From 3d5227918dc5b553da3b2ad242faf58b0ce6f203 Mon Sep 17 00:00:00 2001 From: Alexandre SPANGARO Date: Mon, 13 Jun 2022 03:53:35 +0200 Subject: [PATCH 1/9] Fix PHP8 on bank --- htdocs/compta/bank/card.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/htdocs/compta/bank/card.php b/htdocs/compta/bank/card.php index c08cf54ab4e..722e39bef55 100644 --- a/htdocs/compta/bank/card.php +++ b/htdocs/compta/bank/card.php @@ -458,7 +458,7 @@ if ($action == 'create') { print ''; // Editor wysiwyg require_once DOL_DOCUMENT_ROOT.'/core/class/doleditor.class.php'; - $doleditor = new DolEditor('account_comment', (GETPOST("account_comment") ?GETPOST("account_comment") : $object->comment), '', 90, 'dolibarr_notes', '', false, true, $conf->global->FCKEDITOR_ENABLE_SOCIETE, ROWS_4, '90%'); + $doleditor = new DolEditor('account_comment', (GETPOST("account_comment") ?GETPOST("account_comment") : $object->comment), '', 90, 'dolibarr_notes', '', false, true, getDolGlobalInt('FCKEDITOR_ENABLE_SOCIETE'), ROWS_4, '90%'); $doleditor->Create(); print ''; From 74e74e237791187a027b7732dc34b21c5ffa1775 Mon Sep 17 00:00:00 2001 From: Alexandre SPANGARO Date: Mon, 13 Jun 2022 03:53:40 +0200 Subject: [PATCH 2/9] Fix PHP8 on bank --- htdocs/compta/bank/class/account.class.php | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/htdocs/compta/bank/class/account.class.php b/htdocs/compta/bank/class/account.class.php index 429d7c704c8..cee2874d8c5 100644 --- a/htdocs/compta/bank/class/account.class.php +++ b/htdocs/compta/bank/class/account.class.php @@ -145,6 +145,12 @@ class Account extends CommonObject */ public $iban_prefix; + /** + * Address of the bank + * @var string + */ + public $domiciliation; + /** * XML SEPA format: place Payment Type Information (PmtTpInf) in Credit Transfer Transaction Information (CdtTrfTxInf) * @var int From 9c8f7bd174fcfadc3a60a8da3515f2c16fd7920b Mon Sep 17 00:00:00 2001 From: Alexandre SPANGARO Date: Mon, 13 Jun 2022 03:56:46 +0200 Subject: [PATCH 3/9] Fix PHP8 on bank --- htdocs/compta/bank/treso.php | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/htdocs/compta/bank/treso.php b/htdocs/compta/bank/treso.php index 98a51947c0e..71e5cf37c87 100644 --- a/htdocs/compta/bank/treso.php +++ b/htdocs/compta/bank/treso.php @@ -1,8 +1,8 @@ - * Copyright (C) 2008-2009 Laurent Destailleur (Eldy) - * Copyright (C) 2008 Raphael Bertrand (Resultic) - * Copyright (C) 2015 Marcos García + * Copyright (C) 2008-2009 Laurent Destailleur (Eldy) + * Copyright (C) 2008 Raphael Bertrand (Resultic) + * Copyright (C) 2015 Marcos García * * This program is free software; you can redistribute it and/or modify @@ -185,7 +185,7 @@ if (GETPOST("account") || GETPOST("ref")) { $solde = $object->solde(0); - if ($conf->global->MULTICOMPANY_INVOICE_SHARING_ENABLED) { + if (getDolGlobalInt('MULTICOMPANY_INVOICE_SHARING_ENABLED')) { $colspan = 6; } else { $colspan = 5; @@ -199,7 +199,7 @@ if (GETPOST("account") || GETPOST("ref")) { print ''; print ''.$langs->trans("DateDue").''; print ''.$langs->trans("Description").''; - if ($conf->global->MULTICOMPANY_INVOICE_SHARING_ENABLED) { + if (getDolGlobalInt('MULTICOMPANY_INVOICE_SHARING_ENABLED')) { print ''.$langs->trans("Entity").''; } print ''.$langs->trans("ThirdParty").''; From 25c2fb0528a9c3aa173dd3eeb51fd558c2090106 Mon Sep 17 00:00:00 2001 From: Alexandre SPANGARO Date: Mon, 13 Jun 2022 04:37:41 +0200 Subject: [PATCH 4/9] Fix PHP8 on bank --- htdocs/compta/bank/annuel.php | 25 +++++++++++++++---------- 1 file changed, 15 insertions(+), 10 deletions(-) diff --git a/htdocs/compta/bank/annuel.php b/htdocs/compta/bank/annuel.php index 36a9d17315a..5d6c2045d47 100644 --- a/htdocs/compta/bank/annuel.php +++ b/htdocs/compta/bank/annuel.php @@ -1,8 +1,8 @@ - * Copyright (C) 2004-2017 Laurent Destailleur - * Copyright (C) 2005-2012 Regis Houssin - * Copyright (C) 2013 Charles-Fr BENKE +/* Copyright (C) 2005 Rodolphe Quiedeville + * Copyright (C) 2004-2017 Laurent Destailleur + * Copyright (C) 2005-2012 Regis Houssin + * Copyright (C) 2013 Charles-Fr BENKE * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -78,6 +78,9 @@ if (!empty($ref)) { $id = $object->id; } +$annee = ''; +$totentrees = array(); +$totsorties = array(); // Ce rapport de tresorerie est base sur llx_bank (car doit inclure les transactions sans facture) // plutot que sur llx_paiement + llx_paiementfourn @@ -192,14 +195,14 @@ for ($mois = 1; $mois < 13; $mois++) { $case = sprintf("%04s-%02s", $annee, $mois); print ' '; - if ($decaiss[$case] > 0) { + if (isset($decaiss[$case]) && $decaiss[$case] > 0) { print price($decaiss[$case]); $totsorties[$annee] += $decaiss[$case]; } print ""; print ' '; - if ($encaiss[$case] > 0) { + if (isset($encaiss[$case]) && $encaiss[$case] > 0) { print price($encaiss[$case]); $totentrees[$annee] += $encaiss[$case]; } @@ -211,7 +214,8 @@ for ($mois = 1; $mois < 13; $mois++) { // Total debit-credit print ''.$langs->trans("Total").""; for ($annee = $year_start; $annee <= $year_end; $annee++) { - print ''.price($totsorties[$annee]).''.price($totentrees[$annee]).''; + print ''. (isset($totsorties[$annee]) ? price($totsorties[$annee]) : '') .''; + print ''. (isset($totentrees[$annee]) ? price($totentrees[$annee]) : '') .''; } print "\n"; @@ -245,6 +249,7 @@ if ($resql) { print ''; +$nbcol = ''; print '"; print ''; print "\n"; @@ -267,7 +272,7 @@ if ($result < 0) { $sql .= ", ".MAIN_DB_PREFIX."bank_account as ba"; $sql .= " WHERE b.fk_account = ba.rowid"; $sql .= " AND ba.entity IN (".getEntity('bank_account').")"; - if ($id && $_GET["option"] != 'all') { + if ($id && GETPOST("option") != 'all') { $sql .= " AND b.fk_account IN (".$db->sanitize($id).")"; } @@ -299,7 +304,7 @@ if ($result < 0) { $sql .= " AND b.datev >= '".($year - $annee)."-01-01 00:00:00'"; $sql .= " AND b.datev <= '".($year - $annee)."-12-31 23:59:59'"; $sql .= " AND b.amount > 0"; - if ($id && $_GET["option"] != 'all') { + if ($id && GETPOST("option") != 'all') { $sql .= " AND b.fk_account IN (".$db->sanitize($id).")"; } $sql .= " GROUP BY date_format(b.datev,'%m');"; @@ -381,7 +386,7 @@ if ($result < 0) { $sql .= " AND b.datev >= '".($year - $annee)."-01-01 00:00:00'"; $sql .= " AND b.datev <= '".($year - $annee)."-12-31 23:59:59'"; $sql .= " AND b.amount < 0"; - if ($id && $_GET["option"] != 'all') { + if ($id && GETPOST("option") != 'all') { $sql .= " AND b.fk_account IN (".$db->sanitize($id).")"; } $sql .= " GROUP BY date_format(b.datev,'%m');"; From 3032de261d84bebb1d670e2351e84711bcf40303 Mon Sep 17 00:00:00 2001 From: Alexandre SPANGARO Date: Mon, 13 Jun 2022 04:37:56 +0200 Subject: [PATCH 5/9] Fix PHP8 on bank --- htdocs/compta/bank/graph.php | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/htdocs/compta/bank/graph.php b/htdocs/compta/bank/graph.php index 4c0efec57d2..459134dc68a 100644 --- a/htdocs/compta/bank/graph.php +++ b/htdocs/compta/bank/graph.php @@ -95,7 +95,7 @@ if ($result < 0) { $sql .= ", ".MAIN_DB_PREFIX."bank_account as ba"; $sql .= " WHERE b.fk_account = ba.rowid"; $sql .= " AND ba.entity IN (".getEntity('bank_account').")"; - if ($account && $_GET["option"] != 'all') { + if ($account && GETPOST("option") != 'all') { $sql .= " AND b.fk_account IN (".$db->sanitize($account).")"; } @@ -137,7 +137,7 @@ if ($result < 0) { $sql .= " AND ba.entity IN (".getEntity('bank_account').")"; $sql .= " AND b.datev >= '".$db->escape($year)."-".$db->escape($month)."-01 00:00:00'"; $sql .= " AND b.datev < '".$db->escape($yearnext)."-".$db->escape($monthnext)."-01 00:00:00'"; - if ($account && $_GET["option"] != 'all') { + if ($account && GETPOST("option") != 'all') { $sql .= " AND b.fk_account IN (".$db->sanitize($account).")"; } $sql .= " GROUP BY date_format(b.datev,'%Y%m%d')"; @@ -165,7 +165,7 @@ if ($result < 0) { $sql .= " WHERE b.fk_account = ba.rowid"; $sql .= " AND ba.entity IN (".getEntity('bank_account').")"; $sql .= " AND b.datev < '".$db->escape($year)."-".sprintf("%02s", $month)."-01'"; - if ($account && $_GET["option"] != 'all') { + if ($account && GETPOST("option") != 'all') { $sql .= " AND b.fk_account IN (".$db->sanitize($account).")"; } @@ -279,7 +279,7 @@ if ($result < 0) { $sql .= " AND ba.entity IN (".getEntity('bank_account').")"; $sql .= " AND b.datev >= '".$db->escape($year)."-01-01 00:00:00'"; $sql .= " AND b.datev <= '".$db->escape($year)."-12-31 23:59:59'"; - if ($account && $_GET["option"] != 'all') { + if ($account && GETPOST("option") != 'all') { $sql .= " AND b.fk_account IN (".$db->sanitize($account).")"; } $sql .= " GROUP BY date_format(b.datev,'%Y%m%d')"; @@ -307,7 +307,7 @@ if ($result < 0) { $sql .= " WHERE b.fk_account = ba.rowid"; $sql .= " AND ba.entity IN (".getEntity('bank_account').")"; $sql .= " AND b.datev < '".$db->escape($year)."-01-01'"; - if ($account && $_GET["option"] != 'all') { + if ($account && GETPOST("option") != 'all') { $sql .= " AND b.fk_account IN (".$db->sanitize($account).")"; } @@ -415,7 +415,7 @@ if ($result < 0) { $sql .= ", ".MAIN_DB_PREFIX."bank_account as ba"; $sql .= " WHERE b.fk_account = ba.rowid"; $sql .= " AND ba.entity IN (".getEntity('bank_account').")"; - if ($account && $_GET["option"] != 'all') { + if ($account && GETPOST("option") != 'all') { $sql .= " AND b.fk_account IN (".$db->sanitize($account).")"; } $sql .= " GROUP BY date_format(b.datev,'%Y%m%d')"; @@ -540,7 +540,7 @@ if ($result < 0) { $sql .= " AND b.datev >= '".$db->escape($year)."-".$db->escape($month)."-01 00:00:00'"; $sql .= " AND b.datev < '".$db->escape($yearnext)."-".$db->escape($monthnext)."-01 00:00:00'"; $sql .= " AND b.amount > 0"; - if ($account && $_GET["option"] != 'all') { + if ($account && GETPOST("option") != 'all') { $sql .= " AND b.fk_account IN (".$db->sanitize($account).")"; } $sql .= " GROUP BY date_format(b.datev,'%d')"; @@ -575,7 +575,7 @@ if ($result < 0) { $sql .= " AND b.datev >= '".$db->escape($year)."-".$db->escape($month)."-01 00:00:00'"; $sql .= " AND b.datev < '".$db->escape($yearnext)."-".$db->escape($monthnext)."-01 00:00:00'"; $sql .= " AND b.amount < 0"; - if ($account && $_GET["option"] != 'all') { + if ($account && GETPOST("option") != 'all') { $sql .= " AND b.fk_account IN (".$db->sanitize($account).")"; } $sql .= " GROUP BY date_format(b.datev,'%d')"; @@ -649,7 +649,7 @@ if ($result < 0) { $sql .= " AND b.datev >= '".$db->escape($year)."-01-01 00:00:00'"; $sql .= " AND b.datev <= '".$db->escape($year)."-12-31 23:59:59'"; $sql .= " AND b.amount > 0"; - if ($account && $_GET["option"] != 'all') { + if ($account && GETPOST("option") != 'all') { $sql .= " AND b.fk_account IN (".$db->sanitize($account).")"; } $sql .= " GROUP BY date_format(b.datev,'%m');"; @@ -676,7 +676,7 @@ if ($result < 0) { $sql .= " AND b.datev >= '".$db->escape($year)."-01-01 00:00:00'"; $sql .= " AND b.datev <= '".$db->escape($year)."-12-31 23:59:59'"; $sql .= " AND b.amount < 0"; - if ($account && $_GET["option"] != 'all') { + if ($account && GETPOST("option") != 'all') { $sql .= " AND b.fk_account IN (".$db->sanitize($account).")"; } $sql .= " GROUP BY date_format(b.datev,'%m')"; @@ -748,7 +748,7 @@ if ($account) { if (!preg_match('/,/', $account)) { $moreparam = '&month='.$month.'&year='.$year.($mode == 'showalltime' ? '&mode=showalltime' : ''); - if ($_GET["option"] != 'all') { + if (GETPOST("option") != 'all') { $morehtml = ''.$langs->trans("ShowAllAccounts").''; dol_banner_tab($object, 'ref', $linkback, 1, 'ref', 'ref', '', $moreparam, 0, '', '', 1); } else { From 10ff06167215d4b837e61794f33910447661c8ab Mon Sep 17 00:00:00 2001 From: Alexandre SPANGARO Date: Mon, 13 Jun 2022 04:38:16 +0200 Subject: [PATCH 6/9] Fix PHP8 on bank --- htdocs/compta/bank/releve.php | 26 ++++++++++++++------------ 1 file changed, 14 insertions(+), 12 deletions(-) diff --git a/htdocs/compta/bank/releve.php b/htdocs/compta/bank/releve.php index 9a0adb6957f..d424a3a8fef 100644 --- a/htdocs/compta/bank/releve.php +++ b/htdocs/compta/bank/releve.php @@ -1,10 +1,11 @@ - * Copyright (C) 2004-2019 Laurent Destailleur - * Copyright (C) 2005-2013 Regis Houssin - * Copyright (C) 2015 Jean-François Ferry - * Copyright (C) 2017 Patrick Delcroix - * Copyright (C) 2019 Nicolas ZABOURI +/* Copyright (C) 2001-2003 Rodolphe Quiedeville + * Copyright (C) 2004-2019 Laurent Destailleur + * Copyright (C) 2005-2013 Regis Houssin + * Copyright (C) 2015 Jean-François Ferry + * Copyright (C) 2017 Patrick Delcroix + * Copyright (C) 2019 Nicolas ZABOURI + * Copyright (C) 2022 Alexandre Spangaro * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -57,6 +58,8 @@ $ve = GETPOST("ve", 'alpha'); $brref = GETPOST('brref', 'alpha'); $oldbankreceipt = GETPOST('oldbankreceipt', 'alpha'); $newbankreceipt = GETPOST('newbankreceipt', 'alpha'); +$rel = GETPOST("rel", 'alphanohtml'); +$backtopage = GETPOST('backtopage', 'alpha'); // Security check $fieldid = (!empty($ref) ? $ref : $id); @@ -112,7 +115,7 @@ $contextpage = 'banktransactionlist'.(empty($object->ref) ? '' : '-'.$object->id // Define number of receipt to show (current, previous or next one ?) $found = false; -if ($_GET["rel"] == 'prev') { +if ($rel == 'prev') { // Recherche valeur pour num = numero releve precedent $sql = "SELECT DISTINCT(b.num_releve) as num"; $sql .= " FROM ".MAIN_DB_PREFIX."bank as b"; @@ -130,7 +133,7 @@ if ($_GET["rel"] == 'prev') { $found = true; } } -} elseif ($_GET["rel"] == 'next') { +} elseif ($rel == 'next') { // Recherche valeur pour num = numero releve precedent $sql = "SELECT DISTINCT(b.num_releve) as num"; $sql .= " FROM ".MAIN_DB_PREFIX."bank as b"; @@ -237,10 +240,10 @@ if (empty($numref)) { $sql .= $db->order($sortfield, $sortorder); // Count total nb of records - $nbtotalofrecords = ''; + $totalnboflines = 0; if (empty($conf->global->MAIN_DISABLE_FULL_SCANLIST)) { $result = $db->query($sql); - $nbtotalofrecords = $db->num_rows($result); + $totalnboflines = $db->num_rows($result); } $sql .= $db->plimit($conf->liste_limit + 1, $offset); @@ -399,9 +402,8 @@ if (empty($numref)) { $title = $langs->trans("AccountStatement").' '.$numref.' - '.$langs->trans("BankAccount").' '.$object->getNomUrl(1, 'receipts'); print load_fiche_titre($title, $morehtmlright, ''); - //print_barre_liste($title, $page, $_SERVER["PHP_SELF"], $param, $sortfield, $sortorder, $massactionbutton, 0, $nbtotalofrecords, 'bank_account', 0, '', '', 0, 1); - print "
"; + print ''; print ''; print ''; From e9d5ba5de3a2456fc80a859dbcf7b8c07f6ed21f Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 13 Jun 2022 10:58:21 +0200 Subject: [PATCH 7/9] Debug v16 --- htdocs/intracommreport/card.php | 17 +++++++++++++++-- .../class/intracommreport.class.php | 5 ++--- 2 files changed, 17 insertions(+), 5 deletions(-) diff --git a/htdocs/intracommreport/card.php b/htdocs/intracommreport/card.php index e801416d63d..681320e0d75 100644 --- a/htdocs/intracommreport/card.php +++ b/htdocs/intracommreport/card.php @@ -68,6 +68,19 @@ $hookmanager->initHooks(array('intracommcard', 'globalcard')); $error = 0; +$permissiontoread = $user->rights->intracommreport->read; +$permissiontoadd = $user->rights->intracommreport->write; +$permissiontodelete = $user->rights->intracommreport->delete; + +// Security check (enable the most restrictive one) +//if ($user->socid > 0) accessforbidden(); +//if ($user->socid > 0) $socid = $user->socid; +//$isdraft = (isset($object->status) && ($object->status == $object::STATUS_DRAFT) ? 1 : 0); +//restrictedArea($user, $object->element, $object->id, $object->table_element, '', 'fk_soc', 'rowid', $isdraft); +if (empty($conf->intracommreport->enabled)) accessforbidden(); +if (!$permissiontoread) accessforbidden(); + + /* * Actions @@ -80,7 +93,7 @@ if ($reshook < 0) { setEventMessages($hookmanager->error, $hookmanager->errors, 'errors'); } -if ($user->rights->intracommreport->delete && $action == 'confirm_delete' && $confirm == 'yes') { +if ($permissiontodelete && $action == 'confirm_delete' && $confirm == 'yes') { $result = $object->delete($id, $user); if ($result > 0) { if (!empty($backtopage)) { @@ -95,7 +108,7 @@ if ($user->rights->intracommreport->delete && $action == 'confirm_delete' && $co } } -if ($action == 'add' && $user->rights->intracommreport->write) { +if ($action == 'add' && $permissiontoadd) { $object->label = trim($label); $object->type = trim($exporttype); $object->type_declaration = $type_declaration; diff --git a/htdocs/intracommreport/class/intracommreport.class.php b/htdocs/intracommreport/class/intracommreport.class.php index ef13649f8c8..c34ad5d8f58 100644 --- a/htdocs/intracommreport/class/intracommreport.class.php +++ b/htdocs/intracommreport/class/intracommreport.class.php @@ -124,7 +124,6 @@ class IntracommReport extends CommonObject */ public function getXML($mode = 'O', $type = 'introduction', $period_reference = '') { - global $conf, $mysoc; /**************Construction de quelques variables********************/ @@ -437,7 +436,8 @@ class IntracommReport extends CommonObject */ public function getNextDeclarationNumber() { - $resql = $this->db->query('SELECT MAX(numero_declaration) as max_declaration_number FROM '.MAIN_DB_PREFIX.$this->table_element." WHERE exporttype='".$this->db->escape($this->exporttype)."'"); + $sql = 'SELECT MAX(numero_declaration) as max_declaration_number FROM '.MAIN_DB_PREFIX.$this->table_element." WHERE exporttype='".$this->db->escape($this->exporttype)."'"; + $resql = $this->db->query($sql); if ($resql) { $res = $this->db->fetch_object($resql); } @@ -463,7 +463,6 @@ class IntracommReport extends CommonObject */ public function generateXMLFile() { - $name = $this->periode.'.xml'; $fname = sys_get_temp_dir().'/'.$name; $f = fopen($fname, 'w+'); From 00d3750ab105e65367de751b1bb5c541c378eb71 Mon Sep 17 00:00:00 2001 From: Laurent Destailleur Date: Mon, 13 Jun 2022 13:10:56 +0200 Subject: [PATCH 8/9] Fix infinite loop --- htdocs/core/lib/functions.lib.php | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/htdocs/core/lib/functions.lib.php b/htdocs/core/lib/functions.lib.php index ab6882e28a2..45e2d51c344 100644 --- a/htdocs/core/lib/functions.lib.php +++ b/htdocs/core/lib/functions.lib.php @@ -6636,13 +6636,17 @@ function dol_string_nohtmltag($stringtoclean, $removelinefeed = 1, $pagecodeto = } else { // Remove '<' into remainging, so remove non closing html tags like '0000-021 + // pass 1 - $temp after pass 1: 0000-021 + // pass 2 - $temp after pass 2: 0000-021 + $tempbis = $temp; do { - // Example of $temp: 0000-021 - // pass 1 - $temp after pass 1: 0000-021 - // pass 2 - $temp after pass 2: 0000-021 + $temp = $tempbis; $tempbis = str_replace('<>', '', $temp); // No reason to have this into a text, except if value is to try bypass the next html cleaning $tempbis = preg_replace($pattern, '', $tempbis); + //$idowhile++; print $temp.'-'.$tempbis."\n"; if ($idowhile > 100) break; } while ($tempbis != $temp); + $temp = $tempbis; // Remove '<' into remaining, so remove non closing html tags like ' Date: Mon, 13 Jun 2022 15:03:45 +0200 Subject: [PATCH 9/9] Fix phpcs --- .../class/intracommreport.class.php | 54 ++++++++++--------- 1 file changed, 28 insertions(+), 26 deletions(-) diff --git a/htdocs/intracommreport/class/intracommreport.class.php b/htdocs/intracommreport/class/intracommreport.class.php index c34ad5d8f58..5411e6b7aaa 100644 --- a/htdocs/intracommreport/class/intracommreport.class.php +++ b/htdocs/intracommreport/class/intracommreport.class.php @@ -24,6 +24,7 @@ */ require_once DOL_DOCUMENT_ROOT.'/core/class/commonobject.class.php'; + /** * Class to manage intracomm report */ @@ -285,34 +286,34 @@ class IntracommReport extends CommonObject global $mysoc, $conf; if ($type == 'expedition' || $exporttype == 'des') { - $sql = 'SELECT f.ref as refinvoice, f.total_ht'; + $sql = "SELECT f.ref as refinvoice, f.total_ht"; $table = 'facture'; $table_extraf = 'facture_extrafields'; $tabledet = 'facturedet'; $field_link = 'fk_facture'; } else { // Introduction - $sql = 'SELECT f.ref_supplier as refinvoice, f.total_ht'; + $sql = "SELECT f.ref_supplier as refinvoice, f.total_ht"; $table = 'facture_fourn'; $table_extraf = 'facture_fourn_extrafields'; $tabledet = 'facture_fourn_det'; $field_link = 'fk_facture_fourn'; } - $sql .= ', l.fk_product, l.qty + $sql .= ", l.fk_product, l.qty , p.weight, p.rowid as id_prod, p.customcode , s.rowid as id_client, s.nom, s.zip, s.fk_pays, s.tva_intra , c.code , ext.mode_transport - FROM '.MAIN_DB_PREFIX.$tabledet.' l - INNER JOIN '.MAIN_DB_PREFIX.$table.' f ON (f.rowid = l.'.$field_link.') - LEFT JOIN '.MAIN_DB_PREFIX.$table_extraf.' ext ON (ext.fk_object = f.rowid) - INNER JOIN '.MAIN_DB_PREFIX.'product p ON (p.rowid = l.fk_product) - INNER JOIN '.MAIN_DB_PREFIX.'societe s ON (s.rowid = f.fk_soc) - LEFT JOIN '.MAIN_DB_PREFIX.'c_country c ON (c.rowid = s.fk_pays) + FROM ".MAIN_DB_PREFIX.$tabledet." l + INNER JOIN ".MAIN_DB_PREFIX.$table." f ON (f.rowid = l.".$this->db->escape($field_link).") + LEFT JOIN ".MAIN_DB_PREFIX.$table_extraf." ext ON (ext.fk_object = f.rowid) + INNER JOIN ".MAIN_DB_PREFIX."product p ON (p.rowid = l.fk_product) + INNER JOIN ".MAIN_DB_PREFIX."societe s ON (s.rowid = f.fk_soc) + LEFT JOIN ".MAIN_DB_PREFIX."c_country c ON (c.rowid = s.fk_pays) WHERE f.fk_statut > 0 - AND l.product_type = '.($exporttype == 'des' ? 1 : 0).' - AND f.entity = '.$conf->entity.' - AND (s.fk_pays <> '.$mysoc->country_id.' OR s.fk_pays IS NULL) - AND f.datef BETWEEN "'.$period_reference.'-01" AND "'.$period_reference.'-'.date('t').'"'; + AND l.product_type = ".($exporttype == "des" ? 1 : 0)." + AND f.entity = ".((int) $conf->entity)." + AND (s.fk_pays <> ".((int) $mysoc->country_id)." OR s.fk_pays IS NULL) + AND f.datef BETWEEN '".$this->db->escape($period_reference)."-01' AND '".$this->db->escape($period_reference)."-".date('t')."'"; return $sql; } @@ -398,27 +399,27 @@ class IntracommReport extends CommonObject } foreach ($TLinesFraisDePort as $res) { - $sql = 'SELECT p.customcode - FROM '.MAIN_DB_PREFIX.$tabledet.' d - INNER JOIN '.MAIN_DB_PREFIX.$table.' f ON (f.rowid = d.'.$field_link.') - INNER JOIN '.MAIN_DB_PREFIX.'product p ON (p.rowid = d.fk_product) + $sql = "SELECT p.customcode + FROM ".MAIN_DB_PREFIX.$tabledet." d + INNER JOIN ".MAIN_DB_PREFIX.$table." f ON (f.rowid = d.".$this->db->escape($field_link).") + INNER JOIN ".MAIN_DB_PREFIX."product p ON (p.rowid = d.fk_product) WHERE d.fk_product IS NOT NULL - AND f.entity = '.$conf->entity.' - AND '.$more_sql.' = "'.$res->refinvoice.'" + AND f.entity = ".((int) $conf->entity)." + AND ".$more_sql." = '".$this->db->escape($res->refinvoice)."' AND d.total_ht = ( SELECT MAX(d.total_ht) - FROM '.MAIN_DB_PREFIX.$tabledet.' d - INNER JOIN '.MAIN_DB_PREFIX.$table.' f ON (f.rowid = d.'.$field_link.') + FROM ".MAIN_DB_PREFIX.$tabledet." d + INNER JOIN ".MAIN_DB_PREFIX.$table." f ON (f.rowid = d.".$this->db->escape($field_link).") WHERE d.fk_product IS NOT NULL - AND '.$more_sql.' = "'.$res->refinvoice.'" + AND ".$more_sql." = '".$this->db->escape($res->refinvoice)."' AND d.fk_product NOT IN ( SELECT fk_product - FROM '.MAIN_DB_PREFIX.'categorie_product - WHERE fk_categorie = '.((int) $categ_fraisdeport->id).' + FROM ".MAIN_DB_PREFIX."categorie_product + WHERE fk_categorie = ".((int) $categ_fraisdeport->id)." ) - )'; + )"; $resql = $this->db->query($sql); $ress = $this->db->fetch_object($resql); @@ -436,7 +437,8 @@ class IntracommReport extends CommonObject */ public function getNextDeclarationNumber() { - $sql = 'SELECT MAX(numero_declaration) as max_declaration_number FROM '.MAIN_DB_PREFIX.$this->table_element." WHERE exporttype='".$this->db->escape($this->exporttype)."'"; + $sql = "SELECT MAX(numero_declaration) as max_declaration_number FROM ".MAIN_DB_PREFIX.$this->table_element; + $sql .= " WHERE exporttype = '".$this->db->escape($this->exporttype)."'"; $resql = $this->db->query($sql); if ($resql) { $res = $this->db->fetch_object($resql);
'.$langs->trans("CurrentBalance")."'.price($balance).'