diff --git a/ChangeLog b/ChangeLog index 553e5327366..5fe3c741499 100644 --- a/ChangeLog +++ b/ChangeLog @@ -12,6 +12,61 @@ Upgrading to any other version or any other database system is abolutely require make a Dolibarr upgrade. +***** ChangeLog for 4.0.5 to 4.0.4 ***** +FIX: #6234 +FIX: #6259 +FIX: #6330 +FIX: #6360 +FIX: #6411 +FIX: #6443 +FIX: #6444 +FIX: #6453 +FIX: #6503: SQL error in "Last pending payment invoices" +FIX: #6505 Project elements page shows greyed-out links even if the option to show actions not available is disabled +FIX: #6507: Statistics counter show wrong total Contract numbers when the user does not have full access +FIX: #6533 #6590 +FIX: #6619 Template invoices list do not respect restricted thirdparty user rights +FIX: #6621 Documents tab shows greyed out upload form even if the option to show actions not available is disabled +FIX: add entity param to document link +FIX: Can use quote into supplier ref on order line add +FIX: Change the customer code only if error on duplicate +FIX: Creation of credit note on invoice with deposit stole the discount. +FIX: delete bank class lines when we delete bank_categ +FIX: deletion of bank tag +FIX: detail of deposit and credit not was not visible into final invoice +FIX: Error management during bank account creation +FIX: error management in bank account deletion. +FIX: event status is not modified when assign an user +FIX: forgotten fk_facture_fourn attribute on supplierinvoice line object +FIX: If bank module on, field must be required to register payment of expense report. +FIX: load multicurrency informations on supplier order and bill lines fetch +FIX: Missing total on project overview. +FIX: multicurrency_subprice +FIX: param billed when we change page +FIX: protection against infinite loop on hierarchy +FIX: Supplier Order list filter by project +FIX: the dolCopyDir fails if target dir does not exists. +FIX: use param for http links + +***** ChangeLog for 4.0.4 to 4.0.3 ***** +FIX: #6227 Document models table header "Unit" is shown in 2 lines in Spanish +FIX: #6230 +FIX: #6237 +FIX: #6245 Thirdparty link in supplier invoices list, links to "comm/card" instead of "fourn/card" page +FIX: #6253 Supplier invoice list filter does not respect "thirdparty" filter +FIX: #6277 +FIX: project list and ajax completion return wrong list. +FIX: bug margin calculation by user with multicompany +FIX: Can make a stock transfert on product not on sale/purchase. +FIX: extrafield input for varchar was not working with special char within (ie double quotes) +FIX: javascript error +FIX: link for not found photo when using gravatar. Must use external url. +FIX: Protection so even if link is output for external user, links is disabled. +FIX: repair tool was ko to restore extrafields with type select. +FIX: Security access problem with external users on projects/tasks +FIX: We must not drop extrafield column if there is still record on other entities. +FIX: regression with sedning email when introducing security options to restrict nb of email sending. +t ***** ChangeLog for 4.0.3 to 4.0.2 ***** FIX: #5853 $conf->global->$calc==0 || $conf->global->$calc==1 FIX: #5958 no discount on supplier command made by replenishment diff --git a/dev/initdemo/initdemo.sh b/dev/initdemo/initdemo.sh index 497d3abbf50..940f0b59467 100755 --- a/dev/initdemo/initdemo.sh +++ b/dev/initdemo/initdemo.sh @@ -162,7 +162,7 @@ export res=$? # ---------------------------- copy demo files -export documentdir=`cat $mydir/../../htdocs/conf/conf.php | grep '^\$dolibarr_main_data_root' | sed -e 's/$dolibarr_main_data_root=//' | sed -e 's/;//' | sed -e "s/'//g" ` +export documentdir=`cat $mydir/../../htdocs/conf/conf.php | grep '^\$dolibarr_main_data_root' | sed -e 's/$dolibarr_main_data_root=//' | sed -e 's/;//' | sed -e "s/'//g" | sed -e 's/"//g' ` if [ "x$documentdir" != "x" ] then echo cp -pr $mydir/documents_demo/* "$documentdir/" @@ -174,7 +174,7 @@ then echo cp -pr $mydir/../../doc/images/* "$documentdir/ecm/Images" cp -pr $mydir/../../doc/images/* "$documentdir/ecm/Images" else - echo Detection of documents directory failed so demo files were not copied. + echo Detection of documents directory from $mydir failed so demo files were not copied. fi diff --git a/htdocs/admin/external_rss.php b/htdocs/admin/external_rss.php index f18a3fe86b6..8e550f98c99 100644 --- a/htdocs/admin/external_rss.php +++ b/htdocs/admin/external_rss.php @@ -46,14 +46,17 @@ $action=GETPOST('action'); */ // positionne la variable pour le nombre de rss externes -$sql ="SELECT MAX(".$db->decrypt('name').") as name FROM ".MAIN_DB_PREFIX."const"; +$sql ="SELECT ".$db->decrypt('name')." as name FROM ".MAIN_DB_PREFIX."const"; $sql.=" WHERE ".$db->decrypt('name')." LIKE 'EXTERNAL_RSS_URLRSS_%'"; -$result=$db->query($sql); +//print $sql; +$result=$db->query($sql); // We can't use SELECT MAX() because EXTERNAL_RSS_URLRSS_10 is lower than EXTERNAL_RSS_URLRSS_9 if ($result) { - $obj = $db->fetch_object($result); - preg_match('/([0-9]+)$/i',$obj->name,$reg); - if ($reg[1]) $lastexternalrss = $reg[1]; + while ($obj = $db->fetch_object($result)) + { + preg_match('/([0-9]+)$/i',$obj->name,$reg); + if ($reg[1] && $reg[1] > $lastexternalrss) $lastexternalrss = $reg[1]; + } } else { diff --git a/htdocs/admin/modules.php b/htdocs/admin/modules.php index 113d12570cb..f3aeb780f76 100644 --- a/htdocs/admin/modules.php +++ b/htdocs/admin/modules.php @@ -193,7 +193,7 @@ foreach ($modulesdir as $dir) } ksort($arrayofnatures); } - + // Define array $categ with categ with at least one qualified module if ($modulequalified > 0) { @@ -315,13 +315,13 @@ if ($mode != 'marketplace') print ''; print ''; print ''; - + $moreforfilter = ''; $moreforfilter.='
'; $moreforfilter.= $langs->trans('Keyword') . ': '; $moreforfilter.= '
'; $moreforfilter.='
'; - $moreforfilter.= $langs->trans('Origin') . ': '.$form->selectarray('search_nature', $arrayofnatures, $search_nature, 1); + $moreforfilter.= $langs->trans('Origin') . ': '.$form->selectarray('search_nature', $arrayofnatures, dol_escape_htmltag($search_nature), 1); $moreforfilter.= '
'; if (! empty($conf->global->MAIN_FEATURES_LEVEL)) { @@ -342,7 +342,7 @@ if ($mode != 'marketplace') $moreforfilter.=' '; $moreforfilter.=''; $moreforfilter.= ''; - + if (! empty($moreforfilter)) { //print '
'; @@ -351,11 +351,11 @@ if ($mode != 'marketplace') $reshook=$hookmanager->executeHooks('printFieldPreListTitle',$parameters); // Note that $action and $object may have been modified by hook print $hookmanager->resPrint; //print '
'; - } - + } + print '


'; - - + + // Show list of modules print ''."\n"; @@ -370,7 +370,7 @@ if ($mode != 'marketplace') $modName = $filename[$key]; $objMod = $modules[$key]; $dirofmodule = $dirmod[$key]; - + $special = $objMod->special; //print $objMod->name." - ".$key." - ".$objMod->special.' - '.$objMod->version."
"; @@ -383,9 +383,9 @@ if ($mode != 'marketplace') dol_syslog("Error for module ".$key." - Property name of module looks empty", LOG_WARNING); continue; } - + $const_name = 'MAIN_MODULE_'.strtoupper(preg_replace('/^mod/i','',get_class($objMod))); - + // Check filters $modulename=$objMod->getName(); $moduledesc=$objMod->getDesc(); @@ -396,7 +396,7 @@ if ($mode != 'marketplace') if ($search_keyword) { $qualified=0; - if (preg_match('/'.preg_quote($search_keyword).'/i', $modulename) + if (preg_match('/'.preg_quote($search_keyword).'/i', $modulename) || preg_match('/'.preg_quote($search_keyword).'/i', $moduledesc) || preg_match('/'.preg_quote($search_keyword).'/i', $moduledesclong) || preg_match('/'.preg_quote($search_keyword).'/i', $moduleauthor) @@ -415,7 +415,7 @@ if ($mode != 'marketplace') { //print $reg[1].'-'.dol_escape_htmltag($objMod->getPublisher()); $publisher=dol_escape_htmltag($objMod->getPublisher()); - if ($reg[1] && $reg[1] != $publisher) continue; + if ($reg[1] && dol_escape_htmltag($reg[1]) != $publisher) continue; if (! $reg[1] && ! empty($publisher)) continue; } if ($search_nature == 'core' && $objMod->isCoreOrExternalModule() == 'external') continue; @@ -496,7 +496,7 @@ if ($mode != 'marketplace') $text=''; if ($objMod->getDescLong()) $text.=$objMod->getDesc().'
'.$objMod->getDescLong().'
'; else $text.=$objMod->getDesc().'
'; - + $textexternal=''; if ($objMod->isCoreOrExternalModule() == 'external') { @@ -522,7 +522,7 @@ if ($mode != 'marketplace') } } else $text.=$langs->trans("No"); - + $text.='
'.$langs->trans("AddDictionaries").': '; if (isset($objMod->dictionaries) && isset($objMod->dictionaries['tablib']) && is_array($objMod->dictionaries['tablib']) && count($objMod->dictionaries['tablib'])) { @@ -534,7 +534,7 @@ if ($mode != 'marketplace') } } else $text.=$langs->trans("No"); - + $text.='
'.$langs->trans("AddBoxes").': '; if (isset($objMod->boxes) && is_array($objMod->boxes) && count($objMod->boxes)) { @@ -553,14 +553,14 @@ if ($mode != 'marketplace') $text.=$langs->trans("Yes"); } else $text.=$langs->trans("No"); - + $text.='
'.$langs->trans("AddSubstitutions").': '; if (isset($objMod->module_parts) && isset($objMod->module_parts['substitutions']) && $objMod->module_parts['substitutions']) { $text.=$langs->trans("Yes"); } else $text.=$langs->trans("No"); - + $text.='
'.$langs->trans("AddSheduledJobs").': '; if (isset($objMod->cronjobs) && is_array($objMod->cronjobs) && count($objMod->cronjobs)) { @@ -572,14 +572,14 @@ if ($mode != 'marketplace') } } else $text.=$langs->trans("No"); - + $text.='
'.$langs->trans("AddTriggers").': '; if (isset($objMod->module_parts) && isset($objMod->module_parts['triggers']) && $objMod->module_parts['triggers']) { $text.=$langs->trans("Yes"); } else $text.=$langs->trans("No"); - + $text.='
'.$langs->trans("AddHooks").': '; if (isset($objMod->module_parts) && is_array($objMod->module_parts['hooks']) && count($objMod->module_parts['hooks'])) { @@ -603,14 +603,14 @@ if ($mode != 'marketplace') } } else $text.=$langs->trans("No"); - + $text.='
'.$langs->trans("AddMenus").': '; if (isset($objMod->menu) && is_array($objMod->menu) && ! empty($objMod->menu)) { $text.=$langs->trans("Yes"); } else $text.=$langs->trans("No"); - + $text.='
'.$langs->trans("AddExportProfiles").': '; if (isset($objMod->export_label) && is_array($objMod->export_label) && count($objMod->export_label)) { @@ -622,7 +622,7 @@ if ($mode != 'marketplace') } } else $text.=$langs->trans("No"); - + $text.='
'.$langs->trans("AddImportProfiles").': '; if (isset($objMod->import_label) && is_array($objMod->import_label) && count($objMod->import_label)) { @@ -634,25 +634,25 @@ if ($mode != 'marketplace') } } else $text.=$langs->trans("No"); - + $text.='
'.$langs->trans("AddOtherPagesOrServices").': '; $text.=$langs->trans("DetectionNotPossible"); - + print $form->textwithpicto('', $text, 1, 'help', 'minheight20'); - // Picto warning + // Picto warning $version=$objMod->getVersion(0); $versiontrans=$objMod->getVersion(1); if (preg_match('/development/i', $version)) print img_warning($langs->trans("Development"), 'style="float: right"'); if (preg_match('/experimental/i', $version)) print img_warning($langs->trans("Experimental"), 'style="float: right"'); if (preg_match('/deprecated/i', $version)) print img_warning($langs->trans("Deprecated"), 'style="float: right"'); - + // Picto external if ($textexternal) print img_picto($langs->trans("ExternalModule",$dirofmodule), 'external', 'style="float: right"'); - - + + print ''; - + // Version print ''; diff --git a/htdocs/comm/action/index.php b/htdocs/comm/action/index.php index 5306300e7b1..bc0f4519b59 100644 --- a/htdocs/comm/action/index.php +++ b/htdocs/comm/action/index.php @@ -933,7 +933,14 @@ if (count($listofextcals)) // Complete $eventarray with events coming from external module $parameters=array(); $object=null; $reshook=$hookmanager->executeHooks('getCalendarEvents',$parameters,$object,$action); -if (! empty($hookmanager->resArray['eventarray'])) $eventarray=array_merge($eventarray, $hookmanager->resArray['eventarray']); +if (! empty($hookmanager->resArray['eventarray'])) { + foreach ($hookmanager->resArray['eventarray'] as $keyDate => $events) { + if (!isset($eventarray[$keyDate])) { + $eventarray[$keyDate]=array(); + } + $eventarray[$keyDate]=array_merge($eventarray[$keyDate], $events); + } +} diff --git a/htdocs/comm/mailing/card.php b/htdocs/comm/mailing/card.php index 3660b560f78..74ed28ba268 100644 --- a/htdocs/comm/mailing/card.php +++ b/htdocs/comm/mailing/card.php @@ -755,7 +755,7 @@ else // MAILING_NO_USING_PHPMAIL may be defined or not. // MAILING_LIMIT_SENDBYWEB is always defined to something != 0 (-1=forbidden). - // MAILING_LIMIT_SENDBYCLI may be defined ot not (-1=forbidden, 0=no limit). + // MAILING_LIMIT_SENDBYCLI may be defined ot not (-1=forbidden, 0 or undefined=no limit). if (! empty($conf->global->MAILING_NO_USING_PHPMAIL) && $sendingmode == 'mail') { // EMailing feature may be a spam problem, so when you host several users/instance, having this option may force each user to use their own SMTP agent. @@ -769,8 +769,8 @@ else } else if ($conf->global->MAILING_LIMIT_SENDBYWEB == '-1') { - if (! empty($conf->global->MAILING_LIMIT_WARNING_PHPMAIL) && $sendingmode == 'mail') setEventMessages($conf->global->MAILING_LIMIT_WARNING_PHPMAIL, null, 'warnings'); - if (! empty($conf->global->MAILING_LIMIT_WARNING_NOPHPMAIL) && $sendingmode != 'mail') setEventMessages($conf->global->MAILING_LIMIT_WARNING_NOPHPMAIL, null, 'warnings'); + if (! empty($conf->global->MAILING_LIMIT_WARNING_PHPMAIL) && $sendingmode == 'mail') setEventMessages($langs->transnoentitiesnoconv($conf->global->MAILING_LIMIT_WARNING_PHPMAIL), null, 'warnings'); + if (! empty($conf->global->MAILING_LIMIT_WARNING_NOPHPMAIL) && $sendingmode != 'mail') setEventMessages($langs->transnoentitiesnoconv($conf->global->MAILING_LIMIT_WARNING_NOPHPMAIL), null, 'warnings'); // The feature is forbidden from GUI, we show just message to use from command line. setEventMessages($langs->trans("MailingNeedCommand"), null, 'warnings'); @@ -783,8 +783,8 @@ else } else { - if (! empty($conf->global->MAILING_LIMIT_WARNING_PHPMAIL) && $sendingmode == 'mail') setEventMessages($conf->global->MAILING_LIMIT_WARNING_PHPMAIL, null, 'warnings'); - if (! empty($conf->global->MAILING_LIMIT_WARNING_NOPHPMAIL) && $sendingmode != 'mail') setEventMessages($conf->global->MAILING_LIMIT_WARNING_NOPHPMAIL, null, 'warnings'); + if (! empty($conf->global->MAILING_LIMIT_WARNING_PHPMAIL) && $sendingmode == 'mail') setEventMessages($langs->transnoentitiesnoconv($conf->global->MAILING_LIMIT_WARNING_PHPMAIL), null, 'warnings'); + if (! empty($conf->global->MAILING_LIMIT_WARNING_NOPHPMAIL) && $sendingmode != 'mail') setEventMessages($langs->transnoentitiesnoconv($conf->global->MAILING_LIMIT_WARNING_NOPHPMAIL), null, 'warnings'); $text=''; if ($conf->global->MAILING_LIMIT_SENDBYCLI >= 0) diff --git a/htdocs/comm/propal/class/propal.class.php b/htdocs/comm/propal/class/propal.class.php index d94932d10c8..f272120477f 100644 --- a/htdocs/comm/propal/class/propal.class.php +++ b/htdocs/comm/propal/class/propal.class.php @@ -1136,14 +1136,9 @@ class Propal extends CommonObject } $clonedObj->id=0; + $clonedObj->ref=''; $clonedObj->statut=self::STATUS_DRAFT; - if (empty($conf->global->PROPALE_ADDON) || ! is_readable(DOL_DOCUMENT_ROOT ."/core/modules/propale/".$conf->global->PROPALE_ADDON.".php")) - { - $this->error='ErrorSetupNotComplete'; - return -1; - } - // Clear fields $clonedObj->user_author = $user->id; $clonedObj->user_valid = ''; @@ -1152,12 +1147,6 @@ class Propal extends CommonObject $clonedObj->fin_validite = $clonedObj->date + ($clonedObj->duree_validite * 24 * 3600); if (empty($conf->global->MAIN_KEEP_REF_CUSTOMER_ON_CLONING)) $clonedObj->ref_client = ''; - // Set ref - require_once DOL_DOCUMENT_ROOT ."/core/modules/propale/".$conf->global->PROPALE_ADDON.'.php'; - $obj = $conf->global->PROPALE_ADDON; - $modPropale = new $obj; - $clonedObj->ref = $modPropale->getNextValue($objsoc,$clonedObj); - // Create clone $result=$clonedObj->create($user); diff --git a/htdocs/comm/remx.php b/htdocs/comm/remx.php index 0b9d85dba49..fc9ff9084fd 100644 --- a/htdocs/comm/remx.php +++ b/htdocs/comm/remx.php @@ -114,7 +114,7 @@ if ($action == 'confirm_split' && GETPOST("confirm") == 'yes') $newdiscount2->amount_ttc=price2num($discount->amount_ttc-$newdiscount1->amount_ttc); $newdiscount1->amount_ht=price2num($newdiscount1->amount_ttc/(1+$newdiscount1->tva_tx/100),'MT'); $newdiscount2->amount_ht=price2num($newdiscount2->amount_ttc/(1+$newdiscount2->tva_tx/100),'MT'); - $newdiscount1->amount_tva=price2num($newdiscount1->amount_ttc-$newdiscount2->amount_ht); + $newdiscount1->amount_tva=price2num($newdiscount1->amount_ttc-$newdiscount1->amount_ht); $newdiscount2->amount_tva=price2num($newdiscount2->amount_ttc-$newdiscount2->amount_ht); $db->begin(); diff --git a/htdocs/commande/class/api_commande.class.php b/htdocs/commande/class/api_commande.class.php index 3a029bc0d00..45ef2d4b4f2 100644 --- a/htdocs/commande/class/api_commande.class.php +++ b/htdocs/commande/class/api_commande.class.php @@ -193,7 +193,7 @@ class CommandeApi extends DolibarrApi * @return array Array of order objects */ function getListForSoc($socid = 0) { - return getList(0,"s.rowid","ASC",0,0,$socid); + return $this->getList(0,"s.rowid","ASC",0,0,$socid); } diff --git a/htdocs/commande/class/commande.class.php b/htdocs/commande/class/commande.class.php index e554990892c..268459a3c12 100644 --- a/htdocs/commande/class/commande.class.php +++ b/htdocs/commande/class/commande.class.php @@ -239,7 +239,8 @@ class Commande extends CommonOrder } else { - dol_print_error($this->db,get_class($this)."::getNextNumRef ".$obj->error); + $this->error=$obj->error; + //dol_print_error($this->db,get_class($this)."::getNextNumRef ".$obj->error); return ""; } } diff --git a/htdocs/commande/list.php b/htdocs/commande/list.php index 9c2af5bcd9d..88ba1acd9d3 100644 --- a/htdocs/commande/list.php +++ b/htdocs/commande/list.php @@ -401,6 +401,8 @@ if ($resql) if ($search_total_vat != '') $param.='&search_total_vat='.$search_total_vat; if ($search_total_ttc != '') $param.='&search_total_ttc='.$search_total_ttc; if ($optioncss != '') $param.='&optioncss='.$optioncss; + if ($billed != '') $param.='&billed='.$billed; + // Add $param from extra fields foreach ($search_array_options as $key => $val) { diff --git a/htdocs/compta/bank/card.php b/htdocs/compta/bank/card.php index a29a0d768bd..b3bdde6d555 100644 --- a/htdocs/compta/bank/card.php +++ b/htdocs/compta/bank/card.php @@ -60,10 +60,12 @@ $extrafields = new ExtraFields($db); // fetch optionals attributes and labels $extralabels=$extrafields->fetch_name_optionals_label($account->table_element); + /* * Actions */ -if ($_POST["action"] == 'add') + +if ($action == 'add') { $error=0; @@ -129,6 +131,8 @@ if ($_POST["action"] == 'add') if (! $error) { + $db->begin(); + $id = $account->create($user); if ($id > 0) { @@ -137,15 +141,20 @@ if ($_POST["action"] == 'add') $account->setCategories($categories); $_GET["id"]=$id; // Force chargement page en mode visu + $action=''; + + $db->commit(); } else { + $db->rollback(); + setEventMessages($account->error, $account->errors, 'errors'); $action='create'; // Force chargement page en mode creation } } } -if ($_POST["action"] == 'update' && ! $_POST["cancel"]) +if ($action == 'update' && ! $_POST["cancel"]) { $error=0; @@ -226,15 +235,24 @@ if ($_POST["action"] == 'update' && ! $_POST["cancel"]) } } -if ($_POST["action"] == 'confirm_delete' && $_POST["confirm"] == "yes" && $user->rights->banque->configurer) +if ($action == 'confirm_delete' && $_POST["confirm"] == "yes" && $user->rights->banque->configurer) { // Delete $account = new Account($db); $account->fetch($_GET["id"]); - $account->delete(); + $result = $account->delete($user); - header("Location: ".DOL_URL_ROOT."/compta/bank/index.php"); - exit; + if ($result > 0) + { + setEventMessages($langs->trans("RecordDeleted"), null, 'mesgs'); + header("Location: ".DOL_URL_ROOT."/compta/bank/index.php"); + exit; + } + else + { + setEventMessages($account->error, $account->errors, 'errors'); + $action=''; + } } diff --git a/htdocs/compta/bank/categ.php b/htdocs/compta/bank/categ.php index 48e8e738fef..ae35eee80fa 100644 --- a/htdocs/compta/bank/categ.php +++ b/htdocs/compta/bank/categ.php @@ -72,6 +72,7 @@ if ($categid) { } } + /* * View */ @@ -79,7 +80,7 @@ if ($categid) { llxHeader(); -print load_fiche_titre($langs->trans("Rubriques"), '', 'title_bank.png'); +print load_fiche_titre($langs->trans("RubriquesTransactions"), '', 'title_bank.png'); print ''; print ''; diff --git a/htdocs/compta/bank/class/account.class.php b/htdocs/compta/bank/class/account.class.php index eaa57b1ca30..96661f4074a 100644 --- a/htdocs/compta/bank/class/account.class.php +++ b/htdocs/compta/bank/class/account.class.php @@ -380,7 +380,7 @@ class Account extends CommonObject /** * Add an entry into table ".MAIN_DB_PREFIX."bank * - * @param int $date Date operation + * @param int $date Date operation * @param string $oper 1,2,3,4... (deprecated) or TYP,VIR,PRE,LIQ,VAD,CB,CHQ... * @param string $label Descripton * @param float $amount Amount @@ -596,12 +596,15 @@ class Account extends CommonObject $accline->datec = $this->db->idate($now); $accline->label = '('.$langs->trans("InitialBankBalance").')'; $accline->amount = price2num($this->solde); + $accline->fk_user_author = $user->id; $accline->fk_account = $this->id; $accline->datev = $this->db->idate($this->date_solde); $accline->dateo = $this->db->idate($this->date_solde); $accline->fk_type = 'SOLD'; if ($accline->insert() < 0) { + $this->error = $accline->error; + $this->errors = $accline->errors; return -3; } @@ -947,29 +950,60 @@ class Account extends CommonObject { global $conf; - $sql = "DELETE FROM ".MAIN_DB_PREFIX."bank_account"; - $sql.= " WHERE rowid = ".$this->rowid; - $sql.= " AND entity = ".$conf->entity; - - dol_syslog(get_class($this)."::delete", LOG_DEBUG); - $result = $this->db->query($sql); - if ($result) { - - // Remove extrafields - if ((empty($conf->global->MAIN_EXTRAFIELDS_DISABLED))) // For avoid conflicts if trigger used - { - $result=$this->deleteExtraFields(); - if ($result < 0) - { - dol_syslog(get_class($this)."::delete error -4 ".$this->error, LOG_ERR); - return -1; - } - } - + $error=0; + + $this->db->begin(); + + // Delete link between tag and bank account + if (! $error) + { + //$sql = "DELETE FROM ".MAIN_DB_PREFIX."bank_class"; // No more used + $sql = "DELETE FROM ".MAIN_DB_PREFIX."categorie_account"; + $sql.= " WHERE fk_account = ".$this->id; + + $resql = $this->db->query($sql); + if (!$resql) + { + $error++; + $this->error = "Error ".$this->db->lasterror(); + } + } + + if (! $error) + { + $sql = "DELETE FROM ".MAIN_DB_PREFIX."bank_account"; + $sql.= " WHERE rowid = ".$this->rowid; + + dol_syslog(get_class($this)."::delete", LOG_DEBUG); + $result = $this->db->query($sql); + if ($result) + { + // Remove extrafields + if ((empty($conf->global->MAIN_EXTRAFIELDS_DISABLED))) // For avoid conflicts if trigger used + { + $result=$this->deleteExtraFields(); + if ($result < 0) + { + $error++; + dol_syslog(get_class($this)."::delete error -4 ".$this->error, LOG_ERR); + } + } + } + else + { + $error++; + $this->error = "Error ".$this->db->lasterror(); + } + } + + if (! $error) + { + $this->db->commit(); return 1; } - else { - dol_print_error($this->db); + else + { + $this->db->rollback(); return -1; } } diff --git a/htdocs/compta/bank/class/bankcateg.class.php b/htdocs/compta/bank/class/bankcateg.class.php index 7487e4a9f48..073c28be1ca 100644 --- a/htdocs/compta/bank/class/bankcateg.class.php +++ b/htdocs/compta/bank/class/bankcateg.class.php @@ -188,29 +188,60 @@ class BankCateg // extends CommonObject /** * Delete object in database * - * @param User $user User that delete - * @param int $notrigger 0=launch triggers after, 1=disable triggers - * @return int <0 if KO, >0 if OK + * @param User $user User that delete + * @param int $notrigger 0=launch triggers after, 1=disable triggers + * @return int <0 if KO, >0 if OK */ public function delete(User $user, $notrigger = 0) { global $conf; $error = 0; - $sql = "DELETE FROM ".MAIN_DB_PREFIX."bank_categ"; - $sql .= " WHERE rowid=".$this->id; - $sql .= " AND entity = ".$conf->entity; - $this->db->begin(); - dol_syslog(get_class($this)."::delete", LOG_DEBUG); - $resql = $this->db->query($sql); - if (!$resql) { - $error++; - $this->errors[] = "Error ".$this->db->lasterror(); + // Delete link between tag and bank account + if (! $error) + { + $sql = "DELETE FROM ".MAIN_DB_PREFIX."categorie_account"; + $sql.= " WHERE fk_categorie = ".$this->id; + + $resql = $this->db->query($sql); + if (!$resql) + { + $error++; + $this->errors[] = "Error ".$this->db->lasterror(); + } } - - // Commit or rollback + + // Delete link between tag and bank lines + if (! $error) + { + $sql = "DELETE FROM ".MAIN_DB_PREFIX."bank_class"; + $sql.= " WHERE fk_categ = ".$this->id; + + $resql = $this->db->query($sql); + if (!$resql) + { + $error++; + $this->errors[] = "Error ".$this->db->lasterror(); + } + } + + // Delete bank categ + if (! $error) + { + $sql = "DELETE FROM ".MAIN_DB_PREFIX."bank_categ"; + $sql .= " WHERE rowid=".$this->id; + + $resql = $this->db->query($sql); + if (!$resql) + { + $error++; + $this->errors[] = "Error ".$this->db->lasterror(); + } + } + + // Commit or rollback if ($error) { foreach ($this->errors as $errmsg) { dol_syslog(get_class($this)."::delete ".$errmsg, LOG_ERR); diff --git a/htdocs/compta/facture.php b/htdocs/compta/facture.php index abce93d9d90..f900e2889a3 100644 --- a/htdocs/compta/facture.php +++ b/htdocs/compta/facture.php @@ -812,14 +812,14 @@ if (empty($reshook)) $line->fk_parent_line = $fk_parent_line; $line->subprice =-$line->subprice; // invert price for object - $line->pa_ht = -$line->pa_ht; + $line->pa_ht = $line->pa_ht; // we choosed to have buy/cost price always positive, so no revert of sign here $line->total_ht=-$line->total_ht; $line->total_tva=-$line->total_tva; $line->total_ttc=-$line->total_ttc; $line->total_localtax1=-$line->total_localtax1; $line->total_localtax2=-$line->total_localtax2; - $result = $line->insert(); + $result = $line->insert(0, 1); // When creating credit note with same lines than source, we must ignore error if discount alreayd linked $object->lines[] = $line; // insert new line in current object diff --git a/htdocs/compta/facture/class/facture.class.php b/htdocs/compta/facture/class/facture.class.php index f15526f34ba..ba834856fab 100644 --- a/htdocs/compta/facture/class/facture.class.php +++ b/htdocs/compta/facture/class/facture.class.php @@ -1164,7 +1164,7 @@ class Facture extends CommonInvoice { $this->lines=array(); - $sql = 'SELECT l.rowid, l.fk_product, l.fk_parent_line, l.label as custom_label, l.description, l.product_type, l.price, l.qty, l.tva_tx, '; + $sql = 'SELECT l.rowid, l.fk_facture, l.fk_product, l.fk_parent_line, l.label as custom_label, l.description, l.product_type, l.price, l.qty, l.tva_tx, '; $sql.= ' l.situation_percent, l.fk_prev_id,'; $sql.= ' l.localtax1_tx, l.localtax2_tx, l.localtax1_type, l.localtax2_type, l.remise_percent, l.fk_remise_except, l.subprice,'; $sql.= ' l.rang, l.special_code,'; @@ -1191,6 +1191,7 @@ class Facture extends CommonInvoice $line->id = $objp->rowid; $line->rowid = $objp->rowid; // deprecated + $line->fk_facture = $objp->fk_facture; $line->label = $objp->custom_label; // deprecated $line->desc = $objp->description; // Description line $line->description = $objp->description; // Description line @@ -1443,6 +1444,18 @@ class Facture extends CommonInvoice $facligne->rang=-1; $facligne->info_bits=2; + // Get buy/cost price of invoice that is source of discount + if ($remise->fk_facture_source > 0) + { + $srcinvoice=new Facture($this->db); + $srcinvoice->fetch($remise->fk_facture_source); + $totalcostpriceofinvoice=0; + include_once DOL_DOCUMENT_ROOT.'/core/class/html.formmargin.class.php'; // TODO Move this into commonobject + $formmargin=new FormMargin($this->db); + $arraytmp=$formmargin->getMarginInfosArray($srcinvoice, false); + $facligne->pa_ht = $arraytmp['pa_total']; + } + $facligne->total_ht = -$remise->amount_ht; $facligne->total_tva = -$remise->amount_tva; $facligne->total_ttc = -$remise->amount_ttc; @@ -3003,7 +3016,8 @@ class Facture extends CommonInvoice * set up mask. */ if ($mode != 'last' && !$numref) { - dol_print_error($this->db,"Facture::getNextNumRef ".$obj->error); + $this->error=$obj->error; + //dol_print_error($this->db,"Facture::getNextNumRef ".$obj->error); return ""; } @@ -4083,10 +4097,11 @@ class FactureLigne extends CommonInvoiceLine /** * Insert line into database * - * @param int $notrigger 1 no triggers - * @return int <0 if KO, >0 if OK + * @param int $notrigger 1 no triggers + * @param int $noerrorifdiscountalreadylinked 1=Do not make error if lines is linked to a discount and discount already linked to another + * @return int <0 if KO, >0 if OK */ - function insert($notrigger=0) + function insert($notrigger=0, $noerrorifdiscountalreadylinked=0) { global $langs,$user,$conf; @@ -4230,13 +4245,16 @@ class FactureLigne extends CommonInvoiceLine // Check if discount was found if ($result > 0) { - // Check if discount not already affected to another invoice - if ($discount->fk_facture) + // Check if discount not already affected to another invoice + if ($discount->fk_facture_line > 0) { - $this->error=$langs->trans("ErrorDiscountAlreadyUsed",$discount->id); - dol_syslog(get_class($this)."::insert Error ".$this->error, LOG_ERR); - $this->db->rollback(); - return -3; + if (empty($noerrorifdiscountalreadylinked)) + { + $this->error=$langs->trans("ErrorDiscountAlreadyUsed",$discount->id); + dol_syslog(get_class($this)."::insert Error ".$this->error, LOG_ERR); + $this->db->rollback(); + return -3; + } } else { diff --git a/htdocs/compta/facture/fiche-rec.php b/htdocs/compta/facture/fiche-rec.php index c7bf362ab7d..289ac8d704a 100644 --- a/htdocs/compta/facture/fiche-rec.php +++ b/htdocs/compta/facture/fiche-rec.php @@ -899,7 +899,7 @@ if ($action == 'create') // Bank account if ($object->fk_account > 0) { - print ""; } @@ -1111,7 +1111,7 @@ else print '
'; print $versiontrans; diff --git a/htdocs/admin/tools/update.php b/htdocs/admin/tools/update.php index e306862b67a..c4f63c21c8c 100644 --- a/htdocs/admin/tools/update.php +++ b/htdocs/admin/tools/update.php @@ -69,12 +69,18 @@ if ($action=='install') } else { - if (! preg_match('/\.zip/i',$original_file)) + if (! preg_match('/\.zip$/i',$original_file)) { $langs->load("errors"); setEventMessages($langs->trans("ErrorFileMustBeADolibarrPackage",$original_file), null, 'errors'); $error++; } + if (! preg_match('/module_.*\-[\d]+\.[\d]+.*$/i',$original_file)) + { + $langs->load("errors"); + setEventMessages($langs->trans("ErrorFilenameDosNotMatchDolibarrPackageRules",$original_file, 'module_*-x.y*.zip'), null, 'errors'); + $error++; + } } if (! $error) @@ -117,7 +123,7 @@ if ($action=='install') //var_dump($modulenamedir); if (! dol_is_dir($modulenamedir)) { - setEventMessages($langs->trans("ErrorModuleFileSeemsToHaveAWrongFormat"), null, 'errors'); + setEventMessages($langs->trans("ErrorModuleFileSeemsToHaveAWrongFormat").'
Dir not found: '.$conf->admin->dir_temp.'/'.$tmpdir.'/'.$modulename.'
'.$conf->admin->dir_temp.'/'.$tmpdir.'/htdocs/'.$modulename, null, 'errors'); $error++; } } diff --git a/htdocs/categories/class/categorie.class.php b/htdocs/categories/class/categorie.class.php index 122d62b1d76..c58b3261c5f 100644 --- a/htdocs/categories/class/categorie.class.php +++ b/htdocs/categories/class/categorie.class.php @@ -1489,14 +1489,14 @@ class Categorie extends CommonObject { while (($file = readdir($handle)) !== false) { - if (dol_is_file($dir.$file) && preg_match('/(\.jpg|\.bmp|\.gif|\.png|\.tiff)$/i',$dir.$file)) + if (dol_is_file($dir.$file) && preg_match('/(\.jpeg|\.jpg|\.bmp|\.gif|\.png|\.tiff)$/i',$dir.$file)) { $nbphoto++; $photo = $file; // On determine nom du fichier vignette $photo_vignette=''; - if (preg_match('/(\.jpg|\.bmp|\.gif|\.png|\.tiff)$/i',$photo,$regs)) + if (preg_match('/(\.jpeg|\.jpg|\.bmp|\.gif|\.png|\.tiff)$/i',$photo,$regs)) { $photo_vignette=preg_replace('/'.$regs[0].'/i','',$photo).'_small'.$regs[0]; } @@ -1539,7 +1539,7 @@ class Categorie extends CommonObject dol_delete_file($file,1); // Si elle existe, on efface la vignette - if (preg_match('/(\.jpg|\.bmp|\.gif|\.png|\.tiff)$/i',$filename,$regs)) + if (preg_match('/(\.jpeg|\.jpg|\.bmp|\.gif|\.png|\.tiff)$/i',$filename,$regs)) { $photo_vignette=preg_replace('/'.$regs[0].'/i','',$filename).'_small'.$regs[0]; if (file_exists($dirthumb.$photo_vignette)) diff --git a/htdocs/comm/action/card.php b/htdocs/comm/action/card.php index cd1c9ecfd1b..a6878473fea 100644 --- a/htdocs/comm/action/card.php +++ b/htdocs/comm/action/card.php @@ -853,6 +853,9 @@ if ($id > 0) $result3=$object->fetch_contact(); $result4=$object->fetch_userassigned(); $result5=$object->fetch_optionals($id,$extralabels); + + $percentage=in_array(GETPOST('status'),array(-1,100))?GETPOST('status'):(in_array(GETPOST('complete'),array(-1,100))?GETPOST('complete'):GETPOST("percentage")); // If status is -1 or 100, percentage is not defined and we must use status + if($listUserAssignedUpdated || $donotclearsession) { @@ -1030,7 +1033,7 @@ if ($id > 0) // Status print '
'.$langs->trans("Status").' / '.$langs->trans("Percentage").''; - $percent=GETPOST("percentage")?GETPOST("percentage"):$object->percentage; + $percent = GETPOST("percentage") ? GETPOST("percentage"): $object->percentage; $formactions->form_select_status_action('formaction',$percent,1); print '
".$langs->trans('BankAccount').""; + print "
".$langs->trans('RIB').""; $form->formSelectAccount($_SERVER['PHP_SELF'].'?id='.$object->id, $object->fk_account, 'none'); print "
'; - if ($action != 'classify') { + if ($action != 'classify' && $user->rights->facture->creer) { print ''; @@ -1129,9 +1129,11 @@ else } // Bank Account + $langs->load('banks'); + print '
'; print $langs->trans('Project'); print 'id . '">'; print img_edit($langs->trans('SetProject'), 1); print '
'; print ''; @@ -1384,8 +1386,14 @@ else $sql = "SELECT s.nom as name, s.rowid as socid, f.rowid as facid, f.titre, f.total, f.tva as total_vat, f.total_ttc, f.frequency,"; $sql.= " f.date_last_gen, f.date_when"; $sql.= " FROM ".MAIN_DB_PREFIX."societe as s,".MAIN_DB_PREFIX."facture_rec as f"; + if (! $user->rights->societe->client->voir && ! $socid) { + $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; + } $sql.= " WHERE f.fk_soc = s.rowid"; $sql.= " AND f.entity = ".$conf->entity; + if (! $user->rights->societe->client->voir && ! $socid) { + $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = ".$user->id; + } if ($search_ref) $sql .= natural_search('f.titre', $search_ref); if ($search_societe) $sql .= natural_search('s.nom', $search_societe); if ($search_frequency) $sql .= natural_search('f.frequency', $search_frequency); diff --git a/htdocs/compta/facture/list.php b/htdocs/compta/facture/list.php index 8d0cc61d5d6..59061042e7e 100644 --- a/htdocs/compta/facture/list.php +++ b/htdocs/compta/facture/list.php @@ -703,7 +703,7 @@ if ($search_country) $sql .= " AND s.fk_pays IN (".$search_country.')'; if ($search_type_thirdparty) $sql .= " AND s.fk_typent IN (".$search_type_thirdparty.')'; if ($search_company) $sql .= natural_search('s.nom', $search_company); if ($search_montant_ht != '') $sql.= natural_search('f.total', $search_montant_ht, 1); -if ($search_montant_vat != '') $sql.= natural_search('f.total_vat', $search_montant_vat, 1); +if ($search_montant_vat != '') $sql.= natural_search('f.tva', $search_montant_vat, 1); if ($search_montant_ttc != '') $sql.= natural_search('f.total_ttc', $search_montant_ttc, 1); if ($search_status != '' && $search_status >= 0) { diff --git a/htdocs/compta/paiement.php b/htdocs/compta/paiement.php index fa1341dcbc6..5e73c3dd710 100644 --- a/htdocs/compta/paiement.php +++ b/htdocs/compta/paiement.php @@ -391,10 +391,9 @@ if ($action == 'create' || $action == 'confirm_paiement' || $action == 'add_paie var form = $("#payment_form"); json["invoice_type"] = $("#invoice_type").val(); - json["amountPayment"] = $("#amountpayment").attr("value"); + json["amountPayment"] = $("#amountpayment").attr("value"); json["amounts"] = _elemToJson(form.find("input.amount")); - json["remains"] = _elemToJson(form.find("input.remain]")); - + json["remains"] = _elemToJson(form.find("input.remain")); if (imgId != null) { json["imgClicked"] = imgId; } diff --git a/htdocs/contact/class/contact.class.php b/htdocs/contact/class/contact.class.php index 67039fb2bef..aa5422f0c87 100644 --- a/htdocs/contact/class/contact.class.php +++ b/htdocs/contact/class/contact.class.php @@ -124,12 +124,13 @@ class Contact extends CommonObject $sql.= " FROM ".MAIN_DB_PREFIX."socpeople as sp"; if (!$user->rights->societe->client->voir && !$user->societe_id) { - $sql.= " OUTER JOIN ".MAIN_DB_PREFIX."societe as s ON sp.fk_soc = s.rowid"; - $sql.= " OUTER JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON s.rowid = sc.fk_soc"; - $sql.= " WHERE sc.fk_user = " .$user->id; + $sql.= ", ".MAIN_DB_PREFIX."societe as s"; + $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; + $sql.= " WHERE sp.fk_soc = s.rowid AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; $clause = "AND"; } $sql.= ' '.$clause.' sp.entity IN ('.getEntity($this->element, 1).')'; + $sql.= " AND (sp.priv='0' OR (sp.priv='1' AND sp.fk_user_creat=".$user->id."))"; if ($user->societe_id > 0) $sql.=" AND sp.fk_soc = ".$user->societe_id; $resql=$this->db->query($sql); diff --git a/htdocs/contrat/class/contrat.class.php b/htdocs/contrat/class/contrat.class.php index 81a3d26c818..6ad972a11eb 100644 --- a/htdocs/contrat/class/contrat.class.php +++ b/htdocs/contrat/class/contrat.class.php @@ -2045,7 +2045,7 @@ class Contrat extends CommonObject $sql = "SELECT count(c.rowid) as nb"; $sql.= " FROM ".MAIN_DB_PREFIX."contrat as c"; $sql.= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s ON c.fk_soc = s.rowid"; - if (!$user->rights->contrat->lire && !$user->societe_id) + if (!$user->rights->societe->client->voir && !$user->societe_id) { $sql.= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON s.rowid = sc.fk_soc"; $sql.= " WHERE sc.fk_user = " .$user->id; diff --git a/htdocs/core/boxes/box_factures_imp.php b/htdocs/core/boxes/box_factures_imp.php index 67c4d4dbfcc..d3336500263 100644 --- a/htdocs/core/boxes/box_factures_imp.php +++ b/htdocs/core/boxes/box_factures_imp.php @@ -78,8 +78,9 @@ class box_factures_imp extends ModeleBoxes $sql.= " f.total_ttc,"; $sql.= " f.paye, f.fk_statut, f.rowid as facid"; $sql.= ", sum(pf.amount) as am"; - $sql.= " FROM ".MAIN_DB_PREFIX."societe as s,".MAIN_DB_PREFIX."facture as f"; + $sql.= " FROM ".MAIN_DB_PREFIX."societe as s"; if (!$user->rights->societe->client->voir && !$user->societe_id) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; + $sql.= ", ".MAIN_DB_PREFIX."facture as f"; $sql.= " LEFT JOIN ".MAIN_DB_PREFIX."paiement_facture as pf ON f.rowid=pf.fk_facture "; $sql.= " WHERE f.fk_soc = s.rowid"; $sql.= " AND f.entity = ".$conf->entity; diff --git a/htdocs/core/boxes/box_services_contracts.php b/htdocs/core/boxes/box_services_contracts.php index 9f71a98e77f..752509a0616 100644 --- a/htdocs/core/boxes/box_services_contracts.php +++ b/htdocs/core/boxes/box_services_contracts.php @@ -70,15 +70,12 @@ class box_services_contracts extends ModeleBoxes $sql.= " cd.rowid as cdid, cd.tms as datem, cd.statut, cd.label, cd.description, cd.product_type as type,"; $sql.= " p.rowid as product_id, p.ref as product_ref"; $sql.= " FROM (".MAIN_DB_PREFIX."societe as s"; - $sql.= ", ".MAIN_DB_PREFIX."contrat as c"; - $sql.= ", ".MAIN_DB_PREFIX."contratdet as cd"; + $sql.= " INNER JOIN ".MAIN_DB_PREFIX."contrat as c ON s.rowid = c.fk_soc"; + $sql.= " INNER JOIN ".MAIN_DB_PREFIX."contratdet as cd ON c.rowid = cd.fk_contrat"; $sql.= " LEFT JOIN ".MAIN_DB_PREFIX."product as p ON cd.fk_product = p.rowid"; - if (!$user->rights->societe->client->voir && !$user->societe_id) $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; + if (!$user->rights->societe->client->voir && !$user->societe_id) $sql.= "INNER JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; $sql.= ")"; $sql.= " WHERE c.entity = ".$conf->entity; - $sql.= " AND s.rowid = c.fk_soc"; - $sql.= " AND c.rowid = cd.fk_contrat"; - if (!$user->rights->societe->client->voir && !$user->societe_id) $sql.= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; if($user->societe_id) $sql.= " AND s.rowid = ".$user->societe_id; $sql.= $db->order("c.tms","DESC"); $sql.= $db->plimit($max, 0); diff --git a/htdocs/core/class/CMailFile.class.php b/htdocs/core/class/CMailFile.class.php index 52cce35f0d2..44df05a4d6c 100644 --- a/htdocs/core/class/CMailFile.class.php +++ b/htdocs/core/class/CMailFile.class.php @@ -153,7 +153,7 @@ class CMailFile } if (! empty($conf->global->MAIN_MAIL_FORCE_CONTENT_TYPE_TO_HTML)) $this->msgishtml=1; // To force to send everything with content type html. - + // Detect images if ($this->msgishtml) { @@ -210,7 +210,7 @@ class CMailFile $this->trackid = $trackid; $smtp_headers = $this->write_smtpheaders(); if (! empty($moreinheader)) $smtp_headers.=$moreinheader; - + // Define mime_headers $mime_headers = $this->write_mimeheaders($filename_list, $mimefilename_list); @@ -270,7 +270,7 @@ class CMailFile $smtps->setFrom($this->getValidAddress($from,0,1)); $smtps->setTrackId($trackid); $smtps->setReplyTo($this->getValidAddress($from,0,1)); // Set property with this->smtps->setReplyTo after constructor if you want to use another value than the From - + if (! empty($this->html)) { if (!empty($css)) @@ -365,7 +365,9 @@ class CMailFile { // Use Swift Mailer library // ------------------------------------------ - + + $host = dol_getprefix('email'); + require_once DOL_DOCUMENT_ROOT.'/includes/swiftmailer/lib/swift_required.php'; // Create the message $this->message = Swift_Message::newInstance(); @@ -373,7 +375,7 @@ class CMailFile // Adding a trackid header to a message $headers = $this->message->getHeaders(); $headers->addTextHeader('X-Dolibarr-TRACKID', $trackid); - $headerID = time() . '.swiftmailer-dolibarr-' . $trackid . '@' . $conf->global->MAIN_MAIL_SMTP_SERVER; + $headerID = time() . '.swiftmailer-dolibarr-' . $trackid . '@' . $host; $msgid = $headers->get('Message-ID'); $msgid->setId($headerID); $headers->addIdHeader('References', $headerID); @@ -473,16 +475,16 @@ class CMailFile 'maildao' )); $reshook = $hookmanager->executeHooks('doactions', $parameters, $this, $action); // Note that $action and $object may have been modified by some hooks - if (! empty($reshook)) + if (! empty($reshook)) { $this->error = "Error in hook maildao doactions " . $reshook; dol_syslog("CMailFile::sendfile: mail end error=" . $this->error, LOG_ERR); - + return $reshook; } // Check number of recipient is lower or equal than MAIL_MAX_NB_OF_RECIPIENTS_IN_SAME_EMAIL - if (empty($conf->global->MAIL_MAX_NB_OF_RECIPIENTS_IN_SAME_EMAIL)) $conf->global->MAIL_MAX_NB_OF_RECIPIENTS_IN_SAME_EMAIL=10; + if (empty($conf->global->MAIL_MAX_NB_OF_RECIPIENTS_TO_IN_SAME_EMAIL)) $conf->global->MAIL_MAX_NB_OF_RECIPIENTS_TO_IN_SAME_EMAIL=10; $tmparray1 = explode(',', $this->addr_to); if (count($tmparray1) > $conf->global->MAIL_MAX_NB_OF_RECIPIENTS_TO_IN_SAME_EMAIL) { @@ -490,6 +492,7 @@ class CMailFile dol_syslog("CMailFile::sendfile: mail end error=" . $this->error, LOG_WARNING); return false; } + if (empty($conf->global->MAIL_MAX_NB_OF_RECIPIENTS_CC_IN_SAME_EMAIL)) $conf->global->MAIL_MAX_NB_OF_RECIPIENTS_CC_IN_SAME_EMAIL=10; $tmparray2 = explode(',', $this->addr_cc); if (count($tmparray2) > $conf->global->MAIL_MAX_NB_OF_RECIPIENTS_CC_IN_SAME_EMAIL) { @@ -497,6 +500,7 @@ class CMailFile dol_syslog("CMailFile::sendfile: mail end error=" . $this->error, LOG_WARNING); return false; } + if (empty($conf->global->MAIL_MAX_NB_OF_RECIPIENTS_BCC_IN_SAME_EMAIL)) $conf->global->MAIL_MAX_NB_OF_RECIPIENTS_BCC_IN_SAME_EMAIL=10; $tmparray3 = explode(',', $this->addr_bcc); if (count($tmparray3) > $conf->global->MAIL_MAX_NB_OF_RECIPIENTS_BCC_IN_SAME_EMAIL) { @@ -504,14 +508,14 @@ class CMailFile dol_syslog("CMailFile::sendfile: mail end error=" . $this->error, LOG_WARNING); return false; } + if (empty($conf->global->MAIL_MAX_NB_OF_RECIPIENTS_IN_SAME_EMAIL)) $conf->global->MAIL_MAX_NB_OF_RECIPIENTS_IN_SAME_EMAIL=10; if ((count($tmparray1)+count($tmparray2)+count($tmparray3)) > $conf->global->MAIL_MAX_NB_OF_RECIPIENTS_IN_SAME_EMAIL) { $this->error = 'Too much recipients in to:, cc:, bcc:'; dol_syslog("CMailFile::sendfile: mail end error=" . $this->error, LOG_WARNING); return false; } - - + // Action according to choosed sending method if ($conf->global->MAIN_MAIL_SENDMODE == 'mail') { @@ -553,7 +557,7 @@ class CMailFile $bounce .= ($bounce?' ':'').'-ba'; } dol_syslog("CMailFile::sendfile: mail start HOST=".ini_get('SMTP').", PORT=".ini_get('smtp_port').", additionnal_parameters=".$bounce, LOG_DEBUG); - + $this->message=stripslashes($this->message); if (! empty($conf->global->MAIN_MAIL_DEBUG)) $this->dump_mail(); @@ -873,7 +877,7 @@ class CMailFile // Receiver if (isset($this->addr_cc) && $this->addr_cc) $out.= "Cc: ".$this->getValidAddress($this->addr_cc,2).$this->eol2; - if (isset($this->addr_bcc) && $this->addr_bcc) $out.= "Bcc: ".$this->getValidAddress($this->addr_bcc,2).$this->eol2; // Question: bcc must not be into header, only into SMTP command "RCPT TO". Does php mail support this ? + if (isset($this->addr_bcc) && $this->addr_bcc) $out.= "Bcc: ".$this->getValidAddress($this->addr_bcc,2).$this->eol2; // Question: bcc must not be into header, only into SMTP command "RCPT TO". Does php mail support this ? // Delivery receipt if (isset($this->deliveryreceipt) && $this->deliveryreceipt == 1) $out.= "Disposition-Notification-To: ".$this->getValidAddress($this->addr_from,2).$this->eol2; diff --git a/htdocs/core/class/extrafields.class.php b/htdocs/core/class/extrafields.class.php index 496a8f2e251..0c9e4f3226e 100644 --- a/htdocs/core/class/extrafields.class.php +++ b/htdocs/core/class/extrafields.class.php @@ -739,7 +739,7 @@ class ExtraFields } elseif ($type == 'varchar') { - $out=''; + $out=''; } elseif ($type == 'text') { diff --git a/htdocs/core/class/html.form.class.php b/htdocs/core/class/html.form.class.php index f8fd30b15e3..e787b3a65cc 100644 --- a/htdocs/core/class/html.form.class.php +++ b/htdocs/core/class/html.form.class.php @@ -3150,11 +3150,14 @@ class Form print ''; print '
'; - print $langs->trans('BankAccount'); + print $langs->trans('RIB'); print ''; if (($action != 'editbankaccount') && $user->rights->commande->creer && ! empty($object->brouillon)) print 'id.'">'.img_edit($langs->trans('SetBankAccount'),1).'
'; } else { + + $langs->load('banks'); + if ($selected) { require_once DOL_DOCUMENT_ROOT .'/compta/bank/class/account.class.php'; $bankstatic=new Account($this->db); $bankstatic->fetch($selected); - print $this->textwithpicto($bankstatic->label,$langs->trans("AccountCurrency").' '.$bankstatic->currency_code); + print $this->textwithpicto($bankstatic->getNomUrl(1),$langs->trans("AccountCurrency").' '.$bankstatic->currency_code); } else { print " "; } @@ -5812,7 +5815,7 @@ class Form */ global $dolibarr_main_url_root; $ret.=''; - $ret.='Gravatar avatar'; // gravatar need md5 hash + $ret.='Gravatar avatar'; // gravatar need md5 hash } else { diff --git a/htdocs/core/class/html.formfile.class.php b/htdocs/core/class/html.formfile.class.php index 5a55b3a8a9c..0821b9b2d2b 100644 --- a/htdocs/core/class/html.formfile.class.php +++ b/htdocs/core/class/html.formfile.class.php @@ -76,7 +76,7 @@ class FormFile global $conf,$langs, $hookmanager; $hookmanager->initHooks(array('formfile')); - + if (! empty($conf->browser->layout) && $conf->browser->layout != 'classic') $useajax=0; if ((! empty($conf->global->MAIN_USE_JQUERY_FILEUPLOAD) && $useajax) || ($useajax==2)) @@ -89,6 +89,11 @@ class FormFile } else { + //If there is no permission and the option to hide unauthorized actions is enabled, then nothing is printed + if (!$perm && !empty($conf->global->MAIN_BUTTON_HIDE_UNAUTHORIZED)) { + return 1; + } + $maxlength=$size; $out = "\n\n\n"; @@ -276,7 +281,7 @@ class FormFile if (0 !== $iconPDF) { dol_syslog(__METHOD__ . ": passing iconPDF parameter is deprecated", LOG_WARNING); } - + global $langs, $conf, $user, $hookmanager; global $form, $bc; @@ -288,7 +293,7 @@ class FormFile if (! empty($iconPDF)) { return $this->getDocumentsLink($modulepart, $modulesubdir, $filedir); } - + $printer=0; if (in_array($modulepart,array('facture','supplier_proposal','propal','proposal','order','commande','expedition', 'commande_fournisseur'))) // The direct print feature is implemented only for such elements { @@ -506,7 +511,7 @@ class FormFile $addcolumforpicto=($delallowed || $printer || $morepicto); $out.= '		'; - + // Model if (! empty($modellist)) { @@ -604,7 +609,7 @@ class FormFile // Show file name with link to download $out.= ''; - $out.= ''; - print ''; - print ''; + print ''; + print ''; print ''; } else print ' '; diff --git a/htdocs/core/class/html.formmargin.class.php b/htdocs/core/class/html.formmargin.class.php index 6678d87ca60..6d29125df6c 100644 --- a/htdocs/core/class/html.formmargin.class.php +++ b/htdocs/core/class/html.formmargin.class.php @@ -48,6 +48,7 @@ class FormMargin /** * get array with margin information from lines of object + * TODO Move this in common class. * * @param CommonObject $object Object we want to get margin information for * @param boolean $force_price True of not @@ -92,19 +93,23 @@ class FormMargin $line->pa_ht = $line->subprice * (1 - ($line->remise_percent / 100)); } + $pv = $line->qty * $line->subprice * (1 - $line->remise_percent / 100); + $pa_ht = ($pv < 0 ? - $line->pa_ht : $line->pa_ht); // We choosed to have line->pa_ht always positive in database, so we guess the correct sign + $pa = $line->qty * $pa_ht; + // calcul des marges if (isset($line->fk_remise_except) && isset($conf->global->MARGIN_METHODE_FOR_DISCOUNT)) { // remise - $pa = $line->qty * $line->pa_ht; - $pv = $line->qty * $line->subprice * (1 - $line->remise_percent / 100); if ($conf->global->MARGIN_METHODE_FOR_DISCOUNT == '1') { // remise globale considérée comme produit $marginInfos['pa_products'] += $pa; $marginInfos['pv_products'] += $pv; $marginInfos['pa_total'] += $pa; $marginInfos['pv_total'] += $pv; // if credit note, margin = -1 * (abs(selling_price) - buying_price) - if ($pv < 0) - $marginInfos['margin_on_products'] += -1 * (abs($pv) - $pa); - else + //if ($pv < 0) + //{ + // $marginInfos['margin_on_products'] += -1 * (abs($pv) - $pa); + //} + //else $marginInfos['margin_on_products'] += $pv - $pa; } elseif ($conf->global->MARGIN_METHODE_FOR_DISCOUNT == '2') { // remise globale considérée comme service @@ -113,9 +118,9 @@ class FormMargin $marginInfos['pa_total'] += $pa; $marginInfos['pv_total'] += $pv; // if credit note, margin = -1 * (abs(selling_price) - buying_price) - if ($pv < 0) - $marginInfos['margin_on_services'] += -1 * (abs($pv) - $pa); - else + //if ($pv < 0) + // $marginInfos['margin_on_services'] += -1 * (abs($pv) - $pa); + //else $marginInfos['margin_on_services'] += $pv - $pa; } elseif ($conf->global->MARGIN_METHODE_FOR_DISCOUNT == '3') { // remise globale prise en compte uniqt sur total @@ -126,29 +131,29 @@ class FormMargin else { $type=$line->product_type?$line->product_type:$line->fk_product_type; if ($type == 0) { // product - $pa = $line->qty * $line->pa_ht; - $pv = $line->qty * $line->subprice * (1 - $line->remise_percent / 100); $marginInfos['pa_products'] += $pa; $marginInfos['pv_products'] += $pv; $marginInfos['pa_total'] += $pa; $marginInfos['pv_total'] += $pv; // if credit note, margin = -1 * (abs(selling_price) - buying_price) - if ($pv < 0) - $marginInfos['margin_on_products'] += -1 * (abs($pv) - $pa); - else - $marginInfos['margin_on_products'] += $pv - $pa; + //if ($pv < 0) + //{ + // $marginInfos['margin_on_products'] += -1 * (abs($pv) - $pa); + //} + //else + //{ + $marginInfos['margin_on_products'] += $pv - $pa; + //} } elseif ($type == 1) { // service - $pa = $line->qty * $line->pa_ht; - $pv = $line->qty * $line->subprice * (1 - $line->remise_percent / 100); $marginInfos['pa_services'] += $pa; $marginInfos['pv_services'] += $pv; $marginInfos['pa_total'] += $pa; $marginInfos['pv_total'] += $pv; // if credit note, margin = -1 * (abs(selling_price) - buying_price) - if ($pv < 0) - $marginInfos['margin_on_services'] += -1 * (abs($pv) - $pa); - else + //if ($pv < 0) + // $marginInfos['margin_on_services'] += -1 * (abs($pv) - $pa); + //else $marginInfos['margin_on_services'] += $pv - $pa; } } @@ -164,9 +169,9 @@ class FormMargin $marginInfos['mark_rate_services'] = 100 * $marginInfos['margin_on_services'] / $marginInfos['pv_services']; // if credit note, margin = -1 * (abs(selling_price) - buying_price) - if ($marginInfos['pv_total'] < 0) - $marginInfos['total_margin'] = -1 * (abs($marginInfos['pv_total']) - $marginInfos['pa_total']); - else + //if ($marginInfos['pv_total'] < 0) + // $marginInfos['total_margin'] = -1 * (abs($marginInfos['pv_total']) - $marginInfos['pa_total']); + //else $marginInfos['total_margin'] = $marginInfos['pv_total'] - $marginInfos['pa_total']; if ($marginInfos['pa_total'] > 0) $marginInfos['total_margin_rate'] = 100 * $marginInfos['total_margin'] / $marginInfos['pa_total']; diff --git a/htdocs/core/class/html.formprojet.class.php b/htdocs/core/class/html.formprojet.class.php index 4c4c1486d51..8e54496f284 100644 --- a/htdocs/core/class/html.formprojet.class.php +++ b/htdocs/core/class/html.formprojet.class.php @@ -140,8 +140,10 @@ class FormProjets if ($socid == 0) $sql.= " AND (p.fk_soc=0 OR p.fk_soc IS NULL)"; if ($socid > 0 && empty($conf->global->PROJECT_ALLOW_TO_LINK_FROM_OTHER_COMPANY)) $sql.= " AND (p.fk_soc=".$socid." OR p.fk_soc IS NULL)"; if (!empty($filterkey)) { - $sql .= " AND p.title LIKE '%".$this->db->escape($filterkey)."%'"; - $sql .= " OR p.ref LIKE '%".$this->db->escape($filterkey)."%'"; + $sql .= ' AND ('; + $sql .= ' p.title LIKE "%'.$this->db->escape($filterkey).'%"'; + $sql .= ' OR p.ref LIKE "%'.$this->db->escape($filterkey).'%"'; + $sql .= ')'; } $sql.= " ORDER BY p.ref ASC"; diff --git a/htdocs/core/class/smtps.class.php b/htdocs/core/class/smtps.class.php index 0517dee30e5..37c0772093f 100644 --- a/htdocs/core/class/smtps.class.php +++ b/htdocs/core/class/smtps.class.php @@ -1190,7 +1190,7 @@ class SMTPs $host=preg_replace('@tcp://@i','',$host); // Remove prefix $host=preg_replace('@ssl://@i','',$host); // Remove prefix - $host=dol_getprefix('email').'-'.$host; + $host=dol_getprefix('email'); //NOTE: Message-ID should probably contain the username of the user who sent the msg $_header .= 'Subject: ' . $this->getSubject() . "\r\n"; diff --git a/htdocs/core/lib/files.lib.php b/htdocs/core/lib/files.lib.php index 21803bc3ad4..21344f5eca9 100644 --- a/htdocs/core/lib/files.lib.php +++ b/htdocs/core/lib/files.lib.php @@ -868,13 +868,23 @@ function dolCopyDir($srcfile, $destfile, $newmask, $overwriteifexists) $result=0; - dol_syslog("files.lib.php::dolCopyr srcfile=".$srcfile." destfile=".$destfile." newmask=".$newmask." overwriteifexists=".$overwriteifexists); + dol_syslog("files.lib.php::dolCopyDir srcfile=".$srcfile." destfile=".$destfile." newmask=".$newmask." overwriteifexists=".$overwriteifexists); if (empty($srcfile) || empty($destfile)) return -1; $destexists=dol_is_dir($destfile); if (! $overwriteifexists && $destexists) return 0; - + + if (! $destexists) + { + // We must set mask just before creating dir, becaause it can be set differently by dol_copy + umask(0); + $dirmaskdec=octdec($newmask); + if (empty($newmask) && ! empty($conf->global->MAIN_UMASK)) $dirmaskdec=octdec($conf->global->MAIN_UMASK); + $dirmaskdec |= octdec('0200'); // Set w bit required to be able to create content for recursive subdirs files + dol_mkdir($destfile."/".$file, '', decoct($dirmaskdec)); + } + $srcfile=dol_osencode($srcfile); $destfile=dol_osencode($destfile); @@ -891,6 +901,7 @@ function dolCopyDir($srcfile, $destfile, $newmask, $overwriteifexists) { if (!is_dir($destfile."/".$file)) { + // We must set mask just before creating dir, becaause it can be set differently by dol_copy umask(0); $dirmaskdec=octdec($newmask); if (empty($newmask) && ! empty($conf->global->MAIN_UMASK)) $dirmaskdec=octdec($conf->global->MAIN_UMASK); @@ -1055,7 +1066,7 @@ function dol_move_uploaded_file($src_file, $dest_file, $allowoverwrite, $disable } // Security: - // On interdit fichiers caches, remontees de repertoire ainsi que les pipes dans les noms de fichiers. + // We refuse cache files/dirs, upload using .. and pipes into filenames. if (preg_match('/^\./',$src_file) || preg_match('/\.\./',$src_file) || preg_match('/[<>|]/',$src_file)) { dol_syslog("Refused to deliver file ".$src_file, LOG_WARNING); @@ -1128,6 +1139,7 @@ function dol_move_uploaded_file($src_file, $dest_file, $allowoverwrite, $disable * @param int $nohook Disable all hooks * @param object $object Current object in use * @return boolean True if no error (file is deleted or if glob is used and there's nothing to delete), False if error + * @see dol_delete_dir */ function dol_delete_file($file,$disableglob=0,$nophperrors=0,$nohook=0,$object=null) { @@ -1139,6 +1151,14 @@ function dol_delete_file($file,$disableglob=0,$nophperrors=0,$nohook=0,$object=n dol_syslog("dol_delete_file file=".$file." disableglob=".$disableglob." nophperrors=".$nophperrors." nohook=".$nohook); + // Security: + // We refuse transversal using .. and pipes into filenames. + if (preg_match('/\.\./',$file) || preg_match('/[<>|]/',$file)) + { + dol_syslog("Refused to delete file ".$file, LOG_WARNING); + return False; + } + if (empty($nohook)) { $hookmanager->initHooks(array('fileslib')); @@ -1203,9 +1223,18 @@ function dol_delete_file($file,$disableglob=0,$nophperrors=0,$nohook=0,$object=n * @param string $dir Directory to delete * @param int $nophperrors Disable all PHP output errors * @return boolean True if success, false if error + * @see dol_delete_file */ function dol_delete_dir($dir,$nophperrors=0) { + // Security: + // We refuse transversal using .. and pipes into filenames. + if (preg_match('/\.\./',$dir) || preg_match('/[<>|]/',$dir)) + { + dol_syslog("Refused to delete dir ".$dir, LOG_WARNING); + return False; + } + $dir_osencoded=dol_osencode($dir); return ($nophperrors?@rmdir($dir_osencoded):rmdir($dir_osencoded)); } @@ -1778,7 +1807,8 @@ function dol_most_recent_file($dir,$regexfilter='',$excludefilter=array('(\.meta function dol_check_secure_access_document($modulepart,$original_file,$entity,$fuser='',$refname='') { global $user, $conf, $db; - + global $dolibarr_main_data_root; + if (! is_object($fuser)) $fuser=$user; if (empty($modulepart)) return 'ErrorBadParameter'; @@ -1792,120 +1822,122 @@ function dol_check_secure_access_document($modulepart,$original_file,$entity,$fu // find the subdirectory name as the reference if (empty($refname)) $refname=basename(dirname($original_file)."/"); + $relative_original_file = $original_file; + // Wrapping for some images - if ($modulepart == 'companylogo') + if ($modulepart == 'companylogo' && !empty($conf->mycompany->dir_output)) { $accessallowed=1; $original_file=$conf->mycompany->dir_output.'/logos/'.$original_file; } // Wrapping for users photos - elseif ($modulepart == 'userphoto') + elseif ($modulepart == 'userphoto' && !empty($conf->user->dir_output)) { $accessallowed=1; $original_file=$conf->user->dir_output.'/'.$original_file; } // Wrapping for members photos - elseif ($modulepart == 'memberphoto') + elseif ($modulepart == 'memberphoto' && !empty($conf->adherent->dir_output)) { $accessallowed=1; $original_file=$conf->adherent->dir_output.'/'.$original_file; } // Wrapping pour les apercu factures - elseif ($modulepart == 'apercufacture') + elseif ($modulepart == 'apercufacture' && !empty($conf->facture->dir_output)) { if ($fuser->rights->facture->lire) $accessallowed=1; $original_file=$conf->facture->dir_output.'/'.$original_file; } // Wrapping pour les apercu propal - elseif ($modulepart == 'apercupropal') + elseif ($modulepart == 'apercupropal' && !empty($conf->propal->dir_output)) { if ($fuser->rights->propale->lire) $accessallowed=1; $original_file=$conf->propal->dir_output.'/'.$original_file; } // Wrapping pour les apercu commande - elseif ($modulepart == 'apercucommande') + elseif ($modulepart == 'apercucommande' && !empty($conf->commande->dir_output)) { if ($fuser->rights->commande->lire) $accessallowed=1; $original_file=$conf->commande->dir_output.'/'.$original_file; } // Wrapping pour les apercu intervention - elseif ($modulepart == 'apercufichinter') + elseif ($modulepart == 'apercufichinter' && !empty($conf->ficheinter->dir_output)) { if ($fuser->rights->ficheinter->lire) $accessallowed=1; $original_file=$conf->ficheinter->dir_output.'/'.$original_file; } // Wrapping pour les images des stats propales - elseif ($modulepart == 'propalstats') + elseif ($modulepart == 'propalstats' && !empty($conf->propal->dir_temp)) { if ($fuser->rights->propale->lire) $accessallowed=1; $original_file=$conf->propal->dir_temp.'/'.$original_file; } // Wrapping pour les images des stats commandes - elseif ($modulepart == 'orderstats') + elseif ($modulepart == 'orderstats' && !empty($conf->commande->dir_temp)) { if ($fuser->rights->commande->lire) $accessallowed=1; $original_file=$conf->commande->dir_temp.'/'.$original_file; } - elseif ($modulepart == 'orderstatssupplier') + elseif ($modulepart == 'orderstatssupplier' && !empty($conf->fournisseur->dir_output)) { if ($fuser->rights->fournisseur->commande->lire) $accessallowed=1; $original_file=$conf->fournisseur->dir_output.'/commande/temp/'.$original_file; } // Wrapping pour les images des stats factures - elseif ($modulepart == 'billstats') + elseif ($modulepart == 'billstats' && !empty($conf->facture->dir_temp)) { if ($fuser->rights->facture->lire) $accessallowed=1; $original_file=$conf->facture->dir_temp.'/'.$original_file; } - elseif ($modulepart == 'billstatssupplier') + elseif ($modulepart == 'billstatssupplier' && !empty($conf->fournisseur->dir_output)) { if ($fuser->rights->fournisseur->facture->lire) $accessallowed=1; $original_file=$conf->fournisseur->dir_output.'/facture/temp/'.$original_file; } // Wrapping pour les images des stats expeditions - elseif ($modulepart == 'expeditionstats') + elseif ($modulepart == 'expeditionstats' && !empty($conf->expedition->dir_temp)) { if ($fuser->rights->expedition->lire) $accessallowed=1; $original_file=$conf->expedition->dir_temp.'/'.$original_file; } // Wrapping pour les images des stats expeditions - elseif ($modulepart == 'tripsexpensesstats') + elseif ($modulepart == 'tripsexpensesstats' && !empty($conf->deplacement->dir_temp)) { if ($fuser->rights->deplacement->lire) $accessallowed=1; $original_file=$conf->deplacement->dir_temp.'/'.$original_file; } // Wrapping pour les images des stats expeditions - elseif ($modulepart == 'memberstats') + elseif ($modulepart == 'memberstats' && !empty($conf->adherent->dir_temp)) { if ($fuser->rights->adherent->lire) $accessallowed=1; $original_file=$conf->adherent->dir_temp.'/'.$original_file; } // Wrapping pour les images des stats produits - elseif (preg_match('/^productstats_/i',$modulepart)) + elseif (preg_match('/^productstats_/i',$modulepart) && !empty($conf->product->dir_temp)) { if ($fuser->rights->produit->lire || $fuser->rights->service->lire) $accessallowed=1; $original_file=(!empty($conf->product->multidir_temp[$entity])?$conf->product->multidir_temp[$entity]:$conf->service->multidir_temp[$entity]).'/'.$original_file; } // Wrapping for products or services - elseif ($modulepart == 'tax') + elseif ($modulepart == 'tax' && !empty($conf->tax->dir_output)) { if ($fuser->rights->tax->charges->lire) $accessallowed=1; $original_file=$conf->tax->dir_output.'/'.$original_file; } // Wrapping for products or services - elseif ($modulepart == 'actions') + elseif ($modulepart == 'actions' && !empty($conf->agenda->dir_output)) { if ($fuser->rights->agenda->myactions->read) $accessallowed=1; $original_file=$conf->agenda->dir_output.'/'.$original_file; } // Wrapping for categories - elseif ($modulepart == 'category') + elseif ($modulepart == 'category' && !empty($conf->categorie->dir_output)) { if ($fuser->rights->categorie->lire) $accessallowed=1; $original_file=$conf->categorie->multidir_output[$entity].'/'.$original_file; } // Wrapping pour les prelevements - elseif ($modulepart == 'prelevement') + elseif ($modulepart == 'prelevement' && !empty($conf->prelevement->dir_output)) { if ($fuser->rights->prelevement->bons->lire || preg_match('/^specimen/i',$original_file)) { @@ -1914,19 +1946,19 @@ function dol_check_secure_access_document($modulepart,$original_file,$entity,$fu $original_file=$conf->prelevement->dir_output.'/'.$original_file; } // Wrapping pour les graph energie - elseif ($modulepart == 'graph_stock') + elseif ($modulepart == 'graph_stock' && !empty($conf->stock->dir_temp)) { $accessallowed=1; $original_file=$conf->stock->dir_temp.'/'.$original_file; } // Wrapping pour les graph fournisseurs - elseif ($modulepart == 'graph_fourn') + elseif ($modulepart == 'graph_fourn' && !empty($conf->fournisseur->dir_temp)) { $accessallowed=1; $original_file=$conf->fournisseur->dir_temp.'/'.$original_file; } // Wrapping pour les graph des produits - elseif ($modulepart == 'graph_product') + elseif ($modulepart == 'graph_product' && !empty($conf->product->dir_temp)) { $accessallowed=1; $original_file=$conf->product->multidir_temp[$entity].'/'.$original_file; @@ -1935,32 +1967,31 @@ function dol_check_secure_access_document($modulepart,$original_file,$entity,$fu elseif ($modulepart == 'barcode') { $accessallowed=1; - // If viewimage is called for barcode, we try to output an image on the fly, - // with not build of file on disk. + // If viewimage is called for barcode, we try to output an image on the fly, with no build of file on disk. //$original_file=$conf->barcode->dir_temp.'/'.$original_file; $original_file=''; } // Wrapping pour les icones de background des mailings - elseif ($modulepart == 'iconmailing') + elseif ($modulepart == 'iconmailing' && !empty($conf->mailing->dir_temp)) { $accessallowed=1; $original_file=$conf->mailing->dir_temp.'/'.$original_file; } - // Wrapping pour les icones de background des mailings - elseif ($modulepart == 'scanner_user_temp') + // Wrapping pour le scanner + elseif ($modulepart == 'scanner_user_temp' && !empty($conf->scanner->dir_temp)) { $accessallowed=1; $original_file=$conf->scanner->dir_temp.'/'.$fuser->id.'/'.$original_file; } // Wrapping pour les images fckeditor - elseif ($modulepart == 'fckeditor') + elseif ($modulepart == 'fckeditor' && !empty($conf->fckeditor->dir_output)) { $accessallowed=1; $original_file=$conf->fckeditor->dir_output.'/'.$original_file; } // Wrapping for third parties - else if ($modulepart == 'company' || $modulepart == 'societe') + else if (($modulepart == 'company' || $modulepart == 'societe') && !empty($conf->societe->dir_output)) { if ($fuser->rights->societe->lire || preg_match('/^specimen/i',$original_file)) { @@ -1971,7 +2002,7 @@ function dol_check_secure_access_document($modulepart,$original_file,$entity,$fu } // Wrapping for contact - else if ($modulepart == 'contact') + else if ($modulepart == 'contact' && !empty($conf->societe->dir_output)) { if ($fuser->rights->societe->lire) { @@ -1981,7 +2012,7 @@ function dol_check_secure_access_document($modulepart,$original_file,$entity,$fu } // Wrapping for invoices - else if ($modulepart == 'facture' || $modulepart == 'invoice') + else if (($modulepart == 'facture' || $modulepart == 'invoice') && !empty($conf->facture->dir_output)) { if ($fuser->rights->facture->lire || preg_match('/^specimen/i',$original_file)) { @@ -1990,7 +2021,7 @@ function dol_check_secure_access_document($modulepart,$original_file,$entity,$fu $original_file=$conf->facture->dir_output.'/'.$original_file; $sqlprotectagainstexternals = "SELECT fk_soc as fk_soc FROM ".MAIN_DB_PREFIX."facture WHERE ref='".$db->escape($refname)."' AND entity=".$conf->entity; } - else if ($modulepart == 'massfilesarea_facture') + else if ($modulepart == 'massfilesarea_facture' && !empty($conf->facture->dir_output)) { if ($fuser->rights->facture->lire || preg_match('/^specimen/i',$original_file)) { @@ -1999,8 +2030,8 @@ function dol_check_secure_access_document($modulepart,$original_file,$entity,$fu $original_file=$conf->facture->dir_output.'/temp/massgeneration/'.$user->id.'/'.$original_file; } - // Wrapping pour les fiches intervention - else if ($modulepart == 'ficheinter') + // Wrapping for interventions + else if (($modulepart == 'fichinter' || $modulepart == 'ficheinter') && !empty($conf->ficheinter->dir_output)) { if ($fuser->rights->ficheinter->lire || preg_match('/^specimen/i',$original_file)) { @@ -2011,7 +2042,7 @@ function dol_check_secure_access_document($modulepart,$original_file,$entity,$fu } // Wrapping pour les deplacements et notes de frais - else if ($modulepart == 'deplacement') + else if ($modulepart == 'deplacement' && !empty($conf->deplacement->dir_output)) { if ($fuser->rights->deplacement->lire || preg_match('/^specimen/i',$original_file)) { @@ -2021,7 +2052,7 @@ function dol_check_secure_access_document($modulepart,$original_file,$entity,$fu //$sqlprotectagainstexternals = "SELECT fk_soc as fk_soc FROM ".MAIN_DB_PREFIX."fichinter WHERE ref='".$db->escape($refname)."' AND entity=".$conf->entity; } // Wrapping pour les propales - else if ($modulepart == 'propal') + else if ($modulepart == 'propal' && !empty($conf->propal->dir_output)) { if ($fuser->rights->propale->lire || preg_match('/^specimen/i',$original_file)) { @@ -2033,7 +2064,7 @@ function dol_check_secure_access_document($modulepart,$original_file,$entity,$fu } // Wrapping pour les commandes - else if ($modulepart == 'commande' || $modulepart == 'order') + else if (($modulepart == 'commande' || $modulepart == 'order') && !empty($conf->commande->dir_output)) { if ($fuser->rights->commande->lire || preg_match('/^specimen/i',$original_file)) { @@ -2044,7 +2075,7 @@ function dol_check_secure_access_document($modulepart,$original_file,$entity,$fu } // Wrapping pour les projets - else if ($modulepart == 'project') + else if ($modulepart == 'project' && !empty($conf->projet->dir_output)) { if ($fuser->rights->projet->lire || preg_match('/^specimen/i',$original_file)) { @@ -2053,7 +2084,7 @@ function dol_check_secure_access_document($modulepart,$original_file,$entity,$fu $original_file=$conf->projet->dir_output.'/'.$original_file; $sqlprotectagainstexternals = "SELECT fk_soc as fk_soc FROM ".MAIN_DB_PREFIX."projet WHERE ref='".$db->escape($refname)."' AND entity=".$conf->entity; } - else if ($modulepart == 'project_task') + else if ($modulepart == 'project_task' && !empty($conf->projet->dir_output)) { if ($fuser->rights->projet->lire || preg_match('/^specimen/i',$original_file)) { @@ -2062,19 +2093,9 @@ function dol_check_secure_access_document($modulepart,$original_file,$entity,$fu $original_file=$conf->projet->dir_output.'/'.$original_file; $sqlprotectagainstexternals = "SELECT fk_soc as fk_soc FROM ".MAIN_DB_PREFIX."projet WHERE ref='".$db->escape($refname)."' AND entity=".$conf->entity; } - // Wrapping for interventions - else if ($modulepart == 'fichinter') - { - if ($fuser->rights->ficheinter->lire || preg_match('/^specimen/i',$original_file)) - { - $accessallowed=1; - } - $original_file=$conf->ficheinter->dir_output.'/'.$original_file; - $sqlprotectagainstexternals = "SELECT fk_soc as fk_soc FROM ".MAIN_DB_PREFIX."fichinter WHERE ref='".$db->escape($refname)."' AND entity=".$conf->entity; - } // Wrapping pour les commandes fournisseurs - else if ($modulepart == 'commande_fournisseur' || $modulepart == 'order_supplier') + else if (($modulepart == 'commande_fournisseur' || $modulepart == 'order_supplier') && !empty($conf->fournisseur->commande->dir_output)) { if ($fuser->rights->fournisseur->commande->lire || preg_match('/^specimen/i',$original_file)) { @@ -2085,7 +2106,7 @@ function dol_check_secure_access_document($modulepart,$original_file,$entity,$fu } // Wrapping pour les factures fournisseurs - else if ($modulepart == 'facture_fournisseur' || $modulepart == 'invoice_supplier') + else if (($modulepart == 'facture_fournisseur' || $modulepart == 'invoice_supplier') && !empty($conf->fournisseur->facture->dir_output)) { if ($fuser->rights->fournisseur->facture->lire || preg_match('/^specimen/i',$original_file)) { @@ -2096,7 +2117,7 @@ function dol_check_secure_access_document($modulepart,$original_file,$entity,$fu } // Wrapping pour les rapport de paiements - else if ($modulepart == 'facture_paiement') + else if ($modulepart == 'facture_paiement' && !empty($conf->facture->dir_output)) { if ($fuser->rights->facture->lire || preg_match('/^specimen/i',$original_file)) { @@ -2107,7 +2128,7 @@ function dol_check_secure_access_document($modulepart,$original_file,$entity,$fu } // Wrapping for accounting exports - else if ($modulepart == 'export_compta') + else if ($modulepart == 'export_compta' && !empty($conf->accounting->dir_output)) { if ($fuser->rights->accounting->ventilation->dispatch || preg_match('/^specimen/i',$original_file)) { @@ -2117,7 +2138,7 @@ function dol_check_secure_access_document($modulepart,$original_file,$entity,$fu } // Wrapping pour les expedition - else if ($modulepart == 'expedition') + else if ($modulepart == 'expedition' && !empty($conf->expedition->dir_output)) { if ($fuser->rights->expedition->lire || preg_match('/^specimen/i',$original_file)) { @@ -2127,7 +2148,7 @@ function dol_check_secure_access_document($modulepart,$original_file,$entity,$fu } // Wrapping pour les bons de livraison - else if ($modulepart == 'livraison') + else if ($modulepart == 'livraison' && !empty($conf->livraison->dir_output)) { if ($fuser->rights->expedition->livraison->lire || preg_match('/^specimen/i',$original_file)) { @@ -2137,7 +2158,7 @@ function dol_check_secure_access_document($modulepart,$original_file,$entity,$fu } // Wrapping pour les actions - else if ($modulepart == 'actions') + else if ($modulepart == 'actions' && !empty($conf->agenda->dir_output)) { if ($fuser->rights->agenda->myactions->read || preg_match('/^specimen/i',$original_file)) { @@ -2147,7 +2168,7 @@ function dol_check_secure_access_document($modulepart,$original_file,$entity,$fu } // Wrapping pour les actions - else if ($modulepart == 'actionsreport') + else if ($modulepart == 'actionsreport' && !empty($conf->agenda->dir_temp)) { if ($fuser->rights->agenda->allactions->read || preg_match('/^specimen/i',$original_file)) { @@ -2168,7 +2189,7 @@ function dol_check_secure_access_document($modulepart,$original_file,$entity,$fu } // Wrapping pour les contrats - else if ($modulepart == 'contract') + else if ($modulepart == 'contract' && !empty($conf->contrat->dir_output)) { if ($fuser->rights->contrat->lire || preg_match('/^specimen/i',$original_file)) { @@ -2178,7 +2199,7 @@ function dol_check_secure_access_document($modulepart,$original_file,$entity,$fu } // Wrapping pour les dons - else if ($modulepart == 'donation') + else if ($modulepart == 'donation' && !empty($conf->donation->dir_output)) { if ($fuser->rights->don->lire || preg_match('/^specimen/i',$original_file)) { @@ -2188,7 +2209,7 @@ function dol_check_secure_access_document($modulepart,$original_file,$entity,$fu } // Wrapping pour les remises de cheques - else if ($modulepart == 'remisecheque') + else if ($modulepart == 'remisecheque' && !empty($conf->banque->dir_output)) { if ($fuser->rights->banque->lire || preg_match('/^specimen/i',$original_file)) { @@ -2199,7 +2220,7 @@ function dol_check_secure_access_document($modulepart,$original_file,$entity,$fu } // Wrapping for bank - else if ($modulepart == 'bank') + else if ($modulepart == 'bank' && !empty($conf->bank->dir_output)) { if ($fuser->rights->banque->lire) { @@ -2209,7 +2230,7 @@ function dol_check_secure_access_document($modulepart,$original_file,$entity,$fu } // Wrapping for export module - else if ($modulepart == 'export') + else if ($modulepart == 'export' && !empty($conf->export->dir_temp)) { // Aucun test necessaire car on force le rep de download sur // le rep export qui est propre a l'utilisateur @@ -2218,47 +2239,42 @@ function dol_check_secure_access_document($modulepart,$original_file,$entity,$fu } // Wrapping for import module - else if ($modulepart == 'import') + else if ($modulepart == 'import' && !empty($conf->import->dir_temp)) { $accessallowed=1; $original_file=$conf->import->dir_temp.'/'.$original_file; } // Wrapping pour l'editeur wysiwyg - else if ($modulepart == 'editor') + else if ($modulepart == 'editor' && !empty($conf->fckeditor->dir_output)) { $accessallowed=1; $original_file=$conf->fckeditor->dir_output.'/'.$original_file; } // Wrapping for miscellaneous medias files - elseif ($modulepart == 'medias') + elseif ($modulepart == 'medias' && !empty($dolibarr_main_data_root)) { $accessallowed=1; - global $dolibarr_main_data_root; $original_file=$dolibarr_main_data_root.'/medias/'.$original_file; } // Wrapping for backups - else if ($modulepart == 'systemtools') + else if ($modulepart == 'systemtools' && !empty($conf->admin->dir_output)) { - if ($fuser->admin) - { - $accessallowed=1; - } + if ($fuser->admin) $accessallowed=1; $original_file=$conf->admin->dir_output.'/'.$original_file; } // Wrapping for upload file test - else if ($modulepart == 'admin_temp') + else if ($modulepart == 'admin_temp' && !empty($conf->admin->dir_temp)) { - if ($fuser->admin) - $accessallowed=1; + if ($fuser->admin) $accessallowed=1; $original_file=$conf->admin->dir_temp.'/'.$original_file; } // Wrapping pour BitTorrent - else if ($modulepart == 'bittorrent') + else if ($modulepart == 'bittorrent' && !empty($conf->bittorrent->dir_output)) { $accessallowed=1; $dir='files'; @@ -2267,7 +2283,7 @@ function dol_check_secure_access_document($modulepart,$original_file,$entity,$fu } // Wrapping pour Foundation module - else if ($modulepart == 'member') + else if ($modulepart == 'member' && !empty($conf->adherent->dir_output)) { if ($fuser->rights->adherent->lire || preg_match('/^specimen/i',$original_file)) { @@ -2277,7 +2293,7 @@ function dol_check_secure_access_document($modulepart,$original_file,$entity,$fu } // Wrapping for Scanner - else if ($modulepart == 'scanner_user_temp') + else if ($modulepart == 'scanner_user_temp' && !empty($conf->scanner->dir_temp)) { $accessallowed=1; $original_file=$conf->scanner->dir_temp.'/'.$fuser->id.'/'.$original_file; @@ -2290,20 +2306,38 @@ function dol_check_secure_access_document($modulepart,$original_file,$entity,$fu // If modulepart=module Allows any module to open a file if file is in directory called DOL_DATA_ROOT/modulepart else { + if (preg_match('/^specimen/i',$original_file)) $accessallowed=1; // If link to a file called specimen. Test must be done before changing $original_file int full path. + if ($fuser->admin) $accessallowed=1; // If user is admin + // Define $accessallowed if (preg_match('/^([a-z]+)_user_temp$/i',$modulepart,$reg)) { - if ($fuser->rights->{$reg[1]}->lire || $fuser->rights->{$reg[1]}->read || ($fuser->rights->{$reg[1]}->download)) $accessallowed=1; + if (empty($conf->{$reg[1]}->dir_temp)) // modulepart not supported + { + dol_print_error('','Error call dol_check_secure_access_document with not supported value for modulepart parameter ('.$modulepart.')'); + exit; + } + if ($fuser->rights->{$reg[1]}->lire || $fuser->rights->{$reg[1]}->read || ($fuser->rights->{$reg[1]}->download)) $accessallowed=1; $original_file=$conf->{$reg[1]}->dir_temp.'/'.$fuser->id.'/'.$original_file; } else if (preg_match('/^([a-z]+)_temp$/i',$modulepart,$reg)) { - if ($fuser->rights->{$reg[1]}->lire || $fuser->rights->{$reg[1]}->read || ($fuser->rights->{$reg[1]}->download)) $accessallowed=1; + if (empty($conf->{$reg[1]}->dir_temp)) // modulepart not supported + { + dol_print_error('','Error call dol_check_secure_access_document with not supported value for modulepart parameter ('.$modulepart.')'); + exit; + } + if ($fuser->rights->{$reg[1]}->lire || $fuser->rights->{$reg[1]}->read || ($fuser->rights->{$reg[1]}->download)) $accessallowed=1; $original_file=$conf->{$reg[1]}->dir_temp.'/'.$original_file; } else if (preg_match('/^([a-z]+)_user$/i',$modulepart,$reg)) { - if ($fuser->rights->{$reg[1]}->lire || $fuser->rights->{$reg[1]}->read || ($fuser->rights->{$reg[1]}->download)) $accessallowed=1; + if (empty($conf->{$reg[1]}->dir_output)) // modulepart not supported + { + dol_print_error('','Error call dol_check_secure_access_document with not supported value for modulepart parameter ('.$modulepart.')'); + exit; + } + if ($fuser->rights->{$reg[1]}->lire || $fuser->rights->{$reg[1]}->read || ($fuser->rights->{$reg[1]}->download)) $accessallowed=1; $original_file=$conf->{$reg[1]}->dir_output.'/'.$fuser->id.'/'.$original_file; } else @@ -2327,8 +2361,6 @@ function dol_check_secure_access_document($modulepart,$original_file,$entity,$fu $original_file=$conf->$modulepart->dir_output.'/'.$original_file; } } - if (preg_match('/^specimen/i',$original_file)) $accessallowed=1; // If link to a specimen - if ($fuser->admin) $accessallowed=1; // If user is admin // For modules who wants to manage different levels of permissions for documents $subPermCategoryConstName = strtoupper($modulepart).'_SUBPERMCATEGORY_FOR_DOCUMENTS'; diff --git a/htdocs/core/lib/treeview.lib.php b/htdocs/core/lib/treeview.lib.php index 6fc0c9f013f..db0fcd07fae 100644 --- a/htdocs/core/lib/treeview.lib.php +++ b/htdocs/core/lib/treeview.lib.php @@ -97,7 +97,7 @@ function tree_showpad(&$fulltree,$key,$silent=0) // ------------------------------- Used by menu editor, category view, ... ----------------- /** - * Recursive function to output menu tree.
  • ...
+ * Recursive function to output a tree.
  • ...
* It is also used for the tree of categories. * Note: To have this function working, check you have loaded the js and css for treeview. * $arrayofjs=array('/includes/jquery/plugins/jquerytreeview/jquery.treeview.js', @@ -106,7 +106,7 @@ function tree_showpad(&$fulltree,$key,$silent=0) * TODO Replace with jstree plugin instead of treeview plugin. * * @param array $tab Array of all elements - * @param int $pere Array with parent ids ('rowid'=>,'mainmenu'=>,'leftmenu'=>,'fk_mainmenu=>,'fk_leftmenu=>) + * @param array $pere Array with parent ids ('rowid'=>,'mainmenu'=>,'leftmenu'=>,'fk_mainmenu=>,'fk_leftmenu=>) * @param int $rang Level of element * @param string $iddivjstree Id to use for parent ul element * @param int $donoresetalreadyloaded Do not reset global array $donoresetalreadyloaded used to avoid to go down on an aleady processed record @@ -139,7 +139,10 @@ function tree_recur($tab, $pere, $rang, $iddivjstree='iddivjstree', $donoresetal print '
    '; } - if ($rang > 50) return; // Protect against infinite loop. Max 50 depth + if ($rang > 50) + { + return; // Protect against infinite loop. Max 50 depth + } //ballayage du tableau $sizeoftab=count($tab); diff --git a/htdocs/core/menus/standard/eldy.lib.php b/htdocs/core/menus/standard/eldy.lib.php index 748a4532cb5..aa98f23b2ad 100644 --- a/htdocs/core/menus/standard/eldy.lib.php +++ b/htdocs/core/menus/standard/eldy.lib.php @@ -1071,10 +1071,11 @@ function print_left_eldy_menu($db,$menu_array_before,$menu_array_after,&$tabMenu if (! empty($conf->categorie->enabled)) { $langs->load("categories"); - //$newmenu->add("/compta/bank/categ.php",$langs->trans("Rubriques"),1,$user->rights->banque->configurer); $newmenu->add("/categories/index.php?type=5",$langs->trans("Rubriques"),0,$user->rights->categorie->creer, '', $mainmenu, 'tags'); $newmenu->add("/categories/card.php?action=create&type=5",$langs->trans("NewCategory"),1,$user->rights->categorie->creer); - } + $newmenu->add("/compta/bank/categ.php",$langs->trans("RubriquesTransactions"),0,$user->rights->categorie->creer, '', $mainmenu, 'tags'); + $newmenu->add("/compta/bank/categ.php",$langs->trans("NewCategory"),1,$user->rights->categorie->creer, '', $mainmenu, 'tags'); + } // Prelevements if (! empty($conf->prelevement->enabled)) diff --git a/htdocs/core/modules/modFacture.class.php b/htdocs/core/modules/modFacture.class.php index 9ba9fae7322..a83f581a276 100644 --- a/htdocs/core/modules/modFacture.class.php +++ b/htdocs/core/modules/modFacture.class.php @@ -192,11 +192,11 @@ class modFacture extends DolibarrModules $this->export_label[$r]='CustomersInvoicesAndInvoiceLines'; // Translation key (used only if key ExportDataset_xxx_z not found) $this->export_icon[$r]='bill'; $this->export_permission[$r]=array(array("facture","facture","export","other")); - $this->export_fields_array[$r]=array('s.rowid'=>"IdCompany",'s.nom'=>'CompanyName','s.address'=>'Address','s.zip'=>'Zip','s.town'=>'Town','c.code'=>'CountryCode','s.phone'=>'Phone','s.siren'=>'ProfId1','s.siret'=>'ProfId2','s.ape'=>'ProfId3','s.idprof4'=>'ProfId4','s.code_compta'=>'CustomerAccountancyCode','s.code_compta_fournisseur'=>'SupplierAccountancyCode','s.tva_intra'=>'VATIntra','f.rowid'=>"InvoiceId",'f.facnumber'=>"InvoiceRef",'f.datec'=>"InvoiceDateCreation",'f.datef'=>"DateInvoice",'f.date_lim_reglement'=>"DateDue",'f.total'=>"TotalHT",'f.total_ttc'=>"TotalTTC",'f.tva'=>"TotalVAT",'f.paye'=>"InvoicePaid",'f.fk_statut'=>'InvoiceStatus','f.note_private'=>"NotePrivate",'f.note_public'=>"NotePublic",'f.fk_user_author'=>'CreatedById','uc.login'=>'CreatedByLogin','f.fk_user_valid'=>'ValidatedById','uv.login'=>'ValidatedByLogin', 'pj.ref'=>'ProjectRef', 'fd.rowid'=>'LineId','fd.description'=>"LineDescription",'fd.subprice'=>"LineUnitPrice",'fd.tva_tx'=>"LineVATRate",'fd.qty'=>"LineQty",'fd.total_ht'=>"LineTotalHT",'fd.total_tva'=>"LineTotalVAT",'fd.total_ttc'=>"LineTotalTTC",'fd.date_start'=>"DateStart",'fd.date_end'=>"DateEnd",'fd.special_code'=>'SpecialCode','fd.product_type'=>"TypeOfLineServiceOrProduct",'fd.fk_product'=>'ProductId','p.ref'=>'ProductRef','p.label'=>'ProductLabel','p.accountancy_code_sell'=>'ProductAccountancySellCode'); + $this->export_fields_array[$r]=array('s.rowid'=>"IdCompany",'s.nom'=>'CompanyName','s.address'=>'Address','s.zip'=>'Zip','s.town'=>'Town','c.code'=>'CountryCode','s.phone'=>'Phone','s.siren'=>'ProfId1','s.siret'=>'ProfId2','s.ape'=>'ProfId3','s.idprof4'=>'ProfId4','s.code_compta'=>'CustomerAccountancyCode','s.code_compta_fournisseur'=>'SupplierAccountancyCode','s.tva_intra'=>'VATIntra','f.rowid'=>"InvoiceId",'f.facnumber'=>"InvoiceRef",'f.type'=>"Type",'f.datec'=>"InvoiceDateCreation",'f.datef'=>"DateInvoice",'f.date_lim_reglement'=>"DateDue",'f.total'=>"TotalHT",'f.total_ttc'=>"TotalTTC",'f.tva'=>"TotalVAT",'f.paye'=>"InvoicePaid",'f.fk_statut'=>'InvoiceStatus','f.note_private'=>"NotePrivate",'f.note_public'=>"NotePublic",'f.fk_user_author'=>'CreatedById','uc.login'=>'CreatedByLogin','f.fk_user_valid'=>'ValidatedById','uv.login'=>'ValidatedByLogin', 'pj.ref'=>'ProjectRef', 'fd.rowid'=>'LineId','fd.description'=>"LineDescription",'fd.subprice'=>"LineUnitPrice",'fd.tva_tx'=>"LineVATRate",'fd.qty'=>"LineQty",'fd.total_ht'=>"LineTotalHT",'fd.total_tva'=>"LineTotalVAT",'fd.total_ttc'=>"LineTotalTTC",'fd.date_start'=>"DateStart",'fd.date_end'=>"DateEnd",'fd.special_code'=>'SpecialCode','fd.product_type'=>"TypeOfLineServiceOrProduct",'fd.fk_product'=>'ProductId','p.ref'=>'ProductRef','p.label'=>'ProductLabel','p.accountancy_code_sell'=>'ProductAccountancySellCode'); //Add 'fd.label'=>"Label" to export_fields_array if you use it. Not used by dolibarr currently. //$this->export_TypeFields_array[$r]=array('s.rowid'=>"List:societe:nom",'s.nom'=>'Text','s.address'=>'Text','s.zip'=>'Text','s.town'=>'Text','c.code'=>'Text','s.phone'=>'Text','s.siren'=>'Text','s.siret'=>'Text','s.ape'=>'Text','s.idprof4'=>'Text','s.code_compta'=>'Text','s.code_compta_fournisseur'=>'Text','s.tva_intra'=>'Text','f.facnumber'=>"Text",'f.datec'=>"Date",'f.datef'=>"Date",'f.date_lim_reglement'=>"Date",'f.total'=>"Numeric",'f.total_ttc'=>"Numeric",'f.tva'=>"Numeric",'f.paye'=>"Boolean",'f.fk_statut'=>'Status','f.note_private'=>"Text",'f.note_public'=>"Text",'fd.description'=>"Text",'fd.price'=>"Numeric",'fd.tva_tx'=>"Numeric",'fd.qty'=>"Numeric",'fd.total_ht'=>"Numeric",'fd.total_tva'=>"Numeric",'fd.total_ttc'=>"Numeric",'fd.date_start'=>"Date",'fd.date_end'=>"Date",'fd.product_type'=>"Numeric",'fd.fk_product'=>'List:product:label','p.ref'=>'Text','p.label'=>'Text'); - $this->export_TypeFields_array[$r]=array('s.nom'=>'Text','s.address'=>'Text','s.zip'=>'Text','s.town'=>'Text','c.code'=>'Text','s.phone'=>'Text','s.siren'=>'Text','s.siret'=>'Text','s.ape'=>'Text','s.idprof4'=>'Text','s.code_compta'=>'Text','s.code_compta_fournisseur'=>'Text','s.tva_intra'=>'Text','f.facnumber'=>"Text",'f.datec'=>"Date",'f.datef'=>"Date",'f.date_lim_reglement'=>"Date",'f.total'=>"Numeric",'f.total_ttc'=>"Numeric",'f.tva'=>"Numeric",'f.paye'=>"Boolean",'f.fk_statut'=>'Status','f.note_private'=>"Text",'f.note_public'=>"Text", 'pj.ref'=>'Text', 'fd.label'=>'Text', 'fd.description'=>"Text",'fd.subprice'=>"Numeric",'fd.tva_tx'=>"Numeric",'fd.qty'=>"Numeric",'fd.total_ht'=>"Numeric",'fd.total_tva'=>"Numeric",'fd.total_ttc'=>"Numeric",'fd.date_start'=>"Date",'fd.date_end'=>"Date",'fd.special_code'=>'Numeric','fd.product_type'=>"Numeric",'fd.fk_product'=>'List:product:label','p.ref'=>'Text','p.label'=>'Text','p.accountancy_code_sell'=>'Text'); - $this->export_entities_array[$r]=array('s.rowid'=>"company",'s.nom'=>'company','s.address'=>'company','s.zip'=>'company','s.town'=>'company','c.code'=>'company','s.phone'=>'company','s.siren'=>'company','s.siret'=>'company','s.ape'=>'company','s.idprof4'=>'company','s.code_compta'=>'company','s.code_compta_fournisseur'=>'company','s.tva_intra'=>'company','f.rowid'=>"invoice",'f.facnumber'=>"invoice",'f.datec'=>"invoice",'f.datef'=>"invoice",'f.date_lim_reglement'=>"invoice",'f.total'=>"invoice",'f.total_ttc'=>"invoice",'f.tva'=>"invoice",'f.paye'=>"invoice",'f.fk_statut'=>'invoice','f.note_private'=>"invoice",'f.note_public'=>"invoice", 'pj.ref'=>'project', 'fd.rowid'=>'invoice_line','fd.label'=>"invoice_line",'fd.description'=>"invoice_line",'fd.subprice'=>"invoice_line",'fd.total_ht'=>"invoice_line",'fd.total_tva'=>"invoice_line",'fd.total_ttc'=>"invoice_line",'fd.tva_tx'=>"invoice_line",'fd.qty'=>"invoice_line",'fd.date_start'=>"invoice_line",'fd.date_end'=>"invoice_line",'fd.special_code'=>'invoice_line','fd.product_type'=>'invoice_line','fd.fk_product'=>'product','p.ref'=>'product','p.label'=>'product','p.accountancy_code_sell'=>'product','f.fk_user_author'=>'user','uc.login'=>'user','f.fk_user_valid'=>'user','uv.login'=>'user'); + $this->export_TypeFields_array[$r]=array('s.nom'=>'Text','s.address'=>'Text','s.zip'=>'Text','s.town'=>'Text','c.code'=>'Text','s.phone'=>'Text','s.siren'=>'Text','s.siret'=>'Text','s.ape'=>'Text','s.idprof4'=>'Text','s.code_compta'=>'Text','s.code_compta_fournisseur'=>'Text','s.tva_intra'=>'Text','f.facnumber'=>"Text",'f.type'=>"Numeric",'f.datec'=>"Date",'f.datef'=>"Date",'f.date_lim_reglement'=>"Date",'f.total'=>"Numeric",'f.total_ttc'=>"Numeric",'f.tva'=>"Numeric",'f.paye'=>"Boolean",'f.fk_statut'=>'Status','f.note_private'=>"Text",'f.note_public'=>"Text", 'pj.ref'=>'Text', 'fd.label'=>'Text', 'fd.description'=>"Text",'fd.subprice'=>"Numeric",'fd.tva_tx'=>"Numeric",'fd.qty'=>"Numeric",'fd.total_ht'=>"Numeric",'fd.total_tva'=>"Numeric",'fd.total_ttc'=>"Numeric",'fd.date_start'=>"Date",'fd.date_end'=>"Date",'fd.special_code'=>'Numeric','fd.product_type'=>"Numeric",'fd.fk_product'=>'List:product:label','p.ref'=>'Text','p.label'=>'Text','p.accountancy_code_sell'=>'Text'); + $this->export_entities_array[$r]=array('s.rowid'=>"company",'s.nom'=>'company','s.address'=>'company','s.zip'=>'company','s.town'=>'company','c.code'=>'company','s.phone'=>'company','s.siren'=>'company','s.siret'=>'company','s.ape'=>'company','s.idprof4'=>'company','s.code_compta'=>'company','s.code_compta_fournisseur'=>'company','s.tva_intra'=>'company','f.rowid'=>"invoice",'f.facnumber'=>"invoice",'f.type'=>"invoice",'f.datec'=>"invoice",'f.datef'=>"invoice",'f.date_lim_reglement'=>"invoice",'f.total'=>"invoice",'f.total_ttc'=>"invoice",'f.tva'=>"invoice",'f.paye'=>"invoice",'f.fk_statut'=>'invoice','f.note_private'=>"invoice",'f.note_public'=>"invoice", 'pj.ref'=>'project', 'fd.rowid'=>'invoice_line','fd.label'=>"invoice_line",'fd.description'=>"invoice_line",'fd.subprice'=>"invoice_line",'fd.total_ht'=>"invoice_line",'fd.total_tva'=>"invoice_line",'fd.total_ttc'=>"invoice_line",'fd.tva_tx'=>"invoice_line",'fd.qty'=>"invoice_line",'fd.date_start'=>"invoice_line",'fd.date_end'=>"invoice_line",'fd.special_code'=>'invoice_line','fd.product_type'=>'invoice_line','fd.fk_product'=>'product','p.ref'=>'product','p.label'=>'product','p.accountancy_code_sell'=>'product','f.fk_user_author'=>'user','uc.login'=>'user','f.fk_user_valid'=>'user','uv.login'=>'user'); $this->export_dependencies_array[$r]=array('invoice_line'=>'fd.rowid','product'=>'fd.rowid'); // To add unique key if we ask a field of a child to avoid the DISTINCT to discard them $keyforselect='facture'; $keyforelement='invoice'; $keyforaliasextra='extra'; include DOL_DOCUMENT_ROOT.'/core/extrafieldsinexport.inc.php'; @@ -224,10 +224,10 @@ class modFacture extends DolibarrModules $this->export_label[$r]='CustomersInvoicesAndPayments'; // Translation key (used only if key ExportDataset_xxx_z not found) $this->export_icon[$r]='bill'; $this->export_permission[$r]=array(array("facture","facture","export")); - $this->export_fields_array[$r]=array('s.rowid'=>"IdCompany",'s.nom'=>'CompanyName','s.address'=>'Address','s.zip'=>'Zip','s.town'=>'Town','c.code'=>'CountryCode','s.phone'=>'Phone','s.siren'=>'ProfId1','s.siret'=>'ProfId2','s.ape'=>'ProfId3','s.idprof4'=>'ProfId4','s.code_compta'=>'CustomerAccountancyCode','s.code_compta_fournisseur'=>'SupplierAccountancyCode','s.tva_intra'=>'VATIntra','f.rowid'=>"InvoiceId",'f.facnumber'=>"InvoiceRef",'f.datec'=>"InvoiceDateCreation",'f.datef'=>"DateInvoice",'f.date_lim_reglement'=>"DateDue",'f.total'=>"TotalHT",'f.total_ttc'=>"TotalTTC",'f.tva'=>"TotalVAT",'f.paye'=>"InvoicePaid",'f.fk_statut'=>'InvoiceStatus','f.note_private'=>"NotePrivate",'f.note_public'=>"NotePublic",'f.fk_user_author'=>'CreatedById','uc.login'=>'CreatedByLogin','f.fk_user_valid'=>'ValidatedById','uv.login'=>'ValidatedByLogin','pj.ref'=>'ProjectRef','p.rowid'=>'PaymentId','p.ref'=>'PaymentRef','p.amount'=>'AmountPayment','pf.amount'=>'AmountPaymentDistributedOnInvoice','p.datep'=>'DatePayment','p.num_paiement'=>'PaymentNumber','pt.code'=>'IdPaymentMode','pt.libelle'=>'LabelPaymentMode','p.note'=>'PaymentNote','p.fk_bank'=>'IdTransaction','ba.ref'=>'AccountRef'); + $this->export_fields_array[$r]=array('s.rowid'=>"IdCompany",'s.nom'=>'CompanyName','s.address'=>'Address','s.zip'=>'Zip','s.town'=>'Town','c.code'=>'CountryCode','s.phone'=>'Phone','s.siren'=>'ProfId1','s.siret'=>'ProfId2','s.ape'=>'ProfId3','s.idprof4'=>'ProfId4','s.code_compta'=>'CustomerAccountancyCode','s.code_compta_fournisseur'=>'SupplierAccountancyCode','s.tva_intra'=>'VATIntra','f.rowid'=>"InvoiceId",'f.facnumber'=>"InvoiceRef",'f.type'=>"Type",'f.datec'=>"InvoiceDateCreation",'f.datef'=>"DateInvoice",'f.date_lim_reglement'=>"DateDue",'f.total'=>"TotalHT",'f.total_ttc'=>"TotalTTC",'f.tva'=>"TotalVAT",'f.paye'=>"InvoicePaid",'f.fk_statut'=>'InvoiceStatus','f.note_private'=>"NotePrivate",'f.note_public'=>"NotePublic",'f.fk_user_author'=>'CreatedById','uc.login'=>'CreatedByLogin','f.fk_user_valid'=>'ValidatedById','uv.login'=>'ValidatedByLogin','pj.ref'=>'ProjectRef','p.rowid'=>'PaymentId','p.ref'=>'PaymentRef','p.amount'=>'AmountPayment','pf.amount'=>'AmountPaymentDistributedOnInvoice','p.datep'=>'DatePayment','p.num_paiement'=>'PaymentNumber','pt.code'=>'IdPaymentMode','pt.libelle'=>'LabelPaymentMode','p.note'=>'PaymentNote','p.fk_bank'=>'IdTransaction','ba.ref'=>'AccountRef'); //$this->export_TypeFields_array[$r]=array('s.rowid'=>"List:societe:nom",'s.nom'=>'Text','s.address'=>'Text','s.zip'=>'Text','s.town'=>'Text','c.code'=>'Text','s.phone'=>'Text','s.siren'=>'Text','s.siret'=>'Text','s.ape'=>'Text','s.idprof4'=>'Text','s.code_compta'=>'Text','s.code_compta_fournisseur'=>'Text','s.tva_intra'=>'Text','f.rowid'=>"List:facture:facnumber",'f.facnumber'=>"Text",'f.datec'=>"Date",'f.datef'=>"Date",'f.date_lim_reglement'=>"Date",'f.total'=>"Numeric",'f.total_ttc'=>"Numeric",'f.tva'=>"Numeric",'f.paye'=>"Boolean",'f.fk_statut'=>'Status','f.note_private'=>"Text",'f.note_public'=>"Text",'pf.amount'=>'Numeric','p.datep'=>'Date','p.num_paiement'=>'Numeric','p.fk_bank'=>'Numeric'); - $this->export_TypeFields_array[$r]=array('s.nom'=>'Text','s.address'=>'Text','s.zip'=>'Text','s.town'=>'Text','c.code'=>'Text','s.phone'=>'Text','s.siren'=>'Text','s.siret'=>'Text','s.ape'=>'Text','s.idprof4'=>'Text','s.code_compta'=>'Text','s.code_compta_fournisseur'=>'Text','s.tva_intra'=>'Text','f.rowid'=>"Numeric",'f.facnumber'=>"Text",'f.datec'=>"Date",'f.datef'=>"Date",'f.date_lim_reglement'=>"Date",'f.total'=>"Numeric",'f.total_ttc'=>"Numeric",'f.tva'=>"Numeric",'f.paye'=>"Boolean",'f.fk_statut'=>'Status','f.note_private'=>"Text",'f.note_public'=>"Text",'pj.ref'=>'Text','p.amount'=>'Numeric','pf.amount'=>'Numeric','p.rowid'=>'Numeric','p.ref'=>'Text','p.datep'=>'Date','p.num_paiement'=>'Numeric','p.fk_bank'=>'Numeric','p.note'=>'Text','pt.code'=>'Text','pt.libelle'=>'text','ba.ref'=>'Text'); - $this->export_entities_array[$r]=array('s.rowid'=>"company",'s.nom'=>'company','s.address'=>'company','s.zip'=>'company','s.town'=>'company','c.code'=>'company','s.phone'=>'company','s.siren'=>'company','s.siret'=>'company','s.ape'=>'company','s.idprof4'=>'company','s.code_compta'=>'company','s.code_compta_fournisseur'=>'company','s.tva_intra'=>'company','f.rowid'=>"invoice",'f.facnumber'=>"invoice",'f.datec'=>"invoice",'f.datef'=>"invoice",'f.date_lim_reglement'=>"invoice",'f.total'=>"invoice",'f.total_ttc'=>"invoice",'f.tva'=>"invoice",'f.paye'=>"invoice",'f.fk_statut'=>'invoice','f.note_private'=>"invoice",'f.note_public'=>"invoice",'pj.ref'=>'project','p.rowid'=>'payment','p.ref'=>'payment','p.amount'=>'payment','pf.amount'=>'payment','p.datep'=>'payment','p.num_paiement'=>'payment','pt.code'=>'payment','pt.libelle'=>'payment','p.note'=>'payment','f.fk_user_author'=>'user','uc.login'=>'user','f.fk_user_valid'=>'user','uv.login'=>'user','p.fk_bank'=>'account','ba.ref'=>'account'); + $this->export_TypeFields_array[$r]=array('s.nom'=>'Text','s.address'=>'Text','s.zip'=>'Text','s.town'=>'Text','c.code'=>'Text','s.phone'=>'Text','s.siren'=>'Text','s.siret'=>'Text','s.ape'=>'Text','s.idprof4'=>'Text','s.code_compta'=>'Text','s.code_compta_fournisseur'=>'Text','s.tva_intra'=>'Text','f.rowid'=>"Numeric",'f.facnumber'=>"Text",'f.type'=>"Numeric",'f.datec'=>"Date",'f.datef'=>"Date",'f.date_lim_reglement'=>"Date",'f.total'=>"Numeric",'f.total_ttc'=>"Numeric",'f.tva'=>"Numeric",'f.paye'=>"Boolean",'f.fk_statut'=>'Status','f.note_private'=>"Text",'f.note_public'=>"Text",'pj.ref'=>'Text','p.amount'=>'Numeric','pf.amount'=>'Numeric','p.rowid'=>'Numeric','p.ref'=>'Text','p.datep'=>'Date','p.num_paiement'=>'Numeric','p.fk_bank'=>'Numeric','p.note'=>'Text','pt.code'=>'Text','pt.libelle'=>'text','ba.ref'=>'Text'); + $this->export_entities_array[$r]=array('s.rowid'=>"company",'s.nom'=>'company','s.address'=>'company','s.zip'=>'company','s.town'=>'company','c.code'=>'company','s.phone'=>'company','s.siren'=>'company','s.siret'=>'company','s.ape'=>'company','s.idprof4'=>'company','s.code_compta'=>'company','s.code_compta_fournisseur'=>'company','s.tva_intra'=>'company','f.rowid'=>"invoice",'f.facnumber'=>"invoice",'f.type'=>"invoice",'f.datec'=>"invoice",'f.datef'=>"invoice",'f.date_lim_reglement'=>"invoice",'f.total'=>"invoice",'f.total_ttc'=>"invoice",'f.tva'=>"invoice",'f.paye'=>"invoice",'f.fk_statut'=>'invoice','f.note_private'=>"invoice",'f.note_public'=>"invoice",'pj.ref'=>'project','p.rowid'=>'payment','p.ref'=>'payment','p.amount'=>'payment','pf.amount'=>'payment','p.datep'=>'payment','p.num_paiement'=>'payment','pt.code'=>'payment','pt.libelle'=>'payment','p.note'=>'payment','f.fk_user_author'=>'user','uc.login'=>'user','f.fk_user_valid'=>'user','uv.login'=>'user','p.fk_bank'=>'account','ba.ref'=>'account'); $this->export_dependencies_array[$r]=array('payment'=>'p.rowid'); // To add unique key if we ask a field of a child to avoid the DISTINCT to discard them $keyforselect='facture'; $keyforelement='invoice'; $keyforaliasextra='extra'; include DOL_DOCUMENT_ROOT.'/core/extrafieldsinexport.inc.php'; diff --git a/htdocs/core/modules/modProjet.class.php b/htdocs/core/modules/modProjet.class.php index c21390c3ece..67ee51a56a9 100644 --- a/htdocs/core/modules/modProjet.class.php +++ b/htdocs/core/modules/modProjet.class.php @@ -213,18 +213,23 @@ class modProjet extends DolibarrModules $this->export_dependencies_array[$r]=array('projecttask'=>'pt.rowid', 'task_time'=>'ptt.rowid'); $this->export_TypeFields_array[$r]=array('s.rowid'=>"List:societe:nom",'s.nom'=>'Text','s.address'=>'Text','s.zip'=>'Text','s.town'=>'Text','s.fk_pays'=>'List:c_country:label', - 's.phone'=>'Text','s.siren'=>'Text','s.siret'=>'Text','s.ape'=>'Text','s.idprof4'=>'Text','s.code_compta'=>'Text','s.code_compta_fournisseur'=>'Text', - 'p.rowid'=>"List:projet:ref",'p.ref'=>"Text",'p.title'=>"Text",'p.datec'=>"Date",'p.dateo'=>"Date",'p.datee'=>"Date",'p.fk_statut'=>'Status','cls.code'=>"Text",'p.opp_percent'=>'Numeric','p.description'=>"Text", + 's.phone'=>'Text','s.email'=>'Text','s.siren'=>'Text','s.siret'=>'Text','s.ape'=>'Text','s.idprof4'=>'Text','s.code_compta'=>'Text','s.code_compta_fournisseur'=>'Text', + 'p.rowid'=>"List:projet:ref",'p.ref'=>"Text",'p.title'=>"Text",'p.datec'=>"Date",'p.dateo'=>"Date",'p.datee'=>"Date",'p.fk_statut'=>'Status','cls.code'=>"Text",'p.opp_percent'=>'Numeric','p.opp_amount'=>'Numeric','p.description'=>"Text", 'pt.rowid'=>'Text','pt.label'=>'Text','pt.dateo'=>"Date",'pt.datee'=>"Date",'pt.duration_effective'=>"Duree",'pt.planned_workload'=>"Numeric",'pt.progress'=>"Numeric",'pt.description'=>"Text", 'ptt.rowid'=>'Numeric','ptt.task_date'=>'Date','ptt.task_duration'=>"Duree",'ptt.fk_user'=>"List:user:CONCAT(lastname,' ',firstname)",'ptt.note'=>"Text"); - $this->export_entities_array[$r]=array('s.rowid'=>"company",'s.nom'=>'company','s.address'=>'company','s.zip'=>'company','s.town'=>'company','s.fk_pays'=>'company', - 's.phone'=>'company','s.siren'=>'company','s.siret'=>'company','s.ape'=>'company','s.idprof4'=>'company','s.code_compta'=>'company','s.code_compta_fournisseur'=>'company'); + 's.phone'=>'company','s.email'=>'company','s.siren'=>'company','s.siret'=>'company','s.ape'=>'company','s.idprof4'=>'company','s.code_compta'=>'company','s.code_compta_fournisseur'=>'company'); $this->export_fields_array[$r]=array('s.rowid'=>"IdCompany",'s.nom'=>'CompanyName','s.address'=>'Address','s.zip'=>'Zip','s.town'=>'Town','s.fk_pays'=>'Country', - 's.phone'=>'Phone','s.siren'=>'ProfId1','s.siret'=>'ProfId2','s.ape'=>'ProfId3','s.idprof4'=>'ProfId4','s.code_compta'=>'CustomerAccountancyCode','s.code_compta_fournisseur'=>'SupplierAccountancyCode', - 'p.rowid'=>"ProjectId",'p.ref'=>"RefProject",'p.title'=>'ProjectLabel', 'p.datec'=>"DateCreation",'p.dateo'=>"DateStart",'p.datee'=>"DateEnd",'p.fk_statut'=>'ProjectStatus','cls.code'=>'OpportunityStatus','p.opp_percent'=>'OpportunityProbability','p.description'=>"Description"); - + 's.phone'=>'Phone','s.email'=>'Email','s.siren'=>'ProfId1','s.siret'=>'ProfId2','s.ape'=>'ProfId3','s.idprof4'=>'ProfId4','s.code_compta'=>'CustomerAccountancyCode','s.code_compta_fournisseur'=>'SupplierAccountancyCode', + 'p.rowid'=>"ProjectId",'p.ref'=>"RefProject",'p.title'=>'ProjectLabel', 'p.datec'=>"DateCreation",'p.dateo'=>"DateStart",'p.datee'=>"DateEnd",'p.fk_statut'=>'ProjectStatus','cls.code'=>'OpportunityStatus','p.opp_percent'=>'OpportunityProbability','p.opp_amount'=>'OpportunityAmount','p.description'=>"Description"); + if (empty($conf->global->PROJECT_USE_OPPORTUNITIES)) + { + unset($this->export_fields_array[$r]['p.opp_percent']); + unset($this->export_fields_array[$r]['p.opp_amount']); + unset($this->export_fields_array[$r]['cls.code']); + } + // Add fields for project $this->export_fields_array[$r]=array_merge($this->export_fields_array[$r], array()); $keyforselect='projet'; $keyforelement='project'; $keyforaliasextra='extra'; diff --git a/htdocs/core/modules/product/mod_codeproduct_elephant.php b/htdocs/core/modules/product/mod_codeproduct_elephant.php index 517cd0a7ce9..bb7eb09abf4 100644 --- a/htdocs/core/modules/product/mod_codeproduct_elephant.php +++ b/htdocs/core/modules/product/mod_codeproduct_elephant.php @@ -252,7 +252,7 @@ class mod_codeproduct_elephant extends ModeleProductCode // Get Mask value $mask = ''; if ($type==0) $mask = empty($conf->global->PRODUCT_ELEPHANT_MASK_PRODUCT)?'':$conf->global->PRODUCT_ELEPHANT_MASK_PRODUCT; - if ($type==1) $mask = empty($conf->global->PRODUCT_ELEPHANT_MASK_SSERVICE)?'':$conf->global->PRODUCT_ELEPHANT_MASK_SERVICE; + if ($type==1) $mask = empty($conf->global->PRODUCT_ELEPHANT_MASK_SERVICE)?'':$conf->global->PRODUCT_ELEPHANT_MASK_SERVICE; if (! $mask) { $this->error='NotConfigured'; diff --git a/htdocs/core/tpl/login.tpl.php b/htdocs/core/tpl/login.tpl.php index 5e79b71ee34..77422d317e5 100644 --- a/htdocs/core/tpl/login.tpl.php +++ b/htdocs/core/tpl/login.tpl.php @@ -89,7 +89,7 @@ $(document).ready(function () {
    - +
    "> \n"; print ''; - print ''; - print ''; - print ''; - + if (! empty($conf->banque->enabled)) + { + print ''; + print ''; + print ''; + } + // Number print ''; + print ''; } } diff --git a/htdocs/fourn/commande/list.php b/htdocs/fourn/commande/list.php index c8d333f578d..33b9c81fd0c 100644 --- a/htdocs/fourn/commande/list.php +++ b/htdocs/fourn/commande/list.php @@ -77,6 +77,7 @@ $search_total_vat=GETPOST('search_total_vat','alpha'); $search_total_ttc=GETPOST('search_total_ttc','alpha'); $optioncss = GETPOST('optioncss','alpha'); $billed = GETPOST('billed','int'); +$search_project_ref=GETPOST('search_project_ref','alpha'); $page = GETPOST('page','int'); $sortorder = GETPOST('sortorder','alpha'); @@ -204,6 +205,7 @@ if (GETPOST("button_removefilter_x") || GETPOST("button_removefilter.x") || GETP $deliverymonth=''; $deliveryyear=''; $billed=''; + $search_project_ref=''; $search_array_options=array(); } @@ -350,6 +352,7 @@ if ($search_user > 0) $sql.= " AND ec.fk_c_type_contact = tc.rowid AND tc.elemen if ($search_total_ht != '') $sql.= natural_search('cf.total_ht', $search_total_ht, 1); if ($search_total_vat != '') $sql.= natural_search('cf.tva', $search_total_vat, 1); if ($search_total_ttc != '') $sql.= natural_search('cf.total_ttc', $search_total_ttc, 1); +if ($search_project_ref != '') $sql.= natural_search("p.ref",$search_project_ref); // Add where from extra fields foreach ($search_array_options as $key => $val) diff --git a/htdocs/fourn/facture/list.php b/htdocs/fourn/facture/list.php index 89dfb083ea0..66411dc8422 100644 --- a/htdocs/fourn/facture/list.php +++ b/htdocs/fourn/facture/list.php @@ -6,7 +6,7 @@ * Copyright (C) 2013 Florian Henry * Copyright (C) 2013 Cédric Salvador * Copyright (C) 2015 Marcos García - * Copyright (C) 2015 juanjo Menent + * Copyright (C) 2015-2007 Juanjo Menent * Copyright (C) 2015 Abbes Bahfir * Copyright (C) 2015-2016 Ferran Marcet * @@ -46,6 +46,7 @@ if (!$user->rights->fournisseur->facture->lire) accessforbidden(); $langs->load("bills"); $langs->load("companies"); $langs->load('products'); +$langs->load('projects'); $socid = GETPOST('socid','int'); @@ -434,6 +435,7 @@ if ($resql) print ''; print ''; print ''; + print ''; print_barre_liste($langs->trans("BillsSuppliers").($socid?" $soc->name.":""),$page,$_SERVER["PHP_SELF"],$param,$sortfield,$sortorder,'',$num,$nbtotalofrecords,'title_accountancy',0,'','',$limit); @@ -788,7 +790,7 @@ if ($resql) $thirdparty->name=$obj->name; $thirdparty->client=$obj->client; $thirdparty->code_client=$obj->code_client; - print $thirdparty->getNomUrl(1,'customer'); + print $thirdparty->getNomUrl(1,'supplier'); print ''; if (! $i) $totalarray['nbfield']++; } diff --git a/htdocs/fourn/facture/paiement.php b/htdocs/fourn/facture/paiement.php index bc01a38fc59..416e8c3c7c1 100644 --- a/htdocs/fourn/facture/paiement.php +++ b/htdocs/fourn/facture/paiement.php @@ -565,19 +565,16 @@ if (empty($action)) if (!$user->rights->societe->client->voir) $sql .= ' sc.fk_soc, sc.fk_user,'; $sql.= ' SUM(f.amount)'; $sql.= ' FROM '.MAIN_DB_PREFIX.'paiementfourn AS p'; - if (!$user->rights->societe->client->voir) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql.= ' LEFT JOIN '.MAIN_DB_PREFIX.'paiementfourn_facturefourn AS pf ON p.rowid=pf.fk_paiementfourn'; $sql.= ' LEFT JOIN '.MAIN_DB_PREFIX.'facture_fourn AS f ON f.rowid=pf.fk_facturefourn'; $sql.= ' LEFT JOIN '.MAIN_DB_PREFIX.'c_paiement AS c ON p.fk_paiement = c.id'; $sql.= ' LEFT JOIN '.MAIN_DB_PREFIX.'societe AS s ON s.rowid = f.fk_soc'; $sql.= ' LEFT JOIN '.MAIN_DB_PREFIX.'bank as b ON p.fk_bank = b.rowid'; $sql.= ' LEFT JOIN '.MAIN_DB_PREFIX.'bank_account as ba ON b.fk_account = ba.rowid'; + if (!$user->rights->societe->client->voir) $sql .= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql.= " WHERE f.entity = ".$conf->entity; if (!$user->rights->societe->client->voir) $sql .= " AND s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id; - if ($socid) - { - $sql .= ' AND f.fk_soc = '.$socid; - } + if ($socid > 0) $sql .= ' AND f.fk_soc = '.$socid; // Search criteria if ($search_ref) $sql .= natural_search('p.rowid', $search_ref); if ($search_account > 0) $sql .=" AND b.fk_account=".$search_account; diff --git a/htdocs/langs/en_US/admin.lang b/htdocs/langs/en_US/admin.lang index 7cb41b1d708..8aa36f0544a 100644 --- a/htdocs/langs/en_US/admin.lang +++ b/htdocs/langs/en_US/admin.lang @@ -560,7 +560,7 @@ Permission34=Delete products Permission36=See/manage hidden products Permission38=Export products Permission41=Read projects and tasks (shared project and projects i'm contact for). Can also enter time consumed on assigned tasks (timesheet) -Permission42=Create/modify projects (shared project and projects i'm contact for) +Permission42=Create/modify projects (shared project and projects i'm contact for). Can also create tasks and assign users to project and tasks Permission44=Delete projects (shared project and projects i'm contact for) Permission45=Export projects Permission61=Read interventions @@ -663,7 +663,7 @@ PermissionAdvanced253=Create/modify internal/external users and permissions Permission254=Create/modify external users only Permission255=Modify other users password Permission256=Delete or disable other users -Permission262=Extend access to all third parties (not only those linked to user). Not effective for external users (always limited to themselves). +Permission262=Extend access to all third parties (not only third parties that user is a sale representative). Not effective for external users (always limited to themselves for proposals, orders, invoices, contracts, etc). Not effective for projects (only rules on project permissions, visibility and assignement matters). Permission271=Read CA Permission272=Read invoices Permission273=Issue invoices diff --git a/htdocs/langs/en_US/categories.lang b/htdocs/langs/en_US/categories.lang index 976c8a50d93..b8a1e5ef58b 100644 --- a/htdocs/langs/en_US/categories.lang +++ b/htdocs/langs/en_US/categories.lang @@ -1,6 +1,7 @@ # Dolibarr language file - Source file is en_US - categories Rubrique=Tag/Category Rubriques=Tags/Categories +RubriquesTransactions=Tags/Categories of transactions categories=tags/categories NoCategoryYet=No tag/category of this type created In=In diff --git a/htdocs/langs/en_US/errors.lang b/htdocs/langs/en_US/errors.lang index 6b99049e9ef..2596aef5ee8 100644 --- a/htdocs/langs/en_US/errors.lang +++ b/htdocs/langs/en_US/errors.lang @@ -176,6 +176,9 @@ ErrorStockIsNotEnoughToAddProductOnShipment=Stock is not enough for product %s t ErrorStockIsNotEnoughToAddProductOnProposal=Stock is not enough for product %s to add it into a new proposal. ErrorFailedToLoadLoginFileForMode=Failed to get the login key for mode '%s'. ErrorPhpMailDelivery=Check that you don't use a too high number of recipients and that your email content is not similar to a Spam. Ask also your administrator to check firewall and server logs files for a more complete information. +ErrorUserNotAssignedToTask=User must be assigned to task to be able to enter time consumed. +ErrorModuleFileSeemsToHaveAWrongFormat=The module package seems to have a wrong format. +ErrorFilenameDosNotMatchDolibarrPackageRules=The name of the module package (%s) does not match expected name syntax: %s # Warnings WarningPasswordSetWithNoAccount=A password was set for this member. However, no user account was created. So this password is stored but can't be used to login to Dolibarr. It may be used by an external module/interface but if you don't need to define any login nor password for a member, you can disable option "Manage a login for each member" from Member module setup. If you need to manage a login but don't need any password, you can keep this field empty to avoid this warning. Note: Email can also be used as a login if the member is linked to a user. diff --git a/htdocs/langs/en_US/main.lang b/htdocs/langs/en_US/main.lang index 1cc51fa7037..61356f0afd7 100644 --- a/htdocs/langs/en_US/main.lang +++ b/htdocs/langs/en_US/main.lang @@ -447,6 +447,7 @@ DeletePicture=Picture delete ConfirmDeletePicture=Confirm picture deletion? Login=Login CurrentLogin=Current login +EnterLoginDetail=Enter login details January=January February=February March=March diff --git a/htdocs/main.inc.php b/htdocs/main.inc.php index 5105a8eef32..1a832990f38 100644 --- a/htdocs/main.inc.php +++ b/htdocs/main.inc.php @@ -576,9 +576,10 @@ if (! defined('NOLOGIN')) { // We are already into an authenticated session $login=$_SESSION["dol_login"]; - dol_syslog("This is an already logged session. _SESSION['dol_login']=".$login, LOG_DEBUG); + $entity=$_SESSION["dol_entity"]; + dol_syslog("This is an already logged session. _SESSION['dol_login']=".$login." _SESSION['dol_entity']=".$entity, LOG_DEBUG); - $resultFetchUser=$user->fetch('',$login); + $resultFetchUser=$user->fetch('',$login,'',1,($entity > 0 ? $entity : -1)); if ($resultFetchUser <= 0) { // Account has been removed after login @@ -1700,8 +1701,10 @@ function left_menu($menu_array_before, $helppagename='', $notused='', $menu_arra else $appli.=" ".DOL_VERSION; print '
    '; if ($doliurl) print ''; + else print ''; print $appli; if ($doliurl) print ''; + else print ''; print '
    '."\n"; // Link to bugtrack diff --git a/htdocs/margin/agentMargins.php b/htdocs/margin/agentMargins.php index 0cd8243f7a8..d5f50d7529c 100644 --- a/htdocs/margin/agentMargins.php +++ b/htdocs/margin/agentMargins.php @@ -115,6 +115,7 @@ $sql = "SELECT"; if ($agentid > 0) $sql.= " s.rowid as socid, s.nom as name, s.code_client, s.client,"; $sql.= " u.rowid as agent, u.login, u.lastname, u.firstname,"; $sql.= " sum(d.total_ht) as selling_price,"; +// Note: qty and buy_price_ht is always positive (if not your database may be corrupted, you can update this) $sql.= " sum(".$db->ifsql('d.total_ht < 0','d.qty * d.buy_price_ht * -1','d.qty * d.buy_price_ht').") as buying_price,"; $sql.= " sum(".$db->ifsql('d.total_ht < 0','-1 * (abs(d.total_ht) - (d.buy_price_ht * d.qty))','d.total_ht - (d.buy_price_ht * d.qty)').") as marge" ; $sql.= " FROM ".MAIN_DB_PREFIX."societe as s"; @@ -124,6 +125,7 @@ $sql.= ", ".MAIN_DB_PREFIX."facturedet as d"; $sql.= ", ".MAIN_DB_PREFIX."societe_commerciaux as sc"; $sql.= ", ".MAIN_DB_PREFIX."user as u"; $sql.= " WHERE f.fk_soc = s.rowid"; +$sql.= " AND f.entity = ".$conf->entity; $sql.= " AND sc.fk_soc = f.fk_soc"; $sql.= " AND (d.product_type = 0 OR d.product_type = 1)"; if (! empty($conf->global->AGENT_CONTACT_TYPE)) diff --git a/htdocs/margin/customerMargins.php b/htdocs/margin/customerMargins.php index 7f6d5a951c2..3d95d2ae091 100644 --- a/htdocs/margin/customerMargins.php +++ b/htdocs/margin/customerMargins.php @@ -164,6 +164,7 @@ $sql = "SELECT"; $sql.= " s.rowid as socid, s.nom as name, s.code_client, s.client,"; if ($client) $sql.= " f.rowid as facid, f.facnumber, f.total as total_ht, f.datef, f.paye, f.fk_statut as statut,"; $sql.= " sum(d.total_ht) as selling_price,"; +// Note: qty and buy_price_ht is always positive (if not your database may be corrupted, you can update this) $sql.= " sum(".$db->ifsql('d.total_ht < 0','d.qty * d.buy_price_ht * -1','d.qty * d.buy_price_ht').") as buying_price,"; $sql.= " sum(".$db->ifsql('d.total_ht < 0','-1 * (abs(d.total_ht) - (d.buy_price_ht * d.qty))','d.total_ht - (d.buy_price_ht * d.qty)').") as marge"; $sql.= " FROM ".MAIN_DB_PREFIX."societe as s"; diff --git a/htdocs/margin/lib/margins.lib.php b/htdocs/margin/lib/margins.lib.php index 84d7945ec0d..d7dbd5d81eb 100644 --- a/htdocs/margin/lib/margins.lib.php +++ b/htdocs/margin/lib/margins.lib.php @@ -109,7 +109,7 @@ function marges_prepare_head() * @param float $localtax2_tx Vat rate special 2 (not used) * @param int $fk_pa Id of buying price (prefer set this to 0 and provide $paht instead. With id, buying price may have change) * @param float $paht Buying price without tax - * @return array Array of margin info + * @return array Array of margin info (buying price, marge rate, marque rate) */ function getMarginInfos($pvht, $remise_percent, $tva_tx, $localtax1_tx, $localtax2_tx, $fk_pa, $paht) { @@ -134,7 +134,7 @@ function getMarginInfos($pvht, $remise_percent, $tva_tx, $localtax1_tx, $localta } else { - $paht_ret = $paht; + $paht_ret = $paht; } // Calculate selling unit price including line discount diff --git a/htdocs/margin/productMargins.php b/htdocs/margin/productMargins.php index b4609633447..ac9d61fb814 100644 --- a/htdocs/margin/productMargins.php +++ b/htdocs/margin/productMargins.php @@ -166,6 +166,7 @@ $sql = "SELECT p.label, p.rowid, p.fk_product_type, p.ref, p.entity as pentity," if ($id > 0) $sql.= " d.fk_product,"; if ($id > 0) $sql.= " f.rowid as facid, f.facnumber, f.total as total_ht, f.datef, f.paye, f.fk_statut as statut,"; $sql.= " SUM(d.total_ht) as selling_price,"; +// Note: qty and buy_price_ht is always positive (if not your database may be corrupted, you can update this) $sql.= " SUM(".$db->ifsql('d.total_ht < 0','d.qty * d.buy_price_ht * -1','d.qty * d.buy_price_ht').") as buying_price,"; $sql.= " SUM(".$db->ifsql('d.total_ht < 0','-1 * (abs(d.total_ht) - (d.buy_price_ht * d.qty))','d.total_ht - (d.buy_price_ht * d.qty)').") as marge"; $sql.= " FROM ".MAIN_DB_PREFIX."societe as s"; diff --git a/htdocs/product/admin/price_rules.php b/htdocs/product/admin/price_rules.php index e284572e7e7..224acd9c04b 100644 --- a/htdocs/product/admin/price_rules.php +++ b/htdocs/product/admin/price_rules.php @@ -155,7 +155,6 @@ $genPriceOptions = function($level) use ($price_options) { return $return; }; - ?>
    diff --git a/htdocs/core/tpl/objectline_view.tpl.php b/htdocs/core/tpl/objectline_view.tpl.php index 559cae91464..fabba837e21 100644 --- a/htdocs/core/tpl/objectline_view.tpl.php +++ b/htdocs/core/tpl/objectline_view.tpl.php @@ -69,19 +69,20 @@ if (empty($usemargins)) $usemargins=0; description) { - if ($line->description == '(CREDIT_NOTE)' && $objp->fk_remise_except > 0) + if ($line->description == '(CREDIT_NOTE)' && $line->fk_remise_except > 0) { $discount=new DiscountAbsolute($this->db); $discount->fetch($line->fk_remise_except); echo ($txt?' - ':'').$langs->transnoentities("DiscountFromCreditNote",$discount->getNomUrl(0)); } - elseif ($line->description == '(DEPOSIT)' && $objp->fk_remise_except > 0) + elseif ($line->description == '(DEPOSIT)' && $line->fk_remise_except > 0) { $discount=new DiscountAbsolute($this->db); $discount->fetch($line->fk_remise_except); echo ($txt?' - ':'').$langs->transnoentities("DiscountFromDeposit",$discount->getNomUrl(0)); // Add date of deposit - if (! empty($conf->global->INVOICE_ADD_DEPOSIT_DATE)) echo ' ('.dol_print_date($discount->datec).')'; + if (! empty($conf->global->INVOICE_ADD_DEPOSIT_DATE)) + echo ' ('.dol_print_date($discount->datec).')'; } else { diff --git a/htdocs/expensereport/class/paymentexpensereport.class.php b/htdocs/expensereport/class/paymentexpensereport.class.php index 7cda584abbf..9fc8c7627dd 100644 --- a/htdocs/expensereport/class/paymentexpensereport.class.php +++ b/htdocs/expensereport/class/paymentexpensereport.class.php @@ -524,13 +524,14 @@ class PaymentExpenseReport extends CommonObject { if ($mode == 'payment_expensereport') { - $euser = new User($this->db); - $euser->fetch($key); + $er = new ExpenseReport($this->db); + $er->fetch($key); + $er->fetch_user($er->fk_user_author); $result=$acc->add_url_line( $bank_line_id, - $euser->id, + $er->user->id, DOL_URL_ROOT.'/user/card.php?id=', - $euser->getFullName($langs), + $er->user->getFullName($langs), 'user' ); if ($result <= 0) diff --git a/htdocs/expensereport/payment/payment.php b/htdocs/expensereport/payment/payment.php index e361a9954c0..c957b171e79 100644 --- a/htdocs/expensereport/payment/payment.php +++ b/htdocs/expensereport/payment/payment.php @@ -28,6 +28,7 @@ require_once DOL_DOCUMENT_ROOT.'/expensereport/class/paymentexpensereport.class. require_once DOL_DOCUMENT_ROOT.'/compta/bank/class/account.class.php'; $langs->load("bills"); +$langs->load("banks"); $chid=GETPOST("id"); $action=GETPOST('action'); @@ -62,22 +63,22 @@ if ($action == 'add_payment') $datepaid = dol_mktime(12, 0, 0, $_POST["remonth"], $_POST["reday"], $_POST["reyear"]); - if (! $_POST["fk_typepayment"] > 0) + if (! ($_POST["fk_typepayment"] > 0)) { - $mesg = $langs->trans("ErrorFieldRequired",$langs->transnoentities("PaymentMode")); + setEventMessages($langs->trans("ErrorFieldRequired",$langs->transnoentities("PaymentMode")), null, 'errors'); $error++; } if ($datepaid == '') { - $mesg = $langs->trans("ErrorFieldRequired",$langs->transnoentities("Date")); + setEventMessages($langs->trans("ErrorFieldRequired",$langs->transnoentities("Date")), null, 'errors'); $error++; } - if (! empty($conf->banque->enabled) && ! $accountid > 0) + if (! empty($conf->banque->enabled) && ! ($accountid > 0)) { - $mesg = $langs->trans("ErrorFieldRequired",$langs->transnoentities("AccountToCredit")); + setEventMessages($langs->trans("ErrorFieldRequired",$langs->transnoentities("AccountToDebit")), null, 'errors'); $error++; } - + if (! $error) { $paymentid = 0; @@ -163,7 +164,6 @@ $form=new Form($db); // Form to create expense report payment if (GETPOST("action") == 'create') { - $expensereport = new ExpenseReport($db); $expensereport->fetch($chid); @@ -171,11 +171,6 @@ if (GETPOST("action") == 'create') print load_fiche_titre($langs->trans("DoPayment")); - if ($mesg) - { - print "
    $mesg
    "; - } - print '
    '; print ''; print ''; @@ -222,12 +217,15 @@ if (GETPOST("action") == 'create') print "
    '.$langs->trans('AccountToDebit').''; - $form->select_comptes(isset($_POST["accountid"])?$_POST["accountid"]:$expensereport->accountid, "accountid", 0, '',1); // Show open bank account list - print '
    '.$langs->trans('AccountToDebit').''; + $form->select_comptes(isset($_POST["accountid"])?$_POST["accountid"]:$expensereport->accountid, "accountid", 0, '',1); // Show open bank account list + print '
    '.$langs->trans('Numero'); print ' ('.$langs->trans("ChequeOrTransferNumber").')'; @@ -243,9 +241,7 @@ if (GETPOST("action") == 'create') dol_fiche_end(); - /* - * Autres charges impayees - */ + // List of expenses ereport not already paid completely $num = 1; $i = 0; diff --git a/htdocs/fichinter/card.php b/htdocs/fichinter/card.php index 290f650faa1..d81f25b0c71 100644 --- a/htdocs/fichinter/card.php +++ b/htdocs/fichinter/card.php @@ -583,7 +583,7 @@ if (empty($reshook)) } } - // Classify Billed + // Classify unbilled else if ($action == 'classifyunbilled' && $user->rights->ficheinter->creer) { $result=$object->setStatut(1); @@ -598,6 +598,21 @@ if (empty($reshook)) } } + // Classify Done + else if ($action == 'classifydone' && $user->rights->ficheinter->creer) + { + $result=$object->setStatut(3); + if ($result > 0) + { + header('Location: '.$_SERVER["PHP_SELF"].'?id='.$object->id); + exit; + } + else + { + setEventMessages($object->error, $object->errors, 'errors'); + } + } + /* * Mise a jour d'une ligne d'intervention */ diff --git a/htdocs/filefunc.inc.php b/htdocs/filefunc.inc.php index eddcf1ebbdf..d2ca04278ff 100644 --- a/htdocs/filefunc.inc.php +++ b/htdocs/filefunc.inc.php @@ -31,7 +31,7 @@ */ if (! defined('DOL_APPLICATION_TITLE')) define('DOL_APPLICATION_TITLE','Dolibarr'); -if (! defined('DOL_VERSION')) define('DOL_VERSION','4.0.4'); +if (! defined('DOL_VERSION')) define('DOL_VERSION','4.0.6'); if (! defined('EURO')) define('EURO',chr(128)); diff --git a/htdocs/fourn/class/fournisseur.commande.class.php b/htdocs/fourn/class/fournisseur.commande.class.php index 99babcda7fe..8a788c2723e 100644 --- a/htdocs/fourn/class/fournisseur.commande.class.php +++ b/htdocs/fourn/class/fournisseur.commande.class.php @@ -2752,7 +2752,8 @@ class CommandeFournisseurLigne extends CommonOrderLine $sql.= ' cd.info_bits, cd.total_ht, cd.total_tva, cd.total_ttc,'; $sql.= ' cd.total_localtax1, cd.total_localtax2,'; $sql.= ' p.ref as product_ref, p.label as product_libelle, p.description as product_desc,'; - $sql.= ' cd.date_start, cd.date_end, cd.fk_unit'; + $sql.= ' cd.date_start, cd.date_end, cd.fk_unit,'; + $sql.= ' cd.multicurrency_subprice, cd.multicurrency_total_ht, cd.multicurrency_total_tva, cd.multicurrency_total_ttc'; $sql.= ' FROM '.MAIN_DB_PREFIX.'commande_fournisseurdet as cd'; $sql.= ' LEFT JOIN '.MAIN_DB_PREFIX.'product as p ON cd.fk_product = p.rowid'; $sql.= ' WHERE cd.rowid = '.$rowid; @@ -2760,33 +2761,38 @@ class CommandeFournisseurLigne extends CommonOrderLine if ($result) { $objp = $this->db->fetch_object($result); - $this->rowid = $objp->rowid; - $this->fk_commande = $objp->fk_commande; - $this->desc = $objp->description; - $this->qty = $objp->qty; - $this->subprice = $objp->subprice; - $this->tva_tx = $objp->tva_tx; - $this->localtax1_tx = $objp->localtax1_tx; - $this->localtax2_tx = $objp->localtax2_tx; - $this->remise = $objp->remise; - $this->remise_percent = $objp->remise_percent; - $this->fk_product = $objp->fk_product; - $this->info_bits = $objp->info_bits; - $this->total_ht = $objp->total_ht; - $this->total_tva = $objp->total_tva; - $this->total_localtax1 = $objp->total_localtax1; - $this->total_localtax2 = $objp->total_localtax2; - $this->total_ttc = $objp->total_ttc; - $this->product_type = $objp->product_type; + $this->rowid = $objp->rowid; + $this->fk_commande = $objp->fk_commande; + $this->desc = $objp->description; + $this->qty = $objp->qty; + $this->subprice = $objp->subprice; + $this->tva_tx = $objp->tva_tx; + $this->localtax1_tx = $objp->localtax1_tx; + $this->localtax2_tx = $objp->localtax2_tx; + $this->remise = $objp->remise; + $this->remise_percent = $objp->remise_percent; + $this->fk_product = $objp->fk_product; + $this->info_bits = $objp->info_bits; + $this->total_ht = $objp->total_ht; + $this->total_tva = $objp->total_tva; + $this->total_localtax1 = $objp->total_localtax1; + $this->total_localtax2 = $objp->total_localtax2; + $this->total_ttc = $objp->total_ttc; + $this->product_type = $objp->product_type; - $this->ref = $objp->product_ref; - $this->product_libelle = $objp->product_libelle; - $this->product_desc = $objp->product_desc; - - $this->date_start = $this->db->jdate($objp->date_start); - $this->date_end = $this->db->jdate($objp->date_end); - $this->fk_unit = $objp->fk_unit; + $this->ref = $objp->product_ref; + $this->product_libelle = $objp->product_libelle; + $this->product_desc = $objp->product_desc; + $this->date_start = $this->db->jdate($objp->date_start); + $this->date_end = $this->db->jdate($objp->date_end); + $this->fk_unit = $objp->fk_unit; + + $this->multicurrency_subprice = $objp->multicurrency_subprice; + $this->multicurrency_total_ht = $objp->multicurrency_total_ht; + $this->multicurrency_total_tva = $objp->multicurrency_total_tva; + $this->multicurrency_total_ttc = $objp->multicurrency_total_ttc; + $this->db->free($result); return 1; } diff --git a/htdocs/fourn/class/fournisseur.facture.class.php b/htdocs/fourn/class/fournisseur.facture.class.php index bc7f5bfdca6..bb3d303b32e 100644 --- a/htdocs/fourn/class/fournisseur.facture.class.php +++ b/htdocs/fourn/class/fournisseur.facture.class.php @@ -1627,6 +1627,7 @@ class FactureFournisseur extends CommonInvoice } else { + $this->error=$obj->error; //dol_print_error($db,get_class($this)."::getNextNumRef ".$obj->error); return false; } @@ -2075,8 +2076,9 @@ class SupplierInvoiceLine extends CommonObjectLine { $sql = 'SELECT f.rowid, f.ref as ref_supplier, f.description, f.pu_ht, f.pu_ttc, f.qty, f.remise_percent, f.tva_tx'; $sql.= ', f.localtax1_type, f.localtax2_type, f.localtax1_tx, f.localtax2_tx, f.total_localtax1, f.total_localtax2 '; - $sql.= ', f.total_ht, f.tva as total_tva, f.total_ttc, f.fk_product, f.product_type, f.info_bits, f.rang, f.special_code, f.fk_parent_line, f.fk_unit'; + $sql.= ', f.total_ht, f.tva as total_tva, f.total_ttc, f.fk_facture_fourn, f.fk_product, f.product_type, f.info_bits, f.rang, f.special_code, f.fk_parent_line, f.fk_unit'; $sql.= ', p.rowid as product_id, p.ref as product_ref, p.label as label, p.description as product_desc'; + $sql.= ', f.multicurrency_subprice, f.multicurrency_total_ht, f.multicurrency_total_tva, multicurrency_total_ttc'; $sql.= ' FROM '.MAIN_DB_PREFIX.'facture_fourn_det as f'; $sql.= ' LEFT JOIN '.MAIN_DB_PREFIX.'product as p ON f.fk_product = p.rowid'; $sql.= ' WHERE f.rowid = '.$rowid; @@ -2097,6 +2099,7 @@ class SupplierInvoiceLine extends CommonObjectLine $this->id = $obj->rowid; $this->rowid = $obj->rowid; + $this->fk_facture_fourn = $obj->fk_facture_fourn; $this->description = $obj->description; $this->product_ref = $obj->product_ref; $this->ref = $obj->product_ref; @@ -2129,6 +2132,11 @@ class SupplierInvoiceLine extends CommonObjectLine $this->rang = $obj->rang; $this->fk_unit = $obj->fk_unit; + $this->multicurrency_subprice = $obj->multicurrency_subprice; + $this->multicurrency_total_ht = $obj->multicurrency_total_ht; + $this->multicurrency_total_tva = $obj->multicurrency_total_tva; + $this->multicurrency_total_ttc = $obj->multicurrency_total_ttc; + return 1; } diff --git a/htdocs/fourn/commande/dispatch.php b/htdocs/fourn/commande/dispatch.php index 51b6aa48e84..960c0db42c4 100644 --- a/htdocs/fourn/commande/dispatch.php +++ b/htdocs/fourn/commande/dispatch.php @@ -314,7 +314,7 @@ if ($id > 0 || ! empty($ref)) if ($commande->methode_commande) { - print '
    '.$langs->trans("Method").''.$commande->methode_commande.'
    '.$langs->trans("Method").''.$commande->getInputMethod().'
    @@ -173,7 +172,8 @@ $genPriceOptions = function($level) use ($price_options) { '; // Batch number if ($conf->productbatch->enabled) diff --git a/htdocs/projet/card.php b/htdocs/projet/card.php index ad1d718fc55..8345ce69846 100644 --- a/htdocs/projet/card.php +++ b/htdocs/projet/card.php @@ -68,7 +68,7 @@ if ($id > 0 || ! empty($ref)) // Security check $socid=GETPOST('socid'); -if ($user->societe_id > 0) $socid=$user->societe_id; +//if ($user->societe_id > 0) $socid = $user->societe_id; // For external user, no check is done on company because readability is managed by public status of project and assignement. $result = restrictedArea($user, 'projet', $object->id,'projet&project'); // fetch optionals attributes and labels diff --git a/htdocs/projet/class/project.class.php b/htdocs/projet/class/project.class.php index 1de78f46021..1887c88af49 100644 --- a/htdocs/projet/class/project.class.php +++ b/htdocs/projet/class/project.class.php @@ -3,7 +3,8 @@ * Copyright (C) 2005-2016 Laurent Destailleur * Copyright (C) 2005-2010 Regis Houssin * Copyright (C) 2013 Florian Henry - * Copyright (C) 2014-2015 Marcos García + * Copyright (C) 2014-2017 Marcos García + * Copyright (C) 2017 Ferran Marcet * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -292,7 +293,7 @@ class Project extends CommonObject } } - if (! $error && (is_object($this->oldcopy) && $this->oldcopy->ref != $this->ref)) + if (! $error && (is_object($this->oldcopy) && $this->oldcopy->ref !== $this->ref)) { // We remove directory if ($conf->projet->dir_output) @@ -1689,17 +1690,21 @@ class Project extends CommonObject */ function load_state_board() { - global $conf; + global $user; $this->nb=array(); - - $sql = "SELECT count(u.rowid) as nb"; - $sql.= " FROM ".MAIN_DB_PREFIX."projet as u"; - $sql.= " WHERE"; - //$sql.= " WHERE u.fk_statut > 0"; - //$sql.= " AND employee != 0"; - $sql.= " u.entity IN (".getEntity('projet', 1).")"; - + + $sql = "SELECT DISTINCT + count(p.rowid) as nb +FROM ".MAIN_DB_PREFIX."projet AS p LEFT JOIN ".MAIN_DB_PREFIX."societe AS s ON p.fk_soc = s.rowid + LEFT JOIN ".MAIN_DB_PREFIX."c_lead_status AS cls ON p.fk_opp_status = cls.rowid +WHERE p.entity IN (".getEntity('projet', 1).")"; + + if (! $user->rights->projet->all->lire) { + $projectsListId = $this->getProjectsAuthorizedForUser($user,0,1); + $sql .= "AND p.rowid IN (".$projectsListId.")"; + } + $resql=$this->db->query($sql); if ($resql) { diff --git a/htdocs/projet/contact.php b/htdocs/projet/contact.php index 794e9c3af00..492578905d9 100644 --- a/htdocs/projet/contact.php +++ b/htdocs/projet/contact.php @@ -46,7 +46,7 @@ include DOL_DOCUMENT_ROOT.'/core/actions_fetchobject.inc.php'; // Must be inclu // Security check $socid=0; -if ($user->societe_id > 0) $socid=$user->societe_id; +//if ($user->societe_id > 0) $socid = $user->societe_id; // For external user, no check is done on company because readability is managed by public status of project and assignement. $result = restrictedArea($user, 'projet', $id,'projet&project'); diff --git a/htdocs/projet/document.php b/htdocs/projet/document.php index d59dec0dc4a..5bd46389eef 100644 --- a/htdocs/projet/document.php +++ b/htdocs/projet/document.php @@ -42,7 +42,7 @@ $mine = (GETPOST('mode','alpha') == 'mine' ? 1 : 0); // Security check $socid=0; -if ($user->societe_id > 0) $socid=$user->societe_id; +//if ($user->societe_id > 0) $socid = $user->societe_id; // For external user, no check is done on company because readability is managed by public status of project and assignement. $result=restrictedArea($user,'projet',$id,'projet&project'); $object = new Project($db); diff --git a/htdocs/projet/element.php b/htdocs/projet/element.php index 5673f74aa34..0e83fbe26a1 100644 --- a/htdocs/projet/element.php +++ b/htdocs/projet/element.php @@ -92,7 +92,7 @@ include DOL_DOCUMENT_ROOT.'/core/actions_fetchobject.inc.php'; // Must be inclu // Security check $socid=$object->socid; -if ($user->societe_id > 0) $socid=$user->societe_id; +//if ($user->societe_id > 0) $socid = $user->societe_id; // For external user, no check is done on company because readability is managed by public status of project and assignement. $result = restrictedArea($user, 'projet', $projectid, 'projet&project'); @@ -612,7 +612,9 @@ foreach ($listofreferent as $key => $value) { $addform.='
    '; if ($testnew) $addform.=''.($buttonnew?$langs->trans($buttonnew):$langs->trans("Create")).''; - else $addform.=''.($buttonnew?$langs->trans($buttonnew):$langs->trans("Create")).''; + elseif (empty($conf->global->MAIN_BUTTON_HIDE_UNAUTHORIZED)) { + $addform.=''.($buttonnew?$langs->trans($buttonnew):$langs->trans("Create")).''; + } $addform.='
    '; } @@ -954,7 +956,7 @@ foreach ($listofreferent as $key => $value) print '
    '; //if (empty($value['disableamount']) && ! in_array($tablename, array('projet_task'))) print ''; @@ -962,8 +964,7 @@ foreach ($listofreferent as $key => $value) print ''; print ''; diff --git a/htdocs/projet/ganttview.php b/htdocs/projet/ganttview.php index b86a961bd69..2b992e05ef6 100644 --- a/htdocs/projet/ganttview.php +++ b/htdocs/projet/ganttview.php @@ -43,7 +43,7 @@ include DOL_DOCUMENT_ROOT.'/core/actions_fetchobject.inc.php'; // Must be inclu // Security check $socid=0; -if ($user->societe_id > 0) $socid=$user->societe_id; +//if ($user->societe_id > 0) $socid = $user->societe_id; // For external user, no check is done on company because readability is managed by public status of project and assignement. $result = restrictedArea($user, 'projet', $id,'projet&project'); $langs->load("users"); diff --git a/htdocs/projet/index.php b/htdocs/projet/index.php index 752e3615464..20fca4b5abf 100644 --- a/htdocs/projet/index.php +++ b/htdocs/projet/index.php @@ -37,7 +37,7 @@ $mine = GETPOST('mode')=='mine' ? 1 : 0; // Security check $socid=0; -if ($user->societe_id > 0) $socid=$user->societe_id; +//if ($user->societe_id > 0) $socid = $user->societe_id; // For external user, no check is done on company because readability is managed by public status of project and assignement. if (!$user->rights->projet->lire) accessforbidden(); $sortfield = GETPOST("sortfield",'alpha'); diff --git a/htdocs/projet/info.php b/htdocs/projet/info.php index c2e45560f74..281a2f8c94d 100644 --- a/htdocs/projet/info.php +++ b/htdocs/projet/info.php @@ -34,7 +34,7 @@ $langs->load("projects"); // Security check $socid=0; $id = GETPOST("id",'int'); -if ($user->societe_id) $socid=$user->societe_id; +//if ($user->societe_id > 0) $socid = $user->societe_id; // For external user, no check is done on company because readability is managed by public status of project and assignement. $result=restrictedArea($user,'projet',$id,''); diff --git a/htdocs/projet/list.php b/htdocs/projet/list.php index 6e7ccc26dd5..721baca4ced 100644 --- a/htdocs/projet/list.php +++ b/htdocs/projet/list.php @@ -40,7 +40,7 @@ $title = $langs->trans("Projects"); // Security check $socid = (is_numeric($_GET["socid"]) ? $_GET["socid"] : 0 ); -if ($user->societe_id > 0) $socid=$user->societe_id; +//if ($user->societe_id > 0) $socid = $user->societe_id; // For external user, no check is done on company because readability is managed by public status of project and assignement. if ($socid > 0) { $soc = new Societe($db); @@ -220,7 +220,9 @@ if (is_array($extrafields->attribute_label) && count($extrafields->attribute_lab $sql.= " LEFT JOIN ".MAIN_DB_PREFIX."societe as s on p.fk_soc = s.rowid"; $sql.= " LEFT JOIN ".MAIN_DB_PREFIX."c_lead_status as cls on p.fk_opp_status = cls.rowid"; // We'll need this table joined to the select in order to filter by sale -if ($search_sale > 0 || (! $user->rights->societe->client->voir && ! $socid)) $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON sc.fk_soc = s.rowid"; +// For external user, no check is done on company permission because readability is managed by public status of project and assignement. +//if ($search_sale > 0 || (! $user->rights->societe->client->voir && ! $socid)) $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON sc.fk_soc = s.rowid"; +if ($search_sale > 0) $sql .= " LEFT JOIN ".MAIN_DB_PREFIX."societe_commerciaux as sc ON sc.fk_soc = s.rowid"; if ($search_user > 0) { $sql.=", ".MAIN_DB_PREFIX."element_contact as ecp"; @@ -271,7 +273,8 @@ if ($search_opp_status) } if ($search_public!='') $sql .= " AND p.public = ".$db->escape($search_public); if ($search_sale > 0) $sql.= " AND sc.fk_user = " .$search_sale; -if (! $user->rights->societe->client->voir && ! $socid) $sql.= " AND ((s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id.") OR (s.rowid IS NULL))"; +// For external user, no check is done on company permission because readability is managed by public status of project and assignement. +//if (! $user->rights->societe->client->voir && ! $socid) $sql.= " AND ((s.rowid = sc.fk_soc AND sc.fk_user = " .$user->id.") OR (s.rowid IS NULL))"; if ($search_user > 0) $sql.= " AND ecp.fk_c_type_contact IN (".join(',',array_keys($listofprojectcontacttype)).") AND ecp.element_id = p.rowid AND ecp.fk_socpeople = ".$search_user; if ($search_opp_amount != '') $sql .= natural_search('p.opp_amount', $search_opp_amount, 1); if ($search_budget_amount != '') $sql .= natural_search('p.budget_amount', $search_budget_amount, 1); diff --git a/htdocs/projet/note.php b/htdocs/projet/note.php index 43df7ce3b3d..57bc235c8d0 100644 --- a/htdocs/projet/note.php +++ b/htdocs/projet/note.php @@ -41,7 +41,7 @@ include DOL_DOCUMENT_ROOT.'/core/actions_fetchobject.inc.php'; // Must be inclu // Security check $socid=0; -if ($user->societe_id > 0) $socid=$user->societe_id; +//if ($user->societe_id > 0) $socid = $user->societe_id; // For external user, no check is done on company because readability is managed by public status of project and assignement. $result = restrictedArea($user, 'projet', $id,'projet&project'); $permissionnote=$user->rights->projet->creer; // Used by the include of actions_setnotes.inc.php diff --git a/htdocs/projet/tasks.php b/htdocs/projet/tasks.php index 9def807c746..5d5871ec280 100644 --- a/htdocs/projet/tasks.php +++ b/htdocs/projet/tasks.php @@ -61,7 +61,7 @@ $extralabels_task=$extrafields_task->fetch_name_optionals_label($taskstatic->tab // Security check $socid=0; -if ($user->societe_id > 0) $socid = $user->societe_id; +//if ($user->societe_id > 0) $socid = $user->societe_id; // For external user, no check is done on company because readability is managed by public status of project and assignement. $result = restrictedArea($user, 'projet', $id,'projet&project'); // Initialize technical object to manage hooks of thirdparties. Note that conf->hooks_modules contains array array @@ -413,7 +413,8 @@ else if ($id > 0 || ! empty($ref)) // Get list of tasks in tasksarray and taskarrayfiltered // We need all tasks (even not limited to a user because a task to user can have a parent that is not affected to him). - $tasksarray=$taskstatic->getTasksArray(0, 0, $object->id, $socid, 0); + $filteronthirdpartyid = $socid; + $tasksarray=$taskstatic->getTasksArray(0, 0, $object->id, $filteronthirdpartyid, 0); // We load also tasks limited to a particular user $tasksrole=($mode=='mine' ? $taskstatic->getUserRolesForProjectsOrTasks(0,$user,$object->id,0) : ''); //var_dump($tasksarray); diff --git a/htdocs/projet/tasks/contact.php b/htdocs/projet/tasks/contact.php index 6689f966c15..23feb647fc8 100644 --- a/htdocs/projet/tasks/contact.php +++ b/htdocs/projet/tasks/contact.php @@ -42,7 +42,7 @@ $project_ref=GETPOST('project_ref','alpha'); // Security check $socid=0; -if ($user->societe_id > 0) $socid = $user->societe_id; +//if ($user->societe_id > 0) $socid = $user->societe_id; // For external user, no check is done on company because readability is managed by public status of project and assignement. //$result = restrictedArea($user, 'projet', $id, 'projet_task'); if (! $user->rights->projet->lire) accessforbidden(); diff --git a/htdocs/projet/tasks/document.php b/htdocs/projet/tasks/document.php index c9a69fc81a4..15c73450be6 100644 --- a/htdocs/projet/tasks/document.php +++ b/htdocs/projet/tasks/document.php @@ -47,7 +47,7 @@ $project_ref = GETPOST('project_ref','alpha'); // Security check $socid=0; -if ($user->societe_id > 0) $socid = $user->societe_id; +//if ($user->societe_id > 0) $socid = $user->societe_id; // For external user, no check is done on company because readability is managed by public status of project and assignement. //$result=restrictedArea($user,'projet',$id,''); if (!$user->rights->projet->lire) accessforbidden(); diff --git a/htdocs/projet/tasks/list.php b/htdocs/projet/tasks/list.php index 5573441d646..f733ab03a1c 100644 --- a/htdocs/projet/tasks/list.php +++ b/htdocs/projet/tasks/list.php @@ -75,7 +75,7 @@ $search_array_options=$extrafields->getOptionalsFromPost($extralabels,'','search // Security check $socid=0; -if ($user->societe_id > 0) $socid = $user->societe_id; +//if ($user->societe_id > 0) $socid = $user->societe_id; // For external user, no check is done on company because readability is managed by public status of project and assignement. if (!$user->rights->projet->lire) accessforbidden(); $limit = GETPOST("limit")?GETPOST("limit","int"):$conf->liste_limit; diff --git a/htdocs/projet/tasks/note.php b/htdocs/projet/tasks/note.php index 5d5cb38dbe5..880b2a25198 100644 --- a/htdocs/projet/tasks/note.php +++ b/htdocs/projet/tasks/note.php @@ -39,7 +39,7 @@ $project_ref = GETPOST('project_ref','alpha'); // Security check $socid=0; -if ($user->societe_id > 0) $socid = $user->societe_id; +//if ($user->societe_id > 0) $socid = $user->societe_id; // For external user, no check is done on company because readability is managed by public status of project and assignement. if (!$user->rights->projet->lire) accessforbidden(); //$result = restrictedArea($user, 'projet', $id, '', 'task'); // TODO ameliorer la verification diff --git a/htdocs/projet/tasks/task.php b/htdocs/projet/tasks/task.php index 6e0648b61e6..15ef42d5c83 100644 --- a/htdocs/projet/tasks/task.php +++ b/htdocs/projet/tasks/task.php @@ -47,7 +47,7 @@ $planned_workload=((GETPOST('planned_workloadhour')!='' && GETPOST('planned_work // Security check $socid=0; -if ($user->societe_id > 0) $socid = $user->societe_id; +//if ($user->societe_id > 0) $socid = $user->societe_id; // For external user, no check is done on company because readability is managed by public status of project and assignement. if (! $user->rights->projet->lire) accessforbidden(); // Initialize technical object to manage hooks of thirdparties. Note that conf->hooks_modules contains array array diff --git a/htdocs/projet/tasks/time.php b/htdocs/projet/tasks/time.php index 96c849d8df9..aa572966321 100644 --- a/htdocs/projet/tasks/time.php +++ b/htdocs/projet/tasks/time.php @@ -43,7 +43,7 @@ $project_ref=GETPOST('project_ref','alpha'); // Security check $socid=0; -if ($user->societe_id > 0) $socid = $user->societe_id; +//if ($user->societe_id > 0) $socid = $user->societe_id; // For external user, no check is done on company because readability is managed by public status of project and assignement. if (!$user->rights->projet->lire) accessforbidden(); // Initialize technical object to manage hooks of thirdparties. Note that conf->hooks_modules contains array array @@ -128,7 +128,7 @@ if ($action == 'addtimespent' && $user->rights->projet->lire) } } -if ($action == 'updateline' && ! $_POST["cancel"] && $user->rights->projet->creer) +if ($action == 'updateline' && ! $_POST["cancel"] && $user->rights->projet->lire) { $error=0; @@ -141,7 +141,8 @@ if ($action == 'updateline' && ! $_POST["cancel"] && $user->rights->projet->cree if (! $error) { $object->fetch($id, $ref); - + // TODO Check that ($task_time->fk_user == $user->id || in_array($task_time->fk_user, $childids)) + $object->timespent_id = $_POST["lineid"]; $object->timespent_note = $_POST["timespent_note_line"]; $object->timespent_old_duration = $_POST["old_duration"]; @@ -175,9 +176,10 @@ if ($action == 'updateline' && ! $_POST["cancel"] && $user->rights->projet->cree } } -if ($action == 'confirm_delete' && $confirm == "yes" && $user->rights->projet->creer) +if ($action == 'confirm_delete' && $confirm == "yes" && $user->rights->projet->lire) { $object->fetchTimeSpent($_GET['lineid']); + // TODO Check that ($task_time->fk_user == $user->id || in_array($task_time->fk_user, $childids)) $result = $object->delTimeSpent($user); if ($result < 0) @@ -585,6 +587,8 @@ if (($id > 0 || ! empty($ref)) || $projectidforalltimes > 0) $tasktmp = new Task($db); + $childids = $user->getAllChildIds(); + $total = 0; $totalvalue = 0; foreach ($tasks as $task_time) @@ -688,17 +692,20 @@ if (($id > 0 || ! empty($ref)) || $projectidforalltimes > 0) print '
    '; print ''; } - else if ($user->rights->projet->creer) + else if ($user->rights->projet->lire) // Read project and enter time consumed on assigned tasks { - print ' '; - print 'rowid.($withproject?'&withproject=1':'').'">'; - print img_edit(); - print ''; - - print ' '; - print 'rowid.($withproject?'&withproject=1':'').'">'; - print img_delete(); - print ''; + if ($task_time->fk_user == $user->id || in_array($task_time->fk_user, $childids)) + { + print ' '; + print 'rowid.($withproject?'&withproject=1':'').'">'; + print img_edit(); + print ''; + + print ' '; + print 'rowid.($withproject?'&withproject=1':'').'">'; + print img_delete(); + print ''; + } } print ''; diff --git a/htdocs/societe/class/api_contact.class.php b/htdocs/societe/class/api_contact.class.php index 884653e044d..211792a2628 100644 --- a/htdocs/societe/class/api_contact.class.php +++ b/htdocs/societe/class/api_contact.class.php @@ -17,7 +17,7 @@ use Luracast\Restler\RestException; -//require_once DOL_DOCUMENT_ROOT . '/contact/class/contact.class.php'; +require_once DOL_DOCUMENT_ROOT . '/contact/class/contact.class.php'; /** * API class for contact object diff --git a/htdocs/societe/class/societe.class.php b/htdocs/societe/class/societe.class.php index b3205d3fb44..7df273b7bf8 100644 --- a/htdocs/societe/class/societe.class.php +++ b/htdocs/societe/class/societe.class.php @@ -1915,7 +1915,14 @@ class Societe extends CommonObject } $link.='>'; $linkend=''; - + + global $user; + if (! $user->rights->societe->client->voir && $user->societe_id > 0 && $this->id != $user->societe_id) + { + $link=''; + $linkend=''; + } + if ($withpicto) $result.=($link.img_object(($notooltip?'':$label), 'company', ($notooltip?'':'class="classfortooltip"')).$linkend); if ($withpicto && $withpicto != 2) $result.=' '; if ($withpicto != 2) $result.=$link.($maxlen?dol_trunc($name,$maxlen):$name).$linkend; @@ -3421,7 +3428,9 @@ class Societe extends CommonObject */ public function setCategories($categories, $type) { - // Decode type + require_once DOL_DOCUMENT_ROOT . '/categories/class/categorie.class.php'; + + // Decode type if ($type == 'customer') { $type_id = Categorie::TYPE_CUSTOMER; $type_text = 'customer'; @@ -3439,7 +3448,6 @@ class Societe extends CommonObject } // Get current categories - require_once DOL_DOCUMENT_ROOT . '/categories/class/categorie.class.php'; $c = new Categorie($this->db); $existing = $c->containing($this->id, $type_id, 'id'); diff --git a/htdocs/societe/soc.php b/htdocs/societe/soc.php index 181f95e43c6..d3c8240417f 100644 --- a/htdocs/societe/soc.php +++ b/htdocs/societe/soc.php @@ -509,8 +509,8 @@ if (empty($reshook)) } else { - - if($result == -3) { + if ($db->lasterrno() == 'DB_ERROR_RECORD_ALREADY_EXISTS') // TODO Sometime errors on duplicate on profid and not on code, so + { $duplicate_code_error = true; $object->code_fournisseur = null; $object->code_client = null; @@ -2524,7 +2524,7 @@ else $var=true; - print $formfile->showdocuments('company', $object->id, $filedir, $urlsource, $genallowed, $delallowed, $object->modelpdf, 0, 0, 0, 28, 0, '', 0, '', $object->default_lang); + print $formfile->showdocuments('company', $object->id, $filedir, $urlsource, $genallowed, $delallowed, $object->modelpdf, 0, 0, 0, 28, 0, 'entity='.$object->entity, 0, '', $object->default_lang); print '
    '; diff --git a/htdocs/theme/eldy/style.css.php b/htdocs/theme/eldy/style.css.php index 72d63b55ff6..76cbad28f00 100644 --- a/htdocs/theme/eldy/style.css.php +++ b/htdocs/theme/eldy/style.css.php @@ -1475,7 +1475,7 @@ font.vsmenudisabled { font-size:px; font-family: ; white-space: nowrap; } font.vsmenudisabledmargin { margin: 1px 1px 1px 8px; } -a.help:link, a.help:visited, a.help:hover, a.help:active { font-size:px; font-family: ; text-align: ; font-weight: normal; color: #666666; text-decoration: none; } +a.help:link, a.help:visited, a.help:hover, a.help:active, span.help { font-size:px; font-family: ; text-align: ; font-weight: normal; color: #666666; text-decoration: none; } .vmenu div.blockvmenufirst, .vmenu div.blockvmenulogo, .vmenu div.blockvmenusearchphone, .vmenu div.blockvmenubookmarks { diff --git a/htdocs/theme/md/style.css.php b/htdocs/theme/md/style.css.php index ad9bda1b4dd..32c0604386c 100644 --- a/htdocs/theme/md/style.css.php +++ b/htdocs/theme/md/style.css.php @@ -1512,7 +1512,7 @@ font.vsmenudisabled { font-size:px; font-family: ; white-space: nowrap; } font.vsmenudisabledmargin { margin: 1px 1px 1px 8px; } -a.help:link, a.help:visited, a.help:hover, a.help:active { font-size:px; font-family: ; text-align: ; font-weight: normal; color: #666666; text-decoration: none; } +a.help:link, a.help:visited, a.help:hover, a.help:active, span.help { font-size:px; font-family: ; text-align: ; font-weight: normal; color: #666666; text-decoration: none; } div.blockvmenupair, div.blockvmenuimpair, div.blockvmenubookmarks diff --git a/htdocs/user/class/user.class.php b/htdocs/user/class/user.class.php index fb27aef9d2e..c4b4ac48250 100644 --- a/htdocs/user/class/user.class.php +++ b/htdocs/user/class/user.class.php @@ -1050,7 +1050,8 @@ class User extends CommonObject $this->town = $contact->town; $this->state_id = $contact->state_id; $this->country_id = $contact->country_id; - + $this->employee = 0; + if (empty($login)) $login=strtolower(substr($contact->firstname, 0, 4)) . strtolower(substr($contact->lastname, 0, 4)); $this->login = $login; @@ -1651,9 +1652,8 @@ class User extends CommonObject $subject = $outputlangs->transnoentitiesnoconv("SubjectNewPassword", $appli); // Define $urlwithroot - //$urlwithouturlroot=preg_replace('/'.preg_quote(DOL_URL_ROOT,'/').'$/i','',trim($dolibarr_main_url_root)); + $urlwithouturlroot=preg_replace('/'.preg_quote(DOL_URL_ROOT,'/').'$/i','',trim($dolibarr_main_url_root)); $urlwithroot=$urlwithouturlroot.DOL_URL_ROOT; // This is to use external domain name found into config file - //$urlwithroot=DOL_MAIN_URL_ROOT; // This is to use same domain name than current if (! $changelater) { @@ -2544,7 +2544,12 @@ class User extends CommonObject dol_syslog(get_class($this)."::get_full_tree call to build_path_from_id_user", LOG_DEBUG); foreach($this->users as $key => $val) { - $this->build_path_from_id_user($key,0); // Process a branch from the root user key (this user has no parent) + $result = $this->build_path_from_id_user($key,0); // Process a branch from the root user key (this user has no parent) + if ($result < 0) + { + $this->error='ErrorLoopInHierarchy'; + return -1; + } } // Exclude leaf including $deleteafterid from tree @@ -2601,10 +2606,10 @@ class User extends CommonObject * Function called by get_full_tree(). * * @param int $id_user id_user entry to update - * @param int $protection Deep counter to avoid infinite loop - * @return void + * @param int $protection Deep counter to avoid infinite loop (no more required, a protection is added with array useridfound) + * @return int < 0 if KO (infinit loop), >= 0 if OK */ - function build_path_from_id_user($id_user,$protection=1000) + function build_path_from_id_user($id_user,$protection=0) { dol_syslog(get_class($this)."::build_path_from_id_user id_user=".$id_user." protection=".$protection, LOG_DEBUG); @@ -2612,7 +2617,7 @@ class User extends CommonObject { // Already defined dol_syslog(get_class($this)."::build_path_from_id_user fullpath and fullname already defined", LOG_WARNING); - return; + return 0; } // Define fullpath and fullname @@ -2620,9 +2625,16 @@ class User extends CommonObject $this->users[$id_user]['fullname'] = $this->users[$id_user]['lastname']; $i=0; $cursor_user=$id_user; - while ((empty($protection) || $i < $protection) && ! empty($this->parentof[$cursor_user])) + $useridfound=array($id_user); + while (! empty($this->parentof[$cursor_user])) { - $this->users[$id_user]['fullpath'] = '_'.$this->parentof[$cursor_user].$this->users[$id_user]['fullpath']; + if (in_array($this->parentof[$cursor_user], $useridfound)) + { + dol_syslog("The hierarchy of user has a recursive loop", LOG_WARNING); + return -1; // Should not happen. Protection against looping hierarchy + } + $useridfound[]=$this->parentof[$cursor_user]; + $this->users[$id_user]['fullpath'] = '_'.$this->parentof[$cursor_user].$this->users[$id_user]['fullpath']; $this->users[$id_user]['fullname'] = $this->users[$this->parentof[$cursor_user]]['lastname'].' >> '.$this->users[$id_user]['fullname']; $i++; $cursor_user=$this->parentof[$cursor_user]; } @@ -2630,7 +2642,7 @@ class User extends CommonObject // We count number of _ to have level $this->users[$id_user]['level']=dol_strlen(preg_replace('/[^_]/i','',$this->users[$id_user]['fullpath'])); - return; + return 1; } /** diff --git a/htdocs/user/hierarchy.php b/htdocs/user/hierarchy.php index 66d725b3204..11f115278ee 100644 --- a/htdocs/user/hierarchy.php +++ b/htdocs/user/hierarchy.php @@ -71,9 +71,15 @@ print load_fiche_titre($langs->trans("ListOfUsers"). ' ('.$langs->trans("Hierarc // Load hierarchy of users $user_arbo = $userstatic->get_full_tree(0, ($search_statut != '' && $search_statut >= 0) ? "statut = ".$search_statut : ''); +if (! is_array($user_arbo) && $user_arbo < 0) +{ + setEventMessages($userstatic->error, $userstatic->errors, 'warnings'); +} +else +{ // Define fulltree array $fulltree=$user_arbo; - +//var_dump($fulltree); // Define data (format for treeview) $data=array(); $data[] = array('rowid'=>0,'fk_menu'=>-1,'title'=>"racine",'mainmenu'=>'','leftmenu'=>'','fk_mainmenu'=>'','fk_leftmenu'=>''); @@ -131,6 +137,7 @@ foreach($fulltree as $key => $val) ); } +//var_dump($data); print ''."\n"; @@ -185,6 +192,7 @@ else print "
    trans('SellingPrice').' '.$i; // Label of price - if (! empty($conf->global->{"PRODUIT_MULTIPRICES_LABEL$i"})) { + $keyforlabel='PRODUIT_MULTIPRICES_LABEL'.$i; + if (! empty($conf->global->$keyforlabel)) { print ' - '.$langs->trans($conf->global->$keyforlabel); } ?> diff --git a/htdocs/product/class/product.class.php b/htdocs/product/class/product.class.php index fe432b5dc5e..25804b9f4f7 100644 --- a/htdocs/product/class/product.class.php +++ b/htdocs/product/class/product.class.php @@ -12,7 +12,7 @@ * Copyright (C) 2014 Henry Florian * Copyright (C) 2014-2016 Philippe Grand * Copyright (C) 2014 Ion agorria - * Copyright (C) 2016 Ferran Marcet + * Copyright (C) 2016-2017 Ferran Marcet * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -816,7 +816,7 @@ class Product extends CommonObject // End call triggers } - if (! $error && (is_object($this->oldcopy) && $this->oldcopy->ref != $this->ref)) + if (! $error && (is_object($this->oldcopy) && $this->oldcopy->ref !== $this->ref)) { // We remove directory if ($conf->product->dir_output) diff --git a/htdocs/product/stats/card.php b/htdocs/product/stats/card.php index 3ff47496409..aababfbe40b 100644 --- a/htdocs/product/stats/card.php +++ b/htdocs/product/stats/card.php @@ -44,6 +44,7 @@ $ref = GETPOST('ref'); $mode = (GETPOST('mode') ? GETPOST('mode') : 'byunit'); $error = 0; $mesg = ''; +$graphfiles=array(); $socid=''; if (! empty($user->societe_id)) $socid=$user->societe_id; @@ -57,7 +58,7 @@ $result=restrictedArea($user,'produit|service',$fieldvalue,'product&product','', /* * View */ - + $form = new Form($db); if (! empty($id) || ! empty($ref) || GETPOST('id') == 'all') @@ -68,7 +69,7 @@ if (! empty($id) || ! empty($ref) || GETPOST('id') == 'all') llxHeader("",$langs->trans("ProductStatistics")); $type = GETPOST('type'); - + $helpurl=''; if ($type == '0') { @@ -88,13 +89,13 @@ if (! empty($id) || ! empty($ref) || GETPOST('id') == 'all') //$title=$langs->trans("StatisticsOfProductsOrServices"); $title=$langs->trans("Statistics"); } - + print load_fiche_titre($title, $mesg,'title_products.png'); } else { $result = $object->fetch($id,$ref); - + $title = $langs->trans('ProductServiceCard'); $helpurl = ''; $shortlabel = dol_trunc($object->label,16); @@ -111,8 +112,8 @@ if (! empty($id) || ! empty($ref) || GETPOST('id') == 'all') llxHeader('', $title, $helpurl); } - - + + if ($result && (! empty($id) || ! empty($ref))) { $head=product_prepare_head($object); @@ -122,21 +123,21 @@ if (! empty($id) || ! empty($ref) || GETPOST('id') == 'all') dol_fiche_head($head, 'stats', $titre, 0, $picto); $linkback = ''.$langs->trans("BackToList").''; - + dol_banner_tab($object, 'ref', $linkback, ($user->societe_id?0:1), 'ref'); - + dol_fiche_end(); } if (GETPOST('id') == 'all') { $h=0; $head = array(); - + $head[$h][0] = DOL_URL_ROOT.'/product/stats/card.php?id=all'; $head[$h][1] = $langs->trans("Chart"); $head[$h][2] = 'chart'; $h++; - + $title = $langs->trans("ListProductServiceByPopularity"); if ((string) $type == '1') { $title = $langs->trans("ListServiceByPopularity"); @@ -144,49 +145,49 @@ if (! empty($id) || ! empty($ref) || GETPOST('id') == 'all') if ((string) $type == '0') { $title = $langs->trans("ListProductByPopularity"); } - + $head[$h][0] = DOL_URL_ROOT.'/product/popuprop.php'.($type != ''?'?type='.$type:''); $head[$h][1] = $title; $head[$h][2] = 'popularityprop'; $h++; - - dol_fiche_head($head,'chart',$langs->trans("Statistics")); + + dol_fiche_head($head,'chart',$langs->trans("Statistics")); } - - + + if ($result || GETPOST('id') == 'all') { if (GETPOST('id') == 'all') { // Choice of type of product if (! empty($conf->dol_use_jmobile)) print "\n".'
    '."\n"; - + if ((string) $type != '0') print 'id).'&type=0'.($mode?'&mode='.$mode:'').'">'; else print img_picto('','tick').' '; print $langs->trans("Products"); if ((string) $type != '0') print ''; - + if (! empty($conf->dol_use_jmobile)) print '
    '."\n".'
    '."\n"; else print '   /   '; - + if ((string) $type != '1') print 'id).'&type=1'.($mode?'&mode='.$mode:'').'">'; else print img_picto('','tick').' '; print $langs->trans("Services"); if ((string) $type != '1') print ''; - + if (! empty($conf->dol_use_jmobile)) print '
    '."\n".'
    '."\n"; else print '   /   '; - + if ((string) $type == '0' || (string) $type == '1') print 'id).($mode?'&mode='.$mode:'').'">'; else print img_picto('','tick').' '; print $langs->trans("ProductsAndServices"); if ((string) $type == '0' || (string) $type == '1') print ''; - + if (! empty($conf->dol_use_jmobile)) print '
    '; else print '
    '; print '
    '; } - + // Choice of stats mode (byunit or bynumber) if (! empty($conf->dol_use_jmobile)) print "\n".'
    '."\n"; @@ -222,25 +223,25 @@ if (! empty($id) || ! empty($ref) || GETPOST('id') == 'all') } } } - + if($conf->propal->enabled) { $graphfiles['propal']=array('modulepart'=>'productstats_proposals', 'file' => $object->id.'/propal12m'.((string) $type != '' ? '_type'.$type : '').'_'.$mode.'.png', 'label' => ($mode=='byunit'?$langs->transnoentitiesnoconv("NumberOfUnitsProposals"):$langs->transnoentitiesnoconv("NumberOfProposals"))); } - + if($conf->supplier_proposal->enabled) { $graphfiles['proposalssuppliers']=array('modulepart'=>'productstats_proposalssuppliers', 'file' => $object->id.'/proposalssuppliers12m'.((string) $type != '' ? '_type'.$type : '').'_'.$mode.'.png', 'label' => ($mode=='byunit'?$langs->transnoentitiesnoconv("NumberOfUnitsSupplierProposals"):$langs->transnoentitiesnoconv("NumberOfSupplierProposals"))); } - + if($conf->order->enabled) { $graphfiles['orders']=array('modulepart'=>'productstats_orders', 'file' => $object->id.'/orders12m'.((string) $type != '' ? '_type'.$type : '').'_'.$mode.'.png', 'label' => ($mode=='byunit'?$langs->transnoentitiesnoconv("NumberOfUnitsCustomerOrders"):$langs->transnoentitiesnoconv("NumberOfCustomerOrders"))); } - + if($conf->fournisseur->enabled) { $graphfiles['orderssuppliers']=array('modulepart'=>'productstats_orderssuppliers', 'file' => $object->id.'/orderssuppliers12m'.((string) $type != '' ? '_type'.$type : '').'_'.$mode.'.png', @@ -251,7 +252,7 @@ if (! empty($id) || ! empty($ref) || GETPOST('id') == 'all') $graphfiles['invoices']=array('modulepart'=>'productstats_invoices', 'file' => $object->id.'/invoices12m'.((string) $type != '' ? '_type'.$type : '').'_'.$mode.'.png', 'label' => ($mode=='byunit'?$langs->transnoentitiesnoconv("NumberOfUnitsCustomerInvoices"):$langs->transnoentitiesnoconv("NumberOfCustomerInvoices"))); - + $graphfiles['invoicessuppliers']=array('modulepart'=>'productstats_invoicessuppliers', 'file' => $object->id.'/invoicessuppliers12m'.((string) $type != '' ? '_type'.$type : '').'_'.$mode.'.png', 'label' => ($mode=='byunit'?$langs->transnoentitiesnoconv("NumberOfUnitsSupplierInvoices"):$langs->transnoentitiesnoconv("NumberOfSupplierInvoices"))); @@ -282,10 +283,10 @@ if (! empty($id) || ! empty($ref) || GETPOST('id') == 'all') if ($key == 'proposalssuppliers') $graph_data = $object->get_nb_propalsupplier($socid,$mode,((string) $type != '' ? $type : -1)); if ($key == 'invoicessuppliers') $graph_data = $object->get_nb_achat($socid,$mode,((string) $type != '' ? $type : -1)); if ($key == 'orderssuppliers') $graph_data = $object->get_nb_ordersupplier($socid,$mode,((string) $type != '' ? $type : -1)); - + // TODO Save cachefile $graphfiles[$key]['file'] } - + if (is_array($graph_data)) { $px->SetData($graph_data); @@ -383,7 +384,7 @@ if (! empty($id) || ! empty($ref) || GETPOST('id') == 'all') print '

    '."\n"; } } - + if (GETPOST('id') == 'all') { dol_fiche_end(); diff --git a/htdocs/product/stock/massstockmove.php b/htdocs/product/stock/massstockmove.php index b8ec52efcab..0cebc666c1e 100644 --- a/htdocs/product/stock/massstockmove.php +++ b/htdocs/product/stock/massstockmove.php @@ -372,7 +372,7 @@ else { $limit = $conf->global->PRODUIT_LIMIT_SIZE; } -print $form->select_produits($id_product,'productid',$filtertype,$limit); +print $form->select_produits($id_product,'productid',$filtertype,$limit,0,-1); print '
    		'; if (empty($value['disableamount'])) { - if (! empty($conf->salaries->enabled)) print ''.$langs->trans("TotalHT").' : '.price($total_ht); + if ($tablename != 'projet_task' || ! empty($conf->salaries->enabled)) print ''.$langs->trans("TotalHT").' : '.price($total_ht); } print ''.$langs->trans("TotalTTC").' : '.price($total_ttc).''; if (empty($value['disableamount'])) { - - if (! empty($conf->salaries->enabled)) print $langs->trans("TotalTTC").' : '.price($total_ttc); + if ($tablename != 'projet_task' || ! empty($conf->salaries->enabled)) print $langs->trans("TotalTTC").' : '.price($total_ttc); } print ' 
    "; print "\n"; +} // /*print '