diff --git a/ChangeLog b/ChangeLog
index 766efb9c02a..ace6c60c0c0 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -31,6 +31,23 @@ Following changes may create regression for some external modules, but were nece
content by doing a print into function, sometimes by returning content into "resprint". This has been fixed to follow
hook specifications so you must return output into "resprint".
+***** ChangeLog for 5.0.4 compared to 5.0.3 *****
+FIX: #6880
+FIX: #6925
+FIX: #6926
+FIX: Can set supplier invoice to billed.
+FIX: Can't create invoice if PO disapproved
+FIX: contratligne update
+FIX: CVE-2017-7886
+FIX: default param
+FIX: Line of invoices not inserted when using POS module and VAT NPR.
+FIX: origin & originid on supplierproposal
+FIX: Redirect to payment page from member subscription page failed if a unique security key was defined.
+FIX: REST api to get project when user has permission to read all.
+FIX: situation_progress param default value must be 100 and not 0
+FIX: SQL injection on user/index.php parameter search_statut.
+FIX: Warnings
+
***** ChangeLog for 5.0.3 compared to 5.0.2 *****
FIX: #6677 Expired contracts dashboard box does not show the name of the thirdparty
FIX: #6813
diff --git a/htdocs/accountancy/admin/accountmodel.php b/htdocs/accountancy/admin/accountmodel.php
index aa6c4a71551..ff908d6d066 100644
--- a/htdocs/accountancy/admin/accountmodel.php
+++ b/htdocs/accountancy/admin/accountmodel.php
@@ -54,6 +54,7 @@ $action=GETPOST('action','alpha')?GETPOST('action','alpha'):'view';
$confirm=GETPOST('confirm','alpha');
$id=GETPOST('id','int');
$rowid=GETPOST('rowid','alpha');
+$code=GETPOST('code','alpha');
$acts[0] = "activate";
$acts[1] = "disable";
@@ -225,7 +226,7 @@ if ($id == 25)
if (GETPOST('button_removefilter') || GETPOST('button_removefilter.x') || GETPOST('button_removefilter_x'))
{
- $search_country_id = '';
+ $search_country_id = '';
}
// Actions add or modify an entry into a dictionary
@@ -459,8 +460,8 @@ if ($action == $acts[0])
if ($rowid) {
$sql = "UPDATE ".$tabname[$id]." SET active = 1 WHERE ".$rowidcol."='".$rowid."'";
}
- elseif ($_GET["code"]) {
- $sql = "UPDATE ".$tabname[$id]." SET active = 1 WHERE code='".$_GET["code"]."'";
+ elseif ($code) {
+ $sql = "UPDATE ".$tabname[$id]." SET active = 1 WHERE code='".$code."'";
}
$result = $db->query($sql);
@@ -479,8 +480,8 @@ if ($action == $acts[1])
if ($rowid) {
$sql = "UPDATE ".$tabname[$id]." SET active = 0 WHERE ".$rowidcol."='".$rowid."'";
}
- elseif ($_GET["code"]) {
- $sql = "UPDATE ".$tabname[$id]." SET active = 0 WHERE code='".$_GET["code"]."'";
+ elseif ($code) {
+ $sql = "UPDATE ".$tabname[$id]." SET active = 0 WHERE code='".$code."'";
}
$result = $db->query($sql);
@@ -499,8 +500,8 @@ if ($action == 'activate_favorite')
if ($rowid) {
$sql = "UPDATE ".$tabname[$id]." SET favorite = 1 WHERE ".$rowidcol."='".$rowid."'";
}
- elseif ($_GET["code"]) {
- $sql = "UPDATE ".$tabname[$id]." SET favorite = 1 WHERE code='".$_GET["code"]."'";
+ elseif ($code) {
+ $sql = "UPDATE ".$tabname[$id]." SET favorite = 1 WHERE code='".$code."'";
}
$result = $db->query($sql);
@@ -519,8 +520,8 @@ if ($action == 'disable_favorite')
if ($rowid) {
$sql = "UPDATE ".$tabname[$id]." SET favorite = 0 WHERE ".$rowidcol."='".$rowid."'";
}
- elseif ($_GET["code"]) {
- $sql = "UPDATE ".$tabname[$id]." SET favorite = 0 WHERE code='".$_GET["code"]."'";
+ elseif ($code) {
+ $sql = "UPDATE ".$tabname[$id]." SET favorite = 0 WHERE code='".$code."'";
}
$result = $db->query($sql);
@@ -556,7 +557,7 @@ print " \n";
// Confirmation de la suppression de la ligne
if ($action == 'delete')
{
- print $form->formconfirm($_SERVER["PHP_SELF"].'?'.($page?'page='.$page.'&':'').'sortfield='.$sortfield.'&sortorder='.$sortorder.'&rowid='.$rowid.'&code='.$_GET["code"].'&id='.$id, $langs->trans('DeleteLine'), $langs->trans('ConfirmDeleteLine'), 'confirm_delete','',0,1);
+ print $form->formconfirm($_SERVER["PHP_SELF"].'?'.($page?'page='.$page.'&':'').'sortfield='.$sortfield.'&sortorder='.$sortorder.'&rowid='.$rowid.'&code='.$code.'&id='.$id, $langs->trans('DeleteLine'), $langs->trans('ConfirmDeleteLine'), 'confirm_delete','',0,1);
}
//var_dump($elementList);
@@ -574,7 +575,7 @@ if ($id)
else $sql.=" WHERE ";
$sql.= " c.rowid = ".$search_country_id;
}
-
+
if ($sortfield)
{
// If sort order is "country", we use country_code instead
@@ -600,7 +601,7 @@ if ($id)
print '';
@@ -1124,7 +1124,7 @@ elseif ($action == 'show_week') // View by week
echo "\n";
echo '';
@@ -1188,7 +1188,7 @@ function show_day_events($db, $day, $month, $year, $monthshown, $style, &$eventa
global $cachethirdparties, $cachecontacts, $cacheusers, $colorindexused;
$dateint = sprintf("%04d",$year).sprintf("%02d",$month).sprintf("%02d",$day);
-
+
print "\n";
// Line with title of day
@@ -1247,7 +1247,7 @@ function show_day_events($db, $day, $month, $year, $monthshown, $style, &$eventa
if (in_array($user->id, $keysofuserassigned))
{
$nummytasks++; $cssclass='family_mytasks';
-
+
if (empty($cacheusers[$event->userownerid]))
{
$newuser=new User($db);
@@ -1255,7 +1255,7 @@ function show_day_events($db, $day, $month, $year, $monthshown, $style, &$eventa
$cacheusers[$event->userownerid]=$newuser;
}
//var_dump($cacheusers[$event->userownerid]->color);
-
+
// We decide to choose color of owner of event (event->userownerid is user id of owner, event->userassigned contains all users assigned to event)
if (! empty($cacheusers[$event->userownerid]->color)) $color=$cacheusers[$event->userownerid]->color;
}
@@ -1277,10 +1277,10 @@ function show_day_events($db, $day, $month, $year, $monthshown, $style, &$eventa
}
else
{
- $numother++;
+ $numother++;
$color=($event->icalcolor?$event->icalcolor:-1);
$cssclass=(! empty($event->icalname)?'family_ext'.md5($event->icalname):'family_other');
-
+
if (empty($cacheusers[$event->userownerid]))
{
$newuser=new User($db);
@@ -1288,7 +1288,7 @@ function show_day_events($db, $day, $month, $year, $monthshown, $style, &$eventa
$cacheusers[$event->userownerid]=$newuser;
}
//var_dump($cacheusers[$event->userownerid]->color);
-
+
// We decide to choose color of owner of event (event->userownerid is user id of owner, event->userassigned contains all users assigned to event)
if (! empty($cacheusers[$event->userownerid]->color)) $color=$cacheusers[$event->userownerid]->color;
}
@@ -1364,9 +1364,9 @@ function show_day_events($db, $day, $month, $year, $monthshown, $style, &$eventa
print '">';
print '
';
print '
';
-
+
$daterange='';
-
+
if ($event->type_code == 'BIRTHDAY') // It's a birthday
{
print $event->getNomUrl(1,$maxnbofchar,'cal_event','birthday','contact');
@@ -1426,9 +1426,9 @@ function show_day_events($db, $day, $month, $year, $monthshown, $style, &$eventa
// Show title
$titletoshow = $daterange;
$titletoshow.=($titletoshow?' ':'').$event->libelle;
-
+
if ($event->type_code == 'ICALEVENT') print $titletoshow;
- else
+ else
{
$savlabel=$event->libelle;
$event->libelle=$titletoshow;
@@ -1449,11 +1449,11 @@ function show_day_events($db, $day, $month, $year, $monthshown, $style, &$eventa
$newuser->fetch($tmpid);
$cacheusers[$tmpid]=$newuser;
}
-
+
$listofusertoshow.=$cacheusers[$tmpid]->getNomUrl(-3, '', 0, 0, 0, 0, '', 'valigntextbottom');
}
print $listofusertoshow;
-
+
if ($event->type_code == 'ICALEVENT') print ' ('.dol_trunc($event->icalname,$maxnbofchar).')';
// If action related to company / contact
@@ -1506,7 +1506,7 @@ function show_day_events($db, $day, $month, $year, $monthshown, $style, &$eventa
if ($event->type_code != 'BIRTHDAY' && $event->type_code != 'ICALEVENT')
{
$withstatus=1;
- if ($event->percentage >= 0) $withstatus=2;
+ if ($event->percentage >= 0) $withstatus=2;
}
print '
';
diff --git a/htdocs/core/actions_sendmails.inc.php b/htdocs/core/actions_sendmails.inc.php
index dded23e6cbf..7bb3e8aec49 100644
--- a/htdocs/core/actions_sendmails.inc.php
+++ b/htdocs/core/actions_sendmails.inc.php
@@ -31,7 +31,7 @@
/*
* Add file in email form
-*/
+ */
if (GETPOST('addfile'))
{
$trackid = GETPOST('trackid','aZ09');
@@ -137,7 +137,7 @@ if (($action == 'send' || $action == 'relance') && ! $_POST['addfile'] && ! $_PO
{
$sendtosocid=$possibleaccounts[1]['id'];
$result=$object->fetch($sendtosocid);
-
+
setEventMessages($langs->trans('ErrorFoundMoreThanOneRecordWithEmail',$_POST['sendto'],$object->name), null, 'mesgs');
}
else
@@ -229,7 +229,12 @@ if (($action == 'send' || $action == 'relance') && ! $_POST['addfile'] && ! $_PO
if (dol_strlen($sendto))
{
- require_once DOL_DOCUMENT_ROOT.'/core/class/CMailFile.class.php';
+ // Define $urlwithroot
+ $urlwithouturlroot=preg_replace('/'.preg_quote(DOL_URL_ROOT,'/').'$/i','',trim($dolibarr_main_url_root));
+ $urlwithroot=$urlwithouturlroot.DOL_URL_ROOT; // This is to use external domain name found into config file
+ //$urlwithroot=DOL_MAIN_URL_ROOT; // This is to use same domain name than current
+
+ require_once DOL_DOCUMENT_ROOT.'/core/class/CMailFile.class.php';
$langs->load("commercial");
@@ -254,11 +259,17 @@ if (($action == 'send' || $action == 'relance') && ! $_POST['addfile'] && ! $_PO
$replyto = $_POST['replytoname']. ' <' . $_POST['replytomail'].'>';
$message = $_POST['message'];
-
+
+ // Make a change into HTML code to allow to include images from medias directory with an external reabable URL.
+ //
+ // become
+ //
+ $message=preg_replace('/()/', '\1'.$urlwithroot.'/viewimage.php\2modulepart=medias\3file=\4\5', $message);
+
$sendtobcc= GETPOST('sendtoccc');
- if ($mode == 'emailfromproposal') $sendtobcc .= (empty($conf->global->MAIN_MAIL_AUTOCOPY_PROPOSAL_TO) ? '' : (($sendtobcc?", ":"").$conf->global->MAIN_MAIL_AUTOCOPY_PROPOSAL_TO));
- if ($mode == 'emailfromorder') $sendtobcc .= (empty($conf->global->MAIN_MAIL_AUTOCOPY_ORDER_TO) ? '' : (($sendtobcc?", ":"").$conf->global->MAIN_MAIL_AUTOCOPY_ORDER_TO));
- if ($mode == 'emailfrominvoice') $sendtobcc .= (empty($conf->global->MAIN_MAIL_AUTOCOPY_INVOICE_TO) ? '' : (($sendtobcc?", ":"").$conf->global->MAIN_MAIL_AUTOCOPY_INVOICE_TO));
+ if ($mode == 'emailfromproposal') $sendtobcc .= (empty($conf->global->MAIN_MAIL_AUTOCOPY_PROPOSAL_TO) ? '' : (($sendtobcc?", ":"").$conf->global->MAIN_MAIL_AUTOCOPY_PROPOSAL_TO));
+ if ($mode == 'emailfromorder') $sendtobcc .= (empty($conf->global->MAIN_MAIL_AUTOCOPY_ORDER_TO) ? '' : (($sendtobcc?", ":"").$conf->global->MAIN_MAIL_AUTOCOPY_ORDER_TO));
+ if ($mode == 'emailfrominvoice') $sendtobcc .= (empty($conf->global->MAIN_MAIL_AUTOCOPY_INVOICE_TO) ? '' : (($sendtobcc?", ":"").$conf->global->MAIN_MAIL_AUTOCOPY_INVOICE_TO));
if ($mode == 'emailfromsupplierproposal') $sendtobcc .= (empty($conf->global->MAIN_MAIL_AUTOCOPY_SUPPLIER_PROPOSAL_TO) ? '' : (($sendtobcc?", ":"").$conf->global->MAIN_MAIL_AUTOCOPY_SUPPLIER_PROPOSAL_TO));
if ($mode == 'emailfromsupplierorder') $sendtobcc .= (empty($conf->global->MAIN_MAIL_AUTOCOPY_SUPPLIER_ORDER_TO) ? '' : (($sendtobcc?", ":"").$conf->global->MAIN_MAIL_AUTOCOPY_SUPPLIER_ORDER_TO));
if ($mode == 'emailfromsupplierinvoice') $sendtobcc .= (empty($conf->global->MAIN_MAIL_AUTOCOPY_SUPPLIER_INVOICE_TO) ? '' : (($sendtobcc?", ":"").$conf->global->MAIN_MAIL_AUTOCOPY_SUPPLIER_INVOICE_TO));
@@ -371,7 +382,7 @@ if (($action == 'send' || $action == 'relance') && ! $_POST['addfile'] && ! $_PO
if (is_object($object))
{
if (empty($actiontypecode)) $actiontypecode='AC_OTH_AUTO'; // Event insert into agenda automatically
-
+
$object->socid = $sendtosocid; // To link to a company
$object->sendtoid = $sendtoid; // To link to contacts/addresses. This is an array.
$object->actiontypecode = $actiontypecode; // Type of event ('AC_OTH', 'AC_OTH_AUTO', 'AC_XXX'...)
@@ -392,7 +403,7 @@ if (($action == 'send' || $action == 'relance') && ! $_POST['addfile'] && ! $_PO
}
}
}
-
+
if ($error)
{
dol_print_error($db);
@@ -403,7 +414,7 @@ if (($action == 'send' || $action == 'relance') && ! $_POST['addfile'] && ! $_PO
// This avoid sending mail twice if going out and then back to page
$mesg=$langs->trans('MailSuccessfulySent',$mailfile->getValidAddress($from,2),$mailfile->getValidAddress($sendto,2));
setEventMessages($mesg, null, 'mesgs');
- if ($conf->dolimail->enabled)
+ if ($conf->dolimail->enabled)
{
header('Location: '.$_SERVER["PHP_SELF"].'?'.($paramname?$paramname:'id').'='.(is_object($object)?$object->id:'').'&'.($paramname2?$paramname2:'mid').'='.$parm2val);
exit;
diff --git a/htdocs/core/ajax/ajaxdirpreview.php b/htdocs/core/ajax/ajaxdirpreview.php
index a21f0d107cd..e0623788963 100644
--- a/htdocs/core/ajax/ajaxdirpreview.php
+++ b/htdocs/core/ajax/ajaxdirpreview.php
@@ -139,7 +139,7 @@ if (! dol_is_dir($upload_dir))
}
print ''."\n";
-print ''."\n";
+//print ''."\n";
$param=($sortfield?'&sortfield='.$sortfield:'').($sortorder?'&sortorder='.$sortorder:'');
diff --git a/htdocs/core/ajax/bankconciliate.php b/htdocs/core/ajax/bankconciliate.php
index 24318be6cf8..65620c5429c 100644
--- a/htdocs/core/ajax/bankconciliate.php
+++ b/htdocs/core/ajax/bankconciliate.php
@@ -45,7 +45,7 @@ $action=GETPOST('action','aZ09');
//top_htmlhead("", "", 1); // Replaced with top_httphead. An ajax page does not need html header.
top_httphead();
-//print ''."\n";
+//print ''."\n";
if (($user->rights->banque->modifier || $user->rights->banque->consolidate) && $action == 'dvnext')
{
diff --git a/htdocs/core/ajax/box.php b/htdocs/core/ajax/box.php
index 7826747769b..612f38bb05b 100644
--- a/htdocs/core/ajax/box.php
+++ b/htdocs/core/ajax/box.php
@@ -50,7 +50,7 @@ $userid=GETPOST('userid','int');
//top_htmlhead("", "", 1); // Replaced with top_httphead. An ajax page does not need html header.
top_httphead();
-print ''."\n";
+print ''."\n";
// Add a box
if ($boxid > 0 && $zone !='' && $userid > 0)
diff --git a/htdocs/core/ajax/constantonoff.php b/htdocs/core/ajax/constantonoff.php
index 331a5e87513..f79753260d7 100644
--- a/htdocs/core/ajax/constantonoff.php
+++ b/htdocs/core/ajax/constantonoff.php
@@ -45,7 +45,7 @@ $name=GETPOST('name','alpha');
//top_htmlhead("", "", 1); // Replaced with top_httphead. An ajax page does not need html header.
top_httphead();
-print ''."\n";
+//print ''."\n";
// Registering the location of boxes
if (! empty($action) && ! empty($name))
diff --git a/htdocs/core/ajax/contacts.php b/htdocs/core/ajax/contacts.php
index c3788a8baeb..1c7c7a56e4b 100644
--- a/htdocs/core/ajax/contacts.php
+++ b/htdocs/core/ajax/contacts.php
@@ -41,20 +41,20 @@ $showempty = GETPOST('showempty','int');
top_httphead();
-//print ''."\n";
+//print ''."\n";
// Load original field value
if (! empty($id) && ! empty($action) && ! empty($htmlname))
{
$form = new Form($db);
-
+
$return=array();
if (empty($showempty)) $showempty=0;
-
+
$return['value'] = $form->selectcontacts($id,'',$htmlname,$showempty,'','',0,'',true);
$return['num'] = $form->num;
$return['error'] = $form->error;
-
+
echo json_encode($return);
}
diff --git a/htdocs/core/ajax/extraparams.php b/htdocs/core/ajax/extraparams.php
index 510ef8a1cf8..f8a636e52a5 100644
--- a/htdocs/core/ajax/extraparams.php
+++ b/htdocs/core/ajax/extraparams.php
@@ -40,17 +40,17 @@ $type = GETPOST('type', 'alpha');
top_httphead();
-print ''."\n";
+print ''."\n";
if(! empty($id) && ! empty($element) && ! empty($htmlelement) && ! empty($type))
{
$value = GETPOST('value','alpha');
$params=array();
-
+
dol_syslog("AjaxSetExtraParameters id=".$id." element=".$element." htmlelement=".$htmlelement." type=".$type." value=".$value, LOG_DEBUG);
-
+
$classpath = $subelement = $element;
-
+
// For compatibility
if ($element == 'order' || $element == 'commande') { $classpath = $subelement = 'commande'; }
else if ($element == 'propal') { $classpath = 'comm/propal'; $subelement = 'propal'; }
@@ -60,19 +60,19 @@ if(! empty($id) && ! empty($element) && ! empty($htmlelement) && ! empty($type))
else if ($element == 'deplacement') { $classpath = 'compta/deplacement'; $subelement = 'deplacement'; }
else if ($element == 'order_supplier') { $classpath = 'fourn'; $subelement = 'fournisseur.commande'; }
else if ($element == 'invoice_supplier') { $classpath = 'fourn'; $subelement = 'fournisseur.facture'; }
-
+
dol_include_once('/'.$classpath.'/class/'.$subelement.'.class.php');
-
+
if ($element == 'order_supplier') { $classname = 'CommandeFournisseur'; }
else if ($element == 'invoice_supplier') { $classname = 'FactureFournisseur'; }
else $classname = ucfirst($subelement);
-
+
$object = new $classname($db);
$object->fetch($id);
-
+
$params[$htmlelement] = array($type => $value);
$object->extraparams = array_merge($object->extraparams, $params);
-
+
$result=$object->setExtraParameters();
}
diff --git a/htdocs/core/ajax/loadinplace.php b/htdocs/core/ajax/loadinplace.php
index de3a4e57d19..7e9e541c768 100644
--- a/htdocs/core/ajax/loadinplace.php
+++ b/htdocs/core/ajax/loadinplace.php
@@ -41,7 +41,7 @@ $fk_element = GETPOST('fk_element','alpha');
top_httphead();
-//print ''."\n";
+//print ''."\n";
// Load original field value
if (! empty($field) && ! empty($element) && ! empty($table_element) && ! empty($fk_element))
diff --git a/htdocs/core/ajax/objectonoff.php b/htdocs/core/ajax/objectonoff.php
index 6ac5abd3bbb..37173ed9943 100644
--- a/htdocs/core/ajax/objectonoff.php
+++ b/htdocs/core/ajax/objectonoff.php
@@ -42,7 +42,7 @@ $object = new GenericObject($db);
top_httphead();
-print ''."\n";
+print ''."\n";
// Registering new values
if (($action == 'set') && ! empty($id))
diff --git a/htdocs/core/ajax/price.php b/htdocs/core/ajax/price.php
index 5c891df14d5..d4a101fb497 100644
--- a/htdocs/core/ajax/price.php
+++ b/htdocs/core/ajax/price.php
@@ -39,7 +39,7 @@ $tva_tx = str_replace('*','',GETPOST('tva_tx','alpha'));
top_httphead();
-//print ''."\n";
+//print ''."\n";
// Load original field value
if (! empty($output) && isset($amount) && isset($tva_tx))
diff --git a/htdocs/core/ajax/row.php b/htdocs/core/ajax/row.php
index 331b4ceaac8..6e358bdbd88 100644
--- a/htdocs/core/ajax/row.php
+++ b/htdocs/core/ajax/row.php
@@ -18,8 +18,8 @@
/**
* \file htdocs/core/ajax/row.php
- * \brief File to return Ajax response on Row move.
- * This ajax page is called when doing an up or down drag and drop.
+ * \brief File to return Ajax response on Row move.
+ * This ajax page is called when doing an up or down drag and drop.
*/
if (! defined('NOTOKENRENEWAL')) define('NOTOKENRENEWAL','1'); // Disable token renewal
@@ -40,7 +40,7 @@ require_once DOL_DOCUMENT_ROOT.'/core/class/genericobject.class.php';
top_httphead();
-print ''."\n";
+print ''."\n";
// Registering the location of boxes
if ((isset($_POST['roworder']) && ! empty($_POST['roworder'])) && (isset($_POST['table_element_line']) && ! empty($_POST['table_element_line']))
diff --git a/htdocs/core/ajax/saveinplace.php b/htdocs/core/ajax/saveinplace.php
index 48797dd0432..eb04379a778 100644
--- a/htdocs/core/ajax/saveinplace.php
+++ b/htdocs/core/ajax/saveinplace.php
@@ -54,7 +54,7 @@ savemethodname:
top_httphead();
-//print ''."\n";
+//print ''."\n";
//print_r($_POST);
// Load original field value
diff --git a/htdocs/core/ajax/security.php b/htdocs/core/ajax/security.php
index 28a53a87679..cc7335618d0 100644
--- a/htdocs/core/ajax/security.php
+++ b/htdocs/core/ajax/security.php
@@ -17,8 +17,8 @@
/**
* \file htdocs/core/ajax/security.php
- * \brief This ajax component is used to generated has keys for security purposes
- * like key to use into URL to protect them.
+ * \brief This ajax component is used to generated has keys for security purposes
+ * like key to use into URL to protect them.
*/
if (! defined('NOTOKENRENEWAL')) define('NOTOKENRENEWAL','1'); // Disables token renewal
@@ -38,7 +38,7 @@ require '../../main.inc.php';
//top_htmlhead("", "", 1); // Replaced with top_httphead. An ajax page does not need html header.
top_httphead();
-//print ''."\n";
+//print ''."\n";
// Registering the location of boxes
if (isset($_GET['action']) && ! empty($_GET['action']))
diff --git a/htdocs/core/ajax/vatrates.php b/htdocs/core/ajax/vatrates.php
index fc30a13afec..ac9691bfa25 100644
--- a/htdocs/core/ajax/vatrates.php
+++ b/htdocs/core/ajax/vatrates.php
@@ -41,7 +41,7 @@ $productid = (GETPOST('productid','int')?GETPOST('productid','int'):0);
top_httphead();
-//print ''."\n";
+//print ''."\n";
// Load original field value
if (! empty($id) && ! empty($action) && ! empty($htmlname))
diff --git a/htdocs/core/ajax/ziptown.php b/htdocs/core/ajax/ziptown.php
index 30e0211ece1..9fa475039d9 100644
--- a/htdocs/core/ajax/ziptown.php
+++ b/htdocs/core/ajax/ziptown.php
@@ -45,7 +45,7 @@ require_once DOL_DOCUMENT_ROOT.'/core/class/html.formcompany.class.php';
//top_htmlhead("", "", 1); // Replaced with top_httphead. An ajax page does not need html header.
top_httphead();
-//print ''."\n";
+//print ''."\n";
dol_syslog("GET is ".join(',',$_GET).', MAIN_USE_ZIPTOWN_DICTIONNARY='.(empty($conf->global->MAIN_USE_ZIPTOWN_DICTIONNARY)?'':$conf->global->MAIN_USE_ZIPTOWN_DICTIONNARY));
//var_dump($_GET);
diff --git a/htdocs/core/class/commonobject.class.php b/htdocs/core/class/commonobject.class.php
index 3ac7cb6ffb3..b87b3d28ea8 100644
--- a/htdocs/core/class/commonobject.class.php
+++ b/htdocs/core/class/commonobject.class.php
@@ -3097,9 +3097,18 @@ abstract class CommonObject
$trueWeightUnit=pow(10, $weightUnit);
$totalWeight += $weight * $qty * $trueWeightUnit;
}
- else
- {
- $totalWeight += $weight * $qty; // This may be wrong if we mix different units
+ else {
+ if ($weight_units == 99) {
+ // conversion 1 Pound = 0.45359237 KG
+ $trueWeightUnit = 0.45359237;
+ $totalWeight += $weight * $qty * $trueWeightUnit;
+ } elseif ($weight_units == 98) {
+ // conversion 1 Ounce = 0.0283495 KG
+ $trueWeightUnit = 0.0283495;
+ $totalWeight += $weight * $qty * $trueWeightUnit;
+ }
+ else
+ $totalWeight += $weight * $qty; // This may be wrong if we mix different units
}
if ($volume_units < 50) // >50 means a standard unit (power of 10 of official unit), > 50 means an exotic unit (like inch)
{
diff --git a/htdocs/core/class/html.formmail.class.php b/htdocs/core/class/html.formmail.class.php
index 860d3fcfb1c..d59ac6c25af 100644
--- a/htdocs/core/class/html.formmail.class.php
+++ b/htdocs/core/class/html.formmail.class.php
@@ -288,14 +288,15 @@ class FormMail extends Form
$outputlangs->load('other');
}
- // Get message template
+ // Get message template for $this->param["models"] into c_email_templates
$model_id=0;
if (array_key_exists('models_id',$this->param))
{
$model_id=$this->param["models_id"];
}
$arraydefaultmessage=$this->getEMailTemplate($this->db, $this->param["models"], $user, $outputlangs, $model_id);
- //var_dump($arraydefaultmessage);
+ //var_dump($this->param["models"]);
+ //var_dump($arraydefaultmessage);
$out.= "\n".''."\n";
if ($this->withform == 1)
@@ -876,6 +877,7 @@ class FormMail extends Form
elseif ($type_template=='shipping_send') { $defaultmessage=$outputlangs->transnoentities("PredefinedMailContentSendShipping"); }
elseif ($type_template=='fichinter_send') { $defaultmessage=$outputlangs->transnoentities("PredefinedMailContentSendFichInter"); }
elseif ($type_template=='thirdparty') { $defaultmessage=$outputlangs->transnoentities("PredefinedMailContentThirdparty"); }
+ elseif ($type_template=='user') { $defaultmessage=$outputlangs->transnoentities("PredefinedMailContentUser"); }
$ret['label']='default';
$ret['topic']='';
diff --git a/htdocs/core/class/html.formother.class.php b/htdocs/core/class/html.formother.class.php
index 5af4024f9c2..1908d04c312 100644
--- a/htdocs/core/class/html.formother.class.php
+++ b/htdocs/core/class/html.formother.class.php
@@ -1062,7 +1062,7 @@ class FormOther
async: false
});
// We force reload to be sure to get all boxes into list
- window.location.search=\'mainmenu='.GETPOST("mainmenu").'&leftmenu='.GETPOST('leftmenu').'&action=delbox\';
+ window.location.search=\'mainmenu='.GETPOST("mainmenu","aZ09").'&leftmenu='.GETPOST('leftmenu',"aZ09").'&action=delbox\';
}
else
{
@@ -1084,7 +1084,7 @@ class FormOther
url: \''.DOL_URL_ROOT.'/core/ajax/box.php?boxorder=\'+boxorder+\'&boxid=\'+boxid+\'&zone='.$areacode.'&userid='.$user->id.'\',
async: false
});
- window.location.search=\'mainmenu='.GETPOST("mainmenu").'&leftmenu='.GETPOST('leftmenu').'&action=addbox&boxid=\'+boxid;
+ window.location.search=\'mainmenu='.GETPOST("mainmenu","aZ09").'&leftmenu='.GETPOST('leftmenu',"aZ09").'&action=addbox&boxid=\'+boxid;
}
});';
if (! count($arrayboxtoactivatelabel)) $selectboxlist.='jQuery("#boxcombo").hide();';
diff --git a/htdocs/core/lib/admin.lib.php b/htdocs/core/lib/admin.lib.php
index ba5f099365c..e90f006ac7e 100644
--- a/htdocs/core/lib/admin.lib.php
+++ b/htdocs/core/lib/admin.lib.php
@@ -756,7 +756,7 @@ function purgeSessions($mysessionid)
*/
function activateModule($value,$withdeps=1)
{
- global $db, $modules, $langs, $conf;
+ global $db, $modules, $langs, $conf, $mysoc;
// Check parameters
if (empty($value)) {
@@ -813,7 +813,7 @@ function activateModule($value,$withdeps=1)
}
$result=$objMod->init(); // Enable module
- if ($result <= 0)
+ if ($result <= 0)
{
$ret['errors'][]=$objMod->error;
}
@@ -848,19 +848,19 @@ function activateModule($value,$withdeps=1)
break;
}
}
-
+
if ($activate)
{
$ret['nbmodules']+=$resarray['nbmodules'];
$ret['nbperms']+=$resarray['nbperms'];
}
- else
+ else
{
$ret['errors'][] = $langs->trans('activateModuleDependNotSatisfied', $objMod->name, $modulestring);
}
}
}
-
+
if (isset($objMod->conflictwith) && is_array($objMod->conflictwith) && ! empty($objMod->conflictwith))
{
// Desactivation des modules qui entrent en conflit
@@ -879,12 +879,12 @@ function activateModule($value,$withdeps=1)
}
}
- if (! count($ret['errors']))
+ if (! count($ret['errors']))
{
$ret['nbmodules']++;
$ret['nbperms']+=count($objMod->rights);
}
-
+
return $ret;
}
@@ -1221,7 +1221,7 @@ function form_constantes($tableau, $strictw3c=0, $helptext='')
if ($result)
{
$obj = $db->fetch_object($result); // Take first result of select
-
+
// For avoid warning in strict mode
if (empty($obj)) {
@@ -1360,7 +1360,7 @@ function showModulesExludedForExternal($modules)
//if (empty($conf->global->$moduleconst)) continue;
if (! in_array($modulename,$listofmodules)) continue;
//var_dump($modulename.'eee'.$langs->trans('Module'.$module->numero.'Name'));
-
+
if ($i > 0) $text.=', ';
else $text.=' ';
$i++;
@@ -1391,7 +1391,7 @@ function addDocumentModel($name, $type, $label='', $description='')
$sql.= ($label?"'".$db->escape($label)."'":'null').", ";
$sql.= (! empty($description)?"'".$db->escape($description)."'":"null");
$sql.= ")";
-
+
dol_syslog("admin.lib::addDocumentModel", LOG_DEBUG);
$resql=$db->query($sql);
if ($resql)
diff --git a/htdocs/core/lib/functions.lib.php b/htdocs/core/lib/functions.lib.php
index fd3b0012165..ca3d0587905 100644
--- a/htdocs/core/lib/functions.lib.php
+++ b/htdocs/core/lib/functions.lib.php
@@ -411,9 +411,6 @@ function GETPOST($paramname, $check='', $method=0, $filter=NULL, $options=NULL)
case 'intcomma':
if (preg_match('/[^0-9,]+/i',$out)) $out='';
break;
- case 'intcomma':
- if (preg_match('/[^0-9,]+/i',$out)) $out='';
- break;
case 'alpha':
$out=trim($out);
// '"' is dangerous because param in url can close the href= or src= and add javascript functions.
@@ -3168,8 +3165,8 @@ function dol_print_error($db='',$error='',$errors=null)
$out.="".$langs->trans("Referer").": ".(isset($_SERVER["HTTP_REFERER"])?dol_htmlentities($_SERVER["HTTP_REFERER"],ENT_COMPAT,'UTF-8'):'')." \n";
$out.="".$langs->trans("MenuManager").": ".(isset($conf->standard_menu)?$conf->standard_menu:'')." \n";
$out.=" \n";
- $syslog.="url=".$_SERVER["REQUEST_URI"];
- $syslog.=", query_string=".$_SERVER["QUERY_STRING"];
+ $syslog.="url=".dol_escape_htmltag($_SERVER["REQUEST_URI"]);
+ $syslog.=", query_string=".dol_escape_htmltag($_SERVER["QUERY_STRING"]);
}
else // Mode CLI
{
diff --git a/htdocs/core/lib/pdf.lib.php b/htdocs/core/lib/pdf.lib.php
index a9fb8e52734..3c771220c70 100644
--- a/htdocs/core/lib/pdf.lib.php
+++ b/htdocs/core/lib/pdf.lib.php
@@ -865,7 +865,7 @@ function pdf_pagefoot(&$pdf,$outputlangs,$paramfreetext,$fromcompany,$marge_bass
// Make a change into HTML code to allow to include images from medias directory.
//
// become
- //
+ //
$newfreetext=preg_replace('/()/', '\1'.DOL_DATA_ROOT.'/medias/\2\3', $newfreetext);
$line.=$outputlangs->convToOutputCharset($newfreetext);
diff --git a/htdocs/core/lib/product.lib.php b/htdocs/core/lib/product.lib.php
index 5aec64f3ce0..7048b8570c6 100644
--- a/htdocs/core/lib/product.lib.php
+++ b/htdocs/core/lib/product.lib.php
@@ -441,7 +441,8 @@ function measuring_units_string($unit,$measuring_style='')
$measuring_units[0] = $langs->transnoentitiesnoconv("WeightUnitkg");
$measuring_units[-3] = $langs->transnoentitiesnoconv("WeightUnitg");
$measuring_units[-6] = $langs->transnoentitiesnoconv("WeightUnitmg");
- $measuring_units[99] = $langs->transnoentitiesnoconv("WeightUnitpound");
+ $measuring_units[98] = $langs->transnoentitiesnoconv("WeightUnitounce");
+ $measuring_units[99] = $langs->transnoentitiesnoconv("WeightUnitpound");
}
else if ($measuring_style == 'size')
{
diff --git a/htdocs/core/lib/security2.lib.php b/htdocs/core/lib/security2.lib.php
index d20b9612b5f..248c3bde43e 100644
--- a/htdocs/core/lib/security2.lib.php
+++ b/htdocs/core/lib/security2.lib.php
@@ -144,10 +144,6 @@ function dol_loginfunction($langs,$conf,$mysoc)
$dol_url_root = DOL_URL_ROOT;
- $php_self = $_SERVER['PHP_SELF'];
- $php_self.= $_SERVER["QUERY_STRING"]?'?'.$_SERVER["QUERY_STRING"]:'';
- if (! preg_match('/mainmenu=/',$php_self)) $php_self.=(preg_match('/\?/',$php_self)?'&':'?').'mainmenu=home';
-
// Title
$appli=constant('DOL_APPLICATION_TITLE');
$title=$appli.' '.constant('DOL_VERSION');
diff --git a/htdocs/core/modules/modBlockedLog.class.php b/htdocs/core/modules/modBlockedLog.class.php
index f3f3be971b5..3125627c007 100644
--- a/htdocs/core/modules/modBlockedLog.class.php
+++ b/htdocs/core/modules/modBlockedLog.class.php
@@ -65,9 +65,9 @@ class modBlockedLog extends DolibarrModules
// Dependancies
//-------------
$this->hidden = false; // A condition to disable module
- $this->depends = array('modFacture'); // List of modules id that must be enabled if this module is enabled
- $this->requiredby = array(); // List of modules id to disable if this one is disabled
- $this->conflictwith = array(); // List of modules id this module is in conflict with
+ $this->depends = array('always'=>'modFacture'); // List of modules id that must be enabled if this module is enabled
+ $this->requiredby = array(); // List of modules id to disable if this one is disabled
+ $this->conflictwith = array(); // List of modules id this module is in conflict with
$this->langfiles = array();
// Constants
diff --git a/htdocs/core/modules/modCashDesk.class.php b/htdocs/core/modules/modCashDesk.class.php
index ec8764c9017..e5ba473c1c7 100644
--- a/htdocs/core/modules/modCashDesk.class.php
+++ b/htdocs/core/modules/modCashDesk.class.php
@@ -65,11 +65,13 @@ class modCashDesk extends DolibarrModules
$this->config_page_url = array("cashdesk.php@cashdesk");
// Dependencies
- $this->depends = array("modBanque","modFacture","modProduct"); // List of modules id that must be enabled if this module is enabled
- $this->requiredby = array(); // List of modules id to disable if this one is disabled
+ $this->depends = array('always'=>"modBanque", 'always'=>"modFacture", 'always'=>"modProduct", 'FR'=>'modBlockedLog'); // List of modules id that must be enabled if this module is enabled
+ $this->requiredby = array(); // List of modules id to disable if this one is disabled
$this->phpmin = array(4,1); // Minimum version of PHP required by module
$this->need_dolibarr_version = array(2,4); // Minimum version of Dolibarr required by module
$this->langfiles = array("cashdesk");
+ $this->warnings_activation = array('FR'=>'WarningNoteModulePOSForFrenchLaw'); // Warning to show when we activate module. array('always'='text') or array('FR'='text')
+ $this->warnings_activation_ext = array('FR'=>'WarningInstallationMayBecomeNotCompliantWithLaw'); // Warning to show when we activate an external module. array('always'='text') or array('FR'='text')
// Constants
$this->const = array();
diff --git a/htdocs/core/modules/modFacture.class.php b/htdocs/core/modules/modFacture.class.php
index 3af85a1944d..40e2a03d161 100644
--- a/htdocs/core/modules/modFacture.class.php
+++ b/htdocs/core/modules/modFacture.class.php
@@ -64,14 +64,13 @@ class modFacture extends DolibarrModules
$this->dirs = array("/facture/temp");
// Dependencies
- $this->depends = array('always'=>"modSociete", 'FR'=>'modBlockedLog');
+ $this->depends = array('always'=>"modSociete");
$this->requiredby = array("modComptabilite","modAccounting");
$this->conflictwith = array();
$this->langfiles = array("bills","companies","compta","products");
- $this->warnings_activation = array('FR'=>'WarningNoteModuleInvoiceForFrenchLaw'); // Warning to show when we activate module. array('always'='text') or array('FR'='text')
- $this->warnings_activation = array();
- $this->warnings_activation_ext = array('FR'=>'WarningInstallationMayBecomeNotCompliantWithLaw'); // Warning to show when we activate an external module. array('always'='text') or array('FR'='text')
-
+ $this->warnings_activation = array(); // Warning to show when we activate module. array('always'='text') or array('FR'='text')
+ $this->warnings_activation_ext = array(); // Warning to show when we activate an external module. array('always'='text') or array('FR'='text')
+
// Config pages
$this->config_page_url = array("facture.php");
@@ -99,7 +98,7 @@ class modFacture extends DolibarrModules
$this->const[$r][3] = "";
$this->const[$r][4] = 0;
$r++;
-
+
/*$this->const[$r][0] = "FACTURE_DRAFT_WATERMARK";
$this->const[$r][1] = "chaine";
$this->const[$r][2] = "__(Draft)__";
@@ -107,7 +106,7 @@ class modFacture extends DolibarrModules
$this->const[$r][4] = 0;
$r++;*/
-
+
// Boxes
//$this->boxes = array(0=>array(1=>'box_factures_imp.php'),1=>array(1=>'box_factures.php'));
$this->boxes = array(
@@ -116,16 +115,16 @@ class modFacture extends DolibarrModules
2=>array('file'=>'box_graph_invoices_permonth.php','enabledbydefaulton'=>'Home')
);
- // Cronjobs
+ // Cronjobs
$this->cronjobs = array(
- 0=>array('label'=>'RecurringInvoices', 'jobtype'=>'method', 'class'=>'compta/facture/class/facture-rec.class.php', 'objectname'=>'FactureRec', 'method'=>'createRecurringInvoices', 'parameters'=>'', 'comment'=>'Generate recurring invoices', 'frequency'=>1, 'unitfrequency'=>3600*24),
+ 0=>array('label'=>'RecurringInvoices', 'jobtype'=>'method', 'class'=>'compta/facture/class/facture-rec.class.php', 'objectname'=>'FactureRec', 'method'=>'createRecurringInvoices', 'parameters'=>'', 'comment'=>'Generate recurring invoices', 'frequency'=>1, 'unitfrequency'=>3600*24),
// 1=>array('label'=>'My label', 'jobtype'=>'command', 'command'=>'', 'parameters'=>'', 'comment'=>'Comment', 'frequency'=>3600, 'unitfrequency'=>3600)
- );
- // List of cron jobs entries to add
- // Example:
+ );
+ // List of cron jobs entries to add
+ // Example:
// $this->cronjobs=array(
- // 0=>array('label'=>'My label', 'jobtype'=>'method', 'class'=>'MyClass', 'method'=>'myMethod', 'parameters'=>'', 'comment'=>'Comment', 'frequency'=>1, 'unitfrequency'=>3600),
- // 1=>array('label'=>'My label', 'jobtype'=>'command', 'command'=>'', 'parameters'=>'', 'comment'=>'Comment', 'frequency'=>1, 'unitfrequency'=>3600)
+ // 0=>array('label'=>'My label', 'jobtype'=>'method', 'class'=>'MyClass', 'method'=>'myMethod', 'parameters'=>'', 'comment'=>'Comment', 'frequency'=>1, 'unitfrequency'=>3600),
+ // 1=>array('label'=>'My label', 'jobtype'=>'command', 'command'=>'', 'parameters'=>'', 'comment'=>'Comment', 'frequency'=>1, 'unitfrequency'=>3600)
// );
// Permissions
@@ -206,8 +205,8 @@ class modFacture extends DolibarrModules
// Menus
//-------
$this->menu = 1; // This module add menu entries. They are coded into menu manager.
-
-
+
+
// Exports
//--------
$r=1;
diff --git a/htdocs/core/tpl/ajax/fileupload_main.tpl.php b/htdocs/core/tpl/ajax/fileupload_main.tpl.php
index b7437af4616..034e9ebc3fc 100644
--- a/htdocs/core/tpl/ajax/fileupload_main.tpl.php
+++ b/htdocs/core/tpl/ajax/fileupload_main.tpl.php
@@ -45,7 +45,7 @@ $(function () {
// Events
$('#fileupload').fileupload({
stop: function (e, data) {
- location.href='';
+ location.href='';
},
destroy: function (e, data) {
var that = $(this).data('fileupload');
diff --git a/htdocs/core/tpl/ajaxrow.tpl.php b/htdocs/core/tpl/ajaxrow.tpl.php
index 96be9b49196..a5d8ab039b8 100644
--- a/htdocs/core/tpl/ajaxrow.tpl.php
+++ b/htdocs/core/tpl/ajaxrow.tpl.php
@@ -63,7 +63,7 @@ $(document).ready(function(){
function() {
console.log("tableDND end of ajax call");
if (reloadpage == 1) {
- location.href = '';
+ location.href = '';
} else {
$("# .drag").each(
function( intIndex ) {
diff --git a/htdocs/core/tpl/login.tpl.php b/htdocs/core/tpl/login.tpl.php
index 81e3936d300..9cddb8d183d 100644
--- a/htdocs/core/tpl/login.tpl.php
+++ b/htdocs/core/tpl/login.tpl.php
@@ -31,6 +31,10 @@ if (GETPOST('dol_use_jmobile')) $conf->dol_use_jmobile=1;
// If we force to use jmobile, then we reenable javascript
if (! empty($conf->dol_use_jmobile)) $conf->use_javascript_ajax=1;
+$php_self = dol_escape_htmltag($_SERVER['PHP_SELF']);
+$php_self.= dol_escape_htmltag($_SERVER["QUERY_STRING"])?'?'.dol_escape_htmltag($_SERVER["QUERY_STRING"]):'';
+if (! preg_match('/mainmenu=/',$php_self)) $php_self.=(preg_match('/\?/',$php_self)?'&':'?').'mainmenu=home';
+
// Javascript code on logon page only to detect user tz, dst_observed, dst_first, dst_second
$arrayofjs=array(
'/includes/jstz/jstz.min.js'.(empty($conf->dol_use_jmobile)?'':'?version='.urlencode(DOL_VERSION)),
@@ -82,7 +86,7 @@ $(document).ready(function () {
';
-echo dol_escape_htmltag($title);
+echo dol_escape_htmltag($title);
if ($disablenofollow) echo '';
?>
diff --git a/htdocs/core/tpl/passwordforgotten.tpl.php b/htdocs/core/tpl/passwordforgotten.tpl.php
index ad29cbfcd3d..96e8b467a02 100644
--- a/htdocs/core/tpl/passwordforgotten.tpl.php
+++ b/htdocs/core/tpl/passwordforgotten.tpl.php
@@ -28,6 +28,9 @@ if (GETPOST('dol_use_jmobile')) $conf->dol_use_jmobile=1;
// If we force to use jmobile, then we reenable javascript
if (! empty($conf->dol_use_jmobile)) $conf->use_javascript_ajax=1;
+$php_self = $_SERVER['PHP_SELF'];
+$php_self.= dol_escape_htmltag($_SERVER["QUERY_STRING"])?'?'.dol_escape_htmltag($_SERVER["QUERY_STRING"]):'';
+
print top_htmlhead('',$langs->trans('SendNewPassword'));
?>
@@ -56,7 +59,7 @@ $(document).ready(function () {
';
-echo dol_escape_htmltag($title);
+echo dol_escape_htmltag($title);
if ($disablenofollow) echo '';
?>
@@ -96,7 +99,7 @@ if (! empty($hookmanager->resArray['options'])) {
}
?>
-'."\n";
+//print ''."\n";
// Load original field value
if (isset($action) && ! empty($action))
diff --git a/htdocs/expensereport/ajax/ajaxprojet.php b/htdocs/expensereport/ajax/ajaxprojet.php
index 6b9dd7e062f..423677c5da5 100644
--- a/htdocs/expensereport/ajax/ajaxprojet.php
+++ b/htdocs/expensereport/ajax/ajaxprojet.php
@@ -46,7 +46,7 @@ require '../../main.inc.php';
//top_htmlhead("", "", 1); // Replaced with top_httphead. An ajax page does not need html header.
top_httphead();
-//print ''."\n";
+//print ''."\n";
dol_syslog(join(',',$_GET));
diff --git a/htdocs/externalsite/frames.php b/htdocs/externalsite/frames.php
index adf9d547073..6005b8e55b6 100644
--- a/htdocs/externalsite/frames.php
+++ b/htdocs/externalsite/frames.php
@@ -34,8 +34,8 @@ if (empty($conf->global->EXTERNALSITE_URL))
llxFooter();
}
-$mainmenu=GETPOST('mainmenu', 'alpha');
-$leftmenu=GETPOST('leftmenu', 'alpha');
+$mainmenu=GETPOST('mainmenu', "aZ09");
+$leftmenu=GETPOST('leftmenu', "aZ09");
$idmenu=GETPOST('idmenu', 'int');
$theme=GETPOST('theme', 'alpha');
$codelang=GETPOST('lang', 'aZ09');
diff --git a/htdocs/fourn/ajax/getSupplierPrices.php b/htdocs/fourn/ajax/getSupplierPrices.php
index 817f83f7ab6..a3990333d46 100644
--- a/htdocs/fourn/ajax/getSupplierPrices.php
+++ b/htdocs/fourn/ajax/getSupplierPrices.php
@@ -46,7 +46,7 @@ $langs->load('margins');
top_httphead();
-//print ''."\n";
+//print ''."\n";
if ($idprod > 0)
{
@@ -55,7 +55,7 @@ if ($idprod > 0)
$sorttouse = 's.nom, pfp.quantity, pfp.price';
if (GETPOST('bestpricefirst')) $sorttouse = 'pfp.unitprice, s.nom, pfp.quantity, pfp.price';
-
+
$productSupplierArray = $producttmp->list_product_fournisseur_price($idprod, $sorttouse); // We list all price per supplier, and then firstly with the lower quantity. So we can choose first one with enough quantity into list.
if ( is_array($productSupplierArray))
{
@@ -63,34 +63,34 @@ if ($idprod > 0)
{
$price = $productSupplier->fourn_price * (1 - $productSupplier->fourn_remise_percent / 100);
$unitprice = $productSupplier->fourn_unitprice * (1 - $productSupplier->fourn_remise_percent / 100);
-
+
$title = $productSupplier->fourn_name.' - '.$productSupplier->fourn_ref.' - ';
-
+
if ($productSupplier->fourn_qty == 1)
{
$title.= price($price,0,$langs,0,0,-1,$conf->currency)."/";
}
$title.= $productSupplier->fourn_qty.' '.($productSupplier->fourn_qty == 1 ? $langs->trans("Unit") : $langs->trans("Units"));
-
+
if ($productSupplier->fourn_qty > 1)
{
$title.=" - ";
$title.= price($unitprice,0,$langs,0,0,-1,$conf->currency)."/".$langs->trans("Unit");
$price = $unitprice;
}
-
+
$label = price($price,0,$langs,0,0,-1,$conf->currency)."/".$langs->trans("Unit");
if ($productSupplier->fourn_ref) $label.=' ('.$productSupplier->fourn_ref.')';
-
+
$prices[] = array("id" => $productSupplier->product_fourn_price_id, "price" => price2num($price,0,'',0), "label" => $label, "title" => $title); // For price field, we must use price2num(), for label or title, price()
}
}
-
+
// Add price for costprice
$price=$producttmp->cost_price;
$prices[] = array("id" => 'costprice', "price" => price2num($price), "label" => $langs->trans("CostPrice").': '.price($price,0,$langs,0,0,-1,$conf->currency), "title" => $langs->trans("PMPValueShort").': '.price($price,0,$langs,0,0,-1,$conf->currency)); // For price field, we must use price2num(), for label or title, price()
- if(!empty($conf->stock->enabled))
+ if(!empty($conf->stock->enabled))
{
// Add price for pmp
$price=$producttmp->pmp;
diff --git a/htdocs/holiday/list.php b/htdocs/holiday/list.php
index fa77287cbf4..e5afb2cfa42 100644
--- a/htdocs/holiday/list.php
+++ b/htdocs/holiday/list.php
@@ -168,7 +168,7 @@ if($year_create > 0) {
}
} else {
if($month_create > 0) {
- $filter.= " AND date_format(cp.date_create, '%m') = '$month_create'";
+ $filter.= " AND date_format(cp.date_create, '%m') = '".$db->escape($month_create)."'";
}
}
@@ -302,7 +302,7 @@ print '';
// DATE CREATE
print '
';
}
print '"';
diff --git a/htdocs/install/mysql/migration/6.0.0-7.0.0.sql b/htdocs/install/mysql/migration/6.0.0-7.0.0.sql
deleted file mode 100644
index 545b52ea4a7..00000000000
--- a/htdocs/install/mysql/migration/6.0.0-7.0.0.sql
+++ /dev/null
@@ -1,64 +0,0 @@
---
--- Be carefull to requests order.
--- This file must be loaded by calling /install/index.php page
--- when current version is 6.0.0 or higher.
---
--- To rename a table: ALTER TABLE llx_table RENAME TO llx_table_new;
--- To add a column: ALTER TABLE llx_table ADD COLUMN newcol varchar(60) NOT NULL DEFAULT '0' AFTER existingcol;
--- To rename a column: ALTER TABLE llx_table CHANGE COLUMN oldname newname varchar(60);
--- To drop a column: ALTER TABLE llx_table DROP COLUMN oldname;
--- To change type of field: ALTER TABLE llx_table MODIFY COLUMN name varchar(60);
--- To drop a foreign key: ALTER TABLE llx_table DROP FOREIGN KEY fk_name;
--- To drop an index: -- VMYSQL4.0 DROP INDEX nomindex on llx_table
--- To drop an index: -- VPGSQL8.0 DROP INDEX nomindex
--- To restrict request to Mysql version x.y minimum use -- VMYSQLx.y
--- To restrict request to Pgsql version x.y minimum use -- VPGSQLx.y
--- To make pk to be auto increment (mysql): -- VMYSQL4.3 ALTER TABLE llx_c_shipment_mode CHANGE COLUMN rowid rowid INTEGER NOT NULL AUTO_INCREMENT;
--- To make pk to be auto increment (postgres): -- VPGSQL8.2 NOT POSSIBLE. MUST DELETE/CREATE TABLE
--- To set a field as NULL: -- VMYSQL4.3 ALTER TABLE llx_table MODIFY COLUMN name varchar(60) NULL;
--- To set a field as NULL: -- VPGSQL8.2 ALTER TABLE llx_table ALTER COLUMN name DROP NOT NULL;
--- To set a field as NOT NULL: -- VMYSQL4.3 ALTER TABLE llx_table MODIFY COLUMN name varchar(60) NOT NULL;
--- To set a field as NOT NULL: -- VPGSQL8.2 ALTER TABLE llx_table ALTER COLUMN name SET NOT NULL;
--- To set a field as default NULL: -- VPGSQL8.2 ALTER TABLE llx_table ALTER COLUMN name SET DEFAULT NULL;
--- Note: fields with type BLOB/TEXT can't have default value.
--- -- VPGSQL8.2 DELETE FROM llx_usergroup_user WHERE fk_user NOT IN (SELECT rowid from llx_user);
--- -- VMYSQL4.1 DELETE FROM llx_usergroup_user WHERE fk_usergroup NOT IN (SELECT rowid from llx_usergroup);
-
-
--- Clean corrupted values for tms
--- VMYSQL4.1 SET sql_mode = 'ALLOW_INVALID_DATES';
--- VMYSQL4.1 update llx_opensurvey_sondage set tms = date_fin where DATE(STR_TO_DATE(tms, '%Y-%m-%d')) IS NULL;
--- VMYSQL4.1 SET sql_mode = 'NO_ZERO_DATE';
--- VMYSQL4.1 update llx_opensurvey_sondage set tms = date_fin where DATE(STR_TO_DATE(tms, '%Y-%m-%d')) IS NULL;
--- Remove default not null on date_fin
--- VMYSQL4.3 ALTER TABLE llx_opensurvey_sondage MODIFY COLUMN date_fin DATETIME NULL DEFAULT NULL;
--- VPGSQL8.2 ALTER TABLE llx_opensurvey_sondage ALTER COLUMN date_fin DROP NOT NULL;
-
--- Move real to numeric for more precision for storing monetary amounts (no rouding)
--- https://wiki.dolibarr.org/index.php/Langages_et_normes#Structure_des_tables_et_champs
-ALTER TABLE llx_accounting_bookkeeping MODIFY COLUMN debit numeric(24,8);
-ALTER TABLE llx_accounting_bookkeeping MODIFY COLUMN credit numeric(24,8);
-ALTER TABLE llx_accounting_bookkeeping MODIFY COLUMN montant numeric(24,8);
-ALTER TABLE llx_accounting_bookkeeping MODIFY COLUMN multicurrency_amount numeric(24,8);
-ALTER TABLE llx_blockedlog MODIFY COLUMN amounts numeric(24,8);
-ALTER TABLE llx_chargessociales MODIFY COLUMN amount numeric(24,8);
-ALTER TABLE llx_commande MODIFY COLUMN amount_ht numeric(24,8);
-ALTER TABLE llx_commande_fournisseur MODIFY COLUMN amount_ht numeric(24,8);
-ALTER TABLE llx_don MODIFY COLUMN amount numeric(24,8);
-ALTER TABLE llx_loan_schedule MODIFY COLUMN amount_capital numeric(24,8);
-ALTER TABLE llx_loan_schedule MODIFY COLUMN amount_insurance numeric(24,8);
-ALTER TABLE llx_loan_schedule MODIFY COLUMN amount_interest numeric(24,8);
-ALTER TABLE llx_paiementcharge MODIFY COLUMN amount numeric(24,8);
-ALTER TABLE llx_paiementfourn MODIFY COLUMN amount numeric(24,8);
-ALTER TABLE llx_payment_donation MODIFY COLUMN amount numeric(24,8);
-ALTER TABLE llx_payment_expensereport MODIFY COLUMN amount numeric(24,8);
-ALTER TABLE llx_payment_loan MODIFY COLUMN amount_capital numeric(24,8);
-ALTER TABLE llx_payment_loan MODIFY COLUMN amount_insurance numeric(24,8);
-ALTER TABLE llx_payment_loan MODIFY COLUMN amount_interest numeric(24,8);
-ALTER TABLE llx_payment_salary MODIFY COLUMN salary numeric(24,8);
-ALTER TABLE llx_payment_salary MODIFY COLUMN amount numeric(24,8);
-ALTER TABLE llx_prelevement_bons MODIFY COLUMN amount numeric(24,8);
-ALTER TABLE llx_prelevement_facture_demande MODIFY COLUMN amount numeric(24,8);
-ALTER TABLE llx_prelevement_lignes MODIFY COLUMN amount numeric(24,8);
-ALTER TABLE llx_societe MODIFY COLUMN capital numeric(24,8);
-ALTER TABLE llx_tva MODIFY COLUMN amount numeric(24,8);
diff --git a/htdocs/install/mysql/tables/llx_accounting_bookkeeping.sql b/htdocs/install/mysql/tables/llx_accounting_bookkeeping.sql
index 01ced5b07f4..ad1160c356d 100644
--- a/htdocs/install/mysql/tables/llx_accounting_bookkeeping.sql
+++ b/htdocs/install/mysql/tables/llx_accounting_bookkeeping.sql
@@ -26,17 +26,17 @@ CREATE TABLE llx_accounting_bookkeeping
doc_ref varchar(300) NOT NULL, -- | facture_client/reglement_client/... reference number
fk_doc integer NOT NULL, -- | facture_client/reglement_client/... rowid
fk_docdet integer NOT NULL, -- | facture_client/reglement_client/... line rowid
- thirdparty_code varchar(32), -- Third party code (customer or supplier) when record is saved (may help debug)
+ thirdparty_code varchar(32), -- Third party code (customer or supplier) when record is saved (may help debug)
subledger_account varchar(32), -- FEC:CompAuxNum | account number of subledger account
subledger_label varchar(255), -- FEC:CompAuxLib | label of subledger account
numero_compte varchar(32) NOT NULL, -- FEC:CompteNum | account number
label_compte varchar(255) NOT NULL, -- FEC:CompteLib | label of account
label_operation varchar(255), -- FEC:EcritureLib | label of the operation
- debit numeric(24,8) NOT NULL, -- FEC:Debit
- credit numeric(24,8) NOT NULL, -- FEC:Credit
- montant numeric(24,8) NOT NULL, -- FEC:Montant (Not necessary)
+ debit double NOT NULL, -- FEC:Debit
+ credit double NOT NULL, -- FEC:Credit
+ montant double NOT NULL, -- FEC:Montant (Not necessary)
sens varchar(1) DEFAULT NULL, -- FEC:Sens (Not necessary)
- multicurrency_amount numeric(24,8), -- FEC:Montantdevise
+ multicurrency_amount double, -- FEC:Montantdevise
multicurrency_code varchar(255), -- FEC:Idevise
lettering_code varchar(255), -- FEC:EcritureLet
date_lettering datetime, -- FEC:DateLet
diff --git a/htdocs/install/mysql/tables/llx_blockedlog.sql b/htdocs/install/mysql/tables/llx_blockedlog.sql
index 59c8e262817..ae696a0d6d1 100644
--- a/htdocs/install/mysql/tables/llx_blockedlog.sql
+++ b/htdocs/install/mysql/tables/llx_blockedlog.sql
@@ -4,7 +4,7 @@ CREATE TABLE llx_blockedlog
rowid integer AUTO_INCREMENT PRIMARY KEY,
tms timestamp DEFAULT CURRENT_TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
action varchar(50),
- amounts numeric(24,8) NOT NULL,
+ amounts real NOT NULL,
signature varchar(100) NOT NULL,
signature_line varchar(100) NOT NULL,
element varchar(50),
diff --git a/htdocs/install/mysql/tables/llx_chargesociales.sql b/htdocs/install/mysql/tables/llx_chargesociales.sql
index 093b635a964..519ceacc9e5 100644
--- a/htdocs/install/mysql/tables/llx_chargesociales.sql
+++ b/htdocs/install/mysql/tables/llx_chargesociales.sql
@@ -34,7 +34,7 @@ create table llx_chargesociales
fk_type integer NOT NULL,
fk_account integer, -- bank account
fk_mode_reglement integer, -- mode de reglement
- amount numeric(24,8) default 0 NOT NULL,
+ amount real default 0 NOT NULL,
paye smallint default 0 NOT NULL,
periode date,
fk_projet integer DEFAULT NULL,
diff --git a/htdocs/install/mysql/tables/llx_commande.sql b/htdocs/install/mysql/tables/llx_commande.sql
index 6964abdcd57..98740c232ac 100644
--- a/htdocs/install/mysql/tables/llx_commande.sql
+++ b/htdocs/install/mysql/tables/llx_commande.sql
@@ -42,7 +42,7 @@ create table llx_commande
fk_user_cloture integer, -- user closing
source smallint, -- not used, except by setting this to 42 for orders coming for replenishment and 0 in other case ?
fk_statut smallint default 0,
- amount_ht numeric(24,8) default 0,
+ amount_ht real default 0,
remise_percent real default 0,
remise_absolue real default 0,
remise real default 0,
diff --git a/htdocs/install/mysql/tables/llx_commande_fournisseur.sql b/htdocs/install/mysql/tables/llx_commande_fournisseur.sql
index 24158903eb1..6d291dcfa00 100644
--- a/htdocs/install/mysql/tables/llx_commande_fournisseur.sql
+++ b/htdocs/install/mysql/tables/llx_commande_fournisseur.sql
@@ -46,7 +46,7 @@ create table llx_commande_fournisseur
source smallint NOT NULL, -- not used, except by setting this to 42 for orders coming for replenishment and 0 in other case ?
fk_statut smallint default 0,
billed smallint default 0,
- amount_ht numeric(24,8) default 0,
+ amount_ht real default 0,
remise_percent real default 0,
remise real default 0,
tva double(24,8) default 0,
diff --git a/htdocs/install/mysql/tables/llx_don.sql b/htdocs/install/mysql/tables/llx_don.sql
index 63b2cd111ea..b7b7c89f9cd 100644
--- a/htdocs/install/mysql/tables/llx_don.sql
+++ b/htdocs/install/mysql/tables/llx_don.sql
@@ -28,7 +28,7 @@ create table llx_don
tms timestamp,
fk_statut smallint NOT NULL DEFAULT 0, -- Status of donation promise or validate
datedon datetime, -- Date of the donation/promise
- amount numeric(24,8) DEFAULT 0,
+ amount real DEFAULT 0,
fk_payment integer,
paid smallint default 0 NOT NULL,
firstname varchar(50),
diff --git a/htdocs/install/mysql/tables/llx_loan_schedule.sql b/htdocs/install/mysql/tables/llx_loan_schedule.sql
index eb43238255a..c682b22f276 100644
--- a/htdocs/install/mysql/tables/llx_loan_schedule.sql
+++ b/htdocs/install/mysql/tables/llx_loan_schedule.sql
@@ -24,9 +24,9 @@ create table llx_loan_schedule
datec datetime, -- creation date
tms timestamp,
datep datetime, -- payment date
- amount_capital numeric(24,8) DEFAULT 0,
- amount_insurance numeric(24,8) DEFAULT 0,
- amount_interest numeric(24,8) DEFAULT 0,
+ amount_capital real DEFAULT 0,
+ amount_insurance real DEFAULT 0,
+ amount_interest real DEFAULT 0,
fk_typepayment integer NOT NULL,
num_payment varchar(50),
note_private text,
diff --git a/htdocs/install/mysql/tables/llx_paiementcharge.sql b/htdocs/install/mysql/tables/llx_paiementcharge.sql
index 086bafae0fa..2efca933dba 100644
--- a/htdocs/install/mysql/tables/llx_paiementcharge.sql
+++ b/htdocs/install/mysql/tables/llx_paiementcharge.sql
@@ -23,7 +23,7 @@ create table llx_paiementcharge
datec datetime, -- date de creation
tms timestamp,
datep datetime, -- payment date
- amount numeric(24,8) DEFAULT 0,
+ amount real DEFAULT 0,
fk_typepaiement integer NOT NULL,
num_paiement varchar(50),
note text,
diff --git a/htdocs/install/mysql/tables/llx_paiementfourn.sql b/htdocs/install/mysql/tables/llx_paiementfourn.sql
index 16d63a32076..0e9b1885c97 100644
--- a/htdocs/install/mysql/tables/llx_paiementfourn.sql
+++ b/htdocs/install/mysql/tables/llx_paiementfourn.sql
@@ -25,7 +25,7 @@ create table llx_paiementfourn
tms timestamp,
datec datetime, -- date de creation de l'enregistrement
datep datetime, -- date de paiement
- amount numeric(24,8) DEFAULT 0, -- montant
+ amount real DEFAULT 0, -- montant
multicurrency_amount double(24,8) DEFAULT 0, -- multicurrency amount
fk_user_author integer, -- auteur
fk_paiement integer NOT NULL, -- moyen de paiement
diff --git a/htdocs/install/mysql/tables/llx_payment_donation.sql b/htdocs/install/mysql/tables/llx_payment_donation.sql
index 1859c7aa796..afa5075cd4e 100644
--- a/htdocs/install/mysql/tables/llx_payment_donation.sql
+++ b/htdocs/install/mysql/tables/llx_payment_donation.sql
@@ -23,7 +23,7 @@ create table llx_payment_donation
datec datetime, -- date de creation
tms timestamp,
datep datetime, -- payment date
- amount numeric(24,8) DEFAULT 0,
+ amount real DEFAULT 0,
fk_typepayment integer NOT NULL,
num_payment varchar(50),
note text,
diff --git a/htdocs/install/mysql/tables/llx_payment_expensereport.sql b/htdocs/install/mysql/tables/llx_payment_expensereport.sql
index 1857246e22e..40e39771978 100644
--- a/htdocs/install/mysql/tables/llx_payment_expensereport.sql
+++ b/htdocs/install/mysql/tables/llx_payment_expensereport.sql
@@ -23,7 +23,7 @@ create table llx_payment_expensereport
datec datetime, -- date de creation
tms timestamp,
datep datetime, -- payment date
- amount numeric(24,8) DEFAULT 0,
+ amount real DEFAULT 0,
fk_typepayment integer NOT NULL,
num_payment varchar(50),
note text,
diff --git a/htdocs/install/mysql/tables/llx_payment_loan.sql b/htdocs/install/mysql/tables/llx_payment_loan.sql
index 3b6111a7b2f..d023c039391 100644
--- a/htdocs/install/mysql/tables/llx_payment_loan.sql
+++ b/htdocs/install/mysql/tables/llx_payment_loan.sql
@@ -24,9 +24,9 @@ create table llx_payment_loan
datec datetime, -- creation date
tms timestamp,
datep datetime, -- payment date
- amount_capital numeric(24,8) DEFAULT 0,
- amount_insurance numeric(24,8) DEFAULT 0,
- amount_interest numeric(24,8) DEFAULT 0,
+ amount_capital real DEFAULT 0,
+ amount_insurance real DEFAULT 0,
+ amount_interest real DEFAULT 0,
fk_typepayment integer NOT NULL,
num_payment varchar(50),
note_private text,
diff --git a/htdocs/install/mysql/tables/llx_payment_salary.sql b/htdocs/install/mysql/tables/llx_payment_salary.sql
index 3b6da16b9cb..38364c6812e 100644
--- a/htdocs/install/mysql/tables/llx_payment_salary.sql
+++ b/htdocs/install/mysql/tables/llx_payment_salary.sql
@@ -24,8 +24,8 @@ create table llx_payment_salary
fk_user integer NOT NULL,
datep date, -- date de paiement
datev date, -- date de valeur (this field should not be here, only into bank tables)
- salary numeric(24,8), -- salary of user when payment was done
- amount numeric(24,8) NOT NULL DEFAULT 0,
+ salary real, -- salary of user when payment was done
+ amount real NOT NULL DEFAULT 0,
fk_typepayment integer NOT NULL,
num_payment varchar(50), -- ref
label varchar(255),
diff --git a/htdocs/install/mysql/tables/llx_prelevement_bons.sql b/htdocs/install/mysql/tables/llx_prelevement_bons.sql
index 40fff2e842d..e92342eb001 100644
--- a/htdocs/install/mysql/tables/llx_prelevement_bons.sql
+++ b/htdocs/install/mysql/tables/llx_prelevement_bons.sql
@@ -29,7 +29,7 @@ create table llx_prelevement_bons
ref varchar(12), -- reference
entity integer DEFAULT 1 NOT NULL, -- multi company id
datec datetime, -- date de creation
- amount numeric(24,8) DEFAULT 0, -- montant total du prelevement
+ amount real DEFAULT 0, -- montant total du prelevement
statut smallint DEFAULT 0, -- statut
credite smallint DEFAULT 0, -- indique si le prelevement a ete credite
note text,
diff --git a/htdocs/install/mysql/tables/llx_prelevement_facture_demande.sql b/htdocs/install/mysql/tables/llx_prelevement_facture_demande.sql
index 1d1b59bf3f5..3bdc0e2ed81 100644
--- a/htdocs/install/mysql/tables/llx_prelevement_facture_demande.sql
+++ b/htdocs/install/mysql/tables/llx_prelevement_facture_demande.sql
@@ -21,7 +21,7 @@ create table llx_prelevement_facture_demande
(
rowid integer AUTO_INCREMENT PRIMARY KEY,
fk_facture integer NOT NULL,
- amount numeric(24,8) NOT NULL,
+ amount real NOT NULL,
date_demande datetime NOT NULL,
traite smallint DEFAULT 0,
date_traite datetime,
diff --git a/htdocs/install/mysql/tables/llx_prelevement_lignes.sql b/htdocs/install/mysql/tables/llx_prelevement_lignes.sql
index 448b3846d71..04b6e1ebf5e 100644
--- a/htdocs/install/mysql/tables/llx_prelevement_lignes.sql
+++ b/htdocs/install/mysql/tables/llx_prelevement_lignes.sql
@@ -24,7 +24,7 @@ create table llx_prelevement_lignes
statut smallint DEFAULT 0,
client_nom varchar(255),
- amount numeric(24,8) DEFAULT 0,
+ amount real DEFAULT 0,
code_banque varchar(128),
code_guichet varchar(6),
number varchar(255),
diff --git a/htdocs/install/mysql/tables/llx_societe.sql b/htdocs/install/mysql/tables/llx_societe.sql
index 7c88a74de07..20440b692d7 100644
--- a/htdocs/install/mysql/tables/llx_societe.sql
+++ b/htdocs/install/mysql/tables/llx_societe.sql
@@ -64,7 +64,7 @@ create table llx_societe
idprof5 varchar(128), -- IDProf5: nu for france
idprof6 varchar(128), -- IDProf6: nu for france
tva_intra varchar(20), -- tva
- capital numeric(24,8), -- capital de la societe
+ capital real, -- capital de la societe
fk_stcomm integer DEFAULT 0 NOT NULL, -- commercial statut
note_private text, --
note_public text, --
diff --git a/htdocs/install/mysql/tables/llx_tva.sql b/htdocs/install/mysql/tables/llx_tva.sql
index d2a7b67c835..9abf63d6ad9 100644
--- a/htdocs/install/mysql/tables/llx_tva.sql
+++ b/htdocs/install/mysql/tables/llx_tva.sql
@@ -24,11 +24,11 @@ create table llx_tva
datec datetime, -- Create date
datep date, -- date de paiement
datev date, -- date de valeur
- amount numeric(24,8) NOT NULL DEFAULT 0,
+ amount real NOT NULL DEFAULT 0,
fk_typepayment integer NULL,
num_payment varchar(50),
label varchar(255),
- entity integer DEFAULT 1 NOT NULL, -- multi company id
+ entity integer DEFAULT 1 NOT NULL, -- multi company id
note text,
fk_bank integer,
fk_user_creat integer, -- utilisateur who create record
diff --git a/htdocs/langs/en_US/admin.lang b/htdocs/langs/en_US/admin.lang
index 1aa79c2dced..23b207b4fea 100644
--- a/htdocs/langs/en_US/admin.lang
+++ b/htdocs/langs/en_US/admin.lang
@@ -104,7 +104,7 @@ MenuIdParent=Parent menu ID
DetailMenuIdParent=ID of parent menu (empty for a top menu)
DetailPosition=Sort number to define menu position
AllMenus=All
-NotConfigured=Module not configured
+NotConfigured=Module/Application not configured
Active=Active
SetupShort=Setup
OtherOptions=Other options
@@ -114,7 +114,6 @@ CurrentValueSeparatorThousand=Thousand separator
Destination=Destination
IdModule=Module ID
IdPermissions=Permissions ID
-Modules=Modules
LanguageBrowserParameter=Parameter %s
LocalisationDolibarrParameters=Localisation parameters
ClientTZ=Client Time Zone (user)
@@ -191,7 +190,7 @@ FeatureAvailableOnlyOnStable=Feature only available on official stable versions
Rights=Permissions
BoxesDesc=Widgets are components showing some information that you can add to personalize some pages. You can choose between showing the widget or not by selecting target page and clicking 'Activate', or by clicking the dustbin to disable it.
OnlyActiveElementsAreShown=Only elements from enabled modules are shown.
-ModulesDesc=Dolibarr modules define which application/feature is enabled in software. Some application/modules require permissions you must grant to users, after enabling module. Click on button on/off to enable an application/module.
+ModulesDesc=Dolibarr modules define which application/feature is enabled in software. Some application/modules require permissions you must grant to users, after activating it. Click on button on/off to enable a module/application.
ModulesMarketPlaceDesc=You can find more modules to download on external websites on the Internet...
ModulesDeployDesc=If permissions on your file system allows it, you can use this tool to deploy an external module. The module wil then be visible on the tab %s.
ModulesMarketPlaces=Find external modules...
@@ -271,7 +270,7 @@ FeatureNotAvailableOnLinux=Feature not available on Unix like systems. Test your
SubmitTranslation=If translation for this language is not complete or you find errors, you can correct this by editing files into directory langs/%s and submit your change to www.transifex.com/dolibarr-association/dolibarr/
SubmitTranslationENUS=If translation for this language is not complete or you find errors, you can correct this by editing files into directory langs/%s and submit modified files on dolibarr.org/forum or for developers on github.com/Dolibarr/dolibarr.
ModuleSetup=Module setup
-ModulesSetup=Modules setup
+ModulesSetup=Modules/Application setup
ModuleFamilyBase=System
ModuleFamilyCrm=Customer Relation Management (CRM)
ModuleFamilySrm=Supplier Relation Management (SRM)
@@ -467,7 +466,7 @@ Module30Desc=Invoice and credit note management for customers. Invoice managemen
Module40Name=Suppliers
Module40Desc=Supplier management and buying (orders and invoices)
Module42Name=Logs
-Module42Desc=Logging facilities (file, syslog, ...). Such logs are for technical/debug purposes. For legal purpose, see instead module 'Non Reversible Logs'.
+Module42Desc=Logging facilities (file, syslog, ...). Such logs are for technical/debug purposes.
Module49Name=Editors
Module49Desc=Editor management
Module50Name=Products
@@ -566,7 +565,7 @@ Module2900Desc=GeoIP Maxmind conversions capabilities
Module3100Name=Skype
Module3100Desc=Add a Skype button into users / third parties / contacts / members cards
Module3200Name=Non Reversible Logs
-Module3200Desc=Activate log of some business events into a non reversible log. Events are archived in real-time. The log is a table that can be then exported. This module may be mandatory for some countries.
+Module3200Desc=Activate log of some business events into a non reversible log. Events are archived in real-time. The log is a table of chained event that can be then read and exported. This module may be mandatory for some countries.
Module4000Name=HRM
Module4000Desc=Human resources management (mangement of department, employee contracts and feelings)
Module5000Name=Multi-company
@@ -998,9 +997,9 @@ Delays_MAIN_DELAY_MEMBERS=Tolerance delay (in days) before alert on delayed memb
Delays_MAIN_DELAY_CHEQUES_TO_DEPOSIT=Tolerance delay (in days) before alert for cheques deposit to do
Delays_MAIN_DELAY_EXPENSEREPORTS=Tolerance delay (in days) before alert for expense reports to approve
SetupDescription1=The setup area is for initial setup parameters before starting to use Dolibarr.
-SetupDescription2=The two most important setup steps are the first two in the setup menu on the left: Company/Organisation setup page and Modules setup page:
-SetupDescription3=Parameters in menu Setup -> Company/Organisation are required because submitted data are used on Dolibarr displays and to customize the default behaviour of the software (for country-related features for example).
-SetupDescription4=Parameters in menu Setup -> Modules are required because Dolibarr is not a monolithic ERP/CRM but a collection of several modules, all more or less independent. New features will be added to menus for every module you'll enable.
+SetupDescription2=The two mandatory setup steps are the first two in the setup menu on the left: %s setup page and %s setup page :
+SetupDescription3=Parameters in menu %s -> %s are required because defined data are used on Dolibarr screens and to customize the default behavior of the software (for country-related features for example).
+SetupDescription4=Parameters in menu %s -> %s are required because Dolibarr ERP/CRM is a collection of several modules/applications, all more or less independent. New features will be added to menus for every module you will activate.
SetupDescription5=Other menu entries manage optional parameters.
LogEvents=Security audit events
Audit=Audit
@@ -1016,7 +1015,7 @@ BrowserOS=Browser OS
ListOfSecurityEvents=List of Dolibarr security events
SecurityEventsPurged=Security events purged
LogEventDesc=You can enable here the logging for Dolibarr security events. Administrators can then see its content via menu System tools - Audit. Warning, this feature can consume a large amount of data in database.
-AreaForAdminOnly=Those features can be used by administrator users only.
+AreaForAdminOnly=Setup parameters can be set by administrator users only.
SystemInfoDesc=System information is miscellaneous technical information you get in read only mode and visible for administrators only.
SystemAreaForAdminOnly=This area is available for administrator users only. None of the Dolibarr permissions can reduce this limit.
CompanyFundationDesc=Edit on this page all known information of the company or foundation you need to manage (For this, click on "Modify" or "Save" button at bottom of page)
@@ -1700,7 +1699,8 @@ UserHasNoPermissions=This user has no permission defined
TypeCdr=Use "None" if the date of payment term is date of invoice plus a delta in days (delta is field "Nb of days") Use "At end of month", if, after delta, the date must be increased to reach the end of month (+ an optional "Offset" in days) Use "Current/Next" to have payment term date being the first Nth of the month (N is stored into field "Nb of days")
BaseCurrency=Reference currency of the company (go into setup of company to change this)
WarningNoteModuleInvoiceForFrenchLaw=This module %s is compliant with french laws (Loi Finance 2016).
-WarningInstallationMayBecomeNotCompliantWithLaw=You try to install the module %s that is an external module. Activating an external module means you trust the editor of the module and you are sure that this module does not alterate negatively the behavior of your application and is compliant with laws of your country (%s). If the module bring a non legal feature, you become responsible for the use of a non legal software.
+WarningNoteModulePOSForFrenchLaw=This module %s is compliant with french laws (Loi Finance 2016) because module Non Reversible Logs is automatically activated.
+WarningInstallationMayBecomeNotCompliantWithLaw=You try to install the module %s that is an external module. Activating an external module means you trust the publisher of the module and you are sure that this module does not alterate negatively the behavior of your application and is compliant with laws of your country (%s). If the module bring a non legal feature, you become responsible for the use of a non legal software.
##### Resource ####
ResourceSetup=Configuration du module Resource
UseSearchToSelectResource=Use a search form to choose a resource (rather than a drop-down list).
diff --git a/htdocs/langs/en_US/errors.lang b/htdocs/langs/en_US/errors.lang
index 0f57a23d23c..ac982973ef3 100644
--- a/htdocs/langs/en_US/errors.lang
+++ b/htdocs/langs/en_US/errors.lang
@@ -44,6 +44,7 @@ ErrorFailedToWriteInDir=Failed to write in directory %s
ErrorFoundBadEmailInFile=Found incorrect email syntax for %s lines in file (example line %s with email=%s)
ErrorUserCannotBeDelete=User cannot be deleted. May be it is associated to Dolibarr entities.
ErrorFieldsRequired=Some required fields were not filled.
+ErrorSubjectIsRequired=The email topic is required
ErrorFailedToCreateDir=Failed to create a directory. Check that Web server user has permissions to write into Dolibarr documents directory. If parameter safe_mode is enabled on this PHP, check that Dolibarr php files owns to web server user (or group).
ErrorNoMailDefinedForThisUser=No mail defined for this user
ErrorFeatureNeedJavascript=This feature need javascript to be activated to work. Change this in setup - display.
diff --git a/htdocs/langs/en_US/main.lang b/htdocs/langs/en_US/main.lang
index 8ea14fdb305..a35342f2af9 100644
--- a/htdocs/langs/en_US/main.lang
+++ b/htdocs/langs/en_US/main.lang
@@ -366,7 +366,8 @@ VATRate=Tax Rate
Average=Average
Sum=Sum
Delta=Delta
-Module=Module
+Module=Module/Application
+Modules=Modules/Applications
Option=Option
List=List
FullList=Full list
diff --git a/htdocs/langs/en_US/modulebuilder.lang b/htdocs/langs/en_US/modulebuilder.lang
index adce0950b88..fe636fd4f2d 100644
--- a/htdocs/langs/en_US/modulebuilder.lang
+++ b/htdocs/langs/en_US/modulebuilder.lang
@@ -1,24 +1,36 @@
# Dolibarr language file - Source file is en_US - loan
-ModuleBuilderDesc=This tools give you utilites to build or edit your own module.
-EnterNameOfModuleDesc=Enter name of the module to create with no spaces. Use uppercase to separate words (For example: MyModule, EcommerceForShop, SyncWithMySystem...)
+ModuleBuilderDesc=This tools give you utilites to build or edit your own module (More information here).
+EnterNameOfModuleDesc=Enter name of the module/application to create with no spaces. Use uppercase to separate words (For example: MyModule, EcommerceForShop, SyncWithMySystem...)
+EnterNameOfObjectDesc=Enter name of the object to create with no spaces. Use uppercase to separate words (For example: MyObject, Student, Teacher...)
ModuleBuilderDesc2=Path were modules are generated/edited (first alternative directory defined into %s): %s
ModuleBuilderDesc3=Generated/editable modules found: %s (they are detected as editable when the file %s exists in root of module directory).
NewModule=New module
-ModuleKey=Key for new module
+NewObject=New object
+ModuleKey=Module key
+ObjectKey=Object key
ModuleInitialized=Module initialized
+FilesForObjectInitialized=Files for new object initialized
ModuleBuilderDescdescription=Enter here all general information that describe your module
-ModuleBuilderDescobjects=Define here the new objects you want to manage with your module. A page to list them and a page to create/edit/view a card will be generated.
+ModuleBuilderDescobjects=Define here the objects you want to manage with your module. A sql file, a page to list them, to create/edit/view a card and an API will be generated.
ModuleBuilderDescmenus=This tab is dedicated to define menu entries provided by your module.
ModuleBuilderDescpermissions=This tab is dedicated to define the new permissions you want to provide with your module.
ModuleBuilderDesctriggers=This is the view of triggers provided by your module. To include code executed when a triggered business event is launched, just edit this file with your IDE.
ModuleBuilderDeschooks=This tab is dedicated to hooks.
ModuleBuilderDescwidgets=This tab is dedicated to manage/build widgets.
-ModuleBuilderDescbuildpackage=You can generate here a "ready to distribute" package file (a normalized .zip file) of your module. Just click on button to get your module package file.
-ModuleBuilderDescdangerzone=You can delete your module. WARNING: All files of module will be definetly lost !
+ModuleBuilderDescbuildpackage=You can generate here a "ready to distribute" package file (a normalized .zip file) of your module. Just click on button to build the module package file.
+EnterNameOfModuleToDeleteDesc=You can delete your module. WARNING: All files of module will be definitly lost !
+EnterNameOfObjectToDeleteDesc=You can delete an object. WARNING: All files related to object will be definitly lost !
DangerZone=Danger zone
BuildPackage=Build package
ModuleIsNotActive=This module was not activated yet (go into Home-Setup-Module to make it live)
ModuleIsLive=This module has been activated. Any change on it may break a current active feature.
DescriptionLong=Long description
EditorName=Name of editor
-EditorUrl=URL of editor
\ No newline at end of file
+EditorUrl=URL of editor
+DescriptorFile=Descriptor file of module
+ClassFile=File for PHP class
+ApiClassFile=File for PHP API class
+PageForList=PHP page for list of record
+PageForCreateEditView=PHP page to create/edit/view a record
+PathToModulePackage=Path to zip of module/application package
+SpaceOrSpecialCharAreNotAllowed=Spaces or special characters are not allowed.
\ No newline at end of file
diff --git a/htdocs/langs/en_US/other.lang b/htdocs/langs/en_US/other.lang
index a14bfffffb6..e15d490c0f2 100644
--- a/htdocs/langs/en_US/other.lang
+++ b/htdocs/langs/en_US/other.lang
@@ -81,6 +81,7 @@ PredefinedMailContentSendSupplierInvoice=__CONTACTCIVNAME__\n\nYou will find her
PredefinedMailContentSendShipping=__CONTACTCIVNAME__\n\nYou will find here the shipping __SHIPPINGREF__\n\n__PERSONALIZED__Sincerely\n\n__SIGNATURE__
PredefinedMailContentSendFichInter=__CONTACTCIVNAME__\n\nYou will find here the intervention __FICHINTERREF__\n\n__PERSONALIZED__Sincerely\n\n__SIGNATURE__
PredefinedMailContentThirdparty=__CONTACTCIVNAME__\n\n__PERSONALIZED__\n\n__SIGNATURE__
+PredefinedMailContentUser=aa__PERSONALIZED__\n\n__SIGNATURE__
DemoDesc=Dolibarr is a compact ERP/CRM supporting several business modules. A demo showcasing all modules makes no sense as this scenario never occurs (several hundred available). So, several demo profiles are available.
ChooseYourDemoProfil=Choose the demo profile that best suits your needs...
ChooseYourDemoProfilMore=...or build your own profile (manual module selection)
@@ -123,6 +124,7 @@ WeightUnitkg=kg
WeightUnitg=g
WeightUnitmg=mg
WeightUnitpound=pound
+WeightUnitounce=ounce
Length=Length
LengthUnitm=m
LengthUnitdm=dm
diff --git a/htdocs/main.inc.php b/htdocs/main.inc.php
index 33b155bb64c..022aa4d5e44 100644
--- a/htdocs/main.inc.php
+++ b/htdocs/main.inc.php
@@ -97,8 +97,9 @@ function test_sql_and_script_inject($val, $type)
$sql_inj += preg_match('/
+ // become
+ // 
+ $message=preg_replace('/(
+ //