Stocks_En|FR:Module_Stock|ES:Módulo_Stocks'; $texte = $langs->trans("ListOfStockMovements"); @@ -505,20 +505,23 @@ if ($resql) dol_fiche_head($head, 'movements', $langs->trans("Warehouse"), 0, 'stock'); - + $linkback = ''.$langs->trans("BackToList").''; - + $morehtmlref='
'; $morehtmlref.=$langs->trans("LocationSummary").' : '.$object->lieu; $morehtmlref.='
'; - - dol_banner_tab($object, 'id', $linkback, 1, 'rowid', 'libelle', $morehtmlref); - - + + $shownav = 1; + if ($user->societe_id && ! in_array('stock', explode(',',$conf->global->MAIN_MODULES_FOR_EXTERNAL))) $shownav=0; + + dol_banner_tab($object, 'id', $linkback, $shownav, 'rowid', 'libelle', $morehtmlref); + + print '
'; print '
'; print '
'; - + print '
' . $langs->trans('Total') . '
'.$langs->trans("Ref").'
'.$langs->trans("LocationSummary").'
'.$langs->trans("AddIn").''; print $formproduct->selectWarehouses('', 'fk_parent', '', 1); @@ -276,7 +276,7 @@ else dol_fiche_head($head, 'card', $langs->trans("Warehouse"), 0, 'stock'); $formconfirm = ''; - + // Confirm delete third party if ($action == 'delete') { @@ -300,7 +300,10 @@ else $morehtmlref.=$langs->trans("LocationSummary").' : '.$object->lieu; $morehtmlref.=''; - dol_banner_tab($object, 'id', $linkback, 1, 'rowid', 'libelle', $morehtmlref); + $shownav = 1; + if ($user->societe_id && ! in_array('stock', explode(',',$conf->global->MAIN_MODULES_FOR_EXTERNAL))) $shownav=0; + + dol_banner_tab($object, 'id', $linkback, $shownav, 'rowid', 'libelle', $morehtmlref); print '
'; print '
'; @@ -315,7 +318,7 @@ else print '
'.$langs->trans("ParentWarehouse").''; print $e->getNomUrl(3); print '
'; // Description @@ -539,14 +542,14 @@ if ($resql) print ""; print '
'; - + print '
'; print '
'; print '
'; print '
'; - + print ''; - + // Value print ''; print ''; - + // Categories - if (!empty( $conf->categorie->enabled ) && !empty( $user->rights->categorie->lire )) + if (!empty( $conf->categorie->enabled ) && !empty( $user->rights->categorie->lire )) { print ''; print '
'.$langs->trans("EstimatedStockValueShort").''; print price((empty($calcproducts['qty'])?'0':price2num($calcproducts['qty'],'MT')), 0, $langs, 0, -1, -1, $conf->currency); @@ -583,9 +586,9 @@ if ($resql) print ''; print ''; print ''; - + print '
'; - + dol_fiche_end(); } @@ -628,10 +631,10 @@ if ($resql) { print ''.$langs->trans("StockTransfer").''; } - + print '
'; } - + $param=''; if (! empty($contextpage) && $contextpage != $_SERVER["PHP_SELF"]) $param.='&contextpage='.$contextpage; if ($limit > 0 && $limit != $conf->liste_limit) $param.='&limit='.$limit; @@ -662,7 +665,7 @@ if ($resql) //if ($user->rights->stock->supprimer) $arrayofmassactions['delete']=$langs->trans("Delete"); if ($massaction == 'presend') $arrayofmassactions=array(); $massactionbutton=$form->selectMassAction('', $arrayofmassactions); - + print '
'; if ($optioncss != '') print ''; print ''; @@ -673,23 +676,23 @@ if ($resql) print ''; print ''; if ($id > 0) print ''; - + if ($id > 0) print_barre_liste($texte, $page, $_SERVER["PHP_SELF"], $param, $sortfield, $sortorder,$massactionbutton,$num, $nbtotalofrecords, '', 0, '', '', $limit); else print_barre_liste($texte, $page, $_SERVER["PHP_SELF"], $param, $sortfield, $sortorder,$massactionbutton,$num, $nbtotalofrecords, 'title_generic', 0, '', '', $limit); - + if ($sall) { foreach($fieldstosearchall as $key => $val) $fieldstosearchall[$key]=$langs->trans($val); print $langs->trans("FilterOnInto", $sall) . join(', ',$fieldstosearchall); } - + $moreforfilter=''; - + $parameters=array(); $reshook=$hookmanager->executeHooks('printFieldPreListTitle',$parameters); // Note that $action and $object may have been modified by hook if (empty($reshook)) $moreforfilter .= $hookmanager->resPrint; else $moreforfilter = $hookmanager->resPrint; - + if (! empty($moreforfilter)) { print '
'; @@ -699,10 +702,10 @@ if ($resql) $varpage=empty($contextpage)?$_SERVER["PHP_SELF"]:$contextpage; $selectedfields=$form->multiSelectArrayWithCheckbox('selectedfields', $arrayfields, $varpage); // This also change content of $arrayfields - + print '
'; print ''."\n"; - + print ""; if (! empty($arrayfields['m.rowid']['checked'])) print_liste_field_titre($arrayfields['m.rowid']['label'],$_SERVER["PHP_SELF"],'m.rowid','',$param,'',$sortfield,$sortorder); if (! empty($arrayfields['m.datem']['checked'])) print_liste_field_titre($arrayfields['m.datem']['label'],$_SERVER["PHP_SELF"],'m.datem','',$param,'',$sortfield,$sortorder); @@ -720,9 +723,9 @@ if ($resql) // Extra fields if (is_array($extrafields->attribute_label) && count($extrafields->attribute_label)) { - foreach($extrafields->attribute_label as $key => $val) + foreach($extrafields->attribute_label as $key => $val) { - if (! empty($arrayfields["ef.".$key]['checked'])) + if (! empty($arrayfields["ef.".$key]['checked'])) { $align=$extrafields->getAlignFlag($key); print_liste_field_titre($extralabels[$key],$_SERVER["PHP_SELF"],"ef.".$key,"",$param,($align?'align="'.$align.'"':''),$sortfield,$sortorder); @@ -740,14 +743,14 @@ if ($resql) // Lignes des champs de filtre print ''; - if (! empty($arrayfields['m.rowid']['checked'])) + if (! empty($arrayfields['m.rowid']['checked'])) { // Ref print ''; } - if (! empty($arrayfields['m.datem']['checked'])) + if (! empty($arrayfields['m.datem']['checked'])) { print ''; } - if (! empty($arrayfields['p.ref']['checked'])) + if (! empty($arrayfields['p.ref']['checked'])) { // Product Ref print ''; } - if (! empty($arrayfields['p.label']['checked'])) + if (! empty($arrayfields['p.label']['checked'])) { // Product label print ''; } // Batch - if (! empty($arrayfields['m.batch']['checked'])) + if (! empty($arrayfields['m.batch']['checked'])) { print ''; } if (! empty($arrayfields['pl.eatby']['checked'])) { print ''; + print ''; } if (! empty($arrayfields['pl.sellby']['checked'])) { @@ -788,42 +791,42 @@ if ($resql) print ''; } // Warehouse - if (! empty($arrayfields['e.label']['checked'])) + if (! empty($arrayfields['e.label']['checked'])) { print ''; } - if (! empty($arrayfields['m.fk_user_author']['checked'])) + if (! empty($arrayfields['m.fk_user_author']['checked'])) { // Author print ''; } - if (! empty($arrayfields['m.inventorycode']['checked'])) + if (! empty($arrayfields['m.inventorycode']['checked'])) { // Inventory code print ''; } - if (! empty($arrayfields['m.label']['checked'])) + if (! empty($arrayfields['m.label']['checked'])) { // Label of movement print ''; } - if (! empty($arrayfields['origin']['checked'])) + if (! empty($arrayfields['origin']['checked'])) { // Origin of movement print ''; } - if (! empty($arrayfields['m.value']['checked'])) + if (! empty($arrayfields['m.value']['checked'])) { // Qty print ''; } - // Actions + // Actions print ''; if (! $i) $totalarray['nbfield']++; - + print "\n"; $i++; } @@ -1012,7 +1015,7 @@ if ($resql) if (count($arrayofuniqueproduct) == 1 && is_numeric($year)) { print "
"; - + $productidselected=0; foreach ($arrayofuniqueproduct as $key => $val) { diff --git a/htdocs/product/stock/product.php b/htdocs/product/stock/product.php index 6bcf98e96c1..e3211b157df 100644 --- a/htdocs/product/stock/product.php +++ b/htdocs/product/stock/product.php @@ -106,10 +106,10 @@ $reshook=$hookmanager->executeHooks('doActions',$parameters,$object,$action); if ($reshook < 0) setEventMessages($hookmanager->error, $hookmanager->errors, 'errors'); if($action == 'addlimitstockwarehouse') { - + $seuil_stock_alerte = GETPOST('seuil_stock_alerte'); $desiredstock = GETPOST('desiredstock'); - + $maj_ok = true; if($seuil_stock_alerte == '') { setEventMessages($langs->trans("ErrorFieldRequired", $langs->transnoentitiesnoconv("StockLimit")), null, 'errors'); @@ -119,44 +119,44 @@ if($action == 'addlimitstockwarehouse') { setEventMessages($langs->trans("ErrorFieldRequired", $langs->transnoentitiesnoconv("DesiredStock")), null, 'errors'); $maj_ok = false; } - + if($maj_ok) { - + $pse = new ProductStockEntrepot($db); if($pse->fetch('', GETPOST('id'), GETPOST('fk_entrepot')) > 0) { - + // Update $pse->seuil_stock_alerte = $seuil_stock_alerte; $pse->desiredstock = $desiredstock; if($pse->update($user) > 0) setEventMessage($langs->trans('ProductStockWarehouseUpdated')); - + } else { - + // Create $pse->fk_entrepot = GETPOST('fk_entrepot'); $pse->fk_product = GETPOST('id'); $pse->seuil_stock_alerte = GETPOST('seuil_stock_alerte'); $pse->desiredstock = GETPOST('desiredstock'); if($pse->create($user) > 0) setEventMessage($langs->trans('ProductStockWarehouseCreated')); - + } - + } header("Location: ".$_SERVER["PHP_SELF"]."?id=".GETPOST('id')); exit; - + } if($action == 'delete_productstockwarehouse') { - + $pse = new ProductStockEntrepot($db); $pse->fetch(GETPOST('fk_productstockwarehouse')); if($pse->delete($user) > 0) setEventMessage($langs->trans('ProductStockWarehouseDeleted')); - + $action = ''; - + } // Set stock limit @@ -299,7 +299,7 @@ if ($action == "transfert_stock" && ! $cancel) { $object = new Product($db); $result=$object->fetch($id); - + if ($object->hasbatch() && ! $batchnumber) { setEventMessages($langs->trans("ErrorFieldRequired", $langs->transnoentitiesnoconv("batch_number")), null, 'errors'); @@ -307,7 +307,7 @@ if ($action == "transfert_stock" && ! $cancel) $action='transfert'; } } - + if (! $error) { if ($id) @@ -323,7 +323,7 @@ if ($action == "transfert_stock" && ! $cancel) $pricesrc=0; if (isset($object->pmp)) $pricesrc=$object->pmp; $pricedest=$pricesrc; - + if ($object->hasbatch()) { $pdluo = new Productbatch($db); @@ -496,7 +496,7 @@ if ($id > 0 || $ref) { $object = new Product($db); $result = $object->fetch($id,$ref); - + $object->load_stock(); $title = $langs->trans('ProductServiceCard'); @@ -525,15 +525,18 @@ if ($id > 0 || $ref) dol_htmloutput_events(); $linkback = ''.$langs->trans("BackToList").''; - - dol_banner_tab($object, 'ref', $linkback, ($user->societe_id?0:1), 'ref'); - + + $shownav = 1; + if ($user->societe_id && ! in_array('stock', explode(',',$conf->global->MAIN_MODULES_FOR_EXTERNAL))) $shownav=0; + + dol_banner_tab($object, 'ref', $linkback, $shownav, 'ref'); + print '
'; - + print '
'; print '
'; print ''; print ''; print ''; @@ -758,14 +761,14 @@ if ($resql) //print $formother->selectyear($syear,'year',1, 20, 5); print ''; print ''; print ''; @@ -773,14 +776,14 @@ if ($resql) print ''; - print ''; //print ''; print $formproduct->selectWarehouses($search_warehouse, 'search_warehouse', 'warehouseopen,warehouseinternal', 1, 0, 0, '', 0, 0, null, 'maxwidth200'); print ''; print ''; print ''; print ''; print ''; print ''; print ''; print '  '; print ''; @@ -869,7 +872,7 @@ if ($resql) print ''; print ''; $searchpitco=$form->showFilterAndCheckAddButtons(0); print $searchpitco; @@ -892,11 +895,11 @@ if ($resql) $productlot->batch= $objp->batch; $productlot->eatby= $objp->eatby; $productlot->sellby= $objp->sellby; - + $warehousestatic->id=$objp->entrepot_id; $warehousestatic->libelle=$objp->stock; $warehousestatic->lieu=$objp->lieu; - + $arrayofuniqueproduct[$objp->rowid]=$objp->produit; if(!empty($objp->fk_origin)) { $origin = $movement->get_origin($objp->fk_origin, $objp->origintype); @@ -998,7 +1001,7 @@ if ($resql) } print '
'; - - if ($conf->productbatch->enabled) + + if ($conf->productbatch->enabled) { print ''; - + // Hook formObject $parameters=array('colspan' => 3); $reshook=$hookmanager->executeHooks('formObjectOptions',$parameters,$object,$action); // Note that $action and $object may have been modified by hook - + // Desired stock print ''; $stocktheo = price2num($object->stock_theorique, 'MS'); - + // Calculating a theorical value print ''; print "
'.$langs->trans("ManageLotSerial").''; print $object->getLibStatut(0,2); @@ -595,11 +598,11 @@ if ($id > 0 || $ref) print '
'.$form->editfieldkey("StockLimit",'seuil_stock_alerte',$object->seuil_stock_alerte,$object,$user->rights->produit->creer).''; print $form->editfieldval("StockLimit",'seuil_stock_alerte',$object->seuil_stock_alerte,$object,$user->rights->produit->creer,'string'); print '
'.$form->editfieldkey($form->textwithpicto($langs->trans("DesiredStock"), $langs->trans("DesiredStockDesc"), 1),'desiredstock',$object->desiredstock,$object,$user->rights->produit->creer); print ''; @@ -623,7 +626,7 @@ if ($id > 0 || $ref) print '
'.$langs->trans("VirtualStock").'".(empty($stocktheo)?0:$stocktheo); @@ -705,7 +708,7 @@ if ($id > 0 || $ref) print ''; print '
'; - + dol_fiche_end(); } @@ -744,18 +747,18 @@ if (empty($reshook)) if (empty($action) && $object->id) { print "
\n"; - + if ($user->rights->stock->mouvement->creer) { print ''.$langs->trans("StockCorrection").''; } - + //if (($user->rights->stock->mouvement->creer) && ! $object->hasbatch()) if ($user->rights->stock->mouvement->creer) { print ''.$langs->trans("StockTransfer").''; } - + print '
'; } @@ -907,30 +910,30 @@ print "
"; print '
'; if(!empty($conf->global->STOCK_ALLOW_ADD_LIMIT_STOCK_BY_WAREHOUSE)) { - + print '

'; print_titre($langs->trans('AddNewProductStockWarehouse')); //print '
'; - + print ''; print ''; print ''; print ''; - + print ''; print ''; print ''; print ''; print ''; - + $pse = new ProductStockEntrepot($db); $lines = $pse->fetchAll(GETPOST('id')); - + if(!empty($lines)) { - + $var=false; foreach($lines as $line) { - + $ent = new Entrepot($db); $ent->fetch($line['fk_entrepot']); print ''; @@ -939,15 +942,15 @@ if(!empty($conf->global->STOCK_ALLOW_ADD_LIMIT_STOCK_BY_WAREHOUSE)) { print ''; print ''; $var=!$var; - + } } - + print "
'.$formproduct->selectWarehouses('', 'fk_entrepot').'
'.$ent->getNomUrl(3).''.img_delete().'
"; - + print ''; - + } llxFooter(); diff --git a/htdocs/product/stock/productlot_card.php b/htdocs/product/stock/productlot_card.php index 4d1b82307f8..e26dfdba905 100644 --- a/htdocs/product/stock/productlot_card.php +++ b/htdocs/product/stock/productlot_card.php @@ -112,21 +112,21 @@ if (empty($reshook)) $result = $object->setValueFrom('eatby', $newvalue, '', null, 'date', '', $user, 'PRODUCTLOT_MODIFY'); if ($result < 0) dol_print_error($db, $object->error); } - + if ($action == 'setsellby' && $user->rights->stock->creer) { $newvalue=dol_mktime(12, 0, 0, $_POST['sellbymonth'], $_POST['sellbyday'], $_POST['sellbyyear']); $result = $object->setValueFrom('sellby', $newvalue, '', null, 'date', '', $user, 'PRODUCTLOT_MODIFY'); if ($result < 0) dol_print_error($db, $object->error); } - + if ($action == 'update_extras') { // Fill array 'array_options' with data from update form $extralabels = $extrafields->fetch_name_optionals_label($object->table_element); $ret = $extrafields->setOptionalsFromPost($extralabels, $object, GETPOST('attribute')); if ($ret < 0) $error++; - + if (! $error) { // Actions on extra fields (by external module or standard code) @@ -142,11 +142,11 @@ if (empty($reshook)) } else if ($reshook < 0) $error++; } - + if ($error) $action = 'edit_extras'; } - + // Action to add record if ($action == 'add') { @@ -160,7 +160,7 @@ if (empty($reshook)) $error=0; /* object_prop_getpost_prop */ - + $object->entity=GETPOST('entity','int'); $object->fk_product=GETPOST('fk_product','int'); $object->batch=GETPOST('batch','alpha'); @@ -204,7 +204,7 @@ if (empty($reshook)) if ($action == 'update' && ! GETPOST('cancel')) { $error=0; - + $object->entity=GETPOST('entity','int'); $object->fk_product=GETPOST('fk_product','int'); $object->batch=GETPOST('batch','alpha'); @@ -283,7 +283,7 @@ if ($action == 'create') print ''."\n"; // print ''; - // + // print ''; print ''; print ''; @@ -305,28 +305,31 @@ if ($action == 'create') if ($object->id > 0 && (empty($action) || ($action != 'edit' && $action != 'create'))) { $res = $object->fetch_optionals($object->id, $extralabels); - + //print load_fiche_titre($langs->trans("Batch")); - + $head = productlot_prepare_head($object); dol_fiche_head($head, 'card', $langs->trans("Batch"), 0, 'barcode'); - - + + if ($action == 'delete') { $formconfirm = $form->formconfirm($_SERVER["PHP_SELF"] . '?id=' . $object->id, $langs->trans('DeleteBatch'), $langs->trans('ConfirmDeleteBatch'), 'confirm_delete', '', 0, 1); print $formconfirm; } - - + + $linkback = '' . $langs->trans("BackToList") . ''; - - dol_banner_tab($object, 'id', $linkback, 1, 'rowid', 'batch'); - + + $shownav = 1; + if ($user->societe_id && ! in_array('batch', explode(',',$conf->global->MAIN_MODULES_FOR_EXTERNAL))) $shownav=0; + + dol_banner_tab($object, 'id', $linkback, $shownav, 'rowid', 'batch'); + print '
'; print '
'; print '
'.$langs->trans("Label").'
'.$langs->trans("Fieldentity").'
'.$langs->trans("Fieldfk_product").'
'.$langs->trans("Fieldbatch").'
'."\n"; - + // Product print ''; print ''; - + // Sell by print ''; print ''; - + // Other attributes $cols = 2; include DOL_DOCUMENT_ROOT . '/core/tpl/extrafields_view.tpl.php'; - + print '
'.$langs->trans("Product").''; $producttmp = new Product($db); @@ -341,7 +344,7 @@ if ($object->id > 0 && (empty($action) || ($action != 'edit' && $action != 'crea print $form->editfieldval($langs->trans('Eatby'), 'eatby', $object->eatby, $object, $user->rights->stock->creer, 'datepicker'); print '
'; print $form->editfieldkey($langs->trans('Sellby'), 'sellby', $object->sellby, $object, $user->rights->stock->creer, 'datepicker'); @@ -349,15 +352,15 @@ if ($object->id > 0 && (empty($action) || ($action != 'edit' && $action != 'crea print $form->editfieldval($langs->trans('Sellby'), 'sellby', $object->sellby, $object, $user->rights->stock->creer, 'datepicker'); print '
'; - + print '
'; - + dol_fiche_end(); @@ -381,8 +384,8 @@ if ($object->id > 0 && (empty($action) || ($action != 'edit' && $action != 'crea */ } print ''."\n"; - - + + print ''.$langs->trans("ShowCurrentStockOfLot").'
'; print '
'; print ''.$langs->trans("ShowLogOfMovementIfLot").'
'; diff --git a/htdocs/product/traduction.php b/htdocs/product/traduction.php index e7986fde074..3311e228da3 100644 --- a/htdocs/product/traduction.php +++ b/htdocs/product/traduction.php @@ -202,7 +202,10 @@ dol_fiche_head($head, 'translation', $titre, 0, $picto); $linkback = ''.$langs->trans("BackToList").''; -dol_banner_tab($object, 'ref', $linkback, ($user->societe_id?0:1), 'ref', 'ref', '', '', 0, '', '', 1); +$shownav = 1; +if ($user->societe_id && ! in_array('product', explode(',',$conf->global->MAIN_MODULES_FOR_EXTERNAL))) $shownav=0; + +dol_banner_tab($object, 'ref', $linkback, shownav, 'ref'); dol_fiche_end(); @@ -245,7 +248,7 @@ if ($action == 'edit') { $s=picto_from_langcode($key); print "
".($s?$s.' ':'')." ".$langs->trans('Language_'.$key).": ".''.img_delete('', '')."
"; - + print ''; print ''; print ''; - print ''; - print ''; + print price($prevsits_total_amount, 0, $langs, 1, -1, -1, (!empty($object->multicurrency_code) ? $object->multicurrency_code : $conf->currency) ); + + print ''; + // Previous situation(s) deduction(s) for ($i = 0; $i < $cprevsits; $i++) { @@ -3348,10 +3349,10 @@ else if ($id > 0 || ! empty($ref)) print $prevsits[$i]->situation_counter; print ''; - print ''; - print ''; + print ''; + } } } From e4c7f584e3cf21108cad67b389eecf5b3d6b93bf Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Tue, 13 Jun 2017 11:45:21 +0200 Subject: [PATCH 59/75] Fix option STOCK_SUPPORTS_SERVICES (stock not visible when it should) --- htdocs/product/list.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/htdocs/product/list.php b/htdocs/product/list.php index 40dcd116ab4..7fd4135bd4a 100644 --- a/htdocs/product/list.php +++ b/htdocs/product/list.php @@ -628,9 +628,9 @@ else $product_static->status = $objp->tosell; $product_static->entity = $objp->entity; - if (! empty($conf->stock->enabled) && $user->rights->stock->lire && $type != 1) // To optimize call of load_stock + if ((! empty($conf->stock->enabled) && $user->rights->stock->lire && $type != 1) || ! empty($conf->global->STOCK_DISABLE_OPTIM_LOAD)) // To optimize call of load_stock { - if ($objp->fk_product_type != 1) // Not a service + if ($objp->fk_product_type != 1 || ! empty($conf->global->STOCK_SUPPORTS_SERVICES)) // Not a service { $product_static->load_stock('nobatch'); // Load stock_reel + stock_warehouse. This also call load_virtual_stock() } From f2961b8652dce6ff9cf86a3d1fb4c1ab042a7c3e Mon Sep 17 00:00:00 2001 From: phf Date: Tue, 13 Jun 2017 12:30:30 +0200 Subject: [PATCH 60/75] Fix 6993 - supplier propal check min price on update line --- htdocs/supplier_proposal/card.php | 5 ----- 1 file changed, 5 deletions(-) diff --git a/htdocs/supplier_proposal/card.php b/htdocs/supplier_proposal/card.php index ea0ecc12f89..55da718cebc 100644 --- a/htdocs/supplier_proposal/card.php +++ b/htdocs/supplier_proposal/card.php @@ -808,11 +808,6 @@ if (empty($reshook)) $price_min = $product->multiprices_min [$object->thirdparty->price_level]; $label = ((GETPOST('update_label') && GETPOST('product_label')) ? GETPOST('product_label') : ''); - - if ($price_min && (price2num($pu_ht) * (1 - price2num(GETPOST('remise_percent')) / 100) < price2num($price_min))) { - setEventMessages($langs->trans("CantBeLessThanMinPrice", price(price2num($price_min, 'MU'), 0, $langs, 0, 0, - 1, $conf->currency)), null, 'errors'); - $error ++; - } } else { $type = GETPOST('type'); $label = (GETPOST('product_label') ? GETPOST('product_label') : ''); From 9b979e3cb765744b1c443d7c8811a0a1b9238a60 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Tue, 13 Jun 2017 13:44:18 +0200 Subject: [PATCH 61/75] Fix wrong warning when user is disabled --- htdocs/user/card.php | 48 ++++++++++++++++++++++---------------------- 1 file changed, 24 insertions(+), 24 deletions(-) diff --git a/htdocs/user/card.php b/htdocs/user/card.php index 2d5ace33809..a48d7e499fb 100644 --- a/htdocs/user/card.php +++ b/htdocs/user/card.php @@ -299,7 +299,7 @@ if (empty($reshook)) { } } - if ($action == 'update' && ! $cancel) + if ($action == 'update' && ! $cancel) { require_once DOL_DOCUMENT_ROOT.'/core/lib/files.lib.php'; @@ -318,7 +318,7 @@ if (empty($reshook)) { $error ++; } - if (!$error) + if (!$error) { $object->fetch($id); @@ -455,7 +455,7 @@ if (empty($reshook)) { setEventMessages($langs->trans("ErrorFailedToSaveFile"), null, 'errors'); } else { // Create thumbs - $object->addThumbs($newfile); + $object->addThumbs($newfile); } } else { $error ++; @@ -464,7 +464,7 @@ if (empty($reshook)) { } } } - + if (! $error && ! count($object->errors)) { // Then we add the associated categories @@ -475,7 +475,7 @@ if (empty($reshook)) { if (!$error && !count($object->errors)) { setEventMessages($langs->trans("UserModified"), null, 'mesgs'); $db->commit(); - + $login = $_SESSION["dol_login"]; if ($login && $login == $object->oldcopy->login && $object->oldcopy->login != $object->login) // Current user has changed its login { @@ -494,11 +494,11 @@ if (empty($reshook)) { if ($caneditpassword) // Case we can edit only password { dol_syslog("Not allowed to change fields, only password"); - + $object->fetch($id); - + $object->oldcopy = clone $object; - + $ret = $object->setPassword($user, GETPOST("password")); if ($ret < 0) { @@ -1059,7 +1059,7 @@ if (($action == 'create') || ($action == 'adduserldap')) print ''; print ''; print "\n"; - + // Date employment print ''; print ''; } - + // Categories - if (! empty($conf->categorie->enabled) && ! empty($user->rights->categorie->lire)) + if (! empty($conf->categorie->enabled) && ! empty($user->rights->categorie->lire)) { print '"; } - + // Note print ''; print '\n"; } } - + if (isset($conf->file->main_authentication) && preg_match('/openid/',$conf->file->main_authentication) && ! empty($conf->global->MAIN_OPENIDURL_PERUSER)) { print ''; print ''; print "\n"; } - + print ''; print ''; print "\n"; - + print ''; print ''; print "\n"; - + // Other attributes $parameters=array(); $reshook=$hookmanager->executeHooks('formObjectOptions',$parameters,$object,$action); // Note that $action and $object may have been modified by hook @@ -1505,7 +1505,7 @@ else { print $object->showOptionals($extrafields); } - + // Company / Contact if (! empty($conf->societe->enabled)) { @@ -1673,7 +1673,7 @@ else print ''; print ''; } - + print '
'.$langs->trans('Label').'
'.$langs->trans('Description').''; @@ -275,7 +278,7 @@ if ($action == 'edit') else if ($action != 'add') { if ($cnt_trans) print '
'; - + if (! empty($object->multilangs)) { foreach ($object->multilangs as $key => $value) From 71afaaa3608e421004718fbf9d0071888e5ce259 Mon Sep 17 00:00:00 2001 From: florian HENRY Date: Mon, 12 Jun 2017 17:24:36 +0200 Subject: [PATCH 55/75] fix : availibity refresh --- htdocs/comm/propal/class/propal.class.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/comm/propal/class/propal.class.php b/htdocs/comm/propal/class/propal.class.php index fc2cb3c94f0..d18b49b5294 100644 --- a/htdocs/comm/propal/class/propal.class.php +++ b/htdocs/comm/propal/class/propal.class.php @@ -1868,7 +1868,7 @@ class Propal extends CommonObject { $this->oldcopy= clone $this; $this->fk_availability = $id; - $this->availability_id = $availability_id; + $this->availability_id = $id; } if (! $notrigger && empty($error)) From ffdee40eb9722da1a0d43a629850b7d7d67b9833 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Tue, 13 Jun 2017 10:58:41 +0200 Subject: [PATCH 56/75] Fix permission on recurring invoice list --- htdocs/core/menus/standard/eldy.lib.php | 26 ++++++++++++------------- 1 file changed, 13 insertions(+), 13 deletions(-) diff --git a/htdocs/core/menus/standard/eldy.lib.php b/htdocs/core/menus/standard/eldy.lib.php index b981686d7c7..ca6791475a6 100644 --- a/htdocs/core/menus/standard/eldy.lib.php +++ b/htdocs/core/menus/standard/eldy.lib.php @@ -52,7 +52,7 @@ function print_eldy_menu($db,$atarget,$type_user,&$tabMenu,&$menu,$noout=0,$mode if (empty($noout)) print_start_menu_array(); $usemenuhider = (GETPOST('testmenuhider') || ! empty($conf->global->MAIN_TESTMENUHIDER)); - + // Show/Hide vertical menu if ($mode != 'jmobile' && $mode != 'topnb' && $usemenuhider && empty($conf->global->MAIN_OPTIMIZEFORTEXTBROWSER)) { @@ -437,7 +437,7 @@ function print_end_menu_array() /** * Core function to output left menu eldy * Fill &$menu (example with $forcemainmenu='home' $forceleftmenu='all', return left menu tree of Home) - * + * * @param DoliDB $db Database handler * @param array $menu_array_before Table of menu entries to show before entries of menu handler (menu->liste filled with menu->add) * @param array $menu_array_after Table of menu entries to show after entries of menu handler (menu->liste filled with menu->add) @@ -445,7 +445,7 @@ function print_end_menu_array() * @param Menu $menu Object Menu to return back list of menu entries * @param int $noout Disable output (Initialise &$menu only). * @param string $forcemainmenu 'x'=Force mainmenu to mainmenu='x' - * @param string $forceleftmenu 'all'=Force leftmenu to '' (= all). If value come being '', we change it to value in session and 'none' if not efined in session. + * @param string $forceleftmenu 'all'=Force leftmenu to '' (= all). If value come being '', we change it to value in session and 'none' if not efined in session. * @param array $moredata An array with more data to output * @return int nb of menu entries */ @@ -459,7 +459,7 @@ function print_left_eldy_menu($db,$menu_array_before,$menu_array_after,&$tabMenu $leftmenu=($forceleftmenu?'':(empty($_SESSION["leftmenu"])?'none':$_SESSION["leftmenu"])); $usemenuhider = (GETPOST('testmenuhider') || ! empty($conf->global->MAIN_TESTMENUHIDER)); - + // Show logo company if (empty($conf->global->MAIN_MENU_INVERT) && empty($noout) && ! empty($conf->global->MAIN_SHOW_LOGO) && empty($conf->global->MAIN_OPTIMIZEFORTEXTBROWSER)) { @@ -596,7 +596,7 @@ function print_left_eldy_menu($db,$menu_array_before,$menu_array_after,&$tabMenu $newmenu->add("/user/group/index.php?leftmenu=users", $langs->trans("ListOfGroups"), 2, ($conf->global->MAIN_USE_ADVANCED_PERMS?$user->rights->user->group_advance->read:$user->rights->user->user->lire) || $user->admin); } } - + } @@ -802,7 +802,7 @@ function print_left_eldy_menu($db,$menu_array_before,$menu_array_after,&$tabMenu $newmenu->add("/compta/facture/list.php?leftmenu=customers_bills_paid&search_status=2",$langs->trans("BillShortStatusPaid"),2,$user->rights->facture->lire); $newmenu->add("/compta/facture/list.php?leftmenu=customers_bills_canceled&search_status=3",$langs->trans("BillShortStatusCanceled"),2,$user->rights->facture->lire); } - $newmenu->add("/compta/facture/fiche-rec.php",$langs->trans("ListOfTemplates"),1,$user->rights->facture->lire); + $newmenu->add("/compta/facture/fiche-rec.php",$langs->trans("ListOfTemplates"),1,$user->rights->facture->creer); // No need to see recurring invoices, if user has no permission to create invoice. $newmenu->add("/compta/paiement/list.php",$langs->trans("Payments"),1,$user->rights->facture->lire); @@ -945,29 +945,29 @@ function print_left_eldy_menu($db,$menu_array_before,$menu_array_after,&$tabMenu if ($usemenuhider || empty($leftmenu) || preg_match('/accountancy_admin/',$leftmenu)) $newmenu->add("/accountancy/admin/account.php?mainmenu=accountancy&leftmenu=accountancy_admin", $langs->trans("Chartofaccounts"),2, $user->rights->accounting->chartofaccount, '', $mainmenu, 'accountancy_admin_chart', 20); if ($usemenuhider || empty($leftmenu) || preg_match('/accountancy_admin/',$leftmenu)) $newmenu->add("/accountancy/admin/categories_list.php?id=32&search_country_id=".$mysoc->country_id."&mainmenu=accountancy&leftmenu=accountancy_admin", $langs->trans("AccountingCategory"),2, $user->rights->accounting->chartofaccount, '', $mainmenu, 'accountancy_admin_chart', 22); if ($usemenuhider || empty($leftmenu) || preg_match('/accountancy_admin/',$leftmenu)) $newmenu->add("/accountancy/admin/defaultaccounts.php?mainmenu=accountancy&leftmenu=accountancy_admin", $langs->trans("MenuDefaultAccounts"),2, $user->rights->accounting->chartofaccount, '', $mainmenu, 'accountancy_admin_default', 40); - if (! empty($conf->facture->enabled) || ! empty($conf->fournisseur->enabled)) + if (! empty($conf->facture->enabled) || ! empty($conf->fournisseur->enabled)) { if ($usemenuhider || empty($leftmenu) || preg_match('/accountancy_admin/',$leftmenu)) $newmenu->add("/admin/dict.php?id=10&from=accountancy&search_country_id=".$mysoc->country_id."&mainmenu=accountancy&leftmenu=accountancy_admin", $langs->trans("MenuVatAccounts"),2, $user->rights->accounting->chartofaccount, '', $mainmenu, 'accountancy_admin_default', 30); } - if (! empty($conf->tax->enabled)) + if (! empty($conf->tax->enabled)) { if ($usemenuhider || empty($leftmenu) || preg_match('/accountancy_admin/',$leftmenu)) $newmenu->add("/admin/dict.php?id=7&from=accountancy&search_country_id=".$mysoc->country_id."&mainmenu=accountancy&leftmenu=accountancy_admin", $langs->trans("MenuTaxAccounts"),2, $user->rights->accounting->chartofaccount, '', $mainmenu, 'accountancy_admin_default', 30); } - if (! empty($conf->expensereport->enabled)) + if (! empty($conf->expensereport->enabled)) { if (preg_match('/accountancy_admin/',$leftmenu)) $newmenu->add("/admin/dict.php?id=17&from=accountancy&mainmenu=accountancy&leftmenu=accountancy_admin", $langs->trans("MenuExpenseReportAccounts"),2, $user->rights->accounting->chartofaccount, '', $mainmenu, 'accountancy_admin_default', 30); } /* not required yet, already supported by default account - if (! empty($conf->loan->enabled)) + if (! empty($conf->loan->enabled)) { if ($usemenuhider || empty($leftmenu) || preg_match('/accountancy_admin/',$leftmenu)) $newmenu->add("/admin/loan.php?mainmenu=accountancy&leftmenu=accountancy_admin", $langs->trans("MenuLoanAccounts"), 2, $user->rights->accounting->chartofaccount, '', $mainmenu, 'accountancy_admin_loan', 45); } - if (! empty($conf->don->enabled)) + if (! empty($conf->don->enabled)) { if (preg_match('/accountancy_admin/',$leftmenu)) $newmenu->add("/don/admin/donation.php?from=accountancy&mainmenu=accountancy&leftmenu=accountancy_admin", $langs->trans("MenuDonationAccounts"), 2, $user->rights->accounting->chartofaccount, '', $mainmenu, 'accountancy_admin_donation', 47); }*/ if ($usemenuhider || empty($leftmenu) || preg_match('/accountancy_admin/',$leftmenu)) $newmenu->add("/accountancy/admin/productaccount.php?mainmenu=accountancy&leftmenu=accountancy_admin", $langs->trans("MenuProductsAccounts"), 2, $user->rights->accounting->chartofaccount, '', $mainmenu, 'accountancy_admin_product', 50); - + // Binding if ($usemenuhider || empty($leftmenu) || preg_match('/accountancy/',$leftmenu)) $newmenu->add("/accountancy/customer/index.php?leftmenu=accountancy_dispatch_customer&mainmenu=accountancy",$langs->trans("CustomersVentilation"),1,$user->rights->accounting->bind->write, '', $mainmenu, 'dispatch_customer'); if ($usemenuhider || empty($leftmenu) || preg_match('/accountancy_dispatch_customer/',$leftmenu)) $newmenu->add("/accountancy/customer/list.php?mainmenu=accountancy&leftmenu=accountancy_dispatch_customer",$langs->trans("ToBind"),2,$user->rights->accounting->bind->write); @@ -1366,7 +1366,7 @@ function print_left_eldy_menu($db,$menu_array_before,$menu_array_after,&$tabMenu $newmenu->add("/adherents/stats/index.php?leftmenu=members",$langs->trans("MenuMembersStats"),1,$user->rights->adherent->lire); if (! empty($conf->global->MEMBER_LINK_TO_HTPASSWDFILE) && ($usemenuhider || empty($leftmenu) || $leftmenu=="export")) $newmenu->add("/adherents/htpasswd.php?leftmenu=export",$langs->trans("Filehtpasswd"),1,$user->rights->adherent->export); if ($usemenuhider || empty($leftmenu) || $leftmenu=="export") $newmenu->add("/adherents/cartes/carte.php?leftmenu=export",$langs->trans("MembersCards"),1,$user->rights->adherent->export); - + $newmenu->add("/adherents/index.php?leftmenu=members&mainmenu=members",$langs->trans("Subscriptions"),0,$user->rights->adherent->cotisation->lire); $newmenu->add("/adherents/list.php?leftmenu=members&statut=-1,1&mainmenu=members",$langs->trans("NewSubscription"),1,$user->rights->adherent->cotisation->creer); $newmenu->add("/adherents/subscription/list.php?leftmenu=members",$langs->trans("List"),1,$user->rights->adherent->cotisation->lire); From 5def2d2600276918d80aab9ece3c2f36af8f7bfd Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Tue, 13 Jun 2017 11:14:52 +0200 Subject: [PATCH 57/75] Add div to help debug of html content --- htdocs/product/price.php | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/htdocs/product/price.php b/htdocs/product/price.php index b18c3b8828a..cbfe90a5a52 100644 --- a/htdocs/product/price.php +++ b/htdocs/product/price.php @@ -1328,7 +1328,9 @@ if ((empty($conf->global->PRODUIT_CUSTOMER_PRICES) || $action=='showlog_default_ $result = $db->query($sql); if ($result) { - $num = $db->num_rows($result); + print '
'; + + $num = $db->num_rows($result); if (! $num) { @@ -1471,6 +1473,8 @@ if ((empty($conf->global->PRODUIT_CUSTOMER_PRICES) || $action=='showlog_default_ print '
'; print "
"; } + + print ''; } else { dol_print_error($db); } From 4c0b0ef4c2b37f106d0017d3fbd21258fcaea2c5 Mon Sep 17 00:00:00 2001 From: phf Date: Tue, 13 Jun 2017 11:29:12 +0200 Subject: [PATCH 58/75] Fix display on situation invoice --- htdocs/compta/facture.php | 17 +++++++++-------- 1 file changed, 9 insertions(+), 8 deletions(-) diff --git a/htdocs/compta/facture.php b/htdocs/compta/facture.php index c19c521ca65..59e52ac7b5d 100644 --- a/htdocs/compta/facture.php +++ b/htdocs/compta/facture.php @@ -3327,7 +3327,7 @@ else if ($id > 0 || ! empty($ref)) print $object->situation_counter; print '		'; + print ''; $prevsits_total_amount = 0; foreach ($prevsits as $situation) { @@ -3335,9 +3335,10 @@ else if ($id > 0 || ! empty($ref)) } $prevsits_total_amount += $object->total_ht; - print price($prevsits_total_amount); - print '' . $langs->trans('Currency' . $conf->currency) . '
'; - print '- ' . price($prevsits[$i]->total_ht); - print '' . $langs->trans('Currency' . $conf->currency) . '
'; + print '- ' . price($prevsits[$i]->total_ht, 0, $langs, 1, -1, -1, (!empty($object->multicurrency_code) ? $object->multicurrency_code : $conf->currency) ); + print '
'.$langs->trans("DateEmployment").''; @@ -1084,9 +1084,9 @@ if (($action == 'create') || ($action == 'adduserldap')) print $formother->selectColor(GETPOST('color')?GETPOST('color'):$object->color, 'color', null, 1, '', 'hideifnotset'); print '
' . fieldLabel('Categories', 'usercats') . ''; $cate_arbo = $form->select_all_categories('user', null, 'parent', null, null, 1); @@ -1094,7 +1094,7 @@ if (($action == 'create') || ($action == 'adduserldap')) null, '90%' ); print "
'; print $langs->trans("Note"); @@ -1137,10 +1137,10 @@ else $object->fetch($id); if ($res < 0) { dol_print_error($db,$object->error); exit; } $res=$object->fetch_optionals($object->id,$extralabels); - + // Check if user has rights $object->getrights(); - if(empty($object->nb_rights)) setEventMessages($langs->trans('UserHasNoPermissions'), null, 'warnings'); + if (empty($object->nb_rights) && $object->statut != 0) setEventMessages($langs->trans('UserHasNoPermissions'), null, 'warnings'); // Connexion ldap // pour recuperer passDoNotExpire et userChangePassNextLogon @@ -1455,7 +1455,7 @@ else } // Categories - if (! empty($conf->categorie->enabled) && ! empty($user->rights->categorie->lire)) + if (! empty($conf->categorie->enabled) && ! empty($user->rights->categorie->lire)) { print '
' . $langs->trans( "Categories" ) . ''; @@ -1482,22 +1482,22 @@ else print "
'.$langs->trans("OpenIDURL").''.$object->openid.'
'.$langs->trans("LastConnexion").''.dol_print_date($object->datelastlogin,"dayhour").'
'.$langs->trans("PreviousConnexion").''.dol_print_date($object->datepreviouslogin,"dayhour").'
'."\n"; print ''."\n"; if(! empty($conf->multicompany->enabled) && !empty($conf->multicompany->transverse_mode) && $conf->entity == 1 && $user->admin && ! $user->entity) @@ -1765,7 +1765,7 @@ else } print "
'.$langs->trans("Groups").'
"; - + if ($caneditgroup) { print ''; @@ -2237,9 +2237,9 @@ else print $form->showphoto('userphoto',$object,60,0,$caneditfield,'photowithmargin','small'); print '
' . fieldLabel( 'Categories', 'usercats' ) . ''; From 70c7bcc85fae6b43d1ce4e1045c63ff7f7cf100e Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Tue, 13 Jun 2017 15:57:30 +0200 Subject: [PATCH 62/75] Complete css to get value unique --- htdocs/core/lib/functions.lib.php | 2 +- htdocs/core/menus/standard/auguria.lib.php | 33 ++++++++++++---------- htdocs/core/menus/standard/eldy.lib.php | 9 ++++-- htdocs/core/menus/standard/empty.php | 20 +++++++------ 4 files changed, 37 insertions(+), 27 deletions(-) diff --git a/htdocs/core/lib/functions.lib.php b/htdocs/core/lib/functions.lib.php index 3ed597d50e5..f0819570c10 100644 --- a/htdocs/core/lib/functions.lib.php +++ b/htdocs/core/lib/functions.lib.php @@ -611,7 +611,7 @@ function dol_string_unaccent($str) */ function dol_string_nospecial($str,$newstr='_',$badcharstoreplace='') { - $forbidden_chars_to_replace=array(" ","'","/","\\",":","*","?","\"","<",">","|","[","]",",",";","="); + $forbidden_chars_to_replace=array(" ", "'", "/", "\\", ":", "*", "?", "\"", "<", ">", "|", "[", "]", ",", ";", "="); $forbidden_chars_to_remove=array(); if (is_array($badcharstoreplace)) $forbidden_chars_to_replace=$badcharstoreplace; //$forbidden_chars_to_remove=array("(",")"); diff --git a/htdocs/core/menus/standard/auguria.lib.php b/htdocs/core/menus/standard/auguria.lib.php index 2c2d2c5ec63..4f8175c3fac 100644 --- a/htdocs/core/menus/standard/auguria.lib.php +++ b/htdocs/core/menus/standard/auguria.lib.php @@ -54,20 +54,20 @@ function print_auguria_menu($db,$atarget,$type_user,&$tabMenu,&$menu,$noout=0,$m if (empty($noout)) print_start_menu_array_auguria(); $usemenuhider = (GETPOST('testmenuhider') || ! empty($conf->global->MAIN_TESTMENUHIDER)); - + // Show/Hide vertical menu if ($mode != 'jmobile' && $mode != 'topnb' && $usemenuhider && empty($conf->global->MAIN_OPTIMIZEFORTEXTBROWSER)) { $showmode=1; $classname = 'class="tmenu menuhider"'; $idsel='menu'; - + if (empty($noout)) print_start_menu_entry_auguria($idsel,$classname,$showmode); if (empty($noout)) print_text_menu_entry_auguria('', 1, '#', $id, $idsel, $classname, $atarget); if (empty($noout)) print_end_menu_entry_auguria($showmode); $menu->add('#', '', 0, $showmode, $atarget, "xxx", ''); } - + $num = count($newTabMenu); for($i = 0; $i < $num; $i++) { @@ -77,7 +77,7 @@ function print_auguria_menu($db,$atarget,$type_user,&$tabMenu,&$menu,$noout=0,$m if ($showmode == 1) { $url = $shorturl = $newTabMenu[$i]['url']; - + if (! preg_match("/^(http:\/\/|https:\/\/)/i",$newTabMenu[$i]['url'])) { $tmp=explode('?',$newTabMenu[$i]['url'],2); @@ -85,11 +85,11 @@ function print_auguria_menu($db,$atarget,$type_user,&$tabMenu,&$menu,$noout=0,$m $param = (isset($tmp[1])?$tmp[1]:''); // Complete param to force leftmenu to '' to closed opend menu when we click on a link with no leftmenu defined. - if ((! preg_match('/mainmenu/i',$param)) && (! preg_match('/leftmenu/i',$param)) && ! empty($newTabMenu[$i]['url'])) + if ((! preg_match('/mainmenu/i',$param)) && (! preg_match('/leftmenu/i',$param)) && ! empty($newTabMenu[$i]['url'])) { $param.=($param?'&':'').'mainmenu='.$newTabMenu[$i]['url'].'&leftmenu='; } - if ((! preg_match('/mainmenu/i',$param)) && (! preg_match('/leftmenu/i',$param)) && empty($newTabMenu[$i]['url'])) + if ((! preg_match('/mainmenu/i',$param)) && (! preg_match('/leftmenu/i',$param)) && empty($newTabMenu[$i]['url'])) { $param.=($param?'&':'').'leftmenu='; } @@ -136,7 +136,7 @@ function print_auguria_menu($db,$atarget,$type_user,&$tabMenu,&$menu,$noout=0,$m function print_start_menu_array_auguria() { global $conf; - + print '
'; print '
    global->MAIN_OPTIMIZEFORTEXTBROWSER)?'':' title="Top menu"').'>'; } @@ -250,7 +250,7 @@ function print_left_auguria_menu($db,$menu_array_before,$menu_array_after,&$tabM $usemenuhider = (GETPOST('testmenuhider') || ! empty($conf->global->MAIN_TESTMENUHIDER)); global $usemenuhider; - + // Show logo company if (empty($noout) && ! empty($conf->global->MAIN_SHOW_LOGO) && empty($conf->global->MAIN_OPTIMIZEFORTEXTBROWSER)) { @@ -284,7 +284,7 @@ function print_left_auguria_menu($db,$menu_array_before,$menu_array_after,&$tabM print '
'."\n"; print "\n"; } - + // We update newmenu with entries found into database $menuArbo = new Menubase($db,'auguria'); $newmenu = $menuArbo->menuLeftCharger($newmenu,$mainmenu,$leftmenu,($user->societe_id?1:0),'auguria',$tabMenu); @@ -401,7 +401,7 @@ function print_left_auguria_menu($db,$menu_array_before,$menu_array_after,&$tabM for($j = ($i + 1); $j < $num; $j++) { if (empty($menu_array[$j]['level'])) $lastopened=false; - } + } if ($altok % 2 == 0) { print '
'."\n"; @@ -454,9 +454,12 @@ function print_left_auguria_menu($db,$menu_array_before,$menu_array_after,&$tabM // Menu niveau > 0 if ($menu_array[$i]['level'] > 0) { - if ($menu_array[$i]['enabled']) + $cssmenu = ''; + if ($menu_array[$i]['url']) $cssmenu = ' menu_contenu'.dol_string_nospecial(preg_replace('/\.php.*$/','',$menu_array[$i]['url'])); + + if ($menu_array[$i]['enabled']) { - print '
'.$tabstring; + print '
'.$tabstring; if ($menu_array[$i]['url']) print ''; else print ''; print $menu_array[$i]['titre']; @@ -468,7 +471,7 @@ function print_left_auguria_menu($db,$menu_array_before,$menu_array_after,&$tabM } else if ($showmenu) { - print '
'.$tabstring.''.$menu_array[$i]['titre'].'
'."\n"; + print '
'.$tabstring.''.$menu_array[$i]['titre'].'
'."\n"; } } @@ -480,7 +483,7 @@ function print_left_auguria_menu($db,$menu_array_before,$menu_array_after,&$tabM if ($blockvmenuopened) { print "
\n"; $blockvmenuopened=false; } } } - + if ($altok) print '
'; } @@ -493,7 +496,7 @@ function print_left_auguria_menu($db,$menu_array_before,$menu_array_after,&$tabM print '
'."\n"; print "\n"; } - + return count($menu_array); } diff --git a/htdocs/core/menus/standard/eldy.lib.php b/htdocs/core/menus/standard/eldy.lib.php index ca6791475a6..66fe9f993a9 100644 --- a/htdocs/core/menus/standard/eldy.lib.php +++ b/htdocs/core/menus/standard/eldy.lib.php @@ -1561,9 +1561,12 @@ function print_left_eldy_menu($db,$menu_array_before,$menu_array_after,&$tabMenu // Menu niveau > 0 if ($menu_array[$i]['level'] > 0) { - if ($menu_array[$i]['enabled']) + $cssmenu = ''; + if ($menu_array[$i]['url']) $cssmenu = ' menu_contenu'.dol_string_nospecial(preg_replace('/\.php.*$/','',$menu_array[$i]['url'])); + + if ($menu_array[$i]['enabled']) { - print '
'.$tabstring; + print '
'.$tabstring; if ($menu_array[$i]['url']) print ''; else print ''; print $menu_array[$i]['titre']; @@ -1575,7 +1578,7 @@ function print_left_eldy_menu($db,$menu_array_before,$menu_array_after,&$tabMenu } else if ($showmenu) { - print '
'.$tabstring.''.$menu_array[$i]['titre'].'
'."\n"; + print '
'.$tabstring.''.$menu_array[$i]['titre'].'
'."\n"; } } diff --git a/htdocs/core/menus/standard/empty.php b/htdocs/core/menus/standard/empty.php index 6bc3df987cc..72dd10c7647 100644 --- a/htdocs/core/menus/standard/empty.php +++ b/htdocs/core/menus/standard/empty.php @@ -82,7 +82,7 @@ class MenuManager { return 1; } - + if ($mode == 'top' || $mode == 'jmobile') { if (empty($noout)) print_start_menu_array_empty(); @@ -98,13 +98,13 @@ class MenuManager $showmode=1; $classname = 'class="tmenu menuhider"'; $idsel='menu'; - + if (empty($noout)) print_start_menu_entry($idsel,$classname,$showmode); if (empty($noout)) print_text_menu_entry('', 1, '#', $id, $idsel, $classname, $atarget); if (empty($noout)) print_end_menu_entry($showmode); $menu->add('#', '', 0, $showmode, $atarget, "xxx", ''); - } - + } + if (empty($noout)) print_start_menu_entry_empty($idsel, $classname, $showmode); if (empty($noout)) print_text_menu_entry_empty($langs->trans("Home"), 1, dol_buildpath('/index.php',1).'?mainmenu=home&leftmenu=', $id, $idsel, $classname, $this->atarget); if (empty($noout)) print_end_menu_entry_empty($showmode); @@ -201,8 +201,12 @@ class MenuManager print '
'."\n"; } - if ($this->menu->liste[$i]['level'] > 0) { - print '
'; + if ($this->menu->liste[$i]['level'] > 0) + { + $cssmenu = ''; + if ($this->menu->liste[$i]['url']) $cssmenu = ' menu_contenu'.dol_string_nospecial(preg_replace('/\.php.*$/','',$this->menu->liste[$i]['url'])); + + print '
'; if ($this->menu->liste[$i]['enabled']) { @@ -229,7 +233,7 @@ class MenuManager print "
\n"; } } - + if ($altok) print '
'; } @@ -308,7 +312,7 @@ class MenuManager function print_start_menu_array_empty() { global $conf; - + print '
'; print '
    global->MAIN_OPTIMIZEFORTEXTBROWSER)?'':' title="Top menu"').'>'; } From d2db5f60a89604f2625bfc8a9111b58fa0e31478 Mon Sep 17 00:00:00 2001 From: phf Date: Wed, 14 Jun 2017 09:42:05 +0200 Subject: [PATCH 63/75] Fix css to apply "pair" and "impair" style --- htdocs/compta/facture.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/compta/facture.php b/htdocs/compta/facture.php index 59e52ac7b5d..9bb97d8ff0b 100644 --- a/htdocs/compta/facture.php +++ b/htdocs/compta/facture.php @@ -3490,7 +3490,7 @@ else if ($id > 0 || ! empty($ref)) if ($object->type == Facture::TYPE_SITUATION && ! empty($conf->global->INVOICE_USE_SITUATION)) { if (count($object->tab_previous_situation_invoice) > 0 || count($object->tab_next_situation_invoice) > 0) - print ''; + print '
    '; if (count($object->tab_previous_situation_invoice) > 0) { // List of previous invoices From 83a5b8e078ba57ba3d4070e5f3f2cb944c28e555 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Wed, 14 Jun 2017 10:13:33 +0200 Subject: [PATCH 64/75] FIX Can set supplier invoice to billed. --- htdocs/fourn/commande/card.php | 22 ++++++++++++++++------ 1 file changed, 16 insertions(+), 6 deletions(-) diff --git a/htdocs/fourn/commande/card.php b/htdocs/fourn/commande/card.php index e9b143382ad..5bfae3c955f 100644 --- a/htdocs/fourn/commande/card.php +++ b/htdocs/fourn/commande/card.php @@ -2585,19 +2585,29 @@ elseif (! empty($object->id)) // Create bill if (! empty($conf->facture->enabled)) { - if (! empty($conf->fournisseur->enabled) && ($object->statut >= 2 && $object->billed != 1)) // 2 means accepted + if (! empty($conf->fournisseur->enabled) && ($object->statut >= 2 && $object->billed != 1)) // statut 2 means approved { if ($user->rights->fournisseur->facture->creer) { print ''.$langs->trans("CreateBill").''; } - - if ($user->rights->fournisseur->commande->creer && $object->statut >= 2 && !empty($object->linkedObjectsIds['invoice_supplier'])) - { - print ''.$langs->trans("ClassifyBilled").''; - } } + } + // Classify billed manually (need one invoice if module invoice is on, no condition on invoice if not) + if ($user->rights->fournisseur->commande->creer && $object->statut >= 2 && $object->billed != 1) // statut 2 means approved + { + if (empty($conf->facture->enabled)) + { + print ''.$langs->trans("ClassifyBilled").''; + } + else if (!empty($object->linkedObjectsIds['invoice_supplier'])) + { + if ($user->rights->fournisseur->facture->creer) + { + print ''.$langs->trans("ClassifyBilled").''; + } + } } // Create a remote order using WebService only if module is activated From 0e867229dbd68bf0da952223677bebdb7714e037 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Wed, 14 Jun 2017 10:28:02 +0200 Subject: [PATCH 65/75] FIX Can't create invoice if PO disapproved --- htdocs/fourn/commande/card.php | 56 +++++++++++++++++----------------- 1 file changed, 28 insertions(+), 28 deletions(-) diff --git a/htdocs/fourn/commande/card.php b/htdocs/fourn/commande/card.php index 324c352e72c..bc3c0822207 100644 --- a/htdocs/fourn/commande/card.php +++ b/htdocs/fourn/commande/card.php @@ -275,7 +275,7 @@ if (empty($reshook)) if ($action == 'addline' && $user->rights->fournisseur->commande->creer) { $db->begin(); - + $langs->load('errors'); $error = 0; @@ -441,7 +441,7 @@ if (empty($reshook)) $ht = $ttc / (1 + ($tva_tx / 100)); $price_base_type = 'HT'; } - + $pu_ht_devise = price2num($price_ht_devise, 'MU'); $result=$object->addline($desc, $ht, $qty, $tva_tx, $localtax1_tx, $localtax2_tx, 0, 0, '', $remise_percent, $price_base_type, $ttc, $type,'','', $date_start, $date_end, $array_options, $fk_unit, $pu_ht_devise); @@ -451,7 +451,7 @@ if (empty($reshook)) if (! $error && $result > 0) { $db->commit(); - + $ret=$object->fetch($object->id); // Reload to get new records // Define output language @@ -508,7 +508,7 @@ if (empty($reshook)) $db->rollback(); setEventMessages($object->error, $object->errors, 'errors'); } - + $action = ''; } @@ -543,7 +543,7 @@ if (empty($reshook)) $localtax1_tx=get_localtax($tva_tx,1,$mysoc,$object->thirdparty); $localtax2_tx=get_localtax($tva_tx,2,$mysoc,$object->thirdparty); - + $pu_ht_devise = GETPOST('multicurrency_subprice'); // Extrafields Lines @@ -1391,7 +1391,7 @@ if ($action=='create') // If not defined, set default value from constant if (empty($cond_reglement_id) && ! empty($conf->global->SUPPLIER_ORDER_DEFAULT_PAYMENT_TERM_ID)) $cond_reglement_id=$conf->global->SUPPLIER_ORDER_DEFAULT_PAYMENT_TERM_ID; if (empty($mode_reglement_id) && ! empty($conf->global->SUPPLIER_ORDER_DEFAULT_PAYMENT_MODE_ID)) $mode_reglement_id=$conf->global->SUPPLIER_ORDER_DEFAULT_PAYMENT_MODE_ID; - + print '
    '; print ''; print ''; @@ -1577,7 +1577,7 @@ if ($action=='create') elseif (! empty($object->id)) { $result = $object->fetch($id, $ref); - + $societe = new Fournisseur($db); $result=$societe->fetch($object->socid); if ($result < 0) dol_print_error($db); @@ -1587,7 +1587,7 @@ elseif (! empty($object->id)) $res=$object->fetch_optionals($object->id,$extralabels); - + $head = ordersupplier_prepare_head($object); $title=$langs->trans("SupplierOrder"); @@ -1724,11 +1724,11 @@ elseif (! empty($object->id)) // Print form confirm print $formconfirm; - + // Supplier order card $linkback = ''.$langs->trans("BackToList").''; - + $morehtmlref='
    '; // Ref supplier $morehtmlref.=$form->editfieldkey("RefSupplier", 'ref_supplier', $object->ref_supplier, $object, $user->rights->fournisseur->commande->creer, 'string', '', 0, 1); @@ -1768,15 +1768,15 @@ elseif (! empty($object->id)) } } $morehtmlref.='
    '; - - - dol_banner_tab($object, 'ref', $linkback, 1, 'ref', 'ref', $morehtmlref); - + + + dol_banner_tab($object, 'ref', $linkback, 1, 'ref', 'ref', $morehtmlref); + print '
    '; print '
    '; print '
    '; - + print '
    '; // Date @@ -1969,12 +1969,12 @@ elseif (! empty($object->id)) include DOL_DOCUMENT_ROOT . '/core/tpl/extrafields_view.tpl.php'; print '
    '; - + print '
'; print '
'; print '
'; print '
'; - + print ''; if (!empty($conf->multicurrency->enabled)) @@ -1983,18 +1983,18 @@ elseif (! empty($object->id)) print ''; print ''; print ''; - + // Multicurrency Amount VAT print ''; print ''; print ''; - + // Multicurrency Amount TTC print ''; print ''; print ''; } - + // Total print ''; print ''; @@ -2023,19 +2023,19 @@ elseif (! empty($object->id)) print ''; print '
' . fieldLabel('MulticurrencyAmountHT','multicurrency_total_ht') . '' . price($object->multicurrency_total_ht, '', $langs, 0, - 1, - 1, (!empty($object->multicurrency_code) ? $object->multicurrency_code : $conf->currency)) . '
' . fieldLabel('MulticurrencyAmountVAT','multicurrency_total_tva') . '' . price($object->multicurrency_total_tva, '', $langs, 0, - 1, - 1, (!empty($object->multicurrency_code) ? $object->multicurrency_code : $conf->currency)) . '
' . fieldLabel('MulticurrencyAmountTTC','multicurrency_total_ttc') . '' . price($object->multicurrency_total_ttc, '', $langs, 0, - 1, - 1, (!empty($object->multicurrency_code) ? $object->multicurrency_code : $conf->currency)) . '
'.$langs->trans("AmountHT").''.price($object->total_ht,'',$langs,1,-1,-1,$conf->currency).'
'; - + // Margin Infos /*if (! empty($conf->margin->enabled)) { $formmargin->displayMarginInfos($object); }*/ - - + + print '
'; print '
'; print '
'; - + print '

'; - + if (! empty($conf->global->MAIN_DISABLE_CONTACTS_TAB)) { $blocname = 'contacts'; @@ -2591,7 +2591,7 @@ elseif (! empty($object->id)) // Create bill if (! empty($conf->facture->enabled)) { - if (! empty($conf->fournisseur->enabled) && ($object->statut >= 2 && $object->billed != 1)) // statut 2 means approved + if (! empty($conf->fournisseur->enabled) && ($object->statut >= 2 && $object->statut != 7 && $object->billed != 1)) // statut 2 means approved, 7 means canceled { if ($user->rights->fournisseur->facture->creer) { @@ -2601,7 +2601,7 @@ elseif (! empty($object->id)) } // Classify billed manually (need one invoice if module invoice is on, no condition on invoice if not) - if ($user->rights->fournisseur->commande->creer && $object->statut >= 2 && $object->billed != 1) // statut 2 means approved + if ($user->rights->fournisseur->commande->creer && $object->statut >= 2 && $object->statut != 7 && $object->billed != 1) // statut 2 means approved { if (empty($conf->facture->enabled)) { @@ -2706,7 +2706,7 @@ elseif (! empty($object->id)) print ''; print ''; print load_fiche_titre($langs->trans("Receive"),'',''); - + print ''; //print ''; print ''; - print ''; + print ''; print ''; print ''; print ''; @@ -3564,7 +3564,7 @@ else if ($id > 0 || ! empty($ref)) } print ''; - print ''; + print ''; print ''; print ''; print ''; From 285b5563d66cb0cde3f20ad86e23641a0f4bf4dd Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Sat, 17 Jun 2017 18:23:26 +0200 Subject: [PATCH 68/75] Update changelog --- ChangeLog | 16 ++++++++++++++++ 1 file changed, 16 insertions(+) diff --git a/ChangeLog b/ChangeLog index 78793b9d419..c43fd92f676 100644 --- a/ChangeLog +++ b/ChangeLog @@ -2,6 +2,22 @@ English Dolibarr ChangeLog -------------------------------------------------------------- +***** ChangeLog for 5.0.4 compared to 5.0.3 ***** +FIX: #6880 +FIX: #6925 +FIX: #6926 +FIX: Can set supplier invoice to billed. +FIX: Can't create invoice if PO disapproved +FIX: contratligne update +FIX: CVE-2017-7886 +FIX: default param +FIX: Line of invoices not inserted when using POS module and VAT NPR. +FIX: origin & originid on supplierproposal +FIX: Redirect to payment page from member subscription page failed if a unique security key was defined. +FIX: REST api to get project when user has permission to read all. +FIX: situation_progress param default value must be 100 and not 0 +FIX: SQL injection on user/index.php parameter search_statut. +FIX: Warnings ***** ChangeLog for 5.0.3 compared to 5.0.2 ***** FIX: #6677 Expired contracts dashboard box does not show the name of the thirdparty From abe736c6a6080589fe03d6f7026af0a5b1c7561a Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Sun, 18 Jun 2017 19:42:59 +0200 Subject: [PATCH 69/75] Escape hml tags --- htdocs/admin/tools/index.php | 2 +- htdocs/bookmarks/bookmarks.lib.php | 2 +- htdocs/core/ajax/ajaxdirpreview.php | 2 +- htdocs/core/ajax/bankconciliate.php | 2 +- htdocs/core/ajax/box.php | 2 +- htdocs/core/ajax/constantonoff.php | 2 +- htdocs/core/ajax/contacts.php | 8 ++++---- htdocs/core/ajax/extraparams.php | 18 +++++++++--------- htdocs/core/ajax/loadinplace.php | 2 +- htdocs/core/ajax/objectonoff.php | 2 +- htdocs/core/ajax/price.php | 2 +- htdocs/core/ajax/row.php | 6 +++--- htdocs/core/ajax/saveinplace.php | 2 +- htdocs/core/ajax/security.php | 6 +++--- htdocs/core/ajax/vatrates.php | 2 +- htdocs/core/ajax/ziptown.php | 2 +- htdocs/core/class/html.formother.class.php | 4 ++-- htdocs/core/lib/functions.lib.php | 7 ++----- htdocs/core/lib/security2.lib.php | 6 +----- htdocs/core/tpl/ajax/fileupload_main.tpl.php | 2 +- htdocs/core/tpl/login.tpl.php | 6 +++++- htdocs/core/tpl/passwordforgotten.tpl.php | 7 +++++-- htdocs/ecm/ajax/ecmdatabase.php | 2 +- htdocs/expensereport/ajax/ajaxprojet.php | 2 +- htdocs/externalsite/frames.php | 4 ++-- htdocs/fourn/ajax/getSupplierPrices.php | 18 +++++++++--------- htdocs/holiday/list.php | 12 ++++++------ htdocs/main.inc.php | 11 ++++++----- htdocs/product/ajax/products.php | 2 +- htdocs/product/stats/card.php | 2 +- htdocs/public/paybox/paymentko.php | 2 +- htdocs/public/paybox/paymentok.php | 2 +- htdocs/public/paypal/paymentko.php | 6 +++--- htdocs/public/paypal/paymentok.php | 2 +- htdocs/societe/ajax/company.php | 4 ++-- htdocs/societe/ajaxcompanies.php | 2 +- htdocs/societe/ajaxcountries.php | 2 +- htdocs/user/passwordforgotten.php | 3 --- 38 files changed, 84 insertions(+), 86 deletions(-) diff --git a/htdocs/admin/tools/index.php b/htdocs/admin/tools/index.php index 8da041d05da..b8dfad44e8f 100644 --- a/htdocs/admin/tools/index.php +++ b/htdocs/admin/tools/index.php @@ -38,7 +38,7 @@ if (! $user->admin) $form = new Form($db); $title=$langs->trans("SystemToolsArea"); -if (GETPOST('leftmenu') == 'admintools') $title=$langs->trans("ModulesSystemTools"); +if (GETPOST('leftmenu',"aZ09") == 'admintools') $title=$langs->trans("ModulesSystemTools"); llxHeader('', $title); diff --git a/htdocs/bookmarks/bookmarks.lib.php b/htdocs/bookmarks/bookmarks.lib.php index 3cee534e797..e6d3125abed 100644 --- a/htdocs/bookmarks/bookmarks.lib.php +++ b/htdocs/bookmarks/bookmarks.lib.php @@ -40,7 +40,7 @@ function printBookmarksList($aDb, $aLangs) $langs->load("bookmarks"); - $url= $_SERVER["PHP_SELF"].(! empty($_SERVER["QUERY_STRING"])?'?'.$_SERVER["QUERY_STRING"]:''); + $url= $_SERVER["PHP_SELF"].(dol_escape_htmltag($_SERVER["QUERY_STRING"])?'?'.dol_escape_htmltag($_SERVER["QUERY_STRING"]):''); $ret = ''; // Menu bookmark diff --git a/htdocs/core/ajax/ajaxdirpreview.php b/htdocs/core/ajax/ajaxdirpreview.php index 28f78e22ef4..bbc7647c802 100644 --- a/htdocs/core/ajax/ajaxdirpreview.php +++ b/htdocs/core/ajax/ajaxdirpreview.php @@ -139,7 +139,7 @@ if (! dol_is_dir($upload_dir)) } print ''."\n"; -print ''."\n"; +//print ''."\n"; $param=($sortfield?'&sortfield='.$sortfield:'').($sortorder?'&sortorder='.$sortorder:''); diff --git a/htdocs/core/ajax/bankconciliate.php b/htdocs/core/ajax/bankconciliate.php index 3a8a3e30687..76ab3045f93 100644 --- a/htdocs/core/ajax/bankconciliate.php +++ b/htdocs/core/ajax/bankconciliate.php @@ -45,7 +45,7 @@ $action=GETPOST('action'); //top_htmlhead("", "", 1); // Replaced with top_httphead. An ajax page does not need html header. top_httphead(); -//print ''."\n"; +//print ''."\n"; if (($user->rights->banque->modifier || $user->rights->banque->consolidate) && $action == 'dvnext') { diff --git a/htdocs/core/ajax/box.php b/htdocs/core/ajax/box.php index 63f96a0c513..106822f998b 100644 --- a/htdocs/core/ajax/box.php +++ b/htdocs/core/ajax/box.php @@ -50,7 +50,7 @@ $userid=GETPOST('userid','int'); //top_htmlhead("", "", 1); // Replaced with top_httphead. An ajax page does not need html header. top_httphead(); -print ''."\n"; +print ''."\n"; // Add a box if ($boxid > 0 && $zone !='' && $userid > 0) diff --git a/htdocs/core/ajax/constantonoff.php b/htdocs/core/ajax/constantonoff.php index 331a5e87513..f79753260d7 100644 --- a/htdocs/core/ajax/constantonoff.php +++ b/htdocs/core/ajax/constantonoff.php @@ -45,7 +45,7 @@ $name=GETPOST('name','alpha'); //top_htmlhead("", "", 1); // Replaced with top_httphead. An ajax page does not need html header. top_httphead(); -print ''."\n"; +//print ''."\n"; // Registering the location of boxes if (! empty($action) && ! empty($name)) diff --git a/htdocs/core/ajax/contacts.php b/htdocs/core/ajax/contacts.php index c3788a8baeb..1c7c7a56e4b 100644 --- a/htdocs/core/ajax/contacts.php +++ b/htdocs/core/ajax/contacts.php @@ -41,20 +41,20 @@ $showempty = GETPOST('showempty','int'); top_httphead(); -//print ''."\n"; +//print ''."\n"; // Load original field value if (! empty($id) && ! empty($action) && ! empty($htmlname)) { $form = new Form($db); - + $return=array(); if (empty($showempty)) $showempty=0; - + $return['value'] = $form->selectcontacts($id,'',$htmlname,$showempty,'','',0,'',true); $return['num'] = $form->num; $return['error'] = $form->error; - + echo json_encode($return); } diff --git a/htdocs/core/ajax/extraparams.php b/htdocs/core/ajax/extraparams.php index 510ef8a1cf8..f8a636e52a5 100644 --- a/htdocs/core/ajax/extraparams.php +++ b/htdocs/core/ajax/extraparams.php @@ -40,17 +40,17 @@ $type = GETPOST('type', 'alpha'); top_httphead(); -print ''."\n"; +print ''."\n"; if(! empty($id) && ! empty($element) && ! empty($htmlelement) && ! empty($type)) { $value = GETPOST('value','alpha'); $params=array(); - + dol_syslog("AjaxSetExtraParameters id=".$id." element=".$element." htmlelement=".$htmlelement." type=".$type." value=".$value, LOG_DEBUG); - + $classpath = $subelement = $element; - + // For compatibility if ($element == 'order' || $element == 'commande') { $classpath = $subelement = 'commande'; } else if ($element == 'propal') { $classpath = 'comm/propal'; $subelement = 'propal'; } @@ -60,19 +60,19 @@ if(! empty($id) && ! empty($element) && ! empty($htmlelement) && ! empty($type)) else if ($element == 'deplacement') { $classpath = 'compta/deplacement'; $subelement = 'deplacement'; } else if ($element == 'order_supplier') { $classpath = 'fourn'; $subelement = 'fournisseur.commande'; } else if ($element == 'invoice_supplier') { $classpath = 'fourn'; $subelement = 'fournisseur.facture'; } - + dol_include_once('/'.$classpath.'/class/'.$subelement.'.class.php'); - + if ($element == 'order_supplier') { $classname = 'CommandeFournisseur'; } else if ($element == 'invoice_supplier') { $classname = 'FactureFournisseur'; } else $classname = ucfirst($subelement); - + $object = new $classname($db); $object->fetch($id); - + $params[$htmlelement] = array($type => $value); $object->extraparams = array_merge($object->extraparams, $params); - + $result=$object->setExtraParameters(); } diff --git a/htdocs/core/ajax/loadinplace.php b/htdocs/core/ajax/loadinplace.php index de3a4e57d19..7e9e541c768 100644 --- a/htdocs/core/ajax/loadinplace.php +++ b/htdocs/core/ajax/loadinplace.php @@ -41,7 +41,7 @@ $fk_element = GETPOST('fk_element','alpha'); top_httphead(); -//print ''."\n"; +//print ''."\n"; // Load original field value if (! empty($field) && ! empty($element) && ! empty($table_element) && ! empty($fk_element)) diff --git a/htdocs/core/ajax/objectonoff.php b/htdocs/core/ajax/objectonoff.php index 6ac5abd3bbb..37173ed9943 100644 --- a/htdocs/core/ajax/objectonoff.php +++ b/htdocs/core/ajax/objectonoff.php @@ -42,7 +42,7 @@ $object = new GenericObject($db); top_httphead(); -print ''."\n"; +print ''."\n"; // Registering new values if (($action == 'set') && ! empty($id)) diff --git a/htdocs/core/ajax/price.php b/htdocs/core/ajax/price.php index 5c891df14d5..d4a101fb497 100644 --- a/htdocs/core/ajax/price.php +++ b/htdocs/core/ajax/price.php @@ -39,7 +39,7 @@ $tva_tx = str_replace('*','',GETPOST('tva_tx','alpha')); top_httphead(); -//print ''."\n"; +//print ''."\n"; // Load original field value if (! empty($output) && isset($amount) && isset($tva_tx)) diff --git a/htdocs/core/ajax/row.php b/htdocs/core/ajax/row.php index 41d411f01fd..827ee92d525 100644 --- a/htdocs/core/ajax/row.php +++ b/htdocs/core/ajax/row.php @@ -17,8 +17,8 @@ /** * \file htdocs/core/ajax/row.php - * \brief File to return Ajax response on Row move. - * This ajax page is called when doing an up or down drag and drop. + * \brief File to return Ajax response on Row move. + * This ajax page is called when doing an up or down drag and drop. */ if (! defined('NOTOKENRENEWAL')) define('NOTOKENRENEWAL','1'); // Disable token renewal @@ -39,7 +39,7 @@ require_once DOL_DOCUMENT_ROOT.'/core/class/genericobject.class.php'; top_httphead(); -print ''."\n"; +print ''."\n"; // Registering the location of boxes if ((isset($_POST['roworder']) && ! empty($_POST['roworder'])) && (isset($_POST['table_element_line']) && ! empty($_POST['table_element_line'])) diff --git a/htdocs/core/ajax/saveinplace.php b/htdocs/core/ajax/saveinplace.php index 48797dd0432..eb04379a778 100644 --- a/htdocs/core/ajax/saveinplace.php +++ b/htdocs/core/ajax/saveinplace.php @@ -54,7 +54,7 @@ savemethodname: top_httphead(); -//print ''."\n"; +//print ''."\n"; //print_r($_POST); // Load original field value diff --git a/htdocs/core/ajax/security.php b/htdocs/core/ajax/security.php index 28a53a87679..cc7335618d0 100644 --- a/htdocs/core/ajax/security.php +++ b/htdocs/core/ajax/security.php @@ -17,8 +17,8 @@ /** * \file htdocs/core/ajax/security.php - * \brief This ajax component is used to generated has keys for security purposes - * like key to use into URL to protect them. + * \brief This ajax component is used to generated has keys for security purposes + * like key to use into URL to protect them. */ if (! defined('NOTOKENRENEWAL')) define('NOTOKENRENEWAL','1'); // Disables token renewal @@ -38,7 +38,7 @@ require '../../main.inc.php'; //top_htmlhead("", "", 1); // Replaced with top_httphead. An ajax page does not need html header. top_httphead(); -//print ''."\n"; +//print ''."\n"; // Registering the location of boxes if (isset($_GET['action']) && ! empty($_GET['action'])) diff --git a/htdocs/core/ajax/vatrates.php b/htdocs/core/ajax/vatrates.php index fc30a13afec..ac9691bfa25 100644 --- a/htdocs/core/ajax/vatrates.php +++ b/htdocs/core/ajax/vatrates.php @@ -41,7 +41,7 @@ $productid = (GETPOST('productid','int')?GETPOST('productid','int'):0); top_httphead(); -//print ''."\n"; +//print ''."\n"; // Load original field value if (! empty($id) && ! empty($action) && ! empty($htmlname)) diff --git a/htdocs/core/ajax/ziptown.php b/htdocs/core/ajax/ziptown.php index 30e0211ece1..9fa475039d9 100644 --- a/htdocs/core/ajax/ziptown.php +++ b/htdocs/core/ajax/ziptown.php @@ -45,7 +45,7 @@ require_once DOL_DOCUMENT_ROOT.'/core/class/html.formcompany.class.php'; //top_htmlhead("", "", 1); // Replaced with top_httphead. An ajax page does not need html header. top_httphead(); -//print ''."\n"; +//print ''."\n"; dol_syslog("GET is ".join(',',$_GET).', MAIN_USE_ZIPTOWN_DICTIONNARY='.(empty($conf->global->MAIN_USE_ZIPTOWN_DICTIONNARY)?'':$conf->global->MAIN_USE_ZIPTOWN_DICTIONNARY)); //var_dump($_GET); diff --git a/htdocs/core/class/html.formother.class.php b/htdocs/core/class/html.formother.class.php index 98720d335b9..1771b6f7a4c 100644 --- a/htdocs/core/class/html.formother.class.php +++ b/htdocs/core/class/html.formother.class.php @@ -1062,7 +1062,7 @@ class FormOther async: false }); // We force reload to be sure to get all boxes into list - window.location.search=\'mainmenu='.GETPOST("mainmenu").'&leftmenu='.GETPOST('leftmenu').'&action=delbox\'; + window.location.search=\'mainmenu='.GETPOST("mainmenu","aZ09").'&leftmenu='.GETPOST('leftmenu',"aZ09").'&action=delbox\'; } else { @@ -1084,7 +1084,7 @@ class FormOther url: \''.DOL_URL_ROOT.'/core/ajax/box.php?boxorder=\'+boxorder+\'&boxid=\'+boxid+\'&zone='.$areacode.'&userid='.$user->id.'\', async: false }); - window.location.search=\'mainmenu='.GETPOST("mainmenu").'&leftmenu='.GETPOST('leftmenu').'&action=addbox&boxid=\'+boxid; + window.location.search=\'mainmenu='.GETPOST("mainmenu","aZ09").'&leftmenu='.GETPOST('leftmenu',"aZ09").'&action=addbox&boxid=\'+boxid; } });'; if (! count($arrayboxtoactivatelabel)) $selectboxlist.='jQuery("#boxcombo").hide();'; diff --git a/htdocs/core/lib/functions.lib.php b/htdocs/core/lib/functions.lib.php index 97ce3c4f698..f9f9c8557ee 100644 --- a/htdocs/core/lib/functions.lib.php +++ b/htdocs/core/lib/functions.lib.php @@ -289,9 +289,6 @@ function GETPOST($paramname,$check='',$method=0,$filter=NULL,$options=NULL) case 'intcomma': if (preg_match('/[^0-9,]+/i',$out)) $out=''; break; - case 'intcomma': - if (preg_match('/[^0-9,]+/i',$out)) $out=''; - break; case 'alpha': $out=trim($out); // '"' is dangerous because param in url can close the href= or src= and add javascript functions. @@ -2931,8 +2928,8 @@ function dol_print_error($db='',$error='',$errors=null) $out.="".$langs->trans("Referer").": ".(isset($_SERVER["HTTP_REFERER"])?dol_htmlentities($_SERVER["HTTP_REFERER"],ENT_COMPAT,'UTF-8'):'')."
\n"; $out.="".$langs->trans("MenuManager").": ".(isset($conf->standard_menu)?$conf->standard_menu:'')."
\n"; $out.="
\n"; - $syslog.="url=".$_SERVER["REQUEST_URI"]; - $syslog.=", query_string=".$_SERVER["QUERY_STRING"]; + $syslog.="url=".dol_escape_htmltag($_SERVER["REQUEST_URI"]); + $syslog.=", query_string=".dol_escape_htmltag($_SERVER["QUERY_STRING"]); } else // Mode CLI { diff --git a/htdocs/core/lib/security2.lib.php b/htdocs/core/lib/security2.lib.php index fc05e2c9194..8c16ae8309a 100644 --- a/htdocs/core/lib/security2.lib.php +++ b/htdocs/core/lib/security2.lib.php @@ -144,10 +144,6 @@ function dol_loginfunction($langs,$conf,$mysoc) $dol_url_root = DOL_URL_ROOT; - $php_self = $_SERVER['PHP_SELF']; - $php_self.= $_SERVER["QUERY_STRING"]?'?'.$_SERVER["QUERY_STRING"]:''; - if (! preg_match('/mainmenu=/',$php_self)) $php_self.=(preg_match('/\?/',$php_self)?'&':'?').'mainmenu=home'; - // Title $appli=constant('DOL_APPLICATION_TITLE'); $title=$appli.' '.DOL_VERSION; @@ -422,7 +418,7 @@ function encodedecode_dbpassconf($level=0) fflush($fp); fclose($fp); clearstatcache(); - + // It's config file, so we set read permission for creator only. // Should set permission to web user and groups for users used by batch //@chmod($file, octdec('0600')); diff --git a/htdocs/core/tpl/ajax/fileupload_main.tpl.php b/htdocs/core/tpl/ajax/fileupload_main.tpl.php index b7437af4616..034e9ebc3fc 100644 --- a/htdocs/core/tpl/ajax/fileupload_main.tpl.php +++ b/htdocs/core/tpl/ajax/fileupload_main.tpl.php @@ -45,7 +45,7 @@ $(function () { // Events $('#fileupload').fileupload({ stop: function (e, data) { - location.href=''; + location.href=''; }, destroy: function (e, data) { var that = $(this).data('fileupload'); diff --git a/htdocs/core/tpl/login.tpl.php b/htdocs/core/tpl/login.tpl.php index 3772b44c9fc..608e508d717 100644 --- a/htdocs/core/tpl/login.tpl.php +++ b/htdocs/core/tpl/login.tpl.php @@ -31,6 +31,10 @@ if (GETPOST('dol_use_jmobile')) $conf->dol_use_jmobile=1; // If we force to use jmobile, then we reenable javascript if (! empty($conf->dol_use_jmobile)) $conf->use_javascript_ajax=1; +$php_self = dol_escape_htmltag($_SERVER['PHP_SELF']); +$php_self.= dol_escape_htmltag($_SERVER["QUERY_STRING"])?'?'.dol_escape_htmltag($_SERVER["QUERY_STRING"]):''; +if (! preg_match('/mainmenu=/',$php_self)) $php_self.=(preg_match('/\?/',$php_self)?'&':'?').'mainmenu=home'; + // Javascript code on logon page only to detect user tz, dst_observed, dst_first, dst_second $arrayofjs=array( '/includes/jstz/jstz.min.js'.(empty($conf->dol_use_jmobile)?'':'?version='.urlencode(DOL_VERSION)), @@ -80,7 +84,7 @@ $(document).ready(function () { diff --git a/htdocs/core/tpl/passwordforgotten.tpl.php b/htdocs/core/tpl/passwordforgotten.tpl.php index b641627b789..c05916d55a7 100644 --- a/htdocs/core/tpl/passwordforgotten.tpl.php +++ b/htdocs/core/tpl/passwordforgotten.tpl.php @@ -28,6 +28,9 @@ if (GETPOST('dol_use_jmobile')) $conf->dol_use_jmobile=1; // If we force to use jmobile, then we reenable javascript if (! empty($conf->dol_use_jmobile)) $conf->use_javascript_ajax=1; +$php_self = dol_escape_htmltag($_SERVER['PHP_SELF']); +$php_self.= dol_escape_htmltag($_SERVER["QUERY_STRING"])?'?'.dol_escape_htmltag($_SERVER["QUERY_STRING"]):''; + print top_htmlhead('',$langs->trans('SendNewPassword')); ?> @@ -94,7 +97,7 @@ if (! empty($hookmanager->resArray['options'])) { } ?> -resArray['options'])) {
-
class="button" name="password" value="trans('SendNewPassword'); ?>" tabindex="4" /> +
class="button" name="password" value="trans('SendNewPassword'); ?>" tabindex="4" />
diff --git a/htdocs/ecm/ajax/ecmdatabase.php b/htdocs/ecm/ajax/ecmdatabase.php index ac3a45d5683..6753a4299b0 100644 --- a/htdocs/ecm/ajax/ecmdatabase.php +++ b/htdocs/ecm/ajax/ecmdatabase.php @@ -39,7 +39,7 @@ $element = GETPOST('element', 'alpha'); top_httphead(); -//print ''."\n"; +//print ''."\n"; // Load original field value if (isset($action) && ! empty($action)) diff --git a/htdocs/expensereport/ajax/ajaxprojet.php b/htdocs/expensereport/ajax/ajaxprojet.php index 6b9dd7e062f..423677c5da5 100644 --- a/htdocs/expensereport/ajax/ajaxprojet.php +++ b/htdocs/expensereport/ajax/ajaxprojet.php @@ -46,7 +46,7 @@ require '../../main.inc.php'; //top_htmlhead("", "", 1); // Replaced with top_httphead. An ajax page does not need html header. top_httphead(); -//print ''."\n"; +//print ''."\n"; dol_syslog(join(',',$_GET)); diff --git a/htdocs/externalsite/frames.php b/htdocs/externalsite/frames.php index adf9d547073..6005b8e55b6 100644 --- a/htdocs/externalsite/frames.php +++ b/htdocs/externalsite/frames.php @@ -34,8 +34,8 @@ if (empty($conf->global->EXTERNALSITE_URL)) llxFooter(); } -$mainmenu=GETPOST('mainmenu', 'alpha'); -$leftmenu=GETPOST('leftmenu', 'alpha'); +$mainmenu=GETPOST('mainmenu', "aZ09"); +$leftmenu=GETPOST('leftmenu', "aZ09"); $idmenu=GETPOST('idmenu', 'int'); $theme=GETPOST('theme', 'alpha'); $codelang=GETPOST('lang', 'aZ09'); diff --git a/htdocs/fourn/ajax/getSupplierPrices.php b/htdocs/fourn/ajax/getSupplierPrices.php index af3d728dc78..9a8c24c4eba 100644 --- a/htdocs/fourn/ajax/getSupplierPrices.php +++ b/htdocs/fourn/ajax/getSupplierPrices.php @@ -46,7 +46,7 @@ $langs->load('margins'); top_httphead(); -//print ''."\n"; +//print ''."\n"; if ($idprod > 0) { @@ -55,7 +55,7 @@ if ($idprod > 0) $sorttouse = 's.nom, pfp.quantity, pfp.price'; if (GETPOST('bestpricefirst')) $sorttouse = 'pfp.unitprice, s.nom, pfp.quantity, pfp.price'; - + $productSupplierArray = $producttmp->list_product_fournisseur_price($idprod, $sorttouse); // We list all price per supplier, and then firstly with the lower quantity. So we can choose first one with enough quantity into list. if ( is_array($productSupplierArray)) { @@ -63,15 +63,15 @@ if ($idprod > 0) { $price = $productSupplier->fourn_price * (1 - $productSupplier->fourn_remise_percent / 100); $unitprice = $productSupplier->fourn_unitprice * (1 - $productSupplier->fourn_remise_percent / 100); - + $title = $productSupplier->fourn_name.' - '.$productSupplier->fourn_ref.' - '; - + if ($productSupplier->fourn_qty == 1) { $title.= price($price,0,$langs,0,0,-1,$conf->currency)."/"; } $title.= $productSupplier->fourn_qty.' '.($productSupplier->fourn_qty == 1 ? $langs->trans("Unit") : $langs->trans("Units")); - + if ($productSupplier->fourn_qty > 1) { $title.=" - "; @@ -84,19 +84,19 @@ if ($idprod > 0) $title.= price($productSupplier->fourn_unitcharges,0,$langs,0,0,-1,$conf->currency); $price += $productSupplier->fourn_unitcharges; } - + $label = price($price,0,$langs,0,0,-1,$conf->currency)."/".$langs->trans("Unit"); if ($productSupplier->fourn_ref) $label.=' ('.$productSupplier->fourn_ref.')'; - + $prices[] = array("id" => $productSupplier->product_fourn_price_id, "price" => price2num($price,0,'',0), "label" => $label, "title" => $title); // For price field, we must use price2num(), for label or title, price() } } - + // Add price for costprice $price=$producttmp->cost_price; $prices[] = array("id" => 'costprice', "price" => price2num($price), "label" => $langs->trans("CostPrice").': '.price($price,0,$langs,0,0,-1,$conf->currency), "title" => $langs->trans("PMPValueShort").': '.price($price,0,$langs,0,0,-1,$conf->currency)); // For price field, we must use price2num(), for label or title, price() - if(!empty($conf->stock->enabled)) + if(!empty($conf->stock->enabled)) { // Add price for pmp $price=$producttmp->pmp; diff --git a/htdocs/holiday/list.php b/htdocs/holiday/list.php index 1ab8fbd785f..9523d489256 100644 --- a/htdocs/holiday/list.php +++ b/htdocs/holiday/list.php @@ -66,7 +66,7 @@ $year_end = GETPOST('year_end'); $search_employe = GETPOST('search_employe'); $search_valideur = GETPOST('search_valideur'); $search_statut = GETPOST('select_statut'); -$type = GETPOST('type','int'); +$type = GETPOST('type','int'); // List of fields to search into when doing a "search in all" $fieldstosearchall = array( @@ -82,7 +82,7 @@ $fieldstosearchall = array( * Actions */ -if (GETPOST("button_removefilter_x") || GETPOST("button_removefilter.x") || GETPOST("button_removefilter")) // Both test are required to be compatible with all browsers +if (GETPOST("button_removefilter_x") || GETPOST("button_removefilter.x") || GETPOST("button_removefilter")) // All tests are required to be compatible with all browsers { $search_ref=""; $month_create=""; @@ -168,7 +168,7 @@ if($year_create > 0) { } } else { if($month_create > 0) { - $filter.= " AND date_format(cp.date_create, '%m') = '$month_create'"; + $filter.= " AND date_format(cp.date_create, '%m') = '".$db->escape($month_create)."'"; } } @@ -313,7 +313,7 @@ print ''; // DATE CREATE print '
'; @@ -409,7 +409,7 @@ if (! empty($holiday->holiday)) $userstatic->login=$infos_CP['user_login']; $userstatic->statut=$infos_CP['user_statut']; $userstatic->photo=$infos_CP['user_photo']; - + // Valideur $approbatorstatic->id=$infos_CP['fk_validator']; $approbatorstatic->lastname=$infos_CP['validator_lastname']; @@ -417,7 +417,7 @@ if (! empty($holiday->holiday)) $approbatorstatic->login=$infos_CP['validator_login']; $approbatorstatic->statut=$infos_CP['validator_statut']; $approbatorstatic->photo=$infos_CP['validator_photo']; - + $date = $infos_CP['date_create']; print ''; diff --git a/htdocs/main.inc.php b/htdocs/main.inc.php index 7e52b454f97..2806f2d06a0 100644 --- a/htdocs/main.inc.php +++ b/htdocs/main.inc.php @@ -97,8 +97,9 @@ function test_sql_and_script_inject($val, $type) $sql_inj += preg_match('/
'.$langs->trans("Receive").'
'.$langs->trans("DeliveryDate").''; From 848f70e02638494346336b7defde28eda9088988 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Wed, 14 Jun 2017 10:37:40 +0200 Subject: [PATCH 66/75] Fix bad merge --- htdocs/theme/md/style.css.php | 13 -- htdocs/user/index.php | 358 +--------------------------------- 2 files changed, 2 insertions(+), 369 deletions(-) diff --git a/htdocs/theme/md/style.css.php b/htdocs/theme/md/style.css.php index f4f29695dbc..60c52e8683f 100644 --- a/htdocs/theme/md/style.css.php +++ b/htdocs/theme/md/style.css.php @@ -2378,15 +2378,6 @@ table.liste, table.noborder, table.formdoc, div.noborder { border-bottom-style: solid; margin: 0px 0px 8px 0px; -<<<<<<< HEAD -======= - /* - -moz-box-shadow: 2px 2px 4px #CCC; - -webkit-box-shadow: 2px 2px 4px #CCC; - box-shadow: 2px 2px 4px #CCC; - */ - /* box-shadow: 0 0 3px rgba(0,0,0,0.16); */ ->>>>>>> branch '4.0' of git@github.com:Dolibarr/dolibarr.git -moz-border-radius: 0.1em; -webkit-border-radius: 0.1em; @@ -4532,11 +4523,7 @@ img.demothumb { } @media only screen and (max-width: 767px) { -<<<<<<< HEAD .imgopensurveywizard, .imgautosize { width:95%; height: auto; } -======= - .imgopensurveywizard { width:95%; height: auto; } ->>>>>>> branch '4.0' of git@github.com:Dolibarr/dolibarr.git #tooltip { position: absolute; diff --git a/htdocs/user/index.php b/htdocs/user/index.php index 3f364fb8180..04871f110e9 100644 --- a/htdocs/user/index.php +++ b/htdocs/user/index.php @@ -251,89 +251,8 @@ if (! $result) exit; } -<<<<<<< HEAD $num = $db->num_rows($result); -======= - $param=''; - if (! empty($contextpage) && $contextpage != $_SERVER["PHP_SELF"]) $param.='&contextpage='.$contextpage; - if ($limit > 0 && $limit != $conf->liste_limit) $param.='&limit='.$limit; - if ($sall != '') $param.='&sall='.urlencode($sall); - if ($search_user != '') $param.="&search_user=".$search_user; - if ($search_login != '') $param.="&search_login=".$search_login; - if ($search_lastname != '') $param.="&search_lastname=".$search_lastname; - if ($search_firstname != '') $param.="&search_firstname=".$search_firstname; - if ($search_gender != '') $param.="&search_gender=".$search_gender; - if ($search_employee != '') $param.="&search_employee=".$search_employee; - if ($search_accountancy_code != '') $param.="&search_accountancy_code=".$search_accountancy_code; - if ($search_email != '') $param.="&search_email=".$search_email; - if ($search_supervisor > 0) $param.="&search_supervisor=".$search_supervisor; - if ($search_statut != '') $param.="&search_statut=".$search_statut; - if ($optioncss != '') $param.='&optioncss='.$optioncss; - // Add $param from extra fields - foreach ($search_array_options as $key => $val) - { - $crit=$val; - $tmpkey=preg_replace('/search_options_/','',$key); - if ($val != '') $param.='&search_options_'.$tmpkey.'='.urlencode($val); - } - - print ''."\n"; - if ($optioncss != '') print ''; - print ''; - print ''; - print ''; - print ''; - - if ($sall) - { - foreach($fieldstosearchall as $key => $val) $fieldstosearchall[$key]=$langs->trans($val); - print $langs->trans("FilterOnInto", $sall) . join(', ',$fieldstosearchall); - } - - $moreforfilter=''; - - $varpage=empty($contextpage)?$_SERVER["PHP_SELF"]:$contextpage; - $selectedfields=$form->multiSelectArrayWithCheckbox('selectedfields', $arrayfields, $varpage); // This also change content of $arrayfields - - print ''; - print ''; - if (! empty($arrayfields['u.login']['checked'])) print_liste_field_titre($langs->trans("Login"),$_SERVER['PHP_SELF'],"u.login",$param,"","",$sortfield,$sortorder); - if (! empty($arrayfields['u.lastname']['checked'])) print_liste_field_titre($langs->trans("Lastname"),$_SERVER['PHP_SELF'],"u.lastname",$param,"","",$sortfield,$sortorder); - if (! empty($arrayfields['u.firstname']['checked'])) print_liste_field_titre($langs->trans("FirstName"),$_SERVER['PHP_SELF'],"u.firstname",$param,"","",$sortfield,$sortorder); - if (! empty($arrayfields['u.gender']['checked'])) print_liste_field_titre($langs->trans("Gender"),$_SERVER['PHP_SELF'],"u.gender",$param,"","",$sortfield,$sortorder); - if (! empty($arrayfields['u.employee']['checked'])) print_liste_field_titre($langs->trans("Employee"),$_SERVER['PHP_SELF'],"u.employee",$param,"","",$sortfield,$sortorder); - if (! empty($arrayfields['u.accountancy_code']['checked'])) print_liste_field_titre($langs->trans("AccountancyCode"),$_SERVER['PHP_SELF'],"u.accountancy_code",$param,"","",$sortfield,$sortorder); - if (! empty($arrayfields['u.email']['checked'])) print_liste_field_titre($langs->trans("EMail"),$_SERVER['PHP_SELF'],"u.email",$param,"","",$sortfield,$sortorder); - if (! empty($arrayfields['u.fk_soc']['checked'])) print_liste_field_titre($langs->trans("Company"),$_SERVER['PHP_SELF'],"u.fk_soc",$param,"","",$sortfield,$sortorder); - if (! empty($arrayfields['u.entity']['checked'])) print_liste_field_titre($langs->trans("Entity"),$_SERVER['PHP_SELF'],"u.entity",$param,"","",$sortfield,$sortorder); - if (! empty($arrayfields['u.fk_user']['checked'])) print_liste_field_titre($langs->trans("HierarchicalResponsible"),$_SERVER['PHP_SELF'],"u.fk_user",$param,"","",$sortfield,$sortorder); - if (! empty($arrayfields['u.datelastlogin']['checked'])) print_liste_field_titre($langs->trans("LastConnexion"),$_SERVER['PHP_SELF'],"u.datelastlogin",$param,"",'align="center"',$sortfield,$sortorder); - if (! empty($arrayfields['u.datepreviouslogin']['checked'])) print_liste_field_titre($langs->trans("PreviousConnexion"),$_SERVER['PHP_SELF'],"u.datepreviouslogin",$param,"",'align="center"',$sortfield,$sortorder); - // Extra fields - if (is_array($extrafields->attribute_label) && count($extrafields->attribute_label)) - { - foreach($extrafields->attribute_label as $key => $val) - { - if (! empty($arrayfields["ef.".$key]['checked'])) - { - $align=$extrafields->getAlignFlag($key); - print_liste_field_titre($extralabels[$key],$_SERVER["PHP_SELF"],"ef.".$key,"",$param,($align?'align="'.$align.'"':''),$sortfield,$sortorder); - } - } - } - // Hook fields - $parameters=array('arrayfields'=>$arrayfields); - $reshook=$hookmanager->executeHooks('printFieldListTitle',$parameters); // Note that $action and $object may have been modified by hook - print $hookmanager->resPrint; - if (! empty($arrayfields['u.datec']['checked'])) print_liste_field_titre($langs->trans("DateCreationShort"),$_SERVER["PHP_SELF"],"u.datec","",$param,'align="center" class="nowrap"',$sortfield,$sortorder); - if (! empty($arrayfields['u.tms']['checked'])) print_liste_field_titre($langs->trans("DateModificationShort"),$_SERVER["PHP_SELF"],"u.tms","",$param,'align="center" class="nowrap"',$sortfield,$sortorder); - if (! empty($arrayfields['u.statut']['checked'])) print_liste_field_titre($langs->trans("Status"),$_SERVER["PHP_SELF"],"u.statut","",$param,'align="center"',$sortfield,$sortorder); - print_liste_field_titre($selectedfields, $_SERVER["PHP_SELF"],"",'','','align="right"',$sortfield,$sortorder,'maxwidthsearch '); - print "\n"; ->>>>>>> branch '4.0' of git@github.com:Dolibarr/dolibarr.git - -<<<<<<< HEAD if ($num == 1 && ! empty($conf->global->MAIN_SEARCH_DIRECT_OPEN_IF_ONLY_ONE) && $sall) { $obj = $db->fetch_object($resql); @@ -497,69 +416,6 @@ if (is_array($extrafields->attribute_label) && count($extrafields->attribute_lab $typeofextrafield=$extrafields->attribute_type[$key]; print ''; - if (! empty($arrayfields['u.login']['checked'])) - { - print ''; - } - if (! empty($arrayfields['u.lastname']['checked'])) - { - print ''; - } - if (! empty($arrayfields['u.firstname']['checked'])) - { - print ''; - } - if (! empty($arrayfields['u.gender']['checked'])) - { - print ''; - } - if (! empty($arrayfields['u.employee']['checked'])) - { - print ''; - } - if (! empty($arrayfields['u.accountancy_code']['checked'])) - { - print ''; - } - if (! empty($arrayfields['u.email']['checked'])) - { - print ''; - } - if (! empty($arrayfields['u.fk_soc']['checked'])) - { - print ''; - } - if (! empty($arrayfields['u.entity']['checked'])) - { - print ''; - } - if (! empty($arrayfields['u.fk_user']['checked'])) - { - print ''; - } - if (! empty($arrayfields['u.datelastlogin']['checked'])) - { - print ''; - } - if (! empty($arrayfields['u.datepreviouslogin']['checked'])) - { - print ''; - } - // Extra fields - if (is_array($extrafields->attribute_label) && count($extrafields->attribute_label)) - { - foreach($extrafields->attribute_label as $key => $val) - { - if (! empty($arrayfields["ef.".$key]['checked'])) ->>>>>>> branch '4.0' of git@github.com:Dolibarr/dolibarr.git { $crit=$val; $tmpkey=preg_replace('/search_options_/','',$key); @@ -791,222 +647,12 @@ while ($i < min($num,$limit)) print ''; } // Action column -<<<<<<< HEAD - print ''; -======= - print ''; ->>>>>>> branch '4.0' of git@github.com:Dolibarr/dolibarr.git print "\n"; -<<<<<<< HEAD + $i++; -======= - - $user2=new User($db); - - $var=True; - //while ($i < min($num,$conf->liste_limit)) - while ($i < $num) - { - $obj = $db->fetch_object($result); - $var=!$var; - - $userstatic->id=$obj->rowid; - $userstatic->ref=$obj->label; - $userstatic->login=$obj->login; - $userstatic->statut=$obj->statut; - $userstatic->email=$obj->email; - $userstatic->gender=$obj->gender; - $userstatic->societe_id=$obj->fk_soc; - $userstatic->firstname=$obj->firstname; - $userstatic->lastname=$obj->lastname; - $userstatic->employee=$obj->employee; - $userstatic->photo=$obj->photo; - - $li=$userstatic->getNomUrl(-1,'',0,0,24,1,'login'); - - print ""; - if (! empty($arrayfields['u.login']['checked'])) - { - print ''; - } - if (! empty($arrayfields['u.lastname']['checked'])) - { - print ''; - } - if (! empty($arrayfields['u.firstname']['checked'])) - { - print ''; - } - if (! empty($arrayfields['u.gender']['checked'])) - { - print ''; - } - if (! empty($arrayfields['u.employee']['checked'])) - { - print ''; - } - if (! empty($arrayfields['u.accountancy_code']['checked'])) - { - print ''; - } - if (! empty($arrayfields['u.email']['checked'])) - { - print ''; - } - if (! empty($arrayfields['u.fk_soc']['checked'])) - { - print "'; - } - // Multicompany enabled - if (! empty($conf->multicompany->enabled) && empty($conf->multicompany->transverse_mode)) - { - if (! empty($arrayfields['u.entity']['checked'])) - { - print ''; - } - } - // Supervisor - if (! empty($arrayfields['u.fk_user']['checked'])) - { - // Resp - print ''; - } - - // Date last login - if (! empty($arrayfields['u.datelastlogin']['checked'])) - { - print ''; - } - // Date previous login - if (! empty($arrayfields['u.datepreviouslogin']['checked'])) - { - print ''; - } - - // Extra fields - if (is_array($extrafields->attribute_label) && count($extrafields->attribute_label)) - { - foreach($extrafields->attribute_label as $key => $val) - { - if (! empty($arrayfields["ef.".$key]['checked'])) - { - print 'getAlignFlag($key); - if ($align) print ' align="'.$align.'"'; - print '>'; - $tmpkey='options_'.$key; - print $extrafields->showOutputField($key, $obj->$tmpkey, '', 1); - print ''; - } - } - } - // Fields from hook - $parameters=array('arrayfields'=>$arrayfields, 'obj'=>$obj); - $reshook=$hookmanager->executeHooks('printFieldListValue',$parameters); // Note that $action and $object may have been modified by hook - print $hookmanager->resPrint; - // Date creation - if (! empty($arrayfields['u.datec']['checked'])) - { - print ''; - } - // Date modification - if (! empty($arrayfields['u.tms']['checked'])) - { - print ''; - } - // Status - if (! empty($arrayfields['u.statut']['checked'])) - { - $userstatic->statut=$obj->statut; - print ''; - } - // Action column - print ''; - - print "\n"; - $i++; - } - - $parameters=array('arrayfields'=>$arrayfields, 'sql'=>$sql); - $reshook=$hookmanager->executeHooks('printFieldListFooter',$parameters); // Note that $action and $object may have been modified by hook - print $hookmanager->resPrint; - - print "
'; if (in_array($typeofextrafield, array('varchar', 'int', 'double', 'select'))) -======= - // Search bar - print '
'; - $arraygender=array('man'=>$langs->trans("Genderman"),'woman'=>$langs->trans("Genderwoman")); - print $form->selectarray('search_gender', $arraygender, $search_gender, 1); - print ''; - print $form->selectyesno('search_employee', $search_employee, 1, false, 1); - print ''.$userstatic->getLibStatut(3).''; - $searchpitco=$form->showFilterAndCheckAddButtons(0); - print $searchpitco; + print ''; print '
'; - print $li; - if (! empty($conf->multicompany->enabled) && $obj->admin && ! $obj->entity) - { - print img_picto($langs->trans("SuperAdministrator"),'redstar'); - } - else if ($obj->admin) - { - print img_picto($langs->trans("Administrator"),'star'); - } - print ''.$obj->lastname.''.$obj->firstname.''; - if ($obj->gender) print $langs->trans("Gender".$obj->gender); - print ''.yn($obj->employee).''.$obj->accountancy_code.''.$obj->email.'"; - if ($obj->fk_soc) - { - $companystatic->id=$obj->fk_soc; - $companystatic->name=$obj->name; - $companystatic->canvas=$obj->canvas; - print $companystatic->getNomUrl(1); - } - else if ($obj->ldap_sid) - { - print $langs->trans("DomainUser"); - } - else - { - print $langs->trans("InternalUser"); - } - print ''; - if (! $obj->entity) - { - print $langs->trans("AllEntities"); - } - else - { - // $mc is defined in conf.class.php if multicompany enabled. - if (is_object($mc)) - { - $mc->getInfo($obj->entity); - print $mc->label; - } - } - print ''; - if ($obj->login2) - { - $user2->id=$obj->id2; - $user2->login=$obj->login2; - $user2->lastname=$obj->lastname2; - $user2->firstname=$obj->firstname2; - $user2->gender=$obj->gender2; - $user2->photo=$obj->photo2; - $user2->admin=$obj->admin2; - $user2->email=$obj->email2; - $user2->societe_id=$obj->fk_soc2; - print $user2->getNomUrl(-1,'',0,0,24,0,''); - if (! empty($conf->multicompany->enabled) && $obj->admin2 && ! $obj->entity2) - { - print img_picto($langs->trans("SuperAdministrator"),'redstar'); - } - else if ($obj->admin2) - { - print img_picto($langs->trans("Administrator"),'star'); - } - } - print ''.dol_print_date($db->jdate($obj->datelastlogin),"dayhour").''.dol_print_date($db->jdate($obj->datepreviouslogin),"dayhour").''; - print dol_print_date($db->jdate($obj->date_creation), 'dayhour'); - print ''; - print dol_print_date($db->jdate($obj->date_update), 'dayhour'); - print ''.$userstatic->getLibStatut(3).'
"; - print "\n"; - $db->free($result); ->>>>>>> branch '4.0' of git@github.com:Dolibarr/dolibarr.git } $parameters=array('arrayfields'=>$arrayfields, 'sql'=>$sql); From 333304934102fd3afec2ccf5e2d2ff6e400a7205 Mon Sep 17 00:00:00 2001 From: phf Date: Thu, 15 Jun 2017 11:11:49 +0200 Subject: [PATCH 67/75] Fix total aren't aligned --- htdocs/compta/facture.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/htdocs/compta/facture.php b/htdocs/compta/facture.php index 9bb97d8ff0b..2d0208d0c2b 100644 --- a/htdocs/compta/facture.php +++ b/htdocs/compta/facture.php @@ -3524,7 +3524,7 @@ else if ($id > 0 || ! empty($ref)) } print '
' . price($total_prev_ht) . '' . price($total_prev_ttc) . ' 
' . price($total_next_ht) . '' . price($total_next_ttc) . ' 
'; -echo dol_escape_htmltag($title); +echo dol_escape_htmltag($title); if ($disablenofollow) echo ''; ?>
'; -print ''; +print ''; $formother->select_year($year_create,'year_create',1, $min_year, 0); print '