lainwir3d/dolibarr
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge branch 'develop_HUSCH' into develop_#21761

Browse Source
This commit is contained in:
Christian Humpel 2022-08-18 00:01:37 +02:00 committed by GitHub
commit 9db7c210df
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
113 changed files with 875 additions and 953 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
dev/resources/iso-normes/vat_number_names.txt → dev/resources/iso-normes/tax/vat_number_names.txt
View File

@ -4,4 +4,5 @@ terms
(en) VAT = Value Added Tax
(fr) TVA = Taxe sur la Valeur Ajouté
(es) NIF / CIF
(de) USt / MwSt
(de) USt / MwSt = UmsatzSteuer / Mehrwertsteuer
(it) IVA

10
dev/resources/iso-normes/tax/world_tax_rates.txt Normal file
View File

@ -0,0 +1,10 @@
VAT Rates
---------
https://www.taxrates.cc/index.html
https://en.wikipedia.org/wiki/List_of_countries_by_tax_rates
For India: VAT=IGST / CGST=Localtax1 / SGST=Localtax2
see:
https://cleartax.in/s/what-is-sgst-cgst-igst
https://www.mastersindia.co/blog/what-is-cgst-sgst-igst-and-ugst/

8
dev/resources/iso-normes/world_tax_rates.txt
View File

@ -1,8 +0,0 @@
VAT Rates
---------
http://www.taxrates.cc/index.html
https://en.wikipedia.org/wiki/List_of_countries_by_tax_rates
For India: VAT=IGST/CGST=Localtax1/SGST=Localtax2: https://cleartax.in/s/what-is-sgst-cgst-igst

8
htdocs/accountancy/admin/account.php
View File

@ -52,8 +52,8 @@ $confirm = GETPOST('confirm', 'alpha');
$chartofaccounts = GETPOST('chartofaccounts', 'int');
$permissiontoadd = !empty($user->rights->accounting->chartofaccount);
$permissiontodelete = !empty($user->rights->accounting->chartofaccount);
$permissiontoadd = $user->hasRight('accounting', 'chartofaccount');
$permissiontodelete = $user->hasRight('accounting', 'chartofaccount');
// Security check
if ($user->socid > 0) {
@ -294,7 +294,7 @@ if (empty($conf->global->MAIN_DISABLE_FULL_SCANLIST)) {
}
// List of mass actions available
if ($user->rights->accounting->chartofaccount) {
if ($user->hasRight('accounting', 'chartofaccount')) {
$arrayofmassactions['predelete'] = '<span class="fa fa-trash paddingrightonly"></span>'.$langs->trans("Delete");
}
if (in_array($massaction, array('presend', 'predelete', 'closed'))) {
@ -590,7 +590,7 @@ if ($resql) {
// Action
print '<td class="center nowraponall">';
if ($user->rights->accounting->chartofaccount) {
if ($user->hasRight('accounting', 'chartofaccount')) {
print '<a class="editfielda" href="./card.php?action=update&token='.newToken().'&id='.$obj->rowid.'&backtopage='.urlencode($_SERVER["PHP_SELF"].'?'.$param).'">';
print img_edit();
print '</a>';

4
htdocs/accountancy/admin/accountmodel.php
View File

@ -39,7 +39,7 @@ require_once DOL_DOCUMENT_ROOT.'/core/lib/admin.lib.php';
require_once DOL_DOCUMENT_ROOT.'/core/lib/functions2.lib.php';
require_once DOL_DOCUMENT_ROOT.'/core/class/doleditor.class.php';
require_once DOL_DOCUMENT_ROOT.'/core/lib/accounting.lib.php';
if (!empty($conf->accounting->enabled)) {
if (isModEnabled('accounting')) {
require_once DOL_DOCUMENT_ROOT.'/core/class/html.formaccounting.class.php';
}
@ -126,7 +126,7 @@ $tabrowid[31] = "";
// Condition to show dictionary in setup page
$tabcond = array();
$tabcond[31] = !empty($conf->accounting->enabled);
$tabcond[31] = isModEnabled('accounting');
// List of help for fields
$tabhelp = array();

10
htdocs/accountancy/admin/card.php
View File

@ -66,7 +66,7 @@ if (GETPOST('cancel', 'alpha')) {
exit;
}
if ($action == 'add' && $user->rights->accounting->chartofaccount) {
if ($action == 'add' && $user->hasRight('accounting', 'chartofaccount')) {
if (!$cancel) {
if (!$account_number) {
setEventMessages($langs->trans("ErrorFieldRequired", $langs->transnoentities("AccountNumber")), null, 'errors');
@ -127,7 +127,7 @@ if ($action == 'add' && $user->rights->accounting->chartofaccount) {
}
}
}
} elseif ($action == 'edit' && $user->rights->accounting->chartofaccount) {
} elseif ($action == 'edit' && $user->hasRight('accounting', 'chartofaccount')) {
if (!$cancel) {
if (!$account_number) {
setEventMessages($langs->trans("ErrorFieldRequired", $langs->transnoentities("AccountNumber")), null, 'errors');
@ -184,7 +184,7 @@ if ($action == 'add' && $user->rights->accounting->chartofaccount) {
header("Location: ".$urltogo);
exit();
}
} elseif ($action == 'delete' && $user->rights->accounting->chartofaccount) {
} elseif ($action == 'delete' && $user->hasRight('accounting', 'chartofaccount')) {
$result = $object->fetch($id);
if (!empty($object->id)) {
@ -419,13 +419,13 @@ if ($action == 'create') {
*/
print '<div class="tabsAction">';
if (!empty($user->rights->accounting->chartofaccount)) {
if ($user->hasRight('accounting', 'chartofaccount')) {
print '<a class="butAction" href="'.$_SERVER["PHP_SELF"].'?action=update&token='.newToken().'&id='.$object->id.'">'.$langs->trans('Modify').'</a>';
} else {
print '<a class="butActionRefused classfortooltip" href="#" title="'.dol_escape_htmltag($langs->trans("NotAllowed")).'">'.$langs->trans('Modify').'</a>';
}
if (!empty($user->rights->accounting->chartofaccount)) {
if ($user->hasRight('accounting', 'chartofaccount')) {
print '<a class="butActionDelete" href="'.$_SERVER["PHP_SELF"].'?action=delete&token='.newToken().'&id='.$object->id.'">'.$langs->trans('Delete').'</a>';
} else {
print '<a class="butActionRefused classfortooltip" href="#" title="'.dol_escape_htmltag($langs->trans("NotAllowed")).'">'.$langs->trans('Delete').'</a>';

4
htdocs/accountancy/admin/categories_list.php
View File

@ -111,7 +111,7 @@ $tabrowid[32] = "";
// Condition to show dictionary in setup page
$tabcond = array();
$tabcond[32] = !empty($conf->accounting->enabled);
$tabcond[32] = isModEnabled('accounting');
// List of help for fields
$tabhelp = array();
@ -875,7 +875,7 @@ function fieldListAccountingCategories($fieldlist, $obj = '', $tabname = '', $co
$formadmin = new FormAdmin($db);
$formcompany = new FormCompany($db);
if (!empty($conf->accounting->enabled)) {
if (isModEnabled('accounting')) {
$formaccounting = new FormAccounting($db);
}

12
htdocs/accountancy/admin/defaultaccounts.php
View File

@ -81,22 +81,22 @@ $list_account[] = '---Others---';
$list_account[] = 'ACCOUNTING_VAT_BUY_ACCOUNT';
$list_account[] = 'ACCOUNTING_VAT_SOLD_ACCOUNT';
$list_account[] = 'ACCOUNTING_VAT_PAY_ACCOUNT';
if (!empty($conf->banque->enabled)) {
if (isModEnabled('banque')) {
$list_account[] = 'ACCOUNTING_ACCOUNT_TRANSFER_CASH';
}
if (!empty($conf->don->enabled)) {
if (isModEnabled('don')) {
$list_account[] = 'DONATION_ACCOUNTINGACCOUNT';
}
if (!empty($conf->adherent->enabled)) {
if (isModEnabled('adherent')) {
$list_account[] = 'ADHERENT_SUBSCRIPTION_ACCOUNTINGACCOUNT';
}
if (!empty($conf->loan->enabled)) {
if (isModEnabled('loan')) {
$list_account[] = 'LOAN_ACCOUNTING_ACCOUNT_CAPITAL';
$list_account[] = 'LOAN_ACCOUNTING_ACCOUNT_INTEREST';
$list_account[] = 'LOAN_ACCOUNTING_ACCOUNT_INSURANCE';
}
$list_account[] = 'ACCOUNTING_ACCOUNT_SUSPENSE';
if (!empty($conf->societe->enabled)) {
if (isModEnabled('societe')) {
$list_account[] = '---Deposits---';
}
@ -266,7 +266,7 @@ print $formaccounting->select_account(getDolGlobalString('ACCOUNTING_ACCOUNT_CUS
print '</td>';
print '</tr>';
if (!empty($conf->societe->enabled) && getDolGlobalString('ACCOUNTING_ACCOUNT_CUSTOMER_DEPOSIT') && getDolGlobalString('ACCOUNTING_ACCOUNT_CUSTOMER_DEPOSIT') != '-1') {
if (isModEnabled('societe') && getDolGlobalString('ACCOUNTING_ACCOUNT_CUSTOMER_DEPOSIT') && getDolGlobalString('ACCOUNTING_ACCOUNT_CUSTOMER_DEPOSIT') != '-1') {
print '<tr class="oddeven">';
print '<td>' . img_picto('', 'bill', 'class="pictofixedwidth"') . $langs->trans("UseAuxiliaryAccountOnCustomerDeposit") . '</td>';
if (getDolGlobalInt('ACCOUNTING_ACCOUNT_CUSTOMER_USE_AUXILIARY_ON_DEPOSIT')) {

2
htdocs/accountancy/admin/fiscalyear.php
View File

@ -121,7 +121,7 @@ if ($result) {
$i = 0;
$addbutton .= dolGetButtonTitle($langs->trans('NewFiscalYear'), '', 'fa fa-plus-circle', 'fiscalyear_card.php?action=create', '', $user->rights->accounting->fiscalyear->write);
$addbutton .= dolGetButtonTitle($langs->trans('NewFiscalYear'), '', 'fa fa-plus-circle', 'fiscalyear_card.php?action=create', '', $user->hasRight('accounting', 'fiscalyear', 'write'));
$title = $langs->trans('AccountingPeriods');

2
htdocs/accountancy/admin/fiscalyear_card.php
View File

@ -299,7 +299,7 @@ if ($action == 'create') {
/*
* Action bar
*/
if (!empty($user->rights->accounting->fiscalyear->write)) {
if ($user->hasRight('accounting', 'fiscalyear', 'write')) {
print '<div class="tabsAction">';
print '<a class="butAction" href="'.$_SERVER["PHP_SELF"].'?action=edit&token='.newToken().'&id='.$id.'">'.$langs->trans('Modify').'</a>';

2
htdocs/accountancy/admin/journals_list.php
View File

@ -123,7 +123,7 @@ $tabrowid[35] = "";
// Condition to show dictionary in setup page
$tabcond = array();
$tabcond[35] = !empty($conf->accounting->enabled);
$tabcond[35] = isModEnabled('accounting');
// List of help for fields
$tabhelp = array();

2
htdocs/accountancy/admin/productaccount.php
View File

@ -522,7 +522,7 @@ if ($resql) {
// Filter on categories
$moreforfilter = '';
if (!empty($conf->categorie->enabled) && $user->rights->categorie->lire) {
if (!empty($conf->categorie->enabled) && $user->hasRight('categorie', 'lire')) {
$moreforfilter .= '<div class="divsearchfield">';
$moreforfilter .= img_picto($langs->trans('Categories'), 'category', 'class="pictofixedwidth"');
$categoriesProductArr = $form->select_all_categories(Categorie::TYPE_PRODUCT, '', '', 64, 0, 1);

2
htdocs/accountancy/bookkeeping/balance.php
View File

@ -142,7 +142,7 @@ if (!empty($search_ledger_code)) {
}
}
if (empty($conf->accounting->enabled)) {
if (!isModEnabled('accounting')) {
accessforbidden();
}
if ($user->socid > 0) {

2
htdocs/accountancy/bookkeeping/card.php
View File

@ -79,7 +79,7 @@ if (!empty($update)) {
$object = new BookKeeping($db);
// Security check
if (empty($conf->accounting->enabled)) {
if (!isModEnabled('accounting')) {
accessforbidden();
}
if ($user->socid > 0) {

2
htdocs/accountancy/bookkeeping/list.php
View File

@ -214,7 +214,7 @@ if (empty($listofformat[$formatexportset])) {
$error = 0;
if (empty($conf->accounting->enabled)) {
if (!isModEnabled('accounting')) {
accessforbidden();
}
if ($user->socid > 0) {

2
htdocs/accountancy/bookkeeping/listbyaccount.php
View File

@ -187,7 +187,7 @@ if ($search_date_end && empty($search_date_endyear)) {
$search_date_endday = $tmparray['mday'];
}
if (empty($conf->accounting->enabled)) {
if (!isModEnabled('accounting')) {
accessforbidden();
}
if ($user->socid > 0) {

2
htdocs/accountancy/class/accountingjournal.class.php
View File

@ -429,7 +429,7 @@ class AccountingJournal extends CommonObject
{
global $conf, $langs;
if (empty($conf->asset->enabled)) {
if (!isModEnabled('asset')) {
return array();
}

4
htdocs/accountancy/closure/index.php
View File

@ -57,7 +57,7 @@ $search_date_end = dol_get_last_day($year_end, $month_end);
$year_current = $year_start;
// Security check
if (empty($conf->accounting->enabled)) {
if (!isModEnabled('accounting')) {
accessforbidden();
}
if ($user->socid > 0) {
@ -75,7 +75,7 @@ if (empty($user->rights->accounting->fiscalyear->write)) {
$now = dol_now();
if ($action == 'validate_movements_confirm' && !empty($user->rights->accounting->fiscalyear->write)) {
if ($action == 'validate_movements_confirm' && $user->hasRight('accounting', 'fiscalyear', 'write')) {
$date_start = dol_mktime(0, 0, 0, GETPOST('date_startmonth', 'int'), GETPOST('date_startday', 'int'), GETPOST('date_startyear', 'int'));
$date_end = dol_mktime(23, 59, 59, GETPOST('date_endmonth', 'int'), GETPOST('date_endday', 'int'), GETPOST('date_endyear', 'int'));

2
htdocs/accountancy/customer/card.php
View File

@ -38,7 +38,7 @@ $codeventil = GETPOST('codeventil', 'int');
$id = GETPOST('id', 'int');
// Security check
if (empty($conf->accounting->enabled)) {
if (!isModEnabled('accounting')) {
accessforbidden();
}
if ($user->socid > 0) {

6
htdocs/accountancy/customer/index.php
View File

@ -40,7 +40,7 @@ $validatemonth = GETPOST('validatemonth', 'int');
$validateyear = GETPOST('validateyear', 'int');
// Security check
if (empty($conf->accounting->enabled)) {
if (!isModEnabled('accounting')) {
accessforbidden();
}
if ($user->socid > 0) {
@ -77,7 +77,7 @@ $action = GETPOST('action', 'aZ09');
$chartaccountcode = dol_getIdFromCode($db, $conf->global->CHARTOFACCOUNTS, 'accounting_system', 'rowid', 'pcg_version');
// Security check
if (empty($conf->accounting->enabled)) {
if (!isModEnabled('accounting')) {
accessforbidden();
}
if ($user->socid > 0) {
@ -622,7 +622,7 @@ if ($conf->global->MAIN_FEATURES_LEVEL > 0) { // This part of code looks strange
print '</div>';
if (!empty($conf->margin->enabled)) {
if (isModEnabled('margin')) {
print "<br>\n";
print '<div class="div-table-responsive-no-min">';
print '<table class="noborder centpercent">';

2
htdocs/accountancy/customer/lines.php
View File

@ -85,7 +85,7 @@ if (!$sortorder) {
}
// Security check
if (empty($conf->accounting->enabled)) {
if (!isModEnabled('accounting')) {
accessforbidden();
}
if ($user->socid > 0) {

2
htdocs/accountancy/customer/list.php
View File

@ -104,7 +104,7 @@ $accountingAccount = new AccountingAccount($db);
$chartaccountcode = dol_getIdFromCode($db, $conf->global->CHARTOFACCOUNTS, 'accounting_system', 'rowid', 'pcg_version');
// Security check
if (empty($conf->accounting->enabled)) {
if (!isModEnabled('accounting')) {
accessforbidden();
}
if ($user->socid > 0) {

2
htdocs/accountancy/expensereport/card.php
View File

@ -42,7 +42,7 @@ $codeventil = GETPOST('codeventil', 'int');
$id = GETPOST('id', 'int');
// Security check
if (empty($conf->accounting->enabled)) {
if (!isModEnabled('accounting')) {
accessforbidden();
}
if ($user->socid > 0) {

2
htdocs/accountancy/expensereport/index.php
View File

@ -58,7 +58,7 @@ $year_current = $year_start;
$action = GETPOST('action', 'aZ09');
// Security check
if (empty($conf->accounting->enabled)) {
if (!isModEnabled('accounting')) {
accessforbidden();
}
if ($user->socid > 0) {

2
htdocs/accountancy/expensereport/lines.php
View File

@ -79,7 +79,7 @@ if (!$sortorder) {
}
// Security check
if (empty($conf->accounting->enabled)) {
if (!isModEnabled('accounting')) {
accessforbidden();
}
if ($user->socid > 0) {

2
htdocs/accountancy/expensereport/list.php
View File

@ -97,7 +97,7 @@ $accounting = new AccountingAccount($db);
$chartaccountcode = dol_getIdFromCode($db, $conf->global->CHARTOFACCOUNTS, 'accounting_system', 'rowid', 'pcg_version');
// Security check
if (empty($conf->accounting->enabled)) {
if (!isModEnabled('accounting')) {
accessforbidden();
}
if ($user->socid > 0) {

2
htdocs/accountancy/index.php
View File

@ -49,7 +49,7 @@ if (empty($user->rights->accounting->mouvements->lire)) {
if (empty($conf->comptabilite->enabled) && empty($conf->accounting->enabled) && empty($conf->asset->enabled) && empty($conf->intracommreport->enabled)) {
accessforbidden();
}
if (empty($user->hasRight('compta', 'resultat', 'lire')) && empty($user->hasRight('accounting', 'comptarapport', 'lire')) && empty($user->hasRight('accounting', 'mouvements', 'lire')) && empty($user->hasRight('asset', 'read')) && empty($user->hasRight('intracommreport', 'read'))) {
if (!$user->hasRight('compta', 'resultat', 'lire') && !$user->hasRight('accounting', 'comptarapport', 'lire') && !$user->hasRight('accounting', 'mouvements', 'lire') && !$user->hasRight('asset', 'read') && !$user->hasRight('intracommreport', 'read')) {
accessforbidden();
}

2
htdocs/accountancy/journal/bankjournal.php
View File

@ -83,7 +83,7 @@ $now = dol_now();
$action = GETPOST('action', 'aZ09');
// Security check
if (empty($conf->accounting->enabled)) {
if (!isModEnabled('accounting')) {
accessforbidden();
}
if ($user->socid > 0) {

2
htdocs/accountancy/journal/expensereportsjournal.php
View File

@ -58,7 +58,7 @@ if ($in_bookkeeping == '') {
$now = dol_now();
// Security check
if (empty($conf->accounting->enabled)) {
if (!isModEnabled('accounting')) {
accessforbidden();
}
if ($user->socid > 0) {

2
htdocs/accountancy/journal/purchasesjournal.php
View File

@ -61,7 +61,7 @@ $hookmanager->initHooks(array('purchasesjournal'));
$parameters = array();
// Security check
if (empty($conf->accounting->enabled)) {
if (!isModEnabled('accounting')) {
accessforbidden();
}
if ($user->socid > 0) {

2
htdocs/accountancy/journal/sellsjournal.php
View File

@ -63,7 +63,7 @@ $hookmanager->initHooks(array('sellsjournal'));
$parameters = array();
// Security check
if (empty($conf->accounting->enabled)) {
if (!isModEnabled('accounting')) {
accessforbidden();
}
if ($user->socid > 0) {

2
htdocs/accountancy/journal/variousjournal.php
View File

@ -83,7 +83,7 @@ if (!is_array($journal_data)) {
}
// Security check
if (empty($conf->accounting->enabled)) {
if (!isModEnabled('accounting')) {
accessforbidden();
}
if ($user->socid > 0) {

2
htdocs/accountancy/supplier/card.php
View File

@ -42,7 +42,7 @@ $codeventil = GETPOST('codeventil', 'int');
$id = GETPOST('id', 'int');
// Security check
if (empty($conf->accounting->enabled)) {
if (!isModEnabled('accounting')) {
accessforbidden();
}
if ($user->socid > 0) {

2
htdocs/accountancy/supplier/lines.php
View File

@ -89,7 +89,7 @@ if (!$sortorder) {
$formaccounting = new FormAccounting($db);
// Security check
if (empty($conf->accounting->enabled)) {
if (!isModEnabled('accounting')) {
accessforbidden();
}
if ($user->socid > 0) {

2
htdocs/accountancy/supplier/list.php
View File

@ -106,7 +106,7 @@ $accountingAccount = new AccountingAccount($db);
$chartaccountcode = dol_getIdFromCode($db, $conf->global->CHARTOFACCOUNTS, 'accounting_system', 'rowid', 'pcg_version');
// Security check
if (empty($conf->accounting->enabled)) {
if (!isModEnabled('accounting')) {
accessforbidden();
}
if ($user->socid > 0) {

2
htdocs/adherents/agenda.php
View File

@ -130,7 +130,7 @@ if ($object->id > 0) {
llxHeader("", $title, $help_url);
if (!empty($conf->notification->enabled)) {
if (isModEnabled('notification')) {
$langs->load("mails");
}
$head = member_prepare_head($object);

2
htdocs/adherents/document.php
View File

@ -128,7 +128,7 @@ if ($id > 0) {
$totalsize += $file['size'];
}
if (!empty($conf->notification->enabled)) {
if (isModEnabled('notification')) {
$langs->load("mails");
}

2
htdocs/adherents/htpasswd.php
View File

@ -33,7 +33,7 @@ $sortfield = GETPOST('sortfield', 'alphanohtml');
$sortorder = GETPOST('sortorder', 'aZ09');
// Security check
if (empty($conf->adherent->enabled)) {
if (!isModEnabled('adherent')) {
accessforbidden();
}
if (empty($user->rights->adherent->export)) {

2
htdocs/adherents/list.php
View File

@ -659,7 +659,7 @@ if ($sall) {
// Filter on categories
$moreforfilter = '';
if (!empty($conf->categorie->enabled) && $user->rights->categorie->lire) {
if (isModEnabled('categorie') && $user->rights->categorie->lire) {
require_once DOL_DOCUMENT_ROOT.'/categories/class/categorie.class.php';
$moreforfilter .= '<div class="divsearchfield">';
$moreforfilter .= img_picto($langs->trans('Categories'), 'category', 'class="pictofixedlength"').$formother->select_categories(Categorie::TYPE_MEMBER, $search_categ, 'search_categ', 1);

2
htdocs/adherents/partnership.php
View File

@ -88,7 +88,7 @@ $upload_dir = $conf->partnership->multidir_output[isset($object->entity) ? $o
if (getDolGlobalString('PARTNERSHIP_IS_MANAGED_FOR') != 'member') {
accessforbidden('Partnership module is not activated for members');
}
if (empty($conf->partnership->enabled)) {
if (!isModEnabled('partnership')) {
accessforbidden();
}
if (empty($permissiontoread)) {

40
htdocs/admin/mails_templates.php
View File

@ -178,63 +178,63 @@ $elementList = array();
$elementList['all'] = '-- '.dol_escape_htmltag($langs->trans("All")).' --';
$elementList['none'] = '-- '.dol_escape_htmltag($langs->trans("None")).' --';
$elementList['user'] = img_picto('', 'user', 'class="paddingright"').dol_escape_htmltag($langs->trans('MailToUser'));
$elementList['user'] = img_picto('', 'user', 'class="pictofixedwidth"').dol_escape_htmltag($langs->trans('MailToUser'));
if (!empty($conf->adherent->enabled) && !empty($user->rights->adherent->lire)) {
$elementList['member'] = img_picto('', 'object_member', 'class="paddingright"').dol_escape_htmltag($langs->trans('MailToMember'));
$elementList['member'] = img_picto('', 'object_member', 'class="pictofixedwidth"').dol_escape_htmltag($langs->trans('MailToMember'));
}
if (!empty($conf->recruitment->enabled) && !empty($user->rights->recruitment->recruitmentjobposition->read)) {
$elementList['recruitmentcandidature_send'] = img_picto('', 'recruitmentcandidature', 'class="paddingright"').dol_escape_htmltag($langs->trans('RecruitmentCandidatures'));
$elementList['recruitmentcandidature_send'] = img_picto('', 'recruitmentcandidature', 'class="pictofixedwidth"').dol_escape_htmltag($langs->trans('RecruitmentCandidatures'));
}
if (!empty($conf->societe->enabled) && !empty($user->rights->societe->lire)) {
$elementList['thirdparty'] = img_picto('', 'company', 'class="paddingright"').dol_escape_htmltag($langs->trans('MailToThirdparty'));
$elementList['thirdparty'] = img_picto('', 'company', 'class="pictofixedwidth"').dol_escape_htmltag($langs->trans('MailToThirdparty'));
}
if (!empty($conf->project->enabled)) {
$elementList['project'] = img_picto('', 'project', 'class="paddingright"').dol_escape_htmltag($langs->trans('MailToProject'));
$elementList['project'] = img_picto('', 'project', 'class="pictofixedwidth"').dol_escape_htmltag($langs->trans('MailToProject'));
}
if (!empty($conf->propal->enabled) && !empty($user->rights->propal->lire)) {
$elementList['propal_send'] = img_picto('', 'propal', 'class="paddingright"').dol_escape_htmltag($langs->trans('MailToSendProposal'));
$elementList['propal_send'] = img_picto('', 'propal', 'class="pictofixedwidth"').dol_escape_htmltag($langs->trans('MailToSendProposal'));
}
if (!empty($conf->commande->enabled) && !empty($user->rights->commande->lire)) {
$elementList['order_send'] = img_picto('', 'order', 'class="paddingright"').dol_escape_htmltag($langs->trans('MailToSendOrder'));
$elementList['order_send'] = img_picto('', 'order', 'class="pictofixedwidth"').dol_escape_htmltag($langs->trans('MailToSendOrder'));
}
if (isModEnabled('facture') && !empty($user->rights->facture->lire)) {
$elementList['facture_send'] = img_picto('', 'bill', 'class="paddingright"').dol_escape_htmltag($langs->trans('MailToSendInvoice'));
$elementList['facture_send'] = img_picto('', 'bill', 'class="pictofixedwidth"').dol_escape_htmltag($langs->trans('MailToSendInvoice'));
}
if (!empty($conf->expedition->enabled)) {
$elementList['shipping_send'] = img_picto('', 'dolly', 'class="paddingright"').dol_escape_htmltag($langs->trans('MailToSendShipment'));
$elementList['shipping_send'] = img_picto('', 'dolly', 'class="pictofixedwidth"').dol_escape_htmltag($langs->trans('MailToSendShipment'));
}
if (!empty($conf->reception->enabled)) {
$elementList['reception_send'] = img_picto('', 'dollyrevert', 'class="paddingright"').dol_escape_htmltag($langs->trans('MailToSendReception'));
$elementList['reception_send'] = img_picto('', 'dollyrevert', 'class="pictofixedwidth"').dol_escape_htmltag($langs->trans('MailToSendReception'));
}
if (!empty($conf->ficheinter->enabled)) {
$elementList['fichinter_send'] = img_picto('', 'intervention', 'class="paddingright"').dol_escape_htmltag($langs->trans('MailToSendIntervention'));
$elementList['fichinter_send'] = img_picto('', 'intervention', 'class="pictofixedwidth"').dol_escape_htmltag($langs->trans('MailToSendIntervention'));
}
if (!empty($conf->supplier_proposal->enabled)) {
$elementList['supplier_proposal_send'] = img_picto('', 'propal', 'class="paddingright"').dol_escape_htmltag($langs->trans('MailToSendSupplierRequestForQuotation'));
$elementList['supplier_proposal_send'] = img_picto('', 'propal', 'class="pictofixedwidth"').dol_escape_htmltag($langs->trans('MailToSendSupplierRequestForQuotation'));
}
if ((!empty($conf->fournisseur->enabled) && !empty($user->rights->fournisseur->commande->lire) && empty($conf->global->MAIN_USE_NEW_SUPPLIERMOD)) || (!empty($conf->supplier_order->enabled) && !empty($user->rights->supplier_order->lire))) {
$elementList['order_supplier_send'] = img_picto('', 'order', 'class="paddingright"').dol_escape_htmltag($langs->trans('MailToSendSupplierOrder'));
$elementList['order_supplier_send'] = img_picto('', 'order', 'class="pictofixedwidth"').dol_escape_htmltag($langs->trans('MailToSendSupplierOrder'));
}
if ((!empty($conf->fournisseur->enabled) && !empty($user->rights->fournisseur->facture->lire) && empty($conf->global->MAIN_USE_NEW_SUPPLIERMOD)) || (!empty($conf->supplier_invoice->enabled) && !empty($user->rights->supplier_invoice->lire))) {
$elementList['invoice_supplier_send'] = img_picto('', 'bill', 'class="paddingright"').dol_escape_htmltag($langs->trans('MailToSendSupplierInvoice'));
$elementList['invoice_supplier_send'] = img_picto('', 'bill', 'class="pictofixedwidth"').dol_escape_htmltag($langs->trans('MailToSendSupplierInvoice'));
}
if (!empty($conf->contrat->enabled) && !empty($user->rights->contrat->lire)) {
$elementList['contract'] = img_picto('', 'contract', 'class="paddingright"').dol_escape_htmltag($langs->trans('MailToSendContract'));
$elementList['contract'] = img_picto('', 'contract', 'class="pictofixedwidth"').dol_escape_htmltag($langs->trans('MailToSendContract'));
}
if (!empty($conf->ticket->enabled) && !empty($user->rights->ticket->read)) {
$elementList['ticket_send'] = img_picto('', 'ticket', 'class="paddingright"').dol_escape_htmltag($langs->trans('MailToTicket'));
$elementList['ticket_send'] = img_picto('', 'ticket', 'class="pictofixedwidth"').dol_escape_htmltag($langs->trans('MailToTicket'));
}
if (!empty($conf->expensereport->enabled) && !empty($user->rights->expensereport->lire)) {
$elementList['expensereport_send'] = img_picto('', 'trip', 'class="paddingright"').dol_escape_htmltag($langs->trans('MailToTExpenseReport'));
$elementList['expensereport_send'] = img_picto('', 'trip', 'class="pictofixedwidth"').dol_escape_htmltag($langs->trans('MailToExpenseReport'));
}
if (isModEnabled('agenda')) {
$elementList['actioncomm_send'] = img_picto('', 'action', 'class="paddingright"').dol_escape_htmltag($langs->trans('MailToSendEventPush'));
$elementList['actioncomm_send'] = img_picto('', 'action', 'class="pictofixedwidth"').dol_escape_htmltag($langs->trans('MailToSendEventPush'));
}
if (!empty($conf->eventorganization->enabled) && !empty($user->rights->eventorganization->read)) {
$elementList['conferenceorbooth'] = img_picto('', 'action', 'class="paddingright"').dol_escape_htmltag($langs->trans('MailToSendEventOrganization'));
$elementList['conferenceorbooth'] = img_picto('', 'action', 'class="pictofixedwidth"').dol_escape_htmltag($langs->trans('MailToSendEventOrganization'));
}
if (!empty($conf->partnership->enabled) && !empty($user->rights->partnership->read)) {
$elementList['partnership_send'] = img_picto('', 'partnership', 'class="paddingright"').dol_escape_htmltag($langs->trans('MailToPartnership'));
$elementList['partnership_send'] = img_picto('', 'partnership', 'class="pictofixedwidth"').dol_escape_htmltag($langs->trans('MailToPartnership'));
}
$parameters = array('elementList'=>$elementList);

53
htdocs/admin/system/security.php
View File

@ -418,6 +418,11 @@ print '<br>';
print load_fiche_titre($langs->trans("OtherSetup"), '', 'folder');
print '<strong>MAIN_ALLOW_SVG_FILES_AS_IMAGES</strong> = '.(empty($conf->global->MAIN_ALLOW_SVG_FILES_AS_IMAGES) ? '0' : $conf->global->MAIN_ALLOW_SVG_FILES_AS_IMAGES).' &nbsp; <span class="opacitymedium">('.$langs->trans("Recommended").': 0)</span><br>';
print '<br>';
print '<strong>MAIN_ALWAYS_CREATE_LOCK_AFTER_LAST_UPGRADE</strong> = '.(empty($conf->global->MAIN_ALWAYS_CREATE_LOCK_AFTER_LAST_UPGRADE) ? '<span class="opacitymedium">'.$langs->trans("Undefined").'</span>' : $conf->global->MAIN_ALWAYS_CREATE_LOCK_AFTER_LAST_UPGRADE).' &nbsp; <span class="opacitymedium">('.$langs->trans("Recommended").': 1)</span><br>';
print '<br>';
//print '<strong>'.$langs->trans("PasswordEncryption").'</strong>: ';
print '<strong>MAIN_SECURITY_HASH_ALGO</strong> = '.(empty($conf->global->MAIN_SECURITY_HASH_ALGO) ? '<span class="opacitymedium">'.$langs->trans("Undefined").'</span>' : $conf->global->MAIN_SECURITY_HASH_ALGO)." &nbsp; ";
@ -443,13 +448,7 @@ print '<br>';
print '<strong>MAIN_SECURITY_ANTI_SSRF_SERVER_IP</strong> = '.(empty($conf->global->MAIN_SECURITY_ANTI_SSRF_SERVER_IP) ? '<span class="opacitymedium">'.$langs->trans("Undefined").'</span> &nbsp; <span class="opacitymedium">('.$langs->trans("Recommended").': List of static IPs of server separated with coma - '.$langs->trans("Note").': common loopback ip like 127.*.*.*, [::1] are already added)</span>' : $conf->global->MAIN_SECURITY_ANTI_SSRF_SERVER_IP)."<br>";
print '<br>';
print '<strong>MAIN_ALLOW_SVG_FILES_AS_IMAGES</strong> = '.(empty($conf->global->MAIN_ALLOW_SVG_FILES_AS_IMAGES) ? '0' : $conf->global->MAIN_ALLOW_SVG_FILES_AS_IMAGES).' &nbsp; <span class="opacitymedium">('.$langs->trans("Recommended").': 0)</span><br>';
print '<br>';
print '<strong>MAIN_ALWAYS_CREATE_LOCK_AFTER_LAST_UPGRADE</strong> = '.(empty($conf->global->MAIN_ALWAYS_CREATE_LOCK_AFTER_LAST_UPGRADE) ? '<span class="opacitymedium">'.$langs->trans("Undefined").'</span>' : $conf->global->MAIN_ALWAYS_CREATE_LOCK_AFTER_LAST_UPGRADE).' &nbsp; <span class="opacitymedium">('.$langs->trans("Recommended").': 1)</span><br>';
print '<br>';
print '<strong>MAIN_SECURITY_CSRF_WITH_TOKEN</strong> = '.(empty($conf->global->MAIN_SECURITY_CSRF_WITH_TOKEN) ? '<span class="opacitymedium">'.$langs->trans("Undefined").'</span>' : $conf->global->MAIN_SECURITY_CSRF_WITH_TOKEN).' &nbsp; <span class="opacitymedium">('.$langs->trans("Recommended").': 2)</span>'."<br>";
print '<strong>MAIN_SECURITY_CSRF_WITH_TOKEN</strong> = '.(empty($conf->global->MAIN_SECURITY_CSRF_WITH_TOKEN) ? '<span class="opacitymedium">'.$langs->trans("Undefined").'</span>' : $conf->global->MAIN_SECURITY_CSRF_WITH_TOKEN).' &nbsp; <span class="opacitymedium">('.$langs->trans("Recommended").': '.$langs->trans("Undefined").' '.$langs->trans("or").' 2)</span>'."<br>";
print '<br>';
print '<br>';
@ -458,15 +457,6 @@ print '<br>';
print load_fiche_titre($langs->trans("OtherSetup").' ('.$langs->trans("Experimental").')', '', 'folder');
print '<strong>MAIN_RESTRICTHTML_ONLY_VALID_HTML</strong> = '.(empty($conf->global->MAIN_RESTRICTHTML_ONLY_VALID_HTML) ? '<span class="opacitymedium">'.$langs->trans("Undefined").' &nbsp; ('.$langs->trans("Recommended").': 1)</span>' : $conf->global->MAIN_RESTRICTHTML_ONLY_VALID_HTML)."<br>";
print '<br>';
print '<strong>MAIN_RESTRICTHTML_REMOVE_ALSO_BAD_ATTRIBUTES</strong> = '.(empty($conf->global->MAIN_RESTRICTHTML_REMOVE_ALSO_BAD_ATTRIBUTES) ? '<span class="opacitymedium">'.$langs->trans("Undefined").' &nbsp; ('.$langs->trans("Recommended").': 1)</span>' : $conf->global->MAIN_RESTRICTHTML_REMOVE_ALSO_BAD_ATTRIBUTES)."<br>";
print '<br>';
print '<strong>MAIN_SECURITY_CSRF_TOKEN_RENEWAL_ON_EACH_CALL</strong> = '.(empty($conf->global->MAIN_SECURITY_CSRF_TOKEN_RENEWAL_ON_EACH_CALL) ? '<span class="opacitymedium">'.$langs->trans("Undefined").' &nbsp; ('.$langs->trans("Recommended").': '.$langs->trans("Undefined").' '.$langs->trans("or").' 0)</span>' : $conf->global->MAIN_SECURITY_CSRF_TOKEN_RENEWAL_ON_EACH_CALL)."<br>";
print '<br>';
print '<strong>MAIN_EXEC_USE_POPEN</strong> = ';
if (empty($conf->global->MAIN_EXEC_USE_POPEN)) {
print '<span class="opacitymedium">'.$langs->trans("Undefined").'</span>';
@ -483,7 +473,36 @@ if ($execmethod == 2) {
print ' &nbsp; ('.$langs->trans("Recommended").': '.$langs->trans("Undefined").' '.$langs->trans("or").' 1)';
print '</span>';
}
print "<br>";
print '<br>';
print '<br>';
print '<strong>MAIN_RESTRICTHTML_ONLY_VALID_HTML</strong> = '.(empty($conf->global->MAIN_RESTRICTHTML_ONLY_VALID_HTML) ? '<span class="opacitymedium">'.$langs->trans("Undefined").' &nbsp; ('.$langs->trans("Recommended").': 1)</span>' : $conf->global->MAIN_RESTRICTHTML_ONLY_VALID_HTML)."<br>";
print '<br>';
print '<strong>MAIN_RESTRICTHTML_REMOVE_ALSO_BAD_ATTRIBUTES</strong> = '.(empty($conf->global->MAIN_RESTRICTHTML_REMOVE_ALSO_BAD_ATTRIBUTES) ? '<span class="opacitymedium">'.$langs->trans("Undefined").' &nbsp; ('.$langs->trans("Recommended").': 1)</span>' : $conf->global->MAIN_RESTRICTHTML_REMOVE_ALSO_BAD_ATTRIBUTES)."<br>";
print '<br>';
print '<strong>MAIN_SECURITY_CSRF_TOKEN_RENEWAL_ON_EACH_CALL</strong> = '.(empty($conf->global->MAIN_SECURITY_CSRF_TOKEN_RENEWAL_ON_EACH_CALL) ? '<span class="opacitymedium">'.$langs->trans("Undefined").' &nbsp; ('.$langs->trans("Recommended").': '.$langs->trans("Undefined").' '.$langs->trans("or").' 0)</span>' : $conf->global->MAIN_SECURITY_CSRF_TOKEN_RENEWAL_ON_EACH_CALL)."<br>";
print '<br>';
print '<strong>MAIN_SECURITY_FORCECSP</strong> = '.(empty($conf->global->MAIN_SECURITY_FORCECSP) ? '<span class="opacitymedium">'.$langs->trans("Undefined").'</span>' : $conf->global->MAIN_SECURITY_FORCECSP).' &nbsp; <span class="opacitymedium">('.$langs->trans("Example").": \"default-src 'self'; img-src *;\")</span><br>";
print '<br>';
print '<strong>WEBSITE_MAIN_SECURITY_FORCECSP</strong> = '.(empty($conf->global->WEBSITE_MAIN_SECURITY_FORCECSP) ? '<span class="opacitymedium">'.$langs->trans("Undefined").'</span>' : $conf->global->WEBSITE_MAIN_SECURITY_FORCECSP).' &nbsp; <span class="opacitymedium">('.$langs->trans("Example").": \"default-src 'self'; style-src: https://cdnjs.cloudflare.com https://fonts.googleapis.com; script-src: https://cdn.transifex.com https://www.googletagmanager.com; object-src https://youtube.com; frame-src https://youtube.com; img-src: *;\")</span><br>";
print '<br>';
print '<strong>MAIN_SECURITY_FORCERP</strong> = '.(empty($conf->global->MAIN_SECURITY_FORCERP) ? '<span class="opacitymedium">'.$langs->trans("Undefined").'</span>' : $conf->global->MAIN_SECURITY_FORCERP).' &nbsp; <span class="opacitymedium">('.$langs->trans("Recommended").': '.$langs->trans("Undefined").' '.$langs->trans("or")." \"same-origin\")</span><br>";
print '<br>';
print '<strong>WEBSITE_MAIN_SECURITY_FORCERP</strong> = '.(empty($conf->global->WEBSITE_MAIN_SECURITY_FORCERP) ? '<span class="opacitymedium">'.$langs->trans("Undefined").'</span>' : $conf->global->WEBSITE_MAIN_SECURITY_FORCERP).' &nbsp; <span class="opacitymedium">('.$langs->trans("Recommended").': '.$langs->trans("Undefined").' '.$langs->trans("or")." \"strict-origin-when-cross-origin\")</span><br>";
print '<br>';
print '<strong>WEBSITE_MAIN_SECURITY_FORCESTS</strong> = '.(empty($conf->global->WEBSITE_MAIN_SECURITY_FORCESTS) ? '<span class="opacitymedium">'.$langs->trans("Undefined").'</span>' : $conf->global->WEBSITE_MAIN_SECURITY_FORCESTS).' &nbsp; <span class="opacitymedium">('.$langs->trans("Example").": \"max-age=31536000; includeSubDomains\")</span><br>";
print '<br>';
print '<strong>WEBSITE_MAIN_SECURITY_FORCEPP</strong> = '.(empty($conf->global->WEBSITE_MAIN_SECURITY_FORCEPP) ? '<span class="opacitymedium">'.$langs->trans("Undefined").'</span>' : $conf->global->WEBSITE_MAIN_SECURITY_FORCEPP).' &nbsp; <span class="opacitymedium">('.$langs->trans("Example").": \"camera: 'none'; microphone: 'none';\")</span><br>";
print '<br>';
print '<br>';

6
htdocs/blockedlog/class/blockedlog.class.php
View File

@ -361,11 +361,11 @@ class BlockedLog
$this->amounts = $amounts;
// date
if ($object->element == 'payment' || $object->element == 'payment_supplier') {
$this->date_object = $object->datepaye;
$this->date_object = empty($object->datepaye) ? $object->date : $object->datepaye;
} elseif ($object->element == 'payment_salary') {
$this->date_object = $object->datev;
} elseif ($object->element == 'payment_donation' || $object->element == 'payment_various') {
$this->date_object = $object->datepaid ? $object->datepaid : $object->datep;
$this->date_object = empty($object->datepaid) ? $object->datep : $object->datepaid;
} elseif ($object->element == 'subscription') {
$this->date_object = $object->dateh;
} elseif ($object->element == 'cashcontrol') {
@ -527,7 +527,7 @@ class BlockedLog
$totalamount = 0;
// Loop on each invoice payment amount
// Loop on each invoice payment amount (payment_part)
if (is_array($object->amounts) && !empty($object->amounts)) {
$paymentpartnumber = 0;
foreach ($object->amounts as $objid => $amount) {

21
htdocs/bom/bom_card.php
View File

@ -181,24 +181,11 @@ if (empty($reshook)) {
}
if (!$error) {
$bomline = new BOMLine($db);
$bomline->fk_bom = $id;
$bomline->fk_product = $idprod;
$bomline->fk_bom_child = $bom_child_id;
$bomline->qty = $qty;
$bomline->qty_frozen = (int) $qty_frozen;
$bomline->disable_stock_change = (int) $disable_stock_change;
$bomline->efficiency = $efficiency;
$result = $object->addLine($idprod, $qty, $qty_frozen, $disable_stock_change, $efficiency, -1, $bom_child_id, null);
// Rang to use
$rangmax = $object->line_max(0);
$ranktouse = $rangmax + 1;
$bomline->position = $ranktouse;
$result = $bomline->create($user);
if ($result <= 0) {
setEventMessages($bomline->error, $bomline->errors, 'errors');
setEventMessages($object->error, $object->errors, 'errors');
$action = '';
} else {
unset($_POST['idprod']);
@ -207,8 +194,6 @@ if (empty($reshook)) {
unset($_POST['disable_stock_change']);
$object->fetchLines();
$object->calculateCosts();
}
}
}

76
htdocs/bom/class/api_boms.class.php
View File

@ -2,6 +2,7 @@
/* Copyright (C) 2015 Jean-François Ferry <jfefe@aternatik.fr>
* Copyright (C) 2019 Maxime Kohlhaas <maxime@atm-consulting.fr>
* Copyright (C) 2020 Frédéric France <frederic.france@netlogic.fr>
* Copyright (C) 2022 Christian Humpel <christian.humpel@live.com>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -279,6 +280,81 @@ class Boms extends DolibarrApi
);
}
/**
* Get lines of an BOM
*
* @param int $id Id of BOM
*
* @url GET {id}/lines
*
* @return array
*/
public function getLines($id)
{
if (!DolibarrApiAccess::$user->rights->bom->read) {
throw new RestException(401);
}
$result = $this->bom->fetch($id);
if (!$result) {
throw new RestException(404, 'BOM not found');
}
if (!DolibarrApi::_checkAccessToResource('bom_bom', $this->bom->id)) {
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
}
$this->bom->getLinesArray();
$result = array();
foreach ($this->bom->lines as $line) {
array_push($result, $this->_cleanObjectDatas($line));
}
return $result;
}
/**
* Add a line to given BOM
*
* @param int $id Id of BOM to update
* @param array $request_data BOMLine data
*
* @url POST {id}/lines
*
* @return int
*/
public function postLine($id, $request_data = null)
{
if (!DolibarrApiAccess::$user->rights->bom->write) {
throw new RestException(401);
}
$result = $this->bom->fetch($id);
if (!$result) {
throw new RestException(404, 'BOM not found');
}
if (!DolibarrApi::_checkAccessToResource('bom_bom', $this->bom->id)) {
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
}
$request_data = (object) $request_data;
$updateRes = $this->bom->addLine(
$request_data->fk_product,
$request_data->qty,
$request_data->qty_frozen,
$request_data->disable_stock_change,
$request_data->efficiency,
$request_data->postion,
$request_data->fk_bom_child,
$request_data->import_key
);
if ($updateRes > 0) {
return $updateRes;
} else {
throw new RestException(400, $this->bom->error);
}
}
// phpcs:disable PEAR.NamingConventions.ValidFunctionName.PublicUnderscore
/**

94
htdocs/bom/class/bom.class.php
View File

@ -502,6 +502,100 @@ class BOM extends CommonObject
//return $this->deleteCommon($user, $notrigger, 1);
}
/**
* Add an BOM line into database (linked to BOM)
*
* @param int $fk_product Id of product
* @param float $qty Quantity
* @param int $qty_frozen Frozen quantity
* @param int $disable_stock_change Disable stock change on using in MO
* @param float $efficiency Efficiency in MO
* @param int $position Position of BOM-Line in BOM-Lines
* @param int $fk_bom_child Id of BOM Child
* @param string $import_key Import Key
* @return int <0 if KO, >0 if OK
*/
public function addLine($fk_product, $qty, $qty_frozen = 0, $disable_stock_change = 0, $efficiency = 1.0, $position = -1, $fk_bom_child = null, $import_key = null)
{
global $mysoc, $conf, $langs, $user;
$logtext = "::addLine bomid=$this->id, qty=$qty, fk_product=$fk_product, qty_frozen=$qty_frozen, disable_stock_change=$disable_stock_change, efficiency=$efficiency";
$logtext .= ", fk_bom_child=$fk_bom_child, import_key=$import_key";
dol_syslog(get_class($this).$logtext, LOG_DEBUG);
if ($this->statut == self::STATUS_DRAFT) {
include_once DOL_DOCUMENT_ROOT.'/core/lib/price.lib.php';
// Clean parameters
if (empty($qty)) {
$qty = 0;
}
if (empty($qty_frozen)) {
$qty_frozen = 0;
}
if (empty($disable_stock_change)) {
$disable_stock_change = 0;
}
if (empty($efficiency)) {
$efficiency = 1.0;
}
if (empty($fk_bom_child)) {
$fk_bom_child = null;
}
if (empty($import_key)) {
$import_key = null;
}
if (empty($position)) {
$position = -1;
}
$qty = price2num($qty);
$efficiency = price2num($efficiency);
$position = price2num($position);
$this->db->begin();
// Rank to use
$rankToUse = $position;
if ($rankToUse == -1) {
$rangMax = $this->line_max();
$rankToUse = $rangMax + 1;
}
// Insert line
$this->line = new BOMLine($this->db);
$this->line->context = $this->context;
$this->line->fk_bom = $this->id;
$this->line->fk_product = $fk_product;
$this->line->qty = $qty;
$this->line->qty_frozen = $qty_frozen;
$this->line->disable_stock_change = $disable_stock_change;
$this->line->efficiency = $efficiency;
$this->line->fk_bom_child = $fk_bom_child;
$this->line->import_key = $import_key;
$this->line->position = $rankToUse;
$result = $this->line->create($user);
if ($result > 0) {
$this->calculateCosts();
$this->db->commit();
return $this->line->id;
} else {
$this->error = $this->line->error;
dol_syslog(get_class($this)."::addLine error=".$this->error, LOG_ERR);
$this->db->rollback();
return -2;
}
} else {
dol_syslog(get_class($this)."::addLine status of BOM must be Draft to allow use of ->addLine()", LOG_ERR);
return -3;
}
}
/**
* Delete a line of object in database
*

22
htdocs/comm/propal/class/propal.class.php
View File

@ -1507,12 +1507,13 @@ class Propal extends CommonObject
/**
* Load a proposal from database. Get also lines.
*
* @param int $rowid id of object to load
* @param string $ref Ref of proposal
* @param string $ref_ext Ref ext of proposal
* @return int >0 if OK, <0 if KO
* @param int $rowid Id of object to load
* @param string $ref Ref of proposal
* @param string $ref_ext Ref ext of proposal
* @param int $forceentity Entity id to force when searching on ref or ref_ext
* @return int >0 if OK, <0 if KO
*/
public function fetch($rowid, $ref = '', $ref_ext = '')
public function fetch($rowid, $ref = '', $ref_ext = '', $forceentity = 0)
{
$sql = "SELECT p.rowid, p.ref, p.entity, p.remise, p.remise_percent, p.remise_absolue, p.fk_soc";
$sql .= ", p.total_ttc, p.total_tva, p.localtax1, p.localtax2, p.total_ht";
@ -1551,10 +1552,15 @@ class Propal extends CommonObject
$sql .= ' LEFT JOIN '.MAIN_DB_PREFIX.'c_input_reason as dr ON p.fk_input_reason = dr.rowid';
$sql .= ' LEFT JOIN '.MAIN_DB_PREFIX.'c_incoterms as i ON p.fk_incoterms = i.rowid';
if ($ref) {
$sql .= " WHERE p.entity IN (".getEntity('propal').")"; // Dont't use entity if you use rowid
if (!empty($ref)) {
if (!empty($forceentity)) {
$sql .= " WHERE p.entity = ".(int) $forceentity; // Check only the current entity because we may have the same reference in several entities
} else {
$sql .= " WHERE p.entity IN (".getEntity('propal').")";
}
$sql .= " AND p.ref='".$this->db->escape($ref)."'";
} else {
// Dont't use entity if you use rowid
$sql .= " WHERE p.rowid = ".((int) $rowid);
}
@ -3812,7 +3818,7 @@ class Propal extends CommonObject
* @param int $hidedetails Hide details of lines
* @param int $hidedesc Hide description
* @param int $hideref Hide ref
* @param null|array $moreparams Array to provide more information
* @param null|array $moreparams Array to provide more information
* @return int 0 if KO, 1 if OK
*/
public function generateDocument($modele, $outputlangs, $hidedetails = 0, $hidedesc = 0, $hideref = 0, $moreparams = null)

6
htdocs/commande/card.php
View File

@ -113,9 +113,9 @@ $usercancreate = $user->hasRight("commande", "creer");
$usercandelete = $user->hasRight("commande", "supprimer");
// Advanced permissions
$usercanclose = ((empty($conf->global->MAIN_USE_ADVANCED_PERMS) && !empty($usercancreate)) || (!empty($conf->global->MAIN_USE_ADVANCED_PERMS) && !empty($user->hasRight('commande', 'order_advance', 'close'))));
$usercanvalidate = ((empty($conf->global->MAIN_USE_ADVANCED_PERMS) && $usercancreate) || (!empty($conf->global->MAIN_USE_ADVANCED_PERMS) && !empty($user->hasRight('commande', 'order_advance', 'validate'))));
$usercancancel = ((empty($conf->global->MAIN_USE_ADVANCED_PERMS) && $usercancreate) || (!empty($conf->global->MAIN_USE_ADVANCED_PERMS) && !empty($user->hasRight('commande', 'order_advance', 'annuler'))));
$usercanclose = ((empty($conf->global->MAIN_USE_ADVANCED_PERMS) && !empty($usercancreate)) || (!empty($conf->global->MAIN_USE_ADVANCED_PERMS) && $user->hasRight('commande', 'order_advance', 'close')));
$usercanvalidate = ((empty($conf->global->MAIN_USE_ADVANCED_PERMS) && $usercancreate) || (!empty($conf->global->MAIN_USE_ADVANCED_PERMS) && $user->hasRight('commande', 'order_advance', 'validate')));
$usercancancel = ((empty($conf->global->MAIN_USE_ADVANCED_PERMS) && $usercancreate) || (!empty($conf->global->MAIN_USE_ADVANCED_PERMS) && $user->hasRight('commande', 'order_advance', 'annuler')));
$usercansend = (empty($conf->global->MAIN_USE_ADVANCED_PERMS) || $user->hasRight('commande', 'order_advance', 'send'));
$usercangeneretedoc = (empty($conf->global->MAIN_USE_ADVANCED_PERMS) || $user->hasRight('commande', 'order_advance', 'generetedoc'));

19
htdocs/core/ajax/check_notifications.php
View File

@ -39,25 +39,6 @@ if (!defined('NOREQUIRETRAN')) {
define('NOREQUIRETRAN', '1');
}
//if (! defined('NOREQUIREUSER')) define('NOREQUIREUSER', '1'); // Do not load object $user
//if (! defined('NOREQUIRESOC')) define('NOREQUIRESOC', '1'); // Do not load object $mysoc
//if (! defined('NOREQUIRETRAN')) define('NOREQUIRETRAN', '1'); // Do not load object $langs
//if (! defined('NOSCANGETFORINJECTION')) define('NOSCANGETFORINJECTION', '1'); // Do not check injection attack on GET parameters
//if (! defined('NOSCANPOSTFORINJECTION')) define('NOSCANPOSTFORINJECTION', '1'); // Do not check injection attack on POST parameters
//if (! defined('NOCSRFCHECK')) define('NOCSRFCHECK', '1'); // Do not check CSRF attack (test on referer + on token if option MAIN_SECURITY_CSRF_WITH_TOKEN is on).
//if (! defined('NOTOKENRENEWAL')) define('NOTOKENRENEWAL', '1'); // Do not roll the Anti CSRF token (used if MAIN_SECURITY_CSRF_WITH_TOKEN is on)
//if (! defined('NOSTYLECHECK')) define('NOSTYLECHECK', '1'); // Do not check style html tag into posted data
//if (! defined('NOIPCHECK')) define('NOIPCHECK', '1'); // Do not check IP defined into conf $dolibarr_main_restrict_ip
//if (! defined('NOREQUIREMENU')) define('NOREQUIREMENU', '1'); // If there is no need to load and show top and left menu
//if (! defined('NOREQUIREHTML')) define('NOREQUIREHTML', '1'); // If we don't need to load the html.form.class.php
//if (! defined('NOREQUIREAJAX')) define('NOREQUIREAJAX', '1'); // Do not load ajax.lib.php library
//if (! defined("NOLOGIN")) define("NOLOGIN", '1'); // If this page is public (can be called outside logged session)
//if (! defined("MAIN_LANG_DEFAULT")) define('MAIN_LANG_DEFAULT', 'auto'); // Force lang to a particular value
//if (! defined("MAIN_AUTHENTICATION_MODE")) define('MAIN_AUTHENTICATION_MODE', 'aloginmodule'); // Force authentication handler
//if (! defined("NOREDIRECTBYMAINTOLOGIN")) define('NOREDIRECTBYMAINTOLOGIN', '1'); // The main.inc.php does not make a redirect if not logged, instead show simple error message
//if (! defined("XFRAMEOPTIONS_ALLOWALL")) define('XFRAMEOPTIONS_ALLOWALL', '1'); // Do not add the HTTP header 'X-Frame-Options: SAMEORIGIN' but 'X-Frame-Options: ALLOWALL'
require '../../main.inc.php';
//$time = (int) GETPOST('time', 'int'); // Use the time parameter that is always increased by time_update, even if call is late

60
htdocs/core/ajax/onlineSign.php
View File

@ -53,12 +53,13 @@ if (is_numeric($entity)) {
define("DOLENTITY", $entity);
}
include '../../main.inc.php';
require_once DOL_DOCUMENT_ROOT.'/core/lib/files.lib.php';
$action = GETPOST('action', 'aZ09');
$signature = GETPOST('signaturebase64');
$ref = GETPOST('ref', 'aZ09');
$mode = GETPOST('mode', 'aZ09');
$mode = GETPOST('mode', 'aZ09'); // 'proposal', ...
$SECUREKEY = GETPOST("securekey"); // Secure key
$error = 0;
@ -69,7 +70,7 @@ $type = $mode;
// Check securitykey
$securekeyseed = '';
if ($type == 'proposal') {
$securekeyseed = isset($conf->global->PROPOSAL_ONLINE_SIGNATURE_SECURITY_TOKEN) ? $conf->global->PROPOSAL_ONLINE_SIGNATURE_SECURITY_TOKEN : '';
$securekeyseed = getDolGlobalString('PROPOSAL_ONLINE_SIGNATURE_SECURITY_TOKEN');
}
if (empty($SECUREKEY) || !dol_verifyHash($securekeyseed.$type.$ref, $SECUREKEY, '0')) {
@ -123,33 +124,64 @@ if ($action == "importSignature") {
if (!$error) {
// Defined modele of doc
$directdownloadlink = $object->getLastMainDocLink('proposal');
$last_main_doc_file = $object->last_main_doc;
$directdownloadlink = $object->getLastMainDocLink('proposal'); // url to download the $object->last_main_doc
if (preg_match('/\.pdf/i', $directdownloadlink)) {
if (preg_match('/\.pdf/i', $last_main_doc_file)) {
// TODO Use the $last_main_doc_file to defined the $newpdffilename and $sourcefile
$newpdffilename = $upload_dir.$ref."_signed-".$date.".pdf";
$sourcefile = $upload_dir.$ref.".pdf";
if (dol_is_file($sourcefile)) {
// We build the new PDF
$pdf = pdf_getInstance();
$pdf->Open();
$pdf->AddPage();
$pagecount = $pdf->setSourceFile($sourcefile); // original PDF
if (class_exists('TCPDF')) {
$pdf->setPrintHeader(false);
$pdf->setPrintFooter(false);
}
$pdf->SetFont(pdf_getPDFFont($langs));
for ($i=1; $i<($pagecount+1); $i++) {
if ($i>1) $pdf->AddPage();
$tppl=$pdf->importPage($i);
$pdf->useTemplate($tppl);
if (getDolGlobalString('MAIN_DISABLE_PDF_COMPRESSION')) {
$pdf->SetCompression(false);
}
$pdf->Image($upload_dir.$filename, 129, 239.6, 60, 15); // FIXME Position will be wrong with non A4 format. Use a value from width and height of page minus relative offset.
$pdf->Close();
//$pdf->Open();
$pagecount = $pdf->setSourceFile($sourcefile); // original PDF
$s = array(); // Array with size of each page. Exemple array(w'=>210, 'h'=>297);
for ($i=1; $i<($pagecount+1); $i++) {
try {
$tppl = $pdf->importPage($i);
$s = $pdf->getTemplatesize($tppl);
$pdf->AddPage($s['h'] > $s['w'] ? 'P' : 'L');
$pdf->useTemplate($tppl);
} catch (Exception $e) {
dol_syslog("Error when manipulating some PDF by onlineSign: ".$e->getMessage(), LOG_ERR);
$response = $e->getMessage();
$error++;
}
}
// A signature image file is 720 x 180 (ratio 1/4) but we use only the size into PDF
// TODO Get position of box from PDF template
$xforimgstart = (empty($s['w']) ? 120 : round($s['w'] / 2) + 15);
$yforimgstart = (empty($s['h']) ? 240 : $s['h'] - 60);
$wforimg = $s['w'] - 20 - $xforimgstart;
$pdf->Image($upload_dir.$filename, $xforimgstart, $yforimgstart, $wforimg, round($wforimg / 4));
//$pdf->Close();
$pdf->Output($newpdffilename, "F");
// Index the new file and update the last_main_doc property of object.
$object->indexFile($newpdffilename, 1);
}
} elseif (preg_match('/\.odt/i', $last_main_doc_file)) {
// Adding signature on .ODT not yet supported
// TODO
} else {
// Adding signature on doc not yet supported
// Document format not supported to insert online signature.
// We should just create an image file with the signature.
}
}

26
htdocs/core/class/CMailFile.class.php
View File

@ -885,6 +885,30 @@ class CMailFile
$storage = new DoliStorage($db, $conf);
try {
$tokenobj = $storage->retrieveAccessToken($OAUTH_SERVICENAME);
$expire = false;
// Is token expired or will token expire in the next 30 seconds
if (is_object($tokenobj)) {
$expire = ($tokenobj->getEndOfLife() !== -9002 && $tokenobj->getEndOfLife() !== -9001 && time() > ($tokenobj->getEndOfLife() - 30));
}
// Token expired so we refresh it
if (is_object($tokenobj) && $expire) {
$credentials = new Credentials(
getDolGlobalString('OAUTH_'.getDolGlobalString('MAIN_MAIL_SMTPS_OAUTH_SERVICE').'_ID'),
getDolGlobalString('OAUTH_'.getDolGlobalString('MAIN_MAIL_SMTPS_OAUTH_SERVICE').'_SECRET'),
getDolGlobalString('OAUTH_'.getDolGlobalString('MAIN_MAIL_SMTPS_OAUTH_SERVICE').'_URLAUTHORIZE')
);
$serviceFactory = new \OAuth\ServiceFactory();
$oauthname = explode('-', $OAUTH_SERVICENAME);
// ex service is Google-Emails we need only the first part Google
$apiService = $serviceFactory->createService($oauthname[0], $credentials, $storage, array());
// We have to save the token because Google give it only once
$refreshtoken = $tokenobj->getRefreshToken();
$tokenobj = $apiService->refreshAccessToken($tokenobj);
$tokenobj->setRefreshToken($refreshtoken);
$storage->storeAccessToken($OAUTH_SERVICENAME, $tokenobj);
}
$tokenobj = $storage->retrieveAccessToken($OAUTH_SERVICENAME);
if (is_object($tokenobj)) {
$this->smtps->setToken($tokenobj->getAccessToken());
@ -1001,7 +1025,7 @@ class CMailFile
$oauthname = explode('-', $OAUTH_SERVICENAME);
// ex service is Google-Emails we need only the first part Google
$apiService = $serviceFactory->createService($oauthname[0], $credentials, $storage, array());
// il faut sauvegarder le refresh token car google ne le donne qu'une seule fois
// We have to save the token because Google give it only once
$refreshtoken = $tokenobj->getRefreshToken();
$tokenobj = $apiService->refreshAccessToken($tokenobj);
$tokenobj->setRefreshToken($refreshtoken);

3
htdocs/core/class/commonobject.class.php
View File

@ -1043,7 +1043,8 @@ abstract class CommonObject
// Add entry into index
if ($initsharekey) {
require_once DOL_DOCUMENT_ROOT.'/core/lib/security2.lib.php';
// TODO We can't, we dont' have full path of file, only last_main_doc adn ->element, so we must rebuild full path first
// TODO We can't, we dont' have full path of file, only last_main_doc and ->element, so we must first rebuild full path $destfull
/*
$ecmfile->filepath = $rel_dir;
$ecmfile->filename = $filename;

4
htdocs/core/class/conf.class.php
View File

@ -1018,7 +1018,9 @@ class Conf
}
if (empty($handler_file_found)) {
throw new Exception('Missing log handler file '.$handler.'.php');
// If log handler has been removed of is badly setup, we must be able to continue code.
//throw new Exception('Missing log handler file '.$handler.'.php');
continue;
}
require_once $handler_file_found;

18
htdocs/core/lib/date.lib.php
View File

@ -207,7 +207,7 @@ function dol_time_plus_duree($time, $duration_value, $duration_unit, $ruleforend
*/
function convertTime2Seconds($iHours = 0, $iMinutes = 0, $iSeconds = 0)
{
$iResult = ($iHours * 3600) + ($iMinutes * 60) + $iSeconds;
$iResult = ((int) $iHours * 3600) + ((int) $iMinutes * 60) + (int) $iSeconds;
return $iResult;
}
@ -243,6 +243,7 @@ function convertSecondToTime($iSecond, $format = 'all', $lengthOfDay = 86400, $l
if (empty($lengthOfWeek)) {
$lengthOfWeek = 7; // 1 week = 7 days
}
$nbHbyDay = $lengthOfDay / 3600;
if ($format == 'all' || $format == 'allwithouthour' || $format == 'allhour' || $format == 'allhourmin' || $format == 'allhourminsec') {
if ((int) $iSecond === 0) {
@ -290,11 +291,11 @@ function convertSecondToTime($iSecond, $format = 'all', $lengthOfDay = 86400, $l
$sTime .= dol_print_date($iSecond, 'hourduration', true);
}
} elseif ($format == 'allhourminsec') {
return sprintf("%02d", ($sWeek * $lengthOfWeek * 24 + $sDay * 24 + (int) floor($iSecond / 3600))).':'.sprintf("%02d", ((int) floor(($iSecond % 3600) / 60))).':'.sprintf("%02d", ((int) ($iSecond % 60)));
return sprintf("%02d", ($sWeek * $lengthOfWeek * $nbHbyDay + $sDay * $nbHbyDay + (int) floor($iSecond/3600))).':'.sprintf("%02d", ((int) floor(($iSecond % 3600) / 60))).':'.sprintf("%02d", ((int) ($iSecond % 60)));
} elseif ($format == 'allhourmin') {
return sprintf("%02d", ($sWeek * $lengthOfWeek * 24 + $sDay * 24 + (int) floor($iSecond / 3600))).':'.sprintf("%02d", ((int) floor(($iSecond % 3600) / 60)));
return sprintf("%02d", ($sWeek * $lengthOfWeek * $nbHbyDay + $sDay * $nbHbyDay + (int) floor($iSecond/3600))).':'.sprintf("%02d", ((int) floor(($iSecond % 3600)/60)));
} elseif ($format == 'allhour') {
return sprintf("%02d", ($sWeek * $lengthOfWeek * 24 + $sDay * 24 + (int) floor($iSecond / 3600)));
return sprintf("%02d", ($sWeek * $lengthOfWeek * $nbHbyDay + $sDay * $nbHbyDay + (int) floor($iSecond/3600)));
}
} elseif ($format == 'hour') { // only hour part
$sTime = dol_print_date($iSecond, '%H', true);
@ -899,6 +900,15 @@ function num_public_holiday($timestampStart, $timestampEnd, $country_code = '',
}
// Fronleichnam
}
if (in_array('genevafast', $specialdayrule)) {
// Geneva fast in Switzerland (Thursday after the first sunday in September)
$date_1sunsept = strtotime('next thursday', strtotime('next sunday', mktime(0, 0, 0, 9, 1, $annee)));
$jour_1sunsept = date("d", $date_1sunsept);
$mois_1sunsept = date("m", $date_1sunsept);
if ($jour_1sunsept == $jour && $mois_1sunsept == $mois) $ferie=true;
// Geneva fast in Switzerland
}
}
//print "ferie=".$ferie."\n";

4
htdocs/core/lib/functions.lib.php
View File

@ -3310,8 +3310,8 @@ function dol_print_phone($phone, $countrycode = '', $cid = 0, $socid = 0, $addli
$newphone = substr($newphone, 0, 5).$separ.substr($newphone, 5, 3).$separ.substr($newphone, 8, 4);
}
} elseif (strtoupper($countrycode) == "MG") {//Madagascar
if (dol_strlen($phone) == 13) {//ex: +261_AB_CD_EF_GHI
$newphone = substr($newphone, 0, 4).$separ.substr($newphone, 4, 2).$separ.substr($newphone, 6, 2).$separ.substr($newphone, 8, 2).$separ.substr($newphone, 10, 3);
if (dol_strlen($phone) == 13) {//ex: +261_AB_CD_EFG_HI
$newphone = substr($newphone, 0, 4).$separ.substr($newphone, 4, 2).$separ.substr($newphone, 6, 2).$separ.substr($newphone, 8, 3).$separ.substr($newphone, 11, 2);
}
} elseif (strtoupper($countrycode) == "GB") {//Royaume uni
if (dol_strlen($phone) == 13) {//ex: +44_ABCD_EFG_HIJ

5
htdocs/core/modules/expensereport/mod_expensereport_sand.php
View File

@ -82,7 +82,8 @@ class mod_expensereport_sand extends ModeleNumRefExpenseReport
// Parametrage du prefix
$texte .= '<tr><td>'.$langs->trans("Mask").':</td>';
$texte .= '<td class="right">'.$form->textwithpicto('<input type="text" class="flat minwidth175" name="maskvalue" value="'.$conf->global->EXPENSEREPORT_SAND_MASK.'">', $tooltip, 1, 1).'</td>';
$mask = empty($conf->global->EXPENSEREPORT_SAND_MASK) ? '' : $conf->global->EXPENSEREPORT_SAND_MASK;
$texte .= '<td class="right">'.$form->textwithpicto('<input type="text" class="flat minwidth175" name="maskvalue" value="'.$mask.'">', $tooltip, 1, 1).'</td>';
$texte .= '<td class="left" rowspan="2">&nbsp; <input type="submit" class="button button-edit" name="Button" value="'.$langs->trans("Modify").'"></td>';
@ -128,7 +129,7 @@ class mod_expensereport_sand extends ModeleNumRefExpenseReport
require_once DOL_DOCUMENT_ROOT.'/core/lib/functions2.lib.php';
// We get cursor rule
$mask = $conf->global->EXPENSEREPORT_SAND_MASK;
$mask = empty($conf->global->EXPENSEREPORT_SAND_MASK) ? '' : $conf->global->EXPENSEREPORT_SAND_MASK;
if (!$mask) {
$this->error = 'NotConfigured';

5
htdocs/core/modules/propale/mod_propale_saphir.php
View File

@ -85,7 +85,8 @@ class mod_propale_saphir extends ModeleNumRefPropales
// Parametrage du prefix
$texte .= '<tr><td>'.$langs->trans("Mask").':</td>';
$texte .= '<td class="right">'.$form->textwithpicto('<input type="text" class="flat minwidth175" name="maskpropal" value="'.$conf->global->PROPALE_SAPHIR_MASK.'">', $tooltip, 1, 1).'</td>';
$mask = empty($conf->global->PROPALE_SAPHIR_MASK) ? '' : $conf->global->PROPALE_SAPHIR_MASK;
$texte .= '<td class="right">'.$form->textwithpicto('<input type="text" class="flat minwidth175" name="maskpropal" value="'.$mask.'">', $tooltip, 1, 1).'</td>';
$texte .= '<td class="left" rowspan="2">&nbsp; <input type="submit" class="button button-edit" name="Button"value="'.$langs->trans("Modify").'"></td>';
@ -134,7 +135,7 @@ class mod_propale_saphir extends ModeleNumRefPropales
require_once DOL_DOCUMENT_ROOT.'/core/lib/functions2.lib.php';
// On defini critere recherche compteur
$mask = $conf->global->PROPALE_SAPHIR_MASK;
$mask = empty($conf->global->PROPALE_SAPHIR_MASK) ? '' : $conf->global->PROPALE_SAPHIR_MASK;
if (!$mask) {
$this->error = 'NotConfigured';

4
htdocs/core/modules/usergroup/doc/doc_generic_usergroup_odt.modules.php
View File

@ -123,7 +123,7 @@ class doc_generic_usergroup_odt extends ModelePDFUserGroup
$texte .= '<input type="hidden" name="page_y" value="">';
$texte .= '<input type="hidden" name="action" value="setModuleOptions">';
$texte .= '<input type="hidden" name="param1" value="USERGROUP_ADDON_PDF_ODT_PATH">';
if ($conf->global->MAIN_PROPAL_CHOOSE_ODT_DOCUMENT > 0) {
if (!empty($conf->global->MAIN_PROPAL_CHOOSE_ODT_DOCUMENT)) {
$texte .= '<input type="hidden" name="param2" value="USERGROUP_ADDON_PDF_ODT_DEFAULT">';
$texte .= '<input type="hidden" name="param3" value="USERGROUP_ADDON_PDF_ODT_TOBILL">';
$texte .= '<input type="hidden" name="param4" value="USERGROUP_ADDON_PDF_ODT_CLOSED">';
@ -169,7 +169,7 @@ class doc_generic_usergroup_odt extends ModelePDFUserGroup
if (count($listofdir)) {
$texte .= $langs->trans("NumberOfModelFilesFound").': <b>'.count($listoffiles).'</b>';
if ($conf->global->MAIN_PROPAL_CHOOSE_ODT_DOCUMENT > 0) {
if (!empty($conf->global->MAIN_PROPAL_CHOOSE_ODT_DOCUMENT)) {
// Model for creation
$list = ModelePDFUserGroup::liste_modeles($this->db);
$texte .= '<table width="50%;">';

72
htdocs/core/website.inc.php
View File

@ -82,10 +82,82 @@ if ($pageid > 0) {
}
if (!defined('USEDOLIBARRSERVER') && !defined('USEDOLIBARREDITOR')) {
// Security options
// X-Content-Type-Options
header("X-Content-Type-Options: nosniff");
// X-Frame-Options
if (empty($websitepage->allowed_in_frames) && empty($conf->global->WEBSITE_ALLOW_FRAMES_ON_ALL_PAGES)) {
header("X-Frame-Options: SAMEORIGIN");
}
// X-XSS-Protection
//header("X-XSS-Protection: 1"); // XSS filtering protection of some browsers (note: use of Content-Security-Policy is more efficient). Disabled as deprecated.
// Content-Security-Policy
if (!defined('WEBSITE_MAIN_SECURITY_FORCECSP')) {
// The constant WEBSITE_MAIN_SECURITY_FORCECSP should never be defined by page, but the variable used just after may be
// A default security policy that keep usage of js external component like ckeditor, stripe, google, working
// $contentsecuritypolicy = "font-src *; img-src *; style-src * 'unsafe-inline' 'unsafe-eval'; default-src 'self' *.stripe.com 'unsafe-inline' 'unsafe-eval'; script-src 'self' *.stripe.com 'unsafe-inline' 'unsafe-eval'; frame-src 'self' *.stripe.com; connect-src 'self';";
$contentsecuritypolicy = getDolGlobalString('WEBSITE_MAIN_SECURITY_FORCECSP');
if (!is_object($hookmanager)) {
$hookmanager = new HookManager($db);
}
$hookmanager->initHooks(array("main"));
$parameters = array('contentsecuritypolicy'=>$contentsecuritypolicy);
$result = $hookmanager->executeHooks('setContentSecurityPolicy', $parameters); // Note that $action and $object may have been modified by some hooks
if ($result > 0) {
$contentsecuritypolicy = $hookmanager->resPrint; // Replace CSP
} else {
$contentsecuritypolicy .= $hookmanager->resPrint; // Concat CSP
}
if (!empty($contentsecuritypolicy)) {
// For example: to restrict to only local resources, except for css (cloudflare+google), and js (transifex + google tags) and object/iframe (youtube)
// default-src 'self'; style-src: https://cdnjs.cloudflare.com https://fonts.googleapis.com; script-src: https://cdn.transifex.com https://www.googletagmanager.com; object-src https://youtube.com; frame-src https://youtube.com; img-src: *;
// For example, to restrict everything to itself except img that can be on other servers:
// default-src 'self'; img-src *;
// Pre-existing site that uses too much js code to fix but wants to ensure resources are loaded only over https and disable plugins:
// default-src https: 'unsafe-inline' 'unsafe-eval'; object-src 'none'
header("Content-Security-Policy: ".$contentsecuritypolicy);
}
}
// Referrer-Policy
if (!defined('WEBSITE_MAIN_SECURITY_FORCERP')) {
// The constant WEBSITE_MAIN_SECURITY_FORCERP should never be defined by page, but the variable used just after may be
// For public web sites, we use the same default value than "strict-origin-when-cross-origin"
$referrerpolicy = getDolGlobalString('WEBSITE_MAIN_SECURITY_FORCERP', "strict-origin-when-cross-origin");
header("Referrer-Policy: ".$referrerpolicy);
}
// Strict-Transport-Security
if (!defined('WEBSITE_MAIN_SECURITY_FORCESTS')) {
// The constant WEBSITE_MAIN_SECURITY_FORCESTS should never be defined by page, but the variable used just after may be
// Example: "max-age=31536000; includeSubDomains"
$sts = getDolGlobalString('WEBSITE_MAIN_SECURITY_FORCESTS');
if (!empty($sts)) {
header("Strict-Transport-Security: ".$sts);
}
}
// Permissions-Policy (old name was Feature-Policy)
if (!defined('WEBSITE_MAIN_SECURITY_FORCEPP')) {
// The constant WEBSITE_MAIN_SECURITY_FORCEPP should never be defined by page, but the variable used just after may be
// Example: "camera: 'none'; microphone: 'none';"
$pp = getDolGlobalString('WEBSITE_MAIN_SECURITY_FORCEPP');
if (!empty($pp)) {
header("Permissions-Policy: ".$pp);
}
}
}
// A lang was forced, so we change weblangs init

2
htdocs/document.php
View File

@ -120,7 +120,7 @@ if ($user->socid > 0) {
// For some module part, dir may be privates
if (in_array($modulepart, array('facture_paiement', 'unpaid'))) {
if (empty($user->hasRight('societe', 'client', 'voir')) || $socid) {
if (!$user->hasRight('societe', 'client', 'voir') || $socid) {
$original_file = 'private/'.$user->id.'/'.$original_file; // If user has no permission to see all, output dir is specific to user
}
}

2
htdocs/expedition/class/expedition.class.php
View File

@ -752,7 +752,7 @@ class Expedition extends CommonObject
//var_dump($this->lines[$i]);
$mouvS = new MouvementStock($this->db);
//$mouvS->origin = dol_clone($this, 1);
$mouvS->setOrigin($this->element, $this->id);
if (empty($obj->edbrowid)) {

4
htdocs/fourn/facture/list.php
View File

@ -1464,8 +1464,8 @@ if ($resql) {
}
// Zip
if (!empty($arrayfields['s.zip']['checked'])) {
print '<td class="nocellnopadd center">';
print $obj->zip;
print '<td class="nocellnopadd center tdoverflowmax100" title="'.dol_escape_htmltag($obj->zip).'">';
print dol_escape_htmltag($obj->zip);
print '</td>';
if (!$i) {
$totalarray['nbfield']++;

14
htdocs/index.php
View File

@ -255,19 +255,19 @@ if (empty($conf->global->MAIN_DISABLE_GLOBAL_WORKBOARD)) {
// Number of cheque to send
if (isModEnabled('banque') && empty($conf->global->MAIN_DISABLE_BLOCK_BANK) && $user->hasRight('banque', 'lire') && !$user->socid) {
if (empty($conf->global->BANK_DISABLE_CHECK_DEPOSIT)) {
include_once DOL_DOCUMENT_ROOT.'/compta/paiement/cheque/class/remisecheque.class.php';
include_once DOL_DOCUMENT_ROOT . '/compta/paiement/cheque/class/remisecheque.class.php';
$board = new RemiseCheque($db);
$dashboardlines[$board->element] = $board->load_board($user);
}
if (!empty($conf->prelevement->enabled)) {
include_once DOL_DOCUMENT_ROOT.'/compta/prelevement/class/bonprelevement.class.php';
if (isModEnabled('prelevement')) {
include_once DOL_DOCUMENT_ROOT . '/compta/prelevement/class/bonprelevement.class.php';
$board = new BonPrelevement($db);
$dashboardlines[$board->element.'_direct_debit'] = $board->load_board($user, 'direct_debit');
$dashboardlines[$board->element . '_direct_debit'] = $board->load_board($user, 'direct_debit');
}
if (!empty($conf->paymentbybanktransfer->enabled)) {
include_once DOL_DOCUMENT_ROOT.'/compta/prelevement/class/bonprelevement.class.php';
if (isModEnabled('paymentbybanktransfer')) {
include_once DOL_DOCUMENT_ROOT . '/compta/prelevement/class/bonprelevement.class.php';
$board = new BonPrelevement($db);
$dashboardlines[$board->element.'_credit_transfer'] = $board->load_board($user, 'credit_transfer');
$dashboardlines[$board->element . '_credit_transfer'] = $board->load_board($user, 'credit_transfer');
}
}

BIN
htdocs/install/doctemplates/websites/website_template-style04.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 481 KiB

BIN
htdocs/install/doctemplates/websites/website_template-style04.zip Normal file
View File

Binary file not shown.

142
htdocs/install/mysql/data/llx_20_c_departements.sql
View File

@ -59,6 +59,7 @@
-- Croatia
-- France
-- Germany
-- Greece
-- Honduras
-- Hungary
-- Italy
@ -543,6 +544,76 @@ INSERT INTO llx_c_departements (fk_region, code_departement, ncc, nom) VALUES (5
INSERT INTO llx_c_departements (fk_region, code_departement, ncc, nom) VALUES (501, 'TH', 'THÜRINGEN', 'Thüringen');
-- Greece Provinces (id country=102)
INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom) VALUES ('66', 10201, '', 0, '', 'Αθήνα');
INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom) VALUES ('67', 10205, '', 0, '', 'Δράμα');
INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom) VALUES ('01', 10205, '', 0, '', 'Έβρος');
INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom) VALUES ('02', 10205, '', 0, '', 'Θάσος');
INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom) VALUES ('03', 10205, '', 0, '', 'Καβάλα');
INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom) VALUES ('04', 10205, '', 0, '', 'Ξάνθη');
INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom) VALUES ('05', 10205, '', 0, '', 'Ροδόπη');
INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom) VALUES ('06', 10203, '', 0, '', 'Ημαθία');
INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom) VALUES ('07', 10203, '', 0, '', 'Θεσσαλονίκη');
INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom) VALUES ('08', 10203, '', 0, '', 'Κιλκίς');
INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom) VALUES ('09', 10203, '', 0, '', 'Πέλλα');
INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom) VALUES ('10', 10203, '', 0, '', 'Πιερία');
INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom) VALUES ('11', 10203, '', 0, '', 'Σέρρες');
INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom) VALUES ('12', 10203, '', 0, '', 'Χαλκιδική');
INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom) VALUES ('13', 10206, '', 0, '', 'Άρτα');
INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom) VALUES ('14', 10206, '', 0, '', 'Θεσπρωτία');
INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom) VALUES ('15', 10206, '', 0, '', 'Ιωάννινα');
INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom) VALUES ('16', 10206, '', 0, '', 'Πρέβεζα');
INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom) VALUES ('17', 10213, '', 0, '', 'Γρεβενά');
INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom) VALUES ('18', 10213, '', 0, '', 'Καστοριά');
INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom) VALUES ('19', 10213, '', 0, '', 'Κοζάνη');
INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom) VALUES ('20', 10213, '', 0, '', 'Φλώρινα');
INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom) VALUES ('21', 10212, '', 0, '', 'Καρδίτσα');
INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom) VALUES ('22', 10212, '', 0, '', 'Λάρισα');
INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom) VALUES ('23', 10212, '', 0, '', 'Μαγνησία');
INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom) VALUES ('24', 10212, '', 0, '', 'Τρίκαλα');
INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom) VALUES ('25', 10212, '', 0, '', 'Σποράδες');
INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom) VALUES ('26', 10212, '', 0, '', 'Βοιωτία');
INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom) VALUES ('27', 10202, '', 0, '', 'Εύβοια');
INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom) VALUES ('28', 10202, '', 0, '', 'Ευρυτανία');
INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom) VALUES ('29', 10202, '', 0, '', 'Φθιώτιδα');
INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom) VALUES ('30', 10202, '', 0, '', 'Φωκίδα');
INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom) VALUES ('31', 10209, '', 0, '', 'Αργολίδα');
INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom) VALUES ('32', 10209, '', 0, '', 'Αρκαδία');
INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom) VALUES ('33', 10209, '', 0, '', 'Κορινθία');
INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom) VALUES ('34', 10209, '', 0, '', 'Λακωνία');
INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom) VALUES ('35', 10209, '', 0, '', 'Μεσσηνία');
INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom) VALUES ('36', 10211, '', 0, '', 'Αιτωλοακαρνανία');
INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom) VALUES ('37', 10211, '', 0, '', 'Αχαΐα');
INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom) VALUES ('38', 10211, '', 0, '', 'Ηλεία');
INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom) VALUES ('39', 10207, '', 0, '', 'Ζάκυνθος');
INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom) VALUES ('40', 10207, '', 0, '', 'Κέρκυρα');
INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom) VALUES ('41', 10207, '', 0, '', 'Κεφαλληνία');
INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom) VALUES ('42', 10207, '', 0, '', 'Ιθάκη');
INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom) VALUES ('43', 10207, '', 0, '', 'Λευκάδα');
INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom) VALUES ('44', 10208, '', 0, '', 'Ικαρία');
INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom) VALUES ('45', 10208, '', 0, '', 'Λέσβος');
INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom) VALUES ('46', 10208, '', 0, '', 'Λήμνος');
INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom) VALUES ('47', 10208, '', 0, '', 'Σάμος');
INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom) VALUES ('48', 10208, '', 0, '', 'Χίος');
INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom) VALUES ('49', 10210, '', 0, '', 'Άνδρος');
INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom) VALUES ('50', 10210, '', 0, '', 'Θήρα');
INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom) VALUES ('51', 10210, '', 0, '', 'Κάλυμνος');
INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom) VALUES ('52', 10210, '', 0, '', 'Κάρπαθος');
INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom) VALUES ('53', 10210, '', 0, '', 'Κέα-Κύθνος');
INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom) VALUES ('54', 10210, '', 0, '', 'Κω');
INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom) VALUES ('55', 10210, '', 0, '', 'Μήλος');
INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom) VALUES ('56', 10210, '', 0, '', 'Μύκονος');
INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom) VALUES ('57', 10210, '', 0, '', 'Νάξος');
INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom) VALUES ('58', 10210, '', 0, '', 'Πάρος');
INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom) VALUES ('59', 10210, '', 0, '', 'Ρόδος');
INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom) VALUES ('60', 10210, '', 0, '', 'Σύρος');
INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom) VALUES ('61', 10210, '', 0, '', 'Τήνος');
INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom) VALUES ('62', 10204, '', 0, '', 'Ηράκλειο');
INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom) VALUES ('63', 10204, '', 0, '', 'Λασίθι');
INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom) VALUES ('64', 10204, '', 0, '', 'Ρέθυμνο');
INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom) VALUES ('65', 10204, '', 0, '', 'Χανιά');
-- Honduras Departamentos (id country=114)
INSERT INTO llx_c_departements (fk_region, code_departement, cheflieu, tncc, ncc, nom) VALUES (11401, 'AT', '', 0, 'AT', 'Atlántida');
INSERT INTO llx_c_departements (fk_region, code_departement, cheflieu, tncc, ncc, nom) VALUES (11401, 'CH', '', 0, 'CH', 'Choluteca');
@ -1444,77 +1515,6 @@ INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc
INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom) VALUES ('Z', '402', '50', 1, 'ZARAGOZA', 'Zaragoza');
-- Provinces Greece (id country=102)
INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom, active) VALUES ('66', 10201, '', 0, '', 'Αθήνα', 1);
INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom, active) VALUES ('67', 10205, '', 0, '', 'Δράμα', 1);
INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom, active) VALUES ('01', 10205, '', 0, '', 'Έβρος', 1);
INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom, active) VALUES ('02', 10205, '', 0, '', 'Θάσος', 1);
INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom, active) VALUES ('03', 10205, '', 0, '', 'Καβάλα', 1);
INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom, active) VALUES ('04', 10205, '', 0, '', 'Ξάνθη', 1);
INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom, active) VALUES ('05', 10205, '', 0, '', 'Ροδόπη', 1);
INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom, active) VALUES ('06', 10203, '', 0, '', 'Ημαθία', 1);
INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom, active) VALUES ('07', 10203, '', 0, '', 'Θεσσαλονίκη', 1);
INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom, active) VALUES ('08', 10203, '', 0, '', 'Κιλκίς', 1);
INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom, active) VALUES ('09', 10203, '', 0, '', 'Πέλλα', 1);
INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom, active) VALUES ('10', 10203, '', 0, '', 'Πιερία', 1);
INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom, active) VALUES ('11', 10203, '', 0, '', 'Σέρρες', 1);
INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom, active) VALUES ('12', 10203, '', 0, '', 'Χαλκιδική', 1);
INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom, active) VALUES ('13', 10206, '', 0, '', 'Άρτα', 1);
INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom, active) VALUES ('14', 10206, '', 0, '', 'Θεσπρωτία', 1);
INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom, active) VALUES ('15', 10206, '', 0, '', 'Ιωάννινα', 1);
INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom, active) VALUES ('16', 10206, '', 0, '', 'Πρέβεζα', 1);
INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom, active) VALUES ('17', 10213, '', 0, '', 'Γρεβενά', 1);
INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom, active) VALUES ('18', 10213, '', 0, '', 'Καστοριά', 1);
INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom, active) VALUES ('19', 10213, '', 0, '', 'Κοζάνη', 1);
INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom, active) VALUES ('20', 10213, '', 0, '', 'Φλώρινα', 1);
INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom, active) VALUES ('21', 10212, '', 0, '', 'Καρδίτσα', 1);
INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom, active) VALUES ('22', 10212, '', 0, '', 'Λάρισα', 1);
INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom, active) VALUES ('23', 10212, '', 0, '', 'Μαγνησία', 1);
INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom, active) VALUES ('24', 10212, '', 0, '', 'Τρίκαλα', 1);
INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom, active) VALUES ('25', 10212, '', 0, '', 'Σποράδες', 1);
INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom, active) VALUES ('26', 10212, '', 0, '', 'Βοιωτία', 1);
INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom, active) VALUES ('27', 10202, '', 0, '', 'Εύβοια', 1);
INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom, active) VALUES ('28', 10202, '', 0, '', 'Ευρυτανία', 1);
INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom, active) VALUES ('29', 10202, '', 0, '', 'Φθιώτιδα', 1);
INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom, active) VALUES ('30', 10202, '', 0, '', 'Φωκίδα', 1);
INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom, active) VALUES ('31', 10209, '', 0, '', 'Αργολίδα', 1);
INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom, active) VALUES ('32', 10209, '', 0, '', 'Αρκαδία', 1);
INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom, active) VALUES ('33', 10209, '', 0, '', 'Κορινθία', 1);
INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom, active) VALUES ('34', 10209, '', 0, '', 'Λακωνία', 1);
INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom, active) VALUES ('35', 10209, '', 0, '', 'Μεσσηνία', 1);
INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom, active) VALUES ('36', 10211, '', 0, '', 'Αιτωλοακαρνανία', 1);
INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom, active) VALUES ('37', 10211, '', 0, '', 'Αχαΐα', 1);
INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom, active) VALUES ('38', 10211, '', 0, '', 'Ηλεία', 1);
INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom, active) VALUES ('39', 10207, '', 0, '', 'Ζάκυνθος', 1);
INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom, active) VALUES ('40', 10207, '', 0, '', 'Κέρκυρα', 1);
INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom, active) VALUES ('41', 10207, '', 0, '', 'Κεφαλληνία', 1);
INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom, active) VALUES ('42', 10207, '', 0, '', 'Ιθάκη', 1);
INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom, active) VALUES ('43', 10207, '', 0, '', 'Λευκάδα', 1);
INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom, active) VALUES ('44', 10208, '', 0, '', 'Ικαρία', 1);
INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom, active) VALUES ('45', 10208, '', 0, '', 'Λέσβος', 1);
INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom, active) VALUES ('46', 10208, '', 0, '', 'Λήμνος', 1);
INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom, active) VALUES ('47', 10208, '', 0, '', 'Σάμος', 1);
INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom, active) VALUES ('48', 10208, '', 0, '', 'Χίος', 1);
INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom, active) VALUES ('49', 10210, '', 0, '', 'Άνδρος', 1);
INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom, active) VALUES ('50', 10210, '', 0, '', 'Θήρα', 1);
INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom, active) VALUES ('51', 10210, '', 0, '', 'Κάλυμνος', 1);
INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom, active) VALUES ('52', 10210, '', 0, '', 'Κάρπαθος', 1);
INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom, active) VALUES ('53', 10210, '', 0, '', 'Κέα-Κύθνος', 1);
INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom, active) VALUES ('54', 10210, '', 0, '', 'Κω', 1);
INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom, active) VALUES ('55', 10210, '', 0, '', 'Μήλος', 1);
INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom, active) VALUES ('56', 10210, '', 0, '', 'Μύκονος', 1);
INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom, active) VALUES ('57', 10210, '', 0, '', 'Νάξος', 1);
INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom, active) VALUES ('58', 10210, '', 0, '', 'Πάρος', 1);
INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom, active) VALUES ('59', 10210, '', 0, '', 'Ρόδος', 1);
INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom, active) VALUES ('60', 10210, '', 0, '', 'Σύρος', 1);
INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom, active) VALUES ('61', 10210, '', 0, '', 'Τήνος', 1);
INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom, active) VALUES ('62', 10204, '', 0, '', 'Ηράκλειο', 1);
INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom, active) VALUES ('63', 10204, '', 0, '', 'Λασίθι', 1);
INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom, active) VALUES ('64', 10204, '', 0, '', 'Ρέθυμνο', 1);
INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom, active) VALUES ('65', 10204, '', 0, '', 'Χανιά', 1);
-- Provinces GB (id country=7)
INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom, active) VALUES ('701', 701, NULL, 0,NULL, 'Bedfordshire', 1);
INSERT INTO llx_c_departements (code_departement, fk_region, cheflieu, tncc, ncc, nom, active) VALUES ('702', 701, NULL, 0,NULL, 'Berkshire', 1);

40
htdocs/install/mysql/migration/16.0.0-17.0.0.sql
View File

@ -34,6 +34,8 @@
-- Missing in v16 or lower
ALTER TABLE llx_accounting_system MODIFY COLUMN pcg_version varchar(32) NOT NULL;
ALTER TABLE llx_c_action_trigger MODIFY elementtype VARCHAR(64);
ALTER TABLE llx_c_email_templates ADD COLUMN joinfiles text;
@ -42,11 +44,10 @@ ALTER TABLE llx_c_email_templates ADD COLUMN email_to varchar(255);
ALTER TABLE llx_c_email_templates ADD COLUMN email_tocc varchar(255);
ALTER TABLE llx_c_email_templates ADD COLUMN email_tobcc varchar(255);
ALTER TABLE llx_c_email_templates ADD COLUMN content_lines text;
ALTER TABLE llx_c_email_templates ADD COLUMN enabled varchar(255) DEFAULT '1';
ALTER TABLE llx_expedition ADD COLUMN billed smallint DEFAULT 0;
ALTER TABLE llx_accounting_system MODIFY COLUMN pcg_version varchar(32) NOT NULL;
ALTER TABLE llx_user DROP COLUMN idpers1;
ALTER TABLE llx_user DROP COLUMN idpers2;
ALTER TABLE llx_user DROP COLUMN idpers3;
@ -54,31 +55,32 @@ ALTER TABLE llx_user DROP COLUMN idpers3;
-- v17
ALTER TABLE llx_facture ADD COLUMN close_missing_amount double(24, 8) after close_code;
ALTER TABLE llx_adherent ADD COLUMN default_lang VARCHAR(6) DEFAULT NULL AFTER datefin;
ALTER TABLE llx_facture_fourn ADD COLUMN close_missing_amount double(24, 8) after close_code;
-- Allow users to make subscriptions of any amount during membership subscription
ALTER TABLE llx_adherent_type ADD COLUMN caneditamount integer DEFAULT 0 AFTER amount;
ALTER TABLE llx_inventory ADD COLUMN categories_product VARCHAR(255) DEFAULT NULL AFTER fk_product;
ALTER TABLE llx_ticket ADD COLUMN ip varchar(250);
ALTER TABLE llx_societe ADD last_main_doc VARCHAR(255) NULL AFTER model_pdf;
ALTER TABLE llx_emailcollector_emailcollector ADD COLUMN port varchar(10) DEFAULT '993';
-- Allow users to make subscriptions of any amount during membership subscription
ALTER TABLE llx_bank ADD COLUMN position integer DEFAULT 0;
ALTER TABLE llx_commande_fournisseur_dispatch ADD INDEX idx_commande_fournisseur_dispatch_fk_product (fk_product);
ALTER TABLE llx_recruitment_recruitmentcandidature ADD email_date datetime after email_msgid;
ALTER TABLE llx_ticket ADD email_date datetime after email_msgid;
INSERT INTO llx_const (name, entity, value, type, visible) VALUES ('MAIN_SECURITY_MAX_IMG_IN_HTML_CONTENT', 1, 1000, 'int', 0);
ALTER TABLE llx_adherent ADD COLUMN default_lang VARCHAR(6) DEFAULT NULL AFTER datefin;
ALTER TABLE llx_emailcollector_emailcollector ADD COLUMN port varchar(10) DEFAULT '993';
ALTER TABLE llx_facture ADD COLUMN close_missing_amount double(24, 8) after close_code;
ALTER TABLE llx_facture_fourn ADD COLUMN close_missing_amount double(24, 8) after close_code;
ALTER TABLE llx_inventory ADD COLUMN categories_product VARCHAR(255) DEFAULT NULL AFTER fk_product;
-- Make sell-by or eat-by date mandatory
ALTER TABLE llx_product ADD COLUMN sell_or_eat_by_mandatory tinyint DEFAULT 0 NOT NULL AFTER tobatch;
-- Make sell-by or eat-by date mandatory
ALTER TABLE llx_recruitment_recruitmentcandidature ADD email_date datetime after email_msgid;
ALTER TABLE llx_societe ADD last_main_doc VARCHAR(255) NULL AFTER model_pdf;
ALTER TABLE llx_ticket ADD COLUMN ip varchar(250);
ALTER TABLE llx_ticket ADD email_date datetime after email_msgid;

1
htdocs/langs/en_US/admin.lang
View File

@ -1978,6 +1978,7 @@ MailToSendSupplierOrder=Purchase orders
MailToSendSupplierInvoice=Vendor invoices
MailToSendContract=Contracts
MailToSendReception=Receptions
MailToExpenseReport=Expense reports
MailToThirdparty=Third parties
MailToMember=Members
MailToUser=Users

42
htdocs/main.inc.php
View File

@ -1412,21 +1412,27 @@ function top_httphead($contenttype = 'text/html', $forcenocache = 0)
}
// Security options
// X-Content-Type-Options
header("X-Content-Type-Options: nosniff"); // With the nosniff option, if the server says the content is text/html, the browser will render it as text/html (note that most browsers now force this option to on)
// X-Frame-Options
if (!defined('XFRAMEOPTIONS_ALLOWALL')) {
header("X-Frame-Options: SAMEORIGIN"); // Frames allowed only if on same domain (stop some XSS attacks)
} else {
header("X-Frame-Options: ALLOWALL");
}
// X-XSS-Protection
//header("X-XSS-Protection: 1"); // XSS filtering protection of some browsers (note: use of Content-Security-Policy is more efficient). Disabled as deprecated.
if (!defined('FORCECSP')) {
//if (! isset($conf->global->MAIN_HTTP_CONTENT_SECURITY_POLICY))
//{
// // A default security policy that keep usage of js external component like ckeditor, stripe, google, working
// Content-Security-Policy
if (!defined('MAIN_SECURITY_FORCECSP')) {
// If CSP not forced from the page
// A default security policy that keep usage of js external component like ckeditor, stripe, google, working
// $contentsecuritypolicy = "font-src *; img-src *; style-src * 'unsafe-inline' 'unsafe-eval'; default-src 'self' *.stripe.com 'unsafe-inline' 'unsafe-eval'; script-src 'self' *.stripe.com 'unsafe-inline' 'unsafe-eval'; frame-src 'self' *.stripe.com; connect-src 'self';";
//}
//else
$contentsecuritypolicy = empty($conf->global->MAIN_HTTP_CONTENT_SECURITY_POLICY) ? '' : $conf->global->MAIN_HTTP_CONTENT_SECURITY_POLICY;
$contentsecuritypolicy = getDolGlobalString('MAIN_SECURITY_FORCECSP');
if (!is_object($hookmanager)) {
$hookmanager = new HookManager($db);
@ -1448,17 +1454,29 @@ function top_httphead($contenttype = 'text/html', $forcenocache = 0)
// default-src https://cdn.example.net; object-src 'none'
// For example, to restrict everything to itself except img that can be on other servers:
// default-src 'self'; img-src *;
// Pre-existing site that uses too much inline code to fix but wants to ensure resources are loaded only over https and disable plugins:
// default-src http: https: 'unsafe-eval' 'unsafe-inline'; object-src 'none'
// Pre-existing site that uses too much js code to fix but wants to ensure resources are loaded only over https and disable plugins:
// default-src https: 'unsafe-inline' 'unsafe-eval'; object-src 'none'
header("Content-Security-Policy: ".$contentsecuritypolicy);
}
} elseif (constant('FORCECSP')) {
header("Content-Security-Policy: ".constant('FORCECSP'));
} else {
header("Content-Security-Policy: ".constant('MAIN_SECURITY_FORCECSP'));
}
// Referrer-Policy
// Say if we must provide the referrer when we jump onto another web page.
// Default browser are 'strict-origin-when-cross-origin', we want more so we use 'same-origin' so we don't send any referrer when going into another web site
if (!defined('MAIN_SECURITY_FORCERP')) {
$referrerpolicy = getDolGlobalString('MAIN_SECURITY_FORCERP', "same-origin");
header("Referrer-Policy: ".$referrerpolicy);
}
if ($forcenocache) {
header("Cache-Control: no-cache, no-store, must-revalidate, max-age=0");
}
header("anti-csrf-token: ".newToken());
// No need to add this token in header, we use instead the one into the forms.
//header("anti-csrf-token: ".newToken());
}
/**

2
htdocs/modulebuilder/template/myobject_agenda.php
View File

@ -39,7 +39,7 @@
//if (! defined("MAIN_LANG_DEFAULT")) define('MAIN_LANG_DEFAULT', 'auto'); // Force lang to a particular value
//if (! defined("MAIN_AUTHENTICATION_MODE")) define('MAIN_AUTHENTICATION_MODE', 'aloginmodule'); // Force authentication handler
//if (! defined("NOREDIRECTBYMAINTOLOGIN")) define('NOREDIRECTBYMAINTOLOGIN', 1); // The main.inc.php does not make a redirect if not logged, instead show simple error message
//if (! defined("FORCECSP")) define('FORCECSP', 'none'); // Disable all Content Security Policies
//if (! defined("MAIN_SECURITY_FORCECSP")) define('MAIN_SECURITY_FORCECSP', 'none'); // Disable all Content Security Policies
//if (! defined('CSRFCHECK_WITH_TOKEN')) define('CSRFCHECK_WITH_TOKEN', '1'); // Force use of CSRF protection with tokens even for GET
//if (! defined('NOBROWSERNOTIF')) define('NOBROWSERNOTIF', '1'); // Disable browser notification

2
htdocs/modulebuilder/template/myobject_card.php
View File

@ -39,7 +39,7 @@
//if (! defined("MAIN_LANG_DEFAULT")) define('MAIN_LANG_DEFAULT', 'auto'); // Force lang to a particular value
//if (! defined("MAIN_AUTHENTICATION_MODE")) define('MAIN_AUTHENTICATION_MODE', 'aloginmodule'); // Force authentication handler
//if (! defined("NOREDIRECTBYMAINTOLOGIN")) define('NOREDIRECTBYMAINTOLOGIN', 1); // The main.inc.php does not make a redirect if not logged, instead show simple error message
//if (! defined("FORCECSP")) define('FORCECSP', 'none'); // Disable all Content Security Policies
//if (! defined("MAIN_SECURITY_FORCECSP")) define('MAIN_SECURITY_FORCECSP', 'none'); // Disable all Content Security Policies
//if (! defined('CSRFCHECK_WITH_TOKEN')) define('CSRFCHECK_WITH_TOKEN', '1'); // Force use of CSRF protection with tokens even for GET
//if (! defined('NOBROWSERNOTIF')) define('NOBROWSERNOTIF', '1'); // Disable browser notification
//if (! defined('NOSESSION')) define('NOSESSION', '1'); // Disable session

2
htdocs/modulebuilder/template/myobject_document.php
View File

@ -39,7 +39,7 @@
//if (! defined("MAIN_LANG_DEFAULT")) define('MAIN_LANG_DEFAULT', 'auto'); // Force lang to a particular value
//if (! defined("MAIN_AUTHENTICATION_MODE")) define('MAIN_AUTHENTICATION_MODE', 'aloginmodule'); // Force authentication handler
//if (! defined("NOREDIRECTBYMAINTOLOGIN")) define('NOREDIRECTBYMAINTOLOGIN', 1); // The main.inc.php does not make a redirect if not logged, instead show simple error message
//if (! defined("FORCECSP")) define('FORCECSP', 'none'); // Disable all Content Security Policies
//if (! defined("MAIN_SECURITY_FORCECSP")) define('MAIN_SECURITY_FORCECSP', 'none'); // Disable all Content Security Policies
//if (! defined('CSRFCHECK_WITH_TOKEN')) define('CSRFCHECK_WITH_TOKEN', '1'); // Force use of CSRF protection with tokens even for GET
//if (! defined('NOBROWSERNOTIF')) define('NOBROWSERNOTIF', '1'); // Disable browser notification

2
htdocs/modulebuilder/template/myobject_list.php
View File

@ -39,7 +39,7 @@
//if (! defined("MAIN_LANG_DEFAULT")) define('MAIN_LANG_DEFAULT', 'auto'); // Force lang to a particular value
//if (! defined("MAIN_AUTHENTICATION_MODE")) define('MAIN_AUTHENTICATION_MODE', 'aloginmodule'); // Force authentication handler
//if (! defined("NOREDIRECTBYMAINTOLOGIN")) define('NOREDIRECTBYMAINTOLOGIN', 1); // The main.inc.php does not make a redirect if not logged, instead show simple error message
//if (! defined("FORCECSP")) define('FORCECSP', 'none'); // Disable all Content Security Policies
//if (! defined("MAIN_SECURITY_FORCECSP")) define('MAIN_SECURITY_FORCECSP', 'none'); // Disable all Content Security Policies
//if (! defined('CSRFCHECK_WITH_TOKEN')) define('CSRFCHECK_WITH_TOKEN', '1'); // Force use of CSRF protection with tokens even for GET
//if (! defined('NOBROWSERNOTIF')) define('NOBROWSERNOTIF', '1'); // Disable browser notification
//if (! defined('NOSESSION')) define('NOSESSION', '1'); // On CLI mode, no need to use web sessions

2
htdocs/modulebuilder/template/myobject_note.php
View File

@ -39,7 +39,7 @@
//if (! defined("MAIN_LANG_DEFAULT")) define('MAIN_LANG_DEFAULT', 'auto'); // Force lang to a particular value
//if (! defined("MAIN_AUTHENTICATION_MODE")) define('MAIN_AUTHENTICATION_MODE', 'aloginmodule'); // Force authentication handler
//if (! defined("NOREDIRECTBYMAINTOLOGIN")) define('NOREDIRECTBYMAINTOLOGIN', 1); // The main.inc.php does not make a redirect if not logged, instead show simple error message
//if (! defined("FORCECSP")) define('FORCECSP', 'none'); // Disable all Content Security Policies
//if (! defined("MAIN_SECURITY_FORCECSP")) define('MAIN_SECURITY_FORCECSP', 'none'); // Disable all Content Security Policies
//if (! defined('CSRFCHECK_WITH_TOKEN')) define('CSRFCHECK_WITH_TOKEN', '1'); // Force use of CSRF protection with tokens even for GET
//if (! defined('NOBROWSERNOTIF')) define('NOBROWSERNOTIF', '1'); // Disable browser notification

2
htdocs/mrp/mo_production.php
View File

@ -174,6 +174,8 @@ if (empty($reshook)) {
}
$action = '';
// Redirect to refresh the tab information
header("Location: ".$_SERVER["PHP_SELF"].'?id='.$object->id);
}
if (in_array($action, array('confirm_consumeorproduce', 'confirm_consumeandproduceall')) && $permissiontoproduce) {

16
htdocs/product/card.php
View File

@ -19,6 +19,7 @@
* Copyright (C) 2019-2022 Frédéric France <frederic.france@netlogic.fr>
* Copyright (C) 2019-2020 Thibault FOUCART <support@ptibogxiv.net>
* Copyright (C) 2020 Pierre Ardoin <mapiolca@me.com>
* Copyright (C) 2022 Vincent de Grandpré <vincent@de-grandpre.quebec>
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -666,7 +667,20 @@ if (empty($reshook)) {
if (count($object->errors)) {
setEventMessages($object->error, $object->errors, 'errors');
} else {
setEventMessages($langs->trans($object->error), null, 'errors');
if ($object->error == 'ErrorProductAlreadyExists') {
// allow to hook on ErrorProductAlreadyExists in any module
$reshook = $hookmanager->executeHooks('onProductAlreadyExists', $parameters, $object, $action);
if ($reshook < 0) {
setEventMessages($hookmanager->error, $hookmanager->errors, 'errors');
}
if ($object->error) {
// check again to prevent translation issue,
// as error may have been cleared in hook function
setEventMessages($langs->trans($object->error), null, 'errors');
}
} else {
setEventMessages($langs->trans($object->error), null, 'errors');
}
}
$action = "create";
}

2
htdocs/product/class/api_products.class.php
View File

@ -354,7 +354,7 @@ class Products extends DolibarrApi
throw new RestException(401, 'Access not allowed for login '.DolibarrApiAccess::$user->login);
}
$oldproduct = dol_clone($this->product, 0);
$oldproduct = dol_clone($this->product);
foreach ($request_data as $field => $value) {
if ($field == 'id') {

6
htdocs/product/fournisseurs.php
View File

@ -913,10 +913,10 @@ END;
'pfp.multicurrency_unitprice'=>array('label'=>$langs->trans("UnitPriceHTCurrency"), 'enabled' => (!empty($conf->multicurrency->enabled)), 'checked'=>0, 'position'=>10),
'pfp.delivery_time_days'=>array('label'=>$langs->trans("NbDaysToDelivery"), 'checked'=>1, 'position'=>13),
'pfp.supplier_reputation'=>array('label'=>$langs->trans("ReputationForThisProduct"), 'checked'=>1, 'position'=>14),
'pfp.fk_barcode_type'=>array('label'=>$langs->trans("BarcodeType"), 'enabled' => $conf->barcode->enabled, 'checked'=>0, 'position'=>15),
'pfp.barcode'=>array('label'=>$langs->trans("BarcodeValue"), 'enabled' => $conf->barcode->enabled, 'checked'=>0, 'position'=>16),
'pfp.fk_barcode_type'=>array('label'=>$langs->trans("BarcodeType"), 'enabled' => !empty($conf->barcode->enabled), 'checked'=>0, 'position'=>15),
'pfp.barcode'=>array('label'=>$langs->trans("BarcodeValue"), 'enabled' => !empty($conf->barcode->enabled), 'checked'=>0, 'position'=>16),
'pfp.packaging'=>array('label'=>$langs->trans("PackagingForThisProduct"), 'enabled' => !empty($conf->global->PRODUCT_USE_SUPPLIER_PACKAGING), 'checked'=>0, 'position'=>17),
'pfp.tms'=>array('label'=>$langs->trans("DateModification"), 'enabled' => $conf->barcode->enabled, 'checked'=>1, 'position'=>18),
'pfp.tms'=>array('label'=>$langs->trans("DateModification"), 'enabled' => !empty($conf->barcode->enabled), 'checked'=>1, 'position'=>18),
);
// fetch optionals attributes and labels

15
htdocs/product/stock/movement_list.php
View File

@ -942,12 +942,17 @@ if ($action == "transfert") {
if ((empty($action) || $action == 'list') && $id > 0) {
print "<div class=\"tabsAction\">\n";
if ($user->rights->stock->mouvement->creer) {
print '<a class="butAction" href="'.$_SERVER["PHP_SELF"].'?id='.$id.'&action=correction">'.$langs->trans("CorrectStock").'</a>';
}
$parameters = array();
$reshook = $hookmanager->executeHooks('addMoreActionsButtons', $parameters, $object, $action); // Note that $action and $object may have been
// modified by hook
if (empty($reshook)) {
if ($user->rights->stock->mouvement->creer) {
print '<a class="butAction" href="'.$_SERVER["PHP_SELF"].'?id='.$id.'&action=correction">'.$langs->trans("CorrectStock").'</a>';
}
if ($user->rights->stock->mouvement->creer) {
print '<a class="butAction" href="'.$_SERVER["PHP_SELF"].'?id='.$id.'&action=transfert">'.$langs->trans("TransferStock").'</a>';
if ($user->rights->stock->mouvement->creer) {
print '<a class="butAction" href="'.$_SERVER["PHP_SELF"].'?id='.$id.'&action=transfert">'.$langs->trans("TransferStock").'</a>';
}
}
print '</div><br>';

2
htdocs/product/stock/replenish.php
View File

@ -467,7 +467,7 @@ if ($usevirtualstock) {
$sqlProductionToConsume .= " AND mp5.role IN ('toconsume', 'consummed')";
$sqlProductionToConsume .= " AND mm5.status IN (1,2))";
$sqlProductionToProduce = "(SELECT GREATEST(0, ".$db->ifsql("SUM(".$db->ifsql("mp5.role = 'toproduce'", 'mp5.qty', '- mp5.qty').") IS NULL", "0", "SUM(".$db->ifsql("mp5.role = 'toconsume'", 'mp5.qty', '- mp5.qty').")").") as qty"; // We need the ifsql because if result is 0 for product p.rowid, we must return 0 and not NULL
$sqlProductionToProduce = "(SELECT GREATEST(0, ".$db->ifsql("SUM(".$db->ifsql("mp5.role = 'toproduce'", 'mp5.qty', '- mp5.qty').") IS NULL", "0", "SUM(".$db->ifsql("mp5.role = 'toproduce'", 'mp5.qty', '- mp5.qty').")").") as qty"; // We need the ifsql because if result is 0 for product p.rowid, we must return 0 and not NULL
$sqlProductionToProduce .= " FROM ".MAIN_DB_PREFIX."mrp_mo as mm5,";
$sqlProductionToProduce .= " ".MAIN_DB_PREFIX."mrp_production as mp5";
$sqlProductionToProduce .= " WHERE mm5.rowid = mp5.fk_mo AND mm5.entity IN (".getEntity(!empty($conf->global->STOCK_CALCULATE_VIRTUAL_STOCK_TRANSVERSE_MODE) ? 'stock' : 'mo').")";

17
htdocs/product/stock/stocktransfer/stocktransfer_agenda.php
View File

@ -1,7 +1,6 @@
<?php
/* Copyright (C) 2017 Laurent Destailleur <eldy@users.sourceforge.net>
* Copyright (C) 2021 Gauthier VERDOL <gauthier.verdol@atm-consulting.fr>
* Copyright (C) ---Put here your own copyright and developer email---
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -23,21 +22,7 @@
* \brief Page of StockTransfer events
*/
// Load Dolibarr environment
$res = 0;
// Try main.inc.php into web root known defined into CONTEXT_DOCUMENT_ROOT (not always defined)
if (!$res && !empty($_SERVER["CONTEXT_DOCUMENT_ROOT"])) $res = @include $_SERVER["CONTEXT_DOCUMENT_ROOT"]."/main.inc.php";
// Try main.inc.php into web root detected using web root calculated from SCRIPT_FILENAME
$tmp = empty($_SERVER['SCRIPT_FILENAME']) ? '' : $_SERVER['SCRIPT_FILENAME']; $tmp2 = realpath(__FILE__); $i = strlen($tmp) - 1; $j = strlen($tmp2) - 1;
while ($i > 0 && $j > 0 && isset($tmp[$i]) && isset($tmp2[$j]) && $tmp[$i] == $tmp2[$j]) { $i--; $j--; }
if (!$res && $i > 0 && file_exists(substr($tmp, 0, ($i + 1))."/main.inc.php")) $res = @include substr($tmp, 0, ($i + 1))."/main.inc.php";
if (!$res && $i > 0 && file_exists(dirname(substr($tmp, 0, ($i + 1)))."/main.inc.php")) $res = @include dirname(substr($tmp, 0, ($i + 1)))."/main.inc.php";
// Try main.inc.php using relative path
if (!$res && file_exists("../main.inc.php")) $res = @include "../main.inc.php";
if (!$res && file_exists("../../main.inc.php")) $res = @include "../../main.inc.php";
if (!$res && file_exists("../../../main.inc.php")) $res = @include "../../../main.inc.php";
if (!$res) die("Include of main fails");
require '../../../main.inc.php';
require_once DOL_DOCUMENT_ROOT.'/contact/class/contact.class.php';
require_once DOL_DOCUMENT_ROOT.'/core/lib/company.lib.php';
require_once DOL_DOCUMENT_ROOT.'/core/lib/functions2.lib.php';

36
htdocs/product/stock/stocktransfer/stocktransfer_card.php
View File

@ -22,41 +22,7 @@
* \brief Page to create/edit/view stocktransfer
*/
//if (! defined('NOREQUIREDB')) define('NOREQUIREDB','1'); // Do not create database handler $db
//if (! defined('NOREQUIREUSER')) define('NOREQUIREUSER','1'); // Do not load object $user
//if (! defined('NOREQUIRESOC')) define('NOREQUIRESOC','1'); // Do not load object $mysoc
//if (! defined('NOREQUIRETRAN')) define('NOREQUIRETRAN','1'); // Do not load object $langs
//if (! defined('NOSCANGETFORINJECTION')) define('NOSCANGETFORINJECTION','1'); // Do not check injection attack on GET parameters
//if (! defined('NOSCANPOSTFORINJECTION')) define('NOSCANPOSTFORINJECTION','1'); // Do not check injection attack on POST parameters
//if (! defined('NOCSRFCHECK')) define('NOCSRFCHECK','1'); // Do not check CSRF attack (test on referer + on token if option MAIN_SECURITY_CSRF_WITH_TOKEN is on).
//if (! defined('NOTOKENRENEWAL')) define('NOTOKENRENEWAL','1'); // Do not roll the Anti CSRF token (used if MAIN_SECURITY_CSRF_WITH_TOKEN is on)
//if (! defined('NOSTYLECHECK')) define('NOSTYLECHECK','1'); // Do not check style html tag into posted data
//if (! defined('NOREQUIREMENU')) define('NOREQUIREMENU','1'); // If there is no need to load and show top and left menu
//if (! defined('NOREQUIREHTML')) define('NOREQUIREHTML','1'); // If we don't need to load the html.form.class.php
//if (! defined('NOREQUIREAJAX')) define('NOREQUIREAJAX','1'); // Do not load ajax.lib.php library
//if (! defined("NOLOGIN")) define("NOLOGIN",'1'); // If this page is public (can be called outside logged session). This include the NOIPCHECK too.
//if (! defined('NOIPCHECK')) define('NOIPCHECK','1'); // Do not check IP defined into conf $dolibarr_main_restrict_ip
//if (! defined("MAIN_LANG_DEFAULT")) define('MAIN_LANG_DEFAULT','auto'); // Force lang to a particular value
//if (! defined("MAIN_AUTHENTICATION_MODE")) define('MAIN_AUTHENTICATION_MODE','aloginmodule'); // Force authentication handler
//if (! defined("NOREDIRECTBYMAINTOLOGIN")) define('NOREDIRECTBYMAINTOLOGIN',1); // The main.inc.php does not make a redirect if not logged, instead show simple error message
//if (! defined("FORCECSP")) define('FORCECSP','none'); // Disable all Content Security Policies
// Load Dolibarr environment
$res = 0;
// Try main.inc.php into web root known defined into CONTEXT_DOCUMENT_ROOT (not always defined)
if (!$res && !empty($_SERVER["CONTEXT_DOCUMENT_ROOT"])) $res = @include $_SERVER["CONTEXT_DOCUMENT_ROOT"]."/main.inc.php";
// Try main.inc.php into web root detected using web root calculated from SCRIPT_FILENAME
$tmp = empty($_SERVER['SCRIPT_FILENAME']) ? '' : $_SERVER['SCRIPT_FILENAME']; $tmp2 = realpath(__FILE__); $i = strlen($tmp) - 1; $j = strlen($tmp2) - 1;
while ($i > 0 && $j > 0 && isset($tmp[$i]) && isset($tmp2[$j]) && $tmp[$i] == $tmp2[$j]) { $i--; $j--; }
if (!$res && $i > 0 && file_exists(substr($tmp, 0, ($i + 1))."/main.inc.php")) $res = @include substr($tmp, 0, ($i + 1))."/main.inc.php";
if (!$res && $i > 0 && file_exists(dirname(substr($tmp, 0, ($i + 1)))."/main.inc.php")) $res = @include dirname(substr($tmp, 0, ($i + 1)))."/main.inc.php";
// Try main.inc.php using relative path
if (!$res && file_exists("../main.inc.php")) $res = @include "../main.inc.php";
if (!$res && file_exists("../../main.inc.php")) $res = @include "../../main.inc.php";
if (!$res && file_exists("../../../main.inc.php")) $res = @include "../../../main.inc.php";
if (!$res) die("Include of main fails");
require '../../../main.inc.php';
require_once DOL_DOCUMENT_ROOT.'/core/class/html.formcompany.class.php';
require_once DOL_DOCUMENT_ROOT.'/core/class/html.formfile.class.php';
require_once DOL_DOCUMENT_ROOT.'/core/class/html.formprojet.class.php';

12
htdocs/product/stock/stocktransfer/stocktransfer_contact.php
View File

@ -25,17 +25,7 @@
* \brief Tab to manage contacts/adresses of proposal
*/
if (!$res && file_exists("../main.inc.php")) $res = @include "../main.inc.php";
if (!$res && file_exists("../../main.inc.php")) $res = @include "../../main.inc.php";
if (!$res && file_exists("../../../main.inc.php")) $res = @include "../../../main.inc.php";
if (!$res) die("Include of main fails");
require_once DOL_DOCUMENT_ROOT.'/product/stock/stocktransfer/class/stocktransfer.class.php';
require_once DOL_DOCUMENT_ROOT.'/product/stock/stocktransfer/lib/stocktransfer_stocktransfer.lib.php';
require_once DOL_DOCUMENT_ROOT.'/contact/class/contact.class.php';
require_once DOL_DOCUMENT_ROOT.'/core/class/html.formother.class.php';
require_once DOL_DOCUMENT_ROOT.'/core/class/html.formcompany.class.php';
require_once DOL_DOCUMENT_ROOT.'/projet/class/project.class.php';
require '../../../main.inc.php';
// Load translation files required by the page
$langs->loadLangs(array('facture', 'orders', 'sendings', 'companies', 'stocks'));

17
htdocs/product/stock/stocktransfer/stocktransfer_document.php
View File

@ -1,7 +1,6 @@
<?php
/* Copyright (C) 2007-2017 Laurent Destailleur <eldy@users.sourceforge.net>
* Copyright (C) 2021 Gauthier VERDOL <gauthier.verdol@atm-consulting.fr>
* Copyright (C) ---Put here your own copyright and developer email---
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -23,21 +22,7 @@
* \brief Tab for documents linked to StockTransfer
*/
// Load Dolibarr environment
$res = 0;
// Try main.inc.php into web root known defined into CONTEXT_DOCUMENT_ROOT (not always defined)
if (!$res && !empty($_SERVER["CONTEXT_DOCUMENT_ROOT"])) $res = @include $_SERVER["CONTEXT_DOCUMENT_ROOT"]."/main.inc.php";
// Try main.inc.php into web root detected using web root calculated from SCRIPT_FILENAME
$tmp = empty($_SERVER['SCRIPT_FILENAME']) ? '' : $_SERVER['SCRIPT_FILENAME']; $tmp2 = realpath(__FILE__); $i = strlen($tmp) - 1; $j = strlen($tmp2) - 1;
while ($i > 0 && $j > 0 && isset($tmp[$i]) && isset($tmp2[$j]) && $tmp[$i] == $tmp2[$j]) { $i--; $j--; }
if (!$res && $i > 0 && file_exists(substr($tmp, 0, ($i + 1))."/main.inc.php")) $res = @include substr($tmp, 0, ($i + 1))."/main.inc.php";
if (!$res && $i > 0 && file_exists(dirname(substr($tmp, 0, ($i + 1)))."/main.inc.php")) $res = @include dirname(substr($tmp, 0, ($i + 1)))."/main.inc.php";
// Try main.inc.php using relative path
if (!$res && file_exists("../main.inc.php")) $res = @include "../main.inc.php";
if (!$res && file_exists("../../main.inc.php")) $res = @include "../../main.inc.php";
if (!$res && file_exists("../../../main.inc.php")) $res = @include "../../../main.inc.php";
if (!$res) die("Include of main fails");
require '../../../main.inc.php';
require_once DOL_DOCUMENT_ROOT.'/core/lib/company.lib.php';
require_once DOL_DOCUMENT_ROOT.'/core/lib/files.lib.php';
require_once DOL_DOCUMENT_ROOT.'/core/lib/images.lib.php';

42
htdocs/product/stock/stocktransfer/stocktransfer_list.php
View File

@ -23,50 +23,12 @@
* \brief List page for stocktransfer
*/
//if (! defined('NOREQUIREDB')) define('NOREQUIREDB', '1'); // Do not create database handler $db
//if (! defined('NOREQUIREUSER')) define('NOREQUIREUSER', '1'); // Do not load object $user
//if (! defined('NOREQUIRESOC')) define('NOREQUIRESOC', '1'); // Do not load object $mysoc
//if (! defined('NOREQUIRETRAN')) define('NOREQUIRETRAN', '1'); // Do not load object $langs
//if (! defined('NOSCANGETFORINJECTION')) define('NOSCANGETFORINJECTION', '1'); // Do not check injection attack on GET parameters
//if (! defined('NOSCANPOSTFORINJECTION')) define('NOSCANPOSTFORINJECTION', '1'); // Do not check injection attack on POST parameters
//if (! defined('NOCSRFCHECK')) define('NOCSRFCHECK', '1'); // Do not check CSRF attack (test on referer + on token if option MAIN_SECURITY_CSRF_WITH_TOKEN is on).
//if (! defined('NOTOKENRENEWAL')) define('NOTOKENRENEWAL', '1'); // Do not roll the Anti CSRF token (used if MAIN_SECURITY_CSRF_WITH_TOKEN is on)
//if (! defined('NOSTYLECHECK')) define('NOSTYLECHECK', '1'); // Do not check style html tag into posted data
//if (! defined('NOIPCHECK')) define('NOIPCHECK', '1'); // Do not check IP defined into conf $dolibarr_main_restrict_ip
//if (! defined('NOREQUIREMENU')) define('NOREQUIREMENU', '1'); // If there is no need to load and show top and left menu
//if (! defined('NOREQUIREHTML')) define('NOREQUIREHTML', '1'); // If we don't need to load the html.form.class.php
//if (! defined('NOREQUIREAJAX')) define('NOREQUIREAJAX', '1'); // Do not load ajax.lib.php library
//if (! defined("NOLOGIN")) define("NOLOGIN", '1'); // If this page is public (can be called outside logged session)
//if (! defined("MAIN_LANG_DEFAULT")) define('MAIN_LANG_DEFAULT', 'auto'); // Force lang to a particular value
//if (! defined("MAIN_AUTHENTICATION_MODE")) define('MAIN_AUTHENTICATION_MODE', 'aloginmodule'); // Force authentication handler
//if (! defined("NOREDIRECTBYMAINTOLOGIN")) define('NOREDIRECTBYMAINTOLOGIN', '1'); // The main.inc.php does not make a redirect if not logged, instead show simple error message
//if (! defined("XFRAMEOPTIONS_ALLOWALL")) define('XFRAMEOPTIONS_ALLOWALL', '1'); // Do not add the HTTP header 'X-Frame-Options: SAMEORIGIN' but 'X-Frame-Options: ALLOWALL'
// Load Dolibarr environment
$res = 0;
// Try main.inc.php into web root known defined into CONTEXT_DOCUMENT_ROOT (not always defined)
if (!$res && !empty($_SERVER["CONTEXT_DOCUMENT_ROOT"])) $res = @include $_SERVER["CONTEXT_DOCUMENT_ROOT"]."/main.inc.php";
// Try main.inc.php into web root detected using web root calculated from SCRIPT_FILENAME
$tmp = empty($_SERVER['SCRIPT_FILENAME']) ? '' : $_SERVER['SCRIPT_FILENAME']; $tmp2 = realpath(__FILE__); $i = strlen($tmp) - 1; $j = strlen($tmp2) - 1;
while ($i > 0 && $j > 0 && isset($tmp[$i]) && isset($tmp2[$j]) && $tmp[$i] == $tmp2[$j]) { $i--; $j--; }
if (!$res && $i > 0 && file_exists(substr($tmp, 0, ($i + 1))."/main.inc.php")) $res = @include substr($tmp, 0, ($i + 1))."/main.inc.php";
if (!$res && $i > 0 && file_exists(dirname(substr($tmp, 0, ($i + 1)))."/main.inc.php")) $res = @include dirname(substr($tmp, 0, ($i + 1)))."/main.inc.php";
// Try main.inc.php using relative path
if (!$res && file_exists("../main.inc.php")) $res = @include "../main.inc.php";
if (!$res && file_exists("../../main.inc.php")) $res = @include "../../main.inc.php";
if (!$res && file_exists("../../../main.inc.php")) $res = @include "../../../main.inc.php";
if (!$res) die("Include of main fails");
require '../../../main.inc.php';
require_once DOL_DOCUMENT_ROOT.'/core/class/html.formcompany.class.php';
require_once DOL_DOCUMENT_ROOT.'/core/lib/date.lib.php';
require_once DOL_DOCUMENT_ROOT.'/core/lib/company.lib.php';
require_once DOL_DOCUMENT_ROOT.'/core/lib/functions.lib.php';
// load stocktransfer libraries
require_once __DIR__.'/class/stocktransfer.class.php';
// for other modules
//dol_include_once('/othermodule/class/otherobject.class.php');
require_once DOL_DOCUMENT_ROOT.'/product/stock/stocktransfer/class/stocktransfer.class.php';
// Load translation files required by the page
$langs->loadLangs(array("stocks", "other"));

17
htdocs/product/stock/stocktransfer/stocktransfer_note.php
View File

@ -1,7 +1,6 @@
<?php
/* Copyright (C) 2007-2017 Laurent Destailleur <eldy@users.sourceforge.net>
* Copyright (C) 2021 Gauthier VERDOL <gauthier.verdol@atm-consulting.fr>
* Copyright (C) ---Put here your own copyright and developer email---
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
@ -23,21 +22,7 @@
* \brief Car with notes on StockTransfer
*/
// Load Dolibarr environment
$res = 0;
// Try main.inc.php into web root known defined into CONTEXT_DOCUMENT_ROOT (not always defined)
if (!$res && !empty($_SERVER["CONTEXT_DOCUMENT_ROOT"])) $res = @include $_SERVER["CONTEXT_DOCUMENT_ROOT"]."/main.inc.php";
// Try main.inc.php into web root detected using web root calculated from SCRIPT_FILENAME
$tmp = empty($_SERVER['SCRIPT_FILENAME']) ? '' : $_SERVER['SCRIPT_FILENAME']; $tmp2 = realpath(__FILE__); $i = strlen($tmp) - 1; $j = strlen($tmp2) - 1;
while ($i > 0 && $j > 0 && isset($tmp[$i]) && isset($tmp2[$j]) && $tmp[$i] == $tmp2[$j]) { $i--; $j--; }
if (!$res && $i > 0 && file_exists(substr($tmp, 0, ($i + 1))."/main.inc.php")) $res = @include substr($tmp, 0, ($i + 1))."/main.inc.php";
if (!$res && $i > 0 && file_exists(dirname(substr($tmp, 0, ($i + 1)))."/main.inc.php")) $res = @include dirname(substr($tmp, 0, ($i + 1)))."/main.inc.php";
// Try main.inc.php using relative path
if (!$res && file_exists("../main.inc.php")) $res = @include "../main.inc.php";
if (!$res && file_exists("../../main.inc.php")) $res = @include "../../main.inc.php";
if (!$res && file_exists("../../../main.inc.php")) $res = @include "../../../main.inc.php";
if (!$res) die("Include of main fails");
require '../../../main.inc.php';
require_once DOL_DOCUMENT_ROOT.'/product/stock/stocktransfer/class/stocktransfer.class.php';
require_once DOL_DOCUMENT_ROOT.'/product/stock/stocktransfer/lib/stocktransfer_stocktransfer.lib.php';

2
htdocs/projet/activity/perweek.php
View File

@ -446,7 +446,7 @@ $nav = '<a class="inline-block valignmiddle" href="?year='.$prev_year."&month=".
$nav .= ' <span id="month_name">'.dol_print_date(dol_mktime(0, 0, 0, $first_month, $first_day, $first_year), "%Y").", ".$langs->trans("WeekShort")." ".$week." </span>\n";
$nav .= '<a class="inline-block valignmiddle" href="?year='.$next_year."&month=".$next_month."&day=".$next_day.$param.'">'.img_next($langs->trans("Next"))."</a>\n";
$nav .= ' '.$form->selectDate(-1, '', 0, 0, 2, "addtime", 1, 1).' ';
$nav .= ' <button type="submit" name="submitdateselect" value="x" class="bordertransp"><span class="fa fa-search"></span></button>';
$nav .= ' <button type="submit" name="submitdateselect" value="x" class="nobordertransp button_search_x"><span class="fa fa-search"></span></button>';
$picto = 'clock';

33
htdocs/projet/class/task.class.php
View File

@ -1724,26 +1724,31 @@ class Task extends CommonObjectLine
$ret = -1;
}
if ($ret == 1 && ($this->timespent_old_duration != $this->timespent_duration)) {
// Recalculate amount of time spent for task and update denormalized field
$sql = "UPDATE ".MAIN_DB_PREFIX."projet_task";
$sql .= " SET duration_effective = (SELECT SUM(task_duration) FROM ".MAIN_DB_PREFIX."projet_task_time as ptt where ptt.fk_task = ".((int) $this->id).")";
if (isset($this->progress)) {
$sql .= ", progress = ".((float) $this->progress); // Do not overwrite value if not provided
}
$sql .= " WHERE rowid = ".((int) $this->id);
if ($ret == 1 && (($this->timespent_old_duration != $this->timespent_duration) || !empty($conf->global->TIMESPENT_ALWAYS_UPDATE_THM))) {
if ($this->timespent_old_duration != $this->timespent_duration) {
// Recalculate amount of time spent for task and update denormalized field
$sql = "UPDATE " . MAIN_DB_PREFIX . "projet_task";
$sql .= " SET duration_effective = (SELECT SUM(task_duration) FROM " . MAIN_DB_PREFIX . "projet_task_time as ptt where ptt.fk_task = " . ((int) $this->id) . ")";
if (isset($this->progress)) {
$sql .= ", progress = " . ((float) $this->progress); // Do not overwrite value if not provided
}
$sql .= " WHERE rowid = " . ((int) $this->id);
dol_syslog(get_class($this)."::updateTimeSpent", LOG_DEBUG);
if (!$this->db->query($sql)) {
$this->error = $this->db->lasterror();
$this->db->rollback();
$ret = -2;
dol_syslog(get_class($this) . "::updateTimeSpent", LOG_DEBUG);
if (!$this->db->query($sql)) {
$this->error = $this->db->lasterror();
$this->db->rollback();
$ret = -2;
}
}
// Update hourly rate of this time spent entry, but only if it was not set initialy
$sql = "UPDATE ".MAIN_DB_PREFIX."projet_task_time";
$sql .= " SET thm = (SELECT thm FROM ".MAIN_DB_PREFIX."user WHERE rowid = ".((int) $this->timespent_fk_user).")"; // set average hour rate of user
$sql .= " WHERE (thm IS NULL OR thm = 0) AND rowid = ".((int) $this->timespent_id);
$sql .= " WHERE rowid = ".((int) $this->timespent_id);
if (empty($conf->global->TIMESPENT_ALWAYS_UPDATE_THM)) { // then if not empty we always update, in case of new thm for user, or change user of task time line
$sql .= " AND (thm IS NULL OR thm = 0)";
}
dol_syslog(get_class($this)."::addTimeSpent", LOG_DEBUG);
if (!$this->db->query($sql)) {

205
htdocs/public/emailing/mailing-unsubscribe.php
View File

@ -45,22 +45,11 @@ if (!defined('NOIPCHECK')) {
if (!defined("NOSESSION")) {
define("NOSESSION", '1');
}
/**
* Header empty
*
* @return void
*/
function llxHeader()
{
if (! defined('NOREQUIREHTML')) {
define('NOREQUIREHTML', '1'); // If we don't need to load the html.form.class.php
}
/**
* Footer empty
*
* @return void
*/
function llxFooter()
{
if (! defined('NOREQUIREAJAX')) {
define('NOREQUIREAJAX', '1'); // Do not load ajax.lib.php library
}
@ -71,9 +60,7 @@ global $user, $conf, $langs;
$langs->loadLangs(array("main", "mails"));
$mtid = GETPOST('mtid');
$email = GETPOST('email');
$tag = GETPOST('tag');
$tag = GETPOST('tag'); // To retreive the emailing, and recipient
$unsuscrib = GETPOST('unsuscrib');
$securitykey = GETPOST('securitykey');
@ -84,104 +71,98 @@ $securitykey = GETPOST('securitykey');
dol_syslog("public/emailing/mailing-read.php : tag=".$tag." securitykey=".$securitykey, LOG_DEBUG);
if ($securitykey != $conf->global->MAILING_EMAIL_UNSUBSCRIBE_KEY) {
if ($securitykey != getDolGlobalString('MAILING_EMAIL_UNSUBSCRIBE_KEY')) {
print 'Bad security key value.';
exit;
}
if (!empty($tag) && ($unsuscrib == '1')) {
dol_syslog("public/emailing/mailing-unsubscribe.php : Launch unsubscribe requests", LOG_DEBUG);
$sql = "SELECT mc.rowid, mc.email, mc.statut, m.entity";
$sql .= " FROM ".MAIN_DB_PREFIX."mailing_cibles as mc, ".MAIN_DB_PREFIX."mailing as m";
$sql .= " WHERE mc.fk_mailing = m.rowid AND mc.tag='".$db->escape($tag)."'";
$resql = $db->query($sql);
if (!$resql) {
dol_print_error($db);
}
$obj = $db->fetch_object($resql);
if (empty($obj)) {
print 'Email target not valid. Operation canceled.';
exit;
}
if (empty($obj->email)) {
print 'Email target not valid. Operation canceled.';
exit;
}
if ($obj->statut == 3) {
print 'Email target already set to unsubscribe. Operation canceled.';
exit;
}
// TODO Test that mtid and email match also with the one found from $tag
/*
if ($obj->email != $email)
{
print 'Email does not match tagnot found. No need to unsubscribe.';
exit;
}
*/
// Update status of mail in recipient mailing list table
$statut = '3';
$sql = "UPDATE ".MAIN_DB_PREFIX."mailing_cibles SET statut=".((int) $statut)." WHERE tag = '".$db->escape($tag)."'";
$resql = $db->query($sql);
if (!$resql) {
dol_print_error($db);
}
/*
// Update status communication of thirdparty prospect (old usage)
$sql = "UPDATE ".MAIN_DB_PREFIX."societe SET fk_stcomm=-1 WHERE rowid IN (SELECT source_id FROM ".MAIN_DB_PREFIX."mailing_cibles WHERE tag = '".$db->escape($tag)."' AND source_type='thirdparty' AND source_id is not null)";
$resql=$db->query($sql);
if (! $resql) dol_print_error($db);
// Update status communication of contact prospect (old usage)
$sql = "UPDATE ".MAIN_DB_PREFIX."socpeople SET no_email=1 WHERE rowid IN (SELECT source_id FROM ".MAIN_DB_PREFIX."mailing_cibles WHERE tag = '".$db->escape($tag)."' AND source_type='contact' AND source_id is not null)";
$resql=$db->query($sql);
if (! $resql) dol_print_error($db);
*/
// Update status communication of email (new usage)
$sql = "INSERT INTO ".MAIN_DB_PREFIX."mailing_unsubscribe (date_creat, entity, email, unsubscribegroup, ip) VALUES ('".$db->idate(dol_now())."', ".((int) $obj->entity).", '".$db->escape($obj->email)."', '', '".$db->escape(getUserRemoteIP())."')";
$resql = $db->query($sql);
//if (! $resql) dol_print_error($db); No test on errors, may fail if already unsubscribed
header("Content-type: text/html; charset=".$conf->file->character_set_client);
// Security options
header("X-Content-Type-Options: nosniff"); // With the nosniff option, if the server says the content is text/html, the browser will render it as text/html (note that most browsers now force this option to on)
header("X-Frame-Options: SAMEORIGIN"); // Frames allowed only if on same domain (stop some XSS attacks)
print '<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">';
print "\n";
print "<html>\n";
print "<head>\n";
print '<meta name="robots" content="noindex,nofollow">'."\n";
print '<meta name="keywords" content="dolibarr,emailing">'."\n";
print '<meta name="description" content="Dolibarr EMailing unsubcribe page">'."\n";
print "<title>".$langs->trans("MailUnsubcribe")."</title>\n";
print '<link rel="stylesheet" type="text/css" href="'.DOL_URL_ROOT.$conf->css.'?lang='.$langs->defaultlang.'">'."\n";
print '<style type="text/css">';
print '.CTableRow1 { margin: 1px; padding: 3px; font: 12px verdana,arial; background: #e6E6eE; color: #000000; -moz-border-radius-topleft:6px; -moz-border-radius-topright:6px; -moz-border-radius-bottomleft:6px; -moz-border-radius-bottomright:6px;}';
print '.CTableRow2 { margin: 1px; padding: 3px; font: 12px verdana,arial; background: #FFFFFF; color: #000000; -moz-border-radius-topleft:6px; -moz-border-radius-topright:6px; -moz-border-radius-bottomleft:6px; -moz-border-radius-bottomright:6px;}';
print '</style>';
print "</head>\n";
print '<body style="margin: 20px;">'."\n";
print '<table><tr><td style="text_align:center;">';
print $langs->trans("YourMailUnsubcribeOK", $obj->email)."<br>\n";
print '</td></tr></table>';
print "</body>\n";
print "</html>\n";
if (empty($tag) || ($unsuscrib != '1')) {
print 'Bad parameters';
exit;
}
/*
* View
*/
$head = '';
$replacemainarea = (empty($conf->dol_hide_leftmenu) ? '<div>' : '').'<div>';
llxHeader($head, $langs->trans("MailUnsubcribe"), '', '', 0, 0, '', '', '', 'onlinepaymentbody', $replacemainarea);
dol_syslog("public/emailing/mailing-unsubscribe.php : Launch unsubscribe requests", LOG_DEBUG);
$sql = "SELECT mc.rowid, mc.email, mc.statut, m.entity";
$sql .= " FROM ".MAIN_DB_PREFIX."mailing_cibles as mc, ".MAIN_DB_PREFIX."mailing as m";
$sql .= " WHERE mc.fk_mailing = m.rowid AND mc.tag = '".$db->escape($tag)."'";
$resql = $db->query($sql);
if (!$resql) {
dol_print_error($db);
}
$obj = $db->fetch_object($resql);
if (empty($obj)) {
print 'Email tag not found. Operation canceled.';
llxFooter('', 'private');
exit;
}
if (empty($obj->email)) {
print 'Email for this tag not valid. Operation canceled.';
llxFooter('', 'private');
exit;
}
if ($obj->statut == 3) {
print 'Email tag already set to unsubscribe. Operation canceled.';
llxFooter('', 'private');
exit;
}
// TODO Test that mtid and email match also with the one found from $tag
/*
if ($obj->email != $email)
{
print 'Email does not match tagnot found. No need to unsubscribe.';
exit;
}
*/
// Update status of mail in recipient mailing list table
$statut = '3';
$sql = "UPDATE ".MAIN_DB_PREFIX."mailing_cibles SET statut=".((int) $statut)." WHERE tag = '".$db->escape($tag)."'";
$resql = $db->query($sql);
if (!$resql) {
dol_print_error($db);
}
/*
// Update status communication of thirdparty prospect (old usage)
$sql = "UPDATE ".MAIN_DB_PREFIX."societe SET fk_stcomm=-1 WHERE rowid IN (SELECT source_id FROM ".MAIN_DB_PREFIX."mailing_cibles WHERE tag = '".$db->escape($tag)."' AND source_type='thirdparty' AND source_id is not null)";
$resql=$db->query($sql);
if (! $resql) dol_print_error($db);
// Update status communication of contact prospect (old usage)
$sql = "UPDATE ".MAIN_DB_PREFIX."socpeople SET no_email=1 WHERE rowid IN (SELECT source_id FROM ".MAIN_DB_PREFIX."mailing_cibles WHERE tag = '".$db->escape($tag)."' AND source_type='contact' AND source_id is not null)";
$resql=$db->query($sql);
if (! $resql) dol_print_error($db);
*/
// Update status communication of email (new usage)
$sql = "INSERT INTO ".MAIN_DB_PREFIX."mailing_unsubscribe (date_creat, entity, email, unsubscribegroup, ip) VALUES ('".$db->idate(dol_now())."', ".((int) $obj->entity).", '".$db->escape($obj->email)."', '', '".$db->escape(getUserRemoteIP())."')";
$resql = $db->query($sql);
//if (! $resql) dol_print_error($db); No test on errors, may fail if already unsubscribed
print '<table><tr><td style="text_align:center;">';
print $langs->trans("YourMailUnsubcribeOK", $obj->email)."<br>\n";
print '</td></tr></table>';
llxFooter('', 'public');
$db->close();

61
htdocs/public/onlinesign/newonlinesign.php
View File

@ -39,7 +39,7 @@ if (!defined('NOBROWSERNOTIF')) {
// For MultiCompany module.
// Do not use GETPOST here, function is not defined and define must be done before including main.inc.php
// TODO This should be useless. Because entity must be retrieve from object ref and not from url.
// Because 2 entities can have the same ref.
$entity = (!empty($_GET['entity']) ? (int) $_GET['entity'] : (!empty($_POST['entity']) ? (int) $_POST['entity'] : 1));
if (is_numeric($entity)) {
define("DOLENTITY", $entity);
@ -51,10 +51,9 @@ require_once DOL_DOCUMENT_ROOT.'/core/lib/payments.lib.php';
require_once DOL_DOCUMENT_ROOT.'/core/lib/files.lib.php';
require_once DOL_DOCUMENT_ROOT.'/core/lib/functions2.lib.php';
require_once DOL_DOCUMENT_ROOT.'/product/class/product.class.php';
require_once DOL_DOCUMENT_ROOT.'/comm/propal/class/propal.class.php';
// Load translation files
$langs->loadLangs(array("main", "other", "dict", "bills", "companies", "errors", "members", "paybox", "propal"));
$langs->loadLangs(array("main", "other", "dict", "bills", "companies", "errors", "members", "paybox", "propal", "commercial"));
// Security check
// No check on module enabled. Done later according to $validpaymentmethod
@ -125,8 +124,9 @@ $creditor = $mysoc->name;
$type = $source;
if ($source == 'proposal') {
require_once DOL_DOCUMENT_ROOT.'/comm/propal/class/propal.class.php';
$object = new Propal($db);
$object->fetch(0, $ref);
$result= $object->fetch(0, $ref, '', $entity);
} else {
accessforbidden('Bad value for source');
exit;
@ -136,7 +136,7 @@ if ($source == 'proposal') {
// Check securitykey
$securekeyseed = '';
if ($source == 'proposal') {
$securekeyseed = $conf->global->PROPOSAL_ONLINE_SIGNATURE_SECURITY_TOKEN;
$securekeyseed = getDolGlobalString('PROPOSAL_ONLINE_SIGNATURE_SECURITY_TOKEN');
}
if (!dol_verifyHash($securekeyseed.$type.$ref, $SECUREKEY, '0')) {
@ -290,16 +290,7 @@ if ($source == 'proposal') {
$found = true;
$langs->load("proposal");
require_once DOL_DOCUMENT_ROOT.'/comm/propal/class/propal.class.php';
$proposal = new Propal($db);
$result = $proposal->fetch('', $ref);
if ($result <= 0) {
$mesg = $proposal->error;
$error++;
} else {
$result = $proposal->fetch_thirdparty($proposal->socid);
}
$result = $object->fetch_thirdparty($object->socid);
// Creditor
@ -315,39 +306,47 @@ if ($source == 'proposal') {
print '<tr class="CTableRow2"><td class="CTableRow2">'.$langs->trans("ThirdParty");
print '</td><td class="CTableRow2">';
print img_picto('', 'company', 'class="pictofixedwidth"');
print '<b>'.$proposal->thirdparty->name.'</b>';
print '<b>'.$object->thirdparty->name.'</b>';
print '</td></tr>'."\n";
// Amount
print '<tr class="CTableRow2"><td class="CTableRow2">'.$langs->trans("Amount");
print '</td><td class="CTableRow2">';
print '<b>'.price($proposal->total_ttc, 0, $langs, 1, -1, -1, $conf->currency).'</b>';
print '<b>'.price($object->total_ttc, 0, $langs, 1, -1, -1, $conf->currency).'</b>';
print '</td></tr>'."\n";
// Object
$text = '<b>'.$langs->trans("SignatureProposalRef", $proposal->ref).'</b>';
$text = '<b>'.$langs->trans("SignatureProposalRef", $object->ref).'</b>';
print '<tr class="CTableRow2"><td class="CTableRow2">'.$langs->trans("Designation");
print '</td><td class="CTableRow2">'.$text;
if ($proposal->status == $proposal::STATUS_VALIDATED) {
$directdownloadlink = $proposal->getLastMainDocLink('proposal');
$last_main_doc_file = $object->last_main_doc;
if ($object->status == $object::STATUS_VALIDATED) {
if (empty($last_main_doc_file) || !dol_is_file(DOL_DATA_ROOT.'/'.$object->last_main_doc)) {
// It seems document has never been generated, or was generated and then deleted.
// So we try to regenerate it with its default template.
$defaulttemplate = ''; // We force the use an empty string instead of $object->model_pdf to be sure to use a "main" default template and not the last one used.
$object->generateDocument($defaulttemplate, $langs);
}
$directdownloadlink = $object->getLastMainDocLink('proposal');
if ($directdownloadlink) {
print '<br><a href="'.$directdownloadlink.'">';
print img_mime($proposal->last_main_doc, '');
print img_mime($object->last_main_doc, '');
print $langs->trans("DownloadDocument").'</a>';
}
} else {
$last_main_doc_file = $proposal->last_main_doc;
if ($proposal->status == $proposal::STATUS_NOTSIGNED) {
$directdownloadlink = $proposal->getLastMainDocLink('proposal');
if ($object->status == $object::STATUS_NOTSIGNED) {
$directdownloadlink = $object->getLastMainDocLink('proposal');
if ($directdownloadlink) {
print '<br><a href="'.$directdownloadlink.'">';
print img_mime($proposal->last_main_doc, '');
print img_mime($last_main_doc_file, '');
print $langs->trans("DownloadDocument").'</a>';
}
} elseif ($proposal->status == $proposal::STATUS_SIGNED || $proposal->status == $proposal::STATUS_BILLED) {
} elseif ($object->status == $object::STATUS_SIGNED || $object->status == $object::STATUS_BILLED) {
if (preg_match('/_signed-(\d+)/', $last_main_doc_file)) { // If the last main doc has been signed
$last_main_doc_file_not_signed = preg_replace('/_signed-(\d+)/', '', $last_main_doc_file);
@ -355,10 +354,10 @@ if ($source == 'proposal') {
$datefilenotsigned = dol_filemtime($last_main_doc_file_not_signed);
if (empty($datefilenotsigned) || $datefilesigned > $datefilenotsigned) {
$directdownloadlink = $proposal->getLastMainDocLink('proposal');
$directdownloadlink = $object->getLastMainDocLink('proposal');
if ($directdownloadlink) {
print '<br><a href="'.$directdownloadlink.'">';
print img_mime($proposal->last_main_doc, '');
print img_mime($object->last_main_doc, '');
print $langs->trans("DownloadDocument").'</a>';
}
}
@ -367,10 +366,8 @@ if ($source == 'proposal') {
}
print '<input type="hidden" name="source" value="'.GETPOST("source", 'alpha').'">';
print '<input type="hidden" name="ref" value="'.$proposal->ref.'">';
print '<input type="hidden" name="ref" value="'.$object->ref.'">';
print '</td></tr>'."\n";
// TODO Add link to download PDF (similar code than for invoice)
}

5
htdocs/public/recruitment/index.php
View File

@ -272,9 +272,10 @@ if (is_array($results)) {
if ($action != 'dosubmit') {
if ($found && !$error) { // We are in a management option and no error
if ($found && !$error) {
// We are in a management option and no error
} else {
dol_print_error_email('ERRORNEWONLINESIGN');
dol_print_error_email('ERRORSUBMITAPPLICATION');
}
} else {
// Print

5
htdocs/public/recruitment/view.php
View File

@ -323,9 +323,10 @@ print "\n";
if ($action != 'dosubmit') {
if ($found && !$error) { // We are in a management option and no error
if ($found && !$error) {
// We are in a management option and no error
} else {
dol_print_error_email('ERRORNEWONLINESIGN');
dol_print_error_email('ERRORSUBMITAPPLICATION');
}
} else {
// Print

20
htdocs/recruitment/recruitmentcandidature_card.php
View File

@ -21,26 +21,6 @@
* \brief Page to create/edit/view recruitmentcandidature
*/
//if (! defined('NOREQUIREDB')) define('NOREQUIREDB','1'); // Do not create database handler $db
//if (! defined('NOREQUIREUSER')) define('NOREQUIREUSER','1'); // Do not load object $user
//if (! defined('NOREQUIRESOC')) define('NOREQUIRESOC','1'); // Do not load object $mysoc
//if (! defined('NOREQUIRETRAN')) define('NOREQUIRETRAN','1'); // Do not load object $langs
//if (! defined('NOSCANGETFORINJECTION')) define('NOSCANGETFORINJECTION','1'); // Do not check injection attack on GET parameters
//if (! defined('NOSCANPOSTFORINJECTION')) define('NOSCANPOSTFORINJECTION','1'); // Do not check injection attack on POST parameters
//if (! defined('NOCSRFCHECK')) define('NOCSRFCHECK','1'); // Do not check CSRF attack (test on referer + on token if option MAIN_SECURITY_CSRF_WITH_TOKEN is on).
//if (! defined('NOTOKENRENEWAL')) define('NOTOKENRENEWAL','1'); // Do not roll the Anti CSRF token (used if MAIN_SECURITY_CSRF_WITH_TOKEN is on)
//if (! defined('NOSTYLECHECK')) define('NOSTYLECHECK','1'); // Do not check style html tag into posted data
//if (! defined('NOREQUIREMENU')) define('NOREQUIREMENU','1'); // If there is no need to load and show top and left menu
//if (! defined('NOREQUIREHTML')) define('NOREQUIREHTML','1'); // If we don't need to load the html.form.class.php
//if (! defined('NOREQUIREAJAX')) define('NOREQUIREAJAX','1'); // Do not load ajax.lib.php library
//if (! defined("NOLOGIN")) define("NOLOGIN",'1'); // If this page is public (can be called outside logged session). This include the NOIPCHECK too.
//if (! defined('NOIPCHECK')) define('NOIPCHECK','1'); // Do not check IP defined into conf $dolibarr_main_restrict_ip
//if (! defined("MAIN_LANG_DEFAULT")) define('MAIN_LANG_DEFAULT','auto'); // Force lang to a particular value
//if (! defined("MAIN_AUTHENTICATION_MODE")) define('MAIN_AUTHENTICATION_MODE','aloginmodule'); // Force authentication handler
//if (! defined("NOREDIRECTBYMAINTOLOGIN")) define('NOREDIRECTBYMAINTOLOGIN',1); // The main.inc.php does not make a redirect if not logged, instead show simple error message
//if (! defined("FORCECSP")) define('FORCECSP','none'); // Disable all Content Security Policies
// Load Dolibarr environment
require_once '../main.inc.php';
require_once DOL_DOCUMENT_ROOT.'/core/class/html.formcompany.class.php';

19
htdocs/recruitment/recruitmentcandidature_list.php
View File

@ -21,25 +21,6 @@
* \brief List page for recruitmentcandidature
*/
//if (! defined('NOREQUIREDB')) define('NOREQUIREDB', '1'); // Do not create database handler $db
//if (! defined('NOREQUIREUSER')) define('NOREQUIREUSER', '1'); // Do not load object $user
//if (! defined('NOREQUIRESOC')) define('NOREQUIRESOC', '1'); // Do not load object $mysoc
//if (! defined('NOREQUIRETRAN')) define('NOREQUIRETRAN', '1'); // Do not load object $langs
//if (! defined('NOSCANGETFORINJECTION')) define('NOSCANGETFORINJECTION', '1'); // Do not check injection attack on GET parameters
//if (! defined('NOSCANPOSTFORINJECTION')) define('NOSCANPOSTFORINJECTION', '1'); // Do not check injection attack on POST parameters
//if (! defined('NOCSRFCHECK')) define('NOCSRFCHECK', '1'); // Do not check CSRF attack (test on referer + on token if option MAIN_SECURITY_CSRF_WITH_TOKEN is on).
//if (! defined('NOTOKENRENEWAL')) define('NOTOKENRENEWAL', '1'); // Do not roll the Anti CSRF token (used if MAIN_SECURITY_CSRF_WITH_TOKEN is on)
//if (! defined('NOSTYLECHECK')) define('NOSTYLECHECK', '1'); // Do not check style html tag into posted data
//if (! defined('NOREQUIREMENU')) define('NOREQUIREMENU', '1'); // If there is no need to load and show top and left menu
//if (! defined('NOREQUIREHTML')) define('NOREQUIREHTML', '1'); // If we don't need to load the html.form.class.php
//if (! defined('NOREQUIREAJAX')) define('NOREQUIREAJAX', '1'); // Do not load ajax.lib.php library
//if (! defined("NOLOGIN")) define("NOLOGIN", '1'); // If this page is public (can be called outside logged session)
//if (! defined('NOIPCHECK')) define('NOIPCHECK', '1'); // Do not check IP defined into conf $dolibarr_main_restrict_ip
//if (! defined("MAIN_LANG_DEFAULT")) define('MAIN_LANG_DEFAULT', 'auto'); // Force lang to a particular value
//if (! defined("MAIN_AUTHENTICATION_MODE")) define('MAIN_AUTHENTICATION_MODE', 'aloginmodule'); // Force authentication handler
//if (! defined("NOREDIRECTBYMAINTOLOGIN")) define('NOREDIRECTBYMAINTOLOGIN', '1'); // The main.inc.php does not make a redirect if not logged, instead show simple error message
//if (! defined("XFRAMEOPTIONS_ALLOWALL")) define('XFRAMEOPTIONS_ALLOWALL', '1'); // Do not add the HTTP header 'X-Frame-Options: SAMEORIGIN' but 'X-Frame-Options: ALLOWALL'
// Load Dolibarr environment
require_once '../main.inc.php';
require_once DOL_DOCUMENT_ROOT.'/recruitment/lib/recruitment.lib.php';

20
htdocs/recruitment/recruitmentjobposition_applications.php
View File

@ -21,26 +21,6 @@
* \brief Page to see/add applications of a job position
*/
//if (! defined('NOREQUIREDB')) define('NOREQUIREDB','1'); // Do not create database handler $db
//if (! defined('NOREQUIREUSER')) define('NOREQUIREUSER','1'); // Do not load object $user
//if (! defined('NOREQUIRESOC')) define('NOREQUIRESOC','1'); // Do not load object $mysoc
//if (! defined('NOREQUIRETRAN')) define('NOREQUIRETRAN','1'); // Do not load object $langs
//if (! defined('NOSCANGETFORINJECTION')) define('NOSCANGETFORINJECTION','1'); // Do not check injection attack on GET parameters
//if (! defined('NOSCANPOSTFORINJECTION')) define('NOSCANPOSTFORINJECTION','1'); // Do not check injection attack on POST parameters
//if (! defined('NOCSRFCHECK')) define('NOCSRFCHECK','1'); // Do not check CSRF attack (test on referer + on token if option MAIN_SECURITY_CSRF_WITH_TOKEN is on).
//if (! defined('NOTOKENRENEWAL')) define('NOTOKENRENEWAL','1'); // Do not roll the Anti CSRF token (used if MAIN_SECURITY_CSRF_WITH_TOKEN is on)
//if (! defined('NOSTYLECHECK')) define('NOSTYLECHECK','1'); // Do not check style html tag into posted data
//if (! defined('NOREQUIREMENU')) define('NOREQUIREMENU','1'); // If there is no need to load and show top and left menu
//if (! defined('NOREQUIREHTML')) define('NOREQUIREHTML','1'); // If we don't need to load the html.form.class.php
//if (! defined('NOREQUIREAJAX')) define('NOREQUIREAJAX','1'); // Do not load ajax.lib.php library
//if (! defined("NOLOGIN")) define("NOLOGIN",'1'); // If this page is public (can be called outside logged session). This include the NOIPCHECK too.
//if (! defined('NOIPCHECK')) define('NOIPCHECK','1'); // Do not check IP defined into conf $dolibarr_main_restrict_ip
//if (! defined("MAIN_LANG_DEFAULT")) define('MAIN_LANG_DEFAULT','auto'); // Force lang to a particular value
//if (! defined("MAIN_AUTHENTICATION_MODE")) define('MAIN_AUTHENTICATION_MODE','aloginmodule'); // Force authentication handler
//if (! defined("NOREDIRECTBYMAINTOLOGIN")) define('NOREDIRECTBYMAINTOLOGIN',1); // The main.inc.php does not make a redirect if not logged, instead show simple error message
//if (! defined("FORCECSP")) define('FORCECSP','none'); // Disable all Content Security Policies
// Load Dolibarr environment
$res = 0;
// Try main.inc.php into web root known defined into CONTEXT_DOCUMENT_ROOT (not always defined)

19
htdocs/recruitment/recruitmentjobposition_list.php
View File

@ -21,25 +21,6 @@
* \brief List page for recruitmentjobposition
*/
//if (! defined('NOREQUIREDB')) define('NOREQUIREDB', '1'); // Do not create database handler $db
//if (! defined('NOREQUIREUSER')) define('NOREQUIREUSER', '1'); // Do not load object $user
//if (! defined('NOREQUIRESOC')) define('NOREQUIRESOC', '1'); // Do not load object $mysoc
//if (! defined('NOREQUIRETRAN')) define('NOREQUIRETRAN', '1'); // Do not load object $langs
//if (! defined('NOSCANGETFORINJECTION')) define('NOSCANGETFORINJECTION', '1'); // Do not check injection attack on GET parameters
//if (! defined('NOSCANPOSTFORINJECTION')) define('NOSCANPOSTFORINJECTION', '1'); // Do not check injection attack on POST parameters
//if (! defined('NOCSRFCHECK')) define('NOCSRFCHECK', '1'); // Do not check CSRF attack (test on referer + on token if option MAIN_SECURITY_CSRF_WITH_TOKEN is on).
//if (! defined('NOTOKENRENEWAL')) define('NOTOKENRENEWAL', '1'); // Do not roll the Anti CSRF token (used if MAIN_SECURITY_CSRF_WITH_TOKEN is on)
//if (! defined('NOSTYLECHECK')) define('NOSTYLECHECK', '1'); // Do not check style html tag into posted data
//if (! defined('NOIPCHECK')) define('NOIPCHECK', '1'); // Do not check IP defined into conf $dolibarr_main_restrict_ip
//if (! defined('NOREQUIREMENU')) define('NOREQUIREMENU', '1'); // If there is no need to load and show top and left menu
//if (! defined('NOREQUIREHTML')) define('NOREQUIREHTML', '1'); // If we don't need to load the html.form.class.php
//if (! defined('NOREQUIREAJAX')) define('NOREQUIREAJAX', '1'); // Do not load ajax.lib.php library
//if (! defined("NOLOGIN")) define("NOLOGIN", '1'); // If this page is public (can be called outside logged session)
//if (! defined("MAIN_LANG_DEFAULT")) define('MAIN_LANG_DEFAULT', 'auto'); // Force lang to a particular value
//if (! defined("MAIN_AUTHENTICATION_MODE")) define('MAIN_AUTHENTICATION_MODE', 'aloginmodule'); // Force authentication handler
//if (! defined("NOREDIRECTBYMAINTOLOGIN")) define('NOREDIRECTBYMAINTOLOGIN', '1'); // The main.inc.php does not make a redirect if not logged, instead show simple error message
//if (! defined("XFRAMEOPTIONS_ALLOWALL")) define('XFRAMEOPTIONS_ALLOWALL', '1'); // Do not add the HTTP header 'X-Frame-Options: SAMEORIGIN' but 'X-Frame-Options: ALLOWALL'
// Load Dolibarr environment
require_once '../main.inc.php';
require_once DOL_DOCUMENT_ROOT.'/recruitment/lib/recruitment_recruitmentjobposition.lib.php';

2
htdocs/societe/admin/societe.php
View File

@ -713,7 +713,7 @@ foreach ($profid as $key => $val) {
$i++;
}
if ($conf->accounting->enabled) {
if (!empty($conf->accounting->enabled)) {
print '<tr class="oddeven">';
print '<td colspan="2">'.$langs->trans('CustomerAccountancyCodeShort')."</td>\n";
print '<td colspan="2"></td>';

8
htdocs/societe/class/api_thirdparties.class.php
View File

@ -425,8 +425,9 @@ class Thirdparties extends DolibarrApi
// TODO Mutualise the list into object societe.class.php
$objects = array(
'Adherent' => '/adherents/class/adherent.class.php',
'Don' => '/don/class/don.class.php',
'Societe' => '/societe/class/societe.class.php',
'Categorie' => '/categories/class/categorie.class.php',
//'Categorie' => '/categories/class/categorie.class.php',
'ActionComm' => '/comm/action/class/actioncomm.class.php',
'Propal' => '/comm/propal/class/propal.class.php',
'Commande' => '/commande/class/commande.class.php',
@ -442,12 +443,13 @@ class Thirdparties extends DolibarrApi
'FactureFournisseur' => '/fourn/class/fournisseur.facture.class.php',
'SupplierProposal' => '/supplier_proposal/class/supplier_proposal.class.php',
'ProductFournisseur' => '/fourn/class/fournisseur.product.class.php',
'Livraison' => '/delivery/class/delivery.class.php',
'Delivery' => '/delivery/class/delivery.class.php',
'Product' => '/product/class/product.class.php',
'Project' => '/projet/class/project.class.php',
'Ticket' => '/ticket/class/ticket.class.php',
'User' => '/user/class/user.class.php',
'Account' => '/compta/bank/class/account.class.php'
'Account' => '/compta/bank/class/account.class.php',
'ConferenceOrBoothAttendee' => '/eventorganization/class/conferenceorboothattendee.class.php'
);
//First, all core objects must update their tables

1
htdocs/societe/class/societe.class.php
View File

@ -1581,6 +1581,7 @@ class Societe extends CommonObject
$lmember->phone = $this->phone;
$lmember->state_id = $this->state_id;
$lmember->country_id = $this->country_id;
$lmember->default_lang = $this->default_lang;
$result = $lmember->update($user, 0, 1, 1, 1); // Use nosync to 1 to avoid cyclic updates
if ($result < 0) {

2
htdocs/support/inc.php
View File

@ -235,6 +235,8 @@ function pHeader($soutitre, $next, $action = 'none')
// On force contenu dans format sortie
header("Content-type: text/html; charset=".$conf->file->character_set_client);
// Security options
header("X-Content-Type-Options: nosniff");
header("X-Frame-Options: SAMEORIGIN"); // Frames allowed only if on same domain (stop some XSS attacks)

Some files were not shown because too many files have changed in this diff Show More