From 4d50ba5e370a57c7168e6f4cd2dd4f336fe3d361 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Fr=C3=A9d=C3=A9ric=20FRANCE?= Date: Mon, 11 May 2020 20:42:47 +0200 Subject: [PATCH 1/8] Fix dolistore search with csrf active --- htdocs/admin/dolistore/ajax/image.php | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/htdocs/admin/dolistore/ajax/image.php b/htdocs/admin/dolistore/ajax/image.php index c1bb4e997dc..6349c7461b5 100644 --- a/htdocs/admin/dolistore/ajax/image.php +++ b/htdocs/admin/dolistore/ajax/image.php @@ -1,6 +1,7 @@ . * Copyright (C) 2008-2011 Laurent Destailleur + * Copyright (C) 2020 Frédéric France * * This program is free software; you can redistribute it and/or modifyion 2.0 (the "License"); * it under the terms of the GNU General Public License as published bypliance with the License. @@ -17,6 +18,9 @@ */ if (!defined('REQUIRE_JQUERY_BLOCKUI')) define('REQUIRE_JQUERY_BLOCKUI', 1); +if (!defined('NOTOKENRENEWAL')) { + define('NOTOKENRENEWAL', 1); +} /** From d9e26b8569404f2a47329c9a8ff26d5c0cd4af27 Mon Sep 17 00:00:00 2001 From: florian HENRY Date: Tue, 12 May 2020 08:38:03 +0200 Subject: [PATCH 2/8] fix template email on prpal list --- htdocs/comm/propal/list.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/comm/propal/list.php b/htdocs/comm/propal/list.php index eaeea9e3d43..522e8f5eaa3 100644 --- a/htdocs/comm/propal/list.php +++ b/htdocs/comm/propal/list.php @@ -468,7 +468,7 @@ if ($resql) print_barre_liste($title, $page, $_SERVER["PHP_SELF"], $param, $sortfield, $sortorder, $massactionbutton, $num, $nbtotalofrecords, 'commercial', 0, $newcardbutton, '', $limit); $topicmail = "SendPropalRef"; - $modelmail = "proposal_send"; + $modelmail = "propal_send"; $objecttmp = new Propal($db); $trackid = 'pro'.$object->id; include DOL_DOCUMENT_ROOT.'/core/tpl/massactions_pre.tpl.php'; From 66beb7c14f9b88bb2aa1388f3f3a1356f80e460a Mon Sep 17 00:00:00 2001 From: Juanjo Menent Date: Tue, 12 May 2020 10:17:47 +0200 Subject: [PATCH 3/8] FIX: Do not show stats panel if the user does not have permissions --- htdocs/comm/card.php | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/htdocs/comm/card.php b/htdocs/comm/card.php index fcd3823b0c2..82e331eb623 100644 --- a/htdocs/comm/card.php +++ b/htdocs/comm/card.php @@ -5,7 +5,7 @@ * Copyright (C) 2006 Andre Cianfarani * Copyright (C) 2005-2017 Regis Houssin * Copyright (C) 2008 Raphael Bertrand (Resultic) - * Copyright (C) 2010-2014 Juanjo Menent + * Copyright (C) 2010-2020 Juanjo Menent * Copyright (C) 2013 Alexandre Spangaro * Copyright (C) 2015-2019 Frédéric France * Copyright (C) 2015 Marcos García @@ -581,7 +581,7 @@ if ($object->id > 0) $boxstat .= ''; $boxstat .= '
'; - if (!empty($conf->propal->enabled)) + if (!empty($conf->propal->enabled) && $user->rights->propal->lire) { // Box proposals $tmp = $object->getOutstandingProposals(); @@ -599,7 +599,7 @@ if ($object->id > 0) if ($link) $boxstat .= ''; } - if (!empty($conf->commande->enabled)) + if (!empty($conf->commande->enabled) && $user->rights->commande->lire) { // Box commandes $tmp = $object->getOutstandingOrders(); @@ -617,7 +617,7 @@ if ($object->id > 0) if ($link) $boxstat .= ''; } - if (!empty($conf->facture->enabled)) + if (!empty($conf->facture->enabled) && $user->rights->facture->lire) { // Box factures $tmp = $object->getOutstandingBills(); From e1db0ef855173bffda16735f7c4a836c8de68a50 Mon Sep 17 00:00:00 2001 From: ptibogxiv Date: Tue, 12 May 2020 10:57:51 +0200 Subject: [PATCH 4/8] Update index.php --- htdocs/comm/mailing/index.php | 1 + 1 file changed, 1 insertion(+) diff --git a/htdocs/comm/mailing/index.php b/htdocs/comm/mailing/index.php index 61187f2e647..6b765d9451f 100644 --- a/htdocs/comm/mailing/index.php +++ b/htdocs/comm/mailing/index.php @@ -157,6 +157,7 @@ print '
'; $limit = 10; $sql = "SELECT m.rowid, m.titre, m.nbemail, m.statut, m.date_creat"; $sql .= " FROM ".MAIN_DB_PREFIX."mailing as m"; +$sql .= " WHERE m.entity = ".$conf->entity; $sql .= " ORDER BY m.date_creat DESC"; $sql .= " LIMIT ".$limit; $result = $db->query($sql); From fc2f2c6da71b6c4f7f0b16216f0fba320b52ba1d Mon Sep 17 00:00:00 2001 From: gauthier Date: Tue, 12 May 2020 17:41:21 +0200 Subject: [PATCH 5/8] FIX : wrong url param --- htdocs/compta/facture/card.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/compta/facture/card.php b/htdocs/compta/facture/card.php index 9fa696c69b3..cb3aa9cd099 100644 --- a/htdocs/compta/facture/card.php +++ b/htdocs/compta/facture/card.php @@ -4837,7 +4837,7 @@ elseif ($id > 0 || ! empty($ref)) { if (! $objectidnext) { - print '
' . $langs->trans("CreateCreditNote") . '
'; + print '
' . $langs->trans("CreateCreditNote") . '
'; } } From 48183b396ad674fb22e1c9415978d8414b0fd9e8 Mon Sep 17 00:00:00 2001 From: Maxime Kohlhaas Date: Wed, 13 May 2020 08:54:42 +0200 Subject: [PATCH 6/8] Fix top menu search method must be GET --- htdocs/main.inc.php | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/htdocs/main.inc.php b/htdocs/main.inc.php index 8e05aa34ab8..2beb4f74787 100644 --- a/htdocs/main.inc.php +++ b/htdocs/main.inc.php @@ -2002,7 +2002,7 @@ function top_menu_search() $defaultAction = ''; $buttonList = '
'; - // Menu with all bookmarks + // Menu with all searchable items foreach ($arrayresult as $keyItem => $item) { if (empty($defaultAction)) { @@ -2017,9 +2017,7 @@ function top_menu_search() $searchInput = ''; - - $dropDownHtml = ''."\n"; - $dropDownHtml .= '
'; + $dropDownHtml = ''; $dropDownHtml .= ' @@ -2068,8 +2066,8 @@ function top_menu_search() // submit form action $(".dropdown-global-search-button-list .global-search-item").on("click", function(event) { - $("#top-menu-action-bookmark").attr("action", $(this).data("target")); - $("#top-menu-action-bookmark").submit(); + $("#top-menu-action-search").attr("action", $(this).data("target")); + $("#top-menu-action-search").submit(); }); // close drop down From bd3504c4731f68e271ce2de4b4e1183e07b8b8ee Mon Sep 17 00:00:00 2001 From: Florian Mortgat Date: Wed, 13 May 2020 10:26:44 +0200 Subject: [PATCH 7/8] FIX 9.0 - delete unused mandatory argument from migrate_clean_association: argument count mismatch causes a fatal error since php7 --- htdocs/install/upgrade2.php | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/htdocs/install/upgrade2.php b/htdocs/install/upgrade2.php index cf2a0353b4a..58e6bfb3634 100644 --- a/htdocs/install/upgrade2.php +++ b/htdocs/install/upgrade2.php @@ -3605,10 +3605,9 @@ function migrate_mode_reglement($db,$langs,$conf) * @param DoliDB $db Database handler * @param Translate $langs Object langs * @param Conf $conf Object conf - * @param string $versionto Version target * @return void */ -function migrate_clean_association($db,$langs,$conf,$versionto) +function migrate_clean_association($db, $langs, $conf) { $result = $db->DDLDescTable(MAIN_DB_PREFIX."categorie_association"); if ($result) // result defined for version 3.2 or - From 9f6a5d4cc95097e92eeb94d6524add35ae3a5c3d Mon Sep 17 00:00:00 2001 From: ATM john Date: Thu, 14 May 2020 10:50:20 +0200 Subject: [PATCH 8/8] Fix multicompany supplier product price filter --- htdocs/core/class/html.form.class.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/core/class/html.form.class.php b/htdocs/core/class/html.form.class.php index 93061d200d8..078cfb2b5f2 100644 --- a/htdocs/core/class/html.form.class.php +++ b/htdocs/core/class/html.form.class.php @@ -2759,7 +2759,7 @@ class Form } if (!empty($conf->barcode->enabled)) $sql .= ", pfp.barcode"; $sql .= " FROM ".MAIN_DB_PREFIX."product as p"; - $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."product_fournisseur_price as pfp ON p.rowid = pfp.fk_product"; + $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."product_fournisseur_price as pfp ON ( p.rowid = pfp.fk_product AND pfp.entity IN (".getEntity('product').") )"; if ($socid) $sql .= " AND pfp.fk_soc = ".$socid; $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON pfp.fk_soc = s.rowid"; // Units